2392 files changed, 327984 insertions, 156671 deletions

diff --git a/THIRDPARTY b/THIRDPARTY
index 87f9bb7a..62e91df1 100644
--- a/THIRDPARTY
+++ b/THIRDPARTY
@@ -1712,3 +1712,32 @@ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGE.
 
 ***************************************************************************
+
+%%The following software may be included in this product:
+socketpair.c
+
+Copyright 2007, 2010 by Nathan C. Myers <ncm@cantrip.org>
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    Redistributions of source code must retain the above copyright notice, this
+    list of conditions and the following disclaimer.
+
+    Redistributions in binary form must reproduce the above copyright notice,
+    this list of conditions and the following disclaimer in the documentation
+    and/or other materials provided with the distribution.
+
+    The name of the author must not be used to endorse or promote products
+    derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
diff --git a/VERSION b/VERSION
index 1db717e2..7dd56698 100644
--- a/VERSION
+++ b/VERSION
@@ -1,4 +1,4 @@
 MYSQL_VERSION_MAJOR=10
 MYSQL_VERSION_MINOR=11
-MYSQL_VERSION_PATCH=6
+MYSQL_VERSION_PATCH=7
 SERVER_MATURITY=stable
diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt
index 55fd02b2..4dfce247 100644
--- a/client/CMakeLists.txt
+++ b/client/CMakeLists.txt
@@ -16,7 +16,7 @@
 
 INCLUDE_DIRECTORIES(
   ${CMAKE_SOURCE_DIR}/include
-  ${PCRE_INCLUDES}
+  ${PCRE_INCLUDE_DIRS}
   ${CMAKE_SOURCE_DIR}/mysys_ssl
   ${ZLIB_INCLUDE_DIR}
   ${SSL_INCLUDE_DIRS}
diff --git a/client/mysql.cc b/client/mysql.cc
index 1c842dae..ab4c3cd7 100644
--- a/client/mysql.cc
+++ b/client/mysql.cc
@@ -261,6 +261,9 @@ static int connect_flag=CLIENT_INTERACTIVE;
 static my_bool opt_binary_mode= FALSE;
 static my_bool opt_connect_expired_password= FALSE;
 static int interrupted_query= 0;
+#ifdef USE_LIBEDIT_INTERFACE
+static int sigint_received= 0;
+#endif
 static char *current_host,*current_db,*current_user=0,*opt_password=0,
             *current_prompt=0, *delimiter_str= 0,
             *default_charset= (char*) MYSQL_AUTODETECT_CHARSET_NAME,
@@ -1162,6 +1165,8 @@ extern "C" sig_handler handle_sigint(int sig);
 static sig_handler window_resize(int sig);
 #endif
 
+static void end_in_sig_handler(int sig);
+static bool kill_query(const char *reason);
 
 const char DELIMITER_NAME[]= "delimiter";
 const uint DELIMITER_NAME_LEN= sizeof(DELIMITER_NAME) - 1;
@@ -1301,8 +1306,8 @@ int main(int argc,char *argv[])
   if (opt_sigint_ignore)
     signal(SIGINT, SIG_IGN);
   else
-    signal(SIGINT, handle_sigint);              // Catch SIGINT to clean up
-  signal(SIGQUIT, mysql_end);			// Catch SIGQUIT to clean up
+    signal(SIGINT, handle_sigint);   // Catch SIGINT to clean up
+  signal(SIGQUIT, mysql_end);      // Catch SIGQUIT to clean up
 
 #if defined(HAVE_TERMIOS_H) && defined(GWINSZ_IN_SYS_IOCTL)
   /* Readline will call this if it installs a handler */
@@ -1512,30 +1517,35 @@ static bool do_connect(MYSQL *mysql, const char *host, const char *user,
 }
 
 
-/*
-  This function handles sigint calls
-  If query is in process, kill query
-  If 'source' is executed, abort source command
-  no query in process, terminate like previous behavior
- */
+void end_in_sig_handler(int sig)
+{
+#ifdef _WIN32
+  /*
+   When SIGINT is raised on Windows, the OS creates a new thread to handle the
+   interrupt. Once that thread completes, the main thread continues running
+   only to find that it's resources have already been free'd when the sigint
+   handler called mysql_end().
+  */
+  mysql_thread_end();
+#else
+  mysql_end(sig);
+#endif
+}
 
-sig_handler handle_sigint(int sig)
+
+/*
+  Kill a running query. Returns true if we were unable to connect to the server.
+*/
+bool kill_query(const char *reason)
 {
   char kill_buffer[40];
   MYSQL *kill_mysql= NULL;
 
-  /* terminate if no query being executed, or we already tried interrupting */
-  if (!executing_query || (interrupted_query == 2))
-  {
-    tee_fprintf(stdout, "Ctrl-C -- exit!\n");
-    goto err;
-  }
-
   kill_mysql= mysql_init(kill_mysql);
   if (!do_connect(kill_mysql,current_host, current_user, opt_password, "", 0))
   {
-    tee_fprintf(stdout, "Ctrl-C -- sorry, cannot connect to server to kill query, giving up ...\n");
-    goto err;
+    tee_fprintf(stdout, "%s -- sorry, cannot connect to server to kill query, giving up ...\n", reason);
+    return true;
   }
 
   /* First time try to kill the query, second time the connection */
@@ -1550,27 +1560,62 @@ sig_handler handle_sigint(int sig)
           (interrupted_query == 1) ? "QUERY " : "",
           mysql_thread_id(&mysql));
   if (verbose)
-    tee_fprintf(stdout, "Ctrl-C -- sending \"%s\" to server ...\n",
+    tee_fprintf(stdout, "%s -- sending \"%s\" to server ...\n", reason,
                 kill_buffer);
   mysql_real_query(kill_mysql, kill_buffer, (uint) strlen(kill_buffer));
   mysql_close(kill_mysql);
-  tee_fprintf(stdout, "Ctrl-C -- query killed. Continuing normally.\n");
+  if (interrupted_query == 1)
+    tee_fprintf(stdout, "%s -- query killed.\n", reason);
+  else
+    tee_fprintf(stdout, "%s -- connection killed.\n", reason);
+
   if (in_com_source)
     aborted= 1;                                 // Abort source command
-  return;
+  return false;
+}
 
-err:
-#ifdef _WIN32
+/*
+  This function handles sigint calls
+  If query is in process, kill query
+  If 'source' is executed, abort source command
+  no query in process, regenerate prompt.
+*/
+sig_handler handle_sigint(int sig)
+{
   /*
-   When SIGINT is raised on Windows, the OS creates a new thread to handle the
-   interrupt. Once that thread completes, the main thread continues running 
-   only to find that it's resources have already been free'd when the sigint 
-   handler called mysql_end(). 
+     On Unix only, if no query is being executed just clear the prompt,
+     don't exit. On Windows we exit.
   */
-  mysql_thread_end();
+  if (!executing_query)
+  {
+#ifndef _WIN32
+    tee_fprintf(stdout, "^C\n");
+#ifdef USE_LIBEDIT_INTERFACE
+    /* Libedit will regenerate it outside of the signal handler. */
+    sigint_received= 1;
 #else
-  mysql_end(sig);
-#endif  
+    rl_on_new_line();           // Regenerate the prompt on a newline
+    rl_replace_line("", 0);     // Clear the previous text
+    rl_redisplay();
+#endif
+#else // WIN32
+    tee_fprintf(stdout, "Ctrl-C -- exit!\n");
+    end_in_sig_handler(sig);
+#endif
+    return;
+  }
+
+  /*
+    When executing a query, this newline makes the prompt look like so:
+    ^C
+    Ctrl-C -- query killed.
+  */
+  tee_fprintf(stdout, "\n");
+  if (kill_query("Ctrl-C"))
+  {
+    aborted= 1;
+    end_in_sig_handler(sig);
+  }
 }
 
 
@@ -2137,6 +2182,15 @@ static int get_options(int argc, char **argv)
   return(0);
 }
 
+
+#if !defined(_WIN32) && defined(USE_LIBEDIT_INTERFACE)
+static inline void reset_prompt(char *in_string, bool *ml_comment) {
+  glob_buffer.length(0);
+  *ml_comment = false;
+  *in_string = 0;
+}
+#endif
+
 static int read_and_execute(bool interactive)
 {
   char	*line= NULL;
@@ -2228,7 +2282,30 @@ static int read_and_execute(bool interactive)
       if (line)
         free(line);
       line= readline(prompt);
-#endif /* defined(_WIN32) */
+#ifdef USE_LIBEDIT_INTERFACE
+      /*
+        libedit handles interrupts different than libreadline.
+        libreadline has its own signal handlers, thus a sigint during readline
+        doesn't force readline to return null string.
+
+        However libedit returns null if the interrupt signal is raised.
+        We can also get an empty string when ctrl+d is pressed (EoF).
+
+        We need this sigint_received flag, to differentiate between the two
+        cases. This flag is only set during our handle_sigint function when
+        LIBEDIT_INTERFACE is used.
+      */
+      if (!line && sigint_received)
+      {
+        // User asked to clear the input.
+        sigint_received= 0;
+        reset_prompt(&in_string, &ml_comment);
+        continue;
+      }
+      // For safety, we always mark this as cleared.
+      sigint_received= 0;
+#endif
+#endif /* defined(__WIN__) */
 
       /*
         When Ctrl+d or Ctrl+z is pressed, the line may be NULL on some OS
diff --git a/client/mysql_upgrade.c b/client/mysql_upgrade.c
index a6d497b2..7bac797f 100644
--- a/client/mysql_upgrade.c
+++ b/client/mysql_upgrade.c
@@ -1159,6 +1159,8 @@ static int install_used_plugin_data_types(void)
   DYNAMIC_STRING ds_result;
   const char *query = "SELECT table_comment FROM information_schema.tables"
                       " WHERE table_comment LIKE 'Unknown data type: %'";
+  if (opt_systables_only)
+    return 0;
   if (init_dynamic_string(&ds_result, "", 512, 512))
     die("Out of memory");
   run_query(query, &ds_result, TRUE);
@@ -1475,7 +1477,12 @@ int main(int argc, char **argv)
   open_mysql_upgrade_file();
 
   if (opt_check_upgrade)
-    exit(upgrade_already_done(0) == 0);
+  {
+    int upgrade_needed = upgrade_already_done(0);
+    free_used_memory();
+    my_end(my_end_arg);
+    exit(upgrade_needed == 0);
+  }
 
   /* Find mysqlcheck */
   find_tool(mysqlcheck_path, IF_WIN("mariadb-check.exe", "mariadb-check"), self_name);
diff --git a/client/mysqladmin.cc b/client/mysqladmin.cc
index 022ba2ae..69bd3cd7 100644
--- a/client/mysqladmin.cc
+++ b/client/mysqladmin.cc
@@ -28,7 +28,7 @@
 #include <password.h>
 #include <my_sys.h>
 
-#define ADMIN_VERSION "9.1"
+#define ADMIN_VERSION "10.0"
 #define MAX_MYSQL_VAR 512
 #define SHUTDOWN_DEF_TIMEOUT 3600		/* Wait for shutdown */
 #define MAX_TRUNC_LENGTH 3
@@ -40,12 +40,12 @@ char ex_var_names[MAX_MYSQL_VAR+100][FN_REFLEN];
 ulonglong last_values[MAX_MYSQL_VAR+100];
 static int interval=0;
 static my_bool option_force=0,interrupted=0,new_line=0,
-               opt_compress= 0, opt_local= 0, opt_relative= 0, opt_verbose= 0,
+               opt_compress= 0, opt_local= 0, opt_relative= 0,
                opt_vertical= 0, tty_password= 0, opt_nobeep,
-               opt_shutdown_wait_for_slaves= 0;
+               opt_shutdown_wait_for_slaves= 0, opt_not_used;
 static my_bool debug_info_flag= 0, debug_check_flag= 0;
 static uint tcp_port = 0, option_wait = 0, option_silent=0, nr_iterations;
-static uint opt_count_iterations= 0, my_end_arg;
+static uint opt_count_iterations= 0, my_end_arg, opt_verbose= 0;
 static ulong opt_connect_timeout, opt_shutdown_timeout;
 static char * unix_port=0;
 static char *opt_plugin_dir= 0, *opt_default_auth= 0;
@@ -204,8 +204,10 @@ static struct my_option my_long_options[] =
   {"user", 'u', "User for login if not current user.", &user,
    &user, 0, GET_STR_ALLOC, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
 #endif
-  {"verbose", 'v', "Write more information.", &opt_verbose,
-   &opt_verbose, 0, GET_BOOL, NO_ARG, 0, 0, 0, 0, 0, 0},
+  {"verbose", 'v', "Write more information."
+  "Using it will print more information for 'processlist."
+  "Using it 2 times will print even more information for 'processlist'.",
+   &opt_not_used, &opt_not_used, 0, GET_BOOL, NO_ARG, 1, 0, 0, 0, 0, 0},
   {"version", 'V', "Output version information and exit.", 0, 0, 0, GET_NO_ARG,
    NO_ARG, 0, 0, 0, 0, 0, 0},
   {"vertical", 'E',
@@ -298,6 +300,11 @@ get_one_option(const struct my_option *opt, const char *argument,
   case 'I':					/* Info */
     usage();
     exit(0);
+  case 'v':                                     /* --verbose   */
+    opt_verbose++;
+    if (argument == disabled_my_option)
+      opt_verbose= 0;
+    break;
   case OPT_CHARSETS_DIR:
 #if MYSQL_VERSION_ID > 32300
     charsets_dir = argument;
@@ -828,10 +835,17 @@ static int execute_commands(MYSQL *mysql,int argc, char **argv)
     {
       MYSQL_RES *result;
       MYSQL_ROW row;
+      const char *query;
+
+      if (!opt_verbose)
+        query= "show processlist";
+      else if (opt_verbose == 1)
+        query= "show full processlist";
+      else
+        query= "select * from information_schema.processlist where id != connection_id()";
 
-      if (mysql_query(mysql, (opt_verbose ? "show full processlist" :
-			      "show processlist")) ||
-	  !(result = mysql_store_result(mysql)))
+      if (mysql_query(mysql, query) ||
+          !(result = mysql_store_result(mysql)))
       {
 	my_printf_error(0, "process list failed; error: '%s'", error_flags,
 			mysql_error(mysql));
diff --git a/client/mysqltest.cc b/client/mysqltest.cc
index 87c5a62a..a49895c9 100644
--- a/client/mysqltest.cc
+++ b/client/mysqltest.cc
@@ -80,6 +80,9 @@ static my_bool non_blocking_api_enabled= 0;
 
 #define DIE_BUFF_SIZE           256*1024
 
+#define RESULT_STRING_INIT_MEM 2048
+#define RESULT_STRING_INCREMENT_MEM 2048
+
 /* Flags controlling send and reap */
 #define QUERY_SEND_FLAG  1
 #define QUERY_REAP_FLAG  2
@@ -88,6 +91,8 @@ static my_bool non_blocking_api_enabled= 0;
 
 #define CLOSED_CONNECTION "-closed_connection-"
 
+#define dynstr_append DO_NO_USE
+
 #ifndef HAVE_SETENV
 static int setenv(const char *name, const char *value, int overwrite);
 #endif
@@ -1729,7 +1734,7 @@ void log_msg(const char *fmt, ...)
   va_end(args);
 
   dynstr_append_mem(&ds_res, buff, len);
-  dynstr_append(&ds_res, "\n");
+  dynstr_append_mem(&ds_res, STRING_WITH_LEN("\n"));
 
   DBUG_VOID_RETURN;
 }
@@ -1865,7 +1870,7 @@ static int run_tool(const char *tool_path, DYNAMIC_STRING *ds_res, ...)
     die("Out of memory");
 
   dynstr_append_os_quoted(&ds_cmdline, tool_path, NullS);
-  dynstr_append(&ds_cmdline, " ");
+  dynstr_append_mem(&ds_cmdline, STRING_WITH_LEN(" "));
 
   va_start(args, ds_res);
 
@@ -1875,14 +1880,14 @@ static int run_tool(const char *tool_path, DYNAMIC_STRING *ds_res, ...)
     if (strncmp(arg, "--", 2) == 0)
       dynstr_append_os_quoted(&ds_cmdline, arg, NullS);
     else
-      dynstr_append(&ds_cmdline, arg);
-    dynstr_append(&ds_cmdline, " ");
+      dynstr_append_mem(&ds_cmdline, arg, strlen(arg));
+    dynstr_append_mem(&ds_cmdline, STRING_WITH_LEN(" "));
   }
 
   va_end(args);
 
 #ifdef _WIN32
-  dynstr_append(&ds_cmdline, "\"");
+  dynstr_append_mem(&ds_cmdline, STRING_WITH_LEN("\""));
 #endif
 
   DBUG_PRINT("info", ("Running: %s", ds_cmdline.str));
@@ -2017,8 +2022,8 @@ void show_diff(DYNAMIC_STRING* ds,
       Fallback to dump both files to result file and inform
       about installing "diff"
     */
-	dynstr_append(&ds_tmp, "\n");
-    dynstr_append(&ds_tmp,
+    char message[]=
+"\n"
 "\n"
 "The two files differ but it was not possible to execute 'diff' in\n"
 "order to show only the difference. Instead the whole content of the\n"
@@ -2028,17 +2033,18 @@ void show_diff(DYNAMIC_STRING* ds,
 #ifdef _WIN32
 "or http://gnuwin32.sourceforge.net/packages/diffutils.htm\n"
 #endif
-"\n");
+"\n";
+    dynstr_append_mem(&ds_tmp, message, sizeof(message));
 
-    dynstr_append(&ds_tmp, " --- ");
-    dynstr_append(&ds_tmp, filename1);
-    dynstr_append(&ds_tmp, " >>>\n");
+    dynstr_append_mem(&ds_tmp, STRING_WITH_LEN(" --- "));
+    dynstr_append_mem(&ds_tmp, filename1, strlen(filename1));
+    dynstr_append_mem(&ds_tmp, STRING_WITH_LEN(" >>>\n"));
     cat_file(&ds_tmp, filename1);
-    dynstr_append(&ds_tmp, "<<<\n --- ");
-    dynstr_append(&ds_tmp, filename1);
-    dynstr_append(&ds_tmp, " >>>\n");
+    dynstr_append_mem(&ds_tmp, STRING_WITH_LEN("<<<\n --- "));
+    dynstr_append_mem(&ds_tmp, filename1, strlen(filename1));
+    dynstr_append_mem(&ds_tmp, STRING_WITH_LEN(" >>>\n"));
     cat_file(&ds_tmp, filename2);
-    dynstr_append(&ds_tmp, "<<<<\n");
+    dynstr_append_mem(&ds_tmp, STRING_WITH_LEN("<<<<\n"));
   }
 
   if (ds)
@@ -2818,9 +2824,9 @@ do_result_format_version(struct st_command *command)
 
   set_result_format_version(version);
 
-  dynstr_append(&ds_res, "result_format: ");
+  dynstr_append_mem(&ds_res, STRING_WITH_LEN("result_format: "));
   dynstr_append_mem(&ds_res, ds_version.str, ds_version.length);
-  dynstr_append(&ds_res, "\n");
+  dynstr_append_mem(&ds_res, STRING_WITH_LEN("\n"));
   dynstr_free(&ds_version);
 }
 
@@ -3291,13 +3297,15 @@ static int replace(DYNAMIC_STRING *ds_str,
 {
   DYNAMIC_STRING ds_tmp;
   const char *start= strstr(ds_str->str, search_str);
+  size_t prefixlen= start - ds_str->str;
   if (!start)
     return 1;
   init_dynamic_string(&ds_tmp, "",
                       ds_str->length + replace_len, 256);
-  dynstr_append_mem(&ds_tmp, ds_str->str, start - ds_str->str);
+  dynstr_append_mem(&ds_tmp, ds_str->str, prefixlen);
   dynstr_append_mem(&ds_tmp, replace_str, replace_len);
-  dynstr_append(&ds_tmp, start + search_len);
+  dynstr_append_mem(&ds_tmp, start + search_len,
+                    ds_str->length - prefixlen - search_len);
   dynstr_set(ds_str, ds_tmp.str);
   dynstr_free(&ds_tmp);
   return 0;
@@ -3412,7 +3420,7 @@ void do_exec(struct st_command *command)
   if (disable_result_log)
   {
     /* Collect stderr output as well, for the case app. crashes or returns error.*/
-    dynstr_append(&ds_cmd, " 2>&1");
+    dynstr_append_mem(&ds_cmd, STRING_WITH_LEN(" 2>&1"));
   }
 
   DBUG_PRINT("info", ("Executing '%s' as '%s'",
@@ -3624,9 +3632,9 @@ void do_system(struct st_command *command)
     else
     {
       /* If ! abort_on_error, log message and continue */
-      dynstr_append(&ds_res, "system command '");
+      dynstr_append_mem(&ds_res, STRING_WITH_LEN("system command '"));
       replace_dynstr_append(&ds_res, command->first_argument);
-      dynstr_append(&ds_res, "' failed\n");
+      dynstr_append_mem(&ds_res, STRING_WITH_LEN("' failed\n"));
     }
   }
 
@@ -3802,7 +3810,7 @@ void do_remove_files_wildcard(struct st_command *command)
         wild_compare(file->name, ds_wild.str, 0))
       continue;
     ds_file_to_remove.length= directory_length;
-    dynstr_append(&ds_file_to_remove, file->name);
+    dynstr_append_mem(&ds_file_to_remove, file->name, strlen(file->name));
     DBUG_PRINT("info", ("removing file: %s", ds_file_to_remove.str));
     if ((error= (my_delete(ds_file_to_remove.str, MYF(MY_WME)) != 0)))
       sys_errno= my_errno;
@@ -4092,7 +4100,7 @@ static int get_list_files(DYNAMIC_STRING *ds, const DYNAMIC_STRING *ds_dirname,
         wild_compare(file->name, ds_wild->str, 0))
       continue;
     replace_dynstr_append(ds, file->name);
-    dynstr_append(ds, "\n");
+    dynstr_append_mem(ds, STRING_WITH_LEN("\n"));
   }
   set_wild_chars(0);
   my_dirend(dir_info);
@@ -4690,15 +4698,11 @@ void do_perl(struct st_command *command)
 
     /* Check for error code that indicates perl could not be started */
     int exstat= WEXITSTATUS(error);
-#ifdef _WIN32
-    if (exstat == 1)
-      /* Text must begin 'perl not found' as mtr looks for it */
-      abort_not_supported_test("perl not found in path or did not start");
-#else
+#ifndef _WIN32
     if (exstat == 127)
       abort_not_supported_test("perl not found in path");
-#endif
     else
+#endif
       handle_command_error(command, exstat, my_errno);
   }
   dynstr_free(&ds_delimiter);
@@ -7681,7 +7685,7 @@ void append_field(DYNAMIC_STRING *ds, uint col_idx, MYSQL_FIELD* field,
   }
   else
   {
-    dynstr_append(ds, field->name);
+    dynstr_append_mem(ds, field->name, strlen(field->name));
     dynstr_append_mem(ds, "\t", 1);
     replace_dynstr_append_mem(ds, val, len);
     dynstr_append_mem(ds, "\n", 1);
@@ -7792,9 +7796,10 @@ void append_metadata(DYNAMIC_STRING *ds,
                      uint num_fields)
 {
   MYSQL_FIELD *field_end;
-  dynstr_append(ds,"Catalog\tDatabase\tTable\tTable_alias\tColumn\t"
-                "Column_alias\tType\tLength\tMax length\tIs_null\t"
-                "Flags\tDecimals\tCharsetnr\n");
+  dynstr_append_mem(ds, STRING_WITH_LEN(
+                    "Catalog\tDatabase\tTable\tTable_alias\tColumn\t"
+                    "Column_alias\tType\tLength\tMax length\tIs_null\t"
+                    "Flags\tDecimals\tCharsetnr\n"));
 
   for (field_end= field+num_fields ;
        field < field_end ;
@@ -7853,13 +7858,13 @@ void append_info(DYNAMIC_STRING *ds, ulonglong affected_rows,
                  const char *info)
 {
   char buf[40], buff2[21];
-  sprintf(buf,"affected rows: %s\n", llstr(affected_rows, buff2));
-  dynstr_append(ds, buf);
+  size_t len= sprintf(buf,"affected rows: %s\n", llstr(affected_rows, buff2));
+  dynstr_append_mem(ds, buf, len);
   if (info)
   {
-    dynstr_append(ds, "info: ");
-    dynstr_append(ds, info);
-    dynstr_append_mem(ds, "\n", 1);
+    dynstr_append_mem(ds, STRING_WITH_LEN("info: "));
+    dynstr_append_mem(ds, info, strlen(info));
+    dynstr_append_mem(ds, STRING_WITH_LEN("\n"));
   }
 }
 
@@ -7905,18 +7910,19 @@ static void append_session_track_info(DYNAMIC_STRING *ds, MYSQL *mysql)
                                        (enum_session_state_type) type,
                                        &data, &data_length))
     {
-      dynstr_append(ds, "-- ");
+      dynstr_append_mem(ds, STRING_WITH_LEN("-- "));
       if (type <= SESSION_TRACK_END)
       {
-        dynstr_append(ds, trking_info_desc[type]);
+        dynstr_append_mem(ds, trking_info_desc[type],
+                          strlen(trking_info_desc[type]));
       }
       else
       {
         DBUG_ASSERT(0);
-        dynstr_append(ds, "Tracker???\n");
+        dynstr_append_mem(ds, STRING_WITH_LEN("Tracker???\n"));
       }
 
-      dynstr_append(ds, "-- ");
+      dynstr_append_mem(ds, STRING_WITH_LEN("-- "));
       dynstr_append_mem(ds, data, data_length);
     }
     else
@@ -7925,16 +7931,16 @@ static void append_session_track_info(DYNAMIC_STRING *ds, MYSQL *mysql)
                                         (enum_session_state_type) type,
                                         &data, &data_length))
     {
-      dynstr_append(ds, "\n-- ");
+      dynstr_append_mem(ds, STRING_WITH_LEN("\n-- "));
       if (data == NULL)
       {
         DBUG_ASSERT(data_length == 0);
-        dynstr_append_mem(ds, "<NULL>", sizeof("<NULL>") - 1);
+        dynstr_append_mem(ds, STRING_WITH_LEN("<NULL>"));
       }
       else
         dynstr_append_mem(ds, data, data_length);
     }
-    dynstr_append(ds, "\n\n");
+    dynstr_append_mem(ds, STRING_WITH_LEN("\n\n"));
   }
 #endif /* EMBEDDED_LIBRARY */
 }
@@ -8334,7 +8340,8 @@ void handle_error(struct st_command *command,
       else if (command->expected_errors.err[0].type == ERR_SQLSTATE ||
                (command->expected_errors.err[0].type == ERR_ERRNO &&
                 command->expected_errors.err[0].code.errnum != 0))
-        dynstr_append(ds,"Got one of the listed errors\n");
+        dynstr_append_mem(ds, STRING_WITH_LEN("Got one of the listed "
+                                              "errors\n"));
     }
     /* OK */
     revert_properties();
@@ -8414,6 +8421,85 @@ void handle_no_error(struct st_command *command)
 
 
 /*
+  Read result set after prepare statement execution
+
+  SYNOPSIS
+  read_stmt_results
+  stmt - prepare statemet
+  mysql - mysql handle
+  command - current command pointer
+  ds - output buffer where to store result form query
+
+  RETURN VALUE
+  1 - if there is an error in result set
+*/
+
+int read_stmt_results(MYSQL_STMT* stmt,
+                      DYNAMIC_STRING* ds,
+                      struct st_command *command)
+{
+  MYSQL_RES *res= NULL;
+
+  /*
+    We instruct that we want to update the "max_length" field in
+    mysql_stmt_store_result(), this is our only way to know how much
+    buffer to allocate for result data
+  */
+  {
+    my_bool one= 1;
+    if (mysql_stmt_attr_set(stmt, STMT_ATTR_UPDATE_MAX_LENGTH, (void*) &one))
+      die("mysql_stmt_attr_set(STMT_ATTR_UPDATE_MAX_LENGTH) failed': %d %s",
+          mysql_stmt_errno(stmt), mysql_stmt_error(stmt));
+  }
+
+  /*
+    If we got here the statement succeeded and was expected to do so,
+    get data. Note that this can still give errors found during execution!
+    Store the result of the query if if will return any fields
+  */
+  if (mysql_stmt_field_count(stmt) && mysql_stmt_store_result(stmt))
+  {
+    handle_error(command, mysql_stmt_errno(stmt),
+                 mysql_stmt_error(stmt), mysql_stmt_sqlstate(stmt), ds);
+    return 1;
+  }
+
+  if (!disable_result_log)
+  {
+    /*
+      Not all statements creates a result set. If there is one we can
+      now create another normal result set that contains the meta
+      data. This set can be handled almost like any other non prepared
+      statement result set.
+    */
+    if ((res= mysql_stmt_result_metadata(stmt)) != NULL)
+    {
+      /* Take the column count from meta info */
+      MYSQL_FIELD *fields= mysql_fetch_fields(res);
+      uint num_fields= mysql_num_fields(res);
+
+      if (display_metadata)
+        append_metadata(ds, fields, num_fields);
+
+      if (!display_result_vertically)
+        append_table_headings(ds, fields, num_fields);
+
+      append_stmt_result(ds, stmt, fields, num_fields);
+
+      mysql_free_result(res);     /* Free normal result set with meta data */
+
+    }
+    else
+    {
+      /*
+        This is a query without resultset
+      */
+    }
+  }
+    return 0;
+}
+
+/*
   Run query using prepared statement C API
 
   SYNOPSIS
@@ -8433,11 +8519,17 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
                     DYNAMIC_STRING *ds_warnings)
 {
   my_bool ignore_second_execution= 0;
-  MYSQL_RES *res= NULL;     /* Note that here 'res' is meta data result set */
   MYSQL *mysql= cn->mysql;
   MYSQL_STMT *stmt;
   DYNAMIC_STRING ds_prepare_warnings;
   DYNAMIC_STRING ds_execute_warnings;
+  DYNAMIC_STRING ds_res_1st_execution;
+  DYNAMIC_STRING ds_res_2_execution_unsorted;
+  DYNAMIC_STRING *ds_res_2_output;
+  my_bool ds_res_1st_execution_init = FALSE;
+  my_bool compare_2nd_execution = TRUE;
+  int query_match_ps2_re;
+
   DBUG_ENTER("run_query_stmt");
   DBUG_PRINT("query", ("'%-.60s'", query));
   DBUG_PRINT("info",
@@ -8453,7 +8545,7 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
   /*
     Init a new stmt if it's not already one created for this connection
   */
-  if(!(stmt= cn->stmt))
+  if (!(stmt= cn->stmt))
   {
     if (!(stmt= mysql_stmt_init(mysql)))
       die("unable to init stmt structure");
@@ -8467,6 +8559,12 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
     init_dynamic_string(&ds_execute_warnings, NULL, 0, 256);
   }
 
+  /* Check and remove potential trash */
+  if (strlen(ds->str) != 0)
+  {
+    dynstr_trunc(ds, 0);
+  }
+
   /*
     Prepare the query
   */
@@ -8502,10 +8600,12 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
   }
 #endif
 
+  query_match_ps2_re = match_re(&ps2_re, query);
+
   /*
     Execute the query first time if second execution enable
   */
-  if(ps2_protocol_enabled && match_re(&ps2_re, query))
+  if (ps2_protocol_enabled && query_match_ps2_re)
   {
     if (do_stmt_execute(cn))
     {
@@ -8513,12 +8613,32 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
                   mysql_stmt_error(stmt), mysql_stmt_sqlstate(stmt), ds);
       goto end;
     }
+
     /*
       We cannot run query twice if we get prepare warnings as these will otherwise be
       disabled
     */
     ignore_second_execution= (prepare_warnings_enabled &&
                               mysql_warning_count(mysql) != 0);
+
+    if (ignore_second_execution)
+      compare_2nd_execution = 0;
+    else
+    {
+      init_dynamic_string(&ds_res_1st_execution, "",
+                          RESULT_STRING_INIT_MEM, RESULT_STRING_INCREMENT_MEM);
+      ds_res_1st_execution_init = TRUE;
+      if (read_stmt_results(stmt, &ds_res_1st_execution, command))
+      {
+        /*
+          There was an error during execution
+          and there is no result set to compare
+        */
+        compare_2nd_execution = 0;
+      }
+      else
+        handle_no_error(command);
+    }
   }
 
   /*
@@ -8531,6 +8651,8 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
     goto end;
   }
 
+  DBUG_ASSERT(ds->length == 0);
+
   int err;
   do
   {
@@ -8541,75 +8663,82 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
     if (cursor_protocol_enabled && !disable_warnings)
       append_warnings(&ds_execute_warnings, mysql);
 
-    /*
-      We instruct that we want to update the "max_length" field in
-      mysql_stmt_store_result(), this is our only way to know how much
-      buffer to allocate for result data
-    */
+    if (!disable_result_log &&
+        compare_2nd_execution &&
+        ps2_protocol_enabled &&
+        query_match_ps2_re &&
+        display_result_sorted)
     {
-      my_bool one= 1;
-      if (mysql_stmt_attr_set(stmt, STMT_ATTR_UPDATE_MAX_LENGTH, (void*) &one))
-        die("mysql_stmt_attr_set(STMT_ATTR_UPDATE_MAX_LENGTH) failed': %d %s",
-            mysql_stmt_errno(stmt), mysql_stmt_error(stmt));
+      init_dynamic_string(&ds_res_2_execution_unsorted, "",
+                          RESULT_STRING_INIT_MEM,
+                          RESULT_STRING_INCREMENT_MEM);
+      ds_res_2_output= &ds_res_2_execution_unsorted;
     }
+    else
+      ds_res_2_output= ds;
 
-    /*
-      If we got here the statement succeeded and was expected to do so,
-      get data. Note that this can still give errors found during execution!
-      Store the result of the query if if will return any fields
-    */
-    if (mysql_stmt_field_count(stmt) && mysql_stmt_store_result(stmt))
+    if (read_stmt_results(stmt, ds_res_2_output, command))
     {
-      handle_error(command, mysql_stmt_errno(stmt),
-                   mysql_stmt_error(stmt), mysql_stmt_sqlstate(stmt), ds);
-      goto end;
+       if (ds_res_2_output != ds)
+       {
+         dynstr_append_mem(ds, ds_res_2_output->str, ds_res_2_output->length);
+         dynstr_free(ds_res_2_output);
+       }
+       goto end;
     }
 
     if (!disable_result_log)
     {
       /*
-        Not all statements creates a result set. If there is one we can
-        now create another normal result set that contains the meta
-        data. This set can be handled almost like any other non prepared
-        statement result set.
+        The results of the first and second execution are compared
+        only if result logging is enabled
       */
-      if ((res= mysql_stmt_result_metadata(stmt)) != NULL)
+      if (compare_2nd_execution && ps2_protocol_enabled && query_match_ps2_re)
       {
-        /* Take the column count from meta info */
-        MYSQL_FIELD *fields= mysql_fetch_fields(res);
-        uint num_fields= mysql_num_fields(res);
-
-        if (display_metadata)
-          append_metadata(ds, fields, num_fields);
-
-        if (!display_result_vertically)
-          append_table_headings(ds, fields, num_fields);
-
-        append_stmt_result(ds, stmt, fields, num_fields);
-
-        mysql_free_result(res);     /* Free normal result set with meta data */
-
-        /*
-          Normally, if there is a result set, we do not show warnings from the
-          prepare phase. This is because some warnings are generated both during
-          prepare and execute; this would generate different warning output
-          between normal and ps-protocol test runs.
-
-          The --enable_prepare_warnings command can be used to change this so
-          that warnings from both the prepare and execute phase are shown.
-        */
-        if (!disable_warnings && !prepare_warnings_enabled)
+        DYNAMIC_STRING *ds_res_1_execution_compare;
+        DYNAMIC_STRING ds_res_1_execution_sorted;
+        if (display_result_sorted)
         {
-          DBUG_PRINT("info", ("warnings disabled"));
-          dynstr_set(&ds_prepare_warnings, NULL);
+          init_dynamic_string(&ds_res_1_execution_sorted, "",
+                              RESULT_STRING_INIT_MEM,
+                              RESULT_STRING_INCREMENT_MEM);
+          dynstr_append_sorted(&ds_res_1_execution_sorted,
+                               &ds_res_1st_execution, 1);
+          dynstr_append_sorted(ds, &ds_res_2_execution_unsorted, 1);
+          ds_res_1_execution_compare= &ds_res_1_execution_sorted;
+        }
+        else
+        {
+          ds_res_1_execution_compare= &ds_res_1st_execution;
+        }
+        if (ds->length != ds_res_1_execution_compare->length ||
+           !(memcmp(ds_res_1_execution_compare->str, ds->str, ds->length) == 0))
+        {
+          die("The result of the 1st execution does not match with \n"
+              "the result of the 2nd execution of ps-protocol:\n 1st:\n"
+              "%s\n 2nd:\n %s",
+              ds_res_1_execution_compare->str,
+              ds->str);
+        }
+        if (display_result_sorted)
+        {
+          dynstr_free(&ds_res_1_execution_sorted);
+          dynstr_free(&ds_res_2_execution_unsorted);
         }
       }
-      else
-      {
-        /*
-          This is a query without resultset
-        */
-      }
+
+      /*
+        Normally, if there is a result set, we do not show warnings from the
+        prepare phase. This is because some warnings are generated both during
+        prepare and execute; this would generate different warning output
+        between normal and ps-protocol test runs.
+        The --enable_prepare_warnings command can be used to change this so
+        that warnings from both the prepare and execute phase are shown.
+      */
+      if ((mysql_stmt_result_metadata(stmt) != NULL) &&
+          !disable_warnings &&
+          !prepare_warnings_enabled)
+        dynstr_set(&ds_prepare_warnings, NULL);
 
       /*
         Fetch info before fetching warnings, since it will be reset
@@ -8621,7 +8750,6 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
       if (display_session_track_info)
         append_session_track_info(ds, mysql);
 
-
       if (!disable_warnings && !mysql_more_results(stmt->mysql))
       {
         /* Get the warnings from execute */
@@ -8653,7 +8781,15 @@ void run_query_stmt(struct st_connection *cn, struct st_command *command,
                  mysql_sqlstate(mysql), ds);
   else
     handle_no_error(command);
+
 end:
+
+  if (ds_res_1st_execution_init)
+  {
+    dynstr_free(&ds_res_1st_execution);
+    ds_res_1st_execution_init= FALSE;
+  }
+
   if (!disable_warnings)
   {
     dynstr_free(&ds_prepare_warnings);
@@ -9164,11 +9300,14 @@ int util_query(MYSQL* org_mysql, const char* query){
 void run_query(struct st_connection *cn, struct st_command *command, int flags)
 {
   MYSQL *mysql= cn->mysql;
-  DYNAMIC_STRING *ds;
-  DYNAMIC_STRING *save_ds= NULL;
-  DYNAMIC_STRING ds_result;
-  DYNAMIC_STRING ds_sorted;
-  DYNAMIC_STRING ds_warnings;
+  DYNAMIC_STRING *rs_output; /* where to put results */
+  DYNAMIC_STRING rs_cmp_result; /* here we put results to compare with
+                                   pre-recrded file */
+  DYNAMIC_STRING rs_unsorted; /* if we need sorted results, here we store
+                                 results before sorting them */
+  DYNAMIC_STRING *rs_sorted_save= NULL; /* here we store where to put sorted
+                                           result if needed */
+  DYNAMIC_STRING rs_warnings;
   char *query;
   size_t query_len;
   my_bool view_created= 0, sp_created= 0;
@@ -9181,10 +9320,10 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
 
   if (!(flags & QUERY_SEND_FLAG) && !cn->pending)
     die("Cannot reap on a connection without pending send");
-  
-  init_dynamic_string(&ds_warnings, NULL, 0, 256);
-  ds_warn= &ds_warnings;
-  
+
+  init_dynamic_string(&rs_warnings, NULL, 0, 256);
+  ds_warn= &rs_warnings;
+
   /*
     Evaluate query if this is an eval command
   */
@@ -9214,11 +9353,11 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
   */
   if (command->require_file)
   {
-    init_dynamic_string(&ds_result, "", 1024, 1024);
-    ds= &ds_result;
+    init_dynamic_string(&rs_cmp_result, "", 1024, 1024);
+    rs_output= &rs_cmp_result;
   }
   else
-    ds= &ds_res;
+    rs_output= &ds_res; // will be shown to colsole
 
   /*
     Log the query into the output buffer
@@ -9232,9 +9371,9 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
       print_query= command->query;
       print_len= (int)(command->end - command->query);
     }
-    replace_dynstr_append_mem(ds, print_query, print_len);
-    dynstr_append_mem(ds, delimiter, delimiter_length);
-    dynstr_append_mem(ds, "\n", 1);
+    replace_dynstr_append_mem(rs_output, print_query, print_len);
+    dynstr_append_mem(rs_output, delimiter, delimiter_length);
+    dynstr_append_mem(rs_output, "\n", 1);
   }
   
   /* We're done with this flag */
@@ -9289,7 +9428,7 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
         Collect warnings from create of the view that should otherwise
         have been produced when the SELECT was executed
       */
-      append_warnings(&ds_warnings,
+      append_warnings(&rs_warnings,
                       service_connection_enabled ?
                         cur_con->util_mysql :
                         mysql);
@@ -9345,9 +9484,9 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
        that can be sorted before it's added to the
        global result string
     */
-    init_dynamic_string(&ds_sorted, "", 1024, 1024);
-    save_ds= ds; /* Remember original ds */
-    ds= &ds_sorted;
+    init_dynamic_string(&rs_unsorted, "", 1024, 1024);
+    rs_sorted_save= rs_output; /* Remember original ds */
+    rs_output= &rs_unsorted;
   }
 
   /*
@@ -9368,20 +9507,20 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
         All other statements can be run using prepared statement C API.
       */
       !match_re(&ps_re, query))
-    run_query_stmt(cn, command, query, query_len, ds, &ds_warnings);
+    run_query_stmt(cn, command, query, query_len, rs_output, &rs_warnings);
   else
     run_query_normal(cn, command, flags, query, query_len,
-		     ds, &ds_warnings);
+		     rs_output, &rs_warnings);
 
-  dynstr_free(&ds_warnings);
+  dynstr_free(&rs_warnings);
   ds_warn= 0;
 
   if (display_result_sorted)
   {
     /* Sort the result set and append it to result */
-    dynstr_append_sorted(save_ds, &ds_sorted, 1);
-    ds= save_ds;
-    dynstr_free(&ds_sorted);
+    dynstr_append_sorted(rs_sorted_save, &rs_unsorted, 1);
+    rs_output= rs_sorted_save;
+    dynstr_free(&rs_unsorted);
   }
 
   if (sp_created)
@@ -9404,11 +9543,11 @@ void run_query(struct st_connection *cn, struct st_command *command, int flags)
        and the output should be checked against an already
        existing file which has been specified using --require or --result
     */
-    check_require(ds, command->require_file);
+    check_require(rs_output, command->require_file);
   }
 
-  if (ds == &ds_result)
-    dynstr_free(&ds_result);
+  if (rs_output == &rs_cmp_result)
+    dynstr_free(&rs_cmp_result);
   DBUG_VOID_RETURN;
 }
 
@@ -9667,7 +9806,7 @@ void mark_progress(struct st_command* command __attribute__((unused)),
   dynstr_append_mem(&ds_progress, "\t", 1);
 
   /* Filename */
-  dynstr_append(&ds_progress, cur_file->file_name);
+  dynstr_append_mem(&ds_progress, cur_file->file_name, strlen(cur_file->file_name));
   dynstr_append_mem(&ds_progress, ":", 1);
 
   /* Line in file */
@@ -9865,7 +10004,7 @@ int main(int argc, char **argv)
 
   read_command_buf= (char*)my_malloc(PSI_NOT_INSTRUMENTED, read_command_buflen= 65536, MYF(MY_FAE));
 
-  init_dynamic_string(&ds_res, "", 2048, 2048);
+  init_dynamic_string(&ds_res, "", RESULT_STRING_INIT_MEM, RESULT_STRING_INCREMENT_MEM);
   init_alloc_root(PSI_NOT_INSTRUMENTED, &require_file_root, 1024, 1024, MYF(0));
 
   parse_args(argc, argv);
@@ -10292,7 +10431,7 @@ int main(int argc, char **argv)
         if (p && *p == '#' && *(p+1) == '#')
         {
           dynstr_append_mem(&ds_res, command->query, command->query_len);
-          dynstr_append(&ds_res, "\n");
+          dynstr_append_mem(&ds_res, STRING_WITH_LEN("\n"));
         }
 	break;
       }
@@ -10305,7 +10444,7 @@ int main(int argc, char **argv)
         if (disable_query_log)
           break;
 
-        dynstr_append(&ds_res, "\n");
+        dynstr_append_mem(&ds_res, STRING_WITH_LEN("\n"));
         break;
       case Q_PING:
         handle_command_error(command, mysql_ping(cur_con->mysql), -1);
@@ -11967,8 +12106,8 @@ void dynstr_append_sorted(DYNAMIC_STRING* ds, DYNAMIC_STRING *ds_input,
   for (i= 0; i < lines.elements ; i++)
   {
     const char **line= dynamic_element(&lines, i, const char**);
-    dynstr_append(ds, *line);
-    dynstr_append(ds, "\n");
+    dynstr_append_mem(ds, *line, strlen(*line));
+    dynstr_append_mem(ds, STRING_WITH_LEN("\n"));
   }
 
   delete_dynamic(&lines);
diff --git a/cmake/libfmt.cmake b/cmake/libfmt.cmake
index 70b6a072..da347942 100644
--- a/cmake/libfmt.cmake
+++ b/cmake/libfmt.cmake
@@ -1,4 +1,4 @@
-INCLUDE (CheckCXXSourceCompiles)
+INCLUDE (CheckCXXSourceRuns)
 INCLUDE (ExternalProject)
 
 SET(WITH_LIBFMT "auto" CACHE STRING
@@ -27,17 +27,15 @@ ENDMACRO()
 MACRO (CHECK_LIBFMT)
   IF(WITH_LIBFMT STREQUAL "system" OR WITH_LIBFMT STREQUAL "auto")
     SET(CMAKE_REQUIRED_INCLUDES ${LIBFMT_INCLUDE_DIR})
-    CHECK_CXX_SOURCE_COMPILES(
+    CHECK_CXX_SOURCE_RUNS(
     "#define FMT_STATIC_THOUSANDS_SEPARATOR ','
      #define FMT_HEADER_ONLY 1
      #include <fmt/format-inl.h>
-     #include <iostream>
      int main() {
-       int answer= 42;
+       int answer= 4321;
        fmt::format_args::format_arg arg=
          fmt::detail::make_arg<fmt::format_context>(answer);
-         std::cout << fmt::vformat(\"The answer is {}.\",
-                                   fmt::format_args(&arg, 1));
+       return fmt::vformat(\"{:L}\", fmt::format_args(&arg, 1)).compare(\"4,321\");
      }" HAVE_SYSTEM_LIBFMT)
     SET(CMAKE_REQUIRED_INCLUDES)
   ENDIF()
diff --git a/cmake/mysql_version.cmake b/cmake/mysql_version.cmake
index a55c27b4..9f1534a7 100644
--- a/cmake/mysql_version.cmake
+++ b/cmake/mysql_version.cmake
@@ -90,7 +90,7 @@ IF(NOT CPACK_PACKAGE_FILE_NAME)
 ENDIF()
 
 SET_IF_UNSET(CPACK_SOURCE_PACKAGE_FILE_NAME "mariadb-${VERSION}")
-SET_IF_UNSET(CPACK_PACKAGE_CONTACT "MariaDB Developers <maria-developers@lists.launchpad.net>")
+SET_IF_UNSET(CPACK_PACKAGE_CONTACT "MariaDB Developers <developers@lists.mariadb.org>")
 SET_IF_UNSET(CPACK_PACKAGE_VENDOR "MariaDB Foundation")
 SET_IF_UNSET(CPACK_PACKAGE_DESCRIPTION "${CPACK_PACKAGE_DESCRIPTION_SUMMARY}
 
diff --git a/cmake/os/AIX.cmake b/cmake/os/AIX.cmake
index 299b7919..7513c4f4 100644
--- a/cmake/os/AIX.cmake
+++ b/cmake/os/AIX.cmake
@@ -34,5 +34,8 @@ ELSE()
   SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGE_FILES -maix64 -pthread -mcmodel=large")
 ENDIF()
 
+# fcntl(fd, F_SETFL, O_DIRECT) is not supported; O_DIRECT is an open(2) flag
+SET(HAVE_FCNTL_DIRECT 0 CACHE INTERNAL "")
+
 # make it WARN by default, not AUTO (that implies -Werror)
 SET(MYSQL_MAINTAINER_MODE "WARN" CACHE STRING "Enable MariaDB maintainer-specific warnings. One of: NO (warnings are disabled) WARN (warnings are enabled) ERR (warnings are errors) AUTO (warnings are errors in Debug only)")
diff --git a/cmake/os/SunOS.cmake b/cmake/os/SunOS.cmake
index 3a9d2dcc..3d99d347 100644
--- a/cmake/os/SunOS.cmake
+++ b/cmake/os/SunOS.cmake
@@ -17,6 +17,10 @@ INCLUDE(CheckSymbolExists)
 INCLUDE(CheckCSourceRuns)
 INCLUDE(CheckCSourceCompiles) 
 
+# fcntl(fd, F_SETFL, O_DIRECT) is not supported,
+# and directio(3C) would only work on UFS or NFS, not ZFS.
+SET(HAVE_FCNTL_DIRECT 0 CACHE INTERNAL "")
+
 # Enable 64 bit file offsets
 SET(_FILE_OFFSET_BITS 64)
 
diff --git a/cmake/os/WindowsCache.cmake b/cmake/os/WindowsCache.cmake
index 6cd19262..ceb42627 100644
--- a/cmake/os/WindowsCache.cmake
+++ b/cmake/os/WindowsCache.cmake
@@ -44,6 +44,7 @@ SET(HAVE_EXECINFO_H CACHE  INTERNAL "")
 SET(HAVE_FCHMOD CACHE  INTERNAL "")
 SET(HAVE_FCNTL CACHE  INTERNAL "")
 SET(HAVE_FCNTL_H 1 CACHE  INTERNAL "")
+SET(HAVE_FCNTL_DIRECT 0 CACHE  INTERNAL "")
 SET(HAVE_FCNTL_NONBLOCK CACHE  INTERNAL "")
 SET(HAVE_FDATASYNC CACHE  INTERNAL "")
 SET(HAVE_DECL_FDATASYNC CACHE INTERNAL "")
@@ -242,7 +243,6 @@ SET(HAVE_TERMCAP_H CACHE  INTERNAL "")
 SET(HAVE_TERMIOS_H CACHE  INTERNAL "")
 SET(HAVE_TERMIO_H CACHE  INTERNAL "")
 SET(HAVE_TERM_H CACHE  INTERNAL "")
-SET(HAVE_THR_SETCONCURRENCY CACHE  INTERNAL "")
 SET(HAVE_THR_YIELD CACHE  INTERNAL "")
 SET(HAVE_TIME 1 CACHE  INTERNAL "")
 SET(HAVE_TIMES CACHE  INTERNAL "")
diff --git a/cmake/package_name.cmake b/cmake/package_name.cmake
index ff7f5ba7..9c25e426 100644
--- a/cmake/package_name.cmake
+++ b/cmake/package_name.cmake
@@ -102,11 +102,7 @@ IF(NOT VERSION)
           SET(DEFAULT_MACHINE "${CMAKE_OSX_ARCHITECTURES}")
         ENDIF()
       ELSE()
-        IF(64BIT)
-          SET(DEFAULT_MACHINE "x86_64")
-        ELSE()
-          SET(DEFAULT_MACHINE "i386")
-        ENDIF()
+        SET(DEFAULT_MACHINE ${CMAKE_SYSTEM_PROCESSOR})
       ENDIF()
 
       IF(DEFAULT_MACHINE MATCHES "i386")
diff --git a/cmake/pcre.cmake b/cmake/pcre.cmake
index 65dc2ae2..3c427b88 100644
--- a/cmake/pcre.cmake
+++ b/cmake/pcre.cmake
@@ -1,4 +1,3 @@
-INCLUDE (CheckCSourceRuns)
 INCLUDE (ExternalProject)
 
 SET(WITH_PCRE "auto" CACHE STRING
@@ -6,7 +5,8 @@ SET(WITH_PCRE "auto" CACHE STRING
 
 MACRO(BUNDLE_PCRE2)
   SET(dir "${CMAKE_BINARY_DIR}/extra/pcre2")
-  SET(PCRE_INCLUDES ${dir}/src/pcre2-build ${dir}/src/pcre2/src)
+  SET(PCRE_INCLUDE_DIRS ${dir}/src/pcre2-build ${dir}/src/pcre2/src)
+  MESSAGE(STATUS "Will download and bundle pcre2")
   SET(byproducts)
   FOREACH(lib pcre2-posix pcre2-8)
     ADD_LIBRARY(${lib} STATIC IMPORTED GLOBAL)
@@ -76,18 +76,23 @@ SET_TARGET_PROPERTIES(pcre2 PROPERTIES EXCLUDE_FROM_ALL TRUE)
 ENDMACRO()
 
 MACRO (CHECK_PCRE)
-  IF(WITH_PCRE STREQUAL "system" OR WITH_PCRE STREQUAL "auto")
-    CHECK_LIBRARY_EXISTS(pcre2-8 pcre2_match_8 "" HAVE_PCRE2)
-  ENDIF()
-  IF(NOT HAVE_PCRE2 OR WITH_PCRE STREQUAL "bundled")
-    IF (WITH_PCRE STREQUAL "system")
-      MESSAGE(FATAL_ERROR "system pcre2-8 library is not found or unusable")
+  IF (NOT TARGET pcre2 AND NOT PCRE_FOUND)
+    IF(WITH_PCRE STREQUAL "system" OR WITH_PCRE STREQUAL "auto")
+      FIND_PACKAGE(PkgConfig QUIET)
+      PKG_CHECK_MODULES(PCRE libpcre2-8)
+      # in case pkg-config or libpcre2-8.pc is not installed:
+      CHECK_LIBRARY_EXISTS(pcre2-8 pcre2_match_8 "${PCRE_LIBRARY_DIRS}" HAVE_PCRE2_MATCH_8)
     ENDIF()
-    BUNDLE_PCRE2()
-  ELSE()
-    CHECK_LIBRARY_EXISTS(pcre2-posix PCRE2regcomp "" NEEDS_PCRE2_DEBIAN_HACK)
-    IF(NEEDS_PCRE2_DEBIAN_HACK)
-      SET(PCRE2_DEBIAN_HACK "-Dregcomp=PCRE2regcomp -Dregexec=PCRE2regexec -Dregerror=PCRE2regerror -Dregfree=PCRE2regfree")
+    IF(NOT HAVE_PCRE2_MATCH_8 OR WITH_PCRE STREQUAL "bundled")
+      IF (WITH_PCRE STREQUAL "system")
+        MESSAGE(FATAL_ERROR "system pcre2-8 library is not found or unusable")
+      ENDIF()
+      BUNDLE_PCRE2()
+    ELSE()
+      CHECK_LIBRARY_EXISTS(pcre2-posix PCRE2regcomp "${PCRE_LIBRARY_DIRS}" NEEDS_PCRE2_DEBIAN_HACK)
+      IF(NEEDS_PCRE2_DEBIAN_HACK)
+        SET(PCRE2_DEBIAN_HACK "-Dregcomp=PCRE2regcomp -Dregexec=PCRE2regexec -Dregerror=PCRE2regerror -Dregfree=PCRE2regfree")
+      ENDIF()
     ENDIF()
   ENDIF()
 ENDMACRO()
diff --git a/cmake/plugin.cmake b/cmake/plugin.cmake
index 813d8ef6..6efd40fd 100644
--- a/cmake/plugin.cmake
+++ b/cmake/plugin.cmake
@@ -44,7 +44,7 @@ MACRO(MYSQL_ADD_PLUGIN)
   # Add common include directories
   INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include 
                     ${CMAKE_SOURCE_DIR}/sql
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${SSL_INCLUDE_DIRS}
                     ${ZLIB_INCLUDE_DIR})
 
diff --git a/cmake/readline.cmake b/cmake/readline.cmake
index 9c35d8c7..55a2867d 100644
--- a/cmake/readline.cmake
+++ b/cmake/readline.cmake
@@ -114,6 +114,9 @@ MACRO (MYSQL_FIND_SYSTEM_READLINE)
     {
       rl_completion_func_t *func1= (rl_completion_func_t*)0;
       rl_compentry_func_t *func2= (rl_compentry_func_t*)0;
+      rl_on_new_line();
+      rl_replace_line(\"\", 0);
+      rl_redisplay();
     }"
     NEW_READLINE_INTERFACE)
 
diff --git a/config.h.cmake b/config.h.cmake
index e8712d16..81ca8fe7 100644
--- a/config.h.cmake
+++ b/config.h.cmake
@@ -30,6 +30,7 @@
 #cmakedefine HAVE_DLFCN_H 1
 #cmakedefine HAVE_EXECINFO_H 1
 #cmakedefine HAVE_FCNTL_H 1
+#cmakedefine HAVE_FCNTL_DIRECT 1
 #cmakedefine HAVE_FENV_H 1
 #cmakedefine HAVE_FLOAT_H 1
 #cmakedefine HAVE_FNMATCH_H 1
@@ -72,6 +73,7 @@
 #cmakedefine HAVE_SYS_IOCTL_H 1
 #cmakedefine HAVE_SYS_MALLOC_H 1
 #cmakedefine HAVE_SYS_MMAN_H 1
+#cmakedefine HAVE_SYS_MNTENT_H 1
 #cmakedefine HAVE_SYS_NDIR_H 1
 #cmakedefine HAVE_SYS_PTE_H 1
 #cmakedefine HAVE_SYS_PTEM_H 1
@@ -232,7 +234,6 @@
 #cmakedefine HAVE_STRTOUL 1
 #cmakedefine HAVE_STRTOULL 1
 #cmakedefine HAVE_TELL 1
-#cmakedefine HAVE_THR_SETCONCURRENCY 1
 #cmakedefine HAVE_THR_YIELD 1
 #cmakedefine HAVE_TIME 1
 #cmakedefine HAVE_TIMES 1
diff --git a/configure.cmake b/configure.cmake
index dbd77a6e..061837c1 100644
--- a/configure.cmake
+++ b/configure.cmake
@@ -418,7 +418,6 @@ CHECK_FUNCTION_EXISTS (strtoul HAVE_STRTOUL)
 CHECK_FUNCTION_EXISTS (strtoull HAVE_STRTOULL)
 CHECK_FUNCTION_EXISTS (strcasecmp HAVE_STRCASECMP)
 CHECK_FUNCTION_EXISTS (tell HAVE_TELL)
-CHECK_FUNCTION_EXISTS (thr_setconcurrency HAVE_THR_SETCONCURRENCY)
 CHECK_FUNCTION_EXISTS (thr_yield HAVE_THR_YIELD)
 CHECK_FUNCTION_EXISTS (vasprintf HAVE_VASPRINTF)
 CHECK_FUNCTION_EXISTS (vsnprintf HAVE_VSNPRINTF)
@@ -707,6 +706,7 @@ CHECK_SYMBOL_EXISTS(O_NONBLOCK "unistd.h;fcntl.h" HAVE_FCNTL_NONBLOCK)
 IF(NOT HAVE_FCNTL_NONBLOCK)
  SET(NO_FCNTL_NONBLOCK 1)
 ENDIF()
+CHECK_SYMBOL_EXISTS(O_DIRECT "fcntl.h" HAVE_FCNTL_DIRECT)
 
 #
 # Test for how the C compiler does inline, if at all
diff --git a/extra/mariabackup/CMakeLists.txt b/extra/mariabackup/CMakeLists.txt
index 66293dac..f1c9dca7 100644
--- a/extra/mariabackup/CMakeLists.txt
+++ b/extra/mariabackup/CMakeLists.txt
@@ -36,7 +36,7 @@ INCLUDE_DIRECTORIES(
   )
 
 IF(NOT HAVE_SYSTEM_REGEX)
-  INCLUDE_DIRECTORIES(${PCRE_INCLUDES})
+  INCLUDE_DIRECTORIES(${PCRE_INCLUDE_DIRS})
   ADD_DEFINITIONS(${PCRE2_DEBIAN_HACK})
 ENDIF()
 
diff --git a/extra/mariabackup/backup_copy.cc b/extra/mariabackup/backup_copy.cc
index dbf12ced..f8d315d9 100644
--- a/extra/mariabackup/backup_copy.cc
+++ b/extra/mariabackup/backup_copy.cc
@@ -1618,6 +1618,7 @@ ibx_copy_incremental_over_full()
 		NULL};
 	const char *sup_files[] = {"xtrabackup_binlog_info",
 				   "xtrabackup_galera_info",
+				   "donor_galera_info",
 				   "xtrabackup_slave_info",
 				   "xtrabackup_info",
 				   "ib_lru_dump",
@@ -2290,7 +2291,7 @@ ds_ctxt_t::make_hardlink(const char *from_path, const char *to_path)
 	}
 	else
 	{
-		strncpy(to_path_full, to_path, sizeof(to_path_full));
+		strncpy(to_path_full, to_path, sizeof(to_path_full)-1);
 	}
 #ifdef _WIN32
 	return  CreateHardLink(to_path_full, from_path, NULL);
diff --git a/extra/mariabackup/backup_copy.h b/extra/mariabackup/backup_copy.h
index b4a323f2..b5aaf312 100644
--- a/extra/mariabackup/backup_copy.h
+++ b/extra/mariabackup/backup_copy.h
@@ -9,6 +9,7 @@
 /* special files */
 #define XTRABACKUP_SLAVE_INFO "xtrabackup_slave_info"
 #define XTRABACKUP_GALERA_INFO "xtrabackup_galera_info"
+#define XTRABACKUP_DONOR_GALERA_INFO "donor_galera_info"
 #define XTRABACKUP_BINLOG_INFO "xtrabackup_binlog_info"
 #define XTRABACKUP_INFO "xtrabackup_info"
 
diff --git a/extra/mariabackup/backup_mysql.cc b/extra/mariabackup/backup_mysql.cc
index cf8a5051..c2f15da4 100644
--- a/extra/mariabackup/backup_mysql.cc
+++ b/extra/mariabackup/backup_mysql.cc
@@ -1360,6 +1360,7 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
 {
 	char *state_uuid = NULL, *state_uuid55 = NULL;
 	char *last_committed = NULL, *last_committed55 = NULL;
+	char *domain_id = NULL, *domain_id55 = NULL;
 	bool result;
 
 	mysql_variable status[] = {
@@ -1370,6 +1371,12 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
 		{NULL, NULL}
 	};
 
+	mysql_variable value[] = {
+		{"Wsrep_gtid_domain_id", &domain_id},
+		{"wsrep_gtid_domain_id", &domain_id55},
+		{NULL, NULL}
+	};
+
 	/* When backup locks are supported by the server, we should skip
 	creating xtrabackup_galera_info file on the backup stage, because
 	wsrep_local_state_uuid and wsrep_last_committed will be inconsistent
@@ -1388,9 +1395,26 @@ write_galera_info(ds_ctxt *datasink, MYSQL *connection)
 		goto cleanup;
 	}
 
+	read_mysql_variables(connection, "SHOW VARIABLES LIKE 'wsrep%'", value, true);
+
+	if (domain_id == NULL && domain_id55 == NULL) {
+		msg("Warning: failed to get master wsrep state from SHOW VARIABLES.");
+		result = true;
+		goto cleanup;
+	}
+
 	result = datasink->backup_file_printf(XTRABACKUP_GALERA_INFO,
-		"%s:%s\n", state_uuid ? state_uuid : state_uuid55,
-			last_committed ? last_committed : last_committed55);
+		"%s:%s %s\n", state_uuid ? state_uuid : state_uuid55,
+			      last_committed ? last_committed : last_committed55,
+			      domain_id ? domain_id : domain_id55);
+
+	if (result)
+	{
+	  result= datasink->backup_file_printf(XTRABACKUP_DONOR_GALERA_INFO,
+		"%s:%s %s\n", state_uuid ? state_uuid : state_uuid55,
+			      last_committed ? last_committed : last_committed55,
+			      domain_id ? domain_id : domain_id55);
+	}
 	if (result)
 	{
 		write_current_binlog_file(datasink, connection);
diff --git a/extra/mariabackup/fil_cur.cc b/extra/mariabackup/fil_cur.cc
index e0a4711a..4f5d67a5 100644
--- a/extra/mariabackup/fil_cur.cc
+++ b/extra/mariabackup/fil_cur.cc
@@ -199,11 +199,13 @@ xb_fil_cur_open(
 		return(XB_FIL_CUR_SKIP);
 	}
 
+#ifdef HAVE_FCNTL_DIRECT
 	if (srv_file_flush_method == SRV_O_DIRECT
 	    || srv_file_flush_method == SRV_O_DIRECT_NO_FSYNC) {
 
 		os_file_set_nocache(cursor->file, node->name, "OPEN");
 	}
+#endif
 
 	posix_fadvise(cursor->file, 0, 0, POSIX_FADV_SEQUENTIAL);
 
diff --git a/extra/mariabackup/wsrep.cc b/extra/mariabackup/wsrep.cc
index 1b93e9ed..acaf5c50 100644
--- a/extra/mariabackup/wsrep.cc
+++ b/extra/mariabackup/wsrep.cc
@@ -53,6 +53,7 @@ permission notice:
 
 /*! Name of file where Galera info is stored on recovery */
 #define XB_GALERA_INFO_FILENAME "xtrabackup_galera_info"
+#define XB_GALERA_DONOR_INFO_FILENAME "donor_galera_info"
 
 /***********************************************************************
 Store Galera checkpoint info in the 'xtrabackup_galera_info' file, if that
@@ -67,7 +68,7 @@ xb_write_galera_info(bool incremental_prepare)
 	long long	seqno;
 	MY_STAT		statinfo;
 
-	/* Do not overwrite existing an existing file to be compatible with
+	/* Do not overwrite an existing file to be compatible with
 	servers with older server versions */
 	if (!incremental_prepare &&
 		my_stat(XB_GALERA_INFO_FILENAME, &statinfo, MYF(0)) != NULL) {
@@ -101,10 +102,11 @@ xb_write_galera_info(bool incremental_prepare)
 
 	seqno = wsrep_xid_seqno(&xid);
 
-	msg("mariabackup: Recovered WSREP position: %s:%lld\n",
-	    uuid_str, (long long) seqno);
+	msg("mariabackup: Recovered WSREP position: %s:%lld domain_id: %lld\n",
+	    uuid_str, (long long) seqno, (long long)wsrep_get_domain_id());
 
-	if (fprintf(fp, "%s:%lld", uuid_str, (long long) seqno) < 0) {
+	if (fprintf(fp, "%s:%lld %lld", uuid_str, (long long) seqno,
+		    (long long)wsrep_get_domain_id()) < 0) {
 
 		die(
 		    "could not write to " XB_GALERA_INFO_FILENAME
diff --git a/extra/mariabackup/xtrabackup.cc b/extra/mariabackup/xtrabackup.cc
index 9e359257..485cb143 100644
--- a/extra/mariabackup/xtrabackup.cc
+++ b/extra/mariabackup/xtrabackup.cc
@@ -127,7 +127,8 @@ int sd_notifyf() { return 0; }
 int sys_var_init();
 
 /* === xtrabackup specific options === */
-char xtrabackup_real_target_dir[FN_REFLEN] = "./xtrabackup_backupfiles/";
+#define DEFAULT_TARGET_DIR "./xtrabackup_backupfiles/"
+char xtrabackup_real_target_dir[FN_REFLEN] = DEFAULT_TARGET_DIR;
 char *xtrabackup_target_dir= xtrabackup_real_target_dir;
 static my_bool xtrabackup_version;
 static my_bool verbose;
@@ -409,6 +410,9 @@ uint opt_safe_slave_backup_timeout = 0;
 
 const char *opt_history = NULL;
 
+/* Whether xtrabackup_binlog_info should be created on recovery */
+static bool recover_binlog_info;
+
 
 char mariabackup_exe[FN_REFLEN];
 char orig_argv1[FN_REFLEN];
@@ -1266,22 +1270,25 @@ struct my_option xb_client_options[]= {
 
     {"compress", OPT_XTRA_COMPRESS,
      "Compress individual backup files using the "
-     "specified compression algorithm. Currently the only supported algorithm "
-     "is 'quicklz'. It is also the default algorithm, i.e. the one used when "
-     "--compress is used without an argument.",
+     "specified compression algorithm. It uses no longer maintained QuickLZ "
+     "library hence this option was deprecated with MariaDB 10.1.31 and 10.2.13.",
      (G_PTR *) &xtrabackup_compress_alg, (G_PTR *) &xtrabackup_compress_alg, 0,
      GET_STR, OPT_ARG, 0, 0, 0, 0, 0, 0},
 
     {"compress-threads", OPT_XTRA_COMPRESS_THREADS,
      "Number of threads for parallel data compression. The default value is "
-     "1.",
+     "1. "
+     "This option was deprecated as it relies on the no longer "
+     "maintained QuickLZ library.",
      (G_PTR *) &xtrabackup_compress_threads,
      (G_PTR *) &xtrabackup_compress_threads, 0, GET_UINT, REQUIRED_ARG, 1, 1,
      UINT_MAX, 0, 0, 0},
 
     {"compress-chunk-size", OPT_XTRA_COMPRESS_CHUNK_SIZE,
      "Size of working buffer(s) for compression threads in bytes. The default "
-     "value is 64K.",
+     "value is 64K. "
+     "This option was deprecated as it relies on the no longer "
+     "maintained QuickLZ library.",
      (G_PTR *) &xtrabackup_compress_chunk_size,
      (G_PTR *) &xtrabackup_compress_chunk_size, 0, GET_ULL, REQUIRED_ARG,
      (1 << 16), 1024, ULONGLONG_MAX, 0, 0, 0},
@@ -1402,7 +1409,9 @@ struct my_option xb_client_options[]= {
 
     {"decompress", OPT_DECOMPRESS,
      "Decompresses all files with the .qp "
-     "extension in a backup previously made with the --compress option.",
+     "extension in a backup previously made with the --compress option. "
+     "This option was deprecated as it relies on the no longer "
+     "maintained QuickLZ library.",
      (uchar *) &opt_decompress, (uchar *) &opt_decompress, 0, GET_BOOL, NO_ARG,
      0, 0, 0, 0, 0, 0},
 
@@ -1686,8 +1695,11 @@ struct my_option xb_server_options[] =
    "Path to InnoDB log files.", &srv_log_group_home_dir,
    &srv_log_group_home_dir, 0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
   {"innodb_max_dirty_pages_pct", OPT_INNODB_MAX_DIRTY_PAGES_PCT,
-   "Percentage of dirty pages allowed in bufferpool.", (G_PTR*) &srv_max_buf_pool_modified_pct,
-   (G_PTR*) &srv_max_buf_pool_modified_pct, 0, GET_ULONG, REQUIRED_ARG, 90, 0, 100, 0, 0, 0},
+   "Percentage of dirty pages allowed in bufferpool.",
+   (G_PTR*) &srv_max_buf_pool_modified_pct,
+   (G_PTR*) &srv_max_buf_pool_modified_pct, 0, GET_DOUBLE, REQUIRED_ARG,
+   (longlong)getopt_double2ulonglong(90), (longlong)getopt_double2ulonglong(0),
+   getopt_double2ulonglong(100), 0, 0, 0},
   {"innodb_use_native_aio", OPT_INNODB_USE_NATIVE_AIO,
    "Use native AIO if supported on this platform.",
    (G_PTR*) &srv_use_native_aio,
@@ -2179,7 +2191,7 @@ static bool innodb_init_param()
 
 	/* Check that values don't overflow on 32-bit systems. */
 	if (sizeof(ulint) == 4) {
-		if (xtrabackup_use_memory > UINT_MAX32) {
+          if (xtrabackup_use_memory > (longlong) UINT_MAX32) {
 			msg("mariabackup: use-memory can't be over 4GB"
 			    " on 32-bit systems");
 		}
@@ -2458,6 +2470,7 @@ xtrabackup_read_metadata(char *filename)
 {
 	FILE	*fp;
 	my_bool	 r = TRUE;
+	int	 t;
 
 	fp = fopen(filename,"r");
 	if(!fp) {
@@ -2488,6 +2501,9 @@ xtrabackup_read_metadata(char *filename)
 	}
 	/* Optional fields */
 
+	if (fscanf(fp, "recover_binlog_info = %d\n", &t) == 1) {
+		recover_binlog_info = (t == 1);
+	}
 end:
 	fclose(fp);
 
@@ -2506,11 +2522,13 @@ xtrabackup_print_metadata(char *buf, size_t buf_len)
 		 "backup_type = %s\n"
 		 "from_lsn = " UINT64PF "\n"
 		 "to_lsn = " UINT64PF "\n"
-		 "last_lsn = " UINT64PF "\n",
+		 "last_lsn = " UINT64PF "\n"
+		 "recover_binlog_info = %d\n",
 		 metadata_type,
 		 metadata_from_lsn,
 		 metadata_to_lsn,
-		 metadata_last_lsn);
+		 metadata_last_lsn,
+		 MY_TEST(opt_binlog_info == BINLOG_INFO_LOCKLESS));
 }
 
 /***********************************************************************
@@ -5942,6 +5960,26 @@ static ibool prepare_handle_del_files(const char *datadir, const char *db, const
 	return TRUE;
 }
 
+
+/**************************************************************************
+Store the current binary log coordinates in a specified file.
+@return 'false' on error. */
+static bool
+store_binlog_info(const char *filename, const char* name, ulonglong pos)
+{
+	FILE *fp = fopen(filename, "w");
+
+	if (!fp) {
+		msg("mariabackup: failed to open '%s'\n", filename);
+		return(false);
+	}
+
+	fprintf(fp, "%s\t%llu\n", name, pos);
+	fclose(fp);
+
+	return(true);
+}
+
 /** Implement --prepare
 @return	whether the operation succeeded */
 static bool xtrabackup_prepare_func(char** argv)
@@ -6133,6 +6171,20 @@ error:
 		msg("Last binlog file %s, position %lld",
 		    trx_sys.recovered_binlog_filename,
 		    longlong(trx_sys.recovered_binlog_offset));
+
+                /* output to xtrabackup_binlog_pos_innodb and (if
+                backup_safe_binlog_info was available on the server) to
+                xtrabackup_binlog_info. In the latter case
+                xtrabackup_binlog_pos_innodb becomes redundant and is created
+                only for compatibility. */
+                ok = store_binlog_info(
+                        "xtrabackup_binlog_pos_innodb",
+                        trx_sys.recovered_binlog_filename,
+                        trx_sys.recovered_binlog_offset)
+                        && (!recover_binlog_info || store_binlog_info(
+                                    XTRABACKUP_BINLOG_INFO,
+                                    trx_sys.recovered_binlog_filename,
+                                    trx_sys.recovered_binlog_offset));
 	}
 
 	/* Check whether the log is applied enough or not. */
@@ -6334,7 +6386,7 @@ static bool check_all_privileges()
 	}
 
 	/* KILL ... */
-	if (!opt_no_lock && (opt_kill_long_queries_timeout || opt_kill_long_query_type)) {
+	if (!opt_no_lock && opt_kill_long_queries_timeout) {
 		check_result |= check_privilege(
 			granted_privileges,
 			"CONNECTION ADMIN", "*", "*",
@@ -6355,7 +6407,7 @@ static bool check_all_privileges()
 	if (opt_galera_info || opt_slave_info
 		|| opt_safe_slave_backup) {
 		check_result |= check_privilege(granted_privileges,
-			"SLAVE MONITOR", "*", "*",
+			"REPLICA MONITOR", "*", "*",
 			PRIVILEGE_WARNING);
 	}
 
@@ -6568,9 +6620,10 @@ void handle_options(int argc, char **argv, char ***argv_server,
         server_default_groups.push_back(NULL);
 	snprintf(conf_file, sizeof(conf_file), "my");
 
-	if (prepare && target_dir) {
+	if (prepare) {
 		snprintf(conf_file, sizeof(conf_file),
-			 "%s/backup-my.cnf", target_dir);
+			 "%s/backup-my.cnf", target_dir ? target_dir:
+			DEFAULT_TARGET_DIR);
 			if (!strncmp(argv[1], "--defaults-file=", 16)) {
 				/* Remove defaults-file*/
 				for (int i = 2; ; i++) {
diff --git a/extra/mariabackup/xtrabackup.h b/extra/mariabackup/xtrabackup.h
index 53784a3f..d091c474 100644
--- a/extra/mariabackup/xtrabackup.h
+++ b/extra/mariabackup/xtrabackup.h
@@ -171,7 +171,7 @@ extern uint		opt_safe_slave_backup_timeout;
 
 extern const char	*opt_history;
 
-enum binlog_info_enum { BINLOG_INFO_OFF, BINLOG_INFO_ON,
+enum binlog_info_enum { BINLOG_INFO_OFF, BINLOG_INFO_LOCKLESS, BINLOG_INFO_ON,
 			BINLOG_INFO_AUTO};
 
 extern ulong opt_binlog_info;
diff --git a/extra/my_print_defaults.c b/extra/my_print_defaults.c
index 115eb8e7..260662b2 100644
--- a/extra/my_print_defaults.c
+++ b/extra/my_print_defaults.c
@@ -175,6 +175,7 @@ int main(int argc, char **argv)
   if ((error= load_defaults(config_file, (const char **) load_default_groups,
 			   &count, &arguments)))
   {
+    my_free(load_default_groups);
     my_end(0);
     if (error == 4)
       return 0;
diff --git a/extra/wolfssl/user_settings.h.in b/extra/wolfssl/user_settings.h.in
index 425f6f15..baa64fcd 100644
--- a/extra/wolfssl/user_settings.h.in
+++ b/extra/wolfssl/user_settings.h.in
@@ -28,6 +28,11 @@
 #define NO_OLD_TIMEVAL_NAME
 #define HAVE_SECURE_RENEGOTIATION
 #define HAVE_EXTENDED_MASTER
+/*
+  Following is workaround about a WolfSSL 5.6.6 bug.
+  The bug is about undefined sessionCtxSz during compilation.
+*/
+#define WOLFSSL_SESSION_ID_CTX
 
 /* TLSv1.3 definitions (all needed to build) */
 #define WOLFSSL_TLS13
diff --git a/extra/wolfssl/wolfssl/.editorconfig b/extra/wolfssl/wolfssl/.editorconfig
new file mode 100644
index 00000000..0ea0cc46
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.editorconfig
@@ -0,0 +1,10 @@
+# http://editorconfig.org
+root = true
+
+[*]
+indent_style = space
+indent_size = 4
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
diff --git a/extra/wolfssl/wolfssl/.github/workflows/async.yml b/extra/wolfssl/wolfssl/.github/workflows/async.yml
index 8ded7695..84eb4c58 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/async.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/async.yml
@@ -10,17 +10,20 @@ jobs:
         config: [
           # Add new configs here
           '--enable-asynccrypt --enable-all --enable-dtls13',
-          '--enable-asynccrypt-sw',
+          '--enable-asynccrypt-sw --enable-ocspstapling --enable-ocspstapling2',
+          '--enable-ocsp CFLAGS="-DTEST_NONBLOCK_CERTS"',
         ]
     name: make check
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     steps:
       - uses: actions/checkout@v3
         name: Checkout wolfSSL
 
       - name: Test wolfSSL async
         run: |
-          ./async-check.sh setup
+          ./async-check.sh install
           ./configure ${{ matrix.config }}
           make check
 
diff --git a/extra/wolfssl/wolfssl/.github/workflows/curl.yml b/extra/wolfssl/wolfssl/.github/workflows/curl.yml
new file mode 100644
index 00000000..fe6350e7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/curl.yml
@@ -0,0 +1,61 @@
+name: curl Test
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-curl
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-curl
+          path: build-dir
+          retention-days: 1
+
+  test_curl:
+    name: ${{ matrix.curl_ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    needs: build_wolfssl
+    strategy:
+      fail-fast: false
+      matrix:
+        curl_ref: [ 'master', 'curl-8_4_0' ]
+    steps:
+    - name: Install test dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install nghttp2
+        sudo pip install impacket
+
+    - name: Download lib
+      uses: actions/download-artifact@v3
+      with:
+        name: wolf-install-curl
+        path: build-dir
+
+    - name: Build curl
+      uses: wolfSSL/actions-build-autotools-project@v1
+      with:
+        repository: curl/curl
+        path: curl
+        ref: ${{ matrix.curl_ref }}
+        configure: --with-wolfssl=$GITHUB_WORKSPACE/build-dir
+        check: false
+
+    - name: Test curl
+      working-directory: curl
+      run: make -j test-ci
diff --git a/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml b/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
index 4b100bbf..9b9b9be2 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/docker-Espressif.yml
@@ -6,6 +6,8 @@ jobs:
   espressif_latest:
     name: latest Docker container
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
     container:
       image: espressif/idf:latest
     steps:
diff --git a/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml b/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
index 25508b4c..aa827895 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/docker-OpenWrt.yml
@@ -9,6 +9,8 @@ jobs:
     build_library:
         name: Compile libwolfssl.so
         runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 4
         container:
             image: alpine:latest
         steps:
@@ -26,6 +28,8 @@ jobs:
     compile_container:
         name: Compile container
         runs-on: ubuntu-latest
+        # This should be a safe limit for the tests to run.
+        timeout-minutes: 2
         needs: build_library
         strategy:
             fail-fast: false
diff --git a/extra/wolfssl/wolfssl/.github/workflows/hitch.yml b/extra/wolfssl/wolfssl/.github/workflows/hitch.yml
new file mode 100644
index 00000000..a7f745db
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/hitch.yml
@@ -0,0 +1,94 @@
+name: hitch Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-hitch
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+          retention-days: 1
+
+  hitch_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        include:
+          - ref: 1.7.3
+            ignore-tests: >-
+              test13-r82.sh test15-proxy-v2-npn.sh test39-client-cert-proxy.sh
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-hitch
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Install dependencies
+        run: |
+            export DEBIAN_FRONTEND=noninteractive
+            sudo apt-get update
+            sudo apt-get install -y libev-dev libssl-dev automake python3-docutils flex bison pkg-config make
+
+      - name: Checkout hitch
+        uses: actions/checkout@v3
+        with:
+          repository: varnish/hitch
+          ref: 1.7.3
+          path: hitch
+
+      # Do this before configuring so that it only detects the updated list of
+      # tests
+      - if: ${{ matrix.ignore-tests }}
+        name: Remove tests that we want to ignore
+        working-directory: ./hitch/src/tests
+        run: |
+          rm ${{ matrix.ignore-tests }}
+
+      - name: Configure and build hitch
+        run: |
+            cd $GITHUB_WORKSPACE/hitch/
+            patch -p1 < $GITHUB_WORKSPACE/osp/hitch/hitch_1.7.3.patch
+            autoreconf -ivf
+            SSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" SSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" ./configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir/ --enable-silent-rules --enable-documentation --enable-warnings --with-lex --with-yacc --prefix=$GITHUB_WORKSPACE/build-dir
+            make -j$(nproc)
+
+      - name: Confirm hitch built with wolfSSL
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          ldd src/hitch | grep wolfssl
+
+      - name: Run hitch tests, skipping ignored tests
+        working-directory: ./hitch
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          make check
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/.github/workflows/hostap.yml b/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
index ffa270cb..84ea1009 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/hostap.yml
@@ -15,6 +15,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
         # No way to view the full strategy in the browser (really weird)
       - name: Print strategy
@@ -90,6 +92,8 @@ jobs:
     name: hwsim test
     # For openssl 1.1
     runs-on: ubuntu-20.04
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 12
     needs: build_wolfssl
     steps:
         # No way to view the full strategy in the browser (really weird)
@@ -246,7 +250,7 @@ jobs:
             TESTS=$(printf '%s\n' "${ary[@]}" | tr '\n' ' ')
             # Retry up to three times
             for i in {1..3}; do
-              HWSIM_RES=0
+              HWSIM_RES=0 # Not set when command succeeds
               # Logs can grow quickly especially in debug mode
               sudo rm -rf logs
               sudo ./start.sh
diff --git a/extra/wolfssl/wolfssl/.github/workflows/krb5.yml b/extra/wolfssl/wolfssl/.github/workflows/krb5.yml
new file mode 100644
index 00000000..f03237c8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/krb5.yml
@@ -0,0 +1,79 @@
+name: Kerberos 5 Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 5
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-krb CFLAGS='-fsanitize=address'
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+          retention-days: 1
+
+  krb5_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 1.21.1 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 8
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-krb5
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Checkout krb5
+        uses: actions/checkout@v3
+        with:
+          repository: krb5/krb5
+          ref: krb5-${{ matrix.ref }}-final
+          path: krb5
+
+      - name: Apply patch
+        working-directory: ./krb5
+        run: |
+          patch -p1 < $GITHUB_WORKSPACE/osp/krb5/Patch-for-Kerberos-5-${{ matrix.ref }}.patch
+
+      - name: Build krb5
+        working-directory: ./krb5/src
+        run: |
+          autoreconf -ivf
+          # Using rpath because LD_LIBRARY_PATH is overwritten during testing
+          export WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include -I$GITHUB_WORKSPACE/build-dir/include/wolfssl  -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          export WOLFSSL_LIBS="-lwolfssl -L$GITHUB_WORKSPACE/build-dir/lib -Wl,-rpath=$GITHUB_WORKSPACE/build-dir/lib"
+          ./configure --with-crypto-impl=wolfssl --with-tls-impl=wolfssl --disable-pkinit \
+            CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address'
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j
+
+      - name: Run tests
+        working-directory: ./krb5/src
+        run: |
+          CFLAGS='-fsanitize=address' LDFLAGS='-fsanitize=address' make -j check
+
diff --git a/extra/wolfssl/wolfssl/.github/workflows/main.yml b/extra/wolfssl/wolfssl/.github/workflows/main.yml
index a7944f9d..b1e63a32 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/main.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/main.yml
@@ -14,6 +14,8 @@ jobs:
         uses: ./.github/workflows/docker-Espressif.yml
     multi-compiler:
         uses: ./.github/workflows/multi-compiler.yml
+    multi-arch:
+        uses: ./.github/workflows/multi-arch.yml
     openwrt:
         uses: ./.github/workflows/docker-OpenWrt.yml
     os-check:
@@ -26,6 +28,20 @@ jobs:
         uses: ./.github/workflows/openvpn.yml
     hostap:
         uses: ./.github/workflows/hostap.yml
+    nginx:
+        uses: ./.github/workflows/nginx.yml
+    zephyr:
+        uses: ./.github/workflows/zephyr.yml
+    hitch:
+        uses: ./.github/workflows/hitch.yml
+    curl:
+        uses: ./.github/workflows/curl.yml
+    krb5:
+        uses: ./.github/workflows/krb5.yml
+    packaging:
+        uses: ./.github/workflows/packaging.yml
+    memcached:
+        uses: ./.github/workflows/memcached.yml
 # TODO: Currently this test fails. Enable it once it becomes passing.        
 #    haproxy:
 #        uses: ./.github/workflows/haproxy.yml
diff --git a/extra/wolfssl/wolfssl/.github/workflows/memcached.sh b/extra/wolfssl/wolfssl/.github/workflows/memcached.sh
new file mode 100755
index 00000000..ee563ebd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/memcached.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -z "$GITHUB_WORKSPACE" ]; then
+    echo '$GITHUB_WORKSPACE is not set'
+    exit 1
+fi
+
+if [ -z "$HOST_ROOT" ]; then
+    echo '$HOST_ROOT is not set'
+    exit 1
+fi
+
+chroot $HOST_ROOT make -C $GITHUB_WORKSPACE/memcached \
+    -j$(nproc) PARALLEL=$(nproc) test_tls
diff --git a/extra/wolfssl/wolfssl/.github/workflows/memcached.yml b/extra/wolfssl/wolfssl/.github/workflows/memcached.yml
new file mode 100644
index 00000000..9a4c8131
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/memcached.yml
@@ -0,0 +1,107 @@
+name: memcached Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-memcached
+          install: true
+
+      - name: Bundle Docker entry point
+        run: cp wolfssl/.github/workflows/memcached.sh build-dir/bin
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-memcached
+          path: build-dir
+          retention-days: 1
+
+  memcached_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        include:
+          - ref: 1.6.22
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-memcached
+          path: build-dir
+
+      - name: Checkout OSP
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/osp
+          path: osp
+
+      - name: Install dependencies
+        run: |
+            export DEBIAN_FRONTEND=noninteractive
+            sudo apt-get update
+            sudo apt-get install -y libevent-dev libevent-2.1-7 automake pkg-config make libio-socket-ssl-perl
+
+      - name: Checkout memcached
+        uses: actions/checkout@v3
+        with:
+          repository: memcached/memcached
+          ref: 1.6.22
+          path: memcached
+
+      - name: Configure and build memcached
+        run: |
+            cd $GITHUB_WORKSPACE/memcached/
+            patch -p1 < $GITHUB_WORKSPACE/osp/memcached/memcached_1.6.22.patch
+            ./autogen.sh
+            export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+            PKG_CONFIG_PATH=$GITHUB_WORKSPACE/build-dir/lib/pkgconfig ./configure --enable-wolfssl
+            make -j$(nproc)
+
+      - name: Confirm memcached built with wolfSSL
+        working-directory: ./memcached
+        run: |
+          export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH
+          ldd memcached | grep wolfssl
+
+      - name: Run memcached tests
+        working-directory: ./memcached
+        run: |
+          # Retry up to three times
+          # Using docker because interrupting the tests doesn't close running
+          # background servers. They can become daemonized and then all re-runs
+          # will always fail.
+          chmod +x $GITHUB_WORKSPACE/build-dir/bin/memcached.sh
+          for i in {1..3}; do
+            echo "-------- RUNNING TESTS --------"
+            MEMCACHED_RES=0 # Not set when command succeeds
+            # Tests should usually take less than 4 minutes. If already taking
+            # 5 minutes then they are probably stuck. Interrupt and re-run.
+            time timeout -s SIGKILL 5m docker run -v /:/host \
+              -v $GITHUB_WORKSPACE/build-dir/bin/memcached.sh:/memcached.sh \
+              -e GITHUB_WORKSPACE=$GITHUB_WORKSPACE \
+              -e HOST_ROOT=/host \
+              -e LD_LIBRARY_PATH=$GITHUB_WORKSPACE/build-dir/lib:$LD_LIBRARY_PATH \
+              alpine:latest /memcached.sh || MEMCACHED_RES=$?
+
+            if [ "$MEMCACHED_RES" -eq "0" ]; then
+              break
+            fi
+          done
+          echo "test ran $i times"
+          if [ "$MEMCACHED_RES" -ne "0" ]; then
+            exit $MEMCACHED_RES
+          fi
diff --git a/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml b/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml
new file mode 100644
index 00000000..e5b9859a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/multi-arch.yml
@@ -0,0 +1,54 @@
+name: Multiple architectures
+
+on:
+  workflow_call:
+
+jobs:
+  my_matrix:
+    name: Multi-arch test
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          - HOST: aarch64-linux-gnu
+            CC: aarch64-linux-gnu-gcc
+            ARCH: arm64
+            EXTRA_OPTS: --enable-sp-asm --enable-armasm
+          - HOST: arm-linux-gnueabihf
+            CC: arm-linux-gnueabihf-gcc
+            ARCH: armhf
+            EXTRA_OPTS: --enable-sp-asm
+          - HOST: riscv64-linux-gnu
+            CC: riscv64-linux-gnu-gcc
+            ARCH: riscv64
+          # Config to ensure CPUs without Thumb instructions compiles
+          - HOST: arm-linux-gnueabi
+            CC: arm-linux-gnueabi-gcc
+            CFLAGS: -marm -DWOLFSSL_SP_ARM_ARCH=6
+            ARCH: armel
+            EXTRA_OPTS: --enable-sp-asm
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Install Compiler
+        run: |
+          sudo apt update
+          sudo apt install -y crossbuild-essential-${{ matrix.ARCH }} qemu-user
+      - uses: actions/checkout@v3
+      - name: Build
+        env:
+            CC: ${{ matrix.CC }}
+            CFLAGS: ${{ matrix.CFLAGS }}
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./autogen.sh && ./configure --host=${{ matrix.HOST }} --enable-all --disable-examples ${{ matrix.EXTRA_OPTS }} && make
+      - name: Print errors 
+        if: ${{ failure() }}
+        run: |
+          if [ -f config.log ] ; then
+            cat config.log
+          fi
+      - name: Run WolfCrypt Tests
+        env:
+            QEMU_LD_PREFIX: /usr/${{ matrix.HOST }}
+        run: ./wolfcrypt/test/testwolfcrypt
diff --git a/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml b/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
index ed4003ed..48512df2 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/multi-compiler.yml
@@ -12,19 +12,34 @@ jobs:
         include:
           - CC: gcc-9
             CXX: g++-9
+            OS: ubuntu-latest
           - CC: gcc-10
             CXX: g++-10
+            OS: ubuntu-latest
           - CC: gcc-11
             CXX: g++-11
+            OS: ubuntu-latest
           - CC: gcc-12
             CXX: g++-12
+            OS: ubuntu-latest
+          - CC: clang-10
+            CXX: clang++-10
+            OS: ubuntu-20.04
+          - CC: clang-11
+            CXX: clang++-11
+            OS: ubuntu-20.04
           - CC: clang-12
             CXX: clang++-12
+            OS: ubuntu-20.04
           - CC: clang-13
             CXX: clang++-13
+            OS: ubuntu-latest
           - CC: clang-14
             CXX: clang++-14
-    runs-on: ubuntu-latest
+            OS: ubuntu-latest
+    runs-on: ${{ matrix.OS }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - uses: actions/checkout@v3
       - name: Build
@@ -32,3 +47,7 @@ jobs:
             CC: ${{ matrix.CC }}
             CXX: ${{ matrix.CXX }}
         run: ./autogen.sh && ./configure && make && make dist
+      - name: Show log on errors
+        if: ${{ failure() }}
+        run: |
+            cat config.log
diff --git a/extra/wolfssl/wolfssl/.github/workflows/nginx.yml b/extra/wolfssl/wolfssl/.github/workflows/nginx.yml
new file mode 100644
index 00000000..05f2ed7c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/nginx.yml
@@ -0,0 +1,206 @@
+name: nginx Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
+    steps:
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          # We don't use --enable-debug since it makes the logs too loud
+          echo "wolf_debug_flags= CFLAGS='-g3 -O0'" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: --enable-nginx ${{ env.wolf_debug_flags }}
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+          retention-days: 1
+
+  nginx_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+          # in general we want to pass all tests that match *ssl*
+          - ref: 1.25.0
+            test-ref: 5b2894ea1afd01a26c589ce11f310df118e42592
+            # Following tests pass with sanitizer on
+            sanitize-ok: >-
+              h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+              mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t
+              mail_ssl.t proxy_ssl_certificate_empty.t proxy_ssl_certificate.t
+              proxy_ssl_certificate_vars.t proxy_ssl_conf_command.t proxy_ssl_name.t
+              ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+              ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t
+              ssl_crl.t ssl_curve.t ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t
+              ssl_proxy_protocol.t ssl_proxy_upgrade.t ssl_reject_handshake.t
+              ssl_session_reuse.t ssl_session_ticket_key.t ssl_sni_reneg.t
+              ssl_sni_sessions.t ssl_sni.t ssl_stapling.t ssl.t ssl_verify_client.t
+              ssl_verify_depth.t stream_proxy_ssl_certificate.t stream_proxy_ssl_certificate_vars.t
+              stream_proxy_ssl_conf_command.t stream_proxy_ssl_name_complex.t
+              stream_proxy_ssl_name.t stream_ssl_certificate.t stream_ssl_conf_command.t
+              stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t stream_ssl_preread.t
+              stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t stream_ssl_variables.t
+              stream_ssl_verify_client.t stream_upstream_zone_ssl.t upstream_zone_ssl.t
+              uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t uwsgi_ssl.t
+              uwsgi_ssl_verify.t
+            # Following tests do not pass with sanitizer on (with OpenSSL too)
+            sanitize-not-ok: >-
+              grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+              proxy_request_buffering_ssl.t proxy_ssl_keepalive.t proxy_ssl.t
+              proxy_ssl_verify.t stream_proxy_protocol_ssl.t stream_proxy_ssl.t
+              stream_proxy_ssl_verify.t stream_ssl_alpn.t
+          - ref: 1.24.0
+            test-ref: 212d9d003886e3a24542855fb60355a417f037de
+            # Following tests pass with sanitizer on
+            sanitize-ok: >-
+              h2_ssl_proxy_cache.t h2_ssl.t h2_ssl_variables.t h2_ssl_verify_client.t
+              mail_imap_ssl.t mail_ssl_conf_command.t mail_ssl_session_reuse.t mail_ssl.t
+              proxy_ssl_certificate_empty.t proxy_ssl_certificate.t proxy_ssl_certificate_vars.t
+              proxy_ssl_name.t ssl_certificate_chain.t ssl_certificate_perl.t ssl_certificates.t
+              ssl_certificate.t ssl_client_escaped_cert.t ssl_conf_command.t ssl_crl.t
+              ssl_engine_keys.t ssl_ocsp.t ssl_password_file.t ssl_proxy_protocol.t
+              ssl_proxy_upgrade.t ssl_reject_handshake.t ssl_session_reuse.t
+              ssl_session_ticket_key.t ssl_sni_reneg.t ssl_sni_sessions.t ssl_sni.t
+              ssl_stapling.t ssl.t ssl_verify_client.t stream_proxy_ssl_certificate.t
+              stream_proxy_ssl_certificate_vars.t stream_proxy_ssl_name_complex.t
+              stream_proxy_ssl_name.t stream_ssl_alpn.t stream_ssl_certificate.t
+              stream_ssl_conf_command.t stream_ssl_preread_alpn.t stream_ssl_preread_protocol.t
+              stream_ssl_preread.t stream_ssl_realip.t stream_ssl_session_reuse.t stream_ssl.t
+              stream_ssl_variables.t stream_ssl_verify_client.t stream_upstream_zone_ssl.t
+              upstream_zone_ssl.t uwsgi_ssl_certificate.t uwsgi_ssl_certificate_vars.t
+              uwsgi_ssl.t uwsgi_ssl_verify.t 
+            # Following tests do not pass with sanitizer on (with OpenSSL too)
+            sanitize-not-ok: >-
+              grpc_ssl.t h2_proxy_request_buffering_ssl.t h2_proxy_ssl.t
+              proxy_request_buffering_ssl.t proxy_ssl_conf_command.t proxy_ssl_keepalive.t
+              proxy_ssl.t proxy_ssl_verify.t ssl_curve.t ssl_verify_depth.t
+              stream_proxy_protocol_ssl.t stream_proxy_ssl_conf_command.t stream_proxy_ssl.t
+              stream_proxy_ssl_verify.t
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-nginx
+          path: build-dir
+
+      - name: Install dependencies
+        run: |
+          sudo cpan -iT Proc::Find Net::SSLeay IO::Socket::SSL
+
+      - name: Checkout wolfssl-nginx
+        uses: actions/checkout@v3
+        with:
+          repository: wolfssl/wolfssl-nginx
+          path: wolfssl-nginx
+
+      - name: Checkout nginx
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx
+          path: nginx
+          ref: release-${{ matrix.ref }}
+
+      - name: Apply nginx patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl.patch
+
+      - if: ${{ runner.debug }}
+        name: Apply nginx debug patch
+        working-directory: nginx
+        run: patch -p1 < ../wolfssl-nginx/nginx-${{ matrix.ref }}-wolfssl-debug.patch
+
+      - name: Checkout nginx-tests
+        uses: actions/checkout@v3
+        with:
+          repository: nginx/nginx-tests
+          path: nginx-tests
+          ref: ${{ matrix.test-ref }}
+
+      - name: Apply nginx-tests patch
+        working-directory: nginx-tests
+        run: patch -p1 < ../wolfssl-nginx/nginx-tests-patches/*${{ matrix.test-ref }}.patch
+
+      - name: Build nginx without sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests without sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+            TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests without sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-not-ok }}
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          echo "nginx_c_flags=-O0" >> $GITHUB_ENV
+
+      - name: Build nginx with sanitizer
+        working-directory: nginx
+        run: |
+          ./auto/configure --with-wolfssl=$GITHUB_WORKSPACE/build-dir --with-http_ssl_module \
+            --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
+            --with-http_v2_module --with-mail --with-mail_ssl_module \
+            --with-cc-opt='-fsanitize=address -DNGX_DEBUG_PALLOC=1 -g3 ${{ env.nginx_c_flags }}' \
+            --with-ld-opt='-fsanitize=address ${{ env.nginx_c_flags }}'
+          make -j
+
+      - name: Confirm nginx built with wolfSSL
+        working-directory: nginx
+        run: ldd objs/nginx | grep wolfssl
+
+      - if: ${{ runner.debug }}
+        name: Run nginx-tests with sanitizer (debug)
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+          TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_VERBOSE=y TEST_NGINX_CATLOG=y \
+          TEST_NGINX_BINARY=../nginx/objs/nginx prove -v ${{ matrix.sanitize-ok }}
+
+      - if: ${{ !runner.debug }}
+        name: Run nginx-tests with sanitizer
+        working-directory: nginx-tests
+        run: |
+          LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib \
+            TMPDIR=$GITHUB_WORKSPACE TEST_NGINX_BINARY=../nginx/objs/nginx \
+            prove ${{ matrix.sanitize-ok }}
+ 
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml b/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
index cf943544..10f206ff 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/openvpn.yml
@@ -8,6 +8,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
         ref: [ master, release/2.6, v2.6.0 ]
     name: ${{ matrix.ref }}
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     needs: build_wolfssl
     steps:
       - name: Download lib
diff --git a/extra/wolfssl/wolfssl/.github/workflows/os-check.yml b/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
index 6a8c34fd..08134c4a 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/os-check.yml
@@ -16,12 +16,19 @@ jobs:
           '--enable-all --enable-asn=original',
           '--enable-harden-tls',
           '--enable-tls13 --enable-session-ticket --enable-dtls --enable-dtls13
-           --enable-opensslextra --enable-sessioncerts 
-           CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE 
-           -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+             --enable-opensslextra --enable-sessioncerts 
+             CPPFLAGS=''-DWOLFSSL_DTLS_NO_HVR_ON_RESUME -DHAVE_EXT_CACHE 
+             -DWOLFSSL_TICKET_HAVE_ID -DHAVE_EX_DATA -DSESSION_CACHE_DYNAMIC_MEM'' ',
+          '--enable-all --enable-secure-renegotiation',
+          '--enable-all --enable-haproxy --enable-quic',
+          '--enable-dtls --enable-dtls13 --enable-earlydata 
+             --enable-session-ticket --enable-psk 
+             CPPFLAGS=''-DWOLFSSL_DTLS13_NO_HRR_ON_RESUME'' ',
         ]
     name: make check
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -40,6 +47,8 @@ jobs:
         ]
     name: make user_setting.h
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -61,6 +70,8 @@ jobs:
         ]
     name: make user_setting.h (testwolfcrypt only)
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
       - name: Build and test wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -80,6 +91,8 @@ jobs:
         os: [ ubuntu-latest, macos-latest ]
     name: make user_setting.h (with sed)
     runs-on: ${{ matrix.os }}
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 14
     steps:
     - uses: actions/checkout@v3
     - if: ${{ matrix.os == 'macos-latest' }}
@@ -96,6 +109,8 @@ jobs:
   windows_build:
     name: Windows Build Test
     runs-on: windows-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 6
     env:
       # Path to the solution file relative to the root of the project.
       SOLUTION_FILE_PATH: wolfssl64.sln
@@ -120,3 +135,7 @@ jobs:
       # Add additional options to the MSBuild command line here (like platform or verbosity level).
       # See https://docs.microsoft.com/visualstudio/msbuild/msbuild-command-line-reference
       run: msbuild /m /p:PlatformToolset=v142 /p:Platform=${{env.BUILD_PLATFORM}} /p:Configuration=${{env.BUILD_CONFIGURATION}} ${{env.SOLUTION_FILE_PATH}}
+
+    - name: Run Test
+      working-directory: ${{env.GITHUB_WORKSPACE}}
+      run: Release/x64/testsuite.exe
diff --git a/extra/wolfssl/wolfssl/.github/workflows/packaging.yml b/extra/wolfssl/wolfssl/.github/workflows/packaging.yml
new file mode 100644
index 00000000..42e21359
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/packaging.yml
@@ -0,0 +1,45 @@
+name: Packaging Tests
+
+on:
+  workflow_call:
+
+jobs:
+  build_wolfssl:
+    name: Package wolfSSL
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 10
+    steps:
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+
+      - name: Configure wolfSSL
+        run: |
+          autoreconf -ivf
+          ./configure --enable-distro --enable-all \
+            --disable-openssl-compatible-defaults --enable-intelasm \
+            --enable-dtls13 --enable-dtls-mtu \
+            --enable-sp-asm --disable-examples --disable-silent-rules
+
+      - name: Make sure OPENSSL_COMPATIBLE_DEFAULTS is not present in options.h
+        run: |
+          ! grep OPENSSL_COMPATIBLE_DEFAULTS wolfssl/options.h
+
+      - name: Build wolfSSL .deb
+        run: make deb-docker
+
+      - name: Build wolfSSL .rpm
+        run: make rpm-docker
+
+      - name: Confirm packages built
+        run: |
+          DEB_COUNT=$(find -name 'libwolfssl*.deb' | wc -l)
+          if [ "$DEB_COUNT" != "2" ]; then
+            echo Did not find exactly two deb packages!!!
+            exit 1
+          fi
+          RPM_COUNT=$(find -name 'wolfssl*.rpm' | wc -l)
+          if [ "$RPM_COUNT" != "4" ]; then
+            echo Did not find exactly four rpm packages!!!
+            exit 1
+          fi
diff --git a/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml b/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
index 2f8f1de4..ac25126d 100644
--- a/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
+++ b/extra/wolfssl/wolfssl/.github/workflows/stunnel.yml
@@ -8,6 +8,8 @@ jobs:
     name: Build wolfSSL
     # Just to keep it the same as the testing target
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     steps:
       - name: Build wolfSSL
         uses: wolfSSL/actions-build-autotools-project@v1
@@ -31,6 +33,8 @@ jobs:
         ref: [ 5.67 ]
     name: ${{ matrix.ref }}
     runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 4
     needs: build_wolfssl
     steps:
       - name: Download lib
diff --git a/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml b/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml
new file mode 100644
index 00000000..decdba25
--- /dev/null
+++ b/extra/wolfssl/wolfssl/.github/workflows/zephyr.yml
@@ -0,0 +1,104 @@
+name: Zephyr tests
+
+on:
+  workflow_call:
+
+jobs:
+  run_test:
+    name: Build and run
+    strategy:
+      fail-fast: false
+      matrix:
+        config:
+          - zephyr-ref: v3.4.0
+            zephyr-sdk: 0.16.1
+          - zephyr-ref: v3.5.0
+            zephyr-sdk: 0.16.3
+    runs-on: ubuntu-latest
+    # This should be a safe limit for the tests to run.
+    timeout-minutes: 15
+    steps:
+      - name: Install dependencies
+        run: |
+          # Don't prompt for anything
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          # most of the ci-base zephyr docker image packages
+          sudo apt-get install -y zip bridge-utils uml-utilities \
+            git cmake ninja-build gperf ccache dfu-util device-tree-compiler wget \
+            python3-dev python3-pip python3-setuptools python3-tk python3-wheel xz-utils file \
+            make gcc gcc-multilib g++-multilib libsdl2-dev libmagic1 \
+            autoconf automake bison build-essential ca-certificates cargo ccache chrpath cmake \
+            cpio device-tree-compiler dfu-util diffstat dos2unix doxygen file flex g++ gawk gcc \
+            gcovr git git-core gnupg gperf gtk-sharp2 help2man iproute2 lcov libcairo2-dev \
+            libglib2.0-dev libgtk2.0-0 liblocale-gettext-perl libncurses5-dev libpcap-dev \
+            libpopt0 libsdl1.2-dev libsdl2-dev libssl-dev libtool libtool-bin locales make \
+            net-tools ninja-build openssh-client parallel pkg-config python3-dev python3-pip \
+            python3-ply python3-setuptools python-is-python3 qemu rsync socat srecord sudo \
+            texinfo unzip wget ovmf xz-utils
+
+      - name: Install west
+        run: sudo pip install west
+
+      - name: Init west workspace
+        run: west init --mr ${{ matrix.config.zephyr-ref }} zephyr
+
+      - name: Update west.yml
+        working-directory: zephyr/zephyr
+        run: |
+          REF=$(echo '${{ github.ref }}' | sed -e 's/\//\\\//g')
+          sed -e 's/remotes:/remotes:\n    \- name: wolfssl\n      url\-base: https:\/\/github.com\/${{ github.repository_owner }}/' -i west.yml
+          sed -e "s/projects:/projects:\n    \- name: wolfssl\n      path: modules\/crypto\/wolfssl\n      remote: wolfssl\n      revision: $REF/" -i west.yml
+
+      - name: Update west workspace
+        working-directory: zephyr
+        run: west update -n -o=--depth=1
+
+      - name: Export zephyr
+        working-directory: zephyr
+        run: west zephyr-export
+
+      - name: Install pip dependencies
+        working-directory: zephyr
+        run: sudo pip install -r zephyr/scripts/requirements.txt
+
+      - name: Install zephyr SDK
+        run: |
+          wget -q https://github.com/zephyrproject-rtos/sdk-ng/releases/download/v${{ matrix.config.zephyr-sdk }}/zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          tar xf zephyr-sdk-${{ matrix.config.zephyr-sdk }}_linux-x86_64.tar.xz
+          cd zephyr-sdk-${{ matrix.config.zephyr-sdk }}
+          ./setup.sh -h -c
+
+      - name: Run wolfssl test
+        id: wolfssl-test
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_test/sample.crypto.wolfssl_test -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS sock test
+        id: wolfssl-tls-sock
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_sock/sample.crypto.wolfssl_tls_sock -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Run wolfssl TLS thread test
+        id: wolfssl-tls-thread
+        working-directory: zephyr
+        run: |
+          ./zephyr/scripts/twister --testsuite-root modules/crypto/wolfssl --test zephyr/samples/wolfssl_tls_thread/sample.crypto.wolfssl_tls_thread -vvv
+          rm -rf zephyr/twister-out
+
+      - name: Zip failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        run: |
+          zip -9 -r logs.zip zephyr/twister-out
+
+      - name: Upload failure logs
+        if: ${{ failure() && (steps.wolfssl-test.outcome == 'failure' || steps.wolfssl-tls-sock.outcome == 'failure' || steps.wolfssl-tls-thread.outcome == 'failure') }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: zephyr-client-test-logs
+          path: logs.zip
+          retention-days: 5
diff --git a/extra/wolfssl/wolfssl/.gitignore b/extra/wolfssl/wolfssl/.gitignore
index d6e72cb5..5adfbf31 100644
--- a/extra/wolfssl/wolfssl/.gitignore
+++ b/extra/wolfssl/wolfssl/.gitignore
@@ -64,6 +64,8 @@ ctaocrypt/benchmark/benchmark
 ctaocrypt/test/testctaocrypt
 wolfcrypt/benchmark/benchmark
 wolfcrypt/test/testwolfcrypt
+examples/async/async_client
+examples/async/async_server
 examples/benchmark/tls_bench
 examples/client/client
 examples/echoclient/echoclient
@@ -74,6 +76,7 @@ examples/sctp/sctp-server-dtls
 examples/sctp/sctp-client
 examples/sctp/sctp-client-dtls
 examples/asn1/asn1
+examples/pem/pem
 server_ready
 snifftest
 output
@@ -84,6 +87,7 @@ testsuite/testsuite.test
 tests/unit.test
 tests/bio_write_test.txt
 tests/test-log-dump-to-file.txt
+tests/cert_cache.tmp
 test-write-dhparams.pem
 testsuite/*.der
 testsuite/*.pem
@@ -343,6 +347,8 @@ doc/pdf
 
 # XCODE Index
 IDE/XCODE/Index
+IDE/**/xcshareddata
+IDE/**/DerivedData
 
 # ARM DS-5 && Eclipse
 \.settings/
@@ -403,7 +409,8 @@ libFuzzer
 XXX-fips-test
 
 # ASYNC
-async
+/wolfAsyncCrypt
+/async
 
 # Generated user_settings_asm.h.
 user_settings_asm.h
@@ -414,6 +421,19 @@ user_settings_asm.h
 # Espressif sdk config default should be saved in sdkconfig.defaults
 # we won't track the actual working sdkconfig files
 /IDE/Espressif/**/sdkconfig
+/IDE/Espressif/**/sdkconfig.old
 
 # auto-created CMake backups
 **/CMakeLists.txt.old
+
+# MagicCrypto (ARIA Cipher)
+MagicCrypto
+
+# CMake  build directory
+/out
+/out_temp
+
+# debian packaging
+debian/changelog
+debian/control
+*.deb
diff --git a/extra/wolfssl/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/CMakeLists.txt
index f67b67a0..337b0d61 100644
--- a/extra/wolfssl/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/CMakeLists.txt
@@ -28,16 +28,27 @@ if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
      You must delete them, or cmake will refuse to work.")
 endif()
 
-project(wolfssl VERSION 5.6.3 LANGUAGES C ASM)
+project(wolfssl VERSION 5.6.6 LANGUAGES C ASM)
+
+# Set WOLFSSL_ROOT if not already defined
+if ("${WOLFSSL_ROOT}" STREQUAL "")
+    # we'll assume this CMakeLists.txt is in the root of wolfSSL
+    if (EXISTS "${CMAKE_SOURCE_DIR}/wolfcrypt/src/")
+        get_filename_component(WOLFSSL_ROOT "${CMAKE_SOURCE_DIR}" ABSOLUTE)
+        message(STATUS "Found WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+    endif()
+else()
+    message(STATUS "Using predefined WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
+endif()
 
 # shared library versioning
 # increment if interfaces have been added, removed or changed
-set(LIBTOOL_CURRENT 40)
+set(LIBTOOL_CURRENT 42)
 # increment if source code has changed  set to zero if current is incremented
-set(LIBTOOL_REVISION 1)
+set(LIBTOOL_REVISION 0)
 # increment if interfaces have been added set to zero if interfaces have been
 # removed or changed
-set(LIBTOOL_AGE 5)
+set(LIBTOOL_AGE 0)
 
 math(EXPR LIBTOOL_SO_VERSION "${LIBTOOL_CURRENT} - ${LIBTOOL_AGE}")
 set(LIBTOOL_FULL_VERSION ${LIBTOOL_SO_VERSION}.${LIBTOOL_AGE}.${LIBTOOL_REVISION})
@@ -116,6 +127,7 @@ check_type_size("time_t" SIZEOF_TIME_T)
 # but we want it as 1.
 if(HAVE___UINT128_T)
     set(HAVE___UINT128_T "1" CACHE INTERNAL "Result of TRY_COMPILE" FORCE)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE___UINT128_T")
 endif()
 
 include(TestBigEndian)
@@ -257,6 +269,18 @@ if(NOT WOLFSSL_SINGLE_THREADED)
     endif()
 endif()
 
+# DTLS-SRTP
+add_option("WOLFSSL_SRTP"
+    "Enables wolfSSL DTLS-SRTP (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_SRTP)
+    list(APPEND WOLFSSL_DEFINITIONS
+        "-DWOLFSSL_SRTP")
+    set(WOLFSSL_DTLS "yes")
+    set(WOLFSSL_KEYING_MATERIAL "yes")
+endif()
+
 
 # DTLS
 add_option("WOLFSSL_DTLS"
@@ -353,6 +377,83 @@ if(NOT WOLFSSL_RNG)
     list(APPEND WOLFSSL_DEFINITIONS "-DWC_NO_RNG")
 endif()
 
+# QUIC
+add_option(WOLFSSL_QUIC
+    "Enable QUIC support (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_QUIC)
+    set(WOLFSSL_ALPN "yes")
+    set(WOLFSSL_OPENSSLEXTRA "yes")
+    set(WOLFSSL_AESCTR "yes")
+    set(WOLFSSL_CURVE25519 "yes")
+    set(WOLFSSL_SNI "yes")
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_QUIC" "-DHAVE_EX_DATA")
+endif()
+
+# Curl
+add_option(WOLFSSL_CURL
+    "Enable CURL support (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_CURL)
+    set(WOLFSSL_MD4 "yes")
+    set(WOLFSSL_DES3 "yes")
+    set(WOLFSSL_ALPN "yes")
+    set(WOLFSSL_OPENSSLEXTRA "yes")
+    set(WOLFSSL_CRL "yes")
+    set(WOLFSSL_OCSP "yes")
+    set(WOLFSSL_OCSPSTAPLING "yes")
+    set(WOLFSSL_OCSPSTAPLING_V2 "yes")
+    set(WOLFSSL_SNI "yes")
+    set(WOLFSSL_ALT_CERT_CHAINS "yes")
+    set(WOLFSSL_IP_ALT_NAME "yes")
+    set(WOLFSSL_SESSION_TICKET "yes")
+    set(WOLFSSL_WOLFSSH "yes")
+    list(APPEND WOLFSSL_DEFINITIONS
+        "-DNO_SESSION_CACHE_REF" "-DWOLFSSL_DES_ECB")
+endif()
+
+# ALPN
+add_option(WOLFSSL_ALPN
+    "Enable ALPN support (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_ALPN)
+        list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ALPN" "-DHAVE_TLS_EXTENSIONS")
+endif()
+
+# altcertchains
+add_option(WOLFSSL_ALT_CERT_CHAINS
+    "Enable support for Alternate certification chains (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_ALT_CERT_CHAINS)
+        list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_ALT_CERT_CHAINS")
+endif()
+
+# ip-alt-name
+add_option(WOLFSSL_IP_ALT_NAME
+    "Enable support for IP alternative name (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_IP_ALT_NAME)
+        list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_IP_ALT_NAME")
+endif()
+
+# wolfSSH
+add_option(WOLFSSL_WOLFSSH
+    "Enable support for wolfSSH (default: disabled)"
+    "no" "yes;no")
+
+if(WOLFSSL_WOLFSSH)
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_WOLFSSH")
+endif()
+
+if(WOLFSSL_WOLFSSH OR WOLFSSL_WPAS)
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_PUBLIC_MP")
+endif()
+
 # TODO: - DTLS-SCTP
 #       - DTLS multicast
 #       - OpenSSH
@@ -362,14 +463,11 @@ endif()
 #       - wpa_supplicant
 #       - Fortress
 #       - libwebsockets
-#       - IP alternative name
 #       - Qt
 #       - SSL bump
 #       - sniffer
 #       - Signal
 #       - OpenSSL coexist
-#       - OpenSSL compatibility all
-#       - OpenSSL compatibility extra
 #       - Max strength
 
 # Harden, enable Timing Resistance and Blinding by default
@@ -411,12 +509,7 @@ endif()
 
 if (WOLFSSL_OPENSSLEXTRA AND NOT WOLFSSL_OPENSSLCOEXIST)
     list(APPEND WOLFSSL_DEFINITIONS
-      "-DOPENSSL_EXTRA"
-      "-DWOLFSSL_ALWAYS_VERIFY_CB"
-      "-DWOLFSSL_VERIFY_CB_ALL_CERTS"
-      "-DWOLFSSL_EXTRA_ALERTS"
-      "-DHAVE_EXT_CACHE"
-      "-DWOLFSSL_FORCE_CACHE_ON_TICKET")
+      "-DOPENSSL_EXTRA")
 endif()
 
 if (WOLFSSL_OPENSSLALL)
@@ -426,7 +519,6 @@ if (WOLFSSL_OPENSSLALL)
       "-DWOLFSSL_ERROR_CODE_OPENSSL" "-DWOLFSSL_CERT_NAME_ALL")
 endif()
 
-
 # TODO: - IPv6 test apps
 
 set(WOLFSSL_SLOW_MATH "yes")
@@ -510,6 +602,15 @@ if(WOLFSSL_AESGCM)
     list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_AESGCM")
 endif()
 
+if(WOLFSSL_QUIC)
+    if(NOT WOLFSSL_TLS13)
+        message(FATAL_ERROR "TLS 1.3 is disabled - necessary for QUIC")
+    endif()
+    if(NOT WOLFSSL_AESGCM)
+        message(FATAL_ERROR "AES-GCM is disabled - necessary for QUIC")
+    endif()
+endif()
+
 # AES-SIV
 add_option("WOLFSSL_AESSIV"
     "Enable wolfSSL AES-SIV support (default: disabled)"
@@ -536,6 +637,11 @@ if(WOLFSSL_AESCTR AND NOT WOLFSSL_FORTRESS)
         "-DWOLFSSL_AES_DIRECT")
 endif()
 
+# ARIA
+add_option("WOLFSSL_ARIA"
+    "Enable wolfSSL ARIA support (default: disabled)"
+    "no" "yes;no")
+
 # AES-CCM
 add_option("WOLFSSL_AESCCM"
     "Enable wolfSSL AES-CCM support (default: disabled)"
@@ -1299,7 +1405,6 @@ endif()
 #       - CRL monitor
 #       - User crypto
 #       - Whitewood netRandom client library
-#       - SNI
 #       - Max fragment length
 #       - ALPN
 #       - Trusted CA indication
@@ -1315,8 +1420,14 @@ add_option(WOLFSSL_CRL
     "Enable CRL (Use =io for inline CRL HTTP GET) (default: disabled)"
     "no" "yes;no;io")
 
+
+set(SNI_DEFAULT "no")
+if(("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|x86|AMD64|arm64") OR
+    ("${CMAKE_SYSTEM_PROCESSOR}" STREQUAL "aarch64"))
+    set(SNI_DEFAULT "yes")
+endif()
 set(WOLFSSL_SNI_HELP_STRING "Enable SNI (default: disabled)")
-add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} "no" "yes;no")
+add_option(WOLFSSL_SNI ${WOLFSSL_SNI_HELP_STRING} ${SNI_DEFAULT} "yes;no")
 
 set(WOLFSSL_TLSX_HELP_STRING "Enable all TLS Extensions (default: disabled)")
 add_option(WOLFSSL_TLSX ${WOLFSSL_TLSX_HELP_STRING} "no" "yes;no")
@@ -1406,7 +1517,6 @@ endif()
 
 # TODO: - TLS extensions
 #       - Early data handshake
-#       - wolfSSH options
 #       - SCEP
 #       - Secure remote password
 #       - Indefinite length encoded messages
@@ -1561,8 +1671,11 @@ endif()
 
 # TODO: - Fast huge math
 
+# Set processor-specific build macros
 if("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "x86_64|AMD64")
     list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_X86_64_BUILD")
+elseif("${CMAKE_SYSTEM_PROCESSOR}" MATCHES "aarch64|arm64")
+    list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_AARCH64_BUILD")
 endif()
 
 # SP math all
@@ -1704,22 +1817,38 @@ if(WOLFSSL_SYS_CA_CERTS)
         message("Can't enable system CA certs without a filesystem.")
         override_cache(WOLFSSL_SYS_CA_CERTS "no")
     elseif(APPLE)
+        # Headers used for MacOS default system CA certs behavior. Only MacOS SDK will have this header
         check_include_file("Security/SecTrustSettings.h" HAVE_SECURITY_SECTRUSTSETTINGS_H)
-        if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H)
-            message("Can't enable system CA certs without Security/SecTrustSettings.h.")
-            override_cache(WOLFSSL_SYS_CA_CERTS "no")
-        else()
+        # Headers used for Apple native cert validation. All device SDKs should have these headers
+        check_include_file("Security/SecCertificate.h" HAVE_SECURITY_SECCERTIFICATE_H)
+        check_include_file("Security/SecTrust.h" HAVE_SECURITY_SECTRUST_H)
+        check_include_file("Security/SecPolicy.h" HAVE_SECURITY_SECPOLICY_H)
+        # Either Security/SecTrustSettings (for MacOS cert loading), or the
+        # trio of Security/SecCertificate.h, Security/SecTrust.h, and
+        # Security/SecPolicy.h (for native trust APIs on other apple devices)
+        # must be present. Default to SecTrustSettings method on MacOS.
+        if(HAVE_SECURITY_SECTRUSTSETTINGS_H OR (HAVE_SECURITY_SECCERTIFICATE_H
+                                                AND HAVE_SECURITY_SECTRUST_H
+                                                AND HAVE_SECURITY_SECPOLICY_H))
             find_library(CORE_FOUNDATION_FRAMEWORK CoreFoundation)
             if(NOT CORE_FOUNDATION_FRAMEWORK)
-                message("Can't enable system CA certs without CoreFoundation framework.")
-                override_cache(WOLFSSL_SYS_CA_CERTS "no")
+                message(FATAL_ERROR "Can't enable system CA certs without CoreFoundation framework.")
             else()
                 find_library(SECURITY_FRAMEWORK Security)
                 if(NOT SECURITY_FRAMEWORK)
-                    message("Can't enable system CA certs without Security framework.")
-                    override_cache(WOLFSSL_SYS_CA_CERTS "no")
+                    message(FATAL_ERROR "Can't enable system CA certs without Security framework.")
                 endif()
             endif()
+
+            # MacOS should not use native cert validation by default, but other apple devices should.
+            if(NOT HAVE_SECURITY_SECTRUSTSETTINGS_H AND HAVE_SECURITY_SECCERTIFICATE_H
+                                                    AND HAVE_SECURITY_SECTRUST_H
+                                                    AND HAVE_SECURITY_SECPOLICY_H)
+                list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_APPLE_NATIVE_CERT_VALIDATION")
+            endif()
+
+        else()
+            message(FATAL_ERROR "Can't enable system CA certs without Apple Security.framework headers.")
         endif()
     endif()
 
@@ -1774,6 +1903,42 @@ if(WOLFSSL_AESKEYWRAP)
         )
 endif()
 
+# Hybrid Public Key Encryption (RFC9180)
+add_option("WOLFSSL_HPKE"
+        "Enable wolfSSL hybrid public key encryption (default: disabled)"
+        "no" "yes;no")
+
+# Encrypted Client Hello (ECH)
+add_option("WOLFSSL_ECH"
+        "Enable wolfSSL encrypted client hello (default: disabled)"
+        "no" "yes;no")
+
+# Keying Material Exporter / TLS Exporter
+add_option("WOLFSSL_KEYING_MATERIAL"
+        "Enable wolfSSL keying material export (default: disabled)"
+        "no" "yes;no")
+
+if(WOLFSSL_HPKE)
+    if(NOT WOLFSSL_ECC)
+        message(FATAL_ERROR "HPKE supported only with ECC (WOLFSSL_ECC)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_HPKE")
+    override_cache(WOLFSSL_HKDF "yes")
+endif()
+
+if(WOLFSSL_ECH)
+    if(NOT WOLFSSL_HPKE)
+        message(FATAL_ERROR "ECH supported only with HPKE (WOLFSSL_HPKE)")
+    endif()
+    if(NOT WOLFSSL_SNI)
+        message(FATAL_ERROR "ECH supported only with SNI (WOLFSSL_SNI)")
+    endif()
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ECH")
+endif()
+
+if(WOLFSSL_KEYING_MATERIAL)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_KEYING_MATERIAL")
+endif()
 
 if(WOLFSSL_KEYGEN)
     list(APPEND WOLFSSL_DEFINITIONS "-DWOLFSSL_KEY_GEN")
@@ -1841,6 +2006,9 @@ if (WOLFSSL_CAAM)
    list(APPEND WOLFSSL_DEFINITIONS  "-DWOLFSSL_CAAM")
 endif()
 
+if (WOLFSSL_ARIA)
+   list(APPEND WOLFSSL_DEFINITIONS  "-DHAVE_ARIA")
+endif()
 
 # Generates the BUILD_* flags. These control what source files are included in
 # the library. A series of AM_CONDITIONALs handle this in configure.ac.
@@ -1922,7 +2090,6 @@ else()
    set(WOLFSSL_OUTPUT_BASE ${CMAKE_CURRENT_SOURCE_DIR})
 endif()
 set(OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/wolfssl/options.h")
-set(CYASSL_OPTION_FILE "${WOLFSSL_OUTPUT_BASE}/cyassl/options.h")
 
 file(REMOVE ${OPTION_FILE})
 
@@ -1952,14 +2119,6 @@ file(APPEND ${OPTION_FILE} "}\n")
 file(APPEND ${OPTION_FILE} "#endif\n\n\n")
 file(APPEND ${OPTION_FILE} "#endif /* WOLFSSL_OPTIONS_H */\n\n")
 
-# backwards compatibility for those who have included options or version
-file(REMOVE ${CYASSL_OPTION_FILE})
-file(APPEND ${CYASSL_OPTION_FILE} "/* cyassl options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " * generated from wolfssl/options.h\n")
-file(APPEND ${CYASSL_OPTION_FILE} " */\n")
-file(READ ${OPTION_FILE} OPTION_FILE_CONTENTS)
-file(APPEND ${CYASSL_OPTION_FILE} ${OPTION_FILE_CONTENTS})
-
 ####################################################
 # Library Target
 ####################################################
@@ -1974,13 +2133,69 @@ set(LIB_SOURCES "")
 # in the *.am files.
 generate_lib_src_list("${LIB_SOURCES}")
 if(BUILD_SHARED_LIBS)
+    message(STATUS "BUILD_SHARED_LIBS enabled: ${LIB_SOURCES}")
     add_library(wolfssl SHARED ${LIB_SOURCES})
 else()
+    message(STATUS "Static Libs: ${LIB_SOURCES}")
     add_library(wolfssl STATIC ${LIB_SOURCES})
 endif()
 
 add_library(wolfssl::wolfssl ALIAS wolfssl)
 
+if (NOT "$ENV{ARIA_DIR}" STREQUAL "")
+    message(STATUS "Found Environment variable ARIA_DIR=$ENV{ARIA_DIR}")
+    if(WOLFSSL_ARIA)
+        message(STATUS "wolfSSL WOLFSSL_ARIA is enabled")
+    else()
+        message(STATUS "wolfSSL WOLFSSL_ARIA is not enabled. To enable, specify a user_settings.h file or run: cmake .. -DWOLFSSL_ARIA=yes")
+        message(STATUS "Clear the ARIA_DIR environment variable to otherwise suppress this message when not using ARIA ciphers.")
+    endif()
+endif()
+
+# ARIA Check
+if(WOLFSSL_ARIA)
+    message(STATUS "WOLFSSL_ARIA is enabled")
+
+    find_package(ARIA)
+
+    if(ARIA_FOUND)
+        message(STATUS "ARIA find_package() success.")
+    else()
+        message(FATAL_ERROR "WOLFSSL_ARIA is enabled, but find_package() did not find ARIA MagicCrypto.\n"
+                            "Check ARIA_DIR environment variable and/or copy MagicCrypto directory locally.")
+    endif()
+
+    list(APPEND WOLFSSL_LINK_LIBS "${ARIA_LIB_FILE}")
+
+    # The cmake target_include_directories() will complain about local directories,
+    # so we'll handle MagicCrypto differently when found in wolfssl.
+    # see below to use include_directories() instead.
+    if(ARIA_IS_LOCAL)
+        # there's also a wolfssl port API to include, plus local ARIA include
+        include_directories("wolfssl/wolfcrypt/port/aria" "MagicCrypto/include")
+    else()
+        # see below for target_include_directories() instead
+        include_directories("wolfssl/wolfcrypt/port/aria")
+        message(STATUS "ARIA_IS_LOCAL is false, appending ${ARIA_INCLUDE_DIR} to WOLFSSL_INCLUDE_DIRS")
+        list(APPEND WOLFSSL_INCLUDE_DIRS "${ARIA_INCLUDE_DIR}")
+    endif()
+
+    add_library(MagicCrypto_lib
+        ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-crypt.c
+        ${CMAKE_CURRENT_SOURCE_DIR}/wolfcrypt/src/port/aria/aria-cryptocb.c
+    )
+
+    set_target_properties(MagicCrypto_lib PROPERTIES OUTPUT_NAME "MagicCrypto")
+    target_link_libraries(MagicCrypto_lib wolfssl)
+    target_compile_options(MagicCrypto_lib PRIVATE "-DHAVE_ARIA")
+
+    # ARIA was enabled and we successfully found it.
+    set(HAVE_ARIA 1)
+    list(APPEND WOLFSSL_DEFINITIONS "-DHAVE_ARIA")
+
+    message(STATUS "ARIA Check: WOLFSSL_LINK_LIBS    = ${WOLFSSL_LINK_LIBS}")
+endif()
+
 set_target_properties(wolfssl
     PROPERTIES
         SOVERSION ${LIBTOOL_SO_VERSION}
@@ -1997,6 +2212,12 @@ target_compile_definitions(wolfssl PUBLIC ${WOLFSSL_DEFINITIONS})
 # Include Directories
 ####################################################
 
+if("${WOLFSSL_INCLUDE_DIRS}" STREQUAL "")
+    message(STATUS "WOLFSSL_INCLUDE_DIRS is blank. No additional directories will be added.")
+else()
+    message(STATUS "WOLFSSL_INCLUDE_DIRS = ${WOLFSSL_INCLUDE_DIRS}")
+endif()
+
 target_include_directories(wolfssl
     PUBLIC
         $<INSTALL_INTERFACE:include>
@@ -2034,7 +2255,9 @@ endif()
 # Tests and Examples
 ####################################################
 
+enable_testing()
 if(WOLFSSL_EXAMPLES)
+
     # Build wolfSSL client example
     add_executable(client
         ${CMAKE_CURRENT_SOURCE_DIR}/examples/client/client.c)
@@ -2090,6 +2313,7 @@ if(WOLFSSL_EXAMPLES)
         tests/suites.c
         tests/w64wrapper.c
         tests/unit.c
+        tests/quic.c
         examples/server/server.c
         examples/client/client.c)
     target_include_directories(unit_test PRIVATE
@@ -2103,6 +2327,9 @@ if(WOLFSSL_EXAMPLES)
     set_property(TARGET unit_test
                  PROPERTY RUNTIME_OUTPUT_NAME
                  unit.test)
+    add_test(NAME unit_test
+             COMMAND $<TARGET_FILE:unit_test>
+             WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
 endif()
 
 if(WOLFSSL_CRYPT_TESTS)
@@ -2142,6 +2369,9 @@ if(WOLFSSL_CRYPT_TESTS)
     if(WOLFSSL_CRYPT_TESTS_HELP)
         target_compile_options(wolfcrypttest PRIVATE "-DHAVE_WOLFCRYPT_TEST_OPTIONS")
     endif()
+    add_test(NAME wolfcrypttest
+             COMMAND $<TARGET_FILE:wolfcrypttest>
+             WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR})
 
     # Build wolfCrypt benchmark executable.
     add_executable(wolfcryptbench
@@ -2165,7 +2395,6 @@ include(GNUInstallDirs)
 
 set(HEADER_EXCLUDE
   "internal.h"
-  "cyassl/ctaocrypt/port"
   "wolfssl/wolfcrypt/port/nrf51.h"
   "wolfssl/wolfcrypt/port/arm"
   "wolfssl/wolfcrypt/port/cypress"
@@ -2310,19 +2539,10 @@ install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/wolfssl/
         DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
         FILES_MATCHING PATTERN "*.h"
         REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${WOLFSSL_OUTPUT_BASE}/cyassl/
-        DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
-        FILES_MATCHING PATTERN "*.h"
-        REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
 install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/
         DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/wolfssl
         FILES_MATCHING PATTERN "*.h"
         REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-install(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/cyassl/
-        DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}/cyassl
-        FILES_MATCHING PATTERN "*.h"
-        REGEX ${EXCLUDED_HEADERS_REGEX} EXCLUDE)
-
 
 # Install the examples
 install(FILES ${INSTALLED_EXAMPLES}
diff --git a/extra/wolfssl/wolfssl/ChangeLog.md b/extra/wolfssl/wolfssl/ChangeLog.md
index 440c52d0..586adaa4 100644
--- a/extra/wolfssl/wolfssl/ChangeLog.md
+++ b/extra/wolfssl/wolfssl/ChangeLog.md
@@ -1,3 +1,152 @@
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
+
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+
+REMINDER: When working with AES Block Cipher algorithms, `wc_AesInit()` should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
+
+## Vulnerabilities
+
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with `--enable-all`). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
+
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional `WOLFSSL_CALLBACKS` has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of `WOLFSSL_CALLBACKS` on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
+
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`� configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
+
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
+
+## New Feature Additions
+
+* Build option for disabling CRL date checks (`WOLFSSL_NO_CRL_DATE_CHECK`) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (`--enable-srtp-kdf`) (PR 6888)
+* Add `wolfSSL_EXTENDED_KEY_USAGE_free()` (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (`--enable-aes-bitsliced`) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
+
+## Enhancements and Optimizations
+
+* Better built in testing of “`--sys-ca-certs`� configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “`--enable-quic`� to “`--enable-all`� configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “`HAVE___UINT128_T`� to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into `ssl_crypto.c` file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
+
+## Fixes
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in `wolfSSL_i2d_X509()` (PR 6891)
+* Fix for `EVP_EncodeBlock()` appending a newline (PR 6900)
+* Fix for `wolfSSL_RSA_verify_PKCS1_PSS()` with `RSA_PSS_SALTLEN_AUTO` (PR 6938)
+* Fixes for CODESonar reports around `isalpha()` and `isalnum()` calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for `WOLFSSL_CALLBACKS` and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (`FREESCALE_MMCAU`) (PR 6970)
+* Fix for TLS 1.3 `SendBuffered()` return code in non-blocking mode (PR 7001)
+* Fix for TLS `Hmac_UpdateFinal()` when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to `wc_AesInit()` before `wc_AesSetKey()` (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
+
+# wolfSSL Release 5.6.4 (Oct 30, 2023)
+
+Release 5.6.4 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+      * Old CyaSSL/CtaoCrypt shim layer was removed in this release (5.6.4)
+
+## Vulnerabilities
+
+* [Medium] A fix was added, but still under review for completeness, for a Bleichenbacher style attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a large number of trial connections. This issue is around RSA decryption and affects static RSA cipher suites on the server side, which are not recommended to be used and are off by default. Static RSA cipher suites were also removed from the TLS 1.3 protocol and only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It's recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. The fix is located in this pull request (https://github.com/wolfSSL/wolfssl/pull/6896)
+
+## New Feature Additions
+
+* DTLS 1.3 PQC: support fragmenting the second ClientHello message. This allows arbitrarily long keys to be used, opening up support for all PQC ciphersuites in DTLS 1.3.
+* SM2/SM3/SM4: Chinese cipher support including TLS 1.3 and 1.2 cipher suites. SM2 SP implementation available.
+* Ability to parse ASN1 only with SMIME_read_PKCS7
+* Added support for MemUse Entropy on Windows
+* Added Ada Bindings for wolfSSL
+* Added a PEM example that converts to and from DER/PEM.
+* Added LMS/HSS and XMSS/XMSS^MT wolfcrypt hooks, both normal and verify-only options.
+* Added support for the AES EAX mode of operation
+* Port for use with Hitch (https://github.com/varnish/hitch) added
+* Add XTS API's to handle multiple sectors in new port to VeraCrypt
+
+## Enhancements and Optimizations
+
+* Turned on SNI by default on hosts with resources
+* Improved support for Silicon Labs Simplicity Studio and the ERF32 Gecko SDK
+* Thumb-2 and ARM32 Curve25519 and Ed25519 assembly have significantly improved performance.
+* Thumb-2 AES assembly code added.
+* Thumb-2 and ARM32 SP implementations of RSA, DH and ECC have significantly improved performance.
+* Minor performance improvements to SP ECC for Intel x64.
+* AES-XTS assembly code added for Intel x64, Aarch64 and ARM32.
+* Added support for X963 KDFs to ECIES.
+* Added 32-bit type only implementation of AES GMULT using tables.
+* Add support for nginx version 1.25.0
+* Add support for Kerberos version 5 1.21.1
+* Check all CRL entries in case a single issuer has multiple CRL's loaded
+* CRL verify the entire chain including loaded CA's
+* Added example for building wolfSSL as an Apple universal binary framework using configure
+* Sniffer tool now supports decrypting TLS sessions using secrets obtained from a SSLKEYLOGFILE
+* Updates made for EBSNET port
+* Update "--enable-jni" to include additional defines for expanded JNI support. Also includes JCE and JSSE builds under the single enable option now.
+
+## Fixes
+
+* Fixed error handling when decrypted pre-master secret is too long when using static RSA.
+* Added a fix for keymod use with i.MX RT1170 CAAM blobs
+* Added a fix for AES-GCM use with Petalinux Xilinx
+* Fixed `wc_SignatureGenerate_ex` to not call verify twice
+* Fixed wolfCrypt FIPS DLL on Win32
+* Fixed TFM math library big-endian reading implementation when a zero length buffer is passed in.
+* Fixed NO_CERT configurations to build correctly.
+* Fixed ARM AES-GCM streaming assembly when –enable-opensslextra defined.
+* Added modulus checks to heap math implementation of mp_exptmod().
+* Fixed Windows assembly code to handle that certain XMM registers are non-volatile.
+* Aarch64 SP ECC implementation of sp_256_mont_dbl_4 has the register list for the assembly code fixed to include all used registers.
+* mp_sqrt_mod_prime fixed to limit the number of iterations of a loop to handle malicious non-prime values being passed in.
+* Ignore session ID's shorter than 32 bytes instead of erroring out
+
 # wolfSSL Release 5.6.3 (Jun 16, 2023)
 
 Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
@@ -7,7 +156,6 @@ Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
 * Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
 * Improvements to SendAlert for getting output buffer.
 
-
 # wolfSSL Release 5.6.2 (Jun 09, 2023)
 
 Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
@@ -3255,7 +3403,7 @@ More info can be found on-line at //http://wolfssl.com/yaSSL/Docs.html
   a) If using wolfSSL for DTLS on the server side of a publicly accessible
      machine you MUST update.
   b) If using wolfSSL for TLS on the server side with private RSA keys allowing
-     ephemeral key exchange without low memory optimziations you MUST update and
+     ephemeral key exchange without low memory optimizations you MUST update and
      regenerate the private RSA keys.
 
      Please see https://www.wolfssl.com/wolfSSL/Blog/Blog.html for more details
diff --git a/extra/wolfssl/wolfssl/Docker/Dockerfile b/extra/wolfssl/wolfssl/Docker/Dockerfile
index 60c69247..388169e6 100644
--- a/extra/wolfssl/wolfssl/Docker/Dockerfile
+++ b/extra/wolfssl/wolfssl/Docker/Dockerfile
@@ -5,21 +5,49 @@ USER root
 
 ARG DEPS_WOLFSSL="build-essential autoconf libtool clang clang-tools zlib1g-dev libuv1-dev libpam0g-dev valgrind git linux-headers-generic gcc-multilib g++-multilib libpcap-dev bubblewrap gdb iputils-ping lldb bsdmainutils netcat binutils-arm-linux-gnueabi binutils-aarch64-linux-gnu"
 ARG DEPS_LIBOQS="astyle cmake gcc ninja-build libssl-dev python3-pytest python3-pytest-xdist unzip xsltproc doxygen graphviz python3-yaml valgrind git"
+ARG DEPS_UDP_PROXY="wget libevent-dev"
 ARG DEPS_TESTS="abi-dumper libcurl4-openssl-dev tcpdump"
+ARG DEPS_TOOLS="ccache"
 RUN DEBIAN_FRONTEND=noninteractive apt update && apt install -y apt-utils \
-                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_TESTS} \
+                    && apt install -y ${DEPS_WOLFSSL} ${DEPS_LIBOQS} ${DEPS_UDP_PROXY} ${DEPS_TESTS} ${DEPS_TOOLS} \
                     && apt clean -y && rm -rf /var/lib/apt/lists/*
 
+# Add 'docker' user
 ARG USER=docker
 ARG UID=1000
 ARG GID=1000
 RUN groupadd -f -g ${GID} docker && ( getent passwd ${UID} || useradd -ms /bin/bash ${USER} -u ${UID} -g ${GID} )
 
+# Add github.com as an SSH known host
+RUN ssh -o StrictHostKeyChecking=no -T git@github.com; cat ~/.ssh/known_hosts >> /etc/ssh/ssh_known_hosts
+
+# install ccache
+RUN mkdir -p /opt/ccache/bin && for prog in gcc g++ cc c++ cpp arm-none-eabi-c++ arm-none-eabi-cpp arm-none-eabi-gcc arm-none-eabi-g++; do ln -s /usr/bin/ccache /opt/ccache/bin/$(basename $prog); done
+ENV PATH /opt/ccache/bin:$PATH
+
 # install liboqs
-RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82 \
+RUN git clone --single-branch https://github.com/open-quantum-safe/liboqs.git && cd liboqs && git checkout db08f12b5a96aa6582a82aac7f65cf8a4d8b231f \
     && mkdir build && cd build && cmake -DOQS_DIST_BUILD=ON -DOQS_USE_CPUFEATURE_INSTRUCTIONS=OFF -DOQS_USE_OPENSSL=0 .. && make -j8 all && make install && cd ../.. && rm -rf liboqs
 
+RUN mkdir /opt/sources
+
+# install liblms
+RUN cd /opt/sources && git clone --single-branch https://github.com/cisco/hash-sigs.git && cd hash-sigs && git checkout b0631b8891295bf2929e68761205337b7c031726 \
+    && sed -i 's/USE_OPENSSL 1/USE_OPENSSL 0/g' sha256.h && make -j4 hss_lib_thread.a
+
+# Install pkixssh to /opt/pkixssh for X509 interop testing with wolfSSH
+RUN mkdir /var/empty
+RUN cd /opt/sources && wget -q -O- https://roumenpetrov.info/secsh/src/pkixssh-14.1.1.tar.gz | tar xzf - && cd pkixssh-14.1.1 && ./configure --prefix=/opt/pkixssh/ --exec-prefix=/opt/pkixssh/ && make install
+
+# Install udp/tcp-proxy
+RUN cd /opt/sources && git clone --depth=1 --single-branch --branch=main http://github.com/wolfssl/udp-proxy && cd udp-proxy && make && cp tcp_proxy udp_proxy /bin/.
+
 # Allow non-root to use tcpdump (will need NET_RAW and NET_ADMIN capability when running the container)
 RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/tcpdump
+# Allow non-root to use gdb on processes (will need SYS_PTRACE capability when running the container)
+RUN setcap 'CAP_SYS_PTRACE+eip' /usr/bin/gdb
+
+# Add in Jenkins userID
+RUN for i in $(seq 1001 1010); do ( getent passwd ${i} || useradd -ms /bin/bash jenkins${i} -u ${i} -g ${GID} ); done
 
-USER ${UID}:${GID}
\ No newline at end of file
+USER ${UID}:${GID}
diff --git a/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler b/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler
new file mode 100644
index 00000000..a89a9d5b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/Dockerfile.cross-compiler
@@ -0,0 +1,11 @@
+ARG DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder
+FROM $DOCKER_BASE_IMAGE
+
+USER root
+
+ARG DEPS_TESTING="gcc-arm-linux-gnueabi gcc-aarch64-linux-gnu"
+RUN DEBIAN_FRONTEND=noninteractive apt update \
+                    && apt install -y ${DEPS_TESTING} \
+                    && apt clean -y && rm -rf /var/lib/apt/lists/*
+
+USER docker
diff --git a/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh b/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
index 15ee3fc9..1585da5d 100755
--- a/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
+++ b/extra/wolfssl/wolfssl/Docker/OpenWrt/runTests.sh
@@ -1,23 +1,27 @@
 #!/bin/sh
 
 runCMD() { # usage: runCMD "<command>" "<retVal>"
-    eval $1 >/dev/null 2>&1
+    TMP_FILE=$(mktemp)
+    eval $1 > $TMP_FILE 2>&1
     RETVAL=$?
     if [ "$RETVAL" != "$2" ]; then
-        echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
-        eval $1
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Error output:"
+        cat $TMP_FILE
         exit 1
     fi
 }
 
 # Successful tests
 runCMD "ldd /lib/libustream-ssl.so" 0
+# Temporary workaround: comment out missing kmods repo line for 21.02 specifically.
+# Remove after fixed upstream.
+runCMD "sed '\/src\/gz openwrt_kmods https:\/\/downloads.openwrt.org\/releases\/21.02-SNAPSHOT\/targets\/x86\/64\/kmods\/5.4.238-1-5a722da41bc36de95a7195be6fce1b45/s//#&/' -i /etc/opkg/distfeeds.conf" 0
 runCMD "opkg update" 0
-runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+runCMD "uclient-fetch 'https://letsencrypt.org'" 0
 # Negative tests
-runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
-runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
-runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+runCMD "uclient-fetch --ca-certificate=/dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch 'https://expired.badssl.com/'" 5
 
 echo "All tests passed."
diff --git a/extra/wolfssl/wolfssl/Docker/README.md b/extra/wolfssl/wolfssl/Docker/README.md
index 8855aba3..8cb3d603 100644
--- a/extra/wolfssl/wolfssl/Docker/README.md
+++ b/extra/wolfssl/wolfssl/Docker/README.md
@@ -1,7 +1,10 @@
 # Overview
-This is a simple Docker environment for compiling and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
+This is a Docker environment for compiling, testing and running WolfSSL. Use `run.sh` to build everything (Docker container, WolfSSL, etc.). This script takes in arguments that can be passed to `./configure`. For example: `run.sh --enable-all`
 
-When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment.
+When the compilation and tests succeed, you will be dropped in to a shell environment within the container. This can be useful to build other things within the environment. Additional tests can be run as well as debugging of code.
+
+# Docker Hub
+These images are also uploaded to the wolfSSL's [Docker Hub page](https://hub.docker.com/orgs/wolfssl/repositories). There is a convenience script here `buildAndPush.sh` that will create the appropriate containers and push them to the repo.
 
 # FAQ
 ## permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock
@@ -10,4 +13,4 @@ You need to be added to the `docker` group to run Docker containers. Run `sudo u
 ## Unable to access symlinked files outside of WolfSSL
 The volume mounted in the Docker container needs to have all files that your compilation will need. To solve this, you have a couple options:
 1. Change the `WOLFSSL_DIR` variable in the `run.sh` to one higher up (by adding `/..` to the path). Then update the `docker build` to include the correct path to the Dockerfile and the `docker run` argument to the working directory (`-w`) to the WolfSSL source directory
-2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.
\ No newline at end of file
+2. Move the external repository to within the WolfSSL directory. For example create an `external` folder which has your files. This route may have complications when stashing Git work.
diff --git a/extra/wolfssl/wolfssl/Docker/buildAndPush.sh b/extra/wolfssl/wolfssl/Docker/buildAndPush.sh
new file mode 100755
index 00000000..d66e2c84
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/buildAndPush.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# Assume we're in wolfssl/Docker
+WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
+
+DOCKER_BUILD_OPTIONS="$1"
+if [ "${DOCKER_BASE_IMAGE}" != "" ]; then
+    DOCKER_BUILD_OPTIONS+=" --build-arg DOCKER_BASE_IMAGE=${DOCKER_BASE_IMAGE}"
+fi
+
+NUM_FAILURES=0
+
+CUR_DATE=$(date -u +%F)
+echo "Building wolfssl/wolfssl-builder:${CUR_DATE} as ${DOCKER_BUILD_OPTIONS}"
+docker build -t wolfssl/wolfssl-builder:${CUR_DATE} ${DOCKER_BUILD_OPTIONS} "${WOLFSSL_DIR}/Docker" && \
+    docker tag wolfssl/wolfssl-builder:${CUR_DATE} wolfssl/wolfssl-builder:latest && \
+    docker build --build-arg DOCKER_BASE_IMAGE=wolfssl/wolfssl-builder:${CUR_DATE} -t wolfssl/testing-cross-compiler:${CUR_DATE} "${WOLFSSL_DIR}/Docker" -f Dockerfile.cross-compiler && \
+    docker tag wolfssl/testing-cross-compiler:${CUR_DATE} wolfssl/testing-cross-compiler:latest
+
+if [ $? -eq 0 ]; then
+    echo "Pushing containers to DockerHub"
+    docker push wolfssl/wolfssl-builder:${CUR_DATE} && docker push wolfssl/wolfssl-builder:latest && \
+        docker push wolfssl/testing-cross-compiler:${CUR_DATE} && docker push wolfssl/testing-cross-compiler:latest
+else
+    echo "Warning: Build wolfssl/wolfssl-builder failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Building wolfssl/wolfCLU:${CUR_DATE}"
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:${CUR_DATE} --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU" && \
+docker buildx build --pull --push --build-arg DUMMY=${CUR_DATE} -t wolfssl/wolfclu:latest      --platform=linux/amd64,linux/arm64,linux/arm/v7 "${WOLFSSL_DIR}/Docker/wolfCLU"
+if [ $? -ne 0 ]; then
+    echo "Warning: Build wolfssl/wolfclu failed. Continuing"
+    ((NUM_FAILURES++))
+fi
+
+echo "Script completed in $SECONDS seconds. Had $NUM_FAILURES failures."
diff --git a/extra/wolfssl/wolfssl/Docker/include.am b/extra/wolfssl/wolfssl/Docker/include.am
index dd78194d..4dc5f5ff 100644
--- a/extra/wolfssl/wolfssl/Docker/include.am
+++ b/extra/wolfssl/wolfssl/Docker/include.am
@@ -3,9 +3,11 @@
 # All paths should be given relative to the root
 
 EXTRA_DIST+= Docker/Dockerfile
+EXTRA_DIST+= Docker/Dockerfile.cross-compiler
 EXTRA_DIST+= Docker/run.sh
 EXTRA_DIST+= Docker/README.md
 
+ignore_files+=Docker/buildAndPush.sh
 ignore_files+=Docker/OpenWRT/Dockerfile
 ignore_files+=Docker/OpenWRT/runTests.sh
 ignore_files+=Docker/OpenWRT/README.md
diff --git a/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile b/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile
new file mode 100644
index 00000000..87b0c1c8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/packaging/debian/Dockerfile
@@ -0,0 +1,6 @@
+FROM debian:latest
+
+RUN apt-get -y update
+RUN apt-get -y upgrade
+RUN apt-get install -y build-essential autoconf gawk debhelper lintian
+
diff --git a/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile b/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile
new file mode 100644
index 00000000..3a403b34
--- /dev/null
+++ b/extra/wolfssl/wolfssl/Docker/packaging/fedora/Dockerfile
@@ -0,0 +1,3 @@
+FROM fedora:latest
+
+RUN dnf install -y make automake gcc rpmdevtools
diff --git a/extra/wolfssl/wolfssl/Docker/run.sh b/extra/wolfssl/wolfssl/Docker/run.sh
index c2f41ac2..3820425b 100755
--- a/extra/wolfssl/wolfssl/Docker/run.sh
+++ b/extra/wolfssl/wolfssl/Docker/run.sh
@@ -5,9 +5,9 @@ echo "Running with \"${*}\"..."
 # Assume we're in wolfssl/Docker
 WOLFSSL_DIR=$(builtin cd ${BASH_SOURCE%/*}/..; pwd)
 
-docker build -t wolfssl --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
-  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
-  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl /bin/bash
+docker build -t wolfssl/wolfssl-builder --build-arg UID=$(id -u) --build-arg GID=$(id -g) "${WOLFSSL_DIR}/Docker" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash -c "./autogen.sh && ./configure ${*@Q} && make" && \
+  docker run --rm -it -v ${HOME}/.gitconfig:/home/docker/.gitconfig:ro -v ${HOME}/.ssh:/home/docker/.ssh:ro -v "${WOLFSSL_DIR}:/tmp/wolfssl" -w /tmp/wolfssl wolfssl/wolfssl-builder /bin/bash
 
 exitval=$?
 echo "Exited with error code $exitval"
diff --git a/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile b/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
index deb388d8..4c07e853 100644
--- a/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
+++ b/extra/wolfssl/wolfssl/Docker/wolfCLU/Dockerfile
@@ -21,6 +21,6 @@ USER root
 COPY --from=BUILDER /usr/local/lib/libwolfssl.so /usr/local/lib/
 COPY --from=BUILDER /usr/local/bin/wolfssl* /usr/local/bin/
 RUN ldconfig
-CMD ["/usr/local/bin/wolfssl"]
+ENTRYPOINT ["/usr/local/bin/wolfssl"]
 LABEL org.opencontainers.image.source=https://github.com/wolfssl/wolfssl
 LABEL org.opencontainers.image.description="Simple wolfCLU in a container"
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md b/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
index f7d9788b..4c4e10da 100644
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/README.md
@@ -2,10 +2,11 @@
 
 ##### Reformatting wolfSSL as a compatible Arduino Library
 This is a shell script that will re-organize the wolfSSL library to be 
-compatible with Arduino projects. The Arduino IDE requires a library's source
-files to be in the library's root directory with a header file in the name of 
-the library. This script moves all src/ files to the `IDE/ARDUINO/wolfSSL`
-directory and creates a stub header file called `wolfssl.h`.
+compatible with Arduino projects that use Arduino IDE 1.5.0 or newer. 
+The Arduino IDE requires a library's source files to be in the library's root 
+directory with a header file in the name of the library. This script moves all 
+src/ files to the `IDE/ARDUINO/wolfSSL/src` directory and creates a stub header
+file called `wolfssl.h` inside that directory.
 
 Step 1: To configure wolfSSL with Arduino, enter the following from within the
 wolfssl/IDE/ARDUINO directory:
@@ -15,7 +16,7 @@ wolfssl/IDE/ARDUINO directory:
 Step 2: Copy the directory wolfSSL that was just created to:
 `~/Documents/Arduino/libraries/` directory so the Arduino IDE can find it.
 
-Step 3: Edit `<arduino-libraries>/wolfSSL/user_settings.h`
+Step 3: Edit `<arduino-libraries>/wolfSSL/src/user_settings.h`
 If building for Intel Galileo platform add: `#define INTEL_GALILEO`.
 Add any other custom settings, for a good start see the examples in wolfssl root
 "/examples/configs/user_settings_*.h"
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino b/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
index b50e9f12..61362ae9 100644
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/sketches/wolfssl_client/wolfssl_client.ino
@@ -19,10 +19,18 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/*
+ This was original tested with Intel Galileo acting as the Client, with a 
+laptop acting as a server using the server example provided in examples/server.
+Legacy Ardunio v1.86 was used to compile and program the Galileo 
+*/
 
+#define USE_CERT_BUFFERS_2048
 #include <wolfssl.h>
 #include <wolfssl/ssl.h>
 #include <Ethernet.h>
+#include <wolfssl/certs_test.h>
+
 
 const char host[] = "192.168.1.148"; /* server to connect to */
 const int port = 11111; /* port on server to connect to */
@@ -37,123 +45,132 @@ WOLFSSL_CTX* ctx = NULL;
 WOLFSSL* ssl = NULL;
 
 void setup() {
-  WOLFSSL_METHOD* method;
-
-  Serial.begin(9600);
-
-  method = wolfTLSv1_2_client_method();
-  if (method == NULL) {
-    Serial.println("unable to get method");
+    WOLFSSL_METHOD* method;
+    /* Initialize Return Code */
+    int rc;
+    Serial.begin(9600);
+    /* Delay need to ensure connection to server */
+    delay(4000);
+
+    method = wolfTLSv1_2_client_method();
+    if (method == NULL) {
+        Serial.println("unable to get method");
     return;
-  }
-  ctx = wolfSSL_CTX_new(method);
-  if (ctx == NULL) {
-    Serial.println("unable to get ctx");
+    }
+    ctx = wolfSSL_CTX_new(method);
+    if (ctx == NULL) {
+        Serial.println("unable to get ctx");
+    return;
+    }
+    /* initialize wolfSSL using callback functions */
+    wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
+    rc = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,\
+                                        sizeof_ca_cert_der_2048,\
+                                        WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of load_verify is:");
+    Serial.println(rc);
+    Serial.println("");
+    rc = wolfSSL_CTX_use_certificate_buffer(ctx, client_cert_der_2048,\
+                                            sizeof_client_cert_der_2048,\
+                                            WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of use_certificate_buffer is:");
+    Serial.println(rc);
+    Serial.println("");
+    rc = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,\
+                                            sizeof_client_key_der_2048,\
+                                            WOLFSSL_FILETYPE_ASN1);
+    Serial.print("\n\n Return code of use_PrivateKey_buffer is:");
+    Serial.println(rc);
+    Serial.println("");
+    wolfSSL_SetIOSend(ctx, EthernetSend);
+    wolfSSL_SetIORecv(ctx, EthernetReceive);
     return;
-  }
-  /* initialize wolfSSL using callback functions */
-  wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0);
-  wolfSSL_SetIOSend(ctx, EthernetSend);
-  wolfSSL_SetIORecv(ctx, EthernetReceive);
-  
-  return;
 }
 
 int EthernetSend(WOLFSSL* ssl, char* msg, int sz, void* ctx) {
-  int sent = 0;
-
-  sent = client.write((byte*)msg, sz);
-
-  return sent;
+    int sent = 0;
+    sent = client.write((byte*)msg, sz);
+    return sent;
 }
 
 int EthernetReceive(WOLFSSL* ssl, char* reply, int sz, void* ctx) {
-  int ret = 0;
-
-  while (client.available() > 0 && ret < sz) {
-    reply[ret++] = client.read();
-  }
-
-  return ret;
+    int ret = 0;
+    while (client.available() > 0 && ret < sz) {
+        reply[ret++] = client.read();
+    }
+    return ret;
 }
 
 void loop() {
-  int err            = 0;
-  int input          = 0;
-  int total_input    = 0;
-  char msg[32]       = "hello wolfssl!";
-  int msgSz          = (int)strlen(msg);
-  char errBuf[80];
-  char reply[80];
-  const char* cipherName;
-    
-  if (reconnect) {
-    reconnect--;
-    
-    if (client.connect(host, port)) {
-
-      Serial.print("Connected to ");
-      Serial.println(host);
-
-      ssl = wolfSSL_new(ctx);
-      if (ssl == NULL) {
-        Serial.println("Unable to allocate SSL object");
-        return;
-      }
-
-      err = wolfSSL_connect(ssl);
-      if (err != WOLFSSL_SUCCESS) {
-        err = wolfSSL_get_error(ssl, 0);
-        wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("TLS Connect Error: ");
-        Serial.println(errBuf);
-      }
-
-      Serial.print("SSL version is ");
-      Serial.println(wolfSSL_get_version(ssl));
-      
-      cipherName = wolfSSL_get_cipher(ssl);
-      Serial.print("SSL cipher suite is ");
-      Serial.println(cipherName);
-
-      if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
-        
-        Serial.print("Server response: ");
-        /* wait for data */
-        while (!client.available()) {}
-        /* read data */
-        while (wolfSSL_pending(ssl)) {
-          input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
-          total_input += input;
-          if (input < 0) {
-            err = wolfSSL_get_error(ssl, 0);
-            wolfSSL_ERR_error_string(err, errBuf);
-            Serial.print("TLS Read Error: ");
-            Serial.println(errBuf);
-            break;
-          } else if (input > 0) {
-            reply[input] = '\0';
-            Serial.print(reply);
-          } else {
-            Serial.println();
-          }
-        } 
-      } else {
-        err = wolfSSL_get_error(ssl, 0);
-        wolfSSL_ERR_error_string(err, errBuf);
-        Serial.print("TLS Write Error: ");
-        Serial.println(errBuf);
-      }
-      
-      wolfSSL_shutdown(ssl);
-      wolfSSL_free(ssl);
-
-      client.stop();
-      Serial.println("Connection complete.");
-      reconnect = 0;
-    } else {
-      Serial.println("Trying to reconnect...");
+    int err            = 0;
+    int input          = 0;
+    int total_input    = 0;
+    char msg[32]       = "hello wolfssl!";
+    int msgSz          = (int)strlen(msg);
+    char errBuf[80];
+    char reply[80];
+    const char* cipherName;
+    if (reconnect) {
+        reconnect--;
+        if (client.connect(host, port)) {
+            Serial.print("Connected to ");
+            Serial.println(host);
+            ssl = wolfSSL_new(ctx);
+            if (ssl == NULL) {
+                Serial.println("Unable to allocate SSL object");
+                return;
+            }
+            err = wolfSSL_connect(ssl);
+            if (err != WOLFSSL_SUCCESS) {
+                err = wolfSSL_get_error(ssl, 0);
+                wolfSSL_ERR_error_string(err, errBuf);
+                Serial.print("TLS Connect Error: ");
+                Serial.println(errBuf);
+            }
+            Serial.print("SSL version is ");
+            Serial.println(wolfSSL_get_version(ssl));
+            cipherName = wolfSSL_get_cipher(ssl);
+            Serial.print("SSL cipher suite is ");
+            Serial.println(cipherName);
+            if ((wolfSSL_write(ssl, msg, msgSz)) == msgSz) {
+                Serial.print("Server response: ");
+                /* wait for data */
+                while (!client.available()) {}
+                /* read data */
+                while (wolfSSL_pending(ssl)) {
+                    input = wolfSSL_read(ssl, reply, sizeof(reply) - 1);
+                    total_input += input;
+                    if (input < 0) {
+                        err = wolfSSL_get_error(ssl, 0);
+                        wolfSSL_ERR_error_string(err, errBuf);
+                        Serial.print("TLS Read Error: ");
+                        Serial.println(errBuf);
+                        break;
+                    } 
+                    else if (input > 0) {
+                        reply[input] = '\0';
+                        Serial.print(reply);
+                    }
+                    else {
+                        Serial.println();
+                    }
+                } 
+            }
+            else {
+                err = wolfSSL_get_error(ssl, 0);
+                wolfSSL_ERR_error_string(err, errBuf);
+                Serial.print("TLS Write Error: ");
+                Serial.println(errBuf);
+            }
+            wolfSSL_shutdown(ssl);
+            wolfSSL_free(ssl);
+            client.stop();
+            Serial.println("Connection complete.");
+            reconnect = 0;
+        }
+        else {
+            Serial.println("Trying to reconnect...");
+        }
     }
-  }
-  delay(1000);
+    delay(1000);
 }
diff --git a/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh b/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
index e1267a86..107f99b1 100755
--- a/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
+++ b/extra/wolfssl/wolfssl/IDE/ARDUINO/wolfssl-arduino.sh
@@ -4,86 +4,141 @@
 # an Arduino project
 # run as bash ./wolfssl-arduino.sh
 
-DIR=${PWD##*/}
+ROOT_DIR="/wolfSSL"
+ROOT_SRC_DIR="${ROOT_DIR}/src"
+WOLFSSL_SRC="${ROOT_SRC_DIR}/src"
+WOLFSSL_HEADERS="${ROOT_SRC_DIR}/wolfssl"
+WOLFCRYPT_ROOT="${ROOT_SRC_DIR}/wolfcrypt"
+WOLFCRYPT_SRC="${WOLFCRYPT_ROOT}/src"
+WOLFCRYPT_HEADERS="${WOLFSSL_HEADERS}/wolfcrypt"
+OPENSSL_DIR="${WOLFSSL_HEADERS}/openssl"
+WOLFSSL_VERSION="5.6.4"
 
-space(){
-    echo "" >> "$1"
-}
+# TOP indicates the file directory comes from the top level of the wolfssl repo
+TOP_DIR="../.."
+WOLFSSL_SRC_TOP="${TOP_DIR}/src"
+WOLFSSL_HEADERS_TOP="${TOP_DIR}/wolfssl"
+WOLFCRYPT_ROOT_TOP="${TOP_DIR}/wolfcrypt"
+WOLFCRYPT_SRC_TOP="${WOLFCRYPT_ROOT_TOP}/src"
+WOLFCRYPT_HEADERS_TOP="${WOLFSSL_HEADERS_TOP}/wolfcrypt"
+OPENSSL_DIR_TOP="${WOLFSSL_HEADERS_TOP}/openssl"
 
-if [ "$DIR" = "ARDUINO" ]; then
-	if [ ! -d "wolfSSL" ]; then
-	    mkdir wolfSSL
-    fi
 
-    cp ../../src/*.c ./wolfSSL
-    cp ../../wolfcrypt/src/*.c ./wolfSSL
+# TODO: Parse version number
+WOLFSSL_VERSION=$(grep -i "LIBWOLFSSL_VERSION_STRING" ${TOP_DIR}/wolfssl/version.h | cut -d '"' -f 2)
+
 
-    if [ ! -d "wolfSSL/wolfssl" ]; then
-	    mkdir wolfSSL/wolfssl
+DIR=${PWD##*/}
+
+if [ "$DIR" = "ARDUINO" ]; then
+	if [ ! -d ".${ROOT_DIR}" ]; then
+	    mkdir .${ROOT_DIR}
     fi
-    cp ../../wolfssl/*.h ./wolfSSL/wolfssl
-    if [ ! -d "wolfSSL/wolfssl/wolfcrypt" ]; then
-        mkdir wolfSSL/wolfssl/wolfcrypt
+    if [ ! -d ".${ROOT_SRC_DIR}" ]; then
+	    mkdir .${ROOT_SRC_DIR}
     fi
-    cp ../../wolfssl/wolfcrypt/*.h ./wolfSSL/wolfssl/wolfcrypt
 
-    # support misc.c as include in wolfcrypt/src
-    if [ ! -d "./wolfSSL/wolfcrypt" ]; then
-        mkdir ./wolfSSL/wolfcrypt
+    if [ ! -d ".${WOLFSSL_HEADERS}" ]; then
+	    mkdir .${WOLFSSL_HEADERS}
     fi
-    if [ ! -d "./wolfSSL/wolfcrypt/src" ]; then
-        mkdir ./wolfSSL/wolfcrypt/src
+
+    cp ${WOLFSSL_HEADERS_TOP}/*.h .${WOLFSSL_HEADERS}
+    if [ ! -d ".${WOLFCRYPT_HEADERS}" ]; then
+        mkdir .${WOLFCRYPT_HEADERS}
     fi
-    cp ../../wolfcrypt/src/misc.c ./wolfSSL/wolfcrypt/src
-    cp ../../wolfcrypt/src/asm.c  ./wolfSSL/wolfcrypt/src
+    cp ${WOLFCRYPT_HEADERS_TOP}/*.h .${WOLFCRYPT_HEADERS}
 
+    # Add in source files to wolfcrypt/src
+    if [ ! -d ".${WOLFCRYPT_ROOT}" ]; then
+        mkdir .${WOLFCRYPT_ROOT}
+    fi
+    if [ ! -d ".${WOLFCRYPT_SRC}" ]; then
+        mkdir .${WOLFCRYPT_SRC}
+    fi
+    cp ${WOLFCRYPT_SRC_TOP}/*.c .${WOLFCRYPT_SRC}
+    
+    # Add in source files to top level src folders
+    if [ ! -d ".${WOLFSSL_SRC}" ]; then
+        mkdir .${WOLFSSL_SRC}
+    fi
+    cp ${WOLFSSL_SRC_TOP}/*.c .${WOLFSSL_SRC}
     # put bio and evp as includes
-    mv ./wolfSSL/bio.c ./wolfSSL/wolfssl
-	mv ./wolfSSL/evp.c ./wolfSSL/wolfssl
+    cp .${WOLFSSL_SRC}/bio.c .${WOLFSSL_HEADERS}
+    cp .${WOLFCRYPT_SRC}/evp.c .${WOLFSSL_HEADERS}
 
     # make a copy of evp.c and bio.c for ssl.c to include inline
-    cp ./wolfSSL/wolfssl/evp.c ./wolfSSL/wolfcrypt/src/evp.c
-    cp ./wolfSSL/wolfssl/bio.c ./wolfSSL/wolfcrypt/src/bio.c
+    cp .${WOLFSSL_HEADERS}/evp.c .${WOLFCRYPT_SRC}/evp.c
+    cp .${WOLFSSL_HEADERS}/bio.c .${WOLFCRYPT_SRC}/bio.c
     
     # copy openssl compatibility headers to their appropriate location
-    if [ ! -d "./wolfSSL/wolfssl/openssl" ]; then
-        mkdir ./wolfSSL/wolfssl/openssl
+    if [ ! -d ".${OPENSSL_DIR}" ]; then
+        mkdir .${OPENSSL_DIR}
     fi
-    cp ../../wolfssl/openssl/* ./wolfSSL/wolfssl/openssl
-
-    echo "/* Generated wolfSSL header file for Arduino */" > ./wolfSSL/wolfssl.h
-    echo "#include <user_settings.h>" >> ./wolfSSL/wolfssl.h
-    echo "#include <wolfssl/wolfcrypt/settings.h>" >> ./wolfSSL/wolfssl.h
-    echo "#include <wolfssl/ssl.h>" >> ./wolfSSL/wolfssl.h
-
-    if [ ! -f "./wolfSSL/user_settings.h" ]; then
-        echo "/* Generated wolfSSL user_settings.h file for Arduino */" > ./wolfSSL/user_settings.h
-        echo "#ifndef ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
-        echo "#define ARDUINO_USER_SETTINGS_H" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* Platform */" >> ./wolfSSL/user_settings.h
-        echo "#define WOLFSSL_ARDUINO" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* Math library (remove this to use normal math)*/" >>  ./wolfSSL/user_settings.h
-        echo "#define USE_FAST_MATH" >> ./wolfSSL/user_settings.h
-        echo "#define TFM_NO_ASM" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "/* RNG DEFAULT !!FOR TESTING ONLY!! */" >>  ./wolfSSL/user_settings.h
-        echo "/* comment out the error below to get started w/ bad entropy source" >>  ./wolfSSL/user_settings.h
-        echo " * This will need fixed before distribution but is OK to test with */" >>  ./wolfSSL/user_settings.h
-        echo "#error \"needs solved, see: https://www.wolfssl.com/docs/porting-guide/\"" >>  ./wolfSSL/user_settings.h
-        echo "#define WOLFSSL_GENSEED_FORTEST" >> ./wolfSSL/user_settings.h
-        space ./wolfSSL/user_settings.h
-        echo "#endif /* ARDUINO_USER_SETTINGS_H */" >> ./wolfSSL/user_settings.h
+    cp ${OPENSSL_DIR_TOP}/* .${OPENSSL_DIR}
+
+
+    cat > .${ROOT_SRC_DIR}/wolfssl.h <<EOF
+/* Generated wolfSSL header file for Arduino */
+#include <user_settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+EOF
+
+
+# Creates user_settings file if one does not exist
+    if [ ! -f ".${ROOT_SRC_DIR}/user_settings.h" ]; then
+    	cat > .${ROOT_SRC_DIR}/user_settings.h <<EOF
+/* Generated wolfSSL user_settings.h file for Arduino */
+#ifndef ARDUINO_USER_SETTINGS_H
+#define ARDUINO_USER_SETTINGS_H
+
+/* Platform */
+#define WOLFSSL_ARDUINO
+
+/* Math library (remove this to use normal math)*/
+#define USE_FAST_MATH
+#define TFM_NO_ASM
+#define NO_ASN_TIME
+
+/* When using Intel Galileo Uncomment the line below */
+/* #define INTEL_GALILEO */
+
+/* RNG DEFAULT !!FOR TESTING ONLY!! */
+/* comment out the error below to get started w/ bad entropy source
+ * This will need fixed before distribution but is OK to test with */
+#error "needs solved, see: https://www.wolfssl.com/docs/porting-guide/"
+#define WOLFSSL_GENSEED_FORTEST
+
+#endif /* ARDUINO_USER_SETTINGS_H */
+EOF
     fi
 
-    cp wolfSSL/wolfssl/wolfcrypt/settings.h wolfSSL/wolfssl/wolfcrypt/settings.h.bak
-    echo " /* wolfSSL Generated ARDUINO settings */" > ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "#ifndef WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "    #define WOLFSSL_USER_SETTINGS" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo "#endif /* WOLFSSL_USER_SETTINGS */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    echo " /* wolfSSL Generated ARDUINO settings: END */" >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
-    cat ./wolfSSL/wolfssl/wolfcrypt/settings.h.bak >> ./wolfSSL/wolfssl/wolfcrypt/settings.h
+    cp .${WOLFCRYPT_HEADERS}/settings.h .${WOLFCRYPT_HEADERS}/settings.h.bak
+    cat > .${WOLFCRYPT_HEADERS}/settings.h <<EOF
+/*wolfSSL Generated ARDUINO settings */
+#ifndef WOLFSSL_USER_SETTINGS
+    #define WOLFSSL_USER_SETTINGS
+#endif /* WOLFSSL_USER_SETTINGS */ 
+/*wolfSSL Generated ARDUINO settings: END */	
+
+EOF
+    cat .${WOLFCRYPT_HEADERS}/settings.h.bak >> .${WOLFCRYPT_HEADERS}/settings.h
+
+    #Creating library.properties file based off of: 
+    #https://arduino.github.io/arduino-cli/0.35/library-specification/#libraryproperties-file-format
+
+    cat > .${ROOT_DIR}/library.properties <<EOF
+name=wolfSSL
+version=${WOLFSSL_VERSION}
+author=wolfSSL inc
+maintainer=wolfSSL inc <support@wolfssl.com>
+sentence=A lightweight SSL/TLS library written in ANSI C and targeted for embedded, RTOS, and resource-constrained environments.
+paragraph=Manual: https://www.wolfssl.com/documentation/manuals/wolfssl/index.html.
+category=Communication
+url=https://www.wolfssl.com/
+architectures=*
+
+EOF
 
 else
     echo "ERROR: You must be in the IDE/ARDUINO directory to run this script"
diff --git a/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h b/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
index 216bb379..4b41446b 100644
--- a/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/AURIX/user_settings.h
@@ -98,7 +98,6 @@ extern unsigned int my_rng_seed_gen(void);
 
     #define WOLFSSL_SP_NO_MALLOC
     //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
-    //#define WOLFSSL_SP_CACHE_RESISTANT
 
     /* use smaller version of code */
     #define WOLFSSL_SP_SMALL
@@ -205,7 +204,7 @@ extern unsigned int my_rng_seed_gen(void);
             /* use heap allocation for ECC points */
             #define ALT_ECC_SIZE
 
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
 
diff --git a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
index ea2ea943..baabf535 100644
--- a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
+++ b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/main.c
@@ -27,7 +27,7 @@
 /* wolfCrypt_Init/wolfCrypt_Cleanup to turn CryptoCell hardware on/off */
 #include <wolfssl/wolfcrypt/wc_port.h>
 
-/* SEGGER_RTT_Init, you can potential replace it with other serial terminal */
+/* SEGGER_RTT_Init, you can potentially replace it with other serial terminal */
 #include "SEGGER_RTT.h"
 
 int main(void)
diff --git a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
index 8af4f54f..dc9822f5 100644
--- a/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/CRYPTOCELL/user_settings.h
@@ -88,7 +88,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_CACHE_RESISTANT
     //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* Assembly */
diff --git a/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h b/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
index a22d0a32..ca68a2a9 100644
--- a/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/ECLIPSE/DEOS/user_settings.h
@@ -85,7 +85,6 @@ You can get the current time from https://www.unixtimestamp.com/ */
     #define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
     #define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
 
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
     //#define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
 
diff --git a/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md b/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
index 8932c813..bd0c8bc9 100644
--- a/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
+++ b/extra/wolfssl/wolfssl/IDE/ECLIPSE/MICRIUM/README.md
@@ -118,41 +118,41 @@ memcb    test passed!
  wolfSSL version 3.15.5
 ------------------------------------------------------------------------------
 wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG               225 KB tooks 1.026 seconds,  219.313 KB/s
-AES-128-CBC-enc    250 KB toks 1.105 seconds  226.210 KB/s
-AES-128-CBC-dec    225 KB tooks 1.005 seconds,  223.922 KB/s
-AES-192-CBC-enc    225 KB tooks 1.076 seconds, 209.104 KB/s
-AES-192-CBC-dec    225 KB tooks 1.077 seconds,  208.981 K/s
-AES-56-CBC-enc    200 KB tooks 1.029 seconds,  19.396 KB/s
-AES-256-CBC-dec    200 KB toks 1.022 seconds,  195.785 KB/s
-AES-128-GCM-enc    125 KB tooks 1.28 secnds,  101.70 KB/s
-AES-128-GC-dec    125 KB tooks 1.228 seconds  101.756 KB/s
-AES-192-GCM-enc    100 KB tooks 1.026 seconds,   97.493 KB/s
-AES-192-GCM-dec    100 KB tooks 1.026 seconds,   97.480 KB/s
-AES-256-GCM-enc    100 KB tooks 1.065 seconds,   93.909 KB/s
-AES-256-GC-dec    100 KB tooks 1.065 seconds,   93.897 KB/s
-RABBIT               2 MB tooks 1.011 seconds,    2.19 MB/s
-3DES              100 KB tooks 1.007 sconds,   99.312 KB/s
-MD5                  3MB tooks 1.008 seonds,    2.907 MBs
-SHA                  1 MB tooks 1.09 secnds,    1.283 MB/s
-SHA-256            575 KB tooks 1.037 seconds,  554.501 KB/s
-SHA-512            200 KB tooks 1.003 seconds,  199.444 KB/s
-HMAC-MD5            3 B tooks 1.002 seconds,   2.876 MB/s
-HMAC-SHA26        550 KB tooks 1.000 seconds,  549.95 KB//s
-HMAC-SHA512       200 KB toks 1.018 seconds,  196.452 KB/s
-RSA     2048 public          8 ops took 1.025 sec, avg 128.135 ms, 7.804 op/sec
-RSA     2048 private        2 ops took 4.972 ec, avg 2485.951 s, 0.402 ops/sec
-DH      2048 key en         2 ops took 1.927 sec, avg 96.303 ms, 1.038 op/sec
-DH     2048 agree           2ops took 1.937 sc, avg 968.578 ms, 1.032 ops/sec
-ECC      256 key gen         3 ops took 1.185 sec, avg 394.944 ms, 2.53 ops/sec
-ECDHE    256 agree           4 ops took 1.585 sec, avg 396.168 ms, 2.524 ops/sec
-ECSA    256 sign            4 ops took 1.611 sec, avg 402.865 ms, 2.482 ops/sec
-ECDSA   256verif          2 ops tok 1.586 sec, avg 793.153 ms, 1.261 opssec
-CURVE  25519 key gen         2 ops took 1.262 sec, avg 630.907 ms, 1.585 ops/sec
-CURE  25519 agree           2 ops took 1.261 sec, avg630.469 ms, 1.586 ops/sec
-ED     2519 key gen        2 ops took 1.27 sec, avg 66.099ms, 1.572 ops/sec
-ED     25519 sign            2 ops took 1.303 sec, ag 65.633 ms, 1.35 op/sec
-ED     25519 verify          2 ops took 2.674 sec, avg1337.68 ms 0.748 ops/ec
+RNG               225 KB took 1.026 seconds,  219.313 KB/s
+AES-128-CBC-enc    250 KB took 1.105 seconds  226.210 KB/s
+AES-128-CBC-dec    225 KB took 1.005 seconds,  223.922 KB/s
+AES-192-CBC-enc    225 KB took 1.076 seconds, 209.104 KB/s
+AES-192-CBC-dec    225 KB took 1.077 seconds,  208.981 K/s
+AES-56-CBC-enc    200 KB took 1.029 seconds,  19.396 KB/s
+AES-256-CBC-dec    200 KB took 1.022 seconds,  195.785 KB/s
+AES-128-GCM-enc    125 KB took 1.28 seconds,  101.70 KB/s
+AES-128-GC-dec    125 KB took 1.228 seconds  101.756 KB/s
+AES-192-GCM-enc    100 KB took 1.026 seconds,   97.493 KB/s
+AES-192-GCM-dec    100 KB took 1.026 seconds,   97.480 KB/s
+AES-256-GCM-enc    100 KB took 1.065 seconds,   93.909 KB/s
+AES-256-GC-dec    100 KB took 1.065 seconds,   93.897 KB/s
+RABBIT               2 MB took 1.011 seconds,    2.19 MB/s
+3DES              100 KB took 1.007 seconds,   99.312 KB/s
+MD5                  3MB took 1.008 seconds,    2.907 MBs
+SHA                  1 MB took 1.09 secends,    1.283 MB/s
+SHA-256            575 KB took 1.037 seconds,  554.501 KB/s
+SHA-512            200 KB took 1.003 seconds,  199.444 KB/s
+HMAC-MD5            3 B took 1.002 seconds,   2.876 MB/s
+HMAC-SHA26        550 KB took 1.000 seconds,  549.95 KB//s
+HMAC-SHA512       200 KB topk 1.018 seconds,  196.452 KB/s
+RSA     2048 public          8 ops took 1.025 seconds, avg 128.135 ms, 7.804 ops/s
+RSA     2048 private        2 ops took 4.972 seconds, avg 2485.951 s, 0.402 ops/s
+DH      2048 key en         2 ops took 1.927 seconds, avg 96.303 ms, 1.038 ops/s
+DH     2048 agree           2ops took 1.937 seconds, avg 968.578 ms, 1.032 ops/s
+ECC      256 key gen         3 ops took 1.185 seconds, avg 394.944 ms, 2.53 ops/s
+ECDHE    256 agree           4 ops took 1.585 seconds, avg 396.168 ms, 2.524 ops/s
+ECSA    256 sign            4 ops took 1.611 seconds, avg 402.865 ms, 2.482 ops/s
+ECDSA   256verif          2 ops took 1.586 seconds, avg 793.153 ms, 1.261 ops/s
+CURVE  25519 key gen         2 ops took 1.262 seconds, avg 630.907 ms, 1.585 ops/s
+CURE  25519 agree           2 ops took 1.261 seconds, avg630.469 ms, 1.586 ops/s
+ED     2519 key gen        2 ops took 1.27 seconds, avg 66.099 ms, 1.572 ops/s
+ED     25519 sign            2 ops took 1.303 seconds, ag 65.633 ms, 1.35 ops/s
+ED     25519 verify          2 ops took 2.674 seconds, avg1337.68 ms 0.748 ops/s
 ```
 ### `WOLFSSL_CLIENT_TEST` wolfssl_client_test()
 
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
index a0cc1c9e..65eef865 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README.md
@@ -1,45 +1,206 @@
-# ESP-IDF port
+# ESP-IDF Port
 
-NOTICE: These Espressif examples have been created and tested with the latest stable release branch of 
-[ESP-IDF V4](https://docs.espressif.com/projects/esp-idf/en/v4.4.1/esp32/get-started/index.html)
-and have not yet been upgraded to the master branch V5. 
-See the latest [migration guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
+These Espressif examples have been created and tested with the latest stable release branch of 
+[ESP-IDF V5.1](https://docs.espressif.com/projects/esp-idf/en/release-v5.1/esp32/get-started/index.html).
+The prior version 4.4 ESP-IDF is still supported, however version 5.1 or greater is recommended.
+Espressif has [a list of all ESP-IDF versions](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/versions.html).
 
-## Overview
- ESP-IDF development framework with wolfSSL by setting *WOLFSSL_ESPIDF* definition
+See the latest [Espressif Migration Guides](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/index.html).
 
-Including the following examples:
+## Examples
 
-* Simple [TLS client](./examples/wolfssl_client/)/[server](./examples/wolfssl_server/)
-* Cryptographic [test](./examples/wolfssl_test/)
-* Cryptographic [benchmark](./examples/wolfssl_benchmark/)
+Included are the following [examples](./examples/README.md):
 
- The *user_settings.h* file enables some of the hardened settings.
+* Bare-bones [Template](./examples/template/README.md)
+* Simple [TLS Client](./examples/wolfssl_client/README.md) / [TLS Server](./examples/wolfssl_server/README.md)
+* Cryptographic [Test](./examples/wolfssl_test/README.md)
+* Cryptographic [Benchmark](./examples/wolfssl_benchmark/README.md)
+
+## Important Usage Details
+
+The wolfSSL code specific to the Espressif ESP-IDF development framework
+is gated in code with the `WOLFSSL_ESPIDF` definition. This is enabled
+automatically when the `WOLFSSL_USER_SETTINGS` is defined. The recommended
+method is to have this line in the main `CMakeLists.txt` file as shown in the
+[example](./examples/template/main/CMakeLists.txt):
+
+```cmake
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+```
+
+When defining `WOLFSSL_USER_SETTINGS`, this tells the `settings.h` file to
+looks for the wolfSSL `user_settings.h` in the project as described below.
+
+### File: `sdkconfig.h`
+
+The Espressif `sdkconfig.h`, generated automatically from your `sdkconfig`
+file at [build](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html)
+time, should be included before any other files.
+
+### File: `user_settings.h`
+
+The `user_settings.h` file enables some of the hardened security settings. There are also some
+default configuration items in the wolfssl `settings.h`. With the latest version of
+wolfSSL, some of these defaults can be disabled with `NO_ESPIDF_DEFAULT` and customized
+in your project `user_settings.h` as desired.
+
+See the respective project directory:
+
+  `[project-dir]/components/wolfssl/user_settings.h`
+
+A typical project will _not_ directly reference the `user_settings.h` file.
+Here's an example to be included at the top of a given source file:
+
+```c
+/* ESP-IDF */
+#include <esp_log.h>
+#include "sdkconfig.h"
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+/* Do not explicitly include wolfSSL user_settings.h */
+#include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+```
+
+Prior versions of the wolfSSL Espressif library expected the `user_settings.h` to be in the root wolfssl folder in a directory
+called `/include`. This method, while possible, is no longer recommended.
+
+Be sure to *not* have a `user_settings.h` in _both_ the local project and the wolfssl `include` directories.
+
+### File: `wolfssl/wolfcrypt/settings.h`
+
+The wolfSSL  built-in `settings.h` references your project `user_settings.h`. The
+`settings.h` should _not_ be edited directly. Any wolfSSL settings should be adjusted in your local project
+`user_settings.h` file.
+
+The `settings.h` has some SoC-target-specific settings, so be sure to `#include "sdkconfig.h"` at the beginning
+of your source code, particularly before the `#include <wolfssl/wolfcrypt/settings.h>` line.
 
 ## Requirements
+
  1. [ESP-IDF development framework](https://docs.espressif.com/projects/esp-idf/en/latest/get-started/)
 
-## Setup for Linux
+## wolfSSL as an Espressif component
+
+There are various methods available for using wolfSSL as a component:
+
+* Managed Component - easiest to get started.
+* Local component directory - best for development.
+* Install locally - least flexible, but project is fully self-contained.
+
+## Espressif Managed Components
+
+Visit https://components.espressif.com/components/wolfssl/wolfssl and see the instructions. Typically:
+
+```
+idf.py add-dependency "wolfssl/wolfssl^5.6.0-stable"
+```
+
+## Standard local component:
+
+See the [template example](./examples/template/README.md). Simply created a `wolfssl` directory in the
+local project `components` directory and place the [CMakeLists.txt](./examples/template/components/CMakeLists.txt)
+file there. Then add a `components/wolfssl/include` directory and place the [user_settings.h](/examples/template/components/wolfssl/include/user_settings.h)
+file there. If wolfSSL is in a structure such as `./workspace/wolfssl` with respect to your project at `./workspace/wolfssl`,
+then the cmake file should automatically find the wolfSSL source code. Otherwise set the cmake `WOLFSSL_ROOT` variable
+in the top-level CMake file. Examples:
+
+```cmake
+    set(WOLFSSL_ROOT  "C:/some-path/wolfssl")
+    set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+    set(WOLFSSL_ROOT  "/mnt/c/somepath/wolfssl")
+```
+
+See the specific examples for additional details.
+
+## Setup for Linux (wolfSSL local copy)
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
  1. Run `setup.sh` at _/path/to_`/wolfssl/IDE/Espressif/ESP-IDF/` to deploy files into ESP-IDF tree  
  2. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
- 3. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
+ 3. Find [Example Programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
 ## Setup for Windows
+
+This is a legacy method for installation. It is recommended to use the new `CMakeLists.txt` to point to wolfSSL source code.
+
  1. Run ESP-IDF Command Prompt (cmd.exe) or Run ESP-IDF PowerShell Environment
  2. Run `setup_win.bat` at `.\IDE\Espressif\ESP-IDF\`
  3. Find Wolfssl files at _/path/to/esp_`/esp-idf/components/wolfssl/`
  4. Find [Example programs](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) under _/path/to/esp_`/esp-idf/examples/protocols/wolfssl_xxx` (where xxx is the project name)
 
+## Setup for VisualGDB
+
+See the local project `./VisualGDB` for sample project files. For single-step JTAG debugging on boards that do not
+have a built-in JTAG port, the wolfSSL examples use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+See also the [gojimmypi blog](https://gojimmypi.github.io/Tigard-JTAG-SingleStep-Debugging-ESP32/) on using the Tigard
+to JTAG debug the ESP32.
+
+### Clone a specific version:
+
+```
+C:\SysGCC\esp32\esp-idf>git clone -b v5.0.2 --recursive https://github.com/espressif/esp-idf.git v5.0.2
+```
+
 ## Configuration
+
+ 1. The `user_settings.h` can be found in `[project]/components/wolfssl/include/user_settings.h`. 
+
+## Configuration (Legacy IDF install)
+
  1. The `user_settings.h` can be found in _/path/to/esp_`/esp-idf/components/wolfssl/include/user_settings.h`
 
 ## Build examples
- 1. See README in each example folder
+
+ 1. See README in each example folder.
 
 ## Support
+
  For question please email [support@wolfssl.com]
 
  Note: This is tested with :  
-   - OS: Ubuntu 20.04.3 LTS and Microsoft Windows 10 Pro 10.0.19041 and well as WSL Ubuntu
-   - ESP-IDF: ESP-IDF v4.3.2
-   - Module : ESP32-WROOM-32
+   - OS: Ubuntu 20.04.3 LTS
+   - Microsoft Windows 10 Pro 10.0.19041 / Windows 11 Pro 22H2 22621.2715
+   - Visual Studio 2022 17.7.6 with VisualGDB 5.6R9 (build 4777)
+   - WSL 1 Ubuntu 22.04.3 LTS
+   - ESP-IDF: ESP-IDF v5.1
+   - SoC Module : all those supported in ESP-IDF v5.1
+
+## JTAG Debugging Notes
+
+All of the examples are configured to use either the on-board JTAG (when available) or
+the open source [Tigard multi-protocol tool for hardware hacking](https://github.com/tigard-tools/tigard).
+
+VisualGDB users should find the configuration file in the `interface\ftdi` directory:
+
+```
+C:\Users\%USERNAME%\AppData\Local\VisualGDB\EmbeddedDebugPackages\com.sysprogs.esp32.core\share\openocd\scripts\interface\ftdi
+```
+
+For reference, the `tigard.cfg` looks like this:
+
+```
+# SPDX-License-Identifier: GPL-2.0-or-later
+#
+# Tigard: An FTDI FT2232H-based multi-protocol tool for hardware hacking.
+# https://github.com/tigard-tools/tigard
+
+adapter driver ftdi
+
+ftdi device_desc "Tigard V1.1"
+ftdi vid_pid 0x0403 0x6010
+
+ftdi channel 1
+
+ftdi layout_init 0x0038 0x003b
+ftdi layout_signal nTRST -data 0x0010
+ftdi layout_signal nSRST -data 0x0020
+
+# This board doesn't support open-drain reset modes since its output buffer is
+# always enabled.
+reset_config srst_push_pull trst_push_pull
+
+```
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
index cb5171fc..af440a8b 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/README_32se.md
@@ -15,7 +15,7 @@ Including the following examples:
 2. Microchip CryptoAuthentication Library: https://github.com/MicrochipTech/cryptoauthlib
 
 ## Setup
-1. Comment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
+1. Comment out `#define WOLFSSL_ESP32` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`\
    Uncomment out `#define WOLFSSL_ESPWROOM32SE` in `/path/to/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h`
     * **Note:** crypt test will fail if enabled `WOLFSSL_ESPWROOM32SE`
 3. wolfSSL under ESP-IDF. Please see [README.md](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
index 63d3bce7..010054e9 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/UPDATE.md
@@ -21,3 +21,4 @@ Updates to Espressif ESP-IDF wolfssl_benchmark and wolfssl_test examples:
 - Added VisualGDB Project file & Visual Studio solution file.
 - Added optional `time_helper` for wolfssl_test
 - Exclude `ssl_misc.c` in component cmake to fix warning:  #warning ssl_misc.c does not need to be compiled separately from ssl.c
+- Exclude `ssl_crypto.c` in component cmake to fix warning:  #warning ssl_crypto.c does not need to be compiled separately from ssl.c
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
index bc8dff78..536dc295 100755
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/compileAllExamples.sh
@@ -62,6 +62,9 @@ if  [[ "$RUN_SETUP" == "--run-setup" ]]; then
     echo "Testing a build of wolfSSL in ESP-IDF components directory"
     echo ""
     for file in "test_idf"; do
+        if [ -e "../../../include/user_settings.h" ]; then
+          mv "../../../include/user_settings.h" "../../../include/user_settings.h.${file}.bak"
+        fi
         pushd ${SCRIPT_DIR}/examples/wolfssl_${file}/ && idf.py fullclean build;
         THIS_ERR=$?
         popd
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md
new file mode 100644
index 00000000..e0414d2f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/README.md
@@ -0,0 +1,120 @@
+# wolfSSL Examples for Espressif
+
+## Core Examples
+
+These are the core examples for wolfSSL:
+
+- [Template](./template/README.md)
+
+- [Benchmark](./wolfssl_benchmark/README.md)
+
+- [Test](./wolfssl_test/README.md)
+
+- [TLS Client](./wolfssl_client/README.md)
+
+- [TLS Server](./wolfssl_server/README.md)
+
+## Other Espressif wolfSSL Examples
+
+See these other repositories for additional examples:
+
+- [wolfssl-examples/ESP32](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+
+- [wolfssh/Espressif](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif)
+
+- [wolfssh-examples/Espressif](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+## Interaction with wolfSSL CLI
+
+See the [server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server)
+and [client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client)
+examples.
+
+Here are some examples using wolfSSL from Linux to communicate with an
+ESP32 TLS client or server:
+
+TLS1.3 Linux Server
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.3 Linux Client to Linux Server: `TLS_AES_128_GCM_SHA256` (default)
+```
+./examples/client/client -v 4 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Server 
+```
+./examples/server/server -v 3 -b -d -p 11111 -c ./certs/server-cert.pem -k ./certs/server-key.pem
+```
+
+TLS1.2 Linux Client to Linux Server: `TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384` (default)
+```
+./examples/client/client -v 3 -h 127.0.0.1 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.2 Linux Client to ESP32 Server: `TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 3 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+TLS1.3 Linux Client to ESP32 Server: `TLS_AES_128_GCM_SHA256`
+```
+./examples/client/client -v 4 -h 192.168.1.109 -p 11111 -A ./certs/ca-cert.pem
+```
+
+
+There's an additional example that uses wolfSSL installed as a component to the shared ESP-IDF:
+
+- [Test IDF](./wolfssl_test_idf/README.md)
+
+## Installing wolfSSL for Espressif projects
+
+[Core examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples) 
+have a local `components/wolfssl` directory with a special CMakeFile.txt that does not require 
+wolfSSL to be installed.
+
+If you want to install wolfSSL, see the setup for [wolfSSL](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF#setup-for-linux) 
+and [wolfSSH](https://github.com/wolfSSL/wolfssh/tree/master/ide/Espressif#setup-for-linux).
+
+The [Espressif Managed Component for wolfSSL](https://components.espressif.com/components/wolfssl/wolfssl)
+also installs source code locally, instead of pointing to a source repository.
+
+## VisualGDB
+
+Users of [VisualGDB](https://visualgdb.com/) can find Espressif project files in each respective
+example `.\VisualGDB` directory. For convenience, there are separate project for various
+target SoC and ESP-IDF version.
+
+For devices without a built-in JTAG, the projects are configured with the open source [Tigard](https://www.crowdsupply.com/securinghw/tigard)
+and using port `COM20`.
+
+For devices _with_ a built-in JTAG, the projects are using `COM9`.
+
+Edit the COM port for your project:
+
+- ESP-IDF Project; Bootloader COM Port.
+- Raw Terminal; COM Port
+
+
+## Troubleshooting
+
+If unusual errors occur, exit Visual Studio and manually delete these directories to start over:
+
+- `.\build`
+- `.\VisualGDB\.visualgdb`
+- `.\VisualGDB\.vs`
+
+It may be helpful to also delete the `sdkconfig` file. (Save a backup if you've made changes to defaults)
+
+## Other Topics
+
+- esp32.com: [RSA peripheral 50% slower on ESP32-S3/C3 than S2](https://www.esp32.com/viewtopic.php?t=23830)
+
+- esp32.com: [GPIO6,GPIO7,GPIO8,and GPIO9 changed for ESP32-WROOM-32E](https://esp32.com/viewtopic.php?t=29058)
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf).
+
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
new file mode 100644
index 00000000..649a7366
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
@@ -0,0 +1,73 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
+# The following lines of boilerplate have to be in your project's
+# CMakeLists in this exact order for cmake to work correctly
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+    # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+    # So we'll error out and let the user decide how to proceed:
+    message(WARNING "\nFound wolfSSL components in\n"
+                    "./managed_components/wolfssl__wolfssl\n"
+                    "and\n"
+                    "./components/wolfssl\n"
+                    "in project directory: \n"
+                    "${CMAKE_HOME_DIRECTORY}")
+    message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+                        "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+                        "or rename the idf_component.yml file typically found in ./main/")
+else()
+    message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
+include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
+project(wolfssl_template)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md
new file mode 100644
index 00000000..274e22de
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/README.md
@@ -0,0 +1,72 @@
+# wolfSSL Template Project
+
+This is an example of a minimally viable wolfSSL template to get started with your own project.
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+### Prerequisites
+
+It is assumed the [ESP-IDF environment](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/) has been installed.
+
+### Files Included
+
+- [main.c](./main/main.c) with a simple call to an Espressif library (`ESP_LOGI`) and a call to a wolfSSL library (`esp_ShowExtendedSystemInfo`) . 
+
+- See [components/wolfssl/include](./components/wolfssl/include/user_settings.h) directory to edit the wolfSSL `user_settings.h`.
+
+- Edit [main/CMakeLists.txt](./main/CMakeLists.txt) to add/remove source files.
+
+- The [components/wolfssl/CMakeLists.txt](./components/wolfssl/CMakeLists.txt) typically does not need to be changed.
+
+- Optional [VisualGDB Project](./VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj) for Visual Studio using ESP32 and ESP-IDF v5.1.
+
+- Edit the project [CMakeLists.txt](./CMakeLists.txt) to optionally point this project's wolfSSL component source code at a different directory:
+
+```
+set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+```
+
+
+## Getting Started:
+
+Here's an example using the command-line [idf.py](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-py.html).
+
+Edit your `WRK_IDF_PATH`to point to your ESP-IDF install directory.
+
+```
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+# build the example:
+idf.py build
+
+# optionally erase the flash
+idf.py erase-flash -p /dev/ttyS19 -b 115200
+
+# flash the code onto the serial device at /dev/ttyS19
+idf.py flash -p /dev/ttyS19 -b 115200
+
+# build, flash, and view UART output with one command:
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+Press `Ctrl+]` to exit `idf.py monitor`. See [additional monitor keyboard commands](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/tools/idf-monitor.html).
+
+## Other Examples:
+
+For examples, see:
+
+- [TLS Client](../wolfssl_client/README.md)
+- [TLS Server](../wolfssl_server/README.md)
+- [Benchmark](../wolfssl_benchmark/README.md)
+- [Test](../wolfssl_test/README.md)
+- [wolfssl-examples](https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32)
+- [wolfssh-examples](https://github.com/wolfSSL/wolfssh-examples/tree/main/Espressif)
+
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
new file mode 100644
index 00000000..dad932c5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
@@ -0,0 +1,269 @@
+<?xml version="1.0"?>
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <Project xsi:type="com.visualgdb.project.external.esp-idf">
+    <CustomSourceDirectories>
+      <Directories />
+      <PathStyle>Unknown</PathStyle>
+    </CustomSourceDirectories>
+    <AutoProgramSPIFFSPartition>true</AutoProgramSPIFFSPartition>
+    <ProjectModeSettings>
+      <ProjectGUID>7bbd1486-d457-4e49-92ba-0cfc9d80849e</ProjectGUID>
+      <GroupSourcesByTypes>true</GroupSourcesByTypes>
+      <GroupSourcesByPaths>true</GroupSourcesByPaths>
+      <HeaderScanMode>SourceDirs</HeaderScanMode>
+    </ProjectModeSettings>
+  </Project>
+  <Build xsi:type="com.visualgdb.build.cmake">
+    <BuildLogMode xsi:nil="true" />
+    <ToolchainID>
+      <ID>com.visualgdb.xtensa-esp32-elf</ID>
+      <Version>
+        <GCC>12.2.0</GCC>
+        <GDB>12.1</GDB>
+        <Revision>1</Revision>
+      </Version>
+    </ToolchainID>
+    <RelativeSourceDirectory>..</RelativeSourceDirectory>
+    <ConfigurationType>DEBUG</ConfigurationType>
+    <BinaryDirectory>build/$(PlatformName)/$(ConfigurationName)</BinaryDirectory>
+    <MakeCommandTemplate>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(ToolchainNinja)</Command>
+      <WorkingDirectory>$(BuildDir)</WorkingDirectory>
+      <BackgroundMode xsi:nil="true" />
+    </MakeCommandTemplate>
+    <CMakeCommand>
+      <SkipWhenRunningCommandList>false</SkipWhenRunningCommandList>
+      <Command>$(SYSPROGS_CMAKE_PATH)</Command>
+      <BackgroundMode xsi:nil="true" />
+    </CMakeCommand>
+    <UpdateSourcesInCMakeFile>true</UpdateSourcesInCMakeFile>
+    <ExportCompileCommands>false</ExportCompileCommands>
+    <DisableToolchainFile>false</DisableToolchainFile>
+    <CMakeMakefileType>Ninja</CMakeMakefileType>
+    <DeployAsRoot>false</DeployAsRoot>
+    <CMakeCleanMode>RemoveBuildDirectory</CMakeCleanMode>
+    <UseCCache>false</UseCCache>
+    <ProjectModeSettings>
+      <ProjectItemSettings>
+        <GroupSourcesByTypes>true</GroupSourcesByTypes>
+        <GroupSourcesByPaths>true</GroupSourcesByPaths>
+        <GroupTargetsByPaths>true</GroupTargetsByPaths>
+        <FollowCMakeSourceGroups>false</FollowCMakeSourceGroups>
+        <AutoRefreshProject>true</AutoRefreshProject>
+        <AlwaysConsiderOutdated>false</AlwaysConsiderOutdated>
+        <SortTargetsByName>true</SortTargetsByName>
+        <RedundantTargetMode>HideOuterProjectTargets</RedundantTargetMode>
+        <SortSourcesByName>true</SortSourcesByName>
+        <BuildAllTargetsInSubdir>false</BuildAllTargetsInSubdir>
+        <FoldSingleItemPathLevels>true</FoldSingleItemPathLevels>
+      </ProjectItemSettings>
+      <TargetSpecificSettings />
+      <SetLDLibraryPathFromDependentArtifacts>true</SetLDLibraryPathFromDependentArtifacts>
+      <ProjectGUID>eadcc9ab-72b3-4b51-a838-593e5d80ddf7</ProjectGUID>
+      <VirtualFolders />
+      <ConfigurationNameCase>Upper</ConfigurationNameCase>
+      <DefaultHeaderDiscoveryMode>HeaderDirectoryAndSubdirectories</DefaultHeaderDiscoveryMode>
+      <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
+      <ESPIDFExtension>
+        <IDFCheckout>
+          <Version>release/v5.1</Version>
+          <Subdirectory>esp-idf/v5.1</Subdirectory>
+          <Type>ESPIDF</Type>
+        </IDFCheckout>
+        <COMPort>COM37</COMPort>
+        <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
+        <UseCCache>false</UseCCache>
+        <DeviceID>ESP32</DeviceID>
+      </ESPIDFExtension>
+    </ProjectModeSettings>
+  </Build>
+  <CustomBuild>
+    <PreSyncActions />
+    <PreBuildActions />
+    <PostBuildActions />
+    <PreCleanActions />
+    <PostCleanActions />
+  </CustomBuild>
+  <CustomDebug>
+    <PreDebugActions />
+    <PostDebugActions />
+    <DebugStopActions />
+    <BreakMode>Default</BreakMode>
+  </CustomDebug>
+  <DeviceTerminalSettings>
+    <Connection xsi:type="com.sysprogs.terminal.connection.serial">
+      <ComPortName>COM37</ComPortName>
+      <AdvancedSettings>
+        <BaudRate>115200</BaudRate>
+        <DataBits>8</DataBits>
+        <Parity>None</Parity>
+        <StopBits>One</StopBits>
+        <FlowControl>None</FlowControl>
+      </AdvancedSettings>
+    </Connection>
+    <LastConnectionTime>0</LastConnectionTime>
+    <EchoTypedCharacters>false</EchoTypedCharacters>
+    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ReconnectAutomatically>false</ReconnectAutomatically>
+    <DisplayMode>ASCII</DisplayMode>
+    <Colors>
+      <Background>
+        <Alpha>255</Alpha>
+        <Red>0</Red>
+        <Green>0</Green>
+        <Blue>0</Blue>
+      </Background>
+      <Disconnected>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Disconnected>
+      <Text>
+        <Alpha>255</Alpha>
+        <Red>211</Red>
+        <Green>211</Green>
+        <Blue>211</Blue>
+      </Text>
+      <Echo>
+        <Alpha>255</Alpha>
+        <Red>144</Red>
+        <Green>238</Green>
+        <Blue>144</Blue>
+      </Echo>
+      <Inactive>
+        <Alpha>255</Alpha>
+        <Red>169</Red>
+        <Green>169</Green>
+        <Blue>169</Blue>
+      </Inactive>
+    </Colors>
+    <HexSettings>
+      <MaximumBytesPerLine>16</MaximumBytesPerLine>
+      <ShowTextView>true</ShowTextView>
+      <BreaksAroundEcho>true</BreaksAroundEcho>
+      <AutoSend>true</AutoSend>
+      <SendAsHex>true</SendAsHex>
+      <TimeoutForAutoBreak>0</TimeoutForAutoBreak>
+    </HexSettings>
+    <LineEnding>LF</LineEnding>
+    <TreatLFAsCRLF>false</TreatLFAsCRLF>
+    <KeepOpenAfterExit>false</KeepOpenAfterExit>
+    <ShowAfterProgramming>false</ShowAfterProgramming>
+  </DeviceTerminalSettings>
+  <CustomShortcuts>
+    <Shortcuts />
+    <ShowMessageAfterExecuting>true</ShowMessageAfterExecuting>
+  </CustomShortcuts>
+  <UserDefinedVariables />
+  <ImportedPropertySheets />
+  <CodeSense>
+    <Enabled>Unknown</Enabled>
+    <ExtraSettings>
+      <HideErrorsInSystemHeaders>true</HideErrorsInSystemHeaders>
+      <SupportLightweightReferenceAnalysis>true</SupportLightweightReferenceAnalysis>
+      <CheckForClangFormatFiles>true</CheckForClangFormatFiles>
+      <FormattingEngine xsi:nil="true" />
+    </ExtraSettings>
+    <CodeAnalyzerSettings>
+      <Enabled>false</Enabled>
+    </CodeAnalyzerSettings>
+  </CodeSense>
+  <Configurations>
+    <VisualGDBConfiguration>
+      <Name>Debug</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+    <VisualGDBConfiguration>
+      <Name>Release</Name>
+      <BuildSettingsExtension xsi:type="com.visualgdb.build.external.esp-idf.cmake.extension" />
+    </VisualGDBConfiguration>
+  </Configurations>
+  <ProgramArgumentsSuggestions />
+  <Debug xsi:type="com.visualgdb.debug.embedded">
+    <AdditionalStartupCommands />
+    <AdditionalGDBSettings>
+      <Features>
+        <DisableAutoDetection>false</DisableAutoDetection>
+        <UseFrameParameter>false</UseFrameParameter>
+        <SimpleValuesFlagSupported>false</SimpleValuesFlagSupported>
+        <ListLocalsSupported>false</ListLocalsSupported>
+        <ByteLevelMemoryCommandsAvailable>false</ByteLevelMemoryCommandsAvailable>
+        <ThreadInfoSupported>false</ThreadInfoSupported>
+        <PendingBreakpointsSupported>false</PendingBreakpointsSupported>
+        <SupportTargetCommand>false</SupportTargetCommand>
+        <ReliableBreakpointNotifications>false</ReliableBreakpointNotifications>
+      </Features>
+      <EnableSmartStepping>false</EnableSmartStepping>
+      <FilterSpuriousStoppedNotifications>false</FilterSpuriousStoppedNotifications>
+      <ForceSingleThreadedMode>false</ForceSingleThreadedMode>
+      <UseAppleExtensions>false</UseAppleExtensions>
+      <CanAcceptCommandsWhileRunning>false</CanAcceptCommandsWhileRunning>
+      <MakeLogFile>false</MakeLogFile>
+      <IgnoreModuleEventsWhileStepping>true</IgnoreModuleEventsWhileStepping>
+      <UseRelativePathsOnly>false</UseRelativePathsOnly>
+      <ExitAction>None</ExitAction>
+      <DisableDisassembly>false</DisableDisassembly>
+      <ExamineMemoryWithXCommand>false</ExamineMemoryWithXCommand>
+      <StepIntoNewInstanceEntry>app_main</StepIntoNewInstanceEntry>
+      <ExamineRegistersInRawFormat>true</ExamineRegistersInRawFormat>
+      <DisableSignals>false</DisableSignals>
+      <EnableAsyncExecutionMode>false</EnableAsyncExecutionMode>
+      <AsyncModeSupportsBreakpoints>true</AsyncModeSupportsBreakpoints>
+      <TemporaryBreakConsolidationTimeout>0</TemporaryBreakConsolidationTimeout>
+      <EnableNonStopMode>false</EnableNonStopMode>
+      <MaxBreakpointLimit>0</MaxBreakpointLimit>
+      <EnableVerboseMode>true</EnableVerboseMode>
+      <EnablePrettyPrinters>false</EnablePrettyPrinters>
+    </AdditionalGDBSettings>
+    <DebugMethod>
+      <ID>openocd</ID>
+      <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <ExtraParameters>
+          <Frequency xsi:nil="true" />
+          <BoostedFrequency xsi:nil="true" />
+          <ConnectUnderReset>false</ConnectUnderReset>
+        </ExtraParameters>
+        <LoadProgressGUIThreshold>131072</LoadProgressGUIThreshold>
+        <ProgramMode>Enabled</ProgramMode>
+        <StartupCommands>
+          <string>set remotetimeout 60</string>
+          <string>target remote :$$SYS:GDB_PORT$$</string>
+          <string>mon gdb_breakpoint_override hard</string>
+          <string>mon reset halt</string>
+          <string>load</string>
+        </StartupCommands>
+        <ProgramFLASHUsingExternalTool>false</ProgramFLASHUsingExternalTool>
+        <PreferredGDBPort>0</PreferredGDBPort>
+        <PreferredTelnetPort>0</PreferredTelnetPort>
+        <AlwaysPassSerialNumber>false</AlwaysPassSerialNumber>
+        <SelectedCoreIndex xsi:nil="true" />
+        <LiveMemoryTimeout>5000</LiveMemoryTimeout>
+        <SuggestionLogicRevision>1</SuggestionLogicRevision>
+        <CheckFLASHSize>true</CheckFLASHSize>
+        <FLASHSettings>
+          <Size>size2MB</Size>
+          <Frequency>freq40M</Frequency>
+          <Mode>DIO</Mode>
+        </FLASHSettings>
+        <PatchBootloader>true</PatchBootloader>
+      </Configuration>
+    </DebugMethod>
+    <AutoDetectRTOS>true</AutoDetectRTOS>
+    <SemihostingSupport>Disabled</SemihostingSupport>
+    <SemihostingPollingDelay>0</SemihostingPollingDelay>
+    <StepIntoEntryPoint>false</StepIntoEntryPoint>
+    <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
+    <ValidateEndOfStackAddress>true</ValidateEndOfStackAddress>
+    <StopAtEntryPoint>false</StopAtEntryPoint>
+    <EnableVirtualHalts>false</EnableVirtualHalts>
+    <DynamicAnalysisSettings />
+    <EndOfStackSymbol>_estack</EndOfStackSymbol>
+    <TimestampProviderTicksPerSecond>0</TimestampProviderTicksPerSecond>
+    <KeepConsoleAfterExit>false</KeepConsoleAfterExit>
+    <UnusedStackFillPattern xsi:nil="true" />
+    <CheckInterfaceDrivers>true</CheckInterfaceDrivers>
+  </Debug>
+</VisualGDBProjectSettings2>
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
new file mode 100644
index 00000000..e82e19b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
@@ -0,0 +1,524 @@
+#
+#  Copyright (C) 2006-2023 wolfSSL Inc.
+#
+#  This file is part of wolfSSL.
+#
+#  wolfSSL is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+#
+#  wolfSSL is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+#
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+#
+# cmake for wolfssl Espressif projects
+#
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
+
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# The root of wolfSSL is 7 directories up from here:
+
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
+
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
+
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
+
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
+
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
+
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
+
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
+
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
+
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
+
+else()
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+        #
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+        #
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
+        message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+    else()
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+            #
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+            #
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
+                #
+                # wolfSSL found in local project.
+                #
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
+
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
+
+            else()
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
+
+
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
+
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
+
+
+    set(COMPONENT_ADD_INCLUDEDIRS
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
+
+
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
+
+
+# check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    message(STATUS "")
+    message(STATUS "")
+    message(STATUS "********************************************************************")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "********************************************************************")
+    message(STATUS "")
+endif()
+# end multiple component check
+
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..819ce60b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
@@ -0,0 +1,428 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+/* Reminder: ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+/* Optional OPENSSL compatibility */
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use AES counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
new file mode 100644
index 00000000..a038d035
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
@@ -0,0 +1,102 @@
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+#   v1.0
+#
+# wolfssl template
+#
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
+
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+set (git_cmd "git")
+
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    #
+    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
+    #
+    message(STATUS "")
+    message(STATUS "WARNING: Found components/wolfssl in both local project and IDF_PATH")
+    message(STATUS "")
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+endif()
+
+## register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "."
+                                    "./include")
+
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    # LIBWOLFSSL_VERSION_GIT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH
+    execute_process(COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    execute_process(COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+endif()
+
+message(STATUS "")
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_class.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
index 5c05f46e..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_class.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
@@ -1,4 +1,4 @@
-/* mpi_class.h
+/* template main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,7 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#ifndef _MAIN_H_
+#define _MAIN_H_
 
-
-#include <wolfssl/wolfcrypt/mpi_class.h>
-
+#endif
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_first.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/main.c
index cfbe5a17..5e41a28f 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_first.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/main/main.c
@@ -1,4 +1,4 @@
-/* wolfcrypt_first.c
+/* main.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,36 +19,31 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/* Espressif */
+#include <esp_log.h>
 
-/* This file needs to be linked first in order to work correctly */
+/* wolfSSL  */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 
-#ifdef HAVE_CONFIG_H
-    #include <config.h>
-#endif
+/* project */
+#include "main.h"
 
-/* in case user set HAVE_FIPS there */
-#include <cyassl/ctaocrypt/settings.h>
+static const char* const TAG = "My Project";
 
-#ifdef HAVE_FIPS
+void app_main(void)
+{
+    ESP_LOGI(TAG, "Hello wolfSSL!");
 
-#ifdef USE_WINDOWS_API
-    #pragma code_seg(".fipsA$a")
-    #pragma const_seg(".fipsB$a")
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
 #endif
 
+#if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
+    esp_hw_show_metrics();
+#endif
 
-/* read only start address */
-const unsigned int wolfCrypt_FIPS_ro_start[] =
-{ 0x1a2b3c4d, 0x00000001 };
-
-
-/* first function of text/code segment */
-int wolfCrypt_FIPS_first(void);
-int wolfCrypt_FIPS_first(void)
-{
-    return 0;
+    ESP_LOGI(TAG, "\n\nDone!"
+                  "If running from idf.py monitor, press twice: Ctrl+]\n\n"
+                  "WOLFSSL_COMPLETE\n" /* exit keyword for wolfssl_monitor.py */
+            );
 }
-
-
-#endif /* HAVE_FIPS */
-
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
new file mode 100644
index 00000000..88f1e113
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
@@ -0,0 +1,35 @@
+CONFIG_FREERTOS_HZ=1000
+CONFIG_ESP32_DEFAULT_CPU_FREQ_240=y
+
+#
+# Default main stack size
+#
+# This is typically way bigger than needed for stack size. See user_settings.h
+#
+CONFIG_ESP_MAIN_TASK_STACK_SIZE=10500
+
+# Legacy stack size for older ESP-IDF versions
+CONFIG_MAIN_TASK_STACK_SIZE=10500
+
+#
+# Compiler options
+#
+CONFIG_COMPILER_OPTIMIZATION_DEFAULT=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTIONS_ENABLE=y
+CONFIG_COMPILER_OPTIMIZATION_ASSERTION_LEVEL=2
+CONFIG_COMPILER_HIDE_PATHS_MACROS=y
+CONFIG_COMPILER_STACK_CHECK_MODE_NORM=y
+CONFIG_COMPILER_STACK_CHECK=y
+
+#
+# Partition Table
+#
+# CONFIG_PARTITION_TABLE_SINGLE_APP is not set
+CONFIG_PARTITION_TABLE_SINGLE_APP_LARGE=y
+# CONFIG_PARTITION_TABLE_TWO_OTA is not set
+# CONFIG_PARTITION_TABLE_CUSTOM is not set
+CONFIG_PARTITION_TABLE_CUSTOM_FILENAME="partitions.csv"
+CONFIG_PARTITION_TABLE_FILENAME="partitions_singleapp_large.csv"
+CONFIG_PARTITION_TABLE_OFFSET=0x8000
+CONFIG_PARTITION_TABLE_MD5=y
+# end of Partition Table
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
index 430386e8..b49373e6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
@@ -1,6 +1,27 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+
+# Optionally specify a location for wolfSSL component source code
+# set(WOLFSSL_ROOT "c:/test/blogtest/wolfssl" )
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
 
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
index 17485107..7decc9aa 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
@@ -1,6 +1,59 @@
 # wolfSSL Benchmark Example
 
-The Example contains of wolfSSL benchmark program.
+This ESP32 example uses the [wolfSSL wolfcrypt Benchmark Application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/benchmark).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## Espressif ESP Component Registry
+
+See the wolfSSL namespace at [components.espressif.com](https://components.espressif.com/components?q=wolfssl)
+
+
+## Windows COM Port
+
+All of these examples use COM20 on Windows. The DOS `change port` command can be use to assign any
+other local port to `COM20` as needed:
+
+```
+change port com20=com23
+```
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users,
+as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/)
+using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.1 |
+-------- |------------- |------------- |
+ESP32    |      x       |              |
+ESP32-S2 |              |              |
+ESP32-S3 |      x       |      x       |
+ESP32-C3 |      x       |      x       |
+ESP32-C6 |              |              |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+Windows ports assigned with the `change port` command may not appear in the VisualGDB dropdowns but can still
+be used when manually typed.
+See the [feature request](https://sysprogs.com/w/forums/topic/feature-request-show-windows-change-port-results-in-com-port-dropdown-lists/).
+
+## ESP-IDF Commandline
 
 1. `idf.py menuconfig` to configure the program.  
     1-1. Example Configuration ->
@@ -22,17 +75,30 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
 Example build on WSL:
 
 ```
-Optionally install wolfSSL component
-# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
-./setup.sh
+Optionally update toolchain
+
+cd /mnt/c/SysGCC/esp32/esp-idf/master
+git fetch
+git pull
+git submodule update --init --recursive
 
 cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark
 
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32-8.4/esp-idf/v4.4.1
+WRK_IDF_PATH=~/esp/esp-idf
+
+. $WRK_IDF_PATH/export.sh
 
+# Set target SoC
+idf.py set-target esp32c3
 
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# Optionally erase
+
+# Build and flash
+idf.py build flash -p /dev/ttyS20 -b 115200 monitor
 ```
 
 ## Example Output
@@ -42,7 +108,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
 for help in optimizing for your particular application, or see the 
 [docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
 
-Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 115200 monitor`:
 
 ```
 --- idf_monitor on /dev/ttyS7 115200 ---
@@ -186,5 +252,7 @@ compilation terminated.
 A 'clean` may be needed after freshly installing a new component:
 
 ```
-idf.py clean build  flash -p /dev/ttyS7 -b 921600 monitor
-```
\ No newline at end of file
+idf.py clean build  flash -p /dev/ttyS7 -b 115200 monitor
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
index 3ce7c9b4..2ddadf89 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.vgdbproj
@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <Project xsi:type="com.visualgdb.project.external.esp-idf">
     <CustomSourceDirectories>
       <Directories />
@@ -220,7 +220,7 @@
     <DebugMethod>
       <ID>openocd</ID>
       <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
-        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f target/esp32.cfg</CommandLine>
         <ExtraParameters>
           <Frequency xsi:nil="true" />
           <BoostedFrequency xsi:nil="true" />
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
index eff35918..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
@@ -17,209 +17,435 @@
 #  along with this program; if not, write to the Free Software
 #  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
 #
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
 # The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
 
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
 
-if($WOLFSSL_FOUND_IDF)
-    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
-    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
-    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
 
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
 
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
-                        )
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
 
-set(COMPONENT_REQUIRES lwip)
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
 
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
-    #
-    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
-    #
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
-    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
-    message(STATUS "")
-    message(STATUS "To proceed: ")
-    message(STATUS "")
-    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
-    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
-    message(STATUS "")
-    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
 
-    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
 
 else()
-    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
         #
-        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
         #
         message(STATUS "")
-        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
         message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
     else()
-        #
-        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
-        # or if  wolfSSL is simply installed as a local component.
-        #
-        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
             #
-            # wolfSSL found in local project.
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
             #
-            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
-                message(STATUS "")
-                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
-                #
-                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
-                #
-                # We won't do anything else here, as it will be assumed the original install completed successfully.
-                #
-            else()
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
                 #
-                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
-                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                # wolfSSL found in local project.
                 #
-                message(STATUS "")
-                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
 
-                message(STATUS "************************************************************************************************")
-                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
-                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
-                #
-                # first check if there's a [root]/include/user_settings.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
-                    # we won't overwrite an existing user settings file, just note that we already have one:
-                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
-                else()
-                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                endif() # user_settings.h
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
 
-                # next check if there's a [root]/include/config.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
-                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
-                else()
-                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
-                endif() # config.h
-                message(STATUS "************************************************************************************************")
-                message(STATUS "")
-            endif()
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
 
-        else()
-            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
-            if($WOLFSSL_FOUND_IDF)
-                message(STATUS "")
-                message(STATUS "WARNING: wolfSSL not found.")
-                message(STATUS "")
             else()
-                # probably needs to be re-parsed by Espressif
-                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
-            endif() # else we have not found ESP-IDF yet
-        endif() # else not a local wolfSSL component
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
 
-    endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
 
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
 
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
     set(COMPONENT_ADD_INCLUDEDIRS
-        "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH5}"
-       "${WOLFSSL_ROOT}"
-       )
-else()
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
 
-   set(COMPONENT_ADD_INCLUDEDIRS
-       "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH}"
-       "${WOLFSSL_ROOT}"
-      )
-endif()
 
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
-    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
 
-set(COMPONENT_SRCEXCLUDE
-    "${WOLFSSL_ROOT}/src/bio.c"
-    "${WOLFSSL_ROOT}/src/conf.c"
-    "${WOLFSSL_ROOT}/src/misc.c"
-    "${WOLFSSL_ROOT}/src/pk.c"
-    "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/x509.c"
-    "${WOLFSSL_ROOT}/src/x509_str.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
-    "${EXCLUDE_ASM}"
-    )
-set(COMPONENT_PRIV_INCLUDEDIRS ${IDF_PATH}/components/driver/include)
-
-register_component()
-
-# some optional diagnostics
-if (0)
-    get_cmake_property(_variableNames VARIABLES)
-    list (SORT _variableNames)
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES BEGIN")
-    message(STATUS "")
-    foreach (_variableName ${_variableNames})
-        message(STATUS "${_variableName}=${${_variableName}}")
-    endforeach()
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES END")
-    message(STATUS "")
-endif()
 
 # check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
     message(STATUS "")
     message(STATUS "")
     message(STATUS "********************************************************************")
@@ -230,3 +456,69 @@ endif()
 # end multiple component check
 
 
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..cc9bae6b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
@@ -0,0 +1,450 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+ /* ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x349F00
+
+/* hash limit for test.c */
+#define HASH_SIZE_LIMIT
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+/* #define WOLFSSL_SP_RISCV32    */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+    /*  There's no Hardware Acceleration available on ESP8684 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+/* Pause in a loop rather than exit. */
+#define WOLFSSL_ESPIDF_ERROR_PAUSE
+
+#define WOLFSSL_HW_METRICS
+
+/* for test.c */
+/* #define HASH_SIZE_LIMIT */
+
+/* Optionally turn off HW math checks */
+/* #define NO_HW_MATH_TEST */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* See settings.h for some of the possible hardening options:
+ *
+ *  #define NO_ESPIDF_DEFAULT
+ *  #define WC_NO_CACHE_RESISTANT
+ *  #define WC_AES_BITSLICED
+ *  #define HAVE_AES_ECB
+ *  #define HAVE_AES_DIRECT
+ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
index c107b46a..e37c4d5f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
@@ -1,10 +1,9 @@
-
 #
 # wolfssl benchmark test
 #
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-set(COMPONENT_SRCS main.c)
+set(COMPONENT_SRCS "main.c")
 set(COMPONENT_ADD_INCLUDEDIRS ".")
 
 set (git_cmd "git")
@@ -19,7 +18,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
-register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "." 
+                       "./include")
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
index e19e22a5..0adf4564 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
@@ -1,8 +1,8 @@
 #
 # Main component makefile.
 #
-# This Makefile can be left empty. By default, it will take the sources in the 
-# src/ directory, compile them and link them into lib(subdirectory_name).a 
+# This Makefile can be left empty. By default, it will take the sources in the
+# src/ directory, compile them and link them into lib(subdirectory_name).a
 # in the build directory. This behaviour is entirely configurable,
 # please read the ESP-IDF documents if you need to do this.
-#
\ No newline at end of file
+#
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
index 21858920..219eb15d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
@@ -1,4 +1,3 @@
-#pragma once
 /* benchmark main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
@@ -20,10 +19,12 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifndef _MAIN_
+#define _MAIN_
+
 void app_main(void);
 
 /* see wolfssl/wolfcrypt/benchmark/benchmark.h */
 extern void wolf_benchmark_task();
 
-
-
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
index dc14bf23..855105e7 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
 /* ESP-IDF */
 #include <esp_log.h>
 #include "sdkconfig.h"
@@ -26,17 +27,23 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <user_settings.h>
 #include <wolfssl/version.h>
+#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 #ifndef WOLFSSL_ESPIDF
-    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+    #warning "Problem with wolfSSL user_settings."
+    #warning "Check components/wolfssl/include"
 #endif
 
 #include <wolfssl/wolfcrypt/types.h>
 #include <wolfcrypt/benchmark/benchmark.h>
 
+/* set to 0 for one benchmark,
+** set to 1 for continous benchmark loop */
+#define BENCHMARK_LOOP 1
+
 /* check BENCH_ARGV in sdkconfig to determine need to set WOLFSSL_BENCH_ARGV */
 #ifdef CONFIG_BENCH_ARGV
-#define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
-#define WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS 22 /* arbitrary number of max args */
+    #define WOLFSSL_BENCH_ARGV CONFIG_BENCH_ARGV
+    #define WOLFSSL_BENCH_ARGV_MAX_ARGUMENTS 22 /* arbitrary number of max args */
 #endif
 
 /*
@@ -67,6 +74,8 @@ static const char* const TAG = "wolfssl_benchmark";
 
 static byte mSlotList[ATECC_MAX_SLOT];
 
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
 /* initialize slot array */
 void my_atmel_slotInit()
 {
@@ -183,51 +192,18 @@ int construct_argv()
 /* entry point */
 void app_main(void)
 {
+    int stack_start = 0;
+    ESP_LOGI(TAG, "---------------- wolfSSL Benchmark Example ------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
-    ESP_LOGI(TAG, "");
-    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
-    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
-    ESP_LOGI(TAG, "");
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
-#endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
-#endif
-
 
-    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
-    /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
-    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
-             );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
-    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
-            );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
 #endif
 
-    /* all platforms: stack high water mark check */
-    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
     ESP_LOGI(TAG, "app_main CONFIG_BENCH_ARGV = %s", WOLFSSL_BENCH_ARGV);
 
 /* when using atecc608a on esp32-wroom-32se */
@@ -251,15 +227,37 @@ void app_main(void)
     /* although wolfCrypt_Init() may be explicitly called above,
     ** note it is still always called in wolf_benchmark_task.
     */
-    wolf_benchmark_task();
-    /* wolfCrypt_Cleanup should always be called at completion,
-    ** and is called in wolf_benchmark_task().
-    */
+    stack_start = uxTaskGetStackHighWaterMark(NULL);
+
+    do {
+        ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+
+        wolf_benchmark_task();
+        ESP_LOGI(TAG, "Stack used: %d\n",
+                      stack_start - uxTaskGetStackHighWaterMark(NULL));
+
+        #ifdef WOLFSSL_HW_METRICS_DISABLED/* Remove _DISABLED upon #6990 Merge */
+            esp_hw_show_metrics();
+        #endif
+    } while (BENCHMARK_LOOP);
+    /* Reminder: wolfCrypt_Cleanup should always be called at completion,
+    ** and is called in wolf_benchmark_task().  */
+
+#if defined(SINGLE_THREADED)
+    /* need stack monitor for single thread */
+#else
     ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+    ESP_LOGI(TAG, "\n\nDone!\n\n"
+                  "If running from idf.py monitor, press twice: Ctrl+]");
 
     /* after the test, we'll just wait */
     while (1) {
-        /* nothing */
+        /* do something other than nothing to help next program/debug session*/
+#ifndef SINGLE_THREADED
+        vTaskDelay(1000);
+#endif
     }
 
 #endif /* NO_CRYPT_BENCHMARK */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
index 7312c0db..14d08bf9 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
@@ -1,11 +1,96 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+    # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+    # So we'll error out and let the user decide how to proceed:
+    message(WARNING "\nFound wolfSSL components in\n"
+                    "./managed_components/wolfssl__wolfssl\n"
+                    "and\n"
+                    "./components/wolfssl\n"
+                    "in project directory: \n"
+                    "${CMAKE_HOME_DIRECTORY}")
+    message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+                        "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+                        "or rename the idf_component.yml file typically found in ./main/")
+else()
+    message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
 
-# (Not part of the boilerplate)
 # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
-# disable the following line if there isn't the directory
-set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
 project(wolfssl_client)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
index ee834071..21855add 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
@@ -1,6 +1,20 @@
-#wolfSSL Example
+# wolfSSL TLS Client Example
+
+This is the wolfSSL TLS Client demo, typically used with the [Espressif TLS Server](../wolfssl_server/README.md)
+or the CLI [Server](https://github.com/wolfSSL/wolfssl/tree/master/examples/server).
+
+When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples#interaction-with-wolfssl-cli).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
 
-The Example contains of wolfSSL tls client demo.
 
 1. `idf.py menuconfig` to config the project
 
@@ -24,4 +38,41 @@ When you want to test the wolfSSL client
 
          e.g. Launch ./examples/server/server -v 4 -b -i -d
 
-See the README.md file in the upper level 'examples' directory for more information about examples.
+## SM Ciphers
+
+#### Working Linux Client to ESP32 Server
+
+Command:
+
+```
+cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+
+```
+
+```
+cd /mnt/c/workspace/wolfssl-$USER
+
+./examples/client/client  -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem     -A ./certs/sm2/root-sm2.pem -C
+```
+
+Output:
+
+```text
+SSL version is TLSv1.3
+SSL cipher suite is TLS_SM4_GCM_SM3
+SSL curve name is SM2P256V1
+I hear you fa shizzle!
+```
+
+#### Linux client to Linux server:
+
+```
+./examples/client/client  -h 127.0.0.1 -v 4 -l ECDHE-ECDSA-SM4-CBC-SM3     -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem     -A ./certs/sm2/root-sm2.pem -C
+
+./examples/server/server                   -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3     -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem     -A ./certs/sm2/client-sm2.pem -V
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
new file mode 100644
index 00000000..01dd6baf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
@@ -0,0 +1,512 @@
+# SM Cipher Notes
+
+
+### Install SM
+```
+cd /mnt/c/workspace/wolfsm-$USER
+./install.sh ../wolfssl-$USER
+```
+
+
+### Build Linux SM Examples
+```
+./autogen.sh
+./configure --enable-sm3 --enable-sm4-gcm --enable-sm2         \
+            --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
+            --enable-sm4-gcm --enable-sm4-ccm
+make clean && make
+```
+
+### TLS 1.3 Server
+
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+### TLS 1.3 Client
+
+```
+./examples/client/client  -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to Local Linux Server
+
+```
+./examples/client/client  -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  \
+                      -c ./certs/sm2/client-sm2.pem                 \
+                      -k ./certs/sm2/client-sm2-priv.pem            \
+                      -A ./certs/sm2/root-sm2.pem -C
+```
+
+###  TLS 1.2 Client to ESP32 Server
+
+```
+./examples/client/client  -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  \
+                      -c ./certs/sm2/client-sm2.pem                 \
+                      -k ./certs/sm2/client-sm2-priv.pem            \
+                      -A ./certs/sm2/root-sm2.pem -C
+```
+### Others...
+
+```
+# Success: Linux Client to ESP32 Server TLS1.2 
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Success: Linux Client to ESP32 Server TLS1.3
+
+# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+```
+
+```
+ESP32-to-ESP32
+TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+```
+
+Tried both PEM and DER format.
+
+The latest server is PEM format, triple-checked to have the embedded server
+be the same as the Linux server files.
+
+
+|  Usage |            Certificate             |        Key                          |   Certificate Authority file, default ./certs/client-cert.pem |
+| -----  | ---------------------------------- | ----------------------------------- | --------------------------------- |
+| server | -c ./certs/sm2/server-sm2.pem      | -k ./certs/sm2/server-sm2-priv.pem  | -A ./certs/sm2/client-sm2.pem -V  |                      
+| client | -c ./certs/sm2/client-sm2.pem      | -k ./certs/sm2/client-sm2-priv.pem  | -A ./certs/sm2/root-sm2.pem -C    |
+| emdedded:
+| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2  |
+
+### Code
+
+See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
+
+![code](./code.png)
+
+
+### Linux client talking to embedded server:
+
+```
+/examples/client/client  -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem     -A ./certs/sm2/root-sm2.pem -C
+wolfSSL_connect error -188, ASN no signer error to confirm failure
+wolfSSL error: wolfSSL_connect failed
+```
+
+Output:
+```
+ets Jul 29 2019 12:21:46
+
+rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:7000
+load:0x40078000,len:15452
+ho 0 tail 12 room 4
+load:0x40080400,len:3840
+entry 0x4008064c
+I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
+I (29) boot: compile time 13:40:31
+I (29) boot: chip revision: v3.0
+I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
+I (39) boot.esp32: SPI Speed      : 40MHz
+I (44) boot.esp32: SPI Mode       : DIO
+I (48) boot.esp32: SPI Flash Size : 2MB
+I (53) boot: Enabling RNG early entropy source...
+I (58) boot: Partition Table:
+I (62) boot: ## Label            Usage          Type ST Offset   Length
+I (69) boot:  0 nvs              WiFi data        01 02 00009000 00006000
+I (77) boot:  1 phy_init         RF data          01 01 0000f000 00001000
+I (84) boot:  2 factory          factory app      00 00 00010000 00177000
+I (92) boot: End of partition table
+I (96) boot_comm: chip revision: 3, min. application chip revision: 0
+I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
+I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
+I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
+I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
+I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
+I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h (    16) load
+I (533) boot: Loaded app from partition at offset 0x10000
+I (533) boot: Disabling RNG early entropy source...
+I (545) cpu_start: Pro cpu up.
+I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
+I (532) cpu_start: App cpu up.
+I (561) cpu_start: Pro cpu start user code
+I (561) cpu_start: cpu freq: 160000000 Hz
+I (561) cpu_start: Application information:
+I (566) cpu_start: Project name:     wolfssl_server
+I (571) cpu_start: App version:      v5.6.3-stable-1088-g560c84b2b-d
+I (578) cpu_start: Compile time:     Jul 19 2023 22:20:09
+I (585) cpu_start: ELF file SHA256:  3e6e571c9e87bf44...
+I (591) cpu_start: ESP-IDF:          v5.0-dirty
+I (596) heap_init: Initializing. RAM available for dynamic allocation:
+I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
+I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
+I (636) spi_flash: detected chip: generic
+I (639) spi_flash: flash io: dio
+W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the 
+size in the binary image header.
+I (657) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (725) tls_server: ESP_WIFI_MODE_STA
+I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
+I (735) system_api: Base MAC address is not set
+I (735) system_api: read default base MAC address from EFUSE
+I (755) wifi:wifi firmware version: 0d470ef
+I (755) wifi:wifi certification version: v7.0
+I (755) wifi:config NVS flash: enabled
+I (755) wifi:config nano formating: disabled
+I (755) wifi:Init data frame dynamic rx buffer num: 32
+I (765) wifi:Init management frame dynamic rx buffer num: 32
+I (765) wifi:Init management short buffer num: 32
+I (775) wifi:Init dynamic tx buffer num: 32
+I (775) wifi:Init static rx buffer size: 1600
+I (775) wifi:Init static rx buffer num: 10
+I (785) wifi:Init dynamic rx buffer num: 32
+I (785) wifi_init: rx ba win: 6
+I (795) wifi_init: tcpip mbox: 32
+I (795) wifi_init: udp mbox: 6
+I (795) wifi_init: tcp mbox: 6
+I (805) wifi_init: tcp tx win: 5744
+I (805) wifi_init: tcp rx win: 5744
+I (815) wifi_init: tcp mss: 1440
+I (815) wifi_init: WiFi IRAM OP enabled
+I (815) wifi_init: WiFi RX IRAM OP enabled
+I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
+I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
+I (935) wifi:enable tsf
+I (935) tls_server: wifi_init_sta finished.
+I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
+I (945) wifi:state: init -> auth (b0)
+I (945) wifi:state: auth -> assoc (0)
+I (955) wifi:state: assoc -> run (10)
+W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
+I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
+I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
+I (995) wifi:pm start, type: 1
+
+I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
+I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
+I (3225) tls_server: got ip:192.168.1.108
+I (3235) Time Helper: sntp_setservername:
+I (3235) Time Helper: pool.ntp.org
+I (3245) Time Helper: time.nist.gov
+I (3245) Time Helper: utcnist.colorado.edu
+I (3255) Time Helper: sntp_init done.
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3315) wolfssl: Start wolfSSL_Init()
+I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
+I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
+I (3325) wolfssl: start socket())
+I (3335) wolfssl: Create and initialize WOLFSSL_CTX
+I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
+I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
+I (3365) tls_server: Start SM2
+
+I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
+I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
+
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3435) wolfssl: Loading certificate...
+I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
+I (3445) wolfssl: wolfSSL Entering PemToDer
+I (3455) wolfssl: Checking cert signature type
+I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3465) wolfssl: Got Cert Header
+I (3475) wolfssl: wolfSSL Entering GetObjectId
+I (3475) wolfssl: Got Algo ID
+I (3475) wolfssl: Getting Name
+I (3485) wolfssl: Getting Cert Name
+I (3485) wolfssl: Getting Name
+I (3495) wolfssl: Getting Cert Name
+I (3495) wolfssl: Got Subject Name
+I (3495) wolfssl: wolfSSL Entering GetAlgoId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3515) wolfssl: Got Key
+I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
+I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
+I (3535) tls_server: Loaded server_sm2
+
+I (3535) wolfssl: Loading key info...
+I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
+I (3545) wolfssl: wolfSSL Entering PemToDer
+I (3555) wolfssl: wolfSSL Entering GetAlgoId
+I (3555) wolfssl: wolfSSL Entering GetObjectId
+I (3565) wolfssl: wolfSSL Entering GetAlgoId
+I (3565) wolfssl: wolfSSL Entering GetObjectId
+I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
+I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
+
+I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
+I (3595) wolfssl: Processing CA PEM file
+I (3595) wolfssl: wolfSSL Entering PemToDer
+I (3605) wolfssl: Adding a CA
+I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3615) wolfssl: Got Cert Header
+I (3625) wolfssl: wolfSSL Entering GetObjectId
+I (3625) wolfssl: Got Algo ID
+I (3635) wolfssl: Getting Name
+I (3635) wolfssl: Getting Cert Name
+I (3635) wolfssl: Getting Name
+I (3645) wolfssl: Getting Cert Name
+I (3645) wolfssl: Got Subject Name
+I (3655) wolfssl: wolfSSL Entering GetAlgoId
+I (3655) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: Got Key
+I (3665) wolfssl: Parsed Past Key
+I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
+I (3675) wolfssl: wolfSSL Entering GetObjectId
+I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
+I (3685) wolfssl: wolfSSL Entering GetObjectId
+I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
+I (3705) wolfssl: wolfSSL Entering GetObjectId
+I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
+I (3715) wolfssl: wolfSSL Entering GetObjectId
+I (3715) wolfssl: wolfSSL Entering DecodeAltNames
+I (3725) wolfssl:       Unsupported name type, skipping
+I (3725) wolfssl: wolfSSL Entering GetObjectId
+I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
+I (3735) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3755) wolfssl:       Parsed new CA
+I (3755) wolfssl:       No key size check done on CA
+I (3765) wolfssl:       Freeing Parsed CA
+I (3765) wolfssl:       Freeing der CA
+I (3775) wolfssl:               OK Freeing der CA
+I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
+I (3785) wolfssl:    Processed a CA
+I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
+I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
+I (3795) tls_server: Success: load verify buffer
+
+I (3805) tls_server: Finish SM2
+
+I (3805) tls_server: accept clients...
+I (3815) wolfssl: Waiting for a connection...
+I (14485) wolfssl: wolfSSL Entering wolfSSL_new
+I (14495) wolfssl: wolfSSL Entering ReinitSSL
+I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
+I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
+I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
+I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
+I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
+I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
+I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
+I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
+I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
+I (14545) wolfssl: wolfSSL Entering ReinitSSL
+I (14545) wolfssl: growing input buffer
+I (14555) wolfssl: received record layer msg
+I (14555) wolfssl: got HANDSHAKE
+I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
+I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
+I (14575) wolfssl: processing client hello
+I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
+I (14595) wolfssl: wolfSSL Entering DoClientHello
+I (14595) wolfssl:     downgrading to TLSv1.2
+I (14605) wolfssl: Matched No Compression
+I (14605) wolfssl: Adding signature algorithms extension
+I (14615) wolfssl: Signature Algorithms extension received
+I (14615) wolfssl: Point Formats extension received
+I (14625) wolfssl: Supported Groups extension received
+I (14625) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: wolfSSL Entering MatchSuite
+I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
+I (14645) wolfssl: Requires ECC
+I (14655) wolfssl: Verified suite validity
+I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
+I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
+I (14685) wolfssl: Shrinking input buffer
+I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
+I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
+I (14705) wolfssl: wolfSSL Entering SendServerHello
+I (14705) wolfssl: growing output buffer
+I (14715) internal.c: GrowOutputBuffer ok
+I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14725) wolfssl: Point Formats extension to write
+W (14735) wolfio: ssl->wflags = 0
+I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57 
+I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8 
+I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20 
+I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58 
+I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00 
+I (14765) wolfio: 06 00 0b 00 02 01 00 
+W (14775) wolfio: sz          = 87
+I (14775) wolfssl: Shrinking output buffer
+I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
+I (14785) wolfssl: accept state SERVER_HELLO_SENT
+I (14795) wolfssl: wolfSSL Entering SendCertificate
+I (14795) wolfssl: growing output buffer
+I (14805) internal.c: GrowOutputBuffer ok
+W (14815) wolfio: ssl->wflags = 0
+I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30 
+I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30 
+I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b 
+I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 
+I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 
+I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 
+I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 
+I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06 
+I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c 
+I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d 
+I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 
+I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f 
+I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01 
+I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33 
+I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31 
+I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30 
+I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03 
+I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e 
+I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14 
+I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c 
+I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53 
+I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55 
+I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 
+I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 
+I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 
+I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 
+I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30 
+I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c 
+I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f 
+I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa 
+I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f 
+I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0 
+I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30 
+I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b 
+I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f 
+I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb 
+I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30 
+I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06 
+I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06 
+I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 
+I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04 
+I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83 
+I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d 
+I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3 
+I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1 
+I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f 
+I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68 
+W (15135) wolfio: sz          = 747
+I (15135) wolfssl: Shrinking output buffer
+I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
+I (15145) wolfssl: accept state CERT_SENT
+I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
+I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
+I (15165) wolfssl: accept state CERT_STATUS_SENT
+I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
+I (15175) wolfssl: Using ephemeral ECDH
+I (15175) wolfssl: wolfSSL Entering EccMakeKey
+I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
+I (15535) wolfssl: Trying ECC private key, RSA didn't work
+I (15535) wolfssl: wolfSSL Entering GetAlgoId
+I (15545) wolfssl: wolfSSL Entering GetObjectId
+I (15555) wolfssl: Using ECC private key
+I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
+I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
+I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
+I (15925) wolfssl: growing output buffer
+I (15925) internal.c: GrowOutputBuffer ok
+W (15925) wolfio: ssl->wflags = 0
+I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5 
+I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3 
+I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f 
+I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27 
+I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08 
+I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad 
+I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac 
+I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a 
+I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c 
+I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6 
+W (15995) wolfio: sz          = 154
+I (16005) wolfssl: Shrinking output buffer
+I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
+I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
+I (16025) wolfssl: accept state CERT_REQ_SENT
+I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
+I (16035) wolfssl: growing output buffer
+I (16035) internal.c: GrowOutputBuffer ok
+W (16045) wolfio: ssl->wflags = 0
+I (16045) wolfio: 16 03 03 00 04 0e 00 00 00 
+W (16045) wolfio: sz          = 9
+I (16055) wolfssl: Embed Send error
+I (16055) wolfssl:      Connection reset
+I (16065) int: Sent = -3
+W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
+E (16075) int: SOCKET_ERROR_E 2
+I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
+I (16085) wolfssl: wolfSSL error occurred, error = -308
+I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
+I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
+E (16085) tls_server: wolfSSL_accept error -308
+I (16105) wolfssl: Client connected successfully
+I (16105) wolfssl: wolfSSL Entering wolfSSL_read
+I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
+I (16125) wolfssl: wolfSSL Entering ReceiveData
+I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
+I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
+E (16145) tls_server: ERROR: failed to read
+I (16145) wolfssl: Client sends:
+I (16145) wolfssl: 
+I (16155) wolfssl: wolfSSL Entering wolfSSL_write
+I (16155) wolfssl: handshake not complete, trying to finish
+I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
+I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
+I (16175) wolfssl: wolfSSL Entering ReinitSSL
+W (16185) wolfio: ssl->wflags = 0
+I (16185) wolfio: 16 03 03 00 04 0e 00 00 00 
+W (16185) wolfio: sz          = 9
+I (16195) wolfssl: Embed Send error
+I (16195) wolfssl:      General error
+I (16205) int: Sent = -1
+E (16205) int: SOCKET_ERROR_E
+I (16205) wolfssl: wolfSSL error occurred, error = -308
+I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
+I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
+E (16225) tls_server: ERROR: failed to write
+I (16235) wolfssl: wolfSSL Entering wolfSSL_free
+I (16235) wolfssl: Free'ing server ssl
+I (16245) wolfssl: Shrinking output buffer
+I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
+I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
+I (16255) wolfssl: wolfSSL_FreeSession full free
+I (16265) wolfssl: CTX ref count not 0 yet, no free
+I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
+I (16275) wolfssl: Waiting for a connection...
+```
+
+### Wireshark:
+
+![wireshark](./wireshark.png)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
new file mode 100644
index 00000000..701f38b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
@@ -0,0 +1,52 @@
+# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.0 |
+-------- |------------- |------------- |
+ESP32    |      x       |              |
+ESP32-S2 |              |              |
+ESP32-S3 |      x       |      x       |
+ESP32-C3 |      x       |      x       |
+ESP32-C6 |              |              |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+## Resources
+
+- [wolfSSL Website](https://www.wolfssl.com/)
+
+- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
+
+- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
+
+- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
+
+- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
+
+- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
+
+- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
+
+- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
+
+- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
+
+- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
+
+<--  edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln
deleted file mode 100644
index 4314fe8d..00000000
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.sln
+++ /dev/null
@@ -1,31 +0,0 @@
-
-Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.33027.164
-MinimumVisualStudioVersion = 10.0.40219.1
-Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_client", "VisualGDB_wolfssl_client.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
-EndProject
-Global
-	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|VisualGDB = Debug|VisualGDB
-		Release|VisualGDB = Release|VisualGDB
-		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
-		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
-	EndGlobalSection
-	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
-		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
-	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
-	GlobalSection(ExtensibilityGlobals) = postSolution
-		SolutionGuid = {D510376F-F313-4EF6-8EF5-248D1949DFEB}
-	EndGlobalSection
-EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
new file mode 100644
index 00000000..a2be094c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
@@ -0,0 +1,56 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.6.33829.357
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_client_IDF_v5_ESP32", "wolfssl_client_IDF_v5_ESP32.vgdbproj", "{E903E9CC-1A23-4B00-8914-7E45EC21E351}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "wolfssl", "wolfssl", "{5D78034B-FAE6-4B8D-8003-EC2B0993F286}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\wolfssl\error-ssl.h = ..\..\..\..\..\..\wolfssl\error-ssl.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "include", "include", "{53267705-B3FE-418C-975D-CD898BAF1F46}"
+	ProjectSection(SolutionItems) = preProject
+		..\components\wolfssl\include\config.h = ..\components\wolfssl\include\config.h
+		..\components\wolfssl\include\user_settings.h = ..\components\wolfssl\include\user_settings.h
+	EndProjectSection
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{A51226B3-88A7-4463-B443-0E321C4A3D53}"
+	ProjectSection(SolutionItems) = preProject
+		..\..\..\..\..\..\..\my_private_config.h = ..\..\..\..\..\..\..\my_private_config.h
+		..\partitions_singleapp_large.csv = ..\partitions_singleapp_large.csv
+		..\README.md = ..\README.md
+		..\sdkconfig = ..\sdkconfig
+		..\build\VisualGDB\Debug\config\sdkconfig.cmake = ..\build\VisualGDB\Debug\config\sdkconfig.cmake
+		..\sdkconfig.defaults = ..\sdkconfig.defaults
+		..\build\VisualGDB\Debug\config\sdkconfig.h = ..\build\VisualGDB\Debug\config\sdkconfig.h
+	EndProjectSection
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|VisualGDB = Debug|VisualGDB
+		Release|VisualGDB = Release|VisualGDB
+		Tests (Debug)|VisualGDB = Tests (Debug)|VisualGDB
+		Tests (Release)|VisualGDB = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.ActiveCfg = Debug|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Debug|VisualGDB.Build.0 = Debug|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.ActiveCfg = Release|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Release|VisualGDB.Build.0 = Release|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.ActiveCfg = Tests (Debug)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Debug)|VisualGDB.Build.0 = Tests (Debug)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.ActiveCfg = Tests (Release)|VisualGDB
+		{E903E9CC-1A23-4B00-8914-7E45EC21E351}.Tests (Release)|VisualGDB.Build.0 = Tests (Release)|VisualGDB
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{53267705-B3FE-418C-975D-CD898BAF1F46} = {5D78034B-FAE6-4B8D-8003-EC2B0993F286}
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {BA06FD8D-BEFD-429B-9F82-B6F34B43272E}
+	EndGlobalSection
+EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
index 69743018..4c2cf6dc 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <Project xsi:type="com.visualgdb.project.external.esp-idf">
     <CustomSourceDirectories>
       <Directories />
@@ -18,9 +18,9 @@
     <ToolchainID>
       <ID>com.visualgdb.xtensa-esp32-elf</ID>
       <Version>
-        <GCC>11.2.0</GCC>
-        <GDB>9.2.90</GDB>
-        <Revision>2</Revision>
+        <GCC>12.2.0</GCC>
+        <GDB>12.1</GDB>
+        <Revision>1</Revision>
       </Version>
     </ToolchainID>
     <RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
       <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
       <ESPIDFExtension>
         <IDFCheckout>
-          <Version>release/v5.0</Version>
-          <Subdirectory>esp-idf/v5.0</Subdirectory>
+          <Version>release/v5.1</Version>
+          <Subdirectory>esp-idf/v5.1</Subdirectory>
           <Type>ESPIDF</Type>
         </IDFCheckout>
-        <COMPort>COM20</COMPort>
+        <COMPort>COM19</COMPort>
         <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
         <UseCCache>false</UseCCache>
         <DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
   </CustomDebug>
   <DeviceTerminalSettings>
     <Connection xsi:type="com.sysprogs.terminal.connection.serial">
-      <ComPortName>COM20</ComPortName>
+      <ComPortName>COM19</ComPortName>
       <AdvancedSettings>
         <BaudRate>115200</BaudRate>
         <DataBits>8</DataBits>
@@ -104,7 +104,7 @@
     </Connection>
     <LastConnectionTime>0</LastConnectionTime>
     <EchoTypedCharacters>false</EchoTypedCharacters>
-    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
     <ReconnectAutomatically>false</ReconnectAutomatically>
     <DisplayMode>ASCII</DisplayMode>
     <Colors>
@@ -220,7 +220,7 @@
     <DebugMethod>
       <ID>openocd</ID>
       <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
-        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
         <ExtraParameters>
           <Frequency xsi:nil="true" />
           <BoostedFrequency xsi:nil="true" />
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
index 2423b802..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
@@ -17,206 +17,435 @@
 #  along with this program; if not, write to the Free Software
 #  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
 #
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
 # The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
 
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
 
-if($WOLFSSL_FOUND_IDF)
-    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
-    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
-    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
 
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
 
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
-                        )
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
 
-set(COMPONENT_REQUIRES lwip)
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
 
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
-    #
-    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
-    #
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
-    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
-    message(STATUS "")
-    message(STATUS "To proceed: ")
-    message(STATUS "")
-    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
-    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
-    message(STATUS "")
-    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
 
-    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
 
 else()
-    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
         #
-        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
         #
         message(STATUS "")
-        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
         message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
     else()
-        #
-        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
-        # or if  wolfSSL is simply installed as a local component.
-        #
-        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
             #
-            # wolfSSL found in local project.
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
             #
-            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
-                message(STATUS "")
-                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
-                #
-                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
-                #
-                # We won't do anything else here, as it will be assumed the original install completed successfully.
-                #
-            else()
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
                 #
-                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
-                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                # wolfSSL found in local project.
                 #
-                message(STATUS "")
-                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
 
-                message(STATUS "************************************************************************************************")
-                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
-                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
-                #
-                # first check if there's a [root]/include/user_settings.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
-                    # we won't overwrite an existing user settings file, just note that we already have one:
-                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
-                else()
-                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                endif() # user_settings.h
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
 
-                # next check if there's a [root]/include/config.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
-                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
-                else()
-                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
-                endif() # config.h
-                message(STATUS "************************************************************************************************")
-                message(STATUS "")
-            endif()
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
 
-        else()
-            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
-            if($WOLFSSL_FOUND_IDF)
-                message(STATUS "")
-                message(STATUS "WARNING: wolfSSL not found.")
-                message(STATUS "")
             else()
-                # probably needs to be re-parsed by Espressif
-                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
-            endif() # else we have not found ESP-IDF yet
-        endif() # else not a local wolfSSL component
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
 
-    endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
 
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
 
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
     set(COMPONENT_ADD_INCLUDEDIRS
-        "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH5}"
-       "${WOLFSSL_ROOT}"
-       )
-else()
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
 
-   set(COMPONENT_ADD_INCLUDEDIRS
-       "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH}"
-       "${WOLFSSL_ROOT}"
-      )
-endif()
 
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
-    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
 
-set(COMPONENT_SRCEXCLUDE
-    "${WOLFSSL_ROOT}/src/bio.c"
-    "${WOLFSSL_ROOT}/src/conf.c"
-    "${WOLFSSL_ROOT}/src/misc.c"
-    "${WOLFSSL_ROOT}/src/pk.c"
-    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/x509.c"
-    "${WOLFSSL_ROOT}/src/x509_str.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
-    "${EXCLUDE_ASM}"
-    )
-
-register_component()
-
-# some optional diagnostics
-if (0)
-    get_cmake_property(_variableNames VARIABLES)
-    list (SORT _variableNames)
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES BEGIN")
-    message(STATUS "")
-    foreach (_variableName ${_variableNames})
-        message(STATUS "${_variableName}=${${_variableName}}")
-    endforeach()
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES END")
-    message(STATUS "")
-endif()
 
 # check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
     message(STATUS "")
     message(STATUS "")
     message(STATUS "********************************************************************")
@@ -227,3 +456,69 @@ endif()
 # end multiple component check
 
 
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..de5e247c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
@@ -0,0 +1,427 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+ #define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
index 60bb32a3..621eb870 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
@@ -1,12 +1,36 @@
-
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+#   v1.0
 #
 # wolfssl client test
 #
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-set(COMPONENT_SRCS "client-tls.c" "wifi_connect.c")
-set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
-
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
 set (git_cmd "git")
 
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,7 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
-register_component()
+## register_component()
+idf_component_register(SRCS main.c
+                            wifi_connect.c
+                            time_helper.c
+                            client-tls.c
+                       INCLUDE_DIRS "."
+                                    "./include")
+#
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
index 080abdb7..83dcd643 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
@@ -1,9 +1,15 @@
 menu "Example Configuration"
 
-config TARGET_HOST
+config WOLFSSL_TARGET_HOST
     string "Target host"
-    default "127.0.01.1"
+    default "127.0.0.1"
     help
         host address for the example to connect
-        
+
+config WOLFSSL_TARGET_PORT
+    int "Target port"
+    default 11111
+    help
+        host port for the example to connect
+
 endmenu
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
index 5c2efde6..9d5d26db 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
@@ -1,4 +1,4 @@
-/* client-tls-callback.c
+/* client-tls.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,40 +18,108 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-/* the usual suspects */
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
 
-/* ESP specific */
-#include "wifi_connect.h"
+#include "client-tls.h"
+
+/* Espressif FreeRTOS */
+#ifndef SINGLE_THREADED
+    #include <freertos/FreeRTOS.h>
+    #include <freertos/task.h>
+    #include <freertos/event_groups.h>
+#endif
 
 /* socket includes */
-#include "lwip/netdb.h"
-#include "lwip/sockets.h"
+#include <lwip/netdb.h>
+#include <lwip/sockets.h>
 
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
+#include "user_settings.h"
 #include <wolfssl/ssl.h>
-#include <wolfssl/certs_test.h>
 
 #ifdef WOLFSSL_TRACK_MEMORY
     #include <wolfssl/wolfcrypt/mem_track.h>
 #endif
 
+#ifndef NO_DH
+    /* see also wolfssl/test.h */
+    #undef  DEFAULT_MIN_DHKEY_BITS
+    #define DEFAULT_MIN_DHKEY_BITS 1024
+
+    #undef  DEFAULT_MAX_DHKEY_BITS
+    #define DEFAULT_MAX_DHKEY_BITS 2048
+#endif
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_CLIENT_CERT      client_sm2
+    #define CTX_CLIENT_CERT_SIZE sizeof_client_sm2
+    #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_CLIENT_KEY       client_sm2_priv
+    #define CTX_CLIENT_KEY_SIZE  sizeof_client_sm2_priv
+    #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+#else
+    #include <wolfssl/certs_test.h>
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_CLIENT_CERT      client_cert_der_2048
+    #define CTX_CLIENT_CERT_SIZE sizeof_client_cert_der_2048
+    #define CTX_CLIENT_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_CLIENT_KEY       client_key_der_2048
+    #define CTX_CLIENT_KEY_SIZE  sizeof_client_key_der_2048
+    #define CTX_CLIENT_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* Project */
+#include "wifi_connect.h"
+#include "time_helper.h"
+
+/* working TLS 1.2 VS client app commandline param:
+ *
+ *  -h 192.168.1.128 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+ *
+ * working Linux, non-working VS c app
+ *
+ *  -h 192.168.1.128 -v 4 -l TLS13-SM4-CCM-SM3        -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+ *
+ **/
 static const char* const TAG = "tls_client";
 
 #if defined(DEBUG_WOLFSSL)
+int stack_start = -1;
 
-static void ShowCiphers(void)
+int ShowCiphers(WOLFSSL* ssl)
 {
-    char ciphers[4096];
-
-    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+    #define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
+    char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
+    const char* cipher_used;
+    int ret = 0;
+
+    if (ssl == NULL) {
+        ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
+        ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+        if (ret == WOLFSSL_SUCCESS) {
+            for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
+                if (ciphers[i] == ':') {
+                    ciphers[i] = '\n';
+                }
+            }
+            ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
+        }
+        else {
+            ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error %d", ret);
+        }
+    }
+    else {
+        cipher_used = wolfSSL_get_cipher_name(ssl);
+        ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
+    }
 
-    if (ret == WOLFSSL_SUCCESS)
-        printf("%s\n", ciphers);
+    return ret;
 }
 
 #endif
@@ -69,13 +137,13 @@ static void ShowCiphers(void)
 static byte mSlotList[ATECC_MAX_SLOT];
 
 int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc,
-                                                atmel_slot_dealloc_cb dealloc);
+                             atmel_slot_dealloc_cb dealloc);
 /* initialize slot array */
 void my_atmel_slotInit()
 {
     int i;
 
-    for(i=0;i<ATECC_MAX_SLOT; i++) {
+    for (i = 0; i < ATECC_MAX_SLOT; i++) {
         mSlotList[i] = ATECC_INVALID_SLOT;
     }
 }
@@ -84,7 +152,7 @@ int my_atmel_alloc(int slotType)
 {
     int i, slot = -1;
 
-    switch(slotType){
+    switch (slotType) {
         case ATMEL_SLOT_ENCKEY:
             slot = 2;
             break;
@@ -98,8 +166,8 @@ int my_atmel_alloc(int slotType)
             slot = 4;
             break;
         case ATMEL_SLOT_ANY:
-            for(i=0;i<ATECC_MAX_SLOT;i++){
-                if(mSlotList[i] == ATECC_INVALID_SLOT){
+            for (i = 0; i < ATECC_MAX_SLOT; i++) {
+                if (mSlotList[i] == ATECC_INVALID_SLOT) {
                     slot = i;
                     break;
                 }
@@ -111,88 +179,173 @@ int my_atmel_alloc(int slotType)
 /* free slot array       */
 void my_atmel_free(int slotId)
 {
-    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+    if (slotId >= 0 && slotId < ATECC_MAX_SLOT) {
         mSlotList[slotId] = ATECC_INVALID_SLOT;
     }
 }
-#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* CUSTOM_SLOT_ALLOCATION */
 #endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
 
 /* client task */
-void tls_smp_client_task()
+WOLFSSL_ESP_TASK tls_smp_client_task(void* args)
 {
-    int ret;
+#if defined(SINGLE_THREADED)
+    int ret = ESP_OK;
+    #define TLS_SMP_CLIENT_TASK_RET ret
+#else
+    #define TLS_SMP_CLIENT_TASK_RET
+#endif
+    char buff[256];
+    const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
+    const char* ch = TLS_SMP_TARGET_HOST; /* see wifi_connect.h */
+    struct sockaddr_in servAddr;
+
+    struct hostent *hp;
+    struct ip4_addr *ip4_addr;
+    int ret_i; /* interim return values */
     int sockfd;
     int doPeerCheck;
     int sendGet;
-    struct sockaddr_in servAddr;
-    char buff[256];
-    const char* ch = TLS_SMP_TARGET_HOST;
+#ifndef NO_DH
+    int minDhKeyBits = DEFAULT_MIN_DHKEY_BITS;
+#endif
     size_t len;
-    struct hostent *hp;
-    struct ip4_addr *ip4_addr;
-    const char sndMsg[] = "GET /index.html HTTP/1.0\r\n\r\n";
 
     /* declare wolfSSL objects */
-    WOLFSSL_CTX *ctx;
-    WOLFSSL *ssl;
+    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl;
 
-    WOLFSSL_ENTER("tls_smp_client_task");
+    wolfSSL_Debugging_ON();
+    WOLFSSL_ENTER(TLS_SMP_CLIENT_TASK_NAME);
 
-    doPeerCheck = 0;
+    doPeerCheck = 1;
     sendGet = 0;
 
 #ifdef DEBUG_WOLFSSL
     WOLFSSL_MSG("Debug ON");
-    wolfSSL_Debugging_ON();
-    ShowCiphers();
+    ShowCiphers(NULL);
 #endif
     /* Initialize wolfSSL */
     wolfSSL_Init();
 
-    /* Create a socket that uses an internet IPv4 address,
+    /* Create a socket that uses an Internet IPv4 address,
      * Sets the socket to be stream based (TCP),
      * 0 means choose the default protocol. */
     if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
-        ESP_LOGE(TAG,"ERROR: failed to create the socket\n");
+        ESP_LOGE(TAG, "ERROR: failed to create the socket\n");
     }
 
     ESP_LOGI(TAG, "get target IP address");
 
     hp = gethostbyname(TLS_SMP_TARGET_HOST);
     if (!hp) {
-         ESP_LOGE(TAG, "Failed to get host name.");
-         ip4_addr = NULL;
-    } else {
-
-         ip4_addr = (struct ip4_addr *)hp->h_addr;
-         ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
+        ESP_LOGE(TAG, "Failed to get host name.");
+        ip4_addr = NULL;
     }
+    else {
+        ip4_addr = (struct ip4_addr *)hp->h_addr;
+    }
+
     /* Create and initialize WOLFSSL_CTX */
-    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
-        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL_CTX\n");
+    ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); /* SSL 3.0 - TLS 1.3. */
+    /*   options:   */
+    /* ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());      only TLS 1.2 */
+    /* ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());      only TLS 1.3 */
+    /* wolfSSL_CTX_NoTicketTLSv12(); */
+    /* wolfSSL_NoTicketTLSv12();     */
+    if (ctx == NULL) {
+        ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX\n");
     }
-    WOLFSSL_MSG("Loading...cert");
-    /* Load client certificates into WOLFSSL_CTX */
-    if ((ret = wolfSSL_CTX_load_verify_buffer(ctx, ca_cert_der_2048,
-        sizeof_ca_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
-        ESP_LOGE(TAG,"ERROR: failed to load %d, please check the file.\n",ret);
+
+#if defined(WOLFSSL_ESP32_CIPHER_SUITE)
+    ESP_LOGI(TAG, "Start SM2\n");
+
+/*
+ *
+ * reference code for SM Ciphers:
+ *
+        #if defined(HAVE_AESGCM) && !defined(NO_DH)
+            #ifdef WOLFSSL_TLS13
+                defaultCipherList = "TLS13-AES128-GCM-SHA256"
+                #ifndef WOLFSSL_NO_TLS12
+                                    ":DHE-PSK-AES128-GCM-SHA256"
+                #endif
+                ;
+            #else
+                defaultCipherList = "DHE-PSK-AES128-GCM-SHA256";
+            #endif
+        #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13)
+                defaultCipherList = "TLS13-AES128-GCM-SHA256:PSK-AES128-GCM-SHA256"
+                #ifndef WOLFSSL_NO_TLS12
+                                    ":PSK-AES128-GCM-SHA256"
+                #endif
+                ;
+        #elif defined(HAVE_NULL_CIPHER)
+                defaultCipherList = "PSK-NULL-SHA256";
+        #elif !defined(NO_AES_CBC)
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+        #else
+                defaultCipherList = "PSK-AES128-GCM-SHA256";
+        #endif
+*/
+
+    ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
+    if (ret == WOLFSSL_SUCCESS) {
+        ESP_LOGI(TAG, "Set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
     }
-    /* not peer check */
-    if( doPeerCheck == 0 ){
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to set cipher list: %s\n", WOLFSSL_ESP32_CIPHER_SUITE);
+    }
+#endif
+
+#ifdef DEBUG_WOLFSSL
+    ShowCiphers(NULL);
+    ESP_LOGI(TAG,
+             "Stack used: %d\n",
+             CONFIG_ESP_MAIN_TASK_STACK_SIZE
+             - uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+/* see user_settings PROJECT_DH for HAVE_DH and HAVE_FFDHE_2048 */
+#ifndef NO_DH
+    ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
+     if (ret != SSL_SUCCESS) {
+        ESP_LOGE(TAG, "Error setting minimum DH key size");
+    }
+#endif
+
+    /* no peer check */
+    if (doPeerCheck == 0) {
+        ESP_LOGW(TAG, "doPeerCheck == 0");
         wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
-    } else {
+    }
+    else {
+        ESP_LOGW(TAG, "doPeerCheck != 0");
         WOLFSSL_MSG("Loading... our cert");
         /* load our certificate */
-   	    if ((ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx, client_cert_der_2048,
-            sizeof_client_cert_der_2048, WOLFSSL_FILETYPE_ASN1)) != SSL_SUCCESS) {
-            ESP_LOGE(TAG,"ERROR: failed to load chain %d, please check the file.\n",ret);
+        ret_i = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
+                                         CTX_CLIENT_CERT,
+                                         CTX_CLIENT_CERT_SIZE,
+                                         CTX_CLIENT_CERT_TYPE);
+        if (ret_i != SSL_SUCCESS) {
+            ESP_LOGE(TAG, "ERROR: failed to load chain %d, please check the file.\n", ret_i);
         }
 
-        if ((ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx, client_key_der_2048,
-            sizeof_client_key_der_2048, WOLFSSL_FILETYPE_ASN1))  != SSL_SUCCESS) {
-            wolfSSL_CTX_free(ctx); ctx = NULL;
-            ESP_LOGE(TAG,"ERROR: failed to load key %d, please check the file.\n", ret);
+    /* Load client certificates into WOLFSSL_CTX */
+    WOLFSSL_MSG("Loading...cert");
+    ret_i = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         CTX_CA_CERT,
+                                         CTX_CA_CERT_SIZE,
+                                         CTX_CA_CERT_TYPE);
+
+        ret_i = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                         CTX_CLIENT_KEY,
+                                         CTX_CLIENT_KEY_SIZE,
+                                         CTX_CLIENT_KEY_TYPE);
+        if(ret_i  != SSL_SUCCESS) {
+            wolfSSL_CTX_free(ctx) ; ctx = NULL ;
+            ESP_LOGE(TAG, "ERROR: failed to load key %d, "
+                          "please check the file.\n", ret_i) ;
         }
 
         wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, 0);
@@ -202,37 +355,60 @@ void tls_smp_client_task()
     memset(&servAddr, 0, sizeof(servAddr));
 
     /* Fill in the server address */
-    servAddr.sin_family = AF_INET;           /* using IPv4      */
-    servAddr.sin_port = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_family = AF_INET; /* using IPv4      */
+    servAddr.sin_port = htons(TLS_SMP_DEFAULT_PORT); /* on DEFAULT_PORT */
 
-    if(*ch >= '1' && *ch <= '9') {
+    if (*ch >= '1' && *ch <= '9') {
         /* Get the server IPv4 address from the command line call */
         WOLFSSL_MSG("inet_pton");
-        if ((ret = inet_pton(AF_INET, TLS_SMP_TARGET_HOST,
-                 &servAddr.sin_addr)) != 1) {
-            ESP_LOGE(TAG,"ERROR: invalid address ret=%d\n", ret);
+        if ((ret_i = inet_pton(AF_INET,
+                             TLS_SMP_TARGET_HOST,
+                             &servAddr.sin_addr)) != 1) {
+            ESP_LOGE(TAG, "ERROR: invalid address ret=%d\n", ret_i);
         }
-    } else {
+    }
+    else {
         servAddr.sin_addr.s_addr = ip4_addr->addr;
     }
 
     /* Connect to the server */
-    sprintf(buff, "Connecting to server....%s(port:%d)", TLS_SMP_TARGET_HOST
-                                                      , DEFAULT_PORT);
+    sprintf(buff,
+            "Connecting to server....%s(port:%d)",
+            TLS_SMP_TARGET_HOST,
+            TLS_SMP_DEFAULT_PORT);
     WOLFSSL_MSG(buff);
-    printf("%s\n",buff);
-    if ((ret = connect(sockfd, (struct sockaddr *)&servAddr,
-                                    sizeof(servAddr))) == -1){
-        ESP_LOGE(TAG,"ERROR: failed to connect ret=%d\n", ret);
+    printf("%s\n", buff);
+
+    if ((ret_i = connect(sockfd,
+                       (struct sockaddr *)&servAddr,
+                       sizeof(servAddr))) == -1) {
+        ESP_LOGE(TAG, "ERROR: failed to connect ret=%d\n", ret_i);
     }
 
     WOLFSSL_MSG("Create a WOLFSSL object");
     /* Create a WOLFSSL object */
     if ((ssl = wolfSSL_new(ctx)) == NULL) {
-        ESP_LOGE(TAG,"ERROR: failed to create WOLFSSL object\n");
+        ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object\n");
+    }
+    else {
+#ifdef DEBUG_WOLFSSL
+        ESP_LOGI(TAG, "\nCreated WOLFSSL object:");
+        ShowCiphers(ssl);
+#endif
     }
 
-    /* when using atecc608a on esp32-wroom-32se */
+#if defined(WOLFSSL_SM2)
+    /* SM TLS1.3 Cipher needs to have key share explicitly set. */
+    ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+    if (ret == WOLFSSL_SUCCESS) {
+        ESP_LOGI(TAG, "Successfully set WOLFSSL_ECC_SM2P256V1");
+    }
+    else {
+        ESP_LOGE(TAG, "FAILED to set WOLFSSL_ECC_SM2P256V1");
+    }
+#endif
+        /* when using atecc608a on esp32-wroom-32se */
+
 #if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
                                   && defined(WOLFSSL_ATECC508A)
     atcatls_set_callbacks(ctx);
@@ -248,37 +424,46 @@ void tls_smp_client_task()
 
     WOLFSSL_MSG("Connect to wolfSSL on the server side");
     /* Connect to wolfSSL on the server side */
-    if (wolfSSL_connect(ssl) != SSL_SUCCESS) {
-        ESP_LOGE(TAG,"ERROR: failed to connect to wolfSSL\n");
-    }
+    if (wolfSSL_connect(ssl) == SSL_SUCCESS) {
+#ifdef DEBUG_WOLFSSL
+        ShowCiphers(ssl);
+#endif
+        /* Get a message for the server from stdin */
+        WOLFSSL_MSG("Message for server: ");
+        memset(buff, 0, sizeof(buff));
+
+        if (sendGet) {
+            printf("SSL connect ok, sending GET...\n");
+            len = XSTRLEN(sndMsg);
+            strncpy(buff, sndMsg, len);
+            buff[len] = '\0';
+        }
+        else {
+            sprintf(buff, "message from esp32 tls client\n");
+            len = strnlen(buff, sizeof(buff));
+        }
+        /* Send the message to the server */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            ESP_LOGE(TAG, "ERROR: failed to write\n");
+        }
 
-    /* Get a message for the server from stdin */
-    WOLFSSL_MSG("Message for server: ");
-    memset(buff, 0, sizeof(buff));
-
-    if(sendGet){
-        printf("SSL connect ok, sending GET...\n");
-        len = XSTRLEN(sndMsg);
-        strncpy(buff, sndMsg, len);
-        buff[len] = '\0';
-    } else {
-        sprintf(buff, "message from esp32 tls client\n");
-        len = strnlen(buff, sizeof(buff));
-    }
-    /* Send the message to the server */
-    if (wolfSSL_write(ssl, buff, len) != len) {
-        ESP_LOGE(TAG,"ERROR: failed to write\n");
-    }
+        /* Read the server data into our buff array */
+        memset(buff, 0, sizeof(buff));
+        if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
+            ESP_LOGE(TAG, "ERROR: failed to read\n");
+        }
 
-    /* Read the server data into our buff array */
-    memset(buff, 0, sizeof(buff));
-    if (wolfSSL_read(ssl, buff, sizeof(buff) - 1) == -1) {
-        ESP_LOGE(TAG,"ERROR: failed to read\n");
+        /* Print to stdout any data the server sends */
+        printf("Server: ");
+        printf("%s\n", buff);
+        }
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to connect to wolfSSL\n");
     }
+#ifdef DEBUG_WOLFSSL
+    ShowCiphers(ssl);
+#endif
 
-    /* Print to stdout any data the server sends */
-    printf("Server:");
-    printf("%s", buff);
     /* Cleanup and return */
     wolfSSL_free(ssl);     /* Free the wolfSSL object                  */
     wolfSSL_CTX_free(ctx); /* Free the wolfSSL context object          */
@@ -287,5 +472,32 @@ void tls_smp_client_task()
 
     vTaskDelete(NULL);
 
-    return;                /* Return reporting a success               */
+    return TLS_SMP_CLIENT_TASK_RET;
+}
+
+#if defined(SINGLE_THREADED)
+    /* we don't initialize a single thread, so no init function here */
+#else
+/* create task */
+WOLFSSL_ESP_TASK tls_smp_client_init(void* args)
+{
+    int ret;
+#if ESP_IDF_VERSION_MAJOR >= 4
+    TaskHandle_t _handle;
+#else
+    xTaskHandle _handle;
+#endif
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ret = xTaskCreate(tls_smp_client_task,
+                      TLS_SMP_CLIENT_TASK_NAME,
+                      TLS_SMP_CLIENT_TASK_WORDS,
+                      NULL,
+                      TLS_SMP_CLIENT_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
+    }
+    return TLS_SMP_CLIENT_TASK_RET;
 }
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
new file mode 100644
index 00000000..1188ee36
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
@@ -0,0 +1,71 @@
+/* server-tls.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _SERVER_TLS_
+#define _SERVER_TLS_
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+#include "sdkconfig.h"
+
+/* See main/Kconfig.projbuild for default configuration settings */
+#ifdef CONFIG_WOLFSSL_TARGET_HOST
+    #define TLS_SMP_TARGET_HOST         CONFIG_WOLFSSL_TARGET_HOST
+#else
+    #define TLS_SMP_TARGET_HOST         "192.168.1.38"
+#endif
+
+#ifdef CONFIG_WOLFSSL_TARGET_PORT
+    #define TLS_SMP_DEFAULT_PORT        CONFIG_WOLFSSL_TARGET_PORT
+#else
+    #define TLS_SMP_DEFAULT_PORT        11111
+#endif
+
+#define TLS_SMP_CLIENT_TASK_NAME        "tls_client_example"
+#define TLS_SMP_CLIENT_TASK_WORDS       22240
+#define TLS_SMP_CLIENT_TASK_PRIORITY    8
+
+#if defined(SINGLE_THREADED)
+    #define WOLFSSL_ESP_TASK int
+#else
+    #include "freertos/FreeRTOS.h"
+    #define WOLFSSL_ESP_TASK void
+#endif
+
+typedef struct {
+    int port;
+    int loops;
+} tls_args;
+
+/* Function to show the ciphers available / in use. */
+#if defined(DEBUG_WOLFSSL)
+    int ShowCiphers(WOLFSSL* ssl);
+#endif
+
+/* This is the TLS Client function, possibly in an RTOS thread. */
+WOLFSSL_ESP_TASK tls_smp_client_task(void* args);
+
+/* init will create an RTOS task, otherwise server is simply function call. */
+#if defined(SINGLE_THREADED)
+    /* no init neded */
+#else
+    WOLFSSL_ESP_TASK tls_smp_client_init(void* args);
+#endif
+#endif /* _SERVER_TLS_ */
diff --git a/extra/wolfssl/wolfssl/cyassl/error-ssl.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
index 4546d5e1..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/error-ssl.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
@@ -1,4 +1,4 @@
-/* error-ssl.h
+/* template main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#ifndef _MAIN_H_
+#define _MAIN_H_
 
-
-#include <wolfssl/error-ssl.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
new file mode 100644
index 00000000..a47f9400
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.001 */
+
+#ifndef _TIME_HELPER_H
+#define _TIME_HELPER_H
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* a function to show the current data and time */
+int esp_show_current_datetime();
+
+/* worst case, if GitHub time not available, used fixed time */
+int set_fixed_default_time(void);
+
+/* set time from string (e.g. GitHub commit time) */
+int set_time_from_string(char* time_buffer);
+
+/* set time from NTP servers,
+ * also initially calls set_fixed_default_time or set_time_from_string */
+int set_time(void);
+
+/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
+int set_time_wait_for_ntp(void);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
index 7b85be22..644ce00d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
@@ -1,4 +1,4 @@
-/* user_settings.h
+/* wifi_connect.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,26 +18,76 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#ifndef _TLS_WIFI_H_
-#define _TLS_WIFI_H_
-
-#include "esp_idf_version.h"
-#include "esp_log.h"
-#include "esp_wifi.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
-    #include "esp_event.h"
-#else
-    #include "esp_event_loop.h"
-#endif
+#ifndef _WIFI_CONNECT_H_
+#define _WIFI_CONNECT_H_
 
-#define DEFAULT_PORT                     11111
+#include <esp_idf_version.h>
+#include <esp_log.h>
 
-#define TLS_SMP_CLIENT_TASK_NAME         "tls_client_example"
-#define TLS_SMP_CLIENT_TASK_WORDS        10240
-#define TLS_SMP_CLIENT_TASK_PRIORITY     8
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY       CONFIG_ESP_MAXIMUM_RETRY
 
 #define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
 #define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
-#define TLS_SMP_TARGET_HOST              CONFIG_TARGET_HOST
 
+#define USE_WIFI_EXAMPLE
+#ifdef USE_WIFI_EXAMPLE
+    #include "esp_netif.h"
+    #include "protocol_examples_common.h" /* see project CMakeLists.txt */
 #endif
+
+/**
+ ******************************************************************************
+ ******************************************************************************
+ ** USER APPLICATION SETTINGS BEGIN
+ ******************************************************************************
+ ******************************************************************************
+ **/
+
+/* when using a private config with plain text passwords,
+ * file my_private_config.h should be excluded from git updates */
+/* #define  USE_MY_PRIVATE_CONFIG */
+
+#ifdef  USE_MY_PRIVATE_CONFIG
+    #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
+        #include "/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
+        #include "/mnt/c/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
+        #include "~/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
+        #include "~/Documents/my_private_config.h"
+    #else
+        #warning "did not detect environment. using ~/my_private_config.h"
+        #include "~/my_private_config.h"
+	#endif
+#else
+
+    /*
+    ** The examples use WiFi configuration that you can set via project
+    ** configuration menu
+    **
+    ** If you'd rather not, just change the below entries to strings with
+    ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+    */
+    #ifdef CONFIG_ESP_WIFI_SSID
+        #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
+    #else
+        #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
+    #endif
+
+    #ifdef CONFIG_ESP_WIFI_PASSWORD
+        #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
+    #else
+        #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
+    #endif
+#endif
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY  CONFIG_ESP_MAXIMUM_RETRY
+
+int wifi_init_sta(void);
+
+int wifi_show_ip(void);
+
+#endif /* _WIFI_CONNECT_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
new file mode 100644
index 00000000..add43ada
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
@@ -0,0 +1,267 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "sdkconfig.h"
+#include "main.h"
+
+/* ESP specific */
+#include <nvs_flash.h>
+#include <esp_log.h>
+#include <esp_event.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <user_settings.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#ifndef WOLFSSL_ESPIDF
+    #warning "Problem with wolfSSL user_settings."
+    #warning "Check components/wolfssl/include"
+#endif
+
+/* this project */
+#include "client-tls.h"
+#include "time_helper.h"
+
+#ifndef CONFIG_IDF_TARGET_ESP32H2
+    /* There's no WiFi on ESP32-H2.
+     * For wired ethernet, see:
+     * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
+    #include "wifi_connect.h"
+#endif
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "TLS Client";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+    for(i = 0;i < ATECC_MAX_SLOT;i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i = 0;i < ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* for FreeRTOS */
+void app_main(void)
+{
+    int stack_start = 0;
+    esp_err_t ret = 0;
+    ESP_LOGI(TAG, "---------------- wolfSSL TLS Client Example ------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+#ifdef ESP_TASK_MAIN_STACK
+    ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
+#endif
+#ifdef TASK_EXTRA_STACK_SIZE
+    ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
+#endif
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+    ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+                   CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+                   (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+    /* Returns the high water mark of the stack associated with xTask. That is,
+     * the minimum free stack space there has been (in bytes not words, unlike
+     * vanilla FreeRTOS) since the task started. The smaller the returned
+     * number the closer the task has come to overflowing its stack.
+     * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+     */
+    stack_start = uxTaskGetStackHighWaterMark(NULL);
+    ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
+#endif
+
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
+#endif
+
+    /* Set time for cert validation.
+     * Some lwIP APIs, including SNTP functions, are not thread safe. */
+    ret = set_time(); /* need to setup NTP before WiFi */
+
+    /* Optionally erase flash */
+    /* ESP_ERROR_CHECK(nvs_flash_erase()); */
+
+#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
+    ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    #if defined(CONFIG_IDF_TARGET_ESP32H2)
+        ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
+    #else
+        #ifdef CONFIG_EXAMPLE_WIFI_SSID
+            if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+                ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
+                ESP_LOGW(TAG, "  Do you have a WiFi AP called myssid, or ");
+                ESP_LOGW(TAG, "  did you forget the ESP-IDF configuration?");
+            }
+        #else
+            #define CONFIG_EXAMPLE_WIFI_SSID "myssid"
+            ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+        #endif
+        ESP_ERROR_CHECK(esp_netif_init());
+        ESP_ERROR_CHECK(esp_event_loop_create_default());
+        ESP_ERROR_CHECK(example_connect());
+    #endif
+#else
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    /* Initialize NVS */
+    ret = nvs_flash_init();
+    if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
+        ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
+        ESP_ERROR_CHECK(nvs_flash_erase());
+        ret = nvs_flash_init();
+    }
+    ESP_ERROR_CHECK(ret);
+
+    #if defined(CONFIG_IDF_TARGET_ESP32H2)
+        ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
+    #else
+        /* Initialize WiFi */
+        ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
+        ret = wifi_init_sta();
+        while (ret != 0) {
+            ESP_LOGI(TAG, "Waiting...");
+            vTaskDelay(60000 / portTICK_PERIOD_MS);
+            ESP_LOGI(TAG, "Trying WiFi again...");
+            ret = wifi_init_sta();
+        }
+    #endif
+#endif
+
+    /* Once we are connected to the network, start & wait for NTP time */
+    ret = set_time_wait_for_ntp();
+
+    if (ret < -1) {
+        /* a value of -1 means there was no NTP server, so no need to wait */
+        ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
+        vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
+        esp_show_current_datetime();
+    }
+
+    /* HWM is maximum amount of stack space that has been unused, in bytes
+     * not words (unlike vanilla freeRTOS). */
+    ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
+                   CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                   - (uxTaskGetStackHighWaterMark(NULL))
+            );
+    ESP_LOGI(TAG, "Starting TLS Client task ...\n");
+
+#if defined(SINGLE_THREADED)
+    /* just call the task */
+    tls_smp_client_task((void*)NULL);
+#else
+    tls_args args[1] = {0};
+    /* start a thread with the task */
+    args[0].loops = 10;
+    args[0].port = 11111;
+    tls_smp_client_init(args);
+/* optional additional client threads
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+    tls_smp_client_init(args);
+*/
+#endif
+
+    ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
+    vTaskDelete(NULL);
+    /* done */
+    while (1) {
+        ESP_LOGV(TAG, "\n\nLoop...\n\n");
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+        ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+        ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                        - (uxTaskGetStackHighWaterMark(NULL) ));
+#endif
+
+#if defined(SINGLE_THREADED)
+        ESP_LOGV(TAG, "\n\nDone!\n\n");
+        while (1);
+#else
+        vTaskDelay(60000);
+#endif
+    } /* done whle */
+
+} /* app_main */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
new file mode 100644
index 00000000..5149d2e6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
@@ -0,0 +1,333 @@
+/* time_helper.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.002 */
+#include "esp_idf_version.h"
+#include "sdkconfig.h"
+#include "time_helper.h"
+
+#include <esp_log.h>
+
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+    #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
+        #define HAS_ESP_NETIF_SNTP 1
+        #include <lwip/apps/sntp.h>
+        #include <esp_netif_sntp.h>
+    #else
+        #include <string.h>
+        #include <esp_sntp.h>
+    #endif
+#else
+    /* TODO Consider pre IDF v5? */
+#endif
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+const static char* TAG = "time_helper";
+
+/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
+#ifndef TIME_ZONE
+/*
+ * PST represents Pacific Standard Time.
+ * +8 specifies the offset from UTC (Coordinated Universal Time), indicating
+ *   that Pacific Time is UTC-8 during standard time.
+ * PDT represents Pacific Daylight Time.
+ * M3.2.0 indicates that Daylight Saving Time (DST) starts on the
+ *   second (2) Sunday (0) of March (3).
+ * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
+ */
+    #define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
+#endif /* not defined: TIME_ZONE, so we are setting our own */
+
+#define NTP_RETRY_COUNT 10
+
+/* NELEMS(x) number of elements
+ * To determine the number of elements in the array, we can divide the total
+ * size of the array by the size of the array element.
+ * See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
+ **/
+#define NELEMS(x)  ( (int)(sizeof(x) / sizeof((x)[0])) )
+
+/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
+#define NTP_SERVER_LIST ( (char*[]) {                        \
+                                     "pool.ntp.org",         \
+                                     "time.nist.gov",        \
+                                     "utcnist.colorado.edu"  \
+                                     }                       \
+                        )
+/* #define NTP_SERVER_COUNT using NELEMS:
+ *
+ *  (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
+ */
+#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
+
+#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
+    /* We should find max value in sdkconfig, if not set it to our count:*/
+    #define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
+#endif
+
+char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
+
+/* our NTP server list is global info */
+extern char* ntpServerList[NTP_SERVER_COUNT];
+
+/* Show the current date and time */
+int esp_show_current_datetime()
+{
+    time_t now;
+    char strftime_buf[64];
+    struct tm timeinfo;
+
+    time(&now);
+    setenv("TZ", TIME_ZONE, 1);
+    tzset();
+
+    localtime_r(&now, &timeinfo);
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+    return 0;
+}
+
+/* the worst-case scenario is a hard-coded date/time */
+int set_fixed_default_time(void)
+{
+    /* ideally, we'd like to set time from network,
+     * but let's set a default time, just in case */
+    struct tm timeinfo = {
+        .tm_year = 2023 - 1900,
+        .tm_mon  = 10,
+        .tm_mday = 02,
+        .tm_hour = 13,
+        .tm_min  = 01,
+        .tm_sec  = 05
+    };
+    struct timeval now;
+    time_t interim_time;
+    int ret = -1;
+
+    /* set interim static time */
+    interim_time = mktime(&timeinfo);
+
+    ESP_LOGI(TAG, "Adjusting time from fixed value");
+    now = (struct timeval){ .tv_sec = interim_time };
+    ret = settimeofday(&now, NULL);
+
+    return ret;
+}
+
+/* set_time_from_string(s)
+ *
+ * returns 0 = success if able to set the time from the provided string
+ * error for any other value, typically -1 */
+int set_time_from_string(char* time_buffer)
+{
+    /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
+    const char *format = "%3s %3s %d %d:%d:%d %d %s";
+    struct tm this_timeinfo;
+    struct timeval now;
+    time_t interim_time;
+    char offset[6]; /* expecting trailing single quote, not used */
+    char day_str[4];
+    char month_str[4];
+    int day, year, hour, minute, second;
+    int quote_offset = 0;
+    int ret = 0;
+
+    /* we are expecting the string to be encapsulated in single quotes */
+    if (*time_buffer == 0x27) {
+        quote_offset = 1;
+    }
+
+    ret = sscanf(time_buffer + quote_offset,
+                format,
+                day_str, month_str,
+                &day, &hour, &minute, &second, &year, &offset);
+
+    if (ret == 8) {
+        /* we found a match for all componets */
+
+        const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+                                 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+        for (int i = 0; i < 12; i++) {
+            if (strcmp(month_str, months[i]) == 0) {
+                this_timeinfo.tm_mon = i;
+                break;
+            }
+        }
+
+        this_timeinfo.tm_mday = day;
+        this_timeinfo.tm_hour = hour;
+        this_timeinfo.tm_min = minute;
+        this_timeinfo.tm_sec = second;
+        this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
+
+        interim_time = mktime(&this_timeinfo);
+        now = (struct timeval){ .tv_sec = interim_time };
+        ret = settimeofday(&now, NULL);
+        ESP_LOGI(TAG, "Time updated to %s", time_buffer);
+    }
+    else {
+        ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
+        ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
+        set_fixed_default_time();
+        ret = -1;
+    }
+    return ret;
+}
+
+/* set time; returns 0 if succecssfully configured with NTP */
+int set_time(void)
+{
+#ifndef NTP_SERVER_COUNT
+    ESP_LOGW(TAG, "Warning: no sntp server names defined. "
+                  "Setting to empty list");
+    #define NTP_SERVER_COUNT 0
+    #warning "NTP not properly configured"
+#endif /* not defined: NTP_SERVER_COUNT */
+
+#ifdef HAS_ESP_NETIF_SNTP
+    #if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
+        esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
+                                       NTP_SERVER_COUNT,
+                                       ESP_SNTP_SERVER_LIST(ntpServerList[0])
+                                   );
+    #else
+        esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
+    #endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
+#endif /* HAS_ESP_NETIF_SNTP */
+
+    int ret = 0;
+    int i = 0; /* counter for time servers */
+
+    ESP_LOGI(TAG, "Setting the time. Startup time:");
+    esp_show_current_datetime();
+
+#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    /* initialy set a default approximate time from recent git commit */
+    ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
+    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+    esp_show_current_datetime();
+
+    ret = -4;
+#else
+    /* otherwise set a fixed time that was hard coded */
+    set_fixed_default_time();
+    ret = -3;
+#endif
+
+#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+    config.smooth_sync = true;
+#endif
+
+    if (NTP_SERVER_COUNT) {
+        /* next, let's setup NTP time servers
+         *
+         * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
+         *
+         * WARNING: do not set operating mode while SNTP client is running!
+         */
+        /* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL);  */
+        sntp_setoperatingmode(SNTP_OPMODE_POLL);
+        if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
+            ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
+                          "CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
+                           NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
+        }
+        ESP_LOGI(TAG, "sntp_setservername:");
+        for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
+            const char* thisServer = ntpServerList[i];
+            if (strncmp(thisServer, "\x00", 1) == 0) {
+                /* just in case we run out of NTP servers */
+                break;
+            }
+            ESP_LOGI(TAG, "%s", thisServer);
+            sntp_setservername(i, thisServer);
+        }
+    #ifdef HAS_ESP_NETIF_SNTP
+        ret = esp_netif_sntp_init(&config);
+    #else
+        ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
+                     "of updated SNTP libraries");
+    #endif
+        if (ret == ESP_OK) {
+            ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
+        }
+        else {
+            ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
+        }
+
+        sntp_init();
+        switch (ret) {
+            case ESP_ERR_INVALID_STATE:
+                break;
+            default:
+                break;
+        }
+        ESP_LOGI(TAG, "sntp_init done.");
+    }
+    else {
+        ESP_LOGW(TAG, "No sntp time servers found.");
+        ret = -1;
+    }
+    return ret;
+}
+
+/* wait for NTP to actually set the time */
+int set_time_wait_for_ntp(void)
+{
+    int ret = 0;
+#ifdef HAS_ESP_NETIF_SNTP
+    int ntp_retry = 0;
+    const int ntp_retry_count = NTP_RETRY_COUNT;
+
+    ret = esp_netif_sntp_start();
+
+    ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
+#endif /* HAS_ESP_NETIF_SNTP */
+    esp_show_current_datetime();
+
+#ifdef HAS_ESP_NETIF_SNTP
+    while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
+        ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
+        ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
+                       ntp_retry,
+                       ntp_retry_count);
+        esp_show_current_datetime();
+    }
+#endif /* HAS_ESP_NETIF_SNTP */
+
+#ifdef TIME_ZONE
+    setenv("TZ", TIME_ZONE, 1);
+    tzset();
+#endif
+
+    if (ret == ESP_OK) {
+        ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
+        }
+    else {
+        ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
+                      "result = 0x%0x: %s",
+                       ret, esp_err_to_name(ret));
+    }
+    return ret;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
index eb0c3c66..b9f9ab73 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
@@ -18,92 +18,52 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-/*ESP specific */
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-#include "wifi_connect.h"
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-#include "lwip/apps/sntp.h"
-#include "nvs_flash.h"
+ #include "wifi_connect.h"
+
+#include <freertos/FreeRTOS.h>
+#include <freertos/task.h>
+#include <freertos/event_groups.h>
+#include <esp_wifi.h>
+#include <esp_log.h>
 
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
-#include <user_settings.h>
+#include "user_settings.h"
 #include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
 #ifndef WOLFSSL_ESPIDF
-    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+    #warning "Problem with wolfSSL user_settings."
+    #warning "Check components/wolfssl/include"
 #endif
 
-#if ESP_IDF_VERSION_MAJOR >= 4
+#if ESP_IDF_VERSION_MAJOR >= 5
+#elif ESP_IDF_VERSION_MAJOR >= 4
     #include "protocol_examples_common.h"
 #else
     const static int CONNECTED_BIT = BIT0;
     static EventGroupHandle_t wifi_event_group;
 #endif
 
-/* proto-type */
-extern void tls_smp_client_task();
-static void tls_smp_client_init();
-
-const static char *TAG = "tls_client";
-
-static void set_time()
-{
-    /* set dummy wallclock time. */
-    struct timeval utctime;
-    struct timezone tz;
-    struct strftime_buf;
-    time_t now;
-    struct tm timeinfo;
-    char strftime_buf[64];
-    /* please update the time if seeing unknown failure when loading cert.  */
-    /* this could cause TLS communication failure due to time expiration    */
-    /* incleasing 31536000 seconds is close to spend 356 days.              */
-    utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
-    utctime.tv_usec = 0;
-    tz.tz_minuteswest = 0;
-    tz.tz_dsttime = 0;
-
-    settimeofday(&utctime, &tz);
-
-    time(&now);
-    localtime_r(&now, &timeinfo);
-
-    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
-    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
-
-#if ESP_IDF_VERSION_MAJOR < 4
-    /* wait until wifi connect */
-    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
-                                            false, true, portMAX_DELAY);
-#endif
-    /* now we start client tasks. */
-    tls_smp_client_init();
-}
-
-/* create task */
-static void tls_smp_client_init(void)
-{
-    int ret;
-#if ESP_IDF_VERSION_MAJOR >= 4
-        TaskHandle_t _handle;
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+    #if ESP_IDF_VERSION_MAJOR >= 4
+        /* likely using examples, see wifi_connect.h */
+    #else
+        /* TODO - still supporting pre V4 ? */
+        const static int CONNECTED_BIT = BIT0;
+        static EventGroupHandle_t wifi_event_group;
+    #endif
+    #if (ESP_IDF_VERSION_MAJOR == 5)
+        #define HAS_WPA3_FEATURES
+    #else
+        #undef HAS_WPA3_FEATURES
+    #endif
 #else
-        xTaskHandle _handle;
+    /* TODO Consider pre IDF v5? */
 #endif
-    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
-    ret = xTaskCreate(tls_smp_client_task,
-                      TLS_SMP_CLIENT_TASK_NAME,
-                      TLS_SMP_CLIENT_TASK_WORDS,
-                      NULL,
-                      TLS_SMP_CLIENT_TASK_PRIORITY,
-                      &_handle);
-
-    if (ret != pdPASS) {
-        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_CLIENT_TASK_NAME);
-    }
-}
+
+/* breadcrumb prefix for logging */
+const static char *TAG = "wifi_connect";
+
 #if ESP_IDF_VERSION_MAJOR < 4
 /* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -121,7 +81,7 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
         ESP_LOGI(TAG, "got ip:%s",
                  ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
     #endif
-        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+        /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
         xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
         break;
     case SYSTEM_EVENT_STA_DISCONNECTED:
@@ -133,99 +93,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
     }
     return ESP_OK;
 }
-#endif
-/* entry point */
-void app_main(void)
-{
-    ESP_LOGI(TAG, "Start app_main...");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
-    ESP_LOGI(TAG, "");
-    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
-    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
-    ESP_LOGI(TAG, "");
-#endif
+#else
 
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef CONFIG_ESP_MAXIMUM_RETRY
+    #define EXAMPLE_ESP_MAXIMUM_RETRY  CONFIG_ESP_MAXIMUM_RETRY
+#else
+    #define CONFIG_ESP_MAXIMUM_RETRY 5
 #endif
 
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#if CONFIG_ESP_WIFI_AUTH_OPEN
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
+#elif CONFIG_ESP_WIFI_AUTH_WEP
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
+#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
 #endif
 
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
+    #define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
+    #define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
 #endif
 
+/* FreeRTOS event group to signal when we are connected*/
+static EventGroupHandle_t s_wifi_event_group;
 
-    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
-    /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
-    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
-             );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
-    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
-            );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#endif
+/* The event group allows multiple bits for each event, but we only care about two events:
+ * - we are connected to the AP with an IP
+ * - we failed to connect after the maximum amount of retries */
+#define WIFI_CONNECTED_BIT BIT0
+#define WIFI_FAIL_BIT      BIT1
 
-    /* all platforms: stack high water mark check */
-    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
+static int s_retry_num = 0;
+ip_event_got_ip_t* event;
 
-    ESP_ERROR_CHECK(nvs_flash_init());
 
-    ESP_LOGI(TAG, "Initialize wifi");
-#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
-    (ESP_IDF_VERSION_MAJOR >= 5)
-    esp_netif_init();
-#else
-    tcpip_adapter_init();
-#endif
+static void event_handler(void* arg,
+                          esp_event_base_t event_base,
+                          int32_t event_id,
+                          void* event_data)
+{
+    if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
+        esp_wifi_connect();
+    }
+    else if (event_base == WIFI_EVENT &&
+             event_id == WIFI_EVENT_STA_DISCONNECTED) {
+        if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
+            esp_wifi_connect();
+            s_retry_num++;
+            ESP_LOGI(TAG, "retry to connect to the AP");
+        }
+        else {
+            xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+        }
+        ESP_LOGI(TAG, "connect to the AP fail");
+    }
+    else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
+        event = (ip_event_got_ip_t*) event_data;
+        wifi_show_ip();
+        s_retry_num = 0;
+        xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+    }
+}
+
+int wifi_init_sta(void)
+{
+    int ret = ESP_OK;
+
+    s_wifi_event_group = xEventGroupCreate();
+
+    ESP_ERROR_CHECK(esp_netif_init());
+
+    ESP_ERROR_CHECK(esp_event_loop_create_default());
+    esp_netif_create_default_wifi_sta();
 
-    /* */
-#if ESP_IDF_VERSION_MAJOR >= 4
-   ESP_ERROR_CHECK(esp_event_loop_create_default());
-   /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
-   * Read "Establishing Wi-Fi or Ethernet Connection" section in
-   * examples/protocols/README.md for more information about this function.
-   */
-    ESP_ERROR_CHECK(example_connect());
-#else
-    wifi_event_group = xEventGroupCreate();
-    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
     wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
     ESP_ERROR_CHECK(esp_wifi_init(&cfg));
 
+    esp_event_handler_instance_t instance_any_id;
+    esp_event_handler_instance_t instance_got_ip;
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
+                                                        ESP_EVENT_ANY_ID,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &instance_any_id));
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
+                                                        IP_EVENT_STA_GOT_IP,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &instance_got_ip));
+
     wifi_config_t wifi_config = {
         .sta = {
-            .ssid = TLS_SMP_WIFI_SSID,
-            .password = TLS_SMP_WIFI_PASS,
+            .ssid = EXAMPLE_ESP_WIFI_SSID,
+            .password = EXAMPLE_ESP_WIFI_PASS,
+            /* Authmode threshold resets to WPA2 as default if password matches
+             * WPA2 standards (pasword len => 8). If you want to connect the
+             * device to deprecated WEP/WPA networks, Please set the threshold
+             * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
+             * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
+             * standards. */
+            .threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
+        #ifdef HAS_WPA3_FEATURES
+            .sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
+        #endif
         },
     };
-    /* WiFi station mode */
     ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
-    /* Wifi Set the configuration of the ESP32 STA or AP */ 
-    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
-    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+
+#ifdef CONFIG_EXAMPLE_WIFI_SSID
+    if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+        ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
+        ESP_LOGW(TAG, "  Do you have a WiFi AP called \"myssid\", ");
+        ESP_LOGW(TAG, "  or did you forget the ESP-IDF configuration?");
+    }
+#else
+    ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+#endif
+
     ESP_ERROR_CHECK(esp_wifi_start() );
 
     ESP_LOGI(TAG, "wifi_init_sta finished.");
-    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
-                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+
+    /* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
+     * or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
+     * The bits are set by event_handler() (see above) */
+    EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
+            WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
+            pdFALSE,
+            pdFALSE,
+            portMAX_DELAY);
+
+    /* xEventGroupWaitBits() returns the bits before the call returned,
+     * hence we can test which event actually happened. */
+#if defined(SHOW_SSID_AND_PASSWORD)
+    ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
+    if (bits & WIFI_CONNECTED_BIT) {
+        ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
+                       EXAMPLE_ESP_WIFI_SSID,
+                       EXAMPLE_ESP_WIFI_PASS);
+    }
+    else if (bits & WIFI_FAIL_BIT) {
+        ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
+                       EXAMPLE_ESP_WIFI_SSID,
+                       EXAMPLE_ESP_WIFI_PASS);
+    }
+    else {
+        ESP_LOGE(TAG, "UNEXPECTED EVENT");
+    }
+#else
+    if (bits & WIFI_CONNECTED_BIT) {
+        ESP_LOGI(TAG, "Connected to AP");
+    }
+    else if (bits & WIFI_FAIL_BIT) {
+        ESP_LOGI(TAG, "Failed to connect to AP");
+        ret = -1;
+    }
+    else {
+        ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
+        ret = -2;
+    }
 #endif
-    ESP_LOGI(TAG, "Set dummy time...");
-    set_time();
+    return ret;
 }
+
+int wifi_show_ip(void)
+{
+    /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
+    return 0;
+}
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
index 0d591ea0..11a9e467 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
@@ -1,11 +1,96 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+    # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+    # So we'll error out and let the user decide how to proceed:
+    message(WARNING "\nFound wolfSSL components in\n"
+                    "./managed_components/wolfssl__wolfssl\n"
+                    "and\n"
+                    "./components/wolfssl\n"
+                    "in project directory: \n"
+                    "${CMAKE_HOME_DIRECTORY}")
+    message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+                        "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+                        "or rename the idf_component.yml file typically found in ./main/")
+else()
+    message(STATUS "No conflicting wolfSSL components found.")
+endif()
+
 
-# (Not part of the boilerplate)
 # This example uses an extra component for common functions such as Wi-Fi and Ethernet connection.
-# disable the following line if there isn't the directory
-set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+set (PROTOCOL_EXAMPLES_DIR $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+
+if (EXISTS "${PROTOCOL_EXAMPLES_DIR}")
+    message("Found PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+    set(EXTRA_COMPONENT_DIRS $ENV{IDF_PATH}/examples/common_components/protocol_examples_common)
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DFOUND_PROTOCOL_EXAMPLES_DIR")
+else()
+    message("NOT FOUND: PROTOCOL_EXAMPLES_DIR=${PROTOCOL_EXAMPLES_DIR}")
+endif()
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
+
 project(wolfssl_server)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
index 50a1859c..3380c0f2 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
@@ -1,8 +1,23 @@
-# wolfSSL Server Example
+# wolfSSL TLS Server Example
+
+This is the wolfSSL TLS Server demo, typically used with the [Espressif TLS Client](../wolfssl_client/README.md)
+or the CLI [Client](https://github.com/wolfSSL/wolfssl/tree/master/examples/client).
+
+When using the CLI, see the [example parameters](/IDE/Espressif/ESP-IDF/examples#interaction-with-wolfssl-cli).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
 
 The Example contains a wolfSSL simple server.
 
-1. `idf.py menuconfigure` to configure the project
+1. `idf.py menuconfig` to configure the project
 
     1-1. Example Connection Configuration ->
     
@@ -20,3 +35,77 @@ When you want to test the wolfSSL simple server demo
     e.g ./example/client/client -h xx.xx.xx
 
 See the README.md file in the upper level 'examples' directory for more information about examples.
+
+
+```
+# . /mnt/c/SysGCC/esp32/esp-idf/master/export.sh
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
+cd /mnt/c/workspace/wolfssl-$USER/IDE/Espressif/ESP-IDF/examples/wolfssl_server
+
+# optionally erase
+idf.py erase-flash -p /dev/ttyS19 -b 115200
+
+# Program flash
+idf.py flash -p /dev/ttyS19 -b 115200 monitor
+```
+
+
+Linux Client to x108 SM server
+
+```
+cd /mnt/c/workspace/wolfssl-$USER
+
+# show the ciphers
+./examples/client/client -e
+
+./examples/client/client  -h 192.168.1.108 -v 4 -l TLS_SM4_GCM_SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem   -A ./certs/sm2/root-sm2.pem -C
+```
+
+
+Linux Server
+
+```
+./examples/server/server                   -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+
+Cipers to consider
+
+```
+TLS13-AES128-GCM-SHA256:
+TLS13-AES256-GCM-SHA384:
+TLS13-CHACHA20-POLY1305-SHA256:
+
+TLS13-SM4-GCM-SM3:
+TLS13-SM4-CCM-SM3:
+ECDHE-ECDSA-SM4-CBC-SM3:
+ECDHE-ECDSA-SM4-GCM-SM3:
+ECDHE-ECDSA-SM4-CCM-SM3
+
+DHE-RSA-AES128-SHA:
+DHE-RSA-AES256-SHA:
+ECDHE-RSA-AES128-SHA:
+ECDHE-RSA-AES256-SHA:
+ECDHE-ECDSA-AES128-SHA:
+ECDHE-ECDSA-AES256-SHA:
+DHE-RSA-AES128-SHA256:
+DHE-RSA-AES256-SHA256:
+DHE-RSA-AES128-GCM-SHA256:
+DHE-RSA-AES256-GCM-SHA384:
+ECDHE-RSA-AES128-GCM-SHA256:
+ECDHE-RSA-AES256-GCM-SHA384:
+ECDHE-ECDSA-AES128-GCM-SHA256:
+ECDHE-ECDSA-AES256-GCM-SHA384:
+ECDHE-RSA-AES128-SHA256:
+ECDHE-ECDSA-AES128-SHA256:
+ECDHE-RSA-AES256-SHA384:
+ECDHE-ECDSA-AES256-SHA384:
+ECDHE-RSA-CHACHA20-POLY1305:
+ECDHE-ECDSA-CHACHA20-POLY1305:
+DHE-RSA-CHACHA20-POLY1305:
+ECDHE-RSA-CHACHA20-POLY1305-OLD:
+ECDHE-ECDSA-CHACHA20-POLY1305-OLD:
+DHE-RSA-CHACHA20-POLY1305-OLD:
+```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
new file mode 100644
index 00000000..01dd6baf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
@@ -0,0 +1,512 @@
+# SM Cipher Notes
+
+
+### Install SM
+```
+cd /mnt/c/workspace/wolfsm-$USER
+./install.sh ../wolfssl-$USER
+```
+
+
+### Build Linux SM Examples
+```
+./autogen.sh
+./configure --enable-sm3 --enable-sm4-gcm --enable-sm2         \
+            --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr \
+            --enable-sm4-gcm --enable-sm4-ccm
+make clean && make
+```
+
+### TLS 1.3 Server
+
+```
+./examples/server/server -v 4 -b -d -p 11111 -c ./certs/sm2/server-sm2.pem -k ./certs/sm2/server-sm2-priv.pem -A ./certs/sm2/client-sm2.pem -V
+```
+
+### TLS 1.3 Client
+
+```
+./examples/client/client  -h 127.0.0.1 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+```
+
+### TLS 1.2 Client to Local Linux Server
+
+```
+./examples/client/client  -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  \
+                      -c ./certs/sm2/client-sm2.pem                 \
+                      -k ./certs/sm2/client-sm2-priv.pem            \
+                      -A ./certs/sm2/root-sm2.pem -C
+```
+
+###  TLS 1.2 Client to ESP32 Server
+
+```
+./examples/client/client  -h 192.168.25.186 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  \
+                      -c ./certs/sm2/client-sm2.pem                 \
+                      -k ./certs/sm2/client-sm2-priv.pem            \
+                      -A ./certs/sm2/root-sm2.pem -C
+```
+### Others...
+
+```
+# Success: Linux Client to ESP32 Server TLS1.2 
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+./examples/client/client  -h 192.168.1.113 -v 3 -l ECDHE-ECDSA-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Success: Linux Client to ESP32 Server TLS1.3
+
+# Reported as TLS_SM4_GCM_SM3, but parameter is TLS13-SM4-GCM-SM3
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-GCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+# Reported as TLS-SM4-CCM-SM3, but parameter is TLS13-SM4-CCM-SM3
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-CCM-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+./examples/client/client  -h 192.168.1.113 -v 4 -l TLS13-SM4-CBC-SM3 -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem -A ./certs/sm2/root-sm2.pem -C
+
+```
+
+```
+ESP32-to-ESP32
+TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+```
+
+Tried both PEM and DER format.
+
+The latest server is PEM format, triple-checked to have the embedded server
+be the same as the Linux server files.
+
+
+|  Usage |            Certificate             |        Key                          |   Certificate Authority file, default ./certs/client-cert.pem |
+| -----  | ---------------------------------- | ----------------------------------- | --------------------------------- |
+| server | -c ./certs/sm2/server-sm2.pem      | -k ./certs/sm2/server-sm2-priv.pem  | -A ./certs/sm2/client-sm2.pem -V  |                      
+| client | -c ./certs/sm2/client-sm2.pem      | -k ./certs/sm2/client-sm2-priv.pem  | -A ./certs/sm2/root-sm2.pem -C    |
+| emdedded:
+| server | wolfSSL_CTX_use_certificate_buffer<br/> server_sm2 | wolfSSL_CTX_use_PrivateKey_buffer<br/> server_sm2_priv | wolfSSL_CTX_load_verify_buffer<br/> client-sm2  |
+
+### Code
+
+See [source code](https://github.com/gojimmypi/wolfssl/blob/2c4f443aec7b151f945cb9dfe2dad6ee30449cf0/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c#L187):
+
+![code](./code.png)
+
+
+### Linux client talking to embedded server:
+
+```
+/examples/client/client  -h 192.168.1.108 -v 3 -l ECDHE-ECDSA-SM4-CBC-SM3  -c ./certs/sm2/client-sm2.pem -k ./certs/sm2/client-sm2-priv.pem     -A ./certs/sm2/root-sm2.pem -C
+wolfSSL_connect error -188, ASN no signer error to confirm failure
+wolfSSL error: wolfSSL_connect failed
+```
+
+Output:
+```
+ets Jul 29 2019 12:21:46
+
+rst:0x3 (SW_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
+configsip: 0, SPIWP:0xee
+clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
+mode:DIO, clock div:2
+load:0x3fff0030,len:7000
+load:0x40078000,len:15452
+ho 0 tail 12 room 4
+load:0x40080400,len:3840
+entry 0x4008064c
+I (29) boot: ESP-IDF v5.0-dirty 2nd stage bootloader
+I (29) boot: compile time 13:40:31
+I (29) boot: chip revision: v3.0
+I (32) boot_comm: chip revision: 3, min. bootloader chip revision: 0
+I (39) boot.esp32: SPI Speed      : 40MHz
+I (44) boot.esp32: SPI Mode       : DIO
+I (48) boot.esp32: SPI Flash Size : 2MB
+I (53) boot: Enabling RNG early entropy source...
+I (58) boot: Partition Table:
+I (62) boot: ## Label            Usage          Type ST Offset   Length
+I (69) boot:  0 nvs              WiFi data        01 02 00009000 00006000
+I (77) boot:  1 phy_init         RF data          01 01 0000f000 00001000
+I (84) boot:  2 factory          factory app      00 00 00010000 00177000
+I (92) boot: End of partition table
+I (96) boot_comm: chip revision: 3, min. application chip revision: 0
+I (103) esp_image: segment 0: paddr=00010020 vaddr=3f400020 size=338d8h (211160) map
+I (188) esp_image: segment 1: paddr=00043900 vaddr=3ffb0000 size=03b78h ( 15224) load
+I (194) esp_image: segment 2: paddr=00047480 vaddr=40080000 size=08b98h ( 35736) load
+I (209) esp_image: segment 3: paddr=00050020 vaddr=400d0020 size=c591ch (809244) map
+I (501) esp_image: segment 4: paddr=00115944 vaddr=40088b98 size=0c230h ( 49712) load
+I (522) esp_image: segment 5: paddr=00121b7c vaddr=50000000 size=00010h (    16) load
+I (533) boot: Loaded app from partition at offset 0x10000
+I (533) boot: Disabling RNG early entropy source...
+I (545) cpu_start: Pro cpu up.
+I (545) cpu_start: Starting app cpu, entry point is 0x400812f4
+I (532) cpu_start: App cpu up.
+I (561) cpu_start: Pro cpu start user code
+I (561) cpu_start: cpu freq: 160000000 Hz
+I (561) cpu_start: Application information:
+I (566) cpu_start: Project name:     wolfssl_server
+I (571) cpu_start: App version:      v5.6.3-stable-1088-g560c84b2b-d
+I (578) cpu_start: Compile time:     Jul 19 2023 22:20:09
+I (585) cpu_start: ELF file SHA256:  3e6e571c9e87bf44...
+I (591) cpu_start: ESP-IDF:          v5.0-dirty
+I (596) heap_init: Initializing. RAM available for dynamic allocation:
+I (603) heap_init: At 3FFAE6E0 len 00001920 (6 KiB): DRAM
+I (609) heap_init: At 3FFBDA68 len 00022598 (137 KiB): DRAM
+I (615) heap_init: At 3FFE0440 len 00003AE0 (14 KiB): D/IRAM
+I (622) heap_init: At 3FFE4350 len 0001BCB0 (111 KiB): D/IRAM
+I (628) heap_init: At 40094DC8 len 0000B238 (44 KiB): IRAM
+I (636) spi_flash: detected chip: generic
+I (639) spi_flash: flash io: dio
+W (643) spi_flash: Detected size(4096k) larger than the size in the binary image header(2048k). Using the 
+size in the binary image header.
+I (657) cpu_start: Starting scheduler on PRO CPU.
+I (0) cpu_start: Starting scheduler on APP CPU.
+I (725) tls_server: ESP_WIFI_MODE_STA
+I (735) wifi:wifi driver task: 3ffcb738, prio:23, stack:6656, core=0
+I (735) system_api: Base MAC address is not set
+I (735) system_api: read default base MAC address from EFUSE
+I (755) wifi:wifi firmware version: 0d470ef
+I (755) wifi:wifi certification version: v7.0
+I (755) wifi:config NVS flash: enabled
+I (755) wifi:config nano formating: disabled
+I (755) wifi:Init data frame dynamic rx buffer num: 32
+I (765) wifi:Init management frame dynamic rx buffer num: 32
+I (765) wifi:Init management short buffer num: 32
+I (775) wifi:Init dynamic tx buffer num: 32
+I (775) wifi:Init static rx buffer size: 1600
+I (775) wifi:Init static rx buffer num: 10
+I (785) wifi:Init dynamic rx buffer num: 32
+I (785) wifi_init: rx ba win: 6
+I (795) wifi_init: tcpip mbox: 32
+I (795) wifi_init: udp mbox: 6
+I (795) wifi_init: tcp mbox: 6
+I (805) wifi_init: tcp tx win: 5744
+I (805) wifi_init: tcp rx win: 5744
+I (815) wifi_init: tcp mss: 1440
+I (815) wifi_init: WiFi IRAM OP enabled
+I (815) wifi_init: WiFi RX IRAM OP enabled
+I (825) phy_init: phy_version 4670,719f9f6,Feb 18 2021,17:07:07
+I (925) wifi:mode : sta (24:d7:eb:41:7b:68)
+I (935) wifi:enable tsf
+I (935) tls_server: wifi_init_sta finished.
+I (945) wifi:new:<4,0>, old:<1,0>, ap:<255,255>, sta:<4,0>, prof:1
+I (945) wifi:state: init -> auth (b0)
+I (945) wifi:state: auth -> assoc (0)
+I (955) wifi:state: assoc -> run (10)
+W (955) wifi:<ba-add>idx:0 (ifx:0, c8:d7:19:cd:00:17), tid:0, ssn:0, winSize:64
+I (985) wifi:connected with testbench, aid = 1, channel 4, BW20, bssid = c8:d7:19:cd:00:17
+I (985) wifi:security: WPA2-PSK, phy: bgn, rssi: -45
+I (995) wifi:pm start, type: 1
+
+I (1065) wifi:AP's beacon interval = 102400 us, DTIM period = 1
+I (3225) esp_netif_handlers: sta ip: 192.168.1.108, mask: 255.255.255.0, gw: 192.168.1.10
+I (3225) tls_server: got ip:192.168.1.108
+I (3235) Time Helper: sntp_setservername:
+I (3235) Time Helper: pool.ntp.org
+I (3245) Time Helper: time.nist.gov
+I (3245) Time Helper: utcnist.colorado.edu
+I (3255) Time Helper: sntp_init done.
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3315) wolfssl: Start wolfSSL_Init()
+I (3315) wolfssl: wolfSSL Entering wolfSSL_Init
+I (3325) wolfssl: wolfSSL Entering wolfCrypt_Init
+I (3325) wolfssl: start socket())
+I (3335) wolfssl: Create and initialize WOLFSSL_CTX
+I (3335) wolfssl: wolfSSL Entering wolfSSLv23_server_method_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CTX_new_ex
+I (3345) wolfssl: wolfSSL Entering wolfSSL_CertManagerNew
+I (3355) wolfssl: wolfSSL Leaving wolfSSL_CTX_new_ex, return 0
+I (3365) tls_server: Start SM2
+
+I (3365) wolfssl: wolfSSL Entering wolfSSL_CTX_set_cipher_list
+I (3375) tls_server: Set cipher list: ECDHE-ECDSA-SM4-CBC-SM3
+
+TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:TLS13-SM4-GCM-SM3:TLS13-SM4-CCM-SM3:ECDHE-RSA-AES12
+8-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDS
+A-DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECD
+SA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305-OLD
+:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-SM4-CBC-SM3:ECDHE-ECDSA-SM4-GCM-SM3:ECDHE-ECDSA-SM4-CCM-SM3
+:ECDHE-PSK-AES128-CBC-SHA256:ECDHE-PSK-AES128-GCM-SHA256:PSK-CHACHA20-POLY1305:ECDHE-PSK-CHACHA20-POLY1305
+I (3435) wolfssl: Loading certificate...
+I (3435) wolfssl: wolfSSL Entering wolfSSL_CTX_use_certificate_buffer
+I (3445) wolfssl: wolfSSL Entering PemToDer
+I (3455) wolfssl: Checking cert signature type
+I (3455) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3465) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3465) wolfssl: Got Cert Header
+I (3475) wolfssl: wolfSSL Entering GetObjectId
+I (3475) wolfssl: Got Algo ID
+I (3475) wolfssl: Getting Name
+I (3485) wolfssl: Getting Cert Name
+I (3485) wolfssl: Getting Name
+I (3495) wolfssl: Getting Cert Name
+I (3495) wolfssl: Got Subject Name
+I (3495) wolfssl: wolfSSL Entering GetAlgoId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3505) wolfssl: wolfSSL Entering GetObjectId
+I (3515) wolfssl: Got Key
+I (3515) wolfssl: ECDSA/ED25519/ED448 cert signature
+I (3525) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_certificate_buffer, return 1
+I (3535) tls_server: Loaded server_sm2
+
+I (3535) wolfssl: Loading key info...
+I (3535) wolfssl: wolfSSL Entering wolfSSL_CTX_use_PrivateKey_buffer
+I (3545) wolfssl: wolfSSL Entering PemToDer
+I (3555) wolfssl: wolfSSL Entering GetAlgoId
+I (3555) wolfssl: wolfSSL Entering GetObjectId
+I (3565) wolfssl: wolfSSL Entering GetAlgoId
+I (3565) wolfssl: wolfSSL Entering GetObjectId
+I (3575) wolfssl: wolfSSL Leaving wolfSSL_CTX_use_PrivateKey_buffer, return 1
+I (3575) tls_server: Loaded PrivateKey_buffer server_sm2_priv
+
+I (3585) wolfssl: wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
+I (3595) wolfssl: Processing CA PEM file
+I (3595) wolfssl: wolfSSL Entering PemToDer
+I (3605) wolfssl: Adding a CA
+I (3605) wolfssl: wolfSSL Entering GetExplicitVersion
+I (3615) wolfssl: wolfSSL Entering wc_GetSerialNumber
+I (3615) wolfssl: Got Cert Header
+I (3625) wolfssl: wolfSSL Entering GetObjectId
+I (3625) wolfssl: Got Algo ID
+I (3635) wolfssl: Getting Name
+I (3635) wolfssl: Getting Cert Name
+I (3635) wolfssl: Getting Name
+I (3645) wolfssl: Getting Cert Name
+I (3645) wolfssl: Got Subject Name
+I (3655) wolfssl: wolfSSL Entering GetAlgoId
+I (3655) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: wolfSSL Entering GetObjectId
+I (3665) wolfssl: Got Key
+I (3665) wolfssl: Parsed Past Key
+I (3675) wolfssl: wolfSSL Entering DecodeCertExtensions
+I (3675) wolfssl: wolfSSL Entering GetObjectId
+I (3685) wolfssl: wolfSSL Entering DecodeSubjKeyId
+I (3685) wolfssl: wolfSSL Entering GetObjectId
+I (3695) wolfssl: wolfSSL Entering DecodeAuthKeyId
+I (3705) wolfssl: wolfSSL Entering GetObjectId
+I (3705) wolfssl: wolfSSL Entering DecodeBasicCaConstraint
+I (3715) wolfssl: wolfSSL Entering GetObjectId
+I (3715) wolfssl: wolfSSL Entering DecodeAltNames
+I (3725) wolfssl:       Unsupported name type, skipping
+I (3725) wolfssl: wolfSSL Entering GetObjectId
+I (3735) wolfssl: wolfSSL Entering DecodeExtKeyUsage
+I (3735) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3745) wolfssl: wolfSSL Entering GetObjectId
+I (3755) wolfssl:       Parsed new CA
+I (3755) wolfssl:       No key size check done on CA
+I (3765) wolfssl:       Freeing Parsed CA
+I (3765) wolfssl:       Freeing der CA
+I (3775) wolfssl:               OK Freeing der CA
+I (3775) wolfssl: wolfSSL Leaving AddCA, return 0
+I (3785) wolfssl:    Processed a CA
+I (3785) wolfssl: Processed at least one valid CA. Other stuff OK
+I (3795) wolfssl: wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return 1
+I (3795) tls_server: Success: load verify buffer
+
+I (3805) tls_server: Finish SM2
+
+I (3805) tls_server: accept clients...
+I (3815) wolfssl: Waiting for a connection...
+I (14485) wolfssl: wolfSSL Entering wolfSSL_new
+I (14495) wolfssl: wolfSSL Entering ReinitSSL
+I (14495) wolfssl: wolfSSL Entering SetSSL_CTX
+I (14495) wolfssl: wolfSSL Entering wolfSSL_NewSession
+I (14505) wolfssl: wolfSSL Leaving wolfSSL_new, return 0
+I (14505) wolfssl: wolfSSL Entering wolfSSL_set_fd
+I (14515) wolfssl: wolfSSL Entering wolfSSL_set_read_fd
+I (14515) wolfssl: wolfSSL Leaving wolfSSL_set_read_fd, return 1
+I (14525) wolfssl: wolfSSL Entering wolfSSL_set_write_fd
+I (14535) wolfssl: wolfSSL Leaving wolfSSL_set_write_fd, return 1
+I (14535) wolfssl: wolfSSL Entering wolfSSL_accept
+I (14545) wolfssl: wolfSSL Entering ReinitSSL
+I (14545) wolfssl: growing input buffer
+I (14555) wolfssl: received record layer msg
+I (14555) wolfssl: got HANDSHAKE
+I (14565) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14565) wolfssl: wolfSSL Entering DoTls13HandShakeMsg
+I (14575) wolfssl: wolfSSL Entering DoTls13HandShakeMsgType
+I (14575) wolfssl: processing client hello
+I (14585) wolfssl: wolfSSL Entering DoTls13ClientHello
+I (14595) wolfssl: wolfSSL Entering DoClientHello
+I (14595) wolfssl:     downgrading to TLSv1.2
+I (14605) wolfssl: Matched No Compression
+I (14605) wolfssl: Adding signature algorithms extension
+I (14615) wolfssl: Signature Algorithms extension received
+I (14615) wolfssl: Point Formats extension received
+I (14625) wolfssl: Supported Groups extension received
+I (14625) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: Unknown TLS extension type
+I (14635) wolfssl: wolfSSL Entering MatchSuite
+I (14645) wolfssl: wolfSSL Entering VerifyServerSuite
+I (14645) wolfssl: Requires ECC
+I (14655) wolfssl: Verified suite validity
+I (14655) wolfssl: wolfSSL Leaving DoClientHello, return 0
+I (14665) wolfssl: wolfSSL Leaving DoTls13ClientHello, return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsgType(), return 0
+I (14675) wolfssl: wolfSSL Leaving DoTls13HandShakeMsg, return 0
+I (14685) wolfssl: Shrinking input buffer
+I (14685) wolfssl: accept state ACCEPT_CLIENT_HELLO_DONE
+I (14695) wolfssl: accept state ACCEPT_FIRST_REPLY_DONE
+I (14705) wolfssl: wolfSSL Entering SendServerHello
+I (14705) wolfssl: growing output buffer
+I (14715) internal.c: GrowOutputBuffer ok
+I (14715) wolfssl: wolfSSL Entering wolfSSL_get_options
+I (14725) wolfssl: Point Formats extension to write
+W (14735) wolfio: ssl->wflags = 0
+I (14735) wolfio: 16 03 03 00 52 02 00 00 4e 03 03 af 87 e2 58 57 
+I (14735) wolfio: 73 c3 c1 35 1a 59 39 b2 03 9d 14 03 e0 b8 fb e8 
+I (14745) wolfio: 9d 5b 9c 44 4f 57 4e 47 52 44 01 20 85 77 75 20 
+I (14755) wolfio: 95 dd 00 e2 91 f8 42 33 f8 61 3f 1f de 81 15 58 
+I (14755) wolfio: 23 0c e7 1e 71 e6 10 e5 67 23 e0 40 e0 11 00 00 
+I (14765) wolfio: 06 00 0b 00 02 01 00 
+W (14775) wolfio: sz          = 87
+I (14775) wolfssl: Shrinking output buffer
+I (14775) wolfssl: wolfSSL Leaving SendServerHello, return 0
+I (14785) wolfssl: accept state SERVER_HELLO_SENT
+I (14795) wolfssl: wolfSSL Entering SendCertificate
+I (14795) wolfssl: growing output buffer
+I (14805) internal.c: GrowOutputBuffer ok
+W (14815) wolfio: ssl->wflags = 0
+I (14815) wolfio: 16 03 03 02 e6 0b 00 02 e2 00 02 df 00 02 dc 30 
+I (14815) wolfio: 82 02 d8 30 82 02 7e a0 03 02 01 02 02 01 01 30 
+I (14825) wolfio: 0a 06 08 2a 81 1c cf 55 01 83 75 30 81 ac 31 0b 
+I (14835) wolfio: 30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 
+I (14835) wolfio: 03 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 
+I (14845) wolfio: 0e 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 
+I (14855) wolfio: 14 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 
+I (14855) wolfio: 4c 5f 73 6d 32 31 0f 30 0d 06 03 55 04 0b 0c 06 
+I (14865) wolfio: 43 41 2d 73 6d 32 31 18 30 16 06 03 55 04 03 0c 
+I (14875) wolfio: 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 63 6f 6d 
+I (14875) wolfio: 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 
+I (14885) wolfio: 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 2e 63 6f 
+I (14895) wolfio: 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 2c 64 01 
+I (14895) wolfio: 01 0c 07 77 6f 6c 66 53 53 4c 30 1e 17 0d 32 33 
+I (14905) wolfio: 30 32 31 35 30 36 32 33 30 37 5a 17 0d 32 35 31 
+I (14915) wolfio: 31 31 31 30 36 32 33 30 37 5a 30 81 b0 31 0b 30 
+I (14915) wolfio: 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06 03 
+I (14925) wolfio: 55 04 08 0c 07 4d 6f 6e 74 61 6e 61 31 10 30 0e 
+I (14935) wolfio: 06 03 55 04 07 0c 07 42 6f 7a 65 6d 61 6e 31 14 
+I (14945) wolfio: 30 12 06 03 55 04 0a 0c 0b 77 6f 6c 66 53 53 4c 
+I (14945) wolfio: 5f 73 6d 32 31 13 30 11 06 03 55 04 0b 0c 0a 53 
+I (14955) wolfio: 65 72 76 65 72 2d 73 6d 32 31 18 30 16 06 03 55 
+I (14965) wolfio: 04 03 0c 0f 77 77 77 2e 77 6f 6c 66 73 73 6c 2e 
+I (14965) wolfio: 63 6f 6d 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 
+I (14975) wolfio: 09 01 16 10 69 6e 66 6f 40 77 6f 6c 66 73 73 6c 
+I (14985) wolfio: 2e 63 6f 6d 31 17 30 15 06 0a 09 92 26 89 93 f2 
+I (14985) wolfio: 2c 64 01 01 0c 07 77 6f 6c 66 53 53 4c 30 5a 30 
+I (14995) wolfio: 14 06 08 2a 81 1c cf 55 01 82 2d 06 08 2a 81 1c 
+I (15005) wolfio: cf 55 01 82 2d 03 42 00 04 94 70 2b 46 e4 5e 0f 
+I (15005) wolfio: 41 fb 8f 2d 34 0a 41 40 19 5e fb d4 1d 11 ac fa 
+I (15015) wolfio: f5 93 37 c6 fa 87 08 f7 16 1f 2c ce 30 40 9d 4f 
+I (15025) wolfio: a6 2a 0a a1 d6 95 33 c3 a6 03 98 e6 8d 05 34 b0 
+I (15025) wolfio: 97 0c de a4 c7 cf 53 8f d1 a3 81 89 30 81 86 30 
+I (15035) wolfio: 1d 06 03 55 1d 0e 04 16 04 14 67 ae 60 ff 7e 1b 
+I (15045) wolfio: 0f 95 ae 1f 82 59 f2 6c 56 2d 93 ef 17 32 30 1f 
+I (15045) wolfio: 06 03 55 1d 23 04 18 30 16 80 14 47 0a 48 7e bb 
+I (15055) wolfio: 02 a8 5a 26 57 2b 19 a9 7b 61 8b 7f 5d 99 6e 30 
+I (15065) wolfio: 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0e 06 
+I (15075) wolfio: 03 55 1d 0f 01 01 ff 04 04 03 02 03 a8 30 13 06 
+I (15075) wolfio: 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 
+I (15085) wolfio: 03 01 30 11 06 09 60 86 48 01 86 f8 42 01 01 04 
+I (15095) wolfio: 04 03 02 06 40 30 0a 06 08 2a 81 1c cf 55 01 83 
+I (15095) wolfio: 75 03 48 00 30 45 02 20 1b ca 94 28 7f f6 b2 0d 
+I (15105) wolfio: 31 43 50 e1 d5 34 17 dd af 3a de 81 06 67 9a b3 
+I (15115) wolfio: 06 22 7e 64 ec fd 0e b9 02 21 00 a1 48 a8 32 d1 
+I (15115) wolfio: 05 09 6b 1c eb 89 12 66 d8 38 a1 c4 5c 89 09 0f 
+I (15125) wolfio: fd e9 c0 3b 1d fb cd b5 4c 31 68 
+W (15135) wolfio: sz          = 747
+I (15135) wolfssl: Shrinking output buffer
+I (15135) wolfssl: wolfSSL Leaving SendCertificate, return 0
+I (15145) wolfssl: accept state CERT_SENT
+I (15155) wolfssl: wolfSSL Entering SendCertificateStatus
+I (15155) wolfssl: wolfSSL Leaving SendCertificateStatus, return 0
+I (15165) wolfssl: accept state CERT_STATUS_SENT
+I (15165) wolfssl: wolfSSL Entering SendServerKeyExchange
+I (15175) wolfssl: Using ephemeral ECDH
+I (15175) wolfssl: wolfSSL Entering EccMakeKey
+I (15535) wolfssl: wolfSSL Leaving EccMakeKey, return 0
+I (15535) wolfssl: Trying ECC private key, RSA didn't work
+I (15535) wolfssl: wolfSSL Entering GetAlgoId
+I (15545) wolfssl: wolfSSL Entering GetObjectId
+I (15555) wolfssl: Using ECC private key
+I (15555) wolfssl: wolfSSL Entering Sm2wSm3Sign
+I (15915) wolfssl: wolfSSL Leaving Sm2wSm3Sign, return 0
+I (15915) wolfssl: wolfSSL Entering SendHandshakeMsg
+I (15925) wolfssl: growing output buffer
+I (15925) internal.c: GrowOutputBuffer ok
+W (15925) wolfio: ssl->wflags = 0
+I (15935) wolfio: 16 03 03 00 95 0c 00 00 91 03 00 29 41 04 fd f5 
+I (15935) wolfio: 5e 74 15 30 1d f3 84 ae a5 69 96 a9 5b dd 27 b3 
+I (15945) wolfio: 00 7d 40 3a 59 93 93 6f 4d 1f 62 dc 60 48 34 1f 
+I (15955) wolfio: a8 1d 34 b8 76 8f 8b 27 4a 1b 77 64 8e 2e d5 27 
+I (15955) wolfio: 03 95 8b 9d a5 ed a4 a6 b9 40 1b ea aa 10 07 08 
+I (15965) wolfio: 00 48 30 46 02 21 00 cb 89 61 e9 21 f9 c6 4d ad 
+I (15975) wolfio: aa e7 f1 3f 6f 27 46 f0 35 ec 45 4e 8a ae f3 ac 
+I (15985) wolfio: 7c c0 cf 68 11 44 e2 02 21 00 f6 40 5c bc 66 5a 
+I (15985) wolfio: 74 1e 92 5d 9a 03 75 e7 7f 16 c2 b3 c8 fe 8d 5c 
+I (15995) wolfio: 63 35 36 da 61 38 76 dc 4e d6 
+W (15995) wolfio: sz          = 154
+I (16005) wolfssl: Shrinking output buffer
+I (16005) wolfssl: wolfSSL Leaving SendServerKeyExchange, return 0
+I (16015) wolfssl: accept state KEY_EXCHANGE_SENT
+I (16025) wolfssl: accept state CERT_REQ_SENT
+I (16025) wolfssl: wolfSSL Entering SendServerHelloDone
+I (16035) wolfssl: growing output buffer
+I (16035) internal.c: GrowOutputBuffer ok
+W (16045) wolfio: ssl->wflags = 0
+I (16045) wolfio: 16 03 03 00 04 0e 00 00 00 
+W (16045) wolfio: sz          = 9
+I (16055) wolfssl: Embed Send error
+I (16055) wolfssl:      Connection reset
+I (16065) int: Sent = -3
+W (16065) int: WOLFSSL_CBIO_ERR_CONN_RST
+E (16075) int: SOCKET_ERROR_E 2
+I (16075) wolfssl: wolfSSL Leaving SendServerHelloDone, return -308
+I (16085) wolfssl: wolfSSL error occurred, error = -308
+I (16085) wolfssl: wolfSSL Entering wolfSSL_get_error
+I (16095) wolfssl: wolfSSL Leaving wolfSSL_get_error, return -308
+E (16085) tls_server: wolfSSL_accept error -308
+I (16105) wolfssl: Client connected successfully
+I (16105) wolfssl: wolfSSL Entering wolfSSL_read
+I (16115) wolfssl: wolfSSL Entering wolfSSL_read_internal
+I (16125) wolfssl: wolfSSL Entering ReceiveData
+I (16125) wolfssl: User calling wolfSSL_read in error state, not allowed
+I (16135) wolfssl: wolfSSL Leaving wolfSSL_read_internal, return -308
+E (16145) tls_server: ERROR: failed to read
+I (16145) wolfssl: Client sends:
+I (16145) wolfssl: 
+I (16155) wolfssl: wolfSSL Entering wolfSSL_write
+I (16155) wolfssl: handshake not complete, trying to finish
+I (16165) wolfssl: wolfSSL Entering wolfSSL_negotiate
+I (16165) wolfssl: wolfSSL Entering wolfSSL_accept
+I (16175) wolfssl: wolfSSL Entering ReinitSSL
+W (16185) wolfio: ssl->wflags = 0
+I (16185) wolfio: 16 03 03 00 04 0e 00 00 00 
+W (16185) wolfio: sz          = 9
+I (16195) wolfssl: Embed Send error
+I (16195) wolfssl:      General error
+I (16205) int: Sent = -1
+E (16205) int: SOCKET_ERROR_E
+I (16205) wolfssl: wolfSSL error occurred, error = -308
+I (16215) wolfssl: wolfSSL Leaving wolfSSL_negotiate, return -1
+I (16225) wolfssl: wolfSSL Leaving wolfSSL_write, return -1
+E (16225) tls_server: ERROR: failed to write
+I (16235) wolfssl: wolfSSL Entering wolfSSL_free
+I (16235) wolfssl: Free'ing server ssl
+I (16245) wolfssl: Shrinking output buffer
+I (16245) wolfssl: wolfSSL Entering ClientSessionToSession
+I (16255) wolfssl: wolfSSL Entering wolfSSL_FreeSession
+I (16255) wolfssl: wolfSSL_FreeSession full free
+I (16265) wolfssl: CTX ref count not 0 yet, no free
+I (16265) wolfssl: wolfSSL Leaving wolfSSL_free, return 0
+I (16275) wolfssl: Waiting for a connection...
+```
+
+### Wireshark:
+
+![wireshark](./wireshark.png)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
new file mode 100644
index 00000000..701f38b6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
@@ -0,0 +1,52 @@
+# wolfSSL Project Files for Visual Studio 2022 with VisualGDB Extension
+
+Include in the respective project `./VisualGDB` directory are [VisualGDB](https://visualgdb.com/) project files.
+Individual project files are included for convenience to new users, as there are [difficulties switching between ESP-IDF Versions or Chipsets](https://sysprogs.com/w/forums/topic/difficulties-switching-espressif-esp-idf-version-or-chipset/) using the VisualGDB extension.
+
+The naming convention for project files is: `[project name]_IDF_[Version]_[chipset].vgdbproj`. The solution files (filename[.sln]) often will contain shortcuts to commonly used source and configuration files used by the respective project.
+
+
+-------- |------------- |------------- |
+ChipSet  | ESP-IDF v4.4 | ESP-IDF v5.0 |
+-------- |------------- |------------- |
+ESP32    |      x       |              |
+ESP32-S2 |              |              |
+ESP32-S3 |      x       |      x       |
+ESP32-C3 |      x       |      x       |
+ESP32-C6 |              |              |
+
+
+The default directories are:
+
+- `C:\SysGCC` - The root directory install of VisualGDB
+- `C:\SysGCC\esp32` - The default for ESP-IDF v5.x
+- `C:\SysGCC\esp32-8.4` - Many need to manually select this name for ESP-IDF v4.x install
+- `C:\SysGCC\esp8266`- The default for ESP8266
+
+## Resources
+
+- [wolfSSL Website](https://www.wolfssl.com/)
+
+- [wolfSSL Wiki](https://github.com/wolfSSL/wolfssl/wiki)
+
+- [FIPS 140-2/140-3 FAQ](https://wolfssl.com/license/fips)
+
+- [wolfSSL Documentation](https://wolfssl.com/wolfSSL/Docs.html)
+
+- [wolfSSL Manual](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-toc.html)
+
+- [wolfSSL API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-17-wolfssl-api-reference.html)
+
+- [wolfCrypt API Reference](https://wolfssl.com/wolfSSL/Docs-wolfssl-manual-18-wolfcrypt-api-reference.html)
+
+- [TLS 1.3](https://www.wolfssl.com/docs/tls13/)
+
+- [wolfSSL Vulnerabilities](https://www.wolfssl.com/docs/security-vulnerabilities/)
+
+- [Additional wolfSSL Examples](https://github.com/wolfssl/wolfssl-examples)
+
+## Support
+
+For questions please email [support@wolfssl.com](mailto:support@wolfssl.com)
+
+<--  edit 5.6.0001 see https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB -->
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
index 77ec87f9..31235a31 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.sln
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
@@ -1,9 +1,9 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.33027.164
+# Visual Studio Version 17
+VisualStudioVersion = 17.7.34031.279
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "VisualGDB_wolfssl_server", "VisualGDB_wolfssl_server.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
+Project("{803FD0C6-D64E-4E16-9DC3-1DAEC859A3D2}") = "wolfssl_server_IDF_v5_ESP32", "wolfssl_server_IDF_v5_ESP32.vgdbproj", "{CD5A90CA-2D40-461A-A0C3-27654371BB00}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -26,6 +26,6 @@ Global
 		HideSolutionNode = FALSE
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
-		SolutionGuid = {719A8CBE-E881-4B20-89F3-9910520E1067}
+		SolutionGuid = {8024AC13-8021-400B-976F-30C392D5BBD3}
 	EndGlobalSection
 EndGlobal
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
index 70a43fe7..86df266d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-<VisualGDBProjectSettings2 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+<VisualGDBProjectSettings2 xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <Project xsi:type="com.visualgdb.project.external.esp-idf">
     <CustomSourceDirectories>
       <Directories />
@@ -18,9 +18,9 @@
     <ToolchainID>
       <ID>com.visualgdb.xtensa-esp32-elf</ID>
       <Version>
-        <GCC>8.4.0</GCC>
-        <GDB>8.1.0</GDB>
-        <Revision>9</Revision>
+        <GCC>12.2.0</GCC>
+        <GDB>12.1</GDB>
+        <Revision>1</Revision>
       </Version>
     </ToolchainID>
     <RelativeSourceDirectory>..</RelativeSourceDirectory>
@@ -67,11 +67,11 @@
       <EnableFastUpToDateCheck>true</EnableFastUpToDateCheck>
       <ESPIDFExtension>
         <IDFCheckout>
-          <Version>v4.4.1</Version>
-          <Subdirectory>esp-idf/v4.4.1</Subdirectory>
+          <Version>release/v5.1</Version>
+          <Subdirectory>esp-idf/v5.1</Subdirectory>
           <Type>ESPIDF</Type>
         </IDFCheckout>
-        <COMPort>COM20</COMPort>
+        <COMPort>COM19</COMPort>
         <SuppressTestPrerequisiteChecks>false</SuppressTestPrerequisiteChecks>
         <UseCCache>false</UseCCache>
         <DeviceID>ESP32</DeviceID>
@@ -93,7 +93,7 @@
   </CustomDebug>
   <DeviceTerminalSettings>
     <Connection xsi:type="com.sysprogs.terminal.connection.serial">
-      <ComPortName>COM20</ComPortName>
+      <ComPortName>COM19</ComPortName>
       <AdvancedSettings>
         <BaudRate>115200</BaudRate>
         <DataBits>8</DataBits>
@@ -104,7 +104,7 @@
     </Connection>
     <LastConnectionTime>0</LastConnectionTime>
     <EchoTypedCharacters>false</EchoTypedCharacters>
-    <ClearContentsWhenReconnecting>false</ClearContentsWhenReconnecting>
+    <ClearContentsWhenReconnecting>true</ClearContentsWhenReconnecting>
     <ReconnectAutomatically>false</ReconnectAutomatically>
     <DisplayMode>ASCII</DisplayMode>
     <Colors>
@@ -220,7 +220,7 @@
     <DebugMethod>
       <ID>openocd</ID>
       <Configuration xsi:type="com.visualgdb.edp.openocd.settings.esp32">
-        <CommandLine>-f interface/tigard.cfg -c "adapter_khz 3000" -f target/esp32.cfg</CommandLine>
+        <CommandLine>-f interface/ftdi/tigard.cfg -c "adapter_khz 15000" -f interface/ftdi/tigard.cfg -f target/esp32.cfg</CommandLine>
         <ExtraParameters>
           <Frequency xsi:nil="true" />
           <BoostedFrequency xsi:nil="true" />
@@ -252,7 +252,7 @@
       </Configuration>
     </DebugMethod>
     <AutoDetectRTOS>true</AutoDetectRTOS>
-    <SemihostingSupport>Auto</SemihostingSupport>
+    <SemihostingSupport>Disabled</SemihostingSupport>
     <SemihostingPollingDelay>0</SemihostingPollingDelay>
     <StepIntoEntryPoint>false</StepIntoEntryPoint>
     <ReloadFirmwareOnReset>false</ReloadFirmwareOnReset>
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
index 2423b802..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
@@ -17,206 +17,435 @@
 #  along with this program; if not, write to the Free Software
 #  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
 #
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
 # The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
 
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
 
-if($WOLFSSL_FOUND_IDF)
-    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
-    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
-    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
 
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
 
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
-                        )
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
 
-set(COMPONENT_REQUIRES lwip)
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
 
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
-    #
-    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
-    #
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
-    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
-    message(STATUS "")
-    message(STATUS "To proceed: ")
-    message(STATUS "")
-    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
-    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
-    message(STATUS "")
-    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
 
-    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
 
 else()
-    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
         #
-        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
         #
         message(STATUS "")
-        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
         message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
     else()
-        #
-        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
-        # or if  wolfSSL is simply installed as a local component.
-        #
-        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
             #
-            # wolfSSL found in local project.
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
             #
-            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
-                message(STATUS "")
-                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
-                #
-                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
-                #
-                # We won't do anything else here, as it will be assumed the original install completed successfully.
-                #
-            else()
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
                 #
-                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
-                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                # wolfSSL found in local project.
                 #
-                message(STATUS "")
-                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
 
-                message(STATUS "************************************************************************************************")
-                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
-                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
-                #
-                # first check if there's a [root]/include/user_settings.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
-                    # we won't overwrite an existing user settings file, just note that we already have one:
-                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
-                else()
-                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                endif() # user_settings.h
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
 
-                # next check if there's a [root]/include/config.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
-                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
-                else()
-                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
-                endif() # config.h
-                message(STATUS "************************************************************************************************")
-                message(STATUS "")
-            endif()
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
 
-        else()
-            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
-            if($WOLFSSL_FOUND_IDF)
-                message(STATUS "")
-                message(STATUS "WARNING: wolfSSL not found.")
-                message(STATUS "")
             else()
-                # probably needs to be re-parsed by Espressif
-                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
-            endif() # else we have not found ESP-IDF yet
-        endif() # else not a local wolfSSL component
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
 
-    endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
 
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
 
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
     set(COMPONENT_ADD_INCLUDEDIRS
-        "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH5}"
-       "${WOLFSSL_ROOT}"
-       )
-else()
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
 
-   set(COMPONENT_ADD_INCLUDEDIRS
-       "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH}"
-       "${WOLFSSL_ROOT}"
-      )
-endif()
 
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
-    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
 
-set(COMPONENT_SRCEXCLUDE
-    "${WOLFSSL_ROOT}/src/bio.c"
-    "${WOLFSSL_ROOT}/src/conf.c"
-    "${WOLFSSL_ROOT}/src/misc.c"
-    "${WOLFSSL_ROOT}/src/pk.c"
-    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/x509.c"
-    "${WOLFSSL_ROOT}/src/x509_str.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
-    "${EXCLUDE_ASM}"
-    )
-
-register_component()
-
-# some optional diagnostics
-if (0)
-    get_cmake_property(_variableNames VARIABLES)
-    list (SORT _variableNames)
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES BEGIN")
-    message(STATUS "")
-    foreach (_variableName ${_variableNames})
-        message(STATUS "${_variableName}=${${_variableName}}")
-    endforeach()
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES END")
-    message(STATUS "")
-endif()
 
 # check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
     message(STATUS "")
     message(STATUS "")
     message(STATUS "********************************************************************")
@@ -227,3 +456,69 @@ endif()
 # end multiple component check
 
 
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..8a49155d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
@@ -0,0 +1,435 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+ #define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+    /*  There's no Hardware Acceleration available on ESP8684 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
index e754ae0f..798cecce 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
@@ -1,12 +1,36 @@
-
+# wolfSSL Espressif Example Project/main CMakeLists.txt
+#   v1.0
 #
 # wolfssl server test
 #
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 
-set(COMPONENT_SRCS "server-tls.c" "wifi_connect.c")
-set(COMPONENT_ADD_INCLUDEDIRS "." "./include")
-
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
 set (git_cmd "git")
 
 if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
@@ -19,8 +43,14 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
-
-register_component()
+## register_component()
+idf_component_register(SRCS main.c
+                            wifi_connect.c
+                            time_helper.c
+                            server-tls.c
+                       INCLUDE_DIRS "."
+                                    "./include")
+#
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
@@ -73,3 +103,4 @@ if(NOT CMAKE_BUILD_EARLY_EXPANSION)
 endif()
 
 message(STATUS "")
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
new file mode 100644
index 00000000..64406069
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
@@ -0,0 +1,9 @@
+menu "Example Configuration"
+
+config WOLFSSL_TARGET_PORT
+    int "Target port"
+    default 11111
+    help
+        Host listening port for the example to connect.
+
+endmenu
diff --git a/extra/wolfssl/wolfssl/cyassl/callbacks.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
index 7a288c02..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/callbacks.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
@@ -1,4 +1,4 @@
-/* callbacks.h
+/* template main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#ifndef _MAIN_H_
+#define _MAIN_H_
 
-
-#include <wolfssl/callbacks.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
new file mode 100644
index 00000000..ea9126fe
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
@@ -0,0 +1,60 @@
+/* server-tls.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef _SERVER_TLS_
+#define _SERVER_TLS_
+
+#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
+#include <wolfssl/ssl.h>
+#include "sdkconfig.h"
+
+#if defined(SINGLE_THREADED)
+    #define WOLFSSL_ESP_TASK int
+#else
+    #include "freertos/FreeRTOS.h"
+    #define WOLFSSL_ESP_TASK void
+#endif
+
+#ifdef CONFIG_WOLFSSL_TARGET_PORT
+    #define TLS_SMP_DEFAULT_PORT  CONFIG_WOLFSSL_TARGET_PORT
+#else
+    #define TLS_SMP_DEFAULT_PORT  11111
+#endif
+
+typedef struct {
+    int port;
+    int loops;
+} tls_args;
+
+/* Function to show the ciphers available / in use. */
+#if defined(DEBUG_WOLFSSL)
+    int ShowCiphers(WOLFSSL* ssl);
+#endif
+
+/* This is the TLS Server function, possibly in an RTOS thread. */
+WOLFSSL_ESP_TASK tls_smp_server_task(void *args);
+
+/* init will create an RTOS task, otherwise server is simply function call. */
+#if defined(SINGLE_THREADED)
+    /* no init neded */
+#else
+    WOLFSSL_ESP_TASK tls_smp_server_init(void* args);
+#endif
+#endif /* _SERVER_TLS_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
new file mode 100644
index 00000000..a47f9400
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
@@ -0,0 +1,54 @@
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.001 */
+
+#ifndef _TIME_HELPER_H
+#define _TIME_HELPER_H
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* a function to show the current data and time */
+int esp_show_current_datetime();
+
+/* worst case, if GitHub time not available, used fixed time */
+int set_fixed_default_time(void);
+
+/* set time from string (e.g. GitHub commit time) */
+int set_time_from_string(char* time_buffer);
+
+/* set time from NTP servers,
+ * also initially calls set_fixed_default_time or set_time_from_string */
+int set_time(void);
+
+/* wait NTP_RETRY_COUNT seconds before giving up on NTP time */
+int set_time_wait_for_ntp(void);
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
index c8a27577..a045b23b 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
@@ -18,25 +18,80 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#ifndef _TLS_WIFI_H_
-#define _TLS_WIFI_H_
-
-#include "esp_idf_version.h"
-#include "esp_log.h"
-#include "esp_wifi.h"
-#if ESP_IDF_VERSION_MAJOR >= 4
-#include "esp_event.h"
-#else
-#include "esp_event_loop.h"
-#endif
+#ifndef _WIFI_CONNECT_H_
+#define _WIFI_CONNECT_H_
 
-#define DEFAULT_PORT                     11111
+#include <esp_idf_version.h>
+#include <esp_log.h>
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY       CONFIG_ESP_MAXIMUM_RETRY
 
 #define TLS_SMP_SERVER_TASK_NAME         "tls_sever_example"
-#define TLS_SMP_SERVER_TASK_WORDS        10240
+#define TLS_SMP_SERVER_TASK_WORDS        22240
 #define TLS_SMP_SERVER_TASK_PRIORITY     8
 
 #define TLS_SMP_WIFI_SSID                CONFIG_WIFI_SSID
 #define TLS_SMP_WIFI_PASS                CONFIG_WIFI_PASSWORD
 
+#define USE_WIFI_EXAMPLE
+#ifdef USE_WIFI_EXAMPLE
+    #include "esp_netif.h"
+    #include "protocol_examples_common.h" /* see project CMakeLists.txt */
+#endif
+
+/**
+ ******************************************************************************
+ ******************************************************************************
+ ** USER APPLICATION SETTINGS BEGIN
+ ******************************************************************************
+ ******************************************************************************
+ **/
+
+/* when using a private config with plain text passwords,
+ * file my_private_config.h should be excluded from git updates */
+/* #define  USE_MY_PRIVATE_CONFIG */
+
+#ifdef  USE_MY_PRIVATE_CONFIG
+    #if defined(WOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS)
+        #include "/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_WSL)
+        #include "/mnt/c/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_LINUX)
+        #include "~/workspace/my_private_config.h"
+    #elif defined(WOLFSSL_CMAKE_SYSTEM_NAME_APPLE)
+        #include "~/Documents/my_private_config.h"
+    #else
+        #warning "did not detect environment. using ~/my_private_config.h"
+        #include "~/my_private_config.h"
+    #endif
+#else
+
+    /*
+    ** The examples use WiFi configuration that you can set via project
+    ** configuration menu
+    **
+    ** If you'd rather not, just change the below entries to strings with
+    ** the config you want - ie #define EXAMPLE_WIFI_SSID "mywifissid"
+    */
+    #ifdef CONFIG_ESP_WIFI_SSID
+        #define EXAMPLE_ESP_WIFI_SSID CONFIG_ESP_WIFI_SSID
+    #else
+        #define EXAMPLE_ESP_WIFI_SSID "MYSSID_WIFI_CONNECT"
+    #endif
+
+    #ifdef CONFIG_ESP_WIFI_PASSWORD
+        #define EXAMPLE_ESP_WIFI_PASS CONFIG_ESP_WIFI_PASSWORD
+    #else
+        #define EXAMPLE_ESP_WIFI_PASS "MYPASSWORD_WIFI_CONNECT"
+    #endif
 #endif
+
+/* ESP lwip */
+#define EXAMPLE_ESP_MAXIMUM_RETRY  CONFIG_ESP_MAXIMUM_RETRY
+
+int wifi_init_sta(void);
+
+int wifi_show_ip(void);
+
+#endif /* _WIFI_CONNECT_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
new file mode 100644
index 00000000..1c0d537e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
@@ -0,0 +1,257 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "sdkconfig.h"
+#include "main.h"
+
+/* ESP specific */
+#include <nvs_flash.h>
+#include <esp_log.h>
+#include <esp_event.h>
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h> /* includes wolfSSL user-settings.h */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#ifndef WOLFSSL_ESPIDF
+    #warning "Problem with wolfSSL user_settings."
+    #warning "Check components/wolfssl/include"
+#endif
+
+/* this project */
+#include "server-tls.h"
+#include "time_helper.h"
+
+#ifndef CONFIG_IDF_TARGET_ESP32H2
+    /* There's no WiFi on ESP32-H2.
+     * For wired ethernet, see:
+     * https://github.com/wolfSSL/wolfssl-examples/tree/master/ESP32/TLS13-ENC28J60-client */
+    #include "wifi_connect.h"
+#endif
+
+#ifdef WOLFSSL_TRACK_MEMORY
+    #include <wolfssl/wolfcrypt/mem_track.h>
+#endif
+
+static const char* const TAG = "TLS Client";
+
+#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
+                                  && defined(WOLFSSL_ATECC508A)
+
+#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
+
+/* when you want to use a custom slot allocation */
+/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+
+#if defined(CUSTOM_SLOT_ALLOCATION)
+
+static byte mSlotList[ATECC_MAX_SLOT];
+
+int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+
+/* initialize slot array */
+void my_atmel_slotInit()
+{
+    int i;
+    for(i = 0;i < ATECC_MAX_SLOT;i++) {
+        mSlotList[i] = ATECC_INVALID_SLOT;
+    }
+}
+
+/* allocate slot depending on slotType */
+int my_atmel_alloc(int slotType)
+{
+    int i, slot = -1;
+
+    switch(slotType){
+        case ATMEL_SLOT_ENCKEY:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_DEVICE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE:
+            slot = 0;
+            break;
+        case ATMEL_SLOT_ECDHE_ENC:
+            slot = 4;
+            break;
+        case ATMEL_SLOT_ANY:
+            for(i = 0;i < ATECC_MAX_SLOT;i++){
+                if(mSlotList[i] == ATECC_INVALID_SLOT){
+                    slot = i;
+                    break;
+                }
+            }
+    }
+
+    return slot;
+}
+
+/* free slot array       */
+void my_atmel_free(int slotId)
+{
+    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
+        mSlotList[slotId] = ATECC_INVALID_SLOT;
+    }
+}
+#endif /* CUSTOM_SLOT_ALLOCATION                                       */
+#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
+
+/* for FreeRTOS */
+void app_main(void)
+{
+    int stack_start = 0;
+    esp_err_t ret = 0;
+    ESP_LOGI(TAG, "---------------- wolfSSL TLS Server Example ------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+#ifdef ESP_TASK_MAIN_STACK
+    ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
+#endif
+#ifdef TASK_EXTRA_STACK_SIZE
+    ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
+#endif
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+    ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+                   CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+                   (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+    /* Returns the high water mark of the stack associated with xTask. That is,
+     * the minimum free stack space there has been (in bytes not words, unlike
+     * vanilla FreeRTOS) since the task started. The smaller the returned
+     * number the closer the task has come to overflowing its stack.
+     * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+     */
+    stack_start = uxTaskGetStackHighWaterMark(NULL);
+    ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
+#endif
+
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
+#endif
+
+    /* Set time for cert validation.
+     * Some lwIP APIs, including SNTP functions, are not thread safe. */
+    ret = set_time(); /* need to setup NTP before WiFi */
+
+    /* Optionally erase flash */
+    /* ESP_ERROR_CHECK(nvs_flash_erase()); */
+
+#ifdef FOUND_PROTOCOL_EXAMPLES_DIR
+    ESP_LOGI(TAG, "FOUND_PROTOCOL_EXAMPLES_DIR active, using example code.");
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    #if defined(CONFIG_IDF_TARGET_ESP32H2)
+        ESP_LOGE(TAG, "There's no WiFi on ESP32-H2.");
+    #else
+        #ifdef CONFIG_EXAMPLE_WIFI_SSID
+            if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+                ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is myssid.");
+                ESP_LOGW(TAG, "  Do you have a WiFi AP called myssid, or ");
+                ESP_LOGW(TAG, "  did you forget the ESP-IDF configuration?");
+            }
+        #else
+            #define CONFIG_EXAMPLE_WIFI_SSID "myssid"
+            ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+        #endif
+        ESP_ERROR_CHECK(esp_netif_init());
+        ESP_ERROR_CHECK(esp_event_loop_create_default());
+        ESP_ERROR_CHECK(example_connect());
+    #endif
+#else
+    ESP_ERROR_CHECK(nvs_flash_init());
+
+    /* Initialize NVS */
+    ret = nvs_flash_init();
+    if (ret == ESP_ERR_NVS_NO_FREE_PAGES ||
+        ret == ESP_ERR_NVS_NEW_VERSION_FOUND) {
+        ESP_ERROR_CHECK(nvs_flash_erase());
+        ret = nvs_flash_init();
+    }
+    ESP_ERROR_CHECK(ret);
+
+    #if defined(CONFIG_IDF_TARGET_ESP32H2)
+        ESP_LOGE(TAG, "There's no WiFi on ESP32-H2. ");
+    #else
+        /* Initialize WiFi */
+        ESP_LOGI(TAG, "ESP_WIFI_MODE_STA");
+        ret = wifi_init_sta();
+        while (ret != 0) {
+            ESP_LOGI(TAG, "Waiting...");
+            vTaskDelay(60000 / portTICK_PERIOD_MS);
+            ESP_LOGI(TAG, "Trying WiFi again...");
+            ret = wifi_init_sta();
+        }
+    #endif
+#endif
+
+    /* Once we are connected to the network, start & wait for NTP time */
+    ret = set_time_wait_for_ntp();
+
+    if (ret < -1) {
+        /* a value of -1 means there was no NTP server, so no need to wait */
+        ESP_LOGI(TAG, "Waiting 10 more seconds for NTP to complete." );
+        vTaskDelay(10000 / portTICK_PERIOD_MS); /* brute-force solution */
+        esp_show_current_datetime();
+    }
+
+    /* HWM is maximum amount of stack space that has been unused, in bytes
+     * not words (unlike vanilla freeRTOS). */
+    ESP_LOGI(TAG, "Initial Stack Used (before wolfSSL Server): %d bytes",
+                   CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                   - (uxTaskGetStackHighWaterMark(NULL))
+            );
+    ESP_LOGI(TAG, "Starting TLS Server...\n");
+
+#if defined(SINGLE_THREADED)
+    /* just call the task */
+    tls_smp_server_task((void*)NULL);
+#else
+    tls_args args[1] = {0};
+    /* start a thread with the task */
+    tls_smp_server_init(args); /* NULL will use the DEFAULT_PORT value */
+#endif
+
+    /* done */
+    while (1) {
+        ESP_LOGV(TAG, "\n\nLoop...\n\n");
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+        ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+        ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                     - uxTaskGetStackHighWaterMark(NULL));
+        ESP_LOGI(TAG, "Stack delta: %d\n", stack_start
+                                     - uxTaskGetStackHighWaterMark(NULL));
+#endif
+
+#if defined(SINGLE_THREADED)
+        ESP_LOGV(TAG, "\n\nDone!\n\n");
+        while (1);
+#else
+        vTaskDelay(60000);
+        ESP_LOGV(TAG, "\n\nvTaskDelete...\n\n");
+        vTaskDelete(NULL);
+#endif
+    } /* done whle */
+
+} /* app_main */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
index 8a6f85c3..9df8283d 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
@@ -1,4 +1,4 @@
-/* server-tls-callback.c
+/* server-tls.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,122 +18,121 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-/* the usual suspects */
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <errno.h>
+
+#include "server-tls.h"
+
+/* Espressif FreeRTOS */
+#ifndef SINGLE_THREADED
+    #include <freertos/FreeRTOS.h>
+    #include <freertos/task.h>
+    #include <freertos/event_groups.h>
+#endif
 
 /* socket includes */
-#include <sys/socket.h>
-#include <arpa/inet.h>
-#include <netinet/in.h>
-#include <unistd.h>
+#include <lwip/netdb.h>
+#include <lwip/sockets.h>
 
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
+#include "user_settings.h"
 #include <wolfssl/ssl.h>
-#include <wolfssl/certs_test.h>
-
-/* ESP specific */
-#include "wifi_connect.h"
 
 #ifdef WOLFSSL_TRACK_MEMORY
     #include <wolfssl/wolfcrypt/mem_track.h>
 #endif
 
-static const char* const TAG = "tls_server";
-
-#if defined(DEBUG_WOLFSSL)
-
-static void ShowCiphers(void)
-{
-    char ciphers[4096];
-
-    int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
-
-    if (ret == WOLFSSL_SUCCESS)
-        printf("%s\n", ciphers);
-}
+#ifndef NO_DH
+    /* see also wolfssl/test.h */
+    #undef  DEFAULT_MIN_DHKEY_BITS
+    #define DEFAULT_MIN_DHKEY_BITS 1024
 
+    #undef  DEFAULT_MAX_DHKEY_BITS
+    #define DEFAULT_MAX_DHKEY_BITS 2048
 #endif
 
-#if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
-                                  && defined(WOLFSSL_ATECC508A)
-
-#include "wolfssl/wolfcrypt/port/atmel/atmel.h"
-
-/* when you want to use a custom slot allocation */
-/* enable the definition CUSTOM_SLOT_ALLOCATION. */
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+#else
+    #include <wolfssl/certs_test.h>
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
 
-#if defined(CUSTOM_SLOT_ALLOCATION)
+/* Project */
+#include "wifi_connect.h"
+#include "time_helper.h"
 
-static byte mSlotList[ATECC_MAX_SLOT];
 
-int atmel_set_slot_allocator(atmel_slot_alloc_cb alloc, atmel_slot_dealloc_cb dealloc);
+static const char* const TAG = "server-tls";
+int stack_start = -1;
 
-/* initialize slot array */
-void my_atmel_slotInit()
+int ShowCiphers(WOLFSSL* ssl)
 {
-    int i;
-
-    for(i=0;i<ATECC_MAX_SLOT; i++) {
-        mSlotList[i] = ATECC_INVALID_SLOT;
-    }
-}
-
-/* allocate slot depending on slotType */
-int my_atmel_alloc(int slotType)
-{
-    int i, slot = -1;
-
-    switch(slotType){
-        case ATMEL_SLOT_ENCKEY:
-            slot = 4;
-            break;
-        case ATMEL_SLOT_DEVICE:
-            slot = 0;
-            break;
-        case ATMEL_SLOT_ECDHE:
-            slot = 0;
-            break;
-        case ATMEL_SLOT_ECDHE_ENC:
-            slot = 4;
-            break;
-        case ATMEL_SLOT_ANY:
-            for(i=0;i<ATECC_MAX_SLOT;i++){
-                if(mSlotList[i] == ATECC_INVALID_SLOT){
-                    slot = i;
-                    break;
+    #define CLIENT_TLS_MAX_CIPHER_LENGTH 4096
+    char ciphers[CLIENT_TLS_MAX_CIPHER_LENGTH];
+    const char* cipher_used;
+    int ret = 0;
+
+    if (ssl == NULL) {
+        ESP_LOGI(TAG, "WOLFSSL* ssl is NULL, so no cipher in use");
+        ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
+        if (ret == WOLFSSL_SUCCESS) {
+            for (int i = 0; i < CLIENT_TLS_MAX_CIPHER_LENGTH; i++) {
+                if (ciphers[i] == ':') {
+                    ciphers[i] = '\n';
                 }
             }
+            ESP_LOGI(TAG, "Available Ciphers:\n%s\n", ciphers);
+        }
+        else {
+            ESP_LOGE(TAG, "Failed to call wolfSSL_get_ciphers. Error: %d", ret);
+        }
+    }
+    else {
+        cipher_used = wolfSSL_get_cipher_name(ssl);
+        ESP_LOGI(TAG, "WOLFSSL* ssl using %s", cipher_used);
     }
 
-    return slot;
+    return ret;
 }
 
-/* free slot array       */
-void my_atmel_free(int slotId)
-{
-    if(slotId >= 0 && slotId < ATECC_MAX_SLOT){
-        mSlotList[slotId] = ATECC_INVALID_SLOT;
-    }
-}
-#endif /* CUSTOM_SLOT_ALLOCATION                                       */
-#endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
 
-void tls_smp_server_task()
+/* FreeRTOS */
+/* server task */
+WOLFSSL_ESP_TASK tls_smp_server_task(void *args)
 {
-    int                sockfd;
-    int                connd;
+#if defined(SINGLE_THREADED)
+    #define TLS_SMP_SERVER_TASK_RET ret
+#else
+    #define TLS_SMP_SERVER_TASK_RET
+#endif
+    char               buff[256];
+    const char msg[] = "I hear you fa shizzle!";
+
     struct sockaddr_in servAddr;
     struct sockaddr_in clientAddr;
-    socklen_t          size = sizeof(clientAddr);
-    char               buff[256];
-    size_t             len;
+    int                sockfd;
+    int                connd;
     int                shutdown = 0;
     int                ret;
-    const char msg[] = "I hear you fa shizzle!";
+    socklen_t          size = sizeof(clientAddr);
+    size_t             len;
 
     /* declare wolfSSL objects */
     WOLFSSL_CTX* ctx;
@@ -142,9 +141,8 @@ void tls_smp_server_task()
     WOLFSSL_ENTER("tls_smp_server_task");
 
 #ifdef DEBUG_WOLFSSL
-    WOLFSSL_MSG("Debug ON");
     wolfSSL_Debugging_ON();
-    ShowCiphers();
+    ShowCiphers(NULL);
 #endif
 
     /* Initialize wolfSSL */
@@ -161,9 +159,99 @@ void tls_smp_server_task()
 
     /* Create and initialize WOLFSSL_CTX */
     WOLFSSL_MSG("Create and initialize WOLFSSL_CTX");
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+    // ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());  /* only TLS 1.3 */
+    if (ctx == NULL) {
+        ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
+    }
+#else
+    /* TODO remove duplicate */
     if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
         ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL_CTX");
     }
+#endif
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    ESP_LOGI(TAG, "Start SM3\n");
+
+    /* Optional set explicit ciphers
+    ret = wolfSSL_CTX_set_cipher_list(ctx, WOLFSSL_ESP32_CIPHER_SUITE);
+    if (ret == SSL_SUCCESS) {
+        ESP_LOGI(TAG, "Set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
+    }
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to set cipher list: "WOLFSSL_ESP32_CIPHER_SUITE"\n");
+    }
+    */
+    ShowCiphers(NULL);
+    ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                      - uxTaskGetStackHighWaterMark(NULL));
+
+    WOLFSSL_MSG("Loading certificate...");
+    /* -c Load server certificates into WOLFSSL_CTX */
+    ret = wolfSSL_CTX_use_certificate_chain_buffer_format(ctx,
+                                                          CTX_SERVER_CERT,
+                                                          CTX_SERVER_CERT_SIZE,
+                                                          CTX_SERVER_CERT_TYPE
+                                                         );
+
+/* optional wolfSSL_CTX_use_certificate_buffer
+    ret = wolfSSL_CTX_use_certificate_buffer(ctx,
+                                             server_sm2,
+                                             sizeof_server_sm2,
+                                             WOLFSSL_FILETYPE_PEM);
+*/
+    if (ret == SSL_SUCCESS) {
+        ESP_LOGI(TAG, "Loaded server_sm2\n");
+    }
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to load cert\n");
+    }
+    ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                      - uxTaskGetStackHighWaterMark(NULL));
+
+#ifndef NO_DH
+    #define DEFAULT_MIN_DHKEY_BITS 1024
+    #define DEFAULT_MAX_DHKEY_BITS 2048
+    int    minDhKeyBits  = DEFAULT_MIN_DHKEY_BITS;
+    ret = wolfSSL_CTX_SetMinDhKey_Sz(ctx, (word16)minDhKeyBits);
+#endif
+#ifndef NO_RSA
+    #define DEFAULT_MIN_RSAKEY_BITS 1024
+    short  minRsaKeyBits = DEFAULT_MIN_RSAKEY_BITS;
+    ret = wolfSSL_CTX_SetMinRsaKey_Sz(ctx, minRsaKeyBits);
+#endif
+
+    WOLFSSL_MSG("Loading key info...");
+    /* -k Load server key into WOLFSSL_CTX */
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(ctx,
+                                            CTX_SERVER_KEY,
+                                            CTX_SERVER_KEY_SIZE,
+                                            CTX_SERVER_KEY_TYPE);
+
+    if (ret == SSL_SUCCESS) {
+        ESP_LOGI(TAG, "Loaded PrivateKey_buffer server_sm2_priv\n");
+    }
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to load "
+                      "PrivateKey_buffer server_sm2_priv\n");
+    }
+    ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                      - uxTaskGetStackHighWaterMark(NULL));
+    /* -A load authority */
+    ret = wolfSSL_CTX_load_verify_buffer(ctx,
+                                         client_sm2,
+                                         sizeof_client_sm2,
+                                         WOLFSSL_FILETYPE_PEM);
+    if (ret == SSL_SUCCESS) {
+        ESP_LOGI(TAG, "Success: load verify buffer\n");
+    }
+    else {
+        ESP_LOGE(TAG, "ERROR: failed to load verify buffer\n");
+    }
+    ESP_LOGI(TAG, "Finish SM2\n");
+#else
     WOLFSSL_MSG("Loading certificate...");
     /* Load server certificates into WOLFSSL_CTX */
 
@@ -181,14 +269,17 @@ void tls_smp_server_task()
         ESP_LOGE(TAG, "ERROR: failed to load privatekey");
     }
 
-    /* TO DO when using ECDSA, it loads the provisioned certificate and present it.*/
-    /* TO DO when using ECDSA, it uses the generated key instead of loading key    */
+#endif
+
+
+    /* TODO when using ECDSA,it loads the provisioned certificate and present it.
+       TODO when using ECDSA,it uses the generated key instead of loading key  */
 
     /* Initialize the server address struct with zeros */
     memset(&servAddr, 0, sizeof(servAddr));
     /* Fill in the server address */
     servAddr.sin_family      = AF_INET;             /* using IPv4      */
-    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_port        = htons(TLS_SMP_DEFAULT_PORT); /* on port */
     servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
 
     /* Bind the server socket to our port */
@@ -210,33 +301,50 @@ void tls_smp_server_task()
     atmel_set_slot_allocator(my_atmel_alloc, my_atmel_free);
     #endif
 #endif
-
+    ESP_LOGI(TAG, "accept clients...");
     /* Continue to accept clients until shutdown is issued */
     while (!shutdown) {
-         WOLFSSL_MSG("Waiting for a connection...");
-        /* Accept client connections */
+        ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                          - uxTaskGetStackHighWaterMark(NULL));
+        WOLFSSL_MSG("Waiting for a connection...");
+        wifi_show_ip();
+
+        /* Accept client socket connections */
         if ((connd = accept(sockfd, (struct sockaddr*)&clientAddr, &size))
             == -1) {
              ESP_LOGE(TAG, "ERROR: failed to accept the connection");
         }
         /* Create a WOLFSSL object */
         if ((ssl = wolfSSL_new(ctx)) == NULL) {
-             ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
+            ESP_LOGE(TAG, "ERROR: failed to create WOLFSSL object");
         }
+
+        /* show what cipher connected for this WOLFSSL* object */
+        ShowCiphers(ssl);
+
         /* Attach wolfSSL to the socket */
         wolfSSL_set_fd(ssl, connd);
         /* Establish TLS connection */
         ret = wolfSSL_accept(ssl);
-        if (ret != SSL_SUCCESS) {
-            ESP_LOGE(TAG, "wolfSSL_accept error %d", wolfSSL_get_error(ssl, ret));
+        if (ret == SSL_SUCCESS) {
+            ShowCiphers(ssl);
+        }
+        else {
+            ESP_LOGE(TAG, "wolfSSL_accept error %d",
+                           wolfSSL_get_error(ssl, ret));
         }
         WOLFSSL_MSG("Client connected successfully");
+        ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                          - uxTaskGetStackHighWaterMark(NULL));
+
         /* Read the client data into our buff array */
         memset(buff, 0, sizeof(buff));
         if (wolfSSL_read(ssl, buff, sizeof(buff)-1) == -1) {
             ESP_LOGE(TAG, "ERROR: failed to read");
         }
         /* Print to stdout any data the client sends */
+        ESP_LOGI(TAG, "Stack used: %d\n", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                          - uxTaskGetStackHighWaterMark(NULL));
         WOLFSSL_MSG("Client sends:");
         WOLFSSL_MSG(buff);
         /* Check for server shutdown command */
@@ -257,11 +365,54 @@ void tls_smp_server_task()
         close(connd);           /* Close the connection to the client   */
     }
     /* Cleanup and return */
+    wolfSSL_free(ssl);      /* Free the wolfSSL object                  */
     wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
     wolfSSL_Cleanup();      /* Cleanup the wolfSSL environment          */
     close(sockfd);          /* Close the socket listening for clients   */
 
     vTaskDelete(NULL);
 
-    return;                 /* Return reporting a success               */
+    return TLS_SMP_SERVER_TASK_RET;
+}
+
+#if defined(SINGLE_THREADED)
+    /* we don't initialize a thread */
+#else
+/* create task */
+WOLFSSL_ESP_TASK tls_smp_server_init(void* args)
+{
+#if defined(SINGLE_THREADED)
+    #define TLS_SMP_CLIENT_TASK_RET ret
+#else
+    #define TLS_SMP_CLIENT_TASK_RET
+#endif
+    int thisPort = 0;
+    int ret_i = 0; /* interim return result */
+    if (thisPort == 0) {
+        thisPort = TLS_SMP_DEFAULT_PORT;
+    }
+
+#if ESP_IDF_VERSION_MAJOR >= 4
+    TaskHandle_t _handle;
+#else
+    xTaskHandle _handle;
+#endif
+    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
+    ESP_LOGI(TAG, "Creating tls_smp_server_task with stack size = %d",
+                   TLS_SMP_SERVER_TASK_WORDS);
+    ret_i = xTaskCreate(tls_smp_server_task,
+                      TLS_SMP_SERVER_TASK_NAME,
+                      TLS_SMP_SERVER_TASK_WORDS, /* not bytes! */
+                      (void*)&thisPort,
+                      TLS_SMP_SERVER_TASK_PRIORITY,
+                      &_handle);
+
+    if (ret_i != pdPASS) {
+        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
+    }
+
+    /* vTaskStartScheduler(); // called automatically in ESP-IDF */
+    return TLS_SMP_CLIENT_TASK_RET;
 }
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
new file mode 100644
index 00000000..1f16e4be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
@@ -0,0 +1,333 @@
+/* time_helper.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* common Espressif time_helper v5.6.3.002 */
+#include "sdkconfig.h"
+#include "time_helper.h"
+
+#include <esp_log.h>
+#include <esp_idf_version.h>
+
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+    #if (ESP_IDF_VERSION_MAJOR == 5) && (ESP_IDF_VERSION_MINOR >= 1)
+        #define HAS_ESP_NETIF_SNTP 1
+        #include <lwip/apps/sntp.h>
+        #include <esp_netif_sntp.h>
+    #else
+        #include <string.h>
+        #include <esp_sntp.h>
+    #endif
+#else
+    /* TODO Consider pre IDF v5? */
+#endif
+
+/* ESP-IDF uses a 64-bit signed integer to represent time_t starting from release v5.0
+ * See: https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#year-2036-and-2038-overflow-issues
+ */
+const static char* TAG = "time_helper";
+
+/* see https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html */
+#ifndef TIME_ZONE
+/*
+ * PST represents Pacific Standard Time.
+ * +8 specifies the offset from UTC (Coordinated Universal Time), indicating
+ *   that Pacific Time is UTC-8 during standard time.
+ * PDT represents Pacific Daylight Time.
+ * M3.2.0 indicates that Daylight Saving Time (DST) starts on the
+ *   second (2) Sunday (0) of March (3).
+ * M11.1.0 indicates that DST ends on the first (1) Sunday (0) of November (11)
+ */
+    #define TIME_ZONE "PST+8PDT,M3.2.0,M11.1.0"
+#endif /* not defined: TIME_ZONE, so we are setting our own */
+
+#define NTP_RETRY_COUNT 10
+
+/* NELEMS(x) number of elements
+ * To determine the number of elements in the array, we can divide the total
+ * size of the array by the size of the array element.
+ * See https://stackoverflow.com/questions/37538/how-do-i-determine-the-size-of-my-array-in-c
+ **/
+#define NELEMS(x)  ( (int)(sizeof(x) / sizeof((x)[0])) )
+
+/* See also CONFIG_LWIP_SNTP_MAX_SERVERS in sdkconfig */
+#define NTP_SERVER_LIST ( (char*[]) {                        \
+                                     "pool.ntp.org",         \
+                                     "time.nist.gov",        \
+                                     "utcnist.colorado.edu"  \
+                                     }                       \
+                        )
+/* #define NTP_SERVER_COUNT using NELEMS:
+ *
+ *  (int)(sizeof(NTP_SERVER_LIST) / sizeof(NTP_SERVER_LIST[0]))
+ */
+#define NTP_SERVER_COUNT NELEMS(NTP_SERVER_LIST)
+
+#ifndef CONFIG_LWIP_SNTP_MAX_SERVERS
+    /* We should find max value in sdkconfig, if not set it to our count:*/
+    #define CONFIG_LWIP_SNTP_MAX_SERVERS NTP_SERVER_COUNT
+#endif
+
+char* ntpServerList[NTP_SERVER_COUNT] = NTP_SERVER_LIST;
+
+/* our NTP server list is global info */
+extern char* ntpServerList[NTP_SERVER_COUNT];
+
+/* Show the current date and time */
+int esp_show_current_datetime()
+{
+    time_t now;
+    char strftime_buf[64];
+    struct tm timeinfo;
+
+    time(&now);
+    setenv("TZ", TIME_ZONE, 1);
+    tzset();
+
+    localtime_r(&now, &timeinfo);
+    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
+    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
+    return 0;
+}
+
+/* the worst-case scenario is a hard-coded date/time */
+int set_fixed_default_time(void)
+{
+    /* ideally, we'd like to set time from network,
+     * but let's set a default time, just in case */
+    struct tm timeinfo = {
+        .tm_year = 2023 - 1900,
+        .tm_mon  = 10,
+        .tm_mday = 02,
+        .tm_hour = 13,
+        .tm_min  = 01,
+        .tm_sec  = 05
+    };
+    struct timeval now;
+    time_t interim_time;
+    int ret = -1;
+
+    /* set interim static time */
+    interim_time = mktime(&timeinfo);
+
+    ESP_LOGI(TAG, "Adjusting time from fixed value");
+    now = (struct timeval){ .tv_sec = interim_time };
+    ret = settimeofday(&now, NULL);
+
+    return ret;
+}
+
+/* set_time_from_string(s)
+ *
+ * returns 0 = success if able to set the time from the provided string
+ * error for any other value, typically -1 */
+int set_time_from_string(char* time_buffer)
+{
+    /* expecting github default formatting: 'Thu Aug 31 12:41:45 2023 -0700' */
+    const char *format = "%3s %3s %d %d:%d:%d %d %s";
+    struct tm this_timeinfo;
+    struct timeval now;
+    time_t interim_time;
+    char offset[6]; /* expecting trailing single quote, not used */
+    char day_str[4];
+    char month_str[4];
+    int day, year, hour, minute, second;
+    int quote_offset = 0;
+    int ret = 0;
+
+    /* we are expecting the string to be encapsulated in single quotes */
+    if (*time_buffer == 0x27) {
+        quote_offset = 1;
+    }
+
+    ret = sscanf(time_buffer + quote_offset,
+                format,
+                day_str, month_str,
+                &day, &hour, &minute, &second, &year, &offset);
+
+    if (ret == 8) {
+        /* we found a match for all componets */
+
+        const char *months[] = { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+                                 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+        for (int i = 0; i < 12; i++) {
+            if (strcmp(month_str, months[i]) == 0) {
+                this_timeinfo.tm_mon = i;
+                break;
+            }
+        }
+
+        this_timeinfo.tm_mday = day;
+        this_timeinfo.tm_hour = hour;
+        this_timeinfo.tm_min = minute;
+        this_timeinfo.tm_sec = second;
+        this_timeinfo.tm_year = year - 1900; /* Number of years since 1900 */
+
+        interim_time = mktime(&this_timeinfo);
+        now = (struct timeval){ .tv_sec = interim_time };
+        ret = settimeofday(&now, NULL);
+        ESP_LOGI(TAG, "Time updated to %s", time_buffer);
+    }
+    else {
+        ESP_LOGE(TAG, "Failed to convert \"%s\" to a tm date.", time_buffer);
+        ESP_LOGI(TAG, "Trying fixed date that was hard-coded.");
+        set_fixed_default_time();
+        ret = -1;
+    }
+    return ret;
+}
+
+/* set time; returns 0 if succecssfully configured with NTP */
+int set_time(void)
+{
+#ifndef NTP_SERVER_COUNT
+    ESP_LOGW(TAG, "Warning: no sntp server names defined. "
+                  "Setting to empty list");
+    #define NTP_SERVER_COUNT 0
+    #warning "NTP not properly configured"
+#endif /* not defined: NTP_SERVER_COUNT */
+
+#ifdef HAS_ESP_NETIF_SNTP
+    #if CONFIG_LWIP_SNTP_MAX_SERVERS > 1
+        esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG_MULTIPLE(
+                                       NTP_SERVER_COUNT,
+                                       ESP_SNTP_SERVER_LIST(ntpServerList[0])
+                                   );
+    #else
+        esp_sntp_config_t config = ESP_NETIF_SNTP_DEFAULT_CONFIG(ntpServerList[0]);
+    #endif /* CONFIG_LWIP_SNTP_MAX_SERVERS > 1 */
+#endif /* HAS_ESP_NETIF_SNTP */
+
+    int ret = 0;
+    int i = 0; /* counter for time servers */
+
+    ESP_LOGI(TAG, "Setting the time. Startup time:");
+    esp_show_current_datetime();
+
+#ifdef LIBWOLFSSL_VERSION_GIT_HASH_DATE
+    /* initialy set a default approximate time from recent git commit */
+    ESP_LOGI(TAG, "Found git hash date, attempting to set system date.");
+    set_time_from_string(LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+    esp_show_current_datetime();
+
+    ret = -4;
+#else
+    /* otherwise set a fixed time that was hard coded */
+    set_fixed_default_time();
+    ret = -3;
+#endif
+
+#ifdef CONFIG_SNTP_TIME_SYNC_METHOD_SMOOTH
+    config.smooth_sync = true;
+#endif
+
+    if (NTP_SERVER_COUNT) {
+        /* next, let's setup NTP time servers
+         *
+         * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/system_time.html#sntp-time-synchronization
+         *
+         * WARNING: do not set operating mode while SNTP client is running!
+         */
+        /* TODO Consider esp_sntp_setoperatingmode(SNTP_OPMODE_POLL);  */
+        sntp_setoperatingmode(SNTP_OPMODE_POLL);
+        if (NTP_SERVER_COUNT > CONFIG_LWIP_SNTP_MAX_SERVERS) {
+            ESP_LOGW(TAG, "WARNING: %d NTP Servers defined, but "
+                          "CONFIG_LWIP_SNTP_MAX_SERVERS = %d",
+                           NTP_SERVER_COUNT,CONFIG_LWIP_SNTP_MAX_SERVERS);
+        }
+        ESP_LOGI(TAG, "sntp_setservername:");
+        for (i = 0; i < CONFIG_LWIP_SNTP_MAX_SERVERS; i++) {
+            const char* thisServer = ntpServerList[i];
+            if (strncmp(thisServer, "\x00", 1) == 0) {
+                /* just in case we run out of NTP servers */
+                break;
+            }
+            ESP_LOGI(TAG, "%s", thisServer);
+            sntp_setservername(i, thisServer);
+        }
+    #ifdef HAS_ESP_NETIF_SNTP
+        ret = esp_netif_sntp_init(&config);
+    #else
+        ESP_LOGW(TAG,"Warning: Consider upgrading ESP-IDF to take advantage "
+                     "of updated SNTP libraries");
+    #endif
+        if (ret == ESP_OK) {
+            ESP_LOGV(TAG, "Successfully called esp_netif_sntp_init");
+        }
+        else {
+            ESP_LOGE(TAG, "ERROR: esp_netif_sntp_init return = %d", ret);
+        }
+
+        sntp_init();
+        switch (ret) {
+            case ESP_ERR_INVALID_STATE:
+                break;
+            default:
+                break;
+        }
+        ESP_LOGI(TAG, "sntp_init done.");
+    }
+    else {
+        ESP_LOGW(TAG, "No sntp time servers found.");
+        ret = -1;
+    }
+    return ret;
+}
+
+/* wait for NTP to actually set the time */
+int set_time_wait_for_ntp(void)
+{
+    int ret = 0;
+#ifdef HAS_ESP_NETIF_SNTP
+    int ntp_retry = 0;
+    const int ntp_retry_count = NTP_RETRY_COUNT;
+
+    ret = esp_netif_sntp_start();
+
+    ret = esp_netif_sntp_sync_wait(500 / portTICK_PERIOD_MS);
+#endif /* HAS_ESP_NETIF_SNTP */
+    esp_show_current_datetime();
+
+#ifdef HAS_ESP_NETIF_SNTP
+    while (ret == ESP_ERR_TIMEOUT && (ntp_retry++ < ntp_retry_count)) {
+        ret = esp_netif_sntp_sync_wait(1000 / portTICK_PERIOD_MS);
+        ESP_LOGI(TAG, "Waiting for NTP to sync time... (%d/%d)",
+                       ntp_retry,
+                       ntp_retry_count);
+        esp_show_current_datetime();
+    }
+#endif /* HAS_ESP_NETIF_SNTP */
+
+#ifdef TIME_ZONE
+    setenv("TZ", TIME_ZONE, 1);
+    tzset();
+#endif
+
+    if (ret == ESP_OK) {
+        ESP_LOGI(TAG, "Successfuly set time via NTP servers.");
+        }
+    else {
+        ESP_LOGW(TAG, "Warning: Failed to set time with NTP: "
+                      "result = 0x%0x: %s",
+                       ret, esp_err_to_name(ret));
+    }
+    return ret;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
index 37c636b5..7401c5d7 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
@@ -18,92 +18,51 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-/*ESP specific */
-#include "freertos/FreeRTOS.h"
-#include "freertos/task.h"
-#include "freertos/event_groups.h"
-#include "wifi_connect.h"
-#include "lwip/sockets.h"
-#include "lwip/netdb.h"
-#include "lwip/apps/sntp.h"
-#include "nvs_flash.h"
+ #include "wifi_connect.h"
+
+#include <freertos/FreeRTOS.h>
+#include <freertos/task.h>
+#include <freertos/event_groups.h>
+#include <esp_wifi.h>
+#include <esp_log.h>
 
 /* wolfSSL */
 #include <wolfssl/wolfcrypt/settings.h>
-#include <user_settings.h>
 #include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
 #ifndef WOLFSSL_ESPIDF
-    #warning "problem with wolfSSL user_settings. Check components/wolfssl/include"
+    #warning "Problem with wolfSSL user_settings."
+    #warning "Check components/wolfssl/include"
 #endif
 
-#if ESP_IDF_VERSION_MAJOR >= 4
+#if ESP_IDF_VERSION_MAJOR >= 5
+#elif ESP_IDF_VERSION_MAJOR >= 4
     #include "protocol_examples_common.h"
 #else
     const static int CONNECTED_BIT = BIT0;
     static EventGroupHandle_t wifi_event_group;
 #endif
 
-/* prefix for logging */
-const static char *TAG = "tls_server";
-/* proto-type definition */
-extern void tls_smp_server_task();
-static void tls_smp_server_init();
-
-static void set_time()
-{
-    /* set dummy wallclock time. */
-    struct timeval utctime;
-    struct timezone tz;
-    struct strftime_buf;
-    time_t now;
-    struct tm timeinfo;
-    char strftime_buf[64];
-    /* please update the time if seeing unknown failure when loading cert.  */
-    /* this could cause TLS communication failure due to time expiration    */
-    /* incleasing 31536000 seconds is close to spend 356 days.              */
-    utctime.tv_sec = 1645797600; /* dummy time: Fri 25 Feb 2022 02:00:00 2022 */
-    utctime.tv_usec = 0;
-    tz.tz_minuteswest = 0;
-    tz.tz_dsttime = 0;
-
-    settimeofday(&utctime, &tz);
-
-    time(&now);
-    localtime_r(&now, &timeinfo);
-
-    strftime(strftime_buf, sizeof(strftime_buf), "%c", &timeinfo);
-    ESP_LOGI(TAG, "The current date/time is: %s", strftime_buf);
-
-#if ESP_IDF_VERSION_MAJOR < 4
-    /* wait until wifi connect */
-    xEventGroupWaitBits(wifi_event_group, CONNECTED_BIT,
-                                            false, true, portMAX_DELAY);
-#endif
-    /* now we start client tasks. */
-    tls_smp_server_init();
-}
-
-/* create task */
-static void tls_smp_server_init(void)
-{
-    int ret;
-#if ESP_IDF_VERSION_MAJOR >= 4
-        TaskHandle_t _handle;
+#if defined(ESP_IDF_VERSION_MAJOR) && defined(ESP_IDF_VERSION_MINOR)
+    #if ESP_IDF_VERSION_MAJOR >= 4
+        /* likely using examples, see wifi_connect.h */
+    #else
+        /* TODO - still supporting pre V4 ? */
+        const static int CONNECTED_BIT = BIT0;
+        static EventGroupHandle_t wifi_event_group;
+    #endif
+    #if (ESP_IDF_VERSION_MAJOR == 5)
+        #define HAS_WPA3_FEATURES
+    #else
+        #undef HAS_WPA3_FEATURES
+    #endif
 #else
-        xTaskHandle _handle;
+    /* TODO Consider pre IDF v5? */
 #endif
-    /* http://esp32.info/docs/esp_idf/html/dd/d3c/group__xTaskCreate.html */
-    ret = xTaskCreate(tls_smp_server_task,
-                      TLS_SMP_SERVER_TASK_NAME,
-                      TLS_SMP_SERVER_TASK_WORDS,
-                      NULL,
-                      TLS_SMP_SERVER_TASK_PRIORITY,
-                      &_handle);
-
-    if (ret != pdPASS) {
-        ESP_LOGI(TAG, "create thread %s failed", TLS_SMP_SERVER_TASK_NAME);
-    }
-}
+
+/* breadcrumb prefix for logging */
+const static char *TAG = "wifi_connect";
+
 #if ESP_IDF_VERSION_MAJOR < 4
 /* event handler for wifi events */
 static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
@@ -114,14 +73,14 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
         esp_wifi_connect();
         break;
     case SYSTEM_EVENT_STA_GOT_IP:
-#if ESP_IDF_VERSION_MAJOR >= 4
+    #if ESP_IDF_VERSION_MAJOR >= 4
         ESP_LOGI(TAG, "got ip:" IPSTR "\n",
                  IP2STR(&event->event_info.got_ip.ip_info.ip));
-#else
+    #else
         ESP_LOGI(TAG, "got ip:%s",
                  ip4addr_ntoa(&event->event_info.got_ip.ip_info.ip));
-#endif
-        /* http://esp32.info/docs/esp_idf/html/dd/d08/group__xEventGroupSetBits.html */
+    #endif
+        /* see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html */
         xEventGroupSetBits(wifi_event_group, CONNECTED_BIT);
         break;
     case SYSTEM_EVENT_STA_DISCONNECTED:
@@ -133,97 +92,184 @@ static esp_err_t wifi_event_handler(void *ctx, system_event_t *event)
     }
     return ESP_OK;
 }
-#endif
-/* entry point */
-void app_main(void)
-{
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "--------------------------------------------------------");
-    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
-    ESP_LOGI(TAG, "");
-    ESP_LOGI(TAG, "WARNING: Multiple wolfSSL installs found.");
-    ESP_LOGI(TAG, "Check ESP-IDF and local project [components] directory.");
-    ESP_LOGI(TAG, "");
-#endif
+#else
 
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef CONFIG_ESP_MAXIMUM_RETRY
+    #define EXAMPLE_ESP_MAXIMUM_RETRY  CONFIG_ESP_MAXIMUM_RETRY
+#else
+    #define CONFIG_ESP_MAXIMUM_RETRY 5
 #endif
 
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#if CONFIG_ESP_WIFI_AUTH_OPEN
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_OPEN
+#elif CONFIG_ESP_WIFI_AUTH_WEP
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WEP
+#elif CONFIG_ESP_WIFI_AUTH_WPA_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA_WPA2_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA_WPA2_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WPA2_WPA3_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WPA2_WPA3_PSK
+#elif CONFIG_ESP_WIFI_AUTH_WAPI_PSK
+#define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD WIFI_AUTH_WAPI_PSK
 #endif
 
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifndef ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD
+    #define CONFIG_ESP_WIFI_AUTH_WPA2_PSK 1
+    #define ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD CONFIG_ESP_WIFI_AUTH_WPA2_PSK
 #endif
 
+/* FreeRTOS event group to signal when we are connected*/
+static EventGroupHandle_t s_wifi_event_group;
 
-    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
-    /* not available for C3 at this time */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
-    ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
-             );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#else
-    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
-            );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
-#endif
+/* The event group allows multiple bits for each event, but we only care about two events:
+ * - we are connected to the AP with an IP
+ * - we failed to connect after the maximum amount of retries */
+#define WIFI_CONNECTED_BIT BIT0
+#define WIFI_FAIL_BIT      BIT1
 
-    /* all platforms: stack high water mark check */
-    ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
-    ESP_ERROR_CHECK(nvs_flash_init());
+static int s_retry_num = 0;
+ip_event_got_ip_t* event;
+
+
+static void event_handler(void* arg,
+                          esp_event_base_t event_base,
+                          int32_t event_id,
+                          void* event_data)
+{
+    if (event_base == WIFI_EVENT && event_id == WIFI_EVENT_STA_START) {
+        esp_wifi_connect();
+    }
+    else if (event_base == WIFI_EVENT &&
+             event_id == WIFI_EVENT_STA_DISCONNECTED) {
+        if (s_retry_num < EXAMPLE_ESP_MAXIMUM_RETRY) {
+            esp_wifi_connect();
+            s_retry_num++;
+            ESP_LOGI(TAG, "retry to connect to the AP");
+        }
+        else {
+            xEventGroupSetBits(s_wifi_event_group, WIFI_FAIL_BIT);
+        }
+        ESP_LOGI(TAG, "connect to the AP fail");
+    }
+    else if (event_base == IP_EVENT && event_id == IP_EVENT_STA_GOT_IP) {
+        event = (ip_event_got_ip_t*) event_data;
+        wifi_show_ip();
+        s_retry_num = 0;
+        xEventGroupSetBits(s_wifi_event_group, WIFI_CONNECTED_BIT);
+    }
+}
+
+int wifi_init_sta(void)
+{
+    int ret = ESP_OK;
+
+    s_wifi_event_group = xEventGroupCreate();
+
+    ESP_ERROR_CHECK(esp_netif_init());
+
+    ESP_ERROR_CHECK(esp_event_loop_create_default());
+    esp_netif_create_default_wifi_sta();
 
-    ESP_LOGI(TAG, "Initialize wifi");
-    /* TCP/IP adapter initialization */
-#if (ESP_IDF_VERSION_MAJOR == 4 && ESP_IDF_VERSION_MINOR >= 1) || \
-    (ESP_IDF_VERSION_MAJOR >= 5)
-    esp_netif_init();
-#else
-    tcpip_adapter_init();
-#endif
-    /* */
-#if ESP_IDF_VERSION_MAJOR >= 4
-   ESP_ERROR_CHECK(esp_event_loop_create_default());
-   /* This helper function configures Wi-Fi or Ethernet, as selected in menuconfig.
-   * Read "Establishing Wi-Fi or Ethernet Connection" section in
-   * examples/protocols/README.md for more information about this function.
-   */
-    ESP_ERROR_CHECK(example_connect());
-#else
-    wifi_event_group = xEventGroupCreate();
-    ESP_ERROR_CHECK(esp_event_loop_init(wifi_event_handler, NULL));
     wifi_init_config_t cfg = WIFI_INIT_CONFIG_DEFAULT();
     ESP_ERROR_CHECK(esp_wifi_init(&cfg));
 
+    esp_event_handler_instance_t instance_any_id;
+    esp_event_handler_instance_t instance_got_ip;
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(WIFI_EVENT,
+                                                        ESP_EVENT_ANY_ID,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &instance_any_id));
+    ESP_ERROR_CHECK(esp_event_handler_instance_register(IP_EVENT,
+                                                        IP_EVENT_STA_GOT_IP,
+                                                        &event_handler,
+                                                        NULL,
+                                                        &instance_got_ip));
+
     wifi_config_t wifi_config = {
         .sta = {
-            .ssid = TLS_SMP_WIFI_SSID,
-            .password = TLS_SMP_WIFI_PASS,
+            .ssid = EXAMPLE_ESP_WIFI_SSID,
+            .password = EXAMPLE_ESP_WIFI_PASS,
+            /* Authmode threshold resets to WPA2 as default if password matches
+             * WPA2 standards (pasword len => 8). If you want to connect the
+             * device to deprecated WEP/WPA networks, Please set the threshold
+             * value WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK and set the password with
+             * length and format matching to WIFI_AUTH_WEP/WIFI_AUTH_WPA_PSK
+             * standards. */
+            .threshold.authmode = ESP_WIFI_SCAN_AUTH_MODE_THRESHOLD,
+        #ifdef HAS_WPA3_FEATURES
+            .sae_pwe_h2e = WPA3_SAE_PWE_BOTH,
+        #endif
         },
     };
-    /* WiFi station mode */
     ESP_ERROR_CHECK(esp_wifi_set_mode(WIFI_MODE_STA) );
-    /* Wifi Set the configuration of the ESP32 STA or AP */
-    ESP_ERROR_CHECK(esp_wifi_set_config(ESP_IF_WIFI_STA, &wifi_config) );
-    /* Start Wifi */
+    ESP_ERROR_CHECK(esp_wifi_set_config(WIFI_IF_STA, &wifi_config) );
+
+#ifdef CONFIG_EXAMPLE_WIFI_SSID
+    if (XSTRCMP(CONFIG_EXAMPLE_WIFI_SSID, "myssid") == 0) {
+        ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID is \"myssid\".");
+        ESP_LOGW(TAG, "  Do you have a WiFi AP called \"myssid\", ");
+        ESP_LOGW(TAG, "  or did you forget the ESP-IDF configuration?");
+    }
+#else
+    ESP_LOGW(TAG, "WARNING: CONFIG_EXAMPLE_WIFI_SSID not defined.");
+#endif
+
     ESP_ERROR_CHECK(esp_wifi_start() );
 
     ESP_LOGI(TAG, "wifi_init_sta finished.");
-    ESP_LOGI(TAG, "connect to ap SSID:%s password:%s",
-                                        TLS_SMP_WIFI_SSID, TLS_SMP_WIFI_PASS);
+
+    /* Waiting until either the connection is established (WIFI_CONNECTED_BIT)
+     * or connection failed for the maximum number of re-tries (WIFI_FAIL_BIT).
+     * The bits are set by event_handler() (see above) */
+    EventBits_t bits = xEventGroupWaitBits(s_wifi_event_group,
+            WIFI_CONNECTED_BIT | WIFI_FAIL_BIT,
+            pdFALSE,
+            pdFALSE,
+            portMAX_DELAY);
+
+    /* xEventGroupWaitBits() returns the bits before the call returned,
+     * hence we can test which event actually happened. */
+#if defined(SHOW_SSID_AND_PASSWORD)
+    ESP_LOGW(TAG, "Undefine SHOW_SSID_AND_PASSWORD to not show SSID/password");
+    if (bits & WIFI_CONNECTED_BIT) {
+        ESP_LOGI(TAG, "connected to ap SSID:%s password:%s",
+                       EXAMPLE_ESP_WIFI_SSID,
+                       EXAMPLE_ESP_WIFI_PASS);
+    }
+    else if (bits & WIFI_FAIL_BIT) {
+        ESP_LOGI(TAG, "Failed to connect to SSID:%s, password:%s",
+                       EXAMPLE_ESP_WIFI_SSID,
+                       EXAMPLE_ESP_WIFI_PASS);
+    }
+    else {
+        ESP_LOGE(TAG, "UNEXPECTED EVENT");
+    }
+#else
+    if (bits & WIFI_CONNECTED_BIT) {
+        ESP_LOGI(TAG, "Connected to AP");
+    }
+    else if (bits & WIFI_FAIL_BIT) {
+        ESP_LOGI(TAG, "Failed to connect to AP");
+        ret = -1;
+    }
+    else {
+        ESP_LOGE(TAG, "AP UNEXPECTED EVENT");
+        ret = -2;
+    }
 #endif
-    ESP_LOGI(TAG, "Set dummy time...");
-    set_time();
+    return ret;
 }
+
+int wifi_show_ip(void)
+{
+    /* ESP_LOGI(TAG, "got ip:" IPSTR, IP2STR(&event->ip_info.ip)); */
+    return 0;
+}
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
new file mode 100644
index 00000000..0b2fcd1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
@@ -0,0 +1,31 @@
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the "Single factory app, no OTA" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the "Factory app, two OTA definitions" configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
index 914efa6c..0dadfac6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
@@ -1,12 +1,79 @@
+# wolfSSL Espressif Example Project CMakeLists.txt
+#   v1.0
+#
 # The following lines of boilerplate have to be in your project's
 # CMakeLists in this exact order for cmake to work correctly
-cmake_minimum_required(VERSION 3.5)
+cmake_minimum_required(VERSION 3.16)
+
+# The wolfSSL CMake file should be able to find the source code.
+# Otherwise, assign an environment variable or set it here:
+#
+# set(WOLFSSL_ROOT "~/workspace/wolfssl-other-source")
+#
+# Optional WOLFSSL_CMAKE_SYSTEM_NAME detection to find
+# USE_MY_PRIVATE_CONFIG path for my_private_config.h
+#
+# Expected path varies:
+#
+#     WSL:  /mnt/c/workspace
+#   Linux:  ~/workspace
+# Windows:  C:\workspace
+#
+if(WIN32)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WINDOWS")
+    message("Detected Windows")
+endif()
+if(CMAKE_HOST_UNIX)
+    message("Detected UNIX")
+endif()
+if(APPLE)
+    message("Detected APPLE")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND EXISTS "/proc/sys/fs/binfmt_misc/WSLInterop")
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_WSL")
+    message("Detected WSL")
+endif()
+if(CMAKE_HOST_UNIX AND (NOT APPLE) AND (NOT WIN32))
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_LINUX")
+    message("Detected Linux")
+endif()
+if(APPLE)
+    # Windows-specific configuration here
+    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_CMAKE_SYSTEM_NAME_APPLE")
+    message("Detected Apple")
+endif()
+# End optional WOLFSSL_CMAKE_SYSTEM_NAME
+
+# Check that there are not conflicting wolfSSL components
+# The ESP Registry Component will be in ./managed_components/wolfssl__wolfssl
+# The local component wolfSSL directory will be in ./components/wolfssl
+if( EXISTS "${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" AND EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl" )
+    # These exclude statements don't seem to be honored by the $ENV{IDF_PATH}/tools/cmake/project.cmake'
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl" EXCLUDE_FROM_ALL)
+    # add_subdirectory("${CMAKE_HOME_DIRECTORY}/managed_components/wolfssl__wolfssl/include" EXCLUDE_FROM_ALL)
+    # So we'll error out and let the user decide how to proceed:
+    message(WARNING "\nFound wolfSSL components in\n"
+                    "./managed_components/wolfssl__wolfssl\n"
+                    "and\n"
+                    "./components/wolfssl\n"
+                    "in project directory: \n"
+                    "${CMAKE_HOME_DIRECTORY}")
+    message(FATAL_ERROR "\nPlease use either the ESP Registry Managed Component or the wolfSSL component directory but not both.\n"
+                        "If removing the ./managed_components/wolfssl__wolfssl directory, remember to also remove "
+                        "or rename the idf_component.yml file typically found in ./main/")
+else()
+    message(STATUS "No conflicting wolfSSL components found.")
+endif()
 
 include($ENV{IDF_PATH}/tools/cmake/project.cmake)
 
 set(COMPONENTS
   main
   wolfssl
+  # cryptoauthlib
 ) # set components
 
 project(wolfssl_test)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
index 5be9875e..e4e79dce 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
@@ -1,6 +1,28 @@
 # wolfSSL Crypt Test Example
 
-The Example contains of wolfSSL test program.
+This is the ESP32 Version of the [wolfSSL wolfcrypt test application](https://github.com/wolfSSL/wolfssl/tree/master/wolfcrypt/test).
+
+For general information on [wolfSSL examples for Espressif](../README.md), see the
+[README](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/README.md) file.
+
+## ESP Registry
+
+The easiest way to get started with wolfSSL is by using the 
+[ESP Registry](https://components.espressif.com/components/wolfssl/wolfssl/) examples.
+
+```
+. ~/esp/esp-idf/export.sh
+idf.py create-project-from-example "wolfssl/wolfssl^5.6.0-stable:wolfssl_test"
+cd wolfssl_benchmark
+idf.py -b 115200 flash monitor
+```
+
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the [VisualGDB directory](./VisualGDB/README.md) and click the "Start" button.
+No wolfSSL setup is needed. You may need to adjust your specific COM port. The default is `COM20`.
+
+## ESP-IDF Commandline
 
 1. `idf.py menuconfig` to configure the program.  
     1-1. Example Configuration ->
@@ -20,18 +42,27 @@ Reminder than when building on WSL in `/mnt/c` there will be a noticeable perfor
 Example build on WSL, assuming `git clone` from `c:\workspace`:
 
 ```
-# Optionally install wolfSSL component
-# cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF
-./setup.sh
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
 
 # switch to test example
 cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
 
-# Pick ESP-IDF install directory, this one for v4.4.2 in VisualGDB
-. /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
+# Pick ESP-IDF install directory, this one for v5.1 in VisualGDB
+. /mnt/c/SysGCC/esp32/esp-idf/v5.1/export.sh
 
-# build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+# set target chipset
+idf.py set-target esp32s3
+
+# erase
+idf.py erase-flash -p /dev/ttyS24 -b 115200
+
+# start with a low upload speed, then increase as found operational
+idf.py 
+# build and flash, in this example to COM24
+idf.py build flash -p /dev/ttyS24 -b 115200 monitor
 ```
 
 ## Example Output
@@ -41,7 +72,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
 for help in optimizing for your particular application, or see the 
 [docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
 
-Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 115200 monitor`:
 
 ```
 ets Jun  8 2016 00:22:57
@@ -140,3 +171,5 @@ I (136548) wolfcrypt_test: Exiting main with return code:  0
 
 I (136548) wolfssl_test: wolf_test_task complete success result code = 0
 ```
+
+See the README.md file in the upper level 'examples' directory for [more information about examples](../README.md).
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
index a916faca..e82e19b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
@@ -17,208 +17,435 @@
 #  along with this program; if not, write to the Free Software
 #  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
 #
-# cmake for wolfssl
+# cmake for wolfssl Espressif projects
 #
-cmake_minimum_required(VERSION 3.5)
+# Version 5.6.0.011 for detect test/benchmark
+#
+# See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html
+#
+
+cmake_minimum_required(VERSION 3.16)
 set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS")
 set(CMAKE_CURRENT_SOURCE_DIR ".")
+set(COMPONENT_REQUIRES lwip) # we typically don't need lwip directly in wolfssl component
+set(WOLFSSL_ROOT "$ENV{WOLFSSL_ROOT}" )
+
+# find the user name to search for possible "wolfssl-username"
+message(STATUS "USERNAME = $ENV{USERNAME}")
+if(  "$ENV{USER}" STREQUAL "" ) # the bash user
+    if(  "$ENV{USERNAME}" STREQUAL "" ) # the Windows user
+        message(STATUS "could not find USER or USERNAME")
+    else()
+        # the bash user is not blank, so we'll use it.
+        set(THIS_USER "$ENV{USERNAME}")
+    endif()
+else()
+    # the bash user is not blank, so we'll use it.
+    set(THIS_USER "$ENV{USER}")
+endif()
+message(STATUS "THIS_USER = ${THIS_USER}")
+
 
-# We are currently in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+# COMPONENT_NAME = wolfssl
+# The component name is the directory name. "No feature to change this".
+# See https://github.com/espressif/esp-idf/issues/8978#issuecomment-1129892685
+
+# set the root of wolfSSL in top-level project CMakelists.txt:
+#   set(WOLFSSL_ROOT  "C:/some path/with/spaces")
+#   set(WOLFSSL_ROOT  "c:/workspace/wolfssl-[username]")
+#   set(WOLFSSL_ROOT  "/mnt/c/some path/with/spaces")
+#   or use this logic to assign value from Environment Variable WOLFSSL_ROOT,
+#   or assume this is an example 7 subdirectories below:
+
+# We are typically in [root]/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
 # The root of wolfSSL is 7 directories up from here:
-get_filename_component(WOLFSSL_ROOT  "../../../../../../../" ABSOLUTE)
 
-# Espressif may take several passes through this makefile. Check to see if we found IDF
-string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+# function: IS_WOLFSSL_SOURCE
+#  parameter: DIRECTORY_PARAMETER - the directory to test
+#  output:    RESULT = contains contents of DIRECTORY_PARAMETER for wolfssl directory, otherwise blank.
+function(IS_WOLFSSL_SOURCE DIRECTORY_PARAMETER RESULT)
+    if (EXISTS "${DIRECTORY_PARAMETER}/wolfcrypt/src")
+        set(${RESULT} "${DIRECTORY_PARAMETER}" PARENT_SCOPE)
+    else()
+        set(${RESULT} "" PARENT_SCOPE)
+    endif()
+endfunction()
 
-if($WOLFSSL_FOUND_IDF)
-    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
-    message(STATUS "WOLFSSL_ROOT = ${WOLFSSL_ROOT}")
-    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
-endif()
+# function: FIND_WOLFSSL_DIRECTORY
+#  parameter: OUTPUT_FOUND_WOLFSSL_DIRECTORY contains root of source code, otherwise blank
+#
+function(FIND_WOLFSSL_DIRECTORY OUTPUT_FOUND_WOLFSSL_DIRECTORY)
+    message(STATUS "Starting FIND_WOLFSSL_DIRECTORY")
+    set(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}")
+    if( "${CURRENT_SEARCH_DIR}" STREQUAL "" )
+        message(STATUS "The WOLFSSL_ROOT environment variable is not set. Searching...")
+    else()
+        get_filename_component(CURRENT_SEARCH_DIR "$ENV{WOLFSSL_ROOT}" ABSOLUTE)
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if("${FOUND_WOLFSSL}")
+            message(STATUS "Found WOLFSSL_ROOT via Environment Variable:")
+        else()
+            message(FATAL_ERROR "WOLFSSL_ROOT Environment Variable defined, but path not found:")
+            message(STATUS "$ENV{WOLFSSL_ROOT}")
+        endif()
+    endif()
 
-# get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
-FILE(GLOB EXCLUDE_ASM *.S)
-file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+    # we'll start in the CMAKE_CURRENT_SOURCE_DIR, typically [something]/projectname/components/wolfssl
+    message(STATUS "CMAKE_CURRENT_SOURCE_DIR = ${CMAKE_CURRENT_SOURCE_DIR}")
+    get_filename_component(CURRENT_SEARCH_DIR "${CMAKE_CURRENT_SOURCE_DIR}" ABSOLUTE)
+    message(STATUS "CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+    string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
 
-if(NOT CMAKE_BUILD_EARLY_EXPANSION)
-    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
-endif()
+    # loop through all the parents, looking for wolfssl
+    while(NOT CURRENT_SEARCH_DIR STREQUAL "/" AND NOT CURRENT_SEARCH_DIR STREQUAL "" )
+        string(LENGTH ${CURRENT_SEARCH_DIR} CURRENT_SEARCH_DIR_LENGTH)
+        # wolfSSL may simply be in a parent directory, such as for local examples in wolfssl repo
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR}" FOUND_WOLFSSL)
+        if( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
-set(INCLUDE_PATH ${WOLFSSL_ROOT})
+        if( THIS_USER )
+            # Check for "wolfssl-[username]" subdirectory as we recurse up the directory tree
+            set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl-${THIS_USER})
+            message(STATUS "Looking in ${CURRENT_SEARCH_DIR}")
 
-set(COMPONENT_SRCDIRS "${WOLFSSL_ROOT}/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/benchmark/"
-                        "${WOLFSSL_ROOT}/wolfcrypt/test/"
-                        )
+            #if(EXISTS ${CURRENT_SEARCH_DIR_ALT} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR_ALT} AND EXISTS "${CURRENT_SEARCH_DIR_ALT}/wolfcrypt/src")
+            IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+            if ( FOUND_WOLFSSL )
+               message(STATUS "Found wolfssl in user-suffix CURRENT_SEARCH_DIR_ALT = ${CURRENT_SEARCH_DIR_ALT}")
+                set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR_ALT} PARENT_SCOPE)
+                return()
+            endif()
+        endif()
 
-set(COMPONENT_REQUIRES lwip)
+        # Next check for no user suffix "wolfssl" subdirectory as we recurse up the directory tree
+        set(CURRENT_SEARCH_DIR_ALT ${CURRENT_SEARCH_DIR}/wolfssl)
+        # if(EXISTS ${CURRENT_SEARCH_DIR} AND IS_DIRECTORY ${CURRENT_SEARCH_DIR} AND EXISTS "${CURRENT_SEARCH_DIR}/wolfcrypt/src")
+        IS_WOLFSSL_SOURCE("${CURRENT_SEARCH_DIR_ALT}" FOUND_WOLFSSL )
+        if ( FOUND_WOLFSSL )
+            message(STATUS "Found wolfssl in CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+            set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} ${CURRENT_SEARCH_DIR} PARENT_SCOPE)
+            return()
+        endif()
 
+        # Move up one directory level
+        set(PRIOR_SEARCH_DIR "${CURRENT_SEARCH_DIR}")
+        get_filename_component(CURRENT_SEARCH_DIR "${CURRENT_SEARCH_DIR}" DIRECTORY)
+        message(STATUS "Next CURRENT_SEARCH_DIR = ${CURRENT_SEARCH_DIR}")
+        if( "${PRIOR_SEARCH_DIR}" STREQUAL "${CURRENT_SEARCH_DIR}" )
+            # when the search directory is empty, we'll give up
+            set(CURRENT_SEARCH_DIR "")
+        endif()
+    endwhile()
 
-# check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
-    #
-    # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
-    #
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
-    message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
-    message(STATUS "")
-    message(STATUS "To proceed: ")
-    message(STATUS "")
-    message(STATUS "Remove either the local project component: ${CMAKE_HOME_DIRECTORY}/components/wolfssl/ ")
-    message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
-    message(STATUS "")
-    message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
-    message(STATUS "")
-    message(STATUS "**************************************************************************************")
-    message(STATUS "")
+    # If not found, set the output variable to empty before exiting
+    set(${OUTPUT_FOUND_WOLFSSL_DIRECTORY} "" PARENT_SCOPE)
+endfunction()
+
+
+# Example usage:
 
-    # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
-    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
+
+
+if(CMAKE_BUILD_EARLY_EXPANSION)
+    message(STATUS "wolfssl component CMAKE_BUILD_EARLY_EXPANSION:")
+    idf_component_register(
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            PRIV_REQUIRES # esp_hw_support
+                                          esp_timer
+                                          driver # this will typically only be needed for wolfSSL benchmark
+                           )
 
 else()
-    if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+    # not CMAKE_BUILD_EARLY_EXPANSION
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config:")
+    message(STATUS "************************************************************************************************")
+
+    # search for wolfSSL
+    FIND_WOLFSSL_DIRECTORY(WOLFSSL_ROOT)
+    if(WOLFSSL_ROOT)
+        message(STATUS "NEW Found wolfssl directory at: ${WOLFSSL_ROOT}")
+    else()
+        message(STATUS "NEW wolfssl directory not found.")
+        # Abort. We need wolfssl _somewhere_.
+        message(FATAL_ERROR "Could not find wolfssl in ${WOLFSSL_ROOT}.\n"
+                            "Try setting WOLFSSL_ROOT environment variable or git clone.")
+    endif()
+
+    set(INCLUDE_PATH ${WOLFSSL_ROOT})
+
+    set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/src/")
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_benchmark" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/benchmark")
+    endif()
+
+    if( ${CMAKE_PROJECT_NAME} STREQUAL "wolfssl_test" )
+        set(WOLFSSL_EXTRA_PROJECT_DIR "${WOLFSSL_ROOT}/wolfcrypt/test")
+    endif()
+
+    set(COMPONENT_SRCDIRS "\"${WOLFSSL_ROOT}/src/\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/Espressif\""
+                          "\"${WOLFSSL_ROOT}/wolfcrypt/src/port/atmel\""
+                          "\"${WOLFSSL_EXTRA_PROJECT_DIR}\""
+                         ) # COMPONENT_SRCDIRS
+
+    message(STATUS "This COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+
+    set(WOLFSSL_PROJECT_DIR "${CMAKE_HOME_DIRECTORY}/components/wolfssl")
+    add_definitions(-DWOLFSSL_USER_SETTINGS_DIR="${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+
+
+    # Espressif may take several passes through this makefile. Check to see if we found IDF
+    string(COMPARE EQUAL "${PROJECT_SOURCE_DIR}" "" WOLFSSL_FOUND_IDF)
+
+    # get a list of all wolfcrypt assembly files; we'll exclude them as they don't target Xtensa
+    file(GLOB EXCLUDE_ASM *.S)
+    file(GLOB_RECURSE EXCLUDE_ASM ${CMAKE_SOURCE_DIR} "${WOLFSSL_ROOT}/wolfcrypt/src/*.S")
+
+    message(STATUS "IDF_PATH = $ENV{IDF_PATH}")
+    message(STATUS "PROJECT_SOURCE_DIR = ${PROJECT_SOURCE_DIR}")
+    message(STATUS "EXCLUDE_ASM = ${EXCLUDE_ASM}")
+
+    #
+    # Check to see if there's both a local copy and EDP-IDF copy of the wolfssl and/or wolfssh components.
+    #
+    if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
         #
-        # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
+        # wolfSSL found in both ESP-IDF and local project - needs to be resolved by user
         #
         message(STATUS "")
-        message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+        message(STATUS "Error: Found components/wolfssl in both local project and IDF_PATH")
+        message(STATUS "")
+        message(STATUS "To proceed: ")
         message(STATUS "")
+        message(STATUS "Remove either the local project component: ${WOLFSSL_PROJECT_DIR} ")
+        message(STATUS "or the Espressif shared component installed at: $ENV{IDF_PATH}/components/wolfssl/ ")
+        message(STATUS "")
+        message(FATAL_ERROR "Please use wolfSSL in either local project or Espressif components, but not both.")
+        message(STATUS "")
+        message(STATUS "**************************************************************************************")
+        message(STATUS "")
+
+        # Optional: if you change the above FATAL_ERROR to STATUS you can warn at runtime with this macro definition:
+        set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
+
     else()
-        #
-        # wolfSSL is not an ESP-IDF component. We need to now determine if it is local and if so if it is part of the wolfSSL repo
-        # or if  wolfSSL is simply installed as a local component.
-        #
-        if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" )
+        if( EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
             #
-            # wolfSSL found in local project.
+            # wolfSSL found in ESP-IDF components and is assumed to be already configured in user_settings.h via setup.
             #
-            if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/include/" )
-                message(STATUS "")
-                message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
-                #
-                # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
-                #
-                # We won't do anything else here, as it will be assumed the original install completed successfully.
-                #
-            else()
+            message(STATUS "")
+            message(STATUS "Using components/wolfssl in IDF_PATH = $ENV{IDF_PATH}")
+            message(STATUS "")
+        else()
+            #
+            # wolfSSL is not an ESP-IDF component.
+            # We need to now determine if it is local and if so if it is part of the wolfSSL repo,
+            # or if  wolfSSL is simply installed as a local component.
+            #
+
+            if( EXISTS "${WOLFSSL_PROJECT_DIR}" )
                 #
-                # This is the developer repo mode. wolfSSL will be assume to be not installed to ESP-IDF nor local project
-                # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                # wolfSSL found in local project.
                 #
-                message(STATUS "")
-                message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = $ENV{CMAKE_HOME_DIRECTORY}")
-                message(STATUS "")
+                if( EXISTS "${WOLFSSL_PROJECT_DIR}/wolfcrypt/" )
+                    message(STATUS "")
+                    message(STATUS "Using installed project ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
+                    #
+                    # Note we already checked above and confirmed there's not another wolfSSL installed in the ESP-IDF components.
+                    #
+                    # We won't do anything else here, as it will be assumed the original install completed successfully.
+                    #
+                else() # full wolfSSL not installed in local project
+                    #
+                    # This is the developer repo mode. wolfSSL will be assumed to be not installed to ESP-IDF nor local project
+                    # In this configuration, we are likely running a wolfSSL example found directly in the repo.
+                    #
+                    message(STATUS "")
+                    message(STATUS "Using developer repo ./components/wolfssl in CMAKE_HOME_DIRECTORY = ${CMAKE_HOME_DIRECTORY}")
+                    message(STATUS "")
 
-                message(STATUS "************************************************************************************************")
-                # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
-                # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
-                #
-                # first check if there's a [root]/include/user_settings.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
-                    # we won't overwrite an existing user settings file, just note that we already have one:
-                    message(STATUS "Found wolfSSL user_settings.h in ${WOLFSSL_ROOT}/include/user_settings.h")
-                else()
-                    message(STATUS "Installing wolfSSL user_settings.h to ${WOLFSSL_ROOT}/include/user_settings.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                endif() # user_settings.h
+                    message(STATUS "************************************************************************************************")
+                    # When in developer mode, we are typically running wolfSSL examples such as benchmark or test directories.
+                    # However, the as-cloned or distributed wolfSSL does not have the ./include/ directory, so we'll add it as needed.
+                    #
+                    # first check if there's a [root]/include/user_settings.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/user_settings.h" )
+                        message(FATAL_ERROR "Found stray wolfSSL user_settings.h in "
+                                            "${WOLFSSL_ROOT}/include/user_settings.h "
+                                            " (please move it to ${WOLFSSL_PROJECT_DIR}/include/user_settings.h )")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/user_settings.h" )
+                            message(STATUS "Using existing wolfSSL user_settings.h in "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                        else()
+                            message(STATUS "Installing wolfSSL user_settings.h to "
+                                            "${WOLFSSL_PROJECT_DIR}/include/user_settings.h")
+                            file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/user_settings.h"
+                            DESTINATION "${CMAKE_HOME_DIRECTORY}/wolfssl/include/")
+                        endif()
+                    endif() # user_settings.h
 
-                # next check if there's a [root]/include/config.h
-                if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
-                    message(STATUS "Found wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h")
-                else()
-                    message(STATUS "Installing wolfSSL config.h to ${WOLFSSL_ROOT}/include/config.h")
-                    file(COPY "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_ROOT}/include/")
-                    file(RENAME "${WOLFSSL_ROOT}/include/dummy_config_h" "${WOLFSSL_ROOT}/include/config.h")
-                endif() # config.h
-                message(STATUS "************************************************************************************************")
-                message(STATUS "")
-            endif()
+                    # next check if there's a [root]/include/config.h
+                    if( EXISTS "${WOLFSSL_ROOT}/include/config.h" )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "Found stray wolfSSL config.h in ${WOLFSSL_ROOT}/include/config.h"              )
+                        message(STATUS "  Please move it to ${WOLFSSL_PROJECT_DIR}/include/config.h"                   )
+                        message(STATUS "******************************************************************************")
+                        message(STATUS "******************************************************************************")
+                    else()
+                        # we won't overwrite an existing user settings file, just note that we already have one:
+                        if( EXISTS "${WOLFSSL_PROJECT_DIR}/include/config.h" )
+                            message(STATUS "Using existing wolfSSL config.h           ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        else()
+                            message(STATUS "Installing wolfSSL config.h to            ${WOLFSSL_PROJECT_DIR}/include/config.h")
+                            file(COPY   "${WOLFSSL_ROOT}/IDE/Espressif/ESP-IDF/dummy_config_h" DESTINATION "${WOLFSSL_PROJECT_DIR}/include/")
+                            file(RENAME "${WOLFSSL_PROJECT_DIR}/include/dummy_config_h" "${WOLFSSL_PROJECT_DIR}/include/config.h")
+                        endif() # Project config.h
+                    endif() # WOLFSSL_ROOT config.h
+                    message(STATUS "************************************************************************************************")
+                    message(STATUS "")
+                endif()
 
-        else()
-            # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
-            if($WOLFSSL_FOUND_IDF)
-                message(STATUS "")
-                message(STATUS "WARNING: wolfSSL not found.")
-                message(STATUS "")
             else()
-                # probably needs to be re-parsed by Espressif
-                message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
-            endif() # else we have not found ESP-IDF yet
-        endif() # else not a local wolfSSL component
+                # we did not find a ./components/wolfssl/include/ directory from this pass of cmake.
+                if($WOLFSSL_FOUND_IDF)
+                    message(STATUS "")
+                    message(STATUS "WARNING: wolfSSL not found.")
+                    message(STATUS "")
+                else()
+                    # probably needs to be re-parsed by Espressif
+                    message(STATUS "wolfSSL found IDF. Project Source:${PROJECT_SOURCE_DIR}")
+                endif() # else we have not found ESP-IDF yet
+            endif() # else not a local wolfSSL component
+
+        endif() #else not an ESP-IDF component
+    endif() # else not local copy and EDP-IDF wolfSSL
 
-    endif() #else not an ESP-IDF component
-endif() # else not local copy and EDP-IDF wolfSSL
 
+    # RTOS_IDF_PATH is typically:
+    # "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
+    # depending on the environment, we may need to swap backslashes with forward slashes
+    string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-# RTOS_IDF_PATH is typically:
-# "/Users/{username}/Desktop/esp-idf/components/freertos/include/freertos"
-# depending on the environment, we may need to swap backslashes with forward slashes
-string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+    string(REPLACE "\\" "/" WOLFSSL_ROOT ${WOLFSSL_ROOT})
+
+    if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+        message(STATUS "Found current RTOS path: ${RTOS_IDF_PATH}")
+    else()
+        # ESP-IDF prior version 4.4x has a different RTOS directory structure
+        string(REPLACE "\\" "/" RTOS_IDF_PATH "$ENV{IDF_PATH}/components/freertos/include/freertos")
+        if(IS_DIRECTORY "${RTOS_IDF_PATH}")
+            message(STATUS "Found legacy RTOS path: ${RTOS_IDF_PATH}")
+        else()
+            message(STATUS "Could not find RTOS path")
+        endif()
+    endif()
 
-# ESP-IDF after version 4.4x has a different RTOS directory structure
-string(REPLACE "\\" "/" RTOS_IDF_PATH5 "$ENV{IDF_PATH}/components/freertos/FreeRTOS-Kernel/include/freertos")
 
-if(IS_DIRECTORY ${IDF_PATH}/components/freertos/FreeRTOS-Kernel/)
     set(COMPONENT_ADD_INCLUDEDIRS
-        "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH5}"
-       "${WOLFSSL_ROOT}"
-       )
-else()
+        "./include" # this is the location of wolfssl user_settings.h
+        "\"${WOLFSSL_ROOT}/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/\""
+        "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\""
+        "\"${RTOS_IDF_PATH}/\""
+        )
 
-   set(COMPONENT_ADD_INCLUDEDIRS
-       "."
-       "${WOLFSSL_ROOT}/include"
-       "${RTOS_IDF_PATH}"
-       "${WOLFSSL_ROOT}"
-      )
-endif()
 
-if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
-    list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
-endif()
+    if(IS_DIRECTORY ${IDF_PATH}/components/cryptoauthlib)
+        list(APPEND COMPONENT_ADD_INCLUDEDIRS "../cryptoauthlib/lib")
+    endif()
+
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/\"")
+    list(APPEND COMPONENT_ADD_INCLUDEDIRS "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt/\"")
+
+
+
+    set(COMPONENT_SRCEXCLUDE
+        "\"${WOLFSSL_ROOT}/src/bio.c\""
+        "\"${WOLFSSL_ROOT}/src/conf.c\""
+        "\"${WOLFSSL_ROOT}/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/src/pk.c\""
+        "\"${WOLFSSL_ROOT}/src/ssl_asn1.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_bn.c\""      # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_certman.c\"" # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_crypto.c\""  # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/ssl_misc.c\""    # included by ssl.c
+        "\"${WOLFSSL_ROOT}/src/x509.c\""
+        "\"${WOLFSSL_ROOT}/src/x509_str.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/evp.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/misc.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_arm64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_armthumb.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c32.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_c64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_cortexm.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64.c\""
+        "\"${WOLFSSL_ROOT}/wolfcrypt/src/sp_sm2_x86_64_asm.S\""
+        "\"${EXCLUDE_ASM}\""
+        )
+
+    spaces2list(COMPONENT_REQUIRES)
+
+    separate_arguments(COMPONENT_SRCDIRS NATIVE_COMMAND "${COMPONENT_SRCDIRS}")
+    separate_arguments(COMPONENT_SRCEXCLUDE NATIVE_COMMAND "${COMPONENT_SRCEXCLUDE}")
+    separate_arguments(COMPONENT_ADD_INCLUDEDIRS NATIVE_COMMAND "${COMPONENT_ADD_INCLUDEDIRS}")
+
+    #
+    # See https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/build-system.html#example-component-requirements
+    #
+    message(STATUS "COMPONENT_SRCDIRS = ${COMPONENT_SRCDIRS}")
+    message(STATUS "COMPONENT_ADD_INCLUDEDIRS = ${COMPONENT_ADD_INCLUDEDIRS}")
+    message(STATUS "COMPONENT_REQUIRES = ${COMPONENT_REQUIRES}")
+    message(STATUS "COMPONENT_SRCEXCLUDE = ${COMPONENT_SRCEXCLUDE}")
+
+    #
+    # see https://docs.espressif.com/projects/esp-idf/en/stable/esp32/migration-guides/release-5.x/build-system.html?highlight=space%20path
+    #
+    set(EXTRA_COMPONENT_DIRS "${COMPONENT_SRCDIRS}")
+    idf_component_register(
+                            SRC_DIRS "${COMPONENT_SRCDIRS}"
+                            INCLUDE_DIRS "${COMPONENT_ADD_INCLUDEDIRS}"
+                            REQUIRES "${COMPONENT_REQUIRES}"
+                            EXCLUDE_SRCS "${COMPONENT_SRCEXCLUDE}"
+                            PRIV_REQUIRES esp_timer driver # this will typically only be needed for wolfSSL benchmark
+                           )
+    # some optional diagnostics
+    if (1)
+        get_cmake_property(_variableNames VARIABLES)
+        list (SORT _variableNames)
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES BEGIN")
+        message(STATUS "")
+        foreach (_variableName ${_variableNames})
+            message(STATUS "${_variableName}=${${_variableName}}")
+        endforeach()
+        message(STATUS "")
+        message(STATUS "ALL VARIABLES END")
+        message(STATUS "")
+    endif()
+
+    # target_sources(wolfssl PRIVATE  "\"${WOLFSSL_ROOT}/wolfssl/\""  "\"${WOLFSSL_ROOT}/wolfssl/wolfcrypt\"")
+
+endif() # CMAKE_BUILD_EARLY_EXPANSION
+
 
-set(COMPONENT_SRCEXCLUDE
-    "${WOLFSSL_ROOT}/src/bio.c"
-    "${WOLFSSL_ROOT}/src/conf.c"
-    "${WOLFSSL_ROOT}/src/misc.c"
-    "${WOLFSSL_ROOT}/src/pk.c"
-    "${WOLFSSL_ROOT}/src/ssl_asn1.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_bn.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/ssl_misc.c" # included by ssl.c
-    "${WOLFSSL_ROOT}/src/x509.c"
-    "${WOLFSSL_ROOT}/src/x509_str.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/evp.c"
-    "${WOLFSSL_ROOT}/wolfcrypt/src/misc.c"
-    "${EXCLUDE_ASM}"
-    )
-
-register_component()
-
-# some optional diagnostics
-if (0)
-    get_cmake_property(_variableNames VARIABLES)
-    list (SORT _variableNames)
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES BEGIN")
-    message(STATUS "")
-    foreach (_variableName ${_variableNames})
-        message(STATUS "${_variableName}=${${_variableName}}")
-    endforeach()
-    message(STATUS "")
-    message(STATUS "ALL VARIABLES END")
-    message(STATUS "")
-endif()
 
 # check to see if there's both a local copy and EDP-IDF copy of the wolfssl components
-if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
+if( EXISTS "${WOLFSSL_PROJECT_DIR}" AND EXISTS "$ENV{IDF_PATH}/components/wolfssl/" )
     message(STATUS "")
     message(STATUS "")
     message(STATUS "********************************************************************")
@@ -229,3 +456,69 @@ endif()
 # end multiple component check
 
 
+#
+# LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
+#
+# Save the THIS_VAR as a string in a macro called VAR_OUPUT
+#
+# VAR_OUPUT:  the name of the macro to define
+# THIS_VAR:   the OUTPUT_VARIABLE result from a execute_process()
+# VAR_RESULT: the RESULT_VARIABLE from a execute_process(); "0" if successful.
+#
+function ( LIBWOLFSSL_SAVE_INFO VAR_OUPUT THIS_VAR VAR_RESULT )
+    # is the RESULT_VARIABLE output value 0? If so, IS_VALID_VALUE is true.
+    string(COMPARE EQUAL "${VAR_RESULT}" "0" IS_VALID_VALUE)
+
+    # if we had a successful operation, save the THIS_VAR in VAR_OUPUT
+    if(${IS_VALID_VALUE})
+        # strip newline chars in THIS_VAR parameter and save in VAR_VALUE
+        string(REPLACE "\n" ""  VAR_VALUE  ${THIS_VAR})
+
+        # we'll could percolate the value to the parent for possible later use
+        # set(${VAR_OUPUT} ${VAR_VALUE} PARENT_SCOPE)
+
+        # but we're only using it here in this function
+        set(${VAR_OUPUT} ${VAR_VALUE})
+
+        # we'll print what we found to the console
+        message(STATUS "Found ${VAR_OUPUT}=${VAR_VALUE}")
+
+        # the interesting part is defining the VAR_OUPUT name a value to use in the app
+        add_definitions(-D${VAR_OUPUT}=\"${VAR_VALUE}\")
+    else()
+        # if we get here, check the execute_process command and parameters.
+        message(STATUS "LIBWOLFSSL_SAVE_INFO encountered a non-zero VAR_RESULT")
+        set(${VAR_OUPUT} "Unknown")
+    endif()
+endfunction() # LIBWOLFSSL_SAVE_INFO
+
+# create some programmatic #define values that will be used by ShowExtendedSystemInfo().
+# see wolfcrypt\src\port\Espressif\esp32_utl.c
+if(NOT CMAKE_BUILD_EARLY_EXPANSION)
+    set (git_cmd "git")
+    message(STATUS "Adding macro definitions:")
+
+    # LIBWOLFSSL_VERSION_GIT_ORIGIN: git config --get remote.origin.url
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "config" "--get" "remote.origin.url" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_ORIGIN "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_BRANCH: git rev-parse --abbrev-ref HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--abbrev-ref" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_BRANCH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH: git rev-parse HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_SHORT_HASH: git rev-parse --short HEAD
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "rev-parse" "--short" "HEAD" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES ERROR_QUIET )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_SHORT_HASH "${TMP_OUT}" "${TMP_RES}")
+
+    # LIBWOLFSSL_VERSION_GIT_HASH_DATE git show --no-patch --no-notes --pretty=\'\%cd\'
+    execute_process(WORKING_DIRECTORY ${WOLFSSL_ROOT} COMMAND ${git_cmd} "show" "--no-patch" "--no-notes" "--pretty=\'\%cd\'" OUTPUT_VARIABLE TMP_OUT RESULT_VARIABLE TMP_RES  )
+    LIBWOLFSSL_SAVE_INFO(LIBWOLFSSL_VERSION_GIT_HASH_DATE "${TMP_OUT}" "${TMP_RES}")
+
+    message(STATUS "************************************************************************************************")
+    message(STATUS "wolfssl component config complete!")
+    message(STATUS "************************************************************************************************")
+endif()
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
new file mode 100644
index 00000000..d6eeebbb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
@@ -0,0 +1,450 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
+#define WOLFSSL_ESPIDF
+
+/*
+ * choose ONE of these Espressif chips to define:
+ *
+ * WOLFSSL_ESP32
+ * WOLFSSL_ESPWROOM32SE
+ * WOLFSSL_ESP8266
+ */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
+
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
+
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
+
+#define BENCH_EMBEDDED
+#define USE_CERT_BUFFERS_2048
+
+/* TLS 1.3                                 */
+#define WOLFSSL_TLS13
+#define HAVE_TLS_EXTENSIONS
+#define WC_RSA_PSS
+#define HAVE_HKDF
+#define HAVE_AEAD
+#define HAVE_SUPPORTED_CURVES
+
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
+#define NO_FILESYSTEM
+
+#define NO_OLD_TLS
+
+#define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
+/* when you want to use SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
+#define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+ /* ED25519 requires SHA512 */
+#define HAVE_ED25519
+
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+#define HAVE_ED25519
+
+#define OPENSSL_EXTRA
+/* when you want to use pkcs7 */
+/* #define HAVE_PKCS7 */
+
+#define HAVE_PKCS7
+
+#if defined(HAVE_PKCS7)
+    #define HAVE_AES_KEYWRAP
+    #define HAVE_X963_KDF
+    #define WOLFSSL_AES_DIRECT
+#endif
+
+/* when you want to use aes counter mode */
+/* #define WOLFSSL_AES_DIRECT */
+/* #define WOLFSSL_AES_COUNTER */
+
+/* esp32-wroom-32se specific definition */
+#if defined(WOLFSSL_ESPWROOM32SE)
+    #define WOLFSSL_ATECC508A
+    #define HAVE_PK_CALLBACKS
+    /* when you want to use a custom slot allocation for ATECC608A */
+    /* unless your configuration is unusual, you can use default   */
+    /* implementation.                                             */
+    /* #define CUSTOM_SLOT_ALLOCATION                              */
+#endif
+
+/* rsa primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    /* Define USE_FAST_MATH and SMALL_STACK                        */
+    #define ESP32_USE_RSA_PRIMITIVE
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
+#endif
+
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
+
+/* date/time                               */
+/* if it cannot adjust time in the device, */
+/* enable macro below                      */
+/* #define NO_ASN_TIME */
+/* #define XTIME time */
+
+
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
+#define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+/* hash limit for test.c */
+#define HASH_SIZE_LIMIT
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+/* #define WOLFSSL_SP_RISCV32    */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+    /*  There's no Hardware Acceleration available on ESP8684 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP8684 *****/
+
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+/* Pause in a loop rather than exit. */
+#define WOLFSSL_ESPIDF_ERROR_PAUSE
+
+#define WOLFSSL_HW_METRICS
+
+/* for test.c */
+/* #define HASH_SIZE_LIMIT */
+
+/* Optionally turn off HW math checks */
+/* #define NO_HW_MATH_TEST */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
+
+/* See settings.h for some of the possible hardening options:
+ *
+ *  #define NO_ESPIDF_DEFAULT
+ *  #define WC_NO_CACHE_RESISTANT
+ *  #define WC_AES_BITSLICED
+ *  #define HAVE_AES_ECB
+ *  #define HAVE_AES_DIRECT
+ */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
index 5c945223..8787e3b8 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
@@ -1,4 +1,3 @@
-
 #
 # wolfssl crypt test
 #
@@ -23,7 +22,9 @@ if( EXISTS "${CMAKE_HOME_DIRECTORY}/components/wolfssl/" AND EXISTS "$ENV{IDF_PA
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_MULTI_INSTALL_WARNING")
 endif()
 
-register_component()
+idf_component_register(SRCS main.c
+                       INCLUDE_DIRS "." 
+                       "./include")
 
 #
 # LIBWOLFSSL_SAVE_INFO(VAR_OUPUT THIS_VAR VAR_RESULT)
diff --git a/extra/wolfssl/wolfssl/cyassl/crl.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
index 8a8da6f4..94c3b5eb 100644
--- a/extra/wolfssl/wolfssl/cyassl/crl.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
@@ -1,4 +1,4 @@
-/* crl.h
+/* template main.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#ifndef _MAIN_H_
+#define _MAIN_H_
 
-
-#include <wolfssl/crl.h>
+#endif
diff --git a/extra/wolfssl/wolfssl/cyassl/options.h.in b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
index 19179a8e..37b77041 100644
--- a/extra/wolfssl/wolfssl/cyassl/options.h.in
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
@@ -1,5 +1,4 @@
-/* options.h.in
- *
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
@@ -18,23 +17,16 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-
-
-/* default blank options for autoconf */
-
-#ifndef CYASSL_OPTIONS_H
-#define CYASSL_OPTIONS_H
-
+#ifndef _TIME_HELPER_H
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
+int set_time(void);
 
 #ifdef __cplusplus
-}
+} /* extern "C" */
 #endif
 
-
-#endif /* CYASSL_OPTIONS_H */
-
+#endif /* #ifndef _TIME_HELPER_H */
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
index 5adb7530..1c21bd93 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
@@ -27,11 +27,14 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <user_settings.h>
 #include <wolfssl/version.h>
+#include <wolfssl/wolfcrypt/types.h>
+
 #ifndef WOLFSSL_ESPIDF
 #warning "problem with wolfSSL user settings. Check components/wolfssl/include"
 #endif
 
 #include <wolfcrypt/test/test.h>
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 
 /*
 ** the wolfssl component can be installed in either:
@@ -59,7 +62,6 @@
 /* see wolfssl/wolfcrypt/test/test.h */
 extern void wolf_crypt_task();
 
-
 static const char* const TAG = "wolfssl_test";
 
 #if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
@@ -123,75 +125,90 @@ void my_atmel_free(int slotId)
 #endif /* CUSTOM_SLOT_ALLOCATION                                        */
 #endif /* WOLFSSL_ESPWROOM32SE && HAVE_PK_CALLBACK && WOLFSSL_ATECC508A */
 
-
 /* entry point */
 void app_main(void)
 {
-    int rc = 0;
+    int stack_start = 0;
+    esp_err_t ret = 0;
+    ESP_LOGI(TAG, "------------------ wolfSSL Test Example ----------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "---------------------- BEGIN MAIN ----------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
     ESP_LOGI(TAG, "--------------------------------------------------------");
 
-
-    ESP_LOGI(TAG, "CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_STRING = %s", LIBWOLFSSL_VERSION_STRING);
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH = %s", LIBWOLFSSL_VERSION_GIT_HASH);
+#ifdef ESP_TASK_MAIN_STACK
+     ESP_LOGI(TAG, "ESP_TASK_MAIN_STACK: %d", ESP_TASK_MAIN_STACK);
 #endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s", LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
+#ifdef TASK_EXTRA_STACK_SIZE
+     ESP_LOGI(TAG, "TASK_EXTRA_STACK_SIZE: %d", TASK_EXTRA_STACK_SIZE);
 #endif
-
-#if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
-    ESP_LOGI(TAG, "LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s", LIBWOLFSSL_VERSION_GIT_HASH_DATE);
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+    ESP_LOGI(TAG, "CONFIG_ESP_MAIN_TASK_STACK_SIZE = %d bytes (%d words)",
+                   CONFIG_ESP_MAIN_TASK_STACK_SIZE,
+                   (int)(CONFIG_ESP_MAIN_TASK_STACK_SIZE / sizeof(void*)));
+
+    /* Returns the high water mark of the stack associated with xTask. That is,
+     * the minimum free stack space there has been (in bytes not words, unlike
+     * vanilla FreeRTOS) since the task started. The smaller the returned
+     * number the closer the task has come to overflowing its stack.
+     * see https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-reference/system/freertos_idf.html
+     */
+    stack_start = uxTaskGetStackHighWaterMark(NULL);
+    ESP_LOGI(TAG, "Stack Start HWM: %d bytes", stack_start);
 #endif
 
+#ifdef HAVE_VERSION_EXTENDED_INFO
+    esp_ShowExtendedSystemInfo();
+#endif
 
     /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
-    /* not available for C3 at this time */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
+            );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+             );
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
 #elif defined(CONFIG_IDF_TARGET_ESP32S3)
     ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
                    CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
              );
     ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
 #else
-    ESP_LOGI(TAG, "CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ = %u MHz",
-                   CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ
-            );
-    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+    /* not available for other platformas at this time */
 #endif
 
     /* all platforms: stack high water mark check */
     ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
-    /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
-    ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+    /* check to see if we are using hardware encryption
+     * TODO: move this to esp_util.c  */
+#if defined(NO_ESP32_CRYPT)
+    ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
 #else
     #if defined(CONFIG_IDF_TARGET_ESP32C3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-C3.");
+
     #elif defined(CONFIG_IDF_TARGET_ESP32S2)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S2.");
+
     #elif defined(CONFIG_IDF_TARGET_ESP32S3)
-        /* #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3" */
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled for  ESP32-S3.");
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled for ESP32-S3.");
+
     #else
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
     #endif
 #endif
 
-
-
 #if defined (WOLFSSL_USE_TIME_HELPER)
     set_time();
 #endif
 
-/* when using atecc608a on esp32-wroom-32se */
+/* when using atecc608a on esp32-WROOM-32se */
 #if defined(WOLFSSL_ESPWROOM32SE) && defined(HAVE_PK_CALLBACKS) \
                                   && defined(WOLFSSL_ATECC508A)
     #if defined(CUSTOM_SLOT_ALLOCATION)
@@ -211,22 +228,54 @@ void app_main(void)
     /* Although wolfCrypt_Init() may be explicitly called above,
     ** Note it is still always called in wolf_test_task.
     */
-    rc = wolf_test_task();
+    int loops = 0;
+    do {
+        #if defined(WOLFSSL_HW_METRICS) && defined(WOLFSSL_HAS_METRICS)
+            esp_hw_show_metrics();
+        #endif
+        ret = wolf_test_task();
+        ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
+        ESP_LOGI(TAG, "loops = %d", loops);
+
+        loops++;
+    }
+    while (ret == 0);
+    ESP_LOGI(TAG, "loops = %d", loops);
+
     /* note wolfCrypt_Cleanup() should always be called when finished.
     ** This is called at the end of wolf_test_task();
     */
 
-    if (rc == 0) {
-        ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", rc);
+    if (ret == 0) {
+        ESP_LOGI(TAG, "wolf_test_task complete success result code = %d", ret);
     }
     else {
-        ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", rc);
+        ESP_LOGE(TAG, "wolf_test_task FAIL result code = %d", ret);
         /* see wolfssl/wolfcrypt/error-crypt.h */
     }
 
+#if defined(DEBUG_WOLFSSL) && !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+    esp_hw_show_mp_metrics();
+#endif
+
     /* after the test, we'll just wait */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+        ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+
+        ESP_LOGI(TAG, "Stack used: %d", CONFIG_ESP_MAIN_TASK_STACK_SIZE
+                                        - (uxTaskGetStackHighWaterMark(NULL)));
+#endif
+
+    ESP_LOGI(TAG, "\n\nDone!\n\n"
+                  "If running from idf.py monitor, press twice: Ctrl+]");
+
+    /* done */
     while (1) {
-        /* nothing */
-    }
+#if defined(SINGLE_THREADED)
+        while (1);
+#else
+        vTaskDelay(60000);
+#endif
+    } /* done while */
 #endif
 }
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
index c3cccde4..8b7da74a 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
@@ -18,6 +18,7 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
 #include <string.h>
 #include <lwip/apps/sntp.h>
 
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
new file mode 100644
index 00000000..41b4846e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
@@ -0,0 +1,34 @@
+# This tag is used to include this file in the ESP Component Registry:
+# __ESP_COMPONENT_SOURCE__
+
+# to view: idf.py partition-table
+#
+# ESP-IDF Partition Table
+# Name, Type,  SubType, Offset,  Size, Flags
+nvs,     data, nvs,     0x9000,  24K,
+phy_init,data, phy,     0xf000,  4K,
+factory, app,  factory, 0x10000, 1500K,
+
+
+# For other settings, see:
+# https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/partition-tables.html#creating-custom-tables
+#
+# Here is the summary printed for the “Single factory app, no OTA” configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x6000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000, 1M,
+#
+#
+# Here is the summary printed for the “Factory app, two OTA definitions” configuration:
+#
+# # ESP-IDF Partition Table
+# # Name,   Type, SubType, Offset,  Size, Flags
+# nvs,      data, nvs,     0x9000,  0x4000,
+# otadata,  data, ota,     0xd000,  0x2000,
+# phy_init, data, phy,     0xf000,  0x1000,
+# factory,  app,  factory, 0x10000,  1M,
+# ota_0,    app,  ota_0,   0x110000, 1M,
+# ota_1,    app,  ota_1,   0x210000, 1M,
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
index ccb7820e..17097709 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
@@ -1,3 +1,5 @@
+# This tag is used to include this file in the ESP Component Registry:
+
 #
 # Default main stack size
 #
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
index e34220d9..f2efc2f3 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/README.md
@@ -6,6 +6,12 @@ This IDF version does NOT contain a local component and exists only to test wolf
 
 The recommended configuration is to have only the CMakeLists.txt in the local project components\wolfssl directory. See the [wolfssl_test](../wolfssl_test/README.md) example.
 
+## VisualGDB
+
+Open the VisualGDB Visual Studio Project file in the VisualGDB directory and click the "Start" button.
+
+## ESP-IDF Commandline
+
 1. `idf.py menuconfig` to configure the program.  
     1-1. Example Configuration ->
 
@@ -35,7 +41,7 @@ cd /mnt/c/workspace/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test
 . /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/export.sh
 
 # build and flash, in this example to COM20
-idf.py build flash -p /dev/ttyS20 -b 921600 monitor
+idf.py build flash -p /dev/ttyS20 -b 115200 monitor
 ```
 
 ## Example Output
@@ -45,7 +51,7 @@ compatible across the widest ranges of targets. Contact wolfSSL at support@wolfs
 for help in optimizing for your particular application, or see the 
 [docs](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html).
 
-Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 921600 monitor`:
+Compiled and flashed with `idf.py build  flash -p /dev/ttyS7 -b 115200 monitor`:
 
 ```
 ets Jun  8 2016 00:22:57
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
index 01538f72..5d384420 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/examples/wolfssl_test_idf/main/main.c
@@ -170,17 +170,17 @@ void app_main(void)
     ESP_LOGI(TAG, "Stack HWM: %d\n", uxTaskGetStackHighWaterMark(NULL));
 
     /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
-    ESP_LOGI(TAG, "NO_ESP32WROOM32_CRYPT defined! HW acceleration DISABLED.");
+#if defined(NO_ESP32_CRYPT)
+    ESP_LOGI(TAG, "NO_ESP32_CRYPT defined! HW acceleration DISABLED.");
 #else
     #if defined(CONFIG_IDF_TARGET_ESP32C3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-C3"
+        #error "ESP32_CRYPT not yet supported on ESP32-C3"
     #elif defined(CONFIG_IDF_TARGET_ESP32S2)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S2"
+        #error "ESP32_CRYPT not yet supported on ESP32-S2"
     #elif defined(CONFIG_IDF_TARGET_ESP32S3)
-        #error "ESP32WROOM32_CRYPT not yet supported on ESP32-S3"
+        #error "ESP32_CRYPT not yet supported on ESP32-S3"
     #else
-        ESP_LOGI(TAG, "ESP32WROOM32_CRYPT is enabled.");
+        ESP_LOGI(TAG, "ESP32_CRYPT is enabled.");
     #endif
 #endif
 
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
index 4f0f4e8a..ab9cb25f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/libs/CMakeLists.txt
@@ -71,7 +71,11 @@ set(COMPONENT_SRCEXCLUDE
     "./src/conf.c"
     "./src/misc.c"
     "./src/pk.c"
-    "./src/ssl_misc.c" # included by ssl.c
+    "./src/ssl_asn1.c"    # included by ssl.c
+    "./src/ssl_bn.c"      # included by ssl.c
+    "./src/ssl_certman.c" # included by ssl.c
+    "./src/ssl_crypto.c"  # included by ssl.c
+    "./src/ssl_misc.c"    # included by ssl.c
     "./src/x509.c"
     "./src/x509_str.c"
     "./wolfcrypt/src/evp.c"
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
index 2e279ad9..89528a8f 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/setup_win.bat
@@ -73,7 +73,7 @@ dir %WOLFSSL_ESPIDFDIR%\*.xyzzy 2> nul | findstr  \
 
 echo;
 echo Equivalalent source directory paths:
-:: show the path of the equivalent  %VALUE% (search for files that don't exist, supress error, and look for string with "\")
+:: show the path of the equivalent  %VALUE% (search for files that don't exist, suppress error, and look for string with "\")
 dir %BASEDIR%\*.xyzzy 2> nul | findstr  \
 dir %WOLFSSLLIB_TRG_DIR%\*.xyzzy 2> nul | findstr  \
 dir %WOLFSSLEXP_TRG_DIR%\*.xyzzy 2> nul | findstr  \
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
index 215b3769..4b292341 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/ESP-IDF/user_settings.h
@@ -18,25 +18,47 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#undef WOLFSSL_ESPIDF
-#undef WOLFSSL_ESPWROOM32
-#undef WOLFSSL_ESPWROOM32SE
-#undef WOLFSSL_ESPWROOM32
-#undef WOLFSSL_ESP8266
 
+/* This user_settings.h is for Espressif ESP-IDF */
+#include <sdkconfig.h>
+
+/* The Espressif sdkconfig will have chipset info.
+**
+** Possible values:
+**
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+*/
+
+#undef  WOLFSSL_ESPIDF
 #define WOLFSSL_ESPIDF
 
 /*
  * choose ONE of these Espressif chips to define:
  *
- * WOLFSSL_ESPWROOM32
+ * WOLFSSL_ESP32
  * WOLFSSL_ESPWROOM32SE
  * WOLFSSL_ESP8266
  */
+#undef WOLFSSL_ESPWROOM32SE
+#undef WOLFSSL_ESP8266
+#undef WOLFSSL_ESP32
+
+#define WOLFSSL_ESP32
 
-#define WOLFSSL_ESPWROOM32
+/* optionally turn off SHA512/224 SHA512/256 */
+/* #define WOLFSSL_NOSHA512_224 */
+/* #define WOLFSSL_NOSHA512_256 */
 
-/* #define DEBUG_WOLFSSL_VERBOSE */
+/* when you want to use SINGLE THREAD. Note Default ESP-IDF is FreeRTOS */
+/* #define SINGLE_THREADED */
+
+/* When you don't want to use the old SHA */
+/* #define NO_SHA */
+/* #define NO_OLD_TLS */
 
 #define BENCH_EMBEDDED
 #define USE_CERT_BUFFERS_2048
@@ -49,29 +71,48 @@
 #define HAVE_AEAD
 #define HAVE_SUPPORTED_CURVES
 
-/* when you want to use SINGLE THREAD */
-/* #define SINGLE_THREADED */
+#define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+
 #define NO_FILESYSTEM
 
+#define NO_OLD_TLS
+
 #define HAVE_AESGCM
+
+#define WOLFSSL_RIPEMD
+/* when you want to use SHA224 */
+#define WOLFSSL_SHA224
+
 /* when you want to use SHA384 */
-/* #define WOLFSSL_SHA384 */
+#define WOLFSSL_SHA384
+
+/* when you want to use SHA512 */
 #define WOLFSSL_SHA512
+
+/* when you want to use SHA3 */
+#define WOLFSSL_SHA3
+
+#define HAVE_ED25519 /* ED25519 requires SHA512 */
+
 #define HAVE_ECC
 #define HAVE_CURVE25519
 #define CURVE25519_SMALL
 #define HAVE_ED25519
 
+/* Optional OPENSSL compatibility */
+#define OPENSSL_EXTRA
 /* when you want to use pkcs7 */
 /* #define HAVE_PKCS7 */
 
+#define HAVE_PKCS7
+
 #if defined(HAVE_PKCS7)
     #define HAVE_AES_KEYWRAP
     #define HAVE_X963_KDF
     #define WOLFSSL_AES_DIRECT
 #endif
 
-/* when you want to use aes counter mode */
+/* when you want to use AES counter mode */
 /* #define WOLFSSL_AES_DIRECT */
 /* #define WOLFSSL_AES_COUNTER */
 
@@ -85,21 +126,29 @@
     /* #define CUSTOM_SLOT_ALLOCATION                              */
 #endif
 
-/* rsa primitive specific definition */
-#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+/* RSA primitive specific definition */
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
     /* Define USE_FAST_MATH and SMALL_STACK                        */
     #define ESP32_USE_RSA_PRIMITIVE
-    /* threshold for performance adjustment for hw primitive use   */
-    /* X bits of G^X mod P greater than                            */
-    #define EPS_RSA_EXPT_XBTIS           36
-    /* X and Y of X * Y mod P greater than                         */
-    #define ESP_RSA_MULM_BITS            2000
+
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+
+        /* NOTE HW unreliable for small values! */
+        /* threshold for performance adjustment for HW primitive use   */
+        /* X bits of G^X mod P greater than                            */
+        #undef  ESP_RSA_EXPT_XBITS
+        #define ESP_RSA_EXPT_XBITS 32
+
+        /* X and Y of X * Y mod P greater than                         */
+        #undef  ESP_RSA_MULM_BITS
+        #define ESP_RSA_MULM_BITS  16
+
+    #endif
 #endif
 
-/* debug options */
-/* #define DEBUG_WOLFSSL */
-/* #define WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
-/* #define WOLFSSL_ATECC508A_DEBUG          */
+#define RSA_LOW_MEM
+
+/* #define WOLFSSL_ATECC508A_DEBUG         */
 
 /* date/time                               */
 /* if it cannot adjust time in the device, */
@@ -107,11 +156,272 @@
 /* #define NO_ASN_TIME */
 /* #define XTIME time */
 
-/* when you want not to use HW acceleration */
-/* #define NO_ESP32WROOM32_CRYPT */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH*/
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES */
-/* #define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
 
-/* adjust wait-timeout count if you see timeout in rsa hw acceleration */
+/* adjust wait-timeout count if you see timeout in RSA HW acceleration */
 #define ESP_RSA_TIMEOUT_CNT    0x249F00
+
+#define HASH_SIZE_LIMIT /* for test.c */
+
+/* USE_FAST_MATH is default */
+#define USE_FAST_MATH
+
+/*****      Use SP_MATH      *****/
+/* #undef USE_FAST_MATH          */
+/* #define SP_MATH               */
+/* #define WOLFSSL_SP_MATH_ALL   */
+
+/***** Use Integer Heap Math *****/
+/* #undef USE_FAST_MATH          */
+/* #define USE_INTEGER_HEAP_MATH */
+
+
+#define WOLFSSL_SMALL_STACK
+
+
+#define HAVE_VERSION_EXTENDED_INFO
+/* #define HAVE_WC_INTROSPECTION */
+
+#define  HAVE_SESSION_TICKET
+
+/* #define HAVE_HASHDRBG */
+
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_SYS_CA_CERTS
+
+
+#define WOLFSSL_CERT_TEXT
+
+#define WOLFSSL_ASN_TEMPLATE
+
+/*
+#undef  WOLFSSL_KEY_GEN
+#undef  WOLFSSL_CERT_REQ
+#undef  WOLFSSL_CERT_GEN
+#undef  WOLFSSL_CERT_EXT
+#undef  WOLFSSL_SYS_CA_CERTS
+*/
+
+/*
+--enable-keygen
+--enable-certgen
+--enable-certreq
+--enable-certext
+--enable-asn-template
+*/
+
+/* Default is HW enabled unless turned off.
+** Uncomment these lines to force SW instead of HW acceleration */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* wolfSSL HW Acceleration supported on ESP32. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224 /* no SHA224 HW on ESP32  */
+
+    #undef  ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16 /* TODO add compile-time warning */
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* wolfSSL HW Acceleration supported on ESP32-S2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* Note: There's no AES192 HW on the ESP32-S2; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* wolfSSL HW Acceleration supported on ESP32-S3. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH            */
+    /* Note: There's no AES192 HW on the ESP32-S3; falls back to SW */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32S3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * See: https://www.esp32.com/viewtopic.php?f=5&t=27926#:~:text=ESP8684%20is%20essentially%20ESP32%2DC2,both%20ESP32%2DC2%20and%20ESP8684. */
+
+    /* wolfSSL HW Acceleration supported on ESP32-C2. Uncomment to disable: */
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity    */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C2  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C2  */
+
+    /* There's no AES or RSA/Math accelerator on the ESP32-C2
+     * Auto defined with NO_WOLFSSL_ESP32_CRYPT_RSA_PRI, for clarity: */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    /***** END CONFIG_IDF_TARGET_ESP32C2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* wolfSSL HW Acceleration supported on ESP32-C3. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */ /* to disable all SHA HW   */
+
+    /* These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* wolfSSL HW Acceleration supported on ESP32-C6. Uncomment to disable: */
+
+    /*  #define NO_ESP32_CRYPT                 */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /*  These are defined automatically in esp32-crypt.h, here for clarity:  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384    /* no SHA384 HW on C6  */
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512    /* no SHA512 HW on C6  */
+
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_AES             */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI         */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD  */
+    /*  #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    /*  wolfSSL Hardware Acceleration not yet implemented */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP32H2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP8266)
+    /*  TODO: Revisit ESP8266 */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    /***** END CONFIG_IDF_TARGET_ESP266 *****/
+#else
+    /* Anything else encountered, disable HW accleration */
+    #define NO_ESP32_CRYPT
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+#endif /* CONFIG_IDF_TARGET Check */
+
+/* Debug options:
+
+#define ESP_VERIFY_MEMBLOCK
+#define DEBUG_WOLFSSL
+#define DEBUG_WOLFSSL_VERBOSE
+#define DEBUG_WOLFSSL_SHA_MUTEX
+#define WOLFSSL_ESP32_CRYPT_DEBUG
+#define WOLFSSL_ESP32_CRYPT_HASH_SHA224_DEBUG
+#define NO_RECOVER_SOFTWARE_CALC
+#define WOLFSSL_TEST_STRAY 1
+#define USE_ESP_DPORT_ACCESS_READ_BUFFER
+#define WOLFSSL_ESP32_HW_LOCK_DEBUG
+#define WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+#define ESP_DISABLE_HW_TASK_LOCK
+*/
+
+#define WOLFSSL_ESPIDF_ERROR_PAUSE /* Pause in a loop rather than exit. */
+#define WOLFSSL_HW_METRICS
+
+/* #define HASH_SIZE_LIMIT */ /* for test.c */
+
+/* #define NO_HW_MATH_TEST */ /* Optionall turn off HW math checks */
+
+/* Optionally include alternate HW test library: alt_hw_test.h */
+/* When enabling, the ./components/wolfssl/CMakeLists.txt file
+ * will need the name of the library in the idf_component_register
+ * for the PRIV_REQUIRES list. */
+/* #define INCLUDE_ALT_HW_TEST */
+
+/* optionally turn off individual math HW acceleration features */
+
+/* Turn off Large Number ESP32 HW Multiplication:
+** [Z = X * Y] in esp_mp_mul()                                  */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL                */
+
+/* Turn off Large Number ESP32 HW Modular Exponentiation:
+** [Z = X^Y mod M] in esp_mp_exptmod()                          */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD               */
+
+/* Turn off Large Number ESP32 HW Modular Multiplication
+** [Z = X * Y mod M] in esp_mp_mulmod()                         */
+/* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD                */
+
+
+#define WOLFSSL_PUBLIC_MP /* used by benchmark */
+#define USE_CERT_BUFFERS_2048
+
+/* when turning on ECC508 / ECC608 support
+#define WOLFSSL_ESPWROOM32SE
+#define HAVE_PK_CALLBACKS
+#define WOLFSSL_ATECC508A
+#define ATCA_WOLFSSL
+*/
+
+/* optional SM4 Ciphers. See https://github.com/wolfSSL/wolfsm
+#define WOLFSSL_SM2
+#define WOLFSSL_SM3
+#define WOLFSSL_SM4
+*/
+
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    #include <wolfssl/certs_test_sm.h>
+    #define CTX_CA_CERT          root_sm2
+    #define CTX_CA_CERT_SIZE     sizeof_root_sm2
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_CERT      server_sm2
+    #define CTX_SERVER_CERT_SIZE sizeof_server_sm2
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_PEM
+    #define CTX_SERVER_KEY       server_sm2_priv
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_sm2_priv
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_PEM
+
+    #undef  WOLFSSL_BASE16
+    #define WOLFSSL_BASE16
+#else
+    #define USE_CERT_BUFFERS_2048
+    #define USE_CERT_BUFFERS_256
+    #define CTX_CA_CERT          ca_cert_der_2048
+    #define CTX_CA_CERT_SIZE     sizeof_ca_cert_der_2048
+    #define CTX_CA_CERT_TYPE     WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_CERT      server_cert_der_2048
+    #define CTX_SERVER_CERT_SIZE sizeof_server_cert_der_2048
+    #define CTX_SERVER_CERT_TYPE WOLFSSL_FILETYPE_ASN1
+    #define CTX_SERVER_KEY       server_key_der_2048
+    #define CTX_SERVER_KEY_SIZE  sizeof_server_key_der_2048
+    #define CTX_SERVER_KEY_TYPE  WOLFSSL_FILETYPE_ASN1
+#endif
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/README.md b/extra/wolfssl/wolfssl/IDE/Espressif/README.md
new file mode 100644
index 00000000..dea3b36a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/README.md
@@ -0,0 +1,161 @@
+
+
+# wolfSSL Espressif IDE
+
+This directory contains documentation and examples for the Espressif SoC devices.
+
+Although wolfSSL _should_ work on any Espressif device, there's explicit support for these:
+
+- esp32
+- esp32c2
+- esp32c3
+- esp32c6
+- esp32s2
+- esp32s3
+- esp32h2
+
+
+## Getting Started
+
+If you are new to wolfSSL on the Espressif ESP32, [this video](https://www.youtube.com/watch?v=CzwA3ZBZBZ8)
+can help to get started:
+
+[![Video Preview](https://img.youtube.com/vi/CzwA3ZBZBZ8/0.jpg)](https://www.youtube.com/watch?v=CzwA3ZBZBZ8)
+
+Additional ESP-IDF specifics can be found in [Espressif/ESP-IDF](./ESP-IDF/README.md). The [wolfSSL Manual](https://www.wolfssl.com/documentation/manuals/wolfssl/index.html) is also a useful
+resource.
+
+## Requirements
+
+The wolfSSL Espressif code requires the ESP-IDF to be installed for
+[Windows](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/windows-setup.html)
+or [Linux / MacOS](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/linux-macos-setup.html).
+
+See the [Espressif Getting Started Guide](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/get-started/).
+
+Any editor can be used. See also the [Espressif Third-Party Tools](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/resources.html)
+for a list of feature-rich Integrated Development Environments.
+The [wolfSSL examples](./ESP-IDF/examples/README.md) all include a `./VisualGDB` directory with SoC-specific configurations
+to help get started quickly.
+
+Although not required, a [JTAG Adapter](https://docs.espressif.com/projects/esp-idf/en/latest/esp32/api-guides/jtag-debugging/index.html)
+can be helpful for development. When not using a built-in JTAG from Espressif, the examples typically
+use the open source [Tigard board](https://github.com/tigard-tools/tigard#readme).
+
+## Examples:
+
+There are a variety of examples to help get started:
+
+* [ESP-IDF Examples](./ESP-IDF/README.md)
+
+## Managed Component
+
+The wolfSSL library can be installed as a managed component:
+
+* [Espressif Managed Component Registry](https://components.espressif.com/components/wolfssl/wolfssl)
+
+## Notes:
+
+WSL environment:
+
+Contents of `/etc/wsl.conf`:
+```text
+[automount]
+options = "metadata"
+```
+
+To ignore changes in file attributes, see https://github.com/microsoft/WSL/issues/936#issuecomment-1751469229
+
+```
+git config core.filemode false
+```
+
+
+Quick start
+```
+
+WORKSPACE=/mnt/c/workspace
+WRK_IDF_PATH=/mnt/c/SysGCC/esp32/esp-idf/v5.1
+WRK_WOLFSSL_PATH=${WORKSPACE}/wolfssl-$USER
+WRK_PROJECT_DIR=${WRK_WOLFSSL_PATH}/IDE/Espressif/ESP-IDF/examples/wolfssl_test
+
+echo "Run export.sh from ${WRK_IDF_PATH}"
+. ${WRK_IDF_PATH}/export.sh
+
+echo "Build and flash project in ${WRK_PROJECT_DIR}"
+cd ${WRK_PROJECT_DIR}
+idf.py build flash -p /dev/ttyS9 -b 115200 monitor
+```
+
+Bad chip version:
+
+```
+ESP-ROM:esp32c3-20200918
+Build:Sep 18 2020
+rst:0x3 (RTC_SW_SYS_RST),boot:0xc (SPI_FAST_FLASH_BOOT)
+Saved PC:0x403d151e
+SPIWP:0xee
+mode:DIO, clock div:2
+load:0x3fcd6100,len:0x16c8
+load:0x403ce000,len:0x930
+load:0x403d0000,len:0x2d28
+entry 0x403ce000
+I (34) boot: ESP-IDF v4.4.2-1-g0aba20e63d-dirty 2nd stage bootloader
+I (35) boot: compile time 08:29:06
+I (35) boot: chip revision: 2
+E (38) boot_comm: This chip is revision 2 but the application is configured for minimum revision 3. Can't run.
+```
+
+If you've encountered a chip version earlier than that confirmed to be working
+at wolfSSL, try adjusting the settings in `menuconfig`.
+
+#### A fatal error occurred: This chip is esp[X] not esp[Y]
+
+```
+A fatal error occurred: This chip is ESP32-S3 not ESP32-C3. Wrong --chip argument?
+CMake Error at run_serial_tool.cmake:56 (message):
+  /home/gojimmypi/.espressif/python_env/idf4.4_py3.8_env/bin/python
+  /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esptool_py/esptool/esptool.py
+  --chip esp32c3 failed
+```
+
+Delete the `./build` and rename/delete your `sdkconfig` file, then run
+`idf.py set-target`, in this example setting to `esp32c3`:
+
+```bash
+idf.py set-target esp32c3
+```
+
+#### Cmake Cache Warning
+
+```
+Executing action: clean
+Project sdkconfig was generated for target 'esp32s3', but CMakeCache.txt contains 'esp32c3'. To keep the setting in sdkconfig (esp32s3) and re-generate CMakeCache.txt, run 'idf.py fullclean'. To re-generate sdkconfig for 'esp32c3' target, run 'idf.py set-target esp32c3'.
+```
+
+As indicated, run `idf.py set-target` and/or delete the `./build` directory.
+
+#### Connecting, but fails to connect.
+
+Some devices, particularly 3rd party, non-Espressif dev boards may not have implemented
+the reset-program hardware properly, causing devices to not be programmed with the
+`idf.py flash` command:
+
+```
+Connecting......................................
+
+A fatal error occurred: Failed to connect to ESP32: Wrong boot mode detected (0x13)! The chip needs to be in download mode.
+For troubleshooting steps visit: https://docs.espressif.com/projects/esptool/en/latest/troubleshooting.html
+CMake Error at run_serial_tool.cmake:56 (message):
+  /home/gojimmypi/.espressif/python_env/idf4.4_py3.8_env/bin/python
+  /mnt/c/SysGCC/esp32/esp-idf/v4.4.2/components/esptool_py/esptool/esptool.py
+  --chip esp32 failed
+```
+
+Solution:
+
+Press and hold`EN` button, press and release `IO0` button, then release `EN` button.
+
+#### Other Solutions
+
+See also [this ESP-FAQ Handbook](https://docs.espressif.com/projects/esp-faq/en/latest/esp-faq-en-master.pdf)
diff --git a/extra/wolfssl/wolfssl/IDE/Espressif/include.am b/extra/wolfssl/wolfssl/IDE/Espressif/include.am
index bbf104e9..66203415 100644
--- a/extra/wolfssl/wolfssl/IDE/Espressif/include.am
+++ b/extra/wolfssl/wolfssl/IDE/Espressif/include.am
@@ -6,6 +6,8 @@
 #       distribution file set will not contain GitHub info
 #
 # see: https://github.com/wolfSSL/wolfssl/pull/5955
+#
+# Don't list any config.h files here
 
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/compileAllExamples.sh
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/dummy_config_h
@@ -17,20 +19,45 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/setup_win.bat
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/UPDATE.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/user_settings.h
 
+# Template
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/partitions_singleapp_large.csv
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/main.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/main/include/main.h
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/template/VisualGDB/wolfssl_template_IDF_v5.1_ESP32.vgdbproj
+
 # Benchmark
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/partitions_singleapp_large.csv
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/README.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/include/user_settings.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/CMakeLists.txt
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/Kconfig.projbuild
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.c
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/main.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/components/wolfssl/component.mk
-
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/main/include/main.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v4.4_ESP32.sln
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32.sln
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_benchmark_IDF_v5_ESP32C3.sln
@@ -42,47 +69,91 @@ EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_benchmark/VisualGDB/wolfssl_
 
 # TLS Client
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/partitions_singleapp_large.csv
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/README_server_sm.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/sdkconfig.defaults
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/VisualGDB_wolfssl_client.vgdbproj
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/include/user_settings.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/client-tls.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/CMakeLists.txt
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/Kconfig.projbuild
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/main.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/time_helper.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/wifi_connect.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/client-tls.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/time_helper.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/main/include/wifi_connect.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/README.md
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.sln
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_client/VisualGDB/wolfssl_client_IDF_v5_ESP32.vgdbproj
 
 # TLS Server
+
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/partitions_singleapp_large.csv
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README.md
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/README_server_sm.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/sdkconfig.defaults
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/VisualGDB_wolfssl_server.vgdbproj
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/include/user_settings.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/CMakeLists.txt
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/Kconfig.projbuild
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/main.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/server-tls.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/time_helper.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/wifi_connect.c
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/server-tls.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/time_helper.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/main/include/wifi_connect.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/README.md
+
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.sln
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_server/VisualGDB/wolfssl_server_IDF_v5_ESP32.vgdbproj
 
 #  wolfSSL Test
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/Makefile
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/partitions_singleapp_large.csv
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/README.md
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/sdkconfig.defaults
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/include/user_settings.h
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/CMakeLists.txt
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/Kconfig.projbuild
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/main.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.c
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/time_helper.h
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/CMakeLists.txt
-EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/components/wolfssl/component.mk
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/main.h
+EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/main/include/time_helper.h
 
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32.sln
 EXTRA_DIST+= IDE/Espressif/ESP-IDF/examples/wolfssl_test/VisualGDB/wolfssl_test-IDF_v5_ESP32C3.sln
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
index dad14832..f1f8fd6d 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Header/user_settings.h
@@ -70,7 +70,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     #define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* SP Assembly Speedups */
@@ -85,11 +84,24 @@ extern "C" {
 /* FIPS - Requires eval or license from wolfSSL */
 /* ------------------------------------------------------------------------- */
 #undef  HAVE_FIPS
+#undef  HAVE_FIPS_VERSION
+#undef  HAVE_FIPS_VERSION_MINOR
 #if 0
     #define HAVE_FIPS
 
-    #undef  HAVE_FIPS_VERSION
-    #define HAVE_FIPS_VERSION 2
+    /* Choose a FIPS version */
+    #if 0
+        /* FIPS 140-2 */
+        #define HAVE_FIPS_VERSION 2
+    #elif 0
+        /* FIPS 140-3 */
+        #define HAVE_FIPS_VERSION 5
+        #define HAVE_FIPS_VERSION_MINOR 2
+    #elif 0
+        /* FIPS Ready */
+        #define HAVE_FIPS_VERSION 5
+        #define HAVE_FIPS_VERSION_MINOR 3
+    #endif
 
     #ifdef SINGLE_THREADED
         #undef  NO_THREAD_LS
@@ -182,6 +194,9 @@ extern "C" {
 
         #undef  WOLFSSL_VALIDATE_ECC_IMPORT
         #define WOLFSSL_VALIDATE_ECC_IMPORT /* Validate import */
+
+        #undef  WOLFSSL_ECDSA_SET_K
+        #define WOLFSSL_ECDSA_SET_K
     #endif
 
     /* Compressed Key Support */
@@ -198,7 +213,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
index 479a2f5a..742b350d 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/Makefile.common
@@ -1,11 +1,11 @@
 # Set to @ if you want to suppress command echo
-CMD_ECHO = 
+CMD_ECHO =
 
 # Important directories
 BUILD_DIR = ./Build
 
 # Toolchain location and prefix
-#TOOLCHAIN = 
+#TOOLCHAIN =
 TOOLCHAIN ?= /opt/gcc-arm-none-eabi/bin/arm-none-eabi-
 
 # Tools selection
@@ -101,6 +101,7 @@ SRC_C += ../../wolfcrypt/src/des3.c
 SRC_C += ../../wolfcrypt/src/dh.c
 SRC_C += ../../wolfcrypt/src/ecc.c
 SRC_C += ../../wolfcrypt/src/hmac.c
+SRC_C += ../../wolfcrypt/src/kdf.c
 SRC_C += ../../wolfcrypt/src/random.c
 SRC_C += ../../wolfcrypt/src/rsa.c
 SRC_C += ../../wolfcrypt/src/sha.c
@@ -138,7 +139,6 @@ SRC_C += ../../wolfcrypt/src/ge_448.c
 SRC_C += ../../wolfcrypt/src/ge_low_mem.c
 SRC_C += ../../wolfcrypt/src/ge_operations.c
 SRC_C += ../../wolfcrypt/src/hash.c
-SRC_C += ../../wolfcrypt/src/kdf.c
 SRC_C += ../../wolfcrypt/src/integer.c
 SRC_C += ../../wolfcrypt/src/logging.c
 SRC_C += ../../wolfcrypt/src/md5.c
diff --git a/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld b/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
index 84155b12..ce278614 100644
--- a/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
+++ b/extra/wolfssl/wolfssl/IDE/GCC-ARM/linker_fips.ld
@@ -54,23 +54,23 @@ SECTIONS
         . = ALIGN(4);
     } > FLASH
 
-    /* Custom section for wolfCrypt and LibC to prevent FIPS hash from changing 
+    /* Custom section for wolfCrypt and LibC to prevent FIPS hash from changing
         when application code changes are made */
     .wolfCryptNonFIPS_text :
     {
         . = ALIGN(4);
-        KEEP(*wolf*src*.o(.text .text*))
         lib_a* ( .text .text*)
+        *wolf*src*.o(.text .text*)
         . = ALIGN(4);
     } > FLASH
     .wolfCryptNonFIPS_rodata :
     {
         . = ALIGN(4);
-        KEEP(*wolf*src*.o(.rodata .rodata*))
         lib_a* (.rodata .rodata*)
+        *wolf*src*.o(.rodata .rodata*)
         . = ALIGN(4);
     } > FLASH
-    
+
 	.sys    : { *(.sys*) }    > FLASH
     .text   : { *(.text*) }   > FLASH
     .rodata : { *(.text*) }   > FLASH
diff --git a/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c b/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
index c87f915b..24f91257 100644
--- a/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
+++ b/extra/wolfssl/wolfssl/IDE/HEXAGON/ecc-verify-benchmark.c
@@ -133,7 +133,7 @@ static int hash_firmware_verify_dsp(int numThreads, int domain)
         ret = wolfSSL_open(sp_URI_value, &(handle[i]));
         if (ret != 0) {
             printf("unable to open CDSP? retVal = %d\n", ret);
-	    return -1;
+            return -1;
         }
         wc_ecc_set_handle(&(eccKey[i]), handle[i]);
     }
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore
new file mode 100644
index 00000000..bdd9313c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/.gitignore
@@ -0,0 +1,9 @@
+# Unused project setting files
+*.ewt
+# Build products
+ewarm/
+Debug/
+Release/
+# Auto generated files
+settings/
+*.dep
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore
deleted file mode 100644
index 426cd0c0..00000000
--- a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-*.bat
-*.xcl
-*.crun
-*.dbgdt
-*.dni
-
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
index 185497c6..57373abe 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
+++ b/extra/wolfssl/wolfssl/IDE/IAR-EWARM/embOS/SAMV71_XULT/embOS_SAMV71_XULT_user_settings/user_settings_verbose_example.h
@@ -87,7 +87,7 @@
         #undef  ALT_ECC_SIZE
         #define ALT_ECC_SIZE
 
-        /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+        /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
         /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
         //#undef  FP_MAX_BITS_ECC
         //#define FP_MAX_BITS_ECC (528 * 2)
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
index ff9f53b8..b7303143 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
+++ b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/README.md
@@ -78,10 +78,10 @@ Bob init
 Successfully generated a common secret
 Alices' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
 Bobs' Secret: 85f3c7f599620c768e6dbb77dc2f8f764254cc1821aeb0a30503632dbc9bdb54
-ChaCha20/Poly1305 Encryption Start, 1000 itterations, 1024 bytes
+ChaCha20/Poly1305 Encryption Start, 1000 iterations, 1024 bytes
 ............................................
 End 44 seconds
-ChaCha20/Poly1305 Decryption Start, 1000 itterations
+ChaCha20/Poly1305 Decryption Start, 1000 iterations
 ............................................
 End 44 seconds
 end
diff --git a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
index 64eeedbb..fbf51b57 100644
--- a/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
+++ b/extra/wolfssl/wolfssl/IDE/IAR-MSP430/main.c
@@ -36,7 +36,7 @@
 #include <msp430f5659.h>
 
 /* Without __root on some of the functions, IAR's "Discard Unused Publics"
-   will optimze out some of the functions
+   will optimize out some of the functions
  */
 #if defined(__IAR_SYSTEMS_ICC__)
 #define IAR_KEEP __root
@@ -304,7 +304,7 @@ only_rng:
     wc_FreeRng(&rng);
 
     printf(
-        "ChaCha20/Poly1305 Encryption Start, 1000 itterations, %d bytes\r\n",
+        "ChaCha20/Poly1305 Encryption Start, 1000 iterations, %d bytes\r\n",
         (int)strlen((const char*)plaintext));
     start = seconds;
     for (int i=0; i <= 1000; i++) {
@@ -319,7 +319,7 @@ only_rng:
     printf("\r\nEnd %d seconds\r\n", seconds - start);
 
     start = seconds;
-    printf("ChaCha20/Poly1305 Decryption Start, 1000 itterations\r\n");
+    printf("ChaCha20/Poly1305 Decryption Start, 1000 iterations\r\n");
     start = seconds;
     for (int i=0; i <= 1000; i++) {
         ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad),
diff --git a/extra/wolfssl/wolfssl/IDE/M68K/Makefile b/extra/wolfssl/wolfssl/IDE/M68K/Makefile
index ee507dc9..23030e53 100644
--- a/extra/wolfssl/wolfssl/IDE/M68K/Makefile
+++ b/extra/wolfssl/wolfssl/IDE/M68K/Makefile
@@ -84,7 +84,7 @@ clean: rmo
 	rm -f $(OUTPUT)/$(NAME).a
 
 help:
-	@echo "all     : exectue compile, link, rmo"
+	@echo "all     : execute compile, link, rmo"
 	@echo "compile : create .o files"
 	@echo "link    : create .a library from .o files"
 	@echo "rmo     : remove all .o files"
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
index 50590a0d..f345d098 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_c.patch
@@ -1,6 +1,6 @@
---- fsl_caam-orig.c	2022-10-21 15:50:35.709951000 -0700
-+++ fsl_caam.c	2022-12-28 06:30:34.788316189 -0800
-@@ -7872,3 +7872,462 @@
+--- fsl_caam.c	2023-01-12 23:39:04.000000000 -0800
++++ fsl_caam-expanded.c	2023-06-23 00:18:14.395128903 -0700
+@@ -7872,3 +7872,476 @@
      }
      return status;
  }
@@ -117,7 +117,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateKeyPairECC, sizeof(templateKeyPairECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -128,7 +128,9 @@
 +    descriptor[4] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -198,7 +200,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateSignECC, sizeof(templateSignECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -212,7 +214,9 @@
 +    descriptor[7] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -271,7 +275,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateVerifyECC, sizeof(templateVerifyECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_PD | keyType));
@@ -283,7 +287,9 @@
 +    DESC_ADD_LEN(descriptor[7], sizeHash);
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -338,7 +344,7 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateAgreeECC, sizeof(templateAgreeECC));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
 +
 +    DESC_SET_ADDR(descriptor[1], (CAAM_ECDSA_KEYGEN_PD | keyType));
@@ -350,7 +356,9 @@
 +    descriptor[5] |= enc;
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
@@ -367,7 +375,7 @@
 +/* Handle BLOB create and open */
 +static const uint32_t templateBlob[] = {
 +    /* 00 */ 0xB0800000u,  /* HEADER */
-+    /* 01 */ 0x14400000u,  /* class */
++    /* 01 */ 0x04000000u,  /* class */
 +    /* 02 */ 0x00000000u,  /* key mod */
 +    /* 03 */ 0xF0000000u,  /* SEQ input size */
 +    /* 04 */ 0x00000000u,  /* input */
@@ -425,6 +433,10 @@
 +        return status;
 +    }
 +
++    if (keyModSz != CAAM_SM_KEYMODSZ && keyModSz != CAAM_KEYMODSZ) {
++        return status;
++    }
++
 +    if (dir == CAAM_DECAP_BLOB &&
 +                (sizeOut > sizeIn - CAAM_PADDING_SIZE_BLOB)) {
 +        return status;
@@ -433,9 +445,9 @@
 +    /* initialize descriptor from template */
 +    (void)caam_memcpy(descriptor, templateBlob, sizeof(templateBlob));
 +
-+    /* add descriptor lenght in bytes to HEADER descriptor command */
++    /* add descriptor length in bytes to HEADER descriptor command */
 +    DESC_HEADER_ADD_DESCLEN(descriptor[0], descriptorSize);
-+    descriptor[1] |= color; /* add color of blob */
++    descriptor[1] |= keyModSz;
 +    DESC_SET_ADDR(descriptor[2], keyMod);
 +    DESC_ADD_LEN(descriptor[3], sizeIn);
 +    DESC_SET_ADDR(descriptor[4], in);
@@ -450,7 +462,9 @@
 +    }
 +
 +    /* schedule the job */
-+    status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    do {
++        status = caam_in_job_ring_add(base, handle->jobRing, &descriptor[0]);
++    } while (status == kStatus_CAAM_Again);
 +    if (status == kStatus_Success) {
 +        status = CAAM_Wait(base, handle, descriptor, kCAAM_Blocking);
 +    }
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
index 965b930c..23d43cc2 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/RT1170/fsl_caam_h.patch
@@ -1,6 +1,6 @@
---- fsl_caam-orig.h	2022-10-21 15:50:35.745560000 -0700
-+++ fsl_caam.h	2022-12-28 08:10:29.413415216 -0800
-@@ -3038,6 +3038,162 @@
+--- fsl_caam.h	2023-06-23 00:08:46.491699533 -0700
++++ fsl_caam-expanded.h	2023-06-23 00:10:22.702730462 -0700
+@@ -3038,6 +3038,164 @@
   *@}
   */ /* end of caam_driver_pkha */
  
@@ -127,10 +127,12 @@
 +
 +/* define for application to check for ECC CAAM additions */
 +#define CAAM_BLOB_EXPANSION
-+#define CAAM_RED_BLOB 0x00000C08
-+#define CAAM_BLACK_BLOB 0x00000010
++#define CAAM_RED_BLOB 1
++#define CAAM_BLACK_BLOB 2
 +#define CAAM_ENCAP_BLOB 0x07000000
 +#define CAAM_DECAP_BLOB 0x06000000
++#define CAAM_SM_KEYMODSZ 8
++#define CAAM_KEYMODSZ 16
 +#define CAAM_PADDING_SIZE_BLOB 48
 +
 +/*!
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
index 8ac6428a..c4132513 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/benchmark/source/run_benchmark.c
@@ -78,7 +78,7 @@ static void doBenchmark(void* params)
         wolfCrypt_Cleanup();
     }
     else {
-    	PRINTF("Failied to initialize wolfCrypt\r\n");
+    	PRINTF("Failed to initialize wolfCrypt\r\n");
     }
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
index aea3d1d6..08a0d432 100644
--- a/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
+++ b/extra/wolfssl/wolfssl/IDE/MCUEXPRESSO/wolfcrypt_test.c
@@ -136,7 +136,7 @@ int main(void)
         wolfCrypt_Cleanup();
     }
     else {
-    	PRINTF("Failied to initialize wolfCrypt\r\n");
+    	PRINTF("Failed to initialize wolfCrypt\r\n");
     }
 
 #if defined(FREESCALE_KSDK_2_0_TRNG) && defined(FREESCALE_RTC)
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
index 258f8a43..1e7fba4f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c
@@ -34,9 +34,9 @@
 
 static void init_RTC()
 {
-		/* Enable GPIO register interface clock                                     */
-		LPC_CCU1->CLK_M4_GPIO_CFG     |= 1;
-		while (!(LPC_CCU1->CLK_M4_GPIO_STAT   & 1)) ;
+    /* Enable GPIO register interface clock                                     */
+    LPC_CCU1->CLK_M4_GPIO_CFG     |= 1;
+    while (!(LPC_CCU1->CLK_M4_GPIO_STAT   & 1)) ;
 
     /* RTC Block section ------------------------------------------------------ */
     /* Init RTC module */
@@ -82,7 +82,7 @@ double current_time()
 
 
 void init_time(void) {
-	  init_RTC() ;
+    init_RTC() ;
     init_TIM() ;
 }
 
@@ -93,7 +93,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
     static struct tm date ;
 
   	RTC_TIME_Type RTCFullTime;
-	  RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
 
     date.tm_year = RTCFullTime.YEAR + 100 ;
     date.tm_mon = RTCFullTime.MONTH - 1 ;
@@ -104,7 +104,7 @@ struct tm *Cyassl_MDK_gmtime(const time_t *c)
 
     #if defined(DEBUG_CYASSL)
     {
-			  extern void CYASSL_MSG(char *msg) ;
+        extern void CYASSL_MSG(char *msg) ;
         char msg[100] ;
         sprintf(msg, "Debug::Cyassl_KEIL_gmtime(DATE=/%4d/%02d/%02d TIME=%02d:%02d:%02d)\n",
         RTCFullTime.YEAR+2000,  RTCFullTime.MONTH, RTCFullTime.DOM,
@@ -127,14 +127,14 @@ typedef struct func_args {
 void time_main(void *args)
 {
     char * datetime ;
-	  int year ;
+    int year ;
   	RTC_TIME_Type RTCFullTime;
 
     if( args == NULL || ((func_args *)args)->argc == 1) {
-		    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+        RTC_GetFullTime (LPC_RTC, &RTCFullTime);
         printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n",
-             RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
-             RTCFullTime.HOUR,  RTCFullTime.MIN,  RTCFullTime.SEC) ;
+        RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000,
+        RTCFullTime.HOUR,  RTCFullTime.MIN,  RTCFullTime.SEC) ;
     } else if(((func_args *)args)->argc == 3 &&
               ((func_args *)args)->argv[1][0] == '-' &&
               ((func_args *)args)->argv[1][1] == 'd' ) {
@@ -143,13 +143,13 @@ void time_main(void *args)
         sscanf(datetime, "%d/%d/%d",
              (int *)&RTCFullTime.MONTH, (int *)&RTCFullTime.DOM, &year) ;
         RTCFullTime.YEAR = year - 2000 ;
-				RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
+        RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH);
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_YEAR, RTCFullTime.YEAR);
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_DAYOFMONTH, RTCFullTime.DOM);
     } else if(((func_args *)args)->argc == 3 &&
               ((func_args *)args)->argv[1][0] == '-' &&
               ((func_args *)args)->argv[1][1] == 't' ) {
-		    RTC_GetFullTime (LPC_RTC, &RTCFullTime);
+        RTC_GetFullTime (LPC_RTC, &RTCFullTime);
 								datetime = ((func_args *)args)->argv[2];
         sscanf(datetime, "%d:%d:%d",
             (int *)&RTCFullTime.HOUR,
@@ -161,7 +161,3 @@ void time_main(void *args)
         RTC_SetTime (LPC_RTC, RTC_TIMETYPE_HOUR, RTCFullTime.HOUR);
     } else printf("Invalid argument\n") ;
 }
-
-
-
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
index 1d882ca9..ca367816 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-BARE-METAL.h
@@ -165,7 +165,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -204,6 +204,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -253,22 +306,9 @@
 #define NO_ERROR_STRINGS
 #endif
 //  </e>
-
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-//  </e>
+//  </h>
 
 
-//  </h>
 
 //</h>
 // <<< end of configuration section >>>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
index 256fff09..45b8c1b3 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-FS.h
@@ -202,7 +202,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -241,6 +241,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -291,20 +344,6 @@
 #endif
 //  </e>
 
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 0
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#endif
-//  </e>
-
-
 //  </h>
 
 //</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
index 11f1de7e..a96e5d78 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/config-RTX-TCP-FS.h
@@ -224,7 +224,7 @@
 #endif
 //  </e>
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -263,6 +263,59 @@
 //  </e>
 //  </h>
 
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
+#endif
+
+//      <e>Small Stack
+#define MDK_CONF_SmallStack 1
+#if MDK_CONF_SmallStack == 0
+    #define NO_WOLFSSL_SMALL_STACK
+    //#define WOLFSSL_SP_NO_MALLOC
+#else
+    #define WOLFSSL_SMALL_STACK
+#endif
+//      </e>
+//  </h>
+
 //  <h>Others
 
 //      <e>Inline
@@ -312,22 +365,6 @@
 #define NO_ERROR_STRINGS
 #endif
 //  </e>
-
-//      <e>Small Stack
-#define MDK_CONF_SMALL_STACK 1
-#if MDK_CONF_SMALL_STACK == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-
-
 //  </h>
 
 //</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
index b4d20bba..de71e994 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/main.c
@@ -99,7 +99,7 @@ extern void benchmark_test(void) ;
 extern void SER_Init(void) ;
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
 
 /*** This is the parent task entry ***/
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
index efb031e7..63e2cdc2 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/MDK-ARM/wolfSSL/shell.c
@@ -301,7 +301,7 @@ static struct {
     "",  NULL
 } ;
 
-enum jobtype { FORGROUND, BACKGROUND }  ;
+enum jobtype { FOREGROUND, BACKGROUND }  ;
 
 #define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
 
@@ -326,7 +326,7 @@ static int getline(char * line, int sz, func_args *args, int*bf_flg)
         (*bf_flg) = BACKGROUND ;
         line[strlen(line)-2] = '\n' ;
     } else {
-        (*bf_flg) = FORGROUND ;
+        (*bf_flg) = FOREGROUND ;
     }
     args->argc = 0 ;
     for(i=0; i<sz; i++) {
@@ -542,7 +542,7 @@ void shell_main(void) {
         for(i=0; commandTable[i].func != NULL; i++) {
             if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
             args.argv[0] = (char *) commandTable[i].func ;
-                if(bf_flg == FORGROUND) {
+                if(bf_flg == FOREGROUND) {
                     #ifdef  HAVE_KEIL_RTX
                     wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
                     os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
diff --git a/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c b/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
index bf88ad07..08dcbdf8 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c
@@ -32,7 +32,7 @@
  *----------------------------------------------------------------------------*/
 #include "stm32f2xx.h"
 
-#define assert_param(a)
+#define assert_param(a) /* null expansion */
 
 #define RTC_RSF_MASK         ((uint32_t)0xFFFFFF5F)
 #define SYNCHRO_TIMEOUT      ((uint32_t) 0x00008000)
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
index 6aecf095..c58b5fb6 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Conf/user_settings.h
@@ -21,21 +21,20 @@
 
 #define NO_MAIN_DRIVER
 #define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
 #define SIZEOF_LONG_LONG 8
 #define NO_WRITEV
 #define NO_DEV_RANDOM
+#define WOLFSSL_IGNORE_FILE_WARN
 
 #define TFM_TIMING_RESISTANT
 #define ECC_TIMING_RESISTANT
 #define WC_RSA_BLINDING
 
 #define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
+#define WOLFSSL_CURRTIME_OSTICK /* use OS tick for current_time */
 #define WOLFSSL_GMTIME
-
 #define NO_MULTIBYTE_PRINT
+
 // <<< Use Configuration Wizard in Context Menu >>>
 
 
@@ -99,7 +98,7 @@
 
 
 //      <e>File System
-#define MDK_CONF_FILESYSTEM 1
+#define MDK_CONF_FILESYSTEM 0
 #if MDK_CONF_FILESYSTEM == 0
 #define NO_FILESYSTEM
 #else
@@ -109,7 +108,9 @@
 //  </e>
 
 //   <o> Network<0=>None <1=>RLnet <2=>User I/O
+#ifndef MDK_CONF_NETWORK
 #define MDK_CONF_NETWORK 1
+#endif
 #if   MDK_CONF_NETWORK == 0
 #elif MDK_CONF_NETWORK == 1
 #define WOLFSSL_KEIL_TCP_NET
@@ -150,7 +151,7 @@
 
 // <h> wolfCrypt Configuration
 
-//  <h>Hash/Crypt Algrithm
+//  <h>Hash/Crypt Algorithm
 
 //      <e>MD2
 #define MDK_CONF_MD2 0
@@ -201,7 +202,7 @@
 #endif
 //  </e>
 //      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
+#define MDK_CONF_RIPEMD 0
 #if MDK_CONF_RIPEMD == 1
 #define WOLFSSL_RIPEMD
 #endif
@@ -275,7 +276,7 @@
 //  </e>
 
 //      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
+#define MDK_CONF_CAMELLIA 0
 #if MDK_CONF_CAMELLIA == 1
 #define HAVE_CAMELLIA
 #endif
@@ -287,8 +288,19 @@
 #define NO_DH
 #endif
 //  </e>
+
+//      <e>RSA
+#define MDK_CONF_RSA 1
+#if MDK_CONF_RSA == 1
+/* #define RSA_LOW_MEM */
+#else
+#define NO_RSA
+#endif
+//  </e>
+
+
 //      <e>DSA
-#define MDK_CONF_DSA 1
+#define MDK_CONF_DSA 0
 #if MDK_CONF_DSA == 0
 #define NO_DSA
 #endif
@@ -297,7 +309,7 @@
 //      <e>SRP
 #define MDK_CONF_SRP 1
 #if MDK_CONF_SRP == 1
-#define HAVE_SRP
+#define WOLFCRYPT_HAVE_SRP
 #endif
 //  </e>
 
@@ -412,7 +424,7 @@
 //  </e>
 // </h>
 
-//  <h>Cert/Key Strage
+//  <h>Cert/Key Storage
 //        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
 #define MDK_CONF_CERT_BUFF 0
 #if MDK_CONF_CERT_BUFF== 1
@@ -432,25 +444,63 @@
 #define MDK_CONF_KEY_GEN 0
 #if MDK_CONF_KEY_GEN == 1
 #define WOLFSSL_KEY_GEN
+#define WOLFSSL_OLD_PRIME_CHECK /* use older prime check (faster) */
 #endif
 //  </e>
 // </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
+
+// <h>Math / Memory
+//      <o> Math Library
+//        <0=>SP Math All (sp_int.c)
+//        <1=>Fast Math (tfm.c)
+//        <2=>Heap Math (integer.c)
+//        <3=>SP Math (RSA/DH 2048/3072/4096 and ECC 256/384/521 only)
+//        <4=>SP Math +ASM (faster)
+#define MDK_CONF_MATH 0
+#if MDK_CONF_MATH == 0
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+#elif MDK_CONF_MATH == 1
+    #define USE_FAST_MATH
+#elif MDK_CONF_MATH == 2
+    #define USE_INTEGER_HEAP_MATH
+#elif MDK_CONF_MATH == 3 || MDK_CONF_MATH == 4
+    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+
+    //#define WOLFSSL_SP_NO_2048
+    //#define WOLFSSL_SP_NO_3072
+    #define WOLFSSL_SP_4096
+    //#define WOLFSSL_SP_NO_256
+    //#define WOLFSSL_SP_384
+    //#define WOLFSSL_SP_521
+
+    #define WOLFSSL_SP_SMALL /* use smaller version of code */
+    //#define WOLFSSL_SP_NO_MALLOC /* do not use heap */
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    #if MDK_CONF_MATH == 4
+        /* SP Assembly Speedups - specific to chip type */
+        #define WOLFSSL_SP_ASM
+
+        //#define WOLFSSL_SP_ARM32_ASM
+        //#define WOLFSSL_SP_ARM64_ASM
+        //#define WOLFSSL_SP_ARM_THUMB_ASM
+        //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+    #endif
 #endif
-//  </e>
+
 //      <e>Small Stack
 #define MDK_CONF_SmallStack 1
 #if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
+    #define NO_WOLFSSL_SMALL_STACK
+#else
+    #define WOLFSSL_SMALL_STACK
 #endif
-//  </e>
-
+//      </e>
+//  </h>
 //  </h>
-
 
 /**** wolfSSL Configuration ****/
 
@@ -465,6 +515,7 @@
 #define WC_RSA_PSS
 #define HAVE_HKDF
 #define HAVE_FFDHE_2048
+//#define HAVE_FFDHE_3072
 #endif
 //  </e>
 
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
index 673d4537..e6d314a7 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
@@ -1,4 +1,4 @@
-/* wolfssl_KEIL_ARM.h
+/* wolfssl_MDK_ARM.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -70,7 +70,7 @@ typedef int socklen_t ;
 #define tcp_listen    wolfssl_tcp_listen
 #define connect(a,b,c)    connect(a, (SOCKADDR *)(b), c)
 #define SOCKADDR struct sockaddr
-	
+
 /** KEIL-RL TCPnet ****/
 /* TCPnet BSD socket does not have following functions. */
 extern char *inet_ntoa(struct in_addr in);
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
index e598c556..2b06bcce 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx
@@ -233,7 +233,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
index 095377e6..3ef1956d 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx
@@ -334,7 +334,7 @@
             <v6Rtti>0</v6Rtti>
             <VariousControls>
               <MiscControls></MiscControls>
-              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
               <Undefine></Undefine>
               <IncludePath></IncludePath>
             </VariousControls>
@@ -383,7 +383,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -791,7 +791,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index f206ad22..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define WOLFSSL_MDK5_COMPLv5
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS<4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet<9=>MQX
-//         <10=>T-RTOS <11=>uITRON4<12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS<15=>CMSIS RTOSv2<16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
index 002677f6..1b055e7f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c
@@ -37,11 +37,11 @@
 #endif
 
 /* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 
 #if defined(STM32F7xx)
 #include "stm32f7xx_hal.h"
@@ -72,22 +72,22 @@ extern uint32_t os_time;
 
 uint32_t HAL_GetTick(void)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+  #if defined(WOLFSSL_CMSIS_RTOS)
+      return os_time;
+  #elif defined(WOLFSSL_CMSIS_RTOSv2)
+      return osKernelGetTickCount();
+  #endif
 }
 
 double current_time(int reset)
 {
     if (reset)
         return 0;
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return (double)os_time / 1000.0;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return (double)osKernelGetTickCount() / 1000.0;
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return (double)osKernelGetTickCount() / 1000.0;
+#endif
 }
 
 #else
@@ -96,28 +96,28 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
-  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+    uint32_t CTRL;   /*!< Offset: 0x000 (R/W)  Control Register     */
+    uint32_t CYCCNT; /*!< Offset: 0x004 (R/W)  Cycle Count Register */
 } DWT_Type;
 
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
 
 double current_time(int reset)
 {
-      if(reset) DWT->CYCCNT = 0 ;
-      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+    if (reset) DWT->CYCCNT = 0;
+    return ((double)DWT->CYCCNT/SystemCoreClock);
 }
 #endif
 
 static time_t epochTime;
 time_t time(time_t *t)
 {
-  return epochTime;
+    return epochTime;
 }
 
 void setTime(time_t t)
 {
-  epochTime = t;
+    epochTime = t;
 }
 
 /*-----------------------------------------------------------------------------
@@ -126,48 +126,51 @@ void setTime(time_t t)
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
-void benchmark_test(void *arg) ;
+void benchmark_test(void *arg);
 
 int main()
 {
-    void * arg = NULL ;
-    
-    MPU_Config(); 
+    void * arg = NULL;
+
+    MPU_Config();
     CPU_CACHE_Enable();
     HAL_Init();                        /* Initialize the HAL Library     */
     SystemClock_Config();              /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
-    
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+#endif
 
-    printf("=== Start: Crypt Benchmark ===\n") ;
-    benchmark_test(arg) ;
-    printf("=== End: Crypt Benchmark  ===\n") ;
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
-}
+    printf("=== Start: Crypt Benchmark ===\n");
+    benchmark_test(arg);
+    printf("=== End: Crypt Benchmark  ===\n");
 
+    return 0;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
index e3db5d53..59202259 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx
@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
index 8e4dcd59..6c1d17fe 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx
@@ -334,7 +334,7 @@
             <v6Rtti>0</v6Rtti>
             <VariousControls>
               <MiscControls></MiscControls>
-              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS</Define>
+              <Define>USE_STM32756G_EVAL USE_IOEXPANDER WOLFSSL_USER_SETTINGS MDK_CONF_NETWORK=0</Define>
               <Undefine></Undefine>
               <IncludePath></IncludePath>
             </VariousControls>
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -760,14 +760,8 @@
         <package name="MDK-Middleware" schemaVersion="1.4" url="http://www.keil.com/pack/" vendor="Keil" version="7.4.1"/>
         <targetInfos/>
       </file>
-      <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\config-Crypt.h">
-        <instance index="0" removed="1">RTE\wolfSSL\config-Crypt.h</instance>
-        <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="" condition="wolfCrypt-Core"/>
-        <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.13.0"/>
-        <targetInfos/>
-      </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index 80af5e2f..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 0
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
index 3222cc5d..6425e654 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/CryptTest/main.c
@@ -34,9 +34,9 @@
     #include "cmsis_os2.h"
 #endif
 /* Dummy definition for test RTC */
-#define RTC_YEAR 2019
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-#define RTC_DAY 1
+#define RTC_DAY   1
 
 #if defined(STM32F7xx)
 #include "stm32f7xx_hal.h"
@@ -65,19 +65,19 @@ extern uint32_t os_time;
 #endif
 
 uint32_t HAL_GetTick(void) {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 static  time_t epochTime;
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
 
@@ -87,48 +87,52 @@ void setTime(time_t t){
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
-void wolfcrypt_test(void *arg) ;
+void wolfcrypt_test(void *arg);
 
 int main()
 {
-    void * arg = NULL ;
+    void * arg = NULL;
 
-    MPU_Config(); 
+    MPU_Config();
     CPU_CACHE_Enable();
     HAL_Init();                        /* Initialize the HAL Library     */
     SystemClock_Config();              /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+            RTC_MONTH*30*24*60*60 +
+            RTC_DAY*24*60*60);
 
-    printf("=== Start: Crypt test === \n") ;
-        wolfcrypt_test(arg) ;
-    printf("=== End: Crypt test  ===\n") ;
+    printf("=== Start: Crypt test === \n");
+    wolfcrypt_test(arg);
+    printf("=== End: Crypt test  ===\n");
 
+    return 0;
 }
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
index 0348f083..8a7d23a3 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
@@ -328,7 +328,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
index fdaf1715..735b3c8a 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -880,7 +880,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index 4a714d7e..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,495 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
index 63d87dc0..22f27cb1 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoClient/main.c
@@ -26,7 +26,7 @@
 #include "wolfssl/wolfcrypt/settings.h"
 
 #include "cmsis_os.h"                 /* CMSIS RTOS definitions             */
-#include "rl_net.h"                      /* Network definitions                */
+#include "rl_net.h"                   /* Network definitions                */
 #include <time.h>
 
 #if defined(STM32F7xx)
@@ -40,12 +40,9 @@
 //-------- <<< Use Configuration Wizard in Context Menu >>> -----------------
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2018
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -69,29 +66,30 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
 
 void net_loop(void const *arg)
 {
-    while(1) {
+    while (1) {
         net_main ();
         osThreadYield ();
     }
@@ -103,8 +101,8 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
 extern uint32_t os_time;
 static  time_t epochTime;
 
-uint32_t HAL_GetTick(void) { 
-    return os_time; 
+uint32_t HAL_GetTick(void) {
+    return os_time;
 }
 
 time_t time(time_t *t){
@@ -133,15 +131,15 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
-  uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
+    uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
+    uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
 } DWT_Type;
 
 extern uint32_t SystemCoreClock ;
 
 double current_time(int reset)
 {
-    if(reset) DWT->CYCCNT = 0 ;
+    if (reset) DWT->CYCCNT = 0 ;
     return ((double)DWT->CYCCNT/SystemCoreClock) ;
 }
 #endif
@@ -160,20 +158,21 @@ extern void echoclient_test(func_args * args) ;
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
      static char *argv[] =
           {   "client" } ;
      static   func_args args  =
           {  1, argv } ;
 
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
+    MPU_Config();                             /* Configure the MPU            */
+    CPU_CACHE_Enable();                       /* Enable the CPU Cache         */
+    HAL_Init();                               /* Initialize the HAL Library   */
+    SystemClock_Config();                     /* Configure the System Clock   */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
     net_initialize ();
 
     #if defined(DEBUG_WOLFSSL)
@@ -181,14 +180,15 @@ int main (void) {
          wolfSSL_Debugging_ON() ;
     #endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
     osThreadCreate (osThread(net_loop), NULL);
 
     echoclient_test(&args) ;
 
-    while(1)
+    while (1) {
         osDelay(1000);
-
+    }
 }
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
index 78b69354..65e7c61c 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx
@@ -279,7 +279,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
index 0650169d..9471fa6b 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -886,7 +886,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.14.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index f4c47bf7..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 14
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
index deb800f8..53a27bec 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/EchoServer/main.c
@@ -26,7 +26,7 @@
 #include "wolfssl/wolfcrypt/settings.h"
 
 #include "cmsis_os.h"                 /* CMSIS RTOS definitions             */
-#include "rl_net.h"                      /* Network definitions                */
+#include "rl_net.h"                   /* Network definitions                */
 #include <time.h>
 
 #if defined(STM32F7xx)
@@ -58,12 +58,9 @@
 //   </h>
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2018
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -88,22 +85,23 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -120,20 +118,20 @@ osThreadDef(net_loop, osPriorityLow, 2, 0);
 
 #ifdef RTE_CMSIS_RTOS_RTX
 extern uint32_t os_time;
-static  time_t epochTime;
+static time_t epochTime;
 
-uint32_t HAL_GetTick(void) { 
-    return os_time; 
+uint32_t HAL_GetTick(void) {
+    return os_time;
 }
 
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
-#endif
+#endif /* RTE_CMSIS_RTOS_RTX */
 
 
 #ifdef WOLFSSL_CURRTIME_OSTICK
@@ -143,28 +141,27 @@ extern uint32_t os_time;
 
 double current_time(int reset)
 {
-      if(reset) os_time = 0 ;
-      return (double)os_time /1000.0;
+    if (reset) os_time = 0;
+    return (double)os_time /1000.0;
 }
 
 #else
 
 #include <stdint.h>
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
-typedef struct
-{
-  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
-  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+typedef struct {
+    uint32_t CTRL;   /*!< Offset: 0x000 (R/W)  Control Register     */
+    uint32_t CYCCNT; /*!< Offset: 0x004 (R/W)  Cycle Count Register */
 } DWT_Type;
 
-extern uint32_t SystemCoreClock ;
+extern uint32_t SystemCoreClock;
 
 double current_time(int reset)
 {
-      if(reset) DWT->CYCCNT = 0 ;
-      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+    if (reset) DWT->CYCCNT = 0;
+    return ((double)DWT->CYCCNT/SystemCoreClock);
 }
-#endif
+#endif /* WOLFSSL_CURRTIME_OSTICK */
 
 /*----------------------------------------------------------------------------
   Main Thread 'main': Run Network
@@ -175,39 +172,42 @@ typedef struct func_args {
     char** argv;
 } func_args;
 
-extern void echoserver_test(func_args * args) ;
+extern void echoserver_test(func_args * args);
 
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
      static char *argv[] =
-          {   "server" } ;
-     static   func_args args  = { 1, argv } ;
+          {   "server" };
+     static   func_args args  = { 1, argv };
 
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
+    MPU_Config();                           /* Configure the MPU              */
+    CPU_CACHE_Enable();                     /* Enable the CPU Cache           */
+    HAL_Init();                             /* Initialize the HAL Library     */
+    SystemClock_Config();                   /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
     net_initialize ();
 
-    #if defined(DEBUG_WOLFSSL)
-         printf("Turning ON Debug message\n") ;
-         wolfSSL_Debugging_ON() ;
-    #endif
+#if defined(DEBUG_WOLFSSL)
+    printf("Turning ON Debug message\n");
+    wolfSSL_Debugging_ON();
+#endif
 
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
     osThreadCreate (osThread(net_loop), NULL);
 
-    echoserver_test(&args) ;
-    printf("echoserver: Terminated\n") ;
-    while(1)
-        osDelay(1000);
+    echoserver_test(&args);
+    printf("echoserver: Terminated\n");
 
+    while (1) {
+        osDelay(1000);
+    }
 }
-
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
index 38fdb540..47f64d8b 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
index 913abe82..7bf9356e 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvprojx
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -912,7 +912,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
index 43454585..04615470 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleClient/main.c
@@ -68,12 +68,9 @@
 //   </h>
 
 //   <h>RTC: for validate certificate date
-//    <o>Year <1970-2099>
-#define RTC_YEAR 2019
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aug<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -96,19 +93,19 @@ extern uint32_t os_time;
 #endif
 
 uint32_t HAL_GetTick(void) {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 static  time_t epochTime;
-time_t time(time_t *t){
-     return epochTime ;
+time_t time(time_t *t) {
+     return epochTime;
 }
 
-void setTime(time_t t){
+void setTime(time_t t) {
     epochTime = t;
 }
 
@@ -129,22 +126,23 @@ double current_time(int reset)
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -156,9 +154,10 @@ void app_main(void *arg)
 void app_main(void const*arg)
 #endif
 {
-    if(netInitialize () == netOK)
-	      client_test(arg);
-		else printf("ERROR: netInitialize\n");
+    if (netInitialize () == netOK)
+        client_test(arg);
+    else
+        printf("ERROR: netInitialize\n");
 }
 
 #if defined(WOLFSSL_CMSIS_RTOS)
@@ -178,48 +177,51 @@ typedef struct func_args {
 int myoptind = 0;
 char* myoptarg = NULL;
 
-int main (void) {
+int main (void)
+{
     static char *argv[] =
         {   "client",   "-h", REMOTE_IP, "-p", REMOTE_PORT,
-                                   "-v",  " ",  OTHER_OPTIONS } ;
+                                   "-v",  " ",  OTHER_OPTIONS };
     static   func_args args  =
-        {  sizeof(argv)/sizeof(*argv[0]), argv } ;
+        {  sizeof(argv)/sizeof(*argv[0]), argv };
 
     char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
     #define VERSIZE 2
     static char ver[VERSIZE];
-                    
-    MPU_Config();                             /* Configure the MPU              */
-    CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
-    HAL_Init();                               /* Initialize the HAL Library     */
-    SystemClock_Config();                     /* Configure the System Clock     */
-    #if defined(WOLFSSL_CMSIS_RTOSv2)
+
+    MPU_Config();                             /* Configure the MPU            */
+    CPU_CACHE_Enable();                       /* Enable the CPU Cache         */
+    HAL_Init();                               /* Initialize the HAL Library   */
+    SystemClock_Config();                     /* Configure the System Clock   */
+#if defined(WOLFSSL_CMSIS_RTOSv2)
     osKernelInitialize();
-    #endif
-		
-    #if !defined(NO_FILESYSTEM)
+#endif
+
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
 
-    #if defined(DEBUG_WOLFSSL)
-        printf("Turning ON Debug message\n") ;
-        wolfSSL_Debugging_ON() ;
-    #endif
+#if defined(DEBUG_WOLFSSL)
+    printf("Turning ON Debug message\n");
+    wolfSSL_Debugging_ON();
+#endif
 
     snprintf(ver, VERSIZE, "%d", TLS_VER);
     argv[6] = ver;
 
-    printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0]))) ;
-    printf("    Remote IP: %s, Port: %s\n    Version: %s\n", argv[2], argv[4],  verStr[TLS_VER]) ;
-    printf("    Other options: %s\n", OTHER_OPTIONS);   
-    setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
-
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        osThreadCreate (osThread(app_main), (void *)&args);
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        osThreadNew(app_main, (void *)&args, NULL);
-    #endif
-    osKernelStart();     
+    printf("SSL/TLS Client(%d)\n ", (int)(sizeof(argv)/sizeof(argv[0])));
+    printf("    Remote IP: %s, Port: %s\n    Version: %s\n",
+        argv[2], argv[4],  verStr[TLS_VER]);
+    printf("    Other options: %s\n", OTHER_OPTIONS);
+    setTime((time_t)((RTC_YEAR-1970)*365*24*60*60) +
+                      RTC_MONTH*30*24*60*60 +
+                      RTC_DAY*24*60*60);
 
+#if defined(WOLFSSL_CMSIS_RTOS)
+    osThreadCreate (osThread(app_main), (void *)&args);
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    osThreadNew(app_main, (void *)&args, NULL);
+#endif
+    osKernelStart();
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
index 793053da..2f13b806 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx
@@ -298,7 +298,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
index 33c84cb0..659c22d0 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx
@@ -413,7 +413,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -912,7 +912,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.15.7">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
index 3f8c196c..973fdbbe 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/SimpleServer/main.c
@@ -66,11 +66,9 @@
 
 //   <h>RTC: for validate certificate date
 //    <o>Year <1970-2099>
-#define RTC_YEAR 2019
-//    <o>Month <1=>Jan<2=>Feb<3=>Mar<4=>Apr<5=>May<6=>Jun<7=>Jul<8=>Aut<9=>Sep<10=>Oct<11=>Nov<12=>Dec
+#define RTC_YEAR  2023
 #define RTC_MONTH 1
-//    <o>Day <1-31>
-#define RTC_DAY 1
+#define RTC_DAY   1
 //    </h>
 
 //------------- <<< end of configuration section >>> -----------------------
@@ -94,22 +92,23 @@ static void CPU_CACHE_Enable (void) {
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"                      /* FileSystem definitions             */
 
-static void init_filesystem (void) {
-  int32_t retv;
+static void init_filesystem(void)
+{
+    int32_t retv;
 
-  retv = finit ("M0:");
-  if (retv == fsOK) {
-    retv = fmount ("M0:");
+    retv = finit ("M0:");
     if (retv == fsOK) {
-      printf ("Drive M0 ready!\n");
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed(%d)!\n", retv);
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -121,20 +120,20 @@ extern uint32_t os_time;
 
 uint32_t HAL_GetTick(void)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return os_time;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return osKernelGetTickCount();
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return os_time;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return osKernelGetTickCount();
+#endif
 }
 
 double current_time(int reset)
 {
-    #if defined(WOLFSSL_CMSIS_RTOS)
-        return (double)os_time / 1000.0;
-    #elif defined(WOLFSSL_CMSIS_RTOSv2)
-        return (double)osKernelGetTickCount() / 1000.0;
-    #endif
+#if defined(WOLFSSL_CMSIS_RTOS)
+    return (double)os_time / 1000.0;
+#elif defined(WOLFSSL_CMSIS_RTOSv2)
+    return (double)osKernelGetTickCount() / 1000.0;
+#endif
 }
 
 #else
@@ -143,8 +142,8 @@ double current_time(int reset)
 #define DWT                 ((DWT_Type       *)     (0xE0001000UL)     )
 typedef struct
 {
-  uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
-  uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
+    uint32_t CTRL;       /*!< Offset: 0x000 (R/W)  Control Register           */
+    uint32_t CYCCNT;     /*!< Offset: 0x004 (R/W)  Cycle Count Register       */
 } DWT_Type;
 
 extern uint32_t SystemCoreClock;
@@ -203,22 +202,22 @@ int main(void)
 {
     static char *argv[] =
         {   "server",  "-p", SERVER_PORT,
-                       "-v",  " ",  OTHER_OPTIONS } ;
+                       "-v",  " ",  OTHER_OPTIONS };
     static   func_args args  =
-        {  sizeof(argv)/sizeof(*argv[0]), argv } ;
+        {  sizeof(argv)/sizeof(*argv[0]), argv };
 
     char *verStr[] = { "SSL3", "TLS1.0", "TLS1.1", "TLS1.2", "TLS1.3"};
     #define VERSIZE 2
     char ver[VERSIZE];
-                    
+
     MPU_Config();                             /* Configure the MPU              */
     CPU_CACHE_Enable();                       /* Enable the CPU Cache           */
     HAL_Init();                               /* Initialize the HAL Library     */
     SystemClock_Config();                     /* Configure the System Clock     */
 
-    #if !defined(NO_FILESYSTEM)
+#if !defined(NO_FILESYSTEM)
     init_filesystem ();
-    #endif
+#endif
 
 #if defined(WOLFSSL_CMSIS_RTOSv2)
     osKernelInitialize();
@@ -232,10 +231,12 @@ int main(void)
     snprintf(ver, VERSIZE, "%d", TLS_VER);
     argv[4] = ver;
 
-    printf("SSL/TLS Server\n ") ;
-    printf("    Server Port: %s\n    Version: %s\n", argv[2], verStr[TLS_VER]) ;
-    printf("    Other options: %s\n", OTHER_OPTIONS);   
-    setTime((RTC_YEAR-1970)*365*24*60*60 + RTC_MONTH*30*24*60*60 + RTC_DAY*24*60*60);
+    printf("SSL/TLS Server\n ");
+    printf("    Server Port: %s\n    Version: %s\n", argv[2], verStr[TLS_VER]);
+    printf("    Other options: %s\n", OTHER_OPTIONS);
+    setTime((RTC_YEAR-1970)*365*24*60*60 +
+             RTC_MONTH*30*24*60*60 +
+             RTC_DAY*24*60*60);
 
 #if defined(WOLFSSL_CMSIS_RTOS)
     osThreadCreate(osThread(app_main), (void *)&args);
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
index 43bd7298..9eab03cc 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/main.c
@@ -51,22 +51,24 @@ void SystemClock_Config(void) {
  *----------------------------------------------------------------------------*/
 #if !defined(NO_FILESYSTEM)
 #include "rl_fs.h"
-static void init_filesystem (void) {
-  int32_t retv;
-
-  retv = finit ("M0:");
-  if (retv == 0) {
-    retv = fmount ("M0:");
-    if (retv == 0) {
-      printf ("Drive M0 ready!\n");
+
+static void init_filesystem(void)
+{
+    int32_t retv;
+
+    retv = finit ("M0:");
+    if (retv == fsOK) {
+        retv = fmount ("M0:");
+        if (retv == fsOK) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+            printf ("Drive M0 mount failed(%d)!\n", retv);
+        }
     }
     else {
-      printf ("Drive M0 mount failed!\n");
+        printf ("Drive M0 initialization failed!\n");
     }
-  }
-  else {
-    printf ("Drive M0 initialization failed!\n");
-  }
 }
 #endif
 
@@ -76,31 +78,31 @@ typedef struct func_args {
 } func_args;
 
 
-extern void shell_main(func_args * args) ;
+extern void shell_main(func_args * args);
 
 /*-----------------------------------------------------------------------------
- *       mian entry
+ *       main entry
  *----------------------------------------------------------------------------*/
 int myoptind = 0;
 char* myoptarg = NULL;
 
 int main()
 {
-    void *arg = NULL ;
+    void *arg = NULL;
 
-	  SystemClock_Config() ;
-	  #if !defined(NO_FILESYSTEM)
+    SystemClock_Config();
+    #if !defined(NO_FILESYSTEM)
         init_filesystem ();
-	  #endif
+    #endif
 
-    netInitialize() ;
-    osDelay(300) ;
+    netInitialize();
+    osDelay(300);
 
-    #if defined(DEBUG_WOLFSSL)
-         printf("Turning ON Debug message\n") ;
-         wolfSSL_Debugging_ON() ;
-    #endif
+#if defined(DEBUG_WOLFSSL)
+        printf("Turning ON Debug message\n");
+        wolfSSL_Debugging_ON();
+#endif
 
-    shell_main(arg) ;
+    shell_main(arg);
 
 }
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
index c3c449d5..3958f4a2 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/shell.c
@@ -308,7 +308,7 @@ static struct {
     "",  NULL
 } ;
 
-enum jobtype { FORGROUND, BACKGROUND }  ;
+enum jobtype { FOREGROUND, BACKGROUND }  ;
 
 #define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
 
@@ -368,7 +368,7 @@ static int getline(char * line, int sz, func_args *args, int*bf_flg)
         (*bf_flg) = BACKGROUND ;
         line[strlen(line)-2] = '\n' ;
     } else {
-        (*bf_flg) = FORGROUND ;
+        (*bf_flg) = FOREGROUND ;
     }
     args->argc = 0 ;
     for(i=0; i<sz; i++) {
@@ -531,7 +531,7 @@ static   wolfSSL_Mutex command_mutex ;
 #endif
 
 void exit_command(void) {
-	  printf("Command Aborted\n") ;
+    printf("Command Aborted\n") ;
     #ifdef WOLFSSL_CMSIS_RTOS
         osThreadTerminate(osThreadGetId()) ;
     #else
@@ -617,7 +617,7 @@ void shell_main(void *arg) {
     func_args args ;
     int bf_flg ;
 #if defined(WOLFSSL_CMSIS_RTOS)
-    osThreadId 	 cmd ;
+    osThreadId cmd ;
 #endif
     i = BackGround ;
         /* Dummy for avoiding warning: BackGround is defined but not used. */
@@ -633,7 +633,7 @@ void shell_main(void *arg) {
         for(i=0; commandTable[i].func != NULL; i++) {
             if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
             args.argv[0] = (char *) commandTable[i].func ;
-                if(bf_flg == FORGROUND) {
+                if(bf_flg == FOREGROUND) {
                     #if defined(HAVE_KEIL_RTX) && !defined(WOLFSSL_CMSIS_RTOS)
                         wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
                         os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
@@ -641,14 +641,14 @@ void shell_main(void *arg) {
                         os_tsk_pass ();
                     #else
                         #if defined(WOLFSSL_CMSIS_RTOS)
-                             wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
-                             cmd = osThreadCreate (osThread (command_invoke) , &args);
-                             if(cmd == NULL) {
-															     printf("Cannon create command thread\n") ;
-														 }
-												     osThreadYield ();
+                            wc_UnLockMutex((wolfSSL_Mutex *)&command_mutex) ;
+                            cmd = osThreadCreate (osThread (command_invoke) , &args);
+                            if(cmd == NULL) {
+                                printf("Cannon create command thread\n") ;
+                            }
+                            osThreadYield ();
                         #else
-                              command_invoke(&args) ;
+                            command_invoke(&args) ;
                         #endif
                     #endif
                     #ifdef  HAVE_KEIL_RTX
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
index 91b3e7f9..d9d99e3f 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvoptx
@@ -300,7 +300,7 @@
       <Focus>0</Focus>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
@@ -308,7 +308,7 @@
   </Group>
 
   <Group>
-    <GroupName>Dcumentation</GroupName>
+    <GroupName>Documentation</GroupName>
     <tvExp>1</tvExp>
     <tvExpOptDlg>0</tvExpOptDlg>
     <cbSel>0</cbSel>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
index e3830325..4b04749c 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Full/wolfsslFull.uvprojx
@@ -441,12 +441,12 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
         <Group>
-          <GroupName>Dcumentation</GroupName>
+          <GroupName>Documentation</GroupName>
           <Files>
             <File>
               <FileName>Abstract.txt</FileName>
@@ -972,7 +972,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfCrypt" Csub="CORE" Cvendor="wolfSSL" Cversion="3.9.0" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.0" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.9.0"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h
deleted file mode 100644
index c14e4724..00000000
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/RTE/wolfSSL/user_settings.h
+++ /dev/null
@@ -1,497 +0,0 @@
-/* user_settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#define NO_MAIN_DRIVER
-#define BENCH_EMBEDDED
-#define NO_DEV_RANDOM
-#define WOLFSSL_USER_CURRTIME
-#define SIZEOF_LONG_LONG 8
-#define NO_WRITEV
-#define NO_DEV_RANDOM
-
-#define TFM_TIMING_RESISTANT
-#define ECC_TIMING_RESISTANT
-#define WC_RSA_BLINDING
-
-#define WOLFSSL_USER_CURRTIME /* for benchmark */
-#define WOLFSSL_CURRTIME_OSTICK /* use OS tich for current_time */
-#define WOLFSSL_GMTIME
-#define NO_MULTIBYTE_PRINT
-
-// <<< Use Configuration Wizard in Context Menu >>>
-
-
-//  <h>Common options
-//        <o> MPU<0=>Undefined<1=>STM32F2xx<2=>STM32F4xx<3=>STM32F7xx
-#define MDK_CONF_MPU 3
-#if     MDK_CONF_MPU == 0
-
-#elif   MDK_CONF_MPU == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F2xx
-#elif MDK_CONF_MPU == 2
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F4xx
-#elif MDK_CONF_MPU == 3
-#define WOLFSSL_STM32_CUBEMX
-#define STM32F7xx
-#endif
-
-//        <o> Thread/RTOS<0=>Single Threaded <1=>FreeRTOS <3=>SafeRTOS <4=>Windows
-//         <5=>PThread <6=>ThreadX
-//         <7=>Micrium <8=>EBSnet <9=>MQX
-//         <10=>T-RTOS <11=>uITRON4 <12=>uTKERNEL2
-//         <13=>Frosted <14=>CMSIS RTOS <15=>CMSIS RTOSv2 <16=>Others
-#define MDK_CONF_THREAD 15
-#if MDK_CONF_THREAD== 0
-#define SINGLE_THREADED
-#elif MDK_CONF_THREAD == 1
-#define FREERTOS
-#elif MDK_CONF_THREAD == 3
-#define WOLFSSL_SAFERTOS
-#elif MDK_CONF_THREAD == 4
-#define USE_WINDOWS_API
-#elif MDK_CONF_THREAD == 5
-#define WOLFSSL_PTHREADS
-#elif MDK_CONF_THREAD == 6
-#define THREADX
-#define NETX
-#elif MDK_CONF_THREAD == 7
-#define MICRIUM
-#elif MDK_CONF_THREAD == 8
-#define EBSNET
-#elif MDK_CONF_THREAD == 9
-#define FREESCALE_MQX
-#define FREESCALE_KSDK_MQX
-#elif MDK_CONF_THREAD == 10
-#define WOLFSSL_TIRTOS
-#elif MDK_CONF_THREAD == 11
-#define WOLFSSL_uITRON4
-#elif MDK_CONF_THREAD == 12
-#define WOLFSSL_uTKERNEL2
-#elif MDK_CONF_THREAD == 13
-#define WOLFSSL_FROSTED
-#elif MDK_CONF_THREAD == 14
-#define WOLFSSL_CMSIS_RTOS
-#elif MDK_CONF_THREAD == 15
-#define WOLFSSL_CMSIS_RTOSv2
-#elif MDK_CONF_THREAD == 16
-#define SINGLE_THREADED
-#endif
-
-
-//      <e>File System
-#define MDK_CONF_FILESYSTEM 1
-#if MDK_CONF_FILESYSTEM == 0
-#define NO_FILESYSTEM
-#else
-#define WOLFSSL_KEIL_FS
-#define NO_WOLFSSL_DIR
-#endif
-//  </e>
-
-//   <o> Network<0=>None <1=>RLnet <2=>User I/O
-#define MDK_CONF_NETWORK 1
-#if   MDK_CONF_NETWORK == 0
-#elif MDK_CONF_NETWORK == 1
-#define WOLFSSL_KEIL_TCP_NET
-#elif MDK_CONF_NETWORK == 2
-#define WOLFSSL_USER_IO
-#endif
-
-//  <h>Debug options
-
-//              <e>Debug Message
-#define MDK_CONF_DebugMessage 0
-#if MDK_CONF_DebugMessage == 1
-#define DEBUG_WOLFSSL
-#endif
-//         </e>
-//              <e>Check malloc
-#define MDK_CONF_CheckMalloc 1
-#if MDK_CONF_CheckMalloc == 1
-#define WOLFSSL_MALLOC_CHECK
-#define USE_WOLFSSL_MEMORY
-#endif
-//         </e>
-//      <e>ErrNo.h
-#define MDK_CONF_ErrNo 1
-#if MDK_CONF_ErrNo == 1
-#define HAVE_ERRNO
-#endif
-//  </e>
-//      <e>Error Strings
-#define MDK_CONF_ErrorStrings 1
-#if MDK_CONF_ErrorStrings == 0
-#define NO_ERROR_STRINGS
-#endif
-//  </e>
-
-//</h>
-//</h>
-
-// <h> wolfCrypt Configuration
-
-//  <h>Hash/Crypt Algrithm
-
-//      <e>MD2
-#define MDK_CONF_MD2 0
-#if MDK_CONF_MD2 == 1
-#define WOLFSSL_MD2
-#endif
-//  </e>
-//      <e>MD4
-#define MDK_CONF_MD4 0
-#if MDK_CONF_MD4 == 0
-#define NO_MD4
-#endif
-//  </e>
-//      <e>MD5
-#define MDK_CONF_MD5 1
-#if MDK_CONF_MD5 == 0
-#define NO_MD5
-#endif
-//  </e>
-//      <e>SHA
-#define MDK_CONF_SHA  1
-#if MDK_CONF_SHA == 0
-#define NO_SHA
-#endif
-//  </e>
-//      <e>SHA-256
-#define MDK_CONF_SHA256 1
-#if MDK_CONF_SHA256 == 0
-#define NO_SHA256
-#endif
-//  </e>
-//      <e>SHA-384
-#define MDK_CONF_SHA384 1
-#if MDK_CONF_SHA384 == 1
-#define WOLFSSL_SHA384
-#endif
-//  </e>
-//      <e>SHA-512
-#define MDK_CONF_SHA512     1
-#if MDK_CONF_SHA512     == 1
-#define WOLFSSL_SHA512
-#endif
-//  </e>
-//      <e>Hash DRBG
-#define MDK_CONF_HASHDRBG 1
-#if MDK_CONF_HASHDRBG == 1
-#define HAVE_HASHDRBG
-#endif
-//  </e>
-//      <e>RIPEMD
-#define MDK_CONF_RIPEMD 1
-#if MDK_CONF_RIPEMD == 1
-#define WOLFSSL_RIPEMD
-#endif
-//  </e>
-//      <e>BLAKE2
-#define MDK_CONF_BLAKE2 0
-#if MDK_CONF_BLAKE2 == 1
-#define HAVE_BLAKE2
-#endif
-//  </e>
-//      <e>HMAC
-#define MDK_CONF_HMAC 1
-#if MDK_CONF_HMAC == 0
-#define NO_HMAC
-#endif
-//  </e>
-//      <e>HMAC KDF
-#define MDK_CONF_HKDF 1
-#if MDK_CONF_HKDF == 1
-#define HAVE_HKDF
-#endif
-//  </e>
-
-//      <e>AES CCM
-#define MDK_CONF_AESCCM 1
-#if MDK_CONF_AESCCM == 1
-#define HAVE_AESCCM
-#endif
-//  </e>
-//      <e>AES GCM
-#define MDK_CONF_AESGCM 1
-#if MDK_CONF_AESGCM == 1
-#define HAVE_AESGCM
-#endif
-//  </e>
-
-//      <e>RC4
-#define MDK_CONF_RC4 0
-#if MDK_CONF_RC4 == 0
-#define NO_RC4
-#endif
-//  </e>
-
-//      <e>CHACHA
-#define MDK_CONF_CHACHA 1
-#if MDK_CONF_CHACHA == 1
-#define HAVE_CHACHA
-#endif
-//  </e>
-
-//      <e>POLY1305
-#define MDK_CONF_POLY1305 1
-#if MDK_CONF_POLY1305 == 1
-#define HAVE_POLY1305
-#define HAVE_ONE_TIME_AUTH
-#endif
-//  </e>
-
-//      <e>DES3
-#define MDK_CONF_DES3 1
-#if MDK_CONF_DES3 == 0
-#define NO_DES3
-#endif
-//  </e>
-
-//      <e>AES
-#define MDK_CONF_AES 1
-#if MDK_CONF_AES == 0
-#define NO_AES
-#endif
-//  </e>
-
-//      <e>CAMELLIA
-#define MDK_CONF_CAMELLIA 1
-#if MDK_CONF_CAMELLIA == 1
-#define HAVE_CAMELLIA
-#endif
-//  </e>
-
-//      <e>DH
-#define MDK_CONF_DH 1
-#if MDK_CONF_DH == 0
-#define NO_DH
-#endif
-//  </e>
-//      <e>DSA
-#define MDK_CONF_DSA 1
-#if MDK_CONF_DSA == 0
-#define NO_DSA
-#endif
-//  </e>
-
-//      <e>SRP
-#define MDK_CONF_SRP 1
-#if MDK_CONF_SRP == 1
-#define HAVE_SRP
-#endif
-//  </e>
-
-//      <e>PWDBASED
-#define MDK_CONF_PWDBASED 1
-#if MDK_CONF_PWDBASED == 0
-#define NO_PWDBASED
-#endif
-//  </e>
-
-//      <e>ECC
-#define MDK_CONF_ECC 1
-#if MDK_CONF_ECC == 1
-#define HAVE_ECC
-#endif
-//  </e>
-
-//      <e>CURVE25519
-#define MDK_CONF_CURVE25519 1
-#if MDK_CONF_CURVE25519 == 1
-#define HAVE_CURVE25519
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>CURVE25519 SMALL
-#define MDK_CONF_CURVE25519_SMALL 0
-#if MDK_CONF_CURVE25519_SMALL == 1
-#define CURVED25519_SMALL
-#endif
-//  </e>
-//      <e>ED25519
-#define MDK_CONF_ED25519 1
-#if MDK_CONF_ED25519 == 1
-#define HAVE_ED25519
-#endif
-//  </e>
-//      <e>ED25519 SMALL
-#define MDK_CONF_ED25519_SMALL 0
-#if MDK_CONF_ED25519_SMALL == 1
-#define ED25519_SMALL
-#endif
-//  </e>
-//      <e>PKCS7
-#define MDK_CONF_PKCS7 0
-#if MDK_CONF_PKCS7 == 1
-#define HAVE_PKCS7
-#endif
-//  </e>
-//  </h>
-
-//      <e>Random Seed, for TEST Only
-#define MDK_CONF_RNDSEED 1
-#if MDK_CONF_RNDSEED == 1
-#define WOLFSSL_GENSEED_FORTEST
-#endif
-//  </e>
-
-//  <h>Hardware Crypt (See document for usage)
-//      <e>Hardware RNG
-#define MDK_CONF_STM32F2_RNG 0
-#if MDK_CONF_STM32F2_RNG == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_RNG
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Crypt
-#define MDK_CONF_STM32F2_CRYPTO 0
-#if MDK_CONF_STM32F2_CRYPTO == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_CRYPTO
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-//      <e>Hardware Hash
-#define MDK_CONF_STM32F2_HASH 0
-#if MDK_CONF_STM32F2_HASH == 1
-#define WOLFSSL_STM32_CUBEMX
-#define STM32_HASH
-#define WC_ASYNC_DEV_SIZE 320+24
-#define STM32_HAL_TIMEOUT 0xFF
-
-#if defined(STM32F2xx)
-#define WOLFSSL_STM32F2
-#elif defined(STM32F4xx)
-#define WOLFSSL_STM32F4
-#elif defined(STM32F7xx)
-#define WOLFSSL_STM32F7
-#endif
-
-#endif
-//  </e>
-// </h>
-
-//  <h>Cert/Key Strage
-//        <o>Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes)
-#define MDK_CONF_CERT_BUFF 0
-#if MDK_CONF_CERT_BUFF== 1
-#define USE_CERT_BUFFERS_1024
-#elif MDK_CONF_CERT_BUFF == 2
-#define USE_CERT_BUFFERS_2048
-#endif
-//</h>
-//  <h>Cert/Key Generation
-//      <e>CertGen
-#define MDK_CONF_CERT_GEN 0
-#if MDK_CONF_CERT_GEN == 1
-#define WOLFSSL_CERT_GEN
-#endif
-//  </e>
-//      <e>KeyGen
-#define MDK_CONF_KEY_GEN 0
-#if MDK_CONF_KEY_GEN == 1
-#define WOLFSSL_KEY_GEN
-#endif
-//  </e>
-// </h>
-//      <e>Use Fast Math
-#define MDK_CONF_FASTMATH 1
-#if MDK_CONF_FASTMATH == 1
-#define USE_FAST_MATH
-#define TFM_TIMING_RESISTANT
-#endif
-//  </e>
-//      <e>Small Stack
-#define MDK_CONF_SmallStack 1
-#if MDK_CONF_SmallStack == 0
-#define NO_WOLFSSL_SMALL_STACK
-#endif
-//  </e>
-
-//  </h>
-
-
-/**** wolfSSL Configuration ****/
-
-// <h> wolfSSL Configuration
-
-//      <e>TLS 1.3
-#define MDK_CONF_TLS 1
-#if MDK_CONF_TLS == 1
-#define WOLFSSL_TLS13
-#define HAVE_TLS_EXTENSIONS
-#define HAVE_SUPPORTED_CURVES
-#define WC_RSA_PSS
-#define HAVE_HKDF
-#define HAVE_FFDHE_2048
-#endif
-//  </e>
-
-//      <e>Include Old TLS
-#define MDK_CONF_NO_OLDTLS 0
-#if MDK_CONF_NO_OLDTLS == 0
-#define NO_OLD_TLS
-#endif
-//  </e>
-//      <e>CRL
-#define MDK_CONF_CRL 0
-#if MDK_CONF_CRL == 1
-#define HAVE_CRL
-#define WOLFSSL_DER_LOAD
-#endif
-//  </e>
-//      <e>OCSP
-#define MDK_CONF_OCSP 0
-#if MDK_CONF_OCSP == 1
-#define HAVE_OCSP
-#endif
-//  </e>
-//      <e>OpenSSL Extra
-#define MDK_CONF_OPENSSL_EXTRA 0
-#if MDK_CONF_OPENSSL_EXTRA == 1
-#define OPENSSL_EXTRA
-#endif
-//  </e>
-
-//</h>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
index 1f0fdd69..d11940ef 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvoptx
@@ -226,7 +226,7 @@
       <tvExp>0</tvExp>
       <tvExpOptDlg>0</tvExpOptDlg>
       <bDave2>0</bDave2>
-      <PathWithFileName>.\RTE\wolfSSL\user_settings.h</PathWithFileName>
+      <PathWithFileName>..\..\Conf\user_settings.h</PathWithFileName>
       <FilenameWithoutPath>user_settings.h</FilenameWithoutPath>
       <RteFlg>0</RteFlg>
       <bShared>0</bShared>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
index 0d046e50..34f3cba6 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Projects/wolfSSL-Lib/wolfSSL-Lib.uvprojx
@@ -383,7 +383,7 @@
             <File>
               <FileName>user_settings.h</FileName>
               <FileType>5</FileType>
-              <FilePath>.\RTE\wolfSSL\user_settings.h</FilePath>
+              <FilePath>..\..\Conf\user_settings.h</FilePath>
             </File>
           </Files>
         </Group>
@@ -832,7 +832,7 @@
         <targetInfos/>
       </file>
       <file attr="config" category="header" name="wolfssl\IDE\MDK5-ARM\Conf\user_settings.h" version="3.9.0">
-        <instance index="0">RTE\wolfSSL\user_settings.h</instance>
+        <instance index="0">..\..\Conf\user_settings.h</instance>
         <component Cbundle="wolfSSL" Cclass="wolfSSL" Cgroup="wolfSSL" Csub="Core" Cvendor="wolfSSL" Cversion="3.15.7" condition="wolfCrypt-Core"/>
         <package license="wolfssl\IDE\MDK5-ARM\Docs\wolfSSL-License.txt" name="wolfSSL" schemaVersion="1.4" url="http://www.wolfSSL.com/files/ide" vendor="wolfSSL" version="3.15.7"/>
         <targetInfos>
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md
new file mode 100644
index 00000000..f78365f7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/README.md
@@ -0,0 +1,60 @@
+# ARM Keil MDK 5 wolfSSL Support
+
+wolfSSL has a Keil CMSIS pack available that is updated for each release.
+
+This CMSIS pack contains the wolfCrypt and wolfSSL (TLS) libraries including test, benchmark and example applications.
+
+## To install the wolfSSL pack
+
+1) Open the Keil "Pack Installer"
+2) Under Generic locate "wolfSSL::wolfSSL"
+3) Click "Install"
+
+## To add the pack to your project
+
+1) Project -> Manage -> "Runtime Environment"
+2) Expand "wolfSSL" and check the boxes for wolfCrypt CORE and wolfSSL CORE.
+3) If running the wolfCrypt test or any of the TLS examples check those as well.
+
+Note: By default the pack's user_settings.h assumes the CMSIS RTOS v2 and Keil TCP packs are also installed. See below for how to change these settings (`MDK_CONF_THREAD` and `MDK_CONF_NETWORK`).
+
+If the wolfSSL::wolfSSL pack isn't showing:
+1) Project -> Manage -> "Select Software Packs"
+2) Make sure wolfSSL:wolfSSL is selected to "latest"
+3) Hit "OK"
+
+## To configure wolfSSL
+
+1) Add a pre-processor macro `WOLFSSL_USER_SETTINGS`
+  - Project -> Options for Target... -> C/C++ -> Preprocessor Symbols -> Define.
+  - Add `WOLFSSL_USER_SETTINGS`
+2) Open the `user_settings.h` file. In wolfSSL -> user_settings.h
+3) Configure math library (`MDK_CONF_MATH`). Default 0=SP Math all (sp_int.c)
+4) Configure MPU (`MDK_CONF_MPU`): If not STM32, use 0 for none.
+5) Configure the RTOS (`MDK_CONF_THREAD`): By default 15 = "CMSIS RTOSv2". For bare-metal use 0. For FreeRTOS use 1.
+6) Configure the TCP stack (`MDK_CONF_NETWORK`). By default uses Keil TCP `WOLFSSL_KEIL_TCP_NET`. Use 0 for none or 2 for user io callbacks.
+6) For wolfCrypt only (no TLS) add `#define WOLFCRYPT_ONLY` (resolves GetCA errors)
+7) Increase stack/heap (if needed). This is typically in the startup.s, but for RTX is in the `RTX_Config.h`. For CMSIS RTOSv2 stack is set in `osThreadAttr_t` on call to `osThreadNew`.
+
+## Building
+
+If getting an error for an unknown type `inline`, change your project C standard to c99 in the C/C++ options. Alternatively,
+add `#define WC_INLINE __inline` to `user_settings.h` to stick to c89 or the default c90.
+
+If getting error for missing GetCA or GetCAByName then include `Src/ssl-dummy.c` or define `WOLFCRYPT_ONLY`.
+
+If getting an error with missing `current_time` then please implement a function to return elapsed seconds (used by benchmark) like this:
+
+```c
+extern uint32_t os_time;
+double current_time(int reset)
+{
+      if (reset) os_time = 0 ;
+      return (double)os_time /1000.0;
+}
+```
+
+
+## For Support
+
+For question email support@wolfssl.com
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
index fdd71c96..7cfd82ec 100644
--- a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/Src/ssl-dummy.c
@@ -29,11 +29,11 @@
 
 Signer* GetCA(void* vp, byte* hash)
 {
-    return NULL  ;
+    return NULL;
 }
 
 Signer* GetCAByName(void* vp, byte* hash)
 {
-    return NULL ;
+    return NULL;
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am
new file mode 100644
index 00000000..ffd0d42e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/MDK5-ARM/include.am
@@ -0,0 +1,9 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/MDK5-ARM/README.md
+EXTRA_DIST+= IDE/MDK5-ARM/Conf/user_settings.h
+EXTRA_DIST+= IDE/MDK5-ARM/Inc/wolfssl_MDK_ARM.h
+EXTRA_DIST+= IDE/MDK5-ARM/Projects
+EXTRA_DIST+= IDE/MDK5-ARM/Src/ssl-dummy.c
diff --git a/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt b/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
index 40066d91..902050c2 100644
--- a/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/IDE/MSVS-2019-AZSPHERE/wolfssl_new_azsphere/CMakeLists.txt
@@ -37,6 +37,10 @@ list( REMOVE_ITEM SSL_SOURCES ../../../src/conf.c )
 list( REMOVE_ITEM SSL_SOURCES ../../../src/x509.c )
 list( REMOVE_ITEM SSL_SOURCES ../../../src/x509_str.c )
 list( REMOVE_ITEM SSL_SOURCES ../../../src/pk.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_asn1.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_bn.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_certman.c )
+list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_crypto.c )
 list( REMOVE_ITEM SSL_SOURCES ../../../src/ssl_misc.c )
 aux_source_directory( ${CRYPTO_SRC_DIR} CRYPTO_SOURCES )
 list( REMOVE_ITEM CRYPTO_SOURCES ../../../wolfcrypt/src/evp.c )
diff --git a/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h b/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
index 8c6ac773..ceb70ec6 100644
--- a/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/NETOS/user_settings.h
@@ -198,7 +198,7 @@ extern "C" {
         #else
             #undef ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/QNX/README.md b/extra/wolfssl/wolfssl/IDE/QNX/README.md
index 4ff5c13c..fb79abf6 100644
--- a/extra/wolfssl/wolfssl/IDE/QNX/README.md
+++ b/extra/wolfssl/wolfssl/IDE/QNX/README.md
@@ -17,7 +17,7 @@ source ~/qnx700/qnxsdp-env.sh
 make
 ```
 
-Once the wolfSSL library has been built cd to IDE/QNX/CAAM-DRIVER and run "make". This will produce the wolfCrypt resource manager. It should be started on the device with root permisions. Once wolfCrypt is running on the device with root permisions then any user with access to open a connection to /dev/wolfCrypt can make use of the driver.  
+Once the wolfSSL library has been built cd to IDE/QNX/CAAM-DRIVER and run "make". This will produce the wolfCrypt resource manager. It should be started on the device with root permissions. Once wolfCrypt is running on the device with root permissions then any user with access to open a connection to /dev/wolfCrypt can make use of the driver.  
 
 ### Momentics
 To build in momentics IDE:
diff --git a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
index 26381848..2e1d7707 100644
--- a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
+++ b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/arm_startup.c
@@ -51,7 +51,7 @@ void memcpy32(uint32_t* src, uint32_t* dst_beg, uint32_t* dst_end)
 void meminit32(uint32_t* start, uint32_t* end)
 {
     while (start < end) {
-	    *start++ = 0;
+        *start++ = 0;
     }
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
index c26107b5..93157db5 100644
--- a/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/ROWLEY-CROSSWORKS-ARM/user_settings.h
@@ -53,7 +53,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     #define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* SP Assembly Speedups */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt b/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
index 492d2c7f..6e2a3bcc 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/cs+/Projects/t4_demo/README_en.txt
@@ -12,7 +12,7 @@ Setup process:
   - Unzip wolfssl under the same directory
  
 2. Set up wolfSSL
-  - open wolfssl\IDE\Renesas\cs+\Projec/wolfssl\lib.mtpj with CS+ and build
+  - open wolfssl\IDE\Renesas\cs+\Projects\wolfssl\lib.mtpj with CS+ and build
   - open t4_demo.mtpj and build. This create demo program library.
 
 3. Set up AlphaProject
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
index 2d685816..622457d4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/README.md
@@ -18,7 +18,7 @@
 - Generate the changes by clicking on "Generate Project Content"
 - Exclude src/wolfcrypt/port and all src/wolfcrypt/*.S and src/wolfcrypt/*.asm files from the build
 - Exclude src/wolfcrypt/evp.c, src/wolfcrypt/misc.c and src/wolfssl/bio.c
-- Set the Preprocessor define in wolfssl proejct to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols"
+- Set the Preprocessor define in wolfssl project to have WOLFSSL_USER_SETTINGS. Right click on wolfssl project "Properties -> C/C++ Build -> GNU ARM Cross C Compiler -> Preprocessor" add WOLFSSL_USER_SETTINGS under "Defined symbols"
 - Set include to wolfssl directory. Right click on project "Properties -> C/C++Build -> GNU ARM Cross Compiler -> Includes". Add "${ProjDirPath}/../../../../.." and "${ProjDirPath}/../"
 - Build wolfssl by right clicking on wolfssl project and selecting "Build Project"
 
@@ -29,7 +29,7 @@
 - Copy in the .cproject, .project and source file from the template desired i.e. wolfssl-X.X.X/IDE/Renesas/e2studio/DK-S7G2/wolfcrypttest-template/
 - Right click on the created project and select "Build Project"
 
-The example_server loops looking to accept connections and closes immediatly after a successful connection was made.
+The example_server loops looking to accept connections and closes immediately after a successful connection was made.
 
 The benchmark example tries to do a TCP connection to SERVER_IP on port 11112 and a TLS connection to SERVER_IP on port 11111 then does wolfCrypt benchmark collection.
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
index e0ba1bfd..b65ecacc 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/DK-S7G2/benchmark-template/src/app_entry.c
@@ -41,10 +41,10 @@ extern void initialise_monitor_handles(void);
 #define TLS_PORT 11111
 #define TCP_PORT 11112
 
-static double miliseconds = 0;
+static double milliseconds = 0;
 void  timer_callback(timer_callback_args_t * args)
 {
-    miliseconds++;
+    milliseconds++;
     (void)args;
 }
 
@@ -127,7 +127,7 @@ static void benchmark_TLS(int version, char* suites, int group)
 
     printf("Trying to connect to 0x%lX on port %d\n", TEST_IP, TEST_PORT);
 
-    miliseconds = 0;
+    milliseconds = 0;
     g_timer0.p_api->open(g_timer0.p_ctrl, g_timer0.p_cfg);
     g_timer0.p_api->start(g_timer0.p_ctrl);
 
@@ -195,7 +195,7 @@ static void benchmark_TLS(int version, char* suites, int group)
     g_timer0.p_api->close(g_timer0.p_ctrl);
 
     printf("%d TLS connections took %f seconds and %f tx_time ticks\n",
-            CONNECTION_TIMES, (miliseconds / 10), start);
+            CONNECTION_TIMES, (milliseconds / 10), start);
     wolfSSL_CTX_free(ctx);
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
index f8b0e219..3c1f3003 100755
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/Projects/tools/rsa_pss_sign.sh
@@ -29,6 +29,6 @@ openssl dgst -sha256 -sign $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -out $3.sign $3
 echo verify by private key
 openssl dgst -sha256 -prverify $1 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature $3.sign $3
 
-echo verifiy by public key
+echo verify by public key
 openssl dgst -sha256 -verify $2 -sigopt $SIGOPT -sigopt $SIGOPT2 -signature $3.sign $3
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
index de391e29..a1cc8b9e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README.md
@@ -122,7 +122,7 @@ The following steps explain how to generate the missing files and where to place
 + Build wolfSSL_RA6M3.
 
 5.) Copy files from `dummy_app` into each executable projects\
-+ Select and Copy the followng folder inside dummy_app\
++ Select and Copy the following folder inside dummy_app\
 
   `script/`
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
index 2f425aa0..0a68c656 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M3/README_APRA6M_en.md
@@ -106,7 +106,7 @@ The following steps explain how to generate the missing files and where to place
 6.) Copy files from `dummy_app` into `./IDE/Renesas/e2studio/RA6M3/common/ra6m3g/`
     **NOTE:** This may need to be done outside of the e2studio environment (e.g. File Explorer).
 
-+ Select and Copy the followng folder inside dummy_app
++ Select and Copy the following folder inside dummy_app
 
     `src/`  
     `script/`
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
index 629d72cf..4ce63ab3 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/README.md
@@ -102,7 +102,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
 + Enter `dummy_application` as the project name. Click Next.
 + Under `RA library project`, select `wolfSSL_RA6M4`.
 + Click Finish.
-+ Copy the followng folder and file at `dummy_application` to `test_RA6M4`\
++ Copy the following folder and file at `dummy_application` to `test_RA6M4`\
   script/\
   src/sce_tst_thread_entry.c
   
@@ -136,7 +136,7 @@ The wolfssl Project Summary is listed below and is relevant for every project.
     you can specify "RTT control block" to 0x20020000 0x10000 by Search Range
   
 ## Run Client
-1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 projet
+1.) Enable TLS_CLIENT definition in wolfssl_demo.h of test_RA6M4 project
 
 2.) Client IP address and Server IP address
 
@@ -233,7 +233,7 @@ You will see the following message on J-LinK RTT Viewer when using ECDSA sign an
 
 
 ### Run Multi Client Session example
-1.) Enable TLS_CLIENT and TLS_MULTITHREAD_TEST definition in wolfssl_demo.h of test_RA6M4 projet
+1.) Enable TLS_CLIENT and TLS_MULTITHREAD_TEST definition in wolfssl_demo.h of test_RA6M4 project
 
 2.) Follow [Run Client](#run-client) instruction 
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
index 38345055..4263164e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/user_settings.h
@@ -18,6 +18,32 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    /* FSP SM stands for Flexible Software Package Security Module
+    *  WOLFSSL_RENESAS_FSPSM enables fundamental code when it uses.
+    *    e.g. Open/Close/Random generator
+    *  WOLFSSL_RENESAS_FSPSPM_TLS enables TLS related code for FSP SM
+    *    e.g. Certificate verification, Master Secret Generation
+    *  WOLFSSL_RENESAS_SCEPROTECT enables specific code for SCE if needed
+    */
+    #define WOLFSSL_RENESAS_FSPSM
+    #define WOLFSSL_RENESAS_FSPSM_TLS
+#endif
+
+    /* XXX_CRYPTONLY definition enables FSP SM module for Crypto only use.
+    *  Therefore, it disables TLS related API use
+    */
+/* #define WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    #undef  WOLFSSL_RENESAS_FSPSM_TLS
+    #define WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+
+    #if !defined(WOLFSSL_RENESAS_SCEPROTECT)
+        #define WOLFSSL_RENESAS_SCEPROTECT
+    #endif
+#endif
+
 /* Operating Environment and Threading */
 #define FREERTOS
 #define FREERTOS_TCP
@@ -25,6 +51,7 @@
 #define NO_MAIN_DRIVER
 #define BENCH_EMBEDDED
 #define NO_WRITEV
+#define WOLFSSL_NO_FLOAT_FMT
 
 #define NO_DEV_RANDOM
 #define SIZEOF_LONG_LONG 8
@@ -61,6 +88,9 @@
     #define printf myprintf
 #endif
 
+/* Enable the following definition to use TLS 1.3
+ * For TLS1.3 use "extended-master" needs to turn on
+ */
 /* #define WOLFSSL_TLS13 */
 
 #if defined(WOLFSSL_TLS13)
@@ -73,12 +103,16 @@
 #endif
 
 #define WOLF_CRYPTO_CB
-/* Enable SCEKEY_INSTALLED if keys are installed */
-#define SCEKEY_INSTALLED
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
+#if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
     #define HAVE_RENESAS_SYNC
+    #define WC_USE_DEVID 7890
+    #define NO_AES_192
+    #define NO_SW_BENCH
 #endif
 
 #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
     #define WOLFSSL_KEY_GEN
 #endif
+
+#define CUSTOM_RAND_GENERATE_BLOCK wc_fspsm_GenerateRandBlock
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
index beff9bf1..dd56fc1e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/common/wolfssl_demo.h
@@ -36,7 +36,7 @@
 #define DIRECT_KEY_ADDRESS_128      FLASH_HP_DF_BLOCK_2
 
 /* Client connects to the server with these details. */
-#define SERVER_IP    "192.168.11.49"
+#define SERVER_IP    "192.168.11.4"
 #define DEFAULT_PORT 11111
 
 /* Enable wolfcrypt test */
@@ -45,7 +45,7 @@
 
 /* Enable benchmark               */
 /* can be enabled with cyrpt test */
-/*#define BENCHMARK*/
+/* #define BENCHMARK */
 
 /* Enable TLS client     */
 /* cannot enable with CRYPT_TEST or BENCHMARK */
@@ -82,7 +82,7 @@ typedef struct tagTestInfo
 void sce_test();
 void TCPInit();
 void wolfSSL_TLS_client_init();
-void wolfSSL_TLS_client_do(void *pvParam);
+int wolfSSL_TLS_client_do(void *pvParam);
 void wolfSSL_TLS_cleanup();
 extern WOLFSSL_CTX *client_ctx;
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
index 7d3b1437..61375953 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/.cproject
@@ -40,7 +40,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.178955027" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" useByScannerDiscovery="true" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1177346912" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" useByScannerDiscovery="false" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1658562819" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
-							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2007288726" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2007288726" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1355173081" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" useByScannerDiscovery="false" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1436314985" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" useByScannerDiscovery="false" value="arm-none-eabi-" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1433936598" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" useByScannerDiscovery="false" value="gcc" valueType="string"/>
@@ -54,7 +54,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.471325724" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1503256330" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
 							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.811017489" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
-							<builder buildPath="${workspace_loc:/test_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.608777168" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<builder buildPath="${workspace_loc:/test_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.608777168" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
 							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.2061639686" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
 								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1479290947" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" useByScannerDiscovery="false" value="true" valueType="boolean"/>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.732220121" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" useByScannerDiscovery="true" valueType="includePath">
@@ -94,7 +94,7 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/inc/api}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/inc/instances}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/rm_freertos_port}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/arm/CMSIS_5/CMSIS/Core/Include}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra_gen}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra_cfg/fsp_cfg/bsp}&quot;"/>
@@ -103,8 +103,8 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/inc/api}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/inc/instances}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/wolfSSL_RA6M4/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1484044149" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
@@ -203,7 +203,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1063751013" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" useByScannerDiscovery="true" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.1910016626" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.801840864" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
-							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2047222938" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.2047222938" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.2111760464" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.245261797" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1373152617" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
@@ -217,7 +217,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.1442836615" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1821706502" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
 							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1380043931" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
-							<builder buildPath="${workspace_loc:/test_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.874881970" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<builder buildPath="${workspace_loc:/test_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.874881970" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
 							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.655483094" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
 								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.513875977" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.671461231" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -331,4 +331,5 @@
 	</storageModule>
 	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
 	<storageModule moduleId="refreshScope"/>
+	<storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
 </cproject>
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
index 78d660a7..3ac56441 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data.h
@@ -3,10 +3,10 @@
 
 #include "r_sce.h"
 
-/** Firmware update data and user key datas */
+/** Firmware update data and user key data */
 typedef struct user_key_block_data
 {
-    /* Provisioning key wapped by Renesas DLM */
+    /* Provisioning key wrapped by Renesas DLM */
     uint8_t encrypted_provisioning_key[HW_SCE_AES_CBC_IV_BYTE_SIZE * 2];
     /* Initial vector to be used when creating encrypted key */
     uint8_t iv[HW_SCE_AES_CBC_IV_BYTE_SIZE];
@@ -17,4 +17,4 @@ typedef struct user_key_block_data
  extern const unsigned char     ca_cert_der_sign[];
  extern const unsigned char     ca_ecc_cert_der_sign[];
 
-#endif /* __KEY_DATA_H__ */
\ No newline at end of file
+#endif /* __KEY_DATA_H__ */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
index 45e9de19..41fb29c0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/key_data/key_data_sce.c
@@ -72,32 +72,32 @@ const st_user_key_block_data_t g_key_block_data =
  * This is used for Root Certificate verify by SCE */
 const unsigned char ca_cert_der_sign[] =
 {
-        0x19, 0xB4, 0xD1, 0x53, 0xBB, 0x87, 0x0B, 0xD8, 0xD8, 0xFC,
-        0x22, 0x21, 0xA6, 0xC1, 0xE5, 0xB2, 0x7A, 0xEF, 0xAF, 0x89,
-        0x8B, 0x92, 0xC9, 0x4E, 0x59, 0xF0, 0x0B, 0xAB, 0x24, 0x84,
-        0x60, 0x2D, 0x81, 0x42, 0x4A, 0x05, 0x2F, 0x2D, 0xAB, 0x20,
-        0x3F, 0x8D, 0xCA, 0x9F, 0x37, 0x4B, 0xDF, 0xE3, 0x2A, 0xA3,
-        0x3F, 0x4E, 0x09, 0x20, 0x08, 0xD4, 0x46, 0xD9, 0xF0, 0xD8,
-        0xA7, 0x43, 0x60, 0xE2, 0x1D, 0xF7, 0x25, 0x64, 0x38, 0xD2,
-        0xB1, 0x4E, 0x1F, 0x84, 0xFC, 0xC5, 0x55, 0x2C, 0x1A, 0xA2,
-        0xCE, 0x99, 0xD0, 0x21, 0x93, 0xA5, 0xDB, 0x6F, 0x14, 0x2C,
-        0xDF, 0x9A, 0x01, 0x6A, 0x9A, 0xCC, 0xB0, 0x08, 0xD8, 0xCF,
-        0xA8, 0x94, 0x41, 0x23, 0xBB, 0xC2, 0xA3, 0x8B, 0x77, 0x35,
-        0x27, 0x0D, 0x94, 0x16, 0xF3, 0xCA, 0x16, 0xA2, 0x4C, 0x2F,
-        0xB0, 0x8D, 0xE6, 0x38, 0xCC, 0x9C, 0x34, 0xE8, 0xDC, 0xDC,
-        0x1C, 0x5C, 0x88, 0x52, 0x97, 0x47, 0xC6, 0xB6, 0x66, 0xCF,
-        0xCE, 0xBF, 0xF0, 0x24, 0x19, 0x0F, 0x07, 0xA5, 0xC4, 0xC6,
-        0x37, 0x0D, 0x2A, 0x11, 0x6A, 0x66, 0x64, 0x62, 0x0E, 0xE6,
-        0xCB, 0xAF, 0xFB, 0x2E, 0x8E, 0x37, 0x1E, 0x6D, 0xD1, 0xAD,
-        0xE4, 0x16, 0x06, 0xFB, 0x43, 0x2E, 0x4D, 0x64, 0x18, 0xB2,
-        0x4C, 0xE7, 0xD3, 0xE9, 0x9B, 0x95, 0x13, 0x7D, 0x7D, 0x93,
-        0xC2, 0x34, 0x43, 0x0C, 0xFF, 0x58, 0xD3, 0xA7, 0x21, 0x8E,
-        0x2B, 0xB3, 0x36, 0x90, 0xF1, 0x1E, 0x0E, 0x87, 0x41, 0x48,
-        0xC9, 0x69, 0x57, 0x89, 0xD0, 0xF7, 0x86, 0x47, 0x8F, 0xF5,
-        0xA8, 0x13, 0x24, 0x0A, 0x7E, 0xE3, 0xBB, 0x9F, 0xF1, 0xDF,
-        0x30, 0xE7, 0x88, 0x70, 0x8A, 0x46, 0xD9, 0x1A, 0x50, 0x42,
-        0x4F, 0xCF, 0xC3, 0xCB, 0xCF, 0xE4, 0xA7, 0xA3, 0x74, 0x0A,
-        0xDE, 0x14, 0xAF, 0xA5, 0x7F, 0xE2
+        0x70, 0x4D, 0x6C, 0xCC, 0xAD, 0xD0, 0x74, 0x34, 0x10, 0xB3,
+        0x1F, 0x26, 0x49, 0x31, 0xD0, 0xD5, 0x0B, 0x4F, 0x50, 0xD4,
+        0x21, 0x7D, 0x3D, 0xE6, 0x9D, 0x5A, 0xF1, 0xE4, 0x48, 0xBD,
+        0x6D, 0xB3, 0x58, 0xB4, 0x07, 0xF1, 0x06, 0xA7, 0x3D, 0xB7,
+        0x24, 0x60, 0xBD, 0x72, 0xB2, 0x7B, 0xA8, 0x4F, 0xFC, 0x47,
+        0x64, 0xF0, 0x04, 0xBE, 0xC7, 0xAE, 0xB6, 0x6F, 0xA5, 0xD6,
+        0x65, 0xE9, 0xB5, 0x3D, 0x8A, 0xC8, 0x27, 0x9A, 0x3B, 0x4C,
+        0x98, 0xB0, 0x5F, 0x1E, 0x54, 0xA5, 0xEF, 0xBC, 0x61, 0xA7,
+        0x3F, 0xB7, 0x5D, 0x36, 0x5A, 0x27, 0x1C, 0x5A, 0xAF, 0x65,
+        0x7A, 0x89, 0x4F, 0x00, 0xB1, 0x75, 0xA7, 0xA9, 0x5C, 0xE8,
+        0xC8, 0x0E, 0x5C, 0x83, 0x12, 0x47, 0x11, 0xD1, 0xBD, 0xF4,
+        0x10, 0x7D, 0x7B, 0xD6, 0x05, 0xF7, 0xBE, 0xD2, 0x70, 0x05,
+        0x56, 0xD6, 0x84, 0x70, 0x11, 0x3D, 0x67, 0x93, 0x2E, 0xB0,
+        0x93, 0xBA, 0x34, 0xD0, 0xDE, 0xB8, 0x16, 0x7B, 0x0D, 0x67,
+        0x16, 0x92, 0x91, 0x79, 0xAC, 0x3C, 0xC9, 0x4D, 0x8A, 0xEE,
+        0x31, 0xCC, 0xFC, 0xF7, 0x78, 0xB3, 0x1B, 0x0F, 0x54, 0xCE,
+        0xF4, 0xBB, 0xE7, 0xF4, 0xAC, 0x80, 0xEF, 0xDD, 0xFF, 0x84,
+        0x7A, 0x37, 0xED, 0xC4, 0x45, 0x3D, 0x7C, 0x19, 0x81, 0x95,
+        0x2E, 0x71, 0xE7, 0x1B, 0x1C, 0x75, 0x67, 0xBC, 0x62, 0x0F,
+        0xAA, 0x90, 0x41, 0x01, 0x53, 0xD0, 0x3A, 0x6E, 0xE9, 0xC9,
+        0xAA, 0x2F, 0xD1, 0xD8, 0xB3, 0x3B, 0x80, 0xCA, 0xE5, 0xA1,
+        0x1B, 0x7F, 0xCF, 0xF5, 0xBF, 0x2C, 0x2B, 0xBE, 0x1F, 0x77,
+        0x89, 0x21, 0xD7, 0x76, 0x51, 0xA8, 0xD0, 0x31, 0xE1, 0x97,
+        0xD1, 0x63, 0x84, 0xA2, 0xAA, 0x6E, 0x9A, 0x33, 0x43, 0x65,
+        0x2A, 0x6B, 0x40, 0x03, 0x84, 0x6F, 0xC7, 0xB3, 0xE5, 0xD8,
+        0x64, 0x30, 0x12, 0x2A, 0x45, 0x1D
 };
 
 const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
@@ -108,32 +108,32 @@ const int sizeof_ca_cert_der_sign = sizeof(ca_cert_der_sign);
  */
 const unsigned char ca_ecc_cert_der_sign[] =
 {
-        0x66, 0x96, 0xB4, 0x9F, 0x0B, 0x56, 0x60, 0x1F, 0x01, 0x7A,
-        0xDE, 0x65, 0xD6, 0x8C, 0x2A, 0xE2, 0x20, 0xA0, 0xE8, 0x19,
-        0x99, 0x70, 0x8B, 0x17, 0x1B, 0xDA, 0x8C, 0x3A, 0x87, 0x07,
-        0xE7, 0xF9, 0x1B, 0x7C, 0xC1, 0x32, 0x55, 0x38, 0x15, 0x9C,
-        0x7B, 0x89, 0xDA, 0x9D, 0x57, 0x80, 0x50, 0xCF, 0xA6, 0x4C,
-        0x51, 0x71, 0xBA, 0x52, 0xFA, 0x58, 0x4C, 0xE7, 0x33, 0x08,
-        0xB9, 0xE7, 0x5F, 0x7E, 0x8A, 0x1D, 0xCC, 0xA8, 0x4A, 0xA9,
-        0xAF, 0xE5, 0xA1, 0x87, 0x59, 0xD0, 0xF7, 0x23, 0xAE, 0xC5,
-        0x42, 0x99, 0xFA, 0x4A, 0xAB, 0xFA, 0x08, 0xF9, 0x7C, 0x8D,
-        0xD3, 0xB1, 0xF7, 0xD8, 0x01, 0x3C, 0x06, 0xD5, 0x2C, 0xBF,
-        0x18, 0xF1, 0x45, 0x47, 0x5D, 0xA4, 0x7F, 0x90, 0x4E, 0x0C,
-        0x86, 0x41, 0x5F, 0x26, 0x25, 0x8B, 0x8A, 0xD8, 0x3F, 0x4B,
-        0xAF, 0xD5, 0xBE, 0xD9, 0xC6, 0x46, 0x2A, 0x2B, 0xC3, 0x10,
-        0x93, 0xCB, 0x1E, 0xFB, 0x3D, 0x8A, 0x39, 0xB6, 0x03, 0x9D,
-        0xC2, 0x16, 0xA1, 0xB5, 0x9C, 0x0D, 0x05, 0x5E, 0x1B, 0x30,
-        0x9F, 0x53, 0xEE, 0xF2, 0x27, 0xE1, 0xE3, 0x2F, 0xD9, 0xEB,
-        0xF2, 0xFE, 0xD3, 0x6C, 0x71, 0xCE, 0x28, 0x56, 0x9F, 0x85,
-        0x34, 0xAD, 0x9D, 0x3D, 0x22, 0x3A, 0x33, 0x3B, 0x9F, 0x55,
-        0x4F, 0x10, 0xA9, 0xD2, 0xAB, 0xE0, 0x29, 0x7A, 0x09, 0xF3,
-        0x4E, 0xC1, 0x21, 0xA7, 0xF4, 0xE5, 0x34, 0x6D, 0x68, 0x36,
-        0xE9, 0x7B, 0xD4, 0x42, 0x0A, 0xBC, 0xC4, 0x1F, 0x6C, 0x58,
-        0xB6, 0x65, 0x3F, 0x9F, 0x92, 0x65, 0xF9, 0x83, 0x7A, 0x94,
-        0x66, 0x7C, 0xB2, 0x03, 0x16, 0x65, 0x9E, 0xBF, 0x8C, 0x77,
-        0xB8, 0xA4, 0x13, 0x8B, 0xD3, 0x82, 0x39, 0x94, 0xD1, 0x2A,
-        0xE3, 0x3E, 0x51, 0xEB, 0x56, 0xE2, 0x92, 0x5C, 0x6B, 0xD1,
-        0x30, 0xD1, 0x91, 0x77, 0x6E, 0x28
+        0xB9, 0x59, 0x94, 0xE6, 0xD1, 0x5B, 0xFD, 0x59, 0xBB, 0x4F,
+        0x14, 0x0B, 0x9E, 0x30, 0x61, 0xF9, 0xFA, 0x2C, 0xD8, 0xE2,
+        0x7F, 0xD0, 0x1F, 0x47, 0xDE, 0x14, 0x8E, 0xD1, 0x78, 0x86,
+        0xA4, 0x9B, 0xDC, 0x86, 0x64, 0x2A, 0xD9, 0xBC, 0xBE, 0x61,
+        0x60, 0xB8, 0x1C, 0x46, 0xCE, 0x66, 0x97, 0xC0, 0x32, 0x04,
+        0x38, 0x3B, 0xCB, 0xB7, 0x38, 0x89, 0x11, 0xCE, 0xBA, 0x64,
+        0xE1, 0xDD, 0x4E, 0x3C, 0x6F, 0xA0, 0x48, 0xFA, 0x9F, 0x8F,
+        0xEC, 0x6A, 0xCA, 0xAC, 0x29, 0x4B, 0xD9, 0xF7, 0xE3, 0x03,
+        0xF7, 0xBA, 0xB8, 0xCC, 0x2C, 0xD1, 0xC8, 0x84, 0xFA, 0xF6,
+        0xFA, 0xE4, 0x72, 0xAF, 0x8D, 0x07, 0xF0, 0x3D, 0xD7, 0x58,
+        0x95, 0x08, 0x6F, 0xD5, 0x77, 0x1B, 0x92, 0x81, 0x99, 0x69,
+        0x5C, 0x4D, 0x8F, 0x98, 0xC6, 0x09, 0xC1, 0xEB, 0xB5, 0x86,
+        0x87, 0x47, 0xD7, 0x68, 0x73, 0xE8, 0x1D, 0x1B, 0xFE, 0xA5,
+        0x9C, 0x7A, 0x4B, 0xAD, 0x1A, 0x54, 0x46, 0xA0, 0xC8, 0xF7,
+        0x6C, 0xDD, 0xA6, 0xEF, 0x16, 0x21, 0x18, 0xCE, 0xF8, 0xDE,
+        0x3D, 0xB4, 0x56, 0x0C, 0xBA, 0xB7, 0x95, 0xD1, 0x6D, 0x0D,
+        0x49, 0xE7, 0x78, 0x64, 0x65, 0xC7, 0x24, 0x26, 0x81, 0xCD,
+        0x56, 0xB7, 0xB2, 0x31, 0xF2, 0xD7, 0x64, 0x55, 0x89, 0xCC,
+        0xDB, 0x69, 0x56, 0xED, 0x9B, 0x07, 0x9E, 0xD4, 0x07, 0x5E,
+        0xAF, 0xF0, 0x98, 0x94, 0xD6, 0x87, 0x0C, 0x22, 0xE1, 0x3A,
+        0x88, 0xE1, 0xC4, 0xBC, 0x51, 0x4B, 0x07, 0x4D, 0x2A, 0xCE,
+        0xA8, 0xE8, 0x9F, 0xF7, 0xA2, 0x8A, 0xEA, 0x90, 0x32, 0x20,
+        0xFC, 0xB6, 0x32, 0xE6, 0x8A, 0x47, 0x2B, 0xF4, 0xB4, 0x0F,
+        0x96, 0x7A, 0xC9, 0x0B, 0xF6, 0xBF, 0x69, 0x51, 0x9B, 0x44,
+        0xC2, 0xE2, 0xD6, 0x2D, 0xB1, 0x17, 0xAC, 0x7B, 0x32, 0xF2,
+        0x0E, 0x7A, 0x28, 0x67, 0xAB, 0xA5
 };
 static const int sizeof_ca_ecc_cert_der_sign = sizeof(ca_ecc_cert_der_sign);
 #endif /*  USE_CERT_BUFFERS_256 */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
index 7d7f8ee3..e6dca444 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/test_main.c
@@ -27,12 +27,12 @@
 
 #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
 defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
- #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+ #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #if defined(TLS_MULTITHREAD_TEST)
- User_SCEPKCbInfo guser_PKCbInfo_taskA;
- User_SCEPKCbInfo guser_PKCbInfo_taskB;
+ FSPSM_ST guser_PKCbInfo_taskA;
+ FSPSM_ST guser_PKCbInfo_taskB;
 #else
- User_SCEPKCbInfo guser_PKCbInfo;
+ FSPSM_ST guser_PKCbInfo;
 #endif
 #endif
 
@@ -48,11 +48,6 @@ void abort(void);
 
 #if defined(SCE_CRYPT_UNIT_TEST)
  int sce_crypt_test();
- int sce_crypt_sha256_multitest();
- int sce_crypt_AesCbc_multitest();
- int sce_crypt_AesGcm_multitest();
- int sce_crypt_Sha_AesCbcGcm_multitest();
- void tskSha256_Test1(void *pvParam);
 #endif
 
 void R_BSP_WarmStart(bsp_warm_start_event_t event);
@@ -128,35 +123,53 @@ static void my_Logging_cb(const int logLevel, const char *const logMessage)
 }
 #endif
 
-void Clr_CallbackCtx(User_SCEPKCbInfo *g)
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+void Clr_CallbackCtx(FSPSM_ST *g);
+void SCE_KeyGeneration(FSPSM_ST *g);
+
+void SCE_KeyGeneration(FSPSM_ST *g)
 {
-    if (g->sce_wrapped_key_aes256 != NULL)
-        XFREE(g->sce_wrapped_key_aes256,
-                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
+   fsp_err_t err = FSP_SUCCESS;
+
+    if (g->wrapped_key_aes128 != NULL) {
+        err = R_SCE_AES128_WrappedKeyGenerate(g->wrapped_key_aes128);
+        if (err == FSP_SUCCESS)
+            g->keyflgs_crypt.bits.aes128_installedkey_set = 1;
+    }
+
+    if (g->wrapped_key_aes256 != NULL) {
+        err = R_SCE_AES256_WrappedKeyGenerate(g->wrapped_key_aes256);
+        if (err == FSP_SUCCESS)
+            g->keyflgs_crypt.bits.aes256_installedkey_set = 1;
+    }
+    
+    
+}
+
+void Clr_CallbackCtx(FSPSM_ST *g)
+{
+    (void) g;
 
-    if (g->sce_wrapped_key_aes128 != NULL)
-        XFREE(g->sce_wrapped_key_aes128,
-                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
-                            
    #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    if (g->sce_wrapped_key_rsapri2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapri2048,
+    if (g->wrapped_key_rsapri2048 != NULL)
+        XFREE(g->wrapped_key_rsapri2048,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapub2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapub2048,
+    if (g->wrapped_key_rsapub2048 != NULL)
+        XFREE(g->wrapped_key_rsapub2048,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapri1024 != NULL)
-        XFREE(g->sce_wrapped_key_rsapri1024,
+    if (g->wrapped_key_rsapri1024 != NULL)
+        XFREE(g->wrapped_key_rsapri1024,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (g->sce_wrapped_key_rsapub2048 != NULL)
-        XFREE(g->sce_wrapped_key_rsapub1024,
+    if (g->wrapped_key_rsapub2048 != NULL)
+        XFREE(g->wrapped_key_rsapub1024,
                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
    #endif
-    XMEMSET(g, 0, sizeof(User_SCEPKCbInfo));
+   XMEMSET(g, 0, sizeof(FSPSM_ST));
 }
+#endif
 
 void sce_test(void)
 {
@@ -176,25 +189,6 @@ void sce_test(void)
     sce_crypt_test();
 
     printf(" \n");
-    printf(" multi sha thread test\n");
-
-    sce_crypt_sha256_multitest();
-
-    printf(" \n");
-    printf(" multi aes cbc thread test\n");
-
-    sce_crypt_AesCbc_multitest();
-
-    printf(" \n");
-    printf(" multi aes gcm thread test\n");
-
-    sce_crypt_AesGcm_multitest();
-
-    printf(" \n");
-    printf(" multi sha aescbc aesgcm thread test\n");
-    sce_crypt_Sha_AesCbcGcm_multitest();
-
-    printf(" \n");
     printf("End wolf sce crypt Test\n");
 
     if ((ret = wolfCrypt_Cleanup()) != 0) {
@@ -211,6 +205,26 @@ void sce_test(void)
          printf("wolfCrypt_Init failed %d\n", ret);
     }
 
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
+
+    Clr_CallbackCtx(&guser_PKCbInfo);
+
+    #if defined(WOLFSSL_AES_128)
+        sce_aes_wrapped_key_t user_aes128_key_index;
+        guser_PKCbInfo.wrapped_key_aes128 = &user_aes128_key_index;
+    #endif
+
+    #if defined(WOLFSSL_AES_256)
+       sce_aes_wrapped_key_t user_aes256_key_index;
+        guser_PKCbInfo.wrapped_key_aes256 = &user_aes256_key_index;
+    #endif
+    /* Generate Wrapped aes key */
+    SCE_KeyGeneration(&guser_PKCbInfo);
+#endif
+
+
+
     printf("Start wolfCrypt Test\n");
     wolfcrypt_test(args);
     printf("End wolfCrypt Test\n");
@@ -227,44 +241,29 @@ void sce_test(void)
     #include "hal_data.h"
     #include "r_sce.h"
 
-    printf("Prepare Installed key\n");
-
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) && defined(SCEKEY_INSTALLED)
-
-        /* aes 256 */
-        XMEMSET(&guser_PKCbInfo, 0, sizeof(guser_PKCbInfo));
-        sce_aes_wrapped_key_t *p1 = NULL;
-        sce_aes_wrapped_key_t *p2 = NULL;
+    int ret;
+    if ((ret = wolfCrypt_Init()) != 0) {
+         printf("wolfCrypt_Init failed %d\n", ret);
+    }
+    
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
 
-        guser_PKCbInfo.sce_wrapped_key_aes256 = 
-            (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t), 
-                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        p1 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes256;
+    Clr_CallbackCtx(&guser_PKCbInfo);
 
-        guser_PKCbInfo.sce_wrapped_key_aes128 = 
-            (sce_aes_wrapped_key_t*)XMALLOC(sizeof(sce_aes_wrapped_key_t), 
-                                            NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        p2 = (sce_aes_wrapped_key_t*)guser_PKCbInfo.sce_wrapped_key_aes128;
+    #if defined(WOLFSSL_AES_128)
+        sce_aes_wrapped_key_t user_aes128_key_index;
+        guser_PKCbInfo.wrapped_key_aes128 = &user_aes128_key_index;
+    #endif
 
-        if ( p1 == NULL || p2 == NULL) {
-            printf("failed to alloc memory!");
-        }
-        else {
-            memcpy(p1->value,
-                   (uint32_t *)DIRECT_KEY_ADDRESS_256, 
-                   HW_SCE_AES256_KEY_INDEX_WORD_SIZE*4);
-            p1->type = SCE_KEY_INDEX_TYPE_AES256;
-            guser_PKCbInfo.keyflgs_crypt.bits.aes256_installedkey_set = 1;
-
-            /* aes 128 */
-            memcpy(p2->value,
-                       (uint32_t *)DIRECT_KEY_ADDRESS_128, 
-                       HW_SCE_AES128_KEY_INDEX_WORD_SIZE*4);
-
-            p2->type = SCE_KEY_INDEX_TYPE_AES128;
-            guser_PKCbInfo.keyflgs_crypt.bits.aes128_installedkey_set = 1;
-        }
+    #if defined(WOLFSSL_AES_256)
+       sce_aes_wrapped_key_t user_aes256_key_index;
+        guser_PKCbInfo.wrapped_key_aes256 = &user_aes256_key_index;
     #endif
+    /* Generate Wrapped aes key */
+    SCE_KeyGeneration(&guser_PKCbInfo);
+#endif
+
     printf("Start wolfCrypt Benchmark\n");
     benchmark_test(NULL);
     printf("End wolfCrypt Benchmark\n");
@@ -276,6 +275,16 @@ void sce_test(void)
     #include "hal_data.h"
     #include "r_sce.h"
     
+#if defined(WOLFSSL_TLS13)
+    /* TLS1.3 needs RSA_PSS enabled.
+     * SCE doesn't support RSA PSS Padding
+     */
+    const char* cipherlist[] = {
+        NULL
+    };
+    const int cipherlist_sz = 1;
+    TestInfo info[cipherlist_sz];
+#else
     #if defined(USE_CERT_BUFFERS_256)
         #if !defined(TLS_MULTITHREAD_TEST)
         const char* cipherlist[] = {
@@ -317,6 +326,7 @@ void sce_test(void)
         TestInfo info[cipherlist_sz];
        #endif
     #endif
+#endif
 
     #ifdef TLS_MULTITHREAD_TEST
     BaseType_t xReturned;
@@ -381,22 +391,26 @@ void sce_test(void)
 
     #else
 
+    int TCP_connect_retry = 0;
     wolfSSL_TLS_client_init();
 
     do {
 
-          info[i].port = DEFAULT_PORT;
-          info[i].cipher = cipherlist[i];
-          info[i].ctx = client_ctx;
-          info[i].id = i;
+        info[i].port = DEFAULT_PORT;
+        info[i].cipher = cipherlist[i];
+        info[i].ctx = client_ctx;
+        info[i].id = i;
 
-          memset(info[i].name, 0, sizeof(info[i].name));
-          sprintf(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
-
-          wolfSSL_TLS_client_do(&info[i]);
+        XMEMSET(info[i].name, 0, sizeof(info[i].name));
+        XSPRINTF(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
 
+        if(wolfSSL_TLS_client_do(&info[i]) == -116) {
+            TCP_connect_retry++;
+            continue;
+        }
+        TCP_connect_retry = 0;
         i++;
-    } while (i < cipherlist_sz);
+    } while (i < cipherlist_sz && TCP_connect_retry < 100);
 
     #endif /* SCE_MULTITHREAD_TEST */
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
index e7149d22..5a920a25 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolf_client.c
@@ -41,10 +41,14 @@ static const byte ucDNSServerAddress[4]   = { 192, 168, 11, 1 };
 
 #ifdef TLS_MULTITHREAD_TEST
      xSemaphoreHandle exit_semaph;
-     extern User_SCEPKCbInfo guser_PKCbInfo_taskA;
-     extern User_SCEPKCbInfo guser_PKCbInfo_taskB;
+#   ifdef WOLFSSL_RENESAS_SCEPROTECT
+     extern FSPSM_ST guser_PKCbInfo_taskA;
+     extern FSPSM_ST guser_PKCbInfo_taskB;
+#   endif
 #else
-     extern User_SCEPKCbInfo guser_PKCbInfo;
+#   ifdef WOLFSSL_RENESAS_SCEPROTECT
+     extern FSPSM_ST guser_PKCbInfo;
+#   endif
 #endif
 
 int SEGGER_RTT_vprintf(unsigned BufferIndex, const char * sFormat, va_list * pParamList);
@@ -125,7 +129,7 @@ void wolfSSL_TLS_client_init()
     #endif
 }
 
-void wolfSSL_TLS_client_do(void *pvParam)
+int wolfSSL_TLS_client_do(void *pvParam)
 {
 
     int ret;
@@ -192,17 +196,17 @@ void wolfSSL_TLS_client_do(void *pvParam)
        /* Set callback CTX */
         #if !defined(TLS_MULTITHREAD_TEST)
         
-        memset(&guser_PKCbInfo, 0, sizeof(User_SCEPKCbInfo));
+        XMEMSET(&guser_PKCbInfo, 0, sizeof(FSPSM_ST));
         guser_PKCbInfo.devId = 0;
         wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo);
         
         #else
         if (p->port - DEFAULT_PORT == 0) {
-           memset(&guser_PKCbInfo_taskA, 0, sizeof(User_SCEPKCbInfo));
+           XMEMSET(&guser_PKCbInfo_taskA, 0, sizeof(FSPSM_ST));
            wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskA);
         }
         else {
-           memset(&guser_PKCbInfo_taskB, 0, sizeof(User_SCEPKCbInfo));
+           XMEMSET(&guser_PKCbInfo_taskB, 0, sizeof(FSPSM_ST));
            wc_sce_set_callback_ctx(ssl, (void*)&guser_PKCbInfo_taskB);
         }
         #endif
@@ -257,7 +261,9 @@ void wolfSSL_TLS_client_do(void *pvParam)
         wolfSSL_free(ssl);
         ssl = NULL;
         /* need to reset callback */
+#ifdef WOLFSSL_RENESAS_SCEPROTECT
         wc_sce_set_callbacks(client_ctx);
+#endif
     }
     /* clean up socket */
     if (xClientSocket) {
@@ -270,7 +276,7 @@ void wolfSSL_TLS_client_do(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 #endif
-
+    return ret;
 }
 
 void wolfSSL_TLS_cleanup()
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
index a785720f..f3cef8ff 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/test/src/wolfssl_sce_unit_test.c
@@ -25,14 +25,20 @@
 #include <stdlib.h>
 
 #include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/aes.h>
 #include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 
 #include "FreeRTOS.h"
 
+static const int devId = 7890;
+
 #ifndef NO_SHA
  int sha_test();
 #endif
@@ -62,8 +68,14 @@ int sce_crypt_AesGcm_multitest();
 int sce_crypt_Sha_AesCbcGcm_multitest();
 int sce_crypt_sha_multitest();
 int sce_crypt_test();
+int sce_crypt_sha256_multitest();
+void tskSha256_Test1(void *pvParam);
+ 
+void Clr_CallbackCtx(FSPSM_ST *g);
+void SCE_KeyGeneration(FSPSM_ST *g);
 
-extern User_SCEPKCbInfo guser_PKCbInfo;
+FSPSM_ST gCbInfo;
+FSPSM_ST gCbInfo_a; /* for multi testing */
 
 #if defined(HAVE_AES_CBC)
 
@@ -80,7 +92,8 @@ extern User_SCEPKCbInfo guser_PKCbInfo;
 #endif
 
 #if !defined(NO_RSA)
-    sce_rsa2048_wrapped_pair_key_t g_wrapped_pair_key;
+    sce_rsa1024_wrapped_pair_key_t    g_wrapped_pair_1024key;
+    sce_rsa2048_wrapped_pair_key_t    g_wrapped_pair_2048key;
 #endif
 typedef struct tagInfo
 {
@@ -89,7 +102,7 @@ typedef struct tagInfo
 
 #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
 
-static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
+static int sce_aes_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
 {
 
     Aes  aes[1];
@@ -104,7 +117,6 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
-    byte key[] = "0123456789abcdef   ";  /* align */
     byte iv[]  = "1234567890abcdef   ";  /* align */
 
     XMEMSET(cipher, 0, AES_BLOCK_SIZE);
@@ -114,15 +126,12 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         printf(" sce_aes_cbc_test() ");
     }
     
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    ret = wc_AesInit(aes, NULL, devId);
     if (ret == 0) {
-        ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
-        XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
-                        sizeof(sce_aes_wrapped_key_t));
-
-        aes->ctx.keySize = (word32)aes->keylen;
+        ret = wc_AesSetKey(aes, (byte*)aes_key, 
+        		AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
         if (ret == 0) {
-            ret = wc_sce_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
+            ret = wc_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
         }
 
         wc_AesFree(aes);
@@ -132,14 +141,12 @@ static int sce_aes_cbc_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         ret = -1;
 
 #ifdef HAVE_AES_DECRYPT
-    ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    ret = wc_AesInit(aes, NULL, devId);
     if (ret == 0) {
-        ret = wc_AesSetKey(aes, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
-        XMEMCPY(&aes->ctx.sce_wrapped_key, aes_key,
-                sizeof(sce_aes_wrapped_key_t));
-        aes->ctx.keySize = (word32)aes->keylen;
+        ret = wc_AesSetKey(aes, (byte*)aes_key, 
+        		AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
         if (ret == 0)
-            ret = wc_sce_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
+            ret = wc_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
 
         wc_AesFree(aes);
     }
@@ -179,7 +186,7 @@ static void tskAes128_Cbc_Test(void *pvParam)
 #endif
 
 #ifdef WOLFSSL_AES_256
-static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
+static int sce_aes256_test(int prnt, FSPSM_AES_PWKEY aes_key)
 {
     Aes enc[1];
     byte cipher[AES_BLOCK_SIZE];
@@ -193,14 +200,6 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
         0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
         0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
     };
-
-
-    WOLFSSL_SMALL_STACK_STATIC byte key[] = {
-        0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
-        0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
-        0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
-        0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
-    };
     WOLFSSL_SMALL_STACK_STATIC byte iv[]  = {
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
         0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
@@ -209,38 +208,32 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
     if (prnt)
         printf(" sce_aes256_test() ");
     
-    if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+    if (wc_AesInit(enc, NULL, devId) != 0) {
         ret = -1;
         goto out;
     }
 
-    if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0){
+    if (wc_AesInit(dec, NULL, devId) != 0){
         ret = -2;
         goto out;
     }
 
-    ret = wc_AesSetKey(enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
+    ret = wc_AesSetKey(enc, (byte*)aes_key,
+    		AES_BLOCK_SIZE*2, iv, AES_ENCRYPTION);
     if (ret != 0){
         ret = -3;
         goto out;
-    } else {
-        XMEMCPY(&enc->ctx.sce_wrapped_key, aes_key,
-                                sizeof(sce_aes_wrapped_key_t));
-        enc->ctx.keySize = (word32)enc->keylen;
     }
 
-    ret = wc_AesSetKey(dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
+    ret = wc_AesSetKey(dec, (byte*)aes_key,
+    		AES_BLOCK_SIZE*2, iv, AES_DECRYPTION);
     if (ret != 0) {
         ret = -4;
         goto out;
-    } else {
-        XMEMCPY(&dec->ctx.sce_wrapped_key, aes_key,
-                                sizeof(sce_aes_wrapped_key_t));
-        dec->ctx.keySize = (word32)dec->keylen;
     }
 
     XMEMSET(cipher, 0, AES_BLOCK_SIZE);
-    ret = wc_sce_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+    ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
 
     if (ret != 0) {
         ret = -5;
@@ -248,7 +241,7 @@ static int sce_aes256_test(int prnt, sce_aes_wrapped_key_t* aes_key)
     }
 
     XMEMSET(plain, 0, AES_BLOCK_SIZE);
-    ret = wc_sce_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+    ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
 
     if (ret != 0){
         ret = -6;
@@ -291,11 +284,11 @@ static void tskAes256_Cbc_Test(void *pvParam)
 #endif /* WOLFSSL_AES_256 */
 
 #if defined(WOLFSSL_AES_256)
-static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
+static int sce_aesgcm256_test(int prnt, FSPSM_AES_PWKEY aes256_key)
 {
     Aes enc[1];
     Aes dec[1];
-    User_SCEPKCbInfo userContext;
+    FSPSM_ST userContext;
     
     
     /*
@@ -322,14 +315,6 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
         0xab, 0xad, 0xda, 0xd2
     };
 
-    WOLFSSL_SMALL_STACK_STATIC const byte k1[] =
-    {
-        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
-        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
-        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
-    };
-
     WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
     {
         0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
@@ -369,39 +354,36 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
     XMEMSET(resultT, 0, sizeof(resultT));
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
-    XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
 
-    if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+    if (wc_AesInit(enc, NULL, devId) != 0) {
         ret = -1;
         goto out;
     }
-    if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0) {
+    if (wc_AesInit(dec, NULL, devId) != 0) {
         ret = -2;
         goto out;
     }
 
-    result = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+    result = wc_AesGcmSetKey(enc, 
+        (byte*)aes256_key, AES_BLOCK_SIZE*2);
     if (result != 0) {
         ret = -3;
         goto out;
-    } else {
-        userContext.sce_wrapped_key_aes256 = (void*)aes256_key;
-        userContext.keyflgs_crypt.bits.aes256_installedkey_set = 1;
-        enc->ctx.keySize = (word32)enc->keylen;
     }
 
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+    result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
                                 (byte*)iv1, sizeof(iv1), 
-                                resultT, sizeof(resultT),
-                                 a, sizeof(a), &userContext);
+                                resultT, sizeof(resultT), a, sizeof(a));
 
     if (result != 0) {
         ret = -4;
         goto out;
     }
 
-    result = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+    result = wc_AesGcmSetKey(dec, 
+            (byte*)aes256_key, AES_BLOCK_SIZE*2);
     if (result != 0) {
         ret = -7;
         goto out;
@@ -409,9 +391,9 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
         dec->ctx.keySize = (word32)enc->keylen;
     }
 
-    result = wc_sce_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
+    result = wc_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
                 iv1, sizeof(iv1), resultT, sizeof(resultT),
-                 a, sizeof(a), &userContext);
+                 a, sizeof(a));
     if (result != 0){
         ret = -8;
         goto out;
@@ -425,20 +407,21 @@ static int sce_aesgcm256_test(int prnt, sce_aes_wrapped_key_t* aes256_key)
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
 
-    wc_AesGcmSetKey(enc, k1, sizeof(k1));
+    wc_AesGcmSetKey(enc, 
+        (byte*)aes256_key, AES_BLOCK_SIZE*2);
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
-    result = wc_sce_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+    result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
                                 (byte*)iv1, sizeof(iv1),
                                 resultT + 1, sizeof(resultT) - 1,
-                                a, sizeof(a), &userContext);
+                                a, sizeof(a));
     if (result != 0) {
         ret = -10;
         goto out;
     }
 
-    result = wc_sce_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
+    result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
               iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1, 
-              a, sizeof(a), &userContext);
+              a, sizeof(a));
 
     if (result != 0) {
         ret = -11;
@@ -483,11 +466,11 @@ static void tskAes256_Gcm_Test(void *pvParam)
 
 #if defined(WOLFSSL_AES_128)
 
-static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
+static int sce_aesgcm128_test(int prnt, FSPSM_AES_PWKEY aes128_key)
 {
     Aes enc[1];
     Aes dec[1];
-    User_SCEPKCbInfo userContext;
+    FSPSM_ST userContext;
     
     /*
      * This is Test Case 16 from the document Galois/
@@ -520,12 +503,6 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
         0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
     };
 
-    WOLFSSL_SMALL_STACK_STATIC const byte k3[] =
-    {
-        0xbb, 0x01, 0xd7, 0x03, 0x81, 0x1c, 0x10, 0x1a,
-        0x35, 0xe0, 0xff, 0xd2, 0x91, 0xba, 0xf2, 0x4b
-    };
-
     WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
     {
         0xca
@@ -564,26 +541,22 @@ static int sce_aesgcm128_test(int prnt, sce_aes_wrapped_key_t* aes128_key)
     XMEMSET(resultT, 0, sizeof(resultT));
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
-    XMEMSET(&userContext, 0, sizeof(User_SCEPKCbInfo));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
 
-    if (wc_AesInit(enc, NULL, INVALID_DEVID) != 0) {
+    if (wc_AesInit(enc, NULL, devId) != 0) {
         ret = -1;
         goto out;
     }
 
-    if (wc_AesInit(dec, NULL, INVALID_DEVID) != 0) {
+    if (wc_AesInit(dec, NULL, devId) != 0) {
         ret = -2;
         goto out;
     }
 
-    wc_AesGcmSetKey(enc, k3, sizeof(k3));
+    wc_AesGcmSetKey(enc, (byte*)aes128_key, AES_BLOCK_SIZE);
     if (result != 0) {
         ret = -3;
         goto out;
-    } else {
-        userContext.sce_wrapped_key_aes128 = aes128_key;
-        userContext.keyflgs_crypt.bits.aes128_installedkey_set = 1;
-        enc->ctx.keySize = (word32)enc->keylen;
     }
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
     result = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
@@ -665,7 +638,9 @@ static int sce_rsa_test(int prnt, int keySize)
     in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
+    
+    (void) prnt;
+    
     if (key == NULL || in == NULL || out == NULL ||
         in2 == NULL || out2 == NULL) {
         ret = -1;
@@ -700,7 +675,7 @@ static int sce_rsa_test(int prnt, int keySize)
         goto out;
     }
 
-    ret = wc_RsaPrivateDecrypt(out, keySize/8, out2, outSz, key);
+    ret = wc_RsaPrivateDecrypt(out, (word32)(keySize/8), out2, outSz, key);
     if (ret < 0) {
         ret = -1;
         goto out;
@@ -779,20 +754,20 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
         goto out;
     }
     
-    guser_PKCbInfo.keyflgs_crypt.bits.message_type = 0;
+    gCbInfo.keyflgs_crypt.bits.message_type = 0;
     ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
     if (ret < 0) {
         goto out;
     }
 
     /* this should fail */
-    ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key);
+    ret = wc_RsaSSL_Verify(in2, inLen, out, (word32)(keySize/8), key);
     if (ret != FSP_ERR_CRYPTO_SCE_AUTHENTICATION) {
         ret = -1;
         goto out;
     }
     /* this should succeed */
-    ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
+    ret = wc_RsaSSL_Verify(in, inLen, out, (word32)(keySize/8), key);
     if (ret < 0) {
         ret = -1;
         goto out;
@@ -820,105 +795,121 @@ static int sce_rsa_SignVerify_test(int prnt, int keySize)
 int sce_crypt_test()
 {
     int ret = 0;
-    fsp_err_t sce_error_code;
-
-    /* Generate AES sce Key */
-    sce_error_code = R_SCE_AES128_WrappedKeyGenerate(&g_user_aes128_key_index1);
-
-    if (sce_error_code == FSP_SUCCESS)
-        sce_error_code = R_SCE_AES128_WrappedKeyGenerate(
-                                                &g_user_aes128_key_index2);
-
-    if (sce_error_code == FSP_SUCCESS)
-        sce_error_code = R_SCE_AES256_WrappedKeyGenerate(
-                                                &g_user_aes256_key_index1);
-
-    if (sce_error_code == FSP_SUCCESS)
-        sce_error_code = R_SCE_AES256_WrappedKeyGenerate(
-                                                &g_user_aes256_key_index2);
-   
-   if (sce_error_code == FSP_SUCCESS) {
-       #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        /* set up Crypt Call back */
-       
-        Clr_CallbackCtx(&guser_PKCbInfo);
-
-        ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &guser_PKCbInfo);
-
-        if ( ret > 0)
-            ret = 0;
-
-        if (ret == 0) {
-            printf(" sce_rsa_test(512)(this will be done"
-            " by SW because SCE doesn't support 512 bits key size.)");
-            ret = sce_rsa_test(1, 512);
-            RESULT_STR(ret)
-        }
-        
-        if (ret == 0) {
-            printf(" sce_rsa_test(1024)");
-            ret = sce_rsa_test(1, 1024);
-            RESULT_STR(ret)
-        }
-        
-        if (ret == 0) {
-            printf(" sce_rsa_SignVerify_test(512)(this will be done"
-            " by SW because SCE doesn't support 512 bits key size.)");
-            ret = sce_rsa_SignVerify_test(1, 512);
-            RESULT_STR(ret)
-        }
-        
-        if (ret == 0) {
-            printf(" sce_rsa_SignVerify_test(1024)");
-            ret = sce_rsa_SignVerify_test(1, 1024);
-            RESULT_STR(ret)
-        }
-        
-        Clr_CallbackCtx(&guser_PKCbInfo);
-        
-        if (ret == 0) {
-            printf(" sce_rsa_test(2048)");
-            ret = sce_rsa_test(1, 2048);
-            RESULT_STR(ret)
-        }
+    fsp_err_t err;
+    
+    Clr_CallbackCtx(&gCbInfo);
+    Clr_CallbackCtx(&gCbInfo_a);
+    
+    /* sets wrapped aes key */
+    gCbInfo.wrapped_key_aes128 = &g_user_aes128_key_index1;
+    gCbInfo.wrapped_key_aes256 = &g_user_aes256_key_index1;
+    /* Aes Key Gen */
+    SCE_KeyGeneration(&gCbInfo);
+    
+    /* Rsa Key Gen */
+    err = R_SCE_RSA1024_WrappedKeyPairGenerate(&g_wrapped_pair_1024key);
+    if (err == FSP_SUCCESS) {
+        /* sets wrapped rsa 1024 bits key */
+        gCbInfo.wrapped_key_rsapri1024 = 
+                &g_wrapped_pair_1024key.priv_key;
+        gCbInfo.keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
+        gCbInfo.wrapped_key_rsapub1024 = 
+                &g_wrapped_pair_1024key.pub_key;
+        gCbInfo.keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
+    }
+    
+    err = R_SCE_RSA2048_WrappedKeyPairGenerate(&g_wrapped_pair_2048key);
+    if (err == FSP_SUCCESS) {
+        /* sets wrapped rsa 1024 bits key */
+        gCbInfo.wrapped_key_rsapri2048 = 
+                &g_wrapped_pair_2048key.priv_key;
+        gCbInfo.keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
         
-        if (ret == 0 && sce_error_code == FSP_SUCCESS) {
-            printf(" sce_rsa_SignVerify_test(2048)");
-            ret = sce_rsa_SignVerify_test(1, 2048);
-            RESULT_STR(ret)
-        }
+        gCbInfo.wrapped_key_rsapub2048 = 
+                &g_wrapped_pair_2048key.pub_key;
+        gCbInfo.keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
+    }
+    
+    /* Key generation for multi testing */
+    gCbInfo_a.wrapped_key_aes128 = &g_user_aes128_key_index2;
+    gCbInfo_a.wrapped_key_aes256 = &g_user_aes256_key_index2;
+    SCE_KeyGeneration(&gCbInfo_a);
+    
+    ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &gCbInfo);
+    if ( ret > 0)
+         ret = 0;
 
-       #endif /* WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+    if (ret == 0) {
+         printf(" sce_rsa_test(512)(this will be done"
+              " by SW because SCE doesn't support 512 bits key size.)");
+         ret = sce_rsa_test(1, 512);
+         RESULT_STR(ret)
+    }
 
-   #ifndef NO_SHA256
-        printf(" sha256_test()");
-        ret = sha256_test();
+    if (ret == 0) {
+        printf(" sce_rsa_test(1024)");
+        ret = sce_rsa_test(1, 1024);
         RESULT_STR(ret)
-   #endif
-
-        ret = sce_aes_cbc_test(1, &g_user_aes128_key_index1);
-
-        if (ret == 0) {
-
-            ret = sce_aes256_test(1, &g_user_aes256_key_index1);
-
-        }
-
-        if (ret == 0) {
-
-            ret = sce_aesgcm128_test(1, &g_user_aes128_key_index1);
+    }
 
-        }
+    if (ret == 0) {
+        printf(" sce_rsa_SignVerify_test(1024)");
+        ret = sce_rsa_SignVerify_test(1, 1024);
+        RESULT_STR(ret)
+    }
 
-        if (ret == 0) {
+    if (ret == 0) {
+        printf(" sce_rsa_test(2048)");
+        ret = sce_rsa_test(1, 2048);
+        RESULT_STR(ret)
+    }
 
-            ret = sce_aesgcm256_test(1, &g_user_aes256_key_index1);
+    if (ret == 0 && err == FSP_SUCCESS) {
+        printf(" sce_rsa_SignVerify_test(2048)");
+        ret = sce_rsa_SignVerify_test(1, 2048);
+        RESULT_STR(ret)
+    }
 
-        }
+#ifndef NO_SHA256
+    printf(" sha256_test()");
+    ret = sha256_test();
+    RESULT_STR(ret)
+#endif
+    ret = sce_aes_cbc_test(1, &g_user_aes128_key_index1);
+    if (ret == 0) {
+        ret = sce_aes256_test(1, &g_user_aes256_key_index1);
     }
-    else
+    if (ret == 0) {
+        ret = sce_aesgcm128_test(1, &g_user_aes128_key_index1);
+    }
+    
+    if (ret == 0) {
+        ret = sce_aesgcm256_test(1, &g_user_aes256_key_index1);
+    }
+    printf(" \n");
+    if (ret == 0) {
+        printf(" multi sha thread test\n");
+        ret = sce_crypt_sha256_multitest();
+    }
+    if (ret == 0) {
+        printf(" multi Aes cbc thread test\n");
+        ret = sce_crypt_AesCbc_multitest();
+    }
+    if (ret == 0) {
+        printf(" multi Aes Gcm thread test\n");
+        ret = sce_crypt_AesGcm_multitest();
+    }
+    if (ret == 0) {
+        printf(" multi sha aescbc aesgcm thread test\n");
+        sce_crypt_Sha_AesCbcGcm_multitest();
+    } else
         ret = -1;
-
+    
+    #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+        Clr_CallbackCtx(&gCbInfo);
+        Clr_CallbackCtx(&gCbInfo_a);
+    #endif
+    
     return ret;
 }
 
@@ -1282,4 +1273,4 @@ int sce_crypt_Sha_AesCbcGcm_multitest()
 
     return ret;
 }
-
+#endif /* WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
index b3a924d7..7684a0b6 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.cproject
@@ -41,7 +41,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
-							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
@@ -59,7 +59,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
 							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1766975825" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
-							<builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.1696106404" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Debug" id="com.renesas.cdt.managedbuild.gnuarm.builder.1696106404" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
 							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
 								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1562659327" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.1992643773" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -79,9 +79,12 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.1008320129" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+									<listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
 								</option>
 								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1332222526" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
 							</tool>
@@ -106,12 +109,15 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1740279599" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
 									<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_SCEPROTECT"/>
 									<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RA6M4"/>
 									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+									<listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
 								</option>
 								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.214105753" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
 							</tool>
@@ -150,6 +156,118 @@
 							</tool>
 						</toolChain>
 					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.970500279./ra/aws" name="aws" resourcePath="ra/aws">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug.827691749" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128.963893755" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439.1300019050" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762.1049315935" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244.1792288537" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621.1072340684" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390.1010011465" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485.1046763668" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464.1310826281" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892.1394919523" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144.67567238" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021.125452987" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447.1653564956" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736.2053040899" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307.813039065" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481.1387519068" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723.893277149" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412.555186237" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520.1945200360" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511.1703768677" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124.197234562" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979.1751546408" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432.1991270158" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695.719307047" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460.1169433219" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647.2093884662" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371.1577959933" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641.1721635114" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279.1428642988" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268.631620494" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079.1096975863" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274.1871655356" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282.933260083" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820.1804664248" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144.95499414" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201.1558650433" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1222251697" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1481001786" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1931598028" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.758673917">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.1422328670" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1753815936" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1168221869" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.764823506">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.185972096" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.661870747" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.63989951"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1238967318" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1469493512"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.802330776" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1022207837"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1995111374" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.513431201"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1225972140" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1729201850"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.988286685" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.861824755"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.debug.970500279./ra/arm" name="arm" resourcePath="ra/arm">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug.1961970861" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.debug" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128.1784028466" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.372424128"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439.552149060" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.802408439"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762.527760084" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1636222762"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244.1584057880" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.840275244"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621.459487214" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.2057841621"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390.1635334426" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.246216390"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485.506317384" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1774811485"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464.1815414837" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1434261464"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892.921072498" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.984091892"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144.1748584034" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.590988144"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021.2011576019" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.1570641021"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447.651711661" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.415668447"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736.1720682181" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.2011452736"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307.100903295" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.2107087307"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481.1972412035" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.1305941481"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723.1591250370" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.817766723"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412.555537596" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.85882412"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520.1215597853" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.203869520"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511.2071354040" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.75071511"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124.1085865173" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.671544124"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979.1585656039" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.1393349979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432.531079102" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.541770432"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695.588445570" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1547181695"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460.1199654979" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.507997460"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647.418447522" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.228888647"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371.1030070055" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.2038968371"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641.677551627" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.780177641"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279.135906683" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1097344279"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268.422266922" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1410703268"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079.1167028401" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1822043079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274.1791455519" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1655998274"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282.852157450" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1972808282"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820.826307741" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.457535820"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144.1931877484" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.753333144"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201.1005849177" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.1176186201"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1182488861" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.535305377">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.2021758024" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.595320972" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.758673917">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.1627761083" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.800601953" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.941895012" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.764823506">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.1064863388" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1765163843" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.63989951"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.2034616674" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1469493512"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1398750420" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.1022207837"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.769774611" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.513431201"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.313835290" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1729201850"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.327753338" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.861824755"/>
+						</toolChain>
+					</folderInfo>
 					<sourceEntries>
 						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra"/>
 						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra_gen"/>
@@ -203,7 +321,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
-							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978" name="ARM family" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-m33" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
@@ -221,7 +339,7 @@
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.fpv5spd16" valueType="enumerated"/>
 							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
 							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.1913516426" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
-							<builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.238824769" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
+							<builder buildPath="${workspace_loc:/wolfSSL_RA6M4}/Release" id="com.renesas.cdt.managedbuild.gnuarm.builder.238824769" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="Gnu Make ビルダー" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gnuarm.builder"/>
 							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler">
 								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1575652994" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths.817572458" name="Include paths (-I)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.include.paths" valueType="includePath">
@@ -241,9 +359,12 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.98883299" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+									<listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
 								</option>
 								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1801561027" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
 							</tool>
@@ -266,9 +387,12 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/r_sce_protected/crypto_procedures_protected/src/sce9/private/inc}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/fsp/src/rm_freertos_plus_tcp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS/Source/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/ra/aws/FreeRTOS/FreeRTOS-Plus/Source/FreeRTOS-Plus-TCP/include}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.1403729518" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="_RENESAS_RA_"/>
+									<listOptionValue builtIn="false" value="_RA_CORE=CM33"/>
 								</option>
 								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1088287076" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
 							</tool>
@@ -307,6 +431,118 @@
 							</tool>
 						</toolChain>
 					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1000694995./ra/aws" name="aws" resourcePath="ra/aws">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release.224277999" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358.703009647" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176.1887917140" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435.572039712" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612.2014656655" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279.594549429" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009.433402377" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675.1126256021" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689.1625640463" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670.1331163776" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893.2118191219" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540.1939758516" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858.1340211341" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791.911541120" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159.235695086" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942.731807780" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722.1767414418" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789.1685325907" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081.239604783" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978.1385090432" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067.286457188" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705.532517118" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951.351754040" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758.775859450" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446.359225839" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434.1746846715" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809.1402760461" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803.1313431310" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906.1684075407" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889.1419647951" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942.1215591101" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392.130009923" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522.48101656" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685.1984020077" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944.666890066" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035.1086817508" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.2144269885" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1505998767" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1736995384" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1294119565">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.523665461" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1981400490" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.646612385" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1823072247">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.758030296" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.892008103" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1837136696"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.1278013907" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.957163491"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.148395907" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.380386144"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1357669427" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.849256967"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.1001241802" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.446753671"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.988227579" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.799087256"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gnuarm.config.lib.release.1000694995./ra/arm" name="arm" resourcePath="ra/arm">
+						<toolChain id="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release.294206647" name="GCC ARM Embedded" superClass="com.renesas.cdt.managedbuild.gnuarm.toolchain.lib.release" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358.1488735191" name="Optimization Level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.1092203358"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176.1387526888" name="Message length (-fmessage-length=0)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.messagelength.1655508176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435.1027662579" name="'char' is signed (-fsigned-char)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.signedchar.1362644435"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612.907141840" name="Function sections (-ffunction-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.functionsections.1646666612"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279.704079662" name="Data sections (-fdata-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.datasections.1767227279"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009.102265769" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1083900009"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675.729992978" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.920333675"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689.1603109888" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.1153399689"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670.1576279696" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.1526073670"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893.550346303" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.979841893"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540.1313634431" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.679047540"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858.1763550668" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.848570858"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791.1838682127" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1501173791"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159.2001305442" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1506335159"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942.1582345443" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.563705942"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722.840001711" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.1578745722"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789.294802158" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.500719789"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081.1396608979" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.269627081"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978.1008218488" name="Arm family (-mcpu)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.family.1525979978"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067.1979249921" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.822170067"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705.1143451431" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.456961705"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951.1300417668" name="Instruction set" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.1663748951"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758.1008969964" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.942756758"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446.1785165800" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1527544446"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434.775729444" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.884565434"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809.1242426387" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.980678809"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803.1221664270" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.354847803"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906.640202776" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1063077906"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889.1767833264" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.1503804889"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942.763248899" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.279286942"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392.1440177228" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.235215392"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522.1854098750" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.977555522"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685.2007396743" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.503835685"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944.1259018734" name="FPU Type" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.464890944"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035.406452768" name="Float ABI" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.2023545035"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1121767234" name="GNU ARM Cross Assembler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.1458313447">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.622325430" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.58324685" name="GNU ARM Cross C Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.1294119565">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other.630203819" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.other" value="-w" valueType="string"/>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.510266600" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.858643922" name="GNU ARM Cross C++ Compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.compiler.1823072247">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other.132948817" name="Other compiler flags" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.compiler.other" value="-w" valueType="string"/>
+							</tool>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1804604482" name="GNU ARM Cross C Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.linker.1837136696"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.874826291" name="GNU ARM Cross C++ Linker" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.cpp.linker.957163491"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.920778807" name="GNU ARM Cross Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.archiver.380386144"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.1901415441" name="GNU ARM Cross Create Flash Image" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createflash.849256967"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.182150012" name="GNU ARM Cross Create Listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.createlisting.446753671"/>
+							<tool id="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.1706961930" name="GNU ARM Cross Print Size" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.printsize.799087256"/>
+						</toolChain>
+					</folderInfo>
 					<sourceEntries>
 						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra"/>
 						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="ra_gen"/>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
index 5c202482..3e3a73d2 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RA6M4/wolfssl/.project
@@ -397,24 +397,24 @@
 			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_aes.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_aes.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_aes.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_rsa.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_rsa.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_sha.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_sha.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_sha.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c</locationURI>
 		</link>
 		<link>
-			<name>wolfCrypt/port/renesas_sce_util.c</name>
+			<name>wolfCrypt/port/renesas_fspsm_util.c</name>
 			<type>1</type>
-			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_sce_util.c</locationURI>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c</locationURI>
 		</link>
 	</linkedResources>
 </projectDescription>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
index 0c78c518..fa80de84 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/user_settings.h
@@ -150,7 +150,7 @@
   * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
   *  
   * Note. In your actual products, do not forget to comment-out 
-  * "NO_ASN_TIME" macro. And prepare time function to get calender time,
+  * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
   * otherwise, certificate expiration validation will not work.  
   */
   /*#define NO_ASN_TIME*/
@@ -220,13 +220,28 @@
 
 #if defined(WOLFSSL_RENESAS_TSIP)
 
+    /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+    /* Enable TSIP TLS (default)
+     *   TSIP CRYPTONLY is also enabled.
+     * Disable TSIP TLS
+     *   TSIP CRYPTONLY is only enabled.
+     */
+    #define WOLFSSL_RENESAS_TSIP_TLS
+
     #if !defined(NO_RENESAS_TSIP_CRYPT)
-        #define WOLFSSL_RENESAS_TSIP_CRYPT
-        #define WOLFSSL_RENESAS_TSIP_TLS
-        #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+        #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
         #define HAVE_PK_CALLBACKS
         #define WOLF_CRYPTO_CB
-        #define WOLF_PRIVATE_KEY_ID
+        #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+            #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+            #define WOLF_PRIVATE_KEY_ID
+        #endif
+    #endif
+
+    #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+         defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+        # undef WOLFSSL_RENESAS_TSIP_TLS
+        # undef WOLFSSL_RENESAS_TSIP_CRYPT
     #endif
 
 #else
@@ -244,3 +259,8 @@
 
 
 #define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
+
+#if !defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #define min(x,y) ((x)<(y)?(x):(y))
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
index 84501e84..251d6481 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/common/wolfssl_dummy.c
@@ -21,7 +21,7 @@
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 
-#define YEAR 2022
+#define YEAR 2023
 #define MON  6
 
 static int tick = 0;
@@ -40,3 +40,12 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz)
         return 1;
     return 0;
 }
+
+#if !defined(WOLFSSL_RENESAS_TSIP)
+/* dummy return true when char is alphanumeric character */
+int isascii(const char *s)
+{
+    return isalnum(s);
+}
+#endif
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
index a6317176..76cfb41a 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/test/src/wolf_client.c
@@ -136,13 +136,13 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
 
     if ((client_ctx = wolfSSL_CTX_new_ex(wolfSSLv23_client_method_ex(heapHint),
                                                       heapHint)) == NULL) {
-        printf("ERROR: faild to create WOLFSSL_CTX\n");
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
         return;                                                
     }
 
     if ((wolfSSL_CTX_load_static_memory(&client_ctx, NULL, heapBufIO,
                 sizeof(heapBufIO), WOLFMEM_IO_POOL, 10)) != WOLFSSL_SUCCESS) {
-        printf("ERROR: faild to set static memory for IO\n");
+        printf("ERROR: failed to set static memory for IO\n");
         return;
     }
 
@@ -285,18 +285,18 @@ void wolfSSL_TLS_client( )
     #ifdef WOLFSSL_RENESAS_TSIP_TLS
 
     /* TSIP specific ECC private key */
-    if (tsip_use_PrivateKey_buffer(ssl,
+    if (tsip_use_PrivateKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
                 sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
                 TSIP_ECCP256) != 0) {
-        printf("ERROR tsip_use_PrivateKey_buffer\n");
+        printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
         goto out;
     }
     
     #else
 
     /* DER format ECC private key */
-    if (wolfSSL_use_PrivateKey_buffer(ssl, 
+    if (wolfSSL_use_PrivateKey_buffer(ssl,
                                     ecc_clikey_der_256,
                                     sizeof_ecc_clikey_der_256, 
                                     WOLFSSL_FILETYPE_ASN1) != SSL_SUCCESS) {
@@ -314,20 +314,20 @@ void wolfSSL_TLS_client( )
     /* Note: TSIP asks client key pair for client authentication. */
 
     /* TSIP specific RSA private key */
-    if (tsip_use_PrivateKey_buffer(ssl,
+    if (tsip_use_PrivateKey_buffer_TLS(ssl,
                (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
                sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
                                                         TSIP_RSA2048) != 0) {
-        printf("ERROR tsip_use_PrivateKey_buffer\n");
+        printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
         goto out;
     }
 
     /* TSIP specific RSA public key */
-    if (tsip_use_PublicKey_buffer(ssl,
+    if (tsip_use_PublicKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
                 sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
                                                         TSIP_RSA2048) != 0) {
-        printf("ERROR tsip_use_PublicKey_buffer\n");
+        printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
         goto out;
     }
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/.project
@@ -80,6 +80,11 @@
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
 		</link>
 		<link>
+			<name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+		</link>
+		<link>
 			<name>wolfcrypt/port/renesas_tsip_sha.c</name>
 			<type>1</type>
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
index 6c0ad04d..23d781bd 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/GR-ROSE/wolfssl/wolfssl.rcpc
@@ -22,6 +22,7 @@
         <Category Name="port">
           <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_common.c</Path>
           <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_aes.c</Path>
+          <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_rsa.c</Path>
           <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_sha.c</Path>
           <Path>..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_util.c</Path>
         </Category>
@@ -143,6 +144,7 @@
           <Path>Debug\wolfio.obj</Path>
           <Path>Debug\renesas_common.obj</Path>
           <Path>Debug\renesas_tsip_aes.obj</Path>
+          <Path>Debug\renesas_tsip_rsa.obj</Path>
           <Path>Debug\renesas_tsip_sha.obj</Path>
           <Path>Debug\renesas_tsip_util.obj</Path>
           <Path>Debug\aes.obj</Path>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
index 0b7370d5..1008cf2e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/resource/section.esi
@@ -8,18 +8,24 @@
   <sections name="R_2"/>
   <sections name="R"/>
   <sections name="RPFRAM2"/>
+  <sections name="B_ETHERNET_BUFFERS_1">
+    <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="65536"/>
+  </sections>
+  <sections name="B_RX_DESC_1"/>
+  <sections name="B_TX_DESC_1"/>
+  <sections name="C_FIRMWARE_UPDATE_CONTROL_BLOCK">
+    <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1048576"/>
+  </sections>
+  <sections name="C_FIRMWARE_UPDATE_CONTROL_BLOCK_MIRROR"/>
   <sections name="C_PKCS11_STORAGE*">
     <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1050624"/>
   </sections>
   <sections name="C_SYSTEM_CONFIG*">
     <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="1067008"/>
   </sections>
-  <sections name="B_ETHERNET_BUFFERS_1">
+  <sections name="B">
     <sectionAddress xsi:type="com.renesas.linkersection.model:FixedAddress" fixedAddress="8388608"/>
   </sections>
-  <sections name="B_RX_DESC_1"/>
-  <sections name="B_TX_DESC_1"/>
-  <sections name="B"/>
   <sections name="B_1"/>
   <sections name="B_2"/>
   <sections name="C_1">
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl/.project
@@ -80,6 +80,11 @@
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
 		</link>
 		<link>
+			<name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+		</link>
+		<link>
 			<name>wolfcrypt/port/renesas_tsip_sha.c</name>
 			<type>1</type>
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
index b53c8763..b43216c1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/key_data.c
@@ -267,6 +267,4 @@ const unsigned char client_cert_der_sign[] =
 };
 const int sizeof_client_cert_der_sign = sizeof(client_cert_der_sign);
 
-uint32_t s_inst1[R_TSIP_SINST_WORD_SIZE] = { 0 };
-uint32_t s_inst2[R_TSIP_SINST2_WORD_SIZE]= { 0 };
 #endif
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
index 9aeb3e4e..f856d4e5 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/user_settings.h
@@ -149,7 +149,7 @@
   * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
   *  
   * Note. In your actual products, do not forget to comment-out 
-  * "NO_ASN_TIME" macro. And prepare time function to get calender time,
+  * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
   * otherwise, certificate expiration validation will not work.  
   */
   /*#define NO_ASN_TIME*/
@@ -224,13 +224,28 @@
 
 #if defined(WOLFSSL_RENESAS_TSIP)
 
+    /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+    /* Enable TSIP TLS (default)
+     *   TSIP CRYPTONLY is also enabled.
+     * Disable TSIP TLS
+     *   TSIP CRYPTONLY is only enabled.
+     */
+    #define WOLFSSL_RENESAS_TSIP_TLS
+
     #if !defined(NO_RENESAS_TSIP_CRYPT)
-        #define WOLFSSL_RENESAS_TSIP_CRYPT
-        #define WOLFSSL_RENESAS_TSIP_TLS
-        #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+        #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
         #define HAVE_PK_CALLBACKS
         #define WOLF_CRYPTO_CB
-        #define WOLF_PRIVATE_KEY_ID
+        #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+            #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+            #define WOLF_PRIVATE_KEY_ID
+        #endif
+    #endif
+
+    #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+         defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+        # undef WOLFSSL_RENESAS_TSIP_TLS
+        # undef WOLFSSL_RENESAS_TSIP_CRYPT
     #endif
 
 #else
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
index e61512c1..5614f3f1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX65N/RSK/wolfssl_demo/wolfssl_demo.c
@@ -294,22 +294,22 @@ static void Tls_client()
 
     /* TSIP specific ECC private key */
     if (ret == 0){
-        ret = tsip_use_PrivateKey_buffer(ssl,
+        ret = tsip_use_PrivateKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
                 sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
                 TSIP_ECCP256);
         if (ret != 0) {
-            printf("ERROR tsip_use_PrivateKey_buffer\n");
+            printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
         }
     }
     # if defined(WOLFSSL_CHECK_SIG_FAULTS)
     if (ret == 0){
-        ret = tsip_use_PublicKey_buffer(ssl,
+        ret = tsip_use_PublicKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_ecc256_public_key,
                 sizeof(g_key_block_data.encrypted_user_ecc256_public_key),
                 TSIP_ECCP256);
         if (ret != 0) {
-            printf("ERROR tsip_use_PublicKey_buffer\n");
+            printf("ERROR tsip_use_PublicKey_buffer_TLS\n");
         }
     }
     #endif /* WOLFSSL_CHECK_SIG_FAULTS */
@@ -339,21 +339,21 @@ static void Tls_client()
 
     /* TSIP specific RSA private key */
     if (ret == 0) {
-        ret = tsip_use_PrivateKey_buffer(ssl,
+        ret = tsip_use_PrivateKey_buffer_TLS(ssl,
                (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
                sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
                                                         TSIP_RSA2048);
         if (ret != 0) {
-            printf("ERROR tsip_use_PrivateKey_buffer :%d\n", ret);
+            printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
         }
     }
     if (ret == 0) {
-        ret = tsip_use_PublicKey_buffer(ssl,
+        ret = tsip_use_PublicKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
                 sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),
                                                         TSIP_RSA2048);
         if (ret != 0) {
-            printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
+            printf("ERROR tsip_use_PublicKey_buffer_TLS: %d\n", ret);
         }
     }
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
index c9f75399..be61aec0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_EN.md
@@ -114,14 +114,14 @@ Now that the test application is ready to build.
 ## 7. Running test application as Client
 -----
 ### 7.1 Run Client as TCP
-When it enables SIMPLE_TCP_CLIENT, we can run TCP clint on the board. We are able to use [this TCP server allication](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tcp.c) as the opposite TCP server. To complie and run the server,
+When it enables SIMPLE_TCP_CLIENT, we can run TCP clint on the board. We are able to use [this TCP server allication](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/server-tcp.c) as the opposite TCP server. To compile and run the server,
 ```
 $ gcc server-tcp.c -o server-tcp
 $ ./server-tcp
 ```
 
 If needed, it updates server IP address and port. Those are defined by `SIMPLE_TCPSERVER_IP` and `SIMPLE_TCPSERVER_PORT` in `test/src/simple_tcp.c`
-You will see messages on Reneas Virtual Console when its communication succedes.
+You will see messages on Reneas Virtual Console when its communication succeeds.
 
 ```
 Received : I hear ya fa shizzle!
@@ -140,7 +140,7 @@ Waiting for a connection...
 When it enables SIMPLE_TLS_CLIENT, we can run TLS client on the board.If needed, it updates server IP address and port. Those are defined by `SIMPLE_TLSSERVER_IP` and `SIMPLE_TLSSERVER_PORT` in `test/src/simple_tls_tsip.c`. After changing it, you need to re-compile test project.
 
 
-As the opposite TLS server, we can use an example server in wolfSSL soure tree. To configure and build it,
+As the opposite TLS server, we can use an example server in wolfSSL source tree. To configure and build it,
 
 ```
 $ cd <wolfssl-folder>
@@ -159,7 +159,7 @@ Therefore, for an example server, it needs to specify ECC certificate correspond
 ./examples/server/server -v 4 -b -i -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem -A ./certs/client-ecc-cert.pem
 ```
 
-You will see messages on Renesas Debug Virtual Consol
+You will see messages on Renesas Debug Virtual Console
 ```
 cipher : TLS13-AES128-GCM-SHA256
 Received: I hear you fa shizzle!
@@ -243,7 +243,7 @@ When you want to run test project by TLS 1.3, it enables `#define WOLFSSL_TLS13`
 ## 8. Running test application as Server
 
 ### 8.1 Run Server as TCP Server
-When it enables `SIMPLE_TCP_SERVER`, we can run TCP server on the board. We are able to use [this TCP client](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tcp.c) as the opposite TCP client. To complie and run the server,
+When it enables `SIMPLE_TCP_SERVER`, we can run TCP server on the board. We are able to use [this TCP client](https://github.com/wolfSSL/wolfssl-examples/blob/master/tls/client-tcp.c) as the opposite TCP client. To compile and run the server,
 
 ```
 $ gcc client-tcp.c -o client-tcp
@@ -306,4 +306,4 @@ The above limitations 1 through 4 are expected to be improved by TSIP from the n
 
 # 11. Support
 
-For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.
\ No newline at end of file
+For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
index 05d9ba1c..e870bba0 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/README_JP.md
@@ -237,7 +237,7 @@ $ ./configure CFLAGS="-DWOLFSSL_STATIC_RSA"
 $ ./examples/server/server -b -i
 ```
 
-実行�る��下記�よ��メッセージ�Renesas Debug Virtual Consol �表示�れ��。
+実行�る��下記�よ��メッセージ�Renesas Debug Virtual Console �表示�れ��。
 
 ```
 cipher : ECDHE-RSA-AES128-GCM-SHA256
@@ -298,7 +298,7 @@ SSL curve name is SECP256R1
 hello wolfssl!
 ```
 
-Renesas Debug Virtual Consol �下記�よ��表示�れ��れ��ボード上� TLS サー�ー�クライアント間�TLS通信�行�れ����。
+Renesas Debug Virtual Console �下記�よ��表示�れ��れ��ボード上� TLS サー�ー�クライアント間�TLS通信�行�れ����。
 ```
 Received: hello wolfssl!
 ```
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
index c6d70e75..2c48ed51 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/common/wolfssl_dummy.c
@@ -21,8 +21,8 @@
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 
-#define YEAR 2022
-#define MON  6
+#define YEAR 2023
+#define MON  5
 
 static int tick = 0;
 
@@ -43,5 +43,5 @@ int strncasecmp(const char *s1, const char * s2, unsigned int sz)
 /* dummy return true when char is alphanumeric character */
 int isascii(const char *s)
 {
-	return isalnum(s);
+    return isalnum(s);
 }
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
index 46007209..5f7ceb0e 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.cproject
@@ -54,11 +54,7 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -66,6 +62,10 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define.511269805" name="プリプロセッサ・マクロ�定義 (-define)" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define" useByScannerDiscovery="false" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="DEBUG_CONSOLE"/>
@@ -97,11 +97,7 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -109,6 +105,10 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 								</option>
 								<inputType id="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType.502444415" name="Assembler InputType" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType"/>
 							</tool>
@@ -267,11 +267,7 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -279,6 +275,10 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 								</option>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define.935611572" name="プリプロセッサ・マクロ�定義 (-define)" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.compiler.option.define" valueType="definedSymbols">
 									<listOptionValue builtIn="false" value="DEBUG_CONSOLE"/>
@@ -307,11 +307,7 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/general}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/Config_TMR0}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_pincfg}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_config}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
-									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_sys_time_rx/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_driver_rx}&quot;"/>
@@ -319,6 +315,10 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_t4_rx/lib}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_tsip_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_cmt_rx/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/smc_gen/r_ether_rx}&quot;"/>
 								</option>
 								<inputType id="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType.1482916460" name="Assembler InputType" superClass="com.renesas.cdt.managedbuild.renesas.ccrx.assembler.inputType"/>
 							</tool>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
index 2616e947..10951ff4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/.project
@@ -40,6 +40,11 @@
 			<locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/user_settings.h</locationURI>
 		</link>
 		<link>
+			<name>src/wolfssl_tsip_unit_test.c</name>
+			<type>1</type>
+			<locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/wolfssl_tsip_unit_test.c</locationURI>
+		</link>
+		<link>
 			<name>src/key_data/key_data.c</name>
 			<type>1</type>
 			<locationURI>PARENT-2-PROJECT_LOC/wolfssl_demo/key_data.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
index 946aaeeb..0bc5caa1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/client/simple_tls_tsip_client.c
@@ -31,7 +31,7 @@
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 #endif
 
-#define SIMPLE_TLSSEVER_IP       "192.168.10.10"
+#define SIMPLE_TLSSEVER_IP       "192.168.11.9"
 #define SIMPLE_TLSSERVER_PORT    "11111"
 
 ER    t4_tcp_callback(ID cepid, FN fncd , VP p_parblk);
@@ -103,7 +103,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
             char *cert       = "./certs/ca-cert.pem";
         #endif
     #else
-        #if defined(USE_ECC_CERT) && defined(USE_CERT_BUFFERS_256) 
+        #if defined(USE_ECC_CERT) && defined(USE_CERT_BUFFERS_256)
             const unsigned char *cert       = ca_ecc_cert_der_256;
             #define  SIZEOF_CERT sizeof_ca_ecc_cert_der_256
         #else
@@ -118,7 +118,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
     #endif
 
     /* Create and initialize WOLFSSL_CTX */
-    if ((client_ctx = 
+    if ((client_ctx =
         wolfSSL_CTX_new(wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
         printf("ERROR: failed to create WOLFSSL_CTX\n");
         return;
@@ -134,7 +134,7 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
         return;
     }
     #else
-    if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT, 
+    if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT,
                                             SSL_FILETYPE_ASN1) != SSL_SUCCESS){
            printf("ERROR: can't load certificate data\n");
        return;
@@ -151,24 +151,6 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
         return;
     }
 
-    /* set client private key data */
-    #if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
-    if (tsip_set_clientPrivateKeyEnc(
-                        g_key_block_data.encrypted_user_ecc256_private_key,
-                                                        TSIP_ECCP256) != 0) {
-        printf("ERROR: can't load client-private key\n");
-        return;
-    }
-    #else
-    if (wolfSSL_CTX_use_PrivateKey_buffer(client_ctx, 
-                                ecc_clikey_der_256,
-                                sizeof_ecc_clikey_der_256,
-                                SSL_FILETYPE_ASN1)      != WOLFSSL_SUCCESS) {
-        printf("ERROR: can't load private-key data.\n");
-        return;
-    }
-    #endif /* WOLFSSL_TLS13 */
-
 #else
     if (wolfSSL_CTX_use_certificate_chain_buffer_format(client_ctx,
                                 client_cert_der_2048,
@@ -195,15 +177,15 @@ void wolfSSL_TLS_client_init(const char* cipherlist)
     wolfSSL_SetIOSend(client_ctx, my_IOSend);
 
     /* use specific cipher */
-    if (cipherlist != NULL && 
+    if (cipherlist != NULL &&
         wolfSSL_CTX_set_cipher_list(client_ctx, cipherlist) != WOLFSSL_SUCCESS) {
         wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
         printf("client can't set cipher list");
         return;
     }
-    
+
 #if defined(WOLFSSL_TLS13)
-    if (wolfSSL_CTX_UseSupportedCurve(client_ctx, WOLFSSL_ECC_SECP256R1) 
+    if (wolfSSL_CTX_UseSupportedCurve(client_ctx, WOLFSSL_ECC_SECP256R1)
                                                         != WOLFSSL_SUCCESS) {
         wolfSSL_CTX_free(client_ctx); client_ctx = NULL;
         printf("client can't set use supported curves\n");
@@ -222,11 +204,11 @@ void wolfSSL_TLS_client( )
 
     #define BUFF_SIZE 256
     static const char sendBuff[]= "Hello Server\n" ;
-    
+
     char    rcvBuff[BUFF_SIZE] = {0};
-    
+
     static T_IPV4EP my_addr = { 0, 0 };
-    
+
     T_IPV4EP dst_addr;
 
     if((dst_addr.ipaddr = getIPaddr(SIMPLE_TLSSEVER_IP)) == 0){
@@ -248,9 +230,45 @@ void wolfSSL_TLS_client( )
         goto out;
     }
 
-    #ifdef SIMPLE_TLS_TSIP_CLIENT
+#ifdef SIMPLE_TLS_TSIP_CLIENT
     tsip_set_callback_ctx(ssl, &userContext);
+#endif
+
+    /* set client private key data */
+#if defined(WOLFSSL_TLS13) && defined(SIMPLE_TLS_TSIP_CLIENT)
+    #if defined(USE_ECC_CERT)
+        if (tsip_use_PrivateKey_buffer_TLS(ssl,
+               (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
+                sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
+               TSIP_ECCP256) != 0) {
+            printf("ERROR: can't load client-private key\n");
+            return;
+        }
+    #else
+        if (tsip_use_PrivateKey_buffer_TLS(ssl,
+               (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
+               sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
+               TSIP_RSA2048) != 0) {
+            printf("ERROR: can't load client-private key\n");
+            return;
+        }
+        ret = tsip_use_PublicKey_buffer_TLS(ssl,
+                (const char*)g_key_block_data.encrypted_user_rsa2048_public_key,
+                 sizeof(g_key_block_data.encrypted_user_rsa2048_public_key),                                                            TSIP_RSA2048);
+        if (ret != 0) {
+           printf("ERROR tsip_use_PublicKey_buffer: %d\n", ret);
+           return;
+        }
     #endif
+#else
+    if (wolfSSL_use_PrivateKey_buffer(ssl,
+                                ecc_clikey_der_256,
+                                sizeof_ecc_clikey_der_256,
+                                SSL_FILETYPE_ASN1)      != WOLFSSL_SUCCESS) {
+        printf("ERROR: can't load private-key data.\n");
+        return;
+    }
+#endif /* WOLFSSL_TLS13 */
 
     /* set callback context */
     wolfSSL_SetIOReadCtx(ssl, (void *)&cepid);
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
index cb629a38..42d62359 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/test_main.c
@@ -27,7 +27,7 @@
 #include "wolfssl/wolfcrypt/types.h"
 
 #if defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
-	defined(SIMPLE_TLS_TSIP_CLIENT)
+    defined(SIMPLE_TLS_TSIP_CLIENT)
  #define SIMPLE_CLIENT
 #endif
 
@@ -251,7 +251,7 @@ void main(void)
     printf("End wolfCrypt Benchmark\n");
 #endif
 #elif defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
-	  defined(SIMPLE_TLS_TSIP_CLIENT)
+      defined(SIMPLE_TLS_TSIP_CLIENT)
     #include "r_cmt_rx_if.h"
 
     Open_tcp();
@@ -265,7 +265,7 @@ void main(void)
         #if defined(SIMPLE_TCP_CLIENT)
             simple_tcp_client();
         #elif defined(SIMPLE_TLS_CLIENT) || defined(SIMPLE_TLS_TSIP_CLIENT)
-		   if(cipherlist_sz > 0 ) printf("cipher : %s\n", cipherlist[i]);
+            if(cipherlist_sz > 0 ) printf("cipher : %s\n", cipherlist[i]);
 
            wolfSSL_TLS_client_init(cipherlist[i]);
            wolfSSL_TLS_client();
@@ -287,6 +287,23 @@ void main(void)
     wolfSSL_TLS_server();
 #endif
     Close_tcp();
+#elif defined(TSIP_CRYPT_UNIT_TEST)
+    if ((ret = wolfCrypt_Init()) != 0) {
+        printf("wolfCrypt_Init failed %d\n", ret);
+    }
+
+    printf("Start wolf tsip crypt Test\n");
+
+    printf(" \n");
+    printf(" simple crypt test by using TSIP\n");
+    tsip_crypt_test();
+
+    printf(" \n");
+    printf("End wolf tsip crypt Test\n");
+
+    if ((ret = wolfCrypt_Cleanup()) != 0) {
+        printf("wolfCrypt_Cleanup failed %d\n", ret);
+    }
 #endif
 }
 
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
index 21e9849a..c62cd4a3 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/src/wolfssl_simple_demo.h
@@ -54,7 +54,7 @@ void wolfSSL_TLS_server();
 void simple_tcp_server();
 
 #if defined(SIMPLE_TCP_CLIENT) || defined(SIMPLE_TLS_CLIENT) || \
-	defined(SIMPLE_TCP_SERVER) || defined(SIMPLE_TLS_SERVER)
+    defined(SIMPLE_TCP_SERVER) || defined(SIMPLE_TLS_SERVER)
  #define min(x,y) ((x)<(y)?(x):(y))
  int isascii(const char *s);
 #endif
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
index a0b715db..bf7fe092 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/test/test.scfg
@@ -950,11 +950,6 @@
             <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
             <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
         </configuration>
-        <configuration inuse="true" name="r_tsip_rx">
-            <component description="�存モジュール: r_bsp �ージョン 7.00&#10;Support functions: AES, GCM, CCM, CMAC, SHA, MD5, Triple-DES, ARC4, RSA, ECC, Random number generate, Key management, secure boot/secure firmware update.&#10;The &quot;.l&quot; in version number means library version." detailDescription="TSIP(Trusted Secure IP) driver." display="r_tsip_rx" id="r_tsip_rx1.15.l" version="1.15.l"/>
-            <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
-            <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
-        </configuration>
         <configuration inuse="true" name="r_bsp">
             <component description="�存モジュール: ��&#10;The r_bsp package provides a foundation for code to be built on top of. It provides startup code, iodefines, and MCU information for different boards. There are 2 folders that make up the r_bsp package. The 'mcu' folder contains files that are common to a MCU group. These files provide functionality such as easy register access, CPU functions, and a file named 'mcu_info.h' for each MCU group. The 'mcu_info.h' file has information about the MCU on the board and is configured based on the information given in r_bsp_config.h. The information in 'mcu_info.h' is used to help configure Renesas middleware that uses the r_bsp package. The 'board' folder has a folder with startup code for each supported board.  Which MCU and board is chosen is decided by the settings in 'platform.h'. The user can choose which board they are using by uncommenting the include path that applies to their board. For example, if you are using the RSK+RX64M then you would uncomment the #include &quot;./board/generic_rx64m/r_bsp.h&quot; include path. Users are encouraged to add their own boards to the 'board' directory. BSPs are configured by using the r_bsp_config.h file. Each board will have a reference configuration file named r_bsp_config_reference.h. The user should copy this file to their project, rename it to r_bsp_config.h, and use the options inside the file to configure the BSP for their project." detailDescription="Board Support Packages." display="r_bsp" id="r_bsp7.20" version="7.20">
                 <gridItem id="BSP_CFG_USER_STACK_ENABLE" selectedIndex="1"/>
@@ -1136,6 +1131,11 @@
             <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
             <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
         </configuration>
+        <configuration inuse="true" name="r_tsip_rx">
+            <component description="�存モジュール: r_bsp �ージョン 7.30&#10;Support functions: AES, GCM, CCM, CMAC, SHA, MD5, Triple-DES, ARC4, RSA, ECC, Random number generate, Key management, secure boot/secure firmware update.&#10;The &quot;.l&quot; in version number means library version." detailDescription="TSIP(Trusted Secure IP) driver." display="r_tsip_rx" id="r_tsip_rx1.18.l" version="1.18.l"/>
+            <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
+            <source description="Components supporting Firmware Integration Technology" display="Firmware Integration Technology" id="com.renesas.smc.tools.swcomponent.fit.source"/>
+        </configuration>
     </tool>
     <tool id="System">
         <section id="ocd">
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
index 2c1641be..068886b4 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/.project
@@ -80,6 +80,11 @@
 			<locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
 		</link>
 		<link>
+			<name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+		</link>
+		<link>
 			<name>wolfcrypt/port/renesas_tsip_sha.c</name>
 			<type>1</type>
 			<locationURI>PARENT-7-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
index e86cb0e8..6e8f27d1 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/Simple/wolfssl/wolfssl.rcpc
@@ -22,6 +22,7 @@
         <Category Name="port">
           <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_common.c</Path>
           <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_aes.c</Path>
+          <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_rsa.c</Path>
           <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_sha.c</Path>
           <Path>..\..\..\..\..\..\..\wolfcrypt\src\port\Renesas\renesas_tsip_util.c</Path>
         </Category>
@@ -145,6 +146,7 @@
           <Path>Debug\wolfio.obj</Path>
           <Path>Debug\renesas_common.obj</Path>
           <Path>Debug\renesas_tsip_aes.obj</Path>
+          <Path>Debug\renesas_tsip_rsa.obj</Path>
           <Path>Debug\renesas_tsip_sha.obj</Path>
           <Path>Debug\renesas_tsip_util.obj</Path>
           <Path>Debug\aes.obj</Path>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
index 9642014f..e5977870 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl/.project
@@ -80,6 +80,11 @@
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c</locationURI>
 		</link>
 		<link>
+			<name>wolfcrypt/port/renesas_tsip_rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c</locationURI>
+		</link>
+		<link>
 			<name>wolfcrypt/port/renesas_tsip_sha.c</name>
 			<type>1</type>
 			<locationURI>PARENT-6-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c</locationURI>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
index e5cd3333..516bbfe8 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/user_settings.h
@@ -28,11 +28,10 @@
  *----------------------------------------------------------------------------*/
   #define WOLFSSL_RENESAS_RX72N
 
-
 /*-- Renesas TSIP usage and its version ---------------------------------------
  *
  *  "WOLFSSL_RENESAS_TSIP" definition makes wolfSSL to use H/W acceleration
- *   for cipher operations. 
+ *   for cipher operations.
  *  TSIP definition asks to have its version number.
  *  "WOLFSSL_RENESAS_TSIP_VER" takes following value:
  *      106: TSIPv1.06
@@ -45,6 +44,7 @@
   #define WOLFSSL_RENESAS_TSIP
   #define WOLFSSL_RENESAS_TSIP_VER     117
 
+
 #if defined(SIMPLE_TLS_CLIENT) || defined(SIMPLE_TLS_SERVER)
  #undef WOLFSSL_RENESAS_TSIP
  #undef WOLFSSL_RENESAS_TSIP_VER
@@ -54,16 +54,16 @@
  *
  * wolfSSL supports TLSv1.2 by default. In case you want your system to support
  * TLSv1.3, uncomment line below.
- * 
+ *
  *----------------------------------------------------------------------------*/
 #define WOLFSSL_TLS13
 
 
 /*-- Operating System related definitions --------------------------------------
- * 
+ *
  *  In case any real-time OS is used, define its name(e.g. FREERTOS).
  *  Otherwise, define "SINGLE_THREADED". They are exclusive each other.
- *   
+ *
  *----------------------------------------------------------------------------*/
 #if !defined(RENESAS_T4_USE)
  #define FREERTOS
@@ -114,23 +114,23 @@
 
   /* USE_ECC_CERT
    * This macro is for selecting root CA certificate to load, it is valid only
-   * in example applications. wolfSSL does not refer this macro. 
-   * If you want to use cipher suites including ECDSA authentication in 
+   * in example applications. wolfSSL does not refer this macro.
+   * If you want to use cipher suites including ECDSA authentication in
    * the example applications with TSIP, enable this macro.
-   * In TSIP 1.13 or later version, following cipher suites are 
+   * In TSIP 1.13 or later version, following cipher suites are
    * available:
    * - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    * - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SAH256
-   * 
+   *
    * Note that, this macro disables cipher suites including RSA
    * authentication such as:
    * - TLS_RSA_WITH_AES_128_CBC_SHA
-   * - TLS_RSA_WITH_AES_256_CBC_SHA 
+   * - TLS_RSA_WITH_AES_256_CBC_SHA
    * - TLS_RSA_WITH_AES_128_CBC_SHA256
    * - TLS_RSA_WITH_AES_256_CBC_SHA256
    * - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    * - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA256
-   * 
+   *
    */
   #define USE_ECC_CERT
 
@@ -139,14 +139,14 @@
    */
   /*#define WOLFSSL_CHECK_SIG_FAULTS*/
 
-  /* In this example application, Root CA cert buffer named 
-   * "ca_ecc_cert_der_256" is used under the following macro definition 
+  /* In this example application, Root CA cert buffer named
+   * "ca_ecc_cert_der_256" is used under the following macro definition
    * for ECDSA.
    */
   #define USE_CERT_BUFFERS_256
 
-  /* In this example application, Root CA cert buffer named 
-   * "ca_cert_der_2048" is used under the following macro definition 
+  /* In this example application, Root CA cert buffer named
+   * "ca_cert_der_2048" is used under the following macro definition
    * for RSA authentication.
    */
   #define USE_CERT_BUFFERS_2048
@@ -157,26 +157,27 @@
  *----------------------------------------------------------------------------*/
   #define SIZEOF_LONG_LONG 8
 
+  #define WOLFSSL_SMALL_STACK
 
- /* 
+ /*
   * -- "NO_ASN_TIME" macro is to avoid certificate expiration validation --
-  *  
-  * Note. In your actual products, do not forget to comment-out 
-  * "NO_ASN_TIME" macro. And prepare time function to get calender time,
-  * otherwise, certificate expiration validation will not work.  
+  *
+  * Note. In your actual products, do not forget to comment-out
+  * "NO_ASN_TIME" macro. And prepare time function to get calendar time,
+  * otherwise, certificate expiration validation will not work.
   */
   /*#define NO_ASN_TIME*/
-  
+
   #define NO_MAIN_DRIVER
   #define BENCH_EMBEDDED
-  #define NO_WOLFSSL_DIR 
+  #define NO_WOLFSSL_DIR
   #define WOLFSSL_NO_CURRDIR
   #define NO_FILESYSTEM
   #define WOLFSSL_LOG_PRINTF
   #define WOLFSSL_HAVE_MIN
   #define WOLFSSL_HAVE_MAX
   #define NO_WRITEV
-  
+
 
   #define WOLFSSL_USER_CURRTIME /* for benchmark */
   #define TIME_OVERRIDES
@@ -209,7 +210,7 @@
 
 /*-- Definitions for functionality negation  -----------------------------------
  *
- * 
+ *
  *----------------------------------------------------------------------------*/
 
 /*#define NO_RENESAS_TSIP_CRYPT*/
@@ -220,7 +221,7 @@
 #endif
 /*-- Consistency checking between definitions  ---------------------------------
  *
- *  
+ *
  *----------------------------------------------------------------------------*/
 
 /*-- TSIP TLS specific definitions --*/
@@ -236,14 +237,28 @@
  *----------------------------------------------------------------------------*/
 
 #if defined(WOLFSSL_RENESAS_TSIP)
+    /*-- TSIP TLS and/or CRYPTONLY Definition --------------------------------*/
+    /* Enable TSIP TLS (default)
+     *   TSIP CRYPTONLY is also enabled.
+     * Disable TSIP TLS
+     *   TSIP CRYPTONLY is only enabled.
+     */
+    #define WOLFSSL_RENESAS_TSIP_TLS
 
     #if !defined(NO_RENESAS_TSIP_CRYPT)
-        #define WOLFSSL_RENESAS_TSIP_CRYPT
-        #define WOLFSSL_RENESAS_TSIP_TLS
-        #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+        #define WOLFSSL_RENESAS_TSIP_CRYPTONLY
         #define HAVE_PK_CALLBACKS
         #define WOLF_CRYPTO_CB
-        #define WOLF_PRIVATE_KEY_ID
+        #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+            #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
+            #define WOLF_PRIVATE_KEY_ID
+        #endif
+    #endif
+
+    #if !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+         defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+        # undef WOLFSSL_RENESAS_TSIP_TLS
+        # undef WOLFSSL_RENESAS_TSIP_CRYPT
     #endif
 
 #else
@@ -261,3 +276,5 @@
 
 /*-- strcasecmp */
 #define XSTRCASECMP(s1,s2) strcmp((s1),(s2))
+
+#define CUSTOM_RAND_GENERATE_BLOCK wc_tsip_GenerateRandBlock
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
index f32e119c..5d1f9136 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.c
@@ -382,15 +382,15 @@ static void Tls_client(void *pvParam)
     #if defined(USE_ECC_CERT)
     /* Client authentication using ECDSA certificate can be handled by TSIP.
      * Therefore, the client private key should be TSIP-specific format
-     * and be set by tsip_use_PrivateKey_buffer.
+     * and be set by tsip_use_PrivateKey_buffer_TLS.
      */
     if (ret == 0){
-        ret = tsip_use_PrivateKey_buffer(ssl,
+        ret = tsip_use_PrivateKey_buffer_TLS(ssl,
                 (const char*)g_key_block_data.encrypted_user_ecc256_private_key,
                 sizeof(g_key_block_data.encrypted_user_ecc256_private_key),
                 TSIP_ECCP256);
         if (ret != 0) {
-            printf("ERROR tsip_use_PrivateKey_buffer\n");
+            printf("ERROR tsip_use_PrivateKey_buffer_TLS\n");
         }
     }
 # if defined(WOLFSSL_CHECK_SIG_FAULTS)
@@ -409,16 +409,16 @@ static void Tls_client(void *pvParam)
     /* Client authentication using RSA certificate can be handled by TSIP.
      * Note that the internal verification of the signature process requires
      * not only the client's private key but also its public key, so pass them 
-     * using tsip_use_PrivateKey_buffer and tsip_use_PublicKey_buffer
+     * using tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS
      * respectively.
          */
         if (ret == 0) {
-            ret = tsip_use_PrivateKey_buffer(ssl,
+            ret = tsip_use_PrivateKey_buffer_TLS(ssl,
                (const char*)g_key_block_data.encrypted_user_rsa2048_private_key,
                sizeof(g_key_block_data.encrypted_user_rsa2048_private_key),
                                                             TSIP_RSA2048);
             if (ret != 0) {
-                printf("ERROR tsip_use_PrivateKey_buffer :%d\n", ret);
+                printf("ERROR tsip_use_PrivateKey_buffer_TLS :%d\n", ret);
             }
         }
         if (ret == 0) {
@@ -536,7 +536,7 @@ static void Tls_client_demo(void)
         "TLS13-AES128-GCM-SHA256",
         "TLS13-AES128-CCM-SHA256",
     #endif
-    	"ECDHE-ECDSA-AES128-SHA256",
+        "ECDHE-ECDSA-AES128-SHA256",
         "ECDHE-ECDSA-AES128-GCM-SHA256",
     };
     #if defined(WOLFSSL_TLS13)
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
index d621bbd3..c11e59c8 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_demo.h
@@ -45,7 +45,7 @@
     #define LIBRARY_LOG_LEVEL    LOG_INFO
 #endif
 #include "logging_stack.h"
-
+#include "wolfssl/ssl.h"
 
 /* Enable wolfcrypt test demo */
 /*#define CRYPT_TEST */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
index 35c64476..f89b48cf 100644
--- a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RX72N/EnvisionKit/wolfssl_demo/wolfssl_tsip_unit_test.c
@@ -19,6 +19,14 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#include <wolfssl_simple_demo.h>
+
+#ifdef TSIP_CRYPT_UNIT_TEST
+
+#include "r_bsp_config.h"
+#if BSP_CFG_USTACK_BYTES < 0x4000
+#    error "more than 0x4000 stack needed to run the unit tests."
+#endif
 
 #include <stdio.h>
 #include <string.h>
@@ -28,6 +36,7 @@
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
 #else
@@ -36,12 +45,14 @@
 #endif
 #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 
+#ifdef FREERTOS
 #include "FreeRTOS.h"
-#if defined(FREERTOS_TCP)
+# if defined(FREERTOS_TCP)
     #include "FreeRTOS_IP.h"
     #include "FreeRTOS_Sockets.h"
     #include "platform/iot_network.h"
     #include "platform.h"
+# endif
 #endif
 
 #ifndef NO_SHA
@@ -59,7 +70,7 @@
                           printf(" passed \n");\
                          else \
                           printf(" failed \n");
-
+#ifdef FREERTOS
 static xSemaphoreHandle exit_semaph;
 static byte exit_loop = 0;
 static byte sha_multTst_rslt = 0;
@@ -68,26 +79,55 @@ static byte Aes128_Cbc_multTst_rslt = 0;
 static byte Aes256_Cbc_multTst_rslt = 0;
 static byte Aes128_Gcm_multTst_rslt = 0;
 static byte Aes256_Gcm_multTst_rslt = 0;
+#endif /* FREERTOS */
 
 #if defined(HAVE_AES_CBC)
 
-#if defined(WOLFSSL_AES_128)
-static tsip_aes_key_index_t g_user_aes128_key_index1;
-static tsip_aes_key_index_t g_user_aes128_key_index2;
-#endif
+# if defined(WOLFSSL_AES_128)
+ static tsip_aes_key_index_t g_user_aes128_key_index1;
+ static tsip_aes_key_index_t g_user_aes128_key_index2;
+# endif
 
-#if defined(WOLFSSL_AES_256)
-static tsip_aes_key_index_t g_user_aes256_key_index1;
-static tsip_aes_key_index_t g_user_aes256_key_index2;
-#endif
+# if defined(WOLFSSL_AES_256)
+ static tsip_aes_key_index_t g_user_aes256_key_index1;
+ static tsip_aes_key_index_t g_user_aes256_key_index2;
+# endif
 
 #endif
 
+
+
 typedef struct tagInfo
 {
     tsip_aes_key_index_t aes_key;
 } Info;
 
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ static TsipUserCtx userContext;
+
+ void Clr_CallbackCtx(TsipUserCtx *g)
+ {
+
+     if (g->rsa1024pri_keyIdx != NULL)
+         XFREE(g->rsa1024pri_keyIdx,
+                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+     if (g->rsa1024pub_keyIdx != NULL)
+         XFREE(g->rsa1024pub_keyIdx,
+                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+     if (g->rsa2048pri_keyIdx != NULL)
+         XFREE(g->rsa2048pri_keyIdx,
+                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+     if (g->rsa2048pub_keyIdx != NULL)
+         XFREE(g->rsa2048pub_keyIdx,
+                             NULL, DYNAMIC_TYPE_TMP_BUFFER);
+     XMEMSET(g, 0, sizeof(TsipUserCtx));
+ }
+
+#endif
+
 #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
 
 static int tsip_aes_cbc_test(int prnt, tsip_aes_key_index_t* aes_key)
@@ -160,6 +200,7 @@ static int tsip_aes_cbc_test(int prnt, tsip_aes_key_index_t* aes_key)
     return ret;
 }
 
+#ifdef FREERTOS
 static void tskAes128_Cbc_Test(void *pvParam)
 {
     int ret = 0;
@@ -177,7 +218,7 @@ static void tskAes128_Cbc_Test(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 }
-
+#endif /* FREERTOS */
 #endif
 
 #ifdef WOLFSSL_AES_256
@@ -212,6 +253,7 @@ static int tsip_aes256_test(int prnt, tsip_aes_key_index_t* aes_key)
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
         0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
     };
+    (void)verify;
 
     if (prnt)
         printf(" tsip_aes256_test() ");
@@ -276,7 +318,7 @@ out:
     
     return ret;
 }
-
+#ifdef FREERTOS
 static void tskAes256_Cbc_Test(void *pvParam)
 {
     int ret = 0;
@@ -294,7 +336,7 @@ static void tskAes256_Cbc_Test(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 }
-
+#endif /* FREERTOS */
 #endif /* WOLFSSL_AES_256 */
 
 #if defined(WOLFSSL_AES_256)
@@ -368,6 +410,8 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
     int  ret;
 
     (void) result;
+    (void) c1;
+    (void) t1;
 
     if (prnt) {
         printf(" tsip_aes256_gcm_test() ");
@@ -467,7 +511,7 @@ static int tsip_aesgcm256_test(int prnt, tsip_aes_key_index_t* aes256_key)
     
     return ret;
 }
-
+#ifdef FREERTOS
 static void tskAes256_Gcm_Test(void *pvParam)
 {
     int ret = 0;
@@ -485,6 +529,7 @@ static void tskAes256_Gcm_Test(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 }
+#endif /* FREERTOS */
 #endif
 
 #if defined(WOLFSSL_AES_128)
@@ -539,7 +584,8 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
     int ret;
 
     (void) result;
-
+    (void) c3;
+    (void) t3;
     if (prnt) {
         printf(" tsip_aes128_gcm_test() ");
     }
@@ -602,7 +648,7 @@ static int tsip_aesgcm128_test(int prnt, tsip_aes_key_index_t* aes128_key)
     
     return ret;
 }
-
+#ifdef FREERTOS
 static void tskAes128_Gcm_Test(void *pvParam)
 {
     int ret = 0;
@@ -620,69 +666,11 @@ static void tskAes128_Gcm_Test(void *pvParam)
     xSemaphoreGive(exit_semaph);
     vTaskDelete(NULL);
 }
-
+#endif /* FREERTOS */
 #endif
 
-int tsip_crypt_test()
-{
-    int ret = 0;
-    e_tsip_err_t tsip_error_code;
-
-    /* Generate AES tsip Key */
-    tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
-                &g_user_aes128_key_index1);
-    
-    if (tsip_error_code == TSIP_SUCCESS)
-    tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
-                &g_user_aes128_key_index2);
-                        
-    if (tsip_error_code == TSIP_SUCCESS)
-    tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
-                &g_user_aes256_key_index1);
-    
-    if (tsip_error_code == TSIP_SUCCESS)
-    tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
-                &g_user_aes256_key_index2);
-                            
-    if (tsip_error_code == TSIP_SUCCESS) {
 
-   #ifndef NO_SHA
-        printf(" sha_test()");
-        ret = sha_test();
-        RESULT_STR(ret)
-   #endif
-
-   #ifndef NO_SHA256
-        printf(" sha256_test()");
-        ret = sha256_test();
-        RESULT_STR(ret)
-   #endif
-
-        ret = tsip_aes_cbc_test(1, &g_user_aes128_key_index1);
-
-        if (ret == 0) {
-
-            ret = tsip_aes256_test(1, &g_user_aes256_key_index1);
-
-        }
-
-        if (ret == 0) {
-
-            ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
-
-        }
-        
-        if (ret == 0) {
-
-            ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
-
-        }
-    }
-    else
-        ret = -1;
-
-    return ret;
-}
+#ifdef FREERTOS
 
 #ifndef NO_SHA
 
@@ -722,7 +710,102 @@ static void tskSha256_Test(void *pvParam)
     vTaskDelete(NULL);
 }
 #endif
+#endif /* FREERTOS */
+
+#if !defined(NO_RSA)
+
+/* testing rsa sign/verify w/ rsa 2048 bit key */
+#define TEST_STRING     "Everyone gets Friday off."
+#define TEST_STRING2    "Everyone gets Friday ofv."
+#define TEST_STRING_SZ   25
+#define RSA_TEST_BYTES   256 /* up to 2048-bit key */
+
+static int tsip_rsa_SignVerify_test(int prnt, int keySize)
+{
+    int ret = 0;
+
+    RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    WC_RNG rng;
+    const char inStr [] = TEST_STRING;
+    const char inStr2[] = TEST_STRING2;
+    const word32 inLen = (word32)TEST_STRING_SZ;
+    const word32 outSz = RSA_TEST_BYTES;
+
+    byte *in = NULL;
+    byte *in2 = NULL;
+    byte *out= NULL;
+
+    in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    (void) prnt;
+
+    if (key == NULL || in == NULL || out == NULL) {
+        ret = -1;
+        goto out;
+    }
+
+    XMEMSET(&rng, 0, sizeof(rng));
+    XMEMSET(key, 0, sizeof *key);
+    XMEMCPY(in, inStr, inLen);
+    XMEMCPY(in2, inStr2, inLen);
+
+    ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+    if (ret != 0) {
+        goto out;
+    }
+
+    if ((ret = wc_InitRng(&rng)) != 0)
+        goto out;
+
+    if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+        goto out;
+
+    /* make rsa key by SCE */
+    if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+        goto out;
+    }
+
+    ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
+    if (ret < 0) {
+        goto out;
+    }
 
+    /* this should fail */
+    ret = wc_RsaSSL_Verify(in2, inLen, out, keySize/8, key);
+    if (ret != SIG_VERIFY_E) {
+        ret = -1;
+        goto out;
+    }
+    /* this should succeed */
+    ret = wc_RsaSSL_Verify(in, inLen, out, keySize/8, key);
+    if (ret < 0) {
+        ret = -1;
+        goto out;
+    }
+    ret = 0;
+  out:
+    if (key != NULL) {
+        wc_FreeRsaKey(key);
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in != NULL) {
+        XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in2 != NULL) {
+        XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (out != NULL) {
+        XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+
+    return ret;
+}
+#endif /* NO_RSA */
+
+
+#ifdef TSIP_MULTIUNIT_TEST
 int tsip_crypt_sha_multitest()
 {
     int ret = 0;
@@ -1018,4 +1101,109 @@ int tsip_crypt_Sha_AesCbcGcm_multitest()
 
     return ret;
 }
+#endif
+
+
+int tsip_crypt_test()
+{
+    int ret = 0;
+    e_tsip_err_t tsip_error_code;
+
+    /* Generate AES tsip Key */
+    tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
+                &g_user_aes128_key_index1);
+
+    if (tsip_error_code == TSIP_SUCCESS)
+    tsip_error_code = R_TSIP_GenerateAes128RandomKeyIndex(
+                &g_user_aes128_key_index2);
+
+    if (tsip_error_code == TSIP_SUCCESS)
+    tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
+                &g_user_aes256_key_index1);
+
+    if (tsip_error_code == TSIP_SUCCESS)
+    tsip_error_code = R_TSIP_GenerateAes256RandomKeyIndex(
+                &g_user_aes256_key_index2);
+
+    if (tsip_error_code == TSIP_SUCCESS) {
+
+   #ifndef NO_SHA
+        printf(" sha_test()");
+        ret = sha_test();
+        RESULT_STR(ret)
+   #endif
+
+   #ifndef NO_SHA256
+        printf(" sha256_test()");
+        ret = sha256_test();
+        RESULT_STR(ret)
+   #endif
+
+        ret = tsip_aes_cbc_test(1, &g_user_aes128_key_index1);
+
+        if (ret == 0) {
+
+            ret = tsip_aes256_test(1, &g_user_aes256_key_index1);
+
+        }
+
+        if (ret == 0) {
+
+            ret = tsip_aesgcm128_test(1, &g_user_aes128_key_index1);
+
+        }
+
+        if (ret == 0) {
+
+            ret = tsip_aesgcm256_test(1, &g_user_aes256_key_index1);
+
+        }
+   #if defined(WOLFSSL_KEY_GEN)&& \
+       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+
+        if (ret == 0) {
+
+            Clr_CallbackCtx(&userContext);
+
+            ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &userContext);
+
+            if (ret > 0)
+                ret = 0;
+        }
+
+        if (ret == 0) {
+
+            printf(" tsip_rsa_SignVerify_test(1024)");
+
+            userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA1024;
+            userContext.sing_hash_type = sha256_mac;
+            userContext.keyflgs_crypt.bits.message_type = 0;
+
+            ret = tsip_rsa_SignVerify_test(1, 1024);
+            RESULT_STR(ret)
+        }
+
+        Clr_CallbackCtx(&userContext);
+
+        if (ret == 0) {
+            printf(" tsip_rsa_SignVerify_test(2048)");
+
+            userContext.wrappedKeyType = TSIP_KEY_TYPE_RSA2048;
+            userContext.sing_hash_type = sha256_mac;
+            userContext.keyflgs_crypt.bits.message_type = 0;
+
+            ret = tsip_rsa_SignVerify_test(1, 2048);
+            RESULT_STR(ret)
+        }
+
+        Clr_CallbackCtx(&userContext);
+   #endif
+    }
+    else
+        ret = -1;
+
+
+    return ret;
+}
 
+#endif /* TSIP_CRYPT_UNIT_TEST */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md
new file mode 100644
index 00000000..55df4f2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/README.md
@@ -0,0 +1,538 @@
+wolfSSL for Renesas RZN2L Board
+=================================================
+
+## Description
+
+This directory contains e2studio projects targeted at the Renesas RZ MCUs.
+The example projects include a wolfSSL TLS client and server.
+They also include benchmark and cryptography tests for the wolfCrypt library.
+
+The example project contains both the wolfSSL and wolfCrypt libraries.
+It is built as a `Renesas RZ/N C/C++ FSP Project` and contains the Renesas RZ
+configuration. The wolfssl project uses `Renesas Secure IP on RZ`
+as hardware acceleration for cyptography.
+
+**Limitation**
+
+Due to lacking of TLS related feature on RSIP driver version, TLS connection examples below use `SHA` and `Random generation` of RSIP driver.
+
+The example project summary is listed below and is relevant for every project.
+
+### Project Summary
+|Item|Name/Version|
+|:--|:--|
+|Board|RZN2L|
+|Device|R9A07G084M04GBG|
+|Toolchain|GCC for Renesas RZ|
+|Toolchain Version|10.3.1.20210824|
+|FSP Version|1.2.0|
+
+#### Selected software components
+
+|Components|Version|Note|
+|:--|:--|:--|
+|Board Support Package Common Files|v1.20||
+|I/O Port|v1.2.0||
+|Arm CMSIS Version 5 - Core (M)|v5.7.0+renesas.1||
+|Board support package for R9A07G084M04GBG|v1.2.0||
+|Board support package for RZN2L|v1.2.0||
+|Board support package for RZN2L - FSP Data|v1.2.0||
+|RSK+RZN2L Board Support Files (RAM execution without flash memory)|v1.2.0||
+|FreeRTOS - Buffer Allocation 2|v1.2.0||
+|FreeRTOS - Memory Management - Heap 4|v1.2.0||
+|FreeRTOS+TCP|v1.2.0||
+|Ethernet PHY |v1.2.0||
+|Ethernet Selector|v1.2.0||
+|Ethernet|v1.2.0||
+|Ethernet Switch|v1.2.0||
+|SCI UART|v1.2.0||
+|r_ether to FreeRTOS+TCP Wrapper|v1.2.0||
+|Renesas Secure IP Driver|v1.3.0+fsp.1.2.0|Need to contact Renesas to get RSIP module|
+|RSIP Engine for RZ/N2L|v1.3.0+fsp.1.2.0|Need to contact Renesas to get RSIP module|
+
+
+## Setup Steps and Build wolfSSL Library
+
+1.) Import  projects from [File]->[Open projects from File System]
+
++ Select folder at /path/to/wolfssl/IDE/Renesas/e2studio/RZN2L/test
+
+2.) Create a `dummy_application` Renesas RZ/N C/C++ FSP Project.
+
++ Click File->New->`RZ/N C/C++ FSP Project`.
++ Enter project name `dummy_application`.
++ Select Board: to `RSK+RZN2L (RAM execution without flash memory)`.
++ Select Device: to `R9A07G084M04GBG`. Click Next.
++ Check to `Executable`
++ Select FreeRTOS from RTOS selection. Click Finish.
++ Check `FreeRTOS minimal - Static Allocation`. Click Finish.
++ Open FSP Configurator by clicking configuration.xml in the project -->
++ Go to `Stacks` tab
++ Add new thread by clicking `New Thread`, and set properties below
+
+|Property|Value|
+|:--|:--|
+|Thread Symbol|rzn2l_tst_thread|
+|Thread Name|rzn2l_tst_thread|
+|Thread Stack size|increase depending on your environment<br> e.g. 0xA000|
+|Thread MemoryAllocation|Dyamic|
+|Common General Use Mutexes|Enabled|
+|Common General Enable Backward Compatibility|Enabled|
+|Common Memory Allocation Support Dynamic Allocation|Enabled|
+|Common Memory Allocation Total Heap Size|increase depending on your environment<br> e.g. 0x20000|
+
++ Add `Heap 4` stack to rzn2l_tst_thread from `New Stack` -> `FreeRTOS` -> `FreeRTOS Heap 4`
++ Add `UART Driver` stack to rzn2l_tst_thread from `New Stack` -> `Connectivity` -> `UART Driver`
++ Add `FreeRTOS + TCP` stack to rzn2l_tst_thread from `New Stack` -> -> `FreeRTOS` -> `Libraries` -> `FreeRTOS+TCP` and set properties
+
++ Save `dummy_application` FSP configuration
++ Copy <u>configuration.xml</u> under `dummy_application` to `test_RZN2L`
++ Open FSP configuration by clicking copied configuration.xml at `test_RZN2L`
++ Click `Generate Project Content` on FSP configuration GUI
+
+3.) Prepare UART to logging
+
++ Download Sample package from [BACnet Start-Up](https://www.renesas.com/us/en/products/microcontrollers-microprocessors/rz-mpus/bacnet-start-rzn2l-rsk)
++ Copy the following C source files from the project to src/serial_io folder of `test_RZN2L`
+      + um_serial_io_uart.c
+      + um_serial_io_task_writer.c
+      + um_serial_io_cfg.h
+      + um_common_api.h
+      + um_common_cfg.h
+      + um_serial_io.c
+      + um_serial_io.h
+      + um_serial_io_api.h
+      + um_serial_io_internal.h
++ Open um_serial_io_task_writer.c and re-name printf to uart_printf
+
+3.) Build `test_RZN2L` project
+
+## Run `test_RZN2L`
+
+1). Right click the project and Select menu `Debug` -> `Renesas GDB Hardware debugging`
+
+2). Select J-Link ARM and R9A07G084M04
+
+3). Break at Entory point. Change `cpsr` register value from 0xXXXXX1yy to 0xXXXXX1da
+
+## Run TLS 1.3 Client
+1.) Enable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_CLIENT` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Client IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4]          = { 192, 168, 11, 241 };
+```
++ Server IP address can be changed by the following line in wolf_client.c.
+```
+#define SERVER_IP    "192.168.11.65"
+```
+
+3.) Build test_RZN2L project
+
+4.) Prepare peer wolfssl server
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
++ Run peer wolfSSL server
+
++ RSA sign and verify use, launch server with the following option
+```
+$./examples/server/server -b -d -i -v 4
+```
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server with the following option.
+```
+$./examples/server/server -b -d -i -v 4 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem
+```
+
+5.) Run the example Client
+
+You will see the following message on a UART terminal when using RSA sign and verify or ECDSA sign and verify.
+```
+ Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect. <-- A number of messages will be showed by depending on number of connection failures.
+ Start to connect to the server.
+  Cipher : TLS13-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+  Cipher : TLS13-AES256-GCM-SHA384
+ Received: I hear you fa shizzle!
+
+ End of Client Example
+```
+
+## Run TLS 1.2 Client
+1.) Disable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_CLIENT` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Client IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4]          = { 192, 168, 11, 241 };
+```
++ Server IP address can be changed by the following line in wolf_client.c.
+```
+#define SERVER_IP    "192.168.11.65"
+```
+
+3.) Build test_RZN2L project
+
+4.) Prepare peer wolfssl server
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
++ Run peer wolfSSL server
+
++ RSA sign and verify use, launch server with the following option
+```
+$./examples/server/server -b -d -i -v 3
+```
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server with the following option.
+```
+$./examples/server/server -b -d -i -v 3 -c ./certs/server-ecc.pem -k ./certs/ecc-key.pem
+```
+
+5.) Run the example Client
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect.
+ Start to connect to the server.
+  Cipher : ECDHE-RSA-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+  Cipher : ECDHE-RSA-AES256-SHA
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+  Cipher : ECDHE-RSA-AES128-SHA256
+ Received: I hear you fa shizzle!
+
+
+ End of Client Example
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Connection to 192.168.11.65 port(11111)
+ Error [-116]: FreeRTOS_connect.
+ Start to connect to the server.
+  Cipher : ECDHE-ECDSA-AES128-GCM-SHA256
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+  Cipher : ECDHE-ECDSA-AES256-SHA
+ Received: I hear you fa shizzle!
+
+ Start to connect to the server.
+  Cipher : ECDHE-ECDSA-AES128-SHA256
+ Received: I hear you fa shizzle!
+
+
+ End of Client Example
+```
+
+## Run TLS 1.3 Server
+1.) Enable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_SERVER` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Server IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4]          = { 192, 168, 11, 241 };
+```
+
+3.) Build test_RZN2L project
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server from e2studio
+
+4.) Prepare peer wolfssl client
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
+5.) Run peer wolfSSL client
+
++ RSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+```
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
++ ECDSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem  -k ./certs/ecc-client-key.pem
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 4 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem  -k ./cert
+s/ecc-client-key.pem
+SSL version is TLSv1.3
+SSL cipher suite is TLS_AES_128_GCM_SHA256
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
+## Run TLS 1.2 Server
+1.) Disable `WOLFSSL_TLS13` macro in `user_settings.h`
+
+2.) Enable `TLS_SERVER` macro in `wolfssl_demo.h` of test_RZN2L project
+
+3.) Client IP address and Server IP address
+
++ Server IP address can be changed by the following line in `rzn2l_tst_thread_entry.c`.
+```
+static const byte ucIPAddress[4]          = { 192, 168, 11, 241 };
+```
+
+3.) Build test_RZN2L project
+
++ For ECDSA sign and verify use,
+Enable the `USE_CERT_BUFFER_256` macro in `wolfssl_demo.h`
+Disable the `USE_CERT_BUFFER_2048` macro in `wolfssl_demo.h`
+
++ launch server from e2studio
+
+4.) Prepare peer wolfssl client
+
++ On Linux
++ Clone wolfssl from [github repository](https://github.com/wolfssl/wolfssl.git)
+```
+$ ./autogen.sh
+$ ./configure
+$ make
+```
+
+5.) Run peer wolfSSL client
+
++ RSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 4
+```
+
+You will see the following message on a UART terminal when using RSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 3
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+
++ ECDSA sign and verify use, run peer client with the following option
+```
+$./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem  -k ./certs/ecc-client-key.pem
+```
+
+You will see the following message on a UART terminal when using ECDSA sign and verify.
+```
+Started Serial I/O interface.
+ Start TLS Accept at 192.168.011.241 port(11111)
+Received: hello wolfssl!
+Cleaning up socket and wolfSSL objects.
+Waiting connection....
+```
+You will see the following message on Linux terminal.
+```
+$ ./examples/client/client -h 192.168.11.241 -p 11111 -v 3 -A ./certs/ca-ecc-cert.pem -c ./certs/client-ecc-cert.pem  -k ./certs/ecc-client-key.pem
+SSL version is TLSv1.2
+SSL cipher suite is TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
+SSL curve name is SECP256R1
+I hear ya fa s
+```
+## Run Crypt test
+1.) Enable `CRYPT_TEST` macro in `wolfssl_demo.h`
+
+2.) Run `test_RZN2L` from e2studio
+
+Sample Output
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.3
+------------------------------------------------------------------------------
+error    test passed!
+MEMORY   test passed!
+base64   test passed!
+asn      test passed!
+RANDOM   test passed!
+MD5      test passed!
+MD4      test passed!
+SHA      test passed!
+SHA-224  test passed!
+SHA-256  test passed!
+SHA-384  test passed!
+SHA-512  test passed!
+SHA-512/224  test passed!
+SHA-512/256  test passed!
+Hash     test passed!
+HMAC-MD5 test passed!
+HMAC-SHA test passed!
+HMAC-SHA224 test passed!
+HMAC-SHA256 test passed!
+HMAC-SHA384 test passed!
+HMAC-SHA512 test passed!
+HMAC-KDF    test passed!
+TLSv1.3 KDF test passed!
+DES      test passed!
+DES3     test passed!
+AES      test passed!
+AES256   test passed!
+AES-GCM  test passed!
+RSA      test passed!
+PWDBASED test passed!
+ECC      test passed!
+ECC buffer test passed!
+CURVE25519 test passed!
+logging  test passed!
+time test passed!
+mutex    test passed!
+crypto callback test passed!
+Test complete
+ End wolfCrypt Test
+```
+
+**Note**
+`SHA1/224/256/384/512` and `Random generation` of RSIP driver are enabled at the sampele output above while running wolfCrypt test.
+
+## Run Benchmark
+
+1.) Enable `BENCHMARK` macro in `wolfssl_demo.h`
+
+2.) Run `test_RZN2L` from e2studio
+
+Sample Output
+```
+Started Serial I/O interface. Start wolfCrypt Benchmark
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                      2.0 MiB took 1.000 seconds, 2.393 MiB/s
+AES-128-CBC-enc          2.0 MiB took 1.009 seconds, 2.032 MiB/s
+AES-128-CBC-dec          2.0 MiB took 1.002 seconds, 2.022 MiB/s
+AES-192-CBC-enc          1.1 MiB took 1.001 seconds, 1.732 MiB/s
+AES-192-CBC-dec          1.1 MiB took 1.008 seconds, 1.720 MiB/s
+AES-256-CBC-enc          1.1 MiB took 1.014 seconds, 1.517 MiB/s
+AES-256-CBC-dec          1.1 MiB took 1.008 seconds, 1.502 MiB/s
+AES-128-GCM-enc          675.0 KiB took 1.023 seconds, 659.824 KiB/s
+AES-128-GCM-dec          675.0 KiB took 1.022 seconds, 660.470 KiB/s
+AES-192-GCM-enc          625.0 KiB took 1.000 seconds, 625.000 KiB/s
+AES-192-GCM-dec          650.0 KiB took 1.039 seconds, 625.602 KiB/s
+AES-256-GCM-enc          600.0 KiB took 1.008 seconds, 595.238 KiB/s
+AES-256-GCM-dec          600.0 KiB took 1.007 seconds, 595.829 KiB/s
+AES-128-GCM-enc-no_AAD   675.0 KiB took 1.012 seconds, 666.996 KiB/s
+AES-128-GCM-dec-no_AAD   675.0 KiB took 1.011 seconds, 667.656 KiB/s
+AES-192-GCM-enc-no_AAD   650.0 KiB took 1.029 seconds, 631.681 KiB/s
+AES-192-GCM-dec-no_AAD   650.0 KiB took 1.028 seconds, 632.296 KiB/s
+AES-256-GCM-enc-no_AAD   625.0 KiB took 1.040 seconds, 600.962 KiB/s
+AES-256-GCM-dec-no_AAD   625.0 KiB took 1.039 seconds, 601.540 KiB/s
+GMAC Default             977.0 KiB took 1.000 seconds, 977.000 KiB/s
+3DES                     450.0 KiB took 1.022 seconds, 440.313 KiB/s
+MD5                      12.1 MiB took 1.001 seconds, 12.756 MiB/s
+SHA                      21.0 MiB took 1.000 seconds, 21.240 MiB/s
+SHA-224                  21.0 MiB took 1.000 seconds, 21.069 MiB/s
+SHA-256                  20.1 MiB took 1.000 seconds, 20.923 MiB/s
+SHA-384                  19.1 MiB took 1.000 seconds, 19.604 MiB/s
+SHA-512                  19.1 MiB took 1.001 seconds, 19.561 MiB/s
+SHA-512/224              19.1 MiB took 1.000 seconds, 19.873 MiB/s
+SHA-512/256              19.1 MiB took 1.000 seconds, 19.751 MiB/s
+HMAC-MD5                 12.0 MiB took 1.000 seconds, 12.451 MiB/s
+HMAC-SHA                 19.1 MiB took 1.001 seconds, 19.512 MiB/s
+HMAC-SHA224              19.0 MiB took 1.000 seconds, 19.385 MiB/s
+HMAC-SHA256              19.0 MiB took 1.001 seconds, 19.219 MiB/s
+HMAC-SHA384              18.0 MiB took 1.000 seconds, 18.018 MiB/s
+HMAC-SHA512              17.1 MiB took 1.000 seconds, 17.944 MiB/s
+PBKDF2                   224.0 bytes took 1.044 seconds, 214.559 bytes/s
+RSA     2048   public        40 ops took 1.020 sec, avg 25.500 ms, 39.216 ops/sec
+RSA     2048  private         2 ops took 3.196 sec, avg 1598.000 ms, 0.626 ops/sec
+ECC   [      SECP256R1]   256  key gen         2 ops took 2.196 sec, avg 1097.1000 ms, 0.911 ops/sec
+ECDHE [      SECP256R1]   256    agree         2 ops took 2.186 sec, avg 1093.000 ms, 0.915 ops/sec
+ECDSA [      SECP256R1]   256     sign         2 ops took 2.215 sec, avg 1107.500 ms, 0.903 ops/sec
+ECDSA [      SECP256R1]   256   verify         2 ops took 4.210 sec, avg 2105.000 ms, 0.475 ops/sec
+CURVE  25519  key gen         3 ops took 1.255 sec, avg 418.333 ms, 2.390 ops/sec
+CURVE  25519    agree         4 ops took 1.672 sec, avg 418.000 ms, 2.392 ops/sec
+Benchmark complete
+ End wolfCrypt Benchmark
+```
+**Note**
+`SHA1/224/256/384/512` and `Random generation` of RSIP driver are enabled at the sampele output above.
+## Support
+
+For support inquiries and questions, please email support@wolfssl.com. Feel free to reach out to info@wolfssl.jp as well.
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h
new file mode 100644
index 00000000..48e45224
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/user_settings.h
@@ -0,0 +1,115 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+/* Operating Environment and Threading */
+#if defined(WOLFSSL_RENESAS_RSIP)
+    /* FSP SM stands for Flexible Software Package Security Module
+    *  WOLFSSL_RENESAS_FSPSM enables fundamental code when it uses.
+    *    e.g. Open/Close/Random generator
+    *  WOLFSSL_RENESAS_FSPSPM_TLS enables TLS related code for FSP SM
+    *    e.g. Certificate verification, Master Secret Generation
+    *  WOLFSSL_RENESAS_SCEPROTECT enables specific code for SCE if needed
+    */
+    #define    WOLFSSL_RENESAS_FSPSM
+    /* Not yet supported TLS related capabilities */
+    /* #   define WOLFSSL_RENESAS_FSPSM_TLS */
+
+#endif
+
+    /* XXX_CRYPTONLY definition enables FSP SM module for Crypto only use.
+    *  Therefore, it disables TLS related API use
+    */
+/* #define WOLFSSL_RENESAS_RSIP_CRYPTONLY */
+
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+    #undef  WOLFSSL_RENESAS_FSPSM_TLS
+    #define WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+
+    #if !defined(WOLFSSL_RENESAS_RSPI)
+        #define WOLFSSL_RENESAS_RSPI
+    #endif
+#endif
+
+#define FREERTOS
+#define FREERTOS_TCP
+
+#define NO_MAIN_DRIVER
+#define BENCH_EMBEDDED
+#define NO_WRITEV
+#define WOLFSSL_NO_FLOAT_FMT
+
+#define NO_DEV_RANDOM
+#define SIZEOF_LONG_LONG 8
+#define NO_WOLFSSL_DIR
+#define WOLFSSL_NO_CURRDIR
+#define NO_WOLF_C99
+#define NO_MULTIBYTE_PRINT
+#define NO_FILESYSTEM
+
+#define XVALIDATEDATE(d, f,t) (0)
+
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+#define HAVE_AESGCM
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHA512
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define CURVE25519_SMALL
+
+#define WOLFSSL_SMALL_STACK
+#define USE_FAST_MATH
+
+/* static RSA */
+#define WOLFSSL_STATIC_RSA
+
+/* Enable to use TLS1.3 */
+#define WOLFSSL_TLS13
+
+#if defined(WOLFSSL_TLS13)
+    #include <sys/time.h>
+    #define HAVE_FFDHE_2048
+    #define HAVE_HKDF
+    #define WC_RSA_PSS
+    #define HAVE_TLS_EXTENSIONS
+    #define HAVE_SUPPORTED_CURVES
+#endif
+
+#define WOLF_CRYPTO_CB
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+    #define HAVE_RENESAS_SYNC
+    #define WC_USE_DEVID 7890
+    #define NO_AES_192
+    #define NO_SW_BENCH
+#endif
+
+#if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+    #define WOLFSSL_KEY_GEN
+#endif
+
+int uart_printf (const char *__restrict format, ...);
+#undef printf
+#define printf uart_printf
+
+#define TEST_SLEEP() vTaskDelay(50)
+#define CUSTOM_RAND_GENERATE_BLOCK wc_fspsm_GenerateRandBlock
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
new file mode 100644
index 00000000..9f5a8cd0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
@@ -0,0 +1,108 @@
+/* wolfssl_demo.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef WOLFSSL_DEMO_H_
+#define WOLFSSL_DEMO_H_
+
+#include <wolfssl/ssl.h>
+#include "FreeRTOS_IP.h"
+#include "FreeRTOS_Sockets.h"
+
+#define FREQ 10000 /* Hz */
+
+/* Client connects to the server with these details. */
+#define SERVER_IP    "192.168.11.65"
+#define DEFAULT_PORT 11111
+
+typedef struct tagTestInfo
+{
+     int  id;
+     int  port;
+     char name[32];
+     const char* cipher;
+     WOLFSSL_CTX* ctx;
+} TestInfo;
+
+/* Enable Crypt Unit Test */
+/* #define UNIT_TEST */
+
+/* Enable wolfcrypt test */
+/* can be enabled with benchmark test */
+#define CRYPT_TEST
+
+/* Enable benchmark               */
+/* can be enabled with cyrpt test */
+/* #define BENCHMARK */
+
+/* Enable TLS client */
+/* #define TLS_CLIENT */
+
+/* Enable TLS Server */
+/* #define TLS_SERVER */
+
+#if defined(TLS_CLIENT)
+    extern WOLFSSL_CTX *client_ctx;
+
+    /* Use RSA certificates */
+    #define USE_CERT_BUFFERS_2048
+    /* Use ECC certificates */
+    /*#define USE_CERT_BUFFERS_256*/
+#endif
+
+#if defined(TLS_SERVER)
+    extern WOLFSSL_CTX *server_ctx;
+
+    /* Use RSA certificates */
+    #define USE_CERT_BUFFERS_2048
+    /* Use ECC certificates */
+    /*#define USE_CERT_BUFFERS_256*/
+#endif
+
+#if defined(USE_CERT_BUFFERS_2048) && defined(USE_CERT_BUFFERS_256)
+    #error please set either macro USE_CERT_BUFFERS_2048 or USE_CERT_BUFFERS_256
+#endif
+
+#define FR_SOCKET_SUCCESS 0
+
+static void util_Cleanup(WOLFSSL_CTX *ctx, WOLFSSL *ssl) {
+    printf("Cleaning up socket and wolfSSL objects.\n");
+    if (ssl != NULL)
+        wolfSSL_free(ssl);
+    if (ctx != NULL)
+        wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+}
+
+static inline void util_inf_loop(WOLFSSL_CTX *ctx, WOLFSSL *ssl) {
+    util_Cleanup(ctx, ssl);
+    printf("Reached infinite loop.\n");
+    while (1)
+        ;
+}
+
+void TCPInit();
+void wolfSSL_TLS_client_init();
+int wolfSSL_TLS_client_do(void *pvParam);
+void wolfSSL_TLS_server_init();
+int wolfSSL_TLS_server_do(void *pvParam);
+void wolfSSL_TLS_cleanup();
+
+#endif /* WOLFSSL_DEMO_H_ */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am
new file mode 100644
index 00000000..af40725c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/README.md
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/.cproject
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/.project
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/common/wolfssl_demo.h
+EXTRA_DIST+= IDE/Renesas/e2studio/RZN2L/common/user_settings.h
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject
new file mode 100644
index 00000000..98caa784
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.cproject
@@ -0,0 +1,1219 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?fileVersion 4.0.0?><cproject storage_type_id="org.eclipse.cdt.core.XmlProjectDescriptionStorage">
+	<storageModule moduleId="org.eclipse.cdt.core.settings">
+		<cconfiguration id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794" moduleId="org.eclipse.cdt.core.settings" name="Debug">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo">
+				<option id="toolchain.id" value="gcc-arm-embedded"/>
+				<option id="toolchain.version" value="10.3.1.20210824"/>
+				<option id="toolchain.enable" value="true"/>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" description="" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794" name="Debug" parent="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update">
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1646034880" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.dwarf4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName" value="R9A07G084M04GBG" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-r52" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.neonfparmv8" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.235609987" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/test_RZN2L}/Debug" id="com.renesas.cdt.managedbuild.gcc.rz.builder.371425022" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="GCC for Renesas Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gcc.rz.builder"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1445692924" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.878213280" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+									<listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include.1404470165" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.920863118" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.2054256250" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.737680653" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RSIP"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_RENESAS_RZN2L"/>
+									<listOptionValue builtIn="false" value="WOLFSSL_USER_SETTINGS"/>
+									<listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include.1392028571" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/generate&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src/serial_io}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../common&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/../../../../../&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/src&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1188589179" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.501898805" name="Language standard" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language" useByScannerDiscovery="true" value="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.cpp11" valueType="enumerated"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1517459084" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath.1314620766" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath" valueType="libPaths"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.1707323954" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint.2121320154" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript.35544828" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath.1169036561" name="User defined archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/script&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkageOrder.964023710" name="Linkage Order List" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkageOrder" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/crl.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/internal.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/keys.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/ocsp.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/sniffer.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/ssl.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/tls.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/tls13.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfSSL/wolfio.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/aes.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/arc4.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/asm.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/asn.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/blake2b.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/camellia.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/chacha.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/chacha20_poly1305.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cmac.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/coding.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/compress.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cpuid.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/cryptocb.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/curve25519.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/des3.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/dh.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/dsa.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ecc.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ecc_fp.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ed25519.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/error.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/fe_low_mem.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/fe_operations.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ge_low_mem.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/ge_operations.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/hash.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/hmac.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/integer.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/kdf.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/logging.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md2.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md4.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/md5.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/memory.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/pkcs12.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/pkcs7.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/poly1305.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/random.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/rsa.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha256.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha3.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sha512.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/signature.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_arm32.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_arm64.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_armthumb.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_c32.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_c64.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_cortexm.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_dsp32.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_int.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/sp_x86_64.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/srp.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/tfm.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_dsp.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_encrypt.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_pkcs11.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wc_port.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wolfevent.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/wolfCrypt/wolfmath.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/hal_entry.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;src/rzn2l_tst_thread_entry.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/common_data.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/hal_data.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/main.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/pin_data.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/rzn2l_tst_thread.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn_gen/vector_data.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/rm_freertos_port/port.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/rm_freertos_plus_tcp/NetworkInterface.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_sci_uart/r_sci_uart.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/private/r_rsip_otp.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/private/r_rsip_private.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func010.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func011.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func012.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func013.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func016.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func017.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func022.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func023.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func040.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func041.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func043.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func044.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func045.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func046.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func047.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func060.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func066.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func073.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func084.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func085.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func086.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func087.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func088.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func100.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func101.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func102.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func103.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func205.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func206.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_func400.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p00.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p01.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p02.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p03.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p04.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p06.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p07.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p08.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0b.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0c.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0d.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0e.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p0f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p10.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p15.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p16.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p17.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p18.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p19.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1b.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1c.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1d.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1e.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p1f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p20.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p21.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p24.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p25.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29t.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p29u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2b.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p2c.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32t.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p32u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34t.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p34u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36a.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36t.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p36u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p40.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p41u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p44u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p47u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p48u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p50u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p53.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p53_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p54.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p54_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p56.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p56_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p57.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p57_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p59.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p59_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p60.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p60_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p62.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p62_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p63.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p63_enhanced.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p71.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p72.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p73.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p76.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_p80.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb3u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb6u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pb9u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2f.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2i.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pc2u.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pdc.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf0.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf1.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf3.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pf4.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/rzn2l/r_rsip_pfa.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/primitive/r_rsip_data.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_api.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_cmn.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_cmn_drv.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_manifest.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src/r_sb_sb.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src/r_cip_drv_api.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src/rsip_check_param.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rzt2n2/lib/otp/src/r_otp_drv.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_aes.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_ecc.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_rsa.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_rzt2n2.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/public/r_rsip_sha.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_rsip/rsip_common/private/r_rsip_reg.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ioport/r_ioport.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_gmac/r_gmac.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ethsw/r_ethsw.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ether_selector/r_ether_selector.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/r_ether_phy/r_ether_phy.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/rzn2l/bsp_cache.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/rzn2l/bsp_loader_param.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_clocks.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_common.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_delay.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_io.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_irq.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_register_protection.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_reset.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/mcu/all/bsp_sbrk.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/cmsis/Device/RENESAS/Source/startup.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/fsp/src/bsp/cmsis/Device/RENESAS/Source/system.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/board/rzn2l_rsk/board_init.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/board/rzn2l_rsk/board_leds.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/portable/BufferManagement/BufferAllocation_2.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_ARP.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_DHCP.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_DNS.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_IP.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_Sockets.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_Stream_Buffer.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_TCP_IP.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_TCP_WIN.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/source/FreeRTOS_UDP_IP.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/portable/MemMang/heap_4.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/event_groups.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/list.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/queue.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/stream_buffer.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/tasks.o&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;rzn/aws/amazon-freertos/freertos_kernel/timers.o&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includeFiles.1438841261" name="Standard archive (library) files (-l)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includeFiles" valueType="stringList"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnosys.1028106860" name="Do not use syscalls (--specs=nosys.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnosys" value="false" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat.584424940" name="Use float with nano printf (-u _printf_float)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.useprintffloat" value="false" valueType="boolean"/>
+								<inputType id="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c.1165207646" superClass="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinputdependency" paths="$(LIBRARY_GENERATOR_OUTPUTTYPE_OUTPUTS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.1337774964" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath.756288659" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath" valueType="libPaths"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.1744364271" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint.1291406965" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript.310553223" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice.1427749577" name="Output file format (-O)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.421010994" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.1221065540" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.1429014953" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.451808212" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.395841504" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1081826627" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType.1164150425" name="Library type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.libraryType.preBuilt" valueType="enumerated"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary.1673047545" name="Select Library" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.selectLibrary.newLib" valueType="enumerated"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/fsp/src/r_rsip" name="r_rsip" resourcePath="rzn/fsp/src/r_rsip">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1395369224" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.1071339816" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1331708998" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.1831328053" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.365699331" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.1819123575" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.403603681" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.643513568" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.1098203939" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.2074385996" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.752213395" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1752213841" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.1127031778" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.1105441658" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.880088916" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.904114020" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.652622255" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.1967387297" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1978781251" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.358045362" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.427490301" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.1687715422" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.181745876" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.1671888469" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.794012212" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1663735523" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.761525203" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.638760998" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.958309222" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.431526564" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1354067517" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.1494685771" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.446430137" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.274108541" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.1169746389" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.848299048" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.205611915" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.1023444171" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.182123650" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1531877982" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1547316676" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1342956776" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.641000101" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1948114392" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.50898878" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1317377008" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1553868522" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1281074817" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1863377525" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.768401282" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2020248736" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1272030231" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1737052899" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/fsp/src/rm_freertos_port" name="rm_freertos_port" resourcePath="rzn/fsp/src/rm_freertos_port">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1523259473" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.336428840" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.395815157" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.440765205" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.1340652781" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.1616957638" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.2011623354" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.2112268196" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.1980381012" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.2090768851" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.2549663" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1146722525" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.1221404318" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.186937928" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.330329119" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.30461289" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.716293411" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.2000041049" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1065099156" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.717338453" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.1935379814" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.2002524928" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.1261900030" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.561786453" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.2068146979" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1003417982" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.1630176766" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.667412661" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1477869635" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.1514401196" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.91956938" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.774700376" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.367785538" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.313731419" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.1523651429" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.564837400" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.918118731" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.406359297" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.1999417238" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1681995986" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.565267107" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1258062177" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1465640145" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.876007366" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.239795482" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.892156765" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1139423725" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.238062688" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.834695780" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.2096621463" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2118424702" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2082487619" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.784786060" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/aws" name="aws" resourcePath="rzn/aws">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1149348878" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.362529713" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1932444170" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.1262200544" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.476328099" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.801403333" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.1900325214" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.2078268753" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.426583064" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.520690112" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.1305824312" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1173907719" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.801391698" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.541684863" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.1714599141" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.1337937670" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.670370160" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.1100338590" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.1774279722" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.441168637" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.176888508" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.1954397806" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.476988269" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.719278643" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.2111201393" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.1705986437" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.663663927" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.1493923769" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1516575155" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.457656564" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1269461534" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.1486201287" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.1189141211" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.1006395659" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.913131744" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.949251499" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.1919830146" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.1157451195" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.490684901" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1883924890" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.202422758" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.204186308" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1724680938" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1758752052" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1495068833" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1509919788" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1137257624" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.551760459" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1796558256" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1237986710" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1780835869" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1889695121" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.326110318" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794./rzn/arm" name="arm" resourcePath="rzn/arm">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update.1817151912" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.debug.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625.1040662795" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.2068680625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610.1232807680" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.1459372610"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630.8365988" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.1079284630"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189.1904476778" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.231411189"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302.384006156" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.104813302"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116.1853721101" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.618641116"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640.316385495" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1299606640"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560.967379669" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.175484560"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147.1401820060" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1766001147"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502.1003347397" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.1999364502"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766.1281051395" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1053366766"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092.815540782" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.255810092"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160.2009828075" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.589066160"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083.202931399" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1657835083"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019.1287099006" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.529573019"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201.2145474557" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.973219201"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036.2038437081" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1170282036"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109.234661609" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1271145109"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954.19102270" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.46319954"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482.427275396" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.2133049482"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314.684285041" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1476755314"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769.1136217243" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1180377769"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364.2134902749" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.385566364"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646.1191405963" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.85130646"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043.150664323" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.438363043"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543.862320695" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.734485543"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625.552202924" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.1496417625"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041.1352685939" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.1362651041"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218.1307433488" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1358770218"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979.1847960832" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.80343979"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284.11245639" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.244133284"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380.381910869" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.370143380"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739.484994307" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.615370739"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872.921925344" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.563040872"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788.139681266" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.1659522788"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818.213813504" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1439778818"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477.960148763" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.635802477"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499.2053583333" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1751328499"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.693401016" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.395291860">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1938438904" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.365017269" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1597078062" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1022150615" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1953230089" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1452804886">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.611756315" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.500108808" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1010031112"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.512411668" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1897888193"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.316691623" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1683309259"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.990976938" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.495323055"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.771278060" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1833581304"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.443724269" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.2145437670"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.951162315" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1308561227"/>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="common"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn_gen"/>
+						<entry excluding="test|serial_io|wolfCrypt|wolfSSL" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/serial_io"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/test"/>
+						<entry excluding="port" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt/port"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfSSL"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.boardInfo"/>
+		</cconfiguration>
+		<cconfiguration id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413">
+			<storageModule buildSystemId="org.eclipse.cdt.managedbuilder.core.configurationDataProvider" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413" moduleId="org.eclipse.cdt.core.settings" name="Release">
+				<externalSettings/>
+				<extensions>
+					<extension id="org.eclipse.cdt.core.ELF" point="org.eclipse.cdt.core.BinaryParser"/>
+					<extension id="org.eclipse.cdt.core.GASErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GmakeErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.CWDLocator" point="org.eclipse.cdt.core.ErrorParser"/>
+					<extension id="org.eclipse.cdt.core.GCCErrorParser" point="org.eclipse.cdt.core.ErrorParser"/>
+				</extensions>
+			</storageModule>
+			<storageModule moduleId="com.renesas.cdt.managedbuild.core.toolchainInfo">
+				<option id="toolchain.id" value="gcc-arm-embedded"/>
+				<option id="toolchain.version" value="9.3.1.20200408"/>
+			</storageModule>
+			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+				<configuration artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.release" description="" id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413" name="Release" parent="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update">
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413." name="/" resourcePath="">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.770956647" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel" value="ilg.gnuarmeclipse.managedbuild.cross.option.optimization.level.more" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format" value="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.dwarf4" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn" value="true" valueType="boolean"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal" value="true" valueType="boolean"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName" value="R9A07G084M04GBG" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name" value="GNU Tools for ARM Embedded Processors" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture" value="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.arm" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.mcpu.cortex-r52" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.instructionset.thumb" valueType="enumerated"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix" value="arm-none-eabi-" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c" value="gcc" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp" value="g++" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar" value="ar" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy" value="objcopy" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump" value="objdump" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size" value="size" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make" value="make" valueType="string"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm" value="rm" valueType="string"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.unit.neonfparmv8" valueType="enumerated"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi" value="ilg.gnuarmeclipse.managedbuild.cross.option.arm.target.fpu.abi.hard" valueType="enumerated"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform.583978247" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<builder buildPath="${workspace_loc:/test_RZN2L}/Release" id="com.renesas.cdt.managedbuild.gcc.rz.builder.557849021" keepEnvironmentInBuildfile="false" managedBuildOn="true" name="GCC for Renesas Builder" parallelBuildOn="true" parallelizationNumber="optimal" superClass="com.renesas.cdt.managedbuild.gcc.rz.builder"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor.1175869025" name="Use preprocessor" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.usepreprocessor" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs.305259748" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.assembler.defs" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+									<listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include.1749182888" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.assembler.include" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.456671311" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.687297081" name="Language standard" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std" useByScannerDiscovery="true" value="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.std.c99" valueType="enumerated"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs.856881917" name="Defined symbols (-D)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.compiler.defs" useByScannerDiscovery="true" valueType="definedSymbols">
+									<listOptionValue builtIn="false" value="_RENESAS_RZN_"/>
+									<listOptionValue builtIn="false" value="_RZN_CORE=CR52_0"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include.1411892430" name="Include paths (-I)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.include" useByScannerDiscovery="false" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/generate&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${ProjDirPath}/src&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/api}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/inc/instances}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_port}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/arm/CMSIS_5/CMSIS/Core_R/Include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_gen}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/aws}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn_cfg/fsp_cfg}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/aws/amazon-freertos/libraries/freertos_plus/standard/freertos_plus_tcp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rsip_common/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/sb_lib/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/lib/rsip/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/primitive}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/rm_freertos_plus_tcp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/common/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/sb_lib/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/otp/inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/rzn/fsp/src/r_rsip/rzt2n2/private/lib/rsip/inc}&quot;"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.179835817" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.1492193481" name="Language standard" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language" useByScannerDiscovery="true" value="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.language.cpp11" valueType="enumerated"/>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections.1200386063" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath.3491622" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.includePath" valueType="libPaths"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano.2140522055" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.c.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint.2072792159" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript.1599876065" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linkerscript" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+								</option>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath.1202803303" name="User defined archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.userIncludePath" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}}/script&quot;"/>
+								</option>
+								<inputType id="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c.899703779" superClass="com.renesas.cdt.managedbuild.gcc.rz.inputType.linker.c">
+									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
+									<additionalInput kind="additionalinputdependency" paths="$(LIBRARY_GENERATOR_OUTPUTTYPE_OUTPUTS)"/>
+									<additionalInput kind="additionaldependency" paths="$(LINKER_SCRIPT)"/>
+								</inputType>
+							</tool>
+							<tool commandLinePattern="${COMMAND} ${cross_toolchain_flags} ${OUTPUT_FLAG}${OUTPUT_PREFIX} ${OUTPUT} -Wl,--start-group ${INPUTS} -Wl,--end-group ${FLAGS}" id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections.484519932" name="Remove unused sections (-Xlinker --gc-sections)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.gcsections" value="true" valueType="boolean"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath.1726817531" name="Standard archive search directories (-L)" superClass="com.renesas.cdt.managedbuild.gcc.rz.archives.cpp.includePath" valueType="libPaths"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano.1225392189" name="Use newlib-nano (--specs=nano.specs)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.cpp.linker.usenewlibnano" value="true" valueType="boolean"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint.827697822" name="Entry Point:" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.linker.cpp.entrypoint" value="-Wl,-esystem_init" valueType="string"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript.963403495" name="Script files (-T)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.cpp.linkerscript" valueType="stringList">
+									<listOptionValue builtIn="false" value="&quot;fsp_ram_execution.ld&quot;"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice.1901619579" name="Output file format (-O)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.flash.choice" value="ilg.gnuarmeclipse.managedbuild.cross.option.createflash.choice.srec" valueType="enumerated"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source.639759299" name="Display source (--source|-S)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.source" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders.1032066303" name="Display all headers (--all-headers|-x)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.allheaders" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle.675409827" name="Demangle names (--demangle|-C)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.demangle" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers.229300003" name="Display line numbers (--line-numbers|-l)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.linenumbers" value="true" valueType="boolean"/>
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide.2016086530" name="Wide lines (--wide|-w)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.createlisting.wide" value="true" valueType="boolean"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size">
+								<option id="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format.1270800738" name="Size format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.printsize.format"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen">
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType.1221039153" name="Library type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.libraryType" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.libraryType.preBuilt" valueType="enumerated"/>
+								<option id="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary.738037052" name="Select Library" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.selectlibrary" value="com.renesas.cdt.managedbuild.gcc.core.option.librarygenerator.settings.selectLibrary.newLib" valueType="enumerated"/>
+							</tool>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/fsp/src/r_rsip" name="r_rsip" resourcePath="rzn/fsp/src/r_rsip">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1805500879" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.739724666" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.2061203420" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1406894157" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.2030749683" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.790656282" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1356391314" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1351541905" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.2020020097" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1177269684" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.1916633009" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.2013552145" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1407385964" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.623430997" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1144156355" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1600479748" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.625830093" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.352772718" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.1351030431" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.1327033446" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.964360091" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1756533831" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.1345627862" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.757689803" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.274868436" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.1251789087" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1264668413" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.432626970" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.1289142314" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.1119489128" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.910572528" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.1825512020" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.1958450962" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.943311469" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.51286933" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.1587041260" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1056755502" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.1865484770" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.1416496788" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1348720370" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.376062854" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1007502461" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.541145938" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.2122390839" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1953373052" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.785654378" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1777942871" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.105544834" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.2034626298" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.952048634" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1880138113" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.864803322" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.1999521134" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/fsp/src/rm_freertos_port" name="rm_freertos_port" resourcePath="rzn/fsp/src/rm_freertos_port">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1780955727" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1515988655" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.98426643" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1368670284" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.1255025832" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1805808218" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1580110529" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1015078072" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.187277427" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.516240309" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.841361088" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.695463787" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.573190969" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.171281485" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1227415680" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.787216557" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.1616125551" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.275796807" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.136998500" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.755077597" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.2074777613" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1118603308" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.699262263" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1738044861" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.1552093548" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.1260464147" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1535159110" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.531911065" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.1660248898" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.87315642" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1354657845" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.438074263" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.811475061" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.119883407" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.905726066" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.329638876" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.412871590" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.391550557" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.973431454" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1563943334" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1922787239" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1738421288" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.86380647" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.942795373" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.850792710" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1337171250" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.1932158153" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1432352756" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.70927854" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.899047981" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.937830769" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.707006312" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.497834944" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/aws" name="aws" resourcePath="rzn/aws">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.157403712" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1295975321" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.237633346" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1890195381" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.77889737" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1309753706" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.15722697" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.1592570168" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.1526537674" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1885735518" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.836857696" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.660001253" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1721588588" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.1152568021" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.308986896" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1956123633" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.1901935883" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.420050635" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.1749362881" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.359351989" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.169410393" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.157951181" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.623479485" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1472170937" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.2002516508" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.592979565" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1618034723" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.636904387" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.800189701" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.44793537" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1141730343" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.457214733" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.1207411951" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.354529679" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.234468684" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.681148796" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1814879062" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.1477995526" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.245514874" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1386642519" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.1349234873" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1286853864" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.189846499" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1177969784" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.693656395" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.1379653425" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.45297935" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.522138222" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1732589368" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1455868703" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2127614422" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.816427867" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.911927446" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+						</toolChain>
+					</folderInfo>
+					<folderInfo id="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413./rzn/arm" name="arm" resourcePath="rzn/arm">
+						<toolChain id="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update.1889887927" name="GCC for Renesas RZ" superClass="com.renesas.cdt.managedbuild.gcc.rz.toolchain.release.update" unusedChildren="">
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079.1718318238" name="Create flash image" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createflash.1949850079"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726.590487448" name="Create extended listing" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.createlisting.398089726"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560.1225297799" name="Print size" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.printsize.388268560"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096.2005188152" name="Echo tool command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.addtools.showCommand.1588301096"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232.1017132798" name="Optimization Level" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.optimizationLevel.1562865232"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967.1239149903" name="Message length (-fmessage-length=0)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.messagelenght.1414123967"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033.59681840" name="'char' is signed (-fsigned-char)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.signedchar.1997111033"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409.1597464965" name="Function sections (-ffunction-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.functionsection.1323324409"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994.1505267256" name="Data sections (-fdata-sections)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.datasections.1676291994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571.28067641" name="Debug level" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.level.463153571"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965.143007318" name="Debug format" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.debugging.format.1233206965"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549.1835033923" name="Warn on various unused elements (-Wunused)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.unused.400560549"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324.2120363008" name="Warn on uninitialized variables (-Wuninitialised)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.uninitialized.902420324"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344.1856190339" name="Enable all common warnings (-Wall)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.allwarn.1679835344"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987.1794023378" name="Enable extra warnings (-Wextra)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.extrawarn.541130987"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629.312528496" name="Warn on undeclared global function (-Wmissing-declaration)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.missingdeclaration.1160621629"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411.1308744120" name="Warn on implicit conversions (-Wconversion)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.conversion.1063451411"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694.648352829" name="Warn if pointer arithmetic (-Wpointer-arith)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.pointerarith.1095011694"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465.1978627619" name="Warn if shadowed variable (-Wshadow)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.shadow.903125465"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065.1443177685" name="Warn if suspicious logical ops (-Wlogical-op)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.logicalop.926371065"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477.1283912442" name="Warn if struct is returned (-Wagreggate-return)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.agreggatereturn.1328296477"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997.24431814" name="Warn if floats are compared as equal (-Wfloat-equal)" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.warnings.floatequal.1500121997"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593.1786814536" name="Device name" superClass="com.renesas.cdt.managedbuild.gcc.rz.deviceName.1664475593"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497.772389813" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.toolchain.name.75533497"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325.402794539" name="Architecture" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.architecture.349814325"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421.1036945350" name="Arm family (-mcpu)" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.family.2115333421"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176.789985843" name="Instruction set" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.instructionset.2140969176"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406.498732864" name="Prefix" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.prefix.401734406"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914.195982447" name="C compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.c.1400780914"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948.1622400694" name="C++ compiler" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.cpp.782648948"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994.405103113" name="Archiver" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.ar.1743797994"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448.2141430682" name="Hex/Bin converter" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objcopy.456601448"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249.524212942" name="Listing generator" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.objdump.1294113249"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419.832796011" name="Size command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.size.343456419"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644.1262895352" name="Build command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.make.318142644"/>
+							<option id="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217.1093138460" name="Remove command" superClass="ilg.gnuarmeclipse.managedbuild.cross.option.command.rm.1943975217"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226.978798942" name="FPU Type" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatunit.275054226"/>
+							<option id="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532.1190577806" name="Float ABI" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.floatabi.1942611532"/>
+							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform" isAbstract="false" osList="all" superClass="ilg.gnuarmeclipse.managedbuild.cross.targetPlatform"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.54253754" name="Cross ARM GNU Assembler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.assembler.1762984193">
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input.437701253" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.assembler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.974292199" name="Cross ARM C Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined.1258871705" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+								<inputType id="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1545961253" superClass="ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input"/>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1262039585" name="Cross ARM C++ Compiler" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.compilerCPP.1025775250">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined.224364759" name="Other compiler flags" superClass="com.renesas.cdt.managedbuild.gcc.rz.option.compiler.cpp.userDefined" useByScannerDiscovery="true" valueType="stringList">
+									<listOptionValue builtIn="false" value="-w"/>
+								</option>
+							</tool>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.667545810" name="Cross ARM C Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.c.2147111510"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.1731036365" name="Cross ARM C++ Linker" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.linker.cpp.177093696"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.439531068" name="Cross ARM GNU Archiver" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.archiver.1356408537"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.355655278" name="Cross ARM GNU Create Flash Image" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.flash.1736780445"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.2113610447" name="Cross ARM GNU Create Listing" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.listing.1190993524"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.size.1840785923" name="Cross ARM GNU Print Size" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.size.526081119"/>
+							<tool id="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.328381856" name="Library Generator" superClass="com.renesas.cdt.managedbuild.gcc.rz.tool.libgen.17183028"/>
+						</toolChain>
+					</folderInfo>
+					<sourceEntries>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="common"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="rzn_gen"/>
+						<entry excluding="test|serial_io|wolfCrypt|wolfSSL" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/serial_io"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/test"/>
+						<entry excluding="port" flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfCrypt/port"/>
+						<entry flags="VALUE_WORKSPACE_PATH|RESOLVED" kind="sourcePath" name="src/wolfSSL"/>
+					</sourceEntries>
+				</configuration>
+			</storageModule>
+			<storageModule moduleId="org.eclipse.cdt.core.externalSettings"/>
+		</cconfiguration>
+	</storageModule>
+	<storageModule moduleId="cdtBuildSystem" version="4.0.0">
+		<project id="test_RZN2L.com.renesas.cdt.managedbuild.gcc.rz.projectType.update.380525196" name="Executable" projectType="com.renesas.cdt.managedbuild.gcc.rz.projectType.update"/>
+	</storageModule>
+	<storageModule moduleId="scannerConfiguration">
+		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413;com.renesas.cdt.managedbuild.gcc.rz.configuration.release.update.1356321413.;com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.1073903292;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.179835817">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+		<scannerConfigBuildInfo instanceId="com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794;com.renesas.cdt.managedbuild.gcc.rz.configuration.debug.update.1144316794.;com.renesas.cdt.managedbuild.gcc.rz.tool.compilerC.15728131;ilg.gnuarmeclipse.managedbuild.cross.tool.c.compiler.input.1188589179">
+			<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
+		</scannerConfigBuildInfo>
+	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.core.LanguageSettingsProviders"/>
+	<storageModule moduleId="refreshScope"/>
+	<storageModule moduleId="org.eclipse.cdt.make.core.buildtargets"/>
+</cproject>
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project
new file mode 100644
index 00000000..9610054e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/.project
@@ -0,0 +1,440 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>test_RZN2L</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>com.renesas.cdt.ddsc.contentgen.ddscBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.genmakebuilder</name>
+			<triggers>clean,full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
+			<triggers>full,incremental,</triggers>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
+			<name>com.renesas.cdt.ddsc.contentgen.ddscInterlockBundleBuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.cdt.core.cnature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
+		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
+		<nature>com.renesas.cdt.ddsc.contentgen.ddscNature</nature>
+		<nature>com.renesas.cdt.rz.ddsc.contentgen.rznNature</nature>
+	</natures>
+	<linkedResources>
+		<link>
+			<name>common/user_settings.h</name>
+			<type>1</type>
+			<locationURI>PARENT-1-PROJECT_LOC/common/user_settings.h</locationURI>
+		</link>
+		<link>
+			<name>common/wolfssl_demo.h</name>
+			<type>1</type>
+			<locationURI>PARENT-1-PROJECT_LOC/common/wolfssl_demo.h</locationURI>
+		</link>
+		<link>
+			<name>src/test/benchmark.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/benchmark/benchmark.c</locationURI>
+		</link>
+		<link>
+			<name>src/test/test.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/test/test.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/aes.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/aes.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/arc4.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/arc4.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/asm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/asn.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/asn.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/blake2b.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/blake2b.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/camellia.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/camellia.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/chacha.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/chacha20_poly1305.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/chacha20_poly1305.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/cmac.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cmac.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/coding.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/coding.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/compress.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/compress.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/cpuid.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cpuid.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/cryptocb.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/cryptocb.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/curve25519.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/curve25519.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/des3.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/des3.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/dh.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dh.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/dsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/dsa.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/ecc.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/ecc_fp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ecc_fp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/ed25519.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ed25519.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/error.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/error.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/fe_low_mem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_low_mem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/fe_operations.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/fe_operations.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/ge_low_mem.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_low_mem.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/ge_operations.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/ge_operations.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/hash.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hash.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/hmac.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/hmac.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/integer.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/integer.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/kdf.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/kdf.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/logging.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/logging.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/md2.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md2.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/md4.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md4.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/md5.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/md5.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/memory.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/memory.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/pkcs12.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs12.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/pkcs7.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pkcs7.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/poly1305.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/poly1305.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/pwdbased.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/pwdbased.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/random.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/random.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/rsa.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sha.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sha256.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha256.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sha3.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha3.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sha512.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sha512.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/signature.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/signature.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_arm32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_arm64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_arm64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_armthumb.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_armthumb.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_c32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_c64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_c64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_cortexm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_cortexm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_dsp32.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_dsp32.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_int.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_int.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/sp_x86_64.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/sp_x86_64.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/srp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/srp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/tfm.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/tfm.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wc_dsp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_dsp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wc_encrypt.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_encrypt.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wc_pkcs11.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_pkcs11.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wc_port.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wc_port.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wolfevent.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfevent.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/wolfmath.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/wolfmath.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/crl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/crl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/internal.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/internal.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/keys.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/keys.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/ocsp.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/ocsp.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/sniffer.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/sniffer.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/ssl.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/ssl.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/tls.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/tls.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/tls13.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/tls13.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfSSL/wolfio.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/src/wolfio.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/port/renesas_common.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_common.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/port/renesas_fspsm_aes.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/port/renesas_fspsm_rsa.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/port/renesas_fspsm_sha.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c</locationURI>
+		</link>
+		<link>
+			<name>src/wolfCrypt/port/renesas_fspsm_util.c</name>
+			<type>1</type>
+			<locationURI>PARENT-5-PROJECT_LOC/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c</locationURI>
+		</link>
+	</linkedResources>
+</projectDescription>
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld
new file mode 100644
index 00000000..8f373e0a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/script/fsp_ram_execution.ld
@@ -0,0 +1,243 @@
+/*
+                  Linker File for Renesas RZ/N2L FSP
+*/
+
+MEMORY
+{
+    ATCM : ORIGIN = 0x00000000, LENGTH = 0x00020000
+    BTCM : ORIGIN = 0x00100000, LENGTH = 0x00020000
+    SYSTEM_RAM : ORIGIN = 0x10000000, LENGTH = 0x00180000
+    SYSTEM_RAM_MIRROR : ORIGIN = 0x30000000, LENGTH = 0x00180000
+    xSPI0_CS0_SPACE_MIRROR : ORIGIN = 0x40000000, LENGTH = 0x04000000
+    xSPI0_CS1_SPACE_MIRROR : ORIGIN = 0x44000000, LENGTH = 0x04000000
+    xSPI1_CS0_SPACE_MIRROR : ORIGIN = 0x48000000, LENGTH = 0x04000000
+    xSPI1_CS1_SPACE_MIRROR : ORIGIN = 0x4C000000, LENGTH = 0x04000000
+    CS0_SPACE_MIRROR : ORIGIN = 0x50000000, LENGTH = 0x04000000
+    CS2_SPACE_MIRROR : ORIGIN = 0x54000000, LENGTH = 0x04000000
+    CS3_SPACE_MIRROR : ORIGIN = 0x58000000, LENGTH = 0x04000000
+    CS5_SPACE_MIRROR : ORIGIN = 0x5C000000, LENGTH = 0x04000000
+    xSPI0_CS0_SPACE : ORIGIN = 0x60000000, LENGTH = 0x04000000
+    xSPI0_CS1_SPACE : ORIGIN = 0x64000000, LENGTH = 0x04000000
+    xSPI1_CS0_SPACE : ORIGIN = 0x68000000, LENGTH = 0x04000000
+    xSPI1_CS1_SPACE : ORIGIN = 0x6C000000, LENGTH = 0x04000000
+    CS0_SPACE : ORIGIN = 0x70000000, LENGTH = 0x04000000
+    CS2_SPACE : ORIGIN = 0x74000000, LENGTH = 0x04000000
+    CS3_SPACE : ORIGIN = 0x78000000, LENGTH = 0x04000000
+    CS5_SPACE : ORIGIN = 0x7C000000, LENGTH = 0x04000000
+}
+
+SECTIONS
+{
+    .loader_text 0x00102000 : AT (0x00102000)
+    {
+        *(.loader_text)
+        */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.text*)
+        */fsp/src/bsp/mcu/all/bsp_clocks.o(.text*)
+        */fsp/src/bsp/mcu/all/bsp_irq.o(.text*)
+        */fsp/src/bsp/mcu/all/bsp_register_protection.o(.text*)
+        */fsp/src/r_ioport/r_ioport.o(.text*)
+        KEEP(*(.warm_start))
+    } > BTCM
+    .loader_data :
+    {
+        */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.data*)
+        */fsp/src/bsp/mcu/all/bsp_clocks.o(.data*)
+        */fsp/src/bsp/mcu/all/bsp_irq.o(.data*)
+        */fsp/src/bsp/mcu/all/bsp_register_protection.o(.data*)
+        */fsp/src/r_ioport/r_ioport.o(.data*)
+        __loader_bss_start = .;
+        */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(.bss*)
+        */fsp/src/bsp/mcu/all/bsp_clocks.o(.bss*)
+        */fsp/src/bsp/mcu/all/bsp_irq.o(.bss*)
+        */fsp/src/bsp/mcu/all/bsp_register_protection.o(.bss*)
+        */fsp/src/r_ioport/r_ioport.o(.bss*)
+        */fsp/src/bsp/cmsis/Device/RENESAS/Source/*.o(COMMON)
+        */fsp/src/bsp/mcu/all/bsp_clocks.o(COMMON)
+        */fsp/src/bsp/mcu/all/bsp_irq.o(COMMON)
+        */fsp/src/bsp/mcu/all/bsp_register_protection.o(.COMMON)
+        */fsp/src/r_ioport/r_ioport.o(.COMMON)
+        __loader_bss_end = . ;
+    } > BTCM
+    .intvec 0x00000000 : AT (0x00000000)
+    {
+        _fvector_start = .;
+        KEEP(*(.intvec))
+        _fvector_end = .;
+    } > ATCM
+    .text 0x30000000 : AT (0x30000000)
+    {
+        _text_start = .;
+        *(.text*)
+
+        KEEP(*(.init))
+        KEEP(*(.fini))
+
+        /* .ctors */
+        *crtbegin.o(.ctors)
+        *crtbegin?.o(.ctors)
+        *(EXCLUDE_FILE(*crtend?.o *crtend.o) .ctors)
+        *(SORT(.ctors.*))
+        *(.ctors)
+        _ctor_end = .;
+
+        /* .dtors */
+        *crtbegin.o(.dtors)
+        *crtbegin?.o(.dtors)
+        *(EXCLUDE_FILE(*crtend?.o *crtend.o) .dtors)
+        *(SORT(.dtors.*))
+        *(.dtors)
+        _dtor_end = .;
+
+        *(.rodata*)
+        _erodata = .;
+        KEEP(*(.eh_frame*))
+    } > SYSTEM_RAM_MIRROR
+    .rvectors :
+    {
+        _rvectors_start = .;
+        KEEP(*(.rvectors))
+        _rvectors_end = .;
+    } > SYSTEM_RAM_MIRROR
+    .ARM.extab :
+    {
+        *(.ARM.extab* .gnu.linkonce.armextab.*)
+    } > SYSTEM_RAM_MIRROR
+    __exidx_start = .;
+    .ARM.exidx :
+    {
+        *(.ARM.exidx* .gnu.linkonce.armexidx.*)
+    } > SYSTEM_RAM_MIRROR
+    __exidx_end = .;
+    .got :
+    {
+        *(.got)
+        *(.got.plt)
+        _text_end = .;
+    } > SYSTEM_RAM_MIRROR
+    .data :
+    {
+        _data_start = .;
+
+        *(vtable)
+        *(.data.*)
+        *(.data)
+
+        . = ALIGN(4);
+        /* preinit data */
+        PROVIDE_HIDDEN (__preinit_array_start = .);
+        KEEP(*(.preinit_array))
+        PROVIDE_HIDDEN (__preinit_array_end = .);
+
+        . = ALIGN(4);
+        /* init data */
+        PROVIDE_HIDDEN (__init_array_start = .);
+        KEEP(*(SORT(.init_array.*)))
+        KEEP(*(.init_array))
+        PROVIDE_HIDDEN (__init_array_end = .);
+
+        . = ALIGN(4);
+        /* finit data */
+        PROVIDE_HIDDEN (__fini_array_start = .);
+        KEEP(*(SORT(.fini_array.*)))
+        KEEP(*(.fini_array))
+        PROVIDE_HIDDEN (__fini_array_end = .);
+
+        KEEP(*(.jcr*))
+
+        . = ALIGN(4);
+
+        /* All data end */
+        _data_end = .;
+    } > SYSTEM_RAM_MIRROR
+    .bss :
+    {
+        . = ALIGN(4);
+        __bss_start__ = .;
+        _bss = .;
+        *(.bss*)
+        *(COMMON)
+        . = ALIGN(4);
+        __bss_end__ = .;
+        _ebss = .;
+        _end = .;
+    } > SYSTEM_RAM_MIRROR
+    .heap (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __HeapBase = .;
+        /* Place the STD heap here. */
+        KEEP(*(.heap))
+        __HeapLimit = .;
+    } > SYSTEM_RAM_MIRROR
+    .thread_stack (NOLOAD):
+    {
+        . = ALIGN(8);
+        __ThreadStackBase = .;
+        /* Place the Thread stacks here. */
+        KEEP(*(.stack*))
+        __ThreadStackLimit = .;
+    } > SYSTEM_RAM_MIRROR
+    .sys_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __SysStackBase = .;
+        /* Place the sys_stack here. */
+        KEEP(*(.sys_stack))
+        __SysStackLimit = .;
+    } > BTCM
+    .svc_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __SvcStackBase = .;
+        /* Place the svc_stack here. */
+        KEEP(*(.svc_stack))
+        __SvcStackLimit = .;
+    } > BTCM
+    .irq_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __IrqStackBase = .;
+        /* Place the irq_stack here. */
+        KEEP(*(.irq_stack))
+        __IrqStackLimit = .;
+    } > BTCM
+    .fiq_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __FiqStackBase = .;
+        /* Place the fiq_stack here. */
+        KEEP(*(.fiq_stack))
+        __FiqStackLimit = .;
+    } > BTCM
+    .und_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __UndStackBase = .;
+        /* Place the und_stack here. */
+        KEEP(*(.und_stack))
+        __UndStackLimit = .;
+    } > BTCM
+    .abt_stack (NOLOAD) :
+    {
+        . = ALIGN(8);
+        __AbtStackBase = .;
+        /* Place the abt_stack here. */
+        KEEP(*(.abt_stack))
+        __AbtStackLimit = .;
+    } > BTCM
+    .shared_noncache_buffer 0x300C0000 : AT (0x300C0000)
+    {
+        . = ALIGN(32);
+        _sncbuffer_start = .;
+        KEEP(*(.shared_noncache_buffer*))
+        _sncbuffer_end = .;
+    } > SYSTEM_RAM_MIRROR
+    .noncache_buffer 0x30100000 : AT (0x30100000)
+    {
+        . = ALIGN(32);
+        _ncbuffer_start = .;
+        KEEP(*(.noncache_buffer*))
+        _ncbuffer_end = .;
+    } > SYSTEM_RAM_MIRROR
+}
+
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
new file mode 100644
index 00000000..0e4c459e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/rzn2l_tst_thread_entry.c
@@ -0,0 +1,438 @@
+/* rzn2l_tst_thread_entry.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "rzn2l_tst_thread.h"
+
+#include "um_common_cfg.h"
+#include "um_common_api.h"
+#include "um_serial_io_api.h"
+#include "um_serial_io.h"
+
+#include "wolfssl_demo.h"
+#include "user_settings.h"
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+static serial_io_instance_ctrl_t g_serial_io0_ctrl;
+static serial_io_cfg_t const g_serial_io0_cfg =
+{
+    .p_uart_instance = &g_uart0,
+};
+serial_io_instance_t const g_serial_io0 =
+{
+    .p_ctrl = &g_serial_io0_ctrl,
+    .p_cfg  = &g_serial_io0_cfg,
+    .p_api  = &g_serial_io_on_serial_io,
+};
+
+FSP_CPP_HEADER
+void R_BSP_WarmStart(bsp_warm_start_event_t event)
+BSP_PLACE_IN_SECTION(".warm_start");
+FSP_CPP_FOOTER
+
+void R_BSP_WarmStart(bsp_warm_start_event_t event)
+{
+    if (BSP_WARM_START_RESET == event) {
+    }
+
+    if (BSP_WARM_START_POST_C == event){
+        R_IOPORT_Open (&g_ioport_ctrl, &g_bsp_pin_cfg);
+    }
+}
+
+#if defined(TLS_CLIENT) || \
+    defined(TLS_SERVER)
+    extern uint8_t g_ether0_mac_address[6];
+    const byte ucIPAddress[4]          = { 192, 168, 11, 241 };
+    const byte ucNetMask[4]            = { 255, 255, 255, 0 };
+    const byte ucGatewayAddress[4]     = { 192, 168, 11, 1 };
+    const byte ucDNSServerAddress[4]   = { 192, 168, 11, 1 };
+#endif
+
+#if  defined(WOLFSSL_RENESAS_FSPSM) && \
+     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#if defined(UNIT_TEST)
+ int rsip_crypt_test();
+#endif
+
+#if (defined(BENCHMARK) || defined(CRYPT_TEST)) \
+    && defined(HAVE_RENESAS_SYNC) && defined(HAVE_AES_CBC)
+    FSPSM_ST guser_PKCbInfo;
+#endif
+
+void Clr_CallbackCtx(FSPSM_ST *g);
+void RSIP_KeyGeneration(FSPSM_ST *g);
+
+void RSIP_KeyGeneration(FSPSM_ST *g)
+{
+    fsp_err_t rsip_error_code = FSP_SUCCESS;
+
+    if (g->wrapped_key_aes128 != NULL) {
+        rsip_error_code = R_RSIP_KeyGenerate(&gFSPSM_ctrl,
+                                         RSIP_KEY_TYPE_AES_128,
+                                         g->wrapped_key_aes128);
+        if (rsip_error_code == FSP_SUCCESS)
+            g->keyflgs_crypt.bits.aes128_installedkey_set = 1;
+    }
+
+    if (g->wrapped_key_aes256 != NULL) {
+        rsip_error_code = R_RSIP_KeyGenerate(&gFSPSM_ctrl,
+                                         RSIP_KEY_TYPE_AES_256,
+                                         g->wrapped_key_aes256);
+        if (rsip_error_code == FSP_SUCCESS)
+            g->keyflgs_crypt.bits.aes256_installedkey_set = 1;
+    }
+
+    if (g->wrapped_key_rsapri1024 != NULL &&
+        g->wrapped_key_rsapub1024 != NULL) {
+        rsip_error_code = R_RSIP_KeyPairGenerate(&gFSPSM_ctrl,
+                                 RSIP_KEY_PAIR_TYPE_RSA_1024,
+                                 g->wrapped_key_rsapub1024,
+                                 g->wrapped_key_rsapri1024);
+        if (rsip_error_code == FSP_SUCCESS) {
+            g->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
+            g->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
+        }
+    }
+
+    if (g->wrapped_key_rsapri2048 != NULL &&
+        g->wrapped_key_rsapub2048 != NULL) {
+        rsip_error_code = R_RSIP_KeyPairGenerate(&gFSPSM_ctrl,
+                                 RSIP_KEY_PAIR_TYPE_RSA_2048,
+                                 g->wrapped_key_rsapub2048,
+                                 g->wrapped_key_rsapri2048);
+        if (rsip_error_code == FSP_SUCCESS) {
+            g->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
+            g->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
+        }
+    }
+}
+
+/* only pointer sets to NULL     */
+/* owner of keys should be freed */
+void Clr_CallbackCtx(FSPSM_ST *g)
+{
+    (void) g;
+
+    if (g->wrapped_key_aes256 != NULL)
+        g->wrapped_key_aes256 = NULL;
+
+    if (g->wrapped_key_aes128 != NULL)
+        g->wrapped_key_aes128 = NULL;
+
+   #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+    if (g->wrapped_key_rsapri2048 != NULL)
+        g->wrapped_key_rsapri2048 = NULL;
+
+    if (g->wrapped_key_rsapub2048 != NULL)
+        g->wrapped_key_rsapub2048 = NULL;
+
+    if (g->wrapped_key_rsapri1024 != NULL)
+        g->wrapped_key_rsapri1024 = NULL;
+
+    if (g->wrapped_key_rsapub2048 != NULL)
+        g->wrapped_key_rsapub2048 = NULL;
+   #endif
+
+    XMEMSET(g, 0, sizeof(FSPSM_ST));
+}
+#endif
+
+
+#if defined(TLS_CLIENT) || \
+    defined(TLS_SERVER)
+
+extern WOLFSSL_CTX *client_ctx;
+extern WOLFSSL_CTX *server_ctx;
+
+void TCPInit( )
+{
+   BaseType_t fr_status;
+
+   /* FreeRTOS+TCP Ethernet and IP Setup */
+   fr_status = FreeRTOS_IPInit(ucIPAddress,
+                               ucNetMask,
+                               ucGatewayAddress,
+                               ucDNSServerAddress,
+                               g_ether0_mac_address);
+
+   if (pdPASS != fr_status) {
+       printf("Error [%ld]: FreeRTOS_IPInit.\n",fr_status);
+   }
+}
+
+
+void wolfSSL_TLS_cleanup()
+{
+#if defined(TLS_CLIENT)
+    if (client_ctx) {
+        wolfSSL_CTX_free(client_ctx);
+    }
+#endif
+#if defined(TLS_SERVER)
+    if (server_ctx) {
+        wolfSSL_CTX_free(server_ctx);
+    }
+#endif
+    wolfSSL_Cleanup();
+}
+
+#endif
+
+serial_io_instance_t   const * gp_serial_io0   = &g_serial_io0;
+static void serial_init()
+{
+    usr_err_t usr_err;
+
+    /** Open Serial I/O module. */
+    usr_err = gp_serial_io0->p_api->open
+            (gp_serial_io0->p_ctrl, gp_serial_io0->p_cfg );
+    if( USR_SUCCESS != usr_err )
+    {
+      USR_DEBUG_BLOCK_CPU();
+    }
+
+    /** Start Serial I/O module. */
+    usr_err = gp_serial_io0->p_api->start( gp_serial_io0->p_ctrl );
+    if( USR_SUCCESS != usr_err )
+    {
+      USR_DEBUG_BLOCK_CPU();
+    }
+    printf( " Started Serial I/O interface." );
+}
+
+/* rzn2l_tst_thread entry function */
+/* pvParameters contains TaskHandle_t */
+void rzn2l_tst_thread_entry(void *pvParameters)
+{
+    FSP_PARAMETER_NOT_USED (pvParameters);
+
+
+    serial_init();
+
+#if defined(UNIT_TEST)
+
+    int ret;
+
+    printf("\n");
+    printf("\n Start wolf RSIP Crypt Test\n");
+
+    if ((ret = wolfCrypt_Init()) != 0) {
+        printf(" wolfCrypt_Init failed %d\n", ret);
+    }
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    printf(" \n");
+    printf(" RSIP Unit Test\n");
+    rsip_crypt_test();
+#else
+    printf(" \n");
+    printf(" RSIP Unit Test Not Run\n");
+#endif
+    printf(" \n");
+    printf(" End wolf RSIP crypt Test\n");
+
+    if ((ret = wolfCrypt_Cleanup()) != 0) {
+        printf("wolfCrypt_Cleanup failed %d\n", ret);
+    }
+
+#elif defined(CRYPT_TEST)
+    #include "wolfcrypt/test/test.h"
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
+
+    Clr_CallbackCtx(&guser_PKCbInfo);
+
+    #if defined(WOLFSSL_AES_128)
+        uint8_t        wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+        FSPSM_AES_PWKEY user_aes128_key_index =
+                            (FSPSM_AES_PWKEY)wrapped_key1;
+        guser_PKCbInfo.wrapped_key_aes128 = user_aes128_key_index;
+    #endif
+
+    #if defined(WOLFSSL_AES_256)
+        uint8_t        wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+        FSPSM_AES_PWKEY user_aes256_key_index =
+                            (FSPSM_AES_PWKEY)wrapped_key2;
+        guser_PKCbInfo.wrapped_key_aes256 = user_aes256_key_index;
+    #endif
+    /* Generate Wrapped aes key */
+    RSIP_KeyGeneration(&guser_PKCbInfo);
+#endif
+
+    int ret;
+
+    func_args args = { 0 };
+
+    if ((ret = wolfCrypt_Init()) != 0) {
+        printf("wolfCrypt_Init failed %d\n", ret);
+    }
+
+    printf("\n");
+    printf("\n Start wolfCrypt Test\n");
+    wolfcrypt_test((void*)&args);
+    printf(" End wolfCrypt Test\n");
+
+    if ((ret = wolfCrypt_Cleanup()) != 0) {
+       printf("wolfCrypt_Cleanup failed %d\n", ret);
+    }
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
+    Clr_CallbackCtx(&guser_PKCbInfo);
+#endif
+
+#elif defined(BENCHMARK)
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
+
+    Clr_CallbackCtx(&guser_PKCbInfo);
+
+    #if defined(WOLFSSL_AES_128)
+        uint8_t        wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+        FSPSM_AES_PWKEY user_aes128_key_index =
+                            (FSPSM_AES_PWKEY)wrapped_key1;
+        guser_PKCbInfo.wrapped_key_aes128 = user_aes128_key_index;
+    #endif
+
+    #if defined(WOLFSSL_AES_256)
+        uint8_t        wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+        FSPSM_AES_PWKEY user_aes256_key_index =
+                            (FSPSM_AES_PWKEY)wrapped_key2;
+        guser_PKCbInfo.wrapped_key_aes256 = user_aes256_key_index;
+    #endif
+    /* Generate Wrapped aes key */
+    RSIP_KeyGeneration(&guser_PKCbInfo);
+#endif
+    printf(" Start wolfCrypt Benchmark\n");
+
+    benchmark_test(NULL);
+
+    printf(" End wolfCrypt Benchmark\n");
+#if defined(HAVE_RENESAS_SYNC) && \
+    defined(HAVE_AES_CBC)
+    Clr_CallbackCtx(&guser_PKCbInfo);
+#endif
+
+#elif defined(TLS_CLIENT)
+
+    int i = 0;
+    const int Max_Retry = 10;
+
+    #if defined(WOLFSSL_TLS13)
+        const char* cipherlist[] = {
+            "TLS13-AES128-GCM-SHA256",
+            "TLS13-AES256-GCM-SHA384",
+        };
+        const int cipherlist_sz = 2;
+        TestInfo info[cipherlist_sz];
+    #elif defined(USE_CERT_BUFFERS_2048)
+        const char* cipherlist[] = {
+             "ECDHE-RSA-AES128-GCM-SHA256",
+             "ECDHE-RSA-AES256-SHA",
+             "ECDHE-RSA-AES128-SHA256"
+        };
+        const int cipherlist_sz = 3;
+        TestInfo info[cipherlist_sz];
+    #elif defined(USE_CERT_BUFFERS_256)
+        const char* cipherlist[] = {
+           "ECDHE-ECDSA-AES128-GCM-SHA256",
+           "ECDHE-ECDSA-AES256-SHA",
+           "ECDHE-ECDSA-AES128-SHA256"
+        };
+        const int cipherlist_sz = 3;
+        TestInfo info[cipherlist_sz];
+    #endif
+
+    TCPInit();
+
+    int TCP_connect_retry = 0;
+
+    printf("\n Start TLS Connection to %s port(%d)\n", SERVER_IP, DEFAULT_PORT);
+    wolfSSL_TLS_client_init();
+
+    do {
+
+        info[i].port = DEFAULT_PORT;
+        info[i].cipher = cipherlist[i];
+        info[i].ctx = client_ctx;
+        info[i].id = i;
+
+        XMEMSET(info[i].name, 0, sizeof(info[i].name));
+        XSPRINTF(info[i].name, "wolfSSL_TLS_client_do(%02d)", i);
+
+        if(wolfSSL_TLS_client_do(&info[i]) == -116) {
+            TCP_connect_retry++;
+            continue;
+        }
+        TCP_connect_retry = 0;
+        i++;
+    } while (i < cipherlist_sz && TCP_connect_retry < Max_Retry);
+
+    printf("\n End of Client Example");
+
+    wolfSSL_TLS_cleanup();
+#elif defined(TLS_SERVER)
+
+    int i = 0;
+    const int Max_Retry = 10;
+    TestInfo info;
+
+    TCPInit();
+
+    int TCP_connect_retry = 0;
+
+    printf("\n Start TLS Accept at %03d.%03d.%03d.%03d port(%d)\n",
+                                                   ucIPAddress[0],
+                                                   ucIPAddress[1],
+                                                   ucIPAddress[2],
+                                                   ucIPAddress[3],DEFAULT_PORT);
+    wolfSSL_TLS_server_init();
+
+    do {
+
+        info.port = DEFAULT_PORT;
+        info.cipher = NULL;
+        info.ctx = server_ctx;
+        info.id = i;
+
+        XMEMSET(info.name, 0, sizeof(info.name));
+        XSPRINTF(info.name, "wolfSSL_TLS_server_do(%02d)",
+                                                 TCP_connect_retry);
+        if(wolfSSL_TLS_server_do(&info) == -116) {
+            TCP_connect_retry++;
+            continue;
+        }
+        TCP_connect_retry = 0;
+    } while (TCP_connect_retry < Max_Retry);
+
+    printf("\n End of Client Example");
+
+#endif
+    /* TODO: add your own code here */
+    while (1)
+    {
+        vTaskDelay (1);
+    }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/serial_io/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
new file mode 100644
index 00000000..f2d610da
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_client.c
@@ -0,0 +1,184 @@
+/* wolf_client.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "wolfssl_demo.h"
+
+#if defined(TLS_CLIENT)
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/time.h>
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+
+WOLFSSL_CTX *client_ctx = NULL;
+
+void wolfSSL_TLS_client_init()
+{
+    #ifndef NO_FILESYSTEM
+        #ifdef USE_ECC_CERT
+        char *cert       = "./certs/ca-ecc-cert.pem";
+        #else
+        char *cert       = "./certs/ca-cert.pem";
+        #endif
+    #else
+        #ifdef USE_CERT_BUFFERS_256
+        const unsigned char *cert       = ca_ecc_cert_der_256;
+        #define  SIZEOF_CERT sizeof_ca_ecc_cert_der_256
+        #else
+        const unsigned char *cert       = ca_cert_der_2048;
+        #define  SIZEOF_CERT sizeof_ca_cert_der_2048
+        #endif
+    #endif
+
+    wolfSSL_Init();
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((client_ctx = wolfSSL_CTX_new(
+                        wolfSSLv23_client_method_ex((void *)NULL))) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        return;
+    }
+    
+    #if !defined(NO_FILESYSTEM)
+    if (wolfSSL_CTX_load_verify_locations(client_ctx, cert, 0) != SSL_SUCCESS) {
+        printf("ERROR: can't load \"%s\"\n", cert);
+        return NULL;
+    }
+    #else
+    if (wolfSSL_CTX_load_verify_buffer(client_ctx, cert, SIZEOF_CERT, 
+                                            SSL_FILETYPE_ASN1) != SSL_SUCCESS){
+           printf("ERROR: can't load certificate data\n");
+       return;
+    }
+    #endif
+}
+
+int wolfSSL_TLS_client_do(void *pvParam)
+{
+
+    int ret;
+
+    TestInfo* p = (TestInfo*)pvParam;
+    /* FreeRTOS+TCP Objects */
+    socklen_t xSize = sizeof(struct freertos_sockaddr);
+    xSocket_t xClientSocket = NULL;
+    struct freertos_sockaddr xRemoteAddress;
+    
+    WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)p->ctx;
+    WOLFSSL *ssl = NULL;
+
+    #define BUFF_SIZE 256
+    static const char sendBuff[]= "Hello Server\n" ;
+    
+    char    rcvBuff[BUFF_SIZE] = {0};
+
+    /* Client Socket Setup */
+    xRemoteAddress.sin_port = FreeRTOS_htons(p->port);
+    xRemoteAddress.sin_addr = FreeRTOS_inet_addr(SERVER_IP);
+
+     /* Create a FreeRTOS TCP Socket and connect */
+     xClientSocket = FreeRTOS_socket(FREERTOS_AF_INET,
+                                             FREERTOS_SOCK_STREAM,
+                                             FREERTOS_IPPROTO_TCP);
+
+     configASSERT(xClientSocket != FREERTOS_INVALID_SOCKET);
+
+     FreeRTOS_bind(xClientSocket, NULL, sizeof(xSize));
+
+     /* Client Socket Connect */
+     ret = FreeRTOS_connect(xClientSocket,
+                                 &xRemoteAddress,
+                                 sizeof(xRemoteAddress));
+
+     if (ret != FR_SOCKET_SUCCESS) {
+         printf(" Error [%d]: FreeRTOS_connect.\n", ret);
+         goto out;
+     }
+
+     printf(" Start to connect to the server.\n");
+
+     if((ssl = wolfSSL_new(ctx)) == NULL) {
+          printf(" ERROR wolfSSL_new: %d\n", wolfSSL_get_error(ssl, 0));
+          goto out;
+     }
+
+     /* Attach wolfSSL to the socket */
+     ret = wolfSSL_set_fd(ssl, (int) xClientSocket);
+     if (ret != WOLFSSL_SUCCESS) {
+         printf(" Error [%d]: wolfSSL_set_fd.\n",ret);
+     }
+
+     printf("  Cipher : %s\n", 
+                                    (p->cipher == NULL) ? "NULL" : p->cipher);
+     /* use specific cipher */
+     if (p->cipher != NULL && wolfSSL_set_cipher_list(ssl, p->cipher) 
+                                                           != WOLFSSL_SUCCESS) {
+          printf(" client can't set cipher list 1");
+          goto out;
+     }
+
+     #ifdef DEBUG_WOLFSSL
+     wolfSSL_Debugging_ON();
+     #endif
+
+     if(wolfSSL_connect(ssl) != SSL_SUCCESS) {
+        printf(" ERROR SSL connect: %d\n",  wolfSSL_get_error(ssl, 0));
+        goto out;
+     }
+
+     #ifdef DEBUG_WOLFSSL
+     wolfSSL_Debugging_OFF();
+     #endif
+
+     if (wolfSSL_write(ssl, sendBuff, (int)strlen(sendBuff)) 
+                                                    != (int)strlen(sendBuff)) {
+        printf(" ERROR SSL write: %d\n", wolfSSL_get_error(ssl, 0));
+        goto out;
+     }
+
+     if ((ret=wolfSSL_read(ssl, rcvBuff, BUFF_SIZE)) < 0) {
+         printf(" ERROR SSL read: %d\n", wolfSSL_get_error(ssl, 0));
+         goto out;
+     }
+
+     rcvBuff[ret] = '\0' ;
+     printf(" Received: %s\n\n", rcvBuff);
+
+ out:
+    if (ssl) {
+        wolfSSL_shutdown(ssl);
+        wolfSSL_free(ssl);
+        ssl = NULL;
+        /* need to reset callback */
+    }
+    /* clean up socket */
+    if (xClientSocket) {
+        FreeRTOS_shutdown(xClientSocket, FREERTOS_SHUT_RDWR);
+        FreeRTOS_closesocket(xClientSocket);
+        xClientSocket = NULL;
+    }
+
+    return ret;
+}
+
+#endif /* TLS_CLIENT */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
new file mode 100644
index 00000000..b4ce624c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolf_server.c
@@ -0,0 +1,210 @@
+/* wolf_server.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include "wolfssl_demo.h"
+
+#if defined(TLS_SERVER)
+
+#include <stdio.h>
+#include <string.h>
+
+#include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/ssl.h"
+#include "wolfssl/certs_test.h"
+#include "wolfssl_demo.h"
+
+WOLFSSL_CTX *server_ctx = NULL;
+
+void wolfSSL_TLS_server_init()
+{
+
+    int ret;
+
+    #if defined(USE_CERT_BUFFERS_256)
+        const unsigned char *cert       = serv_ecc_der_256;
+        #define  sizeof_cert sizeof_serv_ecc_der_256
+        const unsigned char *key        = ecc_key_der_256;
+        #define  sizeof_key  sizeof_serv_ecc_der_256
+        const unsigned char *clientCert = cliecc_cert_der_256;
+        #define  sizeof_clicert sizeof_cliecc_cert_der_256
+    #else
+        const unsigned char *cert       = server_cert_der_2048;
+        #define sizeof_cert sizeof_server_cert_der_2048
+        const unsigned char *key        = server_key_der_2048;
+        #define  sizeof_key sizeof_server_key_der_2048
+        const unsigned char *clientCert = client_cert_der_2048;
+        #define  sizeof_clicert sizeof_client_cert_der_2048
+    #endif
+
+    wolfSSL_Init();
+
+    #ifdef DEBUG_WOLFSSL
+        wolfSSL_Debugging_ON();
+    #endif
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((server_ctx = wolfSSL_CTX_new(
+            wolfSSLv23_server_method_ex((void *)NULL))) == NULL) {
+        printf("ERROR: failed to create WOLFSSL_CTX\n");
+        return;
+    }
+
+    ret = wolfSSL_CTX_use_certificate_buffer(server_ctx, cert,
+                                         sizeof_cert, SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("Error %d loading server-cert!\n", ret);
+        return;
+    }
+
+    /* Load server key into WOLFSSL_CTX */
+    ret = wolfSSL_CTX_use_PrivateKey_buffer(server_ctx, key, sizeof_key,
+                                                    SSL_FILETYPE_ASN1);
+    if (ret != SSL_SUCCESS) {
+        printf("Error %d loading server-key!\n", ret);
+        return;
+    }
+
+    if (1) {
+        wolfSSL_CTX_set_verify(server_ctx, WOLFSSL_VERIFY_PEER |
+                            WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+        if (wolfSSL_CTX_load_verify_buffer(server_ctx, clientCert,
+                                           sizeof_clicert,
+                                           SSL_FILETYPE_ASN1) != SSL_SUCCESS)
+            printf("can't load ca file, Please run from wolfSSL home dir\n");
+   }
+}
+
+int wolfSSL_TLS_server_do(void *pvParam)
+{
+    int ret;
+    WOLFSSL *ssl = NULL;
+    word32  len;
+    #define BUFF_SIZE 256
+    char buff[BUFF_SIZE];
+
+    TestInfo* p = (TestInfo*)pvParam;
+    WOLFSSL_CTX *ctx = (WOLFSSL_CTX *)p->ctx;;
+
+    /* FreeRTOS+TCP parameters and objects */
+    struct freertos_sockaddr xClient, xBindAddress;
+    Socket_t xListeningSocket, xConnectedSocket;
+    socklen_t xSize = sizeof(xClient);
+    const BaseType_t xBacklog = 1; /* Max number of connections */
+    static const TickType_t xReceiveTimeOut = portMAX_DELAY;
+
+    /* Send/Receive Message */
+    const char *reply = "I hear ya fa shizzle!\n";
+    len = (word32)XSTRLEN(*reply);
+
+    /* Attempt to open the socket. */
+    xListeningSocket = FreeRTOS_socket(FREERTOS_AF_INET,
+                                    FREERTOS_SOCK_STREAM,
+                                    FREERTOS_IPPROTO_TCP);
+    configASSERT(xListeningSocket != FREERTOS_INVALID_SOCKET);
+
+    /* Set a time out so accept() will just wait for a connection. */
+    FreeRTOS_setsockopt(xListeningSocket, 0,
+    FREERTOS_SO_RCVTIMEO, &xReceiveTimeOut, sizeof(xReceiveTimeOut));
+
+    xBindAddress.sin_port = (uint16_t) DEFAULT_PORT;
+    xBindAddress.sin_port = FreeRTOS_htons(xBindAddress.sin_port);
+
+    configASSERT(xListeningSocket != FREERTOS_INVALID_SOCKET);
+
+    ret = FreeRTOS_bind(xListeningSocket, &xBindAddress, sizeof(xBindAddress));
+    if (ret == FR_SOCKET_SUCCESS)
+        ret = FreeRTOS_listen(xListeningSocket, xBacklog);
+
+    if (ret != FR_SOCKET_SUCCESS) {
+        printf("Error [%d]: FreeRTOS_bind.\n",ret);
+        goto out;
+    }
+
+     while (1) {
+        ret = WOLFSSL_FAILURE;
+        xConnectedSocket = FreeRTOS_accept(xListeningSocket, &xClient, &xSize);
+        configASSERT(xConnectedSocket != FREERTOS_INVALID_SOCKET);
+
+        if((ssl = wolfSSL_new(ctx)) == NULL) {
+            printf("ERROR: failed wolfSSL_new\n");
+            goto out;
+        }
+        /* Attach wolfSSL to the socket */
+        ret = wolfSSL_set_fd(ssl, (int) xConnectedSocket);
+        /* Establish TLS connection */
+        if (ret != WOLFSSL_SUCCESS) {
+            printf("Error [%d]: wolfSSL_set_fd.\n",ret);
+            goto out;
+        }
+
+        if (wolfSSL_accept(ssl) < 0) {
+            printf("ERROR: SSL Accept(%d)\n", wolfSSL_get_error(ssl, 0));
+            goto out;
+        }
+
+
+        if ((len = wolfSSL_read(ssl, buff, sizeof(buff) - 1)) < 0) {
+            printf("ERROR: SSL Read(%d)\n", wolfSSL_get_error(ssl, 0));
+            goto out;
+        }
+
+        buff[len] = '\0';
+        printf("Received: %s\n", buff);
+
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, reply, len);
+
+        /* Reply back to the client */
+        if (wolfSSL_write(ssl, buff, len) != len) {
+            printf("ERROR: SSL Write(%d)\n", wolfSSL_get_error(ssl, 0));
+        }
+
+        /* Cleanup after this connection */
+        printf("Cleaning up socket and wolfSSL objects.\n");
+        if (xConnectedSocket != NULL)
+            FreeRTOS_closesocket(xConnectedSocket);
+        if (ssl != NULL)
+            wolfSSL_free(ssl);
+
+        printf("Waiting connection....");
+    }
+
+out:
+    if (ssl) {
+        wolfSSL_shutdown(ssl);
+        wolfSSL_free(ssl);
+    }
+
+    /* clean up socket */
+    if (xConnectedSocket) {
+        FreeRTOS_shutdown(xConnectedSocket, FREERTOS_SHUT_RDWR);
+        FreeRTOS_closesocket(xConnectedSocket);
+        xConnectedSocket = NULL;
+    }
+    if (xListeningSocket) {
+        FreeRTOS_shutdown(xListeningSocket, FREERTOS_SHUT_RDWR);
+        FreeRTOS_closesocket(xListeningSocket);
+        xListeningSocket = NULL;
+    }
+
+    return ret;
+}
+#endif /* TLS_SERVER */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
new file mode 100644
index 00000000..4f437bc7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/test/wolfssl_rsip_unit_test.c
@@ -0,0 +1,1325 @@
+/* wolfssl_sce_unit_test.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if  defined(WOLFSSL_RENESAS_FSPSM) && \
+     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#include <wolfssl/wolfcrypt/sha.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#include "FreeRTOS.h"
+
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+int devId1 = INVALID_DEVID;
+
+#ifndef NO_SHA
+ int sha_test();
+#endif
+
+#ifndef NO_SHA256
+ int sha256_test();
+ void tskSha256_Test1(void *pvParam);
+ int rsip_crypt_sha256_multitest();
+#endif
+#ifdef WOLFSSL_SHA224
+ int sha224_test();
+#endif
+#ifdef WOLFSSL_SHA384
+ int sha384_test();
+#endif
+#ifdef WOLFSSL_SHA512
+ int sha512_test();
+#endif
+
+#define STACK_SIZE (1 * 1024)
+
+#define RESULT_STR(ret)  if (ret == 0)\
+                          printf(" \tPassed \n");\
+                         else \
+                          printf(" \tFailed \n");
+
+static xSemaphoreHandle exit_semaph;
+static byte exit_loop = 0;
+static byte sha256_multTst_rslt1 = 0;
+static byte sha256_multTst_rslt2 = 0;
+static byte Aes128_Cbc_multTst_rslt = 0;
+static byte Aes256_Cbc_multTst_rslt = 0;
+static byte Aes128_Gcm_multTst_rslt = 0;
+static byte Aes256_Gcm_multTst_rslt = 0;
+
+int rsip_crypt_AesCbc_multitest();
+int rsip_crypt_AesGcm_multitest();
+int rsip_crypt_Sha_AesCbcGcm_multitest();
+int rsip_crypt_sha_multitest();
+int rsip_crypt_test();
+
+void Clr_CallbackCtx(FSPSM_ST *g);
+
+FSPSM_ST gCbInfo;
+FSPSM_ST gCbInfo_a; /* for multi testing */
+
+#if defined(HAVE_AES_CBC)
+
+#if defined(WOLFSSL_AES_128)
+    uint8_t        wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+    uint8_t        wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_128];
+    FSPSM_AES_PWKEY g_user_aes128_key_index1 =
+                        (FSPSM_AES_PWKEY)wrapped_key1;
+    FSPSM_AES_PWKEY g_user_aes128_key_index2 =
+                        (FSPSM_AES_PWKEY)wrapped_key2;
+#endif
+
+#if defined(WOLFSSL_AES_256)
+    uint8_t        wrapped_key3[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+    uint8_t        wrapped_key4[RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256];
+    FSPSM_AES_PWKEY g_user_aes256_key_index1 =
+                        (FSPSM_AES_PWKEY)wrapped_key3;
+    FSPSM_AES_PWKEY g_user_aes256_key_index2 =
+                        (FSPSM_AES_PWKEY)wrapped_key4;
+#endif
+
+#endif
+
+#if !defined(NO_RSA)
+    uint8_t rsa1024_wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PUBLIC];
+    uint8_t rsa1024_wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_1024_PRIVATE ];
+    uint8_t rsa2048_wrapped_key1[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PUBLIC];
+    uint8_t rsa2048_wrapped_key2[RSIP_BYTE_SIZE_WRAPPED_KEY_RSA_2048_PRIVATE ];
+    
+    FSPSM_RSA1024_WPB_KEY* g_user_rsa1024_public_key =
+                    (FSPSM_RSA1024_WPB_KEY*)rsa1024_wrapped_key1;
+    FSPSM_RSA1024_WPI_KEY* g_user_rsa1024_private_key =
+                    (FSPSM_RSA1024_WPI_KEY*)rsa1024_wrapped_key2;
+    FSPSM_RSA2048_WPB_KEY* g_user_rsa2048_public_key =
+                    (FSPSM_RSA2048_WPB_KEY*)rsa2048_wrapped_key1;
+    FSPSM_RSA2048_WPI_KEY* g_user_rsa2048_private_key =
+                    (FSPSM_RSA2048_WPI_KEY*)rsa2048_wrapped_key2;
+#endif
+typedef struct tagInfo
+{
+    FSPSM_AES_PWKEY aes_key;
+} Info;
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+
+static int rsip_aes128_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
+{
+
+    Aes  aes[1];
+
+    byte cipher[AES_BLOCK_SIZE];
+    byte plain[AES_BLOCK_SIZE];
+    word32 keySz = (word32)(128/8);
+    int  ret = 0;
+
+    WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { 
+       /* "Now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+    byte iv[]  = "1234567890abcdef   ";  /* align */
+
+    XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+    XMEMSET(plain, 0, AES_BLOCK_SIZE);
+
+    if (prnt) {
+        printf(" rsip_aes_cbc_test() ");
+    }
+    
+    ret = wc_AesInit(aes, NULL, devId1);
+    if (ret == 0) {
+        ret = wc_AesSetKey(aes, (byte*)aes_key, keySz,
+                               iv, AES_ENCRYPTION);
+        if (ret == 0) {
+            ret = wc_AesCbcEncrypt(aes, cipher, msg, AES_BLOCK_SIZE);
+        }
+
+        wc_AesFree(aes);
+    }
+
+    if (ret != 0)
+        ret = -1;
+
+#ifdef HAVE_AES_DECRYPT
+    ret = wc_AesInit(aes, NULL, devId1);
+    if (ret == 0) {
+        ret = wc_AesSetKey(aes, (byte*)aes_key, keySz,
+                               iv, AES_DECRYPTION);
+        if (ret == 0)
+            ret = wc_AesCbcDecrypt(aes, plain, cipher, AES_BLOCK_SIZE);
+
+        wc_AesFree(aes);
+    }
+    if (ret != 0)
+        ret = -2;
+    if (XMEMCMP(plain, msg, AES_BLOCK_SIZE) != 0)
+        ret = -3;
+#endif /* HAVE_AES_DECRYPT */
+
+    (void)plain;
+
+    if (prnt) {
+        RESULT_STR(ret)
+    }
+    
+    return ret;
+}
+
+static void tskAes128_Cbc_Test(void *pvParam)
+{
+    int ret = 0;
+    Info *p = (Info*)pvParam;
+    
+    while (exit_loop == 0) {
+        ret = rsip_aes128_cbc_test(0, p->aes_key);
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). rsip_aes_cbc_test\n", ret);
+            Aes128_Cbc_multTst_rslt = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+#endif
+
+#ifdef WOLFSSL_AES_256
+static int rsip_aes256_cbc_test(int prnt, FSPSM_AES_PWKEY aes_key)
+{
+    Aes enc[1];
+    byte cipher[AES_BLOCK_SIZE];
+    byte plain[AES_BLOCK_SIZE];
+    Aes dec[1];
+    const word32 keySz = (word32)(256/8);
+    int  ret = 0;
+
+    /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
+     * Appendix F.2.5  */
+    WOLFSSL_SMALL_STACK_STATIC const byte msg[] = {
+        0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+        0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+    };
+    WOLFSSL_SMALL_STACK_STATIC byte iv[]  = {
+        0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+        0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
+    };
+
+    if (prnt)
+        printf(" rsip_aes256_test() ");
+    
+    if (wc_AesInit(enc, NULL, devId1) != 0) {
+        ret = -1;
+        goto out;
+    }
+
+    if (wc_AesInit(dec, NULL, devId1) != 0){
+        ret = -2;
+        goto out;
+    }
+
+    ret = wc_AesSetKey(enc, (uint8_t*)aes_key,
+                       keySz, iv, AES_ENCRYPTION);
+    if (ret != 0){
+        ret = -3;
+        goto out;
+    }
+
+    ret = wc_AesSetKey(dec, (uint8_t*)aes_key,
+                       keySz, iv, AES_DECRYPTION);
+    if (ret != 0) {
+        ret = -4;
+        goto out;
+    }
+
+    XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+    ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+
+    if (ret != 0) {
+        ret = -5;
+        goto out;
+    }
+
+    XMEMSET(plain, 0, AES_BLOCK_SIZE);
+    ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+
+    if (ret != 0){
+        ret = -6;
+        goto out;
+    }
+    if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+        ret = -7;
+        goto out;
+    }
+
+out:
+    wc_AesFree(enc);
+    wc_AesFree(dec);
+
+    if (prnt) {
+        RESULT_STR(ret)
+    }
+    
+    return ret;
+}
+
+static void tskAes256_Cbc_Test(void *pvParam)
+{
+    int ret = 0;
+    Info *p = (Info*)pvParam;
+    
+    while (exit_loop == 0) {
+        ret = rsip_aes256_cbc_test(0, p->aes_key);
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). rsip_aes256_test\n", ret);
+            Aes256_Cbc_multTst_rslt = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+#endif /* WOLFSSL_AES_256 */
+
+#if defined(WOLFSSL_AES_256)
+static int rsip_aesgcm256_test(int prnt, FSPSM_AES_PWKEY aes256_key)
+{
+    Aes enc[1];
+    Aes dec[1];
+    FSPSM_ST userContext;
+    word32 keySz = (word32)(256/8);
+    /*
+     * This is Test Case 16 from the document Galois/
+     * Counter Mode of Operation (GCM) by McGrew and
+     * Viega.
+     */
+    WOLFSSL_SMALL_STACK_STATIC const byte p[] =
+    {
+        0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+        0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+        0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+        0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+        0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+        0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+        0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+        0xba, 0x63, 0x7b, 0x39
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte a[] =
+    {
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xab, 0xad, 0xda, 0xd2
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
+    {
+        0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+        0xde, 0xca, 0xf8, 0x88
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte c1[] =
+    {
+        0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+        0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+        0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+        0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+        0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+        0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+        0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+        0xbc, 0xc9, 0xf6, 0x62
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
+    {
+        0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+        0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+    };
+
+    byte resultT[sizeof(t1)];
+    byte resultP[sizeof(p) + AES_BLOCK_SIZE];
+    byte resultC[sizeof(p) + AES_BLOCK_SIZE];
+    int  result = 0;
+    int  ret;
+
+    (void) result;
+
+    if (prnt) {
+        printf(" rsip_aes256_gcm_test() ");
+    }
+    
+    XMEMSET(resultT, 0, sizeof(resultT));
+    XMEMSET(resultC, 0, sizeof(resultC));
+    XMEMSET(resultP, 0, sizeof(resultP));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
+
+    if (wc_AesInit(enc, NULL, devId1) != 0) {
+        ret = -1;
+        goto out;
+    }
+    if (wc_AesInit(dec, NULL, devId1) != 0) {
+        ret = -2;
+        goto out;
+    }
+
+    result = wc_AesGcmSetKey(enc, (byte*)aes256_key,
+                             keySz);
+    if (result != 0) {
+        ret = -3;
+        goto out;
+    }
+
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+                                (byte*)iv1, sizeof(iv1), 
+                                resultT, sizeof(resultT),
+                                 a, sizeof(a));
+
+    if (result != 0) {
+        ret = -4;
+        goto out;
+    }
+
+    result = wc_AesGcmSetKey(dec, (byte*)aes256_key,
+                             keySz);
+    if (result != 0) {
+        ret = -7;
+        goto out;
+    }
+    
+    result = wc_AesGcmDecrypt(dec, resultP, resultC, sizeof(c1),
+                iv1, sizeof(iv1), resultT, sizeof(resultT),
+                 a, sizeof(a));
+    if (result != 0){
+        ret = -8;
+        goto out;
+    }
+    if (XMEMCMP(p, resultP, sizeof(p))) {
+        ret = -9;
+        goto out;
+    }
+
+    XMEMSET(resultT, 0, sizeof(resultT));
+    XMEMSET(resultC, 0, sizeof(resultC));
+    XMEMSET(resultP, 0, sizeof(resultP));
+
+    wc_AesGcmSetKey(enc, (byte*)aes256_key,
+                        RSIP_BYTE_SIZE_WRAPPED_KEY_AES_256);
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    result = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p),
+                                (byte*)iv1, sizeof(iv1),
+                                resultT + 1, sizeof(resultT) - 1,
+                                a, sizeof(a));
+    if (result != 0) {
+        ret = -10;
+        goto out;
+    }
+
+    result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
+              iv1, sizeof(iv1), resultT + 1, sizeof(resultT) - 1, 
+              a, sizeof(a));
+
+    if (result != 0) {
+        ret = -11;
+        goto out;
+    }
+    if (XMEMCMP(p, resultP, sizeof(p))) {
+        ret = -12;
+        goto out;
+    }
+
+    ret = 0;
+
+  out:
+    wc_AesFree(enc);
+    wc_AesFree(dec);
+    
+    if (prnt) {
+        RESULT_STR(ret)
+    }
+    
+    return ret;
+}
+
+static void tskAes256_Gcm_Test(void *pvParam)
+{
+    int ret = 0;
+    Info *p = (Info*)pvParam;
+    
+    while (exit_loop == 0) {
+        ret = rsip_aesgcm256_test(0, p->aes_key);
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). rsip_aesgcm256_test\n", ret);
+            Aes256_Gcm_multTst_rslt = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+#if defined(WOLFSSL_AES_128)
+
+static int rsip_aesgcm128_test(int prnt, FSPSM_AES_PWKEY aes128_key)
+{
+    Aes enc[1];
+    Aes dec[1];
+    FSPSM_ST userContext;
+    word32 keySz = (word32)(128/8);
+    /*
+     * This is Test Case 16 from the document Galois/
+     * Counter Mode of Operation (GCM) by McGrew and
+     * Viega.
+     */
+    WOLFSSL_SMALL_STACK_STATIC const byte p[] =
+    {
+        0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+        0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+        0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+        0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+        0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+        0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+        0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+        0xba, 0x63, 0x7b, 0x39
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte t1[] =
+    {
+        0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+        0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+    };
+
+    /* The following is an interesting test case from the example
+     * FIPS test vectors for AES-GCM. IVlen = 1 byte */
+    WOLFSSL_SMALL_STACK_STATIC const byte p3[] =
+    {
+        0x57, 0xce, 0x45, 0x1f, 0xa5, 0xe2, 0x35, 0xa5,
+        0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
+    {
+        0xca
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte c3[] =
+    {
+        0x6b, 0x5f, 0xb3, 0x9d, 0xc1, 0xc5, 0x7a, 0x4f,
+        0xf3, 0x51, 0x4d, 0xc2, 0xd5, 0xf0, 0xd0, 0x07
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte a3[] =
+    {
+        0x40, 0xfc, 0xdc, 0xd7, 0x4a, 0xd7, 0x8b, 0xf1,
+        0x3e, 0x7c, 0x60, 0x55, 0x50, 0x51, 0xdd, 0x54
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC const byte t3[] =
+    {
+        0x06, 0x90, 0xed, 0x01, 0x34, 0xdd, 0xc6, 0x95,
+        0x31, 0x2e, 0x2a, 0xf9, 0x57, 0x7a, 0x1e, 0xa6
+    };
+
+    byte resultT[sizeof(t1)];
+    byte resultP[sizeof(p) + AES_BLOCK_SIZE];
+    byte resultC[sizeof(p) + AES_BLOCK_SIZE];
+    int  result = 0;
+    int ret;
+
+    (void) result;
+
+    if (prnt) {
+        printf(" rsip_aes128_gcm_test() ");
+    }
+
+    XMEMSET(resultT, 0, sizeof(resultT));
+    XMEMSET(resultC, 0, sizeof(resultC));
+    XMEMSET(resultP, 0, sizeof(resultP));
+    XMEMSET(&userContext, 0, sizeof(FSPSM_ST));
+
+    if (wc_AesInit(enc, NULL, devId1) != 0) {
+        ret = -1;
+        goto out;
+    }
+
+    if (wc_AesInit(dec, NULL, devId1) != 0) {
+        ret = -2;
+        goto out;
+    }
+
+    wc_AesGcmSetKey(enc, (byte*)aes128_key, keySz);
+    if (result != 0) {
+        ret = -3;
+        goto out;
+    }
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    result = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
+                                        resultT, sizeof(t3), a3, sizeof(a3));
+    if (result != 0) {
+        ret = -4;
+        goto out;
+    }
+    
+
+    result = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(c3),
+                      iv3, sizeof(iv3), resultT, sizeof(t3), a3, sizeof(a3));
+    if (result != 0) {
+        ret = -5;
+        goto out;
+    }
+    if (XMEMCMP(p3, resultP, sizeof(p3))) {
+        ret = -6;
+        goto out;
+    }
+
+    ret = 0;
+
+  out:
+    wc_AesFree(enc);
+    wc_AesFree(dec);
+    
+    if (prnt) {
+        RESULT_STR(ret)
+    }
+    
+    return ret;
+}
+
+static void tskAes128_Gcm_Test(void *pvParam)
+{
+    int ret = 0;
+    Info *p = (Info*)pvParam;
+    
+    while (exit_loop == 0) {
+        ret = rsip_aesgcm128_test(0, p->aes_key);
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). rsip_aesgcm128_test\n", ret);
+            Aes128_Gcm_multTst_rslt = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+#endif
+
+#if !defined(NO_RSA)
+
+/* testing rsa sign/verify w/ rsa 2048 bit key */
+#define TEST_STRING     "Everyone gets Friday off."
+#define TEST_STRING2    "Everyone gets Friday ofv."
+#define TEST_STRING_SZ   25
+#define RSA_TEST_BYTES   256 /* up to 2048-bit key */
+
+static int rsip_rsa_test(int prnt, int keySize)
+{
+    int ret = 0;
+    
+    RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    WC_RNG rng;
+    const char inStr [] = TEST_STRING;
+    const char inStr2[] = TEST_STRING2;
+    const word32 inLen = (word32)TEST_STRING_SZ;
+    const word32 outSz = RSA_TEST_BYTES;
+    word32 out_actual_len = 0;
+    byte *in = NULL;
+    byte *in2 = NULL;
+    byte *out= NULL;
+    byte *out2 = NULL;
+    
+    in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out2 = (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (key == NULL || in == NULL || out == NULL ||
+        in2 == NULL || out2 == NULL) {
+        ret = -1;
+        goto out;
+    }
+    
+    XMEMSET(&rng, 0, sizeof(rng));
+    XMEMSET(key, 0, sizeof *key);
+    XMEMCPY(in, inStr, inLen);
+    XMEMCPY(in2, inStr2, inLen);
+    XMEMSET(out,  0, outSz);
+    XMEMSET(out2, 0, outSz);
+    
+    ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+    if (ret != 0) {
+        goto out;
+    }
+    
+    if ((ret = wc_InitRng(&rng)) != 0)
+        goto out;
+
+    if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+        goto out;
+
+    /* Set Rsa Key created by RSIP in Advance */
+    if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+        goto out;
+    }
+    
+    ret = wc_RsaPublicEncrypt(in, inLen, out, outSz, key, &rng);
+    if (ret < 0) {
+        goto out;
+    }
+
+    ret = wc_RsaPrivateDecrypt(out, (word32)(keySize/8), out2, outSz, key);
+    if (ret < 0) {
+        ret = -1;
+        goto out;
+    }
+
+    if (XMEMCMP(in, out2, inLen) != 0) {
+        ret = -2;
+        goto out;
+    }
+
+    ret = 0;
+out:
+    if (key != NULL) {
+        wc_FreeRsaKey(key);
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in != NULL) {
+        XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in2 != NULL) {
+        XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (out != NULL) {
+        XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (out2 != NULL) {
+        XFREE(out2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    
+    (void) prnt;
+    return ret;
+}
+
+static int rsip_rsa_SignVerify_test(int prnt, int keySize)
+{
+    int ret = 0;
+    
+    RsaKey *key = (RsaKey *)XMALLOC(sizeof *key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    WC_RNG rng;
+    word32 sigSz;
+    const char inStr [] = TEST_STRING;
+    const char inStr2[] = TEST_STRING2;
+    const word32 inLen = (word32)TEST_STRING_SZ;
+    const word32 outSz = RSA_TEST_BYTES;
+
+    byte *in = NULL;
+    byte *in2 = NULL;
+    byte *out= NULL;
+    byte *plain = NULL;
+
+    in = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    in2 = (byte*)XMALLOC(inLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    out= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    plain= (byte*)XMALLOC(outSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    (void) prnt;
+
+    if (key == NULL || in == NULL || out == NULL || plain == NULL) {
+        ret = -1;
+        goto out;
+    }
+    
+    XMEMSET(&rng, 0, sizeof(rng));
+    XMEMSET(key, 0, sizeof *key);
+    XMEMCPY(in, inStr, inLen);
+    XMEMCPY(in2, inStr2, inLen);
+
+    ret = wc_InitRsaKey_ex(key, NULL, 7890/* fixed devid for TSIP/SCE*/);
+    if (ret != 0) {
+        goto out;
+    }
+    
+    if ((ret = wc_InitRng(&rng)) != 0)
+        goto out;
+    
+    if ((ret = wc_RsaSetRNG(key, &rng)) != 0)
+        goto out;
+
+    /* make rsa key by SCE */
+    if ((ret = wc_MakeRsaKey(key, keySize, 65537, &rng)) != 0) {
+        goto out;
+    }
+    
+    gCbInfo.keyflgs_crypt.bits.message_type = 0;
+    ret = wc_RsaSSL_Sign(in, inLen, out, outSz, key, &rng);
+    if (ret < 0) {
+        goto out;
+    }
+    sigSz = (word32)ret;
+    //* this should fail */
+    ret = wc_RsaSSL_Verify(in2, inLen, out, (word32)(keySize/8), key);
+    if (ret != FSP_ERR_CRYPTO_RSIP_FAIL) {
+        ret = -1;
+        goto out;
+    }
+    /* this should succeed */
+    ret = wc_RsaSSL_Verify(in, inLen, out, (word32)(keySize/8), key);
+    if (ret < 0) {
+        ret = -1;
+        goto out;
+    }
+    ret = 0;
+  out:
+    if (key != NULL) {
+        wc_FreeRsaKey(key);
+        XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in != NULL) {
+        XFREE(in, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (in2 != NULL) {
+        XFREE(in2, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (out != NULL) {
+        XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    
+    return ret;
+}
+#endif
+
+
+
+#ifndef NO_SHA256
+
+void tskSha256_Test1(void *pvParam)
+{
+    int ret = 0;
+    (void)pvParam;
+
+    while (exit_loop == 0) {
+        ret = sha256_test();
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). sha_test\n", ret);
+            sha256_multTst_rslt1 = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+
+static void tskSha256_Test2(void *pvParam)
+{
+    int ret = 0;
+    (void)pvParam;
+
+    while (exit_loop == 0) {
+        ret = sha256_test();
+        vTaskDelay(10/portTICK_PERIOD_MS);
+        if (ret != 0) {
+            printf(" result was not good(%d). sha256_test\n", ret);
+            sha256_multTst_rslt2 = 1;
+        }
+    }
+
+    xSemaphoreGive(exit_semaph);
+    vTaskDelete(NULL);
+}
+#endif
+
+int rsip_crypt_sha256_multitest()
+{
+    int ret = 0;
+    int num = 0;
+    int i;
+    BaseType_t xRet;
+    
+#ifndef NO_SHA256
+    num+=2;
+#endif
+    exit_loop = 0;
+    sha256_multTst_rslt1 = 0;
+    sha256_multTst_rslt2 = 0;
+
+    exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+    xRet = pdPASS;
+    
+#ifndef NO_SHA256
+    xRet = xTaskCreate(tskSha256_Test1, "sha256_test1",
+                                        STACK_SIZE, NULL, 2, NULL);
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskSha256_Test2, "sha256_test2",
+                                        STACK_SIZE, NULL, 3, NULL);
+#endif
+
+    if (xRet == pdPASS) {
+        printf(" Waiting for completing tasks ...");
+        vTaskDelay(10000/portTICK_PERIOD_MS);
+        exit_loop = true;
+
+        for (i = 0; i < num; i++) {
+            if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+                printf("exit semaphore not released by test task");
+                ret = -1;
+                xRet = pdFAIL;
+            }
+        }
+    }
+    
+    vSemaphoreDelete(exit_semaph);
+    
+    if ((xRet == pdPASS) &&
+       (sha256_multTst_rslt1 == 0 && sha256_multTst_rslt2 == 0))
+        ret = 0;
+    else
+        ret = -1;
+    
+    RESULT_STR(ret)
+
+    return ret;
+}
+
+
+int rsip_crypt_AesCbc_multitest()
+{
+    int ret = 0;
+    int num = 0;
+    int i;
+    Info info_aes1;
+    Info info_aes2;
+    Info info_aes256_1;
+    Info info_aes256_2;
+    BaseType_t xRet;
+    
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+    num+=2;
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+    num+=2;
+#endif
+    exit_loop = 0;
+    Aes128_Cbc_multTst_rslt = 0;
+    Aes256_Cbc_multTst_rslt = 0;
+
+    exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+    xRet = pdPASS;
+    
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes1.aes_key, &g_user_aes128_key_index1,
+                                            sizeof(FSPSM_AES_PWKEY));
+    xRet = xTaskCreate(tskAes128_Cbc_Test, "aes_cbc_tes1t",
+                                    STACK_SIZE, &info_aes1, 3, NULL);
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes2.aes_key, &g_user_aes128_key_index2,
+                                            sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes128_Cbc_Test, "aes_cbc_test2",
+                                    STACK_SIZE, &info_aes2, 3, NULL);
+#endif
+
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256_1.aes_key, &g_user_aes256_key_index1,
+                                            sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test1",
+                                    STACK_SIZE, &info_aes256_1, 3, NULL);
+#endif
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256_2.aes_key, &g_user_aes256_key_index2,
+                                            sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test2",
+                                    STACK_SIZE, &info_aes256_2, 3, NULL);
+#endif
+    
+    if (xRet == pdPASS) {
+    printf(" Waiting for completing tasks ...   ");
+        vTaskDelay(10000/portTICK_PERIOD_MS);
+        exit_loop = 1;
+
+        for (i = 0; i < num; i++) {
+            if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+                printf("exit semaphore not released by test task");
+                ret = -1;
+                xRet = pdFAIL;
+            }
+        }
+    }
+    
+    vSemaphoreDelete(exit_semaph);
+
+    if ((xRet == pdPASS) &&
+       (Aes128_Cbc_multTst_rslt == 0 && Aes256_Cbc_multTst_rslt == 0))
+        ret = 0;
+    else
+        ret = -1;
+
+    RESULT_STR(ret)
+
+    return ret;
+}
+
+
+int rsip_crypt_AesGcm_multitest()
+{
+    int ret = 0;
+    int num = 0;
+    int i;
+    Info info_aes1;
+    Info info_aes2;
+    Info info_aes256_1;
+    Info info_aes256_2;
+    BaseType_t xRet;
+    
+#if defined(WOLFSSL_AES_128)
+    num+=2;
+#endif
+#if defined(WOLFSSL_AES_256)
+    num+=2;
+#endif
+
+    exit_loop = 0;
+    Aes128_Gcm_multTst_rslt = 0;
+    Aes256_Gcm_multTst_rslt = 0;
+
+    exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+    xRet = pdPASS;
+    
+#if defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes1.aes_key, &g_user_aes128_key_index1,
+                                    sizeof(FSPSM_AES_PWKEY));
+    xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test1",
+                                    STACK_SIZE, &info_aes1, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes2.aes_key, &g_user_aes128_key_index2,
+                                        sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test2",
+                                        STACK_SIZE, &info_aes2, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256_1.aes_key, &g_user_aes256_key_index1,
+                                        sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test1",
+                                    STACK_SIZE, &info_aes256_1, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256_2.aes_key, &g_user_aes256_key_index2,
+                                        sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test2",
+                                    STACK_SIZE, &info_aes256_2, 3, NULL);
+#endif
+
+    if (xRet == pdPASS) {
+        printf(" Waiting for completing tasks ...   ");
+        vTaskDelay(10000/portTICK_PERIOD_MS);
+        exit_loop = 1;
+
+        for (i = 0; i < num; i++) {
+            if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+                printf("exit semaphore not released by test task");
+                ret = -1;
+                xRet = pdFAIL;
+            }
+        }
+    }
+    
+    vSemaphoreDelete(exit_semaph);
+
+    if ((xRet == pdPASS) &&
+        (Aes128_Gcm_multTst_rslt == 0 && Aes256_Gcm_multTst_rslt == 0))
+        ret = 0;
+    else
+        ret = -1;
+
+    RESULT_STR(ret)
+
+    return ret;
+}
+
+int rsip_crypt_Sha_AesCbcGcm_multitest()
+{
+    int ret = 0;
+    int num = 0;
+    int i;
+    Info info_aes128cbc;
+    Info info_aes128gcm;
+    Info info_aes256cbc;
+    Info info_aes256gcm;
+    BaseType_t xRet;
+    
+#ifndef NO_SHA256
+    num+=2;
+#endif
+
+#if defined(WOLFSSL_AES_128)
+    num+=2;
+#endif
+#if defined(WOLFSSL_AES_256)
+    num+=2;
+#endif
+
+    exit_loop = 0;
+    sha256_multTst_rslt1 = 0;
+    sha256_multTst_rslt2 = 0;
+    Aes128_Cbc_multTst_rslt = 0;
+    Aes256_Cbc_multTst_rslt = 0;
+    Aes128_Gcm_multTst_rslt = 0;
+    Aes256_Gcm_multTst_rslt = 0;
+
+    exit_semaph = xSemaphoreCreateCounting((UBaseType_t)num, 0);
+    xRet = pdPASS;
+    
+#ifndef NO_SHA256
+    xRet = xTaskCreate(tskSha256_Test1, "sha256_test1", 
+                                            STACK_SIZE, NULL, 3, NULL);
+
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskSha256_Test2, "sha256_test2", 
+                                            STACK_SIZE, NULL, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes128cbc.aes_key, &g_user_aes128_key_index1, 
+                                                sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes128_Cbc_Test, "aes128_cbc_test1", 
+                                    STACK_SIZE, &info_aes128cbc, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_128)
+    XMEMCPY(&info_aes128gcm.aes_key, &g_user_aes128_key_index2, 
+                                                sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes128_Gcm_Test, "aes128_gcm_test2", 
+                                    STACK_SIZE, &info_aes128gcm, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256cbc.aes_key, &g_user_aes256_key_index1, 
+                                                sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Cbc_Test, "aes256_cbc_test1", 
+                                    STACK_SIZE, &info_aes256cbc, 3, NULL);
+#endif
+
+#if defined(WOLFSSL_AES_256)
+    XMEMCPY(&info_aes256gcm.aes_key, &g_user_aes256_key_index2, 
+                                                sizeof(FSPSM_AES_PWKEY));
+    if (xRet == pdPASS)
+        xRet = xTaskCreate(tskAes256_Gcm_Test, "aes256_gcm_test2", 
+                                    STACK_SIZE, &info_aes256gcm, 3, NULL);
+#endif
+
+    if (xRet == pdPASS) {
+        printf(" Waiting for completing tasks ...   ");
+        vTaskDelay(10000/portTICK_PERIOD_MS);
+        exit_loop = 1;
+
+        for (i = 0; i < num; i++) {
+            if(!xSemaphoreTake(exit_semaph, 2000/portTICK_PERIOD_MS)) {
+                printf("exit semaphore not released by test task");
+                ret = -1;
+                xRet = pdFAIL;
+            }
+        }
+    }
+    
+    vSemaphoreDelete(exit_semaph);
+    
+    if ((xRet == pdPASS) && 
+        (Aes128_Gcm_multTst_rslt == 0 && Aes256_Gcm_multTst_rslt == 0) &&
+        (sha256_multTst_rslt1 == 0 && sha256_multTst_rslt2 == 0)) {
+        
+        ret = 0;
+    }
+    else {
+        ret = -1;
+    }
+    
+    RESULT_STR(ret)
+
+    return ret;
+}
+
+int rsip_crypt_test()
+{
+    int ret = 0;
+    fsp_err_t rsip_error_code = FSP_SUCCESS;
+
+    /* Generate AES sce Key */
+    
+    if (rsip_error_code == FSP_SUCCESS) {
+       #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+        /* set up Crypt Call back */
+        Clr_CallbackCtx(&gCbInfo);
+        Clr_CallbackCtx(&gCbInfo_a);
+        
+        /* sets wrapped aes key */
+        gCbInfo.wrapped_key_aes128 = g_user_aes128_key_index1;
+        gCbInfo.wrapped_key_aes256 = g_user_aes256_key_index1;
+        /* sets wrapped rsa key */
+        gCbInfo.wrapped_key_rsapri1024 = g_user_rsa1024_private_key;
+        gCbInfo.wrapped_key_rsapub1024 = g_user_rsa1024_public_key;
+        gCbInfo.wrapped_key_rsapri2048 = g_user_rsa2048_private_key;
+        gCbInfo.wrapped_key_rsapub2048 = g_user_rsa2048_public_key;
+        
+        RSIP_KeyGeneration(&gCbInfo);
+        
+        /* Key generation for multi testing */
+        gCbInfo_a.wrapped_key_aes128 = g_user_aes128_key_index2;
+        gCbInfo_a.wrapped_key_aes256 = g_user_aes256_key_index2;
+        RSIP_KeyGeneration(&gCbInfo_a);
+        
+        /* set callback ctx */
+        ret = wc_CryptoCb_CryptInitRenesasCmn(NULL, &gCbInfo);
+
+        if ( ret > 0) {
+            devId1 = ret;
+            ret = 0;
+        }
+
+        if (ret == 0) {
+            printf(" rsip_rsa_test(512)(this will be done"
+            " by SW because RSIP doesn't support 512 bits key size.)");
+            ret = rsip_rsa_test(1, 512);
+            RESULT_STR(ret)
+        }
+
+        if (ret == 0) {
+            printf(" rsip_rsa_test(1024)");
+            ret = rsip_rsa_test(1, 1024);
+            RESULT_STR(ret)
+        }
+
+        if (ret == 0) {
+            printf(" rsip_rsa_test(2048)");
+            ret = rsip_rsa_test(1, 2048);
+            RESULT_STR(ret)
+        }
+
+        if (ret == 0) {
+            gCbInfo.hash_type = RSIP_HASH_TYPE_SHA256 ;
+            printf(" rsip_rsa_SignVerify_test(1024)");
+            ret = rsip_rsa_SignVerify_test(1, 1024);
+            RESULT_STR(ret)
+        }
+
+        if (ret == 0 && rsip_error_code == FSP_SUCCESS) {
+            printf(" rsip_rsa_SignVerify_test(2048)");
+            ret = rsip_rsa_SignVerify_test(1, 2048);
+            RESULT_STR(ret)
+        }
+
+       #endif /* WOLFSSL_RENESAS_RSIP_CRYPTONLY */
+
+   #ifndef NO_SHA256
+        printf(" sha256_test()");
+        ret = sha256_test();
+        RESULT_STR(ret)
+   #endif
+   #ifdef WOLFSSL_SHA224
+        printf(" sha224_test()");
+        ret = sha224_test();
+        RESULT_STR(ret)
+   #endif
+   #ifdef WOLFSSL_SHA384
+        printf(" sha384_test()");
+        ret = sha384_test();
+        RESULT_STR(ret)
+   #endif
+   #ifdef WOLFSSL_SHA512
+        printf(" sha512_test()");
+        ret = sha512_test();
+        RESULT_STR(ret)
+   #endif
+
+        ret = rsip_aes128_cbc_test(1, g_user_aes128_key_index1);
+
+        if (ret == 0) {
+            ret = rsip_aes256_cbc_test(1, g_user_aes256_key_index1);
+        }
+
+        if (ret == 0) {
+            ret = rsip_aesgcm128_test(1, g_user_aes128_key_index1);
+        }
+
+        if (ret == 0) {
+            ret = rsip_aesgcm256_test(1, g_user_aes256_key_index1);
+        }
+        
+        if (ret == 0) {
+            printf(" multi sha thread test\n");
+            ret = rsip_crypt_sha256_multitest();
+        }
+        
+        if (ret == 0) {
+            printf(" multi Aes cbc thread test\n");
+            ret = rsip_crypt_AesCbc_multitest();
+        }
+        
+        if (ret == 0) {
+            printf(" multi Aes Gcm thread test\n");
+            ret = rsip_crypt_AesGcm_multitest();
+        }
+        
+        if (ret == 0) {
+            printf("rsip_crypt_Sha_AesCbcGcm_multitest\n");
+            ret = rsip_crypt_Sha_AesCbcGcm_multitest();
+        }
+        
+    #if defined(WOLFSSL_RENESAS_RSIP_CRYPTONLY)
+        Clr_CallbackCtx(&gCbInfo);
+        Clr_CallbackCtx(&gCbInfo_a);
+    #endif
+    }
+    else
+        ret = -1;
+
+    return ret;
+}
+
+#endif /* WOLFSSL_RENESAS_RSIP */
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfCrypt/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
new file mode 100644
index 00000000..c96a04f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfSSL/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/wc_port.h b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
index 9613b732..2b9642c0 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/wc_port.h
+++ b/extra/wolfssl/wolfssl/IDE/Renesas/e2studio/RZN2L/test/src/wolfssl_dummy.c
@@ -1,4 +1,4 @@
-/* port.h
+/* wolfssl_dummy.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,14 +19,15 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
-
-
-#ifndef CTAO_CRYPT_PORT_H
-#define CTAO_CRYPT_PORT_H
-
-#include <cyassl/ctaocrypt/visibility.h>
 #include <wolfssl/wolfcrypt/wc_port.h>
-#define CyaSSL_Mutex wolfSSL_Mutex
 
-#endif /* CTAO_CRYPT_PORT_H */
+#define YEAR 2023
+#define MON  9
+
+static int tick = 0;
 
+time_t time(time_t *t)
+{
+    (void)t;
+    return ((YEAR-1970)*365+30*MON)*24*60*60 + tick++;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c b/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
index a8ef00af..72c3613f 100644
--- a/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
+++ b/extra/wolfssl/wolfssl/IDE/STARCORE/starcore_test.c
@@ -293,7 +293,7 @@ int testharness_main()
         process_a_file(strcat(path, "AES_CBC_47242.json")); // Failed to allocate buffer large enough for file, fixed by chopping into smaller sections
         process_a_file(strcat(path, "AES_CCM_47247.json")); // Failed, increase stack/heap
         process_a_file(strcat(path, "AES_CCM_47247-part1.json")); // Failed to write out the entire response (got 104 of 370 tgId's in the response)
-        process_a_file(strcat(path, "AES_CCM_47247-part2.json")); // Failed ot write out the entire response (started at 371 and got to 429 of 741 tgId's in the response) looks like alloc failures, increase HEAP
+        process_a_file(strcat(path, "AES_CCM_47247-part2.json")); // Failed to write out the entire response (started at 371 and got to 429 of 741 tgId's in the response) looks like alloc failures, increase HEAP
         process_a_file(strcat(path, "DSA_keyGen_47253.json")); // Success
         process_a_file(strcat(path, "RSA_DecPrim_47306.json")); // Success
         process_a_file(strcat(path, "ECDSA_sigVer_47258.json")); // Success
diff --git a/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h b/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
index 8be26569..e62f12d6 100644
--- a/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/STARCORE/user_settings.h
@@ -39,7 +39,7 @@ extern "C" {
 #undef WOLFSSL_STARCORE
 #define WOLFSSL_STARCORE
 
-/* Endianess */
+/* Endianness */
 #undef BIG_ENDIAN_ORDER
 #define BIG_ENDIAN_ORDER
 
@@ -204,7 +204,7 @@ extern "C" {
         #else
             #undef ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             /* #undef FP_MAX_BITS_ECC */
             /* #define FP_MAX_BITS_ECC (256 * 2) */
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md b/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
index 8a5bcea4..7268d81f 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/README.md
@@ -31,7 +31,7 @@ You need both the STM32 IDE and the STM32 initialization code generator (STM32Cu
 2. Under “Software Packs� choose “Select Components�.
 3. Find and check all components for the wolfSSL.wolfSSL packs (wolfSSL / Core, wolfCrypt / Core and wolfCrypt / Test). Close
 4. Under the “Software Packs� section click on “wolfSSL.wolfSSL� and configure the parameters.
-5. For Cortex-M recommend “Math Configuration� -> “Single Precision Cortex-M Math� for the fastest option.
+5. For Cortex-M recommend “Math Configuration� -> “Single Precision Cortex-M Math� for the fastest option. If seeing `error: r7 cannot be used in 'asm` add `-fomit-frame-pointer` to the CFLAGS. This only happens in debug builds, because r7 is used for debug.
 6. Hit the "Generate Code" button
 7. Open the project in STM32CubeIDE
 8. The Benchmark example uses float. To enable go to "Project Properties" -> "C/C++ Build" -> "Settings" -> "Tool Settings" -> "MCU Settings" -> Check "Use float with printf".
@@ -87,6 +87,7 @@ The section for "Hardware platform" may need to be adjusted depending on your pr
 * To enable STM32L5 support define `WOLFSSL_STM32L5`.
 * To enable STM32H7 support define `WOLFSSL_STM32H7`.
 * To enable STM32WB support define `WOLFSSL_STM32WB`.
+* To enable STM32WL support define `WOLFSSL_STM32WL`.
 * To enable STM32U5 support define `WOLFSSL_STM32U5`.
 * To enable STM32H5 support define `WOLFSSL_STM32H5`.
 
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md b/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
index 3f429407..129cbdd4 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/STM32_Benchmarks.md
@@ -2,6 +2,7 @@
 
 * [STM32H753ZI](#stm32h753zi)
 * [STM32WB55](#stm32wb55)
+* [STM32WL55](#stm32wl55)
 * [STM32F437](#stm32f437)
 * [STM32L4A6Z](#stm32l4a6z)
 * [STM32L562E](#stm32l562e)
@@ -10,6 +11,7 @@
 * [STM32H563ZI](#stm32h563zi)
 * [STM32G071RB](#stm32g071rb)
 
+
 ## STM32H753ZI
 
 Supports RNG, AES CBC/GCM and SHA-2 acceleration.
@@ -94,6 +96,7 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32WB55
 
 Supports RNG, ECC P-256, AES-CBC and SHA-256 acceleration.
@@ -211,6 +214,86 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
+## STM32WL55
+
+Supports RNG, ECC P-256 and AES-CBC acceleration.
+Note: SP math beats PKA HW. HW RNG on for all tests
+
+Board: NUCLEO-WL55JC1 (MB1389-HIGHBAND-E02)
+CPU: Cortex-M4 at 64 MHz
+IDE: STM32CubeIDE
+RTOS: Bare-Metal
+
+### STM32WL55 (STM AES-CBC Acceleration, -Os, SP-ASM Cortex-M WOLF_CONF_MATH=4)
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                        200 KiB took 1.012 seconds,  197.628 KiB/s
+AES-128-CBC-enc              2 MiB took 1.000 seconds,    2.246 MiB/s
+AES-128-CBC-dec              2 MiB took 1.004 seconds,    2.213 MiB/s
+AES-256-CBC-enc              2 MiB took 1.008 seconds,    2.228 MiB/s
+AES-256-CBC-dec              2 MiB took 1.000 seconds,    2.197 MiB/s
+SHA-256                    600 KiB took 1.000 seconds,  600.000 KiB/s
+HMAC-SHA256                600 KiB took 1.012 seconds,  592.885 KiB/s
+ECC   [      SECP256R1]   256  key gen        56 ops took 1.023 sec, avg 18.268 ms, 54.741 ops/sec
+ECDHE [      SECP256R1]   256    agree        26 ops took 1.024 sec, avg 39.385 ms, 25.391 ops/sec
+ECDSA [      SECP256R1]   256     sign        30 ops took 1.019 sec, avg 33.967 ms, 29.441 ops/sec
+ECDSA [      SECP256R1]   256   verify        18 ops took 1.098 sec, avg 61.000 ms, 16.393 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+### STM32WL55 (STM AES-CBC Acceleration and PKA ECC, -Os)
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                        200 KiB took 1.000 seconds,  200.000 KiB/s
+AES-128-CBC-enc              2 MiB took 1.000 seconds,    2.295 MiB/s
+AES-128-CBC-dec              2 MiB took 1.007 seconds,    2.279 MiB/s
+AES-256-CBC-enc              2 MiB took 1.000 seconds,    2.295 MiB/s
+AES-256-CBC-dec              2 MiB took 1.008 seconds,    2.252 MiB/s
+SHA-256                    575 KiB took 1.043 seconds,  551.294 KiB/s
+HMAC-SHA256                550 KiB took 1.000 seconds,  550.000 KiB/s
+ECC   [      SECP256R1]   256  key gen         4 ops took 1.172 sec, avg 293.000 ms, 3.413 ops/sec
+ECDHE [      SECP256R1]   256    agree         4 ops took 1.165 sec, avg 291.250 ms, 3.433 ops/sec
+ECDSA [      SECP256R1]   256     sign        10 ops took 1.070 sec, avg 107.000 ms, 9.346 ops/sec
+ECDSA [      SECP256R1]   256   verify         6 ops took 1.275 sec, avg 212.500 ms, 4.706 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+### STM32WL55 (No HW Crypto, -Os, SP Math All (WOLF_CONF_MATH=6))
+
+```
+------------------------------------------------------------------------------
+ wolfSSL version 5.6.4
+------------------------------------------------------------------------------
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                        200 KiB took 1.015 seconds,  197.044 KiB/s
+AES-128-CBC-enc            400 KiB took 1.004 seconds,  398.406 KiB/s
+AES-128-CBC-dec            400 KiB took 1.000 seconds,  400.000 KiB/s
+AES-192-CBC-enc            350 KiB took 1.031 seconds,  339.476 KiB/s
+AES-192-CBC-dec            350 KiB took 1.028 seconds,  340.467 KiB/s
+AES-256-CBC-enc            300 KiB took 1.007 seconds,  297.915 KiB/s
+AES-256-CBC-dec            300 KiB took 1.004 seconds,  298.805 KiB/s
+SHA-256                    550 KiB took 1.016 seconds,  541.339 KiB/s
+HMAC-SHA256                550 KiB took 1.024 seconds,  537.109 KiB/s
+ECC   [      SECP256R1]   256  key gen         4 ops took 1.180 sec, avg 295.000 ms, 3.390 ops/sec
+ECDHE [      SECP256R1]   256    agree         4 ops took 1.181 sec, avg 295.250 ms, 3.387 ops/sec
+ECDSA [      SECP256R1]   256     sign         4 ops took 1.306 sec, avg 326.500 ms, 3.063 ops/sec
+ECDSA [      SECP256R1]   256   verify         2 ops took 1.188 sec, avg 594.000 ms, 1.684 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
+
+
 ## STM32F437
 
 Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -295,6 +378,7 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32L4A6Z
 
 Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -304,78 +388,137 @@ Board: NUCLEO-L4A6ZG
 CPU: Cortex-M4 at 80 MHz
 IDE: STM32CubeIDE
 RTOS: FreeRTOS
+Compiler: GCC with -Os
 
-### STM32L4A6Z (STM Crypto/Hash Acceleration, -Os, SP-ASM Cortex-M)
+### STM32L4A6Z (STM Crypto/Hash Acceleration, SP-ASM Cortex-M Small and ARM ASM Thumb speedups)
 
+Build options used:
+
+```c
+#define WOLFSSL_HAVE_SP_ECC
+#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#define WOLFSSL_SP_384
+#define WOLFSSL_SP_SMALL
+#define WOLFSSL_SP_NO_MALLOC
+
+#define WOLFSSL_ARMASM
+#define WOLFSSL_ARMASM_INLINE
+#define WOLFSSL_ARMASM_NO_HW_CRYPTO
+#define WOLFSSL_ARMASM_NO_NEON
+#define WOLFSSL_ARM_ARCH 7
+```
 
 ```
 ------------------------------------------------------------------------------
- wolfSSL version 4.4.1
+ wolfSSL version 5.6.4
 ------------------------------------------------------------------------------
 wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG                250 KB took 1.083 seconds,  230.840 KB/s
-AES-128-CBC-enc      4 MB took 1.000 seconds,    4.175 MB/s
-AES-128-CBC-dec      3 MB took 1.000 seconds,    3.442 MB/s
-AES-256-CBC-enc      3 MB took 1.000 seconds,    3.247 MB/s
-AES-256-CBC-dec      3 MB took 1.008 seconds,    2.664 MB/s
-AES-128-GCM-enc      4 MB took 1.000 seconds,    3.589 MB/s
-AES-128-GCM-dec      4 MB took 1.004 seconds,    3.575 MB/s
-AES-256-GCM-enc      3 MB took 1.004 seconds,    2.869 MB/s
-AES-256-GCM-dec      3 MB took 1.000 seconds,    2.856 MB/s
-CHACHA               2 MB took 1.008 seconds,    2.010 MB/s
-CHA-POLY             1 MB took 1.004 seconds,    1.337 MB/s
-POLY1305             6 MB took 1.000 seconds,    6.030 MB/s
-SHA-256              4 MB took 1.004 seconds,    3.623 MB/s
-HMAC-SHA256          4 MB took 1.000 seconds,    3.540 MB/s
-RSA     2048 public         36 ops took 1.020 sec, avg 28.333 ms, 35.294 ops/sec
-RSA     2048 private         2 ops took 2.031 sec, avg 1015.500 ms, 0.985 ops/sec
-DH      2048 key gen         3 ops took 1.353 sec, avg 451.000 ms, 2.217 ops/sec
-DH      2048 agree           4 ops took 1.804 sec, avg 451.000 ms, 2.217 ops/sec
-ECC      256 key gen        33 ops took 1.011 sec, avg 30.636 ms, 32.641 ops/sec
-ECDHE    256 agree          16 ops took 1.078 sec, avg 67.375 ms, 14.842 ops/sec
-ECDSA    256 sign           24 ops took 1.012 sec, avg 42.167 ms, 23.715 ops/sec
-ECDSA    256 verify         12 ops took 1.165 sec, avg 97.083 ms, 10.300 ops/sec
+RNG                        225 KiB took 1.078 seconds,  208.720 KiB/s
+AES-128-CBC-enc              4 MiB took 1.000 seconds,    4.150 MiB/s
+AES-128-CBC-dec              3 MiB took 1.004 seconds,    3.234 MiB/s
+AES-256-CBC-enc              3 MiB took 1.000 seconds,    3.247 MiB/s
+AES-256-CBC-dec              3 MiB took 1.008 seconds,    2.543 MiB/s
+AES-128-GCM-enc              4 MiB took 1.000 seconds,    3.687 MiB/s
+AES-128-GCM-dec              4 MiB took 1.000 seconds,    3.638 MiB/s
+AES-256-GCM-enc              3 MiB took 1.000 seconds,    2.930 MiB/s
+AES-256-GCM-dec              3 MiB took 1.004 seconds,    2.894 MiB/s
+AES-128-GCM-enc-no_AAD       4 MiB took 1.000 seconds,    3.687 MiB/s
+AES-128-GCM-dec-no_AAD       4 MiB took 1.000 seconds,    3.662 MiB/s
+AES-256-GCM-enc-no_AAD       3 MiB took 1.003 seconds,    2.945 MiB/s
+AES-256-GCM-dec-no_AAD       3 MiB took 1.004 seconds,    2.918 MiB/s
+GMAC Table 4-bit           952 KiB took 1.000 seconds,  952.000 KiB/s
+CHACHA                       3 MiB took 1.004 seconds,    2.894 MiB/s
+CHA-POLY                     2 MiB took 1.004 seconds,    1.775 MiB/s
+POLY1305                     7 MiB took 1.000 seconds,    7.227 MiB/s
+SHA-256                      7 MiB took 1.000 seconds,    7.104 MiB/s
+SHA-512                    350 KiB took 1.036 seconds,  337.838 KiB/s
+SHA-512/224                350 KiB took 1.035 seconds,  338.164 KiB/s
+SHA-512/256                350 KiB took 1.035 seconds,  338.164 KiB/s
+HMAC-SHA256                  7 MiB took 1.000 seconds,    6.763 MiB/s
+HMAC-SHA512                350 KiB took 1.047 seconds,  334.288 KiB/s
+RSA     2048   public        36 ops took 1.008 sec, avg 28.000 ms, 35.714 ops/sec
+RSA     2048  private         2 ops took 2.016 sec, avg 1008.000 ms, 0.992 ops/sec
+DH      2048  key gen         3 ops took 1.416 sec, avg 472.000 ms, 2.119 ops/sec
+DH      2048    agree         4 ops took 1.890 sec, avg 472.500 ms, 2.116 ops/sec
+ECC   [      SECP256R1]   256  key gen        32 ops took 1.000 sec, avg 31.250 ms, 32.000 ops/sec
+ECDHE [      SECP256R1]   256    agree        16 ops took 1.101 sec, avg 68.812 ms, 14.532 ops/sec
+ECDSA [      SECP256R1]   256     sign        24 ops took 1.020 sec, avg 42.500 ms, 23.529 ops/sec
+ECDSA [      SECP256R1]   256   verify        12 ops took 1.133 sec, avg 94.417 ms, 10.591 ops/sec
+ECC   [      SECP384R1]   384  key gen        10 ops took 1.232 sec, avg 123.200 ms, 8.117 ops/sec
+ECDHE [      SECP384R1]   384    agree         4 ops took 1.063 sec, avg 265.750 ms, 3.763 ops/sec
+ECDSA [      SECP384R1]   384     sign         8 ops took 1.223 sec, avg 152.875 ms, 6.541 ops/sec
+ECDSA [      SECP384R1]   384   verify         4 ops took 1.388 sec, avg 347.000 ms, 2.882 ops/sec
+CURVE  25519  key gen        32 ops took 1.023 sec, avg 31.969 ms, 31.281 ops/sec
+CURVE  25519    agree        32 ops took 1.012 sec, avg 31.625 ms, 31.621 ops/sec
+ED     25519  key gen        80 ops took 1.008 sec, avg 12.600 ms, 79.365 ops/sec
+ED     25519     sign        64 ops took 1.027 sec, avg 16.047 ms, 62.317 ops/sec
+ED     25519   verify        28 ops took 1.024 sec, avg 36.571 ms, 27.344 ops/sec
 Benchmark complete
 Benchmark Test: Return code 0
 ```
 
-### STM32L4A6Z (No HW Crypto, -Os, FastMath)
+### STM32L4A6Z (No HW Crypto, SP Math All (sp_int.c) NO ASM)
+
+```
+#define WOLFSSL_SP_MATH_ALL
+#define WOLFSSL_SP_SMALL
+#define WOLFSSL_NO_ASM
+#define WOLFSSL_SP_NO_MALLOC
+#define CURVED25519_SMALL
+```
 
 ```
 ------------------------------------------------------------------------------
- wolfSSL version 4.4.1
+ wolfSSL version 5.6.4
 ------------------------------------------------------------------------------
 wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
-RNG                450 KB took 1.048 seconds,  429.389 KB/s
-AES-128-CBC-enc    625 KB took 1.008 seconds,  620.040 KB/s
-AES-128-CBC-dec    675 KB took 1.008 seconds,  669.643 KB/s
-AES-192-CBC-enc    550 KB took 1.023 seconds,  537.634 KB/s
-AES-192-CBC-dec    575 KB took 1.012 seconds,  568.182 KB/s
-AES-256-CBC-enc    475 KB took 1.004 seconds,  473.108 KB/s
-AES-256-CBC-dec    500 KB took 1.008 seconds,  496.032 KB/s
-AES-128-GCM-enc     50 KB took 1.440 seconds,   34.722 KB/s
-AES-128-GCM-dec     50 KB took 1.435 seconds,   34.843 KB/s
-AES-192-GCM-enc     50 KB took 1.466 seconds,   34.106 KB/s
-AES-192-GCM-dec     50 KB took 1.463 seconds,   34.176 KB/s
-AES-256-GCM-enc     50 KB took 1.482 seconds,   33.738 KB/s
-AES-256-GCM-dec     50 KB took 1.478 seconds,   33.829 KB/s
-CHACHA               2 MB took 1.008 seconds,    2.010 MB/s
-CHA-POLY             1 MB took 1.008 seconds,    1.332 MB/s
-POLY1305             6 MB took 1.000 seconds,    6.006 MB/s
-SHA-256              1 MB took 1.000 seconds,    1.123 MB/s
-HMAC-SHA256          1 MB took 1.008 seconds,    1.114 MB/s
-RSA     2048 public         16 ops took 1.028 sec, avg 64.250 ms, 15.564 ops/sec
-RSA     2048 private         2 ops took 7.491 sec, avg 3745.500 ms, 0.267 ops/sec
-DH      2048 key gen         2 ops took 1.440 sec, avg 720.000 ms, 1.389 ops/sec
-DH      2048 agree           2 ops took 2.882 sec, avg 1441.000 ms, 0.694 ops/sec
-ECC      256 key gen         2 ops took 1.918 sec, avg 959.000 ms, 1.043 ops/sec
-ECDHE    256 agree           2 ops took 1.914 sec, avg 957.000 ms, 1.045 ops/sec
-ECDSA    256 sign            2 ops took 1.941 sec, avg 970.500 ms, 1.030 ops/sec
-ECDSA    256 verify          2 ops took 1.294 sec, avg 647.000 ms, 1.546 ops/sec
+RNG                        325 KiB took 1.059 seconds,  306.893 KiB/s
+AES-128-CBC-enc            425 KiB took 1.000 seconds,  425.000 KiB/s
+AES-128-CBC-dec            450 KiB took 1.028 seconds,  437.743 KiB/s
+AES-192-CBC-enc            375 KiB took 1.035 seconds,  362.319 KiB/s
+AES-192-CBC-dec            375 KiB took 1.015 seconds,  369.458 KiB/s
+AES-256-CBC-enc            325 KiB took 1.032 seconds,  314.922 KiB/s
+AES-256-CBC-dec            325 KiB took 1.004 seconds,  323.705 KiB/s
+AES-128-GCM-enc            325 KiB took 1.063 seconds,  305.738 KiB/s
+AES-128-GCM-dec            325 KiB took 1.066 seconds,  304.878 KiB/s
+AES-192-GCM-enc            275 KiB took 1.020 seconds,  269.608 KiB/s
+AES-192-GCM-dec            275 KiB took 1.015 seconds,  270.936 KiB/s
+AES-256-GCM-enc            250 KiB took 1.028 seconds,  243.191 KiB/s
+AES-256-GCM-dec            250 KiB took 1.027 seconds,  243.427 KiB/s
+AES-128-GCM-enc-no_AAD     325 KiB took 1.059 seconds,  306.893 KiB/s
+AES-128-GCM-dec-no_AAD     325 KiB took 1.062 seconds,  306.026 KiB/s
+AES-192-GCM-enc-no_AAD     275 KiB took 1.012 seconds,  271.739 KiB/s
+AES-192-GCM-dec-no_AAD     275 KiB took 1.015 seconds,  270.936 KiB/s
+AES-256-GCM-enc-no_AAD     250 KiB took 1.020 seconds,  245.098 KiB/s
+AES-256-GCM-dec-no_AAD     250 KiB took 1.023 seconds,  244.379 KiB/s
+GMAC Table 4-bit             1 MiB took 1.000 seconds,    1.064 MiB/s
+CHACHA                       3 MiB took 1.000 seconds,    2.832 MiB/s
+CHA-POLY                     2 MiB took 1.004 seconds,    1.751 MiB/s
+POLY1305                     7 MiB took 1.000 seconds,    7.104 MiB/s
+SHA-256                    850 KiB took 1.003 seconds,  847.458 KiB/s
+SHA-512                    350 KiB took 1.036 seconds,  337.838 KiB/s
+SHA-512/224                350 KiB took 1.035 seconds,  338.164 KiB/s
+SHA-512/256                350 KiB took 1.035 seconds,  338.164 KiB/s
+HMAC-SHA256                850 KiB took 1.012 seconds,  839.921 KiB/s
+HMAC-SHA512                350 KiB took 1.051 seconds,  333.016 KiB/s
+RSA     2048   public        24 ops took 1.067 sec, avg 44.458 ms, 22.493 ops/sec
+RSA     2048  private         2 ops took 5.643 sec, avg 2821.500 ms, 0.354 ops/sec
+DH      2048  key gen         2 ops took 1.078 sec, avg 539.000 ms, 1.855 ops/sec
+DH      2048    agree         2 ops took 2.455 sec, avg 1227.500 ms, 0.815 ops/sec
+ECC   [      SECP256R1]   256  key gen         4 ops took 1.808 sec, avg 452.000 ms, 2.212 ops/sec
+ECDHE [      SECP256R1]   256    agree         4 ops took 1.807 sec, avg 451.750 ms, 2.214 ops/sec
+ECDSA [      SECP256R1]   256     sign         4 ops took 1.828 sec, avg 457.000 ms, 2.188 ops/sec
+ECDSA [      SECP256R1]   256   verify         4 ops took 1.224 sec, avg 306.000 ms, 3.268 ops/sec
+CURVE  25519  key gen         2 ops took 1.392 sec, avg 696.000 ms, 1.437 ops/sec
+CURVE  25519    agree         2 ops took 1.384 sec, avg 692.000 ms, 1.445 ops/sec
+ED     25519  key gen         2 ops took 1.412 sec, avg 706.000 ms, 1.416 ops/sec
+ED     25519     sign         2 ops took 1.435 sec, avg 717.500 ms, 1.394 ops/sec
+ED     25519   verify         2 ops took 2.949 sec, avg 1474.500 ms, 0.678 ops/sec
 Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32L562E
 
 Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -489,6 +632,7 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32F777
 
 Supports RNG, AES-CBC/GCM and SHA-256 acceleration.
@@ -573,6 +717,7 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32U585
 
 Supports RNG, AES CBC/GCM and SHA-1,SHA-2 acceleration.
@@ -711,6 +856,7 @@ Benchmark complete
 Benchmark Test: Return code 0
 ```
 
+
 ## STM32H563ZI
 
 Cortex-M33 at 150MHz
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl b/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
index 71ba570b..015a2851 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/default_conf.ftl
@@ -33,9 +33,9 @@
 [#list SWIPdatas as SWIP]
 [#-- Global variables --]
 [#if SWIP.variables??]
-	[#list SWIP.variables as variable]
+    [#list SWIP.variables as variable]
 extern ${variable.value} ${variable.name};
-	[/#list]
+    [/#list]
 [/#if]
 
 [#-- Global variables --]
@@ -45,16 +45,16 @@ extern ${variable.value} ${variable.name};
 [#assign version = SWIP.version]
 
 /**
-	MiddleWare name : ${instName}
-	MiddleWare fileName : ${fileName}
-	MiddleWare version : ${version}
+    MiddleWare name : ${instName}
+    MiddleWare fileName : ${fileName}
+    MiddleWare version : ${version}
 */
 [#if SWIP.defines??]
-	[#list SWIP.defines as definition]
+    [#list SWIP.defines as definition]
 /*---------- [#if definition.comments??]${definition.comments}[/#if] -----------*/
 #define ${definition.name} #t#t ${definition.value}
 [#if definition.description??]${definition.description} [/#if]
-	[/#list]
+    [/#list]
 [/#if]
 
 
@@ -76,6 +76,11 @@ extern ${variable.value} ${variable.name};
     #define WOLFSSL_STM32_PKA
     #undef  NO_STM32_CRYPTO
     #define HAL_CONSOLE_UART huart1
+#elif defined(STM32WL55xx)
+    #define WOLFSSL_STM32WL
+    #define WOLFSSL_STM32_PKA
+    #undef  NO_STM32_CRYPTO
+    #define HAL_CONSOLE_UART huart2
 #elif defined(STM32F407xx)
     #define WOLFSSL_STM32F4
     #define HAL_CONSOLE_UART huart2
@@ -102,7 +107,7 @@ extern ${variable.value} ${variable.name};
     #undef  NO_STM32_HASH
     #undef  NO_STM32_CRYPTO
     #define HAL_CONSOLE_UART huart3
-#elif defined(STM32H723xx)
+#elif defined(STM32H723xx) || defined(STM32H725xx)
     #define WOLFSSL_STM32H7
     #define HAL_CONSOLE_UART huart3
 #elif defined(STM32L4A6xx)
@@ -177,7 +182,8 @@ extern ${variable.value} ${variable.name};
     //#define NO_STM32_RNG
     //#undef  NO_STM32_HASH
     //#undef  NO_STM32_CRYPTO
-    //#define WOLFSSL_GENSEED_FORTEST /* if no HW RNG is available use test seed */
+    /* if no HW RNG is available use test seed */
+    //#define WOLFSSL_GENSEED_FORTEST
     //#define STM32_HAL_V2
 #endif
 
@@ -242,14 +248,14 @@ extern ${variable.value} ${variable.name};
         #define WOLFSSL_HAVE_SP_ECC
     #endif
     #if WOLF_CONF_MATH == 6 || WOLF_CONF_MATH == 7
+        #define WOLFSSL_SP_MATH_ALL /* use sp_int.c multi precision math */
+    #else
         #define WOLFSSL_SP_MATH    /* disable non-standard curves / key sizes */
     #endif
     #define SP_WORD_SIZE 32
 
     /* Enable to put all math on stack (no heap) */
     //#define WOLFSSL_SP_NO_MALLOC
-    /* Enable for SP cache resistance (not usually enabled for embedded micros) */
-    //#define WOLFSSL_SP_CACHE_RESISTANT
 
     #if WOLF_CONF_MATH == 4 || WOLF_CONF_MATH == 5
         #define WOLFSSL_SP_ASM /* required if using the ASM versions */
@@ -505,12 +511,12 @@ extern ${variable.value} ${variable.name};
 /* Sha3 */
 #undef WOLFSSL_SHA3
 #if defined(WOLF_CONF_SHA3) && WOLF_CONF_SHA3 == 1
-	#define WOLFSSL_SHA3
+    #define WOLFSSL_SHA3
 #endif
 
 /* MD5 */
 #if defined(WOLF_CONF_MD5) && WOLF_CONF_MD5 == 1
-	/* enabled */
+    /* enabled */
 #else
     #define NO_MD5
 #endif
@@ -535,8 +541,8 @@ extern ${variable.value} ${variable.name};
     #if 0
         #define USE_WOLFSSL_MEMORY
         #define WOLFSSL_TRACK_MEMORY
-  		  #define WOLFSSL_DEBUG_MEMORY
-	  	  #define WOLFSSL_DEBUG_MEMORY_PRINT
+        #define WOLFSSL_DEBUG_MEMORY
+        #define WOLFSSL_DEBUG_MEMORY_PRINT
     #endif
 #else
     //#define NO_WOLFSSL_MEMORY
diff --git a/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c b/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
index 3d7c66f1..f056c8cd 100644
--- a/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
+++ b/extra/wolfssl/wolfssl/IDE/STM32Cube/main.c
@@ -142,7 +142,7 @@ static void SystemClock_Config(void)
     */
     __HAL_RCC_PWR_CLK_ENABLE();
     __HAL_PWR_VOLTAGESCALING_CONFIG(PWR_REGULATOR_VOLTAGE_SCALE1);
-    /** Initializes the CPU, AHB and APB busses clocks 
+    /** Initializes the CPU, AHB and APB buses clocks 
     */
     RCC_OscInitStruct.OscillatorType = RCC_OSCILLATORTYPE_HSI|RCC_OSCILLATORTYPE_LSI;
     RCC_OscInitStruct.HSIState = RCC_HSI_ON;
@@ -157,7 +157,7 @@ static void SystemClock_Config(void)
     if (HAL_RCC_OscConfig(&RCC_OscInitStruct) != HAL_OK) {
         Error_Handler();
     }
-    /** Initializes the CPU, AHB and APB busses clocks 
+    /** Initializes the CPU, AHB and APB buses clocks 
     */
     RCC_ClkInitStruct.ClockType = RCC_CLOCKTYPE_HCLK|RCC_CLOCKTYPE_SYSCLK|RCC_CLOCKTYPE_PCLK1|RCC_CLOCKTYPE_PCLK2;
     RCC_ClkInitStruct.SYSCLKSource = RCC_SYSCLKSOURCE_PLLCLK;
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md
new file mode 100644
index 00000000..89d7b504
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/README.md
@@ -0,0 +1,92 @@
+# Silicon Labs Simplicity Studio
+
+Tested with ERF32xG21 Starter Kit and Gecko SDK v3.2.2 and v4.2.3.
+
+## Simplicity Studio Example
+
+Based on `cli_kernel_freertos`.
+* Create a new example project for your board based on the CLI FreeRTOS example.
+* Create a new `wolfssl` and put wolfSSL into it. Tip: Use `./scripts/makedistsmall.sh` to produce a reduced bundle.
+* Exclude (or delete) all .S and asm.c files.
+* Exclude (or delete) directory not used (only the `src`, `wolfcrypt` and `wolfssl` directory are used).
+* Add the `IDE/SimplicityStudio/user_settings.h` into `wolfssl/user_settings.h`.
+* Add the `IDE/SimplicityStudio/test_wolf.c` to the project root.
+* Add C preprocessor `WOLFSSL_USER_SETTINGS`.
+* Add C include path `wolfssl`.
+* Disable UART flow control: `config/sl_iostream_usart_vcom_config.h` -> `#define SL_IOSTREAM_USART_VCOM_FLOW_CONTROL_TYPE usartHwFlowControlNone`
+* Adjust stack and heap to larger size 12KB:
+  - Adjust the CLI stack. Edit `config/sl_cli_config_inst.h` to `#define SL_CLI_INST_TASK_STACK_SIZE (12*1024)`
+  - Adjust the FreeRTOS heap. Edit `config/FreeRTOSConfig.h` to `#define configTOTAL_HEAP_SIZE (12*1024)`
+* Add the following code to `cli.c`:
+
+```c
+extern void wolf_test(sl_cli_command_arg_t *arguments);
+extern void wolf_bench(sl_cli_command_arg_t *arguments);
+
+static const sl_cli_command_info_t cmd_wolf_test =
+  SL_CLI_COMMAND(wolf_test, "Run wolfCrypt tests", "",
+                 { SL_CLI_ARG_WILDCARD, SL_CLI_ARG_END, });
+
+static const sl_cli_command_info_t cmd_wolf_bench =
+  SL_CLI_COMMAND(wolf_bench, "Run wolfCrypt benchmarks", "",
+                 { SL_CLI_ARG_WILDCARD, SL_CLI_ARG_END, });
+
+static sl_cli_command_entry_t a_table[] = {
+  { "wolf_test", &cmd_wolf_test, false },
+  { "wolf_bench", &cmd_wolf_bench, false },
+  { NULL, NULL, false },
+};
+```
+
+* If running wolfCrypt benchmark enable printf float
+  - `C/C++ Build Settings` -> `Settings` -> `Tool Settings` -> `GNU ARM C Linker` -> `General` -> `C Library "Printf float"`.
+
+## SE Manager
+
+For SE Manager cryptography hardware acceleration see [/wolfcrypt/src/port/silabs/README.md](/wolfcrypt/src/port/silabs/README.md).
+
+Enabled with `WOLFSSL_SILABS_SE_ACCEL`. Requires the "SE Manager" component to be installed.
+
+## Benchmarks with SE Accel
+
+Tested on ERF32xG21 Starter Kit (Cortex M33 at 80 MHz) and Gecko SDK v3.2.2 (-Os).
+
+```
+Benchmark Test
+wolfCrypt Benchmark (block bytes 1024, min 1.0 sec each)
+RNG                        200 KiB took 1.057 seconds,  189.215 KiB/s
+AES-128-CBC-enc              6 MiB took 1.000 seconds,    5.542 MiB/s
+AES-128-CBC-dec              6 MiB took 1.000 seconds,    5.518 MiB/s
+AES-192-CBC-enc              5 MiB took 1.001 seconds,    5.415 MiB/s
+AES-192-CBC-dec              5 MiB took 1.001 seconds,    5.390 MiB/s
+AES-256-CBC-enc              5 MiB took 1.004 seconds,    5.301 MiB/s
+AES-256-CBC-dec              5 MiB took 1.001 seconds,    5.268 MiB/s
+AES-128-GCM-enc              5 MiB took 1.003 seconds,    4.844 MiB/s
+AES-128-GCM-dec              5 MiB took 1.003 seconds,    4.625 MiB/s
+AES-192-GCM-enc              5 MiB took 1.002 seconds,    4.751 MiB/s
+AES-192-GCM-dec              5 MiB took 1.002 seconds,    4.532 MiB/s
+AES-256-GCM-enc              5 MiB took 1.002 seconds,    4.654 MiB/s
+AES-256-GCM-dec              4 MiB took 1.000 seconds,    4.443 MiB/s
+AES-128-GCM-enc-no_AAD       5 MiB took 1.004 seconds,    4.888 MiB/s
+AES-128-GCM-dec-no_AAD       5 MiB took 1.001 seconds,    4.658 MiB/s
+AES-192-GCM-enc-no_AAD       5 MiB took 1.000 seconds,    4.785 MiB/s
+AES-192-GCM-dec-no_AAD       5 MiB took 1.000 seconds,    4.565 MiB/s
+AES-256-GCM-enc-no_AAD       5 MiB took 1.004 seconds,    4.693 MiB/s
+AES-256-GCM-dec-no_AAD       4 MiB took 1.003 seconds,    4.479 MiB/s
+GMAC Small                   5 MiB took 1.000 seconds,    4.653 MiB/s
+CHACHA                       2 MiB took 1.012 seconds,    1.809 MiB/s
+CHA-POLY                     1 MiB took 1.006 seconds,    1.189 MiB/s
+POLY1305                     5 MiB took 1.004 seconds,    5.082 MiB/s
+SHA                          8 MiB took 1.000 seconds,    7.812 MiB/s
+SHA-256                      8 MiB took 1.000 seconds,    8.032 MiB/s
+HMAC-SHA                     7 MiB took 1.000 seconds,    7.056 MiB/s
+HMAC-SHA256                  7 MiB took 1.002 seconds,    7.237 MiB/s
+RSA     2048   public        30 ops took 1.022 sec, avg 34.067 ms, 29.354 ops/sec
+RSA     2048  private         2 ops took 2.398 sec, avg 1199.000 ms, 0.834 ops/sec
+ECC   [      SECP256R1]   256  key gen       172 ops took 1.004 sec, avg 5.837 ms, 171.315 ops/sec
+ECDHE [      SECP256R1]   256    agree       186 ops took 1.005 sec, avg 5.403 ms, 185.075 ops/sec
+ECDSA [      SECP256R1]   256     sign       174 ops took 1.007 sec, avg 5.787 ms, 172.790 ops/sec
+ECDSA [      SECP256R1]   256   verify       160 ops took 1.003 sec, avg 6.269 ms, 159.521 ops/sec
+Benchmark complete
+Benchmark Test: Return code 0
+```
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am
new file mode 100644
index 00000000..0b010c36
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/include.am
@@ -0,0 +1,7 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= IDE/SimplicityStudio/README.md
+EXTRA_DIST+= IDE/SimplicityStudio/test_wolf.c
+EXTRA_DIST+= IDE/SimplicityStudio/user_settings.h
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c
new file mode 100644
index 00000000..e52266ac
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/test_wolf.c
@@ -0,0 +1,244 @@
+/* test_wolf.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Example for running wolfCrypt test and benchmark from
+ * SiLabs Simplicity Studio's CLI example */
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/signature.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfcrypt/test/test.h>
+#include <wolfcrypt/benchmark/benchmark.h>
+#include <stdio.h>
+
+#include "sl_cli.h"
+#include "sl_cli_instances.h"
+#include "sl_cli_arguments.h"
+#include "sl_cli_handles.h"
+
+#ifndef NO_CRYPT_TEST
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+static func_args args = { 0 };
+#endif
+
+void wolf_test(sl_cli_command_arg_t *arguments)
+{
+    int ret;
+#ifndef NO_CRYPT_TEST
+    wolfCrypt_Init();
+
+    printf("\nCrypt Test\n");
+    wolfcrypt_test(&args);
+    ret = args.return_code;
+    printf("Crypt Test: Return code %d\n", ret);
+
+    wolfCrypt_Cleanup();
+#else
+    ret = NOT_COMPILED_IN;
+#endif
+    (void)arguments;
+    (void)ret;
+}
+
+void wolf_bench(sl_cli_command_arg_t *arguments)
+{
+    int ret;
+#ifndef NO_CRYPT_BENCHMARK
+    wolfCrypt_Init();
+
+    printf("\nBenchmark Test\n");
+    benchmark_test(&args);
+    ret = args.return_code;
+    printf("Benchmark Test: Return code %d\n", ret);
+
+    wolfCrypt_Cleanup();
+#else
+    ret = NOT_COMPILED_IN;
+#endif
+    (void)arguments;
+    (void)ret;
+}
+
+/* ecc key gen, sign and verify examples */
+#define TEST_ECC_KEYSZ    32
+#define TEST_DATA_SIZE    128
+#define TEST_KEYGEN_TRIES 100
+#define TEST_ECDSA_TRIES  100
+/* #define TEST_VERIFY_ONLY */
+/* #define TEST_PRIVATE_IMPORT */
+
+void wolf_ecc_test(sl_cli_command_arg_t *arguments)
+{
+    int ret = 0, i, j;
+    byte data[TEST_DATA_SIZE];
+    word32 dataLen = (word32)sizeof(data);
+    WC_RNG rng;
+    ecc_key eccKey;
+    word32 inOutIdx;
+#ifdef TEST_PRIVATE_IMPORT
+    /* ./certs/ecc-client-key.der, ECC */
+    const unsigned char ecc_clikey_der_256[] = {
+            0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xF8, 0xCF, 0x92,
+            0x6B, 0xBD, 0x1E, 0x28, 0xF1, 0xA8, 0xAB, 0xA1, 0x23, 0x4F,
+            0x32, 0x74, 0x18, 0x88, 0x50, 0xAD, 0x7E, 0xC7, 0xEC, 0x92,
+            0xF8, 0x8F, 0x97, 0x4D, 0xAF, 0x56, 0x89, 0x65, 0xC7, 0xA0,
+            0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+            0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4,
+            0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5,
+            0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80,
+            0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA,
+            0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56,
+            0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42,
+            0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F,
+            0xB4
+    };
+    const int sizeof_ecc_clikey_der_256 = sizeof(ecc_clikey_der_256);
+#endif
+#ifdef TEST_VERIFY_ONLY
+    /* ./certs/ecc-client-keyPub.der, ECC */
+    const unsigned char ecc_clikeypub_der_256[] = {
+        0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
+        0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
+        0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0x55, 0xBF, 0xF4,
+        0x0F, 0x44, 0x50, 0x9A, 0x3D, 0xCE, 0x9B, 0xB7, 0xF0, 0xC5,
+        0x4D, 0xF5, 0x70, 0x7B, 0xD4, 0xEC, 0x24, 0x8E, 0x19, 0x80,
+        0xEC, 0x5A, 0x4C, 0xA2, 0x24, 0x03, 0x62, 0x2C, 0x9B, 0xDA,
+        0xEF, 0xA2, 0x35, 0x12, 0x43, 0x84, 0x76, 0x16, 0xC6, 0x56,
+        0x95, 0x06, 0xCC, 0x01, 0xA9, 0xBD, 0xF6, 0x75, 0x1A, 0x42,
+        0xF7, 0xBD, 0xA9, 0xB2, 0x36, 0x22, 0x5F, 0xC7, 0x5D, 0x7F,
+        0xB4
+    };
+    const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256);
+
+    /* Signature for hash of 128-bytes data 0,1,2.... */
+    const byte sig[] = {
+        0x30, 0x45,
+            0x02, 0x20,
+                0x5e, 0x01, 0x3d, 0xfb, 0x18, 0x61, 0xe3, 0xe3,
+                0xa0, 0xff, 0x9b, 0x99, 0xb5, 0x2f, 0x89, 0xba,
+                0xb3, 0xbb, 0x62, 0x08, 0x9b, 0x94, 0x0e, 0x61,
+                0x9c, 0x00, 0x7b, 0x43, 0x9c, 0x28, 0xcb, 0xf6,
+            0x02, 0x21,
+                0x00,
+                0xb4, 0x72, 0x2f, 0x22, 0x92, 0xa2, 0x8d, 0x01,
+                0x6b, 0x01, 0x35, 0x5c, 0xcb, 0x34, 0xa2, 0x21,
+                0x32, 0xe2, 0xe6, 0x66, 0xd0, 0x9e, 0x3e, 0x8e,
+                0x84, 0x5d, 0xa4, 0x69, 0x54, 0x52, 0xfc, 0xef
+    };
+    word32 sigLen = (word32)sizeof(sig);
+#else
+    byte sig[ECC_MAX_SIG_SIZE];
+    word32 sigLen;
+#endif
+
+    memset(&rng, 0, sizeof(rng));
+    memset(&eccKey, 0, sizeof(eccKey));
+
+    wolfSSL_Debugging_ON();
+
+    wolfCrypt_Init();
+
+    /* test data */
+    for (i=0; i<(int)dataLen; i++) {
+        data[i] = (byte)i;
+    }
+
+    ret = wc_InitRng(&rng);
+    if (ret != 0) {
+        goto exit;
+    }
+
+    for (i=0; i<TEST_KEYGEN_TRIES; i++) {
+        ret = wc_ecc_init_ex(&eccKey, NULL, 0);
+        if (ret == 0) {
+            inOutIdx = 0;
+#ifdef TEST_VERIFY_ONLY
+            ret = wc_EccPublicKeyDecode(ecc_clikeypub_der_256, &inOutIdx,
+                &eccKey, sizeof_ecc_clikeypub_der_256);
+#else
+    #if (defined(_SILICON_LABS_SECURITY_FEATURE) && \
+        _SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+            /* Load ecc_key with vault's public key.
+             * When only the public area of a key is loaded silabs_ecc.c
+             * (silabs_ecc_sign_hash) will use the vault key to sign */
+            ret = silabs_ecc_load_vault(&eccKey);
+    #elif defined(TEST_PRIVATE_IMPORT)
+            ret = wc_EccPrivateKeyDecode(ecc_clikey_der_256, &inOutIdx,
+                &eccKey, sizeof_ecc_clikey_der_256);
+    #else
+            ret = wc_ecc_make_key(&rng, TEST_ECC_KEYSZ, &eccKey);
+    #endif
+#endif
+        }
+
+        for (j=0; j<TEST_ECDSA_TRIES; j++) {
+#ifndef TEST_VERIFY_ONLY
+            if (ret == 0) {
+                /* generate signature using ecc key */
+                sigLen = (word32)sizeof(sig);
+
+                ret = wc_SignatureGenerate(
+                    WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
+                    data, dataLen,
+                    sig, &sigLen,
+                    &eccKey, (word32)sizeof(eccKey),
+                    &rng);
+            }
+#endif
+            if (ret == 0) {
+                ret = wc_SignatureVerify(
+                    WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_ECC,
+                    data, dataLen,
+                    sig, sigLen,
+                    &eccKey, (word32)sizeof(eccKey));
+            }
+
+            if (ret == 0) {
+                fprintf(stderr, "Verification Passed %d %d\n", i, j);
+            }
+            else {
+                fprintf(stderr, "Verification failed!! (ret %d) %d %d\n",
+                    ret, i, j);
+                break;
+            }
+        } /* sign/verify tries */
+
+        wc_ecc_free(&eccKey);
+        if (ret != 0)
+            break;
+    } /* key gen tries */
+
+exit:
+    wc_FreeRng(&rng);
+
+    wolfCrypt_Cleanup();
+
+    (void)arguments;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h
new file mode 100644
index 00000000..cfe138a6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/SimplicityStudio/user_settings.h
@@ -0,0 +1,521 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Template based on examples/config/user_settings_template.h, but modified to
+ * include `WOLFSSL_SILABS_SE_ACCEL` and tune for ARM Cortex M. */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Silicon Labs ERF32 Hardware Acceleration */
+#define WOLFSSL_SILABS_SE_ACCEL
+
+/* ------------------------------------------------------------------------- */
+/* Platform */
+/* ------------------------------------------------------------------------- */
+#define WOLFSSL_GENERAL_ALIGNMENT 4
+#define SIZEOF_LONG_LONG 8
+#define HAVE_STRINGS_H
+
+/* Use FreeRTOS */
+#if 1
+    #define FREERTOS
+#else
+    /* disable mutex locking */
+    #define SINGLE_THREADED
+#endif
+
+/* reduce stack use. For variables over 100 bytes allocate from heap */
+#define WOLFSSL_SMALL_STACK
+
+/* Disable the built-in socket support and use the IO callbacks.
+ * Set IO callbacks with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
+ */
+#define WOLFSSL_USER_IO
+
+/* ------------------------------------------------------------------------- */
+/* Math Configuration */
+/* ------------------------------------------------------------------------- */
+/* Math Choices: SP (preferred), TFM or Normal (heap) */
+#if 1
+    /* Wolf Single Precision Math */
+    #define WOLFSSL_HAVE_SP_RSA
+    #define WOLFSSL_HAVE_SP_DH
+    #define WOLFSSL_HAVE_SP_ECC
+    //#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
+    //#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
+
+    //#define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
+
+    //#define WOLFSSL_SP_NO_MALLOC
+    //#define WOLFSSL_SP_DIV_32 /* do not use 64-bit divides */
+
+    /* use smaller version of code */
+    #define WOLFSSL_SP_SMALL
+
+    /* SP Assembly Speedups - specific to chip type */
+    #define WOLFSSL_SP_ASM
+    #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#elif 1
+    /* Fast Math (tfm.c) (stack based and timing resistant) */
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#else
+    /* Normal (integer.c) (heap based, not timing resistant) - not recommended*/
+    #define USE_INTEGER_HEAP_MATH
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Crypto */
+/* ------------------------------------------------------------------------- */
+/* RSA */
+#undef NO_RSA
+#if 1
+    #ifdef USE_FAST_MATH
+        /* Maximum math bits (Max RSA key bits * 2) */
+        #define FP_MAX_BITS 4096
+    #endif
+
+    /* half as much memory but twice as slow */
+    //#define RSA_LOW_MEM
+
+    /* Enables blinding mode, to prevent timing attacks */
+    #define WC_RSA_BLINDING
+
+    /* RSA PSS Support */
+    #define WC_RSA_PSS
+#else
+    #define NO_RSA
+#endif
+
+/* DH */
+#undef  NO_DH
+#if 1
+    /* Use table for DH instead of -lm (math) lib dependency */
+    #if 1
+        #define WOLFSSL_DH_CONST
+        #define HAVE_FFDHE_2048
+        //#define HAVE_FFDHE_4096
+        //#define HAVE_FFDHE_6144
+        //#define HAVE_FFDHE_8192
+    #endif
+#else
+    #define NO_DH
+#endif
+
+/* ECC */
+#undef HAVE_ECC
+#if 1
+    #define HAVE_ECC
+
+    /* Manually define enabled curves */
+    #define ECC_USER_CURVES
+
+    #ifdef ECC_USER_CURVES
+        /* Manual Curve Selection */
+        //#define HAVE_ECC192
+        //#define HAVE_ECC224
+        #undef NO_ECC256
+        //#define HAVE_ECC384
+        //#define HAVE_ECC521
+    #endif
+
+    /* Fixed point cache (speeds repeated operations against same private key) */
+    //#define FP_ECC
+    #ifdef FP_ECC
+        /* Bits / Entries */
+        #define FP_ENTRIES  2
+        #define FP_LUT      4
+    #endif
+
+    /* Optional ECC calculation method */
+    /* Note: doubles heap usage, but slightly faster */
+    #define ECC_SHAMIR
+
+    /* Reduces heap usage, but slower */
+    #define ECC_TIMING_RESISTANT
+
+    /* Compressed ECC Key Support */
+    //#define HAVE_COMP_KEY
+
+    /* Use alternate ECC size for ECC math */
+    #ifdef USE_FAST_MATH
+        /* MAX ECC BITS = ROUND8(MAX ECC) * 2 */
+        #if defined(NO_RSA) && defined(NO_DH)
+            /* Custom fastmath size if not using RSA/DH */
+            #define FP_MAX_BITS     (256 * 2)
+        #else
+            /* use heap allocation for ECC points */
+            #define ALT_ECC_SIZE
+
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
+            //#define FP_MAX_BITS_ECC (256 * 2)
+        #endif
+
+        /* Speedups specific to curve */
+        #ifndef NO_ECC256
+            #define TFM_ECC256
+        #endif
+    #endif
+#endif
+
+
+/* AES */
+#undef NO_AES
+#if 1
+    #define HAVE_AES_CBC
+
+    /* GCM Method: GCM_TABLE_4BIT, GCM_SMALL, GCM_WORD32 or GCM_TABLE */
+    #define HAVE_AESGCM
+    #define GCM_SMALL
+
+    //#define WOLFSSL_AES_DIRECT
+    //#define HAVE_AES_ECB
+    //#define WOLFSSL_AES_COUNTER
+    //#define HAVE_AESCCM
+#else
+    #define NO_AES
+#endif
+
+
+/* DES3 */
+#undef NO_DES3
+#if 0
+#else
+    #define NO_DES3
+#endif
+
+/* ChaCha20 / Poly1305 */
+#undef HAVE_CHACHA
+#undef HAVE_POLY1305
+#if 1
+    #define HAVE_CHACHA
+    #define HAVE_POLY1305
+
+    /* Needed for Poly1305 */
+    #define HAVE_ONE_TIME_AUTH
+#endif
+
+/* Ed25519 / Curve25519 */
+#undef HAVE_CURVE25519
+#undef HAVE_ED25519
+#if 0
+    #define HAVE_CURVE25519
+    #define HAVE_ED25519 /* ED25519 Requires SHA512 */
+
+    /* Optionally use small math (less flash usage, but much slower) */
+    #if 1
+        #define CURVED25519_SMALL
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Hashing */
+/* ------------------------------------------------------------------------- */
+/* Sha */
+#undef NO_SHA
+#if 1
+    /* 1k smaller, but 25% slower */
+    //#define USE_SLOW_SHA
+#else
+    #define NO_SHA
+#endif
+
+/* Sha256 */
+#undef NO_SHA256
+#if 1
+    /* not unrolled - ~2k smaller and ~25% slower */
+    //#define USE_SLOW_SHA256
+
+    /* Sha224 */
+    #if 0
+        #define WOLFSSL_SHA224
+    #endif
+#else
+    #define NO_SHA256
+#endif
+
+/* Sha512 */
+#undef WOLFSSL_SHA512
+#if 0
+    #define WOLFSSL_SHA512
+
+    /* Sha384 */
+    #undef  WOLFSSL_SHA384
+    #if 0
+        #define WOLFSSL_SHA384
+    #endif
+
+    /* over twice as small, but 50% slower */
+    //#define USE_SLOW_SHA512
+#endif
+
+/* Sha3 */
+#undef WOLFSSL_SHA3
+#if 0
+    #define WOLFSSL_SHA3
+#endif
+
+/* MD5 */
+#undef  NO_MD5
+#if 0
+
+#else
+    #define NO_MD5
+#endif
+
+/* HKDF */
+#undef HAVE_HKDF
+#if 1
+    #define HAVE_HKDF
+#endif
+
+/* CMAC */
+#undef WOLFSSL_CMAC
+#if 0
+    #define WOLFSSL_CMAC
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Benchmark / Test */
+/* ------------------------------------------------------------------------- */
+/* Use reduced benchmark / test sizes */
+#define BENCH_EMBEDDED
+
+/* Use test buffers from array (not filesystem) */
+#define USE_CERT_BUFFERS_256
+#define USE_CERT_BUFFERS_2048
+
+/* ------------------------------------------------------------------------- */
+/* Debugging */
+/* ------------------------------------------------------------------------- */
+
+#undef DEBUG_WOLFSSL
+#undef NO_ERROR_STRINGS
+#if 0
+    #define DEBUG_WOLFSSL
+#else
+    #if 0
+        #define NO_ERROR_STRINGS
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Memory */
+/* ------------------------------------------------------------------------- */
+
+/* Override Memory API's */
+#if 0
+    #define XMALLOC_OVERRIDE
+
+    /* prototypes for user heap override functions */
+    /* Note: Realloc only required for normal math */
+    #include <stddef.h>  /* for size_t */
+    extern void *myMalloc(size_t n, void* heap, int type);
+    extern void myFree(void *p, void* heap, int type);
+    extern void *myRealloc(void *p, size_t n, void* heap, int type);
+
+    #define XMALLOC(n, h, t)     myMalloc(n, h, t)
+    #define XFREE(p, h, t)       myFree(p, h, t)
+    #define XREALLOC(p, n, h, t) myRealloc(p, n, h, t)
+#endif
+
+#if 0
+    /* Static memory requires fast math */
+    #define WOLFSSL_STATIC_MEMORY
+
+    /* Disable fallback malloc/free */
+    #define WOLFSSL_NO_MALLOC
+    #if 1
+        #define WOLFSSL_MALLOC_CHECK /* trap malloc failure */
+    #endif
+#endif
+
+/* Memory callbacks */
+#if 0
+    #undef  USE_WOLFSSL_MEMORY
+    #define USE_WOLFSSL_MEMORY
+
+    /* Use this to measure / print heap usage */
+    #if 0
+        #define WOLFSSL_TRACK_MEMORY
+        #define WOLFSSL_DEBUG_MEMORY
+    #endif
+#else
+    #ifndef WOLFSSL_STATIC_MEMORY
+        #define NO_WOLFSSL_MEMORY
+        /* Otherwise we will use stdlib malloc, free and realloc */
+    #endif
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Port */
+/* ------------------------------------------------------------------------- */
+
+/* Override Current Time */
+#if 0
+    /* Allows custom "custom_time()" function to be used for benchmark */
+    #define WOLFSSL_USER_CURRTIME
+    #define WOLFSSL_GMTIME
+    #define USER_TICKS
+    extern unsigned long my_time(unsigned long* timer);
+    #define XTIME my_time
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* RNG */
+/* ------------------------------------------------------------------------- */
+
+/* Choose RNG method */
+#if 1
+    /* Custom Seed Source */
+    #if 0
+        /* Size of returned HW RNG value */
+        #define CUSTOM_RAND_TYPE      unsigned int
+        extern unsigned int my_rng_seed_gen(void);
+        #undef  CUSTOM_RAND_GENERATE
+        #define CUSTOM_RAND_GENERATE  my_rng_seed_gen
+    #endif
+
+    /* Use built-in P-RNG (SHA256 based) with HW RNG */
+    /* P-RNG + HW RNG (P-RNG is ~8K) */
+    #undef  HAVE_HASHDRBG
+    #define HAVE_HASHDRBG
+#else
+    #undef  WC_NO_HASHDRBG
+    #define WC_NO_HASHDRBG
+
+    /* Bypass P-RNG and use only HW RNG */
+    extern int my_rng_gen_block(unsigned char* output, unsigned int sz);
+    #undef  CUSTOM_RAND_GENERATE_BLOCK
+    #define CUSTOM_RAND_GENERATE_BLOCK  my_rng_gen_block
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Custom Standard Lib */
+/* ------------------------------------------------------------------------- */
+/* Allows override of all standard library functions */
+#undef STRING_USER
+#if 0
+    #define STRING_USER
+
+    #include <string.h>
+
+    #define USE_WOLF_STRSEP
+    #define XSTRSEP(s1,d)     wc_strsep((s1),(d))
+
+    #define USE_WOLF_STRTOK
+    #define XSTRTOK(s1,d,ptr) wc_strtok((s1),(d),(ptr))
+
+    #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n))
+
+    #define XMEMCPY(d,s,l)    memcpy((d),(s),(l))
+    #define XMEMSET(b,c,l)    memset((b),(c),(l))
+    #define XMEMCMP(s1,s2,n)  memcmp((s1),(s2),(n))
+    #define XMEMMOVE(d,s,l)   memmove((d),(s),(l))
+
+    #define XSTRLEN(s1)       strlen((s1))
+    #define XSTRNCPY(s1,s2,n) strncpy((s1),(s2),(n))
+    #define XSTRSTR(s1,s2)    strstr((s1),(s2))
+
+    #define XSTRNCMP(s1,s2,n)     strncmp((s1),(s2),(n))
+    #define XSTRNCAT(s1,s2,n)     strncat((s1),(s2),(n))
+    #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n))
+
+    #define XSNPRINTF snprintf
+#endif
+
+
+
+/* ------------------------------------------------------------------------- */
+/* Enable Features */
+/* ------------------------------------------------------------------------- */
+
+#define WOLFSSL_TLS13
+#define WOLFSSL_OLD_PRIME_CHECK /* Use faster DH prime checking */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define WOLFSSL_BASE64_ENCODE
+#define WOLFSSL_PUB_PEM_TO_DER
+
+//#define WOLFSSL_KEY_GEN /* For RSA Key gen only */
+//#define KEEP_PEER_CERT
+//#define HAVE_COMP_KEY
+
+/* TLS Session Cache */
+#if 0
+    #define SMALL_SESSION_CACHE
+#else
+    #define NO_SESSION_CACHE
+#endif
+
+
+/* ------------------------------------------------------------------------- */
+/* Disable Features */
+/* ------------------------------------------------------------------------- */
+//#define NO_WOLFSSL_SERVER
+//#define NO_WOLFSSL_CLIENT
+//#define NO_CRYPT_TEST
+//#define NO_CRYPT_BENCHMARK
+//#define WOLFCRYPT_ONLY
+
+/* do not warm when file is included to be built and not required to be */
+#define WOLFSSL_IGNORE_FILE_WARN
+
+/* In-lining of misc.c functions */
+/* If defined, must include wolfcrypt/src/misc.c in build */
+/* Slower, but about 1k smaller */
+//#define NO_INLINE
+
+#define NO_FILESYSTEM
+#define NO_WRITEV
+#define NO_MAIN_DRIVER
+#define NO_DEV_RANDOM
+
+#define NO_OLD_TLS
+#define NO_PSK
+
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+#define NO_PWDBASED
+//#define NO_CODING
+//#define NO_ASN_TIME
+//#define NO_CERTS
+//#define NO_SIG_WRAPPER
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* WOLFSSL_USER_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h b/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
index d745515a..2ce8e1eb 100644
--- a/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/VisualDSP/user_settings.h
@@ -77,7 +77,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_CACHE_RESISTANT
     //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* 64 or 32 bit version */
diff --git a/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h b/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
index 7d30a35b..70ce019d 100644
--- a/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WICED-STUDIO/user_settings.h
@@ -75,7 +75,6 @@ extern "C" {
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_CACHE_RESISTANT
     //#define WOLFSSL_SP_MATH
 
     /* 64 or 32 bit version */
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/README.txt b/extra/wolfssl/wolfssl/IDE/WIN/README.txt
index 25e4d7e8..4c86dc19 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/README.txt
+++ b/extra/wolfssl/wolfssl/IDE/WIN/README.txt
@@ -3,7 +3,7 @@
 First, if you did not get the FIPS files with your archive, you must contact
 wolfSSL to obtain them.
 
-The IDE/WIN/wolfssl-fips.sln solution is for the original FIPS #2425 certificate. 
+The IDE/WIN/wolfssl-fips.sln solution is for the original FIPS #2425 certificate.
 See IDE/WIN10/wolfssl-fips.sln for the FIPS v2 #3389 or later Visual Studio solution.
 
 # Building the wolfssl-fips project
@@ -30,11 +30,13 @@ The In Core Memory test calculates a checksum (HMAC-SHA256) of the wolfCrypt
 FIPS library code and constant data and compares it with a known value in
 the code.
 
-The Randomized Base Address setting needs to be disabled on the 32-bit builds
-but can be enabled on the 64-bit builds. In the 32-bit mode the addresses
-being different throws off the in-core memory calculation. It looks like in
-64-bit mode the library uses all offsets, so the core hash calculation
-is the same every time.
+The following wolfCrypt FIPS project linker settings are required for the DLL Win32 configuration:
+1) The [Randomized Base Address setting (ASLR)](https://learn.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization?view=msvc-170)
+needs to be disabled on all builds as the feature throws off the in-core memory calculation causing the test to fail.
+2) The [Incremental Link](https://learn.microsoft.com/en-us/cpp/build/reference/incremental-link-incrementally?view=msvc-170)
+option need turned off so function pointers go to actual code, not a jump instruction.
+3) The [FixedBaseAddress](https://learn.microsoft.com/en-us/cpp/build/reference/fixed-fixed-base-address?view=msvc-170)
+option to YES, which disables the support for ASLR.
 
 The "verifyCore" check value in the source fips_test.c needs to be updated when
 building the code. The POS performs this check and the default failure callback
@@ -71,13 +73,13 @@ These settings are defined in IDE/WIN/user_settings.h.
 
 # Notes on enabling DTLS including DTLS version 1.3
 
-The file IDE/WIN/user_settings_dtls.h contains the needed build options for 
+The file IDE/WIN/user_settings_dtls.h contains the needed build options for
 enabling DTLS and DTLS version 1.3.
 
 To incorporate the build options:
 
  * Rename IDE/WIN/user_settings.h to IDE/WIN/user_settings.h.bak
  * Rename IDE/WIN/user_settings_dtls.h to IDE/WIN/user_settings.h
- 
+
 Alternatively, copy the DTLS labeled section from IDE/WIN/user_settings_dtls.h
 in to IDE/WIN/user_settings.h.
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
index 81b3668b..21759755 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN/test.vcxproj
@@ -111,7 +111,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader />
@@ -130,7 +130,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader />
@@ -147,7 +147,7 @@
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
     <ClCompile>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <PrecompiledHeader />
       <WarningLevel>Level3</WarningLevel>
@@ -168,7 +168,7 @@
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
     <ClCompile>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <PrecompiledHeader />
       <WarningLevel>Level3</WarningLevel>
@@ -188,7 +188,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader />
@@ -208,7 +208,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader />
@@ -226,7 +226,7 @@
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
     <ClCompile>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <PrecompiledHeader />
       <WarningLevel>Level3</WarningLevel>
@@ -246,7 +246,7 @@
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
     <ClCompile>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;HAVE_FIPS;USE_CERT_BUFFERS_2048;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <PrecompiledHeader />
       <WarningLevel>Level3</WarningLevel>
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h b/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
index 919924e9..22510894 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WIN/user_settings.h
@@ -37,6 +37,9 @@
     #define WC_RSA_BLINDING
     #define NO_MULTIBYTE_PRINT
 
+    #define HAVE_CRL
+    #define HAVE_CRL_MONITOR
+
     #if defined(WOLFSSL_LIB)
         /* The lib */
         #define OPENSSL_EXTRA
diff --git a/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
index 3bfb4cd3..b91c6efe 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN/wolfssl-fips.vcxproj
@@ -117,11 +117,23 @@
     <OutDir>$(SolutionDir)$(Configuration)\$(Platform)\</OutDir>
     <IntDir>$(Configuration)\$(Platform)\obj\</IntDir>
   </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <WarningLevel>Level4</WarningLevel>
@@ -133,7 +145,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -146,13 +158,14 @@
       <BaseAddress>0x5A000000</BaseAddress>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <DataExecutionPrevention>false</DataExecutionPrevention>
+      <FixedBaseAddress>true</FixedBaseAddress>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <WarningLevel>Level4</WarningLevel>
@@ -164,7 +177,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
 	  <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -174,7 +187,7 @@
     </ClCompile>
     <Link>
       <AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <RandomizedBaseAddress>true</RandomizedBaseAddress>
+      <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <DataExecutionPrevention>false</DataExecutionPrevention>
     </Link>
   </ItemDefinitionGroup>
@@ -183,7 +196,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <WarningLevel>Level3</WarningLevel>
@@ -196,7 +209,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <WarningLevel>Level3</WarningLevel>
@@ -206,6 +219,7 @@
       <AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <BaseAddress>0x5A000000</BaseAddress>
+      <FixedBaseAddress>true</FixedBaseAddress>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -213,7 +227,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <WarningLevel>Level3</WarningLevel>
@@ -226,7 +240,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;../../;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>HAVE_FIPS;BUILDING_WOLFSSL;CYASSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <WarningLevel>Level3</WarningLevel>
@@ -234,7 +248,7 @@
     </ClCompile>
     <Link>
       <AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
-      <RandomizedBaseAddress>true</RandomizedBaseAddress>
+      <RandomizedBaseAddress>false</RandomizedBaseAddress>
     </Link>
   </ItemDefinitionGroup>
   <ItemGroup>
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/README.txt b/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
index 80c6ec47..4ef0a145 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/README.txt
@@ -29,8 +29,13 @@ The In Core Memory test calculates a checksum (HMAC-SHA256) of the wolfCrypt
 FIPS library code and constant data and compares it with a known value in
 the code.
 
-The Randomized Base Address setting needs to be disabled on all builds as the 
-feature throws off the in-core memory calculation causing the test to fail.
+The following wolfCrypt FIPS project linker settings are required for the DLL Win32 configuration:
+1) The [Randomized Base Address setting (ASLR)](https://learn.microsoft.com/en-us/cpp/build/reference/dynamicbase-use-address-space-layout-randomization?view=msvc-170)
+needs to be disabled on all builds as the feature throws off the in-core memory calculation causing the test to fail.
+2) The [Incremental Link](https://learn.microsoft.com/en-us/cpp/build/reference/incremental-link-incrementally?view=msvc-170)
+option need turned off so function pointers go to actual code, not a jump instruction.
+3) The [FixedBaseAddress](https://learn.microsoft.com/en-us/cpp/build/reference/fixed-fixed-base-address?view=msvc-170)
+option to YES, which disables the support for ASLR.
 
 The "verifyCore" check value in the source fips_test.c needs to be updated when
 building the code. The POS performs this check and the default failure callback
@@ -39,7 +44,6 @@ value and paste it back into your code in the verifyCore initializer then
 rebuild the code. When statically linking, you may have to recalculate your
 check value when changing your application.
 
-
 # Build Options
 
 The default build options should be the proper default set of options:
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
index 850354bb..36657348 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/test.vcxproj
@@ -208,7 +208,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>.\;..\..\;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;HAVE_FIPS_VERSION=5;HAVE_FIPS_VERSION_MINOR=1;USE_CERT_BUFFERS_2048;USE_CERT_BUFFERS_256;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;HAVE_FIPS;HAVE_FIPS_VERSION=5;HAVE_FIPS_VERSION_MINOR=1;USE_CERT_BUFFERS_2048;USE_CERT_BUFFERS_256;WOLFSSL_USER_SETTINGS;CYASSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader />
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h b/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
index 32d747e3..cc1c34ed 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/user_settings.h
@@ -1,6 +1,16 @@
 #ifndef _WIN_USER_SETTINGS_H_
 #define _WIN_USER_SETTINGS_H_
 
+/* For FIPS 140-2 3389 build set to "#if 1" */
+#if 0
+#undef HAVE_FIPS
+#define HAVE_FIPS
+#undef HAVE_FIPS_VERSION
+#define HAVE_FIPS_VERSION 2
+#undef HAVE_FIPS_VERSION_MINOR
+#define HAVE_FIPS_VERSION_MINOR 0
+#endif
+
 /* Set the following to 1 for WCv5.0-RC12 build. */
 #if 0
 #undef HAVE_FIPS
@@ -67,8 +77,10 @@
         #define WOLFSSL_VALIDATE_FFC_IMPORT
         #define HAVE_FFDHE_Q
         #define HAVE_PUBLIC_FFDHE
+    #ifdef _WIN64
         #define WOLFSSL_AESNI
         #define HAVE_INTEL_RDSEED
+    #endif
         #define FORCE_FAILURE_RDSEED
     #endif /* FIPS v2 */
     #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
index 99d539cd..4da10de8 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.rc
@@ -51,8 +51,8 @@ END
 //
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 5,6,3,0
- PRODUCTVERSION 5,6,3,0
+ FILEVERSION 5,6,6,0
+ PRODUCTVERSION 5,6,6,0
  FILEFLAGSMASK 0x3fL
 #ifdef _DEBUG
  FILEFLAGS 0x1L
@@ -69,12 +69,12 @@ BEGIN
         BEGIN
             VALUE "CompanyName", "wolfSSL Inc."
             VALUE "FileDescription", "The wolfSSL FIPS embedded SSL library is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set."
-            VALUE "FileVersion", "5.6.3.0"
+            VALUE "FileVersion", "5.6.6.0"
             VALUE "InternalName", "wolfssl-fips"
-            VALUE "LegalCopyright", "Copyright (C) 2022"
+            VALUE "LegalCopyright", "Copyright (C) 2023"
             VALUE "OriginalFilename", "wolfssl-fips.dll"
             VALUE "ProductName", "wolfSSL FIPS"
-            VALUE "ProductVersion", "5.6.3.0"
+            VALUE "ProductVersion", "5.6.6.0"
         END
     END
     BLOCK "VarFileInfo"
diff --git a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
index 92d1dda8..5d0122ea 100644
--- a/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
+++ b/extra/wolfssl/wolfssl/IDE/WIN10/wolfssl-fips.vcxproj
@@ -117,6 +117,18 @@
     <OutDir>$(SolutionDir)$(Configuration)\$(Platform)\</OutDir>
     <IntDir>$(Configuration)\$(Platform)\$(ProjectName)_obj\</IntDir>
   </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|Win32'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Release|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='DLL Debug|x64'">
+    <LinkIncremental>false</LinkIncremental>
+  </PropertyGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
     <ClCompile>
       <Optimization>Disabled</Optimization>
@@ -146,6 +158,7 @@
       <BaseAddress>0x5A000000</BaseAddress>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <DataExecutionPrevention>false</DataExecutionPrevention>
+      <FixedBaseAddress>true</FixedBaseAddress>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@@ -206,6 +219,7 @@
       <AdditionalDependencies>ws2_32.lib;%(AdditionalDependencies)</AdditionalDependencies>
       <RandomizedBaseAddress>false</RandomizedBaseAddress>
       <BaseAddress>0x5A000000</BaseAddress>
+      <FixedBaseAddress>true</FixedBaseAddress>
     </Link>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
@@ -258,6 +272,7 @@
     <ClCompile Include="..\..\wolfcrypt\src\hash.c" />
     <ClCompile Include="..\..\wolfcrypt\src\hmac.c" />
     <ClCompile Include="..\..\wolfcrypt\src\integer.c" />
+    <ClCompile Include="..\..\wolfcrypt\src\pkcs7.c" />
     <ClCompile Include="..\..\wolfcrypt\src\tfm.c" />
     <ClCompile Include="..\..\src\internal.c" />
     <ClCompile Include="..\..\src\wolfio.c" />
diff --git a/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h b/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
index f4ca1c1d..2c472db8 100644
--- a/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/WINCE/user_settings.h
@@ -36,7 +36,6 @@
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
     #define WOLFSSL_HAVE_SP_ECC
-    //#define WOLFSSL_SP_CACHE_RESISTANT
     //#define WOLFSSL_SP_MATH     /* only SP math - eliminates fast math code */
 
     /* SP Assembly Speedups */
@@ -187,7 +186,7 @@
             #else
                 #undef  ALT_ECC_SIZE
                 #define ALT_ECC_SIZE
-                /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+                /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
                 //#undef  FP_MAX_BITS_ECC
                 //#define FP_MAX_BITS_ECC (256 * 2)
             #endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
index 03a51593..28df853c 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/Intel/user_settings.h
@@ -194,7 +194,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
index dfa74249..f7c5693c 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/macOS-C++/M1/user_settings.h
@@ -205,7 +205,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
index cffd801d..031f54b5 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv2/user_settings.h
@@ -205,7 +205,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
index 917b6908..aff1e444 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
+++ b/extra/wolfssl/wolfssl/IDE/XCODE-FIPSv5/user_settings.h
@@ -223,7 +223,7 @@ extern "C" {
         #else
             #undef  ALT_ECC_SIZE
             #define ALT_ECC_SIZE
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#undef  FP_MAX_BITS_ECC
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
index a5905880..63c889fe 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
+++ b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl-FIPS.xcodeproj/project.pbxproj
@@ -96,57 +96,6 @@
 		521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
 		521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
 		521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
-		521646F81A8A80030062516A /* callbacks.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
-		521646F91A8A80030062516A /* certs_test.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
-		521646FA1A8A80030062516A /* crl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
-		521646FB1A8A80030062516A /* error-ssl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
-		521646FC1A8A80030062516A /* internal.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
-		521646FD1A8A80030062516A /* ocsp.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
-		521646FE1A8A80030062516A /* ssl.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
-		521646FF1A8A80030062516A /* test.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
-		521647001A8A80030062516A /* version.h in Copy Files */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
-		521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
-		521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
-		521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
-		521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
-		521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
-		521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
-		521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
-		521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
-		521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
-		5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
-		5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
-		5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
-		5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
-		5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
-		5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
-		521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
-		521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
-		521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
-		521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
-		521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
-		521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
-		521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
-		521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
-		521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
-		5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
-		5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
-		5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
-		5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
-		5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
-		5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
-		521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
-		521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
-		521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
-		521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
-		521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
-		521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
-		521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
-		521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
-		521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
-		5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
-		5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
-		5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
 		5216481D1A8AC2990062516A /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648101A8AC2990062516A /* aes.c */; };
 		5216481E1A8AC2990062516A /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648111A8AC2990062516A /* des3.c */; };
 		5216481F1A8AC2990062516A /* fips_test.c in Sources */ = {isa = PBXBuildFile; fileRef = 521648121A8AC2990062516A /* fips_test.c */; };
@@ -316,57 +265,6 @@
 		A4A54E641BC5C3E0002866CD /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
 		A4A54E651BC5C3E0002866CD /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
 		A4A54E661BC5C3E0002866CD /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
-		A4A54E681BC5C3E0002866CD /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
-		A4A54E691BC5C3E0002866CD /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
-		A4A54E6A1BC5C3E0002866CD /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
-		A4A54E6B1BC5C3E0002866CD /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
-		A4A54E6C1BC5C3E0002866CD /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
-		A4A54E6D1BC5C3E0002866CD /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
-		A4A54E6E1BC5C3E0002866CD /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
-		A4A54E6F1BC5C3E0002866CD /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
-		A4A54E701BC5C3E0002866CD /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
-		A4A54E721BC5C3E0002866CD /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
-		A4A54E731BC5C3E0002866CD /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
-		A4A54E741BC5C3E0002866CD /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
-		A4A54E751BC5C3E0002866CD /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
-		A4A54E761BC5C3E0002866CD /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
-		A4A54E771BC5C3E0002866CD /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
-		A4A54E781BC5C3E0002866CD /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
-		A4A54E791BC5C3E0002866CD /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
-		A4A54E7A1BC5C3E0002866CD /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
-		A4A54E7B1BC5C3E0002866CD /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
-		A4A54E7C1BC5C3E0002866CD /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
-		A4A54E7D1BC5C3E0002866CD /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
-		A4A54E7E1BC5C3E0002866CD /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
-		A4A54E7F1BC5C3E0002866CD /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
-		A4A54E801BC5C3E0002866CD /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
-		A4A54E811BC5C3E0002866CD /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
-		A4A54E821BC5C3E0002866CD /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
-		A4A54E841BC5C3E0002866CD /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
-		A4A54E851BC5C3E0002866CD /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
-		A4A54E861BC5C3E0002866CD /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
-		A4A54E871BC5C3E0002866CD /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
-		A4A54E881BC5C3E0002866CD /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
-		A4A54E891BC5C3E0002866CD /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
-		A4A54E8A1BC5C3E0002866CD /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
-		A4A54E8B1BC5C3E0002866CD /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
-		A4A54E8C1BC5C3E0002866CD /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
-		A4A54E8D1BC5C3E0002866CD /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
-		A4A54E8E1BC5C3E0002866CD /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
-		A4A54E8F1BC5C3E0002866CD /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
-		A4A54E901BC5C3E0002866CD /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
-		A4A54E921BC5C3E0002866CD /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
-		A4A54E931BC5C3E0002866CD /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
-		A4A54E941BC5C3E0002866CD /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
-		A4A54E951BC5C3E0002866CD /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
-		A4A54E961BC5C3E0002866CD /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
-		A4A54E971BC5C3E0002866CD /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
-		A4A54E981BC5C3E0002866CD /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
-		A4A54E991BC5C3E0002866CD /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
-		A4A54E9A1BC5C3E0002866CD /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
-		A4A54E9B1BC5C3E0002866CD /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
-		A4A54E9C1BC5C3E0002866CD /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
-		A4A54E9D1BC5C3E0002866CD /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXCopyFilesBuildPhase section */
@@ -460,76 +358,6 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
-		521646C21A8A7B3B0062516A /* Copy Files */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl;
-			dstSubfolderSpec = 7;
-			files = (
-				521646F81A8A80030062516A /* callbacks.h in Copy Files */,
-				521646F91A8A80030062516A /* certs_test.h in Copy Files */,
-				521646FA1A8A80030062516A /* crl.h in Copy Files */,
-				521646FB1A8A80030062516A /* error-ssl.h in Copy Files */,
-				521646FC1A8A80030062516A /* internal.h in Copy Files */,
-				521646FD1A8A80030062516A /* ocsp.h in Copy Files */,
-				521646FE1A8A80030062516A /* ssl.h in Copy Files */,
-				521646FF1A8A80030062516A /* test.h in Copy Files */,
-				521647001A8A80030062516A /* version.h in Copy Files */,
-			);
-			name = "Copy Files";
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-		521646C31A8A7B3D0062516A /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl/ctaocrypt;
-			dstSubfolderSpec = 7;
-			files = (
-				521647011A8A80100062516A /* aes.h in CopyFiles */,
-				521647021A8A80100062516A /* arc4.h in CopyFiles */,
-				521647031A8A80100062516A /* asn_public.h in CopyFiles */,
-				521647041A8A80100062516A /* asn.h in CopyFiles */,
-				521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
-				521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
-				521647071A8A80100062516A /* blake2.h in CopyFiles */,
-				521647081A8A80100062516A /* camellia.h in CopyFiles */,
-				521647091A8A80100062516A /* chacha.h in CopyFiles */,
-				5216470A1A8A80100062516A /* coding.h in CopyFiles */,
-				5216470B1A8A80100062516A /* compress.h in CopyFiles */,
-				5216470C1A8A80100062516A /* des3.h in CopyFiles */,
-				5216470D1A8A80100062516A /* dh.h in CopyFiles */,
-				5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
-				5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
-				521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
-				521647111A8A80100062516A /* fips_test.h in CopyFiles */,
-				521647131A8A80100062516A /* hmac.h in CopyFiles */,
-				521647141A8A80100062516A /* integer.h in CopyFiles */,
-				521647151A8A80100062516A /* logging.h in CopyFiles */,
-				521647161A8A80100062516A /* md2.h in CopyFiles */,
-				521647171A8A80100062516A /* md4.h in CopyFiles */,
-				521647181A8A80100062516A /* md5.h in CopyFiles */,
-				521647191A8A80100062516A /* memory.h in CopyFiles */,
-				5216471A1A8A80100062516A /* misc.h in CopyFiles */,
-				5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
-				5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
-				5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
-				5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
-				5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
-				521647211A8A80100062516A /* random.h in CopyFiles */,
-				521647221A8A80100062516A /* ripemd.h in CopyFiles */,
-				521647231A8A80100062516A /* rsa.h in CopyFiles */,
-				521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
-				521647251A8A80100062516A /* settings.h in CopyFiles */,
-				521647261A8A80100062516A /* sha.h in CopyFiles */,
-				521647271A8A80100062516A /* sha256.h in CopyFiles */,
-				521647281A8A80100062516A /* sha512.h in CopyFiles */,
-				521647291A8A80100062516A /* tfm.h in CopyFiles */,
-				5216472A1A8A80100062516A /* types.h in CopyFiles */,
-				5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
-				5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
 		52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
 			isa = PBXCopyFilesBuildPhase;
 			buildActionMask = 2147483647;
@@ -618,75 +446,6 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
-		A4A54E671BC5C3E0002866CD /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl;
-			dstSubfolderSpec = 7;
-			files = (
-				A4A54E681BC5C3E0002866CD /* callbacks.h in CopyFiles */,
-				A4A54E691BC5C3E0002866CD /* certs_test.h in CopyFiles */,
-				A4A54E6A1BC5C3E0002866CD /* crl.h in CopyFiles */,
-				A4A54E6B1BC5C3E0002866CD /* error-ssl.h in CopyFiles */,
-				A4A54E6C1BC5C3E0002866CD /* internal.h in CopyFiles */,
-				A4A54E6D1BC5C3E0002866CD /* ocsp.h in CopyFiles */,
-				A4A54E6E1BC5C3E0002866CD /* ssl.h in CopyFiles */,
-				A4A54E6F1BC5C3E0002866CD /* test.h in CopyFiles */,
-				A4A54E701BC5C3E0002866CD /* version.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-		A4A54E711BC5C3E0002866CD /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl/ctaocrypt;
-			dstSubfolderSpec = 7;
-			files = (
-				A4A54E721BC5C3E0002866CD /* aes.h in CopyFiles */,
-				A4A54E731BC5C3E0002866CD /* arc4.h in CopyFiles */,
-				A4A54E741BC5C3E0002866CD /* asn_public.h in CopyFiles */,
-				A4A54E751BC5C3E0002866CD /* asn.h in CopyFiles */,
-				A4A54E761BC5C3E0002866CD /* blake2-impl.h in CopyFiles */,
-				A4A54E771BC5C3E0002866CD /* blake2-int.h in CopyFiles */,
-				A4A54E781BC5C3E0002866CD /* blake2.h in CopyFiles */,
-				A4A54E791BC5C3E0002866CD /* camellia.h in CopyFiles */,
-				A4A54E7A1BC5C3E0002866CD /* chacha.h in CopyFiles */,
-				A4A54E7B1BC5C3E0002866CD /* coding.h in CopyFiles */,
-				A4A54E7C1BC5C3E0002866CD /* compress.h in CopyFiles */,
-				A4A54E7D1BC5C3E0002866CD /* des3.h in CopyFiles */,
-				A4A54E7E1BC5C3E0002866CD /* dh.h in CopyFiles */,
-				A4A54E7F1BC5C3E0002866CD /* dsa.h in CopyFiles */,
-				A4A54E801BC5C3E0002866CD /* ecc.h in CopyFiles */,
-				A4A54E811BC5C3E0002866CD /* error-crypt.h in CopyFiles */,
-				A4A54E821BC5C3E0002866CD /* fips_test.h in CopyFiles */,
-				A4A54E841BC5C3E0002866CD /* hmac.h in CopyFiles */,
-				A4A54E851BC5C3E0002866CD /* integer.h in CopyFiles */,
-				A4A54E861BC5C3E0002866CD /* logging.h in CopyFiles */,
-				A4A54E871BC5C3E0002866CD /* md2.h in CopyFiles */,
-				A4A54E881BC5C3E0002866CD /* md4.h in CopyFiles */,
-				A4A54E891BC5C3E0002866CD /* md5.h in CopyFiles */,
-				A4A54E8A1BC5C3E0002866CD /* memory.h in CopyFiles */,
-				A4A54E8B1BC5C3E0002866CD /* misc.h in CopyFiles */,
-				A4A54E8C1BC5C3E0002866CD /* mpi_class.h in CopyFiles */,
-				A4A54E8D1BC5C3E0002866CD /* mpi_superclass.h in CopyFiles */,
-				A4A54E8E1BC5C3E0002866CD /* pkcs7.h in CopyFiles */,
-				A4A54E8F1BC5C3E0002866CD /* poly1305.h in CopyFiles */,
-				A4A54E901BC5C3E0002866CD /* pwdbased.h in CopyFiles */,
-				A4A54E921BC5C3E0002866CD /* random.h in CopyFiles */,
-				A4A54E931BC5C3E0002866CD /* ripemd.h in CopyFiles */,
-				A4A54E941BC5C3E0002866CD /* rsa.h in CopyFiles */,
-				A4A54E951BC5C3E0002866CD /* settings_comp.h in CopyFiles */,
-				A4A54E961BC5C3E0002866CD /* settings.h in CopyFiles */,
-				A4A54E971BC5C3E0002866CD /* sha.h in CopyFiles */,
-				A4A54E981BC5C3E0002866CD /* sha256.h in CopyFiles */,
-				A4A54E991BC5C3E0002866CD /* sha512.h in CopyFiles */,
-				A4A54E9A1BC5C3E0002866CD /* tfm.h in CopyFiles */,
-				A4A54E9B1BC5C3E0002866CD /* types.h in CopyFiles */,
-				A4A54E9C1BC5C3E0002866CD /* visibility.h in CopyFiles */,
-				A4A54E9D1BC5C3E0002866CD /* wc_port.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
 /* End PBXCopyFilesBuildPhase section */
 
 /* Begin PBXFileReference section */
@@ -779,57 +538,6 @@
 		521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = "<group>"; };
 		521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = "<group>"; };
 		521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = "<group>"; };
-		5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = "<group>"; };
-		5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = "<group>"; };
-		5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = "<group>"; };
-		5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = "<group>"; };
-		5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = "<group>"; };
-		5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = "<group>"; };
-		521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = "<group>"; };
-		521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = "<group>"; };
-		521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = "<group>"; };
-		521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = "<group>"; };
-		521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = "<group>"; };
-		521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = "<group>"; };
-		521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = "<group>"; };
-		521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = "<group>"; };
-		5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = "<group>"; };
-		5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = "<group>"; };
-		5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = "<group>"; };
-		5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = "<group>"; };
-		5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = "<group>"; };
-		5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = "<group>"; };
-		521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = "<group>"; };
-		521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = "<group>"; };
-		521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = "<group>"; };
-		521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = "<group>"; };
-		521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = "<group>"; };
-		521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = "<group>"; };
-		521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = "<group>"; };
-		521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = "<group>"; };
-		521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = "<group>"; };
-		521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = "<group>"; };
-		521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = "<group>"; };
-		521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = "<group>"; };
-		521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = "<group>"; };
-		521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = "<group>"; };
-		521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = "<group>"; };
-		521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = "<group>"; };
-		521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = "<group>"; };
-		521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = "<group>"; };
-		521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = "<group>"; };
-		521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = "<group>"; };
-		521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = "<group>"; };
-		521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = "<group>"; };
-		521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = "<group>"; };
-		521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = "<group>"; };
-		521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = "<group>"; };
-		521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = "<group>"; };
-		521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = "<group>"; };
-		521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = "<group>"; };
-		521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = "<group>"; };
-		521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = "<group>"; };
-		521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = "<group>"; };
 		521648101A8AC2990062516A /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ../../ctaocrypt/src/aes.c; sourceTree = "<group>"; };
 		521648111A8AC2990062516A /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ../../ctaocrypt/src/des3.c; sourceTree = "<group>"; };
 		521648121A8AC2990062516A /* fips_test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = fips_test.c; path = ../../ctaocrypt/src/fips_test.c; sourceTree = "<group>"; };
@@ -917,77 +625,10 @@
 			children = (
 				521645F91A89916E0062516A /* wolfSSL */,
 				521645F81A89916A0062516A /* wolfCrypt */,
-				521645F71A8991680062516A /* CyaSSL */,
-				521645F61A8991640062516A /* CtaoCrypt */,
 			);
 			name = Headers;
 			sourceTree = SOURCE_ROOT;
 		};
-		521645F61A8991640062516A /* CtaoCrypt */ = {
-			isa = PBXGroup;
-			children = (
-				521646951A8993F50062516A /* aes.h */,
-				521646961A8993F50062516A /* arc4.h */,
-				521646971A8993F50062516A /* asn_public.h */,
-				521646981A8993F50062516A /* asn.h */,
-				521646991A8993F50062516A /* blake2-impl.h */,
-				5216469A1A8993F50062516A /* blake2-int.h */,
-				5216469B1A8993F50062516A /* blake2.h */,
-				5216469C1A8993F50062516A /* camellia.h */,
-				5216469D1A8993F50062516A /* chacha.h */,
-				5216469E1A8993F50062516A /* coding.h */,
-				5216469F1A8993F50062516A /* compress.h */,
-				521646A01A8993F50062516A /* des3.h */,
-				521646A11A8993F50062516A /* dh.h */,
-				521646A21A8993F50062516A /* dsa.h */,
-				521646A31A8993F50062516A /* ecc.h */,
-				521646A41A8993F50062516A /* error-crypt.h */,
-				521646A51A8993F50062516A /* fips_test.h */,
-				521646A71A8993F50062516A /* hmac.h */,
-				521646A81A8993F50062516A /* integer.h */,
-				521646A91A8993F50062516A /* logging.h */,
-				521646AA1A8993F50062516A /* md2.h */,
-				521646AB1A8993F50062516A /* md4.h */,
-				521646AC1A8993F50062516A /* md5.h */,
-				521646AD1A8993F50062516A /* memory.h */,
-				521646AE1A8993F50062516A /* misc.h */,
-				521646AF1A8993F50062516A /* mpi_class.h */,
-				521646B01A8993F50062516A /* mpi_superclass.h */,
-				521646B11A8993F50062516A /* pkcs7.h */,
-				521646B21A8993F50062516A /* poly1305.h */,
-				521646B31A8993F50062516A /* pwdbased.h */,
-				521646B51A8993F50062516A /* random.h */,
-				521646B61A8993F50062516A /* ripemd.h */,
-				521646B71A8993F50062516A /* rsa.h */,
-				521646B81A8993F50062516A /* settings_comp.h */,
-				521646B91A8993F50062516A /* settings.h */,
-				521646BA1A8993F50062516A /* sha.h */,
-				521646BB1A8993F50062516A /* sha256.h */,
-				521646BC1A8993F50062516A /* sha512.h */,
-				521646BD1A8993F50062516A /* tfm.h */,
-				521646BE1A8993F50062516A /* types.h */,
-				521646BF1A8993F50062516A /* visibility.h */,
-				521646C01A8993F50062516A /* wc_port.h */,
-			);
-			name = CtaoCrypt;
-			sourceTree = SOURCE_ROOT;
-		};
-		521645F71A8991680062516A /* CyaSSL */ = {
-			isa = PBXGroup;
-			children = (
-				5216468A1A8993BB0062516A /* callbacks.h */,
-				5216468B1A8993BB0062516A /* certs_test.h */,
-				5216468C1A8993BB0062516A /* crl.h */,
-				5216468D1A8993BB0062516A /* error-ssl.h */,
-				5216468E1A8993BB0062516A /* internal.h */,
-				5216468F1A8993BB0062516A /* ocsp.h */,
-				521646921A8993BB0062516A /* ssl.h */,
-				521646931A8993BB0062516A /* test.h */,
-				521646941A8993BB0062516A /* version.h */,
-			);
-			name = CyaSSL;
-			sourceTree = SOURCE_ROOT;
-		};
 		521645F81A89916A0062516A /* wolfCrypt */ = {
 			isa = PBXGroup;
 			children = (
@@ -1210,8 +851,6 @@
 				52B1344A16F3C9E800C07B32 /* Frameworks */,
 				52B1344B16F3C9E800C07B32 /* CopyFiles */,
 				521646C11A8A7B380062516A /* CopyFiles */,
-				521646C21A8A7B3B0062516A /* Copy Files */,
-				521646C31A8A7B3D0062516A /* CopyFiles */,
 				52B1344916F3C9E800C07B32 /* Sources */,
 			);
 			buildRules = (
@@ -1231,8 +870,6 @@
 				A4A54E2E1BC5C3E0002866CD /* Frameworks */,
 				A4A54E2F1BC5C3E0002866CD /* CopyFiles */,
 				A4A54E391BC5C3E0002866CD /* CopyFiles */,
-				A4A54E671BC5C3E0002866CD /* CopyFiles */,
-				A4A54E711BC5C3E0002866CD /* CopyFiles */,
 			);
 			buildRules = (
 			);
diff --git a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
index 7c135155..33c55dcc 100644
--- a/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
+++ b/extra/wolfssl/wolfssl/IDE/XCODE/wolfssl.xcodeproj/project.pbxproj
@@ -114,57 +114,6 @@
 		30B060B51C6DDB6200D46008 /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
 		30B060B61C6DDB6200D46008 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE0E1B7927290031F454 /* wc_encrypt.h */; };
 		30B060B71C6DDB6200D46008 /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
-		30B060B81C6DDB7D00D46008 /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
-		30B060B91C6DDB7D00D46008 /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
-		30B060BA1C6DDB7D00D46008 /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
-		30B060BB1C6DDB7D00D46008 /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
-		30B060BC1C6DDB7D00D46008 /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
-		30B060BD1C6DDB7D00D46008 /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
-		30B060BE1C6DDB7D00D46008 /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
-		30B060BF1C6DDB7D00D46008 /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
-		30B060C01C6DDB7D00D46008 /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
-		30B060C11C6DDB9800D46008 /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
-		30B060C21C6DDB9800D46008 /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
-		30B060C31C6DDB9800D46008 /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
-		30B060C41C6DDB9800D46008 /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
-		30B060C51C6DDB9800D46008 /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
-		30B060C61C6DDB9800D46008 /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
-		30B060C71C6DDB9800D46008 /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
-		30B060C81C6DDB9800D46008 /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
-		30B060C91C6DDB9800D46008 /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
-		30B060CA1C6DDB9800D46008 /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
-		30B060CB1C6DDB9800D46008 /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
-		30B060CC1C6DDB9800D46008 /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
-		30B060CD1C6DDB9800D46008 /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
-		30B060CE1C6DDB9800D46008 /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
-		30B060CF1C6DDB9800D46008 /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
-		30B060D01C6DDB9800D46008 /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
-		30B060D11C6DDB9800D46008 /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
-		30B060D31C6DDB9800D46008 /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
-		30B060D41C6DDB9800D46008 /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
-		30B060D51C6DDB9800D46008 /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
-		30B060D61C6DDB9800D46008 /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
-		30B060D71C6DDB9800D46008 /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
-		30B060D81C6DDB9800D46008 /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
-		30B060D91C6DDB9800D46008 /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
-		30B060DA1C6DDB9800D46008 /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
-		30B060DB1C6DDB9800D46008 /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
-		30B060DC1C6DDB9800D46008 /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
-		30B060DD1C6DDB9800D46008 /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
-		30B060DE1C6DDB9800D46008 /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
-		30B060DF1C6DDB9800D46008 /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
-		30B060E11C6DDB9800D46008 /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
-		30B060E21C6DDB9800D46008 /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
-		30B060E31C6DDB9800D46008 /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
-		30B060E41C6DDB9800D46008 /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
-		30B060E51C6DDB9800D46008 /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
-		30B060E61C6DDB9800D46008 /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
-		30B060E71C6DDB9800D46008 /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
-		30B060E81C6DDB9800D46008 /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
-		30B060E91C6DDB9800D46008 /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
-		30B060EA1C6DDB9800D46008 /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
-		30B060EB1C6DDB9800D46008 /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
-		30B060EC1C6DDB9800D46008 /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
 		520775A32239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
 		520775A42239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
 		520775A52239ABBE00087711 /* sp_c32.c in Sources */ = {isa = PBXBuildFile; fileRef = 1E8BEB70212F4C340063DCC1 /* sp_c32.c */; };
@@ -289,57 +238,6 @@
 		521646F51A8A7FF30062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
 		521646F61A8A7FF30062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
 		521646F71A8A7FF30062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
-		521646F81A8A80030062516A /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
-		521646F91A8A80030062516A /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
-		521646FA1A8A80030062516A /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
-		521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
-		521646FC1A8A80030062516A /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
-		521646FD1A8A80030062516A /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
-		521646FE1A8A80030062516A /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
-		521646FF1A8A80030062516A /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
-		521647001A8A80030062516A /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
-		521647011A8A80100062516A /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
-		521647021A8A80100062516A /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
-		521647031A8A80100062516A /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
-		521647041A8A80100062516A /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
-		521647051A8A80100062516A /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
-		521647061A8A80100062516A /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
-		521647071A8A80100062516A /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
-		521647081A8A80100062516A /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
-		521647091A8A80100062516A /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
-		5216470A1A8A80100062516A /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
-		5216470B1A8A80100062516A /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
-		5216470C1A8A80100062516A /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
-		5216470D1A8A80100062516A /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
-		5216470E1A8A80100062516A /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
-		5216470F1A8A80100062516A /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
-		521647101A8A80100062516A /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
-		521647111A8A80100062516A /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
-		521647131A8A80100062516A /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
-		521647141A8A80100062516A /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
-		521647151A8A80100062516A /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
-		521647161A8A80100062516A /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
-		521647171A8A80100062516A /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
-		521647181A8A80100062516A /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
-		521647191A8A80100062516A /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
-		5216471A1A8A80100062516A /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
-		5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
-		5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
-		5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
-		5216471E1A8A80100062516A /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
-		5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
-		521647211A8A80100062516A /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
-		521647221A8A80100062516A /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
-		521647231A8A80100062516A /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
-		521647241A8A80100062516A /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
-		521647251A8A80100062516A /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
-		521647261A8A80100062516A /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
-		521647271A8A80100062516A /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
-		521647281A8A80100062516A /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
-		521647291A8A80100062516A /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
-		5216472A1A8A80100062516A /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
-		5216472B1A8A80100062516A /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
-		5216472C1A8A80100062516A /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
 		522DBE0D1B7926FB0031F454 /* wc_encrypt.c in Sources */ = {isa = PBXBuildFile; fileRef = 522DBE0C1B7926FB0031F454 /* wc_encrypt.c */; };
 		522DBE0F1B7927A50031F454 /* wc_encrypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 522DBE0E1B7927290031F454 /* wc_encrypt.h */; };
 		525BE5341B3869110054BBCD /* hash.c in Sources */ = {isa = PBXBuildFile; fileRef = 525BE5331B3869110054BBCD /* hash.c */; };
@@ -634,57 +532,6 @@
 		A4F318B11BC58B1700FDF2BB /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646871A8993770062516A /* types.h */; };
 		A4F318B21BC58B1700FDF2BB /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646881A8993770062516A /* visibility.h */; };
 		A4F318B31BC58B1700FDF2BB /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646891A8993770062516A /* wc_port.h */; };
-		A4F318B51BC58B1700FDF2BB /* callbacks.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468A1A8993BB0062516A /* callbacks.h */; };
-		A4F318B61BC58B1700FDF2BB /* certs_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468B1A8993BB0062516A /* certs_test.h */; };
-		A4F318B71BC58B1700FDF2BB /* crl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468C1A8993BB0062516A /* crl.h */; };
-		A4F318B81BC58B1700FDF2BB /* error-ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468D1A8993BB0062516A /* error-ssl.h */; };
-		A4F318B91BC58B1700FDF2BB /* internal.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468E1A8993BB0062516A /* internal.h */; };
-		A4F318BA1BC58B1700FDF2BB /* ocsp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216468F1A8993BB0062516A /* ocsp.h */; };
-		A4F318BB1BC58B1700FDF2BB /* ssl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646921A8993BB0062516A /* ssl.h */; };
-		A4F318BC1BC58B1700FDF2BB /* test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646931A8993BB0062516A /* test.h */; };
-		A4F318BD1BC58B1700FDF2BB /* version.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646941A8993BB0062516A /* version.h */; };
-		A4F318BF1BC58B1700FDF2BB /* aes.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646951A8993F50062516A /* aes.h */; };
-		A4F318C01BC58B1700FDF2BB /* arc4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646961A8993F50062516A /* arc4.h */; };
-		A4F318C11BC58B1700FDF2BB /* asn_public.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646971A8993F50062516A /* asn_public.h */; };
-		A4F318C21BC58B1700FDF2BB /* asn.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646981A8993F50062516A /* asn.h */; };
-		A4F318C31BC58B1700FDF2BB /* blake2-impl.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646991A8993F50062516A /* blake2-impl.h */; };
-		A4F318C41BC58B1700FDF2BB /* blake2-int.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469A1A8993F50062516A /* blake2-int.h */; };
-		A4F318C51BC58B1700FDF2BB /* blake2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469B1A8993F50062516A /* blake2.h */; };
-		A4F318C61BC58B1700FDF2BB /* camellia.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469C1A8993F50062516A /* camellia.h */; };
-		A4F318C71BC58B1700FDF2BB /* chacha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469D1A8993F50062516A /* chacha.h */; };
-		A4F318C81BC58B1700FDF2BB /* coding.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469E1A8993F50062516A /* coding.h */; };
-		A4F318C91BC58B1700FDF2BB /* compress.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 5216469F1A8993F50062516A /* compress.h */; };
-		A4F318CA1BC58B1700FDF2BB /* des3.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A01A8993F50062516A /* des3.h */; };
-		A4F318CB1BC58B1700FDF2BB /* dh.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A11A8993F50062516A /* dh.h */; };
-		A4F318CC1BC58B1700FDF2BB /* dsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A21A8993F50062516A /* dsa.h */; };
-		A4F318CD1BC58B1700FDF2BB /* ecc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A31A8993F50062516A /* ecc.h */; };
-		A4F318CE1BC58B1700FDF2BB /* error-crypt.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A41A8993F50062516A /* error-crypt.h */; };
-		A4F318CF1BC58B1700FDF2BB /* fips_test.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A51A8993F50062516A /* fips_test.h */; };
-		A4F318D11BC58B1700FDF2BB /* hmac.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A71A8993F50062516A /* hmac.h */; };
-		A4F318D21BC58B1700FDF2BB /* integer.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A81A8993F50062516A /* integer.h */; };
-		A4F318D31BC58B1700FDF2BB /* logging.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646A91A8993F50062516A /* logging.h */; };
-		A4F318D41BC58B1700FDF2BB /* md2.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AA1A8993F50062516A /* md2.h */; };
-		A4F318D51BC58B1700FDF2BB /* md4.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AB1A8993F50062516A /* md4.h */; };
-		A4F318D61BC58B1700FDF2BB /* md5.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AC1A8993F50062516A /* md5.h */; };
-		A4F318D71BC58B1700FDF2BB /* memory.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AD1A8993F50062516A /* memory.h */; };
-		A4F318D81BC58B1700FDF2BB /* misc.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AE1A8993F50062516A /* misc.h */; };
-		A4F318D91BC58B1700FDF2BB /* mpi_class.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646AF1A8993F50062516A /* mpi_class.h */; };
-		A4F318DA1BC58B1700FDF2BB /* mpi_superclass.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B01A8993F50062516A /* mpi_superclass.h */; };
-		A4F318DB1BC58B1700FDF2BB /* pkcs7.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B11A8993F50062516A /* pkcs7.h */; };
-		A4F318DC1BC58B1700FDF2BB /* poly1305.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B21A8993F50062516A /* poly1305.h */; };
-		A4F318DD1BC58B1700FDF2BB /* pwdbased.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B31A8993F50062516A /* pwdbased.h */; };
-		A4F318DF1BC58B1700FDF2BB /* random.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B51A8993F50062516A /* random.h */; };
-		A4F318E01BC58B1700FDF2BB /* ripemd.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B61A8993F50062516A /* ripemd.h */; };
-		A4F318E11BC58B1700FDF2BB /* rsa.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B71A8993F50062516A /* rsa.h */; };
-		A4F318E21BC58B1700FDF2BB /* settings_comp.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B81A8993F50062516A /* settings_comp.h */; };
-		A4F318E31BC58B1700FDF2BB /* settings.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646B91A8993F50062516A /* settings.h */; };
-		A4F318E41BC58B1700FDF2BB /* sha.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BA1A8993F50062516A /* sha.h */; };
-		A4F318E51BC58B1700FDF2BB /* sha256.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BB1A8993F50062516A /* sha256.h */; };
-		A4F318E61BC58B1700FDF2BB /* sha512.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BC1A8993F50062516A /* sha512.h */; };
-		A4F318E71BC58B1700FDF2BB /* tfm.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BD1A8993F50062516A /* tfm.h */; };
-		A4F318E81BC58B1700FDF2BB /* types.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BE1A8993F50062516A /* types.h */; };
-		A4F318E91BC58B1700FDF2BB /* visibility.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646BF1A8993F50062516A /* visibility.h */; };
-		A4F318EA1BC58B1700FDF2BB /* wc_port.h in CopyFiles */ = {isa = PBXBuildFile; fileRef = 521646C01A8993F50062516A /* wc_port.h */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXCopyFilesBuildPhase section */
@@ -761,75 +608,6 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
-		30B060891C6DDB5400D46008 /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl;
-			dstSubfolderSpec = 7;
-			files = (
-				30B060B81C6DDB7D00D46008 /* callbacks.h in CopyFiles */,
-				30B060B91C6DDB7D00D46008 /* certs_test.h in CopyFiles */,
-				30B060BA1C6DDB7D00D46008 /* crl.h in CopyFiles */,
-				30B060BB1C6DDB7D00D46008 /* error-ssl.h in CopyFiles */,
-				30B060BC1C6DDB7D00D46008 /* internal.h in CopyFiles */,
-				30B060BD1C6DDB7D00D46008 /* ocsp.h in CopyFiles */,
-				30B060BE1C6DDB7D00D46008 /* ssl.h in CopyFiles */,
-				30B060BF1C6DDB7D00D46008 /* test.h in CopyFiles */,
-				30B060C01C6DDB7D00D46008 /* version.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-		30B0608A1C6DDB5500D46008 /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl/ctaocrypt;
-			dstSubfolderSpec = 7;
-			files = (
-				30B060C11C6DDB9800D46008 /* aes.h in CopyFiles */,
-				30B060C21C6DDB9800D46008 /* arc4.h in CopyFiles */,
-				30B060C31C6DDB9800D46008 /* asn_public.h in CopyFiles */,
-				30B060C41C6DDB9800D46008 /* asn.h in CopyFiles */,
-				30B060C51C6DDB9800D46008 /* blake2-impl.h in CopyFiles */,
-				30B060C61C6DDB9800D46008 /* blake2-int.h in CopyFiles */,
-				30B060C71C6DDB9800D46008 /* blake2.h in CopyFiles */,
-				30B060C81C6DDB9800D46008 /* camellia.h in CopyFiles */,
-				30B060C91C6DDB9800D46008 /* chacha.h in CopyFiles */,
-				30B060CA1C6DDB9800D46008 /* coding.h in CopyFiles */,
-				30B060CB1C6DDB9800D46008 /* compress.h in CopyFiles */,
-				30B060CC1C6DDB9800D46008 /* des3.h in CopyFiles */,
-				30B060CD1C6DDB9800D46008 /* dh.h in CopyFiles */,
-				30B060CE1C6DDB9800D46008 /* dsa.h in CopyFiles */,
-				30B060CF1C6DDB9800D46008 /* ecc.h in CopyFiles */,
-				30B060D01C6DDB9800D46008 /* error-crypt.h in CopyFiles */,
-				30B060D11C6DDB9800D46008 /* fips_test.h in CopyFiles */,
-				30B060D31C6DDB9800D46008 /* hmac.h in CopyFiles */,
-				30B060D41C6DDB9800D46008 /* integer.h in CopyFiles */,
-				30B060D51C6DDB9800D46008 /* logging.h in CopyFiles */,
-				30B060D61C6DDB9800D46008 /* md2.h in CopyFiles */,
-				30B060D71C6DDB9800D46008 /* md4.h in CopyFiles */,
-				30B060D81C6DDB9800D46008 /* md5.h in CopyFiles */,
-				30B060D91C6DDB9800D46008 /* memory.h in CopyFiles */,
-				30B060DA1C6DDB9800D46008 /* misc.h in CopyFiles */,
-				30B060DB1C6DDB9800D46008 /* mpi_class.h in CopyFiles */,
-				30B060DC1C6DDB9800D46008 /* mpi_superclass.h in CopyFiles */,
-				30B060DD1C6DDB9800D46008 /* pkcs7.h in CopyFiles */,
-				30B060DE1C6DDB9800D46008 /* poly1305.h in CopyFiles */,
-				30B060DF1C6DDB9800D46008 /* pwdbased.h in CopyFiles */,
-				30B060E11C6DDB9800D46008 /* random.h in CopyFiles */,
-				30B060E21C6DDB9800D46008 /* ripemd.h in CopyFiles */,
-				30B060E31C6DDB9800D46008 /* rsa.h in CopyFiles */,
-				30B060E41C6DDB9800D46008 /* settings_comp.h in CopyFiles */,
-				30B060E51C6DDB9800D46008 /* settings.h in CopyFiles */,
-				30B060E61C6DDB9800D46008 /* sha.h in CopyFiles */,
-				30B060E71C6DDB9800D46008 /* sha256.h in CopyFiles */,
-				30B060E81C6DDB9800D46008 /* sha512.h in CopyFiles */,
-				30B060E91C6DDB9800D46008 /* tfm.h in CopyFiles */,
-				30B060EA1C6DDB9800D46008 /* types.h in CopyFiles */,
-				30B060EB1C6DDB9800D46008 /* visibility.h in CopyFiles */,
-				30B060EC1C6DDB9800D46008 /* wc_port.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
 		521646C11A8A7B380062516A /* CopyFiles */ = {
 			isa = PBXCopyFilesBuildPhase;
 			buildActionMask = 2147483647;
@@ -920,75 +698,6 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
-		521646C21A8A7B3B0062516A /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl;
-			dstSubfolderSpec = 7;
-			files = (
-				521646F81A8A80030062516A /* callbacks.h in CopyFiles */,
-				521646F91A8A80030062516A /* certs_test.h in CopyFiles */,
-				521646FA1A8A80030062516A /* crl.h in CopyFiles */,
-				521646FB1A8A80030062516A /* error-ssl.h in CopyFiles */,
-				521646FC1A8A80030062516A /* internal.h in CopyFiles */,
-				521646FD1A8A80030062516A /* ocsp.h in CopyFiles */,
-				521646FE1A8A80030062516A /* ssl.h in CopyFiles */,
-				521646FF1A8A80030062516A /* test.h in CopyFiles */,
-				521647001A8A80030062516A /* version.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-		521646C31A8A7B3D0062516A /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl/ctaocrypt;
-			dstSubfolderSpec = 7;
-			files = (
-				521647011A8A80100062516A /* aes.h in CopyFiles */,
-				521647021A8A80100062516A /* arc4.h in CopyFiles */,
-				521647031A8A80100062516A /* asn_public.h in CopyFiles */,
-				521647041A8A80100062516A /* asn.h in CopyFiles */,
-				521647051A8A80100062516A /* blake2-impl.h in CopyFiles */,
-				521647061A8A80100062516A /* blake2-int.h in CopyFiles */,
-				521647071A8A80100062516A /* blake2.h in CopyFiles */,
-				521647081A8A80100062516A /* camellia.h in CopyFiles */,
-				521647091A8A80100062516A /* chacha.h in CopyFiles */,
-				5216470A1A8A80100062516A /* coding.h in CopyFiles */,
-				5216470B1A8A80100062516A /* compress.h in CopyFiles */,
-				5216470C1A8A80100062516A /* des3.h in CopyFiles */,
-				5216470D1A8A80100062516A /* dh.h in CopyFiles */,
-				5216470E1A8A80100062516A /* dsa.h in CopyFiles */,
-				5216470F1A8A80100062516A /* ecc.h in CopyFiles */,
-				521647101A8A80100062516A /* error-crypt.h in CopyFiles */,
-				521647111A8A80100062516A /* fips_test.h in CopyFiles */,
-				521647131A8A80100062516A /* hmac.h in CopyFiles */,
-				521647141A8A80100062516A /* integer.h in CopyFiles */,
-				521647151A8A80100062516A /* logging.h in CopyFiles */,
-				521647161A8A80100062516A /* md2.h in CopyFiles */,
-				521647171A8A80100062516A /* md4.h in CopyFiles */,
-				521647181A8A80100062516A /* md5.h in CopyFiles */,
-				521647191A8A80100062516A /* memory.h in CopyFiles */,
-				5216471A1A8A80100062516A /* misc.h in CopyFiles */,
-				5216471B1A8A80100062516A /* mpi_class.h in CopyFiles */,
-				5216471C1A8A80100062516A /* mpi_superclass.h in CopyFiles */,
-				5216471D1A8A80100062516A /* pkcs7.h in CopyFiles */,
-				5216471E1A8A80100062516A /* poly1305.h in CopyFiles */,
-				5216471F1A8A80100062516A /* pwdbased.h in CopyFiles */,
-				521647211A8A80100062516A /* random.h in CopyFiles */,
-				521647221A8A80100062516A /* ripemd.h in CopyFiles */,
-				521647231A8A80100062516A /* rsa.h in CopyFiles */,
-				521647241A8A80100062516A /* settings_comp.h in CopyFiles */,
-				521647251A8A80100062516A /* settings.h in CopyFiles */,
-				521647261A8A80100062516A /* sha.h in CopyFiles */,
-				521647271A8A80100062516A /* sha256.h in CopyFiles */,
-				521647281A8A80100062516A /* sha512.h in CopyFiles */,
-				521647291A8A80100062516A /* tfm.h in CopyFiles */,
-				5216472A1A8A80100062516A /* types.h in CopyFiles */,
-				5216472B1A8A80100062516A /* visibility.h in CopyFiles */,
-				5216472C1A8A80100062516A /* wc_port.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
 		52B1344B16F3C9E800C07B32 /* CopyFiles */ = {
 			isa = PBXCopyFilesBuildPhase;
 			buildActionMask = 2147483647;
@@ -1150,75 +859,6 @@
 			);
 			runOnlyForDeploymentPostprocessing = 0;
 		};
-		A4F318B41BC58B1700FDF2BB /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl;
-			dstSubfolderSpec = 7;
-			files = (
-				A4F318B51BC58B1700FDF2BB /* callbacks.h in CopyFiles */,
-				A4F318B61BC58B1700FDF2BB /* certs_test.h in CopyFiles */,
-				A4F318B71BC58B1700FDF2BB /* crl.h in CopyFiles */,
-				A4F318B81BC58B1700FDF2BB /* error-ssl.h in CopyFiles */,
-				A4F318B91BC58B1700FDF2BB /* internal.h in CopyFiles */,
-				A4F318BA1BC58B1700FDF2BB /* ocsp.h in CopyFiles */,
-				A4F318BB1BC58B1700FDF2BB /* ssl.h in CopyFiles */,
-				A4F318BC1BC58B1700FDF2BB /* test.h in CopyFiles */,
-				A4F318BD1BC58B1700FDF2BB /* version.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
-		A4F318BE1BC58B1700FDF2BB /* CopyFiles */ = {
-			isa = PBXCopyFilesBuildPhase;
-			buildActionMask = 2147483647;
-			dstPath = include/cyassl/ctaocrypt;
-			dstSubfolderSpec = 7;
-			files = (
-				A4F318BF1BC58B1700FDF2BB /* aes.h in CopyFiles */,
-				A4F318C01BC58B1700FDF2BB /* arc4.h in CopyFiles */,
-				A4F318C11BC58B1700FDF2BB /* asn_public.h in CopyFiles */,
-				A4F318C21BC58B1700FDF2BB /* asn.h in CopyFiles */,
-				A4F318C31BC58B1700FDF2BB /* blake2-impl.h in CopyFiles */,
-				A4F318C41BC58B1700FDF2BB /* blake2-int.h in CopyFiles */,
-				A4F318C51BC58B1700FDF2BB /* blake2.h in CopyFiles */,
-				A4F318C61BC58B1700FDF2BB /* camellia.h in CopyFiles */,
-				A4F318C71BC58B1700FDF2BB /* chacha.h in CopyFiles */,
-				A4F318C81BC58B1700FDF2BB /* coding.h in CopyFiles */,
-				A4F318C91BC58B1700FDF2BB /* compress.h in CopyFiles */,
-				A4F318CA1BC58B1700FDF2BB /* des3.h in CopyFiles */,
-				A4F318CB1BC58B1700FDF2BB /* dh.h in CopyFiles */,
-				A4F318CC1BC58B1700FDF2BB /* dsa.h in CopyFiles */,
-				A4F318CD1BC58B1700FDF2BB /* ecc.h in CopyFiles */,
-				A4F318CE1BC58B1700FDF2BB /* error-crypt.h in CopyFiles */,
-				A4F318CF1BC58B1700FDF2BB /* fips_test.h in CopyFiles */,
-				A4F318D11BC58B1700FDF2BB /* hmac.h in CopyFiles */,
-				A4F318D21BC58B1700FDF2BB /* integer.h in CopyFiles */,
-				A4F318D31BC58B1700FDF2BB /* logging.h in CopyFiles */,
-				A4F318D41BC58B1700FDF2BB /* md2.h in CopyFiles */,
-				A4F318D51BC58B1700FDF2BB /* md4.h in CopyFiles */,
-				A4F318D61BC58B1700FDF2BB /* md5.h in CopyFiles */,
-				A4F318D71BC58B1700FDF2BB /* memory.h in CopyFiles */,
-				A4F318D81BC58B1700FDF2BB /* misc.h in CopyFiles */,
-				A4F318D91BC58B1700FDF2BB /* mpi_class.h in CopyFiles */,
-				A4F318DA1BC58B1700FDF2BB /* mpi_superclass.h in CopyFiles */,
-				A4F318DB1BC58B1700FDF2BB /* pkcs7.h in CopyFiles */,
-				A4F318DC1BC58B1700FDF2BB /* poly1305.h in CopyFiles */,
-				A4F318DD1BC58B1700FDF2BB /* pwdbased.h in CopyFiles */,
-				A4F318DF1BC58B1700FDF2BB /* random.h in CopyFiles */,
-				A4F318E01BC58B1700FDF2BB /* ripemd.h in CopyFiles */,
-				A4F318E11BC58B1700FDF2BB /* rsa.h in CopyFiles */,
-				A4F318E21BC58B1700FDF2BB /* settings_comp.h in CopyFiles */,
-				A4F318E31BC58B1700FDF2BB /* settings.h in CopyFiles */,
-				A4F318E41BC58B1700FDF2BB /* sha.h in CopyFiles */,
-				A4F318E51BC58B1700FDF2BB /* sha256.h in CopyFiles */,
-				A4F318E61BC58B1700FDF2BB /* sha512.h in CopyFiles */,
-				A4F318E71BC58B1700FDF2BB /* tfm.h in CopyFiles */,
-				A4F318E81BC58B1700FDF2BB /* types.h in CopyFiles */,
-				A4F318E91BC58B1700FDF2BB /* visibility.h in CopyFiles */,
-				A4F318EA1BC58B1700FDF2BB /* wc_port.h in CopyFiles */,
-			);
-			runOnlyForDeploymentPostprocessing = 0;
-		};
 /* End PBXCopyFilesBuildPhase section */
 
 /* Begin PBXFileReference section */
@@ -1329,57 +969,6 @@
 		521646871A8993770062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../wolfssl/wolfcrypt/types.h; sourceTree = "<group>"; };
 		521646881A8993770062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../wolfssl/wolfcrypt/visibility.h; sourceTree = "<group>"; };
 		521646891A8993770062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../wolfssl/wolfcrypt/wc_port.h; sourceTree = "<group>"; };
-		5216468A1A8993BB0062516A /* callbacks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = callbacks.h; path = ../../cyassl/callbacks.h; sourceTree = "<group>"; };
-		5216468B1A8993BB0062516A /* certs_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = certs_test.h; path = ../../cyassl/certs_test.h; sourceTree = "<group>"; };
-		5216468C1A8993BB0062516A /* crl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = crl.h; path = ../../cyassl/crl.h; sourceTree = "<group>"; };
-		5216468D1A8993BB0062516A /* error-ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-ssl.h"; path = "../../cyassl/error-ssl.h"; sourceTree = "<group>"; };
-		5216468E1A8993BB0062516A /* internal.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = internal.h; path = ../../cyassl/internal.h; sourceTree = "<group>"; };
-		5216468F1A8993BB0062516A /* ocsp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ocsp.h; path = ../../cyassl/ocsp.h; sourceTree = "<group>"; };
-		521646921A8993BB0062516A /* ssl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ssl.h; path = ../../cyassl/ssl.h; sourceTree = "<group>"; };
-		521646931A8993BB0062516A /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../cyassl/test.h; sourceTree = "<group>"; };
-		521646941A8993BB0062516A /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = version.h; path = ../../cyassl/version.h; sourceTree = "<group>"; };
-		521646951A8993F50062516A /* aes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = aes.h; path = ../../cyassl/ctaocrypt/aes.h; sourceTree = "<group>"; };
-		521646961A8993F50062516A /* arc4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = arc4.h; path = ../../cyassl/ctaocrypt/arc4.h; sourceTree = "<group>"; };
-		521646971A8993F50062516A /* asn_public.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn_public.h; path = ../../cyassl/ctaocrypt/asn_public.h; sourceTree = "<group>"; };
-		521646981A8993F50062516A /* asn.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = asn.h; path = ../../cyassl/ctaocrypt/asn.h; sourceTree = "<group>"; };
-		521646991A8993F50062516A /* blake2-impl.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-impl.h"; path = "../../cyassl/ctaocrypt/blake2-impl.h"; sourceTree = "<group>"; };
-		5216469A1A8993F50062516A /* blake2-int.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "blake2-int.h"; path = "../../cyassl/ctaocrypt/blake2-int.h"; sourceTree = "<group>"; };
-		5216469B1A8993F50062516A /* blake2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = blake2.h; path = ../../cyassl/ctaocrypt/blake2.h; sourceTree = "<group>"; };
-		5216469C1A8993F50062516A /* camellia.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = camellia.h; path = ../../cyassl/ctaocrypt/camellia.h; sourceTree = "<group>"; };
-		5216469D1A8993F50062516A /* chacha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = chacha.h; path = ../../cyassl/ctaocrypt/chacha.h; sourceTree = "<group>"; };
-		5216469E1A8993F50062516A /* coding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = coding.h; path = ../../cyassl/ctaocrypt/coding.h; sourceTree = "<group>"; };
-		5216469F1A8993F50062516A /* compress.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = compress.h; path = ../../cyassl/ctaocrypt/compress.h; sourceTree = "<group>"; };
-		521646A01A8993F50062516A /* des3.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = des3.h; path = ../../cyassl/ctaocrypt/des3.h; sourceTree = "<group>"; };
-		521646A11A8993F50062516A /* dh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dh.h; path = ../../cyassl/ctaocrypt/dh.h; sourceTree = "<group>"; };
-		521646A21A8993F50062516A /* dsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dsa.h; path = ../../cyassl/ctaocrypt/dsa.h; sourceTree = "<group>"; };
-		521646A31A8993F50062516A /* ecc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ecc.h; path = ../../cyassl/ctaocrypt/ecc.h; sourceTree = "<group>"; };
-		521646A41A8993F50062516A /* error-crypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = "error-crypt.h"; path = "../../cyassl/ctaocrypt/error-crypt.h"; sourceTree = "<group>"; };
-		521646A51A8993F50062516A /* fips_test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = fips_test.h; path = ../../cyassl/ctaocrypt/fips_test.h; sourceTree = "<group>"; };
-		521646A71A8993F50062516A /* hmac.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = hmac.h; path = ../../cyassl/ctaocrypt/hmac.h; sourceTree = "<group>"; };
-		521646A81A8993F50062516A /* integer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = integer.h; path = ../../cyassl/ctaocrypt/integer.h; sourceTree = "<group>"; };
-		521646A91A8993F50062516A /* logging.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = logging.h; path = ../../cyassl/ctaocrypt/logging.h; sourceTree = "<group>"; };
-		521646AA1A8993F50062516A /* md2.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md2.h; path = ../../cyassl/ctaocrypt/md2.h; sourceTree = "<group>"; };
-		521646AB1A8993F50062516A /* md4.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md4.h; path = ../../cyassl/ctaocrypt/md4.h; sourceTree = "<group>"; };
-		521646AC1A8993F50062516A /* md5.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = md5.h; path = ../../cyassl/ctaocrypt/md5.h; sourceTree = "<group>"; };
-		521646AD1A8993F50062516A /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = memory.h; path = ../../cyassl/ctaocrypt/memory.h; sourceTree = "<group>"; };
-		521646AE1A8993F50062516A /* misc.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = misc.h; path = ../../cyassl/ctaocrypt/misc.h; sourceTree = "<group>"; };
-		521646AF1A8993F50062516A /* mpi_class.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_class.h; path = ../../cyassl/ctaocrypt/mpi_class.h; sourceTree = "<group>"; };
-		521646B01A8993F50062516A /* mpi_superclass.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = mpi_superclass.h; path = ../../cyassl/ctaocrypt/mpi_superclass.h; sourceTree = "<group>"; };
-		521646B11A8993F50062516A /* pkcs7.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pkcs7.h; path = ../../cyassl/ctaocrypt/pkcs7.h; sourceTree = "<group>"; };
-		521646B21A8993F50062516A /* poly1305.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = poly1305.h; path = ../../cyassl/ctaocrypt/poly1305.h; sourceTree = "<group>"; };
-		521646B31A8993F50062516A /* pwdbased.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = pwdbased.h; path = ../../cyassl/ctaocrypt/pwdbased.h; sourceTree = "<group>"; };
-		521646B51A8993F50062516A /* random.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = random.h; path = ../../cyassl/ctaocrypt/random.h; sourceTree = "<group>"; };
-		521646B61A8993F50062516A /* ripemd.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = ripemd.h; path = ../../cyassl/ctaocrypt/ripemd.h; sourceTree = "<group>"; };
-		521646B71A8993F50062516A /* rsa.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = rsa.h; path = ../../cyassl/ctaocrypt/rsa.h; sourceTree = "<group>"; };
-		521646B81A8993F50062516A /* settings_comp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings_comp.h; path = ../../cyassl/ctaocrypt/settings_comp.h; sourceTree = "<group>"; };
-		521646B91A8993F50062516A /* settings.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = settings.h; path = ../../cyassl/ctaocrypt/settings.h; sourceTree = "<group>"; };
-		521646BA1A8993F50062516A /* sha.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha.h; path = ../../cyassl/ctaocrypt/sha.h; sourceTree = "<group>"; };
-		521646BB1A8993F50062516A /* sha256.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha256.h; path = ../../cyassl/ctaocrypt/sha256.h; sourceTree = "<group>"; };
-		521646BC1A8993F50062516A /* sha512.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = sha512.h; path = ../../cyassl/ctaocrypt/sha512.h; sourceTree = "<group>"; };
-		521646BD1A8993F50062516A /* tfm.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = tfm.h; path = ../../cyassl/ctaocrypt/tfm.h; sourceTree = "<group>"; };
-		521646BE1A8993F50062516A /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = types.h; path = ../../cyassl/ctaocrypt/types.h; sourceTree = "<group>"; };
-		521646BF1A8993F50062516A /* visibility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = visibility.h; path = ../../cyassl/ctaocrypt/visibility.h; sourceTree = "<group>"; };
-		521646C01A8993F50062516A /* wc_port.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_port.h; path = ../../cyassl/ctaocrypt/wc_port.h; sourceTree = "<group>"; };
 		522DBE0C1B7926FB0031F454 /* wc_encrypt.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = wc_encrypt.c; path = ../../wolfcrypt/src/wc_encrypt.c; sourceTree = SOURCE_ROOT; };
 		522DBE0E1B7927290031F454 /* wc_encrypt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = wc_encrypt.h; path = ../../wolfssl/wolfcrypt/wc_encrypt.h; sourceTree = "<group>"; };
 		525BE5331B3869110054BBCD /* hash.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hash.c; path = ../../wolfcrypt/src/hash.c; sourceTree = "<group>"; };
@@ -1549,78 +1138,11 @@
 			children = (
 				521645F91A89916E0062516A /* wolfSSL */,
 				521645F81A89916A0062516A /* wolfCrypt */,
-				521645F71A8991680062516A /* CyaSSL */,
-				521645F61A8991640062516A /* CtaoCrypt */,
 				700F0C502A2FBE3600755BA7 /* OpenSSL */,
 			);
 			name = Headers;
 			sourceTree = SOURCE_ROOT;
 		};
-		521645F61A8991640062516A /* CtaoCrypt */ = {
-			isa = PBXGroup;
-			children = (
-				521646951A8993F50062516A /* aes.h */,
-				521646961A8993F50062516A /* arc4.h */,
-				521646971A8993F50062516A /* asn_public.h */,
-				521646981A8993F50062516A /* asn.h */,
-				521646991A8993F50062516A /* blake2-impl.h */,
-				5216469A1A8993F50062516A /* blake2-int.h */,
-				5216469B1A8993F50062516A /* blake2.h */,
-				5216469C1A8993F50062516A /* camellia.h */,
-				5216469D1A8993F50062516A /* chacha.h */,
-				5216469E1A8993F50062516A /* coding.h */,
-				5216469F1A8993F50062516A /* compress.h */,
-				521646A01A8993F50062516A /* des3.h */,
-				521646A11A8993F50062516A /* dh.h */,
-				521646A21A8993F50062516A /* dsa.h */,
-				521646A31A8993F50062516A /* ecc.h */,
-				521646A41A8993F50062516A /* error-crypt.h */,
-				521646A51A8993F50062516A /* fips_test.h */,
-				521646A71A8993F50062516A /* hmac.h */,
-				521646A81A8993F50062516A /* integer.h */,
-				521646A91A8993F50062516A /* logging.h */,
-				521646AA1A8993F50062516A /* md2.h */,
-				521646AB1A8993F50062516A /* md4.h */,
-				521646AC1A8993F50062516A /* md5.h */,
-				521646AD1A8993F50062516A /* memory.h */,
-				521646AE1A8993F50062516A /* misc.h */,
-				521646AF1A8993F50062516A /* mpi_class.h */,
-				521646B01A8993F50062516A /* mpi_superclass.h */,
-				521646B11A8993F50062516A /* pkcs7.h */,
-				521646B21A8993F50062516A /* poly1305.h */,
-				521646B31A8993F50062516A /* pwdbased.h */,
-				521646B51A8993F50062516A /* random.h */,
-				521646B61A8993F50062516A /* ripemd.h */,
-				521646B71A8993F50062516A /* rsa.h */,
-				521646B81A8993F50062516A /* settings_comp.h */,
-				521646B91A8993F50062516A /* settings.h */,
-				521646BA1A8993F50062516A /* sha.h */,
-				521646BB1A8993F50062516A /* sha256.h */,
-				521646BC1A8993F50062516A /* sha512.h */,
-				521646BD1A8993F50062516A /* tfm.h */,
-				521646BE1A8993F50062516A /* types.h */,
-				521646BF1A8993F50062516A /* visibility.h */,
-				521646C01A8993F50062516A /* wc_port.h */,
-			);
-			name = CtaoCrypt;
-			sourceTree = SOURCE_ROOT;
-		};
-		521645F71A8991680062516A /* CyaSSL */ = {
-			isa = PBXGroup;
-			children = (
-				5216468A1A8993BB0062516A /* callbacks.h */,
-				5216468B1A8993BB0062516A /* certs_test.h */,
-				5216468C1A8993BB0062516A /* crl.h */,
-				5216468D1A8993BB0062516A /* error-ssl.h */,
-				5216468E1A8993BB0062516A /* internal.h */,
-				5216468F1A8993BB0062516A /* ocsp.h */,
-				521646921A8993BB0062516A /* ssl.h */,
-				521646931A8993BB0062516A /* test.h */,
-				521646941A8993BB0062516A /* version.h */,
-			);
-			name = CyaSSL;
-			sourceTree = SOURCE_ROOT;
-		};
 		521645F81A89916A0062516A /* wolfCrypt */ = {
 			isa = PBXGroup;
 			children = (
@@ -1935,8 +1457,6 @@
 				30B060481C6DDAEA00D46008 /* Frameworks */,
 				30B060491C6DDAEA00D46008 /* CopyFiles */,
 				30B060881C6DDB5200D46008 /* CopyFiles */,
-				30B060891C6DDB5400D46008 /* CopyFiles */,
-				30B0608A1C6DDB5500D46008 /* CopyFiles */,
 				30B060471C6DDAEA00D46008 /* Sources */,
 			);
 			buildRules = (
@@ -1955,8 +1475,6 @@
 				52B1344A16F3C9E800C07B32 /* Frameworks */,
 				52B1344B16F3C9E800C07B32 /* CopyFiles */,
 				521646C11A8A7B380062516A /* CopyFiles */,
-				521646C21A8A7B3B0062516A /* CopyFiles */,
-				521646C31A8A7B3D0062516A /* CopyFiles */,
 				700F0C8B2A2FBEB400755BA7 /* CopyFiles */,
 				52B1344916F3C9E800C07B32 /* Sources */,
 			);
@@ -1976,8 +1494,6 @@
 				A4F3187B1BC58B1700FDF2BB /* Frameworks */,
 				A4F3187C1BC58B1700FDF2BB /* CopyFiles */,
 				A4F318861BC58B1700FDF2BB /* CopyFiles */,
-				A4F318B41BC58B1700FDF2BB /* CopyFiles */,
-				A4F318BE1BC58B1700FDF2BB /* CopyFiles */,
 				A4F3184F1BC58B1700FDF2BB /* Sources */,
 			);
 			buildRules = (
diff --git a/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md b/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
index e8c4ddf8..49ae2811 100644
--- a/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
+++ b/extra/wolfssl/wolfssl/IDE/XilinxSDK/README.md
@@ -70,7 +70,7 @@ This shows the necessary steps on the basis of using the VMK180 development boar
 2. Repeat the same steps of the previous step 3 for the newly created domain.
    - In the tree-view select "freertos10_xilinx" and then open the "kernel_behavior" sub-entry.
    - Change `minimal_stack_size` to `8000`, `tick_rate` to `1000` and `total_heap_size` to `8388608`. "Big chunk sizes" have not been tested under FreeRTOS.
-3. Repeat the same steps of the preivous steps 4 to 6, but with the `wolfCrypt_FreeRTOS_example` resp. `wolfCrypt_FreeRTOS_example_system`.
+3. Repeat the same steps of the previous steps 4 to 6, but with the `wolfCrypt_FreeRTOS_example` resp. `wolfCrypt_FreeRTOS_example_system`.
 
 
 ## Troubleshooting
diff --git a/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh b/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
index 944e4ca7..d903bdca 100755
--- a/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
+++ b/extra/wolfssl/wolfssl/IDE/XilinxSDK/graph.sh
@@ -66,7 +66,7 @@ aad_sizes["default"]="16 Bytes"
 
 # not pretty but works for me :)
 # CBC&GCM encryption is in software a lot faster than decryption,
-# therefor use the same Range on the Y-Axis to also have a visual indication.
+# therefore use the same Range on the Y-Axis to also have a visual indication.
 # This will break if something changes, so let the user override the value
 cbc_yrange="${cbc_yrange:=1400}"
 gcm_yrange="${gcm_yrange:=500}"
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore b/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore
new file mode 100644
index 00000000..de153db3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/.gitignore
@@ -0,0 +1 @@
+artifacts
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/README.md b/extra/wolfssl/wolfssl/IDE/apple-universal/README.md
new file mode 100644
index 00000000..7a4d38da
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/README.md
@@ -0,0 +1,92 @@
+# Overview
+This example shows how to build a wolfSSL static library for Apple targets on all architectures using GNU autotools/`configure` and demonstrates how to create a [universal binary framework]() suitable for use in an Xcode project. It also provides a demo Xcode project using the wolfSSL framework in a simple multiplatform app.
+
+The example was created using Xcode version 14.3.1.
+
+# Why?
+Configuring and building wolfSSL through the `configure` interface can be simpler and more user friendly than manually adding the wolfSSL source files to your project and customizing through `user_settings.h`. Building via `configure` also streamlines integration with other open-source projects that expect an installation directory, such as `cURL`'s `--with-wolfssl` option. Finally, some developer teams might prefer to build wolfSSL once with the desired settings and then distribute it as a library framework for app developers to use. Packaging wolfSSL as a framework makes it highly portable and allows for drag-and-drop integration into Xcode projects without needing to worry about compiling the library every time they build their app.
+
+However, if you do want to compile wolfSSL from source manually in your Xcode project using `user_settings.h`, see the example in [IDE/XCODE](https://github.com/wolfSSL/wolfssl/tree/master/IDE/XCODE).
+
+# Example overview
+This example consists of a build script and an Xcode example project. The build script generates a static library framework for all Apple targets. The Example project shows how to incorporate the framework into an Xcode project and wolfSSL framework in a simple application.
+
+## The build script
+`build-wolfssl-framework.sh` compiles wolfSSL as static library for all modern Apple platforms and simulators. This includes MacOS (`arm64`,`x86_64`), iPhone (`arm64`), iPhoneSimulator (`arm64`,`x86_64`), appleTV (`arm64`), appleTVSimulator (`arm64`,`x86_64`), appleWatch (`arm64`), and appleWatchSimulator (`arm64`,`x86_64`). The script compiles wolfSSL for each platform, creates universal binaries for platforms that support multiple architectures (macOS and simulators) using [lipo](https://developer.apple.com/documentation/apple-silicon/building-a-universal-macos-binary), then combines all the static libraries together into an `xcframework` that can be imported into Xcode. It is meant to be used as an example rather than a build tool, and chooses simplicity and readability over flexibility (no command line options). For an explanation of how the script cross compiles wolfSSL, see the [Technical Details](technical-details) section.
+
+To use the build script, you can run it without arguments to build a default configuration, or you can use the `-c` option to pass in a quoted string containing any additional flags to `configure` that you need. Note that `--enable-static --disable-shared` is always passed to `configure` by default. Consider the following usage example, with descriptions in the comments:
+
+```
+# default configuration
+./build-wolfssl-framework.sh
+
+# hardened configuration with curl support and FIPS-ready crypto
+./build-wolfssl-framework.sh -c "--enable-harden --enable-curl --enable-fips=ready"
+
+```
+
+## Example project
+`wolfssl-multiplatform` is an xcode project containing a simple swiftUI "hello world" app that has been modified to run the wolfCrypt tests and establish a TLS connection to `www.wolfssl.com` on startup. It also provides an example for basic Swift/C interoperability using a "bridging header". When the app launches, the swiftUI initialization handler calls a C test driver function, which is responsible for running the wolfSSL examples. An overview of the additional files is as follows:
+
+```
+.
+└── wolfssl-multiplatform
+    ├── wolfssl-multiplatform
+    │   ├── ContentView.swift # <-- boilerplate swiftUI modified to call wolfSSL test driver on UI init
+    │   ├── wolfssl_multiplatformApp.swift  # <-- basic swift hello world
+
+    │   ├── simple_client_example.c # <-- Simple TLS example that connects to wolfssl.com
+    │   ├── simple_client_example.h
+
+    │   ├── wolfssl-multiplatform-Bridging-Header.h # <-- "bridging header" that exposes wolfssl_test_driver app to swift
+    │   ├── wolfssl_test_driver.c # <-- test driver function that runs wolfCrypt tests then calls simple_client_example
+    │   └── wolfssl_test_driver.h
+```
+
+For a basic overview on how to call C code from Swift in an Xcode project, see this excellent blog post tutorial:
+- [https://rlaguilar.com/posts/integrate-c-library-ios-project-swift](https://rlaguilar.com/posts/integrate-c-library-ios-project-swift)
+
+More detailed information on swift/C interoperability can be found in the Apple swift language guide, as well as in the official swift documentation:
+- [https://developer.apple.com/documentation/swift/c-interoperability](https://developer.apple.com/documentation/swift/c-interoperability)
+- [https://www.swift.org/documentation/cxx-interop](https://www.swift.org/documentation/cxx-interop)
+
+## Adding the framework to an Xcode project
+In order to add the framework to any Xcode project, you can simply drag-and-drop the `artifacts/xcframework/libwolfssl.xcframework` directory into Xcode's project source navigator pane. This should automatically add it to the linked libraries for your application.
+
+# Technical Details
+
+## Cross compilation
+If you are developing on a macOS machine and want to compile wolfSSL to run on macOS, then you can simply use `configure` without further customisation. However, if you wish to build wolfSSL to run on a different Apple device, then you need to cross-compile wolfSSL. Thankfully, `configure` makes cross compilation relatively straightforward by using the `--host` argument to pass the "[target triple](https://wiki.osdev.org/Target_Triplet)" describing the platform of the system on which you wish the binary to run, as well as a few other options which will are described below. For more details on cross-compilation, please see the [GNU cross-compilation documentation](https://www.gnu.org/software/automake/manual/html_node/Cross_002dCompilation.html) and the [wolfSSL manual page on cross-compiling with configure](https://www.wolfssl.com/documentation/manuals/wolfssl/chapter02.html#building-with-configure-with-cross-compile). Note that `clang` is the default compiler on macOS (symlinked to `/usr/bin/gcc`) and natively supports cross compilation for all Apple devices without requiring you to download a separate compiler. This means you do not need to override the system `CC`/`AR`/`RANLIB` etc. when using configure.
+
+The generic `configure` invocation required to cross compile a static library for an Apple device is as follows:
+
+```
+./configure --disable-shared --enable-static \
+            --prefix=${INSTALL_DIR} \
+            --host=${HOST} \
+            CFLAGS="-arch ${ARCH} -isysroot ${SDK_ROOT}"
+
+```
+where the
+- `${INSTALL_DIR}` holds the path to the output directory for the wolfSSL install (which we will later include in the framework)
+- `--host=${HOST}` is the triple describing the platform. It should be set to `${ARCH}-apple-darwin` for all targets
+- `-arch ${ARCH}` is the CPU architecture of the platform. It should be `x86_64` for intel Macs and `arm64` for iPhone, appleTV, appleWatch, and Apple silicon Macs.
+- `-isysroot ${SDK_ROOT}` is the path to the new sysroot for the target platform of cross compilation, which is where the compiler should look for system headers and libraries (which are usually different for the target system than for the host system when cross compiling). You can use the Xcode command line tools to query the SDK root path for a given target by running `xcrun --sdk <target> --show-sdk-path`. To get a list of installed targets, run `xcodebuild -showsdks`.
+
+
+## Universal binaries
+Apple intoduced two technologies to facilitate packaging portable libraries: "universal binaries" and "frameworks".
+
+Universal binaries (a.k.a "fat" binaries) allow `elf` files targeting multiple CPU architectures to be combined into a single file (e.g. `x86_64` and `arm64`). These binaries are created using a tool called `lipo`. For more information on lipo and universal binaries, see [Creating Universal Binaries](https://developer.apple.com/documentation/apple-silicon/building-a-universal-macos-binary).
+
+## Frameworks
+In order to facilitate distribution binaries and dependencies, Apple introduced the concept of an `xcframework` bundle, which is a distribution format that allows developers to bundle binaries targeting multiple architectures together with their headers and other metadata. All builds of a library under all target platforms and architectures complete with their dependencies now can be packed ino one single bundle under the `.xcframework` extension.
+
+## Issues with the process
+Low-level programming in the Apple ecosystem is sparsely documented, and certain things that you think "should just work" don't. Here are a few issues we had with the process that need to be documented.
+
+1. Apps meant to run on a simulator require building for/linking against universal binaries containing architecture slices for both `x86_64` and `arm64`. Even if you have the correct architecture (e.g. compiling on `arm64` and targeting an `arm64` simulator host) Xcode will complain that you have compiled the binary for the wrong host if the elf file does not include an `x86_64` architecture slice. Therefore, `build-wolfssl-framework.sh` builds all libraries for simulator targets for both `x86_64` and `arm64` architectures and links them as universal binaries with `lipo`. Again, it DOES NOT MATTER if you are targeting the correct architecture with your cross-compilation, Xcode will not recognize the binary as targeting the correct architecture unless it contains both.
+
+2. Cross compiling for the **iOS simulator** with a min version specifier present (`-miphoneos-version-min`) requires the `-target ${ARCH}-apple-ios-simulator` compiler flag in order to build . It is unclear why this is required, as The GNU documentation claims that the `target` option is only required if cross-compiling a compiler to run on architecture X but emit code for architecture Y (known as a canadian cross-compilation scenario). Regardless, if you do not include a `-target` option, the build will generate a large number of warnings when linking against system libraries with messages like: `ld: warning: building for iOS, but linking in .tbd file (/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform/Developer/SDKs/iPhoneSimulator16.4.sdk/usr/lib/libnetwork.tbd) built for iOS Simulator`. It was thought that perhaps the host option should instead be `--host=${ARCH}-apple-ios-simulator` but this is not a valid option, and `configure` will fail with a different error: `checking host system type... Invalid configuration 'arm64-apple-ios-simulator': Kernel 'ios' not known to work with OS 'simulator`. If you do not specify a min iOS version, this is not required. Mysteriously, the other simulators (tvOS, watchOS) do not have this issue....
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh b/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh
new file mode 100755
index 00000000..a3ff12a6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/build-wolfssl-framework.sh
@@ -0,0 +1,110 @@
+#!/bin/bash
+
+# build-wolfssl-framework.sh
+#
+# Copyright (C) 2006-2023 wolfSSL Inc.
+#
+# This file is part of wolfSSL.
+#
+# wolfSSL is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# wolfSSL is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+
+set -euo pipefail
+
+WOLFSSL_DIR=$(pwd)/../../
+OUTDIR=$(pwd)/artifacts
+LIPODIR=${OUTDIR}/lib
+SDK_OUTPUT_DIR=${OUTDIR}/xcframework
+
+CFLAGS_COMMON=""
+# Base configure flags
+CONF_OPTS="--disable-shared --enable-static"
+
+helpFunction()
+{
+   echo ""
+   echo "Usage: $0 [-c <config flags>]"
+   echo -e "\t-c Extra flags to be passed to ./configure"
+   exit 1 # Exit script after printing help
+}
+
+# Parse command line arguments
+while getopts ":c:" opt; do
+  case $opt in
+    c)
+      CONF_OPTS+=" $OPTARG"
+      ;;
+    \?)
+      echo "Invalid option: -$OPTARG" >&2; helpFunction
+      ;;
+  esac
+done
+
+rm -rf $OUTDIR
+mkdir -p $LIPODIR
+mkdir -p $SDK_OUTPUT_DIR
+
+build() { # <ARCH=arm64|x86_64> <TYPE=iphonesimulator|iphoneos|macosx|watchos|watchsimulator|appletvos|appletvsimulator>
+    set -x
+    pushd .
+    cd $WOLFSSL_DIR
+
+    ARCH=$1
+    HOST="${ARCH}-apple-darwin"
+    TYPE=$2
+    SDK_ROOT=$(xcrun --sdk ${TYPE} --show-sdk-path)
+
+    ./configure -prefix=${OUTDIR}/wolfssl-${TYPE}-${ARCH} ${CONF_OPTS} --host=${HOST} \
+        CFLAGS="${CFLAGS_COMMON} -arch ${ARCH} -isysroot ${SDK_ROOT}"
+    make -j src/libwolfssl.la
+    make install
+
+    popd
+    set +x
+}
+
+XCFRAMEWORKS=
+for type in iphonesimulator macosx appletvsimulator watchsimulator ; do
+    build arm64 ${type}
+    build x86_64 ${type}
+
+    # Create universal binaries from architecture-specific static libraries
+    lipo \
+        "$OUTDIR/wolfssl-${type}-x86_64/lib/libwolfssl.a" \
+        "$OUTDIR/wolfssl-${type}-arm64/lib/libwolfssl.a" \
+        -create -output $LIPODIR/libwolfssl-${type}.a
+
+    echo "Checking libraries"
+    xcrun -sdk ${type} lipo -info $LIPODIR/libwolfssl-${type}.a
+    XCFRAMEWORKS+=" -library ${LIPODIR}/libwolfssl-${type}.a -headers ${OUTDIR}/wolfssl-${type}-arm64/include"
+done
+
+for type in iphoneos appletvos ; do
+    build arm64 ${type}
+
+    # Create universal binaries from architecture-specific static libraries
+    lipo \
+        "$OUTDIR/wolfssl-${type}-arm64/lib/libwolfssl.a" \
+        -create -output $LIPODIR/libwolfssl-${type}.a
+
+    echo "Checking libraries"
+    xcrun -sdk ${type} lipo -info $LIPODIR/libwolfssl-${type}.a
+    XCFRAMEWORKS+=" -library ${LIPODIR}/libwolfssl-${type}.a -headers ${OUTDIR}/wolfssl-${type}-arm64/include"
+done
+
+############################################################################################################################################
+#  ********** BUILD FRAMEWORK
+############################################################################################################################################
+
+xcodebuild -create-xcframework ${XCFRAMEWORKS} -output ${SDK_OUTPUT_DIR}/libwolfssl.xcframework
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/include.am b/extra/wolfssl/wolfssl/IDE/apple-universal/include.am
new file mode 100644
index 00000000..a275b073
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/include.am
@@ -0,0 +1,24 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST+= IDE/apple-universal/README.md
+EXTRA_DIST+= IDE/apple-universal/build-wolfssl-framework.sh
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
+EXTRA_DIST+= IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
+
+
+
+
+
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
new file mode 100644
index 00000000..2a20aa77
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform.xcodeproj/project.pbxproj
@@ -0,0 +1,403 @@
+// !$*UTF8*$!
+{
+	archiveVersion = 1;
+	classes = {
+	};
+	objectVersion = 56;
+	objects = {
+
+/* Begin PBXBuildFile section */
+		8BC456822A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */; };
+		8BC456842A5DCC3D008A4AF7 /* ContentView.swift in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456832A5DCC3D008A4AF7 /* ContentView.swift */; };
+		8BC456862A5DCC3F008A4AF7 /* Assets.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */; };
+		8BC456922A5DD04E008A4AF7 /* libwolfssl.xcframework in Frameworks */ = {isa = PBXBuildFile; fileRef = 8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */; };
+		8BC456972A5DD1F2008A4AF7 /* wolfssl_test_driver.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */; };
+		8BC456AB2A5DF7A6008A4AF7 /* test.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456AA2A5DF7A6008A4AF7 /* test.c */; settings = {COMPILER_FLAGS = "-DUSE_FLAT_TEST_H -DNO_MAIN_DRIVER -DNO_FILESYSTEM -DSINGLE_THREADED"; }; };
+		8BC456AE2A5DF7BA008A4AF7 /* benchmark.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */; settings = {COMPILER_FLAGS = "-DUSE_FLAT_BENCHMARK_H -DNO_MAIN_DRIVER -DSINGLE_THREADED"; }; };
+		8BC456F32A5F20C8008A4AF7 /* simple_client_example.c in Sources */ = {isa = PBXBuildFile; fileRef = 8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXFileReference section */
+		8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "wolfssl-multiplatform.app"; sourceTree = BUILT_PRODUCTS_DIR; };
+		8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = wolfssl_multiplatformApp.swift; sourceTree = "<group>"; };
+		8BC456832A5DCC3D008A4AF7 /* ContentView.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ContentView.swift; sourceTree = "<group>"; };
+		8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */ = {isa = PBXFileReference; lastKnownFileType = folder.assetcatalog; path = Assets.xcassets; sourceTree = "<group>"; };
+		8BC456872A5DCC3F008A4AF7 /* wolfssl_multiplatform.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; path = wolfssl_multiplatform.entitlements; sourceTree = "<group>"; };
+		8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.xcframework; name = libwolfssl.xcframework; path = ../artifacts/xcframework/libwolfssl.xcframework; sourceTree = "<group>"; };
+		8BC456942A5DD1F2008A4AF7 /* wolfssl-multiplatform-Bridging-Header.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = "wolfssl-multiplatform-Bridging-Header.h"; sourceTree = "<group>"; };
+		8BC456952A5DD1F2008A4AF7 /* wolfssl_test_driver.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = wolfssl_test_driver.h; sourceTree = "<group>"; };
+		8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.c; path = wolfssl_test_driver.c; sourceTree = "<group>"; };
+		8BC456A92A5DF7A6008A4AF7 /* test.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = test.h; path = ../../../../wolfcrypt/test/test.h; sourceTree = "<group>"; };
+		8BC456AA2A5DF7A6008A4AF7 /* test.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = test.c; path = ../../../../wolfcrypt/test/test.c; sourceTree = "<group>"; };
+		8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = benchmark.c; path = ../../../../wolfcrypt/benchmark/benchmark.c; sourceTree = "<group>"; };
+		8BC456AD2A5DF7BA008A4AF7 /* benchmark.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = benchmark.h; path = ../../../../wolfcrypt/benchmark/benchmark.h; sourceTree = "<group>"; };
+		8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = simple_client_example.c; sourceTree = "<group>"; };
+		8BC456F22A5F20C8008A4AF7 /* simple_client_example.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = simple_client_example.h; sourceTree = "<group>"; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+		8BC4567B2A5DCC3D008A4AF7 /* Frameworks */ = {
+			isa = PBXFrameworksBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				8BC456922A5DD04E008A4AF7 /* libwolfssl.xcframework in Frameworks */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+		8BC456752A5DCC3D008A4AF7 = {
+			isa = PBXGroup;
+			children = (
+				8BC456802A5DCC3D008A4AF7 /* wolfssl-multiplatform */,
+				8BC4567F2A5DCC3D008A4AF7 /* Products */,
+				8BC456902A5DD04E008A4AF7 /* Frameworks */,
+			);
+			sourceTree = "<group>";
+		};
+		8BC4567F2A5DCC3D008A4AF7 /* Products */ = {
+			isa = PBXGroup;
+			children = (
+				8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */,
+			);
+			name = Products;
+			sourceTree = "<group>";
+		};
+		8BC456802A5DCC3D008A4AF7 /* wolfssl-multiplatform */ = {
+			isa = PBXGroup;
+			children = (
+				8BC456A82A5DF787008A4AF7 /* wolfssl-test-apps */,
+				8BC456812A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift */,
+				8BC456832A5DCC3D008A4AF7 /* ContentView.swift */,
+				8BC456852A5DCC3F008A4AF7 /* Assets.xcassets */,
+				8BC456872A5DCC3F008A4AF7 /* wolfssl_multiplatform.entitlements */,
+				8BC456952A5DD1F2008A4AF7 /* wolfssl_test_driver.h */,
+				8BC456962A5DD1F2008A4AF7 /* wolfssl_test_driver.c */,
+				8BC456942A5DD1F2008A4AF7 /* wolfssl-multiplatform-Bridging-Header.h */,
+			);
+			path = "wolfssl-multiplatform";
+			sourceTree = "<group>";
+		};
+		8BC456902A5DD04E008A4AF7 /* Frameworks */ = {
+			isa = PBXGroup;
+			children = (
+				8BC456912A5DD04E008A4AF7 /* libwolfssl.xcframework */,
+			);
+			name = Frameworks;
+			sourceTree = "<group>";
+		};
+		8BC456A82A5DF787008A4AF7 /* wolfssl-test-apps */ = {
+			isa = PBXGroup;
+			children = (
+				8BC456F12A5F20C8008A4AF7 /* simple_client_example.c */,
+				8BC456F22A5F20C8008A4AF7 /* simple_client_example.h */,
+				8BC456AC2A5DF7BA008A4AF7 /* benchmark.c */,
+				8BC456AD2A5DF7BA008A4AF7 /* benchmark.h */,
+				8BC456AA2A5DF7A6008A4AF7 /* test.c */,
+				8BC456A92A5DF7A6008A4AF7 /* test.h */,
+			);
+			name = "wolfssl-test-apps";
+			sourceTree = "<group>";
+		};
+/* End PBXGroup section */
+
+/* Begin PBXNativeTarget section */
+		8BC4567D2A5DCC3D008A4AF7 /* wolfssl-multiplatform */ = {
+			isa = PBXNativeTarget;
+			buildConfigurationList = 8BC4568D2A5DCC3F008A4AF7 /* Build configuration list for PBXNativeTarget "wolfssl-multiplatform" */;
+			buildPhases = (
+				8BC4567A2A5DCC3D008A4AF7 /* Sources */,
+				8BC4567B2A5DCC3D008A4AF7 /* Frameworks */,
+				8BC4567C2A5DCC3D008A4AF7 /* Resources */,
+			);
+			buildRules = (
+			);
+			dependencies = (
+			);
+			name = "wolfssl-multiplatform";
+			productName = "wolfssl-multiplatform";
+			productReference = 8BC4567E2A5DCC3D008A4AF7 /* wolfssl-multiplatform.app */;
+			productType = "com.apple.product-type.application";
+		};
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+		8BC456762A5DCC3D008A4AF7 /* Project object */ = {
+			isa = PBXProject;
+			attributes = {
+				BuildIndependentTargetsInParallel = 1;
+				LastSwiftUpdateCheck = 1430;
+				LastUpgradeCheck = 1430;
+				TargetAttributes = {
+					8BC4567D2A5DCC3D008A4AF7 = {
+						CreatedOnToolsVersion = 14.3.1;
+						LastSwiftMigration = 1430;
+					};
+				};
+			};
+			buildConfigurationList = 8BC456792A5DCC3D008A4AF7 /* Build configuration list for PBXProject "wolfssl-multiplatform" */;
+			compatibilityVersion = "Xcode 14.0";
+			developmentRegion = en;
+			hasScannedForEncodings = 0;
+			knownRegions = (
+				en,
+				Base,
+			);
+			mainGroup = 8BC456752A5DCC3D008A4AF7;
+			productRefGroup = 8BC4567F2A5DCC3D008A4AF7 /* Products */;
+			projectDirPath = "";
+			projectRoot = "";
+			targets = (
+				8BC4567D2A5DCC3D008A4AF7 /* wolfssl-multiplatform */,
+			);
+		};
+/* End PBXProject section */
+
+/* Begin PBXResourcesBuildPhase section */
+		8BC4567C2A5DCC3D008A4AF7 /* Resources */ = {
+			isa = PBXResourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				8BC456862A5DCC3F008A4AF7 /* Assets.xcassets in Resources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXResourcesBuildPhase section */
+
+/* Begin PBXSourcesBuildPhase section */
+		8BC4567A2A5DCC3D008A4AF7 /* Sources */ = {
+			isa = PBXSourcesBuildPhase;
+			buildActionMask = 2147483647;
+			files = (
+				8BC456972A5DD1F2008A4AF7 /* wolfssl_test_driver.c in Sources */,
+				8BC456842A5DCC3D008A4AF7 /* ContentView.swift in Sources */,
+				8BC456F32A5F20C8008A4AF7 /* simple_client_example.c in Sources */,
+				8BC456822A5DCC3D008A4AF7 /* wolfssl_multiplatformApp.swift in Sources */,
+				8BC456AB2A5DF7A6008A4AF7 /* test.c in Sources */,
+				8BC456AE2A5DF7BA008A4AF7 /* benchmark.c in Sources */,
+			);
+			runOnlyForDeploymentPostprocessing = 0;
+		};
+/* End PBXSourcesBuildPhase section */
+
+/* Begin XCBuildConfiguration section */
+		8BC4568B2A5DCC3F008A4AF7 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_ANALYZER_NONNULL = YES;
+				CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
+				CLANG_ENABLE_MODULES = YES;
+				CLANG_ENABLE_OBJC_ARC = YES;
+				CLANG_ENABLE_OBJC_WEAK = YES;
+				CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
+				CLANG_WARN_BOOL_CONVERSION = YES;
+				CLANG_WARN_COMMA = YES;
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
+				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
+				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INFINITE_RECURSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
+				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
+				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
+				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
+				CLANG_WARN_STRICT_PROTOTYPES = YES;
+				CLANG_WARN_SUSPICIOUS_MOVE = YES;
+				CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
+				CLANG_WARN_UNREACHABLE_CODE = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = NO;
+				DEBUG_INFORMATION_FORMAT = dwarf;
+				ENABLE_STRICT_OBJC_MSGSEND = YES;
+				ENABLE_TESTABILITY = YES;
+				GCC_C_LANGUAGE_STANDARD = gnu11;
+				GCC_DYNAMIC_NO_PIC = NO;
+				GCC_NO_COMMON_BLOCKS = YES;
+				GCC_OPTIMIZATION_LEVEL = 0;
+				GCC_PREPROCESSOR_DEFINITIONS = (
+					"DEBUG=1",
+					"$(inherited)",
+				);
+				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
+				GCC_WARN_UNDECLARED_SELECTOR = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
+				GCC_WARN_UNUSED_FUNCTION = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				MTL_ENABLE_DEBUG_INFO = INCLUDE_SOURCE;
+				MTL_FAST_MATH = YES;
+				ONLY_ACTIVE_ARCH = YES;
+				SWIFT_ACTIVE_COMPILATION_CONDITIONS = DEBUG;
+				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
+			};
+			name = Debug;
+		};
+		8BC4568C2A5DCC3F008A4AF7 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ALWAYS_SEARCH_USER_PATHS = NO;
+				CLANG_ANALYZER_NONNULL = YES;
+				CLANG_ANALYZER_NUMBER_OBJECT_CONVERSION = YES_AGGRESSIVE;
+				CLANG_CXX_LANGUAGE_STANDARD = "gnu++20";
+				CLANG_ENABLE_MODULES = YES;
+				CLANG_ENABLE_OBJC_ARC = YES;
+				CLANG_ENABLE_OBJC_WEAK = YES;
+				CLANG_WARN_BLOCK_CAPTURE_AUTORELEASING = YES;
+				CLANG_WARN_BOOL_CONVERSION = YES;
+				CLANG_WARN_COMMA = YES;
+				CLANG_WARN_CONSTANT_CONVERSION = YES;
+				CLANG_WARN_DEPRECATED_OBJC_IMPLEMENTATIONS = YES;
+				CLANG_WARN_DIRECT_OBJC_ISA_USAGE = YES_ERROR;
+				CLANG_WARN_DOCUMENTATION_COMMENTS = YES;
+				CLANG_WARN_EMPTY_BODY = YES;
+				CLANG_WARN_ENUM_CONVERSION = YES;
+				CLANG_WARN_INFINITE_RECURSION = YES;
+				CLANG_WARN_INT_CONVERSION = YES;
+				CLANG_WARN_NON_LITERAL_NULL_CONVERSION = YES;
+				CLANG_WARN_OBJC_IMPLICIT_RETAIN_SELF = YES;
+				CLANG_WARN_OBJC_LITERAL_CONVERSION = YES;
+				CLANG_WARN_OBJC_ROOT_CLASS = YES_ERROR;
+				CLANG_WARN_QUOTED_INCLUDE_IN_FRAMEWORK_HEADER = YES;
+				CLANG_WARN_RANGE_LOOP_ANALYSIS = YES;
+				CLANG_WARN_STRICT_PROTOTYPES = YES;
+				CLANG_WARN_SUSPICIOUS_MOVE = YES;
+				CLANG_WARN_UNGUARDED_AVAILABILITY = YES_AGGRESSIVE;
+				CLANG_WARN_UNREACHABLE_CODE = YES;
+				CLANG_WARN__DUPLICATE_METHOD_MATCH = YES;
+				COPY_PHASE_STRIP = NO;
+				DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym";
+				ENABLE_NS_ASSERTIONS = NO;
+				ENABLE_STRICT_OBJC_MSGSEND = YES;
+				GCC_C_LANGUAGE_STANDARD = gnu11;
+				GCC_NO_COMMON_BLOCKS = YES;
+				GCC_WARN_64_TO_32_BIT_CONVERSION = YES;
+				GCC_WARN_ABOUT_RETURN_TYPE = YES_ERROR;
+				GCC_WARN_UNDECLARED_SELECTOR = YES;
+				GCC_WARN_UNINITIALIZED_AUTOS = YES_AGGRESSIVE;
+				GCC_WARN_UNUSED_FUNCTION = YES;
+				GCC_WARN_UNUSED_VARIABLE = YES;
+				MTL_ENABLE_DEBUG_INFO = NO;
+				MTL_FAST_MATH = YES;
+				SWIFT_COMPILATION_MODE = wholemodule;
+				SWIFT_OPTIMIZATION_LEVEL = "-O";
+			};
+			name = Release;
+		};
+		8BC4568E2A5DCC3F008A4AF7 /* Debug */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
+				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_ENTITLEMENTS = "wolfssl-multiplatform/wolfssl_multiplatform.entitlements";
+				CODE_SIGN_STYLE = Automatic;
+				CURRENT_PROJECT_VERSION = 1;
+				DEVELOPMENT_ASSET_PATHS = "";
+				ENABLE_PREVIEWS = NO;
+				GCC_PREPROCESSOR_DEFINITIONS = "CERT_PATH=\\\"$PROJECT_DIR/../../../certs/wolfssl-website-ca.pem\\\"";
+				GENERATE_INFOPLIST_FILE = YES;
+				"INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UIStatusBarStyle[sdk=iphoneos*]" = UIStatusBarStyleDefault;
+				"INFOPLIST_KEY_UIStatusBarStyle[sdk=iphonesimulator*]" = UIStatusBarStyleDefault;
+				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+				IPHONEOS_DEPLOYMENT_TARGET = 16.4;
+				LD_RUNPATH_SEARCH_PATHS = "@executable_path/Frameworks";
+				"LD_RUNPATH_SEARCH_PATHS[sdk=macosx*]" = "@executable_path/../Frameworks";
+				MACOSX_DEPLOYMENT_TARGET = 13.3;
+				MARKETING_VERSION = 1.0;
+				OTHER_CFLAGS = "";
+				PRODUCT_BUNDLE_IDENTIFIER = "wolfSSL.wolfssl-multiplatform";
+				PRODUCT_NAME = "$(TARGET_NAME)";
+				SDKROOT = auto;
+				SUPPORTED_PLATFORMS = "appletvos appletvsimulator iphoneos iphonesimulator macosx";
+				SUPPORTS_MACCATALYST = NO;
+				SUPPORTS_MAC_DESIGNED_FOR_IPHONE_IPAD = NO;
+				SWIFT_EMIT_LOC_STRINGS = YES;
+				SWIFT_OBJC_BRIDGING_HEADER = "wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h";
+				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
+				SWIFT_VERSION = 5.0;
+				TARGETED_DEVICE_FAMILY = "1,2,3";
+			};
+			name = Debug;
+		};
+		8BC4568F2A5DCC3F008A4AF7 /* Release */ = {
+			isa = XCBuildConfiguration;
+			buildSettings = {
+				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
+				ASSETCATALOG_COMPILER_GLOBAL_ACCENT_COLOR_NAME = AccentColor;
+				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_ENTITLEMENTS = "wolfssl-multiplatform/wolfssl_multiplatform.entitlements";
+				CODE_SIGN_STYLE = Automatic;
+				CURRENT_PROJECT_VERSION = 1;
+				DEVELOPMENT_ASSET_PATHS = "";
+				ENABLE_PREVIEWS = NO;
+				GCC_PREPROCESSOR_DEFINITIONS = "CERT_PATH=\\\"$PROJECT_DIR/../../../certs/wolfssl-website-ca.pem\\\"";
+				GENERATE_INFOPLIST_FILE = YES;
+				"INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSceneManifest_Generation[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UIApplicationSupportsIndirectInputEvents[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphoneos*]" = YES;
+				"INFOPLIST_KEY_UILaunchScreen_Generation[sdk=iphonesimulator*]" = YES;
+				"INFOPLIST_KEY_UIStatusBarStyle[sdk=iphoneos*]" = UIStatusBarStyleDefault;
+				"INFOPLIST_KEY_UIStatusBarStyle[sdk=iphonesimulator*]" = UIStatusBarStyleDefault;
+				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPad = "UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+				INFOPLIST_KEY_UISupportedInterfaceOrientations_iPhone = "UIInterfaceOrientationPortrait UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight";
+				IPHONEOS_DEPLOYMENT_TARGET = 16.4;
+				LD_RUNPATH_SEARCH_PATHS = "@executable_path/Frameworks";
+				"LD_RUNPATH_SEARCH_PATHS[sdk=macosx*]" = "@executable_path/../Frameworks";
+				MACOSX_DEPLOYMENT_TARGET = 13.3;
+				MARKETING_VERSION = 1.0;
+				OTHER_CFLAGS = "";
+				PRODUCT_BUNDLE_IDENTIFIER = "wolfSSL.wolfssl-multiplatform";
+				PRODUCT_NAME = "$(TARGET_NAME)";
+				SDKROOT = auto;
+				SUPPORTED_PLATFORMS = "appletvos appletvsimulator iphoneos iphonesimulator macosx";
+				SUPPORTS_MACCATALYST = NO;
+				SUPPORTS_MAC_DESIGNED_FOR_IPHONE_IPAD = NO;
+				SWIFT_EMIT_LOC_STRINGS = YES;
+				SWIFT_OBJC_BRIDGING_HEADER = "wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h";
+				SWIFT_VERSION = 5.0;
+				TARGETED_DEVICE_FAMILY = "1,2,3";
+			};
+			name = Release;
+		};
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+		8BC456792A5DCC3D008A4AF7 /* Build configuration list for PBXProject "wolfssl-multiplatform" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				8BC4568B2A5DCC3F008A4AF7 /* Debug */,
+				8BC4568C2A5DCC3F008A4AF7 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+		8BC4568D2A5DCC3F008A4AF7 /* Build configuration list for PBXNativeTarget "wolfssl-multiplatform" */ = {
+			isa = XCConfigurationList;
+			buildConfigurations = (
+				8BC4568E2A5DCC3F008A4AF7 /* Debug */,
+				8BC4568F2A5DCC3F008A4AF7 /* Release */,
+			);
+			defaultConfigurationIsVisible = 0;
+			defaultConfigurationName = Release;
+		};
+/* End XCConfigurationList section */
+	};
+	rootObject = 8BC456762A5DCC3D008A4AF7 /* Project object */;
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
new file mode 100644
index 00000000..eb878970
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AccentColor.colorset/Contents.json
@@ -0,0 +1,11 @@
+{
+  "colors" : [
+    {
+      "idiom" : "universal"
+    }
+  ],
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
new file mode 100644
index 00000000..532cd729
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/AppIcon.appiconset/Contents.json
@@ -0,0 +1,63 @@
+{
+  "images" : [
+    {
+      "idiom" : "universal",
+      "platform" : "ios",
+      "size" : "1024x1024"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "1x",
+      "size" : "16x16"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "2x",
+      "size" : "16x16"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "1x",
+      "size" : "32x32"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "2x",
+      "size" : "32x32"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "1x",
+      "size" : "128x128"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "2x",
+      "size" : "128x128"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "1x",
+      "size" : "256x256"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "2x",
+      "size" : "256x256"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "1x",
+      "size" : "512x512"
+    },
+    {
+      "idiom" : "mac",
+      "scale" : "2x",
+      "size" : "512x512"
+    }
+  ],
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
new file mode 100644
index 00000000..73c00596
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/Assets.xcassets/Contents.json
@@ -0,0 +1,6 @@
+{
+  "info" : {
+    "author" : "xcode",
+    "version" : 1
+  }
+}
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/arc4.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
index c30f0b64..6e452c50 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/arc4.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/ContentView.swift
@@ -1,4 +1,4 @@
-/* arc4.h
+/* ContentView.swift
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,18 +19,29 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+import SwiftUI
 
-#ifndef CTAO_CRYPT_ARC4_H
-#define CTAO_CRYPT_ARC4_H
-
-/* for arc4 reverse compatibility */
-#ifndef NO_RC4
-#include <wolfssl/wolfcrypt/arc4.h>
-    #define Arc4Process wc_Arc4Process
-    #define Arc4SetKey wc_Arc4SetKey
-    #define Arc4AsyncInit wc_Arc4AsyncInit
-    #define Arc4AsyncFree wc_Arc4AsyncFree
-#endif
-
-#endif /* CTAO_CRYPT_ARC4_H */
+struct ContentView: View {
+    
+    /* Call our test function in the initialization of the view */
+    init() {
+        wolfssl_test();
+    }
+    
+    
+    var body: some View {
+        VStack {
+            Image(systemName: "globe")
+                .imageScale(.large)
+                .foregroundColor(.accentColor)
+            Text("Hello, world!")
+        }
+        .padding()
+    }
+}
 
+struct ContentView_Previews: PreviewProvider {
+    static var previews: some View {
+        ContentView()
+    }
+}
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
new file mode 100644
index 00000000..b18d058d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.c
@@ -0,0 +1,149 @@
+/* simple_client_example.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "simple_client_example.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+
+#define SERVER_HOST "www.wolfssl.com"
+#define SERVER_PORT "443"
+
+int simple_client_example(void)
+{
+    WOLFSSL_CTX* ctx;
+    WOLFSSL* ssl;
+    int sockfd, ret;
+    
+    /* Resolve the server address */
+    struct addrinfo hints, *server_addr;
+    memset(&hints, 0, sizeof(hints));
+    hints.ai_family = AF_UNSPEC;
+    hints.ai_socktype = SOCK_STREAM;
+
+    ret = getaddrinfo(SERVER_HOST, SERVER_PORT, &hints, &server_addr);
+    if (ret != 0) {
+        printf("Failed to resolve server address: %s\n", gai_strerror(ret));
+        return 1;
+    }
+
+    /* Create a TCP socket */
+    sockfd = socket(server_addr->ai_family,
+                    server_addr->ai_socktype,
+                    server_addr->ai_protocol);
+    if (sockfd == -1) {
+        perror("Failed to create socket");
+        freeaddrinfo(server_addr);
+        return 1;
+    }
+
+    /* Connect to the server */
+    ret = connect(sockfd, server_addr->ai_addr, server_addr->ai_addrlen);
+    if (ret == -1) {
+        perror("Failed to connect to server");
+        freeaddrinfo(server_addr);
+        close(sockfd);
+        return 1;
+    }
+
+    freeaddrinfo(server_addr);
+
+    /* Initialize wolfSSL library */
+    wolfSSL_Init();
+
+    /* Create a new SSL context */
+    ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
+    if (ctx == NULL) {
+        printf("Unable to create SSL context.\n");
+        close(sockfd);
+        return 1;
+    }
+    
+    /* Load CA certificate into WOLFSSL_CTX
+     * NOTE: CERT_PATH macro is set relative to Xcode $(PROJECT_DIR) environment
+     * variable in the preprocessor macros section of the project build settings
+     * to avoid hardcoding a path in the source code. The CA cert is located at
+     * wolfssl/certs/wolfssl-website-ca.pem. */
+    ret = wolfSSL_CTX_load_verify_locations(ctx, CERT_PATH, NULL);
+    if (ret != WOLFSSL_SUCCESS) {
+        printf("ERROR: failed to load %s, please check the file.\n", CERT_PATH);
+        wolfSSL_CTX_free(ctx);
+        close(sockfd);
+        return 1;
+    }
+
+    /* Create a new SSL object */
+    ssl = wolfSSL_new(ctx);
+    if (ssl == NULL) {
+        printf("Unable to create SSL object.\n");
+        wolfSSL_CTX_free(ctx);
+        close(sockfd);
+        return 1;
+    }
+
+    /* Attach the SSL object to the socket file descriptor */
+    wolfSSL_set_fd(ssl, sockfd);
+
+    /* Perform the SSL handshake */
+    ret = wolfSSL_connect(ssl);
+    if (ret != SSL_SUCCESS) {
+        printf("SSL connection failed: %d\n", wolfSSL_get_error(ssl, ret));
+        wolfSSL_free(ssl);
+        wolfSSL_CTX_free(ctx);
+        close(sockfd);
+        return 1;
+    }
+
+    /* Send an HTTP request */
+    const char* request = "GET / HTTP/1.1\r\nHost: www.wolfssl.com\r\n\r\n";
+    ret = wolfSSL_write(ssl, request, (int)strlen(request));
+    if (ret < 0) {
+        printf("Failed to send HTTP request.\n");
+    }
+
+    /* Receive and print the server's response */
+    char buffer[1024];
+    ret = wolfSSL_read(ssl, buffer, sizeof(buffer) - 1);
+    if (ret > 0) {
+        buffer[ret] = '\0';
+        printf("Received %d bytes:\n%s\n", ret, buffer);
+    } else {
+        printf("Failed to receive server response.\n");
+    }
+
+    /* Clean up and close the connection */
+    wolfSSL_shutdown(ssl);
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    close(sockfd);
+
+    return 0;
+}
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/misc.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
index 918c8c04..ce889582 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/misc.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/simple_client_example.h
@@ -1,4 +1,4 @@
-/* misc.h
+/* simple_client_example.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,12 +19,9 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifndef simple_client_example_h
+#define simple_client_example_h
 
+int simple_client_example(void);
 
-#ifndef CTAO_CRYPT_MISC_H
-#define CTAO_CRYPT_MISC_H
-
-#include <wolfssl/wolfcrypt/misc.h>
-
-#endif /* CTAO_CRYPT_MISC_H */
-
+#endif /* simple_client_example_h */
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ssl.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
index 8a52cd5d..f232f13b 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ssl.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl-multiplatform-Bridging-Header.h
@@ -1,4 +1,4 @@
-/* ssl.h
+/* wolfssl-multiplatform-Bridging-Header.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,16 +19,8 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
-
-
-/*  ssl.h defines openssl compatibility layer
- *
+/*
+ * Use this file to import your target's public headers that you would like to
+ * expose to Swift.
  */
-#ifndef CYASSL_OPENSSL_H_
-#define CYASSL_OPENSSL_H_
-
-#include <cyassl/ssl.h>
-#include <wolfssl/openssl/ssl.h>
-
-#endif
-
+#import "wolfssl_test_driver.h"
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
new file mode 100644
index 00000000..997a18c9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatform.entitlements
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>com.apple.security.app-sandbox</key>
+	<false/>
+	<key>com.apple.security.files.user-selected.read-only</key>
+	<true/>
+	<key>com.apple.security.network.client</key>
+	<true/>
+	<key>com.apple.security.network.server</key>
+	<true/>
+</dict>
+</plist>
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dsa.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
index a64a7eb4..acf2a03a 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dsa.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_multiplatformApp.swift
@@ -1,4 +1,4 @@
-/* dsa.h
+/* wolfssl_multiplatformApp.swift
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,15 +19,14 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+import SwiftUI
 
-
-#ifndef NO_DSA
-
-#ifndef CTAO_CRYPT_DSA_H
-#define CTAO_CRYPT_DSA_H
-
-#include <wolfssl/wolfcrypt/dsa.h>
-
-#endif /* CTAO_CRYPT_DSA_H */
-#endif /* NO_DSA */
+@main
+struct wolfssl_multiplatformApp: App {
+    var body: some Scene {
+        WindowGroup {
+            ContentView()
+        }
+    }
+}
 
diff --git a/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
new file mode 100644
index 00000000..50655c83
--- /dev/null
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.c
@@ -0,0 +1,62 @@
+/* wolfssl_test_driver.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include "wolfssl_test_driver.h"
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+
+#include "test.h"
+#include "benchmark.h"
+#include "simple_client_example.h"
+
+typedef struct test_func_args {
+    int argc;
+    char** argv;
+    int return_code;
+} test_func_args;
+
+
+
+void wolfssl_test(void)
+{
+    int ret;
+    test_func_args args = {0};
+    
+#ifdef WC_RNG_SEED_CB
+    wc_SetSeed_Cb(wc_GenerateSeed);
+#endif
+    
+    printf("Run wolfCrypt Test:\n");
+    ret = wolfcrypt_test(&args);
+    printf("\nResult of wolfcrypt_test() = %d\n\n", ret);
+    
+    printf("Run wolfCrypt Benchmark:\n");
+    ret = benchmark_test(&args);
+    printf("\nResult of benchmark_test() = %d\n\n", ret);
+    
+    printf("Run simple client test:\n");
+    ret = simple_client_example();
+    printf("\nResult of simple_client_test() = %d\n\n", ret);
+    
+}
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/coding.h b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
index 3536fba4..a3104e64 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/coding.h
+++ b/extra/wolfssl/wolfssl/IDE/apple-universal/wolfssl-multiplatform/wolfssl-multiplatform/wolfssl_test_driver.h
@@ -1,4 +1,4 @@
-/* coding.h
+/* wolfssl_test_driver.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,12 +19,9 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifndef wolfssl_test_driver_h
+#define wolfssl_test_driver_h
 
+void wolfssl_test(void);
 
-#ifndef CTAO_CRYPT_CODING_H
-#define CTAO_CRYPT_CODING_H
-
-#include <wolfssl/wolfcrypt/coding.h>
-
-#endif /* CTAO_CRYPT_CODING_H */
-
+#endif /* wolfssl_test_driver_h */
diff --git a/extra/wolfssl/wolfssl/IDE/include.am b/extra/wolfssl/wolfssl/IDE/include.am
index 379400d7..4f84b43f 100644
--- a/extra/wolfssl/wolfssl/IDE/include.am
+++ b/extra/wolfssl/wolfssl/IDE/include.am
@@ -35,6 +35,7 @@ include IDE/Renesas/e2studio/RX65N/GR-ROSE/include.am
 include IDE/Renesas/e2studio/RX72N/EnvisionKit/include.am
 include IDE/Renesas/e2studio/RX65N/RSK/include.am
 include IDE/Renesas/e2studio/RA6M4/include.am
+include IDE/Renesas/e2studio/RZN2L/include.am
 include IDE/WICED-STUDIO/include.am
 include IDE/CRYPTOCELL/include.am
 include IDE/M68K/include.am
@@ -53,6 +54,9 @@ include IDE/AURIX/include.am
 include IDE/MCUEXPRESSO/include.am
 include IDE/Espressif/include.am
 include IDE/STARCORE/include.am
+include IDE/MDK5-ARM/include.am
+include IDE/SimplicityStudio/include.am
+include IDE/apple-universal/include.am
 
-EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MDK5-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif
+EXTRA_DIST+= IDE/IAR-EWARM IDE/MDK-ARM IDE/MYSQL IDE/LPCXPRESSO IDE/HEXIWEAR IDE/Espressif
 EXTRA_DIST+= IDE/OPENSTM32/README.md
diff --git a/extra/wolfssl/wolfssl/INSTALL b/extra/wolfssl/wolfssl/INSTALL
index 2f54ac18..d4034323 100644
--- a/extra/wolfssl/wolfssl/INSTALL
+++ b/extra/wolfssl/wolfssl/INSTALL
@@ -110,6 +110,53 @@
 
        To build with debugging use: `cmake .. -DCMAKE_BUILD_TYPE=Debug`.
 
+    In the simplest form:
+
+    # create a root directory for wolfssl repo
+    git clone https://github.com/wolfSSL/wolfssl.git
+    cd wolfssl
+
+
+    # From the root of the wolfSSL repo:
+
+    mkdir -p out
+    pushd out
+    cmake ..
+    cmake --build .
+
+    # View the available ciphers with:
+    ./examples/client/client -e
+    popd
+
+
+    ARIA Cipher Suite.
+
+    The ARIA cipher needs a 3rd party source binary, typically called
+    `MagicCrypto.tar.gz`.
+
+    The MagicCrypto files can be either copied to the local `wolfssl` directory,
+    or an environment variable `ARIA_DIR` can be set to point to the location.
+
+    Simply having the environment variable or local `MagicCrypto` directory
+    will not automatically enable the ARIA Ciphers.
+
+    To enable ARIA Ciphers in wolfSSL for `CMake`:
+
+    # From the root of the wolfSSL repo:
+
+    # set to your path
+    export ARIA_DIR=~/workspace/MagicCrypto
+
+    mkdir -p out
+    pushd out
+    cmake .. -DWOLFSSL_ARIA=yes
+    cmake --build .
+
+    # View the available ciphers with:
+    ./examples/client/client -e
+    popd
+
+
     Windows (Visual Studio)
     ---
     1) Go to this page, download the appropriate Windows installer, and install
@@ -132,7 +179,7 @@
     Windows (command line)
     ---
     1) Open Command Prompt
-    2) Run the Visual Studio batch to setup command line variables, e.g. C:\Program Files (x86)\Microsoft Visual   
+    2) Run the Visual Studio batch to setup command line variables, e.g. C:\Program Files (x86)\Microsoft Visual
        Studio\2017\Community\VC\Auxiliary\Build\vcvars64.bat
     3) Follow steps in "Unix-based Platforms" above.
 
@@ -150,7 +197,7 @@
     $ cd ~/oqs
     $ git clone --single-branch https://github.com/open-quantum-safe/liboqs.git
     $ cd liboqs/
-    $ git checkout af76ca3b1f2fbc1f4f0967595f3bb07692fb3d82
+    $ git checkout 0.8.0
     $ mkdir build
     $ cd build
     $ cmake -DOQS_USE_OPENSSL=0 ..
@@ -254,3 +301,130 @@
 The wolfssl port in vcpkg is kept up to date by wolfSSL.
 
 We also have vcpkg ports for wolftpm, wolfmqtt and curl.
+
+17. Building with hash-sigs lib for LMS/HSS support [EXPERIMENTAL]
+
+    Using LMS/HSS requires that the hash-sigs lib has been built on
+    your system. We support hash-sigs lib at this git commit:
+      b0631b8891295bf2929e68761205337b7c031726
+    At the time of writing this, this is the HEAD of the master
+    branch of the hash-sigs project.
+
+    Currently the hash-sigs project only builds static libraries:
+      - hss_verify.a: a single-threaded verify-only static lib.
+      - hss_lib.a: a single-threaded static lib.
+      - hss_lib_thread.a: a multi-threaded static lib.
+
+    The multi-threaded version will mainly have speedups for key
+    generation and signing.
+
+    The default LMS build (--enable-lms) will look for
+    hss_lib.a first, and hss_lib_thread.a second, in a specified
+    hash-sigs dir.
+
+    The LMS verify-only build (--enable-lms=verify-only) will look
+    for hss_verify.a only, which is a slimmer library that includes
+    only the minimal functions necessary for signature verification.
+
+    How to get and build the hash-sigs library:
+      $ mkdir ~/hash_sigs
+      $ cd ~/hash_sigs
+      $ git clone https://github.com/cisco/hash-sigs.git src
+      $ cd src
+      $ git checkout b0631b8891295bf2929e68761205337b7c031726
+
+    In sha256.h, set USE_OPENSSL to 0:
+      #define USE_OPENSSL 0
+
+    To build the single-threaded version:
+      $ make hss_lib.a
+      $ ls *.a
+      hss_lib.a
+
+    To build multi-threaded:
+      $ make hss_lib_thread.a
+      $ ls *.a
+      hss_lib_thread.a
+
+    To build verify-only:
+      $ make hss_verify.a
+      $ ls *.a
+      hss_verify.a
+
+    Build wolfSSL with
+    $ ./configure \
+        --enable-static \
+        --disable-shared \
+        --enable-lms \
+        --with-liblms=<path to dir containing hss_lib.a or hss_lib_thread.a>
+    $ make
+
+    Run the benchmark against LMS/HSS with:
+    $ ./wolfcrypt/benchmark/benchmark -lms_hss
+
+18. Building for Debian, Ubuntu, Linux Mint, and derivatives
+
+    To generate a .deb package, configure wolfSSL with the desired
+    configuration. Then run `make deb` to generate a Debian package
+    with the current configuration. To build the package inside a
+    Docker container, use `make deb-docker`. In both cases the
+    resulting packages are placed in the root directory of the
+    project.
+
+19. Building for RHEL, Fedora, CentOS, SUSE, and openSUSE
+
+    To generate a .rpm package, configure wolfSSL with the desired
+    configuration. Then run `make rpm` to generate a .rpm package
+    with the current configuration. To build the package inside a
+    Docker container, use `make rpm-docker`. In both cases the
+    resulting packages are placed in the root directory of the
+    project.
+
+20. Building with xmss-reference lib for XMSS/XMSS^MT support [EXPERIMENTAL]
+
+    Experimental support for XMSS/XMSS^MT has been achieved by integration
+    with the xmss-reference implementation from RFC 8391 (XMSS: eXtended
+    Merkle Signature Scheme). We support a patched version of xmss-reference
+    based on this git commit:
+      171ccbd26f098542a67eb5d2b128281c80bd71a6
+    At the time of writing this, this is the HEAD of the master branch of
+    the xmss-reference project.
+
+    How to get the xmss-reference library:
+      $ mkdir ~/xmss
+      $ cd ~/xmss
+      $ git clone https://github.com/XMSS/xmss-reference.git src
+      $ cd src
+      $ git checkout 171ccbd26f098542a67eb5d2b128281c80bd71a6
+      $ git apply <path to xmss reference patch>
+
+    The patch may be found in the wolfssl-examples repo here:
+      pq/stateful_hash_sig/0001-Patch-to-support-wolfSSL-xmss-reference-integration.patch
+
+    To build patched xmss-reference:
+      $ make xmss_lib.a
+
+    To build verify-only patched xmss-reference:
+      $ make xmss_verify_lib.a
+
+    Note that this patch changes xmss-reference to use wolfCrypt SHA256 hashing,
+    by registering a SHA callback function in xmss-reference. It
+    thus benefits from all the same asm speedups as wolfCrypt SHA hashing.
+    Depending on architecture you may build with --enable-intelasm, or
+    --enable-armasm, and see 30-40% speedups in XMSS/XMSS^MT.
+
+    For full keygen, signing, verifying, and benchmarking support, build
+    wolfSSL with:
+      $ ./configure \
+          --enable-xmss \
+          --with-libxmss=<path to xmss src dir>
+      $ make
+
+    Run the benchmark against XMSS/XMSS^MT with:
+      $ ./wolfcrypt/benchmark/benchmark -xmss_xmssmt
+
+    For a leaner xmss verify-only build, build with
+      $ ./configure \
+          --enable-xmss=verify-only \
+          --with-libxmss=<path to xmss src dir>
+      $ make
diff --git a/extra/wolfssl/wolfssl/Makefile.am b/extra/wolfssl/wolfssl/Makefile.am
index f3decb03..07a2496e 100644
--- a/extra/wolfssl/wolfssl/Makefile.am
+++ b/extra/wolfssl/wolfssl/Makefile.am
@@ -161,7 +161,6 @@ EXTRA_DIST+= m4/ax_atomic.m4
 
 include cmake/include.am
 include wrapper/include.am
-include cyassl/include.am
 include wolfssl/include.am
 include certs/include.am
 include doc/include.am
@@ -177,6 +176,7 @@ include examples/include.am
 include testsuite/include.am
 include tests/include.am
 include sslSniffer/sslSnifferTest/include.am
+include debian/include.am
 include rpm/include.am
 include linuxkm/include.am
 include zephyr/include.am
@@ -245,7 +245,6 @@ test: check
 tests/unit.log: testsuite/testsuite.log
 scripts/unit.log: testsuite/testsuite.log
 
-DISTCLEANFILES+= cyassl-config
 DISTCLEANFILES+= wolfssl-config
 
 MAINTAINERCLEANFILES+= wolfssl/wolfcrypt/async.h
@@ -267,7 +266,6 @@ maintainer-clean-local:
 	-rm build-aux/install-sh
 	-rm build-aux/ltmain.sh
 	-rm build-aux/missing
-	-rm cyassl-config
 	-rmdir build-aux
 	-rm configure
 	-rm config.log
diff --git a/extra/wolfssl/wolfssl/README b/extra/wolfssl/wolfssl/README
index 9b870f5b..c344bf80 100644
--- a/extra/wolfssl/wolfssl/README
+++ b/extra/wolfssl/wolfssl/README
@@ -5,7 +5,7 @@ library written in ANSI C and targeted for embedded, RTOS, and
 resource-constrained environments - primarily because of its small size, speed,
 and feature set.  It is commonly used in standard operating environments as well
 because of its royalty-free pricing and excellent cross platform support.
-wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.2
+wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
 levels, is up to 20 times smaller than OpenSSL, and offers progressive ciphers
 such as ChaCha20, Curve25519, and Blake2b. User benchmarking and feedback
 reports dramatically better performance when using wolfSSL over OpenSSL.
@@ -20,11 +20,11 @@ certificate #3389). For additional information, visit the wolfCrypt FIPS FAQ
 There are many reasons to choose wolfSSL as your embedded SSL solution. Some of
 the top reasons include size (typical footprint sizes range from 20-100 kB),
 support for the newest standards (SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3,
-DTLS 1.0, and DTLS 1.2), current and progressive cipher support (including
-stream ciphers), multi-platform, royalty free, and an OpenSSL compatibility API
-to ease porting into existing applications which have previously used the
-OpenSSL package. For a complete feature list, see chapter 4 of the wolfSSL
-manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
+DTLS 1.0, DTLS 1.2, and DTLS 1.3), current and progressive cipher support
+(including stream ciphers), multi-platform, royalty free, and an OpenSSL
+compatibility API to ease porting into existing applications which have
+previously used the OpenSSL package. For a complete feature list, see chapter 4
+of the wolfSSL manual. (https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
 
 *** Notes, Please read ***
 
@@ -70,150 +70,93 @@ should be used for the enum name.
 
 *** end Notes ***
 
-# wolfSSL Release 5.6.3 (Jun 20, 2023)
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
 
-Release 5.6.3 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-
-Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
 
-* Fix for setting the atomic macro options introduced in release 5.6.2. This issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of the generated macros defined in options.h file and the macros used when the wolfSSL library is compiled. In version 5.6.2 this mismatch could result in unstable runtime behavior.
-* Fix for invalid suffix error with Windows build using the macro GCM_TABLE_4BIT.
-* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
-* Improvements to SendAlert for getting output buffer.
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
 
+REMINDER: When working with AES Block Cipher algorithms, wc_AesInit() should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
 
-# wolfSSL Release 5.6.2 (Jun 09, 2023)
+## Vulnerabilities
 
-Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with --enable-all). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
 
-NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional WOLFSSL_CALLBACKS has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of WOLFSSL_CALLBACKS on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
 
-Release 5.6.2 of wolfSSL embedded TLS has bug fixes and new features including:
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “--enable-aes-bitsliced� configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
 
-## Vulnerabilities
-* [Low] In cases where a malicious agent could analyze cache timing at a very detailed level, information about the AES key used could be leaked during T/S Box lookups. One such case was shown on RISC-V hardware using the MicroWalk tool (https://github.com/microwalk-project/Microwalk). A hardened version of T/S Box lookups was added in wolfSSL to help mitigate this potential attack and is now on by default with RISC-V builds and can be enabled on other builds if desired by compiling wolfSSL with the macro WOLFSSL_AES_TOUCH_LINES. Thanks to Jan Wichelmann, Christopher Peredy, Florian Sieck, Anna Pätschke, Thomas Eisenbarth (University of Lübeck): MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6309
-* [High] In previous versions of wolfSSL if a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing surreptitious access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. We recommend that TLS 1.3 client side users update the version of wolfSSL used. Thanks to Johannes from Sectra Communications and Linköping University for the report. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6412
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
 
 ## New Feature Additions
 
-### New Ports and Expansions
-* Add support for STM32H5
-* Add support for Renesas TSIP v1.17
-* Add Renesas SCE RSA crypto-only support
-* STARCORE DSP port and example builds added
-* Add the function wc_PKCS7_SetDefaultSignedAttribs for setting PKCS7 signed attributes to use with PKCS7 bundle creation
-* NXP IMX6Q CAAM port with QNX and performance optimizations for AES-CTR
-
-### New Build Options
-* ASN.1 print utility to decode ASN.1 syntax and print out human readable text --enable-asn-print. Utility app is located in the directory ./examples/asn1/
-* Add introspection for math build, wc_GetMathInfo() to get information about the math library compiled into the linked wolfSSL library
-* Implement TLS recommendations from RFC 9325 for hardening TLS/DTLS security. Enabled with the autoconf flag --enable-harden-tls.
-* Add option to support disabling thread local storage, --disable-threadlocal
-* Added wc_DsaSign_ex() and wc_DsaVerify_ex() for handling alternative digest algorithms with DSA Sign/Verify
-* Implement atomic operations interface. Macros auto-detect if atomic operations are expected to be available, can be turned off with the macro WOLFSSL_NO_ATOMICS
-* Added support for DTLS 1.3 Authentication and Integrity-Only Cipher Suites
-* Expand crypto callback to have a device ID find callback function with wc_CryptoCb_SetDeviceFindCb. Enabled with the macro WOLF_CRYPTO_CB_FIND
+* Build option for disabling CRL date checks (WOLFSSL_NO_CRL_DATE_CHECK) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (--enable-srtp-kdf) (PR 6888)
+* Add wolfSSL_EXTENDED_KEY_USAGE_free() (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (--enable-aes-bitsliced) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
 
 ## Enhancements and Optimizations
 
-### Optimizations
-* Increased performance with ChaCha20 C implementation and general XOR operations
-* Added integer type to the ASN.1 sequencing with ASN.1 Integer sequence
-* With wolfSSL_get_x509_next_altname reset alt name list to head once cycled through if compiling with the macro WOLFSSL_MULTICIRCULATE_ALTNAMELIST
-* Additional key validity sanity checks on input to wolfSSL_EC_KEY_set_private_key
-* adds support for TLSv1.3 stateful session tickets when using SSL_OP_NO_TICKET
-
-### Memory Optimizations
-* Improvements to stack usage and management with SP int math library
-* Optimization to TLS 1.3 server to remove caching messages for Ed25519/Ed448
-* Added a HAVE_CURL macro build for building a subset of the wolfSSL library when linking with cURL
-* Memory usage improvement with reducing the size of alignment needed with AES
-* Reduce run time memory used with ECC operations and ALT_ECC_SIZE
-* Fixes and improvements for building edge cases such as crypto callback without hash-drbg with low footprint options
-* Support HAVE_SESSION_TICKET build option without depending on realloc
-
-### Documentation
-* Instructions for GPDMA on STM32 configuration added
-* Add in instructions for compiling with zephyr on STM32
-* Documentation fixup for wolfSSL_get_chain_cert()
-* Fix the file pointed to in the TI RTOS documentation that we maintain
-* Documentation for wolfSSL_CertManagerFreeCRL
-* Updates made to AES and Chacha documentation
-* Update Japanese comments for Ed25519, AES, and other miscellaneous items
-
-### Tests
-* Add in an option for easily testing malloc failures when building with WOLFSSL_MEM_FAIL_COUNT macro
-* Updated in process for using Expect vs Assert to facilitate more malloc failure tests
-* Enhance wolfCrypt test for builds that do not have ECC SECP curves enabled
-* ESP32 platform-specific VisualGDB test & benchmark projects
-* Update to dependencies in docker container file used for tests
-* Fix up for base 10 output with bundled benchmark application
-
-### Port Updates
-* Zephyr port update, compile time warning fixes, misc. fixes when used with TLS and update of includes
-* Update RIOT-OS to not compile out use of writev by default
-* Update Micrium port to enable use of STM32_RNG
-* Micrium updates for XMEMOVE and XSTRTOK use
-* Various Espressif HW crypto, SHA2, AES, MP updates
-* Added in ASIO build option with CMake builds
-
-### General Enhancements
-* Global codebase cleanup for C89 compliance and wolfCrypt -Wconversion hygiene
-* PKCS#11 enhancement adding a callback for RSA key size when using a hardware key, by default 2048 bit key is used
-* Allow for unknown OIDs in extensions in wolfSSL_X509_set_ext()
-* Allow user to override XSTAT by defining the macro XSTAT when compiling
-* Support UPN and SID with x509 certificate extensions and custom OID build
-* Write next IV in wolfSSL_DES_ede3_cbc_encrypt for better handling of inline encryption
-* Adding NO_ASN_TIME_CHECK build option for compiling out certificate before/after checks
-* Improve different peer recvfrom handling and error reporting with ipv4 vs ipv6
+* Better built in testing of “--sys-ca-certs� configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “--enable-quic� to “--enable-all� configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “HAVE___UINT128_T� to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into ssl_crypto.c file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
 
 ## Fixes
-* Fix for STM32 ECC sign and verify out of bounds buffer write when the hash length passed in is larger than the key size. Thanks to Maximilian for the report.
-* Fix to skip Async_DevCtxInit when using init rsa/ecc label/id api's
-* Revert WOLFSSL_NO_ASN_STRICT macro guard around alternate names directory list
-* In async mode, don't retry decrypting if a valid error is encountered on a packet parse attempt
-* Add additional sanity check on PKCS7 index value in wc_PKCS7_DecryptKekri
-* Fix for padding when using an AuthEnvelope PKCS7 type with GCM/CCM stream ciphers
-* Fix siphash assembly so that no register is left behind
-* Fix to not send a TLS 1.3 session ID resume response when resuming and downgrading to a protocol less than TLS 1.3
-* Fix overwriting serialNumber by favouriteDrink when generating a certificate using Cert struct
-* Fix for the default realloc used with EspressIf builds
-* Track SetDigest usage to avoid invalid free under error conditions
-* DTLS v1.3 fix for epoch 0 check on plaintext message
-* Fix for session ticket memory leak in wolfSSL_Cleanup
-* Fixes for propagating SendAlert errors when the peer disconnects
-* Replace XMEMCPY with XMEMMOVE to fix valgrind-3.15.0 reports "Source and destination overlap in memcpy" when using --enable-aesgcm-stream
-* Fix for potential out-of-bounds write edge case in fp_mod_2d with --enable-fastmath math library
-* Fix getting ECC key size in stm32_ecc_sign_hash_ex
-* Fix for case where wc_PeekErrorNodeLineData was not unlocking error queue on error
-* Fix for async ECC shared secret state
-* Fix for better error checking with sp_gcd with SP int math library
-* Fix memory leak in TLSX_KeyShare_Setup when handling an error case
-* Fix for double free edge case in InitOCSPRequest when handling a memory allocation failure
-* X509 NAME Entry fix for leaking memory on error case
-* Fix wolfssl_asn1_time_to_tm setting unexpected fields in tm struct
-* Fix for FIPS ECC integrity check with crypto callback set
-* BN_to_ASN1_INTEGER fix for handling leading zero byte padding when needed
-* Fix a typo in PP macro and add a ceiling to guard against implementation bugs
-* DTLS 1.3 fix for using the correct label when deriving the resumption key
-* OCSP fix for GetDateInfo edge case with non ASN template builds
-* Allow a user set certificate callback function to override the skipAddCA flag when parsing a certificate
-* SP int: sp_radix_size when radix 10 fix temp size for handling edge case
-* Fixes and improvements for handling failures with memory allocations
-* Fix for DecodeECC_DSA_Sig to handle r and s being initialized
-* Fix for wc_ecc_is_point to ensure that the x and y are in range [0, p-1] and z is one (affine ordinates)
-
-### Build Fixes
-* Fix for building on Windows with CMake and using USER_SETTINGS and fix for options.h creation with CMake when using USER_SETTINGS
-* CMake fixes and improvements for use with mingw32
-* Fix for building with wpas and x509 small options
-* Check if colrm is available for options.h creation when using autoconf
-* Clean up NO_BIG_INT build, removing WOLFSSL_SP_MATH macro and heapmath compile
-* Fix PKCS#7 build with NO_PKCS7_STREAM
-* Fix compilation error in CC-RX and remove unnecessary public key import
-* SP Build fixes for ARM assembly with ARMv6 clz and ARM thumb debug build
-* For to not advertise support for RSA in TLS extensions when compiled with NO_RSA
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in wolfSSL_i2d_X509() (PR 6891)
+* Fix for EVP_EncodeBlock() appending a newline (PR 6900)
+* Fix for wolfSSL_RSA_verify_PKCS1_PSS() with RSA_PSS_SALTLEN_AUTO (PR 6938)
+* Fixes for CODESonar reports around isalpha() and isalnum() calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for WOLFSSL_CALLBACKS and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (FREESCALE_MMCAU) (PR 6970)
+* Fix for TLS 1.3 SendBuffered() return code in non-blocking mode (PR 7001)
+* Fix for TLS Hmac_UpdateFinal() when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to wc_AesInit() before wc_AesSetKey() (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
 
 For additional vulnerability information visit the vulnerability page at:
 https://www.wolfssl.com/docs/security-vulnerabilities/
diff --git a/extra/wolfssl/wolfssl/README.md b/extra/wolfssl/wolfssl/README.md
index 18b3665f..381a05fb 100644
--- a/extra/wolfssl/wolfssl/README.md
+++ b/extra/wolfssl/wolfssl/README.md
@@ -1,7 +1,3 @@
-<a href="https://repology.org/project/wolfssl/versions">
-    <img src="https://repology.org/badge/vertical-allrepos/wolfssl.svg" alt="Packaging status" align="right">
-</a>
-
 # wolfSSL Embedded SSL/TLS Library
 
 The [wolfSSL embedded SSL library](https://www.wolfssl.com/products/wolfssl/) 
@@ -10,7 +6,7 @@ targeted for embedded, RTOS, and resource-constrained environments - primarily
 because of its small size, speed, and feature set.  It is commonly used in
 standard operating environments as well because of its royalty-free pricing
 and excellent cross platform support. wolfSSL supports industry standards up
-to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.2, is up to
+to the current [TLS 1.3](https://www.wolfssl.com/tls13) and DTLS 1.3, is up to
 20 times smaller than OpenSSL, and offers progressive ciphers such as ChaCha20,
 Curve25519, Blake2b and Post-Quantum TLS 1.3 groups. User benchmarking and
 feedback reports dramatically better performance when using wolfSSL over
@@ -27,8 +23,8 @@ or contact fips@wolfssl.com.
 There are many reasons to choose wolfSSL as your embedded, desktop, mobile, or
 enterprise SSL/TLS solution. Some of the top reasons include size (typical
 footprint sizes range from 20-100 kB), support for the newest standards
-(SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, and DTLS 1.2), current
-and progressive cipher support (including stream ciphers), multi-platform,
+(SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3, DTLS 1.0, DTLS 1.2, and DTLS 1.3),
+current and progressive cipher support (including stream ciphers), multi-platform,
 royalty free, and an OpenSSL compatibility API to ease porting into existing
 applications which have previously used the OpenSSL package. For a complete
 feature list, see [Chapter 4](https://www.wolfssl.com/docs/wolfssl-manual/ch4/)
@@ -79,150 +75,93 @@ single call hash function. Instead the name `WC_SHA`, `WC_SHA256`, `WC_SHA384` a
 `WC_SHA512` should be used for the enum name.
 
 
-# wolfSSL Release 5.6.3 (Jun 20, 2023)
-
-Release 5.6.3 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
+# wolfSSL Release 5.6.6 (Dec 19, 2023)
 
-Release 5.6.3 of wolfSSL embedded TLS has 4 bug fixes:
+Release 5.6.6 has been developed according to wolfSSL's development and QA
+process (see link below) and successfully passed the quality criteria.
+https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
 
-* Fix for setting the atomic macro options introduced in release 5.6.2. This issue affects GNU gcc autoconf builds. The fix resolves a potential mismatch of the generated macros defined in options.h file and the macros used when the wolfSSL library is compiled. In version 5.6.2 this mismatch could result in unstable runtime behavior.
-* Fix for invalid suffix error with Windows build using the macro GCM_TABLE_4BIT.
-* Improvements to Encrypted Memory support (WC_PROTECT_ENCRYPTED_MEM) implementations for modular exponentiation in SP math-all (sp_int.c) and TFM (tfm.c).
-* Improvements to SendAlert for getting output buffer.
+NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
 
+REMINDER: When working with AES Block Cipher algorithms, `wc_AesInit()` should
+always be called first to initialize the `Aes` structure, before calling other
+Aes API functions. Recently we found several places in our documentation,
+comments, and codebase where this pattern was not observed. We have since
+fixed this omission in several PRs for this release.
 
-# wolfSSL Release 5.6.2 (Jun 09, 2023)
+## Vulnerabilities
 
-Release 5.6.2 has been developed according to wolfSSL's development and QA process (see link below) and successfully passed the quality criteria.
-https://www.wolfssl.com/about/wolfssl-software-development-process-quality-assurance
+* [Medium] CVE-2023-6935: After review of the previous RSA timing fix in wolfSSL 5.6.4, additional changes were found to be required. A complete resistant change is delivered in this release. This fix is for the Marvin attack, leading to being able to decrypt a saved TLS connection and potentially forge a signature after probing with a very large number of trial connections. This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL (even with `--enable-all`). Static RSA cipher suites were also removed from the TLS 1.3 protocol and are only present in TLS 1.2 and lower. All padding versions of RSA decrypt are affected since the code under review is outside of the padding processing. Information about the private keys is NOT compromised in affected code. It is recommended to disable static RSA cipher suites and update the version of wolfSSL used if using RSA private decryption alone outside of TLS. Thanks to Hubert Kario for the report. The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6955.
 
-NOTE: * --enable-heapmath is being deprecated and will be removed by 2024
+* [Low] CVE-2023-6936: A potential heap overflow read is possible in servers connecting over TLS 1.3 when the optional `WOLFSSL_CALLBACKS` has been defined. The out of bounds read can occur when a server receives a malicious malformed ClientHello. Users should either discontinue use of `WOLFSSL_CALLBACKS` on the server side or update versions of wolfSSL to 5.6.6. Thanks to the tlspuffin fuzzer team for the report which was designed and developed by; Lucca Hirschi (Inria, LORIA), Steve Kremer (Inria, LORIA), and Max Ammann (Trail of Bits). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6949.
 
-Release 5.6.2 of wolfSSL embedded TLS has bug fixes and new features including:
+* [Low] A side channel vulnerability with AES T-Tables is possible in a very controlled environment where precision sub-cache-line inspection can happen, such as inside an Intel SGX enclave. This can lead to recovery of the AES key. To prevent this type of attack, wolfSSL added an AES bitsliced implementation which can be enabled with the “`--enable-aes-bitsliced`� configure option. Thanks to Florian Sieck, Zhiyuan Zhang, Sebastian Berndt, Chitchanok Chuengsatiansup, Thomas Eisenbarth, and Yuval Yarom for the report (Universities of Lübeck, Melbourne, Adelaide and Bochum). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/6854.
 
-## Vulnerabilities
-* [Low] In cases where a malicious agent could analyze cache timing at a very detailed level, information about the AES key used could be leaked during T/S Box lookups. One such case was shown on RISC-V hardware using the MicroWalk tool (https://github.com/microwalk-project/Microwalk). A hardened version of T/S Box lookups was added in wolfSSL to help mitigate this potential attack and is now on by default with RISC-V builds and can be enabled on other builds if desired by compiling wolfSSL with the macro WOLFSSL_AES_TOUCH_LINES. Thanks to Jan Wichelmann, Christopher Peredy, Florian Sieck, Anna Pätschke, Thomas Eisenbarth (University of Lübeck): MAMBO-V: Dynamic Side-Channel Leakage Analysis on RISC-V. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6309
-* [High] In previous versions of wolfSSL if a TLS 1.3 client gets neither a PSK (pre shared key) extension nor a KSE (key share extension) when connecting to a malicious server, a default predictable buffer gets used for the IKM value when generating the session master secret. Using a potentially known IKM value when generating the session master secret key compromises the key generated, allowing an eavesdropper to reconstruct it and potentially allowing surreptitious access to or meddling with message contents in the session. This issue does not affect client validation of connected servers, nor expose private key information, but could result in an insecure TLS 1.3 session when not controlling both sides of the connection. We recommend that TLS 1.3 client side users update the version of wolfSSL used. Thanks to Johannes from Sectra Communications and Linköping University for the report. Fixed in the following GitHub pull request https://github.com/wolfSSL/wolfssl/pull/6412
+* [Low] CVE-2023-6937: wolfSSL prior to 5.6.6 did not check that messages in a single (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. Thanks to Johannes Wilson for the report (Sectra Communications and Linköping University). The fix for this issue is located in the following GitHub Pull Request: https://github.com/wolfSSL/wolfssl/pull/7029.
 
 ## New Feature Additions
 
-### New Ports and Expansions
-* Add support for STM32H5
-* Add support for Renesas TSIP v1.17
-* Add Renesas SCE RSA crypto-only support
-* STARCORE DSP port and example builds added
-* Add the function wc_PKCS7_SetDefaultSignedAttribs for setting PKCS7 signed attributes to use with PKCS7 bundle creation
-* NXP IMX6Q CAAM port with QNX and performance optimizations for AES-CTR
-
-### New Build Options
-* ASN.1 print utility to decode ASN.1 syntax and print out human readable text --enable-asn-print. Utility app is located in the directory ./examples/asn1/
-* Add introspection for math build, wc_GetMathInfo() to get information about the math library compiled into the linked wolfSSL library
-* Implement TLS recommendations from RFC 9325 for hardening TLS/DTLS security. Enabled with the autoconf flag --enable-harden-tls.
-* Add option to support disabling thread local storage, --disable-threadlocal
-* Added wc_DsaSign_ex() and wc_DsaVerify_ex() for handling alternative digest algorithms with DSA Sign/Verify
-* Implement atomic operations interface. Macros auto-detect if atomic operations are expected to be available, can be turned off with the macro WOLFSSL_NO_ATOMICS
-* Added support for DTLS 1.3 Authentication and Integrity-Only Cipher Suites
-* Expand crypto callback to have a device ID find callback function with wc_CryptoCb_SetDeviceFindCb. Enabled with the macro WOLF_CRYPTO_CB_FIND
+* Build option for disabling CRL date checks (`WOLFSSL_NO_CRL_DATE_CHECK`) (PR 6927)
+* Support for STM32WL55 and improvements to PKA ECC support (PR 6937)
+* Add option to skip cookie exchange on DTLS 1.3 session resumption (PR 6929)
+* Add implementation of SRTP KDF and SRTCP KDF (`--enable-srtp-kdf`) (PR 6888)
+* Add `wolfSSL_EXTENDED_KEY_USAGE_free()` (PR 6916)
+* Add AES bitsliced implementation that is cache attack safe (`--enable-aes-bitsliced`) (PR 6854)
+* Add memcached support and automated testing (PR 6430, 7022)
+* Add Hardware Encryption Acceleration for ESP32-C3, ESP32-C6, and ESP32-S2 (PR 6990)
+* Add (D)TLS 1.3 support for 0.5-RTT data (PR 7010)
 
 ## Enhancements and Optimizations
 
-### Optimizations
-* Increased performance with ChaCha20 C implementation and general XOR operations
-* Added integer type to the ASN.1 sequencing with ASN.1 Integer sequence
-* With wolfSSL_get_x509_next_altname reset alt name list to head once cycled through if compiling with the macro WOLFSSL_MULTICIRCULATE_ALTNAMELIST
-* Additional key validity sanity checks on input to wolfSSL_EC_KEY_set_private_key
-* adds support for TLSv1.3 stateful session tickets when using SSL_OP_NO_TICKET
-
-### Memory Optimizations
-* Improvements to stack usage and management with SP int math library
-* Optimization to TLS 1.3 server to remove caching messages for Ed25519/Ed448
-* Added a HAVE_CURL macro build for building a subset of the wolfSSL library when linking with cURL
-* Memory usage improvement with reducing the size of alignment needed with AES
-* Reduce run time memory used with ECC operations and ALT_ECC_SIZE
-* Fixes and improvements for building edge cases such as crypto callback without hash-drbg with low footprint options
-* Support HAVE_SESSION_TICKET build option without depending on realloc
-
-### Documentation
-* Instructions for GPDMA on STM32 configuration added
-* Add in instructions for compiling with zephyr on STM32
-* Documentation fixup for wolfSSL_get_chain_cert()
-* Fix the file pointed to in the TI RTOS documentation that we maintain
-* Documentation for wolfSSL_CertManagerFreeCRL
-* Updates made to AES and Chacha documentation
-* Update Japanese comments for Ed25519, AES, and other miscellaneous items
-
-### Tests
-* Add in an option for easily testing malloc failures when building with WOLFSSL_MEM_FAIL_COUNT macro
-* Updated in process for using Expect vs Assert to facilitate more malloc failure tests
-* Enhance wolfCrypt test for builds that do not have ECC SECP curves enabled
-* ESP32 platform-specific VisualGDB test & benchmark projects
-* Update to dependencies in docker container file used for tests
-* Fix up for base 10 output with bundled benchmark application
-
-### Port Updates
-* Zephyr port update, compile time warning fixes, misc. fixes when used with TLS and update of includes
-* Update RIOT-OS to not compile out use of writev by default
-* Update Micrium port to enable use of STM32_RNG
-* Micrium updates for XMEMOVE and XSTRTOK use
-* Various Espressif HW crypto, SHA2, AES, MP updates
-* Added in ASIO build option with CMake builds
-
-### General Enhancements
-* Global codebase cleanup for C89 compliance and wolfCrypt -Wconversion hygiene
-* PKCS#11 enhancement adding a callback for RSA key size when using a hardware key, by default 2048 bit key is used
-* Allow for unknown OIDs in extensions in wolfSSL_X509_set_ext()
-* Allow user to override XSTAT by defining the macro XSTAT when compiling
-* Support UPN and SID with x509 certificate extensions and custom OID build
-* Write next IV in wolfSSL_DES_ede3_cbc_encrypt for better handling of inline encryption
-* Adding NO_ASN_TIME_CHECK build option for compiling out certificate before/after checks
-* Improve different peer recvfrom handling and error reporting with ipv4 vs ipv6
+* Better built in testing of “`--sys-ca-certs`� configure option (PR 6910)
+* Updated CMakeLists.txt for Espressif wolfSSL component usage (PR 6877)
+* Disable TLS 1.1 by default (unless SSL 3.0 or TLS 1.0 is enabled) (PR 6946)
+* Add “`--enable-quic`� to “`--enable-all`� configure option (PR 6957)
+* Add support to SP C implementation for RSA exponent up to 64-bits (PR 6959)
+* Add result of “`HAVE___UINT128_T`� to options.h for CMake builds (PR 6965)
+* Add optimized assembly for AES-GCM on ARM64 using hardware crypto instructions (PR 6967)
+* Add built-in cipher suite tests for DTLS 1.3 PQC (PR 6952)
+* Add wolfCrypt test and unit test to ctest (PR 6977)
+* Move OpenSSL compatibility crypto APIs into `ssl_crypto.c` file (PR 6935)
+* Validate time generated from XGMTIME() (PR 6958)
+* Allow wolfCrypt benchmark to run with microsecond accuracy (PR 6868)
+* Add GitHub Actions testing with nginx 1.24.0 (PR 6982)
+* Allow encoding of CA:FALSE BasicConstraint during cert generation (PR 6953)
+* Add CMake option to enable DTLS-SRTP (PR 6991)
+* Add CMake options for enabling QUIC and cURL (PR 7049)
+* Improve RSA blinding to make code more constant time (PR 6955)
+* Refactor AES-NI implementation macros to allow dynamic fallback to C (PR 6981)
+* Default to native Windows threading API on MinGW (PR 7015)
+* Return better error codes from OCSP response check (PR 7028)
+* Updated Espressif ESP32 TLS client and server examples (PR 6844)
+* Add/clean up support for ESP-IDF v5.1 for a variety of ESP32 chips (PR 7035, 7037)
+* Add API to choose dynamic certs based on client ciphers/sigalgs (PR 6963)
+* Improve Arduino IDE 1.5 project file to match recursive style (PR 7007)
+* Simplify and improve apple-universal build script (PR 7025)
 
 ## Fixes
-* Fix for STM32 ECC sign and verify out of bounds buffer write when the hash length passed in is larger than the key size. Thanks to Maximilian for the report.
-* Fix to skip Async_DevCtxInit when using init rsa/ecc label/id api's
-* Revert WOLFSSL_NO_ASN_STRICT macro guard around alternate names directory list
-* In async mode, don't retry decrypting if a valid error is encountered on a packet parse attempt
-* Add additional sanity check on PKCS7 index value in wc_PKCS7_DecryptKekri
-* Fix for padding when using an AuthEnvelope PKCS7 type with GCM/CCM stream ciphers
-* Fix siphash assembly so that no register is left behind
-* Fix to not send a TLS 1.3 session ID resume response when resuming and downgrading to a protocol less than TLS 1.3
-* Fix overwriting serialNumber by favouriteDrink when generating a certificate using Cert struct
-* Fix for the default realloc used with EspressIf builds
-* Track SetDigest usage to avoid invalid free under error conditions
-* DTLS v1.3 fix for epoch 0 check on plaintext message
-* Fix for session ticket memory leak in wolfSSL_Cleanup
-* Fixes for propagating SendAlert errors when the peer disconnects
-* Replace XMEMCPY with XMEMMOVE to fix valgrind-3.15.0 reports "Source and destination overlap in memcpy" when using --enable-aesgcm-stream
-* Fix for potential out-of-bounds write edge case in fp_mod_2d with --enable-fastmath math library
-* Fix getting ECC key size in stm32_ecc_sign_hash_ex
-* Fix for case where wc_PeekErrorNodeLineData was not unlocking error queue on error
-* Fix for async ECC shared secret state
-* Fix for better error checking with sp_gcd with SP int math library
-* Fix memory leak in TLSX_KeyShare_Setup when handling an error case
-* Fix for double free edge case in InitOCSPRequest when handling a memory allocation failure
-* X509 NAME Entry fix for leaking memory on error case
-* Fix wolfssl_asn1_time_to_tm setting unexpected fields in tm struct
-* Fix for FIPS ECC integrity check with crypto callback set
-* BN_to_ASN1_INTEGER fix for handling leading zero byte padding when needed
-* Fix a typo in PP macro and add a ceiling to guard against implementation bugs
-* DTLS 1.3 fix for using the correct label when deriving the resumption key
-* OCSP fix for GetDateInfo edge case with non ASN template builds
-* Allow a user set certificate callback function to override the skipAddCA flag when parsing a certificate
-* SP int: sp_radix_size when radix 10 fix temp size for handling edge case
-* Fixes and improvements for handling failures with memory allocations
-* Fix for DecodeECC_DSA_Sig to handle r and s being initialized
-* Fix for wc_ecc_is_point to ensure that the x and y are in range [0, p-1] and z is one (affine ordinates)
-
-### Build Fixes
-* Fix for building on Windows with CMake and using USER_SETTINGS and fix for options.h creation with CMake when using USER_SETTINGS
-* CMake fixes and improvements for use with mingw32
-* Fix for building with wpas and x509 small options
-* Check if colrm is available for options.h creation when using autoconf
-* Clean up NO_BIG_INT build, removing WOLFSSL_SP_MATH macro and heapmath compile
-* Fix PKCS#7 build with NO_PKCS7_STREAM
-* Fix compilation error in CC-RX and remove unnecessary public key import
-* SP Build fixes for ARM assembly with ARMv6 clz and ARM thumb debug build
-* For to not advertise support for RSA in TLS extensions when compiled with NO_RSA
+
+* Fix for async edge case with Intel QuickAssist/Cavium Nitrox (PR 6931)
+* Fix for building PKCS#7 with RSA disabled (PR 6902)
+* Fix for advancing output pointer in `wolfSSL_i2d_X509()` (PR 6891)
+* Fix for `EVP_EncodeBlock()` appending a newline (PR 6900)
+* Fix for `wolfSSL_RSA_verify_PKCS1_PSS()` with `RSA_PSS_SALTLEN_AUTO` (PR 6938)
+* Fixes for CODESonar reports around `isalpha()` and `isalnum()` calls (PR 6810)
+* Fix for SP ARM64 integer math to avoid compiler optimization issues (PR 6942)
+* Fix for SP Thumb2 inline assembly to add IAR build support (PR 6943, 6971)
+* Fix for SP Thumb2 to make functions not inlined (PR 6993)
+* Fix for SP Cortex-M assembly large build with IAR (PR 6954)
+* Fix for SP ARM64 assembly montgomery reduction by 4 (PR 6947)
+* Fix for SP ARM64 P-256 for not inlining functions for iOS compatibility (PR 6979)
+* Fix for `WOLFSSL_CALLBACKS` and potential memory error (PR 6949)
+* Fixes for wolfSSL’s Zephyr OS port (PR 6930)
+* Fix for build errors when building for NXP mmCAU (`FREESCALE_MMCAU`) (PR 6970)
+* Fix for TLS 1.3 `SendBuffered()` return code in non-blocking mode (PR 7001)
+* Fix for TLS `Hmac_UpdateFinal()` when padding byte is invalid (PR 6998)
+* Fix for ARMv8 AES-GCM streaming to check size of IV before storing (PR 6996)
+* Add missing calls to `wc_AesInit()` before `wc_AesSetKey()` (PR 7011)
+* Fix build errors with DTLS 1.3 enabled but TLS 1.2 disabled (PR 6976)
+* Fixes for building wolfSSL in Visual Studio (PR 7040)
 
 For additional vulnerability information visit the vulnerability page at:
 https://www.wolfssl.com/docs/security-vulnerabilities/
@@ -230,7 +169,6 @@ https://www.wolfssl.com/docs/security-vulnerabilities/
 See INSTALL file for build instructions.
 More info can be found on-line at: https://wolfssl.com/wolfSSL/Docs.html
 
-
 # Resources
 
 [wolfSSL Website](https://www.wolfssl.com/)
diff --git a/extra/wolfssl/wolfssl/SCRIPTS-LIST b/extra/wolfssl/wolfssl/SCRIPTS-LIST
index d0a781cf..03f5cf6a 100644
--- a/extra/wolfssl/wolfssl/SCRIPTS-LIST
+++ b/extra/wolfssl/wolfssl/SCRIPTS-LIST
@@ -1,7 +1,7 @@
 autogen.sh - creates ./configure from source checkout, sets up git hooks
 
 pre-commit.sh - our pre commit hook, saves current state before running commit
-                tests to allow a resotre back to current state
+                tests to allow a restore back to current state
 
 commit-tests.sh - our commit tests, must pass before a commit is accepted, use
                   -n (--no-verify) to disable
diff --git a/extra/wolfssl/wolfssl/async-check.sh b/extra/wolfssl/wolfssl/async-check.sh
index 206fd4ff..ccfce052 100755
--- a/extra/wolfssl/wolfssl/async-check.sh
+++ b/extra/wolfssl/wolfssl/async-check.sh
@@ -1,34 +1,23 @@
 #!/bin/bash
 
-# async-check.sh
-
 # This script creates symbolic links to the required asynchronous
 # file for using the asynchronous simulator and make check
-#
-#     $ ./async-check [keep|clean|setup]
-#
-#     - keep: (default off) ./async and links kept around for inspection
-#     - clean: (default off) only cleanup existing ./async and links
-#     - setup: (default off) only setup ./async and links but don't run config
-#                            or make
-#
+
+# Fail on any error in script
+set -e
 
 ASYNC_REPO=https://github.com/wolfSSL/wolfAsyncCrypt.git
+ASYNC_DIR=${ASYNC_DIR:-wolfAsyncCrypt}
 
 function Usage() {
-    printf '\n%s\n\n' "Usage: $0 [keep|clean|setup]"
-    printf '%s\n' "Where \"keep\" means keep (default off) async files around for inspection"
-    printf '%s\n' "Where \"clean\" means only clean (default off) the async files"
-    printf '%s\n\n' "Where \"setup\" means only setup (default off) the async files"
-    printf '%s\n' "EXAMPLE:"
-    printf '%s\n' "---------------------------------"
-    printf '%s\n' "./async-check.sh keep"
-    printf '%s\n' "./async-check.sh clean"
-    printf '%s\n' "./async-check.sh setup"
-    printf '%s\n\n' "---------------------------------"
+    printf "Usage: $0 [install|uninstall|test|remove]\n"
+    printf "\tinstall   - get and set up links to wolfAsyncCrypt files\n"
+    printf "\tuninstall - remove the links to wolfAsyncCrypt\n"
+    printf "\ttest      - install and run 'make check'\n"
+    printf "\tremove    - uninstall and remove wolfAsyncCrypt\n"
 }
 
-function CleanUp() {
+function UnlinkFiles() {
     unlink ./wolfcrypt/src/async.c
     unlink ./wolfssl/wolfcrypt/async.h
     unlink ./wolfcrypt/src/port/intel/quickassist.c
@@ -40,8 +29,6 @@ function CleanUp() {
     unlink ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
     unlink ./wolfcrypt/src/port/cavium/README.md
 
-    rm -rf ./async
-
     # restore original README.md files
     git checkout -- wolfcrypt/src/port/cavium/README.md
     git checkout -- wolfcrypt/src/port/intel/README.md
@@ -49,16 +36,46 @@ function CleanUp() {
 
 function LinkFiles() {
     # link files
-    ln -s -f ../../async/wolfcrypt/src/async.c ./wolfcrypt/src/async.c
-    ln -s -f ../../async/wolfssl/wolfcrypt/async.h ./wolfssl/wolfcrypt/async.h
-    ln -s -f ../../../../async/wolfcrypt/src/port/intel/quickassist.c ./wolfcrypt/src/port/intel/quickassist.c
-    ln -s -f ../../../../async/wolfcrypt/src/port/intel/quickassist_mem.c ./wolfcrypt/src/port/intel/quickassist_mem.c
-    ln -s -f ../../../../async/wolfcrypt/src/port/intel/README.md ./wolfcrypt/src/port/intel/README.md
-    ln -s -f ../../../../async/wolfssl/wolfcrypt/port/intel/quickassist.h ./wolfssl/wolfcrypt/port/intel/quickassist.h
-    ln -s -f ../../../../async/wolfssl/wolfcrypt/port/intel/quickassist_mem.h ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
-    ln -s -f ../../../../async/wolfcrypt/src/port/cavium/cavium_nitrox.c ./wolfcrypt/src/port/cavium/cavium_nitrox.c
-    ln -s -f ../../../../async/wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
-    ln -s -f ../../../../async/wolfcrypt/src/port/cavium/README.md ./wolfcrypt/src/port/cavium/README.md
+    ln -s -f ../../${ASYNC_DIR}/wolfcrypt/src/async.c ./wolfcrypt/src/async.c
+    ln -s -f ../../${ASYNC_DIR}/wolfssl/wolfcrypt/async.h ./wolfssl/wolfcrypt/async.h
+    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist.c ./wolfcrypt/src/port/intel/quickassist.c
+    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/quickassist_mem.c ./wolfcrypt/src/port/intel/quickassist_mem.c
+    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/intel/README.md ./wolfcrypt/src/port/intel/README.md
+    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist.h ./wolfssl/wolfcrypt/port/intel/quickassist.h
+    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/intel/quickassist_mem.h ./wolfssl/wolfcrypt/port/intel/quickassist_mem.h
+    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/cavium_nitrox.c ./wolfcrypt/src/port/cavium/cavium_nitrox.c
+    ln -s -f ../../../../${ASYNC_DIR}/wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h ./wolfssl/wolfcrypt/port/cavium/cavium_nitrox.h
+    ln -s -f ../../../../${ASYNC_DIR}/wolfcrypt/src/port/cavium/README.md ./wolfcrypt/src/port/cavium/README.md
+}
+
+function Install() {
+    if [ -d $ASYNC_DIR ];
+    then
+        echo "Using existing async repo"
+    else
+        # make a clone of the wolfAsyncCrypt repository
+        git clone --depth 1 $ASYNC_REPO $ASYNC_DIR
+    fi
+
+# setup auto-conf
+    ./autogen.sh
+    LinkFiles
+}
+
+function Uninstall() {
+    UnlinkFiles
+}
+
+function Test() {
+    Install
+    ./configure --enable-asynccrypt --enable-all
+    make check
+}
+
+function Remove() {
+    UnlinkFiles
+
+    rm -rf ${ASYNC_DIR}
 }
 
 if [ "$#" -gt 1 ]; then
@@ -66,19 +83,18 @@ if [ "$#" -gt 1 ]; then
     exit 1
 fi
 
-KEEP=no
-ONLY_SETUP=no
-
 case "x$1" in
-    "xkeep")
-        KEEP=yes
+    "xinstall")
+        Install
         ;;
-    "xclean")
-        CleanUp
-        exit 0
+    "xuninstall")
+        Uninstall
         ;;
-    "xsetup")
-        ONLY_SETUP=yes
+    "xremove")
+        Remove
+        ;;
+    "xtest")
+        Test
         ;;
     *)
         Usage
@@ -86,28 +102,3 @@ case "x$1" in
         ;;
 esac
 
-# Fail on any error in script from now on
-set -e
-
-if [ -d ./async ];
-then
-    echo "\n\nUsing existing async repo\n\n"
-else
-    # make a clone of the wolfAsyncCrypt repository
-    git clone --depth 1 $ASYNC_REPO async
-fi
-
-# setup auto-conf
-./autogen.sh
-LinkFiles
-if [ "x$ONLY_SETUP" == "xno" ];
-then
-    ./configure --enable-asynccrypt --enable-all
-    make check
-    # Clean up
-    if [ "x$KEEP" == "xno" ];
-    then
-        CleanUp
-    fi
-fi
-
diff --git a/extra/wolfssl/wolfssl/autogen.sh b/extra/wolfssl/wolfssl/autogen.sh
index c5d55d0d..d9ae0881 100755
--- a/extra/wolfssl/wolfssl/autogen.sh
+++ b/extra/wolfssl/wolfssl/autogen.sh
@@ -3,16 +3,44 @@
 # Create configure and makefile stuff...
 #
 
+# Check environment
+if [ -n "$WSL_DISTRO_NAME" ]; then
+    # we found a non-blank WSL environment distro name
+    current_path="$(pwd)"
+    pattern="/mnt/?"
+    if [ "$(echo "$current_path" | grep -E "^$pattern")" ]; then
+        # if we are in WSL and shared Windows file system, 'ln' does not work.
+        no_links=true
+    else
+        no_links=
+    fi
+fi
+
 # Git hooks should come before autoreconf.
 if [ -d .git ]; then
     if [ ! -d .git/hooks ]; then
         mkdir .git/hooks || exit $?
     fi
-    if [ ! -e .git/hooks/pre-commit ]; then
-        ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
-    fi
-    if [ ! -e .git/hooks/pre-push ]; then
-        ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
+
+    if [ -n "$no_links" ]; then
+        echo "Linux ln does not work on shared Windows file system in WSL."
+        if [ ! -e .git/hooks/pre-commit ]; then
+            echo "The pre-commit.sh file will not be copied to .git/hooks/pre-commit"
+            # shell scripts do not work on Windows; TODO create equivalent batch file
+            # cp ./pre-commit.sh .git/hooks/pre-commit || exit $?
+        fi
+        if [ ! -e .git/hooks/pre-push ]; then
+            echo "The pre-push.sh file will not be copied to .git/hooks/pre-commit"
+            # shell scripts do not work on Windows; TODO create equivalent batch file
+            # cp ./pre-push.sh .git/hooks/pre-push || exit $?
+        fi
+    else
+        if [ ! -e .git/hooks/pre-commit ]; then
+            ln -s ../../pre-commit.sh .git/hooks/pre-commit || exit $?
+        fi
+        if [ ! -e .git/hooks/pre-push ]; then
+            ln -s ../../pre-push.sh .git/hooks/pre-push || exit $?
+        fi
     fi
 fi
 
@@ -30,8 +58,6 @@ done
 
 for file in \
         ./wolfssl/options.h \
-        ./ctaocrypt/src/fips.c \
-        ./ctaocrypt/src/fips_test.c \
         ./wolfcrypt/src/fips.c \
         ./wolfcrypt/src/fips_test.c \
         ./wolfcrypt/src/wolfcrypt_first.c \
diff --git a/extra/wolfssl/wolfssl/certs/1024/ca-cert.der b/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
index 938b5518..3324aee9 100644
--- a/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/ca-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem b/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
index 4a899b94..2bc54e6f 100644
--- a/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/ca-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            0e:75:3b:39:ad:1f:53:d1:85:3b:05:3b:11:62:4f:dc:7b:11:72:11
+            5c:44:2b:bf:d3:a8:2a:d8:fd:54:c9:cd:aa:7f:f7:d4:59:07:aa:dd
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -29,7 +29,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+                serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -38,20 +38,20 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         b8:80:bf:b2:f5:83:95:51:81:6a:7e:41:87:29:d7:c3:c9:c6:
-         9b:60:e4:65:a1:04:97:1d:1b:3b:e9:27:fa:43:d6:89:6a:3c:
-         9e:bf:28:d1:75:37:21:f3:0d:64:17:b2:a3:2d:83:52:ff:57:
-         f0:42:a9:48:aa:d8:84:ea:0d:80:05:71:0a:aa:23:b4:6c:c6:
-         d6:7f:13:4a:f4:82:b9:e2:81:ae:46:8c:59:fb:c3:8c:6d:5b:
-         f3:32:ec:86:f0:6e:da:2a:78:ab:f2:36:fb:48:fa:74:09:0e:
-         19:c2:bf:eb:cc:fb:a9:05:c1:c9:e1:ab:8b:79:f6:f1:ad:4a:
-         9f:aa
+         70:7d:83:94:d0:ee:e1:19:8b:17:ca:79:87:12:5b:7f:70:a3:
+         51:20:4f:21:99:71:69:21:28:55:61:70:85:54:21:a9:70:a2:
+         a9:12:db:44:11:44:e7:41:00:70:80:b5:37:0c:7e:78:8f:88:
+         64:bc:e5:c0:44:a7:a5:3d:db:62:c4:d6:cd:aa:4b:ac:fb:01:
+         46:bb:ec:cb:6f:01:67:b4:65:f3:5e:53:39:64:99:9b:68:80:
+         14:91:a4:a4:eb:04:f3:76:9a:7d:b4:38:05:9c:a5:e0:bc:7e:
+         d9:d2:d3:d4:e8:c3:9f:38:4b:6c:29:94:be:35:bd:30:1f:b5:
+         b7:3d
 -----BEGIN CERTIFICATE-----
-MIIECTCCA3KgAwIBAgIUDnU7Oa0fU9GFOwU7EWJP3HsRchEwDQYJKoZIhvcNAQEL
+MIIECTCCA3KgAwIBAgIUXEQrv9OoKtj9VMnNqn/31FkHqt0wDQYJKoZIhvcNAQEL
 BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
 MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+Zm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCB
 mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -63,10 +63,10 @@ Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9
 ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx
 EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D
 b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUDnU7Oa0fU9GFOwU7EWJP3HsRchEw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUXEQrv9OoKtj9VMnNqn/31FkHqt0w
 DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAuIC/
-svWDlVGBan5BhynXw8nGm2DkZaEElx0bO+kn+kPWiWo8nr8o0XU3IfMNZBeyoy2D
-Uv9X8EKpSKrYhOoNgAVxCqojtGzG1n8TSvSCueKBrkaMWfvDjG1b8zLshvBu2ip4
-q/I2+0j6dAkOGcK/68z7qQXByeGri3n28a1Kn6o=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAcH2D
+lNDu4RmLF8p5hxJbf3CjUSBPIZlxaSEoVWFwhVQhqXCiqRLbRBFE50EAcIC1Nwx+
+eI+IZLzlwESnpT3bYsTWzapLrPsBRrvsy28BZ7Rl815TOWSZm2iAFJGkpOsE83aa
+fbQ4BZyl4Lx+2dLT1OjDnzhLbCmUvjW9MB+1tz0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/1024/client-cert.der b/extra/wolfssl/wolfssl/certs/1024/client-cert.der
index 9fc0d288..898d298e 100644
--- a/extra/wolfssl/wolfssl/certs/1024/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/client-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/1024/client-cert.pem b/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
index 92a88b67..b78c3834 100644
--- a/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            41:1f:ec:cf:49:20:14:81:dc:ab:32:02:01:6a:cd:18:bd:f5:e3:53
+            59:f2:ea:44:08:b5:12:30:a0:96:93:d1:d1:7f:e1:ec:49:75:9b:a2
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_1024, OU = Programming-1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -29,7 +29,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_1024/OU=Programming-1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:41:1F:EC:CF:49:20:14:81:DC:AB:32:02:01:6A:CD:18:BD:F5:E3:53
+                serial:59:F2:EA:44:08:B5:12:30:A0:96:93:D1:D1:7F:E1:EC:49:75:9B:A2
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -38,21 +38,21 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         64:0e:1b:a2:b2:39:cc:df:9c:63:48:4b:58:2c:e5:af:e2:ba:
-         d2:74:37:f8:a0:c8:2f:62:36:84:49:55:d6:8d:2b:4d:96:4f:
-         b4:2e:83:f9:00:e8:cb:7e:04:f1:19:f2:00:24:0d:2b:ba:30:
-         89:7f:8a:e3:64:e2:d5:1b:5a:0a:9d:26:db:e8:6a:60:c2:79:
-         aa:ad:8d:f1:1c:2a:33:d4:66:42:98:7a:94:d4:b7:2d:0b:cb:
-         f5:b5:62:ae:e1:88:47:ad:ee:8d:32:b5:60:1a:5b:a1:d3:a1:
-         58:cc:0c:40:30:0d:05:cb:4b:d2:e1:d7:ca:63:de:a8:78:56:
-         96:e7
+         45:63:6f:f9:ed:f4:12:3c:3c:c5:2c:51:08:94:61:7e:08:e8:
+         32:46:2b:22:02:d0:e8:2b:a4:23:15:48:47:87:5d:72:ab:38:
+         d5:34:b9:fc:f4:86:93:49:95:d8:81:32:1c:21:e3:ef:b8:40:
+         c5:87:02:e8:28:aa:54:93:2d:8a:e9:1e:dd:5d:11:f8:bf:ca:
+         4e:33:20:56:4e:6f:53:bb:79:b0:da:65:a1:4b:9f:c8:55:fa:
+         53:26:84:c6:1e:0a:5e:7a:6e:f2:2d:2a:81:a5:d0:2b:ec:d5:
+         8e:b9:f0:c7:57:d7:d6:14:1a:3b:dc:09:41:b4:9d:0d:72:20:
+         44:79
 -----BEGIN CERTIFICATE-----
-MIIEGDCCA4GgAwIBAgIUQR/sz0kgFIHcqzICAWrNGL3141MwDQYJKoZIhvcNAQEL
+MIIEGDCCA4GgAwIBAgIUWfLqRAi1EjCglpPR0X/h7El1m6IwDQYJKoZIhvcNAQEL
 BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEwMjQxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8xMDI0MRkwFwYDVQQLDBBQcm9ncmFt
 bWluZy0xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
@@ -63,10 +63,10 @@ BgNVHQ4EFgQUgWkP+N/dzzQp1Wd1cYXHdRBpWewwgd4GA1UdIwSB1jCB04AUgWkP
 +N/dzzQp1Wd1cYXHdRBpWeyhgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzEw
 MjQxGTAXBgNVBAsMEFByb2dyYW1taW5nLTEwMjQxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUQR/sz0kg
-FIHcqzICAWrNGL3141MwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUWfLqRAi1
+EjCglpPR0X/h7El1m6IwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
 LmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZI
-hvcNAQELBQADgYEAZA4borI5zN+cY0hLWCzlr+K60nQ3+KDIL2I2hElV1o0rTZZP
-tC6D+QDoy34E8RnyACQNK7owiX+K42Ti1RtaCp0m2+hqYMJ5qq2N8RwqM9RmQph6
-lNS3LQvL9bViruGIR63ujTK1YBpbodOhWMwMQDANBctL0uHXymPeqHhWluc=
+hvcNAQELBQADgYEARWNv+e30Ejw8xSxRCJRhfgjoMkYrIgLQ6CukIxVIR4ddcqs4
+1TS5/PSGk0mV2IEyHCHj77hAxYcC6CiqVJMtiuke3V0R+L/KTjMgVk5vU7t5sNpl
+oUufyFX6UyaExh4KXnpu8i0qgaXQK+zVjrnwx1fX1hQaO9wJQbSdDXIgRHk=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/1024/server-cert.der b/extra/wolfssl/wolfssl/certs/1024/server-cert.der
index fb421b0c..f4faeb58 100644
--- a/extra/wolfssl/wolfssl/certs/1024/server-cert.der
+++ b/extra/wolfssl/wolfssl/certs/1024/server-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/1024/server-cert.pem b/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
index 296df820..0c0fc714 100644
--- a/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/1024/server-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -28,7 +28,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+                serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -37,20 +37,20 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         c0:94:34:0d:41:a3:03:17:05:08:d9:54:d9:a2:f0:e9:22:58:
-         25:50:10:6d:da:09:2d:7d:fc:0d:c0:13:35:0e:96:7f:1e:38:
-         a1:11:97:42:df:83:07:05:ce:d6:de:90:22:ab:0f:6d:56:90:
-         02:9a:a5:cf:5a:9b:96:66:0f:71:ed:b2:72:7a:e4:9d:61:9f:
-         2a:45:b8:51:b9:a6:ee:d6:73:2a:03:f4:03:32:6e:19:6e:70:
-         48:6b:72:29:30:19:87:06:30:d6:2f:19:f5:39:78:2f:2f:c2:
-         49:38:5a:d8:38:06:f9:fe:bf:45:ea:7b:e6:7b:a6:0b:b5:ba:
-         06:80
+         35:2e:7b:57:7b:64:70:53:e0:81:ed:f4:ac:b3:3a:3b:ba:82:
+         8d:a2:31:d9:d4:ac:d1:8a:6d:35:41:15:b3:e8:06:91:ca:2a:
+         f7:ff:28:0e:3d:cd:e7:28:f0:07:c0:78:62:9e:88:3d:dc:98:
+         f0:8c:89:a7:1c:5b:77:37:b2:55:38:b2:60:42:e8:02:81:bf:
+         7c:c3:54:86:7e:e4:2f:7d:74:74:27:f7:9a:e2:8d:a9:2f:7c:
+         82:31:41:f1:cb:48:a0:05:00:26:3d:a4:6b:27:43:4c:3f:6f:
+         2f:41:2e:ee:ba:0d:8f:39:42:0d:2d:76:00:12:4c:f9:49:2d:
+         7f:ed
 -----BEGIN CERTIFICATE-----
 MIID8jCCA1ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0y
-MjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIGVMQswCQYDVQQGEwJVUzEQMA4G
+MzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5MjhaMIGVMQswCQYDVQQGEwJVUzEQMA4G
 A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29sZlNT
 TDEVMBMGA1UECwwMU3VwcG9ydF8xMDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
 b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wgZ8wDQYJKoZIhvcN
@@ -62,23 +62,23 @@ A1UdIwSB0TCBzoAU0yKPKCzgBe7T7cNxPcmyNjodv6ihgZ+kgZwwgZkxCzAJBgNV
 BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD
 VQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18xMDI0MRgwFgYDVQQD
 DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b22CFA51OzmtH1PRhTsFOxFiT9x7EXIRMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUw
+b22CFFxEK7/TqCrY/VTJzap/99RZB6rdMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUw
 E4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
-BwMCMA0GCSqGSIb3DQEBCwUAA4GBAMCUNA1BowMXBQjZVNmi8OkiWCVQEG3aCS19
-/A3AEzUOln8eOKERl0LfgwcFztbekCKrD21WkAKapc9am5ZmD3HtsnJ65J1hnypF
-uFG5pu7WcyoD9AMybhlucEhrcikwGYcGMNYvGfU5eC8vwkk4Wtg4Bvn+v0Xqe+Z7
-pgu1ugaA
+BwMCMA0GCSqGSIb3DQEBCwUAA4GBADUue1d7ZHBT4IHt9KyzOju6go2iMdnUrNGK
+bTVBFbPoBpHKKvf/KA49zeco8AfAeGKeiD3cmPCMiaccW3c3slU4smBC6AKBv3zD
+VIZ+5C99dHQn95rijakvfIIxQfHLSKAFACY9pGsnQ0w/by9BLu66DY85Qg0tdgAS
+TPlJLX/t
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            0e:75:3b:39:ad:1f:53:d1:85:3b:05:3b:11:62:4f:dc:7b:11:72:11
+            5c:44:2b:bf:d3:a8:2a:d8:fd:54:c9:cd:aa:7f:f7:d4:59:07:aa:dd
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting_1024, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -100,7 +100,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:D3:22:8F:28:2C:E0:05:EE:D3:ED:C3:71:3D:C9:B2:36:3A:1D:BF:A8
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting_1024/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:0E:75:3B:39:AD:1F:53:D1:85:3B:05:3B:11:62:4F:DC:7B:11:72:11
+                serial:5C:44:2B:BF:D3:A8:2A:D8:FD:54:C9:CD:AA:7F:F7:D4:59:07:AA:DD
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -109,20 +109,20 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         b8:80:bf:b2:f5:83:95:51:81:6a:7e:41:87:29:d7:c3:c9:c6:
-         9b:60:e4:65:a1:04:97:1d:1b:3b:e9:27:fa:43:d6:89:6a:3c:
-         9e:bf:28:d1:75:37:21:f3:0d:64:17:b2:a3:2d:83:52:ff:57:
-         f0:42:a9:48:aa:d8:84:ea:0d:80:05:71:0a:aa:23:b4:6c:c6:
-         d6:7f:13:4a:f4:82:b9:e2:81:ae:46:8c:59:fb:c3:8c:6d:5b:
-         f3:32:ec:86:f0:6e:da:2a:78:ab:f2:36:fb:48:fa:74:09:0e:
-         19:c2:bf:eb:cc:fb:a9:05:c1:c9:e1:ab:8b:79:f6:f1:ad:4a:
-         9f:aa
+         70:7d:83:94:d0:ee:e1:19:8b:17:ca:79:87:12:5b:7f:70:a3:
+         51:20:4f:21:99:71:69:21:28:55:61:70:85:54:21:a9:70:a2:
+         a9:12:db:44:11:44:e7:41:00:70:80:b5:37:0c:7e:78:8f:88:
+         64:bc:e5:c0:44:a7:a5:3d:db:62:c4:d6:cd:aa:4b:ac:fb:01:
+         46:bb:ec:cb:6f:01:67:b4:65:f3:5e:53:39:64:99:9b:68:80:
+         14:91:a4:a4:eb:04:f3:76:9a:7d:b4:38:05:9c:a5:e0:bc:7e:
+         d9:d2:d3:d4:e8:c3:9f:38:4b:6c:29:94:be:35:bd:30:1f:b5:
+         b7:3d
 -----BEGIN CERTIFICATE-----
-MIIECTCCA3KgAwIBAgIUDnU7Oa0fU9GFOwU7EWJP3HsRchEwDQYJKoZIhvcNAQEL
+MIIECTCCA3KgAwIBAgIUXEQrv9OoKtj9VMnNqn/31FkHqt0wDQYJKoZIhvcNAQEL
 BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDEYMBYGA1UECwwPQ29uc3VsdGluZ18x
 MDI0MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+Zm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCB
 mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9Db25zdWx0aW5nXzEwMjQx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -134,10 +134,10 @@ Io8oLOAF7tPtw3E9ybI2Oh2/qDCB2QYDVR0jBIHRMIHOgBTTIo8oLOAF7tPtw3E9
 ybI2Oh2/qKGBn6SBnDCBmTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmEx
 EDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRgwFgYDVQQLDA9D
 b25zdWx0aW5nXzEwMjQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUDnU7Oa0fU9GFOwU7EWJP3HsRchEw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUXEQrv9OoKtj9VMnNqn/31FkHqt0w
 DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAuIC/
-svWDlVGBan5BhynXw8nGm2DkZaEElx0bO+kn+kPWiWo8nr8o0XU3IfMNZBeyoy2D
-Uv9X8EKpSKrYhOoNgAVxCqojtGzG1n8TSvSCueKBrkaMWfvDjG1b8zLshvBu2ip4
-q/I2+0j6dAkOGcK/68z7qQXByeGri3n28a1Kn6o=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADgYEAcH2D
+lNDu4RmLF8p5hxJbf3CjUSBPIZlxaSEoVWFwhVQhqXCiqRLbRBFE50EAcIC1Nwx+
+eI+IZLzlwESnpT3bYsTWzapLrPsBRrvsy28BZ7Rl815TOWSZm2iAFJGkpOsE83aa
+fbQ4BZyl4Lx+2dLT1OjDnzhLbCmUvjW9MB+1tz0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/3072/client-cert.der b/extra/wolfssl/wolfssl/certs/3072/client-cert.der
index a3f98ceb..329d03cf 100644
--- a/extra/wolfssl/wolfssl/certs/3072/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/3072/client-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/3072/client-cert.pem b/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
index 27073a84..fbd8d99d 100644
--- a/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/3072/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            03:33:56:6e:5f:e0:69:69:99:6b:eb:d0:eb:47:cf:f2:05:3f:98:15
+            0b:5c:9f:12:25:90:aa:52:c0:df:e1:e1:1f:ed:a9:31:01:0a:09:8b
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_3072, OU = Programming-3072, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -46,7 +46,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:3D:D1:84:C2:AF:B0:20:49:BC:74:87:41:38:AB:BA:D2:D4:0C:A3:A8
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_3072/OU=Programming-3072/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:03:33:56:6E:5F:E0:69:69:99:6B:EB:D0:EB:47:CF:F2:05:3F:98:15
+                serial:0B:5C:9F:12:25:90:AA:52:C0:DF:E1:E1:1F:ED:A9:31:01:0A:09:8B
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -55,35 +55,35 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         90:e4:43:8e:be:9d:de:45:4e:df:df:8d:e7:7c:2d:1b:a9:1a:
-         ef:90:15:fb:d3:a9:99:a8:5b:d7:f9:b8:95:19:fe:e0:00:09:
-         c1:e3:e8:27:82:11:7c:39:23:92:38:45:86:6d:77:c2:83:8c:
-         1a:0f:4b:c5:94:0d:e9:17:28:8c:cf:8f:6d:e9:43:82:0f:31:
-         67:bb:d5:d7:3f:0b:ce:ce:22:f4:a8:5b:84:8d:fd:d2:cb:d6:
-         dc:ee:31:f3:e7:26:b7:58:6a:c5:9e:ff:89:5f:f6:70:fb:6b:
-         02:ba:79:6a:9a:12:1b:82:94:1b:02:22:30:7d:74:44:46:25:
-         85:a1:a8:7d:a0:ab:c3:a7:9e:08:a3:d7:5c:42:a2:af:96:42:
-         9c:76:9b:8d:ec:08:68:71:95:92:a5:b9:aa:12:f9:c5:62:ac:
-         8e:4f:df:cc:b7:53:e3:c4:70:74:9b:38:d2:e9:da:3f:ef:c4:
-         55:01:9a:b9:3e:c4:33:e7:33:db:0f:ba:55:84:0f:3c:4c:a5:
-         85:ec:5a:f2:98:75:e0:eb:47:b8:4b:d3:85:63:dc:b0:29:85:
-         51:62:bf:6a:61:9b:40:01:66:0d:72:42:bd:4f:e0:c6:31:a6:
-         06:df:c1:e9:8a:a0:57:c7:4d:4f:e7:c0:45:7f:7f:a7:53:ca:
-         90:1d:70:a8:46:95:99:ef:19:ee:e2:45:35:1a:dc:0d:cb:c3:
-         b0:d5:88:8b:b9:9f:b5:ea:c1:fe:5e:7a:c1:83:c8:74:f5:1a:
-         29:52:38:5d:14:ea:17:2d:39:f6:19:16:c4:91:b0:e7:18:36:
-         56:a0:64:75:8d:66:57:48:1b:38:f2:a0:01:b1:44:32:34:a5:
-         0e:bc:28:46:77:ed:65:c1:75:34:f8:06:12:45:1a:70:78:81:
-         d1:55:27:cf:ad:b3:d4:5a:97:43:88:02:bb:93:ba:17:42:51:
-         59:52:13:ec:fc:ef:6b:53:f7:f2:41:8a:42:06:56:e2:f4:97:
-         d2:22:31:02:2a:47
+         14:27:57:47:12:a4:78:a2:c9:dc:93:f8:47:ee:f4:fd:66:80:
+         13:43:9e:de:23:8c:f7:3f:fe:46:9c:85:58:2a:6f:8d:22:92:
+         8c:d6:36:ca:90:4f:45:c3:ab:78:ca:3c:fe:d0:f5:0f:6d:00:
+         fe:3b:42:b0:86:0b:75:f2:7c:d3:c7:db:0b:70:e8:ec:b7:bf:
+         26:30:a8:19:67:bd:74:03:cf:d1:08:8e:9c:d5:1b:45:28:b2:
+         67:8e:3a:a5:27:c9:1b:6a:e9:93:ce:94:c0:00:0c:e8:f1:76:
+         02:a4:30:72:a8:fd:55:1c:d1:b8:25:f1:62:f6:ba:28:fd:30:
+         b1:11:63:f7:b3:78:54:09:04:c1:66:12:c7:01:ae:99:e3:55:
+         c4:29:bd:1b:1a:da:b9:77:fd:04:db:b1:68:56:35:65:e1:aa:
+         67:c8:ac:be:e5:f8:27:fb:b4:51:4f:38:e5:de:09:a6:81:a9:
+         ef:dc:d6:4a:96:47:b8:38:14:f8:25:5d:ac:f3:e5:3b:f2:1b:
+         70:32:3b:2d:fa:20:ca:2e:a5:ca:13:9d:84:d2:d4:35:16:58:
+         6e:52:5e:09:61:83:c2:e2:56:2c:ab:52:bf:54:dc:bd:f3:bf:
+         a7:16:6e:0e:ca:68:54:d1:5c:4d:06:7a:93:47:1c:cc:a9:66:
+         da:69:0f:f9:1f:25:64:29:40:97:50:3b:cf:0c:50:9b:4d:ff:
+         60:bc:d3:e4:a0:b7:64:c6:66:2a:f6:02:e2:3f:92:31:3b:d7:
+         ea:1a:c3:1a:0c:19:88:ab:5f:74:b7:9d:7b:8d:4d:3a:84:43:
+         f2:67:b1:be:a0:9e:fd:3d:aa:c1:38:1a:df:ac:30:fe:63:69:
+         af:d6:f2:21:63:11:63:29:ac:63:9e:9f:9f:c4:53:b3:db:78:
+         c0:2d:79:68:1f:d2:d1:36:d1:fb:e3:c0:a7:31:eb:15:63:99:
+         0b:93:9d:87:c7:fe:56:5d:fc:e7:29:2a:9e:15:be:ef:54:e7:
+         0f:6d:9b:36:b6:17
 -----BEGIN CERTIFICATE-----
-MIIGHTCCBIWgAwIBAgIUAzNWbl/gaWmZa+vQ60fP8gU/mBUwDQYJKoZIhvcNAQEL
+MIIGHTCCBIWgAwIBAgIUC1yfEiWQqlLA3+HhH+2pMQEKCYswDQYJKoZIhvcNAQEL
 BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzMwNzIxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTMwNzIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8zMDcyMRkwFwYDVQQLDBBQcm9ncmFt
 bWluZy0zMDcyMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGK
@@ -100,15 +100,15 @@ qDCB3gYDVR0jBIHWMIHTgBQ90YTCr7AgSbx0h0E4q7rS1AyjqKGBpKSBoTCBnjEL
 MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
 FTATBgNVBAoMDHdvbGZTU0xfMzA3MjEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMzA3
 MjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tghQDM1ZuX+BpaZlr69DrR8/yBT+YFTAMBgNVHRMEBTADAQH/
+QHdvbGZzc2wuY29tghQLXJ8SJZCqUsDf4eEf7akxAQoJizAMBgNVHRMEBTADAQH/
 MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUF
-BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEAkORDjr6d3kVO39+N53wt
-G6ka75AV+9Opmahb1/m4lRn+4AAJwePoJ4IRfDkjkjhFhm13woOMGg9LxZQN6Rco
-jM+PbelDgg8xZ7vV1z8Lzs4i9KhbhI390svW3O4x8+cmt1hqxZ7/iV/2cPtrArp5
-apoSG4KUGwIiMH10REYlhaGofaCrw6eeCKPXXEKir5ZCnHabjewIaHGVkqW5qhL5
-xWKsjk/fzLdT48RwdJs40unaP+/EVQGauT7EM+cz2w+6VYQPPEylhexa8ph14OtH
-uEvThWPcsCmFUWK/amGbQAFmDXJCvU/gxjGmBt/B6YqgV8dNT+fARX9/p1PKkB1w
-qEaVme8Z7uJFNRrcDcvDsNWIi7mfterB/l56wYPIdPUaKVI4XRTqFy059hkWxJGw
-5xg2VqBkdY1mV0gbOPKgAbFEMjSlDrwoRnftZcF1NPgGEkUacHiB0VUnz62z1FqX
-Q4gCu5O6F0JRWVIT7Pzva1P38kGKQgZW4vSX0iIxAipH
+BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAYEAFCdXRxKkeKLJ3JP4R+70
+/WaAE0Oe3iOM9z/+RpyFWCpvjSKSjNY2ypBPRcOreMo8/tD1D20A/jtCsIYLdfJ8
+08fbC3Do7Le/JjCoGWe9dAPP0QiOnNUbRSiyZ446pSfJG2rpk86UwAAM6PF2AqQw
+cqj9VRzRuCXxYva6KP0wsRFj97N4VAkEwWYSxwGumeNVxCm9GxrauXf9BNuxaFY1
+ZeGqZ8isvuX4J/u0UU845d4JpoGp79zWSpZHuDgU+CVdrPPlO/IbcDI7Lfogyi6l
+yhOdhNLUNRZYblJeCWGDwuJWLKtSv1TcvfO/pxZuDspoVNFcTQZ6k0cczKlm2mkP
++R8lZClAl1A7zwxQm03/YLzT5KC3ZMZmKvYC4j+SMTvX6hrDGgwZiKtfdLede41N
+OoRD8mexvqCe/T2qwTga36ww/mNpr9byIWMRYymsY56fn8RTs9t4wC15aB/S0TbR
+++PApzHrFWOZC5Odh8f+Vl385ykqnhW+71TnD22bNrYX
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/4096/client-cert.der b/extra/wolfssl/wolfssl/certs/4096/client-cert.der
index 832d51e4..5a5a7eef 100644
--- a/extra/wolfssl/wolfssl/certs/4096/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/4096/client-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/4096/client-cert.pem b/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
index a2ee770d..e5739800 100644
--- a/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/4096/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            31:fe:22:af:75:2f:dc:63:bd:e4:94:f2:94:38:c3:0d:7d:9a:d1
+            2f:36:54:05:64:52:dd:0e:75:75:33:7c:b2:ce:9f:5c:48:9b:ab:0e
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_4096, OU = Programming-4096, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -55,7 +55,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:FA:54:89:67:E5:5F:B7:31:40:EA:FD:E7:F6:A3:C6:5A:56:16:A5:6E
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_4096/OU=Programming-4096/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:31:FE:22:AF:75:2F:DC:63:BD:E4:94:F2:94:38:C3:0D:7D:9A:D1
+                serial:2F:36:54:05:64:52:DD:0E:75:75:33:7C:B2:CE:9F:5C:48:9B:AB:0E
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -64,72 +64,73 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         dd:6b:7f:ca:dc:80:e0:6d:e2:5f:6c:32:01:2f:8f:3a:e9:41:
-         5f:35:c6:bb:a9:a5:84:57:ee:a4:21:4f:b3:b9:ae:24:dc:d1:
-         80:30:7a:2a:7f:7e:fc:6c:be:50:d3:5a:51:2d:e6:fd:15:db:
-         9d:ff:fa:ca:c0:cf:be:97:59:d0:83:20:ce:3a:d8:10:fe:41:
-         d5:a9:6b:19:e2:9f:28:fe:c0:21:75:47:46:94:31:6a:c4:c4:
-         52:3b:02:73:c4:47:2a:b5:ce:65:6d:58:c7:fa:3e:0a:6f:e1:
-         a8:a1:3b:33:8a:6f:ca:4a:ef:52:88:09:ca:b2:f2:1d:3d:69:
-         f5:5b:80:4f:29:66:b1:25:c7:eb:d1:bb:df:cf:91:c8:ce:58:
-         3b:9d:10:5b:8e:55:93:5a:32:ed:0b:c7:7f:c8:f5:f2:7f:0a:
-         ce:ad:bb:db:43:2a:92:f6:f2:a0:34:8e:7c:22:4a:5a:f9:84:
-         b0:88:e3:a4:2a:bf:23:3a:ec:aa:32:77:c9:ab:bc:4b:bb:82:
-         bc:c0:07:e6:fc:cf:33:72:8f:b2:4e:da:2b:7e:08:44:72:2b:
-         a0:c7:3a:7e:6f:b4:31:b1:3a:34:c3:5c:be:9c:85:d8:82:99:
-         35:92:b4:b4:31:24:31:df:fb:17:db:1d:3b:a7:d1:e2:a4:44:
-         c7:3f:6b:17:1c:32:cc:f9:48:f0:c0:38:45:e8:f5:84:6c:59:
-         29:5a:ec:38:43:10:97:67:76:b5:60:b7:8c:42:11:44:9a:62:
-         87:db:02:aa:e7:1e:ec:9f:6b:7f:c5:fa:9e:03:80:73:74:20:
-         e9:7a:e1:3f:49:41:bb:c4:9a:70:14:a1:13:2a:90:ef:06:cc:
-         9d:ba:32:94:8c:a9:95:45:a4:89:04:d2:68:b9:13:fd:73:43:
-         ea:c5:ee:7f:00:75:f0:ca:4d:91:d3:04:72:e6:af:c8:ad:43:
-         11:70:36:45:aa:b5:46:a6:bf:ac:6c:20:86:3e:5e:66:a5:15:
-         6a:a2:58:e6:6f:e8:ae:b4:1d:67:da:18:d6:ad:de:11:9c:f3:
-         d1:a4:06:3f:d5:01:fd:3d:b8:fd:14:0f:1a:e8:7e:b4:a3:2b:
-         8b:52:4c:71:72:5e:7c:9e:23:ff:50:83:7d:5b:ec:60:d5:ad:
-         a5:44:0b:dd:66:cc:a5:f8:0c:65:db:b2:76:1e:1c:01:87:cb:
-         1c:76:17:5d:12:cd:28:dc:20:e0:3a:c8:65:fe:dd:e3:bc:6a:
-         8b:24:6b:86:a7:2d:bc:4f:26:3f:d7:3f:04:bf:a4:5d:06:52:
-         b5:e4:fd:85:b0:2c:52:ac:99:49:ef:56:76:2a:7c:e3:d8:8e:
-         e4:eb:b2:db:c1:54:20:64
+         c2:72:38:27:f0:5c:45:04:4b:09:0e:5d:98:6e:38:6a:bc:fb:
+         a8:85:4f:f2:04:38:63:4f:86:4f:3c:f5:fd:f8:cd:89:09:76:
+         72:47:97:df:f8:17:6a:81:3a:b2:b4:fc:ac:e9:fc:e2:47:9b:
+         07:6d:9c:53:ed:d8:64:bc:6c:4d:a9:bd:3e:5e:cd:61:bc:8e:
+         82:20:b2:50:bc:9e:72:e6:9f:40:ff:6c:4b:38:f8:4b:82:0f:
+         7e:49:cd:45:5c:cd:44:de:47:25:b3:57:d0:1a:0d:8d:4d:c7:
+         ea:23:fa:03:e8:86:d8:37:89:84:2e:e8:53:7a:77:be:94:ec:
+         70:e7:c4:7b:8f:6f:28:67:33:89:ec:c9:df:98:6d:4a:d9:c6:
+         7b:d3:b5:82:d0:8a:ce:8f:06:bf:a2:f7:de:4a:45:22:6f:ff:
+         41:6f:08:f5:c3:65:25:27:fb:43:3e:cc:25:0a:d3:3d:d2:34:
+         9f:89:6b:e2:97:9c:42:d9:3e:64:03:45:5f:07:95:ed:1a:70:
+         6a:be:3e:7f:7f:16:be:47:a6:6d:3b:0d:27:b3:89:b1:f1:f6:
+         ce:99:71:18:b6:c0:c5:9e:76:7a:8e:fb:4a:be:4f:cd:bc:21:
+         a9:4e:9c:fc:48:86:ff:e4:63:14:96:3a:eb:c8:48:ae:27:bd:
+         43:0c:27:85:e1:25:1a:69:48:6c:e7:11:f8:f3:68:9d:ee:15:
+         1a:be:ad:46:33:24:3d:be:b8:0e:6e:4d:ef:12:b6:ae:1b:88:
+         bd:0e:a6:ff:91:08:dc:ed:af:fa:13:2b:f2:b4:2c:ea:72:c2:
+         85:d6:ee:64:09:e1:4e:1a:5a:bd:c2:44:c2:95:82:59:0a:d8:
+         27:bc:48:4a:8a:a3:c3:77:ac:92:b6:8b:0b:13:e2:87:ec:21:
+         7e:7e:52:29:51:5c:59:e1:c8:db:05:ce:9e:f4:36:d8:63:42:
+         45:71:9a:ee:0e:24:b0:ba:a5:a5:aa:c9:ee:9e:a3:e3:e9:7f:
+         c6:64:6c:9e:65:78:88:f2:61:6f:d3:3b:9e:0d:16:fa:ad:c2:
+         58:ac:bc:14:b1:f7:6f:db:b9:7e:79:81:f1:f8:e9:41:5b:fe:
+         d9:e2:89:86:5c:01:03:5d:0c:d9:a9:d6:df:4b:26:5c:ae:e6:
+         df:b5:c9:f0:86:ca:7b:80:db:6a:86:fd:a9:00:46:32:39:5a:
+         72:c4:67:20:db:d8:7a:5d:2d:78:b9:a7:de:7f:f4:7a:5b:0f:
+         38:b0:9e:1a:ae:c5:cc:ff:61:5e:ec:f1:0d:f7:0a:22:bb:cb:
+         08:2b:91:58:77:1f:90:2b:a3:78:be:ef:4d:d8:8d:e8:f7:31:
+         f8:92:84:e5:b2:2a:e8:3a
 -----BEGIN CERTIFICATE-----
-MIIHGzCCBQOgAwIBAgITMf4ir3Uv3GO95JTylDjDDX2a0TANBgkqhkiG9w0BAQsF
-ADCBnjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
-emVtYW4xFTATBgNVBAoMDHdvbGZTU0xfNDA5NjEZMBcGA1UECwwQUHJvZ3JhbW1p
-bmctNDA5NjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+MIIHHTCCBQWgAwIBAgIULzZUBWRS3Q51dTN8ss6fXEibqw4wDQYJKoZIhvcNAQEL
+BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzQwOTYxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTQwOTYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAPXQMeRxWVizB1DdFnn8xpVQ/EYOVxKGcY3jm0oz6k/ZFxNtSGnfWREIAp2v
-K8cwvgzch9RaEgkjXeF2WmI3RnTvAwW7Hm0pdWwunYcNj4fLFJWbvhdrUdFM2teR
-ZsU26+AHGnZNsPvB9V4F27rLJdmZExzANdxA6TbNxNV6QXAPNuulThcF1XUbZGJ6
-Pw0oSGrjrJyoj+nt980koLGgA6zjA/U/0Zb/Kn4IsdPgGBTsZTdQQ8JqjPRb/sTL
-jT+BAvfC3eTBjoAMBCUtgFouDyI1SvSF7VHYq22PojskAG6B4h521qwxEtvzjgeh
-3olKOWB3xarxUeYG8ZVWKuGOkjCf/lhErEby/Zr8qB2h01U3Sov8nDP4p2FIQXyc
-dz/1gCN9Q7TViArJdddEGU13bAsKSaocL9ZaRKZHTeU2lkCZLFYmsfKSMVnXLNS0
-IdZlEws++/8E67mFudjYKE9cF5ajUb7+fQsbSEAldpTcQfu/c3ba67Ni58HIVGqT
-4Y0x6D4+37yHAjAiV8TgGHrTruQCm6q9TklHcumNEy1UmwCnkWFxycxIT+7fXhsa
-32fTIOZERZh+5w5jFoPJJl2QweUqXEVUE7KBGAYgLi5mWrV7btYMTokBVnC7rt7p
-mV7RuTq3bBe2A6kI3Zz0FMnJWTly1H4CNzHNDqc9+PLPaxWrAgMBAAGjggFOMIIB
-SjAdBgNVHQ4EFgQU+lSJZ+VftzFA6v3n9qPGWlYWpW4wgd0GA1UdIwSB1TCB0oAU
-+lSJZ+VftzFA6v3n9qPGWlYWpW6hgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYD
-VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NM
-XzQwOTYxGTAXBgNVBAsMEFByb2dyYW1taW5nLTQwOTYxGDAWBgNVBAMMD3d3dy53
-b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYITMf4i
-r3Uv3GO95JTylDjDDX2a0TAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1w
-bGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkq
-hkiG9w0BAQsFAAOCAgEA3Wt/ytyA4G3iX2wyAS+POulBXzXGu6mlhFfupCFPs7mu
-JNzRgDB6Kn9+/Gy+UNNaUS3m/RXbnf/6ysDPvpdZ0IMgzjrYEP5B1alrGeKfKP7A
-IXVHRpQxasTEUjsCc8RHKrXOZW1Yx/o+Cm/hqKE7M4pvykrvUogJyrLyHT1p9VuA
-TylmsSXH69G738+RyM5YO50QW45Vk1oy7QvHf8j18n8Kzq2720MqkvbyoDSOfCJK
-WvmEsIjjpCq/IzrsqjJ3yau8S7uCvMAH5vzPM3KPsk7aK34IRHIroMc6fm+0MbE6
-NMNcvpyF2IKZNZK0tDEkMd/7F9sdO6fR4qRExz9rFxwyzPlI8MA4Rej1hGxZKVrs
-OEMQl2d2tWC3jEIRRJpih9sCquce7J9rf8X6ngOAc3Qg6XrhP0lBu8SacBShEyqQ
-7wbMnboylIyplUWkiQTSaLkT/XND6sXufwB18MpNkdMEcuavyK1DEXA2Raq1Rqa/
-rGwghj5eZqUVaqJY5m/orrQdZ9oY1q3eEZzz0aQGP9UB/T24/RQPGuh+tKMri1JM
-cXJefJ4j/1CDfVvsYNWtpUQL3WbMpfgMZduydh4cAYfLHHYXXRLNKNwg4DrIZf7d
-47xqiyRrhqctvE8mP9c/BL+kXQZSteT9hbAsUqyZSe9Wdip849iO5Ouy28FUIGQ=
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF80MDk2MRkwFwYDVQQLDBBQcm9ncmFt
+bWluZy00MDk2MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
+CQEWEGluZm9Ad29sZnNzbC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQD10DHkcVlYswdQ3RZ5/MaVUPxGDlcShnGN45tKM+pP2RcTbUhp31kRCAKd
+ryvHML4M3IfUWhIJI13hdlpiN0Z07wMFux5tKXVsLp2HDY+HyxSVm74Xa1HRTNrX
+kWbFNuvgBxp2TbD7wfVeBdu6yyXZmRMcwDXcQOk2zcTVekFwDzbrpU4XBdV1G2Ri
+ej8NKEhq46ycqI/p7ffNJKCxoAOs4wP1P9GW/yp+CLHT4BgU7GU3UEPCaoz0W/7E
+y40/gQL3wt3kwY6ADAQlLYBaLg8iNUr0he1R2Kttj6I7JABugeIedtasMRLb844H
+od6JSjlgd8Wq8VHmBvGVVirhjpIwn/5YRKxG8v2a/KgdodNVN0qL/Jwz+KdhSEF8
+nHc/9YAjfUO01YgKyXXXRBlNd2wLCkmqHC/WWkSmR03lNpZAmSxWJrHykjFZ1yzU
+tCHWZRMLPvv/BOu5hbnY2ChPXBeWo1G+/n0LG0hAJXaU3EH7v3N22uuzYufByFRq
+k+GNMeg+Pt+8hwIwIlfE4Bh6067kApuqvU5JR3LpjRMtVJsAp5FhccnMSE/u314b
+Gt9n0yDmREWYfucOYxaDySZdkMHlKlxFVBOygRgGIC4uZlq1e27WDE6JAVZwu67e
+6Zle0bk6t2wXtgOpCN2c9BTJyVk5ctR+AjcxzQ6nPfjyz2sVqwIDAQABo4IBTzCC
+AUswHQYDVR0OBBYEFPpUiWflX7cxQOr95/ajxlpWFqVuMIHeBgNVHSMEgdYwgdOA
+FPpUiWflX7cxQOr95/ajxlpWFqVuoYGkpIGhMIGeMQswCQYDVQQGEwJVUzEQMA4G
+A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwMd29sZlNT
+TF80MDk2MRkwFwYDVQQLDBBQcm9ncmFtbWluZy00MDk2MRgwFgYDVQQDDA93d3cu
+d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFC82
+VAVkUt0OdXUzfLLOn1xIm6sOMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhh
+bXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0G
+CSqGSIb3DQEBCwUAA4ICAQDCcjgn8FxFBEsJDl2YbjhqvPuohU/yBDhjT4ZPPPX9
++M2JCXZyR5ff+BdqgTqytPys6fziR5sHbZxT7dhkvGxNqb0+Xs1hvI6CILJQvJ5y
+5p9A/2xLOPhLgg9+Sc1FXM1E3kcls1fQGg2NTcfqI/oD6IbYN4mELuhTene+lOxw
+58R7j28oZzOJ7MnfmG1K2cZ707WC0IrOjwa/ovfeSkUib/9Bbwj1w2UlJ/tDPswl
+CtM90jSfiWvil5xC2T5kA0VfB5XtGnBqvj5/fxa+R6ZtOw0ns4mx8fbOmXEYtsDF
+nnZ6jvtKvk/NvCGpTpz8SIb/5GMUljrryEiuJ71DDCeF4SUaaUhs5xH482id7hUa
+vq1GMyQ9vrgObk3vErauG4i9Dqb/kQjc7a/6EyvytCzqcsKF1u5kCeFOGlq9wkTC
+lYJZCtgnvEhKiqPDd6yStosLE+KH7CF+flIpUVxZ4cjbBc6e9DbYY0JFcZruDiSw
+uqWlqsnunqPj6X/GZGyeZXiI8mFv0zueDRb6rcJYrLwUsfdv27l+eYHx+OlBW/7Z
+4omGXAEDXQzZqdbfSyZcrubftcnwhsp7gNtqhv2pAEYyOVpyxGcg29h6XS14uafe
+f/R6Ww84sJ4arsXM/2Fe7PEN9woiu8sIK5FYdx+QK6N4vu9N2I3o9zH4koTlsiro
+Og==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert-chain.der b/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
index 39a0ced3..199c049e 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
+++ b/extra/wolfssl/wolfssl/certs/ca-cert-chain.der
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert.der b/extra/wolfssl/wolfssl/certs/ca-cert.der
index 1cf7e365..bdb2f876 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ca-cert.pem b/extra/wolfssl/wolfssl/certs/ca-cert.pem
index 58688a0e..33d90791 100644
--- a/extra/wolfssl/wolfssl/certs/ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -47,27 +47,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -82,12 +82,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
index c1c874f7..bc9abe25 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
index e4e4c7c5..d088d30a 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            65:67:42:4c:06:e7:e4:c3:68:01:a9:94:a9:07:e6:fe:bd:2c:d6:3d
+            0f:17:46:70:fd:c2:70:d1:f9:42:49:9c:1a:c3:5d:dd:30:c8:5f:85
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -31,16 +31,16 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:b0:12:16:03:26:79:d4:6b:94:d9:7e:ca:e1:
-         2d:24:64:ef:11:6e:f2:12:81:e4:ce:1d:77:7d:ca:5c:47:50:
-         62:02:21:00:80:bf:46:3c:5d:d8:e5:ab:47:ce:a2:19:bd:21:
-         de:85:6f:ab:c9:8f:01:f3:ab:1b:b9:e1:53:d6:24:77:a6:4d
+         30:45:02:21:00:c8:64:7f:ee:4b:be:83:48:13:ea:92:f8:1a:
+         82:1e:85:b1:5a:a4:1c:e3:e8:ea:25:44:6f:e7:70:fd:eb:f3:
+         76:02:20:44:02:a2:ec:c5:a1:ae:e2:a4:8a:d9:13:95:2b:a6:
+         5b:09:57:86:61:42:96:97:f0:95:62:0c:03:e6:53:04:25
 -----BEGIN CERTIFICATE-----
-MIICljCCAjugAwIBAgIUZWdCTAbn5MNoAamUqQfm/r0s1j0wCgYIKoZIzj0EAwIw
+MIIClTCCAjugAwIBAgIUDxdGcP3CcNH5QkmcGsNd3TDIX4UwCgYIKoZIzj0EAwIw
 gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZcxCzAJ
 BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
 MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
 AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -48,6 +48,6 @@ Y29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAtPZbtYBjkXIuZAx5cBM456t
 KTiYuhDW6QkqgKkuFyq5ir8zg0bjlQvkd0C1O0NFMw9hU3w3RMHL/IDK6EPqp6Nj
 MGEwHQYDVR0OBBYEFFaOmsPwQt4YuUVVbvmTz+rD86UhMB8GA1UdIwQYMBaAFFaO
 msPwQt4YuUVVbvmTz+rD86UhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgGGMAoGCCqGSM49BAMCA0kAMEYCIQCwEhYDJnnUa5TZfsrhLSRk7xFu8hKB5M4d
-d33KXEdQYgIhAIC/Rjxd2OWrR86iGb0h3oVvq8mPAfOrG7nhU9Ykd6ZN
+AgGGMAoGCCqGSM49BAMCA0gAMEUCIQDIZH/uS76DSBPqkvgagh6FsVqkHOPo6iVE
+b+dw/evzdgIgRAKi7MWhruKkitkTlSumWwlXhmFClpfwlWIMA+ZTBCU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
index a159e8a6..6897c683 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
index 112ff080..a103a367 100644
--- a/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ca-ecc384-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            0a:f8:c7:ee:86:55:2f:18:21:bf:88:49:50:03:5a:fc:2d:93:31:0a
+            2e:ea:f0:11:40:1e:ad:fa:a7:85:68:65:7a:25:2b:13:b7:61:d7:80
         Signature Algorithm: ecdsa-with-SHA384
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -33,18 +33,18 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA384
-         30:64:02:30:03:31:8c:d3:04:f5:b2:bf:bd:a2:27:6a:ff:dd:
-         7f:bd:88:d5:3e:09:9a:cf:da:79:95:6b:32:6f:fa:98:d8:48:
-         8b:99:91:fe:39:9e:7b:35:2c:78:32:ba:a3:0b:65:1c:02:30:
-         3e:6a:10:8c:57:47:85:73:3c:eb:2a:02:b2:27:62:1f:44:52:
-         2b:b1:34:3f:9c:78:70:0a:59:01:3e:ad:c0:08:bc:d5:d1:a6:
-         c0:dd:2c:8b:2a:8b:f4:04:ad:d3:01:e6
+         30:65:02:31:00:bd:2e:67:71:54:be:b8:5e:29:19:d3:18:f7:
+         e1:ae:79:f0:cc:09:c3:91:c0:81:ab:d7:b7:21:f8:4f:da:bc:
+         ad:0e:fc:3d:54:32:21:3a:67:c5:26:35:e9:33:b2:58:d2:02:
+         30:64:2f:fb:10:d0:65:b5:ac:bb:b3:41:64:24:eb:0a:6b:ae:
+         a4:ed:3e:c8:62:81:45:97:92:ad:61:eb:69:54:ce:42:83:bb:
+         68:23:20:f7:b2:5a:55:0c:d4:e6:13:42:61
 -----BEGIN CERTIFICATE-----
-MIIC0TCCAligAwIBAgIUCvjH7oZVLxghv4hJUANa/C2TMQowCgYIKoZIzj0EAwMw
+MIIC0jCCAligAwIBAgIULurwEUAerfqnhWhleiUrE7dh14AwCgYIKoZIzj0EAwMw
 gZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZcxCzAJ
 BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
 MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UE
 AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -52,8 +52,8 @@ Y29tMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE7oLUOZqxJ4L01+rGvAMdTYNh9AOu
 fr3YWqW58I6ipdrOhztaq0QWnPWfYt32IM2cdjxAsT+XF99Z9s3ezUY1wO1eLki2
 ZpFxdLcMP7mat4O9kz9fUC1wP941JeGQO4bgo2MwYTAdBgNVHQ4EFgQUq+DDJkwY
 1HK70oSMnAoFkoASU1IwHwYDVR0jBBgwFoAUq+DDJkwY1HK70oSMnAoFkoASU1Iw
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDZwAw
-ZAIwAzGM0wT1sr+9oidq/91/vYjVPgmaz9p5lWsyb/qY2EiLmZH+OZ57NSx4Mrqj
-C2UcAjA+ahCMV0eFczzrKgKyJ2IfRFIrsTQ/nHhwClkBPq3ACLzV0abA3SyLKov0
-BK3TAeY=
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAw
+ZQIxAL0uZ3FUvrheKRnTGPfhrnnwzAnDkcCBq9e3IfhP2rytDvw9VDIhOmfFJjXp
+M7JY0gIwZC/7ENBltay7s0FkJOsKa66k7T7IYoFFl5KtYetpVM5Cg7toIyD3slpV
+DNTmE0Jh
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem b/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
index 657abd66..6393b355 100644
--- a/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
+++ b/extra/wolfssl/wolfssl/certs/client-absolute-urn.pem
@@ -2,16 +2,16 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            69:47:62:4d:e0:35:e0:a0:bb:c5:b4:2d:33:e4:05:d1:02:16:bc:81
+            5a:3e:54:33:b4:88:fe:ad:22:40:07:62:9b:28:b1:56:7b:af:a6:eb
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = ABSOLUTE_URN, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Mar 16 21:46:10 2023 GMT
-            Not After : Dec 10 21:46:10 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = ABSOLUTE_URN, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
+                RSA Public-Key: (2048 bit)
                 Modulus:
                     00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
                     2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
@@ -38,34 +38,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=ABSOLUTE_URN/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:69:47:62:4D:E0:35:E0:A0:BB:C5:B4:2D:33:E4:05:D1:02:16:BC:81
+                serial:5A:3E:54:33:B4:88:FE:AD:22:40:07:62:9B:28:B1:56:7B:AF:A6:EB
+
             X509v3 Basic Constraints: 
                 CA:FALSE
             X509v3 Subject Alternative Name: 
                 URI:urn:example:test
     Signature Algorithm: sha256WithRSAEncryption
-    Signature Value:
-        79:d1:97:51:a7:36:84:1b:35:b0:e0:e9:00:b4:af:8c:d1:1f:
-        8e:d0:db:37:9f:fe:7e:93:d0:0a:55:34:a3:70:8d:f0:de:84:
-        3a:94:f0:e1:a8:6c:4b:9c:fc:19:84:aa:d9:80:81:71:10:a6:
-        73:80:60:7b:9b:0a:4b:df:e9:85:c2:f5:03:1a:54:99:4d:21:
-        88:aa:f7:8f:fc:39:6e:a6:2e:70:39:57:0c:f2:8d:04:ec:54:
-        f7:18:f7:4c:86:e8:34:a6:63:7c:c0:d3:d5:99:44:38:64:30:
-        0c:c6:cc:0a:a4:8e:4c:dd:9b:c4:12:11:f9:04:c5:a9:f5:db:
-        9a:bb:39:29:cf:cd:b0:ab:1e:9a:5b:90:56:30:6f:01:75:87:
-        c8:ce:df:2a:43:db:5d:6c:1c:52:3b:69:23:d4:2d:8a:c5:90:
-        9f:f9:06:c1:df:d0:7e:28:52:2d:2b:ec:5d:d2:a0:5c:e3:7f:
-        18:cc:65:8a:8a:c2:1e:8b:c7:8e:2c:05:19:49:72:f4:3e:43:
-        d8:43:9f:b5:fa:53:8b:b1:f7:9c:c5:a4:8e:db:7c:da:05:0c:
-        cc:e2:7f:42:4b:8f:90:49:98:73:b0:96:1a:98:33:d4:18:7e:
-        0d:89:55:70:9f:51:6b:8e:91:27:32:55:38:e7:5b:99:71:15:
-        5e:a1:10:38
+         28:ec:66:1b:7e:f7:62:fe:44:8e:b3:65:0a:9c:10:d3:c3:72:
+         a1:97:85:1d:5a:1c:de:74:1f:28:63:18:f6:28:d0:d1:8e:55:
+         c3:98:7d:c2:21:a8:a2:6f:7e:9a:98:dd:2f:2c:ab:51:69:9b:
+         27:1f:04:9e:01:22:ce:fb:3a:a6:c6:37:27:c7:0f:11:93:f8:
+         74:9c:18:88:2a:f7:d4:50:da:fc:54:00:f8:5e:57:08:52:fb:
+         47:48:d0:a3:7d:9f:3e:87:09:b4:4f:07:c7:46:89:e3:52:a5:
+         d9:a8:e9:04:51:58:99:ef:61:9c:51:f4:98:fe:89:fa:d0:1a:
+         bd:9f:63:81:e2:9a:f3:67:17:6d:df:8c:be:34:e8:c2:96:a2:
+         fc:28:e7:5a:23:fe:c1:02:c8:af:bd:db:4a:d0:8c:28:fd:c9:
+         a3:1c:1e:ab:ca:e6:d3:90:b7:25:c5:29:04:b9:76:08:f2:f1:
+         14:e5:e7:8a:30:06:0b:bc:5d:30:4f:b0:12:3b:93:d7:99:a2:
+         de:57:0f:85:b8:c8:47:ee:dc:5b:6a:71:b7:7e:85:a1:fd:9d:
+         3a:d2:fa:2b:0f:7c:51:8c:d9:ef:9e:37:c9:3a:4a:75:85:b1:
+         16:ef:f9:cc:48:b4:15:8e:08:5f:ea:82:5b:32:07:a9:56:d4:
+         76:5e:bc:a4
 -----BEGIN CERTIFICATE-----
-MIIE7jCCA9agAwIBAgIUaUdiTeA14KC7xbQtM+QF0QIWvIEwDQYJKoZIhvcNAQEL
+MIIE7jCCA9agAwIBAgIUWj5UM7SI/q0iQAdimyixVnuvpuswDQYJKoZIhvcNAQEL
 BQAwgZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDEFCU09MVVRF
 X1VSTjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMB4XDTIzMDMxNjIxNDYxMFoXDTI1MTIxMDIxNDYxMFow
+bmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFow
 gZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDEFCU09MVVRFX1VS
 TjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
@@ -80,12 +80,12 @@ cCeRxybXhWXAMIHaBgNVHSMEgdIwgc+AFDPYRWbXaIcYflQNcCeRxybXhWXAoYGg
 pIGdMIGaMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRUwEwYDVQQLDAxBQlNPTFVU
 RV9VUk4xGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
-aW5mb0B3b2xmc3NsLmNvbYIUaUdiTeA14KC7xbQtM+QF0QIWvIEwCQYDVR0TBAIw
+aW5mb0B3b2xmc3NsLmNvbYIUWj5UM7SI/q0iQAdimyixVnuvpuswCQYDVR0TBAIw
 ADAbBgNVHREEFDAShhB1cm46ZXhhbXBsZTp0ZXN0MA0GCSqGSIb3DQEBCwUAA4IB
-AQB50ZdRpzaEGzWw4OkAtK+M0R+O0Ns3n/5+k9AKVTSjcI3w3oQ6lPDhqGxLnPwZ
-hKrZgIFxEKZzgGB7mwpL3+mFwvUDGlSZTSGIqveP/Dlupi5wOVcM8o0E7FT3GPdM
-hug0pmN8wNPVmUQ4ZDAMxswKpI5M3ZvEEhH5BMWp9duauzkpz82wqx6aW5BWMG8B
-dYfIzt8qQ9tdbBxSO2kj1C2KxZCf+QbB39B+KFItK+xd0qBc438YzGWKisIei8eO
-LAUZSXL0PkPYQ5+1+lOLsfecxaSO23zaBQzM4n9CS4+QSZhzsJYamDPUGH4NiVVw
-n1FrjpEnMlU451uZcRVeoRA4
+AQAo7GYbfvdi/kSOs2UKnBDTw3Khl4UdWhzedB8oYxj2KNDRjlXDmH3CIaiib36a
+mN0vLKtRaZsnHwSeASLO+zqmxjcnxw8Rk/h0nBiIKvfUUNr8VAD4XlcIUvtHSNCj
+fZ8+hwm0TwfHRonjUqXZqOkEUViZ72GcUfSY/on60Bq9n2OB4przZxdt34y+NOjC
+lqL8KOdaI/7BAsivvdtK0Iwo/cmjHB6ryubTkLclxSkEuXYI8vEU5eeKMAYLvF0w
+T7ASO5PXmaLeVw+FuMhH7txbanG3foWh/Z060vorD3xRjNnvnjfJOkp1hbEW7/nM
+SLQVjghf6oJbMgepVtR2Xryk
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ca.pem b/extra/wolfssl/wolfssl/certs/client-ca.pem
index d2b067df..f670cb41 100644
--- a/extra/wolfssl/wolfssl/certs/client-ca.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ca.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            73:fb:54:d6:03:7d:4c:07:84:e2:00:11:8c:dd:90:dc:48:8d:ea:53
+            08:b0:54:7a:03:5a:ec:55:8a:12:e8:f9:8e:34:b6:13:d9:59:b8:e8
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:73:FB:54:D6:03:7D:4C:07:84:E2:00:11:8C:DD:90:DC:48:8D:EA:53
+                serial:08:B0:54:7A:03:5A:EC:55:8A:12:E8:F9:8E:34:B6:13:D9:59:B8:E8
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         36:cb:bc:c5:52:9a:66:cd:91:4d:8f:27:9f:b3:64:80:0e:64:
-         b4:cb:1a:cd:75:9e:82:7c:55:67:d8:9f:90:a3:34:96:99:43:
-         f7:49:53:a2:58:85:a0:b3:83:4f:af:b8:15:8a:88:1e:f3:60:
-         f4:7c:94:b5:58:68:f1:2a:13:80:34:c2:6f:a5:f8:7e:76:16:
-         81:4f:36:8b:c3:59:bd:51:dd:60:87:d7:1d:96:44:69:07:3c:
-         8f:28:56:b1:11:5c:4e:81:3f:57:25:fd:65:dd:07:cf:17:0a:
-         01:7e:4e:3f:8e:73:db:fe:f4:f2:c5:ff:a3:76:a8:74:46:2e:
-         47:0d:b0:ed:0a:c0:c5:0a:65:d3:dc:62:b2:e0:1e:8e:bd:f3:
-         bd:af:af:66:84:36:92:e2:3b:80:d0:57:a6:41:a3:62:d1:a6:
-         6d:14:6c:cd:82:b1:c1:c1:35:55:ae:59:49:a8:26:52:bd:ef:
-         1b:2c:1f:9d:39:04:d2:82:a0:6b:39:71:59:33:82:ba:55:6c:
-         97:f2:1b:5b:e0:4d:e2:cf:89:e7:26:b8:2c:6c:9f:83:d6:ed:
-         4e:2f:75:a9:30:4e:01:95:0d:4f:83:5e:c8:af:7f:67:ea:53:
-         bf:ca:9b:1f:d4:ff:36:97:02:71:8e:33:de:e2:58:27:aa:70:
-         0c:5b:de:0e
+         89:84:eb:6a:70:3b:2a:6e:a8:8b:f2:92:79:97:5c:bd:98:8b:
+         71:db:db:7c:df:db:a4:2c:59:d3:a6:75:41:c2:06:b6:17:1e:
+         0c:1f:7d:0b:7f:58:3e:c1:e7:0c:f0:62:92:77:ab:99:79:7b:
+         85:f4:d9:6c:d0:0e:e5:8b:13:35:65:9e:d7:9a:51:98:e4:49:
+         44:51:c8:e3:e0:9a:ff:c2:cb:3d:81:eb:ee:f4:1a:d1:96:4b:
+         e9:7d:de:5b:f2:64:40:ad:e1:d9:d6:b7:e1:eb:a9:3a:52:29:
+         89:aa:07:37:96:44:e3:23:49:f3:be:f3:0d:70:d1:a2:ce:78:
+         86:22:fc:76:00:84:1d:fa:8b:8a:d2:43:93:88:fa:ee:22:cc:
+         a6:86:f5:3f:24:f1:d4:70:05:4f:3b:18:32:50:67:c1:80:77:
+         0d:3c:78:75:35:d0:fd:60:f3:ed:a1:30:d0:62:25:99:6b:80:
+         56:17:3d:b4:af:1d:df:ab:48:21:c1:d2:0b:6b:94:a7:33:d1:
+         d0:82:b7:3b:92:eb:9d:d6:6c:32:81:5e:07:3c:46:34:32:7b:
+         ea:22:db:a6:a3:18:69:7c:ad:17:e4:c8:a9:8f:a8:ba:67:af:
+         99:39:ef:6e:0c:f8:a9:b3:bd:ab:71:94:e0:41:aa:a4:2d:72:
+         60:51:d1:5c
 -----BEGIN CERTIFICATE-----
-MIIFHTCCBAWgAwIBAgIUc/tU1gN9TAeE4gARjN2Q3EiN6lMwDQYJKoZIhvcNAQEL
+MIIFHTCCBAWgAwIBAgIUCLBUegNa7FWKEuj5jjS2E9lZuOgwDQYJKoZIhvcNAQEL
 BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
 bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,26 +82,26 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
 JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
 DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
 EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUc/tU1gN9TAeE4gARjN2Q3EiN
-6lMwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUCLBUegNa7FWKEuj5jjS2E9lZ
+uOgwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
 BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB
-ADbLvMVSmmbNkU2PJ5+zZIAOZLTLGs11noJ8VWfYn5CjNJaZQ/dJU6JYhaCzg0+v
-uBWKiB7zYPR8lLVYaPEqE4A0wm+l+H52FoFPNovDWb1R3WCH1x2WRGkHPI8oVrER
-XE6BP1cl/WXdB88XCgF+Tj+Oc9v+9PLF/6N2qHRGLkcNsO0KwMUKZdPcYrLgHo69
-872vr2aENpLiO4DQV6ZBo2LRpm0UbM2CscHBNVWuWUmoJlK97xssH505BNKCoGs5
-cVkzgrpVbJfyG1vgTeLPiecmuCxsn4PW7U4vdakwTgGVDU+DXsivf2fqU7/Kmx/U
-/zaXAnGOM97iWCeqcAxb3g4=
+AImE62pwOypuqIvyknmXXL2Yi3Hb23zf26QsWdOmdUHCBrYXHgwffQt/WD7B5wzw
+YpJ3q5l5e4X02WzQDuWLEzVlnteaUZjkSURRyOPgmv/Cyz2B6+70GtGWS+l93lvy
+ZECt4dnWt+HrqTpSKYmqBzeWROMjSfO+8w1w0aLOeIYi/HYAhB36i4rSQ5OI+u4i
+zKaG9T8k8dRwBU87GDJQZ8GAdw08eHU10P1g8+2hMNBiJZlrgFYXPbSvHd+rSCHB
+0gtrlKcz0dCCtzuS653WbDKBXgc8RjQye+oi26ajGGl8rRfkyKmPqLpnr5k5724M
++KmzvatxlOBBqqQtcmBR0Vw=
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            59:e6:5a:21:e0:c4:3f:67:06:9b:21:43:3e:76:ca:f0:3f:68:5b:53
+            37:67:2a:05:24:b5:2b:b6:ae:40:6b:e1:75:e0:97:cc:1d:12:8b:2a
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -120,7 +120,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
                 DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:59:E6:5A:21:E0:C4:3F:67:06:9B:21:43:3E:76:CA:F0:3F:68:5B:53
+                serial:37:67:2A:05:24:B5:2B:B6:AE:40:6B:E1:75:E0:97:CC:1D:12:8B:2A
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -129,16 +129,16 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:20:70:f8:0e:6e:91:c9:09:77:25:8c:ba:99:6d:54:
-         2d:a8:52:87:17:51:24:8b:13:92:89:7d:c9:ba:b4:43:2e:48:
-         02:21:00:ab:41:13:3a:d5:eb:68:66:36:56:7c:75:5d:37:e3:
-         f6:27:7f:54:d5:42:80:29:db:e5:9b:16:8a:d3:c2:ad:d6
+         30:44:02:20:7a:6d:c5:bd:6f:9d:54:4f:c5:4c:d0:12:8c:31:
+         3b:b6:17:80:9e:c7:34:f8:c5:da:fb:61:23:35:e6:93:35:b4:
+         02:20:1b:6a:86:c4:11:be:7c:15:a7:5e:ab:85:ee:b7:8c:20:
+         dc:eb:17:a3:f2:66:63:aa:6b:67:e0:62:1f:17:3e:ac
 -----BEGIN CERTIFICATE-----
-MIIDXjCCAwSgAwIBAgIUWeZaIeDEP2cGmyFDPnbK8D9oW1MwCgYIKoZIzj0EAwIw
+MIIDXTCCAwSgAwIBAgIUN2cqBSS1K7auQGvhdeCXzB0SiyowCgYIKoZIzj0EAwIw
 gY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAMBgNVBAcMBVNhbGVt
 MRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0MRgwFgYDVQQDDA93
 d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjTELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBjTELMAkGA1UEBhMCVVMx
 DzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVu
 dCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
 MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG
@@ -148,9 +148,9 @@ WWuVYT9RV7YETYlBiERcq/Iwgc0GA1UdIwSBxTCBwoAU69RLWWuVYT9RV7YETYlB
 iERcq/KhgZOkgZAwgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAM
 BgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0
 MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb22CFFnmWiHgxD9nBpshQz52yvA/aFtTMAwGA1UdEwQFMAMBAf8w
+d29sZnNzbC5jb22CFDdnKgUktSu2rkBr4XXgl8wdEosqMAwGA1UdEwQFMAMBAf8w
 HAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUH
-AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIHD4Dm6RyQl3JYy6mW1ULahS
-hxdRJIsTkol9ybq0Qy5IAiEAq0ETOtXraGY2Vnx1XTfj9id/VNVCgCnb5ZsWitPC
-rdY=
+AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0cAMEQCIHptxb1vnVRPxUzQEowxO7YX
+gJ7HNPjF2vthIzXmkzW0AiAbaobEEb58Fadeq4Xut4wg3OsXo/JmY6prZ+BiHxc+
+rA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-cert-ext.der b/extra/wolfssl/wolfssl/certs/client-cert-ext.der
index 9dfe9cfb..82aac96d 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert-ext.der
+++ b/extra/wolfssl/wolfssl/certs/client-cert-ext.der
diff --git a/extra/wolfssl/wolfssl/certs/client-cert-ext.pem b/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
index c98c3094..07ca05d0 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
+++ b/extra/wolfssl/wolfssl/certs/client-cert-ext.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            45:9c:f1:fd:f9:b8:de:31:65:89:f7:e4:d9:e4:24:25:6a:41:8e:81
+            12:37:de:bf:76:06:c4:e6:74:0c:38:84:53:e2:19:d4:b9:d3:68:d3
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:45:9C:F1:FD:F9:B8:DE:31:65:89:F7:E4:D9:E4:24:25:6A:41:8E:81
+                serial:12:37:DE:BF:76:06:C4:E6:74:0C:38:84:53:E2:19:D4:B9:D3:68:D3
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         a9:d7:de:27:5e:35:fb:a2:0d:f1:c5:9e:d7:d4:d7:d3:11:c7:
-         78:39:1c:e6:b9:af:44:34:ed:c8:b6:b8:b3:e0:31:75:1b:3a:
-         f8:f0:1e:58:f5:02:44:4e:39:f6:39:52:0a:a2:a1:d9:ad:98:
-         46:65:ec:f1:c4:c3:26:91:d0:98:51:45:55:91:49:52:11:27:
-         e8:c5:82:ca:b9:a1:09:75:1d:b2:8f:33:76:3d:d6:8e:7c:37:
-         03:ec:95:6a:43:95:5c:96:84:f1:c5:d0:b2:47:0a:78:53:c4:
-         3b:04:a8:1a:73:7c:da:b6:0f:4d:80:7f:77:0a:0c:6c:8a:6b:
-         78:98:c3:cc:19:90:e6:c7:9e:31:f5:f9:90:2c:72:8e:bd:7c:
-         9d:3d:68:50:9d:30:32:c7:26:27:e4:52:cc:bd:c3:c6:e5:8a:
-         3f:44:70:63:f1:da:ae:a0:fd:18:6a:d6:e5:12:e5:04:55:89:
-         20:a9:47:67:4a:4e:4f:dc:3b:eb:06:83:81:98:7c:a4:33:61:
-         e0:f4:03:33:1c:1d:65:e3:43:e2:f2:08:ca:59:ee:13:4f:32:
-         5e:48:7e:62:48:2c:c9:95:7b:00:ea:a2:c1:2a:50:b5:a4:91:
-         40:3f:6a:df:84:e3:66:0e:2f:a1:c8:02:c7:13:88:15:77:2a:
-         d3:38:6e:0f
+         ac:be:4c:63:00:b5:d9:d5:9e:b1:83:61:a3:7a:1f:a8:b7:ad:
+         e0:0a:c8:c4:42:b2:ff:96:18:99:3d:16:b9:58:05:94:7b:1b:
+         da:66:27:e3:48:5b:e6:4d:7b:0f:51:c5:8e:e4:b5:c3:0b:48:
+         96:56:95:bb:3c:4d:91:c9:2c:51:61:24:37:d2:ef:ec:6c:97:
+         92:cc:b4:fc:4f:fc:db:f7:7d:71:a9:3c:3a:a1:fb:e1:14:1a:
+         c2:a3:51:e8:fc:c5:fb:57:44:73:97:93:bd:79:9a:10:9e:27:
+         e1:f2:cd:43:94:8f:6a:01:ce:40:51:e4:fa:06:d2:de:0a:10:
+         93:ff:0f:10:44:85:8a:00:60:2b:bf:86:40:5b:2e:28:11:e9:
+         8e:8a:ad:00:e9:0e:c6:67:ee:fc:53:8d:19:6a:33:91:0e:42:
+         16:83:5e:67:3b:24:05:85:b8:2a:bf:16:5b:d4:b0:a7:02:de:
+         29:6b:7b:fc:45:c1:1e:9f:d9:91:3c:92:9d:2e:c6:a7:a0:ea:
+         d7:b0:97:d6:58:14:03:4c:12:d5:f1:81:e3:a9:07:94:3f:53:
+         78:d1:61:e9:44:87:59:8b:b8:e7:c1:cc:3f:11:eb:00:e9:b5:
+         b7:6a:05:49:f7:5c:e0:e8:b4:6c:7c:f0:fc:67:5a:67:35:7e:
+         85:43:cb:b6
 -----BEGIN CERTIFICATE-----
-MIIFCDCCA/CgAwIBAgIURZzx/fm43jFliffk2eQkJWpBjoEwDQYJKoZIhvcNAQEL
+MIIFCDCCA/CgAwIBAgIUEjfev3YGxOZ0DDiEU+IZ1LnTaNMwDQYJKoZIhvcNAQEL
 BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
 bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,12 +82,12 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
 JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
 DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
 EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIURZzx/fm43jFliffk2eQkJWpB
-joEwDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
-Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAKnX3ideNfuiDfHFntfU19MRx3g5
-HOa5r0Q07ci2uLPgMXUbOvjwHlj1AkROOfY5UgqiodmtmEZl7PHEwyaR0JhRRVWR
-SVIRJ+jFgsq5oQl1HbKPM3Y91o58NwPslWpDlVyWhPHF0LJHCnhTxDsEqBpzfNq2
-D02Af3cKDGyKa3iYw8wZkObHnjH1+ZAsco69fJ09aFCdMDLHJifkUsy9w8blij9E
-cGPx2q6g/Rhq1uUS5QRViSCpR2dKTk/cO+sGg4GYfKQzYeD0AzMcHWXjQ+LyCMpZ
-7hNPMl5IfmJILMmVewDqosEqULWkkUA/at+E42YOL6HIAscTiBV3KtM4bg8=
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUEjfev3YGxOZ0DDiEU+IZ1LnT
+aNMwDAYDVR0TBAUwAwEB/zAWBgNVHREEDzANggtleGFtcGxlLmNvbTAOBgNVHQ8B
+Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggEBAKy+TGMAtdnVnrGDYaN6H6i3reAK
+yMRCsv+WGJk9FrlYBZR7G9pmJ+NIW+ZNew9RxY7ktcMLSJZWlbs8TZHJLFFhJDfS
+7+xsl5LMtPxP/Nv3fXGpPDqh++EUGsKjUej8xftXRHOXk715mhCeJ+HyzUOUj2oB
+zkBR5PoG0t4KEJP/DxBEhYoAYCu/hkBbLigR6Y6KrQDpDsZn7vxTjRlqM5EOQhaD
+Xmc7JAWFuCq/FlvUsKcC3ilre/xFwR6f2ZE8kp0uxqeg6tewl9ZYFANMEtXxgeOp
+B5Q/U3jRYelEh1mLuOfBzD8R6wDptbdqBUn3XODotGx88PxnWmc1foVDy7Y=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-cert.der b/extra/wolfssl/wolfssl/certs/client-cert.der
index aa7e2686..b1024593 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/client-cert.pem b/extra/wolfssl/wolfssl/certs/client-cert.pem
index 4bf36d37..88955531 100644
--- a/extra/wolfssl/wolfssl/certs/client-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            73:fb:54:d6:03:7d:4c:07:84:e2:00:11:8c:dd:90:dc:48:8d:ea:53
+            08:b0:54:7a:03:5a:ec:55:8a:12:e8:f9:8e:34:b6:13:d9:59:b8:e8
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,7 +38,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=Programming-2048/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:73:FB:54:D6:03:7D:4C:07:84:E2:00:11:8C:DD:90:DC:48:8D:EA:53
+                serial:08:B0:54:7A:03:5A:EC:55:8A:12:E8:F9:8E:34:B6:13:D9:59:B8:E8
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -47,28 +47,28 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         36:cb:bc:c5:52:9a:66:cd:91:4d:8f:27:9f:b3:64:80:0e:64:
-         b4:cb:1a:cd:75:9e:82:7c:55:67:d8:9f:90:a3:34:96:99:43:
-         f7:49:53:a2:58:85:a0:b3:83:4f:af:b8:15:8a:88:1e:f3:60:
-         f4:7c:94:b5:58:68:f1:2a:13:80:34:c2:6f:a5:f8:7e:76:16:
-         81:4f:36:8b:c3:59:bd:51:dd:60:87:d7:1d:96:44:69:07:3c:
-         8f:28:56:b1:11:5c:4e:81:3f:57:25:fd:65:dd:07:cf:17:0a:
-         01:7e:4e:3f:8e:73:db:fe:f4:f2:c5:ff:a3:76:a8:74:46:2e:
-         47:0d:b0:ed:0a:c0:c5:0a:65:d3:dc:62:b2:e0:1e:8e:bd:f3:
-         bd:af:af:66:84:36:92:e2:3b:80:d0:57:a6:41:a3:62:d1:a6:
-         6d:14:6c:cd:82:b1:c1:c1:35:55:ae:59:49:a8:26:52:bd:ef:
-         1b:2c:1f:9d:39:04:d2:82:a0:6b:39:71:59:33:82:ba:55:6c:
-         97:f2:1b:5b:e0:4d:e2:cf:89:e7:26:b8:2c:6c:9f:83:d6:ed:
-         4e:2f:75:a9:30:4e:01:95:0d:4f:83:5e:c8:af:7f:67:ea:53:
-         bf:ca:9b:1f:d4:ff:36:97:02:71:8e:33:de:e2:58:27:aa:70:
-         0c:5b:de:0e
+         89:84:eb:6a:70:3b:2a:6e:a8:8b:f2:92:79:97:5c:bd:98:8b:
+         71:db:db:7c:df:db:a4:2c:59:d3:a6:75:41:c2:06:b6:17:1e:
+         0c:1f:7d:0b:7f:58:3e:c1:e7:0c:f0:62:92:77:ab:99:79:7b:
+         85:f4:d9:6c:d0:0e:e5:8b:13:35:65:9e:d7:9a:51:98:e4:49:
+         44:51:c8:e3:e0:9a:ff:c2:cb:3d:81:eb:ee:f4:1a:d1:96:4b:
+         e9:7d:de:5b:f2:64:40:ad:e1:d9:d6:b7:e1:eb:a9:3a:52:29:
+         89:aa:07:37:96:44:e3:23:49:f3:be:f3:0d:70:d1:a2:ce:78:
+         86:22:fc:76:00:84:1d:fa:8b:8a:d2:43:93:88:fa:ee:22:cc:
+         a6:86:f5:3f:24:f1:d4:70:05:4f:3b:18:32:50:67:c1:80:77:
+         0d:3c:78:75:35:d0:fd:60:f3:ed:a1:30:d0:62:25:99:6b:80:
+         56:17:3d:b4:af:1d:df:ab:48:21:c1:d2:0b:6b:94:a7:33:d1:
+         d0:82:b7:3b:92:eb:9d:d6:6c:32:81:5e:07:3c:46:34:32:7b:
+         ea:22:db:a6:a3:18:69:7c:ad:17:e4:c8:a9:8f:a8:ba:67:af:
+         99:39:ef:6e:0c:f8:a9:b3:bd:ab:71:94:e0:41:aa:a4:2d:72:
+         60:51:d1:5c
 -----BEGIN CERTIFICATE-----
-MIIFHTCCBAWgAwIBAgIUc/tU1gN9TAeE4gARjN2Q3EiN6lMwDQYJKoZIhvcNAQEL
+MIIFHTCCBAWgAwIBAgIUCLBUegNa7FWKEuj5jjS2E9lZuOgwDQYJKoZIhvcNAQEL
 BQAwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsMEFByb2dyYW1t
 aW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGeMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRkwFwYDVQQLDBBQcm9ncmFt
 bWluZy0yMDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
@@ -82,13 +82,13 @@ Ztdohxh+VA1wJ5HHJteFZcAwgd4GA1UdIwSB1jCB04AUM9hFZtdohxh+VA1wJ5HH
 JteFZcChgaSkgaEwgZ4xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
 DgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxGTAXBgNVBAsM
 EFByb2dyYW1taW5nLTIwNDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
-CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUc/tU1gN9TAeE4gARjN2Q3EiN
-6lMwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUCLBUegNa7FWKEuj5jjS2E9lZ
+uOgwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAd
 BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB
-ADbLvMVSmmbNkU2PJ5+zZIAOZLTLGs11noJ8VWfYn5CjNJaZQ/dJU6JYhaCzg0+v
-uBWKiB7zYPR8lLVYaPEqE4A0wm+l+H52FoFPNovDWb1R3WCH1x2WRGkHPI8oVrER
-XE6BP1cl/WXdB88XCgF+Tj+Oc9v+9PLF/6N2qHRGLkcNsO0KwMUKZdPcYrLgHo69
-872vr2aENpLiO4DQV6ZBo2LRpm0UbM2CscHBNVWuWUmoJlK97xssH505BNKCoGs5
-cVkzgrpVbJfyG1vgTeLPiecmuCxsn4PW7U4vdakwTgGVDU+DXsivf2fqU7/Kmx/U
-/zaXAnGOM97iWCeqcAxb3g4=
+AImE62pwOypuqIvyknmXXL2Yi3Hb23zf26QsWdOmdUHCBrYXHgwffQt/WD7B5wzw
+YpJ3q5l5e4X02WzQDuWLEzVlnteaUZjkSURRyOPgmv/Cyz2B6+70GtGWS+l93lvy
+ZECt4dnWt+HrqTpSKYmqBzeWROMjSfO+8w1w0aLOeIYi/HYAhB36i4rSQ5OI+u4i
+zKaG9T8k8dRwBU87GDJQZ8GAdw08eHU10P1g8+2hMNBiJZlrgFYXPbSvHd+rSCHB
+0gtrlKcz0dCCtzuS653WbDKBXgc8RjQye+oi26ajGGl8rRfkyKmPqLpnr5k5724M
++KmzvatxlOBBqqQtcmBR0Vw=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-crl-dist.der b/extra/wolfssl/wolfssl/certs/client-crl-dist.der
index b8fde691..23bd7cac 100644
--- a/extra/wolfssl/wolfssl/certs/client-crl-dist.der
+++ b/extra/wolfssl/wolfssl/certs/client-crl-dist.der
diff --git a/extra/wolfssl/wolfssl/certs/client-crl-dist.pem b/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
index cfdc7c74..b8eba767 100644
--- a/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
+++ b/extra/wolfssl/wolfssl/certs/client-crl-dist.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            74:65:e7:ce:97:a7:4c:9e:ec:b7:35:9a:21:93:6d:b1:f8:a1:53:95
+            4b:fb:e6:7a:af:6c:19:2e:6a:b9:4c:cc:af:a9:1e:8e:7c:de:ea:09
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = CRL_DIST, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -39,27 +39,27 @@ Certificate:
                   URI:http://www.wolfssl.com/crl.pem
 
     Signature Algorithm: sha256WithRSAEncryption
-         83:23:c3:dc:8e:65:2d:00:a3:09:24:f0:c5:6a:68:a6:b7:53:
-         9a:4d:7c:bb:3c:e6:c5:a0:e5:0e:2e:47:33:70:a5:41:a5:3b:
-         be:62:61:9f:a9:58:f2:6a:d3:e7:8b:38:57:34:65:b1:5f:64:
-         37:6b:81:46:f7:f5:ba:28:3a:c8:76:7b:b2:74:6c:45:de:7e:
-         1c:57:8e:17:f1:b1:98:99:5e:21:6a:bd:c1:cd:3a:43:33:2f:
-         aa:a9:a8:37:63:0e:ee:8c:83:3d:60:0f:79:45:20:5d:78:08:
-         d8:c2:7d:6d:95:31:1e:ca:88:bc:9f:d3:c5:e9:e6:76:9e:72:
-         c2:93:75:61:63:e2:c6:2e:0a:56:1f:1e:e0:ea:31:05:30:da:
-         68:11:85:3c:c2:4c:68:98:0a:ed:11:6f:a8:f5:25:d1:81:bd:
-         98:d1:b5:53:e0:09:dc:f4:e8:49:f0:56:ce:f7:f2:a4:f6:56:
-         e4:18:4b:99:04:9b:2c:48:62:19:6c:8c:38:17:95:8e:98:7d:
-         b8:12:05:fb:6c:a2:d3:b5:b2:f8:34:b9:ba:c2:76:47:75:1a:
-         73:cc:61:0c:b1:f2:12:52:41:fc:3f:aa:85:b6:24:b6:bd:c8:
-         7b:0c:11:bd:03:89:eb:38:45:db:18:6d:e3:56:30:41:f3:14:
-         2e:f9:ea:b1
+         2d:cc:22:e7:1f:88:8f:59:86:50:9d:98:17:64:1b:7f:20:5d:
+         5d:41:11:c1:b4:17:1f:93:64:b6:55:ae:a2:48:b9:60:ff:6f:
+         e4:1e:5f:70:31:50:95:b5:b0:85:9b:48:13:e7:ea:18:1a:04:
+         33:cd:bc:ae:32:83:eb:e6:78:77:73:25:a2:eb:c2:fc:6f:09:
+         0e:5e:85:9d:93:98:9d:19:b9:48:3c:8c:29:c6:83:b2:8c:3c:
+         dd:47:8b:89:f1:da:ab:0e:73:64:43:61:45:74:bf:b7:8c:72:
+         79:b5:6e:29:7b:5d:df:36:9f:92:57:eb:23:ba:96:93:ba:e6:
+         53:75:ec:77:0f:9b:7d:fa:9f:2a:37:6d:fd:ce:9e:59:31:bb:
+         19:b0:72:ce:e8:34:9e:73:ae:4a:d3:47:36:b7:1c:52:a7:4a:
+         f0:86:fe:4c:51:6e:f4:d1:51:f3:5c:6f:83:c7:d1:15:07:d8:
+         c3:47:2a:80:23:fd:65:eb:38:14:5c:32:77:ff:3c:35:02:d4:
+         95:99:31:40:43:42:5b:b1:8b:30:f2:dc:6a:fe:81:08:d1:c8:
+         8e:58:9a:e5:42:91:eb:8b:4a:ae:cd:85:c6:62:f5:05:ff:5a:
+         6c:d3:27:47:32:94:60:16:96:94:25:be:82:08:fd:0c:ae:71:
+         5c:cd:aa:18
 -----BEGIN CERTIFICATE-----
-MIID7zCCAtegAwIBAgIUdGXnzpenTJ7stzWaIZNtsfihU5UwDQYJKoZIhvcNAQEL
+MIID7zCCAtegAwIBAgIUS/vmeq9sGS5quUzMr6kejnze6gkwDQYJKoZIhvcNAQEL
 BQAwgZYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxETAPBgNVBAsMCENSTF9ESVNU
 MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBljEL
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBljEL
 MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
 FTATBgNVBAoMDHdvbGZTU0xfMjA0ODERMA8GA1UECwwIQ1JMX0RJU1QxGDAWBgNV
 BAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
@@ -70,11 +70,11 @@ us8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN
 b42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZ
 DIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb
 5fuhutMCAwEAAaMzMDEwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3d3dy53b2xm
-c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQCDI8PcjmUtAKMJJPDF
-amimt1OaTXy7PObFoOUOLkczcKVBpTu+YmGfqVjyatPnizhXNGWxX2Q3a4FG9/W6
-KDrIdnuydGxF3n4cV44X8bGYmV4har3BzTpDMy+qqag3Yw7ujIM9YA95RSBdeAjY
-wn1tlTEeyoi8n9PF6eZ2nnLCk3VhY+LGLgpWHx7g6jEFMNpoEYU8wkxomArtEW+o
-9SXRgb2Y0bVT4Anc9OhJ8FbO9/Kk9lbkGEuZBJssSGIZbIw4F5WOmH24EgX7bKLT
-tbL4NLm6wnZHdRpzzGEMsfISUkH8P6qFtiS2vch7DBG9A4nrOEXbGG3jVjBB8xQu
-+eqx
+c3NsLmNvbS9jcmwucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQAtzCLnH4iPWYZQnZgX
+ZBt/IF1dQRHBtBcfk2S2Va6iSLlg/2/kHl9wMVCVtbCFm0gT5+oYGgQzzbyuMoPr
+5nh3cyWi68L8bwkOXoWdk5idGblIPIwpxoOyjDzdR4uJ8dqrDnNkQ2FFdL+3jHJ5
+tW4pe13fNp+SV+sjupaTuuZTdex3D5t9+p8qN239zp5ZMbsZsHLO6DSec65K00c2
+txxSp0rwhv5MUW700VHzXG+Dx9EVB9jDRyqAI/1l6zgUXDJ3/zw1AtSVmTFAQ0Jb
+sYsw8txq/oEI0ciOWJrlQpHri0quzYXGYvUF/1ps0ydHMpRgFpaUJb6CCP0MrnFc
+zaoY
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc-cert.der b/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
index 571745cd..11df5e2c 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
index 83d69192..cb835236 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ecc-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            59:e6:5a:21:e0:c4:3f:67:06:9b:21:43:3e:76:ca:f0:3f:68:5b:53
+            37:67:2a:05:24:b5:2b:b6:ae:40:6b:e1:75:e0:97:cc:1d:12:8b:2a
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -26,7 +26,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
                 DirName:/C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:59:E6:5A:21:E0:C4:3F:67:06:9B:21:43:3E:76:CA:F0:3F:68:5B:53
+                serial:37:67:2A:05:24:B5:2B:B6:AE:40:6B:E1:75:E0:97:CC:1D:12:8B:2A
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -35,16 +35,16 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:20:70:f8:0e:6e:91:c9:09:77:25:8c:ba:99:6d:54:
-         2d:a8:52:87:17:51:24:8b:13:92:89:7d:c9:ba:b4:43:2e:48:
-         02:21:00:ab:41:13:3a:d5:eb:68:66:36:56:7c:75:5d:37:e3:
-         f6:27:7f:54:d5:42:80:29:db:e5:9b:16:8a:d3:c2:ad:d6
+         30:44:02:20:7a:6d:c5:bd:6f:9d:54:4f:c5:4c:d0:12:8c:31:
+         3b:b6:17:80:9e:c7:34:f8:c5:da:fb:61:23:35:e6:93:35:b4:
+         02:20:1b:6a:86:c4:11:be:7c:15:a7:5e:ab:85:ee:b7:8c:20:
+         dc:eb:17:a3:f2:66:63:aa:6b:67:e0:62:1f:17:3e:ac
 -----BEGIN CERTIFICATE-----
-MIIDXjCCAwSgAwIBAgIUWeZaIeDEP2cGmyFDPnbK8D9oW1MwCgYIKoZIzj0EAwIw
+MIIDXTCCAwSgAwIBAgIUN2cqBSS1K7auQGvhdeCXzB0SiyowCgYIKoZIzj0EAwIw
 gY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAMBgNVBAcMBVNhbGVt
 MRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0MRgwFgYDVQQDDA93
 d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjTELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBjTELMAkGA1UEBhMCVVMx
 DzANBgNVBAgMBk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVu
 dCBFQ0MxDTALBgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
 MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqG
@@ -54,9 +54,9 @@ WWuVYT9RV7YETYlBiERcq/Iwgc0GA1UdIwSBxTCBwoAU69RLWWuVYT9RV7YETYlB
 iERcq/KhgZOkgZAwgY0xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xDjAM
 BgNVBAcMBVNhbGVtMRMwEQYDVQQKDApDbGllbnQgRUNDMQ0wCwYDVQQLDARGYXN0
 MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb22CFFnmWiHgxD9nBpshQz52yvA/aFtTMAwGA1UdEwQFMAMBAf8w
+d29sZnNzbC5jb22CFDdnKgUktSu2rkBr4XXgl8wdEosqMAwGA1UdEwQFMAMBAf8w
 HAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUH
-AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0gAMEUCIHD4Dm6RyQl3JYy6mW1ULahS
-hxdRJIsTkol9ybq0Qy5IAiEAq0ETOtXraGY2Vnx1XTfj9id/VNVCgCnb5ZsWitPC
-rdY=
+AwEGCCsGAQUFBwMCMAoGCCqGSM49BAMCA0cAMEQCIHptxb1vnVRPxUzQEowxO7YX
+gJ7HNPjF2vthIzXmkzW0AiAbaobEEb58Fadeq4Xut4wg3OsXo/JmY6prZ+BiHxc+
+rA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
index 2d341097..9d65ac34 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
index 38cd8ffb..cdd8e7d0 100644
--- a/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-ecc384-cert.pem
@@ -1,18 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIIC7jCCAnWgAwIBAgICEAIwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
+MIIC8TCCAnagAwIBAgICEAIwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIyMTIx
-NjIxMTc0OVoYDzIwNTIxMjA4MjExNzQ5WjCBljELMAkGA1UEBhMCVVMxEzARBgNV
-BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0
-aWMxEzARBgNVBAsMCkVDQzM4NENsaXQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
-bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqGSM49AgEG
-BSuBBAAiA2IABGbECD1mp6EV1FMKI7OtC86PyPSYHabYsm4iEfq575nA+ik+SAD5
-/sKmShunEqhrkEwcu6xdbg5iznAg90N32JfHdNNo/onsd8sZL4lKHXf5l0tmAmil
-Yq+VgcvjJDbrhaOBkDCBjTAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAd
-BgNVHQ4EFgQUHvLQG/j8pcs/3Ir1lypCU7BC+dQwHwYDVR0jBBgwFoAUq+DDJkwY
-1HK70oSMnAoFkoASU1IwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUF
-BwMCBggrBgEFBQcDBDAKBggqhkjOPQQDAwNnADBkAjAPQMgZxsqXF0GGM9ENosCY
-W1DkocrsibpBK8OR3ATI+FYZPshPUW5CeyczH+NkZaYCMDzZ+hqoQhVY0VL93fa2
-IwAeR5QzHT3Vm802Zbormsdhso44wEqmByPbZrseWKK9ig==
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIzMTIx
+MzIyMTkyN1oYDzIwNTMxMjA1MjIxOTI3WjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlw
+dGljMRMwEQYDVQQLDApFQ0MzODRDbGl0MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAARmxAg9ZqehFdRTCiOzrQvOj8j0mB2m2LJuIhH6ue+ZwPopPkgA
++f7CpkobpxKoa5BMHLusXW4OYs5wIPdDd9iXx3TTaP6J7HfLGS+JSh13+ZdLZgJo
+pWKvlYHL4yQ264WjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAw
+HQYDVR0OBBYEFB7y0Bv4/KXLP9yK9ZcqQlOwQvnUMB8GA1UdIwQYMBaAFKvgwyZM
+GNRyu9KEjJwKBZKAElNSMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
+BQcDAgYIKwYBBQUHAwQwCgYIKoZIzj0EAwMDaQAwZgIxANNvyNaU668jcKTlo9iz
+ZiaHuFxJmE0DGHTBYJClnOiXXWOYXzFbwurGYGTX3YzmtgIxALtl1Hctz2t+kLwY
+K+PYqHKH5fPWpnf8hMb9hdF/AeZqXSlutQpXG2Wppj6T6zSjLg==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-relative-uri.pem b/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
index 665bfde0..f1c1303c 100644
--- a/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
+++ b/extra/wolfssl/wolfssl/certs/client-relative-uri.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            24:30:a2:59:c1:a0:67:cb:4c:58:f7:69:e0:0b:15:23:ff:a3:8e:19
+            28:2c:d3:e8:22:39:f9:1d:be:90:1c:5e:99:59:bb:59:d7:0e:25:de
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = RELATIVE_URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = RELATIVE_URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,34 +38,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=RELATIVE_URI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:24:30:A2:59:C1:A0:67:CB:4C:58:F7:69:E0:0B:15:23:FF:A3:8E:19
+                serial:28:2C:D3:E8:22:39:F9:1D:BE:90:1C:5E:99:59:BB:59:D7:0E:25:DE
 
             X509v3 Basic Constraints: 
                 CA:FALSE
             X509v3 Subject Alternative Name: 
                 URI:../relative/page.html
     Signature Algorithm: sha256WithRSAEncryption
-         2d:b8:d7:52:e5:73:42:36:8a:a9:97:ed:5f:da:4b:28:40:92:
-         fa:b3:05:13:67:e1:d8:9d:93:7e:d3:03:d0:21:6d:50:db:5a:
-         6f:40:de:06:f6:ff:6f:67:89:61:6d:e8:3d:3e:7f:47:a9:10:
-         f4:40:cf:74:1b:e7:5d:1c:2e:e3:5f:a1:d6:7a:c4:1c:98:2e:
-         55:8a:b5:99:2a:2f:de:82:33:1f:e0:35:b0:e6:e9:89:47:9a:
-         77:03:bb:96:a3:6c:21:02:ea:2c:6a:a8:bc:3a:f7:b9:66:53:
-         55:36:98:a6:20:28:c0:f8:ef:91:7b:2b:dc:a9:5c:6e:b1:83:
-         be:27:a5:7c:9a:d2:a7:a8:31:a3:f3:0d:8d:21:cf:d3:28:40:
-         7c:83:18:a1:97:fa:b2:7e:54:cb:fd:33:d6:28:17:47:c1:6c:
-         8a:c3:4d:f3:9c:33:df:ed:5f:ba:4b:6c:82:dc:7b:17:94:cc:
-         12:a8:ed:92:64:5d:6a:37:9e:12:65:76:5a:22:76:61:00:59:
-         22:4c:2a:e2:7b:a8:48:45:70:13:7d:f5:45:90:70:9b:3a:4e:
-         df:d5:a7:a4:72:74:9f:e3:ca:32:4f:cb:f8:e2:8b:eb:ce:35:
-         75:dc:de:a1:4d:d2:3e:6a:a9:96:77:26:00:d4:a5:19:e4:44:
-         41:d4:0e:1a
+         9a:6f:69:6c:4a:a8:1a:c7:42:04:ae:d8:d3:d0:b0:ce:ae:d6:
+         68:5c:e6:91:37:39:d8:6c:64:43:11:fd:a9:ea:4a:47:e8:bc:
+         6c:dc:12:b9:70:94:12:a8:5e:21:1a:e9:a2:fa:cf:c2:19:47:
+         22:5d:6c:9e:4e:a3:6a:1d:7f:75:8f:a7:06:56:2f:c2:ac:d6:
+         2e:56:90:ef:53:01:70:5f:a2:e0:6d:28:79:ab:bb:24:40:cd:
+         62:6e:18:b5:5d:33:6a:d0:1c:84:c6:8f:82:77:1d:7b:85:c9:
+         60:db:41:b2:6e:d2:4a:3e:ed:eb:76:62:59:82:93:21:1c:b5:
+         8f:d6:9e:c2:5c:d8:a3:ca:cf:2f:16:a0:03:2d:7c:d9:3c:ec:
+         1b:55:57:da:22:49:67:c6:9d:da:9a:1a:27:d8:1f:ea:e5:74:
+         53:14:a2:9d:ba:a3:fa:0a:c9:52:fc:50:33:2a:d5:b5:25:39:
+         5a:b4:e4:8a:2e:b8:c5:5f:f7:ac:2b:b0:ec:fe:cf:a5:23:58:
+         6c:18:2c:68:2d:56:c5:16:2d:8a:0a:c1:2d:aa:cd:33:15:1c:
+         80:e3:af:91:30:f6:f4:ce:28:57:4c:32:b8:09:ac:29:b7:07:
+         47:1d:7d:bd:4a:5a:5d:97:0b:4b:c8:22:bc:f9:35:29:72:58:
+         0f:f6:34:a3
 -----BEGIN CERTIFICATE-----
-MIIE8zCCA9ugAwIBAgIUJDCiWcGgZ8tMWPdp4AsVI/+jjhkwDQYJKoZIhvcNAQEL
+MIIE8zCCA9ugAwIBAgIUKCzT6CI5+R2+kBxemVm7WdcOJd4wDQYJKoZIhvcNAQEL
 BQAwgZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDFJFTEFUSVZF
 X1VSSTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVow
+bmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFow
 gZoxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxFTATBgNVBAsMDFJFTEFUSVZFX1VS
 STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
@@ -80,12 +80,12 @@ cCeRxybXhWXAMIHaBgNVHSMEgdIwgc+AFDPYRWbXaIcYflQNcCeRxybXhWXAoYGg
 pIGdMIGaMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEVMBMGA1UECgwMd29sZlNTTF8yMDQ4MRUwEwYDVQQLDAxSRUxBVElW
 RV9VUkkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
-aW5mb0B3b2xmc3NsLmNvbYIUJDCiWcGgZ8tMWPdp4AsVI/+jjhkwCQYDVR0TBAIw
+aW5mb0B3b2xmc3NsLmNvbYIUKCzT6CI5+R2+kBxemVm7WdcOJd4wCQYDVR0TBAIw
 ADAgBgNVHREEGTAXhhUuLi9yZWxhdGl2ZS9wYWdlLmh0bWwwDQYJKoZIhvcNAQEL
-BQADggEBAC2411Llc0I2iqmX7V/aSyhAkvqzBRNn4didk37TA9AhbVDbWm9A3gb2
-/29niWFt6D0+f0epEPRAz3Qb510cLuNfodZ6xByYLlWKtZkqL96CMx/gNbDm6YlH
-mncDu5ajbCEC6ixqqLw697lmU1U2mKYgKMD475F7K9ypXG6xg74npXya0qeoMaPz
-DY0hz9MoQHyDGKGX+rJ+VMv9M9YoF0fBbIrDTfOcM9/tX7pLbILcexeUzBKo7ZJk
-XWo3nhJldloidmEAWSJMKuJ7qEhFcBN99UWQcJs6Tt/Vp6RydJ/jyjJPy/jii+vO
-NXXc3qFN0j5qqZZ3JgDUpRnkREHUDho=
+BQADggEBAJpvaWxKqBrHQgSu2NPQsM6u1mhc5pE3OdhsZEMR/anqSkfovGzcErlw
+lBKoXiEa6aL6z8IZRyJdbJ5Oo2odf3WPpwZWL8Ks1i5WkO9TAXBfouBtKHmruyRA
+zWJuGLVdM2rQHITGj4J3HXuFyWDbQbJu0ko+7et2YlmCkyEctY/WnsJc2KPKzy8W
+oAMtfNk87BtVV9oiSWfGndqaGifYH+rldFMUop26o/oKyVL8UDMq1bUlOVq05Iou
+uMVf96wrsOz+z6UjWGwYLGgtVsUWLYoKwS2qzTMVHIDjr5Ew9vTOKFdMMrgJrCm3
+B0cdfb1KWl2XC0vIIrz5NSlyWA/2NKM=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/client-uri-cert.pem b/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
index 321e9e2b..266eb518 100644
--- a/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/client-uri-cert.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            31:01:44:60:7d:f5:1c:e0:55:a6:4f:c9:fd:9a:11:8b:31:40:77:3b
+            7a:65:40:12:3e:1c:49:57:0a:f7:c6:7d:63:b7:25:6a:d7:cb:83:38
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = URI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -38,34 +38,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_2048/OU=URI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:31:01:44:60:7D:F5:1C:E0:55:A6:4F:C9:FD:9A:11:8B:31:40:77:3B
+                serial:7A:65:40:12:3E:1C:49:57:0A:F7:C6:7D:63:B7:25:6A:D7:CB:83:38
 
             X509v3 Basic Constraints: 
                 CA:FALSE
             X509v3 Subject Alternative Name: 
                 URI:https://www.wolfssl.com
     Signature Algorithm: sha256WithRSAEncryption
-         1c:c6:a7:c5:f4:80:8b:30:5e:17:44:27:82:4b:bb:6a:37:ba:
-         e2:89:6a:f6:b2:30:b3:9b:4a:77:b0:c7:4c:a6:7d:e3:51:48:
-         00:88:60:f0:50:8a:a0:48:ac:0d:14:05:e9:c3:98:d2:84:a9:
-         de:39:4e:dc:48:85:32:96:99:52:75:9e:5c:d9:c8:6a:b7:da:
-         f0:e9:a3:86:95:1c:17:70:23:40:88:e8:1e:79:96:92:98:5c:
-         d6:b0:83:6e:61:9c:5a:c1:72:f9:2a:12:a2:8c:b1:f8:39:dd:
-         56:9a:1b:c9:57:4f:83:8f:48:77:c5:f9:31:5f:7c:05:b0:f3:
-         a9:08:e1:de:c9:8c:bb:e8:3b:12:ee:29:a9:21:97:0b:d0:d9:
-         75:d4:b5:5b:9f:1a:c6:44:de:e4:64:d0:de:9b:c6:08:08:33:
-         ab:c1:a5:3d:7d:fd:b9:f2:0f:6e:96:e1:7f:d3:c0:c6:47:67:
-         71:b2:00:87:eb:e3:6b:a6:2f:95:5d:5d:3e:3f:0f:fc:ad:68:
-         a9:19:43:6b:45:dc:e3:d1:53:53:3b:25:aa:af:af:c2:95:c4:
-         4a:19:29:56:bc:20:51:92:bd:93:d4:f9:bc:14:07:42:a7:9f:
-         9d:fa:68:ae:a9:76:f3:64:98:5f:04:ef:2b:b1:fe:d0:cb:e4:
-         2f:04:f0:62
+         5d:a4:3a:35:ae:40:5b:fb:1e:7b:09:41:32:4b:0b:0e:88:6e:
+         77:04:87:6c:dd:f6:bb:48:f0:38:25:d1:62:e8:fc:b8:b9:32:
+         ad:bf:2d:66:92:8e:fb:62:2b:f2:f9:64:8f:c0:48:93:1b:d5:
+         a5:34:10:da:09:27:a3:c0:67:80:4e:b6:69:0a:56:8d:63:12:
+         90:21:8b:a1:74:a0:5e:60:a3:3e:b5:4b:bf:12:a4:9f:37:ad:
+         4e:1f:08:fa:3c:b0:ab:64:ba:78:70:da:4a:b8:5a:0b:8f:ca:
+         19:3d:7d:0e:c6:20:d7:7d:99:19:26:26:d5:fd:dd:df:30:69:
+         89:ff:4d:0c:94:6c:11:2e:ff:6d:71:42:b3:76:5a:c3:f4:a4:
+         17:83:d0:1a:85:58:12:04:9b:77:39:f3:34:0b:75:bd:1f:98:
+         96:6c:b9:6a:9f:e7:49:ed:ca:5d:09:f9:3a:62:82:57:f3:ba:
+         5d:73:b6:da:c3:bd:7c:31:9e:e4:92:41:6c:8b:64:4f:cd:bd:
+         9d:02:73:29:53:2d:e0:2b:83:36:3d:c5:a2:34:43:c0:7a:03:
+         1b:74:e3:75:02:84:ef:92:bf:e8:a5:43:53:04:0c:ea:bb:ba:
+         3a:e1:28:b6:c8:15:dd:5a:bb:ae:b0:47:81:5b:09:c2:47:5b:
+         f8:7a:87:bc
 -----BEGIN CERTIFICATE-----
-MIIE2jCCA8KgAwIBAgIUMQFEYH31HOBVpk/J/ZoRizFAdzswDQYJKoZIhvcNAQEL
+MIIE2jCCA8KgAwIBAgIUemVAEj4cSVcK98Z9Y7clatfLgzgwDQYJKoZIhvcNAQEL
 BQAwgZExCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMXzIwNDgxDDAKBgNVBAsMA1VSSTEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
-c2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZExCzAJBgNV
+c2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZExCzAJBgNV
 BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYD
 VQQKDAx3b2xmU1NMXzIwNDgxDDAKBgNVBAsMA1VSSTEYMBYGA1UEAwwPd3d3Lndv
 bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -79,12 +79,12 @@ o4IBJjCCASIwHQYDVR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMIHRBgNVHSME
 gckwgcaAFDPYRWbXaIcYflQNcCeRxybXhWXAoYGXpIGUMIGRMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEVMBMGA1UECgwM
 d29sZlNTTF8yMDQ4MQwwCgYDVQQLDANVUkkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
-LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUMQFEYH31HOBV
-pk/J/ZoRizFAdzswCQYDVR0TBAIwADAiBgNVHREEGzAZhhdodHRwczovL3d3dy53
-b2xmc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHManxfSAizBeF0Qngku7aje6
-4olq9rIws5tKd7DHTKZ941FIAIhg8FCKoEisDRQF6cOY0oSp3jlO3EiFMpaZUnWe
-XNnIarfa8OmjhpUcF3AjQIjoHnmWkphc1rCDbmGcWsFy+SoSooyx+DndVpobyVdP
-g49Id8X5MV98BbDzqQjh3smMu+g7Eu4pqSGXC9DZddS1W58axkTe5GTQ3pvGCAgz
-q8GlPX39ufIPbpbhf9PAxkdncbIAh+vja6YvlV1dPj8P/K1oqRlDa0Xc49FTUzsl
-qq+vwpXEShkpVrwgUZK9k9T5vBQHQqefnfporql282SYXwTvK7H+0MvkLwTwYg==
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUemVAEj4cSVcK
+98Z9Y7clatfLgzgwCQYDVR0TBAIwADAiBgNVHREEGzAZhhdodHRwczovL3d3dy53
+b2xmc3NsLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAXaQ6Na5AW/seewlBMksLDohu
+dwSHbN32u0jwOCXRYuj8uLkyrb8tZpKO+2Ir8vlkj8BIkxvVpTQQ2gkno8BngE62
+aQpWjWMSkCGLoXSgXmCjPrVLvxKknzetTh8I+jywq2S6eHDaSrhaC4/KGT19DsYg
+132ZGSYm1f3d3zBpif9NDJRsES7/bXFCs3Zaw/SkF4PQGoVYEgSbdznzNAt1vR+Y
+lmy5ap/nSe3KXQn5OmKCV/O6XXO22sO9fDGe5JJBbItkT829nQJzKVMt4CuDNj3F
+ojRDwHoDG3TjdQKE75K/6KVDUwQM6ru6OuEotsgV3Vq7rrBHgVsJwkdb+HqHvA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
index 778b4dca..4dfa62b2 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int-ecc.pem
@@ -1,10 +1,10 @@
 -----BEGIN X509 CRL-----
-MIIBYDCCAQUCAQEwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBXjCCAQUCAQEwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0y
-MDA2MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBQTtXlZ
-MrO7tEezNA6AwIMeqoLIWzALBgNVHRQEBAICIAQwCgYIKoZIzj0EAwIDSQAwRgIh
-AI0Fl7b1oh6x96i14akYhMMcVHPi7VdLh7fXSf9bMoeqAiEAzxqdobdrD2e53V5b
-0o4HUOCgRB1dzH1m+LcRe+LPUnI=
+MzA5MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBSXHWDD
+hyJZm2AfhLSZHIhNv9oebjALBgNVHRQEBAICIAQwCgYIKoZIzj0EAwIDRwAwRAIg
+C6Wlwom5faQm2pTYRBI2DVTdy7DYv1QYsi/y6ZDhPAQCIEfioB8LqiTO0gjSzUVN
+KPkEXx3y4Ih3HHcrTwWOVuGv
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
index 0dcb10dd..f4b2208f 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int.pem
@@ -2,13 +2,13 @@
 MIICHDCCAQQCAQEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVTMRMwEQYD
 VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
 U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRl
-cm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIw
-MDYxNjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFIMc8ZiF
-7G4GRTTeUcC6tytnMmZNMAsGA1UdFAQEAgIgADANBgkqhkiG9w0BAQsFAAOCAQEA
-VQ6Am+DuDpBbUs2yEIe0MDwgVZacmOwEB6wZM/c62qW+tGitjUnj1UD6wNQZwYpP
-OGNYOdbiIskilSC97WJgXW4dJVrRHiV8nAzzi/8tZO96oUbLx1hmfx1/hCxqtm50
-bbYUuS25qoiVFKYkx1tocY+ESLfam09T8ZP3m5m38h5YTe+s6dmHdonEM+JlNEdT
-itvZtSfUU29xCQIXVSWFJHsRGjqdvCpndtY1Kmb8aYdB60zpk2JgOGljg2uF7Iq0
-lquWWfhDl77r0qdlRYHTQ+0FetU4gCZ+ZVGH07+FD/p+GxPh4P0D3i2gFq2Z/0en
-396xKNy+NiBbFw/CUFbLDw==
+cm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIz
+MDkyNzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFO9p4PfV
+HeaZ7Nxt0PfiuVxkcYM1MAsGA1UdFAQEAgIgADANBgkqhkiG9w0BAQsFAAOCAQEA
+S39FIBb1dxg1cLXT/tg/G5AO96rcOYWz31KoZee1ATTDmgG/Wfl5eZyzqIrj6yNB
+r0itqwEK4rcJRz5CGRPCa81M3VRcQncj908boEuVsaiWzobWYz1TYTFUvnlQpRO3
+Z124+mBucZ+VxiClZqcCfR/0I8tJFMYDltwWtap8VYeIV6qhqKw7EWTPhwG+me18
+jyhclPaq6sHiUBanecQODzrlXsLGgC64E9h0zbFc7xQXrnLWRurfuLA4vY2xoyyj
+xwTcdSLDL4rlqA2dVEx/FrbA1SBjgUrJy4XJthsFIu4M2fiY81cWKQmEC/2q7qPK
+NrGG8b24EkPvFXepUtleJQ==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
index ae048dee..917c6891 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int2-ecc.pem
@@ -3,8 +3,8 @@ MIIBYTCCAQYCAQEwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJbnRlcm1l
 ZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcN
-MjAwNjE2MTkxNzU4WhcNMjMwMzEzMTkxNzU4WqAwMC4wHwYDVR0jBBgwFoAUG/S9
-kCh0ZOMzXotkp/yvuvK5VeUwCwYDVR0UBAQCAiAFMAoGCCqGSM49BAMCA0kAMEYC
-IQDBYNHurBS8JV1DkJLVaVXD5lrvjdCA13poIGJxVvx0NwIhALJQRBbMvQCLZ4ci
-sE1dD+cpe4NdK/x2iH4QJ8XJX8uc
+MjMwOTI3MTIxMDA5WhcNMjYwNjIzMTIxMDA5WqAwMC4wHwYDVR0jBBgwFoAUn657
+enCABFUrxrcMW3nkEkFlMSkwCwYDVR0UBAQCAiAFMAoGCCqGSM49BAMCA0kAMEYC
+IQCIZv1TFoij0ezl8/TaA4wq4cNRnYZaKf+W4ROnAfghZwIhALog+BqrxkhP0C3C
+LEWWD4Q7rOIZdNfK8ABwrg+vWneJ
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem b/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
index c0d26522..7d606ec4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/ca-int2.pem
@@ -3,12 +3,12 @@ MIICHTCCAQUCAQEwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVTMRMwEQYD
 VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
 U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBJbnRl
 cm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0y
-MDA2MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBR6ix1O
-o0DIzlhfjfz/Rix1QdkDXjALBgNVHRQEBAICIAEwDQYJKoZIhvcNAQELBQADggEB
-AJeG0+IjjS5Rf2gAJu/ldHzCwMJccTKt17mHjyQhQnzOQN8Df+zAUDWIVF99d0vO
-cQFx5SYWpFYkT6kSRYHdYmZp8s6Yl0oQJ+isQ1wsFnkF2z+I/g1f/uDX9LWnKxnj
-UE2UttU6fKGQl2F8SDnloDsQjjGnxssyGVeNCTBGjkCHHH9QSpZv5xjTN7INYCso
-3GkWnXwGkghwleXGtgMwW2IMsNVMIFJlHQQzk9P6gqTtvhkCNp6rjAHieU8GqBkh
-1zCMDTgk2LjFaRF/OnbOk1/j+LZZxox9KUIhUF4d33+PhoUd9YegvJJfdVXAKnVc
-HwoO9FjX3jBcnfvs6qPBKLc=
+MzA5MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBQNyWAg
+Q1iB4Joh72YW3G4hJd8rRTALBgNVHRQEBAICIAEwDQYJKoZIhvcNAQELBQADggEB
+AFZgStFKb9hSbaI7ysWXXDNBNPvb97aHd8A3T4HgYVf6MqlnyI2gJbe5VUYtoJTF
+VTIrfM7tJQf68pGCpCbo6N8ai9xAvfU+AeWk2SHgBFRj2LRprx7tDwt0/Y6YlZ2a
+PHhTqyOLEhrW0Qh6NLOJ3e0zS/GQ7Oy8muPUcBbeq+XkLK2JH6gKVrzjn7QptNDr
+7zEdntQArofx1+twNrn800pdltNjV0etC1Ags5ocg10Xp1dD9NPFdLsY5cASHitP
+xpek4sZiBvEB0YKOs+eY8tYtFAPRzEfz5JeZNwUL3jhLH8/4d0mioVSH1+k0xkBz
+MRdmZc1yQaIQe6U0tgzw9SM=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem b/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
index e83d959f..ab0833e0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/caEcc384Crl.pem
@@ -1,10 +1,10 @@
 -----BEGIN X509 CRL-----
-MIIBcTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+MIIBcjCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
 FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFqgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA
-ElNSMAoGA1UdFAQDAgEKMAoGCCqGSM49BAMCA2gAMGUCMCbmiewu7ikmrUaNHKUE
-6oqf9mULJeeG7FfVnGXZll7gTCM3R4nThSrxLle4e8IIMgIxAIccPNJG5N7KK4lQ
-DjHWMuKNQUJ2B5w+S5OCX99KhhoBBH+SzQgd+3XcQTpVZ2kKNw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFKvgwyZMGNRyu9KEjJwKBZKA
+ElNSMAoGA1UdFAQDAgEMMAoGCCqGSM49BAMCA2kAMGYCMQDiAhgtXMrlvYjxh1+q
+uqluR12ThFI1k8wTdFiGF0yToo3zpoxbaN5w33vBYVUZzCYCMQD76v5cIfO8RUBc
+f5tVsV7n7fGhwMPREOw0f0nmtl+qwNWSDDegMLtTdZyYF9ERdV0=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der
new file mode 100644
index 00000000..9f025a15
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.der
diff --git a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
index b8832dce..4729407b 100644
--- a/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/caEccCrl.pem
@@ -2,9 +2,9 @@
 MIIBUTCB+AIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZTU0wx
 FDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFqgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD
-86UhMAoGA1UdFAQDAgEJMAoGCCqGSM49BAMCA0gAMEUCIGhDySSru33cJYxzkQsE
-TRiRigzyNzpor3a3t5VzqmY8AiEA8WCuamxgE0S+Pas7uuUJPzXlq7JAwmCVwP+h
-nH1nWYM=
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1qgLzAtMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD
+86UhMAoGA1UdFAQDAgELMAoGCCqGSM49BAMCA0gAMEUCICFj5IcBuGatpURtIwMU
+hSKkP11GeUUb5crLMcBKI2u9AiEArWyOTYXvODOGebzJONGEy7UQ9d+HUba3ROqc
+aGu35HE=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem b/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
index 10fe5819..00c48537 100644
--- a/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/cliCrl.pem
@@ -2,41 +2,41 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
-                6
+                8
 Revoked Certificates:
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: sha256WithRSAEncryption
-         bf:d3:f7:5b:70:94:5a:11:50:b2:7d:7b:f9:c8:0f:aa:1b:82:
-         f9:24:5f:79:a6:ab:9d:71:53:83:a2:29:93:a4:91:9d:70:0e:
-         b7:b7:e2:67:b8:ee:1c:fb:81:be:f7:e6:a7:d7:c0:df:5d:d3:
-         4b:df:50:1c:08:c3:95:20:bd:6c:0e:f8:c9:70:66:cd:42:19:
-         d8:a5:75:bf:cc:b4:fb:f4:fc:85:58:06:95:07:fd:a5:c2:a8:
-         ac:a3:e9:eb:0c:99:98:f8:62:a8:59:22:d5:72:71:05:8a:ca:
-         6a:5a:96:c1:a3:29:b2:ea:78:30:1d:8c:c5:17:26:b5:d4:87:
-         79:c9:f6:51:2e:c9:e9:b5:f4:17:2a:8e:ba:3d:e9:8d:e0:66:
-         87:7b:8f:36:8c:62:45:7a:07:2b:b2:da:02:ba:27:b9:e6:18:
-         d8:84:5f:4d:8f:cd:03:91:e8:53:c8:10:c8:d9:51:af:3d:e3:
-         35:25:cd:3e:44:7e:fd:8f:74:46:4a:b9:03:da:41:2b:b1:4d:
-         4c:39:af:14:fa:9c:4f:54:4c:4b:9f:a8:4a:b6:99:24:95:54:
-         37:05:ab:45:7b:7b:25:20:d1:99:b1:5e:aa:98:a0:1e:b9:b1:
-         a3:fe:e5:2c:f8:49:d8:94:07:05:79:b5:9b:19:0e:53:c8:b3:
-         ce:60:d0:bc
+         74:17:9b:40:81:d2:a0:f3:26:68:44:5b:f8:a2:6c:3f:7e:71:
+         75:a2:7f:c6:e6:71:cb:f9:08:57:42:cd:3e:3f:ab:cd:0c:85:
+         36:45:58:8b:59:28:81:d9:b0:6b:10:4a:d0:7d:59:ad:cf:53:
+         05:cb:13:c7:c1:ec:65:64:6b:4d:e6:87:0b:ae:06:60:ab:8a:
+         3c:ae:c1:7d:ed:8f:ee:09:02:7a:3a:f2:21:bf:89:ef:cd:14:
+         b1:03:64:2d:b2:b6:45:15:da:2d:ee:2d:c0:15:3b:a8:01:a8:
+         4f:30:61:ae:99:b9:16:07:b5:8b:71:8f:38:ac:69:82:39:90:
+         92:ff:d6:41:33:3b:92:5b:f2:dd:56:5a:8f:82:d1:1f:76:ee:
+         ca:01:a2:ac:c0:22:41:dd:6e:e1:ce:06:b0:6f:bc:e2:da:91:
+         11:c1:a0:41:16:7d:ba:7e:a1:53:13:14:4b:54:3b:b9:44:cf:
+         4f:1c:ef:ce:a8:bd:e8:ab:ba:de:97:f7:b7:7d:4f:ab:7a:e7:
+         73:65:97:a1:d9:a3:f3:92:f1:95:06:6d:52:7b:6e:fd:26:56:
+         55:83:c7:71:f7:a4:8f:9a:2c:52:04:dd:9f:85:ab:9c:88:e1:
+         30:c6:4a:88:7d:20:1b:c6:47:8b:82:cc:9d:0f:51:69:b1:90:
+         b2:8a:9c:74
 -----BEGIN X509 CRL-----
 MIICDjCB9wIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
 MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEy
-MTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMBQwEgIBAhcNMjIxMjE2MjExNzUwWqAO
-MAwwCgYDVR0UBAMCAQYwDQYJKoZIhvcNAQELBQADggEBAL/T91twlFoRULJ9e/nI
-D6obgvkkX3mmq51xU4OiKZOkkZ1wDre34me47hz7gb735qfXwN9d00vfUBwIw5Ug
-vWwO+MlwZs1CGdildb/MtPv0/IVYBpUH/aXCqKyj6esMmZj4YqhZItVycQWKympa
-lsGjKbLqeDAdjMUXJrXUh3nJ9lEuyem19Bcqjro96Y3gZod7jzaMYkV6Byuy2gK6
-J7nmGNiEX02PzQOR6FPIEMjZUa894zUlzT5Efv2PdEZKuQPaQSuxTUw5rxT6nE9U
-TEufqEq2mSSVVDcFq0V7eyUg0ZmxXqqYoB65saP+5Sz4SdiUBwV5tZsZDlPIs85g
-0Lw=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy
+MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaMBQwEgIBAhcNMjMxMjEzMjIxOTMzWqAO
+MAwwCgYDVR0UBAMCAQgwDQYJKoZIhvcNAQELBQADggEBAHQXm0CB0qDzJmhEW/ii
+bD9+cXWif8bmccv5CFdCzT4/q80MhTZFWItZKIHZsGsQStB9Wa3PUwXLE8fB7GVk
+a03mhwuuBmCrijyuwX3tj+4JAno68iG/ie/NFLEDZC2ytkUV2i3uLcAVO6gBqE8w
+Ya6ZuRYHtYtxjzisaYI5kJL/1kEzO5Jb8t1WWo+C0R927soBoqzAIkHdbuHOBrBv
+vOLakRHBoEEWfbp+oVMTFEtUO7lEz08c786oveirut6X97d9T6t653Nll6HZo/OS
+8ZUGbVJ7bv0mVlWDx3H3pI+aLFIE3Z+Fq5yI4TDGSoh9IBvGR4uCzJ0PUWmxkLKK
+nHQ=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
index e3ead624..c00803db 100644
--- a/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/client-int-ecc.pem
@@ -1,10 +1,10 @@
 -----BEGIN X509 CRL-----
-MIIBXDCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBWzCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBDbGllbnQg
-Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMDA2
-MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBTr1EtZa5Vh
-P1FXtgRNiUGIRFyr8jALBgNVHRQEBAICIAcwCgYIKoZIzj0EAwIDSAAwRQIhAJiz
-His7baFwO9NAwNTMMpNJbYd1XClf1q9lOdO9S/sqAiBfh8Qy7Lri1brEaafDCxe3
-3PgVHR+m9QkJssAuOEIK2A==
+Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzA5
+MjcxMjEwMTBaFw0yNjA2MjMxMjEwMTBaoDAwLjAfBgNVHSMEGDAWgBTr1EtZa5Vh
+P1FXtgRNiUGIRFyr8jALBgNVHRQEBAICIAcwCgYIKoZIzj0EAwIDRwAwRAIgN4x2
+Lb57tlFYEhVyiNJ+7vmlTSn5IgDY2aMbw5bSi+wCIA7KlbvpkAzSA+lKwUD8wmfW
+r4AwiWgQOz5RfhRx1rXC
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/client-int.pem b/extra/wolfssl/wolfssl/certs/crl/client-int.pem
index e11c30bb..0cbde2d7 100644
--- a/extra/wolfssl/wolfssl/certs/crl/client-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/client-int.pem
@@ -2,13 +2,13 @@
 MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZwxCzAJBgNVBAYTAlVTMRMwEQYD
 VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
 U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29sZlNTTCBDbGll
-bnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIwMDYx
-NjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFDPYRWbXaIcY
-flQNcCeRxybXhWXAMAsGA1UdFAQEAgIgAzANBgkqhkiG9w0BAQsFAAOCAQEARom6
-mppTxCF+GWAEHFbn9EJee2uCCrQ9dd4JLA1Hc4XYGHOoN54jPKZEvTTYB5XKImCg
-NvbOb98l88Gpr0fUDTuAdBQZrM7Vs3IBPoOJdjMNuwQzxvQ+WdY2Jft/4CaR4/mq
-oMJrmhlz1PmWNTqqfFS/GQv/NYDdCXhP4bNuWRMZoSYROyby+bqr2SgNbZ+0GA3/
-jeSCXmdngwEB7z5SoqqRscVOS7Sw1S3e6X/QNQ6rNNR6MWKH95Ra8ke9A12r+3zu
-ZqbIYtbaF49tvOJsvzKQeC8J2oTzpEbRvNudJ4mXLpNEw5I/RL1sum0bJIn0wL+/
-7q1EaGe14zTsPsx06g==
+bnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMDky
+NzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFDPYRWbXaIcY
+flQNcCeRxybXhWXAMAsGA1UdFAQEAgIgAzANBgkqhkiG9w0BAQsFAAOCAQEAquOQ
+8p0OUhEcAy2RKuXz9mJ+/NpBf4O3f4DmIlNjKC+Vm6dkV/wYFI63/trUZ7zOsL2A
+GCDuFtXqcmWJcl6A3Fi2sUqSrwaz+J7n0fRARlvAHNIiSZX02pPYt+zzBxUUdvmp
+VcFyAPs5VTbCGXQEgqPsH2bpeVtDvEqEhS4fv6GtOQ59nOiDMJqHl6iUKAD/Jw4x
+M/eemrpnGS4K2JG/IBmQN8bZ/3pX+4bAymNqaj+Wz0PQxkOvr7Kv+U9M/Jr8QXPz
+zPAZQfPU5caUA+DhGwPK9NNJu07seuUTi7D0qRP28p0k4rOR7AtRmi47KhP1Rxm1
+7aYL9GnvRcuHob7NtQ==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.der b/extra/wolfssl/wolfssl/certs/crl/crl.der
index f1396b8a..c6ec65c4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.der
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.der
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.pem b/extra/wolfssl/wolfssl/certs/crl/crl.pem
index 9da22d86..a4a09f0a 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.pem
@@ -2,40 +2,40 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 2
 Revoked Certificates:
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: sha256WithRSAEncryption
-         39:44:ff:39:f4:04:45:79:7e:73:e2:42:48:db:85:66:fd:99:
-         76:94:7c:b5:79:5d:15:71:36:a9:87:f0:73:05:50:08:6b:1c:
-         6e:de:96:45:31:c3:c0:ba:ba:f5:08:1d:05:4a:52:39:e9:03:
-         ef:59:c8:1d:4a:f2:86:05:99:7b:4b:74:f6:d3:75:8d:b2:57:
-         ba:ac:a7:11:14:d6:6c:71:c4:4c:1c:68:bc:49:78:f0:c9:52:
-         8a:e7:8b:54:e6:20:58:20:60:66:f5:14:d8:cb:ff:e0:a0:45:
-         bc:b4:81:ad:1d:bc:cf:f8:8e:a8:87:24:55:99:d9:ce:47:f7:
-         5b:4a:33:6d:db:bf:93:64:1a:a6:46:5f:27:dc:d8:d4:f9:c2:
-         42:2a:7e:b2:7c:dd:98:77:f5:88:7d:15:25:08:bc:e0:d0:8d:
-         f4:c3:c3:04:41:a4:d1:b1:39:4a:6b:2c:b5:2e:9a:65:43:0d:
-         0e:73:f4:06:e1:b3:49:34:94:b0:b7:ff:c0:27:c1:b5:ea:06:
-         f7:71:71:97:bb:bc:c7:1a:9f:eb:f6:3d:a5:7b:55:a7:bf:dd:
-         d7:ee:97:b8:9d:dc:cd:e3:06:db:9a:2c:60:bf:70:84:fa:6b:
-         8d:70:7d:de:e8:b7:ab:b0:38:68:6c:c0:b1:e1:ba:45:e0:d7:
-         12:3d:71:5b
+         48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89:
+         a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99:
+         81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a:
+         43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf:
+         33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d:
+         18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8:
+         c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90:
+         05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3:
+         97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d:
+         a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1:
+         b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b:
+         ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa:
+         51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3:
+         ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95:
+         aa:3b:43:1c
 -----BEGIN X509 CRL-----
 MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
 MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFowFDASAgECFw0yMjEyMTYyMTE3NTBaoA4wDDAKBgNVHRQE
-AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAOUT/OfQERXl+c+JCSNuFZv2ZdpR8tXld
-FXE2qYfwcwVQCGscbt6WRTHDwLq69QgdBUpSOekD71nIHUryhgWZe0t09tN1jbJX
-uqynERTWbHHETBxovEl48MlSiueLVOYgWCBgZvUU2Mv/4KBFvLSBrR28z/iOqIck
-VZnZzkf3W0ozbdu/k2QapkZfJ9zY1PnCQip+snzdmHf1iH0VJQi84NCN9MPDBEGk
-0bE5SmsstS6aZUMNDnP0BuGzSTSUsLf/wCfBteoG93Fxl7u8xxqf6/Y9pXtVp7/d
-1+6XuJ3czeMG25osYL9whPprjXB93ui3q7A4aGzAseG6ReDXEj1xWw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R
+8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP
+MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98
+8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc
+HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6
+UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl.revoked b/extra/wolfssl/wolfssl/certs/crl/crl.revoked
index b85ca36d..73252614 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl.revoked
+++ b/extra/wolfssl/wolfssl/certs/crl/crl.revoked
@@ -2,43 +2,43 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 3
 Revoked Certificates:
     Serial Number: 01
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: sha256WithRSAEncryption
-         1f:6c:1c:50:42:8a:55:bc:41:f6:a9:15:b6:ad:90:53:0a:b8:
-         73:71:8b:dd:0e:8f:95:0f:97:6d:82:24:09:6d:d5:9f:57:47:
-         ab:c2:10:ad:df:27:0b:6c:d4:1f:c2:d5:4b:56:4b:44:01:3e:
-         5f:d3:08:6c:da:5b:94:40:00:47:e2:c9:f5:93:3d:c6:b0:28:
-         b6:48:ff:32:9e:7b:d9:2d:71:5c:c4:53:13:50:8d:c7:e8:d0:
-         6f:28:ee:71:a0:8a:3e:da:9a:c4:e1:ad:a7:36:ce:87:ff:1f:
-         32:f1:32:ca:ff:81:d9:b8:d1:ca:39:7f:08:90:77:da:45:23:
-         56:49:ad:08:99:ef:75:23:5f:92:9a:b4:34:ef:5c:b1:68:71:
-         0d:06:31:28:5e:b1:34:56:a3:d6:47:8a:ba:2b:e2:be:28:29:
-         d0:6a:12:60:5e:5c:93:7d:0d:54:bf:ee:72:7f:31:e6:9a:ab:
-         56:fc:34:45:06:e9:bd:fc:39:1d:37:91:77:d2:da:96:01:a0:
-         0d:9f:cf:b6:26:98:6b:fb:d9:ef:51:1d:df:41:6c:3c:61:5c:
-         38:83:e4:71:51:1d:62:57:53:8b:0b:0a:b1:ac:df:5c:22:26:
-         b6:67:51:62:06:5b:97:ed:94:f4:40:7e:48:4e:3b:fd:b7:75:
-         40:17:ec:48
+         72:6e:a4:64:36:6b:e8:e0:c5:1d:98:ef:ab:7e:7a:14:f2:8d:
+         99:d0:57:4b:76:ac:f4:89:60:cd:89:23:9d:01:34:f3:83:e5:
+         82:21:b3:48:c4:42:25:7f:ea:9f:74:5f:e8:b8:d6:71:bb:a2:
+         39:d8:ef:46:a8:13:ba:7d:44:ab:d6:13:65:18:de:b5:03:85:
+         a7:c6:4f:0a:a0:6a:78:ba:7b:f7:ce:6e:ba:1c:ef:6f:b1:04:
+         a8:ac:c6:de:3b:76:77:3e:3d:8b:ae:8b:2b:7e:c9:4f:77:31:
+         7f:1f:f5:04:2c:e9:cf:a1:56:c2:59:e9:be:49:9f:e8:67:a3:
+         42:66:05:21:02:64:82:b2:74:a7:4b:89:89:7d:43:1a:41:fd:
+         53:8c:d6:4f:27:04:2a:48:6b:9e:62:fa:4a:42:83:22:53:3f:
+         53:07:4f:bc:cd:8d:8d:cc:15:c6:ff:3c:af:7d:db:ab:dd:fa:
+         8f:65:86:86:2a:89:5e:3f:d5:4b:39:80:78:3f:6e:38:3b:6d:
+         a5:5e:2c:9e:1d:2f:9c:62:12:b1:34:f2:95:64:37:dc:4b:20:
+         dc:27:f3:de:81:67:b2:04:b0:14:b9:47:e3:65:e3:2f:35:27:
+         c2:fc:22:db:24:bd:04:58:88:17:e3:42:3c:a5:ef:53:39:15:
+         54:52:ac:a1
 -----BEGIN X509 CRL-----
 MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYD
 VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290
 aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEyMTYyMTE3NTBa
-Fw0yNTA5MTEyMTE3NTBaMCgwEgIBARcNMjIxMjE2MjExNzUwWjASAgECFw0yMjEy
-MTYyMTE3NTBaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAH2wc
-UEKKVbxB9qkVtq2QUwq4c3GL3Q6PlQ+XbYIkCW3Vn1dHq8IQrd8nC2zUH8LVS1ZL
-RAE+X9MIbNpblEAAR+LJ9ZM9xrAotkj/Mp572S1xXMRTE1CNx+jQbyjucaCKPtqa
-xOGtpzbOh/8fMvEyyv+B2bjRyjl/CJB32kUjVkmtCJnvdSNfkpq0NO9csWhxDQYx
-KF6xNFaj1keKuivivigp0GoSYF5ck30NVL/ucn8x5pqrVvw0RQbpvfw5HTeRd9La
-lgGgDZ/PtiaYa/vZ71Ed30FsPGFcOIPkcVEdYldTiwsKsazfXCImtmdRYgZbl+2U
-9EB+SE47/bd1QBfsSA==
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEyMTMyMjE5MzNa
+Fw0yNjA5MDgyMjE5MzNaMCgwEgIBARcNMjMxMjEzMjIxOTMzWjASAgECFw0yMzEy
+MTMyMjE5MzNaoA4wDDAKBgNVHRQEAwIBAzANBgkqhkiG9w0BAQsFAAOCAQEAcm6k
+ZDZr6ODFHZjvq356FPKNmdBXS3as9IlgzYkjnQE084PlgiGzSMRCJX/qn3Rf6LjW
+cbuiOdjvRqgTun1Eq9YTZRjetQOFp8ZPCqBqeLp7985uuhzvb7EEqKzG3jt2dz49
+i66LK37JT3cxfx/1BCzpz6FWwlnpvkmf6GejQmYFIQJkgrJ0p0uJiX1DGkH9U4zW
+TycEKkhrnmL6SkKDIlM/UwdPvM2NjcwVxv88r33bq936j2WGhiqJXj/VSzmAeD9u
+ODttpV4snh0vnGISsTTylWQ33Esg3Cfz3oFnsgSwFLlH42XjLzUnwvwi2yS9BFiI
+F+NCPKXvUzkVVFKsoQ==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl2.der b/extra/wolfssl/wolfssl/certs/crl/crl2.der
index f1396b8a..c6ec65c4 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl2.der
+++ b/extra/wolfssl/wolfssl/certs/crl/crl2.der
diff --git a/extra/wolfssl/wolfssl/certs/crl/crl2.pem b/extra/wolfssl/wolfssl/certs/crl/crl2.pem
index 667ef84c..eb71f194 100644
--- a/extra/wolfssl/wolfssl/certs/crl/crl2.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/crl2.pem
@@ -2,79 +2,79 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 2
 Revoked Certificates:
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: sha256WithRSAEncryption
-         39:44:ff:39:f4:04:45:79:7e:73:e2:42:48:db:85:66:fd:99:
-         76:94:7c:b5:79:5d:15:71:36:a9:87:f0:73:05:50:08:6b:1c:
-         6e:de:96:45:31:c3:c0:ba:ba:f5:08:1d:05:4a:52:39:e9:03:
-         ef:59:c8:1d:4a:f2:86:05:99:7b:4b:74:f6:d3:75:8d:b2:57:
-         ba:ac:a7:11:14:d6:6c:71:c4:4c:1c:68:bc:49:78:f0:c9:52:
-         8a:e7:8b:54:e6:20:58:20:60:66:f5:14:d8:cb:ff:e0:a0:45:
-         bc:b4:81:ad:1d:bc:cf:f8:8e:a8:87:24:55:99:d9:ce:47:f7:
-         5b:4a:33:6d:db:bf:93:64:1a:a6:46:5f:27:dc:d8:d4:f9:c2:
-         42:2a:7e:b2:7c:dd:98:77:f5:88:7d:15:25:08:bc:e0:d0:8d:
-         f4:c3:c3:04:41:a4:d1:b1:39:4a:6b:2c:b5:2e:9a:65:43:0d:
-         0e:73:f4:06:e1:b3:49:34:94:b0:b7:ff:c0:27:c1:b5:ea:06:
-         f7:71:71:97:bb:bc:c7:1a:9f:eb:f6:3d:a5:7b:55:a7:bf:dd:
-         d7:ee:97:b8:9d:dc:cd:e3:06:db:9a:2c:60:bf:70:84:fa:6b:
-         8d:70:7d:de:e8:b7:ab:b0:38:68:6c:c0:b1:e1:ba:45:e0:d7:
-         12:3d:71:5b
+         48:36:98:18:42:9c:0c:81:51:19:75:4b:26:9a:e0:07:18:89:
+         a2:a1:bd:b6:4e:91:f2:44:93:1a:50:a1:8f:72:1f:c4:ae:99:
+         81:c5:00:3a:94:03:de:00:24:98:d4:2c:17:e5:ba:f2:29:3a:
+         43:c8:23:ba:73:6a:5c:99:5d:ba:80:dd:bd:4f:cd:53:a6:cf:
+         33:11:31:30:27:e2:d2:31:06:65:b8:3e:cf:fe:00:21:ff:0d:
+         18:4f:fc:fd:d5:80:75:72:7c:2e:44:c1:a1:26:a6:8a:88:c8:
+         c0:66:1a:d4:99:36:ca:8f:67:42:8f:7c:f2:1a:e7:1b:d0:90:
+         05:22:0d:29:d3:35:57:23:8c:bb:d2:53:c1:a8:00:3c:d4:b3:
+         97:23:8a:4f:1d:8b:c9:73:6a:96:40:b0:a4:b1:c7:de:06:4d:
+         a3:5d:6a:d2:f5:5c:1e:f0:21:0f:d1:fd:21:89:e2:9e:3d:c1:
+         b2:f0:0f:5e:79:1e:47:48:92:bf:eb:96:28:ad:0b:89:5e:3b:
+         ed:97:29:bb:8d:24:c2:e6:26:e5:33:ef:88:17:c1:1a:97:fa:
+         51:44:a2:cc:b2:64:e5:5c:94:54:ed:3b:7d:8f:34:4a:4b:d3:
+         ca:62:f9:20:00:86:26:ea:1b:a9:b4:df:8f:f4:4d:d8:3e:95:
+         aa:3b:43:1c
 -----BEGIN X509 CRL-----
 MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
 MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoX
-DTI1MDkxMTIxMTc1MFowFDASAgECFw0yMjEyMTYyMTE3NTBaoA4wDDAKBgNVHRQE
-AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEAOUT/OfQERXl+c+JCSNuFZv2ZdpR8tXld
-FXE2qYfwcwVQCGscbt6WRTHDwLq69QgdBUpSOekD71nIHUryhgWZe0t09tN1jbJX
-uqynERTWbHHETBxovEl48MlSiueLVOYgWCBgZvUU2Mv/4KBFvLSBrR28z/iOqIck
-VZnZzkf3W0ozbdu/k2QapkZfJ9zY1PnCQip+snzdmHf1iH0VJQi84NCN9MPDBEGk
-0bE5SmsstS6aZUMNDnP0BuGzSTSUsLf/wCfBteoG93Fxl7u8xxqf6/Y9pXtVp7/d
-1+6XuJ3czeMG25osYL9whPprjXB93ui3q7A4aGzAseG6ReDXEj1xWw==
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgECFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBAjANBgkqhkiG9w0BAQsFAAOCAQEASDaYGEKcDIFRGXVLJprgBxiJoqG9tk6R
+8kSTGlChj3IfxK6ZgcUAOpQD3gAkmNQsF+W68ik6Q8gjunNqXJlduoDdvU/NU6bP
+MxExMCfi0jEGZbg+z/4AIf8NGE/8/dWAdXJ8LkTBoSamiojIwGYa1Jk2yo9nQo98
+8hrnG9CQBSINKdM1VyOMu9JTwagAPNSzlyOKTx2LyXNqlkCwpLHH3gZNo11q0vVc
+HvAhD9H9IYninj3BsvAPXnkeR0iSv+uWKK0LiV477Zcpu40kwuYm5TPviBfBGpf6
+UUSizLJk5VyUVO07fY80SkvTymL5IACGJuobqbTfj/RN2D6VqjtDHA==
 -----END X509 CRL-----
 Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_2048, OU = Programming-2048, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 1
 No Revoked Certificates.
     Signature Algorithm: sha256WithRSAEncryption
-         31:07:d5:eb:5e:d7:89:0e:c1:29:ab:4b:49:0e:58:9d:f8:7e:
-         27:59:48:2d:68:a5:06:e1:c9:46:f8:b8:97:bc:6d:71:f2:d9:
-         cd:f2:2d:2c:7b:86:6d:8e:7d:75:c8:94:33:fd:5f:67:57:74:
-         fe:48:3a:4a:4e:73:7b:55:b9:85:46:9a:1d:69:e6:7a:1e:d3:
-         73:aa:76:34:d1:5f:be:b3:47:28:b6:e5:80:c2:c3:f0:b9:c0:
-         79:58:32:0e:0a:45:9b:d7:4b:2a:e4:ea:53:ff:7d:a7:34:35:
-         5e:ae:bb:6b:16:3b:cd:b3:ae:8c:d0:10:22:ae:c1:04:c6:0c:
-         2c:f1:4b:d0:de:20:47:33:74:88:61:db:e4:c2:e9:cd:59:65:
-         ce:a0:e3:07:0d:25:df:b3:b6:ab:c6:0f:0d:07:7b:e2:c7:a5:
-         9e:7c:80:6b:c4:86:0b:d8:4d:ea:f6:a8:14:b4:41:84:5d:ea:
-         58:92:12:a7:6a:e2:2d:8e:35:d7:39:4c:b9:00:c5:46:0d:02:
-         4d:17:0a:fb:5c:0b:80:27:e5:01:af:5f:a5:70:ab:26:13:b7:
-         a0:76:2e:e7:fa:c5:dc:5a:7d:50:22:0c:e6:44:1a:a6:5a:64:
-         e7:84:13:af:ef:2d:47:1a:db:88:9c:62:b9:23:3f:7d:3f:17:
-         19:0c:bc:97
+         38:bd:b1:ed:0c:8b:5d:f2:e3:de:48:7b:03:16:a7:09:4c:98:
+         03:9d:a7:50:1d:56:57:a6:6f:e1:7d:4c:32:31:f3:55:28:4a:
+         d3:b5:55:a7:7d:f8:43:46:cf:7c:64:66:2e:0e:bc:e6:43:41:
+         c1:b8:b4:a0:db:68:92:3b:d4:a1:ef:47:44:fe:f6:e4:33:45:
+         18:62:cb:e5:04:44:44:07:83:e4:62:c4:d0:52:63:94:b0:1a:
+         43:bf:01:91:de:05:66:ae:6d:88:78:94:d9:c6:5e:a9:28:52:
+         93:2b:24:00:3f:d3:f7:6c:ca:27:b6:9b:8e:8f:61:a3:ac:3b:
+         e5:62:54:09:6f:c5:52:fb:87:9a:36:e0:51:14:5d:52:f9:42:
+         48:f1:18:20:bf:b3:98:c2:d4:a2:55:9e:7e:42:9b:01:59:fc:
+         64:3c:bb:05:46:09:ab:16:8a:f8:08:b7:f7:3d:01:8e:1b:60:
+         ba:e0:8f:e8:fe:6b:38:bc:23:af:52:31:bc:f3:a0:60:71:c4:
+         9a:29:49:46:5b:c2:f8:ff:c9:f6:8a:1a:c6:5c:9f:e5:bb:c0:
+         bf:6e:7b:26:8b:5a:6a:91:80:82:40:2e:48:96:b7:6a:8f:74:
+         75:6d:54:d7:4d:2a:81:7f:01:02:bd:6e:cf:37:50:de:bb:52:
+         b6:40:eb:ad
 -----BEGIN X509 CRL-----
 MIIB+DCB4QIBATANBgkqhkiG9w0BAQsFADCBnjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xf
 MjA0ODEZMBcGA1UECwwQUHJvZ3JhbW1pbmctMjA0ODEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEy
-MTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG
-9w0BAQsFAAOCAQEAMQfV617XiQ7BKatLSQ5Ynfh+J1lILWilBuHJRvi4l7xtcfLZ
-zfItLHuGbY59dciUM/1fZ1d0/kg6Sk5ze1W5hUaaHWnmeh7Tc6p2NNFfvrNHKLbl
-gMLD8LnAeVgyDgpFm9dLKuTqU/99pzQ1Xq67axY7zbOujNAQIq7BBMYMLPFL0N4g
-RzN0iGHb5MLpzVllzqDjBw0l37O2q8YPDQd74selnnyAa8SGC9hN6vaoFLRBhF3q
-WJISp2riLY411zlMuQDFRg0CTRcK+1wLgCflAa9fpXCrJhO3oHYu5/rF3Fp9UCIM
-5kQaplpk54QTr+8tRxrbiJxiuSM/fT8XGQy8lw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzEy
+MTMyMjE5MzNaFw0yNjA5MDgyMjE5MzNaoA4wDDAKBgNVHRQEAwIBATANBgkqhkiG
+9w0BAQsFAAOCAQEAOL2x7QyLXfLj3kh7AxanCUyYA52nUB1WV6Zv4X1MMjHzVShK
+07VVp334Q0bPfGRmLg685kNBwbi0oNtokjvUoe9HRP725DNFGGLL5QRERAeD5GLE
+0FJjlLAaQ78Bkd4FZq5tiHiU2cZeqShSkyskAD/T92zKJ7abjo9ho6w75WJUCW/F
+UvuHmjbgURRdUvlCSPEYIL+zmMLUolWefkKbAVn8ZDy7BUYJqxaK+Ai39z0Bjhtg
+uuCP6P5rOLwjr1IxvPOgYHHEmilJRlvC+P/J9ooaxlyf5bvAv257JotaapGAgkAu
+SJa3ao90dW1U100qgX8BAr1uzzdQ3rtStkDrrQ==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem b/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
index 0b51168d..86fa84a0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/eccCliCRL.pem
@@ -2,25 +2,25 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Oregon, L = Salem, O = Client ECC, OU = Fast, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
-                7
+                9
 Revoked Certificates:
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:de:52:96:3d:ab:bf:56:6f:1b:a5:61:f2:43:
-         38:09:61:35:be:c3:8a:7b:17:77:2c:6a:a2:94:be:db:eb:c9:
-         54:02:21:00:8f:38:ad:28:29:42:e6:5c:65:73:d8:2e:2c:b1:
-         ba:ec:15:d9:c6:fe:48:07:bd:d9:46:1a:24:0c:0a:da:e7:8c
+         30:45:02:21:00:dc:a7:bf:34:1b:68:b6:54:0c:38:8d:46:41:
+         84:bf:fa:f0:96:00:89:a6:81:4a:0f:15:12:ef:15:98:f7:51:
+         95:02:20:08:57:33:0d:c1:a5:c6:83:63:49:96:8c:71:41:7b:
+         40:92:67:80:d6:23:62:2a:c2:f2:43:5a:92:9b:9b:d6:83
 -----BEGIN X509 CRL-----
-MIIBPTCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
+MIIBPDCB4wIBATAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMxDzANBgNVBAgM
 Bk9yZWdvbjEOMAwGA1UEBwwFU2FsZW0xEzARBgNVBAoMCkNsaWVudCBFQ0MxDTAL
 BgNVBAsMBEZhc3QxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3
-DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjAUMBICAQIXDTIyMTIxNjIxMTc1MFqgDjAMMAoGA1UdFAQDAgEHMAoGCCqG
-SM49BAMCA0kAMEYCIQDeUpY9q79WbxulYfJDOAlhNb7DinsXdyxqopS+2+vJVAIh
-AI84rSgpQuZcZXPYLiyxuuwV2cb+SAe92UYaJAwK2ueM
+DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIx
+OTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEJMAoGCCqG
+SM49BAMCA0gAMEUCIQDcp780G2i2VAw4jUZBhL/68JYAiaaBSg8VEu8VmPdRlQIg
+CFczDcGlxoNjSZaMcUF7QJJngNYjYirC8kNakpub1oM=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem b/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
index cf3b068d..8cd5091c 100644
--- a/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/eccSrvCRL.pem
@@ -1,26 +1,26 @@
 Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Last Update: Dec 13 22:19:33 2023 GMT
+        Next Update: Sep  8 22:19:33 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
-                8
+                10
 Revoked Certificates:
     Serial Number: 02
-        Revocation Date: Dec 16 21:17:50 2022 GMT
+        Revocation Date: Dec 13 22:19:33 2023 GMT
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:df:3b:2d:3e:14:df:73:4d:43:71:47:aa:5b:
-         a3:2f:19:8f:26:8c:e7:20:60:20:75:d7:4b:68:9e:d6:a9:f4:
-         44:02:21:00:ec:32:6d:22:c4:bd:98:85:1b:66:9c:00:2b:5e:
-         c3:0f:cd:cc:54:a4:0a:2c:e9:bb:32:18:8f:27:d3:a3:d4:84
+         30:45:02:21:00:a9:26:ab:1a:4a:be:5c:92:da:9d:17:0a:b5:
+         f6:40:ea:84:93:ce:57:b8:af:68:75:e8:e9:de:a7:27:e7:79:
+         48:02:20:11:d4:03:97:19:2a:28:04:70:28:bb:5e:6a:b7:f6:
+         32:90:f1:92:ff:48:7c:cf:e7:94:0f:ce:63:de:f8:fc:6c
 -----BEGIN X509 CRL-----
-MIIBPzCB5QIBATAKBggqhkjOPQQDAjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEy
-MTE3NTBaMBQwEgIBAhcNMjIxMjE2MjExNzUwWqAOMAwwCgYDVR0UBAMCAQgwCgYI
-KoZIzj0EAwIDSQAwRgIhAN87LT4U33NNQ3FHqlujLxmPJoznIGAgdddLaJ7WqfRE
-AiEA7DJtIsS9mIUbZpwAK17DD83MVKQKLOm7MhiPJ9Oj1IQ=
+MIIBPzCB5gIBATAKBggqhkjOPQQDAjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbRcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4
+MjIxOTMzWjAUMBICAQIXDTIzMTIxMzIyMTkzM1qgDjAMMAoGA1UdFAQDAgEKMAoG
+CCqGSM49BAMCA0gAMEUCIQCpJqsaSr5cktqdFwq19kDqhJPOV7ivaHXo6d6nJ+d5
+SAIgEdQDlxkqKARwKLtearf2MpDxkv9IfM/nlA/OY974/Gw=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem b/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem
new file mode 100644
index 00000000..16b02cd9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/extra-crls/ca-int-cert-revoked.pem
@@ -0,0 +1,13 @@
+-----BEGIN X509 CRL-----
+MIICBTCB7gIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFTATAgIQABcNMjMxMjEzMjIxOTMzWqAOMAwwCgYDVR0U
+BAMCAQUwDQYJKoZIhvcNAQELBQADggEBACmOUprDH201Mv2gW5wiighBTzH10Lwv
+tKJtoehgsTPgsWPk7BaDTsgzLqrk5g7Nlhe1by5UNGgRbHNBzK+TQgeOtdEE0npr
+PITh7Kmtk8rAKygYjDHPtamJLc0oJcpRkVIB7PiyKs8LUlVr+Cv3m6F5I9K5pxc8
+9FXVlrVfAuN8KDC68SPlmpCsWh8v11lXRyy7sMg/ScLvBxTYiehe54kS/IUnjx1E
+eKbgRGKf0alznvdQizMhkX4XJ1gbxdeAzbxO0vsCdgevj4uSyizYKzuMkilqzure
+KGgSLade8ZwS952XPRLHGmPEeVfaDs5qdXBC6Ov9Tg+IVfmY9FO2Tp4=
+-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem b/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem
new file mode 100644
index 00000000..d547b88f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/crl/extra-crls/general-server-crl.pem
@@ -0,0 +1,13 @@
+-----BEGIN X509 CRL-----
+MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro
+MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkzM1oX
+DTI2MDkwODIyMTkzM1owFDASAgEBFw0yMzEyMTMyMjE5MzNaoA4wDDAKBgNVHRQE
+AwIBBDANBgkqhkiG9w0BAQsFAAOCAQEAkoJhgjUEmUasZKFCVTZ0yLC+AoCpm10E
+den4O2yCm6N6NNlOuCbJr34iHSFHeS4Dal0phM6fl6wQTiC5zdVlG4Tnq+RlBVNk
+/15jGnjTH20bEc+2KS855GvTe9LhP/HgwS1usLhfR8YwVMSFL2NbFO+HEMD9ULx5
+UkGg9I9ehAcp42uR8RpWkeoLoWzbiw+YaBNZPdzYIylW4RqeLX3D+QhDGEnk3pR/
+Zvl3NcmLKMghXy9hMFEqu0A/G0lC5U2Oo+7jWcjO2Kn8QzCfbXrieIJ/0R4i2tUj
+wtmZ4mKVqaD66x/mSXYPpX52p5RTD7R3k+04w9FzLk73LuM69WQr5w==
+-----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/gencrls.sh b/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
index 4f2e22ad..e509d962 100755
--- a/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
+++ b/extra/wolfssl/wolfssl/certs/crl/gencrls.sh
@@ -95,17 +95,37 @@ mv tmp crl.revoked
 # remove revoked so next time through the normal CA won't have server revoked
 cp blank.index.txt demoCA/index.txt
 
-# caEccCrl
+# revoke the general server cert
 echo "Step 10"
-openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
 check_result $?
 
 echo "Step 11"
+openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out extra-crls/general-server-crl.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+check_result $?
+
+# remove revoked so next time through the normal CA won't have server revoked
+cp blank.index.txt demoCA/index.txt
+
+echo "Step 12"
+# revoke an intermediate cert
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../intermediate/ca-int-cert.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out extra-crls/ca-int-cert-revoked.pem -keyfile ../ca-key.pem -cert ../ca-cert.pem
+
+# remove revoked so next time through the normal CA won't have server revoked
+cp blank.index.txt demoCA/index.txt
+
+# caEccCrl
+echo "Step 13"
+openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
+check_result $?
+
+echo "Step 14"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
 check_result $?
 
 # metadata
-echo "Step 12"
+echo "Step 15"
 openssl crl -in caEccCrl.pem -text > tmp
 check_result $?
 mv tmp caEccCrl.pem
@@ -116,12 +136,12 @@ mv tmp caEccCrl.pem
 # server-revoked-cert.pem is already revoked in Step 10
 #openssl ca -config ../renewcerts/wolfssl.cnf -revoke ../server-revoked-cert.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
 
-echo "Step 13"
+echo "Step 16"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
 check_result $?
 
 # metadata
-echo "Step 14"
+echo "Step 17"
 openssl crl -in caEcc384Crl.pem -text > tmp
 check_result $?
 mv tmp caEcc384Crl.pem
@@ -129,12 +149,12 @@ mv tmp caEcc384Crl.pem
 #cp caEcc384Crl.pem ~/wolfssl/certs/crl/caEcc384Crl.pem
 
 # cliCrl
-echo "Step 15"
+echo "Step 18"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out cliCrl.pem -keyfile ../client-key.pem -cert ../client-cert.pem
 check_result $?
 
 # metadata
-echo "Step 16"
+echo "Step 19"
 openssl crl -in cliCrl.pem -text > tmp
 check_result $?
 mv tmp cliCrl.pem
@@ -142,12 +162,12 @@ mv tmp cliCrl.pem
 #cp cliCrl.pem ~/wolfssl/certs/crl/cliCrl.pem
 
 # eccCliCRL
-echo "Step 17"
+echo "Step 20"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccCliCRL.pem -keyfile ../ecc-client-key.pem -cert ../client-ecc-cert.pem
 check_result $?
 
 # metadata
-echo "Step 18"
+echo "Step 21"
 openssl crl -in eccCliCRL.pem -text > tmp
 check_result $?
 mv tmp eccCliCRL.pem
@@ -155,12 +175,12 @@ mv tmp eccCliCRL.pem
 #cp eccCliCRL.pem ~/wolfssl/certs/crl/eccCliCRL.pem
 
 # eccSrvCRL
-echo "Step 19"
+echo "Step 22"
 openssl ca -config ../renewcerts/wolfssl.cnf -gencrl -crldays 1000 -out eccSrvCRL.pem -keyfile ../ecc-key.pem -cert ../server-ecc.pem
 check_result $?
 
 # metadata
-echo "Step 20"
+echo "Step 23"
 openssl crl -in eccSrvCRL.pem -text > tmp
 check_result $?
 mv tmp eccSrvCRL.pem
@@ -168,17 +188,17 @@ mv tmp eccSrvCRL.pem
 #cp eccSrvCRL.pem ~/wolfssl/certs/crl/eccSrvCRL.pem
 
 # caEccCrl
-echo "Step 21"
+echo "Step 24"
 openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEccCrl.pem -keyfile ../ca-ecc-key.pem -cert ../ca-ecc-cert.pem
 check_result $?
 
 # ca-ecc384-cert
-echo "Step 22"
+echo "Step 25"
 openssl ca -config ./wolfssl.cnf -gencrl -crldays 1000 -out caEcc384Crl.pem -keyfile ../ca-ecc384-key.pem -cert ../ca-ecc384-cert.pem
 check_result $?
 
 # create crl and crl2 der files for unit test
-echo "Step 23"
+echo "Step 26"
 openssl crl -in crl.pem -inform PEM -out crl.der -outform DER
 openssl crl -in crl2.pem -inform PEM -out crl2.der -outform DER
 
diff --git a/extra/wolfssl/wolfssl/certs/crl/include.am b/extra/wolfssl/wolfssl/certs/crl/include.am
index e41d0017..91f09bd0 100644
--- a/extra/wolfssl/wolfssl/certs/crl/include.am
+++ b/extra/wolfssl/wolfssl/certs/crl/include.am
@@ -3,29 +3,32 @@
 #
 
 EXTRA_DIST += \
-	     certs/crl/hash_pem/0fdb2da4.r0 \
-	     certs/crl/hash_der/0fdb2da4.r0 \
-	     certs/crl/crl.pem \
-	     certs/crl/cliCrl.pem \
-	     certs/crl/eccSrvCRL.pem \
-	     certs/crl/eccCliCRL.pem \
-	     certs/crl/crl2.pem \
-	     certs/crl/caEccCrl.pem \
-	     certs/crl/caEcc384Crl.pem \
-	     certs/crl/wolfssl.cnf \
-	     certs/crl/crl.der \
-	     certs/crl/crl2.der
+		certs/crl/hash_pem/0fdb2da4.r0 \
+		certs/crl/hash_der/0fdb2da4.r0 \
+		certs/crl/crl.pem \
+		certs/crl/cliCrl.pem \
+		certs/crl/eccSrvCRL.pem \
+		certs/crl/eccCliCRL.pem \
+		certs/crl/crl2.pem \
+		certs/crl/caEccCrl.der \
+		certs/crl/caEccCrl.pem \
+		certs/crl/caEcc384Crl.pem \
+		certs/crl/wolfssl.cnf \
+		certs/crl/crl.der \
+		certs/crl/crl2.der
 
 EXTRA_DIST += \
-	     certs/crl/crl.revoked
+		certs/crl/crl.revoked \
+		certs/crl/extra-crls/ca-int-cert-revoked.pem \
+		certs/crl/extra-crls/general-server-crl.pem
 
 # Intermediate cert CRL's
 EXTRA_DIST += \
-		 certs/crl/ca-int.pem \
-		 certs/crl/ca-int2.pem \
-		 certs/crl/client-int.pem \
-	     certs/crl/server-int.pem \
-	     certs/crl/ca-int-ecc.pem \
-		 certs/crl/ca-int2-ecc.pem \
-		 certs/crl/client-int-ecc.pem \
-	     certs/crl/server-int-ecc.pem
+		certs/crl/ca-int.pem \
+		certs/crl/ca-int2.pem \
+		certs/crl/client-int.pem \
+		certs/crl/server-int.pem \
+		certs/crl/ca-int-ecc.pem \
+		certs/crl/ca-int2-ecc.pem \
+		certs/crl/client-int-ecc.pem \
+		certs/crl/server-int-ecc.pem
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
index cb1963e8..6305d4f3 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodaltCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:29 2023 GMT
+        Next Update: Sep  8 22:19:29 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 1
 No Revoked Certificates.
     Signature Algorithm: sha256WithRSAEncryption
-         22:05:56:57:ea:16:40:fa:18:c2:cd:2d:b8:64:8f:3a:e5:39:
-         a4:43:d2:14:39:78:b7:c7:c3:81:78:4c:b5:b1:c2:b0:e7:b3:
-         6c:5a:e3:f7:e3:a1:78:0e:e9:3d:02:18:96:e3:f0:99:74:17:
-         d7:c6:b9:76:fb:08:31:90:1c:13:f2:51:aa:6d:3e:f6:ac:05:
-         68:72:b9:b6:7b:3a:c5:51:0a:81:95:4a:b3:1c:3b:1e:75:c5:
-         46:29:14:36:91:14:50:00:65:17:ae:c0:10:37:cf:27:5b:95:
-         ae:8e:b7:21:1f:b1:66:f1:e9:6d:a1:32:ea:14:86:df:74:3b:
-         99:97:17:a9:f8:65:fb:e5:15:9b:a3:05:17:44:06:aa:15:10:
-         83:47:78:0d:fd:ec:76:d4:af:2a:5f:b2:17:01:13:ca:c8:7f:
-         ce:4d:ba:6c:ef:e8:4a:b7:ce:4a:d1:e4:35:6e:3e:d8:0f:2a:
-         d0:94:b4:a7:cb:e5:50:bc:2a:9c:1b:39:a8:6e:8a:99:b6:b8:
-         1e:4e:59:ad:fe:2e:db:22:79:8a:37:ed:b0:c5:6b:ce:e6:55:
-         6a:eb:11:e6:34:ad:c0:ca:7b:1c:b0:15:ef:1c:fa:6c:36:2b:
-         3f:b6:f1:e2:04:90:48:36:a4:ef:26:2e:83:3e:00:4b:c7:78:
-         c7:72:98:d1
+         30:f4:19:0d:3b:23:d8:e3:b9:55:f5:aa:91:6d:20:a3:71:7d:
+         a2:c8:2e:92:18:17:fb:73:5c:52:f0:44:32:67:87:43:82:93:
+         94:53:62:c3:32:c6:6e:4a:93:a6:99:44:f7:95:b0:24:98:95:
+         8a:e9:62:6b:30:18:46:b4:00:1c:f1:75:e5:87:dc:5c:c3:b3:
+         35:2b:3a:8a:2a:a6:99:73:88:e5:07:d8:cb:ec:d9:ba:06:69:
+         1c:2f:38:37:44:e2:b4:d5:e1:f6:38:56:b3:45:ff:66:7a:da:
+         00:0c:d4:4c:d3:2f:90:e8:4a:c2:0a:1f:4a:6b:1a:87:57:a9:
+         31:f9:78:2b:1f:8c:9c:ed:ef:08:d1:15:49:8d:fa:8d:57:80:
+         36:b4:42:1f:58:62:80:9f:2f:66:cc:b3:4c:64:18:9e:8e:9d:
+         b7:cb:a3:7c:47:67:bf:ec:68:a7:10:f6:68:b0:a8:7a:d4:a5:
+         eb:77:6a:0c:de:3a:16:6b:9c:87:6c:aa:5b:e1:e2:03:d9:ac:
+         33:3a:51:56:de:b1:61:c2:01:70:2b:96:e1:b4:0f:08:a2:f4:
+         49:79:51:eb:1c:56:a9:9e:a4:f7:f9:6a:69:2a:d7:d7:77:45:
+         7a:97:12:bb:d6:6b:6e:07:aa:05:87:b5:6f:b7:b2:1f:e6:84:
+         33:87:16:14
 -----BEGIN X509 CRL-----
 MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAiBVZX6hZA+hjCzS24ZI86
-5TmkQ9IUOXi3x8OBeEy1scKw57NsWuP346F4Duk9AhiW4/CZdBfXxrl2+wgxkBwT
-8lGqbT72rAVocrm2ezrFUQqBlUqzHDsedcVGKRQ2kRRQAGUXrsAQN88nW5Wujrch
-H7Fm8eltoTLqFIbfdDuZlxep+GX75RWbowUXRAaqFRCDR3gN/ex21K8qX7IXARPK
-yH/OTbps7+hKt85K0eQ1bj7YDyrQlLSny+VQvCqcGzmoboqZtrgeTlmt/i7bInmK
-N+2wxWvO5lVq6xHmNK3AynscsBXvHPpsNis/tvHiBJBINqTvJi6DPgBLx3jHcpjR
+Zm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAw9BkNOyPY47lV9aqRbSCj
+cX2iyC6SGBf7c1xS8EQyZ4dDgpOUU2LDMsZuSpOmmUT3lbAkmJWK6WJrMBhGtAAc
+8XXlh9xcw7M1KzqKKqaZc4jlB9jL7Nm6BmkcLzg3ROK01eH2OFazRf9metoADNRM
+0y+Q6ErCCh9KaxqHV6kx+XgrH4yc7e8I0RVJjfqNV4A2tEIfWGKAny9mzLNMZBie
+jp23y6N8R2e/7GinEPZosKh61KXrd2oM3joWa5yHbKpb4eID2awzOlFW3rFhwgFw
+K5bhtA8IovRJeVHrHFapnqT3+WppKtfXd0V6lxK71mtuB6oFh7Vvt7If5oQzhxYU
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
index cb1963e8..6305d4f3 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodaltwildCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:29 2023 GMT
+        Next Update: Sep  8 22:19:29 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 1
 No Revoked Certificates.
     Signature Algorithm: sha256WithRSAEncryption
-         22:05:56:57:ea:16:40:fa:18:c2:cd:2d:b8:64:8f:3a:e5:39:
-         a4:43:d2:14:39:78:b7:c7:c3:81:78:4c:b5:b1:c2:b0:e7:b3:
-         6c:5a:e3:f7:e3:a1:78:0e:e9:3d:02:18:96:e3:f0:99:74:17:
-         d7:c6:b9:76:fb:08:31:90:1c:13:f2:51:aa:6d:3e:f6:ac:05:
-         68:72:b9:b6:7b:3a:c5:51:0a:81:95:4a:b3:1c:3b:1e:75:c5:
-         46:29:14:36:91:14:50:00:65:17:ae:c0:10:37:cf:27:5b:95:
-         ae:8e:b7:21:1f:b1:66:f1:e9:6d:a1:32:ea:14:86:df:74:3b:
-         99:97:17:a9:f8:65:fb:e5:15:9b:a3:05:17:44:06:aa:15:10:
-         83:47:78:0d:fd:ec:76:d4:af:2a:5f:b2:17:01:13:ca:c8:7f:
-         ce:4d:ba:6c:ef:e8:4a:b7:ce:4a:d1:e4:35:6e:3e:d8:0f:2a:
-         d0:94:b4:a7:cb:e5:50:bc:2a:9c:1b:39:a8:6e:8a:99:b6:b8:
-         1e:4e:59:ad:fe:2e:db:22:79:8a:37:ed:b0:c5:6b:ce:e6:55:
-         6a:eb:11:e6:34:ad:c0:ca:7b:1c:b0:15:ef:1c:fa:6c:36:2b:
-         3f:b6:f1:e2:04:90:48:36:a4:ef:26:2e:83:3e:00:4b:c7:78:
-         c7:72:98:d1
+         30:f4:19:0d:3b:23:d8:e3:b9:55:f5:aa:91:6d:20:a3:71:7d:
+         a2:c8:2e:92:18:17:fb:73:5c:52:f0:44:32:67:87:43:82:93:
+         94:53:62:c3:32:c6:6e:4a:93:a6:99:44:f7:95:b0:24:98:95:
+         8a:e9:62:6b:30:18:46:b4:00:1c:f1:75:e5:87:dc:5c:c3:b3:
+         35:2b:3a:8a:2a:a6:99:73:88:e5:07:d8:cb:ec:d9:ba:06:69:
+         1c:2f:38:37:44:e2:b4:d5:e1:f6:38:56:b3:45:ff:66:7a:da:
+         00:0c:d4:4c:d3:2f:90:e8:4a:c2:0a:1f:4a:6b:1a:87:57:a9:
+         31:f9:78:2b:1f:8c:9c:ed:ef:08:d1:15:49:8d:fa:8d:57:80:
+         36:b4:42:1f:58:62:80:9f:2f:66:cc:b3:4c:64:18:9e:8e:9d:
+         b7:cb:a3:7c:47:67:bf:ec:68:a7:10:f6:68:b0:a8:7a:d4:a5:
+         eb:77:6a:0c:de:3a:16:6b:9c:87:6c:aa:5b:e1:e2:03:d9:ac:
+         33:3a:51:56:de:b1:61:c2:01:70:2b:96:e1:b4:0f:08:a2:f4:
+         49:79:51:eb:1c:56:a9:9e:a4:f7:f9:6a:69:2a:d7:d7:77:45:
+         7a:97:12:bb:d6:6b:6e:07:aa:05:87:b5:6f:b7:b2:1f:e6:84:
+         33:87:16:14
 -----BEGIN X509 CRL-----
 MIIB3DCBxQIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCVVMxEDAOBgNV
 BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMRgwFgYDVQQDDA93d3cubm9tYXRjaC5jb20xHzAdBgkqhkiG9w0BCQEWEGlu
-Zm9Ad29sZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAM
-MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAiBVZX6hZA+hjCzS24ZI86
-5TmkQ9IUOXi3x8OBeEy1scKw57NsWuP346F4Duk9AhiW4/CZdBfXxrl2+wgxkBwT
-8lGqbT72rAVocrm2ezrFUQqBlUqzHDsedcVGKRQ2kRRQAGUXrsAQN88nW5Wujrch
-H7Fm8eltoTLqFIbfdDuZlxep+GX75RWbowUXRAaqFRCDR3gN/ex21K8qX7IXARPK
-yH/OTbps7+hKt85K0eQ1bj7YDyrQlLSny+VQvCqcGzmoboqZtrgeTlmt/i7bInmK
-N+2wxWvO5lVq6xHmNK3AynscsBXvHPpsNis/tvHiBJBINqTvJi6DPgBLx3jHcpjR
+Zm9Ad29sZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAM
+MAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAw9BkNOyPY47lV9aqRbSCj
+cX2iyC6SGBf7c1xS8EQyZ4dDgpOUU2LDMsZuSpOmmUT3lbAkmJWK6WJrMBhGtAAc
+8XXlh9xcw7M1KzqKKqaZc4jlB9jL7Nm6BmkcLzg3ROK01eH2OFazRf9metoADNRM
+0y+Q6ErCCh9KaxqHV6kx+XgrH4yc7e8I0RVJjfqNV4A2tEIfWGKAny9mzLNMZBie
+jp23y6N8R2e/7GinEPZosKh61KXrd2oM3joWa5yHbKpb4eID2awzOlFW3rFhwgFw
+K5bhtA8IovRJeVHrHFapnqT3+WppKtfXd0V6lxK71mtuB6oFh7Vvt7If5oQzhxYU
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
index 0813058c..96752362 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodcnCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:29 2023 GMT
+        Next Update: Sep  8 22:19:29 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 1
 No Revoked Certificates.
     Signature Algorithm: sha256WithRSAEncryption
-         31:51:b7:05:e8:10:b7:de:06:b6:be:93:22:ee:13:bb:f5:e6:
-         8a:18:8b:34:b3:dd:e2:fd:e0:99:ff:d5:af:31:7f:42:a6:94:
-         44:49:6e:57:41:45:34:46:23:5b:c6:09:a4:8a:e2:90:64:2c:
-         ee:e3:4b:fa:3c:a0:5b:1d:b5:b8:4f:fc:fc:41:4c:c1:bf:9a:
-         b9:bb:45:b4:9d:8b:4e:66:dd:16:c9:d4:4c:65:53:b3:71:df:
-         9f:f6:a6:d6:50:4f:20:fa:92:d2:1b:6b:fb:7b:a1:1c:7c:d8:
-         f4:ee:5c:66:9a:b4:99:3b:ca:aa:84:b6:10:8a:96:cf:34:17:
-         54:1f:49:d1:25:74:34:ad:1d:05:89:62:48:2f:37:b0:38:72:
-         2e:5e:d7:b5:ae:d9:b5:d3:06:71:da:b7:f3:97:c2:d6:25:b2:
-         86:c3:3d:da:ff:98:06:76:68:a9:34:44:53:85:3e:c1:f8:d1:
-         d3:f0:c8:5d:53:ec:47:7b:df:e1:bc:f1:f4:af:74:81:e4:87:
-         d3:94:94:5e:15:13:25:33:76:00:78:f2:95:65:fd:7c:23:1f:
-         94:ae:15:1d:fd:48:c8:43:55:db:ea:31:bd:52:e4:b7:90:ab:
-         5c:c3:93:c7:d0:23:52:eb:46:90:b3:a0:48:a7:90:16:93:6f:
-         cc:a0:fa:a3
+         b7:22:47:45:ee:bb:63:91:42:29:23:33:af:eb:d7:46:41:be:
+         66:89:0e:62:ff:b7:c0:9a:09:46:95:98:33:36:63:ec:2a:10:
+         01:2c:a9:9d:6c:1a:45:b9:95:e8:62:3d:10:ee:65:a0:6c:8d:
+         aa:d0:41:6f:b1:d9:a9:59:dd:e9:40:c1:36:73:89:3a:59:02:
+         42:c3:77:33:59:a0:52:18:4b:0c:64:bd:f6:10:cc:50:3f:ad:
+         bb:95:02:13:73:5a:95:a0:15:08:ec:dc:0f:53:3a:29:de:1b:
+         3e:b4:4a:8c:3a:14:0d:48:f6:88:05:b7:55:ff:c0:e9:aa:e2:
+         49:26:8e:ba:b5:88:3a:c1:5a:48:68:ed:bb:b9:ae:1e:ad:18:
+         44:60:08:15:4f:ef:8e:7f:db:63:60:aa:36:9a:7b:1a:92:34:
+         43:65:b8:d2:6c:85:4d:62:75:c8:5b:45:60:c2:b2:72:c6:79:
+         9d:19:24:2e:bf:8f:75:24:7c:60:83:bf:98:e0:dc:98:b4:18:
+         ef:41:c7:10:46:89:2b:88:73:40:f4:f1:7b:17:5e:2b:fa:bd:
+         28:9e:8e:b9:9a:d5:ba:a0:29:65:b8:df:27:b0:c5:51:b6:61:
+         7b:69:0f:be:17:4b:14:48:73:60:14:ea:96:fd:9c:4c:62:bd:
+         ea:cf:b0:b1
 -----BEGIN X509 CRL-----
 MIIB1TCBvgIBATANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzEQMA4GA1UE
 CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxEjAQBgNVBAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
-c3NsLmNvbRcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWqAOMAwwCgYDVR0U
-BAMCAQEwDQYJKoZIhvcNAQELBQADggEBADFRtwXoELfeBra+kyLuE7v15ooYizSz
-3eL94Jn/1a8xf0KmlERJbldBRTRGI1vGCaSK4pBkLO7jS/o8oFsdtbhP/PxBTMG/
-mrm7RbSdi05m3RbJ1ExlU7Nx35/2ptZQTyD6ktIba/t7oRx82PTuXGaatJk7yqqE
-thCKls80F1QfSdEldDStHQWJYkgvN7A4ci5e17Wu2bXTBnHat/OXwtYlsobDPdr/
-mAZ2aKk0RFOFPsH40dPwyF1T7Ed73+G88fSvdIHkh9OUlF4VEyUzdgB48pVl/Xwj
-H5SuFR39SMhDVdvqMb1S5LeQq1zDk8fQI1LrRpCzoEinkBaTb8yg+qM=
+c3NsLmNvbRcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WqAOMAwwCgYDVR0U
+BAMCAQEwDQYJKoZIhvcNAQELBQADggEBALciR0Xuu2ORQikjM6/r10ZBvmaJDmL/
+t8CaCUaVmDM2Y+wqEAEsqZ1sGkW5lehiPRDuZaBsjarQQW+x2alZ3elAwTZziTpZ
+AkLDdzNZoFIYSwxkvfYQzFA/rbuVAhNzWpWgFQjs3A9TOineGz60Sow6FA1I9ogF
+t1X/wOmq4kkmjrq1iDrBWkho7bu5rh6tGERgCBVP745/22NgqjaaexqSNENluNJs
+hU1idchbRWDCsnLGeZ0ZJC6/j3UkfGCDv5jg3Ji0GO9BxxBGiSuIc0D08XsXXiv6
+vSiejrma1bqgKWW43yewxVG2YXtpD74XSxRIc2AU6pb9nExiverPsLE=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem b/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
index 731b5c96..ae2fc9ea 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-goodcnwildCrl.pem
@@ -2,37 +2,37 @@ Certificate Revocation List (CRL):
         Version 2 (0x1)
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
-        Last Update: Dec 16 21:17:50 2022 GMT
-        Next Update: Sep 11 21:17:50 2025 GMT
+        Last Update: Dec 13 22:19:29 2023 GMT
+        Next Update: Sep  8 22:19:29 2026 GMT
         CRL extensions:
             X509v3 CRL Number: 
                 1
 No Revoked Certificates.
     Signature Algorithm: sha256WithRSAEncryption
-         2e:cf:37:c3:7c:d1:e7:3a:6d:c1:46:1e:5a:0f:35:b2:74:40:
-         56:a5:0a:c3:1e:a5:40:77:b6:93:91:c5:6e:44:31:26:5a:b4:
-         60:2f:66:ce:65:dc:90:60:b3:cd:1c:e5:b4:0c:79:18:79:38:
-         f2:6c:b4:9e:98:62:f0:35:3b:f9:59:ec:0d:06:07:08:42:82:
-         ae:4b:e7:f2:9f:7c:71:87:02:eb:ac:ea:1e:93:22:c5:7b:80:
-         1f:fe:76:ac:e1:bc:4b:b9:e8:31:28:48:3b:fe:23:1e:5b:41:
-         63:1e:ba:48:13:78:80:d2:b0:30:57:9b:73:ae:4a:53:4f:2d:
-         25:c8:66:cc:8d:26:64:b1:04:3f:be:31:f5:83:1d:c5:ea:cf:
-         ef:56:0c:62:ad:85:3b:65:9c:1b:80:ee:3f:3e:c9:5b:58:3e:
-         63:98:16:c2:f4:68:62:08:a3:41:3d:4e:0e:26:2a:b2:d9:77:
-         e7:9f:0e:f3:af:1f:34:13:10:ec:69:f1:fb:12:ec:9a:fc:0d:
-         fe:58:a7:d8:1b:a0:23:70:f1:6f:71:a2:a4:8f:e2:21:f3:14:
-         55:db:8d:86:92:5a:cf:56:c2:6b:48:bd:94:5d:07:0b:c1:5b:
-         fc:fc:c0:c5:4b:bd:74:43:f3:07:ed:0c:44:69:d1:01:79:a2:
-         e8:4b:a1:ed
+         36:0f:c7:e0:9c:1d:71:f6:09:24:51:e8:49:5e:db:38:d5:6b:
+         90:68:62:c7:5f:a0:eb:c5:c9:63:69:ca:56:30:d7:92:3d:0e:
+         38:d3:34:97:35:df:16:4f:de:2f:ba:1f:38:00:9d:99:28:ea:
+         11:bb:dd:ec:42:03:ec:03:d1:05:84:9e:35:d5:ad:d1:36:91:
+         d0:49:4d:c5:e7:50:84:77:f6:8c:c5:47:1c:f4:9c:88:87:ac:
+         af:81:70:3e:05:d1:33:5a:07:0c:ac:39:e2:ca:c7:3d:ea:80:
+         41:4e:9c:37:dd:ac:76:b3:14:58:f9:88:20:2b:b2:f4:0f:01:
+         18:73:31:88:c4:c6:66:59:d7:fc:61:44:98:c3:33:ee:74:10:
+         8f:58:78:91:06:53:a3:eb:99:2e:f8:91:e7:32:e0:17:f5:ea:
+         b6:56:27:68:a2:2b:30:05:a8:0c:02:e8:0f:84:20:37:0e:2c:
+         a5:34:af:09:85:e3:85:d9:8e:78:e4:9e:75:be:27:3b:81:72:
+         c5:87:2c:f9:1f:73:60:ce:2c:3b:d3:95:df:a8:16:6a:da:45:
+         ea:ab:5c:7a:bb:8a:7a:b3:f3:34:ec:e4:7c:62:36:4f:dd:1f:
+         89:86:05:ac:1e:42:11:b7:29:b3:97:f9:ad:cb:73:1f:02:8d:
+         4c:80:ef:f8
 -----BEGIN X509 CRL-----
 MIIB1jCBvwIBATANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJVUzEQMA4GA1UE
 CAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxEzARBgNVBAMMCipsb2NhbGhvc3QxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
-ZnNzbC5jb20XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFqgDjAMMAoGA1Ud
-FAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQAuzzfDfNHnOm3BRh5aDzWydEBWpQrD
-HqVAd7aTkcVuRDEmWrRgL2bOZdyQYLPNHOW0DHkYeTjybLSemGLwNTv5WewNBgcI
-QoKuS+fyn3xxhwLrrOoekyLFe4Af/nas4bxLuegxKEg7/iMeW0FjHrpIE3iA0rAw
-V5tzrkpTTy0lyGbMjSZksQQ/vjH1gx3F6s/vVgxirYU7ZZwbgO4/PslbWD5jmBbC
-9GhiCKNBPU4OJiqy2Xfnnw7zrx80ExDsafH7Euya/A3+WKfYG6AjcPFvcaKkj+Ih
-8xRV242GklrPVsJrSL2UXQcLwVv8/MDFS710Q/MH7QxEadEBeaLoS6Ht
+ZnNzbC5jb20XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVqgDjAMMAoGA1Ud
+FAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQA2D8fgnB1x9gkkUehJXts41WuQaGLH
+X6DrxcljacpWMNeSPQ440zSXNd8WT94vuh84AJ2ZKOoRu93sQgPsA9EFhJ411a3R
+NpHQSU3F51CEd/aMxUcc9JyIh6yvgXA+BdEzWgcMrDniysc96oBBTpw33ax2sxRY
++YggK7L0DwEYczGIxMZmWdf8YUSYwzPudBCPWHiRBlOj65ku+JHnMuAX9eq2Vido
+oiswBagMAugPhCA3DiylNK8JheOF2Y545J51vic7gXLFhyz5H3Ngziw705XfqBZq
+2kXqq1x6u4p6s/M07OR8YjZP3R+JhgWsHkIRtymzl/mty3MfAo1MgO/4
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem b/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
index 8acdb994..0038896c 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-int-ecc.pem
@@ -1,10 +1,10 @@
 -----BEGIN X509 CRL-----
-MIIBXDCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+MIIBXTCCAQICAQEwCgYIKoZIzj0EAwIwgaAxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNTTCBTZXJ2ZXIg
-Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMDA2
-MTYxOTE3NThaFw0yMzAzMTMxOTE3NThaoDAwLjAfBgNVHSMEGDAWgBRdXSbvrH42
-+Zt2FStKJQIj77KJMDALBgNVHRQEBAICIAYwCgYIKoZIzj0EAwIDSAAwRQIgeQwr
-cMQD2CE83QHYP6QoAqN3FlxOmPC9f4QQVlpOozUCIQDTDxH4UsFLCy8QgtjtfkFC
-TmVI1ubZPFDiRHGDWI2LaA==
+Q2hhaW4gRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tFw0yMzA5
+MjcxMjEwMDlaFw0yNjA2MjMxMjEwMDlaoDAwLjAfBgNVHSMEGDAWgBRdXSbvrH42
++Zt2FStKJQIj77KJMDALBgNVHRQEBAICIAYwCgYIKoZIzj0EAwIDSQAwRgIhAMfw
+Zdxg+ZHfkUB2CGl10FTK07QsadcvaWfPTm9DR+HKAiEA05BIg3SELG8Y3y5cpZ7o
+MoDq1dISrrjXFSoDE94DUeM=
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/crl/server-int.pem b/extra/wolfssl/wolfssl/certs/crl/server-int.pem
index d8b6986e..916ec957 100644
--- a/extra/wolfssl/wolfssl/certs/crl/server-int.pem
+++ b/extra/wolfssl/wolfssl/certs/crl/server-int.pem
@@ -2,13 +2,13 @@
 MIICGTCCAQECAQEwDQYJKoZIhvcNAQELBQAwgZwxCzAJBgNVBAYTAlVTMRMwEQYD
 VQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xm
 U1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29sZlNTTCBTZXJ2
-ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIwMDYx
-NjE5MTc1OFoXDTIzMDMxMzE5MTc1OFqgMDAuMB8GA1UdIwQYMBaAFLMRMsmSmITi
-yfjQO24DQsofDo48MAsGA1UdFAQEAgIgAjANBgkqhkiG9w0BAQsFAAOCAQEAtEEG
-Z05j/ygGi+DNPkjevKDcZlkPYRcYMQpM1RTkVyzbO6YG1i0ZoCH1MKBxB0MPS3xa
-qb96jYIfpDZOUb/o2ZXOefXcirm53eJTSoa72dFoxawH74J1f/HgRT8UYISvJ+1a
-L4NtAcn3lNxZWtg0gvT0pdy1zCpEsxonz4mJEaN5796qIUj1z47r/D0P9w8TFshC
-9Kow+FNEjZT7A8E9EAdfePTlws8FXNcJEUbyxEJUOe6QTssXr4Ib20opQKREvhfY
-5S6MsQibpO/EEv+Tg5JYeqjWOpqfO/gKBo4Xa9ImbC8N1OdCkd0ZHqvcC8IC6S00
-V0/Td56mV5BZJXG0pw==
+ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTIzMDky
+NzEyMTAwOVoXDTI2MDYyMzEyMTAwOVqgMDAuMB8GA1UdIwQYMBaAFLMRMsmSmITi
+yfjQO24DQsofDo48MAsGA1UdFAQEAgIgAjANBgkqhkiG9w0BAQsFAAOCAQEACBCr
+TAzAlmfF6tnhf/P5l+tg9Jd/J3SB0vNw8Pw5yQcb0/mCkYNfdjCGGp9KqiToeS1G
+uhKW5oENKY/n3CsXXBnRfhAHtwUyxrzjuc4iPF8ymgwlHGjlr/74a2CYu2iXTIIM
+2P37m1p+u5FhcyH+qncgR6I6n4FeIZFSz4aXHeruTVEDliUshWC4PVpkqokk1u5/
+V2RUYTiPGyxrlpRIFtTPbnRcwItmmtPrq6YO20soDPvjtjFOgGzlP31QzVSpP7wU
+O/z9Thzw0CBckJN3DZIQqGJd5GkmOw63KD0auf1FrtjuFY64OEU4+LsZwwQO6aVD
+nSKMhOpc5T6VumKS8w==
 -----END X509 CRL-----
diff --git a/extra/wolfssl/wolfssl/certs/csr.dsa.der b/extra/wolfssl/wolfssl/certs/csr.dsa.der
new file mode 100644
index 00000000..7a0b581b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/csr.dsa.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc-params.der b/extra/wolfssl/wolfssl/certs/ecc-params.der
new file mode 100644
index 00000000..3f3c3e20
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-params.der
@@ -0,0 +1 @@
+*†HÎ=

\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ecc-params.pem b/extra/wolfssl/wolfssl/certs/ecc-params.pem
new file mode 100644
index 00000000..a76e47d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-params.pem
@@ -0,0 +1,3 @@
+-----BEGIN EC PARAMETERS-----
+BggqhkjOPQMBBw==
+-----END EC PARAMETERS-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem b/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
index 0fe7a637..f18e738c 100644
--- a/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc-privOnlyCert.pem
@@ -1,9 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIBLTCB1QIUBD5OPBXcBmt9lxsyc/06XPLiMnAwCgYIKoZIzj0EAwIwGjELMAkG
-A1UECgwCV1IxCzAJBgNVBAMMAkRFMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowGjELMAkGA1UECgwCV1IxCzAJBgNVBAMMAkRFMFkwEwYHKoZIzj0CAQYI
+MIIBLTCB1QIUFZUiOVDYKhAz2ksNPuWt6EFKbLMwCgYIKoZIzj0EAwIwGjELMAkG
+A1UECgwCV1IxCzAJBgNVBAMMAkRFMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIy
+MTkyOFowGjELMAkGA1UECgwCV1IxCzAJBgNVBAMMAkRFMFkwEwYHKoZIzj0CAQYI
 KoZIzj0DAQcDQgAEJcD9Frgr8rgKHt2szmJSfFgKYH1Xddq9EcHVKupUa3bmPTb3
-3VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAKBggqhkjOPQQDAgNHADBEAiAn
-jkZMFWEfhkjAX6t3n86gyxStNjBXdbLCvI+HujxOUQIgEDyGlWqlsXYk/2sU4R//
-M9Ryl55mWFC6ALg6ho5N56E=
+3VGXa6gm/numvZZVhVCdmn5pAdhDRYnZ/korJjAKBggqhkjOPQQDAgNHADBEAiAA
+wvW2qa2RaryuYXg0+1jbMhaBHaDK3c0f+iFkfi2GdAIgGYqXzpGf+AGtTuxKM01+
+jbJnp9B4e2sXK8Ez3tKDFKw=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc-privkey.der b/extra/wolfssl/wolfssl/certs/ecc-privkey.der
new file mode 100644
index 00000000..3312dedb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ecc-privkey.der
@@ -0,0 +1,2 @@
+01

 E¶isœl…¡8[rèèǬÄ�S5úl(Ü4�á¨	Œ 
+*†HÎ=

\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12 b/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
index adb57151..f24ae69b 100644
--- a/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
+++ b/extra/wolfssl/wolfssl/certs/ecc-rsa-server.p12
diff --git a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
index b36fedd3..4b0dbfd8 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
index 82954ee2..6ea06573 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/bp256r1-key.pem
@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHgCAQEEIHeA8CA7RibN9lOnDIlFqqkiDdDljIJONZlivNNdarxhoAsGCSskAwMC
-CAEBB6FEA0IABKdz5H0fO5rsmAqwNIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK
-3zamlt3tjZQ5cdiROFhZjcg3vaqvBa8tTcM=
+MHgCAQEEIJRV3i5+OVZxT5077AjYis31KM4viZoaS4QSxLxZB0VUoAsGCSskAwMC
+CAEBB6FEA0IABFHw7OBcOIJ6V8HLTzKj0N2ifNki/neXBTeF+0FX3/uWFBl/eUhw
+8Hjodp814a10sYCM+upii2nHK7tpMxca80g=
 -----END EC PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
index 98896dcb..72b5cde7 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
index 5f572284..3d8b72d9 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-bp256r1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            57:c6:cf:ae:b4:f6:93:af:70:b4:35:16:c8:9b:c9:d8:40:6a:04:a6
+            74:41:b9:37:a8:bf:42:e7:b6:16:1c:4f:7e:8c:24:06:81:78:1a:02
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Dec 13 21:17:49 2032 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Dec 10 22:19:28 2033 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
-                    70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
-                    d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
-                    8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
-                    05:af:2d:4d:c3
+                    04:51:f0:ec:e0:5c:38:82:7a:57:c1:cb:4f:32:a3:
+                    d0:dd:a2:7c:d9:22:fe:77:97:05:37:85:fb:41:57:
+                    df:fb:96:14:19:7f:79:48:70:f0:78:e8:76:9f:35:
+                    e1:ad:74:b1:80:8c:fa:ea:62:8b:69:c7:2b:bb:69:
+                    33:17:1a:f3:48
                 ASN1 OID: brainpoolP256r1
         X509v3 extensions:
             X509v3 Basic Constraints: 
@@ -25,33 +25,33 @@ Certificate:
             Netscape Cert Type: 
                 SSL Client, S/MIME
             X509v3 Subject Key Identifier: 
-                44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+                77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
             X509v3 Authority Key Identifier: 
-                keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+                keyid:77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
 
             X509v3 Key Usage: critical
                 Digital Signature, Non Repudiation, Key Encipherment
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication, E-mail Protection
     Signature Algorithm: ecdsa-with-SHA256
-         30:44:02:20:32:85:b0:73:61:43:4c:33:24:fe:08:c3:54:73:
-         d9:37:33:ec:39:67:2c:ee:c7:c0:ea:99:63:45:a2:a7:65:e4:
-         02:20:36:e3:0a:3b:74:ce:94:6b:8e:c0:02:a0:6e:da:27:fa:
-         13:a0:bb:21:00:f1:4b:ce:3e:86:11:93:da:95:10:8c
+         30:44:02:20:20:e0:c6:8e:4d:c2:50:c4:7a:a1:6c:02:63:d2:
+         cd:2b:30:23:01:1d:51:cd:4b:14:07:45:39:1f:16:1e:0a:3a:
+         02:20:6b:a8:42:ac:90:9a:d9:8d:2c:dd:1c:bd:f1:90:d8:4d:
+         7b:aa:40:f0:f3:7f:45:83:dc:b9:1c:b5:de:2e:75:a7
 -----BEGIN CERTIFICATE-----
-MIICyTCCAnCgAwIBAgIUV8bPrrT2k69wtDUWyJvJ2EBqBKYwCgYIKoZIzj0EAwIw
-gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNM
-STEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
-dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLUNMSTEY
-MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
-NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
-Ba8tTcOjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0O
-BBYEFERNa+IkfTMats6r5mDIn5bm2hpnMB8GA1UdIwQYMBaAFERNa+IkfTMats6r
-5mDIn5bm2hpnMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwQwCgYIKoZIzj0EAwIDRwAwRAIgMoWwc2FDTDMk/gjDVHPZNzPsOWcs
-7sfA6pljRaKnZeQCIDbjCjt0zpRrjsACoG7aJ/oToLshAPFLzj6GEZPalRCM
+MIICyzCCAnKgAwIBAgIUdEG5N6i/Que2FhxPfowkBoF4GgIwCgYIKoZIzj0EAwIw
+gZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEXMBUGA1UECwwORUNDMjU2QlBSMS1D
+TEkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
+b0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0zMzEyMTAyMjE5MjhaMIGb
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
+dHRsZTERMA8GA1UECgwIRWxsaXB0aWMxFzAVBgNVBAsMDkVDQzI1NkJQUjEtQ0xJ
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEUfDs4Fw4gnpX
+wctPMqPQ3aJ82SL+d5cFN4X7QVff+5YUGX95SHDweOh2nzXhrXSxgIz66mKLaccr
+u2kzFxrzSKOBkDCBjTAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAdBgNV
+HQ4EFgQUd7ZGlrm3DVSjA+gh9Y03aT2JrfowHwYDVR0jBBgwFoAUd7ZGlrm3DVSj
+A+gh9Y03aT2JrfowDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDAKBggqhkjOPQQDAgNHADBEAiAg4MaOTcJQxHqhbAJj0s0rMCMB
+HVHNSxQHRTkfFh4KOgIga6hCrJCa2Y0s3Ry98ZDYTXuqQPDzf0WD3Lkctd4udac=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
index d49393ce..32329db1 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
index e804c0c0..ddab3098 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/client-secp256k1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            02:9c:30:ec:ee:53:da:f2:24:a6:2c:bb:81:07:09:cb:30:e5:8e:94
+            0a:24:55:a0:81:ab:0b:92:b7:e5:59:50:3e:7f:8d:0b:d0:15:0a:75
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Dec 13 21:17:49 2032 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Dec 10 22:19:28 2033 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-CLI, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
-                    05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
-                    b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
-                    89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
-                    19:61:98:5f:47
+                    04:be:d0:47:66:a6:6a:6c:21:b6:72:71:ce:20:67:
+                    61:05:b3:ef:b9:07:2c:31:6a:bb:6f:53:12:50:e9:
+                    06:06:64:4b:14:bb:56:61:b3:0c:3f:72:f2:45:f7:
+                    3b:96:39:76:57:52:93:e9:12:83:f1:d8:c5:87:11:
+                    aa:5e:8e:a5:c9
                 ASN1 OID: secp256k1
         X509v3 extensions:
             X509v3 Basic Constraints: 
@@ -25,33 +25,33 @@ Certificate:
             Netscape Cert Type: 
                 SSL Client, S/MIME
             X509v3 Subject Key Identifier: 
-                55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+                6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
             X509v3 Authority Key Identifier: 
-                keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+                keyid:6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
 
             X509v3 Key Usage: critical
                 Digital Signature, Non Repudiation, Key Encipherment
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication, E-mail Protection
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:20:23:dc:b7:ce:8d:09:31:e4:52:0e:89:fb:3e:59:
-         92:8b:57:d7:7b:3f:6c:b8:61:fb:d7:eb:fc:87:cb:4f:b9:19:
-         02:21:00:ec:67:9b:5f:41:e1:47:af:3d:ac:d0:a6:b1:d0:24:
-         b0:a6:a0:b7:d6:2d:5b:a2:e3:c2:6e:c1:76:08:d3:69:87
+         30:45:02:21:00:89:22:af:09:dd:58:96:9b:a2:e3:fa:2e:13:
+         2c:af:69:55:b3:83:f3:4b:85:14:1a:df:28:74:5f:d9:ed:b3:
+         75:02:20:18:13:45:af:82:e7:65:f8:8c:8f:b3:6d:01:25:73:
+         6c:8c:c9:ff:e9:43:b8:eb:ef:df:25:9a:62:f8:d7:ac:04
 -----BEGIN CERTIFICATE-----
-MIICwjCCAmigAwIBAgIUApww7O5T2vIkpiy7gQcJyzDljpQwCgYIKoZIzj0EAwIw
-gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkx
-GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
-CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
-ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJMRgwFgYD
-VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
-RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4GQ
-MIGNMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMB0GA1UdDgQWBBRVQ/DQ
-0wSYDOt86oPTvfSBRjHRDzAfBgNVHSMEGDAWgBRVQ/DQ0wSYDOt86oPTvfSBRjHR
-DzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME
-MAoGCCqGSM49BAMCA0gAMEUCICPct86NCTHkUg6J+z5ZkotX13s/bLhh+9fr/IfL
-T7kZAiEA7GebX0HhR689rNCmsdAksKagt9YtW6Ljwm7BdgjTaYc=
+MIICxDCCAmqgAwIBAgIUCiRVoIGrC5K35VlQPn+NC9AVCnUwCgYIKoZIzj0EAwIw
+gZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtQ0xJ
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMzMxMjEwMjIxOTI4WjCBmTEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0
+bGUxETAPBgNVBAoMCEVsbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1DTEkxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTBWMBAGByqGSM49AgEGBSuBBAAKA0IABL7QR2amamwhtnJxziBnYQWz
+77kHLDFqu29TElDpBgZkSxS7VmGzDD9y8kX3O5Y5dldSk+kSg/HYxYcRql6Opcmj
+gZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYEFG2a
+CtZMyUNrEinEsLVJin+9QkuHMB8GA1UdIwQYMBaAFG2aCtZMyUNrEinEsLVJin+9
+QkuHMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwCgYIKoZIzj0EAwIDSAAwRQIhAIkirwndWJabouP6LhMsr2lVs4PzS4UUGt8o
+dF/Z7bN1AiAYE0Wvgudl+IyPs20BJXNsjMn/6UO46+/fJZpi+NesBA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/genecc.sh b/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
index e17ad446..f90c5cbe 100755
--- a/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
+++ b/extra/wolfssl/wolfssl/certs/ecc/genecc.sh
@@ -32,7 +32,7 @@ openssl ca -batch -config ./certs/ecc/wolfssl.cnf -gencrl -crldays 1000 -out ./c
 
 
 # Generate ECC 256-bit server cert
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc-key.pem -out ./certs/server-ecc-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl x509 -req -in ./certs/server-ecc-req.pem -CA ./certs/ca-ecc-cert.pem -CAkey ./certs/ca-ecc-key.pem -CAcreateserial -out ./certs/server-ecc.pem -sha256
 
 # Sign server certificate
@@ -70,14 +70,14 @@ openssl ca -batch -config ./certs/ecc/wolfssl_384.cnf -gencrl -crldays 1000 -out
 # Generate ECC 384-bit server cert
 if [ -f ./certs/server-ecc384-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 else
     openssl ecparam -out ./certs/server-ecc384-key.par -name secp384r1
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/server-ecc384-key.par -keyout ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 fi
 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/server-ecc384-key.pem -out ./certs/server-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Srv/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl ec -in ./certs/server-ecc384-key.pem -inform PEM -out ./certs/server-ecc384-key.der -outform DER
 
 # Sign server certificate
@@ -90,14 +90,14 @@ rm ./certs/server-ecc384-key.par
 # Generate ECC 384-bit client cert
 if [ -f ./certs/client-ecc384-key.pem ]; then
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 else
     openssl ecparam -out ./certs/client-ecc384-key.par -name secp384r1
     openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -x509 -nodes -newkey ec:./certs/client-ecc384-key.par -keyout ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Cli/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 fi
 openssl req -config ./certs/ecc/wolfssl_384.cnf -sha384 -new -key ./certs/client-ecc384-key.pem -out ./certs/client-ecc384-req.pem \
-        -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+        -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC384Clit/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl ec -in ./certs/client-ecc384-key.pem -inform PEM -out ./certs/client-ecc384-key.der -outform DER
 
 # Sign client certificate
@@ -114,12 +114,12 @@ if [ -f ./certs/ecc/secp256k1-key.pem ]; then
         openssl ec -in ./certs/ecc/secp256k1-key.pem -inform PEM -out ./certs/ecc/secp256k1-key.der -outform DER
 fi
 # Create self-signed ECC Kerberos certificates
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/server-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl x509 -req -in ./certs/ecc/server-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/server-secp256k1-cert.pem
 openssl x509 -inform pem -in ./certs/ecc/server-secp256k1-cert.pem -outform der -out ./certs/ecc/server-secp256k1-cert.der
 rm ./certs/ecc/server-secp256k1-req.pem
 
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/client-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/secp256k1-key.pem -out ./certs/ecc/client-secp256k1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl x509 -req -in ./certs/ecc/client-secp256k1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/secp256k1-key.pem -text -out ./certs/ecc/client-secp256k1-cert.pem
 openssl x509 -inform pem -in ./certs/ecc/client-secp256k1-cert.pem -outform der -out ./certs/ecc/client-secp256k1-cert.der
 rm ./certs/ecc/client-secp256k1-req.pem
@@ -130,12 +130,12 @@ if [ -f ./certs/ecc/bp256r1-key.pem ]; then
         openssl ec -in ./certs/ecc/bp256r1-key.pem -inform PEM -out ./certs/ecc/bp256r1-key.der -outform DER
 fi
 # Create self-signed ECC Brainpool certificates
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/server-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl x509 -req -in ./certs/ecc/server-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions server_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/server-bp256r1-cert.pem
 openssl x509 -inform pem -in ./certs/ecc/server-bp256r1-cert.pem -outform der -out ./certs/ecc/server-bp256r1-cert.der
 rm ./certs/ecc/server-bp256r1-req.pem
 
-openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/client-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
+openssl req -config ./certs/ecc/wolfssl.cnf -sha256 -new -key ./certs/ecc/bp256r1-key.pem -out ./certs/ecc/client-bp256r1-req.pem -subj "/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-CLI/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/"
 openssl x509 -req -in ./certs/ecc/client-bp256r1-req.pem -days 3650 -extfile ./certs/ecc/wolfssl.cnf -extensions usr_cert -signkey ./certs/ecc/bp256r1-key.pem -text -out ./certs/ecc/client-bp256r1-cert.pem
 openssl x509 -inform pem -in ./certs/ecc/client-bp256r1-cert.pem -outform der -out ./certs/ecc/client-bp256r1-cert.der
 rm ./certs/ecc/client-bp256r1-req.pem
diff --git a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
index ff057a62..81344941 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
index 887b418f..f27a7acd 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/secp256k1-key.pem
@@ -1,5 +1,5 @@
 -----BEGIN EC PRIVATE KEY-----
-MHQCAQEEICTreBjyv+lbvmHMdmlhGIgC8YFT2d8aDeFXJY8gm6K0oAcGBSuBBAAK
-oUQDQgAEsU0Bi1gZNjvtu4le0YYFxmrUiET8WYD2FjKdVF24r8BcJA7M7uhlRUR6
-7kOJSXzr2xGsI+rlF2tZbXgZYZhfRw==
+MHQCAQEEIE+dRTV5HyFrkYXxlCq98Ojh6m+szQbktzQwSBUEs4s3oAcGBSuBBAAK
+oUQDQgAEvtBHZqZqbCG2cnHOIGdhBbPvuQcsMWq7b1MSUOkGBmRLFLtWYbMMP3Ly
+Rfc7ljl2V1KT6RKD8djFhxGqXo6lyQ==
 -----END EC PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
index 54e8f261..c3558a1a 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
index a00d259d..0e4c211f 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-bp256r1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            27:2c:3b:52:7f:63:95:4f:23:ff:51:44:ec:ae:27:ae:e5:e7:02:85
+            08:c3:a6:c3:3e:ba:4d:27:34:46:64:c6:e7:79:6c:68:25:e2:e8:d2
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Dec 13 21:17:49 2032 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Dec 10 22:19:28 2033 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256BPR1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:a7:73:e4:7d:1f:3b:9a:ec:98:0a:b0:34:88:e1:
-                    70:c9:3c:fc:18:51:1a:6f:34:40:87:72:64:d8:13:
-                    d3:ca:db:33:91:94:db:f3:4a:df:36:a6:96:dd:ed:
-                    8d:94:39:71:d8:91:38:58:59:8d:c8:37:bd:aa:af:
-                    05:af:2d:4d:c3
+                    04:51:f0:ec:e0:5c:38:82:7a:57:c1:cb:4f:32:a3:
+                    d0:dd:a2:7c:d9:22:fe:77:97:05:37:85:fb:41:57:
+                    df:fb:96:14:19:7f:79:48:70:f0:78:e8:76:9f:35:
+                    e1:ad:74:b1:80:8c:fa:ea:62:8b:69:c7:2b:bb:69:
+                    33:17:1a:f3:48
                 ASN1 OID: brainpoolP256r1
         X509v3 extensions:
             X509v3 Basic Constraints: 
@@ -25,39 +25,39 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
             X509v3 Subject Key Identifier: 
-                44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
+                77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
             X509v3 Authority Key Identifier: 
-                keyid:44:4D:6B:E2:24:7D:33:1A:B6:CE:AB:E6:60:C8:9F:96:E6:DA:1A:67
-                DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:27:2C:3B:52:7F:63:95:4F:23:FF:51:44:EC:AE:27:AE:E5:E7:02:85
+                keyid:77:B6:46:96:B9:B7:0D:54:A3:03:E8:21:F5:8D:37:69:3D:89:AD:FA
+                DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256BPR1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:08:C3:A6:C3:3E:BA:4D:27:34:46:64:C6:E7:79:6C:68:25:E2:E8:D2
 
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment, Key Agreement
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:21:00:a1:4c:75:71:fd:dc:f1:ff:9d:45:32:50:c2:
-         04:84:c5:a8:af:55:a0:4c:b8:54:31:04:fb:ce:e3:00:07:28:
-         81:02:20:05:10:20:8e:17:94:78:05:f8:48:27:df:26:79:c2:
-         6e:18:b0:60:74:39:5c:1d:da:11:0b:62:54:f6:bf:e6:fa
+         30:44:02:20:69:b5:0e:9a:17:cc:4d:5e:3b:b7:9d:ee:e8:76:
+         a6:c0:94:c1:1f:e3:34:3a:cb:6a:9b:09:b1:55:0d:db:3a:c0:
+         02:20:5b:8d:09:46:fd:7c:73:ca:c8:18:3c:ed:1a:84:9c:c9:
+         02:f4:50:3a:26:8a:eb:76:6b:82:a7:7f:95:18:ba:10
 -----BEGIN CERTIFICATE-----
-MIIDfjCCAySgAwIBAgIUJyw7Un9jlU8j/1FE7K4nruXnAoUwCgYIKoZIzj0EAwIw
-gZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNS
-VjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTMyMTIxMzIxMTc0OVowgZox
-CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
-dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEY
-MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMFowFAYHKoZIzj0CAQYJKyQDAwIIAQEHA0IABKdz5H0fO5rsmAqw
-NIjhcMk8/BhRGm80QIdyZNgT08rbM5GU2/NK3zamlt3tjZQ5cdiROFhZjcg3vaqv
-Ba8tTcOjggFDMIIBPzAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNV
-HQ4EFgQURE1r4iR9Mxq2zqvmYMiflubaGmcwgdoGA1UdIwSB0jCBz4AURE1r4iR9
-Mxq2zqvmYMiflubaGmehgaCkgZ0wgZoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApX
-YXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRcw
-FQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQnLDtSf2OVTyP/UUTs
-rieu5ecChTAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYI
-KoZIzj0EAwIDSAAwRQIhAKFMdXH93PH/nUUyUMIEhMWor1WgTLhUMQT7zuMAByiB
-AiAFECCOF5R4BfhIJ98mecJuGLBgdDlcHdoRC2JU9r/m+g==
+MIIDgDCCAyegAwIBAgIUCMOmwz66TSc0RmTG53lsaCXi6NIwCgYIKoZIzj0EAwIw
+gZsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEXMBUGA1UECwwORUNDMjU2QlBSMS1T
+UlYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5m
+b0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0zMzEyMTAyMjE5MjhaMIGb
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
+dHRsZTERMA8GA1UECgwIRWxsaXB0aWMxFzAVBgNVBAsMDkVDQzI1NkJQUjEtU1JW
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wWjAUBgcqhkjOPQIBBgkrJAMDAggBAQcDQgAEUfDs4Fw4gnpX
+wctPMqPQ3aJ82SL+d5cFN4X7QVff+5YUGX95SHDweOh2nzXhrXSxgIz66mKLaccr
+u2kzFxrzSKOCAUQwggFAMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZAMB0G
+A1UdDgQWBBR3tkaWubcNVKMD6CH1jTdpPYmt+jCB2wYDVR0jBIHTMIHQgBR3tkaW
+ubcNVKMD6CH1jTdpPYmt+qGBoaSBnjCBmzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MRcwFQYDVQQLDA5FQ0MyNTZCUFIxLVNSVjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQIw6bDPrpNJzRG
+ZMbneWxoJeLo0jAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEw
+CgYIKoZIzj0EAwIDRwAwRAIgabUOmhfMTV47t53u6HamwJTBH+M0OstqmwmxVQ3b
+OsACIFuNCUb9fHPKyBg87RqEnMkC9FA6JorrdmuCp3+VGLoQ
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
index c4ac8e03..ad0ab8e4 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
index d27d4771..ad54e670 100644
--- a/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ecc/server-secp256k1-cert.pem
@@ -2,22 +2,22 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            6f:5e:bd:82:85:40:71:f7:15:53:aa:04:43:b0:ae:7d:e7:5e:70:f3
+            2e:df:46:12:94:ee:71:51:00:dc:bb:41:41:80:ae:1a:f1:11:68:26
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Dec 13 21:17:49 2032 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Dec 10 22:19:28 2033 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC256K1-SRV, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:b1:4d:01:8b:58:19:36:3b:ed:bb:89:5e:d1:86:
-                    05:c6:6a:d4:88:44:fc:59:80:f6:16:32:9d:54:5d:
-                    b8:af:c0:5c:24:0e:cc:ee:e8:65:45:44:7a:ee:43:
-                    89:49:7c:eb:db:11:ac:23:ea:e5:17:6b:59:6d:78:
-                    19:61:98:5f:47
+                    04:be:d0:47:66:a6:6a:6c:21:b6:72:71:ce:20:67:
+                    61:05:b3:ef:b9:07:2c:31:6a:bb:6f:53:12:50:e9:
+                    06:06:64:4b:14:bb:56:61:b3:0c:3f:72:f2:45:f7:
+                    3b:96:39:76:57:52:93:e9:12:83:f1:d8:c5:87:11:
+                    aa:5e:8e:a5:c9
                 ASN1 OID: secp256k1
         X509v3 extensions:
             X509v3 Basic Constraints: 
@@ -25,39 +25,39 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
             X509v3 Subject Key Identifier: 
-                55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
+                6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
             X509v3 Authority Key Identifier: 
-                keyid:55:43:F0:D0:D3:04:98:0C:EB:7C:EA:83:D3:BD:F4:81:46:31:D1:0F
-                DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:6F:5E:BD:82:85:40:71:F7:15:53:AA:04:43:B0:AE:7D:E7:5E:70:F3
+                keyid:6D:9A:0A:D6:4C:C9:43:6B:12:29:C4:B0:B5:49:8A:7F:BD:42:4B:87
+                DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC256K1-SRV/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:2E:DF:46:12:94:EE:71:51:00:DC:BB:41:41:80:AE:1A:F1:11:68:26
 
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment, Key Agreement
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:21:00:e2:fb:1e:0b:92:fd:b1:10:4e:bd:dc:2c:5c:
-         d1:23:59:12:4c:b0:f3:5d:4a:fc:69:ad:b9:3b:c8:06:17:11:
-         63:02:20:5c:63:ab:3a:67:dc:2b:08:ca:39:9f:88:43:e7:82:
-         d0:9c:e7:05:4e:f2:b6:f2:ce:e0:8c:3d:b6:c6:8f:81:8a
+         30:44:02:20:58:e1:97:fe:81:7a:54:8d:d1:46:41:fd:1a:cf:
+         1d:c1:d8:f5:cb:00:21:df:66:21:09:eb:ce:a2:cb:db:d0:63:
+         02:20:3a:2b:e8:46:e3:1c:c3:23:e8:ee:8c:f9:22:57:30:d5:
+         8a:9b:6d:f3:a7:fb:e5:09:aa:38:ba:9a:84:e6:37:7b
 -----BEGIN CERTIFICATE-----
-MIIDdDCCAxqgAwIBAgIUb169goVAcfcVU6oEQ7CufedecPMwCgYIKoZIzj0EAwIw
-gZgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1TUlYx
-GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGYMQsw
-CQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRs
-ZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtU1JWMRgwFgYD
-VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wVjAQBgcqhkjOPQIBBgUrgQQACgNCAASxTQGLWBk2O+27iV7RhgXGatSI
-RPxZgPYWMp1UXbivwFwkDszu6GVFRHruQ4lJfOvbEawj6uUXa1lteBlhmF9Ho4IB
-QTCCAT0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFFVD
-8NDTBJgM63zqg9O99IFGMdEPMIHYBgNVHSMEgdAwgc2AFFVD8NDTBJgM63zqg9O9
-9IFGMdEPoYGepIGbMIGYMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3Rv
-bjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHRWxpcHRpYzEVMBMGA1UECwwM
-RUNDMjU2SzEtU1JWMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFG9evYKFQHH3FVOqBEOwrn3nXnDzMA4G
-A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNI
-ADBFAiEA4vseC5L9sRBOvdwsXNEjWRJMsPNdSvxprbk7yAYXEWMCIFxjqzpn3CsI
-yjmfiEPngtCc5wVO8rbyzuCMPbbGj4GK
+MIIDdjCCAx2gAwIBAgIULt9GEpTucVEA3LtBQYCuGvERaCYwCgYIKoZIzj0EAwIw
+gZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UECwwMRUNDMjU2SzEtU1JW
+MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
+d29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI4WhcNMzMxMjEwMjIxOTI4WjCBmTEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0
+bGUxETAPBgNVBAoMCEVsbGlwdGljMRUwEwYDVQQLDAxFQ0MyNTZLMS1TUlYxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTBWMBAGByqGSM49AgEGBSuBBAAKA0IABL7QR2amamwhtnJxziBnYQWz
+77kHLDFqu29TElDpBgZkSxS7VmGzDD9y8kX3O5Y5dldSk+kSg/HYxYcRql6Opcmj
+ggFCMIIBPjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4EFgQU
+bZoK1kzJQ2sSKcSwtUmKf71CS4cwgdkGA1UdIwSB0TCBzoAUbZoK1kzJQ2sSKcSw
+tUmKf71CS4ehgZ+kgZwwgZkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5n
+dG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEVMBMGA1UE
+CwwMRUNDMjU2SzEtU1JWMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFC7fRhKU7nFRANy7QUGArhrxEWgm
+MA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAKBggqhkjOPQQD
+AgNHADBEAiBY4Zf+gXpUjdFGQf0azx3B2PXLACHfZiEJ686iy9vQYwIgOivoRuMc
+wyPo7oz5Ilcw1YqbbfOn++UJqji6moTmN3s=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
index 5ac78811..b1e98d73 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.der
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
index 644b9716..20221652 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/ca-ed25519.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -26,22 +26,22 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED25519
-         40:01:0f:0b:8d:d6:aa:dc:2c:b3:40:22:e7:78:ef:1c:8b:08:
-         27:ee:d9:d7:b6:91:b3:2d:3d:ac:b9:50:fb:2f:b5:25:63:5a:
-         1a:3d:3e:cd:81:a1:a9:e7:d5:a1:4a:19:b8:4c:b0:1d:3c:8a:
-         e3:47:c0:f6:41:95:e6:59:23:08
+         e6:71:a0:59:63:b4:31:31:1f:75:06:ce:f1:89:f0:e7:a2:db:
+         a8:c1:e4:c8:61:38:0c:e6:e9:e7:b9:9f:ce:e2:f5:49:a3:f5:
+         04:1e:85:f7:7d:10:fb:1d:ee:b6:dc:5e:51:f1:82:33:a4:ed:
+         e0:0a:65:09:2b:0e:1e:b2:af:0b
 -----BEGIN CERTIFICATE-----
 MIICZTCCAhegAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
 MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
 MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
 LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
 8ixkAQEMB3dvbGZTU0wwKjAFBgMrZXADIQBCO3r5gs/53xnd8/AyKW36/XZPaMLC
 4GxHrsJVaKwNTaNjMGEwHQYDVR0OBBYEFHTVOBleg7kD+AGKNTW7iUxJtCPpMB8G
 A1UdIwQYMBaAFPq6W3Yd8R0dTXRI2Jg7Vu+zFPPeMA8GA1UdEwEB/wQFMAMBAf8w
-DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAEABDwuN1qrcLLNAIud47xyLCCfu2de2
-kbMtPay5UPsvtSVjWho9Ps2Boann1aFKGbhMsB08iuNHwPZBleZZIwg=
+DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAOZxoFljtDExH3UGzvGJ8Oei26jB5Mhh
+OAzm6ee5n87i9Umj9QQehfd9EPsd7rbcXlHxgjOk7eAKZQkrDh6yrws=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
index 64978eea..82347a28 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.der
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
index 7706b1a7..9d35f82d 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/client-ed25519.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            69:ac:b8:b4:f7:e4:11:cb:c5:63:b2:cc:2a:a8:e2:0f:55:ee:86:86
+            31:e6:4a:b1:6b:4e:2e:77:7b:d6:e3:94:8a:cf:02:b7:58:5a:fb:ab
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Client-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -22,7 +22,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:FE:41:5E:3E:81:E2:2E:46:B3:3E:47:89:90:D4:C2:B4:8E:11:D6:8A
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed25519/OU=Client-ed25519/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
-                serial:69:AC:B8:B4:F7:E4:11:CB:C5:63:B2:CC:2A:A8:E2:0F:55:EE:86:86
+                serial:31:E6:4A:B1:6B:4E:2E:77:7B:D6:E3:94:8A:CF:02:B7:58:5A:FB:AB
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -31,17 +31,17 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ED25519
-         2e:4a:b8:2a:f0:75:ee:31:6a:51:0a:6a:54:5b:45:6e:ac:03:
-         a8:a9:9a:d4:d6:38:02:eb:76:b6:a7:66:86:ea:e9:f3:6f:31:
-         4e:e4:50:d1:75:fe:88:3f:23:9d:76:d9:9c:07:14:13:16:30:
-         c3:40:51:06:da:a5:39:5f:0a:09
+         92:ac:52:cf:34:c2:76:8a:78:f7:ef:da:3f:79:e9:66:d1:de:
+         e1:d7:56:b5:4b:cf:a7:c2:03:af:cc:23:11:4b:44:0c:33:ce:
+         45:e0:33:eb:cc:c9:f8:38:5b:19:6f:86:4d:97:30:d1:55:6e:
+         cb:5f:39:c9:a3:22:16:66:5f:07
 -----BEGIN CERTIFICATE-----
-MIIDnzCCA1GgAwIBAgIUaay4tPfkEcvFY7LMKqjiD1XuhoYwBQYDK2VwMIG4MQsw
+MIIDnzCCA1GgAwIBAgIUMeZKsWtOLnd71uOUis8Ct1ha+6swBQYDK2VwMIG4MQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
 MBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUx
 OTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
-QHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMjEyMTYy
-MTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG4MQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
+QHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMzEyMTMy
+MjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG4MQswCQYDVQQGEwJVUzEQMA4GA1UECAwH
 TW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9lZDI1
 NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
 c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZIm
@@ -51,9 +51,9 @@ EdaKMIH4BgNVHSMEgfAwge2AFP5BXj6B4i5Gsz5HiZDUwrSOEdaKoYG+pIG7MIG4
 MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
 bjEYMBYGA1UECgwPd29sZlNTTF9lZDI1NTE5MRcwFQYDVQQLDA5DbGllbnQtZWQy
 NTUxOTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBp
-bmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTIIUaay4tPfk
-EcvFY7LMKqjiD1XuhoYwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
+bmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTIIUMeZKsWtO
+Lnd71uOUis8Ct1ha+6swDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxl
 LmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwBQYDK2Vw
-A0EALkq4KvB17jFqUQpqVFtFbqwDqKma1NY4Aut2tqdmhurp828xTuRQ0XX+iD8j
-nXbZnAcUExYww0BRBtqlOV8KCQ==
+A0EAkqxSzzTCdop49+/aP3npZtHe4ddWtUvPp8IDr8wjEUtEDDPOReAz68zJ+Dhb
+GW+GTZcw0VVuy185yaMiFmZfBw==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der
new file mode 100644
index 00000000..1c08775e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.der
@@ -0,0 +1,2 @@
+0%
+

 ÔîrÛùXJÕ¶Øñ÷iø­:þ|(ËñÔûà—¨�DuXB
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem
new file mode 100644
index 00000000..496fc47f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/ed25519/eddsa-ed25519.pem
@@ -0,0 +1,3 @@
+-----BEGIN EDDSA PRIVATE KEY-----
+MCUKAQEEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC
+-----END EDDSA PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/include.am b/extra/wolfssl/wolfssl/certs/ed25519/include.am
index 5739596c..de4c3488 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/include.am
+++ b/extra/wolfssl/wolfssl/certs/ed25519/include.am
@@ -27,7 +27,9 @@ EXTRA_DIST += \
          certs/ed25519/server-ed25519-key.der \
          certs/ed25519/server-ed25519-key.pem \
          certs/ed25519/server-ed25519-priv.der \
-         certs/ed25519/server-ed25519-priv.pem
+         certs/ed25519/server-ed25519-priv.pem \
+         certs/ed25519/eddsa-ed25519.der \
+         certs/ed25519/eddsa-ed25519.pem
 
 EXTRA_DIST += \
          certs/ed25519/gen-ed25519.sh \
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
index 4013c673..d83657cb 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.der
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
index 13240e8b..f24691e3 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/root-ed25519.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            4b:b3:7e:42:e1:d1:6c:16:28:33:87:4f:4f:b8:fb:44:1f:cf:7a:18
+            46:46:59:7b:c4:b5:a1:60:04:ac:02:eb:e1:90:18:64:d9:1c:dc:bd
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -27,22 +27,22 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED25519
-         3d:94:fc:b8:6a:4a:d4:34:91:8b:84:c2:c6:ac:7b:93:60:44:
-         24:e0:0e:19:79:a5:73:49:72:af:85:82:5b:1a:05:2a:69:6a:
-         13:01:69:26:b6:64:99:22:b4:8e:13:ec:91:13:44:b4:14:eb:
-         51:21:b1:5b:78:85:c8:c6:db:0f
+         ac:a3:8f:0c:8a:5d:96:a3:87:54:2f:0e:f3:9b:ce:e4:6e:33:
+         84:ff:e6:79:ff:9a:3d:c6:86:12:c8:47:4e:64:ba:c1:8b:55:
+         0e:cd:61:33:d3:0a:54:ce:d4:51:3e:cd:7f:6f:00:f8:5c:26:
+         6d:a8:25:dc:f7:39:73:a9:92:05
 -----BEGIN CERTIFICATE-----
-MIICYTCCAhOgAwIBAgIUS7N+QuHRbBYoM4dPT7j7RB/PehgwBQYDK2VwMIGdMQsw
+MIICYTCCAhOgAwIBAgIURkZZe8S1oWAErALr4ZAYZNkc3L0wBQYDK2VwMIGdMQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
 MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIGdMQsw
+b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGdMQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEY
 MBYGA1UECgwPd29sZlNTTF9FZDI1NTE5MRUwEwYDVQQLDAxSb290LUVkMjU1MTkx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
 b2xmc3NsLmNvbTAqMAUGAytlcAMhAOmzb3xwiqvKVCBOZHY8Gk/3+l5K//PbuWQt
 EKUMWj/ao2MwYTAdBgNVHQ4EFgQU+rpbdh3xHR1NdEjYmDtW77MU894wHwYDVR0j
 BBgwFoAU+rpbdh3xHR1NdEjYmDtW77MU894wDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAYYwBQYDK2VwA0EAPZT8uGpK1DSRi4TCxqx7k2BEJOAOGXmlc0ly
-r4WCWxoFKmlqEwFpJrZkmSK0jhPskRNEtBTrUSGxW3iFyMbbDw==
+HQ8BAf8EBAMCAYYwBQYDK2VwA0EArKOPDIpdlqOHVC8O85vO5G4zhP/mef+aPcaG
+EshHTmS6wYtVDs1hM9MKVM7UUT7Nf28A+Fwmbagl3Pc5c6mSBQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
index cce5f924..d08b56a0 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -30,16 +30,16 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ED25519
-         36:3f:8d:2f:28:bd:51:83:b8:d8:9c:09:64:c4:77:fd:cd:c6:
-         c3:86:b0:8d:81:e3:e9:ce:7a:2a:32:15:e9:f9:6a:75:1a:a0:
-         5e:71:62:72:de:46:11:a8:9d:db:80:6b:73:38:61:0c:f3:24:
-         11:45:c9:a1:d3:d2:3b:05:d5:05
+         22:d7:34:ac:33:65:8b:18:a4:34:f9:3a:e6:ce:c1:77:a6:3d:
+         2a:2a:ee:22:ad:6e:fc:36:fc:98:8d:8a:fd:3f:cb:a9:74:01:
+         25:96:05:e1:39:13:8b:d9:05:6d:c9:ba:0e:5d:36:bf:39:03:
+         57:2a:55:fc:e3:53:c3:1b:e1:0b
 -----BEGIN CERTIFICATE-----
 MIICpzCCAlmgAwIBAgIBATAFBgMrZXAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
 MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
 LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
-8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCB
 uDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xGDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOU2VydmVyLWVk
 MjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
@@ -47,7 +47,7 @@ aW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwKjAFBgMr
 ZXADIQAjqk1gUOAT0zrtq/apzEr+100v0lsaEAXvWkElzhtTeKOBiTCBhjAdBgNV
 HQ4EFgQUoymB55BvuWD4r8wVeq7XofS0hrowHwYDVR0jBBgwFoAUdNU4GV6DuQP4
 AYo1NbuJTEm0I+kwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0l
-BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBADY/jS8o
-vVGDuNicCWTEd/3NxsOGsI2B4+nOeioyFen5anUaoF5xYnLeRhGonduAa3M4YQzz
-JBFFyaHT0jsF1QU=
+BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBACLXNKwz
+ZYsYpDT5OubOwXemPSoq7iKtbvw2/JiNiv0/y6l0ASWWBeE5E4vZBW3Jug5dNr85
+A1cqVfzjU8Mb4Qs=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
index 21f0814c..d4b8eca3 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.der
diff --git a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
index 8c2636bc..9d4cfbe6 100644
--- a/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
+++ b/extra/wolfssl/wolfssl/certs/ed25519/server-ed25519.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = Server-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -30,16 +30,16 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ED25519
-         36:3f:8d:2f:28:bd:51:83:b8:d8:9c:09:64:c4:77:fd:cd:c6:
-         c3:86:b0:8d:81:e3:e9:ce:7a:2a:32:15:e9:f9:6a:75:1a:a0:
-         5e:71:62:72:de:46:11:a8:9d:db:80:6b:73:38:61:0c:f3:24:
-         11:45:c9:a1:d3:d2:3b:05:d5:05
+         22:d7:34:ac:33:65:8b:18:a4:34:f9:3a:e6:ce:c1:77:a6:3d:
+         2a:2a:ee:22:ad:6e:fc:36:fc:98:8d:8a:fd:3f:cb:a9:74:01:
+         25:96:05:e1:39:13:8b:d9:05:6d:c9:ba:0e:5d:36:bf:39:03:
+         57:2a:55:fc:e3:53:c3:1b:e1:0b
 -----BEGIN CERTIFICATE-----
 MIICpzCCAlmgAwIBAgIBATAFBgMrZXAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
 MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
 LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
-8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCB
+8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCB
 uDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xGDAWBgNVBAoMD3dvbGZTU0xfZWQyNTUxOTEXMBUGA1UECwwOU2VydmVyLWVk
 MjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQ
@@ -47,9 +47,9 @@ aW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwKjAFBgMr
 ZXADIQAjqk1gUOAT0zrtq/apzEr+100v0lsaEAXvWkElzhtTeKOBiTCBhjAdBgNV
 HQ4EFgQUoymB55BvuWD4r8wVeq7XofS0hrowHwYDVR0jBBgwFoAUdNU4GV6DuQP4
 AYo1NbuJTEm0I+kwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0l
-BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBADY/jS8o
-vVGDuNicCWTEd/3NxsOGsI2B4+nOeioyFen5anUaoF5xYnLeRhGonduAa3M4YQzz
-JBFFyaHT0jsF1QU=
+BAwwCgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMAUGAytlcANBACLXNKwz
+ZYsYpDT5OubOwXemPSoq7iKtbvw2/JiNiv0/y6l0ASWWBeE5E4vZBW3Jug5dNr85
+A1cqVfzjU8Mb4Qs=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -58,8 +58,8 @@ Certificate:
         Signature Algorithm: ED25519
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed25519, OU = Root-Ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed25519, OU = CA-ed25519, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED25519
@@ -79,22 +79,22 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED25519
-         40:01:0f:0b:8d:d6:aa:dc:2c:b3:40:22:e7:78:ef:1c:8b:08:
-         27:ee:d9:d7:b6:91:b3:2d:3d:ac:b9:50:fb:2f:b5:25:63:5a:
-         1a:3d:3e:cd:81:a1:a9:e7:d5:a1:4a:19:b8:4c:b0:1d:3c:8a:
-         e3:47:c0:f6:41:95:e6:59:23:08
+         e6:71:a0:59:63:b4:31:31:1f:75:06:ce:f1:89:f0:e7:a2:db:
+         a8:c1:e4:c8:61:38:0c:e6:e9:e7:b9:9f:ce:e2:f5:49:a3:f5:
+         04:1e:85:f7:7d:10:fb:1d:ee:b6:dc:5e:51:f1:82:33:a4:ed:
+         e0:0a:65:09:2b:0e:1e:b2:af:0b
 -----BEGIN CERTIFICATE-----
 MIICZTCCAhegAwIBAgIBATAFBgMrZXAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX0Vk
 MjU1MTkxFTATBgNVBAsMDFJvb3QtRWQyNTUxOTEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX2Vk
 MjU1MTkxEzARBgNVBAsMCkNBLWVkMjU1MTkxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
 LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT
 8ixkAQEMB3dvbGZTU0wwKjAFBgMrZXADIQBCO3r5gs/53xnd8/AyKW36/XZPaMLC
 4GxHrsJVaKwNTaNjMGEwHQYDVR0OBBYEFHTVOBleg7kD+AGKNTW7iUxJtCPpMB8G
 A1UdIwQYMBaAFPq6W3Yd8R0dTXRI2Jg7Vu+zFPPeMA8GA1UdEwEB/wQFMAMBAf8w
-DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAEABDwuN1qrcLLNAIud47xyLCCfu2de2
-kbMtPay5UPsvtSVjWho9Ps2Boann1aFKGbhMsB08iuNHwPZBleZZIwg=
+DgYDVR0PAQH/BAQDAgGGMAUGAytlcANBAOZxoFljtDExH3UGzvGJ8Oei26jB5Mhh
+OAzm6ee5n87i9Umj9QQehfd9EPsd7rbcXlHxgjOk7eAKZQkrDh6yrws=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
index b9493ac8..25085505 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.der
diff --git a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
index c090c44a..a384c30a 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/ca-ed448.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -27,27 +27,27 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED448
-         44:dc:1a:ae:76:a6:28:68:81:e9:27:c5:53:ea:96:92:04:0f:
-         a0:a9:cc:97:7c:9f:05:62:d7:bb:a2:df:5e:3d:52:87:ab:15:
-         35:cd:c5:e1:e7:c2:9a:c6:d8:20:46:6b:62:4b:0d:28:41:d2:
-         5e:11:80:4f:41:c2:23:bd:2b:b0:e1:e0:66:58:c1:aa:24:f8:
-         7b:98:99:79:31:2b:33:5e:95:3a:87:cc:cf:49:a5:87:3b:38:
-         9e:c2:be:de:45:34:55:25:78:3c:19:03:f3:62:14:a7:2a:9a:
-         2e:78:8b:6a:3a:00
+         24:d8:26:28:60:11:09:c1:a5:f9:a9:7f:a7:40:ed:a5:07:cb:
+         cb:3e:a1:6a:d3:45:6d:4c:e1:66:36:37:57:6a:34:5d:33:45:
+         b3:17:e1:18:76:57:df:fe:44:b4:ec:04:16:74:52:82:24:52:
+         1f:99:00:2d:42:a9:5c:45:1b:8d:b8:95:ce:0d:82:cb:52:8f:
+         e2:bd:20:19:6a:8a:79:29:f6:20:d3:e6:35:8c:27:1a:a4:64:
+         b7:ff:91:09:21:57:c6:11:c5:01:9a:98:54:31:37:7a:7b:ed:
+         35:a9:4d:13:19:00
 -----BEGIN CERTIFICATE-----
 MIICqDCCAiigAwIBAgIBATAFBgMrZXEwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX0Vk
 NDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjEx
-NzUwWhcNMjUwOTExMjExNzUwWjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIx
+OTI5WhcNMjYwOTA4MjIxOTI5WjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
 bnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAUBgNVBAoMDXdvbGZTU0xfZWQ0NDgx
 ETAPBgNVBAsMCENBLWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
 BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3
 b2xmU1NMMEMwBQYDK2VxAzoADuK0duXSzMJLe7ApvpL7w69ppZS6cCToo+/IY5rd
 pq9YQzgEJPAQkb6nAZFU889phUy5l4ykN6oAo2MwYTAdBgNVHQ4EFgQUOFlF6N1E
 LLV9pSXWC8w58HLAlGMwHwYDVR0jBBgwFoAU2mmYySZKdftZXlOaY0sMuIgLDx4w
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MARNwarnam
-KGiB6SfFU+qWkgQPoKnMl3yfBWLXu6LfXj1Sh6sVNc3F4efCmsbYIEZrYksNKEHS
-XhGAT0HCI70rsOHgZljBqiT4e5iZeTErM16VOofMz0mlhzs4nsK+3kU0VSV4PBkD
-82IUpyqaLniLajoA
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MAJNgmKGAR
+CcGl+al/p0DtpQfLyz6hatNFbUzhZjY3V2o0XTNFsxfhGHZX3/5EtOwEFnRSgiRS
+H5kALUKpXEUbjbiVzg2Cy1KP4r0gGWqKeSn2INPmNYwnGqRkt/+RCSFXxhHFAZqY
+VDE3envtNalNExkA
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
index 48d6d4fe..e220065a 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.der
diff --git a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
index f20ac5e3..ec2bf3da 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/client-ed448.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            41:cb:cd:b4:41:06:a7:13:d4:27:66:bf:c9:a7:44:64:18:84:d5:eb
+            1e:73:eb:26:79:34:8f:f6:ba:9b:e5:8d:b4:e1:1a:73:6b:91:a6:6b
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Client-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -23,7 +23,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:F3:C7:66:93:0D:CB:0E:1B:80:08:00:CF:E3:4E:11:4D:58:2B:4B:D4
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_ed448/OU=Client-ed448/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
-                serial:41:CB:CD:B4:41:06:A7:13:D4:27:66:BF:C9:A7:44:64:18:84:D5:EB
+                serial:1E:73:EB:26:79:34:8F:F6:BA:9B:E5:8D:B4:E1:1A:73:6B:91:A6:6B
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -32,20 +32,20 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ED448
-         00:99:ac:61:ff:f7:f9:cd:d9:75:74:6f:16:8d:65:12:60:77:
-         6d:1a:ee:42:bb:aa:31:cc:c9:57:c7:2e:78:a3:a5:48:73:ac:
-         b2:d9:2b:ca:f5:35:14:a3:e9:64:40:de:b7:2a:24:d3:73:f9:
-         17:fe:80:32:dd:7b:7f:39:29:87:a3:de:d3:48:27:84:b2:50:
-         0b:c4:02:36:cd:10:62:88:61:a4:74:c9:b6:5d:c7:94:f0:83:
-         28:36:73:5c:a0:66:62:06:63:c1:41:2d:c3:23:24:e6:4f:f9:
-         19:85:2f:8d:30:00
+         c8:1a:84:b3:0f:6c:53:1b:21:49:44:ce:5d:46:30:1a:9a:eb:
+         9e:cb:22:40:89:09:a8:4a:23:69:27:05:f3:cf:5d:7a:d0:9b:
+         a7:fd:b9:52:d2:4e:b1:e4:ed:8f:de:7f:75:49:07:f5:df:ec:
+         ac:34:00:d4:12:b1:b4:1e:49:1c:da:ae:34:db:4c:d6:2b:40:
+         00:2a:ed:3f:37:09:26:62:ab:32:34:f4:81:19:d4:6b:ef:07:
+         19:0c:6c:d9:e9:69:24:c7:e5:b2:73:b0:6d:14:ba:3e:8a:86:
+         5d:24:dc:80:3c:00
 -----BEGIN CERTIFICATE-----
-MIID3jCCA16gAwIBAgIUQcvNtEEGpxPUJ2a/yadEZBiE1eswBQYDK2VxMIG0MQsw
+MIID3jCCA16gAwIBAgIUHnPrJnk0j/a6m+WNtOEac2uRpmswBQYDK2VxMIG0MQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
 MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMQ2xpZW50LWVkNDQ4MRgw
 FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
-ZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc1
-MFoXDTI1MDkxMTIxMTc1MFowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
+ZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTky
+OVoXDTI2MDkwODIyMTkyOVowgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
 YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUw
 EwYDVQQLDAxDbGllbnQtZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEf
 MB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEM
@@ -56,9 +56,9 @@ VzXIdrOzMI+HeOYmWifYDDieezwTL8ykKWyA74CjggFlMIIBYTAdBgNVHQ4EFgQU
 MRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2VkNDQ4MRUwEwYD
 VQQLDAxDbGllbnQtZWQ0NDgxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
 CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
-bGZTU0yCFEHLzbRBBqcT1Cdmv8mnRGQYhNXrMAwGA1UdEwQFMAMBAf8wHAYDVR0R
+bGZTU0yCFB5z6yZ5NI/2upvljbThGnNrkaZrMAwGA1UdEwQFMAMBAf8wHAYDVR0R
 BBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
-AQUFBwMCMAUGAytlcQNzAACZrGH/9/nN2XV0bxaNZRJgd20a7kK7qjHMyVfHLnij
-pUhzrLLZK8r1NRSj6WRA3rcqJNNz+Rf+gDLde385KYej3tNIJ4SyUAvEAjbNEGKI
-YaR0ybZdx5Twgyg2c1ygZmIGY8FBLcMjJOZP+RmFL40wAA==
+AQUFBwMCMAUGAytlcQNzAMgahLMPbFMbIUlEzl1GMBqa657LIkCJCahKI2knBfPP
+XXrQm6f9uVLSTrHk7Y/ef3VJB/Xf7Kw0ANQSsbQeSRzarjTbTNYrQAAq7T83CSZi
+qzI09IEZ1GvvBxkMbNnpaSTH5bJzsG0Uuj6Khl0k3IA8AA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
index 055ea06e..959c9d89 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.der
diff --git a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
index d9d289de..15ea8227 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/root-ed448.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            15:10:83:9c:88:f8:38:05:d2:56:c9:ff:8d:c8:a7:bb:c3:ee:a1:d5
+            13:86:16:ce:8f:3e:19:34:76:2d:dd:88:13:01:34:86:73:7b:5a:9a
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -28,27 +28,27 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED448
-         e0:a1:1b:d8:b9:fe:48:22:0c:ec:a4:8d:7b:b1:dd:b7:a2:b7:
-         8c:48:49:0d:d7:39:5f:13:97:16:0c:2a:d1:3d:c8:f6:fb:f6:
-         81:55:f0:5f:ff:cb:94:eb:29:6a:9d:2d:16:4c:2b:bd:13:9f:
-         22:87:80:42:17:c3:de:2b:fb:87:a1:1d:79:29:bf:59:12:c7:
-         71:68:ca:78:33:ae:bf:1a:8d:8c:f1:68:e1:92:7e:6b:65:5a:
-         49:ef:a6:47:4d:e6:70:93:61:58:fa:63:23:63:d4:09:c3:49:
-         e5:b1:f9:27:1c:00
+         58:fd:39:b5:c2:38:86:da:aa:72:ec:35:44:d1:8a:b6:7c:28:
+         9f:c4:75:c9:bf:09:d8:49:c0:18:34:9d:10:c3:e9:f3:54:9b:
+         3d:8a:c7:9c:bd:a1:9d:33:88:17:f2:55:9c:bb:00:63:d8:40:
+         a2:ed:80:7d:e9:95:1d:f0:fb:9f:7c:43:ba:b1:63:4e:48:7e:
+         87:ea:82:21:bb:3f:a5:2f:6e:43:77:90:4b:e3:e4:29:a8:a1:
+         c0:c4:22:a5:6c:49:ef:c7:e9:36:1c:39:3f:71:3d:6d:51:27:
+         89:99:fa:c6:1c:00
 -----BEGIN CERTIFICATE-----
-MIICpDCCAiSgAwIBAgIUFRCDnIj4OAXSVsn/jcinu8PuodUwBQYDK2VxMIGZMQsw
+MIICpDCCAiSgAwIBAgIUE4YWzo8+GTR2Ld2IEwE0hnN7WpowBQYDK2VxMIGZMQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
 MBQGA1UECgwNd29sZlNTTF9FZDQ0ODETMBEGA1UECwwKUm9vdC1FZDQ0ODEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
-c2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZkxCzAJBgNV
+c2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgZkxCzAJBgNV
 BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYD
 VQQKDA13b2xmU1NMX0VkNDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQD
 DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b20wQzAFBgMrZXEDOgALZCYoz7VGm+4/6jv1Znoy1P59+IBfWFds13nuZqI9VI+N
 CK/LuEOUUF3lU2JpyHWCpl5EyktbCwCjYzBhMB0GA1UdDgQWBBTaaZjJJkp1+1le
 U5pjSwy4iAsPHjAfBgNVHSMEGDAWgBTaaZjJJkp1+1leU5pjSwy4iAsPHjAPBgNV
-HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwDgoRvYuf5IIgzs
-pI17sd23oreMSEkN1zlfE5cWDCrRPcj2+/aBVfBf/8uU6ylqnS0WTCu9E58ih4BC
-F8PeK/uHoR15Kb9ZEsdxaMp4M66/Go2M8Wjhkn5rZVpJ76ZHTeZwk2FY+mMjY9QJ
-w0nlsfknHAA=
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAFBgMrZXEDcwBY/Tm1wjiG2qpy
+7DVE0Yq2fCifxHXJvwnYScAYNJ0Qw+nzVJs9isecvaGdM4gX8lWcuwBj2ECi7YB9
+6ZUd8PuffEO6sWNOSH6H6oIhuz+lL25Dd5BL4+QpqKHAxCKlbEnvx+k2HDk/cT1t
+USeJmfrGHAA=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem b/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
index c18e147a..43085091 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -31,19 +31,19 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ED448
-         85:87:37:04:21:3e:2a:09:c2:e3:ca:28:12:28:f5:a4:98:e8:
-         14:54:ea:13:1e:fc:bc:ca:eb:1c:7f:e0:c1:53:ac:be:0d:ff:
-         d3:49:00:30:4f:74:10:da:6e:0a:a9:01:4a:b6:10:a5:77:8d:
-         63:a7:80:a7:7b:7c:73:d4:e5:87:b6:64:32:96:2c:0b:b9:84:
-         b7:a5:3b:f2:55:b7:6a:fe:7b:dc:8a:20:75:77:0d:37:14:25:
-         b4:88:d2:da:7c:2e:6a:67:c9:a6:cd:19:80:49:53:90:d7:21:
-         29:c7:97:b3:1e:00
+         f9:2a:92:55:05:3d:74:24:8f:57:f4:91:e5:66:85:7c:53:11:
+         88:22:82:ea:a3:50:0f:c2:a6:8e:39:85:85:14:a3:d4:ac:4f:
+         66:fc:7e:b4:b3:f4:d7:5d:7c:9b:7f:c4:8e:3b:bc:d9:3a:cc:
+         91:91:00:5d:da:26:04:2c:ba:f9:c4:45:3a:d3:4f:80:1e:46:
+         9b:86:b8:56:ee:b2:e8:ba:26:47:28:2a:3d:cc:6a:51:33:c3:
+         8e:8b:c4:01:8c:cc:25:fd:b4:cb:c2:a3:46:ad:b7:9d:14:e6:
+         a6:02:39:07:34:00
 -----BEGIN CERTIFICATE-----
 MIIC6jCCAmqgAwIBAgIBATAFBgMrZXEwgbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk
 NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
 MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQB
-AQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG0MQsw
+AQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG0MQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
 MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMU2VydmVyLWVkNDQ4MRgw
 FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -52,7 +52,7 @@ Aes32akHzQG8nXAWwiwrdVtj2+46LUSSRrR7BwNPoq6GhtyLSyx/6GsUjVjdbedv
 OgWVqO8Ao4GJMIGGMB0GA1UdDgQWBBR8q1wSqWjYGBAofZLFSrhMTHYO2zAfBgNV
 HSMEGDAWgBQ4WUXo3UQstX2lJdYLzDnwcsCUYzAMBgNVHRMBAf8EAjAAMA4GA1Ud
 DwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMC
-BkAwBQYDK2VxA3MAhYc3BCE+KgnC48ooEij1pJjoFFTqEx78vMrrHH/gwVOsvg3/
-00kAME90ENpuCqkBSrYQpXeNY6eAp3t8c9Tlh7ZkMpYsC7mEt6U78lW3av573Iog
-dXcNNxQltIjS2nwuamfJps0ZgElTkNchKceXsx4A
+BkAwBQYDK2VxA3MA+SqSVQU9dCSPV/SR5WaFfFMRiCKC6qNQD8KmjjmFhRSj1KxP
+Zvx+tLP01118m3/Ejju82TrMkZEAXdomBCy6+cRFOtNPgB5Gm4a4Vu6y6LomRygq
+PcxqUTPDjovEAYzMJf20y8KjRq23nRTmpgI5BzQA
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
index 8c5ddf7b..c287ff39 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.der
diff --git a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
index 88921cc9..ed589ec4 100644
--- a/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
+++ b/extra/wolfssl/wolfssl/certs/ed448/server-ed448.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = Server-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -31,19 +31,19 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ED448
-         85:87:37:04:21:3e:2a:09:c2:e3:ca:28:12:28:f5:a4:98:e8:
-         14:54:ea:13:1e:fc:bc:ca:eb:1c:7f:e0:c1:53:ac:be:0d:ff:
-         d3:49:00:30:4f:74:10:da:6e:0a:a9:01:4a:b6:10:a5:77:8d:
-         63:a7:80:a7:7b:7c:73:d4:e5:87:b6:64:32:96:2c:0b:b9:84:
-         b7:a5:3b:f2:55:b7:6a:fe:7b:dc:8a:20:75:77:0d:37:14:25:
-         b4:88:d2:da:7c:2e:6a:67:c9:a6:cd:19:80:49:53:90:d7:21:
-         29:c7:97:b3:1e:00
+         f9:2a:92:55:05:3d:74:24:8f:57:f4:91:e5:66:85:7c:53:11:
+         88:22:82:ea:a3:50:0f:c2:a6:8e:39:85:85:14:a3:d4:ac:4f:
+         66:fc:7e:b4:b3:f4:d7:5d:7c:9b:7f:c4:8e:3b:bc:d9:3a:cc:
+         91:91:00:5d:da:26:04:2c:ba:f9:c4:45:3a:d3:4f:80:1e:46:
+         9b:86:b8:56:ee:b2:e8:ba:26:47:28:2a:3d:cc:6a:51:33:c3:
+         8e:8b:c4:01:8c:cc:25:fd:b4:cb:c2:a3:46:ad:b7:9d:14:e6:
+         a6:02:39:07:34:00
 -----BEGIN CERTIFICATE-----
 MIIC6jCCAmqgAwIBAgIBATAFBgMrZXEwgbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX2Vk
 NDQ4MREwDwYDVQQLDAhDQS1lZDQ0ODEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
 MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQB
-AQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIG0MQsw
+AQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIG0MQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEW
 MBQGA1UECgwNd29sZlNTTF9lZDQ0ODEVMBMGA1UECwwMU2VydmVyLWVkNDQ4MRgw
 FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -52,9 +52,9 @@ Aes32akHzQG8nXAWwiwrdVtj2+46LUSSRrR7BwNPoq6GhtyLSyx/6GsUjVjdbedv
 OgWVqO8Ao4GJMIGGMB0GA1UdDgQWBBR8q1wSqWjYGBAofZLFSrhMTHYO2zAfBgNV
 HSMEGDAWgBQ4WUXo3UQstX2lJdYLzDnwcsCUYzAMBgNVHRMBAf8EAjAAMA4GA1Ud
 DwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMC
-BkAwBQYDK2VxA3MAhYc3BCE+KgnC48ooEij1pJjoFFTqEx78vMrrHH/gwVOsvg3/
-00kAME90ENpuCqkBSrYQpXeNY6eAp3t8c9Tlh7ZkMpYsC7mEt6U78lW3av573Iog
-dXcNNxQltIjS2nwuamfJps0ZgElTkNchKceXsx4A
+BkAwBQYDK2VxA3MA+SqSVQU9dCSPV/SR5WaFfFMRiCKC6qNQD8KmjjmFhRSj1KxP
+Zvx+tLP01118m3/Ejju82TrMkZEAXdomBCy6+cRFOtNPgB5Gm4a4Vu6y6LomRygq
+PcxqUTPDjovEAYzMJf20y8KjRq23nRTmpgI5BzQA
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -63,8 +63,8 @@ Certificate:
         Signature Algorithm: ED448
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_Ed448, OU = Root-Ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_ed448, OU = CA-ed448, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: ED448
@@ -85,27 +85,27 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ED448
-         44:dc:1a:ae:76:a6:28:68:81:e9:27:c5:53:ea:96:92:04:0f:
-         a0:a9:cc:97:7c:9f:05:62:d7:bb:a2:df:5e:3d:52:87:ab:15:
-         35:cd:c5:e1:e7:c2:9a:c6:d8:20:46:6b:62:4b:0d:28:41:d2:
-         5e:11:80:4f:41:c2:23:bd:2b:b0:e1:e0:66:58:c1:aa:24:f8:
-         7b:98:99:79:31:2b:33:5e:95:3a:87:cc:cf:49:a5:87:3b:38:
-         9e:c2:be:de:45:34:55:25:78:3c:19:03:f3:62:14:a7:2a:9a:
-         2e:78:8b:6a:3a:00
+         24:d8:26:28:60:11:09:c1:a5:f9:a9:7f:a7:40:ed:a5:07:cb:
+         cb:3e:a1:6a:d3:45:6d:4c:e1:66:36:37:57:6a:34:5d:33:45:
+         b3:17:e1:18:76:57:df:fe:44:b4:ec:04:16:74:52:82:24:52:
+         1f:99:00:2d:42:a9:5c:45:1b:8d:b8:95:ce:0d:82:cb:52:8f:
+         e2:bd:20:19:6a:8a:79:29:f6:20:d3:e6:35:8c:27:1a:a4:64:
+         b7:ff:91:09:21:57:c6:11:c5:01:9a:98:54:31:37:7a:7b:ed:
+         35:a9:4d:13:19:00
 -----BEGIN CERTIFICATE-----
 MIICqDCCAiigAwIBAgIBATAFBgMrZXEwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRYwFAYDVQQKDA13b2xmU1NMX0Vk
 NDQ4MRMwEQYDVQQLDApSb290LUVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjEx
-NzUwWhcNMjUwOTExMjExNzUwWjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIx
+OTI5WhcNMjYwOTA4MjIxOTI5WjCBsDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01v
 bnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFjAUBgNVBAoMDXdvbGZTU0xfZWQ0NDgx
 ETAPBgNVBAsMCENBLWVkNDQ4MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAd
 BgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3
 b2xmU1NMMEMwBQYDK2VxAzoADuK0duXSzMJLe7ApvpL7w69ppZS6cCToo+/IY5rd
 pq9YQzgEJPAQkb6nAZFU889phUy5l4ykN6oAo2MwYTAdBgNVHQ4EFgQUOFlF6N1E
 LLV9pSXWC8w58HLAlGMwHwYDVR0jBBgwFoAU2mmYySZKdftZXlOaY0sMuIgLDx4w
-DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MARNwarnam
-KGiB6SfFU+qWkgQPoKnMl3yfBWLXu6LfXj1Sh6sVNc3F4efCmsbYIEZrYksNKEHS
-XhGAT0HCI70rsOHgZljBqiT4e5iZeTErM16VOofMz0mlhzs4nsK+3kU0VSV4PBkD
-82IUpyqaLniLajoA
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwBQYDK2VxA3MAJNgmKGAR
+CcGl+al/p0DtpQfLyz6hatNFbUzhZjY3V2o0XTNFsxfhGHZX3/5EtOwEFnRSgiRS
+H5kALUKpXEUbjbiVzg2Cy1KP4r0gGWqKeSn2INPmNYwnGqRkt/+RCSFXxhHFAZqY
+VDE3envtNalNExkA
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem b/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
index c4f712cc..ebd3e2dd 100644
--- a/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/entity-no-ca-bool-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = NoCaBool, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:FALSE, pathlen:0
@@ -46,27 +46,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication, TLS Web Server Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         22:6e:8b:b8:04:1b:db:85:37:85:51:80:3a:7f:68:19:e4:08:
-         d5:dc:e3:a3:2a:a0:20:d4:bd:fa:d5:78:58:10:40:92:e1:ea:
-         17:36:d7:9c:71:6c:df:e3:ed:71:78:e3:8c:82:b5:dc:cb:82:
-         7d:26:65:b5:31:98:b4:8b:76:19:c5:72:18:9d:b5:fc:de:2d:
-         eb:8e:07:db:5a:d9:13:34:ed:73:89:74:22:d2:b4:f9:bd:75:
-         4f:5a:ab:6d:fc:e8:8d:cd:32:22:f8:b2:a7:60:dd:3e:6e:a4:
-         1d:7f:02:53:c8:50:36:0e:90:55:43:73:6a:a3:ec:82:50:af:
-         56:0a:93:39:a9:43:48:55:fe:e8:94:84:d8:41:81:b8:3b:3e:
-         01:95:d7:69:b8:ec:a6:b4:73:73:2d:a4:30:d0:09:ad:6d:2c:
-         20:da:cd:30:ce:00:9f:81:cc:52:71:0e:32:1c:10:a4:f4:c4:
-         55:c5:b2:b2:66:97:bf:3b:d0:ae:1b:9b:1d:6c:4c:3f:2d:1a:
-         76:9c:31:96:dc:53:45:22:b1:e8:52:c6:54:25:85:d5:89:1f:
-         db:3a:e7:97:b4:1e:0d:17:94:21:1e:f9:be:d6:b7:c1:92:a7:
-         e2:d6:51:f4:c0:40:2f:17:6a:ab:85:5e:c4:0c:6e:cb:75:df:
-         f7:ba:0d:f0
+         44:6a:a0:11:85:71:72:c5:7c:84:36:aa:31:c4:4a:c0:99:0e:
+         fd:b9:78:69:0b:8c:58:b4:4c:01:04:65:f3:dd:ea:db:a2:1f:
+         d7:9d:cd:b4:6f:18:da:79:b8:35:c4:25:5e:61:a4:02:26:29:
+         33:be:72:e5:35:8f:2b:68:0a:87:03:97:3e:9e:00:e2:37:7f:
+         7a:c9:29:d8:fc:61:6b:3f:36:47:e2:66:e0:93:77:b7:75:46:
+         bb:0c:57:5c:af:7d:62:07:d9:0c:93:b7:5f:81:a6:9e:49:7b:
+         f8:0a:82:2a:2a:80:39:d8:91:c5:01:cb:aa:f4:d7:15:64:78:
+         5c:1e:b4:57:35:6c:19:f6:36:b8:35:96:ce:c6:a7:cb:12:56:
+         c1:58:0b:10:54:b0:d7:b0:1f:48:50:b2:16:96:c8:88:32:88:
+         25:bb:40:c3:c5:df:a2:74:04:84:21:c4:fe:fe:d3:08:50:4f:
+         85:f7:b2:6e:5e:b5:3e:47:19:c9:1a:81:0a:24:33:a5:04:90:
+         3f:c1:4d:f7:94:86:8f:78:82:4c:51:4e:37:84:1f:98:f2:91:
+         07:58:c0:f9:dc:4f:b6:a8:54:a0:b9:0b:43:3b:bd:b2:3c:d6:
+         ad:52:05:6d:95:6b:c5:9c:5f:f5:87:f9:3b:e2:b8:3a:3a:3f:
+         3f:06:df:10
 -----BEGIN CERTIFICATE-----
 MIIE2DCCA8CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxETAP
 BgNVBAsMCE5vQ2FCb29sMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
 hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
@@ -80,25 +80,25 @@ FgQU7/SLhs5179zh+CMeGrg7jZgJiOcwgdQGA1UdIwSBzDCByYAUJ45nEXTDJh0/
 7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
 YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UE
 CwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7bR50HZpI9aNfKrJBPymlBSzAM
+hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqobAHs9mDycFEKTNEU+rzpRDAM
 BgNVHRMEBTADAgEAMAsGA1UdDwQEAwIHgDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
-KwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBACJui7gEG9uFN4VRgDp/aBnkCNXc
-46MqoCDUvfrVeFgQQJLh6hc215xxbN/j7XF444yCtdzLgn0mZbUxmLSLdhnFchid
-tfzeLeuOB9ta2RM07XOJdCLStPm9dU9aq2386I3NMiL4sqdg3T5upB1/AlPIUDYO
-kFVDc2qj7IJQr1YKkzmpQ0hV/uiUhNhBgbg7PgGV12m47Ka0c3MtpDDQCa1tLCDa
-zTDOAJ+BzFJxDjIcEKT0xFXFsrJml7870K4bmx1sTD8tGnacMZbcU0UisehSxlQl
-hdWJH9s655e0Hg0XlCEe+b7Wt8GSp+LWUfTAQC8XaquFXsQMbst13/e6DfA=
+KwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggEBAERqoBGFcXLFfIQ2qjHESsCZDv25
+eGkLjFi0TAEEZfPd6tuiH9edzbRvGNp5uDXEJV5hpAImKTO+cuU1jytoCocDlz6e
+AOI3f3rJKdj8YWs/NkfiZuCTd7d1RrsMV1yvfWIH2QyTt1+Bpp5Je/gKgioqgDnY
+kcUBy6r01xVkeFwetFc1bBn2Nrg1ls7Gp8sSVsFYCxBUsNewH0hQshaWyIgyiCW7
+QMPF36J0BIQhxP7+0whQT4X3sm5etT5HGckagQokM6UEkD/BTfeUho94gkxRTjeE
+H5jykQdYwPncT7aoVKC5C0M7vbI81q1SBW2Va8WcX/WH+TviuDo6Pz8G3xA=
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -129,7 +129,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -138,27 +138,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -173,12 +173,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/fpki-cert.der b/extra/wolfssl/wolfssl/certs/fpki-cert.der
index c55dfcb3..560e31c0 100644
--- a/extra/wolfssl/wolfssl/certs/fpki-cert.der
+++ b/extra/wolfssl/wolfssl/certs/fpki-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/include.am b/extra/wolfssl/wolfssl/certs/include.am
index aeea7ee9..637b6b2d 100644
--- a/extra/wolfssl/wolfssl/certs/include.am
+++ b/extra/wolfssl/wolfssl/certs/include.am
@@ -3,115 +3,121 @@
 #
 
 EXTRA_DIST += \
-	     certs/ca-cert-chain.der \
-	     certs/ca-cert.pem \
-	     certs/ca-key.pem \
-	     certs/client-cert.pem \
-	     certs/client-keyEnc.pem \
-	     certs/client-key.pem \
-	     certs/client-uri-cert.pem \
-	     certs/client-absolute-urn.pem \
-	     certs/client-relative-uri.pem \
-	     certs/client-crl-dist.pem \
-	     certs/client-crl-dist.der \
-	     certs/ecc-key.pem \
-		 certs/ecc-keyPub.pem \
-	     certs/ecc-privkey.pem \
-	     certs/ecc-privkeyPkcs8.der \
-	     certs/ecc-privkeyPkcs8.pem \
-	     certs/ecc-keyPkcs8Enc.pem \
-	     certs/ecc-keyPkcs8Enc.der \
-	     certs/ecc-key-comp.pem \
-	     certs/ecc-keyPkcs8.pem \
-	     certs/ecc-keyPkcs8.der \
-	     certs/ecc-client-key.pem \
-	     certs/ecc-client-keyPub.pem \
-	     certs/client-ecc-cert.pem \
-	     certs/client-ca.pem \
-	     certs/dh2048.pem \
-	     certs/server-cert.pem \
-	     certs/server-ecc.pem \
-	     certs/server-ecc-self.pem \
-	     certs/server-ecc-comp.pem \
-	     certs/server-ecc-rsa.pem \
-	     certs/server-keyEnc.pem \
-	     certs/server-key.pem \
-		 certs/server-keyPub.pem \
-	     certs/server-keyPkcs8.der \
-	     certs/server-keyPkcs8Enc12.pem \
-	     certs/server-keyPkcs8Enc2.pem \
-	     certs/server-keyPkcs8Enc.pem \
-	     certs/server-keyPkcs8Enc.der \
-	     certs/server-keyPkcs8.pem \
-	     certs/server-revoked-cert.pem \
-	     certs/server-revoked-key.pem \
-	     certs/wolfssl-website-ca.pem \
-	     certs/test-degenerate.p7b \
-	     certs/test-ber-exp02-05-2022.p7b \
-	     certs/test-servercert.p12 \
-	     certs/test-servercert-rc2.p12 \
-	     certs/ecc-rsa-server.p12 \
-	     certs/dsaparams.der \
-	     certs/dsaparams.pem \
-	     certs/ecc-privOnlyKey.pem \
-	     certs/ecc-privOnlyCert.pem \
-	     certs/dh3072.pem \
-	     certs/dh4096.pem \
-	     certs/client-cert-ext.pem \
-	     certs/csr.attr.der \
-	     certs/csr.dsa.pem \
-	     certs/csr.signed.der \
-	     certs/csr.ext.der \
-	     certs/entity-no-ca-bool-cert.pem \
-	     certs/entity-no-ca-bool-key.pem \
-	     certs/x942dh2048.pem \
-	     certs/fpki-cert.der \
-	     certs/rid-cert.der
+             certs/ca-cert-chain.der \
+             certs/ca-cert.pem \
+             certs/ca-key.pem \
+             certs/client-cert.pem \
+             certs/client-keyEnc.pem \
+             certs/client-key.pem \
+             certs/client-uri-cert.pem \
+             certs/client-absolute-urn.pem \
+             certs/client-relative-uri.pem \
+             certs/client-crl-dist.pem \
+             certs/client-crl-dist.der \
+             certs/ecc-key.pem \
+             certs/ecc-keyPub.pem \
+             certs/ecc-params.der \
+             certs/ecc-params.pem \
+             certs/ecc-privkey.der \
+             certs/ecc-privkey.pem \
+             certs/ecc-privkeyPkcs8.der \
+             certs/ecc-privkeyPkcs8.pem \
+             certs/ecc-keyPkcs8Enc.pem \
+             certs/ecc-keyPkcs8Enc.der \
+             certs/ecc-key-comp.pem \
+             certs/ecc-keyPkcs8.pem \
+             certs/ecc-keyPkcs8.der \
+             certs/ecc-client-key.pem \
+             certs/ecc-client-keyPub.pem \
+             certs/client-ecc-cert.pem \
+             certs/client-ca.pem \
+             certs/dh2048.pem \
+             certs/server-cert.pem \
+             certs/server-ecc.pem \
+             certs/server-ecc-self.pem \
+             certs/server-ecc-comp.pem \
+             certs/server-ecc-rsa.pem \
+             certs/server-keyEnc.pem \
+             certs/server-key.pem \
+             certs/server-keyPub.der \
+             certs/server-keyPub.pem \
+             certs/server-keyPkcs8.der \
+             certs/server-keyPkcs8Enc12.pem \
+             certs/server-keyPkcs8Enc2.pem \
+             certs/server-keyPkcs8Enc.pem \
+             certs/server-keyPkcs8Enc.der \
+             certs/server-keyPkcs8.pem \
+             certs/server-revoked-cert.pem \
+             certs/server-revoked-key.pem \
+             certs/wolfssl-website-ca.pem \
+             certs/test-degenerate.p7b \
+             certs/test-ber-exp02-05-2022.p7b \
+             certs/test-servercert.p12 \
+             certs/test-servercert-rc2.p12 \
+             certs/ecc-rsa-server.p12 \
+             certs/dsaparams.der \
+             certs/dsaparams.pem \
+             certs/ecc-privOnlyKey.pem \
+             certs/ecc-privOnlyCert.pem \
+             certs/dh3072.pem \
+             certs/dh4096.pem \
+             certs/client-cert-ext.pem \
+             certs/csr.attr.der \
+             certs/csr.dsa.der \
+             certs/csr.dsa.pem \
+             certs/csr.signed.der \
+             certs/csr.ext.der \
+             certs/entity-no-ca-bool-cert.pem \
+             certs/entity-no-ca-bool-key.pem \
+             certs/x942dh2048.der \
+             certs/x942dh2048.pem \
+             certs/fpki-cert.der \
+             certs/rid-cert.der
 
 EXTRA_DIST += \
-	     certs/ca-key.der \
-	     certs/ca-cert.der \
-	     certs/client-cert.der \
-	     certs/client-key.der \
-	     certs/client-ecc-cert.der \
-	     certs/client-keyPub.der \
-	     certs/client-keyPub.pem \
-	     certs/dh2048.der \
-	     certs/dh3072.der \
-	     certs/dh4096.der \
-	     certs/dh-pubkey-2048.der \
-	     certs/rsa2048.der \
-	     certs/rsa-pub-2048.pem \
-	     certs/rsa3072.der \
-	     certs/dsa2048.der \
-	     certs/dsa3072.der \
-	     certs/dsa-pubkey-2048.der \
-	     certs/ecc-client-key.der \
-	     certs/ecc-client-keyPub.der \
-	     certs/ecc-key.der \
-	     certs/ecc-keyPub.der \
-	     certs/server-key.der \
-	     certs/server-cert.der \
-	     certs/server-ecc-comp.der \
-	     certs/server-ecc.der \
-	     certs/server-ecc-self.der \
-	     certs/server-ecc-rsa.der \
-	     certs/server-cert-chain.der \
-	     certs/client-cert-ext.der
+             certs/ca-key.der \
+             certs/ca-cert.der \
+             certs/client-cert.der \
+             certs/client-key.der \
+             certs/client-ecc-cert.der \
+             certs/client-keyPub.der \
+             certs/client-keyPub.pem \
+             certs/dh2048.der \
+             certs/dh3072.der \
+             certs/dh4096.der \
+             certs/dh-pubkey-2048.der \
+             certs/rsa2048.der \
+             certs/rsa-pub-2048.pem \
+             certs/rsa3072.der \
+             certs/dsa2048.der \
+             certs/dsa3072.der \
+             certs/dsa-pubkey-2048.der \
+             certs/ecc-client-key.der \
+             certs/ecc-client-keyPub.der \
+             certs/ecc-key.der \
+             certs/ecc-keyPub.der \
+             certs/server-key.der \
+             certs/server-cert.der \
+             certs/server-ecc-comp.der \
+             certs/server-ecc.der \
+             certs/server-ecc-self.der \
+             certs/server-ecc-rsa.der \
+             certs/server-cert-chain.der \
+             certs/client-cert-ext.der
 
 # ECC CA prime256v1
 EXTRA_DIST += \
-		 certs/ca-ecc-cert.der \
-		 certs/ca-ecc-cert.pem \
-		 certs/ca-ecc-key.der \
-		 certs/ca-ecc-key.pem
+              certs/ca-ecc-cert.der \
+              certs/ca-ecc-cert.pem \
+              certs/ca-ecc-key.der \
+              certs/ca-ecc-key.pem
 
 # ECC CA SECP384R1
 EXTRA_DIST += \
-		 certs/ca-ecc384-cert.der \
-		 certs/ca-ecc384-cert.pem \
-		 certs/ca-ecc384-key.der \
-		 certs/ca-ecc384-key.pem
+              certs/ca-ecc384-cert.der \
+              certs/ca-ecc384-cert.pem \
+              certs/ca-ecc384-key.der \
+              certs/ca-ecc384-key.pem
 
 dist_doc_DATA+= certs/taoCert.txt
 
@@ -123,6 +129,7 @@ include certs/ecc/include.am
 include certs/ed25519/include.am
 include certs/ed448/include.am
 include certs/p521/include.am
+include certs/sm2/include.am
 include certs/external/include.am
 include certs/ocsp/include.am
 include certs/statickeys/include.am
@@ -133,4 +140,5 @@ include certs/falcon/include.am
 include certs/rsapss/include.am
 include certs/dilithium/include.am
 include certs/sphincs/include.am
+include certs/rpk/include.am
 
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
index 860e92d5..39abb1b1 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
index 5e9afd58..94750522 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-cert.pem
@@ -5,79 +5,79 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:57 2020 GMT
-            Not After : Jun 11 19:17:57 2040 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 22 12:10:09 2043 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
-                    00:f2:23:28:f7:81:43:f0:63:b9:f2:77:7e:30:1a:
-                    40:6b:e1:dd:6b:41:36:ee:7d:58:23:dc:56:e9:bb:
-                    e8:3b:11:58:c3:c3:b7:eb:98:5a:e9:76:12:cd:ef:
-                    77:09:25:d3:6c:e6:3a:49:68:50:90:d7:32:e0:18:
-                    d6:05:df:f7:9e:d2:8f:7b:b5:91:5c:bf:3e:09:81:
-                    dd:79:ed:44:c2:93:f5:9d:a4:cb:0a:6b:63:b4:f0:
-                    ee:d1:dd:6c:e7:c6:b7:f1:30:d4:b7:54:28:18:11:
-                    fc:25:ac:5b:f1:b3:19:13:47:7d:7e:d9:45:97:3c:
-                    bb:b9:42:70:06:94:55:23:15:0b:84:ca:0c:15:c1:
-                    6e:1a:1c:f9:54:c9:e6:e3:b8:c1:45:e5:5a:89:e1:
-                    f1:1b:1d:81:b7:34:07:17:28:5b:10:c7:a6:21:eb:
-                    5d:89:11:a3:d0:39:60:34:ea:e1:75:fa:b8:7c:ee:
-                    c5:3f:64:6a:1d:b8:d8:a4:b2:82:98:31:11:e8:b5:
-                    20:2d:03:e5:d1:61:35:a4:4b:b5:ad:a6:b7:72:71:
-                    3e:86:38:0e:38:b6:5d:b5:ab:bf:3a:ba:1e:32:76:
-                    ba:54:4d:05:ca:4e:e2:83:df:30:64:11:9e:99:93:
-                    3b:a6:fb:3b:df:7d:90:02:f4:b4:f1:e8:41:31:78:
-                    02:3f
+                    00:c3:a2:73:5d:21:62:20:ce:3a:71:38:a7:94:bb:
+                    db:87:04:1c:5a:1b:9e:4b:0d:3e:ca:f8:a5:f7:0d:
+                    6a:dc:23:90:22:6a:2b:58:63:4a:28:6a:48:a8:e7:
+                    73:1f:a2:55:d8:4d:02:3b:e2:cb:6b:e2:83:c9:51:
+                    8f:77:fd:dc:2d:5d:23:b7:23:9a:7e:b6:29:68:e8:
+                    2a:4e:a9:fe:32:70:31:9e:f0:ef:ee:f8:8d:e3:fc:
+                    f3:d7:28:dd:7a:1d:9e:ad:23:2b:f1:a6:7f:34:52:
+                    29:66:d2:e5:64:55:64:d6:dd:4b:41:3b:55:83:6e:
+                    c0:11:0e:6e:20:c2:16:73:eb:30:ff:09:46:bb:e7:
+                    cc:c6:03:44:41:11:c6:c1:6c:36:2f:4a:f9:91:55:
+                    ca:58:5e:37:b8:28:10:30:89:40:96:77:cf:70:66:
+                    a4:55:fb:69:0b:e7:d9:b2:33:65:db:72:3a:77:b7:
+                    2b:49:fc:b6:cd:58:10:8d:ab:aa:cb:40:45:77:02:
+                    39:18:b3:8f:33:01:48:77:50:be:8e:73:a7:de:36:
+                    a0:49:8e:2c:16:af:b9:fb:42:2d:35:6a:db:34:37:
+                    d5:14:59:7d:65:72:e5:8b:65:55:4b:20:5e:47:f9:
+                    f8:3a:d3:6c:d9:3a:f5:c7:01:46:31:c3:79:9a:18:
+                    be:49
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
-                83:1C:F1:98:85:EC:6E:06:45:34:DE:51:C0:BA:B7:2B:67:32:66:4D
+                EF:69:E0:F7:D5:1D:E6:99:EC:DC:6D:D0:F7:E2:B9:5C:64:71:83:35
             X509v3 Authority Key Identifier: 
-                keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
-
+                27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
             X509v3 Basic Constraints: critical
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         7d:0d:5c:2a:19:e7:ee:5f:ca:2d:d4:59:54:b9:ca:33:18:3a:
-         e3:22:2c:18:70:bb:c5:58:45:d9:82:bc:80:5d:90:d9:02:34:
-         6c:1a:4f:f1:6b:59:4e:cd:e1:ea:27:80:e6:e2:d8:7e:af:2b:
-         ac:c1:62:e0:4d:e9:e6:74:99:fe:c0:50:cb:d3:7d:e5:2b:82:
-         0d:67:0d:14:b5:2c:6a:a2:7a:c2:dd:08:a7:40:2a:8f:a1:bf:
-         4d:53:75:5d:dd:c3:82:e5:e4:1f:04:b0:b6:a7:cc:55:6c:b4:
-         d4:74:9e:9a:36:37:f0:32:69:97:44:fb:d2:22:1a:8b:95:34:
-         44:32:cc:2a:a9:76:f7:12:c7:b9:9b:f1:e5:a7:c7:d5:6d:12:
-         ec:00:1d:21:b2:13:f2:33:e0:ea:e0:c8:63:7c:dd:06:c7:3c:
-         ba:a4:bd:a0:9b:8d:a1:1a:7d:3a:d7:c9:f3:35:4e:c5:76:6b:
-         6d:50:d1:95:23:e8:c0:7f:3d:3f:45:08:10:77:6b:29:68:cc:
-         dd:b6:20:f8:c1:15:4c:6f:e2:ab:9d:61:13:dd:bc:c5:e7:98:
-         cc:23:29:ba:1c:b6:21:c0:b0:b6:e9:de:2b:43:d7:ca:7b:28:
-         6a:fa:4c:c9:39:4d:e1:40:ed:e6:c0:16:9d:69:b2:f9:bf:db:
-         50:27:3c:b3
+    Signature Value:
+        83:d7:44:cb:2d:2e:1e:83:47:9b:e0:24:24:89:90:12:96:a8:
+        f4:c7:ac:ea:8c:dc:ff:93:40:bb:a2:3a:57:60:fd:94:b1:e2:
+        c9:56:be:a5:12:b5:b9:2a:50:57:48:fd:5b:90:96:7b:52:d3:
+        a4:3f:a2:3c:cb:2e:2d:a9:19:17:9a:30:b0:49:cd:78:25:98:
+        1e:f5:3b:37:fa:ec:cb:4d:45:46:b8:45:7f:97:b6:f3:79:e6:
+        2d:31:75:2c:80:f9:db:3b:af:94:31:6b:63:e4:5b:78:7f:6d:
+        52:84:22:60:56:3b:37:0f:8b:7b:5f:5c:f6:f3:f0:1f:d9:00:
+        8b:2a:ca:df:0e:03:94:90:d0:f4:ef:a5:47:8a:b6:7c:db:cf:
+        05:47:70:73:5d:b2:41:44:a0:a0:0e:62:39:7f:cc:06:87:13:
+        35:74:8c:9e:2c:46:2e:e5:0a:d3:92:7a:83:8d:22:8c:06:b3:
+        2f:0d:5c:26:9a:e4:19:cb:61:45:5a:2a:cb:8e:91:e6:63:58:
+        38:c3:14:db:07:8d:1a:9e:dd:f1:07:58:71:de:3d:0b:6c:c1:
+        98:8b:66:33:26:d9:61:db:01:c7:30:b8:e8:0a:bf:7a:58:6b:
+        98:6c:a7:3c:2c:f8:60:b7:05:7b:73:8b:d6:c5:c8:d5:5a:25:
+        03:df:e7:fc
 -----BEGIN CERTIFICATE-----
 MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
 jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
index 4daec9a0..5cee2eab 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
index 279ecc60..c8542f03 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int-ecc-cert.pem
@@ -5,48 +5,48 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 11 19:17:58 2040 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 22 12:10:09 2043 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA ECC, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:c6:9c:cd:8f:e5:ec:5b:d8:b0:fc:91:20:e2:0b:
-                    3b:51:53:54:4b:89:43:8e:00:de:91:ae:d3:90:f3:
-                    85:dc:cc:3d:11:08:15:76:82:e2:92:35:4a:d4:45:
-                    8e:83:36:82:62:b8:4d:07:85:0b:a5:54:e0:14:e8:
-                    93:de:7f:92:e8
+                    04:95:df:1c:b2:9e:20:a9:1d:a2:5b:ab:5c:9b:a8:
+                    66:06:29:e6:b2:d8:e3:14:a6:c3:c1:b4:ad:4d:44:
+                    18:20:1e:5d:67:fd:15:1d:6d:25:e1:17:b1:71:ca:
+                    85:03:f0:d2:af:41:66:46:36:6d:ea:41:cb:4f:c8:
+                    4a:d0:a0:61:8c
                 ASN1 OID: prime256v1
                 NIST CURVE: P-256
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
-                13:B5:79:59:32:B3:BB:B4:47:B3:34:0E:80:C0:83:1E:AA:82:C8:5B
+                97:1D:60:C3:87:22:59:9B:60:1F:84:B4:99:1C:88:4D:BF:DA:1E:6E
             X509v3 Authority Key Identifier: 
-                keyid:56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
-
+                56:8E:9A:C3:F0:42:DE:18:B9:45:55:6E:F9:93:CF:EA:C3:F3:A5:21
             X509v3 Basic Constraints: critical
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:8a:51:91:f6:92:c5:4a:69:65:db:5b:90:c3:
-         90:6a:c0:96:e7:26:7a:af:18:91:2c:6b:67:55:40:18:6c:c1:
-         a6:02:21:00:96:cc:9d:37:ad:ea:79:52:6e:4d:41:93:db:64:
-         7f:e7:42:b9:f1:12:90:f4:84:5c:73:b1:21:d8:fb:55:fe:6f
+    Signature Value:
+        30:46:02:21:00:e1:e7:6f:05:9e:1d:62:41:4e:9d:1e:38:67:
+        e9:9e:3b:65:dc:15:fc:eb:32:85:84:5e:02:f3:8e:7b:12:f7:
+        99:02:21:00:92:77:65:b1:bd:fb:b2:a4:41:87:c9:9e:3d:e0:
+        39:02:f3:db:42:31:bf:fb:6d:fd:74:be:a3:e3:74:fc:f5:64
 -----BEGIN CERTIFICATE-----
 MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
 uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
index 564f83a2..f6af1f13 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
index 4411ea1d..9f74b4f9 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-cert.pem
@@ -5,80 +5,80 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:57 2020 GMT
-            Not After : Jun 11 19:17:57 2040 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 22 12:10:09 2043 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
-                    00:a0:2f:a1:02:30:5d:19:a1:8e:44:86:d4:93:f7:
-                    f1:53:ba:3f:d2:24:df:ff:cb:af:8f:a6:e7:f9:87:
-                    9a:1f:00:cc:8f:40:86:78:3a:1b:9a:78:0e:e3:6e:
-                    da:f3:e7:6c:57:76:31:cf:03:21:9a:c8:79:29:60:
-                    db:ee:d8:a9:15:b4:67:5b:77:9a:86:f9:db:43:cc:
-                    a2:0f:91:e6:70:4f:1e:6e:14:b1:8d:f0:a1:e5:39:
-                    77:a1:92:97:88:4a:26:f1:88:98:24:6c:fd:46:e2:
-                    71:07:5d:af:d4:bc:a8:8c:5d:ee:43:08:da:a7:ec:
-                    09:51:ed:ad:cd:75:8b:58:c7:a1:98:56:e7:19:78:
-                    93:4b:53:77:b7:da:79:7d:70:84:bb:1d:e9:a0:3c:
-                    02:bc:a7:96:fa:bb:98:90:ae:35:19:d0:e7:64:1e:
-                    9d:09:a1:06:f2:c2:fd:cb:a3:29:2c:c0:79:f8:e9:
-                    e9:93:67:8c:35:2e:a1:49:a0:34:6c:38:1d:6b:4c:
-                    a5:ba:c7:84:80:95:17:12:cb:dd:a7:f6:2e:2c:c7:
-                    0f:c1:54:1f:97:6c:01:3b:da:2e:c7:dc:53:c9:26:
-                    e6:9a:66:a8:7f:55:fa:cd:72:18:69:87:4e:8c:e4:
-                    02:dd:f7:31:1a:a3:6e:cd:88:43:70:b4:34:6d:a6:
-                    86:75
+                    00:cf:c9:3d:59:01:9f:1d:77:91:56:cb:ab:06:82:
+                    c1:81:31:9a:e2:f9:c6:f9:a3:40:2d:86:42:d7:5f:
+                    41:a5:05:42:0f:5f:2b:6b:bd:29:92:e5:52:c6:5c:
+                    f9:7e:9d:fb:8e:d6:69:8c:03:91:87:1c:1f:bf:24:
+                    59:44:cc:ef:af:92:2a:06:e1:a1:01:5b:04:57:8a:
+                    1a:b6:04:e2:c2:3c:10:3c:42:31:01:aa:c3:f2:32:
+                    1e:01:95:d0:91:a7:66:c1:22:68:36:53:2a:52:03:
+                    eb:b5:9b:82:01:24:f9:d1:ae:fb:53:4c:5a:06:e5:
+                    6e:5a:d6:ac:5b:28:1a:53:e8:d7:a5:ce:6e:9c:34:
+                    c3:08:0b:cb:2f:8e:df:ef:8c:35:f5:b0:bc:5d:0f:
+                    ae:0a:4a:cf:54:01:d2:3c:b4:78:ee:48:10:56:80:
+                    4f:83:87:4e:67:1f:4f:17:2e:3e:2d:f5:6d:c9:07:
+                    a2:3e:32:92:0f:1e:a4:0b:55:a6:1f:84:ef:9d:75:
+                    ef:66:7c:75:f7:e7:40:3a:9c:c1:33:42:3d:2f:7f:
+                    99:5d:7b:04:d5:a9:6c:41:e8:89:16:58:fd:3a:a0:
+                    04:bd:77:d6:63:5e:6a:13:59:37:5f:f1:59:01:45:
+                    48:9c:8b:f7:16:f4:50:f7:5a:b4:5a:33:f6:f5:41:
+                    c1:3d
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
-                7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
+                0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
             X509v3 Authority Key Identifier: 
-                keyid:83:1C:F1:98:85:EC:6E:06:45:34:DE:51:C0:BA:B7:2B:67:32:66:4D
-
+                EF:69:E0:F7:D5:1D:E6:99:EC:DC:6D:D0:F7:E2:B9:5C:64:71:83:35
             X509v3 Basic Constraints: critical
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0c:72:99:ed:e7:03:58:c2:2b:88:d2:aa:43:31:84:18:2f:de:
-         c5:5d:e0:20:d8:54:3c:5e:2b:87:2a:9f:96:b1:ef:be:d7:c7:
-         27:71:68:ac:71:61:b8:6e:d1:aa:4b:2f:ef:d4:37:e7:bb:87:
-         90:63:48:38:9b:20:15:bd:bc:af:8a:b4:af:53:91:8e:84:11:
-         14:ea:6f:85:f4:4e:ba:0a:49:91:b3:19:99:2a:d1:f9:a7:a7:
-         6b:fd:7f:78:88:7b:d3:7d:2c:b1:9f:70:15:1a:db:86:9b:ce:
-         b7:07:25:ec:39:8c:59:a3:d2:d1:cc:18:15:14:a0:85:4d:4f:
-         fb:9a:47:2f:dc:66:c7:7d:7c:12:89:48:58:d4:cb:1a:1b:12:
-         ba:9c:ed:5c:8c:bf:72:0e:5f:8e:42:34:4b:6c:3e:04:6f:d9:
-         50:e3:28:93:6b:13:fd:6b:d6:2d:1b:cd:fb:fe:0b:a3:8c:df:
-         c8:e6:ad:9e:69:8a:93:96:d7:84:31:bb:ca:f2:db:e2:18:c9:
-         f1:91:8a:c7:06:9f:c2:0a:e9:b4:5f:e3:7b:20:fc:1a:16:1c:
-         02:53:12:cd:66:45:55:6e:b1:c0:95:2d:2b:d6:19:b8:99:4e:
-         1f:1b:9c:fb:b9:fe:8c:7e:32:57:f3:80:e9:f8:be:25:2f:03:
-         46:3c:b3:0a
+    Signature Value:
+        86:c3:f8:62:d2:10:a0:b4:da:78:e9:85:c5:99:04:24:9e:77:
+        1a:58:a4:9f:26:c7:58:5b:b8:76:80:57:ce:20:a4:e5:de:21:
+        21:3d:70:01:4d:0f:6d:5a:f6:3d:48:68:d2:38:c5:ea:d4:9f:
+        a4:00:b2:e4:de:70:6b:58:b9:a2:a9:9b:dd:a6:a6:8e:6c:c4:
+        f9:5f:d7:17:45:85:be:e8:2f:fb:d2:82:d2:ab:2c:e2:ff:35:
+        20:b4:6c:06:7e:08:51:7a:af:19:73:58:f3:a8:48:65:0a:4f:
+        67:44:7e:c0:fd:4b:94:94:b1:4c:56:85:7a:31:af:09:03:fa:
+        cc:5d:85:55:0b:ac:1b:6a:c9:aa:c4:bb:e4:e0:ad:42:38:f1:
+        6f:74:d7:db:0c:ca:01:e0:f3:4a:c7:eb:f2:6e:30:c6:8e:a3:
+        cf:5a:45:0f:7f:98:92:31:20:fc:26:21:34:15:06:4f:29:a3:
+        5c:15:11:5b:04:94:d5:2c:9b:1e:5b:61:65:dc:6e:6c:00:05:
+        01:ce:2b:48:54:f9:91:2b:4c:8c:bb:db:94:b5:08:53:11:97:
+        15:01:bc:65:28:b6:a2:83:5f:f0:d8:79:84:17:27:75:2a:54:
+        c8:07:31:d7:50:05:51:07:4f:57:c8:bf:49:75:35:a1:39:af:
+        66:ec:26:e1
 -----BEGIN CERTIFICATE-----
 MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
 TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
 BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
 U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
index aecf9592..a6904cc0 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
index f2022a4e..20a06351 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/ca-int2-ecc-cert.pem
@@ -5,49 +5,49 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate CA ECC, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 11 19:17:58 2040 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 22 12:10:09 2043 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
                 pub:
-                    04:ea:16:28:2c:27:5e:41:99:05:28:8b:99:fa:c5:
-                    a2:74:3c:15:4d:52:f4:4b:2d:83:34:82:8e:d5:b6:
-                    3f:61:d0:87:eb:f8:4c:06:5e:ed:66:1e:8c:ca:a4:
-                    f6:2a:76:4f:d7:26:09:4c:1e:89:b9:18:8e:d2:a3:
-                    66:3c:1b:3d:cb
+                    04:c7:b4:a9:9f:32:fb:a2:8f:6a:f3:2e:c1:5d:ca:
+                    08:ec:c6:9f:13:ad:f5:3e:9d:75:f7:e4:f2:16:99:
+                    37:f7:89:73:cf:54:81:5f:16:0c:04:78:85:33:ef:
+                    92:a2:f7:86:3f:c7:a1:ba:0a:74:17:c2:45:7a:77:
+                    13:a9:13:fd:d3
                 ASN1 OID: prime256v1
                 NIST CURVE: P-256
         X509v3 extensions:
             X509v3 Subject Key Identifier: 
-                1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
+                9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
             X509v3 Authority Key Identifier: 
-                keyid:13:B5:79:59:32:B3:BB:B4:47:B3:34:0E:80:C0:83:1E:AA:82:C8:5B
-
+                97:1D:60:C3:87:22:59:9B:60:1F:84:B4:99:1C:88:4D:BF:DA:1E:6E
             X509v3 Basic Constraints: critical
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:20:4f:1b:d1:e1:d7:8e:73:b5:8b:f7:4d:0b:3d:fc:
-         12:bc:6f:7c:ad:b9:12:70:30:37:41:27:ec:6b:35:06:8e:47:
-         02:21:00:a1:55:91:b7:68:1e:32:66:37:68:10:0a:9f:36:ee:
-         c3:97:2b:85:b8:3c:47:3c:4a:ed:13:c5:5b:59:bc:b5:29
+    Signature Value:
+        30:46:02:21:00:85:d2:26:f9:75:6a:4b:e9:76:88:bb:37:d0:
+        96:e6:bc:24:d0:8f:67:51:18:cf:69:58:b7:da:7b:c1:a3:da:
+        41:02:21:00:fd:b7:36:be:ac:7c:43:6c:88:a8:b2:9b:2a:36:
+        21:2e:64:20:dc:b5:9d:09:95:5b:33:29:93:88:9b:67:cb:0d
 -----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
 bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
 ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
index f3da8682..b6c7ce2a 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt-ecc.pem
@@ -3,70 +3,70 @@ MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
 9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
 f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
 bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
 ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
 uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
index d1e4672c..5a6f4d13 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-alt.pem
@@ -3,7 +3,7 @@ MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,83 +14,83 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
 hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
 s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
 obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
 TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
 BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
 U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
 jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
index 5607711f..e377962f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
index bc3a2a33..4fba298d 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain-ecc.pem
@@ -3,48 +3,48 @@ MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
 9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
 f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
 bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
 ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
 uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
index 3e38c936..9a7af954 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
index 328737b2..c8646b29 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-chain.pem
@@ -3,7 +3,7 @@ MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,61 +14,61 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
 hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
 s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
 obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
 TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
 BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
 U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
 jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
index e9f26c9e..f0c079e9 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
index 0a999e3a..ecca9d96 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-cert.pem
@@ -5,12 +5,12 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 14 19:17:58 2030 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 24 12:10:09 2033 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Client Chain, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
                     00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b:
                     2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07:
@@ -39,34 +39,34 @@ Certificate:
             X509v3 Subject Key Identifier: 
                 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0
             X509v3 Authority Key Identifier: 
-                keyid:7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
-
+                0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
             X509v3 Key Usage: critical
                 Digital Signature, Non Repudiation, Key Encipherment
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication, E-mail Protection
     Signature Algorithm: sha256WithRSAEncryption
-         3d:fb:9c:0e:c4:33:4d:23:92:85:2d:4a:57:49:73:40:15:2a:
-         ff:c2:7b:e5:66:75:6a:06:de:bd:09:8b:fd:f2:41:e5:b8:af:
-         96:5c:d5:9e:6f:a0:52:fa:10:12:b0:71:8d:20:43:99:16:2a:
-         39:46:ed:f5:3a:b3:03:35:9d:85:1e:e7:ee:f9:61:4b:9d:20:
-         a2:16:76:69:67:77:06:83:f5:c0:97:0c:d9:b1:b5:d6:7d:77:
-         c0:93:27:a9:27:f0:31:b4:ac:8d:73:3c:f1:73:19:74:af:f7:
-         67:07:68:bd:c5:28:93:88:dd:90:b1:12:9f:64:a6:ba:c4:c0:
-         46:7c:e3:0a:db:ae:c7:39:6c:9c:01:0a:ba:64:db:74:e5:02:
-         72:38:cd:8e:b2:2e:ef:18:c2:a6:e7:6d:3f:8f:c4:92:ca:ad:
-         e0:0c:8a:f2:48:ca:e1:1c:c9:20:a6:de:d3:c5:23:54:7d:10:
-         c7:db:f5:8c:39:b2:79:51:3f:f3:d7:15:f2:22:47:9b:7b:00:
-         d8:54:e3:c0:73:21:68:7c:d6:f2:cc:fa:b3:27:85:a8:2a:65:
-         c7:6d:85:d1:77:62:79:cf:64:3d:24:6c:cc:d2:5b:bc:fe:fa:
-         a9:a3:e9:85:85:1f:87:8d:6d:6f:db:f0:a4:b6:59:a8:f1:37:
-         a5:8d:3f:9d
+    Signature Value:
+        c5:68:d3:86:36:7d:ce:fc:3d:fb:e6:44:1c:e6:60:9b:8a:43:
+        ec:e9:c9:ae:6c:90:6b:8e:45:d1:e4:1b:8e:08:42:89:2c:39:
+        81:c3:da:47:cd:5b:0b:d9:5b:d2:97:2b:6b:12:00:24:eb:e4:
+        0a:1d:b5:7c:50:e1:8c:c7:f3:ff:81:c7:8c:85:e5:50:0b:83:
+        1d:e0:aa:1c:72:8e:38:63:b1:f7:90:58:d2:9d:e3:a5:c3:03:
+        27:cb:f3:c9:ed:28:4f:61:9b:ea:09:65:d5:09:fc:f6:57:7e:
+        6f:70:55:13:66:fa:06:66:72:1c:da:4d:13:34:60:0b:87:9f:
+        2b:b2:56:ac:62:80:6e:e7:5a:30:a3:eb:2c:38:2c:a9:a8:7a:
+        08:b1:16:89:99:54:4c:8e:8b:30:f9:42:66:4f:5f:76:2b:a1:
+        85:99:dc:d6:a2:d5:35:58:7e:ab:e0:8b:9f:5b:6b:c1:e2:bc:
+        20:df:7a:cb:29:a7:dc:5e:9f:62:8a:63:f3:21:e6:19:5c:9a:
+        aa:75:26:f4:f1:a8:a9:57:39:e5:83:66:e4:56:d3:11:fd:3b:
+        fa:04:47:f3:df:e4:a0:b4:08:ec:4f:29:ff:ec:84:17:62:f7:
+        6d:79:cd:52:18:60:95:db:a1:1f:1a:80:11:26:73:db:de:eb:
+        47:5e:e4:ab
 -----BEGIN CERTIFICATE-----
 MIIESzCCAzOgAwIBAgICEAMwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBDbGllbnQgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ QJxM79GG3zdRGwyhO/Xxo0o15OHOlt8bfr9Ol9AQ6KgIMIGvIAtDFMV0Z7Qygm+N
 hsKIQJk2g7oeQHIiF9dSZSRzsM7vGc2u/3hse8ASA9ROcg1QbTujO6OZXp3I2QyF
 s9mK2VQm2236rLv/JUzE0Xn0cdOGQBgTsGO1ck4wxJeEhi1WL9cV93/ArvX8W+X7
 obrTAgMBAAGjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYD
-VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFHqLHU6jQMjO
-WF+N/P9GLHVB2QNeMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
-AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAD37nA7EM00jkoUtSldJc0AV
-Kv/Ce+VmdWoG3r0Ji/3yQeW4r5Zc1Z5voFL6EBKwcY0gQ5kWKjlG7fU6swM1nYUe
-5+75YUudIKIWdmlndwaD9cCXDNmxtdZ9d8CTJ6kn8DG0rI1zPPFzGXSv92cHaL3F
-KJOI3ZCxEp9kprrEwEZ84wrbrsc5bJwBCrpk23TlAnI4zY6yLu8YwqbnbT+PxJLK
-reAMivJIyuEcySCm3tPFI1R9EMfb9Yw5snlRP/PXFfIiR5t7ANhU48BzIWh81vLM
-+rMnhagqZcdthdF3YnnPZD0kbMzSW7z++qmj6YWFH4eNbW/b8KS2WajxN6WNP50=
+VR0OBBYEFDPYRWbXaIcYflQNcCeRxybXhWXAMB8GA1UdIwQYMBaAFA3JYCBDWIHg
+miHvZhbcbiEl3ytFMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggEBAMVo04Y2fc78PfvmRBzmYJuK
+Q+zpya5skGuORdHkG44IQoksOYHD2kfNWwvZW9KXK2sSACTr5AodtXxQ4YzH8/+B
+x4yF5VALgx3gqhxyjjhjsfeQWNKd46XDAyfL88ntKE9hm+oJZdUJ/PZXfm9wVRNm
++gZmchzaTRM0YAuHnyuyVqxigG7nWjCj6yw4LKmoegixFomZVEyOizD5QmZPX3Yr
+oYWZ3Nai1TVYfqvgi59ba8HivCDfesspp9xen2KKY/Mh5hlcmqp1JvTxqKlXOeWD
+ZuRW0xH9O/oER/Pf5KC0COxPKf/shBdi9215zVIYYJXboR8agBEmc9ve60de5Ks=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
index 794f5eea..05fc6b8e 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
index e69590f1..b43c07c7 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/client-int-ecc-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 14 19:17:58 2030 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 24 12:10:09 2033 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Client Chain ECC, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -27,31 +27,31 @@ Certificate:
             X509v3 Subject Key Identifier: 
                 EB:D4:4B:59:6B:95:61:3F:51:57:B6:04:4D:89:41:88:44:5C:AB:F2
             X509v3 Authority Key Identifier: 
-                keyid:1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
-
+                9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
             X509v3 Key Usage: critical
                 Digital Signature, Non Repudiation, Key Encipherment
             X509v3 Extended Key Usage: 
                 TLS Web Client Authentication, E-mail Protection
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:ae:82:3d:35:16:73:d5:1e:e5:a7:34:cf:27:
-         70:42:99:dc:59:5a:8a:36:25:37:81:89:c5:84:a6:95:80:9d:
-         ad:02:21:00:d9:8e:1d:7e:6d:24:a0:7e:31:82:25:09:e8:e1:
-         d8:b6:ba:4e:99:5f:b9:4d:e3:66:3e:11:61:ba:e2:2a:7a:e3
+    Signature Value:
+        30:46:02:21:00:e0:fb:6a:5b:eb:b9:b8:b5:5f:a5:dc:8a:1b:
+        e7:44:b5:9c:fa:44:a4:b5:4a:ff:8a:34:3d:87:12:6c:b7:e2:
+        0b:02:21:00:f0:9e:42:72:dc:98:5f:51:88:2a:44:de:52:d8:
+        56:d3:23:1f:44:12:04:ca:e0:6c:3e:43:9e:45:c6:44:dc:68
 -----BEGIN CERTIFICATE-----
 MIICyDCCAm2gAwIBAgICEAcwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgQ2xpZW50IENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFW/9A9EUJo9zpu38MVN
 9XB71OwkjhmA7FpMoiQDYiyb2u+iNRJDhHYWxlaVBswBqb32dRpC972psjYiX8dd
 f7SjgZAwgY0wCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBaAwHQYDVR0OBBYE
-FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFBv0vZAodGTjM16LZKf8
-r7ryuVXlMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
-BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAK6CPTUWc9Ue5ac0zydwQpncWVqKNiU3
-gYnFhKaVgJ2tAiEA2Y4dfm0koH4xgiUJ6OHYtrpOmV+5TeNmPhFhuuIqeuM=
+FOvUS1lrlWE/UVe2BE2JQYhEXKvyMB8GA1UdIwQYMBaAFJ+ue3pwgARVK8a3DFt5
+5BJBZTEpMA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwCgYIKoZIzj0EAwIDSQAwRgIhAOD7alvrubi1X6XcihvnRLWc+kSktUr/
+ijQ9hxJst+ILAiEA8J5CctyYX1GIKkTeUthW0yMfRBIEyuBsPkOeRcZE3Gg=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh b/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
index 68e61dd3..8ed892f2 100755
--- a/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/intermediate/genintcerts.sh
@@ -262,6 +262,10 @@ echo "Assemble test chains - peer first, then intermediate2, then intermediate"
 openssl x509 -in ./certs/intermediate/server-int-cert.pem  > ./certs/intermediate/server-chain.pem
 openssl x509 -in ./certs/intermediate/ca-int2-cert.pem    >> ./certs/intermediate/server-chain.pem
 openssl x509 -in ./certs/intermediate/ca-int-cert.pem     >> ./certs/intermediate/server-chain.pem
+
+openssl x509 -in ./certs/intermediate/server-int-cert.pem  > ./certs/intermediate/server-chain-short.pem
+openssl x509 -in ./certs/intermediate/ca-int2-cert.pem    >> ./certs/intermediate/server-chain-short.pem
+
 cat ./certs/intermediate/server-int-cert.der ./certs/intermediate/ca-int2-cert.der ./certs/intermediate/ca-int-cert.der > ./certs/intermediate/server-chain.der
 
 openssl x509 -in ./certs/intermediate/client-int-cert.pem  > ./certs/intermediate/client-chain.pem
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/include.am b/extra/wolfssl/wolfssl/certs/intermediate/include.am
index d3c469e9..f480880d 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/include.am
+++ b/extra/wolfssl/wolfssl/certs/intermediate/include.am
@@ -34,6 +34,7 @@ EXTRA_DIST += \
 	     certs/intermediate/server-chain-alt.pem \
 	     certs/intermediate/server-chain-ecc.der \
 	     certs/intermediate/server-chain-ecc.pem \
+	     certs/intermediate/server-chain-short.pem \
 	     certs/intermediate/server-chain.der \
 	     certs/intermediate/server-chain.pem \
 	     certs/intermediate/server-int-cert.der \
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
index 0121960e..68cfad9f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt-ecc.pem
@@ -1,76 +1,76 @@
 -----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
 nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
 idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
 aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
 VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
 Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
 bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
 ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
 uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
index 4adc6348..74cf132f 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-alt.pem
@@ -3,7 +3,7 @@ MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,87 +14,87 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
 /WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
 I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
 T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
 A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
 TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
 BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
 U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
 jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
+MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
+CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
+nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
+43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
+T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
+gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
+TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
+DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
+hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
+06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
+PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
+YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
+CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
index 38a81511..735ae9a5 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
index b70b27d1..82a0b147 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-ecc.pem
@@ -1,54 +1,54 @@
 -----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
 nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
 idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
 aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
 VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
 Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIICnzCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
+MIICoDCCAkWgAwIBAgICEAUwCgYIKoZIzj0EAwIwgaMxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJ
 bnRlcm1lZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaQxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaQxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29s
 ZlNTTCBJbnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOoWKCwnXkGZBSiL
-mfrFonQ8FU1S9EstgzSCjtW2P2HQh+v4TAZe7WYejMqk9ip2T9cmCUweibkYjtKj
-ZjwbPcujZjBkMB0GA1UdDgQWBBQb9L2QKHRk4zNei2Sn/K+68rlV5TAfBgNVHSME
-GDAWgBQTtXlZMrO7tEezNA6AwIMeqoLIWzASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
-A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNIADBFAiBPG9Hh145ztYv3TQs9/BK8
-b3ytuRJwMDdBJ+xrNQaORwIhAKFVkbdoHjJmN2gQCp827sOXK4W4PEc8Su0TxVtZ
-vLUp
+b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMe0qZ8y+6KPavMu
+wV3KCOzGnxOt9T6ddffk8haZN/eJc89UgV8WDAR4hTPvkqL3hj/HoboKdBfCRXp3
+E6kT/dOjZjBkMB0GA1UdDgQWBBSfrnt6cIAEVSvGtwxbeeQSQWUxKTAfBgNVHSME
+GDAWgBSXHWDDhyJZm2AfhLSZHIhNv9oebjASBgNVHRMBAf8ECDAGAQH/AgEBMA4G
+A1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgNJADBGAiEAhdIm+XVqS+l2iLs30Jbm
+vCTQj2dRGM9pWLfae8Gj2kECIQD9tza+rHxDbIiospsqNiEuZCDctZ0JlVszKZOI
+m2fLDQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIICkzCCAjigAwIBAgICEAQwCgYIKoZIzj0EAwIwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1OFoXDTQwMDYxMTE5MTc1OFowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkw
-EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAExpzNj+XsW9iw/JEg4gs7UVNUS4lDjgDe
-ka7TkPOF3Mw9EQgVdoLikjVK1EWOgzaCYrhNB4ULpVTgFOiT3n+S6KNmMGQwHQYD
-VR0OBBYEFBO1eVkys7u0R7M0DoDAgx6qgshbMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEld8csp4gqR2iW6tcm6hmBinmstjjFKbD
+wbStTUQYIB5dZ/0VHW0l4RexccqFA/DSr0FmRjZt6kHLT8hK0KBhjKNmMGQwHQYD
+VR0OBBYEFJcdYMOHIlmbYB+EtJkciE2/2h5uMB8GA1UdIwQYMBaAFFaOmsPwQt4Y
 uUVVbvmTz+rD86UhMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MAoGCCqGSM49BAMCA0kAMEYCIQCKUZH2ksVKaWXbW5DDkGrAlucmeq8YkSxrZ1VA
-GGzBpgIhAJbMnTet6nlSbk1Bk9tkf+dCufESkPSEXHOxIdj7Vf5v
+MAoGCCqGSM49BAMCA0kAMEYCIQDh528Fnh1iQU6dHjhn6Z47ZdwV/OsyhYReAvOO
+exL3mQIhAJJ3ZbG9+7KkQYfJnj3gOQLz20Ixv/tt/XS+o+N0/PVk
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem
new file mode 100644
index 00000000..778bd9c0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain-short.pem
@@ -0,0 +1,54 @@
+-----BEGIN CERTIFICATE-----
+MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
+TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
+AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
+VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
+ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVB
+JwFlxkWu8rwkMLiVzi9O1vYciLx8n/uoZ3/+XJxRdfeKygfnNS+P4b17wC98q2So
+F/zKXXu64CHlci5vLobYlXParBtTuV8/1xkNJU/hY2NRiwtkP61DuKUcXDSzrgCg
+Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
+/WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
+I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
+T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
+MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
+ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
+A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
+MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
+DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
+TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
+BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
+U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
index 7bf08926..64579ed5 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
index 3a583b93..5a9239af 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-chain.pem
@@ -3,7 +3,7 @@ MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -14,65 +14,65 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
 /WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
 I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
 T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
 A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEIzCCAwugAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwgZ8xCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNT
 TCBJbnRlcm1lZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
-b20wHhcNMjAwNjE2MTkxNzU3WhcNNDAwNjExMTkxNzU3WjCBoDELMAkGA1UEBhMC
+b20wHhcNMjMwOTI3MTIxMDA5WhcNNDMwOTIyMTIxMDA5WjCBoDELMAkGA1UEBhMC
 VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNV
 BAoMB3dvbGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MSEwHwYDVQQDDBh3b2xm
 U1NMIEludGVybWVkaWF0ZTIgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgL6ECMF0ZoY5E
-htST9/FTuj/SJN//y6+Ppuf5h5ofAMyPQIZ4OhuaeA7jbtrz52xXdjHPAyGayHkp
-YNvu2KkVtGdbd5qG+dtDzKIPkeZwTx5uFLGN8KHlOXehkpeISibxiJgkbP1G4nEH
-Xa/UvKiMXe5DCNqn7AlR7a3NdYtYx6GYVucZeJNLU3e32nl9cIS7HemgPAK8p5b6
-u5iQrjUZ0OdkHp0JoQbywv3LoykswHn46emTZ4w1LqFJoDRsOB1rTKW6x4SAlRcS
-y92n9i4sxw/BVB+XbAE72i7H3FPJJuaaZqh/VfrNchhph06M5ALd9zEao27NiENw
-tDRtpoZ1AgMBAAGjZjBkMB0GA1UdDgQWBBR6ix1Oo0DIzlhfjfz/Rix1QdkDXjAf
-BgNVHSMEGDAWgBSDHPGYhexuBkU03lHAurcrZzJmTTASBgNVHRMBAf8ECDAGAQH/
-AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEADHKZ7ecDWMIr
-iNKqQzGEGC/exV3gINhUPF4rhyqflrHvvtfHJ3ForHFhuG7Rqksv79Q357uHkGNI
-OJsgFb28r4q0r1ORjoQRFOpvhfROugpJkbMZmSrR+aena/1/eIh7030ssZ9wFRrb
-hpvOtwcl7DmMWaPS0cwYFRSghU1P+5pHL9xmx318EolIWNTLGhsSupztXIy/cg5f
-jkI0S2w+BG/ZUOMok2sT/WvWLRvN+/4Lo4zfyOatnmmKk5bXhDG7yvLb4hjJ8ZGK
-xwafwgrptF/jeyD8GhYcAlMSzWZFVW6xwJUtK9YZuJlOHxuc+7n+jH4yV/OA6fi+
-JS8DRjyzCg==
+bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPyT1ZAZ8dd5FW
+y6sGgsGBMZri+cb5o0AthkLXX0GlBUIPXytrvSmS5VLGXPl+nfuO1mmMA5GHHB+/
+JFlEzO+vkioG4aEBWwRXihq2BOLCPBA8QjEBqsPyMh4BldCRp2bBImg2UypSA+u1
+m4IBJPnRrvtTTFoG5W5a1qxbKBpT6Nelzm6cNMMIC8svjt/vjDX1sLxdD64KSs9U
+AdI8tHjuSBBWgE+Dh05nH08XLj4t9W3JB6I+MpIPHqQLVaYfhO+dde9mfHX350A6
+nMEzQj0vf5ldewTVqWxB6IkWWP06oAS9d9ZjXmoTWTdf8VkBRUici/cW9FD3WrRa
+M/b1QcE9AgMBAAGjZjBkMB0GA1UdDgQWBBQNyWAgQ1iB4Joh72YW3G4hJd8rRTAf
+BgNVHSMEGDAWgBTvaeD31R3mmezcbdD34rlcZHGDNTASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAhsP4YtIQoLTa
+eOmFxZkEJJ53GliknybHWFu4doBXziCk5d4hIT1wAU0PbVr2PUho0jjF6tSfpACy
+5N5wa1i5oqmb3aamjmzE+V/XF0WFvugv+9KC0qss4v81ILRsBn4IUXqvGXNY86hI
+ZQpPZ0R+wP1LlJSxTFaFejGvCQP6zF2FVQusG2rJqsS75OCtQjjxb3TX2wzKAeDz
+Ssfr8m4wxo6jz1pFD3+YkjEg/CYhNBUGTymjXBURWwSU1SybHlthZdxubAAFAc4r
+SFT5kStMjLvblLUIUxGXFQG8ZSi2ooNf8Nh5hBcndSpUyAcx11AFUQdPV8i/SXU1
+oTmvZuwm4Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEFzCCAv+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIwMDYx
-NjE5MTc1N1oXDTQwMDYxMTE5MTc1N1owgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDky
+NzEyMTAwOVoXDTQzMDkyMjEyMTAwOVowgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyIyj3gUPwY7nyd34wGkBr4d1rQTbu
-fVgj3Fbpu+g7EVjDw7frmFrpdhLN73cJJdNs5jpJaFCQ1zLgGNYF3/ee0o97tZFc
-vz4Jgd157UTCk/WdpMsKa2O08O7R3WznxrfxMNS3VCgYEfwlrFvxsxkTR31+2UWX
-PLu5QnAGlFUjFQuEygwVwW4aHPlUyebjuMFF5VqJ4fEbHYG3NAcXKFsQx6Yh612J
-EaPQOWA06uF1+rh87sU/ZGoduNiksoKYMRHotSAtA+XRYTWkS7WtprdycT6GOA44
-tl21q786uh4ydrpUTQXKTuKD3zBkEZ6Zkzum+zvffZAC9LTx6EExeAI/AgMBAAGj
-ZjBkMB0GA1UdDgQWBBSDHPGYhexuBkU03lHAurcrZzJmTTAfBgNVHSMEGDAWgBQn
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDonNdIWIgzjpxOKeUu9uHBBxaG55L
+DT7K+KX3DWrcI5AiaitYY0ooakio53MfolXYTQI74str4oPJUY93/dwtXSO3I5p+
+tilo6CpOqf4ycDGe8O/u+I3j/PPXKN16HZ6tIyvxpn80Uilm0uVkVWTW3UtBO1WD
+bsARDm4gwhZz6zD/CUa758zGA0RBEcbBbDYvSvmRVcpYXje4KBAwiUCWd89wZqRV
++2kL59myM2Xbcjp3tytJ/LbNWBCNq6rLQEV3AjkYs48zAUh3UL6Oc6feNqBJjiwW
+r7n7Qi01ats0N9UUWX1lcuWLZVVLIF5H+fg602zZOvXHAUYxw3maGL5JAgMBAAGj
+ZjBkMB0GA1UdDgQWBBTvaeD31R3mmezcbdD34rlcZHGDNTAfBgNVHSMEGDAWgBQn
 jmcRdMMmHT/tM2OzpNgdMOXo1TASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB
-/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAfQ1cKhnn7l/KLdRZVLnKMxg64yIs
-GHC7xVhF2YK8gF2Q2QI0bBpP8WtZTs3h6ieA5uLYfq8rrMFi4E3p5nSZ/sBQy9N9
-5SuCDWcNFLUsaqJ6wt0Ip0Aqj6G/TVN1Xd3DguXkHwSwtqfMVWy01HSemjY38DJp
-l0T70iIai5U0RDLMKql29xLHuZvx5afH1W0S7AAdIbIT8jPg6uDIY3zdBsc8uqS9
-oJuNoRp9OtfJ8zVOxXZrbVDRlSPowH89P0UIEHdrKWjM3bYg+MEVTG/iq51hE928
-xeeYzCMpuhy2IcCwtuneK0PXynsoavpMyTlN4UDt5sAWnWmy+b/bUCc8sw==
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAg9dEyy0uHoNHm+AkJImQEpao9Mes
+6ozc/5NAu6I6V2D9lLHiyVa+pRK1uSpQV0j9W5CWe1LTpD+iPMsuLakZF5owsEnN
+eCWYHvU7N/rsy01FRrhFf5e283nmLTF1LID52zuvlDFrY+RbeH9tUoQiYFY7Nw+L
+e19c9vPwH9kAiyrK3w4DlJDQ9O+lR4q2fNvPBUdwc12yQUSgoA5iOX/MBocTNXSM
+nixGLuUK05J6g40ijAazLw1cJprkGcthRVoqy46R5mNYOMMU2weNGp7d8QdYcd49
+C2zBmItmMybZYdsBxzC46Aq/elhrmGynPCz4YLcFe3OL1sXI1VolA9/n/A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
index b070160d..79ea3b64 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
index 507c5d53..b736ebf4 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-cert.pem
@@ -5,12 +5,12 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 14 19:17:58 2030 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 24 12:10:09 2033 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Server Chain, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
-                RSA Public-Key: (2048 bit)
+                Public-Key: (2048 bit)
                 Modulus:
                     00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27:
                     01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6:
@@ -39,36 +39,36 @@ Certificate:
             X509v3 Subject Key Identifier: 
                 B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C
             X509v3 Authority Key Identifier: 
-                keyid:7A:8B:1D:4E:A3:40:C8:CE:58:5F:8D:FC:FF:46:2C:75:41:D9:03:5E
+                keyid:0D:C9:60:20:43:58:81:E0:9A:21:EF:66:16:DC:6E:21:25:DF:2B:45
                 DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=wolfSSL Intermediate CA/emailAddress=info@wolfssl.com
                 serial:10:01
-
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment, Key Agreement
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         92:90:bf:56:5d:98:21:ce:d6:0a:8d:7c:af:ba:9b:59:d8:33:
-         c1:21:0f:6f:31:1c:13:c5:9f:de:a8:7d:ef:e5:c5:0b:8b:7e:
-         18:cb:9d:d8:de:c9:3d:32:ee:ff:d0:89:98:3b:33:68:db:cd:
-         66:5e:9d:ee:da:53:34:65:21:e3:43:f6:a7:b2:79:b5:79:2c:
-         2e:23:3f:3e:61:59:80:88:fd:c3:c5:04:e9:ad:52:a9:58:7d:
-         ef:c5:a7:85:1a:55:60:e1:0d:7e:11:c8:ba:59:d8:c6:1d:36:
-         04:63:8e:7d:af:28:fd:13:7a:32:f5:29:d7:0a:ef:06:3c:85:
-         90:b6:c6:4f:39:b1:18:ee:be:17:a5:44:17:87:b3:94:a1:34:
-         62:4c:77:c8:06:93:c8:03:f5:f2:aa:5b:ff:d0:9a:ad:f3:b2:
-         ca:5b:81:54:ef:1b:39:f8:c6:77:f1:80:50:0f:0c:6e:94:14:
-         62:a3:fc:99:8e:d2:e3:36:b8:25:1b:6d:55:d2:1b:21:97:d3:
-         84:e6:96:ee:9f:b3:00:44:70:3a:9f:fc:62:e2:42:1a:93:1e:
-         fc:9e:ec:8d:1c:7a:1a:b1:13:46:4e:eb:0d:28:b9:4d:08:e6:
-         09:31:c0:bb:2e:07:e0:cb:a9:5a:06:87:c4:8e:ba:6b:2f:75:
-         54:85:36:f5
+    Signature Value:
+        49:27:f0:d8:01:dc:ea:a6:f0:94:bf:22:6d:c7:a6:f9:1f:08:
+        7e:75:b1:96:ac:56:51:e0:72:8b:65:2c:39:b7:74:78:97:da:
+        21:52:d1:43:4c:d7:09:0e:13:80:8a:e8:45:90:0f:39:e4:72:
+        df:40:08:21:f4:b5:69:a5:c2:04:21:57:d8:6b:91:17:d4:55:
+        dc:73:6e:d7:cc:c7:d8:c1:66:ee:94:6f:18:47:8d:23:cf:c2:
+        a4:3d:a4:45:d2:1a:7c:b8:23:79:e2:b4:ac:71:26:a4:1a:e3:
+        a2:97:da:c8:85:00:e7:1f:7b:b2:05:db:ed:95:d8:16:59:0b:
+        7b:23:01:eb:e6:4f:70:c2:ae:b7:7e:5b:2c:5a:73:6e:d2:a8:
+        a6:3e:1b:9e:78:b5:3b:7d:1f:5f:a9:4b:ca:83:41:7f:48:18:
+        b6:99:b9:8f:56:6c:33:0a:70:ca:6e:a6:f0:93:5d:3a:92:31:
+        2d:c7:7c:1a:50:40:49:5d:d4:b2:8d:9a:d0:18:37:4e:25:a1:
+        98:3c:ff:5f:3b:13:5e:4a:bc:f9:1c:c9:2a:9f:f2:f6:70:f2:
+        f6:ec:e2:23:26:27:c8:8a:e8:0a:81:70:5f:6a:67:fc:57:6c:
+        6f:da:fe:33:3f:21:96:65:b6:4f:f8:89:5a:92:0e:e1:2e:fd:
+        0e:16:f5:6e
 -----BEGIN CERTIFICATE-----
 MIIE8jCCA9qgAwIBAgICEAIwDQYJKoZIhvcNAQELBQAwgaAxCzAJBgNVBAYTAlVT
 MRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQK
 DAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEhMB8GA1UEAwwYd29sZlNT
 TCBJbnRlcm1lZGlhdGUyIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIwMDYxNjE5MTc1OFoXDTMwMDYxNDE5MTc1OFowgZwxCzAJBgNVBAYT
+Y29tMB4XDTIzMDkyNzEyMTAwOVoXDTMzMDkyNDEyMTAwOVowgZwxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEdMBsGA1UEAwwUd29s
 ZlNTTCBTZXJ2ZXIgQ2hhaW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -79,16 +79,16 @@ Y8X2fwtZaHhzpowYqQJtr8MZAS64EOPGzEC0aaNGM2mHbsS7F6bz6N2tc7x7LyG1
 /WZRDL1Us+FtXxy8I3PRCQOJFNIQuWTDKtChlkq84dQaW8egwMFjeA9ENzAyloAy
 I5Whd7oT0pdz4l0lyWoNwzlgpLSwaUJCCenYCLwzILNYIqeq68Th5mGDxdKW39nQ
 T63XAgMBAAGjggE2MIIBMjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAd
-BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUeosd
-TqNAyM5YX438/0YsdUHZA16hgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+BgNVHQ4EFgQUsxEyyZKYhOLJ+NA7bgNCyh8Ojjwwgc0GA1UdIwSBxTCBwoAUDclg
+IENYgeCaIe9mFtxuISXfK0WhgaWkgaIwgZ8xCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NM
 MRQwEgYDVQQLDAtEZXZlbG9wbWVudDEgMB4GA1UEAwwXd29sZlNTTCBJbnRlcm1l
 ZGlhdGUgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAhABMA4G
 A1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsF
-AAOCAQEAkpC/Vl2YIc7WCo18r7qbWdgzwSEPbzEcE8Wf3qh97+XFC4t+GMud2N7J
-PTLu/9CJmDszaNvNZl6d7tpTNGUh40P2p7J5tXksLiM/PmFZgIj9w8UE6a1SqVh9
-78WnhRpVYOENfhHIulnYxh02BGOOfa8o/RN6MvUp1wrvBjyFkLbGTzmxGO6+F6VE
-F4ezlKE0Ykx3yAaTyAP18qpb/9CarfOyyluBVO8bOfjGd/GAUA8MbpQUYqP8mY7S
-4za4JRttVdIbIZfThOaW7p+zAERwOp/8YuJCGpMe/J7sjRx6GrETRk7rDSi5TQjm
-CTHAuy4H4MupWgaHxI66ay91VIU29Q==
+AAOCAQEASSfw2AHc6qbwlL8ibcem+R8IfnWxlqxWUeByi2UsObd0eJfaIVLRQ0zX
+CQ4TgIroRZAPOeRy30AIIfS1aaXCBCFX2GuRF9RV3HNu18zH2MFm7pRvGEeNI8/C
+pD2kRdIafLgjeeK0rHEmpBrjopfayIUA5x97sgXb7ZXYFlkLeyMB6+ZPcMKut35b
+LFpzbtKopj4bnni1O30fX6lLyoNBf0gYtpm5j1ZsMwpwym6m8JNdOpIxLcd8GlBA
+SV3Uso2a0Bg3TiWhmDz/XzsTXkq8+RzJKp/y9nDy9uziIyYnyIroCoFwX2pn/Fds
+b9r+Mz8hlmW2T/iJWpIO4S79Dhb1bg==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
index 3ea01614..f039ff20 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
index 35039829..d9c96baf 100644
--- a/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/intermediate/server-int-ecc-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Intermediate2 CA ECC, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Jun 16 19:17:58 2020 GMT
-            Not After : Jun 14 19:17:58 2030 GMT
+            Not Before: Sep 27 12:10:09 2023 GMT
+            Not After : Sep 24 12:10:09 2033 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = wolfSSL Server Chain ECC, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -27,37 +27,37 @@ Certificate:
             X509v3 Subject Key Identifier: 
                 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
             X509v3 Authority Key Identifier: 
-                keyid:1B:F4:BD:90:28:74:64:E3:33:5E:8B:64:A7:FC:AF:BA:F2:B9:55:E5
+                keyid:9F:AE:7B:7A:70:80:04:55:2B:C6:B7:0C:5B:79:E4:12:41:65:31:29
                 DirName:/C=US/ST=Washington/L=Seattle/O=wolfSSL/OU=Development/CN=wolfSSL Intermediate CA ECC/emailAddress=info@wolfssl.com
                 serial:10:05
-
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment, Key Agreement
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:46:02:21:00:98:d0:e2:f9:89:ca:b2:74:36:a7:33:0b:fe:
-         14:90:10:45:7a:2d:6d:40:44:db:08:ec:45:79:8b:4e:91:e0:
-         d5:02:21:00:ea:11:1b:c1:b5:95:bc:bf:d9:f5:99:37:d1:d2:
-         e6:b8:aa:19:bd:97:42:09:bb:0a:51:6c:4e:a2:61:72:e8:44
+    Signature Value:
+        30:45:02:21:00:cd:89:cf:ce:26:69:1f:ef:60:37:ad:c9:e3:
+        c8:61:06:fa:fa:b8:6f:3c:6b:12:55:a0:ff:e2:fa:9f:f8:47:
+        93:02:20:69:4a:2e:3f:0d:c6:e7:4e:d1:29:e5:37:02:03:a9:
+        2d:88:be:f8:08:be:1e:cb:0d:06:a3:21:8f:a8:60:a3:b5
 -----BEGIN CERTIFICATE-----
-MIIDczCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
+MIIDcjCCAxigAwIBAgICEAYwCgYIKoZIzj0EAwIwgaQxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDElMCMGA1UEAwwcd29sZlNTTCBJ
 bnRlcm1lZGlhdGUyIENBIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMDA2MTYxOTE3NThaFw0zMDA2MTQxOTE3NThaMIGgMQswCQYDVQQG
+LmNvbTAeFw0yMzA5MjcxMjEwMDlaFw0zMzA5MjQxMjEwMDlaMIGgMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4G
 A1UECgwHd29sZlNTTDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxITAfBgNVBAMMGHdv
 bGZTU0wgU2VydmVyIENoYWluIEVDQzEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
 c3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzze
 nzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0
 idijggE6MIIBNjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4E
-FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUG/S9kCh0ZOMz
-Xotkp/yvuvK5VeWhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
+FgQUXV0m76x+NvmbdhUrSiUCI++yiTAwgdEGA1UdIwSByTCBxoAUn657enCABFUr
+xrcMW3nkEkFlMSmhgamkgaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNo
 aW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYD
 VQQLDAtEZXZlbG9wbWVudDEkMCIGA1UEAwwbd29sZlNTTCBJbnRlcm1lZGlhdGUg
 Q0EgRUNDMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggIQBTAOBgNV
-HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSQAw
-RgIhAJjQ4vmJyrJ0NqczC/4UkBBFei1tQETbCOxFeYtOkeDVAiEA6hEbwbWVvL/Z
-9Zk30dLmuKoZvZdCCbsKUWxOomFy6EQ=
+HQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwCgYIKoZIzj0EAwIDSAAw
+RQIhAM2Jz84maR/vYDetyePIYQb6+rhvPGsSVaD/4vqf+EeTAiBpSi4/DcbnTtEp
+5TcCA6ktiL74CL4eyw0GoyGPqGCjtQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
index 97ed94ba..ebf186e6 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate1-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
-         24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
-         8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
-         44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
-         13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
-         9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
-         fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
-         2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
-         23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
-         9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
-         11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
-         28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
-         d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
-         f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
-         61:18:af:2d
+         1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+         e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+         3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+         bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+         89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+         63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+         c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+         7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+         19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+         c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+         5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+         1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+         da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+         a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+         9e:44:fb:08
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -84,12 +84,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
index e983f710..bd5a6a04 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate2-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
-         fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
-         a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
-         20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
-         1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
-         0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
-         f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
-         9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
-         58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
-         94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
-         5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
-         b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
-         a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
-         48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
-         71:c0:56:12
+         3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+         ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+         20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+         6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+         30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+         3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+         47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+         dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+         38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+         f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+         bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+         27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+         84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+         ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+         fc:9c:2c:f0
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -84,12 +84,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
index aed2938f..932f2459 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/intermediate3-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         a4:9b:e4:ec:56:45:77:92:36:91:66:cc:25:11:1a:1d:48:d5:
-         f8:4a:32:04:6f:ea:76:c7:0c:27:8a:8c:f1:ef:08:d4:47:60:
-         66:5e:3f:61:76:fc:a2:84:c1:42:01:89:b6:17:d9:eb:14:e6:
-         61:7e:8e:18:2e:64:be:14:ef:2d:ce:63:10:d6:b3:00:ec:f3:
-         fc:4f:a0:1b:6f:e7:75:18:fe:ca:ef:47:12:dc:c8:ae:f9:05:
-         2b:84:14:d5:ad:df:58:84:81:33:51:90:5d:29:b8:ff:48:6b:
-         f5:bb:e9:c7:be:6f:e1:6a:ca:71:47:1f:97:7f:1d:00:56:9a:
-         59:f6:78:4e:95:6c:e8:51:73:8e:9d:f3:62:00:f7:65:bd:09:
-         d7:e4:ae:7e:04:ee:1e:eb:f3:83:3f:2a:44:f4:98:f8:ef:31:
-         ed:06:77:60:e3:f2:6b:b6:dd:3e:ed:45:aa:07:a9:7f:99:f5:
-         2d:9b:ce:10:16:3a:cd:96:fb:40:1b:18:f4:eb:6f:f0:dc:ee:
-         e8:aa:30:13:3c:d6:1e:46:7d:55:1f:0b:86:5c:13:f9:2f:83:
-         b8:65:55:8d:3e:56:8b:d9:b7:e1:1b:2d:ab:f2:e7:3a:c4:6f:
-         2a:c9:f0:f9:96:82:93:ac:a7:06:1c:0e:bb:2a:ff:6a:be:eb:
-         91:b0:8c:dc
+         2f:e1:b0:99:a9:71:0e:41:f8:b1:9d:38:c8:f4:3d:7c:79:ce:
+         d2:94:01:2a:b6:71:1b:4c:64:19:27:02:71:b4:43:64:42:f9:
+         2b:71:39:6e:64:4e:e8:32:b1:1e:1b:fd:7d:22:cb:8a:9c:34:
+         ce:ef:bb:dd:f2:4f:83:58:33:34:01:cb:b4:35:e2:ba:c6:cc:
+         aa:2f:ed:2e:e9:04:ec:cd:7f:06:50:b3:4e:37:cd:fe:96:69:
+         da:a3:fe:63:78:83:c5:86:7e:03:b2:11:e5:94:f8:56:e9:d1:
+         dd:5d:b4:05:4d:26:0e:09:c2:50:32:ce:6d:da:6b:b7:ee:e1:
+         1b:a9:b0:0f:59:d6:03:16:ee:47:16:2f:1f:58:f9:f8:48:d9:
+         59:ed:61:a1:af:7e:92:38:2e:40:0c:9b:e7:21:90:3b:10:6f:
+         61:ad:e0:95:57:e2:d5:39:dc:83:54:88:99:4a:5e:21:94:ce:
+         f9:0f:5e:e9:22:10:55:bb:97:f4:51:3f:50:83:ed:63:fb:ab:
+         d2:02:b3:aa:26:f7:fc:72:1c:84:e9:a0:a3:fa:b2:22:90:c8:
+         ac:61:84:2a:bd:3f:75:1f:1b:bf:83:a8:90:ce:4c:de:ee:eb:
+         65:b4:ff:f0:7a:b2:11:7a:78:60:c4:6e:da:e3:c8:a3:57:5b:
+         8f:58:e4:49
 -----BEGIN CERTIFICATE-----
 MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
 RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -84,12 +84,12 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
 bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
 MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN
-AQELBQADggEBAKSb5OxWRXeSNpFmzCURGh1I1fhKMgRv6nbHDCeKjPHvCNRHYGZe
-P2F2/KKEwUIBibYX2esU5mF+jhguZL4U7y3OYxDWswDs8/xPoBtv53UY/srvRxLc
-yK75BSuEFNWt31iEgTNRkF0puP9Ia/W76ce+b+FqynFHH5d/HQBWmln2eE6VbOhR
-c46d82IA92W9Cdfkrn4E7h7r84M/KkT0mPjvMe0Gd2Dj8mu23T7tRaoHqX+Z9S2b
-zhAWOs2W+0AbGPTrb/Dc7uiqMBM81h5GfVUfC4ZcE/kvg7hlVY0+VovZt+EbLavy
-5zrEbyrJ8PmWgpOspwYcDrsq/2q+65GwjNw=
+AQELBQADggEBAC/hsJmpcQ5B+LGdOMj0PXx5ztKUASq2cRtMZBknAnG0Q2RC+Stx
+OW5kTugysR4b/X0iy4qcNM7vu93yT4NYMzQBy7Q14rrGzKov7S7pBOzNfwZQs043
+zf6Wadqj/mN4g8WGfgOyEeWU+Fbp0d1dtAVNJg4JwlAyzm3aa7fu4RupsA9Z1gMW
+7kcWLx9Y+fhI2VntYaGvfpI4LkAMm+chkDsQb2Gt4JVX4tU53INUiJlKXiGUzvkP
+XukiEFW7l/RRP1CD7WP7q9ICs6om9/xyHITpoKP6siKQyKxhhCq9P3UfG7+DqJDO
+TN7u62W0//B6shF6eGDEbtrjyKNXW49Y5Ek=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -176,11 +176,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
index 64873ee1..0eb95e09 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/ocsp-responder-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL OCSP Responder, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 OCSP Signing
     Signature Algorithm: sha256WithRSAEncryption
-         2f:b7:6b:ec:b7:12:63:b9:57:dc:04:4d:9c:67:74:98:06:28:
-         68:37:34:c2:50:e9:2a:d4:1a:b2:32:1a:9d:2b:4f:23:50:ea:
-         b4:95:86:c3:b9:5f:34:3e:99:91:a7:80:5f:6e:1b:6e:db:e9:
-         02:38:6f:df:c5:9b:0d:a3:1c:a9:15:76:16:66:a8:4e:fb:d3:
-         43:76:f1:72:b7:d1:fa:ee:39:a6:96:c1:a2:93:a4:9b:1e:9f:
-         ba:71:8f:ba:bd:67:6a:f2:15:5f:f1:64:e7:cf:26:b8:4c:c0:
-         eb:85:04:58:d9:4a:6b:d9:86:f5:80:21:bf:91:c8:4b:9f:04:
-         ed:57:7a:d2:58:ac:5b:47:af:4d:7f:5b:1d:6d:68:9b:84:98:
-         2a:31:02:2c:e9:1b:af:11:0b:78:49:be:68:68:cb:9c:41:56:
-         e8:b5:59:da:ff:ca:59:99:17:3e:11:0a:8f:49:24:0b:81:42:
-         63:cd:4f:f6:2b:9d:d1:79:75:d7:4a:cc:4c:b7:2b:d7:e8:e7:
-         d4:48:3c:14:3b:1c:28:e8:46:7a:dc:11:9d:7f:1c:ab:10:95:
-         17:b2:c7:7a:bb:17:44:59:69:8e:16:05:94:8c:88:d9:dc:9a:
-         fd:f2:93:be:68:ba:3c:d6:2b:61:3a:8b:f7:66:cb:54:e8:e4:
-         db:9f:cc:9e
+         0a:a4:ec:1a:eb:2e:bc:d0:62:b6:84:72:92:8a:1a:e4:04:31:
+         1c:68:17:ae:6c:18:44:ad:23:73:0d:63:73:9b:47:97:ae:21:
+         aa:ac:ab:f4:9e:64:78:62:bb:b5:70:29:31:eb:53:b2:f6:20:
+         35:ff:43:06:f0:3f:84:d8:aa:be:6d:a9:59:ef:f5:6b:8e:da:
+         78:77:22:70:43:c8:e5:b5:55:2f:c8:31:5e:87:d2:2d:a5:0f:
+         0a:aa:01:00:76:22:17:73:72:9a:59:fb:c8:1f:a3:b9:d6:99:
+         7f:16:90:03:ec:20:bf:f5:8a:c5:e2:a7:1c:4b:bf:c5:7c:45:
+         18:de:e3:93:a1:41:b0:33:ed:d2:6e:4f:14:58:6e:af:12:be:
+         3b:ed:6e:20:4b:6d:11:89:9d:c6:2a:ab:1e:24:3f:d2:56:98:
+         5c:8f:d1:fe:d2:92:6b:7b:ed:15:84:3a:b3:aa:5c:c6:b4:6d:
+         5d:cb:ce:81:37:e5:ef:96:25:92:ef:04:3c:38:0c:f0:6d:64:
+         ef:33:51:4f:98:6f:55:3d:0e:cc:07:ea:2c:0b:3e:09:a0:23:
+         0b:45:2c:02:a0:49:70:d8:a8:a7:36:07:68:c6:82:5e:d4:78:
+         be:cf:5b:11:79:6b:bf:e2:5d:56:79:19:a5:64:b2:e8:86:a4:
+         27:74:cf:55
 -----BEGIN CERTIFICATE-----
 MIIEvjCCA6agAwIBAgIBBDANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQDDBZ3b2xmU1NMIE9DU1Ag
 UmVzcG9uZGVyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -80,12 +80,12 @@ CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0
 dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
 A1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
 c2wuY29tggFjMBMGA1UdJQQMMAoGCCsGAQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IB
-AQAvt2vstxJjuVfcBE2cZ3SYBihoNzTCUOkq1BqyMhqdK08jUOq0lYbDuV80PpmR
-p4Bfbhtu2+kCOG/fxZsNoxypFXYWZqhO+9NDdvFyt9H67jmmlsGik6SbHp+6cY+6
-vWdq8hVf8WTnzya4TMDrhQRY2Upr2Yb1gCG/kchLnwTtV3rSWKxbR69Nf1sdbWib
-hJgqMQIs6RuvEQt4Sb5oaMucQVbotVna/8pZmRc+EQqPSSQLgUJjzU/2K53ReXXX
-SsxMtyvX6OfUSDwUOxwo6EZ63BGdfxyrEJUXssd6uxdEWWmOFgWUjIjZ3Jr98pO+
-aLo81ithOov3ZstU6OTbn8ye
+AQAKpOwa6y680GK2hHKSihrkBDEcaBeubBhErSNzDWNzm0eXriGqrKv0nmR4Yru1
+cCkx61Oy9iA1/0MG8D+E2Kq+balZ7/Vrjtp4dyJwQ8jltVUvyDFeh9ItpQ8KqgEA
+diIXc3KaWfvIH6O51pl/FpAD7CC/9YrF4qccS7/FfEUY3uOToUGwM+3Sbk8UWG6v
+Er477W4gS20RiZ3GKqseJD/SVphcj9H+0pJre+0VhDqzqlzGtG1dy86BN+XvliWS
+7wQ8OAzwbWTvM1FPmG9VPQ7MB+osCz4JoCMLRSwCoElw2KinNgdoxoJe1Hi+z1sR
+eWu/4l1WeRmlZLLohqQndM9V
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -94,8 +94,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -136,27 +136,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -172,11 +172,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh b/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
index 22103c4d..f377a1fd 100755
--- a/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/ocsp/renewcerts.sh
@@ -1,5 +1,14 @@
 #!/bin/sh
 
+# bwrap execution environment to avoid port conflicts
+if [ "${AM_BWRAPPED-}" != "yes" ]; then
+    bwrap_path="$(command -v bwrap)"
+    if [ -n "$bwrap_path" ]; then
+        export AM_BWRAPPED=yes
+        exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
+    fi
+fi
+
 check_result(){
     if [ $1 -ne 0 ]; then
         if [ -n "$2" ]; then
@@ -80,10 +89,10 @@ update_cert server3          "www3.wolfssl.com"                intermediate2-ca
 update_cert server4          "www4.wolfssl.com"                intermediate2-ca v3_req2 08 # REVOKED
 update_cert server5          "www5.wolfssl.com"                intermediate3-ca v3_req3 09
 
-
 # Create response DER buffer for test
 openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -partial_chain &
 PID=$!
+sleep 1 # Make sure server is ready
 
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response.der -noverify
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-nointern.der -no_intern -noverify
@@ -95,6 +104,7 @@ wait $PID
 # now start up a responder that signs using rsa-pss
 openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -rsigopt rsa_padding_mode:pss &
 PID=$!
+sleep 1 # Make sure server is ready
 
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-rsapss.der -noverify
 # can verify with the following command
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
index c51306f0..4dd84808 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/root-ca-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -83,11 +83,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
index 0e07e2f6..641d41f1 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server1-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www1.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22221
 
     Signature Algorithm: sha256WithRSAEncryption
-         1a:d1:4a:17:b8:a4:ad:57:8a:6d:91:eb:ee:1f:25:5b:83:4c:
-         f2:64:9e:f3:c9:1c:c9:02:f3:b8:c8:8d:43:f0:7b:9a:12:0c:
-         d0:35:8c:22:c3:46:3b:ec:da:ae:4a:e2:70:16:57:10:35:57:
-         f0:7d:74:c8:37:19:69:ba:a6:f6:dc:3a:1d:82:d8:ea:21:c1:
-         35:a7:2c:fa:07:ee:20:01:5c:de:c3:ff:60:c1:af:df:9f:db:
-         5b:e5:e6:2c:56:78:7c:5c:49:d8:d3:67:62:ba:d7:59:ee:83:
-         6b:b6:bb:60:17:1b:c3:ac:f4:b3:5a:95:b6:cb:1c:1b:42:86:
-         a0:2c:d5:35:85:0d:22:6a:f4:94:cc:f6:bd:43:bc:ae:9c:d5:
-         2f:be:f5:1d:85:6a:21:44:06:1c:f8:aa:d8:21:0a:66:2f:26:
-         a2:06:c3:9d:ec:61:18:d9:f4:af:48:b9:a1:45:f3:f2:66:12:
-         3b:46:76:bd:3d:a5:ec:a8:8a:4c:d1:e3:6d:c5:cb:73:d2:66:
-         7e:5e:db:f9:9a:ab:f3:c2:6f:cc:6d:c9:de:76:2f:a3:d1:3a:
-         2c:40:c2:01:2d:d2:15:a7:4e:f1:43:6a:88:cf:f8:00:16:48:
-         3d:85:f5:d5:c5:17:3e:ef:7a:8f:35:47:3b:21:92:8e:1d:f2:
-         29:76:e4:5c
+         2c:4a:52:45:c2:c6:40:fe:e1:c0:38:89:63:a1:24:44:f8:8c:
+         1b:28:dc:55:69:19:b1:d0:53:46:01:36:f6:ee:b0:ac:71:3a:
+         a9:43:cb:43:99:73:f0:a7:c2:cb:73:d2:9a:02:6c:5b:12:c8:
+         ea:d7:87:18:cc:5a:a3:15:53:0f:94:b2:97:eb:78:e8:6e:8d:
+         4d:3b:d4:23:88:98:7d:35:09:74:95:a8:05:49:57:d0:2a:3c:
+         1b:96:1f:d0:5d:37:0a:a3:01:55:36:bb:17:6e:d9:9f:81:ee:
+         7d:12:bc:ff:e0:22:ca:49:1e:f5:c4:06:8c:29:28:20:3a:b0:
+         a4:6e:82:6c:74:3b:56:37:e0:bb:42:9e:65:3f:19:b8:d2:2a:
+         15:9e:92:39:8b:17:f2:ef:7f:d2:b8:79:a5:12:20:50:a2:31:
+         55:52:a4:74:91:02:bc:0e:d0:43:01:c5:7c:4d:4e:b0:00:88:
+         a4:10:c5:9c:93:38:cb:05:48:c8:87:6a:54:f6:9c:38:77:2a:
+         6f:ad:ab:b4:a2:23:bc:23:af:41:57:d3:f4:d6:27:b0:a6:f9:
+         58:9c:76:76:4d:83:d2:27:ac:0e:af:95:2d:3a:9d:6c:1c:55:
+         98:5a:a8:e0:1f:dd:13:a5:fc:72:e4:be:95:aa:57:99:3c:2e:
+         16:70:e9:d1
 -----BEGIN CERTIFICATE-----
 MIIE7jCCA9agAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
 IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
 MS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
 GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
 b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
 AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
-AQAa0UoXuKStV4ptkevuHyVbg0zyZJ7zyRzJAvO4yI1D8HuaEgzQNYwiw0Y77Nqu
-SuJwFlcQNVfwfXTINxlpuqb23DodgtjqIcE1pyz6B+4gAVzew/9gwa/fn9tb5eYs
-Vnh8XEnY02diutdZ7oNrtrtgFxvDrPSzWpW2yxwbQoagLNU1hQ0iavSUzPa9Q7yu
-nNUvvvUdhWohRAYc+KrYIQpmLyaiBsOd7GEY2fSvSLmhRfPyZhI7Rna9PaXsqIpM
-0eNtxctz0mZ+Xtv5mqvzwm/Mbcnedi+j0TosQMIBLdIVp07xQ2qIz/gAFkg9hfXV
-xRc+73qPNUc7IZKOHfIpduRc
+AQAsSlJFwsZA/uHAOIljoSRE+IwbKNxVaRmx0FNGATb27rCscTqpQ8tDmXPwp8LL
+c9KaAmxbEsjq14cYzFqjFVMPlLKX63jobo1NO9QjiJh9NQl0lagFSVfQKjwblh/Q
+XTcKowFVNrsXbtmfge59Erz/4CLKSR71xAaMKSggOrCkboJsdDtWN+C7Qp5lPxm4
+0ioVnpI5ixfy73/SuHmlEiBQojFVUqR0kQK8DtBDAcV8TU6wAIikEMWckzjLBUjI
+h2pU9pw4dypvrau0oiO8I69BV9P01iewpvlYnHZ2TYPSJ6wOr5UtOp1sHFWYWqjg
+H90Tpfxy5L6VqleZPC4WcOnR
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
-         24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
-         8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
-         44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
-         13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
-         9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
-         fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
-         2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
-         23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
-         9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
-         11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
-         28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
-         d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
-         f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
-         61:18:af:2d
+         1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+         e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+         3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+         bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+         89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+         63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+         c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+         7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+         19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+         c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+         5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+         1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+         da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+         a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+         9e:44:fb:08
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -191,8 +191,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
index a4317d5a..1d2b0c91 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server2-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www2.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22221
 
     Signature Algorithm: sha256WithRSAEncryption
-         3f:9f:3d:c8:e3:a8:70:32:c1:81:67:64:b8:df:3b:e4:73:8f:
-         99:84:9c:d5:d5:70:a2:6e:de:5d:a0:42:52:80:a0:01:09:49:
-         6b:c3:fd:79:12:7c:9e:42:44:a5:74:d7:bc:ad:2a:3a:6b:a9:
-         e4:1d:b8:cc:16:25:2f:4b:47:67:b5:a2:94:ce:e0:a4:20:95:
-         94:29:e2:66:01:4c:86:62:79:37:dd:58:de:f1:32:fe:d8:f8:
-         a0:ee:7c:e3:1f:e5:cd:dc:be:fd:30:10:3b:e1:8c:35:fa:89:
-         85:83:57:45:80:b1:7c:36:7c:87:0a:89:80:8f:15:6b:33:f1:
-         c8:93:cf:fe:ac:18:d0:cf:4f:e0:7e:eb:b4:b1:b9:63:30:5c:
-         f3:7f:e2:29:81:09:18:7a:d7:70:a0:81:15:2e:82:33:89:d2:
-         1d:70:73:9c:3d:d9:0c:6a:03:09:6c:b2:11:fd:d2:a8:9b:d8:
-         67:17:80:66:c3:7a:eb:28:26:ac:12:8f:87:64:07:a2:e6:e4:
-         00:01:94:db:8c:82:6e:4f:41:1d:bd:3f:2b:e7:de:8d:84:dd:
-         8c:66:88:f4:af:8d:ae:ef:7e:6c:a1:1d:be:61:74:6e:61:24:
-         de:5a:6f:d8:56:66:45:24:5c:4f:f5:0b:b0:d4:92:78:2c:d8:
-         2a:02:0e:12
+         ba:b8:a9:5b:b2:3b:55:29:f6:8e:08:d9:48:7b:12:4e:45:65:
+         bb:4a:d0:23:82:c8:2b:f1:2e:fd:34:d1:e8:d0:b9:89:35:f3:
+         49:e4:67:6b:bf:72:ae:26:48:20:1e:0d:22:11:11:d1:b3:b2:
+         9f:d2:47:b5:b0:64:37:03:0b:aa:62:9b:26:b1:c5:52:72:80:
+         12:d8:67:20:3b:f4:59:72:06:99:f6:ff:92:f7:50:05:46:30:
+         11:d3:b4:e2:5b:03:cc:f8:01:d2:8e:de:2b:0a:52:6a:76:66:
+         a8:e3:80:06:a3:60:e2:c5:6b:62:4d:12:0d:9a:43:a6:c7:e5:
+         87:1d:02:65:f2:35:66:e2:07:05:66:32:df:5f:14:7f:9b:89:
+         60:61:41:8c:bb:ad:1c:9e:92:7d:19:4c:8a:3c:d9:9f:6c:d7:
+         c3:a9:13:b3:13:2c:38:e0:e6:e1:0c:4c:55:f0:25:42:73:6a:
+         c1:79:82:0a:a5:95:ef:2a:0e:29:cd:76:88:af:e4:da:e6:95:
+         22:55:dc:8f:67:3e:eb:c8:6b:4a:86:1f:2a:13:40:ee:a2:5e:
+         59:61:77:3b:c7:81:d2:6e:ed:ea:08:55:ea:c4:1f:11:d8:50:
+         c5:a1:c7:46:57:c7:02:4c:ce:3b:e5:1b:9d:cf:59:73:24:7c:
+         07:cf:8f:f6
 -----BEGIN CERTIFICATE-----
 MIIE7jCCA9agAwIBAgIBBjANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
 IGludGVybWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
 Mi53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
 GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
 b2xmc3NsLmNvbYIBATALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
 AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIxMA0GCSqGSIb3DQEBCwUAA4IB
-AQA/nz3I46hwMsGBZ2S43zvkc4+ZhJzV1XCibt5doEJSgKABCUlrw/15EnyeQkSl
-dNe8rSo6a6nkHbjMFiUvS0dntaKUzuCkIJWUKeJmAUyGYnk33Vje8TL+2Pig7nzj
-H+XN3L79MBA74Yw1+omFg1dFgLF8NnyHComAjxVrM/HIk8/+rBjQz0/gfuu0sblj
-MFzzf+IpgQkYetdwoIEVLoIzidIdcHOcPdkMagMJbLIR/dKom9hnF4Bmw3rrKCas
-Eo+HZAei5uQAAZTbjIJuT0EdvT8r596NhN2MZoj0r42u735soR2+YXRuYSTeWm/Y
-VmZFJFxP9Quw1JJ4LNgqAg4S
+AQC6uKlbsjtVKfaOCNlIexJORWW7StAjgsgr8S79NNHo0LmJNfNJ5Gdrv3KuJkgg
+Hg0iERHRs7Kf0ke1sGQ3AwuqYpsmscVScoAS2GcgO/RZcgaZ9v+S91AFRjAR07Ti
+WwPM+AHSjt4rClJqdmao44AGo2DixWtiTRINmkOmx+WHHQJl8jVm4gcFZjLfXxR/
+m4lgYUGMu60cnpJ9GUyKPNmfbNfDqROzEyw44ObhDExV8CVCc2rBeYIKpZXvKg4p
+zXaIr+Ta5pUiVdyPZz7ryGtKhh8qE0Duol5ZYXc7x4HSbu3qCFXqxB8R2FDFocdG
+V8cCTM475Rudz1lzJHwHz4/2
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         5e:61:82:66:fd:b6:45:75:94:55:50:b9:ee:97:1a:48:73:ad:
-         24:ba:19:ee:ce:e9:f3:07:ac:51:32:10:56:6a:c8:94:d0:ff:
-         8b:37:e9:a9:de:29:e3:99:39:9f:84:f5:2b:de:57:de:d2:d9:
-         44:b1:2b:03:9a:88:d2:d5:a8:48:f9:29:04:3d:f6:c0:60:06:
-         13:c3:2e:4c:73:c2:c9:6a:07:0a:70:4f:4c:2e:8c:02:63:97:
-         9e:70:2c:9c:fa:fb:cf:a9:2e:9c:e5:2f:14:43:3f:fb:61:6d:
-         fd:17:b9:94:f2:cd:c7:24:7e:e2:ba:3e:b9:76:df:52:d0:f7:
-         2b:64:c1:31:e2:80:0f:ff:b1:7c:d2:af:14:4b:ec:dd:79:a7:
-         23:c9:68:6a:e7:c6:2d:67:27:e7:37:d1:f8:93:37:58:e2:f3:
-         9c:4d:38:5d:58:03:d1:30:f7:a6:ff:45:fe:69:11:d6:39:1e:
-         11:d6:5b:42:75:c7:6c:cd:27:1f:59:98:88:03:a0:0f:fa:ad:
-         28:2d:50:7b:b4:dc:7c:d4:5b:92:03:d0:55:dc:62:26:8f:50:
-         d0:6b:f8:c4:89:2b:8b:d1:77:5b:e9:68:b6:0a:15:1f:de:97:
-         f2:4d:a5:ad:d0:3c:d6:68:e8:4c:f8:a1:ac:44:a8:82:55:76:
-         61:18:af:2d
+         1c:06:f6:58:ee:a2:4d:11:dd:ce:51:2a:ea:3c:1e:13:62:2b:
+         e2:04:6d:ca:67:2b:14:1b:de:3e:72:7b:d2:12:29:59:e9:bd:
+         3f:37:1f:9b:9c:15:84:40:10:c2:7b:1c:1f:16:2c:4e:f5:b7:
+         bb:7e:24:79:7a:e6:6b:6e:66:cf:4f:04:e5:31:b9:63:12:80:
+         89:61:fc:ae:47:b3:bd:b0:63:d8:aa:77:ba:25:53:e5:f7:ca:
+         63:d5:7f:6e:80:ed:75:c9:47:59:df:7a:82:87:2e:b8:cf:87:
+         c4:9a:0c:2f:ee:a9:a8:5a:7e:2b:55:30:e9:8b:05:f3:ab:60:
+         7f:49:bd:16:de:73:8d:8f:72:48:35:23:a1:88:88:a8:9a:01:
+         19:6c:6e:06:cf:c3:47:d9:68:0e:42:c3:84:d9:23:71:36:73:
+         c4:9d:bc:ed:f7:9b:e3:a0:8d:89:ac:ec:e7:75:22:1f:99:74:
+         5b:4c:5b:b5:25:e1:7f:02:f3:07:ae:4f:b1:0b:21:f9:17:78:
+         1a:b4:c6:8f:03:91:fb:b2:95:ff:6d:de:37:39:4a:57:c1:8c:
+         da:91:3a:4c:cc:fa:27:9a:4f:42:cb:4c:15:c7:08:34:8f:03:
+         a8:f1:2e:df:64:c5:ec:57:e1:90:77:2f:49:90:c1:23:4d:7b:
+         9e:44:fb:08
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAxMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAF5hgmb9tkV1lFVQue6XGkhzrSS6Ge7O6fMHrFEyEFZqyJTQ/4s36aneKeOZ
-OZ+E9SveV97S2USxKwOaiNLVqEj5KQQ99sBgBhPDLkxzwslqBwpwT0wujAJjl55w
-LJz6+8+pLpzlLxRDP/thbf0XuZTyzcckfuK6Prl231LQ9ytkwTHigA//sXzSrxRL
-7N15pyPJaGrnxi1nJ+c30fiTN1ji85xNOF1YA9Ew96b/Rf5pEdY5HhHWW0J1x2zN
-Jx9ZmIgDoA/6rSgtUHu03HzUW5ID0FXcYiaPUNBr+MSJK4vRd1vpaLYKFR/el/JN
-pa3QPNZo6Ez4oaxEqIJVdmEYry0=
+ggEBABwG9ljuok0R3c5RKuo8HhNiK+IEbcpnKxQb3j5ye9ISKVnpvT83H5ucFYRA
+EMJ7HB8WLE71t7t+JHl65mtuZs9PBOUxuWMSgIlh/K5Hs72wY9iqd7olU+X3ymPV
+f26A7XXJR1nfeoKHLrjPh8SaDC/uqahafitVMOmLBfOrYH9JvRbec42Pckg1I6GI
+iKiaARlsbgbPw0fZaA5Cw4TZI3E2c8SdvO33m+OgjYms7Od1Ih+ZdFtMW7Ul4X8C
+8weuT7ELIfkXeBq0xo8Dkfuylf9t3jc5SlfBjNqROkzM+ieaT0LLTBXHCDSPA6jx
+Lt9kxexX4ZB3L0mQwSNNe55E+wg=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -191,8 +191,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
index abbbb64e..a16ca9a2 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server3-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www3.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22222
 
     Signature Algorithm: sha256WithRSAEncryption
-         53:1b:11:4b:be:f0:22:0d:83:25:ba:b6:6e:c9:52:0f:3e:57:
-         1c:6a:05:8e:2f:9e:04:be:6a:30:8c:cb:49:18:d8:49:cd:5f:
-         f1:05:c4:ea:80:18:bf:ac:7c:4b:a6:b0:a7:88:4d:92:9a:5e:
-         86:77:2d:8b:4e:c8:96:2d:69:c9:9a:9f:ce:02:be:c2:72:ad:
-         d1:a3:ba:b1:9d:90:c6:4c:7b:bb:4f:62:37:96:51:c1:36:e3:
-         23:1d:58:47:4a:d3:e9:66:39:db:81:3d:24:4a:ba:52:37:47:
-         3a:5c:b3:86:74:5d:18:11:6c:4b:d5:ff:ff:22:08:39:2f:f6:
-         60:ba:df:0a:c9:0f:d8:f0:ac:91:42:94:90:6e:04:cc:2d:25:
-         36:cd:39:0c:a4:fb:04:93:19:c6:d7:af:21:00:cf:d2:ce:ff:
-         bb:ea:42:e9:09:1e:2e:94:bb:d3:05:0c:06:2f:ac:52:9f:9d:
-         37:0e:40:a1:67:c6:d3:dc:5d:a8:38:1b:42:90:94:8b:72:4f:
-         b1:c6:2f:06:59:9e:22:de:d9:3e:82:02:b9:5a:db:e4:c6:76:
-         ae:01:70:72:0e:80:a6:eb:1d:a5:95:92:16:23:a5:7f:4a:68:
-         5c:3b:57:7c:44:16:d0:30:fa:0a:a7:23:6d:be:c9:3f:87:86:
-         62:b9:5c:8c
+         64:30:09:ad:e2:e1:ee:8d:00:a6:54:80:95:3c:89:fe:cf:40:
+         2f:28:4a:e0:54:e5:51:79:88:90:95:27:61:9a:3f:3c:a0:b3:
+         a1:9f:01:44:ad:45:a2:cf:cc:2a:10:cc:31:28:48:f4:1a:c7:
+         01:f0:e4:3f:5d:89:39:20:b0:ad:52:0c:f9:f1:d7:82:a6:fa:
+         b2:61:53:1e:97:35:63:15:58:52:fa:1d:88:09:b2:74:6e:5b:
+         76:ab:e9:07:05:e9:97:57:df:f5:73:ec:e2:07:46:f6:5f:fe:
+         03:25:0b:0b:c0:9d:6e:7a:a6:c2:b3:18:79:2f:93:a4:8c:25:
+         71:d1:d8:fe:6d:d1:4a:af:4e:8d:a4:fc:33:f0:78:18:38:3a:
+         dd:e6:1b:7c:94:68:d3:13:9f:a3:56:2c:02:d1:5d:1a:2d:ad:
+         c6:28:4e:58:5d:5f:d6:d6:7c:2c:68:c4:74:71:ab:64:92:75:
+         a7:ba:1f:77:b1:96:fa:0c:e2:81:1f:9e:17:4e:b9:da:1a:33:
+         40:33:12:74:cb:6d:28:e3:cc:0b:c1:30:58:c5:ba:65:66:a8:
+         a1:71:82:76:e7:03:43:8f:7f:03:0f:56:bb:1c:24:93:fb:34:
+         97:1f:09:71:f9:f0:1f:46:42:fb:fe:9d:68:be:25:ea:17:a8:
+         6d:4c:a1:05
 -----BEGIN CERTIFICATE-----
 MIIE7jCCA9agAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
 IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
 My53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
 GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
 b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
 AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
-AQBTGxFLvvAiDYMlurZuyVIPPlccagWOL54EvmowjMtJGNhJzV/xBcTqgBi/rHxL
-prCniE2Sml6Gdy2LTsiWLWnJmp/OAr7Ccq3Ro7qxnZDGTHu7T2I3llHBNuMjHVhH
-StPpZjnbgT0kSrpSN0c6XLOGdF0YEWxL1f//Igg5L/Zgut8KyQ/Y8KyRQpSQbgTM
-LSU2zTkMpPsEkxnG168hAM/Szv+76kLpCR4ulLvTBQwGL6xSn503DkChZ8bT3F2o
-OBtCkJSLck+xxi8GWZ4i3tk+ggK5WtvkxnauAXByDoCm6x2llZIWI6V/SmhcO1d8
-RBbQMPoKpyNtvsk/h4ZiuVyM
+AQBkMAmt4uHujQCmVICVPIn+z0AvKErgVOVReYiQlSdhmj88oLOhnwFErUWiz8wq
+EMwxKEj0GscB8OQ/XYk5ILCtUgz58deCpvqyYVMelzVjFVhS+h2ICbJ0blt2q+kH
+BemXV9/1c+ziB0b2X/4DJQsLwJ1ueqbCsxh5L5OkjCVx0dj+bdFKr06NpPwz8HgY
+ODrd5ht8lGjTE5+jViwC0V0aLa3GKE5YXV/W1nwsaMR0catkknWnuh93sZb6DOKB
+H54XTrnaGjNAMxJ0y20o48wLwTBYxbplZqihcYJ25wNDj38DD1a7HCST+zSXHwlx
++fAfRkL7/p1oviXqF6htTKEF
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
-         fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
-         a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
-         20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
-         1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
-         0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
-         f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
-         9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
-         58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
-         94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
-         5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
-         b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
-         a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
-         48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
-         71:c0:56:12
+         3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+         ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+         20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+         6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+         30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+         3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+         47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+         dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+         38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+         f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+         bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+         27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+         84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+         ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+         fc:9c:2c:f0
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -191,8 +191,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
index fc2e36a4..d11d065a 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server4-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www4.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22222
 
     Signature Algorithm: sha256WithRSAEncryption
-         9c:41:a8:e6:45:2a:be:8c:8a:57:16:8f:b8:5a:b8:b9:e8:13:
-         6e:72:68:50:de:c3:7b:8f:39:37:be:01:ed:17:fb:6b:eb:44:
-         9d:e0:c0:81:37:93:18:88:12:7a:08:b0:7e:69:e9:2d:35:6b:
-         67:6d:22:ff:5c:f0:1f:2e:cd:96:99:ba:c5:42:0d:b1:22:3c:
-         86:ed:88:dc:2e:a4:71:81:22:4d:b8:c5:0c:cb:d6:31:86:34:
-         cb:5d:f3:7e:f2:fb:49:ed:6a:c6:0b:73:39:de:93:cd:15:41:
-         80:b9:c2:94:8b:71:57:09:dd:1e:84:30:e5:a1:77:79:18:26:
-         b6:06:d7:75:5b:ef:2e:cb:be:be:a3:8e:69:69:12:60:fa:46:
-         35:cb:2a:c3:31:65:64:af:da:a9:a1:e9:31:78:39:fa:01:f2:
-         41:c5:5f:3d:db:19:14:6f:10:38:fb:c5:fe:e5:c6:6d:38:c3:
-         bd:f3:73:38:42:93:46:e4:3e:76:f1:eb:98:32:d2:dd:0a:2a:
-         a0:2a:7b:67:e8:cd:ea:52:f7:eb:7c:51:65:e8:25:28:3f:71:
-         c0:2b:fd:7f:b3:ad:e2:a9:3a:f8:0f:72:08:0f:2a:ab:e7:61:
-         2a:b0:45:5c:a0:40:dd:db:1b:13:c3:c2:63:a3:14:42:bb:00:
-         c7:1e:6c:0d
+         78:ac:f7:40:1e:05:a5:e6:46:e0:d9:f7:e6:1b:c8:d2:76:7a:
+         e3:e6:b9:5d:0a:73:47:78:4b:e0:58:e1:d7:86:8d:b0:cc:e1:
+         17:f5:88:c1:84:5a:0f:de:ab:d1:b6:ed:ce:c3:d2:e3:cd:ef:
+         50:6c:90:67:fd:c6:5c:1e:25:28:d6:1f:4e:75:67:b2:9b:16:
+         e7:74:f5:a2:a5:f6:a8:8f:da:de:20:51:c8:60:35:48:f9:0d:
+         5f:b1:45:62:a7:2d:ff:12:f9:29:6c:66:1b:80:33:30:6c:f0:
+         be:f7:22:47:a5:f9:75:e5:fb:1b:0c:fe:f5:09:31:a9:d8:7c:
+         0a:90:7e:92:48:b7:0d:11:a3:eb:39:d1:a8:fe:bd:8b:a6:81:
+         1e:38:7b:73:c7:cd:2e:c6:52:1b:68:60:2f:7d:ca:5e:32:4a:
+         ec:89:8a:50:fd:bc:81:d3:ea:8e:47:3b:8b:77:e7:d8:69:27:
+         86:25:da:24:0f:26:cc:a2:16:04:53:29:4a:55:26:3b:f5:13:
+         f2:5d:01:08:5f:9e:b9:81:48:28:3c:e7:36:6f:f9:76:07:16:
+         b9:79:b7:31:75:35:7e:c3:f0:0b:e2:0f:58:1a:3d:64:70:13:
+         2e:e1:3c:0b:70:08:69:15:bf:58:5c:ca:f3:fa:65:72:77:f7:
+         05:61:d4:d7
 -----BEGIN CERTIFICATE-----
 MIIE7jCCA9agAwIBAgIBCDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NM
 IGludGVybWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYD
 VQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UEAwwQd3d3
 NC53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
@@ -84,12 +84,12 @@ U2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5lZXJpbmcx
 GDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
 b2xmc3NsLmNvbYIBAjALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAkMCIGCCsG
 AQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIyMA0GCSqGSIb3DQEBCwUAA4IB
-AQCcQajmRSq+jIpXFo+4Wri56BNucmhQ3sN7jzk3vgHtF/tr60Sd4MCBN5MYiBJ6
-CLB+aektNWtnbSL/XPAfLs2WmbrFQg2xIjyG7YjcLqRxgSJNuMUMy9YxhjTLXfN+
-8vtJ7WrGC3M53pPNFUGAucKUi3FXCd0ehDDloXd5GCa2Btd1W+8uy76+o45paRJg
-+kY1yyrDMWVkr9qpoekxeDn6AfJBxV892xkUbxA4+8X+5cZtOMO983M4QpNG5D52
-8euYMtLdCiqgKntn6M3qUvfrfFFl6CUoP3HAK/1/s63iqTr4D3IIDyqr52EqsEVc
-oEDd2xsTw8JjoxRCuwDHHmwN
+AQB4rPdAHgWl5kbg2ffmG8jSdnrj5rldCnNHeEvgWOHXho2wzOEX9YjBhFoP3qvR
+tu3Ow9Ljze9QbJBn/cZcHiUo1h9OdWeymxbndPWipfaoj9reIFHIYDVI+Q1fsUVi
+py3/EvkpbGYbgDMwbPC+9yJHpfl15fsbDP71CTGp2HwKkH6SSLcNEaPrOdGo/r2L
+poEeOHtzx80uxlIbaGAvfcpeMkrsiYpQ/byB0+qORzuLd+fYaSeGJdokDybMohYE
+UylKVSY79RPyXQEIX565gUgoPOc2b/l2Bxa5ebcxdTV+w/AL4g9YGj1kcBMu4TwL
+cAhpFb9YXMrz+mVyd/cFYdTX
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL intermediate CA 2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         07:cd:8a:f3:e6:37:76:a8:e8:3b:2a:0f:20:f9:3c:3b:65:f4:
-         fc:0a:c2:83:cd:f9:d8:19:82:6c:42:01:65:ad:a8:80:6a:20:
-         a2:00:d4:e2:bd:61:8c:b1:1d:1f:39:5a:40:3d:9a:5b:47:1c:
-         20:a0:b9:1a:d0:b1:8d:9f:50:d1:04:b8:bd:a4:9c:75:86:e8:
-         1a:c6:da:d8:08:ee:ae:da:0d:12:cb:9e:42:f2:16:5c:c0:bc:
-         0f:f5:e4:1f:59:13:ff:21:4f:3a:66:0f:5d:e0:5c:32:1e:5c:
-         f7:23:4c:ef:6e:5f:e7:97:f1:91:88:36:89:1d:71:19:83:96:
-         9d:92:36:2b:c3:e5:2d:9f:e2:82:e6:53:7c:4a:40:62:67:20:
-         58:c5:d2:f3:b8:21:10:65:a9:6f:cb:2f:20:6f:96:b4:19:ce:
-         94:af:9c:8f:39:0d:18:41:14:0c:87:1d:c0:83:6a:ee:d4:f7:
-         5b:cf:03:a9:9e:65:26:91:2a:c1:f5:dd:03:f3:81:5a:5e:a5:
-         b8:79:2a:9c:16:81:de:d8:19:41:7c:9e:eb:3b:0c:6e:90:be:
-         a0:35:18:ee:4e:05:ae:10:96:38:23:12:8b:68:02:a4:e0:40:
-         48:4b:e0:d0:2f:28:5c:3b:85:4c:39:fa:3b:d5:25:4e:7f:12:
-         71:c0:56:12
+         3b:38:b5:57:a7:f6:d6:b1:19:55:b8:da:47:74:cf:9a:6b:6e:
+         ff:0a:5d:06:17:33:db:db:38:e5:d1:9c:dd:c7:3e:c2:2e:87:
+         20:52:48:d0:ad:0c:12:3e:f7:66:41:64:d2:ca:b3:4c:a1:0a:
+         6c:4b:4b:33:94:74:83:2e:2d:44:5a:13:ae:da:9a:18:87:64:
+         30:cf:69:70:e8:38:47:de:55:27:06:86:9b:24:d5:b0:8f:17:
+         3b:95:87:7e:4a:45:45:2e:6d:70:27:90:32:62:a8:36:3e:47:
+         47:0f:0e:1b:93:cf:3d:3e:9b:2c:9a:ff:0c:ee:a7:1b:40:c4:
+         dc:f2:66:74:eb:d9:11:9d:60:b8:24:b4:89:c1:e4:61:20:3d:
+         38:af:45:ad:e8:ee:69:c3:96:8a:a5:c1:cd:dd:14:87:97:dc:
+         f8:32:84:a8:3b:0a:eb:61:0e:7c:4c:65:69:3d:02:92:db:c4:
+         bf:21:6f:89:fe:cc:76:df:c5:84:fb:c4:ea:1a:60:da:d0:c8:
+         27:7c:65:1b:cb:23:20:5a:e2:23:90:bd:f5:5c:0a:85:51:37:
+         84:47:a7:80:f4:e0:a0:72:8d:7a:b8:71:03:44:59:c6:cf:2c:
+         ae:df:91:a9:74:72:eb:a7:31:b2:81:65:19:e6:df:c3:4b:b7:
+         fc:9c:2c:f0
 -----BEGIN CERTIFICATE-----
 MIIE8DCCA9igAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYDVQQDDBl3b2xmU1NMIGludGVy
 bWVkaWF0ZSBDQSAyMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIB
@@ -177,12 +177,12 @@ DAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYI
 KwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcNAQELBQAD
-ggEBAAfNivPmN3ao6DsqDyD5PDtl9PwKwoPN+dgZgmxCAWWtqIBqIKIA1OK9YYyx
-HR85WkA9mltHHCCguRrQsY2fUNEEuL2knHWG6BrG2tgI7q7aDRLLnkLyFlzAvA/1
-5B9ZE/8hTzpmD13gXDIeXPcjTO9uX+eX8ZGINokdcRmDlp2SNivD5S2f4oLmU3xK
-QGJnIFjF0vO4IRBlqW/LLyBvlrQZzpSvnI85DRhBFAyHHcCDau7U91vPA6meZSaR
-KsH13QPzgVpepbh5KpwWgd7YGUF8nus7DG6QvqA1GO5OBa4QljgjEotoAqTgQEhL
-4NAvKFw7hUw5+jvVJU5/EnHAVhI=
+ggEBADs4tVen9taxGVW42kd0z5prbv8KXQYXM9vbOOXRnN3HPsIuhyBSSNCtDBI+
+92ZBZNLKs0yhCmxLSzOUdIMuLURaE67amhiHZDDPaXDoOEfeVScGhpsk1bCPFzuV
+h35KRUUubXAnkDJiqDY+R0cPDhuTzz0+myya/wzupxtAxNzyZnTr2RGdYLgktInB
+5GEgPTivRa3o7mnDloqlwc3dFIeX3PgyhKg7CuthDnxMZWk9ApLbxL8hb4n+zHbf
+xYT7xOoaYNrQyCd8ZRvLIyBa4iOQvfVcCoVRN4RHp4D04KByjXq4cQNEWcbPLK7f
+kal0cuunMbKBZRnm38NLt/ycLPA=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -191,8 +191,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem b/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
index 0d2bfa2f..0f42ba25 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/ocsp/server5-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = www5.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -47,27 +47,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22223
 
     Signature Algorithm: sha256WithRSAEncryption
-         0f:48:1f:2c:44:58:6e:56:07:19:c2:7e:5e:80:60:c6:b8:df:
-         fb:71:6e:ae:e9:a4:1d:2a:4c:6a:ef:41:78:20:df:15:3b:82:
-         7c:5c:c3:00:51:f5:27:41:58:50:dc:bb:a8:71:0a:d6:3e:d8:
-         9b:27:03:70:39:01:08:7a:06:59:e2:51:1d:b4:74:c4:e3:ae:
-         1b:0e:1f:9c:d2:95:df:79:51:4c:a5:d2:48:8d:9a:ed:1e:21:
-         fd:59:e4:45:b4:bd:ac:d7:1a:1a:e7:9f:c6:ac:17:4f:2c:0d:
-         e6:39:fd:c3:68:37:c7:c8:42:ca:da:83:42:73:76:ae:64:20:
-         f7:99:46:7c:d8:a4:1c:f6:27:3b:06:e2:25:7b:e7:98:83:8c:
-         d0:8a:0c:69:ce:7a:c7:19:a7:5b:25:52:bd:4e:d6:2d:2e:1b:
-         02:29:17:c9:d9:5a:d2:f8:4c:ff:98:1a:50:d5:08:78:45:af:
-         ad:6b:a6:92:b5:fc:d4:5f:34:48:b7:9d:6a:f9:22:bd:b0:23:
-         99:6b:f1:63:00:ac:68:59:63:88:01:ba:1b:00:81:1c:cd:3a:
-         b2:77:95:e6:65:d4:06:a8:95:22:a4:81:9b:8c:0f:44:94:73:
-         1c:ee:2a:89:38:f1:c9:bd:9f:24:b4:f8:b8:71:cc:1a:f4:d0:
-         d6:f4:d5:2a
+         84:bf:97:d9:fd:33:9a:1b:36:a4:48:58:45:f6:97:3b:58:4d:
+         40:ba:46:d0:7a:e3:53:40:d3:45:7f:1e:87:fd:66:bb:c0:43:
+         93:34:76:0b:68:31:e5:fb:89:15:d5:b3:59:c5:a3:f5:e7:79:
+         65:b3:1d:38:d2:cd:af:4d:7d:ea:9e:3e:ce:7e:51:90:83:b6:
+         19:2e:30:d5:0e:94:03:d2:5c:a0:d9:25:3f:8d:c2:97:67:ea:
+         4a:a6:f0:32:b3:e7:b6:bf:dc:a6:7a:5c:23:b8:46:05:52:80:
+         b1:9e:1e:53:05:a7:93:ce:2a:43:ae:f5:58:61:2d:d8:2d:77:
+         c9:50:7e:4a:47:36:04:0b:4c:23:b3:c8:f5:99:97:5c:5d:f1:
+         d9:f2:9a:5e:78:72:02:61:4f:eb:55:53:f1:bd:1c:45:75:fd:
+         7c:2e:db:41:ef:54:47:9b:9a:b9:60:fd:77:f9:9b:36:76:93:
+         ee:73:12:49:3e:bb:62:8a:3f:02:58:ba:73:16:e7:53:81:c2:
+         5c:f3:21:32:fe:60:42:dc:d5:8a:6a:9f:60:cc:1c:76:5a:e4:
+         9c:30:da:9e:32:d0:ca:d6:a5:d6:3e:28:9d:09:68:dc:6e:d9:
+         fd:54:92:5e:0d:20:4c:96:ff:f2:01:b5:72:22:cb:f1:fc:ed:
+         c7:cf:b1:54
 -----BEGIN CERTIFICATE-----
 MIIE9DCCA9ygAwIBAgIBCTANBgkqhkiG9w0BAQsFADCBpzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NM
 IFJFVk9LRUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZgxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkzMFoXDTI2MDkwODIyMTkzMFowgZgxCzAJ
 BgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxl
 MRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEZMBcGA1UE
 AwwQd3d3NS53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
@@ -84,12 +84,12 @@ A1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNTTDEUMBIGA1UECwwLRW5naW5l
 ZXJpbmcxGDAWBgNVBAMMD3dvbGZTU0wgcm9vdCBDQTEfMB0GCSqGSIb3DQEJARYQ
 aW5mb0B3b2xmc3NsLmNvbYIBAzALBgNVHQ8EBAMCBeAwMgYIKwYBBQUHAQEEJjAk
 MCIGCCsGAQUFBzABhhZodHRwOi8vMTI3LjAuMC4xOjIyMjIzMA0GCSqGSIb3DQEB
-CwUAA4IBAQAPSB8sRFhuVgcZwn5egGDGuN/7cW6u6aQdKkxq70F4IN8VO4J8XMMA
-UfUnQVhQ3LuocQrWPtibJwNwOQEIegZZ4lEdtHTE464bDh+c0pXfeVFMpdJIjZrt
-HiH9WeRFtL2s1xoa55/GrBdPLA3mOf3DaDfHyELK2oNCc3auZCD3mUZ82KQc9ic7
-BuIle+eYg4zQigxpznrHGadbJVK9TtYtLhsCKRfJ2VrS+Ez/mBpQ1Qh4Ra+ta6aS
-tfzUXzRIt51q+SK9sCOZa/FjAKxoWWOIAbobAIEczTqyd5XmZdQGqJUipIGbjA9E
-lHMc7iqJOPHJvZ8ktPi4ccwa9NDW9NUq
+CwUAA4IBAQCEv5fZ/TOaGzakSFhF9pc7WE1AukbQeuNTQNNFfx6H/Wa7wEOTNHYL
+aDHl+4kV1bNZxaP153llsx040s2vTX3qnj7OflGQg7YZLjDVDpQD0lyg2SU/jcKX
+Z+pKpvAys+e2v9ymelwjuEYFUoCxnh5TBaeTzipDrvVYYS3YLXfJUH5KRzYEC0wj
+s8j1mZdcXfHZ8ppeeHICYU/rVVPxvRxFdf18LttB71RHm5q5YP13+Zs2dpPucxJJ
+Prtiij8CWLpzFudTgcJc8yEy/mBC3NWKap9gzBx2WuScMNqeMtDK1qXWPiidCWjc
+btn9VJJeDSBMlv/yAbVyIsvx/O3Hz7FU
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -98,8 +98,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL REVOKED intermediate CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -140,27 +140,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         a4:9b:e4:ec:56:45:77:92:36:91:66:cc:25:11:1a:1d:48:d5:
-         f8:4a:32:04:6f:ea:76:c7:0c:27:8a:8c:f1:ef:08:d4:47:60:
-         66:5e:3f:61:76:fc:a2:84:c1:42:01:89:b6:17:d9:eb:14:e6:
-         61:7e:8e:18:2e:64:be:14:ef:2d:ce:63:10:d6:b3:00:ec:f3:
-         fc:4f:a0:1b:6f:e7:75:18:fe:ca:ef:47:12:dc:c8:ae:f9:05:
-         2b:84:14:d5:ad:df:58:84:81:33:51:90:5d:29:b8:ff:48:6b:
-         f5:bb:e9:c7:be:6f:e1:6a:ca:71:47:1f:97:7f:1d:00:56:9a:
-         59:f6:78:4e:95:6c:e8:51:73:8e:9d:f3:62:00:f7:65:bd:09:
-         d7:e4:ae:7e:04:ee:1e:eb:f3:83:3f:2a:44:f4:98:f8:ef:31:
-         ed:06:77:60:e3:f2:6b:b6:dd:3e:ed:45:aa:07:a9:7f:99:f5:
-         2d:9b:ce:10:16:3a:cd:96:fb:40:1b:18:f4:eb:6f:f0:dc:ee:
-         e8:aa:30:13:3c:d6:1e:46:7d:55:1f:0b:86:5c:13:f9:2f:83:
-         b8:65:55:8d:3e:56:8b:d9:b7:e1:1b:2d:ab:f2:e7:3a:c4:6f:
-         2a:c9:f0:f9:96:82:93:ac:a7:06:1c:0e:bb:2a:ff:6a:be:eb:
-         91:b0:8c:dc
+         2f:e1:b0:99:a9:71:0e:41:f8:b1:9d:38:c8:f4:3d:7c:79:ce:
+         d2:94:01:2a:b6:71:1b:4c:64:19:27:02:71:b4:43:64:42:f9:
+         2b:71:39:6e:64:4e:e8:32:b1:1e:1b:fd:7d:22:cb:8a:9c:34:
+         ce:ef:bb:dd:f2:4f:83:58:33:34:01:cb:b4:35:e2:ba:c6:cc:
+         aa:2f:ed:2e:e9:04:ec:cd:7f:06:50:b3:4e:37:cd:fe:96:69:
+         da:a3:fe:63:78:83:c5:86:7e:03:b2:11:e5:94:f8:56:e9:d1:
+         dd:5d:b4:05:4d:26:0e:09:c2:50:32:ce:6d:da:6b:b7:ee:e1:
+         1b:a9:b0:0f:59:d6:03:16:ee:47:16:2f:1f:58:f9:f8:48:d9:
+         59:ed:61:a1:af:7e:92:38:2e:40:0c:9b:e7:21:90:3b:10:6f:
+         61:ad:e0:95:57:e2:d5:39:dc:83:54:88:99:4a:5e:21:94:ce:
+         f9:0f:5e:e9:22:10:55:bb:97:f4:51:3f:50:83:ed:63:fb:ab:
+         d2:02:b3:aa:26:f7:fc:72:1c:84:e9:a0:a3:fa:b2:22:90:c8:
+         ac:61:84:2a:bd:3f:75:1f:1b:bf:83:a8:90:ce:4c:de:ee:eb:
+         65:b4:ff:f0:7a:b2:11:7a:78:60:c4:6e:da:e3:c8:a3:57:5b:
+         8f:58:e4:49
 -----BEGIN CERTIFICATE-----
 MIIE9jCCA96gAwIBAgIBAzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBpzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSgwJgYDVQQDDB93b2xmU1NMIFJFVk9L
 RUQgaW50ZXJtZWRpYXRlIENBMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -177,12 +177,12 @@ DgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3b2xmU1NMMRQwEgYDVQQLDAtFbmdp
 bmVlcmluZzEYMBYGA1UEAwwPd29sZlNTTCByb290IENBMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFjMAsGA1UdDwQEAwIBBjAyBggrBgEFBQcBAQQm
 MCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly8xMjcuMC4wLjE6MjIyMjAwDQYJKoZIhvcN
-AQELBQADggEBAKSb5OxWRXeSNpFmzCURGh1I1fhKMgRv6nbHDCeKjPHvCNRHYGZe
-P2F2/KKEwUIBibYX2esU5mF+jhguZL4U7y3OYxDWswDs8/xPoBtv53UY/srvRxLc
-yK75BSuEFNWt31iEgTNRkF0puP9Ia/W76ce+b+FqynFHH5d/HQBWmln2eE6VbOhR
-c46d82IA92W9Cdfkrn4E7h7r84M/KkT0mPjvMe0Gd2Dj8mu23T7tRaoHqX+Z9S2b
-zhAWOs2W+0AbGPTrb/Dc7uiqMBM81h5GfVUfC4ZcE/kvg7hlVY0+VovZt+EbLavy
-5zrEbyrJ8PmWgpOspwYcDrsq/2q+65GwjNw=
+AQELBQADggEBAC/hsJmpcQ5B+LGdOMj0PXx5ztKUASq2cRtMZBknAnG0Q2RC+Stx
+OW5kTugysR4b/X0iy4qcNM7vu93yT4NYMzQBy7Q14rrGzKov7S7pBOzNfwZQs043
+zf6Wadqj/mN4g8WGfgOyEeWU+Fbp0d1dtAVNJg4JwlAyzm3aa7fu4RupsA9Z1gMW
+7kcWLx9Y+fhI2VntYaGvfpI4LkAMm+chkDsQb2Gt4JVX4tU53INUiJlKXiGUzvkP
+XukiEFW7l/RRP1CD7WP7q9ICs6om9/xyHITpoKP6siKQyKxhhCq9P3UfG7+DqJDO
+TN7u62W0//B6shF6eGDEbtrjyKNXW49Y5Ek=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -191,8 +191,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Engineering, CN = wolfSSL root CA, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -233,27 +233,27 @@ Certificate:
                 OCSP - URI:http://127.0.0.1:22220
 
     Signature Algorithm: sha256WithRSAEncryption
-         61:fc:6f:3d:f5:07:35:f4:3c:55:de:78:74:83:96:b8:3d:11:
-         05:a4:d6:9a:c1:24:89:6f:9d:d5:0c:04:37:b5:97:06:b8:4f:
-         87:d1:01:9c:17:2b:20:c7:5a:7e:55:1b:5a:aa:e7:d2:2a:c7:
-         ad:6d:de:17:cb:4c:4b:b0:64:3e:71:9f:03:18:c8:b4:79:62:
-         95:63:67:23:ee:68:5b:68:48:3f:44:75:a2:ae:ee:90:df:fb:
-         0d:c1:96:0b:e3:4f:4a:16:b4:1c:26:9b:66:a0:32:35:e3:68:
-         81:e6:a3:1e:0a:7b:6c:8e:4e:3f:73:bf:96:6c:f0:ca:89:d1:
-         d2:f8:6b:cb:5a:2f:73:ed:e9:25:2f:2d:24:24:82:b4:0f:b9:
-         84:f5:98:ce:8e:87:da:cc:2a:ae:61:d8:fb:3e:c0:b7:6d:30:
-         f3:7a:9b:d5:65:81:e8:3e:07:a5:e0:14:cd:32:1f:d1:68:43:
-         81:92:e3:94:0f:55:34:04:5a:c4:6d:e8:c1:7b:d3:27:32:52:
-         90:3b:10:6b:83:9d:9f:87:6f:49:f4:85:eb:d7:da:9a:2b:a4:
-         85:f1:48:ba:9d:84:ea:7c:4c:d5:e4:ec:c2:9f:da:e7:a9:82:
-         e3:3f:7a:2d:48:37:dd:ef:61:9e:f7:d2:8b:3d:9e:e8:b1:5c:
-         25:f7:16:61
+         63:f7:e7:80:e2:73:b0:7f:c2:32:c0:20:45:01:1e:40:bc:85:
+         8e:7f:04:3b:c6:fe:3f:d1:b9:14:ce:06:d9:e8:fc:cd:b9:1d:
+         0f:cb:89:71:a9:34:67:e8:be:b8:27:d1:1f:c4:ff:9b:9d:b9:
+         bd:f8:23:c7:e5:7f:04:20:de:b1:30:b2:5d:c2:99:a5:f8:34:
+         9d:d7:0a:bc:b5:3a:84:64:2e:5b:24:34:01:da:03:a9:bb:cf:
+         f2:0d:0e:06:68:de:34:90:cb:42:3a:62:31:d0:d6:7d:26:ca:
+         14:e5:87:70:51:a2:71:85:cf:4e:af:7c:6c:45:69:d1:3c:6c:
+         9c:47:35:be:13:bc:12:a9:ea:c4:2f:71:d3:a5:6b:10:4b:85:
+         68:93:68:81:1c:9f:e6:6a:e7:c0:e1:a6:09:28:f9:d4:a4:55:
+         e8:dc:e3:e2:14:86:0c:ef:3d:7a:7f:8d:d2:a3:e6:c8:0b:e7:
+         1c:45:6d:0d:e9:9a:d6:38:4f:52:73:a7:5c:04:e9:ce:77:af:
+         94:97:7b:56:a8:eb:bc:b6:f6:7a:ed:6a:8f:68:04:b4:ea:ce:
+         05:d8:f7:bc:99:ae:6f:38:9a:ee:23:4d:c5:53:e6:70:fe:5c:
+         60:68:c4:0c:79:c3:eb:49:d5:df:a6:98:5b:ba:6e:f6:c6:30:
+         e0:5e:3e:c3
 -----BEGIN CERTIFICATE-----
 MIIE5jCCA86gAwIBAgIBYzANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoM
 B3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NM
-IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIx
-MjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+IHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMx
+MjEzMjIxOTMwWhcNMjYwOTA4MjIxOTMwWjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
 BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
 U0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93b2xmU1NMIHJvb3Qg
 Q0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0GCSqGSIb3
@@ -269,11 +269,11 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 EDAOBgNVBAoMB3dvbGZTU0wxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQD
 DA93b2xmU1NMIHJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
 b22CAWMwCwYDVR0PBAQDAgEGMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYW
-aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAYfxvPfUH
-NfQ8Vd54dIOWuD0RBaTWmsEkiW+d1QwEN7WXBrhPh9EBnBcrIMdaflUbWqrn0irH
-rW3eF8tMS7BkPnGfAxjItHlilWNnI+5oW2hIP0R1oq7ukN/7DcGWC+NPSha0HCab
-ZqAyNeNogeajHgp7bI5OP3O/lmzwyonR0vhry1ovc+3pJS8tJCSCtA+5hPWYzo6H
-2swqrmHY+z7At20w83qb1WWB6D4HpeAUzTIf0WhDgZLjlA9VNARaxG3owXvTJzJS
-kDsQa4Odn4dvSfSF69famiukhfFIup2E6nxM1eTswp/a56mC4z96LUg33e9hnvfS
-iz2e6LFcJfcWYQ==
+aHR0cDovLzEyNy4wLjAuMToyMjIyMDANBgkqhkiG9w0BAQsFAAOCAQEAY/fngOJz
+sH/CMsAgRQEeQLyFjn8EO8b+P9G5FM4G2ej8zbkdD8uJcak0Z+i+uCfRH8T/m525
+vfgjx+V/BCDesTCyXcKZpfg0ndcKvLU6hGQuWyQ0AdoDqbvP8g0OBmjeNJDLQjpi
+MdDWfSbKFOWHcFGicYXPTq98bEVp0TxsnEc1vhO8EqnqxC9x06VrEEuFaJNogRyf
+5mrnwOGmCSj51KRV6Nzj4hSGDO89en+N0qPmyAvnHEVtDema1jhPUnOnXATpznev
+lJd7VqjrvLb2eu1qj2gEtOrOBdj3vJmubzia7iNNxVPmcP5cYGjEDHnD60nV36aY
+W7pu9sYw4F4+ww==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der b/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
index f9642d3c..2456e055 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-multi-response.der
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
index e3a93287..0214d02a 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response-nointern.der
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
index 32d419d8..6c77e21c 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/ocsp/test-response.der b/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
index f0d5fc8f..6fffc3e7 100644
--- a/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
+++ b/extra/wolfssl/wolfssl/certs/ocsp/test-response.der
diff --git a/extra/wolfssl/wolfssl/certs/p521/ca-p521.der b/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
index cf56b0c4..20d9279c 100644
--- a/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/ca-p521.der
diff --git a/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem b/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
index f9cbcad4..992cdbfd 100644
--- a/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/ca-p521.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -34,20 +34,20 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:88:02:42:01:ac:ed:31:5e:dc:f2:66:a1:d4:26:4a:82:
-         31:b2:24:46:93:db:4c:62:bc:77:30:97:96:ef:a2:2d:21:45:
-         0a:18:0c:bc:a6:1c:6c:68:69:63:a0:60:66:18:63:e9:ee:4c:
-         cc:6c:8f:c8:45:b9:32:d2:3c:9b:6e:f7:6b:8c:bd:08:5f:02:
-         42:01:53:85:38:dc:06:3a:75:be:c7:9c:7d:02:77:e5:8b:ba:
-         a6:f8:9f:e1:80:79:cb:e1:4a:44:e3:f8:8b:00:46:2c:66:b0:
-         95:1c:d7:2f:59:70:6a:c9:47:d6:c9:74:16:1f:8a:90:ad:f8:
-         bd:5f:df:97:ad:c9:f8:0b:bc:3c:ca:c7:cc
+         30:81:88:02:42:01:7a:a6:21:f5:b6:c2:fa:e1:44:c6:03:f5:
+         54:2d:35:ef:d9:55:f6:61:45:90:48:8c:c2:3e:81:76:30:06:
+         05:c2:db:32:19:b5:df:37:44:a6:3f:33:fa:3a:c7:91:ae:0f:
+         fb:10:8b:b8:4d:41:b3:ed:c2:d2:5c:37:28:eb:d7:b7:6c:02:
+         42:01:47:23:40:e8:e2:ca:61:74:29:e0:a6:71:5b:0a:c9:45:
+         17:04:7d:5d:11:02:d7:f0:af:60:e0:4c:0a:97:96:09:2e:e0:
+         25:f8:50:d8:9c:f9:bd:17:3d:d3:50:cc:49:06:81:7e:af:fa:
+         85:b8:1f:80:c4:64:08:56:53:39:8d:2f:40
 -----BEGIN CERTIFICATE-----
 MIIDITCCAoKgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO
 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
 U0xfUDUyMTESMBAGA1UECwwJUm9vdC1QNTIxMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfcDUy
 MTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w
 HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwH
@@ -57,7 +57,7 @@ x7L8AYaR7UNdOOAMJY2z27Hc3rchgM+H3mT0IT4tr3m99tAAS4F5+vcQqhnNQNce
 dTRTKQPtSFQh5Y+VtZtBjV/dctJao2MwYTAdBgNVHQ4EFgQUQIkdMF4MbtU9xtUl
 kNq2Qmft6YIwHwYDVR0jBBgwFoAUZKdolVMzGKIgkrxkVaarynZom8gwDwYDVR0T
 AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDgYwAMIGIAkIB
-rO0xXtzyZqHUJkqCMbIkRpPbTGK8dzCXlu+iLSFFChgMvKYcbGhpY6BgZhhj6e5M
-zGyPyEW5MtI8m273a4y9CF8CQgFThTjcBjp1vsecfQJ35Yu6pvif4YB5y+FKROP4
-iwBGLGawlRzXL1lwaslH1sl0Fh+KkK34vV/fl63J+Au8PMrHzA==
+eqYh9bbC+uFExgP1VC0179lV9mFFkEiMwj6BdjAGBcLbMhm13zdEpj8z+jrHka4P
++xCLuE1Bs+3C0lw3KOvXt2wCQgFHI0Do4sphdCngpnFbCslFFwR9XREC1/CvYOBM
+CpeWCS7gJfhQ2Jz5vRc901DMSQaBfq/6hbgfgMRkCFZTOY0vQA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/client-p521.der b/extra/wolfssl/wolfssl/certs/p521/client-p521.der
index 68ff3b3f..2a7afad0 100644
--- a/extra/wolfssl/wolfssl/certs/p521/client-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/client-p521.der
diff --git a/extra/wolfssl/wolfssl/certs/p521/client-p521.pem b/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
index 41560eb6..43abb654 100644
--- a/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/client-p521.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            1b:e7:ad:f2:5f:af:5f:50:fd:42:84:2e:ea:1b:dc:6f:c5:1a:8b:4c
+            55:89:bc:f6:2c:af:36:2b:2f:5f:8c:ec:da:ed:37:60:89:d1:7f:81
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Client-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Client-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -30,7 +30,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:20:E1:BF:57:E5:F3:C3:0C:72:84:6A:C6:DF:BC:22:D0:B7:25:E5:A4
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_p521/OU=Client-p521/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
-                serial:1B:E7:AD:F2:5F:AF:5F:50:FD:42:84:2E:EA:1B:DC:6F:C5:1A:8B:4C
+                serial:55:89:BC:F6:2C:AF:36:2B:2F:5F:8C:EC:DA:ED:37:60:89:D1:7F:81
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -39,21 +39,21 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:88:02:42:01:cc:61:be:73:0b:51:f7:60:c9:52:97:d8:
-         69:4f:ce:33:17:36:0e:04:a6:aa:28:c5:2d:78:95:6a:85:7e:
-         40:c7:04:ab:62:70:1c:3d:8c:94:99:57:ce:27:6b:39:8d:47:
-         ef:d2:cc:b7:57:1c:f4:0a:d0:ea:30:5f:2b:37:9c:c1:80:02:
-         42:01:02:71:1e:00:5e:8f:d1:b0:e4:fd:7b:eb:be:13:8d:84:
-         6e:6c:7b:23:60:d5:33:3a:38:2d:5d:82:1c:b1:cd:ba:be:e2:
-         2c:32:67:95:e9:c6:c3:07:a0:7c:ba:14:f3:1e:b5:aa:63:1e:
-         69:5e:a0:21:b7:8f:7b:af:38:6a:4e:ae:25
+         30:81:88:02:42:01:3f:4e:19:e3:8b:f6:83:21:55:cb:49:cf:
+         bf:35:16:9c:cd:fb:5d:d8:d3:34:a2:35:ff:67:40:b6:3e:3d:
+         6e:2f:1d:01:78:7a:87:b1:ae:ad:cb:b3:8a:9a:4a:5b:a4:e2:
+         c9:6e:42:10:39:20:64:98:64:9b:2f:da:15:94:c8:51:ea:02:
+         42:00:bf:77:aa:d8:22:6b:b8:a0:9b:bf:5e:89:5d:f0:54:8e:
+         3c:08:a7:cb:28:11:c5:e1:45:17:d1:bf:d5:dc:bb:65:37:f1:
+         90:12:6c:62:d5:b5:b2:8f:73:e8:1b:ac:a8:80:03:a7:22:5d:
+         dc:1b:7d:c2:62:c4:f7:e4:ec:73:65:21:9f
 -----BEGIN CERTIFICATE-----
-MIIEVTCCA7agAwIBAgIUG+et8l+vX1D9QoQu6hvcb8Uai0wwCgYIKoZIzj0EAwIw
+MIIEVTCCA7agAwIBAgIUVYm89iyvNisvX4zs2u03YInRf4EwCgYIKoZIzj0EAwIw
 gbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjExFDASBgNVBAsMC0NsaWVudC1wNTIx
 MRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9A
-d29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIx
-MTc1MFoXDTI1MDkxMTIxMTc1MFowgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+d29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIy
+MTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
 b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjEx
 FDASBgNVBAsMC0NsaWVudC1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x
 HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEB
@@ -65,11 +65,11 @@ wwxyhGrG37wi0Lcl5aQwgfIGA1UdIwSB6jCB54AUIOG/V+XzwwxyhGrG37wi0Lcl
 5aShgbikgbUwgbIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
 VQQHDAdCb3plbWFuMRUwEwYDVQQKDAx3b2xmU1NMX3A1MjExFDASBgNVBAsMC0Ns
 aWVudC1wNTIxMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
-CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMghQb
-563yX69fUP1ChC7qG9xvxRqLTDAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4
+CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMghRV
+ibz2LK82Ky9fjOza7TdgidF/gTAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4
 YW1wbGUuY29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAK
-BggqhkjOPQQDAgOBjAAwgYgCQgHMYb5zC1H3YMlSl9hpT84zFzYOBKaqKMUteJVq
-hX5AxwSrYnAcPYyUmVfOJ2s5jUfv0sy3Vxz0CtDqMF8rN5zBgAJCAQJxHgBej9Gw
-5P17674TjYRubHsjYNUzOjgtXYIcsc26vuIsMmeV6cbDB6B8uhTzHrWqYx5pXqAh
-t497rzhqTq4l
+BggqhkjOPQQDAgOBjAAwgYgCQgE/Thnji/aDIVXLSc+/NRaczftd2NM0ojX/Z0C2
+Pj1uLx0BeHqHsa6ty7OKmkpbpOLJbkIQOSBkmGSbL9oVlMhR6gJCAL93qtgia7ig
+m79eiV3wVI48CKfLKBHF4UUX0b/V3LtlN/GQEmxi1bWyj3PoG6yogAOnIl3cG33C
+YsT35OxzZSGf
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/root-p521.der b/extra/wolfssl/wolfssl/certs/p521/root-p521.der
index f1f52b2a..a2c9eaef 100644
--- a/extra/wolfssl/wolfssl/certs/p521/root-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/root-p521.der
diff --git a/extra/wolfssl/wolfssl/certs/p521/root-p521.pem b/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
index 6162afc9..94c67397 100644
--- a/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/root-p521.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            5e:2d:39:08:4a:69:db:18:5b:e0:10:c7:3a:14:36:d2:7b:09:55:60
+            5a:b0:33:c0:79:0a:75:aa:a7:98:c9:77:e2:a0:3b:25:21:9c:19:85
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -35,20 +35,20 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:86:02:41:23:19:29:57:83:27:13:0e:21:b2:35:d2:a9:
-         32:56:86:88:78:9f:54:a2:f2:17:b1:d1:44:ee:53:2a:90:b2:
-         5e:0e:00:c9:9f:7e:94:59:47:28:13:a0:3b:8d:8e:b2:b5:25:
-         61:37:d1:94:b8:3b:d1:6f:5f:91:e1:3b:69:f2:8d:04:02:41:
-         10:e8:8d:c1:25:2e:64:1d:93:50:eb:b1:77:f1:93:83:48:d6:
-         6b:b0:d2:ae:8f:4f:14:1e:f2:93:df:2b:4d:53:df:8f:a6:ea:
-         0a:48:67:08:c2:a4:29:f3:b4:7f:63:0b:2f:46:63:7b:6b:4f:
-         e4:b6:f0:df:24:82:e4:a4:e3:78:80
+         30:81:87:02:42:00:f8:22:58:d1:cc:73:6f:28:15:7f:86:18:
+         d9:af:ed:44:51:bb:0a:6b:43:99:9d:97:b3:6e:ae:ac:61:09:
+         f5:55:6a:3c:35:fd:b5:2f:7f:d5:e2:93:10:93:99:ae:d7:75:
+         05:be:68:ca:13:b1:e5:d1:05:24:f9:5f:6a:f9:c2:7b:4a:02:
+         41:60:8b:76:dd:e0:02:de:2e:e7:ff:3b:33:f8:ef:6d:ca:31:
+         45:cb:cd:9e:73:f4:f1:26:eb:2a:6c:6c:ea:3f:81:f3:78:55:
+         5e:25:74:27:cb:57:8c:60:be:39:80:f6:e3:43:d8:80:b5:f9:
+         c5:8d:6d:c2:a8:6e:3e:67:50:5a:97:8e
 -----BEGIN CERTIFICATE-----
-MIIDGzCCAn6gAwIBAgIUXi05CEpp2xhb4BDHOhQ20nsJVWAwCgYIKoZIzj0EAwIw
+MIIDHDCCAn6gAwIBAgIUWrAzwHkKdaqnmMl34qA7JSGcGYUwCgYIKoZIzj0EAwIw
 gZcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMRUwEwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZcxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgZcxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRUw
 EwYDVQQKDAx3b2xmU1NMX1A1MjExEjAQBgNVBAsMCVJvb3QtUDUyMTEYMBYGA1UE
 AwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
@@ -57,8 +57,8 @@ UxW9X1Pvy3OpyBRsb33FfLS7jlbCQ0X7WBzGRT1/5U6AzETBBnp14WnJiqgBet8A
 RElznC9QP4OgHovRqvsIDJAFDQwXMVE+1oU7CRKC0aYIzchPalrIjI5dv9rMW5Wh
 6FopeCKyukmhhcZIinFTjYmjYzBhMB0GA1UdDgQWBBRkp2iVUzMYoiCSvGRVpqvK
 dmibyDAfBgNVHSMEGDAWgBRkp2iVUzMYoiCSvGRVpqvKdmibyDAPBgNVHRMBAf8E
-BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBigAwgYYCQSMZKVeD
-JxMOIbI10qkyVoaIeJ9UovIXsdFE7lMqkLJeDgDJn36UWUcoE6A7jY6ytSVhN9GU
-uDvRb1+R4Ttp8o0EAkEQ6I3BJS5kHZNQ67F38ZODSNZrsNKuj08UHvKT3ytNU9+P
-puoKSGcIwqQp87R/YwsvRmN7a0/ktvDfJILkpON4gA==
+BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAgOBiwAwgYcCQgD4IljR
+zHNvKBV/hhjZr+1EUbsKa0OZnZezbq6sYQn1VWo8Nf21L3/V4pMQk5mu13UFvmjK
+E7Hl0QUk+V9q+cJ7SgJBYIt23eAC3i7n/zsz+O9tyjFFy82ec/TxJusqbGzqP4Hz
+eFVeJXQny1eMYL45gPbjQ9iAtfnFjW3CqG4+Z1Bal44=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem b/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
index 18476c9c..5bc07c73 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -38,20 +38,20 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:88:02:42:01:ab:16:c5:5c:76:07:6c:fd:5f:ca:01:bd:
-         a4:22:7a:ab:be:9a:9c:3b:c7:6b:bb:5a:c1:60:9b:21:4d:c8:
-         c6:1c:bd:22:e3:20:ff:69:16:2a:12:2d:62:ea:36:57:fa:30:
-         9b:d0:bf:fe:84:68:6b:6c:0c:e2:e7:bc:0d:dd:78:06:ab:02:
-         42:00:cc:ec:88:c4:e2:45:9e:97:df:a7:e9:9c:02:be:8e:7f:
-         a7:70:11:40:7b:5b:b9:8c:04:94:82:5a:8a:41:9f:77:ac:90:
-         dc:f6:0a:d8:79:b2:ca:5a:c7:26:23:f8:3e:01:e4:db:0a:17:
-         84:44:5d:34:69:1f:b6:88:55:a3:86:8a:0f
+         30:81:87:02:41:51:c1:26:8c:3f:53:fe:7c:28:f5:3f:81:e6:
+         de:7b:ae:ad:f3:6e:be:c2:3a:88:91:f7:31:e8:24:5c:67:08:
+         7d:34:f5:54:2e:0a:50:f4:f7:9d:d5:96:19:ec:49:2c:da:a8:
+         a0:2a:08:71:cd:b7:17:1a:e3:10:b2:bf:41:8d:aa:b2:02:42:
+         01:00:b1:0d:96:19:a0:b1:76:d6:e1:a5:44:41:d4:c8:53:5a:
+         57:4a:b9:4a:a4:6a:ef:cd:97:e9:e4:4d:7c:c8:ea:37:37:61:
+         1a:ec:c7:1e:20:cd:2c:05:64:dd:54:e2:06:7b:74:af:05:0d:
+         59:5c:e9:cd:e8:a8:61:92:cb:8c:d9:f0
 -----BEGIN CERTIFICATE-----
-MIIDYzCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
+MIIDYjCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
 U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
 Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPy
-LGQBAQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGy
+LGQBAQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGy
 MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
 bjEVMBMGA1UECgwMd29sZlNTTF9wNTIxMRQwEgYDVQQLDAtTZXJ2ZXItcDUyMTEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -62,8 +62,8 @@ RpMf1WBjpi59jeo/4FvlyG4fp9mjWeWWJyL0AiuvW3gfE6gii+yuAX3AYROkNQoh
 o4GJMIGGMB0GA1UdDgQWBBSFhp+uc1+Udyc7FRXGeQeoQkse8zAfBgNVHSMEGDAW
 gBRAiR0wXgxu1T3G1SWQ2rZCZ+3pgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
 AwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAwCgYI
-KoZIzj0EAwIDgYwAMIGIAkIBqxbFXHYHbP1fygG9pCJ6q76anDvHa7tawWCbIU3I
-xhy9IuMg/2kWKhItYuo2V/owm9C//oRoa2wM4ue8Dd14BqsCQgDM7IjE4kWel9+n
-6ZwCvo5/p3ARQHtbuYwElIJaikGfd6yQ3PYK2HmyylrHJiP4PgHk2woXhERdNGkf
-tohVo4aKDw==
+KoZIzj0EAwIDgYsAMIGHAkFRwSaMP1P+fCj1P4Hm3nuurfNuvsI6iJH3MegkXGcI
+fTT1VC4KUPT3ndWWGexJLNqooCoIcc23FxrjELK/QY2qsgJCAQCxDZYZoLF21uGl
+REHUyFNaV0q5SqRq782X6eRNfMjqNzdhGuzHHiDNLAVk3VTiBnt0rwUNWVzpzeio
+YZLLjNnw
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521.der b/extra/wolfssl/wolfssl/certs/p521/server-p521.der
index ca7ff6fe..784af1bb 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521.der
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521.der
diff --git a/extra/wolfssl/wolfssl/certs/p521/server-p521.pem b/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
index b0a8d6ec..36f61e3e 100644
--- a/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
+++ b/extra/wolfssl/wolfssl/certs/p521/server-p521.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = Server-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -38,20 +38,20 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:88:02:42:01:ab:16:c5:5c:76:07:6c:fd:5f:ca:01:bd:
-         a4:22:7a:ab:be:9a:9c:3b:c7:6b:bb:5a:c1:60:9b:21:4d:c8:
-         c6:1c:bd:22:e3:20:ff:69:16:2a:12:2d:62:ea:36:57:fa:30:
-         9b:d0:bf:fe:84:68:6b:6c:0c:e2:e7:bc:0d:dd:78:06:ab:02:
-         42:00:cc:ec:88:c4:e2:45:9e:97:df:a7:e9:9c:02:be:8e:7f:
-         a7:70:11:40:7b:5b:b9:8c:04:94:82:5a:8a:41:9f:77:ac:90:
-         dc:f6:0a:d8:79:b2:ca:5a:c7:26:23:f8:3e:01:e4:db:0a:17:
-         84:44:5d:34:69:1f:b6:88:55:a3:86:8a:0f
+         30:81:87:02:41:51:c1:26:8c:3f:53:fe:7c:28:f5:3f:81:e6:
+         de:7b:ae:ad:f3:6e:be:c2:3a:88:91:f7:31:e8:24:5c:67:08:
+         7d:34:f5:54:2e:0a:50:f4:f7:9d:d5:96:19:ec:49:2c:da:a8:
+         a0:2a:08:71:cd:b7:17:1a:e3:10:b2:bf:41:8d:aa:b2:02:42:
+         01:00:b1:0d:96:19:a0:b1:76:d6:e1:a5:44:41:d4:c8:53:5a:
+         57:4a:b9:4a:a4:6a:ef:cd:97:e9:e4:4d:7c:c8:ea:37:37:61:
+         1a:ec:c7:1e:20:cd:2c:05:64:dd:54:e2:06:7b:74:af:05:0d:
+         59:5c:e9:cd:e8:a8:61:92:cb:8c:d9:f0
 -----BEGIN CERTIFICATE-----
-MIIDYzCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
+MIIDYjCCAsSgAwIBAgIBATAKBggqhkjOPQQDAjCBrjELMAkGA1UEBhMCVVMxEDAO
 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
 U0xfcDUyMTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
 Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPy
-LGQBAQwHd29sZlNTTDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGy
+LGQBAQwHd29sZlNTTDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGy
 MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1h
 bjEVMBMGA1UECgwMd29sZlNTTF9wNTIxMRQwEgYDVQQLDAtTZXJ2ZXItcDUyMTEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -62,10 +62,10 @@ RpMf1WBjpi59jeo/4FvlyG4fp9mjWeWWJyL0AiuvW3gfE6gii+yuAX3AYROkNQoh
 o4GJMIGGMB0GA1UdDgQWBBSFhp+uc1+Udyc7FRXGeQeoQkse8zAfBgNVHSMEGDAW
 gBRAiR0wXgxu1T3G1SWQ2rZCZ+3pgjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
 AwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAwCgYI
-KoZIzj0EAwIDgYwAMIGIAkIBqxbFXHYHbP1fygG9pCJ6q76anDvHa7tawWCbIU3I
-xhy9IuMg/2kWKhItYuo2V/owm9C//oRoa2wM4ue8Dd14BqsCQgDM7IjE4kWel9+n
-6ZwCvo5/p3ARQHtbuYwElIJaikGfd6yQ3PYK2HmyylrHJiP4PgHk2woXhERdNGkf
-tohVo4aKDw==
+KoZIzj0EAwIDgYsAMIGHAkFRwSaMP1P+fCj1P4Hm3nuurfNuvsI6iJH3MegkXGcI
+fTT1VC4KUPT3ndWWGexJLNqooCoIcc23FxrjELK/QY2qsgJCAQCxDZYZoLF21uGl
+REHUyFNaV0q5SqRq782X6eRNfMjqNzdhGuzHHiDNLAVk3VTiBnt0rwUNWVzpzeio
+YZLLjNnw
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -74,8 +74,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_P521, OU = Root-P521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_p521, OU = CA-p521, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -103,20 +103,20 @@ Certificate:
             X509v3 Key Usage: critical
                 Digital Signature, Certificate Sign, CRL Sign
     Signature Algorithm: ecdsa-with-SHA256
-         30:81:88:02:42:01:ac:ed:31:5e:dc:f2:66:a1:d4:26:4a:82:
-         31:b2:24:46:93:db:4c:62:bc:77:30:97:96:ef:a2:2d:21:45:
-         0a:18:0c:bc:a6:1c:6c:68:69:63:a0:60:66:18:63:e9:ee:4c:
-         cc:6c:8f:c8:45:b9:32:d2:3c:9b:6e:f7:6b:8c:bd:08:5f:02:
-         42:01:53:85:38:dc:06:3a:75:be:c7:9c:7d:02:77:e5:8b:ba:
-         a6:f8:9f:e1:80:79:cb:e1:4a:44:e3:f8:8b:00:46:2c:66:b0:
-         95:1c:d7:2f:59:70:6a:c9:47:d6:c9:74:16:1f:8a:90:ad:f8:
-         bd:5f:df:97:ad:c9:f8:0b:bc:3c:ca:c7:cc
+         30:81:88:02:42:01:7a:a6:21:f5:b6:c2:fa:e1:44:c6:03:f5:
+         54:2d:35:ef:d9:55:f6:61:45:90:48:8c:c2:3e:81:76:30:06:
+         05:c2:db:32:19:b5:df:37:44:a6:3f:33:fa:3a:c7:91:ae:0f:
+         fb:10:8b:b8:4d:41:b3:ed:c2:d2:5c:37:28:eb:d7:b7:6c:02:
+         42:01:47:23:40:e8:e2:ca:61:74:29:e0:a6:71:5b:0a:c9:45:
+         17:04:7d:5d:11:02:d7:f0:af:60:e0:4c:0a:97:96:09:2e:e0:
+         25:f8:50:d8:9c:f9:bd:17:3d:d3:50:cc:49:06:81:7e:af:fa:
+         85:b8:1f:80:c4:64:08:56:53:39:8d:2f:40
 -----BEGIN CERTIFICATE-----
 MIIDITCCAoKgAwIBAgIBATAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEDAO
 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZT
 U0xfUDUyMTESMBAGA1UECwwJUm9vdC1QNTIxMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBrjELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFTATBgNVBAoMDHdvbGZTU0xfcDUy
 MTEQMA4GA1UECwwHQ0EtcDUyMTEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8w
 HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwH
@@ -126,7 +126,7 @@ x7L8AYaR7UNdOOAMJY2z27Hc3rchgM+H3mT0IT4tr3m99tAAS4F5+vcQqhnNQNce
 dTRTKQPtSFQh5Y+VtZtBjV/dctJao2MwYTAdBgNVHQ4EFgQUQIkdMF4MbtU9xtUl
 kNq2Qmft6YIwHwYDVR0jBBgwFoAUZKdolVMzGKIgkrxkVaarynZom8gwDwYDVR0T
 AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwIDgYwAMIGIAkIB
-rO0xXtzyZqHUJkqCMbIkRpPbTGK8dzCXlu+iLSFFChgMvKYcbGhpY6BgZhhj6e5M
-zGyPyEW5MtI8m273a4y9CF8CQgFThTjcBjp1vsecfQJ35Yu6pvif4YB5y+FKROP4
-iwBGLGawlRzXL1lwaslH1sl0Fh+KkK34vV/fl63J+Au8PMrHzA==
+eqYh9bbC+uFExgP1VC0179lV9mFFkEiMwj6BdjAGBcLbMhm13zdEpj8z+jrHka4P
++xCLuE1Bs+3C0lw3KOvXt2wCQgFHI0Do4sphdCngpnFbCslFFwR9XREC1/CvYOBM
+CpeWCS7gJfhQ2Jz5vRc901DMSQaBfq/6hbgfgMRkCFZTOY0vQA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/renewcerts.sh b/extra/wolfssl/wolfssl/certs/renewcerts.sh
index ece320c7..a25385d5 100755
--- a/extra/wolfssl/wolfssl/certs/renewcerts.sh
+++ b/extra/wolfssl/wolfssl/certs/renewcerts.sh
@@ -516,7 +516,7 @@ run_renewcerts(){
     echo "Updating server-ecc.pem"
     echo ""
     #pipe the following arguments to openssl req...
-    echo -e "US\\nWashington\\nSeattle\\nEliptic\\nECC\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -out server-ecc.csr
+    echo -e "US\\nWashington\\nSeattle\\nElliptic\\nECC\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | openssl req -new -key ecc-key.pem -config ./wolfssl.cnf -nodes -out server-ecc.csr
     check_result $? "Step 1"
 
     openssl x509 -req -in server-ecc.csr -days 1000 -extfile wolfssl.cnf -extensions server_ecc -CA ca-ecc-cert.pem -CAkey ca-ecc-key.pem -set_serial 03 -out server-ecc.pem
@@ -688,6 +688,28 @@ run_renewcerts(){
     echo "---------------------------------------------------------------------"
 
     ############################################################
+    ########## update Raw Public Key certificates ##############
+    ############################################################
+    echo "Updating  certificates"
+    echo "Updating client-cert-rpk.der"
+    cp client-keyPub.der ./rpk/client-cert-rpk.der
+    check_result $? "Step 1"
+
+    echo "Updating client-ecc-cert-rpk.der"
+    cp ecc-client-keyPub.der ./rpk/ecc-client-cert-rpk.der
+    check_result $? "Step 2"
+
+    echo "Updating server-cert-rpk.der"
+    openssl rsa -inform pem -in server-key.pem -outform der -out ./rpk/server-cert-rpk.der -pubout
+    check_result $? "Step 3"
+
+    echo "Updating server-ecc-cert-rpk.der"
+    openssl ec -inform pem -in ecc-key.pem -outform der -out ./rpk/server-ecc-cert-rpk.der -pubout
+    check_result $? "Step 4"
+
+    echo "End of section"
+    echo "---------------------------------------------------------------------"
+    ############################################################
     ###### update the ecc-rsa-server.p12 file ##################
     ############################################################
     echo "Updating ecc-rsa-server.p12 (password is \"\")"
diff --git a/extra/wolfssl/wolfssl/certs/rid-cert.der b/extra/wolfssl/wolfssl/certs/rid-cert.der
index cbc33c24..3ec3b8c0 100644
--- a/extra/wolfssl/wolfssl/certs/rid-cert.der
+++ b/extra/wolfssl/wolfssl/certs/rid-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der
new file mode 100644
index 00000000..b27f0e9b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/client-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der
new file mode 100644
index 00000000..5dace05a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/client-ecc-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/include.am b/extra/wolfssl/wolfssl/certs/rpk/include.am
new file mode 100644
index 00000000..6274be45
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/include.am
@@ -0,0 +1,9 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         certs/rpk/client-cert-rpk.der \
+         certs/rpk/client-ecc-cert-rpk.der \
+         certs/rpk/server-cert-rpk.der \
+         certs/rpk/server-ecc-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der
new file mode 100644
index 00000000..b6d8fbe6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/server-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der b/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der
new file mode 100644
index 00000000..91aa79be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/rpk/server-ecc-cert-rpk.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
index 7bac1cc5..c25d4e46 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
index 837c905a..65f0c14c 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-3072-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -60,35 +60,35 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         39:46:e9:1d:16:25:a1:15:6d:65:88:54:ef:7e:33:b3:0e:44:
-         f2:11:cd:23:ad:73:2f:80:3c:aa:10:bd:7e:3c:45:1b:c9:8c:
-         d7:2c:71:99:87:b4:e3:81:57:a8:c2:86:6c:80:ec:7c:4a:fb:
-         da:01:ed:e1:f6:b2:15:16:e1:3f:cd:de:85:d2:25:3b:11:31:
-         f6:a1:54:52:57:25:6c:41:99:d3:dd:92:af:ca:ed:c6:28:d4:
-         e5:6d:88:a5:c5:37:3f:6f:50:43:54:21:c9:cd:77:71:5c:81:
-         6e:ec:96:b4:ea:04:41:d7:db:ec:43:d2:65:a3:2d:a8:33:1d:
-         27:01:1e:28:16:2a:93:61:a6:af:8f:9d:31:e2:34:89:f8:9a:
-         cf:a0:c9:12:95:1b:9f:93:e6:10:90:e0:bc:d9:a3:72:40:30:
-         cb:c4:b4:ac:3f:17:42:3b:a1:ab:ff:3a:d4:c3:2b:22:56:fb:
-         77:93:c9:32:7f:bd:18:ff:c0:60:bc:dd:ce:09:d1:e9:22:44:
-         f2:9b:85:8b:20:fa:77:b0:95:aa:b5:9c:de:83:2b:58:7c:ec:
-         fb:aa:9c:b9:57:5d:32:32:a3:81:66:a4:1f:0f:2b:08:1b:65:
-         1c:d4:e1:4f:7f:d9:ee:39:a9:ae:99:6e:0a:3b:e4:ef:11:d6:
-         c9:e9:6f:89:27:c4:25:28:be:5a:e5:17:87:e7:56:0a:f4:32:
-         38:f2:86:84:d7:b6:66:47:f3:46:46:55:80:08:d6:8e:c0:08:
-         a0:3f:04:62:77:1c:6e:dd:80:7e:57:82:0e:60:81:6e:59:ff:
-         ad:39:6e:a0:fe:66:1a:1b:d1:4c:bf:14:c9:82:83:0a:95:57:
-         53:3b:79:be:74:01:d7:a7:62:64:6f:5a:8a:a6:7d:ab:9f:90:
-         fb:95:89:24:d3:55:02:ef:f1:5f:d4:de:46:0c:5b:9a:60:d6:
-         6e:64:cb:11:ae:fa:7f:4f:54:44:c0:ff:af:32:45:92:32:6e:
-         5b:cb:9d:2c:03:6e
+         1f:c0:ae:b2:47:af:ec:86:67:3a:b6:8f:44:65:4a:af:29:fc:
+         17:92:a4:8f:03:6a:76:63:8d:65:4a:f6:52:23:a2:08:46:17:
+         c6:2c:87:76:2b:05:21:c1:70:2d:4d:65:ef:de:af:87:21:7e:
+         88:98:45:8b:06:8f:f8:56:4f:6a:29:f3:f4:72:5d:c3:f4:5a:
+         ee:6c:52:dc:40:72:4a:1a:4c:3b:84:b0:5a:64:cc:3a:62:c3:
+         d3:56:a9:e3:fd:4e:a2:3b:57:22:b7:f9:71:f7:5c:80:aa:4c:
+         26:ef:d5:10:e5:d9:ae:89:ff:90:82:2e:0a:ad:1c:da:a6:9c:
+         99:44:d5:fc:a0:3c:42:ad:e7:dd:8a:d0:c7:b8:d0:83:bb:4b:
+         00:e2:50:e5:81:6f:03:b8:bc:4d:d2:86:4d:8a:33:79:ca:e8:
+         a0:df:70:c1:3a:c3:55:05:f0:ac:d8:ab:55:0b:cf:44:60:b4:
+         af:03:f4:88:d9:49:81:7c:78:6a:af:5f:cd:28:e2:e1:37:f3:
+         28:b8:0e:05:5d:72:b3:b5:5b:f4:72:52:a3:7e:99:99:23:95:
+         26:17:cb:9c:66:83:21:d6:ac:f8:c8:b2:49:22:dc:32:9b:f2:
+         fc:5d:f7:fe:c0:a6:81:62:1c:43:25:2a:d3:66:37:76:db:15:
+         31:c4:6b:df:e8:70:a9:f9:96:8c:ec:94:d1:b2:fb:73:03:1b:
+         5d:7f:2b:1b:ab:47:72:ea:1b:9d:2d:43:d4:90:df:ca:c5:98:
+         9a:a2:01:6a:d3:55:1c:ad:d1:37:46:93:fe:e8:56:8c:6a:1c:
+         45:bf:cb:12:d1:aa:1c:98:08:af:f7:67:ed:41:65:3b:98:d0:
+         42:29:b0:68:ab:94:52:6e:72:e2:f4:df:8a:68:b5:1b:6d:3f:
+         35:d5:01:b8:60:eb:fe:f2:e9:33:90:db:59:5a:c4:d6:52:c6:
+         c7:1b:a8:a1:ef:64:db:96:ac:ce:fc:8d:e2:ac:75:f4:0d:bc:
+         49:36:8a:12:36:83
 -----BEGIN CERTIFICATE-----
 MIIFjzCCA8agAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgZ0xCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93
 b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3QtUlNBLVBTUzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
-MB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbIxCzAJBgNVBAYTAlVT
+MB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
 b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -104,13 +104,13 @@ KQOhvlXkTPglp6ij4z8yH66nKptrVt3JWrEaAaAT0o6aLNt+/VsOLu+Sac7y3u/Q
 LwkOZwIDAQABo2MwYTAdBgNVHQ4EFgQU+ELMiMnIGPnTsCRlBkz/Vau/Dn8wHwYD
 VR0jBBgwFoAUqnHTsYpLu0cVR1+b0Ctp0W+FXvYwDwYDVR0TAQH/BAUwAwEB/zAO
 BgNVHQ8BAf8EBAMCAYYwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAY
-BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQA5RukdFiWhFW1liFTv
-fjOzDkTyEc0jrXMvgDyqEL1+PEUbyYzXLHGZh7TjgVeowoZsgOx8SvvaAe3h9rIV
-FuE/zd6F0iU7ETH2oVRSVyVsQZnT3ZKvyu3GKNTlbYilxTc/b1BDVCHJzXdxXIFu
-7Ja06gRB19vsQ9Jloy2oMx0nAR4oFiqTYaavj50x4jSJ+JrPoMkSlRufk+YQkOC8
-2aNyQDDLxLSsPxdCO6Gr/zrUwysiVvt3k8kyf70Y/8BgvN3OCdHpIkTym4WLIPp3
-sJWqtZzegytYfOz7qpy5V10yMqOBZqQfDysIG2Uc1OFPf9nuOamumW4KO+TvEdbJ
-6W+JJ8QlKL5a5ReH51YK9DI48oaE17ZmR/NGRlWACNaOwAigPwRidxxu3YB+V4IO
-YIFuWf+tOW6g/mYaG9FMvxTJgoMKlVdTO3m+dAHXp2Jkb1qKpn2rn5D7lYkk01UC
-7/Ff1N5GDFuaYNZuZMsRrvp/T1REwP+vMkWSMm5by50sA24=
+BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQAfwK6yR6/shmc6to9E
+ZUqvKfwXkqSPA2p2Y41lSvZSI6IIRhfGLId2KwUhwXAtTWXv3q+HIX6ImEWLBo/4
+Vk9qKfP0cl3D9FrubFLcQHJKGkw7hLBaZMw6YsPTVqnj/U6iO1cit/lx91yAqkwm
+79UQ5dmuif+Qgi4KrRzappyZRNX8oDxCrefditDHuNCDu0sA4lDlgW8DuLxN0oZN
+ijN5yuig33DBOsNVBfCs2KtVC89EYLSvA/SI2UmBfHhqr1/NKOLhN/MouA4FXXKz
+tVv0clKjfpmZI5UmF8ucZoMh1qz4yLJJItwym/L8Xff+wKaBYhxDJSrTZjd22xUx
+xGvf6HCp+ZaM7JTRsvtzAxtdfysbq0dy6hudLUPUkN/KxZiaogFq01UcrdE3RpP+
+6FaMahxFv8sS0aocmAiv92ftQWU7mNBCKbBoq5RSbnLi9N+KaLUbbT811QG4YOv+
+8ukzkNtZWsTWUsbHG6ih72TblqzO/I3irHX0DbxJNooSNoM=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
index c3015680..97738da6 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
index cd22134a..1a69b8c9 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/ca-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -56,28 +56,28 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         49:a5:ef:22:47:73:30:e6:41:67:79:c9:8c:ac:58:a2:d0:bf:
-         ed:50:c9:e8:26:44:16:d0:64:c7:f9:f0:50:1f:8b:25:f7:ba:
-         32:f0:1d:14:9f:d7:ad:2b:81:14:7d:60:ec:b3:f6:ad:0a:99:
-         b6:1d:eb:f2:8e:d5:bf:1b:a9:1e:3e:8b:6c:c8:c0:ee:dd:1b:
-         2e:34:dd:bd:cd:14:60:2e:14:60:b8:f1:f3:bc:af:87:5a:75:
-         55:72:18:2d:a3:9d:01:73:aa:52:a6:44:4e:5c:a2:b5:57:8f:
-         4b:36:5e:2a:f2:c1:e2:de:88:29:24:8d:62:81:d4:6d:42:e3:
-         50:e3:a9:46:fe:78:be:95:83:bd:cc:2c:9a:ad:da:4f:c1:de:
-         34:01:53:21:5b:c6:ec:6f:6b:2e:fd:d4:71:c7:15:4e:26:30:
-         6a:de:c7:21:22:14:ae:80:c0:00:89:72:83:89:3c:30:15:3b:
-         68:67:97:b0:93:7b:7a:95:54:1d:45:8e:ae:d2:97:0c:f9:32:
-         3b:61:2d:9e:b2:b0:2e:4f:d5:cc:ab:05:5d:ce:14:8a:fe:7b:
-         e4:59:33:fe:e0:42:d9:a6:99:f8:f2:7f:98:fa:09:dc:d5:ab:
-         2b:7b:08:c2:24:4c:59:49:e0:9e:23:85:d8:32:c7:5b:d4:01:
-         d2:20:c5:9c
+         6c:79:0e:40:30:74:f6:02:08:61:df:c0:89:25:10:30:ea:e4:
+         e9:14:c8:c6:47:01:55:a4:f2:ed:ee:3f:55:da:62:39:04:cb:
+         3d:a1:78:56:76:30:fd:14:ea:b3:d8:21:99:c6:ca:ed:9f:18:
+         7d:15:4d:d2:cf:db:c3:a1:b4:56:0d:04:b1:72:9c:68:81:1f:
+         01:02:b8:8f:d6:d8:ed:47:3a:72:f2:e0:a5:9b:7b:50:75:00:
+         a4:ab:23:62:48:1f:bc:f4:50:86:ef:06:b3:f8:8b:6e:e0:39:
+         d1:8c:3b:8f:1f:ef:c5:ff:8c:2d:b2:1b:5d:82:32:b1:81:92:
+         02:7c:c9:ad:16:86:63:6c:95:41:ed:80:70:96:41:13:11:03:
+         9a:c1:41:d4:ca:e0:fd:7f:2d:d9:5b:60:d6:42:fe:aa:ac:73:
+         4e:6d:26:67:03:ec:53:e9:97:2f:73:3a:f5:c4:ba:cf:dc:db:
+         6c:f0:79:80:b1:52:f4:bf:12:c9:a7:ce:b1:2f:8d:6a:6a:a8:
+         9e:27:e9:d1:55:26:6b:20:8c:1f:90:57:6d:5e:dc:9e:ca:4c:
+         76:fc:35:76:dc:5a:06:90:50:88:7e:ad:9f:58:e3:39:10:e3:
+         64:19:9f:ea:fb:86:04:84:79:d6:20:ac:c8:45:8b:03:8c:eb:
+         b6:d4:e7:e4
 -----BEGIN CERTIFICATE-----
 MIIEvzCCA3egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBnTELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dv
 bGZTU0xfUlNBLVBTUzEVMBMGA1UECwwMUm9vdC1SU0EtUFNTMRgwFgYDVQQDDA93
 d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBsjELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBsjELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
 bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -92,10 +92,10 @@ pyvhDzjmM+qyEA4UyD+Hn/+LKMwdAgMBAAGjYzBhMB0GA1UdDgQWBBSeDODT37ZL
 8xljXMpsk4aiFFORMTAfBgNVHSMEGDAWgBRk1eyCh4DeWu1JmNgMVH1GnqU81jAP
 BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA9BgkqhkiG9w0BAQowMKAN
 MAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOC
-AQEASaXvIkdzMOZBZ3nJjKxYotC/7VDJ6CZEFtBkx/nwUB+LJfe6MvAdFJ/XrSuB
-FH1g7LP2rQqZth3r8o7VvxupHj6LbMjA7t0bLjTdvc0UYC4UYLjx87yvh1p1VXIY
-LaOdAXOqUqZETlyitVePSzZeKvLB4t6IKSSNYoHUbULjUOOpRv54vpWDvcwsmq3a
-T8HeNAFTIVvG7G9rLv3UcccVTiYwat7HISIUroDAAIlyg4k8MBU7aGeXsJN7epVU
-HUWOrtKXDPkyO2EtnrKwLk/VzKsFXc4Uiv575Fkz/uBC2aaZ+PJ/mPoJ3NWrK3sI
-wiRMWUngniOF2DLHW9QB0iDFnA==
+AQEAbHkOQDB09gIIYd/AiSUQMOrk6RTIxkcBVaTy7e4/VdpiOQTLPaF4VnYw/RTq
+s9ghmcbK7Z8YfRVN0s/bw6G0Vg0EsXKcaIEfAQK4j9bY7Uc6cvLgpZt7UHUApKsj
+YkgfvPRQhu8Gs/iLbuA50Yw7jx/vxf+MLbIbXYIysYGSAnzJrRaGY2yVQe2AcJZB
+ExEDmsFB1Mrg/X8t2Vtg1kL+qqxzTm0mZwPsU+mXL3M69cS6z9zbbPB5gLFS9L8S
+yafOsS+Namqonifp0VUmayCMH5BXbV7cnspMdvw1dtxaBpBQiH6tn1jjORDjZBmf
+6vuGBIR51iCsyEWLA4zrttTn5A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
index fef0e48e..5f04bf3e 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
index 0483a9b2..0de6bc88 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-3072-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            04:fb:6a:d0:0a:86:db:19:b8:c7:f8:dc:8b:70:ed:b4:4e:e0:e2:02
+            06:54:4f:66:0b:e2:32:6e:09:ab:a6:90:84:b3:1a:59:79:89:1a:9a
         Signature Algorithm: rsassaPss         
          Hash Algorithm: sha384
          Mask Algorithm: mgf1 with sha384
@@ -10,8 +10,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -51,7 +51,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:8C:01:9F:4E:11:24:28:BF:3E:EA:82:EA:54:2A:C9:0F:F5:E4:C5:47
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_RSAPSS/OU=Client-RSAPSS/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
-                serial:04:FB:6A:D0:0A:86:DB:19:B8:C7:F8:DC:8B:70:ED:B4:4E:E0:E2:02
+                serial:06:54:4F:66:0B:E2:32:6E:09:AB:A6:90:84:B3:1A:59:79:89:1A:9A
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -65,36 +65,36 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         32:f2:6a:d2:c9:02:8e:eb:45:8f:13:02:4d:2c:0f:c1:3a:ea:
-         be:e3:f9:92:a2:2d:1b:fb:e8:b9:2f:d2:d0:e0:16:cd:b7:67:
-         e2:e3:61:a2:8d:c2:c9:64:f2:6a:8a:d2:62:9b:25:25:3d:72:
-         b1:07:1f:2c:a3:03:64:32:d4:23:84:08:03:60:ed:90:98:7a:
-         50:1b:19:b4:c1:a8:3b:d1:00:57:82:fc:e9:ef:15:c7:c1:ed:
-         b5:af:6c:60:84:48:d3:d4:8b:09:3f:2e:cc:f7:dd:62:ff:ad:
-         fe:8a:fe:7c:2a:12:fa:ca:24:6a:15:5b:56:46:06:6d:d4:08:
-         17:d9:94:78:8a:88:b3:92:6b:39:9e:79:6d:fe:9e:c3:d4:cb:
-         dd:be:06:b0:b8:5e:4e:dc:26:64:8d:25:ed:b7:1f:16:d1:64:
-         71:bf:e2:ed:f3:a2:2b:38:fb:e7:75:c6:65:62:72:65:ce:1b:
-         77:d7:9e:31:01:1b:07:fc:e7:8c:50:5a:9c:74:2b:a5:38:e1:
-         b0:ca:dd:e1:2d:27:c0:91:f2:bc:33:a0:1a:d4:06:21:af:c2:
-         cf:93:96:9d:aa:9b:49:f5:1e:9a:21:76:97:fe:63:4b:9f:ba:
-         b1:e7:d4:04:d5:d5:65:28:6a:8b:6c:74:4b:55:52:0e:ef:ba:
-         48:57:02:48:22:79:88:1c:cc:bb:22:4b:82:ac:5b:7d:d8:de:
-         6d:0d:4d:37:f4:69:b3:97:28:0e:fd:5c:29:9f:26:a3:cc:59:
-         91:97:36:54:2f:f9:4b:24:fc:a9:d8:bc:02:ae:21:5a:38:8b:
-         a4:8c:f1:8c:31:ef:5d:60:1b:f2:47:39:ea:e7:1b:b1:38:48:
-         dc:47:82:e1:b8:79:97:87:b6:ad:4b:d3:3b:24:c1:0f:19:4e:
-         41:b0:bc:7e:d4:d0:d8:dc:95:75:8d:e6:b3:63:21:02:f9:16:
-         f6:23:56:86:61:6c:17:74:8a:83:f5:b1:5f:6c:59:a0:03:1e:
-         b5:69:44:26:ff:0d
+         0b:90:18:ff:19:9d:5e:bc:34:de:1f:90:e8:27:89:1e:61:84:
+         79:84:e1:e7:b5:df:dc:b8:68:6b:59:02:33:b0:c8:0c:a7:31:
+         e3:95:b6:09:41:6b:e0:63:93:f5:9f:53:17:04:6d:08:e7:fe:
+         38:9e:27:82:29:55:46:f7:7a:65:61:7d:1e:8f:8c:35:70:8a:
+         2a:94:dc:62:c5:db:16:b8:bf:67:9c:f7:e1:09:fc:08:d7:95:
+         ae:9d:9c:27:f4:7c:71:37:62:c8:09:0b:b6:06:56:37:ff:fa:
+         fc:ba:c2:25:65:e5:c2:01:b4:37:8a:f5:1e:d6:d7:56:f6:df:
+         77:fa:99:26:16:61:8b:b2:f6:5f:de:cc:46:97:80:e8:55:36:
+         79:9a:c7:01:36:7b:73:3a:cc:ae:05:00:a1:91:2d:fb:57:0a:
+         72:e8:70:ab:4d:82:df:8d:5a:c5:67:fb:17:06:d9:a1:c4:66:
+         29:c6:58:d4:81:b9:89:d3:d1:8e:97:61:59:3a:be:4d:18:3a:
+         21:cf:94:0e:c7:20:30:35:a6:ed:a9:a1:de:bd:b7:ee:02:5f:
+         af:b0:8c:2e:57:15:7b:87:fd:d9:77:18:63:cc:d1:95:98:e2:
+         bd:d2:f4:15:38:98:13:dc:f1:ae:37:35:9e:1b:74:23:a3:20:
+         2a:3e:6a:d0:67:67:79:65:c0:6b:e3:08:66:8f:79:c6:1c:68:
+         68:b5:c4:f5:ec:8e:bc:c3:0b:73:6d:8b:61:33:17:90:f0:cb:
+         69:1c:2e:42:f1:c3:a0:4a:0d:8b:79:94:8e:40:97:c6:c0:4e:
+         f1:95:42:12:d9:ad:84:d5:9c:7b:52:4a:a9:e5:82:8f:5c:9f:
+         d4:c8:0e:14:0a:c2:27:33:57:1e:d9:60:5a:e6:2a:83:bb:91:
+         01:85:a0:14:b8:e4:bf:4a:43:7d:4f:40:36:d9:24:8b:a7:f3:
+         7c:a9:b1:cf:f0:ba:6b:d0:73:0a:aa:47:13:06:8f:ad:df:26:
+         0d:47:07:27:27:8f
 -----BEGIN CERTIFICATE-----
-MIIGxTCCBPygAwIBAgIUBPtq0AqG2xm4x/jci3DttE7g4gIwPgYJKoZIhvcNAQEK
+MIIGxTCCBPygAwIBAgIUBlRPZgviMm4Jq6aQhLMaWXmJGpowPgYJKoZIhvcNAQEK
 MDGgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQC
 AgFOMIG2MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEXMBUGA1UECgwOd29sZlNTTF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVu
 dC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0wwHhcN
-MjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAO
+MjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIxOTI5WjCBtjELMAkGA1UEBhMCVVMxEDAO
 BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndvbGZT
 U0xfUlNBUFNTMRYwFAYDVQQLDA1DbGllbnQtUlNBUFNTMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -112,17 +112,17 @@ MIH2BgNVHSMEge4wgeuAFIwBn04RJCi/PuqC6lQqyQ/15MVHoYG8pIG5MIG2MQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEX
 MBUGA1UECgwOd29sZlNTTF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVudC1SU0FQU1Mx
 GDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
-b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0yCFAT7atAKhtsZuMf4
-3Itw7bRO4OICMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22H
+b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dvbGZTU0yCFAZUT2YL4jJuCaum
+kISzGll5iRqaMAwGA1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22H
 BH8AAAEwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GCSqGSIb3DQEB
 CjAxoA0wCwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIE
-AgIBTgOCAYEAMvJq0skCjutFjxMCTSwPwTrqvuP5kqItG/vouS/S0OAWzbdn4uNh
-oo3CyWTyaorSYpslJT1ysQcfLKMDZDLUI4QIA2DtkJh6UBsZtMGoO9EAV4L86e8V
-x8Htta9sYIRI09SLCT8uzPfdYv+t/or+fCoS+sokahVbVkYGbdQIF9mUeIqIs5Jr
-OZ55bf6ew9TL3b4GsLheTtwmZI0l7bcfFtFkcb/i7fOiKzj753XGZWJyZc4bd9ee
-MQEbB/znjFBanHQrpTjhsMrd4S0nwJHyvDOgGtQGIa/Cz5OWnaqbSfUemiF2l/5j
-S5+6sefUBNXVZShqi2x0S1VSDu+6SFcCSCJ5iBzMuyJLgqxbfdjebQ1NN/Rps5co
-Dv1cKZ8mo8xZkZc2VC/5SyT8qdi8Aq4hWjiLpIzxjDHvXWAb8kc56ucbsThI3EeC
-4bh5l4e2rUvTOyTBDxlOQbC8ftTQ2NyVdY3ms2MhAvkW9iNWhmFsF3SKg/WxX2xZ
-oAMetWlEJv8N
+AgIBTgOCAYEAC5AY/xmdXrw03h+Q6CeJHmGEeYTh57Xf3Lhoa1kCM7DIDKcx45W2
+CUFr4GOT9Z9TFwRtCOf+OJ4ngilVRvd6ZWF9Ho+MNXCKKpTcYsXbFri/Z5z34Qn8
+CNeVrp2cJ/R8cTdiyAkLtgZWN//6/LrCJWXlwgG0N4r1HtbXVvbfd/qZJhZhi7L2
+X97MRpeA6FU2eZrHATZ7czrMrgUAoZEt+1cKcuhwq02C341axWf7FwbZocRmKcZY
+1IG5idPRjpdhWTq+TRg6Ic+UDscgMDWm7amh3r237gJfr7CMLlcVe4f92XcYY8zR
+lZjivdL0FTiYE9zxrjc1nht0I6MgKj5q0GdneWXAa+MIZo95xhxoaLXE9eyOvMML
+c22LYTMXkPDLaRwuQvHDoEoNi3mUjkCXxsBO8ZVCEtmthNWce1JKqeWCj1yf1MgO
+FArCJzNXHtlgWuYqg7uRAYWgFLjkv0pDfU9ANtkki6fzfKmxz/C6a9BzCqpHEwaP
+rd8mDUcHJyeP
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
index 20e1883a..56a5cc87 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
index 0afd1cae..a2e0d319 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/client-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            08:97:d5:a9:82:55:09:02:75:62:2e:dc:dc:38:a5:be:b7:fc:34:4b
+            66:c1:2c:85:1b:16:4c:37:fa:23:50:5c:f1:4b:99:11:2f:2c:ea:e0
         Signature Algorithm: rsassaPss         
          Hash Algorithm: sha256
          Mask Algorithm: mgf1 with sha256
@@ -10,8 +10,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Client-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -47,7 +47,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:59:71:87:88:D0:3E:C7:EE:08:4D:80:F2:C9:FC:CF:3D:76:E6:A5:62
                 DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_RSAPSS/OU=Client-RSAPSS/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
-                serial:08:97:D5:A9:82:55:09:02:75:62:2E:DC:DC:38:A5:BE:B7:FC:34:4B
+                serial:66:C1:2C:85:1B:16:4C:37:FA:23:50:5C:F1:4B:99:11:2F:2C:EA:E0
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -61,29 +61,29 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         53:ab:77:45:54:4f:cd:f0:28:9c:97:52:09:1c:77:4f:b5:9e:
-         c6:97:e3:f1:fd:be:a3:8e:75:f4:d5:af:00:ae:5f:fe:5c:e6:
-         01:ac:6f:d1:3c:d5:1b:85:23:cc:2e:25:41:05:2f:8e:e3:b8:
-         a4:c2:28:66:7c:4f:e3:72:bc:4a:71:8d:05:73:a5:98:67:6d:
-         ea:ae:ed:e5:97:63:46:57:83:24:15:1d:83:93:27:e6:cb:0f:
-         ea:bf:d2:39:a1:8b:38:68:1a:95:5e:48:9d:ea:86:76:5a:8d:
-         61:4f:55:fd:05:d6:05:4b:e7:de:d3:b0:35:d0:b0:ef:52:06:
-         c3:53:c8:a9:d5:be:97:6b:12:eb:9d:01:5b:ac:7f:b6:00:d5:
-         4f:c2:90:ce:4f:49:59:ea:76:68:b2:73:81:28:17:2c:44:99:
-         f3:67:0e:3d:78:71:5d:52:96:9f:0c:8d:73:ef:8c:ea:9a:6e:
-         5e:9c:09:fc:2f:15:75:fb:f9:0c:14:96:86:19:90:ba:ba:ed:
-         9f:61:ff:4c:49:2e:3c:c6:f5:63:fe:b4:ce:1c:3d:27:37:31:
-         ac:69:c3:96:e5:ca:db:05:99:f7:9c:32:8a:b0:2b:f0:3e:0a:
-         6c:23:99:03:60:df:b9:34:b1:8f:85:fa:42:a2:d8:de:ff:d4:
-         78:1e:ba:64
+         b0:79:5c:92:53:67:6c:04:98:74:61:9e:10:7d:17:59:0e:a6:
+         41:0b:84:df:a7:8a:2e:5e:c5:5b:2a:f9:1f:bc:34:36:94:d5:
+         d4:cf:fd:91:b6:7c:ee:db:07:21:12:ef:d1:06:ba:99:d1:4c:
+         e7:c5:db:96:00:dc:87:a7:40:54:0d:6a:a1:2e:31:34:59:bd:
+         02:78:40:85:cb:ea:fc:8c:bc:d6:1a:89:c9:3a:5c:06:c0:b2:
+         e6:cc:d2:ba:99:8a:62:81:f0:54:b6:18:56:91:2e:62:e4:16:
+         83:30:68:70:1b:bd:18:49:a0:14:a1:8d:10:b5:67:22:09:7d:
+         c1:f5:52:cd:9e:7b:bb:9d:64:78:fe:e9:f4:b7:9c:91:23:d5:
+         eb:73:f6:64:f8:b2:ec:be:90:da:e1:f0:6e:71:e4:ec:19:91:
+         3d:c4:e2:d9:f8:24:0c:93:47:16:57:03:67:1f:81:ac:d3:fb:
+         0c:04:d8:20:e1:74:0d:7c:20:99:dd:c5:dc:fd:eb:1e:49:5d:
+         1a:e6:7b:fc:77:b0:66:08:7c:c3:9b:9a:77:b6:b9:f7:8c:65:
+         21:0c:e8:12:f7:93:a1:c7:2d:03:0e:91:e4:f9:98:68:47:d2:
+         5d:c4:53:e7:96:02:76:75:63:f0:d0:67:ca:77:75:bc:1a:87:
+         d3:94:99:b1
 -----BEGIN CERTIFICATE-----
-MIIF9TCCBK2gAwIBAgIUCJfVqYJVCQJ1Yi7c3Dilvrf8NEswPQYJKoZIhvcNAQEK
+MIIF9TCCBK2gAwIBAgIUZsEshRsWTDf6I1Bc8UuZES8s6uAwPQYJKoZIhvcNAQEK
 MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
 ASAwgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNQ2xpZW50
 LVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0y
-MjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3NDlaMIG2MQswCQYDVQQGEwJVUzEQMA4G
+MzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5MjhaMIG2MQswCQYDVQQGEwJVUzEQMA4G
 A1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEXMBUGA1UECgwOd29sZlNT
 TF9SU0FQU1MxFjAUBgNVBAsMDUNsaWVudC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -100,13 +100,13 @@ PXbmpWKhgbykgbkwgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAw
 DgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UE
 CwwNQ2xpZW50LVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJ
 KoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29s
-ZlNTTIIUCJfVqYJVCQJ1Yi7c3Dilvrf8NEswDAYDVR0TBAUwAwEB/zAcBgNVHREE
+ZlNTTIIUZsEshRsWTDf6I1Bc8UuZES8s6uAwDAYDVR0TBAUwAwEB/zAcBgNVHREE
 FTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
 BQUHAwIwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0B
-AQgwCwYJYIZIAWUDBAIBogMCASADggEBAFOrd0VUT83wKJyXUgkcd0+1nsaX4/H9
-vqOOdfTVrwCuX/5c5gGsb9E81RuFI8wuJUEFL47juKTCKGZ8T+NyvEpxjQVzpZhn
-bequ7eWXY0ZXgyQVHYOTJ+bLD+q/0jmhizhoGpVeSJ3qhnZajWFPVf0F1gVL597T
-sDXQsO9SBsNTyKnVvpdrEuudAVusf7YA1U/CkM5PSVnqdmiyc4EoFyxEmfNnDj14
-cV1Slp8MjXPvjOqabl6cCfwvFXX7+QwUloYZkLq67Z9h/0xJLjzG9WP+tM4cPSc3
-Maxpw5blytsFmfecMoqwK/A+CmwjmQNg37k0sY+F+kKi2N7/1HgeumQ=
+AQgwCwYJYIZIAWUDBAIBogMCASADggEBALB5XJJTZ2wEmHRhnhB9F1kOpkELhN+n
+ii5exVsq+R+8NDaU1dTP/ZG2fO7bByES79EGupnRTOfF25YA3IenQFQNaqEuMTRZ
+vQJ4QIXL6vyMvNYaick6XAbAsubM0rqZimKB8FS2GFaRLmLkFoMwaHAbvRhJoBSh
+jRC1ZyIJfcH1Us2ee7udZHj+6fS3nJEj1etz9mT4suy+kNrh8G5x5OwZkT3E4tn4
+JAyTRxZXA2cfgazT+wwE2CDhdA18IJndxdz96x5JXRrme/x3sGYIfMObmne2ufeM
+ZSEM6BL3k6HHLQMOkeT5mGhH0l3EU+eWAnZ1Y/DQZ8p3dbwah9OUmbE=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
index 46886006..265945fb 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
index 8678a18d..77e18041 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-3072-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            16:f5:d9:4e:98:03:1d:e8:9e:1a:04:6e:b9:8a:bf:14:4d:1f:79:b1
+            25:af:7b:c5:57:c8:31:42:fc:85:76:76:7a:01:a9:ca:68:a3:6a:d7
         Signature Algorithm: rsassaPss         
          Hash Algorithm: sha384
          Mask Algorithm: mgf1 with sha384
@@ -10,8 +10,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -61,36 +61,36 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         14:4c:66:28:6a:b0:97:a1:1e:2b:45:bc:43:47:2b:42:f5:47:
-         4b:07:02:51:d0:6d:8e:8e:01:72:2f:10:72:6c:ff:fb:59:46:
-         a2:7d:ce:a1:11:fa:9e:54:40:54:77:d0:15:c9:ce:36:15:08:
-         c6:24:d2:9c:45:ef:26:bf:f6:1e:ad:e3:de:cd:d5:87:bb:e7:
-         6c:9b:61:24:5a:ec:5c:57:dc:b2:f1:74:3d:1d:b6:0f:97:b3:
-         65:9b:c2:e0:b0:06:c7:00:11:c0:b8:e8:4b:c4:d4:ff:0c:54:
-         bb:7b:72:f7:b6:52:2c:19:1e:de:21:92:57:f2:14:75:ba:e2:
-         f9:4b:d7:db:be:cf:f6:9e:2d:65:77:f8:fc:5d:68:6e:1a:65:
-         81:a1:e2:a2:3f:5e:a2:f6:c1:42:4b:2d:84:b3:c2:68:9d:ae:
-         ef:48:f7:ce:f0:c0:18:6b:b9:27:ba:1f:a1:b5:a7:cb:f2:96:
-         99:b8:07:3e:1a:0a:d5:dd:ee:95:4e:98:a0:3e:b8:33:88:b9:
-         f8:1c:5b:9b:76:fa:2b:90:8e:a9:95:47:b1:cc:e2:67:5e:dd:
-         9d:41:f9:50:43:f7:95:fb:8a:45:8a:cf:9b:63:ea:aa:ef:38:
-         03:56:4d:b1:73:07:39:a8:01:a7:78:83:5a:43:09:08:7d:ac:
-         7e:63:74:01:bb:16:4f:0d:32:6b:3f:b2:93:c8:21:d2:0b:45:
-         0b:02:78:50:5f:f2:39:67:49:1a:ab:f8:e9:04:c0:8f:5f:21:
-         92:08:b0:a8:5e:5d:26:70:43:92:21:3c:42:02:b6:80:a2:45:
-         a5:6a:f0:fe:bb:76:60:7b:b2:0a:9b:25:a4:ed:fd:9e:15:79:
-         e5:5a:b7:6e:11:09:d3:68:73:b1:ec:d6:30:87:66:3f:dd:0e:
-         92:0b:01:05:1e:0e:b3:56:93:96:1f:4b:0a:2e:a9:5c:cd:54:
-         5d:71:54:22:28:db:8b:28:b0:b8:a8:1e:f1:da:60:25:81:53:
-         85:9f:d0:86:4e:3a
+         8f:d2:c7:8f:7f:7d:4e:ca:13:59:51:bb:2d:51:c7:bc:70:3c:
+         2d:a7:44:e2:b7:14:f2:1f:6f:9e:81:92:8d:f4:65:45:7d:72:
+         91:37:8f:21:b2:cf:aa:94:a2:cc:fe:63:a5:96:a3:a4:9c:f4:
+         ae:da:bd:b0:33:61:0b:54:05:da:7b:5a:7b:cc:5d:1a:59:a7:
+         59:ad:29:73:e2:ec:e8:ac:f4:89:f4:3b:4d:17:a8:72:ae:d0:
+         78:a1:f2:57:2a:15:e1:07:6c:c1:69:92:6a:a4:ea:24:30:bc:
+         fb:d4:95:6f:b9:dc:0e:4f:3e:a3:1f:e5:2e:2e:b0:5a:0a:1a:
+         39:e3:a8:7a:2c:03:32:c2:f7:b5:55:a6:2b:dc:6c:de:13:fc:
+         fa:bd:5f:ee:fe:af:a8:4b:c1:2e:2b:da:c1:29:d3:92:a6:3a:
+         dc:04:84:67:84:63:f8:b0:f0:4b:8f:5e:16:cd:97:22:32:28:
+         2d:bb:2d:07:74:49:1b:78:ce:4e:4b:ac:57:f8:21:f2:f6:2a:
+         0d:ad:ea:2a:3f:ed:c1:fc:9e:dc:62:b3:f3:43:bd:1d:14:e3:
+         97:51:1b:ef:df:0d:b4:04:b4:7a:8b:7a:16:be:d5:40:77:07:
+         cf:87:e3:2e:5e:df:ee:a2:bd:3c:50:af:a7:d1:34:84:50:9f:
+         73:2d:89:12:4b:8f:34:d6:6b:80:94:36:16:16:b0:5c:bc:36:
+         36:12:44:8b:f4:20:ef:08:3d:8c:d6:81:66:61:0e:57:85:54:
+         82:b3:f8:e3:98:21:44:ea:4a:a6:ff:ec:aa:b5:58:23:6a:03:
+         ed:c2:8c:22:f5:3d:14:7e:ff:f6:16:76:2e:20:2e:1a:1b:9c:
+         4c:6c:8d:f5:de:1c:09:59:67:ce:73:47:11:c7:ed:43:df:05:
+         07:75:e0:8e:15:96:61:4a:e9:32:0d:35:86:cc:1b:a1:7a:3a:
+         a3:8f:58:e2:21:fd:4b:d9:62:82:83:56:ed:dc:61:c2:13:79:
+         80:1c:89:f7:fc:02
 -----BEGIN CERTIFICATE-----
-MIIFjTCCA8SgAwIBAgIUFvXZTpgDHeieGgRuuYq/FE0febEwPgYJKoZIhvcNAQEK
+MIIFjTCCA8SgAwIBAgIUJa97xVfIMUL8hXZ2egGpymijatcwPgYJKoZIhvcNAQEK
 MDGgDTALBglghkgBZQMEAgKhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQC
 AgFOMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9SU0EtUFNTMRUwEwYDVQQLDAxSb290
 LVJTQS1QU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
-ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NDlaFw0yNTA5MTEyMTE3
-NDlaMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
+ARYQaW5mb0B3b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjhaFw0yNjA5MDgyMjE5
+MjhaMIGdMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwH
 Qm96ZW1hbjEYMBYGA1UECgwPd29sZlNTTF9SU0EtUFNTMRUwEwYDVQQLDAxSb290
 LVJTQS1QU1MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbTCCAaAwCwYJKoZIhvcNAQEKA4IBjwAwggGKAoIB
@@ -105,13 +105,13 @@ YUC/RSjStS/BCK++1gMAzxlp46CwkuwmQl4CpdEtz7hj386zImwa012JFZrEd5jN
 lX8CAwEAAaNjMGEwHQYDVR0OBBYEFKpx07GKS7tHFUdfm9AradFvhV72MB8GA1Ud
 IwQYMBaAFKpx07GKS7tHFUdfm9AradFvhV72MA8GA1UdEwEB/wQFMAMBAf8wDgYD
 VR0PAQH/BAQDAgGGMD4GCSqGSIb3DQEBCjAxoA0wCwYJYIZIAWUDBAICoRowGAYJ
-KoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOCAYEAFExmKGqwl6EeK0W8Q0cr
-QvVHSwcCUdBtjo4Bci8Qcmz/+1lGon3OoRH6nlRAVHfQFcnONhUIxiTSnEXvJr/2
-Hq3j3s3Vh7vnbJthJFrsXFfcsvF0PR22D5ezZZvC4LAGxwARwLjoS8TU/wxUu3ty
-97ZSLBke3iGSV/IUdbri+UvX277P9p4tZXf4/F1obhplgaHioj9eovbBQksthLPC
-aJ2u70j3zvDAGGu5J7ofobWny/KWmbgHPhoK1d3ulU6YoD64M4i5+Bxbm3b6K5CO
-qZVHscziZ17dnUH5UEP3lfuKRYrPm2Pqqu84A1ZNsXMHOagBp3iDWkMJCH2sfmN0
-AbsWTw0yaz+yk8gh0gtFCwJ4UF/yOWdJGqv46QTAj18hkgiwqF5dJnBDkiE8QgK2
-gKJFpWrw/rt2YHuyCpslpO39nhV55Vq3bhEJ02hzsezWMIdmP90OkgsBBR4Os1aT
-lh9LCi6pXM1UXXFUIijbiyiwuKge8dpgJYFThZ/Qhk46
+KoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOCAYEAj9LHj399TsoTWVG7LVHH
+vHA8LadE4rcU8h9vnoGSjfRlRX1ykTePIbLPqpSizP5jpZajpJz0rtq9sDNhC1QF
+2ntae8xdGlmnWa0pc+Ls6Kz0ifQ7TReocq7QeKHyVyoV4QdswWmSaqTqJDC8+9SV
+b7ncDk8+ox/lLi6wWgoaOeOoeiwDMsL3tVWmK9xs3hP8+r1f7v6vqEvBLivawSnT
+kqY63ASEZ4Rj+LDwS49eFs2XIjIoLbstB3RJG3jOTkusV/gh8vYqDa3qKj/twfye
+3GKz80O9HRTjl1Eb798NtAS0eot6Fr7VQHcHz4fjLl7f7qK9PFCvp9E0hFCfcy2J
+EkuPNNZrgJQ2FhawXLw2NhJEi/Qg7wg9jNaBZmEOV4VUgrP445ghROpKpv/sqrVY
+I2oD7cKMIvU9FH7/9hZ2LiAuGhucTGyN9d4cCVlnznNHEcftQ98FB3XgjhWWYUrp
+Mg01hswboXo6o49Y4iH9S9ligoNW7dxhwhN5gByJ9/wC
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
index cd081f8d..5538f102 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
index 8d7805d4..d22f5b04 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/root-rsapss.pem
@@ -2,7 +2,7 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            59:97:7c:29:94:e1:4d:a1:1e:91:68:90:e6:67:3e:26:13:f9:6c:ac
+            73:13:23:bb:43:e9:76:b0:ce:25:f7:d5:65:b4:8f:7a:e5:7f:be:4f
         Signature Algorithm: rsassaPss         
          Hash Algorithm: sha256
          Mask Algorithm: mgf1 with sha256
@@ -10,8 +10,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -57,29 +57,29 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         08:08:92:4e:3c:fb:9e:5d:3e:b3:5d:31:d0:4d:00:7d:1c:dd:
-         28:e1:dd:e9:2c:24:35:43:8b:e4:8d:48:fd:63:9f:ef:a7:c7:
-         a7:df:ea:2b:e2:17:7a:b8:2f:79:e3:15:00:68:63:d7:64:82:
-         00:67:e1:d6:4b:d7:b3:e6:f7:dd:48:3e:64:9e:74:51:0f:d0:
-         83:df:91:5c:6e:99:e8:4c:d1:61:0e:83:84:01:78:85:45:b3:
-         d3:f2:b9:d5:39:02:38:ed:ac:1a:fa:b1:60:08:a5:9b:ea:c9:
-         39:f7:fa:23:3c:34:4b:36:e1:99:cf:1b:ce:36:ea:30:9b:df:
-         b4:9a:8e:65:d2:62:ba:28:e0:24:db:28:2c:d5:76:28:e0:3f:
-         eb:e3:0c:32:c3:75:e0:4c:30:83:9b:49:b5:0a:c3:68:8f:5e:
-         ea:1e:14:a9:92:5b:e9:24:7b:da:47:94:b2:a1:98:6d:b0:e3:
-         35:fb:ae:c3:d8:24:b4:24:6b:64:8d:38:7b:0b:0e:aa:59:ee:
-         68:05:4b:af:33:45:6d:7e:c3:27:8b:99:8e:56:ed:35:d2:a7:
-         6a:67:db:c0:f7:03:00:a4:5c:ca:5f:ea:fb:20:15:01:43:9f:
-         5d:4e:7e:30:08:37:fd:6e:12:7e:d6:37:2e:58:2f:9c:3e:c3:
-         bd:e8:bb:e1
+         0f:1c:2d:bd:46:35:3b:80:d7:d1:45:74:d4:54:8d:ff:b0:29:
+         06:be:e4:c7:cc:93:06:9d:2c:0f:7d:82:2a:76:ed:36:4a:71:
+         cd:6b:47:94:e9:c9:29:c7:17:4e:c4:0a:0d:4a:53:92:fb:72:
+         b8:a7:a1:bb:87:fc:e1:7e:51:1b:b5:d7:34:63:7e:9f:ff:70:
+         2a:45:3c:db:fc:0a:d6:59:3a:76:30:09:81:40:94:28:4b:ca:
+         36:62:1f:d9:8a:58:3d:b1:3e:8e:9e:c2:01:2c:f9:aa:71:61:
+         0c:6f:46:99:c8:cb:a6:c5:9e:4a:40:3d:84:af:2f:0c:45:59:
+         f5:a9:c5:44:b6:4d:b7:d5:fd:5d:f3:5b:8d:0b:6a:69:e7:30:
+         76:76:ef:ee:ad:80:e3:45:92:a9:fa:32:43:bc:2c:c5:51:f4:
+         6e:3a:42:8e:fc:a1:eb:03:ca:3c:c5:fc:d7:62:cb:d5:34:92:
+         59:2d:f7:d0:fc:f2:e1:2c:5c:c2:94:f4:9d:3b:8f:d8:46:ed:
+         29:21:5c:1b:c6:da:30:71:8d:9f:00:03:82:34:33:1d:d7:20:
+         e8:4f:9f:9e:bd:91:25:fa:f7:0b:6a:64:99:ad:f3:f7:66:a4:
+         cd:b3:6d:e7:ec:06:9b:88:ce:a7:ef:59:e3:d0:6c:22:af:b8:
+         ce:7a:3b:60
 -----BEGIN CERTIFICATE-----
-MIIEvTCCA3WgAwIBAgIUWZd8KZThTaEekWiQ5mc+JhP5bKwwPQYJKoZIhvcNAQEK
+MIIEvTCCA3WgAwIBAgIUcxMju0PpdrDOJffVZbSPeuV/vk8wPQYJKoZIhvcNAQEK
 MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC
 ASAwgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3Qt
 UlNBLVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTky
+OFowgZ0xCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRgwFgYDVQQKDA93b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3Qt
 UlNBLVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tMIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFl
@@ -93,10 +93,10 @@ CGK+q9xIDIW1XvsSyZ7Au/EKGGwV+edEShUJc0nYDJb33NACYsqRgfSyPLolqZiE
 SZjYDFR9Rp6lPNYwHwYDVR0jBBgwFoAUZNXsgoeA3lrtSZjYDFR9Rp6lPNYwDwYD
 VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwPQYJKoZIhvcNAQEKMDCgDTAL
 BglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEB
-AAgIkk48+55dPrNdMdBNAH0c3Sjh3eksJDVDi+SNSP1jn++nx6ff6iviF3q4L3nj
-FQBoY9dkggBn4dZL17Pm991IPmSedFEP0IPfkVxumehM0WEOg4QBeIVFs9PyudU5
-AjjtrBr6sWAIpZvqyTn3+iM8NEs24ZnPG8426jCb37SajmXSYroo4CTbKCzVdijg
-P+vjDDLDdeBMMIObSbUKw2iPXuoeFKmSW+kke9pHlLKhmG2w4zX7rsPYJLQka2SN
-OHsLDqpZ7mgFS68zRW1+wyeLmY5W7TXSp2pn28D3AwCkXMpf6vsgFQFDn11OfjAI
-N/1uEn7WNy5YL5w+w73ou+E=
+AA8cLb1GNTuA19FFdNRUjf+wKQa+5MfMkwadLA99gip27TZKcc1rR5TpySnHF07E
+Cg1KU5L7crinobuH/OF+URu11zRjfp//cCpFPNv8CtZZOnYwCYFAlChLyjZiH9mK
+WD2xPo6ewgEs+apxYQxvRpnIy6bFnkpAPYSvLwxFWfWpxUS2TbfV/V3zW40Lamnn
+MHZ27+6tgONFkqn6MkO8LMVR9G46Qo78oesDyjzF/Ndiy9U0klkt99D88uEsXMKU
+9J07j9hG7SkhXBvG2jBxjZ8AA4I0Mx3XIOhPn569kSX69wtqZJmt8/dmpM2zbefs
+BpuIzqfvWePQbCKvuM56O2A=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
index da823cd1..600e757c 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -64,36 +64,36 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         a3:6f:52:58:b0:d4:8f:e5:95:ec:7d:25:a7:67:a2:a1:2a:5f:
-         11:aa:8c:cb:62:fc:75:e2:78:7d:ee:3b:ec:ac:30:80:3b:c5:
-         b7:7b:ce:6e:e3:91:ea:54:d4:cd:e5:07:55:f2:10:e8:e8:86:
-         68:e8:01:c0:53:ca:b3:7f:7b:79:e6:31:82:aa:e9:02:c5:ca:
-         e4:f2:df:a6:5a:99:f1:bc:59:3d:4c:b2:bc:92:e6:15:4a:49:
-         0b:b6:10:ca:12:48:03:d9:b7:87:d0:f8:ba:c9:c3:c2:fc:29:
-         8a:a7:c1:4c:26:42:9f:1a:ce:f3:31:a2:4a:f7:25:8c:ed:40:
-         71:77:7b:06:cc:4c:6f:bb:4e:34:c4:b5:e2:24:06:56:f3:ef:
-         9b:05:78:5a:e3:f3:c2:42:f4:eb:3e:28:f6:88:29:68:65:61:
-         60:d2:61:ac:a1:4e:ec:6a:c1:15:87:1a:8c:06:2d:34:e7:66:
-         bf:4f:5d:4d:23:46:33:67:2b:1d:97:f2:9a:e6:2e:90:1b:87:
-         93:03:2d:51:d8:7d:3d:0e:59:8a:30:34:8b:b2:09:92:99:03:
-         b7:ad:a4:c5:ad:6d:bb:e6:5e:c2:e4:86:d2:63:3b:c8:8e:0a:
-         a3:39:bd:9c:e9:a5:cf:65:65:85:8e:08:8e:d9:85:36:3e:1d:
-         c6:66:3a:6d:a6:9d:be:e0:d8:e9:dd:17:1c:df:75:04:3e:24:
-         a9:c0:19:17:a1:ef:6e:db:a6:bd:fc:1d:99:8d:11:0c:3c:5b:
-         44:b0:da:f4:0a:e2:c6:39:13:5f:f1:6a:20:ae:07:07:41:95:
-         d4:10:92:b4:32:01:27:74:ef:aa:97:0e:9f:73:67:29:5c:40:
-         d2:5b:31:bb:c5:70:c0:c3:b6:7b:39:c4:76:b8:ec:67:c9:0a:
-         bd:d3:dc:c8:4f:41:62:5e:46:3a:d4:e6:65:12:4d:c0:7e:68:
-         6c:9d:6a:ec:4f:da:e3:b3:94:58:be:ad:b6:85:01:e3:94:a4:
-         4b:7d:28:00:0e:f3
+         a1:de:92:ed:d2:4f:c8:85:21:4f:96:af:a2:74:a9:e7:3d:c7:
+         f5:84:8e:4c:6c:29:2b:ed:24:5e:60:ea:bb:43:c0:7f:b3:5d:
+         e5:d9:44:34:b3:d0:e1:d2:04:c1:f4:88:e3:7a:c8:a5:cb:85:
+         3e:27:52:d9:f4:c2:9e:45:35:e8:2b:ca:2d:c3:d4:30:53:c5:
+         c1:f4:9c:d1:98:bf:80:c2:91:88:da:37:f5:ed:6f:5f:73:83:
+         e7:3c:94:c9:b8:fe:e5:aa:0b:18:f4:69:92:a9:38:58:42:6a:
+         8b:2e:c0:37:aa:3e:50:8e:e9:93:26:ba:cd:28:da:79:fb:cf:
+         4d:8f:03:b8:e3:bd:5f:d2:c6:ad:42:66:9f:4d:51:fc:16:1a:
+         e9:80:45:45:c5:fe:e2:1e:15:08:5f:e8:dc:2d:03:e9:08:03:
+         ae:1a:dd:a0:3b:b9:65:98:c3:01:4a:4b:4f:ad:3d:20:cd:d0:
+         60:b8:7a:7b:26:4d:cb:ff:b4:f0:d2:9b:cf:ce:8e:d3:32:14:
+         23:a2:52:c8:20:fc:9c:23:21:13:e9:eb:2e:c0:1b:18:e8:09:
+         ac:e9:c9:2e:5e:63:6f:c4:60:b5:2c:61:12:25:a0:72:fe:ed:
+         7d:74:62:b5:2e:7a:91:83:96:64:ff:c2:ef:6f:8c:a8:7e:22:
+         d8:79:d1:16:d9:96:87:9e:9e:c4:34:71:cd:0c:ec:ac:e1:60:
+         44:29:b3:72:94:46:ea:08:82:c2:fa:05:55:c7:e5:16:5f:3b:
+         16:02:34:3c:ca:44:f8:a4:ba:c8:ae:7b:83:79:d7:20:45:14:
+         6a:5a:b7:85:80:ce:aa:cb:dc:46:41:70:01:54:dd:f4:58:20:
+         da:1d:df:2f:61:53:d4:57:de:53:4c:56:d0:70:60:59:1f:f8:
+         84:25:11:74:b1:12:1c:90:ef:11:07:65:ec:a3:64:df:0b:51:
+         d0:65:70:9c:a1:2f:9b:dd:10:dc:33:b3:1a:8e:5a:8a:68:43:
+         7f:9e:6b:b8:a4:33
 -----BEGIN CERTIFICATE-----
 MIIFzzCCBAagAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgbIxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
 b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
-BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIy
+MTkyOVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
 DAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNU2Vy
 dmVyLVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
 AQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDCC
@@ -110,13 +110,13 @@ FgQUyPHpHmAByCPM15izu2V6MsRLkzkwHwYDVR0jBBgwFoAU+ELMiMnIGPnTsCRl
 Bkz/Vau/Dn8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAww
 CgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMD4GCSqGSIb3DQEBCjAxoA0w
 CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOC
-AYEAo29SWLDUj+WV7H0lp2eioSpfEaqMy2L8deJ4fe477KwwgDvFt3vObuOR6lTU
-zeUHVfIQ6OiGaOgBwFPKs397eeYxgqrpAsXK5PLfplqZ8bxZPUyyvJLmFUpJC7YQ
-yhJIA9m3h9D4usnDwvwpiqfBTCZCnxrO8zGiSvcljO1AcXd7BsxMb7tONMS14iQG
-VvPvmwV4WuPzwkL06z4o9ogpaGVhYNJhrKFO7GrBFYcajAYtNOdmv09dTSNGM2cr
-HZfymuYukBuHkwMtUdh9PQ5ZijA0i7IJkpkDt62kxa1tu+ZewuSG0mM7yI4Kozm9
-nOmlz2VlhY4IjtmFNj4dxmY6baadvuDY6d0XHN91BD4kqcAZF6HvbtumvfwdmY0R
-DDxbRLDa9ArixjkTX/FqIK4HB0GV1BCStDIBJ3TvqpcOn3NnKVxA0lsxu8VwwMO2
-eznEdrjsZ8kKvdPcyE9BYl5GOtTmZRJNwH5obJ1q7E/a47OUWL6ttoUB45SkS30o
-AA7z
+AYEAod6S7dJPyIUhT5avonSp5z3H9YSOTGwpK+0kXmDqu0PAf7Nd5dlENLPQ4dIE
+wfSI43rIpcuFPidS2fTCnkU16CvKLcPUMFPFwfSc0Zi/gMKRiNo39e1vX3OD5zyU
+ybj+5aoLGPRpkqk4WEJqiy7AN6o+UI7pkya6zSjaefvPTY8DuOO9X9LGrUJmn01R
+/BYa6YBFRcX+4h4VCF/o3C0D6QgDrhrdoDu5ZZjDAUpLT609IM3QYLh6eyZNy/+0
+8NKbz86O0zIUI6JSyCD8nCMhE+nrLsAbGOgJrOnJLl5jb8RgtSxhEiWgcv7tfXRi
+tS56kYOWZP/C72+MqH4i2HnRFtmWh56exDRxzQzsrOFgRCmzcpRG6giCwvoFVcfl
+Fl87FgI0PMpE+KS6yK57g3nXIEUUalq3hYDOqsvcRkFwAVTd9Fgg2h3fL2FT1Ffe
+U0xW0HBgWR/4hCURdLESHJDvEQdl7KNk3wtR0GVwnKEvm90Q3DOzGo5aimhDf55r
+uKQz
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
index d13982e4..5df8b41b 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
index cb2b97ae..d3d85bae 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-3072-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -64,36 +64,36 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         a3:6f:52:58:b0:d4:8f:e5:95:ec:7d:25:a7:67:a2:a1:2a:5f:
-         11:aa:8c:cb:62:fc:75:e2:78:7d:ee:3b:ec:ac:30:80:3b:c5:
-         b7:7b:ce:6e:e3:91:ea:54:d4:cd:e5:07:55:f2:10:e8:e8:86:
-         68:e8:01:c0:53:ca:b3:7f:7b:79:e6:31:82:aa:e9:02:c5:ca:
-         e4:f2:df:a6:5a:99:f1:bc:59:3d:4c:b2:bc:92:e6:15:4a:49:
-         0b:b6:10:ca:12:48:03:d9:b7:87:d0:f8:ba:c9:c3:c2:fc:29:
-         8a:a7:c1:4c:26:42:9f:1a:ce:f3:31:a2:4a:f7:25:8c:ed:40:
-         71:77:7b:06:cc:4c:6f:bb:4e:34:c4:b5:e2:24:06:56:f3:ef:
-         9b:05:78:5a:e3:f3:c2:42:f4:eb:3e:28:f6:88:29:68:65:61:
-         60:d2:61:ac:a1:4e:ec:6a:c1:15:87:1a:8c:06:2d:34:e7:66:
-         bf:4f:5d:4d:23:46:33:67:2b:1d:97:f2:9a:e6:2e:90:1b:87:
-         93:03:2d:51:d8:7d:3d:0e:59:8a:30:34:8b:b2:09:92:99:03:
-         b7:ad:a4:c5:ad:6d:bb:e6:5e:c2:e4:86:d2:63:3b:c8:8e:0a:
-         a3:39:bd:9c:e9:a5:cf:65:65:85:8e:08:8e:d9:85:36:3e:1d:
-         c6:66:3a:6d:a6:9d:be:e0:d8:e9:dd:17:1c:df:75:04:3e:24:
-         a9:c0:19:17:a1:ef:6e:db:a6:bd:fc:1d:99:8d:11:0c:3c:5b:
-         44:b0:da:f4:0a:e2:c6:39:13:5f:f1:6a:20:ae:07:07:41:95:
-         d4:10:92:b4:32:01:27:74:ef:aa:97:0e:9f:73:67:29:5c:40:
-         d2:5b:31:bb:c5:70:c0:c3:b6:7b:39:c4:76:b8:ec:67:c9:0a:
-         bd:d3:dc:c8:4f:41:62:5e:46:3a:d4:e6:65:12:4d:c0:7e:68:
-         6c:9d:6a:ec:4f:da:e3:b3:94:58:be:ad:b6:85:01:e3:94:a4:
-         4b:7d:28:00:0e:f3
+         a1:de:92:ed:d2:4f:c8:85:21:4f:96:af:a2:74:a9:e7:3d:c7:
+         f5:84:8e:4c:6c:29:2b:ed:24:5e:60:ea:bb:43:c0:7f:b3:5d:
+         e5:d9:44:34:b3:d0:e1:d2:04:c1:f4:88:e3:7a:c8:a5:cb:85:
+         3e:27:52:d9:f4:c2:9e:45:35:e8:2b:ca:2d:c3:d4:30:53:c5:
+         c1:f4:9c:d1:98:bf:80:c2:91:88:da:37:f5:ed:6f:5f:73:83:
+         e7:3c:94:c9:b8:fe:e5:aa:0b:18:f4:69:92:a9:38:58:42:6a:
+         8b:2e:c0:37:aa:3e:50:8e:e9:93:26:ba:cd:28:da:79:fb:cf:
+         4d:8f:03:b8:e3:bd:5f:d2:c6:ad:42:66:9f:4d:51:fc:16:1a:
+         e9:80:45:45:c5:fe:e2:1e:15:08:5f:e8:dc:2d:03:e9:08:03:
+         ae:1a:dd:a0:3b:b9:65:98:c3:01:4a:4b:4f:ad:3d:20:cd:d0:
+         60:b8:7a:7b:26:4d:cb:ff:b4:f0:d2:9b:cf:ce:8e:d3:32:14:
+         23:a2:52:c8:20:fc:9c:23:21:13:e9:eb:2e:c0:1b:18:e8:09:
+         ac:e9:c9:2e:5e:63:6f:c4:60:b5:2c:61:12:25:a0:72:fe:ed:
+         7d:74:62:b5:2e:7a:91:83:96:64:ff:c2:ef:6f:8c:a8:7e:22:
+         d8:79:d1:16:d9:96:87:9e:9e:c4:34:71:cd:0c:ec:ac:e1:60:
+         44:29:b3:72:94:46:ea:08:82:c2:fa:05:55:c7:e5:16:5f:3b:
+         16:02:34:3c:ca:44:f8:a4:ba:c8:ae:7b:83:79:d7:20:45:14:
+         6a:5a:b7:85:80:ce:aa:cb:dc:46:41:70:01:54:dd:f4:58:20:
+         da:1d:df:2f:61:53:d4:57:de:53:4c:56:d0:70:60:59:1f:f8:
+         84:25:11:74:b1:12:1c:90:ef:11:07:65:ec:a3:64:df:0b:51:
+         d0:65:70:9c:a1:2f:9b:dd:10:dc:33:b3:1a:8e:5a:8a:68:43:
+         7f:9e:6b:b8:a4:33
 -----BEGIN CERTIFICATE-----
 MIIFzzCCBAagAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgbIxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
 b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
-BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIx
-MTc0OVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIy
+MTkyOVowgbYxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQH
 DAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JTQVBTUzEWMBQGA1UECwwNU2Vy
 dmVyLVJTQVBTUzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
 AQkBFhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDCC
@@ -110,15 +110,15 @@ FgQUyPHpHmAByCPM15izu2V6MsRLkzkwHwYDVR0jBBgwFoAU+ELMiMnIGPnTsCRl
 Bkz/Vau/Dn8wDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAww
 CgYIKwYBBQUHAwEwEQYJYIZIAYb4QgEBBAQDAgZAMD4GCSqGSIb3DQEBCjAxoA0w
 CwYJYIZIAWUDBAICoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAqIEAgIBTgOC
-AYEAo29SWLDUj+WV7H0lp2eioSpfEaqMy2L8deJ4fe477KwwgDvFt3vObuOR6lTU
-zeUHVfIQ6OiGaOgBwFPKs397eeYxgqrpAsXK5PLfplqZ8bxZPUyyvJLmFUpJC7YQ
-yhJIA9m3h9D4usnDwvwpiqfBTCZCnxrO8zGiSvcljO1AcXd7BsxMb7tONMS14iQG
-VvPvmwV4WuPzwkL06z4o9ogpaGVhYNJhrKFO7GrBFYcajAYtNOdmv09dTSNGM2cr
-HZfymuYukBuHkwMtUdh9PQ5ZijA0i7IJkpkDt62kxa1tu+ZewuSG0mM7yI4Kozm9
-nOmlz2VlhY4IjtmFNj4dxmY6baadvuDY6d0XHN91BD4kqcAZF6HvbtumvfwdmY0R
-DDxbRLDa9ArixjkTX/FqIK4HB0GV1BCStDIBJ3TvqpcOn3NnKVxA0lsxu8VwwMO2
-eznEdrjsZ8kKvdPcyE9BYl5GOtTmZRJNwH5obJ1q7E/a47OUWL6ttoUB45SkS30o
-AA7z
+AYEAod6S7dJPyIUhT5avonSp5z3H9YSOTGwpK+0kXmDqu0PAf7Nd5dlENLPQ4dIE
+wfSI43rIpcuFPidS2fTCnkU16CvKLcPUMFPFwfSc0Zi/gMKRiNo39e1vX3OD5zyU
+ybj+5aoLGPRpkqk4WEJqiy7AN6o+UI7pkya6zSjaefvPTY8DuOO9X9LGrUJmn01R
+/BYa6YBFRcX+4h4VCF/o3C0D6QgDrhrdoDu5ZZjDAUpLT609IM3QYLh6eyZNy/+0
+8NKbz86O0zIUI6JSyCD8nCMhE+nrLsAbGOgJrOnJLl5jb8RgtSxhEiWgcv7tfXRi
+tS56kYOWZP/C72+MqH4i2HnRFtmWh56exDRxzQzsrOFgRCmzcpRG6giCwvoFVcfl
+Fl87FgI0PMpE+KS6yK57g3nXIEUUalq3hYDOqsvcRkFwAVTd9Fgg2h3fL2FT1Ffe
+U0xW0HBgWR/4hCURdLESHJDvEQdl7KNk3wtR0GVwnKEvm90Q3DOzGo5aimhDf55r
+uKQz
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -131,8 +131,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -182,35 +182,35 @@ Certificate:
           Salt Length: 0x014E
          Trailer Field: 0xBC (default)
 
-         39:46:e9:1d:16:25:a1:15:6d:65:88:54:ef:7e:33:b3:0e:44:
-         f2:11:cd:23:ad:73:2f:80:3c:aa:10:bd:7e:3c:45:1b:c9:8c:
-         d7:2c:71:99:87:b4:e3:81:57:a8:c2:86:6c:80:ec:7c:4a:fb:
-         da:01:ed:e1:f6:b2:15:16:e1:3f:cd:de:85:d2:25:3b:11:31:
-         f6:a1:54:52:57:25:6c:41:99:d3:dd:92:af:ca:ed:c6:28:d4:
-         e5:6d:88:a5:c5:37:3f:6f:50:43:54:21:c9:cd:77:71:5c:81:
-         6e:ec:96:b4:ea:04:41:d7:db:ec:43:d2:65:a3:2d:a8:33:1d:
-         27:01:1e:28:16:2a:93:61:a6:af:8f:9d:31:e2:34:89:f8:9a:
-         cf:a0:c9:12:95:1b:9f:93:e6:10:90:e0:bc:d9:a3:72:40:30:
-         cb:c4:b4:ac:3f:17:42:3b:a1:ab:ff:3a:d4:c3:2b:22:56:fb:
-         77:93:c9:32:7f:bd:18:ff:c0:60:bc:dd:ce:09:d1:e9:22:44:
-         f2:9b:85:8b:20:fa:77:b0:95:aa:b5:9c:de:83:2b:58:7c:ec:
-         fb:aa:9c:b9:57:5d:32:32:a3:81:66:a4:1f:0f:2b:08:1b:65:
-         1c:d4:e1:4f:7f:d9:ee:39:a9:ae:99:6e:0a:3b:e4:ef:11:d6:
-         c9:e9:6f:89:27:c4:25:28:be:5a:e5:17:87:e7:56:0a:f4:32:
-         38:f2:86:84:d7:b6:66:47:f3:46:46:55:80:08:d6:8e:c0:08:
-         a0:3f:04:62:77:1c:6e:dd:80:7e:57:82:0e:60:81:6e:59:ff:
-         ad:39:6e:a0:fe:66:1a:1b:d1:4c:bf:14:c9:82:83:0a:95:57:
-         53:3b:79:be:74:01:d7:a7:62:64:6f:5a:8a:a6:7d:ab:9f:90:
-         fb:95:89:24:d3:55:02:ef:f1:5f:d4:de:46:0c:5b:9a:60:d6:
-         6e:64:cb:11:ae:fa:7f:4f:54:44:c0:ff:af:32:45:92:32:6e:
-         5b:cb:9d:2c:03:6e
+         1f:c0:ae:b2:47:af:ec:86:67:3a:b6:8f:44:65:4a:af:29:fc:
+         17:92:a4:8f:03:6a:76:63:8d:65:4a:f6:52:23:a2:08:46:17:
+         c6:2c:87:76:2b:05:21:c1:70:2d:4d:65:ef:de:af:87:21:7e:
+         88:98:45:8b:06:8f:f8:56:4f:6a:29:f3:f4:72:5d:c3:f4:5a:
+         ee:6c:52:dc:40:72:4a:1a:4c:3b:84:b0:5a:64:cc:3a:62:c3:
+         d3:56:a9:e3:fd:4e:a2:3b:57:22:b7:f9:71:f7:5c:80:aa:4c:
+         26:ef:d5:10:e5:d9:ae:89:ff:90:82:2e:0a:ad:1c:da:a6:9c:
+         99:44:d5:fc:a0:3c:42:ad:e7:dd:8a:d0:c7:b8:d0:83:bb:4b:
+         00:e2:50:e5:81:6f:03:b8:bc:4d:d2:86:4d:8a:33:79:ca:e8:
+         a0:df:70:c1:3a:c3:55:05:f0:ac:d8:ab:55:0b:cf:44:60:b4:
+         af:03:f4:88:d9:49:81:7c:78:6a:af:5f:cd:28:e2:e1:37:f3:
+         28:b8:0e:05:5d:72:b3:b5:5b:f4:72:52:a3:7e:99:99:23:95:
+         26:17:cb:9c:66:83:21:d6:ac:f8:c8:b2:49:22:dc:32:9b:f2:
+         fc:5d:f7:fe:c0:a6:81:62:1c:43:25:2a:d3:66:37:76:db:15:
+         31:c4:6b:df:e8:70:a9:f9:96:8c:ec:94:d1:b2:fb:73:03:1b:
+         5d:7f:2b:1b:ab:47:72:ea:1b:9d:2d:43:d4:90:df:ca:c5:98:
+         9a:a2:01:6a:d3:55:1c:ad:d1:37:46:93:fe:e8:56:8c:6a:1c:
+         45:bf:cb:12:d1:aa:1c:98:08:af:f7:67:ed:41:65:3b:98:d0:
+         42:29:b0:68:ab:94:52:6e:72:e2:f4:df:8a:68:b5:1b:6d:3f:
+         35:d5:01:b8:60:eb:fe:f2:e9:33:90:db:59:5a:c4:d6:52:c6:
+         c7:1b:a8:a1:ef:64:db:96:ac:ce:fc:8d:e2:ac:75:f4:0d:bc:
+         49:36:8a:12:36:83
 -----BEGIN CERTIFICATE-----
 MIIFjzCCA8agAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAqEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiBAICAU4wgZ0xCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA93
 b2xmU1NMX1JTQS1QU1MxFTATBgNVBAsMDFJvb3QtUlNBLVBTUzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
-MB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgbIxCzAJBgNVBAYTAlVT
+MB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgbIxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53
 b2xmU1NMX1JTQVBTUzESMBAGA1UECwwJQ0EtUlNBUFNTMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
@@ -226,13 +226,13 @@ KQOhvlXkTPglp6ij4z8yH66nKptrVt3JWrEaAaAT0o6aLNt+/VsOLu+Sac7y3u/Q
 LwkOZwIDAQABo2MwYTAdBgNVHQ4EFgQU+ELMiMnIGPnTsCRlBkz/Vau/Dn8wHwYD
 VR0jBBgwFoAUqnHTsYpLu0cVR1+b0Ctp0W+FXvYwDwYDVR0TAQH/BAUwAwEB/zAO
 BgNVHQ8BAf8EBAMCAYYwPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQMEAgKhGjAY
-BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQA5RukdFiWhFW1liFTv
-fjOzDkTyEc0jrXMvgDyqEL1+PEUbyYzXLHGZh7TjgVeowoZsgOx8SvvaAe3h9rIV
-FuE/zd6F0iU7ETH2oVRSVyVsQZnT3ZKvyu3GKNTlbYilxTc/b1BDVCHJzXdxXIFu
-7Ja06gRB19vsQ9Jloy2oMx0nAR4oFiqTYaavj50x4jSJ+JrPoMkSlRufk+YQkOC8
-2aNyQDDLxLSsPxdCO6Gr/zrUwysiVvt3k8kyf70Y/8BgvN3OCdHpIkTym4WLIPp3
-sJWqtZzegytYfOz7qpy5V10yMqOBZqQfDysIG2Uc1OFPf9nuOamumW4KO+TvEdbJ
-6W+JJ8QlKL5a5ReH51YK9DI48oaE17ZmR/NGRlWACNaOwAigPwRidxxu3YB+V4IO
-YIFuWf+tOW6g/mYaG9FMvxTJgoMKlVdTO3m+dAHXp2Jkb1qKpn2rn5D7lYkk01UC
-7/Ff1N5GDFuaYNZuZMsRrvp/T1REwP+vMkWSMm5by50sA24=
+BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAICogQCAgFOA4IBgQAfwK6yR6/shmc6to9E
+ZUqvKfwXkqSPA2p2Y41lSvZSI6IIRhfGLId2KwUhwXAtTWXv3q+HIX6ImEWLBo/4
+Vk9qKfP0cl3D9FrubFLcQHJKGkw7hLBaZMw6YsPTVqnj/U6iO1cit/lx91yAqkwm
+79UQ5dmuif+Qgi4KrRzappyZRNX8oDxCrefditDHuNCDu0sA4lDlgW8DuLxN0oZN
+ijN5yuig33DBOsNVBfCs2KtVC89EYLSvA/SI2UmBfHhqr1/NKOLhN/MouA4FXXKz
+tVv0clKjfpmZI5UmF8ucZoMh1qz4yLJJItwym/L8Xff+wKaBYhxDJSrTZjd22xUx
+xGvf6HCp+ZaM7JTRsvtzAxtdfysbq0dy6hudLUPUkN/KxZiaogFq01UcrdE3RpP+
+6FaMahxFv8sS0aocmAiv92ftQWU7mNBCKbBoq5RSbnLi9N+KaLUbbT811QG4YOv+
+8ukzkNtZWsTWUsbHG6ih72TblqzO/I3irHX0DbxJNooSNoM=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
index 2181143c..10cf45f5 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-mix-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-MIX-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -55,28 +55,28 @@ Certificate:
           Salt Length: 0xDE
          Trailer Field: 0xBC (default)
 
-         3c:41:e4:e3:a2:f2:8d:f7:ba:f3:c3:51:c6:b2:71:2d:d4:4d:
-         c3:10:b1:0c:1b:c2:e5:cd:48:13:a9:2f:cc:13:f3:db:25:85:
-         c3:83:0a:77:00:ff:16:58:c0:2a:12:20:11:5a:86:87:db:1e:
-         47:ac:9d:c5:7c:87:c3:13:79:c8:ea:35:33:a0:a3:bf:d5:64:
-         09:5b:60:45:e9:b1:a4:3c:9a:31:14:fb:76:ae:ef:3c:56:cc:
-         9b:3d:de:74:16:ac:5f:9b:f2:1b:28:8f:fe:d6:0a:4f:bc:72:
-         c2:23:c6:c5:da:c2:aa:80:ac:90:c4:31:93:99:f5:c7:c1:cc:
-         ec:09:45:02:90:4e:b3:47:59:f6:80:6c:c0:bb:66:f7:fb:e1:
-         16:56:7b:6e:ef:e6:b6:93:e5:95:d4:e3:76:c0:de:64:6b:1c:
-         72:0d:0d:7b:85:2f:b4:e2:9e:01:44:6f:85:53:30:78:bf:c3:
-         4e:33:21:0b:f9:a6:66:85:a0:ef:60:8d:07:7d:ac:fb:3c:11:
-         aa:f9:7f:5b:f9:0e:af:27:d4:a9:fb:b2:b3:fe:8d:4c:d0:9f:
-         83:9a:79:32:7f:b2:11:af:b5:35:a3:62:4a:4a:03:c8:cd:f0:
-         f7:5e:98:9d:5e:d0:7f:e9:cf:8a:1f:bd:28:c7:25:8e:7b:63:
-         30:83:6c:00
+         14:99:93:0c:53:6c:7e:43:6d:28:73:f0:11:fa:80:13:79:af:
+         2d:c2:64:71:1d:90:5d:b2:2e:1f:4c:bf:30:21:12:16:82:a4:
+         8d:90:e7:e3:3c:ee:3a:d1:50:ba:18:e0:d5:e7:cb:6b:87:ae:
+         24:e1:0b:7c:c7:83:28:98:56:dc:63:d7:6e:d1:f6:a9:92:3e:
+         d5:aa:83:f3:c4:fe:53:26:d0:b3:e8:f2:0b:34:bb:cb:5d:53:
+         28:36:b9:ab:b8:13:a2:b3:53:ac:ab:c7:41:92:f5:e4:c7:66:
+         c6:af:15:f9:c2:a5:9c:c3:07:81:c9:c0:41:2c:40:11:5b:86:
+         63:c0:6e:1d:c7:e4:3f:41:a4:8d:18:2c:da:1a:fa:d7:39:d3:
+         b6:8f:be:87:0f:2b:a1:90:6a:d7:ba:df:cf:97:20:05:7e:8c:
+         a7:f8:90:bf:ec:b6:a6:44:08:81:57:19:15:a9:a9:0f:1c:5c:
+         78:ab:b8:35:5b:b0:8c:7d:48:f5:21:38:e7:a2:51:27:fc:24:
+         ea:2f:9f:f7:19:62:e6:1f:cf:1c:5d:9c:e2:b5:e7:b2:4c:ac:
+         fc:64:fd:0e:bd:5d:3b:02:44:94:ec:5e:1c:24:d1:3d:37:3b:
+         eb:23:2f:7a:46:c6:45:4d:55:1e:50:d2:6f:c2:16:5b:78:a7:
+         06:e1:ee:36
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA26gAwIBAgIBATA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFlAwQCAaEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4wgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgboxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgboxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRcwFQYDVQQKDA53b2xmU1NMX1JT
 QVBTUzEaMBgGA1UECwwRU2VydmVyLU1JWC1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -90,11 +90,11 @@ ILNYIqeq68Th5mGDxdKW39nQT63XAgMBAAGjgYkwgYYwHQYDVR0OBBYEFLMRMsmS
 mITiyfjQO24DQsofDo48MB8GA1UdIwQYMBaAFCeOZxF0wyYdP+0zY7Ok2B0w5ejV
 MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
 BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDA+BgkqhkiG9w0BAQowMaANMAsGCWCGSAFl
-AwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBADxB5OOi
-8o33uvPDUcaycS3UTcMQsQwbwuXNSBOpL8wT89slhcODCncA/xZYwCoSIBFahofb
-HkesncV8h8MTecjqNTOgo7/VZAlbYEXpsaQ8mjEU+3au7zxWzJs93nQWrF+b8hso
-j/7WCk+8csIjxsXawqqArJDEMZOZ9cfBzOwJRQKQTrNHWfaAbMC7Zvf74RZWe27v
-5raT5ZXU43bA3mRrHHINDXuFL7TingFEb4VTMHi/w04zIQv5pmaFoO9gjQd9rPs8
-Ear5f1v5Dq8n1Kn7srP+jUzQn4OaeTJ/shGvtTWjYkpKA8jN8PdemJ1e0H/pz4of
-vSjHJY57YzCDbAA=
+AwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiBAICAN4DggEBABSZkwxT
+bH5DbShz8BH6gBN5ry3CZHEdkF2yLh9MvzAhEhaCpI2Q5+M87jrRULoY4NXny2uH
+riThC3zHgyiYVtxj127R9qmSPtWqg/PE/lMm0LPo8gs0u8tdUyg2uau4E6KzU6yr
+x0GS9eTHZsavFfnCpZzDB4HJwEEsQBFbhmPAbh3H5D9BpI0YLNoa+tc507aPvocP
+K6GQate638+XIAV+jKf4kL/stqZECIFXGRWpqQ8cXHiruDVbsIx9SPUhOOeiUSf8
+JOovn/cZYuYfzxxdnOK157JMrPxk/Q69XTsCRJTsXhwk0T03O+sjL3pGxkVNVR5Q
+0m/CFlt4pwbh7jY=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
index 5a44a0df..2502ae95 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss-cert.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -60,29 +60,29 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         a3:9a:85:01:f5:22:c0:a3:8e:80:da:04:5e:a3:51:71:97:ba:
-         77:9f:96:19:33:6d:52:9e:ff:ce:05:a3:a6:87:05:d4:24:13:
-         91:1e:75:0b:af:d7:6c:0c:75:d9:63:27:a1:9b:1b:fd:f9:16:
-         70:fc:a1:f7:03:ad:e4:5f:f0:52:66:f8:b2:b6:4e:39:85:c6:
-         d3:8f:90:7f:de:21:a2:ef:9b:64:a2:77:a7:f2:82:02:4e:da:
-         93:4d:53:de:0c:26:fb:b9:87:05:8c:32:d2:96:b3:ab:58:ef:
-         ba:7c:f8:f6:0d:a5:82:ca:18:4e:21:77:ec:bc:9a:e6:68:e9:
-         bc:7d:65:27:ad:cd:4b:e1:09:8c:aa:10:76:d1:98:31:89:67:
-         8f:c9:ed:78:cd:a5:33:0a:8a:b4:86:48:fe:e9:47:7a:59:fa:
-         91:56:5f:9c:72:35:a8:3a:63:7b:3f:7b:9b:a0:1b:e1:c5:69:
-         b3:0d:90:8b:4d:eb:3f:26:63:4c:bd:10:0d:c4:63:4c:45:4e:
-         f7:80:f8:e7:8a:24:4b:ee:7c:88:1b:b9:6c:33:57:de:14:7a:
-         48:ee:85:58:5a:94:6e:64:68:3c:b8:9f:76:da:15:0e:96:41:
-         0b:e7:54:04:f6:49:ed:94:8d:fc:0d:08:e2:28:5d:e2:1a:13:
-         3d:73:f6:eb
+         44:ba:5d:7a:83:e4:65:ff:23:b8:4b:7c:9f:ab:2e:f7:dc:59:
+         7e:6b:40:67:54:09:42:9f:41:1d:a1:7e:a8:f9:47:48:c1:00:
+         63:cc:92:06:2c:3c:eb:f4:83:32:c2:2e:d1:78:f3:1e:52:60:
+         32:26:8e:b3:b3:62:3d:ba:2b:8d:74:ef:01:5c:cc:1b:7c:ac:
+         40:64:07:79:eb:f9:36:26:0e:e9:a8:55:5d:e5:10:87:17:0d:
+         69:63:34:4b:5b:09:c8:54:dd:43:1c:1a:62:bb:ac:00:eb:3f:
+         a8:fe:b3:b6:e0:8b:9e:1c:a5:f4:09:8a:f0:7b:2f:da:13:92:
+         af:ad:c0:f0:c5:16:18:30:53:a6:5d:b9:1f:97:4b:a6:ac:4c:
+         80:dc:01:28:d9:9f:45:73:bd:6c:30:d1:c7:73:33:c5:cc:df:
+         56:f4:72:04:00:78:dd:5f:d8:92:bb:87:e9:15:01:e3:f0:6e:
+         bb:aa:3e:85:f9:68:22:7a:1e:d3:4c:43:bf:01:ee:0a:aa:9c:
+         73:0b:38:d4:77:cf:b7:11:ca:5c:aa:e6:e6:25:9d:bf:41:8d:
+         79:37:0c:fa:53:41:c5:86:cf:10:29:9d:7a:7c:96:c5:e5:6c:
+         57:7b:89:e6:14:84:5b:54:22:c4:5c:81:a0:bf:a4:fc:76:71:
+         97:34:62:7d
 -----BEGIN CERTIFICATE-----
 MIIE/zCCA7egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBsjELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
 bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
-CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjEx
-NzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
+CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIx
+OTI4WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
 B0JvemVtYW4xFzAVBgNVBAoMDndvbGZTU0xfUlNBUFNTMRYwFAYDVQQLDA1TZXJ2
 ZXItUlNBUFNTMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMIIB
@@ -97,10 +97,10 @@ AQABo4GJMIGGMB0GA1UdDgQWBBQtB2mwoW+fDPolBbLKlwhE3w6XqDAfBgNVHSME
 GDAWgBSeDODT37ZL8xljXMpsk4aiFFORMTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
 /wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAw
 PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ
-YIZIAWUDBAIBogMCASADggEBAKOahQH1IsCjjoDaBF6jUXGXuneflhkzbVKe/84F
-o6aHBdQkE5EedQuv12wMddljJ6GbG/35FnD8ofcDreRf8FJm+LK2TjmFxtOPkH/e
-IaLvm2Sid6fyggJO2pNNU94MJvu5hwWMMtKWs6tY77p8+PYNpYLKGE4hd+y8muZo
-6bx9ZSetzUvhCYyqEHbRmDGJZ4/J7XjNpTMKirSGSP7pR3pZ+pFWX5xyNag6Y3s/
-e5ugG+HFabMNkItN6z8mY0y9EA3EY0xFTveA+OeKJEvufIgbuWwzV94UekjuhVha
-lG5kaDy4n3baFQ6WQQvnVAT2Se2UjfwNCOIoXeIaEz1z9us=
+YIZIAWUDBAIBogMCASADggEBAES6XXqD5GX/I7hLfJ+rLvfcWX5rQGdUCUKfQR2h
+fqj5R0jBAGPMkgYsPOv0gzLCLtF48x5SYDImjrOzYj26K4107wFczBt8rEBkB3nr
++TYmDumoVV3lEIcXDWljNEtbCchU3UMcGmK7rADrP6j+s7bgi54cpfQJivB7L9oT
+kq+twPDFFhgwU6ZduR+XS6asTIDcASjZn0VzvWww0cdzM8XM31b0cgQAeN1f2JK7
+h+kVAePwbruqPoX5aCJ6HtNMQ78B7gqqnHMLONR3z7cRylyq5uYlnb9BjXk3DPpT
+QcWGzxApnXp8lsXlbFd7ieYUhFtUIsRcgaC/pPx2cZc0Yn0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
index f8f41f26..1015ec6b 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.der
diff --git a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
index c3610ada..77c7f0fd 100644
--- a/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
+++ b/extra/wolfssl/wolfssl/certs/rsapss/server-rsapss.pem
@@ -9,8 +9,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = Server-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -60,29 +60,29 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         a3:9a:85:01:f5:22:c0:a3:8e:80:da:04:5e:a3:51:71:97:ba:
-         77:9f:96:19:33:6d:52:9e:ff:ce:05:a3:a6:87:05:d4:24:13:
-         91:1e:75:0b:af:d7:6c:0c:75:d9:63:27:a1:9b:1b:fd:f9:16:
-         70:fc:a1:f7:03:ad:e4:5f:f0:52:66:f8:b2:b6:4e:39:85:c6:
-         d3:8f:90:7f:de:21:a2:ef:9b:64:a2:77:a7:f2:82:02:4e:da:
-         93:4d:53:de:0c:26:fb:b9:87:05:8c:32:d2:96:b3:ab:58:ef:
-         ba:7c:f8:f6:0d:a5:82:ca:18:4e:21:77:ec:bc:9a:e6:68:e9:
-         bc:7d:65:27:ad:cd:4b:e1:09:8c:aa:10:76:d1:98:31:89:67:
-         8f:c9:ed:78:cd:a5:33:0a:8a:b4:86:48:fe:e9:47:7a:59:fa:
-         91:56:5f:9c:72:35:a8:3a:63:7b:3f:7b:9b:a0:1b:e1:c5:69:
-         b3:0d:90:8b:4d:eb:3f:26:63:4c:bd:10:0d:c4:63:4c:45:4e:
-         f7:80:f8:e7:8a:24:4b:ee:7c:88:1b:b9:6c:33:57:de:14:7a:
-         48:ee:85:58:5a:94:6e:64:68:3c:b8:9f:76:da:15:0e:96:41:
-         0b:e7:54:04:f6:49:ed:94:8d:fc:0d:08:e2:28:5d:e2:1a:13:
-         3d:73:f6:eb
+         44:ba:5d:7a:83:e4:65:ff:23:b8:4b:7c:9f:ab:2e:f7:dc:59:
+         7e:6b:40:67:54:09:42:9f:41:1d:a1:7e:a8:f9:47:48:c1:00:
+         63:cc:92:06:2c:3c:eb:f4:83:32:c2:2e:d1:78:f3:1e:52:60:
+         32:26:8e:b3:b3:62:3d:ba:2b:8d:74:ef:01:5c:cc:1b:7c:ac:
+         40:64:07:79:eb:f9:36:26:0e:e9:a8:55:5d:e5:10:87:17:0d:
+         69:63:34:4b:5b:09:c8:54:dd:43:1c:1a:62:bb:ac:00:eb:3f:
+         a8:fe:b3:b6:e0:8b:9e:1c:a5:f4:09:8a:f0:7b:2f:da:13:92:
+         af:ad:c0:f0:c5:16:18:30:53:a6:5d:b9:1f:97:4b:a6:ac:4c:
+         80:dc:01:28:d9:9f:45:73:bd:6c:30:d1:c7:73:33:c5:cc:df:
+         56:f4:72:04:00:78:dd:5f:d8:92:bb:87:e9:15:01:e3:f0:6e:
+         bb:aa:3e:85:f9:68:22:7a:1e:d3:4c:43:bf:01:ee:0a:aa:9c:
+         73:0b:38:d4:77:cf:b7:11:ca:5c:aa:e6:e6:25:9d:bf:41:8d:
+         79:37:0c:fa:53:41:c5:86:cf:10:29:9d:7a:7c:96:c5:e5:6c:
+         57:7b:89:e6:14:84:5b:54:22:c4:5c:81:a0:bf:a4:fc:76:71:
+         97:34:62:7d
 -----BEGIN CERTIFICATE-----
 MIIE/zCCA7egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBsjELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
 bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
-CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjEx
-NzQ5WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
+CgmSJomT8ixkAQEMB3dvbGZTU0wwHhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIx
+OTI4WjCBtjELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcM
 B0JvemVtYW4xFzAVBgNVBAoMDndvbGZTU0xfUlNBUFNTMRYwFAYDVQQLDA1TZXJ2
 ZXItUlNBUFNTMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMIIB
@@ -97,12 +97,12 @@ AQABo4GJMIGGMB0GA1UdDgQWBBQtB2mwoW+fDPolBbLKlwhE3w6XqDAfBgNVHSME
 GDAWgBSeDODT37ZL8xljXMpsk4aiFFORMTAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB
 /wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATARBglghkgBhvhCAQEEBAMCBkAw
 PQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJ
-YIZIAWUDBAIBogMCASADggEBAKOahQH1IsCjjoDaBF6jUXGXuneflhkzbVKe/84F
-o6aHBdQkE5EedQuv12wMddljJ6GbG/35FnD8ofcDreRf8FJm+LK2TjmFxtOPkH/e
-IaLvm2Sid6fyggJO2pNNU94MJvu5hwWMMtKWs6tY77p8+PYNpYLKGE4hd+y8muZo
-6bx9ZSetzUvhCYyqEHbRmDGJZ4/J7XjNpTMKirSGSP7pR3pZ+pFWX5xyNag6Y3s/
-e5ugG+HFabMNkItN6z8mY0y9EA3EY0xFTveA+OeKJEvufIgbuWwzV94UekjuhVha
-lG5kaDy4n3baFQ6WQQvnVAT2Se2UjfwNCOIoXeIaEz1z9us=
+YIZIAWUDBAIBogMCASADggEBAES6XXqD5GX/I7hLfJ+rLvfcWX5rQGdUCUKfQR2h
+fqj5R0jBAGPMkgYsPOv0gzLCLtF48x5SYDImjrOzYj26K4107wFczBt8rEBkB3nr
++TYmDumoVV3lEIcXDWljNEtbCchU3UMcGmK7rADrP6j+s7bgi54cpfQJivB7L9oT
+kq+twPDFFhgwU6ZduR+XS6asTIDcASjZn0VzvWww0cdzM8XM31b0cgQAeN1f2JK7
+h+kVAePwbruqPoX5aCJ6HtNMQ78B7gqqnHMLONR3z7cRylyq5uYlnb9BjXk3DPpT
+QcWGzxApnXp8lsXlbFd7ieYUhFtUIsRcgaC/pPx2cZc0Yn0=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -115,8 +115,8 @@ Certificate:
          Trailer Field: 0xBC (default)
         Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSA-PSS, OU = Root-RSA-PSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_RSAPSS, OU = CA-RSAPSS, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
         Subject Public Key Info:
             Public Key Algorithm: rsassaPss
@@ -162,28 +162,28 @@ Certificate:
           Salt Length: 0x20
          Trailer Field: 0xBC (default)
 
-         49:a5:ef:22:47:73:30:e6:41:67:79:c9:8c:ac:58:a2:d0:bf:
-         ed:50:c9:e8:26:44:16:d0:64:c7:f9:f0:50:1f:8b:25:f7:ba:
-         32:f0:1d:14:9f:d7:ad:2b:81:14:7d:60:ec:b3:f6:ad:0a:99:
-         b6:1d:eb:f2:8e:d5:bf:1b:a9:1e:3e:8b:6c:c8:c0:ee:dd:1b:
-         2e:34:dd:bd:cd:14:60:2e:14:60:b8:f1:f3:bc:af:87:5a:75:
-         55:72:18:2d:a3:9d:01:73:aa:52:a6:44:4e:5c:a2:b5:57:8f:
-         4b:36:5e:2a:f2:c1:e2:de:88:29:24:8d:62:81:d4:6d:42:e3:
-         50:e3:a9:46:fe:78:be:95:83:bd:cc:2c:9a:ad:da:4f:c1:de:
-         34:01:53:21:5b:c6:ec:6f:6b:2e:fd:d4:71:c7:15:4e:26:30:
-         6a:de:c7:21:22:14:ae:80:c0:00:89:72:83:89:3c:30:15:3b:
-         68:67:97:b0:93:7b:7a:95:54:1d:45:8e:ae:d2:97:0c:f9:32:
-         3b:61:2d:9e:b2:b0:2e:4f:d5:cc:ab:05:5d:ce:14:8a:fe:7b:
-         e4:59:33:fe:e0:42:d9:a6:99:f8:f2:7f:98:fa:09:dc:d5:ab:
-         2b:7b:08:c2:24:4c:59:49:e0:9e:23:85:d8:32:c7:5b:d4:01:
-         d2:20:c5:9c
+         6c:79:0e:40:30:74:f6:02:08:61:df:c0:89:25:10:30:ea:e4:
+         e9:14:c8:c6:47:01:55:a4:f2:ed:ee:3f:55:da:62:39:04:cb:
+         3d:a1:78:56:76:30:fd:14:ea:b3:d8:21:99:c6:ca:ed:9f:18:
+         7d:15:4d:d2:cf:db:c3:a1:b4:56:0d:04:b1:72:9c:68:81:1f:
+         01:02:b8:8f:d6:d8:ed:47:3a:72:f2:e0:a5:9b:7b:50:75:00:
+         a4:ab:23:62:48:1f:bc:f4:50:86:ef:06:b3:f8:8b:6e:e0:39:
+         d1:8c:3b:8f:1f:ef:c5:ff:8c:2d:b2:1b:5d:82:32:b1:81:92:
+         02:7c:c9:ad:16:86:63:6c:95:41:ed:80:70:96:41:13:11:03:
+         9a:c1:41:d4:ca:e0:fd:7f:2d:d9:5b:60:d6:42:fe:aa:ac:73:
+         4e:6d:26:67:03:ec:53:e9:97:2f:73:3a:f5:c4:ba:cf:dc:db:
+         6c:f0:79:80:b1:52:f4:bf:12:c9:a7:ce:b1:2f:8d:6a:6a:a8:
+         9e:27:e9:d1:55:26:6b:20:8c:1f:90:57:6d:5e:dc:9e:ca:4c:
+         76:fc:35:76:dc:5a:06:90:50:88:7e:ad:9f:58:e3:39:10:e3:
+         64:19:9f:ea:fb:86:04:84:79:d6:20:ac:c8:45:8b:03:8c:eb:
+         b6:d4:e7:e4
 -----BEGIN CERTIFICATE-----
 MIIEvzCCA3egAwIBAgIBATA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa
 MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDCBnTELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dv
 bGZTU0xfUlNBLVBTUzEVMBMGA1UECwwMUm9vdC1SU0EtUFNTMRgwFgYDVQQDDA93
 d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
-HhcNMjIxMjE2MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBsjELMAkGA1UEBhMCVVMx
+HhcNMjMxMjEzMjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBsjELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFzAVBgNVBAoMDndv
 bGZTU0xfUlNBUFNTMRIwEAYDVQQLDAlDQS1SU0FQU1MxGDAWBgNVBAMMD3d3dy53
 b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUG
@@ -198,10 +198,10 @@ pyvhDzjmM+qyEA4UyD+Hn/+LKMwdAgMBAAGjYzBhMB0GA1UdDgQWBBSeDODT37ZL
 8xljXMpsk4aiFFORMTAfBgNVHSMEGDAWgBRk1eyCh4DeWu1JmNgMVH1GnqU81jAP
 BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjA9BgkqhkiG9w0BAQowMKAN
 MAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIAOC
-AQEASaXvIkdzMOZBZ3nJjKxYotC/7VDJ6CZEFtBkx/nwUB+LJfe6MvAdFJ/XrSuB
-FH1g7LP2rQqZth3r8o7VvxupHj6LbMjA7t0bLjTdvc0UYC4UYLjx87yvh1p1VXIY
-LaOdAXOqUqZETlyitVePSzZeKvLB4t6IKSSNYoHUbULjUOOpRv54vpWDvcwsmq3a
-T8HeNAFTIVvG7G9rLv3UcccVTiYwat7HISIUroDAAIlyg4k8MBU7aGeXsJN7epVU
-HUWOrtKXDPkyO2EtnrKwLk/VzKsFXc4Uiv575Fkz/uBC2aaZ+PJ/mPoJ3NWrK3sI
-wiRMWUngniOF2DLHW9QB0iDFnA==
+AQEAbHkOQDB09gIIYd/AiSUQMOrk6RTIxkcBVaTy7e4/VdpiOQTLPaF4VnYw/RTq
+s9ghmcbK7Z8YfRVN0s/bw6G0Vg0EsXKcaIEfAQK4j9bY7Uc6cvLgpZt7UHUApKsj
+YkgfvPRQhu8Gs/iLbuA50Yw7jx/vxf+MLbIbXYIysYGSAnzJrRaGY2yVQe2AcJZB
+ExEDmsFB1Mrg/X8t2Vtg1kL+qqxzTm0mZwPsU+mXL3M69cS6z9zbbPB5gLFS9L8S
+yafOsS+Namqonifp0VUmayCMH5BXbV7cnspMdvw1dtxaBpBQiH6tn1jjORDjZBmf
+6vuGBIR51iCsyEWLA4zrttTn5A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-cert-chain.der b/extra/wolfssl/wolfssl/certs/server-cert-chain.der
index 15b1d288..effd41c1 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert-chain.der
+++ b/extra/wolfssl/wolfssl/certs/server-cert-chain.der
diff --git a/extra/wolfssl/wolfssl/certs/server-cert.der b/extra/wolfssl/wolfssl/certs/server-cert.der
index 30cd28d9..e5cb198f 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert.der
+++ b/extra/wolfssl/wolfssl/certs/server-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/server-cert.pem b/extra/wolfssl/wolfssl/certs/server-cert.pem
index de754a26..c0e639fe 100644
--- a/extra/wolfssl/wolfssl/certs/server-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         b9:10:f0:be:fe:c8:67:5e:7d:0f:36:33:c7:17:2a:01:c4:bb:
-         74:83:4c:bc:bb:e2:ba:92:82:3a:d9:2d:8c:0e:e3:75:1b:c0:
-         14:aa:40:1e:a8:11:7d:94:9c:3d:74:7a:3b:16:7b:d8:9d:f0:
-         e8:7d:1d:fa:3b:14:42:20:e3:05:a3:fd:b1:0c:f1:2a:c4:00:
-         50:8d:1e:97:93:6a:de:82:13:24:9e:2b:fa:08:85:e3:4f:40:
-         fd:63:c7:3d:e9:bd:6f:7c:03:98:85:fe:b4:51:5d:7f:8c:83:
-         b3:ad:4a:88:e9:f3:4c:33:84:77:d3:02:35:59:e3:4e:64:a1:
-         b7:bb:fb:f8:fb:14:2a:ae:36:bf:d9:82:e7:cb:98:48:16:c8:
-         81:d6:a0:f1:74:14:e3:74:4a:72:4a:f1:6f:dd:be:86:1e:20:
-         f3:05:16:83:1f:aa:7c:59:35:97:24:b8:27:b7:56:9f:30:2e:
-         90:e0:19:e0:21:ca:9d:3f:da:99:07:94:79:49:53:14:5c:a2:
-         2c:56:5b:b2:55:68:5c:1f:91:58:9a:cd:53:b5:ea:63:5a:72:
-         49:41:cc:76:9f:88:35:86:0d:60:5d:e5:91:bd:ac:6f:cf:d5:
-         92:27:72:4a:21:f4:58:98:8e:3b:d2:29:e6:ee:fa:e6:b0:6c:
-         8b:1e:e0:54
+         4a:ff:b9:e5:85:9b:da:53:66:7f:07:22:bf:b6:19:ea:42:eb:
+         a4:11:07:62:ff:39:5f:33:37:3a:87:26:71:3d:13:b2:ca:b8:
+         64:38:7b:8a:99:48:0e:a5:a4:6b:b1:99:6e:e0:46:51:bd:19:
+         52:ad:bc:a6:7e:2a:7a:7c:23:a7:cc:db:5e:43:7d:6b:04:c8:
+         b7:dd:95:ad:f0:91:80:59:c5:19:91:26:27:91:b8:48:1c:eb:
+         55:b6:aa:7d:a4:38:f1:03:bc:6c:8b:aa:94:d6:3c:05:7a:96:
+         c5:06:f1:26:14:2e:75:fb:dd:e5:35:b3:01:2c:b3:ad:62:5a:
+         21:9a:08:be:56:fc:f9:a2:42:87:86:e5:a9:c5:99:cf:ae:14:
+         be:e0:b9:08:24:0d:1d:5c:d6:14:e1:4c:9f:40:b3:a9:e9:2d:
+         52:8b:4c:bf:ac:44:31:67:c1:8d:06:85:ec:0f:e4:99:d7:4b:
+         7b:21:06:66:d4:e4:f5:9d:ff:8e:f0:86:39:58:1d:a4:5b:e2:
+         63:ef:7c:c9:18:87:a8:02:25:10:3e:87:28:f9:f5:ef:47:9e:
+         a5:80:08:11:90:68:fe:d1:a3:a8:51:b9:37:ff:d5:ca:7c:87:
+         7f:6b:bc:2c:12:c8:c5:85:8b:fc:0c:c6:b9:86:b8:c9:04:c3:
+         51:37:d2:4f
 -----BEGIN CERTIFICATE-----
 MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
 BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
 SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@@ -80,26 +80,26 @@ BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t
 M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
 bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
 DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFCyAzttHnQdmkj1o18qskE/KaUFLMAwG
+9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFDNEGqhsAez2YPJwUQpM0RT6vOlEMAwG
 A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l
-BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQC5EPC+
-/shnXn0PNjPHFyoBxLt0g0y8u+K6koI62S2MDuN1G8AUqkAeqBF9lJw9dHo7FnvY
-nfDofR36OxRCIOMFo/2xDPEqxABQjR6Xk2reghMkniv6CIXjT0D9Y8c96b1vfAOY
-hf60UV1/jIOzrUqI6fNMM4R30wI1WeNOZKG3u/v4+xQqrja/2YLny5hIFsiB1qDx
-dBTjdEpySvFv3b6GHiDzBRaDH6p8WTWXJLgnt1afMC6Q4BngIcqdP9qZB5R5SVMU
-XKIsVluyVWhcH5FYms1TtepjWnJJQcx2n4g1hg1gXeWRvaxvz9WSJ3JKIfRYmI47
-0inm7vrmsGyLHuBU
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBK/7nl
+hZvaU2Z/ByK/thnqQuukEQdi/zlfMzc6hyZxPROyyrhkOHuKmUgOpaRrsZlu4EZR
+vRlSrbymfip6fCOnzNteQ31rBMi33ZWt8JGAWcUZkSYnkbhIHOtVtqp9pDjxA7xs
+i6qU1jwFepbFBvEmFC51+93lNbMBLLOtYlohmgi+Vvz5okKHhuWpxZnPrhS+4LkI
+JA0dXNYU4UyfQLOp6S1Si0y/rEQxZ8GNBoXsD+SZ10t7IQZm1OT1nf+O8IY5WB2k
+W+Jj73zJGIeoAiUQPoco+fXvR56lgAgRkGj+0aOoUbk3/9XKfId/a7wsEsjFhYv8
+DMa5hrjJBMNRN9JP
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-comp.der b/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
index 79421796..b7e15586 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-comp.der
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem b/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
index 3e0aa663..8af59ab6 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-comp.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            04:d0:ee:f8:6f:67:42:a9:6f:3f:d2:7d:6e:7b:ce:29:ce:14:d2:1b
+            21:d7:53:80:24:5c:eb:bf:c0:a4:40:f4:42:19:3b:83:fd:58:c5:a6
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - comp, OU = Server ECC-comp, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -24,7 +24,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:8C:38:3A:6B:B8:24:B7:DF:6E:F4:59:AC:56:4E:AA:E2:58:A6:5A:18
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Elliptic - comp/OU=Server ECC-comp/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:04:D0:EE:F8:6F:67:42:A9:6F:3F:D2:7D:6E:7B:CE:29:CE:14:D2:1B
+                serial:21:D7:53:80:24:5C:EB:BF:C0:A4:40:F4:42:19:3B:83:FD:58:C5:A6
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -33,17 +33,17 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:21:00:8d:97:8f:d4:70:bf:10:7a:3f:f4:35:bb:8e:
-         6d:39:5b:a1:02:ee:32:da:02:91:57:02:0b:43:08:3e:61:da:
-         f1:02:20:73:55:17:84:06:34:0e:9b:cd:55:c4:6d:3b:26:a3:
-         ed:3a:8b:ba:22:e3:dc:35:fb:8c:0f:b7:ba:6c:63:9d:e1
+         30:45:02:20:57:1a:59:bc:c9:45:0a:46:e6:16:da:17:ce:c3:
+         0a:57:57:f2:3d:15:cd:ca:1b:a7:a8:39:2e:9d:09:f3:3e:a0:
+         02:21:00:de:a3:3a:4d:88:38:2b:3a:84:de:2f:0a:81:14:57:
+         7f:7f:2e:d6:a5:4d:61:10:69:b9:a2:c6:51:cd:80:4a:63
 -----BEGIN CERTIFICATE-----
-MIIDdzCCAx2gAwIBAgIUBNDu+G9nQqlvP9J9bnvOKc4U0hswCgYIKoZIzj0EAwIw
+MIIDdzCCAx2gAwIBAgIUIddTgCRc67/ApED0Qhk7g/1YxaYwCgYIKoZIzj0EAwIw
 gaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZlciBF
 Q0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkB
-FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0
-OVowgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
+FhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTky
+OFowgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAxGDAWBgNVBAsMD1NlcnZl
 ciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN
 AQkBFhBpbmZvQHdvbGZzc2wuY29tMDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgAC
@@ -52,9 +52,9 @@ FgQUjDg6a7gkt99u9FmsVk6q4limWhgwgeAGA1UdIwSB2DCB1YAUjDg6a7gkt99u
 9FmsVk6q4limWhihgaakgaMwgaAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250
 YW5hMRAwDgYDVQQHDAdCb3plbWFuMRgwFgYDVQQKDA9FbGxpcHRpYyAtIGNvbXAx
 GDAWBgNVBAsMD1NlcnZlciBFQ0MtY29tcDEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
-Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQE0O74b2dCqW8/
-0n1ue84pzhTSGzAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29t
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQh11OAJFzrv8Ck
+QPRCGTuD/VjFpjAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29t
 hwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggqhkjOPQQD
-AgNIADBFAiEAjZeP1HC/EHo/9DW7jm05W6EC7jLaApFXAgtDCD5h2vECIHNVF4QG
-NA6bzVXEbTsmo+06i7oi49w1+4wPt7psY53h
+AgNIADBFAiBXGlm8yUUKRuYW2hfOwwpXV/I9Fc3KG6eoOS6dCfM+oAIhAN6jOk2I
+OCs6hN4vCoEUV39/LtalTWEQabmixlHNgEpj
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
index 8af4cc27..3c958432 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.der
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
index 0d4b19d5..6db0901d 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-rsa.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Elliptic - RSAsig, OU = ECC-RSAsig, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -25,7 +25,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -34,27 +34,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         44:da:4d:a2:d3:96:51:31:35:74:21:d5:27:0d:ab:72:eb:d8:
-         24:11:3c:52:07:01:51:e8:26:11:39:da:ac:57:ca:e3:8d:8c:
-         91:16:28:e3:7b:fe:58:76:0a:3e:9d:ac:f3:ce:9f:5a:ff:07:
-         c9:a1:27:9a:9a:5c:db:82:ba:0e:d0:80:bc:cf:b1:34:6a:26:
-         af:15:7a:21:f6:a9:48:3c:c6:02:d0:4e:32:ac:75:17:60:19:
-         45:12:37:5d:75:65:84:ca:e8:40:73:f5:1c:71:82:ae:e2:3a:
-         1c:d7:4c:59:f2:83:16:1f:77:02:91:cc:9c:aa:c9:e7:72:6b:
-         ff:40:7e:da:35:65:47:bd:55:90:c8:c8:21:b2:fb:89:d4:d4:
-         cc:39:02:54:20:83:17:46:eb:5f:60:58:35:4e:ca:24:8d:0b:
-         77:10:b0:4a:2a:51:a9:d0:74:27:35:61:76:0f:94:2c:0b:10:
-         1d:b8:4a:3e:38:95:17:0a:0a:7e:c6:35:c3:68:89:c0:82:8b:
-         61:b8:e6:2f:f9:c8:58:96:c7:1f:eb:1d:2f:09:34:5f:bf:76:
-         af:00:6c:33:80:10:5b:a0:d2:76:6f:e2:4c:96:b6:2d:dc:c0:
-         21:43:6e:f3:58:2a:4b:a6:ef:15:b5:ca:00:28:1a:c6:e0:31:
-         f0:5d:99:70
+         16:b7:d3:9c:7c:6e:d2:b7:79:aa:5a:16:0b:1e:da:d0:f7:df:
+         64:c9:3c:b8:41:24:4b:1b:c2:83:5e:df:de:a8:8a:7c:eb:07:
+         75:20:f6:f3:4c:bd:3f:2e:f0:f0:da:4b:c5:d2:c4:f8:db:34:
+         75:e2:32:b4:34:92:8a:7f:d7:84:ea:df:99:ca:64:e6:7c:68:
+         05:1c:75:de:3f:06:65:5d:fc:29:c9:73:0f:4a:ad:fd:bc:0d:
+         91:37:67:63:55:65:93:99:56:84:25:1b:f1:50:03:31:2d:48:
+         ad:a3:38:91:29:88:b8:72:08:4c:11:36:35:20:13:78:98:d8:
+         84:30:c5:7b:70:24:45:8c:e1:55:80:06:5f:19:57:89:58:1c:
+         2a:40:fb:f3:a6:bf:ea:41:7a:79:2c:ab:fe:b6:16:5d:d5:fa:
+         32:50:9d:89:f2:cc:87:7a:57:cf:4d:38:c4:d5:33:9a:4d:83:
+         c9:00:b8:36:66:14:76:20:c1:7a:c7:f7:0a:94:69:ce:0a:0f:
+         81:04:12:5f:71:d0:d1:ff:08:d0:89:6f:ac:45:d3:06:23:a0:
+         76:88:ad:5d:9a:7a:8c:1f:61:d4:d8:21:1d:8e:05:89:d1:d4:
+         d6:86:5b:4b:43:e6:03:4a:10:48:f4:1b:9d:3b:76:d8:2c:ad:
+         fa:33:a5:70
 -----BEGIN CERTIFICATE-----
 MIIEKjCCAxKgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBnTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGjAYBgNVBAoMEUVsbGlwdGljIC0g
 UlNBc2lnMRMwEQYDVQQLDApFQ0MtUlNBc2lnMRgwFgYDVQQDDA93d3cud29sZnNz
 bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjO
@@ -64,13 +64,13 @@ BBYEFF1dJu+sfjb5m3YVK0olAiPvsokwMIHUBgNVHSMEgcwwgcmAFCeOZxF0wyYd
 P+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
 dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3dG9vdGgxEzARBgNV
 BAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
-SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20edB2aSPWjXyqyQT8ppQUsw
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB7PZg8nBRCkzRFPq86UQw
 DAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtleGFtcGxlLmNvbYcEfwAAATAdBgNV
-HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAETa
-TaLTllExNXQh1ScNq3Lr2CQRPFIHAVHoJhE52qxXyuONjJEWKON7/lh2Cj6drPPO
-n1r/B8mhJ5qaXNuCug7QgLzPsTRqJq8VeiH2qUg8xgLQTjKsdRdgGUUSN111ZYTK
-6EBz9Rxxgq7iOhzXTFnygxYfdwKRzJyqyedya/9Afto1ZUe9VZDIyCGy+4nU1Mw5
-AlQggxdG619gWDVOyiSNC3cQsEoqUanQdCc1YXYPlCwLEB24Sj44lRcKCn7GNcNo
-icCCi2G45i/5yFiWxx/rHS8JNF+/dq8AbDOAEFug0nZv4kyWti3cwCFDbvNYKkum
-7xW1ygAoGsbgMfBdmXA=
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBABa3
+05x8btK3eapaFgse2tD332TJPLhBJEsbwoNe396oinzrB3Ug9vNMvT8u8PDaS8XS
+xPjbNHXiMrQ0kop/14Tq35nKZOZ8aAUcdd4/BmVd/CnJcw9Krf28DZE3Z2NVZZOZ
+VoQlG/FQAzEtSK2jOJEpiLhyCEwRNjUgE3iY2IQwxXtwJEWM4VWABl8ZV4lYHCpA
++/Omv+pBenksq/62Fl3V+jJQnYnyzId6V89NOMTVM5pNg8kAuDZmFHYgwXrH9wqU
+ac4KD4EEEl9x0NH/CNCJb6xF0wYjoHaIrV2aeowfYdTYIR2OBYnR1NaGW0tD5gNK
+EEj0G507dtgsrfozpXA=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-self.der b/extra/wolfssl/wolfssl/certs/server-ecc-self.der
index deb6921d..fe076d68 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-self.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-self.der
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc-self.pem b/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
index d644b25a..663c1948 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc-self.pem
@@ -2,13 +2,13 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2d:70:a6:06:58:4b:2c:a4:38:f2:94:39:94:46:70:99:ca:bf:25:89
+            7e:ce:94:a4:69:82:50:e3:fe:e1:ca:d8:ff:0e:5f:8f:c9:b5:2b:5c
         Signature Algorithm: ecdsa-with-SHA256
-        Issuer: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Issuer: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Dec 13 21:17:49 2032 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:27 2023 GMT
+            Not After : Dec 10 22:19:27 2033 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
@@ -29,35 +29,36 @@ Certificate:
                 5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
             X509v3 Authority Key Identifier: 
                 keyid:5D:5D:26:EF:AC:7E:36:F9:9B:76:15:2B:4A:25:02:23:EF:B2:89:30
-                DirName:/C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2D:70:A6:06:58:4B:2C:A4:38:F2:94:39:94:46:70:99:CA:BF:25:89
+                DirName:/C=US/ST=Washington/L=Seattle/O=Elliptic/OU=ECC/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
+                serial:7E:CE:94:A4:69:82:50:E3:FE:E1:CA:D8:FF:0E:5F:8F:C9:B5:2B:5C
 
             X509v3 Key Usage: critical
                 Digital Signature, Key Encipherment, Key Agreement
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication
     Signature Algorithm: ecdsa-with-SHA256
-         30:44:02:20:3f:7e:67:7c:2a:52:f3:12:eb:3c:f3:3d:cb:d0:
-         08:e0:9f:21:10:b7:1c:e6:c9:53:a9:04:65:38:76:cb:8d:ff:
-         02:20:09:ac:bd:98:ac:8f:58:ad:2c:51:8d:cd:bf:56:77:23:
-         ac:b0:37:90:fb:8e:84:5a:a2:06:21:9d:4c:50:39:c3
+         30:46:02:21:00:b1:ef:00:eb:7b:d1:e0:a8:95:1c:80:c8:11:
+         e3:66:46:fb:ff:f8:55:2f:45:20:98:72:b1:5b:e4:b6:3b:ce:
+         35:02:21:00:d7:b3:b6:bb:fd:41:86:04:a1:61:bd:2b:1c:5f:
+         a0:3d:52:51:97:e3:90:d0:5e:a6:c8:09:23:ae:3d:5c:2a:3c
 -----BEGIN CERTIFICATE-----
-MIIDWzCCAwKgAwIBAgIULXCmBlhLLKQ48pQ5lEZwmcq/JYkwCgYIKoZIzj0EAwIw
-gY8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
-ZWF0dGxlMRAwDgYDVQQKDAdFbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMM
-D3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNv
-bTAeFw0yMjEyMTYyMTE3NDlaFw0zMjEyMTMyMTE3NDlaMIGPMQswCQYDVQQGEwJV
-UzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UE
-CgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93d3cud29sZnNzbC5j
-b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAAS7M6xMJ1BKxkqlBMM83p8223ItzpTqK/rLIAk5LBboYQLp
-r03TApOaMVuXkiF/8M8Y2pERAjSG6CBYMwuANInYo4IBODCCATQwCQYDVR0TBAIw
-ADARBglghkgBhvhCAQEEBAMCBkAwHQYDVR0OBBYEFF1dJu+sfjb5m3YVK0olAiPv
-sokwMIHPBgNVHSMEgccwgcSAFF1dJu+sfjb5m3YVK0olAiPvsokwoYGVpIGSMIGP
-MQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2Vh
-dHRsZTEQMA4GA1UECgwHRWxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQDDA93
-d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22C
-FC1wpgZYSyykOPKUOZRGcJnKvyWJMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAK
-BggrBgEFBQcDATAKBggqhkjOPQQDAgNHADBEAiA/fmd8KlLzEus88z3L0AjgnyEQ
-txzmyVOpBGU4dsuN/wIgCay9mKyPWK0sUY3Nv1Z3I6ywN5D7joRaogYhnUxQOcM=
+MIIDYDCCAwWgAwIBAgIUfs6UpGmCUOP+4crY/w5fj8m1K1wwCgYIKoZIzj0EAwIw
+gZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b20wHhcNMjMxMjEzMjIxOTI3WhcNMzMxMjEwMjIxOTI3WjCBkDELMAkGA1UEBhMC
+VVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNV
+BAoMCEVsbGlwdGljMQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3Ns
+LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhh
+AumvTdMCk5oxW5eSIX/wzxjakRECNIboIFgzC4A0idijggE5MIIBNTAJBgNVHRME
+AjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAdBgNVHQ4EFgQUXV0m76x+NvmbdhUrSiUC
+I++yiTAwgdAGA1UdIwSByDCBxYAUXV0m76x+NvmbdhUrSiUCI++yiTChgZakgZMw
+gZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
+ZWF0dGxlMREwDwYDVQQKDAhFbGxpcHRpYzEMMAoGA1UECwwDRUNDMRgwFgYDVQQD
+DA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
+b22CFH7OlKRpglDj/uHK2P8OX4/JtStcMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUE
+DDAKBggrBgEFBQcDATAKBggqhkjOPQQDAgNJADBGAiEAse8A63vR4KiVHIDIEeNm
+Rvv/+FUvRSCYcrFb5LY7zjUCIQDXs7a7/UGGBKFhvSscX6A9UlGX45DQXqbICSOu
+PVwqPA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc.der b/extra/wolfssl/wolfssl/certs/server-ecc.der
index 2b08135b..7d5e07e6 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc.der
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc.pem b/extra/wolfssl/wolfssl/certs/server-ecc.pem
index d2f48f90..94978a55 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc.pem
@@ -5,9 +5,9 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
@@ -34,24 +34,24 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:21:00:cf:3a:17:97:d4:be:7c:50:e1:be:1b:53:95:
-         7b:a3:b8:c6:73:c4:34:e0:73:5a:db:3e:cb:3a:b6:a8:f1:cd:
-         bf:02:20:2b:e6:f9:65:b2:ab:0f:bb:2b:36:5c:cc:2e:19:a9:
-         59:1c:6f:6f:ce:9b:7a:e6:5b:65:31:33:80:05:cb:7c:96
+         30:45:02:21:00:86:bd:87:16:d2:9c:66:e7:5e:5c:28:0e:5f:
+         ef:94:61:2f:d4:21:6d:8e:c3:94:0a:1e:b5:6a:1d:c6:04:87:
+         c6:02:20:66:46:c4:29:d9:8e:eb:0b:f7:5b:32:13:eb:0a:ea:
+         47:99:4b:74:56:ba:21:97:b1:67:75:5c:f3:f3:c0:88:aa
 -----BEGIN CERTIFICATE-----
-MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
+MIICojCCAkigAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
 BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv
 bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
-f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
-SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ
-YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIQDPOheX1L58UOG+G1OV
-e6O4xnPENOBzWts+yzq2qPHNvwIgK+b5ZbKrD7srNlzMLhmpWRxvb86beuZbZTEz
-gAXLfJY=
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
+IX/wzxjakRECNIboIFgzC4A0idijgYkwgYYwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
+K0olAiPvsokwMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD86UhMAwGA1Ud
+EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBEG
+CWCGSAGG+EIBAQQEAwIGQDAKBggqhkjOPQQDAgNIADBFAiEAhr2HFtKcZudeXCgO
+X++UYS/UIW2Ow5QKHrVqHcYEh8YCIGZGxCnZjusL91syE+sK6keZS3RWuiGXsWd1
+XPPzwIiq
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
index d8385dc1..b4410ad4 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
+++ b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.der
diff --git a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
index e3656ed3..21d89098 100644
--- a/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-ecc384-cert.pem
@@ -1,22 +1,22 @@
 -----BEGIN CERTIFICATE-----
-MIIDnzCCAyWgAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
+MIIDnzCCAyagAwIBAgICEAEwCgYIKoZIzj0EAwMwgZcxCzAJBgNVBAYTAlVTMRMw
 EQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRAwDgYDVQQKDAd3
 b2xmU1NMMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIyMTIx
-NjIxMTc0OVoYDzIwNTIxMjA4MjExNzQ5WjCBlTELMAkGA1UEBhMCVVMxEzARBgNV
-BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0
-aWMxEjAQBgNVBAsMCUVDQzM4NFNydjEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMHYwEAYHKoZIzj0CAQYF
-K4EEACIDYgAE6s+TTywJuzkUD1Zkw0C03w5jruVxSwDMBJf/4ek4lrtfkbJqzLU5
-X49wWfEB9lorAWxoC89VJa9tmEgKqHTJqRegDMP70yNo/gQ8Y1CIO7lPfGc09zup
-c+cbw1FeIhjso4IBQDCCATwwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMCBkAw
-HQYDVR0OBBYEFII78mUv87QAxrwG/XlCdUtl0c68MIHXBgNVHSMEgc8wgcyAFKvg
-wyZMGNRyu9KEjJwKBZKAElNSoYGdpIGaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UE
-CAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEQMA4GA1UECgwHd29sZlNT
-TDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
-bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUYnDODA5oOu/2nBqW
-Ozpy/5ngviUwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAoG
-CCqGSM49BAMDA2gAMGUCMQCypGLmlyMf62PmMwlYdqMWVEcPdKsHkKBh7uNpXZCC
-Ww3dN8jZXeLRqv5hxWHrLKYCMDQ45DuZ+uBhyv3fK+Dsk7Hshp7DN07yHZ4+9rQA
-jnHz/v78cK/NDpYULc0ilNGYJg==
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCAXDTIzMTIx
+MzIyMTkyN1oYDzIwNTMxMjA1MjIxOTI3WjCBljELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlw
+dGljMRIwEAYDVQQLDAlFQ0MzODRTcnYxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABOrPk08sCbs5FA9WZMNAtN8OY67lcUsAzASX/+HpOJa7X5Gyasy1
+OV+PcFnxAfZaKwFsaAvPVSWvbZhICqh0yakXoAzD+9MjaP4EPGNQiDu5T3xnNPc7
+qXPnG8NRXiIY7KOCAUAwggE8MAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgZA
+MB0GA1UdDgQWBBSCO/JlL/O0AMa8Bv15QnVLZdHOvDCB1wYDVR0jBIHPMIHMgBSr
+4MMmTBjUcrvShIycCgWSgBJTUqGBnaSBmjCBlzELMAkGA1UEBhMCVVMxEzARBgNV
+BAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dvbGZT
+U0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNzbC5j
+b20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFEXB9YZPVPLQmp3y
+n1IKRmavozXTMA4GA1UdDwEB/wQEAwIDqDATBgNVHSUEDDAKBggrBgEFBQcDATAK
+BggqhkjOPQQDAwNnADBkAjA4AvK6JvDpyPBqda/IkyzM90qQIHKbomr7ayhuAG0k
+VENqh4nn4BED4EjmgEZ8FjoCMF4UuUIDJtYCMA8lqknSfpfxmWdSfbKw7eaM/ivj
+z5PuNjtIU2GSWQ1njRNDyi+keg==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/server-keyPub.der b/extra/wolfssl/wolfssl/certs/server-keyPub.der
new file mode 100644
index 00000000..b6d8fbe6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/server-keyPub.der
diff --git a/extra/wolfssl/wolfssl/certs/server-keyPub.pem b/extra/wolfssl/wolfssl/certs/server-keyPub.pem
index c90f5c4f..0707336a 100644
--- a/extra/wolfssl/wolfssl/certs/server-keyPub.pem
+++ b/extra/wolfssl/wolfssl/certs/server-keyPub.pem
@@ -1,4 +1,4 @@
------BEGIN RSA PUBLIC KEY-----
+-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScB
 ZcZFrvK8JDC4lc4vTtb2HIi8fJ/7qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8
 yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
@@ -6,4 +6,4 @@ yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
 UQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOV
 oXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t
 1wIDAQAB
------END RSA PUBLIC KEY-----
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem b/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
index e84a8cbe..45629737 100644
--- a/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
+++ b/extra/wolfssl/wolfssl/certs/server-revoked-cert.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_revoked, OU = Support_revoked, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:2e:5e:19:0f:49:37:fe:ce:10:c1:c9:55:8a:cb:c9:04:ee:
-         88:57:98:f2:ba:a0:50:61:55:12:03:cd:01:6a:8a:74:8c:ff:
-         e4:10:25:14:41:73:10:99:2f:77:27:21:e9:db:9d:b4:5b:d4:
-         df:bc:b2:29:8d:41:35:c4:65:82:18:8f:a2:03:10:65:cc:82:
-         7d:e0:59:fc:55:82:96:02:32:aa:c1:c6:6a:c4:1b:3c:04:e7:
-         35:72:67:1b:ba:29:c1:3d:ac:82:7c:23:66:eb:ae:7c:1b:a7:
-         8c:05:4e:f3:c4:8e:58:58:f6:9c:3e:68:9b:80:da:45:8c:0b:
-         db:85:da:de:fb:cb:78:20:3e:e5:99:a0:ac:09:1e:9d:13:67:
-         3d:51:77:d3:47:38:6a:00:d3:d5:b3:20:bc:a5:61:fb:79:20:
-         13:f5:a6:16:a4:08:60:4e:c5:28:59:fe:fa:4c:52:a5:db:da:
-         b9:a5:5e:3a:60:25:2b:e8:a5:cf:d3:5a:29:d4:52:8f:99:f3:
-         6b:4b:ad:42:b8:02:af:ab:56:57:36:c3:69:18:1b:88:9f:a4:
-         f2:58:dc:53:bb:55:70:11:ae:af:f3:e5:64:c4:40:58:53:19:
-         f6:96:ef:d0:f1:7c:e2:10:0d:f7:ed:c6:24:4e:a8:9f:db:72:
-         7a:9e:e7:0d
+         5c:ae:98:a1:97:b7:b7:57:1b:47:32:9d:86:df:aa:5a:95:03:
+         8f:de:04:9f:27:1f:b3:bc:6d:50:63:53:6a:02:83:3d:5b:f6:
+         16:04:4a:04:84:65:d4:68:7c:f3:1d:8f:dc:ff:76:e1:b0:ce:
+         88:b1:31:57:c9:5c:14:bf:ae:b9:ee:82:a0:b0:c3:25:bb:5f:
+         0f:a7:00:fc:dd:73:27:8b:b8:dd:72:63:00:47:38:cb:09:66:
+         7a:0e:fb:8f:c3:6e:de:23:23:47:cd:7f:f0:4c:fa:31:fa:f5:
+         28:cb:2e:1c:3e:0a:92:8a:b2:c7:bd:37:21:39:d2:f6:ee:c4:
+         9c:28:7a:0a:88:8c:ca:ce:7d:e8:c3:a7:3f:bc:44:52:fb:e0:
+         68:95:f2:46:30:0f:1b:fa:ea:92:4c:86:c2:fe:62:48:91:5a:
+         ea:5a:9a:76:8a:23:dd:56:37:27:d8:91:2f:eb:77:eb:b8:30:
+         8e:5a:46:71:96:a2:24:f0:fa:1a:eb:39:cd:70:dc:ea:4e:bd:
+         49:88:4c:57:95:ff:f8:9e:b0:b7:13:10:26:51:3c:4b:bc:70:
+         3a:fc:1d:a2:6f:13:bf:ab:d4:3c:9e:06:ae:3b:6d:03:09:41:
+         e0:07:b0:85:22:09:c1:5d:39:d2:59:04:90:9d:46:20:0b:24:
+         82:82:c3:36
 -----BEGIN CERTIFICATE-----
 MIIE+DCCA+CgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBoDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xGDAWBgNVBAoMD3dvbGZTU0xfcmV2
 b2tlZDEYMBYGA1UECwwPU3VwcG9ydF9yZXZva2VkMRgwFgYDVQQDDA93d3cud29s
 ZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEiMA0G
@@ -80,26 +80,26 @@ ggFFMIIBQTAdBgNVHQ4EFgQU2AkrWeEq7tnuQKqcq/BdKAlPIrswgdQGA1UdIwSB
 zDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVT
 MRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhT
 YXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZz
-c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7bR50H
-ZpI9aNfKrJBPymlBSzAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu
+c2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqobAHs
+9mDycFEKTNEU+rzpRDAMBgNVHRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUu
 Y29thwR/AAABMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG
-9w0BAQsFAAOCAQEAri5eGQ9JN/7OEMHJVYrLyQTuiFeY8rqgUGFVEgPNAWqKdIz/
-5BAlFEFzEJkvdych6dudtFvU37yyKY1BNcRlghiPogMQZcyCfeBZ/FWClgIyqsHG
-asQbPATnNXJnG7opwT2sgnwjZuuufBunjAVO88SOWFj2nD5om4DaRYwL24Xa3vvL
-eCA+5ZmgrAkenRNnPVF300c4agDT1bMgvKVh+3kgE/WmFqQIYE7FKFn++kxSpdva
-uaVeOmAlK+ilz9NaKdRSj5nza0utQrgCr6tWVzbDaRgbiJ+k8ljcU7tVcBGur/Pl
-ZMRAWFMZ9pbv0PF84hAN9+3GJE6on9tyep7nDQ==
+9w0BAQsFAAOCAQEAXK6YoZe3t1cbRzKdht+qWpUDj94Enycfs7xtUGNTagKDPVv2
+FgRKBIRl1Gh88x2P3P924bDOiLExV8lcFL+uue6CoLDDJbtfD6cA/N1zJ4u43XJj
+AEc4ywlmeg77j8Nu3iMjR81/8Ez6Mfr1KMsuHD4Kkoqyx703ITnS9u7EnCh6CoiM
+ys596MOnP7xEUvvgaJXyRjAPG/rqkkyGwv5iSJFa6lqadooj3VY3J9iRL+t367gw
+jlpGcZaiJPD6Gus5zXDc6k69SYhMV5X/+J6wtxMQJlE8S7xwOvwdom8Tv6vUPJ4G
+rjttAwlB4AewhSIJwV050lkEkJ1GIAskgoLDNg==
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der
new file mode 100644
index 00000000..56b92e5a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem
new file mode 100644
index 00000000..8a567eb4
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn/2Rj
+ttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBI=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der
new file mode 100644
index 00000000..ffbae08d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem
new file mode 100644
index 00000000..73df5676
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEII+5uEAZDiE56+gI
+fP3YoQWTpDUs0YDjv35IR+QFDQlBoUQDQgAEIZL3yyTfZE26q2Z7g3WpKef/ZGO2
+1UKAIL3i4gISO460AJUJgMtW7UvKjVfmrgXTdidjcTmJt2nmSICu0alIEg==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der
new file mode 100644
index 00000000..050c1b1a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem
new file mode 100644
index 00000000..2451a522
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/ca-sm2.pem
@@ -0,0 +1,51 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:21:92:f7:cb:24:df:64:4d:ba:ab:66:7b:83:75:
+                    a9:29:e7:ff:64:63:b6:d5:42:80:20:bd:e2:e2:02:
+                    12:3b:8e:b4:00:95:09:80:cb:56:ed:4b:ca:8d:57:
+                    e6:ae:05:d3:76:27:63:71:39:89:b7:69:e6:48:80:
+                    ae:d1:a9:48:12
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+            X509v3 Authority Key Identifier: 
+                34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:45:02:20:47:4e:00:03:ab:34:a1:af:59:39:8f:60:36:bf:
+        89:88:42:41:27:c1:dd:57:c9:79:cb:1f:56:5c:16:b5:28:bd:
+        02:21:00:8b:2e:25:eb:21:9b:a9:2b:a6:6a:5b:db:a7:c7:2b:
+        11:df:73:15:ad:e4:c5:c3:c2:f3:b4:b4:67:af:d7:51:1c
+-----BEGIN CERTIFICATE-----
+MIICljCCAjygAwIBAgIBATAKBggqgRzPVQGDdTCBlTELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfU00yMREwDwYDVQQLDAhSb290LVNNMjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDIxNTA2
+MjMwN1oXDTI1MTExMTA2MjMwN1owgawxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjEP
+MA0GA1UECwwGQ0Etc20yMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xm
+U1NMMFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn
+/2RjttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBKj
+YzBhMB0GA1UdDgQWBBRHCkh+uwKoWiZXKxmpe2GLf12ZbjAfBgNVHSMEGDAWgBQ0
+HXlEFXmhsWOZ4+1lfGSJgP+47DAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAKBggqgRzPVQGDdQNIADBFAiBHTgADqzShr1k5j2A2v4mIQkEnwd1XyXnL
+H1ZcFrUovQIhAIsuJeshm6krpmpb26fHKxHfcxWt5MXDwvO0tGev11Ec
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der
new file mode 100644
index 00000000..9630aa90
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem
new file mode 100644
index 00000000..63e70e3d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABDod6MtL0y4/Swc/sCH+xZ7ZyjqT
+k5V2HTDZC/VW7Rlg7QFM9mcd8ayodA2yd8hJOOT/TO+NbYf2Tsf4OXRwcLU=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der
new file mode 100644
index 00000000..e1ab54fd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem
new file mode 100644
index 00000000..12f76901
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEINCi30l6Ld8Cyc63
+8jcCDd38CLjeFJN6UyZJ1f4C2fNxoUQDQgAEOh3oy0vTLj9LBz+wIf7FntnKOpOT
+lXYdMNkL9VbtGWDtAUz2Zx3xrKh0DbJ3yEk45P9M741th/ZOx/g5dHBwtQ==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der
new file mode 100644
index 00000000..195cdb14
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem
new file mode 100644
index 00000000..2f3f49ef
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/client-sm2.pem
@@ -0,0 +1,63 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            60:a0:4a:0b:36:eb:7d:e1:3f:74:29:a9:29:b4:05:6c:17:f7:a6:d4
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Client-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Client-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:3a:1d:e8:cb:4b:d3:2e:3f:4b:07:3f:b0:21:fe:
+                    c5:9e:d9:ca:3a:93:93:95:76:1d:30:d9:0b:f5:56:
+                    ed:19:60:ed:01:4c:f6:67:1d:f1:ac:a8:74:0d:b2:
+                    77:c8:49:38:e4:ff:4c:ef:8d:6d:87:f6:4e:c7:f8:
+                    39:74:70:70:b5
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                E4:21:B2:C5:E5:D4:9E:82:CA:F8:67:F2:28:99:F6:85:E8:F1:55:EF
+            X509v3 Authority Key Identifier: 
+                keyid:E4:21:B2:C5:E5:D4:9E:82:CA:F8:67:F2:28:99:F6:85:E8:F1:55:EF
+                DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL_sm2/OU=Client-sm2/CN=www.wolfssl.com/emailAddress=info@wolfssl.com/UID=wolfSSL
+                serial:60:A0:4A:0B:36:EB:7D:E1:3F:74:29:A9:29:B4:05:6C:17:F7:A6:D4
+            X509v3 Basic Constraints: 
+                CA:TRUE
+            X509v3 Subject Alternative Name: 
+                DNS:example.com, IP Address:127.0.0.1
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication, TLS Web Client Authentication
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:46:02:21:00:8f:b2:b5:95:8f:79:f6:5e:75:e5:c5:e9:9a:
+        12:d2:0f:78:9f:c0:1d:8d:1c:be:6b:0c:f1:f5:57:60:db:91:
+        4f:02:21:00:87:5e:7d:e4:d6:3a:bb:7b:98:27:85:de:7a:f0:
+        21:e2:66:a1:9f:26:e0:dd:86:23:b4:c8:c0:46:5a:f2:49:8d
+-----BEGIN CERTIFICATE-----
+MIIDyTCCA26gAwIBAgIUYKBKCzbrfeE/dCmpKbQFbBf3ptQwCgYIKoEcz1UBg3Uw
+gbAxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
+bWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjETMBEGA1UECwwKQ2xpZW50LXNtMjEY
+MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
+bGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDAeFw0yMzAyMTUwNjIz
+MDdaFw0yNTExMTEwNjIzMDdaMIGwMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9u
+dGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECgwLd29sZlNTTF9zbTIxEzAR
+BgNVBAsMCkNsaWVudC1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
+bGZTU0wwWjAUBggqgRzPVQGCLQYIKoEcz1UBgi0DQgAEOh3oy0vTLj9LBz+wIf7F
+ntnKOpOTlXYdMNkL9VbtGWDtAUz2Zx3xrKh0DbJ3yEk45P9M741th/ZOx/g5dHBw
+taOCAWEwggFdMB0GA1UdDgQWBBTkIbLF5dSegsr4Z/IomfaF6PFV7zCB8AYDVR0j
+BIHoMIHlgBTkIbLF5dSegsr4Z/IomfaF6PFV76GBtqSBszCBsDELMAkGA1UEBhMC
+VVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoM
+C3dvbGZTU0xfc20yMRMwEQYDVQQLDApDbGllbnQtc20yMRgwFgYDVQQDDA93d3cu
+d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAV
+BgoJkiaJk/IsZAEBDAd3b2xmU1NMghRgoEoLNut94T90KakptAVsF/em1DAMBgNV
+HRMEBTADAQH/MBwGA1UdEQQVMBOCC2V4YW1wbGUuY29thwR/AAABMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAKBggqgRzPVQGDdQNJADBGAiEAj7K1lY95
+9l515cXpmhLSD3ifwB2NHL5rDPH1V2DbkU8CIQCHXn3k1jq7e5gnhd568CHiZqGf
+JuDdhiO0yMBGWvJJjQ==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh
new file mode 100755
index 00000000..af8ad9be
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-certs.sh
@@ -0,0 +1,124 @@
+#!/bin/bash
+
+check_result(){
+    if [ $1 -ne 0 ]; then
+        echo "Failed at \"$2\", Abort"
+        exit 1
+    else
+        echo "Step Succeeded!"
+    fi
+}
+
+openssl pkey -in root-sm2-priv.pem -noout >/dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "OpenSSL does not support SM2"
+    echo "Skipping SM2 certificate renewal"
+    exit 0
+fi
+
+############################################################
+###### update the self-signed root-sm2.pem #############
+############################################################
+echo "Updating root-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_SM2\\nRoot-SM2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n.\\n.\\n" | \
+openssl req -new -key root-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out root-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in root-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -signkey root-sm2-priv.pem -out root-sm2.pem
+check_result $? "Generate certificate"
+rm root-sm2.csr
+
+openssl x509 -in root-sm2.pem -outform DER > root-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in root-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem root-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update ca-sm2.pem signed by root ################
+############################################################
+echo "Updating ca-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nCA-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key ca-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out ca-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in ca-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -CA root-sm2.pem -CAkey root-sm2-priv.pem -set_serial 01 -out ca-sm2.pem
+check_result $? "Generate certificate"
+rm ca-sm2.csr
+
+openssl x509 -in ca-sm2.pem -outform DER > ca-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in ca-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem ca-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update self-sm2-cert.pem               ##############
+############################################################
+echo "Updating self-sm2-cert.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "AU\\nQLD\\n.\\nwolfSSL\\nTesting\\nwolfssl-dev-sm2\\n\\n\\n\\n\\n" | openssl req -new -key self-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out self-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in self-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions ca_ecc_cert -signkey self-sm2-priv.pem -out self-sm2-cert.pem
+check_result $? "Generate certificate"
+rm self-sm2.csr
+
+openssl x509 -in self-sm2-cert.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem self-sm2-cert.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update server-sm2.pem signed by ca ##############
+############################################################
+echo "Updating server-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nServer-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key server-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out server-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in server-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions server_ecc -CA ca-sm2.pem -CAkey ca-sm2-priv.pem -set_serial 01 -out server-sm2-cert.pem
+check_result $? "Generate certificate"
+rm server-sm2.csr
+
+openssl x509 -in server-sm2-cert.pem -outform DER > server-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in server-sm2-cert.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem server-sm2-cert.pem
+cat server-sm2-cert.pem ca-sm2.pem > server-sm2.pem
+check_result $? "Add CA into server cert"
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
+############################################################
+###### update the self-signed client-sm2.pem ###########
+############################################################
+echo "Updating client-sm2.pem"
+echo ""
+#pipe the following arguments to openssl req...
+echo -e "US\\nMontana\\nBozeman\\nwolfSSL_sm2\\nClient-sm2\\nwww.wolfssl.com\\ninfo@wolfssl.com\\n\\n\\n\\n" | openssl req -new -key client-sm2-priv.pem -config ../renewcerts/wolfssl.cnf -nodes -out client-sm2.csr
+check_result $? "Generate request"
+
+openssl x509 -req -in client-sm2.csr -days 1000 -extfile ../renewcerts/wolfssl.cnf -extensions wolfssl_opts -signkey client-sm2-priv.pem -out client-sm2.pem
+check_result $? "Generate certificate"
+rm client-sm2.csr
+
+openssl x509 -in client-sm2.pem -outform DER > client-sm2.der
+check_result $? "Convert to DER"
+openssl x509 -in client-sm2.pem -text > tmp.pem
+check_result $? "Add text"
+mv tmp.pem client-sm2.pem
+echo "End of section"
+echo "---------------------------------------------------------------------"
+
diff --git a/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh
new file mode 100755
index 00000000..503c2581
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/gen-sm2-keys.sh
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+for key in root ca server client
+do
+
+  openssl genpkey -algorithm sm2 > ${key}-sm2-priv.pem
+
+  openssl pkey -in ${key}-sm2-priv.pem -outform DER -out ${key}-sm2-priv.der
+
+  openssl pkey -in ${key}-sm2-priv.pem -outform PEM -pubout -out ${key}-sm2-key.pem
+
+  openssl pkey -in ${key}-sm2-priv.pem -outform DER -pubout -out ${key}-sm2-key.der
+
+done
+
+
diff --git a/extra/wolfssl/wolfssl/certs/sm2/include.am b/extra/wolfssl/wolfssl/certs/sm2/include.am
new file mode 100644
index 00000000..9028b5ad
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/include.am
@@ -0,0 +1,37 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+#
+
+EXTRA_DIST += \
+         certs/sm2/ca-sm2.der \
+         certs/sm2/ca-sm2.pem \
+         certs/sm2/ca-sm2-key.der \
+         certs/sm2/ca-sm2-key.pem \
+         certs/sm2/ca-sm2-priv.der \
+         certs/sm2/ca-sm2-priv.pem \
+         certs/sm2/client-sm2.der \
+         certs/sm2/client-sm2.pem \
+         certs/sm2/client-sm2-key.der \
+         certs/sm2/client-sm2-key.pem \
+         certs/sm2/client-sm2-priv.der \
+         certs/sm2/client-sm2-priv.pem \
+         certs/sm2/root-sm2.der \
+         certs/sm2/root-sm2.pem \
+         certs/sm2/root-sm2-key.der \
+         certs/sm2/root-sm2-key.pem \
+         certs/sm2/root-sm2-priv.der \
+         certs/sm2/root-sm2-priv.pem \
+         certs/sm2/server-sm2.der \
+         certs/sm2/server-sm2.pem \
+         certs/sm2/server-sm2-cert.pem \
+         certs/sm2/server-sm2-key.der \
+         certs/sm2/server-sm2-key.pem \
+         certs/sm2/server-sm2-priv.der \
+         certs/sm2/server-sm2-priv.pem \
+         certs/sm2/self-sm2-cert.pem \
+         certs/sm2/self-sm2-key.pem \
+         certs/sm2/self-sm2-priv.pem
+
+EXTRA_DIST += \
+         certs/sm2/gen-sm2-certs.sh \
+         certs/sm2/gen-sm2-keys.sh
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der
new file mode 100644
index 00000000..e2d9adcd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem
new file mode 100644
index 00000000..45b4a332
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABLucdYz3F/hIq/f22w2ajZ/C0UeX
+lQtO5lfsxfhXVHE5PHnhQD+2Uel8x9ot79LoeYF7q6NfaypslxpejtnQzAQ=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der
new file mode 100644
index 00000000..efc18f96
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem
new file mode 100644
index 00000000..b8e70856
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEIMZrNEwzN1tkFlp/
+BPn8hzDRFbpYeO4HmCAm4QaNUYoooUQDQgAEu5x1jPcX+Eir9/bbDZqNn8LRR5eV
+C07mV+zF+FdUcTk8eeFAP7ZR6XzH2i3v0uh5gXuro19rKmyXGl6O2dDMBA==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der
new file mode 100644
index 00000000..63c04077
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem
new file mode 100644
index 00000000..91b149af
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/root-sm2.pem
@@ -0,0 +1,52 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            74:9c:dd:a4:b2:67:26:57:29:fb:e9:13:54:e0:34:08:03:2b:70:a9
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:bb:9c:75:8c:f7:17:f8:48:ab:f7:f6:db:0d:9a:
+                    8d:9f:c2:d1:47:97:95:0b:4e:e6:57:ec:c5:f8:57:
+                    54:71:39:3c:79:e1:40:3f:b6:51:e9:7c:c7:da:2d:
+                    ef:d2:e8:79:81:7b:ab:a3:5f:6b:2a:6c:97:1a:5e:
+                    8e:d9:d0:cc:04
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+            X509v3 Authority Key Identifier: 
+                34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:44:02:20:03:27:29:f0:ef:78:26:a1:1a:6a:1e:88:81:e7:
+        83:72:5f:3e:e6:08:e8:14:68:bf:4b:0f:68:52:92:aa:8f:a1:
+        02:20:0b:fe:1b:14:ba:51:82:65:06:bb:22:d8:1a:a7:9f:54:
+        62:eb:8d:b2:d5:13:b3:b8:a2:f3:14:44:b2:a0:21:d0
+-----BEGIN CERTIFICATE-----
+MIICkTCCAjigAwIBAgIUdJzdpLJnJlcp++kTVOA0CAMrcKkwCgYIKoEcz1UBg3Uw
+gZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
+bWFuMRQwEgYDVQQKDAt3b2xmU1NMX1NNMjERMA8GA1UECwwIUm9vdC1TTTIxGDAW
+BgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
+c3NsLmNvbTAeFw0yMzAyMTUwNjIzMDdaFw0yNTExMTEwNjIzMDdaMIGVMQswCQYD
+VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIG
+A1UECgwLd29sZlNTTF9TTTIxETAPBgNVBAsMCFJvb3QtU00yMRgwFgYDVQQDDA93
+d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20w
+WjAUBggqgRzPVQGCLQYIKoEcz1UBgi0DQgAEu5x1jPcX+Eir9/bbDZqNn8LRR5eV
+C07mV+zF+FdUcTk8eeFAP7ZR6XzH2i3v0uh5gXuro19rKmyXGl6O2dDMBKNjMGEw
+HQYDVR0OBBYEFDQdeUQVeaGxY5nj7WV8ZImA/7jsMB8GA1UdIwQYMBaAFDQdeUQV
+eaGxY5nj7WV8ZImA/7jsMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGG
+MAoGCCqBHM9VAYN1A0cAMEQCIAMnKfDveCahGmoeiIHng3JfPuYI6BRov0sPaFKS
+qo+hAiAL/hsUulGCZQa7Itgap59UYuuNstUTs7ii8xREsqAh0A==
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem
new file mode 100644
index 00000000..b8d484d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-cert.pem
@@ -0,0 +1,52 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number:
+            06:7b:3a:5d:cf:22:a9:6d:6d:78:2b:10:01:51:b6:4c:d4:82:a2:a1
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = AU, ST = QLD, O = wolfSSL, OU = Testing, CN = wolfssl-dev-sm2, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Validity
+            Not Before: Nov 22 21:28:37 2023 GMT
+            Not After : Aug 18 21:28:37 2026 GMT
+        Subject: C = AU, ST = QLD, O = wolfSSL, OU = Testing, CN = wolfssl-dev-sm2, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: id-ecPublicKey
+                Public-Key: (256 bit)
+                pub:
+                    04:d8:c4:a1:f1:0b:8b:8d:c4:7d:dc:d4:65:b9:a5:
+                    55:4e:fb:ac:33:ab:9b:43:94:4c:48:40:1b:33:d9:
+                    1b:cc:31:c1:82:56:3f:b0:c0:6b:95:40:51:fd:88:
+                    02:01:b1:b0:94:6c:06:eb:a7:da:8e:ee:70:b6:e5:
+                    bb:b4:1e:e7:b4
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                6E:97:E8:98:B6:5B:B6:AE:87:04:DB:14:56:66:16:F4:B8:2D:8C:F2
+            X509v3 Authority Key Identifier: 
+                6E:97:E8:98:B6:5B:B6:AE:87:04:DB:14:56:66:16:F4:B8:2D:8C:F2
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:44:02:20:0f:c3:2c:36:e3:9f:1c:e9:68:1c:3b:43:18:5b:
+        c9:8f:e4:fa:dd:33:c1:b8:1c:d3:d4:61:33:f8:37:9d:5a:f4:
+        02:20:3a:b9:a8:43:80:cf:38:25:e9:64:d8:26:47:9d:50:04:
+        0c:8a:e8:a2:42:e8:63:dd:53:94:7d:38:6d:52:70:fd
+-----BEGIN CERTIFICATE-----
+MIICjDCCAjOgAwIBAgIUBns6Xc8iqW1teCsQAVG2TNSCoqEwCgYIKoEcz1UBg3Uw
+gZMxCzAJBgNVBAYTAkFVMQwwCgYDVQQIDANRTEQxEDAOBgNVBAoMB3dvbGZTU0wx
+EDAOBgNVBAsMB1Rlc3RpbmcxGDAWBgNVBAMMD3dvbGZzc2wtZGV2LXNtMjEfMB0G
+CSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixkAQEMB3dv
+bGZTU0wwHhcNMjMxMTIyMjEyODM3WhcNMjYwODE4MjEyODM3WjCBkzELMAkGA1UE
+BhMCQVUxDDAKBgNVBAgMA1FMRDEQMA4GA1UECgwHd29sZlNTTDEQMA4GA1UECwwH
+VGVzdGluZzEYMBYGA1UEAwwPd29sZnNzbC1kZXYtc20yMR8wHQYJKoZIhvcNAQkB
+FhBpbmZvQHdvbGZzc2wuY29tMRcwFQYKCZImiZPyLGQBAQwHd29sZlNTTDBZMBMG
+ByqGSM49AgEGCCqBHM9VAYItA0IABNjEofELi43EfdzUZbmlVU77rDOrm0OUTEhA
+GzPZG8wxwYJWP7DAa5VAUf2IAgGxsJRsBuun2o7ucLblu7Qe57SjYzBhMB0GA1Ud
+DgQWBBRul+iYtlu2rocE2xRWZhb0uC2M8jAfBgNVHSMEGDAWgBRul+iYtlu2rocE
+2xRWZhb0uC2M8jAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAKBggq
+gRzPVQGDdQNHADBEAiAPwyw2458c6WgcO0MYW8mP5PrdM8G4HNPUYTP4N51a9AIg
+OrmoQ4DPOCXpZNgmR51QBAyK6KJC6GPdU5R9OG1ScP0=
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem
new file mode 100644
index 00000000..f4ec6525
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE2MSh8QuLjcR93NRluaVVTvusM6ub
+Q5RMSEAbM9kbzDHBglY/sMBrlUBR/YgCAbGwlGwG66faju5wtuW7tB7ntA==
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem
new file mode 100644
index 00000000..35798c0a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/self-sm2-priv.pem
@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQg0JwoWhXWJQ22X9Gh
+AW60DtA2+hX8qQTlF6HQLynW/mqgCgYIKoEcz1UBgi2hRANCAATYxKHxC4uNxH3c
+1GW5pVVO+6wzq5tDlExIQBsz2RvMMcGCVj+wwGuVQFH9iAIBsbCUbAbrp9qO7nC2
+5bu0Hue0
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem
new file mode 100644
index 00000000..23c49c91
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-cert.pem
@@ -0,0 +1,57 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Server-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:94:70:2b:46:e4:5e:0f:41:fb:8f:2d:34:0a:41:
+                    40:19:5e:fb:d4:1d:11:ac:fa:f5:93:37:c6:fa:87:
+                    08:f7:16:1f:2c:ce:30:40:9d:4f:a6:2a:0a:a1:d6:
+                    95:33:c3:a6:03:98:e6:8d:05:34:b0:97:0c:de:a4:
+                    c7:cf:53:8f:d1
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                67:AE:60:FF:7E:1B:0F:95:AE:1F:82:59:F2:6C:56:2D:93:EF:17:32
+            X509v3 Authority Key Identifier: 
+                47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+            X509v3 Basic Constraints: critical
+                CA:FALSE
+            X509v3 Key Usage: critical
+                Digital Signature, Key Encipherment, Key Agreement
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            Netscape Cert Type: 
+                SSL Server
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:45:02:20:1b:ca:94:28:7f:f6:b2:0d:31:43:50:e1:d5:34:
+        17:dd:af:3a:de:81:06:67:9a:b3:06:22:7e:64:ec:fd:0e:b9:
+        02:21:00:a1:48:a8:32:d1:05:09:6b:1c:eb:89:12:66:d8:38:
+        a1:c4:5c:89:09:0f:fd:e9:c0:3b:1d:fb:cd:b5:4c:31:68
+-----BEGIN CERTIFICATE-----
+MIIC2DCCAn6gAwIBAgIBATAKBggqgRzPVQGDdTCBrDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfc20yMQ8wDQYDVQQLDAZDQS1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixk
+AQEMB3dvbGZTU0wwHhcNMjMwMjE1MDYyMzA3WhcNMjUxMTExMDYyMzA3WjCBsDEL
+MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
+FDASBgNVBAoMC3dvbGZTU0xfc20yMRMwEQYDVQQLDApTZXJ2ZXItc20yMRgwFgYD
+VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMFowFAYIKoEcz1UBgi0GCCqB
+HM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9QdEaz69ZM3xvqHCPcWHyzOMECd
+T6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9GjgYkwgYYwHQYDVR0OBBYEFGeuYP9+
+Gw+Vrh+CWfJsVi2T7xcyMB8GA1UdIwQYMBaAFEcKSH67AqhaJlcrGal7YYt/XZlu
+MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAKBggqgRzPVQGDdQNIADBFAiAbypQof/ay
+DTFDUOHVNBfdrzregQZnmrMGIn5k7P0OuQIhAKFIqDLRBQlrHOuJEmbYOKHEXIkJ
+D/3pwDsd+821TDFo
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der
new file mode 100644
index 00000000..bbc58b15
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem
new file mode 100644
index 00000000..b0c34dc1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-key.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9Qd
+Eaz69ZM3xvqHCPcWHyzOMECdT6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9E=
+-----END PUBLIC KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der
new file mode 100644
index 00000000..0ff08cec
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem
new file mode 100644
index 00000000..d2df01af
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2-priv.pem
@@ -0,0 +1,5 @@
+-----BEGIN PRIVATE KEY-----
+MIGIAgEAMBQGCCqBHM9VAYItBggqgRzPVQGCLQRtMGsCAQEEINczwaFxmNpDgQ1w
+Qohj0Ex+D4qbLdoVqg5a+u13OkOooUQDQgAElHArRuReD0H7jy00CkFAGV771B0R
+rPr1kzfG+ocI9xYfLM4wQJ1PpioKodaVM8OmA5jmjQU0sJcM3qTHz1OP0Q==
+-----END PRIVATE KEY-----
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der
new file mode 100644
index 00000000..878296d9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.der
diff --git a/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem
new file mode 100644
index 00000000..95877f0d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/sm2/server-sm2.pem
@@ -0,0 +1,108 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = Server-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:94:70:2b:46:e4:5e:0f:41:fb:8f:2d:34:0a:41:
+                    40:19:5e:fb:d4:1d:11:ac:fa:f5:93:37:c6:fa:87:
+                    08:f7:16:1f:2c:ce:30:40:9d:4f:a6:2a:0a:a1:d6:
+                    95:33:c3:a6:03:98:e6:8d:05:34:b0:97:0c:de:a4:
+                    c7:cf:53:8f:d1
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                67:AE:60:FF:7E:1B:0F:95:AE:1F:82:59:F2:6C:56:2D:93:EF:17:32
+            X509v3 Authority Key Identifier: 
+                47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+            X509v3 Basic Constraints: critical
+                CA:FALSE
+            X509v3 Key Usage: critical
+                Digital Signature, Key Encipherment, Key Agreement
+            X509v3 Extended Key Usage: 
+                TLS Web Server Authentication
+            Netscape Cert Type: 
+                SSL Server
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:45:02:20:1b:ca:94:28:7f:f6:b2:0d:31:43:50:e1:d5:34:
+        17:dd:af:3a:de:81:06:67:9a:b3:06:22:7e:64:ec:fd:0e:b9:
+        02:21:00:a1:48:a8:32:d1:05:09:6b:1c:eb:89:12:66:d8:38:
+        a1:c4:5c:89:09:0f:fd:e9:c0:3b:1d:fb:cd:b5:4c:31:68
+-----BEGIN CERTIFICATE-----
+MIIC2DCCAn6gAwIBAgIBATAKBggqgRzPVQGDdTCBrDELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfc20yMQ8wDQYDVQQLDAZDQS1zbTIxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNv
+bTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTEXMBUGCgmSJomT8ixk
+AQEMB3dvbGZTU0wwHhcNMjMwMjE1MDYyMzA3WhcNMjUxMTExMDYyMzA3WjCBsDEL
+MAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4x
+FDASBgNVBAoMC3dvbGZTU0xfc20yMRMwEQYDVQQLDApTZXJ2ZXItc20yMRgwFgYD
+VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
+bC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xmU1NMMFowFAYIKoEcz1UBgi0GCCqB
+HM9VAYItA0IABJRwK0bkXg9B+48tNApBQBle+9QdEaz69ZM3xvqHCPcWHyzOMECd
+T6YqCqHWlTPDpgOY5o0FNLCXDN6kx89Tj9GjgYkwgYYwHQYDVR0OBBYEFGeuYP9+
+Gw+Vrh+CWfJsVi2T7xcyMB8GA1UdIwQYMBaAFEcKSH67AqhaJlcrGal7YYt/XZlu
+MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUF
+BwMBMBEGCWCGSAGG+EIBAQQEAwIGQDAKBggqgRzPVQGDdQNIADBFAiAbypQof/ay
+DTFDUOHVNBfdrzregQZnmrMGIn5k7P0OuQIhAKFIqDLRBQlrHOuJEmbYOKHEXIkJ
+D/3pwDsd+821TDFo
+-----END CERTIFICATE-----
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+        Signature Algorithm: SM2-with-SM3
+        Issuer: C = US, ST = Montana, L = Bozeman, O = wolfSSL_SM2, OU = Root-SM2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+        Validity
+            Not Before: Feb 15 06:23:07 2023 GMT
+            Not After : Nov 11 06:23:07 2025 GMT
+        Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL_sm2, OU = CA-sm2, CN = www.wolfssl.com, emailAddress = info@wolfssl.com, UID = wolfSSL
+        Subject Public Key Info:
+            Public Key Algorithm: sm2
+                Public-Key: (256 bit)
+                pub:
+                    04:21:92:f7:cb:24:df:64:4d:ba:ab:66:7b:83:75:
+                    a9:29:e7:ff:64:63:b6:d5:42:80:20:bd:e2:e2:02:
+                    12:3b:8e:b4:00:95:09:80:cb:56:ed:4b:ca:8d:57:
+                    e6:ae:05:d3:76:27:63:71:39:89:b7:69:e6:48:80:
+                    ae:d1:a9:48:12
+                ASN1 OID: SM2
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                47:0A:48:7E:BB:02:A8:5A:26:57:2B:19:A9:7B:61:8B:7F:5D:99:6E
+            X509v3 Authority Key Identifier: 
+                34:1D:79:44:15:79:A1:B1:63:99:E3:ED:65:7C:64:89:80:FF:B8:EC
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: critical
+                Digital Signature, Certificate Sign, CRL Sign
+    Signature Algorithm: SM2-with-SM3
+    Signature Value:
+        30:45:02:20:47:4e:00:03:ab:34:a1:af:59:39:8f:60:36:bf:
+        89:88:42:41:27:c1:dd:57:c9:79:cb:1f:56:5c:16:b5:28:bd:
+        02:21:00:8b:2e:25:eb:21:9b:a9:2b:a6:6a:5b:db:a7:c7:2b:
+        11:df:73:15:ad:e4:c5:c3:c2:f3:b4:b4:67:af:d7:51:1c
+-----BEGIN CERTIFICATE-----
+MIICljCCAjygAwIBAgIBATAKBggqgRzPVQGDdTCBlTELMAkGA1UEBhMCVVMxEDAO
+BgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAoMC3dvbGZT
+U0xfU00yMREwDwYDVQQLDAhSb290LVNNMjEYMBYGA1UEAwwPd3d3LndvbGZzc2wu
+Y29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMDIxNTA2
+MjMwN1oXDTI1MTExMTA2MjMwN1owgawxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdN
+b250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQKDAt3b2xmU1NMX3NtMjEP
+MA0GA1UECwwGQ0Etc20yMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkq
+hkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20xFzAVBgoJkiaJk/IsZAEBDAd3b2xm
+U1NMMFowFAYIKoEcz1UBgi0GCCqBHM9VAYItA0IABCGS98sk32RNuqtme4N1qSnn
+/2RjttVCgCC94uICEjuOtACVCYDLVu1Lyo1X5q4F03YnY3E5ibdp5kiArtGpSBKj
+YzBhMB0GA1UdDgQWBBRHCkh+uwKoWiZXKxmpe2GLf12ZbjAfBgNVHSMEGDAWgBQ0
+HXlEFXmhsWOZ4+1lfGSJgP+47DAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAKBggqgRzPVQGDdQNIADBFAiBHTgADqzShr1k5j2A2v4mIQkEnwd1XyXnL
+H1ZcFrUovQIhAIsuJeshm6krpmpb26fHKxHfcxWt5MXDwvO0tGev11Ec
+-----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
index fa3dd5b2..2b343d4f 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level1_key.der
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
index 4aac5328..cd691372 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level3_key.der
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
index 8fa2a324..19f4f4da 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_fast_level5_key.der
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
index 72f750c5..5133d7bc 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level1_key.der
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
index 1b3d3256..691d52e5 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level3_key.der
diff --git a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
index ba78786a..c90cdf68 100644
--- a/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
+++ b/extra/wolfssl/wolfssl/certs/sphincs/bench_sphincs_small_level5_key.der
diff --git a/extra/wolfssl/wolfssl/certs/test-degenerate.p7b b/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
index e6d03a0f..80a4ad9e 100644
--- a/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
+++ b/extra/wolfssl/wolfssl/certs/test-degenerate.p7b
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
index 970569f8..43660b28 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:0
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         24:f8:97:5a:ff:43:de:e4:fe:0c:a4:8e:e4:b3:fb:97:22:81:
-         f0:1c:83:37:56:d8:7e:ea:d5:a9:74:3f:df:49:01:6a:4d:dc:
-         ec:9a:08:a7:30:ec:5b:86:bf:bd:74:c4:b7:1e:ba:e5:f0:b0:
-         58:75:8a:22:49:0e:c2:6c:bd:2f:25:e1:a5:a2:61:77:7a:19:
-         8f:d6:87:ef:3d:2b:32:d1:6f:21:59:04:00:76:60:c9:ae:7b:
-         57:41:d7:31:97:da:4c:3e:e3:c2:49:a8:18:80:97:dd:31:97:
-         f3:e6:72:ee:29:83:93:f6:19:03:84:c8:e5:47:1d:da:cf:2c:
-         d5:95:cb:23:83:34:4b:ea:06:dd:46:60:fb:0f:da:0d:75:63:
-         0c:53:36:3e:3e:03:79:d8:71:c9:ee:97:d6:31:8a:52:98:de:
-         dd:35:58:64:a9:7c:50:84:c3:42:63:ec:71:44:f6:b1:e2:07:
-         90:c5:4e:58:17:5d:51:ab:aa:a4:ef:aa:b3:42:90:5e:fc:aa:
-         db:1f:5e:0e:91:e7:16:5a:11:ce:98:b8:84:3f:f0:61:76:73:
-         76:09:cf:63:01:ba:79:53:35:c5:e9:76:6e:19:70:f9:46:85:
-         81:8e:81:14:84:c4:bf:f8:1b:cd:cc:d9:ef:1b:d2:4e:fb:1a:
-         36:de:70:35
+         2d:e4:7d:d6:d2:cc:93:aa:93:86:cd:e7:da:bb:02:f6:82:e3:
+         09:29:f5:54:0f:e1:d5:51:c1:98:1f:b8:ca:96:9e:1e:f6:5b:
+         e3:67:bb:42:b1:48:2f:61:c6:1f:c4:a6:f4:05:0f:de:65:7f:
+         d5:cc:35:09:fb:48:16:e8:cd:47:1f:63:e2:0f:f9:de:97:6e:
+         76:a2:29:ba:27:cc:0e:f1:b7:31:02:0f:50:ee:c6:80:8a:af:
+         0f:ae:76:51:91:2e:f5:a4:a9:e4:33:cc:9b:07:3c:36:b8:ff:
+         2a:62:86:09:90:b0:ac:f2:8e:7e:59:d0:11:2b:74:53:1a:9b:
+         a6:26:f6:d9:aa:01:81:32:0a:18:be:96:21:be:e7:a2:c9:40:
+         6c:fd:24:8b:6d:28:e5:e9:27:48:ae:8d:d0:5e:6f:c1:de:ef:
+         e3:3d:b6:11:07:42:0e:11:86:6b:03:86:fd:06:69:c5:ac:1d:
+         92:03:be:26:d1:db:78:4c:f0:93:89:32:60:ba:be:83:99:ac:
+         26:c5:aa:35:34:a1:9e:b5:e1:6a:15:83:4b:50:1e:62:3d:5b:
+         65:77:28:0c:24:23:e4:29:0b:90:7c:d4:2f:14:39:01:42:cc:
+         0b:19:a3:bd:46:db:a1:bd:67:5e:0e:41:db:a4:63:8d:22:ed:
+         64:75:d3:99
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex
 LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBACT4l1r/Q97k/gykjuSz+5cigfAcgzdW2H7q1al0P99J
-AWpN3OyaCKcw7FuGv710xLceuuXwsFh1iiJJDsJsvS8l4aWiYXd6GY/Wh+89KzLR
-byFZBAB2YMmue1dB1zGX2kw+48JJqBiAl90xl/Pmcu4pg5P2GQOEyOVHHdrPLNWV
-yyODNEvqBt1GYPsP2g11YwxTNj4+A3nYccnul9YxilKY3t01WGSpfFCEw0Jj7HFE
-9rHiB5DFTlgXXVGrqqTvqrNCkF78qtsfXg6R5xZaEc6YuIQ/8GF2c3YJz2MBunlT
-NcXpdm4ZcPlGhYGOgRSExL/4G83M2e8b0k77GjbecDU=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAC3kfdbSzJOqk4bN59q7AvaC4wkp9VQP4dVRwZgfuMqW
+nh72W+Nnu0KxSC9hxh/EpvQFD95lf9XMNQn7SBbozUcfY+IP+d6XbnaiKbonzA7x
+tzECD1DuxoCKrw+udlGRLvWkqeQzzJsHPDa4/ypihgmQsKzyjn5Z0BErdFMam6Ym
+9tmqAYEyChi+liG+56LJQGz9JIttKOXpJ0iujdBeb8He7+M9thEHQg4RhmsDhv0G
+acWsHZIDvibR23hM8JOJMmC6voOZrCbFqjU0oZ614WoVg0tQHmI9W2V3KAwkI+Qp
+C5B81C8UOQFCzAsZo71G26G9Z14OQdukY40i7WR105k=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
index 2d3781d6..84f6d231 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         ae:9c:2c:ae:2d:09:58:73:d6:3d:20:d4:42:f0:26:98:b8:67:
-         3e:60:5c:95:f2:5d:b9:b2:11:52:3b:fd:f6:94:a3:32:1c:36:
-         0b:6f:b9:ac:44:6a:e1:fa:ae:8f:92:e9:c5:c0:32:2b:8e:e1:
-         21:84:72:c2:35:fd:00:bd:a5:58:4e:bc:e5:fc:5a:71:89:33:
-         f8:fd:99:62:11:42:57:80:74:56:25:fe:48:be:3b:6c:45:cb:
-         f9:d2:4f:8c:23:0a:f8:0a:5d:ef:85:f2:98:71:a7:0a:36:91:
-         20:af:8e:64:51:63:72:12:5b:4e:23:9f:ae:93:c3:9a:ec:c7:
-         eb:3f:21:50:83:8a:a3:c9:a7:a9:f2:40:2d:91:b8:24:be:f1:
-         63:77:8b:4f:f5:b8:f2:a6:b7:a1:4c:07:ce:96:cc:12:af:da:
-         c3:db:af:99:7a:fb:40:38:6c:4e:b3:3a:76:db:24:e4:1f:c5:
-         ea:79:fd:a0:19:20:87:fb:e9:f3:91:16:e0:82:56:9e:f9:cf:
-         09:75:a6:1b:38:e7:eb:3f:3f:bc:e3:7d:b7:42:85:4a:de:42:
-         f6:e6:b8:f2:cb:5c:44:95:ba:b6:45:1f:fe:39:19:e7:a9:cd:
-         75:52:81:d3:b5:df:bd:bd:d9:e6:e8:36:a2:28:62:5a:89:ee:
-         8a:0b:21:85
+         22:20:83:3b:37:08:72:c7:c8:e1:69:f6:01:df:ec:70:8b:60:
+         c4:94:81:37:1d:f4:2a:d3:92:3e:1c:6c:b9:bd:a9:ba:61:b2:
+         1b:1f:b9:71:de:07:b0:5a:50:33:7b:83:22:44:e1:a5:4d:7e:
+         75:5a:09:ee:f2:c4:9a:8a:5d:7d:ad:69:81:bb:a9:86:cf:65:
+         e8:f6:50:2c:1e:e5:15:2b:0b:85:6a:02:26:c0:38:51:04:0f:
+         0a:6f:d1:b8:b4:e4:a4:b5:ae:a2:e6:ce:2c:41:b6:a2:6b:47:
+         82:0d:8a:2b:dd:91:d0:67:09:15:57:03:1e:95:4f:57:06:1a:
+         2a:e8:b6:fd:a7:1f:80:a0:f7:20:39:8b:3f:08:cd:7a:05:c4:
+         7c:72:92:d7:ff:40:a4:6c:10:64:2d:a8:a5:cc:ef:34:ea:49:
+         b0:d9:28:69:5c:c7:d4:41:f5:21:3d:60:74:c7:35:3d:5f:80:
+         78:34:09:60:06:f0:c8:3b:9c:b8:76:64:8e:ea:78:c1:e8:fc:
+         2c:a0:9a:9e:d7:2c:5f:1b:90:05:73:5f:58:c8:ad:2a:ef:b6:
+         a0:f2:f1:9e:f2:7c:48:d8:11:77:e3:0a:d4:26:7d:ad:0f:c1:
+         29:4b:9e:51:bc:a2:4d:98:ad:27:51:f3:1d:b3:2b:6e:00:95:
+         16:ae:3c:11
 -----BEGIN CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,12 +77,12 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE
 BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
 BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEArpwsri0JWHPWPSDUQvAmmLhn
-PmBclfJdubIRUjv99pSjMhw2C2+5rERq4fquj5LpxcAyK47hIYRywjX9AL2lWE68
-5fxacYkz+P2ZYhFCV4B0ViX+SL47bEXL+dJPjCMK+Apd74XymHGnCjaRIK+OZFFj
-chJbTiOfrpPDmuzH6z8hUIOKo8mnqfJALZG4JL7xY3eLT/W48qa3oUwHzpbMEq/a
-w9uvmXr7QDhsTrM6dtsk5B/F6nn9oBkgh/vp85EW4IJWnvnPCXWmGzjn6z8/vON9
-t0KFSt5C9ua48stcRJW6tkUf/jkZ56nNdVKB07Xfvb3Z5ug2oihiWonuigshhQ==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAIiCDOzcIcsfI4Wn2Ad/scItg
+xJSBNx30KtOSPhxsub2pumGyGx+5cd4HsFpQM3uDIkThpU1+dVoJ7vLEmopdfa1p
+gbuphs9l6PZQLB7lFSsLhWoCJsA4UQQPCm/RuLTkpLWuoubOLEG2omtHgg2KK92R
+0GcJFVcDHpVPVwYaKui2/acfgKD3IDmLPwjNegXEfHKS1/9ApGwQZC2opczvNOpJ
+sNkoaVzH1EH1IT1gdMc1PV+AeDQJYAbwyDucuHZkjup4wej8LKCantcsXxuQBXNf
+WMitKu+2oPLxnvJ8SNgRd+MK1CZ9rQ/BKUueUbyiTZitJ1HzHbMrbgCVFq48EQ==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -91,8 +91,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:0
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         24:f8:97:5a:ff:43:de:e4:fe:0c:a4:8e:e4:b3:fb:97:22:81:
-         f0:1c:83:37:56:d8:7e:ea:d5:a9:74:3f:df:49:01:6a:4d:dc:
-         ec:9a:08:a7:30:ec:5b:86:bf:bd:74:c4:b7:1e:ba:e5:f0:b0:
-         58:75:8a:22:49:0e:c2:6c:bd:2f:25:e1:a5:a2:61:77:7a:19:
-         8f:d6:87:ef:3d:2b:32:d1:6f:21:59:04:00:76:60:c9:ae:7b:
-         57:41:d7:31:97:da:4c:3e:e3:c2:49:a8:18:80:97:dd:31:97:
-         f3:e6:72:ee:29:83:93:f6:19:03:84:c8:e5:47:1d:da:cf:2c:
-         d5:95:cb:23:83:34:4b:ea:06:dd:46:60:fb:0f:da:0d:75:63:
-         0c:53:36:3e:3e:03:79:d8:71:c9:ee:97:d6:31:8a:52:98:de:
-         dd:35:58:64:a9:7c:50:84:c3:42:63:ec:71:44:f6:b1:e2:07:
-         90:c5:4e:58:17:5d:51:ab:aa:a4:ef:aa:b3:42:90:5e:fc:aa:
-         db:1f:5e:0e:91:e7:16:5a:11:ce:98:b8:84:3f:f0:61:76:73:
-         76:09:cf:63:01:ba:79:53:35:c5:e9:76:6e:19:70:f9:46:85:
-         81:8e:81:14:84:c4:bf:f8:1b:cd:cc:d9:ef:1b:d2:4e:fb:1a:
-         36:de:70:35
+         2d:e4:7d:d6:d2:cc:93:aa:93:86:cd:e7:da:bb:02:f6:82:e3:
+         09:29:f5:54:0f:e1:d5:51:c1:98:1f:b8:ca:96:9e:1e:f6:5b:
+         e3:67:bb:42:b1:48:2f:61:c6:1f:c4:a6:f4:05:0f:de:65:7f:
+         d5:cc:35:09:fb:48:16:e8:cd:47:1f:63:e2:0f:f9:de:97:6e:
+         76:a2:29:ba:27:cc:0e:f1:b7:31:02:0f:50:ee:c6:80:8a:af:
+         0f:ae:76:51:91:2e:f5:a4:a9:e4:33:cc:9b:07:3c:36:b8:ff:
+         2a:62:86:09:90:b0:ac:f2:8e:7e:59:d0:11:2b:74:53:1a:9b:
+         a6:26:f6:d9:aa:01:81:32:0a:18:be:96:21:be:e7:a2:c9:40:
+         6c:fd:24:8b:6d:28:e5:e9:27:48:ae:8d:d0:5e:6f:c1:de:ef:
+         e3:3d:b6:11:07:42:0e:11:86:6b:03:86:fd:06:69:c5:ac:1d:
+         92:03:be:26:d1:db:78:4c:f0:93:89:32:60:ba:be:83:99:ac:
+         26:c5:aa:35:34:a1:9e:b5:e1:6a:15:83:4b:50:1e:62:3d:5b:
+         65:77:28:0c:24:23:e4:29:0b:90:7c:d4:2f:14:39:01:42:cc:
+         0b:19:a3:bd:46:db:a1:bd:67:5e:0e:41:db:a4:63:8d:22:ed:
+         64:75:d3:99
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQS1JQ0Ex
 LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -164,12 +164,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFKgQ6sjvTwDN43nD69/2yIadRGwmMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBACT4l1r/Q97k/gykjuSz+5cigfAcgzdW2H7q1al0P99J
-AWpN3OyaCKcw7FuGv710xLceuuXwsFh1iiJJDsJsvS8l4aWiYXd6GY/Wh+89KzLR
-byFZBAB2YMmue1dB1zGX2kw+48JJqBiAl90xl/Pmcu4pg5P2GQOEyOVHHdrPLNWV
-yyODNEvqBt1GYPsP2g11YwxTNj4+A3nYccnul9YxilKY3t01WGSpfFCEw0Jj7HFE
-9rHiB5DFTlgXXVGrqqTvqrNCkF78qtsfXg6R5xZaEc6YuIQ/8GF2c3YJz2MBunlT
-NcXpdm4ZcPlGhYGOgRSExL/4G83M2e8b0k77GjbecDU=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAC3kfdbSzJOqk4bN59q7AvaC4wkp9VQP4dVRwZgfuMqW
+nh72W+Nnu0KxSC9hxh/EpvQFD95lf9XMNQn7SBbozUcfY+IP+d6XbnaiKbonzA7x
+tzECD1DuxoCKrw+udlGRLvWkqeQzzJsHPDa4/ypihgmQsKzyjn5Z0BErdFMam6Ym
+9tmqAYEyChi+liG+56LJQGz9JIttKOXpJ0iujdBeb8He7+M9thEHQg4RhmsDhv0G
+acWsHZIDvibR23hM8JOJMmC6voOZrCbFqjU0oZ614WoVg0tQHmI9W2V3KAwkI+Qp
+C5B81C8UOQFCzAsZo71G26G9Z14OQdukY40i7WR105k=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
index ed08337e..52ed4c9d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainA-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainA-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         ae:9c:2c:ae:2d:09:58:73:d6:3d:20:d4:42:f0:26:98:b8:67:
-         3e:60:5c:95:f2:5d:b9:b2:11:52:3b:fd:f6:94:a3:32:1c:36:
-         0b:6f:b9:ac:44:6a:e1:fa:ae:8f:92:e9:c5:c0:32:2b:8e:e1:
-         21:84:72:c2:35:fd:00:bd:a5:58:4e:bc:e5:fc:5a:71:89:33:
-         f8:fd:99:62:11:42:57:80:74:56:25:fe:48:be:3b:6c:45:cb:
-         f9:d2:4f:8c:23:0a:f8:0a:5d:ef:85:f2:98:71:a7:0a:36:91:
-         20:af:8e:64:51:63:72:12:5b:4e:23:9f:ae:93:c3:9a:ec:c7:
-         eb:3f:21:50:83:8a:a3:c9:a7:a9:f2:40:2d:91:b8:24:be:f1:
-         63:77:8b:4f:f5:b8:f2:a6:b7:a1:4c:07:ce:96:cc:12:af:da:
-         c3:db:af:99:7a:fb:40:38:6c:4e:b3:3a:76:db:24:e4:1f:c5:
-         ea:79:fd:a0:19:20:87:fb:e9:f3:91:16:e0:82:56:9e:f9:cf:
-         09:75:a6:1b:38:e7:eb:3f:3f:bc:e3:7d:b7:42:85:4a:de:42:
-         f6:e6:b8:f2:cb:5c:44:95:ba:b6:45:1f:fe:39:19:e7:a9:cd:
-         75:52:81:d3:b5:df:bd:bd:d9:e6:e8:36:a2:28:62:5a:89:ee:
-         8a:0b:21:85
+         22:20:83:3b:37:08:72:c7:c8:e1:69:f6:01:df:ec:70:8b:60:
+         c4:94:81:37:1d:f4:2a:d3:92:3e:1c:6c:b9:bd:a9:ba:61:b2:
+         1b:1f:b9:71:de:07:b0:5a:50:33:7b:83:22:44:e1:a5:4d:7e:
+         75:5a:09:ee:f2:c4:9a:8a:5d:7d:ad:69:81:bb:a9:86:cf:65:
+         e8:f6:50:2c:1e:e5:15:2b:0b:85:6a:02:26:c0:38:51:04:0f:
+         0a:6f:d1:b8:b4:e4:a4:b5:ae:a2:e6:ce:2c:41:b6:a2:6b:47:
+         82:0d:8a:2b:dd:91:d0:67:09:15:57:03:1e:95:4f:57:06:1a:
+         2a:e8:b6:fd:a7:1f:80:a0:f7:20:39:8b:3f:08:cd:7a:05:c4:
+         7c:72:92:d7:ff:40:a4:6c:10:64:2d:a8:a5:cc:ef:34:ea:49:
+         b0:d9:28:69:5c:c7:d4:41:f5:21:3d:60:74:c7:35:3d:5f:80:
+         78:34:09:60:06:f0:c8:3b:9c:b8:76:64:8e:ea:78:c1:e8:fc:
+         2c:a0:9a:9e:d7:2c:5f:1b:90:05:73:5f:58:c8:ad:2a:ef:b6:
+         a0:f2:f1:9e:f2:7c:48:d8:11:77:e3:0a:d4:26:7d:ad:0f:c1:
+         29:4b:9e:51:bc:a2:4d:98:ad:27:51:f3:1d:b3:2b:6e:00:95:
+         16:ae:3c:11
 -----BEGIN CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQS1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkEtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSoEOrI708AzeN5w+vf9siGnURsJqGBmqSBlzCBlDELMAkGA1UE
 BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
 BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEArpwsri0JWHPWPSDUQvAmmLhn
-PmBclfJdubIRUjv99pSjMhw2C2+5rERq4fquj5LpxcAyK47hIYRywjX9AL2lWE68
-5fxacYkz+P2ZYhFCV4B0ViX+SL47bEXL+dJPjCMK+Apd74XymHGnCjaRIK+OZFFj
-chJbTiOfrpPDmuzH6z8hUIOKo8mnqfJALZG4JL7xY3eLT/W48qa3oUwHzpbMEq/a
-w9uvmXr7QDhsTrM6dtsk5B/F6nn9oBkgh/vp85EW4IJWnvnPCXWmGzjn6z8/vON9
-t0KFSt5C9ua48stcRJW6tkUf/jkZ56nNdVKB07Xfvb3Z5ug2oihiWonuigshhQ==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAIiCDOzcIcsfI4Wn2Ad/scItg
+xJSBNx30KtOSPhxsub2pumGyGx+5cd4HsFpQM3uDIkThpU1+dVoJ7vLEmopdfa1p
+gbuphs9l6PZQLB7lFSsLhWoCJsA4UQQPCm/RuLTkpLWuoubOLEG2omtHgg2KK92R
+0GcJFVcDHpVPVwYaKui2/acfgKD3IDmLPwjNegXEfHKS1/9ApGwQZC2opczvNOpJ
+sNkoaVzH1EH1IT1gdMc1PV+AeDQJYAbwyDucuHZkjup4wej8LKCantcsXxuQBXNf
+WMitKu+2oPLxnvJ8SNgRd+MK1CZ9rQ/BKUueUbyiTZitJ1HzHbMrbgCVFq48EQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
index e2d7e1ca..f850ed0d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         63:ae:90:26:72:85:db:01:cb:b9:f2:51:f2:43:8d:b5:4f:95:
-         ab:e0:5d:9d:67:65:1c:24:ba:b0:0c:82:4e:ed:5f:9b:89:5d:
-         7d:7f:b3:67:a2:09:8d:39:b5:af:9c:f5:c2:40:b3:ba:4e:73:
-         72:cf:13:dd:3c:e8:3e:92:6f:46:8c:76:f9:47:71:5e:e4:81:
-         68:cb:97:b3:73:35:ae:34:10:2a:ab:e7:cc:3a:0d:a7:a2:97:
-         97:49:54:b2:a0:05:1c:18:5a:af:76:f0:23:b5:ff:c6:cc:1a:
-         67:1a:5a:7c:57:50:cb:f8:53:78:b8:53:6a:8c:3d:dc:b2:f1:
-         b7:aa:f8:f2:73:a1:22:97:04:bc:d5:6e:29:5b:86:ac:63:f1:
-         62:b2:2d:a5:c0:ff:2d:3f:79:e4:d0:81:fd:01:30:91:53:94:
-         43:35:c8:c7:4c:b9:27:23:54:54:69:76:86:f0:c3:a0:86:c2:
-         32:1b:6b:22:6c:8e:5f:9b:b1:20:73:ac:8d:da:c8:0f:ec:63:
-         61:5d:e3:1f:7f:cc:b5:30:4a:1c:9b:c5:53:cb:5e:8f:b0:cc:
-         52:01:75:d0:a8:d1:85:20:ef:4d:d9:2d:c7:0f:1e:ed:82:8a:
-         1e:f6:ab:ed:9f:65:57:a9:3b:08:de:66:ad:a2:2e:51:37:0a:
-         10:5d:04:a0
+         6c:32:8c:c0:5a:4b:18:32:75:8d:04:83:3a:7d:0a:53:81:31:
+         ef:7e:47:8b:f3:69:c4:c5:16:82:70:fb:26:9f:f7:c9:d9:07:
+         80:45:40:e5:fd:22:f4:a9:90:b4:53:89:20:7d:8c:71:77:35:
+         50:79:39:8d:1c:a4:e5:0a:cb:d4:07:34:fd:76:3b:e7:4e:b5:
+         ca:6b:97:4b:e4:48:3c:28:5c:7b:6f:34:fc:f8:34:65:5a:d4:
+         33:a8:4f:6c:a7:c5:c9:2b:95:48:1a:d2:da:50:45:50:2a:b9:
+         16:dc:6a:6a:64:f1:52:55:7c:25:f8:35:4e:8e:86:f1:01:78:
+         56:11:10:6e:92:d0:45:6a:9d:03:a0:a3:b8:3b:97:fb:2d:a8:
+         1f:83:9d:d0:d9:af:8b:77:08:a2:0d:8e:15:18:97:7e:4b:d9:
+         6f:48:cd:a5:6e:04:29:e4:ba:c4:63:e7:a1:b1:bf:22:71:75:
+         24:da:6f:73:0f:d3:fc:84:af:68:3c:3d:c5:e0:72:f3:b8:2e:
+         8b:5f:d9:00:c6:7e:59:4e:b9:f4:12:a7:df:88:d0:67:f9:40:
+         17:4f:25:af:72:b7:a5:ee:b2:69:3b:b2:fe:a7:1b:6b:39:e6:
+         be:89:0e:ed:74:87:7e:25:bd:3d:c7:f6:f1:d9:10:47:1c:54:
+         47:0c:77:31
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAGOukCZyhdsBy7nyUfJDjbVPlavgXZ1nZRwkurAMgk7tX5uJXX1/
-s2eiCY05ta+c9cJAs7pOc3LPE9086D6Sb0aMdvlHcV7kgWjLl7NzNa40ECqr58w6
-Daeil5dJVLKgBRwYWq928CO1/8bMGmcaWnxXUMv4U3i4U2qMPdyy8beq+PJzoSKX
-BLzVbilbhqxj8WKyLaXA/y0/eeTQgf0BMJFTlEM1yMdMuScjVFRpdobww6CGwjIb
-ayJsjl+bsSBzrI3ayA/sY2Fd4x9/zLUwShybxVPLXo+wzFIBddCo0YUg703ZLccP
-Hu2Cih72q+2fZVepOwjeZq2iLlE3ChBdBKA=
+AQELBQADggEBAGwyjMBaSxgydY0Egzp9ClOBMe9+R4vzacTFFoJw+yaf98nZB4BF
+QOX9IvSpkLRTiSB9jHF3NVB5OY0cpOUKy9QHNP12O+dOtcprl0vkSDwoXHtvNPz4
+NGVa1DOoT2ynxckrlUga0tpQRVAquRbcampk8VJVfCX4NU6OhvEBeFYREG6S0EVq
+nQOgo7g7l/stqB+DndDZr4t3CKINjhUYl35L2W9IzaVuBCnkusRj56GxvyJxdSTa
+b3MP0/yEr2g8PcXgcvO4Lotf2QDGfllOufQSp9+I0Gf5QBdPJa9yt6Xusmk7sv6n
+G2s55r6JDu10h34lvT3H9vHZEEccVEcMdzE=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
index 903de701..a394e296 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-ICA2-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         a0:92:d4:03:7b:b4:f5:cb:d8:7f:ca:e9:ff:0e:17:62:e9:72:
-         82:ca:c0:84:2c:26:d3:ff:35:aa:aa:e6:1d:0d:5f:86:40:94:
-         12:01:30:dc:7c:c9:84:02:9f:d5:de:a8:47:38:e9:74:c1:73:
-         63:a3:37:88:3f:c5:d6:24:03:d1:9c:8b:7e:c1:62:ae:5c:ad:
-         c1:bc:28:b6:c7:ad:0b:ef:89:eb:87:0d:25:74:a0:f3:fa:e9:
-         03:68:7a:9f:88:42:72:b8:56:e5:f7:98:d3:da:79:1e:a2:ad:
-         16:0b:31:ae:52:bb:12:1d:1a:cd:a6:d2:04:e8:94:cb:37:a9:
-         6c:07:3a:74:e3:90:44:56:76:36:31:7e:23:69:be:dd:b2:79:
-         bf:8f:72:ab:19:09:b5:5b:a8:52:db:d6:a7:63:cb:30:75:50:
-         41:28:92:86:c2:46:17:00:1a:22:3c:fa:13:ea:bc:01:e8:62:
-         4d:bf:8a:41:81:a2:06:0f:bb:f3:73:36:fa:1c:39:3b:db:50:
-         ee:83:70:96:3f:67:ab:35:cf:a5:07:f9:35:50:54:58:12:60:
-         4d:ec:a9:25:97:39:b7:14:83:03:d5:8e:d9:75:7f:d8:cc:ce:
-         4d:d6:43:a3:ae:19:3d:75:61:0e:fa:fe:31:e5:5e:ee:56:5a:
-         c8:c9:68:b0
+         10:af:3a:e5:49:81:7e:0f:ef:ad:b4:62:02:de:5b:2f:d7:bd:
+         9c:59:b4:d3:ae:6c:60:12:ba:23:86:ee:34:4e:d5:29:00:1b:
+         6e:1e:6b:05:96:0d:2c:4e:5c:91:74:83:ad:ba:8b:fe:cd:a6:
+         9b:86:94:f7:7f:b4:5e:c9:cb:e6:6e:90:30:53:cb:44:27:f5:
+         0b:37:b9:f0:bc:37:cd:b9:fc:fb:77:03:54:82:b5:d2:97:12:
+         01:36:48:1f:a7:ae:7d:a3:c6:55:9e:c4:0e:0b:76:dc:e8:3c:
+         b0:cc:06:88:be:74:2e:03:82:72:38:80:ca:14:dc:63:82:6e:
+         73:3b:77:e8:c0:4d:e7:0e:8f:7e:9c:65:36:1c:d6:47:40:74:
+         ef:ce:fe:6d:60:83:77:18:c9:3c:9f:f6:06:a5:16:e6:07:53:
+         66:f0:49:42:dd:04:49:59:a9:b9:12:1f:a4:e9:c7:15:fb:34:
+         df:a5:19:62:93:65:6c:ef:66:90:61:fe:0e:19:56:0d:b2:5d:
+         b1:ee:55:40:32:7c:36:ff:54:6e:e4:55:16:7e:57:bd:82:f8:
+         b1:38:de:86:a8:e8:4d:7e:b2:b8:59:ef:79:89:a3:0e:63:39:
+         61:3f:f2:ab:b4:50:eb:74:7c:79:e7:f9:66:91:ff:ea:61:27:
+         df:be:c2:89
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey
 LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAKCS1AN7tPXL2H/K6f8OF2LpcoLKwIQsJtP/Naqq5h0N
-X4ZAlBIBMNx8yYQCn9XeqEc46XTBc2OjN4g/xdYkA9Gci37BYq5crcG8KLbHrQvv
-ieuHDSV0oPP66QNoep+IQnK4VuX3mNPaeR6irRYLMa5SuxIdGs2m0gTolMs3qWwH
-OnTjkERWdjYxfiNpvt2yeb+PcqsZCbVbqFLb1qdjyzB1UEEokobCRhcAGiI8+hPq
-vAHoYk2/ikGBogYPu/NzNvocOTvbUO6DcJY/Z6s1z6UH+TVQVFgSYE3sqSWXObcU
-gwPVjtl1f9jMzk3WQ6OuGT11YQ76/jHlXu5WWsjJaLA=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBABCvOuVJgX4P7620YgLeWy/XvZxZtNOubGASuiOG7jRO
+1SkAG24eawWWDSxOXJF0g626i/7NppuGlPd/tF7Jy+ZukDBTy0Qn9Qs3ufC8N825
+/Pt3A1SCtdKXEgE2SB+nrn2jxlWexA4LdtzoPLDMBoi+dC4DgnI4gMoU3GOCbnM7
+d+jATecOj36cZTYc1kdAdO/O/m1gg3cYyTyf9galFuYHU2bwSULdBElZqbkSH6Tp
+xxX7NN+lGWKTZWzvZpBh/g4ZVg2yXbHuVUAyfDb/VG7kVRZ+V72C+LE43oao6E1+
+srhZ73mJow5jOWE/8qu0UOt0fHnn+WaR/+phJ9++wok=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
index cbe379bd..836d817d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         4c:f5:67:b4:d0:b3:0d:bf:83:54:88:1b:f4:db:73:e2:11:2e:
-         39:2f:60:86:6c:4a:f1:41:3e:18:6b:c9:df:28:0d:3c:4c:d3:
-         c2:52:83:07:14:84:30:4c:05:1c:23:b2:7d:45:c3:ed:ee:cb:
-         b0:33:e7:ff:5a:62:78:7a:db:f2:61:d7:d4:40:3a:f7:ba:3f:
-         91:de:bb:7c:f9:14:0f:6e:39:82:c1:73:c7:ab:d3:72:f4:09:
-         83:92:c4:fd:7b:8b:a4:f9:08:f7:c7:60:0f:d5:7a:d0:49:44:
-         64:e7:13:da:8f:90:f7:ec:d5:17:7b:bc:a1:f8:04:f9:81:5a:
-         57:a0:2c:e1:d0:16:96:ae:52:fb:af:6d:23:54:78:fd:97:1a:
-         c5:c5:6c:19:11:78:54:0e:ec:b7:d8:48:93:89:29:77:68:a7:
-         2a:fa:08:82:b3:51:e9:87:b0:d1:02:c1:10:75:55:41:51:3d:
-         30:e9:40:c6:a8:c2:e6:ee:09:26:e4:98:79:9e:ca:45:55:e8:
-         fb:f3:51:09:1c:21:22:d9:5f:33:61:7b:63:f2:c9:c2:c3:71:
-         2b:70:56:5a:8a:66:1b:f6:d5:53:88:59:19:61:4e:ec:e7:72:
-         a9:56:04:9c:26:c9:e7:20:be:dd:52:55:1c:cb:d9:79:c5:d3:
-         ff:36:a2:e4
+         58:2b:2e:33:ed:42:7d:ce:8a:9f:2e:25:2f:7a:66:6f:d0:8a:
+         32:ee:70:b6:a0:ee:6f:ec:0c:52:af:d8:8c:2a:11:9f:f0:f3:
+         6a:41:bd:da:43:ad:82:5d:52:95:e2:6b:95:42:d1:24:09:ba:
+         7d:b5:6b:73:a2:96:3d:72:ba:65:cd:9c:c6:65:52:fb:68:65:
+         cb:55:5d:f5:44:fa:66:72:8c:1c:33:92:a6:37:77:44:16:86:
+         ed:f2:d3:a9:49:ff:aa:05:96:c8:e0:1c:b7:0a:60:e7:46:5e:
+         94:9d:c8:7a:31:41:98:96:38:17:a0:79:e3:1d:a3:13:06:17:
+         2d:b8:fd:6f:34:ed:e3:6d:36:e7:d4:5d:cf:00:4a:ce:a6:ff:
+         1c:87:d8:48:1b:65:b0:d0:72:70:48:15:bd:f1:3c:a9:06:f9:
+         7e:11:c1:43:6c:0b:60:d9:d9:5c:d3:3b:c2:18:eb:3f:82:eb:
+         fd:a5:1a:b2:a2:23:10:c3:30:af:4a:e9:d9:05:f1:e2:4e:e9:
+         41:bd:d7:dd:98:db:91:f2:15:54:4c:82:3d:22:aa:18:e5:e6:
+         df:9b:85:21:63:74:3d:08:a9:2e:35:e2:5e:61:32:78:04:49:
+         91:0d:8c:05:12:90:ec:f5:c5:d2:71:8a:2a:65:5c:b1:d4:14:
+         53:de:9b:98
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEz1Z7TQ
-sw2/g1SIG/Tbc+IRLjkvYIZsSvFBPhhryd8oDTxM08JSgwcUhDBMBRwjsn1Fw+3u
-y7Az5/9aYnh62/Jh19RAOve6P5Heu3z5FA9uOYLBc8er03L0CYOSxP17i6T5CPfH
-YA/VetBJRGTnE9qPkPfs1Rd7vKH4BPmBWlegLOHQFpauUvuvbSNUeP2XGsXFbBkR
-eFQO7LfYSJOJKXdopyr6CIKzUemHsNECwRB1VUFRPTDpQMaowubuCSbkmHmeykVV
-6PvzUQkcISLZXzNhe2PyycLDcStwVlqKZhv21VOIWRlhTuzncqlWBJwmyecgvt1S
-VRzL2XnF0/82ouQ=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAFgrLjPt
+Qn3Oip8uJS96Zm/QijLucLag7m/sDFKv2IwqEZ/w82pBvdpDrYJdUpXia5VC0SQJ
+un21a3Oilj1yumXNnMZlUvtoZctVXfVE+mZyjBwzkqY3d0QWhu3y06lJ/6oFlsjg
+HLcKYOdGXpSdyHoxQZiWOBegeeMdoxMGFy24/W807eNtNufUXc8ASs6m/xyH2Egb
+ZbDQcnBIFb3xPKkG+X4RwUNsC2DZ2VzTO8IY6z+C6/2lGrKiIxDDMK9K6dkF8eJO
+6UG9192Y25HyFVRMgj0iqhjl5t+bhSFjdD0IqS414l5hMngESZENjAUSkOz1xdJx
+iiplXLHUFFPem5g=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         63:ae:90:26:72:85:db:01:cb:b9:f2:51:f2:43:8d:b5:4f:95:
-         ab:e0:5d:9d:67:65:1c:24:ba:b0:0c:82:4e:ed:5f:9b:89:5d:
-         7d:7f:b3:67:a2:09:8d:39:b5:af:9c:f5:c2:40:b3:ba:4e:73:
-         72:cf:13:dd:3c:e8:3e:92:6f:46:8c:76:f9:47:71:5e:e4:81:
-         68:cb:97:b3:73:35:ae:34:10:2a:ab:e7:cc:3a:0d:a7:a2:97:
-         97:49:54:b2:a0:05:1c:18:5a:af:76:f0:23:b5:ff:c6:cc:1a:
-         67:1a:5a:7c:57:50:cb:f8:53:78:b8:53:6a:8c:3d:dc:b2:f1:
-         b7:aa:f8:f2:73:a1:22:97:04:bc:d5:6e:29:5b:86:ac:63:f1:
-         62:b2:2d:a5:c0:ff:2d:3f:79:e4:d0:81:fd:01:30:91:53:94:
-         43:35:c8:c7:4c:b9:27:23:54:54:69:76:86:f0:c3:a0:86:c2:
-         32:1b:6b:22:6c:8e:5f:9b:b1:20:73:ac:8d:da:c8:0f:ec:63:
-         61:5d:e3:1f:7f:cc:b5:30:4a:1c:9b:c5:53:cb:5e:8f:b0:cc:
-         52:01:75:d0:a8:d1:85:20:ef:4d:d9:2d:c7:0f:1e:ed:82:8a:
-         1e:f6:ab:ed:9f:65:57:a9:3b:08:de:66:ad:a2:2e:51:37:0a:
-         10:5d:04:a0
+         6c:32:8c:c0:5a:4b:18:32:75:8d:04:83:3a:7d:0a:53:81:31:
+         ef:7e:47:8b:f3:69:c4:c5:16:82:70:fb:26:9f:f7:c9:d9:07:
+         80:45:40:e5:fd:22:f4:a9:90:b4:53:89:20:7d:8c:71:77:35:
+         50:79:39:8d:1c:a4:e5:0a:cb:d4:07:34:fd:76:3b:e7:4e:b5:
+         ca:6b:97:4b:e4:48:3c:28:5c:7b:6f:34:fc:f8:34:65:5a:d4:
+         33:a8:4f:6c:a7:c5:c9:2b:95:48:1a:d2:da:50:45:50:2a:b9:
+         16:dc:6a:6a:64:f1:52:55:7c:25:f8:35:4e:8e:86:f1:01:78:
+         56:11:10:6e:92:d0:45:6a:9d:03:a0:a3:b8:3b:97:fb:2d:a8:
+         1f:83:9d:d0:d9:af:8b:77:08:a2:0d:8e:15:18:97:7e:4b:d9:
+         6f:48:cd:a5:6e:04:29:e4:ba:c4:63:e7:a1:b1:bf:22:71:75:
+         24:da:6f:73:0f:d3:fc:84:af:68:3c:3d:c5:e0:72:f3:b8:2e:
+         8b:5f:d9:00:c6:7e:59:4e:b9:f4:12:a7:df:88:d0:67:f9:40:
+         17:4f:25:af:72:b7:a5:ee:b2:69:3b:b2:fe:a7:1b:6b:39:e6:
+         be:89:0e:ed:74:87:7e:25:bd:3d:c7:f6:f1:d9:10:47:1c:54:
+         47:0c:77:31
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkItSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAGOukCZyhdsBy7nyUfJDjbVPlavgXZ1nZRwkurAMgk7tX5uJXX1/
-s2eiCY05ta+c9cJAs7pOc3LPE9086D6Sb0aMdvlHcV7kgWjLl7NzNa40ECqr58w6
-Daeil5dJVLKgBRwYWq928CO1/8bMGmcaWnxXUMv4U3i4U2qMPdyy8beq+PJzoSKX
-BLzVbilbhqxj8WKyLaXA/y0/eeTQgf0BMJFTlEM1yMdMuScjVFRpdobww6CGwjIb
-ayJsjl+bsSBzrI3ayA/sY2Fd4x9/zLUwShybxVPLXo+wzFIBddCo0YUg703ZLccP
-Hu2Cih72q+2fZVepOwjeZq2iLlE3ChBdBKA=
+AQELBQADggEBAGwyjMBaSxgydY0Egzp9ClOBMe9+R4vzacTFFoJw+yaf98nZB4BF
+QOX9IvSpkLRTiSB9jHF3NVB5OY0cpOUKy9QHNP12O+dOtcprl0vkSDwoXHtvNPz4
+NGVa1DOoT2ynxckrlUga0tpQRVAquRbcampk8VJVfCX4NU6OhvEBeFYREG6S0EVq
+nQOgo7g7l/stqB+DndDZr4t3CKINjhUYl35L2W9IzaVuBCnkusRj56GxvyJxdSTa
+b3MP0/yEr2g8PcXgcvO4Lotf2QDGfllOufQSp9+I0Gf5QBdPJa9yt6Xusmk7sv6n
+G2s55r6JDu10h34lvT3H9vHZEEccVEcMdzE=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -213,34 +213,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         a0:92:d4:03:7b:b4:f5:cb:d8:7f:ca:e9:ff:0e:17:62:e9:72:
-         82:ca:c0:84:2c:26:d3:ff:35:aa:aa:e6:1d:0d:5f:86:40:94:
-         12:01:30:dc:7c:c9:84:02:9f:d5:de:a8:47:38:e9:74:c1:73:
-         63:a3:37:88:3f:c5:d6:24:03:d1:9c:8b:7e:c1:62:ae:5c:ad:
-         c1:bc:28:b6:c7:ad:0b:ef:89:eb:87:0d:25:74:a0:f3:fa:e9:
-         03:68:7a:9f:88:42:72:b8:56:e5:f7:98:d3:da:79:1e:a2:ad:
-         16:0b:31:ae:52:bb:12:1d:1a:cd:a6:d2:04:e8:94:cb:37:a9:
-         6c:07:3a:74:e3:90:44:56:76:36:31:7e:23:69:be:dd:b2:79:
-         bf:8f:72:ab:19:09:b5:5b:a8:52:db:d6:a7:63:cb:30:75:50:
-         41:28:92:86:c2:46:17:00:1a:22:3c:fa:13:ea:bc:01:e8:62:
-         4d:bf:8a:41:81:a2:06:0f:bb:f3:73:36:fa:1c:39:3b:db:50:
-         ee:83:70:96:3f:67:ab:35:cf:a5:07:f9:35:50:54:58:12:60:
-         4d:ec:a9:25:97:39:b7:14:83:03:d5:8e:d9:75:7f:d8:cc:ce:
-         4d:d6:43:a3:ae:19:3d:75:61:0e:fa:fe:31:e5:5e:ee:56:5a:
-         c8:c9:68:b0
+         10:af:3a:e5:49:81:7e:0f:ef:ad:b4:62:02:de:5b:2f:d7:bd:
+         9c:59:b4:d3:ae:6c:60:12:ba:23:86:ee:34:4e:d5:29:00:1b:
+         6e:1e:6b:05:96:0d:2c:4e:5c:91:74:83:ad:ba:8b:fe:cd:a6:
+         9b:86:94:f7:7f:b4:5e:c9:cb:e6:6e:90:30:53:cb:44:27:f5:
+         0b:37:b9:f0:bc:37:cd:b9:fc:fb:77:03:54:82:b5:d2:97:12:
+         01:36:48:1f:a7:ae:7d:a3:c6:55:9e:c4:0e:0b:76:dc:e8:3c:
+         b0:cc:06:88:be:74:2e:03:82:72:38:80:ca:14:dc:63:82:6e:
+         73:3b:77:e8:c0:4d:e7:0e:8f:7e:9c:65:36:1c:d6:47:40:74:
+         ef:ce:fe:6d:60:83:77:18:c9:3c:9f:f6:06:a5:16:e6:07:53:
+         66:f0:49:42:dd:04:49:59:a9:b9:12:1f:a4:e9:c7:15:fb:34:
+         df:a5:19:62:93:65:6c:ef:66:90:61:fe:0e:19:56:0d:b2:5d:
+         b1:ee:55:40:32:7c:36:ff:54:6e:e4:55:16:7e:57:bd:82:f8:
+         b1:38:de:86:a8:e8:4d:7e:b2:b8:59:ef:79:89:a3:0e:63:39:
+         61:3f:f2:ab:b4:50:eb:74:7c:79:e7:f9:66:91:ff:ea:61:27:
+         df:be:c2:89
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQi1JQ0Ey
 LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -254,12 +254,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO5ZnVYLfApFROMVV+Ky8x1kb696MIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAKCS1AN7tPXL2H/K6f8OF2LpcoLKwIQsJtP/Naqq5h0N
-X4ZAlBIBMNx8yYQCn9XeqEc46XTBc2OjN4g/xdYkA9Gci37BYq5crcG8KLbHrQvv
-ieuHDSV0oPP66QNoep+IQnK4VuX3mNPaeR6irRYLMa5SuxIdGs2m0gTolMs3qWwH
-OnTjkERWdjYxfiNpvt2yeb+PcqsZCbVbqFLb1qdjyzB1UEEokobCRhcAGiI8+hPq
-vAHoYk2/ikGBogYPu/NzNvocOTvbUO6DcJY/Z6s1z6UH+TVQVFgSYE3sqSWXObcU
-gwPVjtl1f9jMzk3WQ6OuGT11YQ76/jHlXu5WWsjJaLA=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBABCvOuVJgX4P7620YgLeWy/XvZxZtNOubGASuiOG7jRO
+1SkAG24eawWWDSxOXJF0g626i/7NppuGlPd/tF7Jy+ZukDBTy0Qn9Qs3ufC8N825
+/Pt3A1SCtdKXEgE2SB+nrn2jxlWexA4LdtzoPLDMBoi+dC4DgnI4gMoU3GOCbnM7
+d+jATecOj36cZTYc1kdAdO/O/m1gg3cYyTyf9galFuYHU2bwSULdBElZqbkSH6Tp
+xxX7NN+lGWKTZWzvZpBh/g4ZVg2yXbHuVUAyfDb/VG7kVRZ+V72C+LE43oao6E1+
+srhZ73mJow5jOWE/8qu0UOt0fHnn+WaR/+phJ9++wok=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
index 5a0bf47f..d4783531 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainB-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainB-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         4c:f5:67:b4:d0:b3:0d:bf:83:54:88:1b:f4:db:73:e2:11:2e:
-         39:2f:60:86:6c:4a:f1:41:3e:18:6b:c9:df:28:0d:3c:4c:d3:
-         c2:52:83:07:14:84:30:4c:05:1c:23:b2:7d:45:c3:ed:ee:cb:
-         b0:33:e7:ff:5a:62:78:7a:db:f2:61:d7:d4:40:3a:f7:ba:3f:
-         91:de:bb:7c:f9:14:0f:6e:39:82:c1:73:c7:ab:d3:72:f4:09:
-         83:92:c4:fd:7b:8b:a4:f9:08:f7:c7:60:0f:d5:7a:d0:49:44:
-         64:e7:13:da:8f:90:f7:ec:d5:17:7b:bc:a1:f8:04:f9:81:5a:
-         57:a0:2c:e1:d0:16:96:ae:52:fb:af:6d:23:54:78:fd:97:1a:
-         c5:c5:6c:19:11:78:54:0e:ec:b7:d8:48:93:89:29:77:68:a7:
-         2a:fa:08:82:b3:51:e9:87:b0:d1:02:c1:10:75:55:41:51:3d:
-         30:e9:40:c6:a8:c2:e6:ee:09:26:e4:98:79:9e:ca:45:55:e8:
-         fb:f3:51:09:1c:21:22:d9:5f:33:61:7b:63:f2:c9:c2:c3:71:
-         2b:70:56:5a:8a:66:1b:f6:d5:53:88:59:19:61:4e:ec:e7:72:
-         a9:56:04:9c:26:c9:e7:20:be:dd:52:55:1c:cb:d9:79:c5:d3:
-         ff:36:a2:e4
+         58:2b:2e:33:ed:42:7d:ce:8a:9f:2e:25:2f:7a:66:6f:d0:8a:
+         32:ee:70:b6:a0:ee:6f:ec:0c:52:af:d8:8c:2a:11:9f:f0:f3:
+         6a:41:bd:da:43:ad:82:5d:52:95:e2:6b:95:42:d1:24:09:ba:
+         7d:b5:6b:73:a2:96:3d:72:ba:65:cd:9c:c6:65:52:fb:68:65:
+         cb:55:5d:f5:44:fa:66:72:8c:1c:33:92:a6:37:77:44:16:86:
+         ed:f2:d3:a9:49:ff:aa:05:96:c8:e0:1c:b7:0a:60:e7:46:5e:
+         94:9d:c8:7a:31:41:98:96:38:17:a0:79:e3:1d:a3:13:06:17:
+         2d:b8:fd:6f:34:ed:e3:6d:36:e7:d4:5d:cf:00:4a:ce:a6:ff:
+         1c:87:d8:48:1b:65:b0:d0:72:70:48:15:bd:f1:3c:a9:06:f9:
+         7e:11:c1:43:6c:0b:60:d9:d9:5c:d3:3b:c2:18:eb:3f:82:eb:
+         fd:a5:1a:b2:a2:23:10:c3:30:af:4a:e9:d9:05:f1:e2:4e:e9:
+         41:bd:d7:dd:98:db:91:f2:15:54:4c:82:3d:22:aa:18:e5:e6:
+         df:9b:85:21:63:74:3d:08:a9:2e:35:e2:5e:61:32:78:04:49:
+         91:0d:8c:05:12:90:ec:f5:c5:d2:71:8a:2a:65:5c:b1:d4:14:
+         53:de:9b:98
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQi1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkItZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBTXkOSGWST5K7gGjrGPM+UsY/EDFqGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluQi1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAEz1Z7TQ
-sw2/g1SIG/Tbc+IRLjkvYIZsSvFBPhhryd8oDTxM08JSgwcUhDBMBRwjsn1Fw+3u
-y7Az5/9aYnh62/Jh19RAOve6P5Heu3z5FA9uOYLBc8er03L0CYOSxP17i6T5CPfH
-YA/VetBJRGTnE9qPkPfs1Rd7vKH4BPmBWlegLOHQFpauUvuvbSNUeP2XGsXFbBkR
-eFQO7LfYSJOJKXdopyr6CIKzUemHsNECwRB1VUFRPTDpQMaowubuCSbkmHmeykVV
-6PvzUQkcISLZXzNhe2PyycLDcStwVlqKZhv21VOIWRlhTuzncqlWBJwmyecgvt1S
-VRzL2XnF0/82ouQ=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAFgrLjPt
+Qn3Oip8uJS96Zm/QijLucLag7m/sDFKv2IwqEZ/w82pBvdpDrYJdUpXia5VC0SQJ
+un21a3Oilj1yumXNnMZlUvtoZctVXfVE+mZyjBwzkqY3d0QWhu3y06lJ/6oFlsjg
+HLcKYOdGXpSdyHoxQZiWOBegeeMdoxMGFy24/W807eNtNufUXc8ASs6m/xyH2Egb
+ZbDQcnBIFb3xPKkG+X4RwUNsC2DZ2VzTO8IY6z+C6/2lGrKiIxDDMK9K6dkF8eJO
+6UG9192Y25HyFVRMgj0iqhjl5t+bhSFjdD0IqS414l5hMngESZENjAUSkOz1xdJx
+iiplXLHUFFPem5g=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
index 699ea62d..bfd767cb 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-ICA1-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         85:07:b7:5d:63:bb:41:42:b4:d4:b7:26:cc:c8:70:90:38:aa:
-         08:58:77:21:dc:34:06:63:43:47:22:4f:9d:3d:bc:6a:da:9a:
-         b7:0c:7a:1a:bf:76:8b:32:34:b5:42:ad:60:d6:38:6a:91:df:
-         d7:49:e3:a2:1e:53:0b:0e:dc:56:44:dd:bf:7a:c4:72:82:c9:
-         77:76:b4:52:84:2f:1e:5b:a6:58:b1:58:d9:67:9c:43:cf:28:
-         3e:f4:cd:2d:9c:af:bc:e9:ec:82:2c:42:da:40:06:55:a8:1f:
-         f3:e4:dd:8a:a4:ba:9f:45:71:f1:b9:35:a0:fa:77:4b:67:f2:
-         0d:78:7e:bf:db:f7:32:41:a3:0d:e4:38:ce:ec:fb:a4:5e:19:
-         8a:7c:d6:ff:ee:cd:a7:de:d8:6a:e7:b5:30:6c:2b:a1:d9:9c:
-         04:28:ee:5a:d6:83:84:15:f3:39:25:1e:9d:bc:12:09:1e:99:
-         69:ae:0e:9e:92:92:69:2e:12:a3:d4:40:0a:0a:66:5a:0a:ec:
-         e3:7c:2a:55:b5:30:60:a7:fa:ed:26:f4:b3:b8:c7:70:01:ed:
-         ed:dd:cc:1d:d1:43:c1:a2:72:b1:cd:20:89:a7:95:ea:e8:ca:
-         01:17:73:ab:99:67:35:f6:d5:e9:1a:06:c9:15:b2:47:2d:8c:
-         35:5b:57:12
+         52:84:69:eb:36:71:76:74:41:ab:d8:70:ae:18:64:3f:b1:8d:
+         ef:ad:2f:6b:6b:e5:c3:5e:41:ca:6c:30:23:b5:6b:26:c2:18:
+         fa:b4:97:95:9f:50:16:29:94:5e:91:1b:90:22:db:1e:a8:7f:
+         eb:db:b9:38:d8:7d:8d:f9:1b:b2:c4:ab:0e:10:d4:ae:8e:a3:
+         56:c5:e0:ed:f9:37:eb:ce:1f:93:70:32:2a:aa:30:90:38:02:
+         58:e4:e7:e7:bb:80:64:a0:ef:8d:2f:15:2d:8b:d0:d8:b0:72:
+         0c:63:76:ba:cb:c8:1c:79:34:d9:d3:23:15:c2:b2:da:89:1a:
+         c6:24:16:60:2f:8a:80:fd:ac:cf:3d:0d:eb:1b:e1:ca:aa:37:
+         e5:a1:80:8d:14:e1:ca:94:f2:c4:7c:22:4a:54:f6:e4:e5:db:
+         57:13:a3:fb:9a:63:13:2c:6e:4b:33:cc:1e:de:73:7e:00:b9:
+         8f:3d:bf:ff:af:81:83:31:2e:42:b2:c9:df:23:ae:9a:35:cf:
+         3d:f4:98:fd:dc:58:15:01:41:a7:c0:6c:09:cd:88:39:24:71:
+         10:97:f3:e5:0e:ad:59:77:83:00:a0:03:9e:c8:cb:26:18:d1:
+         a1:60:bd:8a:53:a8:4e:08:0e:57:1e:5b:1d:df:a5:bd:04:01:
+         66:dd:30:2d
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex
 LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAIUHt11ju0FCtNS3JszIcJA4qghYdyHcNAZjQ0ciT509
-vGramrcMehq/dosyNLVCrWDWOGqR39dJ46IeUwsO3FZE3b96xHKCyXd2tFKELx5b
-plixWNlnnEPPKD70zS2cr7zp7IIsQtpABlWoH/Pk3Yqkup9FcfG5NaD6d0tn8g14
-fr/b9zJBow3kOM7s+6ReGYp81v/uzafe2GrntTBsK6HZnAQo7lrWg4QV8zklHp28
-EgkemWmuDp6SkmkuEqPUQAoKZloK7ON8KlW1MGCn+u0m9LO4x3AB7e3dzB3RQ8Gi
-crHNIImnleroygEXc6uZZzX21ekaBskVskctjDVbVxI=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFKEaes2cXZ0QavYcK4YZD+xje+tL2tr5cNeQcpsMCO1
+aybCGPq0l5WfUBYplF6RG5Ai2x6of+vbuTjYfY35G7LEqw4Q1K6Oo1bF4O35N+vO
+H5NwMiqqMJA4Aljk5+e7gGSg740vFS2L0NiwcgxjdrrLyBx5NNnTIxXCstqJGsYk
+FmAvioD9rM89Desb4cqqN+WhgI0U4cqU8sR8IkpU9uTl21cTo/uaYxMsbkszzB7e
+c34AuY89v/+vgYMxLkKyyd8jrpo1zz30mP3cWBUBQafAbAnNiDkkcRCX8+UOrVl3
+gwCgA57IyyYY0aFgvYpTqE4IDlceWx3fpb0EAWbdMC0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
index ee686ba8..55e61fa4 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         93:2b:f0:ef:0b:81:7e:80:7e:46:ba:e4:21:85:d6:aa:ac:b3:
-         22:9f:0e:99:48:5c:bb:68:30:c3:98:24:14:fc:9c:63:4d:2f:
-         9d:82:03:61:cf:d5:9d:82:91:58:ba:45:6a:e1:aa:81:d4:e8:
-         0c:a8:06:0a:a5:5e:56:84:0a:25:81:43:1c:db:e3:8d:b6:1c:
-         16:a8:79:bf:9e:ac:61:a2:39:41:16:0f:e6:49:3c:26:34:a7:
-         95:e6:20:41:2e:d5:e9:3e:fa:8c:fe:6e:2e:25:d8:a8:08:18:
-         92:a6:e5:9a:91:b2:40:94:64:ef:8d:55:7a:b3:71:f8:0f:af:
-         2c:40:73:f2:74:1b:c0:9e:f2:1c:98:7d:37:e1:04:07:8c:b9:
-         8d:bf:5f:1a:0a:24:ac:26:b3:5f:0c:31:78:a0:ab:9d:88:51:
-         aa:b6:0c:7c:6f:3d:d6:d1:93:81:5e:38:32:a3:95:8c:04:be:
-         24:d0:32:8b:94:d5:f9:71:c8:04:f1:c5:85:59:c2:d4:20:0d:
-         ef:bc:f2:3d:4a:86:05:92:14:bb:42:95:c3:45:e5:97:e1:33:
-         74:52:93:c8:38:30:b5:b8:97:e2:ba:bb:73:2a:3d:25:d0:c6:
-         09:19:3b:f6:02:f9:9c:0b:4f:8b:10:03:83:36:59:7d:b8:a1:
-         12:60:e5:67
+         b0:8e:f5:a6:d7:df:13:fb:72:58:82:1e:b8:e8:34:aa:12:cc:
+         39:4e:ad:b7:ff:b7:1b:d4:91:25:12:4f:af:f4:f0:9a:bf:e4:
+         0f:f1:3d:bb:46:e9:c1:61:a5:b1:42:f3:13:75:b1:60:df:ba:
+         36:62:f4:4d:e1:2c:23:ff:92:db:81:dc:72:71:74:00:6b:a2:
+         29:cd:6f:ff:3c:db:35:6c:8c:bf:d5:d4:af:20:78:65:6c:f3:
+         5c:e5:84:22:b6:1c:06:6e:fa:b1:fb:07:3e:76:60:58:36:73:
+         3c:97:ab:5a:27:56:d6:f9:ef:43:34:67:af:57:3e:d2:dc:2e:
+         e7:e4:1c:8b:cb:90:11:1a:b9:8e:01:3f:e4:a2:6c:93:b3:90:
+         cd:6c:05:1e:d7:2f:7a:00:de:00:be:e6:35:4c:25:fc:19:96:
+         27:9f:0d:0b:a8:9d:14:d9:89:4b:13:ec:53:e9:f9:31:b7:3f:
+         95:61:7e:b3:bb:32:a3:f1:94:53:49:b4:f5:c8:ee:83:0d:69:
+         5c:89:c3:21:e4:a5:d0:9c:af:30:af:64:e3:78:53:d5:5e:72:
+         2b:d8:d7:7a:45:03:ba:9f:93:c9:fb:8d:cc:94:41:d5:2a:eb:
+         87:ee:9f:c8:bf:ca:d1:6e:92:6b:96:af:20:6e:a5:42:9b:1d:
+         8b:2b:ad:d5
 -----BEGIN CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,12 +77,12 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE
 BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
 BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAkyvw7wuBfoB+RrrkIYXWqqyz
-Ip8OmUhcu2gww5gkFPycY00vnYIDYc/VnYKRWLpFauGqgdToDKgGCqVeVoQKJYFD
-HNvjjbYcFqh5v56sYaI5QRYP5kk8JjSnleYgQS7V6T76jP5uLiXYqAgYkqblmpGy
-QJRk741VerNx+A+vLEBz8nQbwJ7yHJh9N+EEB4y5jb9fGgokrCazXwwxeKCrnYhR
-qrYMfG891tGTgV44MqOVjAS+JNAyi5TV+XHIBPHFhVnC1CAN77zyPUqGBZIUu0KV
-w0Xll+EzdFKTyDgwtbiX4rq7cyo9JdDGCRk79gL5nAtPixADgzZZfbihEmDlZw==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAsI71ptffE/tyWIIeuOg0qhLM
+OU6tt/+3G9SRJRJPr/Twmr/kD/E9u0bpwWGlsULzE3WxYN+6NmL0TeEsI/+S24Hc
+cnF0AGuiKc1v/zzbNWyMv9XUryB4ZWzzXOWEIrYcBm76sfsHPnZgWDZzPJerWidW
+1vnvQzRnr1c+0twu5+Qci8uQERq5jgE/5KJsk7OQzWwFHtcvegDeAL7mNUwl/BmW
+J58NC6idFNmJSxPsU+n5Mbc/lWF+s7syo/GUU0m09cjugw1pXInDIeSl0JyvMK9k
+43hT1V5yK9jXekUDup+TyfuNzJRB1Srrh+6fyL/K0W6Sa5avIG6lQpsdiyut1Q==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -91,8 +91,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:1
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         85:07:b7:5d:63:bb:41:42:b4:d4:b7:26:cc:c8:70:90:38:aa:
-         08:58:77:21:dc:34:06:63:43:47:22:4f:9d:3d:bc:6a:da:9a:
-         b7:0c:7a:1a:bf:76:8b:32:34:b5:42:ad:60:d6:38:6a:91:df:
-         d7:49:e3:a2:1e:53:0b:0e:dc:56:44:dd:bf:7a:c4:72:82:c9:
-         77:76:b4:52:84:2f:1e:5b:a6:58:b1:58:d9:67:9c:43:cf:28:
-         3e:f4:cd:2d:9c:af:bc:e9:ec:82:2c:42:da:40:06:55:a8:1f:
-         f3:e4:dd:8a:a4:ba:9f:45:71:f1:b9:35:a0:fa:77:4b:67:f2:
-         0d:78:7e:bf:db:f7:32:41:a3:0d:e4:38:ce:ec:fb:a4:5e:19:
-         8a:7c:d6:ff:ee:cd:a7:de:d8:6a:e7:b5:30:6c:2b:a1:d9:9c:
-         04:28:ee:5a:d6:83:84:15:f3:39:25:1e:9d:bc:12:09:1e:99:
-         69:ae:0e:9e:92:92:69:2e:12:a3:d4:40:0a:0a:66:5a:0a:ec:
-         e3:7c:2a:55:b5:30:60:a7:fa:ed:26:f4:b3:b8:c7:70:01:ed:
-         ed:dd:cc:1d:d1:43:c1:a2:72:b1:cd:20:89:a7:95:ea:e8:ca:
-         01:17:73:ab:99:67:35:f6:d5:e9:1a:06:c9:15:b2:47:2d:8c:
-         35:5b:57:12
+         52:84:69:eb:36:71:76:74:41:ab:d8:70:ae:18:64:3f:b1:8d:
+         ef:ad:2f:6b:6b:e5:c3:5e:41:ca:6c:30:23:b5:6b:26:c2:18:
+         fa:b4:97:95:9f:50:16:29:94:5e:91:1b:90:22:db:1e:a8:7f:
+         eb:db:b9:38:d8:7d:8d:f9:1b:b2:c4:ab:0e:10:d4:ae:8e:a3:
+         56:c5:e0:ed:f9:37:eb:ce:1f:93:70:32:2a:aa:30:90:38:02:
+         58:e4:e7:e7:bb:80:64:a0:ef:8d:2f:15:2d:8b:d0:d8:b0:72:
+         0c:63:76:ba:cb:c8:1c:79:34:d9:d3:23:15:c2:b2:da:89:1a:
+         c6:24:16:60:2f:8a:80:fd:ac:cf:3d:0d:eb:1b:e1:ca:aa:37:
+         e5:a1:80:8d:14:e1:ca:94:f2:c4:7c:22:4a:54:f6:e4:e5:db:
+         57:13:a3:fb:9a:63:13:2c:6e:4b:33:cc:1e:de:73:7e:00:b9:
+         8f:3d:bf:ff:af:81:83:31:2e:42:b2:c9:df:23:ae:9a:35:cf:
+         3d:f4:98:fd:dc:58:15:01:41:a7:c0:6c:09:cd:88:39:24:71:
+         10:97:f3:e5:0e:ad:59:77:83:00:a0:03:9e:c8:cb:26:18:d1:
+         a1:60:bd:8a:53:a8:4e:08:0e:57:1e:5b:1d:df:a5:bd:04:01:
+         66:dd:30:2d
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluQy1JQ0Ex
 LXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -164,12 +164,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFJQdLgc3xi9Swex5axPOCZBf9MRRMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAIUHt11ju0FCtNS3JszIcJA4qghYdyHcNAZjQ0ciT509
-vGramrcMehq/dosyNLVCrWDWOGqR39dJ46IeUwsO3FZE3b96xHKCyXd2tFKELx5b
-plixWNlnnEPPKD70zS2cr7zp7IIsQtpABlWoH/Pk3Yqkup9FcfG5NaD6d0tn8g14
-fr/b9zJBow3kOM7s+6ReGYp81v/uzafe2GrntTBsK6HZnAQo7lrWg4QV8zklHp28
-EgkemWmuDp6SkmkuEqPUQAoKZloK7ON8KlW1MGCn+u0m9LO4x3AB7e3dzB3RQ8Gi
-crHNIImnleroygEXc6uZZzX21ekaBskVskctjDVbVxI=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAFKEaes2cXZ0QavYcK4YZD+xje+tL2tr5cNeQcpsMCO1
+aybCGPq0l5WfUBYplF6RG5Ai2x6of+vbuTjYfY35G7LEqw4Q1K6Oo1bF4O35N+vO
+H5NwMiqqMJA4Aljk5+e7gGSg740vFS2L0NiwcgxjdrrLyBx5NNnTIxXCstqJGsYk
+FmAvioD9rM89Desb4cqqN+WhgI0U4cqU8sR8IkpU9uTl21cTo/uaYxMsbkszzB7e
+c34AuY89v/+vgYMxLkKyyd8jrpo1zz30mP3cWBUBQafAbAnNiDkkcRCX8+UOrVl3
+gwCgA57IyyYY0aFgvYpTqE4IDlceWx3fpb0EAWbdMC0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
index ab1092be..f361a897 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainC-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainC-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         93:2b:f0:ef:0b:81:7e:80:7e:46:ba:e4:21:85:d6:aa:ac:b3:
-         22:9f:0e:99:48:5c:bb:68:30:c3:98:24:14:fc:9c:63:4d:2f:
-         9d:82:03:61:cf:d5:9d:82:91:58:ba:45:6a:e1:aa:81:d4:e8:
-         0c:a8:06:0a:a5:5e:56:84:0a:25:81:43:1c:db:e3:8d:b6:1c:
-         16:a8:79:bf:9e:ac:61:a2:39:41:16:0f:e6:49:3c:26:34:a7:
-         95:e6:20:41:2e:d5:e9:3e:fa:8c:fe:6e:2e:25:d8:a8:08:18:
-         92:a6:e5:9a:91:b2:40:94:64:ef:8d:55:7a:b3:71:f8:0f:af:
-         2c:40:73:f2:74:1b:c0:9e:f2:1c:98:7d:37:e1:04:07:8c:b9:
-         8d:bf:5f:1a:0a:24:ac:26:b3:5f:0c:31:78:a0:ab:9d:88:51:
-         aa:b6:0c:7c:6f:3d:d6:d1:93:81:5e:38:32:a3:95:8c:04:be:
-         24:d0:32:8b:94:d5:f9:71:c8:04:f1:c5:85:59:c2:d4:20:0d:
-         ef:bc:f2:3d:4a:86:05:92:14:bb:42:95:c3:45:e5:97:e1:33:
-         74:52:93:c8:38:30:b5:b8:97:e2:ba:bb:73:2a:3d:25:d0:c6:
-         09:19:3b:f6:02:f9:9c:0b:4f:8b:10:03:83:36:59:7d:b8:a1:
-         12:60:e5:67
+         b0:8e:f5:a6:d7:df:13:fb:72:58:82:1e:b8:e8:34:aa:12:cc:
+         39:4e:ad:b7:ff:b7:1b:d4:91:25:12:4f:af:f4:f0:9a:bf:e4:
+         0f:f1:3d:bb:46:e9:c1:61:a5:b1:42:f3:13:75:b1:60:df:ba:
+         36:62:f4:4d:e1:2c:23:ff:92:db:81:dc:72:71:74:00:6b:a2:
+         29:cd:6f:ff:3c:db:35:6c:8c:bf:d5:d4:af:20:78:65:6c:f3:
+         5c:e5:84:22:b6:1c:06:6e:fa:b1:fb:07:3e:76:60:58:36:73:
+         3c:97:ab:5a:27:56:d6:f9:ef:43:34:67:af:57:3e:d2:dc:2e:
+         e7:e4:1c:8b:cb:90:11:1a:b9:8e:01:3f:e4:a2:6c:93:b3:90:
+         cd:6c:05:1e:d7:2f:7a:00:de:00:be:e6:35:4c:25:fc:19:96:
+         27:9f:0d:0b:a8:9d:14:d9:89:4b:13:ec:53:e9:f9:31:b7:3f:
+         95:61:7e:b3:bb:32:a3:f1:94:53:49:b4:f5:c8:ee:83:0d:69:
+         5c:89:c3:21:e4:a5:d0:9c:af:30:af:64:e3:78:53:d5:5e:72:
+         2b:d8:d7:7a:45:03:ba:9f:93:c9:fb:8d:cc:94:41:d5:2a:eb:
+         87:ee:9f:c8:bf:ca:d1:6e:92:6b:96:af:20:6e:a5:42:9b:1d:
+         8b:2b:ad:d5
 -----BEGIN CERTIFICATE-----
 MIIEqjCCA5KgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluQy1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkMtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,10 +77,10 @@ VR0jBIG5MIG2gBSUHS4HN8YvUsHseWsTzgmQX/TEUaGBmqSBlzCBlDELMAkGA1UE
 BhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNV
 BAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CAWQw
-CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAkyvw7wuBfoB+RrrkIYXWqqyz
-Ip8OmUhcu2gww5gkFPycY00vnYIDYc/VnYKRWLpFauGqgdToDKgGCqVeVoQKJYFD
-HNvjjbYcFqh5v56sYaI5QRYP5kk8JjSnleYgQS7V6T76jP5uLiXYqAgYkqblmpGy
-QJRk741VerNx+A+vLEBz8nQbwJ7yHJh9N+EEB4y5jb9fGgokrCazXwwxeKCrnYhR
-qrYMfG891tGTgV44MqOVjAS+JNAyi5TV+XHIBPHFhVnC1CAN77zyPUqGBZIUu0KV
-w0Xll+EzdFKTyDgwtbiX4rq7cyo9JdDGCRk79gL5nAtPixADgzZZfbihEmDlZw==
+CQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAsI71ptffE/tyWIIeuOg0qhLM
+OU6tt/+3G9SRJRJPr/Twmr/kD/E9u0bpwWGlsULzE3WxYN+6NmL0TeEsI/+S24Hc
+cnF0AGuiKc1v/zzbNWyMv9XUryB4ZWzzXOWEIrYcBm76sfsHPnZgWDZzPJerWidW
+1vnvQzRnr1c+0twu5+Qci8uQERq5jgE/5KJsk7OQzWwFHtcvegDeAL7mNUwl/BmW
+J58NC6idFNmJSxPsU+n5Mbc/lWF+s7syo/GUU0m09cjugw1pXInDIeSl0JyvMK9k
+43hT1V5yK9jXekUDup+TyfuNzJRB1Srrh+6fyL/K0W6Sa5avIG6lQpsdiyut1Q==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
index 05f2115f..a9d4c15b 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-ICA1-pathlen127.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:127
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         14:5a:3c:65:84:c3:96:6c:0a:15:61:18:89:b8:b5:0b:66:41:
-         17:bd:d9:09:03:d5:7f:fc:3c:8a:1b:2e:64:60:8d:8a:a3:47:
-         55:c7:63:d1:e4:ab:15:76:d6:d3:82:84:d6:19:05:08:f5:c7:
-         f2:ad:d3:de:32:03:f7:bc:b6:43:5a:e7:fd:9e:7b:b5:9d:c9:
-         ba:0a:5a:7f:08:cf:15:f5:a1:50:89:29:fb:49:b2:78:60:30:
-         28:36:2c:81:b2:0a:e0:ec:a7:d9:9f:fe:f7:38:2f:b6:6f:5a:
-         bb:29:b2:a5:cc:23:09:5c:f8:00:05:3a:53:3f:37:41:5d:7c:
-         dd:fc:69:00:3a:91:e5:c4:42:b0:0a:db:90:2a:cd:f6:99:2e:
-         ae:04:b7:6d:df:e8:71:9b:7f:5b:6f:78:4d:9b:78:83:01:40:
-         e1:fc:fa:e3:f0:fe:5a:f3:ae:a9:30:9e:da:ba:9e:6e:aa:e0:
-         a5:98:d1:f0:24:96:c7:37:c4:3e:5d:1b:b1:ff:5d:a1:8f:7f:
-         d7:78:c7:0d:c6:ce:20:e3:73:15:b0:23:24:12:e0:d7:f0:b3:
-         f8:b2:c0:c7:e9:53:0e:d7:b3:a6:a2:54:06:76:c0:09:31:17:
-         73:42:07:e8:25:fd:6d:11:1d:1f:4d:2a:1f:06:52:68:5f:e6:
-         66:c2:6a:cf
+         ae:70:5a:14:f9:fb:c6:c5:5e:19:92:18:5e:fc:6d:7a:9c:90:
+         34:2f:d4:7e:42:cf:88:80:3c:65:96:f7:4e:b7:26:c5:aa:6c:
+         6c:a0:31:51:7b:ad:92:42:9c:16:7e:5c:1a:f7:0b:d1:8a:b6:
+         41:fa:d1:a1:fc:86:6f:32:15:88:a8:b2:69:a6:38:2a:16:57:
+         55:d8:be:8f:6e:fa:4b:e6:a1:2b:db:4d:64:0c:08:76:31:37:
+         ec:c4:6d:2b:3a:62:a2:2e:9a:0d:29:57:95:3a:76:e4:b2:63:
+         90:07:72:04:f4:59:6e:be:94:00:13:0d:13:99:f8:97:df:16:
+         b5:70:32:d8:9f:84:07:3d:9d:be:87:50:33:3e:4e:ae:51:f1:
+         12:33:96:c4:d5:d1:df:cd:bf:eb:f5:20:a3:4c:36:9e:bd:d3:
+         5e:7f:56:05:e9:24:65:77:59:65:c0:53:c4:59:5f:3e:b3:37:
+         41:89:f4:f4:4a:ff:6c:97:f6:f1:49:09:9c:a2:a9:cf:17:27:
+         31:2e:db:04:52:f9:18:a5:67:6c:d2:0d:12:2a:ff:33:26:83:
+         20:1e:0e:81:e8:a4:b6:93:f9:d0:a3:b6:48:a1:5a:3e:b7:f0:
+         cd:b7:fe:66:6e:07:99:b0:6e:e6:a6:2b:93:7b:de:bc:41:5e:
+         0d:d3:22:65
 -----BEGIN CERTIFICATE-----
 MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex
 LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAFFo8ZYTDlmwKFWEYibi1C2ZBF73ZCQPVf/w8ihsu
-ZGCNiqNHVcdj0eSrFXbW04KE1hkFCPXH8q3T3jID97y2Q1rn/Z57tZ3JugpafwjP
-FfWhUIkp+0myeGAwKDYsgbIK4Oyn2Z/+9zgvtm9auymypcwjCVz4AAU6Uz83QV18
-3fxpADqR5cRCsArbkCrN9pkurgS3bd/ocZt/W294TZt4gwFA4fz64/D+WvOuqTCe
-2rqebqrgpZjR8CSWxzfEPl0bsf9doY9/13jHDcbOIONzFbAjJBLg1/Cz+LLAx+lT
-DtezpqJUBnbACTEXc0IH6CX9bREdH00qHwZSaF/mZsJqzw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEArnBaFPn7xsVeGZIYXvxtepyQNC/UfkLPiIA8ZZb3
+TrcmxapsbKAxUXutkkKcFn5cGvcL0Yq2QfrRofyGbzIViKiyaaY4KhZXVdi+j276
+S+ahK9tNZAwIdjE37MRtKzpioi6aDSlXlTp25LJjkAdyBPRZbr6UABMNE5n4l98W
+tXAy2J+EBz2dvodQMz5OrlHxEjOWxNXR382/6/Ugo0w2nr3TXn9WBekkZXdZZcBT
+xFlfPrM3QYn09Er/bJf28UkJnKKpzxcnMS7bBFL5GKVnbNINEir/MyaDIB4Ogeik
+tpP50KO2SKFaPrfwzbf+Zm4HmbBu5qYrk3vevEFeDdMiZQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
index 58ac4685..df69897f 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         07:a9:44:44:fc:dc:51:bc:be:74:cf:5a:7e:ee:42:62:ab:9d:
-         46:7f:5a:fe:01:f5:2e:3b:ba:60:91:84:96:61:ee:73:33:57:
-         f3:bc:26:0c:87:66:e5:f0:c2:ea:27:bc:17:d2:2e:16:70:6a:
-         6c:24:e2:a9:8e:75:12:58:0f:a0:1c:98:18:6a:71:42:4b:d4:
-         57:61:8e:e4:13:45:4b:93:e1:dc:7a:82:df:32:9f:de:7d:e4:
-         79:2f:6f:39:75:ed:f3:b5:5d:ce:e7:d3:3f:b0:8c:43:81:bf:
-         65:d5:52:95:a8:d2:ed:69:21:af:db:10:2d:51:5f:8b:48:0a:
-         70:92:d2:63:7e:a7:ba:7c:2c:b3:1c:93:da:3d:bd:20:fc:47:
-         24:12:43:a6:24:ed:6f:43:3c:a5:8a:50:7e:9c:bd:ec:92:5f:
-         62:f5:e2:d6:70:78:bf:47:70:ff:c6:81:12:e1:2a:4f:3f:e3:
-         2f:ee:9a:63:96:dc:a8:2c:3c:da:de:60:07:66:a5:cf:c7:93:
-         eb:9c:62:28:2e:d4:fa:b6:04:94:a2:7e:06:74:b0:27:c8:55:
-         e6:7d:e3:a3:c8:17:d0:6e:10:3e:b8:7a:8d:7e:a8:a1:0e:a2:
-         de:58:4c:04:4e:d8:9e:43:56:0b:31:2e:9f:62:3e:9d:a8:cb:
-         68:16:f9:69
+         91:9a:e9:78:f5:c5:e1:87:94:b2:37:cb:fd:36:af:25:ad:9d:
+         00:33:93:3c:ea:29:04:75:9f:a0:b8:4a:d8:68:3d:9e:94:6b:
+         ac:6e:51:6b:83:92:48:c1:c8:c8:01:48:d9:ac:e5:85:35:4c:
+         43:c2:66:a3:3b:9c:97:71:ea:89:91:38:48:ab:d5:c5:c5:fb:
+         70:40:db:1e:03:9b:a8:fc:2c:93:d6:d1:fb:42:f2:64:7a:43:
+         09:59:3e:ed:71:9e:9d:62:a8:04:c8:52:5a:fd:d2:24:34:2d:
+         22:72:62:27:ca:fb:88:e2:b7:a9:14:b7:0a:89:9d:2d:4f:ea:
+         03:fc:a1:20:d6:98:73:1d:7a:96:42:47:d3:0c:7e:84:3d:1c:
+         f0:5b:90:6c:d0:2b:88:44:03:cc:a6:79:45:4f:bb:29:6b:73:
+         47:ae:4f:70:b0:b4:b6:d1:c7:ec:8e:db:df:81:d9:67:57:67:
+         82:3c:47:5f:92:1f:f0:58:61:9d:0b:9b:c4:4d:1f:4d:b7:d2:
+         80:e6:f7:48:40:91:87:1c:b9:47:c8:68:24:30:a0:ba:ef:e8:
+         7b:2e:33:85:3d:9c:d4:6b:7e:b1:1f:b7:c0:70:5d:77:49:73:
+         a2:f1:58:62:d6:a4:c9:37:d1:52:a4:d6:c6:9a:6e:a3:0c:f9:
+         16:2a:f0:76
 -----BEGIN CERTIFICATE-----
 MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHqURE/NxRvL50z1p+7kJi
-q51Gf1r+AfUuO7pgkYSWYe5zM1fzvCYMh2bl8MLqJ7wX0i4WcGpsJOKpjnUSWA+g
-HJgYanFCS9RXYY7kE0VLk+HceoLfMp/efeR5L285de3ztV3O59M/sIxDgb9l1VKV
-qNLtaSGv2xAtUV+LSApwktJjfqe6fCyzHJPaPb0g/EckEkOmJO1vQzylilB+nL3s
-kl9i9eLWcHi/R3D/xoES4SpPP+Mv7ppjltyoLDza3mAHZqXPx5PrnGIoLtT6tgSU
-on4GdLAnyFXmfeOjyBfQbhA+uHqNfqihDqLeWEwETtieQ1YLMS6fYj6dqMtoFvlp
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCRmul49cXhh5SyN8v9Nq8l
+rZ0AM5M86ikEdZ+guErYaD2elGusblFrg5JIwcjIAUjZrOWFNUxDwmajO5yXceqJ
+kThIq9XFxftwQNseA5uo/CyT1tH7QvJkekMJWT7tcZ6dYqgEyFJa/dIkNC0icmIn
+yvuI4repFLcKiZ0tT+oD/KEg1phzHXqWQkfTDH6EPRzwW5Bs0CuIRAPMpnlFT7sp
+a3NHrk9wsLS20cfsjtvfgdlnV2eCPEdfkh/wWGGdC5vETR9Nt9KA5vdIQJGHHLlH
+yGgkMKC67+h7LjOFPZzUa36xH7fAcF13SXOi8Vhi1qTJN9FSpNbGmm6jDPkWKvB2
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -91,8 +91,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:127
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         14:5a:3c:65:84:c3:96:6c:0a:15:61:18:89:b8:b5:0b:66:41:
-         17:bd:d9:09:03:d5:7f:fc:3c:8a:1b:2e:64:60:8d:8a:a3:47:
-         55:c7:63:d1:e4:ab:15:76:d6:d3:82:84:d6:19:05:08:f5:c7:
-         f2:ad:d3:de:32:03:f7:bc:b6:43:5a:e7:fd:9e:7b:b5:9d:c9:
-         ba:0a:5a:7f:08:cf:15:f5:a1:50:89:29:fb:49:b2:78:60:30:
-         28:36:2c:81:b2:0a:e0:ec:a7:d9:9f:fe:f7:38:2f:b6:6f:5a:
-         bb:29:b2:a5:cc:23:09:5c:f8:00:05:3a:53:3f:37:41:5d:7c:
-         dd:fc:69:00:3a:91:e5:c4:42:b0:0a:db:90:2a:cd:f6:99:2e:
-         ae:04:b7:6d:df:e8:71:9b:7f:5b:6f:78:4d:9b:78:83:01:40:
-         e1:fc:fa:e3:f0:fe:5a:f3:ae:a9:30:9e:da:ba:9e:6e:aa:e0:
-         a5:98:d1:f0:24:96:c7:37:c4:3e:5d:1b:b1:ff:5d:a1:8f:7f:
-         d7:78:c7:0d:c6:ce:20:e3:73:15:b0:23:24:12:e0:d7:f0:b3:
-         f8:b2:c0:c7:e9:53:0e:d7:b3:a6:a2:54:06:76:c0:09:31:17:
-         73:42:07:e8:25:fd:6d:11:1d:1f:4d:2a:1f:06:52:68:5f:e6:
-         66:c2:6a:cf
+         ae:70:5a:14:f9:fb:c6:c5:5e:19:92:18:5e:fc:6d:7a:9c:90:
+         34:2f:d4:7e:42:cf:88:80:3c:65:96:f7:4e:b7:26:c5:aa:6c:
+         6c:a0:31:51:7b:ad:92:42:9c:16:7e:5c:1a:f7:0b:d1:8a:b6:
+         41:fa:d1:a1:fc:86:6f:32:15:88:a8:b2:69:a6:38:2a:16:57:
+         55:d8:be:8f:6e:fa:4b:e6:a1:2b:db:4d:64:0c:08:76:31:37:
+         ec:c4:6d:2b:3a:62:a2:2e:9a:0d:29:57:95:3a:76:e4:b2:63:
+         90:07:72:04:f4:59:6e:be:94:00:13:0d:13:99:f8:97:df:16:
+         b5:70:32:d8:9f:84:07:3d:9d:be:87:50:33:3e:4e:ae:51:f1:
+         12:33:96:c4:d5:d1:df:cd:bf:eb:f5:20:a3:4c:36:9e:bd:d3:
+         5e:7f:56:05:e9:24:65:77:59:65:c0:53:c4:59:5f:3e:b3:37:
+         41:89:f4:f4:4a:ff:6c:97:f6:f1:49:09:9c:a2:a9:cf:17:27:
+         31:2e:db:04:52:f9:18:a5:67:6c:d2:0d:12:2a:ff:33:26:83:
+         20:1e:0e:81:e8:a4:b6:93:f9:d0:a3:b6:48:a1:5a:3e:b7:f0:
+         cd:b7:fe:66:6e:07:99:b0:6e:e6:a6:2b:93:7b:de:bc:41:5e:
+         0d:d3:22:65
 -----BEGIN CERTIFICATE-----
 MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRC1JQ0Ex
 LXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -164,12 +164,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUZ3j5rRxTQR9GvUmbcy583FwtC/swgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAFFo8ZYTDlmwKFWEYibi1C2ZBF73ZCQPVf/w8ihsu
-ZGCNiqNHVcdj0eSrFXbW04KE1hkFCPXH8q3T3jID97y2Q1rn/Z57tZ3JugpafwjP
-FfWhUIkp+0myeGAwKDYsgbIK4Oyn2Z/+9zgvtm9auymypcwjCVz4AAU6Uz83QV18
-3fxpADqR5cRCsArbkCrN9pkurgS3bd/ocZt/W294TZt4gwFA4fz64/D+WvOuqTCe
-2rqebqrgpZjR8CSWxzfEPl0bsf9doY9/13jHDcbOIONzFbAjJBLg1/Cz+LLAx+lT
-DtezpqJUBnbACTEXc0IH6CX9bREdH00qHwZSaF/mZsJqzw==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgF/MAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEArnBaFPn7xsVeGZIYXvxtepyQNC/UfkLPiIA8ZZb3
+TrcmxapsbKAxUXutkkKcFn5cGvcL0Yq2QfrRofyGbzIViKiyaaY4KhZXVdi+j276
+S+ahK9tNZAwIdjE37MRtKzpioi6aDSlXlTp25LJjkAdyBPRZbr6UABMNE5n4l98W
+tXAy2J+EBz2dvodQMz5OrlHxEjOWxNXR382/6/Ugo0w2nr3TXn9WBekkZXdZZcBT
+xFlfPrM3QYn09Er/bJf28UkJnKKpzxcnMS7bBFL5GKVnbNINEir/MyaDIB4Ogeik
+tpP50KO2SKFaPrfwzbf+Zm4HmbBu5qYrk3vevEFeDdMiZQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
index 783155a9..97f88a7d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainD-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-ICA1-pathlen127, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainD-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         07:a9:44:44:fc:dc:51:bc:be:74:cf:5a:7e:ee:42:62:ab:9d:
-         46:7f:5a:fe:01:f5:2e:3b:ba:60:91:84:96:61:ee:73:33:57:
-         f3:bc:26:0c:87:66:e5:f0:c2:ea:27:bc:17:d2:2e:16:70:6a:
-         6c:24:e2:a9:8e:75:12:58:0f:a0:1c:98:18:6a:71:42:4b:d4:
-         57:61:8e:e4:13:45:4b:93:e1:dc:7a:82:df:32:9f:de:7d:e4:
-         79:2f:6f:39:75:ed:f3:b5:5d:ce:e7:d3:3f:b0:8c:43:81:bf:
-         65:d5:52:95:a8:d2:ed:69:21:af:db:10:2d:51:5f:8b:48:0a:
-         70:92:d2:63:7e:a7:ba:7c:2c:b3:1c:93:da:3d:bd:20:fc:47:
-         24:12:43:a6:24:ed:6f:43:3c:a5:8a:50:7e:9c:bd:ec:92:5f:
-         62:f5:e2:d6:70:78:bf:47:70:ff:c6:81:12:e1:2a:4f:3f:e3:
-         2f:ee:9a:63:96:dc:a8:2c:3c:da:de:60:07:66:a5:cf:c7:93:
-         eb:9c:62:28:2e:d4:fa:b6:04:94:a2:7e:06:74:b0:27:c8:55:
-         e6:7d:e3:a3:c8:17:d0:6e:10:3e:b8:7a:8d:7e:a8:a1:0e:a2:
-         de:58:4c:04:4e:d8:9e:43:56:0b:31:2e:9f:62:3e:9d:a8:cb:
-         68:16:f9:69
+         91:9a:e9:78:f5:c5:e1:87:94:b2:37:cb:fd:36:af:25:ad:9d:
+         00:33:93:3c:ea:29:04:75:9f:a0:b8:4a:d8:68:3d:9e:94:6b:
+         ac:6e:51:6b:83:92:48:c1:c8:c8:01:48:d9:ac:e5:85:35:4c:
+         43:c2:66:a3:3b:9c:97:71:ea:89:91:38:48:ab:d5:c5:c5:fb:
+         70:40:db:1e:03:9b:a8:fc:2c:93:d6:d1:fb:42:f2:64:7a:43:
+         09:59:3e:ed:71:9e:9d:62:a8:04:c8:52:5a:fd:d2:24:34:2d:
+         22:72:62:27:ca:fb:88:e2:b7:a9:14:b7:0a:89:9d:2d:4f:ea:
+         03:fc:a1:20:d6:98:73:1d:7a:96:42:47:d3:0c:7e:84:3d:1c:
+         f0:5b:90:6c:d0:2b:88:44:03:cc:a6:79:45:4f:bb:29:6b:73:
+         47:ae:4f:70:b0:b4:b6:d1:c7:ec:8e:db:df:81:d9:67:57:67:
+         82:3c:47:5f:92:1f:f0:58:61:9d:0b:9b:c4:4d:1f:4d:b7:d2:
+         80:e6:f7:48:40:91:87:1c:b9:47:c8:68:24:30:a0:ba:ef:e8:
+         7b:2e:33:85:3d:9c:d4:6b:7e:b1:1f:b7:c0:70:5d:77:49:73:
+         a2:f1:58:62:d6:a4:c9:37:d1:52:a4:d6:c6:9a:6e:a3:0c:f9:
+         16:2a:f0:76
 -----BEGIN CERTIFICATE-----
 MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRC1JQ0ExLXBhdGhsZW4xMjcxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluRC1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFGd4+a0cU0EfRr1Jm3MufNxcLQv7oYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQAHqURE/NxRvL50z1p+7kJi
-q51Gf1r+AfUuO7pgkYSWYe5zM1fzvCYMh2bl8MLqJ7wX0i4WcGpsJOKpjnUSWA+g
-HJgYanFCS9RXYY7kE0VLk+HceoLfMp/efeR5L285de3ztV3O59M/sIxDgb9l1VKV
-qNLtaSGv2xAtUV+LSApwktJjfqe6fCyzHJPaPb0g/EckEkOmJO1vQzylilB+nL3s
-kl9i9eLWcHi/R3D/xoES4SpPP+Mv7ppjltyoLDza3mAHZqXPx5PrnGIoLtT6tgSU
-on4GdLAnyFXmfeOjyBfQbhA+uHqNfqihDqLeWEwETtieQ1YLMS6fYj6dqMtoFvlp
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQCRmul49cXhh5SyN8v9Nq8l
+rZ0AM5M86ikEdZ+guErYaD2elGusblFrg5JIwcjIAUjZrOWFNUxDwmajO5yXceqJ
+kThIq9XFxftwQNseA5uo/CyT1tH7QvJkekMJWT7tcZ6dYqgEyFJa/dIkNC0icmIn
+yvuI4repFLcKiZ0tT+oD/KEg1phzHXqWQkfTDH6EPRzwW5Bs0CuIRAPMpnlFT7sp
+a3NHrk9wsLS20cfsjtvfgdlnV2eCPEdfkh/wWGGdC5vETR9Nt9KA5vdIQJGHHLlH
+yGgkMKC67+h7LjOFPZzUa36xH7fAcF13SXOi8Vhi1qTJN9FSpNbGmm6jDPkWKvB2
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
index 1bead141..9093f9ef 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-ICA1-pathlen128.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:128
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         95:1a:fa:1a:2b:42:fd:9f:a3:10:f7:06:f5:51:20:3b:bd:e3:
-         fe:04:fb:ac:7c:f9:5a:af:fc:46:f3:74:55:c8:5b:72:c0:2d:
-         f9:e5:64:09:e2:82:e0:5f:19:a4:7e:02:47:7f:1d:6f:12:7c:
-         81:1c:68:3a:34:8b:f7:86:03:71:d1:8f:36:21:25:80:fb:60:
-         49:1b:27:b4:f1:a6:1e:bf:cb:8b:97:96:2a:76:1f:ee:3e:73:
-         13:9b:02:d4:6e:54:57:9b:fb:39:d7:fa:45:37:ba:dd:a8:d0:
-         58:c7:aa:9c:a0:ac:ef:eb:be:ff:5c:f0:10:6c:78:6b:ee:27:
-         db:1e:0e:cf:91:d2:30:79:a9:8c:67:77:08:c0:72:f1:db:67:
-         7a:34:70:c3:17:88:19:f9:be:ef:1c:23:7d:2f:04:b9:bd:83:
-         1b:06:55:a1:c5:40:97:ff:71:50:10:6c:a2:d8:bc:7e:4e:4e:
-         b6:42:74:7e:a6:23:54:1b:c5:01:29:40:8c:d9:8a:1f:b6:2d:
-         7c:8d:da:96:99:2a:05:63:11:ea:09:50:4b:f9:ea:8b:12:dc:
-         a7:0f:78:e1:9c:16:24:83:74:36:ac:45:df:57:f6:21:ea:23:
-         80:88:a1:45:5c:11:d4:5b:87:2a:3d:fe:c0:eb:e4:c4:9b:34:
-         89:22:a7:ec
+         95:df:c8:9f:0d:1a:2a:2b:8a:79:0c:c4:a9:05:4f:fc:a4:04:
+         d3:79:37:84:77:8d:17:db:d7:14:6b:1c:f5:f7:e8:04:6a:02:
+         ce:b3:63:39:f3:6e:9c:9d:0b:96:d1:dc:46:d0:3c:57:a1:19:
+         f9:aa:74:b0:16:15:18:91:c1:e9:9e:d6:52:b1:f0:d5:ac:0e:
+         cb:ca:06:e5:88:b1:4c:ad:af:a4:29:db:ce:ae:ce:d3:30:db:
+         99:f3:2a:77:e7:64:cc:07:2a:f0:e5:a9:27:97:ea:d6:a6:59:
+         a5:0c:42:4f:02:a4:31:42:fc:9b:92:de:8b:52:d3:92:8c:fd:
+         04:c2:d5:7b:80:bb:7a:90:ba:be:33:10:fd:07:d6:53:7f:b9:
+         86:93:9f:1b:4c:66:75:d4:d1:0b:cd:10:76:23:0e:37:a2:d6:
+         c1:5f:91:2b:d0:14:c3:2f:e7:46:e4:e9:6d:2d:f0:05:e5:78:
+         25:3c:7d:1d:1c:23:9a:cb:ba:30:c2:52:98:4e:16:ad:f4:30:
+         22:4a:41:e5:1c:c7:da:b1:79:ed:cd:b2:c3:83:42:a6:26:6e:
+         ee:4f:9f:14:f7:6e:f2:e9:70:07:0b:c9:59:5a:8f:50:10:cf:
+         09:77:a3:e1:96:47:e8:85:86:cd:8a:11:30:a0:72:05:11:50:
+         7e:ee:0b:e6
 -----BEGIN CERTIFICATE-----
 MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex
 LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
-DQYJKoZIhvcNAQELBQADggEBAJUa+horQv2foxD3BvVRIDu94/4E+6x8+Vqv/Ebz
-dFXIW3LALfnlZAniguBfGaR+Akd/HW8SfIEcaDo0i/eGA3HRjzYhJYD7YEkbJ7Tx
-ph6/y4uXlip2H+4+cxObAtRuVFeb+znX+kU3ut2o0FjHqpygrO/rvv9c8BBseGvu
-J9seDs+R0jB5qYxndwjAcvHbZ3o0cMMXiBn5vu8cI30vBLm9gxsGVaHFQJf/cVAQ
-bKLYvH5OTrZCdH6mI1QbxQEpQIzZih+2LXyN2paZKgVjEeoJUEv56osS3KcPeOGc
-FiSDdDasRd9X9iHqI4CIoUVcEdRbhyo9/sDr5MSbNIkip+w=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
+DQYJKoZIhvcNAQELBQADggEBAJXfyJ8NGiorinkMxKkFT/ykBNN5N4R3jRfb1xRr
+HPX36ARqAs6zYznzbpydC5bR3EbQPFehGfmqdLAWFRiRweme1lKx8NWsDsvKBuWI
+sUytr6Qp286uztMw25nzKnfnZMwHKvDlqSeX6tamWaUMQk8CpDFC/JuS3otS05KM
+/QTC1XuAu3qQur4zEP0H1lN/uYaTnxtMZnXU0QvNEHYjDjei1sFfkSvQFMMv50bk
+6W0t8AXleCU8fR0cI5rLujDCUphOFq30MCJKQeUcx9qxee3NssODQqYmbu5PnxT3
+bvLpcAcLyVlaj1AQzwl3o+GWR+iFhs2KETCgcgURUH7uC+Y=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
index a3ccac6e..bc868c38 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         46:b8:f0:73:85:69:12:f3:16:00:76:1b:2e:b1:28:20:ee:13:
-         54:66:28:82:62:b5:a8:ff:d8:7b:ed:6b:8a:9e:cb:28:58:df:
-         db:be:7b:54:ce:22:74:45:ed:02:3d:f8:bf:77:90:1a:1b:cf:
-         b3:5f:37:41:c3:ea:1a:24:b2:00:2e:28:ae:43:dd:c2:cd:d9:
-         51:05:43:04:bb:ea:37:82:b2:e1:23:0a:0c:4f:5b:0f:a7:bd:
-         4f:a1:c9:4f:6a:63:3e:58:81:0f:66:38:0a:c8:50:2f:f2:74:
-         7f:e6:5a:bc:ba:e4:02:6d:e4:8a:43:ab:d3:6c:4b:aa:cf:e8:
-         94:2b:8d:54:22:e1:51:87:fa:59:1d:6d:aa:d8:8a:e4:04:1a:
-         8d:42:2b:f0:12:6e:5f:77:cf:e5:6a:d3:a9:8e:be:72:bc:3a:
-         16:fa:82:81:f4:65:2d:fd:81:c9:96:f7:36:0f:11:1a:13:55:
-         ae:97:d5:67:f3:e4:03:13:db:1a:0e:ea:5e:75:21:7f:f7:c9:
-         96:8d:c8:e9:94:90:79:19:7e:9a:c9:4f:d1:69:4f:8c:3c:88:
-         5d:97:61:f0:12:86:36:2e:b2:5a:c5:8b:79:35:5f:16:b1:d8:
-         9c:cc:ce:ba:b3:a4:92:0e:8f:5b:fb:27:96:fc:19:50:0c:28:
-         45:e0:e8:81
+         65:49:39:85:07:68:20:fe:f9:28:cb:c8:ec:2a:c9:6b:2c:06:
+         da:1b:92:b0:d7:c4:5c:37:7b:a5:48:16:15:77:08:05:0a:55:
+         2f:b7:f7:2b:ef:dd:dc:63:ab:04:f1:24:bf:ef:f4:73:43:1d:
+         5d:2a:1a:69:f5:a9:e8:af:d2:56:77:79:c0:46:07:95:b6:af:
+         b3:cb:2e:6b:6b:ed:99:29:cd:cc:4d:f4:f9:e6:25:1f:5b:e3:
+         a0:82:a9:5b:c3:73:6c:9a:c4:0b:5a:80:8a:16:5d:32:99:5d:
+         c2:85:ab:bb:94:f7:54:62:f4:8e:d5:7f:dd:ff:84:50:de:55:
+         e2:0d:67:52:32:5e:48:e0:36:b3:aa:a5:d6:57:35:cb:7a:2b:
+         d3:4e:42:75:15:56:f2:2f:45:9c:99:c5:4c:e7:2d:45:6e:86:
+         2f:4b:84:bf:49:1d:b2:fb:85:53:0a:99:28:fd:7a:3f:e8:b4:
+         a5:b9:6c:c2:55:cd:f3:82:c0:a3:ef:85:ed:69:28:78:1d:81:
+         0e:19:bd:a8:fb:a6:b7:ff:09:36:54:a6:44:96:cf:15:0c:45:
+         7e:ba:9a:50:4d:14:82:dc:ba:c2:97:08:74:89:a7:ff:ed:52:
+         89:ac:65:65:70:9a:8e:8a:43:86:46:a1:f8:23:96:e2:0a:65:
+         3f:2d:94:35
 -----BEGIN CERTIFICATE-----
 MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,12 +77,12 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGuPBzhWkS8xYAdhsusSgg
-7hNUZiiCYrWo/9h77WuKnssoWN/bvntUziJ0Re0CPfi/d5AaG8+zXzdBw+oaJLIA
-LiiuQ93CzdlRBUMEu+o3grLhIwoMT1sPp71PoclPamM+WIEPZjgKyFAv8nR/5lq8
-uuQCbeSKQ6vTbEuqz+iUK41UIuFRh/pZHW2q2IrkBBqNQivwEm5fd8/latOpjr5y
-vDoW+oKB9GUt/YHJlvc2DxEaE1Wul9Vn8+QDE9saDupedSF/98mWjcjplJB5GX6a
-yU/RaU+MPIhdl2HwEoY2LrJaxYt5NV8WsdiczM66s6SSDo9b+yeW/BlQDChF4OiB
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlSTmFB2gg/vkoy8jsKslr
+LAbaG5Kw18RcN3ulSBYVdwgFClUvt/cr793cY6sE8SS/7/RzQx1dKhpp9anor9JW
+d3nARgeVtq+zyy5ra+2ZKc3MTfT55iUfW+Oggqlbw3NsmsQLWoCKFl0ymV3Chau7
+lPdUYvSO1X/d/4RQ3lXiDWdSMl5I4DazqqXWVzXLeivTTkJ1FVbyL0WcmcVM5y1F
+boYvS4S/SR2y+4VTCpko/Xo/6LSluWzCVc3zgsCj74XtaSh4HYEOGb2o+6a3/wk2
+VKZEls8VDEV+uppQTRSC3LrClwh0iaf/7VKJrGVlcJqOikOGRqH4I5biCmU/LZQ1
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -91,8 +91,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -123,34 +123,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:128
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         95:1a:fa:1a:2b:42:fd:9f:a3:10:f7:06:f5:51:20:3b:bd:e3:
-         fe:04:fb:ac:7c:f9:5a:af:fc:46:f3:74:55:c8:5b:72:c0:2d:
-         f9:e5:64:09:e2:82:e0:5f:19:a4:7e:02:47:7f:1d:6f:12:7c:
-         81:1c:68:3a:34:8b:f7:86:03:71:d1:8f:36:21:25:80:fb:60:
-         49:1b:27:b4:f1:a6:1e:bf:cb:8b:97:96:2a:76:1f:ee:3e:73:
-         13:9b:02:d4:6e:54:57:9b:fb:39:d7:fa:45:37:ba:dd:a8:d0:
-         58:c7:aa:9c:a0:ac:ef:eb:be:ff:5c:f0:10:6c:78:6b:ee:27:
-         db:1e:0e:cf:91:d2:30:79:a9:8c:67:77:08:c0:72:f1:db:67:
-         7a:34:70:c3:17:88:19:f9:be:ef:1c:23:7d:2f:04:b9:bd:83:
-         1b:06:55:a1:c5:40:97:ff:71:50:10:6c:a2:d8:bc:7e:4e:4e:
-         b6:42:74:7e:a6:23:54:1b:c5:01:29:40:8c:d9:8a:1f:b6:2d:
-         7c:8d:da:96:99:2a:05:63:11:ea:09:50:4b:f9:ea:8b:12:dc:
-         a7:0f:78:e1:9c:16:24:83:74:36:ac:45:df:57:f6:21:ea:23:
-         80:88:a1:45:5c:11:d4:5b:87:2a:3d:fe:c0:eb:e4:c4:9b:34:
-         89:22:a7:ec
+         95:df:c8:9f:0d:1a:2a:2b:8a:79:0c:c4:a9:05:4f:fc:a4:04:
+         d3:79:37:84:77:8d:17:db:d7:14:6b:1c:f5:f7:e8:04:6a:02:
+         ce:b3:63:39:f3:6e:9c:9d:0b:96:d1:dc:46:d0:3c:57:a1:19:
+         f9:aa:74:b0:16:15:18:91:c1:e9:9e:d6:52:b1:f0:d5:ac:0e:
+         cb:ca:06:e5:88:b1:4c:ad:af:a4:29:db:ce:ae:ce:d3:30:db:
+         99:f3:2a:77:e7:64:cc:07:2a:f0:e5:a9:27:97:ea:d6:a6:59:
+         a5:0c:42:4f:02:a4:31:42:fc:9b:92:de:8b:52:d3:92:8c:fd:
+         04:c2:d5:7b:80:bb:7a:90:ba:be:33:10:fd:07:d6:53:7f:b9:
+         86:93:9f:1b:4c:66:75:d4:d1:0b:cd:10:76:23:0e:37:a2:d6:
+         c1:5f:91:2b:d0:14:c3:2f:e7:46:e4:e9:6d:2d:f0:05:e5:78:
+         25:3c:7d:1d:1c:23:9a:cb:ba:30:c2:52:98:4e:16:ad:f4:30:
+         22:4a:41:e5:1c:c7:da:b1:79:ed:cd:b2:c3:83:42:a6:26:6e:
+         ee:4f:9f:14:f7:6e:f2:e9:70:07:0b:c9:59:5a:8f:50:10:cf:
+         09:77:a3:e1:96:47:e8:85:86:cd:8a:11:30:a0:72:05:11:50:
+         7e:ee:0b:e6
 -----BEGIN CERTIFICATE-----
 MIIEzzCCA7egAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRS1JQ0Ex
 LXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -164,12 +164,12 @@ AAGjggEZMIIBFTAdBgNVHQ4EFgQURHsAfJwcl5+XqmvyXuaBfA6u5iswgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
-DQYJKoZIhvcNAQELBQADggEBAJUa+horQv2foxD3BvVRIDu94/4E+6x8+Vqv/Ebz
-dFXIW3LALfnlZAniguBfGaR+Akd/HW8SfIEcaDo0i/eGA3HRjzYhJYD7YEkbJ7Tx
-ph6/y4uXlip2H+4+cxObAtRuVFeb+znX+kU3ut2o0FjHqpygrO/rvv9c8BBseGvu
-J9seDs+R0jB5qYxndwjAcvHbZ3o0cMMXiBn5vu8cI30vBLm9gxsGVaHFQJf/cVAQ
-bKLYvH5OTrZCdH6mI1QbxQEpQIzZih+2LXyN2paZKgVjEeoJUEv56osS3KcPeOGc
-FiSDdDasRd9X9iHqI4CIoUVcEdRbhyo9/sDr5MSbNIkip+w=
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAQBgNVHRMECTAHAQH/AgIAgDALBgNVHQ8EBAMCAQYw
+DQYJKoZIhvcNAQELBQADggEBAJXfyJ8NGiorinkMxKkFT/ykBNN5N4R3jRfb1xRr
+HPX36ARqAs6zYznzbpydC5bR3EbQPFehGfmqdLAWFRiRweme1lKx8NWsDsvKBuWI
+sUytr6Qp286uztMw25nzKnfnZMwHKvDlqSeX6tamWaUMQk8CpDFC/JuS3otS05KM
+/QTC1XuAu3qQur4zEP0H1lN/uYaTnxtMZnXU0QvNEHYjDjei1sFfkSvQFMMv50bk
+6W0t8AXleCU8fR0cI5rLujDCUphOFq30MCJKQeUcx9qxee3NssODQqYmbu5PnxT3
+bvLpcAcLyVlaj1AQzwl3o+GWR+iFhs2KETCgcgURUH7uC+Y=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
index f7b68d2d..aa46f00a 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainE-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-ICA1-pathlen128, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainE-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         46:b8:f0:73:85:69:12:f3:16:00:76:1b:2e:b1:28:20:ee:13:
-         54:66:28:82:62:b5:a8:ff:d8:7b:ed:6b:8a:9e:cb:28:58:df:
-         db:be:7b:54:ce:22:74:45:ed:02:3d:f8:bf:77:90:1a:1b:cf:
-         b3:5f:37:41:c3:ea:1a:24:b2:00:2e:28:ae:43:dd:c2:cd:d9:
-         51:05:43:04:bb:ea:37:82:b2:e1:23:0a:0c:4f:5b:0f:a7:bd:
-         4f:a1:c9:4f:6a:63:3e:58:81:0f:66:38:0a:c8:50:2f:f2:74:
-         7f:e6:5a:bc:ba:e4:02:6d:e4:8a:43:ab:d3:6c:4b:aa:cf:e8:
-         94:2b:8d:54:22:e1:51:87:fa:59:1d:6d:aa:d8:8a:e4:04:1a:
-         8d:42:2b:f0:12:6e:5f:77:cf:e5:6a:d3:a9:8e:be:72:bc:3a:
-         16:fa:82:81:f4:65:2d:fd:81:c9:96:f7:36:0f:11:1a:13:55:
-         ae:97:d5:67:f3:e4:03:13:db:1a:0e:ea:5e:75:21:7f:f7:c9:
-         96:8d:c8:e9:94:90:79:19:7e:9a:c9:4f:d1:69:4f:8c:3c:88:
-         5d:97:61:f0:12:86:36:2e:b2:5a:c5:8b:79:35:5f:16:b1:d8:
-         9c:cc:ce:ba:b3:a4:92:0e:8f:5b:fb:27:96:fc:19:50:0c:28:
-         45:e0:e8:81
+         65:49:39:85:07:68:20:fe:f9:28:cb:c8:ec:2a:c9:6b:2c:06:
+         da:1b:92:b0:d7:c4:5c:37:7b:a5:48:16:15:77:08:05:0a:55:
+         2f:b7:f7:2b:ef:dd:dc:63:ab:04:f1:24:bf:ef:f4:73:43:1d:
+         5d:2a:1a:69:f5:a9:e8:af:d2:56:77:79:c0:46:07:95:b6:af:
+         b3:cb:2e:6b:6b:ed:99:29:cd:cc:4d:f4:f9:e6:25:1f:5b:e3:
+         a0:82:a9:5b:c3:73:6c:9a:c4:0b:5a:80:8a:16:5d:32:99:5d:
+         c2:85:ab:bb:94:f7:54:62:f4:8e:d5:7f:dd:ff:84:50:de:55:
+         e2:0d:67:52:32:5e:48:e0:36:b3:aa:a5:d6:57:35:cb:7a:2b:
+         d3:4e:42:75:15:56:f2:2f:45:9c:99:c5:4c:e7:2d:45:6e:86:
+         2f:4b:84:bf:49:1d:b2:fb:85:53:0a:99:28:fd:7a:3f:e8:b4:
+         a5:b9:6c:c2:55:cd:f3:82:c0:a3:ef:85:ed:69:28:78:1d:81:
+         0e:19:bd:a8:fb:a6:b7:ff:09:36:54:a6:44:96:cf:15:0c:45:
+         7e:ba:9a:50:4d:14:82:dc:ba:c2:97:08:74:89:a7:ff:ed:52:
+         89:ac:65:65:70:9a:8e:8a:43:86:46:a1:f8:23:96:e2:0a:65:
+         3f:2d:94:35
 -----BEGIN CERTIFICATE-----
 MIIErDCCA5SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRS1JQ0ExLXBhdGhsZW4xMjgxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluRS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -77,10 +77,10 @@ BgNVHSMEgbkwgbaAFER7AHycHJefl6pr8l7mgXwOruYroYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIB
-ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBGuPBzhWkS8xYAdhsusSgg
-7hNUZiiCYrWo/9h77WuKnssoWN/bvntUziJ0Re0CPfi/d5AaG8+zXzdBw+oaJLIA
-LiiuQ93CzdlRBUMEu+o3grLhIwoMT1sPp71PoclPamM+WIEPZjgKyFAv8nR/5lq8
-uuQCbeSKQ6vTbEuqz+iUK41UIuFRh/pZHW2q2IrkBBqNQivwEm5fd8/latOpjr5y
-vDoW+oKB9GUt/YHJlvc2DxEaE1Wul9Vn8+QDE9saDupedSF/98mWjcjplJB5GX6a
-yU/RaU+MPIhdl2HwEoY2LrJaxYt5NV8WsdiczM66s6SSDo9b+yeW/BlQDChF4OiB
+ZDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlSTmFB2gg/vkoy8jsKslr
+LAbaG5Kw18RcN3ulSBYVdwgFClUvt/cr793cY6sE8SS/7/RzQx1dKhpp9anor9JW
+d3nARgeVtq+zyy5ra+2ZKc3MTfT55iUfW+Oggqlbw3NsmsQLWoCKFl0ymV3Chau7
+lPdUYvSO1X/d/4RQ3lXiDWdSMl5I4DazqqXWVzXLeivTTkJ1FVbyL0WcmcVM5y1F
+boYvS4S/SR2y+4VTCpko/Xo/6LSluWzCVc3zgsCj74XtaSh4HYEOGb2o+6a3/wk2
+VKZEls8VDEV+uppQTRSC3LrClwh0iaf/7VKJrGVlcJqOikOGRqH4I5biCmU/LZQ1
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
index 930446b9..e2a14fe4 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA1-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         45:0e:29:8c:cb:ba:ea:b6:f9:ef:95:7b:e2:4d:e2:da:8a:4f:
-         fe:3a:49:0b:6f:0a:db:64:31:8d:f7:0e:bb:31:16:30:29:d2:
-         3e:41:2f:c1:df:28:60:af:0f:2e:18:c4:b6:b0:3b:dd:d9:c5:
-         bf:43:4b:71:e4:9e:97:26:01:ec:12:5e:75:fe:64:10:ac:76:
-         19:da:be:15:7d:cb:cd:18:da:1f:86:c2:f4:1e:aa:ae:ef:98:
-         f1:7e:dc:95:51:f2:a8:b1:41:dc:b3:08:22:1f:96:21:5b:40:
-         a8:01:d7:80:e9:fd:51:c0:51:0a:b2:15:7d:a0:64:8f:ee:4e:
-         bf:13:a9:3d:aa:22:05:2a:e8:11:ee:db:0d:72:98:e2:07:2c:
-         06:be:88:7c:3a:49:c7:18:1a:ae:c1:4f:c4:b9:c8:37:d9:20:
-         f8:df:cf:b9:7f:68:44:35:36:70:44:05:87:29:99:37:55:b0:
-         f1:de:3b:e1:e9:d8:ef:79:79:43:41:c6:5b:58:51:78:6c:13:
-         0c:bb:f6:31:4a:b4:c4:23:c1:67:99:a7:9e:8c:0c:fa:4b:ad:
-         7b:f0:12:3c:3e:ac:fa:ee:7a:f6:4a:a2:da:ac:50:50:46:bb:
-         37:03:94:c3:dd:01:4a:ac:05:6b:9c:03:cf:b2:43:be:52:25:
-         1b:af:d7:f9
+         b3:d8:4b:f8:59:d5:7a:95:55:af:eb:07:0c:ac:db:b5:cc:b8:
+         aa:0d:81:1b:31:d4:0f:8a:ef:da:28:0e:52:f1:8b:25:54:47:
+         11:d8:62:a2:5b:5e:d5:fb:6d:b5:57:b4:a3:b6:d2:e0:e1:50:
+         8b:e1:7e:cd:3b:48:54:4b:55:48:18:12:fe:55:3b:1e:e2:b8:
+         34:b2:77:f7:21:05:9f:32:43:34:db:e4:d4:e3:d2:74:98:3e:
+         1f:39:97:ef:e3:89:d9:e2:c0:77:f9:d4:74:a5:13:c0:ce:9e:
+         3e:42:bc:0d:44:73:c5:76:47:81:dc:40:f4:06:bf:29:66:51:
+         7b:41:c5:35:73:fe:5c:7a:9c:bf:4c:19:c5:2b:7b:02:1f:45:
+         66:0c:64:01:29:77:a8:a2:ef:ba:61:19:27:a1:56:41:a6:73:
+         5d:9f:39:86:38:e9:0a:31:23:55:f1:02:54:ce:96:18:32:ae:
+         22:03:1d:fb:cb:90:45:54:8f:d2:29:17:9d:44:65:68:8c:d2:
+         25:df:a8:c2:29:1e:66:2c:c4:57:a1:ab:93:c7:34:a2:e3:94:
+         bd:dc:8f:51:d2:08:a6:3c:63:c9:c1:ee:90:de:39:92:fc:5e:
+         85:d4:f9:f0:b8:6e:09:30:0c:25:ce:c8:86:c1:75:5d:e8:e8:
+         90:90:ad:0d
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAEUOKYzLuuq2+e+Ve+JN4tqKT/46SQtvCttkMY33DrsxFjAp0j5B
-L8HfKGCvDy4YxLawO93Zxb9DS3HknpcmAewSXnX+ZBCsdhnavhV9y80Y2h+GwvQe
-qq7vmPF+3JVR8qixQdyzCCIfliFbQKgB14Dp/VHAUQqyFX2gZI/uTr8TqT2qIgUq
-6BHu2w1ymOIHLAa+iHw6SccYGq7BT8S5yDfZIPjfz7l/aEQ1NnBEBYcpmTdVsPHe
-O+Hp2O95eUNBxltYUXhsEwy79jFKtMQjwWeZp56MDPpLrXvwEjw+rPruevZKotqs
-UFBGuzcDlMPdAUqsBWucA8+yQ75SJRuv1/k=
+AQELBQADggEBALPYS/hZ1XqVVa/rBwys27XMuKoNgRsx1A+K79ooDlLxiyVURxHY
+YqJbXtX7bbVXtKO20uDhUIvhfs07SFRLVUgYEv5VOx7iuDSyd/chBZ8yQzTb5NTj
+0nSYPh85l+/jidniwHf51HSlE8DOnj5CvA1Ec8V2R4HcQPQGvylmUXtBxTVz/lx6
+nL9MGcUrewIfRWYMZAEpd6ii77phGSehVkGmc12fOYY46QoxI1XxAlTOlhgyriID
+HfvLkEVUj9IpF51EZWiM0iXfqMIpHmYsxFehq5PHNKLjlL3cj1HSCKY8Y8nB7pDe
+OZL8XoXU+fC4bgkwDCXOyIbBdV3o6JCQrQ0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
index 350df301..09e2a423 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-ICA2-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:0
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0d:51:ba:f9:87:88:e3:72:cd:79:15:4e:21:bb:c7:cd:6a:fd:
-         f3:1c:be:00:22:69:72:27:15:2a:43:ee:7b:3e:db:80:6b:61:
-         de:65:74:30:07:73:fd:82:ea:b8:b8:d1:66:08:ed:c6:87:0f:
-         46:14:a9:57:dc:26:7b:cb:da:9b:bb:a2:0d:30:d8:94:ca:b8:
-         ae:9d:2b:e6:14:dc:63:9f:fb:6c:be:69:d9:2e:84:a0:05:1c:
-         b8:55:60:25:34:fb:ac:1e:3b:f5:55:14:8f:dc:65:79:51:b6:
-         8f:61:08:6c:90:bf:39:a2:51:b2:43:27:db:8b:4e:9a:7b:a1:
-         31:16:70:32:b9:c5:02:fe:8a:de:4c:76:5b:f9:50:0a:05:e2:
-         02:b6:dd:3a:2c:6d:d3:f9:81:1b:0e:7d:e4:41:6a:b3:81:80:
-         9c:f0:1e:f0:e3:d9:30:11:c8:23:79:b0:d7:c1:05:be:36:90:
-         08:78:c9:08:cd:63:b0:ec:df:4b:81:50:ab:42:c8:ee:86:d6:
-         be:5b:ec:30:a6:60:d1:8d:0a:a5:d0:23:54:e6:c4:05:59:0e:
-         74:2f:1e:d5:3c:8f:da:8f:d2:00:20:12:b5:cf:f9:d9:11:18:
-         64:5d:6a:6e:37:48:58:cd:d7:48:f9:5d:6f:bb:33:d9:6f:fd:
-         10:1a:18:31
+         9b:28:44:f3:e9:c3:e9:38:03:1a:19:ac:80:f8:ef:e8:a6:3e:
+         83:80:71:30:48:6c:8e:28:10:f8:84:d3:12:0b:35:fc:f3:51:
+         87:9b:ef:48:9a:fd:5b:ca:b2:4e:61:94:ae:5b:a7:a7:36:2e:
+         e2:da:83:19:82:e4:cb:70:5d:c5:1a:de:4c:b6:be:c6:6e:d9:
+         f8:6c:6e:64:b4:96:7f:18:ba:b5:54:f1:8a:6f:75:27:e3:51:
+         98:50:f7:92:ff:a3:e8:65:ae:62:ab:7f:94:7c:e3:f9:3a:f5:
+         6d:9a:d7:98:6a:3b:5a:b3:1f:73:92:ad:f2:6b:7e:e5:10:ee:
+         3d:5a:73:28:18:0f:5c:e0:99:6f:1e:5f:61:da:e1:a4:d4:a1:
+         e7:69:b1:e0:9b:ba:e9:1b:6d:60:e2:b5:c6:9e:19:9f:21:d4:
+         d6:2f:da:56:15:d8:4f:b5:82:b2:62:83:a0:cd:70:05:2c:21:
+         61:6d:92:9a:91:fa:16:4e:0c:e1:4a:72:6f:ad:41:d1:d4:ed:
+         45:4d:07:8c:cf:79:9e:e5:95:3b:d6:27:cc:7d:f5:44:1d:6f:
+         90:4b:ef:0d:f5:7f:4a:3e:87:82:ad:db:01:40:42:85:4a:b0:
+         85:9b:cd:6b:0b:c3:a2:5e:48:c9:21:47:9d:f1:b0:2d:bc:5e:
+         d1:5f:a2:f5
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey
 LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAA1RuvmHiONyzXkVTiG7x81q/fMcvgAiaXInFSpD7ns+
-24BrYd5ldDAHc/2C6ri40WYI7caHD0YUqVfcJnvL2pu7og0w2JTKuK6dK+YU3GOf
-+2y+adkuhKAFHLhVYCU0+6weO/VVFI/cZXlRto9hCGyQvzmiUbJDJ9uLTpp7oTEW
-cDK5xQL+it5Mdlv5UAoF4gK23TosbdP5gRsOfeRBarOBgJzwHvDj2TARyCN5sNfB
-Bb42kAh4yQjNY7Ds30uBUKtCyO6G1r5b7DCmYNGNCqXQI1TmxAVZDnQvHtU8j9qP
-0gAgErXP+dkRGGRdam43SFjN10j5XW+7M9lv/RAaGDE=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAJsoRPPpw+k4AxoZrID47+imPoOAcTBIbI4oEPiE0xIL
+NfzzUYeb70ia/VvKsk5hlK5bp6c2LuLagxmC5MtwXcUa3ky2vsZu2fhsbmS0ln8Y
+urVU8YpvdSfjUZhQ95L/o+hlrmKrf5R84/k69W2a15hqO1qzH3OSrfJrfuUQ7j1a
+cygYD1zgmW8eX2Ha4aTUoedpseCbuukbbWDitcaeGZ8h1NYv2lYV2E+1grJig6DN
+cAUsIWFtkpqR+hZODOFKcm+tQdHU7UVNB4zPeZ7llTvWJ8x99UQdb5BL7w31f0o+
+h4Kt2wFAQoVKsIWbzWsLw6JeSMkhR53xsC28XtFfovU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
index 284ba4d4..aae43d35 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         16:f8:bf:80:31:00:65:e5:68:87:29:25:68:df:90:8c:7e:92:
-         58:74:92:76:b3:b8:3b:16:ce:a6:8d:c1:98:6a:5c:2f:80:50:
-         35:fc:d9:bf:3d:71:ae:9e:ed:35:65:a9:b5:21:2a:95:14:18:
-         1c:79:d2:a9:2f:30:ec:3d:71:ce:61:9b:80:c3:14:ad:a4:ed:
-         a2:a0:74:79:b8:70:ec:ac:62:b1:8c:f4:9c:cb:1c:02:23:fc:
-         28:51:34:dc:da:ab:3a:bb:de:03:6f:79:3e:44:b2:0c:7e:bc:
-         47:4f:8d:f4:4a:be:17:a1:27:4e:a5:e2:45:bd:5b:e0:4d:1a:
-         6d:f6:fb:c2:5c:6d:01:66:fa:e0:00:49:e2:13:96:ef:9d:30:
-         44:d2:ee:26:a7:d9:48:a6:1e:92:5d:ed:b1:40:8d:88:e5:73:
-         4c:7f:a7:a7:e0:a3:45:29:5f:36:d7:72:9c:b6:25:d2:b8:db:
-         5c:43:1e:ba:65:bf:e7:93:b7:e6:df:c4:a1:ff:b9:03:96:81:
-         9e:ae:8c:88:73:2d:27:8a:e9:32:a2:c5:43:f0:96:e5:83:a0:
-         df:f6:1b:03:40:a5:14:2d:67:1f:43:c3:ee:cd:64:58:0f:9c:
-         4d:21:3d:6e:32:30:ea:0e:c4:8c:0e:67:31:15:45:9d:b2:50:
-         a6:1b:57:c3
+         a3:86:46:c1:10:c2:92:fe:7d:9d:ce:49:ed:8c:bd:65:74:5e:
+         b7:19:53:d8:79:84:ca:f3:f3:e7:30:b7:b9:e1:61:b1:f3:77:
+         95:14:7b:fd:fe:d9:d0:eb:aa:05:30:d2:71:dc:fa:03:ea:08:
+         e2:c9:07:ec:bf:f6:41:1f:d3:39:a4:1b:7b:23:c7:a1:a7:fd:
+         c0:f6:0e:07:94:91:0e:b7:8e:92:40:05:fc:09:2e:c5:ba:46:
+         ce:94:e5:3e:09:04:e9:b7:c3:52:3e:2d:c1:01:11:d8:2f:b6:
+         10:1f:2d:3b:b1:1d:b0:c5:11:92:66:4d:52:2a:4e:d1:29:d3:
+         4f:fd:0d:2e:4a:60:ed:35:8c:02:91:35:77:3d:21:a5:03:3d:
+         d2:bc:4e:68:0e:f6:4d:f7:87:a4:85:e5:51:33:38:b7:1f:4c:
+         07:85:30:13:32:d9:d9:42:4f:ef:5f:a3:26:e0:60:79:c0:8a:
+         7b:00:8b:9f:18:4b:8e:b3:9e:3f:6b:69:70:03:4c:43:21:1a:
+         4d:80:04:48:a2:a0:ae:99:61:a8:84:35:35:99:c7:24:81:d8:
+         55:95:6b:93:dd:eb:e7:04:de:9f:d4:b9:82:4e:bd:a7:c7:c7:
+         80:5f:c4:78:d8:7b:65:4f:58:8e:d0:17:c8:90:1a:1c:8d:54:
+         1c:3d:d5:f4
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABb4v4Ax
-AGXlaIcpJWjfkIx+klh0knazuDsWzqaNwZhqXC+AUDX82b89ca6e7TVlqbUhKpUU
-GBx50qkvMOw9cc5hm4DDFK2k7aKgdHm4cOysYrGM9JzLHAIj/ChRNNzaqzq73gNv
-eT5Esgx+vEdPjfRKvhehJ06l4kW9W+BNGm32+8JcbQFm+uAASeITlu+dMETS7ian
-2UimHpJd7bFAjYjlc0x/p6fgo0UpXzbXcpy2JdK421xDHrplv+eTt+bfxKH/uQOW
-gZ6ujIhzLSeK6TKixUPwluWDoN/2GwNApRQtZx9Dw+7NZFgPnE0hPW4yMOoOxIwO
-ZzEVRZ2yUKYbV8M=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKOGRsEQ
+wpL+fZ3OSe2MvWV0XrcZU9h5hMrz8+cwt7nhYbHzd5UUe/3+2dDrqgUw0nHc+gPq
+COLJB+y/9kEf0zmkG3sjx6Gn/cD2DgeUkQ63jpJABfwJLsW6Rs6U5T4JBOm3w1I+
+LcEBEdgvthAfLTuxHbDFEZJmTVIqTtEp00/9DS5KYO01jAKRNXc9IaUDPdK8TmgO
+9k33h6SF5VEzOLcfTAeFMBMy2dlCT+9foybgYHnAinsAi58YS46znj9raXADTEMh
+Gk2ABEiioK6ZYaiENTWZxySB2FWVa5Pd6+cE3p/UuYJOvafHx4BfxHjYe2VPWI7Q
+F8iQGhyNVBw91fQ=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         45:0e:29:8c:cb:ba:ea:b6:f9:ef:95:7b:e2:4d:e2:da:8a:4f:
-         fe:3a:49:0b:6f:0a:db:64:31:8d:f7:0e:bb:31:16:30:29:d2:
-         3e:41:2f:c1:df:28:60:af:0f:2e:18:c4:b6:b0:3b:dd:d9:c5:
-         bf:43:4b:71:e4:9e:97:26:01:ec:12:5e:75:fe:64:10:ac:76:
-         19:da:be:15:7d:cb:cd:18:da:1f:86:c2:f4:1e:aa:ae:ef:98:
-         f1:7e:dc:95:51:f2:a8:b1:41:dc:b3:08:22:1f:96:21:5b:40:
-         a8:01:d7:80:e9:fd:51:c0:51:0a:b2:15:7d:a0:64:8f:ee:4e:
-         bf:13:a9:3d:aa:22:05:2a:e8:11:ee:db:0d:72:98:e2:07:2c:
-         06:be:88:7c:3a:49:c7:18:1a:ae:c1:4f:c4:b9:c8:37:d9:20:
-         f8:df:cf:b9:7f:68:44:35:36:70:44:05:87:29:99:37:55:b0:
-         f1:de:3b:e1:e9:d8:ef:79:79:43:41:c6:5b:58:51:78:6c:13:
-         0c:bb:f6:31:4a:b4:c4:23:c1:67:99:a7:9e:8c:0c:fa:4b:ad:
-         7b:f0:12:3c:3e:ac:fa:ee:7a:f6:4a:a2:da:ac:50:50:46:bb:
-         37:03:94:c3:dd:01:4a:ac:05:6b:9c:03:cf:b2:43:be:52:25:
-         1b:af:d7:f9
+         b3:d8:4b:f8:59:d5:7a:95:55:af:eb:07:0c:ac:db:b5:cc:b8:
+         aa:0d:81:1b:31:d4:0f:8a:ef:da:28:0e:52:f1:8b:25:54:47:
+         11:d8:62:a2:5b:5e:d5:fb:6d:b5:57:b4:a3:b6:d2:e0:e1:50:
+         8b:e1:7e:cd:3b:48:54:4b:55:48:18:12:fe:55:3b:1e:e2:b8:
+         34:b2:77:f7:21:05:9f:32:43:34:db:e4:d4:e3:d2:74:98:3e:
+         1f:39:97:ef:e3:89:d9:e2:c0:77:f9:d4:74:a5:13:c0:ce:9e:
+         3e:42:bc:0d:44:73:c5:76:47:81:dc:40:f4:06:bf:29:66:51:
+         7b:41:c5:35:73:fe:5c:7a:9c:bf:4c:19:c5:2b:7b:02:1f:45:
+         66:0c:64:01:29:77:a8:a2:ef:ba:61:19:27:a1:56:41:a6:73:
+         5d:9f:39:86:38:e9:0a:31:23:55:f1:02:54:ce:96:18:32:ae:
+         22:03:1d:fb:cb:90:45:54:8f:d2:29:17:9d:44:65:68:8c:d2:
+         25:df:a8:c2:29:1e:66:2c:c4:57:a1:ab:93:c7:34:a2:e3:94:
+         bd:dc:8f:51:d2:08:a6:3c:63:c9:c1:ee:90:de:39:92:fc:5e:
+         85:d4:f9:f0:b8:6e:09:30:0c:25:ce:c8:86:c1:75:5d:e8:e8:
+         90:90:ad:0d
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkYtSUNBMS1wYXRobGVuMTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAEUOKYzLuuq2+e+Ve+JN4tqKT/46SQtvCttkMY33DrsxFjAp0j5B
-L8HfKGCvDy4YxLawO93Zxb9DS3HknpcmAewSXnX+ZBCsdhnavhV9y80Y2h+GwvQe
-qq7vmPF+3JVR8qixQdyzCCIfliFbQKgB14Dp/VHAUQqyFX2gZI/uTr8TqT2qIgUq
-6BHu2w1ymOIHLAa+iHw6SccYGq7BT8S5yDfZIPjfz7l/aEQ1NnBEBYcpmTdVsPHe
-O+Hp2O95eUNBxltYUXhsEwy79jFKtMQjwWeZp56MDPpLrXvwEjw+rPruevZKotqs
-UFBGuzcDlMPdAUqsBWucA8+yQ75SJRuv1/k=
+AQELBQADggEBALPYS/hZ1XqVVa/rBwys27XMuKoNgRsx1A+K79ooDlLxiyVURxHY
+YqJbXtX7bbVXtKO20uDhUIvhfs07SFRLVUgYEv5VOx7iuDSyd/chBZ8yQzTb5NTj
+0nSYPh85l+/jidniwHf51HSlE8DOnj5CvA1Ec8V2R4HcQPQGvylmUXtBxTVz/lx6
+nL9MGcUrewIfRWYMZAEpd6ii77phGSehVkGmc12fOYY46QoxI1XxAlTOlhgyriID
+HfvLkEVUj9IpF51EZWiM0iXfqMIpHmYsxFehq5PHNKLjlL3cj1HSCKY8Y8nB7pDe
+OZL8XoXU+fC4bgkwDCXOyIbBdV3o6JCQrQ0=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA2-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -213,34 +213,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:0
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0d:51:ba:f9:87:88:e3:72:cd:79:15:4e:21:bb:c7:cd:6a:fd:
-         f3:1c:be:00:22:69:72:27:15:2a:43:ee:7b:3e:db:80:6b:61:
-         de:65:74:30:07:73:fd:82:ea:b8:b8:d1:66:08:ed:c6:87:0f:
-         46:14:a9:57:dc:26:7b:cb:da:9b:bb:a2:0d:30:d8:94:ca:b8:
-         ae:9d:2b:e6:14:dc:63:9f:fb:6c:be:69:d9:2e:84:a0:05:1c:
-         b8:55:60:25:34:fb:ac:1e:3b:f5:55:14:8f:dc:65:79:51:b6:
-         8f:61:08:6c:90:bf:39:a2:51:b2:43:27:db:8b:4e:9a:7b:a1:
-         31:16:70:32:b9:c5:02:fe:8a:de:4c:76:5b:f9:50:0a:05:e2:
-         02:b6:dd:3a:2c:6d:d3:f9:81:1b:0e:7d:e4:41:6a:b3:81:80:
-         9c:f0:1e:f0:e3:d9:30:11:c8:23:79:b0:d7:c1:05:be:36:90:
-         08:78:c9:08:cd:63:b0:ec:df:4b:81:50:ab:42:c8:ee:86:d6:
-         be:5b:ec:30:a6:60:d1:8d:0a:a5:d0:23:54:e6:c4:05:59:0e:
-         74:2f:1e:d5:3c:8f:da:8f:d2:00:20:12:b5:cf:f9:d9:11:18:
-         64:5d:6a:6e:37:48:58:cd:d7:48:f9:5d:6f:bb:33:d9:6f:fd:
-         10:1a:18:31
+         9b:28:44:f3:e9:c3:e9:38:03:1a:19:ac:80:f8:ef:e8:a6:3e:
+         83:80:71:30:48:6c:8e:28:10:f8:84:d3:12:0b:35:fc:f3:51:
+         87:9b:ef:48:9a:fd:5b:ca:b2:4e:61:94:ae:5b:a7:a7:36:2e:
+         e2:da:83:19:82:e4:cb:70:5d:c5:1a:de:4c:b6:be:c6:6e:d9:
+         f8:6c:6e:64:b4:96:7f:18:ba:b5:54:f1:8a:6f:75:27:e3:51:
+         98:50:f7:92:ff:a3:e8:65:ae:62:ab:7f:94:7c:e3:f9:3a:f5:
+         6d:9a:d7:98:6a:3b:5a:b3:1f:73:92:ad:f2:6b:7e:e5:10:ee:
+         3d:5a:73:28:18:0f:5c:e0:99:6f:1e:5f:61:da:e1:a4:d4:a1:
+         e7:69:b1:e0:9b:ba:e9:1b:6d:60:e2:b5:c6:9e:19:9f:21:d4:
+         d6:2f:da:56:15:d8:4f:b5:82:b2:62:83:a0:cd:70:05:2c:21:
+         61:6d:92:9a:91:fa:16:4e:0c:e1:4a:72:6f:ad:41:d1:d4:ed:
+         45:4d:07:8c:cf:79:9e:e5:95:3b:d6:27:cc:7d:f5:44:1d:6f:
+         90:4b:ef:0d:f5:7f:4a:3e:87:82:ad:db:01:40:42:85:4a:b0:
+         85:9b:cd:6b:0b:c3:a2:5e:48:c9:21:47:9d:f1:b0:2d:bc:5e:
+         d1:5f:a2:f5
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluRi1JQ0Ey
 LXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -254,12 +254,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFEpTSrcweDWRtMvdyCJ0ia+AD39oMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAA1RuvmHiONyzXkVTiG7x81q/fMcvgAiaXInFSpD7ns+
-24BrYd5ldDAHc/2C6ri40WYI7caHD0YUqVfcJnvL2pu7og0w2JTKuK6dK+YU3GOf
-+2y+adkuhKAFHLhVYCU0+6weO/VVFI/cZXlRto9hCGyQvzmiUbJDJ9uLTpp7oTEW
-cDK5xQL+it5Mdlv5UAoF4gK23TosbdP5gRsOfeRBarOBgJzwHvDj2TARyCN5sNfB
-Bb42kAh4yQjNY7Ds30uBUKtCyO6G1r5b7DCmYNGNCqXQI1TmxAVZDnQvHtU8j9qP
-0gAgErXP+dkRGGRdam43SFjN10j5XW+7M9lv/RAaGDE=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAJsoRPPpw+k4AxoZrID47+imPoOAcTBIbI4oEPiE0xIL
+NfzzUYeb70ia/VvKsk5hlK5bp6c2LuLagxmC5MtwXcUa3ky2vsZu2fhsbmS0ln8Y
+urVU8YpvdSfjUZhQ95L/o+hlrmKrf5R84/k69W2a15hqO1qzH3OSrfJrfuUQ7j1a
+cygYD1zgmW8eX2Ha4aTUoedpseCbuukbbWDitcaeGZ8h1NYv2lYV2E+1grJig6DN
+cAUsIWFtkpqR+hZODOFKcm+tQdHU7UVNB4zPeZ7llTvWJ8x99UQdb5BL7w31f0o+
+h4Kt2wFAQoVKsIWbzWsLw6JeSMkhR53xsC28XtFfovU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
index 1aee2546..e63ff252 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainF-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-ICA1-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainF-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         16:f8:bf:80:31:00:65:e5:68:87:29:25:68:df:90:8c:7e:92:
-         58:74:92:76:b3:b8:3b:16:ce:a6:8d:c1:98:6a:5c:2f:80:50:
-         35:fc:d9:bf:3d:71:ae:9e:ed:35:65:a9:b5:21:2a:95:14:18:
-         1c:79:d2:a9:2f:30:ec:3d:71:ce:61:9b:80:c3:14:ad:a4:ed:
-         a2:a0:74:79:b8:70:ec:ac:62:b1:8c:f4:9c:cb:1c:02:23:fc:
-         28:51:34:dc:da:ab:3a:bb:de:03:6f:79:3e:44:b2:0c:7e:bc:
-         47:4f:8d:f4:4a:be:17:a1:27:4e:a5:e2:45:bd:5b:e0:4d:1a:
-         6d:f6:fb:c2:5c:6d:01:66:fa:e0:00:49:e2:13:96:ef:9d:30:
-         44:d2:ee:26:a7:d9:48:a6:1e:92:5d:ed:b1:40:8d:88:e5:73:
-         4c:7f:a7:a7:e0:a3:45:29:5f:36:d7:72:9c:b6:25:d2:b8:db:
-         5c:43:1e:ba:65:bf:e7:93:b7:e6:df:c4:a1:ff:b9:03:96:81:
-         9e:ae:8c:88:73:2d:27:8a:e9:32:a2:c5:43:f0:96:e5:83:a0:
-         df:f6:1b:03:40:a5:14:2d:67:1f:43:c3:ee:cd:64:58:0f:9c:
-         4d:21:3d:6e:32:30:ea:0e:c4:8c:0e:67:31:15:45:9d:b2:50:
-         a6:1b:57:c3
+         a3:86:46:c1:10:c2:92:fe:7d:9d:ce:49:ed:8c:bd:65:74:5e:
+         b7:19:53:d8:79:84:ca:f3:f3:e7:30:b7:b9:e1:61:b1:f3:77:
+         95:14:7b:fd:fe:d9:d0:eb:aa:05:30:d2:71:dc:fa:03:ea:08:
+         e2:c9:07:ec:bf:f6:41:1f:d3:39:a4:1b:7b:23:c7:a1:a7:fd:
+         c0:f6:0e:07:94:91:0e:b7:8e:92:40:05:fc:09:2e:c5:ba:46:
+         ce:94:e5:3e:09:04:e9:b7:c3:52:3e:2d:c1:01:11:d8:2f:b6:
+         10:1f:2d:3b:b1:1d:b0:c5:11:92:66:4d:52:2a:4e:d1:29:d3:
+         4f:fd:0d:2e:4a:60:ed:35:8c:02:91:35:77:3d:21:a5:03:3d:
+         d2:bc:4e:68:0e:f6:4d:f7:87:a4:85:e5:51:33:38:b7:1f:4c:
+         07:85:30:13:32:d9:d9:42:4f:ef:5f:a3:26:e0:60:79:c0:8a:
+         7b:00:8b:9f:18:4b:8e:b3:9e:3f:6b:69:70:03:4c:43:21:1a:
+         4d:80:04:48:a2:a0:ae:99:61:a8:84:35:35:99:c7:24:81:d8:
+         55:95:6b:93:dd:eb:e7:04:de:9f:d4:b9:82:4e:bd:a7:c7:c7:
+         80:5f:c4:78:d8:7b:65:4f:58:8e:d0:17:c8:90:1a:1c:8d:54:
+         1c:3d:d5:f4
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRi1JQ0ExLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkYtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBR1MiEFK2D+RBevGGWGhRmCP/lkg6GBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluRi1JQ0EyLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBABb4v4Ax
-AGXlaIcpJWjfkIx+klh0knazuDsWzqaNwZhqXC+AUDX82b89ca6e7TVlqbUhKpUU
-GBx50qkvMOw9cc5hm4DDFK2k7aKgdHm4cOysYrGM9JzLHAIj/ChRNNzaqzq73gNv
-eT5Esgx+vEdPjfRKvhehJ06l4kW9W+BNGm32+8JcbQFm+uAASeITlu+dMETS7ian
-2UimHpJd7bFAjYjlc0x/p6fgo0UpXzbXcpy2JdK421xDHrplv+eTt+bfxKH/uQOW
-gZ6ujIhzLSeK6TKixUPwluWDoN/2GwNApRQtZx9Dw+7NZFgPnE0hPW4yMOoOxIwO
-ZzEVRZ2yUKYbV8M=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKOGRsEQ
+wpL+fZ3OSe2MvWV0XrcZU9h5hMrz8+cwt7nhYbHzd5UUe/3+2dDrqgUw0nHc+gPq
+COLJB+y/9kEf0zmkG3sjx6Gn/cD2DgeUkQ63jpJABfwJLsW6Rs6U5T4JBOm3w1I+
+LcEBEdgvthAfLTuxHbDFEZJmTVIqTtEp00/9DS5KYO01jAKRNXc9IaUDPdK8TmgO
+9k33h6SF5VEzOLcfTAeFMBMy2dlCT+9foybgYHnAinsAi58YS46znj9raXADTEMh
+Gk2ABEiioK6ZYaiENTWZxySB2FWVa5Pd6+cE3p/UuYJOvafHx4BfxHjYe2VPWI7Q
+F8iQGhyNVBw91fQ=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
index e124afa8..29420ebe 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         a8:e1:75:09:71:57:28:d6:27:3a:92:89:0c:47:57:05:3a:92:
-         81:d3:23:00:92:fd:f3:77:24:60:67:af:86:ba:b2:17:1a:9f:
-         5e:3a:ee:ba:a3:fa:1f:76:69:b9:18:4d:89:97:ac:54:5a:9f:
-         e2:ad:7a:37:d3:e1:35:fa:39:32:7f:d9:14:98:48:16:4d:99:
-         e6:d5:61:0e:31:df:d1:a7:cd:c1:fd:6b:72:59:80:f7:8c:77:
-         ef:45:c9:53:ed:b6:a4:73:06:1e:d3:d6:40:01:c8:c7:3c:48:
-         71:38:ac:66:a8:f6:e2:5f:75:87:a8:93:28:db:ef:3f:e2:c6:
-         2b:0d:ac:63:33:9c:1c:65:8d:9a:b2:3e:c8:2b:0d:3c:96:ef:
-         b3:e2:4d:b8:fe:6d:8b:59:66:02:3f:f9:a8:0b:08:a3:30:a7:
-         9c:81:74:3d:88:cb:3f:f7:93:95:93:9f:38:53:ac:d9:a5:ae:
-         43:46:30:17:25:b1:cb:bf:2d:fe:df:32:17:ec:b0:54:33:c7:
-         1c:31:78:86:8c:fd:16:9e:0c:a4:71:3f:d0:a4:0e:26:90:39:
-         68:34:bf:34:f7:73:fb:7b:64:14:3f:b4:41:95:c2:da:16:dc:
-         20:a4:cc:3e:fa:64:dd:ce:d6:48:11:9d:ab:6b:a7:3e:c6:67:
-         1d:ac:f6:0b
+         6e:12:75:fb:ac:2b:b3:b5:f3:f8:0c:2b:61:c3:22:c0:1f:16:
+         cf:36:8c:b2:fc:be:83:ad:81:3d:e9:4e:76:e3:85:db:34:b4:
+         b1:a6:ed:fe:82:ee:b2:7c:64:14:e4:1f:d6:fb:16:3e:36:d7:
+         a1:f3:99:99:7c:48:96:50:d0:e4:29:43:42:93:7c:8e:24:fc:
+         ba:6b:89:1c:1b:c8:39:d2:62:5e:7f:ac:0c:e8:7d:f4:90:94:
+         a3:dc:5d:d4:25:60:07:6f:97:6c:a1:4f:5a:ec:84:70:46:de:
+         4d:74:a8:5c:48:32:94:6d:69:81:65:c6:c4:ef:3e:31:fc:40:
+         f5:5c:10:29:23:49:a7:ca:27:27:33:ed:3f:65:1a:95:f0:57:
+         5a:32:19:b4:4d:66:c5:19:15:4b:a9:79:c9:fb:cd:02:57:04:
+         c2:33:6d:6c:85:67:14:16:7a:d2:32:a0:66:c4:b9:0d:43:bd:
+         57:52:27:da:af:f1:df:68:27:74:b9:dd:d3:3c:ba:79:d0:46:
+         2c:91:fc:1c:65:a4:3a:ea:82:25:c9:b1:2f:7d:78:85:62:1f:
+         a4:4c:69:fc:a3:95:c3:0a:ce:ed:10:24:ec:f7:17:bf:22:42:
+         44:ac:0d:77:a1:3d:9d:d0:fb:03:1b:b7:79:8a:ba:6e:3c:a4:
+         3e:1c:0a:54
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAqOF1CXFXKNYnOpKJDEdXBTqSgdMjAJL9
-83ckYGevhrqyFxqfXjruuqP6H3ZpuRhNiZesVFqf4q16N9PhNfo5Mn/ZFJhIFk2Z
-5tVhDjHf0afNwf1rclmA94x370XJU+22pHMGHtPWQAHIxzxIcTisZqj24l91h6iT
-KNvvP+LGKw2sYzOcHGWNmrI+yCsNPJbvs+JNuP5ti1lmAj/5qAsIozCnnIF0PYjL
-P/eTlZOfOFOs2aWuQ0YwFyWxy78t/t8yF+ywVDPHHDF4hoz9Fp4MpHE/0KQOJpA5
-aDS/NPdz+3tkFD+0QZXC2hbcIKTMPvpk3c7WSBGdq2unPsZnHaz2Cw==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAbhJ1+6wrs7Xz+AwrYcMiwB8WzzaMsvy+
+g62BPelOduOF2zS0sabt/oLusnxkFOQf1vsWPjbXofOZmXxIllDQ5ClDQpN8jiT8
+umuJHBvIOdJiXn+sDOh99JCUo9xd1CVgB2+XbKFPWuyEcEbeTXSoXEgylG1pgWXG
+xO8+MfxA9VwQKSNJp8onJzPtP2UalfBXWjIZtE1mxRkVS6l5yfvNAlcEwjNtbIVn
+FBZ60jKgZsS5DUO9V1In2q/x32gndLnd0zy6edBGLJH8HGWkOuqCJcmxL314hWIf
+pExp/KOVwwrO7RAk7PcXvyJCRKwNd6E9ndD7Axu3eYq6bjykPhwKVA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
index d7875ac7..f7c7956e 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA2-pathlen1.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         56:b8:f2:49:b8:e6:65:25:db:46:5f:f4:72:40:14:a5:27:39:
-         27:28:9b:f9:cc:5a:02:7f:76:05:e7:18:45:1f:29:c6:cb:ce:
-         77:50:35:74:0c:95:ed:3a:7e:a0:87:8a:7d:8f:6f:2f:3c:5d:
-         03:86:da:c2:2c:b3:2f:6d:7b:af:a4:83:c7:f3:6e:5b:48:c3:
-         d9:4a:e5:af:e1:86:e1:81:68:45:2e:fb:09:19:94:be:91:dd:
-         8f:f4:e7:94:fb:9e:54:4c:a7:c9:10:87:8d:f0:08:14:08:c9:
-         d7:92:44:56:59:03:10:27:2c:fb:7e:24:01:8b:9f:cc:e0:6a:
-         31:5c:67:e3:96:88:f8:86:3f:ec:1e:bd:07:d2:fc:34:1d:ff:
-         8d:72:c1:2d:de:09:7f:e4:c4:dd:98:70:73:ed:84:a6:4f:f8:
-         ec:a5:18:b6:0c:55:e2:a4:aa:0c:37:60:52:3d:76:f5:dd:ab:
-         0a:7c:fd:4d:81:a6:a9:c6:49:14:e7:51:00:f4:6a:d9:dc:15:
-         ef:72:d1:79:c3:65:e2:e1:f5:23:c4:90:ba:4a:e2:01:d9:09:
-         83:e5:34:0f:c3:ea:03:cf:62:b9:bb:18:26:30:54:77:b1:a6:
-         63:99:35:0a:40:2b:df:2a:2c:3a:e0:0c:2c:f6:1b:6a:de:e2:
-         02:31:9d:c0
+         50:65:9b:1d:8b:6a:ae:9b:d4:f1:ff:57:ac:51:48:fd:c8:9e:
+         19:bb:b2:00:bf:54:ee:c8:d4:2f:eb:5b:ff:17:1e:7c:aa:1d:
+         d4:01:9f:e8:cb:c4:8c:e5:ee:99:04:33:e8:16:3a:fc:44:bd:
+         56:a5:45:e7:e9:fb:88:25:11:4b:07:73:5d:37:21:47:47:9d:
+         f8:e0:89:e0:e4:c0:6a:f4:64:25:e7:b7:d9:47:53:ff:d5:6f:
+         f3:e4:8d:b2:33:f6:ce:46:5b:80:82:8f:05:18:f4:bc:90:5a:
+         af:4a:7f:9d:67:08:f7:41:27:05:c5:34:46:03:fc:14:2e:4e:
+         81:f3:ca:3d:67:9e:a9:53:ec:5b:df:38:d4:b5:92:3d:55:94:
+         df:88:be:a1:e7:14:18:a2:9d:22:5d:10:69:f8:54:c3:a9:14:
+         ef:8e:af:e1:8a:f8:cd:6d:7e:26:30:2c:40:bc:50:49:e5:9f:
+         bc:8f:de:30:23:93:c4:25:b3:e6:fb:b5:64:82:57:41:ac:79:
+         1e:58:9e:6c:67:dc:18:ed:c4:60:79:06:b1:ee:9f:4c:2c:a3:
+         9c:61:d7:77:33:b5:64:50:65:88:33:a0:30:57:99:0f:a9:aa:
+         a7:b3:a8:0d:b1:c5:ce:5a:34:a8:31:47:e4:66:62:b2:11:0e:
+         b9:58:4f:06
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
 AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVrjySbjmZSXbRl/0ckAUpSc5Jyib+cxa
-An92BecYRR8pxsvOd1A1dAyV7Tp+oIeKfY9vLzxdA4bawiyzL217r6SDx/NuW0jD
-2Urlr+GG4YFoRS77CRmUvpHdj/TnlPueVEynyRCHjfAIFAjJ15JEVlkDECcs+34k
-AYufzOBqMVxn45aI+IY/7B69B9L8NB3/jXLBLd4Jf+TE3Zhwc+2Epk/47KUYtgxV
-4qSqDDdgUj129d2rCnz9TYGmqcZJFOdRAPRq2dwV73LRecNl4uH1I8SQukriAdkJ
-g+U0D8PqA89iubsYJjBUd7GmY5k1CkAr3yosOuAMLPYbat7iAjGdwA==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAUGWbHYtqrpvU8f9XrFFI/cieGbuyAL9U
+7sjUL+tb/xcefKod1AGf6MvEjOXumQQz6BY6/ES9VqVF5+n7iCURSwdzXTchR0ed
++OCJ4OTAavRkJee32UdT/9Vv8+SNsjP2zkZbgIKPBRj0vJBar0p/nWcI90EnBcU0
+RgP8FC5OgfPKPWeeqVPsW9841LWSPVWU34i+oecUGKKdIl0QafhUw6kU746v4Yr4
+zW1+JjAsQLxQSeWfvI/eMCOTxCWz5vu1ZIJXQax5HliebGfcGO3EYHkGse6fTCyj
+nGHXdzO1ZFBliDOgMFeZD6mqp7OoDbHFzlo0qDFH5GZishEOuVhPBg==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
index 717efde1..cbfb848d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA3-pathlen99.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         7b:72:02:a6:a9:ab:c5:08:f6:39:85:63:df:3a:b6:25:6f:94:
-         72:97:c9:64:e5:a8:c8:e9:e1:09:cd:ae:d2:95:7c:de:fb:8d:
-         64:b4:51:a4:86:af:a9:5d:50:37:e8:41:87:3a:8e:0c:77:6b:
-         35:0f:db:78:0e:92:bf:f9:ca:82:d5:d0:e9:27:71:6b:ac:02:
-         34:86:e2:c2:0b:b2:42:06:91:d3:f6:02:55:23:71:33:57:a9:
-         58:db:0d:1d:fe:d3:9b:ca:c4:c9:b8:6e:6f:32:cb:12:b8:9f:
-         6d:44:2b:fd:22:cf:8f:c0:53:f9:5a:b5:3a:e9:48:37:f3:0d:
-         d8:77:5b:cb:1d:97:5b:a9:3b:b3:b9:b5:5e:c2:c0:d6:8d:66:
-         f0:19:e9:4a:ca:e3:f0:93:f3:82:93:e7:7d:7f:21:51:4e:ef:
-         ce:82:d7:52:91:dd:5f:74:ff:84:fe:0a:d9:c3:3d:9a:62:da:
-         f4:c9:5b:fc:f8:60:db:d3:69:08:7c:09:fd:04:10:7b:48:b8:
-         9b:ed:eb:58:f1:1f:aa:87:a9:bf:60:f8:7a:df:96:b3:77:4b:
-         4d:db:b6:6f:34:b3:8d:4d:e3:a4:cd:01:b4:15:0f:8c:12:06:
-         96:e7:36:46:ac:7f:1f:ca:af:e4:2d:f8:90:ab:ce:6f:b1:b4:
-         9e:2f:5a:2a
+         0b:ad:52:52:31:8c:12:70:07:6c:05:83:b3:84:cf:c2:64:da:
+         43:d2:cc:6c:db:ef:a5:ae:9b:44:96:4e:fe:fd:b9:61:56:59:
+         e2:f2:52:c8:1b:52:2c:36:79:5d:6a:83:a1:c8:03:9a:7a:80:
+         4f:ee:9d:48:87:f4:cb:9b:5e:84:c8:f8:b8:0c:77:e1:cb:40:
+         ac:28:eb:58:07:e4:06:a7:50:e2:44:48:bc:a3:2f:5d:f1:fa:
+         0c:4d:1d:84:0a:57:e5:0c:b9:bb:41:b9:12:17:09:25:9f:99:
+         02:6b:9e:83:fb:07:f8:3f:59:b2:04:62:b7:12:e7:61:8b:48:
+         a7:cc:29:ce:11:f9:7c:64:dd:5c:51:d3:ac:0c:54:4b:22:7e:
+         29:de:98:50:80:f8:1a:65:64:3c:fb:a6:07:bb:e8:b1:a4:e8:
+         f1:7b:07:fd:e2:50:07:67:f5:7a:fa:76:4d:1c:7f:1a:e3:52:
+         ad:13:a6:b5:89:9e:f5:11:68:12:13:dc:59:86:9d:f9:83:18:
+         52:ee:09:24:6a:37:e9:85:95:ac:93:09:23:09:0e:f3:66:a8:
+         85:ee:d1:e4:40:01:f3:c2:c3:1f:48:74:76:2b:7e:4c:9b:a9:
+         a2:2f:c8:7c:74:60:2d:98:e8:63:09:cf:8f:a8:c8:8a:7f:c4:
+         d4:f3:34:ad
 -----BEGIN CERTIFICATE-----
 MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaIxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaIxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD
 DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHtyAqapq8UI9jmFY986tiVvlHKXyWTl
-qMjp4QnNrtKVfN77jWS0UaSGr6ldUDfoQYc6jgx3azUP23gOkr/5yoLV0OkncWus
-AjSG4sILskIGkdP2AlUjcTNXqVjbDR3+05vKxMm4bm8yyxK4n21EK/0iz4/AU/la
-tTrpSDfzDdh3W8sdl1upO7O5tV7CwNaNZvAZ6UrK4/CT84KT531/IVFO786C11KR
-3V90/4T+CtnDPZpi2vTJW/z4YNvTaQh8Cf0EEHtIuJvt61jxH6qHqb9g+HrflrN3
-S03btm80s41N46TNAbQVD4wSBpbnNkasfx/Kr+Qt+JCrzm+xtJ4vWio=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAutUlIxjBJwB2wFg7OEz8Jk2kPSzGzb
+76Wum0SWTv79uWFWWeLyUsgbUiw2eV1qg6HIA5p6gE/unUiH9MubXoTI+LgMd+HL
+QKwo61gH5AanUOJESLyjL13x+gxNHYQKV+UMubtBuRIXCSWfmQJrnoP7B/g/WbIE
+YrcS52GLSKfMKc4R+Xxk3VxR06wMVEsifinemFCA+BplZDz7pge76LGk6PF7B/3i
+UAdn9Xr6dk0cfxrjUq0TprWJnvURaBIT3FmGnfmDGFLuCSRqN+mFlayTCSMJDvNm
+qIXu0eRAAfPCwx9IdHYrfkybqaIvyHx0YC2Y6GMJz4+oyIp/xNTzNK0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
index 2b96e3c1..2b56f422 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA4-pathlen5.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         04:f9:2d:12:27:73:f5:79:fd:73:35:ec:7c:dd:fb:fc:66:07:
-         b6:ce:a6:2a:25:c2:12:6f:c7:9f:15:fa:b4:1f:3c:b9:c3:ea:
-         9c:ee:85:02:d9:f3:66:19:10:e5:7f:57:76:e7:07:77:86:34:
-         44:84:e8:89:a5:98:b8:b6:21:8f:f0:60:95:96:38:ce:be:ab:
-         ee:a6:1d:47:dc:bf:37:c2:ca:d5:54:0c:8b:6f:11:e5:52:b6:
-         52:36:95:d1:ef:e0:18:7f:b2:00:8d:b4:dd:94:69:41:fc:7d:
-         d4:43:55:bd:e8:e3:5f:1a:71:9a:1a:fa:4a:d3:d7:bd:ce:ac:
-         e6:83:6b:47:31:60:90:96:d8:4c:34:0e:ba:25:d7:f2:40:3a:
-         37:bb:27:4c:de:40:9a:20:a5:0e:23:9b:ef:90:7f:1c:23:fd:
-         62:c7:f5:c1:35:de:73:f4:09:e6:e6:a2:15:64:53:93:95:38:
-         06:2b:64:59:7d:56:8c:88:3c:6f:f5:b7:8f:21:9c:a8:a7:46:
-         da:66:5e:5c:e5:6a:4b:81:69:97:e3:5c:ed:7c:01:90:5e:bd:
-         06:47:e7:48:db:e8:13:18:f9:2e:6b:a0:26:61:d7:49:83:b7:
-         9d:b9:98:b7:c0:40:c7:0d:e8:5e:2a:f7:67:85:36:24:0e:68:
-         8d:ca:8e:78
+         a6:f3:32:99:ee:fd:de:b1:46:ad:68:a7:6f:d8:55:91:63:2d:
+         07:ce:91:2f:e3:ff:8f:03:e3:cf:c2:33:76:91:33:5f:13:70:
+         10:e4:e2:3b:70:02:fc:d2:7d:39:d2:1a:1e:82:2d:40:d8:a7:
+         bb:69:19:51:fb:c1:32:41:e5:cf:4f:39:f6:f8:dd:b4:cb:f2:
+         11:3e:dc:8d:c7:a6:90:27:14:4b:28:6f:20:9a:58:92:3a:42:
+         8c:c7:40:36:b5:c0:4a:7e:27:0b:37:a7:71:e4:fd:f4:8d:24:
+         8d:fe:3d:4a:59:4e:7e:86:02:f2:e2:09:95:59:ca:19:b9:23:
+         84:1e:c6:14:d9:c4:05:7a:93:77:b4:4a:f4:91:75:3f:89:43:
+         8b:b1:5f:a5:36:0a:2a:b0:a1:7b:8f:33:01:92:4d:c1:d9:51:
+         98:a3:1b:14:f9:34:8e:7c:db:a5:5c:2c:b2:cd:23:b6:f6:65:
+         25:aa:2c:5c:cc:38:49:b2:77:aa:8f:73:3b:00:1f:33:94:43:
+         fd:c2:34:ba:ee:ac:7d:0d:62:58:72:4d:ea:78:29:b5:b1:29:
+         99:70:8c:00:22:1c:a3:93:ca:cd:c8:02:21:57:2d:19:fd:a7:
+         fb:c7:1c:12:0c:49:04:73:4c:7e:dd:9f:9e:1c:5b:e4:2a:53:
+         b6:cf:7e:c4
 -----BEGIN CERTIFICATE-----
 MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
 AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -80,10 +80,10 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAT5LRInc/V5/XM17Hzd+/xmB7bOpiol
-whJvx58V+rQfPLnD6pzuhQLZ82YZEOV/V3bnB3eGNESE6ImlmLi2IY/wYJWWOM6+
-q+6mHUfcvzfCytVUDItvEeVStlI2ldHv4Bh/sgCNtN2UaUH8fdRDVb3o418acZoa
-+krT173OrOaDa0cxYJCW2Ew0Drol1/JAOje7J0zeQJogpQ4jm++Qfxwj/WLH9cE1
-3nP0CebmohVkU5OVOAYrZFl9VoyIPG/1t48hnKinRtpmXlzlakuBaZfjXO18AZBe
-vQZH50jb6BMY+S5roCZh10mDt525mLfAQMcN6F4q92eFNiQOaI3Kjng=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKbzMpnu/d6xRq1op2/YVZFjLQfOkS/j
+/48D48/CM3aRM18TcBDk4jtwAvzSfTnSGh6CLUDYp7tpGVH7wTJB5c9POfb43bTL
+8hE+3I3HppAnFEsobyCaWJI6QozHQDa1wEp+Jws3p3Hk/fSNJI3+PUpZTn6GAvLi
+CZVZyhm5I4QexhTZxAV6k3e0SvSRdT+JQ4uxX6U2CiqwoXuPMwGSTcHZUZijGxT5
+NI5826VcLLLNI7b2ZSWqLFzMOEmyd6qPczsAHzOUQ/3CNLrurH0NYlhyTep4KbWx
+KZlwjAAiHKOTys3IAiFXLRn9p/vHHBIMSQRzTH7dn54cW+QqU7bPfsQ=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
index 3b7ba449..ff85cabc 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA5-pathlen20.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0f:b1:e3:0e:db:7f:2c:93:25:66:ef:c4:84:a6:65:86:54:58:
-         ff:59:ba:07:80:0f:56:cd:ae:15:39:64:8c:3d:05:c2:dc:3d:
-         e2:9e:e8:b9:ec:55:15:c8:4f:0c:e0:41:65:8a:86:ff:f4:7f:
-         a4:e0:aa:ea:a6:54:0c:3d:a2:82:d9:5c:c1:82:aa:d8:48:32:
-         84:ca:96:a5:21:b5:36:de:97:50:3b:9e:00:78:2a:af:30:09:
-         f4:b7:6b:56:d7:38:a0:1c:b1:8b:d7:db:71:eb:46:b2:e2:c7:
-         42:d2:02:6d:03:dc:9d:83:ba:aa:be:23:62:73:98:16:74:3b:
-         8a:89:00:e8:b0:04:21:31:4c:0f:df:ef:3b:1e:fd:28:c5:07:
-         6b:b3:87:d1:78:4a:4b:97:8f:5b:09:39:b4:09:d5:62:c0:72:
-         31:0b:fa:7d:81:5f:dd:2f:3a:e1:61:d2:c0:b4:54:eb:01:e4:
-         94:90:30:8d:fa:8f:94:04:b2:9f:ca:3a:b1:c1:b9:72:24:f1:
-         0c:f9:09:1e:a0:5b:d9:28:a6:d4:ee:aa:bf:37:ea:ee:4d:85:
-         8a:f8:b0:6c:98:7e:a4:17:0d:01:03:46:7d:82:80:2a:48:17:
-         a9:d6:4b:57:38:f1:53:54:54:00:5a:83:d6:96:b6:fe:c6:dc:
-         65:40:60:c9
+         d9:f9:09:10:86:29:c0:72:a4:93:87:4d:d3:79:ce:fa:f3:8a:
+         79:9a:d0:eb:6d:42:06:00:fc:2c:c3:fa:35:c5:b6:6d:a4:7f:
+         66:29:d2:ad:ed:50:a5:a8:1e:1b:24:db:f3:52:bf:54:b8:3f:
+         67:c2:be:f4:a4:fc:d2:77:74:a4:02:74:0d:fe:c5:e0:42:bd:
+         2b:7c:16:ae:a1:68:6f:e5:80:29:07:f3:5e:e4:0e:96:d2:ee:
+         cd:d2:82:00:22:a7:72:d7:c5:38:71:a0:ac:2a:38:03:c4:c1:
+         23:62:1e:fa:b3:24:32:0f:01:a4:64:a8:ab:79:60:55:77:da:
+         ca:76:00:14:2f:e0:e1:74:f9:72:e2:7d:aa:3d:6b:9f:50:ab:
+         72:31:40:4b:19:9d:b9:9a:12:de:db:15:c3:36:90:9d:48:6f:
+         7a:98:47:7a:65:a2:d5:5b:0c:f3:90:5d:dd:4e:1c:ba:72:b4:
+         ac:be:ca:1b:87:16:7f:f2:b0:33:9b:7a:26:37:eb:1f:cb:4d:
+         bf:c7:f1:01:80:b7:60:c4:ae:71:bb:ab:cc:bd:8a:ba:c4:23:
+         87:15:1e:b9:c7:6d:2d:44:fd:67:25:45:e2:cd:76:4d:87:a1:
+         80:e0:a2:e6:60:23:51:4d:17:b0:82:51:ef:0c:88:75:64:c1:
+         7b:8e:c2:29
 -----BEGIN CERTIFICATE-----
 MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGiMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGiMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE
 AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
 U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl
 cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud
-DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAD7HjDtt/LJMlZu/EhKZlhlRY/1m6
-B4APVs2uFTlkjD0Fwtw94p7ouexVFchPDOBBZYqG//R/pOCq6qZUDD2igtlcwYKq
-2EgyhMqWpSG1Nt6XUDueAHgqrzAJ9LdrVtc4oByxi9fbcetGsuLHQtICbQPcnYO6
-qr4jYnOYFnQ7iokA6LAEITFMD9/vOx79KMUHa7OH0XhKS5ePWwk5tAnVYsByMQv6
-fYFf3S864WHSwLRU6wHklJAwjfqPlASyn8o6scG5ciTxDPkJHqBb2Sim1O6qvzfq
-7k2FiviwbJh+pBcNAQNGfYKAKkgXqdZLVzjxU1RUAFqD1pa2/sbcZUBgyQ==
+DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA2fkJEIYpwHKkk4dN03nO+vOKeZrQ
+621CBgD8LMP6NcW2baR/ZinSre1QpageGyTb81K/VLg/Z8K+9KT80nd0pAJ0Df7F
+4EK9K3wWrqFob+WAKQfzXuQOltLuzdKCACKnctfFOHGgrCo4A8TBI2Ie+rMkMg8B
+pGSoq3lgVXfaynYAFC/g4XT5cuJ9qj1rn1CrcjFASxmduZoS3tsVwzaQnUhvephH
+emWi1VsM85Bd3U4cunK0rL7KG4cWf/KwM5t6JjfrH8tNv8fxAYC3YMSucburzL2K
+usQjhxUeucdtLUT9ZyVF4s12TYehgOCi5mAjUU0XsIJR7wyIdWTBe47CKQ==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
index c3cf8e29..8f35c384 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA6-pathlen10.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         b8:32:b6:b5:8a:90:09:c7:d2:11:7d:f7:8f:14:5d:61:80:cf:
-         e8:ac:65:bf:d7:08:51:3c:60:16:15:9e:e0:ec:7a:9b:87:0c:
-         bc:ad:56:67:de:1b:a5:d4:54:53:da:73:e8:27:8f:02:77:73:
-         12:86:99:22:3a:32:77:50:48:38:2b:c1:9f:46:81:26:10:0a:
-         ee:24:a2:ae:42:dc:81:14:d3:b7:10:2f:11:aa:bb:70:ba:9c:
-         82:29:c8:2c:3e:e0:6b:8e:fb:e4:39:33:fc:ef:2f:d7:70:3a:
-         09:f5:d3:85:af:b3:59:00:b4:c6:2b:c5:1a:6b:3a:a7:4b:bb:
-         74:87:e1:dd:8f:9c:05:47:08:7b:0d:86:b6:35:97:67:a5:ac:
-         8c:d2:fc:dd:e0:0b:ab:8c:15:82:0c:c8:38:f1:37:83:86:b4:
-         0e:24:e8:5b:df:5e:e4:6b:e3:43:dc:b2:d9:c7:52:ca:cb:bd:
-         a2:e0:3d:75:8a:03:4c:5d:a7:2f:7e:ba:64:2f:69:e7:df:a7:
-         09:22:f8:b7:a0:59:94:fd:95:31:ee:d6:5f:5e:f9:84:3c:fe:
-         ba:75:f8:8f:59:80:0c:da:64:21:43:7b:44:4a:fd:ae:f4:43:
-         7d:b9:4a:30:8c:21:c5:11:1c:0b:e9:3c:cd:3e:ea:49:5a:c5:
-         10:ff:00:c1
+         74:9d:3a:da:91:b6:e0:2d:7d:89:b6:6d:16:7d:f0:28:ba:9f:
+         e5:52:a0:21:92:06:77:77:9a:9a:78:47:56:de:39:4d:64:43:
+         1c:e7:06:02:fd:00:42:1d:2d:71:ef:6e:a3:4f:39:1a:e9:fc:
+         8d:9c:94:32:60:a9:56:12:ee:69:7f:59:ef:30:5f:c4:d6:56:
+         26:1a:9a:bb:c4:ec:01:09:0a:e3:14:ab:44:41:08:75:2a:6b:
+         80:69:58:5d:2e:1a:2a:00:26:0c:b0:36:cd:fb:c1:87:7e:b8:
+         58:ce:4d:32:57:e5:62:2e:64:e3:c9:52:67:21:28:40:16:88:
+         b2:37:19:e0:93:c8:4c:ca:f9:2b:1d:2c:d9:91:82:ac:b4:79:
+         d9:90:79:e5:95:76:03:a2:6b:d8:ef:24:66:1d:a3:3b:6f:c6:
+         0c:95:f2:c3:59:37:f9:87:db:e6:a6:e5:f1:6f:70:92:60:e0:
+         6d:cd:b8:14:69:95:26:56:2c:cc:0e:7e:d4:39:dd:6e:44:32:
+         eb:27:15:00:0f:fa:02:60:32:a5:6c:69:f0:cd:31:c6:b8:ff:
+         1c:59:2f:0f:4d:28:9b:67:79:ea:4f:2c:a6:e0:f1:cf:19:3f:
+         4f:44:2c:61:2e:08:48:cb:11:e2:82:8a:c0:88:53:ad:6b:ba:
+         7e:d6:fa:61
 -----BEGIN CERTIFICATE-----
 MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBojELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBojELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV
 BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -80,10 +80,10 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw
 FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
 ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI
-hvcNAQELBQADggEBALgytrWKkAnH0hF9948UXWGAz+isZb/XCFE8YBYVnuDsepuH
-DLytVmfeG6XUVFPac+gnjwJ3cxKGmSI6MndQSDgrwZ9GgSYQCu4koq5C3IEU07cQ
-LxGqu3C6nIIpyCw+4GuO++Q5M/zvL9dwOgn104Wvs1kAtMYrxRprOqdLu3SH4d2P
-nAVHCHsNhrY1l2elrIzS/N3gC6uMFYIMyDjxN4OGtA4k6FvfXuRr40PcstnHUsrL
-vaLgPXWKA0xdpy9+umQvaeffpwki+LegWZT9lTHu1l9e+YQ8/rp1+I9ZgAzaZCFD
-e0RK/a70Q325SjCMIcURHAvpPM0+6klaxRD/AME=
+hvcNAQELBQADggEBAHSdOtqRtuAtfYm2bRZ98Ci6n+VSoCGSBnd3mpp4R1beOU1k
+QxznBgL9AEIdLXHvbqNPORrp/I2clDJgqVYS7ml/We8wX8TWViYamrvE7AEJCuMU
+q0RBCHUqa4BpWF0uGioAJgywNs37wYd+uFjOTTJX5WIuZOPJUmchKEAWiLI3GeCT
+yEzK+SsdLNmRgqy0edmQeeWVdgOia9jvJGYdoztvxgyV8sNZN/mH2+am5fFvcJJg
+4G3NuBRplSZWLMwOftQ53W5EMusnFQAP+gJgMqVsafDNMca4/xxZLw9NKJtneepP
+LKbg8c8ZP09ELGEuCEjLEeKCisCIU61run7W+mE=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
index ace2c8e2..1a3bed29 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-ICA7-pathlen100.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:100
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         63:fb:c6:05:34:72:7a:ac:41:40:db:7d:45:03:24:24:fc:52:
-         15:95:24:05:f9:26:89:ba:59:21:5e:6a:e6:86:86:28:85:f0:
-         cf:46:3f:90:a1:46:3a:3b:0f:bd:2f:91:b6:59:6f:f1:b6:25:
-         12:85:7a:e0:eb:18:9e:21:a1:dd:4a:68:df:91:01:47:35:02:
-         4e:8a:f7:4b:15:30:e2:d1:bf:94:6e:c2:7a:d1:78:b3:ff:6d:
-         23:4f:83:bb:3c:f7:aa:1d:07:09:d9:9a:1d:96:77:e3:3d:4b:
-         4f:de:d9:29:1a:9c:d7:a4:03:ac:55:6f:59:b6:6a:5d:4e:ae:
-         02:42:15:4c:9e:7c:57:a5:a6:35:c6:6a:44:ea:59:36:87:68:
-         1d:16:4c:63:96:c0:9f:7c:5d:fd:cd:bb:fe:5c:d6:08:86:9a:
-         60:ae:60:b6:2d:b2:a1:f6:6e:0a:47:d6:e2:95:f5:ff:5d:0d:
-         46:a4:b5:1d:bf:96:25:11:84:07:77:1f:29:8e:4f:22:8e:65:
-         07:e0:e8:c2:47:e8:c6:3a:9d:ff:df:19:f3:9f:83:be:b4:91:
-         8c:0b:84:e0:2a:9e:8b:7a:e0:cf:72:d5:3e:2a:5a:ff:24:eb:
-         92:7b:ed:0c:42:5c:ca:cc:ee:aa:04:37:87:63:f2:22:95:e3:
-         ea:5b:00:b9
+         18:8c:dc:f0:e2:14:b8:33:68:ed:a7:5e:f9:12:72:93:58:a0:
+         91:2a:d5:87:77:21:24:e9:b6:af:d3:af:55:8b:31:1c:a8:bb:
+         3a:30:94:bb:aa:d4:5e:bb:17:d1:93:57:51:e6:32:f0:c7:e6:
+         76:86:06:6d:c7:2a:35:c2:a3:2f:54:d6:bf:b1:25:7e:e4:0b:
+         1a:dd:62:ce:34:d5:18:b4:4d:d0:76:52:d4:63:00:8b:90:72:
+         4e:77:ff:c1:1b:bf:31:d1:6d:d2:75:69:5a:0c:a6:b2:42:e7:
+         97:c9:a1:47:50:16:89:ee:20:ee:e7:c0:c8:06:7f:5e:55:0a:
+         79:90:ed:2d:11:83:49:23:f0:89:08:cb:9c:84:6e:f5:6b:fe:
+         b2:2c:16:0e:74:d9:a8:35:9b:1d:1c:6a:ab:58:dd:32:09:d2:
+         67:c2:eb:27:18:8e:70:31:58:c2:f1:20:06:98:ac:39:5a:c2:
+         0b:43:60:a8:74:35:b1:32:bd:83:4b:df:db:18:46:e1:ac:7e:
+         13:4a:09:6b:05:98:7a:98:e9:e0:1a:1d:a7:88:34:c6:4b:06:
+         14:69:78:8d:29:83:c2:ee:52:af:00:a3:4d:d8:61:04:5a:0c:
+         e5:62:f4:c7:ac:8a:f3:7d:90:10:08:7c:15:d1:37:01:3c:bc:
+         89:f8:60:24
 -----BEGIN CERTIFICATE-----
 MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3
 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -78,12 +78,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAY/vGBTRyeqxBQNt9RQMkJPxSFZUkBfkmibpZIV5q
-5oaGKIXwz0Y/kKFGOjsPvS+Rtllv8bYlEoV64OsYniGh3Upo35EBRzUCTor3SxUw
-4tG/lG7CetF4s/9tI0+Duzz3qh0HCdmaHZZ34z1LT97ZKRqc16QDrFVvWbZqXU6u
-AkIVTJ58V6WmNcZqROpZNodoHRZMY5bAn3xd/c27/lzWCIaaYK5gti2yofZuCkfW
-4pX1/10NRqS1Hb+WJRGEB3cfKY5PIo5lB+Dowkfoxjqd/98Z85+DvrSRjAuE4Cqe
-i3rgz3LVPipa/yTrknvtDEJcyszuqgQ3h2PyIpXj6lsAuQ==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEAGIzc8OIUuDNo7ade+RJyk1igkSrVh3chJOm2r9Ov
+VYsxHKi7OjCUu6rUXrsX0ZNXUeYy8MfmdoYGbccqNcKjL1TWv7ElfuQLGt1izjTV
+GLRN0HZS1GMAi5ByTnf/wRu/MdFt0nVpWgymskLnl8mhR1AWie4g7ufAyAZ/XlUK
+eZDtLRGDSSPwiQjLnIRu9Wv+siwWDnTZqDWbHRxqq1jdMgnSZ8LrJxiOcDFYwvEg
+BpisOVrCC0NgqHQ1sTK9g0vf2xhG4ax+E0oJawWYepjp4Bodp4g0xksGFGl4jSmD
+wu5SrwCjTdhhBFoM5WL0x6yK832QEAh8FdE3ATy8ifhgJA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
index c1d57403..c8990912 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         a9:28:b3:d9:91:da:b9:0b:35:94:8d:b0:53:7c:6c:0d:b7:ab:
-         41:7b:72:42:48:5b:13:6f:15:4b:df:cd:69:48:01:f4:b7:6d:
-         4d:c3:be:85:91:31:1b:f7:54:e8:3e:6c:b7:ad:29:16:9b:f7:
-         99:f4:67:a6:cb:96:7e:5b:8a:32:41:20:89:88:8d:a0:f2:81:
-         3a:50:14:66:06:9b:eb:c0:ee:bb:d1:0c:84:7c:e3:bb:b6:92:
-         62:68:3b:b0:0d:c2:ed:f4:d1:7f:8f:15:8c:1a:fd:fe:9d:be:
-         84:0d:47:53:ad:c6:d7:60:52:71:5d:65:0a:28:aa:22:03:73:
-         cf:1f:d6:e1:1a:5c:b7:54:83:93:c8:38:bc:3b:64:50:91:f5:
-         ff:65:fd:3e:4b:fc:8c:96:80:c0:51:1f:14:16:3a:35:f2:93:
-         67:99:dd:e3:8d:10:52:25:a9:1b:9f:43:7a:9a:31:ae:f1:9e:
-         49:cb:17:e8:8b:17:59:42:7d:15:82:d8:4b:a4:02:d9:ea:96:
-         69:0e:01:de:8c:47:63:54:88:b1:df:31:fd:16:8c:53:22:81:
-         62:e3:96:10:b2:21:af:4b:72:82:66:aa:d1:06:09:f4:bd:00:
-         b6:f1:7a:4a:48:82:61:f5:de:c3:04:17:3a:83:46:38:b7:ff:
-         db:26:0e:f9
+         27:b7:93:b7:fd:71:ab:7c:a5:a2:8e:e7:4c:77:67:4c:f2:28:
+         b7:82:bb:4a:85:95:bf:84:57:04:49:ac:be:02:cc:6b:fd:0f:
+         d8:66:c8:a0:eb:40:55:cf:a1:e3:d1:e0:fe:9a:40:b5:2e:ee:
+         b2:bf:48:fa:20:57:fd:c7:df:de:68:8f:82:5d:58:ec:25:0a:
+         a8:97:73:dc:e6:66:f5:49:64:9a:e9:b1:e2:86:4e:d1:04:59:
+         0f:32:e1:c5:dd:d4:39:b0:ad:e9:cc:ad:87:ef:ab:8e:fe:74:
+         4c:7e:b2:cb:41:3c:54:ed:b7:8d:4b:fd:97:6e:26:22:32:9e:
+         94:26:aa:45:7d:65:c1:c8:10:67:63:09:09:42:04:04:9d:0c:
+         53:bb:18:f6:ce:af:dc:e7:63:d4:c8:bb:b4:6a:86:52:45:6a:
+         96:a1:54:3d:8c:25:7d:1a:b1:16:65:7a:8b:ec:01:fa:c4:73:
+         98:49:3c:c3:18:2f:48:3e:45:10:45:c0:85:2c:16:88:65:2b:
+         02:0b:0b:02:67:d2:2a:1d:bd:66:14:f5:8d:d1:8e:f8:eb:7a:
+         b5:db:4e:f7:ce:fa:6f:67:a0:a2:6b:37:85:7a:f7:34:8a:71:
+         9a:e5:34:2a:fd:6a:4a:ec:3e:38:e3:30:89:f3:e6:c4:a9:a6:
+         a4:79:35:9b
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKkos9mR
-2rkLNZSNsFN8bA23q0F7ckJIWxNvFUvfzWlIAfS3bU3DvoWRMRv3VOg+bLetKRab
-95n0Z6bLln5bijJBIImIjaDygTpQFGYGm+vA7rvRDIR847u2kmJoO7ANwu300X+P
-FYwa/f6dvoQNR1OtxtdgUnFdZQooqiIDc88f1uEaXLdUg5PIOLw7ZFCR9f9l/T5L
-/IyWgMBRHxQWOjXyk2eZ3eONEFIlqRufQ3qaMa7xnknLF+iLF1lCfRWC2EukAtnq
-lmkOAd6MR2NUiLHfMf0WjFMigWLjlhCyIa9LcoJmqtEGCfS9ALbxekpIgmH13sME
-FzqDRji3/9smDvk=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACe3k7f9
+cat8paKO50x3Z0zyKLeCu0qFlb+EVwRJrL4CzGv9D9hmyKDrQFXPoePR4P6aQLUu
+7rK/SPogV/3H395oj4JdWOwlCqiXc9zmZvVJZJrpseKGTtEEWQ8y4cXd1DmwrenM
+rYfvq47+dEx+sstBPFTtt41L/ZduJiIynpQmqkV9ZcHIEGdjCQlCBASdDFO7GPbO
+r9znY9TIu7RqhlJFapahVD2MJX0asRZleovsAfrEc5hJPMMYL0g+RRBFwIUsFohl
+KwILCwJn0iodvWYU9Y3RjvjrerXbTvfO+m9noKJrN4V69zSKcZrlNCr9akrsPjjj
+MInz5sSppqR5NZs=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         a8:e1:75:09:71:57:28:d6:27:3a:92:89:0c:47:57:05:3a:92:
-         81:d3:23:00:92:fd:f3:77:24:60:67:af:86:ba:b2:17:1a:9f:
-         5e:3a:ee:ba:a3:fa:1f:76:69:b9:18:4d:89:97:ac:54:5a:9f:
-         e2:ad:7a:37:d3:e1:35:fa:39:32:7f:d9:14:98:48:16:4d:99:
-         e6:d5:61:0e:31:df:d1:a7:cd:c1:fd:6b:72:59:80:f7:8c:77:
-         ef:45:c9:53:ed:b6:a4:73:06:1e:d3:d6:40:01:c8:c7:3c:48:
-         71:38:ac:66:a8:f6:e2:5f:75:87:a8:93:28:db:ef:3f:e2:c6:
-         2b:0d:ac:63:33:9c:1c:65:8d:9a:b2:3e:c8:2b:0d:3c:96:ef:
-         b3:e2:4d:b8:fe:6d:8b:59:66:02:3f:f9:a8:0b:08:a3:30:a7:
-         9c:81:74:3d:88:cb:3f:f7:93:95:93:9f:38:53:ac:d9:a5:ae:
-         43:46:30:17:25:b1:cb:bf:2d:fe:df:32:17:ec:b0:54:33:c7:
-         1c:31:78:86:8c:fd:16:9e:0c:a4:71:3f:d0:a4:0e:26:90:39:
-         68:34:bf:34:f7:73:fb:7b:64:14:3f:b4:41:95:c2:da:16:dc:
-         20:a4:cc:3e:fa:64:dd:ce:d6:48:11:9d:ab:6b:a7:3e:c6:67:
-         1d:ac:f6:0b
+         6e:12:75:fb:ac:2b:b3:b5:f3:f8:0c:2b:61:c3:22:c0:1f:16:
+         cf:36:8c:b2:fc:be:83:ad:81:3d:e9:4e:76:e3:85:db:34:b4:
+         b1:a6:ed:fe:82:ee:b2:7c:64:14:e4:1f:d6:fb:16:3e:36:d7:
+         a1:f3:99:99:7c:48:96:50:d0:e4:29:43:42:93:7c:8e:24:fc:
+         ba:6b:89:1c:1b:c8:39:d2:62:5e:7f:ac:0c:e8:7d:f4:90:94:
+         a3:dc:5d:d4:25:60:07:6f:97:6c:a1:4f:5a:ec:84:70:46:de:
+         4d:74:a8:5c:48:32:94:6d:69:81:65:c6:c4:ef:3e:31:fc:40:
+         f5:5c:10:29:23:49:a7:ca:27:27:33:ed:3f:65:1a:95:f0:57:
+         5a:32:19:b4:4d:66:c5:19:15:4b:a9:79:c9:fb:cd:02:57:04:
+         c2:33:6d:6c:85:67:14:16:7a:d2:32:a0:66:c4:b9:0d:43:bd:
+         57:52:27:da:af:f1:df:68:27:74:b9:dd:d3:3c:ba:79:d0:46:
+         2c:91:fc:1c:65:a4:3a:ea:82:25:c9:b1:2f:7d:78:85:62:1f:
+         a4:4c:69:fc:a3:95:c3:0a:ce:ed:10:24:ec:f7:17:bf:22:42:
+         44:ac:0d:77:a1:3d:9d:d0:fb:03:1b:b7:79:8a:ba:6e:3c:a4:
+         3e:1c:0a:54
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkctSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ ojELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHjAcBgNVBAMMFWNoYWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAqOF1CXFXKNYnOpKJDEdXBTqSgdMjAJL9
-83ckYGevhrqyFxqfXjruuqP6H3ZpuRhNiZesVFqf4q16N9PhNfo5Mn/ZFJhIFk2Z
-5tVhDjHf0afNwf1rclmA94x370XJU+22pHMGHtPWQAHIxzxIcTisZqj24l91h6iT
-KNvvP+LGKw2sYzOcHGWNmrI+yCsNPJbvs+JNuP5ti1lmAj/5qAsIozCnnIF0PYjL
-P/eTlZOfOFOs2aWuQ0YwFyWxy78t/t8yF+ywVDPHHDF4hoz9Fp4MpHE/0KQOJpA5
-aDS/NPdz+3tkFD+0QZXC2hbcIKTMPvpk3c7WSBGdq2unPsZnHaz2Cw==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAbhJ1+6wrs7Xz+AwrYcMiwB8WzzaMsvy+
+g62BPelOduOF2zS0sabt/oLusnxkFOQf1vsWPjbXofOZmXxIllDQ5ClDQpN8jiT8
+umuJHBvIOdJiXn+sDOh99JCUo9xd1CVgB2+XbKFPWuyEcEbeTXSoXEgylG1pgWXG
+xO8+MfxA9VwQKSNJp8onJzPtP2UalfBXWjIZtE1mxRkVS6l5yfvNAlcEwjNtbIVn
+FBZ60jKgZsS5DUO9V1In2q/x32gndLnd0zy6edBGLJH8HGWkOuqCJcmxL314hWIf
+pExp/KOVwwrO7RAk7PcXvyJCRKwNd6E9ndD7Axu3eYq6bjykPhwKVA==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA2-pathlen1, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         56:b8:f2:49:b8:e6:65:25:db:46:5f:f4:72:40:14:a5:27:39:
-         27:28:9b:f9:cc:5a:02:7f:76:05:e7:18:45:1f:29:c6:cb:ce:
-         77:50:35:74:0c:95:ed:3a:7e:a0:87:8a:7d:8f:6f:2f:3c:5d:
-         03:86:da:c2:2c:b3:2f:6d:7b:af:a4:83:c7:f3:6e:5b:48:c3:
-         d9:4a:e5:af:e1:86:e1:81:68:45:2e:fb:09:19:94:be:91:dd:
-         8f:f4:e7:94:fb:9e:54:4c:a7:c9:10:87:8d:f0:08:14:08:c9:
-         d7:92:44:56:59:03:10:27:2c:fb:7e:24:01:8b:9f:cc:e0:6a:
-         31:5c:67:e3:96:88:f8:86:3f:ec:1e:bd:07:d2:fc:34:1d:ff:
-         8d:72:c1:2d:de:09:7f:e4:c4:dd:98:70:73:ed:84:a6:4f:f8:
-         ec:a5:18:b6:0c:55:e2:a4:aa:0c:37:60:52:3d:76:f5:dd:ab:
-         0a:7c:fd:4d:81:a6:a9:c6:49:14:e7:51:00:f4:6a:d9:dc:15:
-         ef:72:d1:79:c3:65:e2:e1:f5:23:c4:90:ba:4a:e2:01:d9:09:
-         83:e5:34:0f:c3:ea:03:cf:62:b9:bb:18:26:30:54:77:b1:a6:
-         63:99:35:0a:40:2b:df:2a:2c:3a:e0:0c:2c:f6:1b:6a:de:e2:
-         02:31:9d:c0
+         50:65:9b:1d:8b:6a:ae:9b:d4:f1:ff:57:ac:51:48:fd:c8:9e:
+         19:bb:b2:00:bf:54:ee:c8:d4:2f:eb:5b:ff:17:1e:7c:aa:1d:
+         d4:01:9f:e8:cb:c4:8c:e5:ee:99:04:33:e8:16:3a:fc:44:bd:
+         56:a5:45:e7:e9:fb:88:25:11:4b:07:73:5d:37:21:47:47:9d:
+         f8:e0:89:e0:e4:c0:6a:f4:64:25:e7:b7:d9:47:53:ff:d5:6f:
+         f3:e4:8d:b2:33:f6:ce:46:5b:80:82:8f:05:18:f4:bc:90:5a:
+         af:4a:7f:9d:67:08:f7:41:27:05:c5:34:46:03:fc:14:2e:4e:
+         81:f3:ca:3d:67:9e:a9:53:ec:5b:df:38:d4:b5:92:3d:55:94:
+         df:88:be:a1:e7:14:18:a2:9d:22:5d:10:69:f8:54:c3:a9:14:
+         ef:8e:af:e1:8a:f8:cd:6d:7e:26:30:2c:40:bc:50:49:e5:9f:
+         bc:8f:de:30:23:93:c4:25:b3:e6:fb:b5:64:82:57:41:ac:79:
+         1e:58:9e:6c:67:dc:18:ed:c4:60:79:06:b1:ee:9f:4c:2c:a3:
+         9c:61:d7:77:33:b5:64:50:65:88:33:a0:30:57:99:0f:a9:aa:
+         a7:b3:a8:0d:b1:c5:ce:5a:34:a8:31:47:e4:66:62:b2:11:0e:
+         b9:58:4f:06
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0EzLXBhdGhsZW45OTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
 AwwUY2hhaW5HLUlDQTItcGF0aGxlbjExHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -256,12 +256,12 @@ gaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR0wGwYDVQQDDBRjaGFpbkctSUNBNC1wYXRobGVuNTEfMB0GCSqGSIb3DQEJ
 ARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAVrjySbjmZSXbRl/0ckAUpSc5Jyib+cxa
-An92BecYRR8pxsvOd1A1dAyV7Tp+oIeKfY9vLzxdA4bawiyzL217r6SDx/NuW0jD
-2Urlr+GG4YFoRS77CRmUvpHdj/TnlPueVEynyRCHjfAIFAjJ15JEVlkDECcs+34k
-AYufzOBqMVxn45aI+IY/7B69B9L8NB3/jXLBLd4Jf+TE3Zhwc+2Epk/47KUYtgxV
-4qSqDDdgUj129d2rCnz9TYGmqcZJFOdRAPRq2dwV73LRecNl4uH1I8SQukriAdkJ
-g+U0D8PqA89iubsYJjBUd7GmY5k1CkAr3yosOuAMLPYbat7iAjGdwA==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAUGWbHYtqrpvU8f9XrFFI/cieGbuyAL9U
+7sjUL+tb/xcefKod1AGf6MvEjOXumQQz6BY6/ES9VqVF5+n7iCURSwdzXTchR0ed
++OCJ4OTAavRkJee32UdT/9Vv8+SNsjP2zkZbgIKPBRj0vJBar0p/nWcI90EnBcU0
+RgP8FC5OgfPKPWeeqVPsW9841LWSPVWU34i+oecUGKKdIl0QafhUw6kU746v4Yr4
+zW1+JjAsQLxQSeWfvI/eMCOTxCWz5vu1ZIJXQax5HliebGfcGO3EYHkGse6fTCyj
+nGHXdzO1ZFBliDOgMFeZD6mqp7OoDbHFzlo0qDFH5GZishEOuVhPBg==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -270,8 +270,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA3-pathlen99, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         7b:72:02:a6:a9:ab:c5:08:f6:39:85:63:df:3a:b6:25:6f:94:
-         72:97:c9:64:e5:a8:c8:e9:e1:09:cd:ae:d2:95:7c:de:fb:8d:
-         64:b4:51:a4:86:af:a9:5d:50:37:e8:41:87:3a:8e:0c:77:6b:
-         35:0f:db:78:0e:92:bf:f9:ca:82:d5:d0:e9:27:71:6b:ac:02:
-         34:86:e2:c2:0b:b2:42:06:91:d3:f6:02:55:23:71:33:57:a9:
-         58:db:0d:1d:fe:d3:9b:ca:c4:c9:b8:6e:6f:32:cb:12:b8:9f:
-         6d:44:2b:fd:22:cf:8f:c0:53:f9:5a:b5:3a:e9:48:37:f3:0d:
-         d8:77:5b:cb:1d:97:5b:a9:3b:b3:b9:b5:5e:c2:c0:d6:8d:66:
-         f0:19:e9:4a:ca:e3:f0:93:f3:82:93:e7:7d:7f:21:51:4e:ef:
-         ce:82:d7:52:91:dd:5f:74:ff:84:fe:0a:d9:c3:3d:9a:62:da:
-         f4:c9:5b:fc:f8:60:db:d3:69:08:7c:09:fd:04:10:7b:48:b8:
-         9b:ed:eb:58:f1:1f:aa:87:a9:bf:60:f8:7a:df:96:b3:77:4b:
-         4d:db:b6:6f:34:b3:8d:4d:e3:a4:cd:01:b4:15:0f:8c:12:06:
-         96:e7:36:46:ac:7f:1f:ca:af:e4:2d:f8:90:ab:ce:6f:b1:b4:
-         9e:2f:5a:2a
+         0b:ad:52:52:31:8c:12:70:07:6c:05:83:b3:84:cf:c2:64:da:
+         43:d2:cc:6c:db:ef:a5:ae:9b:44:96:4e:fe:fd:b9:61:56:59:
+         e2:f2:52:c8:1b:52:2c:36:79:5d:6a:83:a1:c8:03:9a:7a:80:
+         4f:ee:9d:48:87:f4:cb:9b:5e:84:c8:f8:b8:0c:77:e1:cb:40:
+         ac:28:eb:58:07:e4:06:a7:50:e2:44:48:bc:a3:2f:5d:f1:fa:
+         0c:4d:1d:84:0a:57:e5:0c:b9:bb:41:b9:12:17:09:25:9f:99:
+         02:6b:9e:83:fb:07:f8:3f:59:b2:04:62:b7:12:e7:61:8b:48:
+         a7:cc:29:ce:11:f9:7c:64:dd:5c:51:d3:ac:0c:54:4b:22:7e:
+         29:de:98:50:80:f8:1a:65:64:3c:fb:a6:07:bb:e8:b1:a4:e8:
+         f1:7b:07:fd:e2:50:07:67:f5:7a:fa:76:4d:1c:7f:1a:e3:52:
+         ad:13:a6:b5:89:9e:f5:11:68:12:13:dc:59:86:9d:f9:83:18:
+         52:ee:09:24:6a:37:e9:85:95:ac:93:09:23:09:0e:f3:66:a8:
+         85:ee:d1:e4:40:01:f3:c2:c3:1f:48:74:76:2b:7e:4c:9b:a9:
+         a2:2f:c8:7c:74:60:2d:98:e8:63:09:cf:8f:a8:c8:8a:7f:c4:
+         d4:f3:34:ad
 -----BEGIN CERTIFICATE-----
 MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0E0LXBhdGhsZW41MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaIxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaIxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR4wHAYDVQQD
 DBVjaGFpbkctSUNBMy1wYXRobGVuOTkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -345,12 +345,12 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNS1wYXRobGVuMjAxHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBYzALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAHtyAqapq8UI9jmFY986tiVvlHKXyWTl
-qMjp4QnNrtKVfN77jWS0UaSGr6ldUDfoQYc6jgx3azUP23gOkr/5yoLV0OkncWus
-AjSG4sILskIGkdP2AlUjcTNXqVjbDR3+05vKxMm4bm8yyxK4n21EK/0iz4/AU/la
-tTrpSDfzDdh3W8sdl1upO7O5tV7CwNaNZvAZ6UrK4/CT84KT531/IVFO786C11KR
-3V90/4T+CtnDPZpi2vTJW/z4YNvTaQh8Cf0EEHtIuJvt61jxH6qHqb9g+HrflrN3
-S03btm80s41N46TNAbQVD4wSBpbnNkasfx/Kr+Qt+JCrzm+xtJ4vWio=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAutUlIxjBJwB2wFg7OEz8Jk2kPSzGzb
+76Wum0SWTv79uWFWWeLyUsgbUiw2eV1qg6HIA5p6gE/unUiH9MubXoTI+LgMd+HL
+QKwo61gH5AanUOJESLyjL13x+gxNHYQKV+UMubtBuRIXCSWfmQJrnoP7B/g/WbIE
+YrcS52GLSKfMKc4R+Xxk3VxR06wMVEsifinemFCA+BplZDz7pge76LGk6PF7B/3i
+UAdn9Xr6dk0cfxrjUq0TprWJnvURaBIT3FmGnfmDGFLuCSRqN+mFlayTCSMJDvNm
+qIXu0eRAAfPCwx9IdHYrfkybqaIvyHx0YC2Y6GMJz4+oyIp/xNTzNK0=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -359,8 +359,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA4-pathlen5, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -398,27 +398,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         04:f9:2d:12:27:73:f5:79:fd:73:35:ec:7c:dd:fb:fc:66:07:
-         b6:ce:a6:2a:25:c2:12:6f:c7:9f:15:fa:b4:1f:3c:b9:c3:ea:
-         9c:ee:85:02:d9:f3:66:19:10:e5:7f:57:76:e7:07:77:86:34:
-         44:84:e8:89:a5:98:b8:b6:21:8f:f0:60:95:96:38:ce:be:ab:
-         ee:a6:1d:47:dc:bf:37:c2:ca:d5:54:0c:8b:6f:11:e5:52:b6:
-         52:36:95:d1:ef:e0:18:7f:b2:00:8d:b4:dd:94:69:41:fc:7d:
-         d4:43:55:bd:e8:e3:5f:1a:71:9a:1a:fa:4a:d3:d7:bd:ce:ac:
-         e6:83:6b:47:31:60:90:96:d8:4c:34:0e:ba:25:d7:f2:40:3a:
-         37:bb:27:4c:de:40:9a:20:a5:0e:23:9b:ef:90:7f:1c:23:fd:
-         62:c7:f5:c1:35:de:73:f4:09:e6:e6:a2:15:64:53:93:95:38:
-         06:2b:64:59:7d:56:8c:88:3c:6f:f5:b7:8f:21:9c:a8:a7:46:
-         da:66:5e:5c:e5:6a:4b:81:69:97:e3:5c:ed:7c:01:90:5e:bd:
-         06:47:e7:48:db:e8:13:18:f9:2e:6b:a0:26:61:d7:49:83:b7:
-         9d:b9:98:b7:c0:40:c7:0d:e8:5e:2a:f7:67:85:36:24:0e:68:
-         8d:ca:8e:78
+         a6:f3:32:99:ee:fd:de:b1:46:ad:68:a7:6f:d8:55:91:63:2d:
+         07:ce:91:2f:e3:ff:8f:03:e3:cf:c2:33:76:91:33:5f:13:70:
+         10:e4:e2:3b:70:02:fc:d2:7d:39:d2:1a:1e:82:2d:40:d8:a7:
+         bb:69:19:51:fb:c1:32:41:e5:cf:4f:39:f6:f8:dd:b4:cb:f2:
+         11:3e:dc:8d:c7:a6:90:27:14:4b:28:6f:20:9a:58:92:3a:42:
+         8c:c7:40:36:b5:c0:4a:7e:27:0b:37:a7:71:e4:fd:f4:8d:24:
+         8d:fe:3d:4a:59:4e:7e:86:02:f2:e2:09:95:59:ca:19:b9:23:
+         84:1e:c6:14:d9:c4:05:7a:93:77:b4:4a:f4:91:75:3f:89:43:
+         8b:b1:5f:a5:36:0a:2a:b0:a1:7b:8f:33:01:92:4d:c1:d9:51:
+         98:a3:1b:14:f9:34:8e:7c:db:a5:5c:2c:b2:cd:23:b6:f6:65:
+         25:aa:2c:5c:cc:38:49:b2:77:aa:8f:73:3b:00:1f:33:94:43:
+         fd:c2:34:ba:ee:ac:7d:0d:62:58:72:4d:ea:78:29:b5:b1:29:
+         99:70:8c:00:22:1c:a3:93:ca:cd:c8:02:21:57:2d:19:fd:a7:
+         fb:c7:1c:12:0c:49:04:73:4c:7e:dd:9f:9e:1c:5b:e4:2a:53:
+         b6:cf:7e:c4
 -----BEGIN CERTIFICATE-----
 MIIE1TCCA72gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0E1LXBhdGhsZW4yMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGhMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGhMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEdMBsGA1UE
 AwwUY2hhaW5HLUlDQTQtcGF0aGxlbjUxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
@@ -434,12 +434,12 @@ gaIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdT
 ZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVy
 aW5nMR4wHAYDVQQDDBVjaGFpbkctSUNBNi1wYXRobGVuMTAxHzAdBgkqhkiG9w0B
 CQEWEGluZm9Ad29sZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBBTALBgNVHQ8E
-BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAAT5LRInc/V5/XM17Hzd+/xmB7bOpiol
-whJvx58V+rQfPLnD6pzuhQLZ82YZEOV/V3bnB3eGNESE6ImlmLi2IY/wYJWWOM6+
-q+6mHUfcvzfCytVUDItvEeVStlI2ldHv4Bh/sgCNtN2UaUH8fdRDVb3o418acZoa
-+krT173OrOaDa0cxYJCW2Ew0Drol1/JAOje7J0zeQJogpQ4jm++Qfxwj/WLH9cE1
-3nP0CebmohVkU5OVOAYrZFl9VoyIPG/1t48hnKinRtpmXlzlakuBaZfjXO18AZBe
-vQZH50jb6BMY+S5roCZh10mDt525mLfAQMcN6F4q92eFNiQOaI3Kjng=
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAKbzMpnu/d6xRq1op2/YVZFjLQfOkS/j
+/48D48/CM3aRM18TcBDk4jtwAvzSfTnSGh6CLUDYp7tpGVH7wTJB5c9POfb43bTL
+8hE+3I3HppAnFEsobyCaWJI6QozHQDa1wEp+Jws3p3Hk/fSNJI3+PUpZTn6GAvLi
+CZVZyhm5I4QexhTZxAV6k3e0SvSRdT+JQ4uxX6U2CiqwoXuPMwGSTcHZUZijGxT5
+NI5826VcLLLNI7b2ZSWqLFzMOEmyd6qPczsAHzOUQ/3CNLrurH0NYlhyTep4KbWx
+KZlwjAAiHKOTys3IAiFXLRn9p/vHHBIMSQRzTH7dn54cW+QqU7bPfsQ=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -448,8 +448,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA5-pathlen20, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -487,27 +487,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0f:b1:e3:0e:db:7f:2c:93:25:66:ef:c4:84:a6:65:86:54:58:
-         ff:59:ba:07:80:0f:56:cd:ae:15:39:64:8c:3d:05:c2:dc:3d:
-         e2:9e:e8:b9:ec:55:15:c8:4f:0c:e0:41:65:8a:86:ff:f4:7f:
-         a4:e0:aa:ea:a6:54:0c:3d:a2:82:d9:5c:c1:82:aa:d8:48:32:
-         84:ca:96:a5:21:b5:36:de:97:50:3b:9e:00:78:2a:af:30:09:
-         f4:b7:6b:56:d7:38:a0:1c:b1:8b:d7:db:71:eb:46:b2:e2:c7:
-         42:d2:02:6d:03:dc:9d:83:ba:aa:be:23:62:73:98:16:74:3b:
-         8a:89:00:e8:b0:04:21:31:4c:0f:df:ef:3b:1e:fd:28:c5:07:
-         6b:b3:87:d1:78:4a:4b:97:8f:5b:09:39:b4:09:d5:62:c0:72:
-         31:0b:fa:7d:81:5f:dd:2f:3a:e1:61:d2:c0:b4:54:eb:01:e4:
-         94:90:30:8d:fa:8f:94:04:b2:9f:ca:3a:b1:c1:b9:72:24:f1:
-         0c:f9:09:1e:a0:5b:d9:28:a6:d4:ee:aa:bf:37:ea:ee:4d:85:
-         8a:f8:b0:6c:98:7e:a4:17:0d:01:03:46:7d:82:80:2a:48:17:
-         a9:d6:4b:57:38:f1:53:54:54:00:5a:83:d6:96:b6:fe:c6:dc:
-         65:40:60:c9
+         d9:f9:09:10:86:29:c0:72:a4:93:87:4d:d3:79:ce:fa:f3:8a:
+         79:9a:d0:eb:6d:42:06:00:fc:2c:c3:fa:35:c5:b6:6d:a4:7f:
+         66:29:d2:ad:ed:50:a5:a8:1e:1b:24:db:f3:52:bf:54:b8:3f:
+         67:c2:be:f4:a4:fc:d2:77:74:a4:02:74:0d:fe:c5:e0:42:bd:
+         2b:7c:16:ae:a1:68:6f:e5:80:29:07:f3:5e:e4:0e:96:d2:ee:
+         cd:d2:82:00:22:a7:72:d7:c5:38:71:a0:ac:2a:38:03:c4:c1:
+         23:62:1e:fa:b3:24:32:0f:01:a4:64:a8:ab:79:60:55:77:da:
+         ca:76:00:14:2f:e0:e1:74:f9:72:e2:7d:aa:3d:6b:9f:50:ab:
+         72:31:40:4b:19:9d:b9:9a:12:de:db:15:c3:36:90:9d:48:6f:
+         7a:98:47:7a:65:a2:d5:5b:0c:f3:90:5d:dd:4e:1c:ba:72:b4:
+         ac:be:ca:1b:87:16:7f:f2:b0:33:9b:7a:26:37:eb:1f:cb:4d:
+         bf:c7:f1:01:80:b7:60:c4:ae:71:bb:ab:cc:bd:8a:ba:c4:23:
+         87:15:1e:b9:c7:6d:2d:44:fd:67:25:45:e2:cd:76:4d:87:a1:
+         80:e0:a2:e6:60:23:51:4d:17:b0:82:51:ef:0c:88:75:64:c1:
+         7b:8e:c2:29
 -----BEGIN CERTIFICATE-----
 MIIE1zCCA7+gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBojELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNVBAMMFWNo
 YWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3Ns
-LmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGiMQswCQYDVQQG
+LmNvbTAeFw0yMzEyMTMyMjE5MzJaFw0yNjA5MDgyMjE5MzJaMIGiMQswCQYDVQQG
 EwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEVMBMG
 A1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEeMBwGA1UE
 AwwVY2hhaW5HLUlDQTUtcGF0aGxlbjIwMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -523,12 +523,12 @@ MIGjMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwH
 U2VhdHRsZTEVMBMGA1UECgwMd29sZlNTTCBJbmMuMRQwEgYDVQQLDAtFbmdpbmVl
 cmluZzEfMB0GA1UEAwwWY2hhaW5HLUlDQTctcGF0aGxlbjEwMDEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAPBgNVHRMECDAGAQH/AgEUMAsGA1Ud
-DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAD7HjDtt/LJMlZu/EhKZlhlRY/1m6
-B4APVs2uFTlkjD0Fwtw94p7ouexVFchPDOBBZYqG//R/pOCq6qZUDD2igtlcwYKq
-2EgyhMqWpSG1Nt6XUDueAHgqrzAJ9LdrVtc4oByxi9fbcetGsuLHQtICbQPcnYO6
-qr4jYnOYFnQ7iokA6LAEITFMD9/vOx79KMUHa7OH0XhKS5ePWwk5tAnVYsByMQv6
-fYFf3S864WHSwLRU6wHklJAwjfqPlASyn8o6scG5ciTxDPkJHqBb2Sim1O6qvzfq
-7k2FiviwbJh+pBcNAQNGfYKAKkgXqdZLVzjxU1RUAFqD1pa2/sbcZUBgyQ==
+DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA2fkJEIYpwHKkk4dN03nO+vOKeZrQ
+621CBgD8LMP6NcW2baR/ZinSre1QpageGyTb81K/VLg/Z8K+9KT80nd0pAJ0Df7F
+4EK9K3wWrqFob+WAKQfzXuQOltLuzdKCACKnctfFOHGgrCo4A8TBI2Ie+rMkMg8B
+pGSoq3lgVXfaynYAFC/g4XT5cuJ9qj1rn1CrcjFASxmduZoS3tsVwzaQnUhvephH
+emWi1VsM85Bd3U4cunK0rL7KG4cWf/KwM5t6JjfrH8tNv8fxAYC3YMSucburzL2K
+usQjhxUeucdtLUT9ZyVF4s12TYehgOCi5mAjUU0XsIJR7wyIdWTBe47CKQ==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -537,8 +537,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA6-pathlen10, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -576,27 +576,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         b8:32:b6:b5:8a:90:09:c7:d2:11:7d:f7:8f:14:5d:61:80:cf:
-         e8:ac:65:bf:d7:08:51:3c:60:16:15:9e:e0:ec:7a:9b:87:0c:
-         bc:ad:56:67:de:1b:a5:d4:54:53:da:73:e8:27:8f:02:77:73:
-         12:86:99:22:3a:32:77:50:48:38:2b:c1:9f:46:81:26:10:0a:
-         ee:24:a2:ae:42:dc:81:14:d3:b7:10:2f:11:aa:bb:70:ba:9c:
-         82:29:c8:2c:3e:e0:6b:8e:fb:e4:39:33:fc:ef:2f:d7:70:3a:
-         09:f5:d3:85:af:b3:59:00:b4:c6:2b:c5:1a:6b:3a:a7:4b:bb:
-         74:87:e1:dd:8f:9c:05:47:08:7b:0d:86:b6:35:97:67:a5:ac:
-         8c:d2:fc:dd:e0:0b:ab:8c:15:82:0c:c8:38:f1:37:83:86:b4:
-         0e:24:e8:5b:df:5e:e4:6b:e3:43:dc:b2:d9:c7:52:ca:cb:bd:
-         a2:e0:3d:75:8a:03:4c:5d:a7:2f:7e:ba:64:2f:69:e7:df:a7:
-         09:22:f8:b7:a0:59:94:fd:95:31:ee:d6:5f:5e:f9:84:3c:fe:
-         ba:75:f8:8f:59:80:0c:da:64:21:43:7b:44:4a:fd:ae:f4:43:
-         7d:b9:4a:30:8c:21:c5:11:1c:0b:e9:3c:cd:3e:ea:49:5a:c5:
-         10:ff:00:c1
+         74:9d:3a:da:91:b6:e0:2d:7d:89:b6:6d:16:7d:f0:28:ba:9f:
+         e5:52:a0:21:92:06:77:77:9a:9a:78:47:56:de:39:4d:64:43:
+         1c:e7:06:02:fd:00:42:1d:2d:71:ef:6e:a3:4f:39:1a:e9:fc:
+         8d:9c:94:32:60:a9:56:12:ee:69:7f:59:ef:30:5f:c4:d6:56:
+         26:1a:9a:bb:c4:ec:01:09:0a:e3:14:ab:44:41:08:75:2a:6b:
+         80:69:58:5d:2e:1a:2a:00:26:0c:b0:36:cd:fb:c1:87:7e:b8:
+         58:ce:4d:32:57:e5:62:2e:64:e3:c9:52:67:21:28:40:16:88:
+         b2:37:19:e0:93:c8:4c:ca:f9:2b:1d:2c:d9:91:82:ac:b4:79:
+         d9:90:79:e5:95:76:03:a2:6b:d8:ef:24:66:1d:a3:3b:6f:c6:
+         0c:95:f2:c3:59:37:f9:87:db:e6:a6:e5:f1:6f:70:92:60:e0:
+         6d:cd:b8:14:69:95:26:56:2c:cc:0e:7e:d4:39:dd:6e:44:32:
+         eb:27:15:00:0f:fa:02:60:32:a5:6c:69:f0:cd:31:c6:b8:ff:
+         1c:59:2f:0f:4d:28:9b:67:79:ea:4f:2c:a6:e0:f1:cf:19:3f:
+         4f:44:2c:61:2e:08:48:cb:11:e2:82:8a:c0:88:53:ad:6b:ba:
+         7e:d6:fa:61
 -----BEGIN CERTIFICATE-----
 MIIEyTCCA7GgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluRy1JQ0E3LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBojELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBojELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHjAcBgNV
 BAMMFWNoYWluRy1JQ0E2LXBhdGhsZW4xMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3
@@ -612,12 +612,12 @@ lzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgw
 FgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29s
 ZnNzbC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBCjALBgNVHQ8EBAMCAQYwDQYJKoZI
-hvcNAQELBQADggEBALgytrWKkAnH0hF9948UXWGAz+isZb/XCFE8YBYVnuDsepuH
-DLytVmfeG6XUVFPac+gnjwJ3cxKGmSI6MndQSDgrwZ9GgSYQCu4koq5C3IEU07cQ
-LxGqu3C6nIIpyCw+4GuO++Q5M/zvL9dwOgn104Wvs1kAtMYrxRprOqdLu3SH4d2P
-nAVHCHsNhrY1l2elrIzS/N3gC6uMFYIMyDjxN4OGtA4k6FvfXuRr40PcstnHUsrL
-vaLgPXWKA0xdpy9+umQvaeffpwki+LegWZT9lTHu1l9e+YQ8/rp1+I9ZgAzaZCFD
-e0RK/a70Q325SjCMIcURHAvpPM0+6klaxRD/AME=
+hvcNAQELBQADggEBAHSdOtqRtuAtfYm2bRZ98Ci6n+VSoCGSBnd3mpp4R1beOU1k
+QxznBgL9AEIdLXHvbqNPORrp/I2clDJgqVYS7ml/We8wX8TWViYamrvE7AEJCuMU
+q0RBCHUqa4BpWF0uGioAJgywNs37wYd+uFjOTTJX5WIuZOPJUmchKEAWiLI3GeCT
+yEzK+SsdLNmRgqy0edmQeeWVdgOia9jvJGYdoztvxgyV8sNZN/mH2+am5fFvcJJg
+4G3NuBRplSZWLMwOftQ53W5EMusnFQAP+gJgMqVsafDNMca4/xxZLw9NKJtneepP
+LKbg8c8ZP09ELGEuCEjLEeKCisCIU61run7W+mE=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -626,8 +626,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA7-pathlen100, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -658,34 +658,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:100
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         63:fb:c6:05:34:72:7a:ac:41:40:db:7d:45:03:24:24:fc:52:
-         15:95:24:05:f9:26:89:ba:59:21:5e:6a:e6:86:86:28:85:f0:
-         cf:46:3f:90:a1:46:3a:3b:0f:bd:2f:91:b6:59:6f:f1:b6:25:
-         12:85:7a:e0:eb:18:9e:21:a1:dd:4a:68:df:91:01:47:35:02:
-         4e:8a:f7:4b:15:30:e2:d1:bf:94:6e:c2:7a:d1:78:b3:ff:6d:
-         23:4f:83:bb:3c:f7:aa:1d:07:09:d9:9a:1d:96:77:e3:3d:4b:
-         4f:de:d9:29:1a:9c:d7:a4:03:ac:55:6f:59:b6:6a:5d:4e:ae:
-         02:42:15:4c:9e:7c:57:a5:a6:35:c6:6a:44:ea:59:36:87:68:
-         1d:16:4c:63:96:c0:9f:7c:5d:fd:cd:bb:fe:5c:d6:08:86:9a:
-         60:ae:60:b6:2d:b2:a1:f6:6e:0a:47:d6:e2:95:f5:ff:5d:0d:
-         46:a4:b5:1d:bf:96:25:11:84:07:77:1f:29:8e:4f:22:8e:65:
-         07:e0:e8:c2:47:e8:c6:3a:9d:ff:df:19:f3:9f:83:be:b4:91:
-         8c:0b:84:e0:2a:9e:8b:7a:e0:cf:72:d5:3e:2a:5a:ff:24:eb:
-         92:7b:ed:0c:42:5c:ca:cc:ee:aa:04:37:87:63:f2:22:95:e3:
-         ea:5b:00:b9
+         18:8c:dc:f0:e2:14:b8:33:68:ed:a7:5e:f9:12:72:93:58:a0:
+         91:2a:d5:87:77:21:24:e9:b6:af:d3:af:55:8b:31:1c:a8:bb:
+         3a:30:94:bb:aa:d4:5e:bb:17:d1:93:57:51:e6:32:f0:c7:e6:
+         76:86:06:6d:c7:2a:35:c2:a3:2f:54:d6:bf:b1:25:7e:e4:0b:
+         1a:dd:62:ce:34:d5:18:b4:4d:d0:76:52:d4:63:00:8b:90:72:
+         4e:77:ff:c1:1b:bf:31:d1:6d:d2:75:69:5a:0c:a6:b2:42:e7:
+         97:c9:a1:47:50:16:89:ee:20:ee:e7:c0:c8:06:7f:5e:55:0a:
+         79:90:ed:2d:11:83:49:23:f0:89:08:cb:9c:84:6e:f5:6b:fe:
+         b2:2c:16:0e:74:d9:a8:35:9b:1d:1c:6a:ab:58:dd:32:09:d2:
+         67:c2:eb:27:18:8e:70:31:58:c2:f1:20:06:98:ac:39:5a:c2:
+         0b:43:60:a8:74:35:b1:32:bd:83:4b:df:db:18:46:e1:ac:7e:
+         13:4a:09:6b:05:98:7a:98:e9:e0:1a:1d:a7:88:34:c6:4b:06:
+         14:69:78:8d:29:83:c2:ee:52:af:00:a3:4d:d8:61:04:5a:0c:
+         e5:62:f4:c7:ac:8a:f3:7d:90:10:08:7c:15:d1:37:01:3c:bc:
+         89:f8:60:24
 -----BEGIN CERTIFICATE-----
 MIIEzjCCA7agAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBozELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNoYWluRy1JQ0E3
 LXBhdGhsZW4xMDAxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wggEi
@@ -699,12 +699,12 @@ AAGjggEYMIIBFDAdBgNVHQ4EFgQUEuSkGYWuhbfW62ME1bmwfldfDBYwgdQGA1Ud
 IwSBzDCByYAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYT
 AlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQK
 DAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3Lndv
-bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQsgM7b
-R50HZpI9aNfKrJBPymlBSzAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAY/vGBTRyeqxBQNt9RQMkJPxSFZUkBfkmibpZIV5q
-5oaGKIXwz0Y/kKFGOjsPvS+Rtllv8bYlEoV64OsYniGh3Upo35EBRzUCTor3SxUw
-4tG/lG7CetF4s/9tI0+Duzz3qh0HCdmaHZZ34z1LT97ZKRqc16QDrFVvWbZqXU6u
-AkIVTJ58V6WmNcZqROpZNodoHRZMY5bAn3xd/c27/lzWCIaaYK5gti2yofZuCkfW
-4pX1/10NRqS1Hb+WJRGEB3cfKY5PIo5lB+Dowkfoxjqd/98Z85+DvrSRjAuE4Cqe
-i3rgz3LVPipa/yTrknvtDEJcyszuqgQ3h2PyIpXj6lsAuQ==
+bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tghQzRBqo
+bAHs9mDycFEKTNEU+rzpRDAPBgNVHRMECDAGAQH/AgFkMAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEAGIzc8OIUuDNo7ade+RJyk1igkSrVh3chJOm2r9Ov
+VYsxHKi7OjCUu6rUXrsX0ZNXUeYy8MfmdoYGbccqNcKjL1TWv7ElfuQLGt1izjTV
+GLRN0HZS1GMAi5ByTnf/wRu/MdFt0nVpWgymskLnl8mhR1AWie4g7ufAyAZ/XlUK
+eZDtLRGDSSPwiQjLnIRu9Wv+siwWDnTZqDWbHRxqq1jdMgnSZ8LrJxiOcDFYwvEg
+BpisOVrCC0NgqHQ1sTK9g0vf2xhG4ax+E0oJawWYepjp4Bodp4g0xksGFGl4jSmD
+wu5SrwCjTdhhBFoM5WL0x6yK832QEAh8FdE3ATy8ifhgJA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
index 471caf30..e1b5a307 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainG-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainG-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         a9:28:b3:d9:91:da:b9:0b:35:94:8d:b0:53:7c:6c:0d:b7:ab:
-         41:7b:72:42:48:5b:13:6f:15:4b:df:cd:69:48:01:f4:b7:6d:
-         4d:c3:be:85:91:31:1b:f7:54:e8:3e:6c:b7:ad:29:16:9b:f7:
-         99:f4:67:a6:cb:96:7e:5b:8a:32:41:20:89:88:8d:a0:f2:81:
-         3a:50:14:66:06:9b:eb:c0:ee:bb:d1:0c:84:7c:e3:bb:b6:92:
-         62:68:3b:b0:0d:c2:ed:f4:d1:7f:8f:15:8c:1a:fd:fe:9d:be:
-         84:0d:47:53:ad:c6:d7:60:52:71:5d:65:0a:28:aa:22:03:73:
-         cf:1f:d6:e1:1a:5c:b7:54:83:93:c8:38:bc:3b:64:50:91:f5:
-         ff:65:fd:3e:4b:fc:8c:96:80:c0:51:1f:14:16:3a:35:f2:93:
-         67:99:dd:e3:8d:10:52:25:a9:1b:9f:43:7a:9a:31:ae:f1:9e:
-         49:cb:17:e8:8b:17:59:42:7d:15:82:d8:4b:a4:02:d9:ea:96:
-         69:0e:01:de:8c:47:63:54:88:b1:df:31:fd:16:8c:53:22:81:
-         62:e3:96:10:b2:21:af:4b:72:82:66:aa:d1:06:09:f4:bd:00:
-         b6:f1:7a:4a:48:82:61:f5:de:c3:04:17:3a:83:46:38:b7:ff:
-         db:26:0e:f9
+         27:b7:93:b7:fd:71:ab:7c:a5:a2:8e:e7:4c:77:67:4c:f2:28:
+         b7:82:bb:4a:85:95:bf:84:57:04:49:ac:be:02:cc:6b:fd:0f:
+         d8:66:c8:a0:eb:40:55:cf:a1:e3:d1:e0:fe:9a:40:b5:2e:ee:
+         b2:bf:48:fa:20:57:fd:c7:df:de:68:8f:82:5d:58:ec:25:0a:
+         a8:97:73:dc:e6:66:f5:49:64:9a:e9:b1:e2:86:4e:d1:04:59:
+         0f:32:e1:c5:dd:d4:39:b0:ad:e9:cc:ad:87:ef:ab:8e:fe:74:
+         4c:7e:b2:cb:41:3c:54:ed:b7:8d:4b:fd:97:6e:26:22:32:9e:
+         94:26:aa:45:7d:65:c1:c8:10:67:63:09:09:42:04:04:9d:0c:
+         53:bb:18:f6:ce:af:dc:e7:63:d4:c8:bb:b4:6a:86:52:45:6a:
+         96:a1:54:3d:8c:25:7d:1a:b1:16:65:7a:8b:ec:01:fa:c4:73:
+         98:49:3c:c3:18:2f:48:3e:45:10:45:c0:85:2c:16:88:65:2b:
+         02:0b:0b:02:67:d2:2a:1d:bd:66:14:f5:8d:d1:8e:f8:eb:7a:
+         b5:db:4e:f7:ce:fa:6f:67:a0:a2:6b:37:85:7a:f7:34:8a:71:
+         9a:e5:34:2a:fd:6a:4a:ec:3e:38:e3:30:89:f3:e6:c4:a9:a6:
+         a4:79:35:9b
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluRy1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkctZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRHwBlL7cTal7Fg6loKQm2l09glMaGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluRy1JQ0EyLXBhdGhsZW4xMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAKkos9mR
-2rkLNZSNsFN8bA23q0F7ckJIWxNvFUvfzWlIAfS3bU3DvoWRMRv3VOg+bLetKRab
-95n0Z6bLln5bijJBIImIjaDygTpQFGYGm+vA7rvRDIR847u2kmJoO7ANwu300X+P
-FYwa/f6dvoQNR1OtxtdgUnFdZQooqiIDc88f1uEaXLdUg5PIOLw7ZFCR9f9l/T5L
-/IyWgMBRHxQWOjXyk2eZ3eONEFIlqRufQ3qaMa7xnknLF+iLF1lCfRWC2EukAtnq
-lmkOAd6MR2NUiLHfMf0WjFMigWLjlhCyIa9LcoJmqtEGCfS9ALbxekpIgmH13sME
-FzqDRji3/9smDvk=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBACe3k7f9
+cat8paKO50x3Z0zyKLeCu0qFlb+EVwRJrL4CzGv9D9hmyKDrQFXPoePR4P6aQLUu
+7rK/SPogV/3H395oj4JdWOwlCqiXc9zmZvVJZJrpseKGTtEEWQ8y4cXd1DmwrenM
+rYfvq47+dEx+sstBPFTtt41L/ZduJiIynpQmqkV9ZcHIEGdjCQlCBASdDFO7GPbO
+r9znY9TIu7RqhlJFapahVD2MJX0asRZleovsAfrEc5hJPMMYL0g+RRBFwIUsFohl
+KwILCwJn0iodvWYU9Y3RjvjrerXbTvfO+m9noKJrN4V69zSKcZrlNCr9akrsPjjj
+MInz5sSppqR5NZs=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
index 5d82aa7e..6ffe410d 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA1-pathlen0.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         67:71:5e:c4:8d:05:a0:36:70:9d:32:66:44:00:69:81:ff:a0:
-         ff:2d:63:e2:79:5f:5e:c1:1b:8c:97:6d:e3:82:b2:a4:ca:fb:
-         2b:e5:9d:bb:07:67:1d:b2:a9:84:fb:b9:cd:54:31:dc:2f:c2:
-         70:8b:ec:fb:92:c6:38:9b:a8:d4:9d:98:5d:a4:fc:92:5e:c5:
-         1c:ac:fd:76:31:11:59:0b:c2:b8:e0:b5:19:dd:4c:ec:fc:81:
-         63:31:4c:00:72:e5:87:f5:aa:4a:a5:e9:b4:db:52:0d:7c:62:
-         00:36:c4:ac:e1:bf:1d:ea:f8:9f:6c:a1:bc:8c:7a:4f:71:dc:
-         7c:32:0e:de:c1:05:99:72:3c:a9:f6:9a:b9:f3:0d:09:db:74:
-         1b:8e:0a:3e:84:93:21:2c:2d:38:2b:53:84:3b:8b:b3:49:07:
-         c9:ea:f0:09:2a:1f:f9:f9:f4:ad:17:df:ca:09:74:98:51:3f:
-         91:a3:d3:7d:61:79:55:00:0a:51:74:7d:96:0b:b3:95:04:32:
-         e2:55:41:f7:fd:a3:12:2a:2f:92:14:d5:19:c7:50:8e:38:42:
-         71:fe:4c:e0:31:56:7d:e4:a2:28:60:ea:b0:ac:75:47:69:fb:
-         84:af:2b:62:14:8f:d3:bb:48:19:80:53:56:ae:2c:39:92:ca:
-         3f:b6:22:72
+         84:70:f5:e6:36:95:d1:b9:43:99:0b:7e:a9:b1:2f:5a:4a:58:
+         3f:73:83:a1:90:9e:b5:86:10:fb:0e:46:22:38:92:f2:07:19:
+         20:c3:82:f0:8d:38:4f:39:38:6b:bc:43:15:fe:b4:c2:78:49:
+         d4:78:2e:6e:41:cb:f8:c6:ed:b9:8c:76:ad:b6:d4:68:fa:82:
+         55:cc:b2:60:d5:ce:8c:bb:7a:dd:19:29:4e:c8:c6:f8:2a:1a:
+         b4:e7:8e:31:e8:63:76:bf:6e:77:98:3e:98:70:18:fb:d7:f5:
+         cc:47:da:35:54:d8:77:6e:54:db:3c:b0:b8:81:f0:ae:e2:a1:
+         92:ea:c4:dd:0c:4b:fa:15:82:e0:4b:c8:cc:81:1d:54:2b:53:
+         c9:ed:06:00:28:e7:c5:37:d0:46:14:24:5c:6f:d4:a8:d9:c6:
+         e5:57:8d:0a:66:27:89:93:fc:c3:46:0c:40:b6:eb:f3:52:16:
+         d5:ed:21:ee:20:89:bd:ff:12:6d:7b:8e:7d:9d:1a:41:f4:0c:
+         1c:ef:2d:ee:82:cf:9b:ca:8e:3e:fa:6c:13:79:13:5a:93:c4:
+         d8:99:1a:88:f0:c7:4c:76:4e:e7:b9:f3:1a:ec:77:42:c8:60:
+         f8:f6:2a:50:df:16:fa:bc:00:06:57:23:a9:34:c5:6f:d9:82:
+         00:78:1b:58
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBncV7EjQWgNnCdMmZEAGmB/6D/LWPieV9e
-wRuMl23jgrKkyvsr5Z27B2cdsqmE+7nNVDHcL8Jwi+z7ksY4m6jUnZhdpPySXsUc
-rP12MRFZC8K44LUZ3Uzs/IFjMUwAcuWH9apKpem021INfGIANsSs4b8d6vifbKG8
-jHpPcdx8Mg7ewQWZcjyp9pq58w0J23Qbjgo+hJMhLC04K1OEO4uzSQfJ6vAJKh/5
-+fStF9/KCXSYUT+Ro9N9YXlVAApRdH2WC7OVBDLiVUH3/aMSKi+SFNUZx1COOEJx
-/kzgMVZ95KIoYOqwrHVHafuErytiFI/Tu0gZgFNWriw5kso/tiJy
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCEcPXmNpXRuUOZC36psS9aSlg/c4OhkJ61
+hhD7DkYiOJLyBxkgw4LwjThPOThrvEMV/rTCeEnUeC5uQcv4xu25jHatttRo+oJV
+zLJg1c6Mu3rdGSlOyMb4Khq0544x6GN2v253mD6YcBj71/XMR9o1VNh3blTbPLC4
+gfCu4qGS6sTdDEv6FYLgS8jMgR1UK1PJ7QYAKOfFN9BGFCRcb9So2cblV40KZieJ
+k/zDRgxAtuvzUhbV7SHuIIm9/xJte459nRpB9Awc7y3ugs+byo4++mwTeRNak8TY
+mRqI8MdMdk7nufMa7HdCyGD49ipQ3xb6vAAGVyOpNMVv2YIAeBtY
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
index 59a4a9d7..c9426490 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA2-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         3d:c2:65:7b:7b:a6:66:c7:30:5d:48:24:b1:ac:ca:7f:88:d8:
-         ee:9a:cd:52:b2:96:59:b2:dd:f1:c4:9b:23:35:66:f2:25:7c:
-         53:b2:1f:30:53:7d:64:d7:27:4a:dd:83:01:bf:3d:26:d3:d3:
-         fc:f4:84:8a:23:78:f9:b4:b3:f4:d1:9b:6e:a3:22:ec:fe:6e:
-         04:0f:00:54:ed:57:53:88:b9:03:3b:b3:e9:ba:6b:cd:78:f6:
-         f1:d9:da:10:41:fb:84:a2:e9:1b:05:0b:14:bd:74:9a:c2:41:
-         2c:b7:4b:bf:49:3f:db:48:5b:00:58:21:b3:0b:e2:e9:d5:76:
-         fc:86:da:73:23:a1:7a:28:33:f8:cb:29:9d:c1:0e:a0:39:dc:
-         81:17:c0:04:a1:1e:46:c8:d4:8f:88:79:0b:a8:98:32:ae:13:
-         98:92:72:74:55:7c:9c:33:f4:4c:65:4d:cc:28:6f:3a:8e:77:
-         dc:cd:40:97:d5:33:b0:6c:26:02:1b:be:69:9b:77:11:ac:42:
-         85:85:e1:9a:5a:1e:60:49:45:14:85:3e:8c:ca:1f:49:96:5e:
-         0c:d3:1a:7e:f0:90:8e:10:71:1c:70:19:57:53:3b:bd:75:db:
-         27:a5:3f:ba:9d:a2:1b:e1:f2:cc:1b:cf:48:b7:b8:f0:23:e8:
-         e6:02:86:7a
+         8f:ee:27:f5:45:63:56:eb:66:f5:c7:4f:b0:4a:16:ca:2a:e1:
+         de:75:7d:8b:09:12:0c:65:fe:a2:59:66:5e:b1:9f:1a:fc:e5:
+         a5:e5:c9:9b:4f:77:f1:87:8a:a7:36:2d:67:4d:ec:19:13:e3:
+         c1:9c:95:a5:90:ec:0f:39:5b:da:42:9f:73:6c:56:1f:aa:a8:
+         fb:69:82:a7:b2:21:b5:f7:fe:4e:1d:02:fc:30:e8:08:14:d8:
+         86:db:ca:31:da:4d:b8:9c:91:2b:45:b4:70:6b:87:9e:e5:4c:
+         ea:b4:7a:75:18:1e:4c:db:e8:b1:e7:f0:50:43:59:38:31:46:
+         57:59:ae:60:f8:8d:68:b6:49:3c:a5:4e:19:4c:e3:03:ef:5b:
+         bd:c0:9d:12:ba:b3:cb:f2:35:7a:81:a8:3b:95:9c:66:35:a2:
+         94:79:bb:c0:cd:cd:cb:32:d2:8d:ef:89:c6:1c:28:f1:c2:6c:
+         53:c7:fc:de:5e:c9:de:7e:11:61:d9:d7:b1:5e:61:d7:f1:a7:
+         e8:62:e1:f5:0f:f3:17:e8:e5:43:98:3b:cc:b7:cf:a4:ae:92:
+         6b:16:51:ea:38:5f:5e:59:74:87:72:aa:5e:5f:21:dd:d8:6c:
+         8a:e2:7d:11:5b:c1:5c:e9:76:aa:4f:60:46:51:5e:c0:b2:d3:
+         9b:f6:ba:ca
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA9wmV7e6ZmxzBdSCSxrMp/iNjums1SspZZ
-st3xxJsjNWbyJXxTsh8wU31k1ydK3YMBvz0m09P89ISKI3j5tLP00ZtuoyLs/m4E
-DwBU7VdTiLkDO7PpumvNePbx2doQQfuEoukbBQsUvXSawkEst0u/ST/bSFsAWCGz
-C+Lp1Xb8htpzI6F6KDP4yymdwQ6gOdyBF8AEoR5GyNSPiHkLqJgyrhOYknJ0VXyc
-M/RMZU3MKG86jnfczUCX1TOwbCYCG75pm3cRrEKFheGaWh5gSUUUhT6Myh9Jll4M
-0xp+8JCOEHEccBlXUzu9ddsnpT+6naIb4fLMG89It7jwI+jmAoZ6
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCP7if1RWNW62b1x0+wShbKKuHedX2LCRIM
+Zf6iWWZesZ8a/OWl5cmbT3fxh4qnNi1nTewZE+PBnJWlkOwPOVvaQp9zbFYfqqj7
+aYKnsiG19/5OHQL8MOgIFNiG28ox2k24nJErRbRwa4ee5UzqtHp1GB5M2+ix5/BQ
+Q1k4MUZXWa5g+I1otkk8pU4ZTOMD71u9wJ0SurPL8jV6gag7lZxmNaKUebvAzc3L
+MtKN74nGHCjxwmxTx/zeXsnefhFh2dexXmHX8afoYuH1D/MX6OVDmDvMt8+krpJr
+FlHqOF9eWXSHcqpeXyHd2GyK4n0RW8Fc6XaqT2BGUV7AstOb9rrK
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
index de800b1c..f28899d6 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA3-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         7a:d0:31:91:2e:bb:e2:77:ba:ae:e1:66:18:43:51:d5:28:ad:
-         63:41:4d:35:9a:98:ea:c0:87:5d:71:f0:1f:d2:3f:56:d0:1f:
-         82:04:d2:c1:72:ec:3f:93:6d:b4:36:5a:db:0c:9f:70:d9:65:
-         81:6e:12:31:f9:24:e1:c7:2e:32:5a:e4:96:fd:53:ec:6b:1f:
-         6d:2c:dc:04:1c:1a:dc:8a:5d:04:1b:16:fc:15:8a:7c:8c:e9:
-         c1:dd:c6:dc:71:8d:72:6f:b1:c9:93:f7:ca:a3:14:54:93:44:
-         92:58:41:a4:8a:fc:55:fd:63:42:1d:0f:5f:72:aa:38:b6:02:
-         cb:e1:b1:e3:57:e7:87:a1:05:c8:9c:9b:49:73:0e:58:9d:30:
-         b5:fb:75:0c:8c:44:86:e0:c2:bc:90:60:ce:2c:ea:0a:39:fc:
-         7c:e4:d1:44:55:34:e8:ce:04:a4:19:ad:00:2c:05:f1:65:24:
-         6b:c7:d1:76:37:dd:33:91:86:3c:ad:b7:bc:53:4d:4a:50:ff:
-         d0:9c:89:4b:19:aa:40:d0:45:80:e8:d4:96:82:5b:54:68:ac:
-         d5:6c:77:46:b2:8d:82:ff:b5:81:71:90:84:6e:94:4b:e2:02:
-         9f:c5:24:97:8e:0a:2e:71:57:8f:03:19:cb:a2:39:c0:1d:14:
-         e0:52:04:af
+         75:ad:f2:f8:79:a5:c6:0d:4a:35:07:f6:75:1c:6c:0e:bf:3d:
+         d7:fc:81:de:57:9f:3f:f0:c9:8e:75:b8:23:0d:36:22:d6:d9:
+         57:dc:c0:5b:a4:9a:fa:ef:2a:b5:ad:e2:c5:96:84:1a:84:49:
+         a8:17:b7:2e:fd:45:21:8f:e4:f1:8a:e5:64:bb:50:96:31:62:
+         d7:4a:11:f4:fa:78:5b:bb:0d:0a:0e:91:bb:84:e8:c6:5d:1a:
+         03:1e:4b:50:5d:c5:03:f5:a3:32:fa:6c:5e:a8:c5:12:b4:5a:
+         c4:e6:ff:36:c3:4d:a7:1a:d1:b2:71:dd:89:1a:b2:08:46:60:
+         bb:8e:bb:df:bd:b9:0f:45:3d:25:06:eb:a7:95:11:a6:32:ee:
+         a0:2c:4c:2f:81:54:6f:54:16:d7:c3:85:6e:c4:78:43:a3:48:
+         2f:81:03:81:c2:02:0a:84:9d:a8:b5:3f:02:b4:c0:fd:b5:d5:
+         2f:f0:48:d7:0f:98:cb:0f:ca:e4:9c:1a:d8:1c:10:31:4b:9e:
+         9b:a9:44:63:03:a0:a0:de:bc:bd:0f:d9:5a:fa:81:f2:d5:7d:
+         de:4b:06:88:b8:0e:98:5c:fb:60:a2:10:e9:ad:38:c7:05:09:
+         9d:c9:bc:24:89:29:84:a5:3a:76:d9:ec:b8:9c:c7:9a:02:7e:
+         23:d6:1b:65
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -80,10 +80,10 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAHrQMZEuu+J3uq7hZhhDUdUorWNBTTWamOrAh11x8B/SP1bQH4IE
-0sFy7D+TbbQ2WtsMn3DZZYFuEjH5JOHHLjJa5Jb9U+xrH20s3AQcGtyKXQQbFvwV
-inyM6cHdxtxxjXJvscmT98qjFFSTRJJYQaSK/FX9Y0IdD19yqji2AsvhseNX54eh
-Bcicm0lzDlidMLX7dQyMRIbgwryQYM4s6go5/Hzk0URVNOjOBKQZrQAsBfFlJGvH
-0XY33TORhjytt7xTTUpQ/9CciUsZqkDQRYDo1JaCW1RorNVsd0ayjYL/tYFxkIRu
-lEviAp/FJJeOCi5xV48DGcuiOcAdFOBSBK8=
+AQELBQADggEBAHWt8vh5pcYNSjUH9nUcbA6/Pdf8gd5Xnz/wyY51uCMNNiLW2Vfc
+wFukmvrvKrWt4sWWhBqESagXty79RSGP5PGK5WS7UJYxYtdKEfT6eFu7DQoOkbuE
+6MZdGgMeS1BdxQP1ozL6bF6oxRK0WsTm/zbDTaca0bJx3YkasghGYLuOu9+9uQ9F
+PSUG66eVEaYy7qAsTC+BVG9UFtfDhW7EeEOjSC+BA4HCAgqEnai1PwK0wP211S/w
+SNcPmMsPyuScGtgcEDFLnpupRGMDoKDevL0P2Vr6gfLVfd5LBoi4Dphc+2CiEOmt
+OMcFCZ3JvCSJKYSlOnbZ7Licx5oCfiPWG2U=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
index 0d68334c..6f7c4e2c 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-ICA4-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         05:f4:24:ed:e2:f9:84:cf:1b:3d:6c:79:4f:3c:25:6b:3c:96:
-         ab:15:90:b3:77:07:90:f8:3e:82:e6:e4:3e:d9:a5:a7:81:d2:
-         fd:34:23:1d:ed:97:b5:33:aa:5d:7c:ab:06:12:03:e4:18:21:
-         7b:83:f0:17:cd:43:12:d6:e6:4d:a3:a9:48:71:b8:f8:0c:af:
-         25:ff:72:4d:f0:37:9d:c4:46:3f:3c:69:96:3d:00:96:31:30:
-         96:9f:44:9a:eb:22:22:64:ae:7e:2f:a8:c7:3d:44:58:8b:8f:
-         82:9d:4d:e7:9a:45:fe:b3:d4:bd:54:3c:5a:24:c2:8f:39:50:
-         4d:24:0d:be:e1:4d:b8:1d:1d:a8:54:b5:6e:a0:d5:7f:96:ed:
-         c9:4d:7a:e3:e7:ec:0a:0f:2a:50:3b:90:ed:97:3f:df:2b:e1:
-         c3:fc:84:58:26:2d:1d:99:2b:3d:6f:aa:96:ae:01:76:86:0e:
-         55:c5:bb:17:24:20:74:c7:b1:9c:69:7b:41:c0:4e:5b:e1:5c:
-         a2:62:34:29:e1:4b:42:62:fd:0e:f3:68:48:b6:a2:6f:d2:f6:
-         15:2a:a4:a1:c1:86:88:9b:22:af:95:40:2a:64:26:e1:8e:4c:
-         f5:03:e0:ef:89:6d:ec:e0:46:46:32:7d:4b:6e:87:63:33:66:
-         f3:84:1d:7e
+         a1:6c:a3:2e:95:bb:e7:f0:f4:70:b8:8c:5a:a7:29:54:13:6a:
+         5b:13:e3:62:6a:b5:06:68:41:91:2f:84:97:1f:25:c1:db:18:
+         5d:09:26:04:ab:aa:2d:4d:59:2e:96:70:8f:0e:5d:0b:b8:b0:
+         db:5f:14:70:9e:00:d8:31:1f:65:54:47:69:5c:11:e8:0c:97:
+         2e:ff:0d:2e:ee:45:18:5b:aa:83:21:b1:5d:66:f0:b7:b3:99:
+         09:c6:fd:11:7e:b5:67:a0:d2:3b:a2:e9:b0:96:1d:42:ac:6e:
+         ce:f2:80:4e:8c:87:36:af:b5:c4:bc:fb:5d:18:40:d4:7d:3a:
+         0f:c8:9f:f1:95:bb:8a:ad:18:f8:3c:e0:49:da:36:26:17:8c:
+         87:75:79:80:5f:c4:5a:48:93:ed:62:93:73:55:a3:73:d4:ba:
+         3c:54:f4:b2:ad:70:af:8f:93:4f:a7:15:49:e0:cf:88:2a:1f:
+         bf:18:f5:13:e4:5b:d3:37:29:12:db:8c:4d:b6:93:0b:02:70:
+         47:84:cc:0a:e8:28:de:89:a1:43:0f:16:28:a9:be:85:6e:62:
+         44:5c:69:a0:33:67:bf:ee:80:37:46:25:e4:d2:ec:56:07:67:
+         e4:d6:e0:92:a1:2f:7c:d8:18:d0:7a:02:82:5b:48:3d:61:9b:
+         5f:65:db:af
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAAX0JO3i+YTPGz1seU88JWs8lqsVkLN3B5D4PoLm5D7Z
-paeB0v00Ix3tl7Uzql18qwYSA+QYIXuD8BfNQxLW5k2jqUhxuPgMryX/ck3wN53E
-Rj88aZY9AJYxMJafRJrrIiJkrn4vqMc9RFiLj4KdTeeaRf6z1L1UPFokwo85UE0k
-Db7hTbgdHahUtW6g1X+W7clNeuPn7AoPKlA7kO2XP98r4cP8hFgmLR2ZKz1vqpau
-AXaGDlXFuxckIHTHsZxpe0HATlvhXKJiNCnhS0Ji/Q7zaEi2om/S9hUqpKHBhoib
-Iq+VQCpkJuGOTPUD4O+JbezgRkYyfUtuh2MzZvOEHX4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAKFsoy6Vu+fw9HC4jFqnKVQTalsT42JqtQZoQZEvhJcf
+JcHbGF0JJgSrqi1NWS6WcI8OXQu4sNtfFHCeANgxH2VUR2lcEegMly7/DS7uRRhb
+qoMhsV1m8LezmQnG/RF+tWeg0jui6bCWHUKsbs7ygE6MhzavtcS8+10YQNR9Og/I
+n/GVu4qtGPg84EnaNiYXjId1eYBfxFpIk+1ik3NVo3PUujxU9LKtcK+Pk0+nFUng
+z4gqH78Y9RPkW9M3KRLbjE22kwsCcEeEzAroKN6JoUMPFiipvoVuYkRcaaAzZ7/u
+gDdGJeTS7FYHZ+TW4JKhL3zYGNB6AoJbSD1hm19l268=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
index d22cca53..8b3bc622 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         8c:b5:c8:f8:28:8c:cc:27:7c:21:36:75:2a:bc:af:5e:d6:7a:
-         d1:22:d5:1b:7a:a2:1a:5e:30:b5:38:64:2e:71:09:1c:db:a0:
-         99:44:5c:e8:c2:b5:06:ac:c1:ec:d8:30:74:65:62:f5:db:c2:
-         03:fa:54:e0:0f:c9:8a:d8:02:11:d3:58:a6:bc:7f:54:07:3b:
-         f7:6d:7d:db:18:d9:2a:01:57:38:fc:d4:18:86:84:38:8b:d0:
-         5c:8c:d7:47:2e:76:d3:92:c3:75:61:93:03:56:93:74:60:ff:
-         16:84:4a:70:f0:cc:0c:ed:d3:53:f9:fc:f7:b8:34:6a:5c:25:
-         78:ab:27:3f:ad:04:8f:c6:01:29:a8:b7:61:09:b0:7b:51:9b:
-         ca:6c:23:5b:0c:18:f3:63:ea:96:56:b9:1a:0f:ec:80:cd:29:
-         f6:fb:d1:df:65:34:e8:1f:62:c8:95:fa:be:27:cb:40:e7:26:
-         7f:18:7e:cc:5d:7d:19:9e:12:90:0b:d7:32:12:0d:cb:97:8e:
-         e8:3e:c3:1b:f6:a3:3c:e8:d0:35:63:de:66:89:5a:a3:ef:64:
-         3a:8f:e3:5f:d2:e6:64:82:7b:2f:2e:26:78:13:34:39:ed:9c:
-         f8:ad:f5:d6:75:d1:60:48:aa:19:41:98:1f:4e:ce:01:76:9d:
-         af:0f:6b:8d
+         06:45:21:fd:a8:95:fa:d4:96:c7:4f:83:6b:6c:c1:24:fa:b0:
+         14:42:db:7a:5c:7b:f4:8f:4e:66:78:bc:ff:65:bd:4a:a7:8e:
+         d0:78:33:6f:d2:aa:bb:9b:25:26:15:4d:9d:8e:39:16:99:70:
+         25:6a:2d:ee:78:54:80:13:71:f3:e1:6a:ec:56:57:1a:25:db:
+         8f:b3:64:22:d2:04:d1:b2:aa:ff:2c:d9:ae:6d:74:66:18:74:
+         58:38:4b:ec:77:69:f6:83:ed:4d:7d:4a:60:71:35:8e:14:02:
+         72:9e:93:22:a5:ca:d9:33:7e:12:c4:41:34:cf:c4:14:66:9a:
+         fa:04:aa:1f:e2:d9:5e:d3:42:9e:fa:c9:71:6e:f0:43:08:a7:
+         60:bc:eb:19:8e:70:09:24:12:6b:9a:10:60:fc:44:61:e3:f4:
+         0d:08:15:9e:a6:b3:7e:9b:be:d5:f9:63:9d:2f:be:c3:81:c6:
+         ef:e8:56:99:a2:58:f3:32:7c:c2:c2:b1:d9:6a:bd:51:79:eb:
+         18:02:44:b4:4e:e8:7c:3e:96:a4:ae:86:79:94:11:6f:1b:eb:
+         80:71:07:1f:4c:5d:88:67:39:62:6d:c2:0d:64:2a:07:66:48:
+         ca:b4:76:06:da:1c:40:24:77:34:a9:8b:26:d0:20:6b:94:25:
+         75:73:84:e7
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,13 +77,13 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAIy1yPgo
-jMwnfCE2dSq8r17WetEi1Rt6ohpeMLU4ZC5xCRzboJlEXOjCtQaswezYMHRlYvXb
-wgP6VOAPyYrYAhHTWKa8f1QHO/dtfdsY2SoBVzj81BiGhDiL0FyM10cudtOSw3Vh
-kwNWk3Rg/xaESnDwzAzt01P5/Pe4NGpcJXirJz+tBI/GASmot2EJsHtRm8psI1sM
-GPNj6pZWuRoP7IDNKfb70d9lNOgfYsiV+r4ny0DnJn8YfsxdfRmeEpAL1zISDcuX
-jug+wxv2ozzo0DVj3maJWqPvZDqP41/S5mSCey8uJngTNDntnPit9dZ10WBIqhlB
-mB9OzgF2na8Pa40=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAZFIf2o
+lfrUlsdPg2tswST6sBRC23pce/SPTmZ4vP9lvUqnjtB4M2/SqrubJSYVTZ2OORaZ
+cCVqLe54VIATcfPhauxWVxol24+zZCLSBNGyqv8s2a5tdGYYdFg4S+x3afaD7U19
+SmBxNY4UAnKekyKlytkzfhLEQTTPxBRmmvoEqh/i2V7TQp76yXFu8EMIp2C86xmO
+cAkkEmuaEGD8RGHj9A0IFZ6ms36bvtX5Y50vvsOBxu/oVpmiWPMyfMLCsdlqvVF5
+6xgCRLRO6Hw+lqSuhnmUEW8b64BxBx9MXYhnOWJtwg1kKgdmSMq0dgbaHEAkdzSp
+iybQIGuUJXVzhOc=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         67:71:5e:c4:8d:05:a0:36:70:9d:32:66:44:00:69:81:ff:a0:
-         ff:2d:63:e2:79:5f:5e:c1:1b:8c:97:6d:e3:82:b2:a4:ca:fb:
-         2b:e5:9d:bb:07:67:1d:b2:a9:84:fb:b9:cd:54:31:dc:2f:c2:
-         70:8b:ec:fb:92:c6:38:9b:a8:d4:9d:98:5d:a4:fc:92:5e:c5:
-         1c:ac:fd:76:31:11:59:0b:c2:b8:e0:b5:19:dd:4c:ec:fc:81:
-         63:31:4c:00:72:e5:87:f5:aa:4a:a5:e9:b4:db:52:0d:7c:62:
-         00:36:c4:ac:e1:bf:1d:ea:f8:9f:6c:a1:bc:8c:7a:4f:71:dc:
-         7c:32:0e:de:c1:05:99:72:3c:a9:f6:9a:b9:f3:0d:09:db:74:
-         1b:8e:0a:3e:84:93:21:2c:2d:38:2b:53:84:3b:8b:b3:49:07:
-         c9:ea:f0:09:2a:1f:f9:f9:f4:ad:17:df:ca:09:74:98:51:3f:
-         91:a3:d3:7d:61:79:55:00:0a:51:74:7d:96:0b:b3:95:04:32:
-         e2:55:41:f7:fd:a3:12:2a:2f:92:14:d5:19:c7:50:8e:38:42:
-         71:fe:4c:e0:31:56:7d:e4:a2:28:60:ea:b0:ac:75:47:69:fb:
-         84:af:2b:62:14:8f:d3:bb:48:19:80:53:56:ae:2c:39:92:ca:
-         3f:b6:22:72
+         84:70:f5:e6:36:95:d1:b9:43:99:0b:7e:a9:b1:2f:5a:4a:58:
+         3f:73:83:a1:90:9e:b5:86:10:fb:0e:46:22:38:92:f2:07:19:
+         20:c3:82:f0:8d:38:4f:39:38:6b:bc:43:15:fe:b4:c2:78:49:
+         d4:78:2e:6e:41:cb:f8:c6:ed:b9:8c:76:ad:b6:d4:68:fa:82:
+         55:cc:b2:60:d5:ce:8c:bb:7a:dd:19:29:4e:c8:c6:f8:2a:1a:
+         b4:e7:8e:31:e8:63:76:bf:6e:77:98:3e:98:70:18:fb:d7:f5:
+         cc:47:da:35:54:d8:77:6e:54:db:3c:b0:b8:81:f0:ae:e2:a1:
+         92:ea:c4:dd:0c:4b:fa:15:82:e0:4b:c8:cc:81:1d:54:2b:53:
+         c9:ed:06:00:28:e7:c5:37:d0:46:14:24:5c:6f:d4:a8:d9:c6:
+         e5:57:8d:0a:66:27:89:93:fc:c3:46:0c:40:b6:eb:f3:52:16:
+         d5:ed:21:ee:20:89:bd:ff:12:6d:7b:8e:7d:9d:1a:41:f4:0c:
+         1c:ef:2d:ee:82:cf:9b:ca:8e:3e:fa:6c:13:79:13:5a:93:c4:
+         d8:99:1a:88:f0:c7:4c:76:4e:e7:b9:f3:1a:ec:77:42:c8:60:
+         f8:f6:2a:50:df:16:fa:bc:00:06:57:23:a9:34:c5:6f:d9:82:
+         00:78:1b:58
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMS1wYXRobGVuMDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -167,12 +167,12 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQAwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQBncV7EjQWgNnCdMmZEAGmB/6D/LWPieV9e
-wRuMl23jgrKkyvsr5Z27B2cdsqmE+7nNVDHcL8Jwi+z7ksY4m6jUnZhdpPySXsUc
-rP12MRFZC8K44LUZ3Uzs/IFjMUwAcuWH9apKpem021INfGIANsSs4b8d6vifbKG8
-jHpPcdx8Mg7ewQWZcjyp9pq58w0J23Qbjgo+hJMhLC04K1OEO4uzSQfJ6vAJKh/5
-+fStF9/KCXSYUT+Ro9N9YXlVAApRdH2WC7OVBDLiVUH3/aMSKi+SFNUZx1COOEJx
-/kzgMVZ95KIoYOqwrHVHafuErytiFI/Tu0gZgFNWriw5kso/tiJy
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCEcPXmNpXRuUOZC36psS9aSlg/c4OhkJ61
+hhD7DkYiOJLyBxkgw4LwjThPOThrvEMV/rTCeEnUeC5uQcv4xu25jHatttRo+oJV
+zLJg1c6Mu3rdGSlOyMb4Khq0544x6GN2v253mD6YcBj71/XMR9o1VNh3blTbPLC4
+gfCu4qGS6sTdDEv6FYLgS8jMgR1UK1PJ7QYAKOfFN9BGFCRcb9So2cblV40KZieJ
+k/zDRgxAtuvzUhbV7SHuIIm9/xJte459nRpB9Awc7y3ugs+byo4++mwTeRNak8TY
+mRqI8MdMdk7nufMa7HdCyGD49ipQ3xb6vAAGVyOpNMVv2YIAeBtY
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA2-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         3d:c2:65:7b:7b:a6:66:c7:30:5d:48:24:b1:ac:ca:7f:88:d8:
-         ee:9a:cd:52:b2:96:59:b2:dd:f1:c4:9b:23:35:66:f2:25:7c:
-         53:b2:1f:30:53:7d:64:d7:27:4a:dd:83:01:bf:3d:26:d3:d3:
-         fc:f4:84:8a:23:78:f9:b4:b3:f4:d1:9b:6e:a3:22:ec:fe:6e:
-         04:0f:00:54:ed:57:53:88:b9:03:3b:b3:e9:ba:6b:cd:78:f6:
-         f1:d9:da:10:41:fb:84:a2:e9:1b:05:0b:14:bd:74:9a:c2:41:
-         2c:b7:4b:bf:49:3f:db:48:5b:00:58:21:b3:0b:e2:e9:d5:76:
-         fc:86:da:73:23:a1:7a:28:33:f8:cb:29:9d:c1:0e:a0:39:dc:
-         81:17:c0:04:a1:1e:46:c8:d4:8f:88:79:0b:a8:98:32:ae:13:
-         98:92:72:74:55:7c:9c:33:f4:4c:65:4d:cc:28:6f:3a:8e:77:
-         dc:cd:40:97:d5:33:b0:6c:26:02:1b:be:69:9b:77:11:ac:42:
-         85:85:e1:9a:5a:1e:60:49:45:14:85:3e:8c:ca:1f:49:96:5e:
-         0c:d3:1a:7e:f0:90:8e:10:71:1c:70:19:57:53:3b:bd:75:db:
-         27:a5:3f:ba:9d:a2:1b:e1:f2:cc:1b:cf:48:b7:b8:f0:23:e8:
-         e6:02:86:7a
+         8f:ee:27:f5:45:63:56:eb:66:f5:c7:4f:b0:4a:16:ca:2a:e1:
+         de:75:7d:8b:09:12:0c:65:fe:a2:59:66:5e:b1:9f:1a:fc:e5:
+         a5:e5:c9:9b:4f:77:f1:87:8a:a7:36:2d:67:4d:ec:19:13:e3:
+         c1:9c:95:a5:90:ec:0f:39:5b:da:42:9f:73:6c:56:1f:aa:a8:
+         fb:69:82:a7:b2:21:b5:f7:fe:4e:1d:02:fc:30:e8:08:14:d8:
+         86:db:ca:31:da:4d:b8:9c:91:2b:45:b4:70:6b:87:9e:e5:4c:
+         ea:b4:7a:75:18:1e:4c:db:e8:b1:e7:f0:50:43:59:38:31:46:
+         57:59:ae:60:f8:8d:68:b6:49:3c:a5:4e:19:4c:e3:03:ef:5b:
+         bd:c0:9d:12:ba:b3:cb:f2:35:7a:81:a8:3b:95:9c:66:35:a2:
+         94:79:bb:c0:cd:cd:cb:32:d2:8d:ef:89:c6:1c:28:f1:c2:6c:
+         53:c7:fc:de:5e:c9:de:7e:11:61:d9:d7:b1:5e:61:d7:f1:a7:
+         e8:62:e1:f5:0f:f3:17:e8:e5:43:98:3b:cc:b7:cf:a4:ae:92:
+         6b:16:51:ea:38:5f:5e:59:74:87:72:aa:5e:5f:21:dd:d8:6c:
+         8a:e2:7d:11:5b:c1:5c:e9:76:aa:4f:60:46:51:5e:c0:b2:d3:
+         9b:f6:ba:ca
 -----BEGIN CERTIFICATE-----
 MIIE0zCCA7ugAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMi1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -256,12 +256,12 @@ oTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1Nl
 YXR0bGUxFTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJp
 bmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkB
 FhBpbmZvQHdvbGZzc2wuY29tggFkMA8GA1UdEwQIMAYBAf8CAQIwCwYDVR0PBAQD
-AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQA9wmV7e6ZmxzBdSCSxrMp/iNjums1SspZZ
-st3xxJsjNWbyJXxTsh8wU31k1ydK3YMBvz0m09P89ISKI3j5tLP00ZtuoyLs/m4E
-DwBU7VdTiLkDO7PpumvNePbx2doQQfuEoukbBQsUvXSawkEst0u/ST/bSFsAWCGz
-C+Lp1Xb8htpzI6F6KDP4yymdwQ6gOdyBF8AEoR5GyNSPiHkLqJgyrhOYknJ0VXyc
-M/RMZU3MKG86jnfczUCX1TOwbCYCG75pm3cRrEKFheGaWh5gSUUUhT6Myh9Jll4M
-0xp+8JCOEHEccBlXUzu9ddsnpT+6naIb4fLMG89It7jwI+jmAoZ6
+AgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCP7if1RWNW62b1x0+wShbKKuHedX2LCRIM
+Zf6iWWZesZ8a/OWl5cmbT3fxh4qnNi1nTewZE+PBnJWlkOwPOVvaQp9zbFYfqqj7
+aYKnsiG19/5OHQL8MOgIFNiG28ox2k24nJErRbRwa4ee5UzqtHp1GB5M2+ix5/BQ
+Q1k4MUZXWa5g+I1otkk8pU4ZTOMD71u9wJ0SurPL8jV6gag7lZxmNaKUebvAzc3L
+MtKN74nGHCjxwmxTx/zeXsnefhFh2dexXmHX8afoYuH1D/MX6OVDmDvMt8+krpJr
+FlHqOF9eWXSHcqpeXyHd2GyK4n0RW8Fc6XaqT2BGUV7AstOb9rrK
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -270,8 +270,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         7a:d0:31:91:2e:bb:e2:77:ba:ae:e1:66:18:43:51:d5:28:ad:
-         63:41:4d:35:9a:98:ea:c0:87:5d:71:f0:1f:d2:3f:56:d0:1f:
-         82:04:d2:c1:72:ec:3f:93:6d:b4:36:5a:db:0c:9f:70:d9:65:
-         81:6e:12:31:f9:24:e1:c7:2e:32:5a:e4:96:fd:53:ec:6b:1f:
-         6d:2c:dc:04:1c:1a:dc:8a:5d:04:1b:16:fc:15:8a:7c:8c:e9:
-         c1:dd:c6:dc:71:8d:72:6f:b1:c9:93:f7:ca:a3:14:54:93:44:
-         92:58:41:a4:8a:fc:55:fd:63:42:1d:0f:5f:72:aa:38:b6:02:
-         cb:e1:b1:e3:57:e7:87:a1:05:c8:9c:9b:49:73:0e:58:9d:30:
-         b5:fb:75:0c:8c:44:86:e0:c2:bc:90:60:ce:2c:ea:0a:39:fc:
-         7c:e4:d1:44:55:34:e8:ce:04:a4:19:ad:00:2c:05:f1:65:24:
-         6b:c7:d1:76:37:dd:33:91:86:3c:ad:b7:bc:53:4d:4a:50:ff:
-         d0:9c:89:4b:19:aa:40:d0:45:80:e8:d4:96:82:5b:54:68:ac:
-         d5:6c:77:46:b2:8d:82:ff:b5:81:71:90:84:6e:94:4b:e2:02:
-         9f:c5:24:97:8e:0a:2e:71:57:8f:03:19:cb:a2:39:c0:1d:14:
-         e0:52:04:af
+         75:ad:f2:f8:79:a5:c6:0d:4a:35:07:f6:75:1c:6c:0e:bf:3d:
+         d7:fc:81:de:57:9f:3f:f0:c9:8e:75:b8:23:0d:36:22:d6:d9:
+         57:dc:c0:5b:a4:9a:fa:ef:2a:b5:ad:e2:c5:96:84:1a:84:49:
+         a8:17:b7:2e:fd:45:21:8f:e4:f1:8a:e5:64:bb:50:96:31:62:
+         d7:4a:11:f4:fa:78:5b:bb:0d:0a:0e:91:bb:84:e8:c6:5d:1a:
+         03:1e:4b:50:5d:c5:03:f5:a3:32:fa:6c:5e:a8:c5:12:b4:5a:
+         c4:e6:ff:36:c3:4d:a7:1a:d1:b2:71:dd:89:1a:b2:08:46:60:
+         bb:8e:bb:df:bd:b9:0f:45:3d:25:06:eb:a7:95:11:a6:32:ee:
+         a0:2c:4c:2f:81:54:6f:54:16:d7:c3:85:6e:c4:78:43:a3:48:
+         2f:81:03:81:c2:02:0a:84:9d:a8:b5:3f:02:b4:c0:fd:b5:d5:
+         2f:f0:48:d7:0f:98:cb:0f:ca:e4:9c:1a:d8:1c:10:31:4b:9e:
+         9b:a9:44:63:03:a0:a0:de:bc:bd:0f:d9:5a:fa:81:f2:d5:7d:
+         de:4b:06:88:b8:0e:98:5c:fb:60:a2:10:e9:ad:38:c7:05:09:
+         9d:c9:bc:24:89:29:84:a5:3a:76:d9:ec:b8:9c:c7:9a:02:7e:
+         23:d6:1b:65
 -----BEGIN CERTIFICATE-----
 MIIExjCCA66gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaExCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzMloXDTI2MDkwODIyMTkzMlowgaExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR0wGwYDVQQD
 DBRjaGFpbkgtSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xm
@@ -345,12 +345,12 @@ lDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
 bC5jb22CAWQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJKoZIhvcN
-AQELBQADggEBAHrQMZEuu+J3uq7hZhhDUdUorWNBTTWamOrAh11x8B/SP1bQH4IE
-0sFy7D+TbbQ2WtsMn3DZZYFuEjH5JOHHLjJa5Jb9U+xrH20s3AQcGtyKXQQbFvwV
-inyM6cHdxtxxjXJvscmT98qjFFSTRJJYQaSK/FX9Y0IdD19yqji2AsvhseNX54eh
-Bcicm0lzDlidMLX7dQyMRIbgwryQYM4s6go5/Hzk0URVNOjOBKQZrQAsBfFlJGvH
-0XY33TORhjytt7xTTUpQ/9CciUsZqkDQRYDo1JaCW1RorNVsd0ayjYL/tYFxkIRu
-lEviAp/FJJeOCi5xV48DGcuiOcAdFOBSBK8=
+AQELBQADggEBAHWt8vh5pcYNSjUH9nUcbA6/Pdf8gd5Xnz/wyY51uCMNNiLW2Vfc
+wFukmvrvKrWt4sWWhBqESagXty79RSGP5PGK5WS7UJYxYtdKEfT6eFu7DQoOkbuE
+6MZdGgMeS1BdxQP1ozL6bF6oxRK0WsTm/zbDTaca0bJx3YkasghGYLuOu9+9uQ9F
+PSUG66eVEaYy7qAsTC+BVG9UFtfDhW7EeEOjSC+BA4HCAgqEnai1PwK0wP211S/w
+SNcPmMsPyuScGtgcEDFLnpupRGMDoKDevL0P2Vr6gfLVfd5LBoi4Dphc+2CiEOmt
+OMcFCZ3JvCSJKYSlOnbZ7Licx5oCfiPWG2U=
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -359,8 +359,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:32 2023 GMT
+            Not After : Sep  8 22:19:32 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -391,34 +391,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         05:f4:24:ed:e2:f9:84:cf:1b:3d:6c:79:4f:3c:25:6b:3c:96:
-         ab:15:90:b3:77:07:90:f8:3e:82:e6:e4:3e:d9:a5:a7:81:d2:
-         fd:34:23:1d:ed:97:b5:33:aa:5d:7c:ab:06:12:03:e4:18:21:
-         7b:83:f0:17:cd:43:12:d6:e6:4d:a3:a9:48:71:b8:f8:0c:af:
-         25:ff:72:4d:f0:37:9d:c4:46:3f:3c:69:96:3d:00:96:31:30:
-         96:9f:44:9a:eb:22:22:64:ae:7e:2f:a8:c7:3d:44:58:8b:8f:
-         82:9d:4d:e7:9a:45:fe:b3:d4:bd:54:3c:5a:24:c2:8f:39:50:
-         4d:24:0d:be:e1:4d:b8:1d:1d:a8:54:b5:6e:a0:d5:7f:96:ed:
-         c9:4d:7a:e3:e7:ec:0a:0f:2a:50:3b:90:ed:97:3f:df:2b:e1:
-         c3:fc:84:58:26:2d:1d:99:2b:3d:6f:aa:96:ae:01:76:86:0e:
-         55:c5:bb:17:24:20:74:c7:b1:9c:69:7b:41:c0:4e:5b:e1:5c:
-         a2:62:34:29:e1:4b:42:62:fd:0e:f3:68:48:b6:a2:6f:d2:f6:
-         15:2a:a4:a1:c1:86:88:9b:22:af:95:40:2a:64:26:e1:8e:4c:
-         f5:03:e0:ef:89:6d:ec:e0:46:46:32:7d:4b:6e:87:63:33:66:
-         f3:84:1d:7e
+         a1:6c:a3:2e:95:bb:e7:f0:f4:70:b8:8c:5a:a7:29:54:13:6a:
+         5b:13:e3:62:6a:b5:06:68:41:91:2f:84:97:1f:25:c1:db:18:
+         5d:09:26:04:ab:aa:2d:4d:59:2e:96:70:8f:0e:5d:0b:b8:b0:
+         db:5f:14:70:9e:00:d8:31:1f:65:54:47:69:5c:11:e8:0c:97:
+         2e:ff:0d:2e:ee:45:18:5b:aa:83:21:b1:5d:66:f0:b7:b3:99:
+         09:c6:fd:11:7e:b5:67:a0:d2:3b:a2:e9:b0:96:1d:42:ac:6e:
+         ce:f2:80:4e:8c:87:36:af:b5:c4:bc:fb:5d:18:40:d4:7d:3a:
+         0f:c8:9f:f1:95:bb:8a:ad:18:f8:3c:e0:49:da:36:26:17:8c:
+         87:75:79:80:5f:c4:5a:48:93:ed:62:93:73:55:a3:73:d4:ba:
+         3c:54:f4:b2:ad:70:af:8f:93:4f:a7:15:49:e0:cf:88:2a:1f:
+         bf:18:f5:13:e4:5b:d3:37:29:12:db:8c:4d:b6:93:0b:02:70:
+         47:84:cc:0a:e8:28:de:89:a1:43:0f:16:28:a9:be:85:6e:62:
+         44:5c:69:a0:33:67:bf:ee:80:37:46:25:e4:d2:ec:56:07:67:
+         e4:d6:e0:92:a1:2f:7c:d8:18:d0:7a:02:82:5b:48:3d:61:9b:
+         5f:65:db:af
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMyWhcNMjYwOTA4MjIxOTMyWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSC1JQ0E0
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -432,12 +432,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFBhtRIPuH+y0IvCc61QeShVYAaoTMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAAX0JO3i+YTPGz1seU88JWs8lqsVkLN3B5D4PoLm5D7Z
-paeB0v00Ix3tl7Uzql18qwYSA+QYIXuD8BfNQxLW5k2jqUhxuPgMryX/ck3wN53E
-Rj88aZY9AJYxMJafRJrrIiJkrn4vqMc9RFiLj4KdTeeaRf6z1L1UPFokwo85UE0k
-Db7hTbgdHahUtW6g1X+W7clNeuPn7AoPKlA7kO2XP98r4cP8hFgmLR2ZKz1vqpau
-AXaGDlXFuxckIHTHsZxpe0HATlvhXKJiNCnhS0Ji/Q7zaEi2om/S9hUqpKHBhoib
-Iq+VQCpkJuGOTPUD4O+JbezgRkYyfUtuh2MzZvOEHX4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAKFsoy6Vu+fw9HC4jFqnKVQTalsT42JqtQZoQZEvhJcf
+JcHbGF0JJgSrqi1NWS6WcI8OXQu4sNtfFHCeANgxH2VUR2lcEegMly7/DS7uRRhb
+qoMhsV1m8LezmQnG/RF+tWeg0jui6bCWHUKsbs7ygE6MhzavtcS8+10YQNR9Og/I
+n/GVu4qtGPg84EnaNiYXjId1eYBfxFpIk+1ik3NVo3PUujxU9LKtcK+Pk0+nFUng
+z4gqH78Y9RPkW9M3KRLbjE22kwsCcEeEzAroKN6JoUMPFiipvoVuYkRcaaAzZ7/u
+gDdGJeTS7FYHZ+TW4JKhL3zYGNB6AoJbSD1hm19l268=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
index 8df3fa16..42512cc1 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainH-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-ICA1-pathlen0, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainH-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         8c:b5:c8:f8:28:8c:cc:27:7c:21:36:75:2a:bc:af:5e:d6:7a:
-         d1:22:d5:1b:7a:a2:1a:5e:30:b5:38:64:2e:71:09:1c:db:a0:
-         99:44:5c:e8:c2:b5:06:ac:c1:ec:d8:30:74:65:62:f5:db:c2:
-         03:fa:54:e0:0f:c9:8a:d8:02:11:d3:58:a6:bc:7f:54:07:3b:
-         f7:6d:7d:db:18:d9:2a:01:57:38:fc:d4:18:86:84:38:8b:d0:
-         5c:8c:d7:47:2e:76:d3:92:c3:75:61:93:03:56:93:74:60:ff:
-         16:84:4a:70:f0:cc:0c:ed:d3:53:f9:fc:f7:b8:34:6a:5c:25:
-         78:ab:27:3f:ad:04:8f:c6:01:29:a8:b7:61:09:b0:7b:51:9b:
-         ca:6c:23:5b:0c:18:f3:63:ea:96:56:b9:1a:0f:ec:80:cd:29:
-         f6:fb:d1:df:65:34:e8:1f:62:c8:95:fa:be:27:cb:40:e7:26:
-         7f:18:7e:cc:5d:7d:19:9e:12:90:0b:d7:32:12:0d:cb:97:8e:
-         e8:3e:c3:1b:f6:a3:3c:e8:d0:35:63:de:66:89:5a:a3:ef:64:
-         3a:8f:e3:5f:d2:e6:64:82:7b:2f:2e:26:78:13:34:39:ed:9c:
-         f8:ad:f5:d6:75:d1:60:48:aa:19:41:98:1f:4e:ce:01:76:9d:
-         af:0f:6b:8d
+         06:45:21:fd:a8:95:fa:d4:96:c7:4f:83:6b:6c:c1:24:fa:b0:
+         14:42:db:7a:5c:7b:f4:8f:4e:66:78:bc:ff:65:bd:4a:a7:8e:
+         d0:78:33:6f:d2:aa:bb:9b:25:26:15:4d:9d:8e:39:16:99:70:
+         25:6a:2d:ee:78:54:80:13:71:f3:e1:6a:ec:56:57:1a:25:db:
+         8f:b3:64:22:d2:04:d1:b2:aa:ff:2c:d9:ae:6d:74:66:18:74:
+         58:38:4b:ec:77:69:f6:83:ed:4d:7d:4a:60:71:35:8e:14:02:
+         72:9e:93:22:a5:ca:d9:33:7e:12:c4:41:34:cf:c4:14:66:9a:
+         fa:04:aa:1f:e2:d9:5e:d3:42:9e:fa:c9:71:6e:f0:43:08:a7:
+         60:bc:eb:19:8e:70:09:24:12:6b:9a:10:60:fc:44:61:e3:f4:
+         0d:08:15:9e:a6:b3:7e:9b:be:d5:f9:63:9d:2f:be:c3:81:c6:
+         ef:e8:56:99:a2:58:f3:32:7c:c2:c2:b1:d9:6a:bd:51:79:eb:
+         18:02:44:b4:4e:e8:7c:3e:96:a4:ae:86:79:94:11:6f:1b:eb:
+         80:71:07:1f:4c:5d:88:67:39:62:6d:c2:0d:64:2a:07:66:48:
+         ca:b4:76:06:da:1c:40:24:77:34:a9:8b:26:d0:20:6b:94:25:
+         75:73:84:e7
 -----BEGIN CERTIFICATE-----
 MIIEtzCCA5+gAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSC1JQ0ExLXBhdGhsZW4wMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgZoxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgZoxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRYwFAYDVQQD
 DA1jaGFpbkgtZW50aXR5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -77,11 +77,11 @@ VR0jBIHGMIHDgBRIgIco7+YoDwOb3zNIEKDlILNpUKGBp6SBpDCBoTELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNV
 BAMMFGNoYWluSC1JQ0EyLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAIy1yPgo
-jMwnfCE2dSq8r17WetEi1Rt6ohpeMLU4ZC5xCRzboJlEXOjCtQaswezYMHRlYvXb
-wgP6VOAPyYrYAhHTWKa8f1QHO/dtfdsY2SoBVzj81BiGhDiL0FyM10cudtOSw3Vh
-kwNWk3Rg/xaESnDwzAzt01P5/Pe4NGpcJXirJz+tBI/GASmot2EJsHtRm8psI1sM
-GPNj6pZWuRoP7IDNKfb70d9lNOgfYsiV+r4ny0DnJn8YfsxdfRmeEpAL1zISDcuX
-jug+wxv2ozzo0DVj3maJWqPvZDqP41/S5mSCey8uJngTNDntnPit9dZ10WBIqhlB
-mB9OzgF2na8Pa40=
+bGZzc2wuY29tggFkMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQELBQADggEBAAZFIf2o
+lfrUlsdPg2tswST6sBRC23pce/SPTmZ4vP9lvUqnjtB4M2/SqrubJSYVTZ2OORaZ
+cCVqLe54VIATcfPhauxWVxol24+zZCLSBNGyqv8s2a5tdGYYdFg4S+x3afaD7U19
+SmBxNY4UAnKekyKlytkzfhLEQTTPxBRmmvoEqh/i2V7TQp76yXFu8EMIp2C86xmO
+cAkkEmuaEGD8RGHj9A0IFZ6ms36bvtX5Y50vvsOBxu/oVpmiWPMyfMLCsdlqvVF5
+6xgCRLRO6Hw+lqSuhnmUEW8b64BxBx9MXYhnOWJtwg1kKgdmSMq0dgbaHEAkdzSp
+iybQIGuUJXVzhOc=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
index 154e8e1f..1f075ac7 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA1-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         78:50:73:20:80:87:ae:ad:44:08:3a:09:a3:82:03:3f:ea:21:
-         c9:2f:e5:14:c1:7e:19:76:e8:f3:a8:a8:51:26:86:00:f0:a9:
-         c4:e9:9b:12:ab:3e:4d:c4:1b:b6:87:39:69:77:cd:7b:d8:57:
-         b9:7f:f4:07:32:bf:07:cb:22:c4:35:fd:1b:a6:83:d6:ab:a4:
-         76:b8:1d:de:72:16:e4:21:d3:31:fa:99:bd:6b:0d:8e:1b:8c:
-         5a:02:53:ad:3b:f3:c4:25:fd:c7:ca:64:28:f6:49:54:2a:d6:
-         f8:85:bc:c1:a5:c1:aa:68:f5:00:a1:47:8f:c3:25:5b:e1:98:
-         da:75:2f:bb:a0:c5:9b:65:d8:ca:1f:3c:87:ec:d0:82:75:11:
-         57:9c:db:b0:3c:d5:80:87:4d:67:44:d9:39:af:f1:88:de:be:
-         45:68:56:bb:97:d3:20:1b:5a:f5:fa:f1:bf:c0:51:f6:b9:a3:
-         9f:1b:11:ec:c9:b3:1d:b3:8e:a8:b3:0d:2c:35:77:ad:07:46:
-         17:4c:83:f3:e3:7b:91:fe:e7:d9:e5:9f:c3:45:d0:14:9b:a8:
-         cb:5c:38:b0:d3:45:8a:e2:30:d6:71:6a:a0:16:26:69:d5:63:
-         08:fa:69:bd:86:0d:67:31:f0:2d:c0:80:7c:14:c0:63:93:ac:
-         c1:8c:5a:b5
+         04:ad:23:1a:c8:33:0d:3a:b7:a2:db:58:ab:51:89:0f:48:11:
+         53:88:36:74:51:c3:69:9a:ed:26:9f:24:f9:9b:a1:5d:31:26:
+         29:ce:3c:91:ce:37:d4:d6:50:30:e1:85:65:35:71:bc:20:f9:
+         27:22:5c:cf:aa:83:32:ff:f5:77:2b:79:31:d7:5f:21:8b:34:
+         14:83:d5:f4:e5:fc:f3:76:4a:09:d0:e8:d4:1b:c4:03:4e:a0:
+         a8:8a:e9:db:2e:33:e2:0b:58:70:76:37:d8:78:60:a2:78:9b:
+         af:62:0e:b4:cb:d9:51:0d:5f:dd:a5:c7:49:60:30:8d:35:46:
+         d1:7c:02:c0:2e:ae:74:36:dd:ef:ee:16:46:05:d2:16:ff:24:
+         e0:27:f5:35:01:4d:86:76:52:b4:81:c8:69:f1:62:c1:a1:28:
+         a5:0e:ae:d3:8f:80:a6:51:69:d6:db:8b:04:a0:cd:81:97:a2:
+         b5:09:e7:4f:21:75:07:30:fe:19:c5:8b:26:2d:6c:61:92:b0:
+         0c:01:3d:78:50:18:12:66:58:d9:66:a7:79:72:87:52:12:bd:
+         16:cf:fb:ab:6e:7b:8f:ac:0d:84:16:36:f6:87:27:95:6c:62:
+         b2:60:94:cb:83:69:42:96:98:5d:d2:a8:c4:b4:89:c0:f8:b8:
+         7a:f0:7b:b8
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAeFBzIICHrq1ECDoJo4IDP+ohyS/lFMF+
-GXbo86ioUSaGAPCpxOmbEqs+TcQbtoc5aXfNe9hXuX/0BzK/B8sixDX9G6aD1quk
-drgd3nIW5CHTMfqZvWsNjhuMWgJTrTvzxCX9x8pkKPZJVCrW+IW8waXBqmj1AKFH
-j8MlW+GY2nUvu6DFm2XYyh88h+zQgnURV5zbsDzVgIdNZ0TZOa/xiN6+RWhWu5fT
-IBta9frxv8BR9rmjnxsR7MmzHbOOqLMNLDV3rQdGF0yD8+N7kf7n2eWfw0XQFJuo
-y1w4sNNFiuIw1nFqoBYmadVjCPppvYYNZzHwLcCAfBTAY5OswYxatQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABK0jGsgzDTq3ottYq1GJD0gRU4g2dFHD
+aZrtJp8k+ZuhXTEmKc48kc431NZQMOGFZTVxvCD5JyJcz6qDMv/1dyt5MddfIYs0
+FIPV9OX883ZKCdDo1BvEA06gqIrp2y4z4gtYcHY32Hhgonibr2IOtMvZUQ1f3aXH
+SWAwjTVG0XwCwC6udDbd7+4WRgXSFv8k4Cf1NQFNhnZStIHIafFiwaEopQ6u04+A
+plFp1tuLBKDNgZeitQnnTyF1BzD+GcWLJi1sYZKwDAE9eFAYEmZY2WaneXKHUhK9
+Fs/7q257j6wNhBY29ocnlWxismCUy4NpQpaYXdKoxLSJwPi4evB7uA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
index 3ce50c65..5d5e8900 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA2-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0b:80:62:fa:ce:ce:c0:cc:0c:ac:20:c7:15:4f:0f:64:b6:17:
-         9b:e8:f1:aa:3d:db:b7:cc:18:10:63:24:86:f7:9b:40:d5:05:
-         c8:9e:c3:0b:d5:1e:e3:dc:34:a7:66:2a:75:1e:bb:5d:31:ff:
-         dd:79:f6:41:68:9a:5e:4d:9b:61:02:6b:c6:62:da:ca:46:3b:
-         b2:ac:6a:74:bb:91:0e:a6:d2:7d:51:5e:c0:11:6e:7f:e3:da:
-         58:48:58:ed:fa:70:8d:bd:c2:ef:9e:df:b1:51:4b:ee:c8:e8:
-         e4:2c:e3:d3:96:0b:e9:ea:82:9d:e4:78:d6:cb:84:c0:b3:39:
-         3f:dd:2f:e2:e8:9c:09:58:58:d3:f4:64:9c:35:b0:ee:bf:6e:
-         f3:a2:f6:0e:31:7b:78:df:d6:d0:e6:29:1d:d1:af:fc:ee:c3:
-         54:7b:9a:8c:8d:47:eb:40:01:4f:2b:08:bd:d7:17:b1:bc:ce:
-         2c:de:db:1a:d4:6b:ad:c2:c2:42:86:5b:63:71:95:ec:88:f2:
-         71:86:c9:b7:99:85:1f:06:dc:43:05:a2:37:17:c7:65:88:75:
-         46:23:4c:ce:fa:1d:e6:29:ba:76:ba:42:ed:ea:5e:5c:7d:a2:
-         2a:54:10:3a:72:ef:c0:52:2d:9f:a4:c7:2a:29:53:b7:a9:51:
-         aa:51:0a:59
+         14:61:ba:15:45:07:60:d4:c9:6d:ef:6f:74:2a:44:b5:34:a4:
+         df:0e:d9:f1:7b:7c:cb:50:db:d7:17:d3:9d:91:64:01:1b:93:
+         0d:b5:51:07:16:77:5f:2a:b5:9a:24:39:19:fc:ee:4d:79:4f:
+         c3:a3:9f:a1:07:e8:a3:0c:7e:04:0c:b0:33:a1:96:21:d2:ce:
+         88:41:28:88:82:39:7f:9d:54:2d:4c:56:df:41:8e:4a:59:69:
+         84:0b:fc:5d:47:06:84:ec:ae:4d:52:34:b2:1a:e8:61:e0:51:
+         8c:87:ad:c9:5d:f3:2e:bb:5b:36:d2:91:71:7f:f9:cf:f9:7f:
+         c3:2d:e5:7d:a7:fb:8a:2f:47:24:6c:3a:75:72:9b:c8:74:6f:
+         17:95:a4:d4:96:b4:3e:91:bf:c1:eb:89:18:ba:c3:e1:52:f8:
+         e8:a4:92:1b:c9:d8:a7:11:40:bf:62:9a:e6:ee:70:0a:f5:a3:
+         6d:06:0f:59:ad:53:8a:f6:b8:93:dc:39:59:b7:97:c2:3c:e2:
+         3b:e8:9f:5a:c9:42:35:d2:39:32:d8:9a:1d:3f:52:e6:cd:0b:
+         f9:d0:be:d8:ad:09:11:d7:6b:c2:c3:2e:d2:9b:92:99:a0:a8:
+         c9:0e:30:41:0e:73:77:48:ac:8b:69:28:3b:1c:76:b3:da:7f:
+         bd:04:95:07
 -----BEGIN CERTIFICATE-----
 MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
 DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
 c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQALgGL6zs7AzAysIMcVTw9ktheb6PGqPdu3zBgQYySG95tA1QXInsML
-1R7j3DSnZip1HrtdMf/defZBaJpeTZthAmvGYtrKRjuyrGp0u5EOptJ9UV7AEW5/
-49pYSFjt+nCNvcLvnt+xUUvuyOjkLOPTlgvp6oKd5HjWy4TAszk/3S/i6JwJWFjT
-9GScNbDuv27zovYOMXt439bQ5ikd0a/87sNUe5qMjUfrQAFPKwi91xexvM4s3tsa
-1GutwsJChltjcZXsiPJxhsm3mYUfBtxDBaI3F8dliHVGI0zO+h3mKbp2ukLt6l5c
-faIqVBA6cu/AUi2fpMcqKVO3qVGqUQpZ
+CwUAA4IBAQAUYboVRQdg1Mlt7290KkS1NKTfDtnxe3zLUNvXF9OdkWQBG5MNtVEH
+FndfKrWaJDkZ/O5NeU/Do5+hB+ijDH4EDLAzoZYh0s6IQSiIgjl/nVQtTFbfQY5K
+WWmEC/xdRwaE7K5NUjSyGuhh4FGMh63JXfMuu1s20pFxf/nP+X/DLeV9p/uKL0ck
+bDp1cpvIdG8XlaTUlrQ+kb/B64kYusPhUvjopJIbydinEUC/Yprm7nAK9aNtBg9Z
+rVOK9riT3DlZt5fCPOI76J9ayUI10jky2JodP1LmzQv50L7YrQkR12vCwy7Sm5KZ
+oKjJDjBBDnN3SKyLaSg7HHaz2n+9BJUH
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
index 037fd713..a80d5cbf 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-ICA3-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         2f:e9:19:e4:18:04:44:46:80:ee:e5:9f:a0:48:72:75:2e:c5:
-         dd:d1:6b:53:68:36:f3:2b:7c:78:2c:7f:1e:1b:2d:24:79:76:
-         75:48:c6:4e:73:99:4b:a1:3b:40:e0:c8:7b:eb:b4:80:ae:49:
-         65:4c:e1:13:39:a2:97:b6:e8:19:66:9c:34:31:d9:57:3f:ea:
-         d0:9b:3e:f1:6b:ec:7d:86:cf:13:d4:f4:4e:d8:da:5c:17:6b:
-         0a:10:c3:8c:89:de:b5:50:f3:3d:68:9e:36:47:09:44:b9:e5:
-         6c:43:8c:16:f9:da:32:e7:2a:32:df:7a:55:94:33:10:fd:82:
-         bb:94:c1:76:04:c8:0e:89:0b:ac:dd:a1:ce:61:02:a7:0d:81:
-         c7:33:d8:98:4a:26:97:8b:e8:0f:24:ad:3e:32:73:10:02:23:
-         77:52:ca:92:bf:16:de:cf:bc:87:bf:cc:6f:2b:28:f9:77:4e:
-         32:02:82:a8:2e:3a:37:6f:b7:26:2c:84:d4:66:ea:da:27:37:
-         ba:26:16:40:a0:4a:f6:31:c0:de:5f:e9:b1:79:94:44:4d:29:
-         cb:3d:32:45:45:a4:e9:ef:a8:18:f5:b4:66:86:45:42:e2:59:
-         6c:ae:38:09:81:23:4e:19:7c:f8:b7:71:eb:a8:33:28:7c:88:
-         2c:0e:5e:ae
+         0b:91:da:f2:ae:94:93:70:85:33:26:3d:4b:23:65:52:a3:be:
+         0a:ed:7c:04:16:fa:f1:5f:3b:e2:06:f7:8e:03:41:46:bc:e9:
+         79:41:ff:09:a0:77:6c:58:a6:c7:0c:1d:8b:c0:f7:6c:82:93:
+         74:96:18:8a:ce:a0:00:19:46:0a:0c:d1:7a:40:66:46:ad:14:
+         9b:7f:bb:2f:88:c2:94:39:49:05:36:e7:f2:b0:04:44:49:e8:
+         99:07:6e:50:f0:61:18:a3:4a:e0:35:06:6a:7d:af:ac:f1:93:
+         fd:43:92:12:41:66:fc:60:8f:37:12:43:45:c6:38:9e:8a:e8:
+         4c:1d:48:7a:62:d2:e1:f4:99:12:5b:98:5a:2e:59:07:86:64:
+         af:4d:33:2e:e7:26:f2:68:7b:1e:4e:1b:60:bd:5d:19:d3:7c:
+         04:32:26:ea:23:33:6f:8d:30:27:84:4a:3d:8a:63:4f:02:81:
+         5a:ab:ea:ae:58:0a:ce:7e:74:a1:75:6a:c4:64:ae:a7:0a:31:
+         2f:41:ed:c5:12:7c:4a:34:e8:6d:22:f4:9f:3d:f2:4a:8c:ee:
+         7c:e7:81:50:e0:e5:f0:52:7d:28:79:3a:5a:c4:85:fb:7b:e6:
+         26:1f:71:47:c6:97:8b:4d:39:eb:4b:46:4c:d7:d7:d3:15:b6:
+         82:78:83:17
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAC/pGeQYBERGgO7ln6BIcnUuxd3Ra1NoNvMrfHgsfx4b
-LSR5dnVIxk5zmUuhO0DgyHvrtICuSWVM4RM5ope26BlmnDQx2Vc/6tCbPvFr7H2G
-zxPU9E7Y2lwXawoQw4yJ3rVQ8z1onjZHCUS55WxDjBb52jLnKjLfelWUMxD9gruU
-wXYEyA6JC6zdoc5hAqcNgccz2JhKJpeL6A8krT4ycxACI3dSypK/Ft7PvIe/zG8r
-KPl3TjICgqguOjdvtyYshNRm6tonN7omFkCgSvYxwN5f6bF5lERNKcs9MkVFpOnv
-qBj1tGaGRULiWWyuOAmBI04ZfPi3ceuoMyh8iCwOXq4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAAuR2vKulJNwhTMmPUsjZVKjvgrtfAQW+vFfO+IG944D
+QUa86XlB/wmgd2xYpscMHYvA92yCk3SWGIrOoAAZRgoM0XpAZkatFJt/uy+IwpQ5
+SQU25/KwBERJ6JkHblDwYRijSuA1Bmp9r6zxk/1DkhJBZvxgjzcSQ0XGOJ6K6Ewd
+SHpi0uH0mRJbmFouWQeGZK9NMy7nJvJoex5OG2C9XRnTfAQyJuojM2+NMCeESj2K
+Y08CgVqr6q5YCs5+dKF1asRkrqcKMS9B7cUSfEo06G0i9J898kqM7nzngVDg5fBS
+fSh5OlrEhft75iYfcUfGl4tNOetLRkzX19MVtoJ4gxc=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
index a63afa3b..5166cebc 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         7a:19:8d:a9:ab:4e:b7:89:d0:db:65:49:18:dc:23:9e:71:bf:
-         28:c6:54:de:dd:e4:9a:bf:89:be:2b:3e:fb:1f:47:dc:1e:e9:
-         8f:3d:b1:4e:7d:63:3b:48:12:8c:cc:c9:98:6f:35:c1:9f:26:
-         ed:f6:e5:50:55:84:94:c0:8e:e3:78:49:8d:21:33:41:03:10:
-         9a:16:27:0b:33:90:18:3a:f4:1e:59:75:3e:c2:9d:b8:58:fe:
-         52:26:11:95:f1:14:f9:17:2f:f6:6a:a5:e3:03:af:94:a4:18:
-         71:82:63:aa:ad:d0:55:08:48:bd:80:16:cf:36:8a:f2:69:2f:
-         fd:e0:72:96:2e:b3:75:c5:8f:60:b9:46:a0:e0:ad:a2:54:2e:
-         b9:f9:c0:ab:a5:e2:88:47:9a:ec:a7:c9:e3:74:22:90:57:a4:
-         03:b4:2f:33:bf:e6:58:35:3f:75:b3:5f:b7:aa:f8:d5:2a:7f:
-         4a:bd:55:4e:d6:e6:a4:25:67:aa:99:57:4b:ca:28:7a:d8:78:
-         08:51:a2:95:53:e1:04:6a:48:3f:85:57:f0:81:53:9b:80:87:
-         24:da:d9:7e:c0:6c:a8:f1:75:50:7f:d4:0c:ba:c6:9a:16:f1:
-         00:5e:25:c5:99:7f:44:f1:39:c6:72:bd:e5:4a:ff:3a:89:15:
-         25:3c:2e:28
+         03:42:31:e4:a2:3f:2a:7a:a6:7e:87:61:8b:2c:a1:10:af:b4:
+         06:db:3f:77:85:88:c4:db:df:78:3d:d2:aa:aa:ac:cd:19:c1:
+         a7:47:66:e2:91:9b:59:ab:70:e0:74:1a:a7:b4:5c:30:3f:ea:
+         a3:14:6a:aa:3e:82:38:7d:2f:db:6f:43:60:db:20:cb:e4:69:
+         62:73:75:d8:22:db:c3:92:cb:96:d3:7c:5a:ca:d5:3a:d1:91:
+         20:2c:37:0f:3d:ef:8e:ca:0b:8b:73:af:79:66:ec:84:93:41:
+         71:a1:6d:86:57:1b:d9:83:7e:c0:18:b6:4f:3c:85:89:59:c8:
+         99:1e:e7:53:5d:2b:41:7c:24:d0:9a:73:43:b3:ee:69:de:60:
+         08:b9:f0:b2:ac:b5:24:70:06:b7:1e:7b:fd:30:07:80:24:45:
+         c5:4f:84:e7:a6:67:99:0b:42:45:38:54:90:01:49:b2:14:31:
+         48:09:2b:83:3e:37:2e:d5:fd:92:7b:4f:cb:2f:ea:0d:e7:d7:
+         07:62:6e:2e:c3:a4:64:e2:54:52:6e:66:41:a9:0d:68:3f:76:
+         8f:e9:42:3d:a2:23:b9:ed:fc:52:f5:d4:96:29:81:fd:80:39:
+         71:16:3c:df:c9:2f:ad:c3:83:56:f5:85:55:89:e6:c9:23:f6:
+         eb:0e:c7:34
 -----BEGIN CERTIFICATE-----
 MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,12 +78,12 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
 BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
 Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-ehmNqatOt4nQ22VJGNwjnnG/KMZU3t3kmr+Jvis++x9H3B7pjz2xTn1jO0gSjMzJ
-mG81wZ8m7fblUFWElMCO43hJjSEzQQMQmhYnCzOQGDr0Hll1PsKduFj+UiYRlfEU
-+Rcv9mql4wOvlKQYcYJjqq3QVQhIvYAWzzaK8mkv/eByli6zdcWPYLlGoOCtolQu
-ufnAq6XiiEea7KfJ43QikFekA7QvM7/mWDU/dbNft6r41Sp/Sr1VTtbmpCVnqplX
-S8ooeth4CFGilVPhBGpIP4VX8IFTm4CHJNrZfsBsqPF1UH/UDLrGmhbxAF4lxZl/
-RPE5xnK95Ur/OokVJTwuKA==
+A0Ix5KI/KnqmfodhiyyhEK+0Bts/d4WIxNvfeD3SqqqszRnBp0dm4pGbWatw4HQa
+p7RcMD/qoxRqqj6COH0v229DYNsgy+RpYnN12CLbw5LLltN8WsrVOtGRICw3Dz3v
+jsoLi3OveWbshJNBcaFthlcb2YN+wBi2TzyFiVnImR7nU10rQXwk0JpzQ7Puad5g
+CLnwsqy1JHAGtx57/TAHgCRFxU+E56ZnmQtCRThUkAFJshQxSAkrgz43LtX9kntP
+yy/qDefXB2JuLsOkZOJUUm5mQakNaD92j+lCPaIjue38UvXUlimB/YA5cRY838kv
+rcODVvWFVYnmySP26w7HNA==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         78:50:73:20:80:87:ae:ad:44:08:3a:09:a3:82:03:3f:ea:21:
-         c9:2f:e5:14:c1:7e:19:76:e8:f3:a8:a8:51:26:86:00:f0:a9:
-         c4:e9:9b:12:ab:3e:4d:c4:1b:b6:87:39:69:77:cd:7b:d8:57:
-         b9:7f:f4:07:32:bf:07:cb:22:c4:35:fd:1b:a6:83:d6:ab:a4:
-         76:b8:1d:de:72:16:e4:21:d3:31:fa:99:bd:6b:0d:8e:1b:8c:
-         5a:02:53:ad:3b:f3:c4:25:fd:c7:ca:64:28:f6:49:54:2a:d6:
-         f8:85:bc:c1:a5:c1:aa:68:f5:00:a1:47:8f:c3:25:5b:e1:98:
-         da:75:2f:bb:a0:c5:9b:65:d8:ca:1f:3c:87:ec:d0:82:75:11:
-         57:9c:db:b0:3c:d5:80:87:4d:67:44:d9:39:af:f1:88:de:be:
-         45:68:56:bb:97:d3:20:1b:5a:f5:fa:f1:bf:c0:51:f6:b9:a3:
-         9f:1b:11:ec:c9:b3:1d:b3:8e:a8:b3:0d:2c:35:77:ad:07:46:
-         17:4c:83:f3:e3:7b:91:fe:e7:d9:e5:9f:c3:45:d0:14:9b:a8:
-         cb:5c:38:b0:d3:45:8a:e2:30:d6:71:6a:a0:16:26:69:d5:63:
-         08:fa:69:bd:86:0d:67:31:f0:2d:c0:80:7c:14:c0:63:93:ac:
-         c1:8c:5a:b5
+         04:ad:23:1a:c8:33:0d:3a:b7:a2:db:58:ab:51:89:0f:48:11:
+         53:88:36:74:51:c3:69:9a:ed:26:9f:24:f9:9b:a1:5d:31:26:
+         29:ce:3c:91:ce:37:d4:d6:50:30:e1:85:65:35:71:bc:20:f9:
+         27:22:5c:cf:aa:83:32:ff:f5:77:2b:79:31:d7:5f:21:8b:34:
+         14:83:d5:f4:e5:fc:f3:76:4a:09:d0:e8:d4:1b:c4:03:4e:a0:
+         a8:8a:e9:db:2e:33:e2:0b:58:70:76:37:d8:78:60:a2:78:9b:
+         af:62:0e:b4:cb:d9:51:0d:5f:dd:a5:c7:49:60:30:8d:35:46:
+         d1:7c:02:c0:2e:ae:74:36:dd:ef:ee:16:46:05:d2:16:ff:24:
+         e0:27:f5:35:01:4d:86:76:52:b4:81:c8:69:f1:62:c1:a1:28:
+         a5:0e:ae:d3:8f:80:a6:51:69:d6:db:8b:04:a0:cd:81:97:a2:
+         b5:09:e7:4f:21:75:07:30:fe:19:c5:8b:26:2d:6c:61:92:b0:
+         0c:01:3d:78:50:18:12:66:58:d9:66:a7:79:72:87:52:12:bd:
+         16:cf:fb:ab:6e:7b:8f:ac:0d:84:16:36:f6:87:27:95:6c:62:
+         b2:60:94:cb:83:69:42:96:98:5d:d2:a8:c4:b4:89:c0:f8:b8:
+         7a:f0:7b:b8
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -167,12 +167,12 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkktSUNBMy1wYXRobGVuMjEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAeFBzIICHrq1ECDoJo4IDP+ohyS/lFMF+
-GXbo86ioUSaGAPCpxOmbEqs+TcQbtoc5aXfNe9hXuX/0BzK/B8sixDX9G6aD1quk
-drgd3nIW5CHTMfqZvWsNjhuMWgJTrTvzxCX9x8pkKPZJVCrW+IW8waXBqmj1AKFH
-j8MlW+GY2nUvu6DFm2XYyh88h+zQgnURV5zbsDzVgIdNZ0TZOa/xiN6+RWhWu5fT
-IBta9frxv8BR9rmjnxsR7MmzHbOOqLMNLDV3rQdGF0yD8+N7kf7n2eWfw0XQFJuo
-y1w4sNNFiuIw1nFqoBYmadVjCPppvYYNZzHwLcCAfBTAY5OswYxatQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABK0jGsgzDTq3ottYq1GJD0gRU4g2dFHD
+aZrtJp8k+ZuhXTEmKc48kc431NZQMOGFZTVxvCD5JyJcz6qDMv/1dyt5MddfIYs0
+FIPV9OX883ZKCdDo1BvEA06gqIrp2y4z4gtYcHY32Hhgonibr2IOtMvZUQ1f3aXH
+SWAwjTVG0XwCwC6udDbd7+4WRgXSFv8k4Cf1NQFNhnZStIHIafFiwaEopQ6u04+A
+plFp1tuLBKDNgZeitQnnTyF1BzD+GcWLJi1sYZKwDAE9eFAYEmZY2WaneXKHUhK9
+Fs/7q257j6wNhBY29ocnlWxismCUy4NpQpaYXdKoxLSJwPi4evB7uA==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         0b:80:62:fa:ce:ce:c0:cc:0c:ac:20:c7:15:4f:0f:64:b6:17:
-         9b:e8:f1:aa:3d:db:b7:cc:18:10:63:24:86:f7:9b:40:d5:05:
-         c8:9e:c3:0b:d5:1e:e3:dc:34:a7:66:2a:75:1e:bb:5d:31:ff:
-         dd:79:f6:41:68:9a:5e:4d:9b:61:02:6b:c6:62:da:ca:46:3b:
-         b2:ac:6a:74:bb:91:0e:a6:d2:7d:51:5e:c0:11:6e:7f:e3:da:
-         58:48:58:ed:fa:70:8d:bd:c2:ef:9e:df:b1:51:4b:ee:c8:e8:
-         e4:2c:e3:d3:96:0b:e9:ea:82:9d:e4:78:d6:cb:84:c0:b3:39:
-         3f:dd:2f:e2:e8:9c:09:58:58:d3:f4:64:9c:35:b0:ee:bf:6e:
-         f3:a2:f6:0e:31:7b:78:df:d6:d0:e6:29:1d:d1:af:fc:ee:c3:
-         54:7b:9a:8c:8d:47:eb:40:01:4f:2b:08:bd:d7:17:b1:bc:ce:
-         2c:de:db:1a:d4:6b:ad:c2:c2:42:86:5b:63:71:95:ec:88:f2:
-         71:86:c9:b7:99:85:1f:06:dc:43:05:a2:37:17:c7:65:88:75:
-         46:23:4c:ce:fa:1d:e6:29:ba:76:ba:42:ed:ea:5e:5c:7d:a2:
-         2a:54:10:3a:72:ef:c0:52:2d:9f:a4:c7:2a:29:53:b7:a9:51:
-         aa:51:0a:59
+         14:61:ba:15:45:07:60:d4:c9:6d:ef:6f:74:2a:44:b5:34:a4:
+         df:0e:d9:f1:7b:7c:cb:50:db:d7:17:d3:9d:91:64:01:1b:93:
+         0d:b5:51:07:16:77:5f:2a:b5:9a:24:39:19:fc:ee:4d:79:4f:
+         c3:a3:9f:a1:07:e8:a3:0c:7e:04:0c:b0:33:a1:96:21:d2:ce:
+         88:41:28:88:82:39:7f:9d:54:2d:4c:56:df:41:8e:4a:59:69:
+         84:0b:fc:5d:47:06:84:ec:ae:4d:52:34:b2:1a:e8:61:e0:51:
+         8c:87:ad:c9:5d:f3:2e:bb:5b:36:d2:91:71:7f:f9:cf:f9:7f:
+         c3:2d:e5:7d:a7:fb:8a:2f:47:24:6c:3a:75:72:9b:c8:74:6f:
+         17:95:a4:d4:96:b4:3e:91:bf:c1:eb:89:18:ba:c3:e1:52:f8:
+         e8:a4:92:1b:c9:d8:a7:11:40:bf:62:9a:e6:ee:70:0a:f5:a3:
+         6d:06:0f:59:ad:53:8a:f6:b8:93:dc:39:59:b7:97:c2:3c:e2:
+         3b:e8:9f:5a:c9:42:35:d2:39:32:d8:9a:1d:3f:52:e6:cd:0b:
+         f9:d0:be:d8:ad:09:11:d7:6b:c2:c3:2e:d2:9b:92:99:a0:a8:
+         c9:0e:30:41:0e:73:77:48:ac:8b:69:28:3b:1c:76:b3:da:7f:
+         bd:04:95:07
 -----BEGIN CERTIFICATE-----
 MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSS1JQ0EzLXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
 DBZjaGFpbkktSUNBMi1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -256,12 +256,12 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
 c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQALgGL6zs7AzAysIMcVTw9ktheb6PGqPdu3zBgQYySG95tA1QXInsML
-1R7j3DSnZip1HrtdMf/defZBaJpeTZthAmvGYtrKRjuyrGp0u5EOptJ9UV7AEW5/
-49pYSFjt+nCNvcLvnt+xUUvuyOjkLOPTlgvp6oKd5HjWy4TAszk/3S/i6JwJWFjT
-9GScNbDuv27zovYOMXt439bQ5ikd0a/87sNUe5qMjUfrQAFPKwi91xexvM4s3tsa
-1GutwsJChltjcZXsiPJxhsm3mYUfBtxDBaI3F8dliHVGI0zO+h3mKbp2ukLt6l5c
-faIqVBA6cu/AUi2fpMcqKVO3qVGqUQpZ
+CwUAA4IBAQAUYboVRQdg1Mlt7290KkS1NKTfDtnxe3zLUNvXF9OdkWQBG5MNtVEH
+FndfKrWaJDkZ/O5NeU/Do5+hB+ijDH4EDLAzoZYh0s6IQSiIgjl/nVQtTFbfQY5K
+WWmEC/xdRwaE7K5NUjSyGuhh4FGMh63JXfMuu1s20pFxf/nP+X/DLeV9p/uKL0ck
+bDp1cpvIdG8XlaTUlrQ+kb/B64kYusPhUvjopJIbydinEUC/Yprm7nAK9aNtBg9Z
+rVOK9riT3DlZt5fCPOI76J9ayUI10jky2JodP1LmzQv50L7YrQkR12vCwy7Sm5KZ
+oKjJDjBBDnN3SKyLaSg7HHaz2n+9BJUH
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -270,8 +270,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA3-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -302,34 +302,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         2f:e9:19:e4:18:04:44:46:80:ee:e5:9f:a0:48:72:75:2e:c5:
-         dd:d1:6b:53:68:36:f3:2b:7c:78:2c:7f:1e:1b:2d:24:79:76:
-         75:48:c6:4e:73:99:4b:a1:3b:40:e0:c8:7b:eb:b4:80:ae:49:
-         65:4c:e1:13:39:a2:97:b6:e8:19:66:9c:34:31:d9:57:3f:ea:
-         d0:9b:3e:f1:6b:ec:7d:86:cf:13:d4:f4:4e:d8:da:5c:17:6b:
-         0a:10:c3:8c:89:de:b5:50:f3:3d:68:9e:36:47:09:44:b9:e5:
-         6c:43:8c:16:f9:da:32:e7:2a:32:df:7a:55:94:33:10:fd:82:
-         bb:94:c1:76:04:c8:0e:89:0b:ac:dd:a1:ce:61:02:a7:0d:81:
-         c7:33:d8:98:4a:26:97:8b:e8:0f:24:ad:3e:32:73:10:02:23:
-         77:52:ca:92:bf:16:de:cf:bc:87:bf:cc:6f:2b:28:f9:77:4e:
-         32:02:82:a8:2e:3a:37:6f:b7:26:2c:84:d4:66:ea:da:27:37:
-         ba:26:16:40:a0:4a:f6:31:c0:de:5f:e9:b1:79:94:44:4d:29:
-         cb:3d:32:45:45:a4:e9:ef:a8:18:f5:b4:66:86:45:42:e2:59:
-         6c:ae:38:09:81:23:4e:19:7c:f8:b7:71:eb:a8:33:28:7c:88:
-         2c:0e:5e:ae
+         0b:91:da:f2:ae:94:93:70:85:33:26:3d:4b:23:65:52:a3:be:
+         0a:ed:7c:04:16:fa:f1:5f:3b:e2:06:f7:8e:03:41:46:bc:e9:
+         79:41:ff:09:a0:77:6c:58:a6:c7:0c:1d:8b:c0:f7:6c:82:93:
+         74:96:18:8a:ce:a0:00:19:46:0a:0c:d1:7a:40:66:46:ad:14:
+         9b:7f:bb:2f:88:c2:94:39:49:05:36:e7:f2:b0:04:44:49:e8:
+         99:07:6e:50:f0:61:18:a3:4a:e0:35:06:6a:7d:af:ac:f1:93:
+         fd:43:92:12:41:66:fc:60:8f:37:12:43:45:c6:38:9e:8a:e8:
+         4c:1d:48:7a:62:d2:e1:f4:99:12:5b:98:5a:2e:59:07:86:64:
+         af:4d:33:2e:e7:26:f2:68:7b:1e:4e:1b:60:bd:5d:19:d3:7c:
+         04:32:26:ea:23:33:6f:8d:30:27:84:4a:3d:8a:63:4f:02:81:
+         5a:ab:ea:ae:58:0a:ce:7e:74:a1:75:6a:c4:64:ae:a7:0a:31:
+         2f:41:ed:c5:12:7c:4a:34:e8:6d:22:f4:9f:3d:f2:4a:8c:ee:
+         7c:e7:81:50:e0:e5:f0:52:7d:28:79:3a:5a:c4:85:fb:7b:e6:
+         26:1f:71:47:c6:97:8b:4d:39:eb:4b:46:4c:d7:d7:d3:15:b6:
+         82:78:83:17
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSS1JQ0Ez
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -343,12 +343,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFO43pvJA0O/9IsejtGxXR0C5mfmNMIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBAC/pGeQYBERGgO7ln6BIcnUuxd3Ra1NoNvMrfHgsfx4b
-LSR5dnVIxk5zmUuhO0DgyHvrtICuSWVM4RM5ope26BlmnDQx2Vc/6tCbPvFr7H2G
-zxPU9E7Y2lwXawoQw4yJ3rVQ8z1onjZHCUS55WxDjBb52jLnKjLfelWUMxD9gruU
-wXYEyA6JC6zdoc5hAqcNgccz2JhKJpeL6A8krT4ycxACI3dSypK/Ft7PvIe/zG8r
-KPl3TjICgqguOjdvtyYshNRm6tonN7omFkCgSvYxwN5f6bF5lERNKcs9MkVFpOnv
-qBj1tGaGRULiWWyuOAmBI04ZfPi3ceuoMyh8iCwOXq4=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBAAuR2vKulJNwhTMmPUsjZVKjvgrtfAQW+vFfO+IG944D
+QUa86XlB/wmgd2xYpscMHYvA92yCk3SWGIrOoAAZRgoM0XpAZkatFJt/uy+IwpQ5
+SQU25/KwBERJ6JkHblDwYRijSuA1Bmp9r6zxk/1DkhJBZvxgjzcSQ0XGOJ6K6Ewd
+SHpi0uH0mRJbmFouWQeGZK9NMy7nJvJoex5OG2C9XRnTfAQyJuojM2+NMCeESj2K
+Y08CgVqr6q5YCs5+dKF1asRkrqcKMS9B7cUSfEo06G0i9J898kqM7nzngVDg5fBS
+fSh5OlrEhft75iYfcUfGl4tNOetLRkzX19MVtoJ4gxc=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
index 155f24b5..9bc25f03 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainI-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainI-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         7a:19:8d:a9:ab:4e:b7:89:d0:db:65:49:18:dc:23:9e:71:bf:
-         28:c6:54:de:dd:e4:9a:bf:89:be:2b:3e:fb:1f:47:dc:1e:e9:
-         8f:3d:b1:4e:7d:63:3b:48:12:8c:cc:c9:98:6f:35:c1:9f:26:
-         ed:f6:e5:50:55:84:94:c0:8e:e3:78:49:8d:21:33:41:03:10:
-         9a:16:27:0b:33:90:18:3a:f4:1e:59:75:3e:c2:9d:b8:58:fe:
-         52:26:11:95:f1:14:f9:17:2f:f6:6a:a5:e3:03:af:94:a4:18:
-         71:82:63:aa:ad:d0:55:08:48:bd:80:16:cf:36:8a:f2:69:2f:
-         fd:e0:72:96:2e:b3:75:c5:8f:60:b9:46:a0:e0:ad:a2:54:2e:
-         b9:f9:c0:ab:a5:e2:88:47:9a:ec:a7:c9:e3:74:22:90:57:a4:
-         03:b4:2f:33:bf:e6:58:35:3f:75:b3:5f:b7:aa:f8:d5:2a:7f:
-         4a:bd:55:4e:d6:e6:a4:25:67:aa:99:57:4b:ca:28:7a:d8:78:
-         08:51:a2:95:53:e1:04:6a:48:3f:85:57:f0:81:53:9b:80:87:
-         24:da:d9:7e:c0:6c:a8:f1:75:50:7f:d4:0c:ba:c6:9a:16:f1:
-         00:5e:25:c5:99:7f:44:f1:39:c6:72:bd:e5:4a:ff:3a:89:15:
-         25:3c:2e:28
+         03:42:31:e4:a2:3f:2a:7a:a6:7e:87:61:8b:2c:a1:10:af:b4:
+         06:db:3f:77:85:88:c4:db:df:78:3d:d2:aa:aa:ac:cd:19:c1:
+         a7:47:66:e2:91:9b:59:ab:70:e0:74:1a:a7:b4:5c:30:3f:ea:
+         a3:14:6a:aa:3e:82:38:7d:2f:db:6f:43:60:db:20:cb:e4:69:
+         62:73:75:d8:22:db:c3:92:cb:96:d3:7c:5a:ca:d5:3a:d1:91:
+         20:2c:37:0f:3d:ef:8e:ca:0b:8b:73:af:79:66:ec:84:93:41:
+         71:a1:6d:86:57:1b:d9:83:7e:c0:18:b6:4f:3c:85:89:59:c8:
+         99:1e:e7:53:5d:2b:41:7c:24:d0:9a:73:43:b3:ee:69:de:60:
+         08:b9:f0:b2:ac:b5:24:70:06:b7:1e:7b:fd:30:07:80:24:45:
+         c5:4f:84:e7:a6:67:99:0b:42:45:38:54:90:01:49:b2:14:31:
+         48:09:2b:83:3e:37:2e:d5:fd:92:7b:4f:cb:2f:ea:0d:e7:d7:
+         07:62:6e:2e:c3:a4:64:e2:54:52:6e:66:41:a9:0d:68:3f:76:
+         8f:e9:42:3d:a2:23:b9:ed:fc:52:f5:d4:96:29:81:fd:80:39:
+         71:16:3c:df:c9:2f:ad:c3:83:56:f5:85:55:89:e6:c9:23:f6:
+         eb:0e:c7:34
 -----BEGIN CERTIFICATE-----
 MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSS1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluSS1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
 BgNVBAMMFmNoYWluSS1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
 Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-ehmNqatOt4nQ22VJGNwjnnG/KMZU3t3kmr+Jvis++x9H3B7pjz2xTn1jO0gSjMzJ
-mG81wZ8m7fblUFWElMCO43hJjSEzQQMQmhYnCzOQGDr0Hll1PsKduFj+UiYRlfEU
-+Rcv9mql4wOvlKQYcYJjqq3QVQhIvYAWzzaK8mkv/eByli6zdcWPYLlGoOCtolQu
-ufnAq6XiiEea7KfJ43QikFekA7QvM7/mWDU/dbNft6r41Sp/Sr1VTtbmpCVnqplX
-S8ooeth4CFGilVPhBGpIP4VX8IFTm4CHJNrZfsBsqPF1UH/UDLrGmhbxAF4lxZl/
-RPE5xnK95Ur/OokVJTwuKA==
+A0Ix5KI/KnqmfodhiyyhEK+0Bts/d4WIxNvfeD3SqqqszRnBp0dm4pGbWatw4HQa
+p7RcMD/qoxRqqj6COH0v229DYNsgy+RpYnN12CLbw5LLltN8WsrVOtGRICw3Dz3v
+jsoLi3OveWbshJNBcaFthlcb2YN+wBi2TzyFiVnImR7nU10rQXwk0JpzQ7Puad5g
+CLnwsqy1JHAGtx57/TAHgCRFxU+E56ZnmQtCRThUkAFJshQxSAkrgz43LtX9kntP
+yy/qDefXB2JuLsOkZOJUUm5mQakNaD92j+lCPaIjue38UvXUlimB/YA5cRY838kv
+rcODVvWFVYnmySP26w7HNA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
index a834078a..8daca2a5 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA1-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         8a:c2:bd:e8:d2:53:df:a2:01:71:2d:bd:24:c0:ce:3a:41:bc:
-         86:24:51:4a:66:06:9e:1f:1f:c7:45:e2:db:ab:60:e8:89:ba:
-         97:77:fe:d0:16:80:19:af:00:d0:2c:43:c3:b9:8c:6e:ff:5c:
-         08:01:4a:a1:2c:ba:ba:db:96:f8:a1:d9:e7:65:2a:ee:d9:6d:
-         73:7a:19:67:ed:67:69:30:13:fe:63:67:ec:e4:8c:89:37:11:
-         82:c8:d5:3e:7b:bb:26:02:a0:10:44:72:51:d6:ea:33:9e:54:
-         01:1a:5b:ed:0e:be:43:8f:a0:5b:dc:26:fa:e9:7c:20:e4:9a:
-         6d:5b:87:c9:95:e5:7a:5b:2d:9a:9a:ab:65:37:9f:88:79:2c:
-         10:83:82:32:76:1d:4f:f9:bf:8d:fd:2f:16:a7:d7:bb:64:41:
-         6a:6d:02:9d:f5:f5:31:44:c5:64:56:9a:b8:a4:dd:88:ed:79:
-         3b:f4:23:d7:0f:8a:2a:f3:f4:92:47:f5:f6:0f:19:e9:7c:6a:
-         fe:f0:62:c3:43:45:a2:6c:f5:2e:0b:c3:c5:8b:21:70:68:fc:
-         58:63:91:1d:a4:35:eb:5b:4c:67:df:1d:4a:a3:a3:9e:16:a5:
-         6b:e3:05:66:00:1e:03:aa:3f:0d:f8:2f:f7:f6:78:08:e0:b6:
-         1f:20:0e:3d
+         98:29:a6:c0:de:6c:d0:3d:c3:ff:d0:57:5f:83:48:bd:e0:80:
+         1c:7a:e0:81:a9:5e:43:17:01:1b:c0:d6:89:30:eb:21:47:9e:
+         8a:38:73:37:74:52:04:37:37:6e:7e:11:0e:f8:cb:c7:7c:4f:
+         43:4f:07:64:56:7a:f7:66:4f:98:2f:6a:01:ae:04:72:64:03:
+         32:88:e7:7e:60:ae:1e:16:93:4d:51:44:41:a7:b6:3e:19:e6:
+         20:c9:30:3a:8f:86:77:b9:9c:c2:b8:f1:d9:7a:a9:10:cc:ce:
+         95:46:bb:62:0d:d8:c8:78:37:51:51:2e:83:a8:5b:ef:fa:a0:
+         34:bb:a3:93:66:b6:4f:72:25:fc:e2:39:1a:3a:3f:74:c5:94:
+         88:0c:34:90:1e:f9:b0:d9:23:e4:29:33:4a:2f:59:c7:88:52:
+         c9:69:a9:6d:c7:8d:da:92:c3:4e:f3:c9:3c:5e:28:e1:ae:e0:
+         b7:ef:b4:07:18:70:b7:ea:2c:8a:e1:92:31:1c:71:26:cf:d5:
+         5b:c6:fd:88:db:8b:30:36:41:91:b1:fd:63:c3:3e:b2:e2:64:
+         5e:b2:ac:90:0c:6f:d5:21:4c:22:85:c5:0e:65:23:46:31:52:
+         31:f5:42:d8:b3:78:bb:3e:d2:f0:69:61:b9:45:4e:6b:79:78:
+         a8:60:23:7a
 -----BEGIN CERTIFICATE-----
 MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI
 hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCKwr3o0lPfogFxLb0kwM46QbyGJFFK
-ZgaeHx/HReLbq2DoibqXd/7QFoAZrwDQLEPDuYxu/1wIAUqhLLq625b4odnnZSru
-2W1zehln7WdpMBP+Y2fs5IyJNxGCyNU+e7smAqAQRHJR1uoznlQBGlvtDr5Dj6Bb
-3Cb66Xwg5JptW4fJleV6Wy2amqtlN5+IeSwQg4Iydh1P+b+N/S8Wp9e7ZEFqbQKd
-9fUxRMVkVpq4pN2I7Xk79CPXD4oq8/SSR/X2DxnpfGr+8GLDQ0WibPUuC8PFiyFw
-aPxYY5EdpDXrW0xn3x1Ko6OeFqVr4wVmAB4Dqj8N+C/39ngI4LYfIA49
+BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCYKabA3mzQPcP/0Fdfg0i94IAceuCB
+qV5DFwEbwNaJMOshR56KOHM3dFIENzdufhEO+MvHfE9DTwdkVnr3Zk+YL2oBrgRy
+ZAMyiOd+YK4eFpNNUURBp7Y+GeYgyTA6j4Z3uZzCuPHZeqkQzM6VRrtiDdjIeDdR
+US6DqFvv+qA0u6OTZrZPciX84jkaOj90xZSIDDSQHvmw2SPkKTNKL1nHiFLJaalt
+x43aksNO88k8XijhruC377QHGHC36iyK4ZIxHHEmz9Vbxv2I24swNkGRsf1jwz6y
+4mResqyQDG/VIUwihcUOZSNGMVIx9ULYs3i7PtLwaWG5RU5reXioYCN6
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
index 64b0d0e4..0b9b86ac 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA2-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         64:05:b5:78:b4:eb:f3:d5:be:5f:ec:27:6e:7d:ad:74:6c:da:
-         c4:2c:cf:fc:b9:4f:52:7f:b1:78:3a:de:f6:9a:97:f5:aa:a4:
-         ce:b0:2a:84:b5:33:5f:b4:55:b9:f9:03:58:ba:7a:86:8d:b7:
-         ff:e5:dd:69:b9:e8:40:76:cf:5b:8e:9c:a5:0b:df:35:da:d6:
-         8c:72:b5:a6:92:d5:e5:7b:75:10:6c:89:33:0a:34:2d:ef:bb:
-         72:6d:be:89:b0:b3:71:b4:50:a1:00:b7:01:d8:31:bf:db:40:
-         df:d1:1f:a8:16:e6:4b:2e:04:98:66:8c:73:43:50:95:73:80:
-         0b:84:8f:2d:be:cb:6b:1b:1b:a1:78:d4:bd:b0:a5:b9:34:a9:
-         3f:56:b0:0b:b2:dc:34:0f:e6:5f:42:8e:be:57:9d:40:49:6b:
-         1d:f8:4d:03:30:4c:e4:d9:25:ad:3f:96:8c:3e:ac:e1:8f:34:
-         ee:65:50:a0:79:b0:1e:2c:85:0c:11:6d:02:d8:be:1c:d9:0a:
-         c5:01:4f:8b:a8:b3:91:0a:76:3a:a2:b0:cd:24:10:6e:e1:7f:
-         0e:35:71:97:56:18:15:61:11:e1:4d:90:ff:67:2b:52:54:e9:
-         44:27:2c:4f:fc:59:0f:e0:87:69:44:92:8d:d0:b6:db:8a:e2:
-         70:0d:12:05
+         44:d2:b6:d0:85:31:bf:1f:a2:b1:91:6b:ee:dc:80:ac:29:81:
+         0e:b4:c3:e8:8e:91:be:66:f2:44:61:8b:6c:44:17:d9:cd:15:
+         40:bd:ce:7c:ca:7d:ad:c8:e1:81:90:a4:28:57:88:71:49:9f:
+         03:bb:4b:8c:ff:02:08:98:d2:e4:b0:ca:be:f2:df:08:18:24:
+         f7:3c:22:be:f2:23:10:96:95:2b:f0:a0:ed:16:08:1a:1e:ce:
+         df:1d:f7:b3:35:af:f4:86:f2:16:b5:2c:90:bd:0a:f8:64:61:
+         da:c6:2e:4b:1f:05:30:1a:72:d3:51:33:26:61:5d:0d:14:0f:
+         b8:b9:dc:6f:78:57:a0:63:4c:f0:16:49:fd:48:54:c3:92:1e:
+         c0:04:8a:16:c0:9a:35:08:be:49:f2:dd:90:6a:90:48:d5:9f:
+         48:82:18:f2:04:d6:d8:07:55:17:99:8e:27:cf:86:8d:1b:a6:
+         02:72:42:a8:53:e6:5d:20:5a:8d:2e:d3:fc:a7:71:4c:b2:21:
+         9d:14:8c:f1:49:3c:ca:e7:e6:c6:51:7f:41:3c:37:1a:38:21:
+         a4:ee:9e:1b:cc:8b:09:df:35:de:18:c4:7a:89:32:b9:8d:15:
+         eb:07:5b:2b:5c:55:a5:44:db:fb:f2:15:16:1c:01:16:dd:de:
+         d9:7a:bf:dc
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -80,10 +80,10 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZAW1eLTr89W+X+wnbn2tdGzaxCzP/LlP
-Un+xeDre9pqX9aqkzrAqhLUzX7RVufkDWLp6ho23/+XdabnoQHbPW46cpQvfNdrW
-jHK1ppLV5Xt1EGyJMwo0Le+7cm2+ibCzcbRQoQC3Adgxv9tA39EfqBbmSy4EmGaM
-c0NQlXOAC4SPLb7LaxsboXjUvbCluTSpP1awC7LcNA/mX0KOvledQElrHfhNAzBM
-5NklrT+WjD6s4Y807mVQoHmwHiyFDBFtAti+HNkKxQFPi6izkQp2OqKwzSQQbuF/
-DjVxl1YYFWER4U2Q/2crUlTpRCcsT/xZD+CHaUSSjdC224ricA0SBQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARNK20IUxvx+isZFr7tyArCmBDrTD6I6R
+vmbyRGGLbEQX2c0VQL3OfMp9rcjhgZCkKFeIcUmfA7tLjP8CCJjS5LDKvvLfCBgk
+9zwivvIjEJaVK/Cg7RYIGh7O3x33szWv9IbyFrUskL0K+GRh2sYuSx8FMBpy01Ez
+JmFdDRQPuLncb3hXoGNM8BZJ/UhUw5IewASKFsCaNQi+SfLdkGqQSNWfSIIY8gTW
+2AdVF5mOJ8+GjRumAnJCqFPmXSBajS7T/KdxTLIhnRSM8Uk8yufmxlF/QTw3Gjgh
+pO6eG8yLCd813hjEeokyuY0V6wdbK1xVpUTb+/IVFhwBFt3e2Xq/3A==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
index 2b09049a..a11ff487 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA3-no_pathlen.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -44,27 +44,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         6c:4e:a1:bd:fd:0a:46:ac:b3:94:e7:4b:20:99:1f:3e:4a:10:
-         95:1d:21:f9:71:da:f6:4a:c9:dc:78:14:a9:5e:01:6b:40:8f:
-         18:40:6e:6d:a5:82:91:19:79:0a:d1:5e:15:16:46:c0:05:5a:
-         67:56:8a:14:8e:9c:09:61:bc:11:f8:4d:f8:66:8d:84:c5:7d:
-         e3:28:3d:ff:db:37:c4:08:48:4e:ce:0c:89:49:a6:a8:fc:d5:
-         14:6f:e4:ae:cf:64:f4:21:3a:a9:58:fe:50:b2:5b:c2:14:a8:
-         0f:3b:c7:c7:ae:ef:40:48:8c:35:cc:09:87:2d:6b:b3:95:a8:
-         ff:e9:c1:3a:88:48:a2:64:6c:2a:1c:a4:19:34:69:76:0d:e4:
-         71:fc:46:f0:2f:17:fa:17:ed:c8:d4:af:d8:cc:d2:97:f1:93:
-         5e:4c:37:a7:06:b0:c3:9e:a7:e3:f9:1d:ca:bf:e0:3d:8e:b1:
-         30:8c:bc:4e:94:8c:0e:fa:41:29:e5:21:ba:77:f2:74:31:58:
-         fe:7c:c1:03:f5:28:2a:68:2b:ab:ba:87:61:b9:85:54:21:4d:
-         c0:22:35:4d:18:c2:a1:f3:70:56:e9:4b:a2:95:86:f5:c4:da:
-         70:d6:bc:17:67:c8:f2:3d:1f:80:0f:78:85:52:30:5b:6e:eb:
-         6f:b7:bb:a2
+         47:22:2e:50:b3:0b:ed:17:f9:70:a3:71:3e:8d:55:d4:2f:16:
+         4a:9e:b4:c9:1d:b4:fa:20:10:2b:0f:db:71:b9:50:bf:52:f6:
+         f8:ad:0d:65:69:13:99:e3:eb:ef:98:7e:9c:e7:f9:5d:ff:d4:
+         9b:76:44:ba:d6:ce:7d:c1:cb:03:c7:a0:30:b8:76:05:fe:a9:
+         ca:7d:fe:6f:da:4a:2b:a2:18:bc:98:f2:00:68:72:4a:93:ae:
+         85:e0:c0:01:f9:ca:ac:f5:11:26:72:e3:48:34:3a:ce:ac:de:
+         dc:4e:cf:8c:ea:78:72:40:0e:08:42:ec:6e:3e:f5:13:ce:fa:
+         d5:38:65:88:f7:e5:61:6b:85:18:e1:ec:5b:fb:6d:1c:52:df:
+         99:16:01:00:70:a8:1d:1e:89:39:df:c3:fb:de:17:cd:69:68:
+         bc:78:1f:21:9d:f3:69:bc:76:ee:00:e4:ea:ea:73:b4:4f:89:
+         07:14:3e:94:77:28:f1:75:97:c7:43:72:2d:79:f5:a0:36:b1:
+         e5:26:50:c6:23:6b:88:83:57:13:74:4d:27:8a:11:f6:98:64:
+         a7:b2:9e:3e:18:c6:a2:85:60:22:7a:a0:5a:70:38:08:7b:2c:
+         9a:1c:b9:32:e4:08:14:1b:a5:a1:ab:03:f6:60:8b:3d:b3:72:
+         c2:d8:de:ab
 -----BEGIN CERTIFICATE-----
 MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
 DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -80,10 +80,10 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
 c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQBsTqG9/QpGrLOU50sgmR8+ShCVHSH5cdr2SsnceBSpXgFrQI8YQG5t
-pYKRGXkK0V4VFkbABVpnVooUjpwJYbwR+E34Zo2ExX3jKD3/2zfECEhOzgyJSaao
-/NUUb+Suz2T0ITqpWP5QslvCFKgPO8fHru9ASIw1zAmHLWuzlaj/6cE6iEiiZGwq
-HKQZNGl2DeRx/EbwLxf6F+3I1K/YzNKX8ZNeTDenBrDDnqfj+R3Kv+A9jrEwjLxO
-lIwO+kEp5SG6d/J0MVj+fMED9SgqaCuruodhuYVUIU3AIjVNGMKh83BW6UuilYb1
-xNpw1rwXZ8jyPR+AD3iFUjBbbutvt7ui
+CwUAA4IBAQBHIi5QswvtF/lwo3E+jVXULxZKnrTJHbT6IBArD9txuVC/Uvb4rQ1l
+aROZ4+vvmH6c5/ld/9SbdkS61s59wcsDx6AwuHYF/qnKff5v2korohi8mPIAaHJK
+k66F4MAB+cqs9REmcuNINDrOrN7cTs+M6nhyQA4IQuxuPvUTzvrVOGWI9+Vha4UY
+4exb+20cUt+ZFgEAcKgdHok538P73hfNaWi8eB8hnfNpvHbuAOTq6nO0T4kHFD6U
+dyjxdZfHQ3ItefWgNrHlJlDGI2uIg1cTdE0nihH2mGSnsp4+GMaihWAieqBacDgI
+eyyaHLky5AgUG6WhqwP2YIs9s3LC2N6r
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
index 5951c8a3..885a35ba 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-ICA4-pathlen2.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,34 +37,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         3b:8b:b7:2b:1d:58:68:22:70:84:71:02:0f:80:9e:f8:04:7a:
-         0c:aa:ab:60:ce:d0:ef:a5:0d:1f:6f:be:cf:06:8d:a2:52:3b:
-         3f:3d:22:6c:6a:37:a3:2e:be:b2:6c:c6:5f:95:7b:68:df:22:
-         9a:31:6e:eb:c1:5d:80:0c:2c:34:44:b4:3a:6a:f9:1c:8c:68:
-         39:1d:52:05:47:b9:a3:23:87:72:19:d4:d3:87:59:df:eb:b8:
-         ef:19:b3:15:e0:c4:65:5a:9b:b2:42:67:f9:01:5a:2d:a1:73:
-         8c:2e:02:f9:56:20:57:23:03:3f:f9:13:ec:14:51:d0:9e:d4:
-         49:ec:9e:f1:47:b2:19:19:03:59:cc:3f:f0:ef:d1:3d:8a:06:
-         37:f2:3c:70:f4:c4:c8:b0:57:4c:c1:18:4d:a1:c0:c6:3e:c7:
-         b3:1f:66:50:39:3f:f7:12:cf:b1:ff:26:ad:59:86:d6:18:d3:
-         24:b7:6f:75:b7:8d:60:c4:63:e2:22:52:ff:b3:ea:03:b8:eb:
-         b9:a2:2b:38:97:70:e9:5c:0d:a4:88:d0:85:b0:2b:b2:f7:75:
-         3c:7d:2b:15:56:b4:78:ce:66:71:bc:62:60:24:72:3b:37:07:
-         8f:75:ba:29:6e:25:9d:80:66:7b:41:f7:8a:e0:ce:8a:41:3c:
-         24:1e:fc:34
+         38:0c:f8:b9:53:67:57:a3:18:3c:0a:74:2d:13:79:32:7b:e2:
+         4b:4f:82:5a:0e:7f:bb:ca:87:63:09:02:bd:31:62:2b:74:c4:
+         47:fe:96:4a:8b:97:ee:43:ea:be:d4:0d:07:3f:57:dd:e5:ea:
+         da:d8:30:94:64:73:b6:fd:d7:4f:72:41:ce:13:fc:65:c6:b1:
+         f7:5c:b7:60:d9:55:bd:c4:89:49:57:90:15:be:cc:93:ee:3e:
+         bd:37:22:7a:98:9d:17:69:4f:87:62:82:f6:03:2d:ee:52:22:
+         8c:86:bb:ba:93:9e:23:d8:d9:a2:4b:7e:ef:7d:59:d8:01:00:
+         8d:f8:e6:b0:ac:ef:41:72:ff:ab:0d:b1:4f:cd:1e:73:81:3a:
+         19:5a:3e:ac:da:f0:7f:be:b3:98:5f:22:08:96:2a:c4:41:43:
+         0b:83:30:07:c1:25:eb:2d:5f:60:a2:e5:b4:57:45:71:59:f9:
+         5b:b7:fd:3b:b3:4e:f0:cf:18:b9:0f:03:88:43:1d:9e:be:7b:
+         b1:a4:1f:e4:bc:ee:59:b7:2c:fe:a2:a6:08:96:f8:df:63:80:
+         02:a5:61:a8:16:86:d1:28:c5:db:c6:0a:bb:4a:e4:61:ec:50:
+         6c:58:c3:b0:0b:ba:be:fa:14:8c:36:59:ef:a3:6b:57:4a:6c:
+         3e:33:6e:8a
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -78,12 +78,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBADuLtysdWGgicIRxAg+AnvgEegyqq2DO0O+lDR9vvs8G
-jaJSOz89ImxqN6MuvrJsxl+Ve2jfIpoxbuvBXYAMLDREtDpq+RyMaDkdUgVHuaMj
-h3IZ1NOHWd/ruO8ZsxXgxGVam7JCZ/kBWi2hc4wuAvlWIFcjAz/5E+wUUdCe1Ens
-nvFHshkZA1nMP/Dv0T2KBjfyPHD0xMiwV0zBGE2hwMY+x7MfZlA5P/cSz7H/Jq1Z
-htYY0yS3b3W3jWDEY+IiUv+z6gO467miKziXcOlcDaSI0IWwK7L3dTx9KxVWtHjO
-ZnG8YmAkcjs3B491uiluJZ2AZntB94rgzopBPCQe/DQ=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBADgM+LlTZ1ejGDwKdC0TeTJ74ktPgloOf7vKh2MJAr0x
+Yit0xEf+lkqLl+5D6r7UDQc/V93l6trYMJRkc7b9109yQc4T/GXGsfdct2DZVb3E
+iUlXkBW+zJPuPr03InqYnRdpT4digvYDLe5SIoyGu7qTniPY2aJLfu99WdgBAI34
+5rCs70Fy/6sNsU/NHnOBOhlaPqza8H++s5hfIgiWKsRBQwuDMAfBJestX2Ci5bRX
+RXFZ+Vu3/TuzTvDPGLkPA4hDHZ6+e7GkH+S87lm3LP6ipgiW+N9jgAKlYagWhtEo
+xdvGCrtK5GHsUGxYw7ALur76FIw2We+ja1dKbD4zboo=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
index da2f3f6f..33394ec6 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-assembled.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         80:3e:0c:a6:77:8f:f3:d3:e5:b8:d9:7e:73:95:f7:c1:1b:6d:
-         00:2b:51:a8:02:2e:11:47:1e:b7:c8:ed:04:e4:63:fc:93:6a:
-         a5:7c:78:b5:4c:38:36:9e:5c:60:44:92:d0:0c:e1:af:0e:7d:
-         14:f6:2a:9d:13:97:92:5e:13:e6:e9:d2:88:cd:89:a2:90:58:
-         2b:5d:ef:33:3e:99:19:11:f1:f5:53:17:11:ed:4c:ec:10:c6:
-         7f:eb:af:81:47:d4:45:dd:40:4c:34:a4:62:ab:0d:d8:2e:fe:
-         eb:81:3c:7d:8d:75:81:b1:47:64:0f:87:c6:7b:c4:13:a4:40:
-         8f:b9:da:be:c8:1c:15:18:58:b6:a3:f6:81:6e:0f:f3:c0:4c:
-         d2:77:d5:4d:ed:9f:43:58:9d:e2:f7:e7:d6:a0:dd:f3:c5:5f:
-         7e:54:12:ac:4f:53:8a:60:45:d7:fc:22:df:79:1e:a3:26:78:
-         c6:6e:b9:f5:44:9c:71:40:16:41:18:d4:d2:79:7a:13:d7:2d:
-         e0:a8:25:55:67:92:66:dd:18:bf:46:40:5b:fb:be:d1:fb:ed:
-         db:3c:b1:c5:0f:ff:89:95:0a:a5:1e:cb:18:4d:2c:ba:ac:e9:
-         d3:28:af:82:21:ff:78:d5:a8:a0:3a:ce:f3:21:9a:b6:d6:61:
-         4b:bd:73:14
+         46:5c:9c:45:3c:a5:1d:27:7f:4b:b6:2d:7d:aa:03:28:53:a5:
+         e3:cb:5a:63:16:58:5c:fe:97:65:c4:1e:d3:34:fe:8f:46:6e:
+         09:e4:2f:18:c9:fd:d0:7b:90:ab:f6:a5:89:fb:d0:0c:3a:f8:
+         3c:53:d5:3b:3a:2e:c0:dd:59:e1:6f:ed:e8:d4:1f:d3:9f:5e:
+         c8:1f:50:ba:6d:16:1f:25:ab:e0:aa:74:8f:38:50:e8:98:f9:
+         07:0f:71:3f:16:ce:cc:51:f8:ff:61:47:33:b4:98:36:63:19:
+         06:3e:0c:a1:69:ba:67:64:9c:46:8a:ea:3e:62:27:c0:b3:60:
+         7a:37:2b:fc:e2:c5:a8:8f:82:69:48:ff:4f:be:c4:8a:22:a3:
+         53:db:df:ee:c5:87:b7:da:55:f7:cd:48:e1:45:e7:22:f2:ec:
+         bd:94:2c:a5:e5:ea:9c:60:c6:b8:83:6a:6a:9a:c9:46:9b:6e:
+         88:38:d2:56:65:42:a6:5a:0f:d0:60:92:06:f4:1f:d9:5f:cd:
+         07:93:04:00:1a:c1:eb:d8:a8:78:80:9f:c2:b7:b2:e9:4d:8c:
+         6d:09:85:f0:87:c1:d6:d9:12:72:13:68:71:16:f7:53:f4:92:
+         9b:d4:46:31:b5:45:32:7b:f8:e6:dd:bf:d1:f9:aa:da:d3:7e:
+         06:2b:dd:fa
 -----BEGIN CERTIFICATE-----
 MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,12 +78,12 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
 BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
 Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-gD4MpneP89PluNl+c5X3wRttACtRqAIuEUcet8jtBORj/JNqpXx4tUw4Np5cYESS
-0Azhrw59FPYqnROXkl4T5unSiM2JopBYK13vMz6ZGRHx9VMXEe1M7BDGf+uvgUfU
-Rd1ATDSkYqsN2C7+64E8fY11gbFHZA+HxnvEE6RAj7navsgcFRhYtqP2gW4P88BM
-0nfVTe2fQ1id4vfn1qDd88VfflQSrE9TimBF1/wi33keoyZ4xm659USccUAWQRjU
-0nl6E9ct4KglVWeSZt0Yv0ZAW/u+0fvt2zyxxQ//iZUKpR7LGE0suqzp0yivgiH/
-eNWooDrO8yGattZhS71zFA==
+RlycRTylHSd/S7YtfaoDKFOl48taYxZYXP6XZcQe0zT+j0ZuCeQvGMn90HuQq/al
+ifvQDDr4PFPVOzouwN1Z4W/t6NQf059eyB9Qum0WHyWr4Kp0jzhQ6Jj5Bw9xPxbO
+zFH4/2FHM7SYNmMZBj4MoWm6Z2ScRorqPmInwLNgejcr/OLFqI+CaUj/T77EiiKj
+U9vf7sWHt9pV981I4UXnIvLsvZQspeXqnGDGuINqaprJRptuiDjSVmVCploP0GCS
+BvQf2V/NB5MEABrB69ioeICfwrey6U2MbQmF8IfB1tkSchNocRb3U/SSm9RGMbVF
+Mnv45t2/0fmq2tN+Bivd+g==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -92,8 +92,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -131,27 +131,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         8a:c2:bd:e8:d2:53:df:a2:01:71:2d:bd:24:c0:ce:3a:41:bc:
-         86:24:51:4a:66:06:9e:1f:1f:c7:45:e2:db:ab:60:e8:89:ba:
-         97:77:fe:d0:16:80:19:af:00:d0:2c:43:c3:b9:8c:6e:ff:5c:
-         08:01:4a:a1:2c:ba:ba:db:96:f8:a1:d9:e7:65:2a:ee:d9:6d:
-         73:7a:19:67:ed:67:69:30:13:fe:63:67:ec:e4:8c:89:37:11:
-         82:c8:d5:3e:7b:bb:26:02:a0:10:44:72:51:d6:ea:33:9e:54:
-         01:1a:5b:ed:0e:be:43:8f:a0:5b:dc:26:fa:e9:7c:20:e4:9a:
-         6d:5b:87:c9:95:e5:7a:5b:2d:9a:9a:ab:65:37:9f:88:79:2c:
-         10:83:82:32:76:1d:4f:f9:bf:8d:fd:2f:16:a7:d7:bb:64:41:
-         6a:6d:02:9d:f5:f5:31:44:c5:64:56:9a:b8:a4:dd:88:ed:79:
-         3b:f4:23:d7:0f:8a:2a:f3:f4:92:47:f5:f6:0f:19:e9:7c:6a:
-         fe:f0:62:c3:43:45:a2:6c:f5:2e:0b:c3:c5:8b:21:70:68:fc:
-         58:63:91:1d:a4:35:eb:5b:4c:67:df:1d:4a:a3:a3:9e:16:a5:
-         6b:e3:05:66:00:1e:03:aa:3f:0d:f8:2f:f7:f6:78:08:e0:b6:
-         1f:20:0e:3d
+         98:29:a6:c0:de:6c:d0:3d:c3:ff:d0:57:5f:83:48:bd:e0:80:
+         1c:7a:e0:81:a9:5e:43:17:01:1b:c0:d6:89:30:eb:21:47:9e:
+         8a:38:73:37:74:52:04:37:37:6e:7e:11:0e:f8:cb:c7:7c:4f:
+         43:4f:07:64:56:7a:f7:66:4f:98:2f:6a:01:ae:04:72:64:03:
+         32:88:e7:7e:60:ae:1e:16:93:4d:51:44:41:a7:b6:3e:19:e6:
+         20:c9:30:3a:8f:86:77:b9:9c:c2:b8:f1:d9:7a:a9:10:cc:ce:
+         95:46:bb:62:0d:d8:c8:78:37:51:51:2e:83:a8:5b:ef:fa:a0:
+         34:bb:a3:93:66:b6:4f:72:25:fc:e2:39:1a:3a:3f:74:c5:94:
+         88:0c:34:90:1e:f9:b0:d9:23:e4:29:33:4a:2f:59:c7:88:52:
+         c9:69:a9:6d:c7:8d:da:92:c3:4e:f3:c9:3c:5e:28:e1:ae:e0:
+         b7:ef:b4:07:18:70:b7:ea:2c:8a:e1:92:31:1c:71:26:cf:d5:
+         5b:c6:fd:88:db:8b:30:36:41:91:b1:fd:63:c3:3e:b2:e2:64:
+         5e:b2:ac:90:0c:6f:d5:21:4c:22:85:c5:0e:65:23:46:31:52:
+         31:f5:42:d8:b3:78:bb:3e:d2:f0:69:61:b9:45:4e:6b:79:78:
+         a8:60:23:7a
 -----BEGIN CERTIFICATE-----
 MIIE1jCCA76gAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -167,12 +167,12 @@ gaYwgaMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR8wHQYDVQQDDBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZI
 hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0P
-BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCKwr3o0lPfogFxLb0kwM46QbyGJFFK
-ZgaeHx/HReLbq2DoibqXd/7QFoAZrwDQLEPDuYxu/1wIAUqhLLq625b4odnnZSru
-2W1zehln7WdpMBP+Y2fs5IyJNxGCyNU+e7smAqAQRHJR1uoznlQBGlvtDr5Dj6Bb
-3Cb66Xwg5JptW4fJleV6Wy2amqtlN5+IeSwQg4Iydh1P+b+N/S8Wp9e7ZEFqbQKd
-9fUxRMVkVpq4pN2I7Xk79CPXD4oq8/SSR/X2DxnpfGr+8GLDQ0WibPUuC8PFiyFw
-aPxYY5EdpDXrW0xn3x1Ko6OeFqVr4wVmAB4Dqj8N+C/39ngI4LYfIA49
+BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQCYKabA3mzQPcP/0Fdfg0i94IAceuCB
+qV5DFwEbwNaJMOshR56KOHM3dFIENzdufhEO+MvHfE9DTwdkVnr3Zk+YL2oBrgRy
+ZAMyiOd+YK4eFpNNUURBp7Y+GeYgyTA6j4Z3uZzCuPHZeqkQzM6VRrtiDdjIeDdR
+US6DqFvv+qA0u6OTZrZPciX84jkaOj90xZSIDDSQHvmw2SPkKTNKL1nHiFLJaalt
+x43aksNO88k8XijhruC377QHGHC36iyK4ZIxHHEmz9Vbxv2I24swNkGRsf1jwz6y
+4mResqyQDG/VIUwihcUOZSNGMVIx9ULYs3i7PtLwaWG5RU5reXioYCN6
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -181,8 +181,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA2-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -220,27 +220,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         64:05:b5:78:b4:eb:f3:d5:be:5f:ec:27:6e:7d:ad:74:6c:da:
-         c4:2c:cf:fc:b9:4f:52:7f:b1:78:3a:de:f6:9a:97:f5:aa:a4:
-         ce:b0:2a:84:b5:33:5f:b4:55:b9:f9:03:58:ba:7a:86:8d:b7:
-         ff:e5:dd:69:b9:e8:40:76:cf:5b:8e:9c:a5:0b:df:35:da:d6:
-         8c:72:b5:a6:92:d5:e5:7b:75:10:6c:89:33:0a:34:2d:ef:bb:
-         72:6d:be:89:b0:b3:71:b4:50:a1:00:b7:01:d8:31:bf:db:40:
-         df:d1:1f:a8:16:e6:4b:2e:04:98:66:8c:73:43:50:95:73:80:
-         0b:84:8f:2d:be:cb:6b:1b:1b:a1:78:d4:bd:b0:a5:b9:34:a9:
-         3f:56:b0:0b:b2:dc:34:0f:e6:5f:42:8e:be:57:9d:40:49:6b:
-         1d:f8:4d:03:30:4c:e4:d9:25:ad:3f:96:8c:3e:ac:e1:8f:34:
-         ee:65:50:a0:79:b0:1e:2c:85:0c:11:6d:02:d8:be:1c:d9:0a:
-         c5:01:4f:8b:a8:b3:91:0a:76:3a:a2:b0:cd:24:10:6e:e1:7f:
-         0e:35:71:97:56:18:15:61:11:e1:4d:90:ff:67:2b:52:54:e9:
-         44:27:2c:4f:fc:59:0f:e0:87:69:44:92:8d:d0:b6:db:8a:e2:
-         70:0d:12:05
+         44:d2:b6:d0:85:31:bf:1f:a2:b1:91:6b:ee:dc:80:ac:29:81:
+         0e:b4:c3:e8:8e:91:be:66:f2:44:61:8b:6c:44:17:d9:cd:15:
+         40:bd:ce:7c:ca:7d:ad:c8:e1:81:90:a4:28:57:88:71:49:9f:
+         03:bb:4b:8c:ff:02:08:98:d2:e4:b0:ca:be:f2:df:08:18:24:
+         f7:3c:22:be:f2:23:10:96:95:2b:f0:a0:ed:16:08:1a:1e:ce:
+         df:1d:f7:b3:35:af:f4:86:f2:16:b5:2c:90:bd:0a:f8:64:61:
+         da:c6:2e:4b:1f:05:30:1a:72:d3:51:33:26:61:5d:0d:14:0f:
+         b8:b9:dc:6f:78:57:a0:63:4c:f0:16:49:fd:48:54:c3:92:1e:
+         c0:04:8a:16:c0:9a:35:08:be:49:f2:dd:90:6a:90:48:d5:9f:
+         48:82:18:f2:04:d6:d8:07:55:17:99:8e:27:cf:86:8d:1b:a6:
+         02:72:42:a8:53:e6:5d:20:5a:8d:2e:d3:fc:a7:71:4c:b2:21:
+         9d:14:8c:f1:49:3c:ca:e7:e6:c6:51:7f:41:3c:37:1a:38:21:
+         a4:ee:9e:1b:cc:8b:09:df:35:de:18:c4:7a:89:32:b9:8d:15:
+         eb:07:5b:2b:5c:55:a5:44:db:fb:f2:15:16:1c:01:16:dd:de:
+         d9:7a:bf:dc
 -----BEGIN CERTIFICATE-----
 MIIE1DCCA7ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0EzLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBozELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBozELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNV
 BAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9A
@@ -256,12 +256,12 @@ gaQwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQH
 DAdTZWF0dGxlMRUwEwYDVQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMR0wGwYDVQQDDBRjaGFpbkotSUNBNC1wYXRobGVuMjEfMB0GCSqGSIb3
 DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIBZDAMBgNVHRMEBTADAQH/MAsGA1UdDwQE
-AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAZAW1eLTr89W+X+wnbn2tdGzaxCzP/LlP
-Un+xeDre9pqX9aqkzrAqhLUzX7RVufkDWLp6ho23/+XdabnoQHbPW46cpQvfNdrW
-jHK1ppLV5Xt1EGyJMwo0Le+7cm2+ibCzcbRQoQC3Adgxv9tA39EfqBbmSy4EmGaM
-c0NQlXOAC4SPLb7LaxsboXjUvbCluTSpP1awC7LcNA/mX0KOvledQElrHfhNAzBM
-5NklrT+WjD6s4Y807mVQoHmwHiyFDBFtAti+HNkKxQFPi6izkQp2OqKwzSQQbuF/
-DjVxl1YYFWER4U2Q/2crUlTpRCcsT/xZD+CHaUSSjdC224ricA0SBQ==
+AwIBBjANBgkqhkiG9w0BAQsFAAOCAQEARNK20IUxvx+isZFr7tyArCmBDrTD6I6R
+vmbyRGGLbEQX2c0VQL3OfMp9rcjhgZCkKFeIcUmfA7tLjP8CCJjS5LDKvvLfCBgk
+9zwivvIjEJaVK/Cg7RYIGh7O3x33szWv9IbyFrUskL0K+GRh2sYuSx8FMBpy01Ez
+JmFdDRQPuLncb3hXoGNM8BZJ/UhUw5IewASKFsCaNQi+SfLdkGqQSNWfSIIY8gTW
+2AdVF5mOJ8+GjRumAnJCqFPmXSBajS7T/KdxTLIhnRSM8Uk8yufmxlF/QTw3Gjgh
+pO6eG8yLCd813hjEeokyuY0V6wdbK1xVpUTb+/IVFhwBFt3e2Xq/3A==
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -270,8 +270,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA3-no_pathlen, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -309,27 +309,27 @@ Certificate:
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         6c:4e:a1:bd:fd:0a:46:ac:b3:94:e7:4b:20:99:1f:3e:4a:10:
-         95:1d:21:f9:71:da:f6:4a:c9:dc:78:14:a9:5e:01:6b:40:8f:
-         18:40:6e:6d:a5:82:91:19:79:0a:d1:5e:15:16:46:c0:05:5a:
-         67:56:8a:14:8e:9c:09:61:bc:11:f8:4d:f8:66:8d:84:c5:7d:
-         e3:28:3d:ff:db:37:c4:08:48:4e:ce:0c:89:49:a6:a8:fc:d5:
-         14:6f:e4:ae:cf:64:f4:21:3a:a9:58:fe:50:b2:5b:c2:14:a8:
-         0f:3b:c7:c7:ae:ef:40:48:8c:35:cc:09:87:2d:6b:b3:95:a8:
-         ff:e9:c1:3a:88:48:a2:64:6c:2a:1c:a4:19:34:69:76:0d:e4:
-         71:fc:46:f0:2f:17:fa:17:ed:c8:d4:af:d8:cc:d2:97:f1:93:
-         5e:4c:37:a7:06:b0:c3:9e:a7:e3:f9:1d:ca:bf:e0:3d:8e:b1:
-         30:8c:bc:4e:94:8c:0e:fa:41:29:e5:21:ba:77:f2:74:31:58:
-         fe:7c:c1:03:f5:28:2a:68:2b:ab:ba:87:61:b9:85:54:21:4d:
-         c0:22:35:4d:18:c2:a1:f3:70:56:e9:4b:a2:95:86:f5:c4:da:
-         70:d6:bc:17:67:c8:f2:3d:1f:80:0f:78:85:52:30:5b:6e:eb:
-         6f:b7:bb:a2
+         47:22:2e:50:b3:0b:ed:17:f9:70:a3:71:3e:8d:55:d4:2f:16:
+         4a:9e:b4:c9:1d:b4:fa:20:10:2b:0f:db:71:b9:50:bf:52:f6:
+         f8:ad:0d:65:69:13:99:e3:eb:ef:98:7e:9c:e7:f9:5d:ff:d4:
+         9b:76:44:ba:d6:ce:7d:c1:cb:03:c7:a0:30:b8:76:05:fe:a9:
+         ca:7d:fe:6f:da:4a:2b:a2:18:bc:98:f2:00:68:72:4a:93:ae:
+         85:e0:c0:01:f9:ca:ac:f5:11:26:72:e3:48:34:3a:ce:ac:de:
+         dc:4e:cf:8c:ea:78:72:40:0e:08:42:ec:6e:3e:f5:13:ce:fa:
+         d5:38:65:88:f7:e5:61:6b:85:18:e1:ec:5b:fb:6d:1c:52:df:
+         99:16:01:00:70:a8:1d:1e:89:39:df:c3:fb:de:17:cd:69:68:
+         bc:78:1f:21:9d:f3:69:bc:76:ee:00:e4:ea:ea:73:b4:4f:89:
+         07:14:3e:94:77:28:f1:75:97:c7:43:72:2d:79:f5:a0:36:b1:
+         e5:26:50:c6:23:6b:88:83:57:13:74:4d:27:8a:11:f6:98:64:
+         a7:b2:9e:3e:18:c6:a2:85:60:22:7a:a0:5a:70:38:08:7b:2c:
+         9a:1c:b9:32:e4:08:14:1b:a5:a1:ab:03:f6:60:8b:3d:b3:72:
+         c2:d8:de:ab
 -----BEGIN CERTIFICATE-----
 MIIExDCCA6ygAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBoTELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNo
 YWluSi1JQ0E0LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wu
-Y29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgaMxCzAJBgNVBAYT
+Y29tMB4XDTIzMTIxMzIyMTkzM1oXDTI2MDkwODIyMTkzM1owgaMxCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMRUwEwYD
 VQQKDAx3b2xmU1NMIEluYy4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMR8wHQYDVQQD
 DBZjaGFpbkotSUNBMy1ub19wYXRobGVuMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
@@ -345,12 +345,12 @@ gZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3pl
 bWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZz
 c2wuY29tggFkMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEB
-CwUAA4IBAQBsTqG9/QpGrLOU50sgmR8+ShCVHSH5cdr2SsnceBSpXgFrQI8YQG5t
-pYKRGXkK0V4VFkbABVpnVooUjpwJYbwR+E34Zo2ExX3jKD3/2zfECEhOzgyJSaao
-/NUUb+Suz2T0ITqpWP5QslvCFKgPO8fHru9ASIw1zAmHLWuzlaj/6cE6iEiiZGwq
-HKQZNGl2DeRx/EbwLxf6F+3I1K/YzNKX8ZNeTDenBrDDnqfj+R3Kv+A9jrEwjLxO
-lIwO+kEp5SG6d/J0MVj+fMED9SgqaCuruodhuYVUIU3AIjVNGMKh83BW6UuilYb1
-xNpw1rwXZ8jyPR+AD3iFUjBbbutvt7ui
+CwUAA4IBAQBHIi5QswvtF/lwo3E+jVXULxZKnrTJHbT6IBArD9txuVC/Uvb4rQ1l
+aROZ4+vvmH6c5/ld/9SbdkS61s59wcsDx6AwuHYF/qnKff5v2korohi8mPIAaHJK
+k66F4MAB+cqs9REmcuNINDrOrN7cTs+M6nhyQA4IQuxuPvUTzvrVOGWI9+Vha4UY
+4exb+20cUt+ZFgEAcKgdHok538P73hfNaWi8eB8hnfNpvHbuAOTq6nO0T4kHFD6U
+dyjxdZfHQ3ItefWgNrHlJlDGI2uIg1cTdE0nihH2mGSnsp4+GMaihWAieqBacDgI
+eyyaHLky5AgUG6WhqwP2YIs9s3LC2N6r
 -----END CERTIFICATE-----
 Certificate:
     Data:
@@ -359,8 +359,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA4-pathlen2, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -391,34 +391,34 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE, pathlen:2
             X509v3 Key Usage: 
                 Certificate Sign, CRL Sign
     Signature Algorithm: sha256WithRSAEncryption
-         3b:8b:b7:2b:1d:58:68:22:70:84:71:02:0f:80:9e:f8:04:7a:
-         0c:aa:ab:60:ce:d0:ef:a5:0d:1f:6f:be:cf:06:8d:a2:52:3b:
-         3f:3d:22:6c:6a:37:a3:2e:be:b2:6c:c6:5f:95:7b:68:df:22:
-         9a:31:6e:eb:c1:5d:80:0c:2c:34:44:b4:3a:6a:f9:1c:8c:68:
-         39:1d:52:05:47:b9:a3:23:87:72:19:d4:d3:87:59:df:eb:b8:
-         ef:19:b3:15:e0:c4:65:5a:9b:b2:42:67:f9:01:5a:2d:a1:73:
-         8c:2e:02:f9:56:20:57:23:03:3f:f9:13:ec:14:51:d0:9e:d4:
-         49:ec:9e:f1:47:b2:19:19:03:59:cc:3f:f0:ef:d1:3d:8a:06:
-         37:f2:3c:70:f4:c4:c8:b0:57:4c:c1:18:4d:a1:c0:c6:3e:c7:
-         b3:1f:66:50:39:3f:f7:12:cf:b1:ff:26:ad:59:86:d6:18:d3:
-         24:b7:6f:75:b7:8d:60:c4:63:e2:22:52:ff:b3:ea:03:b8:eb:
-         b9:a2:2b:38:97:70:e9:5c:0d:a4:88:d0:85:b0:2b:b2:f7:75:
-         3c:7d:2b:15:56:b4:78:ce:66:71:bc:62:60:24:72:3b:37:07:
-         8f:75:ba:29:6e:25:9d:80:66:7b:41:f7:8a:e0:ce:8a:41:3c:
-         24:1e:fc:34
+         38:0c:f8:b9:53:67:57:a3:18:3c:0a:74:2d:13:79:32:7b:e2:
+         4b:4f:82:5a:0e:7f:bb:ca:87:63:09:02:bd:31:62:2b:74:c4:
+         47:fe:96:4a:8b:97:ee:43:ea:be:d4:0d:07:3f:57:dd:e5:ea:
+         da:d8:30:94:64:73:b6:fd:d7:4f:72:41:ce:13:fc:65:c6:b1:
+         f7:5c:b7:60:d9:55:bd:c4:89:49:57:90:15:be:cc:93:ee:3e:
+         bd:37:22:7a:98:9d:17:69:4f:87:62:82:f6:03:2d:ee:52:22:
+         8c:86:bb:ba:93:9e:23:d8:d9:a2:4b:7e:ef:7d:59:d8:01:00:
+         8d:f8:e6:b0:ac:ef:41:72:ff:ab:0d:b1:4f:cd:1e:73:81:3a:
+         19:5a:3e:ac:da:f0:7f:be:b3:98:5f:22:08:96:2a:c4:41:43:
+         0b:83:30:07:c1:25:eb:2d:5f:60:a2:e5:b4:57:45:71:59:f9:
+         5b:b7:fd:3b:b3:4e:f0:cf:18:b9:0f:03:88:43:1d:9e:be:7b:
+         b1:a4:1f:e4:bc:ee:59:b7:2c:fe:a2:a6:08:96:f8:df:63:80:
+         02:a5:61:a8:16:86:d1:28:c5:db:c6:0a:bb:4a:e4:61:ec:50:
+         6c:58:c3:b0:0b:ba:be:fa:14:8c:36:59:ef:a3:6b:57:4a:6c:
+         3e:33:6e:8a
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIBZDANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzUwWhcNMjUwOTExMjExNzUwWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBoTELMAkGA1UEBhMCVVMxEzARBgNVBAgM
 Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoMDHdvbGZTU0wg
 SW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHTAbBgNVBAMMFGNoYWluSi1JQ0E0
 LXBhdGhsZW4yMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -432,12 +432,12 @@ o4IBGDCCARQwHQYDVR0OBBYEFPwYE1K7M0rbHFvRgJg+QIaVWHL5MIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
-KoZIhvcNAQELBQADggEBADuLtysdWGgicIRxAg+AnvgEegyqq2DO0O+lDR9vvs8G
-jaJSOz89ImxqN6MuvrJsxl+Ve2jfIpoxbuvBXYAMLDREtDpq+RyMaDkdUgVHuaMj
-h3IZ1NOHWd/ruO8ZsxXgxGVam7JCZ/kBWi2hc4wuAvlWIFcjAz/5E+wUUdCe1Ens
-nvFHshkZA1nMP/Dv0T2KBjfyPHD0xMiwV0zBGE2hwMY+x7MfZlA5P/cSz7H/Jq1Z
-htYY0yS3b3W3jWDEY+IiUv+z6gO467miKziXcOlcDaSI0IWwK7L3dTx9KxVWtHjO
-ZnG8YmAkcjs3B491uiluJZ2AZntB94rgzopBPCQe/DQ=
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwDwYDVR0TBAgwBgEB/wIBAjALBgNVHQ8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggEBADgM+LlTZ1ejGDwKdC0TeTJ74ktPgloOf7vKh2MJAr0x
+Yit0xEf+lkqLl+5D6r7UDQc/V93l6trYMJRkc7b9109yQc4T/GXGsfdct2DZVb3E
+iUlXkBW+zJPuPr03InqYnRdpT4digvYDLe5SIoyGu7qTniPY2aJLfu99WdgBAI34
+5rCs70Fy/6sNsU/NHnOBOhlaPqza8H++s5hfIgiWKsRBQwuDMAfBJestX2Ci5bRX
+RXFZ+Vu3/TuzTvDPGLkPA4hDHZ6+e7GkH+S87lm3LP6ipgiW+N9jgAKlYagWhtEo
+xdvGCrtK5GHsUGxYw7ALur76FIw2We+ja1dKbD4zboo=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
index d8028ae1..24ac93b9 100644
--- a/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
+++ b/extra/wolfssl/wolfssl/certs/test-pathlen/chainJ-entity.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-ICA1-no_pathlen, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:33 2023 GMT
+            Not After : Sep  8 22:19:33 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = wolfSSL Inc., OU = Engineering, CN = chainJ-entity, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -42,27 +42,27 @@ Certificate:
             X509v3 Basic Constraints: 
                 CA:FALSE
     Signature Algorithm: sha256WithRSAEncryption
-         80:3e:0c:a6:77:8f:f3:d3:e5:b8:d9:7e:73:95:f7:c1:1b:6d:
-         00:2b:51:a8:02:2e:11:47:1e:b7:c8:ed:04:e4:63:fc:93:6a:
-         a5:7c:78:b5:4c:38:36:9e:5c:60:44:92:d0:0c:e1:af:0e:7d:
-         14:f6:2a:9d:13:97:92:5e:13:e6:e9:d2:88:cd:89:a2:90:58:
-         2b:5d:ef:33:3e:99:19:11:f1:f5:53:17:11:ed:4c:ec:10:c6:
-         7f:eb:af:81:47:d4:45:dd:40:4c:34:a4:62:ab:0d:d8:2e:fe:
-         eb:81:3c:7d:8d:75:81:b1:47:64:0f:87:c6:7b:c4:13:a4:40:
-         8f:b9:da:be:c8:1c:15:18:58:b6:a3:f6:81:6e:0f:f3:c0:4c:
-         d2:77:d5:4d:ed:9f:43:58:9d:e2:f7:e7:d6:a0:dd:f3:c5:5f:
-         7e:54:12:ac:4f:53:8a:60:45:d7:fc:22:df:79:1e:a3:26:78:
-         c6:6e:b9:f5:44:9c:71:40:16:41:18:d4:d2:79:7a:13:d7:2d:
-         e0:a8:25:55:67:92:66:dd:18:bf:46:40:5b:fb:be:d1:fb:ed:
-         db:3c:b1:c5:0f:ff:89:95:0a:a5:1e:cb:18:4d:2c:ba:ac:e9:
-         d3:28:af:82:21:ff:78:d5:a8:a0:3a:ce:f3:21:9a:b6:d6:61:
-         4b:bd:73:14
+         46:5c:9c:45:3c:a5:1d:27:7f:4b:b6:2d:7d:aa:03:28:53:a5:
+         e3:cb:5a:63:16:58:5c:fe:97:65:c4:1e:d3:34:fe:8f:46:6e:
+         09:e4:2f:18:c9:fd:d0:7b:90:ab:f6:a5:89:fb:d0:0c:3a:f8:
+         3c:53:d5:3b:3a:2e:c0:dd:59:e1:6f:ed:e8:d4:1f:d3:9f:5e:
+         c8:1f:50:ba:6d:16:1f:25:ab:e0:aa:74:8f:38:50:e8:98:f9:
+         07:0f:71:3f:16:ce:cc:51:f8:ff:61:47:33:b4:98:36:63:19:
+         06:3e:0c:a1:69:ba:67:64:9c:46:8a:ea:3e:62:27:c0:b3:60:
+         7a:37:2b:fc:e2:c5:a8:8f:82:69:48:ff:4f:be:c4:8a:22:a3:
+         53:db:df:ee:c5:87:b7:da:55:f7:cd:48:e1:45:e7:22:f2:ec:
+         bd:94:2c:a5:e5:ea:9c:60:c6:b8:83:6a:6a:9a:c9:46:9b:6e:
+         88:38:d2:56:65:42:a6:5a:0f:d0:60:92:06:f4:1f:d9:5f:cd:
+         07:93:04:00:1a:c1:eb:d8:a8:78:80:9f:c2:b7:b2:e9:4d:8c:
+         6d:09:85:f0:87:c1:d6:d9:12:72:13:68:71:16:f7:53:f4:92:
+         9b:d4:46:31:b5:45:32:7b:f8:e6:dd:bf:d1:f9:aa:da:d3:7e:
+         06:2b:dd:fa
 -----BEGIN CERTIFICATE-----
 MIIEvDCCA6SgAwIBAgIBZTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMCVVMx
 EzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTATBgNVBAoM
 DHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAdBgNVBAMMFmNo
 YWluSi1JQ0ExLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNz
-bC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjExNzUwWjCBmjELMAkGA1UE
+bC5jb20wHhcNMjMxMjEzMjIxOTMzWhcNMjYwOTA4MjIxOTMzWjCBmjELMAkGA1UE
 BhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxFTAT
 BgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxFjAUBgNV
 BAMMDWNoYWluSi1lbnRpdHkxHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5j
@@ -78,10 +78,10 @@ A1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUx
 FTATBgNVBAoMDHdvbGZTU0wgSW5jLjEUMBIGA1UECwwLRW5naW5lZXJpbmcxHzAd
 BgNVBAMMFmNoYWluSi1JQ0EyLW5vX3BhdGhsZW4xHzAdBgkqhkiG9w0BCQEWEGlu
 Zm9Ad29sZnNzbC5jb22CAWQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEA
-gD4MpneP89PluNl+c5X3wRttACtRqAIuEUcet8jtBORj/JNqpXx4tUw4Np5cYESS
-0Azhrw59FPYqnROXkl4T5unSiM2JopBYK13vMz6ZGRHx9VMXEe1M7BDGf+uvgUfU
-Rd1ATDSkYqsN2C7+64E8fY11gbFHZA+HxnvEE6RAj7navsgcFRhYtqP2gW4P88BM
-0nfVTe2fQ1id4vfn1qDd88VfflQSrE9TimBF1/wi33keoyZ4xm659USccUAWQRjU
-0nl6E9ct4KglVWeSZt0Yv0ZAW/u+0fvt2zyxxQ//iZUKpR7LGE0suqzp0yivgiH/
-eNWooDrO8yGattZhS71zFA==
+RlycRTylHSd/S7YtfaoDKFOl48taYxZYXP6XZcQe0zT+j0ZuCeQvGMn90HuQq/al
+ifvQDDr4PFPVOzouwN1Z4W/t6NQf059eyB9Qum0WHyWr4Kp0jzhQ6Jj5Bw9xPxbO
+zFH4/2FHM7SYNmMZBj4MoWm6Z2ScRorqPmInwLNgejcr/OLFqI+CaUj/T77EiiKj
+U9vf7sWHt9pV981I4UXnIvLsvZQspeXqnGDGuINqaprJRptuiDjSVmVCploP0GCS
+BvQf2V/NB5MEABrB69ioeICfwrey6U2MbQmF8IfB1tkSchNocRb3U/SSm9RGMbVF
+Mnv45t2/0fmq2tN+Bivd+g==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12 b/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
index 713e7386..3cfe92a1 100644
--- a/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
+++ b/extra/wolfssl/wolfssl/certs/test-servercert-rc2.p12
diff --git a/extra/wolfssl/wolfssl/certs/test-servercert.p12 b/extra/wolfssl/wolfssl/certs/test-servercert.p12
index 8b5f3212..64ccb104 100644
--- a/extra/wolfssl/wolfssl/certs/test-servercert.p12
+++ b/extra/wolfssl/wolfssl/certs/test-servercert.p12
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
index 072fadee..29ec9fdd 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
index ad6bc2bb..e6c03744 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ia.pem
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
-MIIEAzCCAuugAwIBAgIUAeB5+1yDaz1AecN7cuvF7gAWKJowDQYJKoZIhvcNAQEL
+MIIEAzCCAuugAwIBAgIUEEaaRNPZiiXZqFxu6gwfzxyXYkYwDQYJKoZIhvcNAQEL
 BQAwgZ8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
 DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
-E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
+E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIx
+OTI5WjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
 BAcMCEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5n
 aW5lZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEiMCAGCSqGSIb3DQEJ
 ARYTc3VwcG9ydEB3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
@@ -15,10 +15,10 @@ o0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGW
 Srzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgI
 vDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaM1MDMwDQYDVR02AQH/BAMCAQEw
 IgYJYIZIAYb4QgENBBUWE1Rlc3RpbmcgaW5oaWJpdCBhbnkwDQYJKoZIhvcNAQEL
-BQADggEBALE59GIo5D+Z4Y554KkRiG3XAH/SVrdJDkH1f+mc4QLK2wd7DBVb84Dt
-IifPslP9kT+56ngUR0SAmag3ERIsPDAzdU+ZPKwBFEmnxBKU0+5KqP90SpO1gWUt
-QxIpGiHQkRSb+B5F/Ao3pn0XHSlIYpUkAsCAKP/pvuFp9j4JdCTHeYmBnXPoSvYJ
-GYidJB7FYpnxSfnMM7MxIOmNXdama+cRmHX5GIlhw66vumAOEOGRULpf1kMQZE1b
-th6tenhNcqdXZHWM7swvCjaOEZi2p0OWips0BFoK35fqNT9GR1UTflimmqEocLIN
-N5ahRfOrioEbb3qPC3endm/58s3vbT4=
+BQADggEBAHOBELBVkuhE2xGCnFEBk7Gvsphqe4GcsKYRp/JiyOMp+Fa01A+F7aiU
+vVi9JOdOlEFsbd32YoTdPCSqtSpzXXLJ/BdaREWvVLg3OshiwhNPPA2Q09gQI8ES
+I9yq7kWLesDGVLcXpdM+QHovNT8wrru8wi/LoWpKNHP4TYy1Tvuxr2ngC2UygsSX
+RGymPImVO8EPNBNh8zgP3p6zjyRDWs7tttct2u28mSR+ouRJ/8pQDp0ZVNbvedxI
+nj02OpIijuSj/CEwV3AuPJWaUbCxyL1bvnPcG1HKqvvt5/Ljo8h0pLRUpjwJDvFk
+8JWbuQSQThwRAsWtRO7RarZN7+P1AmI=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
index 5ae856c8..e4550c7a 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
index 46f031ca..d1926686 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-joi.pem
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
-MIIFXDCCBESgAwIBAgIUaQWOPwyn4CGSb0DgOh1jzF+V5k8wDQYJKoZIhvcNAQEL
+MIIFXDCCBESgAwIBAgIUWY9gYq+bg6hpLLlEPeuSQjQPvW8wDQYJKoZIhvcNAQEL
 BQAwgccxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
 bGZzc3NsLmNvbTETMBEGCysGAQQBgjc8AgEDEwJVUzEbMBkGCysGAQQBgjc8AgEC
-DApDYWxpZm9ybmlhMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgccx
+DApDYWxpZm9ybmlhMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgccx
 CzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFu
 MREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UE
 AwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3Ns
@@ -21,11 +21,11 @@ xzELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVt
 YW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYD
 VQQDDA93d3cud29sZnNzbC5jb20xIDAeBgkqhkiG9w0BCQEWEWluZm9Ad29sZnNz
 c2wuY29tMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNh
-bGlmb3JuaWGCFGkFjj8Mp+Ahkm9A4DodY8xfleZPMAwGA1UdEwQFMAMBAf8wDQYJ
-KoZIhvcNAQELBQADggEBAHmIYCAILfDm0V41rvanugB+jjHSIf5zwM7hMAOuiQla
-WywZuMtYCI0R/iQCipH0gvBrTuNIlEqIm8Wh/32+qmomAmMz7iUMg5DWqZKXyk3x
-IQ93qRSF7EX9piHdQ++IjVkWzl4bXR2cW2A+nQW2EMFiJunpfu1oC07PvgigJ+n3
-uLMxNqN2p04PYcgEOQG1Jm4FasBrng55ff7XHe4msErQGlQF1D0B3xhzjh6Msaki
-DS0M3n1U9Pzc+2WP1FW/mMBu22+R6yY0yCHzCY0zZWdmihL8HWlZuxcYHcjK4ABU
-CQHTu3UCCfgVDsiCo+BQ9T9sFReD8r2azMLvmKFOhxw=
+bGlmb3JuaWGCFFmPYGKvm4OoaSy5RD3rkkI0D71vMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQELBQADggEBALY9RCPRvuHf04Mxqv6UJZv7MslCwQwbavD3ZYigNrlS
+f+qhS7SqFcUyXGbOfpiFCgobnwxK/Xg2K20xuauA8tIaJ3egeu0KFZUAaz4EOMvQ
+IWSUwp5maDKjQw7PX+W5GYY73uUxjDMlIFD0lVDTByeRp+YNfTZEBbjZlKDFohEf
+BEIyONlZdOvAIR+9dAZRjfF94WZuiUluq90yCTnDT2UIor1IzS964LuropYSH3oV
+QAdPOa87r5nY4tLScPU8hxfOP1i8aCuELiHgo6XuZZXt1qlBb7kIXz/rITd9ZvRm
+WVysY/2A38K7CBiv0biKfS83PVai8HuFKR+yZ1wxtk0=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
index 53828984..f0c0aaae 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-mnc.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
index 92036395..b56d3775 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
index 175f3520..ef5d7f06 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-multiple.pem
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
-MIIFmDCCBICgAwIBAgIUNNF2CUskXxBvm3qki4B40Wb5k28wDQYJKoZIhvcNAQEL
+MIIFmDCCBICgAwIBAgIUOjAPanhO0Ayey1xIEr6HkMHASLcwDQYJKoZIhvcNAQEL
 BQAwgcIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
 DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
 E3N1cHBvcnRAd29sZnNzbC5jb20xDzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwH
-TWFpbiBTdDAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIHCMQswCQYD
+TWFpbiBTdDAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIHCMQswCQYD
 VQQGEwJBVTETMBEGA1UECAwKUXVlZW5zbGFuZDERMA8GA1UEBwwIQnJpc2JhbmUx
 FDASBgNVBAoMC3dvbGZTU0wgSW5jMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYG
 A1UEAwwPd3d3LndvbGZzc2wuY29tMSIwIAYJKoZIhvcNAQkBFhNzdXBwb3J0QHdv
@@ -22,11 +22,11 @@ BwMBMB0GA1UdDgQWBBQnjmcRdMMmHT/tM2OzpNgdMOXo1TCCAQIGA1UdIwSB+jCB
 EQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQHDAhCcmlzYmFuZTEUMBIGA1UECgwL
 d29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93d3cu
 d29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEWE3N1cHBvcnRAd29sZnNzbC5jb20x
-DzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwHTWFpbiBTdIIUNNF2CUskXxBvm3qk
-i4B40Wb5k28wDQYJKoZIhvcNAQELBQADggEBAKnvKWxqivq29pOtbRmx34PRSqLQ
-7fDDwO0UpBlDNEX7ek4aX1HAekzdppo08/8kGgCV/Bg/oOxbiZoFHpsH6U3YMTAZ
-kRKxeLzzdEfEHrxcX577PG15RAUKT+7TET0LO9CWN54UKU37q5QLL0MXsd/tYuQX
-U1m56Vs+FoYBPNn7qZKsApBpm4S50aVbz/jweNyfIv1yuZSegGA/qkVG4+7yKmRP
-056FDMHBuNStUoVDWl+9IV9+kJ5x1xhn5gE6EpI7wkBXOEm2VOFrYBBv4AyYrQaI
-x7SIdXZZg6UGXbDvpMRh8PtScPmY/YM0NF+Igkisv4Avc+VD/6tKX48bqjs=
+DzANBgNVBBEMBjU2LTEzMTEQMA4GA1UECQwHTWFpbiBTdIIUOjAPanhO0Ayey1xI
+Er6HkMHASLcwDQYJKoZIhvcNAQELBQADggEBACLwxkk4RY5cD1/a47cHuRaDPn22
+XgpK5tZBMtU5PmkakKNWkW2xGTAwTmycus5iXOAxforA7PrGzFKlAnS+TmIhCFwv
+B0IwNZzCCwtQs3ilouOJyf30GxpV5BSJspBdjLflC9Vt+7OrjnRM84a4VaMNttps
+PlcGoZL1lLI2xtkhWXLeC1UdhXG8gsNXT/TpPOJ1+T4ElNr/RVTG60sp446f0kXd
+kX/dCrUD8+FTX5WZQmaawRHPRfV1d597dNuj539Za8e+XXJ5iOs0M+6YTqI9tvdA
+z23hUIs1BawnRcRYGS0rEYERBwcepvyEkQZoFfGKLoSuziRMIqnrQe3IzZ8=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
index 7e9c2c6a..5abf3498 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
index 240fed05..6bea29f5 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nc.pem
@@ -1,9 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIENTCCAx2gAwIBAgIUeKrw9V6cyfDM2XE9+OuZfrvdTzQwDQYJKoZIhvcNAQEL
+MIIENTCCAx2gAwIBAgIUZubV8ronA4VrOHLZUH2CnIIiunUwDQYJKoZIhvcNAQEL
 BQAwezELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNVBAcM
 CEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5naW5l
-ZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBa
-Fw0yNTA5MTEyMTE3NTBaMHsxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNs
+ZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTAeFw0yMzEyMTMyMjE5Mjla
+Fw0yNjA5MDgyMjE5MjlaMHsxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNs
 YW5kMREwDwYDVQQHDAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDAS
 BgNVBAsMC0VuZ2luZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20wggEi
 MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlQjhV0HycW230kVBJwFlxkWu
@@ -16,10 +16,10 @@ AAGjgbAwga0wHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MB8GA1UdIwQY
 MBaAFLMRMsmSmITiyfjQO24DQsofDo48MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD
 VR0PAQH/BAQDAgGGMB4GA1UdHgEB/wQUMBKgEDAOgQwud29sZnNzbC5jb20wJwYJ
 YIZIAYb4QgENBBoWGFRlc3RpbmcgbmFtZSBjb25zdHJhaW50czANBgkqhkiG9w0B
-AQsFAAOCAQEANaCy9LmxJKx2mDhMldRcjDORnU13FqC7DIlTlzSwWPXsXk7lI2xQ
-p7Tpu3nRo4YFecTray5xSBIyjslh4GxB8n2k8z9wwJfBLAWS3MCR43Wj/oQfaT9+
-Jau60zRZFv3BZ5ltHnBHFssx3oBp/VxH02k8DV3o1w9ZCtOLDFWxFFBAwzw2Q461
-ktz2Gholyq77cbiwGrtZRPWWyA0+pPAQHpoltIU9GM8LpQhdJ67VECMhd/Qo88LQ
-A8/SVALY9zmsXd6rovl1kyTx0diktgUgzEilBePbG2JPn/gULdzBQHrkw+G/M9bC
-QI75PNPRqyI3aJ+xVvwF5JXuRgoxp2YRNA==
+AQsFAAOCAQEALtoSqDAnQmXFMjZk6XRf+uvBu6/fH+1tCmL828q03s2Mee+sRF1m
+C9mFRT1Q+M7pvqEb9t+hgQ9jry68EFBqC2VY6WWl95chrP+uojdZO6sDbMWsBxDi
+oD/ZWa8jjDtT+JJNTY0TVKfg83mSRC+1nQxHsV4zAlXsRHinG+pmzQgkYUrNCpjG
+d12z2bRqYBignVENubQEAZT945sioMuwO8jD8CtWd7Ie5qc7WFxBVO/wo7j2Slbt
+/dy+sVc+IHN7fe6MVD9cGivYpKmSJvw/VtiZbpgCvIX93fwZj7ltEiZBaGv2mNRx
+jdUVGWzyjnQTgIRuBX7Oa7Q8r89+s3B9oA==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
index 23c777d7..d3f83708 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncdns.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
index 2b7ba2fe..4d3bb0c7 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ncmixed.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
index f49f38b9..5c0f65df 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
index 21397ed2..5b888dfa 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-nct.pem
@@ -1,10 +1,10 @@
 -----BEGIN CERTIFICATE-----
-MIIEGDCCAwCgAwIBAgIUHEEyl9X7Xhzn1Nu84C963yec+nUwDQYJKoZIhvcNAQEL
+MIIEGDCCAwCgAwIBAgIUQhQ9kNUYipe8daCTUP2VaziSi08wDQYJKoZIhvcNAQEL
 BQAwgZ8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH
 DAhCcmlzYmFuZTEUMBIGA1UECgwLd29sZlNTTCBJbmMxFDASBgNVBAsMC0VuZ2lu
 ZWVyaW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xIjAgBgkqhkiG9w0BCQEW
-E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUwWhcNMjUwOTExMjEx
-NzUwWjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
+E3N1cHBvcnRAd29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5WhcNMjYwOTA4MjIx
+OTI5WjCBnzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClF1ZWVuc2xhbmQxETAPBgNV
 BAcMCEJyaXNiYW5lMRQwEgYDVQQKDAt3b2xmU1NMIEluYzEUMBIGA1UECwwLRW5n
 aW5lZXJpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEiMCAGCSqGSIb3DQEJ
 ARYTc3VwcG9ydEB3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
@@ -15,10 +15,10 @@ o0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGW
 Srzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgI
 vDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaNKMEgwFAYJYIZIAYb4QgEBAQH/
 BAQDAgZAMDAGCWCGSAGG+EIBDQQjFiFUZXN0aW5nIE5ldHNjYXBlIENlcnRpZmlj
-YXRlIFR5cGUwDQYJKoZIhvcNAQELBQADggEBABlN0/+RfrXW2zU9KrYjxTtHeTrS
-dDSs1da5SXQ3cWRjxdh+JdxjOQv+sdDiRL/FrVtv5g286rXaOYSqo5BcVs5k+8kE
-S4tWg7CAu8BdQ3tACJTUVxEzmPWD0JGPDTsZ3XhrVL0+fcv0iGFR55+aGHp2fTY4
-+Dax6uaJciaQfy9G0r64z0fMhE5sJfPcK+mQjxQE+NYM1lxY1oCN1i5jA5kz8dYg
-/t6RJb0DAbcsLOrv3dcA12A4bIPK2lR2qCly47wmzmq8iIVdGtsyAa5jgjkXn23G
-k+5t/eL+zHd4V3isuhS1vq3t2qMYLdO0IEMP3mHbu8Z5HIkUuu54VXG4sK8=
+YXRlIFR5cGUwDQYJKoZIhvcNAQELBQADggEBABmExniLoyrtx7sbbQS8nubTyoYv
+KfAreqCd5+2c2Vmq5o0wkA2HZLVlFi7ENewT0YaEqiP3HyPsu62P0N48GB43jPBg
+N58V+d/P8LERKx2/wjCfq15VX4Iave38K+/CzG+WKbaWc93ADUpOFvaZIejjiErx
+vQr3L2LyrEB0o6CDi+BPpKSQqW2O91HeIE+3P/trM2DF7RJApt0vVczxkepWxfa1
+piamsWT9rdE+7yeG9/I7RNY51dXQBnElJSULhrhBhqtRaCUcDe+KOocFq2NgEhku
+7IegJ888gZ5oZlYqOj9TUzS0ayXw8H8/6ZboH/AsvxBdQN7xOqmsDbpe3TA=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
index 7a190a9a..5d8ebb08 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
index fe3f49e1..486fcee6 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir-exc.pem
@@ -1,9 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIE/TCCA+WgAwIBAgIUJu3gfaMkZ5AlwkydLDUcSY3VJDUwDQYJKoZIhvcNAQEL
+MIIE/TCCA+WgAwIBAgIUA9ASAQLXcBK7u66dI1+5Cvh9DMowDQYJKoZIhvcNAQEL
 BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
-bGZzc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGVMQsw
+bGZzc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGVMQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER
 MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM
 D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j
@@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv
-bYIUJu3gfaMkZ5AlwkydLDUcSY3VJDUwDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E
+bYIUA9ASAQLXcBK7u66dI1+5Cvh9DMowDAYDVR0TBAUwAwEB/zA2BgNVHR4BAf8E
 LDAqoSgwJqQkMCIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMA0G
-CSqGSIb3DQEBCwUAA4IBAQAqjVk0N3Cg5QSomQu99y0WFn6Gk1Qymh8O5tBK/ftG
-XS0HJk8R7vNPzDGFH07sSyJyQtRiZV8zMLSc8LZL7blA7Lwf1kanuOUMywLyg9S2
-qakgfuU+Q1/NeSJp+rCexv1xvTTGIYC36kchc6YArUVQAFrT3DFlQoZZ35Ohwzy8
-BKB9w5c3jHFjjp03EftmeMGIBpUSxKRnCaofLIUvdtaIKoUcuYezC9fXsFuHrL62
-BS5CPg97JCVyfoKcUYh9Ml7K8JPBJJt8xEWkBY6JUn3DgC8W4TYVjTB4N2Vh2yLF
-XrwPGRhGyKDZnoGagfeR5OyM47dXSpxMqsfafLq3WfrL
+CSqGSIb3DQEBCwUAA4IBAQCAF2rfhuz15dhfIlAaTKZ5caj09r9vdvsPKED2LsN1
+ufvD/DHJsFLLlL/a9Rk5HzaAC2/V7D1nytGdo+cDJAbbZP4jX7xKvTSPiXGwM85b
+xoZiCjApK6BBzBAEvPVO2g7XTPDAUtzSFUcibS9OXOBMQ8Kqua4oSAy02bpWTTj2
+1wZWr3okbRVuFNmX969wqJ2TA10QjySgMC7NoaW5sKG5Be65f0e8ClQ1UdDBq+7C
+TUkI1+eSjpPtRH38T89pK+zqKMwCq/Ugp/yDvmTn9tWjtdAE9bS92+3HBo/smJH7
+pTpRGG18pD7Su5B9QlSSbNZ0Sv5BJieCk9yQo81fcGtE
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
index 6954fab8..1feebd79 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.der
diff --git a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
index 6348c6b2..9a108cdd 100644
--- a/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
+++ b/extra/wolfssl/wolfssl/certs/test/cert-ext-ndir.pem
@@ -1,9 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIE6DCCA9CgAwIBAgIUNsxBAdWJBQlYCzTDYiIo8S74HgwwDQYJKoZIhvcNAQEL
+MIIE6DCCA9CgAwIBAgIUGsYHXq1zN8MtgL5Bg4sW7+8Uj+gwDQYJKoZIhvcNAQEL
 BQAwgZUxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdv
-bGZzc3NsLmNvbTAeFw0yMjEyMTYyMTE3NTBaFw0yNTA5MTEyMTE3NTBaMIGVMQsw
+bGZzc3NsLmNvbTAeFw0yMzEyMTMyMjE5MjlaFw0yNjA5MDgyMjE5MjlaMIGVMQsw
 CQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjER
 MA8GA1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMM
 D3d3dy53b2xmc3NsLmNvbTEgMB4GCSqGSIb3DQEJARYRaW5mb0B3b2xmc3NzbC5j
@@ -18,12 +18,12 @@ gdUGA1UdIwSBzTCByoAUJ45nEXTDJh0/7TNjs6TYHTDl6NWhgZukgZgwgZUxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHdvbGZzc3NsLmNv
-bYIUNsxBAdWJBQlYCzTDYiIo8S74HgwwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E
-FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQCdTZp3
-BHmo6y6oSskfcgc1WDoh1XIfNe0oIMc/uUSfaM+fSyiTuo7fPZIafUDsNjaH4DNZ
-NQil/PalzlJviA0dZPyoYP2RM6olkWrlmtLjcHQ9HvQnMPPmzEM6zbuB2wbMym6O
-H6012H+xj4jO1cgrrCcfUPOIquTPOuQY7VmJq4cPgp+hs6rBBAtqU9QeGrvgASpV
-1M3dl6vg8lioBqsymflrPWYjgz/bKFmZZixT+SJ7Sd8dznKccBao/XMqP04iu1Hm
-UFIrS6JUqr1lmJltK0XbKo0kjd6A9QqTNjkt/Fp2kZAt6kXhhiwINXNCl/1rtjTd
-yUEQQYTLVwl4opQH
+bYIUGsYHXq1zN8MtgL5Bg4sW7+8Uj+gwDAYDVR0TBAUwAwEB/zAhBgNVHR4BAf8E
+FzAVoBMwEaQPMA0xCzAJBgNVBAYTAlVTMA0GCSqGSIb3DQEBCwUAA4IBAQA/NW29
+VNYpDOtANk/T8s2F9pYMWNR2uCV+9uCCGHHI2gCjZKq1megHkN90dlBiDCcyjLpO
+Waj62FeNppBoYaeTO77clNDyloJl/EXRqPUgc7IK4J2KNq0emrc2Xce08I8pXuEs
+dh5H6W/9m5Y0N0SBB3xdPGzg6RPB3nZNiyoeDRwzUhIDLwl/i0qA9ZtEjhFIb3+u
+w7LbDNAXgz5T8ZfRGHgoOutrqra2lh9LEoALWLJ+ZxY35vr0ZLf4mVAyj/cr67EA
+uTM/xeJbtj1y5/ADmenbW0nUcSeS/Eyp1s9eFC4hOQDnAQALzi2zrvK2LlxON6Rx
+3OyA5WbvJJbFdxxH
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/digsigku.pem b/extra/wolfssl/wolfssl/certs/test/digsigku.pem
index 4505bf04..b83fdd3c 100644
--- a/extra/wolfssl/wolfssl/certs/test/digsigku.pem
+++ b/extra/wolfssl/wolfssl/certs/test/digsigku.pem
@@ -6,8 +6,8 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA1
         Issuer: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Washington, L = Seattle, O = Foofarah, OU = Arglebargle, CN = foobarbaz, emailAddress = info@worlss.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
@@ -33,16 +33,16 @@ Certificate:
             X509v3 Key Usage: critical
                 Non Repudiation, Key Encipherment
     Signature Algorithm: ecdsa-with-SHA1
-         30:45:02:21:00:f7:23:e6:81:bf:37:d5:81:fb:78:c5:90:dd:
-         23:c4:54:5c:b3:71:c7:25:79:19:d5:46:b7:a5:bf:04:b7:4d:
-         b6:02:20:1f:ad:51:3d:b9:49:82:71:ad:f6:a9:de:17:f4:c3:
-         d5:c9:4c:7e:16:58:cb:92:42:21:61:bb:f4:96:b2:78:9f
+         30:45:02:20:21:e7:44:3e:5a:98:1a:49:25:db:d1:db:d3:fb:
+         2f:ec:4d:c6:2c:2f:92:f6:cd:7d:a3:b9:5c:25:93:9f:4d:83:
+         02:21:00:82:da:52:9f:37:0c:81:9e:26:9c:fb:da:6f:4f:84:
+         b8:5d:19:69:94:a2:08:68:ed:99:4e:51:9e:45:28:74:0c
 -----BEGIN CERTIFICATE-----
 MIIDKDCCAs+gAwIBAgIJAOOBS0ilcGFwMAkGByqGSM49BAEwgZExCzAJBgNVBAYT
 AlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYD
 VQQKDAhGb29mYXJhaDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZv
-b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIyMTIx
-NjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
+b2JhcmJhejEeMBwGCSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMB4XDTIzMTIx
+MzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZExCzAJBgNVBAYTAlVTMRMwEQYDVQQI
 DApXYXNoaW5ndG9uMRAwDgYDVQQHDAdTZWF0dGxlMREwDwYDVQQKDAhGb29mYXJh
 aDEUMBIGA1UECwwLQXJnbGViYXJnbGUxEjAQBgNVBAMMCWZvb2JhcmJhejEeMBwG
 CSqGSIb3DQEJARYPaW5mb0B3b3Jsc3MuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0D
@@ -53,6 +53,6 @@ MKGBl6SBlDCBkTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAO
 BgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEZvb2ZhcmFoMRQwEgYDVQQLDAtBcmds
 ZWJhcmdsZTESMBAGA1UEAwwJZm9vYmFyYmF6MR4wHAYJKoZIhvcNAQkBFg9pbmZv
 QHdvcmxzcy5jb22CCQDjgUtIpXBhcDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
-/wQEAwIFYDAJBgcqhkjOPQQBA0gAMEUCIQD3I+aBvzfVgft4xZDdI8RUXLNxxyV5
-GdVGt6W/BLdNtgIgH61RPblJgnGt9qneF/TD1clMfhZYy5JCIWG79JayeJ8=
+/wQEAwIFYDAJBgcqhkjOPQQBA0gAMEUCICHnRD5amBpJJdvR29P7L+xNxiwvkvbN
+faO5XCWTn02DAiEAgtpSnzcMgZ4mnPvab0+EuF0ZaZSiCGjtmU5RnkUodAw=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg b/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
index 9d93abb2..85b22ad2 100644
--- a/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
+++ b/extra/wolfssl/wolfssl/certs/test/ktri-keyid-cms.msg
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltname.der b/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
index 45149461..f7181161 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltname.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem b/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
index 8ef4408a..dbd2d157 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltname.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            3a:e3:92:48:82:fb:ed:f5:cb:d2:93:c5:5a:df:71:c2:ef:6b:43:50
+            76:31:fe:b4:f4:ed:14:f1:b8:24:69:74:77:72:59:ce:c1:61:05:a0
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:www.nomatch.com
     Signature Algorithm: sha256WithRSAEncryption
-         6d:17:67:be:f8:34:a2:62:0f:87:97:df:7b:62:cc:f9:7c:62:
-         dd:01:ca:a6:a9:9d:02:7d:d2:fb:db:01:37:a8:cc:0e:01:a4:
-         e9:a2:cb:29:00:cd:cb:f3:ab:99:db:bc:0d:c1:2d:78:99:15:
-         b8:55:f0:08:f4:2d:3d:4c:38:47:a7:72:1d:96:77:7f:1b:55:
-         8f:37:d3:9e:55:cc:fe:09:56:6b:38:65:3b:c7:ca:0a:d8:06:
-         1b:ae:ad:03:4c:e8:67:59:ff:42:5a:45:00:f8:1c:51:6e:c6:
-         64:af:16:94:13:eb:5b:33:5e:9e:7c:60:ac:4b:8d:c3:3c:6c:
-         a8:1e:8d:e2:0a:23:4e:fa:e7:df:a3:a0:03:c0:29:1f:2e:ff:
-         2f:fc:d5:37:28:a0:55:58:60:9c:1f:ec:b5:b5:9b:51:44:a3:
-         f0:05:39:66:9d:29:13:49:6e:e8:76:c4:69:ce:69:85:20:1d:
-         3c:51:eb:26:ab:02:8d:e2:99:1b:9e:83:ec:23:27:87:8b:f2:
-         f1:96:28:bc:6b:2c:f1:19:6e:c3:0c:a9:4e:02:7b:c1:37:3e:
-         7c:6a:bf:9e:ff:76:7f:39:0f:64:f4:25:db:24:d4:0c:0a:0d:
-         e8:b4:6a:81:02:0d:71:b6:36:89:15:c4:6c:fb:18:0e:4d:92:
-         1e:53:d0:d8
+         3c:65:49:0e:32:4f:66:4b:ab:7d:a1:10:d4:ac:1f:8f:ed:70:
+         a5:62:eb:83:90:26:30:9a:2b:3e:fd:6c:d0:5d:ae:ac:3f:96:
+         89:76:31:8a:72:ab:c7:f7:25:a4:f5:d5:87:47:ec:71:d8:04:
+         a1:32:56:a0:b1:60:11:e8:11:3e:97:87:1f:d8:39:03:e1:22:
+         91:01:bd:ec:38:f3:26:d9:d0:0a:67:99:c2:c4:06:89:5a:45:
+         d9:cb:49:ba:df:ee:f3:a9:11:0b:7b:89:7d:e4:e1:78:c7:60:
+         ed:d6:66:4e:54:9a:9b:07:f8:f8:cb:86:bd:1a:5a:56:ae:9e:
+         89:74:01:d0:a8:47:c5:be:22:b1:a1:0c:d1:5e:cb:0a:df:46:
+         8f:f6:ed:2c:a0:fa:24:41:92:f5:eb:28:e6:5e:a1:04:c2:b2:
+         51:f0:55:78:fc:e0:52:e7:ac:dd:ff:59:f0:36:d7:d0:c3:b7:
+         0e:b4:d9:8d:cb:df:23:28:aa:df:bd:07:e9:65:24:76:10:28:
+         09:43:7a:be:20:2d:e3:3c:0d:4a:18:e0:b4:15:c9:be:d7:bf:
+         b5:46:ae:92:94:c2:b6:c1:b4:26:9d:0a:ef:17:0e:dd:c4:25:
+         44:78:a8:e2:08:b9:65:3d:05:de:54:17:c9:74:71:f9:c8:bb:
+         66:4e:c9:85
 -----BEGIN CERTIFICATE-----
-MIIDsjCCApqgAwIBAgIUOuOSSIL77fXL0pPFWt9xwu9rQ1AwDQYJKoZIhvcNAQEL
+MIIDsjCCApqgAwIBAgIUdjH+tPTtFPG4JGl0d3JZzsFhBaAwDQYJKoZIhvcNAQEL
 BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
 Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
 4eZhg8XSlt/Z0E+t1wIDAQABox4wHDAaBgNVHREEEzARgg93d3cubm9tYXRjaC5j
-b20wDQYJKoZIhvcNAQELBQADggEBAG0XZ774NKJiD4eX33tizPl8Yt0ByqapnQJ9
-0vvbATeozA4BpOmiyykAzcvzq5nbvA3BLXiZFbhV8Aj0LT1MOEench2Wd38bVY83
-055VzP4JVms4ZTvHygrYBhuurQNM6GdZ/0JaRQD4HFFuxmSvFpQT61szXp58YKxL
-jcM8bKgejeIKI07659+joAPAKR8u/y/81TcooFVYYJwf7LW1m1FEo/AFOWadKRNJ
-buh2xGnOaYUgHTxR6yarAo3imRueg+wjJ4eL8vGWKLxrLPEZbsMMqU4Ce8E3Pnxq
-v57/dn85D2T0Jdsk1AwKDei0aoECDXG2NokVxGz7GA5Nkh5T0Ng=
+b20wDQYJKoZIhvcNAQELBQADggEBADxlSQ4yT2ZLq32hENSsH4/tcKVi64OQJjCa
+Kz79bNBdrqw/lol2MYpyq8f3JaT11YdH7HHYBKEyVqCxYBHoET6Xhx/YOQPhIpEB
+vew48ybZ0ApnmcLEBolaRdnLSbrf7vOpEQt7iX3k4XjHYO3WZk5UmpsH+PjLhr0a
+Wlaunol0AdCoR8W+IrGhDNFeywrfRo/27Syg+iRBkvXrKOZeoQTCslHwVXj84FLn
+rN3/WfA219DDtw602Y3L3yMoqt+9B+llJHYQKAlDer4gLeM8DUoY4LQVyb7Xv7VG
+rpKUwrbBtCadCu8XDt3EJUR4qOIIuWU9Bd5UF8l0cfnIu2ZOyYU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
index b123ad0e..d34ca7e9 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
index 9bc7ebd2..530b307d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badaltnull.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            50:b6:0d:5a:9f:1e:16:84:1e:31:d8:93:dd:83:41:12:95:f2:be:2c
+            75:94:fd:49:d7:c1:2b:ca:02:75:4d:37:61:ca:48:1b:60:40:bc:e2
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -34,30 +34,29 @@ Certificate:
                 Exponent: 65537 (0x10001)
         X509v3 extensions:
             X509v3 Subject Alternative Name: 
-                <EMPTY>
-
+                0
..localhost.h
     Signature Algorithm: sha256WithRSAEncryption
-         32:3e:75:3d:36:97:04:5c:38:de:c1:e3:6d:c9:5e:84:89:eb:
-         0a:74:0d:60:a5:77:a8:6a:d7:a3:38:2e:2c:20:9b:79:8d:c1:
-         0d:c3:3e:f9:e2:49:52:d5:78:cb:93:38:dd:00:d9:e0:90:05:
-         78:cc:ab:25:37:be:c4:e9:11:dd:9a:f2:a4:03:4f:50:3f:58:
-         90:73:75:7e:00:40:dd:9e:b6:0a:09:cd:46:e8:16:f1:a4:4d:
-         ff:a3:fb:ce:b2:ad:67:9d:98:38:66:4b:7d:5e:6b:28:32:35:
-         29:5f:fc:cc:4b:ed:14:e0:3f:a9:d0:62:4a:96:00:f9:ae:6b:
-         af:ee:59:d5:d5:47:15:65:aa:8b:b7:15:4b:0d:8f:f6:87:fd:
-         42:74:0a:c4:e7:84:ce:8b:a5:ef:85:62:b6:f1:cd:41:ca:d7:
-         d0:ef:6c:ff:60:66:33:cc:05:6a:46:8c:23:d3:37:66:1e:21:
-         fb:b1:67:9f:35:9d:b1:c1:80:f9:bb:a5:96:c7:56:2c:f0:d4:
-         d2:6d:ac:13:bb:33:64:23:72:a3:82:77:89:f3:fd:36:88:52:
-         e0:cd:0f:2c:a0:0d:7c:d8:4f:f3:b4:4e:a7:b4:30:59:8c:d1:
-         36:f2:75:0a:3e:db:8d:51:e8:ba:8c:9c:87:1e:c5:c7:e2:d2:
-         63:63:6f:22
+         9c:a2:c0:49:d7:4b:a2:cf:6d:83:b7:06:a0:b2:60:4e:a3:ca:
+         57:8e:0f:8f:65:0a:e5:3b:12:8f:06:5e:f7:7c:4c:22:09:8e:
+         88:a9:34:c4:ed:5a:01:45:8e:c6:06:bc:f9:41:96:6f:dc:7c:
+         3e:5b:b9:19:ff:77:f1:49:a1:84:e9:11:8a:d2:d7:6c:13:53:
+         cd:48:61:7d:a4:0b:30:e9:62:32:f5:01:a4:27:5c:3b:d1:cf:
+         cb:cb:c6:8d:2d:9d:3f:89:46:13:4f:2c:5b:4c:a8:ab:7d:23:
+         a5:98:9f:ad:ba:fc:2c:4b:44:17:3d:99:8d:7a:53:21:f7:8f:
+         25:d8:84:ba:41:c2:c9:0f:24:d7:06:6e:cc:93:f7:13:f3:21:
+         64:05:b0:82:96:44:d0:1d:dd:e0:5c:d1:32:f2:55:08:25:05:
+         2a:23:d6:ae:bc:e5:29:8d:13:06:1d:d0:cc:9e:b0:04:c2:1c:
+         3e:c5:6d:60:6b:d8:25:d8:23:0a:8c:f9:74:7a:e5:5b:21:b6:
+         b5:74:de:c9:34:2d:75:c5:01:41:47:c6:76:08:8c:21:59:4f:
+         4d:9b:16:05:c1:43:15:a2:17:b2:ab:70:6a:51:18:3f:c9:ac:
+         48:16:a1:23:38:e2:90:ea:ac:df:5a:b5:7f:ed:be:9b:42:a5:
+         e2:2b:5c:c7
 -----BEGIN CERTIFICATE-----
-MIIDrjCCApagAwIBAgIUULYNWp8eFoQeMdiT3YNBEpXyviwwDQYJKoZIhvcNAQEL
+MIIDrjCCApagAwIBAgIUdZT9SdfBK8oCdU03YcpIG2BAvOIwDQYJKoZIhvcNAQEL
 BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -67,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
 Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
 4eZhg8XSlt/Z0E+t1wIDAQABoxowGDAWBgNVHREEDzANggtsb2NhbGhvc3QAaDAN
-BgkqhkiG9w0BAQsFAAOCAQEAMj51PTaXBFw43sHjbclehInrCnQNYKV3qGrXozgu
-LCCbeY3BDcM++eJJUtV4y5M43QDZ4JAFeMyrJTe+xOkR3ZrypANPUD9YkHN1fgBA
-3Z62CgnNRugW8aRN/6P7zrKtZ52YOGZLfV5rKDI1KV/8zEvtFOA/qdBiSpYA+a5r
-r+5Z1dVHFWWqi7cVSw2P9of9QnQKxOeEzoul74VitvHNQcrX0O9s/2BmM8wFakaM
-I9M3Zh4h+7FnnzWdscGA+bullsdWLPDU0m2sE7szZCNyo4J3ifP9NohS4M0PLKAN
-fNhP87ROp7QwWYzRNvJ1Cj7bjVHouoychx7Fx+LSY2NvIg==
+BgkqhkiG9w0BAQsFAAOCAQEAnKLASddLos9tg7cGoLJgTqPKV44Pj2UK5TsSjwZe
+93xMIgmOiKk0xO1aAUWOxga8+UGWb9x8Plu5Gf938UmhhOkRitLXbBNTzUhhfaQL
+MOliMvUBpCdcO9HPy8vGjS2dP4lGE08sW0yoq30jpZifrbr8LEtEFz2ZjXpTIfeP
+JdiEukHCyQ8k1wZuzJP3E/MhZAWwgpZE0B3d4FzRMvJVCCUFKiPWrrzlKY0TBh3Q
+zJ6wBMIcPsVtYGvYJdgjCoz5dHrlWyG2tXTeyTQtdcUBQUfGdgiMIVlPTZsWBcFD
+FaIXsqtwalEYP8msSBahIzjikOqs31q1f+2+m0Kl4itcxw==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcn.der b/extra/wolfssl/wolfssl/certs/test/server-badcn.der
index 2f1816e1..a707a5f0 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcn.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcn.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcn.pem b/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
index ecb97f8d..ad42bb9a 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcn.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            79:e6:1d:85:f5:44:69:d4:f4:7c:4a:eb:62:26:d2:ac:1c:be:8a:b2
+            33:9d:a3:77:36:7a:b9:40:c0:3f:62:ae:d7:80:c0:a4:88:f9:82:5f
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
                     ad:d7
                 Exponent: 65537 (0x10001)
     Signature Algorithm: sha256WithRSAEncryption
-         b4:5d:5d:51:69:22:95:b3:61:d5:91:84:32:88:eb:6c:5a:43:
-         e7:8c:94:58:69:07:ea:c1:f2:4e:c4:23:be:c4:8b:13:ed:07:
-         5e:e9:a1:6f:a7:f8:13:d6:8b:c9:87:01:38:74:5b:47:d1:96:
-         35:a7:0a:c6:c7:4f:2a:44:a1:6d:c9:58:30:a5:9b:df:cc:55:
-         e0:a6:50:1f:36:89:58:57:6d:eb:b9:94:4f:0b:eb:c4:ed:2c:
-         21:26:b5:c3:eb:f7:07:c6:59:5f:51:2b:14:77:a6:22:17:cd:
-         25:55:d6:e6:d4:a1:47:44:98:86:c5:86:f8:8a:ae:67:ae:12:
-         89:36:16:fd:a0:66:f9:25:45:eb:08:b3:e7:6c:b9:d1:46:d0:
-         8f:41:bf:96:37:cb:24:16:fb:2f:2e:79:1d:f3:b5:d3:da:85:
-         da:7c:e3:ea:d3:a9:7e:b3:6a:ad:c8:3a:65:54:b2:77:55:5a:
-         65:d4:40:cf:30:07:28:7a:3b:2c:f9:10:99:a3:5e:d8:70:f9:
-         ae:87:a7:ae:1a:cd:1f:cc:10:2e:44:6f:6a:f7:60:c4:e7:a0:
-         53:16:47:42:ca:fc:1e:fc:be:d0:60:07:52:87:89:a8:b5:7a:
-         17:81:3a:8f:81:78:36:a9:f3:9e:4b:00:1a:48:62:27:6c:65:
-         db:a1:10:10
+         2f:03:d9:42:ae:10:f3:4b:42:c1:9d:6a:aa:09:da:f1:55:8a:
+         0b:76:ce:51:d5:16:95:24:49:ac:14:1b:f6:b4:81:bd:c4:2b:
+         9c:f2:34:8b:a5:18:a6:00:82:70:00:c1:8f:26:90:da:70:70:
+         60:bf:c8:98:d2:d1:c7:86:fd:68:60:f2:54:46:e5:e0:d9:58:
+         c4:85:01:32:b1:02:43:06:61:f5:61:3f:fd:80:b0:75:2c:3a:
+         50:d8:c9:11:6e:36:17:8e:e0:a6:3f:b1:bd:17:96:31:c9:04:
+         e9:53:84:6a:e6:bc:c3:82:1a:fc:8f:63:e9:68:c9:b3:ed:61:
+         8d:08:a2:9d:c8:4e:57:09:50:2c:16:6f:9a:c7:31:cc:6c:fd:
+         3c:37:01:06:f1:c7:98:e6:c5:ee:cb:3e:6f:6b:20:bc:dc:64:
+         17:2e:d7:5b:95:2a:18:e5:ab:4c:5e:97:1c:e5:7d:e5:72:cd:
+         fe:b6:6d:9b:36:c6:4b:70:dc:97:5f:49:31:93:1b:2b:ca:d1:
+         c8:12:24:31:c2:78:50:bf:aa:28:e6:42:78:ae:e1:08:7a:64:
+         da:46:89:d6:07:4a:cb:51:36:69:11:6c:a9:61:fc:b1:03:21:
+         c2:82:6a:15:d7:98:58:1c:40:55:08:e0:32:9e:05:78:c6:a0:
+         b8:d9:11:2f
 -----BEGIN CERTIFICATE-----
-MIIDkjCCAnqgAwIBAgIUeeYdhfVEadT0fErrYibSrBy+irIwDQYJKoZIhvcNAQEL
+MIIDkjCCAnqgAwIBAgIUM52jdzZ6uUDAP2Ku14DApIj5gl8wDQYJKoZIhvcNAQEL
 BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -62,11 +62,11 @@ j+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+t
 Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
 Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
-4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQC0XV1RaSKVs2HV
-kYQyiOtsWkPnjJRYaQfqwfJOxCO+xIsT7Qde6aFvp/gT1ovJhwE4dFtH0ZY1pwrG
-x08qRKFtyVgwpZvfzFXgplAfNolYV23ruZRPC+vE7SwhJrXD6/cHxllfUSsUd6Yi
-F80lVdbm1KFHRJiGxYb4iq5nrhKJNhb9oGb5JUXrCLPnbLnRRtCPQb+WN8skFvsv
-Lnkd87XT2oXafOPq06l+s2qtyDplVLJ3VVpl1EDPMAcoejss+RCZo17YcPmuh6eu
-Gs0fzBAuRG9q92DE56BTFkdCyvwe/L7QYAdSh4motXoXgTqPgXg2qfOeSwAaSGIn
-bGXboRAQ
+4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAvA9lCrhDzS0LB
+nWqqCdrxVYoLds5R1RaVJEmsFBv2tIG9xCuc8jSLpRimAIJwAMGPJpDacHBgv8iY
+0tHHhv1oYPJURuXg2VjEhQEysQJDBmH1YT/9gLB1LDpQ2MkRbjYXjuCmP7G9F5Yx
+yQTpU4Rq5rzDghr8j2PpaMmz7WGNCKKdyE5XCVAsFm+axzHMbP08NwEG8ceY5sXu
+yz5vayC83GQXLtdblSoY5atMXpcc5X3lcs3+tm2bNsZLcNyXX0kxkxsrytHIEiQx
+wnhQv6oo5kJ4ruEIemTaRonWB0rLUTZpEWypYfyxAyHCgmoV15hYHEBVCOAyngV4
+xqC42REv
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
index 9c1d7691..bd1524f6 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
index d551a27f..ed89ce73 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-badcnnull.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            08:b1:99:a7:bd:5f:a6:05:3e:d4:fd:d3:1d:2a:6c:5d:d3:38:cc:a2
+            29:9c:4e:32:2d:67:08:52:16:03:ba:4f:eb:47:e3:a2:ef:55:06:15
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = DER:30:0d:82:0b:6c:6f:63:61:6c:68:6f:73:74:00:68, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -33,28 +33,28 @@ Certificate:
                     ad:d7
                 Exponent: 65537 (0x10001)
     Signature Algorithm: sha256WithRSAEncryption
-         85:40:69:33:07:7a:aa:3c:86:ff:5f:c5:29:d7:16:38:95:22:
-         2a:5e:bd:c8:0c:aa:29:48:04:87:5b:18:0e:39:b0:bf:b9:01:
-         48:01:45:81:03:52:81:b1:13:b1:81:af:d7:99:3e:5e:ed:0a:
-         ac:22:77:3d:0f:22:e4:f6:08:9a:91:c3:ba:41:e2:d1:22:74:
-         4c:04:d3:51:de:35:a5:f6:10:40:e6:50:2e:a6:bd:06:20:2c:
-         27:90:1d:a5:b2:e5:87:b7:77:2c:0a:e2:08:f8:93:60:dc:a7:
-         41:7f:dd:b7:d4:ed:0b:58:ea:ec:ad:c3:76:ab:12:30:41:6e:
-         55:97:cb:fc:3a:15:f8:c8:79:f6:85:8d:47:28:e7:dd:a7:d6:
-         64:b0:e5:f8:97:25:7c:37:f6:46:c4:bb:d6:fb:01:59:93:7c:
-         7f:2d:e9:f4:16:79:2d:d3:25:51:11:88:4c:e4:fa:83:b7:20:
-         48:dd:03:fb:e2:6e:4e:af:9d:b7:55:55:16:2c:15:76:c4:00:
-         09:f0:58:c7:db:9d:66:b6:20:00:50:29:45:14:8b:d4:a4:63:
-         c8:91:0d:0c:72:04:f6:fe:d4:37:87:3b:94:4e:89:c2:22:58:
-         45:6e:fa:58:0e:e5:dc:89:6c:e9:8e:b0:09:c7:07:db:77:0c:
-         b4:31:51:77
+         b7:a0:3f:bf:60:6d:0e:49:aa:e4:a8:00:b6:7d:d5:15:58:60:
+         5d:cb:40:70:46:04:6c:e3:6d:04:b0:2a:eb:e2:64:b3:4f:a6:
+         47:ae:22:c8:41:a1:cc:01:0c:1a:b2:6f:d2:e5:cf:b8:ac:c7:
+         3c:a8:04:0d:7e:53:c5:9f:ec:f6:26:1e:d7:ed:6d:44:a5:8f:
+         64:7b:bd:f4:19:fd:70:d5:39:7a:d9:22:72:2d:ec:09:0d:61:
+         e9:1f:3d:61:70:13:1c:d6:34:44:1d:04:a7:2c:96:08:0b:e6:
+         63:e5:02:e6:95:d3:49:75:a9:e2:d0:e4:6e:9c:87:17:3a:30:
+         d4:dd:16:58:f8:cc:39:ff:a4:2d:3f:26:bf:40:92:6e:b2:b6:
+         6d:03:d8:68:a2:4a:3d:cf:b9:00:93:58:54:5a:ef:ea:6d:28:
+         c3:8c:c1:0e:60:5a:8c:df:5d:d5:0b:cb:b5:e5:6c:57:7a:b6:
+         ac:8c:64:67:f4:68:8d:73:50:41:11:6c:14:b6:65:7d:57:ff:
+         27:b5:f3:5e:7e:d4:07:29:49:6b:0c:aa:ed:b2:aa:32:a3:b4:
+         78:bc:2d:18:6f:a6:fa:ea:b2:c8:a4:a3:f2:cc:da:43:9c:eb:
+         92:ea:7a:1a:8f:4b:ed:87:eb:f6:80:ea:6a:de:d7:ac:0e:9e:
+         47:2d:37:30
 -----BEGIN CERTIFICATE-----
-MIID1DCCArygAwIBAgIUCLGZp71fpgU+1P3THSpsXdM4zKIwDQYJKoZIhvcNAQEL
+MIID1DCCArygAwIBAgIUKZxOMi1nCFIWA7pP60fjou9VBhUwDQYJKoZIhvcNAQEL
 BQAwgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVSOjMwOjBk
 OjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1MFoXDTI1MDkx
-MTIxMTc1MFowgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
+hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOVoXDTI2MDkw
+ODIyMTkyOVowgaMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYD
 VQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzE5MDcGA1UEAwwwREVS
 OjMwOjBkOjgyOjBiOjZjOjZmOjYzOjYxOjZjOjY4OjZmOjczOjc0OjAwOjY4MR8w
 HQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEF
@@ -64,10 +64,10 @@ U7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEu
 uBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTS
 ELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0
 sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABMA0GCSqGSIb3DQEB
-CwUAA4IBAQCFQGkzB3qqPIb/X8Up1xY4lSIqXr3IDKopSASHWxgOObC/uQFIAUWB
-A1KBsROxga/XmT5e7QqsInc9DyLk9giakcO6QeLRInRMBNNR3jWl9hBA5lAupr0G
-ICwnkB2lsuWHt3csCuII+JNg3KdBf9231O0LWOrsrcN2qxIwQW5Vl8v8OhX4yHn2
-hY1HKOfdp9ZksOX4lyV8N/ZGxLvW+wFZk3x/Len0Fnkt0yVREYhM5PqDtyBI3QP7
-4m5Or523VVUWLBV2xAAJ8FjH251mtiAAUClFFIvUpGPIkQ0McgT2/tQ3hzuUTonC
-IlhFbvpYDuXciWzpjrAJxwfbdwy0MVF3
+CwUAA4IBAQC3oD+/YG0OSarkqAC2fdUVWGBdy0BwRgRs420EsCrr4mSzT6ZHriLI
+QaHMAQwasm/S5c+4rMc8qAQNflPFn+z2Jh7X7W1EpY9ke730Gf1w1Tl62SJyLewJ
+DWHpHz1hcBMc1jREHQSnLJYIC+Zj5QLmldNJdani0ORunIcXOjDU3RZY+Mw5/6Qt
+Pya/QJJusrZtA9hooko9z7kAk1hUWu/qbSjDjMEOYFqM313VC8u15WxXerasjGRn
+9GiNc1BBEWwUtmV9V/8ntfNeftQHKUlrDKrtsqoyo7R4vC0Yb6b66rLIpKPyzNpD
+nOuS6noaj0vth+v2gOpq3tesDp5HLTcw
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
index 6d126fad..3e1a890d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
index 37be2864..13285961 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-ecc-badsig.pem
@@ -5,9 +5,9 @@ Certificate:
         Signature Algorithm: ecdsa-with-SHA256
         Issuer: C = US, ST = Washington, L = Seattle, O = wolfSSL, OU = Development, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
-        Subject: C = US, ST = Washington, L = Seattle, O = Eliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
+        Subject: C = US, ST = Washington, L = Seattle, O = Elliptic, OU = ECC, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: id-ecPublicKey
                 Public-Key: (256 bit)
@@ -34,24 +34,24 @@ Certificate:
             Netscape Cert Type: 
                 SSL Server
     Signature Algorithm: ecdsa-with-SHA256
-         30:45:02:21:00:cf:3a:17:97:d4:be:7c:50:e1:be:1b:53:95:
-         7b:a3:b8:c6:73:c4:34:e0:73:5a:db:3e:cb:3a:b6:a8:f1:cd:
-         bf:02:20:2b:e6:f9:65:b2:ab:0f:bb:2b:36:5c:cc:2e:19:a9:
-         59:1c:6f:6f:ce:9b:7a:e6:5b:65:31:33:80:05:cb:7c:96
+         30:45:02:21:00:86:bd:87:16:d2:9c:66:e7:5e:5c:28:0e:5f:
+         ef:94:61:2f:d4:21:6d:8e:c3:94:0a:1e:b5:6a:1d:c6:04:87:
+         c6:02:20:66:46:c4:29:d9:8e:eb:0b:f7:5b:32:13:eb:0a:ea:
+         47:99:4b:74:56:ba:21:97:b1:67:75:5c:f3:f3:c0:88:aa
 -----BEGIN CERTIFICATE-----
-MIICoTCCAkegAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
+MIICojCCAkigAwIBAgIBAzAKBggqhkjOPQQDAjCBlzELMAkGA1UEBhMCVVMxEzAR
 BgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB3dv
 bGZTU0wxFDASBgNVBAsMC0RldmVsb3BtZW50MRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBjzELMAkGA1UEBhMCVVMxEzARBgNVBAgM
-Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEDAOBgNVBAoMB0VsaXB0aWMx
-DDAKBgNVBAsMA0VDQzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZI
-hvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
-QgAEuzOsTCdQSsZKpQTDPN6fNttyLc6U6iv6yyAJOSwW6GEC6a9N0wKTmjFbl5Ih
-f/DPGNqREQI0huggWDMLgDSJ2KOBiTCBhjAdBgNVHQ4EFgQUXV0m76x+NvmbdhUr
-SiUCI++yiTAwHwYDVR0jBBgwFoAUVo6aw/BC3hi5RVVu+ZPP6sPzpSEwDAYDVR0T
-AQH/BAIwADAOBgNVHQ8BAf8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwEQYJ
-YIZIAYb4QgEBBAQDAgZAMAoGCCqGSM49BAMCA0gAMEUCIQDPOheX1L58UOG+G1OV
-e6O4xnPENOBzWts+yzq2qPHNvwIgK+b5ZbKrD7srNlzMLhmpWRxvb86beuZbZTEz
-gAXLxJY=
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEzARBgNVBAgM
+Cldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxETAPBgNVBAoMCEVsbGlwdGlj
+MQwwCgYDVQQLDANFQ0MxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
+SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABLszrEwnUErGSqUEwzzenzbbci3OlOor+ssgCTksFuhhAumvTdMCk5oxW5eS
+IX/wzxjakRECNIboIFgzC4A0idijgYkwgYYwHQYDVR0OBBYEFF1dJu+sfjb5m3YV
+K0olAiPvsokwMB8GA1UdIwQYMBaAFFaOmsPwQt4YuUVVbvmTz+rD86UhMAwGA1Ud
+EwEB/wQCMAAwDgYDVR0PAQH/BAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMBMBEG
+CWCGSAGG+EIBAQQEAwIGQDAKBggqhkjOPQQDAgNIADBFAiEAhr2HFtKcZudeXCgO
+X++UYS/UIW2Ow5QKHrVqHcYEh8YCIGZGxCnZjusL91syE+sK6keZS3RWuiGXsWd1
+XPPzxIiq
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
index 30cd28d9..e5cb198f 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
index b1b9d1b8..171894d2 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-cert-rsa-badsig.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = Support, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -46,27 +46,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         b9:10:f0:be:fe:c8:67:5e:7d:0f:36:33:c7:17:2a:01:c4:bb:
-         74:83:4c:bc:bb:e2:ba:92:82:3a:d9:2d:8c:0e:e3:75:1b:c0:
-         14:aa:40:1e:a8:11:7d:94:9c:3d:74:7a:3b:16:7b:d8:9d:f0:
-         e8:7d:1d:fa:3b:14:42:20:e3:05:a3:fd:b1:0c:f1:2a:c4:00:
-         50:8d:1e:97:93:6a:de:82:13:24:9e:2b:fa:08:85:e3:4f:40:
-         fd:63:c7:3d:e9:bd:6f:7c:03:98:85:fe:b4:51:5d:7f:8c:83:
-         b3:ad:4a:88:e9:f3:4c:33:84:77:d3:02:35:59:e3:4e:64:a1:
-         b7:bb:fb:f8:fb:14:2a:ae:36:bf:d9:82:e7:cb:98:48:16:c8:
-         81:d6:a0:f1:74:14:e3:74:4a:72:4a:f1:6f:dd:be:86:1e:20:
-         f3:05:16:83:1f:aa:7c:59:35:97:24:b8:27:b7:56:9f:30:2e:
-         90:e0:19:e0:21:ca:9d:3f:da:99:07:94:79:49:53:14:5c:a2:
-         2c:56:5b:b2:55:68:5c:1f:91:58:9a:cd:53:b5:ea:63:5a:72:
-         49:41:cc:76:9f:88:35:86:0d:60:5d:e5:91:bd:ac:6f:cf:d5:
-         92:27:72:4a:21:f4:58:98:8e:3b:d2:29:e6:ee:fa:e6:b0:6c:
-         8b:1e:e0:54
+         4a:ff:b9:e5:85:9b:da:53:66:7f:07:22:bf:b6:19:ea:42:eb:
+         a4:11:07:62:ff:39:5f:33:37:3a:87:26:71:3d:13:b2:ca:b8:
+         64:38:7b:8a:99:48:0e:a5:a4:6b:b1:99:6e:e0:46:51:bd:19:
+         52:ad:bc:a6:7e:2a:7a:7c:23:a7:cc:db:5e:43:7d:6b:04:c8:
+         b7:dd:95:ad:f0:91:80:59:c5:19:91:26:27:91:b8:48:1c:eb:
+         55:b6:aa:7d:a4:38:f1:03:bc:6c:8b:aa:94:d6:3c:05:7a:96:
+         c5:06:f1:26:14:2e:75:fb:dd:e5:35:b3:01:2c:b3:ad:62:5a:
+         21:9a:08:be:56:fc:f9:a2:42:87:86:e5:a9:c5:99:cf:ae:14:
+         be:e0:b9:08:24:0d:1d:5c:d6:14:e1:4c:9f:40:b3:a9:e9:2d:
+         52:8b:4c:bf:ac:44:31:67:c1:8d:06:85:ec:0f:e4:99:d7:4b:
+         7b:21:06:66:d4:e4:f5:9d:ff:8e:f0:86:39:58:1d:a4:5b:e2:
+         63:ef:7c:c9:18:87:a8:02:25:10:3e:87:28:f9:f5:ef:47:9e:
+         a5:80:08:11:90:68:fe:d1:a3:a8:51:b9:37:ff:d5:ca:7c:87:
+         7f:6b:bc:2c:12:c8:c5:85:8b:fc:0c:c6:b9:86:b8:c9:04:c3:
+         51:37:d2:4f
 -----BEGIN CERTIFICATE-----
 MIIE6DCCA9CgAwIBAgIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO
 BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG
 SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
@@ -80,26 +80,26 @@ BBSzETLJkpiE4sn40DtuA0LKHw6OPDCB1AYDVR0jBIHMMIHJgBQnjmcRdMMmHT/t
 M2OzpNgdMOXo1aGBmqSBlzCBlDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
 bmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3RoMRMwEQYDVQQL
 DApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20xHzAdBgkqhkiG
-9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFCyAzttHnQdmkj1o18qskE/KaUFLMAwG
+9w0BCQEWEGluZm9Ad29sZnNzbC5jb22CFDNEGqhsAez2YPJwUQpM0RT6vOlEMAwG
 A1UdEwQFMAMBAf8wHAYDVR0RBBUwE4ILZXhhbXBsZS5jb22HBH8AAAEwHQYDVR0l
-BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQC5EPC+
-/shnXn0PNjPHFyoBxLt0g0y8u+K6koI62S2MDuN1G8AUqkAeqBF9lJw9dHo7FnvY
-nfDofR36OxRCIOMFo/2xDPEqxABQjR6Xk2reghMkniv6CIXjT0D9Y8c96b1vfAOY
-hf60UV1/jIOzrUqI6fNMM4R30wI1WeNOZKG3u/v4+xQqrja/2YLny5hIFsiB1qDx
-dBTjdEpySvFv3b6GHiDzBRaDH6p8WTWXJLgnt1afMC6Q4BngIcqdP9qZB5R5SVMU
-XKIsVluyVWhcH5FYms1TtepjWnJJQcx2n4g1hg1gXeWRvaxvz9WSJ3JKIfRYmI47
-0inm7vrmsGyLHuBU
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBK/7nl
+hZvaU2Z/ByK/thnqQuukEQdi/zlfMzc6hyZxPROyyrhkOHuKmUgOpaRrsZlu4EZR
+vRlSrbymfip6fCOnzNteQ31rBMi33ZWt8JGAWcUZkSYnkbhIHOtVtqp9pDjxA7xs
+i6qU1jwFepbFBvEmFC51+93lNbMBLLOtYlohmgi+Vvz5okKHhuWpxZnPrhS+4LkI
+JA0dXNYU4UyfQLOp6S1Si0y/rEQxZ8GNBoXsD+SZ10t7IQZm1OT1nf+O8IY5WB2k
+W+Jj73zJGIeoAiUQPoco+fXvR56lgAgRkGj+0aOoUbk3/9XKfId/a7wsEsjFhYv8
+DMa5hrjJBMNRN9JP
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -130,7 +130,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -139,27 +139,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -174,12 +174,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4xiw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmixjU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem b/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
index d163fe5b..8450ca92 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-duplicate-policy.pem
@@ -5,8 +5,8 @@ Certificate:
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = wolfSSL, OU = testing duplicate policy, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -37,7 +37,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:FALSE
@@ -49,27 +49,27 @@ Certificate:
                     Explicit Text: Test of duplicate OIDs with different qualifiers
 
     Signature Algorithm: sha256WithRSAEncryption
-         06:e6:e5:15:9e:9a:39:07:0a:9e:cd:fc:0f:4b:77:46:1a:fe:
-         54:ee:8a:3b:43:41:f4:b3:9e:52:2d:92:2a:d3:c2:0d:de:9f:
-         85:bc:fd:df:70:57:b4:9b:7c:38:aa:0f:88:2a:97:1b:ac:73:
-         80:f6:f4:60:f1:7f:29:9c:61:12:48:25:ca:97:1d:e0:d6:96:
-         80:89:97:4f:36:1d:38:28:a8:98:6c:c8:c2:a1:17:45:3d:e1:
-         5b:56:c9:d7:91:2f:91:a1:53:87:9a:1a:d9:4c:9a:e4:e5:10:
-         10:33:10:fa:1d:5c:8c:f0:f2:27:56:47:b9:45:96:e0:5d:ee:
-         17:7a:7a:cd:38:80:ed:fa:c6:a3:c1:8d:c9:57:05:58:cb:ea:
-         21:08:40:3a:18:df:4f:de:68:d4:95:27:9d:cd:2b:96:55:68:
-         fe:3d:48:82:27:36:61:32:e2:70:7d:5b:09:aa:16:1c:80:57:
-         ae:04:cd:60:ba:38:34:44:cb:5d:f8:86:10:fd:3a:2a:f5:fd:
-         9b:b0:b6:79:66:e5:51:a1:d4:e1:59:41:bd:5e:96:12:a1:51:
-         b7:4b:b7:8b:e2:8b:9f:a4:b4:83:a4:d9:1c:22:b8:ef:aa:57:
-         9a:93:4c:89:91:57:9d:15:d9:c3:0a:9a:5d:5e:a9:5a:40:3c:
-         84:18:33:6b
+         ae:92:7f:94:c1:59:de:ec:62:89:79:b5:70:75:22:54:90:c1:
+         42:6a:dd:79:50:7b:f5:eb:23:9e:99:84:6c:ba:ca:d8:2e:15:
+         ed:f2:cb:ee:2a:b7:50:ca:82:fe:52:87:93:cf:22:5a:db:23:
+         3f:c2:22:a4:5a:02:f9:73:ac:0e:fe:2e:62:fb:6a:5d:1d:71:
+         13:ae:b8:c3:af:e9:6a:4c:a9:73:ca:fb:a9:69:b3:a2:62:ec:
+         e8:20:44:63:bf:49:ea:aa:90:e4:00:9c:fe:69:8c:99:4a:32:
+         e6:1a:2b:ae:1b:b9:82:53:8c:b0:06:ac:10:40:42:aa:68:da:
+         40:b7:92:f0:78:f6:5a:b6:ae:a2:a6:45:58:05:58:58:ca:bc:
+         85:92:92:52:e2:a4:c0:aa:9e:9a:03:f1:d4:a9:1f:46:ed:49:
+         76:71:76:3a:bb:47:ee:12:24:60:db:a4:2c:0d:9c:62:bf:1d:
+         a3:b4:80:68:18:32:32:51:9f:0a:49:3e:5c:20:f4:45:c8:11:
+         4d:b3:43:b1:a1:33:8b:07:b5:b4:86:66:0c:f7:b9:62:0a:2f:
+         53:29:dd:d0:9a:1a:64:86:7e:f6:72:fd:f9:ee:75:a1:20:d5:
+         dc:9d:03:60:32:f6:11:a9:9b:56:d7:5d:b0:65:fd:5f:c8:0e:
+         08:a4:f0:e6
 -----BEGIN CERTIFICATE-----
 MIIFMTCCBBmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMx
 EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh
 d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz
-bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2
-MjExNzQ5WhcNMjUwOTExMjExNzQ5WjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEz
+MjIxOTI4WhcNMjYwOTA4MjIxOTI4WjCBoTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
 B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxITAf
 BgNVBAsMGHRlc3RpbmcgZHVwbGljYXRlIHBvbGljeTEYMBYGA1UEAwwPd3d3Lndv
 bGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMIIBIjAN
@@ -83,27 +83,27 @@ o4IBfTCCAXkwHQYDVR0OBBYEFLMRMsmSmITiyfjQO24DQsofDo48MIHUBgNVHSME
 gcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYDVQQGEwJV
 UzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwI
 U2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xm
-c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIULIDO20ed
-B2aSPWjXyqyQT8ppQUswCQYDVR0TBAIwADB2BgNVHSAEbzBtMAUGAyoDBDBkBgMq
+c3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIUM0QaqGwB
+7PZg8nBRCkzRFPq86UQwCQYDVR0TBAIwADB2BgNVHSAEbzBtMAUGAyoDBDBkBgMq
 AwQwXTAbBggrBgEFBQcCARYPd3d3LndvbGZzc2wuY29tMD4GCCsGAQUFBwICMDIa
 MFRlc3Qgb2YgZHVwbGljYXRlIE9JRHMgd2l0aCBkaWZmZXJlbnQgcXVhbGlmaWVy
-czANBgkqhkiG9w0BAQsFAAOCAQEABublFZ6aOQcKns38D0t3Rhr+VO6KO0NB9LOe
-Ui2SKtPCDd6fhbz933BXtJt8OKoPiCqXG6xzgPb0YPF/KZxhEkglypcd4NaWgImX
-TzYdOCiomGzIwqEXRT3hW1bJ15EvkaFTh5oa2Uya5OUQEDMQ+h1cjPDyJ1ZHuUWW
-4F3uF3p6zTiA7frGo8GNyVcFWMvqIQhAOhjfT95o1JUnnc0rllVo/j1Igic2YTLi
-cH1bCaoWHIBXrgTNYLo4NETLXfiGEP06KvX9m7C2eWblUaHU4VlBvV6WEqFRt0u3
-i+KLn6S0g6TZHCK476pXmpNMiZFXnRXZwwqaXV6pWkA8hBgzaw==
+czANBgkqhkiG9w0BAQsFAAOCAQEArpJ/lMFZ3uxiiXm1cHUiVJDBQmrdeVB79esj
+npmEbLrK2C4V7fLL7iq3UMqC/lKHk88iWtsjP8IipFoC+XOsDv4uYvtqXR1xE664
+w6/pakypc8r7qWmzomLs6CBEY79J6qqQ5ACc/mmMmUoy5horrhu5glOMsAasEEBC
+qmjaQLeS8Hj2WrauoqZFWAVYWMq8hZKSUuKkwKqemgPx1KkfRu1JdnF2OrtH7hIk
+YNukLA2cYr8do7SAaBgyMlGfCkk+XCD0RcgRTbNDsaEziwe1tIZmDPe5YgovUynd
+0JoaZIZ+9nL9+e51oSDV3J0DYDL2EambVtddsGX9X8gOCKTw5g==
 -----END CERTIFICATE-----
 Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:80:ce:db:47:9d:07:66:92:3d:68:d7:ca:ac:90:4f:ca:69:41:4b
+            33:44:1a:a8:6c:01:ec:f6:60:f2:70:51:0a:4c:d1:14:fa:bc:e9:44
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:49 2022 GMT
-            Not After : Sep 11 21:17:49 2025 GMT
+            Not Before: Dec 13 22:19:28 2023 GMT
+            Not After : Sep  8 22:19:28 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, O = Sawtooth, OU = Consulting, CN = www.wolfssl.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -134,7 +134,7 @@ Certificate:
             X509v3 Authority Key Identifier: 
                 keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5
                 DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com
-                serial:2C:80:CE:DB:47:9D:07:66:92:3D:68:D7:CA:AC:90:4F:CA:69:41:4B
+                serial:33:44:1A:A8:6C:01:EC:F6:60:F2:70:51:0A:4C:D1:14:FA:BC:E9:44
 
             X509v3 Basic Constraints: 
                 CA:TRUE
@@ -143,27 +143,27 @@ Certificate:
             X509v3 Extended Key Usage: 
                 TLS Web Server Authentication, TLS Web Client Authentication
     Signature Algorithm: sha256WithRSAEncryption
-         ae:b0:a4:35:8e:8a:1b:a6:eb:b3:a2:57:cf:3a:1f:dc:6e:bc:
-         d2:d0:a6:4a:8f:88:0a:6e:74:d5:d1:7c:d1:44:b1:d4:3b:17:
-         03:09:5a:46:ed:08:08:cf:f1:fd:20:07:67:c0:97:ec:35:f3:
-         75:ca:20:61:98:3e:f5:4d:be:e6:9d:75:1e:e4:03:ad:8c:a6:
-         1e:3d:ec:e4:1a:92:5b:f9:a3:ad:83:ca:4f:cd:aa:38:bb:6e:
-         ae:ad:fa:a7:46:f1:8b:73:ec:09:23:bc:f2:18:e5:b7:92:86:
-         3e:a4:75:60:c7:3d:0f:3f:83:00:c3:06:08:9c:d1:54:d6:ba:
-         6d:95:3d:34:a1:be:24:91:cc:20:03:11:5b:72:1c:d4:65:d0:
-         11:88:75:26:04:26:ef:66:70:e6:3b:38:87:9c:53:71:1b:09:
-         51:70:50:99:4c:31:0c:62:44:57:30:60:04:fc:12:2c:a3:24:
-         b4:f7:11:d5:0e:b5:21:0b:ed:86:11:67:4d:36:fa:57:a0:59:
-         55:21:b3:6d:e4:77:5e:ec:7e:f0:09:13:8e:99:98:b2:e1:82:
-         b6:4b:3e:0f:41:a6:0c:cd:49:99:7e:e4:8a:cb:37:ed:53:cf:
-         86:5d:a9:26:a8:e5:01:25:5a:b4:bc:25:35:f1:fa:5a:5c:ce:
-         d4:b8:9a:2c
+         2d:fc:f9:32:5a:be:d6:9d:42:8b:86:4e:67:22:c3:50:2d:cb:
+         14:27:1d:94:f3:cd:88:42:da:41:1c:39:24:67:a7:92:4d:27:
+         ea:56:82:19:bf:11:b2:43:a4:8d:5d:87:b2:27:64:66:82:81:
+         df:c4:fd:5b:62:b0:c2:4d:9d:29:f2:41:32:cc:2e:b5:da:38:
+         06:1b:e8:7f:8c:6e:3d:80:1e:00:56:49:bf:39:e0:da:68:2f:
+         c4:fd:00:e6:d1:81:1a:d1:4a:bb:76:52:ce:4d:24:9d:c4:a3:
+         a7:f1:65:14:2f:1f:a8:2d:c6:cb:ce:b1:a7:89:74:26:27:c3:
+         f3:a3:84:4c:34:01:14:03:7d:16:3a:c8:8b:25:2e:7b:90:cc:
+         46:b1:52:34:ba:93:6e:ef:fe:43:a3:ad:c6:6f:51:fb:ba:ea:
+         38:e3:6f:d6:ee:63:62:36:ea:5e:08:b4:e2:2a:46:89:e3:ae:
+         b3:b4:06:ef:63:7a:6e:5d:dd:c9:ec:02:4f:f7:64:c0:27:07:
+         b4:6f:4a:18:72:5b:34:74:7c:d0:a9:04:8f:40:8b:6a:39:d2:
+         6b:1a:01:f2:01:a8:81:34:3a:e5:b0:55:d1:3c:95:ca:b0:82:
+         d6:ed:98:28:15:59:7e:95:a7:69:c7:b5:7b:ec:01:a7:4d:e6:
+         b9:a2:fe:35
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIULIDO20edB2aSPWjXyqyQT8ppQUswDQYJKoZIhvcNAQEL
+MIIE/zCCA+egAwIBAgIUM0QaqGwB7PZg8nBRCkzRFPq86UQwDQYJKoZIhvcNAQEL
 BQAwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEY
 MBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdv
-bGZzc2wuY29tMB4XDTIyMTIxNjIxMTc0OVoXDTI1MDkxMTIxMTc0OVowgZQxCzAJ
+bGZzc2wuY29tMB4XDTIzMTIxMzIyMTkyOFoXDTI2MDkwODIyMTkyOFowgZQxCzAJ
 BgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREw
 DwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwP
 d3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
@@ -178,12 +178,12 @@ BgNVHSMEgcwwgcmAFCeOZxF0wyYdP+0zY7Ok2B0w5ejVoYGapIGXMIGUMQswCQYD
 VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G
 A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3
 dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbYIU
-LIDO20edB2aSPWjXyqyQT8ppQUswDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
+M0QaqGwB7PZg8nBRCkzRFPq86UQwDAYDVR0TBAUwAwEB/zAcBgNVHREEFTATggtl
 eGFtcGxlLmNvbYcEfwAAATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
-DQYJKoZIhvcNAQELBQADggEBAK6wpDWOihum67OiV886H9xuvNLQpkqPiApudNXR
-fNFEsdQ7FwMJWkbtCAjP8f0gB2fAl+w183XKIGGYPvVNvuaddR7kA62Mph497OQa
-klv5o62Dyk/Nqji7bq6t+qdG8Ytz7AkjvPIY5beShj6kdWDHPQ8/gwDDBgic0VTW
-um2VPTShviSRzCADEVtyHNRl0BGIdSYEJu9mcOY7OIecU3EbCVFwUJlMMQxiRFcw
-YAT8EiyjJLT3EdUOtSEL7YYRZ002+legWVUhs23kd17sfvAJE46ZmLLhgrZLPg9B
-pgzNSZl+5IrLN+1Tz4ZdqSao5QElWrS8JTXx+lpcztS4miw=
+DQYJKoZIhvcNAQELBQADggEBAC38+TJavtadQouGTmciw1AtyxQnHZTzzYhC2kEc
+OSRnp5JNJ+pWghm/EbJDpI1dh7InZGaCgd/E/VtisMJNnSnyQTLMLrXaOAYb6H+M
+bj2AHgBWSb854NpoL8T9AObRgRrRSrt2Us5NJJ3Eo6fxZRQvH6gtxsvOsaeJdCYn
+w/OjhEw0ARQDfRY6yIslLnuQzEaxUjS6k27v/kOjrcZvUfu66jjjb9buY2I26l4I
+tOIqRonjrrO0Bu9jem5d3cnsAk/3ZMAnB7RvShhyWzR0fNCpBI9Ai2o50msaAfIB
+qIE0OuWwVdE8lcqwgtbtmCgVWX6Vp2nHtXvsAadN5rmi/jU=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-garbage.der b/extra/wolfssl/wolfssl/certs/test/server-garbage.der
index caed24b7..c488dc57 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-garbage.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-garbage.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-garbage.pem b/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
index dff68273..4c074ef6 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-garbage.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            56:d8:ee:2d:0e:b3:67:82:6b:9b:76:c3:6c:c0:4d:3e:de:a4:82:4c
+            29:92:30:0a:e4:14:e1:59:32:49:a9:66:fd:11:f5:b2:16:d6:7a:d0
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:30 2023 GMT
+            Not After : Sep  8 22:19:30 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:garbage
     Signature Algorithm: sha256WithRSAEncryption
-         81:bc:29:f9:85:0f:21:3e:c1:bf:a5:90:25:d0:34:ed:82:0f:
-         d0:dc:c0:4c:2e:b7:09:bd:61:0e:5f:e7:35:b0:30:ca:4b:62:
-         04:e8:ea:9e:0d:70:7a:d2:7b:d8:f7:69:bc:f0:4a:7b:fc:84:
-         2e:1f:ef:27:c6:22:f7:ea:6a:03:7f:0b:e9:23:44:41:23:53:
-         e8:db:8f:1c:c6:03:d8:0c:95:71:a5:56:a5:14:0d:0c:d2:9e:
-         4f:51:81:60:89:f8:d2:88:1e:d8:08:27:64:a3:25:b8:38:eb:
-         5a:8c:9f:7c:00:d5:84:26:f8:3d:4a:f1:be:b8:74:9b:8d:63:
-         f5:59:48:15:aa:b7:aa:c2:5c:ac:f0:f1:98:1f:7d:63:23:52:
-         14:fd:03:c2:0d:17:4d:c0:73:e4:a8:2d:cc:0a:cd:17:2d:72:
-         8c:c1:f0:ff:2e:b3:8e:95:38:3e:06:be:dd:10:77:8b:70:5d:
-         0f:c5:80:72:ff:a5:f7:2d:9c:e8:06:b3:9c:19:37:3f:ef:11:
-         ed:30:5c:13:0d:49:14:fe:3e:40:e7:b0:49:ac:39:f6:19:3f:
-         c5:b7:77:02:3e:2f:0c:d2:40:8f:1a:0f:95:63:0e:34:af:20:
-         c8:32:e2:76:b4:a8:ef:f0:8d:bf:99:97:6a:e4:d8:f8:96:0a:
-         cf:7a:07:8f
+         34:5e:01:46:29:63:4f:93:cf:48:77:45:39:48:68:cf:c6:54:
+         94:56:14:6f:17:2d:e1:83:48:8b:91:70:6d:5f:d8:14:fc:a4:
+         a9:bc:fa:58:63:ce:57:2f:c5:b6:61:8b:c3:6d:dc:39:83:2e:
+         f3:78:d9:2b:b9:ed:f0:ef:c2:82:17:1b:ac:97:2a:c0:3a:9f:
+         f9:b7:6b:a6:0e:1c:af:17:be:74:d0:ff:11:ea:48:6d:f6:b8:
+         e8:11:db:c9:ca:49:e5:18:d9:51:3d:eb:76:56:b6:ce:da:cd:
+         a6:cb:ac:a3:06:5e:b7:b0:f6:2b:ba:dc:0f:c4:12:01:7e:8b:
+         c7:e4:ad:59:72:4a:a5:25:7a:bd:ec:1d:f4:89:f8:aa:c7:c8:
+         ad:8c:1c:d5:19:55:f9:32:75:f6:04:2c:67:86:d5:e8:f5:be:
+         bd:76:0b:bb:bb:8f:7d:1a:70:a2:9c:16:88:ca:de:14:9d:a2:
+         0a:23:36:fd:02:bc:6d:ee:f4:7a:41:e2:2d:21:d0:5f:eb:ec:
+         4e:4b:71:aa:80:57:63:da:39:2b:ce:37:5a:26:64:ad:6b:bc:
+         a6:24:90:b6:e8:b2:4a:19:98:e8:06:17:12:f8:57:74:44:f7:
+         b9:16:67:2d:be:66:fb:4d:a6:66:e7:b5:58:f8:9c:51:1d:56:
+         fd:ef:bf:6e
 -----BEGIN CERTIFICATE-----
-MIIDnDCCAoSgAwIBAgIUVtjuLQ6zZ4Jrm3bDbMBNPt6kgkwwDQYJKoZIhvcNAQEL
+MIIDnDCCAoSgAwIBAgIUKZIwCuQU4VkySalm/RH1shbWetAwDQYJKoZIhvcNAQEL
 BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTMw
+WhcNMjYwOTA4MjIxOTMwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
 YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
 BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
 ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
 vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
 uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
 AwEAAaMWMBQwEgYDVR0RBAswCYIHZ2FyYmFnZTANBgkqhkiG9w0BAQsFAAOCAQEA
-gbwp+YUPIT7Bv6WQJdA07YIP0NzATC63Cb1hDl/nNbAwyktiBOjqng1wetJ72Pdp
-vPBKe/yELh/vJ8Yi9+pqA38L6SNEQSNT6NuPHMYD2AyVcaVWpRQNDNKeT1GBYIn4
-0oge2AgnZKMluDjrWoyffADVhCb4PUrxvrh0m41j9VlIFaq3qsJcrPDxmB99YyNS
-FP0Dwg0XTcBz5KgtzArNFy1yjMHw/y6zjpU4Pga+3RB3i3BdD8WAcv+l9y2c6Aaz
-nBk3P+8R7TBcEw1JFP4+QOewSaw59hk/xbd3Aj4vDNJAjxoPlWMONK8gyDLidrSo
-7/CNv5mXauTY+JYKz3oHjw==
+NF4BRiljT5PPSHdFOUhoz8ZUlFYUbxct4YNIi5FwbV/YFPykqbz6WGPOVy/FtmGL
+w23cOYMu83jZK7nt8O/CghcbrJcqwDqf+bdrpg4crxe+dND/EepIbfa46BHbycpJ
+5RjZUT3rdla2ztrNpsusowZet7D2K7rcD8QSAX6Lx+StWXJKpSV6vewd9In4qsfI
+rYwc1RlV+TJ19gQsZ4bV6PW+vXYLu7uPfRpwopwWiMreFJ2iCiM2/QK8be70ekHi
+LSHQX+vsTktxqoBXY9o5K843WiZkrWu8piSQtuiyShmY6AYXEvhXdET3uRZnLb5m
++02mZue1WPicUR1W/e+/bg==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodalt.der b/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
index cc5fd898..e5ffb53d 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodalt.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem b/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
index 2189ad1b..e9a84e87 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodalt.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            5f:49:44:09:72:71:cb:23:ae:86:03:8e:8c:8f:7f:54:4f:e8:ec:4e
+            32:70:6e:5f:3a:4b:a4:f1:68:7f:40:58:7b:f4:de:25:f8:da:7a:cf
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:localhost
     Signature Algorithm: sha256WithRSAEncryption
-         6d:c3:9c:73:21:47:6d:5f:da:84:1b:78:7b:47:9d:62:de:89:
-         d0:95:4b:52:9a:ba:cf:a4:64:d5:cf:49:fd:a3:3a:32:df:c6:
-         15:cc:9a:cc:7e:7d:2f:bb:6b:9e:d4:15:ad:95:ec:ee:c4:ca:
-         a3:72:c3:e5:21:49:c7:40:56:dd:0e:76:65:9a:fe:a9:00:c2:
-         5f:b7:91:04:90:17:05:b6:79:e1:b0:07:bc:25:4b:8d:c0:b8:
-         65:08:75:c4:c2:e3:48:54:a9:1b:0d:fd:17:6e:f7:b1:f0:ec:
-         4e:fe:43:01:9c:28:34:8c:d2:dd:b1:7f:f3:47:24:fd:13:ee:
-         87:05:96:4f:11:7c:3c:af:a0:72:02:73:04:8e:e4:6e:f6:da:
-         0c:41:c7:b8:6c:15:4c:53:b1:6c:a9:79:9c:e5:5f:c2:0d:08:
-         50:e8:17:a7:dd:ab:10:a7:c5:88:78:dc:a1:ee:f0:ed:13:68:
-         ab:53:56:7c:2f:b5:e5:b4:0f:65:ce:d6:2c:f8:44:bf:88:f5:
-         c8:4a:c9:7f:fb:9b:73:ca:cf:da:f8:e0:1c:01:7c:c4:b7:3e:
-         8b:2e:7a:fa:50:ef:01:eb:9a:0f:11:f9:18:94:e2:f8:28:f2:
-         50:2e:f3:14:ab:3a:3a:1f:24:ef:d2:bc:2d:42:84:42:38:3b:
-         33:d8:8b:1f
+         1a:fb:18:e0:cc:2f:fe:92:34:87:01:35:a1:e3:9f:8b:c5:5a:
+         22:f6:9a:2f:19:08:99:1d:0d:e7:23:84:23:28:dd:ff:13:39:
+         ca:73:1e:e0:c5:22:21:ab:b3:0e:74:a3:e6:c9:7b:a2:50:6c:
+         35:c1:2f:30:eb:90:c5:36:4a:95:3c:43:c5:e4:fc:80:08:ce:
+         69:2a:3f:50:66:8f:81:71:24:61:68:d3:34:69:b8:d7:11:27:
+         b8:53:21:5f:19:6f:cc:66:e4:fd:07:95:7f:e1:d3:d4:91:2b:
+         6f:d0:01:dc:5c:0c:72:10:2b:da:a7:2c:9d:eb:e3:e2:86:84:
+         ab:b5:73:01:00:02:84:29:90:10:c0:13:70:d7:d8:da:da:ac:
+         dc:75:8e:a8:ef:a3:c4:cf:aa:c2:83:66:8f:f9:0d:23:0d:9a:
+         1b:b2:d3:04:3d:91:1e:f1:9a:5f:15:85:94:af:89:8b:d7:6d:
+         cf:f8:06:e1:e8:30:b6:ef:6d:fc:33:19:a1:91:af:fc:f3:bf:
+         0d:ae:97:ec:c3:ea:1e:17:76:3b:e4:57:c1:bd:27:16:58:03:
+         95:02:6f:c8:fa:7e:0b:7b:a8:d4:e7:38:11:b3:a8:6f:ce:6e:
+         6f:9f:68:c2:c6:93:06:00:49:0a:76:43:2c:8d:b0:49:9f:02:
+         fb:e2:6a:39
 -----BEGIN CERTIFICATE-----
-MIIDrDCCApSgAwIBAgIUX0lECXJxyyOuhgOOjI9/VE/o7E4wDQYJKoZIhvcNAQEL
+MIIDrDCCApSgAwIBAgIUMnBuXzpLpPFof0BYe/TeJfjaes8wDQYJKoZIhvcNAQEL
 BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
 Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
 4eZhg8XSlt/Z0E+t1wIDAQABoxgwFjAUBgNVHREEDTALgglsb2NhbGhvc3QwDQYJ
-KoZIhvcNAQELBQADggEBAG3DnHMhR21f2oQbeHtHnWLeidCVS1Kaus+kZNXPSf2j
-OjLfxhXMmsx+fS+7a57UFa2V7O7EyqNyw+UhScdAVt0OdmWa/qkAwl+3kQSQFwW2
-eeGwB7wlS43AuGUIdcTC40hUqRsN/Rdu97Hw7E7+QwGcKDSM0t2xf/NHJP0T7ocF
-lk8RfDyvoHICcwSO5G722gxBx7hsFUxTsWypeZzlX8INCFDoF6fdqxCnxYh43KHu
-8O0TaKtTVnwvteW0D2XO1iz4RL+I9chKyX/7m3PKz9r44BwBfMS3PosuevpQ7wHr
-mg8R+RiU4vgo8lAu8xSrOjofJO/SvC1ChEI4OzPYix8=
+KoZIhvcNAQELBQADggEBABr7GODML/6SNIcBNaHjn4vFWiL2mi8ZCJkdDecjhCMo
+3f8TOcpzHuDFIiGrsw50o+bJe6JQbDXBLzDrkMU2SpU8Q8Xk/IAIzmkqP1Bmj4Fx
+JGFo0zRpuNcRJ7hTIV8Zb8xm5P0HlX/h09SRK2/QAdxcDHIQK9qnLJ3r4+KGhKu1
+cwEAAoQpkBDAE3DX2NrarNx1jqjvo8TPqsKDZo/5DSMNmhuy0wQ9kR7xml8VhZSv
+iYvXbc/4BuHoMLbvbfwzGaGRr/zzvw2ul+zD6h4XdjvkV8G9JxZYA5UCb8j6fgt7
+qNTnOBGzqG/Obm+faMLGkwYASQp2QyyNsEmfAvviajk=
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
index 2cfbd655..64290e69 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
index 74d763ca..2d3b4134 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodaltwild.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            2c:88:b2:20:85:90:6b:03:49:f6:35:7a:27:4b:12:1d:6a:67:b9:42
+            4c:d4:49:58:80:7d:50:06:e0:9e:5c:a6:4a:e1:90:26:53:59:90:89
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = www.nomatch.com, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:*localhost
     Signature Algorithm: sha256WithRSAEncryption
-         4c:41:a3:9e:76:d0:37:53:ae:2a:7c:f5:d7:f2:f0:fa:f8:78:
-         23:b5:5b:44:cc:d8:9a:25:f1:cc:c5:30:e5:ae:3c:ed:a4:77:
-         b5:5d:64:35:ea:fe:82:a5:1d:6b:5c:d2:73:0a:06:c1:80:b5:
-         25:7d:38:f9:08:c1:59:78:81:e5:88:06:6a:28:7b:9c:3b:fa:
-         33:df:8b:50:f5:9a:b7:fe:3d:59:62:ad:57:a4:34:e2:ea:6b:
-         40:7b:09:1c:13:94:fe:ce:88:bb:1f:dd:c2:8e:09:f8:a5:94:
-         57:e5:61:6a:da:b2:be:ec:06:44:66:08:7d:1d:a8:8a:42:19:
-         0e:aa:ca:36:c2:bc:62:1a:91:62:9d:d0:59:fd:53:9e:24:8c:
-         67:77:e6:df:4f:58:9d:f0:81:9e:fd:59:b4:e4:37:67:50:c0:
-         1e:d5:ac:2b:4b:27:32:7d:71:10:89:e7:b7:a3:5d:a2:0a:26:
-         81:bb:85:e2:73:a0:b4:c6:1a:7d:93:dc:b1:71:f5:e6:ec:1e:
-         34:c0:21:0d:4e:2f:e6:dd:89:2c:9f:e9:39:86:8e:b2:ed:f0:
-         a8:94:00:a9:cb:24:65:94:35:51:df:a7:3e:79:bb:82:e8:4b:
-         7d:4b:17:1f:3a:11:07:d3:cf:bb:51:fb:27:85:10:65:b6:60:
-         09:3c:f3:7d
+         4d:31:3b:e4:6f:26:b4:33:2f:1a:10:12:34:f8:97:47:79:05:
+         74:51:97:1c:22:96:89:b9:b3:63:af:e4:d4:eb:9f:97:e7:b3:
+         8f:eb:52:0a:94:39:de:2f:df:4c:9c:15:0b:c0:91:b9:68:95:
+         58:a1:78:82:82:4d:e7:81:c4:45:1a:94:d9:16:40:46:27:f3:
+         33:08:8c:dd:c0:93:f4:2c:0e:1b:26:d5:fd:2f:8d:39:6f:63:
+         63:be:3d:96:c4:3d:d7:25:1b:56:11:53:4e:c2:3c:fb:cb:ed:
+         73:ab:87:c5:5f:5b:a6:47:4b:da:7e:84:30:ff:90:0b:b1:d0:
+         15:e8:39:3d:0f:4f:de:a9:60:15:e3:44:c4:46:ee:c7:52:ff:
+         ee:23:1d:8c:73:53:87:e9:94:82:60:9b:ca:b8:b4:41:5f:3b:
+         bd:36:03:54:b2:bf:42:69:bd:49:b7:0f:26:16:ec:03:2c:b9:
+         0c:38:15:20:c5:b6:9a:18:f1:30:7e:4a:11:7f:da:44:54:de:
+         1e:0d:d1:e5:c9:46:0c:1b:50:6a:4d:61:89:58:61:46:40:2a:
+         fe:18:9d:64:90:ea:32:61:85:92:5a:3e:41:43:83:4d:ec:f4:
+         98:15:95:f0:79:55:7f:81:59:31:2b:80:a8:ea:60:5c:78:04:
+         3d:42:d0:51
 -----BEGIN CERTIFICATE-----
-MIIDrTCCApWgAwIBAgIULIiyIIWQawNJ9jV6J0sSHWpnuUIwDQYJKoZIhvcNAQEL
+MIIDrTCCApWgAwIBAgIUTNRJWIB9UAbgnlymSuGQJlNZkIkwDQYJKoZIhvcNAQEL
 BQAwgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdC
 b3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmluZzEYMBYGA1UEAwwPd3d3Lm5vbWF0
-Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIx
-NjIxMTc1MFoXDTI1MDkxMTIxMTc1MFowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
+Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIx
+MzIyMTkyOVoXDTI2MDkwODIyMTkyOVowgYIxCzAJBgNVBAYTAlVTMRAwDgYDVQQI
 DAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRQwEgYDVQQLDAtFbmdpbmVlcmlu
 ZzEYMBYGA1UEAwwPd3d3Lm5vbWF0Y2guY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZv
 QHdvbGZzc2wuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI
@@ -66,10 +66,10 @@ Q7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem
 8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDB
 Y3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE
 4eZhg8XSlt/Z0E+t1wIDAQABoxkwFzAVBgNVHREEDjAMggoqbG9jYWxob3N0MA0G
-CSqGSIb3DQEBCwUAA4IBAQBMQaOedtA3U64qfPXX8vD6+HgjtVtEzNiaJfHMxTDl
-rjztpHe1XWQ16v6CpR1rXNJzCgbBgLUlfTj5CMFZeIHliAZqKHucO/oz34tQ9Zq3
-/j1ZYq1XpDTi6mtAewkcE5T+zoi7H93Cjgn4pZRX5WFq2rK+7AZEZgh9HaiKQhkO
-qso2wrxiGpFindBZ/VOeJIxnd+bfT1id8IGe/Vm05DdnUMAe1awrSycyfXEQiee3
-o12iCiaBu4Xic6C0xhp9k9yxcfXm7B40wCENTi/m3Yksn+k5ho6y7fColACpyyRl
-lDVR36c+ebuC6Et9SxcfOhEH08+7UfsnhRBltmAJPPN9
+CSqGSIb3DQEBCwUAA4IBAQBNMTvkbya0My8aEBI0+JdHeQV0UZccIpaJubNjr+TU
+65+X57OP61IKlDneL99MnBULwJG5aJVYoXiCgk3ngcRFGpTZFkBGJ/MzCIzdwJP0
+LA4bJtX9L405b2Njvj2WxD3XJRtWEVNOwjz7y+1zq4fFX1umR0vafoQw/5ALsdAV
+6Dk9D0/eqWAV40TERu7HUv/uIx2Mc1OH6ZSCYJvKuLRBXzu9NgNUsr9Cab1Jtw8m
+FuwDLLkMOBUgxbaaGPEwfkoRf9pEVN4eDdHlyUYMG1BqTWGJWGFGQCr+GJ1kkOoy
+YYWSWj5BQ4NN7PSYFZXweVV/gVkxK4Co6mBceAQ9QtBR
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcn.der b/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
index d38dce29..ff652b1e 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcn.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem b/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
index 72d4f5fb..d449306b 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcn.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            66:fe:3c:b9:70:bf:2e:6a:7d:8d:9f:94:e5:06:e5:26:ae:c0:51:ba
+            7c:c0:69:44:bd:22:dd:2c:29:c1:55:88:f4:14:63:f5:ac:07:6d:c5
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
                     ad:d7
                 Exponent: 65537 (0x10001)
     Signature Algorithm: sha256WithRSAEncryption
-         45:91:94:ae:af:8c:15:13:c7:65:03:3d:d3:18:9b:68:aa:11:
-         0c:d5:b9:e1:7c:a2:24:39:ee:d8:79:d5:be:5f:f4:b2:bf:2b:
-         c1:fe:9d:e9:8f:e2:cb:89:1d:8b:56:71:a6:1e:16:a9:e7:f9:
-         f8:e5:2e:36:fc:af:07:1f:63:89:b1:75:6e:b0:4a:91:5a:f2:
-         fa:e9:81:c5:c2:9b:50:cd:97:a0:4d:57:79:53:e4:17:03:dd:
-         bf:f0:e1:57:46:16:19:71:2f:c7:ab:d2:1e:d1:f1:7d:44:32:
-         88:49:e5:a5:ac:5c:80:de:96:aa:cc:05:6f:0a:6c:98:cc:0f:
-         8e:c8:50:f3:13:a8:9f:e2:16:98:e1:33:60:bf:7d:5a:18:8f:
-         6e:d8:19:cb:3c:ea:d0:3c:65:a5:1a:4a:ee:9b:b9:46:59:78:
-         c9:18:55:a4:4e:74:65:fe:de:97:e9:6e:7f:8c:e0:6e:4b:8c:
-         b8:b8:37:cb:ed:f4:25:a8:1d:90:28:86:6e:1a:be:70:3a:cd:
-         56:d9:74:27:d3:5d:9d:94:65:0f:a3:79:64:0c:b9:49:b3:eb:
-         f3:f5:26:f2:54:ba:ed:b2:5f:6a:21:77:53:08:30:10:47:bb:
-         58:e7:60:33:cb:3a:45:a9:98:ab:e2:84:5b:4e:d4:ba:60:01:
-         7d:cc:40:88
+         49:ff:59:9d:20:42:36:a3:d1:3d:5d:c1:37:24:42:22:9d:8a:
+         f9:61:98:45:0b:0d:9d:f7:1a:30:0b:54:9a:65:e7:e4:68:84:
+         59:c1:28:43:8f:59:08:43:83:4e:95:9c:0d:91:43:53:6a:19:
+         cc:f1:d0:af:74:5a:12:34:8e:0c:18:21:83:ad:4f:a9:a5:fe:
+         df:af:9d:96:22:1b:21:0d:fd:99:6f:58:0c:cb:4a:e6:7f:32:
+         df:d5:10:b2:70:f0:4d:49:6e:1f:64:82:58:27:a8:58:c9:9b:
+         f1:de:30:b6:bd:8b:a6:23:3c:58:a5:d9:f5:74:b2:c1:96:b3:
+         6b:56:d5:45:47:3d:ba:f9:0e:ba:59:73:43:31:cc:2a:2c:bd:
+         87:01:f9:f0:bc:6e:f2:6e:20:a3:07:ca:f7:43:e7:1b:35:85:
+         bc:f7:84:1e:ff:33:21:74:19:45:85:b4:81:77:64:41:1b:02:
+         c9:e3:a4:39:48:62:8d:fd:1b:96:6f:64:dc:e9:75:a5:74:c3:
+         a5:3c:55:87:0d:cd:4c:ec:f5:9a:e9:9f:a3:0b:a4:80:ef:c7:
+         58:4b:f4:60:b7:5a:4c:dc:93:10:79:43:c3:ac:1b:b1:6d:d8:
+         8f:b6:f5:db:82:0d:6e:58:38:9d:23:97:41:7d:39:cd:9c:89:
+         7d:64:bc:4f
 -----BEGIN CERTIFICATE-----
-MIIDhDCCAmygAwIBAgIUZv48uXC/Lmp9jZ+U5QblJq7AUbowDQYJKoZIhvcNAQEL
+MIIDhDCCAmygAwIBAgIUfMBpRL0i3SwpwVWI9BRj9awHbcUwDQYJKoZIhvcNAQEL
 BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5
+WhcNMjYwOTA4MjIxOTI5WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
 YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
 BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
 ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -62,10 +62,10 @@ e7rgIeVyLm8uhtiVc9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/
 C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
 vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
 uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
-AwEAATANBgkqhkiG9w0BAQsFAAOCAQEARZGUrq+MFRPHZQM90xibaKoRDNW54Xyi
-JDnu2HnVvl/0sr8rwf6d6Y/iy4kdi1Zxph4Wqef5+OUuNvyvBx9jibF1brBKkVry
-+umBxcKbUM2XoE1XeVPkFwPdv/DhV0YWGXEvx6vSHtHxfUQyiEnlpaxcgN6WqswF
-bwpsmMwPjshQ8xOon+IWmOEzYL99WhiPbtgZyzzq0DxlpRpK7pu5Rll4yRhVpE50
-Zf7el+luf4zgbkuMuLg3y+30JagdkCiGbhq+cDrNVtl0J9NdnZRlD6N5ZAy5SbPr
-8/Um8lS67bJfaiF3UwgwEEe7WOdgM8s6RamYq+KEW07UumABfcxAiA==
+AwEAATANBgkqhkiG9w0BAQsFAAOCAQEASf9ZnSBCNqPRPV3BNyRCIp2K+WGYRQsN
+nfcaMAtUmmXn5GiEWcEoQ49ZCEODTpWcDZFDU2oZzPHQr3RaEjSODBghg61PqaX+
+36+dliIbIQ39mW9YDMtK5n8y39UQsnDwTUluH2SCWCeoWMmb8d4wtr2LpiM8WKXZ
+9XSywZaza1bVRUc9uvkOullzQzHMKiy9hwH58Lxu8m4gowfK90PnGzWFvPeEHv8z
+IXQZRYW0gXdkQRsCyeOkOUhijf0blm9k3Ol1pXTDpTxVhw3NTOz1mumfowukgO/H
+WEv0YLdaTNyTEHlDw6wbsW3Yj7b124INblg4nSOXQX05zZyJfWS8Tw==
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
index d198b52b..c9143073 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
index d60d49bf..256cf26f 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-goodcnwild.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            78:39:82:cc:18:26:21:f2:cf:fb:d3:8a:07:ff:c4:eb:ea:82:c6:26
+            2e:f2:01:15:bc:ba:a6:74:6e:b4:49:8e:f3:09:8c:9c:ca:3e:fe:32
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = *localhost, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -33,27 +33,27 @@ Certificate:
                     ad:d7
                 Exponent: 65537 (0x10001)
     Signature Algorithm: sha256WithRSAEncryption
-         99:97:4e:83:6a:1e:c6:54:31:bb:b1:83:36:14:1c:00:25:59:
-         c9:e9:c0:51:c0:70:d8:3a:de:79:5e:af:04:48:61:8b:ea:7c:
-         75:e4:a3:c5:62:26:a3:70:9d:26:3d:47:60:ca:a0:96:e8:82:
-         a6:81:c7:77:48:aa:20:b0:be:cc:ef:5a:80:29:6a:2e:37:6e:
-         37:b5:d2:f6:fd:f6:c2:fb:87:9f:4a:2f:16:1b:01:f1:33:0c:
-         b3:75:30:09:98:fc:1f:73:01:83:02:22:b4:0a:3d:07:e4:55:
-         c6:17:f6:98:c3:9b:38:9e:41:a1:cc:26:51:a8:07:4d:37:b8:
-         93:41:ac:45:ae:ff:77:39:dc:48:1e:56:56:59:98:6e:93:fb:
-         76:38:02:bf:24:2f:03:08:a4:92:21:15:df:23:d4:c4:14:1b:
-         20:46:f7:04:eb:dc:1a:02:aa:b1:11:ea:29:3b:ca:5e:27:c1:
-         28:0a:bf:7c:b6:dc:16:8b:5e:30:8d:72:5b:c6:d2:71:b6:c4:
-         5e:e0:7a:a6:fc:06:2d:6a:78:56:b8:49:35:7b:14:e9:d1:3d:
-         c3:06:be:3f:1c:dc:67:e9:11:5f:46:71:06:66:09:fa:df:c1:
-         05:60:73:a8:27:f2:cd:48:48:dc:bf:92:02:82:90:d9:d1:51:
-         49:44:01:67
+         96:b2:8f:e5:31:57:57:6a:f2:48:1e:97:9a:71:75:10:22:a1:
+         38:2c:9e:4f:d7:2f:7c:5d:e7:9f:19:8f:9c:00:b3:74:7e:10:
+         69:7b:a5:71:2f:36:a2:79:02:51:4d:bb:e1:78:01:77:f6:13:
+         85:84:46:ac:96:88:5b:47:4d:dd:d2:fd:5e:e4:49:3a:64:0b:
+         67:af:95:3e:bf:40:4d:0f:a0:28:61:37:6b:41:b9:ad:dc:8c:
+         f4:0c:8b:b5:49:20:19:e2:7f:0b:63:e5:fc:06:6d:16:4f:ba:
+         b6:1a:3c:d4:4f:b3:a4:bd:c0:96:f5:a8:7f:01:85:a3:4a:ab:
+         c3:73:77:68:55:1b:26:84:60:2f:72:af:d1:c4:55:4a:a8:3d:
+         ce:fc:3e:b3:55:37:aa:df:0f:07:6c:5f:2b:0f:05:7f:bc:df:
+         62:b3:68:f5:c2:0c:48:f8:b6:41:c5:e0:ac:7d:a4:50:f2:bc:
+         61:0a:1c:5b:c5:b8:31:b1:ea:95:3f:6a:23:88:b3:74:7b:9f:
+         1d:7c:11:23:f3:89:8b:71:a5:fa:e6:39:2c:10:af:8e:e9:8e:
+         c6:25:ca:76:db:d9:95:40:e5:15:f3:67:d6:67:3b:9e:42:9e:
+         ec:c2:cb:3a:c1:f8:bc:eb:b5:24:6d:ef:f6:00:ba:70:75:a4:
+         32:7d:d0:33
 -----BEGIN CERTIFICATE-----
-MIIDhjCCAm6gAwIBAgIUeDmCzBgmIfLP+9OKB//E6+qCxiYwDQYJKoZIhvcNAQEL
+MIIDhjCCAm6gAwIBAgIULvIBFby6pnRutEmO8wmMnMo+/jIwDQYJKoZIhvcNAQEL
 BQAwfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYDVQQDDAoqbG9jYWxob3N0
-MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIyMTIxNjIxMTc1
-MFoXDTI1MDkxMTIxMTc1MFowfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
+MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMB4XDTIzMTIxMzIyMTky
+OVoXDTI2MDkwODIyMTkyOVowfTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRh
 bmExEDAOBgNVBAcMB0JvemVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRMwEQYD
 VQQDDAoqbG9jYWxob3N0MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29t
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJUI4VdB8nFtt9JFQScB
@@ -62,10 +62,10 @@ yl17uuAh5XIuby6G2JVz2qwbU7lfP9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF
 9n8LWWh4c6aMGKkCba/DGQEuuBDjxsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1m
 UQy9VLPhbV8cvCNz0QkDiRTSELlkwyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOV
 oXe6E9KXc+JdJclqDcM5YKS0sGlCQgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t
-1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCZl06Dah7GVDG7sYM2FBwAJVnJ6cBR
-wHDYOt55Xq8ESGGL6nx15KPFYiajcJ0mPUdgyqCW6IKmgcd3SKogsL7M71qAKWou
-N243tdL2/fbC+4efSi8WGwHxMwyzdTAJmPwfcwGDAiK0Cj0H5FXGF/aYw5s4nkGh
-zCZRqAdNN7iTQaxFrv93OdxIHlZWWZhuk/t2OAK/JC8DCKSSIRXfI9TEFBsgRvcE
-69waAqqxEeopO8peJ8EoCr98ttwWi14wjXJbxtJxtsRe4Hqm/AYtanhWuEk1exTp
-0T3DBr4/HNxn6RFfRnEGZgn638EFYHOoJ/LNSEjcv5ICgpDZ0VFJRAFn
+1wIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCWso/lMVdXavJIHpeacXUQIqE4LJ5P
+1y98XeefGY+cALN0fhBpe6VxLzaieQJRTbvheAF39hOFhEaslohbR03d0v1e5Ek6
+ZAtnr5U+v0BND6AoYTdrQbmt3Iz0DIu1SSAZ4n8LY+X8Bm0WT7q2GjzUT7OkvcCW
+9ah/AYWjSqvDc3doVRsmhGAvcq/RxFVKqD3O/D6zVTeq3w8HbF8rDwV/vN9is2j1
+wgxI+LZBxeCsfaRQ8rxhChxbxbgxseqVP2ojiLN0e58dfBEj84mLcaX65jksEK+O
+6Y7GJcp229mVQOUV82fWZzueQp7swss6wfi867Ukbe/2ALpwdaQyfdAz
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/test/server-localhost.der b/extra/wolfssl/wolfssl/certs/test/server-localhost.der
index 19d98246..2ed23e20 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-localhost.der
+++ b/extra/wolfssl/wolfssl/certs/test/server-localhost.der
diff --git a/extra/wolfssl/wolfssl/certs/test/server-localhost.pem b/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
index 63f2e8b8..fc4df2da 100644
--- a/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
+++ b/extra/wolfssl/wolfssl/certs/test/server-localhost.pem
@@ -2,12 +2,12 @@ Certificate:
     Data:
         Version: 3 (0x2)
         Serial Number:
-            56:aa:0b:f0:d8:fd:0f:4a:4c:e0:99:85:fe:c1:9b:75:24:fb:01:b6
+            32:31:fc:d6:4a:77:2b:3b:c9:07:02:ae:b4:e7:b7:d3:a4:61:56:2b
         Signature Algorithm: sha256WithRSAEncryption
         Issuer: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Validity
-            Not Before: Dec 16 21:17:50 2022 GMT
-            Not After : Sep 11 21:17:50 2025 GMT
+            Not Before: Dec 13 22:19:29 2023 GMT
+            Not After : Sep  8 22:19:29 2026 GMT
         Subject: C = US, ST = Montana, L = Bozeman, OU = Engineering, CN = localhost, emailAddress = info@wolfssl.com
         Subject Public Key Info:
             Public Key Algorithm: rsaEncryption
@@ -36,27 +36,27 @@ Certificate:
             X509v3 Subject Alternative Name: 
                 DNS:localhost
     Signature Algorithm: sha256WithRSAEncryption
-         10:6d:76:f3:8e:93:63:0d:44:08:e2:29:23:cb:76:38:cd:29:
-         0d:5f:48:1d:0f:a2:42:84:12:13:c2:00:a9:d9:e6:ec:4e:80:
-         cb:4d:e0:fb:7e:b8:c0:2a:92:e9:11:01:72:25:3f:9f:7d:81:
-         76:5e:94:e3:47:2b:39:c3:a0:ba:ba:97:74:4c:a5:49:fa:bf:
-         85:29:36:32:d5:4b:fc:60:1c:73:70:7f:49:e2:5b:74:a4:ec:
-         7f:b5:e9:3e:1f:db:b8:b0:80:f4:c7:cf:cf:5f:18:b4:66:9e:
-         02:3b:88:40:9b:b1:e4:10:2d:77:f2:b0:02:07:5b:bc:e7:38:
-         7b:98:55:16:d8:8e:c4:b1:49:0a:eb:99:f8:fb:c4:e9:b5:75:
-         2e:9c:ec:f5:ad:ec:e4:41:f3:7c:b5:fc:51:6e:6d:46:61:6d:
-         09:d8:a9:08:dd:84:e5:ef:c5:a5:b8:65:60:71:d6:b4:c0:eb:
-         f0:e4:60:bf:9b:d9:80:bb:52:c3:1b:d8:27:6e:d5:eb:ab:9c:
-         a2:71:d9:af:dc:71:55:d7:be:93:6c:c6:5f:79:5d:72:1b:68:
-         b2:15:67:bb:41:28:07:41:12:7c:b1:74:30:1d:60:b0:5a:25:
-         47:4e:0c:5a:14:49:99:9c:0d:92:74:a3:c8:b9:0c:8b:e0:0a:
-         d7:a1:0d:35
+         af:7a:bb:f0:b6:1e:12:8a:60:ec:c8:91:34:a3:d3:80:92:f3:
+         bc:c7:37:e9:96:75:a8:67:a0:94:b9:2a:df:81:02:23:28:6a:
+         72:de:81:03:33:88:1b:60:75:16:77:dc:72:40:3e:d9:d8:ab:
+         6f:3e:99:7a:7c:db:37:13:40:b6:4d:82:47:7c:75:7a:6f:9d:
+         ca:89:54:8c:17:15:9a:80:9a:7c:b5:e3:4b:7e:74:fd:2f:28:
+         98:79:f5:56:96:d6:5c:9c:b4:94:62:32:d2:31:1b:53:5c:71:
+         be:45:37:69:9f:e4:07:87:fa:d7:a7:63:bc:5c:8a:5c:71:9c:
+         31:25:d8:93:ae:cf:db:98:50:e5:52:58:de:44:f7:4f:7e:4a:
+         a9:9c:ac:0a:84:03:ba:c4:46:e4:83:00:e6:dd:a5:33:43:e9:
+         5d:ea:fc:89:85:10:57:d0:0e:5e:43:13:72:60:ec:bb:5c:e9:
+         c3:ca:52:2d:06:e6:5b:d5:fd:e9:30:e0:da:80:78:b2:a1:a7:
+         84:ed:c0:e4:f9:f7:6d:94:a5:aa:6b:84:b1:7e:85:45:12:4c:
+         8d:52:91:5d:d1:e6:d7:32:0a:97:22:59:80:db:9d:de:68:90:
+         bd:a7:d0:9c:11:60:86:8c:89:8a:e1:19:75:09:e8:78:bb:23:
+         47:68:23:3c
 -----BEGIN CERTIFICATE-----
-MIIDnjCCAoagAwIBAgIUVqoL8Nj9D0pM4JmF/sGbdST7AbYwDQYJKoZIhvcNAQEL
+MIIDnjCCAoagAwIBAgIUMjH81kp3KzvJBwKutOe306RhViswDQYJKoZIhvcNAQEL
 BQAwfDELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0Jv
 emVtYW4xFDASBgNVBAsMC0VuZ2luZWVyaW5nMRIwEAYDVQQDDAlsb2NhbGhvc3Qx
-HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjIxMjE2MjExNzUw
-WhcNMjUwOTExMjExNzUwWjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
+HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMjMxMjEzMjIxOTI5
+WhcNMjYwOTA4MjIxOTI5WjB8MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHTW9udGFu
 YTEQMA4GA1UEBwwHQm96ZW1hbjEUMBIGA1UECwwLRW5naW5lZXJpbmcxEjAQBgNV
 BAMMCWxvY2FsaG9zdDEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCC
 ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXG
@@ -66,10 +66,10 @@ C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEM
 vVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3
 uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcC
 AwEAAaMYMBYwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IB
-AQAQbXbzjpNjDUQI4ikjy3Y4zSkNX0gdD6JChBITwgCp2ebsToDLTeD7frjAKpLp
-EQFyJT+ffYF2XpTjRys5w6C6upd0TKVJ+r+FKTYy1Uv8YBxzcH9J4lt0pOx/tek+
-H9u4sID0x8/PXxi0Zp4CO4hAm7HkEC138rACB1u85zh7mFUW2I7EsUkK65n4+8Tp
-tXUunOz1rezkQfN8tfxRbm1GYW0J2KkI3YTl78WluGVgcda0wOvw5GC/m9mAu1LD
-G9gnbtXrq5yicdmv3HFV176TbMZfeV1yG2iyFWe7QSgHQRJ8sXQwHWCwWiVHTgxa
-FEmZnA2SdKPIuQyL4ArXoQ01
+AQCvervwth4SimDsyJE0o9OAkvO8xzfplnWoZ6CUuSrfgQIjKGpy3oEDM4gbYHUW
+d9xyQD7Z2KtvPpl6fNs3E0C2TYJHfHV6b53KiVSMFxWagJp8teNLfnT9LyiYefVW
+ltZcnLSUYjLSMRtTXHG+RTdpn+QHh/rXp2O8XIpccZwxJdiTrs/bmFDlUljeRPdP
+fkqpnKwKhAO6xEbkgwDm3aUzQ+ld6vyJhRBX0A5eQxNyYOy7XOnDylItBuZb1f3p
+MODagHiyoaeE7cDk+fdtlKWqa4SxfoVFEkyNUpFd0ebXMgqXIlmA253eaJC9p9Cc
+EWCGjImK4Rl1Ceh4uyNHaCM8
 -----END CERTIFICATE-----
diff --git a/extra/wolfssl/wolfssl/certs/x942dh2048.der b/extra/wolfssl/wolfssl/certs/x942dh2048.der
new file mode 100644
index 00000000..f00c443a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/certs/x942dh2048.der
diff --git a/extra/wolfssl/wolfssl/cmake/README.md b/extra/wolfssl/wolfssl/cmake/README.md
new file mode 100644
index 00000000..f3d9a526
--- /dev/null
+++ b/extra/wolfssl/wolfssl/cmake/README.md
@@ -0,0 +1,7 @@
+# wolfSSL CMake
+
+This directory contains some supplementary functions for the [CMakeLists.txt](../CMakeLists.txt) in the root.
+
+See also cmake notes in the [INSTALL](../INSTALL) documentation file.
+
+
diff --git a/extra/wolfssl/wolfssl/cmake/functions.cmake b/extra/wolfssl/wolfssl/cmake/functions.cmake
index 87839d1b..6b5b9a7f 100644
--- a/extra/wolfssl/wolfssl/cmake/functions.cmake
+++ b/extra/wolfssl/wolfssl/cmake/functions.cmake
@@ -53,7 +53,7 @@ function(generate_build_flags)
     if(WOLFSSL_SCTP OR WOLFSSL_USER_SETTINGS)
         set(BUILD_SCTP "yes" PARENT_SCOPE)
     endif()
-    if(WOLFSSL_DTLS_CID OR WOLFSSL_USER_SETTINGS)
+    if(WOLFSSL_DTLS_CID OR WOLFSSL_USER_SETTINGS OR WOLFSSL_DTLS)
         set(BUILD_DTLS_COMMON "yes" PARENT_SCOPE)
     endif()
     set(BUILD_MCAST ${WOLFSSL_MCAST} PARENT_SCOPE)
@@ -195,6 +195,14 @@ function(generate_build_flags)
     endif()
     if(WOLFSSL_OQS OR WOLFSSL_USER_SETTINGS)
         set(BUILD_FALCON "yes" PARENT_SCOPE)
+        set(BUILD_SPHINCS "yes" PARENT_SCOPE)
+        set(BUILD_DILITHIUM "yes" PARENT_SCOPE)
+        set(BUILD_EXT_KYBER "yes" PARENT_SCOPE)
+    endif()
+    if(WOLFSSL_ARIA OR WOLFSSL_USER_SETTINGS)
+        message(STATUS "ARIA functions.cmake found WOLFSSL_ARIA")
+        # we cannot actually build, as we only have pre-compiled bin
+        set(BUILD_ARIA "yes" PARENT_SCOPE)
     endif()
     set(BUILD_INLINE ${WOLFSSL_INLINE} PARENT_SCOPE)
     if(WOLFSSL_OCSP OR WOLFSSL_USER_SETTINGS)
@@ -208,6 +216,7 @@ function(generate_build_flags)
     if(WOLFSSL_CRL_MONITOR)
         set(BUILD_CRL_MONITOR "yes" PARENT_SCOPE)
     endif()
+    set(BUILD_QUIC ${WOLFSSL_QUIC} PARENT_SCOPE)
     set(BUILD_USER_RSA ${WOLFSSL_USER_RSA} PARENT_SCOPE)
     set(BUILD_USER_CRYPTO ${WOLFSSL_USER_CRYPTO} PARENT_SCOPE)
     set(BUILD_WNR ${WOLFSSL_WNR} PARENT_SCOPE)
@@ -304,6 +313,9 @@ function(generate_build_flags)
     if(WOLFSSL_CAAM)
         set(BUILD_CAAM "yes" PARENT_SCOPE)
     endif()
+    if(WOLFSSL_HPKE OR WOLFSSL_USER_SETTINGS)
+        set(BUILD_HPKE "yes" PARENT_SCOPE)
+    endif()
 
     set(BUILD_FLAGS_GENERATED "yes" PARENT_SCOPE)
 endfunction()
@@ -315,43 +327,6 @@ function(generate_lib_src_list LIB_SOURCES)
 
     # Corresponds to src/include.am
     if(BUILD_FIPS)
-         if(BUILD_FIPS_V1)
-              # fips first  file
-              list(APPEND LIB_SOURCES ctaocrypt/src/wolfcrypt_first.c)
-
-              list(APPEND LIB_SOURCES
-                   ctaocrypt/src/hmac.c
-                   ctaocrypt/src/random.c
-                   ctaocrypt/src/sha256.c)
-
-              if(BUILD_RSA)
-                   list(APPEND LIB_SOURCES ctaocrypt/src/rsa.c)
-              endif()
-
-              if(BUILD_AES)
-                   list(APPEND LIB_SOURCES ctaocrypt/src/aes.c)
-              endif()
-
-              if(BUILD_DES3)
-                   list(APPEND LIB_SOURCES ctaocrypt/src/des3.c)
-              endif()
-
-              if(BUILD_SHA)
-                   list(APPEND LIB_SOURCES ctaocrypt/src/sha.c)
-              endif()
-
-              if(BUILD_SHA512)
-                   list(APPEND LIB_SOURCES ctaocrypt/src/sha512.c)
-              endif()
-
-              list(APPEND LIB_SOURCES
-                ctaocrypt/src/fips.c
-                ctaocrypt/src/fips_test.c)
-
-              # fips last file
-              list(APPEND LIB_SOURCES ctaocrypt/src/wolfcrypt_last.c)
-         endif()
-
          if(BUILD_FIPS_V2)
               # FIPSv2 first file
               list(APPEND LIB_SOURCES wolfcrypt/src/wolfcrypt_first.c)
@@ -612,12 +587,17 @@ function(generate_lib_src_list LIB_SOURCES)
          wolfcrypt/src/wc_port.c
          wolfcrypt/src/error.c)
 
+    if(BUILD_ARIA)
+        list(APPEND LIB_SOURCES
+            wolfcrypt/src/port/aria/aria-crypt.c
+            wolfcrypt/src/port/aria/aria-cryptocb.c)
+    endif()
 
     if(NOT BUILD_FIPS_RAND)
-         list(APPEND LIB_SOURCES
-              wolfcrypt/src/wc_encrypt.c
-              wolfcrypt/src/signature.c
-              wolfcrypt/src/wolfmath.c)
+        list(APPEND LIB_SOURCES
+            wolfcrypt/src/wc_encrypt.c
+            wolfcrypt/src/signature.c
+            wolfcrypt/src/wolfmath.c)
     endif()
 
     if(BUILD_MEMORY)
@@ -801,6 +781,18 @@ function(generate_lib_src_list LIB_SOURCES)
               list(APPEND LIB_SOURCES wolfcrypt/src/falcon.c)
          endif()
 
+         if(BUILD_SPHINCS)
+              list(APPEND LIB_SOURCES wolfcrypt/src/sphincs.c)
+         endif()
+
+         if(BUILD_DILITHIUM)
+              list(APPEND LIB_SOURCES wolfcrypt/src/dilithium.c)
+         endif()
+
+         if(BUILD_EXT_KYBER)
+              list(APPEND LIB_SOURCES wolfcrypt/src/ext_kyber.c)
+         endif()
+
          if(BUILD_LIBZ)
               list(APPEND LIB_SOURCES wolfcrypt/src/compress.c)
          endif()
@@ -854,7 +846,11 @@ function(generate_lib_src_list LIB_SOURCES)
               if(BUILD_DTLS_COMMON)
                    list(APPEND LIB_SOURCES src/dtls.c)
               endif()
-         endif()
+
+              if(BUILD_QUIC)
+                   list(APPEND LIB_SOURCES src/quic.c)
+              endif()
+          endif()
     endif()
 
     # Corresponds to wolfcrypt/src/include.am
@@ -910,6 +906,10 @@ function(generate_lib_src_list LIB_SOURCES)
             wolfcrypt/src/port/caam/wolfcaam_hmac.c)
     endif()
 
+    if(BUILD_HPKE)
+         list(APPEND LIB_SOURCES wolfcrypt/src/hpke.c)
+    endif()
+
     set(LIB_SOURCES ${LIB_SOURCES} PARENT_SCOPE)
 endfunction()
 
diff --git a/extra/wolfssl/wolfssl/cmake/include.am b/extra/wolfssl/wolfssl/cmake/include.am
index 52ecdd0e..f1af70fc 100644
--- a/extra/wolfssl/wolfssl/cmake/include.am
+++ b/extra/wolfssl/wolfssl/cmake/include.am
@@ -1,4 +1,6 @@
+EXTRA_DIST += cmake/README.md
 EXTRA_DIST += cmake/Config.cmake.in
 EXTRA_DIST += cmake/config.in
 EXTRA_DIST += cmake/functions.cmake
+EXTRA_DIST += cmake/modules/FindARIA.cmake
 EXTRA_DIST += cmake/modules/FindOQS.cmake
diff --git a/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake b/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake
new file mode 100644
index 00000000..8348f4d1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/cmake/modules/FindARIA.cmake
@@ -0,0 +1,108 @@
+# Filename: FindARIA.cmake
+#
+# Usage:
+#   find_package(ARIA [REQUIRED] [QUIET])
+#
+# Once complete this will define:
+#   ARIA_FOUND       - system has ARIA MagicCrypto
+#   ARIA_INCLUDE_DIR - the include directory containing ARIA
+#   ARIA_LIBRARY     - the path to the libARIA library
+#   ARIA_IS_LOCAL    - optionally indicate the MagicCrypto is found locally in ./MagicCrypto
+
+set(ARIA_INCLUDE_DIR)
+set(ARIA_LIB_FILE)
+set(ARIA_IS_LOCAL)
+
+# when debugging cmake, ARIA_DIR environment variable can be manually set here:
+# set(ENV{ARIA_DIR} "~/MagicCrypto")
+# set(ENV{ARIA_DIR} "/mnt/c/workspace/MagicCrypto")
+# set(ENV{ARIA_DIR} "c:\\workspace\\MagicCrypto")
+
+# Make sure we have a ARIA_DIR environment variable with the path to MagicCrypto
+if ("$ENV{ARIA_DIR}" STREQUAL "")
+    message(STATUS "The ARIA_DIR environment variable is not defined. Looking for headers in wolfssl/MagicCrypto")
+    if (EXISTS "${WOLFSSL_ROOT}/MagicCrypto/")
+        set(ARIA_INCLUDE_DIR "${WOLFSSL_ROOT}/MagicCrypto/include")
+        message(STATUS "Found ARIA in local MagicCrypto directory ${ARIA_INCLUDE_DIR}")
+        set(ARIA_IS_LOCAL 1)
+    else()
+        message(ERROR "ERROR: FindARIA.cmake missing ARIA_DIR value")
+        message(STATUS "Please set ARIA_DIR environment variable path to your MagicCrypto or copy to wolfssl/MagicCrypto")
+    endif()
+else()
+    # If an environment variable is defined, the library CANNOT be in the local wolfssl directory.
+    # See CMake documentation for target_include_directories()
+    set(ARIA_IS_LOCAL)
+    set(ARIA_INCLUDE_DIR "$ENV{ARIA_DIR}/include")
+    message(STATUS "FindARIA.cmake found ARIA_INCLUDE_DIR = $ENV{ARIA_DIR}")
+
+    message(STATUS "Checking environment location: ${ARIA_INCLUDE_DIR} and wolfSSL: ${WOLFSSL_ROOT}")
+    get_filename_component(dir1 "${ARIA_INCLUDE_DIR}" REALPATH)
+    get_filename_component(dir2 "${WOLFSSL_ROOT}/MagicCrypto/include" REALPATH)
+    message(STATUS "Found location dir: ${dir1} and ${dir2}")
+    if("${dir1}" STREQUAL "${dir2}")
+        message(STATUS "${ARIA_INCLUDE_DIR} exists within ${WOLFSSL_ROOT}.")
+        message(STATUS "Setting ARIA_IS_LOCAL flag and using wolfSSL path.")
+        set(ARIA_IS_LOCAL 1)
+        set(ARIA_INCLUDE_DIR "${WOLFSSL_ROOT}/MagicCrypto/include")
+    else()
+        if(EXISTS "${ARIA_INCLUDE_DIR}")
+            message(STATUS "Confirmed directory exists: ${ARIA_INCLUDE_DIR}")
+        else()
+            message(FATAL_ERROR "Directory not found: ${ARIA_INCLUDE_DIR}")
+        endif()
+
+        message(STATUS "Confirmed ${ARIA_INCLUDE_DIR} is not in local wolfSSL root.")
+    endif()
+endif()
+
+# Check that the appropriate files exist
+find_path(ARIA_INCLUDE_DIR NAMES "mcapi.h" )
+
+if (NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi.h")
+    message(FATAL_ERROR "File does not exist at ${ARIA_INCLUDE_DIR}/mcapi.h")
+endif()
+
+if(NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi_error.h")
+    message(FATAL_ERROR "File does not exist at ${ARIA_INCLUDE_DIR}/mcapi_error.h")
+endif()
+
+if(NOT EXISTS "${ARIA_INCLUDE_DIR}/mcapi_type.h")
+    message(FATAL_ERROR "File does not exist at $ARIA_INCLUDE_DIR/mcapi_type.h")
+endif()
+
+if(EXISTS "$ENV{ARIA_DIR}/lib/libMagicCrypto.so")
+    # Found ARIA binary via environment variable
+    set(ARIA_LIBRARY "MagicCrypto")
+    set(ARIA_LIB_FILE "$ENV{ARIA_DIR}/lib/libMagicCrypto.so")
+    message(STATUS "ARIA Check: found libMagicCrypto.so via environment variable.")
+    message(STATUS "Using ${ARIA_LIB_FILE}")
+else()
+    # Did not find ARIA binary via environment variable, so let's look in the current wolfssl directory
+    if(EXISTS "${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+        # Found in the root of wolfssl, in ./MagicCrypto/lib
+        set(ARIA_LIBRARY "MagicCrypto")
+        set(ARIA_LIB_FILE "${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+        message(STATUS "ARIA Check: found libMagicCrypto.so via WOLFSSL_ROOT")
+        message(STATUS "Using ${ARIA_LIB_FILE}")
+    else()
+        # Could not find binary. Give up.
+        message(ERROR "ARIA Check: could not find libMagicCrypto.so via WOLFSSL_ROOT\n"
+                      "Looked for ${WOLFSSL_ROOT}/MagicCrypto/lib/libMagicCrypto.so")
+    endif()
+endif()
+
+mark_as_advanced(ARIA_INCLUDE_DIR ARIA_LIBRARY)
+
+include(FindPackageHandleStandardArgs)
+find_package_handle_standard_args(ARIA DEFAULT_MSG ARIA_INCLUDE_DIR ARIA_LIBRARY)
+
+# Some additional optional debugging messages, set to (1) to enable
+if(0)
+    message(STATUS "")
+    message(STATUS "ARIA Check: FindARIA.cmake")
+    message(STATUS "ARIA Check: ARIA_INCLUDE_DIR: ${ARIA_INCLUDE_DIR}")
+    message(STATUS "ARIA Check: ARIA_LIBRARY:     ${ARIA_LIBRARY}")
+    message(STATUS "ARIA Check: ARIA_FOUND:       ${ARIA_FOUND}")
+    message(STATUS "ARIA Check: CMAKE_CURRENT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}")
+endif()
diff --git a/extra/wolfssl/wolfssl/configure.ac b/extra/wolfssl/wolfssl/configure.ac
index 26e7a754..0e2d0706 100644
--- a/extra/wolfssl/wolfssl/configure.ac
+++ b/extra/wolfssl/wolfssl/configure.ac
@@ -1,13 +1,13 @@
 # configure.ac
 #
-# Copyright (C) 2006-2021 wolfSSL Inc.
+# Copyright (C) 2006-2023 wolfSSL Inc.
 #
 # This file is part of wolfSSL. (formerly known as CyaSSL)
 #
 #
-AC_COPYRIGHT([Copyright (C) 2006-2020 wolfSSL Inc.])
+AC_COPYRIGHT([Copyright (C) 2006-2023 wolfSSL Inc.])
 AC_PREREQ([2.69])
-AC_INIT([wolfssl],[5.6.3],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
+AC_INIT([wolfssl],[5.6.6],[https://github.com/wolfssl/wolfssl/issues],[wolfssl],[https://www.wolfssl.com])
 AC_CONFIG_AUX_DIR([build-aux])
 
 # The following sets CFLAGS to empty if unset on command line.  We do not
@@ -46,10 +46,10 @@ AC_SUBST([WOLFSSL_CONFIG_ARGS])
 # shared library versioning
 # The three numbers in the libwolfssl.so.*.*.* file name. Unfortunately
 # these numbers don't always line up nicely with the library version.
-WOLFSSL_LIBRARY_VERSION_FIRST=35
-WOLFSSL_LIBRARY_VERSION_SECOND=5
-WOLFSSL_LIBRARY_VERSION_THIRD=1
-WOLFSSL_LIBRARY_VERSION=40:1:5
+WOLFSSL_LIBRARY_VERSION_FIRST=42
+WOLFSSL_LIBRARY_VERSION_SECOND=0
+WOLFSSL_LIBRARY_VERSION_THIRD=0
+WOLFSSL_LIBRARY_VERSION=42:0:0
 #                        | | |
 #                 +------+ | +---+
 #                 |        |     |
@@ -71,6 +71,9 @@ AS_IF([ test -n "$CFLAG_VISIBILITY" ], [
        AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY"
        ])
 
+WOLFSSL_BUILD_DATE=$(date -R)
+AC_SUBST([WOLFSSL_BUILD_DATE])
+
 
 # Moved these size of and type checks before the library checks.
 # The library checks add the library to subsequent test compiles
@@ -184,7 +187,6 @@ AS_IF([test "$ax_enable_debug" = "yes"],
       [AM_CCASFLAGS="$DEBUG_CFLAGS $AM_CCASFLAGS"],
       [AM_CCASFLAGS="$AM_CCASFLAGS -DNDEBUG"])
 
-
 # Start without certificates enabled and enable if a certificate algorithm is
 # enabled
 ENABLED_CERTS="no"
@@ -346,7 +348,6 @@ AS_CASE([$ENABLED_WOLFENGINE],
 AS_CASE([$ENABLED_FIPS],
     [no],[
         FIPS_VERSION="none"
-        ENABLED_FIPS="no"
     ],
     [disabled],[
         FIPS_VERSION="disabled"
@@ -419,16 +420,11 @@ fi
 AS_CASE([$FIPS_VERSION],
     [none],
     [
-      AS_IF([ test -s $srcdir/wolfcrypt/src/fips.c -o -s $srcdir/ctaocrypt/src/fips.c ],
+      AS_IF([ test -s $srcdir/wolfcrypt/src/fips.c ],
             [AC_MSG_ERROR([FIPS source tree is incompatible with non-FIPS build (requires --enable-fips)])])
     ],
     [disabled],
     [],
-    [v1],
-    [
-      AS_IF([ ! test -s $srcdir/ctaocrypt/src/fips.c],
-            [AC_MSG_ERROR([non-FIPS-v1 source tree is incompatible with --enable-fips=$enableval])])
-    ],
     [
       AS_IF([ ! test -s $srcdir/wolfcrypt/src/fips.c],
             [AC_MSG_ERROR([non-FIPS source tree is incompatible with --enable-fips=$enableval])])
@@ -509,6 +505,9 @@ AC_SUBST([ENABLED_LINUXKM_BENCHMARKS])
 if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DH_CONST -DWOLFSSL_SP_MOD_WORD_RP -DWOLFSSL_SP_DIV_64 -DWOLFSSL_SP_DIV_WORD_HALF -DWOLFSSL_SMALL_STACK_STATIC -DWOLFSSL_TEST_SUBROUTINE=static"
+    if test "$ENABLED_LINUXKM_PIE" = "yes"; then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
+    fi
     if test "$ENABLED_FIPS" = "no"; then
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_OLD_PRIME_CHECK"
     fi
@@ -663,7 +662,7 @@ fi
 # if sp-math-all is not set, then enable fast math
 if test "x$ENABLED_FASTMATH" = "xyes" && test "$enable_sp_math_all" = "" && test "$enable_sp_math" = ""
 then
-    # turn off fastmth if leanpsk on or asn off (w/o DH and ECC)
+    # turn off fastmath if leanpsk on or asn off (w/o DH and ECC)
     if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no"
     then
         if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no" && test "$ENABLED_RSA" = "no"
@@ -721,9 +720,9 @@ then
     # this set is also enabled by enable-all-crypto:
     test "$enable_atomicuser" = "" && enable_atomicuser=yes
     test "$enable_aesgcm" = "" && enable_aesgcm=yes
-    test "$enable_aesgcm_stream" = "" && enable_aesgcm_stream=yes
     test "$enable_aesccm" = "" && enable_aesccm=yes
     test "$enable_aesctr" = "" && enable_aesctr=yes
+    test "$enable_aeseax" = "" && enable_aeseax=yes
     test "$enable_aesofb" = "" && enable_aesofb=yes
     test "$enable_aescfb" = "" && enable_aescfb=yes
     test "$enable_aescbc_length_checks" = "" && enable_aescbc_length_checks=yes
@@ -741,22 +740,22 @@ then
     test "$enable_hkdf" = "" && enable_hkdf=yes
     test "$enable_curve25519" = "" && enable_curve25519=yes
     test "$enable_curve448" = "" && enable_curve448=yes
-    test "$enable_fpecc" = "" && enable_fpecc=yes
-    test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
+    test "$enable_fpecc" = "" && test "$enable_ecc" != "no" && enable_fpecc=yes
+    test "$enable_eccencrypt" = "" && test "$enable_ecc" != "no" && enable_eccencrypt=yes
     test "$enable_psk" = "" && enable_psk=yes
     test "$enable_cmac" = "" && enable_cmac=yes
     test "$enable_siphash" = "" && enable_siphash=yes
     test "$enable_xts" = "" && enable_xts=yes
     test "$enable_ocsp" = "" && enable_ocsp=yes
-    test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
-    test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
+    test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
+    test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
     test "$enable_crl" = "" && enable_crl=yes
     test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
     test "$enable_tlsx" = "" && enable_tlsx=yes
     test "$enable_pwdbased" = "" && enable_pwdbased=yes
     test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
     test "$enable_x963kdf" = "" && enable_x963kdf=yes
-    test "$enable_scrypt" = "" && enable_scrypt=yes
+    test "$enable_scrypt" = "" && test "$enable_hmac" != "no" && enable_scrypt=yes
     test "$enable_indef" = "" && enable_indef=yes
     test "$enable_enckeys" = "" && enable_enckeys=yes
     test "$enable_hashflags" = "" && enable_hashflags=yes
@@ -765,21 +764,19 @@ then
     test "$enable_base16" = "" && enable_base16=yes
     test "$enable_arc4" = "" && enable_arc4=yes
     test "$enable_des3" = "" && enable_des3=yes
-    test "$enable_nullcipher" = "" && enable_nullcipher=yes
     test "$enable_blake2" = "" && enable_blake2=yes
     test "$enable_blake2s" = "" && enable_blake2s=yes
     test "$enable_md2" = "" && enable_md2=yes
     test "$enable_md4" = "" && enable_md4=yes
     test "$enable_cryptocb" = "" && enable_cryptocb=yes
     test "$enable_anon" = "" && enable_anon=yes
-    test "$enable_ssh" = "" && enable_ssh=yes
+    test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
 
     test "$enable_savesession" = "" && enable_savesession=yes
     test "$enable_savecert" = "" && enable_savecert=yes
     test "$enable_postauth" = "" && enable_postauth=yes
     test "$enable_hrrcookie" = "" && enable_hrrcookie=yes
     test "$enable_fallback_scsv" = "" && enable_fallback_scsv=yes
-    test "$enable_mcast" = "" && enable_mcast=yes
     test "$enable_webserver" = "" && enable_webserver=yes
     test "$enable_crl_monitor" = "" && enable_crl_monitor=yes
     test "$enable_sni" = "" && enable_sni=yes
@@ -799,14 +796,16 @@ then
 
     if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
     then
+        test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
         test "$enable_compkey" = "" && enable_compkey=yes
+        test "$enable_quic" = "" && test "$enable_cryptonly" != "yes" && enable_quic=yes
         AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_IO -DHAVE_IO_TIMEOUT"
     fi
 
     # sp-math is incompatible with opensslextra, ECC custom curves, and DSA.
     if test "$ENABLED_SP_MATH" = "no"
     then
-        test "$enable_dsa" = "" && enable_dsa=yes
+        test "$enable_dsa" = "" && test "$enable_sha" != "no" && enable_dsa=yes
         test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
         test "$enable_brainpool" = "" && enable_brainpool=yes
         test "$enable_srp" = "" && enable_srp=yes
@@ -837,15 +836,17 @@ then
     if test "$ENABLED_FIPS" = "no"
     then
         test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
-        test "$enable_xchacha" = "" && enable_xchacha=yes
+        test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
         test "$enable_scep" = "" && enable_scep=yes
         test "$enable_pkcs7" = "" && enable_pkcs7=yes
+        test "$enable_nullcipher" = "" && enable_nullcipher=yes
+        test "$enable_mcast" = "" && enable_mcast=yes
         if test "$ENABLED_32BIT" != "yes"
         then
             test "$enable_ed25519" = "" && enable_ed25519=yes
-            test "$enable_ed25519_stream" = "" && enable_ed25519_stream=yes
+            test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
             test "$enable_ed448" = "" && enable_ed448=yes
-            test "$enable_ed448_stream" = "" && enable_ed448_stream=yes
+            test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
         fi
 
         if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
@@ -855,8 +856,8 @@ then
             test "$enable_curl" = "" && enable_curl=yes
             test "$enable_tcpdump" = "" && enable_tcpdump=yes
 
-            test "$enable_eccsi" = "" && enable_eccsi=yes
-            test "$enable_sakke" = "" && enable_sakke=yes
+            test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
+            test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
         fi
     fi
 
@@ -907,9 +908,9 @@ if test "$ENABLED_ALL_CRYPT" = "yes"
 then
     test "$enable_atomicuser" = "" && enable_atomicuser=yes
     test "$enable_aesgcm" = "" && enable_aesgcm=yes
-    test "$enable_aesgcm_stream" = "" && enable_aesgcm_stream=yes
     test "$enable_aesccm" = "" && enable_aesccm=yes
     test "$enable_aesctr" = "" && enable_aesctr=yes
+    test "$enable_aeseax" = "" && enable_aeseax=yes
     test "$enable_aesofb" = "" && enable_aesofb=yes
     test "$enable_aescfb" = "" && enable_aescfb=yes
     test "$enable_aescbc_length_checks" = "" && enable_aescbc_length_checks=yes
@@ -927,22 +928,22 @@ then
     test "$enable_hkdf" = "" && enable_hkdf=yes
     test "$enable_curve25519" = "" && enable_curve25519=yes
     test "$enable_curve448" = "" && enable_curve448=yes
-    test "$enable_fpecc" = "" && enable_fpecc=yes
-    test "$enable_eccencrypt" = "" && enable_eccencrypt=yes
+    test "$enable_fpecc" = "" && test "$enable_ecc" != "no" && enable_fpecc=yes
+    test "$enable_eccencrypt" = "" && test "$enable_ecc" != "no" && enable_eccencrypt=yes
     test "$enable_psk" = "" && enable_psk=yes
     test "$enable_cmac" = "" && enable_cmac=yes
     test "$enable_siphash" = "" && enable_siphash=yes
     test "$enable_xts" = "" && enable_xts=yes
     test "$enable_ocsp" = "" && enable_ocsp=yes
-    test "$enable_ocspstapling" = "" && enable_ocspstapling=yes
-    test "$enable_ocspstapling2" = "" && enable_ocspstapling2=yes
+    test "$enable_ocspstapling" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling=yes
+    test "$enable_ocspstapling2" = "" && test "$enable_ocsp" != "no" && enable_ocspstapling2=yes
     test "$enable_crl" = "" && enable_crl=yes
     test "$enable_supportedcurves" = "" && enable_supportedcurves=yes
     test "$enable_tlsx" = "" && enable_tlsx=yes
     test "$enable_pwdbased" = "" && enable_pwdbased=yes
     test "$enable_aeskeywrap" = "" && enable_aeskeywrap=yes
     test "$enable_x963kdf" = "" && enable_x963kdf=yes
-    test "$enable_scrypt" = "" && enable_scrypt=yes
+    test "$enable_scrypt" = "" && test "$enable_hmac" != "no" && enable_scrypt=yes
     test "$enable_indef" = "" && enable_indef=yes
     test "$enable_enckeys" = "" && enable_enckeys=yes
     test "$enable_hashflags" = "" && enable_hashflags=yes
@@ -951,14 +952,13 @@ then
     test "$enable_base16" = "" && enable_base16=yes
     test "$enable_arc4" = "" && enable_arc4=yes
     test "$enable_des3" = "" && enable_des3=yes
-    test "$enable_nullcipher" = "" && enable_nullcipher=yes
     test "$enable_blake2" = "" && enable_blake2=yes
     test "$enable_blake2s" = "" && enable_blake2s=yes
     test "$enable_md2" = "" && enable_md2=yes
     test "$enable_md4" = "" && enable_md4=yes
     test "$enable_cryptocb" = "" && enable_cryptocb=yes
     test "$enable_anon" = "" && enable_anon=yes
-    test "$enable_ssh" = "" && enable_ssh=yes
+    test "$enable_ssh" = "" && test "$enable_hmac" != "no" && enable_ssh=yes
 
     if test "$ENABLED_32BIT" != "yes"
     then
@@ -968,12 +968,13 @@ then
 
     if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
     then
+        test "$enable_aesgcm_stream" = "" && test "$enable_aesgcm" = "yes" && enable_aesgcm_stream=yes
         test "$enable_compkey" = "" && enable_compkey=yes
     fi
 
     if test "$ENABLED_SP_MATH" = "no"
     then
-        test "$enable_dsa" = "" && enable_dsa=yes
+        test "$enable_dsa" = "" && test "$enable_sha" != "no" && enable_dsa=yes
         test "$enable_ecccustcurves" = "" && enable_ecccustcurves=yes
         test "$enable_brainpool" = "" && enable_brainpool=yes
         test "$enable_srp" = "" && enable_srp=yes
@@ -982,20 +983,21 @@ then
     if test "$ENABLED_FIPS" = "no"
     then
         test "$enable_pkcallbacks" = "" && enable_pkcallbacks=yes
-        test "$enable_xchacha" = "" && enable_xchacha=yes
+        test "$enable_xchacha" = "" && test "$enable_chacha" != "no" && enable_xchacha=yes
         test "$enable_pkcs7" = "" && enable_pkcs7=yes
+        test "$enable_nullcipher" = "" && enable_nullcipher=yes
         if test "$ENABLED_32BIT" != "yes"
         then
             test "$enable_ed25519" = "" && enable_ed25519=yes
-            test "$enable_ed25519_stream" = "" && enable_ed25519_stream=yes
+            test "$enable_ed25519_stream" = "" && test "$enable_ed25519" != "no" && enable_ed25519_stream=yes
             test "$enable_ed448" = "" && enable_ed448=yes
-            test "$enable_ed448_stream" = "" && enable_ed448_stream=yes
+            test "$enable_ed448_stream" = "" && test "$enable_ed448" != "no" && enable_ed448_stream=yes
         fi
 
         if test "$ENABLED_LINUXKM_DEFAULTS" != "yes"
         then
-            test "$enable_eccsi" = "" && enable_eccsi=yes
-            test "$enable_sakke" = "" && enable_sakke=yes
+            test "$enable_eccsi" = "" && test "$enable_ecc" != "no" && enable_eccsi=yes
+            test "$enable_sakke" = "" && test "$enable_ecc" != "no" && enable_sakke=yes
         fi
     fi
 
@@ -1142,6 +1144,210 @@ then
 fi
 
 
+# XMSS
+AC_ARG_ENABLE([xmss],
+    [AS_HELP_STRING([--enable-xmss],[Enable stateful XMSS/XMSS^MT signatures (default: disabled)])],
+    [ ENABLED_XMSS=$enableval ],
+    [ ENABLED_XMSS=no ]
+    )
+
+ENABLED_WC_XMSS=no
+for v in `echo $ENABLED_XMSS | tr "," " "`
+do
+  case $v in
+  yes)
+    ;;
+  no)
+    ;;
+  verify-only)
+    XMSS_VERIFY_ONLY=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_XMSS_VERIFY_ONLY -DXMSS_VERIFY_ONLY"
+    ;;
+  wolfssl)
+    ENABLED_WC_XMSS=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_XMSS"
+    ;;
+  *)
+    AC_MSG_ERROR([Invalid choice for XMSS []: $ENABLED_XMSS.])
+    break;;
+  esac
+done
+
+if test "$ENABLED_XMSS" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_XMSS"
+
+    if test "$ENABLED_WC_XMSS" = "no";
+    then
+        # Default is to use hash-sigs XMSS lib. Make sure it's enabled.
+        if test "$ENABLED_LIBXMSS" = "no"; then
+            AC_MSG_ERROR([The default implementation for XMSS is the xmss-reference lib.
+            Please use --with-libxmss.])
+        fi
+    fi
+fi
+
+# libxmss
+# Get the path to xmss-reference.
+ENABLED_LIBXMSS="no"
+trylibxmssdir=""
+AC_ARG_WITH([libxmss],
+    [AS_HELP_STRING([--with-libxmss=PATH],[PATH to xmss-reference root dir. EXPERIMENTAL!])],
+    [
+        AC_MSG_CHECKING([for libxmss])
+
+        trylibxmssdir=$withval
+
+        if test -e $trylibxmssdir; then
+            libxmss_linked=yes
+        else
+            AC_MSG_ERROR([libxmss isn't found.
+            If it's already installed, specify its path using --with-libxmss=/dir/])
+        fi
+        if test "$XMSS_VERIFY_ONLY" = "yes"; then
+            if test -e $trylibxmssdir/xmss_verify_lib.a; then
+                CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+                LIB_STATIC_ADD="$LIB_STATIC_ADD $trylibxmssdir/xmss_verify_lib.a"
+                enable_shared=no
+                enable_static=yes
+                libxmss_linked=yes
+            else
+                AC_MSG_ERROR([xmss_verify_lib.a isn't found.
+                If it's already installed, specify its path using --with-libxmss=/dir/])
+            fi
+        elif test -e $trylibxmssdir/xmss_lib.a; then
+            CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+            LIB_STATIC_ADD="$LIB_STATIC_ADD $trylibxmssdir/xmss_lib.a"
+            enable_shared=no
+            enable_static=yes
+            libxmss_linked=yes
+        else
+            AC_MSG_ERROR([libxmss isn't found.
+            If it's already installed, specify its path using --with-libxmss=/dir/])
+        fi
+
+        XMSS_ROOT=$trylibxmssdir
+
+        AC_MSG_RESULT([yes])
+        AM_CPPFLAGS="$CPPFLAGS"
+
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_LIBXMSS -I$trylibxmssdir"
+        ENABLED_LIBXMSS="yes"
+        AC_SUBST([XMSS_ROOT])
+    ],
+    [XMSS_ROOT=""]
+)
+
+# LMS
+AC_ARG_ENABLE([lms],
+    [AS_HELP_STRING([--enable-lms],[Enable stateful LMS/HSS signatures (default: disabled)])],
+    [ ENABLED_LMS=$enableval ],
+    [ ENABLED_LMS=no ]
+    )
+
+ENABLED_WC_LMS=no
+for v in `echo $ENABLED_LMS | tr "," " "`
+do
+  case $v in
+  yes)
+    ;;
+  no)
+    ;;
+  verify-only)
+    LMS_VERIFY_ONLY=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LMS_VERIFY_ONLY"
+    ;;
+  wolfssl)
+    ENABLED_WC_LMS=yes
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_WC_LMS"
+    ;;
+  *)
+    AC_MSG_ERROR([Invalid choice for LMS []: $ENABLED_LMS.])
+    break;;
+  esac
+done
+
+if test "$ENABLED_LMS" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HAVE_LMS"
+
+    if test "$ENABLED_WC_LMS" = "no";
+    then
+        # Default is to use hash-sigs LMS lib. Make sure it's enabled.
+        if test "$ENABLED_LIBLMS" = "no"; then
+            AC_MSG_ERROR([The default implementation for LMS is the hash-sigs LMS/HSS lib.
+            Please use --with-liblms.])
+        fi
+    fi
+fi
+
+# liblms
+# Get the path to the hash-sigs LMS HSS lib.
+ENABLED_LIBLMS="no"
+tryliblmsdir=""
+AC_ARG_WITH([liblms],
+    [AS_HELP_STRING([--with-liblms=PATH],[PATH to hash-sigs LMS/HSS install (default /usr/local) EXPERIMENTAL!])],
+    [
+        AC_MSG_CHECKING([for liblms])
+
+        AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <hss.h>]], [[ param_set_t lm_type; param_set_t lm_ots_type; hss_get_public_key_len(4, &lm_type, &lm_ots_type); ]])], [ liblms_linked=yes ],[ liblms_linked=no ])
+
+        if test "x$liblms_linked" = "xno" ; then
+            if test "x$withval" != "xno" ; then
+                tryliblmsdir=$withval
+            fi
+            if test "x$withval" = "xyes" ; then
+                tryliblmsdir="/usr/local"
+            fi
+
+            # 1. If verify only build, use hss_verify.a
+            # 2. If normal build, by default use single-threaded hss_lib.a
+            # 3. If 2 not found, then use the multi-threaded hss_lib_thread.a
+            if test "$LMS_VERIFY_ONLY" = "yes"; then
+                if test -e $tryliblmsdir/hss_verify.a; then
+                    CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+                    LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_verify.a"
+                    enable_shared=no
+                    enable_static=yes
+                    liblms_linked=yes
+                else
+                    AC_MSG_ERROR([hss_verify.a isn't found.
+                    If it's already installed, specify its path using --with-liblms=/dir/])
+                fi
+            elif test -e $tryliblmsdir/hss_lib.a; then
+                CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+                LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_lib.a"
+                enable_shared=no
+                enable_static=yes
+                liblms_linked=yes
+            elif test -e $tryliblmsdir/hss_lib_thread.a; then
+                CPPFLAGS="$AM_CPPFLAGS -DHAVE_LIBLMS -I$tryliblmsdir"
+                LIB_STATIC_ADD="$LIB_STATIC_ADD $tryliblmsdir/hss_lib_thread.a"
+                enable_shared=no
+                enable_static=yes
+                liblms_linked=yes
+            else
+                AC_MSG_ERROR([liblms isn't found.
+                If it's already installed, specify its path using --with-liblms=/dir/])
+            fi
+
+            if test "x$liblms_linked" = "xno" ; then
+                AC_MSG_ERROR([liblms isn't found.
+                If it's already installed, specify its path using --with-liblms=/dir/])
+            fi
+
+            AC_MSG_RESULT([yes])
+            AM_CPPFLAGS="$CPPFLAGS"
+            AM_LDFLAGS="$LDFLAGS"
+        else
+            AC_MSG_RESULT([yes])
+        fi
+
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_LIBLMS"
+        ENABLED_LIBLMS="yes"
+    ]
+)
+
 # SINGLE THREADED
 AC_ARG_ENABLE([singlethreaded],
     [AS_HELP_STRING([--enable-singlethreaded],[Enable wolfSSL single threaded (default: disabled)])],
@@ -1225,6 +1431,18 @@ then
   AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_MTU"
 fi
 
+# KeyLog file export
+AC_ARG_ENABLE([keylog-export],
+              [AS_HELP_STRING([--enable-keylog-export],[Enable insecure export of TLS secrets to an NSS keylog file (default: disabled)])],
+    [ ENABLED_KEYLOG_EXPORT=$enableval ],
+    [ ENABLED_KEYLOG_EXPORT=no ]
+    )
+if test "$ENABLED_KEYLOG_EXPORT" = "yes"
+then
+  AC_MSG_WARN([Keylog export enabled -- Sensitive key data will be stored insecurely.])
+  AM_CFLAGS="$AM_CFLAGS -DSHOW_SECRETS -DHAVE_SECRET_CALLBACK -DWOLFSSL_SSLKEYLOGFILE -DWOLFSSL_KEYLOG_EXPORT_WARNED"
+fi
+
 # TLS v1.3 Draft 18 (Note: only final TLS v1.3 supported, here for backwards build compatibility)
 AC_ARG_ENABLE([tls13-draft18],
     [AS_HELP_STRING([--enable-tls13-draft18],[Enable wolfSSL TLS v1.3 Draft 18 (default: disabled)])],
@@ -1258,6 +1476,10 @@ then
     then
         AC_MSG_ERROR([TLS 1.3 is disabled - necessary for QUIC])
     fi
+    if test "$enable_aesgcm" = "no"
+    then
+        AC_MSG_ERROR([AES-GCM is disabled - necessary for QUIC])
+    fi
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_QUIC"
     # QUIC proto handlers need app_data at WOLFSSL*
     AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
@@ -1378,6 +1600,8 @@ AC_ARG_ENABLE([mcast],
 # FFmpeg (--enable-ffmpeg) WOLFSSL_FFMPEG
 # strongSwan (--enable-strongswan)
 # OpenLDAP (--enable-openldap)
+# hitch (--enable-hitch)
+# memcached (--enable-memcached)
 
 # Bind DNS compatibility Build
 AC_ARG_ENABLE([bind],
@@ -1581,6 +1805,20 @@ AC_ARG_ENABLE([strongswan],
     [ ENABLED_STRONGSWAN=no ]
     )
 
+# hitch support
+AC_ARG_ENABLE([hitch],
+    [AS_HELP_STRING([--enable-hitch],[Enable hitch support (default: disabled)])],
+    [ ENABLED_HITCH=$enableval ],
+    [ ENABLED_HITCH=no ]
+    )
+
+# memcached support
+AC_ARG_ENABLE([memcached],
+    [AS_HELP_STRING([--enable-memcached],[Enable memcached support (default: disabled)])],
+    [ ENABLED_MEMCACHED=$enableval ],
+    [ ENABLED_MEMCACHED=no ]
+    )
+
 # OpenSSL Coexist
 AC_ARG_ENABLE([opensslcoexist],
     [AS_HELP_STRING([--enable-opensslcoexist],[Enable coexistence of wolfssl/openssl (default: disabled)])],
@@ -1692,7 +1930,7 @@ if test "$ENABLED_LIBWEBSOCKETS" = "yes" || test "$ENABLED_OPENVPN" = "yes" || \
    test "$ENABLED_OPENRESTY" = "yes" || test "$ENABLED_RSYSLOG" = "yes" || \
    test "$ENABLED_KRB" = "yes" || test "$ENABLED_CHRONY" = "yes" || \
    test "$ENABLED_FFMPEG" = "yes" || test "$ENABLED_STRONGSWAN" = "yes" || \
-   test "$ENABLED_OPENLDAP" = "yes"
+   test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
 then
     ENABLED_OPENSSLALL="yes"
 fi
@@ -1719,7 +1957,8 @@ AC_ARG_ENABLE([error-queue-per-thread],
 
 if test "$ENABLED_ERRORQUEUEPERTHREAD" = "check"
 then
-    AS_IF([test "$thread_ls_on" = "no"],
+    AS_IF([test "$thread_ls_on" = "no" ||
+           test "$ENABLED_SINGLETHREADED" = "yes"],
         [ENABLED_ERRORQUEUEPERTHREAD=no],
         [ENABLED_ERRORQUEUEPERTHREAD=yes])
 fi
@@ -2146,7 +2385,7 @@ AC_ARG_ENABLE([aescbc],
 if test "$ENABLED_AESCBC" = "no"
 then
     AM_CFLAGS="$AM_CFLAGS -DNO_AES_CBC"
-    AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AES_CBC"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DNO_AES_CBC"
 fi
 
 # AES-CBC length checks (checks that input lengths are multiples of block size)
@@ -2201,6 +2440,18 @@ then
     AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESCCM"
 fi
 
+# AES-EAX
+AC_ARG_ENABLE([aeseax],
+    [AS_HELP_STRING([--enable-aeseax],[Enable wolfSSL AES-EAX support (default: disabled)])],
+    [ ENABLED_AESEAX=$enableval ],
+    [ ENABLED_AESEAX=no ]
+    )
+
+if test "$ENABLED_AESEAX" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_EAX"
+fi
+
 # AES-SIV (RFC 5297)
 AC_ARG_ENABLE([aessiv],
     [AS_HELP_STRING([--enable-aessiv],[Enable AES-SIV (RFC 5297) (default: disabled)])],
@@ -2213,13 +2464,13 @@ then
     ENABLED_AESSIV=yes
 fi
 
-# AES-CTRf
+# AES-CTR
 AC_ARG_ENABLE([aesctr],
     [AS_HELP_STRING([--enable-aesctr],[Enable wolfSSL AES-CTR support (default: disabled)])],
     [ ENABLED_AESCTR=$enableval ],
     [ ENABLED_AESCTR=no ]
     )
-if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes"
+if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes" || test "$ENABLED_AESEAX" = "yes"
 then
     ENABLED_AESCTR=yes
 fi
@@ -2254,9 +2505,108 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_CFB"
 fi
 
+AC_ARG_ENABLE([aes-bitsliced],
+    [AS_HELP_STRING([--enable-aes-bitsliced],[Enable bitsliced implementation of AES (default: disabled)])],
+    [ ENABLED_AESBS=$enableval ],
+    [ ENABLED_AESBS=no ]
+    )
+
+if test "$ENABLED_AESBS" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWC_AES_BITSLICED -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT"
+fi
+
+# SM4
+ENABLED_SM4="no"
+AC_ARG_ENABLE([sm4-ecb],
+    [AS_HELP_STRING([--enable-sm4-ecb],[Enable wolfSSL SM4-ECB support (default: disabled)])],
+    [ ENABLED_SM4_ECB=$enableval ],
+    [ ENABLED_SM4_ECB=no ]
+    )
+
+if test "$ENABLED_SM4_ECB" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_ECB" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_ECB"
+    ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-cbc],
+    [AS_HELP_STRING([--enable-sm4-cbc],[Enable wolfSSL SM4-CBC support (default: disabled)])],
+    [ ENABLED_SM4_CBC=$enableval ],
+    [ ENABLED_SM4_CBC=no ]
+    )
+
+if test "$ENABLED_SM4_CBC" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CBC" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CBC"
+    ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-ctr],
+    [AS_HELP_STRING([--enable-sm4-ctr],[Enable wolfSSL SM4-CTR support (default: disabled)])],
+    [ ENABLED_SM4_CTR=$enableval ],
+    [ ENABLED_SM4_CTR=no ]
+    )
+
+if test "$ENABLED_SM4_CTR" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CTR" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CTR"
+    ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-gcm],
+    [AS_HELP_STRING([--enable-sm4-gcm],[Enable wolfSSL SM4-GCM support (default: disabled)])],
+    [ ENABLED_SM4_GCM=$enableval ],
+    [ ENABLED_SM4_GCM=no ]
+    )
+
+if test "$ENABLED_SM4_GCM" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_GCM" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_GCM"
+    ENABLED_SM4="yes"
+fi
+
+AC_ARG_ENABLE([sm4-ccm],
+    [AS_HELP_STRING([--enable-sm4-ccm],[Enable wolfSSL SM4-CCM support (default: disabled)])],
+    [ ENABLED_SM4_CCM=$enableval ],
+    [ ENABLED_SM4_CCM=no ]
+    )
+
+if test "$ENABLED_SM4_CCM" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_SMALL"
+fi
+if test "$ENABLED_SM4_CCM" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4_CCM"
+    ENABLED_SM4="yes"
+fi
+
+if test "$ENABLED_SM4" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM4"
+fi
+
 
 ENABLED_ARMASM_INLINE="no"
 ENABLED_ARMASM_SHA3="no"
+ENABLED_ARMASM_CRYPTO_SM4="no"
 # ARM Assembly
 # Both SHA3 and SHA512 instructions available with ARMV8.2-a
 AC_ARG_ENABLE([armasm],
@@ -2284,6 +2634,33 @@ then
                 break;;
             esac
             ENABLED_ARMASM_SHA3=yes
+            ENABLED_ARMASM_PLUS=yes
+            ;;
+        sm4)
+            case $host_cpu in
+            *aarch64*)
+                ;;
+            *)
+                AC_MSG_ERROR([SM4 instructions only available on Aarch64 CPU.])
+                break;;
+            esac
+            ENABLED_ARMASM_SM4=yes
+            # gcc requires -march=...+sm4 to enable SM4 instructions
+            ENABLED_ARMASM_CRYPTO_SM4=yes
+            ENABLED_ARMASM_PLUS=yes
+            ;;
+        sm3)
+            case $host_cpu in
+            *aarch64*)
+                ;;
+            *)
+                AC_MSG_ERROR([SM3 instructions only available on Aarch64 CPU.])
+                break;;
+            esac
+            ENABLED_ARMASM_SM3=yes
+            # gcc requires -march=...+sm4 to enable SM3 instructions
+            ENABLED_ARMASM_CRYPTO_SM4=yes
+            ENABLED_ARMASM_PLUS=yes
             ;;
         *)
             AC_MSG_ERROR([Invalid choice of ARM asm inclusions (yes, sha512-crypto, sha3-crypto): $ENABLED_ARMASM.])
@@ -2308,8 +2685,14 @@ then
                 ;;
             *)
                 # +crypto needed for hardware acceleration
-                if test "$ENABLED_ARMASM_SHA3" = "yes"; then
-                    AM_CPPFLAGS="$AM_CPPFLAGS -march=armv8.2-a+crypto+sha3"
+                if test "$ENABLED_ARMASM_PLUS" = "yes"; then
+                    AM_CPPFLAGS="$AM_CPPFLAGS -march=armv8.2-a+crypto"
+                    if test "$ENABLED_ARMASM_SHA3" = "yes"; then
+                        AM_CPPFLAGS="$AM_CPPFLAGS+sha3"
+                    fi
+                    if test "$ENABLED_ARMASM_CRYPTO_SM4" = "yes"; then
+                        AM_CPPFLAGS="$AM_CPPFLAGS+sm4"
+                    fi
                 else
                     AM_CPPFLAGS="$AM_CPPFLAGS -mcpu=generic+crypto"
                 fi
@@ -2318,6 +2701,7 @@ then
             # Include options.h
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=yes
+            ENABLED_ARMASM_NEON=yes
 
             # Check for and set -mstrict-align compiler flag
             # Used to set assumption that Aarch64 systems will not handle
@@ -2337,18 +2721,46 @@ then
             AC_MSG_NOTICE([64bit ARMv8 found, setting mcpu to generic+crypto])
             ;;
         armv7a*)
-            AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=7"
+            AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARM_ARCH=7 -marm"
             # Include options.h
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=no
             ENABLED_AESGCM_STREAM=no # not yet implemented
+            ENABLED_ARMASM_NEON=yes
             AC_MSG_NOTICE([32bit ARMv7-a found, setting mfpu to neon])
             ;;
+        armv7m*)
+            # QEMU doesn't work with armv7-m
+            AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-r -D__thumb__ -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=7"
+            # Include options.h
+            AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+            ENABLED_ARMASM_CRYPTO=no
+            ENABLED_AESGCM_STREAM=no # not yet implemented
+            ENABLED_ARMASM_NEON=no
+            AC_MSG_NOTICE([32bit ARMv7-m found])
+            ;;
+        armv6*)
+            AM_CPPFLAGS="$AM_CPPFLAGS -march=armv6 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=6"
+            AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+            ENABLED_ARMASM_CRYPTO=no
+            ENABLED_AESGCM_STREAM=no # not yet implemented
+            ENABLED_ARMASM_NEON=no
+            AC_MSG_NOTICE([32bit ARMv6 found])
+            ;;
+        armv4*)
+            AM_CPPFLAGS="$AM_CPPFLAGS -march=armv4 -fomit-frame-pointer -DWOLFSSL_ARMASM_NO_HW_CRYPTO -DWOLFSSL_ARM_ARCH=4"
+            AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
+            ENABLED_ARMASM_CRYPTO=no
+            ENABLED_AESGCM_STREAM=no # not yet implemented
+            ENABLED_ARMASM_NEON=no
+            AC_MSG_NOTICE([32bit ARMv4 found])
+            ;;
         *)
-            AM_CPPFLAGS="$AM_CPPFLAGS -mfpu=crypto-neon-fp-armv8"
+            AM_CPPFLAGS="$AM_CPPFLAGS -mfpu=crypto-neon-fp-armv8 -marm"
             # Include options.h
             AM_CCASFLAGS="$AM_CCASFLAGS -DEXTERNAL_OPTS_OPENVPN"
             ENABLED_ARMASM_CRYPTO=yes
+            ENABLED_ARMASM_NEON=yes
             AC_MSG_NOTICE([32bit ARMv8 found, setting mfpu to crypto-neon-fp-armv8])
             ;;
         esac
@@ -2359,6 +2771,23 @@ if test "$ENABLED_ARMASM_SHA3" = "yes"; then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SHA512 -DWOLFSSL_ARMASM_CRYPTO_SHA3"
     AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ARMASM_CRYPTO_SHA512 -DWOLFSSL_ARMASM_CRYPTO_SHA3"
 fi
+if test "$ENABLED_ARMASM_SM3" = "yes"; then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SM3"
+fi
+if test "$ENABLED_ARMASM_SM4" = "yes"; then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_CRYPTO_SM4"
+fi
+if test "$ENABLED_ARMASM_CRYPTO" = "no"; then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_NO_HW_CRYPTO"
+fi
+if test "$ENABLED_ARMASM_NEON" = "no"; then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_NO_NEON"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_ARMASM_NO_NEON"
+fi
+
+if test "$ENABLED_ARMASM_INLINE" = "yes"; then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ARMASM_INLINE"
+fi
 
 # Xilinx hardened crypto
 AC_ARG_ENABLE([xilinx],
@@ -2385,6 +2814,30 @@ fi
 ]
 )
 
+AC_ARG_ENABLE([aria],
+    [AS_HELP_STRING([--enable-aria],[Enable wolfSSL support for ARIA (default: disabled)])],
+    [ ENABLED_ARIA=$enableval ],
+    [ ENABLED_ARIA=no ]
+    )
+if test "$ENABLED_ARIA" = "yes"
+then
+    ARIA_DIR=MagicCrypto
+    # Enable dependency
+    CFLAGS="$CFLAGS -I$ARIA_DIR/include"
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_ARIA"
+    AM_LDFLAGS="$AM_LDFLAGS -L$ARIA_DIR/lib -lMagicCrypto"
+    build_pwd="$(pwd)"
+    headers="mcapi_error.h mcapi_type.h mcapi.h"
+    for header in $headers
+    do
+        AC_CHECK_HEADER([$header], [], [
+                AC_MSG_ERROR([Error including $header. Please put the MagicCrypto library in $build_pwd.])
+            ], [
+            extern int dummy_int_to_make_compiler_happy;
+        ])
+    done
+fi
+
 AC_ARG_ENABLE([caam],
     [AS_HELP_STRING([--enable-caam],[Enable wolfSSL support for CAAM (default: disabled)])],
     [ ENABLED_CAAM=$enableval ],
@@ -2451,6 +2904,10 @@ then
     if test "$ENABLED_AESNI" = "yes" || test "$ENABLED_INTELASM" = "yes"
     then
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AESNI"
+        if test "$ENABLED_LINUXKM_DEFAULTS" = "yes"
+        then
+                AM_CFLAGS="$AM_CFLAGS -DWC_AES_C_DYNAMIC_FALLBACK"
+        fi
         if test "$CC" != "icc"
         then
             case $host_os in
@@ -2466,6 +2923,7 @@ then
             esac
         fi
         AS_IF([test "x$ENABLED_AESGCM" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_AESGCM"])
+        AS_IF([test "x$ENABLED_SM3" != "xno"],[AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SM3"])
     fi
 
     if test "$ENABLED_INTELASM" = "yes"
@@ -2957,6 +3415,22 @@ then
 fi
 
 
+# SM3
+AC_ARG_ENABLE([sm3],
+    [AS_HELP_STRING([--enable-sm3],[Enable wolfSSL SM3 support (default: disabled)])],
+    [ ENABLED_SM3=$enableval ],
+    [ ENABLED_SM3=no ]
+    )
+
+if test "$ENABLED_SM3" = "small"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM3_SMALL"
+fi
+if test "$ENABLED_SM3" != "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM3"
+fi
+
 # SESSION CERTS
 AC_ARG_ENABLE([sessioncerts],
     [AS_HELP_STRING([--enable-sessioncerts],[Enable session cert storing (default: disabled)])],
@@ -2966,7 +3440,7 @@ AC_ARG_ENABLE([sessioncerts],
 
 if test "x$ENABLED_NGINX" = "xyes" || test "x$ENABLED_OPENVPN" = "xyes" || \
    test "x$ENABLED_LIGHTY" = "xyes" || test "x$ENABLED_NETSNMP" = "xyes" || \
-   test "x$ENABLED_STRONGSWAN" = "xyes"
+   test "x$ENABLED_STRONGSWAN" = "xyes" || test "x$ENABLED_HITCH" = "xyes"
 then
     ENABLED_SESSIONCERTS=yes
 fi
@@ -3006,7 +3480,7 @@ AC_ARG_ENABLE([certgen],
 if test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_OPENSSH" = "yes" || \
    test "$ENABLED_BIND" = "yes" || test "$ENABLED_NTP" = "yes" || \
    test "$ENABLED_CHRONY" = "yes" || test "$ENABLED_STRONGSWAN" = "yes" || \
-   test "$ENABLED_OPENLDAP" = "yes"
+   test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
 then
     ENABLED_CERTGEN=yes
 fi
@@ -3100,6 +3574,22 @@ then
   AM_CFLAGS="$AM_CFLAGS -DHAVE_X963_KDF"
 fi
 
+# SRTP-KDF
+AC_ARG_ENABLE([srtp-kdf],
+    [AS_HELP_STRING([--enable-srtp-kdf],[Enable SRTP-KDF support (default: disabled)])],
+    [ ENABLED_SRTP_KDF=$enableval ],
+    [ ENABLED_SRTP_KDF=no ]
+    )
+if test "$ENABLED_SRTP" = "yes"
+then
+  ENABLED_SRTP_KDF="yes"
+fi
+if test "$ENABLED_SRTP_KDF" = "yes"
+then
+  AM_CFLAGS="$AM_CFLAGS -DWC_SRTP_KDF -DHAVE_AES_ECB -DWOLFSSL_AES_DIRECT"
+fi
+
+
 # DSA
 AC_ARG_ENABLE([dsa],
     [AS_HELP_STRING([--enable-dsa],[Enable DSA (default: disabled)])],
@@ -3107,7 +3597,7 @@ AC_ARG_ENABLE([dsa],
     [ ENABLED_DSA=no ]
     )
 
-if test "$enable_dsa" = ""
+if test "$enable_dsa" = "" && test "$enable_sha" != "no"
 then
     if (test "$ENABLED_OPENSSH" = "yes" && test "x$ENABLED_FIPS" = "xno") || test "$ENABLED_OPENVPN" = "yes" || test "$ENABLED_NGINX" = "yes" || test "$ENABLED_WPAS" = "yes" || test "$ENABLED_QT" = "yes" || test "$ENABLED_BIND" = "yes" || test "$ENABLED_LIBSSH2" = "yes" || test "$ENABLED_NTP" = "yes"
     then
@@ -3170,6 +3660,24 @@ then
 fi
 
 
+# SM2
+AC_ARG_ENABLE([sm2],
+    [AS_HELP_STRING([--enable-sm2],[Enable wolfSSL SM2 support (default: disabled)])],
+    [ ENABLED_SM2=$enableval ],
+    [ ENABLED_SM2=no ]
+    )
+
+if test "$ENABLED_SM2" = "yes"
+then
+    if test "$ENABLED_ECC" = "no"
+    then
+        AC_MSG_ERROR([Cannot enable SM2 without enabling ecc.])
+    fi
+
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SM2 -DWOLFSSL_BASE16"
+fi
+
+
 # ECC Custom Curves
 AC_ARG_ENABLE([ecccustcurves],
     [AS_HELP_STRING([--enable-ecccustcurves],[Enable ECC custom curves (default: disabled)])],
@@ -3220,7 +3728,7 @@ AC_ARG_ENABLE([compkey],
     [ ENABLED_COMPKEY=no ]
     )
 
-if test "$ENABLED_WPAS" = "yes"
+if test "$ENABLED_WPAS" = "yes" || test "$ENABLED_OPENSSLALL" = "yes"
 then
     ENABLED_COMPKEY=yes
 fi
@@ -3287,6 +3795,7 @@ then
     fi
 
     AM_CFLAGS="$AM_CFLAGS -DHAVE_CURVE25519"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_CURVE25519"
     ENABLED_FEMATH=yes
 fi
 
@@ -3454,6 +3963,10 @@ AC_ARG_ENABLE([eccsi],
 
 if test "x$ENABLED_ECCSI" = "xyes"
 then
+    if test "$ENABLED_ECC" = "no"
+    then
+        AC_MSG_ERROR([ECCSI requires ECC.])
+    fi
     AM_CFLAGS="$AM_CFLAGS -DWOLFCRYPT_HAVE_ECCSI -DWOLFSSL_PUBLIC_MP"
 fi
 
@@ -3464,6 +3977,11 @@ AC_ARG_ENABLE([sakke],
     [ ENABLED_SAKKE=no ]
     )
 
+if test "$ENABLED_SAKKE" != "no" && test "$ENABLED_ECC" = "no"
+then
+    AC_MSG_ERROR([SAKKE requires ECC.])
+fi
+
 if test "x$ENABLED_SAKKE" = "xsmall"
 then
     ENABLED_SAKKE="yes"
@@ -3525,47 +4043,28 @@ AC_ARG_ENABLE([errorqueue],
     [ ENABLED_ERROR_QUEUE=yes ]
     )
 
-# OLD TLS
-AC_ARG_ENABLE([oldtls],
-    [AS_HELP_STRING([--enable-oldtls],[Enable old TLS versions < 1.2 (default: enabled)])],
-    [ ENABLED_OLD_TLS=$enableval ],
-    [ ENABLED_OLD_TLS=yes ]
+
+# SSLv3
+AC_ARG_ENABLE([sslv3],
+    [AS_HELP_STRING([--enable-sslv3],[Enable SSL version 3.0 (default: disabled)])],
+    [ ENABLED_SSLV3=$enableval ],
+    [ ENABLED_SSLV3=no]
     )
 
-if test "$ENABLED_CRYPTONLY" = "yes" || test "x$ENABLED_HARDEN_TLS" != "xno"
-then
-    ENABLED_OLD_TLS=no
-fi
-if test "$ENABLED_OLD_TLS" = "no"
+if test "x$ENABLED_HAPROXY" = "xyes" && test "x$ENABLED_ALL" = "xno"
 then
-    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
-else
-    # turn off old if leanpsk or leantls on
-    if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
-    then
-        AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
-        ENABLED_OLD_TLS=no
-    fi
+    ENABLED_SSLV3="yes"
 fi
-
-
-# TLSv1.2
-AC_ARG_ENABLE([tlsv12],
-    [AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])],
-    [ ENABLED_TLSV12=$enableval ],
-    [ ENABLED_TLSV12=yes ]
-    )
-
 if test "$ENABLED_CRYPTONLY" = "yes"
 then
-    ENABLED_TLSV12=no
+    ENABLED_SSLV3=no
 fi
-if test "$ENABLED_TLSV12" = "no"
+
+if test "$ENABLED_SSLV3" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
 fi
 
-
 # TLSv1.0
 AC_ARG_ENABLE([tlsv10],
     [AS_HELP_STRING([--enable-tlsv10],[Enable old TLS versions 1.0 (default: disabled)])],
@@ -3583,28 +4082,51 @@ then
 fi
 
 
-# SSLv3
-AC_ARG_ENABLE([sslv3],
-    [AS_HELP_STRING([--enable-sslv3],[Enable SSL version 3.0 (default: disabled)])],
-    [ ENABLED_SSLV3=$enableval ],
-    [ ENABLED_SSLV3=no]
+# OLD TLS
+AC_ARG_ENABLE([oldtls],
+    [AS_HELP_STRING([--enable-oldtls],[Enable old TLS versions < 1.2 (default: disabled)])],
+    [ ENABLED_OLD_TLS=$enableval ],
+    [ ENABLED_OLD_TLS=no ]
     )
 
-if test "x$ENABLED_HAPROXY" = "xyes" && test "x$ENABLED_ALL" = "xno"
+
+if test "$ENABLED_CRYPTONLY" = "yes" || test "x$ENABLED_HARDEN_TLS" != "xno" || \
+    test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_LEANTLS" = "yes"
 then
-    ENABLED_SSLV3="yes"
+    ENABLED_OLD_TLS=no
 fi
-if test "$ENABLED_CRYPTONLY" = "yes"
+
+# if SSL v3.0 or TLS v1.0 enabled, then allow "old tls". QT also requires it apparently
+if test "$ENABLED_TLSV10" = "yes" || test "$ENABLED_SSLV3" = "yes" || \
+    (test "$ENABLED_QT" = "yes" && test "x$ENABLED_ALL" = "xno")
 then
-    ENABLED_SSLV3=no
+    ENABLED_OLD_TLS=yes
 fi
 
-if test "$ENABLED_SSLV3" = "yes"
+if test "$ENABLED_OLD_TLS" = "no"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALLOW_SSLV3"
+    AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS"
 fi
 
 
+# TLSv1.2
+AC_ARG_ENABLE([tlsv12],
+    [AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])],
+    [ ENABLED_TLSV12=$enableval ],
+    [ ENABLED_TLSV12=yes ]
+    )
+
+if test "$ENABLED_CRYPTONLY" = "yes"
+then
+    ENABLED_TLSV12=no
+fi
+if test "$ENABLED_TLSV12" = "no"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS"
+fi
+
+
+
 # STACK SIZE info for testwolfcrypt and examples
 AC_ARG_ENABLE([stacksize],
     [AS_HELP_STRING([--enable-stacksize],[Enable stack size info on examples (default: disabled)])],
@@ -4141,6 +4663,21 @@ then
   AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_CID"
 fi
 
+# DTLS 1.3 Fragment Second ClientHello
+AC_ARG_ENABLE([dtls-frag-ch],
+    [AS_HELP_STRING([--enable-dtls-frag-ch],[Enable wolfSSL DTLS 1.3 ClientHello fragmenting (default: disabled)])],
+    [ ENABLED_DTLS_CH_FRAG=$enableval ],
+    [ ENABLED_DTLS_CH_FRAG=no ]
+    )
+if test "x$ENABLED_DTLS_CH_FRAG" = "xyes"
+then
+  if test "x$ENABLED_DTLS13" != "xyes"
+  then
+    AC_MSG_ERROR([You need to enable DTLSv1.3 to use DTLS ClientHello fragmenting])
+  fi
+  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DTLS_CH_FRAG"
+fi
+
 # CODING
 AC_ARG_ENABLE([coding],
     [AS_HELP_STRING([--enable-coding],[Enable Coding base 16/64 (default: enabled)])],
@@ -4196,6 +4733,14 @@ then
 fi
 
 
+# MD4
+AC_ARG_ENABLE([md4],
+    [AS_HELP_STRING([--enable-md4],[Enable MD4 (default: disabled)])],
+    [ ENABLED_MD4=$enableval ],
+    [ ENABLED_MD4=no ]
+    )
+
+
 # DES3
 AC_ARG_ENABLE([des3],
     [AS_HELP_STRING([--enable-des3],[Enable DES3 (default: disabled)])],
@@ -4277,7 +4822,7 @@ AC_ARG_ENABLE([cmac],
     [ ENABLED_CMAC=no ]
     )
 
-if test "$ENABLED_WPAS" != "no" || test "$ENABLED_NTP" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes"
+if test "$ENABLED_WPAS" != "no" || test "$ENABLED_NTP" = "yes" || test "$ENABLED_AESSIV" = "yes" || test "$ENABLED_WOLFENGINE" = "yes" || test "$ENABLED_AESEAX" = "yes"
 then
     ENABLED_CMAC=yes
 fi
@@ -4295,6 +4840,10 @@ AC_ARG_ENABLE([xts],
 
 AS_IF([test "x$ENABLED_XTS" = "xyes"],
       [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_XTS -DWOLFSSL_AES_DIRECT"])
+AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_INTELASM" = "xyes"],
+      [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
+AS_IF([test "x$ENABLED_XTS" = "xyes" && test "x$ENABLED_AESNI" = "xyes"],
+      [AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_AES_XTS"])
 
 # Web Server Build
 AC_ARG_ENABLE([webserver],
@@ -4506,10 +5055,11 @@ AS_CASE([$FIPS_VERSION],
         AS_IF([test "x$ENABLED_DES3" = "xno"],[ENABLED_DES3="yes"])
     ])
 
-AS_IF([test "x$ENABLED_FIPS" = "xyes" && test "x$thread_ls_on" = "xno"],
+AS_IF([test "x$ENABLED_FIPS" = "xyes" && test "x$thread_ls_on" = "xno" && test "$ENABLE_LINUXKM" = "no"],
     [AC_MSG_ERROR([FIPS requires Thread Local Storage])])
 
-
+AS_IF([(test "$ENABLED_NULL_CIPHER" = "yes" || test "$ENABLED_LEANPSK" = "yes") && test "$ENABLED_FIPS" != "no" && test "$FIPS_VERSION" != "dev"],
+    [AC_MSG_ERROR([FIPS is incompatible with nullcipher])])
 
 # SELFTEST
 AC_ARG_ENABLE([selftest],
@@ -4971,21 +5521,22 @@ AC_ARG_WITH([wnr],
 
 
 # SNI
+# enable SNI automatically for x86_64/x86/aarch64/amd64
+SNI_DEFAULT=no
+if test "$host_cpu" = "x86_64" || test "$host_cpu" = "x86" || test "$host_cpu" = "aarch64" || test "$host_cpu" = "amd64"
+then
+    SNI_DEFAULT=yes
+fi
 AC_ARG_ENABLE([sni],
-    [AS_HELP_STRING([--enable-sni],[Enable SNI (default: disabled)])],
+    [AS_HELP_STRING([--enable-sni],[Enable SNI (default: enabled on x86_64/x86/aarch64/amd64)])],
     [ ENABLED_SNI=$enableval ],
-    [ ENABLED_SNI=no ]
+    [ ENABLED_SNI=$SNI_DEFAULT ]
     )
-if test "x$ENABLED_QT" = "xyes"
+if test "x$ENABLED_QT" = "xyes" || test "$ENABLED_QUIC" = "yes"
 then
     ENABLED_SNI="yes"
 fi
 
-if test "$ENABLED_QUIC" = "yes"
-then
-    ENABLED_SNI=yes
-fi
-
 if test "x$ENABLED_SNI" = "xyes"
 then
     AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI"
@@ -5362,6 +5913,9 @@ then
         ENABLED_AESCFB="yes"
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_CFB"
     fi
+
+    # Requires public mp_
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP"
 fi
 
 if test "x$ENABLED_SMIME" = "xyes"
@@ -5551,7 +6105,10 @@ AC_ARG_ENABLE([jni],
     )
 if test "$ENABLED_JNI" = "yes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI -DHAVE_EX_DATA"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_JNI"
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_EX_DATA"
+    AM_CFLAGS="$AM_CFLAGS -DKEEP_PEER_CERT"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALWAYS_VERIFY_CB"
 
     # Enable prereqs if not already enabled
     if test "x$ENABLED_DTLS" = "xno"
@@ -5633,6 +6190,18 @@ then
         ENABLED_CERTGEN="yes"
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_GEN"
     fi
+    # wolfCrypt JNI/JCE uses keygen, enable by default here so
+    # both JCE and JSSE builds can use --enable-jni
+    if test "x$ENABLED_KEYGEN" = "xno"
+    then
+        ENABLED_KEYGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+    fi
+    if test "x$ENABLED_CERTREQ" = "xno"
+    then
+        ENABLED_CERTREQ="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CERT_REQ"
+    fi
     if test "x$ENABLED_SNI" = "xno"
     then
         ENABLED_SNI="yes"
@@ -5643,6 +6212,14 @@ then
         ENABLED_ALPN="yes"
         AM_CFLAGS="$AM_CFLAGS -DHAVE_ALPN"
     fi
+    if test "x$ENABLED_ALT_CERT_CHAINS" = "xno"
+    then
+        ENABLED_ALT_CERT_CHAINS="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
+    fi
+
+    # cert gen requires alt names
+    ENABLED_ALTNAMES="yes"
 fi
 
 if test "$ENABLED_LIGHTY" = "yes"
@@ -5682,6 +6259,8 @@ fi
 if test "$ENABLED_NGINX" = "yes"
 then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NGINX -DWOLFSSL_SIGNER_DER_CERT"
+    AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS"
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ERROR_CODE_OPENSSL"
 fi
 
 if test "$ENABLED_HAPROXY" = "yes"
@@ -5797,6 +6376,51 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DES_ECB -DHAVE_EX_DATA -DWOLFSSL_KEY_GEN"
 fi
 
+if test "$ENABLED_HITCH" = "yes"
+then
+    # Requires opensslextra make sure on
+    if test "x$ENABLED_OPENSSLEXTRA" = "xno" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
+    then
+        ENABLED_OPENSSLEXTRA="yes"
+        AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
+    fi
+
+    # Requires OCSP make sure on
+    if test "x$ENABLED_OCSP" = "xno"
+    then
+        ENABLED_OCSP="yes"
+    fi
+
+    # Requires ALPN
+    if test "x$ENABLED_ALPN" = "xno"
+    then
+        ENABLED_ALPN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_ALPN"
+    fi
+
+    if test "x$ENABLED_KEYGEN" = "xno"
+    then
+        ENABLED_KEYGEN="yes"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_KEY_GEN"
+    fi
+
+    # Requires sessioncerts make sure on
+    if test "x$ENABLED_SESSIONCERTS" = "xno"
+    then
+        ENABLED_SESSIONCERTS="yes"
+        AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS"
+    fi
+
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HITCH -DHAVE_EX_DATA -DWOLFSSL_SIGNER_DER_CERT"
+    AM_CFLAGS="$AM_CFLAGS -DOPENSSL_COMPATIBLE_DEFAULTS -DWOLFSSL_CIPHER_INTERNALNAME"
+fi
+
+if test "$ENABLED_MEMCACHED" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SESSION_ID_CTX"
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DHAVE_MEMCACHED"
+fi
+
 
 if test "$ENABLED_NGINX" = "yes"|| test "x$ENABLED_HAPROXY" = "xyes" || test "x$ENABLED_LIGHTY" = "xyes"
 then
@@ -6062,6 +6686,11 @@ AC_ARG_ENABLE([curl],
 # curl support requires all the features enabled within this conditional.
 if test "$ENABLED_CURL" = "yes"
 then
+    if test "$ENABLED_MD4" = "no"
+    then
+        ENABLED_MD4="yes"
+    fi
+
     if test "x$ENABLED_DES3" = "xno"
     then
         ENABLED_DES3="yes"
@@ -6276,14 +6905,6 @@ then
     fi
 fi
 
-# MD4
-AC_ARG_ENABLE([md4],
-    [AS_HELP_STRING([--enable-md4],[Enable MD4 (default: disabled)])],
-    [ ENABLED_MD4=$enableval ],
-    [ ENABLED_MD4=no ]
-    )
-
-
 if test "$ENABLED_MD4" = "no"
 then
     #turn on MD4 if using stunnel
@@ -6584,7 +7205,7 @@ AC_ARG_WITH([cavium-v],
         ENABLED_CAVIUM_V=yes
     ],
     [
-        ENABLED_CAVIUM_=no
+        ENABLED_CAVIUM=no
         ENABLED_CAVIUM_V=no
     ]
 )
@@ -6695,6 +7316,7 @@ ENABLED_SP_ECC=no
 ENABLED_SP_EC_256=no
 ENABLED_SP_EC_384=no
 ENABLED_SP_EC_521=no
+ENABLED_SP_SM2=$ENABLED_SM2
 ENABLED_SP_SAKKE_1024=$ENABLED_SAKKE
 ENABLED_SP_NO_MALLOC=no
 ENABLED_SP_NONBLOCK=no
@@ -6786,6 +7408,15 @@ do
     ENABLED_SP_ECC=yes
     ENABLED_SP_SAKKE_1024=yes
     ;;
+  smallsm2)
+    ENABLED_SP_SMALL=yes
+    ENABLED_SP_ECC=yes
+    ENABLED_SP_SM2=yes
+    ;;
+  sm2)
+    ENABLED_SP_ECC=yes
+    ENABLED_SP_SM2=yes
+    ;;
 
   small2048)
     ENABLED_SP_SMALL=yes
@@ -6933,6 +7564,10 @@ if test "$ENABLED_ECC" != "no" && test "$ENABLED_SP_ECC" = "yes"; then
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_1024"
         AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_1024"
     fi
+    if test "$ENABLED_SP_SM2" = "yes"; then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SM2"
+        AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_SM2"
+    fi
 fi
 if test "$ENABLED_SP_SMALL" = "yes"; then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_SMALL"
@@ -7096,21 +7731,47 @@ if test "$ENABLED_SP_ASM" = "yes" && test "$ENABLED_SP" = "yes"; then
     AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM64_ASM"
     ENABLED_SP_ARM64_ASM=yes
     ;;
+  *armv7a*)
+    if test "$ENABLED_ARMASM" = "no"; then
+      AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-a -mfpu=neon -DWOLFSSL_ARM_ARCH=7 -marm"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    ENABLED_SP_ARM32_ASM=yes
+    ;;
+  *cortex* | *armv7m*)
+    if test "$ENABLED_ARMASM" = "no"; then
+        AM_CPPFLAGS="$AM_CPPFLAGS -march=armv7-r -D__thumb__ -DWOLFSSL_ARM_ARCH=7"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
+    ENABLED_SP_ARM_CORTEX_ASM=yes
+    ;;
+  *armv6*)
+    if test "$ENABLED_ARMASM" = "no"; then
+      AM_CPPFLAGS="$AM_CPPFLAGS -march=armv6 -DWOLFSSL_ARM_ARCH=6"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    ENABLED_SP_ARM32_ASM=yes
+    ;;
+  *armv4*)
+    if test "$ENABLED_ARMASM" = "no"; then
+      AM_CPPFLAGS="$AM_CPPFLAGS -march=armv4 -DWOLFSSL_ARM_ARCH=4"
+    fi
+    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+    ENABLED_SP_ARM32_ASM=yes
+    ;;
   *arm*)
     if test "$host_alias" = "thumb" || test "$ARM_TARGET" = "thumb"; then
       AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
       AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_THUMB_ASM"
       ENABLED_SP_ARM_THUMB_ASM=yes
     else
-      if test "$host_alias" = "cortex" || test "$ARM_TARGET" = "cortex"; then
-        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
-        AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM_CORTEX_M_ASM"
-        ENABLED_SP_ARM_CORTEX_ASM=yes
-      else
-        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
-        AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
-        ENABLED_SP_ARM32_ASM=yes
-      fi
+      AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_SP_ARM32_ASM"
+      AM_CCASFLAGS="$AM_CCASFLAGS -DWOLFSSL_SP_ARM32_ASM"
+      ENABLED_SP_ARM32_ASM=yes
     fi
     ;;
   *x86_64* | *amd64*)
@@ -7358,6 +8019,30 @@ then
     AC_MSG_ERROR([please use --with-libz if enabling mcapi.])
 fi
 
+
+# cryptodev is old name, replaced with cryptocb
+AC_ARG_ENABLE([cryptodev],
+    [AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
+    [ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
+
+# Support for crypto callbacks
+AC_ARG_ENABLE([cryptocb],
+    [AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
+    [ ENABLED_CRYPTOCB=$enableval ],
+    [ ENABLED_CRYPTOCB=no ]
+    )
+
+if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
+then
+    ENABLED_CRYPTOCB=yes
+fi
+if test "$ENABLED_CRYPTOCB" = "yes"
+then
+    AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
+fi
+
+
+
 # Asynchronous Crypto
 AC_ARG_ENABLE([asynccrypt],
     [AS_HELP_STRING([--enable-asynccrypt],[Enable Asynchronous Crypto (default: disabled)])],
@@ -7380,6 +8065,7 @@ fi
 
 if test "$ENABLED_ASYNCCRYPT" = "yes"
 then
+    AC_MSG_NOTICE([Enabling asynchronous support])
     if ! test -f ${srcdir}/wolfcrypt/src/async.c || ! test -f ${srcdir}/wolfssl/wolfcrypt/async.h
     then
         AC_MSG_ERROR([--enable-asynccrypt requested, but WOLFSSL_ASYNC_CRYPT source files are missing.])
@@ -7389,15 +8075,14 @@ then
 
     # If no async backend (hardware or software) has been explicitly enabled,
     # use the software backend for testing.
-    if test "x$ENABLED_CAVIUM" = "xno" && test "x$ENABLED_INTEL_QA" = "xno" &&
-       test "x$ENABLED_ASYNCCRYPT_SW" = "xno"
+    if test "x$ENABLED_CAVIUM" != "xyes" && test "x$ENABLED_INTEL_QA" != "xyes" && test "x$ENABLED_CRYPTOCB" != "xyes" && test "x$ENABLED_PKCALLBACKS" != "xyes" && test "x$ENABLED_ASYNCCRYPT_SW" != "xyes"
     then
-        # Async threading is Linux specific
+        AC_MSG_NOTICE([Enabling asynchronous software simulator])
         AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ASYNC_CRYPT_SW"
+        ENABLED_ASYNCCRYPT_SW=yes
     fi
 fi
 
-
 # check for async if using Intel QuckAssist or Cavium
 if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
     if test "x$ENABLED_ASYNCCRYPT" = "xno" ; then
@@ -7405,8 +8090,7 @@ if test "x$ENABLED_INTEL_QA" = "xyes" || test "x$ENABLED_CAVIUM" = "xyes" ; then
     fi
 fi
 
-
-# Asynchronous threading
+# Asynchronous threading (Linux specific)
 AC_ARG_ENABLE([asyncthreads],
     [AS_HELP_STRING([--enable-asyncthreads],[Enable Asynchronous Threading (default: enabled)])],
     [ ENABLED_ASYNCTHREADS=$enableval ],
@@ -7429,28 +8113,6 @@ else
 fi
 
 
-# cryptodev is old name, replaced with cryptocb
-AC_ARG_ENABLE([cryptodev],
-    [AS_HELP_STRING([--enable-cryptodev],[DEPRECATED, use cryptocb instead])],
-    [ ENABLED_CRYPTOCB=$enableval ],[ ENABLED_CRYPTOCB=no ])
-
-# Support for crypto callbacks
-AC_ARG_ENABLE([cryptocb],
-    [AS_HELP_STRING([--enable-cryptocb],[Enable crypto callbacks (default: disabled)])],
-    [ ENABLED_CRYPTOCB=$enableval ],
-    [ ENABLED_CRYPTOCB=no ]
-    )
-
-if test "x$ENABLED_PKCS11" = "xyes" || test "x$ENABLED_WOLFTPM" = "xyes" || test "$ENABLED_CAAM" != "no"
-then
-    ENABLED_CRYPTOCB=yes
-fi
-if test "$ENABLED_CRYPTOCB" = "yes"
-then
-    AM_CFLAGS="$AM_CFLAGS -DWOLF_CRYPTO_CB"
-fi
-
-
 # Session Export
 AC_ARG_ENABLE([sessionexport],
     [AS_HELP_STRING([--enable-sessionexport],[Enable export and import of sessions (default: disabled)])],
@@ -7532,13 +8194,13 @@ then
     AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_HASH_FLAGS"
 fi
 
-# Support for enabling setting default DH parameters in
+# Support for enabling setting default DH parameters in TLS
 AC_ARG_ENABLE([defaultdhparams],
-    [AS_HELP_STRING([--enable-dhdefaultparams],[Enables option for default dh parameters (default: disabled)])],
+    [AS_HELP_STRING([--enable-defaultdhparams],[Enables option for default dh parameters (default: disabled)])],
     [ ENABLED_DHDEFAULTPARAMS=$enableval ],
-    [ ENABLED_DHDEFAULTPARAMS=no ]
+    [ ENABLED_DHDEFAULTPARAMS=yes ]
     )
-if test "$ENABLED_DHDEFAULTPARAMS" = "yes" || test "$ENABLED_QT" = "no"
+if test "x$ENABLED_DH" = "xyes" && test "x$ENABLED_DHDEFAULTPARAMS" = "xyes" && test "x$ENABLED_QT" != "xyes"
 then
     ENABLED_DHDEFAULTPARAMS=yes
     AM_CFLAGS="$AM_CFLAGS -DHAVE_DH_DEFAULT_PARAMS"
@@ -7663,18 +8325,33 @@ AC_ARG_ENABLE([sys-ca-certs],
 # (for now checking both C_FLAGS and C_EXTRA_FLAGS)
 AS_CASE(["$CFLAGS $CPPFLAGS"],[*'WOLFSSL_TRUST_PEER_CERT'*],[ENABLED_TRUSTED_PEER_CERT=yes])
 
+# Allows disabling the OPENSSL_COMPATIBLE_DEFAULTS macro
+AC_ARG_ENABLE([openssl-compatible-defaults],
+    [AS_HELP_STRING([--disable-openssl-compatible-defaults],[Disable OpenSSL compatible defaults when enabled by other options (default: enabled)])],
+    [ ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=$enableval ],
+    [ ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes ]
+    )
 
 AS_CASE(["$CFLAGS $CPPFLAGS $AM_CFLAGS"],[*'OPENSSL_COMPATIBLE_DEFAULTS'*],
-    [ENABLED_OPENSSL_COMPATIBLE_DEFAULTS=yes])
-if test "x$ENABLED_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
+    [FOUND_OPENSSL_COMPATIBLE_DEFAULTS=yes])
+if test "x$FOUND_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
 then
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TRUST_PEER_CERT"
-    AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE_REF"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PRIORITIZE_PSK"
-    AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CHECK_ALERT_ON_ERR"
-    ENABLED_TRUSTED_PEER_CERT=yes
+    if test "x$ENABLED_OPENSSL_COMPATIBLE_DEFAULTS" = "xyes"
+    then
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TRUST_PEER_CERT"
+        AM_CFLAGS="$AM_CFLAGS -DNO_SESSION_CACHE_REF"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_ALT_CERT_CHAINS"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PRIORITIZE_PSK"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_CHECK_ALERT_ON_ERR"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_TICKET_HAVE_ID"
+        AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OCSP_ISSUER_CHECK"
+        ENABLED_TRUSTED_PEER_CERT=yes
+    else
+        CFLAGS=$(printf "%s" "$CFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+        CPPFLAGS=$(printf "%s" "$CPPFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+        AM_CFLAGS=$(printf "%s" "$AM_CFLAGS" | sed 's/-DOPENSSL_COMPATIBLE_DEFAULTS//g')
+    fi
 fi
 
 # determine if we have key validation mechanism
@@ -7739,16 +8416,30 @@ then
 
     case $host_os in
         *darwin*)
-            AC_CHECK_HEADERS([Security/SecTrustSettings.h],
-                [
-                    # For Mac we need these frameworks to load system CA certs
-                    LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
-                ],
+            # Headers used for MacOS default system CA certs behavior. Only MacOS SDK will have this header
+            AC_CHECK_HEADERS([Security/SecTrustSettings.h])
+            # Headers used for Apple native cert validation. All device SDKs should have these headers
+            AC_CHECK_HEADERS([Security/SecCertificate.h])
+            AC_CHECK_HEADERS([Security/SecTrust.h])
+            AC_CHECK_HEADERS([Security/SecPolicy.h])
+            # Either Security/SecTrustSettings (for MacOS cert loading), or the
+            # trio of Security/SecCertificate.h, Security/SecTrust.h, and
+            # Security/SecPolicy.h (for native trust APIs on other apple devices)
+            # must be present. Default to SecTrustSettings method on MacOS.
+            AS_IF([test "$ac_cv_header_Security_SecTrustSettings_h" = "yes" \
+                   || (test "$ac_cv_header_Security_SecCertificate_h" = "yes" \
+                       && test "$ac_cv_header_Security_SecTrust_h" = "yes" \
+                       && test "$ac_cv_header_Security_SecPolicy_h" = "yes")],
+            [
+                LDFLAGS="$LDFLAGS -framework CoreFoundation -framework Security"
+                AS_IF([test "$ac_cv_header_Security_SecTrustSettings_h" != "yes"],
                 [
-                    AC_MSG_NOTICE([Can't enable system CA certs without Security/SecTrustSettings.h])
-                    ENABLED_SYS_CA_CERTS="no"
-                ]
-            )
+                  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
+                ])
+            ],
+            [
+              AC_MSG_ERROR([Unable to find Apple Security.framework headers])
+            ])
             ;;
     esac
 fi
@@ -7815,6 +8506,9 @@ then
 
     # Uses alt name
     ENABLED_ALTNAMES="yes"
+
+    AM_CFLAGS="$AM_CFLAGS -DHAVE_OID_ENCODING -DWOLFSSL_NO_ASN_STRICT"
+
 fi
 
 if test "$ENABLED_STRONGSWAN" = "yes"; then
@@ -7837,7 +8531,7 @@ if test "$ENABLED_OPENSSH" = "yes" || test "$ENABLED_NGINX" = "yes" || \
    test "$ENABLED_LIBWEBSOCKETS" = "yes" || \
    test "x$ENABLED_LIGHTY" = "xyes" || test "$ENABLED_LIBSSH2" = "yes" || \
    test "x$ENABLED_NTP" = "xyes" || test "$ENABLED_RSYSLOG" = "yes" || \
-   test "$ENABLED_OPENLDAP" = "yes"
+   test "$ENABLED_OPENLDAP" = "yes" || test "$ENABLED_HITCH" = "yes"
 then
     ENABLED_OPENSSLEXTRA="yes"
 fi
@@ -8009,6 +8703,8 @@ AS_IF([test "x$ENABLED_CERTEXT" = "xyes"],
 
 AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
       [AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519"])
+AS_IF([test "x$ENABLED_ED25519" = "xyes" && test "x$ENABLED_32BIT" = "xno"],
+      [AM_CCASFLAGS="$AM_CCASFLAGS -DHAVE_ED25519"])
 
 AS_IF([test "x$ENABLED_ED25519_SMALL" = "xyes"],
       [AM_CFLAGS="$AM_CFLAGS -DED25519_SMALL"])
@@ -8045,6 +8741,9 @@ then
     AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS"
 fi
 
+AS_IF([test "x$ENABLED_AESBS" = "xyes" && test "x$ENABLED_ARMASM" = "xyes"],
+      [AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AES_DIRECT"])
+
 if test "$ENABLED_HMAC" = "no"
 then
     AM_CFLAGS="$AM_CFLAGS -DNO_HMAC"
@@ -8052,18 +8751,13 @@ fi
 
 if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "x$ENABLED_OPENSSLCOEXIST" = "xno"
 then
-  AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA -DWOLFSSL_ALWAYS_VERIFY_CB"
-  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_VERIFY_CB_ALL_CERTS -DWOLFSSL_EXTRA_ALERTS"
-  AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE -DWOLFSSL_FORCE_CACHE_ON_TICKET"
-  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_AKID_NAME -DHAVE_CTS"
+  AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA"
 fi
 
 if test "$ENABLED_OPENSSLEXTRA" = "x509small"
 then
   AC_MSG_NOTICE([Enabling only a subset of X509 opensslextra])
   AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL"
-  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EKU_OID -DWOLFSSL_MULTI_ATTRIB"
-  AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_OPENSSL_RAND_CB"
 fi
 
 if test "$ENABLED_WOLFSCEP" = "yes"
@@ -8262,6 +8956,11 @@ if test "x$ENABLED_OPENSSLCOEXIST" = "xyes"; then
     fi
 fi
 
+if test "$ENABLED_WOLFSSH" = "yes" && test "$ENABLED_HMAC" = "no"
+then
+    AC_MSG_ERROR([WOLFSSH requires HMAC.])
+fi
+
 AS_IF([test "x$ENABLED_WOLFSSH" = "xyes"],[AM_CPPFLAGS="$AM_CPPFLAGS -DWOLFSSL_WOLFSSH"])
 
 # only allow secure renegotiation info with TLSV12 and ASN
@@ -8473,9 +9172,11 @@ AM_CONDITIONAL([BUILD_SNIFFER],  [ test "x$ENABLED_SNIFFER"   = "xyes" || test "
 AM_CONDITIONAL([BUILD_SNIFFTEST],[ test "x$ENABLED_SNIFFTEST" = "xyes"])
 AM_CONDITIONAL([BUILD_AESGCM],[test "x$ENABLED_AESGCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_AESCCM],[test "x$ENABLED_AESCCM" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_XTS],[test "x$ENABLED_XTS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_ARMASM],[test "x$ENABLED_ARMASM" = "xyes"])
 AM_CONDITIONAL([BUILD_ARMASM_INLINE],[test "x$ENABLED_ARMASM_INLINE" = "xyes"])
 AM_CONDITIONAL([BUILD_ARMASM_CRYPTO],[test "x$ENABLED_ARMASM_CRYPTO" = "xyes"])
+AM_CONDITIONAL([BUILD_ARMASM_NEON],[test "x$ENABLED_ARMASM_NEON" = "xyes"])
 AM_CONDITIONAL([BUILD_XILINX],[test "x$ENABLED_XILINX" = "xyes"])
 AM_CONDITIONAL([BUILD_AESNI],[test "x$ENABLED_AESNI" = "xyes"])
 AM_CONDITIONAL([BUILD_INTELASM],[test "x$ENABLED_INTELASM" = "xyes"])
@@ -8503,6 +9204,8 @@ AM_CONDITIONAL([BUILD_FE448], [test "x$ENABLED_FE448" = "xyes" || test "x$ENABLE
 AM_CONDITIONAL([BUILD_GE448], [test "x$ENABLED_GE448" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_CURVE448],[test "x$ENABLED_CURVE448" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_CURVE448_SMALL],[test "x$ENABLED_CURVE448_SMALL" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_WC_LMS],[test "x$ENABLED_WC_LMS" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_WC_XMSS],[test "x$ENABLED_WC_XMSS" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_WC_KYBER],[test "x$ENABLED_WC_KYBER" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_ECCSI],[test "x$ENABLED_ECCSI" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_SAKKE],[test "x$ENABLED_SAKKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
@@ -8531,6 +9234,9 @@ AM_CONDITIONAL([BUILD_SHA3],[test "x$ENABLED_SHA3" != "xno" || test "x$ENABLED_U
 AM_CONDITIONAL([BUILD_POLY1305],[test "x$ENABLED_POLY1305" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_CHACHA],[test "x$ENABLED_CHACHA" = "xyes" || test "x$ENABLED_CHACHA" = "xnoasm" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_XCHACHA],[test "x$ENABLED_XCHACHA" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM2],[test "x$ENABLED_SM2" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM3],[test "x$ENABLED_SM3" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
+AM_CONDITIONAL([BUILD_SM4],[test "x$ENABLED_SM4" != "xno" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_INLINE],[test "x$ENABLED_INLINE" = "xyes"])
 AM_CONDITIONAL([BUILD_OCSP],[test "x$ENABLED_OCSP" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_OCSP_STAPLING],[test "x$ENABLED_CERTIFICATE_STATUS_REQUEST" = "xyes"])
@@ -8539,6 +9245,8 @@ AM_CONDITIONAL([BUILD_CRL],[test "x$ENABLED_CRL" != "xno" || test "x$ENABLED_USE
 AM_CONDITIONAL([BUILD_CRL_MONITOR],[test "x$ENABLED_CRL_MONITOR" = "xyes"])
 AM_CONDITIONAL([BUILD_USER_RSA],[test "x$ENABLED_USER_RSA" = "xyes"] )
 AM_CONDITIONAL([BUILD_USER_CRYPTO],[test "x$ENABLED_USER_CRYPTO" = "xyes"])
+AM_CONDITIONAL([BUILD_LIBLMS],[test "x$ENABLED_LIBLMS" = "xyes"])
+AM_CONDITIONAL([BUILD_LIBXMSS],[test "x$ENABLED_LIBXMSS" = "xyes"])
 AM_CONDITIONAL([BUILD_LIBOQS],[test "x$ENABLED_LIBOQS" = "xyes"])
 AM_CONDITIONAL([BUILD_WNR],[test "x$ENABLED_WNR" = "xyes"])
 AM_CONDITIONAL([BUILD_SRP],[test "x$ENABLED_SRP" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
@@ -8614,6 +9322,7 @@ AM_CONDITIONAL([BUILD_DTLS_CID],[test "x$ENABLED_DTLS_CID" = "xyes"])
 AM_CONDITIONAL([BUILD_HPKE],[test "x$ENABLED_HPKE" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_DTLS],[test "x$ENABLED_DTLS" = "xyes" || test "x$ENABLED_USERSETTINGS" = "xyes"])
 AM_CONDITIONAL([BUILD_MAXQ10XX],[test "x$ENABLED_MAXQ10XX" = "xyes"])
+AM_CONDITIONAL([BUILD_ARIA],[test "x$ENABLED_ARIA" = "xyes"])
 
 if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes" &&
    (test "$ax_enable_debug" = "yes" ||
@@ -8648,8 +9357,9 @@ AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h])
 AC_CONFIG_FILES([Makefile
         wolfssl/version.h
         wolfssl/options.h
-        cyassl/options.h
         support/wolfssl.pc
+        debian/control
+        debian/changelog
         rpm/spec
         wolfcrypt/test/test_paths.h
         ])
@@ -8690,8 +9400,10 @@ fi
 
 if test "$ENABLED_REPRODUCIBLE_BUILD" != "yes"
 then
-    echo "#define LIBWOLFSSL_CONFIGURE_ARGS \"$ac_configure_args\"" | sed 's/\\/\\\\/g' > "${output_objdir}/.build_params" &&
-        echo "#define LIBWOLFSSL_GLOBAL_CFLAGS \"$CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS\" LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS" | sed 's/\\/\\\\/g' >> "${output_objdir}/.build_params" ||
+    ESCAPED_ARGS=$(echo "$ac_configure_args" | sed 's/\\/\\\\/g;s/\"/\\\"/g')
+    ESCAPED_GLOBAL_CFLAGS=$(echo "$CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS" | sed 's/\\/\\\\/g;s/\"/\\\"/g')
+    echo "#define LIBWOLFSSL_CONFIGURE_ARGS \"$ESCAPED_ARGS\"" > "${output_objdir}/.build_params" &&
+        echo "#define LIBWOLFSSL_GLOBAL_CFLAGS \"$ESCAPED_GLOBAL_CFLAGS\" LIBWOLFSSL_GLOBAL_EXTRA_CFLAGS" >> "${output_objdir}/.build_params" ||
         AC_MSG_ERROR([Couldn't create ${output_objdir}/.build_params.])
 else
     rm -f "${output_objdir}/.build_params"
@@ -8723,16 +9435,17 @@ echo "extern \"C\" {" >> $OPTION_FILE
 echo "#endif" >> $OPTION_FILE
 echo "" >> $OPTION_FILE
 
-# check for supported command to trim option with
+# Check for supported command to trim option with.
+# note: cut requires an argument to exit with success.
 if colrm >/dev/null 2>&1 </dev/null; then
     TRIM="colrm 3"
-elif cut >/dev/null 2>&1 </dev/null; then
+elif cut --version >/dev/null 2>&1 </dev/null; then
     TRIM="cut -c1-2"
 else
     AC_MSG_ERROR([Could not find colrm or cut to make options file])
 fi
 
-for option in $CPPFLAGS $AM_CPPFLAGS $CFLAGS $AM_CFLAGS; do
+for option in $AM_CPPFLAGS $CPPFLAGS $AM_CFLAGS $CFLAGS; do
     opt_type=$(echo $option | $TRIM )
     case "$opt_type" in
     -D)
@@ -8789,32 +9502,10 @@ echo "" >> $OPTION_FILE
 echo "#endif /* WOLFSSL_OPTIONS_H */" >> $OPTION_FILE
 echo "" >> $OPTION_FILE
 
-#backwards compatibility for those who have included options or version
-touch cyassl/options.h
-echo "/* cyassl options.h" > cyassl/options.h
-echo " * generated from wolfssl/options.h" >> cyassl/options.h
-echo " */" >> cyassl/options.h
-
-while read -r line
-do
-    echo "$line" >> cyassl/options.h
-done < $OPTION_FILE
-
-# switch ifdef protection in cyassl/option.h to CYASSL_OPTONS_H, remove bak
-sed -i.bak 's/WOLFSSL_OPTIONS_H/CYASSL_OPTIONS_H/g' cyassl/options.h
-
-# workaround for mingw sed that may get "Permission denied" trying to preserve permissions
-case $host_os in
-    mingw*)
-        chmod u+w cyassl/options.h ;;
-esac
-
-rm cyassl/options.h.bak
-
 if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_LINUXKM" = "no"
 then
     SAVE_CFLAGS=$CFLAGS
-    CFLAGS="$CFLAGS -I. -I$srcdir"
+    CFLAGS="$CFLAGS $DEFS -I. -I$srcdir"
     if test "$ENABLED_INTEL_QA" = "yes"
     then
         CFLAGS="$CFLAGS $QAT_FLAGS"
@@ -8923,8 +9614,16 @@ echo "   * AES-CTR:                    $ENABLED_AESCTR"
 echo "   * AES-CFB:                    $ENABLED_AESCFB"
 echo "   * AES-OFB:                    $ENABLED_AESOFB"
 echo "   * AES-SIV:                    $ENABLED_AESSIV"
+echo "   * AES-EAX:                    $ENABLED_AESEAX"
+echo "   * AES Bitspliced:             $ENABLED_AESBS"
+echo "   * ARIA:                       $ENABLED_ARIA"
 echo "   * DES3:                       $ENABLED_DES3"
 echo "   * Camellia:                   $ENABLED_CAMELLIA"
+echo "   * SM4-ECB:                    $ENABLED_SM4_ECB"
+echo "   * SM4-CBC:                    $ENABLED_SM4_CBC"
+echo "   * SM4-CTR:                    $ENABLED_SM4_CTR"
+echo "   * SM4-GCM:                    $ENABLED_SM4_GCM"
+echo "   * SM4-CCM:                    $ENABLED_SM4_CCM"
 echo "   * NULL Cipher:                $ENABLED_NULL_CIPHER"
 echo "   * MD2:                        $ENABLED_MD2"
 echo "   * MD4:                        $ENABLED_MD4"
@@ -8937,6 +9636,7 @@ echo "   * SHA-512:                    $ENABLED_SHA512"
 echo "   * SHA3:                       $ENABLED_SHA3"
 echo "   * SHAKE128:                   $ENABLED_SHAKE128"
 echo "   * SHAKE256:                   $ENABLED_SHAKE256"
+echo "   * SM3:                        $ENABLED_SM3"
 echo "   * BLAKE2:                     $ENABLED_BLAKE2"
 echo "   * BLAKE2S:                    $ENABLED_BLAKE2S"
 echo "   * SipHash:                    $ENABLED_SIPHASH"
@@ -8951,11 +9651,13 @@ echo "   * XCHACHA:                    $ENABLED_XCHACHA"
 echo "   * Hash DRBG:                  $ENABLED_HASHDRBG"
 echo "   * MmemUse Entropy:            $ENABLED_ENTROPY_MEMUSE"
 echo "   * PWDBASED:                   $ENABLED_PWDBASED"
+echo "   * Encrypted keys:             $ENABLED_ENCKEYS"
 echo "   * scrypt:                     $ENABLED_SCRYPT"
 echo "   * wolfCrypt Only:             $ENABLED_CRYPTONLY"
 echo "   * HKDF:                       $ENABLED_HKDF"
 echo "   * HPKE:                       $ENABLED_HPKE"
 echo "   * X9.63 KDF:                  $ENABLED_X963KDF"
+echo "   * SRTP-KDF:                   $ENABLED_SRTP_KDF"
 echo "   * PSK:                        $ENABLED_PSK"
 echo "   * Poly1305:                   $ENABLED_POLY1305"
 echo "   * LEANPSK:                    $ENABLED_LEANPSK"
@@ -8971,12 +9673,20 @@ echo "   * ECC Minimum Bits:           $ENABLED_ECCMINSZ"
 echo "   * FPECC:                      $ENABLED_FPECC"
 echo "   * ECC_ENCRYPT:                $ENABLED_ECC_ENCRYPT"
 echo "   * Brainpool:                  $ENABLED_BRAINPOOL"
+echo "   * SM2:                        $ENABLED_SM2"
 echo "   * CURVE25519:                 $ENABLED_CURVE25519"
 echo "   * ED25519:                    $ENABLED_ED25519"
 echo "   * ED25519 streaming:          $ENABLED_ED25519_STREAM"
 echo "   * CURVE448:                   $ENABLED_CURVE448"
 echo "   * ED448:                      $ENABLED_ED448"
 echo "   * ED448 streaming:            $ENABLED_ED448_STREAM"
+echo "   * LMS:                        $ENABLED_LMS"
+echo "   * LMS wolfSSL impl:           $ENABLED_WC_LMS"
+echo "   * XMSS:                       $ENABLED_XMSS"
+echo "   * XMSS wolfSSL impl:          $ENABLED_WC_XMSS"
+if test "$ENABLED_LIBXMSS" = "yes"; then
+echo "   * XMSS_ROOT:                  $XMSS_ROOT"
+fi
 echo "   * KYBER:                      $ENABLED_KYBER"
 echo "   * KYBER wolfSSL impl:         $ENABLED_WC_KYBER"
 echo "   * ECCSI                       $ENABLED_ECCSI"
@@ -9006,6 +9716,8 @@ echo "   * SIGNAL:                     $ENABLED_SIGNAL"
 echo "   * chrony:                     $ENABLED_CHRONY"
 echo "   * strongSwan:                 $ENABLED_STRONGSWAN"
 echo "   * OpenLDAP:                   $ENABLED_OPENLDAP"
+echo "   * hitch:                      $ENABLED_HITCH"
+echo "   * memcached:                  $ENABLED_MEMCACHED"
 echo "   * ERROR_STRINGS:              $ENABLED_ERROR_STRINGS"
 echo "   * DTLS:                       $ENABLED_DTLS"
 echo "   * DTLS v1.3:                  $ENABLED_DTLS13"
@@ -9031,6 +9743,8 @@ echo "   * Persistent session cache:   $ENABLED_SAVESESSION"
 echo "   * Persistent cert    cache:   $ENABLED_SAVECERT"
 echo "   * Atomic User Record Layer:   $ENABLED_ATOMICUSER"
 echo "   * Public Key Callbacks:       $ENABLED_PKCALLBACKS"
+echo "   * libxmss:                    $ENABLED_LIBXMSS"
+echo "   * liblms:                     $ENABLED_LIBLMS"
 echo "   * liboqs:                     $ENABLED_LIBOQS"
 echo "   * Whitewood netRandom:        $ENABLED_WNR"
 echo "   * Server Name Indication:     $ENABLED_SNI"
@@ -9047,8 +9761,11 @@ echo "   * Secure Renegotiation:       $ENABLED_SECURE_RENEGOTIATION"
 echo "   * Fallback SCSV:              $ENABLED_FALLBACK_SCSV"
 echo "   * Keying Material Exporter:   $ENABLED_KEYING_MATERIAL"
 echo "   * All TLS Extensions:         $ENABLED_TLSX"
-echo "   * PKCS#7:                     $ENABLED_PKCS7"
 echo "   * S/MIME:                     $ENABLED_SMIME"
+echo "   * PKCS#7:                     $ENABLED_PKCS7"
+echo "   * PKCS#8:                     $ENABLED_PKCS8"
+echo "   * PKCS#11:                    $ENABLED_PKCS11"
+echo "   * PKCS#12:                    $ENABLED_PKCS12"
 echo "   * wolfSSH:                    $ENABLED_WOLFSSH"
 echo "   * wolfEngine:                 $ENABLED_WOLFENGINE"
 echo "   * wolfTPM:                    $ENABLED_WOLFTPM"
@@ -9065,10 +9782,8 @@ echo "   * Stack sizes in tests:       $ENABLED_STACKSIZE"
 echo "   * Heap stats in tests:        $ENABLED_TRACKMEMORY"
 echo "   * User Crypto:                $ENABLED_USER_CRYPTO"
 echo "   * Fast RSA:                   $ENABLED_FAST_RSA"
-echo "   * Async Crypto:               $ENABLED_ASYNCCRYPT"
-echo "   * PKCS#8:                     $ENABLED_PKCS8"
-echo "   * PKCS#11:                    $ENABLED_PKCS11"
-echo "   * PKCS#12:                    $ENABLED_PKCS12"
+echo "   * Asynchronous Crypto:        $ENABLED_ASYNCCRYPT"
+echo "   * Asynchronous Crypto (sim):  $ENABLED_ASYNCCRYPT_SW"
 echo "   * Cavium Nitrox:              $ENABLED_CAVIUM"
 echo "   * Cavium Octeon (Sync):       $ENABLED_OCTEON_SYNC"
 echo "   * Intel Quick Assist:         $ENABLED_INTEL_QA"
@@ -9078,6 +9793,7 @@ then
 fi
 echo "   * ARM ASM:                    $ENABLED_ARMASM"
 echo "   * ARM ASM SHA512/SHA3 Crypto  $ENABLED_ARMASM_SHA3"
+echo "   * ARM ASM SM3/SM4 Crypto      $ENABLED_ARMASM_CRYPTO_SM4"
 echo "   * AES Key Wrap:               $ENABLED_AESKEYWRAP"
 echo "   * Write duplicate:            $ENABLED_WRITEDUP"
 echo "   * Xilinx Hardware Acc.:       $ENABLED_XILINX"
@@ -9085,6 +9801,7 @@ echo "   * Inline Code:                $ENABLED_INLINE"
 echo "   * Linux AF_ALG:               $ENABLED_AFALG"
 echo "   * Linux KCAPI:                $ENABLED_KCAPI"
 echo "   * Linux devcrypto:            $ENABLED_DEVCRYPTO"
+echo "   * PK callbacks:               $ENABLED_PKCALLBACKS"
 echo "   * Crypto callbacks:           $ENABLED_CRYPTOCB"
 echo "   * i.MX CAAM:                  $ENABLED_CAAM"
 echo "   * IoT-Safe:                   $ENABLED_IOTSAFE"
@@ -9095,6 +9812,7 @@ echo "   * PSA:                        $ENABLED_PSA"
 echo "   * System CA certs:            $ENABLED_SYS_CA_CERTS"
 echo "   * ERR Queues per Thread:      $ENABLED_ERRORQUEUEPERTHREAD"
 echo "   * rwlock:                     $ENABLED_RWLOCK"
+echo "   * keylog export:              $ENABLED_KEYLOG_EXPORT"
 echo ""
 echo "---"
 
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln b/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln
deleted file mode 100644
index f2154d0d..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.sln
+++ /dev/null
@@ -1,38 +0,0 @@
-
-Microsoft Visual Studio Solution File, Format Version 9.00
-# Visual C++ Express 2005
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ctaocrypt", "ctaocrypt.vcproj", "{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}"
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "test", "test\test.vcproj", "{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}"
-	ProjectSection(ProjectDependencies) = postProject
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62} = {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}
-	EndProjectSection
-EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "benchmark", "benchmark\benchmark.vcproj", "{615AEC46-5595-4DEA-9490-DBD5DE0F8772}"
-	ProjectSection(ProjectDependencies) = postProject
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62} = {BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}
-	EndProjectSection
-EndProject
-Global
-	GlobalSection(SolutionConfigurationPlatforms) = preSolution
-		Debug|Win32 = Debug|Win32
-		Release|Win32 = Release|Win32
-	EndGlobalSection
-	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Debug|Win32.ActiveCfg = Debug|Win32
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Debug|Win32.Build.0 = Debug|Win32
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Release|Win32.ActiveCfg = Release|Win32
-		{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}.Release|Win32.Build.0 = Release|Win32
-		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.ActiveCfg = Debug|Win32
-		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Debug|Win32.Build.0 = Debug|Win32
-		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.ActiveCfg = Release|Win32
-		{D04BDF66-664A-4D59-BEAC-8AB2D5809C21}.Release|Win32.Build.0 = Release|Win32
-		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.ActiveCfg = Debug|Win32
-		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Debug|Win32.Build.0 = Debug|Win32
-		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.ActiveCfg = Release|Win32
-		{615AEC46-5595-4DEA-9490-DBD5DE0F8772}.Release|Win32.Build.0 = Release|Win32
-	EndGlobalSection
-	GlobalSection(SolutionProperties) = preSolution
-		HideSolutionNode = FALSE
-	EndGlobalSection
-EndGlobal
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj b/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj
deleted file mode 100644
index 29ef4d1b..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/ctaocrypt.vcproj
+++ /dev/null
@@ -1,319 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<VisualStudioProject
-	ProjectType="Visual C++"
-	Version="8.00"
-	Name="ctaocrypt"
-	ProjectGUID="{BF0EA0C1-3F4C-4767-B79E-7B2A391F7D62}"
-	Keyword="Win32Proj"
-	>
-	<Platforms>
-		<Platform
-			Name="Win32"
-		/>
-	</Platforms>
-	<ToolFiles>
-	</ToolFiles>
-	<Configurations>
-		<Configuration
-			Name="Debug|Win32"
-			OutputDirectory="Debug"
-			IntermediateDirectory="Debug"
-			ConfigurationType="4"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				Optimization="0"
-				AdditionalIncludeDirectories="include"
-				PreprocessorDefinitions="WIN32;_DEBUG;_LIB;OPENSSL_EXTRA"
-				MinimalRebuild="true"
-				BasicRuntimeChecks="3"
-				RuntimeLibrary="3"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				Detect64BitPortabilityProblems="true"
-				DebugInformationFormat="4"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-		<Configuration
-			Name="Release|Win32"
-			OutputDirectory="Release"
-			IntermediateDirectory="Release"
-			ConfigurationType="4"
-			>
-			<Tool
-				Name="VCPreBuildEventTool"
-			/>
-			<Tool
-				Name="VCCustomBuildTool"
-			/>
-			<Tool
-				Name="VCXMLDataGeneratorTool"
-			/>
-			<Tool
-				Name="VCWebServiceProxyGeneratorTool"
-			/>
-			<Tool
-				Name="VCMIDLTool"
-			/>
-			<Tool
-				Name="VCCLCompilerTool"
-				AdditionalIncludeDirectories="include"
-				PreprocessorDefinitions="WIN32;NDEBUG;_LIB;OPENSSL_EXTRA"
-				RuntimeLibrary="2"
-				UsePrecompiledHeader="0"
-				WarningLevel="3"
-				Detect64BitPortabilityProblems="true"
-				DebugInformationFormat="3"
-			/>
-			<Tool
-				Name="VCManagedResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCResourceCompilerTool"
-			/>
-			<Tool
-				Name="VCPreLinkEventTool"
-			/>
-			<Tool
-				Name="VCLibrarianTool"
-			/>
-			<Tool
-				Name="VCALinkTool"
-			/>
-			<Tool
-				Name="VCXDCMakeTool"
-			/>
-			<Tool
-				Name="VCBscMakeTool"
-			/>
-			<Tool
-				Name="VCFxCopTool"
-			/>
-			<Tool
-				Name="VCPostBuildEventTool"
-			/>
-		</Configuration>
-	</Configurations>
-	<References>
-	</References>
-	<Files>
-		<Filter
-			Name="Header Files"
-			Filter="h;hpp;hxx;hm;inl;inc;xsd"
-			UniqueIdentifier="{93995380-89BD-4b04-88EB-625FBE52EBFB}"
-			>
-			<File
-				RelativePath=".\include\aes.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\arc4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\asn.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\coding.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\config.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\des3.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\dh.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\dsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\error-crypt.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\hmac.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\integer.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\md4.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\md5.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\misc.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\mpi_class.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\mpi_superclass.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\chacha.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\random.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\rsa.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\sha.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\sha256.h"
-				>
-			</File>
-			<File
-				RelativePath=".\include\types.h"
-				>
-			</File>
-		</Filter>
-		<Filter
-			Name="Resource Files"
-			Filter="rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx"
-			UniqueIdentifier="{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}"
-			>
-		</Filter>
-		<Filter
-			Name="Source Files"
-			Filter="cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx"
-			UniqueIdentifier="{4FC737F1-C7A5-4376-A066-2A32D752A2FF}"
-			>
-			<File
-				RelativePath=".\src\aes.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\arc4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\asn.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\coding.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\des3.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\dh.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\dsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\hmac.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\integer.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\md4.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\md5.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\wc_port.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\chacha.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\random.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\rsa.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\sha.c"
-				>
-			</File>
-			<File
-				RelativePath=".\src\sha256.c"
-				>
-			</File>
-		</Filter>
-	</Files>
-	<Globals>
-	</Globals>
-</VisualStudioProject>
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c b/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/aes.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c b/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/des3.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c b/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/hmac.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/random.c b/extra/wolfssl/wolfssl/ctaocrypt/src/random.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/random.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c b/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/rsa.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha256.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c b/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c
deleted file mode 100644
index e9f58866..00000000
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/sha512.c
+++ /dev/null
@@ -1 +0,0 @@
-/* dummy file for autoconf */
diff --git a/extra/wolfssl/wolfssl/cyassl/certs_test.h b/extra/wolfssl/wolfssl/cyassl/certs_test.h
deleted file mode 100644
index c8465ac8..00000000
--- a/extra/wolfssl/wolfssl/cyassl/certs_test.h
+++ /dev/null
@@ -1,10 +0,0 @@
-/* certs_test.h */
-
-#include <wolfssl/certs_test.h>
-
-#ifndef CYASSL_CERTS_TEST_H
-    #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
-#else
-    #undef CYASSL_CERTS_TEST_H
-    #define CYASSL_CERTS_TEST_H WOLFSSL_CERTS_TEST_H
-#endif
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h
deleted file mode 100644
index 023b7871..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/aes.h
+++ /dev/null
@@ -1,61 +0,0 @@
-/* aes.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_AES
-
-#ifndef CTAO_CRYPT_AES_H
-#define CTAO_CRYPT_AES_H
-
-#include <wolfssl/wolfcrypt/aes.h>
-#define AesSetKey            wc_AesSetKey
-#define AesSetIV             wc_AesSetIV
-#define AesCbcEncrypt        wc_AesCbcEncrypt
-#define AesCbcDecrypt        wc_AesCbcDecrypt
-#define AesCbcDecryptWithKey wc_AesCbcDecryptWithKey
-
-/* AES-CTR */
-#ifdef WOLFSSL_AES_COUNTER
-    #define AesCtrEncrypt wc_AesCtrEncrypt
-#endif
-/* AES-DIRECT */
-#if defined(WOLFSSL_AES_DIRECT)
-    #define AesEncryptDirect wc_AesEncryptDirect
-    #define AesDecryptDirect wc_AesDecryptDirect
-    #define AesSetKeyDirect  wc_AesSetKeyDirect
-#endif
-#ifdef HAVE_AESGCM
-    #define AesGcmSetKey  wc_AesGcmSetKey
-    #define AesGcmEncrypt wc_AesGcmEncrypt
-    #define AesGcmDecrypt wc_AesGcmDecrypt
-    #define GmacSetKey    wc_GmacSetKey
-    #define GmacUpdate    wc_GmacUpdate
-#endif /* HAVE_AESGCM */
-#ifdef HAVE_AESCCM
-    #define AesCcmSetKey  wc_AesCcmSetKey
-    #define AesCcmEncrypt wc_AesCcmEncrypt
-    #define AesCcmDecrypt wc_AesCcmDecrypt
-#endif /* HAVE_AESCCM */
-
-#endif /* CTAO_CRYPT_AES_H */
-#endif /* NO_AES */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h
deleted file mode 100644
index a1d05a71..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn.h
+++ /dev/null
@@ -1,48 +0,0 @@
-/* asn.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_ASN
-
-#ifndef CTAO_CRYPT_ASN_H
-#define CTAO_CRYPT_ASN_H
-
-/* pull in compatibility for each include */
-#include <cyassl/ctaocrypt/dh.h>
-#include <cyassl/ctaocrypt/dsa.h>
-#include <cyassl/ctaocrypt/sha.h>
-#include <cyassl/ctaocrypt/md5.h>
-#include <cyassl/ctaocrypt/asn_public.h>   /* public interface */
-#ifdef HAVE_ECC
-    #include <cyassl/ctaocrypt/ecc.h>
-#endif
-
-
-#include <wolfssl/wolfcrypt/asn.h>
-
-#ifndef NO_FILESYSTEM
-    #define CyaSSL_PemCertToDer wc_PemCertToDer
-#endif
-
-#endif /* CTAO_CRYPT_ASN_H */
-
-#endif /* !NO_ASN */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h
deleted file mode 100644
index bc4cd182..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/asn_public.h
+++ /dev/null
@@ -1,75 +0,0 @@
-/* asn_public.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_ASN_PUBLIC_H
-#define CTAO_CRYPT_ASN_PUBLIC_H
-
-/* pull in compatibility for each of the includes */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/ecc.h>
-#ifdef WOLFSSL_CERT_GEN
-    #include <cyassl/ctaocrypt/rsa.h>
-#endif
-
-#include <wolfssl/wolfcrypt/asn_public.h>
-#ifdef WOLFSSL_CERT_GEN
-    #define InitCert wc_InitCert
-    #define MakeCert wc_MakeCert
-
-    #ifdef WOLFSSL_CERT_REQ
-    #define MakeCertReq wc_MakeCertReq
-#endif
-
-    #define SignCert     wc_SignCert
-    #define MakeSelfCert wc_MakeSelfCert
-    #define SetIssuer    wc_SetIssuer
-    #define SetSubject   wc_SetSubject
-
-    #ifdef WOLFSSL_ALT_NAMES
-    #define SetAltNames wc_SetAltNames
-#endif
-
-    #define SetIssuerBuffer   wc_SetIssuerBuffer
-    #define SetSubjectBuffer  wc_SetSubjectBuffer
-    #define SetAltNamesBuffer wc_SetAltNamesBuffer
-    #define SetDatesBuffer    wc_SetDatesBuffer
-
-#endif /* WOLFSSL_CERT_GEN */
-
-    #if defined(WOLFSSL_KEY_GEN) || defined(WOLFSSL_CERT_GEN)
-    #define DerToPem wc_DerToPem
-#endif
-
-#ifdef HAVE_ECC
-    /* private key helpers */
-    #define EccPrivateKeyDecode wc_EccPrivateKeyDecode
-    #define EccKeyToDer         wc_EccKeyToDer
-#endif
-
-    /* DER encode signature */
-    #define EncodeSignature wc_EncodeSignature
-    #define GetCTC_HashOID  wc_GetCTC_HashOID
-
-#endif /* CTAO_CRYPT_ASN_PUBLIC_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h
deleted file mode 100644
index 2efe5386..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-impl.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-impl.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAOCRYPT_BLAKE2_IMPL_H
-#define CTAOCRYPT_BLAKE2_IMPL_H
-
-#include <cyassl/ctaocrypt/types.h>
-#include <wolfssl/wolfcrypt/blake2-impl.h>
-
-#endif  /* CTAOCRYPT_BLAKE2_IMPL_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h
deleted file mode 100644
index e5cc3d36..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2-int.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
-   BLAKE2 reference source code package - reference C implementations
-
-   Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
-
-   To the extent possible under law, the author(s) have dedicated all copyright
-   and related and neighboring rights to this software to the public domain
-   worldwide. This software is distributed without any warranty.
-
-   You should have received a copy of the CC0 Public Domain Dedication along with
-   this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
-*/
-/* blake2-int.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-#ifndef CTAOCRYPT_BLAKE2_INT_H
-#define CTAOCRYPT_BLAKE2_INT_H
-
-#include <cyassl/ctaocrypt/types.h>
-#include <wolfssl/wolfcrypt/blake2-int.h>
-
-#endif  /* CTAOCRYPT_BLAKE2_INT_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h
deleted file mode 100644
index e63656ab..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/blake2.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* blake2.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_BLAKE2
-
-#ifndef CTAOCRYPT_BLAKE2_H
-#define CTAOCRYPT_BLAKE2_H
-
-#include <wolfssl/wolfcrypt/blake2.h>
-
-/* for blake2 reverse compatibility */
-#ifndef HAVE_FIPS
-    #define InitBlake2b   wc_InitBlake2b
-    #define Blake2bUpdate wc_Blake2bUpdate
-    #define Blake2bFinal  wc_Blake2bFinal
-#else
-    /* name for when fips hmac calls blake */
-    #define wc_InitBlake2b   InitBlake2b
-    #define wc_Blake2bUpdate Blake2bUpdate
-    #define wc_Blake2bFinal  Blake2bFinal
-#endif /* HAVE_FIPS */
-
-#endif  /* CTAOCRYPT_BLAKE2_H */
-#endif  /* HAVE_BLAKE2 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h
deleted file mode 100644
index 880960f1..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/camellia.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* camellia.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_CAMELLIA_H
-#define CTAO_CRYPT_CAMELLIA_H
-
-
-/* for camellia reverse compatibility */
-#ifdef HAVE_CAMELLIA
-    #include <wolfssl/wolfcrypt/camellia.h>
-	#define CamelliaSetKey        wc_CamelliaSetKey
-	#define CamelliaSetIV         wc_CamelliaSetIV
-	#define CamelliaEncryptDirect wc_CamelliaEncryptDirect
-	#define CamelliaDecryptDirect wc_CamelliaDecryptDirect
-	#define CamelliaCbcEncrypt    wc_CamelliaCbcEncrypt
-	#define CamelliaCbcDecrypt    wc_CamelliaCbcDecrypt
-#endif
-
-#endif /* CTAO_CRYPT_CAMELLIA_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h
deleted file mode 100644
index 1a07289d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/chacha.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/* chacha.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_CHACHA_H
-#define CTAO_CRYPT_CHACHA_H
-
-
-/* for chacha reverse compatibility */
-#ifdef HAVE_CHACHA
-    #include <wolfssl/wolfcrypt/chacha.h>
-    #define Chacha_Process wc_Chacha_Process
-    #define Chacha_SetKey  wc_Chacha_SetKey
-    #define Chacha_SetIV   wc_Chacha_SetIV
-#endif
-
-#endif /* CTAO_CRYPT_CHACHA_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h
deleted file mode 100644
index 3050d85e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/compress.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* compress.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_LIBZ
-
-#ifndef CTAO_CRYPT_COMPRESS_H
-#define CTAO_CRYPT_COMPRESS_H
-
-#include <wolfssl/wolfcrypt/compress.h>
-
-/* reverse compatibility */
-#define Compress   wc_Compress
-#define DeCompress wc_DeCompress
-
-#endif /* CTAO_CRYPT_COMPRESS_H */
-
-#endif /* HAVE_LIBZ */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h
deleted file mode 100644
index 498ffba4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/des3.h
+++ /dev/null
@@ -1,49 +0,0 @@
-/* des3.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_DES3
-
-#ifndef CTAO_CRYPT_DES3_H
-#define CTAO_CRYPT_DES3_H
-
-
-#include <wolfssl/wolfcrypt/des3.h>
-#define Des_SetKey     wc_Des_SetKey
-#define Des_SetIV      wc_Des_SetIV
-#define Des_CbcEncrypt wc_Des_CbcEncrypt
-#define Des_CbcDecrypt wc_Des_CbcDecrypt
-#define Des_EcbEncrypt wc_Des_EcbEncrypt
-#define Des_CbcDecryptWithKey  wc_Des_CbcDecryptWithKey
-#define Des3_SetKey            wc_Des3_SetKey
-#define Des3_SetIV             wc_Des3_SetIV
-#define Des3_CbcEncrypt        wc_Des3_CbcEncrypt
-#define Des3_CbcDecrypt        wc_Des3_CbcDecrypt
-#define Des3_CbcDecryptWithKey wc_Des3_CbcDecryptWithKey
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #define Des3AsyncInit wc_Des3AsyncInit
-    #define Des3AsyncFree wc_Des3AsyncFree
-#endif
-
-#endif /* NO_DES3 */
-#endif /* CTAO_CRYPT_DES3_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h
deleted file mode 100644
index b28bd494..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ecc.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* ecc.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifdef HAVE_ECC
-
-#ifndef CTAO_CRYPT_ECC_H
-#define CTAO_CRYPT_ECC_H
-
-#include <wolfssl/wolfcrypt/ecc.h>
-
-/* includes for compatibility */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/integer.h>
-#include <cyassl/ctaocrypt/random.h>
-
-/* for ecc reverse compatibility */
-#ifdef HAVE_ECC
-	#define ecc_make_key      wc_ecc_make_key
-	#define ecc_shared_secret wc_ecc_shared_secret
-	#define ecc_sign_hash     wc_ecc_sign_hash
-	#define ecc_verify_hash   wc_ecc_verify_hash
-	#define ecc_init          wc_ecc_init
-	#define ecc_free          wc_ecc_free
-	#define ecc_fp_free       wc_ecc_fp_free
-	#define ecc_export_x963   wc_ecc_export_x963
-	#define ecc_size          wc_ecc_size
-	#define ecc_sig_size      wc_ecc_sig_size
-	#define ecc_export_x963_ex      wc_ecc_export_x963_ex
-	#define ecc_import_x963         wc_ecc_import_x963
-	#define ecc_import_private_key  wc_ecc_import_private_key
-	#define ecc_rs_to_sig           wc_ecc_rs_to_sig
-	#define ecc_import_raw          wc_ecc_import_raw
-	#define ecc_export_private_only wc_ecc_export_private_only
-
-#ifdef HAVE_ECC_ENCRYPT
-	/* ecc encrypt */
-	#define ecc_ctx_new           wc_ecc_ctx_new
-	#define ecc_ctx_free          wc_ecc_ctx_free
-	#define ecc_ctx_reset         wc_ecc_ctx_reset
-	#define ecc_ctx_get_own_salt  wc_ecc_ctx_get_own_salt
-	#define ecc_ctx_set_peer_salt wc_ecc_ctx_set_peer_salt
-	#define ecc_ctx_set_info      wc_ecc_ctx_set_info
-	#define ecc_encrypt           wc_ecc_encrypt
-	#define ecc_decrypt           wc_ecc_decrypt
-#endif /* HAVE_ECC_ENCRYPT */
-#endif
-
-#endif /* CTAO_CRYPT_ECC_H */
-#endif /* HAVE_ECC */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h
deleted file mode 100644
index fcde0f58..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/error-crypt.h
+++ /dev/null
@@ -1,33 +0,0 @@
-/* error-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_ERROR_H
-#define CTAO_CRYPT_ERROR_H
-
-/* for name change and fips compatibility @wc_fips */
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#define CTaoCryptErrorString    wc_ErrorString
-#define CTaoCryptGetErrorString wc_GetErrorString
-
-#endif /* CTAO_CRYPT_ERROR_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h
deleted file mode 100644
index 0e0ca1fd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/fips_test.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/* fips_test.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_FIPS_TEST_H
-#define CTAO_CRYPT_FIPS_TEST_H
-
-#include <cyassl/ctaocrypt/types.h>
-
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Known Answer Test string inputs are hex, internal */
-CYASSL_LOCAL int DoKnownAnswerTests(char*, int);
-
-
-/* FIPS failure callback */
-typedef void(*wolfCrypt_fips_cb)(int ok, int err, const char* hash);
-
-/* Public set function */
-CYASSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
-
-/* Public get status functions */
-CYASSL_API int wolfCrypt_GetStatus_fips(void);
-CYASSL_API const char* wolfCrypt_GetCoreHash_fips(void);
-
-#ifdef HAVE_FORCE_FIPS_FAILURE
-    /* Public function to force failure mode for operational testing */
-    CYASSL_API int wolfCrypt_SetStatus_fips(int);
-#endif
-
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-#endif /* CTAO_CRYPT_FIPS_TEST_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h
deleted file mode 100644
index 926cce30..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/hmac.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* hmac.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_HMAC
-
-#ifndef CTAO_CRYPT_HMAC_H
-#define CTAO_CRYPT_HMAC_H
-
-#include <wolfssl/wolfcrypt/hmac.h>
-#define HmacSetKey wc_HmacSetKey
-#define HmacUpdate wc_HmacUpdate
-#define HmacFinal  wc_HmacFinal
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #define HmacAsyncInit wc_HmacAsyncInit
-    #define HmacAsyncFree wc_HmacAsyncFree
-#endif
-#define CyaSSL_GetHmacMaxSize wolfSSL_GetHmacMaxSize
-#ifdef HAVE_HKDF
-    #define HKDF wc_HKDF
-#endif /* HAVE_HKDF */
-
-#endif /* CTAO_CRYPT_HMAC_H */
-
-#endif /* NO_HMAC */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am
deleted file mode 100644
index 0a3ec343..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/include.am
+++ /dev/null
@@ -1,52 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-
-EXTRA_DIST+= ctaocrypt/src/misc.c
-
-nobase_include_HEADERS+= \
-                         cyassl/ctaocrypt/aes.h \
-                         cyassl/ctaocrypt/arc4.h \
-                         cyassl/ctaocrypt/asn.h \
-                         cyassl/ctaocrypt/asn_public.h \
-                         cyassl/ctaocrypt/poly1305.h \
-                         cyassl/ctaocrypt/camellia.h \
-                         cyassl/ctaocrypt/coding.h \
-                         cyassl/ctaocrypt/compress.h \
-                         cyassl/ctaocrypt/des3.h \
-                         cyassl/ctaocrypt/dh.h \
-                         cyassl/ctaocrypt/dsa.h \
-                         cyassl/ctaocrypt/ecc.h \
-                         cyassl/ctaocrypt/error-crypt.h \
-                         cyassl/ctaocrypt/fips_test.h \
-                         cyassl/ctaocrypt/hmac.h \
-                         cyassl/ctaocrypt/integer.h \
-                         cyassl/ctaocrypt/md2.h \
-                         cyassl/ctaocrypt/md4.h \
-                         cyassl/ctaocrypt/md5.h \
-                         cyassl/ctaocrypt/misc.h \
-                         cyassl/ctaocrypt/pkcs7.h \
-                         cyassl/ctaocrypt/wc_port.h \
-                         cyassl/ctaocrypt/pwdbased.h \
-                         cyassl/ctaocrypt/chacha.h \
-                         cyassl/ctaocrypt/random.h \
-                         cyassl/ctaocrypt/ripemd.h \
-                         cyassl/ctaocrypt/rsa.h \
-                         cyassl/ctaocrypt/settings.h \
-                         cyassl/ctaocrypt/settings_comp.h \
-                         cyassl/ctaocrypt/sha256.h \
-                         cyassl/ctaocrypt/sha512.h \
-                         cyassl/ctaocrypt/sha.h \
-                         cyassl/ctaocrypt/blake2.h \
-                         cyassl/ctaocrypt/blake2-int.h \
-                         cyassl/ctaocrypt/blake2-impl.h \
-                         cyassl/ctaocrypt/tfm.h \
-                         cyassl/ctaocrypt/types.h \
-                         cyassl/ctaocrypt/visibility.h \
-                         cyassl/ctaocrypt/logging.h \
-                         cyassl/ctaocrypt/memory.h \
-                         cyassl/ctaocrypt/mpi_class.h \
-                         cyassl/ctaocrypt/mpi_superclass.h
-
-noinst_HEADERS+= \
-                         cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h
deleted file mode 100644
index 670a83cd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/integer.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/* integer.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * Based on public domain LibTomMath 0.38 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-#ifndef CTAO_CRYPT_INTEGER_H
-#define CTAO_CRYPT_INTEGER_H
-
-#include <wolfssl/wolfcrypt/integer.h>
-
-#endif  /* CTAO_CRYPT_INTEGER_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h
deleted file mode 100644
index 4fc9fbf1..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/logging.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* logging.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* submitted by eof */
-
-
-#ifndef CYASSL_LOGGING_H
-#define CYASSL_LOGGING_H
-
-/* for fips compatibility @wc_fips */
-#include <wolfssl/wolfcrypt/logging.h>
-#define CYASSL_LEAVE WOLFSSL_LEAVE
-#define CYASSL_ERROR WOLFSSL_ERROR
-#define CYASSL_ENTER WOLFSSL_ENTER
-#define CYASSL_MSG   WOLFSSL_MSG
-/* check old macros possibly declared */
-#if defined(DEBUG_CYASSL) && !defined(DEBUG_WOLFSSL)
-    #define DEBUG_WOLFSSL
-#endif
-
-#endif /* CYASSL_LOGGING_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h
deleted file mode 100644
index d758875f..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md2.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/* md2.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/* check for old macro */
-#if !defined(CYASSL_MD2) && defined(WOLFSSL_MD2)
-    #define CYASSL_MD2
-#endif
-
-#ifdef CYASSL_MD2
-
-#ifndef CTAO_CRYPT_MD2_H
-#define CTAO_CRYPT_MD2_H
-
-#include <wolfssl/wolfcrypt/md2.h>
-
-#define InitMd2   wc_InitMd2
-#define Md2Update wc_Md2Update
-#define Md2Final  wc_Md2Final
-#define Md2Hash   wc_Md2Hash
-
-#endif /* CTAO_CRYPT_MD2_H */
-#endif /* CYASSL_MD2 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h
deleted file mode 100644
index 0e0fa359..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md4.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* md4.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_MD4
-
-#ifndef CTAO_CRYPT_MD4_H
-#define CTAO_CRYPT_MD4_H
-
-#include <wolfssl/wolfcrypt/md4.h>
-
-#define InitMd4   wc_InitMd4
-#define Md4Update wc_Md4Update
-#define Md4Final  wc_Md4Final
-
-#endif /* CTAO_CRYPT_MD4_H */
-
-#endif /* NO_MD4 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h
deleted file mode 100644
index 842ea6fc..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/md5.h
+++ /dev/null
@@ -1,45 +0,0 @@
-/* md5.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_MD5
-
-#ifndef CTAO_CRYPT_MD5_H
-#define CTAO_CRYPT_MD5_H
-
-#include <wolfssl/wolfcrypt/md5.h>
-
-#ifndef HAVE_FIPS
-    #define InitMd5   wc_InitMd5
-    #define Md5Update wc_Md5Update
-    #define Md5Final  wc_Md5Final
-    #define Md5Hash   wc_Md5Hash
-#else
-    /* redfined name so that hmac is calling same function names with fips */
-    #define wc_InitMd5   InitMd5
-    #define wc_Md5Update Md5Update
-    #define wc_Md5Final  Md5Final
-    #define wc_Md5Hash   Md5Hash
-#endif
-
-#endif /* CTAO_CRYPT_MD5_H */
-#endif /* NO_MD5 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h
deleted file mode 100644
index 1ba48406..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/memory.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* memory.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* submitted by eof */
-
-
-#ifndef CYASSL_MEMORY_H
-#define CYASSL_MEMORY_H
-
-
-#include <wolfssl/wolfcrypt/memory.h>
-#define CyaSSL_Malloc_cb     wolfSSL_Malloc_cb
-#define CyaSSL_Free_cb       wolfSSL_Free_cb
-#define CyaSSL_Realloc_cb    wolfSSL_Realloc_cb
-#define CyaSSL_SetAllocators wolfSSL_SetAllocators
-
-/* Public in case user app wants to use XMALLOC/XFREE */
-#define CyaSSL_Malloc  wolfSSL_Malloc
-#define CyaSSL_Free    wolfSSL_Free
-#define CyaSSL_Realloc wolfSSL_Realloc
-
-#endif /* CYASSL_MEMORY_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h
deleted file mode 100644
index f9d895e6..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pkcs7.h
+++ /dev/null
@@ -1,53 +0,0 @@
-/* pkcs7.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_PKCS7
-
-#ifndef CTAO_CRYPT_PKCS7_H
-#define CTAO_CRYPT_PKCS7_H
-
-/* pull in compatibility for old includes */
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/asn.h>
-#include <cyassl/ctaocrypt/asn_public.h>
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/des3.h>
-
-#include <wolfssl/wolfcrypt/pkcs7.h>
-
-/* for pkcs7 reverse compatibility */
-#define SetContentType      wc_SetContentType
-#define GetContentType      wc_GetContentType
-#define CreateRecipientInfo wc_CreateRecipientInfo
-#define PKCS7_InitWithCert  wc_PKCS7_InitWithCert
-#define PKCS7_Free          wc_PKCS7_Free
-#define PKCS7_EncodeData    wc_PKCS7_EncodeData
-#define PKCS7_EncodeSignedData    wc_PKCS7_EncodeSignedData
-#define PKCS7_VerifySignedData    wc_PKCS7_VerifySignedData
-#define PKCS7_EncodeEnvelopedData wc_PKCS7_EncodeEnvelopedData
-#define PKCS7_DecodeEnvelopedData wc_PKCS7_DecodeEnvelopedData
-
-#endif /* CTAO_CRYPT_PKCS7_H */
-
-#endif /* HAVE_PKCS7 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h
deleted file mode 100644
index 75f28f55..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/poly1305.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* poly1305.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifdef HAVE_POLY1305
-
-#ifndef CTAO_CRYPT_POLY1305_H
-#define CTAO_CRYPT_POLY1305_H
-
-#include <wolfssl/wolfcrypt/poly1305.h>
-
-/* for poly1305 reverse compatibility */
-#define Poly1305SetKey wc_Poly1305SetKey
-#define Poly1305Update wc_Poly1305Update
-#define Poly1305Final  wc_Poly1305Final
-
-#endif /* CTAO_CRYPT_POLY1305_H */
-
-#endif /* HAVE_POLY1305 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
deleted file mode 100644
index 2134da24..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/* pic32mz-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef PIC32MZ_CRYPT_H
-#define PIC32MZ_CRYPT_H
-
-#include <wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h>
-
-#endif /* PIC32MZ_CRYPT_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h
deleted file mode 100644
index e460ef27..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/pwdbased.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* pwdbased.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_PWDBASED
-
-#ifndef CTAO_CRYPT_PWDBASED_H
-#define CTAO_CRYPT_PWDBASED_H
-
-/* for pwdbased reverse compatibility */
-#include <wolfssl/wolfcrypt/pwdbased.h>
-#define PBKDF1       wc_PBKDF1
-#define PBKDF2       wc_PBKDF2
-#define PKCS12_PBKDF wc_PKCS12_PBKDF
-
-#endif /* CTAO_CRYPT_PWDBASED_H */
-#endif /* NO_PWDBASED */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h
deleted file mode 100644
index bacd423a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/random.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* random.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_RANDOM_H
-#define CTAO_CRYPT_RANDOM_H
-
-    /* for random.h compatibility */
-    #include <wolfssl/wolfcrypt/random.h>
-    #define InitRng           wc_InitRng
-    #define RNG_GenerateBlock wc_RNG_GenerateBlock
-    #define RNG_GenerateByte  wc_RNG_GenerateByte
-    #define FreeRng        wc_FreeRng
-
-	#if defined(HAVE_HASHDRBG) || defined(NO_RC4)
-	    #define RNG_HealthTest wc_RNG_HealthTest
-	#endif /* HAVE_HASHDRBG || NO_RC4 */
-
-#endif /* CTAO_CRYPT_RANDOM_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h
deleted file mode 100644
index bff7403c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/ripemd.h
+++ /dev/null
@@ -1,38 +0,0 @@
-/* ripemd.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-#ifndef CTAO_CRYPT_RIPEMD_H
-#define CTAO_CRYPT_RIPEME_H
-
-#include <wolfssl/wolfcrypt/ripemd.h>
-
-/* for ripemd reverse compatibility */
-#ifdef WOLFSSL_RIPEMD
-    #define InitRipeMd   wc_InitRipeMd
-    #define RipeMdUpdate wc_RipeMdUpdate
-    #define RipeMdFinal  wc_RipeMdFinal
-#endif
-
-#endif /* CTAO_CRYPT_RIPEMD_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h
deleted file mode 100644
index c874f346..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/rsa.h
+++ /dev/null
@@ -1,58 +0,0 @@
-/* rsa.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef NO_RSA
-
-#ifndef CTAO_CRYPT_RSA_H
-#define CTAO_CRYPT_RSA_H
-
-#include <wolfssl/wolfcrypt/rsa.h>
-/* includes for their compatibility */
-#include <cyassl/ctaocrypt/integer.h>
-#include <cyassl/ctaocrypt/random.h>
-#include <cyassl/ctaocrypt/settings.h>
-
-#define InitRsaKey       wc_InitRsaKey
-#define FreeRsaKey       wc_FreeRsaKey
-#define RsaPublicEncrypt wc_RsaPublicEncrypt
-#define RsaPrivateDecryptInline wc_RsaPrivateDecryptInline
-#define RsaPrivateDecrypt       wc_RsaPrivateDecrypt
-#define RsaSSL_Sign             wc_RsaSSL_Sign
-#define RsaSSL_VerifyInline     wc_RsaSSL_VerifyInline
-#define RsaSSL_Verify           wc_RsaSSL_Verify
-#define RsaEncryptSize          wc_RsaEncryptSize
-#define RsaFlattenPublicKey     wc_RsaFlattenPublicKey
-
-#ifdef WOLFSSL_KEY_GEN
-    #define MakeRsaKey  wc_MakeRsaKey
-    #define RsaKeyToDer wc_RsaKeyToDer
-    #define CheckProbablePrime wc_CheckProbablePrime
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #define RsaAsyncInit wc_RsaAsyncInit
-    #define RsaAsyncFree wc_RsaAsyncFree
-#endif
-
-#endif /* CTAO_CRYPT_RSA_H */
-
-#endif /* NO_RSA */
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h
deleted file mode 100644
index 46012d4d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings.h
+++ /dev/null
@@ -1,702 +0,0 @@
-/* settings.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* Place OS specific preprocessor flags, defines, includes here, will be
-   included into every file because types.h includes it */
-
-
-#ifndef CTAO_CRYPT_SETTINGS_H
-#define CTAO_CRYPT_SETTINGS_H
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-/* Uncomment next line if using IPHONE */
-/* #define IPHONE */
-
-/* Uncomment next line if using ThreadX */
-/* #define THREADX */
-
-/* Uncomment next line if using Micrium ucOS */
-/* #define MICRIUM */
-
-/* Uncomment next line if using Mbed */
-/* #define MBED */
-
-/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
-/* #define MICROCHIP_PIC32 */
-
-/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
-/* #define MICROCHIP_TCPIP_V5 */
-
-/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
-/* #define MICROCHIP_TCPIP */
-
-/* Uncomment next line if using PIC32MZ Crypto Engine */
-/* #define CYASSL_MICROCHIP_PIC32MZ */
-
-/* Uncomment next line if using FreeRTOS */
-/* #define FREERTOS */
-
-/* Uncomment next line if using FreeRTOS Windows Simulator */
-/* #define FREERTOS_WINSIM */
-
-/* Uncomment next line if using RTIP */
-/* #define EBSNET */
-
-/* Uncomment next line if using lwip */
-/* #define CYASSL_LWIP */
-
-/* Uncomment next line if building CyaSSL for a game console */
-/* #define CYASSL_GAME_BUILD */
-
-/* Uncomment next line if building CyaSSL for LSR */
-/* #define CYASSL_LSR */
-
-/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
-/* #define FREESCALE_MQX */
-
-/* Uncomment next line if using STM32F2 */
-/* #define CYASSL_STM32F2 */
-
-/* Uncomment next line if using QL SEP settings */
-/* #define CYASSL_QL */
-
-/* Uncomment next line if building for EROAD */
-/* #define CYASSL_EROAD */
-
-/* Uncomment next line if building for IAR EWARM */
-/* #define CYASSL_IAR_ARM */
-
-/* Uncomment next line if using TI-RTOS settings */
-/* #define CYASSL_TIRTOS */
-
-/* Uncomment next line if building with PicoTCP */
-/* #define CYASSL_PICOTCP */
-
-/* Uncomment next line if building for PicoTCP demo bundle */
-/* #define CYASSL_PICOTCP_DEMO */
-
-#include <cyassl/ctaocrypt/visibility.h>
-
-#ifdef IPHONE
-    #define SIZEOF_LONG_LONG 8
-#endif
-
-
-#ifdef CYASSL_USER_SETTINGS
-    #include <user_settings.h>
-#endif
-
-/* for reverse compatibility after name change */
-#include <cyassl/ctaocrypt/settings_comp.h>
-
-#ifdef THREADX
-    #define SIZEOF_LONG_LONG 8
-#endif
-
-#ifdef HAVE_NETX
-    #include "nx_api.h"
-#endif
-
-#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
-    #define CYASSL_LWIP
-    #define NO_WRITEV
-    #define SINGLE_THREADED
-    #define CYASSL_USER_IO
-    #define NO_FILESYSTEM
-#endif
-
-#if defined(CYASSL_IAR_ARM)
-    #define NO_MAIN_DRIVER
-    #define SINGLE_THREADED
-    #define USE_CERT_BUFFERS_1024
-    #define BENCH_EMBEDDED
-    #define NO_FILESYSTEM
-    #define NO_WRITEV
-    #define CYASSL_USER_IO
-    #define  BENCH_EMBEDDED
-#endif
-
-#ifdef MICROCHIP_PIC32
-    /* #define CYASSL_MICROCHIP_PIC32MZ */
-    #define SIZEOF_LONG_LONG 8
-    #define SINGLE_THREADED
-    #define CYASSL_USER_IO
-    #define NO_WRITEV
-    #define NO_DEV_RANDOM
-    #define NO_FILESYSTEM
-    #define USE_FAST_MATH
-    #define TFM_TIMING_RESISTANT
-#endif
-
-#if defined(CYASSL_MICROCHIP_PIC32MZ) || defined(WOLFSSL_MICROCHIP_PIC32MZ)
-    #ifndef NO_PIC32MZ_CRYPT
-        #define WOLFSSL_PIC32MZ_CRYPT
-    #endif
-    #ifndef NO_PIC32MZ_RNG
-        #define WOLFSSL_PIC32MZ_RNG
-    #endif
-    #ifndef NO_PIC32MZ_HASH
-        #define WOLFSSL_PIC32MZ_HASH
-    #endif
-
-    #define CYASSL_AES_COUNTER
-    #define HAVE_AESGCM
-    #define NO_BIG_INT
-#endif
-
-#ifdef MICROCHIP_TCPIP_V5
-    /* include timer functions */
-    #include "TCPIP Stack/TCPIP.h"
-#endif
-
-#ifdef MICROCHIP_TCPIP
-    /* include timer, NTP functions */
-    #ifdef MICROCHIP_MPLAB_HARMONY
-        #include "tcpip/tcpip.h"
-    #else
-        #include "system/system_services.h"
-        #include "tcpip/sntp.h"
-    #endif
-#endif
-
-#ifdef MBED
-    #define CYASSL_USER_IO
-    #define NO_FILESYSTEM
-    #define NO_CERTS
-    #define USE_CERT_BUFFERS_1024
-    #define NO_WRITEV
-    #define NO_DEV_RANDOM
-    #define NO_SHA512
-    #define NO_DH
-    #define NO_DSA
-    #define HAVE_ECC
-    #define NO_SESSION_CACHE
-    #define CYASSL_CMSIS_RTOS
-#endif
-
-
-#ifdef CYASSL_EROAD
-    #define FREESCALE_MQX
-    #define FREESCALE_MMCAU
-    #define SINGLE_THREADED
-    #define NO_STDIO_FILESYSTEM
-    #define CYASSL_LEANPSK
-    #define HAVE_NULL_CIPHER
-    #define NO_OLD_TLS
-    #define NO_ASN
-    #define NO_BIG_INT
-    #define NO_RSA
-    #define NO_DSA
-    #define NO_DH
-    #define NO_CERTS
-    #define NO_PWDBASED
-    #define NO_DES3
-    #define NO_MD4
-    #define NO_RC4
-    #define NO_MD5
-    #define NO_SESSION_CACHE
-    #define NO_MAIN_DRIVER
-#endif
-
-#ifdef CYASSL_PICOTCP
-    #define errno pico_err
-    #include "pico_defines.h"
-    #include "pico_stack.h"
-    #include "pico_constants.h"
-    #define CUSTOM_RAND_GENERATE pico_rand
-#endif
-
-#ifdef CYASSL_PICOTCP_DEMO
-    #define CYASSL_STM32
-    #define USE_FAST_MATH
-    #define TFM_TIMING_RESISTANT
-    #define XMALLOC(s, h, type)  PICO_ZALLOC((s))
-    #define XFREE(p, h, type)    PICO_FREE((p))
-    #define SINGLE_THREADED
-    #define NO_WRITEV
-    #define CYASSL_USER_IO
-    #define NO_DEV_RANDOM
-    #define NO_FILESYSTEM
-#endif
-
-#ifdef FREERTOS_WINSIM
-    #define FREERTOS
-    #define USE_WINDOWS_API
-#endif
-
-
-/* Micrium will use Visual Studio for compilation but not the Win32 API */
-#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
-        && !defined(EBSNET) && !defined(CYASSL_EROAD) && !defined(INTIME_RTOS)
-    #define USE_WINDOWS_API
-#endif
-
-
-#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
-    #include <stdlib.h>
-    #define XMALLOC(s, h, type)  malloc((s))
-    #define XFREE(p, h, type)    free((p))
-    #define XREALLOC(p, n, h, t) realloc((p), (n))
-#endif
-
-#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
-    #undef  XMALLOC
-    #define XMALLOC     yaXMALLOC
-    #undef  XFREE
-    #define XFREE       yaXFREE
-    #undef  XREALLOC
-    #define XREALLOC    yaXREALLOC
-#endif
-
-
-#ifdef FREERTOS
-    #ifndef NO_WRITEV
-        #define NO_WRITEV
-    #endif
-    #ifndef NO_SHA512
-        #define NO_SHA512
-    #endif
-    #ifndef NO_DH
-        #define NO_DH
-    #endif
-    #ifndef NO_DSA
-        #define NO_DSA
-    #endif
-
-    #ifndef SINGLE_THREADED
-        #include "FreeRTOS.h"
-        #include "semphr.h"
-    #endif
-#endif
-
-#ifdef CYASSL_TIRTOS
-    #define SIZEOF_LONG_LONG 8
-    #define NO_WRITEV
-    #define NO_CYASSL_DIR
-    #define USE_FAST_MATH
-    #define TFM_TIMING_RESISTANT
-    #define NO_DEV_RANDOM
-    #define NO_FILESYSTEM
-    #define USE_CERT_BUFFERS_2048
-    #define NO_ERROR_STRINGS
-    #define USER_TIME
-
-    #ifdef __IAR_SYSTEMS_ICC__
-        #pragma diag_suppress=Pa089
-    #elif !defined(__GNUC__)
-        /* Suppress the sslpro warning */
-        #pragma diag_suppress=11
-    #endif
-
-    #include <ti/ndk/nettools/mytime/mytime.h>
-#endif
-
-#ifdef EBSNET
-    #include "rtip.h"
-
-    /* #define DEBUG_CYASSL */
-    #define NO_CYASSL_DIR  /* tbd */
-
-    #if (POLLOS)
-        #define SINGLE_THREADED
-    #endif
-
-    #if (RTPLATFORM)
-        #if (!RTP_LITTLE_ENDIAN)
-            #define BIG_ENDIAN_ORDER
-        #endif
-    #else
-        #if (!KS_LITTLE_ENDIAN)
-            #define BIG_ENDIAN_ORDER
-        #endif
-    #endif
-
-    #if (WINMSP3)
-        #undef SIZEOF_LONG
-        #define SIZEOF_LONG_LONG 8
-    #else
-        #if !defined(SIZEOF_LONG) && !defined(SIZEOF_LONG_LONG)
-            #error settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
-        #endif
-    #endif
-
-    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
-    #define XFREE(p, h, type) (rtp_free(p))
-    #define XREALLOC(p, n, h, t) realloc((p), (n))
-
-#endif /* EBSNET */
-
-#ifdef CYASSL_GAME_BUILD
-    #define SIZEOF_LONG_LONG 8
-#endif
-
-#ifdef CYASSL_LSR
-    #define HAVE_WEBSERVER
-    #define SIZEOF_LONG_LONG 8
-    #define CYASSL_LOW_MEMORY
-    #define NO_WRITEV
-    #define NO_SHA512
-    #define NO_DH
-    #define NO_DSA
-    #define NO_DEV_RANDOM
-    #define NO_CYASSL_DIR
-    #ifndef NO_FILESYSTEM
-        #define LSR_FS
-        #include "inc/hw_types.h"
-        #include "fs.h"
-    #endif
-    #define CYASSL_LWIP
-    #include <errno.h>  /* for tcp errno */
-    #define CYASSL_SAFERTOS
-    #if defined(__IAR_SYSTEMS_ICC__)
-        /* enum uses enum */
-        #pragma diag_suppress=Pa089
-    #endif
-#endif
-
-#ifdef CYASSL_SAFERTOS
-    #ifndef SINGLE_THREADED
-        #include "SafeRTOS/semphr.h"
-    #endif
-
-    #include "SafeRTOS/heap.h"
-    #define XMALLOC(s, h, type)  pvPortMalloc((s))
-    #define XFREE(p, h, type)    vPortFree((p))
-    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
-#endif
-
-#ifdef CYASSL_LOW_MEMORY
-    #undef  RSA_LOW_MEM
-    #define RSA_LOW_MEM
-    #undef  CYASSL_SMALL_STACK
-    #define CYASSL_SMALL_STACK
-    #undef  TFM_TIMING_RESISTANT
-    #define TFM_TIMING_RESISTANT
-#endif
-
-#ifdef FREESCALE_MQX
-    #define SIZEOF_LONG_LONG 8
-    #define NO_WRITEV
-    #define NO_DEV_RANDOM
-    #define NO_CYASSL_DIR
-    #define USE_FAST_MATH
-    #define TFM_TIMING_RESISTANT
-    #define FREESCALE_K70_RNGA
-    /* #define FREESCALE_K53_RNGB */
-    #include "mqx.h"
-    #ifndef NO_FILESYSTEM
-        #include "mfs.h"
-        #include "fio.h"
-    #endif
-    #ifndef SINGLE_THREADED
-        #include "mutex.h"
-    #endif
-
-    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
-    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
-    /* Note: MQX has no realloc, using fastmath above */
-#endif
-
-#ifdef CYASSL_STM32F2
-    #define SIZEOF_LONG_LONG 8
-    #define NO_DEV_RANDOM
-    #define NO_CYASSL_DIR
-    #define STM32F2_RNG
-    #define STM32F2_CRYPTO
-    #define KEIL_INTRINSICS
-#endif
-
-#ifdef MICRIUM
-
-    #include "stdlib.h"
-    #include "net_cfg.h"
-    #include "ssl_cfg.h"
-    #include "net_secure_os.h"
-
-    #define CYASSL_TYPES
-
-    typedef CPU_INT08U byte;
-    typedef CPU_INT16U word16;
-    typedef CPU_INT32U word32;
-
-    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
-        #define SIZEOF_LONG        4
-        #undef  SIZEOF_LONG_LONG
-    #else
-        #undef  SIZEOF_LONG
-        #define SIZEOF_LONG_LONG   8
-    #endif
-
-    #define STRING_USER
-
-    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
-    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
-                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
-                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
-    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
-                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
-                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))
-    #define XSTRSTR(pstr, pstr_srch) \
-                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
-                     (CPU_CHAR *)(pstr_srch)))
-    #define XMEMSET(pmem, data_val, size) \
-                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
-                    (CPU_SIZE_T)(size)))
-    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
-                     (void *)(psrc), (CPU_SIZE_T)(size)))
-    #define XMEMCMP(pmem_1, pmem_2, size) \
-                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
-                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
-    #define XMEMMOVE XMEMCPY
-
-#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
-    #define MICRIUM_MALLOC
-    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
-                                 (CPU_SIZE_T)(s), (void *)0))
-    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
-                                 (p), (void *)0))
-    #define XREALLOC(p, n, h, t) realloc((p), (n))
-#endif
-
-    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
-        #undef  NO_FILESYSTEM
-    #else
-        #define NO_FILESYSTEM
-    #endif
-
-    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
-        #define DEBUG_CYASSL
-    #else
-        #undef  DEBUG_CYASSL
-    #endif
-
-    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
-        #define OPENSSL_EXTRA
-    #else
-        #undef  OPENSSL_EXTRA
-    #endif
-
-    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
-        #undef  SINGLE_THREADED
-    #else
-        #define SINGLE_THREADED
-    #endif
-
-    #if (SSL_CFG_DH_EN == DEF_ENABLED)
-        #undef  NO_DH
-    #else
-        #define NO_DH
-    #endif
-
-    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
-        #undef  NO_DSA
-    #else
-        #define NO_DSA
-    #endif
-
-    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
-        #undef  NO_PSK
-    #else
-        #define NO_PSK
-    #endif
-
-    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
-        #undef  NO_DES3
-    #else
-        #define NO_DES3
-    #endif
-
-    #if (SSL_CFG_AES_EN == DEF_ENABLED)
-        #undef  NO_AES
-    #else
-        #define NO_AES
-    #endif
-
-    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
-        #undef  NO_RC4
-    #else
-        #define NO_RC4
-    #endif
-
-    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
-        #define BIG_ENDIAN_ORDER
-    #else
-        #undef  BIG_ENDIAN_ORDER
-        #define LITTLE_ENDIAN_ORDER
-    #endif
-
-    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
-        #undef  NO_MD4
-    #else
-        #define NO_MD4
-    #endif
-
-    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
-        #undef  NO_WRITEV
-    #else
-        #define NO_WRITEV
-    #endif
-
-    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
-        #define NO_DEV_RANDOM
-    #else
-        #undef  NO_DEV_RANDOM
-    #endif
-
-    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
-        #define CYASSL_USER_IO
-    #else
-        #undef  CYASSL_USER_IO
-    #endif
-
-    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
-        #undef  LARGE_STATIC_BUFFERS
-        #undef  STATIC_CHUNKS_ONLY
-    #else
-        #define LARGE_STATIC_BUFFERS
-        #define STATIC_CHUNKS_ONLY
-    #endif
-
-    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
-        #define  CYASSL_DER_LOAD
-    #else
-        #undef   CYASSL_DER_LOAD
-    #endif
-
-    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
-        #define  CYASSL_DTLS
-    #else
-        #undef   CYASSL_DTLS
-    #endif
-
-    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
-         #define CYASSL_CALLBACKS
-    #else
-         #undef  CYASSL_CALLBACKS
-    #endif
-
-    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
-         #define USE_FAST_MATH
-    #else
-         #undef  USE_FAST_MATH
-    #endif
-
-    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
-         #define TFM_TIMING_RESISTANT
-    #else
-         #undef  TFM_TIMING_RESISTANT
-    #endif
-
-#endif /* MICRIUM */
-
-
-#ifdef CYASSL_QL
-    #ifndef CYASSL_SEP
-        #define CYASSL_SEP
-    #endif
-    #ifndef OPENSSL_EXTRA
-        #define OPENSSL_EXTRA
-    #endif
-    #ifndef SESSION_CERTS
-        #define SESSION_CERTS
-    #endif
-    #ifndef HAVE_AESCCM
-        #define HAVE_AESCCM
-    #endif
-    #ifndef ATOMIC_USER
-        #define ATOMIC_USER
-    #endif
-    #ifndef CYASSL_DER_LOAD
-        #define CYASSL_DER_LOAD
-    #endif
-    #ifndef KEEP_PEER_CERT
-        #define KEEP_PEER_CERT
-    #endif
-    #ifndef HAVE_ECC
-        #define HAVE_ECC
-    #endif
-    #ifndef SESSION_INDEX
-        #define SESSION_INDEX
-    #endif
-#endif /* CYASSL_QL */
-
-
-#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
-    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
-    #define USE_CYASSL_MEMORY
-#endif
-
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
-    #undef  KEEP_PEER_CERT
-    #define KEEP_PEER_CERT
-#endif
-
-
-/* stream ciphers except arc4 need 32bit alignment, intel ok without */
-#ifndef XSTREAM_ALIGNMENT
-    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
-        #define NO_XSTREAM_ALIGNMENT
-    #else
-        #define XSTREAM_ALIGNMENT
-    #endif
-#endif
-
-
-/* FreeScale MMCAU hardware crypto has 4 byte alignment */
-#ifdef FREESCALE_MMCAU
-    #define CYASSL_MMCAU_ALIGNMENT 4
-#endif
-
-/* if using hardware crypto and have alignment requirements, specify the
-   requirement here.  The record header of SSL/TLS will prvent easy alignment.
-   This hint tries to help as much as possible.  */
-#ifndef CYASSL_GENERAL_ALIGNMENT
-    #ifdef CYASSL_AESNI
-        #define CYASSL_GENERAL_ALIGNMENT 16
-    #elif defined(XSTREAM_ALIGNMENT)
-        #define CYASSL_GENERAL_ALIGNMENT  4
-    #elif defined(FREESCALE_MMCAU)
-        #define CYASSL_GENERAL_ALIGNMENT  CYASSL_MMCAU_ALIGNMENT
-    #else
-        #define CYASSL_GENERAL_ALIGNMENT  0
-    #endif
-#endif
-
-
-#ifdef __INTEL_COMPILER
-    #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
-#endif
-
-
-/* Place any other flags or defines here */
-
-
-#ifdef __cplusplus
-    }   /* extern "C" */
-#endif
-
-
-#endif /* CTAO_CRYPT_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h
deleted file mode 100644
index bb29655c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/settings_comp.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/* settings_comp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#ifndef CTAO_CRYPT_SETTINGS_C_H
-#define CTAO_CRYPT_SETTINGS_C_H
-
-
-/* since fips overrides rsa.h map compatibility here */
-#if !defined(NO_RSA)
-	#ifdef WOLFSSL_KEY_GEN
-	    #define RsaKeyToDer wc_RsaKeyToDer
-	#endif
-
-	#define RsaPrivateKeyDecode   wc_RsaPrivateKeyDecode
-	#define RsaPublicKeyDecode    wc_RsaPublicKeyDecode
-	#define RsaPublicKeyDecodeRaw wc_RsaPublicKeyDecodeRaw
-#endif /* have rsa and HAVE_FIPS */
-
-/* Macro redefinitions for compatibility */
-#if defined(WOLFSSL_SHA512) && !defined(CYASSL_SHA512)
-    #define CYASSL_SHA512
-#endif
-#if defined(WOLFSSL_SHA384) && !defined(CYASSL_SHA384)
-    #define CYASSL_SHA384
-#endif
-#if defined(WOLFSSL_LEANPSK) && !defined(CYASSL_LEANPSK)
-    #define CYASSL_LEANPSK
-#endif
-#if defined(NO_WOLFSSL_MEMORY) && !defined(NO_CYASSL_MEMORY)
-    #define NO_CYASSL_MEMORY
-#endif
-#if defined(WOLFSSL_KEY_GEN) && !defined(CYASSL_KEY_GEN)
-    #define CYASSL_KEY_GEN
-#endif
-
-/* AES */
-#if defined(WOLFSSL_AES_DIRECT) && !defined(CYASSL_AES_DIRECT)
-    #define CYASSL_AES_DIRECT
-#endif
-#if defined(WOLFSSL_AES_COUNTER) && !defined(CYASSL_AES_COUNTER)
-    #define CYASSL_AES_COUNTER
-#endif
-
-/* DES */
-#if defined(WOLFSSL_DES_ECB) && !defined(CYASSL_DES_ECB)
-    #define CYASSL_DES_ECB
-#endif
-
-#endif /* CTAO_CRYPT_SETTINGS_C_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h
deleted file mode 100644
index 697426b4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/* sha.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef NO_SHA
-
-#ifndef CTAO_CRYPT_SHA_H
-#define CTAO_CRYPT_SHA_H
-
-#include <wolfssl/wolfcrypt/sha.h>
-#define InitSha   wc_InitSha
-#define ShaUpdate wc_ShaUpdate
-#define ShaFinal  wc_ShaFinal
-#define ShaHash   wc_ShaHash
-
-#endif /* CTAO_CRYPT_SHA_H */
-#endif /* NO_SHA */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h
deleted file mode 100644
index c44461af..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha256.h
+++ /dev/null
@@ -1,46 +0,0 @@
-/* sha256.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-
-
-#ifndef NO_SHA256
-
-#ifndef CTAO_CRYPT_SHA256_H
-#define CTAO_CRYPT_SHA256_H
-
-#include <wolfssl/wolfcrypt/sha256.h>
-#define InitSha256   wc_InitSha256
-#define Sha256Update wc_Sha256Update
-#define Sha256Final  wc_Sha256Final
-#define Sha256Hash   wc_Sha256Hash
-
-#ifdef WOLFSSL_SHA224
-    #define InitSha224   wc_InitSha224
-    #define Sha224Update wc_Sha224Update
-    #define Sha224Final  wc_Sha224Final
-    #define Sha224Hash   wc_Sha224Hash
-#endif
-
-#endif /* CTAO_CRYPT_SHA256_H */
-#endif /* NO_SHA256 */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h
deleted file mode 100644
index 95b98d15..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/sha512.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* sha512.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_SHA512_H
-#define CTAO_CRYPT_SHA512_H
-
-#include <wolfssl/wolfcrypt/sha512.h>
-#define InitSha512   wc_InitSha512
-#define Sha512Update wc_Sha512Update
-#define Sha512Final  wc_Sha512Final
-#define Sha512Hash   wc_Sha512Hash
-
-#if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
-    #define InitSha384   wc_InitSha384
-    #define Sha384Update wc_Sha384Update
-    #define Sha384Final  wc_Sha384Final
-    #define Sha384Hash   wc_Sha384Hash
-#endif /* WOLFSSL_SHA384 */
-
-#endif /* CTAO_CRYPT_SHA512_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h
deleted file mode 100644
index 2498ecbd..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/tfm.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* tfm.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/*
- * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca,
- * http://math.libtomcrypt.com
- */
-
-
-/**
- *  Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br)
- *  to fit CyaSSL's needs.
- */
-
-
-#ifndef CTAO_CRYPT_TFM_H
-#define CTAO_CRYPT_TFM_H
-
-#include <wolfssl/wolfcrypt/tfm.h>
-
-#endif  /* CTAO_CRYPT_TFM_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h
deleted file mode 100644
index 68a63cac..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/types.h
+++ /dev/null
@@ -1,39 +0,0 @@
-/* types.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-#ifndef CTAO_CRYPT_TYPES_H
-#define CTAO_CRYPT_TYPES_H
-
-#include <cyassl/ctaocrypt/wc_port.h>
-#include <cyassl/ctaocrypt/settings.h>
-#include <wolfssl/wolfcrypt/types.h>
-
-/* compatibility macros */
-#define CYASSL_WORD_SIZE    WOLFSSL_WORD_SIZE
-#define CYASSL_BIT_SIZE     WOLFSSL_BIT_SIZE
-#define CYASSL_MAX_16BIT    WOLFSSL_MAX_16BIT
-#define CYASSL_MAX_ERROR_SZ WOLFSSL_MAX_ERROR_SZ
-#define cyassl_word         wolfssl_word
-
-#endif /* CTAO_CRYPT_TYPES_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h b/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h
deleted file mode 100644
index 3572fb51..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/visibility.h
+++ /dev/null
@@ -1,73 +0,0 @@
-/* visibility.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/* Visibility control macros */
-
-#ifndef CTAO_CRYPT_VISIBILITY_H
-#define CTAO_CRYPT_VISIBILITY_H
-
-/* fips compatibility @wc_fips */
-#ifndef HAVE_FIPS
-    #include <wolfssl/wolfcrypt/visibility.h>
-    #define CYASSL_API   WOLFSSL_API
-	#define CYASSL_LOCAL WOLFSSL_LOCAL
-#else
-/* CYASSL_API is used for the public API symbols.
-        It either imports or exports (or does nothing for static builds)
-
-   CYASSL_LOCAL is used for non-API symbols (private).
-*/
-
-#if defined(BUILDING_WOLFSSL)
-    #if defined(HAVE_VISIBILITY) && HAVE_VISIBILITY
-        #define CYASSL_API   __attribute__ ((visibility("default")))
-        #define CYASSL_LOCAL __attribute__ ((visibility("hidden")))
-    #elif defined(__SUNPRO_C) && (__SUNPRO_C >= 0x550)
-        #define CYASSL_API   __global
-        #define CYASSL_LOCAL __hidden
-    #elif defined(_MSC_VER)
-        #ifdef CYASSL_DLL
-            #define CYASSL_API extern __declspec(dllexport)
-        #else
-            #define CYASSL_API
-        #endif
-        #define CYASSL_LOCAL
-    #else
-        #define CYASSL_API
-        #define CYASSL_LOCAL
-    #endif /* HAVE_VISIBILITY */
-#else /* BUILDING_WOLFSSL */
-    #if defined(_MSC_VER)
-        #ifdef CYASSL_DLL
-            #define CYASSL_API extern __declspec(dllimport)
-        #else
-            #define CYASSL_API
-        #endif
-        #define CYASSL_LOCAL
-    #else
-        #define CYASSL_API
-        #define CYASSL_LOCAL
-    #endif
-#endif /* BUILDING_WOLFSSL */
-#endif /* HAVE_FIPS */
-#endif /* CTAO_CRYPT_VISIBILITY_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/include.am b/extra/wolfssl/wolfssl/cyassl/include.am
deleted file mode 100644
index b4c7e043..00000000
--- a/extra/wolfssl/wolfssl/cyassl/include.am
+++ /dev/null
@@ -1,31 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-#
-
-include cyassl/ctaocrypt/include.am
-include cyassl/openssl/include.am
-
-EXTRA_DIST+= cyassl/sniffer_error.rc
-
-nobase_include_HEADERS+= \
-                         cyassl/error-ssl.h \
-                         cyassl/ssl.h \
-                         cyassl/sniffer_error.h \
-                         cyassl/sniffer.h \
-                         cyassl/callbacks.h \
-                         cyassl/certs_test.h \
-                         cyassl/test.h \
-                         cyassl/version.h \
-                         cyassl/ocsp.h \
-                         cyassl/crl.h
-
-noinst_HEADERS+= \
-                         cyassl/internal.h
-
-# For distro build don't install options.h.
-# It depends on the architecture and conflicts with Multi-Arch.
-if BUILD_DISTRO
-noinst_HEADERS+=         cyassl/options.h
-else
-nobase_include_HEADERS+= cyassl/options.h
-endif
diff --git a/extra/wolfssl/wolfssl/cyassl/internal.h b/extra/wolfssl/wolfssl/cyassl/internal.h
deleted file mode 100644
index abf49bd3..00000000
--- a/extra/wolfssl/wolfssl/cyassl/internal.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* internal.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/internal.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/ocsp.h b/extra/wolfssl/wolfssl/cyassl/ocsp.h
deleted file mode 100644
index 256c422d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ocsp.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* ocsp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/ocsp.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h b/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h
deleted file mode 100644
index 35be23f7..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/asn1.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* asn1.h for openssl */
-
-#include <wolfssl/openssl/asn1.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/bio.h b/extra/wolfssl/wolfssl/cyassl/openssl/bio.h
deleted file mode 100644
index 8f529835..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/bio.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* bio.h for openssl */
-
-#include <wolfssl/openssl/bio.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/bn.h b/extra/wolfssl/wolfssl/cyassl/openssl/bn.h
deleted file mode 100644
index e14f4e28..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/bn.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* bn.h for openssl */
-
-#include <wolfssl/openssl/bn.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/conf.h b/extra/wolfssl/wolfssl/cyassl/openssl/conf.h
deleted file mode 100644
index 4005ea9d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/conf.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* conf.h for openssl */
-
-#include <wolfssl/openssl/conf.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h b/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h
deleted file mode 100644
index 32e11082..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/crypto.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* crypto.h for openSSL */
-
-#include <wolfssl/openssl/crypto.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/dh.h b/extra/wolfssl/wolfssl/cyassl/openssl/dh.h
deleted file mode 100644
index 6fd8e36e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/dh.h
+++ /dev/null
@@ -1,4 +0,0 @@
-/* dh.h for openSSL */
-
-
-#include <wolfssl/openssl/dh.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h
deleted file mode 100644
index 39ddf8ce..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/dsa.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/* dsa.h for openSSL */
-
-#ifndef CYASSL_OPENSSL_DSA
-#define CYASSL_OPENSSL_DSA
-
-#define CyaSSL_DSA_LoadDer  wolfSSL_DSA_LoadDer
-#define CyaSSL_DSA_do_sign  wolfSSL_DSA_do_sign
-
-#include <cyassl/openssl/ssl.h>
-#include <wolfssl/openssl/dsa.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec.h
deleted file mode 100644
index 1ce8aa94..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec.h for openssl */
-
-#include <wolfssl/openssl/ec.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h
deleted file mode 100644
index 6ee89450..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec25519.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec25519.h  */
-
-#include <wolfssl/openssl/ec25519.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h b/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h
deleted file mode 100644
index c3fe4c3a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ec448.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ec448.h  */
-
-#include <wolfssl/openssl/ec448.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h b/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h
deleted file mode 100644
index b774bf0d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ecdh.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ecdh.h for openssl */
-
-#include <wolfssl/openssl/ecdh.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h
deleted file mode 100644
index 9a1c02b3..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ecdsa.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ecdsa.h for openssl */
-
-#include <wolfssl/openssl/ecdsa.h>
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h b/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h
deleted file mode 100644
index 240cbcaa..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ed25519.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ed25519.h  */
-
-#include <wolfssl/openssl/ed25519.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h b/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h
deleted file mode 100644
index ebb9c619..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ed448.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ed448.h  */
-
-#include <wolfssl/openssl/ed448.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/engine.h b/extra/wolfssl/wolfssl/cyassl/openssl/engine.h
deleted file mode 100644
index fcce4bdb..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/engine.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* engine.h for libcurl */
-
-#include <wolfssl/openssl/engine.h>
-
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/err.h b/extra/wolfssl/wolfssl/cyassl/openssl/err.h
deleted file mode 100644
index 36111170..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/err.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* err.h for openssl */
-
-#include <wolfssl/openssl/err.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/evp.h b/extra/wolfssl/wolfssl/cyassl/openssl/evp.h
deleted file mode 100644
index 0d4026cc..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/evp.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/* evp.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-
-/*  evp.h defines mini evp openssl compatibility layer
- *
- */
-
-#ifndef CYASSL_OPENSSL_EVP
-#define CYASSL_OPENSSL_EVP
-
-#define CyaSSL_StoreExternalIV       wolfSSL_StoreExternalIV
-#define CyaSSL_SetInternalIV         wolfSSL_SetInternalIV
-#define CYASSL_EVP_MD                WOLFSSL_EVP_MD
-#define CyaSSL_EVP_X_STATE           wolfSSL_EVP_X_STATE
-#define CyaSSL_EVP_X_STATE_LEN       wolfSSL_EVP_X_STATE_LEN
-#define CyaSSL_3des_iv               wolfSSL_3des_iv
-#define CyaSSL_aes_ctr_iv            wolfSSL_aes_ctr_iv
-
-#include <wolfssl/openssl/evp.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/include.am b/extra/wolfssl/wolfssl/cyassl/openssl/include.am
deleted file mode 100644
index a1b25c6b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/include.am
+++ /dev/null
@@ -1,42 +0,0 @@
-# vim:ft=automake
-# All paths should be given relative to the root
-
-nobase_include_HEADERS+= \
-                         cyassl/openssl/asn1.h \
-                         cyassl/openssl/bio.h \
-                         cyassl/openssl/bn.h \
-                         cyassl/openssl/conf.h \
-                         cyassl/openssl/crypto.h \
-                         cyassl/openssl/des.h \
-                         cyassl/openssl/dh.h \
-                         cyassl/openssl/dsa.h \
-                         cyassl/openssl/ecdsa.h \
-                         cyassl/openssl/ecdh.h \
-                         cyassl/openssl/ec.h \
-                         cyassl/openssl/ec25519.h \
-                         cyassl/openssl/ed25519.h \
-                         cyassl/openssl/ec448.h \
-                         cyassl/openssl/ed448.h \
-                         cyassl/openssl/engine.h \
-                         cyassl/openssl/err.h \
-                         cyassl/openssl/evp.h \
-                         cyassl/openssl/hmac.h \
-                         cyassl/openssl/lhash.h \
-                         cyassl/openssl/md4.h \
-                         cyassl/openssl/md5.h \
-                         cyassl/openssl/ripemd.h \
-                         cyassl/openssl/ocsp.h \
-                         cyassl/openssl/opensslconf.h \
-                         cyassl/openssl/opensslv.h \
-                         cyassl/openssl/ossl_typ.h \
-                         cyassl/openssl/pem.h \
-                         cyassl/openssl/pkcs12.h \
-                         cyassl/openssl/rand.h \
-                         cyassl/openssl/rsa.h \
-                         cyassl/openssl/sha.h \
-                         cyassl/openssl/ssl23.h \
-                         cyassl/openssl/ssl.h \
-                         cyassl/openssl/stack.h \
-                         cyassl/openssl/ui.h \
-                         cyassl/openssl/x509.h \
-                         cyassl/openssl/x509v3.h
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h b/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h
deleted file mode 100644
index 6285f6a5..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/lhash.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* lhash.h for openSSL */
-
-#include <wolfssl/openssl/lhash.h>
\ No newline at end of file
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/md4.h b/extra/wolfssl/wolfssl/cyassl/openssl/md4.h
deleted file mode 100644
index fb0d437a..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/md4.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* md4.h for libcurl */
-
-#include <wolfssl/openssl/md4.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/md5.h b/extra/wolfssl/wolfssl/cyassl/openssl/md5.h
deleted file mode 100644
index f3dd4e4b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/md5.h
+++ /dev/null
@@ -1,5 +0,0 @@
-/* md5.h for openssl */
-
-
-#include <wolfssl/openssl/md5.h>
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h b/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h
deleted file mode 100644
index 8c0f4680..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ocsp.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ocsp.h for libcurl */
-
-#include <wolfssl/openssl/ocsp.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h b/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h
deleted file mode 100644
index 7f21cd95..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/opensslconf.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* opensslconf.h for openSSL */
-
-#include <wolfssl/openssl/opensslconf.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h b/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h
deleted file mode 100644
index d119f82e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/opensslv.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* opensslv.h compatibility */
-
-#include <wolfssl/openssl/opensslv.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h b/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h
deleted file mode 100644
index 5e6e627d..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ossl_typ.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ossl_typ.h for openssl */
-
-#include <wolfssl/openssl/ossl_typ.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/pem.h b/extra/wolfssl/wolfssl/cyassl/openssl/pem.h
deleted file mode 100644
index a07b9120..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/pem.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* pem.h for openssl */
-
-#include <wolfssl/openssl/pem.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h b/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h
deleted file mode 100644
index 1fb089fb..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/pkcs12.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* pkcs12.h for openssl */
-
-#include <wolfssl/openssl/pkcs12.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/rand.h b/extra/wolfssl/wolfssl/cyassl/openssl/rand.h
deleted file mode 100644
index 5bd77b6c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/rand.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* rand.h for openSSL */
-
-#include <wolfssl/openssl/ssl.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h b/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h
deleted file mode 100644
index b25de783..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ripemd.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ripemd.h for openssl */
-
-#include <wolfssl/openssl/ripemd.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h b/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h
deleted file mode 100644
index f4f24b82..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/rsa.h
+++ /dev/null
@@ -1,12 +0,0 @@
-/* rsa.h for openSSL */
-
-#ifndef CYASSL_OPENSSL_RSA
-#define CYASSL_OPENSSL_RSA
-
-#define CyaSSL_RSA_GenAdd   wolfSSL_RSA_GenAdd
-#define CyaSSL_RSA_LoadDer  wolfSSL_RSA_LoadDer
-
-#include <cyassl/openssl/ssl.h>
-#include <wolfssl/openssl/rsa.h>
-#endif
-
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/sha.h b/extra/wolfssl/wolfssl/cyassl/openssl/sha.h
deleted file mode 100644
index ced3ca19..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/sha.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* sha.h for openssl */
-
-#include <wolfssl/openssl/sha.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h b/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h
deleted file mode 100644
index a91524b9..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ssl23.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ssl23.h for openssl */
-
-#include <wolfssl/openssl/ssl23.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/stack.h b/extra/wolfssl/wolfssl/cyassl/openssl/stack.h
deleted file mode 100644
index 831502f5..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/stack.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* stack.h for openssl */
-
-#include <wolfssl/openssl/stack.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/ui.h b/extra/wolfssl/wolfssl/cyassl/openssl/ui.h
deleted file mode 100644
index b1f4042e..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/ui.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* ui.h for openssl */
-
-#include <wolfssl/openssl/ui.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/x509.h b/extra/wolfssl/wolfssl/cyassl/openssl/x509.h
deleted file mode 100644
index 9d130028..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/x509.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* x509.h for openssl */
-
-#include <wolfssl/openssl/ssl.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h b/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h
deleted file mode 100644
index 2a5240d9..00000000
--- a/extra/wolfssl/wolfssl/cyassl/openssl/x509v3.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* x509v3.h for openssl */
-
-#include <wolfssl/openssl/x509v3.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer.h b/extra/wolfssl/wolfssl/cyassl/sniffer.h
deleted file mode 100644
index 560932b4..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* sniffer.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/sniffer.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer_error.h b/extra/wolfssl/wolfssl/cyassl/sniffer_error.h
deleted file mode 100644
index 450ec676..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer_error.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/* sniffer_error.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/sniffer_error.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc b/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc
deleted file mode 100644
index 8bcd6926..00000000
--- a/extra/wolfssl/wolfssl/cyassl/sniffer_error.rc
+++ /dev/null
@@ -1,93 +0,0 @@
-
-STRINGTABLE 
-{
-    1, "Out of Memory"
-    2, "New SSL Sniffer Server Registered"
-    3, "Checking IP Header"
-    4, "SSL Sniffer Server Not Registered"
-    5, "Checking TCP Header"
-
-    6, "SSL Sniffer Server Port Not Registered"
-    7, "RSA Private Decrypt Error"
-    8, "RSA Private Decode Error"
-    9, "Set Cipher Spec Error"
-    10, "Server Hello Input Malformed"
-
-    11, "Couldn't Resume Session Error"
-    12, "Server Did Resumption"
-    13, "Client Hello Input Malformed"
-    14, "Client Trying to Resume"
-    15, "Handshake Input Malformed"
-
-    16, "Got Hello Verify msg"
-    17, "Got Server Hello msg"
-    18, "Got Cert Request msg"
-    19, "Got Server Key Exchange msg"
-    20, "Got Cert msg"
-
-    21, "Got Server Hello Done msg"
-    22, "Got Finished msg"
-    23, "Got Client Hello msg"
-    24, "Got Client Key Exchange msg"
-    25, "Got Cert Verify msg"
-
-    26, "Got Unknown Handshake msg"
-    27, "New SSL Sniffer Session created"
-    28, "Couldn't create new SSL"
-    29, "Got a Packet to decode"
-    30, "No data present"
-
-    31, "Session Not Found"
-    32, "Got an Old Client Hello msg"
-    33, "Old Client Hello Input Malformed"
-    34, "Old Client Hello OK"
-    35, "Bad Old Client Hello"
-
-    36, "Bad Record Header"
-    37, "Record Header Input Malformed"
-    38, "Got a HandShake msg"
-    39, "Bad HandShake msg"
-    40, "Got a Change Cipher Spec msg"
-
-    41, "Got Application Data msg"
-    42, "Bad Application Data"
-    43, "Got an Alert msg"
-    44, "Another msg to Process"
-    45, "Removing Session From Table"
-
-    46, "Bad Key File"
-    47, "Wrong IP Version"
-    48, "Wrong Protocol type"
-    49, "Packet Short for header processing"
-    50, "Got Unknown Record Type"
-    
-    51, "Can't Open Trace File"
-    52, "Session in Fatal Error State"
-    53, "Partial SSL record received"
-    54, "Buffer Error, malformed input"
-    55, "Added to Partial Input"
-
-    56, "Received a Duplicate Packet"
-    57, "Received an Out of Order Packet"
-    58, "Received an Overlap Duplicate Packet"
-    59, "Received an Overlap Reassembly Begin Duplicate Packet"
-    60, "Received an Overlap Reassembly End Duplicate Packet"
-    
-    61, "Missed the Client Hello Entirely"
-    62, "Got Hello Request msg"
-    63, "Got Session Ticket msg"
-    64, "Bad Input"
-    65, "Bad Decrypt Type"
-
-    66, "Bad Finished Message Processing"
-    67, "Bad Compression Type"
-    68, "Bad DeriveKeys Error"
-    69, "Saw ACK for Missing Packet Error"
-    70, "Bad Decrypt Operation"
-
-    71, "Decrypt Keys Not Set Up"
-    72, "Late Key Load Error"
-    73, "Got Certificate Status msg"
-    74, "RSA Key Missing Error"
-}
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ssl.h b/extra/wolfssl/wolfssl/cyassl/ssl.h
deleted file mode 100644
index c6606d0c..00000000
--- a/extra/wolfssl/wolfssl/cyassl/ssl.h
+++ /dev/null
@@ -1,722 +0,0 @@
-/* ssl.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-/*
- * ssl.h makes wolfssl backwards compatible with cyassl
- */
-
-#ifndef WOLFSSL_CYASSL_H_
-#define WOLFSSL_CYASSL_H_
-/*
- * Name change
- * include the new ssl.h
- */
-#include <wolfssl/ssl.h>
-#include <cyassl/ctaocrypt/types.h>
-#include <cyassl/ctaocrypt/settings.h>
-
-#ifdef __cplusplus
-    extern "C" {
-#endif
-
-#ifdef _WIN32
-    /* wincrypt.h clashes */
-    #undef X509_NAME
-#endif
-
-#ifdef CYASSL_TIRTOS
-    #undef CYASSL_TIRTOS
-    #define CYASSL_TIRTOS WOLFSSL_TIRTOS
-#endif
-
-#define CYASSL          WOLFSSL
-#define DEBUG_CYASSL    DEBUG_WOLFSSL
-#define CYASSL_CTX      WOLFSSL_CTX
-#define CYASSL_METHOD   WOLFSSL_METHOD
-#define CYASSL_SESSION  WOLFSSL_SESSION
-
-#define CYASSL_X509       WOLFSSL_X509
-#define CYASSL_X509_NAME  WOLFSSL_X509_NAME
-#define CYASSL_X509_CHAIN WOLFSSL_X509_CHAIN
-#ifdef WOLFSSL_SNIFFER
-    #define CYASSL_SNIFFER    WOLFSSL_SNIFFER
-#endif
-
-/* redeclare guard */
-#define CYASSL_TYPES_DEFINED WOLFSSL_TYPES_DEFINED
-
-/* legacy defines */
-#define yasslIP          wolfSSLIP                                         /**/
-#define yasslPort        wolfSSLPort                                       /**/
-
-/* cyassl/ssl.h (structs) */
-#define CYASSL_RSA                WOLFSSL_RSA
-#define CYASSL_DSA                WOLFSSL_DSA
-#define CYASSL_BIO                WOLFSSL_BIO
-#define CYASSL_CIPHER             WOLFSSL_CIPHER
-#define CYASSL_MD4_CTX            WOLFSSL_MD4_CTX
-#define CYASSL_MFL_2_9            WOLFSSL_MFL_2_9                          /**/
-#define CYASSL_MFL_2_13           WOLFSSL_MFL_2_13                         /**/
-#define CYASSL_EVP_PKEY           WOLFSSL_EVP_PKEY
-#define CYASSL_X509_CRL           WOLFSSL_X509_CRL
-#define CYASSL_ASN1_TIME          WOLFSSL_ASN1_TIME
-#define CYASSL_BIO_METHOD         WOLFSSL_BIO_METHOD
-#define CYASSL_X509_STORE         WOLFSSL_X509_STORE
-#define CYASSL_X509_OBJECT        WOLFSSL_X509_OBJECT
-#define CYASSL_X509_LOOKUP        WOLFSSL_X509_LOOKUP
-#define CYASSL_ASN1_OBJECT        WOLFSSL_ASN1_OBJECT
-#define CYASSL_ASN1_STRING        WOLFSSL_ASN1_STRING
-#define CYASSL_COMP_METHOD        WOLFSSL_COMP_METHOD
-#define CYASSL_CRL_CHECKALL       WOLFSSL_CRL_CHECKALL
-#define CYASSL_ASN1_INTEGER       WOLFSSL_ASN1_INTEGER
-#define CYASSL_X509_REVOKED       WOLFSSL_X509_REVOKED
-#define CYASSL_dynlock_value      WOLFSSL_dynlock_value
-#define CYASSL_X509_EXTENSION     WOLFSSL_X509_EXTENSION
-#define CYASSL_X509_STORE_CTX     WOLFSSL_X509_STORE_CTX
-#define CYASSL_X509_LOOKUP_METHOD WOLFSSL_X509_LOOKUP_METHOD
-
-#define CyaSSL_LoadCRL            wolfSSL_LoadCRL
-#define CyaSSL_EnableCRL          wolfSSL_EnableCRL
-#define CyaSSL_SetCRL_Cb          wolfSSL_SetCRL_Cb
-
-/* cyassl/test.h */
-#ifdef CyaSSL_TEST_H
-    #define CYASSL_THREAD         WOLFSSL_THREAD
-#endif
-
-/* src/ssl.c */
-#define CYASSL_CRL                       WOLFSSL_CRL
-#define CYASSL_SSLV3                     WOLFSSL_SSLV3
-#define CYASSL_TLSV1                     WOLFSSL_TLSV1
-#define CYASSL_TLSV1_1                   WOLFSSL_TLSV1_1
-#define CYASSL_TLSV1_2                   WOLFSSL_TLSV1_2
-#define CYASSL_USER_CA                   WOLFSSL_USER_CA
-#define CYASSL_CLIENT_END                WOLFSSL_CLIENT_END
-#define CYASSL_CERT_MANAGER              WOLFSSL_CERT_MANAGER
-#define MAX_CYASSL_FILE_SIZE             MAX_WOLFSSL_FILE_SIZE
-
-#define CyaSSL_get_cipher                wolfSSL_get_cipher
-#define CyaSSL_get_ciphers               wolfSSL_get_ciphers
-#define CyaSSL_KeyPemToDer               wolfSSL_KeyPemToDer
-#define CyaSSL_get_version               wolfSSL_get_version
-#define CyaSSL_SetServerID               wolfSSL_SetServerID
-#define CyaSSL_use_old_poly              wolfSSL_use_old_poly
-#define CyaSSL_SetCertCbCtx              wolfSSL_SetCertCbCtx
-#define CyaSSL_CertPemToDer              wolfSSL_CertPemToDer
-#define CyaSSL_get_shutdown              wolfSSL_get_shutdown
-#define CyaSSL_SetMinVersion             wolfSSL_SetMinVersion
-#define CyaSSL_CTX_UnloadCAs             wolfSSL_CTX_UnloadCAs
-#define CyaSSL_session_reused            wolfSSL_session_reused
-#define CyaSSL_UnloadCertsKeys           wolfSSL_UnloadCertsKeys
-#define CyaSSL_CIPHER_get_name           wolfSSL_CIPHER_get_name
-#define CyaSSL_is_init_finished          wolfSSL_is_init_finished
-#define CyaSSL_get_alert_history         wolfSSL_get_alert_history
-#define CyaSSL_get_current_cipher        wolfSSL_get_current_cipher
-#define CyaSSL_CertManagerUnloadCAs      wolfSSL_CertManagerUnloadCAs
-#define CyaSSL_CertManagerEnableOCSP     wolfSSL_CertManagerEnableOCSP
-#define CyaSSL_CTX_check_private_key     wolfSSL_CTX_check_private_key
-#define CyaSSL_CertManagerDisableOCSP    wolfSSL_CertManagerDisableOCSP
-#define CyaSSL_get_current_cipher_suite  wolfSSL_get_current_cipher_suite
-#define CyaSSL_CTX_load_verify_locations wolfSSL_CTX_load_verify_locations
-#define CyaSSL_CTX_set_default_passwd_cb wolfSSL_CTX_set_default_passwd_cb
-
-#define CyaSSL_save_session_cache        wolfSSL_save_session_cache
-#define CyaSSL_restore_session_cache     wolfSSL_restore_session_cache
-#define CyaSSL_memsave_session_cache     wolfSSL_memsave_session_cache
-#define CyaSSL_memrestore_session_cache  wolfSSL_memrestore_session_cache
-#define CyaSSL_get_session_cache_memsize wolfSSL_get_session_cache_memsize
-
-/* certificate cache persistence, uses ctx since certs are per ctx */
-#define CyaSSL_CTX_save_cert_cache        wolfSSL_CTX_save_cert_cache
-#define CyaSSL_CTX_restore_cert_cache     wolfSSL_CTX_restore_cert_cache
-#define CyaSSL_CTX_memsave_cert_cache     wolfSSL_CTX_memsave_cert_cache
-#define CyaSSL_CTX_memrestore_cert_cache  wolfSSL_CTX_memrestore_cert_cache
-#define CyaSSL_CTX_get_cert_cache_memsize wolfSSL_CTX_get_cert_cache_memsize
-
-/* wolfSSL extensions */
-/* get wolfSSL peer X509_CHAIN */
-#define CyaSSL_get_chain_count wolfSSL_get_chain_count
-/* index cert length */
-#define CyaSSL_get_chain_length wolfSSL_get_chain_length
-/* index cert in X509 */
-#define CyaSSL_get_chain_X509 wolfSSL_get_chain_X509
-/* free X509 */
-#define CyaSSL_FreeX509 wolfSSL_FreeX509
-/* get index cert in PEM */
-#define CyaSSL_X509_get_subjectCN wolfSSL_X509_get_subjectCN
-#define CyaSSL_X509_get_der       wolfSSL_X509_get_der
-#define CyaSSL_X509_notBefore     wolfSSL_X509_notBefore
-#define CyaSSL_X509_notAfter      wolfSSL_X509_notAfter
-#define CyaSSL_X509_get_notBefore wolfSSL_X509_get_notBefore
-#define CyaSSL_X509_get_notAfter  wolfSSL_X509_get_notAfter
-#define CyaSSL_X509_version       wolfSSL_X509_version
-
-#define CyaSSL_cmp_peer_cert_to_file wolfSSL_cmp_peer_cert_to_file
-
-#define CyaSSL_X509_get_next_altname wolfSSL_X509_get_next_altname
-
-#define CyaSSL_X509_d2i wolfSSL_X509_d2i
-#ifndef NO_FILESYSTEM
-    #ifndef NO_STDIO_FILESYSTEM
-        #define CyaSSL_X509_d2i_fp wolfSSL_X509_d2i_fp
-    #endif
-#define CyaSSL_X509_load_certificate_file wolfSSL_X509_load_certificate_file
-#endif
-
-#ifdef WOLFSSL_SEP
-#define CyaSSL_X509_get_device_type      wolfSSL_X509_get_device_type
-#define CyaSSL_X509_get_hw_type          wolfSSL_X509_get_hw_type
-#define CyaSSL_X509_get_hw_serial_number wolfSSL_X509_get_hw_serial_number
-#endif
-
-#define CyaSSL_CTX_SetGenCookie wolfSSL_CTX_SetGenCookie
-#define CyaSSL_SetCookieCtx     wolfSSL_SetCookieCtx
-#define CyaSSL_GetCookieCtx     wolfSSL_GetCookieCtx
-#define CyaSSL_ERR_get_error_line_data wolfSSL_ERR_get_error_line_data
-#define CyaSSL_ERR_get_error           wolfSSL_ERR_get_error
-#define CyaSSL_ERR_clear_error         wolfSSL_ERR_clear_error
-#define CyaSSL_RAND_status             wolfSSL_RAND_status
-#define CyaSSL_RAND_bytes              wolfSSL_RAND_bytes
-#define CyaSSL_CTX_set_options         wolfSSL_CTX_set_options
-#define CyaSSL_ERR_free_strings        wolfSSL_ERR_free_strings
-#define CyaSSL_ERR_remove_state        wolfSSL_ERR_remove_state
-#define CyaSSL_EVP_cleanup             wolfSSL_EVP_cleanup
-#define CyaSSL_cleanup_all_ex_data     wolfSSL_cleanup_all_ex_data
-#define CyaSSL_CTX_set_mode            wolfSSL_CTX_set_mode
-#define CyaSSL_CTX_get_mode            wolfSSL_CTX_get_mode
-#define CyaSSL_CTX_set_default_read_ahead   wolfSSL_CTX_set_default_read_ahead
-#define CyaSSL_CTX_sess_set_cache_size      wolfSSL_CTX_sess_set_cache_size
-#define CyaSSL_CTX_set_default_verify_paths wolfSSL_CTX_set_default_verify_paths
-#define CyaSSL_CTX_set_session_id_context   wolfSSL_CTX_set_session_id_context
-#define CyaSSL_get_peer_certificate         wolfSSL_get_peer_certificate
-#define CyaSSL_BIO_printf                   wolfSSL_BIO_printf
-#define CyaSSL_ASN1_UTCTIME_print           wolfSSL_ASN1_UTCTIME_print
-#define CyaSSL_sk_num                       wolfSSL_sk_num
-#define CyaSSL_sk_value                     wolfSSL_sk_value
-
-/* stunnel 4.28 needs */
-#define CyaSSL_CTX_get_ex_data        wolfSSL_CTX_get_ex_data
-#define CyaSSL_CTX_set_ex_data        wolfSSL_CTX_set_ex_data
-#define CyaSSL_CTX_sess_set_get_cb    wolfSSL_CTX_sess_set_get_cb
-#define CyaSSL_CTX_sess_set_new_cb    wolfSSL_CTX_sess_set_new_cb
-#define CyaSSL_CTX_sess_set_remove_cb wolfSSL_CTX_sess_set_remove_cb
-
-#define CyaSSL_i2d_SSL_SESSION wolfSSL_i2d_SSL_SESSION
-#define CyaSSL_d2i_SSL_SESSION wolfSSL_d2i_SSL_SESSION
-
-#define CyaSSL_SESSION_get_timeout  wolfSSL_SESSION_get_timeout
-#define CyaSSL_SESSION_get_time     wolfSSL_SESSION_get_time
-#define CyaSSL_CTX_get_ex_new_index wolfSSL_CTX_get_ex_new_index
-
-
-/* wolfio.c */
-#define CYASSL_CBIO_ERR_ISR        WOLFSSL_CBIO_ERR_ISR
-#define CYASSL_CBIO_ERR_TIMEOUT    WOLFSSL_CBIO_ERR_TIMEOUT
-#define CYASSL_CBIO_ERR_GENERAL    WOLFSSL_CBIO_ERR_GENERAL
-#define CYASSL_CBIO_ERR_CONN_RST   WOLFSSL_CBIO_ERR_CONN_RST
-#define CYASSL_CBIO_ERR_WANT_READ  WOLFSSL_CBIO_ERR_WANT_READ
-#define CYASSL_CBIO_ERR_WANT_WRITE WOLFSSL_CBIO_ERR_WANT_WRITE
-#define CYASSL_CBIO_ERR_CONN_CLOSE WOLFSSL_CBIO_ERR_CONN_CLOSE
-
-#define CyaSSL_GetIOReadCtx        wolfSSL_GetIOReadCtx
-#define CyaSSL_GetIOWriteCtx       wolfSSL_GetIOWriteCtx
-
-/* src/tls.c */
-#define CYASSL_SERVER_END          WOLFSSL_SERVER_END
-#define CYASSL_TLS_HMAC_INNER_SZ   WOLFSSL_TLS_HMAC_INNER_SZ
-
-#define CyaSSL_DeriveTlsKeys       wolfSSL_DeriveTlsKeys
-#define CyaSSL_make_eap_keys       wolfSSL_make_eap_keys
-#define CyaSSL_MakeTlsMasterSecret wolfSSL_MakeTlsMasterSecret
-
-/* src/internal.c */
-#define CYASSL_CHAIN_CA                WOLFSSL_CHAIN_CA
-#define CYASSL_ALERT_HISTORY           WOLFSSL_ALERT_HISTORY
-#define CYASSL_SESSION_TIMEOUT         WOLFSSL_SESSION_TIMEOUT
-#define CYASSL_CBIO_ERR_CONN_RST       WOLFSSL_CBIO_ERR_CONN_RST
-
-#define cyassl_rc4                     wolfssl_rc4
-#define cyassl_aes                     wolfssl_aes
-#define cyassl_chacha                  wolfssl_chacha
-#define CyaSSL_ERR_reason_error_string wolfSSL_ERR_reason_error_string
-
-#define CyaSSL_set_ex_data  wolfSSL_set_ex_data
-#define CyaSSL_get_shutdown wolfSSL_get_shutdown
-#define CyaSSL_set_rfd      wolfSSL_set_rfd
-#define CyaSSL_set_wfd      wolfSSL_set_wfd
-#define CyaSSL_set_shutdown wolfSSL_set_shutdown
-#define CyaSSL_set_session_id_context wolfSSL_set_session_id_context
-#define CyaSSL_set_connect_state      wolfSSL_set_connect_state
-#define CyaSSL_set_accept_state       wolfSSL_set_accept_state
-#define CyaSSL_session_reused         wolfSSL_session_reused
-#define CyaSSL_SESSION_free           wolfSSL_SESSION_free
-#define CyaSSL_is_init_finished       wolfSSL_is_init_finished
-
-#define CyaSSL_get_version              wolfSSL_get_version
-#define CyaSSL_get_current_cipher_suite wolfSSL_get_current_cipher_suite
-#define CyaSSL_get_current_cipher       wolfSSL_get_current_cipher
-#define CyaSSL_CIPHER_description       wolfSSL_CIPHER_description
-#define CyaSSL_CIPHER_get_name          wolfSSL_CIPHER_get_name
-#define CyaSSL_get_cipher               wolfSSL_get_cipher
-#define CyaSSL_get1_session             wolfSSL_get1_session
-
-#define CyaSSL_X509_free      wolfSSL_X509_free
-#define CyaSSL_OPENSSL_free   wolfSSL_OPENSSL_free
-#define CyaSSL_OCSP_parse_url wolfSSL_OCSP_parse_url
-
-#define CyaSSLv23_client_method wolfSSLv23_client_method
-#define CyaSSLv2_client_method  wolfSSLv2_client_method
-#define CyaSSLv2_server_method  wolfSSLv2_server_method
-
-#define CyaSSL_MD4_Init     wolfSSL_MD4_Init
-#define CyaSSL_MD4_Update   wolfSSL_MD4_Update
-#define CyaSSL_MD4_Final    wolfSSL_MD4_Final
-
-
-#define CyaSSL_BIO_new      wolfSSL_BIO_new
-#define CyaSSL_BIO_free     wolfSSL_BIO_free
-#define CyaSSL_BIO_free_all wolfSSL_BIO_free_all
-#define CyaSSL_BIO_read     wolfSSL_BIO_read
-#define CyaSSL_BIO_write    wolfSSL_BIO_write
-#define CyaSSL_BIO_push     wolfSSL_BIO_push
-#define CyaSSL_BIO_pop      wolfSSL_BIO_pop
-#define CyaSSL_BIO_flush    wolfSSL_BIO_flush
-#define CyaSSL_BIO_pending  wolfSSL_BIO_pending
-
-#define CyaSSL_BIO_f_buffer              wolfSSL_BIO_f_buffer
-#define CyaSSL_BIO_set_write_buffer_size wolfSSL_BIO_set_write_buffer_size
-#define CyaSSL_BIO_f_ssl                 wolfSSL_BIO_f_ssl
-#define CyaSSL_BIO_new_socket            wolfSSL_BIO_new_socket
-#define CyaSSL_BIO_eof                   wolfSSL_BIO_eof
-
-#define CyaSSL_BIO_s_mem        wolfSSL_BIO_s_mem
-#define CyaSSL_BIO_f_base64     wolfSSL_BIO_f_base64
-#define CyaSSL_BIO_set_flags    wolfSSL_BIO_set_flags
-#define CyaSSL_BIO_get_mem_data wolfSSL_BIO_get_mem_data
-#define CyaSSL_BIO_new_mem_buf  wolfSSL_BIO_new_mem_buf
-
-
-#define CyaSSL_BIO_set_ssl wolfSSL_BIO_set_ssl
-#define CyaSSL_set_bio     wolfSSL_set_bio
-
-#define CyaSSL_add_all_algorithms wolfSSL_add_all_algorithms
-#define CyaSSL_RAND_screen        wolfSSL_RAND_screen
-#define CyaSSL_RAND_file_name     wolfSSL_RAND_file_name
-#define CyaSSL_RAND_write_file    wolfSSL_RAND_write_file
-#define CyaSSL_RAND_load_file     wolfSSL_RAND_load_file
-#define CyaSSL_RAND_egd           wolfSSL_RAND_egd
-#define CyaSSL_RAND_seed          wolfSSL_RAND_seed
-#define CyaSSL_RAND_add           wolfSSL_RAND_add
-
-#define CyaSSL_COMP_zlib wolfSSL_COMP_zlib
-#define CyaSSL_COMP_rle  wolfSSL_COMP_rle
-#define CyaSSL_COMP_add_compression_method  wolfSSL_COMP_add_compression_method
-#define CyaSSL_set_dynlock_create_callback  wolfSSL_set_dynlock_create_callback
-#define CyaSSL_set_dynlock_lock_callback    wolfSSL_set_dynlock_lock_callback
-#define CyaSSL_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
-#define CyaSSL_get_ex_new_index     wolfSSL_get_ex_new_index
-#define CyaSSL_set_id_callback      wolfSSL_set_id_callback
-#define CyaSSL_set_locking_callback wolfSSL_set_locking_callback
-#define CyaSSL_num_locks            wolfSSL_num_locks
-
-#define CyaSSL_X509_STORE_CTX_get_current_cert wolfSSL_X509_STORE_CTX_get_current_cert
-#define CyaSSL_X509_STORE_CTX_get_error        wolfSSL_X509_STORE_CTX_get_error
-#define CyaSSL_X509_STORE_CTX_get_error_depth  wolfSSL_X509_STORE_CTX_get_error_depth
-
-#define CyaSSL_X509_NAME_oneline            wolfSSL_X509_NAME_oneline
-#define CyaSSL_X509_get_issuer_name         wolfSSL_X509_get_issuer_name
-#define CyaSSL_X509_get_subject_name        wolfSSL_X509_get_subject_name
-#define CyaSSL_X509_ext_isSet_by_NID        wolfSSL_X509_ext_isSet_by_NID
-#define CyaSSL_X509_ext_get_critical_by_NID wolfSSL_X509_ext_get_critical_by_NID
-#define CyaSSL_X509_get_isCA                wolfSSL_X509_get_isCA
-#define CyaSSL_X509_get_isSet_pathLength    wolfSSL_X509_get_isSet_pathLength
-#define CyaSSL_X509_get_pathLength          wolfSSL_X509_get_pathLength
-#define CyaSSL_X509_get_keyUsage            wolfSSL_X509_get_keyUsage
-#define CyaSSL_X509_get_authorityKeyID      wolfSSL_X509_get_authorityKeyID
-#define CyaSSL_X509_get_subjectKeyID        wolfSSL_X509_get_subjectKeyID
-#define CyaSSL_X509_NAME_entry_count        wolfSSL_X509_NAME_entry_count
-#define CyaSSL_X509_NAME_get_text_by_NID    wolfSSL_X509_NAME_get_text_by_NID
-#define CyaSSL_X509_verify_cert             wolfSSL_X509_verify_cert
-#define CyaSSL_X509_verify_cert_error_string wolfSSL_X509_verify_cert_error_string
-#define CyaSSL_X509_get_signature_type      wolfSSL_X509_get_signature_type
-#define CyaSSL_X509_get_signature           wolfSSL_X509_get_signature
-
-#define CyaSSL_X509_LOOKUP_add_dir   wolfSSL_X509_LOOKUP_add_dir
-#define CyaSSL_X509_LOOKUP_load_file wolfSSL_X509_LOOKUP_load_file
-#define CyaSSL_X509_LOOKUP_hash_dir  wolfSSL_X509_LOOKUP_hash_dir
-#define CyaSSL_X509_LOOKUP_file      wolfSSL_X509_LOOKUP_file
-
-#define CyaSSL_X509_STORE_add_lookup wolfSSL_X509_STORE_add_lookup
-#define CyaSSL_X509_STORE_new        wolfSSL_X509_STORE_new
-#define CyaSSL_X509_STORE_free       wolfSSL_X509_STORE_free
-#define CyaSSL_X509_STORE_add_cert   wolfSSL_X509_STORE_add_cert
-#define CyaSSL_X509_STORE_set_default_paths wolfSSL_X509_STORE_set_default_paths
-#define CyaSSL_X509_STORE_get_by_subject    wolfSSL_X509_STORE_get_by_subject
-#define CyaSSL_X509_STORE_CTX_new           wolfSSL_X509_STORE_CTX_new
-#define CyaSSL_X509_STORE_CTX_init          wolfSSL_X509_STORE_CTX_init
-#define CyaSSL_X509_STORE_CTX_free          wolfSSL_X509_STORE_CTX_free
-#define CyaSSL_X509_STORE_CTX_cleanup       wolfSSL_X509_STORE_CTX_cleanup
-
-#define CyaSSL_X509_CRL_get_lastUpdate wolfSSL_X509_CRL_get_lastUpdate
-#define CyaSSL_X509_CRL_get_nextUpdate wolfSSL_X509_CRL_get_nextUpdate
-
-#define CyaSSL_X509_get_pubkey wolfSSL_X509_get_pubkey
-#define CyaSSL_X509_CRL_verify wolfSSL_X509_CRL_verify
-#define CyaSSL_X509_STORE_CTX_set_error  wolfSSL_X509_STORE_CTX_set_error
-#define CyaSSL_X509_OBJECT_free_contents wolfSSL_X509_OBJECT_free_contents
-#define CyaSSL_EVP_PKEY_free             wolfSSL_EVP_PKEY_free
-#define CyaSSL_X509_cmp_current_time     wolfSSL_X509_cmp_current_time
-#define CyaSSL_sk_X509_REVOKED_num       wolfSSL_sk_X509_REVOKED_num
-
-#define CyaSSL_X509_CRL_get_REVOKED     wolfSSL_X509_CRL_get_REVOKED
-#define CyaSSL_sk_X509_REVOKED_value    wolfSSL_sk_X509_REVOKED_value
-#define CyaSSL_X509_get_serialNumber    wolfSSL_X509_get_serialNumber
-#define CyaSSL_ASN1_TIME_print          wolfSSL_ASN1_TIME_print
-#define CyaSSL_ASN1_INTEGER_cmp         wolfSSL_ASN1_INTEGER_cmp
-#define CyaSSL_ASN1_INTEGER_get         wolfSSL_ASN1_INTEGER_get
-#define CyaSSL_load_client_CA_file      wolfSSL_load_client_CA_file
-#define CyaSSL_CTX_set_client_CA_list   wolfSSL_CTX_set_client_CA_list
-#define CyaSSL_X509_STORE_CTX_get_ex_data     wolfSSL_X509_STORE_CTX_get_ex_data
-#define CyaSSL_get_ex_data_X509_STORE_CTX_idx wolfSSL_get_ex_data_X509_STORE_CTX_idx
-#define CyaSSL_get_ex_data                    wolfSSL_get_ex_data
-
-#define CyaSSL_CTX_set_default_passwd_cb_userdata wolfSSL_CTX_set_default_passwd_cb_userdata
-#define CyaSSL_CTX_set_default_passwd_cb          wolfSSL_CTX_set_default_passwd_cb
-#define CyaSSL_CTX_set_info_callback  wolfSSL_CTX_set_info_callback
-#define CyaSSL_ERR_peek_error         wolfSSL_ERR_peek_error
-#define CyaSSL_GET_REASON             wolfSSL_GET_REASON
-#define CyaSSL_alert_type_string_long wolfSSL_alert_type_string_long
-#define CyaSSL_alert_desc_string_long wolfSSL_alert_desc_string_long
-#define CyaSSL_state_string_long      wolfSSL_state_string_long
-
-#define CyaSSL_RSA_generate_key         wolfSSL_RSA_generate_key
-#define CyaSSL_CTX_set_tmp_rsa_callback wolfSSL_CTX_set_tmp_rsa_callback
-#define CyaSSL_PEM_def_callback         wolfSSL_PEM_def_callback
-#define CyaSSL_CTX_sess_accept          wolfSSL_CTX_sess_accept
-#define CyaSSL_CTX_sess_connect         wolfSSL_CTX_sess_connect
-#define CyaSSL_CTX_sess_accept_good     wolfSSL_CTX_sess_accept_good
-#define CyaSSL_CTX_sess_connect_good    wolfSSL_CTX_sess_connect_good
-#define CyaSSL_CTX_sess_accept_renegotiate  wolfSSL_CTX_sess_accept_renegotiate
-#define CyaSSL_CTX_sess_connect_renegotiate wolfSSL_CTX_sess_connect_renegotiate
-#define CyaSSL_CTX_sess_hits                wolfSSL_CTX_sess_hits
-#define CyaSSL_CTX_sess_cb_hits             wolfSSL_CTX_sess_cb_hits
-#define CyaSSL_CTX_sess_cache_full          wolfSSL_CTX_sess_cache_full
-#define CyaSSL_CTX_sess_misses              wolfSSL_CTX_sess_misses
-#define CyaSSL_CTX_sess_timeouts            wolfSSL_CTX_sess_timeouts
-#define CyaSSL_CTX_sess_number              wolfSSL_CTX_sess_number
-#define CyaSSL_CTX_sess_get_cache_size      wolfSSL_CTX_sess_get_cache_size
-
-
-
-/* src/keys.c */
-#define cyassl_triple_des wolfssl_triple_des
-
-/* Initialization and Shutdown */
-#define CyaSSL_Init         wolfSSL_Init
-#define CyaSSL_library_init wolfSSL_library_init
-#define CyaSSL_Cleanup      wolfSSL_Cleanup
-#define CyaSSL_shutdown     wolfSSL_shutdown
-
-/* Certs and keys */
-#define CyaSSL_SetTmpDH                     wolfSSL_SetTmpDH
-#define CyaSSL_KeepArrays                   wolfSSL_KeepArrays
-#define CyaSSL_FreeArrays                   wolfSSL_FreeArrays
-#define CyaSSL_SetTmpDH_file                wolfSSL_SetTmpDH_file
-#define CyaSSL_use_PrivateKey_buffer        wolfSSL_use_PrivateKey_buffer
-#define CyaSSL_use_certificate_buffer       wolfSSL_use_certificate_buffer
-#define CyaSSL_CTX_load_verify_buffer       wolfSSL_CTX_load_verify_buffer
-#define CyaSSL_CTX_use_PrivateKey_file      wolfSSL_CTX_use_PrivateKey_file
-#define CyaSSL_CTX_use_certificate_file     wolfSSL_CTX_use_certificate_file
-#define CyaSSL_CTX_use_PrivateKey_buffer    wolfSSL_CTX_use_PrivateKey_buffer
-#define CyaSSL_CTX_use_certificate_buffer   wolfSSL_CTX_use_certificate_buffer
-#define CyaSSL_use_certificate_chain_buffer wolfSSL_use_certificate_chain_buffer
-#define CyaSSL_CTX_der_load_verify_locations    \
-                                            wolfSSL_CTX_der_load_verify_locations
-#define CyaSSL_CTX_use_certificate_chain_file   \
-                                            wolfSSL_CTX_use_certificate_chain_file
-#define CyaSSL_CTX_use_certificate_chain_buffer \
-                                            wolfSSL_CTX_use_certificate_chain_buffer
-
-/* Context and Session Setup*/
-#define CyaSSL_new                        wolfSSL_new
-#define CyaSSL_free                       wolfSSL_free
-#define CyaSSL_set_fd                     wolfSSL_set_fd
-#define CyaSSL_CTX_new                    wolfSSL_CTX_new
-#define CyaSSL_CTX_free                   wolfSSL_CTX_free
-#define CyaSSL_SetVersion                 wolfSSL_SetVersion
-#define CyaSSL_set_verify                 wolfSSL_set_verify
-#define CyaSSL_set_session                wolfSSL_set_session
-#define CyaSSL_set_timeout                wolfSSL_set_timeout
-#define CyaSSL_CTX_set_verify             wolfSSL_CTX_set_verify
-#define CyaSSL_CTX_set_timeout            wolfSSL_CTX_set_timeout
-#define CyaSSL_set_cipher_list            wolfSSL_set_cipher_list
-#define CyaSSL_set_compression            wolfSSL_set_compression
-#define CyaTLSv1_client_method            wolfTLSv1_client_method
-#define CyaTLSv1_server_method            wolfTLSv1_server_method
-#define CyaSSLv3_client_method            wolfSSLv3_client_method
-#define CyaSSLv3_server_method            wolfSSLv3_server_method
-#define CyaSSLv23_client_method           wolfSSLv23_client_method
-#define CyaSSLv23_server_method           wolfSSLv23_server_method
-#define CyaDTLSv1_client_method           wolfDTLSv1_client_method
-#define CyaDTLSv1_server_method           wolfDTLSv1_server_method
-#define CyaSSL_check_domain_name          wolfSSL_check_domain_name
-#define CyaTLSv1_1_client_method          wolfTLSv1_1_client_method
-#define CyaTLSv1_1_server_method          wolfTLSv1_1_server_method
-#define CyaTLSv1_2_client_method          wolfTLSv1_2_client_method
-#define CyaTLSv1_2_server_method          wolfTLSv1_2_server_method
-#define CyaDTLSv1_2_client_method         wolfDTLSv1_2_client_method
-#define CyaDTLSv1_2_server_method         wolfDTLSv1_2_server_method
-#define CyaSSL_set_group_messages         wolfSSL_set_group_messages
-#define CyaSSL_CTX_set_cipher_list        wolfSSL_CTX_set_cipher_list
-#define CyaSSL_CTX_set_group_messages     wolfSSL_CTX_set_group_messages
-#define CyaSSL_CTX_set_session_cache_mode wolfSSL_CTX_set_session_cache_mode
-
-/* Callbacks */
-
-/*
- * Empty comment denotes not listed in CyaSSL Manual
- * (soon to be wolfSSL Manual)
- */
-
-#define CyaSSL_accept_ex              wolfSSL_accept_ex
-#define CyaSSL_SetIORecv              wolfSSL_CTX_SetIORecv
-#define CyaSSL_SetIOSend              wolfSSL_CTX_SetIOSend
-#define CyaSSL_connect_ex             wolfSSL_connect_ex
-#define CyaSSL_CTX_SetCACb            wolfSSL_CTX_SetCACb
-#define CyaSSL_SetIOReadCtx           wolfSSL_SetIOReadCtx
-#define CyaSSL_SetRsaEncCtx           wolfSSL_SetRsaEncCtx
-#define CyaSSL_GetRsaEncCtx           wolfSSL_GetRsaEncCtx
-#define CyaSSL_SetRsaDecCtx           wolfSSL_SetRsaDecCtx
-#define CyaSSL_GetRsaDecCtx           wolfSSL_GetRsaDecCtx
-#define CyaSSL_SetLoggingCb           wolfSSL_SetLoggingCb
-#define CyaSSL_SetEccSignCtx          wolfSSL_SetEccSignCtx
-#define CyaSSL_GetEccSignCtx          wolfSSL_GetEccSignCtx
-#define CyaSSL_SetRsaSignCtx          wolfSSL_SetRsaSignCtx
-#define CyaSSL_GetRsaSignCtx          wolfSSL_GetRsaSignCtx
-#define CyaSSL_SetIOWriteCtx          wolfSSL_SetIOWriteCtx
-#define CyaSSL_SetIOReadFlags         wolfSSL_SetIOReadFlags
-#define CyaSSL_SetEccVerifyCtx        wolfSSL_SetEccVerifyCtx
-#define CyaSSL_GetEccVerifyCtx        wolfSSL_GetEccVerifyCtx
-#define CyaSSL_SetRsaVerifyCtx        wolfSSL_SetRsaVerifyCtx
-#define CyaSSL_GetRsaVerifyCtx        wolfSSL_GetRsaVerifyCtx
-#define CyaSSL_CTX_SetRsaEncCb        wolfSSL_CTX_SetRsaEncCb
-#define CyaSSL_CTX_SetRsaDecCb        wolfSSL_CTX_SetRsaDecCb
-#define CyaSSL_SetIOWriteFlags        wolfSSL_SetIOWriteFlags
-#define CyaSSL_SetTlsHmacInner        wolfSSL_SetTlsHmacInner
-#define CyaSSL_SetMacEncryptCtx       wolfSSL_SetMacEncryptCtx
-#define CyaSSL_GetMacEncryptCtx       wolfSSL_GetMacEncryptCtx
-#define CyaSSL_CTX_SetEccSignCb       wolfSSL_CTX_SetEccSignCb
-#define CyaSSL_CTX_SetRsaSignCb       wolfSSL_CTX_SetRsaSignCb
-#define CyaSSL_CTX_SetEccVerifyCb     wolfSSL_CTX_SetEccVerifyCb
-#define CyaSSL_CTX_SetRsaVerifyCb     wolfSSL_CTX_SetRsaVerifyCb
-#define CyaSSL_CTX_SetMacEncryptCb    wolfSSL_CTX_SetMacEncryptCb
-#define CyaSSL_SetDecryptVerifyCtx    wolfSSL_SetDecryptVerifyCtx
-#define CyaSSL_GetDecryptVerifyCtx    wolfSSL_GetDecryptVerifyCtx
-#define CyaSSL_CTX_SetDecryptVerifyCb wolfSSL_CTX_SetDecryptVerifyCb
-
-/* psk specific */
-#ifndef NO_PSK
-
-#define CyaSSL_get_psk_identity          wolfSSL_get_psk_identity          /**/
-#define CyaSSL_get_psk_identity_hint     wolfSSL_get_psk_identity_hint     /**/
-#define CyaSSL_use_psk_identity_hint     wolfSSL_use_psk_identity_hint     /**/
-#define CyaSSL_set_psk_client_callback   wolfSSL_set_psk_client_callback   /**/
-#define CyaSSL_set_psk_server_callback   wolfSSL_set_psk_server_callback   /**/
-#define CyaSSL_CTX_use_psk_identity_hint wolfSSL_CTX_use_psk_identity_hint /**/
-#define CyaSSL_CTX_set_psk_client_callback \
-                                      wolfSSL_CTX_set_psk_client_callback  /**/
-#define CyaSSL_CTX_set_psk_server_callback \
-                                      wolfSSL_CTX_set_psk_server_callback  /**/
-
-#endif
-/* end psk specific */
-
-/* Anonymous */
-#define CyaSSL_CTX_allow_anon_cipher wolfSSL_CTX_allow_anon_cipher         /**/
-
-/* Error Handling and Debugging*/
-#define CyaSSL_get_error           wolfSSL_get_error
-#define CyaSSL_want_read           wolfSSL_want_read
-#define CyaSSL_want_write          wolfSSL_want_write
-#define CyaSSL_Debugging_ON        wolfSSL_Debugging_ON
-#define CyaSSL_Debugging_OFF       wolfSSL_Debugging_OFF
-#define CyaSSL_ERR_error_string    wolfSSL_ERR_error_string
-#define CyaSSL_load_error_strings  wolfSSL_load_error_strings
-#define CyaSSL_ERR_error_string_n  wolfSSL_ERR_error_string_n
-#define CyaSSL_ERR_print_errors_fp wolfSSL_ERR_print_errors_fp
-
-/* OCSP and CRL */
-
-/*
- * Empty comment denotes not listed in CyaSSL Manual
- * (soon to be wolfSSL Manual)
- */
-
-#define CYASSL_CRL_MONITOR               WOLFSSL_CRL_MONITOR               /**/
-#define CYASSL_CRL_START_MON             WOLFSSL_CRL_START_MON             /**/
-#define CYASSL_OCSP_NO_NONCE             WOLFSSL_OCSP_NO_NONCE             /**/
-#define CYASSL_OCSP_URL_OVERRIDE         WOLFSSL_OCSP_URL_OVERRIDE
-#define CYASSL_OCSP_CHECKALL             WOLFSSL_OCSP_CHECKALL
-
-#define CyaSSL_CTX_EnableOCSP            wolfSSL_CTX_EnableOCSP
-#define CyaSSL_CTX_OCSP_set_options      wolfSSL_CTX_OCSP_set_options      /**/
-#define CyaSSL_CTX_SetOCSP_OverrideURL   wolfSSL_CTX_SetOCSP_OverrideURL   /**/
-#define CyaSSL_CTX_OCSP_set_override_url wolfSSL_CTX_OCSP_set_override_url /**/
-
-/* Informational */
-#define CyaSSL_GetSide            wolfSSL_GetSide
-#define CyaSSL_IsTLSv1_1          wolfSSL_IsTLSv1_1
-#define CyaSSL_GetKeySize         wolfSSL_GetKeySize
-#define CyaSSL_GetHmacSize        wolfSSL_GetHmacSize
-#define CyaSSL_GetHmacType        wolfSSL_GetHmacType
-#define CyaSSL_GetMacSecret       wolfSSL_GetMacSecret
-#define CyaSSL_GetObjectSize      wolfSSL_GetObjectSize
-#define CyaSSL_GetBulkCipher      wolfSSL_GetBulkCipher
-#define CyaSSL_GetCipherType      wolfSSL_GetCipherType
-#define CyaSSL_GetAeadMacSize     wolfSSL_GetAeadMacSize
-#define CyaSSL_GetClientWriteIV   wolfSSL_GetClientWriteIV
-#define CyaSSL_GetServerWriteIV   wolfSSL_GetServerWriteIV
-#define CyaSSL_GetClientWriteKey  wolfSSL_GetClientWriteKey
-#define CyaSSL_GetServerWriteKey  wolfSSL_GetServerWriteKey
-#define CyaSSL_GetCipherBlockSize wolfSSL_GetCipherBlockSize
-
-/* Connection, Session, and I/O */
-#define CyaSSL_peek               wolfSSL_peek
-#define CyaSSL_read               wolfSSL_read
-#define CyaSSL_recv               wolfSSL_recv
-#define CyaSSL_send               wolfSSL_send
-#define CyaSSL_write              wolfSSL_write
-#define CyaSSL_writev             wolfSSL_writev
-#define CyaSSL_accept             wolfSSL_accept
-#define CyaSSL_get_fd             wolfSSL_get_fd
-#define CyaSSL_connect            wolfSSL_connect
-#define CyaSSL_pending            wolfSSL_pending
-#define CyaSSL_negotiate          wolfSSL_negotiate
-#define CyaSSL_get_session        wolfSSL_get_session
-#define CyaSSL_connect_cert       wolfSSL_connect_cert
-#define CyaSSL_flush_sessions     wolfSSL_flush_sessions
-#define CyaSSL_get_using_nonblock wolfSSL_get_using_nonblock
-#define CyaSSL_PrintSessionStats  wolfSSL_PrintSessionStats
-
-/* DTLS Specific */
-#define CyaSSL_dtls                     wolfSSL_dtls
-#define CyaSSL_dtls_set_peer            wolfSSL_dtls_set_peer
-#define CyaSSL_dtls_get_peer            wolfSSL_dtls_get_peer
-#define CyaSSL_dtls_got_timeout         wolfSSL_dtls_got_timeout
-#define CyaSSL_dtls_get_current_timeout wolfSSL_dtls_get_current_timeout
-#define CyaSSL_set_using_nonblock       wolfSSL_dtls_set_using_nonblock
-
-/* Certificate Manager */
-#define CyaSSL_CertManagerNew          wolfSSL_CertManagerNew
-#define CyaSSL_CertManagerFree         wolfSSL_CertManagerFree
-#define CyaSSL_CertManagerLoadCA       wolfSSL_CertManagerLoadCA
-#define CyaSSL_CertManagerVerify       wolfSSL_CertManagerVerify
-#define CyaSSL_CertManagerEnableCRL    wolfSSL_CertManagerEnableCRL
-#define CyaSSL_CertManagerDisableCRL   wolfSSL_CertManagerDisableCRL
-#define CyaSSL_CertManagerVerifyBuffer wolfSSL_CertManagerVerifyBuffer
-#ifndef NO_CERTS
-	#define CyaSSL_CertManagerCheckCRL   wolfSSL_CertManagerCheckCRL
-	#define CyaSSL_CertManagerLoadCRL    wolfSSL_CertManagerLoadCRL
-	#define CyaSSL_CertManagerSetCRL_Cb  wolfSSL_CertManagerSetCRL_Cb
-	#define CyaSSL_CertManagerCheckOCSP  wolfSSL_CertManagerCheckOCSP
-	#define CyaSSL_CertManagerSetOCSP_Cb wolfSSL_CertManagerSetOCSP_Cb
-	#define CyaSSL_CertManagerSetOCSPOverrideURL \
-                                          wolfSSL_CertManagerSetOCSPOverrideURL
-
-	#define CyaSSL_DisableCRL          wolfSSL_DisableCRL
-	#define CyaSSL_EnableOCSP          wolfSSL_EnableOCSP
-	#define CyaSSL_DisableOCSP         wolfSSL_DisableOCSP
-	#define CyaSSL_SetOCSP_OverrideURL wolfSSL_SetOCSP_OverrideURL
-	#define CyaSSL_SetOCSP_Cb          wolfSSL_SetOCSP_Cb
-
-	#define CyaSSL_CTX_EnableCRL   wolfSSL_CTX_EnableCRL
-	#define CyaSSL_CTX_DisableCRL  wolfSSL_CTX_DisableCRL
-	#define CyaSSL_CTX_LoadCRL     wolfSSL_CTX_LoadCRL
-	#define CyaSSL_CTX_SetCRL_Cb   wolfSSL_CTX_SetCRL_Cb
-	#define CyaSSL_CTX_DisableOCSP wolfSSL_CTX_DisableOCSP
-	#define CyaSSL_CTX_SetOCSP_Cb  wolfSSL_CTX_SetOCSP_Cb
-#endif /* !NO_CERTS */
-
-
-/* OpenSSL Compatibility Layer */
-#define CyaSSL_get_sessionID              wolfSSL_get_sessionID
-#define CyaSSL_get_peer_count             wolfSSL_get_peer_count
-#define CyaSSL_get_chain_cert             wolfSSL_get_chain_cert
-#define CyaSSL_get_peer_chain             wolfSSL_get_peer_chain
-#define CyaSSL_get_peer_length            wolfSSL_get_peer_length
-#define CyaSSL_get_chain_cert_pem         wolfSSL_get_chain_cert_pem
-#define CyaSSL_use_PrivateKey_file        wolfSSL_use_PrivateKey_file
-#define CyaSSL_use_certificate_file       wolfSSL_use_certificate_file
-#define CyaSSL_use_RSAPrivateKey_file     wolfSSL_use_RSAPrivateKey_file
-#define CyaSSL_X509_get_serial_number     wolfSSL_X509_get_serial_number
-#define CyaSSL_CTX_use_RSAPrivateKey_file wolfSSL_CTX_use_RSAPrivateKey_file
-#define CyaSSL_use_certificate_chain_file wolfSSL_use_certificate_chain_file
-
-/* TLS Extensions */
-#define CYASSL_SNI_HOST_NAME         WOLFSSL_SNI_HOST_NAME
-
-#define CyaSSL_UseSNI                wolfSSL_UseSNI
-#define CyaSSL_CTX_UseSNI            wolfSSL_CTX_UseSNI
-#define CyaSSL_SNI_SetOptions        wolfSSL_SNI_SetOptions
-#define CyaSSL_SNI_GetRequest        wolfSSL_SNI_GetRequest
-#define CyaSSL_UseMaxFragment        wolfSSL_UseMaxFragment
-#define CyaSSL_UseTruncatedHMAC      wolfSSL_UseTruncatedHMAC
-#define CyaSSL_UseSupportedCurve     wolfSSL_UseSupportedCurve
-#define CyaSSL_SNI_GetFromBuffer     wolfSSL_SNI_GetFromBuffer
-#define CyaSSL_CTX_SNI_SetOptions    wolfSSL_CTX_SNI_SetOptions
-#define CyaSSL_CTX_UseMaxFragment    wolfSSL_CTX_UseMaxFragment
-#define CyaSSL_CTX_UseTruncatedHMAC  wolfSSL_CTX_UseTruncatedHMAC
-#define CyaSSL_CTX_UseSupportedCurve wolfSSL_CTX_UseSupportedCurve
-
-/* End wolfssl -> cyassl -> openssl compatibility */
-
-/* JRB macro redefinitions and api calls for cryptography for reverse compat. */
-
-#ifdef WOLFSSL_SMALL_STACK
-    #define CYASSL_SMALL_STACK
-#endif
-
-
-/*
- * wrapper around macros until they are changed in cyassl code
- * needs investigation in regards to macros in fips
- */
-#ifdef NO_CYASSL_ALLOC_ALIGN
-#define NO_WOLFSSL_ALLOC_ALIGN NO_CYASSL_ALLOC_ALIGN
-#endif
-
-
-/* examples/client/client.h */
-#define CYASSL_THREAD WOLFSSL_THREAD
-#ifdef WOLFSSL_DTLS
-    #define CYASSL_DTLS   WOLFSSL_DTLS
-#endif
-
-/* examples/client/client.c */
-#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
-
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
-
-
-#endif /* CyaSSL_openssl_h__ */
diff --git a/extra/wolfssl/wolfssl/cyassl/test.h b/extra/wolfssl/wolfssl/cyassl/test.h
deleted file mode 100644
index 428b141b..00000000
--- a/extra/wolfssl/wolfssl/cyassl/test.h
+++ /dev/null
@@ -1,3 +0,0 @@
-/* test.h */
-
-#include <wolfssl/test.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/version.h b/extra/wolfssl/wolfssl/cyassl/version.h
deleted file mode 100644
index c5017f51..00000000
--- a/extra/wolfssl/wolfssl/cyassl/version.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/* cyassl/version.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/version.h>
-
-#define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING
-#define LIBCYASSL_VERSION_HEX LIBWOLFSSL_VERSION_HEX
-
diff --git a/extra/wolfssl/wolfssl/cyassl/version.h.in b/extra/wolfssl/wolfssl/cyassl/version.h.in
deleted file mode 100644
index cbebca82..00000000
--- a/extra/wolfssl/wolfssl/cyassl/version.h.in
+++ /dev/null
@@ -1,23 +0,0 @@
-/* cyassl_version.h.in
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-
-#include <wolfssl/version.h.in>
diff --git a/extra/wolfssl/wolfssl/debian/changelog.in b/extra/wolfssl/wolfssl/debian/changelog.in
new file mode 100644
index 00000000..750d6304
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/changelog.in
@@ -0,0 +1,7 @@
+wolfssl (@VERSION@) stable; urgency=medium
+
+  * For a full changelog see
+    https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md
+
+ -- wolfSSL <support@wolfssl.com>  @WOLFSSL_BUILD_DATE@
+
diff --git a/extra/wolfssl/wolfssl/debian/control.in b/extra/wolfssl/wolfssl/debian/control.in
new file mode 100644
index 00000000..c334d279
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/control.in
@@ -0,0 +1,44 @@
+Source: wolfssl
+Maintainer: wolfSSL <support@wolfssl.com>
+Section: libs
+Priority: optional
+Standards-Version: 4.6.2
+Build-Depends: debhelper-compat (= 13)
+Vcs-Git: https://github.com/wolfSSL/wolfssl.git
+Vcs-browser: https://github.com/wolfSSL/wolfssl
+Homepage: https://www.wolfssl.com/
+
+Package: libwolfssl
+Architecture: any
+Section: libs
+Priority: optional
+Pre-Depends:
+Depends:
+ ${shlibs:Depends},
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
+Package: libwolfssl-dev
+Architecture: any
+Section: libdevel
+Priority: optional
+Pre-Depends:
+Depends:
+ libwolfssl (= ${binary:Version}),
+ ${misc:Depends}
+Description: wolfSSL encryption library
+ The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight SSL/TLS
+ library written in ANSI C and targeted for embedded, RTOS, and
+ resource-constrained environments - primarily because of its small size, speed,
+ and feature set. It is commonly used in standard operating environments as well
+ because of its royalty-free pricing and excellent cross platform support.
+ wolfSSL supports industry standards up to the current TLS 1.3 and DTLS 1.3
+ levels.
+
diff --git a/extra/wolfssl/wolfssl/debian/copyright b/extra/wolfssl/wolfssl/debian/copyright
new file mode 100644
index 00000000..66fcda66
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/copyright
@@ -0,0 +1,217 @@
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: wolfssl
+Upstream-Contact: David Garske <david@wolfssl.com>
+Source: https://github.com/wolfssl/wolfssl/releases
+
+Files:
+ *
+Copyright:
+ 2006-2023 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ zephyr/Kconfig
+Copyright:
+ 2016 Intel Corporation
+License: Apache-2.0
+
+Files:
+ zephyr/Kconfig.tls-generic
+Copyright:
+ 2018 Intel Corporation
+ 2018 Nordic Semiconductor ASA
+License: Apache-2.0
+
+Files:
+ wolfcrypt/src/camellia.c
+ wolfssl/wolfcrypt/camellia.h
+Copyright:
+ 2006-2007 NTT (Nippon Telegraph and Telephone Corporation)
+ 2006-2016 wolfSSL Inc.
+License: GPL-2+
+
+Files:
+ m4/ax_append_link_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_pthread.m4
+Copyright:
+ 2008 Steven G. Johnson <stevenj@alum.mit.edu>
+ 2011 Daniel Richard G. <skunk@iSKUNK.ORG>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_check_library.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_flag.m4
+ m4/ax_check_compile_flag.m4
+ m4/ax_check_link_flag.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_append_compile_flags.m4
+Copyright:
+ 2011 Maarten Bosmans <mkbosmans@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_tls.m4
+Copyright:
+ 2008 Alan Woodland <ajw05@aber.ac.uk>
+ 2010 Diego Elio Petteno` <flameeyes@gmail.com>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_create_generic_config.m4
+Copyright:
+ 2008 Guido U. Draheim <guidod@gmx.de>
+License: GPL-3+-with-autoconf
+
+Files:
+ m4/ax_compiler_version.m4
+ m4/ax_debug.m4
+ m4/ax_harden_compiler_flags.m4
+ m4/ax_vcs_checkout.m4
+Copyright:
+ 2012 Brian Aker
+License: BSD-3-clause
+
+Files:
+ m4/ax_append_to_file.m4
+ m4/ax_file_escapes.m4
+ m4/ax_print_to_file.m4
+Copyright:
+ 2008 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_add_am_macro.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_am_jobserver.m4
+Copyright:
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+License: FSFAP
+
+Files:
+ m4/ax_am_macros.m4
+Copyright:
+ 2009 Tom Howard <tomhoward@users.sf.net
+License: FSFAP
+
+Files:
+ m4/ax_count_cpus.m4
+Copyright:
+ 2012 Brian Aker <brian@tangent.org>
+ 2008 Michael Paul Bailey <jinxidoru@byu.net>
+ 2008 Christophe Tournayre <turn3r@users.sourceforge.net>
+License: FSFAP
+
+Files:
+ debian/*
+Copyright:
+ 2014-2022 Felix Lechner <felix.lechner@lease-up.com>
+License: GPL-2+
+
+
+License: FSFAP
+ Copying and distribution of this file, with or without modification, are
+ permitted in any medium without royalty provided the copyright notice
+ and this notice are preserved. This file is offered as-is, without any
+ warranty.
+
+
+License: GPL-2+
+ This package is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+ .
+ This package is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>
+ .
+ On Debian systems, the complete text of the GNU General
+ Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
+
+
+License: GPL-3+-with-autoconf
+ This program is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by the
+ Free Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+ .
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
+ Public License for more details.
+ .
+ You should have received a copy of the GNU General Public License along
+ with this program. If not, see <http://www.gnu.org/licenses/>.
+ .
+ As a special exception, the respective Autoconf Macro's copyright owner
+ gives unlimited permission to copy, distribute and modify the configure
+ scripts that are the output of Autoconf when processing the Macro. You
+ need not follow the terms of the GNU General Public License when using
+ or distributing such scripts, even though portions of the text of the
+ Macro appear in them. The GNU General Public License (GPL) does govern
+ all other use of the material that constitutes the Autoconf Macro.
+ .
+ This special exception to the GPL applies to versions of the Autoconf
+ Macro released by the Autoconf Archive. When you make and distribute a
+ modified version of the Autoconf Macro, you may extend this special
+ exception to the GPL to apply to your modified version as well.
+
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+     * Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+     * Redistributions in binary form must reproduce the above
+ copyright notice, this list of conditions and the following disclaimer
+ in the documentation and/or other materials provided with the
+ distribution.
+ .
+     * The names of its contributors may not be used to endorse or
+ promote products derived from this software without specific prior
+ written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+License: Apache-2.0
+ On modern Debian systems, the text of this license can be found
+ at:  /usr/share/common-licenses/Apache-2.0
+
diff --git a/extra/wolfssl/wolfssl/debian/include.am b/extra/wolfssl/wolfssl/debian/include.am
new file mode 100644
index 00000000..e6f932b8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/debian/include.am
@@ -0,0 +1,77 @@
+# vim:ft=automake
+
+DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH)
+
+deb:
+# Setup meta folders
+	mkdir -p debian/libwolfssl/DEBIAN debian/libwolfssl-dev/DEBIAN
+# "Install" wolfSSL
+	make install exec_prefix=$(CURDIR)/debian/libwolfssl/usr \
+		prefix=$(CURDIR)/debian/libwolfssl-dev/usr
+# deb shared lib stuff
+	fakeroot dh_makeshlibs
+	dh_shlibdeps
+	dh_installdeb
+# Generate the lib and src descriptions
+	fakeroot dh_gencontrol
+# Make adjustments to the package structure and to satisfy lintian checks
+# Correct doc dir name
+	@rm -rf debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+	@mv debian/libwolfssl-dev/usr/share/doc/wolfssl \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Clear lib folder
+	@rm -rf debian/libwolfssl-dev/usr/lib
+	@mkdir -p debian/libwolfssl-dev/usr/lib
+# Move the top level .so into the dev pkg
+	@mv debian/libwolfssl/usr/lib/libwolfssl.so debian/libwolfssl-dev/usr/lib
+# Create correct pkg doc dir
+	@rm -rf debian/libwolfssl/usr/share/doc/libwolfssl
+	@mkdir -p debian/libwolfssl/usr/share/doc/libwolfssl
+# Place changelog
+	@gzip -n -9 -c debian/changelog | \
+		tee debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz > \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz
+# Place copyright
+	@cp debian/copyright debian/libwolfssl/usr/share/doc/libwolfssl
+	@cp debian/copyright debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev
+# Remove .la file https://wiki.debian.org/ReleaseGoals/LAFileRemoval
+	@rm debian/libwolfssl/usr/lib/libwolfssl.la
+# Strip unwanted symbols
+# https://www.debian.org/doc/debian-policy/ch-files.html#binaries
+	@strip --strip-unneeded debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+# Place pkgconfig so that it is available for cross-compilation
+# https://lintian.debian.org/tags/pkg-config-unavailable-for-cross-compilation
+	@rm -rf debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+	@mkdir -p debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+	@mv debian/libwolfssl/usr/lib/pkgconfig \
+		debian/libwolfssl/usr/lib/$(DEB_HOST_MULTIARCH)
+# Set the expected access rules
+	@chmod 644 debian/libwolfssl/usr/lib/libwolfssl.so.*.*.*
+	@chmod 644 debian/libwolfssl/usr/share/doc/libwolfssl/changelog.gz \
+		debian/libwolfssl/usr/share/doc/libwolfssl/copyright \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/changelog.gz \
+		debian/libwolfssl-dev/usr/share/doc/libwolfssl-dev/copyright
+# Do this as the last step to mark all directories with the correct access bits
+	@find debian/libwolfssl*/usr -type d | xargs chmod 755
+# Generate debs
+	dpkg-deb --root-owner-group -b debian/libwolfssl .
+	dpkg-deb --root-owner-group -b debian/libwolfssl-dev .
+# Check that everything is correct with lintian
+# - we don't provide a manual page for wolfssl-config
+# - we don't care about matching the soname for our debs
+	lintian *.deb --fail-on error,warning --tag-display-limit 0 \
+		--suppress-tags no-manual-page,package-name-doesnt-match-sonames
+# Clean up the working dirs
+	make deb-clean
+
+deb-docker:
+	docker build -t "debian-builder:Dockerfile" Docker/packaging/debian
+	docker run --rm -v $(CURDIR):/opt/wolfssl debian-builder:Dockerfile \
+		bash -c 'cd /opt/wolfssl && ./config.status --recheck && make deb && \
+				make clean deb-clean &> /dev/null'
+# To allow the user to keep using the configuration on the host
+	@./config.status --recheck &> /dev/null
+
+deb-clean:
+	rm -rf debian/libwolfssl debian/libwolfssl-dev debian/files \
+		debian/*.substvars debian/.debhelper
diff --git a/extra/wolfssl/wolfssl/doc/QUIC.md b/extra/wolfssl/wolfssl/doc/QUIC.md
index b2ab0196..3ab3f8de 100644
--- a/extra/wolfssl/wolfssl/doc/QUIC.md
+++ b/extra/wolfssl/wolfssl/doc/QUIC.md
@@ -57,7 +57,7 @@ The separation of HTTP/3 and QUIC is natural when you think about the relationsh
 
 The separation of QUIC's "crypto" parts from its other protocol enabling functions is a matter of security. In its experimental beginnings, QUIC had its own security design. With the emerging TLSv1.3 and all it improvements, plus decades of experience, it seemed rather unwise to have something separate in QUIC.
 
-Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementors happily make use of existing TLS libraries. 
+Therefore, the complete TLSv1.3 handshake became part of the QUIC protocol, with some restrictions and simplifications (UDP based QUIC does not accommodate broken TCP middle boxes). With the need for a complete TLSv1.3 stack, QUIC implementers happily make use of existing TLS libraries. 
 
 ## wolfSSL API
 
diff --git a/extra/wolfssl/wolfssl/doc/check_api.sh b/extra/wolfssl/wolfssl/doc/check_api.sh
index 612ee924..35b71a21 100755
--- a/extra/wolfssl/wolfssl/doc/check_api.sh
+++ b/extra/wolfssl/wolfssl/doc/check_api.sh
@@ -21,7 +21,7 @@ while read h_file; do
         api_count="$(wc -l < dox_api.txt)"
         match_count="$(grep -Ff dox_api.txt wolf_api.txt | wc -l)"
         if [ "$api_count" != "$match_count" ]; then
-            echo "Mistmatch"
+            echo "Mismatch"
             echo "Dox_api: $api_count"
             echo "Matched_api: $match_count"
             echo "Header file: $h_file"
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
index 9db335ed..51ff301e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/aes.h
@@ -1,12 +1,12 @@
 /*!
-    \ingroup AES 
-    \brief  ��関数��キーを設定���期化ベクトルを設定�る���AES構造を�期化���。
-    \return 0  キー��期化ベクトルを正常�設定���。
-    \return BAD_FUNC_ARG  キー�長��無効�場��返�れ��。
-    \param aes  変更�るAES構造���インタ
-    \param key  暗�化�復�化����16,24����32�イト�秘密�
-    \param len  渡�れ�キー�長�
-    \param iv  キーを�期化�る���使用�れる�期化ベクトル���インタ
+    \ingroup AES
+    \brief  ��関数���を設定���期化ベクトルを設定�る���Aes構造体を�期化���。
+    \return 0  ���期化ベクトルを正常�設定����
+    \return BAD_FUNC_ARG  ��長��無効�場��返�れ��。
+    \param aes  変更�るAes構造体���インタ
+    \param key  暗�化�復�����16,24����32�イト�秘密�
+    \param len  渡�れ���長�
+    \param iv  �を�期化�る���使用�れる�期化ベクトル���インタ
     _Example_
     \code
     Aes enc;
@@ -25,11 +25,11 @@ int  wc_AesSetKey(Aes* aes, const byte* key, word32 len,
                               const byte* iv, int dir);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��特定�AESオブジェクト��期化ベクトルを設定���。AESオブジェクト����関数を呼�出����期化�れる����。
+    \ingroup AES
+    \brief  ��関数��指定�れ�Aes構造体��期化ベクトルを設定���。Aes構造体����関数を呼�出����期化�れ��る���必���。
     \return 0  �期化ベクトルを正常�設定���。
-    \return BAD_FUNC_ARG  AES�インタ�NULL�場��返�れ��。
-    \param aes  �期化ベクトルを設定�るAES構造���インタ
+    \return BAD_FUNC_ARG  Aes構造体���インタ�NULL�場��返�れ��。
+    \param aes  �期化ベクトルを設定�るAes構造体���インタ
     _Example_
     \code
     Aes enc;
@@ -45,11 +45,19 @@ int  wc_AesSetKey(Aes* aes, const byte* key, word32 len,
 int  wc_AesSetIV(Aes* aes, const byte* iv);
 
 /*!
-    \ingroup AES 
-    \brief  入力�ッファー�ら平文メッセージを暗�化��AES�Cipher Block Chainingを使用��出力�ッファ�出力�ッファー�入れ��。��機能��メッセージ�暗�化�れる��AESSetKeyを呼�出����よ��AESオブジェクト��期化�れ��る��を必�����。��関数��入力メッセージ�AESブロック長��る�仮定��入力�れ�長��ブロック長��数��る��を想定���る���ビルド構��WolfSSL_AES_CBC_LENGTH_CHECKS�定義�れ��る場��任��択��ェック�よ��用�れ��。ブロック多入力を�証�る����PKCS＃7スタイル�パディングを事��追加�る必���り��。�れ��������パディングを追加�るOpenSSL AES-CBCメソッド��異�り��。WOLFSSL�対応�るOpenSSL関数を相互�用�る���OpenSSLコマンドライン関数�-nopadオプションを指定���WolfSSL AESCCENCRYPTメソッド�よ��動作��暗�化中�追加�パディングを追加���ん。
+    \ingroup AES
+    \brief  入力�ッファ�平文メッセージを暗�化��AES�Cipher Block Chainingを使用��出力�ッファ�出力���。
+    ��関数呼�出����メッセージ�暗�化��wc_AesSetKeyを呼�出��AESオブジェクト��期化�れ��る必���り��。
+    ��関数��入力メッセージ�AESブロック長��る�仮定��入力�れ�長��ブロック長��数��る��を想定���る���
+    ビルド構��WOLFSSL_AES_CBC_LENGTH_CHECKS�定義�れ��る場��任��択��ェック�よ��用�れ��。
+    ブロック多入力を�証�る����PKCS#7スタイル�パディングを事��追加�る必���り��。
+    �れ�自動的�パディングを追加�るOpenSSL AES-CBCメソッド��異�り��。
+    WOLFSSL�対応�るOpenSSL関数を相互�用�る���OpenSSLコマンドライン関数�-nopadオプションを指定���
+    wolfSSL_AesCbcEncryptメソッド�よ��動作��暗�化中�追加�パディングを追加���ん。
+
     \return 0  メッセージ�暗�化��功����。
-    \return BAD_ALIGN_E:  ブロック整列誤差�返�れる�能性��り��
-    \return BAD_LENGTH_E  入力長�AESブロック長��数���場���ライブラリー�wolfssl_aes_cbc_length_checks�構築�れ��る場��返�れ��。
+    \return BAD_ALIGN_E:  ブロックアライメントエラー検出時�返�れる�能性��り��
+    \return BAD_LENGTH_E  ライブラリー�WOLFSSL_AES_CBC_LENGTH_CHECKS�構築�れ��る場���入力長�AESブロック長��数���場��返�れ��。
     \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
     \param out  暗�化�れ�メッセージ�暗�文を格��る出力�ッファ���インタ
     \param in  暗�化�れるメッセージを�む入力�ッファ���インタ
@@ -73,14 +81,22 @@ int  wc_AesCbcEncrypt(Aes* aes, byte* out,
                                   const byte* in, word32 sz);
 
 /*!
-    \ingroup AES 
-    \brief  入力�ッファー�ら暗�を復�化��AES�Cipher Block Chainingを使用��出力�ッファ�出力�ッファー�入れ��。��機能��メッセージ�復�化�れる��AESSetKeyを呼�出����よ��AES構造��期化�れ��る��を必�����。��関数��元�メッセージ�AESブロック長�整列�����仮定��入力�れ�長��ブロック長��数��る�予想�����。�れ�OpenSSL AES-CBCメソッド��異�り��。�れ��PKCS＃7パディングを自動的�追加�る���ブロックマル�入力を必�����ん。WolfSSL機能��等�OpenSSL関数を相互�用�る���OpenSSLコマンドライン関数�-nopadオプションを指定��wolfssl aescbceNcryptメソッド�よ��動作��復�化中�エラーを発生����ん。
-    \return 0  メッセージを正常�復�化���。
-    \return BAD_ALIGN_E  ブロック整列エラー�返�れる�能性��り��。
-    \return BAD_LENGTH_E  入力長�AESブロック長��数���場���ライブラリー�wolfssl_aes_cbc_length_checks�構築�れ��る場��返�れ��。
-    \param aes  データを復�化�る���使用�れるAESオブジェクト���インタ。
-    \param out  復�化�れ�メッセージ�プレーンテキストを�存�る出力�ッファ���インタ。
-    \param in  復�化�る暗�テキストを�む入力�ッファ���インタ。
+    \ingroup AES
+    \brief  入力�ッファ�ら�暗�メッセージを復���AES�Cipher Block Chainingを使用��出力�ッファ�出力���。
+    ��関数呼�出����メッセージ�暗�化��wc_AesSetKeyを呼�出��AESオブジェクト��期化�れ��る必���り��。
+    ��関数��元�メッセージ�AESブロック長�整列�����仮定��入力�れ�長��ブロック長��数��る�予想�����。
+    �れ�OpenSSL AES-CBCメソッド��異�り��。�れ��PKCS#7パディングを自動的�追加�る���ブロックマル�入力を必�����ん。
+    wolfSSL機能��等�OpenSSL関数を相互�用�る���OpenSSLコマンドライン関数�-nopadオプションを指定��
+    wolfSSL_ AesCbcEncryptメソッド�よ��動作��復�中�エラーを発生����ん。
+    \return 0  メッセージを正常�復�����
+    \return BAD_ALIGN_E  ブロックアライメントエラー検出時�返�れる�能性��り��
+    \return BAD_LENGTH_E  ライブラリー�WOLFSSL_AES_CBC_LENGTH_CHECKS�構築�れ��る場���入力長�AESブロック長��数���場��返�れ��。
+    \param aes  データを復��る���使用�れるAESオブジェクト���インタ。
+    \param out  復��れ�メッセージ�プレーンテキストを�存�る出力�ッファ���インタ。
+    サイズ�AES_BLOCK_SIZE��数���れ��り��ん。必��場��パディング�追加�れ��。
+    \param in  復��る暗�テキストを�む入力�ッファ���インタ。
+    サイズ�AES_BLOCK_SIZE��数���れ��り��ん。パディング�れ��る必���り��。
+    \param sz  入力�ッファ�サイズ
     _Example_
     \code
     Aes dec;
@@ -100,12 +116,18 @@ int  wc_AesCbcDecrypt(Aes* aes, byte* out,
                                   const byte* in, word32 sz);
 
 /*!
-    \ingroup AES 
-    \brief  入力�ッファー�らメッセージを暗�化/復�化��AESを使用��CTRモードを使用��出力�ッファー�出力�ッファー�入れ��。��関数��wolfssl_aes_counter�コンパイル時�有効�����る場����有効��り��。��機能を呼�出����AES構造体をAessetKey��期化�る必���り��。��関数�復�化�暗�化�両方�使用�れ��。_注：暗�化�復�化������APIを使用�る������。ユーザー�暗�化/復�化����AES構造体を区別�る必���り��。
+    \ingroup AES
+    \brief  入力�ッファ�らメッセージを暗�化/復���AES CTRモードを使用��出力�ッファー�出力���。
+    ��関数��wolfSSL_Aes_Counter�コンパイル時�有効�����る場����有効��り��。
+    ��機能を呼�出����Aes構造体をwc_AesSetKey��期化�る必���り��。
+    ��関数�復��暗�化�両方�使用�れ��。_注:暗�化�復�������APIを使用�る������。ユーザー�暗�化/復�����Aes構造体を区別�る必���り��。
     \return int  WolfSSLエラー����功状��対応�る整数値
-    \param aes  データを復�化�る���使用�れるAESオブジェクト���インタ
+    \param aes  データを復��る���使用�れるAes構造体���インタ
     \param out  暗�化�れ�メッセージ�暗�化テキストを�存�る出力�ッファ���インタ
-    \param in  暗�化�れるプレーンテキストを�む入力�ッファ���インタ
+    サイズ�AES_BLOCK_SIZE��数���れ��り��ん。必��場��パディング�追加�れ��。
+    \param in  暗�化�れるプレーンテキストを�む入力�ッファ���インタ。
+    サイズ�AES_BLOCK_SIZE��数���れ��り��ん。パディング�れ��る必���り��。
+    \param sz  入力�ッファ�サイズ
     _Example_
     \code
     Aes enc;
@@ -131,10 +153,15 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
                                    const byte* in, word32 sz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��入力ブロック�入力ブロック�IN�OUTPUTブロック�OUT��。�供�れ�AES構造体�キーを使用���。�れ���機能を呼�出���WC_AESSETKEY��期化�れる必���り��。WC_AESSETKEY��IVセット�NULL�呼�出�れ�����。�れ��Configure Option WolfSSL_AES_DIRECT�有効�����る場����有効��り��。__ warning：������ユースケース�ECBモード�安全性�低��考�られ����。�能��りECB APIを直接使用��������。
+    \ingroup AES
+    \brief  ��関数��入力ブロックin�与�られ��一�平文データブロックを暗�化���一�出力ブロックout�出力���。
+    ��際��Aes構造体��供�れ���を使用���。����機能を呼�出���wc_AesSetKey��期化�れ��る必���り��。
+    wc_AesSetKey��入力iv��NULLを指定��呼�出������。
+    �れ��Configure Option WolfSSL_AES_DIRECT�有効�����る場����有効��り��。
+    __ warning：������ユースケース�ECBモード�安全性�低��考�られ����。
+    �能��りECB APIを直接使用��������。
     \return int  WolfSSLエラー����功状��対応�る整数値
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
+    \param aes  データ�暗�化�使用�れるAes構造体���インタ
     \param out  暗�化�れ�メッセージ�暗�化テキストを�存�る出力�ッファ���インタ
     _Example_
     \code
@@ -151,11 +178,14 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
 int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��入力ブロック�1ブロック復�化�IN�IN�OUTPUT OUT��。�供�れ�AES構造体�キーを使用���。�れ���機能を呼�出���WC_AESSETKEY��期化�れる必���り��。WC_AESSETKEY��IVセット�NULL�呼�出�れ�����。�れ��Configure Option WolfSSL_AES_DIRECT�有効�����る場����有効��り��。__ warning：������ユースケース�ECBモード�安全性�低��考�られ����。�能��りECB APIを直接使用��������。
+    \ingroup AES
+    \brief  ��関数��入力ブロックin�与�られ��一�暗�データブロックを復����一�出力ブロックout�出力���。
+    �供�れ�Aes構造体��を使用���。Aes構造体����機能を呼�出���wc_AesSetKey��期化�れる必���り��。wc_AesSetKey��iv�NULL�呼�出�れる必���り��。
+    �れ��Configure Option WOLFSSL_AES_DIRECT�有効�����る場����有効��り��。
+    __ warning：������ユースケース�ECBモード�安全性�低��考�られ����。�能��りECB APIを直接使用��������。
     \return int  WolfSSLエラー����功状��対応�る整数値
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param out  復�化�れ�暗�テキスト�プレーンテキストを格��る出力�ッファ���インタ
+    \param aes  データ�復��使用�れるAESオブジェクト���インタ
+    \param out  復��れ�平文テキストを格��る出力�ッファ���インタ
     _Example_
     \code
     Aes dec;
@@ -171,14 +201,23 @@ int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
 int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��CTRモード�AESキーをAES�設定�る���使用�れ��。指定�れ�キー�IV（�期化ベクトル）��よ�暗�化DIR（方�）�AESオブジェクトを�期化���。構�オプションwolfssl_aes_direct�有効�����る場����有効��り��。�在WC_AessetKeyDirect�内部的�WC_AESSETKEYを使用���。__ warning：������ユースケース�ECBモード�安全性�低��考�られ����。�能��りECB APIを直接使用��������
-    \return 0  キー�設定��功����。
+    \ingroup AES
+    \brief  ��関数��CTRモード�AES�をAES�設定�る���使用�れ��。
+    指定�れ���iv（�期化ベクトル）��よ�暗�化dir（方�）�AESオブジェクトを�期化���。
+    構�オプションWOLFSSL_AES_DIRECT�有効�����る場����有効��り��。
+    wc_AesEncryptDirect�wc_AesDecryptDirectを呼�出�際�Aes構造体��期化����関数を使�必���り��。
+    �在wc_AesSetKeyDirect�内部的�wc_AesSetKeyを使用���。
+    __ warning：������ユースケース�ECBモード�安全性�低��考�られ����。
+    �能��りECB APIを直接使用��������
+    \return 0  ��設定��功����。
     \return BAD_FUNC_ARG  与�られ�キー�無効�長��場��返�れ��。
     \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param key  暗�化�復�化����16,24����32�イト�秘密�
-    \param len  渡�れ�キー�長�
-    \param iv  キーを�期化�る���使用�れる�期化ベクトル
+    \param key  暗�化�復�����16,24����32�イト�秘密�
+    \param len  渡�れ���長�
+    \param iv  �を�期化�る���使用�れる�期化ベクトル
+    \param dir 暗�化�方�を指定���。wc_AesEncryptDirect�使用�る際��AES_ENCRYPTION�wc_AesDecryptDirect��AES_DECRYPTIONを指定���。
+    (注�: wc_AesSetKeyDirect をAesカウンターモード�使用�る際��暗�化/復��よら��AES_ENCRYPTIONを指定������。）
+
     _Example_
     \code
     Aes enc;
@@ -198,12 +237,13 @@ int  wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
                                 const byte* iv, int dir);
 
 /*!
-    \ingroup AES 
-    \brief  ��機能��AES GCM（Galois / Counter Mode）�キーを設定�る���使用�れ��。与�られ�キー�AESオブジェクトを�期化���。コンパイル時�Configureオプションhous_aesgcm�有効�����る場����有効��り��。
-    \return 0  キー�設定��功����。
-    \return BAD_FUNC_ARG  与�られ�キー�無効�長��場��返�れ��。
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param key  暗�化�復�化����16,24����32�イト�秘密�
+    \ingroup AES
+    \brief  ��機能��AES GCM（Galois/Counter Mode）��を設定�る���使用�れ��。
+    与�られ�key�Aes構造体を�期化���。コンパイル時�ConfigureオプションHAVE_AESGCM�有効�����る場����有効��り��。
+    \return 0  ��設定��功����。
+    \return BAD_FUNC_ARG  与�られ�key�無効�長��場��返�れ��。
+    \param aes  データ�暗�化�使用�れるAes構造体���インタ
+    \param key  暗�化�復�����16,24����32�イト�秘密�
     _Example_
     \code
     Aes enc;
@@ -219,12 +259,13 @@ int  wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
 int  wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��入力メッセージを�ッファIN������果�暗�テキストを出力�ッファOUT�格����。暗�化�る呼�出����新��IV（�期化ベクトル）�必���。���入力�証ベクトル�Authin�AuthTag��入力�証ベクトルをエンコード���。
+    \ingroup AES
+    \brief  ��関数���ッファin�格��れ��る平文メッセージを暗�化��果を出力�ッファout�出力���。
+    暗�化�る呼�出����新��iv(�期化ベクトル)�必���。���入力�証ベクトル�authIn�authTag��入力�証ベクトルをエンコード���。
     \return 0  入力メッセージ�暗�化��功����
-    \param aes   - データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param out  暗�テキストを�存�る出力�ッファ���インタ
-    \param in  暗�化�るメッセージを�����る入力�ッファ���インタ
+    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
+    \param out  暗�テキストを出力�る先��ッファ���インタ。�ッファサイズ�入力�ッファin�サイズ(sz)������れ��り��ん。
+    \param in  暗�化�る平文メッセージを�����る入力�ッファ���インタ。サイズ�AES_BLOCK_SIZE��数���れ��り��ん。パディング�れ��る必���り��。
     \param sz  暗�化�る入力メッセージ�長�
     \param iv  �期化ベクトルを�む�ッファ���インタ
     \param ivSz  �期化ベクトル�長�
@@ -257,14 +298,15 @@ int  wc_AesGcmEncrypt(Aes* aes, byte* out,
                                    const byte* authIn, word32 authInSz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��入力暗�テキストを�ッファIN������果�メッセージテキストを出力�ッファOUT�格����。���指定�れ��証タグ�authtag�対���入力�証ベクトル�Authinを�ェック���。
-    \return 0  入力メッセージ�復�化��功����
+    \ingroup AES
+    \brief  ��関数���ッファin�与�られ�入力暗�テキストを復����果を出力�ッファout�格����。
+    ���指定�れ��証タグ�authTag�対���入力�証ベクトル�authInを�ェック���。
+    \return 0  入力メッセージ�復���功����
     \return AES_GCM_AUTH_E  �証タグ��供�れ��証コードベクトル�一致���場��authtag。
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param out  メッセージテキストを�存�る出力�ッファ���インタ
-    \param in  暗�テキストを復�化�る入力�ッファ���インタ
-    \param sz  復�化�る暗�テキスト�長�
+    \param aes  データ�復��使用�れるAes構造体���インタ
+    \param out  メッセージテキストを�存�る出力�ッファ���インタ。サイズ�入力�ッファin�サイズ(sz)������れ��ら��。
+    \param in  暗�テキストを���る入力�ッファ���インタ。サイズ�AES_BLOCK_SIZE��数���れ��ら��。
+    \param sz  復��る暗�テキスト�長�
     \param iv  �期化ベクトルを�む�ッファ���インタ
     \param ivSz  �期化ベクトル�長�
     \param authTag  �証タグを�む�ッファ���インタ
@@ -296,11 +338,11 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out,
                                    const byte* authIn, word32 authInSz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��GAROISメッセージ�証�使用�れるGMACオブジェクト�キーを�期化��設定���。
-    \return 0  キー�設定��功����
-    \return BAD_FUNC_ARG  キー�長��無効�場��返�れ��。
-    \param gmac  �証�使用�れるGMACオブジェクト���インタ
+    \ingroup AES
+    \brief  ��関数��GAROISメッセージ�証�使用�れるGmac構造体��を�期化��設定���。
+    \return 0  ��設定��功����
+    \return BAD_FUNC_ARG  引数key�長��無効�場��返�れ��。
+    \param gmac  �証�使用�れるGmac構造体���インタ
     \param key  �証����16,24����32�イト�秘密�
     _Example_
     \code
@@ -313,10 +355,11 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out,
 int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数�Authin Input�GMAC�ッシュを生����果をAuthtag�ッファ�格����。wc_gmacupdateを実行��後�生��れ�authtagを既知��証タグ�比較��メッセージ�信頼性を検証�る必���り��。
+    \ingroup AES
+    \brief  ��関数�authIn Input�GMAC�ッシュを生����果をauthTag�ッファ�格����。
+    wc_GmacUpdateを実行��後�生��れ�authTagを既知��証タグ�比較��メッセージ�信頼性を検証�る必���り��。
     \return 0  GMAC�ッシュ�計算��功����。
-    \param gmac  �証�使用�れるGMACオブジェクト���インタ
+    \param gmac  �証�使用�れるGmac構造体���インタ
     \param iv  �ッシュ�使用�れる�期化ベクトル
     \param ivSz  使用�れる�期化ベクトル�サイズ
     \param authIn  確��る�証ベクトルを�む�ッファ���インタ
@@ -342,11 +385,11 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
                                byte* authTag, word32 authTagSz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��CCMを使用��AESオブジェクト�キーを設定���（CBC-MAC�カウンタ）。AES構造体���インタを�り�付属�キー��期化���。
-    \return none 
-    \param aes  付属�キーを�管�る���AES構造
-    \param key  暗�化�復�化����16,24����32�イト�秘密�
+    \ingroup AES
+    \brief  ��関数��CCMを使用��AESオブジェクト��を設定���（CBC-MAC�カウンタ）。Aes構造体���インタを�り�引数�与�られ�key��期化���。
+    \return none
+    \param aes  引数keyを�管�る���Aes構造体
+    \param key  暗�化�復�����16,24����32�イト�秘密�
     _Example_
     \code
     Aes enc;
@@ -360,10 +403,11 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
 int  wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��CCMを使用���入力メッセージ�IN�OUT�OUT�OUTをCCM（CBC-MAC�カウンタ）を暗�化���。��後�Authin Input�ら�証タグ�AuthtAgを計算��格����。
-    \return none 
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
+    \ingroup AES
+    \brief  ��関数��CCMを使用���入力メッセージ�IN�OUT�OUT�OUTをCCM（CBC-MAC�カウンタ）を暗�化���。
+    ��後�Authin Input�ら�証タグ�AuthtAgを計算��格����。
+    \return none
+    \param aes  データ�暗�化�使用�れるAes構造体���インタ
     \param out  暗�テキストを�存�る出力�ッファ���インタ
     \param in  暗�化�るメッセージを�����る入力�ッファ���インタ
     \param sz  暗�化�る入力メッセージ�長�
@@ -397,14 +441,14 @@ int  wc_AesCcmEncrypt(Aes* aes, byte* out,
                                    const byte* authIn, word32 authInSz);
 
 /*!
-    \ingroup AES 
-    \brief  ��関数��CCMを使用���入力暗�テキストを�CCM（CBC-MAC�カウンタ）を使用��出力�ッファー�復�化���。��後�Authin Input�らAuthatAg�AuthatAgを計算���。許�タグ�無効�場���出力�ッファをゼロ�設定��AES_CCM_AUTH_Eを返���。
-    \return 0  入力メッセージ�復�化��功����
-    \return AES_CCM_AUTH_E  �証タグ��供�れ��証コードベクトル�一致���場��authtag。
-    \param aes  データ�暗�化�使用�れるAESオブジェクト���インタ
-    \param out  暗�テキストを�存�る出力�ッファ���インタ
-    \param in  暗�化�るメッセージを�����る入力�ッファ���インタ
-    \param sz  入力暗�テキスト�復�化
+    \ingroup AES
+    \brief  ��関数��CCMを使用���入力暗�テキストを�CCM（CBC-MAC�カウンタ）を使用��出力�ッファー�復����。��後�authIn入力�らauthTagを計算���。�証タグ�無効�場���出力�ッファをゼロ�設定��AES_CCM_AUTH_Eを返���。
+    \return 0  入力メッセージ�復���功����
+    \return AES_CCM_AUTH_E  �証タグ��供�れ��証コードベクトル�一致���場�
+    \param aes  データ�復��使用�れるAes構造体���インタ
+    \param out  復���テキストを出力�る出力�ッファ���インタ
+    \param in  復��るメッセージを�����る入力�ッファ���インタ
+    \param sz  入力暗�テキスト�サイズ
     \param nonce  nonceを�む�ッファ���インタ（1回��使用�れ��る数）
     \param nonceSz  ノンス�長�
     \param authTag  �証タグを�存�る�ッファ���インタ
@@ -438,14 +482,14 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out,
                                    const byte* authIn, word32 authInSz);
 
 /*!
-    \ingroup AES 
-    \brief  �れ��暗�化���復�化タイプを修正�る���キー�設定を支��る����。完了��ら�AESキー�WC_AESXTSFREEを呼�出����ユーザー��り���。
+    \ingroup AES
+    \brief  ��関数��AES XTSモードを使用�る暗�化���復��使用�る��設定�使用���。完了��ら�AESキー�wc_AesXtsFreeを呼�出����ユーザー��り���。
     \return 0  �功
-    \param aes  ENCRYPT /復�化プロセス����AESキー
-    \param key  AESキーを�����る�ッファー| ..Tweak Key
-    \param len  キー�ッファ��イト数�長�。キーサイズ�2���る必���り��。�����16�イト�キー����。
-    \param dir  方��AES_Encryption���AES_Decryption���れ�
-    \param heap  メモリ�使用�るヒントヒント。null��る�������
+    \param aes  暗�化���復�処��使用�るXtsAes構造体
+    \param key  補正値（Tewak）を加味��AES�を�����る�ッファ
+    \param len  ��ッファ�サイズ。�サイズ�2���る必���り��。（�����16�イト���場��32）
+    \param dir  処�方��AES_Encryption���AES_Decryption���れ�を指定���。
+    \param heap  メモリ�使用�るヒープヒント。NULLを設定�る��も����。
     _Example_
     \code
     XtsAes aes;
@@ -464,13 +508,13 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
          word32 len, int dir, void* heap, int devId);
 
 /*!
-    \ingroup AES 
-    \brief  WC_AESXTSENCRYPT���プロセス�����イト�列�代�り�Tweak値���Word64型を使用���。�れ��Word64を�イト�列�変���WC_AESXTSENCRYPTを呼�出���。
+    \ingroup AES
+    \brief  wc_AesXtsEncrypt���処�を行������イト�列�代�り�Tweak値���word64型を使用���。本関数�word64を�イト�列�変���wc_AesXtsEncryptを呼�出���。
     \return 0  �功
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
+    \param aes  ブロック暗�化/復��使用�るXtsAes構造体
     \param out  暗�テキストを���る���出力�ッファ
     \param in  暗�化�る入力プレーンテキスト�ッファ
-    \param sz  両方�も�ッファ�サイズ
+    \param sz  �ッファ（in, out両方）�サイズ
     _Example_
     \code
     XtsAes aes;
@@ -495,13 +539,13 @@ int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
          const byte* in, word32 sz, word64 sector);
 
 /*!
-    \ingroup AES 
-    \brief  WC_AESXTSDECRYPT���プロセス�����BYTE�列�代�り�Word64タイプを使用���。�れ�Word64を�イト�列�変��る����。
+    \ingroup AES
+    \brief  wc_AesXtsDecrypt���処�を行������イト�列�代�り�Tweak値���word64タイプを使用���。本関数�word64を�イト�列�変��る����。
     \return 0  �功
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
+    \param aes  ブロック暗�化/復��使用�るXtsAes構造体
     \param out  プレーンテキストを���る���出力�ッファ
-    \param in  復�化�る暗�テキスト�ッファーを入力���
-    \param sz  両方�も�ッファ�サイズ
+    \param in  復��る暗�テキスト�ッファ
+    \param sz  �ッファ（in, out両方）�サイズ
     _Example_
     \code
     XtsAes aes;
@@ -526,13 +570,13 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
          const byte* in, word32 sz, word64 sector);
 
 /*!
-    \ingroup AES 
-    \brief  XTSモード��るAES。（XTS）XEX暗�化�暗�テキストを盗ん�暗�化。
+    \ingroup AES
+    \brief  AES XTSモード�暗�化���。（XTS）XEX暗�化�平文�ブロック長��数���場��処�(Ciphertext Stealing)を行���。
     \return 0  �功
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
+    \param aes  ブロック暗�化/復��使用�るXtsAes構造体
     \param out  暗�テキストを���る���出力�ッファ
-    \param in  暗�化�る入力プレーンテキスト�ッファ
-    \param sz  両方�も�ッファ�サイズ
+    \param in  暗�化�る入力プレーンテキストを�む�ッファ
+    \param sz  �ッファ（in, out両方）�サイズ
     \param i  Tweak�使用�る値
     _Example_
     \code
@@ -557,13 +601,13 @@ int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
          const byte* in, word32 sz, const byte* i, word32 iSz);
 
 /*!
-    \ingroup AES 
-    \brief  暗�化���プロセス����AESキー�AES_Decryptionタイプ��。
+    \ingroup AES
+    \brief  暗�化���プロセス����XtsAes構造体�AES_Decryptionタイプ��。
     \return 0  �功
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
+    \param aes  ブロック暗�化/復��使用�るXtsAes構造体
     \param out  プレーンテキストを���る���出力�ッファ
-    \param in  復�化�る暗�テキスト�ッファーを入力���
-    \param sz  両方�も�ッファ�サイズ
+    \param in  復��る暗�テキストを�む�ッファ
+    \param sz  �ッファ（in, out両方）�サイズ
     \param i  Tweak�使用�る値
     _Example_
     \code
@@ -588,8 +632,8 @@ int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
         const byte* in, word32 sz, const byte* i, word32 iSz);
 
 /*!
-    \ingroup AES 
-    \brief  �れ�XTSAES構造�よ��使用�れる����リソースを解放�る����
+    \ingroup AES
+    \brief  ��関数�XtsAes構造体�使用�れる����リソースを解放���。
     \return 0  �功
     _Example_
     \code
@@ -609,11 +653,11 @@ int wc_AesXtsFree(XtsAes* aes);
 
 
 /*!
-    \ingroup AES 
+    \ingroup AES
     \brief  Aes構造体を�期化���。ヒープヒントを設定��ASYNC�ードウェアを使用�る場��IDも設定���。Aes構造体�使用�終了��際�wc_AesFreeを呼�出���ユーザー�任�れ����。
     \return 0  �功
-    \param aes  �期化��AES構造
-    \param heap  必��応��malloc / free�使用�るヒントヒント
+    \param aes  �期化対象�Aes構造体
+    \param heap  必��応��malloc / free�使用�るヒープヒント
     _Example_
     \code
     Aes enc;
@@ -631,10 +675,10 @@ int  wc_AesInit(Aes* aes, void* heap, int devId);
 
 /*!
     \ingroup AES
-    \brief Aes構造体�関連��られ�リソースを�能�ら解放�る。
+    \brief Aes構造体�関連��られ�リソースを�能�ら解放���。
     内部的��ノーオペレーション��る��も�り����ベストプラクティス�����ケース�も��関数を呼�出���を推奨���。
     \return 戻り値��
-    \param aes Free���Aes構造体���インター
+    \param aes Free���Aes構造体���インタ
     _Example_
     \code
     Aes enc;
@@ -650,11 +694,11 @@ int  wc_AesInit(Aes* aes, void* heap, int devId);
 int  wc_AesFree(Aes* aes);
 
 /*!
-    \ingroup AES 
-    \brief  CFBモードを��AES。
-    \return 0  失敗時��功��定的�エラー値
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
-    \param out  暗�テキストを���る���出力�ッファ��少���もInpectBuffer����ら�大��必���り��）
+    \ingroup AES
+    \brief  AES CFBモード�暗�化を行���。
+    \return 0  �功時�返り��。失敗時��負値�返�れ��。
+    \param aes  ブロック暗�化/復��使用�るAes構造体
+    \param out  暗�テキストを���る���出力�ッファ��少���も入力プレーンテキスト�ッファ���サイズ�必���。
     \param in  暗�化�る入力プレーンテキスト�ッファ
     _Example_
     \code
@@ -675,12 +719,12 @@ int  wc_AesFree(Aes* aes);
 int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
 
 /*!
-    \ingroup AES 
-    \brief  CFBモードを��AES。
-    \return 0  失敗時��功��定的�エラー値
-    \param aes  ブロック暗�化/復�化�使用�るAESキー
-    \param out  復�化�れ�テキストを���る���出力�ッファ��少���もinputBuffer���大�����れ��り��ん）
-    \param in  復�化�る入力�ッファ
+    \ingroup AES
+    \brief  AES CFBモード�復�を行���。
+    \return 0  �功時�返り��。失敗時��負値�返�れ��。
+    \param aes  ブロック暗�化/復��使用�るAes構造体
+    \param out  復��れ�テキストを���る���出力�ッファ��少���も入力�ッファ���サイズ�必���。
+    \param in  復��る暗�データを����入力�ッファ
     _Example_
     \code
     Aes aes;
@@ -700,17 +744,17 @@ int wc_AesCfbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz);
 int wc_AesCfbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz);
 
 /*!
-    \ingroup AES 
+    \ingroup AES
     \brief  ��関数��RFC 5297�記載�れ��るよ��SIV（���期化ベクトル）暗�化を実行���。
     \return 0  暗�化��功��場�
-    \return BAD_FUNC_ARG  キー�SIV����出力�ッファ�NULL�場�。キーサイズ�32,48����64�イト�場��も返�れ��。
-    \return Other  AES���CMAC�作�失敗��場��返�れる��他�負�エラー値。
+    \return BAD_FUNC_ARG  ��SIV����出力�ッファ�NULL�場�。�サイズ�32,48����64�イト�場��も返�れ��。
+    \return Other  ��他�負�エラー値。AES���CMAC�作�失敗��場��返�れ��。
     \param key  使用�る�を�む�イト�ッファ。
-    \param keySz  キー�ッファ�長�（�イト��）。
+    \param keySz  ��ッファ�長�（�イト��）。
     \param assoc  追加��証�れ�関連データ（AD）。
     \param assocSz  AD�ッファ��イト数
-    \param nonce  一度使用�れる数。AD���方法�アルゴリズム�よ��使用�れ��。
-    \param nonceSz  �イト���NOCE�ッファ�長�。
+    \param nonce  ナンス（一度��使用�れる値）。AD���方法�アルゴリズム�よ��使用�れ��。
+    \param nonceSz  �イト���ナンス�ッファ�長�。
     \param in  暗�化�る平文��ッファ。
     \param inSz  平文�ッファ�長�
     \param siv  S2V�よるSIV出力（RFC 5297 2.4�照）。
@@ -736,19 +780,19 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
                      const byte* in, word32 inSz, byte* siv, byte* out);
 
 /*!
-    \ingroup AES 
-    \brief  ��機能��RFC 5297�記載�れ��るよ��SIV（���期化ベクトル）復�化を実行�る。
-    \return 0  復�化��功��場�
-    \return BAD_FUNC_ARG  キー�SIV����出力�ッファ�NULL�場�。キーサイズ�32,48����64�イト�場��も返�れ��。
+    \ingroup AES
+    \brief  ��機能��RFC 5297�記載�れ��るよ��SIV（���期化ベクトル）復�を実行���
+    \return 0  復���功��場�
+    \return BAD_FUNC_ARG  ��SIV����出力�ッファ�NULL�場�。キーサイズ�32,48����64�イト�場��も返�れ��。
     \return AES_SIV_AUTH_E  S2V�よ��派生��SIV�入力SIV�一致���場�（RFC 5297 2.7を�照）。
-    \return Other  AES���CMAC�作�失敗��場��返�れる��他�負�エラー値。
+    \return Other  ��他�負�エラー値。AES���CMAC�作�失敗��場��返�れ��。
     \param key  使用�る�を�む�イト�ッファ。
-    \param keySz  キー�ッファ�長�（�イト��）。
+    \param keySz  ��ッファ�長�（�イト��）。
     \param assoc  追加��証�れ�関連データ（AD）。
     \param assocSz  AD�ッファ��イト数
-    \param nonce  一度使用�れる数。AD���方法��基礎��るアルゴリズム�よ��使用�れ��。
-    \param nonceSz  �イト���NOCE�ッファ�長�。
-    \param in  復�化�る暗�文�ッファー。
+    \param nonce  ナンス（一度��使用�れる値）。AD���方法��基礎��るアルゴリズム�よ��使用�れ��。
+    \param nonceSz  �イト���ナンス�ッファ�長�。
+    \param in  復��る暗�文�ッファ。
     \param inSz  暗�文�ッファ�長�
     \param siv  暗�文�付��るSIV（RFC 5297 2.4を�照）。
     _Example_
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
index 5d3a50dc..164108fe 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/asn_public.h
@@ -1,7 +1,8 @@
 /*!
-    \ingroup ASN 
-    \brief  ��関数�デフォルト�証明書を�期化���。デフォルト�オプション：version = 3（0x2）�sigtype = sha_with_rsa�issuer =空白�dayValid = 500�selfsigned = 1（true）発行者����件�=空白
-    \return none  ���返���。
+    \ingroup ASN
+    \brief  ��関数�Cert構造体をデフォルト�値��期化���。デフォルト�オプション：version = 3（0x2）�sigtype = sha_with_rsa�issuer =空白�dayValid = 500�selfsigned = 1（true）発行者����件�=空白
+    \return �功��場�0を返���。
+
     _Example_
     \code
     Cert myCert;
@@ -13,17 +14,78 @@
 int wc_InitCert(Cert*);
 
 /*!
-    \ingroup ASN 
-    \brief  CA署�付�証明書を作��る���使用�れ��。被写体情報�入力�れ�後�呼�出�れ���。��関数��証明書入力�らX509証明書V3 RSA���ECCを作����。��後���証明書をDerbuffer�書�込���。証明書を生��る���RSAKEY���ECCKEY���れ�を�り��。��メソッド�呼�出�れる���証明書をWC_INITCERT��期化�る必���り��。
-    \return Success  指定�れ�入力証明書�らX509証明書を正常�行���生��れ�証明書�サイズを返���。
-    \return MEMORY_E  xmalloc�メモリを割り当�るエラー��る場�
-    \return BUFFER_E  �供�れ�Derbuffer�生��れ�証明書を�存�る������る場��返�れ��
+     \ingroup ASN
+
+     \brief ��関数�証明書�作�為�新��Cert構造体を割り当���。
+     割り当��Cert構造体���関数内��期化�れる���wc_InitCert()を呼�出�必���り��ん。
+     アプリケーション���Cert構造体�使用を終了�る際��wc_CertFree()を呼�出�必���り��。
+
+     \return 処���功��際��新�割り当�られ�Cert構造体���インタを返���。
+     \return メモリ確��失敗��場���NULLを返���。
+
+     \param メモリ�動的確��使用�れるヒープ���インタ。NULL�指定も�。
+
+     _Example_
+     \code
+     Cert*   myCert;
+
+     myCert = wc_CertNew(NULL);
+     if (myCert == NULL) {
+         // Cert creation failure
+     }
+     \endcode
+
+     \sa wc_InitCert
+     \sa wc_MakeCert
+     \sa wc_CertFree
+
+*/
+Cert* wc_CertNew(void* heap);
+
+
+/*!
+     \ingroup ASN
+
+     \brief ��関数�wc_CertNew()�確��れ�Cert構造体を解放���。
+     \return 無�
+     \param 解放���Cert構造体���インタ
+
+     _Example_
+     \code
+     Cert*   myCert;
+
+     myCert = wc_CertNew(NULL);
+
+     // Perform cert operations.
+
+     wc_CertFree(myCert);
+     \endcode
+
+     \sa wc_InitCert
+     \sa wc_MakeCert
+     \sa wc_CertNew
+
+*/
+void  wc_CertFree(Cert* cert);
+
+/*!
+    \ingroup ASN
+    \brief  CA署�付�証明書を作��る���使用�れ��。
+    サブジェクト情報を入力��後�呼�出�必���り��。
+    ��関数��証明書入力�らX.509v3 RSA���ECC証明書を作��derBuffer�書�込���。
+    証明書を生��る���RsaKey���EccKey���れ�を引数����り��。
+    ��関数�呼�出�れる���証明書をwc_InitCert��期化�る必���り��。
+
+    \return 指定�れ�入力証明書�らX509証明書�正常�生��れ�場��生��れ�証明書�サイズを返���。
+    \return MEMORY_E  xmalloc��メモリ割り当�エラー�発生��場��返り��。
+    \return BUFFER_E  �供�れ�derBuffer�生��れ�証明書を�存�る������る場��返�れ��
     \return Others  証明書�生���功�����場��追加�エラーメッセージ�返�れる�能性��り��。
-    \param cert  �期化�れ�証明書構造���インタ
+    \param cert  �期化�れ�Cert構造体���インタ
     \param derBuffer  生��れ�証明書を���る�ッファ���インタ
     \param derSz  証明書を�存�る�ッファ�サイズ
-    \param rsaKey  証明書�生��使用�れるRSAキーを�むRSAKEY構造体���インタ
-    \param eccKey  証明書�生��使用�れるECCキーを�むECCKEY構造体���インタ
+    \param rsaKey  証明書�生��使用�れるRSA�を�むRsaKey構造体���インタ
+    \param eccKey  証明書�生��使用�れるECC�を�むEccKey構造体���インタ
+
     _Example_
     \code
     Cert myCert;
@@ -43,16 +105,21 @@ int  wc_MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,
                              ecc_key* eccKey, WC_RNG* rng);
 
 /*!
-    \ingroup ASN 
-    \brief  ��関数��入力証明書を使用��証明書署��求を行��出力をDerbuffer�書�込���。証明書�求を生��るRSAKEY���ECCKEY���ら�を�り��。��関数�証明書�求�署��る���wc_signcert（）を呼�出�必���り��。��関数�使用例������WolfCryptテストアプリケーション（./wolfcrypt/test/test.c）を�照������。
-    \return Success  指定�れ�入力証明書�らX.509証明書�求を正常�行���生��れ�証明書�求�サイズを返���。
-    \return MEMORY_E  xmalloc�メモリを割り当�るエラー��る場�
-    \return BUFFER_E  �供�れ�Derbuffer�生��れ�証明書を�存�る������る場��返�れ��
-    \return Other  証明書�求生���功�����場��追加�エラーメッセージ�返�れる�能性��り��。
-    \param cert  �期化�れ�証明書構造���インタ
-    \param derBuffer  生��れ�証明書�求を���る�ッファ���インタ
-    \param derSz  証明書�求を�存�る�ッファ�サイズ
-    \param rsaKey  証明書�求を生��る���使用�れるRSAキーを�むRSAKEY構造体���インタ
+    \ingroup ASN
+    \brief  ��関数��入力�れ�Cert構造体を使用��証明書署��求を作��derBuffer�書�込���。
+    証明書�求�生���RsaKey���EccKey���れ���を���り使用���。
+    ��関数�後��署��る���wc_SignCert()を呼�出�必���り��。
+    ��関数�使用例������wolfCryptテストアプリケーション(./wolfcrypt/test/test.c)を�照������。
+    \return 証明書署��求�正常�生��れる��生��れ�証明書署��求�サイズを返���。
+    \return MEMORY_E  xmalloc��メモリ割り当��エラー�発生��場�
+    \return BUFFER_E  �供�れ�derBuffer�生��れ�証明書を�存�る������る場�
+    \return Other  証明書署��求�生���功�����場��追加�エラーメッセージ�返�れる�能性��り��。
+    \param cert  �期化�れ�Cert構造体���インタ
+    \param derBuffer  生��れ�証明書署��求を���る�ッファ���インタ
+    \param derSz  証明書署��求を�存�る�ッファ�サイズ
+    \param rsaKey  証明書署��求を生��る���使用�れるRSA�を�むRsaKey構造体���インタ
+    \param eccKey  証明書署��求を生��る���使用�れるRECC�を�むEccKey構造体���インタ
+
     _Example_
     \code
     Cert myCert;
@@ -71,18 +138,21 @@ int  wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
                                     RsaKey* rsaKey, ecc_key* eccKey);
 
 /*!
-    \ingroup ASN 
-    \brief  ��関数��ッファー�署���署�を�ッファ�最後�追加���。署��種類を�り��。CA署�付�証明書を作��る場���wc_makecert（）���wc_makecertreq（）�後�呼�出�必���り��。
-    \return Success  証明書�正常�署��る場���CERT�新��サイズ（署�を�む）を返���。
-    \return MEMORY_E  xmalloc�メモリを割り当�るエラー��る場�
+    \ingroup ASN
+    \brief  ��関数��ッファー�内容�署���署�を�ッファ�最後�追加���。署��種類を�り��。
+    CA署�付�証明書を作��る場���wc_MakeCert()���wc_MakeCertReq()�後�呼�出�必���り��。
+    \return 証明書��署���功��場���証明書�新��サイズ(署�を�む)を返���。
+    \return MEMORY_E  xmalloc��メモリを割り当��エラー��る場�
     \return BUFFER_E  �供�れ�証明書を�存�る���供�れ��ッファ�����る場��返�れ��。
     \return Other  証明書�生���功�����場��追加�エラーメッセージ�返�れる�能性��り��。
-    \param requestSz  署�����を�求���る証明書本文�サイズ
-    \param sType  作��る署��種類。有効�オプション�次���り��.CTC_MD5WRSA�CTC_SHAWRSA�CTC_SHAWECDSA�CTC_SHA256WECDSA�ANDCTC_SHA256WRSA
-    \param buffer  署��る証明書を�む�ッファ���インタ。�功：新��署��れ�証明書を�����
-    \param buffSz  新��署��れ�証明書を�存�る�ッファ�（�計）サイズ
-    \param rsaKey  証明書�署��る���使用�れるRSAキーを�むRSAKEY構造体���インタ
-    \param eccKey  証明書�署��る���使用�れるECCキーを�むECCKey構造体���インタ
+    \param requestSz  署�対象�証明書本文�サイズ
+    \param sigType  作��る署��種類。有効�オプション�次���り��:CTC_MD5WRSA�CTC_SHAWRSA�CTC_SHAWECDSA�CTC_SHA256WECDSA�ANDCTC_SHA256WRSA
+    \param derBuffer  署�対象�証明書を�む�ッファ���インタ。関数�処��功時��署��付加�れ�証明書を�����。
+    \param derSz  新��署��れ�証明書を�存�る�ッファ�（�計）サイズ
+    \param rsaKey  証明書�署��る���使用�れるRSA�を�むRsaKey構造体���インタ
+    \param eccKey  証明書�署��る���使用�れるECC�を�むEccKey構造体���インタ
+    \param rng  署��使用�る乱数生�器(WC_RNG構造体)���インタ
+
     _Example_
     \code
     Cert myCert;
@@ -94,9 +164,8 @@ int  wc_MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
     // initialize rng
 
     word32 certSz;
-    certSz = wc_SignCert(myCert.bodySz, myCert.sigType,derCert,FOURK_BUF,
-    &key, NULL,
-    &rng);
+    certSz = wc_SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+    &key, NULL, &rng);
     \endcode
     \sa wc_InitCert
     \sa wc_MakeCert
@@ -105,16 +174,19 @@ int  wc_SignCert(int requestSz, int sigType, byte* derBuffer,
                  word32 derSz, RsaKey* rsaKey, ecc_key* eccKey, WC_RNG* rng);
 
 /*!
-    \ingroup ASN 
-    \brief  ��関数��以��2��関数�wc_makecert��よ�自己署�����wc_signcert�組������（��関数�CA�求�使用�れる場���り��）。証明書を作����ら��れ�署���自己署�証明書を生����。
-    \return Success  証明書�正常�署��る場���CERT�新��サイズを返���。
-    \return MEMORY_E  xmalloc�メモリを割り当�るエラー��る場�
+    \ingroup ASN
+    \brief  ��関数��以��2��関数�wc_MakeCert��よ�自己署�����wc_SignCert�組������（��関数�CA�求�使用�れる場���り��）。
+    証明書を作����ら��れ�署���自己署�証明書を生����。
+    \return 証明書��署���功��場���証明書�新��サイズを返���。
+    \return MEMORY_E  xmalloc��メモリを割り当��エラー��る場�
     \return BUFFER_E  �供�れ�証明書を�存�る���供�れ��ッファ�����る場��返�れ��。
     \return Other  証明書�生���功�����場��追加�エラーメッセージ�返�れる�能性��り��。
-    \param cert  作���署��る証明書���インタ
-    \param buffer  署�付�証明書を���る����ッファ���インタ
-    \param buffSz  署�付�証明書を�存�る�ッファ�サイズ
-    \param key  証明書�署��る���使用�れるRSAキーを�むRSAKEY構造体���インタ
+    \param cert  署��る対象�Cert構造体���インタ
+    \param derBuffer  署�付�証明書を���る����ッファ���インタ
+    \param derSz  署�付�証明書を�存�る�ッファ�サイズ
+    \param key  証明書�署��る���使用�れるRSA�を�むRsaKey構造体���インタ
+    \param rng  署��使用�る乱数生�器(WC_RNG構造体)���インタ
+
     _Example_
     \code
     Cert myCert;
@@ -134,3 +206,1779 @@ int  wc_SignCert(int requestSz, int sigType, byte* derBuffer,
 */
 int  wc_MakeSelfCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* key,
                              WC_RNG* rng);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PEM形��issureFile�与�られ�発行者を証明書�発行者���設定���。
+    �����際��証明書�自己署�プロパティをfalse�変更���。
+    発行者�証明書�発行者���設定�れる��検証�れ��。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�発行者�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E  ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�発行者を検証�る�������場��返�れ��。
+
+    \param cert 発行者を設定�る対象�Cert構造体���インタ
+    \param issuerFile PEM形��証明書ファイル��ファイルパス
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    if(wc_SetIssuer(&myCert, �./path/to/ca-cert.pem�) != 0) {
+    	// error setting issuer
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetSubject
+    \sa wc_SetIssuerBuffer
+*/
+int  wc_SetIssuer(Cert* cert, const char* issuerFile);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PEM形��subjectFile�与�られ�主体者を証明書�主体者���設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�主体者�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param 主体者を設定�る対象�Cert構造体���インタ
+    \param subjectFile PEM形��証明書ファイル��ファイルパス
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    if(wc_SetSubject(&myCert, �./path/to/ca-cert.pem�) != 0) {
+    	// error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetIssuer
+*/
+int  wc_SetSubject(Cert* cert, const char* subjectFile);
+
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��るRaw-Subject情報を証明書�Raw-Subject情報���設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�Raw-Subject情報�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert Raw-Subject情報を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�Raw-Subject情報��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetSubjectRaw(&myCert, der, FOURK_BUF) != 0) {
+        // error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetSubject
+*/
+int  wc_SetSubjectRaw(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�Cert構造体�らRaw-Subject情報を�り出���。
+
+    \return 0 証明書�Raw-Subject情報��得��功��場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+
+    \param subjectRaw 処���功��際�返�れるRaw-Subject情報を格��る�ッファ���インタ��インタ
+    \param cert Raw-Subject情報を���るCert構造体���インタ
+
+    _Example_
+    \code
+    Cert myCert;
+    byte *subjRaw;
+    // initialize myCert
+
+    if(wc_GetSubjectRaw(&subjRaw, &myCert) != 0) {
+        // error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetSubjectRaw
+*/
+int  wc_GetSubjectRaw(byte **subjectRaw, Cert *cert);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�引数�与�られ�PEM形��証明書�主体者�別�をCert構造体�設定���。
+    複数�ドメイン��一�証明書を使用�る際��主体者�別�を付与�る機能�有用��。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�主体者�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert 主体者�別�を設定�る対象�Cert構造体���インタ
+    \param file PEM形��証明書�ファイルパス
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    if(wc_SetSubject(&myCert, �./path/to/ca-cert.pem�) != 0) {
+    	// error setting alt names
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetIssuer
+*/
+int  wc_SetAltNames(Cert* cert, const char* file);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��る発行者を証明書�発行者���設定���。
+    加���証明書�事故署�プロパティをfalse�設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�発行者�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert 発行者を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�発行者情報��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetIssuerBuffer(&myCert, der, FOURK_BUF) != 0) {
+	    // error setting issuer
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetIssuer
+*/
+int  wc_SetIssuerBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��るRaw-Issuer情報を証明書�Raw-Issuer情報���設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�Raw-Issuer情報�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+
+    \param cert Raw-Issuer情報を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�Raw-Issuer情報��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetIssuerRaw(&myCert, der, FOURK_BUF) != 0) {
+        // error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetIssuer
+*/
+int  wc_SetIssuerRaw(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��る主体者を証明書�主体者���設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�主体者�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert 主体者を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�主体者��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetSubjectBuffer(&myCert, der, FOURK_BUF) != 0) {
+    	// error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetSubject
+*/
+int  wc_SetSubjectBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��る「別�情報�を証明書�「別�情報����設定���。
+    ��機能�複数ドメインを一��証明書を使��セキュア��る際�有用��。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�別�情報�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert 別�情報を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�別�情報��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetAltNamesBuffer(&myCert, der, FOURK_BUF) != 0) {
+    	// error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetAltNames
+*/
+int  wc_SetAltNamesBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ��る「有効期間�情報を証明書�「有効期間�情報���設定���。
+    ��関数�証明書��署��先立�呼�出�れる必���り��。
+
+    \return 0 証明書�有効期間情報�設定��功��場��返�れ��。
+    \return MEMORY_E XMALLOC�メモリ�確��失敗��際�返�れ��。
+    \return ASN_PARSE_E 証明書�ヘッダーファイル�解��失敗��際�返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�暗�タイプ�解��エラー�発生��際�返�れ��。
+    \return ASN_EXPECT_0_E 証明書�暗�化仕様�フォーマットエラー�検出�れ�際�返�れ��。
+    \return ASN_BEFORE_DATE_E 証明書�使用開始日より�����場��返�れ��。
+    \return ASN_AFTER_DATE_E 証明書�有効期�日より後����場��返�れ��。
+    \return ASN_BITSTR_E 証明書�ビットストリング�素�解��エラー�発生��際�返�れ��。
+    \return ECC_CURVE_OID_E 証明書�ECC��解��エラー�発生��際�返�れ��。
+    \return ASN_UNKNOWN_OID_E 証明書�未知�オブジェクトIDを使用����際�返�れ��。
+    \return ASN_VERSION_E ALLOW_V1_EXTENSIONSマクロ�定義�れ������証明書�V1�る��V2形�����場��返�れ��。
+    \return BAD_FUNC_ARG 証明書�拡張情報�解��エラー�発生��際�返�れ��。
+    \return ASN_CRIT_EXT_E 証明書�解�中�未知�クリティカル拡張�����際�返�れ��。
+    \return ASN_SIG_OID_E 署�暗�化タイプ�引数�渡�れ�証明書�タイプ�異�る場��返�れ��。
+    \return ASN_SIG_CONFIRM_E 証明書�署��検証�失敗��際�返�れ��。
+    \return ASN_NAME_INVALID_E 証明書����CA����関数制��よ��許�れ����場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+    \return ASN_NO_SIGNER_E CA証明書�主体者を検証�る�������場��返�れ��。
+
+    \param cert 有効期間情報を設定�る対象�Cert構造体���インタ
+    \param der DER形��証明書を格����る�ッファ���インタ。��証明書�有効期間情報��り出�れ�cert�設定�れ��。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ
+
+    _Example_
+    \code
+    Cert myCert;
+    // initialize myCert
+    byte* der;
+    der = (byte*)malloc(FOURK_BUF);
+    // initialize der
+    if(wc_SetDatesBuffer(&myCert, der, FOURK_BUF) != 0) {
+    	// error setting subject
+    }
+    \endcode
+
+    \sa wc_InitCert
+*/
+int  wc_SetDatesBuffer(Cert* cert, const byte* der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�指定�れ�RSA�る��ECC公開��一方�ら得�AKID（�証者�ID）を証明書�AKID���設定���。
+
+    \return 0 証明書�AKID�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG Cert構造体���インタ(cert)�NULL�RsaKey構造体���インタ(rsakey)�ecc_key構造体���インタ(eckey)�両方�NULL��る場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return PUBLIC_KEY_E 公開���得�失敗��際�返�れ��。
+
+    \param cert AKIDを設定�る対象�Cert構造体���インタ
+    \param rsakey RsaKey構造体���インタ
+    \param eckey ecc_key構造体���インタ
+
+    _Example_
+    \code
+    Cert myCert;
+    RsaKey keypub;
+
+    wc_InitRsaKey(&keypub, 0);
+
+    if (wc_SetAuthKeyIdFromPublicKey(&myCert, &keypub, NULL) != 0)
+    {
+        // Handle error
+    }
+    \endcode
+
+    \sa wc_SetSubjectKeyId
+    \sa wc_SetAuthKeyId
+    \sa wc_SetAuthKeyIdFromCert
+*/
+int wc_SetAuthKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+                                             ecc_key *eckey);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形���ッファ�格��れ�証明書�ら得�AKID(�証者�ID)を証明書�AKID���設定���。
+
+    \return 0 証明書�AKID�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG 引数���れ��NULL,�る��derSz��より���場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return ASN_NO_SKID �証者�ID�見��ら��場��返�れ��。
+
+    \param cert AKIDを設定�る対象�Cert構造体���インタ。
+    \param der DER形��証明書を格����る�ッファ���インタ。
+    \param derSz DER形��証明書を格����る�ッファ�サイズ。
+
+    _Example_
+    \code
+    Cert some_cert;
+    byte some_der[] = { // Initialize a DER buffer };
+    wc_InitCert(&some_cert);
+    if(wc_SetAuthKeyIdFromCert(&some_cert, some_der, sizeof(some_der) != 0)
+    {
+        // Handle error
+    }
+    \endcode
+
+    \sa wc_SetAuthKeyIdFromPublicKey
+    \sa wc_SetAuthKeyId
+*/
+int wc_SetAuthKeyIdFromCert(Cert *cert, const byte *der, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PEM形��証明書�ら得�AKID(�証者�ID)を証明書�AKID���設定���。
+
+    \return 0 証明書�AKID�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG 引数���れ��NULL�場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+
+    \param cert AKIDを設定�る対象�Cert構造体���インタ。
+    \param file PEM形��証明書ファイル��ファイルパス
+
+    _Example_
+    \code
+    char* file_name = "/path/to/file";
+    cert some_cert;
+    wc_InitCert(&some_cert);
+
+    if(wc_SetAuthKeyId(&some_cert, file_name) != 0)
+    {
+        // Handle Error
+    }
+    \endcode
+
+    \sa wc_SetAuthKeyIdFromPublicKey
+    \sa wc_SetAuthKeyIdFromCert
+*/
+int wc_SetAuthKeyId(Cert *cert, const char* file);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�指定�れ�RSA�る��ECC公開��一方�ら得�SKID（主体者�ID）を証明書�SKID���設定���。
+
+    \return 0 証明書�SKID�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG Cert構造体���インタ(cert)�NULL�RsaKey構造体���インタ(rsakey)�ecc_key構造体���インタ(eckey)�両方�NULL��る場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return PUBLIC_KEY_E 公開���得�失敗��際�返�れ��。
+
+    \param cert SKIDを設定�る対象�Cert構造体���インタ
+    \param rsakey RsaKey構造体���インタ
+    \param eckey ecc_key構造体���インタ
+
+    _Example_
+    \code
+    Cert some_cert;
+    RsaKey some_key;
+    wc_InitCert(&some_cert);
+    wc_InitRsaKey(&some_key);
+
+    if(wc_SetSubjectKeyIdFromPublicKey(&some_cert,&some_key, NULL) != 0)
+    {
+        // Handle Error
+    }
+    \endcode
+
+    \sa wc_SetSubjectKeyId
+*/
+int wc_SetSubjectKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey,
+                                                ecc_key *eckey);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PEM形��証明書�ら得�SKID(主体者�ID)を証明書�SKID���設定���。
+    引数�両方�与�られる���必���。
+
+    \return 0 証明書�SKID�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG 引数���れ��NULL�場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return PUBLIC_KEY_E 公開��デコード�失敗��際�返�れ��。
+
+    \param cert SKIDを設定�る対象�Cert構造体���インタ。
+    \param file PEM形��証明書ファイル��ファイルパス
+
+    _Example_
+    \code
+    const char* file_name = "path/to/file";
+    Cert some_cert;
+    wc_InitCert(&some_cert);
+
+    if(wc_SetSubjectKeyId(&some_cert, file_name) != 0)
+    {
+        // Handle Error
+    }
+    \endcode
+
+    \sa wc_SetSubjectKeyIdFromPublicKey
+*/
+int wc_SetSubjectKeyId(Cert *cert, const char* file);
+
+/*!
+    \ingroup RSA
+
+    \brief ��関数���用途を設定���。設定値�指定�コンマ区切りトークンを使用����。
+    ��付�られるトークン�：digitalSignature, nonRepudiation, contentCommitment, keyCertSign, cRLSign, dataEncipherment,
+    keyAgreement, keyEncipherment, encipherOnly, decipherOnly ��。
+    指定例："digitalSignature,nonRepudiation"。
+    nonRepudiation � contentCommitment　���用途を�味���。
+
+    \return 0 証明書�用途�設定��功��場��返�れ��。
+    \return BAD_FUNC_ARG 引数���れ��NULL�場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return KEYUSAGE_E 未知�トークン�検出�れ�際�返�れ��。
+
+    \param cert ��用途を設定�る対象��期化済�Cert構造体���インタ。
+    \param value ��用途を�味�るコンマ区切りトークン文字列���インタ
+
+    _Example_
+    \code
+    Cert cert;
+    wc_InitCert(&cert);
+
+    if(wc_SetKeyUsage(&cert, "cRLSign,keyCertSign") != 0)
+    {
+        // Handle error
+    }
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_MakeRsaKey
+*/
+int wc_SetKeyUsage(Cert *cert, const char *value);
+
+/*!
+    \ingroup ASN
+
+    \brief PEM形���ファイルをロード�DER形��変����ッファ�出力���。
+
+    \return 0 処��功時�返�れ��。
+    \return <0 エラー発生時�返�れ��。
+    \return SSL_BAD_FILE ファイル�オープン��題�生��際�返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return BUFFER_E 与�られ�出力�ッファderBuf��果を���る���分�大�����場��返�れ��。
+
+    \param fileName PEM形��ファイルパス
+    \param derBuf DER形��を出力�る先��ッファ
+    \param derSz 出力先�ッファ�サイズ
+
+    _Example_
+    \code
+    char* some_file = "filename";
+    unsigned char der[];
+
+    if(wc_PemPubKeyToDer(some_file, der, sizeof(der)) != 0)
+    {
+        //Handle Error
+    }
+    \endcode
+
+    \sa wc_PubKeyPemToDer
+*/
+int wc_PemPubKeyToDer(const char* fileName,
+                                       unsigned char* derBuf, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief PEM形���データをDER形��変����ッファ�出力��出力�イト数�る��負�エラー値を返���。
+
+    \return >0 処��功時��出力���イト数�返�れ��。
+    \return BAD_FUNC_ARG 引数�pem, buff, �る�� buffSz ���れ��NULL�場��返�れ��。
+    \return <0 エラー�発生��際�返�れ��。
+
+    \param pem PEM形���を�ん��ッファ���インタ
+    \param pemSz PEM形���を�ん��ッファ�サイズ
+    \param buff 出力先�ッファ���インタ
+    \param buffSz 出力先�ッファ�サイズ
+
+    _Example_
+    \code
+    byte some_pem[] = { Initialize with PEM key }
+    unsigned char out_buffer[1024]; // Ensure buffer is large enough to fit DER
+
+    if(wc_PubKeyPemToDer(some_pem, sizeof(some_pem), out_buffer,
+    sizeof(out_buffer)) < 0)
+    {
+        // Handle error
+    }
+    \endcode
+
+    \sa wc_PemPubKeyToDer
+*/
+int wc_PubKeyPemToDer(const unsigned char* pem, int pemSz,
+                                      unsigned char* buff, int buffSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PEM形��証明書をDER形��変���与�られ��ッファ�出力���。
+
+    \return 処��功時��出力���イト数�返�れ��。
+    \return BUFFER_E 与�られ�出力�ッファderBuf��果を���る���分�大�����場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+
+    \param fileName PEM形��ファイルパス
+    \param derBuf DER形�証明書を出力�る先��ッファ���インタ
+    \param derSz DER形�証明書を出力�る先��ッファ�サイズ
+
+    _Example_
+    \code
+    char * file = “./certs/client-cert.pem�;
+    int derSz;
+    byte* der = (byte*)XMALLOC((8*1024), NULL, DYNAMIC_TYPE_CERT);
+
+    derSz = wc_PemCertToDer(file, der, (8*1024));
+    if (derSz <= 0) {
+        //PemCertToDer error
+    }
+    \endcode
+
+    \sa none
+*/
+
+int wc_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数��ッファ�与�られ�DER形��証明書をPEM形��変���与�られ�出力用�ッファ�出力���。
+    ��関数�入力�ッファ�出力�ッファを共用�る�������ん。両�ッファ�必�別�も�を用�������。
+
+    \return 処��功時��変�後�PEM形�データ�サイズを返���。
+    \return BAD_FUNC_ARG DER形�証明書データ�解�中�エラー�発生��際��る��PEM形��変��際�エラー�発生��際�返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return ASN_INPUT_E Base64エンコーディングエラー�検出�れ�際�返�れ��。
+    \return BUFFER_E 与�られ�出力�ッファ��果を���る���分�大�����場��返�れ��。
+
+    \param der DER形�証明書データを���る�ッファ���インタ
+    \param derSz DER形�証明書データ�サイズ
+    \param output PEM形�証明書データを出力�る先��ッファ���インタ
+    \param outSz PEM形�証明書データを出力�る先��ッファ�サイズ
+    \param type 変��る証明書�タイプ。次�タイプ�指定�: CERT_TYPE, PRIVATEKEY_TYPE, ECC_PRIVATEKEY_TYPE, and CERTREQ_TYPE.
+
+    _Example_
+    \code
+    byte* der;
+    // initialize der with certificate
+    byte* pemFormatted[FOURK_BUF];
+
+    word32 pemSz;
+    pemSz = wc_DerToPem(der, derSz,pemFormatted,FOURK_BUF, CERT_TYPE);
+    \endcode
+
+    \sa wc_PemCertToDer
+*/
+int wc_DerToPem(const byte* der, word32 derSz, byte* output,
+                                word32 outputSz, int type);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形�証明書を入力�ッファ�ら読�出��PEM形��変���出力�ッファ�出力���。
+    ��関数�入力�ッファ�出力�ッファを共用�る�������ん。両�ッファ�必�別�も�を用�������。
+    追加�暗�情報を指定�る�������。
+
+    \return 処��功時��変�後�PEM形�データ�サイズを返���。
+    \return BAD_FUNC_ARG Returned DER形�証明書データ�解�中�エラー�発生��際��る��PEM形��変��際�エラー�発生��際�返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return ASN_INPUT_E Base64エンコーディングエラー�検出�れ�際�返�れ��。
+    \return BUFFER_E 与�られ�出力�ッファ��果を���る���分�大�����場��返�れ��。
+
+    \param der DER形�証明書データを���る�ッファ���インタ
+    \param derSz DER形�証明書データ�サイズ
+    \param output PEM形�証明書データを出力�る先��ッファ���インタ
+    \param outSz PEM形�証明書データを出力�る先��ッファ�サイズ
+    \param cipher_inf 追加�暗�情報
+    \param type 生��る証明書タイプ。指定�能�タイプ: CERT_TYPE, PRIVATEKEY_TYPE, ECC_PRIVATEKEY_TYPE � CERTREQ_TYPE
+
+    _Example_
+    \code
+    byte* der;
+    // initialize der with certificate
+    byte* pemFormatted[FOURK_BUF];
+
+    word32 pemSz;
+    byte* cipher_info[] { Additional cipher info. }
+    pemSz = wc_DerToPemEx(der, derSz, pemFormatted, FOURK_BUF, cipher_info, CERT_TYPE);
+    \endcode
+
+    \sa wc_PemCertToDer
+*/
+int wc_DerToPemEx(const byte* der, word32 derSz, byte* output,
+                                word32 outputSz, byte *cipherIno, int type);
+
+/*!
+    \ingroup CertsKeys
+
+    \brief PEM形���をDER形��変����。
+
+    \return 変���功��際��出力�ッファ�書�込ん�データサイズを返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param pem PEM形��証明書データ���インタ
+    \param pemSz PEM形��証明書データ�サイズ
+    \param buff DerBuffer構造体�bufferメン�ー�コピー���インタ
+    \param buffSz DerBuffer構造体�bufferメン�ー�確��れ��ッファ�サイズ
+    \param pass パスワード
+
+    _Example_
+    \code
+    byte* loadBuf;
+    long fileSz = 0;
+    byte* bufSz;
+    static int LoadKeyFile(byte** keyBuf, word32* keyBufSz,
+    const char* keyFile,
+                    int typeKey, const char* password);
+    …
+    bufSz = wc_KeyPemToDer(loadBuf, (int)fileSz, saveBuf,
+    (int)fileSz, password);
+
+    if(saveBufSz > 0){
+        // Bytes were written to the buffer.
+    }
+    \endcode
+
+    \sa wc_PemToDer
+*/
+int wc_KeyPemToDer(const unsigned char* pem, int pemSz,
+                                    unsigned char* buff, int buffSz, const char* pass);
+
+/*!
+    \ingroup CertsKeys
+
+    \brief ��関数�PEM形��証明書をDER形��変����。内部��OpenSSL互�API�PemToDerを呼�出���。
+
+    \return �ッファ�出力��サイズを返���。
+
+    \param pem PEM形��証明書を�む�ッファ���インタ
+    \param pemSz PEM形��証明書を�む�ッファ�サイズ
+    \param buff DER形��変���証明書データ�出力先�ッファ���インタ
+    \param buffSz 出力先�ッファ�サイズ
+    \param type 証明書�タイプ。asn_public.h �定義�enum CertType�値。
+
+    _Example_
+    \code
+    const unsigned char* pem;
+    int pemSz;
+    unsigned char buff[BUFSIZE];
+    int buffSz = sizeof(buff)/sizeof(char);
+    int type;
+    ...
+    if(wc_CertPemToDer(pem, pemSz, buff, buffSz, type) <= 0) {
+        // There were bytes written to buffer
+    }
+    \endcode
+
+    \sa wc_PemToDer
+*/
+int wc_CertPemToDer(const unsigned char* pem, int pemSz,
+                    unsigned char* buff, int buffSz, int type);
+
+/*!
+    \ingroup CertsKeys
+
+    \brief ��関数�公開�をDER形��DecodedCert構造体�ら�り出���。
+    wc_InitDecodedCert()�wc_ParseCert()を事��呼�出����必���り��。
+    wc_InitDecodedCert()�DER/ASN.1エンコード�れ�証明書を��付���。
+    PEM形���をDER形���得�る場����wc_InitDecodedCert()より先�wc_CertPemToDer()を呼�出������。
+
+    \return �功時�0を返���。エラー発生時��負�整数を返���。
+    \return LENGTH_ONLY_E derKey�NULL�際�返�れ��。
+
+    \param cert X.509証明書を����DecodedCert構造体���インタ
+    \param derKey DER形��公開�を出力�る先��ッファ���インタ
+    \param derKeySz [IN/OUT] 入力時��derKey�与�られる�ッファ�サイズ,出力時��公開��サイズを�����。
+    も��derKey�NULL�渡�れ�場���, derKeySz��必���ッファサイズ�格��れ�LENGTH_ONLY_E�戻り値���返�れ��。
+
+    \sa wc_GetPubKeyDerFromCert
+*/
+int wc_GetPubKeyDerFromCert(struct DecodedCert* cert,
+                                        byte* derKey, word32* derKeySz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�ECC秘密�を入力�ッファ�ら読�込��解��後ecc_key構造体を作�������を格����。
+
+    \return 0 秘密��デコード��果�ecc_key構造体��格��功時�返�れ��。
+    \return ASN_PARSE_E 入力�ッファ�解��る���果�格�時�エラー�発生��場��返�れ��。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return BUFFER_E 入力�れ�証明書�最大証明書サイズより大����場��返�れ��。
+    \return ASN_OBJECT_ID_E 証明書�無効�オブジェクトIDを�ん��る場��返�れ��。
+    \return ECC_CURVE_OID_E 与�られ�秘密��ECC曲線�サ�ート�れ����場��返�れ��。
+    \return ECC_BAD_ARG_E ECC秘密��フォーマット�エラー��る場��返�れ��。
+    \return NOT_COMPILED_IN 秘密��圧縮�れ���圧縮���供�れ����場��返�れ��。
+    \return MP_MEM 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+    \return MP_VAL 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+    \return MP_RANGE 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+
+    \param input 入力��る秘密�データを�ん��る�ッファ���インタ
+    \param inOutIdx word32型変数�内容���入力�ッファ�処�開始�置を先頭�ら�インデクス値��������る。
+    \param key デコード�れ�秘密��格��れる�期化済��ecc_key構造体���インタ
+    \param inSz 秘密�を�ん��る入力�ッファ�サイズ
+
+    _Example_
+    \code
+    int ret, idx=0;
+    ecc_key key; // to store key in
+
+    byte* tmp; // tmp buffer to read key from
+    tmp = (byte*) malloc(FOURK_BUF);
+
+    int inSz;
+    inSz = fread(tmp, 1, FOURK_BUF, privateKeyFile);
+    // read key into tmp buffer
+
+    wc_ecc_init(&key); // initialize key
+    ret = wc_EccPrivateKeyDecode(tmp, &idx, &key, (word32)inSz);
+    if(ret < 0) {
+        // error decoding ecc key
+    }
+    \endcode
+
+    \sa wc_RSA_PrivateKeyDecode
+*/
+int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
+                                           ecc_key* key, word32 inSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�ECC秘密�をDER形���ッファ�出力���。
+
+    \return ECC秘密�をDER形���出力��功��場����ッファ�出力��サイズを返���。
+    \return BAD_FUNC_ARG 出力�ッファoutput�NULL�る��inLen�ゼロ�場��返���。
+    \return MEMORY_E メモリ�確��失敗��際�返�れ��。
+    \return BUFFER_E 出力�ッファ�必��より���
+    \return ASN_UNKNOWN_OID_E ECC秘密��未知�タイプ�場��返���。
+    \return MP_MEM 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+    \return MP_VAL 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+    \return MP_RANGE 秘密��解��使用�れる数学ライブラリ�エラーを検出��場��返�れ��。
+
+    \param key 入力��るECC秘密�データを�ん��る�ッファ���インタ
+    \param output DER形��ECC秘密�を出力�る先��ッファ���インタ
+    \param inLen DER形��ECC秘密�を出力�る先��ッファ�サイズ
+
+    _Example_
+    \code
+    int derSz;
+    ecc_key key;
+    // initialize and make key
+    byte der[FOURK_BUF];
+    // store der formatted key here
+
+    derSz = wc_EccKeyToDer(&key, der, FOURK_BUF);
+    if(derSz < 0) {
+        // error converting ecc key to der buffer
+    }
+    \endcode
+
+    \sa wc_RsaKeyToDer
+*/
+int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�入力�ッファ�ECC公開�をASNシーケンスをデコード���り出���。
+
+    \return 0 処��功時�返���。
+    \return BAD_FUNC_ARG Returns ��れ��引数�NULL�場��返���。
+    \return ASN_PARSE_E 解�中�エラー�発生��場��返���。
+    \return ASN_ECC_KEY_E ��イン�ート�エラー�発生��場��返���。
+    発生�由�����wc_ecc_import_x963()を�照���。
+
+    \param input DER形��公開�を�ん��ッファ���インタ
+    \param inOutIdx �ッファ�読�出��置インデクス値を�����る変数���インタ(入力時)。
+    出力時����変数�解�済���ッファ�インデクス値�格��れ��。
+    \param key ecc_key構造体���インタ
+    \param inSz 入力�ッファ�サイズ
+
+    _Example_
+    \code
+    int ret;
+    word32 idx = 0;
+    byte buff[] = { // initialize with key };
+    ecc_key pubKey;
+    wc_ecc_init(&pubKey);
+    if ( wc_EccPublicKeyDecode(buff, &idx, &pubKey, sizeof(buff)) != 0) {
+            // error decoding key
+    }
+    \endcode
+
+    \sa wc_ecc_import_x963
+*/
+int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
+                          ecc_key* key, word32 inSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�ECC公開�をDER形��変����。
+    処����ッファ�サイズを返���。変���得られるDER形��ECC公開��出力�ッファ�格��れ��。
+    AlgCurveフラグ�指定�より�アルゴリズム�曲線情報をヘッダー���る�������。
+
+    \return �功時��処����ッファ�サイズを返���。
+    \return BAD_FUNC_ARG 出力�ッファoutput�る��ecc_key構造体key�NULL�場��返���。
+    \return LENGTH_ONLY_E ECC公開��サイズ�得�失敗��場��返���。
+    \return BUFFER_E 出力�ッファ�必��より���場��返���。
+
+    \param key ecc_key構造体���インタ
+    \param output 出力�ッファ���インタ
+    \param inLen 出力�ッファ�サイズ
+    \param with_AlgCurve アルゴリズム�曲線情報をヘッダー���る際��１を指定
+
+    _Example_
+    \code
+    ecc_key key;
+    wc_ecc_init(&key);
+    WC_RNG rng;
+    wc_InitRng(&rng);
+    wc_ecc_make_key(&rng, 32, &key);
+    int derSz = // Some appropriate size for der;
+    byte der[derSz];
+
+    if(wc_EccPublicKeyToDer(&key, der, derSz, 1) < 0)
+    {
+        // Error converting ECC public key to der
+    }
+    \endcode
+
+    \sa wc_EccKeyToDer
+    \sa wc_EccPrivateKeyDecode
+*/
+int wc_EccPublicKeyToDer(ecc_key* key, byte* output,
+                                         word32 inLen, int with_AlgCurve);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�ECC公開�をDER形��変����。
+    処����ッファサイズを返���。変��れ�DER形��ECC公開��出力�ッファ�格��れ��。
+    AlgCurveフラグ�指定�より�アルゴリズム�曲線情報をヘッダー���る�������。
+    compパラメータ�公開�を圧縮��出力�る���を指定���。
+
+    \return >0 �功時��処����ッファ�サイズを返���。
+    \return BAD_FUNC_ARG 出力�ッファoutput�る��ecc_key構造体key�NULL�場��返���。
+    \return LENGTH_ONLY_E ECC公開��サイズ�得�失敗��場��返���。
+    \return BUFFER_E 出力�ッファ�必��より���場��返���。
+
+    \param key ecc_key構造体���インタ
+    \param output 出力�ッファ���インタ
+    \param inLen 出力�ッファ�サイズ
+    \param with_AlgCurve アルゴリズム�曲線情報をヘッダー���る際��１を指定
+    \param comp �ゼロ値�指定時��ECC公開��圧縮形��出力�れ��。ゼロ�指定�れ�場����圧縮�出力�れ��。
+
+    _Example_
+    \code
+    ecc_key key;
+    wc_ecc_init(&key);
+    WC_RNG rng;
+    wc_InitRng(&rng);
+    wc_ecc_make_key(&rng, 32, &key);
+    int derSz = // Some appropriate size for der;
+    byte der[derSz];
+
+    // Write out a compressed ECC key
+    if(wc_EccPublicKeyToDer_ex(&key, der, derSz, 1, 1) < 0)
+    {
+        // Error converting ECC public key to der
+    }
+    \endcode
+
+    \sa wc_EccKeyToDer
+    \sa wc_EccPublicKeyDecode
+*/
+int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output,
+                                     word32 inLen, int with_AlgCurve, int comp);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�デジタル署�をエンコード��出力�ッファ�出力��生��れ�署��サイズを返���。
+
+    \return �功時��署�を出力�ッファ�出力��出力��サイズを返���。
+
+    \param out エンコード��署�データを出力�る先��ッファ���インタ
+    \param digest 署�データ�エンコード�使用�るダイジェスト���インタ
+    \param digSz ダイジェストを�ん��る�ッファ�サイズ
+    \param hashOID �ッシュタイプを示�オブジェクトID。有効�値�: SHAh, SHA256h, SHA384h, SHA512h, MD2h, MD5h, DESb, DES3b, CTC_MD5wRSA,
+    CTC_SHAwRSA, CTC_SHA256wRSA, CTC_SHA384wRSA, CTC_SHA512wRSA, CTC_SHAwECDSA, CTC_SHA256wECDSA, CTC_SHA384wECDSA, � CTC_SHA512wECDSA。
+
+    \endcode
+    \code
+    int signSz;
+    byte encodedSig[MAX_ENCODED_SIG_SZ];
+    Sha256 sha256;
+    // initialize sha256 for hashing
+
+    byte* dig = = (byte*)malloc(WC_SHA256_DIGEST_SIZE);
+    // perform hashing and hash updating so dig stores SHA-256 hash
+    // (see wc_InitSha256, wc_Sha256Update and wc_Sha256Final)
+    signSz = wc_EncodeSignature(encodedSig, dig, WC_SHA256_DIGEST_SIZE, SHA256h);
+    \endcode
+
+    \sa none
+*/
+word32 wc_EncodeSignature(byte* out, const byte* digest,
+                                      word32 digSz, int hashOID);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数��ッシュタイプ�対応���ッシュOIDを返���。
+    例����ッシュタイプ�"WC_SHA512"�場����関数�"SHA512h"を対応�る�ッシュOID���返���。
+
+    \return �功時��指定�れ��ッシュタイプ�対応�る�ッシュOIDを返���。
+    \return 0 �識�����ッシュタイプ�引数���指定�れ�場��返���。
+
+    \param type �ッシュタイプ。指定�能�タイプ: WC_MD5, WC_SHA, WC_SHA256, WC_SHA384, WC_SHA512, WC_SHA3_224, WC_SHA3_256, WC_SHA3_384, WC_SHA3_512
+
+    _Example_
+    \code
+    int hashOID;
+
+    hashOID = wc_GetCTC_HashOID(WC_SHA512);
+    if (hashOID == 0) {
+	    // WOLFSSL_SHA512 not defined
+    }
+    \endcode
+
+    \sa none
+*/
+int wc_GetCTC_HashOID(int type);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�キャッシュ�れ���Cert構造体�使用�れ�メモリ�リソースをクリーンアップ���。
+     WOLFSSL_CERT_GEN_CACHE�定義�れ��る場���DecodedCert構造体�Cert構造体内部�キャッシュ�れ�後続�るset系関数�呼�出��都度DecodedCert構造体�パース�れる��を防���。
+
+    \return 0 �功時�返�れ��。
+    \return BAD_FUNC_ARG 引数���無効�値�渡�れ�場��返�れ��。
+
+    \param cert 未�期化�Cert構造体���インタ
+
+    _Example_
+    \code
+    Cert cert; // Initialized certificate structure
+
+    wc_SetCert_Free(&cert);
+    \endcode
+
+    \sa wc_SetAuthKeyIdFromCert
+    \sa wc_SetIssuerBuffer
+    \sa wc_SetSubjectBuffer
+    \sa wc_SetSubjectRaw
+    \sa wc_SetIssuerRaw
+    \sa wc_SetAltNamesBuffer
+    \sa wc_SetDatesBuffer
+*/
+void wc_SetCert_Free(Cert* cert);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�PKCS#8�暗�化�れ�����ッファ内部�従��秘密��開始�置を検出��返���。
+
+    \return �功時��従��秘密��長�を返���。
+    \return エラー時��負�整数値を返���。
+
+    \param input PKCS#8�暗�化�れ����秘密�を���る�ッファ���インタ
+    \param inOutIdx �ッファ�インデクス�置を���る変数���インタ。入力時����変数�内容��ッファ内部�PKCS#8�開始�置を示���。出力時���秘密��先頭�置を�����。
+    \param sz 入力�ッファ�サイズ
+
+    _Example_
+    \code
+    byte* pkcs8Buf; // Buffer containing PKCS#8 key.
+    word32 idx = 0;
+    word32 sz; // Size of pkcs8Buf.
+    ...
+    ret = wc_GetPkcs8TraditionalOffset(pkcs8Buf, &idx, sz);
+    // pkcs8Buf + idx is now the beginning of the traditional private key bytes.
+    \endcode
+
+    \sa wc_CreatePKCS8Key
+    \sa wc_EncryptPKCS8Key
+    \sa wc_DecryptPKCS8Key
+    \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_GetPkcs8TraditionalOffset(byte* input,
+                                             word32* inOutIdx, word32 sz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形��秘密�を入力���RKCS#8形��変����。
+    ���PKCS#12�シュロ―ディットキー�ッグ�作��も使用����。RFC5208を�照���。
+
+    \return �功時��出力�れ�PKCS#8 ��サイズを返���。
+    \return LENGTH_ONLY_E 出力先�ッファout�NULL���渡�れ�場�����エラーコード�返�れ�outSz�必��出力�ッファ�サイズ�格��れ��。
+    \return エラー時��負�整数値�返�れ��。
+
+    \param out �果�出力先�ッファ���インタ。NULL�場���必��出力先�ッファ�サイズ�outSz�格��れ��。
+    \param outSz 出力先�ッファ�サイズ
+    \param key 従��DER形��秘密�を�む�ッファ���インタ
+    \param keySz 秘密�を�む�ッファ�サイズ
+    \param algoID アルゴリズムID (RSAk等�)
+    \param curveOID ECC曲線OID。RSA�を使用�る場���NULL��る��。
+    \param oidSz ECC曲線OID�サイズ。curveOID�NULL�場���0��る��。
+
+    _Example_
+    \code
+    ecc_key eccKey;              // wolfSSL ECC key object.
+    byte* der;                   // DER-encoded ECC key.
+    word32 derSize;              // Size of der.
+    const byte* curveOid = NULL; // OID of curve used by eccKey.
+    word32 curveOidSz = 0;       // Size of curve OID.
+    byte* pkcs8;                 // Output buffer for PKCS#8 key.
+    word32 pkcs8Sz;              // Size of output buffer.
+
+    derSize = wc_EccKeyDerSize(&eccKey, 1);
+    ...
+    derSize = wc_EccKeyToDer(&eccKey, der, derSize);
+    ...
+    ret = wc_ecc_get_oid(eccKey.dp->oidSum, &curveOid, &curveOidSz);
+    ...
+    ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, der,
+        derSize, ECDSAk, curveOid, curveOidSz); // Get size needed in pkcs8Sz.
+    ...
+    ret = wc_CreatePKCS8Key(pkcs8, &pkcs8Sz, der,
+        derSize, ECDSAk, curveOid, curveOidSz);
+    \endcode
+
+    \sa wc_GetPkcs8TraditionalOffset
+    \sa wc_EncryptPKCS8Key
+    \sa wc_DecryptPKCS8Key
+    \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_CreatePKCS8Key(byte* out, word32* outSz,
+        byte* key, word32 keySz, int algoID, const byte* curveOID,
+        word32 oidSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�暗�化�れ����PKCS#8�DER形���(例��wc_CreatePKCS8Key�生��れ��)を���り�PKCS#8 暗�化形��変����。
+     �果���得られ�暗�化��wc_DecryptPKCS8Keyを使��復�����。RFC5208を�照������。
+
+    \return �功時��出力先�ッファ�出力�れ�暗�化��サイズを返���。
+    \return LENGTH_ONLY_E 出力先�ッファout�NULL���渡�れ�場�����エラーコード�返�れ�outSz�必��出力�ッファ�サイズ�格��れ��。
+    \return エラー時��負�整数値�返�れ��。
+
+    \param key 従��DER形���を�ん��ッファ���インタ
+    \param keySz �を�ん��ッファ�サイズ
+    \param out 出力�果を格��る先��ッファ���インタ。NULL�場���必��出力先�ッファ�サイズ�outSz�格��れ��。
+    \param outSz 出力先�ッファ�サイズ
+    \param password パスワードベース暗�化アルゴリズム�使用�れるパスワード
+    \param passwordSz パスワード�サイズ(NULL終端文字�����)
+    \param vPKCS 使用�るPKCS��ージョン番�。1 �PKCS12 �PKCS5。
+    \param pbeOid パスワードベース暗�化スキーム�OID(PBES2 �る��RFC2898 A.3��るOID�一�)
+    \param encAlgId 暗�化アルゴリズムID(例��AES256CBCb)。
+    \param salt ソルト。NULL�場��ランダム��定��ソルト�使用�れ��。
+    \param saltSz ソルトサイズ。salt�NULLを渡��場���0を指定����。
+    \param itt �導出����繰り返�回数
+    \param rng �期化済��WC_RNG構造体���インタ
+    \param heap 動的メモリ確�����ヒープ。NULL指定も�。
+
+    _Example_
+    \code
+    byte* pkcs8;          // Unencrypted PKCS#8 key.
+    word32 pkcs8Sz;       // Size of pkcs8.
+    byte* pkcs8Enc;       // Encrypted PKCS#8 key.
+    word32 pkcs8EncSz;    // Size of pkcs8Enc.
+    const char* password; // Password to use for encryption.
+    int passwordSz;       // Length of password (not including NULL terminator).
+    WC_RNG rng;
+
+    // The following produces an encrypted version of pkcs8 in pkcs8Enc. The
+    // encryption uses password-based encryption scheme 2 (PBE2) from PKCS#5 and
+    // the AES cipher in CBC mode with a 256-bit key. See RFC 8018 for more on
+    // PKCS#5.
+    ret = wc_EncryptPKCS8Key(pkcs8, pkcs8Sz, pkcs8Enc, &pkcs8EncSz, password,
+            passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0,
+            WC_PKCS12_ITT_DEFAULT, &rng, NULL);
+    \endcode
+
+    \sa wc_GetPkcs8TraditionalOffset
+    \sa wc_CreatePKCS8Key
+    \sa wc_DecryptPKCS8Key
+    \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out,
+        word32* outSz, const char* password, int passwordSz, int vPKCS,
+        int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
+        WC_RNG* rng, void* heap);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�暗�化�れ�PKCS#8�DER形���を���り�復���PKCS#8 DER形��変����。
+     wc_EncryptPKCS8Key�よ��行�れ�暗�化を元�戻���。RFC5208を�照������。
+     入力データ�復�データ�よ��上書��れ��。
+
+    \return �功時��復�データ�長�を返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param input 入力時��暗�化�れ�PKCS#8�データを����。出力時��復��れ�PKCS#8�データを����。
+    \param sz 入力�ッファ�サイズ
+    \param password �を暗�化�る際�パスワード
+    \param passwordSz パスワード�サイズ(NULL終端文字�����)
+
+    _Example_
+    \code
+    byte* pkcs8Enc;       // Encrypted PKCS#8 key made with wc_EncryptPKCS8Key.
+    word32 pkcs8EncSz;    // Size of pkcs8Enc.
+    const char* password; // Password to use for decryption.
+    int passwordSz;       // Length of password (not including NULL terminator).
+
+    ret = wc_DecryptPKCS8Key(pkcs8Enc, pkcs8EncSz, password, passwordSz);
+    \endcode
+
+    \sa wc_GetPkcs8TraditionalOffset
+    \sa wc_CreatePKCS8Key
+    \sa wc_EncryptPKCS8Key
+    \sa wc_CreateEncryptedPKCS8Key
+*/
+int wc_DecryptPKCS8Key(byte* input, word32 sz, const char* password,
+        int passwordSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�従��DER形���をPKCS#8フォーマット�変���暗�化を行���。
+     ��処���wc_CreatePKCS8Key�wc_EncryptPKCS8Keyを使用���。
+
+    \return �功時��出力��暗�化��サイズを返���。
+    \return LENGTH_ONLY_E も�出力用�ッファout�NULL�渡�れ�場��返�れ��。��際��outSz変数�必��出力用�ッファサイズを格����。
+    \return エラー発生時��負�整数値を返���。
+
+    \param key 従��DER形���を�ん��ッファ���インタ
+    \param keySz �を�ん��ッファ�サイズ
+    \param out �果を出力�る先��ッファ���インタ。NULL�指定�れ�場����必���ッファサイズ�outSz�格��れ��。
+    \param outSz �果を出力�る先��ッファ�サイズ
+    \param password パスワードベース暗�アルゴリズム�使用�れるパスワード
+    \param passwordSz パスワード�サイズ(NULL終端文字�����)
+    \param vPKCS 使用�るPKCS��ージョン番�。1 �PKCS12 �PKCS5。
+    \param pbeOid パスワードベース暗�化スキーム�OID(PBES2 �る��RFC2898 A.3��るOID�一�)
+    \param encAlgId 暗�化アルゴリズムID(例��AES256CBCb)。
+    \param salt ソルト。NULL�場��ランダム��定��ソルト�使用�れ��。
+    \param saltSz ソルトサイズ。salt�NULLを渡��場���0を指定����。
+    \param itt �導出����繰り返�回数
+    \param rng �期化済��WC_RNG構造体���インタ
+    \param heap 動的メモリ確�����ヒープ。NULL指定も�。
+
+    _Example_
+    \code
+    byte* key;            // Traditional private key (DER formatted).
+    word32 keySz;         // Size of key.
+    byte* pkcs8Enc;       // Encrypted PKCS#8 key.
+    word32 pkcs8EncSz;    // Size of pkcs8Enc.
+    const char* password; // Password to use for encryption.
+    int passwordSz;       // Length of password (not including NULL terminator).
+    WC_RNG rng;
+
+    // The following produces an encrypted, PKCS#8 version of key in pkcs8Enc.
+    // The encryption uses password-based encryption scheme 2 (PBE2) from PKCS#5
+    // and the AES cipher in CBC mode with a 256-bit key. See RFC 8018 for more
+    // on PKCS#5.
+    ret = wc_CreateEncryptedPKCS8Key(key, keySz, pkcs8Enc, &pkcs8EncSz,
+            password, passwordSz, PKCS5, PBES2, AES256CBCb, NULL, 0,
+            WC_PKCS12_ITT_DEFAULT, &rng, NULL);
+    \endcode
+
+    \sa wc_GetPkcs8TraditionalOffset
+    \sa wc_CreatePKCS8Key
+    \sa wc_EncryptPKCS8Key
+    \sa wc_DecryptPKCS8Key
+*/
+int wc_CreateEncryptedPKCS8Key(byte* key, word32 keySz, byte* out,
+        word32* outSz, const char* password, int passwordSz, int vPKCS,
+        int pbeOid, int encAlgId, byte* salt, word32 saltSz, int itt,
+        WC_RNG* rng, void* heap);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�cert引数�与�られ�DecodedCert構造体を�期化���。
+     DER形��証明書を�ん��るsource引数�指��インタ�ら証明書サイズinSz�長�を内部��存���。
+     ��関数�後�呼�出�れるwc_ParseCert�よ��証明書�解��れ��。
+
+    \param cert DecodedCert構造体���インタ
+    \param source DER形��証明書データ���インタ
+    \param inSz 証明書データ�サイズ（�イト数）
+    \param heap 動的メモリ確�����ヒープ。NULL指定も�。
+
+    _Example_
+    \code
+    DecodedCert decodedCert; // Decoded certificate object.
+    byte* certBuf;           // DER-encoded certificate buffer.
+    word32 certBufSz;        // Size of certBuf in bytes.
+
+    wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+    \endcode
+
+    \sa wc_ParseCert
+    \sa wc_FreeDecodedCert
+*/
+void wc_InitDecodedCert(struct DecodedCert* cert,
+    const byte* source, word32 inSz, void* heap);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DecodedCert構造体��存�れ��るDER形��証明書を解�����構造体��種フィールドを設定���。
+    DecodedCert構造体�wc_InitDecodedCertを呼�出���期化����必���り��。
+    ��関数�オプション�CertificateManager構造体���インタを���り�CA�証明書マ�ジャー�検索���場����
+    ��CA�関�る情報もDecodedCert構造体�追加設定���。
+
+    \return 0 �功時�返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param cert �期化済��DecodedCert構造体���インタ。
+    \param type 証明書タイプ。タイプ�設定値�����asn_public.h�CertType enum定義を�照������。
+    \param verify 呼�出���証明書�検証を求���る��を指示�フラグ��。
+    \param cm CertificateManager構造体���インタ。オプション�指定�。NULL�も�。
+
+    _Example_
+    \code
+    int ret;
+    DecodedCert decodedCert; // Decoded certificate object.
+    byte* certBuf;           // DER-encoded certificate buffer.
+    word32 certBufSz;        // Size of certBuf in bytes.
+
+    wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+    ret = wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL);
+    if (ret != 0) {
+        fprintf(stderr, "wc_ParseCert failed.\n");
+    }
+    \endcode
+
+    \sa wc_InitDecodedCert
+    \sa wc_FreeDecodedCert
+*/
+int wc_ParseCert(DecodedCert* cert, int type, int verify, void* cm);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�wc_InitDecodedCert��期化済��DecodedCert構造体を解放���。
+
+    \param cert �期化済��DecodedCert構造体���インタ。
+
+    _Example_
+    \code
+    int ret;
+    DecodedCert decodedCert; // Decoded certificate object.
+    byte* certBuf;           // DER-encoded certificate buffer.
+    word32 certBufSz;        // Size of certBuf in bytes.
+
+    wc_InitDecodedCert(&decodedCert, certBuf, certBufSz, NULL);
+    ret = wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL);
+    if (ret != 0) {
+        fprintf(stderr, "wc_ParseCert failed.\n");
+    }
+    wc_FreeDecodedCert(&decodedCert);
+    \endcode
+
+    \sa wc_InitDecodedCert
+    \sa wc_ParseCert
+*/
+void wc_FreeDecodedCert(struct DecodedCert* cert);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�タイムコール�ック関数を登録���。wolfSSL��在時刻を必����タイミング���コール�ックを呼�出���。
+    ��タイムコール�ック関数�プロトタイプ（シグ��ャ）�C標準ライブラリ�"time"関数��一��。
+
+
+    \return 0 �功時�返���。
+
+    \param f タイムコール�ック関数�インタ
+
+    _Example_
+    \code
+    int ret = 0;
+    // Time callback prototype
+    time_t my_time_cb(time_t* t);
+    // Register it
+    ret = wc_SetTimeCb(my_time_cb);
+    if (ret != 0) {
+        // failed to set time callback
+    }
+    time_t my_time_cb(time_t* t)
+    {
+        // custom time function
+    }
+    \endcode
+
+    \sa wc_Time
+*/
+int wc_SetTimeCb(wc_time_cb f);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数��在時刻を�得���。デフォルト�XTIMEマクロ関数を使���。��マクロ関数�プラットフォーム�存��。
+    ユーザー���マクロ�代�り�wc_SetTimeCb�タイムコール�ック関数を使�よ��設定�る�������
+
+    \return �功時���在時刻を返���。
+
+    \param t �在時刻を返��るオプション�time_t型変数。
+
+    _Example_
+    \code
+    time_t currentTime = 0;
+    currentTime = wc_Time(NULL);
+    wc_Time(&currentTime);
+    \endcode
+
+    \sa wc_SetTimeCb
+*/
+time_t wc_Time(time_t* t);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�X.509証明書�カスタム拡張を追加���。
+    注: ��関数�渡��インタ引数����る内容�証明書�生��れる��変更�れ������ん。
+    ��関数���インタ�指�先�内容�別��ッファ��複製���ん。
+
+    \return 0 �功時�返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param cert �期化済��DecodedCert構造体���インタ。
+    \param critical 0�指定�れ�場���追加�る拡張�クリティカル��マーク�れ��ん。
+     0以外�指定�れ�場���クリティカル�マーク�れ��。
+    \param oid ドット区切り�oid文字列。例���"1.2.840.10045.3.1.7"
+    \param der 拡張情報�DERエンコード�れ�内容を�む�ッファ���インタ。
+    \param derSz DERエンコード�れ�内容を�む�ッファ�サイズ
+
+
+    _Example_
+    \code
+    int ret = 0;
+    Cert newCert;
+    wc_InitCert(&newCert);
+
+    // Code to setup subject, public key, issuer, and other things goes here.
+
+    ret = wc_SetCustomExtension(&newCert, 1, "1.2.3.4.5",
+              (const byte *)"This is a critical extension", 28);
+    if (ret < 0) {
+        // Failed to set the extension.
+    }
+
+    ret = wc_SetCustomExtension(&newCert, 0, "1.2.3.4.6",
+              (const byte *)"This is NOT a critical extension", 32)
+    if (ret < 0) {
+        // Failed to set the extension.
+    }
+
+    // Code to sign the certificate and then write it out goes here.
+
+    \endcode
+
+    \sa wc_InitCert
+    \sa wc_SetUnknownExtCallback
+*/
+int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
+                                      const byte *der, word32 derSz);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�wolfSSL�証明書�解�中�未知�X.509拡張�����際�呼�出�コール�ック関数を登録���。
+    コール�ック関数�プロトタイプ�使用例を�照������。
+
+    \return 0 �功時�返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param cert コール�ック関数を登録�る対象�DecodedCert構造体���インタ。
+    \param cb 登録�れるコール�ック関数�インタ
+
+    _Example_
+    \code
+    int ret = 0;
+    // Unknown extension callback prototype
+    int myUnknownExtCallback(const word16* oid, word32 oidSz, int crit,
+                             const unsigned char* der, word32 derSz);
+
+    // Register it
+    ret = wc_SetUnknownExtCallback(cert, myUnknownExtCallback);
+    if (ret != 0) {
+        // failed to set the callback
+    }
+
+    // oid: OIDを構��るドット区切り�数を格����列
+    // oidSz: oid内�値�数
+    // crit: 拡張�クリティカル�マーク�れ��る�
+    // der: DERエンコード�れ��る拡張�内容
+    // derSz: 拡張�内容�サイズ
+    int myCustomExtCallback(const word16* oid, word32 oidSz, int crit,
+                            const unsigned char* der, word32 derSz) {
+
+        // 拡張を解��るロジック����記述���
+
+        // NOTE: コール�ック関数�ら0を返��wolfSSL�対����拡張を��入れ�能�
+        // 表明�る����り��。��拡張を処���る�判断����場���エラーを
+        // 返������。クリティカル�マーク�れ��る未知�拡張�����際�標準的
+        // �振る舞��ASN_CRIT_EXT_Eを返�����。
+        // 簡潔��る�����例������拡張情報を��入れ���������実際��実情�沿�よ��ロジックを追加������。
+
+        return 0;
+    }
+    \endcode
+
+    \sa ParseCert
+    \sa wc_SetCustomExtension
+*/
+int wc_SetUnknownExtCallback(DecodedCert* cert,
+                                             wc_UnknownExtCallback cb);
+/*!
+    \ingroup ASN
+
+    \brief ��関数�DER形��X.509 証明書�署�を与�られ�公開�を使��検証���。
+    公開��DER形��全公開�情報を�ん�も��求�られ��。
+
+    \return 0 �功時�返���。
+    \return エラー発生時��負�整数値を返���。
+
+    \param cert DER形��X.509証明書を�ん��ッファ���インタ
+    \param certSz 証明書を�ん��ッファ�サイズ
+    \param heap 動的メモリ確�����ヒープ。NULL指定も�。
+    \param pubKey DER形��公開�を�ん��ッファ���インタ
+    \param pubKeySz 公開�を�ん��ッファ�サイズ
+    \param pubKeyOID 公開��アルゴリズムを特定�るOID(����: ECDSAk, DSAk や RSAk)
+*/
+int wc_CheckCertSigPubKey(const byte* cert, word32 certSz,
+                                      void* heap, const byte* pubKey,
+                                      word32 pubKeySz, int pubKeyOID);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�Asn1PrintOptions構造体を�期化���。
+
+    \return  0 �功時�返���。
+    \return  BAD_FUNC_ARG asn1�NULL�場��返�れ��。
+
+    \param opts  プリント����Asn1PrintOptions構造体���インタ
+
+    _Example_
+    \code
+    Asn1PrintOptions opt;
+
+    // Initialize ASN.1 print options before use.
+    wc_Asn1PrintOptions_Init(&opt);
+    \endcode
+
+    \sa wc_Asn1PrintOptions_Set
+    \sa wc_Asn1_PrintAll
+*/
+int wc_Asn1PrintOptions_Init(Asn1PrintOptions* opts);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�Asn1PrintOptions構造体�プリント情報を設定���。
+
+    \return  0 �功時�返���。
+    \return  BAD_FUNC_ARG asn1�NULL�場��返�れ��。
+    \return  BAD_FUNC_ARG val�範囲外�場��返�れ��。
+ 
+    \param opts  Asn1PrintOptions構造体���インタ
+    \param opt   設定�る情報���インタ
+    \param val   設定値
+
+    _Example_
+    \code
+    Asn1PrintOptions opt;
+
+    // Initialize ASN.1 print options before use.
+    wc_Asn1PrintOptions_Init(&opt);
+    // Set the number of indents when printing tag name to be 1.
+    wc_Asn1PrintOptions_Set(&opt, ASN1_PRINT_OPT_INDENT, 1);
+    \endcode
+
+    \sa wc_Asn1PrintOptions_Init
+    \sa wc_Asn1_PrintAll
+*/
+int wc_Asn1PrintOptions_Set(Asn1PrintOptions* opts, enum Asn1PrintOpt opt,
+    word32 val);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�Asn1構造体を�期化���。
+
+    \return  0 �功時�返���。
+    \return  BAD_FUNC_ARG asn1�NULL�場��返�れ��。
+
+    \param asn1  Asn1構造体���インタ
+
+    _Example_
+    \code
+    Asn1 asn1;
+
+    // Initialize ASN.1 parse object before use.
+    wc_Asn1_Init(&asn1);
+    \endcode
+
+    \sa wc_Asn1_SetFile
+    \sa wc_Asn1_PrintAll
+ */
+int wc_Asn1_Init(Asn1* asn1);
+
+/*!
+    \ingroup ASN
+
+    \brief ��関数�出力先���使用�るファイルをAsn1構造体�セット���。
+
+    \return  0 �功時�返���。
+    \return  BAD_FUNC_ARG asn1�NULL�場��返�れ��。
+    \return  BAD_FUNC_ARG file�XBADFILE�場��返�れ��。.
+
+    \param asn1  Asn1構造体���インタ
+    \param file  プリント先�ファイル
+
+    _Example_
+    \code
+    Asn1 asn1;
+
+    // Initialize ASN.1 parse object before use.
+    wc_Asn1_Init(&asn1);
+    // Set standard out to be the file descriptor to write to.
+    wc_Asn1_SetFile(&asn1, stdout);
+    \endcode
+
+    \sa wc_Asn1_Init
+    \sa wc_Asn1_PrintAll
+ */
+int wc_Asn1_SetFile(Asn1* asn1, XFILE file);
+
+/*!
+    \ingroup ASN
+
+    \brief ASN.1アイテムをプリント���。
+
+    \return  0 �功時�返���。
+    \return  BAD_FUNC_ARG asn1�opts�NULL�場��返�れ��。
+    \return  ASN_LEN_E ASN.1アイテム�長��る場��返�れ��。
+    \return  ASN_DEPTH_E 終了オフセット�無効�場��返�れ��。
+    \return  ASN_PARSE_E 全�ASN.1アイテム�解��完了������場��返�れ��。
+
+    \param asn1  Asn1構造体���インタ
+    \param opts  Asn1PrintOptions構造体���インタ
+    \param data  BER/DER形��プリント対象データ���インタ
+    \param len   プリント対象データ�サイズ（�イト数）
+
+    \code
+    Asn1PrintOptions opts;
+    Asn1 asn1;
+    unsigned char data[] = { Initialize with DER/BER data };
+    word32 len = sizeof(data);
+
+    // Initialize ASN.1 print options before use.
+    wc_Asn1PrintOptions_Init(&opt);
+    // Set the number of indents when printing tag name to be 1.
+    wc_Asn1PrintOptions_Set(&opt, ASN1_PRINT_OPT_INDENT, 1);
+
+    // Initialize ASN.1 parse object before use.
+    wc_Asn1_Init(&asn1);
+    // Set standard out to be the file descriptor to write to.
+    wc_Asn1_SetFile(&asn1, stdout);
+    // Print all ASN.1 items in buffer with the specified print options.
+    wc_Asn1_PrintAll(&asn1, &opts, data, len);
+    \endcode
+
+    \sa wc_Asn1_Init
+    \sa wc_Asn1_SetFile
+ */
+int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts, unsigned char* data,
+    word32 len);
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
index c44b5deb..2b4f9483 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/chacha20_poly1305.h
@@ -1,9 +1,10 @@
 /*!
-    \ingroup ChaCha20Poly1305 
-    \brief  ��関数��Chacha20 Stream暗�を使用���Chacha20 Stream暗�を使用���Output BufferText�入力メッセージ�InPleaintextを暗�化���。���Poly-1305�証（暗�テキスト）を実行��生����証タグを出力�ッファOutauthTag�格����。
-    \return 0  メッセージ�暗�化��功��ら返�れ���
+    \ingroup ChaCha20Poly1305
+    \brief  ��関数��Chacha20 Stream暗�を使用���Output BufferText�入力メッセージ�InPleaintextを暗�化���。
+    ���Poly-1305�証（暗�テキスト）を実行��生����証タグを出力�ッファOutauthTag�格����。
+    \return 0  メッセージ�暗�化��功��ら返�れ��
     \return BAD_FUNC_ARG  暗�化プロセス中�エラー��る場�
-    \param inKey  暗�化�使用�る32�イト�キーを�む�ッファ���インタ
+    \param inKey  暗�化�使用�る32�イト��を�む�ッファ���インタ
     \param inIv  暗�化�使用�る12�イト�IVを�む�ッファ���インタ
     \param inAAD  任��長��追加�証データ（AAD）を�む�ッファ���インタ
     \param inAADLen  入力AAD�長�
@@ -41,17 +42,19 @@ int wc_ChaCha20Poly1305_Encrypt(
                 byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE]);
 
 /*!
-    \ingroup ChaCha20Poly1305 
-    \brief  ��関数��Chacha20 Stream暗�を使用���Chacha20 Stream暗�を使用���出力�ッファ�OutpleAntext�入力�れ�暗�文�入力を復�化���。���Poly-1305�証を実行��指定�れ�INAUTHTAGをINAAD�生��れ��証（任��長��追加�証データ）�比較���。注：生��れ��証タグ��供�れ��証タグ�一致���場��テキスト�復�化�れ��ん。
-    \return 0  メッセージ�復�化��功�����返�れ���
+    \ingroup ChaCha20Poly1305
+    \brief  ��関数��Chacha20 Stream暗�を使用���出力�ッファOutpleAntext�復���データを出力���。
+    ���Poly-1305�証を実行��指定�れ�inAuthTagをinAAD�生��れ��証（任��長��追加�証データ）�比較���。
+    注：生��れ��証タグ��供�れ��証タグ�一致���場��テキスト�復��れ��ん。
+    \return 0  メッセージ�復���功�����返�れ���
     \return BAD_FUNC_ARG  関数引数���れ��予想�れるも��一致���場��返�れ��
-    \return MAC_CMP_FAILED_E  生��れ��証タグ��供�れ��るINAUTHTAG�一致���場��返�れ��。
-    \param inKey  復�化�使用�る32�イト�キーを�む�ッファ���インタ
-    \param inIv  復�化�使用�る12�イト�IVを�む�ッファ���インタ
+    \return MAC_CMP_FAILED_E  生��れ��証タグ��供�れ��るinAuthTag�一致���場��返�れ��。
+    \param inKey  復��使用�る32�イト��を�む�ッファ���インタ
+    \param inIv  復��使用�る12�イト�IVを�む�ッファ���インタ
     \param inAAD  任��長��追加�証データ（AAD）を�む�ッファ���インタ
     \param inAADLen  入力AAD�長�
-    \param inCiphertext  復�化�る暗�文を�む�ッファ���インタ
-    \param outCiphertextLen  復�化�る暗�文�長�
+    \param inCiphertext  復��る暗�文を�む�ッファ���インタ
+    \param outCiphertextLen  復��る暗�文�長�
     \param inAuthTag  �証����16�イト�ダイジェストを�む�ッファ���インタ
     _Example_
     \code
@@ -65,7 +68,7 @@ int wc_ChaCha20Poly1305_Encrypt(
     byte plain[sizeof(cipher)];
 
     int ret = wc_ChaCha20Poly1305_Decrypt(key, iv, inAAD, sizeof(inAAD),
-    cipher, sizeof(cipher), plain, authTag);
+    cipher, sizeof(cipher), authTag, plain);
 
     if(ret == MAC_CMP_FAILED_E) {
     	// error during authentication
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
index cd880939..95612f6c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/cmac.h
@@ -1,21 +1,21 @@
 /*!
      \ingroup CMAC
-     \brief Cmac 構造体をデフォルト��期化�る
-     \return �功��ら 0 を返�
-     \param cmac Cmac 構造体���インタ
-     \param キー キー �インタ
-     \param keySz キー �インタ�サイズ (16�24���� 32)
-     \param type 常� WC_CMAC_AES = 1
-     \param 未使用 使用�れ����ん。互�性�関�る将��潜在的�使用����存在���
+     \brief Cmac構造体をデフォルト値��期化���
+     \return �功��ら0を返���
+     \param cmac Cmac構造体���インタ
+     \param key �データ���インタ
+     \param keySz �データ�サイズ(16�24���� 32)
+     \param type 常�WC_CMAC_AES（=1）
+     \param unused 使用�れ����ん。互�性�関�る将��潜在的�使用����存在���
 
      _例_
      \code
      Cmac cmac[1];
-     ret = wc_InitCmac(cmac�キー�keySz�WC_CMAC_AES�NULL);
-     も� (ret == 0) {
+     ret = wc_InitCmac(cmac�key�keySz�WC_CMAC_AES�NULL);
+     if (ret == 0) {
          ret = wc_CmacUpdate(cmac�in�inSz);
      }
-     も� (ret == 0) {
+     if (ret == 0) {
          ret = wc_CmacFinal(cmac, out, outSz);
      }
      \endcode
@@ -25,29 +25,29 @@
      \sa wc_CmacFinal
 */
 int wc_InitCmac(Cmac* cmac,
-                 const byte* キー�word32 keySz�
-                 int型�void*未使用);
+                 const byte* key�word32 keySz�
+                 int type�void* unused);
 
 /*!
      \ingroup CMAC
-     \brief Cmac 構造体をデフォルト��期化�る
-     \return �功��ら 0 を返�
-     \param cmac Cmac 構造体���インタ
-     \param キー キー �インタ
-     \param keySz キー �インタ�サイズ (16�24���� 32)
-     \param type 常� WC_CMAC_AES = 1
-     \param 未使用 使用�れ����ん。互�性�関�る将��潜在的�使用����存在���
-     \param heap 動的割り当��使用�れるヒープ ヒント���インター。 通常�スタティック メモリ オプション�使用�れ��。 NULL ��る�������。
-     \param devId ��期�ードウェア�使用�る ID。 ��期�ードウェアを使用�����場���INVALID_DEVID �設定���。
+     \brief Cmac構造体をデフォルト値��期化���
+     \return �功��ら0を返���
+     \param cmac Cmac構造体���インタ
+     \param key �データ���インタ
+     \param keySz �データ�サイズ(16�24���� 32)
+     \param type 常�WC_CMAC_AES（=1）
+     \param unused 使用�れ����ん。互�性�関�る将��潜在的�使用����存在���
+     \param heap 動的割り当��使用�れるヒープヒント���インタ。 通常�スタティックメモリオプション�使用�れ��。 NULL��る�������。
+     \param devId ��期�ードウェア�使用�るID。��期�ードウェアを使用�����場���INVALID_DEVID�設定���。
 
      _例_
      \code
      Cmac cmac[1];
-     ret = wc_InitCmac_ex(cmac�キー�keySz�WC_CMAC_AES�NULL�NULL�INVALID_DEVID);
-     も� (ret == 0) {
-         ret = wc_CmacUpdate(cmac�in�inSz);
+     ret = wc_InitCmac_ex(cmac, key, keySz, WC_CMAC_AES, NULL, NULL, INVALID_DEVID);
+     if (ret == 0) {
+         ret = wc_CmacUpdate(cmac, in, inSz);
      }
-     も� (ret == 0) {
+     if (ret == 0) {
          ret = wc_CmacFinal(cmac, out, &outSz);
      }
      \endcode
@@ -57,15 +57,15 @@ int wc_InitCmac(Cmac* cmac,
      \sa wc_CmacFinal
 */
 int wc_InitCmac_ex(Cmac* cmac,
-                 const byte* キー�word32 keySz�
-                 int 型�void* 未使用�void* ヒープ�int devId);
+                 const byte* key, word32 keySz,
+                 int type, void* unused�void* heap, int devId);
 
 /*!
      \ingroup CMAC
      \brief 暗�ベース�メッセージ�証コード入力データを追加
-     \return �功��ら 0 を返�
-     \param cmac Cmac 構造体���インタ
-     \param in 処��る入力データ� 
+     \return �功��ら0を返���
+     \param cmac Cmac構造体���インタ
+     \param in 処��る入力データ���インタ
      \param inSz 入力データ�サイズ
 
      _例_
@@ -81,11 +81,11 @@ int wc_CmacUpdate(Cmac* cmac,
 
 /*!
      \ingroup CMAC
-     \brief 暗�ベース�メッセージ�証コードを使用��最終�果を生��る
-     \return �功��ら 0 を返�
-     \param cmac Cmac 構造体���インタ
-     \param out �果を返��インタ
-     \param outSz 出力��インタサイズ (in/out)
+     \brief 暗�ベース�メッセージ�証コードを使用��最終�果を生����
+     \return �功��ら0を返���
+     \param cmac Cmac構造体���インタ
+     \param out �果�出力先�ッファ���インタ
+     \param outSz �果�出力先�ッファサイズ (in/out)
 
      _例_
      \code
@@ -100,14 +100,14 @@ int wc_CmacFinal(Cmac* cmac,
 
 /*!
      \ingroup CMAC
-     \brief CMAC を生��る���シングル ショット関数
-     \return �功��ら 0 を返�
-     \param out �果を返��インタ
+     \brief CMACを生��る���シングルショット関数
+     \return �功��ら0を返���
+     \param out �果�出力先�ッファ���インタ
      \param outSz 出力��インタサイズ (in/out)
-     \param in 処��る入力データ��インタ 
+     \param in 処��る入力データ��インタ
      \param inSz 入力データ�サイズ
-     \param キー キー �インタ
-     \param keySz キー �インタ�サイズ (16�24���� 32)
+     \param key �データ���インタ
+     \param keySz �データ�サイズ (16�24���� 32)
 
      _例_
      \code
@@ -122,14 +122,14 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
 
 /*!
      \ingroup CMAC
-     \brief CMAC を検証�る���シングル ショット機能
-     \return �功��ら 0 を返�
-     \param �果を返��ェック �インタ
-     \param checkSz �ェックアウト �ッファ�サイズ
+     \brief CMACを検証�る���シングルショット関数
+     \return �功��ら0を返���
+     \param check 検証対象��るCMAC処��果データ���インタ
+     \param checkSz CMAC処��果データ�サイズ
      \param in 処��る入力データ��インタ
      \param inSz 入力データ�サイズ
-     \param キー キー �インタ
-     \param keySz キー �インタ�サイズ (16�24���� 32)
+     \param key �データ���インタ
+     \param keySz �データ�サイズ (16�24���� 32)
 
      _例_
      \code
@@ -145,9 +145,10 @@ int wc_AesCmacVerify(const byte* check, word32 checkSz,
 
 /*!
      \ingroup CMAC
-     \brief �ードウェア�シングル ショットを必����更新をメモリ�キャッシュ�る必���る場�����WOLFSSL_HASH_KEEP �使用�れ��
-     \return �功��ら 0 を返�
-     処��る入力データ� \param
+     \brief WOLFSSL_HASH_KEEPマクロ定義時��使用�能。�ードウェア�シングルショットを必����更新をメモリ�キャッシュ�る必���る場��使用���。
+     \return �功��ら0を返���
+     \param cmac Cmac構造体���インタ
+     \param in 処��る入力データ���インタ
      \param inSz 入力データ�サイズ
 
      _例_
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
index 64b99925..5ddc615a 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve25519.h
@@ -60,7 +60,7 @@ int wc_curve25519_shared_secret(curve25519_key* private_key,
 
 /*!
     \ingroup Curve25519 
-    \brief  ��関数��秘密�秘密���信��公開�を考�る��共有秘密�を計算���。生��れ�秘密�を�ッファアウト��存��ounlent�秘密��変数を割り当���。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数��秘密�秘密���信��公開�を考�る��共有秘密�を計算���。生��れ�秘密�を�ッファアウト��存��ounlent�秘密��変数を割り当���。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  共有秘密�を正常�計算�����返�れ���。
     \return BAD_FUNC_ARG  渡�れ�入力パラメータ���れ��NULL�場��返�れ��。
     \return ECC_BAD_ARG_E  公開��最��ビット�設定�れ��る場���実装�指紋を��る���返�れ��。
@@ -222,7 +222,7 @@ int wc_curve25519_import_private_raw(const byte* priv, word32 privSz,
 
 /*!
     \ingroup Curve25519 
-    \brief  ��関数��パブリック秘密�ペアをCurve25519_Key構造体�イン�ート���。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数��パブリック秘密�ペアをCurve25519_Key構造体�イン�ート���。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  Curve25519_Key構造体��イン�ート�返�れ��
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�場��返���。
     \return ECC_BAD_ARG_E  戻�れ�IF���入力キー�キーサイズ�パブリックキーサイズ���秘密�サイズ�一致���場�
@@ -292,7 +292,7 @@ int wc_curve25519_export_private_raw(curve25519_key* key, byte* out,
 
 /*!
     \ingroup Curve25519 
-    \brief  ��関数�Curve25519_Key構造体�ら秘密�をエクス�ート���れを指定�れ�アウト�ッファ�格����。���エクス�ート�れ�キー�サイズ��るよ��概�を設定���。�れ�大���リトルエンディアン�を指定����。
+    \brief  ��関数�Curve25519_Key構造体�ら秘密�をエクス�ート���れを指定�れ�アウト�ッファ�格����。���エクス�ート�れ�キー�サイズ��るよ��概�を設定���。�れ�ビッグ・リトルエンディアン�を指定����。
     \return 0  Curve25519_Key構造体�ら秘密�を正常�エクス�ート����。
     \return BAD_FUNC_ARG  入力パラメータ�NULL�場��返�れ��。
     \return ECC_BAD_ARG_E  WC_CURVE25519_SIZE（）�キー�等����場��返�れ��。
@@ -394,7 +394,7 @@ int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
 
 /*!
     \ingroup Curve25519 
-    \brief  ��関数��公開��ッファ�エンディアン注文を与�られ�有効�Curve2519キー値を�����る��を確����。
+    \brief  ��関数��公開��ッファ�指定�れ�エンディアン�対��有効�Curve2519キー値を�����る��を確����。
     \return 0  公開��値�有効����返�れ��。
     \return ECC_BAD_ARG_E  公開��値�無効�場��返�れ��。
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�場��返�れ��。
@@ -450,7 +450,7 @@ int wc_curve25519_export_public(curve25519_key* key, byte* out, word32* outLen);
 
 /*!
     \ingroup Curve25519 
-    \brief  ��関数�指定�れ�キー構造�ら公開�をエクス�ート���果をアウト�ッファ�格����。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数�指定�れ�キー構造�ら公開�をエクス�ート���果をアウト�ッファ�格����。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  Curve25519_Key構造体�ら公開�を正常�エクス�ート�る上�返�れ��。
     \return ECC_BAD_ARG_E  outlen�curve25519_pub_key_sizeより���場��返�れ��。
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�場��返�れ��。
@@ -517,7 +517,7 @@ int wc_curve25519_export_key_raw(curve25519_key* key,
 
 /*!
     \ingroup Curve25519 
-    \brief  Export Curve25519キーペア。大�����リトルエンディアン。
+    \brief  Export Curve25519キーペア。ビッグ・リトルエンディアン。
     \return 0  Curve25519_Key構造体�らキーペア�エクス�ート��功����。
     \return BAD_FUNC_ARG  入力パラメータ�NULL�場��返�れ��。
     \return ECC_BAD_ARG_E  PRIVSZ�CURUV25519_SEY_SIZE���PUBSZよりも���場���PUBSZ�CURUG25519_PUB_KEY_SIZEよりも���場��返�れ��。
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
index 67c647dd..4a6a1d2e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/curve448.h
@@ -59,7 +59,7 @@ int wc_curve448_shared_secret(curve448_key* private_key,
 
 /*!
     \ingroup Curve448 
-    \brief  ��関数��秘密�秘密���信��公開�を考�る��共有秘密�を計算���。生��れ�秘密�を�ッファアウト��存��ounlent�秘密��変数を割り当���。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数��秘密�秘密���信��公開�を考�る��共有秘密�を計算���。生��れ�秘密�を�ッファアウト��存��ounlent�秘密��変数を割り当���。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  共有秘密�を正常�計算�����返�れ���。
     \return BAD_FUNC_ARG  渡�れ�入力パラメータ���れ��NULL�場��返�れ��。
     \param [in]  Private_Key Curve448_Key構造体���インタユーザー�秘密���期化�れ���。
@@ -152,7 +152,7 @@ int wc_curve448_import_private(const byte* priv, word32 privSz,
 
 /*!
     \ingroup Curve448 
-    \brief  CURVE448秘密��イン�ート��。（大��エンディアン）。
+    \brief  CURVE448秘密��イン�ート��。（ビッグエンディアン）。
     \return 0  秘密��イン�ート��功����。
     \return BAD_FUNC_ARG  キー���PRIV�NULL�場��返���。
     \return ECC_BAD_ARG_E  PRIVSZ�CURUG448_KEY_SIZE�等����場��返���。
@@ -220,7 +220,7 @@ int wc_curve448_import_private_raw(const byte* priv, word32 privSz,
 
 /*!
     \ingroup Curve448 
-    \brief  ��関数��public-秘密��ペアをCurve448_Key構造体�イン�ート���。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数��public-秘密��ペアをCurve448_Key構造体�イン�ート���。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  Curve448_Key構造体��イン�ート時�返�れ��。
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�場��返���。
     \return ECC_BAD_ARG_E  入力キー�キーサイズ�Publicキーサイズ���秘密�サイズ�一致���場��返�れ��。
@@ -450,7 +450,7 @@ int wc_curve448_export_public(curve448_key* key, byte* out, word32* outLen);
 
 /*!
     \ingroup Curve448 
-    \brief  ��関数�指定�れ�キー構造�ら公開�をエクス�ート���果をアウト�ッファ�格����。大���リトルエンディアン�両方をサ�ート���。
+    \brief  ��関数�指定�れ�キー構造�ら公開�をエクス�ート���果をアウト�ッファ�格����。ビッグ・リトルエンディアン�両方をサ�ート���。
     \return 0  Curve448_Key構造体�ら公開��エクス�ート��功����。
     \return ECC_BAD_ARG_E  outlen�curve448_pub_key_sizeより���場��返�れ��。
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�場��返�れ��。
@@ -517,8 +517,8 @@ int wc_curve448_export_key_raw(curve448_key* key,
 
 /*!
     \ingroup Curve448 
-    \brief  Curve448キーペアをエクス�ート���。大�����リトルエンディアン。
-    \brief  ��関数�指定�れ�キー構造�らキーペアをエクス�ート���果をアウト�ッファ�格����。大�����リトルエンディアン。
+    \brief  Curve448キーペアをエクス�ート���。ビッグ����リトルエンディアン。
+    \brief  ��関数�指定�れ�キー構造�らキーペアをエクス�ート���果をアウト�ッファ�格����。ビッグ����リトルエンディアン。
     \return 0  �功
     \return BAD_FUNC_ARG  入力パラメータ�NULL�場��返�れ��。
     \return ECC_BAD_ARG_E  PRIVSZ�CURUV448_KEY_SIZE���PUBSZよりも���場���Curge448_PUB_KEY_SIZEよりも���場��返�れ��。
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
index e7102a52..0571feda 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/doxygen_groups.h
@@ -220,7 +220,7 @@
     key operations and reducing the attack surface by restricting access to certificate and keys
     to the SIM.
 
-    IoT-Safe support can be enabled on an existing WOLFSSL_CTX contex, using wolfSSL_CTX_iotsafe_enable().\n
+    IoT-Safe support can be enabled on an existing WOLFSSL_CTX context, using wolfSSL_CTX_iotsafe_enable().\n
     Session created within the context can set the parameters for IoT-Safe key and files usage, and enable
     the public keys callback, with wolfSSL_iotsafe_on().
 
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
index 953e06ea..41b8c9ec 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ecc.h
@@ -1,5 +1,5 @@
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�新��ECC_KEYを生����れをキー�格����。
     \return 0  �功�戻り���。
     \return ECC_BAD_ARG_E  RNG���キー�NULL�評価�れ�場��返�れ��
@@ -33,7 +33,7 @@
 int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�新��ECC_KEYを生����れをキー�格����。
     \return 0  �功�戻り���。
     \return ECC_BAD_ARG_E  RNG���キー�NULL�評価�れ�場��返�れ��
@@ -75,7 +75,7 @@ int wc_ecc_make_key(WC_RNG* rng, int keysize, ecc_key* key);
 int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ECCキー�有効性を有効����。
     \return MP_OKAY  �功�キー�大丈夫��。
     \return BAD_FUNC_ARG  キー�NULL�場��返���。
@@ -105,7 +105,7 @@ int wc_ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key, int curve_id);
 int wc_ecc_check_key(ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��使用�れ�後�ECC_KEYキーを解放���。
     _Example_
     \code
@@ -120,7 +120,7 @@ int wc_ecc_check_key(ecc_key* key);
 void wc_ecc_key_free(ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ローカル秘密���信��公開�を使用��新��秘密�を生����。��共有秘密�を�ッファアウト�格���出力�ッファ�書�込�れ��イト数を���る���outlentenを更新���。
     \return 0  共有秘密��生���功�����返�れ��
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�評価�れ�場��返�れ��。
@@ -167,7 +167,7 @@ int wc_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out,
                       word32* outlen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  秘密��パブリック�イント�間�ECC共有秘密を作����。
     \return MP_OKAY  �功を示���。
     \return BAD_FUNC_ARG  引数�NULL����エラー�返�れ��。
@@ -204,7 +204,7 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
                              byte* out, word32 *outlen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��信頼性を�証�る���ECC_KEYオブジェクトを使用��メッセージダイジェスト�署����。
     \return 0  メッセージダイジェスト�署�を正常�生������返�れ���
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�評価�れ�場�����出力�ッファ������生��れ�署�を�存�る場��返�れ��。
@@ -249,7 +249,7 @@ int wc_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen,
                      WC_RNG* rng, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  メッセージダイジェスト�署����。
     \return MP_OKAY  メッセージダイジェスト�署�を正常�生������返�れ���
     \return ECC_BAD_ARG_E  入力キー�秘密�����場�����ECC IDX�無効�場�������れ��入力パラメータ�NULL�評価�れ��る場�����出力�ッファ������生��れ�署�を�存�る������る場�
@@ -299,7 +299,7 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
                         ecc_key* key, mp_int *r, mp_int *s);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��真正性を確��る����ッシュ�ECCシグ��ャを検証���。答�を介���有効�署��対応�る1�無効�署��対応�る0�答�を返���。
     \return 0  署�検証�正常�実行�れ����返�れ��。注：�れ�署��検証�れ��る��を�味�る�����り��ん。信頼性情報�代�り�STAT�格��れ��
     \return BAD_FUNC_ARG  返�れ�入力パラメータ�NULL�評価�れ��
@@ -344,7 +344,7 @@ int wc_ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash,
                     word32 hashlen, int* stat, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ECC署�を確�������。�果�stat�書�込�れ��。1�有効��0�無効��。注：有効�テスト�戻り値を使用��������。stat��を使用������。
     \return MP_OKAY  �功��場�（署��無効����も）
     \return ECC_BAD_ARG_E  引数�NULL�場�����key-idx�無効�場��返���。
@@ -374,7 +374,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
                           word32 hashlen, int* stat, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��メッセージ検証����交渉�将��使用����ECC_KEYオブジェクトを�期化���。
     \return 0  ECC_Keyオブジェクト��期化��功�����返�れ��
     \return MEMORY_E  メモリ�割り当�中�エラー�発生��場��返�れ��
@@ -390,7 +390,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
 int wc_ecc_init(ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��メッセージ検証����交渉�将��使用����ECC_KEYオブジェクトを�期化���。
     \return 0  ECC_Keyオブジェクト��期化��功�����返�れ��
     \return MEMORY_E  メモリ�割り当�中�エラー�発生��場��返�れ��
@@ -409,7 +409,7 @@ int wc_ecc_init(ecc_key* key);
 int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�ユーザー定義ヒープを使用��キー構造�スペースを割り当���。
     \return 0  ECC_Keyオブジェクト��期化��功�����返�れ��
     _Example_
@@ -424,7 +424,7 @@ int wc_ecc_init_ex(ecc_key* key, void* heap, int devId);
 ecc_key* wc_ecc_key_new(void* heap);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��使用後�ECC_KEYオブジェクトを解放���。
     \return int  integer�WolfSSLエラー����功状�を示���を返����。
     _Example_
@@ -439,7 +439,7 @@ ecc_key* wc_ecc_key_new(void* heap);
 int wc_ecc_free(ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�固定�数点キャッシュを解放���。�れ�ECC�使用���計算時間を高速化���。��機能を使用�る���FP_ECC（固定�数点ECC）を定義�る必���り��。
     \return none  ���返���。
     _Example_
@@ -456,7 +456,7 @@ int wc_ecc_free(ecc_key* key);
 void wc_ecc_fp_free(void);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ECC IDX�有効����を確����。
     \return 1  有効�場��返�������。
     \return 0  無効�場��返���。
@@ -484,7 +484,7 @@ void wc_ecc_fp_free(void);
 int wc_ecc_is_valid_idx(int n);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  新��ECC�イントを割り当���。
     \return p  新��割り当�られ��イント。
     \return NULL  エラー時�NULLを返���。
@@ -506,7 +506,7 @@ int wc_ecc_is_valid_idx(int n);
 ecc_point* wc_ecc_new_point(void);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  メモリ�らECC�イントを解放���。
     \return none  ���返���。
     _Example_
@@ -528,7 +528,7 @@ ecc_point* wc_ecc_new_point(void);
 void wc_ecc_del_point(ecc_point* p);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  �る�イント�値を別��イント�コピー���。
     \return ECC_BAD_ARG_E  P���R�NULL����スロー�れ�エラー。
     \return MP_OKAY  �イント�正常�コピー�れ���
@@ -555,7 +555,7 @@ void wc_ecc_del_point(ecc_point* p);
 int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  �イント�値を別�も��比較������。
     \return BAD_FUNC_ARG  1����両方�引数�null��。
     \return MP_EQ  �イント�����。
@@ -591,7 +591,7 @@ int wc_ecc_copy_point(ecc_point* p, ecc_point *r);
 int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  �イント�無�大��る����を確����。返�1�無�大��る場��0������場��0�<0エラー時�0
     \return 1  P�無�大��。
     \return 0  P�無�大���り��ん。
@@ -625,7 +625,7 @@ int wc_ecc_cmp_point(ecc_point* a, ecc_point *b);
 int wc_ecc_point_is_at_infinity(ecc_point *p);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ECC固定点乗算を実行���。
     \return MP_OKAY  �功���作�返���。
     \return MP_INIT_E  複数�Precision Integer（MP_INT）ライブラリ�使用�る���整数を�期化�るエラー��る場��返�れ��。
@@ -652,7 +652,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
                   mp_int* a, mp_int* modulus, int map);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�ECCキーをECC_KEY構造体�らエクス�ート���果をOUT�格����。キー�ANSI X9.63フォーマット��存�れ��。outlen�出力�ッファ�書�込�れ��イトを格����。
     \return 0  ECC_KEY�エクス�ート�正常�返�れ���
     \return LENGTH_ONLY_E  出力�ッファ�NULL�評価�れ��る場��返�れ����他�2��入力パラメータ�有効��。関数�キーを�存�る��必��長�を返�����る��を示���
@@ -692,7 +692,7 @@ int wc_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R,
 int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�ECCキーをECC_KEY構造体�らエクス�ート���果をOUT�格����。キー�ANSI X9.63フォーマット��存�れ��。outlen�出力�ッファ�書�込�れ��イトを格����。��関数��圧縮�れ�パラメータを介��証明書を圧縮�る追加�オプションを使用�る。��パラメータ�true�場��キー�ANSI X9.63圧縮形���存�れ��。
     \return 0  ECC_KEY�エクス�ート�正常�返�れ���
     \return NOT_COMPILED_IN  hand_comp_key�コンパイル時�有効�������場��返�れ����キー�圧縮形���求�れ���
@@ -733,7 +733,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen);
 int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compressed);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ANSI X9.63形���存�れ��るキーを�む�ッファ�らパブリックECCキーをイン�ート���。��関数��圧縮キー�hand_comp_keyオプションを介��コンパイル時�有効�����る�り�圧縮キー��圧縮キー�両方を処����。
     \return 0  ECC_KEY�イン�ート��功����
     \return NOT_COMPILED_IN  hand_comp_key�コンパイル時�有効�������場��返�れ����キー�圧縮形���存�れ��。
@@ -774,7 +774,7 @@ int wc_ecc_export_x963_ex(ecc_key* key, byte* out, word32* outLen, int compresse
 int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��生�秘密�を�む�ッファ��ANSI X9.63フォーマット�れ�公開�を�む2番目��ッファー�らパブリック/プライベートECCキー�ペアをイン�ート���。��関数��圧縮キー�hand_comp_keyオプションを介��コンパイル時�有効�����る�り�圧縮キー��圧縮キー�両方を処����。
     \return 0  habe_comp_key�コンパイル時�有効�������場���ecc_key not_compiled_inを正常�イン�ート������キー�圧縮形���存�れ��。
     \return ECC_BAD_ARG_E  IN���KEY�NULL�評価�れ�場�����Inlen��数�場�（X9.63�格�よれ��キー�奇数���れ��り��ん）。
@@ -818,7 +818,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
                            word32 pubSz, ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ECCシグ��ャ�R部分�S部分をDER符�化ECDSAシグ��ャ�変����。��機能��outlen���出力�ッファ�書�込�れ�長�も記憶�れ����。
     \return 0  署��変���功�����戻り���
     \return ECC_BAD_ARG_E  ��れ��入力パラメータ�NULL�評価�れ�場�����入力�ッファ�DERエンコード�れ�ECDSAシグ��ャを���る���分�大�����場��返�れ��。
@@ -859,7 +859,7 @@ int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub,
 int wc_ecc_rs_to_sig(const char* r, const char* s, byte* out, word32* outlen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ECC署��RAW�分を��ECC_KEY構造体を埋���。
     \return 0  ECC_Key構造体�正常�イン�ート�れ����返�れ��
     \return ECC_BAD_ARG_E  ��れ��入力値�NULL�評価�れ�場��返�れ��。
@@ -901,7 +901,7 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
                    const char* d, const char* curveName);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ECC_KEY構造体�ら秘密���をエクス�ート���。秘密�を�ッファアウト�格���outlen����ッファ�書�込�れ��イトを設定���。
     \return 0  秘密��エクス�ート��功�����返�れ��
     \return ECC_BAD_ARG_E  ��れ��入力値�NULL�評価�れ�場��返�れ��。
@@ -939,7 +939,7 @@ int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy,
 int wc_ecc_export_private_only(ecc_key* key, byte* out, word32* outLen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  DER��エクス�ート�イント。
     \return 0  �功�戻り���。
     \return ECC_BAD_ARG_E  curve_idx�0未満���無効��る場��返���。���る��
@@ -964,7 +964,7 @@ int wc_ecc_export_point_der(const int curve_idx, ecc_point* point,
                             byte* out, word32* outLen);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  Derフォーマット�ら�イン�ート�イント。
     \return ECC_BAD_ARG_E  引数�null�場�����Inlen��数�場��返���。
     \return MEMORY_E  エラー�期化��る場��返���
@@ -988,7 +988,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
                             ecc_point* point);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ecc_key構造体�キーサイズをオクテット�返���。
     \return Given  有効�キー�オクテット�キーサイズを返���
     \return 0  与�られ�キー�NULL�場��返�れ��
@@ -1008,7 +1008,7 @@ int wc_ecc_import_point_der(byte* in, word32 inLen, const int curve_idx,
 int wc_ecc_size(ecc_key* key);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��次�よ����指定�れ�ECCシグ��ャ�最悪�場��サイズを返���。（KEYSZ * 2）+ SIG_HEADER_SZ + ECC_MAX_PAD_SZ。実際�シグ��ャサイズ��WC_ECC_SIGN_HASH�計算����。
     \return returns  最大署�サイズ（オクテット）
     _Example_
@@ -1026,7 +1026,7 @@ int wc_ecc_sig_size_calc(int sz);
 
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��次�よ����指定�れ�ECCシグ��ャ�最悪�場��サイズを返���。（KEYSZ * 2）+ SIG_HEADER_SZ + ECC_MAX_PAD_SZ。実際�シグ��ャサイズ��WC_ECC_SIGN_HASH�計算����。
     \return Success  有効�キーを考�る��最大署�サイズをオクテット�返���。
     \return 0  与�られ�キー�NULL�場��返�れ��
@@ -1049,7 +1049,7 @@ int wc_ecc_sig_size(ecc_key* key);
 
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��機能��ECC��安全�メッセージ交�を�能��る����新��ECCコンテキストオブジェクト�スペースを割り当���期化���。
     \return Success  新��ECENCCTXオブジェクト�生���功��場�����オブジェクト���インタを返���
     \return NULL  関数�新��ECENCCTXオブジェクトを生�����場��返�れ��
@@ -1072,7 +1072,7 @@ int wc_ecc_sig_size(ecc_key* key);
 ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��メッセージ�暗�化�復�化�使用�れるECENCCTXオブジェクトを解放���。
     \return none  戻り値。
     _Example_
@@ -1091,11 +1091,11 @@ ecEncCtx* wc_ecc_ctx_new(int flags, WC_RNG* rng);
 void wc_ecc_ctx_free(ecEncCtx*);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�ECENCCTX構造をリセット���新��コンテキストオブジェクトを解放��新��コンテキストオブジェクトを割り当���。
     \return 0  ecencctx構造�正常�リセット�れ�場��返�れ��
     \return BAD_FUNC_ARG  RNG���CTX�NULL�場��返�れ��
-    \return RNG_FAILURE_E  ECCオブジェクト�新��塩を生��るエラー��る場�
+    \return RNG_FAILURE_E  ECCオブジェクト�新��ソルトを生��るエラー��る場�
     \param ctx  リセット�るECENCCTXオブジェクト���インタ
     _Example_
     \code
@@ -1114,7 +1114,7 @@ void wc_ecc_ctx_free(ecEncCtx*);
 int wc_ecc_ctx_reset(ecEncCtx* ctx, WC_RNG* rng);  /* reset for use again w/o alloc/free */
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��wc_ecc_ctx_new�後�オプション�呼�出�れる�������。暗�化�KDF��よ�MACアルゴリズムをECENCENCCTXオブジェクト�設定���。
     \return 0  ECENCCTXオブジェクト�情報を正常�設定�る�返�れ��。
     \return BAD_FUNC_ARG  指定�れ�ecencctxオブジェクト�NULL�場��返�れ��。
@@ -1136,9 +1136,9 @@ int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
     byte macAlgo);
 
 /*!
-    \ingroup ECC 
-    \brief  ��関数�ECENCENCCTXオブジェクト�塩を返���。��関数��ECENCCTX�状態�ECSRV_INIT���ECCLI_INIT�場����呼�出�必���り��。
-    \return Success  �功�る��ECENCENTX塩を返���
+    \ingroup ECC
+    \brief  ��関数�ECENCENCCTXオブジェクト�ソルトを返���。��関数��ECENCCTX�状態�ECSRV_INIT���ECCLI_INIT�場����呼�出�必���り��。
+    \return �功�る� �ecEncCtx ソルトを返���
     \return NULL  ecencctxオブジェクト�NULL�場�����ECENCCTX�状態�ECSRV_INIT���ECCLI_INIT���場��返�れ��。後者�2��ケース�����機能��れ�れECSRV_BAD_STATE���ECCLI_BAD_STATE�ECENCCTX�状態を設定���。
     _Example_
     \code
@@ -1159,12 +1159,12 @@ int wc_ecc_ctx_set_algo(ecEncCtx* ctx, byte encAlgo, byte kdfAlgo,
 const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��ECENCENCCTXオブジェクト�ピアソルトを設定���。
     \return 0  ECENCCTXオブジェクト�ピアソルト�設定��功�����返�れ��。
-    \return BAD_FUNC_ARG  指定�れ�ecencctxオブジェクト�null���無効�プロトコル��る場�����指定�れ�塩�NULL�場�
+    \return BAD_FUNC_ARG  指定�れ�ecencctxオブジェクト�null���無効�プロトコル��る場�����指定�れ�ソルト�NULL�場�
     \return BAD_ENC_STATE_E  ecencctx�状態�ECSRV_SALT_GET���ECCLI_SALT_GET�場��返�れ��。後者�2��ケース�����機能��れ�れECSRV_BAD_STATE���ECCLI_BAD_STATE�ECENCCTX�状態を設定���。
-    \param ctx  塩を設定�る���ecencctx���インタ
+    \param ctx  ソルトを設定�る���ecencctx���インタ
     _Example_
     \code
     ecEncCtx* cliCtx, srvCtx;
@@ -1186,7 +1186,7 @@ const byte* wc_ecc_ctx_get_own_salt(ecEncCtx*);
 int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数��wc_ecc_ctx_set_peer_salt��後�オプション�呼�出�れる�������。ECENCCTXオブジェクト�オプション�情報を設定���。
     \return 0  ECENCCTXオブジェクト�情報を正常�設定�る�返�れ��。
     \return BAD_FUNC_ARG  与�られ�ECENCCTXオブジェクト�NULL�場��入力情報�NULL���サイズ�無効��。
@@ -1207,7 +1207,7 @@ int wc_ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt);
 int wc_ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�指定�れ�入力メッセージをMSG�らOUT�暗�化���。��関数�パラメータ���オプション�CTXオブジェクトを�り��。�供�れ��る場��ECENCCTX�Encalgo�Kdfalgo��よ�Macalgo�基���暗�化�進���。CTX�指定�れ����場��処��デフォルト�アルゴリズム�ECAES_128_CBC�ECHKDF_SHA256�ECHMAC_SHA256�完了���。��機能��メッセージ�CTX�指定�れ�暗�化タイプ�従��埋�込�れ��る必���り��。
     \return 0  入力メッセージ�暗�化��功��ら返�れ��
     \return BAD_FUNC_ARG  PRIVKEY�PUBKEY�MSG�MSGSZ�OUT�OUTSZ�NULL�場�����CTXオブジェクト�サ�ート�れ����暗�化タイプを指定���。
@@ -1246,7 +1246,7 @@ int wc_ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
                 word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�指定�れ�入力メッセージをMSG�らOUT�暗�化���。��関数�パラメータ���オプション�CTXオブジェクトを�り��。�供�れ��る場��ECENCCTX�Encalgo�Kdfalgo��よ�Macalgo�基���暗�化�進���。CTX�指定�れ����場��処��デフォルト�アルゴリズム�ECAES_128_CBC�ECHKDF_SHA256�ECHMAC_SHA256�完了���。��機能��メッセージ�CTX�指定�れ�暗�化タイプ�従��埋�込�れ��る必���り��。
     \return 0  入力メッセージ�暗�化��功��ら返�れ��
     \return BAD_FUNC_ARG  PRIVKEY�PUBKEY�MSG�MSGSZ�OUT�OUTSZ�NULL�場�����CTXオブジェクト�サ�ート�れ����暗�化タイプを指定���。
@@ -1287,7 +1287,7 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
     word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx, int compressed);
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  ��関数�MSG�らOUT��暗�文を復�化���。��関数�パラメータ���オプション�CTXオブジェクトを�り��。�供�れ��る場��ECENCCTX�Encalgo�Kdfalgo��よ�Macalgo�基���暗�化�進���。CTX�指定�れ����場��処��デフォルト�アルゴリズム�ECAES_128_CBC�ECHKDF_SHA256�ECHMAC_SHA256�完了���。��機能��メッセージ�CTX�指定�れ�暗�化タイプ�従��埋�込�れ��る必���り��。
     \return 0  入力メッセージ�復�化��功�����返�れ��
     \return BAD_FUNC_ARG  PRIVKEY�PUBKEY�MSG�MSGSZ�OUT�OUTSZ�NULL�場�����CTXオブジェクト�サ�ート�れ����暗�化タイプを指定���。
@@ -1329,7 +1329,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
 
 
 /*!
-    \ingroup ECC 
+    \ingroup ECC
     \brief  �ブロック�作����ECCサ�ートを有効����。次�ビルドオプションを使用���精度（SP）数学�サ�ート�れ����.WolfSSL_SP_SP_SMALL WOLFSSL_SP_NO_MALLOC WC_ECC_NONBLOCK
     \return 0  コール�ックコンテキストを入力メッセージ�正常�設定�る�返�れ��。
     \param key  ECC_KEYオブジェクト���インタ
@@ -1351,7 +1351,7 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
                     &key
                 );
 
-                // TODO: Real-time work can be called here 
+                // TODO: Real-time work can be called here
             } while (ret == FP_WOULDBLOCK);
         }
         wc_ecc_free(&key);
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
index 57f5adb4..64a4342e 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ed25519.h
@@ -1,11 +1,17 @@
 /*!
-    \ingroup ED25519 
-    \brief  ��関数�秘密��らED25519公開�を生����。公開�を�ッファPubkey�格���Pubkeysz����ッファ�書�込�れ��イトを設定���。
+    \ingroup ED25519
+    \brief  ��関数�Ed25519秘密��らEd25519公開�を生����。公開�を�ッファpubkey�出力���。
+     ��関数�呼�出��先立��ed25519_key構造体��Ed25519秘密��イン�ート�れ��る必���り��。
+
     \return 0  公開��作���功�����返�れ��。
-    \return BAD_FUNC_ARG  IFIキー���PubKey�NULL�評価�れ�場�����指定�れ�キーサイズ�32�イト����場�（ED25519�32�イト�キー��り��）。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  キーを生��るED25519_Key��キー�インタ。
-    \param [out]  公開�を�存�る�ッファ���インタ。
+    \return BAD_FUNC_ARG 引数key���pubKey�NULL�場�����指定�れ��サイズ�32�イト����場�（ED25519�32�イト�キー��り��）。
+    \return ECC_PRIV_KEY_E ed25519_key構造体�Ed25519秘密��イン�ート�れ����場��返�れ��。
+    \return MEMORY_E  関数�実行中�メモリを割り当�エラー��る場��返�れ��。
+
+    \param [in] key Ed25519秘密��イン�ート�れ��るed25519_key構造体���インタ。
+    \param [out] pubKey 公開�を出力�る�ッファ���インタ。
+    \param [in] pubKeySz �ッファ�サイズ。常�ED25519_PUB_KEY_SIZE(32)���れ��り��ん。
+
     _Example_
     \code
     int ret;
@@ -31,13 +37,14 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
                            word32 pubKeySz);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数�新��ED25519キーを生����れをキー�格����。
-    \return 0  ED25519_KEYを正常�行��返�れ��。
-    \return BAD_FUNC_ARG  RNG���KEY�NULL�評価�れ�場�����指定�れ�キーサイズ�32�イト����場�（ED25519�32�イト�キー��り��）。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  RNGキーを生��る�期化�れ�RNGオブジェクト���インタ。
-    \param [in]  keysize key�長�を生����。ED25519�場��常�32��り��。
+    \ingroup ED25519
+    \brief  ��関数�新��ed25519_key構造体を生����れを引数key��ッファ�格����。
+    \return 0  ed25519_key構造体を正常�生��る�返�れ��。
+    \return BAD_FUNC_ARG  RNG���KEY�NULL�評価�れ�場�����指定�れ�keysize�32�イト����場�(Ed25519���常�32�イトを指定�る必���り��)。
+    \return MEMORY_E  関数�実行中�メモリ割り当�エラー�発生��場��返�れ��。
+    \param [in] rng RNGキーを生��る�期化�れ�RNGオブジェクト���インタ。
+    \param [in] keysize key�長�。ED25519�場��常�32��り��。
+
     _Example_
     \code
     int ret;
@@ -58,15 +65,18 @@ int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
 int wc_ed25519_make_key(WC_RNG* rng, int keysize, ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Keyオブジェクトを使用���証を�証�るメッセージ�署����。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体を使用��メッセージ�署����。
     \return 0  メッセージ�署�を正常�生��る�返�れ��。
     \return BAD_FUNC_ARG  入力パラメータ���れ��NULL�評価�れ�場�����出力�ッファ������生��れ�署�を�存�る場��返�れ��。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  署��るメッセージを�む�ッファ���インタ。
-    \param [in]  署��るメッセージ�インレル長。
-    \param [out]  生��れ�署�を格��る����ッファー。
-    \param [in,out]  出力�ッファ�最大長�範囲内。メッセージ署��生���功������書�込�れ��イトを�存���。
+    \return MEMORY_E  関数�実行中�メモリ割り当�エラー�発生��場��返�れ��。
+
+    \param [in] in 署��るメッセージを�む�ッファ���インタ。
+    \param [in] inlen 署��るメッセージ�サイズ
+    \param [out] out 生��れ�署�を格��る����ッファ。
+    \param [in,out] outlen 出力�ッファ�最大長。メッセージ署��生���功������書�込�れ��イト数を�����。
+    \param [in] key 署�を生��る���使用�る秘密�を�����るed25519_key構造体���インタ。
+
     _Example_
     \code
     ed25519_key key;
@@ -95,17 +105,20 @@ int wc_ed25519_sign_msg(const byte* in, word32 inlen, byte* out,
                         word32 *outlen, ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Keyオブジェクトを使用���証を�証�るメッセージ�署����。コンテキスト�署��れ�データ�一部��。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体を使用��メッセージ�署����。
+    コンテキスト�署��れるデータ�一部��。
     \return 0  メッセージ�署�を正常�生��る�返�れ��。
     \return BAD_FUNC_ARG  返�れ�入力パラメータ�NULL�評価�れ��。出力�ッファ������生��れ�署�を�存�る��������。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  署��るメッセージを�む�ッファ���インタ。
-    \param [in]  署��るメッセージ�インレル長。
-    \param [out]  生��れ�署�を格��る����ッファー。
-    \param [in,out]  出力�ッファ�最大長�範囲内。メッセージ署��生���功������書�込�れ��イトを�存���。
-    \param [in]  署�を生��るプライベートED25519_KEY��キー�インタ。
-    \param [in]  メッセージ�署��れ��るコンテキストを�む�ッファ��コンテキスト�インタ。
+    \return MEMORY_E  関数�実行中�メモリ割り当�エラー�発生��場��返�れ��。
+    \param [in] in 署��るメッセージを�む�ッファ���インタ。
+    \param [in] inlen 署��るメッセージ�サイズ
+    \param [out] out 生��れ�署�を格��る����ッファ。
+    \param [in,out] outlen 出力�ッファ�最大長。メッセージ署��生���功������書�込�れ��イトを�存���。
+    \param [in] key 署�を生��る���使用�る秘密�を�����るed25519_key構造体���インタ。
+    \param [in] context メッセージ�署��れ��るコンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�ッファ�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -137,17 +150,24 @@ int wc_ed25519ctx_sign_msg(const byte* in, word32 inlen, byte* out,
                         const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Keyオブジェクトを使用��メッセージダイジェスト�署���信頼性を�証���。コンテキスト�署��れ�データ�一部�����れ����。署�計算���メッセージ�事���ッシュ�れ����。メッセージダイジェストを作��る���使用�れる�ッシュアルゴリズム�Shake-256���れ��り��ん。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体を使用��メッセージダイジェスト�署����。
+    コンテキスト�署��れるデータ�一部�����れ����。
+    署�計算���メッセージ�事���ッシュ�れ����。
+    メッセージダイジェストを作��る���使用�れる�ッシュアルゴリズム�Shake-256���れ��り��ん。
+
     \return 0  メッセージダイジェスト�署�を正常�生��る�返�れ��。
     \return BAD_FUNC_ARG  返�れ�入力パラメータ�NULL�評価�れ��。出力�ッファ������生��れ�署�を�存�る��������。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  サイン��メッセージ��ッシュを�む�ッファ���ッシュ�インタ。
-    \param [in]  サイン��メッセージ��ッシュ��ッシュ�長�。
-    \param [out]  生��れ�署�を格��る����ッファー。
-    \param [in,out]  出力�ッファ�最大長�範囲内。メッセージ署��生���功������書�込�れ��イトを�存���。
-    \param [in]  署�を生��るプライベートED25519_KEY��キー�インタ。
-    \param [in]  メッセージ�署��れ��るコンテキストを�む�ッファ��コンテキスト�インタ。
+    \return MEMORY_E  関数�実行中�メモリ割り当�エラー�発生��場��返�れ��。
+
+    \param [in] hash 署��るメッセージ��ッシュを�む�ッファ���インタ。
+    \param [in] hashLen 署��るメッセージ��ッシュ�サイズ
+    \param [out] out 生��れ�署�を格��る����ッファ。
+    \param [in,out] outlen 出力�ッファ�最大長。メッセージ署��生���功������書�込�れ��イトを�存���。
+    \param [in] key 署�を生��る��使用�る秘密�を�ん�ed25519_key構造体���インタ。
+    \param [in] context メッセージ�署��れ��るコンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�ッファ�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -179,17 +199,19 @@ int wc_ed25519ph_sign_hash(const byte* hash, word32 hashLen, byte* out,
                            const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Keyオブジェクトを使用���証を�証�るメッセージ�署����。コンテキスト�署��れ�データ�一部�����れ����。署�計算���メッセージ�事���ッシュ�れ����。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体を使用���証を�証�るメッセージ�署����。コンテキスト�署��れ�データ�一部�����れ����。署�計算���メッセージ�事���ッシュ�れ����。
     \return 0  メッセージ�署�を正常�生��る�返�れ��。
     \return BAD_FUNC_ARG  返�れ�入力パラメータ�NULL�評価�れ��。出力�ッファ������生��れ�署�を�存�る��������。
-    \return MEMORY_E  関数�実行中�メモリを割り当�るエラー��る場��返�れ��。
-    \param [in]  署��るメッセージを�む�ッファ���インタ。
-    \param [in]  署��るメッセージ�インレル長。
-    \param [out]  生��れ�署�を格��る����ッファー。
-    \param [in,out]  出力�ッファ�最大長�範囲内。メッセージ署��生���功������書�込�れ��イトを�存���。
-    \param [in]  署�を生��るプライベートED25519_KEY��キー�インタ。
-    \param [in]  メッセージ�署��れ��るコンテキストを�む�ッファ��コンテキスト�インタ。
+    \return MEMORY_E  関数�実行中�メモリを割り当�エラー�発生��場��返�れ��。
+    \param [in] in 署��るメッセージを�む�ッファ���インタ。
+    \param [in] inlen 署��るメッセージ�インレル長。
+    \param [out] out 生��れ�署�を格��る����ッファ。
+    \param [in,out] outlen 出力�ッファ�最大長。メッセージ署��生���功������書�込�れ��イトを�存���。
+    \param [in] key 署�を生��るプライベートed25519_key構造体���インタ。
+    \param [in] context メッセージ�署��れ��るコンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�ッファ�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -221,16 +243,21 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
                         const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数�メッセージ�ED25519署�を確���信頼性を確����。RESを介��答�を返��有効�署��対応�る1�無効�署��対応�る0を返���。
+    \ingroup ED25519
+    \brief  ��関数�メッセージ�Ed25519署�を検証���。
+    retを介��答�を返��有効�署��場��1�無効�署��場���0を返���。
+
     \return 0  署�検証��証を正常�実行�����返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力パラメータ�NULL�評価�れ�場�����SIGLEN�署��実際�長��一致���場��返�れ��。
     \return SIG_VERIFY_E  検証�完了��場��返�れ����生��れ�署���供�れ�署��一致���ん。
-    \param [in]  検証�るシグ��ャを�む�ッファ��SIG�インタ。
-    \param [in]  検証�るシグ��ャ�シグレン�長�。
-    \param [in]  メッセージを�む�ッファ��MSG�インタを確��る。
-    \param [in]  検証�るメッセージ�MSGlen長。
-    \param [out]  検証��果��RES�インタ。1メッセージ�正常�検証�れ���を示���。
+
+    \param [in] sig 検証�るシグ��ャを�む�ッファ���インタ。
+    \param [in] siglen 検証�るシグ��ャ�サイズ
+    \param [in] msg メッセージを�む�ッファ���インタ
+    \param [in] msgLen 検証�るメッセージ�サイズ
+    \param [out] ret 検証��果を格��る変数���インタ。1�メッセージ�正常�検証�れ���を示���。
+    \param [in] key 署�を検証�る���Ed25519公開����インタ。
+
     _Example_
     \code
     ed25519_key key;
@@ -257,18 +284,24 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
                           word32 msgLen, int* ret, ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数�メッセージ�ED25519署�を確���信頼性を確����。文脈�データ検証済��一部�����れ����。RESを介��答�を返��有効�署��対応�る1�無効�署��対応�る0を返���。
+    \ingroup ED25519
+    \brief  ��関数�メッセージ�Ed25519署�を検証���。
+    コンテキスト�署��れ�データ�一部�����れ����。
+    答��変数retを介��返�れ�署��有効�ら�1�無効�ら�0を返���。
+
     \return 0  署�検証��証を正常�実行�����返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力パラメータ�NULL�評価�れ�場�����SIGLEN�署��実際�長��一致���場��返�れ��。
     \return SIG_VERIFY_E  検証�完了��場��返�れ����生��れ�署���供�れ�署��一致���ん。
-    \param [in]  検証�るシグ��ャを�む�ッファ��SIG�インタ。
-    \param [in]  検証�るシグ��ャ�シグレン�長�。
-    \param [in]  メッセージを�む�ッファ��MSG�インタを確��る。
-    \param [in]  検証�るメッセージ�MSGlen長。
-    \param [out]  検証��果��RES�インタ。1メッセージ�正常�検証�れ���を示���。
-    \param [in]  署�を検証�る���Public ED25519キー��キー�インタ。
-    \param [in]  メッセージ�署��れ�コンテキストを�む�ッファ��コンテキスト�インタ。
+
+    \param [in] sig 検証�るシグ��ャを�む�ッファ���インタ。
+    \param [in] siglen 検証�るシグ��ャ�サイズ
+    \param [in] msg メッセージを�む�ッファ���インタ
+    \param [in] msgLen 検証�るメッセージ�サイズ
+    \param [out] ret 検証��果を格��る変数���インタ。1�メッセージ�正常�検証�れ���を示���。
+    \param [in] key 署�を検証�る���Ed25519公開����インタ。
+    \param [in] context メッセージ�署��れ��るコンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�ッファ�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -297,18 +330,25 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
                              const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��メッセージ�ダイジェスト�ED25519シグ��ャを確����信頼性を確����。文脈�データ検証済��一部�����れ����。�ッシュ��署�計算��プリ�ッシュメッセージ��。メッセージダイジェストを作��る���使用�れる�ッシュアルゴリズム�SHA-512���れ��り��ん。答��RESを介��返�れ�有効�署��対応�る1�無効�署��対応�る0を返���。
+    \ingroup ED25519
+    \brief  ��関数��メッセージ�ダイジェスト�Ed25519署�を検証���。
+    引数hash��署�計算��プリ�ッシュメッセージ��。
+    メッセージダイジェストを作��る���使用�れる�ッシュアルゴリズム�SHA-512���れ��り��ん。
+    答��変数retを介��返�れ�署��有効�ら�1�無効�ら�0を返���。
+
     \return 0  署�検証��証を正常�実行�����返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力パラメータ�NULL�評価�れ�場�����SIGLEN�署��実際�長��一致���場��返�れ��。
     \return SIG_VERIFY_E  検証�完了��場��返�れ����生��れ�署���供�れ�署��一致���ん。
-    \param [in]  検証�るシグ��ャを�む�ッファ��SIG�インタ。
-    \param [in]  検証�るシグ��ャ�シグレン�長�。
-    \param [in]  検証�るメッセージ��ッシュを�む�ッファ���ッシュ�インタ。
-    \param [in]  検証�る�ッシュ��ッシュレン長。
-    \param [out]  検証��果��RES�インタ。1メッセージ�正常�検証�れ���を示���。
-    \param [in]  署�を検証�る���Public ED25519キー��キー�インタ。
-    \param [in]  メッセージ�署��れ�コンテキストを�む�ッファ��コンテキスト�インタ。
+
+    \param [in] sig 検証�るシグ��ャを�む�ッファ���インタ。
+    \param [in] siglen 検証�るシグ��ャ�サイズ
+    \param [in] msg メッセージを�む�ッファ���インタ
+    \param [in] msgLen 検証�るメッセージ�サイズ
+    \param [out] ret 検証��果を格��る変数���インタ。1�メッセージ�正常�検証�れ���を示���。
+    \param [in] key 署�を検証�る���Ed25519公開����インタ。
+    \param [in] context メッセージ�署��れ�コンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -337,18 +377,24 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
                              const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数�メッセージ�ED25519署�を確���信頼性を確����。文脈�データ検証済��一部�����れ����。検証��メッセージ�プリ�ッシュ�れ����。RESを介��答�を返��有効�署��対応�る1�無効�署��対応�る0を返���。
+    \ingroup ED25519
+    \brief  ��関数��メッセージ�ダイジェスト�Ed25519署�を検証���。
+    引数context�検証���データ�一部�����れ����。
+    検証��メッセージ�プリ�ッシュ�れ����。
+    答��変数resを介��返�れ�署��有効�ら�1�無効�ら�0を返���。
+
     \return 0  署�検証��証を正常�実行�����返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力パラメータ�NULL�評価�れ�場�����SIGLEN�署��実際�長��一致���場��返�れ��。
     \return SIG_VERIFY_E  検証�完了��場��返�れ����生��れ�署���供�れ�署��一致���ん。
-    \param [in]  検証�るシグ��ャを�む�ッファ��SIG�インタ。
-    \param [in]  検証�るシグ��ャ�シグレン�長�。
-    \param [in]  メッセージを�む�ッファ��MSG�インタを確��る。
-    \param [in]  検証�るメッセージ�MSGlen長。
-    \param [out]  検証��果��RES�インタ。1メッセージ�正常�検証�れ���を示���。
-    \param [in]  署�を検証�る���Public ED25519キー��キー�インタ。
-    \param [in]  メッセージ�署��れ�コンテキストを�む�ッファ��コンテキスト�インタ。
+    \param [in] sig 検証�るシグ��ャを�む�ッファ���インタ。
+    \param [in] siglen 検証�るシグ��ャ�サイズ
+    \param [in] msg メッセージを�む�ッファ���インタ
+    \param [in] msgLen 検証�るメッセージ�サイズ
+    \param [out] ret 検証��果を格��る変数���インタ。1�メッセージ�正常�検証�れ���を示���。
+    \param [in] key 署�を検証�る���Ed25519公開����インタ。
+    \param [in] context メッセージ�署��れ�コンテキストを�む�ッファ���インタ。
+    \param [in] contextLen コンテキスト�サイズ
+
     _Example_
     \code
     ed25519_key key;
@@ -377,10 +423,12 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
                             const byte* context, byte contextLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��メッセージ検証�将��使用����ED25519_Keyオブジェクトを�期化���。
-    \return 0  ED25519_Keyオブジェクト��期化��功�����返�れ��。
-    \return BAD_FUNC_ARG  キー�NULL�場��返�れ��。
+    \ingroup ED25519
+    \brief  ��関数��後�メッセージ検証�使用����ed25519_key構造体を�期化���。
+    \return 0  ed25519_key構造体��期化��功�����返�れ��。
+    \return BAD_FUNC_ARG 引数key�NULL�場��返�れ��。
+    \param [in,out] key ed25519_key構造体���インタ
+
     _Example_
     \code
     ed25519_key key;
@@ -393,8 +441,10 @@ int wc_ed25519ph_verify_msg(const byte* sig, word32 siglen, const byte* msg,
 int wc_ed25519_init(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��使用�れ�後�ED25519オブジェクトを解放���。
+    \ingroup ED25519
+    \brief  ��関数��使用済��ed25519_key構造体を解放���。
+    \param [in,out] key ed25519_key構造体���インタ
+
     _Example_
     \code
     ed25519_key key;
@@ -408,12 +458,16 @@ int wc_ed25519_init(ed25519_key* key);
 void wc_ed25519_free(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��公開�を�む�ッファ�らPublic ED25519_Keyペアをイン�ート���。��関数�圧縮キー��圧縮キー�両方を処����。
-    \return 0  ED25519_KEY�イン�ート��功����。
-    \return BAD_FUNC_ARG  in���key�null�評価�れ�場�����Inlen�ED25519キー�サイズよりも���場��返�れ��。
-    \param [in]  公開�を�む�ッファ���インタ。
-    \param [in]  公開�を�む�ッファ�インレル長。
+    \ingroup ED25519
+    \brief  ��関数��ッファ�らed25519公開�をed25519_key構造体�イン�ート���。
+    圧縮�る���圧縮�両方�形���を扱���。
+    \return 0  ed25519公開��イン�ート��功��場��返�れ��。
+    \return BAD_FUNC_ARG  in���key�null�評価�れ�場�����inlen�ED25519��サイズよりも���場��返�れ��。
+
+    \param [in] in 公開�を�ん��ッファ���インタ
+    \param [in] inLen 公開�を�ん��ッファ�サイズ
+    \param [in,out] key ed25519_key構造体���インタ
+
     _Example_
     \code
     int ret;
@@ -426,21 +480,61 @@ void wc_ed25519_free(ed25519_key* key);
         // error importing key
     }
     \endcode
+
+    \sa wc_ed25519_import_public_ex
     \sa wc_ed25519_import_private_key
+    \sa wc_ed25519_import_private_key_ex
     \sa wc_ed25519_export_public
 */
 
 int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ed25519秘密�を�ッファ�ら��イン�ート���。
-    \return 0  ED25519キー�イン�ート��功����。
+    \ingroup ED25519
+
+    \brief ��関数��ッファ�らed25519公開�をed25519_key構造体�イン�ート���。
+    圧縮�る���圧縮�両方�形���を扱���。
+    秘密��既�イン�ート�れ��る場���trusted引数�1以外�場��両��対応���る�を�ェック���。
+
+    \return 0 ed25519公開��イン�ート��功��場��返�れ��。
+    \return BAD_FUNC_ARG Returned 引数in�る��key�NULL�場�,�る��引数inLen�Ed25519��サイズより���場��返�れ��。
+
+    \param [in] in 公開�を�ん��ッファ���インタ
+    \param [in] inLen 公開�を�ん��ッファ�サイズ
+    \param [in,out] key ed25519_key構造体���インタ
+    \param [in] trusted 公開��信頼��る���を示�フラグ
+
+    _Example_
+    \code
+    int ret;
+    byte pub[] = { initialize Ed25519 public key };
+
+    ed_25519 key;
+    wc_ed25519_init_key(&key);
+    ret = wc_ed25519_import_public_ex(pub, sizeof(pub), &key, 1);
+    if (ret != 0) {
+        // error importing key
+    }
+    \endcode
+
+    \sa wc_ed25519_import_public
+    \sa wc_ed25519_import_private_key
+    \sa wc_ed25519_import_private_key_ex
+    \sa wc_ed25519_export_public
+*/
+
+int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
+    int trusted);
+
+
+/*!
+    \ingroup ED25519
+    \brief  ��関数��ed25519秘密���を�ッファ�らイン�ート���。
+    \return 0  Ed25519秘密��イン�ート��功��際�返�れ��。
     \return BAD_FUNC_ARG  priv���key�NULL�評価�れ�場�����privSz�ED25519_KEY_SIZE�異�る場��返�れ��。
-    \param [in]  秘密�を�む�ッファ��PRIV�インタ。
-    \param [in]  秘密��Privsz長�。
-    \param [in]  公開�を�む�ッファ��Pub�インタ。
-    \param [in]  公開��Pubsz�長�。
+    \param [in] priv 秘密�を�む�ッファ���インタ。
+    \param [in] privSz 秘密�を�む�ッファ�サイズ
+
     _Example_
     \code
     int ret;
@@ -457,19 +551,21 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
     \sa wc_ed25519_import_private_key
     \sa wc_ed25519_export_private_only
 */
-
 int wc_ed25519_import_private_only(const byte* priv, word32 privSz,
                                    ed25519_key* key);
 
+
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��一対��ッファ�らパブリック/プライベートED25519キーペアをイン�ート���。��関数�圧縮キー��圧縮キー�両方を処����。
-    \return 0  ED25519_KEY�イン�ート��功����。
+    \ingroup ED25519
+    \brief  ��関数��Ed25519公開�/秘密�を�れ�れ�む一対��ッファ�らEd25519�ペアをイン�ート���。
+    ��関数�圧縮��圧縮�両方��を処����。
+    \return 0  Ed25519_KEY�イン�ート��功����。
     \return BAD_FUNC_ARG  priv���key�NULL�評価�れ�場��privSz�ED25519_KEY_SIZE�異�る�る��ED25519_PRV_KEY_SIZE�も異�る場��pubSz�ED25519_PUB_KEY_SIZEよりも���場��返�れ��。
-    \param [in]  秘密�を�む�ッファ��PRIV�インタ。
-    \param [in]  秘密��Privsz長�。
-    \param [in]  公開�を�む�ッファ��Pub�インタ。
-    \param [in]  公開��Pubsz�長�。
+    \param [in] priv 秘密�を�む�ッファ���インタ。
+    \param [in] privSz 秘密��ッファ�サイズ
+    \param [in] pub 公開�を�む�ッファ���インタ。
+    \param [in] pubSz 公開��ッファ�サイズ
+
     _Example_
     \code
     int ret;
@@ -497,12 +593,13 @@ int wc_ed25519_import_private_key(const byte* priv, word32 privSz,
     \brief ��関数�一対��ッファ�らEd25519公開�/秘密�ペアをイン�ート���。��関数�圧縮キー��圧縮キー�両方を処����。公開��trusted引数�より信頼�れ������れ�場���秘密��対��検証�れ��。
     \return 0 ed25519_key�イン�ート��功����。
     \return BAD_FUNC_ARG Returned if priv�る��key�NULL�評価�れ�場��privSz�ED25519_KEY_SIZE�もED25519_PRV_KEY_SIZE�も異�る場��pubSz�ED25519_PUB_KEY_SIZEより���場��返�れ��。
-    \param [in] priv 秘密�を���る�ッファ���インター
+    \param [in] priv 秘密�を���る�ッファ���インタ
     \param [in] privSz 秘密��ッファ�サイズ
-    \param [in] pub 公開�を���る�ッファ���インター
+    \param [in] pub 公開�を���る�ッファ���インタ
     \param [in] pubSz 公開��ッファ�サイズ
     \param [in,out] key イン�ート�れ�公開�/秘密�を���るed25519_keyオブジェクト���インター
-    \param [in] trusted 公開��信頼��る���。
+    \param [in] trusted 公開��信頼��る���を指定�るフラグ
+
     _Example_
     \code
     int ret;
@@ -527,13 +624,16 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
     const byte* pub, word32 pubSz, ed25519_key* key, int trusted);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��秘密�をED25519_Key構造体�らエクス�ート���。公開�を�ッファアウト�格���ounteren����ッファ�書�込�れ��イトを設定���。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体�ら公開�をエクス�ート���。公開�を�ッファout�格���outLen����ッファ�書�込�れ��イトを設定���。
     \return 0  公開��エクス�ート��功��ら返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力値�NULL�評価�れ�場��返�れ��。
-    \return BUFFER_E  �供�れ��ッファー�秘密�を�存�る���分�大�����場��返�れ��。��エラーを返���outlen�必��サイズを設定���。
-    \param [in]  公開�をエクス�ート�る���ED25519_Key構造体��キー�インタ。
-    \param [out]  公開�を�存�る�ッファ���インタ。
+    \return BUFFER_E  �供�れ��ッファー�公開�を�存�る���分�大�����場��返�れ��。��エラーを返���outlen�必��サイズを設定���。
+    \param [in] key 公開�をエクス�ート�る���ed25519_key構造体���インタ。
+    \param [out] out 公開�を�存�る�ッファ���インタ。
+    \param [in,out] outLen 公開�を出力�る先��ッファサイズを格��るword32型変数���インタ。
+    入力�際��ッファサイズを格���渡��出力�際�エクス�ート��公開��サイズを格����。
+
     _Example_
     \code
     int ret;
@@ -555,13 +655,16 @@ int wc_ed25519_import_private_key_ex(const byte* priv, word32 privSz,
 int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Key構造体�ら�秘密���をエクス�ート���。秘密�を�ッファアウト�格���outlen����ッファ�書�込�れ��イトを設定���。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体�ら�秘密���をエクス�ート���。秘密�を�ッファアウト�格���outlen����ッファ�書�込�れ��イトを設定���。
     \return 0  秘密��エクス�ート��功��ら返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力値�NULL�評価�れ�場��返�れ��。
     \return BUFFER_E  �供�れ��ッファー�秘密�を�存�る���分�大�����場��返�れ��。
-    \param [in]  秘密�をエクス�ート�る���ED25519_Key構造体��キー�インタ。
-    \param [out]  秘密�を�存�る�ッファ���インタ。
+    \param [in] key 秘密�をエクス�ート�る���ed25519_key構造体���インタ。
+    \param [out] out 秘密�を�存�る�ッファ���インタ。
+    \param [in,out] outLen 秘密�を出力�る先��ッファサイズを格��るword32型変数���インタ。
+    入力�際��ッファサイズを格���渡��出力�際�エクス�ート��秘密��サイズを格����。
+
     _Example_
     \code
     int ret;
@@ -582,13 +685,16 @@ int wc_ed25519_export_public(ed25519_key* key, byte* out, word32* outLen);
 int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_Key構造体�らキーペアをエクス�ート���。キーペアを�ッファOUT�格���ounteren����ッファ�書�込�れ��イトを設定���。
-    \return 0  キーペア�エクス�ート��功��ら返�れ��。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体�ら�ペアをエクス�ート���。�ペアを�ッファout�格���ounteren����ッファ�書�込�れ��イトを設定���。
+    \return 0  �ペア�エクス�ート��功��ら返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力値�NULL�評価�れ�場��返�れ��。
-    \return BUFFER_E  �供�れ��る�ッファー�キーペアを�存�る���分�大�����場��返�れ��。
-    \param [in]  キーペアをエクス�ート�る���ED25519_Key構造体��キー�インタ。
-    \param [out]  キーペアを�存�る�ッファ���インタ。
+    \return BUFFER_E  �供�れ��る�ッファー��ペアを�存�る���分�大�����場��返�れ��。
+    \param [in]  �ペアをエクス�ート�る���ed25519_key構造体���インタ。
+    \param [out]  �ペアを�存�る�ッファ���インタ。
+    \param [in,out] outLen �ペアを出力�る先��ッファサイズを格��るword32型変数���インタ。
+    入力�際��ッファサイズを格���渡��出力�際�エクス�ート���ペア�サイズを格����。
+
     _Example_
     \code
     ed25519_key key;
@@ -613,15 +719,21 @@ int wc_ed25519_export_private_only(ed25519_key* key, byte* out, word32* outLen);
 int wc_ed25519_export_private(ed25519_key* key, byte* out, word32* outLen);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_KEY構造体��別�プライベートキー�公開�をエクス�ート���。秘密�を�ッファーPriv�格���PRIVSZ����ッファ�書�込�れ��イトを設定���。公開�を�ッファPUB�格���Pubsz����ッファ�書�込�れ��イトを設定���。
-    \return 0  キーペア�エクス�ート��功��ら返�れ��。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体�ら秘密��公開�を別々�エクス�ート���。
+    秘密�を�ッファpriv�格���priovSz����ッファ�書�込ん��イト数を設定���。
+    公開�を�ッファpub�格���pubSz����ッファ�書�込ん��イト数を設定���。
+    \return 0  �ペア�エクス�ート��功��ら返�れ��。
     \return BAD_FUNC_ARG  ��れ��入力値�NULL�評価�れ�場��返�れ��。
-    \return BUFFER_E  �供�れ��る�ッファー�キーペアを�存�る���分�大�����場��返�れ��。
-    \param [in]  キーペアをエクス�ート�る���ED25519_Key構造体��キー�インタ。
-    \param [out]  秘密�を�存�る�ッファ��PRIV�インタ。
-    \param [in,out]  PRIVSZ PIVINSZ�インタサイズ�表示�れ��るサイズを��Word32オブジェクト���インタ。秘密��エクス�ート後�書�込�れ��イト数を設定���。
-    \param [out]  パブリックキーを�存�る�ッファ��Pub。
+    \return BUFFER_E  �供�れ��る�ッファ��ペアを�存�る���分�大�����場��返�れ��。
+    \param [in] key �ペアをエクス�ート�る���ed25519_key構造体���インタ。
+    \param [out] priv 秘密�を出力�る�ッファ���インタ。
+    \param [in,out] privSz 秘密�を出力�る先��ッファ�サイズを���るword32型変数���インタ。
+    秘密��エクス�ート後��書�込�れ��イト数�セット�れ��。
+    \param [out] pub パブリックキーを出力�る�ッファ���インタ
+    \param [in,out] pubSz 公開�を出力�る先��ッファ�サイズを���るword32型変数���インタ。
+    公開��エクス�ート後��書�込�れ��イト数�セット�れ��。
+
     _Example_
     \code
     int ret;
@@ -647,11 +759,13 @@ int wc_ed25519_export_key(ed25519_key* key,
                           byte* pub, word32 *pubSz);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519_KEY構造体�公開�を�ェック���。
+    \ingroup ED25519
+    \brief  ��関数��ed25519_key構造体�公開�を�ェック���。
     \return 0  プライベートキー�公開��一致��場��返�れ��。
     \return BAD_FUNC_ARG  与�られ���NULL�場��返�れ��。
     \return PUBLIC_KEY_E 公開���照�����無効�場��返�れ��。
+    \param [in] key 公開��秘密��両方を�����るed25519_key構造体���インタ
+
     _Example_
     \code
     int ret;
@@ -672,10 +786,13 @@ int wc_ed25519_export_key(ed25519_key* key,
 int wc_ed25519_check_key(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
-    \brief  ��関数��ED25519  -  32�イト�サイズを返���。
+    \ingroup ED25519
+    \brief  ��関数��Ed25519  -  32�イト�サイズを返���。
     \return ED25519_KEY_SIZE  有効�秘密��サイズ（32�イト）。
-    \return BAD_FUNC_ARG  与�られ�キー�NULL�場��返�れ��。
+    \return BAD_FUNC_ARG  与�られ�引数key�NULL�場��返�れ��。
+    \param [in] key ed25519_key構造体���インタ
+
+
     _Example_
     \code
     int keySz;
@@ -692,10 +809,12 @@ int wc_ed25519_check_key(ed25519_key* key);
 int wc_ed25519_size(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
+    \ingroup ED25519
     \brief  ��関数��秘密�サイズ（secret + public）を�イト���返���。
     \return ED25519_PRV_KEY_SIZE  秘密��サイズ（64�イト）。
     \return BAD_FUNC_ARG  key引数�null�場��返�れ��。
+    \param [in] key ed25519_key構造体���インタ
+
     _Example_
     \code
     ed25519_key key;
@@ -713,10 +832,12 @@ int wc_ed25519_size(ed25519_key* key);
 int wc_ed25519_priv_size(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
+    \ingroup ED25519
     \brief  ��関数�圧縮�サイズを�イト���返���（公開�）。
     \return ED25519_PUB_KEY_SIZE  圧縮公開��サイズ（32�イト）。
     \return BAD_FUNC_ARG  key引数�null�場��返���。
+    \param [in] key ed25519_key構造体���インタ
+
     _Example_
     \code
     ed25519_key key;
@@ -733,10 +854,12 @@ int wc_ed25519_priv_size(ed25519_key* key);
 int wc_ed25519_pub_size(ed25519_key* key);
 
 /*!
-    \ingroup ED25519 
+    \ingroup ED25519
     \brief  ��関数��ED25519シグ��ャ�サイズ（�イト数64）を返���。
     \return ED25519_SIG_SIZE  ED25519シグ��ャ（64�イト）�サイズ。
     \return BAD_FUNC_ARG  key引数�null�場��返���。
+    \param [in] key ed25519_key構造体���インタ
+
     _Example_
     \code
     int sigSz;
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
index 34073553..7202e3c0 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/hmac.h
@@ -1,5 +1,5 @@
 /*!
-    \ingroup HMAC 
+    \ingroup HMAC
     \brief  ��関数�HMACオブジェクトを�期化����暗�化タイプ�キー��よ�HMAC�長�を設定���。
     \return 0  HMACオブジェクト��期化��功����
     \return BAD_FUNC_ARG  入力タイプ�無効�場��返�れ��。有効�オプション�次���り��.MD5�SHA�SHA256�SHA384�SHA3-224�SHA3-256�SHA3-384�SHA3-512
@@ -22,7 +22,7 @@
 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
 
 /*!
-    \ingroup HMAC 
+    \ingroup HMAC
     \brief  ��関数��HMACを使用���証�るメッセージを更新���。HMACオブジェクト�WC_HMACSETKEY��期化�れ�後�呼�出�れる����。��関数���ッシュ��メッセージを更新�る���複数回呼�出�れる����り��。必��応��wc_hmacupdateを呼�出��後�最終�証済�メッセージタグを�得�る���wc_hmacfinalを呼�出�必���り��。
     \return 0  �証�るメッセージ�更新��功����
     \return MEMORY_E  �ッシュアルゴリズム�使用�る���メモリを割り当�るエラー��る場�
@@ -47,7 +47,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz);
 int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
 
 /*!
-    \ingroup HMAC 
+    \ingroup HMAC
     \brief  ��関数��HMACオブジェクト�メッセージ�最終�ッシュを計算���。
     \return 0  最後��ッシュ�計算��功��
     \return MEMORY_E  �ッシュアルゴリズム�使用�る���メモリを割り当�るエラー��る場�
@@ -69,7 +69,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz);
 int wc_HmacFinal(Hmac* hmac, byte* out);
 
 /*!
-    \ingroup HMAC 
+    \ingroup HMAC
     \brief  ��関数��構��れ�暗�スイート�基���使用�能�最大�HMACダイジェストサイズを返���。
     \return Success  設定�れ�暗�スイート�基���使用�能�最大�HMACダイジェストサイズを返���
     _Example_
@@ -81,7 +81,7 @@ int wc_HmacFinal(Hmac* hmac, byte* out);
 int wolfSSL_GetHmacMaxSize(void);
 
 /*!
-    \ingroup HMAC 
+    \ingroup HMAC
     \brief  ��関数��HMACキー導出機能（HKDF）��アクセスを�供���。HMACを利用���任��SALT�オプション�情報を派生��キー�変����。0���NULL�指定�れ��る場���ッシュ型�デフォルト�MD5��り��。
     \return 0  与�られ�入力�キー�生���功��ら返�れ��
     \return BAD_FUNC_ARG  無効��ッシュ型�引数���指定�れ��る場��返�れ��。有効�型�次���り��.MD5�SHA�SHA256�SHA384�SHA3-224�SHA3-256�SHA3-384�SHA3-512
@@ -90,8 +90,8 @@ int wolfSSL_GetHmacMaxSize(void);
     \param type  HKDF�使用�る�ッシュタイプ。有効�型�次���り��.MD5�SHA�SHA256�SHA384�SHA3-224�SHA3-256�SHA3-384�SHA3-512
     \param inKey  KDF�使用�るキーを�む�ッファ���インタ
     \param inKeySz  入力キー�長�
-    \param salt  任��塩を�む緩�液���インタ。塩を使用���場��代�り�NULLを使用������
-    \param saltSz  塩�長�。塩を使用���場��0を使用������
+    \param salt  任��ソルトを�む�ッファ���インタ。ソルトを使用���場��代�り�NULLを使用������
+    \param saltSz  ソルト�長�。ソルトを使用���場��0を使用������
     \param info  オプション�追加情報を�む�ッファ���インタ。追加情報を追加�����場��NULLを使用������
     \param infoSz  追加情報�長�追加情報を使用���場��0を使用������
     \param out  派生キーを�存�る�ッファ���インタ
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
index 3ea03910..d80bfbee 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/pwdbased.h
@@ -1,14 +1,14 @@
 /*!
-    \ingroup Password 
-    \brief  ��機能�パスワードベース��導出機能1（PBKDF1）を実装��入力パスワードを連�塩�共�より安全���変���出力�記憶�る。�れ�より�HASH関数���SHA�MD5を�択����。
+    \ingroup Password
+    \brief  ��機能�パスワードベース��導出機能1（PBKDF1）を実装��入力パスワードを連�ソルト�共�より安全���変���出力�記憶�る。�れ�より�HASH関数���SHA�MD5を�択����。
     \return 0  入力パスワード�らキー�派生�正常�戻�れ�
     \return BAD_FUNC_ARG  与�られ�無効��ッシュタイプ��る場�（有効�タイプ�：MD5�SHA）��復�1未満�����求�れ�キー�長�（Klen）��供�れ��ッシュ��ッシュ長よりも大����。
     \return MEMORY_E  SHA���MD5オブジェクト�メモリを割り当�るエラー��る場��返�れ��。
     \param output  生��れ�キーを�存�る�ッファ���インタ。少���もklen long��る����
     \param passwd  キー�派生�使用�るパスワードを�む�ッファ���インタ
     \param pLen  キー�派生�使用�るパスワード�長�
-    \param salt  �由��使用�る塩を�む緩�液���インター
-    \param sLen  塩�長�
+    \param salt  �由��使用�るソルトを�む�ッファ���インター
+    \param sLen  ソルト�長�
     \param iterations  �ッシュを処��る���回数
     \param kLen  派生キー�希望�長�。�択���ッシュ�ダイジェストサイズより長��������ん
     _Example_
@@ -32,16 +32,16 @@ int wc_PBKDF1(byte* output, const byte* passwd, int pLen,
                       int typeH);
 
 /*!
-    \ingroup Password 
-    \brief  ��機能�パスワードベース�キー導出機能2（PBKDF2）を実装��入力パスワードを連��れ�塩��も�より安全�キー�変���出力�記憶�れ����。�れ�より�MD5�SHA�SHA256�SHA384�SHA512��よ�BLAKE2B���サ�ート�れ��るHMAC�ッシュ関数���れ�を�択����。
+    \ingroup Password
+    \brief  ��機能�パスワードベース�キー導出機能2（PBKDF2）を実装��入力パスワードを連��れ�ソルト��も�より安全�キー�変���出力�記憶�れ����。�れ�より�MD5�SHA�SHA256�SHA384�SHA512��よ�BLAKE2B���サ�ート�れ��るHMAC�ッシュ関数���れ�を�択����。
     \return 0  入力パスワード�らキー�派生�正常�戻�れ�
     \return BAD_FUNC_ARG  無効��ッシュタイプ��る場������復�1未満�場��返�れ��。
     \return MEMORY_E  HMACオブジェクト�割り振りメモリ��る場�
     \param output  生��れ�キーを�存�る�ッファ���インタ。klen long��る����
     \param passwd  キー�派生�使用�るパスワードを�む�ッファ���インタ
     \param pLen  キー�派生�使用�るパスワード�長�
-    \param salt  �由��使用�る塩を�む緩�液���インター
-    \param sLen  塩�長�
+    \param salt  �由��使用�るソルトを�む�ッファ���インター
+    \param sLen  ソルト�長�
     \param iterations  �ッシュを処��る���回数
     \param kLen  派生��望���長�
     _Example_
@@ -65,8 +65,8 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
                       int typeH);
 
 /*!
-    \ingroup Password 
-    \brief  ��関数��RFC 7292付録B�記載�れ��るパスワードベース�キー導出機能（PBKDF）を実装�����。��関数��入力パスワードを連�塩�より安全�キー�変����。�れ��MD5�SHA�SHA256�SHA384�SHA512��よ�BLAKE2Bを�む�ユーザー�サ�ート�れ��るHMAC�ッシュ関数���れ�を�択����。
+    \ingroup Password
+    \brief  ��関数��RFC 7292付録B�記載�れ��るパスワードベース�キー導出機能（PBKDF）を実装�����。��関数��入力パスワードを連�ソルト�より安全�キー�変����。�れ��MD5�SHA�SHA256�SHA384�SHA512��よ�BLAKE2Bを�む�ユーザー�サ�ート�れ��るHMAC�ッシュ関数���れ�を�択����。
     \return 0  入力パスワード�らキー�派生�正常�戻�れ�
     \return BAD_FUNC_ARG  返�れ�無効��ッシュタイプ�与�られ�場��繰り返��1未満�����求�れ�キー�長�（klen）��供�れ��ッシュ��ッシュ長よりも大����。
     \return MEMORY_E  割り当�メモリ��る場��返�れ��
@@ -84,8 +84,8 @@ int wc_PBKDF2(byte* output, const byte* passwd, int pLen,
     \param output  生��れ�キーを�存�る�ッファ���インタ。klen long��る����
     \param passwd  キー�派生�使用�るパスワードを�む�ッファ���インタ
     \param pLen  キー�派生�使用�るパスワード�長�
-    \param salt  �由��使用�る塩を�む緩�液���インター
-    \param sLen  塩�長�
+    \param salt  �由��使用�るソルトを�む�ッファ���インター
+    \param sLen  ソルト�長�
     \param iterations  �ッシュを処��る���回数
     \param kLen  派生��望���長�
     \param hashType  使用�る�ッシュアルゴリズム有効��択肢�次���り��.MD5�SHA�SHA256�SHA384�SHA512��よ�BLAKE2B
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
index 576fb473..99d4e236 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/rsa.h
@@ -1,6 +1,6 @@
 /*!
-    \ingroup RSA 
-    \brief  ��関数��供�れ�RSAKEY構造体を�期化���。���ユーザー定義メモリオー�ーライド�使用�る���ヒープ識別�も�り��（XMALLOC�XFREE�XREALLOCを�照）。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  ��関数��供�れ�RsaKey構造体を�期化���。���ユーザー定義メモリオー�ーライド�使用�る���ヒープ識別�も�り��（XMALLOC�XFREE�XREALLOCを�照）。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return 0  暗�化�復�化�使用�る���RSA構造��期化��功�����返�れ��。
     \return BAD_FUNC_ARGS  RSAキー�インタ�NULL�評価�れ�場��返�れ��
     \param key  �期化�るRSAKEY構造���インタ
@@ -20,12 +20,12 @@
 int  wc_InitRsaKey(RsaKey* key, void* heap);
 
 /*!
-    \ingroup RSA 
-    \brief  ��関数��供�れ�RSAKEY構造体を�期化���。ID�LEN��DEVID�デ�イスを識別���る間�デ�イス上�キーを識別�る���使用�れ��。���ユーザー定義メモリオー�ーライド�使用�る���ヒープ識別�も�り��（XMALLOC�XFREE�XREALLOCを�照）。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  ��関数��供�れ�RsaKey構造体を�期化���。ID�LEN��DEVID�デ�イスを識別���る間�デ�イス上�キーを識別�る���使用�れ��。���ユーザー定義メモリオー�ーライド�使用�る���ヒープ識別�も�り��（XMALLOC�XFREE�XREALLOCを�照）。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return 0  暗�化�復�化�使用�る���RSA構造��期化��功�����返�れ��。
     \return BAD_FUNC_ARGS  RSAキー�インタ�NULL�評価�れ�場��返�れ��
     \return BUFFER_E  LEN�RSA_MAX_ID_LENよりも���場�����大��場��返�れ��。
-    \param key  �期化�るRSAKEY構造���インタ
+    \param key  �期化�るRsaKey構造体���インタ
     \param id  デ�イス上�キー�識別�
     \param len  �イト数�識別��長�
     \param heap  メモリオー�ーライド�使用�る���ヒープ識別����インタ。メモリ割り当��カスタム処�を�能����。��ヒープ����RSAオブジェクト�使用�る���メモリを割り当�る���使用�れるデフォルト��り��。
@@ -55,11 +55,11 @@ int  wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
         void* heap, int devId);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�RNGをキー�関連付���。WC_RSA_BLINDING�有効�����る場��必���。
     \return 0  �功�戻��
     \return BAD_FUNC_ARGS  RSAキー�場��RNG�インタ�NULL�評価�れ�場�
-    \param key  関連付�られるRSAKEY構造���インタ
+    \param key  関連付�られるRsaKey構造体���インタ
     _Example_
     \code
     ret = wc_InitRsaKey(&key, NULL);
@@ -75,8 +75,8 @@ int  wc_InitRsaKey_Id(RsaKey* key, unsigned char* id, int len,
 int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
 
 /*!
-    \ingroup RSA 
-    \brief  ��関数��MP_Clearを使用���供�れ�RSAKEY構造体を解放���。
+    \ingroup RSA
+    \brief  ��関数��MP_Clearを使用���供�れ�RsaKey構造体を解放���。
     \return 0  キー�解放��功��ら返��れ��
     _Example_
     \code
@@ -91,7 +91,7 @@ int wc_RsaSetRNG(RsaKey* key, WC_RNG* rng);
 int  wc_FreeRsaKey(RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�メッセージをIN�ら暗�化�����果を格����。�期化�れ�公開��乱数発生器�必���。副作用������関数�ounlen�中�書�込�れ��イトを返���。
     \return Success  入力メッセージ�暗�化��功��ら��功�場��0を返��障害�場��ゼロ未満��。���outlen�値を格��る���よ���OUT�書�込�れ�数��イト数を返���。
     \return BAD_FUNC_ARG  入力パラメータ���れ��無効�場��返�れ��
@@ -113,7 +113,7 @@ int  wc_FreeRsaKey(RsaKey* key);
     \param inLen  暗�化�るメッセージ�長�
     \param out  出力暗�文を�存�る�ッファ���インタ
     \param outLen  出力�ッファ�長�
-    \param key  暗�化�使用�る公開�を�むRSAKEY構造体���インタ
+    \param key  暗�化�使用�る公開�を�むRsaKey構造体���インタ
     _Example_
     \code
     RsaKey pub;
@@ -138,7 +138,7 @@ int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
                                  word32 outLen, RsaKey* key, WC_RNG* rng);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�復�化����WC_RSAPrivateCrypt関数�よ��利用�れ��。
     \return Success  復�化データ�長�
     \return RSA_PAD_E  RSAUNPADエラー�フォーマット�悪�フォーマット
@@ -155,7 +155,7 @@ int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
                                         RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�秘密�RSA復�化を�供���。
     \return Success  復�化データ�長�
     \return MEMORY_E  -125�メモリエラー�発生����
@@ -183,7 +183,7 @@ int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
                                   word32 outLen, RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  �供�れ��列�秘密��署����。
     \return RSA_BUFFER_E:  -131�RSA�ッファエラー�出力������り入力�大����り�る
     \param in  暗�化�れる�イト�列。
@@ -209,7 +209,7 @@ int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
                             word32 outLen, RsaKey* key, WC_RNG* rng);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  メッセージ�RSAキー�よ��署��れ���を確��る���使用�れ��。出力�入力����イト�列を使用���。
     \return >0  テキスト�長�
     \return <0  エラー�発生����。
@@ -240,7 +240,7 @@ int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out,
                                     RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  メッセージ�キー�よ��署��れ���を確��る���使用�れ��。
     \return Success  エラー���テキスト�長�。
     \return MEMORY_E  メモリ例外
@@ -266,7 +266,7 @@ int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
                               word32 outLen, RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  �供�れ��列�秘密��署����。
     \return RSA_BUFFER_E:  -131�RSA�ッファエラー�出力������り入力�大����り�る
     \param in  暗�化�れる�イト�列。
@@ -310,14 +310,15 @@ int  wc_RsaPSS_Sign(const byte* in, word32 inLen, byte* out,
                                 RsaKey* key, WC_RNG* rng);
 
 /*!
-    \ingroup RSA 
-    \brief  入力署�を復�化���メッセージ�キー�よ��署��れ���を確����。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
-    \return Success  エラー���テキスト�長�。
+    \ingroup RSA
+    \brief  入力署�を復����メッセージ���よ��署��れ���を確����。WC_RSA_BLINDING�有効�場����wc_RsaSetRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \return Success  エラー���場��テキスト�長�を返���
     \return MEMORY_E  メモリ例外
-    \param in  復�化�れる�イト�列。
-    \param inLen  �長�
-    \param out  格��る復�化データ��イト�列。
-    \param outLen  �長�
+    \return MP_EXPTMOD_E - fastmathを使用�る様�構��れ��る場��FP_MAX_BITS��サイズ�少���も2��設定�れ����(例��4096-bit長��を使用�る場���FP_MAX_BITS�8192以上�設定�る��)。
+    \param in  復��れる署�データ�格��れ��る�ッファ
+    \param inLen  署�データ�長�
+    \param out  復�データ�出力先�ッファ
+    \param outLen  出力先�ッファサイズ
     \param hash  メッセージ�入る�ッシュ型
     \param mgf  マスク生�機能識別�
     _Example_
@@ -356,8 +357,8 @@ int  wc_RsaPSS_Verify(byte* in, word32 inLen, byte* out,
                                   RsaKey* key);
 
 /*!
-    \ingroup RSA 
-    \brief  入力署�を復�化���メッセージ�RSAキー�よ��署��れ���を確����。出力�入力����イト�列を使用���。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  入力署�を復�化���メッセージ�RSAキー�よ��署��れ���を確����。出力�入力����イト�列を使用���。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return >0  テキスト�長�
     \return <0  エラー�発生����。
     \param in  復�化�れる�イト�列。
@@ -406,8 +407,8 @@ int  wc_RsaPSS_VerifyInline(byte* in, word32 inLen, byte** out,
                                         enum wc_HashType hash, int mgf,
                                         RsaKey* key);
 /*!
-    \ingroup RSA 
-    \brief  RSA-PSS�署��れ�メッセージを確�������。塩�長���ッシュ長�等��。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  RSA-PSS�署��れ�メッセージを確�������。ソルト�長���ッシュ長�等��。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return the  PSSデータ�長���功��負�障害�発生���。
     \return MEMORY_E  メモリ例外
     \param in  復�化�れる�イト�列。
@@ -468,8 +469,8 @@ int  wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
                                enum wc_HashType hash, int mgf,
                                RsaKey* key);
 /*!
-    \ingroup RSA 
-    \brief  RSA-PSS�署��れ�メッセージを確�������。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  RSA-PSS�署��れ�メッセージを確�������。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return the  PSSデータ�長���功��負�障害�発生���。
     \return MEMORY_E  メモリ例外
     \param in  復�化�れる�イト�列。
@@ -480,7 +481,7 @@ int  wc_RsaPSS_VerifyCheck(byte* in, word32 inLen,
     \param digestLen  �ッシュ�長�
     \param hash  �ッシュアルゴリズム
     \param mgf  マスク生�機能
-    \param saltLen  使用�れる塩�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）塩�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��塩�長��データ�ら決定�れ��。
+    \param saltLen  使用�れるソルト�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）ソルト�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��ソルト�長��データ�ら決定�れ��。
     _Example_
     \code
     ret = wc_InitRsaKey(&key, NULL);
@@ -531,8 +532,8 @@ int  wc_RsaPSS_VerifyCheck_ex(byte* in, word32 inLen,
                                RsaKey* key);
 
 /*!
-    \ingroup RSA 
-    \brief  RSA-PSS�署��れ�メッセージを確�������。入力�ッファ�出力�ッファ��利用�れ��。塩�長���ッシュ長�等��。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  RSA-PSS�署��れ�メッセージを確�������。入力�ッファ�出力�ッファ��利用�れ��。ソルト�長���ッシュ長�等��。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return the  PSSデータ�長���功��負�障害�発生���。
     \param in  復�化�れる�イト�列。
     \param inLen  �長�
@@ -589,8 +590,8 @@ int  wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
                                enum wc_HashType hash, int mgf,
                                RsaKey* key);
 /*!
-    \ingroup RSA 
-    \brief  RSA-PSS�署��れ�メッセージを確�������。入力�ッファ�出力�ッファ��利用�れ��。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  RSA-PSS�署��れ�メッセージを確�������。入力�ッファ�出力�ッファ��利用�れ��。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return the  PSSデータ�長���功��負�障害�発生���。
     \param in  復�化�れる�イト�列。
     \param inLen  �長�
@@ -599,7 +600,7 @@ int  wc_RsaPSS_VerifyCheckInline(byte* in, word32 inLen, byte** out,
     \param digestLen  �ッシュ�長�
     \param hash  メッセージ�入る�ッシュ型
     \param mgf  マスク生�機能識別�
-    \param saltLen  使用�れる塩�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）塩�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��塩�長��データ�ら決定�れ��。
+    \param saltLen  使用�れるソルト�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）ソルト�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��ソルト�長��データ�ら決定�れ��。
     _Example_
     \code
     ret = wc_InitRsaKey(&key, NULL);
@@ -649,8 +650,8 @@ int  wc_RsaPSS_VerifyCheckInline_ex(byte* in, word32 inLen, byte** out,
                                RsaKey* key);
 
 /*!
-    \ingroup RSA 
-    \brief  PSSデータを確����署��一致�るよ�����。塩�長���ッシュ長�等��。wc_rsa_blinding�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
+    \ingroup RSA
+    \brief  PSSデータを確����署��一致�るよ�����。ソルト�長���ッシュ長�等��。WC_RSA_BLINDING�有効�場��キー�WC_RSASETRNG�よ��RNG�関連付�られ��れ��り��ん。
     \return BAD_PADDING_E  PSSデータ�無効�場��NULL�IN���SIG���INSZ�渡�れる��BAD_FUNC_ARG��ッシュアルゴリズム�長�������り��ん。
     \return MEMORY_E  メモリ例外
     \param in  検証中�データ��ッシュ。
@@ -702,8 +703,8 @@ int  wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
                                         word32 sigSz,
                                         enum wc_HashType hashType);
 /*!
-    \ingroup RSA 
-    \brief  PSSデータを確����署��一致�るよ�����。塩�長���ッシュ長�等��。
+    \ingroup RSA
+    \brief  PSSデータを確����署��一致�るよ�����。ソルト�長���ッシュ長�等��。
     \return BAD_PADDING_E  PSSデータ�無効�場��NULL�IN���SIG���INSZ�渡�れる��BAD_FUNC_ARG��ッシュアルゴリズム�長�������り��ん。
     \return MEMORY_E  メモリ例外
     \param in  検証中�データ��ッシュ。
@@ -711,7 +712,7 @@ int  wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
     \param sig  PSSデータを���る�ッファ。
     \param sigSz  PSSデータ�サイズ。
     \param hashType  �ッシュアルゴリズム
-    \param saltLen  使用�れる塩�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）塩�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��塩�長��データ�ら決定�れ��。
+    \param saltLen  使用�れるソルト�長�。RSA_PSSS_SALT_LEN_DEFAULT（-1）ソルト�長���ッシュ長�����。RSA_PSS_SALT_LEN_DISCOVER��ソルト�長��データ�ら決定�れ��。
     _Example_
     \code
     ret = wc_InitRsaKey(&key, NULL);
@@ -755,7 +756,7 @@ int  wc_RsaPSS_CheckPadding(const byte* in, word32 inLen, byte* sig,
 int  wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* sig,
                 word32 sigSz, enum wc_HashType hashType, int saltLen, int bits);
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  �供�れ�キー構造�暗�化サイズを返���。
     \return Success  �供�れ�キー構造�暗�化サイズ。
     _Example_
@@ -769,7 +770,7 @@ int  wc_RsaPSS_CheckPadding_ex(const byte* in, word32 inLen, byte* sig,
 int  wc_RsaEncryptSize(RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�Derフォーマット�れ�RSA秘密�を解���秘密�を抽出���れを与�られ�Resakey構造�格����。IDX�解��れ��離も設定���。
     \return 0  DERエンコード入力�ら秘密��解���功�����返�れ��
     \return ASN_PARSE_E  入力�ッファ�ら秘密�を解��るエラー��る場��返�れ��。�れ��入力秘密��ASN.1�格�従��正��フォーマット�れ����場��発生�る�能性��り��。
@@ -797,8 +798,8 @@ int  wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
                             RsaKey* key, word32 inSz);
 
 /*!
-    \ingroup RSA 
-    \brief  ��関数�Derフォーマット�RSA公開�を解���公開�を抽出���れを指定�れ�Resakey構造�格����。IDX�解��れ��離も設定���。
+    \ingroup RSA
+    \brief  ��関数�Derフォーマット�RSA公開�を解���公開�を抽出���れを指定�れ�RsaKey構造体�格����。IDX�解��れ��離も設定���。
     \return 0  DERエンコード入力�ら公開��解���功�����返�れ�
     \return ASN_PARSE_E  入力�ッファ�ら公開�を解���エラー��る場��返�れ��。�れ��入力公開��ASN.1�格�従��正��フォーマット�れ����場��発生�る�能性��り��。
     \return ASN_OBJECT_ID_E  ASN.1オブジェクトID�RSA公開���れ�一致���場��返�れ��。
@@ -807,7 +808,7 @@ int  wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx,
     \return ASN_RSA_KEY_E  RSAキー入力�公開��素を読��るエラー��る場�
     \param input  復��る入力DERエンコードRSA公開�を�む�ッファ���インタ
     \param inOutIdx  キー�始�る�ッファ内�インデックス���インタ（通常�0）。��関数�副作用����InoutIDX�入力�ッファを介��解��れ��離を記憶���
-    \param key  デコード�れ�公開�を�存�るRSAKEY構造体���インタ
+    \param key  デコード�れ�公開�を�存�るRsaKey構造体���インタ
     _Example_
     \code
     RsaKey pub;
@@ -827,9 +828,9 @@ int  wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx,
                            RsaKey* key, word32 inSz);
 
 /*!
-    \ingroup RSA 
-    \brief  ��関数��公開弾性率（n）�指数（e）を撮影���RSA公開��生��素を復����。�れら�生��素を�供�れ�RSAKEY構造体�格���暗�化/復�化プロセス�使用�る�������。
-    \return 0  公開��生��素をRSAKEY構造�復������返�れ�
+    \ingroup RSA
+    \brief  ��関数��公開弾性率（n）�指数（e）を撮影���RSA公開��生��素を復����。�れら�生��素を�供�れ�RsaKey構造体�格���暗�化/復�化プロセス�使用�る�������。
+    \return 0  公開��生��素をRsaKey構造体�復������返�れ�
     \return BAD_FUNC_ARG  ��れ��入力引数�NULL�評価�れ�場��返�れ��。
     \return MP_INIT_E  複数�精密整数（MP_INT）ライブラリ�使用�る���整数��期化中�エラー��る場�
     \return ASN_GETINT_E  �供�れ�RSAキー�素�n���e���れ�を読むエラー��る場��返�れ��
@@ -856,12 +857,12 @@ int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
                                         const byte* e, word32 eSz, RsaKey* key);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��機能�RSAKEYキーをDERフォーマット�変����。�果�出力�書�込�れ�書�込�れ��イト数を返���。
-    \return 0  �功
+    \return >0  �功�書�れ��イト数。
     \return BAD_FUNC_ARG  キー���出力�NULL�場�����キー - >タイプ�RSA_PRIVATE���場�����INLEN�出力�ッファ��分�大�����場��返�れ��。
     \return MEMORY_E  メモリ�割り当�中�エラー�発生��場��返�れ��。
-    \param key  �期化�れ�RSAKEY構造
+    \param key  �期化�れ�RsaKey構造体
     \param output  出力�ッファ���インタ。
     _Example_
     \code
@@ -888,7 +889,7 @@ int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
 int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��機能����パディングを使用�る�を�択���らRSA暗�化を実行���。
     \return size  正常�暗�化�れ��る��暗�化�れ��ッファ�サイズ�返�れ��
     \return RSA_BUFFER_E  RSA�ッファエラー�出力������り入力�大����り�る
@@ -896,7 +897,7 @@ int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen);
     \param inLen  暗�化�る�ッファ�長�
     \param out  暗�化�れ�MSG�作��れ���
     \param outLen  暗�化�れ�MSGを���る���利用�能��ッファ�長�
-    \param key  �期化RSAキー構造体
+    \param key  �期化��RsaKey構造体
     \param rng  �期化�れ�WC_RNG構造体
     \param type  使用�るパディング�種類（WC_RSA_OAEP_PAD���WC_RSA_PKCSV15_PAD）
     \param hash  使用�る�ッシュ�種類（�択�hash.h��り��）
@@ -925,7 +926,7 @@ int  wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
                    enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�RSAを使用��メッセージを復�化����パディングタイプ�オプションを指定���。
     \return size  復�化��功�る��復�化�れ�メッセージ�サイズ�返�れ��。
     \return MEMORY_E  必���列をMalloc�Malloc��る���分�メモリ���場��返�れ��。
@@ -934,7 +935,7 @@ int  wc_RsaPublicEncrypt_ex(const byte* in, word32 inLen, byte* out,
     \param inLen  復�化�る�ッファ�長�
     \param out  復�化�れ�MSG�作��れ���
     \param outLen  復�化�れ�MSGを���る���利用�能��ッファ�長�
-    \param key  �期化RSAキー構造体
+    \param key  �期化��RsaKey構造体
     \param type  使用�るパディング�種類（WC_RSA_OAEP_PAD���WC_RSA_PKCSV15_PAD）
     \param hash  使用�る�ッシュ�種類（�択�hash.h��り��）
     \param mgf  使用�るマスク生�機能�種類
@@ -968,7 +969,7 @@ int  wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
                    enum wc_HashType hash, int mgf, byte* label, word32 labelSz);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�RSAを使用��メッセージをインライン�復�化����パディングタイプ�オプションを示���。IN�ッファ���呼�出�れ�後�復�化�れ�メッセージ���れ�アウト�イト�インタ�プレーンテキスト��る「IN��ッファ内�場所を指���。
     \return size  復�化��功�る��復�化�れ�メッセージ�サイズ�返�れ��。
     \return MEMORY_E:  必���列をMalloc�Malloc��る���分�メモリ���場��返�れ��。
@@ -978,7 +979,7 @@ int  wc_RsaPrivateDecrypt_ex(const byte* in, word32 inLen,
     \param in  復�化�����ッファ���インタ
     \param inLen  復�化�る�ッファ�長�
     \param out  "in"�ッファ�復�化�れ�メッセージ��置���インタ
-    \param key  �期化RSAキー構造体
+    \param key  �期化��RsaKey構造体
     \param type  使用�るパディング�種類（WC_RSA_OAEP_PAD���WC_RSA_PKCSV15_PAD）
     \param hash  使用�る�ッシュ�種類（�択�hash.h��り��）
     \param mgf  使用�るマスク生�機能�種類
@@ -1013,8 +1014,8 @@ int  wc_RsaPrivateDecryptInline_ex(byte* in, word32 inLen,
                       int mgf, byte* label, word32 labelSz);
 
 /*!
-    \ingroup RSA 
-    \brief  RSAアルゴリズム�使用�れる個々��素（E�N）�RSAKEY構造体を平ら����。
+    \ingroup RSA
+    \brief  RSAアルゴリズム�使用�れるRsaKey構造体�個々��素（E�N）を�ッファ��り出���。
     \return 0  関数�正常�実行�れ�場���エラー���返�れ��。
     \return BAD_FUNC_ARG:  ��れ��パラメータ�NULL値�渡�れ�場��返�れ��。
     \return RSA_BUFFER_E:  渡�れ�e���n�ッファ�正��サイズ����場��返�れ��。
@@ -1046,13 +1047,13 @@ int  wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
                             word32* nSz);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  RSA公開�をDERフォーマット�変����。出力�書�込��書�込�れ��イト数を返���。
     \return >0  �功�書�れ��イト数。
     \return BAD_FUNC_ARG  キー���出力�NULL�場��返�れ��。
     \return MEMORY_E  エラー割り当�メモリ�発生�����返�れ��。
     \return <0  エラー
-    \param key  変��るRSAキー構造。
+    \param key  変��るRsaKey構造体。
     \param output  �留�れ�出力�ッファー。（NULL�長���を返�場�）
     _Example_
     \code
@@ -1074,13 +1075,13 @@ int  wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
 int wc_RsaKeyToPublicDer(RsaKey* key, byte* output, word32 inLen);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  RSA公開�をDERフォーマット�変����。出力�書�込��書�込�れ��イト数を返���。with_header�0�場�（seq + n + e）���ASN.1 Derフォーマット�返�れ�ヘッダーを除外���。
     \return >0  �功�書�れ��イト数。
     \return BAD_FUNC_ARG  キー���出力�NULL�場��返�れ��。
     \return MEMORY_E  エラー割り当�メモリ�発生�����返�れ��。
     \return <0  エラー
-    \param key  変��るRSAキー構造。
+    \param key  変��るRsaKey構造体。
     \param output  �留�れ�出力�ッファー。（NULL�長���を返�場�）
     _Example_
     \code
@@ -1103,12 +1104,12 @@ int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
     int with_header);
 
 /*!
-    \ingroup RSA 
-    \brief  ��関数��長�サイズ（ビット��）�RSA秘密�を生���指数（e）を指定���。次����キーを�供�れ�RSAKEY構造体�格��る���暗�化/復�化�使用����。E�使用�るセキュア番��65537��。サイズ��RSA_MIN_SIZEよりも大���RSA_MAX_SIZEよりも大���る必���り��。��機能�利用�能��る���コンパイル時�オプションwolfssl_key_genを有効��る必���り��。�れ�� - を使用������./configureを使用�る場���-enable-keygen�実�����。
+    \ingroup RSA
+    \brief  ��関数��長�サイズ（ビット��）�RSA秘密�を生���指数（e）を指定���。次����キーを�供�れ�RsaKey構造体�格��る���暗�化/復�化�使用����。E�使用�るセキュア番��65537��。サイズ��RSA_MIN_SIZEよりも大���RSA_MAX_SIZEよりも大���る必���り��。��機能�利用�能��る���コンパイル時�オプションwolfssl_key_genを有効��る必���り��。�れ�� - を使用������./configureを使用�る場���-enable-keygen�実�����。
     \return 0  RSA秘密��生���功��ら返�れ���
     \return BAD_FUNC_ARG  入力引数���れ��NULL�場��サイズパラメータ�必��範囲外��る��e�誤���択�れ��る場�
     \return RNG_FAILURE_E  �供�れ�RNG構造体を使用��ランダムブロックを生��るエラー��る場�
-    \return MP_INIT_E 
+    \return MP_INIT_E
     \return MP_READ_E  RSAキー�生�中�使用�れ�数学ライブラリ�エラー��る場��返�れ�RSAキー�生�中�使用�れ�数学ライブラリ�エラー��る場��返�れる�能性��り��。
     \return MP_CMP_E  RSAキー�生�中�使用�れ��る数学ライブラリ�エラー��る場��返�れる�能性��り��。
     \return MP_INVMOD_E  RSAキー�生�中�使用�れ��る数学ライブラリ�エラー��る場��返�れる�能性��り��。
@@ -1143,7 +1144,7 @@ int wc_RsaKeyToPublicDer_ex(RsaKey* key, byte* output, word32 inLen,
 int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数��ブロック�れ����RSAコンテキストを設定���。RSANBコンテキスト�設定�れ��る場��RSA関数を多������作�分割�る高速数学ベース��ブロッキングEXPTMOD��能��り��。wc_rsa_nonblock�定義�れ��る���有効�������。
     \return 0  �功
     \return BAD_FUNC_ARG  キー���NB�NULL�場��返�れ��。
@@ -1179,11 +1180,11 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng);
 int wc_RsaSetNonBlock(RsaKey* key, RsaNb* nb);
 
 /*!
-    \ingroup RSA 
+    \ingroup RSA
     \brief  ��関数�最大ブロック時間�最大ブロック時間をマイクロ秒���設定���。�れ��メガヘルツ�CPU速度�共�事�計算�れ�テーブル（TFM.cexptModnbinstを�照）を使用����供�れ�最大ブロック時間内�次�動作を完了��る����を判断���。wc_rsa_nonblock_time�定義�れ��る���有効��り��。
     \return 0  �功
     \return BAD_FUNC_ARG  キー�NULL�場�����WC_RSASETNONBLOCK�以��呼�出�れ�キー - > NB�NULL�場��返�れ��。
-    \param key  RSAキー構造
+    \param key  RsaKey構造体
     \param maxBlockUs  マイクロ秒をブロック�る最大時間。
     _Example_
     \code
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
index cf50eb3d..30a136d0 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/srp.h
@@ -1,5 +1,5 @@
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  使用方法����SRP構造体を�期化���。
     \return 0  �功�����。
     \return BAD_FUNC_ARG  SRP���引数�NULL���SRPSIDE��題��る場���SRP_CLIENT_SIES���SRP_SERVER_SIED���題��る場��返���。
@@ -25,7 +25,7 @@
 int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  使用後�SRP構造リソースを解放���。
     \return none  ���返���。
     _Example_
@@ -40,7 +40,7 @@ int wc_SrpInit(Srp* srp, SrpType type, SrpSide side);
 void wc_SrpTerm(Srp* srp);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  ユーザー�を設定���。��関数��wc_srpinit�後�呼�出�必���り��。
     \return 0  ユーザー��正常�設定�れ���。
     \return BAD_FUNC_ARG:  srp���username�null�場��返���。
@@ -68,7 +68,7 @@ void wc_SrpTerm(Srp* srp);
 int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  ユーザー��基���SRPパラメータを設定���.. wc_srpsetuserName�後�呼�出�必���り��。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP�N�G����SALT�NULL�場�����NSZ <GSZ�場��返���。
@@ -79,7 +79,7 @@ int wc_SrpSetUsername(Srp* srp, const byte* username, word32 size);
     \param nSz  nサイズを�イト���。
     \param g  ジェ�レータモジュロN.
     \param gSz  �イト数�Gサイズ
-    \param salt  ���ランダム�塩。�ユーザー��特有�も���。
+    \param salt  ���ランダム�ソルト。�ユーザー��特有�も���。
     _Example_
     \code
     Srp srp;
@@ -109,7 +109,7 @@ int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,
                                           const byte* salt, word32 saltSz);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  パスワードを設定���。パスワードを設定��も�SRP構造内�パスワードデータ�消去�れ��ん。クライアント��x = h（salt + h（user：pswd））を計算���れを�証フィールド�格����。��関数��wc_srpsetparams�後�呼�出�れ��れ��ら��クライアント�����。
     \return 0  �功
     \return BAD_FUNC_ARG  srp���password�null�場�����srp-> side�srp_client_side�設定�れ����場�。
@@ -147,7 +147,7 @@ int wc_SrpSetParams(Srp* srp, const byte* N,    word32 nSz,
 int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  検証者を設定���。��関数��wc_srpsetparams�後�呼�出�れ�サー�ー�����。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP���Verifier�NULL���SRP-> IS�場��SRP_SERVER_SIED����返�れ��。
@@ -182,7 +182,7 @@ int wc_SrpSetPassword(Srp* srp, const byte* password, word32 size);
 int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  検証者を�得���。クライアント�V = g ^ x％N�検証者を計算���。��関数��wc_srpsetpassword�後�呼�出�れ�クライアント�����。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP�Verifier����Size�NULL�場�����SRP-> SIDE�SRP_CLIENT_SIED����場��返�れ��。
@@ -222,7 +222,7 @@ int wc_SrpSetVerifier(Srp* srp, const byte* verifier, word32 size);
 int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  プライベート�エフェラル値を設定���。プライベート�一時的�値��クライアント��A���知られ����。サー�ー��and random（）b。b = random（）��関数��ユニットテストケース����開発者�外部ランダムソースを使用��エフェメラル値を設定���場��便利��。��関数��WC_SRPGetPublic���呼�出�れる����り��。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP�Private����Size�NULL�場��返�れ��。
@@ -258,7 +258,7 @@ int wc_SrpGetVerifier(Srp* srp, byte* verifier, word32* size);
 int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  公共�一時的�値を�得���。公共�一時的�値��クライアント��A���知られ����。サー���A = g ^ A％n b。B =（k * v +（g b％n））％n wc_srpsetpassword���wc_srpsetverifier�後�呼�出�必���り��。関数WC_SRPSetPrivate��WC_SRPGetPublic���呼�出�れる����り��。
     \return 0  �功
     \return BAD_FUNC_ARG  srp�pub����size�null�場��返�れ��。
@@ -300,7 +300,7 @@ int wc_SrpSetPrivate(Srp* srp, const byte* priv, word32 size);
 int wc_SrpGetPublic(Srp* srp, byte* pub, word32* size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  セッションキーを計算���。�功後�SRP->キー�キーをアクセス����。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP�ClientPubKey����ServerPubKey�場�����ClientPubkeysz���ServerPubKeysz�0�場��返�れ��。
@@ -344,7 +344,7 @@ int wc_SrpComputeKey(Srp* srp,
                                  byte* serverPubKey, word32 serverPubKeySz);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  証明を�得���。��関数��wc_srpcomputekey�後�呼�出�必���り��。
     \return 0  �功
     \return BAD_FUNC_ARG  SRP�PROV����SIZE�NULL�場��返���。
@@ -370,7 +370,7 @@ int wc_SrpComputeKey(Srp* srp,
 int wc_SrpGetProof(Srp* srp, byte* proof, word32* size);
 
 /*!
-    \ingroup SRP 
+    \ingroup SRP
     \brief  ピアプルーフを確����。��関数��WC_SRPGetSessionKey���呼�出�必���り��。
     \return 0  �功
     \return <0  エラー
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
index 16923ae6..5efe2b62 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files-ja/ssl.h
@@ -1,6 +1,8 @@
 /*!
-    \brief  
-    \return pointer  ��関数��新��wolfssl_method構造体���インタを返���。
+    \brief ��関数�DTLS v1.2 クライアントメソッドを�期化���。
+    \return 作���功��場���WOLFSSL_METHOD�インタを返���。
+    \return メモリ割り当�エラー���メソッド�作��失敗�場��NULLを返���。
+
     _Example_
     \code
     wolfSSL_Init();
@@ -15,10 +17,11 @@
 WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��Wolfsslv23_client_method��様�wolfssl_methodを返���（サー�ー/クライアント）。
-    \return WOLFSSL_METHOD*  �功��作����wolfssl_method�インタを返���
-    \return NULL  メモリ割り当�エラー���メソッド�作��失敗�場��null
+    \ingroup Setup
+    \brief  ��関数��wolfSSLv23_client_method��様�WOLFSSL_METHODを返���（サー�ー/クライアント）。
+    \return 作���功��場���WOLFSSL_METHOD�インタを返���。
+    \return メモリ割り当�エラー���メソッド�作��失敗�場��NULLを返���。
+
     _Example_
     \code
     WOLFSSL* ctx;
@@ -31,10 +34,12 @@ WOLFSSL_METHOD *wolfDTLSv1_2_client_method_ex(void* heap);
 WOLFSSL_METHOD *wolfSSLv23_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFSSLV3_SERVER_METHOD（）関数��アプリケーション�サー�ー��る��を示����使用�れ�SSL 3.0プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfSSLv3_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�SSL3.0プロトコル��をサ�ート���。
+    ��関数��wolfSSL_CTX_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -61,10 +66,12 @@ WOLFSSL_METHOD *wolfSSLv23_method(void);
 WOLFSSL_METHOD *wolfSSLv3_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  wolfsslv3_client_method（）関数��アプリケーション�クライアント��り�SSL 3.0プロトコル��をサ�ート�る��を示����使用�れ��。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfSSLv3_client_method()関数��アプリケーション�クライアント��り�SSL 3.0プロトコル��をサ�ート�る��を示����使用�れ��。
+    ��関数��wolfSSL_CTX_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -91,10 +98,12 @@ WOLFSSL_METHOD *wolfSSLv3_server_method(void);
 WOLFSSL_METHOD *wolfSSLv3_client_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFTLSV1_SERVER_METHOD（）関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.0プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfTLSv1_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.0プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -121,10 +130,12 @@ WOLFSSL_METHOD *wolfSSLv3_client_method(void);
 WOLFSSL_METHOD *wolfTLSv1_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  wolftlsv1_client_method（）関数��アプリケーション�クライアント��り�TLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolftlsv1_client_method()関数��アプリケーション�クライアント��り�TLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -151,10 +162,12 @@ WOLFSSL_METHOD *wolfTLSv1_server_method(void);
 WOLFSSL_METHOD *wolfTLSv1_client_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFTLSV1_1_SERVER_METHOD（）関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.1プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfTLSv1_1_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.1プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -181,10 +194,12 @@ WOLFSSL_METHOD *wolfTLSv1_client_method(void);
 WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFTLSV1_1_CLIENT_METHOD（）関数��アプリケーション�クライアント��り�TLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfTLSv1_1_client_method()関数��アプリケーション�クライアント��り�TLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -211,10 +226,12 @@ WOLFSSL_METHOD *wolfTLSv1_1_server_method(void);
 WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFTLSV1_2_SERVER_METHOD（）関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.2プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfTLSv1_2_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.2プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -241,10 +258,12 @@ WOLFSSL_METHOD *wolfTLSv1_1_client_method(void);
 WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  wolftlsv1_2_client_method（）関数��アプリケーション�クライアント��り�TLS 1.2プロトコル��をサ�ート�る��を示����使用�れ��。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfTLSv1_2_client_method()関数��アプリケーション�クライアント��り�TLS 1.2プロトコル��をサ�ート�る��を示����使用�れ��。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -271,10 +290,13 @@ WOLFSSL_METHOD *wolfTLSv1_2_server_method(void);
 WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  wolfdtlsv1_client_method（）関数��アプリケーション�クライアント��り�DTLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。��関数��WolfSSL�DTLSサ�ート（ -  enable-dtls����WolfSSL_DTLSを定義�る���よ��）コンパイル�れ��る場����使用����。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfdtlsv1_client_method()関数��アプリケーション�クライアント��り�DTLS 1.0プロトコル��をサ�ート�る��を示����使用�れ��。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��WolfSSL�DTLSサ�ート（--enable-dtls����WOLFSSL_DTLSを定義�る���よ��）ビルド�れ��る場����使用����。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     WOLFSSL_METHOD* method;
@@ -299,10 +321,13 @@ WOLFSSL_METHOD *wolfTLSv1_2_client_method(void);
 WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  WOLFDTLSV1_SERVER_METHOD（）関数��アプリケーション�サー�ー��る��を示����使用�れ�DTLS 1.0プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。��関数��WolfSSL�DTLSサ�ート（ -  enable-dtls����WolfSSL_DTLSを定義�る���よ��）コンパイル�れ��る場����使用����。
-    \return *  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return FAIL  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfDTLSv1_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�DTLS 1.0プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��WolfSSL�DTLSサ�ート（--enable-dtls����WOLFSSL_DTLSマクロを定義�る���よ��）ビルド�れ��る場����使用����。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     WOLFSSL_METHOD* method;
@@ -327,8 +352,9 @@ WOLFSSL_METHOD *wolfDTLSv1_client_method(void);
 WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
 
 /*!
-    \brief  サー��。
-    \return This  関数�wolfssl_method�インタを返���。
+    \brief  wolfDTLSv1_2_server_method()関数�サー��用�WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
@@ -340,10 +366,165 @@ WOLFSSL_METHOD *wolfDTLSv1_server_method(void);
 WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  Chacha-Poly Aead Construction�最��リリース�新���ージョン�間����������る������ージョンを使用��サー�ー/クライアント�通信�るオプションを追加����。デフォルト���WolfSSL�新���ージョンを使用���。
-    \return 0  �功�る�
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \ingroup Setup
+
+    \brief wolfDTLSv1_3_server_method()関数�アプリケーション�サー�ー��る��を示����使用�れ�DTLS 1.3プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��WolfSSL�DTLSサ�ート（--enable-dtls13����WOLFSSL_DTLS13を定義�る���よ��）ビルド�れ��る場����使用����。
+
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+    \param ��
+
+    _Example_
+    \code
+    WOLFSSL_METHOD* method;
+    WOLFSSL_CTX* ctx;
+
+    method = wolfDTLSv1_3_server_method();
+    if (method == NULL) {
+	    // unable to get method
+    }
+
+    ctx = wolfSSL_CTX_new(method);
+    ...
+    \endcode
+
+
+    \sa wolfDTLSv1_3_client_method
+*/
+
+WOLFSSL_METHOD *wolfDTLSv1_3_server_method(void);
+
+/*!
+    \ingroup Setup
+
+    \brief wolfDTLSv1_3_client_method()関数�アプリケーション�クライアント��る��を示����使用�れ�DTLS 1.3プロトコル��をサ�ート���。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��WolfSSL�DTLSサ�ート（--enable-dtls13����WOLFSSL_DTLS13を定義�る���よ��）ビルド�れ��る場����使用����。
+
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+    \param ��
+
+
+    _Example_
+    \code
+    WOLFSSL_METHOD* method;
+    WOLFSSL_CTX* ctx;
+
+    method = wolfDTLSv1_3_client_method();
+    if (method == NULL) {
+	    // unable to get method
+    }
+
+    ctx = wolfSSL_CTX_new(method);
+    ...
+    \endcode
+
+
+    \sa wolfDTLSv1_3_server_method
+*/
+WOLFSSL_METHOD* wolfDTLSv1_3_client_method(void);
+
+/*!
+    \ingroup Setup
+
+    \brief wolfDTLS_server_method()関数�アプリケーション�サー�ー��る��を示����使用�れ�
+    �能��り高��ージョン最��ージョン�DTLSプロトコルをサ�ート���。
+    デフォルト�最��ージョン�WOLFSSL_MIN_DTLS_DOWNGRADEマクロ��指定をも�������
+    実行時�wolfSSL_SetMinVersion()�変更�る�������。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��WolfSSL�DTLSサ�ート（--enable-dtls����WOLFSSL_DTLSを定義�る���よ��）ビルド�れ��る場����使用����。
+
+
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+    \param ��
+
+    _Example_
+    \code
+    WOLFSSL_METHOD* method;
+    WOLFSSL_CTX* ctx;
+
+    method = wolfDTLS_server_method();
+    if (method == NULL) {
+	    // unable to get method
+    }
+
+    ctx = wolfSSL_CTX_new(method);
+    ...
+    \endcode
+
+
+    \sa wolfDTLS_client_method
+    \sa wolfSSL_SetMinVersion
+*/
+WOLFSSL_METHOD *wolfDTLS_server_method(void);
+
+/*!
+    \ingroup Setup
+
+    \brief wolfDTLS_client_method()関数� アプリケーション�クライアント��る��を示����使用�れ�
+    �能��り高��ージョン最��ージョン�DTLSプロトコルをサ�ート���。
+    デフォルト�最��ージョン�WOLFSSL_MIN_DTLS_DOWNGRADEマクロ��指定をも�������
+    実行時�wolfSSL_SetMinVersion()�変更�る�������。
+    ��関数��wolfSSL_ctx_new()を使用��SSL/TLSコンテキストを作��る���使用�れる新��WOLFSSL_METHOD構造体�メモリを割り当���期化���。
+    ��関数��wolfSSL�DTLSサ�ート（--enable-dtls����WOLFSSL_DTLSを定義�る���よ��）ビルド�れ��る場����使用����。
+
+
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+    \return XMALLOCを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+    \param ��
+
+
+    _Example_
+    \code
+    WOLFSSL_METHOD* method;
+    WOLFSSL_CTX* ctx;
+
+    method = wolfDTLS_client_method();
+    if (method == NULL) {
+	    // unable to get method
+    }
+
+    ctx = wolfSSL_CTX_new(method);
+    ...
+    \endcode
+
+
+    \sa wolfDTLS_server_method
+    \sa wolfSSL_SetMinVersion
+*/
+WOLFSSL_METHOD *wolfDTLS_client_method(void);
+
+/*!
+    \brief ��関数�サー�ー�用�WOLFSSL_METHOD構造体を生����期化���。
+
+    \return �功��場��新��作��れ�WOLFSSL_METHOD構造体���インタを返���。
+
+    \param ��
+
+    _Example_
+    \code
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
+    WOLFSSL* ssl = WOLFSSL_new(ctx);
+    …
+    \endcode
+
+    \sa wolfSSL_CTX_new
+*/
+WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
+
+
+/*!
+    \ingroup Setup
+    \brief  Chacha-Poly Aead Construction�最��リリース�新���ージョン�間����������る���
+    ���ージョンを使用��サー�ー/クライアント�通信�るオプションを追加����。
+    デフォルト���wolfSSL�新���ージョンを使用���。
+    \return 0  �功�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作���WOLFSSL構造体���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -360,12 +541,16 @@ WOLFSSL_METHOD *wolfDTLSv1_2_server_method(void);
 int wolfSSL_use_old_poly(WOLFSSL* ssl, int value);
 
 /*!
-    \brief  セッション状態�れ�より��ンドシェイク�完了��後�接続をピックアップ�る�������。
-    \return Success  �功��場��読�����ッファ���返�れ��。
-    \return Failure  ����失敗��戻り値�0未満��り��。
-    \return VERSION_ERROR  �ージョン��一致�見����場��IE DTLS V1�CTX�DTLS V1.2�設定�れ�場��Version_Error�返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param buf  イン�ート�るシリアル化�れ�セッション。
+    \brief  wolfSSL_dtls_import()関数�シリアライズ�れ�セッション状態を解��る���使�れ��。
+    �れ�より��ンドシェイク�完了��後�接続をピックアップ�る�������。
+    \return  �功��場��読�����ッファ���返�れ��。
+    \return  ����失敗��戻り値�0未満��り��。
+    \return VERSION_ERROR  �ージョン��一致�見����場��(�����DTLS v1�CTX�DTLS v1.2�設定�れ�場�)�Version_Error�返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param buf  イン�ート�るシリアル化�れ�セッション情報を格��る�ッファ���インタ。
+    \param sz �ッファ�サイズ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -393,10 +578,14 @@ int wolfSSL_dtls_import(WOLFSSL* ssl, unsigned char* buf,
 
 
 /*!
-    \brief  接続�状態をイン�ート���。警告：BUF���状態�関�る機密情報���れ��り��存�れ��る場���存�る��暗�化�れる��最善��。追加�デ�ッグ情報をマクロwolfssl_session_export_debug�定義��表示����。
-    \return the  �ッファ 'BUF'�ら読�込�れ��イト数
-    \param ssl  セッションをイン�ート�る���WolfSSL構造
-    \param buf  シリアル化�れ�セッション
+    \brief  シリアライズ�れ�TLSセッションをイン�ート���。
+    警告：buf���状態�関�る機密情報���れ��り��存�れ��る場���存�る��暗�化�れる��最善��。
+    追加�デ�ッグ情報をマクロWOLFSSL_SESSION_EXPORT_DEBUGを定義��表示����。
+    \return �ッファ'buf'�ら読�込�れ��イト数を返���。
+    \param ssl  セッションをイン�ート�る���WOLFSSL構造体���インタ
+    \param buf  シリアル化�れ�セッションを�む�ッファ���インタ
+    \param sz  �ッファ�サイズ
+
     \sa wolfSSL_dtls_import
     \sa wolfSSL_tls_export
  */
@@ -404,14 +593,18 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
         unsigned int sz);
 
 /*!
-    \brief  セッションをエクス�ート�る���コール�ック関数。�れ��以��格��れ��るエクス�ート機能をクリア�る���パラメータfunc���nullを渡����許��れ����。サー�ー��使用�れ��ンドシェイク�完了��直後�呼�出�れ��。
-    \return SSL_SUCCESS  �功�る�。
-    \return BAD_FUNC_ARG  NULL���予想�れ��引数�渡�れ�場�
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \brief  wolfSSL_CTX_dtls_set_export()関数�セッションをエクス�ート�る���コール�ック関数を設定���。
+    以��格��れ��るエクス�ート機能をクリア�る���パラメータfunc�NULLを渡����許�れ��。
+    サー�ー��使用�れ��ンドシェイク�完了��直後�設定��コール�ック関数�呼�出�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  NULL���予想�れ��引数�渡�れ�場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+    \param func セッションをエクス�ート�る際�呼�出�関数�インタ
+
     _Example_
     \code
     int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
-    // body of send session (wc_dtls_export) that passses
+    // body of send session (wc_dtls_export) that passes
     // buf (serialized session) to destination
     WOLFSSL_CTX* ctx;
     int ret;
@@ -429,18 +622,21 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
     \sa wolfSSL_dtls_set_export
     \sa Static buffer use
 */
-int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
-                                                           wc_dtls_export func);
+int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx, wc_dtls_export func);
 
 /*!
-    \brief  セッションをエクス�ート�る機能。�れ��以��格��れ��るエクス�ート機能をクリア�る���パラメータfunc���nullを渡����許��れ����。サー�ー��使用�れ��ンドシェイク�完了��直後�呼�出�れ��。
-    \return SSL_SUCCESS  �功�る�。
-    \return BAD_FUNC_ARG  NULL���予想�れ��引数�渡�れ�場�
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \brief  wolfSSL_dtls_set_export()関数�セッションをエクス�ート�る際�呼�出�コール�ック関数を登録���。
+    以��登録�れ��るエクス�ート関数をクリア�る���使���も����。
+    サー�ー��使用�れ��ンドシェイク�完了��直後�設定��コール�ック関数�呼�出�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  NULL���予想�れ��引数�渡�れ�場��返�れ��。
+    \param ssl  wolfssl_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param func セッションをエクス�ート�る際�呼�出�関数�インタ
+
     _Example_
     \code
     int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
-    // body of send session (wc_dtls_export) that passses
+    // body of send session (wc_dtls_export) that passes
     // buf (serialized session) to destination
     WOLFSSL* ssl;
     int ret;
@@ -460,11 +656,15 @@ int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
 int wolfSSL_dtls_set_export(WOLFSSL* ssl, wc_dtls_export func);
 
 /*!
-    \brief  �供�れ��ッファ��WolfSSLセッション。セッションをシリアル化�����セッションを�信�る���関数コール�ックを使用�るよりも少��メモリオー�ーヘッドを許����。関数�渡�れ�����ッファ�NULL�場��SZ�WolfSSLセッション�直列化�必���ッファ�サイズ�設定�れ��。
-    \return Success  �功��場��使用�れる�ッファ���返�れ��。
-    \return Failure  ����失敗��戻り値�0未満��り��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param buf  直列化セッションを���る����ッファ。
+    \brief  wolfSSL_dtls_export()関数��供�れ��ッファ�セッションをシリアル化���。
+    セッションをエクス�ート�る���関数コール�ックを使用�るよりもメモリオー�ーヘッドを減ら��������。
+    関数�渡�れ�引数buf�NULL�場��sz��WolfSSLセッション�シリアライズ�必���ッファ�サイズ�設定�れ��。
+    \return �功��場��使用�れる�ッファサイズ�返�れ��。
+    \return ����失敗��戻り値�0未満��り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param buf  シリアライズ��セッションを���る����ッファ。
+    \param sz �ッファ�サイズ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -487,10 +687,15 @@ int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
                                                               unsigned int* sz);
 
 /*!
-    \brief  接続�直列化�れ�状態をイン�ート���。��ん��場��wolfssl_tls_export�代�り�wolfssl_get1_sessionを使用�る必���り��。追加�デ�ッグ情報をマクロwolfssl_session_export_debug�定義��表示����。警告：BUF���状態�関�る機密情報���れ��り��存�れ��る場���存�る��暗�化�れる��最善��。
-    \return the  �ッファー 'BUF'�書�込�れ��イト数
-    \param ssl  セッションをエクス�ート�る���WolfSSL構造
-    \param buf  直列化セッション�出力
+    \brief  シリアライズ�れ�TLSセッションをエクス�ート���。
+    ��ん��場��wolfSSL_tls_export�代�り�wolfssl_get1_sessionを使用�る必���り��。
+    追加�デ�ッグ情報をマクロWOLFSSL_SESSION_EXPORT_DEBUGを定義��表示����。
+    警告：buf���状態�関�る機密情報���れ��り��存�る場���存�る��暗�化�れる��最善��。
+    \return �ッファ'buf'�書�込�れ��イト数
+    \param ssl  セッションをエクス�ート�る���WOLFSSL構造体���インタ
+    \param buf シリアライズ�れ�セッション�出力先�ッファ���インタ
+    \param sz 出力先�ッファ�サイズ
+
     \sa wolfSSL_dtls_import
     \sa wolfSSL_tls_import
  */
@@ -498,14 +703,28 @@ int wolfSSL_tls_export(WOLFSSL* ssl, unsigned char* buf,
         unsigned int* sz);
 
 /*!
-    \brief  ��後�CTX�有効期間�よ�CTX�ら作��れ�SSLオブジェクト���asideを設定���。NULL CTX�インタ�WOLFSSL_METHOD_FUNC関数を渡����よ���CTX自体�作�も�的メモリを使用���。wolfssl_method_func���wolfssl_method *（* wolfssl_method_func）�関数署���り��（void *ヒープ）。MAX�0を渡���設定�れ������よ��動作��最大��時使用制���用�れ��ん。渡�れ�フラグ値�よ���メモリ�使用方法�動作中�動作�決�り��。利用�能�フラグ�次���り��.0  - デフォルト�一般メモリ�WolfMEM_IO_POOL  - �信メッセージ��信�一般メモリをオー�ーライド�る���入出力�ッファ�使用�れる���渡�れ��ッファ内�����メモリ�IO�WolfMem_IO_FIXED  -  WOLFMEM_IO_POOL�������今度��SSL�����。2���ッファを自分�ライフタイム�自分自身�����。wolfmem_track_stats  - �SSL�実行中�メモリ統計を追跡���。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  失敗�る�。
-    \param ctx  wolfssl_ctx構造���インタ�アドレス。
-    \param method  プロトコルを作��る機能。（CTXもNULL�も��場��NULL��る必���り��）
-    \param buf  �����作�使用�るメモリ。
+    \brief  ��関数�CTX用��的メモリ領域を設定�る目的�使用�れ��。
+    設定�れ��的メモリ領域�CTX�有効期間�よ�CTX�ら作��れ�全��SSLオブジェクト�使用�れ��。
+    引数ctx�NULLを渡��wolfSSL_method_func関数を渡����よ���CTX自体�作�も�的メモリを使用���。
+    wolfssl_method_func�次�シグ��ャ�������:wolfssl_method *（* wolfssl_method_func)(void *heap)。
+    引数max�0を渡���設定�れ����も����動作��最大��時使用制���用�れ��ん。
+    引数flag�渡��値�よ���メモリ�使用方法�動作�決�り��。
+    利用�能�フラグ値�次���り��：
+    0 - デフォルト�一般メモリ�
+    WOLFMEM_IO_POOL - メッセージ���信�際�入出力�ッファ���使用�れ渡�れ��ッファ内�����メモリ�IO�使用�れ���
+    WOLFMEM_IO_FIXED  -  WOLFMEM_IO_POOL��������SSL�2���ッファを自分�ライフタイム�間����使用���。
+    WOLFMEM_TRACK_STATS  - �SSL�実行中�メモリ使用統計を追跡���。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
+    \return SSL_FAILURE  失敗��場��返�れ��。
+
+    \param ctx  WOLFSSL_CTX構造体���インタ��インタ
+    \param method  メソッド関数（例���wolfSSLv23_server_method_ex）�ctx�NULL���場��NULL��る必���り��。
+    \param buf  �����作�使用�るメモリ�ッファ���インタ。
     \param sz  渡�れ��るメモリ�ッファ�サイズ。
-    \param flag  メモリ�種類
+    \param flag  メモリ�使用タイプ
+    \param max �時使用�最大値
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -542,10 +761,15 @@ int wolfSSL_CTX_load_static_memory(WOLFSSL_CTX** ctx,
                                             int flag, int max);
 
 /*!
-    \brief  �����的メモリ使用��関�る情報を�集�る�����使用�れ��。
-    \return 1  CTX��的メモリを使用�る場��返�れ��。
-    \return 0  �的メモリを使用���場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \brief  ��関数��時点�接続�関�る振る舞��変更�行���ん。
+    �的メモリ使用��関�る情報を�集�る�����使用�れ��。
+    \return 1  CTX��的メモリを使用���る場��返�れ��。
+    \return 0  �的メモリを使用�����場��返�れ��。
+
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+    \param mem_stats �的メモリ�使用��関�る情報を���るWOLFSSL_MEM_STATS構造体���インタ
+
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -571,10 +795,16 @@ int wolfSSL_CTX_is_static_memory(WOLFSSL_CTX* ctx,
                                                  WOLFSSL_MEM_STATS* mem_stats);
 
 /*!
-    \brief  SSL��的メモリ使用�。戻り値���的メモリを読�込む�����的メモリ�使用�れ��る����を示���。
-    \return 1  CTX��的メモリを使用�る場��返�れ��。
-    \return 0  �的メモリを使用���場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \brief  wolfSSL_is_static_memory関数�SSL��的メモリ使用��関�る情報を集���。
+    戻り値���的メモリ�使用�れ��る����を示���。
+    引数ssl�上��WOLFSSL_CTX��的メモリを使用�るよ��指定���り�WOLFMEM_TRACK_STATS�定義�れ��る場��
+    引数mem_stats�情報�セット�れ��。
+    \return 1  �的メモリを使用���る場��返�れ��。
+    \return 0  �的メモリを使用�����場��返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param mem_stats �的メモリ�使用��関�る情報を���るWOLFSSL_MEM_STATS構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -595,12 +825,22 @@ int wolfSSL_is_static_memory(WOLFSSL* ssl,
                                             WOLFSSL_MEM_CONN_STATS* mem_stats);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数�証明書ファイルをSSLコンテキスト�ロード���（wolfssl_ctx）。ファイル�ファイル引数�よ���供�れ��。format引数��ファイル�フォーマットタイプ（SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM）を指定���。�切�使用法�例を�覧����。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因�誤��形���る場�����「format�引数を使用��誤��フォーマット�指定�れ��る場���り��。ファイル�存在���ん。読��られ������破����るメモリ状態�発生�る��ベース16�デコード�ファイル�失敗���。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ
-    \param file  WolfSSL SSLコンテキスト�ロード�る証明書を�むファイル������インタ。
+    \ingroup CertsKeys
+    \brief  ��関数�証明書ファイルをSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    ファイル�引数file�よ���供�れ��。
+    引数format��ファイル�フォーマットタイプ（SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM）を指定���。
+    �切�使用法�例を�覧����。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
+    \return SSL_FAILURE  失敗時�返�れ��。失敗��場���能�原因�����
+    ファイル�誤��形��場�����引数formatを使用��誤��フォーマット�指定�れ��る�
+    �る��ファイル�存在�����る��読��る�����������破����る�
+    メモリ�足�発生�Base16�デコード�失敗���る���原因�考�られ��。
+
+    \param ctx wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ
+    \param file ロード�る証明書を�むファイルパス文字列。
+    \param format ロード�る証明書�フォーマット：SSL_FILETYPE_ASN1 �る�� SSL_FILETYPE_PEM
+
     _Example_
     \code
     int ret = 0;
@@ -621,10 +861,26 @@ int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
                                      int format);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��秘密�ファイルをSSLコンテキスト（WolfSSL_CTX）�ロード���。ファイル�ファイル引数�よ���供�れ��。format引数��ファイル�フォーマットタイプを指定���.SSL_FILETYPE_ASN1OR SSL_FILETYPE_PEM。�切�使用法�例を�覧����。外部キーストアを使用��秘密�を������場���代�り�公開�を入力��CryProコール�ックを登録��署�を処��る�������。�������Cryptoコール�ック���PKコール�ックを使用��ビルド�構築����。Cryptoコール�ックを有効��る���-enable-cryptocb���wolf_crypto_cbを使用��wc_cryptocb_registerDeviceを使用��暗�コール�ックを登録��wolfssl_ctx_setdevidを使用��関連�るdevidを設定���。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  ファイル�間���形������「format�引数を使用��誤��形��与�られ����。ファイル�存在����読�込�������破������。メモリ�足状態�発生���。base16デコード�ファイル�失敗���。キーファイル�暗�化�れ������パスワード��供�れ��ん。
+    \ingroup CertsKeys
+
+    \brief  ��関数��秘密�ファイルをSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    ファイル�引数file�よ���供�れ��。
+    引数format��次�ファイル�フォーマットタイプを指定���：SSL_FILETYPE_ASN1　�る�� SSL_FILETYPE_PEM。
+    �切�使用法�例を�覧����。
+    外部キーストアを使用��秘密�を������場���
+    代�り�公開�を入力��cryptoコール�ックを登録��署�を処��る�������。
+    �������cryptoコール�ック���PKコール�ックを使用��コンフィギュレーション�ビルド���。
+    cryptoコール�ックを有効��る���--enable-cryptocb���WOLF_CRYPTO_CBマクロを使用��
+    wc_CryptoCb_RegisterDeviceを使用��暗�コール�ックを登録��
+    wolfSSL_CTX_SetDevIdを使用��関連�るdevidを設定���。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因�����
+    ファイル�誤��形��場�����引数formatを使用��誤��フォーマット�指定�れ��る�
+    �る��ファイル�存在�����る��読��る�����������破����る�
+    メモリ�足�発生�Base16�デコード�失敗���る���原因�考�られ��
+    \param ��
+
     _Example_
     \code
     int ret = 0;
@@ -646,20 +902,33 @@ int wolfSSL_CTX_use_certificate_file(WOLFSSL_CTX* ctx, const char* file,
 int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��PEM形��CA証明書ファイルをSSLコンテキスト（WolfSSL_CTX）�ロード���。�れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。ファイル引数�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル��り得る。複数�CA CERT���ファイル���れ��る場��WolfSSL�ファイル�表示�れ��る����順���れらをロード���。 path引数��信頼��るルートCA�証明書を�むディレクトリ������インタ��。ファイル�値�NULL����場��パスを必��場��パスをNULL���指定����。 Library�構築時�パス�指定�れ����場���WOLFSSL�指定�れ�ディレクトリ��る����CA証明書をロード���。��関数�ディレクトリ内�����ファイルをロード�よ�����。��関数��ヘッダー "-----証明書-----"を��pemフォーマット�れ�cert_typeファイルを期待�����。
-    \return SSL_SUCCESS  �功����。
-    \return SSL_FAILURE  CTX�NULL�場�����ファイル�パス�両方�NULL�場��返�れ��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \ingroup CertsKeys
+    \brief  ��関数��PEM形��CA証明書ファイルをSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    �れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。
+    引数file�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル��場���り��。
+    複数�CA証明書���ファイル���れ��る場��wolfSSL�ファイル�表示�れ��る����順���れらをロード���。
+    引数path��信頼��るルートCA�証明書を�むディレクトリ������インタ��。
+    引数file�NULL����場��パス�必����場��NULL���指定����。
+    引数path�指定�れ�����NO_WOLFSSL_DIR�定義�れ����場����
+    wolfSSLライブラリ�指定�れ�ディレクトリ�存在�る����CA証明書をロード���。
+    ��関数�ディレクトリ内�����ファイルをロード�よ�����。
+    ��関数��ヘッダー� "-----BEGIN CERTIFICATE-----"を��PEMフォーマット�れ�CERT_TYPEファイルを期待�����。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
+    \return SSL_FAILURE  CTX�NULL�場�����ファイル�パス�両方�NULL�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��読�込���場�����破����る場��返�れ��。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \return ASN_BEFORE_DATE_E  �在�日付��日����る場��返�れ��。
-    \return ASN_AFTER_DATE_E  �在�日付�後�日付�後�場��返�れ��。
+    \return ASN_BEFORE_DATE_E  �在�日付�使用開始日より��場��返�れ��。
+    \return ASN_AFTER_DATE_E  �在�日付�使用期�後より後�場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \return BAD_PATH_ERROR  OpenDir（）�パスを開��������失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
-    \param file  PEM形��CA証明書を�むファイル������インタ。
+    \return BAD_PATH_ERROR  opendir()�パスを開�����失敗��場��返�れ��。
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param file PEM形��CA証明書を�むファイル������インタ。
+    \param path CA証明書を�ん��るディレクトリ�ディレクトリ������インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -681,22 +950,37 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int form
     \sa wolfSSL_use_certificate_chain_file
 */
 int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
-                                                const char* format);
-
-/*!
-    \ingroup CertsKeys 
-    \brief  ��関数��PEM形��CA証明書ファイルをSSLコンテキスト（WolfSSL_CTX）�ロード���。�れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。ファイル引数�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル��り得る。複数�CA CERT���ファイル���れ��る場��WolfSSL�ファイル�表示�れ��る����順���れらをロード���。 path引数��信頼��るルートCA�証明書を�むディレクトリ������インタ��。ファイル�値�NULL����場��パスを必��場��パスをNULL���指定����。 Library�構築時�パス�指定�れ����場���WOLFSSL�指定�れ�ディレクトリ��る����CA証明書をロード���。��関数��指定�れ�フラグ�基���ディレクトリ内�����ファイルをロード�よ�����。��関数��ヘッダー "-----証明書-----"を��PEM形��cert_typeファイルを想定�����。
-    \return SSL_SUCCESS  �功����。
-    \return SSL_FAILURE  CTX�NULL�場�����ファイル�パス�両方�NULL�場��返�れ��。少���も1��証明書�正常�ロード�れ��る��失敗��1�以上��る場���れも返�れ��。�由�エラースタックを確�������。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+                                                const char* path);
+
+/*!
+    \brief  ��関数��PEM形��CA証明書ファイルをSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    �れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。
+    引数file�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル��場���り��。
+    複数�CA証明書���ファイル���れ��る場��wolfSSL�ファイル�表示�れ��る����順���れらをロード���。
+    引数path��信頼��るルートCA�証明書を�むディレクトリ������インタ��。
+    引数file�NULL����場��パス�必����場��NULL���指定����。
+    引数path�指定�れ�����NO_WOLFSSL_DIR�定義�れ����場����
+    wolfSSLライブラリ�指定�れ�ディレクトリ�存在�る����CA証明書をロード���。
+    ��関数�引数flags�基���ディレクトリ内�����ファイルをロード�よ�����。
+    ��関数��ヘッダー� "-----BEGIN CERTIFICATE-----"を��PEMフォーマット�れ�CERT_TYPEファイルを期待�����。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
+    \return SSL_FAILURE  CTX�NULL�場�����ファイル�パス�両方�NULL�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��読�込���場�����破����る場��返�れ��。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
+    \return ASN_BEFORE_DATE_E  �在�日付�使用開始日より��場��返�れ��。
+    \return ASN_AFTER_DATE_E  �在�日付�使用期�後より後�場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \return BAD_PATH_ERROR  OpenDir（）�パスを開��������失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
-    \param file  PEM形��CA証明書を�むファイル������インタ。
-    \param path  PEM形��証明書をロード�るディレクトリ������インタ。
+    \return BAD_PATH_ERROR  opendir()�パスを開�����失敗��場��返�れ��。
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param file PEM形��CA証明書を�むファイル������インタ。
+    \param path CA証明書を�ん��るディレクトリ�フォルダーパス
+    \param flags 指定�能�マスク値: WOLFSSL_LOAD_FLAG_IGNORE_ERR,
+    WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY, WOLFSSL_LOAD_FLAG_PEM_CA_ONLY
+
     _Example_
     \code
     int ret = 0;
@@ -722,16 +1006,85 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
                                          const char* path, unsigned int flags);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��TLS / SSL�ンドシェイクを実行�る���ピアを検証�る���使用�る証明書をロード���。�ンドシェイク中��信�れ�ピア証明書��使用�能����スキッドを使用�る���よ��比較�れ��。�れら2�����一致���場���ロード�れ�CAS�使用�れ��。マクロwolfssl_trust_peer_certを定義�る���機能�有効�������。�切�使用法�例を�覧����。
-    \return SSL_SUCCES  �功�る�。
-    \return SSL_FAILURE  CTX�NULL�場�����両方�ファイル�種類�無効�場��返�れ��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \ingroup CertsKeys
+
+    \brief ��関数��wolfSSL_CTX_load_system_CA_certs �呼�出�れ�����
+    wolfSSL�システムCA証明書を検索�るディレクトリを表�文字列��列���インタを返���。
+
+    \return �功時��文字列�列���インタを返���。
+    \return NULL 失敗時�返���。
+
+    \param num word32型変数���インタ。文字列�列�長�を格����。
+
+    _Example_
+    \code
+    WOLFSSL_CTX* ctx;
+    const char** dirs;
+    word32 numDirs;
+
+    dirs = wolfSSL_get_system_CA_dirs(&numDirs);
+    for (int i = 0; i < numDirs; ++i) {
+        printf("Potential system CA dir: %s\n", dirs[i]);
+    }
+    ...
+    \endcode
+
+    \sa wolfSSL_CTX_load_system_CA_certs
+    \sa wolfSSL_CTX_load_verify_locations
+    \sa wolfSSL_CTX_load_verify_locations_ex
+*/
+const char** wolfSSL_get_system_CA_dirs(word32* num);
+
+/*!
+    \ingroup CertsKeys
+
+    \brief ��関数��CA証明書をOS�存�CA証明書ストア�らWOLFSSL_CTX�ロード�よ�����。
+    ロード�れ�証明書�信頼�れ��。
+    サ�ート�よ�テスト�れ��るプラットフォーム��Linux(Debian�Ubuntu�Gentoo�Fedora�RHEL)�
+    Windows 10/11�Android�Apple OS X�iOS��。
+
+    \return WOLFSSL_SUCCESS �功時�返�れ��。
+    \return WOLFSSL_BAD_PATH システムCA証明書�ロード������場��返�れ��。
+    \return WOLFSSL_FAILURE �����エラー発生時（Windows証明書ストア�正常�クローズ�れ��等）
+
+    \param ctx wolfSSL_CTX_new()�生��れ�WOLFSSL_CTX構造体���インタ。
+
+    _Example_
+    \code
+    int ret = 0;
+    WOLFSSL_CTX* ctx;
+    ...
+    ret = wolfSSL_CTX_load_system_CA_certs(ctx,);
+    if (ret != WOLFSSL_SUCCESS) {
+        // error loading system CA certs
+    }
+    ...
+    \endcode
+
+    \sa wolfSSL_get_system_CA_dirs
+    \sa wolfSSL_CTX_load_verify_locations
+    \sa wolfSSL_CTX_load_verify_locations_ex
+*/
+int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx);
+
+
+/*!
+    \ingroup Setup
+    \brief  ��関数��TLS/SSL�ンドシェイクを実行�る���ピアを検証�る���使用�る証明書をロード���。
+    �ンドシェイク中��信�れ�ピア証明書����関数�指定�れ�証明書�SKID�署�を比較�る���よ��検証�れ��。
+    �れら2�����一致���場���ピア証明書�検証��ロード�れ�CA証明書�使用�れ��。
+    ��機能�WOLFSSL_TRUST_PEER_CERTマクロを定義�る���機能を有効�����。
+    �切�使用法�例を�覧����。
+
+    \return SSL_SUCCES  �功時�返�れ��。
+    \return SSL_FAILURE  CTX�NULL�場�����両方�ファイル�種類�無効�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�生��れ�WOLFSSL_CTX構造体���インタ。
     \param file  証明書を�むファイル������インタ
+
     _Example_
     \code
     int ret = 0;
@@ -758,11 +1111,18 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
 int wolfSSL_CTX_trust_peer_cert(WOLFSSL_CTX* ctx, const char* file, int type);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��Chain of chainをSSLコンテキスト（WolfSSL_CTX）�ロード���。証明書�ェーンを�むファイル�ファイル引数�よ���供�れ�PEM形��証明書を��る必���り��。��関数��最大MAX_CHAIN_DEPTH（Default = 9�internal.h�定義�れ��る）証明書�加���サブジェクト証明書を処����。
-    \return SSL_SUCCESS  �功�る�
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因�誤��形���る場�����「format�引数を使用��誤��フォーマット�指定�れ��る場���り��。ファイル�存在���ん。読��られ������破����るメモリ状態�発生���。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ
+    \ingroup CertsKeys
+    \brief  ��関数��証明書�ェーンをSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    証明書�ェーンを�むファイル�引数file�よ���供�れ�PEM形��証明書を��る必���り��。
+    ��関数��最大MAX_CHAIN_DEPTH（既定�9�internal.h�定義�れ��る）数�証明書を処����。
+    ��数��サブジェクト証明書を����。
+
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因����：誤��形���る場��
+    ���「format�引数を使用��誤��フォーマット�指定�れ��る場��
+    ファイル�存在����読��れ������破����る�メモリ枯渇���考�られ��。
+    \param ctx  wolfSSL_CTX_new()�生��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -783,12 +1143,21 @@ int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx,
                                                      const char *file);
 
 /*!
-    \ingroup openSSL 
-    \brief  ��関数��SSL接続�使用�れ��るプライベートRSAキーをSSLコンテキスト（WolfSSL_CTX）�ロード���。��関数��wolfssl�OpenSSL互�層有効（--enable-openSSlextra�#define openssl_extra）�コンパイル�れ��る場����利用�能��より一般的�使用�れ��るwolfssl_ctx_use_privatekey_file（）関数�����。ファイル引数���RSA秘密�ファイル���インタ��フォーマット�指定�れ�形����れ����。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因��次�よ���り��。入力キーファイル�誤��形���る�����「format�引数を使用��誤��形��与�られ��る場���ファイル�存在����読�込�������破�������メモリ�足状態�発生���。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ
+    \ingroup openSSL
+    \brief  ��関数��SSL接続�使用�れ��るRSA秘密�をSSLコンテキスト(WOLFSSL_CTX)�ロード���。
+    ��関数��wolfSSL�OpenSSL互�API�有効（--enable-openSSLExtra�#define OPENSSL_EXTRA）�コンパイル�れ��る場����利用�能��
+    より一般的�使用�れ��るwolfSSL_CTX_use_PrivateKey_file()関数�����。
+    ファイル引数���RSA秘密�ファイル���インタ��引数format�指定�れ�形����れ����。
+
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場��返�れ��。
+    失敗�原因��次�考�られ��：入力�ファイル�誤��形���る�
+    ���引数formatを使用��誤��形��与�られ��る場��
+    ファイル�存在����読�込�������破���る�メモリ�足状態�発生。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ
     \param file  フォーマット�指定�れ�形���WolfSSL SSLコンテキスト�ロード�れるRSA秘密�を�むファイル������インタ。
+    \param format RSA秘密��エンコード形�を指定���。指定�能�フォーマット値�：SSL_FILETYPE_PEM � SSL_FILETYPE_ASN1
+
     _Example_
     \code
     int ret = 0;
@@ -810,10 +1179,11 @@ int wolfSSL_CTX_use_certificate_chain_file(WOLFSSL_CTX *ctx,
 int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��有効�セッション�����デフォルト�9�最大�ェーン深度を返���。�れ��NULL以外�セッションオブジェクト（SSL）��り��。
-    \return MAX_CHAIN_DEPTH  wolfssl_ctx構造�null����場��返�れ��。デフォルト��値�9��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造�null�場��返�れ��。
+    \ingroup IO
+    \brief  ��関数��有効�セッション（NULL以外�引数ssl）�指定�れ�場���デフォルト�9�最大�ェーン深度を返���。
+    \return MAX_CHAIN_DEPTH  WOLFSSL構造体�NULL����場��返�れ��。デフォルト��値�9��。
+    \return BAD_FUNC_ARG  WOLFSSL構造体�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -832,10 +1202,11 @@ int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int f
 long wolfSSL_get_verify_depth(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��CTX構造を使用��証明書�ェーン深度を�得���。
-    \return MAX_CHAIN_DEPTH  CTX構造体�NULL����場��返�れ��。最大証明書�ェーンピア深度�定数表�。
-    \return BAD_FUNC_ARG  CTX構造�NULL�場��返�れ��。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_CTX構造体構造を使用��証明書�ェーン深度を�得���。
+    \return MAX_CHAIN_DEPTH  WOLFSSL_CTX構造体�NULL����場��返�れ��。最大証明書�ェーンピア深度�定数表�。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_METHOD method; // protocol method
@@ -855,12 +1226,19 @@ long wolfSSL_get_verify_depth(WOLFSSL* ssl);
 long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup openSSL 
-    \brief  ��関数�証明書ファイルをSSLセッション（WolfSSL構造体）�ロード���。証明書ファイル�ファイル引数�よ���供�れ��。format引数��ファイル�フォーマットタイプ（SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM）を指定���。
-    \return SSL_SUCCESS  �功�る�
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因��次�よ���り��。ファイル�誤��形������「format�引数を使用��誤��形��与�られ����。メモリ�足状態�発生�る��ファイル�base16�デコード�失敗�る
-    \param ssl  wolfssl_new（）�作��れ�wolfssl構造���インタ。
-    \param file  wolfssl sslセッション�ロード�れる証明書を�むファイル������インタ��フォーマット�指定�れ�形��フォーマット���。
+    \ingroup openSSL
+    \brief  ��関数�証明書ファイルをSSLセッション（WOLFSSL構造体）�ロード���。
+    証明書ファイル�ファイル引数�よ���供�れ��。
+    引数format��ファイル�フォーマットタイプ（SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM）を指定���。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場��返�れ��。
+    �能�原因��次�よ��も���り��。
+    ファイル�誤��形�����引数formatを使用��誤��形��与�られ��
+    メモリ�足状態�発生���ファイル�Base16�デコード�失敗��
+    \param ssl  wolfSSL_new()�作��れ�WOLFSSL構造体���インタ。
+    \param file  WOLFSSL構造体�ロード�れる証明書を�むファイル������インタ
+    \param format 証明書ファイル�エンコード形�を指定���。指定�能�フォーマット値�：SSL_FILETYPE_PEM � SSL_FILETYPE_ASN1
+
     _Example_
     \code
     int ret = 0;
@@ -880,12 +1258,25 @@ long wolfSSL_CTX_get_verify_depth(WOLFSSL_CTX* ctx);
 int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format);
 
 /*!
-    \ingroup openSSL 
-    \brief  ��関数��秘密�ファイルをSSLセッション（WolfSSL構造体）�ロード���。キーファイル�ファイル引数�よ���供�れ��。format引数��ファイル�形�タイプを指定��� -  SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。外部キーストアを使用��秘密�を������場���代�り�公開�を入力��CryProコール�ックを登録��署�を処��る�������。�������Cryptoコール�ック���PKコール�ックを使用��ビルド�構築����。Cryptoコール�ックを有効��る���--enable-cryptocb���wolf_crypto_cbを使用��wc_cryptocb_registerDeviceを使用��暗�コール�ックを登録��wolfssl_setdevidを使用��関連�るdevidを設定���。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因��次�よ���り��。ファイル�誤��形������「format�引数を使用��誤��形��与�られ������ファイル�存在���ん。メモリ�足状態�発生�る��ベース16�デコード�ファイル�失敗��キーファイル�暗�化�れ������パスワード��供�れ����ん。
-    \param ssl  wolfssl_new（）�作��れ�wolfssl構造���インタ。
-    \param file  wolfssl sslセッション�ロード�れるキーファイルを�むファイル������インタ��フォーマット�指定�れ�形��フォーマット���。
+    \ingroup openSSL
+    \brief  ��関数��秘密�ファイルをSSLセッション（WOLFSSL構造体）�ロード���。
+    �ファイル�引数file�よ���供�れ��。
+    引数format��ファイル�タイプ（SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM�指定�）を指定���。
+    外部キーストアを使用��秘密�を������場���代�り�公開�を入力��CryProコール�ックを登録��署�を処��る�������。
+    �������Cryptoコール�ック���PKコール�ックを使用��コンフィグレーション�ビルド���。
+    Cryptoコール�ックを有効��る���--enable-cryptocb���WOLF_CRYPTO_CBマクロを使用��ビルド��
+    wc_CryptoCb_RegisterDeviceを使用��暗�コール�ックを登録��
+    wolfSSL_SetDevIdを使用��関連�るdevIdを設定���。
+
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場��返�れ��。
+    �能�原因��次�よ��も���り��。
+    ファイル�誤��形�����引数formatを使用��誤��形��与�られ��
+    メモリ�足状態�発生���ファイル�Base16�デコード�失敗��
+    \param ssl  wolfSSL_new()�作��れ�WOLFSSL構造体���インタ。
+    \param file  WOLFSSL構造体�ロード�れる証明書を�むファイル������インタ
+    \param format 秘密�ファイル�エンコード形�を指定���。指定�能�フォーマット値�：SSL_FILETYPE_PEM � SSL_FILETYPE_ASN1
+
     _Example_
     \code
     int ret = 0;
@@ -907,11 +1298,19 @@ int wolfSSL_use_certificate_file(WOLFSSL* ssl, const char* file, int format);
 int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format);
 
 /*!
-    \ingroup openSSL 
-    \brief  ��関数��Chain of chainをSSLセッション（WolfSSL構造体）�ロード���。証明書�ェーンを�むファイル�ファイル引数�よ���供�れ�PEM形��証明書を��る必���り��。��関数��MAX_CHAIN_DEPTH（Default = 9�internal.h�定義�れ��る）証明書�加���サブジェクト証明書を処����。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因��次�よ���り��。ファイル�誤��形������「format�引数を使用��誤��形��与�られ����。メモリ�状態�発生���
-    \param ssl  wolfssl_new（）を使用��作��れ�wolfssl構造���インタ
+    \ingroup openSSL
+    \brief  ��関数��証明書�ェーンをSSLセッションWOLFSSL構造体）�ロード���。
+    証明書�ェーンを�むファイル�引数file�よ���供�れ�PEM形��証明書を��る必���り��。
+    ��関数��MAX_CHAIN_DEPTH（既定�9�internal.h�定義�れ��る）証明書�加���サブジェクト証明書を処����。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場��返�れ��。
+    �能�原因��次�よ��も���り��：
+    ファイル�誤��形�����引数formatを使用��誤��形��与�られ��
+    メモリ�足状態�発生���ファイル�base16�デコード�失敗��
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param file  WOLFSSL構造体�ロード�れる証明書を�むファイル������インタ。
+    証明書�PEM形����れ��り��ん。
+
     _Example_
     \code
     int ret = 0;
@@ -930,11 +1329,18 @@ int wolfSSL_use_PrivateKey_file(WOLFSSL* ssl, const char* file, int format);
 int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
 
 /*!
-    \ingroup openSSL 
-    \brief  ��関数��SSL接続�使用�れ��るプライベートRSAキーをSSLセッション（WolfSSL構造体）�ロード���。��関数��wolfssl�OpenSSL互�層有効（--enable-openSSlextra�#define openssl_extra）�コンパイル�れ��る場����利用�能��より一般的�使用�れるwolfssl_use_privatekey_file（）関数�����。ファイル引数���RSA秘密�ファイル���インタ��フォーマット�指定�れ�形����れ����。
-    \return SSL_SUCCESS  �功�る�
-    \return SSL_FAILURE  関数呼�出��失敗��場���能�原因��次�よ���り��。入力キーファイル�誤��形���る�����「format�引数を使用��誤��形��与�られ��る場���ファイル�存在����読�込�������破�������メモリ�足状態�発生���
-    \param ssl  wolfssl_new（）を使用��作��れ�wolfssl構造���インタ
+    \ingroup openSSL
+    \brief  ��関数��SSL接続�使用�れ��るRSA秘密�をSSLセッション（WOLFSSL構造体）�ロード���。
+    ��関数��wolfSSL�OpenSSL互�APIを有効（--enable-openSSlExtra�#define OPENSSL_EXTRA）�ビルド�れ��る場����利用�能��
+    より一般的�使用�れるwolfSSL_use_PrivateKey_file()関数�����。
+    引数file���RSA秘密�ファイル���インタ��フォーマット�指定�れ�形����れ����。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  関数呼�出��失敗��場��返�れ��。
+    �能�原因��次�よ��も���り��：
+    ファイル�誤��形�����引数formatを使用��誤��形��与�られ��
+    メモリ�足状態�発生���ファイル�Base16�デコード�失敗��
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int ret = 0;
@@ -956,12 +1362,21 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
 int wolfSSL_use_RSAPrivateKey_file(WOLFSSL* ssl, const char* file, int format);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数�wolfssl_ctx_load_verify_locations�似������Derフォーマット�れ�CAファイルをSSLコンテキスト（WolfSSL_CTX）�ロード�る��を許����。�れ���PEM形��CAファイルをロード�る���も使用�れる�も�れ��ん。�れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。ファイル引数�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル��り得る。複数�CA CERT���ファイル���れ��る場��WolfSSL�ファイル�表示�れ��る����順���れらをロード���。 format引数��証明書�SSL_FILETYPE_PEM���SSL_FILETYPE_ASN1（DER）���れ���る形�を指定���。 wolfssl_ctx_load_verify_locations��異�り���関数�特定�ディレクトリパス�ら�CA証明書�ロードを許����ん。��関数��WolfSSLライブラリ�wolfssl_der_doad定義�れ�状態�コンパイル�れ������利用�能��。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FAILURE  失敗�る�。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ
+    \ingroup CertsKeys
+    \brief  ��関数�wolfSSL_CTX_load_verify_locations�似������
+    DERフォーマット�れ�CAファイルをSSLコンテキスト（WOLFSSL_CTX）�ロード�る��を許����。
+    �れ���PEM形��CAファイルをロード�る���も使用�れる�も�れ��ん。
+    �れら�証明書��信頼��るルート証明書���扱�れ�SSL�ンドシェイク中�ピア�ら�信��証明書を検証�る���使用�れ��。
+    ファイル引数�よ���供�れるルート証明書ファイル���一�証明書���複数�証明書を�むファイル�も�能。
+    複数�CA証明書���ファイル���れ��る場��wolfSSL�ファイル�表示�れ��る����順���れらをロード���。
+    引数format��証明書�SSL_FILETYPE_PEM���SSL_FILETYPE_ASN1（DER）���れ���る形�を指定���。
+    wolfSSL_CTX_load_verify_locations��異�り���関数�特定�ディレクトリパス�ら�CA証明書�ロードを許����ん。
+    ��関数��wolfSSLライブラリ�WOLFSSL_DER_LOADマクロ�定義�れ�状態�ビルド�れ������利用�能��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  失敗�る�返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ
     \param file  wolfssl SSLコンテキスト�ロード�れるCA証明書を�むファイル���をフォーマット�指定�れ�形��指定���。
+
     _Example_
     \code
     int ret = 0;
@@ -981,10 +1396,11 @@ int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
                                           const char* file, int format);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��入力����所望�SSL / TLSプロトコル方�を����新��SSLコンテキストを作����。
-    \return pointer  正常�コール�新��作��れ�wolfssl_ctx���インタを返���。
-    \return NULL  失敗�る�。
+    \ingroup Setup
+    \brief  ��関数��所望�SSL/TLSプロトコル用メソッド構造体を引数�����新��SSLコンテキストを作����。
+    \return pointer  �功��場��新��作��れ�WOLFSSL_CTX構造体���インタを返���。
+    \return NULL  失敗時�返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX*    ctx    = 0;
@@ -1005,10 +1421,11 @@ int wolfSSL_CTX_der_load_verify_locations(WOLFSSL_CTX* ctx,
 WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数�新��SSLセッションを作������作��れ�SSLコンテキストを入力���作����。
-    \return *  �功��場��呼�出��新��作��れ�WolfSSL構造���インタを返���。
-    \return NULL  失敗�る�。
+    \ingroup Setup
+    \brief  ��関数����作��れ�SSLコンテキスト(WOLFSSL_CTX)を入力����新��SSLセッション(WOLFSSL)を作����。
+    \return �功��場��新��作��れ�WOLFSSL構造体���インタを返���。
+    \return NULL  失敗時�返�れ��。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -1031,11 +1448,13 @@ WOLFSSL_CTX* wolfSSL_CTX_new(WOLFSSL_METHOD*);
 WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��SSL接続�入出力機能���ファイル記述�（FD）を割り当���。通常�れ�ソケットファイル記述���り��。
-    \return SSL_SUCCESS  �功�る�。
-    \return Bad_FUNC_ARG  失敗�る�。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \ingroup Setup
+    \brief  ��関数��SSL接続�入出力機能���ファイル記述�(fd)を割り当���。通常�れ�ソケットファイル記述���り��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  失敗時�返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param fd SSL/TLS接続�使用�るファイルディスクリプタ
+
     _Example_
     \code
     int sockfd;
@@ -1059,10 +1478,13 @@ int  wolfSSL_set_fd (WOLFSSL* ssl, int fd);
     \brief ��関数�ファイルディスクリプタ(fd)をSSLコ�クション�入出力手段���設定���。
     通常�ソケットファイルディスクリプタ�指定�れ��。��関数�DTLS専用�API��り�ソケット�接続済��マーク�れ��。
     ������与�られ�fd�対�るrecvfrom�sendto呼�出���addr�addr_len�NULL�設定�れ��。
+
     \return SSL_SUCCESS �功時�返�れ��。
-    \return Bad_FUNC_ARG 失敗時�返�れ��。
-    \param ssl wolfSSL_new()�生��れ�SSLセッション���インタ。
+    \return BAD_FUNC_ARG 失敗時�返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param fd SSL/TLSコ�クション�使用�るファイルディスクリプタ。
+
     _Example_
     \code
     int sockfd;
@@ -1086,26 +1508,75 @@ int  wolfSSL_set_fd (WOLFSSL* ssl, int fd);
 int wolfSSL_set_dtls_fd_connected(WOLFSSL* ssl, int fd);
 
 /*!
-    \ingroup IO 
-    \brief  渡�れ�優先順��暗����を�得���。
-    \return string  �功
-    \return 0  優先順��範囲外���無効��。
+    \ingroup Setup
+
+    \brief ��関数�DTLS ClientHelloメッセージ�正��処����際�呼�出�れるコール�ック関数を設定���。
+            クッキー交�メカニズムを使用�る場�(DTLS1.2�HelloVerifyRequest �
+            DTLS1.3�クッキー拡張を伴��HelloRetryRequest���れ�を使用�る場�)���
+            クッキー交���功��時点���コール�ック関数�呼�出�れ��。
+            ��機能�����WOLFSSLオブジェクトを新��接続を待���るリスナー���使�,
+            ClientHello�検証�れ�WOLFSSLオブジェクト�ら絶���る�������。
+            ��場��検証�クッキー交��ClientHello�正��フォーマット�����る���ェック�よ����れ��。
+
+           DTLS 1.2:
+           https://datatracker.ietf.org/doc/html/rfc6347#section-4.2.1
+           DTLS 1.3:
+           https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2
+
+    \return SSL_SUCCESS �功時�返�れ��。
+    \return BAD_FUNC_ARG 失敗時�返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param fd SSL/TLSコ�クション�使用�るファイルディスクリプタ。
+
+    _Example_
+    \code
+
+    // Called when we have verified a connection
+    static int chGoodCb(WOLFSSL* ssl, void* arg)
+    {
+        // setup peer and file descriptors
+
+    }
+
+    if (wolfDTLS_SetChGoodCb(ssl, chGoodCb, NULL) != WOLFSSL_SUCCESS) {
+         // error setting callback
+    }
+    \endcode
+
+    \sa wolfSSL_set_dtls_fd_connected
+*/
+int wolfDTLS_SetChGoodCb(WOLFSSL* ssl, ClientHelloGoodCb cb, void* user_ctx);
+
+/*!
+    \ingroup IO
+
+    \brief ��関数�引数�渡�れ�優先順��暗��(Cipher)文字列���インタを返���。
+
+    \return �功時��暗��(Cipher)文字列���インタを返���。
+    \return 0 引数�渡�れ�優先順��範囲外��る��無効�値����場��返�れ��。
+
+    \param priority 整数値�指定�る優先順�
+
     _Example_
     \code
     printf("The cipher at 1 is %s", wolfSSL_get_cipher_list(1));
     \endcode
+
     \sa wolfSSL_CIPHER_get_name
     \sa wolfSSL_get_current_cipher
 */
 char* wolfSSL_get_cipher_list(int priority);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�wolfssl�イ�ーブル�れ�暗�を�得���。
+    \ingroup IO
+    \brief  ��関数�wolfSS�有効化�れ��る暗��(Cipher)を�得���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
-    \return BAD_FUNC_ARG  bufパラメータ�null�場�����len引数�ゼロ以下�場��返�れ��。
-    \return BUFFER_E  �ッファ��分�大�����オー�ーフロー�る�返�れ��。
-    \param buf  �ッファを表�文字�インタ。
+    \return BAD_FUNC_ARG  引数buf�NULL�場�����引数len�ゼロ以下�場��返�れ��。
+    \return BUFFER_E  �ッファ��分�大�����オー�ーフロー�る�能性��る場��返�れ��。
+    \param buf  文字列を格��る�ッファ���インタ。
+    \param len �ッファ�サイズ
+
     _Example_
     \code
     static void ShowCiphers(void){
@@ -1124,10 +1595,12 @@ char* wolfSSL_get_cipher_list(int priority);
 int  wolfSSL_get_ciphers(char* buf, int len);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��引数をwolfssl_get_cipher_name_internal�渡����よ���DHE-RSA�形��暗��を�得���。
-    \return string  ��関数��一致��暗�スイート�文字列表�を返���。
-    \return NULL  エラー���暗��見��り��ん。
+    \ingroup IO
+    \brief  ��関数��引数をwolfSSL_get_cipher_name_internal�渡����よ���DHE-RSA�形��暗��を�得���。
+    \return �功時��一致��暗�スイート�文字列表�を返���。
+    \return NULL  エラー���暗��見��ら��場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -1149,9 +1622,10 @@ int  wolfSSL_get_ciphers(char* buf, int len);
 const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��SSL接続�入出力機能���使用�れるファイル記述�（FD）を返���。通常�れ�ソケットファイル記述���り��。
-    \return fd  正常�コール�SSLセッションファイル記述�を返���。
+    \ingroup IO
+    \brief  ��関数��SSL接続�入出力機能���使用�れるファイル記述�(fd)を返���。通常�れ�ソケットファイル記述���り��。
+    \return fd  �功時��SSLセッション�関連��られ��るファイル記述�を返���。
+
     _Example_
     \code
     int sockfd;
@@ -1165,10 +1639,18 @@ const char* wolfSSL_get_cipher_name(WOLFSSL* ssl);
 int  wolfSSL_get_fd(const WOLFSSL*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfsslオブジェクト�基礎��るI / O�ブロック�れ������を通知���。アプリケーション�WolfSSLオブジェクトを作���後�ブロッキング以外�ソケット�使用�れる場���wolfssl_set_using_nonblock（）を呼�出���。�れ�より�wolfsslオブジェクト��Ewouldblockを�信�る��を�味���。
-    \return none  返���。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSLオブジェクト�基礎��るI/O�ノンブロック��る��を通知���。
+    アプリケーション�WOLFSSLオブジェクトを作���後�ブロッキング以外�ソケット�使用�る場���
+    wolfssl_set_using_nonblock()を呼�出���。
+    �れ�より�wolfsslオブジェクト��EWOULDBLOCKを�信�る��を�味���。
+
+    \return ��
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param nonblock WOLFSSLオブジェクト�ノンブロッキングI/Oを使用�る��を通知�るフラグ。
+    １を指定�る���ノンブロッキングI/Oを使用�る��を指定�る。
+
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1182,10 +1664,15 @@ int  wolfSSL_get_fd(const WOLFSSL*);
 void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock);
 
 /*!
-    \ingroup IO 
-    \brief  ��機能�より�WolfSSL��ブロッキングI / Oを使用���る����をアプリケーション�判断����。WolfSSL�ノンブロッキングI / Oを使用���る場����関数�1を返���。�れ�より�wolfsslオブジェクト��Ewouldblockを�信�る��を�味���。
-    \return 0  基礎��るI / O�ブロック�れ����。
-    \return 1  基礎��るI / O��ブロッキング��。
+    \ingroup IO
+    \brief  ��機能�より�wolfSSL�ノンブロッキングI/Oを使用���る����をアプリケーション�判断����。
+    wolfSSL�ノンブロッキングI/Oを使用���る場����関数�1を返���。
+    アプリケーション�WOLFSSLオブジェクトを生���後�wolfSSL_set_using_nonblock()を呼�出��ノンブロッキングソケットを使����関数�１を返���。
+    �れ�より�WOLFSSLオブジェクト��recevfrom�タイムアウト��代�り�EWOULDBLOCKを�信�るよ���り��。
+
+    \return 0  基礎��るI/O�ブロック�れ����。
+    \return 1  基礎��るI/O��ブロッキング��。
+
     _Example_
     \code
     int ret = 0;
@@ -1202,13 +1689,22 @@ void wolfSSL_set_using_nonblock(WOLFSSL* ssl, int nonblock);
 int  wolfSSL_get_using_nonblock(WOLFSSL*);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数���ッファ�データ�SSL接続�SSL�SZ�イトを書�込���。必��応���wolfssl_write（）���wolfssl_connect（）���wolfssl_accept（）�よ����実行�れ����場��wolfssl_write（）�SSL / TLSセッションを�ゴシエート���。wolfssl_write（）��ブロック��ブロッキングI / O�両方�動作���。基礎��る入出力�ブロック�れ����場��wolfssl_write（）�wolfssl_write（）�ニーズを満��������������wolfssl_write（）�戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。���果�基礎��るI / O�準備����ら�呼�出��プロセス�wolfssl_write（）��呼�出�を繰り返�必���り��。基礎��る入出力�ブロック�れ��る場��WolfSSL_WRITE（）��サイズSZ��ッファデータ�完全�書�れ��エラー�発生��ら�戻る����。
-    \return >0  �功時�書�れ��イト数。
-    \return 0  失敗�����返�れ��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
-    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_WRITE（）を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param data  ピア��信�れるデータ�ッファ。
+    \ingroup IO
+    \brief  ��関数���ッファ�る��データ�ら�SSL接続�対���sz�イトを書�込���。
+    必��応���wolfSSL_write()�呼�出�時点����wolfSSL_connect()���wolfSSL_accept()���呼�出�れ����場��SSL/TLSセッションを�ゴシエート���。
+    wolfSSL_write()��ブロック�ノンブロッキングI/O�両方�動作���。
+    基礎��る入出力�ノンブロッキング�設定�れ��る場��wolfSSL_write()��求を満�����������らwolfSSL_write()�関数呼�出��ら���戻り��。
+    ��場��wolfSSL_get_error()�呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を返���。
+    ���果�基礎��るI/O�準備����ら�呼�出��プロセス�wolfssl_write()��呼�出�を繰り返�必���り��。
+    基礎��る入出力�ブロック�れ��る場��WolfSSL_WRITE()��サイズSZ��ッファデータ�完全�書�れ��エラー�発生��ら�戻る����。
+
+    \return �功時��書�込ん��イト数（1以上）を返���。
+    \return 0  失敗�����返�れ��。特定�エラーコード����wolfSSL_get_error()を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_WRITE()を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param data  ピア��信�れるデータを�ん��る�ッファ���インタ。
+    \param sz �信データを�ん��る�ッファ�サイズ
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1230,13 +1726,25 @@ int  wolfSSL_get_using_nonblock(WOLFSSL*);
 int  wolfSSL_write(WOLFSSL* ssl, const void* data, int sz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��SSLセッション（SSL）内部読��り�ッファ�らSZ�イトを�ッファデータ�読�出���。読��られ��イト�内部�信�ッファ�ら削除�れ��。必��応���wolfssl_read（）���wolfssl_connect（）���wolfssl_accept（）�よ����実行�れ����場���wolfssl_read（）�SSL / TLSセッションを�ゴシエート���。 SSL / TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。�����WolfSSL��レコードを処��よ�復�化�る�����る���SSLレコード全体を内部的�読��る必���り��。�����wolfssl_read（）��呼�出���呼�出�時�復�化�れ�最大�ッファサイズを返��������。検索�れ�次回�wolfssl_read（）��呼�出��復�化�れる内部WolfSSL�信�ッファ�待機�����追加�復�化データ��る�も�れ��ん。 SZ�内部読��り�ッファ内��イト数より大��場��SSL_READ（）�内部読��り�ッファ�使用�能��イトを返���。 BYTES�内部読��り�ッファ��ッファ�れ����場���WOLFSSL_READ（）��呼�出��次�レコード�処�をトリガー���。
-    \return >0  �功時�読��られ��イト数。
-    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
-    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSL_READ（）を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param data  wolfssl_read（）�データを読��る�ッファー。
+    \ingroup IO
+    \brief  ��関数��SSLセッション(ssl)�内部読��り�ッファ�らsz�イトを�ッファデータ�読�出���。
+    読��られ��イト�内部�信�ッファ�ら削除�れ��。
+    必��応���wolfSSL_read()�呼�出�時点����wolfSSL_connect()���wolfSSL_accept()���呼�出�れ����場��SSL/TLSセッションを�ゴシエート���。
+    SSL/TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。
+    �����wolfSSL��レコードを処��よ�復��る�����る���SSLレコード全体を内部的�読��る必���り��。
+    �����wolfSSL_read()��呼�出���呼�出�時�復��れ�最大�ッファサイズを返��������。
+    検索�れ�次回�wolfSSL_read()��呼�出��復��れる内部wolfSSL�信�ッファ�待機�����追加�復�データ��る�も�れ��ん。
+    sz�内部読��り�ッファ内��イト数より大��場��wolfSSL_read()�内部読��り�ッファ�使用�能��イトを返���。
+    BYTES�内部読��り�ッファ��ッファ�れ����場���wolfSSL_read()��呼�出��次�レコード�処�をトリガー���。
+
+    \return �功時��読��られ��イト数（1以上）を返���。
+    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。
+    特定�エラーコード����wolfSSL_get_error()を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生��������ノンブロッキングソケットを使用�る����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度wolfSSL_read()を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param data  wolfSSL_read()�読��るデータを格��る�ッファ���インタ。
+    \param sz �ッファ�読��るデータ�サイズ
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1259,13 +1767,15 @@ int  wolfSSL_write(WOLFSSL* ssl, const void* data, int sz);
 int  wolfSSL_read(WOLFSSL* ssl, void* data, int sz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�SSLセッション（SSL）内部読��り�ッファ�らSZ�イトを�ッファデータ�コピー���。��関数��内部SSLセッション�信�ッファ内�データ�削除�れ�����変更�れ������を除���wolfssl_read（）�����。必��応���wolfssl_read（）�よ���wolfssl_peek（）���wolfssl_connect（）���wolfssl_accept（）�よ����実行�れ����場��wolfssl_peek（）�SSL / TLSセッションを�ゴシエート���。 SSL / TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。�����WolfSSL��レコードを処��よ�復�化�る�����る���SSLレコード全体を内部的�読��る必���り��。�����wolfssl_peek（）��呼�出���呼�出�時�復�化�れ�最大�ッファサイズを返��������。 wolfssl_peek（）/ wolfssl_read（）��次�呼�出��検索�よ�復�化�れる内部WolfSSL�信�ッファ内�待機�����追加�復�化データ��る�も�れ��ん。 SZ�内部読��り�ッファ内��イト数よりも大��場��SSL_PEEK（）�内部読��り�ッファ�使用�能��イトを返���。�イト�内部読��り�ッファ��ッファ�れ����場��Wolfssl_peek（）��呼�出��次�レコード�処�をトリガー���。
-    \return >0  �功時�読��られ��イト数。
-    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
-    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WolfSSL_PEEK（）を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param data  wolfssl_peek（）�データを読��る�ッファー。
+    \ingroup IO
+    \brief  ��関数�SSLセッション（SSL）内部読��り�ッファ�らSZ�イトを�ッファデータ�コピー���。��関数��内部SSLセッション�信�ッファ内�データ�削除�れ�����変更�れ������を除���wolfssl_read()�����。必��応���wolfssl_read()�よ���wolfssl_peek()���wolfssl_connect()���wolfssl_accept()�よ����実行�れ����場��wolfssl_peek()�SSL / TLSセッションを�ゴシエート���。 SSL/TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。�����WolfSSL��レコードを処��よ�復�化�る�����る���SSLレコード全体を内部的�読��る必���り��。�����wolfssl_peek()��呼�出���呼�出�時�復�化�れ�最大�ッファサイズを返��������。 wolfssl_peek()/ wolfssl_read()��次�呼�出��検索�よ�復�化�れる内部WolfSSL�信�ッファ内�待機�����追加�復�化データ��る�も�れ��ん。 SZ�内部読��り�ッファ内��イト数よりも大��場��SSL_PEEK()�内部読��り�ッファ�使用�能��イトを返���。�イト�内部読��り�ッファ��ッファ�れ����場��Wolfssl_peek()��呼�出��次�レコード�処�をトリガー���。
+    \return �功時��読��られ��イト数（1以上）を返���。
+    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。特定�エラーコード����wolfSSL_get_error()を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生��������ノンブロッキングソケットを使用�る����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度wolfSSL_peek()を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param data  wolfSSL_peek()�データを読��る�ッファー。
+    \param sz �ッファ�読��るデータ�サイズ
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1282,10 +1792,19 @@ int  wolfSSL_read(WOLFSSL* ssl, void* data, int sz);
 int  wolfSSL_peek(WOLFSSL* ssl, void* data, int sz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�サー�ー��呼�出�れ�SSLクライアント�SSL / TLS�ンドシェイクを開始�る�を待���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。wolfssl_accept（）��ブロック��ブロッキングI / O�両方�動作���。基礎��る入出力�ノンブロッキング��る場��wolfssl_accept（）��基礎��るI / O�wolfssl_accept�ニーズを満��������������戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��読��り�能�データ�使用�能��り�wolfssl��止��場所を拾�����wolfssl_accept�呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select（）を使用��必���件を確�����。基礎��るI / O�ブロック�れ��る場��wolfssl_accept（）��ンドシェイク�終了��ら����エラー�発生��ら戻り��。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfssl_get_error（）を呼�出���。
+    \ingroup IO
+    \brief  ��関数�サー�ー��呼�出�れ�SSLクライアント�SSL/TLS�ンドシェイクを開始�る�を待���。
+    ��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。
+    wolfSSL_accept()��ブロック�ノンブロッキングI/O�両方�動作���。
+    基礎��る入出力�ノンブロッキング��る場��wolfSSL_accept()��基礎��るI/O�wolfSSL_accept��求を満��������������戻り��。
+    ��場��wolfSSL_get_error()��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。
+    呼�出�プロセス��読��り�能�データ�使用�能��り�wolfSSL��止��場所を拾�����wolfSSL_accept�呼�出�を繰り返�必���り��。
+    ノンブロッキングソケットを使用�る場���何も実行�る必���り����select()を使用��必���件を確�����。
+    基礎��るI/O�ブロック�れ��る場��wolfSSL_accept()��ンドシェイク�終了��ら����エラー�発生��ら戻り��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfSSL_get_error()を呼�出���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int ret = 0;
@@ -1306,9 +1825,12 @@ int  wolfSSL_peek(WOLFSSL* ssl, void* data, int sz);
 int  wolfSSL_accept(WOLFSSL*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��割り当�られ�wolfssl_ctxオブジェクトを解放���。��関数�CTX�照数を減ら���照カウント�0���������コンテキストを解放���。
-    \return none  返���。
+    \ingroup Setup
+    \brief  ��関数��割り当�られ�WOLFSSL_CTXオブジェクトを解放���。
+    ��関数�CTX�照数を減ら���照カウント�0���������コンテキストを解放���。
+    \return ��
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -1322,9 +1844,11 @@ int  wolfSSL_accept(WOLFSSL*);
 void wolfSSL_CTX_free(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数�割り当�られ�wolfsslオブジェクトを解放���。
-    \return none  返���。
+    \ingroup Setup
+    \brief  ��関数�割り当�られ�WOLFSSLオブジェクトを解放���。
+    \return ��
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -1340,11 +1864,21 @@ void wolfSSL_CTX_free(WOLFSSL_CTX*);
 void wolfSSL_free(WOLFSSL*);
 
 /*!
-    \ingroup TLS 
-    \brief  ��関数��SSLセッションSSLを使用��アクティブ�SSL / TLS接続をシャットダウン���。��関数��ピア�「Close Notify�アラートを�信�よ�����。呼�出��アプリケーション��Peer���「閉�る通知�アラートを応答��信�る�を待������直接wolfssl_shutdownを呼�出��後（リソースを�存�る���）wolfssl_shutdownを直接通話��後�基礎��る接続を�止�る�を待��������。��ら�オプション�TLS仕様�許��れ����。将��基礎��る接続���使用�れる場���期をピア間�無傷��������完全�2方��シャットダウン手順を実行�る必���り��。 wolfssl_shutdown（）��ブロック��ブロッキングI / O�両方�動作���。基礎��るI / O�ノンブロッキング�れ����場��wolfsl_shutdown（）�wolfssl_shutdown（）�ニーズを満�����������場��wolfssl_shutdown（）�エラーを返���。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。���果�基礎��るI / O�準備����ら�呼�出��プロセス�wolfssl_shutdown（）��呼�出�を繰り返�必���り��。
-    \return SSL_SUCCESS  �功�戻り��。
-    \return SSL_SHUTDOWN_NOT_DONE  シャットダウン�終了�����場��返�れ�機能を�度呼�出�必���り��。
-    \return SSL_FATAL_ERROR  失敗�����返�れ��。より具体的�エラーコード�対��wolfssl_get_error（）を呼�出���。
+    \ingroup TLS
+    \brief  ��関数��引数ssl�SSLセッション�対��アクティブ�SSL/TLS接続をシャットダウン���。
+    ��関数��ピア�"Close Notify"アラートを�信�よ�����。
+    呼�出��アプリケーション��Peer���"Close Notify"アラートを応答����信���る�を待���
+    ���wolfSSL_shutdown�ら呼�出��戻��時点�（リソースを�存�る���）下層�接続を切断�る�を待��������。
+    ��ら�オプションもTLS仕様�許�れ����。シャットダウン��後�下層�接続を��別�セッション�使用�る予定�ら��ピア間��期を�����完全�2方��シャットダウン手順を実行�る必���り��。
+    wolfSSL_shutdown()��ブロック�ノンブロッキングI/O�両方�動作���。
+    下層�I/O�ノンブロッキング�場��wolfSSL_shutdown()��求を満�����������場��wolfSSL_shutdown()�エラーを返���。
+    ��場��wolfSSL_get_error()��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。
+    ���果�下層�I/O�準備����ら�呼�出��プロセス�wolfSSL_shutdown()��呼�出�を繰り返�必���り��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_SHUTDOWN_NOT_DONE  シャットダウン�終了�����場��返�れ�関数を�度呼�出�必���り��。
+    \return SSL_FATAL_ERROR  失敗�����返�れ��。より具体的�エラーコード�wolfSSL_get_error()を呼�出���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -1363,14 +1897,24 @@ void wolfSSL_free(WOLFSSL*);
 int  wolfSSL_shutdown(WOLFSSL*);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��基礎��る書�込��作����指定�れ�フラグを使用����ッファ�データ�データ�らSZ�イトをSSL接続SSL�書�込���。必��応���wolfssl_send（）���wolfssl_connect（）���wolfssl_accept（）�よ����実行�れ����場���wolfssl_send（）�SSL / TLSセッションを�ゴシエート���。wolfssl_send（）��ブロック��ブロッキングI / O�両方�動作���。基礎��る入出力��ブロック�れ����場��wolfssl_send（）�wolfssl_send�ニーズを満��������������wolfssl_send（）�戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。���果�基礎��る入出力�準備����ら�呼�出��プロセス�wolfssl_send（）��呼�出�を繰り返�必���り��。基礎��る入出力�ブロック�れ��る場��Wolfssl_send（）��サイズSZ��ッファデータ�完全�書�込�れ��エラー�発生��ら�戻る����。
-    \return >0  �功時�書�れ��イト数。
-    \return 0  失敗�����返�れ��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
-    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_SEND（）を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param data  ピア��信�るデータ�ッファ。
-    \param sz  ピア��信�れるデータ�サイズ（�イト）。
+    \ingroup IO
+    \brief  ��関数��書�込��作����指定�れ�フラグを使用���ッファ�る��データ�ら�SSL接続�対���sz�イトを書�込���。
+    必��応���wolfSSL_send()�呼�出�時点����wolfSSL_connect()���wolfSSL_accept()���呼�出�れ����場��SSL/TLSセッションを�ゴシエート���。
+    wolfSSL_send()��ブロック�ノンブロッキングI/O�両方�動作���。
+    基礎��る入出力�ノンブロッキング�設定�れ��る場��wolfSSL_send()��求を満�����������らwolfSSL_send()�関数呼�出��ら���戻り��。
+    ��場��wolfSSL_get_error()�呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を返���。
+    ���果�基礎��るI/O�準備����ら�呼�出��プロセス�wolfSSL_send()��呼�出�を繰り返�必���り��。
+    基礎��る入出力�ブロック�れ��る場��wolfSSL_send()��サイズSZ��ッファデータ�完全�書�れ��エラー�発生��ら�戻る����。
+
+    \return �功時��書�込ん��イト数（1以上）を返���。
+    \return 0  失敗�����返�れ��。特定�エラーコード����wolfSSL_get_error()を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_WRITE()を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param data  ピア��信�れるデータを�ん��る�ッファ���インタ。
+    \param sz �信データを�ん��る�ッファ�サイズ
+    \param flags 下層�I/O�send�対��指定�るフラグ
+
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1391,14 +1935,25 @@ int  wolfSSL_shutdown(WOLFSSL*);
 int  wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��基礎��るRECV動作����指定�れ�フラグを使用���SSLセッション（SSL）内部読��り�ッファ�らSZ�イトを�ッファデータ�読�出���。読��られ��イト�内部�信�ッファ�ら削除�れ��。��関数�wolfssl_read（）�����。����アプリケーション�基礎��る読��り�作�RECVフラグを設定��る��を許����。必��応��wolfssl_recv（）�wolfssl_connect（）���wolfssl_accept（）�よ���ンドシェイク���実行�れ����場���SSL / TLSセッションを�ゴシエート���。 SSL / TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。�����WolfSSL��レコードを処��よ�復�化�る�����る���SSLレコード全体を内部的�読��る必���り��。�����wolfssl_recv（）��呼�出���呼�出�時�復�化�れ�最大�ッファサイズを返������る����。 wolfssl_recv（）��次�呼�出��検索�よ�復�化�れる内部WolfSSL�信�ッファ�待機�����追加�復�化�れ�データ��る�も�れ��ん。 SZ�内部読��り�ッファ内��イト数よりも大��場��SSL_RECV（）�内部読��り�ッファ�使用�能��イトを返���。�イト�内部読��り�ッファ��ッファ�れ����場���WOLFSSL_RECV（）��呼�出��次�レコード�処�をトリガー���。
-    \return >0  �功時�読��られ��イト数。
-    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
-    \return SSL_FATAL_ERROR  エラー�発生��場������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー�発生��アプリケーション���WOLFSSL_RECV（）を呼�出�必���り��。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param data  wolfssl_recv（）�データを読��る�ッファー。
+    \ingroup IO
+    \brief  ��関数��基礎��るRECV動作����指定�れ�フラグを使用���SSLセッション（ssl）内部読��り�ッファ�らsz�イトを�ッファデータ�読�出���。
+    読��られ��イト�内部�信�ッファ�ら削除�れ��。
+    ��関数�wolfssl_read()�����。
+    ����アプリケーション�基礎��る読��り�作�RECVフラグを設定��る��を許����。
+    必��応��wolfssl_recv()�wolfssl_connect()���wolfssl_accept()�よ���ンドシェイク���実行�れ����場���SSL/TLSセッションを�ゴシエート���。
+    SSL/TLSプロトコル��最大サイズ�SSLレコードを使用���（最大レコードサイズ�<wolfssl_root> /wolfssl/internal.h）。
+    �����wolfSSL��レコードを処��よ�復��る�����る���SSLレコード全体を内部的�読��る必���り��。
+    �����wolfSSL_recv()��呼�出���呼�出�時�復��れ�最大�ッファサイズを返������る����。
+    wolfSSL_recv()��次�呼�出��検索�よ�復��れる内部wolfSSL�信�ッファ�待機�����追加�復�化�れ�データ��る�も�れ��ん。
+    引数sz�内部読��り�ッファ内��イト数よりも大��場��wolfSSL_recv()�内部読��り�ッファ�使用�能��イトを返���。
+    �イト�内部読��り�ッファ��ッファ�れ����場���wolfSSL_recv()��呼�出��次�レコード�処�をトリガー���。
+    \return �功時��読��られ��イト数(1以上)を返���。
+    \return 0  失敗�����返�れ��。�れ��クリーン（通知アラートを閉�る）シャットダウン���ピア�接続を閉������る���よ��発生�る�能性��り��。特定�エラーコード����wolfSSL_get_error()を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生��場������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー�発生��アプリケーション���WOLFSSL_RECV()を呼�出�必���り��。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param data  wolfSSL_recv()�データを読��る�ッファー。
     \param sz  データを読�込む����イト数。
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1419,11 +1974,20 @@ int  wolfSSL_send(WOLFSSL* ssl, const void* data, int sz, int flags);
 int  wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��以��API関数呼�出�（wolfssl_connect�wolfssl_accept�wolfssl_read�wolfssl_write��）�エラー戻りコード（ssl_failure）を呼�出���由を表�一��エラーコードを返���。��関数�戻り値��RETを介��wolfssl_get_error�渡�れ��。wolfssl_get_error�呼�出�れ�後�一��エラーコードを返����wolfssl_err_error_string（）を呼�出��人間�読�るエラー文字列を�得�る�������。詳細������wolfssl_err_error_string（）を�照������。
-    \return On  完了�功���関数����API関数�失敗���由を説明�る固有�エラーコードを返���。
-    \return SSL_ERROR_NONE  RET> 0�場��返�れ��.Ret <= 0�場��以��API�エラーコードを返��実際�発生�����場����値を返�場���り��。例��ゼロSZパラメータを使用��wolfssl_read（）を呼�出�����。a 0 wolfssl_read（）�ら�戻り値�通常エラーを示�������場��エラー�発生���ん���。wolfssl_get_error（）���後呼�出�れ�場��ssl_error_none�返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \ingroup Debug
+    \brief  ��関数��直��API関数呼�出�（wolfssl_connect�wolfssl_accept�wolfssl_read�wolfssl_write��）�エラーコード（SSL_FAILURE）を呼�出���由を表�一��エラーコードを返���。
+    直��関数�戻り値��retを介��wolfSSL_get_error�渡�れ��。wolfSSL_get_error�一��エラーコードを返���。
+    wolfSSL_err_error_string()を呼�出��人間�読�るエラー文字列を�得�る�������。
+    詳細������wolfSSL_err_error_string()を�照������。
+
+    \return 呼�出��功時���関数��直��関数�失敗���由を説明�る固有�エラーコードを返���。
+    \return SSL_ERROR_NONE  引数ret�0より大��場��返�れ��。ret�0以下�場��直��API�エラーコードを返��実際�発生�����場����値を返�場���り��。
+    例�����引数sz�0を渡��wolfSSL_read()を呼�出�場��発生���。
+    wolfssl_read()�0を戻��場��通常エラーを示�������場��エラー�発生�����ん。
+    従���wolfSSL_get_error()���後呼�出�れ�場��ssl_error_none�返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int err = 0;
@@ -1442,10 +2006,12 @@ int  wolfSSL_recv(WOLFSSL* ssl, void* data, int sz, int flags);
 int  wolfSSL_get_error(WOLFSSL* ssl, int ret);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�アラート履歴を�得���。
     \return SSL_SUCCESS  関数�正常�完了�����返�れ��。警告履歴�����������れ�も�戻り値�SSL_SUCCESS��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+    \param h WOLFSSL構造体�"alert_history member" �値�格��れる�WOLFSSL_ALERT_HISTORY構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
@@ -1460,12 +2026,20 @@ int  wolfSSL_get_error(WOLFSSL* ssl, int ret);
 int  wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��SSLオブジェクトSSL�SSL / TLS接続を確立�る���使用�れる���使用�れるセッションを設定���。セッション��開�場��wolfssl_shutdown（）をセッションオブジェクト�呼�出����アプリケーション�オブジェクト�らwolfssl_get1_session（）を呼�出���存�る必���り��。�れ�セッション���インタを返���。後��アプリケーション�新��WolfSSLオブジェクトを作����存��セッションをwolfssl_set_session（）�割り当�る必���り��。��時点��アプリケーション�wolfssl_connect（）を呼�出��WolfSSL�セッションを�開�よ�����。WolfSSLサー�ーコード���デフォルト�セッション��開を許����。wolfssl_get1_session（）�よ��返�れ�オブジェクト��アプリケーション��れを使用���れを使用��解放�れる必���り��。
+    \ingroup Setup
+    \brief  ��関数��SSLオブジェクトSSL�SSL/TLS接続を確立�る目的�使用�るセッションを設定���。
+    セッション�開を行�場��wolfSSL_shutdown()を呼�出���wolfSSL_get1_session()を呼�出��セッションオブジェクトを�得��セッションIDを�存����必���り��。
+    後��アプリケーション�新��WOLFSSLオブジェクトを作����存��セッションをwolfSSL_set_session()�渡�必���り��。
+    ��後アプリケーション�wolfSSL_connect()を呼�出��wolfSSL�セッション�開を試���。
+    wolfSSLサー�ーコード���デフォルト�セッション�開を許����。
+    wolfSSL_get1_session()�よ��返�れ�オブジェクト��アプリケーション�使用後�解放�る必���り��。
+
     \return SSL_SUCCESS  セッションを正常�設定�る�返�れ��。
     \return SSL_FAILURE  失敗��場��返�れ��。�れ�セッションキャッシュ�無効�����る����セッション�タイムアウト��場��よ��発生�る�能性��り��。
-    \return When  OpenSSL_EXTRA�WOLFSSL_ERROR_CODE_OPENSSL�定義�れ��る���セッション�タイムアウト����もSSL_SUCCESS�返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \return OPENSSL_EXTRA�WOLFSSL_ERROR_CODE_OPENSSL�定義�れ��る場����セッション�タイムアウト����もSSL_SUCCESS�返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param session WOLFSSL_SESSION構造体���インタ。
+
     _Example_
     \code
     int ret;
@@ -1489,10 +2063,19 @@ int  wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *h);
 int        wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
 
 /*!
-    \ingroup IO 
-    \brief  NO_SESSION_CACHE_REF�定義�れ��る場����関数�SSL�使用�れ��る�在�セッション（WolfSSL_SESSION）���インタを返���。��関数��wolfssl_sessionオブジェクト��永続的��インタを返���。返�れる�インタ��wolfssl_free�呼�出�れ����解放�れ��。��呼�出����在�セッションを検査���変更�る�����使用�れ��。セッション��開�場���wolfssl_get1_session（）を使用�る��を�勧����。NO_SESSION_CACHE_REF�定義�れ����場��後方互�性�������関数�ローカルキャッシュ�格��れ��る永続セッションオブジェクト�インタを返���。キャッシュサイズ�有���り�アプリケーション�wolfssl_set_session（）を呼�出�時���セッションオブジェクト�別�SSL接続�よ��上書��れる�険性��り��。アプリケーション�NO_SESSION_CACHE_REFを定義��セッション�開�wolfssl_get1_session（）を使用�る��を�勧����。
-    \return pointer  正常�コール��在�SSLセッションオブジェクト���インタを返���。
-    \return NULL  SSL�NULL�場��SSLセッションキャッシュ�無効�����る場��WolfSSL�セッションIDを使用��������ミューテックス関数�失敗���。
+    \ingroup IO
+    \brief  NO_SESSION_CACHE_REF�定義�れ��る場����関数�SSL�使用�れ��る�在�セッション（WOLFSSL_SESSION）���インタを返���。
+    ��関数��WOLFSSL_SESSIONオブジェクト��永続的��インタを返���。
+    返�れる�インタ��wolfSSL_free�呼�出�れ����解放�れ��。
+    ��呼�出����在�セッションを検査���変更�る�����使用�れ��。
+    セッション�開�使用�る場���wolfSSL_get1_session()を使用�る��を�勧����。
+    NO_SESSION_CACHE_REF�定義�れ����場��後方互�性�������関数�ローカルキャッシュ�格��れ��る永続セッションオブジェクト�インタを返���。
+    キャッシュサイズ�有���り�アプリケーション�wolfSSL_set_session()を呼�出�時���セッションオブジェクト�別�SSL接続�よ��上書��れる�険性��り��。
+    アプリケーション�NO_SESSION_CACHE_REFを定義��セッション�開�wolfSSL_get1_session()を使用�る��を�勧����。
+
+    \return �在�SSLセッションオブジェクト���インタを返���。
+    \return NULL  ssl�NULL�場��SSLセッションキャッシュ�無効�����る場��wolfSSL�セッションIDを使用��������ミューテックス関数�失敗��場��返�れ��。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -1510,10 +2093,17 @@ int        wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
 WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
-    \brief  ��機能��期�切れ����セッションキャッシュ�らセッションをフラッシュ���。時間比較��TM�使用�れ��。WolfSSL��在セッション��的テーブルを使用���る���フラッシング�����。�������機能��在サブ����。��関数��wolfssl�OpenSSL互�層�コンパイル�れ��る���OpenSSL互�性（ssl_flush_sessions）を�供���。
-    \return none  ���返���。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \ingroup IO
+    \brief  ��機能��期�切れ����セッションキャッシュ�らセッションをフラッシュ���。
+    時間比較��引数tm�使用�れ��。
+    wolfSSL��在セッション��的テーブルを使用���る���フラッシング�����。
+    �������機能��在スタブ���存在�����。
+    ��関数��wolfssl�OpenSSL互�層�コンパイル�れ��る���OpenSSL互�性（ssl_flush_sessions）を�供���。
+
+    \return ��
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+    \param tm セッション�有効期��比較�使用�れる時間
+
     _Example_
     \code
     WOLFSSL_CTX* ssl;
@@ -1526,13 +2116,16 @@ WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
 void       wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm);
 
 /*!
-    \ingroup TLS 
-    \brief  ��関数�クライアントセッションをサー�ーID�関連付���。Newsessionフラグ�オン�場��既存�セッション��利用�れ��ん。
+    \ingroup TLS
+    \brief  ��関数�クライアントセッションをサー�ーID�関連付���。引数newSession�オン�場��既存�セッション��利用�れ��ん。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
-    \return BAD_FUNC_ARG  wolfssl struct���idパラメータ�null�場�����Len�ゼロ以下�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param id  wolfssl_session構造体�ServerIDメン�ー�コピー�れる定数�イト�インタ。
-    \param len  セッションIDパラメータ�長�を表�int型。
+    \return BAD_FUNC_ARG  引数ssl���引数id�NULL�場�����引数len�ゼロ以下�場��返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param id  WOLFSSL_SESSION構造体�ServerIDメン�ー�コピー�れるサー�ーIDデータ���インタ。
+    \param len  サー�ーIDデータ�サイズ
+    \param newSession セッションを�利用�る���を指定�るフラグ。オン�場��既存�セッション��利用�れ��ん。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol );
@@ -1553,9 +2146,11 @@ int        wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char* id,
                                          int len, int newSession);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��WolfSSL構造体�セッションインデックスを�得���。
-    \return int  ��関数��wolfssl構造体内�SessionIndexを表�int型を返���。
+    \ingroup IO
+    \brief  ��関数��WOLFSSL構造体�指定セッションインデックス値を�得���。
+    \return ��関数��WOLFSSL構造体内�SessionIndexを表�int型�値を返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX_new( protocol method );
@@ -1572,12 +2167,15 @@ int        wolfSSL_SetServerID(WOLFSSL* ssl, const unsigned char* id,
 int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�セッションキャッシュ�指定�れ�インデックス�セッションを�得���れをメモリ�コピー���。wolfssl_session構造体�セッション情報を�����。
+    \ingroup IO
+    \brief  ��関数�セッションキャッシュ�指定�れ�インデックス�セッションを�得���れをメモリ�コピー���。
+    WOLFSSL_SESSION構造体�セッション情報を�����。
     \return SSL_SUCCESS  関数�正常�実行�れ�エラー�スロー�れ����場��返�れ��。
-    \return BAD_MUTEX_E  アンロック���ロックミューテックスエラー�発生��場��返�れ��。
+    \return BAD_MUTEX_E  アンロック���ロックミューテックスエラー�発生��場��返�れ��。
     \return SSL_FAILURE  関数�正常�実行�れ����場��返�れ��。
-    \param idx  セッションインデックスを表�int型。
+    \param idx  セッションインデックス値
+    \param session WOLFSSL_SESSION構造体���インタ
+
     _Example_
     \code
     int idx; // The index to locate the session.
@@ -1594,9 +2192,10 @@ int wolfSSL_GetSessionIndex(WOLFSSL* ssl);
 int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
 
 /*!
-    \ingroup IO 
-    \brief  wolfssl_session構造体�らピア証明書�ェーンを返���。
-    \return pointer  ピア�証�ェーンを�むWOLFSSL_X509_CHAIN構造体���インタ。
+    \ingroup IO
+    \brief  WOLFSSL_SESSION構造体�らピア証明書�ェーンを返���。
+    \param session WOLFSSL_SESSION構造体���インタ
+
     _Example_
     \code
     WOLFSSL_SESSION* session;
@@ -1615,11 +2214,31 @@ int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
     WOLFSSL_X509_CHAIN* wolfSSL_SESSION_get_peer_chain(WOLFSSL_SESSION* session);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数�リモートピア�検証方法を設定����SSLコンテキスト�登録�れる��を確��る��も����。検証コール�ック��検証障害�発生��場����呼�出�れ��。検証コール�ック�必��場���NULL�インタをverify_callback�使用����。ピア証明書�検証モード��論�的���フラグ�リスト��。�能�フラグ値�次���り��.SSL_VERIFY_NONEクライアントモード：クライアント�サー�ー�ら�信��証明書を検証����ンドシェイク�通常��り続���。サー�ーモード：サー�ー�クライアント�証明書�求を�信���ん。�����クライアント検証�有効��り��ん。 ssl_verify_peerクライアントモード：クライアント��ンドシェイク中�サー�ー�ら�信��証明書を検証���。�れ�wolfssl��デフォルト�オン��れ��。��������オプションを使用�る�効果��り��ん。サー�ーモード：サー�ー�証明書�求をクライアント��信���信��クライアント証明書を確����。 ssl_verify_fail_if_no_peer_certクライアントモード：クライアント��使用�れ����場��効果��り��ん。サー�ーモード：�求�れ����クライアント�証明書��信�失敗��場���サー�ー��検証�失敗���（SSLサー�ー�SSL_VERIFY_PEERを使用�る場�）。 ssl_verify_fail_except_pskクライアントモード：クライアント��使用�れ����場��効果��り��ん。サー�ーモード：PSK接続�場�を除��検証�ssl_verify_fail_if_no_peer_cert�����。 PSK接続�行�れ��る場��接続�ピア証明書���通����。
-    \return none  返���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
-    \param mode  セッションタイムアウト値（秒）
+    \ingroup Setup
+    \brief  ��関数�リモートピア�検証方法を設定����証明書検証コール�ック関数をSSLコンテキスト�登録�る��も����。
+    検証コール�ック��検証障害�発生��場����呼�出�れ��。
+    検証コール�ック�必��場���NULL�インタをverify_callback�使用����。
+    ピア証明書�検証モード��論�的���フラグ�リスト��。
+    �能�フラグ値�次���り��:<br>
+    SSL_VERIFY_NONE<br>
+     -クライアントモード：クライアント�サー�ー�ら�信��証明書を検証����ンドシェイク�通常��り続���。<br>
+     -サー�ーモード：サー�ー�クライアント�証明書�求を�信���ん。�����クライアント検証�有効��り��ん。<br>
+    SSL_VERIFY_PEER<br>
+     -クライアントモード：クライアント��ンドシェイク中�サー�ー�ら�信��証明書を検証���。�れ�wolfSSL��デフォルト�オン��れ��。��������オプションを使用�る�効果��り��ん。<br>
+     -サー�ーモード：サー�ー�証明書�求をクライアント��信���信��クライアント証明書を確����。<br>
+    SSL_VERIFY_FAIL_IF_NO_PEER_CERT<br>
+     -クライアントモード：クライアント��使用�れ����場��効果��り��ん。<br>
+     -サー�ーモード：�求�れ����クライアント�証明書��信�失敗��場���サー�ー��検証�失敗���（SSLサー�ー�SSL_VERIFY_PEERを使用�る場�）。<br>
+    SSL_VERIFY_FAIL_EXCEPT_PSK<br>
+     -クライアントモード：クライアント��使用�れ����場��効果��り��ん。<br>
+     -サー�ーモード：PSK接続�場�を除��検証�SSL_VERIFY_FAIL_IF_NO_PEER_CERT�����。 PSK接続�行�れ��る場��接続�ピア証明書���通����。<br>
+
+    \return ��
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param mode ピア�証明書を��よ��検証�る�を示�フラグ値
+    \param verify_callback 証明書検証�失敗��際�呼�出�れるコール�ック関数。必�����らNULLを指定�る��。
+
     _Example_
     \code
     WOLFSSL_CTX*    ctx    = 0;
@@ -1633,11 +2252,31 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
                                       VerifyCallback verify_callback);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数�リモートピア�検証方法を設定����SSLセッション�登録�る�を登録�る��も����。検証コール�ック��検証障害�発生��場����呼�出�れ��。検証コール�ック�必��場���NULL�インタをverify_callback�使用����。ピア証明書�検証モード��論�的���フラグ�リスト��。�能�フラグ値�次���り��.SSL_VERIFY_NONEクライアントモード：クライアント�サー�ー�ら�信��証明書を検証����ンドシェイク�通常��り続���。サー�ーモード：サー�ー�クライアント�証明書�求を�信���ん。�����クライアント検証�有効��り��ん。 ssl_verify_peerクライアントモード：クライアント��ンドシェイク中�サー�ー�ら�信��証明書を検証���。�れ�wolfssl��デフォルト�オン��れ��。��������オプションを使用�る�効果��り��ん。サー�ーモード：サー�ー�証明書�求をクライアント��信���信��クライアント証明書を確����。 ssl_verify_fail_if_no_peer_certクライアントモード：クライアント��使用�れ����場��効果��り��ん。サー�ーモード：�求�れ����クライアント�証明書��信�失敗��場���サー�ー��検証�失敗���（SSLサー�ー�SSL_VERIFY_PEERを使用�る場�）。 ssl_verify_fail_except_pskクライアントモード：クライアント��使用�れ����場��効果��り��ん。サー�ーモード：PSK接続�場�を除��検証�ssl_verify_fail_if_no_peer_cert�����。 PSK接続�行�れ��る場��接続�ピア証明書���通����。
-    \return none  返���。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
-    \param mode  セッションタイムアウト値（秒��）。
+    \ingroup Setup
+    \brief  ��関数�リモートピア�検証方法を設定����証明書検証コール�ック関数をWOLFSSLオブジェクト�登録�る��も����。
+    検証コール�ック��検証障害�発生��場����呼�出�れ��。
+    検証コール�ック�必��場���NULL�インタをverify_callback�使用����。
+    ピア証明書�検証モード��論�的���フラグ�リスト��。
+    �能�フラグ値�次���り��:<br>
+    SSL_VERIFY_NONE<br>
+     -クライアントモード：クライアント�サー�ー�ら�信��証明書を検証����ンドシェイク�通常��り続���。<br>
+     -サー�ーモード：サー�ー�クライアント�証明書�求を�信���ん。�����クライアント検証�有効��り��ん。<br>
+    SSL_VERIFY_PEER<br>
+     -クライアントモード：クライアント��ンドシェイク中�サー�ー�ら�信��証明書を検証���。�れ�wolfSSL��デフォルト�オン��れ��。��������オプションを使用�る�効果��り��ん。<br>
+     -サー�ーモード：サー�ー�証明書�求をクライアント��信���信��クライアント証明書を確����。<br>
+    SSL_VERIFY_FAIL_IF_NO_PEER_CERT<br>
+     -クライアントモード：クライアント��使用�れ����場��効果��り��ん。<br>
+     -サー�ーモード：�求�れ����クライアント�証明書��信�失敗��場���サー�ー��検証�失敗���（SSLサー�ー�SSL_VERIFY_PEERを使用�る場�）。<br>
+    SSL_VERIFY_FAIL_EXCEPT_PSK<br>
+     -クライアントモード：クライアント��使用�れ����場��効果��り��ん。<br>
+     -サー�ーモード：PSK接続�場�を除��検証�SSL_VERIFY_FAIL_IF_NO_PEER_CERT�����。 PSK接続�行�れ��る場��接続�ピア証明書���通����。<br>
+
+    \return ��
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param mode ピア�証明書を��よ��検証�る�を示�フラグ値
+    \param verify_callback 証明書検証�失敗��際�呼�出�れるコール�ック関数。必�����らNULLを指定�る��。
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -1649,10 +2288,13 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
 void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback verify_callback);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��検証コール�ック����ユーザーCTXオブジェクト情報を格����。
-    \return none  返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return ��
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param ctx ボイド�インタ。WOLFSSL構造体�verifyCbCtx メン�ー�セット�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1672,10 +2314,12 @@ void wolfSSL_set_verify(WOLFSSL* ssl, int mode, VerifyCallback verify_callback);
 void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��検証コール�ック����ユーザーCTXオブジェクト情報を格����。
-    \return none  返���。
-    \param ctx  wolfssl_ctx構造���インタ。
+    \return ��
+    \param ctx  WOLFSSL_CTX構造体���インタ。
+    \param ctx ボイド�インタ。WOLFSSL_CTX構造体�verifyCbCtx メン�ー�セット�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1694,9 +2338,11 @@ void wolfSSL_SetCertCbCtx(WOLFSSL* ssl, void* ctx);
 void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��wolfssl_read（）�よ��読��られるSSLオブジェクト��ッファ�れ��る�イト数を返���。
-    \return int  ��関数���留中��イト数を返���。
+    \ingroup IO
+    \brief  ��関数��wolfSSL_read()�よ��読��られるWOLFSSLオブジェクト��ッファ�れ��る�イト数を返���。
+    \return ��関数���留中��イト数を返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int pending = 0;
@@ -1713,9 +2359,11 @@ void wolfSSL_CTX_SetCertCbCtx(WOLFSSL_CTX* ctx, void* userCtx);
 int  wolfSSL_pending(WOLFSSL*);
 
 /*!
-    \ingroup Debug 
-    \brief  ��機能�OpenSSL互�性（SSL_LOAD_ERROR_STRING）����り�アクションを�り��。
-    \return none  ���返���。
+    \ingroup Debug
+    \brief  ��機能�OpenSSL API（SSL_load_error_string）��互�性�目的���供���り処��行���ん。
+    \return ��
+    \param ��
+
     _Example_
     \code
     wolfSSL_load_error_strings();
@@ -1729,10 +2377,14 @@ int  wolfSSL_pending(WOLFSSL*);
 void wolfSSL_load_error_strings(void);
 
 /*!
-    \ingroup TLS 
-    \brief  ��関数�wolfssl_ctx_new（）内�内部的�呼�出�れ��。��関数�wolfssl_init（）�周囲�ラッパー��wolfssl�OpenSSL互�層�コンパイル�れ����OpenSSL互�性（ssl_library_init）�存在���。wolfssl_init（）��より一般的�使用�れ��るWolfSSL�期化機能��。
-    \return SSL_SUCCESS  �功��場��通話�戻り��。
+    \ingroup TLS
+    \brief  ��関数�wolfSSL_CTX_new()内�内部的�呼�出�れ��。
+    ��関数�wolfSSL_Init()�ラッパー��wolfSSL�OpenSSL互�層�コンパイル�れ����OpenSSL　API（ssl_library_init）��互�性�為�存在���。
+    wolfSSL_init()��より一般的�使用�れ��るwolfSSL�期化機能��。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。�返�れ��。
     \return SSL_FATAL_ERROR  失敗�����返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -1748,10 +2400,12 @@ void wolfSSL_load_error_strings(void);
 int  wolfSSL_library_init(void);
 
 /*!
-    \brief  
-    \return WOLFSSL_SUCCESS  �功�る�。
-    \return BAD_FUNC_ARG  SSL�NULL�場�
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \brief ��関数�WOLFSSLオブジェクトレベル�Device Idをセット���。
+    \return WOLFSSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param devId �ードウエア�共�使用�る際�指定�るID
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -1766,10 +2420,14 @@ int  wolfSSL_library_init(void);
 int wolfSSL_SetDevId(WOLFSSL* ssl, int devId);
 
 /*!
-    \brief  
-    \return WOLFSSL_SUCCESS  �功�る�。
-    \return BAD_FUNC_ARG  SSL�NULL�場�
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \brief ��関数�WOLFSSL_CTXレベル�Device Idをセット���。
+
+    \return WOLFSSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param devId �ードウエア�共�使用�る際�指定�るID
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -1784,10 +2442,12 @@ int wolfSSL_SetDevId(WOLFSSL* ssl, int devId);
 int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId);
 
 /*!
-    \brief  
-    \return devId  �功�る�。
-    \return INVALID_DEVID  SSL�CTX�両方�NULL�場�。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \brief ��関数�WOLFSSL_CTXレベル�Device Idを�得���。
+    \return devId  �功時�返�れ��。
+    \return INVALID_DEVID  SSL�CTX�両方�NULL�場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -1801,10 +2461,17 @@ int wolfSSL_CTX_SetDevId(WOLFSSL_CTX* ctx, int devId);
 int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数�SSLセッションキャッシュを有効���無効����。動作�モード�使用�れる値�よ��異�り��。モード�値�次���り��.SSL_SESS_CACHE_OFF  - セッションキャッシングを無効����。デフォルト�セッションキャッシング�オン�������。SSL_SESS_CACHE_NO_AUTO_CLEAR  - セッションキャッシュ�オートフラッシュを無効����。デフォルト�自動フラッシング�オン�������。
+    \ingroup Setup
+    \brief  ��関数�SSLセッションキャッシュ機能を有効���無効����。
+    動作�モード�使用�れる値�よ��異�り��。
+    モード�値�次���り��：  
+    SSL_SESS_CACHE_OFF  - セッションキャッシングを無効����。デフォルト�セッションキャッシング�オン�������。  
+    SSL_SESS_CACHE_NO_AUTO_CLEAR  - セッションキャッシュ�オートフラッシュを無効����。デフォルト�自動フラッシング�オン�������。  
+
     \return SSL_SUCCESS  �功�戻り��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param mode セッションキャッシュ�振る舞�を変更�る為�使用���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -1823,10 +2490,15 @@ int wolfSSL_CTX_GetDevId(WOLFSSL_CTX* ctx, WOLFSSL* ssl);
 long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
 
 /*!
-    \brief  SessionSecRETCBタイプ���署���り��。int（* sessioneCretcb）（wolfssl * ssl�void * secret�int * secretsz�void * ctx）。WolfSSL構造体�SESSIONSECRETCBメン�ー�パラメータCB�設定�れ����。
+    \brief  ��関数�セッションシークレットコール�ック関数をセット���。
+    SessionSecretCbタイプ�次�シグ��ャ�������：int（* sessioneCretcb）（wolfssl * ssl�void * secret�int * secretsz�void * ctx）。
+    WOLFSSL構造体�sessionSecretCbメン�ー�引数cb�設定�れ��。
     \return SSL_SUCCESS  関数�実行�エラーを返�れ����場��返�れ��。
-    \return SSL_FATAL_ERROR  WolfSSL構造�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return SSL_FATAL_ERROR  WOLFSSL構造�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param cb セッションシークレットコール�ック関数�インタ。
+    \param ctx セッションシークレットコール�ック関数�渡�れるユーザーコンテキスト。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -1844,12 +2516,14 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
 int  wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�セッションキャッシュをファイル��続���。追加�メモリ使用����MEMSAVE�使用�れ��ん。
+    \ingroup IO
+    \brief  ��関数�セッションキャッシュをファイル��続���。追加�メモリ使用����memsave�使用�れ��ん。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。セッションキャッシュ�ファイル�書�込�れ���。
     \return SSL_BAD_FILE  FNAMEを開�����������れ以外�場��破���場��返�れ��。
     \return FWRITE_ERROR  XfWrite�ファイル��書�込��失敗��場��返�れ��。
-    \return BAD_MUTEX_E  ミューテックスロック障害�発生��場��返�れ��。
+    \return BAD_MUTEX_E  ミューテックスロック障害�発生��場��返�れ��。
+    \param fname 書�込�対象ファイル����インタ。
+
     _Example_
     \code
     const char* fname;
@@ -1862,16 +2536,19 @@ int  wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
     \sa wolfSSL_restore_session_cache
     \sa wolfSSL_memrestore_session_cache
 */
-int  wolfSSL_save_session_cache(const char*);
+int  wolfSSL_save_session_cache(const char* fname);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�ファイル�ら永続セッションキャッシュを復元���。追加�メモリ使用����MEMSTORE�使用���ん。
+    \ingroup IO
+    \brief  ��関数�ファイル�ら永続セッションキャッシュを復元���。追加�メモリ使用����memstore�使用���ん。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return SSL_BAD_FILE  関数�渡�れ�ファイル�破�����XFOPEN�よ��開����������場��返�れ��。
-    \return FREAD_ERROR  ファイル�XFREAD�ら読��りエラー�発生��場��返�れ��。
+    \return FREAD_ERROR  ファイル�XFREAD�ら読��りエラー�発生��場��返�れ��。
     \return CACHE_MATCH_ERROR  セッションキャッシュヘッダ�一致�失敗��場��返�れ��。
-    \return BAD_MUTEX_E  ミューテックスロック障害�発生��場��返�れ��。
+    \return BAD_MUTEX_E  ミューテックスロック障害�発生��場��返�れ��。
+    \param fname キャシュを読��る���ファイル����インタ。
+
+
     _Example_
     \code
     const char *fname;
@@ -1883,15 +2560,17 @@ int  wolfSSL_save_session_cache(const char*);
     \sa XFREAD
     \sa XFOPEN
 */
-int  wolfSSL_restore_session_cache(const char*);
+int  wolfSSL_restore_session_cache(const char* fname);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�セッションキャッシュをメモリ������。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。セッションキャッシュ�メモリ�正常�永続化�れ���。
-    \return BAD_MUTEX_E  ミューテックスロックエラー�発生��場��返�れ��。
+    \return BAD_MUTEX_E  ミューテックスロックエラー�発生��場��返�れ��。
     \return BUFFER_E  �ッファサイズ�����る�返�れ��。
-    \param mem  メモリコピーxmemcpy（）�宛先を表�void�インタ。
+    \param mem  セッションキャッシュ�コピー先�ッファ���インタ
+    \param sz コピー先�ッファ�サイズ
+
     _Example_
     \code
     void* mem;
@@ -1907,13 +2586,15 @@ int  wolfSSL_restore_session_cache(const char*);
 int  wolfSSL_memsave_session_cache(void* mem, int sz);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�メモリ�ら永続セッションキャッシュを復元���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return BUFFER_E  メモリ�ッファ�����る�返�れ��。
     \return BAD_MUTEX_E  セッションキャッシュミューテックスロック�失敗��場��返�れ��。
     \return CACHE_MATCH_ERROR  セッションキャッシュヘッダ�一致�失敗��場��返�れ��。
-    \param mem  復元�原因を�む定数�ボイド�インタ。
+    \param mem  セッションキャッシュを�����る�ッファ���インタ。
+    \param sz �ッファ�サイズ
+
     _Example_
     \code
     const void* memoryFile;
@@ -1928,9 +2609,10 @@ int  wolfSSL_memsave_session_cache(void* mem, int sz);
 int  wolfSSL_memrestore_session_cache(const void* mem, int sz);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��セッションキャッシュ�存�ッファを��よ��大���る�を返���。
-    \return int  ��関数��セッションキャッシュ�存�ッファ�サイズを表�整数を返���。
+    \return ��関数��セッションキャッシュ�存�ッファ�サイズを表�整数を返���。
+
     _Example_
     \code
     int sz = // Minimum size for error checking;
@@ -1944,7 +2626,7 @@ int  wolfSSL_memrestore_session_cache(const void* mem, int sz);
 int  wolfSSL_get_session_cache_memsize(void);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�Certキャッシュをメモリ�らファイル�書�込���。
     \return SSL_SUCCESS  CM_SaveCertCache�正常�終了��場�。
     \return BAD_FUNC_ARG  引数���れ��引数�NULL�場��返�れ��。
@@ -1952,7 +2634,9 @@ int  wolfSSL_get_session_cache_memsize(void);
     \return BAD_MUTEX_E  ロックミューテックス�失敗��場�
     \return MEMORY_E  メモリ�割り当��失敗����。
     \return FWRITE_ERROR  証明書キャッシュファイル�書�込��失敗����。
-    \param ctx  wolfssl_ctx構造���インタ�証明書情報を�����。
+    \param ctx  WOLFSSL_CTX構造体���インタ�証明書情報を�����。
+    \param fname  出力先ファイル����インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol def );
@@ -1968,13 +2652,15 @@ int  wolfSSL_get_session_cache_memsize(void);
 int  wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�ファイル�ら証明書キャッシュを担当���。
-    \return SSL_SUCCESS  関数cm_restorecertcache�正常�実行�れ�場��返�れ��。
-    \return SSL_BAD_FILE  xfopen�xbadfileを返��返�れ��。ファイル�破������。
+    \return SSL_SUCCESS 正常�実行�れ�場��返�れ��。
+    \return SSL_BAD_FILE  XFOPEN�XBADFILEを返��返�れ��。ファイル�破������。
     \return MEMORY_E  TEMP�ッファ�割り当�られ�メモリ�失敗��場��返�れ��。
-    \return BAD_FUNC_ARG  FNAME���CTX�NULL値��る場��返�れ��。
-    \param ctx  wolfssl_ctx構造���インタ�証明書情報を�����。
+    \return BAD_FUNC_ARG  引数fname���引数ctx�NULL��る場��返�れ��。
+    \param ctx  WOLFSSL_CTX構造体���インタ�証明書情報を�����。
+    \param fname 証明書キャッシュを読��るファイル����インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -1991,15 +2677,17 @@ int  wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
 int  wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�証明書キャッシュをメモリ��続���。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。エラー�投�られ����ん。
-    \return BAD_MUTEX_E  wolfssl_cert_managerメン�ー�カーボック�0（ゼロ）������ミューテックスエラー。
-    \return BAD_FUNC_ARG  CTX�MEM����使用�NULL�場�����SZ�0以下�場�（0（ゼロ）。
+    \return BAD_MUTEX_E  WOLFSSL_CERT_MANAGER構造体�caLockメン�ー0（ゼロ）������。
+    \return BAD_FUNC_ARG  引数ctx�mem�NULL�場�����sz�0以下�場��返�れ��。
     \return BUFFER_E  出力�ッファMEM��������。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \param mem  宛先��void�インタ（出力�ッファ）。
     \param sz  出力�ッファ�サイズ。
+    \param used 証明書キャッシュヘッダー�サイズを格��る変数���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol );
@@ -2019,15 +2707,17 @@ int  wolfSSL_CTX_restore_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
 int  wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* used);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�証明書キャッシュをメモリ�ら復元���。
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  CTX���MEMパラメータ�NULL���SZパラメータ�ゼロ以下�場��返�れ��。
     \return BUFFER_E  CERTキャッシュメモリ�ッファ�����る�戻り��。
     \return CACHE_MATCH_ERROR  CERTキャッシュヘッダー��一致����場��返�れ��。
     \return BAD_MUTEX_E  ロックミューテックス�失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
-    \param mem  証明書キャッシュ�復元�れる値を��void�インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+    \param mem  証明書キャッシュ�復元�れる値を�����る�ッファ���インタ。
+    \param sz �ッファ�サイズ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
@@ -2044,11 +2734,14 @@ int  wolfSSL_CTX_memsave_cert_cache(WOLFSSL_CTX* ctx, void* mem, int sz, int* us
 int  wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  Certificate Cache Save�ッファ�必��サイズを返���。
-    \return int  �功�����メモリサイズを表�整数値。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�NULL�場��返�れ��。
-    \return BAD_MUTEX_E   - ミューテックスロックエラー�発生��場��返�れ��。
+    \return メモリサイズを返���。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�NULL�場��返�れ��。
+    \return BAD_MUTEX_E ミューテックスロックエラー�発生��場��返�れ��。
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(protocol);
@@ -2061,14 +2754,25 @@ int  wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz
     \endcode
     \sa CM_GetCertCacheMemSize
 */
-int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
+int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��与�られ�wolfssl_ctx�暗�スイートリストを設定���。��Cipher Suiteリスト����コンテキストを使用��作��れ�新��SSLセッション（WolfSSL）�デフォルトリスト��り��。リスト内�暗���最高�ら最低��好��順�ソート�れる����。wolfssl_ctx_set_cipher_list（）��呼�出���関数�呼�出�れる����特定�SSLコンテキスト�暗�スイートリストを�供�れ�リスト�リセット���。暗�スイートリスト�リスト��ヌル終端テキスト文字列��よ�コロン区切りリスト��。�����リスト�値�「DHE-RSA-AES256-SHA256：DHE-RSA-AES128-SHA256：AES256-SHA256�有効�暗�値��src / internal.c�cipher_names []�列�フル�ーム値��。（有効�暗�化値�明確�リスト�場��src / internal.cを�ェック������）
-    \return SSL_SUCCESS  機能完了��功�����返�れ��。
+    \ingroup Setup
+    \brief  ��関数��与�られ�WOLFSSL_CTX�暗�スイートリストを設定���。
+    ��暗�スイートリスト����コンテキストを使用��作��れ�新��SSLセッション（WolfSSL）�デフォルトリスト��り��。
+    リスト内�暗���優先度�高�も��順�順�ソート�れる����。
+    wolfSSL_CTX_set_cipher_list()�呼�出�れる都度�特定�SSLコンテキスト�暗�スイートリストを�供�れ�リスト�リセット���。
+    暗�スイートリスト�ヌル終端�れ�コロン区切りリスト��。
+    �����リスト�値�「DHE-RSA-AES256-SHA256：DHE-RSA-AES128-SHA256：AES256-SHA256�有効�暗�値��src/internal.c�cipher_names []�列�フル�ーム値��。
+    （有効�暗�化値�明確�リスト�場��src/internal.cを�ェック������）
+
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return SSL_FAILURE  失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+    \param list ヌル終端�れ�コロン区切り�暗�スイートリスト文字列���インタ。
+
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -2085,11 +2789,21 @@ int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
 int  wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��特定�WolfSSLオブジェクト（SSLセッション）�暗�スイートリストを設定���。リスト内�暗���最高�ら最低��好��順�ソート�れる����。wolfssl_set_cipher_list（）��呼�出���関数�呼�出�れる����特定�SSLセッション�暗�スイートリストを�供�れ�リスト�リセット���。暗�スイートリスト�リスト��ヌル終端テキスト文字列��よ�コロン区切りリスト��。例���リスト����1��値��「DHE-RSA-AES256-SHA256：DHE-RSA-AES128-SHA256：AES256-SHA256���り得る。有効�暗�化値��src / internal.c（有効�暗�化値�明確�リスト�リスト�場��src / internal.cを指定������）�cipher_names []�列�フル�ーム値��。
+    \ingroup Setup
+    \brief  ��関数��特定�WolfSSLオブジェクト（SSLセッション）�暗�スイートリストを設定���。
+    ��暗�スイートリスト����コンテキストを使用��作��れ�新��SSLセッション（WolfSSL）�デフォルトリスト��り��。
+    リスト内�暗���優先度�高�も��順�順�ソート�れる����。
+    wolfSSL_CTX_set_cipher_list()�呼�出�れる都度�特定�SSLコンテキスト�暗�スイートリストを�供�れ�リスト�リセット���。
+    暗�スイートリスト�ヌル終端�れ�コロン区切りリスト��。
+    �����リスト�値�「DHE-RSA-AES256-SHA256：DHE-RSA-AES128-SHA256：AES256-SHA256�有効�暗�値��src/internal.c�cipher_names []�列�フル�ーム値��。
+    （有効�暗�化値�明確�リスト�場��src/internal.cを�ェック������）
+
     \return SSL_SUCCESS  機能完了��功�����返�れ��。
     \return SSL_FAILURE  失敗��場��返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param list ヌル終端�れ�コロン区切り�暗�スイートリスト文字列���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -2107,9 +2821,14 @@ int  wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list);
 int  wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list);
 
 /*!
-    \brief  UDP I / O�ノンブロッキング��。アプリケーション�WolfSSLオブジェクトを作���後�ブロック�れ����UDPソケット�使用�れる場���WolfsSL_DTLS_SET_USING_NONBLOCK（）を呼�出���。�れ�より�wolfsslオブジェクト��Ewouldblockを�信�る��を�味���。
-    \return none  返���。
-    \param ssl  wolfssl_new（）�作��れ�DTLSセッション���インタ。
+    \brief  ��関数�WOLFSSL DTLSオブジェクト�下層�UDP I/O�ノンブロッキング��る��を通知���。
+    アプリケーション�WOLFSSLオブジェクトを作���後�ノンブロッキングUDPソケットを使用�る場���wolfSSL_dtls_set_using_nonblock()を呼�出���。
+    �れ�より�WOLFSSLオブジェクト��recvfrom呼�出��タイムアウト���EWOULDBLOCKを�信�る��を�味���。
+    \return ��
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param nonblock WOLFSSL構造体�ノンブロッキングI/Oを使用���る��を指定�るフラグ。ノンブロッキングを使用���る場���１を指定��れ以外�0を指定������。
+
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -2122,9 +2841,14 @@ int  wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list);
 */
 void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
 /*!
-    \brief  UDPを使用���ブロッキングI / Oを使用�る。WolfSSL�ノンブロッキングI / Oを使用���る場����関数�1を返���。�れ�より�wolfsslオブジェクト��Ewouldblockを�信�る��を�味���。��機能�DTLSセッション�������味��り��。
-    \return 0  基礎��るI / O�ブロック�れ����。
-    \return 1  基礎��るI / O��ブロッキング��。
+    \brief  ��関数�WOLFSSL DTLSオブジェクト�下層�UDPノンブロッキングI/Oを使用���る���を�得���。
+    WOLFSSLオブジェクト�ノンブロッキングI/Oを使用���る場����関数�1を返���。
+    �れ�より�WOLFSSLオブジェクト��EWOULDBLOCKを�信�る��を�味���。
+    ��機能�DTLSセッション�������味��り��。
+    \return 0  基礎��るI/O�ブロック�れ����。
+    \return 1  基礎��るI/O�ノンブロッキング��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int ret = 0;
@@ -2140,11 +2864,15 @@ void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
     \sa wolfSSL_dtls_got_timeout
     \sa wolfSSL_dtls_set_using_nonblock
 */
-int  wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
+int  wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl);
 /*!
-    \brief  wolfsslオブジェクト。�断�れ����ソケットを使用�る場��ユーザーコード内�何���利用�能�RECVデータを�ェック�る������も待機���る��を決定�る必���り��。��関数�よ��返�れる値��アプリケーション����ら�待機�る�を示���。
+    \brief  ��関数��在�タイムアウト値を秒���返���。
+    ノンブロッキングソケットを使用�る場��ユーザーコード���利用�能�recvVデータ�到�を�ェック�るタイミングや待���時間を知る必���り��。
+    ��関数�よ��返�れる値��アプリケーション����ら�待機�る�を示���。
     \return seconds  �在�DTLSタイムアウト値（秒）
-    \return NOT_COMPILED_IN  WolfSSL�DTLSサ�ート�構築�れ����場�。
+    \return NOT_COMPILED_IN  wolfSSL�DTLSサ�ート�構築�れ����場�。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     int timeout = 0;
@@ -2161,11 +2889,52 @@ int  wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
 int  wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \brief ��関数�アプリケーション�より早�タイムアウト時間を設定�る必���る場��trueを返���。
+    ノンブロッキングソケットを使用�る場��ユーザーコード��信データ�到����る�何時�ェック�る��
+    �る�����ら��時間待��よ���を決�る必���り��。
+    ��関数� true を返��場��ライブラリ����通信�中断を検出������
+    他�ピア�ら�メッセージ����信中�場��備���も�少�待機�る必���る��を�味���。
+    ��タイマー�値を微調整�る��アプリケーション次第����dtls_get_current_timeout()/4�最���。
+
+    \return true アプリケーション�より早�タイムアウトを設定�る必���る場��返�れ��。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
+    \sa wolfSSL_dtls
+    \sa wolfSSL_dtls_get_peer
+    \sa wolfSSL_dtls_got_timeout
+    \sa wolfSSL_dtls_set_peer
+    \sa wolfSSL_dtls13_set_send_more_acks
+*/
+int  wolfSSL_dtls13_use_quick_timeout(WOLFSSL *ssl);
+/*!
+  \ingroup Setup
+
+    \brief ��関数��ライブラリ�中断を検出��������他�ピア�ACKを�信�る����を設定���。
+    ACKを����信�る���延�最���抑�られ����必�以上�多��帯域幅�消費�れる�能性��り��。
+    アプリケーション�独自�タイマーを管����り���オプション�0�設定�れ��る場��
+    アプリケーションコード�wolfSSL_dtls13_use_quick_timeout()を使用���
+    �延��ACKを�信�る���より速�タイムアウトを設定�る必���る����を判断����。
+
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param value 設定を行�場���１を行���場���0を設定���。
+
+    \sa wolfSSL_dtls
+    \sa wolfSSL_dtls_get_peer
+    \sa wolfSSL_dtls_got_timeout
+    \sa wolfSSL_dtls_set_peer
+    \sa wolfSSL_dtls13_use_quick_timeout
+*/
+void  wolfSSL_dtls13_set_send_more_acks(WOLFSSL *ssl, int value);
+
+/*!
+    \ingroup Setup
     \brief  ��関数�DTLSタイムアウトを設定���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。SSL�DTLS_TIMEOUT_INIT�DTLS_TIMEOUTメン�ー�設定�れ����。
-    \return BAD_FUNC_ARG  wolfssl struct�null�場�����タイムアウト�0以下�場��返�れ��。タイムアウト引数�許��れ��る最大値を超�る��戻り��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  引数ssl�NULL�場�����タイムアウト�0以下�場��返�れ��。タイムアウト引数�許��れ��る最大値を超���る場��も返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param value タイムアウトオプションを有効��る場���1を指定��無効��る場���0を指定���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -2184,10 +2953,12 @@ int  wolfSSL_dtls_get_current_timeout(WOLFSSL* ssl);
 int  wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl構造体�NULL�場�����TIMEOUT引数�ゼロ以下��る場�����WolfSSL構造体�DTLS_TIMEOUT_INITメン�ーよりも���場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param timeout 最大タイムアウト時間
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -2205,10 +2976,13 @@ int  wolfSSL_dtls_set_timeout_init(WOLFSSL* ssl, int);
 int  wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
 
 /*!
-    \brief  制御コード��信�タイムアウト���考�る��WolfSSLオブジェクト�呼�出�れ��。タイムアウト値�調整を�む�最後��信を�試行�る���必���作を実行���。長��る���れ�失敗を返���。
-    \return SSL_SUCCESS  �功�戻り��
+    \brief  DTLS�ノンブロッキングソケットを使用�る場����関数��信�タイムアウト���考�られる場��呼�出�れる必���り��。
+    タイムアウト値�調整���最後��信を�試行�る���必��アクションを実行���。 時間���り��る��失敗�返�れ��。
+
+    \return SSL_SUCCESS  �功時�戻り��
     \return SSL_FATAL_ERROR  ピア�ら�応答を得る�������信/タイムアウト�多��る場��返�れ��。
-    \return NOT_COMPILED_IN  WolfSSL�DTLSサ�ート�コンパイル�れ����場��返�れ��。
+    \return NOT_COMPILED_IN wolfSSL�DTLSサ�ート�コンパイル�れ����場��返�れ��。
+
     _Example_
     \code
     See the following files for usage examples:
@@ -2223,9 +2997,32 @@ int  wolfSSL_dtls_set_timeout_max(WOLFSSL* ssl, int);
 int  wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
 
 /*!
-    \brief  DTLSを使用�るよ��構��れ����。
+    \brief DTLS�ノンブロッキングソケットを使用�る場����関数�予想�れるタイムアウト値���信回数を無視��最後��ンドシェイクフライトを��信���。
+    �れ��DTLSを使用���り�タイムアウトや�試行回数も管��る必���るアプリケーション�役立���。
+
+    \return SSL_SUCCESS �功時�戻り��
+    \return SSL_FATAL_ERROR ピア�ら�応答�得られ������信/タイムアウト�多��る場��返�れ��。
+    \param ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
+    _Example_
+    \code
+    int ret = 0;
+    WOLFSSL* ssl;
+    ...
+    ret = wolfSSL_dtls_retransmit(ssl);
+    \endcode
+
+    \sa wolfSSL_dtls_get_current_timeout
+    \sa wolfSSL_dtls_got_timeout
+    \sa wolfSSL_dtls
+*/
+int wolfSSL_dtls_retransmit(WOLFSSL* ssl);
+
+/*!
+    \brief  DTLSを使用�るよ��構��れ��る����を�得���。
     \return 1  SSLセッション（SSL）�DTLSを使用�るよ��設定�れ��る場����関数�1を返���。
-    \return 0  �����れ�。
+    \return 0  �����場��返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -2244,12 +3041,14 @@ int  wolfSSL_dtls_got_timeout(WOLFSSL* ssl);
 int  wolfSSL_dtls(WOLFSSL* ssl);
 
 /*!
-    \brief  ピースズ。
-    \return SSL_SUCCESS  �功�戻り��。
-    \return SSL_FAILURE  失敗�����返�れ��。
-    \return SSL_NOT_IMPLEMENTED  WolfSSL�DTLSサ�ート�コンパイル�れ����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param peer  ピア�SOCKADDR_IN構造���インタ。
+    \brief  ��関数�引数peer�与�られるアドレスをDTLS�ピア���セット���。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  失敗時�返�れ��。
+    \return SSL_NOT_IMPLEMENTED  wolfSSL�DTLSをサ�ート�るよ��コンパイル�れ����場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param peer  ピア�アドレスを�むsockaddr_in構造体���インタ。
+    \param peerSz sockaddr_in構造体�サイズ。0�指定�れ�場���ssl�設定�れ��るピア�情報をクリア���。
+
     _Example_
     \code
     int ret = 0;
@@ -2269,12 +3068,16 @@ int  wolfSSL_dtls(WOLFSSL* ssl);
 int  wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz);
 
 /*!
-    \brief  DTLSピア��関数��PeerszをSSLセッション�格��れ��る実際�DTLSピアサイズ�比較���。ピア�ピア���る場��ピア�SOCKADDR_IN�ピア�コピー�れ�ピース�ピア�サイズ�設定�れ��。
-    \return SSL_SUCCESS  �功�戻り��。
-    \return SSL_FAILURE  失敗�����返�れ��。
-    \return SSL_NOT_IMPLEMENTED  WolfSSL�DTLSサ�ート�コンパイル�れ����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param peer  ピア�SOCKADDR_IN構造を�存�る���メモリ�場所���インタ。
+    \brief  ��関数���在�DTLSピア�sockaddr_in(サイズpeerSz)を�得���。
+    ��関数��peerSzをSSLセッション��存�れ��る実際�DTLSピアサイズ�比較���。
+    ピアアドレス�peer���る場���peerSz�ピア�サイズ�設定�れ��ピア�sockaddr_in�peer�コピー�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FAILURE  失敗時�返�れ��。
+    \return SSL_NOT_IMPLEMENTED  wolfSSL�DTLSをサ�ート�るよ��コンパイル�れ����場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+    \param peer  ピア�sockaddr_in構造体を�存�る����ッファ���インタ。
+    \param peerSz サイズを格��る変数。入力時��引数peer�示�れる�ッファ�サイズを指定������。出力時��実際�sockaddr_in構造体�サイズを返���。
+
     _Example_
     \code
     int ret = 0;
@@ -2294,11 +3097,16 @@ int  wolfSSL_dtls_set_peer(WOLFSSL* ssl, void* peer, unsigned int peerSz);
 int  wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��wolfssl_get_error（）�よ��返�れ�エラーコードをより人間�読�るエラー文字列�変����。errnumber��wolfssl_get_error（）�よ��返�れ�データ�エラー文字列��置�れるストレージ�ッファ��。MAX_ERROR_SZ�定義�れ��るよ���データ�最大長�デフォルト�80文字��。�れ�wolfssl / wolfcrypt / error.h��。
-    \return success  正常�完了�る����関数�データ�返�れる����文字列を返���。
+    \ingroup Debug
+    \brief  ��関数��wolfSSL_get_error()�よ��返�れ�エラーコードをより人間�読�るエラー文字列�変����。
+    引数errNumber��wolfSSL_get_error()�よ��返�れ�引数data�エラー文字列��置�れる�ッファ���インタ��。
+    MAX_ERROR_SZ�定義�れ��るよ���データ�最大長�デフォルト�80文字��。
+    �れ�wolfssl/wolfcrypt/error.h�定義�れ����。
+    \return success  正常�完了�る����関数�data�返�れる����文字列を返���。
     \return failure  失敗�る����関数��切�障害�由�MSGを��文字列を返���。
-    \param errNumber  wolfssl_get_error（）�よ��返�れ�エラーコード。
+    \param errNumber  wolfSSL_get_error()�よ��返�れ�エラーコード。
+    \param data 人間�読�るエラー文字列を格����ッファ���インタ
+
     _Example_
     \code
     int err = 0;
@@ -2314,14 +3122,20 @@ int  wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
     \sa wolfSSL_ERR_print_errors_fp
     \sa wolfSSL_load_error_strings
 */
-char* wolfSSL_ERR_error_string(unsigned long,char*);
+char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��wolfssl_err_error_string（）��ージョン��。����len�buf�書�込�れ得る最大文字数を指定���。wolfssl_err_error_string（）��様����関数�wolfssl_get_error（）�ら返�れ�エラーコードをより人間�読�るエラー文字列�変����。人間�読�る文字列�buf�置�れ��。
-    \return none  ���返���。
-    \param e  wolfssl_get_error（）�よ��返�れ�エラーコード。
+    \ingroup Debug
+    \brief  ��関数��wolfssl_err_error_string()��ッファ�サイズを指定�る�ージョン��。
+    ����引数len�引数buf�書�込�れ得る最大文字数を指定���。
+    wolfSSL_err_error_string()��様����関数�wolfSSL_get_error()�ら返�れ�エラーコードをより人間�読�るエラー文字列�変����。
+    人間�読�る文字列�buf�置�れ��。
+    \return ��
+    \param e  wolfSSL_get_error()�よ��返�れ�エラーコード。
     \param buff  e�一致�る人間�読�るエラー文字列を�む出力�ッファ。
+    \param len 出力�ッファ�サイズ
+
+
     _Example_
     \code
     int err = 0;
@@ -2341,15 +3155,18 @@ void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
                                            unsigned long sz);
 
 /*!
-    \ingroup TLS 
-    \brief  ��関数��Options構造体�ClosEnotify���Connreset���SentNotifyメン�ー�シャットダウン�件を�ェック���。オプション構造�WolfSSL構造内��り��。
+    \ingroup TLS
+    \brief  ��関数��Options構造体�closeNotify���connReset���sentNotifyメン�ー�シャットダウン�件を�ェック���。
+    Options構造体�WOLFSSL構造体内��り��。
     \return 1  SSL_SENT_SHUTDOWN�返�れ��。
-    \return 2  ss_received_shutdown�返�れ��。
+    \return 2  SSL_RECEIVED_SHUTDOWN�返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
 
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
     WOLFSSL* ssl = WOLFSSL_new(ctx);
     …
     int ret;
@@ -2365,12 +3182,14 @@ void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
     \endcode
     \sa wolfSSL_SESSION_free
 */
-int  wolfSSL_get_shutdown(const WOLFSSL*);
+int  wolfSSL_get_shutdown(const WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��オプション構造体��開メン�を返���。フラグ�セッションを�利用�る����を示���。�����れ��新��セッションを確立�る必���り��。
     \return This  関数セッション��利用�フラグを表�オプション構造����れ��るint型を返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -2383,13 +3202,16 @@ int  wolfSSL_get_shutdown(const WOLFSSL*);
     \sa wolfSSL_GetSessionIndex
     \sa wolfSSL_memsave_session_cache
 */
-int  wolfSSL_session_reused(WOLFSSL*);
+int  wolfSSL_session_reused(WOLFSSL* ssl);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  ��関数��接続�確立�れ��る����を確����。
     \return 0  接続�確立�れ����場������WolfSSL構造体�NULL����ンドシェイク�行�れ����場��返�れ��。
     \return 1  接続�確立�れ����場��返�れ��.WolfSSL構造体�NULL����ンドシェイク�行�れ����ん。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
+    _Example_
     \code
     #include <wolfssl/ssl.h>
 
@@ -2404,10 +3226,10 @@ int  wolfSSL_session_reused(WOLFSSL*);
     \sa wolfSSL_get_keys
     \sa wolfSSL_set_shutdown
 */
-int  wolfSSL_is_init_finished(WOLFSSL*);
+int  wolfSSL_is_init_finished(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  文字列���使用�れ��るSSL�ージョンを返���。
     \return "SSLv3"  SSLv3を使�
     \return "TLSv1"  TLSV1を使用�る
@@ -2417,6 +3239,8 @@ int  wolfSSL_is_init_finished(WOLFSSL*);
     \return "DTLS":  DTLSを使�
     \return "DTLSv1.2"  DTLSV1.2を使用�る
     \return "unknown"  ���ージョン�TLS�使用�れ��る�を判断�る����題��り���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     wolfSSL_Init();
@@ -2429,13 +3253,15 @@ int  wolfSSL_is_init_finished(WOLFSSL*);
     \endcode
     \sa wolfSSL_lib_version
 */
-const char*  wolfSSL_get_version(WOLFSSL*);
+const char*  wolfSSL_get_version(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  SSLセッション��在�暗�スイートを返���。
     \return ssl->options.cipherSuite  �在�暗�スイートを表�整数。
     \return 0  �供�れ��るSSLセッション�NULL��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     wolfSSL_Init();
@@ -2457,10 +3283,12 @@ const char*  wolfSSL_get_version(WOLFSSL*);
 int  wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��SSLセッション��在�暗����インタを返���。
     \return The  関数WolfSSL構造体�暗�メン�ー�アドレスを返���。�れ�wolfssl_icipher構造���インタ��。
     \return NULL  WolfSSL構造�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -2478,13 +3306,15 @@ int  wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
     \sa wolfSSL_get_cipher_name_internal
     \sa wolfSSL_get_cipher_name
 */
-WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL*);
+WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��SSLオブジェクト内�Cipher Suite�使用�能�スイート�一致��文字列表�を返���。
     \return string  ��関数��一致��暗�スイート�文字列表�を返���。
     \return none  スイート�一致�����場��「���を返���。
+    \param cipher WOLFSSL_CIPHER構造体���インタ
+
     _Example_
     \code
     // gets cipher name in the format DHE_RSA ...
@@ -2507,9 +3337,11 @@ WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL*);
 const char*  wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��SSLオブジェクト内�暗�スイート�使用�能�スイート�一致���。
     \return This  関数Suite�一致���String値を返���。スイート�一致�����場��「���を返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     #ifdef WOLFSSL_DTLS
@@ -2525,13 +3357,23 @@ const char*  wolfSSL_CIPHER_get_name(const WOLFSSL_CIPHER* cipher);
     \sa wolfSSL_CIPHER_get_name
     \sa wolfSSL_get_current_cipher
 */
-const char*  wolfSSL_get_cipher(WOLFSSL*);
+const char*  wolfSSL_get_cipher(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl構造�ら�wolfssl_sessionを�照型���返���。�れ���wolfssl_session_freeを呼�出��セッション�照を解除�る必���り��。 wolfssl_session��セッション��開を実行�る���必������必��情報を�む��を指摘��新���ンドシェイク���接続を�確立���。セッション��開�場��wolfssl_shutdown（）をセッションオブジェクト�呼�出����アプリケーション�オブジェクト�らwolfssl_get1_session（）を呼�出���存�る必���り��。�れ�セッション���インタを返���。後��アプリケーション�新��WolfSSLオブジェクトを作����存��セッションをwolfssl_set_session（）�割り当�る必���り��。��時点��アプリケーション�wolfssl_connect（）を呼�出��WolfSSL�セッションを�開�よ�����。 WolfSSLサー�ーコード���デフォルト�セッション��開を許����。 wolfssl_get1_session（）�よ��返�れ�オブジェクト��アプリケーション��れを使用���れを使用��解放�れる必���り��。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL構造体�らWOLFSSL_SESSIONを�照型���返���。
+    �れ���wolfSSL_SESSION_freeを呼�出��セッション�照を解除�る必���り��。
+    WOLFSSL_SESSION��セッション��開を実行�る���必������必��情報を���新���ンドシェイク���接続を�確立���。
+    セッション��開�場��wolfSSL_shutdown()をセッションオブジェクト�呼�出����アプリケーション�オブジェクト�らwolfssl_get1_session()を呼�出���存�る必���り��。
+    �れ�セッション���インタを返���。
+    ��後�アプリケーション�新��WOLFSSLオブジェクトを作����存��セッションをwolfssl_set_session()�割り当�る必���り��。
+    ��時点��アプリケーション�wolfssl_connect()を呼�出��WolfSSL�セッションを�開�よ�����。
+    WolfSSLサー�ーコード���デフォルト�セッション��開を許����。
+    wolfssl_get1_session()�よ��返�れ�オブジェクト��アプリケーション�使用後�解放�れる必���り��。
     \return WOLFSSL_SESSION  �功�場��セッション�インタを返���。
-    \return NULL  SSL�NULL�場��SSLセッションキャッシュ�無効�����る場��WolfSSL�セッションIDを使用��������ミューテックス関数�失敗���。
+    \return NULL  ssl�NULL�場��SSLセッションキャッシュ�無効�����る場��WolfSSL�セッションIDを使用��������ミューテックス関数�失敗���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -2552,10 +3394,11 @@ const char*  wolfSSL_get_cipher(WOLFSSL*);
 WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  wolfsslv23_client_method（）関数��アプリケーション�クライアント��る��を示����使用�れ�SSL 3.0  -  TLS 1.3�間�サー�ー�サ�ート�れ��る最高�プロトコル�ージョンをサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。WolfSSLクライアント�サー�ー�両方�堅牢��ージョン�ダウングレード機能を������。特定�プロトコル�ージョンメソッド���ら���使用�れ��る場������ージョン����ゴシエート�れ�り�エラー�返�れ��。�����TLSV1を使用��SSLv3���接続�よ���るクライアント��TLSV1.1�接続��も失敗���。���題を解決�る����wolfsslv23_client_method（）関数を使用�るクライアント��サー�ー�サ�ート�れ��る最高�プロトコル�ージョンを使用��必��応��SSLv3�ダウングレード���。��場��クライアント�SSLv3  -  TLSv1.3を実行���るサー�ー�接続��るよ���り��。
-    \return pointer  �功�る��wolfssl_method���インタ��り��。
-    \return Failure  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \ingroup Setup
+    \brief  wolfsslv23_client_method()関数��アプリケーション�クライアント��る��を示����使用�れ�SSL 3.0~TLS 1.3�間�サー�ー�サ�ート�れ��る最高�プロトコル�ージョンをサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。WolfSSLクライアント�サー�ー�両方�堅牢��ージョン�ダウングレード機能を������。特定�プロトコル�ージョンメソッド���ら���使用�れ��る場������ージョン����ゴシエート�れ�り�エラー�返�れ��。�����TLSV1を使用��SSLv3���接続�よ���るクライアント��TLSV1.1�接続��も失敗���。���題を解決�る����wolfsslv23_client_method()関数を使用�るクライアント��サー�ー�サ�ート�れ��る最高�プロトコル�ージョンを使用��必��応��SSLv3�ダウングレード���。��場��クライアント�SSLv3  -  TLSv1.3を実行���るサー�ー�接続��るよ���り��。
+    \return pointer  �功�る��wolfssl_method���インタ�返�れ��。
+    \return Failure  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�ENOMEM�設定�れ��）。
+
     _Example_
     \code
     WOLFSSL_METHOD* method;
@@ -2579,11 +3422,13 @@ WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
 WOLFSSL_METHOD* wolfSSLv23_client_method(void);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��内部メモリ�ッファ�先頭���イト�インタを設定�る���使用�れ��。
+    \ingroup IO
+    \brief  ��関数��内部メモリ�ッファ�先頭���イト�インタを設定�る���使用�れ��。
     \return size  �功�る���ッファ�サイズ�返�れ��
     \return SSL_FATAL_ERROR  エラーケース�����場�
-    \param bio  �メモリ�ッファを�得�る���wolfssl_bio構造。
+    \param bio  �メモリ�ッファを�得�る���WOLFSSL_BIO構造体。
+    \param p メモリ�ッファ���インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2601,11 +3446,13 @@ WOLFSSL_METHOD* wolfSSLv23_client_method(void);
 int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  使用�るBIO�ファイル記述�を設定���。
-    \return SSL_SUCCESS(1)  �功�る�。
+    \return SSL_SUCCESS(1)  �功時�返�れ��。
     \param bio  FDを設定�る���WOLFSSL_BIO構造。
     \param fd  使用�るファイル記述�。
+    \param closeF fdをクローズ�る際��る��を指定�るフラグ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2619,10 +3466,12 @@ int wolfSSL_BIO_get_mem_data(WOLFSSL_BIO* bio,void* p);
 long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
 
 /*!
-    \ingroup IO 
-    \brief  BIO�解放�れ����I / Oストリームを閉�る必���る��を示����使用�れるクローズフラグを設定���。
-    \return SSL_SUCCESS(1)  �功�る�。
-    \param bio  wolfssl_bio構造体。
+    \ingroup IO
+    \brief  BIO�解放�れ����I/Oストリームを閉�る必���る��を示����使用�れるクローズフラグを設定���。
+    \return SSL_SUCCESS(1)  �功時�返�れ��。
+    \param bio  WOLFSSL_BIO構造体。
+    \param flag I/Oストリームを閉�る必���る��を示����使用�れるクローズフラグ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2635,9 +3484,10 @@ long wolfSSL_BIO_set_fd(WOLFSSL_BIO* b, int fd, int flag);
 int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
 
 /*!
-    \ingroup IO 
-    \brief  �れ�Bio_Socketタイプ�wolfssl_bio_methodを�得�る���使用�れ��。
-    \return WOLFSSL_BIO_METHOD  ソケットタイプ��るwolfssl_bio_method構造���インタ
+    \ingroup IO
+    \brief  ��関数�BIO_SOCKETタイプ�WOLFSSL_BIO_METHODを�得�る���使用�れ��。
+    \return WOLFSSL_BIO_METHOD  ソケットタイプ��るWOLFSSL_BIO_METHOD構造体���インタ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2649,11 +3499,15 @@ int wolfSSL_BIO_set_close(WOLFSSL_BIO *b, long flag);
 WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��WolfSSL_BIO�ライト�ッファ�サイズを設定�る���使用�れ��。書�込��ッファ�以��設定�れ��る場����関数�サイズをリセット�る���解放�れ��。読�書�インデックスを0�リセット�る���点��wolfssl_bio_reset�似����。
+    \ingroup IO
+    \brief  ��関数��WOLFSSL_BIO�ライト�ッファ�サイズを設定�る���使用�れ��。
+    書�込��ッファ�以��設定�れ��る場����関数�サイズをリセット�る���解放�れ��。
+    読�書�インデックスを0�リセット�る���点��wolfSSL_BIO_reset�似����。
     \return SSL_SUCCESS  書�込��ッファ�設定��功����。
     \return SSL_FAILURE  エラーケース�����場�
     \param bio  FDを設定�る���WOLFSSL_BIO構造。
+    \param size �ッファサイズ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2669,11 +3523,13 @@ WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void);
 int  wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �れ�2��BIOSを一緒�ペアリング�る���使用�れ��。一対�BIOS��2��方法パイプ��様��他方�読��られる��������逆も�様��る。BIOS�両方���スレッド内��る���予想�れ��。��機能�スレッドセーフ���り��ん。2��BIOS����1�を解放�る��両方�もペア�������。書�込��ッファサイズ�以��設定�れ����場���れ�ペア��る��17000（wolfssl_bio_size）�デフォルトサイズ�設定�れ��。
     \return SSL_SUCCESS  2��BIOSを���ペアリング���。
     \return SSL_FAILURE  エラーケース�����場�
-    \param b1  ペアを設定�る���wolfssl_bio構造。
+    \param b1  ペアを設定�る���第一�WOLFSSL_BIO構造体���インタ。
+    \param b2 第二��WOLFSSL_BIO構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2691,10 +3547,12 @@ int  wolfSSL_BIO_set_write_buf_size(WOLFSSL_BIO *b, long size);
 int  wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��読��り�求フラグを0�戻����使用�れ��。
+    \ingroup IO
+    \brief  ��関数��読��り�求フラグを0�戻����使用�れ��。
     \return SSL_SUCCESS  値を正常�設定���。
     \return SSL_FAILURE  エラーケース�����場�
+    \param bio WOLFSSL_BIO構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2706,13 +3564,17 @@ int  wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
     \sa wolfSSL_BIO_new, wolfSSL_BIO_s_mem
     \sa wolfSSL_BIO_new, wolfSSL_BIO_free
 */
-int  wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
+int  wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO * bio);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��読��り用��ッファ�インタを�得�る���使用�れ��。WOLFSSL_BIO_NREAD��異�り�内部読��りインデックス�関数呼�出��ら返�れ�番��よ��高度���り��ん。返�れる値を超��読��る��アレイ�境界�ら読�出�れる�能性��り��。
+    \ingroup IO
+    \bri f  ��関数��読��り用��ッファ�インタを�得�る���使用�れ��。
+    wolfSSL_BIO_nread��異�り�内部読��りインデックス�関数呼�出��ら返�れ�サイズ分進���ん。
+    返�れる値を超��読��る��アレイ�境界�ら読�出�れる�能性��り��。
     \return >=0  �功�る��読��る�イト数を返���
-    \param bio  wolfssl_bio構造体�ら読��り。
+    \param bio  WOLFSSL_BIO構造体���インタ。
+    \param buf 読��り用�ッファ���インタ��インタ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2729,12 +3591,17 @@ int  wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
 int  wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��読��り用��ッファ�インタを�得�る���使用�れ��。内部読��りインデックス��読��り元��ッファ�先頭�指�れ��るBUFを使用���関数呼�出��ら返�れる数�よ��高度��。数num��求�れ�値よりも�イト�少��場��より少��値�返�れ��。返�れる値を超��読��る��アレイ�境界�ら読�出�れる�能性��り��。
+    \ingroup IO
+    \biieれ����関数��読��り用��ッファ�インタを�得�る���使用�れ��。
+    内部読��りインデックス��読��り元��ッファ�先頭�指�れ��るBUFを使用���関数呼�出��ら返�れるサイズ分進���。
+    数num��求�れ�値よりも�イト�少��場��より少��値�返�れ��。
+    返�れる値を超��読��る��アレイ�境界�ら読�出�れる�能性��り��。
     \return >=0  �功�る��読��る�イト数を返���
     \return WOLFSSL_BIO_ERROR(-1)  Return -1を読むも�����エラーケース����
-    \param bio  wolfssl_bio構造体�ら読��り。
+    \param bio  WOLFSSL_BIO構造体���インタ。
     \param buf  読��り�列�先頭�設定�る�インタ。
+    \param num 読��りサイズ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2752,13 +3619,16 @@ int  wolfSSL_BIO_nread0(WOLFSSL_BIO *bio, char **buf);
 int  wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
 
 /*!
-    \ingroup IO 
-    \brief  関数�よ��返�れる数��イトを書�込む����ッファー���インタを�得���。返�れる�インタ�追加��イトを書�込ん�場��返�れ�値�範囲外�書�込�����る�能性��り��。
+    \ingroup IO
+    \brief  関数�よ��返�れる数��イトを書�込む����ッファー���インタを�得���。
+    返�れる�インタ�追加��イトを書�込ん�場��返�れ�値�範囲外�書�込�����る�能性��り��。
     \return int  返�れ��ッファ�インタ�書�込む�����る�イト数を返���。
     \return WOLFSSL_BIO_UNSET(-2)  �イオペア�一部����場�
     \return WOLFSSL_BIO_ERROR(-1)  �書���部屋��れ以上��場�
     \param bio  WOLFSSL_BIO構造�書�込む構造。
     \param buf  書�込む����ッファ���インタ。
+    \param num 書�込���サイズ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2776,10 +3646,12 @@ int  wolfSSL_BIO_nread(WOLFSSL_BIO *bio, char **buf, int num);
 int  wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �イオを�期状態�リセット���。タイプBIO_BIO�例�����れ�読�書�インデックスをリセット���。
     \return 0  �イオ�リセット��功����。
     \return WOLFSSL_BIO_ERROR(-1)  �良入力���失敗��リセット�返�れ��。
+    \param bio WOLFSSL_BIO構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2793,11 +3665,13 @@ int  wolfSSL_BIO_nwrite(WOLFSSL_BIO *bio, char **buf, int num);
 int  wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��指定�れ�オフセット��ファイル�インタを調整���。�れ�ファイル�先頭�ら�オフセット��。
+    \ingroup IO
+    \brief  ��関数��指定�れ�オフセット�ファイル�インタを調整���。�れ�ファイル�先頭�ら�オフセット��。
     \return 0  正常�探�����。
     \return -1  エラーケース�����場�
-    \param bio  設定�るwolfssl_bio構造体。
+    \param bio  設定�るWOLFSSL_BIO構造体���インタ。
+    \param ofs ファイル�先頭�ら�オフセット
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2817,11 +3691,13 @@ int  wolfSSL_BIO_reset(WOLFSSL_BIO *bio);
 int  wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �れ�ファイル�設定�よ�書�込む���使用�れ��。�在ファイル内�データを上書���BIO�解放�れ����ファイルを閉�るよ��設定�れ��。
     \return SSL_SUCCESS  ファイル�開��設定��功����。
     \return SSL_FAILURE  エラーケース�����場�
-    \param bio  ファイルを設定�るwolfssl_bio構造体。
+    \param bio  ファイルを設定�るWOLFSSL_BIO構造体体。
+    \param name 書�込�先ファイル����インタ
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2838,10 +3714,12 @@ int  wolfSSL_BIO_seek(WOLFSSL_BIO *bio, int ofs);
 int  wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �れ�ファイル値�終�りを設定�る���使用�れ��。一般的�値�予想�れる正�値�混��れ��よ��-1��。
     \return 0  完了�戻り���
-    \param bio  ファイル値�終�りを設定�る���wolfssl_bio構造体。
+    \param bio  ファイル値�終�りを設定�る���WOLFSSL_BIO構造体体。
+    \param v bio�セット�る値。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2858,11 +3736,13 @@ int  wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
 long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �れ�WolfSSL_BIOメモリ�インタ�ゲッター関数��。
     \return SSL_SUCCESS  �インタSSL_SUCCESSを返�正常�（�在1�値）。
-    \return SSL_FAILURE  null引数�渡�れ�場�（�在0�値）�渡�れ�場��返�れ��。
+    \return SSL_FAILURE  null引数�渡�れ�場�（�在0�値）�渡�れ�場��返�れ��。
     \param bio  メモリ�インタを�得�る���WOLFSSL_BIO構造体���インタ。
+    \param ptr WOLFSSL_BUF_MEM構造体���インタ（�在�char*�����る）
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -2877,11 +3757,13 @@ long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
 long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�X509���を�ッファ�コピー���。
-    \return A  WOLFSSL_X509_NAME構造�メン�ー�データ�正常�実行�れ�場���ッファ��POINTER found struffer nameメン�ー�データ�返�れ��。
+    \return A  WOLFSSL_X509_NAME構造�メン�ー�データ�正常�実行�れ�場��nameメン�ー�データ�返�れ��。
     \param name  wolfssl_x509構造���インタ。
-    \param in  wolfssl_x509_name構造�らコピー�れ���を���る����ッファ。
+    \param in  WOLFSSL_X509_NAME構造体�らコピー�れ���を���る����ッファ。
+    \param sz �ッファ�最大サイズ
+
     _Example_
     \code
     WOLFSSL_X509 x509;
@@ -2902,10 +3784,12 @@ long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
 char*       wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�証明書発行者���を返���。
     \return point  WOLFSSL_X509構造体�発行者メン�ー���インタ�返�れ��。
     \return NULL  渡�れ�証明書�NULL�場�
+    \param cert WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509* x509;
@@ -2924,12 +3808,14 @@ char*       wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
     \sa wolfSSL_get_peer_certificate
     \sa wolfSSL_X509_NAME_oneline
 */
-WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl_x509構造�件�メン�ーを返���。
     \return pointer  wolfssl_x509_name構造���インタ。WOLFSSL_X509構造体�NULL�場�����構造体�件�メン�ー�NULL�場���インタ�NULL��る����り��。
+    \param cert WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509* cert;
@@ -2944,13 +3830,15 @@ WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
     \sa wolfSSL_X509_get_isCA
     \sa wolfSSL_get_peer_certificate
 */
-WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  wolfssl_x509構造�ISCAメン�ーを�ェック��値を返���。
-    \return isCA  wolfssl_x509構造�ISCAメン�ー内�値を返���。
-    \return 0  有効�X509構造�渡�れ��場��返�れ��。
+    \ingroup CertsKeys
+    \brief  WOLFSSL_X509構造体�isCaメン�ーを�ェック��値を返���。
+    \return isCA  WOLFSSL_X509構造体�isCaメン�ー�値を返���。
+    \return 0  有効�WOLFSSL_X509構造体�渡�れ��場��返�れ��。
+    \param cert WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -2967,15 +3855,17 @@ WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
     \sa wolfSSL_X509_get_issuer_name
     \sa wolfSSL_X509_get_isCA
 */
-int  wolfSSL_X509_get_isCA(WOLFSSL_X509*);
+int  wolfSSL_X509_get_isCA(WOLFSSL_X509* cert);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��渡�れ�NID値�関連�るテキストを�得���。
     \return int  テキスト�ッファ�サイズを返���。
     \param name  wolfssl_x509_nameテキストを検索�る。
     \param nid  検索�るNID。
     \param buf  見�������テキストを���る����ッファー。
+    \param len �ッファ�サイズ
+
     _Example_
     \code
     WOLFSSL_X509_NAME* name;
@@ -2994,10 +3884,12 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
                                       char* buf, int len);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_x509構造�Sigoidメン�ー�格��れ��る値を返���。
-    \return 0  wolfssl_x509構造�NULL�場��返�れ��。
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_X509構造体�sigOIDメン�ー�格��れ��る値を返���。
+    \return 0  WOLFSSL_X509構造体�NULL�場��返�れ��。
     \return int  x509オブジェクト�ら�得�れ�整数値�返�れ��。
+    \param cert WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3017,10 +3909,13 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
     \sa wolfSSL_X509_notAfter
     \sa wolfSSL_X509_free
 */
-int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
+int wolfSSL_X509_get_signature_type(WOLFSSL_X509* cert);
 
 /*!
-    \brief  
+    \brief ��関数�WOLFSSL_X509構造体を解放���。
+    \return ��
+    \param x509 WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -3039,12 +3934,14 @@ int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
 void wolfSSL_X509_free(WOLFSSL_X509* x509);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  x509署�を�得���れを�ッファ��存���。
     \return SSL_SUCCESS  関数�正常�実行�れ�場��返�れ��。署���ッファ�ロード�れ��。
     \return SSL_FATAL_ERRROR  X509構造体���BUFSZメン�ー�NULL�場��返���。SIG構造�長�メン���ェックも�る（SIG�X509�メン�ー��る）。
     \param x509  wolfssl_x509構造���インタ。
     \param buf  �ッファ��文字�インタ。
+    \param bufSz �ッファサイズを格��るint型変数���インタ
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -3065,11 +3962,13 @@ void wolfSSL_X509_free(WOLFSSL_X509* x509);
 int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, unsigned char* buf, int* bufSz);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_x509_stre構造�証明書を追加���。
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_X509_STRE構造体�証明書を追加���。
     \return SSL_SUCCESS  証明書�正常�追加�れ�場�。
     \return SSL_FATAL_ERROR:  証明書�正常�追加�れ��場�
     \param str  証明書を追加�る証明書ストア。
+    \param x509 追加�るWOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509_STORE* str;
@@ -3083,10 +3982,12 @@ int wolfSSL_X509_get_signature(WOLFSSL_X509* x509, unsigned char* buf, int* bufS
 int wolfSSL_X509_STORE_add_cert(WOLFSSL_X509_STORE* store, WOLFSSL_X509* x509);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_x509_store_ctx構造体��ェーン変数�getter関数��。�在�ェーン��り込�れ����ん。
-    \return pointer  �功��場�wolfssl_stack（stack_of（wolfssl_x509））�インタ���
-    \return Null  失敗�る�
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_X509_STORE_CTX構造体��ェーン変数�getter関数��。�在�ェーン��り込�れ����ん。
+    \return pointer  �功��場�WOLFSSL_STACK（STACK_OF(WOLFSSL_X509)）�インタ���
+    \return Null  失敗��場��返�れ��。
+    \param ctx WOLFSSL_X509_STORE_CTX構造体���インタ
+
     _Example_
     \code
     WOLFSSL_STACK* sk;
@@ -3100,11 +4001,13 @@ WOLFSSL_STACK* wolfSSL_X509_STORE_CTX_get_chain(
                                                    WOLFSSL_X509_STORE_CTX* ctx);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��渡�れ�wolfssl_x509_store構造体�動作を変更�る���フラグを�り��。使用�れるフラグ�例�wolfssl_crl_check��。
+    \ingroup CertsKeys
+    \brief  ��関数��渡�れ�WOLFSSL_X509_STORE構造体�動作を変更�る���フラグを�り��。使用�れるフラグ�例�WOLFSSL_CRL_CHECK��。
     \return SSL_SUCCESS  フラグを設定�る���エラー�発生�����場�。
     \return <0  障害�際�負�値�返�れ��。
     \param str  フラグを設定�る証明書ストア。
+    \param flag フラグ
+
     _Example_
     \code
     WOLFSSL_X509_STORE* str;
@@ -3122,10 +4025,12 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
                                                             unsigned long flag);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  �れ��BYTEアレイ���符�化�れ�有効性�証明書「NOT BEFISE�を機能���。
-    \return NULL  wolfssl_x509構造�NULL�場��返�れ��。
-    \return byte  NetBeforEdataを�む返�れ��。
+    \ingroup CertsKeys
+    \brief  ��関数�BYTEアレイ���符�化�れ�"not before"�素を返���。
+    \return NULL  WOLFSSL_X509構造体�NULL�場��返�れ��。
+    \return byte  NetBeforEdataを�む�ッファ���インタ�返�れ��。
+    \param x509 WOLFSSL_X509構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3145,10 +4050,12 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store,
 const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  �れ��BYTE�列���符�化�れ�有効性�証明書「未処��を機能���。
-    \return NULL  wolfssl_x509構造�NULL�場��返�れ��。
-    \return byte  NOTAFTERDATAを�む返�れ��。
+    \ingroup CertsKeys
+    \brief  ��関数��BYTE�列���符�化�れ�"not after"�素を返���。
+    \return NULL  WOLFSSL_X509構造体�NULL�場��返�れ��。
+    \return byte  notAfterDataを�む�ッファ���インタ�返�れ��。
+    \param x509 WOLFSSL_X509構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -3168,11 +4075,15 @@ const byte* wolfSSL_X509_notBefore(WOLFSSL_X509* x509);
 const byte* wolfSSL_X509_notAfter(WOLFSSL_X509* x509);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl_asn1_integer値をwolfssl_bignum構造�コピー�る���使用�れ��。
-    \return pointer  wolfssl_asn1_integer値を正常�コピー�る��wolfssl_bignum�インタ�返�れ��。
-    \return Null  失敗�る�。
-    \param ai  wolfssl asn1_integer構造体�らコピー�る。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_ASN1_INTEGER値をWOLFSSL_BIGNUM構造体�コピー�る���使用�れ��。
+    \return pointer  WOLFSSL_ASN1_INTEGER値を正常�コピー�る��WOLFSSL_BIGNUM�インタ�返�れ��。
+    \return Null  失敗時�返�れ��。
+    \param ai WOLFSSL_ASN1_INTEGER構造体���インタ
+    \param bn も��既存�WOLFSSL_BIGNUM構造体�コピー���場����インタを��引数�指定���。
+    NULLを指定�る�新��WOLFSSL_BIGNUM構造体�生��れ�使用�れ��。
+
+
     _Example_
     \code
     WOLFSSL_ASN1_INTEGER* ai;
@@ -3190,11 +4101,13 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
                                        WOLFSSL_BIGNUM *bn);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl_ctx構造�構築�れ��る内部�ェーン�証明書を追加���。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_CTX構造�構築�れ��る内部�ェーン�証明書を追加���。
     \return SSL_SUCCESS  証明書�追加��功��ら。
     \return SSL_FAILURE  �ェーン�証明書を追加�る���失敗��場�。
-    \param ctx  証明書を追加�る���wolfssl_ctx構造。
+    \param ctx  証明書を追加�る���WOLFSSL_CTX構造。
+    \param x509 WOLFSSL_X509構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3210,10 +4123,12 @@ WOLFSSL_BIGNUM *wolfSSL_ASN1_INTEGER_to_BN(const WOLFSSL_ASN1_INTEGER *ai,
 long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl_ctx構造�らGet Read Hapeフラグを返���。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_CTX構造�らGet Read Hapeフラグを返���。
     \return flag  �功�る��読��り先�フラグを返���。
     \return SSL_FAILURE  ctx�null�場��ssl_failure�返�れ��。
+    \param ctx WOLFSSL_CTX構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3226,13 +4141,16 @@ long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
     \sa wolfSSL_CTX_free
     \sa wolfSSL_CTX_set_read_ahead
 */
-int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
+int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl_ctx構造内�読�出�先�フラグを設定���。
-    \return SSL_SUCCESS  CTX�先読�フラグを設定��場�。
-    \return SSL_FAILURE  ctx�null�場��ssl_failure�返�れ��。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_CTX構造内�読�出�先�フラグを設定���。
+    \return SSL_SUCCESS  ctx�先読�フラグを設定��場�。
+    \return SSL_FAILURE  ctx�NULL�場��返�れ��。
+    \param ctx WOLFSSL_CTX構造体���インタ
+    \param v 先読�フラグ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3249,11 +4167,13 @@ int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
 int  wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�OCSP�使用�るオプション引数を設定���。
     \return SSL_FAILURE  CTX���IT�CERT Manager�NULL�場�。
     \return SSL_SUCCESS  正常�設定�れ��る場�。
-    \param ctx  wolfssl_ctx構造ユーザー引数を設定�る���構造。
+    \param ctx  WOLFSSL_CTX構造���インタ
+    \param arg ユーザー引数
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3270,11 +4190,13 @@ int  wolfSSL_CTX_set_read_ahead(WOLFSSL_CTX* ctx, int v);
 long wolfSSL_CTX_set_tlsext_status_arg(WOLFSSL_CTX* ctx, void* arg);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��PRFコール�ック�渡�オプション�引数を設定���。
     \return SSL_FAILURE  CTX�NULL�場�
     \return SSL_SUCCESS  正常�設定�れ��る場�。
-    \param ctx  wolfssl_ctx構造ユーザー引数を設定�る���構造。
+    \param ctx  WOLFSSL_CTX構造���インタ
+    \param arg ユーザー引数
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3291,10 +4213,21 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
         WOLFSSL_CTX* ctx, void* arg);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��SSL�オプションマスクを設定���。�����有効�オプション��ssl_op_all�ssl_op_cookie_exchange�ssl_op_no_sslv2�ssl_op_no_sslv3�ssl_op_no_tlsv1_1�ssl_op_no_tlsv1_2�ssl_op_no_compression��。
+    \ingroup Setup
+    \brief  ��関数��SSL�オプションマスクを設定���。
+    �����有効�オプション��ssl_op_all�ssl_op_cookie_exchange�ssl_op_no_sslv2�ssl_op_no_sslv3�ssl_op_no_tlsv1_1�ssl_op_no_tlsv1_2�ssl_op_no_compression��。
     \return val  SSL�格��れ��る更新�れ�オプションマスク値を返���。
     \param s  オプションマスクを設定�る���WolfSSL構造。
+    \param op オプションマスク。以下�値�指定�能��：<br>
+    SSL_OP_ALL<br>
+    SSL_OP_COOKIE_EXCHANGE<br>
+    SSL_OP_NO_SSLv2<br>
+    SSL_OP_NO_SSLv3<br>
+    SSL_OP_NO_TLSv1<br>
+    SSL_OP_NO_TLSv1_1<br>
+    SSL_OP_NO_TLSv1_2<br>
+    SSL_OP_NO_COMPRESSION<br>
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3310,9 +4243,11 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(
 long wolfSSL_set_options(WOLFSSL *s, long op);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��在�オプションマスクを返���。
     \return val  SSL�格��れ��るマスク値を返���。
+    \param ssl WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3324,14 +4259,16 @@ long wolfSSL_set_options(WOLFSSL *s, long op);
     \sa wolfSSL_free
     \sa wolfSSL_set_options
 */
-long wolfSSL_get_options(const WOLFSSL *s);
+long wolfSSL_get_options(const WOLFSSL *ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��渡�れ�デ�ッグ引数を設定�る���使用�れ��。
-    \return SSL_SUCCESS  設定��功��引数����。
+    \ingroup Setup
+    \brief  ��関数��渡�れ�デ�ッグ引数を設定�る���使用�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。
     \param ssl  引数を設定�る���WolfSSL構造。
+    \param arg デ�ッグ引数
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3344,14 +4281,16 @@ long wolfSSL_get_options(const WOLFSSL *s);
     \sa wolfSSL_new
     \sa wolfSSL_free
 */
-long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
+long wolfSSL_set_tlsext_debug_arg(WOLFSSL *ssl, void *arg);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  ��関数��サー��OCSPステータス応答（OCSPステイプル�も呼�れる）を��信�るクライアントアプリケーション��求�れ����呼�出�れ��。
-    \return 1  �功�る�。
-    \return 0  エラー時�。
-    \param s  ssl_new（）関数�よ��作��れ�wolfssl構造体���インタ
+    \return 1  �功時�返�れ��。
+    \return 0  エラー時�返�れ��。
+    \param s  ssl_new()関数�よ��作��れ�WOLFSSL構造体���インタ
+    \param type ssl拡張タイプ。TLSEXT_STATUSTYPE_ocsp��指定�。
+
     _Example_
     \code
     WOLFSSL *ssl;
@@ -3371,10 +4310,12 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
 long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��ピア�証明書を確��よ����後��果を�得�る���使用�れ��。
+    \ingroup Setup
+    \bri f  ��関数��れ��ピア�証明書を確��よ����後��果を�得�る���使用�れ��。
     \return X509_V_OK  �功��検証����
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。
+    \param ssl WOLFSSL 構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3389,10 +4330,12 @@ long wolfSSL_set_tlsext_status_type(WOLFSSL *s, int type);
 long wolfSSL_get_verify_result(const WOLFSSL *ssl);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��wolfssl_get_error（）�よ��返�れ�エラーコードをより多��人間�読�るエラー文字列�変�����文字列を出力ファイル��刷���。ERR��WOLFSSL_GET_ERROR（）�よ��返�れ�FP�エラー文字列��置�れるファイル��るエラーコード��。
-    \return none  ���返���。
+    \ingroup Debug
+    \brief  ��関数��wolfSSL_get_error()�よ��返�れ�エラーコードをより多��人間�読�るエラー文字列�変�����文字列を出力ファイル��刷���。ERR��WOLFSSL_GET_ERROR()�よ��返�れ�FP�エラー文字列��置�れるファイル��るエラーコード��。
+    \return ��
     \param fp  �書�込�れる人間�読�るエラー文字列�出力ファイル。
+    \param err wolfSSL_get_error()�返�れるエラーコード。
+
     _Example_
     \code
     int err = 0;
@@ -3410,10 +4353,12 @@ long wolfSSL_get_verify_result(const WOLFSSL *ssl);
 void  wolfSSL_ERR_print_errors_fp(XFILE fp, int err);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��供�れ�コール�ックを使用��エラー報告を処����。コール�ック関数�エラー回線���実行�れ��。文字列�長���よ�USERDATA�コール�ックパラメータ�渡�れ��。
-    \return none  ���返���。
+    \ingroup Debug
+    \brief  ��関数��供�れ�コール�ックを使用��エラー報告を処����。コール�ック関数�エラー回線���実行�れ��。文字列�長���よ�userdata�コール�ックパラメータ�渡�れ��。
+    \return ��
     \param cb  コール�ック関数
+    \param u コール�ック関数�渡�れるuserdata
+
     _Example_
     \code
     int error_cb(const char *str, size_t len, void *u)
@@ -3431,9 +4376,20 @@ void  wolfSSL_ERR_print_errors_cb (
         int (*cb)(const char *str, size_t len, void *u), void *u);
 
 /*!
-    \brief  wolfssl_ctx構造
-    \return none  ���返���。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \brief  ��関数�WOLFSSL_CTX構造�client_psk_cbメン�ーをセット���。
+    \return ��
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+    \param cb wc_psk_client_callback �コール�ック関数�インタ�WOLFSSL_CTX構造体�格��れ��。
+    戻り値��功時���長を返��エラー時���を返���。
+    unsigned int (*wc_psk_client_callback)
+    PSK クライアントコール�ック関数�引数：<br>
+    WOLFSSL* ssl - WOLFSSL構造体���インタ<br>
+    const char* hint - ユーザー�対��表示�れるヒント文字列<br>
+    char* identity - ID<br>
+    unsigned int id_max_len - ID�ッファ�サイズ<br>
+    unsigned char* key - 格��れる�<br>
+    unsigned int key_max_len - ��最大サイズ<br>
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol def );
@@ -3450,12 +4406,13 @@ void  wolfSSL_ERR_print_errors_cb (
     \sa wolfSSL_CTX_set_psk_client_callback
 */
 void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
-                                                    wc_psk_client_callback);
+                                                    wc_psk_client_callback cb);
 
 /*!
-    \brief  
+    \brief
     \return none  ���返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3477,10 +4434,11 @@ void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,
                                                     wc_psk_client_callback);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�PSKアイデンティティヒントを返���。
     \return pointer  WolfSSL構造��列メン�ー�格��れ��る値��const char�インタ�返�れ��。
     \return NULL  WOLFSSL����列構造�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -3499,10 +4457,11 @@ void wolfSSL_set_psk_client_callback(WOLFSSL* ssl,
 const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  関数���列構造�Client_Identityメン�ー��定数�インタを返���。
     \return string  �列構造�client_identityメン��文字列値。
     \return NULL  WOLFSSL構造�NULL�場�����WOLFSSL構造��列メン�ー�NULL�場�。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -3521,10 +4480,11 @@ const char* wolfSSL_get_psk_identity_hint(const WOLFSSL*);
 const char* wolfSSL_get_psk_identity(const WOLFSSL*);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_ctx構造体�server_hintメン�ー�HINT引数を格����。
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_CTX構造体�server_hintメン�ー�HINT引数を格����。
     \return SSL_SUCCESS  機能�実行��功�����返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3544,11 +4504,12 @@ const char* wolfSSL_get_psk_identity(const WOLFSSL*);
 int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl構造内��列構造�server_hintメン�ー�HINT引数を格����。
     \return SSL_SUCCESS  ヒント�WolfSSL構造�正常��存�れ�場��返�れ��。
     \return SSL_FAILURE  WOLFSSL����列構造�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -3563,9 +4524,10 @@ int wolfSSL_CTX_use_psk_identity_hint(WOLFSSL_CTX* ctx, const char* hint);
 int wolfSSL_use_psk_identity_hint(WOLFSSL* ssl, const char* hint);
 
 /*!
-    \brief  wolfssl_ctx構造体
+    \brief  WOLFSSL_CTX構造体
     \return none  ���返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3594,7 +4556,8 @@ void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx,
 /*!
     \brief  WolfSSL構造オプションメン�ー。
     \return none  ���返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -3622,9 +4585,10 @@ void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,
 
 
 /*!
-    \brief  
+    \brief
     \return WOLFSSL_SUCCESS  ���wolfssl_failure.
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     \sa wolfSSL_get_psk_callback_ctx
     \sa wolfSSL_CTX_set_psk_callback_ctx
     \sa wolfSSL_CTX_get_psk_callback_ctx
@@ -3632,9 +4596,9 @@ void wolfSSL_set_psk_server_callback(WOLFSSL* ssl,
 int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx);
 
 /*!
-    \brief  
+    \brief
     \return WOLFSSL_SUCCESS  ���wolfssl_failure.
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \sa wolfSSL_set_psk_callback_ctx
     \sa wolfSSL_get_psk_callback_ctx
     \sa wolfSSL_CTX_get_psk_callback_ctx
@@ -3642,7 +4606,7 @@ int wolfSSL_set_psk_callback_ctx(WOLFSSL* ssl, void* psk_ctx);
 int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx);
 
 /*!
-    \brief  
+    \brief
     \return void  ユーザーPSKコンテキスト���インタ
     \sa wolfSSL_set_psk_callback_ctx
     \sa wolfSSL_CTX_set_psk_callback_ctx
@@ -3651,7 +4615,7 @@ int wolfSSL_CTX_set_psk_callback_ctx(WOLFSSL_CTX* ctx, void* psk_ctx);
 void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl);
 
 /*!
-    \brief  
+    \brief
     \return void  ユーザーPSKコンテキスト���インタ
     \sa wolfSSL_CTX_set_psk_callback_ctx
     \sa wolfSSL_set_psk_callback_ctx
@@ -3660,10 +4624,11 @@ void* wolfSSL_get_psk_callback_ctx(WOLFSSL* ssl);
 void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��機能�より�CTX構造�HAVAnonメン�ー�コンパイル中�定義�れ��る場���CTX構造�HABANONメン�ーを有効����。
     \return SSL_SUCCESS  機能�正常�実行�れ�CTX�Haveannonメン�ー�1�設定�れ��る場��返�れ��。
     \return SSL_FAILURE  CTX構造�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -3683,10 +4648,11 @@ void* wolfSSL_CTX_get_psk_callback_ctx(WOLFSSL_CTX* ctx);
 int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
-    \brief  wolfsslv23_server_method（）関数��アプリケーション�サー�ー��る��を示����使用�れ�SSL 3.0  -  TLS 1.3�らプロトコル�ージョン�接続�るクライアントをサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \ingroup Setup
+    \brief  wolfsslv23_server_method()関数��アプリケーション�サー�ー��る��を示����使用�れ�SSL 3.0  -  TLS 1.3�らプロトコル�ージョン�接続�るクライアントをサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
     \return pointer  �功��場��呼�出��新��作��れ�wolfssl_method構造���インタを返���。
-    \return Failure  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc（）実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+    \return Failure  xmallocを呼�出����メモリ割り当��失敗��場��基礎��るMalloc()実装�失敗値�返�れ��（通常�errno�enomeem�設定�れ��）。
+
     _Example_
     \code
     WOLFSSL_METHOD* method;
@@ -3711,10 +4677,11 @@ int wolfSSL_CTX_allow_anon_cipher(WOLFSSL_CTX*);
 WOLFSSL_METHOD *wolfSSLv23_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��WolfSSL構造体�内部エラー状態を�得�る���使用�れ��。
+    \ingroup Setup
+    \bri f  ��関数��れ��WolfSSL構造体�内部エラー状態を�得�る���使用�れ��。
     \return wolfssl_error  SSLエラー状態�通常�マイナスを返���
-    \return BAD_FUNC_ARG  SSL�NULL�場�
+    \return BAD_FUNC_ARG  ssl�NULL�場�
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -3729,10 +4696,11 @@ WOLFSSL_METHOD *wolfSSLv23_server_method(void);
 int  wolfSSL_state(WOLFSSL* ssl);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�ピア�証明書を�得���。
     \return pointer  WOLFSSL_X509構造�PECRERTメン�ー���インタ�存在�る場��。
     \return 0  ピア証明書発行者サイズ�定義�れ����場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -3751,10 +4719,11 @@ int  wolfSSL_state(WOLFSSL* ssl);
 WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��wolfssl_get_error（）を呼�出��ssl_error_want_readを�得�る��似����。基礎��るエラー状態�SSL_ERROR_WANT_READ�場����関数�1を返������れ以外�場��0��。
-    \return 1  WOLFSSL_GET_ERROR（）�SSL_ERROR_WANT_READを返��基礎��るI / O��読��り�能�データ��り��。
+    \ingroup Debug
+    \brief  ��関数��wolfSSL_get_error()を呼�出��ssl_error_want_readを�得�る��似����。基礎��るエラー状態�SSL_ERROR_WANT_READ�場����関数�1を返������れ以外�場��0��。
+    \return 1  WOLFSSL_GET_ERROR()�SSL_ERROR_WANT_READを返��基礎��るI / O��読��り�能�データ��り��。
     \return 0  SSL_ERROR_WANT_READエラー状態��り��ん。
+
     _Example_
     \code
     int ret;
@@ -3772,10 +4741,11 @@ WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL* ssl);
 int wolfSSL_want_read(WOLFSSL*);
 
 /*!
-    \ingroup Debug 
-    \brief  ��関数��wolfssl_get_error（）を呼�出��RETURS�SSL_ERROR_WANT_WRITEを�得�る������。基礎��るエラー状態�SSL_ERROR_WANT_WRITE�場����関数�1を返������れ以外�場��0��。
-    \return 1  WOLFSSL_GET_ERROR（）�SSL_ERROR_WANT_WRITEを返���。基礎��るI / O��基礎��るSSL接続�進行状�を行����書�込�れるデータを必�����。
+    \ingroup Debug
+    \brief  ��関数��wolfSSL_get_error()を呼�出��RETURS�SSL_ERROR_WANT_WRITEを�得�る������。基礎��るエラー状態�SSL_ERROR_WANT_WRITE�場����関数�1を返������れ以外�場��0��。
+    \return 1  WOLFSSL_GET_ERROR()�SSL_ERROR_WANT_WRITEを返���。基礎��るI / O��基礎��るSSL接続�進行状�を行����書�込�れるデータを必�����。
     \return 0  ssl_error_want_writeエラー状態��り��ん。
+
     _Example_
     \code
     int ret;
@@ -3792,11 +4762,12 @@ int wolfSSL_want_read(WOLFSSL*);
 int wolfSSL_want_write(WOLFSSL*);
 
 /*!
-    \ingroup Setup 
-    \brief  wolfsslデフォルト���有効�日付範囲�検証済��署�����ピア証明書を�ェック���。wolfssl_connect（）���wolfssl_accept（）�����関数を呼�出���実行�る�ェック�リスト�ドメイン��ェック�追加�れ��。DN�信時�ピア証明書を確��る���ドメイン�を�����。
-    \return SSL_SUCCESS  �功�る�。
+    \ingroup Setup
+    \brief  wolfsslデフォルト���有効�日付範囲�検証済��署�����ピア証明書を�ェック���。wolfssl_connect()���wolfssl_accept()�����関数を呼�出���実行�る�ェック�リスト�ドメイン��ェック�追加�れ��。DN�信時�ピア証明書を確��る���ドメイン�を�����。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return SSL_FAILURE  メモリエラー�発生��場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     int ret = 0;
@@ -3814,10 +4785,11 @@ int wolfSSL_want_write(WOLFSSL*);
 int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  使用�る���WolfSSLライブラリを�期化���。アプリケーション���1回���他�ライブラリ��呼�出����呼�出�必���り��。
-    \return SSL_SUCCESS  �功��場��通話�戻り��。
+    \return SSL_SUCCESS  �功��場��返�れ��。�通話�戻り��。
     \return BAD_MUTEX_E  返�れる�能性��るエラー��。
+
     _Example_
     \code
     int ret = 0;
@@ -3832,9 +4804,10 @@ int wolfSSL_check_domain_name(WOLFSSL* ssl, const char* dn);
 int wolfSSL_Init(void);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  �ら�る使用�らWOLFSSLライブラリを�期化���。ライブラリ�よ��使用�れるリソースを解放�����呼�出�れる必���り��ん。
     \return SSL_SUCCESS  エラーを返���ん。
+
     _Example_
     \code
     wolfSSL_Cleanup();
@@ -3844,9 +4817,10 @@ int wolfSSL_Init(void);
 int wolfSSL_Cleanup(void);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��在�ライブラリー�ージョンを返���。
     \return LIBWOLFSSL_VERSION_STRING  �ージョンを定義�るconst char�インタ。
+
     _Example_
     \code
     char version[MAXSIZE];
@@ -3861,9 +4835,10 @@ int wolfSSL_Cleanup(void);
 const char* wolfSSL_lib_version(void);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数���在�ライブラリー��ージョンを16進表記�返���。
     \return LILBWOLFSSL_VERSION_HEX  wolfssl / version.h�定義�れ��る16進数�ージョンを返���。
+
     _Example_
     \code
     word32 libV;
@@ -3880,10 +4855,11 @@ const char* wolfSSL_lib_version(void);
 word32 wolfSSL_lib_version_hex(void);
 
 /*!
-    \ingroup IO 
-    \brief  SSLメソッド����基����実際�接続���承�を実行���。クライアント��ら呼�出�れ�場��サー���ら呼�出�れ�場��wolfssl_accept（）�実行�れ��る間�wolfssl_connect（）�行�れる。
-    \return SSL_SUCCESS  �功��場��返��れ��。（注�����ージョン�0を返���）
-    \return SSL_FATAL_ERROR  基礎��る呼�出��エラー����場��返�れ��。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
+    \ingroup IO
+    \brief  SSLメソッド����基����実際�接続���承�を実行���。クライアント��ら呼�出�れ�場��サー���ら呼�出�れ�場��wolfssl_accept()�実行�れ��る間�wolfssl_connect()�行�れる。
+    \return SSL_SUCCESS  �功��場��返�れ��。�返��れ��。（注�����ージョン�0を返���）
+    \return SSL_FATAL_ERROR  基礎��る呼�出��エラー����場��返�れ��。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+
     _Example_
     \code
     int ret = SSL_FATAL_ERROR;
@@ -3903,10 +4879,11 @@ word32 wolfSSL_lib_version_hex(void);
 int wolfSSL_negotiate(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  SSL接続�圧縮を使用�る機能をオン����。両���圧縮�オン�����る必���り��。�����れ�圧縮�使用�れ��ん。ZLIBライブラリ�実際�データ圧縮を実行���。ライブラリ�コンパイル�る���システム�設定システム�--with-libzを使用�������場��hand_libzを定義���。��信�れるメッセージ�実際�サイズを減ら���データを圧縮���る間��圧縮�よ���存�れ�データ���通常��ットワーク��������ットワークを除��も�よりも分��時間���り��。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return NOT_COMPILED_IN  圧縮サ�ート�ライブラリ�組�込�れ����場��返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -3922,11 +4899,12 @@ int wolfSSL_negotiate(WOLFSSL* ssl);
 int wolfSSL_set_compression(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�SSLセッションタイムアウト値を秒���設定���。
     \return SSL_SUCCESS  セッションを正常�設定�る�返�れ��。
-    \return BAD_FUNC_ARG  SSL�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造体���インタ
+
     _Example_
     \code
     int ret = 0;
@@ -3945,12 +4923,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl);
 int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��指定�れ�SSLコンテキスト�対���SSLセッション�タイムアウト値を秒���設定���。
     \return the  wolfssl_error_code_openssl�場��以��タイムアウト値
     \return defined  �功�����。定義�れ����場��SSL_SUCCESS�返�れ��。
     \return BAD_FUNC_ARG  入力コンテキスト（CTX）�NULL����返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX*    ctx    = 0;
@@ -3969,10 +4948,11 @@ int wolfSSL_set_timeout(WOLFSSL* ssl, unsigned int to);
 int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  ピア�証明書�ェーンを�得���。
     \return chain  正常�コール�ピア�証明書�ェーンを返���。
     \return 0  無効�WolfSSL�インタ�関数�渡�れる�返�れ��。
+
     _Example_
     \code
     none
@@ -3985,10 +4965,11 @@ int wolfSSL_CTX_set_timeout(WOLFSSL_CTX* ctx, unsigned int to);
 WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  ピア�証明書�ェーン数を�得���。
     \return Success  正常�コール�ピア�証明書�ェーン数を返���。
     \return 0  無効��ェーン�インタ�関数�渡�れる�返�れ��。
+
     _Example_
     \code
     none
@@ -4001,11 +4982,12 @@ WOLFSSL_X509_CHAIN* wolfSSL_get_peer_chain(WOLFSSL* ssl);
 int  wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  Index（IDX）�ピア�ASN1.DER証明書長を�イト����得���。
     \return Success  正常�コール�インデックス別�ピア�証明書長を�イト���返���。
     \return 0  無効��ェーン�インタ�関数�渡�れる�返�れ��。
     \param chain  有効�wolfssl_x509_chain構造���インタ。
+
     _Example_
     \code
     none
@@ -4018,11 +5000,12 @@ int  wolfSSL_get_chain_count(WOLFSSL_X509_CHAIN* chain);
 int  wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  インデックス（IDX）�ピア�ASN1.DER証明書を�得���。
     \return Success  正常�コール�インデックス�ピア�証明書を返���。
     \return 0  無効��ェーン�インタ�関数�渡�れる�返�れ��。
     \param chain  有効�wolfssl_x509_chain構造���インタ。
+
     _Example_
     \code
     none
@@ -4035,7 +5018,7 @@ int  wolfSSL_get_chain_length(WOLFSSL_X509_CHAIN* chain, int idx);
 unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��証明書��ェーン�ら�ピア�WOLFSSL_X509構造体をインデックス（IDX）��得���。
     \return pointer  WOLFSSL_X509構造体���インタを返���。
     \param chain  動的メモリsession_cache�場��使用�れるWOLFSSL_X509_CHAIN���インタ。
@@ -4064,11 +5047,12 @@ unsigned char* wolfSSL_get_chain_cert(WOLFSSL_X509_CHAIN* chain, int idx);
 WOLFSSL_X509* wolfSSL_get_chain_X509(WOLFSSL_X509_CHAIN* chain, int idx);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  インデックス（IDX）�ピア�PEM証明書を�得���。
     \return Success  正常�コール�インデックス�ピア�証明書を返���。
     \return 0  無効��ェーン�インタ�関数�渡�れる�返�れ��。
     \param chain  有効�wolfssl_x509_chain構造���インタ。
+
     _Example_
     \code
     none
@@ -4082,9 +5066,10 @@ int  wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
                                 unsigned char* buf, int inLen, int* outLen);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  セッション�IDを�得���。セッションID�常�32�イト�長���。
     \return id  セッションID。
+
     _Example_
     \code
     none
@@ -4094,11 +5079,12 @@ int  wolfSSL_get_chain_cert_pem(WOLFSSL_X509_CHAIN* chain, int idx,
 const unsigned char* wolfSSL_get_sessionID(const WOLFSSL_SESSION* s);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  ピア�証明書�シリアル番�を�得���。シリアル番��ッファ（IN）�少���も32�イト以上��り�入力���* INOUTSZ引数����供�れ��。関数を呼�出��後* INOUTSZ�IN�ッファ�書�込�れ�実際�長�を�イト��������。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  関数��良引数�見����場��返�れ��。
     \param in  シリアル番��ッファ�少���も32�イト�長���る����
+
     _Example_
     \code
     none
@@ -4109,10 +5095,11 @@ int  wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, unsigned char* in,
                                     int* inOutSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  証明書�ら件��共通�を返���。
     \return NULL  X509構造�NULL�場��返�れ��
     \return string  サブジェクト�共通��文字列表���功�返�れ��
+
     _Example_
     \code
     WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4133,11 +5120,12 @@ int  wolfSSL_X509_get_serial_number(WOLFSSL_X509* x509, unsigned char* in,
 char*  wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl_x509構造体�DERエンコード�れ�証明書を�得���。
     \return buffer  ��関数�Derbuffer構造体��ッファメン�ーを返���。�れ��イト型��。
     \return NULL  x509���outszパラメーター�null�場��返�れ��。
     \param x509  証明書情報を�むWolfSSL_X509構造���インタ。
+
     _Example_
     \code
     WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4158,10 +5146,11 @@ char*  wolfSSL_X509_get_subjectCN(WOLFSSL_X509*);
 const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��x509�null�����を確��������場���x509構造体�ノッカスメン�ーを返���。
     \return pointer  ASN1_TIMEを使用��X509構造体�ノカフターメン�ー�構造体を表明���。
     \return NULL  X509オブジェクト�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -4177,10 +5166,11 @@ const unsigned char* wolfSSL_X509_get_der(WOLFSSL_X509* x509, int* outSz);
 WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�X509証明書��ージョンを�得���。
     \return 0  X509構造�NULL�場��返�れ��。
     \return version  X509構造��存�れ��る�ージョン�返�れ��。
+
     _Example_
     \code
     WOLFSSL_X509* x509;
@@ -4199,11 +5189,12 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notAfter(WOLFSSL_X509*);
 int wolfSSL_X509_version(WOLFSSL_X509*);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  no_stdio_filesystem�定義�れ��る場����関数�ヒープメモリを割り当��wolfssl_x509構造を�期化���れ��インタを返���。
     \return *WOLFSSL_X509  関数�正常�実行�れ�場��WolfSSL_X509構造�インタ�返�れ��。
     \return NULL  Xftellマクロ�呼�出��負�値を返�場�。
     \param x509  wolfssl_x509�インタ���インタ。
+
     _Example_
     \code
     WOLFSSL_X509* x509a = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -4225,11 +5216,12 @@ WOLFSSL_X509*
         wolfSSL_X509_d2i_fp(WOLFSSL_X509** x509, FILE* file);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  関数�X509証明書をメモリ�ロード���。
     \return pointer  実行�れ�実行��wolfssl_x509構造���インタを返���。
     \return NULL  証明書�書�込�れ����場��返�れ��。
     \param fname  ロード�る証明書ファイル。
+
     _Example_
     \code
     #define cliCert    “certs/client-cert.pem�
@@ -4248,12 +5240,13 @@ WOLFSSL_X509*
     wolfSSL_X509_load_certificate_file(const char* fname, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��デ�イス�種類をX509構造�ら�ッファ�コピー���。
     \return pointer  X509構造�らデ�イス�種類を���る�イト�インタを返���。
     \return NULL  �ッファサイズ�NULL�場��返�れ��。
-    \param x509  wolfssl_x509_new（）�作��れ�wolfssl_x509構造���インタ。
+    \param x509  wolfssl_x509_new()�作��れ�wolfssl_x509構造���インタ。
     \param in  デ�イスタイプ（�ッファ）を���る�イトタイプ���インタ。
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALOC(sizeof(WOLFSSL_X509), NULL,
@@ -4276,12 +5269,13 @@ unsigned char*
                                         int* inOutSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl_x509構造�HWTypeメン�ーを�ッファ�コピー���。
     \return byte  ��関数��wolfssl_x509構造�HWTypeメン�ー�以�����れ��るデータ��イトタイプを返���。
     \return NULL  inoutsz�null�場��返�れ��。
     \param x509  証明書情報を�むWolfSSL_X509構造���インタ。
     \param in  �ッファを表��イトを入力�る�インタ。
+
     _Example_
     \code
     WOLFSSL_X509* x509;  // X509 certificate
@@ -4302,11 +5296,12 @@ unsigned char*
                                     int* inOutSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�X509オブジェクト�hwserialNumメン�を返���。
     \return pointer  ��関数��X509オブジェクト�らロード�れ�シリアル番�を�むIN�ッファ���イト�インタを返���。
     \param x509  証明書情報を�むWOLFSSL_X509構造���インタ。
     \param in  コピー�れる�ッファ���インタ。
+
     _Example_
     \code
     char* serial;
@@ -4331,11 +5326,12 @@ unsigned char*
                                              unsigned char* in, int* inOutSz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�クライアント��呼�出�れ�ピア�証明書�ェーンを�得�る���分�長���サー�ーを��SSL / TLS�ンドシェイクを開始���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。 wolfssl_connect_cert（）��ブロック��ブロックI / O�両方�動作���。基礎��るI / O�ノンブロッキング��る場��wolfsl_connect_cert（）��wolfssl_connect_cert_cert（）�ニーズを満��������������戻り��。�ンドシェイクを続���。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��基礎��るI / O�準備�����wolfssl�オフ�����る���を拾�����wolfssl_connect_cert（）��呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select（）を使用��必���件を確�����。基礎��る入出力�ブロック�れ��る場��wolfssl_connect_cert（）�ピア�証明書�ェーン��信�れ�ら��返�れ��。
-    \return SSL_SUCCESS  �功�る�。
+    \ingroup IO
+    \brief  ��関数�クライアント��呼�出�れ�ピア�証明書�ェーンを�得�る���分�長���サー�ーを��SSL / TLS�ンドシェイクを開始���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。 wolfssl_connect_cert()��ブロック��ブロックI / O�両方�動作���。基礎��るI / O�ノンブロッキング��る場��wolfsl_connect_cert()��wolfssl_connect_cert_cert()�ニーズを満��������������戻り��。�ンドシェイクを続���。��場��wolfSSL_get_error()��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��基礎��るI / O�準備�����wolfssl�オフ�����る���を拾�����wolfssl_connect_cert()��呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select()を使用��必���件を確�����。基礎��る入出力�ブロック�れ��る場��wolfssl_connect_cert()�ピア�証明書�ェーン��信�れ�ら��返�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return SSL_FAILURE  SSLセッションパラメータ�NULL�場��返�れ��。
-    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfssl_get_error（）を呼�出���。
+    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfSSL_get_error()を呼�出���。
+
     _Example_
     \code
     int ret = 0;
@@ -4356,11 +5352,12 @@ unsigned char*
 int  wolfSSL_connect_cert(WOLFSSL* ssl);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  WOLFSSL_D2I_PKCS12_BIO（D2I_PKCS12_BIO）��WOLFSSL_BIO�ら構造WC_PKCS12��PKCS12情報�コピー�れ��。��情報��オプション�MAC情報を���る���構造��も�コンテンツ�関�る情報�リスト���構造内�分割�れ����。構造体WC_PKCS12�情報��ャンク（���復�化�れ����）�分割�れ�後��れ���後�呼�出��よ��解��よ�復�化�れ得る。
     \return WC_PKCS12  WC_PKCS12構造���インタ。
     \return Failure  関数�失敗��場��NULLを返���。
     \param bio  PKCS12�ッファを読��る���WOLFSSL_BIO構造。
+
     _Example_
     \code
     WC_PKCS12* pkcs;
@@ -4381,11 +5378,12 @@ WC_PKCS12* wolfSSL_d2i_PKCS12_bio(WOLFSSL_BIO* bio,
                                        WC_PKCS12** pkcs12);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  WOLFSSL_I2D_PKCS12_BIO（I2D_PKCS12_BIO）��構造WC_PKCS12�らWOLFSSL_BIO��証明書情報�コピー�れ��。
     \return 1  �功����。
     \return Failure  0。
     \param bio  PKCS12�ッファを書�込む���WOLFSSL_BIO構造。
+
     _Example_
     \code
     WC_PKCS12 pkcs12;
@@ -4413,7 +5411,7 @@ WC_PKCS12* wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO* bio,
                                        WC_PKCS12* pkcs12);
 
 /*!
-    \ingroup openSSL 
+    \ingroup openSSL
     \brief  pkcs12��configureコマンド��-enable-openSSLAXTRAを追加�る���有効�����。�れ�復�化����トリプルDES�RC4を使������る���OpenSSlextra（--enable-des3 -enable-arc4）を有効��る���も�れら�機能を有効��る��を�勧����。 wolfssl��在RC2をサ�ート�����ん���RC2��復�化��在利用����ん。�れ��.p12ファイルを作��る���OpenSSLコマンドライン�使用�れるデフォルト�暗�化方���注目��も�れ��ん。 WOLFSSL_PKCS12_PARSE（PKCS12_PARSE）。��関数�最��行���る���存在�る場��Mac�正���ェック��。 MAC�失敗��場��関数�返�れ��存�れ��るコンテンツ情報���れ�を復�化�よ�����ん。��関数���ッグタイプを探���る�コンテンツ情報を介��解����。�ッグタイプ������る場���必��応��復�化�れ�構築�れ��る証明書�リスト�格��れ��る��見����キー����存�れ��。�����ッグを介��解���後�見����キー��一致�るペア�見��る��証明書リスト�比較�れ��。��一致�るペア�キー�証明書���返�れ�オプション�見����証明書リスト�stack_of証明書���返�れ��。瞬間�CRL�秘密���安全��ッグ�スキップ�れ�解��れ��ん。デ�ッグプリントアウトを見る�����れら���他�「�明��ッグ�スキップ�れ��る�������り��。フレンドリー����追加�属性��PKCS12ファイルを解��る���スキップ�れ��。
     \return SSL_SUCCESS  PKCS12�解���功����。
     \return SSL_FAILURE  エラーケース�����場�
@@ -4421,6 +5419,7 @@ WC_PKCS12* wolfSSL_i2d_PKCS12_bio(WOLFSSL_BIO* bio,
     \param paswd  PKCS12を復�化�る���パスワード。
     \param pkey  PKCS12�らデコード�れ�秘密�を���る���構造。
     \param cert  PKCS12�ら復��れ�証明書を���る構造
+
     _Example_
     \code
     WC_PKCS12* pkcs;
@@ -4441,15 +5440,16 @@ int wolfSSL_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
      WOLFSSL_EVP_PKEY** pkey, WOLFSSL_X509** cert, WOLF_STACK_OF(WOLFSSL_X509)** ca);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  サー�ーDIFFIE-HELLMANエフェメラルパラメータ設定。��関数��サー�ー�DHEを使用�る暗�スイートを�ゴシエート���る場��使用�るグループパラメータを設定���。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return MEMORY_ERROR  メモリエラー�発生��場��返�れ��。
     \return SIDE_ERROR  ��関数�SSLサー�����SSLクライアント�呼�出�れる�返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param p  Diffie-Hellman素数パラメータ。
     \param pSz  p�サイズ。
     \param g  Diffie-Hellman "Generator"パラメータ。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -4464,20 +5464,21 @@ int  wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
                                 const unsigned char* g, int gSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  関数�wolfssl_settmph_buffer_wrapperを呼�出���。�れ�Diffie-Hellmanパラメータ�ラッパー��。
     \return SSL_SUCCESS  実行��功��場�。
     \return SSL_BAD_FILETYPE  ファイル�種類�pem�����asn.1����場�WC_DHParamSLOAD�正常�戻�����場���も返�れ��。
     \return SSL_NO_PEM_HEADER  PEMヘッダー���場��PemToder�ら返���。
-    \return SSL_BAD_FILE  PemToder�ファイルエラー��る場��返�れ��。
+    \return SSL_BAD_FILE  PemToder�ファイルエラー��る場��返�れ��。
     \return SSL_FATAL_ERROR  コピーエラー�発生��場��PemToder�ら返�れ���。
     \return MEMORY_E   - メモリ割り当�エラー�発生��場�
     \return BAD_FUNC_ARG  wolfssl構造体�null�場����������場��サブルー�ン�渡�れ�場��返�れ��。
-    \return DH_KEY_SIZE_E  wolfssl_settmph（）���wolfssl_ctx_settmph（）�キーサイズエラー��る場��返�れ��。
-    \return SIDE_ERROR  wolfssl_settmph�サー�ー�����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return DH_KEY_SIZE_E  wolfssl_settmph()���WOLFSSL_CTX_settmph()��サイズエラー��る場��返�れ��。
+    \return SIDE_ERROR  wolfssl_settmph�サー�ー�����場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param buf  wolfssl_settmph_file_wrapper�ら渡�れ�割り当��ッファー。
     \param sz  ファイル�サイズ（wolfssl_settmph_file_wrapper内�fname）を���るロングint。
+
     _Example_
     \code
     Static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
@@ -4499,17 +5500,18 @@ int  wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* b, long sz,
                                        int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl_settmph_file_wrapperを呼�出��サー�diffie-hellmanパラメータを設定���。
     \return SSL_SUCCESS  ��機能�正常�完了���サブルー�ン�完了�戻り���。
     \return MEMORY_E  ��関数���サブルー�ン�メモリ割り当��失敗��場��返�れ��。
     \return SIDE_ERROR  WolfSSL構造体��るオプション構造�サイドメン�ー�サー�ー�����場�。
     \return SSL_BAD_FILETYPE  証明書�一連��ェック�失敗��場��返���。
-    \return DH_KEY_SIZE_E  DHパラメーター�キーサイズ�WolfSSL構造体�MinkKeyszメン�ー�値より���場��返�れ��。
-    \return DH_KEY_SIZE_E  DHパラメータ�キーサイズ�wolfssl構造体�MAXDHKEYSZメン�ー�値よりも大��場��返�れ��。
+    \return DH_KEY_SIZE_E  DHパラメーター��サイズ�WolfSSL構造体�MinkKeyszメン�ー�値より���場��返�れ��。
+    \return DH_KEY_SIZE_E  DHパラメータ��サイズ�wolfssl構造体�MAXDHKEYSZメン�ー�値よりも大��場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl構造���引数値�null�場��返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param fname  証明書を�����る定数�文字�インタ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4529,19 +5531,21 @@ int  wolfSSL_SetTmpDH_buffer(WOLFSSL* ssl, const unsigned char* b, long sz,
 int  wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* f, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  サー�ーCTX Diffie-Hellman�パラメータを設定���。
     \return SSL_SUCCESS  関数�����サブルー�ン�エラー���戻��場��返�れ��。
     \return BAD_FUNC_ARG  CTX�P����Gパラメーター�NULL�場��返�れ��。
-    \return DH_KEY_SIZE_E  DHパラメータ�キーサイズ�wolfssl_ctx構造体�MindHKEYSZメン�ー�値より���場��返�れ��。
-    \return DH_KEY_SIZE_E  DHパラメータ�キーサイズ�wolfssl_ctx構造体�MaxDhkeySZメン�ー�値よりも大��場��返�れ��。
-    \return MEMORY_E  ��関数���サブルー�ン�メモリ�割り当��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \return DH_KEY_SIZE_E  DHパラメータ��サイズ�WOLFSSL_CTX構造体�MindHKEYSZメン�ー�値より���場��返�れ��。
+    \return DH_KEY_SIZE_E  DHパラメータ��サイズ�WOLFSSL_CTX構造体�MaxDhkeySZメン�ー�値よりも大��場��返�れ��。
+    \return MEMORY_E  ��関数���サブルー�ン�メモリ�割り当��失敗��場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \param p  ServerDH_P構造体��ッファメン�ー�ロード�れ�定数�符���文字�インタ。
     \param pSz  p�サイズを表�int型��max_dh_size��期化�れ��。
     \param g  ServerDh_g構造体��ッファメン�ー�ロード�れ�定数�符���文字�インタ。
+
+    _Example_
     \code
-    WOLFSSL_CTX* ctx =  WOLFSSL_CTX_new( protocol );
+    WOLFSSL_CTX* ctx =  wolfSSL_CTX_new( protocol );
     byte* p;
     byte* g;
     word32 pSz = (word32)sizeof(p)/sizeof(byte);
@@ -4560,15 +5564,16 @@ int  wolfSSL_CTX_SetTmpDH(WOLFSSL_CTX* ctx, const unsigned char* p,
                                     int pSz, const unsigned char* g, int gSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  wolfssl_settmph_buffer_wrapperを呼�出�ラッパー関数
     \return 0  実行��功�る���返�れ���。
     \return BAD_FUNC_ARG  CTXパラメータ���BUFパラメータ�NULL�場��返�れ��。
     \return MEMORY_E  メモリ割り当�エラー��る場�
-    \return SSL_BAD_FILETYPE  フォーマット�正����場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return SSL_BAD_FILETYPE  フォーマット�正����場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WolfSSL構造���インタ。
     \param buf  �ッファ���割り当�られ�wolfssl_settmpdh_buffer_wrapper�渡�れ�定数�符���文字型���インタ。
-    \param sz  wolfssl_settmph_file_wrapper（）�FNAMEパラメータ�ら派生��長�整数型。
+    \param sz  wolfssl_settmph_file_wrapper()�FNAMEパラメータ�ら派生��長�整数型。
+
     _Example_
     \code
     static int wolfSSL_SetTmpDH_file_wrapper(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
@@ -4594,20 +5599,21 @@ int  wolfSSL_CTX_SetTmpDH_buffer(WOLFSSL_CTX* ctx, const unsigned char* b,
                                            long sz, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��wolfssl_settmph_file_wrapperを呼�出��サー�ーDiffie-Hellmanパラメータを設定���。
     \return SSL_SUCCESS  wolfssl_settmph_file_wrapper�����サブルー�ン���れ��正常�戻��場��返�れ��。
     \return MEMORY_E  動的メモリ�割り当��サブルー�ン�失敗��場��返�れ��。
     \return BAD_FUNC_ARG  CTX���FNAMEパラメータ�NULL���サブルー�ン�NULL引数�渡�れ�場��返�れ��。
     \return SSL_BAD_FILE  証明書ファイル�開��������場�����ファイル�一連��ェック�wolfssl_settmpdh_file_wrapper�ら失敗��場��返�れ��。
-    \return SSL_BAD_FILETYPE  フォーマット�wolfssl_settmph_buffer_wrapper（）�らPEM���ASN.1����場��返�れ��。
-    \return DH_KEY_SIZE_E  DHパラメータ�キーサイズ�wolfssl_ctx構造体�MindHKEYSZメン�ー�値より���場��返�れ��。
-    \return DH_KEY_SIZE_E  DHパラメータ�キーサイズ�wolfssl_ctx構造体�MaxDhkeySZメン�ー�値よりも大��場��返�れ��。
-    \return SIDE_ERROR  wolfssl_settmph（）�返�れ�サイド�サー�ー終了����場�。
+    \return SSL_BAD_FILETYPE  フォーマット�wolfssl_settmph_buffer_wrapper()�らPEM���ASN.1����場��返�れ��。
+    \return DH_KEY_SIZE_E  DHパラメータ��サイズ�WOLFSSL_CTX構造体�MindHKEYSZメン�ー�値より���場��返�れ��。
+    \return DH_KEY_SIZE_E  DHパラメータ��サイズ�WOLFSSL_CTX構造体�MaxDhkeySZメン�ー�値よりも大��場��返�れ��。
+    \return SIDE_ERROR  wolfssl_settmph()�返�れ�サイド�サー�ー終了����場�。
     \return SSL_NO_PEM_HEADER  PEMヘッダー���場��PemToder�ら返�れ��。
     \return SSL_FATAL_ERROR  メモリコピー�失敗��る場��PemToder�ら返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \param fname  証明書ファイル��定数文字�インタ。
+
     _Example_
     \code
     #define dhParam     “certs/dh2048.pem�
@@ -4632,11 +5638,12 @@ int  wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* f,
                                              int format);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_ctx構造体�minkkeyszメン�ー�アクセス���Diffie Hellmanキーサイズ�最�サイズ（ビット��）を設定���。
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_CTX構造体�minkkeyszメン�ー�アクセス���Diffie Hellman�サイズ�最�サイズ（ビット��）を設定���。
     \return SSL_SUCCESS  関数�正常�完了��場��返�れ��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�null�場�����キーz_BITS�16,000を超�る�����8�よ��割り切れ��場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�null�場�����キーz_BITS�16,000を超�る�����8�よ��割り切れ��場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     public static int CTX_SetMinDhKey_Sz(IntPtr ctx, short minDhKey){
@@ -4652,11 +5659,12 @@ int  wolfSSL_CTX_SetTmpDH_file(WOLFSSL_CTX* ctx, const char* f,
 int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX* ctx, word16);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  WolfSSL構造�Diffie-Hellmanキー�最�サイズ（ビット��）を設定���。
+    \ingroup CertsKeys
+    \brief  WolfSSL構造�Diffie-Hellman��最�サイズ（ビット��）を設定���。
     \return SSL_SUCCESS  最�サイズ�正常�設定�れ���。
     \return BAD_FUNC_ARG  wolfssl構造�NULL����Keysz_BITS�16,000を超�る�����8�よ��割り切れ��場�
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfssl_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4672,11 +5680,12 @@ int wolfSSL_CTX_SetMinDhKey_Sz(WOLFSSL_CTX* ctx, word16);
 int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��wolfssl_ctx構造体�maxdhkeyszメン�ー�アクセス���Diffie Hellmanキーサイズ�最大サイズ（ビット��）を設定���。
+    \ingroup CertsKeys
+    \brief  ��関数��WOLFSSL_CTX構造体�maxdhkeyszメン�ー�アクセス���Diffie Hellman�サイズ�最大サイズ（ビット��）を設定���。
     \return SSL_SUCCESS  関数�正常�完了��場��返�れ��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�null�場�����キーz_BITS�16,000を超�る�����8�よ��割り切れ��場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�null�場�����キーz_BITS�16,000を超�る�����8�よ��割り切れ��場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     public static int CTX_SetMaxDhKey_Sz(IntPtr ctx, short maxDhKey){
@@ -4692,11 +5701,12 @@ int wolfSSL_SetMinDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
 int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz_bits);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  WolfSSL構造�Diffie-Hellmanキー�最大サイズ（ビット��）を設定���。
+    \ingroup CertsKeys
+    \brief  WolfSSL構造�Diffie-Hellman��最大サイズ（ビット��）を設定���。
     \return SSL_SUCCESS  最大サイズ�正常�設定�れ���。
     \return BAD_FUNC_ARG  WOLFSSL構造�NULL���KEYSZパラメータ�許容サイズより大���������8�よ��割り切れ��ん���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4712,10 +5722,11 @@ int wolfSSL_CTX_SetMaxDhKey_Sz(WOLFSSL_CTX* ctx, word16 keySz_bits);
 int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  オプション構造�メン�ー��るDHKEYSZ（ビット内）�値を返���。��値��Diffie-Hellmanキーサイズを�イト���表���。
+    \ingroup CertsKeys
+    \brief  オプション構造�メン�ー��るDHKEYSZ（ビット内）�値を返���。��値��Diffie-Hellman�サイズを�イト���表���。
     \return dhKeySz  サイズを表�整数値��るssl-> options.dhkeysz����れ��る値を返���。
     \return BAD_FUNC_ARG  wolfssl構造体�NULL�場��返���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -4739,11 +5750,12 @@ int wolfSSL_SetMaxDhKey_Sz(WOLFSSL* ssl, word16 keySz_bits);
 int wolfSSL_GetDhKey_Sz(WOLFSSL*);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  wolfssl_ctx構造体�wolfssl_cert_manager構造�両方�最�RSAキーサイズを設定���。
+    \ingroup CertsKeys
+    \brief  WOLFSSL_CTX構造体�wolfssl_cert_manager構造�両方�最�RSA�サイズを設定���。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。
-    \return BAD_FUNC_ARG  CTX構造�NULL�場�����KEYSZ�ゼロより��������8�よ��割り切れ��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \return BAD_FUNC_ARG  CTX構造�NULL�場�����KEYSZ�ゼロより��������8�よ��割り切れ��場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = SSL_CTX_new(method);
@@ -4760,11 +5772,12 @@ int wolfSSL_GetDhKey_Sz(WOLFSSL*);
 int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX* ctx, short keySz);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  WolfSSL構造��るRSA����ビット�最�許容キーサイズを設定���。
+    \ingroup CertsKeys
+    \brief  WolfSSL構造��るRSA����ビット�最�許容�サイズを設定���。
     \return SSL_SUCCESS  最�値�正常�設定�れ���。
-    \return BAD_FUNC_ARG  SSL構造�NULL�場�����KSYSZ�ゼロより���場�����8�よ��割り切れ��場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  SSL構造�NULL�場�����KSYSZ�ゼロより���場�����8�よ��割り切れ��場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -4781,11 +5794,12 @@ int wolfSSL_CTX_SetMinRsaKey_Sz(WOLFSSL_CTX* ctx, short keySz);
 int wolfSSL_SetMinRsaKey_Sz(WOLFSSL* ssl, short keySz);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  wolf_ctx構造体�wolfssl_cert_manager構造体�ECCキー�最�サイズをビット���設定���。
+    \ingroup CertsKeys
+    \brief  wolf_ctx構造体�wolfssl_cert_manager構造体�ECC��最�サイズをビット���設定���。
     \return SSL_SUCCESS  実行��功�����返�れ�MineCkeyszメン�ー�設定�れ��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�null�場�����キー�負�場�����8�よ��割り切れ��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�null�場�������負�場�����8�よ��割り切れ��場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -4800,11 +5814,12 @@ int wolfSSL_SetMinRsaKey_Sz(WOLFSSL* ssl, short keySz);
 int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ssl, short keySz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  オプション構造�MineCckeyszメン�ー�値を設定���。オプション構造体��WolfSSL構造�メン�ー��り�SSLパラメータを介��アクセス�れ��。
     \return SSL_SUCCESS  関数�オプション構造�MineCckeyszメン�ーを正常�設定��場�。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�null�場�����キーサイズ（keysz）�0（ゼロ）未満�場�����8�割り切れ��場�。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�null�場������サイズ（keysz）�0（ゼロ）未満�場�����8�割り切れ��場�。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx); // New session
@@ -4821,13 +5836,14 @@ int wolfSSL_CTX_SetMinEccKey_Sz(WOLFSSL_CTX* ssl, short keySz);
 int wolfSSL_SetMinEccKey_Sz(WOLFSSL* ssl, short keySz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��eap_tls�eap-ttls�よ���マスターシークレット�らキーイングマテリアルを導出���。
-    \return BUFFER_E  �ッファ�実際�サイズ�許容最大サイズを超�る場��返�れ��。
-    \return MEMORY_E  メモリ割り当��エラー��る場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BUFFER_E  �ッファ�実際�サイズ�許容最大サイズを超�る場��返�れ��。
+    \return MEMORY_E  メモリ割り当��エラー��る場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param msk  p_hash関数��果を���るvoid�インタ変数。
     \param len  MSK変数�長�を表�符���整数。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);;
@@ -4845,14 +5861,15 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* key, unsigned int len,
                                                              const char* label);
 
 /*!
-    \ingroup IO 
-    \brief  Writev Semanticsをシミュレート�����SSL_Write（）�動作����実際��ブロック������フロント追加�����る�能性��る��Writevを使�や��ソフトウェア�移��る。
+    \ingroup IO
+    \brief  Writev Semanticsをシミュレート�����SSL_Write()�動作����実際��ブロック������フロント追加�����る�能性��る��Writevを使�や��ソフトウェア�移��る。
     \return >0  �功時�書�れ��イト数。
-    \return 0  失敗�����返�れ��。特定�エラーコード����wolfssl_get_error（）を呼�出���。
+    \return 0  失敗�����返�れ��。特定�エラーコード����wolfSSL_get_error()を呼�出���。
     \return MEMORY_ERROR  メモリエラー�発生��場��返�れ��。
-    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_WRITE（）を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfssl_get_error（）を使用������。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \return SSL_FATAL_ERROR  エラー�発生���������ブロッキングソケットを使用�る�����SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITEエラー��信�れ��度WOLFSSL_WRITE()を呼�出�必���る場���障害�発生���。特定�エラーコードを�得�る���wolfSSL_get_error()を使用������。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param iov  書�込���I / Oベクトル��列
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -4876,15 +5893,16 @@ int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
                                      int iovcnt);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�CA署�者リストをアンロード��署�者全体�テーブルを解放���。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�null�場�����他�方法��未解決�引数値�サブルー�ン�渡�れ�場��返�れ��。
-    \return BAD_MUTEX_E  ミューテックスエラー�発生��場��返�れ��。lockmutex（）�0を返���ん���。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�null�場�����他�方法��未解決�引数値�サブルー�ン�渡�れ�場��返�れ��。
+    \return BAD_MUTEX_E  ミューテックスエラー�発生��場��返�れ��。lockmutex()�0を返���ん���。
+
     _Example_
     \code
     WOLFSSL_METHOD method = wolfTLSv1_2_client_method();
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(method);
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(method);
     …
     if(!wolfSSL_CTX_UnloadCAs(ctx)){
     	// The function did not unload CAs
@@ -4898,12 +5916,13 @@ int wolfSSL_writev(WOLFSSL* ssl, const struct iovec* iov,
 int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��以��ロード�れ�����信頼��るピア証明書をアンロード�る���使用�れ��。マクロwolfssl_trust_peer_certを定義�る���機能�有効�������。
-    \return SSL_SUCCESS  �功�る�。
-    \return BAD_FUNC_ARG  CTX�NULL�場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return BAD_FUNC_ARG  CTX�NULL�場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -4921,17 +5940,18 @@ int wolfSSL_CTX_UnloadCAs(WOLFSSL_CTX*);
 int wolfSSL_CTX_Unload_trust_peers(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��TLS / SSL�ンドシェイクを実行�る���ピアを検証�る���使用�る証明書をロード���。�ンドシェイク中��信�れ�ピア証明書��使用�能����スキッドを使用�る���よ��比較�れ��。�れら2�����一致���場���ロード�れ�CAS�使用�れ��。ファイル�代�り��ッファー�場���wolfssl_ctx_trust_peer_cert���機能��。特徴�マクロwolfssl_trust_peer_certを定義�る���よ��有効��������切�使用法�例を�照������。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_FAILURE  CTX�NULL�場�����両方�ファイル�種類�無効�場��返�れ��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_FAILURE  CTX�NULL�場�����両方�ファイル�種類�無効�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param buffer  証明書を�む�ッファ���インタ。
     \param sz  �ッファ入力�長�。
+
     _Example_
     \code
     int ret = 0;
@@ -4959,17 +5979,19 @@ int wolfSSL_CTX_trust_peer_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
                                   long sz, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�CA証明書�ッファをWolfSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。フォーマット�PEM内��る�り��ッファ��り複数�CA証明書をロード�る�������。�切�使用法�例を�覧����。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  CA証明書�ッファ���インタ。
     \param sz  入力CA証明書�ッファ�サイズ�IN。
+
+
     _Example_
     \code
     int ret = 0;
@@ -4997,19 +6019,20 @@ int wolfSSL_CTX_load_verify_buffer(WOLFSSL_CTX* ctx, const unsigned char* in,
 
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�CA証明書�ッファをWolfSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。フォーマット�PEM内��る�り��ッファ��り複数�CA証明書をロード�る�������。_EX�ージョン�PR 2413�追加�れ�UserChain�Flags�追加�引数をサ�ート���。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  CA証明書�ッファ���インタ。
     \param sz  入力CA証明書�ッファ�サイズ�IN。
     \param format  �ッファ証明書�形��SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。
     \param userChain  フォーマットwolfssl_filetype_asn1を使用�る場����セット�ゼロ以外�セットを示�����.Der��ェーン�表示�れ����。
+
     _Example_
     \code
     int ret = 0;
@@ -5040,17 +6063,18 @@ int wolfSSL_CTX_load_verify_buffer_ex(WOLFSSL_CTX* ctx,
                                       int format, int userChain, word32 flags);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��CA証明書�ェーン�ッファをWolfSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。フォーマット�PEM内��る�り��ッファ��り複数�CA証明書をロード�る�������。�切�使用法�例を�覧����。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  CA証明書�ッファ���インタ。
     \param sz  入力CA証明書�ッファ�サイズ�IN。
+
     _Example_
     \code
     int ret = 0;
@@ -5079,16 +6103,17 @@ int wolfSSL_CTX_load_verify_chain_buffer_format(WOLFSSL_CTX* ctx,
                                                long sz, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�証明書�ッファをWolfSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。�切�使用法�例を�覧����。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  ロード�る証明書を�む入力�ッファ。
     \param sz  入力�ッファ�サイズ。
+
     _Example_
     \code
     int ret = 0;
@@ -5114,17 +6139,18 @@ int wolfSSL_CTX_use_certificate_buffer(WOLFSSL_CTX* ctx,
                                        int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��秘密��ッファをSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1OR SSL_FILETYPE_PEM。�切�使用法�例を�覧����。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \return NO_PASSWORD  キーファイル�暗�化�れ��る�パスワード��供�れ����場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \return NO_PASSWORD  �ファイル�暗�化�れ��る�パスワード��供�れ����場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  ロード�る秘密�を�む入力�ッファ。
     \param sz  入力�ッファ�サイズ。
+
     _Example_
     \code
     int ret = 0;
@@ -5150,16 +6176,17 @@ int wolfSSL_CTX_use_PrivateKey_buffer(WOLFSSL_CTX* ctx,
                                       int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��証明書�ェーン�ッファをWolfSSLコンテキスト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。�ッファ�PEM形���ルート証明書�終�る対象�証明書�ら始������。�切�使用法�例を�覧����。
     \return SSL_SUCCESS  �功�る�
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param in  ロード�れるPEM形��証明書�ェーンを�む入力�ッファ。
+
     _Example_
     \code
     int ret = 0;
@@ -5184,16 +6211,17 @@ int wolfSSL_CTX_use_certificate_chain_buffer(WOLFSSL_CTX* ctx,
                                              const unsigned char* in, long sz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��証明書�ッファをWolfSSLオブジェクト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。�切�使用法�例を�覧����。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLセッション���インタ。
     \param in  ロード�る証明書を�む�ッファ。
     \param sz  �ッファ��る証明書�サイズ。
+
     _Example_
     \code
     int buffSz;
@@ -5218,17 +6246,18 @@ int wolfSSL_use_certificate_buffer(WOLFSSL* ssl, const unsigned char* in,
                                                long sz, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��秘密��ッファをWolfSSLオブジェクト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。形��ッファ�フォーマットタイプを指定���。SSL_FILETYPE_ASN1���SSL_FILETYPE_PEM。�切�使用法�例を�覧����。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
-    \return NO_PASSWORD  キーファイル�暗�化�れ��る�パスワード��供�れ����場��返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \return NO_PASSWORD  �ファイル�暗�化�れ��る�パスワード��供�れ����場��返�れ��。
+    \param ssl  wolfssl_new()�作��れ�SSLセッション���インタ。
     \param in  ロード�る秘密�を�む�ッファ。
     \param sz  �ッファ��る秘密��サイズ。
+
     _Example_
     \code
     int buffSz;
@@ -5253,16 +6282,17 @@ int wolfSSL_use_PrivateKey_buffer(WOLFSSL* ssl, const unsigned char* in,
                                                long sz, int format);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��証明書�ェーン�ッファをWolfSSLオブジェクト�ロード���。�ッファ以外��ージョン�よ��動作��ファイル�代�り�入力����ッファ�呼�れる機能�異�る����。�ッファ�サイズSZ�引数�よ���供�れ��。�ッファ�PEM形���ルート証明書�終�る対象�証明書�ら始������。�切�使用法�例を�覧����。
-    \return SSL_SUCCES  �功�る�。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_SUCCES  �功時�返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BUFFER_E  �ェーン�ッファ��信�ッファよりも大��場��返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLセッション���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param in  ロード�る証明書を�む�ッファ。
+
     _Example_
     \code
     int buffSz;
@@ -5286,10 +6316,11 @@ int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
                                          const unsigned char* in, long sz);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  ��関数��SSL�所有�る証明書���キーをアンロード���。
+    \ingroup CertsKeys
+    \brief  ��関数��SSL�所有�る証明書����をアンロード���。
     \return SSL_SUCCESS   - 関数�正常�実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG   -  wolfsslオブジェクト�null�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -5304,10 +6335,11 @@ int wolfSSL_use_certificate_chain_buffer(WOLFSSL* ssl,
 int wolfSSL_UnloadCertsKeys(WOLFSSL*);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��機能���能��り�ンドシェイクメッセージ�グループ化をオン����。
     \return SSL_SUCCESS  �功�戻り��。
     \return BAD_FUNC_ARG  入力コンテキスト�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -5323,10 +6355,12 @@ int wolfSSL_UnloadCertsKeys(WOLFSSL*);
 int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��機能���能��り�ンドシェイクメッセージ�グループ化をオン����。
     \return SSL_SUCCESS  �功�戻り��。
     \return BAD_FUNC_ARG  入力コンテキスト�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL* ssl = 0;
@@ -5342,10 +6376,12 @@ int wolfSSL_CTX_set_group_messages(WOLFSSL_CTX*);
 int wolfSSL_set_group_messages(WOLFSSL*);
 
 /*!
-    \brief  
+    \brief
     \return none  ���返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param cbf  フォーム�関数�インタ��るCallBackFozzerタイプ：int（* callbackfuzzer）（wolfssl * ssl�consigned char * buf�int sz�int型�void * fuzzctx）;
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5364,13 +6400,14 @@ int wolfSSL_set_group_messages(WOLFSSL*);
 void wolfSSL_SetFuzzerCb(WOLFSSL* ssl, CallbackFuzzer cbf, void* fCtx);
 
 /*!
-    \brief  
+    \brief
     \return 0  関数�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  許容����値�関数�渡�れ�引数����場��返�れ��。
     \return COOKIE_SECRET_SZ  秘密サイズ�0�場��返�れ��。
     \return MEMORY_ERROR  新��Cookie Secret�メモリを割り当�る�題��る場��返�れ���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
     \param secret  秘密�ッファを表�定数�イト�インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5392,9 +6429,9 @@ int   wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                                                unsigned int secretSz);
 
 /*!
-    \brief  
-    \return rng  �功�る�。
-    \return NULL  SSL�NULL�場�
+    \brief
+    \return rng  �功時�返�れ��。
+    \return NULL  ssl�NULL�場�
     _Example_
     \code
     WOLFSSL* ssl;
@@ -5407,14 +6444,15 @@ int   wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
 WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��許��れ��る最��ダウングレード�ージョンを設定���。接続�（wolfsslv23_client_method���wolfsslv23_server_method）を使用���接続�ダウングレード��る場�����用�れ��。
     \return SSL_SUCCESS  エラー���返�れ�関数�最��ージョン�設定�れ��る場��返�れ��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造�NULL�場�����最��ージョン�サ�ート�れ����場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造�NULL�場�����最��ージョン�サ�ート�れ����場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
     WOLFSSL* ssl = WOLFSSL_new(ctx);
     int version; // macrop representation
     …
@@ -5427,14 +6465,15 @@ WC_RNG* wolfSSL_GetRNG(WOLFSSL* ssl);
 int wolfSSL_CTX_SetMinVersion(WOLFSSL_CTX* ctx, int version);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  ��関数��許��れ��る最��ダウングレード�ージョンを設定���。接続�（wolfsslv23_client_method���wolfsslv23_server_method）を使用���接続�ダウングレード��る場�����用�れ��。
     \return SSL_SUCCESS  ��関数���サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  SSLオブジェクト�NULL�場��返�れ��。サブルー�ン���良��ージョン�一致���場����エラー�スロー�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(protocol method);
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(protocol method);
     WOLFSSL* ssl = WOLFSSL_new(ctx);
     int version;  macro representation
     …
@@ -5449,6 +6488,7 @@ int wolfSSL_SetMinVersion(WOLFSSL* ssl, int version);
 /*!
     \brief  ビルドオプション�設定��存���。WolfSSLを構築�る���show_sizes�定義�れ��る場����関数�WolfSSLオブジェクト（スイート�暗���）内�個々�オブジェクト�サイズもstdout��刷�れ��。
     \return size  ��関数��WolfSSLオブジェクト�サイズを返���。
+
     _Example_
     \code
     int size = 0;
@@ -5461,9 +6501,10 @@ int wolfSSL_GetObjectSize(void);  /* object size based on build */
 /*!
     \brief  アプリケーション�トランス�ートレイヤ間�何�イトを�信���場���指定�れ�平文�入力サイズを指定������。SSL / TLS�ンドシェイク�完了��後�呼�出�必���り��。
     \return size  �功�る���求�れ�サイズ�返�れ��
-    \return INPUT_SIZE_E  入力サイズ�最大TLSフラグメントサイズより大��場��返�れ��（WOLFSSL_GETMAXOUTPUTSIZE（））。
+    \return INPUT_SIZE_E  入力サイズ�最大TLSフラグメントサイズより大��場��返�れ��（WOLFSSL_GETMAXOUTPUTSIZE()）。
     \return BAD_FUNC_ARG  無効�関数引数�戻り����SSL / TLS�ンドシェイク���完了�����場�
-    \param ssl  wolfssl_new（）を使用��作��れ�wolfsslオブジェクト���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5473,9 +6514,10 @@ int wolfSSL_GetObjectSize(void);  /* object size based on build */
 int wolfSSL_GetOutputSize(WOLFSSL* ssl, int inSz);
 
 /*!
-    \brief  プロトコル�格�指定�れ��る最大SSL / TLSレコードサイズ���れ��対応���。��関数��アプリケーション�wolfssl_getOutputSize（）�呼�れ�input_size_eエラーを�信�����役立���。SSL / TLS�ンドシェイク�完了��後�呼�出�必���り��。
+    \brief  プロトコル�格�指定�れ��る最大SSL / TLSレコードサイズ���れ��対応���。��関数��アプリケーション�wolfssl_getOutputSize()�呼�れ�input_size_eエラーを�信�����役立���。SSL / TLS�ンドシェイク�完了��後�呼�出�必���り��。
     \return size  �功�る��最大出力サイズ�返�れ��
     \return BAD_FUNC_ARG  無効�関数引数����返�れる��SSL / TLS�ンドシェイク���完了�����場�。
+
     _Example_
     \code
     none
@@ -5485,11 +6527,12 @@ int wolfSSL_GetOutputSize(WOLFSSL* ssl, int inSz);
 int wolfSSL_GetMaxOutputSize(WOLFSSL*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数���ージョン�指定�れ��ージョンを使用���指定�れ�SSLセッション（WolfSSLオブジェクト）�SSL / TLSプロトコル�ージョンを設定���。�れ�より�SSLセッション（SSL）�プロトコル設定�最��定義�れ�SSLコンテキスト（WolfSSL_CTX_NEW（））メソッド�種類�よ��上書��れ��。
-    \return SSL_SUCCESS  �功�る�。
+    \ingroup Setup
+    \brief  ��関数���ージョン�指定�れ��ージョンを使用���指定�れ�SSLセッション（WolfSSLオブジェクト）�SSL/TLSプロトコル�ージョンを設定���。�れ�より�SSLセッション（SSL）�プロトコル設定�最��定義�れ�SSLコンテキスト（wolfSSL_CTX_new()）メソッド�種類�よ��上書��れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  入力SSLオブジェクト�NULL���誤��プロトコル�ージョン��ージョン�指定�れ��る場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -5506,8 +6549,9 @@ int wolfSSL_GetMaxOutputSize(WOLFSSL*);
 int wolfSSL_SetVersion(WOLFSSL* ssl, int version);
 
 /*!
-    \brief  MAC /暗�化コール�ック。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。MacOut��MAC��果を�存�る必���る出力�ッファ��。Macin�Mac入力�ッファー�Macinsz�サイズを注������。MacContent�Macverify��Wolfssl_SettlShmacinner（）�必���り�����通����。Encout��暗�化��果を格��る必���る出力�ッファ��。ENCIN�ENCSZ�入力�サイズ��る間�暗�化�る入力�ッファ��。コール�ック�例��wolfssl / test.h mymacencryptcb（）を見��る�������。
+    \brief  MAC /暗�化コール�ック。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。MacOut��MAC��果を�存�る必���る出力�ッファ��。Macin�Mac入力�ッファー�Macinsz�サイズを注������。MacContent�Macverify��Wolfssl_SettlShmacinner()�必���り�����通����。Encout��暗�化��果を格��る必���る出力�ッファ��。ENCIN�ENCSZ�入力�サイズ��る間�暗�化�る入力�ッファ��。コール�ック�例��wolfssl / test.h mymacencryptcb()を見��る�������。
     \return none  返���。
+
     _Example_
     \code
     none
@@ -5520,6 +6564,8 @@ void  wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypti cb);
 /*!
     \brief  CTX��コール�ックコンテキスト。
     \return none  返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5530,9 +6576,11 @@ void  wolfSSL_CTX_SetMacEncryptCb(WOLFSSL_CTX* ctx, CallbackMacEncrypti cb);
 void  wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  Mac / Encryptコール�ックコンテキスト��wolfssl_setmacencryptx（）��存�れ�����。
+    \brief  Mac / Encryptコール�ックコンテキスト��wolfssl_setmacencryptx()��存�れ�����。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5543,8 +6591,9 @@ void  wolfSSL_SetMacEncryptCtx(WOLFSSL* ssl, void *ctx);
 void* wolfSSL_GetMacEncryptCtx(WOLFSSL* ssl);
 
 /*!
-    \brief  コール�ックを復�化/確����。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。DECOUT��復�化��果を格��る出力�ッファ��。DECIN�暗�化�れ�入力�ッファー�Decinsz�サイズを注������。コンテンツ�検証��WolfSSL_SettlShmacinner（）�必���り�����通����。PADSZ��パディング��計値�設定�る出力変数��。��り�MACサイズ�パディング�イト�パッド�イトを加�����。コール�ック�例��wolfssl / test.h mydecryptverifycb（）を見��る�������。
+    \brief  コール�ックを復�化/確����。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。DECOUT��復�化��果を格��る出力�ッファ��。DECIN�暗�化�れ�入力�ッファー�Decinsz�サイズを注������。コンテンツ�検証��WolfSSL_SettlShmacinner()�必���り�����通����。PADSZ��パディング��計値�設定�る出力変数��。��り�MACサイズ�パディング�イト�パッド�イトを加�����。コール�ック�例��wolfssl / test.h mydecryptverifycb()を見��る�������。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -5558,6 +6607,8 @@ void  wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx,
 /*!
     \brief  コール�ックコンテキストをCTX�復�化/検証���。
     \return none  ���返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5568,9 +6619,10 @@ void  wolfSSL_CTX_SetDecryptVerifyCb(WOLFSSL_CTX* ctx,
 void  wolfSSL_SetDecryptVerifyCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  wolfssl_setdecryptverifyctx（）�以���存�れ��るコール�ックコンテキストを復�化/検証���。
+    \brief  wolfssl_setdecryptverifyctx()�以���存�れ��るコール�ックコンテキストを復�化/検証���。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+
     _Example_
     \code
     none
@@ -5582,9 +6634,10 @@ void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
 
 /*!
     \brief  VERIFYパラメーター���れ�ピア・メッセージ�検証����も���る����を指定���。
-    \return pointer  正常�コール�秘密�有効��インタを返���。秘密�サイズ��Wolfssl_gethmacsize（）�ら入手����。
+    \return pointer  正常�コール�秘密�有効��インタを返���。秘密�サイズ��Wolfssl_gethmacsize()�ら入手����。
     \return NULL  エラー状態�戻り��。
-    \param ssl  wolfssl_new（）を使用��作��れ�wolfsslオブジェクト���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5594,9 +6647,11 @@ void* wolfSSL_GetDecryptVerifyCtx(WOLFSSL* ssl);
 const unsigned char* wolfSSL_GetMacSecret(WOLFSSL* ssl, int verify);
 
 /*!
-    \brief  
-    \return pointer  正常�コール�キー��有効��インタを返���。キー�サイズ��wolfssl_getkeysize（）�ら�得����。
+    \brief
+    \return pointer  正常�コール�キー��有効��インタを返���。��サイズ��wolfssl_getkeysize()�ら�得����。
     \return NULL  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5608,8 +6663,10 @@ const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
 
 /*!
     \brief  �ンドシェイクプロセス�ら。
-    \return pointer  正常�コール�IV��有効��インタを返���。IV�サイズ��wolfssl_getCipherBlockSize（）�ら�得����。
+    \return pointer  正常�コール�IV��有効��インタを返���。IV�サイズ��wolfssl_getCipherBlockSize()�ら�得����。
     \return NULL  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5620,9 +6677,11 @@ const unsigned char* wolfSSL_GetClientWriteKey(WOLFSSL*);
 const unsigned char* wolfSSL_GetClientWriteIV(WOLFSSL*);
 
 /*!
-    \brief  
-    \return pointer  正常�コール�キー��有効��インタを返���。キー�サイズ��wolfssl_getkeysize（）�ら�得����。
+    \brief
+    \return pointer  正常�コール����有効��インタを返���。��サイズ��wolfssl_getkeysize()�ら�得����。
     \return NULL  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5634,17 +6693,21 @@ const unsigned char* wolfSSL_GetServerWriteKey(WOLFSSL*);
 
 /*!
     \brief  �ンドシェイクプロセス�ら。
-    \return pointer  正常�コール�IV��有効��インタを返���。IV�サイズ��wolfssl_getCipherBlockSize（）�ら�得����。
+    \return pointer  正常�コール�IV��有効��インタを返���。IV�サイズ��wolfssl_getCipherBlockSize()�ら�得����。
     \return NULL  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     \sa wolfSSL_GetCipherBlockSize
     \sa wolfSSL_GetClientWriteKey
 */
 const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
 
 /*!
-    \brief  
-    \return size  正常�コール�キーサイズを�イト���返���。
+    \brief
+    \return size  正常�コール��サイズを�イト���返���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5655,10 +6718,12 @@ const unsigned char* wolfSSL_GetServerWriteIV(WOLFSSL*);
 int                  wolfSSL_GetKeySize(WOLFSSL*);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  WolfSSL構造体����れ��るSpecs構造体�IV_SIZEメン�ーを返���。
     \return iv_size  ssl-> specs.iv_size����れ��る値を返���。
     \return BAD_FUNC_ARG  WolfSSL構造�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -5678,9 +6743,11 @@ int                  wolfSSL_GetKeySize(WOLFSSL*);
 int                  wolfSSL_GetIVSize(WOLFSSL*);
 
 /*!
-    \brief  
+    \brief
     \return success  �功��場��呼�出��WolfSSLオブジェクト����応��wolfssl_server_end���wolfssl_client_endを返���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5694,6 +6761,8 @@ int                  wolfSSL_GetSide(WOLFSSL*);
     \brief  少���もTLS�ージョン1.1以上��。
     \return true/false  �功��場��呼�出��TRUE���0�場��0を返���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5706,6 +6775,8 @@ int                  wolfSSL_IsTLSv1_1(WOLFSSL*);
     \brief  �ンドシェイク�ら。
     \return If  コール��功�る��wolfssl_cipher_null�wolfssl_des�wolfssl_triple_des�wolfssl_aes�wolfssl_aes_gcm�wolfssl_aes_ccm�wolfssl_camellia。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5719,6 +6790,8 @@ int                  wolfSSL_GetBulkCipher(WOLFSSL*);
     \brief  �ンドシェイク。
     \return size  正常�コール�暗�ブロックサイズ�サイズを�イト���戻���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5732,6 +6805,8 @@ int                  wolfSSL_GetCipherBlockSize(WOLFSSL*);
     \brief  �ンドシェーク。暗�タイプ�wolfssl_aead_type�場�。
     \return size  正常�コール�EAD MACサイズ�サイズを�イト���戻���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5745,6 +6820,8 @@ int                  wolfSSL_GetAeadMacSize(WOLFSSL*);
     \brief  �ンドシェーク。wolfssl_aead_type以外�暗�タイプ�場�。
     \return size  正常�コール�（H）MACサイズ�サイズを�イト���戻���。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5759,6 +6836,8 @@ int                  wolfSSL_GetHmacSize(WOLFSSL*);
     \return If  コール��功�る��次���れ��返�れ��.MD5�SHA�SHA256�SHA384。
     \return BAD_FUNC_ARG  エラー状態�対��返�れる�能性��り��。
     \return SSL_FATAL_ERROR  エラー状態�も返�れる�能性��り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5772,6 +6851,8 @@ int                  wolfSSL_GetHmacType(WOLFSSL*);
     \brief  �ンドシェイク�ら。
     \return If  正常�コール�次���れ�を返���.WolfSSL_BLOCK_TYPE�WOLFSSL_STREAM_TYPE�WOLFSSL_AEAD_TYPE。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5782,9 +6863,11 @@ int                  wolfSSL_GetHmacType(WOLFSSL*);
 int                  wolfSSL_GetCipherType(WOLFSSL*);
 
 /*!
-    \brief  ��信�果��少���もwolfssl_gethmacsize（）�イト��る����る内部�書�込�れ��。メッセージ�サイズ�SZ�指定�れ�内容�メッセージ�種類��り�検証��れ�ピアメッセージ�検証��る����を指定���。wolfssl_aead_typeを除�暗�タイプ�有効��。
-    \return 1  �功�る�。
+    \brief  ��信�果��少���もwolfssl_gethmacsize()�イト��る����る内部�書�込�れ��。メッセージ�サイズ�SZ�指定�れ�内容�メッセージ�種類��り�検証��れ�ピアメッセージ�検証��る����を指定���。wolfssl_aead_typeを除�暗�タイプ�有効��。
+    \return 1  �功時�返�れ��。
     \return BAD_FUNC_ARG  エラー状態�戻り��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5796,8 +6879,9 @@ int wolfSSL_SetTlsHmacInner(WOLFSSL* ssl, byte* inner,
                             word32 sz, int content, int verify);
 
 /*!
-    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。INS�入力�ッファー�入力�長�を表���。OUT��署���果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�署��実際�サイズを戻���格��る必���り��。keyder�ASN1フォーマット�ECC秘密���り�Keysz�キー�キー�長���。コール�ック�例��wolfssl / test.h myeccsign（）を見��る�������。
+    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。INS�入力�ッファー�入力�長�を表���。OUT��署���果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�署��実際�サイズを戻���格��る必���り��。keyder�ASN1フォーマット�ECC秘密���り�Keysz���キー�長���。コール�ック�例��wolfssl / test.h myeccsign()を見��る�������。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -5810,7 +6894,8 @@ void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
 /*!
     \brief  CTX��コンテキスト。
     \return none  ���返���。
-    \param ssl  wolfssl_new（）を使用��作��れ�wolfsslオブジェクト���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5821,9 +6906,11 @@ void  wolfSSL_CTX_SetEccSignCb(WOLFSSL_CTX* ctx, CallbackEccSign cb);
 void  wolfSSL_SetEccSignCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  以��wolfssl_seteccsignctx（）��存�れ���コンテキスト。
+    \brief  以��wolfssl_seteccsignctx()��存�れ���コンテキスト。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5836,7 +6923,8 @@ void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
 /*!
     \brief  CTX��コンテキスト。
     \return none  ���返���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     none
@@ -5847,9 +6935,10 @@ void* wolfSSL_GetEccSignCtx(WOLFSSL* ssl);
 void  wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
 
 /*!
-    \brief  以��wolfssl_seteccsignctx（）��存�れ���コンテキスト。
+    \brief  以��wolfssl_seteccsignctx()��存�れ���コンテキスト。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+
     _Example_
     \code
     none
@@ -5860,8 +6949,9 @@ void  wolfSSL_CTX_SetEccSignCtx(WOLFSSL_CTX* ctx, void *userCtx);
 void* wolfSSL_CTX_GetEccSignCtx(WOLFSSL_CTX* ctx);
 
 /*!
-    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。SIG�検証�署���り�SIGSZ�署��長�を表���。�ッシュ�メッセージ�ダイジェストを�む入力�ッファ��り�HASHSZ��ッシュ�長�を�味���。�果��検証��果を格��る出力変数��功����1�失敗����0を記憶�る必���り��。keyder�ASN1フォーマット�ECC秘密���り�Keysz�キー�キー�長���。コール�ック�例��wolfssl / test.h myeccverify（）を見��る�������。
+    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。SIG�検証�署���り�SIGSZ�署��長�を表���。�ッシュ�メッセージ�ダイジェストを�む入力�ッファ��り�HASHSZ��ッシュ�長�を�味���。�果��検証��果を格��る出力変数��功����1�失敗����0を記憶�る必���り��。keyder�ASN1フォーマット�ECC秘密���り�Keysz�キー�キー�長���。コール�ック�例��wolfssl / test.h myeccverify()を見��る�������。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -5874,6 +6964,8 @@ void  wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb);
 /*!
     \brief  CTX��コンテキスト。
     \return none  ���返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5884,9 +6976,11 @@ void  wolfSSL_CTX_SetEccVerifyCb(WOLFSSL_CTX* ctx, CallbackEccVerify cb);
 void  wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  以��wolfssl_setecverifyctx（）��存�れ���コンテキスト。
+    \brief  以��wolfssl_setecverifyctx()��存�れ���コンテキスト。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5897,8 +6991,9 @@ void  wolfSSL_SetEccVerifyCtx(WOLFSSL* ssl, void *ctx);
 void* wolfSSL_GetEccVerifyCtx(WOLFSSL* ssl);
 
 /*!
-    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。INS�入力�ッファー�入力�長�を表���。OUT��署���果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�署��実際�サイズを戻���格��る必���り��。keyder�ASN1フォーマット�RSA秘密���り�Keysz��イト数�キー�長���。コール�ック�例��wolfssl / test.h myrsasign（）を見��る�������。
+    \brief  コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。INS�入力�ッファー�入力�長�を表���。OUT��署���果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�署��実際�サイズを戻���格��る必���り��。keyder�ASN1フォーマット�RSA秘密���り�Keysz��イト数�キー�長���。コール�ック�例��wolfssl / test.h myrsasign()を見��る�������。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -5911,6 +7006,8 @@ void  wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb);
 /*!
     \brief  ctx�。
     \return none  ���返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5921,10 +7018,11 @@ void  wolfSSL_CTX_SetRsaSignCb(WOLFSSL_CTX* ctx, CallbackRsaSign cb);
 void  wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  以��wolfssl_setrsAsignctx（）��存�れ���コンテキスト。
+    \brief  以��wolfssl_setrsAsignctx()��存�れ���コンテキスト。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
-    \param none  パラメータ��り��ん。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5935,7 +7033,7 @@ void  wolfSSL_SetRsaSignCtx(WOLFSSL* ssl, void *ctx);
 void* wolfSSL_GetRsaSignCtx(WOLFSSL* ssl);
 
 /*!
-    \brief  コール�ック���功����平文�イト数���<0エラー�場��<0を返�����。SSL�CTX�インタ�ユーザー�利便性�利用����。SIG�検証�署���り�SIGSZ�署��長�を表���。復�化プロセス�パディング�後�検証�ッファ�先頭�設定�る必���り��。keyder�ASN1形��RSA公開���り�Keysz�キー�キー�長���。コール�ック�例��wolfssl / test.h myrsaverify（）を見��る�������。
+    \brief  コール�ック���功����平文�イト数���<0エラー�場��<0を返�����。SSL�CTX�インタ�ユーザー�利便性�利用����。SIG�検証�署���り�SIGSZ�署��長�を表���。復�化プロセス�パディング�後�検証�ッファ�先頭�設定�る必���り��。keyder�ASN1形��RSA公開���り�Keysz�キー�キー�長���。コール�ック�例��wolfssl / test.h myrsaverify()を見��る�������。
     \return none  ���返���。
     \sa wolfSSL_SetRsaVerifyCtx
     \sa wolfSSL_GetRsaVerifyCtx
@@ -5945,6 +7043,7 @@ void  wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb);
 /*!
     \brief  CTX��コンテキスト。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -5955,9 +7054,11 @@ void  wolfSSL_CTX_SetRsaVerifyCb(WOLFSSL_CTX* ctx, CallbackRsaVerify cb);
 void  wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  以��wolfssl_setrsaverifyctx（）��存�れ���コンテキスト。
+    \brief  以��wolfssl_setrsaverifyctx()��存�れ���コンテキスト。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5968,8 +7069,10 @@ void  wolfSSL_SetRsaVerifyCtx(WOLFSSL* ssl, void *ctx);
 void* wolfSSL_GetRsaVerifyCtx(WOLFSSL* ssl);
 
 /*!
-    \brief  暗�化���。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。IN�入力�ッファ����INSZ�入力�長�を表���。暗�化��果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�暗�化�実際�サイズ�戻����格��れる����。keyder�ASN1形��RSA公開���り�Keysz�キー�キー�長���。例コール�ック�例��wolfssl / test.h myrsaenc（）を見��る�������。
+    \brief  暗�化���。コール�ック��功�場��0を返���エラー�場��<0��。SSL�CTX�インタ�ユーザー�利便性�利用����。IN�入力�ッファ����INSZ�入力�長�を表���。暗�化��果を�存�る必���る出力�ッファ��。OUTSZ��呼�出�時�出力�ッファ�サイズを指定�る入力/出力変数��り�暗�化�実際�サイズ�戻����格��れる����。keyder�ASN1形��RSA公開���り�Keysz�キー�キー�長���。例コール�ック�例��wolfssl / test.h myrsaenc()を見��る�������。
     \return none  ���返���。
+
+    _Example_
     \code
     none
     \endcode
@@ -5981,6 +7084,8 @@ void  wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb);
 /*!
     \brief  CTX��コール�ックコンテキスト。
     \return none  ���返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -5991,9 +7096,11 @@ void  wolfSSL_CTX_SetRsaEncCb(WOLFSSL_CTX* ctx, CallbackRsaEnc cb);
 void  wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  コール�ックコンテキスト��wolfssl_setrsaencctx（）�以���存�れ�����。
+    \brief  コール�ックコンテキスト��wolfssl_setrsaencctx()�以���存�れ�����。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -6004,8 +7111,9 @@ void  wolfSSL_SetRsaEncCtx(WOLFSSL* ssl, void *ctx);
 void* wolfSSL_GetRsaEncCtx(WOLFSSL* ssl);
 
 /*!
-    \brief  復�化���。コール�ック���功����平文�イト数���<0エラー�場��<0を返�����。SSL�CTX�インタ�ユーザー�利便性�利用����。IN��復�化�る入力�ッファ�入力�長�を表���。復�化プロセス�よ�任��パディング�後�復�化�ッファ�先頭�設定�る必���り��。keyder�ASN1フォーマット�RSA秘密���り�Keysz��イト数�キー�長���。コール�ック�例��wolfssl / test.h myrsadec（）を見��る�������。
+    \brief  復�化���。コール�ック���功����平文�イト数���<0エラー�場��<0を返�����。SSL�CTX�インタ�ユーザー�利便性�利用����。IN��復�化�る入力�ッファ�入力�長�を表���。復�化プロセス�よ�任��パディング�後�復�化�ッファ�先頭�設定�る必���り��。keyder�ASN1フォーマット�RSA秘密���り�Keysz��イト数�キー�長���。コール�ック�例��wolfssl / test.h myrsadec()を見��る�������。
     \return none  ���返���。
+
     _Example_
     \code
     none
@@ -6018,6 +7126,8 @@ void  wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb);
 /*!
     \brief  CTX��コール�ックコンテキスト。
     \return none  ���返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -6028,9 +7138,11 @@ void  wolfSSL_CTX_SetRsaDecCb(WOLFSSL_CTX* ctx, CallbackRsaDec cb);
 void  wolfSSL_SetRsaDecCtx(WOLFSSL* ssl, void *ctx);
 
 /*!
-    \brief  コール�ックコンテキスト��wolfssl_setrsadecctx（）�以���存�れ�����。
+    \brief  コール�ックコンテキスト��wolfssl_setrsadecctx()�以���存�れ�����。
     \return pointer  正常�コール�コンテキスト��有効��インタを返���。
     \return NULL  空白�コンテキスト����返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ
+
     _Example_
     \code
     none
@@ -6043,7 +7155,8 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
 /*!
     \brief  新��CA証明書�WolfSSL�ロード�れ����呼�出�れる（WolfSSL_CTX）。コール�ック���符�化�れ�証明書を���ッファ�与�られ��。
     \return none  返���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -6065,7 +7178,7 @@ void* wolfSSL_GetRsaDecCtx(WOLFSSL* ssl);
 void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  新��証明書マ�ージャコンテキストを割り当���期化���。��コンテキスト��SSL�ニーズ��無関係�使用����。証明書をロード��り�証明書を確���り�失効状�を確���り�る���使用�る�������。
     \return WOLFSSL_CERT_MANAGER  正常�コール�有効�wolfssl_cert_manager�インタを返���。
     \return NULL  エラー状態�戻り��。
@@ -6074,10 +7187,11 @@ void wolfSSL_CTX_SetCACb(WOLFSSL_CTX* ctx, CallbackCACache cb);
 WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  新��証明書マ�ージャコンテキストを割り当���期化���。��コンテキスト��SSL�ニーズ��無関係�使用����。証明書をロード��り�証明書を確���り�失効状�を確���り�る���使用�る�������。
     \return WOLFSSL_CERT_MANAGER  正常�コール�有効�wolfssl_cert_manager�インタを返���。
     \return NULL  エラー状態�戻り��。
+
     _Example_
     \code
     #import <wolfssl/ssl.h>
@@ -6093,9 +7207,10 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap);
 WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  証明書マ�ージャ�コンテキスト�関連付�られ��る����リソースを解放���。証明書マ�ージャを使用�る必�����る����れを呼�出���。
-    \return none 
+    \return none
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6109,17 +7224,18 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void);
 void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER*);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  Managerコンテキスト��CA証明書�ロード�場所を指定���。PEM証明書カフェイル���複数�信頼��るCA証明書���れ��る�能性��り��。capath�null���場��PEM形��CA証明書を�むディレクトリを指定���。
-    \return SSL_SUCCESS  �功��場��通話�戻り��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return SSL_SUCCESS  �功��場��返�れ��。�通話�戻り��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BAD_FUNC_ARG  �インタ��供�れ����場��返�れるエラー��。
     \return SSL_FATAL_ERROR   - 失敗時�返�れ��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
     \param file  ロード�るCA証明書を�むファイル������インタ。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6138,13 +7254,14 @@ int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* f,
                                                                  const char* d);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  wolfssl_ctx_load_verify_bufferを呼�出���関数�渡�れ�CM内�情報を失�����一時的�CMを使用�����果を返����よ��CA�ッファをロード���。
-    \return SSL_FATAL_ERROR  wolfssl_cert_manager構造体�NULL�場�����wolfssl_ctx_new（）�NULLを返�場��返�れ��。
+    \return SSL_FATAL_ERROR  wolfssl_cert_manager構造体�NULL�場�����wolfSSL_CTX_new()�NULLを返�場��返�れ��。
     \return SSL_SUCCESS  実行��功�る���返�れ��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
     \param in  CERT情報用��ッファー。
     \param sz  �ッファ�長�。
+
     _Example_
     \code
     WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
@@ -6166,11 +7283,12 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
                                   const unsigned char* in, long sz, int format);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数�CA署�者リストをアンロード���。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager�null�場��返�れ��。
-    \return BAD_MUTEX_E  ミューテックスエラー�発生��場��返�れ��。
+    \return BAD_MUTEX_E  ミューテックスエラー�発生��場��返�れ��。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6188,16 +7306,17 @@ int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
 int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  関数�信頼��るピアリンクリストを解放��信頼��るピアリスト�ロックを解除���。
     \return SSL_SUCCESS  関数�正常�完了��場�
     \return BAD_FUNC_ARG  wolfssl_cert_manager�null�場�
     \return BAD_MUTEX_E  ミューテックスエラーTPLOCK���WOLFSSL_CERT_MANAGER構造体�メン�ー�0（ニル）��。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
 
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(Protocol define);
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(Protocol define);
     WOLFSSL_CERT_MANAGER* cm = wolfSSL_CertManagerNew();
     ...
     if(wolfSSL_CertManagerUnload_trust_peers(cm) != SSL_SUCCESS){
@@ -6209,22 +7328,23 @@ int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
 int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  証明書マ�ージャ�コンテキスト�確��る証明書を指定���。フォーマット�SSL_FILETYPE_PEM���SSL_FILETYPE_ASN1��る�������。
-    \return SSL_SUCCESS  �功��場�
+    \return SSL_SUCCESS  �功��場��返�れ��。
     \return ASN_SIG_CONFIRM_E  署��検証������場��返�れ��。
-    \return ASN_SIG_OID_E  署��種類�サ�ート�れ����場��返�れ��。
+    \return ASN_SIG_OID_E  署��種類�サ�ート�れ����場��返�れ��。
     \return CRL_CERT_REVOKED  ��証明書��り消�れ�場��返�れるエラー��。
     \return CRL_MISSING  �在�発行者CRL�利用����場��返�れるエラー��。
-    \return ASN_BEFORE_DATE_E  �在�日付��日����る場��返�れ��。
-    \return ASN_AFTER_DATE_E  �在�日付�後�日付�後�場��返�れ��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return ASN_BEFORE_DATE_E  �在�日付��日����る場��返�れ��。
+    \return ASN_AFTER_DATE_E  �在�日付�後�日付�後�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BAD_FUNC_ARG  �インタ��供�れ����場��返�れるエラー��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
     \param fname  検証�る証明書を�むファイル������インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -6244,23 +7364,24 @@ int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* f,
                                                                     int format);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  証明書マ�ージャ�コンテキストを使用��確��る証明書�ッファを指定���。フォーマット�SSL_FILETYPE_PEM���SSL_FILETYPE_ASN1��る�������。
-    \return SSL_SUCCESS  �功��場�
+    \return SSL_SUCCESS  �功��場��返�れ��。
     \return ASN_SIG_CONFIRM_E  署��検証������場��返�れ��。
-    \return ASN_SIG_OID_E  署��種類�サ�ート�れ����場��返�れ��。
+    \return ASN_SIG_OID_E  署��種類�サ�ート�れ����場��返�れ��。
     \return CRL_CERT_REVOKED  ��証明書��り消�れ�場��返�れるエラー��。
     \return CRL_MISSING  �在�発行者CRL�利用����場��返�れるエラー��。
-    \return ASN_BEFORE_DATE_E  �在�日付��日����る場��返�れ��。
-    \return ASN_AFTER_DATE_E  �在�日付�後�日付�後�場��返�れ��。
-    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
-    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
+    \return ASN_BEFORE_DATE_E  �在�日付��日����る場��返�れ��。
+    \return ASN_AFTER_DATE_E  �在�日付�後�日付�後�場��返�れ��。
+    \return SSL_BAD_FILETYPE  ファイル�間���形���る場��返�れ��。
+    \return SSL_BAD_FILE  ファイル�存在���場��返�れ��。読�込�����破������ん。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return ASN_INPUT_E  base16デコード�ファイル�対��失敗��場��返�れ��。
     \return BAD_FUNC_ARG  �インタ��供�れ����場��返�れるエラー��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
     \param buff  検証�る証明書を�む�ッファ。
     \param sz  �ッファ�サイズ�BUF。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6284,10 +7405,11 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
                                 const unsigned char* buff, long sz, int format);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数��証明書マ�ージャー�verifyCallback関数を設定���。存在�る場���れ�ロード�れ��CERT�対��呼�出�れ��。検証エラー��る場���検証コール�ックを使用��エラーを�度�乗り越���。
     \return none  返���。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6295,7 +7417,7 @@ int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
     int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
     { // do custom verification of certificate }
 
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new(Protocol define);
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(Protocol define);
     WOLFSSL_CERT_MANAGER* cm = wolfSSL_CertManagerNew();
     ...
     wolfSSL_CertManagerSetVerify(cm, myVerify);
@@ -6313,6 +7435,7 @@ void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm,
     \return BAD_FUNC_ARG  wolfssl_cert_manager�null�場�
     \param cm  wolfssl_cert_manager構造体���インタ。
     \param der  DERフォーマット証明書���インタ。
+
     _Example_
     \code
     WOLFSSL_CERT_MANAGER* cm;
@@ -6332,14 +7455,15 @@ int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
                                 unsigned char* der, int sz);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  証明書マ�ージャを使用��証明書を検証�る���証明書失効リスト�確�をオン����。デフォルト���CRL�ェック�オフ��。オプション���wolfssl_crl_checkall���れ��。�れ���ェーン内��証明書�対��CRL検査を実行���。�れ�デフォルト��るリーフ証明書����。
-    \return SSL_SUCCESS  �功��場��通話�戻り��。
-    \return NOT_COMPILED_IN  WolfSSL�CRLを有効���構築�れ����場��返�れ��。
+    \return SSL_SUCCESS  �功��場��返�れ��。�通話�戻り��。
+    \return NOT_COMPILED_IN  WolfSSL�CRLを有効���構築�れ����場��返�れ��。
     \return MEMORY_E  メモリ�足状態�発生��場��返�れ��。
     \return BAD_FUNC_ARG  �インタ��供�れ����場��返�れるエラー��。
-    \return SSL_FAILURE  CRLコンテキストを正���期化����場��返�れ��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \return SSL_FAILURE  CRLコンテキストを正���期化����場��返�れ��。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6361,10 +7485,11 @@ int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
                                                                    int options);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  証明書マ�ージャを使用��証明書を検証�る���証明書失効リスト�確�をオフ����。デフォルト���CRL�ェック�オフ��。��関数を使用�����Certificate Managerコンテキストを使用��CRL検査を一時的����久的�無効����以��CRL検査�有効��������。
-    \return SSL_SUCCESS  �功��場��通話�戻り��。
+    \return SSL_SUCCESS  �功��場��返�れ��。�通話�戻り��。
     \return BAD_FUNC_ARG  関数�インタ��供�れ����場��返�れるエラー��。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6383,16 +7508,18 @@ int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
 int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER*);
 
 /*!
-    \ingroup CertManager 
-    \brief  失効確�����CERTをCRL�ロード�る����CERTをCRL�ロード�る����ROADCRL（）��エラー��ェック�れ�渡�れ��。
-    \return SSL_SUCCESS  wolfssl_certmanagerLoadcrl�エラー���場���よ�loadcrl�正常�戻る場�。
-    \return BAD_FUNC_ARG  wolfssl_cert_manager構造体�null�場�
-    \return SSL_FATAL_ERROR  wolfssl_certmanagerEnableCRL�SSL_SUCCESS以外�も�を返�場�。
-    \return BAD_PATH_ERROR  パス�NULL�場�
+    \ingroup CertManager
+    \brief  証明書�失効確�����証明書をCRL�ロード�る際�エラー�ェックを行����後証明書をLoadCRL()�渡���。
+
+    \return SSL_SUCCESS  wolfSSL_CertManagerLoadCRL�エラー�発生���loadCRL��功�戻る場��返�れ��。
+    \return BAD_FUNC_ARG  WOLFSSL_CERT_MANAGER構造体�NULL�場�
+    \return SSL_FATAL_ERROR  wolfSSL_CertManagerEnableCRL�SSL_SUCCESS以外�を返�場�。
+    \return BAD_PATH_ERROR  path�NULL�場�
     \return MEMORY_E  LOADCRL�ヒープメモリ�割り当��失敗��場�。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
-    \param path  CRL経路を�����る一定��ャール�インタ。
+    \param cm  wolfSSL_CertManagerNew()を使用��作��れ�WOLFSSL_CERT_MANAGER構造体���インタ。
+    \param path  CRL��パスを�����る�ッファー���インタ。
     \param type  ロード�る証明書�種類。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6409,14 +7536,15 @@ int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm,
                                const char* path, int type, int monitor);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数��BufferLoadCRLを呼�出����よ��CRLファイルをロード���。
     \return SSL_SUCCESS  関数�エラー���完了��場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager�null�場��返�れ��。
-    \return SSL_FATAL_ERROR  wolfssl_cert_manager�関連付�られ��るエラー��る場��返�れ��。
+    \return SSL_FATAL_ERROR  wolfssl_cert_manager�関連付�られ��るエラー��る場��返�れ��。
     \param cm  wolfssl_cert_manager構造体���インタ。
     \param buff  定数�イトタイプ��ッファ��。
     \param sz  �ッファ�サイズを表�長�int。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6441,11 +7569,12 @@ int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
                                      int type);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数�CRL証明書マ�ージャコール�ックを設定���。LABE_CRL�定義�れ���一致�るCRLレコード�見��ら��場��CBMissingCRL�呼�出�れ��（WolfSSL_CertManagerSetCRL_CBを介��設定）。�れ�より�CRLを外部�検索��ロード�る�������。
     \return SSL_SUCCESS  関数�サブルー�ン�実行��功��ら返�れ��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager構造体�NULL�場��返�れ��。
     \param cm  証明書�情報を�����るWOLFSSL_CERT_MANAGER構造。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6468,15 +7597,42 @@ int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
 */
 int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm,
                                  CbMissingCRL cb);
+/*!
+    \ingroup CertManager
+    \brief ��関数�証明書マ�ジャー����れ��るCRLを解放���。
+    アプリケーション�CRLをwolfSSL_CertManagerFreeCRLを呼�出��解放��後��新��CRLをロード�る�������。
+
+    \return SSL_SUCCESS 関数�実行��功��場��返�れ��。
+    \return BAD_FUNC_ARG WOLFSSL_CERT_MANAGER構造体���インター�NULL�渡�れ�場��返�れ��。
+
+    \param cm wolfSSL_CertManagerNew()�生��れ�WOLFSSL_CERT_MANAGER構造体���インター。
+
+    _Example_
+    \code
+    #include <wolfssl/ssl.h>
+
+    const char* crl1     = "./certs/crl/crl.pem";
+    WOLFSSL_CERT_MANAGER* cm = NULL;
+
+    cm = wolfSSL_CertManagerNew();
+    wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0);
+    …
+    wolfSSL_CertManagerFreeCRL(cm);
+    \endcode
+
+    \sa wolfSSL_CertManagerLoadCRL
+*/
+int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��機能�より�OCSPENABLED OCSPENABLED�OCSP�ェックオプション�有効�����る��を�味���。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。wolfssl_cert_manager�OCSPENABLEDメン�ー�有効�������。
     \return BAD_FUNC_ARG  wolfssl_cert_manager構造体�null�場�����許��れ����引数値�サブルー�ン�渡�れ�場��返�れ��。
     \return MEMORY_E  ��関数内�メモリを割り当�るエラー���サブルー�ン��る場��返�れ��。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
     \param der  証明書���イト�インタ。
+
     _Example_
     \code
     #import <wolfssl/ssl.h>
@@ -6496,14 +7652,15 @@ int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
                                  unsigned char* der, int sz);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  OCSP�オフ�����る場��OCSPをオン���[設定]オプションを使用�能�����る場�。
     \return SSL_SUCCESS  関数呼�出���功��場��返�れ��。
     \return BAD_FUNC_ARG  cm構造体�null�場�
     \return MEMORY_E  wolfssl_ocsp struct値�null�場�
     \return SSL_FAILURE  WOLFSSL_OCSP構造体��期化��期化�失敗���。
     \return NOT_COMPILED_IN  正��機能を有効���コンパイル�れ����ビルド。
-    \param cm  wolfssl_certmanagernew（）を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+    \param cm  wolfssl_certmanagernew()を使用��作��れ�wolfssl_cert_manager構造体���インタ。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6523,10 +7680,11 @@ int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
                                                                    int options);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  OCSP証明書�失効を無効����。
     \return SSL_SUCCESS  WolfSSL_CertMangerDisableCRL��WolfSSL_CERT_MANAGER構造体�CRLEnabledメン�を無効�����。
     \return BAD_FUNC_ARG  WOLFSSL構造�ヌル���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6543,11 +7701,12 @@ int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
 int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER*);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数��URLをwolfssl_cert_manager構造体�OCSpoverrideURLメン�ー�コピー���。
     \return SSL_SUCCESS  ��機能�期待��り�実行�����。
     \return BAD_FUNC_ARG  wolfssl_cert_manager構造体�null��。
     \return MEMEORY_E  証明書マ�ージャ�OCSPoverRideURLメン�ー�メモリを割り当�る�������ん���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6567,13 +7726,14 @@ int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
                                           const char* url);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数��wolfssl_cert_manager�OCSPコール�ックを設定���。
     \return SSL_SUCCESS  実行��功�����戻り��。引数�wolfssl_cert_manager構造体��存�れ��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager�null�場��返�れ��。
     \param cm  wolfssl_cert_manager構造体���インタ。
     \param ioCb  CBocSpio型�関数�インタ。
     \param respFreeCb   -  CBOCSPRESPFREAS型�関数�インタ。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -6595,13 +7755,14 @@ int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
                                   void* ioCbCtx);
 
 /*!
-    \ingroup CertManager 
+    \ingroup CertManager
     \brief  ��関数��オプションをオン�����OCSPステープルをオン����。オプションを設定���。
     \return SSL_SUCCESS  エラー����関数�正常�実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager構造体�NULL��������場���サブルー�ン�渡�れ�未解決�引数値����場��返�れ��。
-    \return MEMORY_E  メモリ割り当���る�題�発生��場��返�れ��。
+    \return MEMORY_E  メモリ割り当���る�題�発生��場��返�れ��。
     \return SSL_FAILURE  OCSP構造体��期化�失敗��場��返�れ��。
     \return NOT_COMPILED_IN  wolfssl�haber_certificate_status_requestオプション�コンパイル�れ����場��返�れ��。
+
     _Example_
     \code
     int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX* ctx){
@@ -6614,13 +7775,14 @@ int wolfSSL_CertManagerEnableOCSPStapling(
                                                       WOLFSSL_CERT_MANAGER* cm);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���返�れ���。
     \return BAD_FUNC_ARG  WolfSSL構造�NULL�場��返�れ��。
     \return MEMORY_E  メモリ�割り当��失敗��場��返�れ��。
     \return SSL_FAILURE  initcrl関数�正常�戻�れ��場��返�れ��。
     \return NOT_COMPILED_IN  have_crl�コンパイル中�有効�������ん���。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6636,9 +7798,10 @@ int wolfSSL_CertManagerEnableOCSPStapling(
 int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  WolfSSL_CertMangerDisableCRL��WolfSSL_CERT_MANAGER構造体�CRLEnabledメン�を無効�����。
     \return BAD_FUNC_ARG  WOLFSSL構造�ヌル���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6658,9 +7821,10 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl);
     \return WOLFSSL_SUCCESS  関数�����サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return SSL_FATAL_ERROR  サブルー�ン�1��正常�戻�れ��場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl_cert_manager���wolfssl構造�null�場�
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param path  CRLファイル��パスを���る定数文字�インタ。
     \param type  証明書�種類を表�整数。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6677,10 +7841,11 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl);
 int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数���サブルー�ン�エラー���実行�れ�場��返�れ��。wolfssl_cert_manager�CBMissingCRLメン�ー�設定�れ����。
     \return BAD_FUNC_ARG  WOLFSSL���WOLFSSL_CERT_MANAGER構造体�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6702,12 +7867,13 @@ int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor);
 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  ��関数���サブルー�ン�引数�無効�引数値を�信��場��返�れ��。
-    \return MEMORY_E  構造体や��他�変数�メモリを割り当�るエラー�発生��場��返�れ��。
+    \return MEMORY_E  構造体や��他�変数�メモリを割り当�るエラー�発生��場��返�れ��。
     \return NOT_COMPILED_IN  wolfssl�hane_ocspオプション�コンパイル�れ����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6724,9 +7890,10 @@ int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb);
 int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数���サブルー�ン�エラー���戻��場��返�れ��。wolfssl_cert_manager構造体�OCSPENABLEDメン�ー�正常�設定�れ���。
     \return BAD_FUNC_ARG  WolfSSL構造�NULL�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6744,7 +7911,8 @@ int wolfSSL_DisableOCSP(WOLFSSL*);
     \return SSL_SUCCESS  機能�実行��功�����戻り��。
     \return BAD_FUNC_ARG  wolfssl構造体�null�場�����未解決�引数�サブルー�ン�渡�れ�場��返�れ��。
     \return MEMORY_E  サブルー�ン�メモリを割り当�るエラー�発生��場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6763,9 +7931,10 @@ int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url);
     \brief  wolfssl_cert_manager構造体。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。CM�OCSPIOCB�OCSPRESPFREECB��よ�OCSPIOCTXメン�ー�設定�れ����。
     \return BAD_FUNC_ARG  WOLFSSL���WOLFSSL_CERT_MANAGER構造�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param ioCb  CBocSpioを入力�る���関数�インタ。
     \param respFreeCb  応答メモリを解放�る���呼�出���るCBocSpreSpFreeを入力�る���関数�インタ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -6795,12 +7964,13 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
                        void* ioCbCtx);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  ��関数��れ�サブルー�ン�場��エラー���実行�れ��。
     \return BAD_FUNC_ARG  CTX構造体�NULL�場�������他�点��サブルー�ン�無効�引数����場��返�れ��。
     \return MEMORY_E  関数�実行中�メモリ�割り当�エラー�発生��場��返�れ��。
     \return SSL_FAILURE  wolfssl_cert_manager�CRLメン�ー�正���期化�れ����場��返�れ��。
     \return NOT_COMPILED_IN  wolfssl�hane_crlオプション�コンパイル�れ��ん���。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6817,9 +7987,10 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl, CbOCSPIO ioCb, CbOCSPRespFree respFreeCb,
 int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。wolfssl_cert_manager構造体�CRLEnabledメン�ー�0�設定�れ����。
     \return BAD_FUNC_ARG  CTX構造体���CM構造体�NULL値��る場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6834,14 +8005,15 @@ int wolfSSL_CTX_EnableCRL(WOLFSSL_CTX* ctx, int options);
 int wolfSSL_CTX_DisableCRL(WOLFSSL_CTX* ctx);
 
 /*!
-    \brief  wolfssl_certmanagerLoadcr（）。
+    \brief  wolfssl_certmanagerLoadcr()。
     \return SSL_SUCCESS   - 関数���サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG   - ��関数���サブルー�ン�NULL構造�渡�れ�場��返�れ��。
     \return BAD_PATH_ERROR   - パス変数�null���開��戻り��。
     \return MEMORY_E   - メモリ�割り当��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \param path  証明書��パス。
     \param type  証明書�種類を���る整数変数。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -6858,7 +8030,8 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monito
     \brief  wolfssl_certmanagersetCRL_CBを呼�出���WolfSSL_CERT_MANAGER構造�メン�ー。
     \return SSL_SUCCESS  実行��功�る���返�れ���。WOLFSSL_CERT_MANAGER構造体�CBMSSINGCRL�CB�正常�設定�れ���。
     \return BAD_FUNC_ARG  wolfssl_ctx���wolfssl_cert_manager�NULL�場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6878,11 +8051,12 @@ int wolfSSL_CTX_LoadCRL(WOLFSSL_CTX* ctx, const char* path, int type, int monito
 int wolfSSL_CTX_SetCRL_Cb(WOLFSSL_CTX* ctx, CbMissingCRL cb);
 
 /*!
-    \brief  wolfssl�機能オプション�値�1�以上�オプション�構��れ��る場���次�オプションを1�以上����.wolfssl_ocsp_enable  -  OCSPルックアップを有効��るwolfssl_ocsp_url_override  - 証明書�URL�代�り�URLをオー�ーライド���。オー�ーライドURL��wolfssl_ctx_setocsp_overrideURL（）関数を使用��指定�れ��。��関数��wolfssl�OCSPサ�ート（--enable-ocsp�#define hane_ocsp）�コンパイル�れ������OCSPオプションを設定���。
+    \brief  wolfssl�機能オプション�値�1�以上�オプション�構��れ��る場���次�オプションを1�以上����.wolfssl_ocsp_enable  -  OCSPルックアップを有効��るwolfssl_ocsp_url_override  - 証明書�URL�代�り�URLをオー�ーライド���。オー�ーライドURL��wolfssl_ctx_setocsp_overrideURL()関数を使用��指定�れ��。��関数��wolfssl�OCSPサ�ート（--enable-ocsp�#define hane_ocsp）�コンパイル�れ������OCSPオプションを設定���。
     \return SSL_SUCCESS  �功�����返�れ��。
     \return SSL_FAILURE  失敗�����返�れ��。
     \return NOT_COMPILED_IN  ��関数�呼�出�れ����返�れ����wolfssl�コンパイル�れ����OCSPサ�ート�有効�������ん���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -6896,7 +8070,8 @@ int wolfSSL_CTX_EnableOCSP(WOLFSSL_CTX* ctx, int options);
 /*!
     \brief  wolfssl_cert_manager構造体�OCSPENABLEDメン�ー�影響を与���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。CM�OCSPENABLEDメン�ー�無効�������。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造�null�場��返�れ��。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造�null�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -6916,7 +8091,8 @@ int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
     \return SSL_SUCCESS  �功�����返�れ��。
     \return SSL_FAILURE  失敗�����返�れ��。
     \return NOT_COMPILED_IN  ��関数�呼�出�れ����返�れ����wolfssl�コンパイル�れ����OCSPサ�ート�有効�������ん���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -6928,12 +8104,13 @@ int wolfSSL_CTX_DisableOCSP(WOLFSSL_CTX*);
 int wolfSSL_CTX_SetOCSP_OverrideURL(WOLFSSL_CTX* ctx, const char* url);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�正常�実行�れ�場��返�れ��。CM内�OCSPIOCB�OCSPRESPFREECB��よ�OCSPIOCTXメン�ー�正常�設定�れ���。
-    \return BAD_FUNC_ARG  wolfssl_ctx���wolfssl_cert_manager構造体�null�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX���wolfssl_cert_manager構造体�null�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param ioCb  関数�インタ��るCBocSpio型。
     \param respFreeCb  関数�インタ��るCBocSprepSprepFree型。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -6959,15 +8136,16 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
                            void* ioCbCtx);
 
 /*!
-    \brief  wolfssl_certmanagerEnableOcspStapling（）。
+    \brief  wolfssl_certmanagerEnableOcspStapling()。
     \return SSL_SUCCESS  エラー����関数�正常�実行�れ�場��返�れ��。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造体�NULL��������場���サブルー�ン�渡�れ�未解決�引数値����場��返�れ��。
-    \return MEMORY_E  メモリ割り当���る�題�発生��場��返�れ��。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造体�NULL��������場���サブルー�ン�渡�れ�未解決�引数値����場��返�れ��。
+    \return MEMORY_E  メモリ割り当���る�題�発生��場��返�れ��。
     \return SSL_FAILURE  OCSP構造体��期化�失敗��場��返�れ��。
     \return NOT_COMPILED_IN  wolfssl�haber_certificate_status_requestオプション�コンパイル�れ����場��返�れ��。
+
     _Example_
     \code
-    WOLFSSL* ssl = WOLFSSL_new();
+    WOLFSSL* ssl = wolfSSL_new();
     ssl->method.version; // set to desired protocol
     ...
     if(!wolfSSL_CTX_EnableOCSPStapling(ssl->ctx)){
@@ -6980,9 +8158,10 @@ int wolfSSL_CTX_SetOCSP_Cb(WOLFSSL_CTX* ctx,
 int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  通常�SSL�ンドシェイク�最後��WolfSSL�一時的�アレイを解放���。�ンドシェイク�始�る����関数を呼�出���WolfSSL�一時的��列を解放�る�を防���。Wolfssl_get_keys（）���PSK�ヒント���も����一時的��列�必���る場���り��。ユーザ�一時的��列�行�れる��wolfssl_freearray（）���れ���座�リソースを解放�る�������る���関連�るSSLオブジェクト�解放�れ����リソース�解放�れるよ���る�能性��る。
+    \ingroup CertsKeys
+    \brief  通常�SSL�ンドシェイク�最後��WolfSSL�一時的�アレイを解放���。�ンドシェイク�始�る����関数を呼�出���WolfSSL�一時的��列を解放�る�を防���。Wolfssl_get_keys()���PSK�ヒント���も����一時的��列�必���る場���り��。ユーザ�一時的��列�行�れる��wolfssl_freearray()���れ���座�リソースを解放�る�������る���関連�るSSLオブジェクト�解放�れ����リソース�解放�れるよ���る�能性��る。
     \return none  返���。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -6994,9 +8173,10 @@ int wolfSSL_CTX_EnableOCSPStapling(WOLFSSL_CTX*);
 void wolfSSL_KeepArrays(WOLFSSL*);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  通常�SSL�ンドシェイク�最後��WolfSSL�一時的�アレイを解放���。wolfssl_keeparrays（）��ンドシェイク���呼�出�れ�場��WolfSSL�一時的��列を解放���ん。��関数�一時的��列を明示的�解放��ユーザー�一時的��列�行�れ����呼�出�れる����り�SSLオブジェクト��れら�リソースを解放�る�を待�����。
+    \ingroup CertsKeys
+    \brief  通常�SSL�ンドシェイク�最後��WolfSSL�一時的�アレイを解放���。wolfssl_keeparrays()��ンドシェイク���呼�出�れ�場��WolfSSL�一時的��列を解放���ん。��関数�一時的��列を明示的�解放��ユーザー�一時的��列�行�れ����呼�出�れる����り�SSLオブジェクト��れら�リソースを解放�る�を待�����。
     \return none  返���。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -7009,12 +8189,13 @@ void wolfSSL_FreeArrays(WOLFSSL*);
 
 /*!
     \brief  'ssl'パラメータ�渡�れ�オブジェクト。�れ��WolfSSLクライアント�よ��SNI拡張機能�ClientHello��信�れ�WolfSSL Server�ServerHello + SNI���SNIミスマッ��場��致命的�Alert Hello + SNIを応答���。
-    \return WOLFSSL_SUCCESS  �功�る�。
+    \return WOLFSSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.SSL�NULL�データ�NULL�タイプ��明�値��。（下記�照）
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLオブジェクト���インタ。
     \param type  ��種類�サー�ー��データ�渡�れ��を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
     \param data  サー�ー�データ���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7042,12 +8223,13 @@ int wolfSSL_UseSNI(WOLFSSL* ssl, unsigned char type,
 
 /*!
     \brief  SSLコンテキスト�ら作��れ�オブジェクト� 'ctx'パラメータ�渡�れ���。�れ��WolfSSLクライアント�よ��SNI拡張機能�ClientHello��信�れ�WolfSSLサー�ー�ServerHello + SNI���SNI��一致�場���致命的�ALERT Hello + SNIを応答���。
-    \return WOLFSSL_SUCCESS  �功�る�。
+    \return WOLFSSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.CTX�NULL�データ�NULL�タイプ��明�値��。（下記�照）
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param type  ��種類�サー�ー��データ�渡�れ��を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
     \param data  サー�ー�データ���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7071,10 +8253,11 @@ int wolfSSL_CTX_UseSNI(WOLFSSL_CTX* ctx, unsigned char type,
 /*!
     \brief  'ssl'パラメータ�渡�れ�SSLオブジェクト内�サー�ー�表示を使用��SSLセッション�動作。オプションを以下�説明���。
     \return none  ���返���。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLオブジェクト���インタ。
     \param type  ��種類�サー�ー��データ�渡�れ��を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
     \param options  �択�れ�オプションを��ビット���セマフォ。利用�能�オプション�次���り��。enum {wolfssl_sni_continue_on_mismatch = 0x01�wolfssl_sni_answer_on_mismatch = 0x02};通常�サー�ー��クライアント�よ���供�れ�ホスト��サー�ー�表示�れ��るホスト��サー�ー��供�れ��る場��サー�ー�handshakeを中止���。
     \param WOLFSSL_SNI_CONTINUE_ON_MISMATCH  ��オプションを設定�る��サー�ー�セッションを中止�る代�り�SNI応答を�信���ん。
+
     _Example_
     \code
     int ret = 0;
@@ -7105,10 +8288,11 @@ void wolfSSL_SNI_SetOptions(WOLFSSL* ssl, unsigned char type,
 /*!
     \brief  SSLセッションを使用��SSLオブジェクト�サー��指示を使用���SSLコンテキスト�ら作��れ�SSLオブジェクト�ら作��れ��。オプションを以下�説明���。
     \return none  ���返���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
     \param type  ��種類�サー�ー��データ�渡�れ��を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
     \param options  �択�れ�オプションを��ビット���セマフォ。利用�能�オプション�次���り��。enum {wolfssl_sni_continue_on_mismatch = 0x01�wolfssl_sni_answer_on_mismatch = 0x02};通常�サー�ー��クライアント�よ���供�れ�ホスト��サー�ー�表示�れ��るホスト��サー�ー��供�れ��る場��サー�ー�handshakeを中止���。
     \param WOLFSSL_SNI_CONTINUE_ON_MISMATCH  ��オプションを設定�る��サー�ー�セッションを中止�る代�り�SNI応答を�信���ん。
+
     _Example_
     \code
     int ret = 0;
@@ -7133,7 +8317,7 @@ void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
 
 /*!
     \brief  クライアント�よ��クライアント�ら�供�れ���表示クライアント�よ���信�れ�メッセージセッションを開始�る。SNIを�得�る���コンテキスト���セッション設定�必��り��ん。
-    \return WOLFSSL_SUCCESS  �功�る�。
+    \return WOLFSSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  ��ケース�返�れるエラー��次���れ��場��返�れ��。�ッファ�NULL�BUFFERSZ <= 0�SNI�NULL�INOUTSZ�NULL���<= 0��。
     \return BUFFER_ERROR  �正�クライアントhelloメッセージ��る���エラー�返�れ��。
     \return INCOMPLETE_DATA  抽出を完了�る���分�データ���場��返�れるエラー��。
@@ -7141,6 +8325,7 @@ void wolfSSL_CTX_SNI_SetOptions(WOLFSSL_CTX* ctx,
     \param bufferSz  クライアントhelloメッセージ�サイズ。
     \param type  ��種類�サー�ー���ッファー�ら�得�れ��る�を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
     \param sni  出力��存�れる場所���インタ。
+
     _Example_
     \code
     unsigned char buffer[1024] = {0};
@@ -7161,11 +8346,12 @@ int wolfSSL_SNI_GetFromBuffer(
                  unsigned char type, unsigned char* sni, unsigned int* inOutSz);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�SNIオブジェクト�ステータスを�得���。
     \return value  SNI�NULL���場����関数�SNI構造体�ステータスメン�ー��イト値を返���。
     \return 0  SNIオブジェクト�NULL�場�
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7187,8 +8373,9 @@ unsigned char wolfSSL_SNI_Status(WOLFSSL* ssl, unsigned char type);
 /*!
     \brief  SSLセッション�クライアント�よ���供�れるサー�ー��表示。
     \return size  �供�れ�SNIデータ�サイズ。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLオブジェクト���インタ。
     \param type  ��種類�サー�ー��データ内��得�れ��る�を示���。既知�型�次���り��。enum {wolfssl_sni_host_name = 0};
+
     _Example_
     \code
     int ret = 0;
@@ -7218,15 +8405,16 @@ unsigned short wolfSSL_SNI_GetRequest(WOLFSSL *ssl,
                                                unsigned char type, void** data);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  wolfsslセッション�ALPNを設定���。
-    \return WOLFSSL_SUCCESS:  �功�る�。
+    \return WOLFSSL_SUCCESS:  �功時�返�れ��。
     \return BAD_FUNC_ARG  SSL���PROTOCOL_NAME_LIST�NULL���PROTOCOL_NAME_LISTSZ�大����り�オプション�サ�ート�れ����も�を����。
     \return MEMORY_ERROR  プロトコルリスト�メモリ�割り当�中�エラー�発生����。
-    \return SSL_FAILURE  失敗�る�。
+    \return SSL_FAILURE  失敗時�返�れ��。
     \param ssl  使用�るWolfSSLセッション。
     \param protocol_name_list  使用�るプロトコル��リスト。カンマ区切り文字列�必���。
     \param protocol_name_listSz  プロトコル��リスト�サイズ。
+
     _Example_
     \code
     wolfSSL_Init();
@@ -7251,17 +8439,18 @@ int wolfSSL_UseALPN(WOLFSSL* ssl, char *protocol_name_list,
                                 unsigned char options);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  ��関数��サー�ー�よ��設定�れ�プロトコル�を�得���。
     \return SSL_SUCCESS  エラー�投�られ����正常�実行�戻り���。
     \return SSL_FATAL_ERROR  拡張��見��ら����場�����ピア�プロトコル�一致�����場��返�れ��。2�以上�プロトコル����入れられ��る場���スロー�れ�エラーも�り��。
     \return SSL_ALPN_NOT_FOUND  ピア�プロトコル�一致�見��ら������を示�返�れ���。
     \return BAD_FUNC_ARG  関数�渡�れ�null引数����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param protocol_name  プロトコル�を表�CHAR���インタ��ALPN構造����れ��。
+
     _Example_
     \code
-    WOLFSSL_CTX* ctx = WOLFSSL_CTX_new( protocol method );
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
     WOLFSSL* ssl = WOLFSSL_new(ctx);
     ...
     int err;
@@ -7280,14 +8469,15 @@ int wolfSSL_ALPN_GetProtocol(WOLFSSL* ssl, char **protocol_name,
                                          unsigned short *size);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  ��関数��alpn_client_listデータをSSLオブジェクト�ら�ッファ�コピー���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。SSLオブジェクト�ALPN_CLIENT_LISTメン�ー�LISTパラメータ�コピー�れ���。
     \return BAD_FUNC_ARG  list���listszパラメーター�null�場��返�れ��。
-    \return BUFFER_ERROR  リスト�ッファ��題��る場��（NULL���サイズ�0�場�）��題��る場��返�れ��。
+    \return BUFFER_ERROR  リスト�ッファ��題��る場��（NULL���サイズ�0�場�）��題��る場��返�れ��。
     \return MEMORY_ERROR  メモリを動的�割り当�る�題��る場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param list  �ッファ���インタ。SSLオブジェクト�ら�データ�コピー�れ��。
+
     _Example_
     \code
     #import <wolfssl/ssl.h>
@@ -7312,10 +8502,11 @@ int wolfSSL_ALPN_GetPeerProtocol(WOLFSSL* ssl, char **list,
 
 /*!
     \brief  'ssl'パラメータ�渡�れ�SSLオブジェクト内�最大フラグメント長。�れ��最大フラグメント長拡張機能�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.SSL�NULL�MFL�範囲外��。
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLオブジェクト���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7341,10 +8532,11 @@ int wolfSSL_UseMaxFragment(WOLFSSL* ssl, unsigned char mfl);
 
 /*!
     \brief  SSLコンテキスト�ら作��れ�SSLオブジェクト�最大フラグメント長� 'ctx'パラメータ�渡�れ���。�れ��最大フラグメント長拡張機能�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.CTX�NULL�MFL�範囲外��。
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7365,9 +8557,10 @@ int wolfSSL_CTX_UseMaxFragment(WOLFSSL_CTX* ctx, unsigned char mfl);
 
 /*!
     \brief  'ssl'パラメータ�渡�れ�SSLオブジェクト内�truncated HMAC。�れ��切り��られ�HMAC拡張機能�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.SSL�NULL��
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -7393,9 +8586,10 @@ int wolfSSL_UseTruncatedHMAC(WOLFSSL* ssl);
 
 /*!
     \brief  'ctx'パラメータ�渡�れ�SSLコンテキスト�ら作��れ�SSLオブジェクト����Truncated HMAC。�れ��切り��られ�HMAC拡張機能�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.CTX�NULL
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
+
     _Example_
     \code
     int ret = 0;
@@ -7417,10 +8611,11 @@ int wolfSSL_CTX_UseTruncatedHMAC(WOLFSSL_CTX* ctx);
 /*!
     \brief  OCSP��示�れ�証明書失効�ェック�コストを下���。
     \return SSL_SUCCESS  tlsx_usecertificateStatusRequest�エラー���実行�れ�場��返�れ��。
-    \return MEMORY_E  メモリ�割り当��エラー��る場��返�れ��。
+    \return MEMORY_E  メモリ�割り当��エラー��る場��返�れ��。
     \return BAD_FUNC_ARG  NULL�����他�点���関数�渡�れ�値�渡�れる引数��る場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
-    \param status_type  tlsx_usecertificateSrequest（）�渡�れ�CertificateStatusRequest構造体�格��れ��る�イトタイプ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+    \param status_type  tlsx_usecertificateSrequest()�渡�れ�CertificateStatusRequest構造体�格��れ��る�イトタイプ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7437,12 +8632,13 @@ int wolfSSL_UseOCSPStapling(WOLFSSL* ssl,
                               unsigned char status_type, unsigned char options);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���実行�れ�場��返�れ��。
-    \return BAD_FUNC_ARG  未解決�値�サブルー�ン�渡�れ�場��wolfssl_ctx構造体�NULL��������場��返�れ��。
+    \return BAD_FUNC_ARG  未解決�値�サブルー�ン�渡�れ�場��WOLFSSL_CTX構造体�NULL��������場��返�れ��。
     \return MEMORY_E  関数���サブルー�ン�メモリを正��割り振る���������場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
-    \param status_type  tlsx_usecertificateSrequest（）�渡�れ�CertificateStatusRequest構造体�格��れ��る�イトタイプ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+    \param status_type  tlsx_usecertificateSrequest()�渡�れ�CertificateStatusRequest構造体�格��れ��る�イトタイプ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7465,12 +8661,13 @@ int wolfSSL_CTX_UseOCSPStapling(WOLFSSL_CTX* ctx,
                               unsigned char status_type, unsigned char options);
 
 /*!
-    \brief  
+    \brief
     \return SSL_SUCCESS   - 関数�サブルー�ン�エラー���実行�れ�場��返�れ��。
     \return MEMORY_E   - メモリエラー�割り当�����場��返�れ��。
     \return BAD_FUNC_ARG   -  NULL����れ以外�場��解読�れ����引数�関数���サブルー�ン�渡�れ�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param status_type  OCSPステータスタイプをロード�る�イトタイプ。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7489,10 +8686,11 @@ int wolfSSL_UseOCSPStaplingV2(WOLFSSL* ssl,
 /*!
     \brief  OCSPステイプル����。
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���実行�れ�場�。
-    \return BAD_FUNC_ARG  wolfssl_ctx構造�null�場������数変数�クライアント�����場��返�れ��。
+    \return BAD_FUNC_ARG  WOLFSSL_CTX構造�null�場������数変数�クライアント�����場��返�れ��。
     \return MEMORY_E  メモリ�割り当��失敗��場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
     \param status_type  CertificatStatusRequest構造体��る�イトタイプ��wolfssl_csr2_ocsp���wolfssl_csr2_ocsp_multi���れ��り��ん。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx  = wolfSSL_CTX_new( protocol method );
@@ -7512,10 +8710,11 @@ int wolfSSL_CTX_UseOCSPStaplingV2(WOLFSSL_CTX* ctx,
 
 /*!
     \brief  サ�ート�れ��る楕円曲線拡張��� 'SSL'パラメータ�渡�れ�SSLオブジェクト�サ�ート�れ����。�れ��サ�ート�れ��るカーブ�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。��機能�複数�曲線を有効��る���複数�時間�呼��������。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.SSL�NULL��。���未知�値��。（下記�照）
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ssl  wolfssl_new（）�作��れ�SSLオブジェクト���インタ。
+    \param ssl  wolfSSL_new()�作��れ�SSLオブジェクト���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7541,10 +8740,11 @@ int wolfSSL_UseSupportedCurve(WOLFSSL* ssl, word16 name);
 
 /*!
     \brief  サ�ート�れ��る楕円曲線�� 'ctx'パラメータ�渡�れ�SSLコンテキスト�ら作��れ�SSLオブジェクト�拡張���。�れ��サ�ート�れ��るカーブ�WolfSSLクライアント�よ��ClientHello��信�れる��を�味���。��機能�複数�曲線を有効��る���複数�時間�呼��������。
-    \return SSL_SUCCESS  �功�る�。
+    \return SSL_SUCCESS  �功時�返�れ��。
     \return BAD_FUNC_ARG  次���れ��場��返�れるエラー��.CTX�NULL����未知�値��。（下記�照）
     \return MEMORY_E  �分�メモリ������エラー�返�れ��。
-    \param ctx  wolfssl_ctx_new（）�作��れ�SSLコンテキスト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�SSLコンテキスト���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -7565,11 +8765,12 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
                                                            word16 name);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��供給�れ�WOLFSSL構造�安全��交渉を強制���。�れ��勧�����ん。
     \return SSL_SUCCESS  安全���ゴシエーションを正常�設定���。
-    \return BAD_FUNC_ARG  SSL�NULL�場��エラーを返���。
+    \return BAD_FUNC_ARG  ssl�NULL�場��エラーを返���。
     \return MEMORY_E  安全��交渉����メモリを割り当�る�������場��エラーを返���。
+
     _Example_
     \code
     wolfSSL_Init();
@@ -7590,12 +8791,13 @@ int wolfSSL_CTX_UseSupportedCurve(WOLFSSL_CTX* ctx,
 int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�安全��交渉�ンドシェイクを実行���。�れ��WolfSSL���機能を妨�るよ��強制�れ��。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  wolfssl構造�null��������れ��許容����引数�サブルー�ン�渡�れ�場��返�れ��。
-    \return SECURE_RENEGOTIATION_E  �ンドシェイクを��ゴシエーション�る���エラー�発生��場��返�れ��。
-    \return SSL_FATAL_ERROR  サー�ー���クライアント構��エラー�発生��場�����ゴシエーション�完了������場��返�れ��。wolfssl_negotiate（）を�照������。
+    \return SECURE_RENEGOTIATION_E  �ンドシェイクを��ゴシエーション�る���エラー�発生��場��返�れ��。
+    \return SSL_FATAL_ERROR  サー�ー���クライアント構��エラー�発生��場�����ゴシエーション�完了������場��返�れ��。wolfssl_negotiate()を�照������。
+
     _Example_
     \code
     WOLFSSL* ssl = wolfSSL_new(ctx);
@@ -7614,11 +8816,12 @@ int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
 int wolfSSL_Rehandshake(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  セッション�ケットを使用�るよ��WolfSSL構造を強制���。定数hous_session_ticketを定義��定数NO_WOLFSSL_CLIENTを��関数を使用�るよ��定義��������。
     \return SSL_SUCCESS  セッション�ケットを使用��セット��功����。
-    \return BAD_FUNC_ARG  SSL�NULL�場��返�れ��。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
     \return MEMORY_E  セッション�ケットを設定�る���メモリ�割り当�中�エラー�発生����。
+
     _Example_
     \code
     wolfSSL_Init();
@@ -7638,11 +8841,12 @@ int wolfSSL_Rehandshake(WOLFSSL* ssl);
 int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��セッション�ケットを使用�るよ��WolfSSLコンテキストを設定���。
     \return SSL_SUCCESS  関数�正常�実行�れ��。
     \return BAD_FUNC_ARG  CTX�NULL�場��返�れ��。
     \return MEMORY_E  内部関数内�メモリ�割り当�中�エラー�発生����。
+
     _Example_
     \code
     wolfSSL_Init();
@@ -7660,12 +8864,13 @@ int wolfSSL_UseSessionTicket(WOLFSSL* ssl);
 int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��機能��セッション構造��ケットメン�ーを�ッファ�コピー���。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  引数�1��NULL�場�����bufsz引数�0�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param buf  メモリ�ッファを表��イト�インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7685,12 +8890,13 @@ int wolfSSL_CTX_UseSessionTicket(WOLFSSL_CTX* ctx);
 int wolfSSL_get_SessionTicket(WOLFSSL* ssl, unsigned char* buf, word32* bufSz);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��WolfSSL構造体内�wolfssl_session構造体��ケットメン�ーを設定���。関数�渡�れ��ッファ�メモリ�コピー�れ��。
     \return SSL_SUCCESS  機能�実行��功�����戻り��。関数�エラー���返�れ���。
     \return BAD_FUNC_ARG  WolfSSL構造�NULL�場��返�れ��。BUF引数�NULL�場����れ�スロー�れ����bufsz引数�ゼロ���り��ん。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param buf  セッション構造��ケットメン�ー�ロード�れる�イト�インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -7711,8 +8917,9 @@ int wolfSSL_set_SessionTicket(WOLFSSL* ssl, const unsigned char* buf,
     \brief  CallbackSessionTicket��int（* callbacksessionTicket）（wolfssl *�const unsigned char *�int�void *）�関数�インタ��。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  WolfSSL構造�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param cb  Type CallbackSessionTicket��関数�インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7730,12 +8937,41 @@ int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
                                  CallbackSessionTicket cb, void* ctx);
 
 /*!
+    \brief ��関数�TLS1.3�ンドシェーク�確立�����セッション�ケットを�信���。
+
+    \return WOLFSSL_SUCCESS セッション�ケット��信�れ�場��返�れ��。
+    \return BAD_FUNC_ARG WOLFSSL構造体�NULL,�る��TLS v1.3を使用���場��返�れ��。
+    \return SIDE_ERROR returned サー�ー����場��返�れ��。
+    \return NOT_READY_ERROR �ンドシェーク�完了���場��返�れ��。
+    \return WOLFSSL_FATAL_ERROR メッセージ�生���信�失敗��際�返�れ��。
+
+    \param ssl wolfSSL_new()を使��生��れ�WOLFSSL構造体���インタ。
+
+    _Example_
+    \code
+    int ret;
+    WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
+    WOLFSSL* ssl = wolfSSL_new(ctx);
+    …
+    ret = wolfSSL_send_SessionTicket(ssl);
+    if (ret != WOLFSSL_SUCCESS) {
+        // New session ticket not sent.
+    }
+    \endcode
+
+    \sa wolfSSL_get_SessionTicket
+    \sa CallbackSessionTicket
+    \sa sessionTicketCB
+ */
+int wolfSSL_send_SessionTicket(WOLFSSL* ssl);
+
+/*!
     \brief  RFC 5077�指定�れ��るセッション�ケットをサ�ート�る���サー�ー�。
     \return SSL_SUCCESS  セッションを正常�設定�る�返�れ��。
     \return BAD_FUNC_ARG  失敗��場��返�れ��。�れ��無効�引数を関数�渡����よ��発生���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctxオブジェクト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTXオブジェクト���インタ。
     \param cb  セッション�ケットを暗�化/復�化�る���ユーザーコール�ック関数
-    \param ssl(Callback)  WOLFSSL_NEW（）�作��れ�WolfSSLオブジェクト���インタ
+    \param ssl(Callback)  wolfSSL_new()�作��れ�WolfSSLオブジェクト���インタ
     \param key_name(Callback)  ���ケットコンテキスト�一��キー��ランダム�生��れる����
     \param iv(Callback)  ユニーク�IV���ケット�場��最大128ビット�ランダム�生��れる����
     \param mac(Callback)  ���ケット�最大256ビットMAC
@@ -7743,6 +8979,7 @@ int wolfSSL_set_SessionTicket_cb(WOLFSSL* ssl,
     \param ticket(Callback)  暗�化�ケット�入出力�ッファ。ENCパラメータを�照������
     \param inLen(Callback)  �ケットパラメータ�入力長
     \param outLen(Callback)  �ケットパラメータ��果�出力長。コール�ックoutlenを入力�る���ケット�ッファ�使用�能�最大サイズ�表示�れ��。
+
     _Example_
     \code
     See wolfssl/test.h myTicketEncCb() used by the example
@@ -7758,7 +8995,8 @@ int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx,
     \brief  サー�ーサイド�使用����。
     \return SSL_SUCCESS  セッションを正常�設定�る�返�れ��。
     \return BAD_FUNC_ARG  失敗��場��返�れ��。�れ��無効�引数を関数�渡����よ��発生���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctxオブジェクト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTXオブジェクト���インタ。
+
     _Example_
     \code
     none
@@ -7771,7 +9009,8 @@ int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int);
     \brief  折り返�電話。サー�ーサイド�使用����。
     \return SSL_SUCCESS  セッションを正常�設定�る�返�れ��。
     \return BAD_FUNC_ARG  失敗��場��返�れ��。�れ��無効�引数を関数�渡����よ��発生���。
-    \param ctx  wolfssl_ctx_new（）�作��れ�wolfssl_ctxオブジェクト���インタ。
+    \param ctx  wolfSSL_CTX_new()�作��れ�WOLFSSL_CTXオブジェクト���インタ。
+
     _Example_
     \code
     none
@@ -7784,6 +9023,7 @@ int wolfSSL_CTX_set_TicketEncCtx(WOLFSSL_CTX* ctx, void*);
     \brief  折り返�電話。サー�ーサイド�使用����。
     \return userCtx  セッションを正常��得�る�返�れ��。
     \return NULL  失敗��場��返�れ��。�れ��無効�引数を関数�渡����よ������ユーザーコンテキスト�設定�れ�������発生���。
+
     _Example_
     \code
     none
@@ -7796,8 +9036,9 @@ void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx);
     \brief  ��機能���WolfSSL構造�HSDonectxメン�ー�設定�れ����。
     \return SSL_SUCCESS  関数�エラー���実行�れ�場��返�れ��。WolfSSL構造体�HSDONECB�HSDonectxメン�ー�設定�れ����。
     \return BAD_FUNC_ARG  wolfssl構造体�NULL�場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
     \param cb  int（* HandshakedOneCB）（wolfssl *�void *）�署�を��タイプHandshakedOneCB�関数�インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -7814,11 +9055,12 @@ void* wolfSSL_CTX_get_TicketEncCtx(WOLFSSL_CTX* ctx);
 int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�セッション�ら統計を�刷���。
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���戻��場��返�れ��。セッション統計�正常��得�れ�刷�れ���。
-    \return BAD_FUNC_ARG  サブルー�ンwolfssl_get_session_stats（）�許容����引数�渡�れ�場��返�れ��。
+    \return BAD_FUNC_ARG  サブルー�ンwolfssl_get_session_stats()�許容����引数�渡�れ�場��返�れ��。
     \return BAD_MUTEX_E  サブルー�ン�ミューテックスエラー����場��返�れ��。
+
     _Example_
     \code
     // You will need to have a session object to retrieve stats from.
@@ -7832,14 +9074,15 @@ int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx);
 int wolfSSL_PrintSessionStats(void);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数�セッション�統計を�得���。
     \return SSL_SUCCESS  関数�サブルー�ン�エラー���戻��場��返�れ��。セッション統計�正常��得�れ�刷�れ���。
-    \return BAD_FUNC_ARG  サブルー�ンwolfssl_get_session_stats（）�許容����引数�渡�れ�場��返�れ��。
+    \return BAD_FUNC_ARG  サブルー�ンwolfssl_get_session_stats()�許容����引数�渡�れ�場��返�れ��。
     \return BAD_MUTEX_E  サブルー�ン�ミューテックスエラー����場��返�れ��。
     \param active  �在�セッション��計を表�Word32�インタ。
     \param total  �セッションを表�Word32�インタ。
     \param peak  ピークセッションを表�Word32�インタ。
+
     _Example_
     \code
     int wolfSSL_PrintSessionStats(void){
@@ -7857,10 +9100,10 @@ int wolfSSL_get_session_stats(unsigned int* active,
                                           unsigned int* maxSessions);
 
 /*!
-    \ingroup TLS 
+    \ingroup TLS
     \brief  ��関数�CR�SR�値をコピー���らWC_PRF（疑似ランダム関数）�渡����値を返���。
     \return 0  �功��
-    \return BUFFER_E  �ッファ�サイズ�エラー�発生��場��返�れ��。
+    \return BUFFER_E  �ッファ�サイズ�エラー�発生��場��返�れ��。
     \return MEMORY_E  サブルー�ン�動的メモリを割り当�る���������場��返�れ��。
     \param ms  マスターシークレット�アレイ構造����れ����。
     \param msLen  マスターシークレット�長�。
@@ -7869,6 +9112,7 @@ int wolfSSL_get_session_stats(unsigned int* active,
     \param cr  クライアント�ランダム
     \param sr  サー�ー�ランダム��。
     \param tls1_2  �ージョン�少���もTLS�ージョン1.2��る��を�味���。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -7897,7 +9141,7 @@ int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
                                int tls1_2, int hash_type);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  TLSキーを導�出����外部�ラッパー。
     \return 0  �功�戻り���。
     \return BUFFER_E  LABLEN�SEADLEN��計（�計サイズを計算）�最大サイズを超�る�返�れ��。
@@ -7908,7 +9152,8 @@ int wolfSSL_MakeTlsMasterSecret(unsigned char* ms, word32 msLen,
     \param msLen  列挙�れ�定義��マスターシークレット�長�を���るWord32タイプ。
     \param sr  WOLFSSL構造内��列構造�ServerRandomメン�ー��定数�イト�インタ。
     \param cr  WolfSSL構造内��列構造�ClientRandomメン�ー��定数�イト�インタ。
-    \param tls1_2  ISATLEASTLSV1_2（）�ら返�れ�整数型。
+    \param tls1_2  ISATLEASTLSV1_2()�ら返�れ�整数型。
+
     _Example_
     \code
     int DeriveTlsKeys(WOLFSSL* ssl){
@@ -7932,11 +9177,12 @@ int wolfSSL_DeriveTlsKeys(unsigned char* key_data, word32 keyLen,
 
 /*!
     \brief  �ンドシェイクコール�ック�設定�れ��。�れ��デ�ッガ�利用����スニッフィング�実用的����場���サ�ートをデ�ッグ�る���組�込�システム�役立���。�ンドシェイクエラー�発生������呼�出�れ��。SSLパケット�最大数�既知��る���動的メモリ�使用�れ��ん。パケット�をPacketNames []�アクセス����。接続拡張機能��タイムアウト値��も�タイムアウトコール�ックを設定�る��も����。�れ��ユーザー�TCPスタックをタイムアウト�る�を待�����場��便利��。��拡張���コール�ック���ら�������ら�コール�ックも呼�出�れ��ん。
-    \return SSL_SUCCESS  �功�る�。
-    \return GETTIME_ERROR  gettimeofday（）�エラーを検出��場��返�れ��。
-    \return SETITIMER_ERROR  setItimer（）�エラーを検出��場��返�れ��。
-    \return SIGACT_ERROR  sigAction（）�エラーを検出��場��返�れ��。
-    \return SSL_FATAL_ERROR  基��るssl_connect（）呼�出��エラーを検出��場��返�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return GETTIME_ERROR  gettimeofday()�エラーを検出��場��返�れ��。
+    \return SETITIMER_ERROR  setItimer()�エラーを検出��場��返�れ��。
+    \return SIGACT_ERROR  sigAction()�エラーを検出��場��返�れ��。
+    \return SSL_FATAL_ERROR  基��るssl_connect()呼�出��エラーを検出��場��返�れ��。
+
     _Example_
     \code
     none
@@ -7948,11 +9194,12 @@ int wolfSSL_connect_ex(WOLFSSL* ssl, HandShakeCallBack hsCb,
 
 /*!
     \brief  設定�る。�れ��デ�ッガ�利用����スニッフィング�実用的����場���サ�ートをデ�ッグ�る���組�込�システム�役立���。�ンドシェイクエラー�発生������呼�出�れ��。SSLパケット�最大数�既知��る���動的メモリ�使用�れ��ん。パケット�をPacketNames []�アクセス����。接続拡張機能��タイムアウト値��も�タイムアウトコール�ックを設定�る��も����。�れ��ユーザー�TCPスタックをタイムアウト�る�を待�����場��便利��。��拡張���コール�ック���ら�������ら�コール�ックも呼�出�れ��ん。
-    \return SSL_SUCCESS  �功�る�。
-    \return GETTIME_ERROR  gettimeofday（）�エラーを検出��場��返�れ��。
-    \return SETITIMER_ERROR  setItimer（）�エラーを検出��場��返�れ��。
-    \return SIGACT_ERROR  sigAction（）�エラーを検出��場��返�れ��。
-    \return SSL_FATAL_ERROR  基礎��るssl_accept（）呼�出��エラーを検出��場��返�れ��。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return GETTIME_ERROR  gettimeofday()�エラーを検出��場��返�れ��。
+    \return SETITIMER_ERROR  setItimer()�エラーを検出��場��返�れ��。
+    \return SIGACT_ERROR  sigAction()�エラーを検出��場��返�れ��。
+    \return SSL_FATAL_ERROR  基礎��るssl_accept()呼�出��エラーを検出��場��返�れ��。
+
     _Example_
     \code
     none
@@ -7963,12 +9210,13 @@ int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBacki hsCb,
                       TimeoutCallBack toCb, WOLFSSL_TIMEVAL timeout);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �れ�BIO�内部ファイル�インタを設定�る���使用�れ��。
     \return SSL_SUCCESS  ファイル�インタを正常�設定���。
     \return SSL_FAILURE  エラーケース�����場�
-    \param bio  ペアを設定�る���wolfssl_bio構造。
+    \param bio  ペアを設定�る���WOLFSSL_BIO構造体。
     \param fp  �イオ�設定�るファイル�インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -7986,11 +9234,12 @@ int wolfSSL_accept_ex(WOLFSSL* ssl, HandShakeCallBacki hsCb,
 long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
 
 /*!
-    \ingroup IO 
-    \brief  �れ��BIO�内部ファイル�インタを�得�る���使用�れ��。
+    \ingroup IO
+\brief  ��関数��    \brief  �れ��BIO�内部ファイル�インタを�得�る���使用�れ��。
     \return SSL_SUCCESS  ファイル�インタを正常��得���。
     \return SSL_FAILURE  エラーケース�����場�
-    \param bio  ペアを設定�る���wolfssl_bio構造。
+    \param bio  ペアを設定�る���WOLFSSL_BIO構造体。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -8008,11 +9257,12 @@ long wolfSSL_BIO_set_fp(WOLFSSL_BIO *bio, XFILE fp, int c);
 long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��秘密��使用�れ��る証明書��一致��る��を確����。
     \return SSL_SUCCESS  ���一致���。
     \return SSL_FAILURE  エラーケース�����場�
     \return <0  ssl_failure以外�����エラーケース�負�値��。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -8027,12 +9277,13 @@ long wolfSSL_BIO_get_fp(WOLFSSL_BIO *bio, XFILE* fp);
 int wolfSSL_check_private_key(const WOLFSSL* ssl);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��機能��渡�れ�NID値�一致�る拡張索引を探��返���。
-    \return >=  0拡張インデックス��功��場��返�れ��。
+    \return >=  0拡張インデックス��功��場��返�れ��。
     \return -1  拡張�見��ら���エラー�発生��場�
     \param x509  拡張����解��る証明書。
     \param nid  見��る拡張OID。
+
     _Example_
     \code
     const WOLFSSL_X509* x509;
@@ -8046,13 +9297,14 @@ int wolfSSL_X509_get_ext_by_NID(const WOLFSSL_X509* x509,
                                              int nid, int lastPos);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��渡�れ�NID値����拡張�を探��返���。
-    \return pointer  STACK_OF（wolfssl_asn1_object）�インタ��功��場��返�れ��。
+    \return pointer  STACK_OF（wolfssl_asn1_object）�インタ��功��場��返�れ��。
     \return NULL  拡張�見��ら���エラー�発生��場�
     \param x509  拡張����解��る証明書。
     \param nid  見��る拡張OID。
     \param c  not null�複数�拡張��-2�設定�れ����場��-1�見��り��ん���。
+
     _Example_
     \code
     const WOLFSSL_X509* x509;
@@ -8069,13 +9321,14 @@ void* wolfSSL_X509_get_ext_d2i(const WOLFSSL_X509* x509,
                                                      int nid, int* c, int* idx);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�DER証明書��ッシュを返���。
     \return SSL_SUCCESS  �ッシュ�作���功����。
     \return SSL_FAILURE  �良入力���失敗���ッシュ�戻り���。
     \param x509  �ッシュを得る���証明書。
     \param digest  使用�る�ッシュアルゴリズム
     \param buf  �ッシュを���る����ッファ。
+
     _Example_
     \code
     WOLFSSL_X509* x509;
@@ -8092,11 +9345,12 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
         const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  �ンドシェイク中�使用�る����WolfSSL構造�証明書を設定�る���使用�れ��。
     \return SSL_SUCCESS  設定��功��引数����。
     \return SSL_FAILURE  NULL引数�渡�れ�場�。
     \param ssl  証明書を設定�る���WolfSSL構造。
+
     _Example_
     \code WOLFSSL* ssl;
     WOLFSSL_X509* x509
@@ -8111,12 +9365,13 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509,
 int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��handshake�間�使用�る���WolfSSL構造�証明書を設定�る���使用�れ��。DERフォーマット�ッファ�予想�れ��。
+    \ingroup Setup
+    \bii�f����関数��handshake�間�使用�る���WolfSSL構造�証明書を設定�る���使用�れ��。DERフォーマット�ッファ�予想�れ��。
     \return SSL_SUCCESS  設定��功��引数����。
     \return SSL_FAILURE  NULL引数�渡�れ�場�。
     \param ssl  証明書を設定�る���WolfSSL構造。
     \param der  使用�る証明書。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -8134,11 +9389,12 @@ int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,
                                                                      int derSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  �れ�WolfSSL構造�秘密�を設定�る���使用�れ��。
     \return SSL_SUCCESS  設定��功��引数����。
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。����エラーケース�負�値��り��。
     \param ssl  引数を設定�る���WolfSSL構造。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -8154,13 +9410,14 @@ int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, unsigned char* der,
 int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  �れ�WolfSSL構造�秘密�を設定�る���使用�れ��。DERフォーマット�キー�ッファ�予想�れ��。
     \return SSL_SUCCESS  秘密��構文解��設定��功��場�。
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。����エラーケース�負�値��り��。
     \param pri  秘密��種類。
     \param ssl  引数を設定�る���WolfSSL構造。
     \param der  �ッファー��DERキー。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -8179,12 +9436,13 @@ int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl,
                                             unsigned char* der, long derSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  �れ�WolfSSL構造�秘密�を設定�る���使用�れ��。DERフォーマット�RSAキー�ッファ�予想�れ��。
     \return SSL_SUCCESS  秘密��構文解��設定��功��場�。
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。����エラーケース�負�値��り��。
     \param ssl  引数を設定�る���WolfSSL構造。
     \param der  �ッファー��DERキー。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -8203,10 +9461,11 @@ int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der,
                                                                 long derSz);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��DSA�パラメータを新��作��れ�WOLFSSL_DH構造体��複�����。
     \return WOLFSSL_DH  �複��場��WolfSSL_DH構造体を返�場�
     \return NULL  失敗�る�
+
     _Example_
     \code
     WOLFSSL_DH* dh;
@@ -8221,13 +9480,14 @@ int wolfSSL_use_RSAPrivateKey_ASN1(WOLFSSL* ssl, unsigned char* der,
 WOLFSSL_DH *wolfSSL_DSA_dup_DH(const WOLFSSL_DSA *r);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  �れ��ンドシェイクを完了��後�マスターキーを�得�る���使用�れ��。
     \return >0  データ��得��功��場��0より大��値を返���。
     \return 0  ランダム�データ�ッファ���エラー状態�返�れ��場��0
     \return max  渡�れ�OUTSZ�0�場��必��最大�ッファサイズ�返�れ��。
     \param ses  マスターシークレット�ッファを�得�る���WolfSSL_SESSION構造。
     \param out  データを���る����ッファ。
+
     _Example_
     \code
     WOLFSSL_SESSION ssl;
@@ -8247,9 +9507,10 @@ int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
         unsigned char* out, int outSz);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  �れ�マスター秘密��長�を�得�る���使用�れ��。
     \return size  マスターシークレットキーサイズを返���。
+
     _Example_
     \code
     WOLFSSL_SESSION ssl;
@@ -8267,10 +9528,11 @@ int wolfSSL_SESSION_get_master_key(const WOLFSSL_SESSION* ses,
 int wolfSSL_SESSION_get_master_key_length(const WOLFSSL_SESSION* ses);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��CTX�WOLFSSL_X509_STORE構造�設定機能��。
+    \ingroup Setup
+    \bri f  ��関数��れ��CTX�WOLFSSL_X509_STORE構造�設定機能��。
     \return none  返���。
     \param ctx  Cert Store�インタを設定�る���WolfSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX ctx;
@@ -8286,11 +9548,12 @@ void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
                                                        WOLFSSL_X509_STORE* str);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�BIO�らDER�ッファを�得���れをWolfSSL_X509構造�変����。
     \return pointer  �功��wolfssl_x509構造�インタを返���。
     \return Null  失敗時�NULLを返���
-    \param bio  DER証明書�ッファを��wolfssl_bio構造体���インタ。
+    \param bio  DER証明書�ッファを��WOLFSSL_BIO構造体体���インタ。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -8306,10 +9569,11 @@ void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
 WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��CTX�WOLFSSL_X509_STORE構造�ゲッター関数��。
+    \ingroup Setup
+    \bri f  ��関数��れ��CTX�WOLFSSL_X509_STORE構造�ゲッター関数��。
     \return WOLFSSL_X509_STORE*  �インタを正常�入手���。
     \return NULL  NULL引数�渡�れ�場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX ctx;
@@ -8325,9 +9589,10 @@ WOLFSSL_X509* wolfSSL_d2i_X509_bio(WOLFSSL_BIO* bio, WOLFSSL_X509** x509);
 WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  �留中��イト数を読��る数を�得���。BIOタイプ�BIO_BIO�場��ペア�ら読��る番���。BIO�SSLオブジェクト���れ��る場���SSLオブジェクト�ら�データを�留中��（WolfSSL_Pending（SSL））。bio_memoryタイプ��る場���メモリ�ッファ�サイズを返���。
     \return >=0  �留中��イト数。
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -8342,13 +9607,14 @@ WOLFSSL_X509_STORE* wolfSSL_CTX_get_cert_store(WOLFSSL_CTX* ctx);
 size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ���ンドシェイク中�サー�ー�よ���信�れ�ランダム�データを�得�る���使用�れ��。
+    \ingroup Setup
+    \biief����関数���ンドシェイク中�サー�ー�よ���信�れ�ランダム�データを�得�る���使用�れ��。
     \return >0  データ��得��功��場��0より大��値を返���。
     \return 0  ランダム�データ�ッファ���エラー状態�返�れ��場��0
     \return max  渡�れ�OUTSZ�0�場��必��最大�ッファサイズ�返�れ��。
     \param ssl  クライアント�ランダムデータ�ッファを�得�る���WolfSSL構造。
     \param out  ランダムデータを���る����ッファ。
+
     _Example_
     \code
     WOLFSSL ssl;
@@ -8367,13 +9633,14 @@ size_t wolfSSL_get_server_random(const WOLFSSL *ssl,
                                              unsigned char *out, size_t outlen);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ���ンドシェイク中�クライアント�よ���信�れ�ランダム�データを�得�る���使用�れ��。
+    \ingroup Setup
+    \biief����関数���ンドシェイク中�クライアント�よ���信�れ�ランダム�データを�得�る���使用�れ��。
     \return >0  データ��得��功��場��0より大��値を返���。
     \return 0  ランダム�データ�ッファ���エラー状態�返�れ��場��0
     \return max  渡�れ�OUTSZ�0�場��必��最大�ッファサイズ�返�れ��。
     \param ssl  クライアント�ランダムデータ�ッファを�得�る���WolfSSL構造。
     \param out  ランダムデータを���る����ッファ。
+
     _Example_
     \code
     WOLFSSL ssl;
@@ -8392,10 +9659,11 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl,
                                               unsigned char* out, size_t outSz);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  �れ�CTX�設定�れ�パスワードコール�ック�ゲッター関数��。
     \return func  �功�る��コール�ック関数を返���。
     \return NULL  CTX�NULL�場��NULL�返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -8411,10 +9679,11 @@ wc_pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX*
                                                                   ctx);
 
 /*!
-    \ingroup Setup 
-    \brief  �れ��CTX�設定�れ��るパスワードコール�ックユーザーデータ��得機能��。
+    \ingroup Setup
+    \bri f  ��関数��れ��CTX�設定�れ��るパスワードコール�ックユーザーデータ��得機能��。
     \return pointer  �功�る��ユーザーデータ�インタを返���。
     \return NULL  CTX�NULL�場��NULL�返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -8429,13 +9698,14 @@ wc_pem_password_cb* wolfSSL_CTX_get_default_passwd_cb(WOLFSSL_CTX*
 void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�wolfssl_pem_read_bio_x509���よ��動作���。AUX��信頼��る/拒��れ�ユースケースや人間�読�や������フレンドリー������追加情報を�む��を�味���。
     \return WOLFSSL_X509  PEM�ッファ�解���功��場��wolfssl_x509構造�返�れ��。
     \return Null  PEM�ッファ�解��失敗��場�。
-    \param bp  wolfssl_bio構造体�らPEM�ッファを�得���。
+    \param bp  WOLFSSL_BIO構造体体�らPEM�ッファを�得���。
     \param x  wolfssl_x509を機能副作用�設定�る場�
     \param cb  パスワードコール�ック
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -8450,13 +9720,14 @@ WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
         (WOLFSSL_BIO *bp, WOLFSSL_X509 **x, wc_pem_password_cb *cb, void *u);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  wolfssl_ctx構造体�DHメン�ーをdiffie-hellmanパラメータ��期化���。
+    \ingroup CertsKeys
+    \brief  WOLFSSL_CTX構造体�DHメン�ーをdiffie-hellmanパラメータ��期化���。
     \return SSL_SUCCESS  関数�正常�実行�れ�場��返�れ��。
     \return BAD_FUNC_ARG  CTX���DH構造体�NULL�場��返�れ��。
-    \return SSL_FATAL_ERROR  構造値を設定�るエラー�発生��場��返�れ��。
-    \return MEMORY_E  メモリを割り当�る���������場��返�れ��。
-    \param ctx  wolfssl_ctx_new（）を使用��作��れ�wolfssl_ctx構造���インタ。
+    \return SSL_FATAL_ERROR  構造値を設定�るエラー�発生��場��返�れ��。
+    \return MEMORY_E  メモリを割り当�る���������場��返�れ��。
+    \param ctx  wolfSSL_CTX_new()を使用��作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -8469,13 +9740,14 @@ WOLFSSL_X509 *wolfSSL_PEM_read_bio_X509_AUX
 long wolfSSL_CTX_set_tmp_dh(WOLFSSL_CTX* ctx, WOLFSSL_DH* dh);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��BIO�PEM�ッファ�らDSAパラメータを�得���。
     \return WOLFSSL_DSA  PEM�ッファ�解���功��場��WolfSSL_DSA構造�作��れ�返�れ��。
     \return Null  PEM�ッファ�解��失敗��場�。
-    \param bio  PEMメモリ�インタを�得�る���wolfssl_bio構造体���インタ。
+    \param bio  PEMメモリ�インタを�得�る���WOLFSSL_BIO構造体体���インタ。
     \param x  新��WolfSSL_DSA構造�設定�る�インタ。
     \param cb  パスワードコール�ック関数
+
     _Example_
     \code
     WOLFSSL_BIO* bio;
@@ -8491,9 +9763,10 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp,
     WOLFSSL_DSA **x, wc_pem_password_cb *cb, void *u);
 
 /*!
-    \ingroup Debug 
+    \ingroup Debug
     \brief  ��関数��wolfssl_Error�����最後�エラー�絶対値を返���。
     \return error  最後�エラー�絶対値を返���。
+
     _Example_
     \code
     unsigned long err;
@@ -8506,10 +9779,11 @@ WOLFSSL_DSA *wolfSSL_PEM_read_bio_DSAparams(WOLFSSL_BIO *bp,
 unsigned long wolfSSL_ERR_peek_last_error(void);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数�ピア�証明書�ェーンを�得���。
     \return pointer  ピア�証明書スタック���インタを返���。
-    \return NULL  ピア証明書���場��返�れ��。
+    \return NULL  ピア証明書���場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( method );
@@ -8528,9 +9802,10 @@ unsigned long wolfSSL_ERR_peek_last_error(void);
 WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��wolfssl_ctxオブジェクト�オプションビットをリセット���。
+    \ingroup Setup
+    \brief  ��関数��WOLFSSL_CTXオブジェクト�オプションビットをリセット���。
     \return option  新��オプションビット
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = 0;
@@ -8544,15 +9819,16 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*);
 long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��WolfSSL構造�jobjectrefメン�ーを設定���。
     \return SSL_SUCCESS  jobjectref�objptr�正��設定�れ��る場��返�れ��。
     \return SSL_FAILURE  関数�正��実行�れ��jobjectref�設定�れ����場��返�れ��。
-    \param ssl  wolfssl_new（）を使用��作��れ�WolfSSL構造���インタ。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
-    WOLFSSL* ssl = WOLFSSL_new();
+    WOLFSSL* ssl = wolfSSL_new();
     void* objPtr = &obj;
     ...
     if(wolfSSL_set_jobject(ssl, objPtr)){
@@ -8564,10 +9840,12 @@ long wolfSSL_CTX_clear_options(WOLFSSL_CTX* ctx, long opt);
 int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��wolfssl構造�jobjectrefメン�ーを返���。
     \return value  wolfssl構造体�null���場��関数�jobjectref値を返���。
     \return NULL  wolfssl構造体�NULL�場��返�れ��。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new( protocol method );
@@ -8584,10 +9862,12 @@ int wolfSSL_set_jobject(WOLFSSL* ssl, void* objPtr);
 void* wolfSSL_get_jobject(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�SSL内�コール�ックを設定���。コール�ック��ンドシェイクメッセージを観察�る����。CB�NULL値�コール�ックをリセット���。
     \return SSL_SUCCESS  �功�����。
     \return SSL_FAILURE  NULL SSL�渡�れ�場�。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     static cb(int write_p, int version, int content_type,
@@ -8602,9 +9882,11 @@ void* wolfSSL_get_jobject(WOLFSSL* ssl);
 int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��SSL内�関連コール�ックコンテキスト値を設定���。値�コール�ック引数�渡�れ��。
     \return none  返���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     static cb(int write_p, int version, int content_type,
@@ -8620,10 +9902,11 @@ int wolfSSL_set_msg_callback(WOLFSSL *ssl, SSL_Msg_Cb cb);
 int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
 
 /*!
-    \ingroup CertsKeys 
+    \ingroup CertsKeys
     \brief  ��関数��存在�る場���ピア証明書�らaltnameを返���。
     \return NULL  次�AltName���場�。
     \return cert->altNamesNext->name  wolfssl_x509�ら�AltNameリスト�ら�文字列値��る構造�存在�る場��返�れ��。
+
     _Example_
     \code
     WOLFSSL_X509 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -8637,13 +9920,15 @@ int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
     \sa wolfSSL_X509_get_issuer_name
     \sa wolfSSL_X509_get_subject_name
 */
-char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
+char* wolfSSL_X509_get_next_altname(WOLFSSL_X509* x509);
 
 /*!
-    \ingroup CertsKeys 
-    \brief  関数��x509�null�����を確��������場���x509構造体�NotBeforeメン�ーを返���。
-    \return pointer  X509構造体�NotBeforeメン�ー�ASN1_TIMEを使用��構造体�。
-    \return NULL  x509構造�null�場��関数�nullを返���。
+    \ingroup CertsKeys
+    \brief  関数��x509�null�����を確��������場���WOLFSSL_X509構造体�NotBeforeメン�ーを返���。
+    \return pointer  WOLFSSL_ASN1_TIME���インタ（WOLFSSL_X509構造体�NotBeforeメン�ー���インタ）を返���。
+    \return NULL  WOLFSSL_X509構造体�NULL�場��返�れ��。
+    \param x509 WOLFSSL_X509構造体���インタ
+
     _Example_
     \code
     WOLFSSL_X509* x509 = (WOLFSSL_X509)XMALLOC(sizeof(WOLFSSL_X509), NULL,
@@ -8656,13 +9941,27 @@ char* wolfSSL_X509_get_next_altname(WOLFSSL_X509*);
     \endcode
     \sa wolfSSL_X509_get_notAfter
 */
-WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
+WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509* x509);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�クライアント��呼�出�れ�サー�ー��SSL / TLS�ンドシェイクを開始���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。 wolfssl_connect（）��ブロック��ブロックI / O�両方�動作���。基礎��るI / O�ノンブロッキング�れ����場��wolfssl_connect（）��基��るI / O�wolfssl_connect�ニーズを満��������������戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��基礎��るI / O�READY�よ�WOLFSSL��止�����wolfssl_connect（）��呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select（）を使用��必���件を確�����。基礎��る入出力�ブロック�れ��る場��wolfssl_connect（）��ンドシェイク�終了��ら����エラー�発生��ら��戻る。 WolfSSL�OpenSSLよりも証明書検証�異�るアプロー�を�り��。クライアント�デフォルト�リシー�サー�ーを確��る����。�れ��CASを読�込���場��サー�ーを確��る������確�����ん（-155）。 SSL_CONNECTを�����OpenSSL�動作��功��場���サー�ーを検証��セキュリティを抑�る�������.SSL_CTX_SET_VERIFY（CTX�SSL_VERIFY_NONE�0）。 ssl_new（）を呼�出���。�勧�����ん�。
-    \return SSL_SUCCESS  �功��場�
-    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfssl_get_error（）を呼�出���。
+    \ingroup IO
+    \brief  ��関数�クライアント��呼�出�れ�サー�ー��SSL/TLS�ンドシェイクを開始���。
+    ��関数�呼�出�れる���下層�通信�ャ�ル����設定�れ��る必���り��。
+    wolfSSL_connect()��ブロッキング�ノンブロッキングI/O�両方�動作���。
+    下層�I/O�ノンブロッキング�場��wolfSSL_connect()��下層�I/O�wolfSSL_connect��求（�信データ��信データ）を満����������������戻り��。
+    ��場��wolfSSL_get_error()�呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ��返�れ��。
+    呼�出��プロセス��下層�I/O��READY����時点��WOLFSSL��止�����ら�開��るよ��wolfSSL_connect()��呼�出�を繰り返�必���り��。
+    �れ��select()を使用��必���件�整������を確�����。
+    ブロッキングI/Oを使用�る場����ンドシェーク�終了�る�エラー�発生�る��戻�����ん。
+    wolfSSL�OpenSSL�比��証明書検証�異�るアプロー�を�り��。クライアント�デフォルト�リシー�サー�ーを�証�る����。
+    �れ��CA証明書を読�込���場��サー�ーを確��る�������-155��エラーコード�返�れ��。
+    OpenSSL���振る舞�（��り�CA証明書�ロード���サー�ー�証を�功��る）を�ら���場����セキュリティ���勧�����ん��
+    SSL_CTX_SET_VERIFY（ctx�SSL_VERIFY_NONE�0)を呼�出�����能��り��。
+
+    \return SSL_SUCCESS  �功��場��返�れ��。
+    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfSSL_get_error()を呼�出���。
+    \param ssl  wolfSSL_new()を使用��作��れ�WolfSSL構造���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -8682,15 +9981,16 @@ WOLFSSL_ASN1_TIME* wolfSSL_X509_get_notBefore(WOLFSSL_X509*);
 int  wolfSSL_connect(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�サー�ー��呼�出�れ��HellORetryRequestメッセージ�Cookieを��る必���る��を示���。Cookie��在�トランスクリプト��ッシュを�����る���別�サー�ープロセス�応答�ClientHelloを処�����。秘密�Cookieデータ�整�性�ェックをGenerting�る���使用�れ��。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \param [in,out]    ssl l wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
     \param [in]  秘密を�����る�ッファ���インタを秘密����。渡�NULL��新��ランダムシークレットを生��る��を示���。
     \param [in]  シークス�サイズを�イト���サイズ。0を渡���デフォルト�サイズを使用�る��を示���.WC_SHA256_DIGEST_SIZE（���SHA-256�使用����場��WC_SHA_DIGEST_SIZE）。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
-    \return WOLFSSL_SUCCESS  �功��場�
+    \return WOLFSSL_SUCCESS  �功��場��返�れ��。
     \return MEMORY_ERROR  秘密を�存�る���動的メモリを割り当�る場��失敗����。
+
     _Example_
     \code
     int ret;
@@ -8708,11 +10008,31 @@ int  wolfSSL_send_hrr_cookie(WOLFSSL* ssl,
     const unsigned char* secret, unsigned int secretSz);
 
 /*!
-    \ingroup Setup 
-    \brief  �ンドシェイク�完了�る����関数�サー�ー上��開セッション�ケット��信を�止�るよ��呼�出�れ��。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+
+    \ingroup Setup
+
+    \brief ��関数�サー�ー��呼�出�れ�HelloRetryRequestメッセージ�クッキーを�ん���ら�����
+    DTLSv1.3�使用�れ��る場���クッキー�交���ンドシェーク���れ����を表明���。
+    DTLSv1.3��クッキー交�を行����サー�ー�DoS/Amplification攻撃を��や���る�能性��る���留�������。
+
+    \param [in,out] ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
+    \return WOLFSSL_SUCCESS �功時�返�れ��。
+    \return BAD_FUNC_ARG ssl�NULL�る��TLS v1.3を使用�����場��返�れ��。
+    \return SIDE_ERROR クライアント����関数�呼�出�れ�場��返�れ��。
+
+    \sa wolfSSL_send_hrr_cookie
+*/
+int wolfSSL_disable_hrr_cookie(WOLFSSL* ssl);
+
+
+/*!
+    \ingroup Setup
+    \brief  ��関数�サー�ー上�呼�出�れ��ンドシェイク完了時�セッション�開����セッション�ケット��信を行���よ�����。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
     \return BAD_FUNC_ARG  CTX�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -8728,11 +10048,12 @@ int  wolfSSL_send_hrr_cookie(WOLFSSL* ssl,
 int  wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  �ンドシェイク�完了�る����関数�サー�ー上��開セッション�ケット��信を�止�るよ��呼�出�れ��。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -8748,10 +10069,11 @@ int  wolfSSL_CTX_no_ticket_TLSv13(WOLFSSL_CTX* ctx);
 int  wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��Authentication�プリシェアキーを使用���る場��DIFFIE-HELLMAN（DH）スタイル�キー交�を許��るTLS V1.3 WolfSSLコンテキスト�呼�出�れ��。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
     \return BAD_FUNC_ARG  CTX�NULL�場�����TLS v1.3を使用�����場�。
+
     _Example_
     \code
     int ret;
@@ -8767,10 +10089,11 @@ int  wolfSSL_no_ticket_TLSv13(WOLFSSL* ssl);
 int  wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��Authentication����プリシェアキーを使用���る���Diffie-Hellman（DH）スタイル�キー交�を許��るTLS V1.3クライアント���サー�ー�WolfSSL�呼�出�れ��。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \ingroup Setup
+    \brief  ��関数��事�共有�を使用���るTLS V1.3クライアント���サー�ー���Diffie-Hellman（DH）スタイル��交�を許����よ��設定���。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
+
     _Example_
     \code
     int ret;
@@ -8786,11 +10109,12 @@ int  wolfSSL_CTX_no_dhe_psk(WOLFSSL_CTX* ctx);
 int  wolfSSL_no_dhe_psk(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��TLS v1.3クライアント���サー�ー�wolfssl�呼�出�れ��キー�ロールオー�ーを強制���。KeyUpdateメッセージ�ピア��信�れ�新��キー�暗�化����計算�れ��。ピア�KeyUpdateメッセージを�り�新��復�化キーWILを計算���。��機能���ンドシェイク�完了��後���呼�出��������。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return WANT_WRITE  書�込��準備�������場�
+
     _Example_
     \code
     int ret;
@@ -8809,11 +10133,12 @@ int  wolfSSL_no_dhe_psk(WOLFSSL* ssl);
 int  wolfSSL_update_keys(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数��TLS v1.3クライアント���サー�ー�wolfssl�呼�出�れ�キー�ロールオー�ー�進行中����を判断���。wolfssl_update_keys（）�呼�出�れる��KeyUpdateメッセージ��信�れ�暗�化キー�更新�れ��。復�化キー��応答��信�れ����更新�れ��。
-    \param [in]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \ingroup IO
+    \brief  ��関数��TLS v1.3クライアント���サー�ー�wolfssl�呼�出�れ�キー�ロールオー�ー�進行中����を判断���。wolfssl_update_keys()�呼�出�れる��KeyUpdateメッセージ��信�れ�暗�化キー�更新�れ��。復�化キー��応答��信�れ����更新�れ��。
+    \param [in]  ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
     \param [out]  キー更新応答�必���場��必須0。1キー更新応答�必���場�。
     \return 0  �功��。
+
     _Example_
     \code
     int ret;
@@ -8833,11 +10158,12 @@ int  wolfSSL_update_keys(WOLFSSL* ssl);
 int  wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��TLS v1.3クライアント�WolfSSLコンテキスト�呼�出�れ�クライアント�サー�ー�ら��求�応��Post Handshakeを�信��るよ�����。�れ��クライアント�証��を必�����ページを��Webサー�ー�接続�る���役立���。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
     \return BAD_FUNC_ARG  CTX�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  サー�ー�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -8854,11 +10180,12 @@ int  wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
 int  wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��TLS V1.3クライアントWolfSSL�呼�出�れ�クライアント�サー�ー�ら��求�応���ンドシェイクを�り��。handshakeクライアント�証拡張機能�ClientHello��信�れ��。�れ��クライアント�証��を必�����ページを��Webサー�ー�接続�る���役立���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \param [in,out]  ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  サー�ー�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -8875,15 +10202,16 @@ int  wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
 int  wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
+    \ingroup IO
     \brief  ��関数��TLS v1.3クライアント�らクライアント証明書を�求���。�れ��Webサー�ー�クライアント�証や��他�も�を必���るページ�サービスを�供���る場��役立���。接続�最大256��求を�信����。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return WANT_WRITE  書�込��準備�������場�
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
     \return NOT_READY_ERROR  �ンドシェイク�終了��������呼�出�れ�場�。
     \return POST_HAND_AUTH_ERROR  �付後�証�許��れ����場�。
     \return MEMORY_E  動的メモリ割り当��失敗��場�
+
     _Example_
     \code
     int ret;
@@ -8903,11 +10231,12 @@ int  wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
 int  wolfSSL_request_certificate(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�楕円曲線グループ�リストを設定���WolfSSLコンテキストを希望�順�設定���。リスト�ヌル終了��テキスト文字列��よ�コロン区切りリスト��。��関数を呼�出���TLS v1.3接続�使用�る�交�楕円曲線パラメータを設定���。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
-    \param [in]  楕円曲線グループ�コロン区切りリスト��る文字列をリスト���。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+    \param [in] list 楕円曲線グループ�コロン区切りリスト��る文字列をリスト���。
     \return WOLFSSL_FAILURE  �インタパラメータ�NULL�場��wolfssl_max_group_countグループ�多�場���グループ���識�れ����TLS v1.3を使用�����ん。
+
     _Example_
     \code
     int ret;
@@ -8928,11 +10257,12 @@ int  wolfSSL_request_certificate(WOLFSSL* ssl);
 int  wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�楕円曲線グループ�リストを設定���WolfSSLを希望�順�設定���。リスト�ヌル終了��テキスト文字列��よ�コロン区切りリスト��。��関数を呼�出���TLS v1.3接続�使用�る�交�楕円曲線パラメータを設定���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \param [in]  �交�グループ�コロン区切りリスト��る文字列をリスト���。
+    \param [in,out]  ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param [in] list �交�グループ�コロン区切りリスト��る文字列をリスト���。
     \return WOLFSSL_FAILURE  �インタパラメータ�NULL�場��wolfssl_max_group_countグループ�多�場���グループ���識�れ����TLS v1.3を使用�����ん。
+
     _Example_
     \code
     int ret;
@@ -8953,12 +10283,13 @@ int  wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
 int  wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
 
 /*!
-    \ingroup TLS 
-    \brief  ��関数��クライアント�TLS v1.3�ンドシェイク�使用�る��を好むキー交�グループを返���。��情報を完了��後���機能を呼�出���サー�ー���グループ�予想�れるよ����情報�将��接続�使用��るよ���る�を決定�る������情報�将��接続��交������ペアを事�生��る�������。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \ingroup TLS
+    \brief  ��関数��クライアント�TLS v1.3�ンドシェイク�使用�る��を好む�交�グループを返���。��情報を完了��後���機能を呼�出���サー�ー���グループ�予想�れるよ����情報�将��接続�使用��るよ���る�を決定�る������情報�将��接続��交������ペアを事�生��る�������。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  サー�ー�呼�出�れ�場�。
     \return NOT_READY_ERROR  �ンドシェイク�完了�る��呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -8980,12 +10311,13 @@ int  wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
 int  wolfSSL_preferred_group(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数�楕円曲線グループ�リストを設定���WolfSSLコンテキストを希望�順�設定���。リスト��Count�指定�れ�識別��数を��グループ識別���列��。��関数を呼�出���TLS v1.3接続�使用�る�交�楕円曲線パラメータを設定���。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
-    \param [in]  識別��よ���交�グループ�リストをグループ化���。
-    \param [in]  グループ内��交�グループ�数を数���。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+    \param [in] groups 識別��よ���交�グループ�リストをグループ化���。
+    \param [in] count グループ内��交�グループ�数を数���。
     \return BAD_FUNC_ARG  �インタパラメータ�NULL�場��グループ数�wolfssl_max_group_countを超���る��TLS v1.3を使用�����ん。
+
     _Example_
     \code
     int ret;
@@ -9010,12 +10342,13 @@ int  wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
     int count);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��wolfsslを許����楕円曲線グループ�リストを設定���。リスト��Count�指定�れ�識別��数を��グループ識別���列��。��関数を呼�出���TLS v1.3接続�使用�る�交�楕円曲線パラメータを設定���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \param [in]  識別��よ���交�グループ�リストをグループ化���。
-    \param [in]  グループ内��交�グループ�数を数���。
+    \param [in,out]  ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param [in]  groups 識別��よ���交�グループ�リストをグループ化���。
+    \param [in]  count グループ内��交�グループ�数を数���。
     \return BAD_FUNC_ARG  �インタパラメータ�NULL�場��グループ数�WolfSSL_MAX_GROUP_COUNTを超���る場��任��識別���識�れ����TLS v1.3を使用�����ん。
+
     _Example_
     \code
     int ret;
@@ -9039,10 +10372,25 @@ int  wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
 int  wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�クライアント��呼�出�れ�サー�ー��TLS v1.3�ンドシェイクを開始���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。 wolfssl_connect（）��ブロック��ブロックI / O�両方�動作���。基礎��るI / O�ノンブロッキング�れ����場��wolfssl_connect（）��基��るI / O�wolfssl_connect�ニーズを満��������������戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��基礎��るI / O�READY�よ�WOLFSSL��止�����wolfssl_connect（）��呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select（）を使用��必���件を確�����。基礎��る入出力�ブロック�れ��る場��wolfssl_connect（）��ンドシェイク�終了��ら����エラー�発生��ら��戻る。 WolfSSL�OpenSSLよりも証明書検証�異�るアプロー�を�り��。クライアント�デフォルト�リシー�サー�ーを確��る����。�れ��CASを読�込���場��サー�ーを確��る������確�����ん（-155）。 SSL_CONNECTを�����OpenSSL�動作��功��場���サー�ーを検証��セキュリティを抑�る�������.SSL_CTX_SET_VERIFY（CTX�SSL_VERIFY_NONE�0）。 ssl_new（）を呼�出���。�勧�����ん�。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfssl_get_error（）を呼�出���。
+    \ingroup IO
+    \brief  ��関数�クライアント��呼�出�れ�サー�ー��TLS v1.3�ンドシェイクを開始���。
+    ��関数�呼�出�れる��下層�通信�ャ�ル����設定�れ����。
+     wolfSSL_connect()��ブロック�ノンブロックI/O�両方�動作���。
+     下層I/O�ノンブロッキング�場��wolfSSL_connect()��下層I/O�wolfssl_connect��求を満��������������戻り��。
+     ��場��wolfSSL_get_error()��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。
+     通話プロセス��下層I/O�READY�よ�WOLFSSL��止�����wolfssl_connect()��呼�出�を繰り返�必���り��。
+     ノンブロッキングソケットを使用�る場���何も実行�る必���り����select()を使用��必���件を確�����。
+     基礎��る入出力�ブロック�れ��る場��wolfssl_connect()��ンドシェイク�終了��ら����エラー�発生��ら��戻り��。
+     WolfSSL�OpenSSLよりも証明書検証�異�るアプロー�を�り��。
+     クライアント�デフォルト�リシー�サー�ーを確��る����。
+     �れ��CASを読�込���場��サー�ーを確��る������確�����ん（-155）。
+     SSL_CONNECTを�����OpenSSL�動作��功��場���サー�ーを検証��セキュリティを抑�る�������。
+     SSL_CTX_SET_VERIFY（CTX�SSL_VERIFY_NONE�0）。
+     ssl_new()を呼�出���。�勧�����ん�。
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfSSL_get_error()を呼�出���。
+    \param ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -9062,13 +10410,24 @@ int  wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
     \sa wolfSSL_accept_TLSv13
     \sa wolfSSL_accept
 */
-int  wolfSSL_connect_TLSv13(WOLFSSL*);
+int  wolfSSL_connect_TLSv13(WOLFSSL* ssl);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数�サー�ー��呼�出�れ�SSL / TLSクライアント�SSL / TLS�ンドシェイクを開始�る�を待���。��関数�呼�出�れる��基礎��る通信�ャ�ル����設定�れ����。 wolfssl_accept（）��ブロック��ブロッキングI / O�両方�動作���。基礎��る入出力�ノンブロッキング��る場��wolfssl_accept（）��基礎��るI / O�wolfssl_accept�ニーズを満��������������戻り��。��場��wolfssl_get_error（）��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。通話プロセス��読��り�能�データ�使用�能��り�wolfssl��止��場所を拾�����wolfssl_accept�呼�出�を繰り返�必���り��。ノンブロッキングソケットを使用�る場���何も実行�る必���り����select（）を使用��必���件を確�����。基礎��るI / O�ブロック�れ��る場��wolfssl_accept（）��ンドシェイク�終了��ら����エラー�発生��ら戻り��。���ージョン�ClientHelloメッセージ�サ�ート�れ������TLS v1.3接続を期待�る�����関数を呼�出���。
-    \return SSL_SUCCESS  �功�る�。
-    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfssl_get_error（）を呼�出���。
+    \ingroup IO
+    \brief  ��関数�サー�ー��呼�出�れ�SSL/TLSクライアント�SSL/TLS�ンドシェイクを開始�る�を待�����。
+    ��関数�呼�出�れる��下層�通信�ャ�ル����設定�れ����。
+    wolfSSL_accept()��ブロック�ノンブロッキングI/O�両方�動作���。
+    下層�入出力�ノンブロッキング��る場��wolfSSL_accept()��下層�I/O�wolfSSL_accept��求を満��������������戻り��。
+    ��場��wolfSSL_get_error()��呼�出��SSL_ERROR_WANT_READ���SSL_ERROR_WANT_WRITE���れ�を生����。
+    通話プロセス��読��り�能�データ�使用�能��り�wolfssl��止��場所を拾�����wolfssl_accept�呼�出�を繰り返�必���り��。
+    ノンブロッキングソケットを使用�る場���何も実行�る必���り����select()を使用��必���件を確�����。
+    下層�I/O�ブロック�れ��る場��wolfssl_accept()��ンドシェイク�終了��ら����エラー�発生��ら戻り��。
+    ���ージョン�ClientHelloメッセージ�サ�ート�れ������TLS v1.3接続を期待�る�����関数を呼�出���。
+
+    \return SSL_SUCCESS  �功時�返�れ��。
+    \return SSL_FATAL_ERROR  エラー�発生��場��返�れ��。より詳細�エラーコードを�得�る���wolfSSL_get_error()を呼�出���。
+    \param ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
     _Example_
     \code
     int ret = 0;
@@ -9092,12 +10451,18 @@ int  wolfSSL_connect_TLSv13(WOLFSSL*);
 wolfSSL_accept_TLSv13(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��WolfSSLコンテキストを使用��TLS V1.3サー�ー�よ����入れられる早期データ�最大�を設定���。��関数を呼�出����生攻撃を軽減�る���プロセス��早期データ��を制����。�期�データ��セッション�ケット��信�れ���������セッション�ケット��開�れる�����接続�キー�ら派生��キー�よ���護�れ��。値��開����セッション�ケット���れ����。ゼロ�値��セッション�ケットを使用��クライアント�よ��早期データを�信�る��を示���。早期データ�イト数をアプリケーション�実際���能��り低�����を�勧����。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
-    \param [in]  SZ�イト�����入れる早期データ��。
+    \ingroup Setup
+    \brief  ��関数��WolfSSLコンテキストを使用��TLS V1.3サー�ー�よ����入れられるアーリーデータ�最大�を設定���。
+    ��関数を呼�出����生攻撃を軽減�る���プロセス��アーリーデータ��を制����。
+    �期�データ��セッション�ケット��信�れ���������セッション�ケット��開�れる�����接続���ら派生����よ���護�れ��。
+    値��開����セッション�ケット���れ����。
+    ゼロ�値��セッション�ケットを使用��クライアント�よ��アーリーデータを�信�る��を示���。
+    アーリーデータ�イト数をアプリケーション�実際���能��り低�����を�勧����。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+    \param [in]  sz �イト�����入れるアーリーデータ�サイズ。
     \return BAD_FUNC_ARG  CTX�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -9116,12 +10481,18 @@ int  wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
     unsigned int sz);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��WolfSSLコンテキストを使用��TLS V1.3サー�ー�よ����入れられる早期データ�最大�を設定���。��関数を呼�出����生攻撃を軽減�る���プロセス��早期データ��を制����。�期�データ��セッション�ケット��信�れ���������セッション�ケット��開�れる�����接続�キー�ら派生��キー�よ���護�れ��。値��開����セッション�ケット���れ����。ゼロ�値��セッション�ケットを使用��クライアント�よ��早期データを�信�る��を示���。早期データ�イト数をアプリケーション�実際���能��り低�����を�勧����。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \param [in]  SZクライアント�ら�イト�����入れる早期データ��。
-    \return BAD_FUNC_ARG  SSL�NULL�場�����TLS v1.3を使用�����場�。
+    \ingroup Setup
+    \brief  ��関数��WolfSSLコンテキストを使用��TLS V1.3サー�ー�よ����入れられるアーリーデータ�最大�を設定���。
+    ��関数を呼�出����生攻撃を軽減�る��プロセス��アーリーデータ��を制����。
+    �期�データ��セッション�ケット��信�れ���������セッション�ケット��開�れる�����接続���ら派生����よ���護�れ��。
+    値��開����セッション�ケット���れ����。
+    ゼロ�値��セッション�ケットを使用��クライアント�よ��アーリーデータを�信�る��を示���。
+    アーリーデータ�イト数をアプリケーション�実際���能��り低�����を�勧����。
+    \param [in,out]   ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param [in]  SZクライアント�ら�イト�����入れるアーリーデータ�サイズ。
+    \return BAD_FUNC_ARG  ssl�NULL�場�����TLS v1.3を使用�����場�。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -9139,15 +10510,19 @@ int  wolfSSL_CTX_set_max_early_data(WOLFSSL_CTX* ctx,
 int  wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数���開時�サー�ー�早期データを書�込���。wolfssl_connect（）���wolfssl_connect_tlsv13（）�代�り���関数を呼�出���サー�ー�接続���ンドシェイク�データを�り��。��機能�クライアント���使用�れ��。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \param [in]  データ早期データを����サー�ー�書�込む�ッファ。
-    \param [in]  SZ�イト���書�込む早期データ��。
-    \param [out]  OUTSZ�イト���書�れ�早期データ��。
-    \return BAD_FUNC_ARG  �インタパラメータ�NULL�場��SZ�0未満���TLSV1.3を使用���。
-    \return SIDE_ERROR  サー�ー�呼�出�れ�場�。
-    \return WOLFSSL_FATAL_ERROR  接続�行�れ����場�。
+    \ingroup IO
+    \brief  ��関数��セッション�開時�サー�ー�アーリーデータを書�込���。
+    wolfSSL_connect()���wolfSSL_connect_tlsv13()�代�り���関数を呼�出���サー�ー�接続���ンドシェイク�データを�り��。
+    ��機能�クライアント���使用�れ��。
+    \return BAD_FUNC_ARG  �インタパラメータ�NULL�場��返�れ��。sz�0未満���TLSV1.3を使用���場��も返�れ��。
+    \return SIDE_ERROR  サー�ー�呼�出�れ�場��返�れ��。
+    \return WOLFSSL_FATAL_ERROR  接続�行�れ����場��返�れ��。
+
+    \param [in,out]  ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \param [in]  data アーリーデータを�����る�ッファ���インタ。
+    \param [in]  sz 書�込むアーリーデータ�サイズ
+    \param [out]  outSz 書�込ん�アーリーデータ�サイズ
+
     _Example_
     \code
     int ret = 0;
@@ -9177,19 +10552,20 @@ int  wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
     \sa wolfSSL_connect
     \sa wolfSSL_connect_TLSv13
 */
-int  wolfSSL_write_early_data(OLFSSL* ssl, const void* data,
+int  wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
     int sz, int* outSz);
 
 /*!
-    \ingroup IO 
-    \brief  ��関数���開時�クライアント�ら�早期データを読��り��。wolfssl_accept（）���wolfssl_accept_tlsv13（）�代�り���関数を呼�出���クライアントを��入れ��ンドシェイク内�早期データを読��り��。�ンドシェイクよりも早期データ���場���通常���処��れ��。��機能�サー�ー���使用�れ��。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \ingroup IO
+    \brief  ��関数���開時�クライアント�ら�早期データを読��り��。wolfssl_accept()���wolfssl_accept_tlsv13()�代�り���関数を呼�出���クライアントを��入れ��ンドシェイク内�早期データを読��り��。�ンドシェイクよりも早期データ���場���通常���処��れ��。��機能�サー�ー���使用�れ��。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
     \param [out]  データ�クライアント�ら読�込�れ�早期データを���る����ッファ。
     \param [in]  �ッファ�SZサイズ�イト数。
     \param [out]  OUTSZ�期データ��イト数。
     \return BAD_FUNC_ARG  �インタパラメータ�NULL�場��SZ�0未満���TLSV1.3を使用���。
     \return SIDE_ERROR  クライアント�呼�出�れ�場�。
     \return WOLFSSL_FATAL_ERROR  接続を��入れる�失敗��場�
+
     _Example_
     \code
     int ret = 0;
@@ -9222,9 +10598,10 @@ int  wolfSSL_read_early_data(WOLFSSL* ssl, void* data, int sz,
     int* outSz);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��TLS v1.3接続�プレシェアキー（PSK）クライアント�コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl_ctx構造体�client_psk_tls13_cbメン�ーを設定���。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \ingroup Setup
+    \brief  ��関数��TLS v1.3接続�プレシェア�（PSK）クライアント�コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��WOLFSSL_CTX構造体�client_psk_tls13_cbメン�ーを設定���。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -9239,9 +10616,10 @@ void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX* ctx,
     wc_psk_client_tls13_callback cb);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��TLS v1.3接続�プレシェアキー（PSK）クライアント�コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl構造体�Optionsフィールド�client_psk_tls13_cbメン�ーを設定���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -9256,9 +10634,10 @@ void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl,
     wc_psk_client_tls13_callback cb);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��TLS v1.3接続用�事�共有キー（PSK）サー��コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl_ctx構造体�server_psk_tls13_cbメン�ーを設定���。
-    \param [in,out]  ctx wolfssl_ctx_new（）�作��れ�wolfssl_ctx構造���インタ。
+    \ingroup Setup
+    \brief  ��関数��TLS v1.3接続用�事�共有�（PSK）サー��コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl_ctx構造体�server_psk_tls13_cbメン�ーを設定���。
+    \param [in,out]  ctx wolfSSL_CTX_new()�作��れ�WOLFSSL_CTX構造体���インタ。
+
     _Example_
     \code
     WOLFSSL_CTX* ctx;
@@ -9273,9 +10652,10 @@ void wolfSSL_CTX_set_psk_server_tls13_callback(WOLFSSL_CTX* ctx,
     wc_psk_server_tls13_callback cb);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��TLS v1.3接続用�事�共有キー（PSK）サー��コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl構造体�オプションフィールド�server_psk_tls13_cbメン�ーを設定���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \ingroup Setup
+    \brief  ��関数��TLS v1.3接続用�事�共有�（PSK）サー��コール�ックを設定���。コール�ック�PSKアイデンティティを見�����キー���ンドシェイク�使用�る暗����を返���。��関数��wolfssl構造体�オプションフィールド�server_psk_tls13_cbメン�ーを設定���。
+    \param [in,out]    ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+
     _Example_
     \code
     WOLFSSL* ssl;
@@ -9290,12 +10670,13 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
     wc_psk_server_tls13_callback cb);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��キーペア�生�を�むグループ�らキーシェアエントリを作����。Keyshareエクステンション����交�����生��れ�����公開����れ����。��関数�呼�出�れる��指定�れ�グループ�����れ��。優先グループ�サー�ー�対��以��確立�れ��る�����関数を呼�出���。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
+    \param [in,out] ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
     \param [in]  キー交�グループ識別�をグループ化���。
-    \return BAD_FUNC_ARG  SSL�NULL�場�
-    \return MEMORY_E  動的メモリ割り当��失敗�る�失敗�る�。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
+    \return MEMORY_E  動的メモリ割り当��失敗�る�返�れ��。
+
     _Example_
     \code
     int ret;
@@ -9316,11 +10697,12 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
 int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数��ClientHello��共有��信�れ��よ��呼�出�れ��。�れ�より��ンドシェイク��交��必��場���サー�ー�HelloretryRequest�応答�るよ��強制���。予想�れる�交�グループ�知られ��ら��キー�生�を�必��回��る�����機能を呼�出���。�交��必������ンドシェイクを完了�る���追加�往復�必���る���注�������。
-    \param [in,out]  SSL wolfssl_new（）を使用��作��れ�wolfssl構造���インタ。
-    \return BAD_FUNC_ARG  SSL�NULL�場�
+    \param [in,out] ssl wolfSSL_new()を使用��作��れ�WOLFSSL構造体���インタ。
+    \return BAD_FUNC_ARG  ssl�NULL�場��返�れ��。
     \return SIDE_ERROR  サー�ー�呼�出�れ�場�。
+
     _Example_
     \code
     int ret;
@@ -9336,10 +10718,11 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);
 int wolfSSL_NoKeyShares(WOLFSSL* ssl);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \ingroup Setup
+    \brief  ��関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
     \param [in]  ヒープ�的メモリ割り当�中��的メモリ割り当�器�使用�る�ッファ���インタを使用���。
-    \return If  �功�る��呼�出��新��作��れ�wolfssl_method構造体���インタを返���。
+    \return 新��作��れ�wWOLFSSL_METHOS構造体���インタを返���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -9367,10 +10750,11 @@ int wolfSSL_NoKeyShares(WOLFSSL* ssl);
 WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��アプリケーション�クライアント��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \ingroup Setup
+    \brief  ��関数��アプリケーション�クライアント��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
     \param [in]  ヒープ�的メモリ割り当�中��的メモリ割り当�器�使用�る�ッファ���インタを使用���。
-    \return If  �功�る��呼�出��新��作��れ�wolfssl_method構造体���インタを返���。
+    \return 新��作��れ�wWOLFSSL_METHOS構造体���インタを返���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -9398,9 +10782,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_server_method_ex(void* heap);
 WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return If  �功�る��呼�出��新��作��れ�wolfssl_method構造体���インタを返���。
+    \ingroup Setup
+    \brief  ��関数��アプリケーション�サー�ー��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \return 新��作��れ�wWOLFSSL_METHOS構造体���インタを返���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -9428,9 +10813,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_client_method_ex(void* heap);
 WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
 
 /*!
-    \ingroup Setup 
-    \brief  ��関数��アプリケーション�クライアント��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfssl_ctx_new（）を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
-    \return If  �功�る��呼�出��新��作��れ�wolfssl_method構造体���インタを返���。
+    \ingroup Setup
+    \brief  ��関数��アプリケーション�クライアント��る��を示����使用�れ�TLS 1.3プロトコル��をサ�ート���。��関数��wolfSSL_CTX_new()を使用��SSL / TLSコンテキストを作��る���使用�れる新��Wolfssl_method構造体�メモリを割り当���期化���。
+    \return 新��作��れ�wWOLFSSL_METHOS構造体���インタを返���。
+
     _Example_
     \code
     #include <wolfssl/ssl.h>
@@ -9458,10 +10844,11 @@ WOLFSSL_METHOD *wolfTLSv1_3_server_method(void);
 WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数������ら��（サー�/クライアント）を決定�������を除���Wolftlsv1_3_client_method��様�wolfssl_methodを返���。
     \param [in]  ヒープ�的メモリ割り当�中��的メモリ割り当�器�使用�る�ッファ���インタを使用���。
     \return WOLFSSL_METHOD  �功��作����wolfssl_method�インタを返���
+
     _Example_
     \code
     WOLFSSL* ctx;
@@ -9474,9 +10861,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_client_method(void);
 WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap);
 
 /*!
-    \ingroup Setup 
+    \ingroup Setup
     \brief  ��関数������ら��（サー�/クライアント）を決定�������を除���Wolftlsv1_3_client_method��様�wolfssl_methodを返���。
     \return WOLFSSL_METHOD  �功��作����wolfssl_method�インタを返���
+
     _Example_
     \code
     WOLFSSL* ctx;
@@ -9489,10 +10877,199 @@ WOLFSSL_METHOD *wolfTLSv1_3_method_ex(void* heap);
 WOLFSSL_METHOD *wolfTLSv1_3_method(void);
 
 /*!
+ \ingroup Setup 
+ \brief  ��関数�クライアント��呼�出�れる場����サー�ー��Certificateメッセージ��信��る証明書タイプを設定���。
+ サー�ー��呼�出�れる場�����入れ�能�クライアント証明書タイプを設定���。
+ Raw Public Key 証明書を��信���場�����関数を使��証明書タイプを設定���れ��り��ん。
+ 設定�る証明書タイプ�優先度順�格����イト�列���渡���。
+ 設定�る�ッファアドレス�NULLを渡����る���ッファサイズ�0を渡���定値�も���������。
+ �定値�X509証明書（WOLFSSL_CERT_TYPE_X509）��を扱�設定�������。
+
+ \return WOLFSSL_SUCCESS �功
+ \return BAD_FUNC_ARG ctx���NULLを渡����る���正�証明書タイプを指定���
+ �る��MAX_CLIENT_CERT_TYPE_CNT以上��ッファサイズを指定����る��指定�証明書タイプ��複��る
+ \param ctx  wolfssl_ctxコンテキスト�インタ
+ \param ctype  証明書タイプを格����ッファ���インタ
+ \param len  証明書タイプを格����ッファ�サイズ（�イト数）
+    _Example_
+ \code
+  int ret;
+  WOLFSSL_CTX* ctx;
+  char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(ctype)/sizeof(byte);
+　...
+
+  ret = wolfSSL_CTX_set_client_cert_type(ctx, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  ��関数�サー�ー��呼�出�れる場����クライアント��Certificateメッセージ��信��る証明書タイプを設定���。
+ クライアント��呼�出�れる場�����入れ�能�サー�ー証明書タイプを設定���。
+ Raw Public Key 証明書を��信���場�����関数を使��証明書タイプを設定���れ��り��ん。
+ 設定�る証明書タイプ�優先度順�格����イト�列���渡���。
+ 設定�る�ッファアドレス�NULLを渡����る���ッファサイズ�0を渡���定値�も���������。
+ �定値�X509証明書（WOLFSSL_CERT_TYPE_X509）��を扱�設定�������。
+
+ \return WOLFSSL_SUCCESS �功
+ \return BAD_FUNC_ARG ctx���NULLを渡����る���正�証明書タイプを指定���
+ �る��MAX_SERVER_CERT_TYPE_CNT以上��ッファサイズを指定����る��指定�証明書タイプ��複��る
+
+ \param ctx  wolfssl_ctxコンテキスト�インタ
+ \param ctype  証明書タイプを格����ッファ���インタ
+ \param len  証明書タイプを格����ッファ�サイズ（�イト数）
+    _Example_
+ \code
+  int ret;
+  WOLFSSL_CTX* ctx;
+  char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(ctype)/sizeof(byte);
+　...
+
+  ret = wolfSSL_CTX_set_server_cert_type(ctx, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  ��関数�クライアント��呼�出�れる場����サー�ー��Certificateメッセージ��信��る証明書タイプを設定���。
+ サー�ー��呼�出�れる場�����入れ�能�クライアント証明書タイプを設定���。
+ Raw Public Key 証明書を��信���場�����関数を使��証明書タイプを設定���れ��り��ん。
+ 設定�る証明書タイプ�優先度順�格����イト�列���渡���。
+ 設定�る�ッファアドレス�NULLを渡����る���ッファサイズ�0を渡���定値�も���������。
+ �定値�X509証明書（WOLFSSL_CERT_TYPE_X509）��を扱�設定�������。
+
+ \return WOLFSSL_SUCCESS �功
+ \return BAD_FUNC_ARG ssl���NULLを渡����る���正�証明書タイプを指定���
+ �る��MAX_CLIENT_CERT_TYPE_CNT以上��ッファサイズを指定����る��指定�証明書タイプ��複��る
+
+ \param ssl  WOLFSSL構造体���インタ
+ \param ctype  証明書タイプを格����ッファ���インタ
+ \param len  証明書タイプを格����ッファ�サイズ（�イト数）
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(ctype)/sizeof(byte);
+　...
+
+  ret = wolfSSL_set_client_cert_type(ssl, ctype, len);
+ \endcode
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_client_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  ��関数�サー�ー��呼�出�れる場����クライアント��Certificateメッセージ��信��る証明書タイプを設定���。
+ クライアント��呼�出�れる場�����入れ�能�サー�ー証明書タイプを設定���。
+ Raw Public Key 証明書を��信���場�����関数を使��証明書タイプを設定���れ��り��ん。
+ 設定�る証明書タイプ�優先度順�格����イト�列���渡���。
+ 設定�る�ッファアドレス�NULLを渡����る���ッファサイズ�0を渡���定値�も���������。
+ �定値�X509証明書（WOLFSSL_CERT_TYPE_X509）��を扱�設定�������。
+
+ \return WOLFSSL_SUCCESS �功
+ \return BAD_FUNC_ARG ctx���NULLを渡����る���正�証明書タイプを指定���
+ �る��MAX_SERVER_CERT_TYPE_CNT以上��ッファサイズを指定����る��指定�証明書タイプ��複��る
+
+ \param ssl  WOLFSSL構造体���インタ
+ \param ctype  証明書タイプを格����ッファ���インタ
+ \param len  証明書タイプを格����ッファ�サイズ（�イト数）
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  char ctype[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(ctype)/sizeof(byte);
+　...
+
+  ret = wolfSSL_set_server_cert_type(ssl, ctype, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_server_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
  \ingroup SSL 
+ \brief  ��関数��ンドシェーク終了後�呼�出��相手���ゴシエーション��果得られ�クライアント証明書�タイプを返���。
+ �ゴシエーション�発生���場���戻り値���WOLFSSL_SUCCESS�返�れ����
+ 証明書タイプ����WOLFSSL_CERT_TYPE_UNKNOWN�返�れ��。
+
+ \return WOLFSSL_SUCCESS �功時���り��。tp�返�れ�証明書タイプ�WOLFSSL_CERT_TYPE_X509,
+  WOLFSSL_CERT_TYPE_RPK �る��WOLFSSL_CERT_TYPE_UNKNOWN���れ���り��。
+ \return BAD_FUNC_ARG ssl���NULLを渡����る��tp���NULLを渡��
+ \param ssl  WOLFSSL構造体���インタ
+ \param tp  証明書タイプ�返�れる�ッファ���インタ
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  int tp;
+　...
+
+  ret = wolfSSL_get_negotiated_client_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL 
+ \brief  ��関数��ンドシェーク終了後�呼�出��相手���ゴシエーション��果得られ�サー�ー証明書�タイプを返���。
+ �ゴシエーション�発生���場���戻り値���WOLFSSL_SUCCESS�返�れ����証明書タイプ����WOLFSSL_CERT_TYPE_UNKNOWN�返�れ��。
+ \return WOLFSSL_SUCCESS �功時���り��。tp�返�れ�証明書タイプ�WOLFSSL_CERT_TYPE_X509,
+  WOLFSSL_CERT_TYPE_RPK �る��WOLFSSL_CERT_TYPE_UNKNOWN���れ���り��。
+ \return BAD_FUNC_ARG ssl���NULLを渡����る��tp���NULLを渡��
+ \param ssl  WOLFSSL構造体���インタ
+ \param tp  証明書タイプ�返�れる�ッファ���インタ
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  int tp;
+　...
+
+  ret = wolfSSL_get_negotiated_server_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ */
+int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL
  \brief  ��関数�テスト����固定/�的�エフェラルキーを設定���。
- \return 0  キー�正常�ロード�れ���
- \param ctx  wolfssl_ctxコンテキスト�インタ
+ \return 0  �功時�返�れ��。
+ \param ctx  WOLFSSL_CTXコンテキスト�インタ
  \param keyAlgo  WC_PK_TYPE_DH�よ�WC_PK_TYPE_ECDH�よ��enum wc_pktype
  \param key  キーファイルパス（Keysz == 0）���実際�キー�ッファ（PEM���ASN.1）
  \param keySz  キーサイズ（「キー�arg�ファイルパス�場��0��り��）
@@ -9501,10 +11078,10 @@ WOLFSSL_METHOD *wolfTLSv1_3_method(void);
 int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key, unsigned int keySz, int format);
 
 /*!
- \ingroup SSL 
+ \ingroup SSL
  \brief  ��関数�テスト����固定/�的�エフェラルキーを設定���。
- \return 0  キー�正常�ロード�れ���
- \param ssl  wolfsslオブジェクト�インタ
+ \return 0  �功時�返�れ��。
+ \param ssl  WOLFSSL構造体���インタ
  \param keyAlgo  WC_PK_TYPE_DH�よ�WC_PK_TYPE_ECDH�よ��enum wc_pktype
  \param key  キーファイルパス（Keysz == 0）���実際�キー�ッファ（PEM���ASN.1）
  \param keySz  キーサイズ（「キー�arg�ファイルパス�場��0��り��）
@@ -9513,42 +11090,225 @@ int wolfSSL_CTX_set_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, const char* key
 int wolfSSL_set_ephemeral_key(WOLFSSL* ssl, int keyAlgo, const char* key, unsigned int keySz, int format);
 
 /*!
- \ingroup SSL 
- \brief  ��関数�asn.1 / der���ロード�れ�キー���インタを返���
- \return 0  キー�正常�戻り���
+ \ingroup SSL
+ \brief  ��関数� ASN.1/DER���ロード�れ�キー���インタを返���
+ \return 0  �功時�返�れ��。
  \param ctx  wolfssl_ctxコンテキスト�インタ
  \param keyAlgo  WC_PK_TYPE_DH�よ�WC_PK_TYPE_ECDH�よ��enum wc_pktype
  \param key  キー�ッファ�インタ
  \sa wolfSSL_CTX_set_ephemeral_key
  */
-int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo, 
+int wolfSSL_CTX_get_ephemeral_key(WOLFSSL_CTX* ctx, int keyAlgo,
     const unsigned char** key, unsigned int* keySz);
 
 /*!
- \ingroup SSL 
- \brief  ��関数�asn.1 / der���ロード�れ�キー���インタを返���
- \return 0  キー�正常�戻り���
- \param ssl  wolfsslオブジェクト�インタ
+ \ingroup SSL
+ \brief  ��関数� ASN.1/DER���ロード�れ�����インタを返���
+ \return 0  �功時�返�れ��。
+ \param ssl  WOLFSSL構造体���インタ
  \param keyAlgo  WC_PK_TYPE_DH�よ�WC_PK_TYPE_ECDH�よ��enum wc_pktype
  \param key  キー�ッファ�インタ
  \sa wolfSSL_set_ephemeral_key
  */
-int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo, 
+int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
     const unsigned char** key, unsigned int* keySz);
 
 /*!
- \ingroup SSL 
- \brief  �択��メッセージダイジェスト�パディング��よ�RSAキーを使用��メッセージ�署��る
- \return WOLFSSL_SUCCESS  Error��功�wolfssl_failure����
+ \ingroup SSL
+ \brief  �択��メッセージダイジェスト�パディング��よ�RSAキーを使用��メッセージ�署����。
+ \return WOLFSSL_SUCCESS  �功時�返�れ��。
+ \return WOLFSSL_FAILURE  エラー発生時�返�れ��。
+
  \param type  �ッシュNID
- \param m  署��るメッセージ。�れ�署��るメッセージ�ダイジェスト��る�能性�高�
+ \param m  署��るメッセージ。�れ�署��るメッセージ�ダイジェスト
  \param mLen  署��るメッセージ�長�
- \param sigRet  出力�ッファ
- \param sigLen  オン入力：出力時�Sigret�ッファ�長�：Sigret�書�込�れ�データ�長�
- \param rsa  RSAキー入力�署��る���使用�れ��
+ \param sigRet  出力�ッファ���インタ
+ \param sigLen 入力時��sigRet�長�を指定���。出力時��sigRet�書�込�れ�データ�長�を格����。
+ \param rsa  入力�署��る���使用�れるRSA�
  \param flag  1：シグニ�ャ0：未パワード署�を比較�る値を出力���。注：RSA_PKCS1_PSS_PADDING�場���wc_rsapss_checkpadding_ex関数を使用��* VERIFY *関数�出力を確��る必���り��。
+ \param padding パディング
  */
 int wolfSSL_RSA_sign_generic_padding(int type, const unsigned char* m,
                                unsigned int mLen, unsigned char* sigRet,
                                unsigned int* sigLen, WOLFSSL_RSA* rsa,
                                int flag, int padding);
+
+/*!
+　\ingroup SSL
+　\brief DTLSv1.3 �信済�����相手�らアクノリッジを��������メッセージ��る�調���。
+
+ \return 1 ペンディング�メッセージ��る場��返�れ��。�れ以外�0�返�れ��。
+ \param ssl WOLFSSL構造体���インタ。
+*/
+int wolfSSL_dtls13_has_pending_msg(WOLFSSL *ssl);
+
+/*!
+    \ingroup SSL
+    \brief アーリーデータ�最大サイズを�得���。
+
+    \param [in] s  WOLFSSL_SESSION構造体���インタ
+
+    \return アーリーデータ�最大サイズ（max_early_data）
+    \param s WOLFSSL_SESSION構造体���インタ
+
+    \sa wolfSSL_set_max_early_data
+    \sa wolfSSL_write_early_data
+    \sa wolfSSL_read_early_data
+ */
+unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s);
+
+/*!
+    \ingroup SSL
+    \brief Get a new index for external data. This entry applies also for the
+           following API:
+           - wolfSSL_CTX_get_ex_new_index
+           - wolfSSL_get_ex_new_index
+           - wolfSSL_SESSION_get_ex_new_index
+           - wolfSSL_X509_get_ex_new_index
+
+    \param [in] All input parameters are ignored. The callback functions are not
+                supported with wolfSSL.
+
+    \return The new index value to be used with the external data API for this
+            object class.
+ */
+int wolfSSL_CRYPTO_get_ex_new_index(int, void*, void*, void*, void*);
+
+/*!
+
+ \brief コ�クションID拡張を有効����。RFC9146�RFC9147を�照������。
+
+ \return WOLFSSL_SUCCESS �功時�返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_use(WOLFSSL* ssl);
+
+/*!
+
+ \brief ��関数��ンドシェーク�完了��後�呼�出�れる��コ�クションID��ゴシエート�れ�����確��る�������。
+ RFC9146�RFC9147を�照������。
+
+ \return 1 コ�クションID��ゴシエート�れ�場��返�れ��。�れ以外�0�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_is_enabled(WOLFSSL* ssl);
+
+/*!
+
+ \brief ��コ�クション�他�ピア�対��レコードを�信�る���コ�クションIDをセット���。
+ RFC9146�RFC9147を�照������。コ�クションID�最大値�DTLS_CID_MAX_SIZE���れ��り��ん。
+ DTLS_CID_MAX_SIZE�ビルド時�値を指定��能���255�イトを��る�������ん。 
+
+
+ \return WOLFSSL_SUCCESS コ�クションID�セット���場��返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+ \param cid コ�クションID
+ \param size コ�クションID�サイズ
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_set(WOLFSSL* ssl, unsigned char* cid,
+    unsigned int size);
+
+/*!
+
+ \brief コ�クションID�サイズを�得���。RFC9146�RFC9147を�照������。
+
+ \return WOLFSSL_SUCCESS コ�クションID��得���場��返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+ \param size コ�クションID�サイズを格��るint型変数���インタ。
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_rx_size(WOLFSSL* ssl,
+    unsigned int* size);
+
+/*!
+
+ \brief コ�クションIDを引数buffer�指定�れ��ッファ�コピー���。
+ RFC9146�RFC9147を�照������。
+ �ッファ�サイズ�引数bufferSz�指定������。
+
+ \return WOLFSSL_SUCCESS コ�クションID��得���場��返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+ \param buffer コ�クションID�コピー�れる先��ッファ���インタ。
+ \param bufferSz �ッファ�サイズ
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_tx_size
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_rx(WOLFSSL* ssl, unsigned char* buffer,
+    unsigned int bufferSz);
+
+/*!
+
+ \brief コ�クションID�サイズを�得���。ｃ
+ サイズ�引数size変数�格��れ��。
+
+ \return WOLFSSL_SUCCESS コ�クションID�サイズ��得���場��返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+ \param size コ�クションID�サイズを格��るint型変数���インタ。
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx
+*/
+int wolfSSL_dtls_cid_get_tx_size(WOLFSSL* ssl, unsigned int* size);
+
+/*!
+
+ \brief コ�クションIDを引�数buffer�指定�れる�ッファ�コピー���。RFC9146�RFC9147を�照������。
+ �ッファ�サイズ�引�数bufferSz�指定���。
+
+ \return WOLFSSL_SUCCESS ConnectionID�正常�コピー�れ�際�返�れ��。�れ以外�エラーコード�返�れ��。
+
+ \param ssl WOLFSSL構造体���インタ。
+ \param buffer ConnectionID�コピー�れる�ッファ���インタ。
+ \param bufferSz �ッファ�サイズ
+
+ \sa wolfSSL_dtls_cid_use
+ \sa wolfSSL_dtls_cid_is_enabled
+ \sa wolfSSL_dtls_cid_set
+ \sa wolfSSL_dtls_cid_get_rx_size
+ \sa wolfSSL_dtls_cid_get_rx
+ \sa wolfSSL_dtls_cid_get_tx_size
+*/
+int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
+    unsigned int bufferSz);
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
index 3a9b974f..997bc58c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/aes.h
@@ -20,6 +20,9 @@
     int ret = 0;
     byte key[] = { some 16, 24 or 32 byte key };
     byte iv[]  = { some 16 byte iv };
+    if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+        // failed to initialize aes key
+    }
     if (ret = wc_AesSetKey(&enc, key, AES_BLOCK_SIZE, iv,
     AES_ENCRYPTION) != 0) {
 	// failed to set aes key
@@ -94,7 +97,8 @@ int  wc_AesSetIV(Aes* aes, const byte* iv);
     \code
     Aes enc;
     int ret = 0;
-    // initialize enc with AesSetKey, using direction AES_ENCRYPTION
+    // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+    // AES_ENCRYPTION
     byte msg[AES_BLOCK_SIZE * n]; // multiple of 16 bytes
     // fill msg with data
     byte cipher[AES_BLOCK_SIZE * n]; // Some multiple of 16 bytes
@@ -103,6 +107,7 @@ int  wc_AesSetIV(Aes* aes, const byte* iv);
     }
     \endcode
 
+    \sa wc_AesInit
     \sa wc_AesSetKey
     \sa wc_AesSetIV
     \sa wc_AesCbcDecrypt
@@ -146,7 +151,8 @@ int  wc_AesCbcEncrypt(Aes* aes, byte* out,
     \code
     Aes dec;
     int ret = 0;
-    // initialize dec with AesSetKey, using direction AES_DECRYPTION
+    // initialize dec with wc_AesInit and wc_AesSetKey, using direction
+    // AES_DECRYPTION
     byte cipher[AES_BLOCK_SIZE * n]; // some multiple of 16 bytes
     // fill cipher with cipher text
     byte plain [AES_BLOCK_SIZE * n];
@@ -155,6 +161,7 @@ int  wc_AesCbcEncrypt(Aes* aes, byte* out,
     }
     \endcode
 
+    \sa wc_AesInit
     \sa wc_AesSetKey
     \sa wc_AesCbcEncrypt
 */
@@ -187,11 +194,10 @@ int  wc_AesCbcDecrypt(Aes* aes, byte* out,
     \code
     Aes enc;
     Aes dec;
-    // initialize enc and dec with AesSetKeyDirect, using direction
-    AES_ENCRYPTION
-    // since the underlying API only calls Encrypt and by default calling
-    encrypt on
-    // a cipher results in a decryption of the cipher
+    // initialize enc and dec with wc_AesInit and wc_AesSetKeyDirect, using
+    // direction AES_ENCRYPTION since the underlying API only calls Encrypt
+    // and by default calling encrypt on a cipher results in a decryption of
+    // the cipher
 
     byte msg[AES_BLOCK_SIZE * n]; //n being a positive integer making msg
     some multiple of 16 bytes
@@ -229,7 +235,8 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out,
     _Example_
     \code
     Aes enc;
-    // initialize enc with AesSetKey, using direction AES_ENCRYPTION
+    // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+    // AES_ENCRYPTION
     byte msg [AES_BLOCK_SIZE]; // 16 bytes
     // initialize msg with plain text to encrypt
     byte cipher[AES_BLOCK_SIZE];
@@ -263,7 +270,8 @@ int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
     _Example_
     \code
     Aes dec;
-    // initialize enc with AesSetKey, using direction AES_DECRYPTION
+    // initialize enc with wc_AesInit and wc_AesSetKey, using direction
+    // AES_DECRYPTION
     byte cipher [AES_BLOCK_SIZE]; // 16 bytes
     // initialize cipher with cipher text to decrypt
     byte msg[AES_BLOCK_SIZE];
@@ -303,6 +311,10 @@ int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
     int ret = 0;
     byte key[] = { some 16, 24, or 32 byte key };
     byte iv[]  = { some 16 byte iv };
+
+    if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+        // failed to initialize aes key
+    }
     if (ret = wc_AesSetKeyDirect(&enc, key, sizeof(key), iv,
     AES_ENCRYPTION) != 0) {
 	// failed to set aes key
@@ -335,6 +347,9 @@ int  wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
     Aes enc;
     int ret = 0;
     byte key[] = { some 16, 24,32 byte key };
+    if (ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID) != 0) {
+        // failed to initialize aes key
+    }
     if (ret = wc_AesGcmSetKey(&enc, key, sizeof(key)) != 0) {
 	// failed to set aes key
     }
@@ -373,7 +388,7 @@ int  wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len);
     _Example_
     \code
     Aes enc;
-    // initialize aes structure by calling wc_AesGcmSetKey
+    // initialize Aes structure by calling wc_AesInit() and wc_AesGcmSetKey
 
     byte plain[AES_BLOCK_LENGTH * n]; //n being a positive integer
     making plain some multiple of 16 bytes
@@ -424,7 +439,8 @@ int  wc_AesGcmEncrypt(Aes* aes, byte* out,
     _Example_
     \code
     Aes enc; //can use the same struct as was passed to wc_AesGcmEncrypt
-    // initialize aes structure by calling wc_AesGcmSetKey if not already done
+    // initialize aes structure by calling wc_AesInit and wc_AesGcmSetKey
+    // if not already done
 
     byte cipher[AES_BLOCK_LENGTH * n]; //n being a positive integer
     making cipher some multiple of 16 bytes
@@ -529,7 +545,8 @@ int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
     Aes enc;
     key[] = { some 16, 24, or 32 byte length key };
 
-    wc_AesCcmSetKey(&aes, key, sizeof(key));
+    wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID); // Make sure devId updated
+    wc_AesCcmSetKey(&enc, key, sizeof(key));
     \endcode
 
     \sa wc_AesCcmEncrypt
@@ -564,7 +581,7 @@ int  wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz);
     _Example_
     \code
     Aes enc;
-    // initialize enc with wc_AesCcmSetKey
+    // initialize enc with wc_AesInit and wc_AesCcmSetKey
 
     nonce[] = { initialize nonce };
     plain[] = { some plain text message };
@@ -616,7 +633,7 @@ int  wc_AesCcmEncrypt(Aes* aes, byte* out,
     _Example_
     \code
     Aes dec;
-    // initialize dec with wc_AesCcmSetKey
+    // initialize dec with wc_AesInit and wc_AesCcmSetKey
 
     nonce[] = { initialize nonce };
     cipher[] = { encrypted message };
@@ -644,6 +661,82 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out,
 /*!
     \ingroup AES
 
+    \brief This is to initialize an AES-XTS context. It is up to user to call
+    wc_AesXtsFree on aes key when done.
+
+    \return 0 Success
+
+    \param aes   AES keys for encrypt/decrypt process
+    \param heap  heap hint to use for memory. Can be NULL
+    \param devId id to use with async crypto. Can be 0
+
+    _Example_
+    \code
+    XtsAes aes;
+
+    if(wc_AesXtsInit(&aes, NULL, 0) != 0)
+    {
+        // Handle error
+    }
+    if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION) != 0)
+    {
+        // Handle error
+    }
+    wc_AesXtsFree(&aes);
+    \endcode
+
+    \sa wc_AesXtsSetKey
+    \sa wc_AesXtsSetKeyNoInit
+    \sa wc_AesXtsEncrypt
+    \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsFree
+*/
+int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
+
+
+/*!
+    \ingroup AES
+
+    \brief This is to help with setting keys to correct encrypt or decrypt type,
+    after first calling wc_AesXtsInit(). It is up to user to call wc_AesXtsFree
+    on aes key when done.
+
+    \return 0 Success
+
+    \param aes   AES keys for encrypt/decrypt process
+    \param key   buffer holding aes key | tweak key
+    \param len   length of key buffer in bytes. Should be twice that of
+    key size.
+                 i.e. 32 for a 16 byte key.
+    \param dir   direction, either AES_ENCRYPTION or AES_DECRYPTION
+
+    _Example_
+    \code
+    XtsAes aes;
+
+    if(wc_AesXtsInit(&aes, NULL, 0) != 0)
+    {
+        // Handle error
+    }
+    if(wc_AesXtsSetKeyNoInit(&aes, key, sizeof(key), AES_ENCRYPTION, NULL, 0)
+       != 0)
+    {
+        // Handle error
+    }
+    wc_AesXtsFree(&aes);
+    \endcode
+
+    \sa wc_AesXtsEncrypt
+    \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsFree
+*/
+int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
+         word32 len, int dir);
+
+
+/*!
+    \ingroup AES
+
     \brief This is to help with setting keys to correct encrypt or
     decrypt type. It is up to user to call wc_AesXtsFree on aes key when done.
 
@@ -669,6 +762,8 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out,
     wc_AesXtsFree(&aes);
     \endcode
 
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsEncrypt
     \sa wc_AesXtsDecrypt
     \sa wc_AesXtsFree
@@ -709,6 +804,8 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
 
     \sa wc_AesXtsEncrypt
     \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsSetKey
     \sa wc_AesXtsFree
 */
@@ -748,6 +845,8 @@ int wc_AesXtsEncryptSector(XtsAes* aes, byte* out,
 
     \sa wc_AesXtsEncrypt
     \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsSetKey
     \sa wc_AesXtsFree
 */
@@ -788,6 +887,8 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out,
     \endcode
 
     \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsSetKey
     \sa wc_AesXtsFree
 */
@@ -827,6 +928,8 @@ int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
     \endcode
 
     \sa wc_AesXtsEncrypt
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsSetKey
     \sa wc_AesXtsFree
 */
@@ -855,6 +958,8 @@ int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
 
     \sa wc_AesXtsEncrypt
     \sa wc_AesXtsDecrypt
+    \sa wc_AesXtsInit
+    \sa wc_AesXtsSetKeyNoInit
     \sa wc_AesXtsSetKey
 */
 int wc_AesXtsFree(XtsAes* aes);
@@ -1035,7 +1140,7 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
     \return BAD_FUNC_ARG If key, SIV, or output buffer are NULL. Also returned
     if the key size isn't 32, 48, or 64 bytes.
     \return AES_SIV_AUTH_E If the SIV derived by S2V doesn't match the input
-    SIV (see RFC 5297 2.7). 
+    SIV (see RFC 5297 2.7).
     \return Other Other negative error values returned if AES or CMAC operations
     fail.
 
@@ -1072,3 +1177,553 @@ int wc_AesSivEncrypt(const byte* key, word32 keySz, const byte* assoc,
 int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
                      word32 assocSz, const byte* nonce, word32 nonceSz,
                      const byte* in, word32 inSz, byte* siv, byte* out);
+
+
+
+
+
+
+
+/*!
+    \ingroup AES
+
+    \brief This function performs AES EAX encryption and authentication as
+    described in "EAX: A Conventional Authenticated-Encryption Mode"
+    (https://eprint.iacr.org/2003/069). It is a "one-shot" API that performs
+    all encryption and authentication operations in one function call.
+
+    \return 0 on successful encryption.
+    \return BAD_FUNC_ARG if input or output buffers are NULL. Also returned
+    if the key size isn't a valid AES key size (16, 24, or 32 bytes)
+    \return other negative error values returned if AES or CMAC operations
+    fail.
+
+    \param key buffer containing the key to use
+    \param keySz length of the key buffer in bytes
+    \param[out] out buffer to hold the ciphertext. Should be the same length as
+    the plaintext buffer
+    \param in plaintext buffer to encrypt
+    \param inSz length of plaintext buffer
+    \param nonce the cryptographic nonce to use for EAX operations
+    \param nonceSz length of nonce buffer in bytes
+    \param[out] authTag pointer to the buffer in which to store the
+    authentication tag
+    \param authTagSz length of the desired authentication tag
+    \param authIn pointer to the buffer containing input data to authenticate
+    \param authInSz length of the input authentication data
+
+    _Example_
+    \code
+    byte key[] = { some 32, 48, or 64 byte key };
+    byte nonce[] = {0x04, 0x5, 0x6};
+    byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+    byte authIn[] = {0x01, 0x2, 0x3};
+
+    byte cipherText[sizeof(plainText)]; // output ciphertext
+    byte authTag[length, up to AES_BLOCK_SIZE]; // output authTag
+
+    if (wc_AesEaxEncrypt(key, sizeof(key),
+                         cipherText, plainText, sizeof(plainText),
+                         nonce, sizeof(nonce),
+                         authTag, sizeof(authTag),
+                         authIn, sizeof(authIn)) != 0) {
+        // failed to encrypt
+    }
+
+    \endcode
+
+    \sa wc_AesEaxDecryptAuth
+
+*/
+WOLFSSL_API int  wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+                                      const byte* in, word32 inSz,
+                                      const byte* nonce, word32 nonceSz,
+                                      /* output computed auth tag */
+                                      byte* authTag, word32 authTagSz,
+                                      /* input data to authenticate */
+                                      const byte* authIn, word32 authInSz);
+/*!
+    \ingroup AES
+
+    \brief This function performs AES EAX decryption and authentication as
+    described in "EAX: A Conventional Authenticated-Encryption Mode"
+    (https://eprint.iacr.org/2003/069). It is a "one-shot" API that performs
+    all decryption and authentication operations in one function call.
+
+    \return 0 on successful decryption
+    \return BAD_FUNC_ARG if input or output buffers are NULL. Also returned
+    if the key size isn't a valid AES key size (16, 24, or 32 bytes)
+    \return AES_EAX_AUTH_E If the authentication tag does not match the
+    supplied authentication code vector \c authTag
+    \return other negative error values returned if AES or CMAC operations
+    fail.
+
+    \param key byte buffer containing the key to use
+    \param keySz length of the key buffer in bytes
+    \param[out] out buffer to hold the plaintext. Should be the same length as
+    the input ciphertext buffer
+    \param in ciphertext buffer to decrypt
+    \param inSz length of ciphertext buffer
+    \param nonce the cryptographic nonce to use for EAX operations
+    \param nonceSz length of nonce buffer in bytes
+    \param authTag buffer that holds the authentication tag to check the
+    authenticity of the data against
+    \param authTagSz Length of the input authentication tag
+    \param authIn pointer to the buffer containing input data to authenticate
+    \param authInSz length of the input authentication data
+
+    _Example_
+    \code
+    byte key[] = { some 32, 48, or 64 byte key };
+    byte nonce[] = {0x04, 0x5, 0x6};
+    byte cipherText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+    byte authIn[] = {0x01, 0x2, 0x3};
+
+    byte plainText[sizeof(cipherText)]; // output plaintext
+    byte authTag[length, up to AES_BLOCK_SIZE]; // output authTag
+
+    if (wc_AesEaxDecrypt(key, sizeof(key),
+                         cipherText, plainText, sizeof(plainText),
+                         nonce, sizeof(nonce),
+                         authTag, sizeof(authTag),
+                         authIn, sizeof(authIn)) != 0) {
+        // failed to encrypt
+    }
+
+    \endcode
+
+    \sa wc_AesEaxEncryptAuth
+
+*/
+WOLFSSL_API int  wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+                                      const byte* in, word32 inSz,
+                                      const byte* nonce, word32 nonceSz,
+                                      /* auth tag to verify against */
+                                      const byte* authTag, word32 authTagSz,
+                                      /* input data to authenticate */
+                                      const byte* authIn, word32 authInSz);
+
+/*!
+    \ingroup AES
+    \brief This function initializes an AesEax object for use in authenticated
+    encryption or decryption. This function must be called on an AesEax
+    object before using it with any of the AES EAX incremental API functions.
+    It does not need to be called if using the one-shot EAX API functions.
+    All AesEax instances initialized with this function need to be freed with
+    a call to wc_AesEaxFree() when done using the instance.
+
+    \return 0 on success
+    \return error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param key 16, 24, or 32 byte secret key for encryption and decryption
+    \param keySz length of the supplied key in bytes
+    \param nonce the cryptographic nonce to use for EAX operations
+    \param nonceSz length of nonce buffer in bytes
+    \param authIn (optional) input data to add to the authentication stream
+    This argument should be NULL if not used
+    \param authInSz size in bytes of the input authentication data
+
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    plainText[] = {some plaintext data to encrypt};
+
+    cipherText[sizeof(plainText)]; // buffer to hold cipherText
+    authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+    AesEax eax;
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+
+    // if we wanted to add more auth data, we could provide it at this point,
+    // otherwise we use NULL for the authIn parameter, with authIn size of 0
+    if ((ret = wc_AesEaxEncryptUpdate(eax,
+                                      cipherText, plainText, sizeof(plainText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxDecryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int  wc_AesEaxInit(AesEax* eax,
+                               const byte* key, word32 keySz,
+                               const byte* nonce, word32 nonceSz,
+                               const byte* authIn, word32 authInSz);
+
+/*!
+    \ingroup AES
+    \brief This function uses AES EAX to encrypt input data, and optionally, add
+    more input data to the authentication stream. \c eax must have been
+    previously initialized with a call to \ref wc_AesEaxInit.
+
+    \return 0 on success
+    \return error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param[out] out output buffer holding the ciphertext
+    \param in input buffer holding the plaintext to encrypt
+    \param inSz size in bytes of the input data buffer
+    \param authIn (optional) input data to add to the authentication stream
+    This argument should be NULL if not used
+    \param authInSz size in bytes of the input authentication data
+
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    plainText[] = {some plaintext data to encrypt};
+
+    cipherText[sizeof(plainText)]; // buffer to hold cipherText
+    authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+    AesEax eax;
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+
+    // if we wanted to add more auth data, we could provide it at this point,
+    // otherwise we use NULL for the authIn parameter, with authInSz of 0
+    if ((ret = wc_AesEaxEncryptUpdate(eax,
+                                      cipherText, plainText, sizeof(plainText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxDecryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int  wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+                                        const byte* in, word32 inSz,
+                                        const byte* authIn, word32 authInSz);
+
+/*!
+    \ingroup AES
+    \brief This function uses AES EAX to decrypt input data, and optionally, add
+    more input data to the authentication stream. \c eax must have been
+    previously initialized with a call to \ref wc_AesEaxInit.
+
+    \return 0 on success
+    \return error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param[out] out output buffer holding the decrypted plaintext
+    \param in input buffer holding the ciphertext
+    \param inSz size in bytes of the input data buffer
+    \param authIn (optional) input data to add to the authentication stream
+    This argument should be NULL if not used
+    \param authInSz size in bytes of the input authentication data
+
+    
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    cipherText[] = {some encrypted data};
+
+    plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+    // auth tag is generated elsewhere by the encrypt AEAD operation
+    authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+    AesEax eax;
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+
+    // if we wanted to add more auth data, we could provide it at this point,
+    // otherwise we use NULL for the authIn parameter, with authInSz of 0
+    if ((ret = wc_AesEaxDecryptUpdate(eax,
+                                      plainText, cipherText, sizeof(cipherText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxDecryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int  wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+                                        const byte* in, word32 inSz,
+                                        const byte* authIn, word32 authInSz);
+/*!
+    \ingroup AES
+    \brief This function adds input data to the authentication stream.
+    \c eax must have been previously initialized with a call to
+    \ref wc_AesEaxInit.
+
+    \return 0 on success
+    \return error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param authIn input data to add to the authentication stream
+    \param authInSz size in bytes of the input authentication data
+
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    cipherText[] = {some encrypted data};
+
+    plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+    // auth tag is generated elsewhere by the encrypt AEAD operation
+    authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+    AesEax eax;
+
+    // No auth data to add here
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    // No auth data to add here, added later with wc_AesEaxAuthDataUpdate
+    if ((ret = wc_AesEaxDecryptUpdate(eax,
+                                      plainText, cipherText, sizeof(cipherText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxAuthDataUpdate(eax, authIn, sizeof(authIn))) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxDecryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int  wc_AesEaxAuthDataUpdate(AesEax* eax,
+                                       const byte* authIn, word32 authInSz);
+
+/*!
+    \ingroup AES
+    \brief This function finalizes the encrypt AEAD operation, producing an auth 
+    tag over the current authentication stream. \c eax must have been previously 
+    initialized with a call to \ref wc_AesEaxInit. When done using the \c AesEax
+    context structure, make sure to free it using \ref wc_AesEaxFree.
+
+    \return 0 on success
+    \return error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param authTag[out] buffer that will hold the computed auth tag
+    \param authTagSz size in bytes of \c authTag
+
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    plainText[] = {some plaintext data to encrypt};
+
+    cipherText[sizeof(plainText)]; // buffer to hold cipherText
+    authTag[length, up to AES_BLOCK_SIZE]; // buffer to hold computed auth data
+
+    AesEax eax;
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+
+    // if we wanted to add more auth data, we could provide it at this point,
+    // otherwise we use NULL for the authIn parameter, with authInSz of 0
+    if ((ret = wc_AesEaxEncryptUpdate(eax,
+                                      cipherText, plainText, sizeof(plainText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxEncryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxDecryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxEncryptFinal(AesEax* eax,
+                                      byte* authTag, word32 authTagSz);
+
+/*!
+    \ingroup AES
+    \brief This function finalizes the decrypt AEAD operation, finalizing the 
+    auth tag computation and checking it for validity against the user supplied
+    tag. \c eax must have been previously initialized with a call to 
+    \ref wc_AesEaxInit. When done using the \c AesEax context structure, make 
+    sure to free it using \ref wc_AesEaxFree.
+
+    \return 0 if data is authenticated successfully
+    \return AES_EAX_AUTH_E if the authentication tag does not match the
+    supplied authentication code vector \c authIn
+    \return other error code on failure
+
+    \param eax AES EAX structure holding the context of the AEAD operation
+    \param authIn input auth tag to check computed auth tag against
+    \param authInSz size in bytes of \c authIn
+
+    _Example_
+    \code
+    AesEax eax;
+    key[]   = { some 16, 24, or 32 byte length key };
+    nonce[] = { some arbitrary length nonce };
+    authIn[] = { some data to add to the authentication stream };
+    cipherText[] = {some encrypted data};
+
+    plainText[sizeof(cipherText)]; // buffer to hold decrypted data
+    // auth tag is generated elsewhere by the encrypt AEAD operation
+    authTag[length, up to AES_BLOCK_SIZE] = { the auth tag };
+
+    AesEax eax;
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+
+    // if we wanted to add more auth data, we could provide it at this point,
+    // otherwise we use NULL for the authIn parameter, with authInSz of 0
+    if ((ret = wc_AesEaxDecryptUpdate(eax,
+                                      plainText, cipherText, sizeof(cipherText),
+                                      NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxDecryptFinal(eax, authTag, sizeof(authTag))) != 0) {
+        goto cleanup;
+    }
+
+    cleanup:
+        wc_AesEaxFree(eax);
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxFree
+
+*/
+WOLFSSL_API int wc_AesEaxDecryptFinal(AesEax* eax,
+                                      const byte* authIn, word32 authInSz);
+/*!
+    \ingroup AES
+
+    \brief This frees up any resources, specifically keys, used by the Aes
+    instance inside the AesEax wrapper struct. It should be called on the
+    AesEax struct after it has been initialized with wc_AesEaxInit, and all
+    desired EAX operations are complete.
+
+    \return 0 Success
+
+    \param eaxAES EAX instance to free
+
+    _Example_
+    \code
+    AesEax eax;
+
+    if(wc_AesEaxInit(eax, key, keySz, nonce, nonceSz, authIn, authInSz) != 0) {
+        // handle errors, then free
+        wc_AesEaxFree(&eax);
+    }
+    \endcode
+
+    \sa wc_AesEaxInit
+    \sa wc_AesEaxEncryptUpdate
+    \sa wc_AesEaxDecryptUpdate
+    \sa wc_AesEaxAuthDataUpdate
+    \sa wc_AesEaxEncryptFinal
+    \sa wc_AesEaxDecryptFinal
+*/
+WOLFSSL_API int wc_AesEaxFree(AesEax* eax);
+
+
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
index 882ab89c..e7505e22 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/asn_public.h
@@ -1231,7 +1231,7 @@ int wc_DerToPem(const byte* der, word32 derSz, byte* output,
 
     word32 pemSz;
     byte* cipher_info[] { Additional cipher info. }
-    pemSz = wc_DerToPemEx(der, derSz,pemFormatted,FOURK_BUF, ,CERT_TYPE);
+    pemSz = wc_DerToPemEx(der, derSz, pemFormatted, FOURK_BUF, cipher_info, CERT_TYPE);
     \endcode
 
     \sa wc_PemCertToDer
@@ -2110,7 +2110,7 @@ int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
     _Example_
     \code
     int ret = 0;
-    // Unkown extension callback prototype
+    // Unknown extension callback prototype
     int myUnknownExtCallback(const word16* oid, word32 oidSz, int crit,
                              const unsigned char* der, word32 derSz);
 
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
index a2f36a52..96d5bc8c 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/cmac.h
@@ -6,7 +6,7 @@
     \param key key pointer
     \param keySz size of the key pointer (16, 24 or 32)
     \param type Always WC_CMAC_AES = 1
-    \param unused not used, exists for potential future use around compatiblity
+    \param unused not used, exists for potential future use around compatibility
 
     _Example_
     \code
@@ -23,6 +23,8 @@
     \sa wc_InitCmac_ex
     \sa wc_CmacUpdate
     \sa wc_CmacFinal
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFree
 */
 int wc_InitCmac(Cmac* cmac,
                 const byte* key, word32 keySz,
@@ -36,7 +38,7 @@ int wc_InitCmac(Cmac* cmac,
     \param key key pointer
     \param keySz size of the key pointer (16, 24 or 32)
     \param type Always WC_CMAC_AES = 1
-    \param unused not used, exists for potential future use around compatiblity
+    \param unused not used, exists for potential future use around compatibility
     \param heap pointer to the heap hint used for dynamic allocation. Typically used with our static memory option. Can be NULL.
     \param devId ID to use with async hardware. Set to INVALID_DEVID if not using async hardware.
 
@@ -55,6 +57,8 @@ int wc_InitCmac(Cmac* cmac,
     \sa wc_InitCmac_ex
     \sa wc_CmacUpdate
     \sa wc_CmacFinal
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFree
 */
 int wc_InitCmac_ex(Cmac* cmac,
                 const byte* key, word32 keySz,
@@ -75,13 +79,16 @@ int wc_InitCmac_ex(Cmac* cmac,
 
     \sa wc_InitCmac
     \sa wc_CmacFinal
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFree
 */
 int wc_CmacUpdate(Cmac* cmac,
                   const byte* in, word32 inSz);
 
+
 /*!
     \ingroup CMAC
-    \brief Generate the final result using Cipher-based Message Authentication Code
+    \brief Generate the final result using Cipher-based Message Authentication Code, deferring context cleanup.
     \return 0 on success
     \param cmac pointer to the Cmac structure
     \param out pointer to return the result
@@ -89,18 +96,60 @@ int wc_CmacUpdate(Cmac* cmac,
 
     _Example_
     \code
-    ret = wc_CmacFinal(cmac, out, &outSz);
+    ret = wc_CmacFinalNoFree(cmac, out, &outSz);
+    (void)wc_CmacFree(cmac);
     \endcode
 
     \sa wc_InitCmac
     \sa wc_CmacFinal
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFree
 */
-int wc_CmacFinal(Cmac* cmac,
+int wc_CmacFinalNoFree(Cmac* cmac,
                  byte* out, word32* outSz);
 
 /*!
     \ingroup CMAC
-    \brief Single shot fuction for generating a CMAC
+    \brief Generate the final result using Cipher-based Message Authentication Code, and clean up the context with wc_CmacFree().
+    \return 0 on success
+    \param cmac pointer to the Cmac structure
+    \param out pointer to return the result
+    \param outSz pointer size of output (in/out)
+
+    _Example_
+    \code
+    ret = wc_CmacFinal(cmac, out, &outSz);
+    \endcode
+
+    \sa wc_InitCmac
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFree
+*/
+int wc_CmacFinalNoFree(Cmac* cmac);
+
+/*!
+    \ingroup CMAC
+    \brief Clean up allocations in a CMAC context.
+    \return 0 on success
+    \param cmac pointer to the Cmac structure
+
+    _Example_
+    \code
+    ret = wc_CmacFinalNoFree(cmac, out, &outSz);
+    (void)wc_CmacFree(cmac);
+    \endcode
+
+    \sa wc_InitCmac
+    \sa wc_CmacFinalNoFree
+    \sa wc_CmacFinal
+    \sa wc_CmacFree
+*/
+int wc_CmacFree(Cmac* cmac);
+
+/*!
+    \ingroup CMAC
+    \brief Single shot function for generating a CMAC
     \return 0 on success
     \param out pointer to return the result
     \param outSz pointer size of output (in/out)
@@ -122,7 +171,7 @@ int wc_AesCmacGenerate(byte* out, word32* outSz,
 
 /*!
     \ingroup CMAC
-    \brief Single shot fuction for validating a CMAC
+    \brief Single shot function for validating a CMAC
     \return 0 on success
     \param check pointer to return the result
     \param checkSz size of checkout buffer
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
index fc7c253c..709d462b 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_groups.h
@@ -206,6 +206,7 @@
     \defgroup RSA Algorithms - RSA
     \defgroup SHA Algorithms - SHA 128/224/256/384/512
     \defgroup SipHash Algorithm - SipHash
+    \defgroup SrtpKdf Algorithm - SRTP KDF
     \defgroup SRP Algorithms - SRP
 
     \defgroup ASN ASN.1
@@ -221,7 +222,7 @@
     key operations and reducing the attack surface by restricting access to certificate and keys
     to the SIM.
 
-    IoT-Safe support can be enabled on an existing WOLFSSL_CTX contex, using wolfSSL_CTX_iotsafe_enable().\n
+    IoT-Safe support can be enabled on an existing WOLFSSL_CTX context, using wolfSSL_CTX_iotsafe_enable().\n
     Session created within the context can set the parameters for IoT-Safe key and files usage, and enable
     the public keys callback, with wolfSSL_iotsafe_on().
 
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
index 56b9025e..2765449a 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/doxygen_pages.h
@@ -57,6 +57,7 @@
         <li>\ref RSA</li>
         <li>\ref SHA</li>
         <li>\ref SipHash</li>
+        <li>\ref SrtpKdf</li>
         <li>\ref SRP</li>
     </ul>
 */
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
index fcf3b5c1..b4176da9 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ed25519.h
@@ -1,21 +1,21 @@
 /*!
     \ingroup ED25519
 
-    \brief This function generates the Ed25519 public key from the private key.
-    It stores the public key in the buffer pubKey, and sets the bytes
-    written to this buffer in pubKeySz.
+    \brief This function generates the Ed25519 public key from the private key,
+    stored in the ed25519_key object. It stores the public key in the buffer
+    pubKey.
 
     \return 0 Returned upon successfully making the public key.
-    \return BAD_FUNC_ARG Returned ifi key or pubKey evaluate to NULL, or if the
+    \return BAD_FUNC_ARG Returned if key or pubKey evaluate to NULL, or if the
     specified key size is not 32 bytes (Ed25519 has 32 byte keys).
+    \return ECC_PRIV_KEY_E returned if the ed25519_key object does not have 
+    the private key in it.
     \return MEMORY_E Returned if there is an error allocating memory
     during function execution.
 
     \param [in] key Pointer to the ed25519_key for which to generate a key.
-    \param [out] out Pointer to the buffer in which to store the public key.
-    \param [in,out] outLen Pointer to a word32 object with the size available
-    in out. Set with the number of bytes written to out after successfully
-    exporting the public key.
+    \param [out] pubKey Pointer to the buffer in which to store the public key.
+    \param [in] pubKeySz Size of the public key. Should be ED25519_PUB_KEY_SIZE.
 
     _Example_
     \code
@@ -301,7 +301,7 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
     \ingroup ED25519
 
     \brief This function verifies the Ed25519 signature of a message to ensure
-    authenticity. It returns the answer through res, with 1 corresponding to
+    authenticity. It returns the answer through ret, with 1 corresponding to
     a valid signature, and 0 corresponding to an invalid signature.
 
     \return 0 Returned upon successfully performing the signature
@@ -315,7 +315,7 @@ int wc_ed25519ph_sign_msg(const byte* in, word32 inlen, byte* out,
     \param [in] siglen Length of the signature to verify.
     \param [in] msg Pointer to the buffer containing the message to verify.
     \param [in] msgLen Length of the message to verify.
-    \param [out] res Pointer to the result of the verification. 1 indicates the
+    \param [out] ret Pointer to the result of the verification. 1 indicates the
     message was successfully verified.
     \param [in] key Pointer to a public Ed25519 key with which to verify the
     signature.
@@ -351,7 +351,7 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
 
     \brief This function verifies the Ed25519 signature of a message to ensure
     authenticity. The context is included as part of the data
-    verified. It returns the answer through res, with 1 corresponding to
+    verified. It returns the answer through ret, with 1 corresponding to
     a valid signature, and 0 corresponding to an invalid signature.
 
     \return 0 Returned upon successfully performing the signature
@@ -365,7 +365,7 @@ int wc_ed25519_verify_msg(const byte* sig, word32 siglen, const byte* msg,
     \param [in] siglen Length of the signature to verify.
     \param [in] msg Pointer to the buffer containing the message to verify.
     \param [in] msgLen Length of the message to verify.
-    \param [out] res Pointer to the result of the verification. 1 indicates the
+    \param [out] ret Pointer to the result of the verification. 1 indicates the
     message was successfully verified.
     \param [in] key Pointer to a public Ed25519 key with which to verify the
     signature.
@@ -408,7 +408,7 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
     message to ensure authenticity. The context is included as part of the data
     verified. The hash is the pre-hashed message before signature calculation.
     The hash algorithm used to create message digest must be SHA-512.
-    The answer is returned through res, with 1 corresponding to a valid
+    The answer is returned through ret, with 1 corresponding to a valid
     signature, and 0 corresponding to an invalid signature.
 
 
@@ -424,7 +424,7 @@ int wc_ed25519ctx_verify_msg(const byte* sig, word32 siglen, const byte* msg,
     \param [in] hash Pointer to the buffer containing the hash of the message
     to verify.
     \param [in] hashLen Length of the hash to verify.
-    \param [out] res Pointer to the result of the verification. 1 indicates the
+    \param [out] ret Pointer to the result of the verification. 1 indicates the
     message was successfully verified.
     \param [in] key Pointer to a public Ed25519 key with which to verify the
     signature.
@@ -466,7 +466,7 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
     \brief This function verifies the Ed25519 signature of a message to ensure
     authenticity. The context is included as part of the data
     verified. The message is pre-hashed before verification. It returns the
-    answer through res, with 1 corresponding to a valid signature, and 0
+    answer through ret, with 1 corresponding to a valid signature, and 0
     corresponding to an invalid signature.
 
     \return 0 Returned upon successfully performing the signature
@@ -480,7 +480,7 @@ int wc_ed25519ph_verify_hash(const byte* sig, word32 siglen, const byte* hash,
     \param [in] siglen Length of the signature to verify.
     \param [in] msg Pointer to the buffer containing the message to verify.
     \param [in] msgLen Length of the message to verify.
-    \param [out] res Pointer to the result of the verification. 1 indicates the
+    \param [out] ret Pointer to the result of the verification. 1 indicates the
     message was successfully verified.
     \param [in] key Pointer to a public Ed25519 key with which to verify the
     signature.
@@ -562,7 +562,7 @@ void wc_ed25519_free(ed25519_key* key);
 /*!
     \ingroup ED25519
 
-    \brief This function imports a public ed25519_key pair from a buffer
+    \brief This function imports a public ed25519_key from a buffer
     containing the public key. This function will handle both compressed and
     uncompressed keys. The public key is checked that it matches the private
     key when one is present.
@@ -600,7 +600,7 @@ int wc_ed25519_import_public(const byte* in, word32 inLen, ed25519_key* key);
 /*!
     \ingroup ED25519
 
-    \brief This function imports a public ed25519_key pair from a buffer
+    \brief This function imports a public ed25519_key from a buffer
     containing the public key. This function will handle both compressed and
     uncompressed keys. Check public key matches private key, when present,
     when not trusted.
@@ -649,8 +649,6 @@ int wc_ed25519_import_public_ex(const byte* in, word32 inLen, ed25519_key* key,
 
     \param [in] priv Pointer to the buffer containing the private key.
     \param [in] privSz Length of the private key.
-    \param [in] pub Pointer to the buffer containing the public key.
-    \param [in] pubSz Length of the public key.
     \param [in,out] key Pointer to the ed25519_key object in which to store the
     imported private key.
 
@@ -950,7 +948,7 @@ int wc_ed25519_export_key(ed25519_key* key,
 
     \return 0 Returned if the private and public key matched.
     \return BAD_FUNC_ARG Returned if the given key is NULL.
-    \return PUBLIC_KEY_E Returned if the no public key availble or is invalid.
+    \return PUBLIC_KEY_E Returned if the no public key available or is invalid.
 
     \param [in] key Pointer to an ed25519_key structure holding a private and
     public key.
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h
new file mode 100644
index 00000000..02088c75
--- /dev/null
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/kdf.h
@@ -0,0 +1,225 @@
+
+/*!
+    \ingroup SrtpKdf
+
+    \brief This function derives keys using SRTP KDF algorithm.
+
+    \return 0 Returned upon successful key derivation.
+    \return BAD_FUNC_ARG Returned when key or salt is NULL
+    \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+    \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+    \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+    \return MEMORY_E on dynamic memory allocation failure.
+
+    \param [in] key Key to use with encryption.
+    \param [in] keySz Size of key in bytes.
+    \param [in] salt Random non-secret value.
+    \param [in] saltSz Size of random in bytes.
+    \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+    \param [in] index Index value to XOR in.
+    \param [out] key1 First key. Label value of 0x00.
+    \param [in] key1Sz Size of first key in bytes.
+    \param [out] key2 Second key. Label value of 0x01.
+    \param [in] key2Sz Size of second key in bytes.
+    \param [out] key3 Third key. Label value of 0x02.
+    \param [in] key3Sz Size of third key in bytes.
+
+
+    _Example_
+    \code
+    unsigned char key[16] = { ... };
+    unsigned char salt[14] = { ... };
+    unsigned char index[6] = { ... };
+    unsigned char keyE[16];
+    unsigned char keyA[20];
+    unsigned char keyS[14];
+    int kdrIdx = 0; // Use all of index
+    int ret;
+
+    ret = wc_SRTP_KDF(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+        keyE, sizeof(keyE), keyA, sizeof(keyA), keyS, sizeof(keyS));
+    if (ret != 0) {
+        WOLFSSL_MSG("wc_SRTP_KDF failed");
+    }
+    \endcode
+
+    \sa wc_SRTCP_KDF
+    \sa wc_SRTP_KDF_label
+    \sa wc_SRTCP_KDF_label
+    \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+        int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+        word32 key2Sz, byte* key3, word32 key3Sz);
+
+/*!
+    \ingroup SrtpKdf
+
+    \brief This function derives keys using SRTCP KDF algorithm.
+
+    \return 0 Returned upon successful key derivation.
+    \return BAD_FUNC_ARG Returned when key or salt is NULL
+    \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+    \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+    \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+    \return MEMORY_E on dynamic memory allocation failure.
+
+    \param [in] key Key to use with encryption.
+    \param [in] keySz Size of key in bytes.
+    \param [in] salt Random non-secret value.
+    \param [in] saltSz Size of random in bytes.
+    \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+    \param [in] index Index value to XOR in.
+    \param [out] key1 First key. Label value of 0x00.
+    \param [in] key1Sz Size of first key in bytes.
+    \param [out] key2 Second key. Label value of 0x01.
+    \param [in] key2Sz Size of second key in bytes.
+    \param [out] key3 Third key. Label value of 0x02.
+    \param [in] key3Sz Size of third key in bytes.
+
+
+    _Example_
+    \code
+    unsigned char key[16] = { ... };
+    unsigned char salt[14] = { ... };
+    unsigned char index[4] = { ... };
+    unsigned char keyE[16];
+    unsigned char keyA[20];
+    unsigned char keyS[14];
+    int kdrIdx = 0; // Use all of index
+    int ret;
+
+    ret = wc_SRTCP_KDF(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+        keyE, sizeof(keyE), keyA, sizeof(keyA), keyS, sizeof(keyS));
+    if (ret != 0) {
+        WOLFSSL_MSG("wc_SRTP_KDF failed");
+    }
+    \endcode
+
+    \sa wc_SRTP_KDF
+    \sa wc_SRTP_KDF_label
+    \sa wc_SRTCP_KDF_label
+    \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+        int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+        word32 key2Sz, byte* key3, word32 key3Sz);
+/*!
+    \ingroup SrtpKdf
+
+    \brief This function derives a key with label using SRTP KDF algorithm.
+
+    \return 0 Returned upon successful key derivation.
+    \return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
+    \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+    \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+    \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+    \return MEMORY_E on dynamic memory allocation failure.
+
+    \param [in] key Key to use with encryption.
+    \param [in] keySz Size of key in bytes.
+    \param [in] salt Random non-secret value.
+    \param [in] saltSz Size of random in bytes.
+    \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+    \param [in] index Index value to XOR in.
+    \param [in] label Label to use when deriving key.
+    \param [out] outKey Derived key.
+    \param [in] outKeySz Size of derived key in bytes.
+
+
+    _Example_
+    \code
+    unsigned char key[16] = { ... };
+    unsigned char salt[14] = { ... };
+    unsigned char index[6] = { ... };
+    unsigned char keyE[16];
+    int kdrIdx = 0; // Use all of index
+    int ret;
+
+    ret = wc_SRTP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx, index,
+        WC_SRTP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
+    if (ret != 0) {
+        WOLFSSL_MSG("wc_SRTP_KDF failed");
+    }
+    \endcode
+
+    \sa wc_SRTP_KDF
+    \sa wc_SRTCP_KDF
+    \sa wc_SRTCP_KDF_label
+    \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+        word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+        word32 outKeySz);
+/*!
+    \ingroup SrtpKdf
+
+    \brief This function derives key with label using SRTCP KDF algorithm.
+
+    \return 0 Returned upon successful key derivation.
+    \return BAD_FUNC_ARG Returned when key, salt or outKey is NULL
+    \return BAD_FUNC_ARG Returned when key length is not 16, 24 or 32.
+    \return BAD_FUNC_ARG Returned when saltSz is larger than 14.
+    \return BAD_FUNC_ARG Returned when kdrIdx is less than -1 or larger than 24.
+    \return MEMORY_E on dynamic memory allocation failure.
+
+    \param [in] key Key to use with encryption.
+    \param [in] keySz Size of key in bytes.
+    \param [in] salt Random non-secret value.
+    \param [in] saltSz Size of random in bytes.
+    \param [in] kdrIdx Key derivation rate. kdr = 0 when -1, otherwise kdr = 2^kdrIdx.
+    \param [in] index Index value to XOR in.
+    \param [in] label Label to use when deriving key.
+    \param [out] outKey Derived key.
+    \param [in] outKeySz Size of derived key in bytes.
+
+
+    _Example_
+    \code
+    unsigned char key[16] = { ... };
+    unsigned char salt[14] = { ... };
+    unsigned char index[4] = { ... };
+    unsigned char keyE[16];
+    int kdrIdx = 0; // Use all of index
+    int ret;
+
+    ret = wc_SRTCP_KDF_label(key, sizeof(key), salt, sizeof(salt), kdrIdx,
+        index, WC_SRTCP_LABEL_ENCRYPTION, keyE, sizeof(keyE));
+    if (ret != 0) {
+        WOLFSSL_MSG("wc_SRTP_KDF failed");
+    }
+    \endcode
+
+    \sa wc_SRTP_KDF
+    \sa wc_SRTCP_KDF
+    \sa wc_SRTP_KDF_label
+    \sa wc_SRTP_KDF_kdr_to_idx
+*/
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+        word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+        word32 outKeySz);
+/*!
+    \ingroup SrtpKdf
+
+    \brief This function converts a kdr value to an index to use in SRTP/SRTCP KDF API.
+
+    \return Key derivation rate as an index.
+
+    \param [in] kdr Key derivation rate to convert.
+
+    _Example_
+    \code
+    word32 kdr = 0x00000010;
+    int kdrIdx;
+    int ret;
+
+    kdrIdx = wc_SRTP_KDF_kdr_to_idx(kdr);
+    \endcode
+
+    \sa wc_SRTP_KDF
+    \sa wc_SRTCP_KDF
+    \sa wc_SRTP_KDF_label
+    \sa wc_SRTCP_KDF_label
+*/
+int wc_SRTP_KDF_kdr_to_idx(word32 kdr);
+
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
index 4b43a299..6e8c7526 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/rsa.h
@@ -1104,7 +1104,7 @@ int  wc_RsaPublicKeyDecodeRaw(const byte* n, word32 nSz,
     \brief This function converts an RsaKey key to DER format.  The result is
     written to output and it returns the number of bytes written.
 
-    \return 0 Success
+    \return >0 Success, number of bytes written.
     \return BAD_FUNC_ARG Returned if key or output is null, or if key->type
     is not RSA_PRIVATE, or if inLen isn't large enough for output buffer.
     \return MEMORY_E Returned if there is an error allocating memory.
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
index ff6e4aed..fbd38cef 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/sha3.h
@@ -1010,7 +1010,7 @@ int wc_Shake128_Copy(wc_Shake* shake, wc_Shake* dst);
     }
     else {
         wc_Shake256_Update(shake, data, len);
-        wc_Shake256_Final(shake, hash);
+        wc_Shake256_Final(shake, hash, sizeof(hash));
     }
     \endcode
 
@@ -1043,7 +1043,7 @@ int wc_InitShake256(wc_Shake* shake, void* heap, int devId);
     }
     else {
         wc_Shake256_Update(shake, data, len);
-        wc_Shake256_Final(shake, hash);
+        wc_Shake256_Final(shake, hash, sizeof(hash));
     }
     \endcode
 
@@ -1063,6 +1063,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
 
     \param shake pointer to the shake structure to use for encryption
     \param hash Byte array to hold hash value.
+    \param hashLen Size of hash in bytes.
 
     _Example_
     \code
@@ -1075,7 +1076,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
     }
     else {
        wc_Shake256_Update(shake, data, len);
-       wc_Shake256_Final(shake, hash);
+       wc_Shake256_Final(shake, hash, sizeof(hash));
     }
     \endcode
 
@@ -1083,7 +1084,7 @@ int wc_Shake256_Update(wc_Shake* sha, const byte* data, word32 len);
     \sa wc_Shake256_GetHash
     \sa wc_InitShake256
 */
-int wc_Shake256_Final(wc_Shake* shake, byte* hash);
+int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen);
 
 /*!
     \ingroup SHA
@@ -1175,7 +1176,7 @@ int wc_Shake256_SqueezeBlocks(wc_Shake* shake, byte* out, word32 blockCnt);
     }
     else {
         wc_Shake256_Update(&shake, data, len);
-        wc_Shake256_Final(&shake, hash);
+        wc_Shake256_Final(&shake, hash, sizeof(hash));
         wc_Shake256_Free(&shake);
     }
     \endcode
diff --git a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
index ccb2f8bd..5965f11d 100644
--- a/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
+++ b/extra/wolfssl/wolfssl/doc/dox_comments/header_files/ssl.h
@@ -762,7 +762,7 @@ int wolfSSL_tls_import(WOLFSSL* ssl, const unsigned char* buf,
     _Example_
     \code
     int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
-    // body of send session (wc_dtls_export) that passses
+    // body of send session (wc_dtls_export) that passes
     // buf (serialized session) to destination
     WOLFSSL_CTX* ctx;
     int ret;
@@ -799,7 +799,7 @@ int wolfSSL_CTX_dtls_set_export(WOLFSSL_CTX* ctx,
     _Example_
     \code
     int send_session(WOLFSSL* ssl, byte* buf, word32 sz, void* userCtx);
-    // body of send session (wc_dtls_export) that passses
+    // body of send session (wc_dtls_export) that passes
     // buf (serialized session) to destination
     WOLFSSL* ssl;
     int ret;
@@ -859,7 +859,7 @@ int wolfSSL_dtls_export(WOLFSSL* ssl, unsigned char* buf,
 
 /*!
     \brief Used to export a serialized TLS session. This function is for
-    importing a serialized state of the connection.
+    exporting a serialized state of the connection.
     In most cases wolfSSL_get1_session should be used instead of
     wolfSSL_tls_export.
     Additional debug info can be displayed with the macro
@@ -1164,7 +1164,7 @@ int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int form
     \sa wolfSSL_use_certificate_chain_file
 */
 int wolfSSL_CTX_load_verify_locations(WOLFSSL_CTX* ctx, const char* file,
-                                                const char* format);
+                                                const char* path);
 
 /*!
     \ingroup CertsKeys
@@ -1236,7 +1236,9 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
 
     \brief This function returns a pointer to an array of strings representing
     directories wolfSSL will search for system CA certs when
-    wolfSSL_CTX_load_system_CA_certs is called.
+    wolfSSL_CTX_load_system_CA_certs is called. On systems that don't store
+    certificates in an accessible system directory (such as Apple platforms),
+    this function will always return NULL.
 
     \return Valid pointer on success.
     \return NULL pointer on failure.
@@ -1266,9 +1268,19 @@ const char** wolfSSL_get_system_CA_dirs(word32* num);
 /*!
     \ingroup CertsKeys
 
-    \brief This function attempts to load CA certificates into a WOLFSSL_CTX
-    from an OS-dependent CA certificate store. Loaded certificates will be
-    trusted.
+    \brief On most platforms (including Linux and Windows), this function
+    attempts to load CA certificates into a WOLFSSL_CTX from an OS-dependent
+    CA certificate store. Loaded certificates will be trusted.
+
+    On Apple platforms (excluding macOS), certificates can't be obtained from
+    the system, and therefore cannot be loaded into the wolfSSL certificate
+    manager. For these platforms, this function enables TLS connections bound to
+    the WOLFSSL_CTX to use the native system trust APIs to verify authenticity
+    of the peer certificate chain if the authenticity of the peer cannot first
+    be authenticated against certificates loaded by the user.
+
+    The platforms supported and tested are: Linux (Debian, Ubuntu,
+    Gentoo, Fedora, RHEL), Windows 10/11, Android, macOS, and iOS.
 
     \return WOLFSSL_SUCCESS on success.
     \return WOLFSSL_BAD_PATH if no system CA certs were loaded.
@@ -1438,9 +1450,9 @@ int wolfSSL_CTX_use_RSAPrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int f
     \brief This function returns the maximum chain depth allowed, which is 9 by
     default, for a valid session i.e. there is a non-null session object (ssl).
 
-    \return MAX_CHAIN_DEPTH returned if the WOLFSSL_CTX structure is not
+    \return MAX_CHAIN_DEPTH returned if the WOLFSSL structure is not
     NULL. By default the value is 9.
-    \return BAD_FUNC_ARG returned if the WOLFSSL_CTX structure is NULL.
+    \return BAD_FUNC_ARG returned if the WOLFSSL structure is NULL.
 
     \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
 
@@ -1645,7 +1657,7 @@ int wolfSSL_use_certificate_chain_file(WOLFSSL* ssl, const char *file);
     \param file a pointer to the name of the file containing the RSA private
     key to be loaded into the wolfSSL SSL session, with format as specified
     by format.
-    \parm format the encoding type of the RSA private key specified by file.
+    \param format the encoding type of the RSA private key specified by file.
     Possible values include SSL_FILETYPE_PEM and SSL_FILETYPE_ASN1.
 
     _Example_
@@ -1793,7 +1805,7 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX*);
     a socket file descriptor.
 
     \return SSL_SUCCESS upon success.
-    \return Bad_FUNC_ARG upon failure.
+    \return BAD_FUNC_ARG upon failure.
 
     \param ssl pointer to the SSL session, created with wolfSSL_new().
     \param fd file descriptor to use with SSL/TLS connection.
@@ -1827,7 +1839,7 @@ int  wolfSSL_set_fd(WOLFSSL* ssl, int fd);
     addr and addr_len parameters set to NULL.
 
     \return SSL_SUCCESS upon success.
-    \return Bad_FUNC_ARG upon failure.
+    \return BAD_FUNC_ARG upon failure.
 
     \param ssl pointer to the SSL session, created with wolfSSL_new().
     \param fd file descriptor to use with SSL/TLS connection.
@@ -2821,7 +2833,7 @@ int wolfSSL_GetSessionAtIndex(int index, WOLFSSL_SESSION* session);
     \return none No return.
 
     \param ctx pointer to the SSL context, created with wolfSSL_CTX_new().
-    \param mode session timeout value in seconds
+    \param mode flags indicating verification mode for peer's cert.
     \param verify_callback callback to be called when verification fails.
     If no callback is desired, the NULL pointer can be used for
     verify_callback.
@@ -2869,7 +2881,7 @@ void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode,
     \return none No return.
 
     \param ssl pointer to the SSL session, created with wolfSSL_new().
-    \param mode session timeout value in seconds.
+    \param mode flags indicating verification mode for peer's cert.
     \param verify_callback callback to be called when verification fails.
     If no callback is desired, the NULL pointer can
     be used for verify_callback.
@@ -3137,6 +3149,7 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode);
     \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
     \param cb a SessionSecretCb type that is a function pointer with the above
     signature.
+    \param ctx a pointer to the user context to be stored
 
     _Example_
     \code
@@ -3168,7 +3181,7 @@ int  wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
     \return FWRITE_ERROR returned if XFWRITE failed to write to the file.
     \return BAD_MUTEX_E returned if there was a mutex lock failure.
 
-    \param name is a constant char pointer that points to a file for writing.
+    \param fname is a constant char pointer that points to a file for writing.
 
     _Example_
     \code
@@ -3183,7 +3196,7 @@ int  wolfSSL_set_session_secret_cb(WOLFSSL* ssl, SessionSecretCb cb, void* ctx);
     \sa wolfSSL_restore_session_cache
     \sa wolfSSL_memrestore_session_cache
 */
-int  wolfSSL_save_session_cache(const char*);
+int  wolfSSL_save_session_cache(const char* fname);
 
 /*!
     \ingroup IO
@@ -3213,7 +3226,7 @@ int  wolfSSL_save_session_cache(const char*);
     \sa XFREAD
     \sa XFOPEN
 */
-int  wolfSSL_restore_session_cache(const char*);
+int  wolfSSL_restore_session_cache(const char* fname);
 
 /*!
     \ingroup IO
@@ -3311,7 +3324,7 @@ int  wolfSSL_get_session_cache_memsize(void);
 
     \param ctx a pointer to a WOLFSSL_CTX structure, holding the
     certificate information.
-    \param fname  the cert cache buffer.
+    \param fname  a constant char pointer that points to a file for writing.
 
     _Example_
     \code
@@ -3343,7 +3356,7 @@ int  wolfSSL_CTX_save_cert_cache(WOLFSSL_CTX* ctx, const char* fname);
 
     \param ctx a pointer to a WOLFSSL_CTX structure, holding the certificate
     information.
-    \param fname the cert cache buffer.
+    \param fname a constant char pointer that points to a file for reading.
 
     _Example_
     \code
@@ -3461,7 +3474,7 @@ int  wolfSSL_CTX_memrestore_cert_cache(WOLFSSL_CTX* ctx, const void* mem, int sz
 
     \sa CM_GetCertCacheMemSize
 */
-int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX*);
+int  wolfSSL_CTX_get_cert_cache_memsize(WOLFSSL_CTX* ctx);
 
 /*!
     \ingroup Setup
@@ -3598,7 +3611,7 @@ void wolfSSL_dtls_set_using_nonblock(WOLFSSL* ssl, int nonblock);
     \sa wolfSSL_dtls_got_timeout
     \sa wolfSSL_dtls_set_using_nonblock
 */
-int  wolfSSL_dtls_get_using_nonblock(WOLFSSL*);
+int  wolfSSL_dtls_get_using_nonblock(WOLFSSL* ssl);
 /*!
     \brief This function returns the current timeout value in seconds for
     the WOLFSSL object. When using non-blocking sockets, something in the user
@@ -3918,7 +3931,7 @@ int  wolfSSL_dtls_get_peer(WOLFSSL* ssl, void* peer, unsigned int* peerSz);
     \sa wolfSSL_ERR_print_errors_fp
     \sa wolfSSL_load_error_strings
 */
-char* wolfSSL_ERR_error_string(unsigned long,char*);
+char* wolfSSL_ERR_error_string(unsigned long errNumber, char* data);
 
 /*!
     \ingroup Debug
@@ -3962,7 +3975,7 @@ void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
     structure is within the WOLFSSL structure.
 
     \return 1 SSL_SENT_SHUTDOWN is returned.
-    \return 2 SS_RECEIVED_SHUTDOWN is returned.
+    \return 2 SSL_RECEIVED_SHUTDOWN is returned.
 
     \param ssl a constant pointer to a WOLFSSL structure, created using
     wolfSSL_new().
@@ -3988,7 +4001,7 @@ void  wolfSSL_ERR_error_string_n(unsigned long e, char* buf,
 
     \sa wolfSSL_SESSION_free
 */
-int  wolfSSL_get_shutdown(const WOLFSSL*);
+int  wolfSSL_get_shutdown(const WOLFSSL* ssl);
 
 /*!
     \ingroup IO
@@ -4015,7 +4028,7 @@ int  wolfSSL_get_shutdown(const WOLFSSL*);
     \sa wolfSSL_GetSessionIndex
     \sa wolfSSL_memsave_session_cache
 */
-int  wolfSSL_session_reused(WOLFSSL*);
+int  wolfSSL_session_reused(WOLFSSL* ssl);
 
 /*!
     \ingroup TLS
@@ -4045,7 +4058,7 @@ int  wolfSSL_session_reused(WOLFSSL*);
     \sa wolfSSL_get_keys
     \sa wolfSSL_set_shutdown
 */
-int  wolfSSL_is_init_finished(WOLFSSL*);
+int  wolfSSL_is_init_finished(WOLFSSL* ssl);
 
 /*!
     \ingroup IO
@@ -4077,7 +4090,7 @@ int  wolfSSL_is_init_finished(WOLFSSL*);
 
     \sa wolfSSL_lib_version
 */
-const char*  wolfSSL_get_version(WOLFSSL*);
+const char*  wolfSSL_get_version(WOLFSSL* ssl);
 
 /*!
     \ingroup IO
@@ -4141,7 +4154,7 @@ int  wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
     \sa wolfSSL_get_cipher_name_internal
     \sa wolfSSL_get_cipher_name
 */
-WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL*);
+WOLFSSL_CIPHER*  wolfSSL_get_current_cipher(WOLFSSL* ssl);
 
 /*!
     \ingroup IO
@@ -4481,7 +4494,7 @@ int  wolfSSL_BIO_make_bio_pair(WOLFSSL_BIO *b1, WOLFSSL_BIO *b2);
     \sa wolfSSL_BIO_new, wolfSSL_BIO_s_mem
     \sa wolfSSL_BIO_new, wolfSSL_BIO_free
 */
-int  wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *b);
+int  wolfSSL_BIO_ctrl_reset_read_request(WOLFSSL_BIO *bio);
 
 /*!
     \ingroup IO
@@ -4781,7 +4794,7 @@ char*       wolfSSL_X509_NAME_oneline(WOLFSSL_X509_NAME* name, char* in, int sz)
     \sa wolfSSL_get_peer_certificate
     \sa wolfSSL_X509_NAME_oneline
 */
-WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509* cert);
 
 /*!
     \ingroup CertsKeys
@@ -4810,7 +4823,7 @@ WOLFSSL_X509_NAME*  wolfSSL_X509_get_issuer_name(WOLFSSL_X509*);
     \sa wolfSSL_X509_get_isCA
     \sa wolfSSL_get_peer_certificate
 */
-WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
+WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509* cert);
 
 /*!
     \ingroup CertsKeys
@@ -4822,7 +4835,7 @@ WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
     structure is returned.
     \return 0 returned if there is not a valid x509 structure passed in.
 
-    \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
+    \param cert a pointer to a WOLFSSL_X509 structure.
 
     _Example_
     \code
@@ -4841,7 +4854,7 @@ WOLFSSL_X509_NAME*  wolfSSL_X509_get_subject_name(WOLFSSL_X509*);
     \sa wolfSSL_X509_get_issuer_name
     \sa wolfSSL_X509_get_isCA
 */
-int  wolfSSL_X509_get_isCA(WOLFSSL_X509*);
+int  wolfSSL_X509_get_isCA(WOLFSSL_X509* cert);
 
 /*!
     \ingroup CertsKeys
@@ -4883,7 +4896,7 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
     \return int an integer value is returned which was retrieved from
     the x509 object.
 
-    \param ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
+    \param cert a pointer to a WOLFSSL_X509 structure.
 
     _Example_
     \code
@@ -4905,7 +4918,7 @@ int wolfSSL_X509_NAME_get_text_by_NID(WOLFSSL_X509_NAME* name, int nid,
     \sa wolfSSL_X509_notAfter
     \sa wolfSSL_X509_free
 */
-int wolfSSL_X509_get_signature_type(WOLFSSL_X509*);
+int wolfSSL_X509_get_signature_type(WOLFSSL_X509* cert);
 
 /*!
     \brief This function frees a WOLFSSL_X509 structure.
@@ -5191,7 +5204,7 @@ long wolfSSL_CTX_add_extra_chain_cert(WOLFSSL_CTX* ctx, WOLFSSL_X509* x509);
     \sa wolfSSL_CTX_free
     \sa wolfSSL_CTX_set_read_ahead
 */
-int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
+int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX* ctx);
 
 /*!
     \ingroup Setup
@@ -5202,6 +5215,7 @@ int  wolfSSL_CTX_get_read_ahead(WOLFSSL_CTX*);
     \return SSL_FAILURE If ctx is NULL then SSL_FAILURE is returned.
 
     \param ctx WOLFSSL_CTX structure to set read ahead flag.
+    \param v read ahead flag
 
     _Example_
     \code
@@ -5332,7 +5346,7 @@ long wolfSSL_set_options(WOLFSSL *s, long op);
     \sa wolfSSL_free
     \sa wolfSSL_set_options
 */
-long wolfSSL_get_options(const WOLFSSL *s);
+long wolfSSL_get_options(const WOLFSSL *ssl);
 
 /*!
     \ingroup Setup
@@ -5358,7 +5372,7 @@ long wolfSSL_get_options(const WOLFSSL *s);
     \sa wolfSSL_new
     \sa wolfSSL_free
 */
-long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
+long wolfSSL_set_tlsext_debug_arg(WOLFSSL *ssl, void *arg);
 
 /*!
     \ingroup openSSL
@@ -5371,7 +5385,7 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL *s, void *arg);
     \return 1 upon success.
     \return 0 upon error.
 
-    \param s pointer to WolfSSL struct which is created by SSL_new() function
+    \param s pointer to WOLFSSL struct which is created by SSL_new() function
     \param type ssl extension type which TLSEXT_STATUSTYPE_ocsp is
     only supported.
 
@@ -5517,7 +5531,7 @@ void  wolfSSL_ERR_print_errors_cb (
     \sa wolfSSL_CTX_set_psk_client_callback
 */
 void wolfSSL_CTX_set_psk_client_callback(WOLFSSL_CTX* ctx,
-                                                    wc_psk_client_callback);
+                                                    wc_psk_client_callback cb);
 
 /*!
     \brief Sets the PSK client side callback.
@@ -7084,7 +7098,7 @@ int  wolfSSL_SetTmpDH_file(WOLFSSL* ssl, const char* f, int format);
     to MAX_DH_SIZE.
     \param g a constant unsigned char pointer loaded into the buffer
     member of the serverDH_G struct.
-    \param gSz an int type representing the size of g, initialized ot
+    \param gSz an int type representing the size of g, initialized to
     MAX_DH_SIZE.
 
     _Exmaple_
@@ -13157,7 +13171,7 @@ int  wolfSSL_connect(WOLFSSL* ssl);
     exchange. Please note that when using protocol DTLS v1.3, the cookie
     exchange is enabled by default. The Cookie holds a hash of the current
     transcript so that another server process can handle the ClientHello in
-    reply.  The secret is used when generting the integrity check on the Cookie
+    reply.  The secret is used when generating the integrity check on the Cookie
     data.
 
     \param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
@@ -13168,7 +13182,7 @@ int  wolfSSL_connect(WOLFSSL* ssl);
 
     \return BAD_FUNC_ARG if ssl is NULL or not using TLS v1.3.
     \return SIDE_ERROR if called with a client.
-    \return WOLFSSL_SUCCESS if succesful.
+    \return WOLFSSL_SUCCESS if successful.
     \return MEMORY_ERROR if allocating dynamic memory for storing secret failed.
     \return Another -ve value on internal error.
 
@@ -13326,7 +13340,7 @@ int  wolfSSL_no_dhe_psk(WOLFSSL* ssl);
     \brief This function is called on a TLS v1.3 client or server wolfSSL to
     force the rollover of keys. A KeyUpdate message is sent to the peer and
     new keys are calculated for encryption. The peer will send back a KeyUpdate
-    message and the new decryption keys wil then be calculated.
+    message and the new decryption keys will then be calculated.
     This function can only be called after a handshake has been completed.
 
     \param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
@@ -13391,7 +13405,7 @@ int  wolfSSL_key_update_response(WOLFSSL* ssl, int* required);
     \ingroup Setup
 
     \brief This function is called on a TLS v1.3 client wolfSSL context to allow
-    a client certifcate to be sent post handshake upon request from server.
+    a client certificate to be sent post handshake upon request from server.
     This is useful when connecting to a web server that has some pages that
     require client authentication and others that don't.
 
@@ -13422,7 +13436,7 @@ int  wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
     \ingroup Setup
 
     \brief This function is called on a TLS v1.3 client wolfSSL to allow
-    a client certifcate to be sent post handshake upon request from server.
+    a client certificate to be sent post handshake upon request from server.
     A Post-Handshake Client Authentication extension is sent in the ClientHello.
     This is useful when connecting to a web server that has some pages that
     require client authentication and others that don't.
@@ -13612,7 +13626,7 @@ int  wolfSSL_preferred_group(WOLFSSL* ssl);
 
     \param [in,out] ctx a pointer to a WOLFSSL_CTX structure, created
     with wolfSSL_CTX_new().
-    \param [in] groups a list of key exhange groups by identifier.
+    \param [in] groups a list of key exchange groups by identifier.
     \param [in] count the number of key exchange groups in groups.
 
     \return BAD_FUNC_ARG if a pointer parameter is null, the number of groups
@@ -13654,7 +13668,7 @@ int  wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
     use with the TLS v1.3 connections.
 
     \param [in,out] ssl a pointer to a WOLFSSL structure, created using wolfSSL_new().
-    \param [in] groups a list of key exhange groups by identifier.
+    \param [in] groups a list of key exchange groups by identifier.
     \param [in] count the number of key exchange groups in groups.
 
     \return BAD_FUNC_ARG if a pointer parameter is null, the number of groups
@@ -13916,7 +13930,7 @@ int  wolfSSL_set_max_early_data(WOLFSSL* ssl, unsigned int sz);
     \sa wolfSSL_connect
     \sa wolfSSL_connect_TLSv13
 */
-int  wolfSSL_write_early_data(OLFSSL* ssl, const void* data,
+int  wolfSSL_write_early_data(WOLFSSL* ssl, const void* data,
     int sz, int* outSz);
 
 /*!
@@ -14426,7 +14440,7 @@ int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
 /*!
  \ingroup SSL
  \brief Sign a message with the chosen message digest, padding, and RSA key
- \return WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error
+ \return WOLFSSL_SUCCESS on success and c on error
  \param type      Hash NID
  \param m         Message to sign. Most likely this will be the digest of
                   the message to sign
@@ -14490,6 +14504,211 @@ unsigned int wolfSSL_SESSION_get_max_early_data(const WOLFSSL_SESSION *s);
 int wolfSSL_CRYPTO_get_ex_new_index(int, void*, void*, void*, void*);
 
 /*!
+ \ingroup Setup 
+ \brief  In case this function is called in a client side, set certificate types 
+ that can be sent to its peer. In case called in a server side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509. 
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+  cert type, buf size exceed MAX_CLIENT_CERT_TYPE_CNT was specified or 
+  a duplicate value is found in buf.
+
+ \param ctx  WOLFSSL_CTX object pointer
+ \param buf  A buffer where certificate types are stored
+ \param len  buf size in bytes (same as number of certificate types included)
+    _Example_
+ \code
+  int ret;
+  WOLFSSL_CTX* ctx;
+  char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(buf)/sizeof(char);
+  ...
+
+  ret = wolfSSL_CTX_set_client_cert_type(ctx, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  In case this function is called in a server side, set certificate types 
+ that can be sent to its peer. In case called in a client side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509. 
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+  cert type, buf size exceed MAX_SERVER_CERT_TYPE_CNT was specified or 
+  a duplicate value is found in buf.
+
+ \param ctx  WOLFSSL_CTX object pointer
+ \param buf  A buffer where certificate types are stored
+ \param len  buf size in bytes (same as number of certificate types included)
+    _Example_
+ \code
+  int ret;
+  WOLFSSL_CTX* ctx;
+  char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(buf)/sizeof(char);
+  ...
+
+  ret = wolfSSL_CTX_set_server_cert_type(ctx, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  In case this function is called in a client side, set certificate types 
+ that can be sent to its peer. In case called in a server side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509. 
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+  cert type, buf size exceed MAX_CLIENT_CERT_TYPE_CNT was specified or 
+  a duplicate value is found in buf.
+
+ \param ssl  WOLFSSL object pointer
+ \param buf  A buffer where certificate types are stored
+ \param len  buf size in bytes (same as number of certificate types included)
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(buf)/sizeof(char);
+  ...
+
+  ret = wolfSSL_set_client_cert_type(ssl, buf, len);
+ \endcode
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_client_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup Setup 
+ \brief  In case this function is called in a server side, set certificate types 
+ that can be sent to its peer. In case called in a client side,
+ set certificate types that can be acceptable from its peer. Put cert types in the
+ buffer with prioritised order. To reset the settings to default, pass NULL
+ for the buffer or pass zero for len. By default, certificate type is only X509. 
+ In case both side intend to send or accept "Raw public key" cert,
+ WOLFSSL_CERT_TYPE_RPK should be included in the buffer to set.
+
+ \return WOLFSSL_SUCCESS if cert types set successfully
+ \return BAD_FUNC_ARG if NULL was passed for ctx, illegal value was specified as
+  cert type, buf size exceed MAX_SERVER_CERT_TYPE_CNT was specified or 
+  a duplicate value is found in buf.
+
+ \param ctx  WOLFSSL_CTX object pointer
+ \param buf  A buffer where certificate types are stored
+ \param len  buf size in bytes (same as number of certificate types included)
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  char buf[] = {WOLFSSL_CERT_TYPE_RPK, WOLFSSL_CERT_TYPE_X509};
+  int len = sizeof(buf)/sizeof(char);
+  ...
+
+  ret = wolfSSL_set_server_cert_type(ssl, buf, len);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_set_server_cert_type(WOLFSSL* ssl, const char* buf, int len);
+
+/*!
+ \ingroup SSL 
+ \brief  This function returns the result of the client certificate type 
+ negotiation done in ClientHello and ServerHello. WOLFSSL_SUCCESS is returned as
+  a return value if no negotiation occurs and WOLFSSL_CERT_TYPE_UNKNOWN is 
+  returned as the certificate type.
+
+ \return WOLFSSL_SUCCESS if a negotiated certificate type could be got
+ \return BAD_FUNC_ARG if NULL was passed for ctx or tp
+ \param ssl  WOLFSSL object pointer
+ \param tp  A buffer where a certificate type is to be returned. One of three 
+ certificate types will be returned: WOLFSSL_CERT_TYPE_RPK, 
+ WOLFSSL_CERT_TYPE_X509 or WOLFSSL_CERT_TYPE_UNKNOWN.
+
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  int tp;
+  ...
+
+  ret = wolfSSL_get_negotiated_client_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_server_cert_type
+ */
+int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
+ \ingroup SSL 
+ \brief  This function returns the result of the server certificate type 
+ negotiation done in ClientHello and ServerHello. WOLFSSL_SUCCESS is returned as
+  a return value if no negotiation occurs and WOLFSSL_CERT_TYPE_UNKNOWN is 
+  returned as the certificate type.
+
+ \return WOLFSSL_SUCCESS if a negotiated certificate type could be got
+ \return BAD_FUNC_ARG if NULL was passed for ctx or tp
+ \param ssl  WOLFSSL object pointer
+ \param tp  A buffer where a certificate type is to be returned. One of three 
+ certificate types will be returned: WOLFSSL_CERT_TYPE_RPK, 
+ WOLFSSL_CERT_TYPE_X509 or WOLFSSL_CERT_TYPE_UNKNOWN.
+    _Example_
+ \code
+  int ret;
+  WOLFSSL* ssl;
+  int tp;
+　...
+
+  ret = wolfSSL_get_negotiated_server_cert_type(ssl, &tp);
+ \endcode
+ \sa wolfSSL_set_client_cert_type
+ \sa wolfSSL_CTX_set_client_cert_type
+ \sa wolfSSL_set_server_cert_type
+ \sa wolfSSL_CTX_set_server_cert_type
+ \sa wolfSSL_get_negotiated_client_cert_type
+ */
+int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+
+/*!
 
 \brief Enable use of ConnectionID extensions for the SSL object. See RFC 9146
 and RFC 9147
@@ -14635,3 +14854,111 @@ available size need to be provided in bufferSz.
 */
 int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
     unsigned int bufferSz);
+
+/*!
+    \ingroup TLS
+
+    \brief This function returns the raw list of ciphersuites and signature
+    algorithms offered by the client. The lists are only stored and returned
+    inside a callback setup with wolfSSL_CTX_set_cert_cb(). This is useful to
+    be able to dynamically load certificates and keys based on the available
+    ciphersuites and signature algorithms.
+
+    \param [in] ssl The WOLFSSL object to extract the lists from.
+    \param [out] optional suites Raw and unfiltered list of client ciphersuites
+    \param [out] optional suiteSz Size of suites in bytes
+    \param [out] optional hashSigAlgo Raw and unfiltered list of client
+                          signature algorithms
+    \param [out] optional hashSigAlgoSz Size of hashSigAlgo in bytes
+    \return WOLFSSL_SUCCESS when suites available
+    \return WOLFSSL_FAILURE when suites not available
+
+    _Example_
+    \code
+    int certCB(WOLFSSL* ssl, void* arg)
+    {
+        const byte* suites = NULL;
+        word16 suiteSz = 0;
+        const byte* hashSigAlgo = NULL;
+        word16 hashSigAlgoSz = 0;
+
+        wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo,
+                &hashSigAlgoSz);
+
+        // Choose certificate to load based on ciphersuites and sigalgs
+    }
+
+    WOLFSSL* ctx;
+    ctx  = wolfSSL_CTX_new(wolfTLSv1_3_method_ex(NULL));
+    wolfSSL_CTX_set_cert_cb(ctx, certCB, NULL);
+    \endcode
+
+    \sa wolfSSL_get_ciphersuite_info
+    \sa wolfSSL_get_sigalg_info
+*/
+int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+        const byte** suites, word16* suiteSz,
+        const byte** hashSigAlgo, word16* hashSigAlgoSz);
+
+/*!
+    \ingroup TLS
+
+    \brief This returns information about the ciphersuite directly from the
+    raw ciphersuite bytes.
+
+    \param [in] first First byte of the ciphersuite
+    \param [in] second Second byte of the ciphersuite
+
+    \return WOLFSSL_CIPHERSUITE_INFO A struct containing information about the
+    type of authentication used in the ciphersuite.
+
+    _Example_
+    \code
+    WOLFSSL_CIPHERSUITE_INFO info =
+            wolfSSL_get_ciphersuite_info(suites[0], suites[1]);
+    if (info.rsaAuth)
+        haveRSA = 1;
+    else if (info.eccAuth)
+        haveECC = 1;
+    \endcode
+
+    \sa wolfSSL_get_client_suites_sigalgs
+    \sa wolfSSL_get_sigalg_info
+*/
+WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+        byte second);
+
+/*!
+    \ingroup TLS
+
+    \brief This returns information about the hash and signature algorithm
+    directly from the raw ciphersuite bytes.
+
+    \param [in] first First byte of the hash and signature algorithm
+    \param [in] second Second byte of the hash and signature algorithm
+    \param [out] hashAlgo The enum wc_HashType of the MAC algorithm
+    \param [out] sigAlgo The enum Key_Sum of the authentication algorithm
+
+    \return 0            when info was correctly set
+    \return BAD_FUNC_ARG when either input paramters are NULL or the bytes
+                         are not a recognized sigalg suite
+
+    _Example_
+    \code
+    enum wc_HashType hashAlgo;
+    enum Key_Sum sigAlgo;
+
+    wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1],
+            &hashAlgo, &sigAlgo);
+
+    if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
+        haveRSA = 1;
+    else if (sigAlgo == ECDSAk)
+        haveECC = 1;
+    \endcode
+
+    \sa wolfSSL_get_client_suites_sigalgs
+    \sa wolfSSL_get_ciphersuite_info
+*/
+int wolfSSL_get_sigalg_info(byte first, byte second,
+        int* hashAlgo, int* sigAlgo);
diff --git a/extra/wolfssl/wolfssl/examples/README.md b/extra/wolfssl/wolfssl/examples/README.md
index 068be8fd..bea72953 100644
--- a/extra/wolfssl/wolfssl/examples/README.md
+++ b/extra/wolfssl/wolfssl/examples/README.md
@@ -84,3 +84,9 @@ and
 This directory contains example wolfSSL configuration file templates for use when autoconf is not available, such as building with a custom IDE.
 
 See [configs/README.md](configs/README.md) for more details.
+
+## asn1
+This directory contains an example that prints the ASN.1 data of a BER/DER or PEM encoded file. Configure wolfSSL with `--enable-asn-print`.
+
+## pem
+This directory contains an example of converting to/from PEM and DER. Configure wolfSSL with `--enable-coding`
diff --git a/extra/wolfssl/wolfssl/examples/asn1/asn1.c b/extra/wolfssl/wolfssl/examples/asn1/asn1.c
index 0397a142..28e90957 100644
--- a/extra/wolfssl/wolfssl/examples/asn1/asn1.c
+++ b/extra/wolfssl/wolfssl/examples/asn1/asn1.c
@@ -30,8 +30,9 @@
 #include <wolfssl/wolfcrypt/asn_public.h>
 #include <wolfssl/wolfcrypt/coding.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
+#include <stdio.h>
 
-#ifdef WOLFSSL_ASN_PRINT
+#if defined(WOLFSSL_ASN_PRINT) && !defined(NO_FILESYSTEM)
 
 /* Increment allocated data by this much. */
 #define DATA_INC_LEN    256
@@ -59,7 +60,7 @@ static Asn1 asn1;
  * @return  0 on success.
  * @return  1 on failure.
  */
-static int ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
+static int asn1App_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
 {
     int ret = 0;
     word32 len = 0;
@@ -91,8 +92,6 @@ static int ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
             /* Set data to new pointer. */
             data = p;
         }
-        /* Done with file. */
-        fclose(fp);
     }
 
     if (data != NULL) {
@@ -120,7 +119,7 @@ static int PrintDer(FILE* fp)
     unsigned char* data = NULL;
 
     /* Load DER/BER file. */
-    if (ReadFile(fp, &data, &len) != 0) {
+    if (asn1App_ReadFile(fp, &data, &len) != 0) {
         ret = 1;
     }
 
@@ -147,7 +146,7 @@ static int PrintBase64(FILE* fp)
     unsigned char* data = NULL;
 
     /* Load Base64 encoded file. */
-    if (ReadFile(fp, &data, &len) != 0) {
+    if (asn1App_ReadFile(fp, &data, &len) != 0) {
         ret = 1;
     }
 
@@ -227,7 +226,7 @@ static int FindPem(unsigned char* data, word32 offset, word32 len,
     }
 
     if (ret == 0) {
-        /* Return start and end indeces. */
+        /* Return start and end indices. */
         *start = i;
         *end = j;
     }
@@ -250,7 +249,7 @@ static int PrintPem(FILE* fp, int pem_skip)
     word32 len = 0;
 
     /* Load PEM file. */
-    if (ReadFile(fp, &data, &len) != 0) {
+    if (asn1App_ReadFile(fp, &data, &len) != 0) {
         ret = 1;
     }
 
@@ -283,7 +282,7 @@ static int PrintPem(FILE* fp, int pem_skip)
 
 /* Usage lines to show. */
 const char* usage[] = {
-    "asn1 [OPTOIN]... [FILE]",
+    "asn1 [OPTION]... [FILE]",
     "Display a human-readable version of a DER/BER encoding.",
     "",
     "Options:",
@@ -317,8 +316,8 @@ static void Usage(void)
 
 /* Main entry of ASN.1 printing program.
  *
- * @param [in] argc  Count of command line argements.
- * @param [in] argv  Command line argements.
+ * @param [in] argc  Count of command line arguments.
+ * @param [in] argv  Command line arguments.
  * @return  0 on success.
  * @return  1 on failure.
  */
@@ -328,7 +327,7 @@ int main(int argc, char* argv[])
     /* Default to reading STDIN. */
     FILE* fp = stdin;
     int file_format = FORMAT_DER;
-    int indent = 0;
+    word32 indent = 0;
     int pem_skip = 0;
 
     /* Reset options. */
@@ -375,7 +374,7 @@ int main(int argc, char* argv[])
             argc--;
             argv++;
             wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_LENGTH,
-                atoi(argv[0]));
+                (word32)atoi(argv[0]));
         }
         /* Do not show text representations of ASN.1 item data. */
         else if ((strcmp(argv[0], "-n") == 0) ||
@@ -397,7 +396,7 @@ int main(int argc, char* argv[])
             argc--;
             argv++;
             wc_Asn1PrintOptions_Set(&opts, ASN1_PRINT_OPT_OFFSET,
-                atoi(argv[0]));
+                (word32)atoi(argv[0]));
         }
         /* Show wolfSSL OID value for all OBJECT_IDs. */
         else if ((strcmp(argv[0], "-O") == 0) ||
@@ -430,7 +429,7 @@ int main(int argc, char* argv[])
             Usage();
             return 0;
         }
-        /* Unknown option dectection. */
+        /* Unknown option detection. */
         else if (argv[0][0] == '-') {
             fprintf(stderr, "Bad option: %s\n", argv[0]);
             Usage();
@@ -469,6 +468,10 @@ int main(int argc, char* argv[])
     if (ret != 0) {
         fprintf(stderr, "%s\n", wc_GetErrorString(ret));
     }
+
+    if (fp != stdin) {
+        fclose(fp);
+    }
     return (ret == 0) ? 0 : 1;
 }
 
@@ -476,8 +479,8 @@ int main(int argc, char* argv[])
 
 /* Main entry of ASN.1 printing program.
  *
- * @param [in] argc  Count of command line argements.
- * @param [in] argv  Command line argements.
+ * @param [in] argc  Count of command line arguments.
+ * @param [in] argv  Command line arguments.
  * @return  0 on success.
  * @return  1 on failure.
  */
@@ -485,10 +488,9 @@ int main(int argc, char* argv[])
 {
     (void)argc;
     (void)argv;
-    fprintf(stderr, "ASN.1 Parsing and Printing not compiled in.\n");
+    fprintf(stderr, "ASN.1 Parsing and Printing or file system not compiled"
+                    " in.\n");
     return 0;
 }
 
-#endif
-
-
+#endif /* WOLFSSL_ASN_PRINT && !defined(NO_FILESYSTEM)*/
diff --git a/extra/wolfssl/wolfssl/examples/async/README.md b/extra/wolfssl/wolfssl/examples/async/README.md
new file mode 100644
index 00000000..2f7e5f5a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/README.md
@@ -0,0 +1,34 @@
+# wolfSSL Asynchronous Cryptography support
+
+Supported with:
+* Intel QuickAssist
+* Marvell (Cavium) Nitrox
+* Crypto Callbacks (`--enable-cryptocb`)
+* PK Callbacks (`--enable-pkcallbacks`)
+
+Requires files from https://github.com/wolfSSL/wolfAsyncCrypt
+See `async-check.sh` for how to setup.
+
+Tested with:
+* `./configure --enable-asynccrypt --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --disable-rsa --enable-ecc`
+* `./configure --enable-asynccrypt --enable-cryptocb --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --enable-cryptocb --disable-rsa --enable-ecc`
+* `./configure --enable-asynccrypt --enable-pkcallbacks --enable-rsa --disable-ecc`
+* `./configure --enable-asynccrypt --enable-pkcallbacks --disable-rsa --enable-ecc`
+
+```
+make
+./examples/async/async_server
+./examples/async/async_client 127.0.0.1
+```
+
+## Asynchronous Cryptography Design
+
+When a cryptogaphic call is handed off to hardware it return `WC_PENDING_E` up to caller. Then it can keep calling until the operation completes. For some platforms it is required to call `wolfSSL_AsyncPoll`. At the TLS layer a "devId" (Device ID) must be set using `wolfSSL_CTX_SetDevId` to indicate desire to offload cryptography.
+
+For further design details please see: https://github.com/wolfSSL/wolfAsyncCrypt#design
+
+## Support
+
+For questions please email support@wolfssl.com
diff --git a/extra/wolfssl/wolfssl/examples/async/async_client.c b/extra/wolfssl/wolfssl/examples/async/async_client.c
new file mode 100644
index 00000000..a0df6a14
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_client.c
@@ -0,0 +1,277 @@
+/* async_client.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* TLS client demonstrating asynchronous cryptography features and optionally
+ * using the crypto or PK callbacks */
+
+/* std */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+/* socket */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+/* wolfSSL */
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* Test certificates and keys for RSA and ECC */
+#ifndef NO_RSA
+    #define CERT_FILE "./certs/client-cert.pem"
+    #define KEY_FILE  "./certs/client-key.pem"
+    #define CA_FILE   "./certs/ca-cert.pem"
+#elif defined(HAVE_ECC)
+    #define CERT_FILE "./certs/client-ecc-cert.pem"
+    #define KEY_FILE  "./certs/ecc-client-key.pem"
+    #define CA_FILE   "./certs/ca-ecc-cert.pem"
+#else
+    #error No authentication algorithm (ECC/RSA)
+#endif
+
+int client_async_test(int argc, char** argv)
+{
+    int ret = 0;
+    int                sockfd = SOCKET_INVALID;
+    struct sockaddr_in servAddr;
+    char               buff[TEST_BUF_SZ];
+    size_t             len;
+    int                devId = 1; /* anything besides -2 (INVALID_DEVID) */
+#ifdef WOLF_CRYPTO_CB
+    AsyncTlsCryptoCbCtx      myCtx;
+#endif
+    int  err;
+    char errBuff[WOLFSSL_MAX_ERROR_SZ];
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL*     ssl = NULL;
+
+    /* Check for proper calling convention */
+    if (argc != 2) {
+        printf("usage: %s <IPv4 address>\n", argv[0]);
+        return 0;
+    }
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        fprintf(stderr, "ERROR: failed to create the socket\n");
+        ret = -1; goto exit;
+    }
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family = AF_INET;             /* using IPv4      */
+    servAddr.sin_port   = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+
+    /* Get the server IPv4 address from the command line call */
+    if (inet_pton(AF_INET, argv[1], &servAddr.sin_addr) != 1) {
+        fprintf(stderr, "ERROR: invalid address\n");
+        ret = -1; goto exit;
+    }
+
+    /* Connect to the server */
+    if ((ret = connect(sockfd, (struct sockaddr*) &servAddr, sizeof(servAddr)))
+         == -1) {
+        fprintf(stderr, "ERROR: failed to connect\n");
+        goto exit;
+    }
+
+    /*---------------------------------*/
+    /* Start of wolfSSL initialization and configuration */
+    /*---------------------------------*/
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
+    /* Initialize wolfSSL */
+    if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: Failed to initialize the library\n");
+        goto exit;
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_client_method())) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1; goto exit;
+    }
+
+#ifdef WOLF_CRYPTO_CB
+    XMEMSET(&myCtx, 0, sizeof(myCtx));
+    /* register a devID for crypto callbacks */
+    ret = wc_CryptoCb_RegisterDevice(devId, AsyncTlsCryptoCb, &myCtx);
+    if (ret != 0) {
+        fprintf(stderr, "wc_CryptoCb_RegisterDevice: error %d", ret);
+        goto exit;
+    }
+#endif
+    /* register a devID for crypto callbacks */
+    wolfSSL_CTX_SetDevId(ctx, devId);
+
+    /* Load client certificate into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE, WOLFSSL_FILETYPE_PEM))
+        != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CERT_FILE);
+        goto exit;
+    }
+
+    /* Load client key into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE, WOLFSSL_FILETYPE_PEM))
+        != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                KEY_FILE);
+        goto exit;
+    }
+
+    /* Load CA certificate into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL))
+         != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CA_FILE);
+        goto exit;
+    }
+
+    /* Create a WOLFSSL object */
+    if ((ssl = wolfSSL_new(ctx)) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+        ret = -1; goto exit;
+    }
+
+    /* Attach wolfSSL to the socket */
+    if ((ret = wolfSSL_set_fd(ssl, sockfd)) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: Failed to set the file descriptor\n");
+        goto exit;
+    }
+
+    /* Connect to wolfSSL on the server side */
+#ifdef WOLFSSL_ASYNC_CRYPT
+    err = 0; /* Reset error */
+#endif
+    do {
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        if (err == WC_PENDING_E) {
+            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            if (ret < 0)
+                break;
+        }
+    #endif
+        ret = wolfSSL_connect(ssl);
+        err = wolfSSL_get_error(ssl, 0);
+    } while (err == WC_PENDING_E);
+    if (ret != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "wolfSSL_connect error %d: %s\n",
+                err, wolfSSL_ERR_error_string(err, errBuff));
+        goto exit;
+    }
+
+    /* Get a message for the server from stdin */
+    printf("Message for server: ");
+    memset(buff, 0, sizeof(buff));
+    if (fgets(buff, sizeof(buff), stdin) == NULL) {
+        fprintf(stderr, "ERROR: failed to get message for server\n");
+        ret = -1; goto exit;
+    }
+    len = strnlen(buff, sizeof(buff));
+
+    /* Send the message to the server */
+#ifdef WOLFSSL_ASYNC_CRYPT
+    err = 0; /* Reset error */
+#endif
+    do {
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        if (err == WC_PENDING_E) {
+            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            if (ret < 0)
+                break;
+        }
+    #endif
+        ret = wolfSSL_write(ssl, buff, (int)len);
+        err = wolfSSL_get_error(ssl, 0);
+    } while (err == WC_PENDING_E);
+    if (ret != (int)len) {
+        fprintf(stderr, "wolfSSL_write error %d: %s\n",
+                err, wolfSSL_ERR_error_string(err, errBuff));
+        goto exit;
+    }
+
+    /* Read the server data into our buff array */
+    memset(buff, 0, sizeof(buff));
+#ifdef WOLFSSL_ASYNC_CRYPT
+    err = 0; /* Reset error */
+#endif
+    do {
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        if (err == WC_PENDING_E) {
+            ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            if (ret < 0)
+                break;
+        }
+    #endif
+        ret = wolfSSL_read(ssl, buff, sizeof(buff)-1);
+        err = wolfSSL_get_error(ssl, 0);
+    } while (err == WC_PENDING_E);
+    if (ret < 0) {
+        fprintf(stderr, "wolfSSL_read error %d: %s\n",
+                err, wolfSSL_ERR_error_string(err, errBuff));
+        goto exit;
+    }
+
+    /* Print to stdout any data the server sends */
+    printf("Server: %s\n", buff);
+
+    /* Return reporting a success */
+    ret = 0;
+
+exit:
+    /* Cleanup and return */
+    if (sockfd != SOCKET_INVALID)
+        close(sockfd);          /* Close the connection to the server       */
+    if (ssl)
+        wolfSSL_free(ssl);      /* Free the wolfSSL object                  */
+    if (ctx)
+        wolfSSL_CTX_free(ctx);  /* Free the wolfSSL context object          */
+    wolfSSL_Cleanup();          /* Cleanup the wolfSSL environment          */
+
+    (void)argc;
+    (void)argv;
+
+    return ret;
+}
+
+#ifndef NO_MAIN_DRIVER
+int main(int argc, char** argv)
+{
+    return client_async_test(argc, argv);
+}
+#endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/examples/async/async_server.c b/extra/wolfssl/wolfssl/examples/async/async_server.c
new file mode 100644
index 00000000..41eaae86
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_server.c
@@ -0,0 +1,363 @@
+/* async_server.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/* TLS server demonstrating asynchronous cryptography features and optionally
+ * using the crypto or PK callbacks */
+
+/* std */
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+/* socket */
+#include <sys/socket.h>
+#include <arpa/inet.h>
+#include <netinet/in.h>
+#include <unistd.h>
+
+#define HAVE_SIGNAL
+#ifdef HAVE_SIGNAL
+#include <signal.h> /* for catching ctrl+c */
+#endif
+
+/* wolfSSL */
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* Test certificates and keys for RSA and ECC */
+#ifndef NO_RSA
+    #define CERT_FILE "./certs/server-cert.pem"
+    #define KEY_FILE  "./certs/server-key.pem"
+    #define CA_FILE   "./certs/client-cert.pem"
+#elif defined(HAVE_ECC)
+    #define CERT_FILE "./certs/server-ecc.pem"
+    #define KEY_FILE  "./certs/ecc-key.pem"
+    #define CA_FILE   "./certs/client-ecc-cert.pem"
+#else
+    #error No authentication algorithm (ECC/RSA)
+#endif
+
+static int mSockfd = SOCKET_INVALID;
+static int mConnd = SOCKET_INVALID;
+static int mShutdown = 0;
+
+#ifdef HAVE_SIGNAL
+static void sig_handler(const int sig)
+{
+#ifdef DEBUG_WOLFSSL
+    fprintf(stderr, "SIGINT handled = %d.\n", sig);
+#else
+    (void)sig;
+#endif
+
+    mShutdown = 1;
+    if (mConnd != SOCKET_INVALID) {
+        close(mConnd);           /* Close the connection to the client   */
+        mConnd = SOCKET_INVALID;
+    }
+    if (mSockfd != SOCKET_INVALID) {
+        close(mSockfd);          /* Close the socket listening for clients   */
+        mSockfd = SOCKET_INVALID;
+    }
+}
+#endif
+
+int server_async_test(int argc, char** argv)
+{
+    int ret = 0;
+    struct sockaddr_in servAddr;
+    struct sockaddr_in clientAddr;
+    socklen_t          size = sizeof(clientAddr);
+    char               buff[TEST_BUF_SZ];
+    size_t             len;
+    const char*        reply = "I hear ya fa shizzle!\n";
+    int                on;
+    int                devId = 1; /* anything besides -2 (INVALID_DEVID) */
+#ifdef WOLF_CRYPTO_CB
+    AsyncTlsCryptoCbCtx      myCtx;
+#endif
+    int  err;
+    char errBuff[WOLFSSL_MAX_ERROR_SZ];
+
+    /* declare wolfSSL objects */
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL*     ssl = NULL;
+
+#ifdef HAVE_SIGNAL
+    if ((signal(SIGINT, sig_handler)) == SIG_ERR) {
+        fprintf(stderr, "ERROR: failed to listen to SIGINT (errno: %d)\n",errno);
+        goto exit;
+    }
+#endif
+
+    /* Initialize the server address struct with zeros */
+    memset(&servAddr, 0, sizeof(servAddr));
+
+    /* Fill in the server address */
+    servAddr.sin_family      = AF_INET;             /* using IPv4      */
+    servAddr.sin_port        = htons(DEFAULT_PORT); /* on DEFAULT_PORT */
+    servAddr.sin_addr.s_addr = INADDR_ANY;          /* from anywhere   */
+
+
+    /* Create a socket that uses an internet IPv4 address,
+     * Sets the socket to be stream based (TCP),
+     * 0 means choose the default protocol. */
+    if ((mSockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
+        fprintf(stderr, "ERROR: failed to create the socket\n");
+        goto exit;
+    }
+
+    /* make sure server is setup for reuse addr/port */
+    on = 1;
+    if (setsockopt(mSockfd, SOL_SOCKET, SO_REUSEADDR,
+            (char*)&on, (socklen_t)sizeof(on)) != 0) {
+        fprintf(stderr, "ERROR: failed to set SO_REUSEADDR (errno: %d)\n",errno);
+        goto exit;
+    }
+#ifdef SO_REUSEPORT
+    if (setsockopt(mSockfd, SOL_SOCKET, SO_REUSEPORT,
+               (char*)&on, (socklen_t)sizeof(on)) != 0) {
+        fprintf(stderr, "ERROR: failed to set SO_REUSEPORT (errno: %d)\n",errno);
+        goto exit;
+    }
+#endif
+
+    /* Bind the server socket to our port */
+    if (bind(mSockfd, (struct sockaddr*)&servAddr, sizeof(servAddr)) == -1) {
+        fprintf(stderr, "ERROR: failed to bind\n");
+        goto exit;
+    }
+
+    /* Listen for a new connection, allow 5 pending connections */
+    if (listen(mSockfd, 5) == -1) {
+        fprintf(stderr, "ERROR: failed to listen\n");
+        goto exit;
+    }
+
+    /*---------------------------------*/
+    /* Start of wolfSSL initialization and configuration */
+    /*---------------------------------*/
+#ifdef DEBUG_WOLFSSL
+    wolfSSL_Debugging_ON();
+#endif
+
+    /* Initialize wolfSSL */
+    if ((ret = wolfSSL_Init()) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: Failed to initialize the library\n");
+        goto exit;
+    }
+
+    /* Create and initialize WOLFSSL_CTX */
+    if ((ctx = wolfSSL_CTX_new(wolfSSLv23_server_method())) == NULL) {
+        fprintf(stderr, "ERROR: failed to create WOLFSSL_CTX\n");
+        ret = -1;
+        goto exit;
+    }
+
+#ifdef WOLF_CRYPTO_CB
+    XMEMSET(&myCtx, 0, sizeof(myCtx));
+    /* register a devID for crypto callbacks */
+    ret = wc_CryptoCb_RegisterDevice(devId, AsyncTlsCryptoCb, &myCtx);
+    if (ret != 0) {
+        fprintf(stderr, "wc_CryptoCb_RegisterDevice: error %d", ret);
+        goto exit;
+    }
+#endif
+
+    /* register a devID for crypto callbacks */
+    wolfSSL_CTX_SetDevId(ctx, devId);
+
+    /* Require mutual authentication */
+    wolfSSL_CTX_set_verify(ctx,
+        WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
+
+    /* Load server certificates into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_use_certificate_file(ctx, CERT_FILE,
+                                    WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CERT_FILE);
+        goto exit;
+    }
+
+    /* Load server key into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_use_PrivateKey_file(ctx, KEY_FILE,
+                                    WOLFSSL_FILETYPE_PEM)) != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                KEY_FILE);
+        goto exit;
+    }
+
+    /* Load client certificate as "trusted" into WOLFSSL_CTX */
+    if ((ret = wolfSSL_CTX_load_verify_locations(ctx, CA_FILE, NULL))
+         != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",
+                CA_FILE);
+        goto exit;
+    }
+
+    /* Continue to accept clients until mShutdown is issued */
+    while (!mShutdown) {
+        printf("Waiting for a connection...\n");
+
+        /* Accept client connections */
+        if ((mConnd = accept(mSockfd, (struct sockaddr*)&clientAddr, &size))
+            == -1) {
+            fprintf(stderr, "ERROR: failed to accept the connection\n\n");
+            ret = -1; goto exit;
+        }
+
+        /* Create a WOLFSSL object */
+        if ((ssl = wolfSSL_new(ctx)) == NULL) {
+            fprintf(stderr, "ERROR: failed to create WOLFSSL object\n");
+            ret = -1; goto exit;
+        }
+
+        /* Attach wolfSSL to the socket */
+        wolfSSL_set_fd(ssl, mConnd);
+
+        /* Establish TLS connection */
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        err = 0; /* Reset error */
+    #endif
+        do {
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (err == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                if (ret < 0)
+                    break;
+            }
+        #endif
+            ret = wolfSSL_accept(ssl);
+            err = wolfSSL_get_error(ssl, 0);
+        } while (err == WC_PENDING_E);
+        if (ret != WOLFSSL_SUCCESS) {
+            fprintf(stderr, "wolfSSL_accept error %d: %s\n",
+                err, wolfSSL_ERR_error_string(err, errBuff));
+            goto exit;
+        }
+
+
+        printf("Client connected successfully\n");
+
+        /* Read the client data into our buff array */
+        memset(buff, 0, sizeof(buff));
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        err = 0; /* Reset error */
+    #endif
+        do {
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (err == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                if (ret < 0)
+                    break;
+            }
+        #endif
+            ret = wolfSSL_read(ssl, buff, sizeof(buff)-1);
+            err = wolfSSL_get_error(ssl, 0);
+        } while (err == WC_PENDING_E);
+        if (ret < 0) {
+            fprintf(stderr, "wolfSSL_read error %d: %s\n",
+                    err, wolfSSL_ERR_error_string(err, errBuff));
+            goto exit;
+        }
+
+        /* Print to stdout any data the client sends */
+        printf("Client: %s\n", buff);
+
+        /* Check for server shutdown command */
+        if (strncmp(buff, "shutdown", 8) == 0) {
+            printf("Shutdown command issued!\n");
+            mShutdown = 1;
+        }
+
+        /* Write our reply into buff */
+        memset(buff, 0, sizeof(buff));
+        memcpy(buff, reply, strlen(reply));
+        len = strnlen(buff, sizeof(buff));
+
+        /* Reply back to the client */
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        err = 0; /* Reset error */
+    #endif
+        do {
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (err == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+                if (ret < 0)
+                    break;
+            }
+        #endif
+            ret = wolfSSL_write(ssl, buff, (int)len);
+            err = wolfSSL_get_error(ssl, 0);
+        } while (err == WC_PENDING_E);
+        if (ret != (int)len) {
+            fprintf(stderr, "wolfSSL_write error %d: %s\n",
+                    err, wolfSSL_ERR_error_string(err, errBuff));
+            goto exit;
+        }
+
+        /* Cleanup after this connection */
+        wolfSSL_shutdown(ssl);
+        if (ssl) {
+            wolfSSL_free(ssl);    /* Free the wolfSSL object                */
+            ssl = NULL;
+        }
+        if (mConnd != SOCKET_INVALID) {
+            close(mConnd);        /* Close the connection to the client     */
+            mConnd = SOCKET_INVALID;
+        }
+    }
+
+    printf("Shutdown complete\n");
+
+exit:
+    /* Cleanup and return */
+    if (ssl)
+        wolfSSL_free(ssl);        /* Free the wolfSSL object                */
+    if (mConnd != SOCKET_INVALID) {
+        close(mConnd);            /* Close the connection to the client     */
+        mConnd = SOCKET_INVALID;
+    }
+    if (mSockfd != SOCKET_INVALID) {
+        close(mSockfd);           /* Close the socket listening for clients */
+        mSockfd = SOCKET_INVALID;
+    }
+    if (ctx)
+        wolfSSL_CTX_free(ctx);    /* Free the wolfSSL context object        */
+    wolfSSL_Cleanup();            /* Cleanup the wolfSSL environment        */
+
+    (void)argc;
+    (void)argv;
+
+    return ret;
+}
+
+#ifndef NO_MAIN_DRIVER
+int main(int argc, char** argv)
+{
+    return server_async_test(argc, argv);
+}
+#endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/examples/async/async_tls.c b/extra/wolfssl/wolfssl/examples/async/async_tls.c
new file mode 100644
index 00000000..1d4f68d5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/async_tls.c
@@ -0,0 +1,158 @@
+/* async-tls.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL. (formerly known as CyaSSL)
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS
+#include <wolfssl/options.h>
+#endif
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfio.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include "examples/async/async_tls.h"
+
+/* ---------------------------------------------------------------------------*/
+/* --- Example Crypto Callback --- */
+/* ---------------------------------------------------------------------------*/
+#ifdef WOLF_CRYPTO_CB
+
+/* Example custom context for crypto callback */
+#ifndef TEST_PEND_COUNT
+#define TEST_PEND_COUNT 2
+#endif
+
+/* Example crypto dev callback function that calls software version */
+/* This is where you would plug-in calls to your own hardware crypto */
+int AsyncTlsCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
+{
+    int ret = CRYPTOCB_UNAVAILABLE; /* return this to bypass HW and use SW */
+    AsyncTlsCryptoCbCtx* myCtx = (AsyncTlsCryptoCbCtx*)ctx;
+
+    if (info == NULL)
+        return BAD_FUNC_ARG;
+
+#ifdef DEBUG_CRYPTOCB
+    wc_CryptoCb_InfoString(info);
+#endif
+
+    if (info->algo_type == WC_ALGO_TYPE_PK) {
+#ifdef WOLFSSL_ASYNC_CRYPT
+        /* Test pending response */
+        if (info->pk.type == WC_PK_TYPE_RSA ||
+            info->pk.type == WC_PK_TYPE_EC_KEYGEN ||
+            info->pk.type == WC_PK_TYPE_ECDSA_SIGN ||
+            info->pk.type == WC_PK_TYPE_ECDSA_VERIFY ||
+            info->pk.type == WC_PK_TYPE_ECDH)
+        {
+            if (myCtx->pendingCount++ < TEST_PEND_COUNT) return WC_PENDING_E;
+            myCtx->pendingCount = 0;
+        }
+#endif
+
+    #ifndef NO_RSA
+        if (info->pk.type == WC_PK_TYPE_RSA) {
+            /* set devId to invalid, so software is used */
+            info->pk.rsa.key->devId = INVALID_DEVID;
+
+            switch (info->pk.rsa.type) {
+                case RSA_PUBLIC_ENCRYPT:
+                case RSA_PUBLIC_DECRYPT:
+                    /* perform software based RSA public op */
+                    ret = wc_RsaFunction(
+                        info->pk.rsa.in, info->pk.rsa.inLen,
+                        info->pk.rsa.out, info->pk.rsa.outLen,
+                        info->pk.rsa.type, info->pk.rsa.key, info->pk.rsa.rng);
+                    break;
+                case RSA_PRIVATE_ENCRYPT:
+                case RSA_PRIVATE_DECRYPT:
+                    /* perform software based RSA private op */
+                    ret = wc_RsaFunction(
+                        info->pk.rsa.in, info->pk.rsa.inLen,
+                        info->pk.rsa.out, info->pk.rsa.outLen,
+                        info->pk.rsa.type, info->pk.rsa.key, info->pk.rsa.rng);
+                    break;
+            }
+
+            /* reset devId */
+            info->pk.rsa.key->devId = devIdArg;
+        }
+    #endif
+    #ifdef HAVE_ECC
+        if (info->pk.type == WC_PK_TYPE_EC_KEYGEN) {
+            /* set devId to invalid, so software is used */
+            info->pk.eckg.key->devId = INVALID_DEVID;
+
+            ret = wc_ecc_make_key_ex(info->pk.eckg.rng, info->pk.eckg.size,
+                info->pk.eckg.key, info->pk.eckg.curveId);
+
+            /* reset devId */
+            info->pk.eckg.key->devId = devIdArg;
+        }
+        else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
+            /* set devId to invalid, so software is used */
+            info->pk.eccsign.key->devId = INVALID_DEVID;
+
+            ret = wc_ecc_sign_hash(
+                info->pk.eccsign.in, info->pk.eccsign.inlen,
+                info->pk.eccsign.out, info->pk.eccsign.outlen,
+                info->pk.eccsign.rng, info->pk.eccsign.key);
+
+            /* reset devId */
+            info->pk.eccsign.key->devId = devIdArg;
+        }
+        else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
+            /* set devId to invalid, so software is used */
+            info->pk.eccverify.key->devId = INVALID_DEVID;
+
+            ret = wc_ecc_verify_hash(
+                info->pk.eccverify.sig, info->pk.eccverify.siglen,
+                info->pk.eccverify.hash, info->pk.eccverify.hashlen,
+                info->pk.eccverify.res, info->pk.eccverify.key);
+
+            /* reset devId */
+            info->pk.eccverify.key->devId = devIdArg;
+        }
+        else if (info->pk.type == WC_PK_TYPE_ECDH) {
+            /* set devId to invalid, so software is used */
+            info->pk.ecdh.private_key->devId = INVALID_DEVID;
+
+            ret = wc_ecc_shared_secret(
+                info->pk.ecdh.private_key, info->pk.ecdh.public_key,
+                info->pk.ecdh.out, info->pk.ecdh.outlen);
+
+            /* reset devId */
+            info->pk.ecdh.private_key->devId = devIdArg;
+        }
+    #endif /* HAVE_ECC */
+    }
+
+    (void)devIdArg;
+    (void)myCtx;
+
+    return ret;
+}
+#endif /* WOLF_CRYPTO_CB */
+
+/* ---------------------------------------------------------------------------*/
+/* --- Example PK (Public Key) Callback --- */
+/* ---------------------------------------------------------------------------*/
+#ifdef HAVE_PK_CALLBACKS
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dh.h b/extra/wolfssl/wolfssl/examples/async/async_tls.h
index 3d8bbc41..d5403e24 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/dh.h
+++ b/extra/wolfssl/wolfssl/examples/async/async_tls.h
@@ -1,4 +1,4 @@
-/* dh.h
+/* async-tls.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -20,23 +20,23 @@
  */
 
 
+#ifndef WOLFSSL_ASYNC_TLS_EXAMPLES_H
+#define WOLFSSL_ASYNC_TLS_EXAMPLES_H
 
-#ifndef NO_DH
+#define DEFAULT_PORT 11111
+#define TEST_BUF_SZ  256
 
-#ifndef CTAO_CRYPT_DH_H
-#define CTAO_CRYPT_DH_H
+#ifdef WOLF_CRYPTO_CB
+/* Example custom context for crypto callback */
+typedef struct {
+    int pendingCount; /* track pending tries test count */
+} AsyncTlsCryptoCbCtx;
+int AsyncTlsCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx);
+#endif /* WOLF_CRYPTO_CB */
 
-/* for dh reverse compatibility */
-#include <wolfssl/wolfcrypt/dh.h>
-#define InitDhKey         wc_InitDhKey
-#define FreeDhKey         wc_FreeDhKey
-#define DhGenerateKeyPair wc_DhGenerateKeyPair
-#define DhAgree           wc_DhAgree
-#define DhKeyDecode       wc_DhKeyDecode
-#define DhSetKey          wc_DhSetKey
-#define DhParamsLoad      wc_DhParamsLoad
 
-#endif /* CTAO_CRYPT_DH_H */
+int client_async_test(int argc, char** argv);
+int server_async_test(int argc, char** argv);
 
-#endif /* NO_DH */
 
+#endif /* WOLFSSL_ASYNC_TLS_EXAMPLES_H */
diff --git a/extra/wolfssl/wolfssl/examples/async/include.am b/extra/wolfssl/wolfssl/examples/async/include.am
new file mode 100644
index 00000000..b8a61175
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/async/include.am
@@ -0,0 +1,24 @@
+# vim:ft=automake
+# All paths should be given relative to the root
+
+if BUILD_ASYNCCRYPT
+noinst_HEADERS += examples/async/async_tls.h
+
+noinst_PROGRAMS += examples/async/async_client
+examples_async_async_client_SOURCES      = examples/async/async_client.c examples/async/async_tls.c
+examples_async_async_client_LDADD        = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_async_async_client_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+examples_async_async_client_CFLAGS       = $(AM_CFLAGS)
+
+noinst_PROGRAMS += examples/async/async_server
+examples_async_async_server_SOURCES      = examples/async/async_server.c examples/async/async_tls.c
+examples_async_async_server_LDADD        = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_async_async_server_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+examples_async_async_server_CFLAGS       = $(AM_CFLAGS)
+endif
+
+dist_example_DATA+= examples/async/async_server.c
+dist_example_DATA+= examples/async/async_client.c
+DISTCLEANFILES+= examples/async/.libs/async_server
+DISTCLEANFILES+= examples/async/.libs/async_client
+EXTRA_DIST += examples/async/README.md
diff --git a/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c b/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
index de384cb2..8289d6a7 100644
--- a/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
+++ b/extra/wolfssl/wolfssl/examples/benchmark/tls_bench.c
@@ -40,6 +40,8 @@ Or
     #include <wolfssl/options.h>
 #endif
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/ssl.h>
 #include <wolfssl/wolfcrypt/hash.h> /* WC_MAX_DIGEST_SIZE */
 #include <wolfssl/test.h>
@@ -60,18 +62,31 @@ Or
 #include <sys/time.h>
 #include <errno.h>
 
-/* For testing no pthread support */
+/* For testing no threading support */
 #if 0
     #undef HAVE_PTHREAD
+    #define SINGLE_THREADED
 #endif
 
 /* PTHREAD requires server and client enabled */
-#if defined(HAVE_PTHREAD) && (defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER))
-    #undef HAVE_PTHREAD
+#if defined(NO_WOLFSSL_CLIENT) || defined(NO_WOLFSSL_SERVER)
+    #if !defined(SINGLE_THREADED)
+        #ifdef __GNUC__  /* GCC compiler */
+            #pragma message "PTHREAD requires server and client enabled."
+        #elif defined(_MSC_VER) /* Microsoft Visual C++ compiler */
+            #pragma message("PTHREAD requires server and client enabled.")
+        #else
+            #warning "PTHREAD requires server and client enabled."
+        #endif
+        #define SINGLE_THREADED
+    #endif
 #endif
-
-#ifdef HAVE_PTHREAD
-    #include <pthread.h>
+/* Conversely, if both server and client are enabled, we must require pthreads */
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) \
+    && defined(SINGLE_THREADED)
+    #error "threads must be enabled if building benchmark suite \
+to run both client and server. Please define HAVE_PTHREAD if your \
+platform supports it"
 #endif
 
 #if 0
@@ -284,7 +299,7 @@ static struct group_info groups[] = {
 };
 #endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */
 
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
 typedef struct {
     unsigned char buf[MEM_BUFFER_SZ];
     int write_bytes;
@@ -292,9 +307,7 @@ typedef struct {
     int read_bytes;
     int read_idx;
 
-    pthread_t tid;
-    pthread_mutex_t mutex;
-    pthread_cond_t cond;
+    COND_TYPE cond;
 
     int done;
 } memBuf_t;
@@ -332,17 +345,17 @@ typedef struct {
     int doDTLS;
     struct sockaddr_in serverAddr;
     struct sockaddr_in clientAddr;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     int serverReady;
     int clientOrserverOnly;
-    pthread_mutex_t dtls_mutex;
-    pthread_cond_t dtls_cond;
+    wolfSSL_Mutex dtls_mutex;
+    COND_TYPE dtls_cond;
 #endif
 #endif
     side_t client;
     side_t server;
 
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     int useLocalMem;
 
     /* client messages to server in memory */
@@ -380,16 +393,16 @@ static double gettime_secs(int reset)
 }
 
 
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
 /* server send callback */
 static int ServerMemSend(info_t* info, char* buf, int sz)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_client.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
 
 #ifndef BENCH_USE_NONBLOCK
     /* check for overflow */
     if (info->to_client.write_idx + sz > MEM_BUFFER_SZ) {
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+        THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
         fprintf(stderr, "ServerMemSend overflow\n");
         return -1;
     }
@@ -403,8 +416,8 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
     info->to_client.write_idx += sz;
     info->to_client.write_bytes += sz;
 
-    PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_client.cond));
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_client.cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
 
 #ifdef BENCH_USE_NONBLOCK
     if (sz == 0) {
@@ -417,13 +430,12 @@ static int ServerMemSend(info_t* info, char* buf, int sz)
 /* server recv callback */
 static int ServerMemRecv(info_t* info, char* buf, int sz)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_server.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
 
 #ifndef BENCH_USE_NONBLOCK
     while (info->to_server.write_idx - info->to_server.read_idx < sz &&
             !info->to_client.done) {
-        PTHREAD_CHECK_RET(pthread_cond_wait(&info->to_server.cond,
-                                            &info->to_server.mutex));
+        THREAD_CHECK_RET(wolfSSL_CondWait(&info->to_server.cond));
     }
 #else
     if (info->to_server.write_idx - info->to_server.read_idx < sz) {
@@ -441,7 +453,7 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
         info->to_server.write_bytes = info->to_server.write_idx = 0;
     }
 
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
 
     if (info->to_client.done != 0) {
         return -1;
@@ -458,14 +470,14 @@ static int ServerMemRecv(info_t* info, char* buf, int sz)
 /* client send callback */
 static int ClientMemSend(info_t* info, char* buf, int sz)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_server.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
 
 #ifndef BENCH_USE_NONBLOCK
     /* check for overflow */
     if (info->to_server.write_idx + sz > MEM_BUFFER_SZ) {
         fprintf(stderr, "ClientMemSend overflow %d %d %d\n",
             info->to_server.write_idx, sz, MEM_BUFFER_SZ);
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+        THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
         return -1;
     }
 #else
@@ -478,8 +490,8 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
     info->to_server.write_idx += sz;
     info->to_server.write_bytes += sz;
 
-    PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_server.cond));
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_server.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_server.cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
 
 #ifdef BENCH_USE_NONBLOCK
     if (sz == 0) {
@@ -492,13 +504,12 @@ static int ClientMemSend(info_t* info, char* buf, int sz)
 /* client recv callback */
 static int ClientMemRecv(info_t* info, char* buf, int sz)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&info->to_client.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
 
 #ifndef BENCH_USE_NONBLOCK
     while (info->to_client.write_idx - info->to_client.read_idx < sz &&
             !info->to_server.done) {
-        PTHREAD_CHECK_RET(pthread_cond_wait(&info->to_client.cond,
-                                            &info->to_client.mutex));
+        THREAD_CHECK_RET(wolfSSL_CondWait(&info->to_client.cond));
     }
 #else
     if (info->to_client.write_idx - info->to_client.read_idx < sz) {
@@ -516,7 +527,7 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
         info->to_client.write_bytes = info->to_client.write_idx = 0;
     }
 
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->to_client.mutex));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
 
     if (info->to_server.done != 0) {
         return -1;
@@ -529,7 +540,7 @@ static int ClientMemRecv(info_t* info, char* buf, int sz)
 #endif
     return sz;
 }
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
 
 static int SocketRecv(int sockFd, char* buf, int sz)
 {
@@ -685,7 +696,7 @@ static int ServerSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
     info_t* info = (info_t*)ctx;
     (void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     if (info->useLocalMem) {
         return ServerMemSend(info, buf, sz);
     }
@@ -705,7 +716,7 @@ static int ServerRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
     info_t* info = (info_t*)ctx;
     (void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     if (info->useLocalMem) {
         return ServerMemRecv(info, buf, sz);
     }
@@ -727,7 +738,7 @@ static int ClientSend(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
     info_t* info = (info_t*)ctx;
     (void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     if (info->useLocalMem) {
         return ClientMemSend(info, buf, sz);
     }
@@ -747,7 +758,7 @@ static int ClientRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 {
     info_t* info = (info_t*)ctx;
     (void)ssl;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     if (info->useLocalMem) {
         return ClientMemRecv(info, buf, sz);
     }
@@ -836,7 +847,7 @@ static int SetupSocketAndConnect(info_t* info, const char* host,
         }
 
         /* Connect to the server */
-    #ifdef HAVE_PTHREAD
+    #ifndef SINGLE_THREADED
         while ((info->serverListening == 0) && (info->server.shutdown == 0)) {
             if (info->showVerbose) {
                 fprintf(stderr, "Waiting for server to listen...\n");
@@ -992,7 +1003,7 @@ static int bench_tls_client(info_t* info)
         int err;
     #endif
 
-    #ifdef HAVE_PTHREAD
+    #ifndef SINGLE_THREADED
         if (!info->useLocalMem)
     #endif
         {
@@ -1035,17 +1046,16 @@ static int bench_tls_client(info_t* info)
         wolfSSL_SetIOReadCtx(cli_ssl, info);
         wolfSSL_SetIOWriteCtx(cli_ssl, info);
 
-#if defined(HAVE_PTHREAD) && defined(WOLFSSL_DTLS)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_DTLS)
         /* synchronize with server */
         if (info->doDTLS && !info->clientOrserverOnly) {
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&info->dtls_mutex));
+            THREAD_CHECK_RET(wolfSSL_CondStart(&info->dtls_cond));
             if (info->serverReady != 1) {
-                PTHREAD_CHECK_RET(pthread_cond_wait(&info->dtls_cond,
-                                                    &info->dtls_mutex));
+                THREAD_CHECK_RET(wolfSSL_CondWait(&info->dtls_cond));
             }
             /* for next loop */
             info->serverReady = 0;
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->dtls_mutex));
+            THREAD_CHECK_RET(wolfSSL_CondEnd(&info->dtls_cond));
         }
 #endif
         /* perform connect */
@@ -1179,21 +1189,23 @@ exit:
     return ret;
 }
 
-#ifdef HAVE_PTHREAD
-static void* client_thread(void* args)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN client_thread(void* args)
 {
     int ret;
     info_t* info = (info_t*)args;
 
     ret = bench_tls_client(info);
 
-    PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_server.cond));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_server.cond));
     info->to_client.done = 1;
     info->client.ret = ret;
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_server.cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_server.cond));
 
-    return NULL;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
 #endif /* !NO_WOLFSSL_CLIENT */
 
 
@@ -1273,12 +1285,12 @@ static int SocketWaitClient(info_t* info)
 #ifdef WOLFSSL_DTLS
     if (info->doDTLS) {
         char msg[64];
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
         if (!info->clientOrserverOnly) {
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&info->dtls_mutex));
+            THREAD_CHECK_RET(wolfSSL_CondStart(&info->dtls_cond));
             info->serverReady = 1;
-            PTHREAD_CHECK_RET(pthread_cond_signal(&info->dtls_cond));
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&info->dtls_mutex));
+            THREAD_CHECK_RET(wolfSSL_CondSignal(&info->dtls_cond));
+            THREAD_CHECK_RET(wolfSSL_CondEnd(&info->dtls_cond));
         }
 #endif
         connd = (int)recvfrom(info->listenFd, (char *)msg, sizeof(msg),
@@ -1293,7 +1305,7 @@ static int SocketWaitClient(info_t* info)
     else
 #endif
     {
-    #ifdef HAVE_PTHREAD
+    #ifndef SINGLE_THREADED
         info->serverListening = 1;
     #endif
         if ((connd = accept(info->listenFd, (struct sockaddr*)&clientAddr,
@@ -1440,7 +1452,7 @@ static int bench_tls_server(info_t* info)
         int err;
     #endif
 
-    #ifdef HAVE_PTHREAD
+    #ifndef SINGLE_THREADED
         if (!info->useLocalMem)
     #endif
         {
@@ -1503,7 +1515,7 @@ static int bench_tls_server(info_t* info)
     #endif
         start = gettime_secs(0) - start;
         if (ret != WOLFSSL_SUCCESS) {
-        #ifdef HAVE_PTHREAD
+        #ifndef SINGLE_THREADED
             if (info->to_client.done) {
                 ret = 0; /* done - success */
             }
@@ -1551,7 +1563,7 @@ static int bench_tls_server(info_t* info)
 
             info->server_stats.rxTime += rxTime;
             if (ret < 0) {
-            #ifdef HAVE_PTHREAD
+            #ifndef SINGLE_THREADED
                 if (info->to_client.done) {
                     ret = 0; /* done - success */
                 }
@@ -1622,8 +1634,8 @@ exit:
     return ret;
 }
 
-#ifdef HAVE_PTHREAD
-static void* server_thread(void* args)
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN server_thread(void* args)
 {
     int ret = 0;
     info_t* info = (info_t*)args;
@@ -1645,13 +1657,15 @@ static void* server_thread(void* args)
         }
     }
 
-    PTHREAD_CHECK_RET(pthread_cond_signal(&info->to_client.cond));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&info->to_client.cond));
     info->to_server.done = 1;
     info->server.ret = ret;
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&info->to_client.cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&info->to_client.cond));
 
-    return NULL;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
-#endif /* HAVE_PTHREAD */
+#endif /* !SINGLE_THREADED */
 #endif /* !NO_WOLFSSL_SERVER */
 
 
@@ -1723,7 +1737,7 @@ static void Usage(void)
 #ifdef DEBUG_WOLFSSL
     fprintf(stderr, "-d          Enable debug messages\n");
 #endif
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     fprintf(stderr, "-T <num>    Number of threaded server/client pairs (default %d)\n", NUM_THREAD_PAIRS);
     fprintf(stderr, "-m          Use local memory, not socket\n");
 #endif
@@ -1822,10 +1836,10 @@ int bench_tls(void* args)
     const char* argHost = BENCH_DEFAULT_HOST;
     int argPort = BENCH_DEFAULT_PORT;
     int argShowPeerInfo = 0;
-#ifdef HAVE_PTHREAD
+#ifndef SINGLE_THREADED
     int doShutdown;
 #endif
-#if !defined(NO_WOLFSSL_SERVER) || defined(HAVE_PTHREAD)
+#if !defined(NO_WOLFSSL_SERVER) || !defined(SINGLE_THREADED)
     int argLocalMem = 0;
     int listenFd = -1;
 #endif
@@ -1924,13 +1938,13 @@ int bench_tls(void* args)
                 break;
 
             case 'T' :
-            #ifdef HAVE_PTHREAD
+            #ifndef SINGLE_THREADED
                 argThreadPairs = atoi(myoptarg);
             #endif
                 break;
 
             case 'm':
-            #ifdef HAVE_PTHREAD
+            #ifndef SINGLE_THREADED
                 argLocalMem = 1;
             #endif
                 break;
@@ -1980,7 +1994,7 @@ int bench_tls(void* args)
     if (argServerOnly || argClientOnly) {
         argThreadPairs = 1;
     }
-#ifndef HAVE_PTHREAD
+#ifdef SINGLE_THREADED
     else {
         fprintf(stderr, "Threading is not enabled, so please use -s or -c to indicate side\n");
         Usage();
@@ -2086,7 +2100,7 @@ int bench_tls(void* args)
 
         #ifdef WOLFSSL_DTLS
                 info->doDTLS = doDTLS;
-        #ifdef HAVE_PTHREAD
+        #ifndef SINGLE_THREADED
                 info->serverReady = 0;
                 if (argServerOnly || argClientOnly) {
                     info->clientOrserverOnly = 1;
@@ -2094,7 +2108,7 @@ int bench_tls(void* args)
         #endif
         #endif
                 if (argClientOnly) {
-            #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+            #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && !defined(SINGLE_THREADED)
                     /* to avoid to wait server forever */
                     info->serverListening = 1;
             #endif
@@ -2108,38 +2122,24 @@ int bench_tls(void* args)
             #endif
                 }
                 else {
-            #ifdef HAVE_PTHREAD
+            #if !defined(SINGLE_THREADED) && defined(WOLFSSL_THREAD_NO_JOIN)
                     info->useLocalMem = argLocalMem;
-                    PTHREAD_CHECK_RET(pthread_mutex_init(&info->to_server.mutex,
-                                                         NULL));
-                    PTHREAD_CHECK_RET(pthread_mutex_init(&info->to_client.mutex,
-                                                         NULL));
             #ifdef WOLFSSL_DTLS
-                    PTHREAD_CHECK_RET(pthread_mutex_init(&info->dtls_mutex,
-                                                         NULL));
-                    PTHREAD_CHECK_RET(pthread_cond_init(&info->dtls_cond,
-                                                        NULL));
+                    THREAD_CHECK_RET(wc_InitMutex(&info->dtls_mutex));
+                    THREAD_CHECK_RET(wolfSSL_CondInit(&info->dtls_cond));
             #endif
-                    PTHREAD_CHECK_RET(pthread_cond_init(&info->to_server.cond,
-                                                        NULL));
-                    PTHREAD_CHECK_RET(pthread_cond_init(&info->to_client.cond,
-                                                        NULL));
-
-                    PTHREAD_CHECK_RET(
-                        pthread_create(&info->to_server.tid, NULL,
-                                       server_thread, info));
-                    PTHREAD_CHECK_RET(
-                        pthread_create(&info->to_client.tid, NULL,
-                                       client_thread, info));
-
-                    /* State that we won't be joining this thread */
-                    PTHREAD_CHECK_RET(pthread_detach(info->to_server.tid));
-                    PTHREAD_CHECK_RET(pthread_detach(info->to_client.tid));
+                    THREAD_CHECK_RET(wolfSSL_CondInit(&info->to_server.cond));
+                    THREAD_CHECK_RET(wolfSSL_CondInit(&info->to_client.cond));
+
+                    THREAD_CHECK_RET(
+                        wolfSSL_NewThreadNoJoin(server_thread, info));
+                    THREAD_CHECK_RET(
+                        wolfSSL_NewThreadNoJoin(client_thread, info));
             #endif
                 }
             }
 
-    #ifdef HAVE_PTHREAD
+    #ifndef SINGLE_THREADED
             /* For threading, wait for completion */
             if (!argClientOnly && !argServerOnly) {
                 /* Wait until threads are marked done */
@@ -2159,7 +2159,7 @@ int bench_tls(void* args)
                     fprintf(stderr, "Shutdown complete\n");
                 }
             }
-    #endif /* HAVE_PTHREAD */
+    #endif /* !SINGLE_THREADED */
 
             if (argShowVerbose) {
                 /* print results */
diff --git a/extra/wolfssl/wolfssl/examples/client/client.c b/extra/wolfssl/wolfssl/examples/client/client.c
index a3c52449..0141be1f 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.c
+++ b/extra/wolfssl/wolfssl/examples/client/client.c
@@ -138,6 +138,15 @@ static int lng_index = 0;
 
 #endif
 
+static int quieter = 0; /* Print fewer messages. This is helpful with overly
+                         * ambitious log parsers. */
+
+#define LOG_ERROR(...) \
+    do {                                  \
+        if (!quieter)                     \
+            fprintf(stderr, __VA_ARGS__); \
+    } while(0)
+
 #ifdef HAVE_SESSION_TICKET
 
 #ifndef SESSION_TICKET_LEN
@@ -214,6 +223,9 @@ static int NonBlockingSSL_Connect(WOLFSSL* ssl)
         #ifdef WOLFSSL_ASYNC_CRYPT
             || error == WC_PENDING_E
         #endif
+        #ifdef WOLFSSL_NONBLOCK_OCSP
+            || error == OCSP_WANT_READ
+        #endif
         ) {
         #ifndef WOLFSSL_CALLBACKS
             ret = wolfSSL_connect(ssl);
@@ -285,7 +297,7 @@ static void ShowVersions(void)
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
     XSTRNCAT(verStr, "e(either):", 11);
 #endif
-    /* print all stings at same time on stdout to avoid any flush issues */
+    /* print all strings at same time on stdout to avoid any flush issues */
     printf("%s\n", verStr);
 }
 
@@ -350,6 +362,19 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
                     err_sys("unable to use curve secp256r1");
             } while (ret == WC_PENDING_E);
         #endif
+        #ifdef WOLFSSL_SM2
+            do {
+                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+                if (ret == WOLFSSL_SUCCESS)
+                    groups[count++] = WOLFSSL_ECC_SM2P256V1;
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                else if (ret == WC_PENDING_E)
+                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            #endif
+                else
+                    err_sys("unable to use curve sm2p256v1");
+            } while (ret == WC_PENDING_E);
+        #endif
     #endif
         }
     }
@@ -435,32 +460,12 @@ static void EarlyData(WOLFSSL_CTX* ctx, WOLFSSL* ssl, const char* msg,
         }
     } while (err == WC_PENDING_E);
     if (ret != msgSz) {
-        fprintf(stderr, "SSL_write_early_data msg error %d, %s\n", err,
+        LOG_ERROR("SSL_write_early_data msg error %d, %s\n", err,
                                          wolfSSL_ERR_error_string(err, buffer));
         wolfSSL_free(ssl); ssl = NULL;
         wolfSSL_CTX_free(ctx); ctx = NULL;
         err_sys("SSL_write_early_data failed");
     }
-    do {
-        err = 0; /* reset error */
-        ret = wolfSSL_write_early_data(ssl, msg, msgSz, &msgSz);
-        if (ret <= 0) {
-            err = wolfSSL_get_error(ssl, 0);
-        #ifdef WOLFSSL_ASYNC_CRYPT
-            if (err == WC_PENDING_E) {
-                ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
-                if (ret < 0) break;
-            }
-        #endif
-        }
-    } while (err == WC_PENDING_E);
-    if (ret != msgSz) {
-        fprintf(stderr, "SSL_write_early_data msg error %d, %s\n", err,
-                                         wolfSSL_ERR_error_string(err, buffer));
-        wolfSSL_free(ssl);
-        wolfSSL_CTX_free(ctx);
-        err_sys("SSL_write_early_data failed");
-    }
 }
 #endif
 
@@ -723,7 +728,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
                         }
                     } while (err == WC_PENDING_E);
                     if (ret != len) {
-                        fprintf(stderr, "SSL_write bench error %d!\n", err);
+                        LOG_ERROR("SSL_write bench error %d!\n", err);
                         if (!exitWithRet)
                             err_sys("SSL_write failed");
                         goto doExit;
@@ -749,7 +754,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
                             #endif
                                 if (err != WOLFSSL_ERROR_WANT_READ &&
                                         err != WOLFSSL_ERROR_WANT_WRITE) {
-                                    fprintf(stderr, "SSL_read bench error %d\n", err);
+                                    LOG_ERROR("SSL_read bench error %d\n", err);
                                     err_sys("SSL_read failed");
                                 }
                             }
@@ -943,7 +948,7 @@ static int SMTP_Shutdown(WOLFSSL* ssl, int wc_shutdown)
                 printf("Bidirectional shutdown complete\n");
         }
         if (ret != WOLFSSL_SUCCESS)
-            fprintf(stderr, "Bidirectional shutdown failed\n");
+            LOG_ERROR("Bidirectional shutdown failed\n");
     }
 
     return WOLFSSL_SUCCESS;
@@ -974,7 +979,7 @@ static int ClientWrite(WOLFSSL* ssl, const char* msg, int msgSz, const char* str
     );
     if (ret != msgSz) {
         char buffer[WOLFSSL_MAX_ERROR_SZ];
-        fprintf(stderr, "SSL_write%s msg error %d, %s\n", str, err,
+        LOG_ERROR("SSL_write%s msg error %d, %s\n", str, err,
                                         wolfSSL_ERR_error_string(err, buffer));
         if (!exitWithRet) {
             err_sys("SSL_write failed");
@@ -1005,7 +1010,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
         #endif
             if (err != WOLFSSL_ERROR_WANT_READ &&
                     err != WOLFSSL_ERROR_WANT_WRITE && err != APP_DATA_READY) {
-                fprintf(stderr, "SSL_read reply error %d, %s\n", err,
+                LOG_ERROR("SSL_read reply error %d, %s\n", err,
                                          wolfSSL_ERR_error_string(err, buffer));
                 if (!exitWithRet) {
                     err_sys("SSL_read failed");
@@ -1021,7 +1026,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
              || err == WOLFSSL_ERROR_WANT_WRITE)) {
             elapsed = current_time(0) - start;
             if (elapsed > MAX_NON_BLOCK_SEC) {
-                fprintf(stderr, "Nonblocking read timeout\n");
+                LOG_ERROR("Nonblocking read timeout\n");
                 ret = WOLFSSL_FATAL_ERROR;
                 break;
             }
@@ -1041,6 +1046,55 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
     return err;
 }
 
+static int ClientWriteRead(WOLFSSL* ssl, const char* msg, int msgSz,
+        char* reply, int replyLen, int mustRead,
+        const char* str, int exitWithRet)
+{
+    int ret = 0;
+
+    do {
+        ret = ClientWrite(ssl, msg, msgSz, str, exitWithRet);
+        if (ret != 0) {
+            if (!exitWithRet)
+                err_sys("ClientWrite failed");
+            else
+                break;
+        }
+        if (wolfSSL_dtls(ssl)) {
+            ret = tcp_select(wolfSSL_get_fd(ssl), DEFAULT_TIMEOUT_SEC);
+            if (ret == TEST_TIMEOUT) {
+                continue;
+            }
+            else if (ret == TEST_RECV_READY) {
+                /* Ready to read */
+            }
+            else {
+                LOG_ERROR("%s tcp_select error\n", str);
+                if (!exitWithRet)
+                    err_sys("tcp_select failed");
+                else
+                    ret = WOLFSSL_FATAL_ERROR;
+                break;
+            }
+        }
+        ret = ClientRead(ssl, reply, replyLen, mustRead, str, exitWithRet);
+        if (mustRead && ret != 0) {
+            if (!exitWithRet)
+                err_sys("ClientRead failed");
+            else
+                break;
+        }
+        break;
+    } while (1);
+
+    if (ret != 0) {
+        char buffer[WOLFSSL_MAX_ERROR_SZ];
+        LOG_ERROR("SSL_write%s msg error %d, %s\n", str, ret,
+                                        wolfSSL_ERR_error_string(ret, buffer));
+    }
+
+    return ret;
+}
 
 /* when adding new option, please follow the steps below: */
 /*  1. add new option message in English section          */
@@ -1049,7 +1103,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead,
 /*  4. add the same message into Japanese section         */
 /*     (will be translated later)                         */
 /*  5. add printf() into suitable position of Usage()     */
-static const char* client_usage_msg[][70] = {
+static const char* client_usage_msg[][75] = {
     /* English */
     {
         " NOTE: All files relative to wolfSSL home dir\n",          /* 0 */
@@ -1134,7 +1188,7 @@ static const char* client_usage_msg[][70] = {
         "            string 'scr-app-data' is passed in as the value and\n"
         "            Non-blocking sockets are enabled ('-N') then wolfSSL\n"
         "            sends a test message during the secure renegotiation.\n"
-        "            The string parameter is optional.\n", /* 29 */
+        "            The string parameter is optional.\n",              /* 29 */
 #endif
         "-f          Fewer packets/group messages\n",                   /* 30 */
 #ifndef NO_CERTS
@@ -1446,7 +1500,7 @@ static const char* client_usage_msg[][70] = {
 #ifdef HAVE_TRUSTED_CA
         "-5          信頼��る�証局��表示を使用�る\n",             /* 63 */
 #endif
-        "-6          WANT_WRITE エラーを全��IO �信�シュミレート���\n",
+        "-6          WANT_WRITE エラーを全��IO �信�シミュレート���\n",
 #ifdef HAVE_CURVE448
         "-8          �交�� X448 を使用�る\n",                      /* 66 */
 #endif
@@ -1489,7 +1543,7 @@ static const char* client_usage_msg[][70] = {
         "--openssl-psk  Use TLS 1.3 PSK callback compatible with OpenSSL\n", /* 74 */
 #endif
         "\n"
-        "より簡��wolfSSL TSL クライアント�例�����"
+        "より簡��wolfSSL TLS クライアント�例�����"
                                          "下記�アクセス������\n"
         "https://github.com/wolfSSL/wolfssl-examples/tree/master/tls\n", /* 75 */
         NULL,
@@ -1505,12 +1559,12 @@ static void showPeerPEM(WOLFSSL* ssl)
     if (peer) {
         WOLFSSL_BIO* bioOut = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
         if (bioOut == NULL) {
-            fprintf(stderr, "failed to get bio on stdout\n");
+            LOG_ERROR("failed to get bio on stdout\n");
         }
         else {
             if (wolfSSL_BIO_set_fp(bioOut, stdout, BIO_NOCLOSE)
                 != WOLFSSL_SUCCESS) {
-                fprintf(stderr, "failed to set stdout to bio output\n");
+                LOG_ERROR("failed to set stdout to bio output\n");
                 wolfSSL_BIO_free(bioOut);
                 bioOut = NULL;
             }
@@ -1740,7 +1794,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
     size_t srtp_secret_length;
     byte *srtp_secret, *p;
     int ret;
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
     srtp_test_helper *srtp_helper = args->srtp_helper;
     byte *other_secret = NULL;
     size_t other_size = 0;
@@ -1751,7 +1805,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
     ret = wolfSSL_export_dtls_srtp_keying_material(ssl, NULL,
                                                    &srtp_secret_length);
     if (ret != LENGTH_ONLY_E) {
-        fprintf(stderr, "DTLS SRTP: Error getting keying material length\n");
+        LOG_ERROR("DTLS SRTP: Error getting keying material length\n");
         return ret;
     }
 
@@ -1765,7 +1819,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
                                                    &srtp_secret_length);
     if (ret != WOLFSSL_SUCCESS) {
         XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        fprintf(stderr, "DTLS SRTP: Error getting keying material\n");
+        LOG_ERROR("DTLS SRTP: Error getting keying material\n");
         return ret;
     }
 
@@ -1774,7 +1828,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
         printf("%02X", *p);
     printf("\n");
 
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
     if (srtp_helper != NULL) {
         srtp_helper_get_ekm(srtp_helper, &other_secret, &other_size);
 
@@ -1790,7 +1844,7 @@ static int client_srtp_test(WOLFSSL *ssl, func_args *args)
         /* we are delegated from server to free this buffer  */
         XFREE(other_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     }
-#endif
+#endif /* WOLFSSL_COND */
 
     XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
@@ -1837,7 +1891,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         { "wolfsentry-config", 1, 256 },
 #endif
         { "help", 0, 257 },
+#ifndef NO_MULTIBYTE_PRINT
         { "ヘルプ", 0, 258 },
+#endif
 #if defined(HAVE_PQC)
         { "pqc", 1, 259 },
 #endif
@@ -1862,6 +1918,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #ifndef NO_PSK
         { "openssl-psk", 0, 265 },
 #endif
+        { "quieter", 0, 266 },
         { 0, 0, 0 }
     };
 #endif
@@ -2597,7 +2654,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 nonBlocking = 1;
                 simulateWantWrite = 1;
 #else
-                fprintf(stderr, "Ignoring -6 since async I/O support not "
+                LOG_ERROR("Ignoring -6 since async I/O support not "
                                 "compiled in.\n");
 #endif
                 break;
@@ -2696,6 +2753,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 opensslPsk = 1;
 #endif
                 break;
+            case 266:
+                quieter = 1;
+                break;
             default:
                 Usage();
                 XEXIT_T(MY_EX_USAGE);
@@ -2780,7 +2840,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         #endif
 
         if (done) {
-            fprintf(stderr, "external test can't be run in this mode\n");
+            LOG_ERROR("external test can't be run in this mode\n");
 
             ((func_args*)args)->return_code = 0;
             XEXIT_T(EXIT_SUCCESS);
@@ -2818,7 +2878,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 
 #ifndef HAVE_SESSION_TICKET
     if ((version >= 4) && resumeSession) {
-        fprintf(stderr, "Can't do TLS 1.3 resumption; need session tickets!\n");
+        LOG_ERROR("Can't do TLS 1.3 resumption; need session tickets!\n");
     }
 #endif
 
@@ -2831,7 +2891,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (usePqc) {
         if (version == CLIENT_DOWNGRADE_VERSION ||
             version == EITHER_DOWNGRADE_VERSION)
-            fprintf(stderr,
+            LOG_ERROR(
                    "WARNING: If a TLS 1.3 connection is not negotiated, you "
                    "will not be using a post-quantum group.\n");
         else if (version != 4 && version != -4)
@@ -2928,11 +2988,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     #ifdef DEBUG_WOLFSSL
     /* print off helper buffer sizes for use with static memory
      * printing to stderr in case of debug mode turned on */
-    fprintf(stderr, "static memory management size = %d\n",
+    LOG_ERROR("static memory management size = %d\n",
             wolfSSL_MemoryPaddingSz());
-    fprintf(stderr, "calculated optimum general buffer size = %d\n",
+    LOG_ERROR("calculated optimum general buffer size = %d\n",
             wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
-    fprintf(stderr, "calculated optimum IO buffer size      = %d\n",
+    LOG_ERROR("calculated optimum IO buffer size      = %d\n",
             wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
                                                   WOLFMEM_IO_POOL_FIXED));
     #endif /* DEBUG_WOLFSSL */
@@ -3331,7 +3391,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevOpen(&devId);
     if (ret < 0) {
-        fprintf(stderr, "Async device open failed\nRunning without async\n");
+        LOG_ERROR("Async device open failed\nRunning without async\n");
     }
     wolfSSL_CTX_SetDevId(ctx, devId);
 #endif /* WOLFSSL_ASYNC_CRYPT */
@@ -3469,7 +3529,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     #endif
 
 #if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
-        fprintf(stderr, "Before creating SSL\n");
+        LOG_ERROR("Before creating SSL\n");
         if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
             err_sys("ctx not using static memory");
         if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3560,7 +3620,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #endif
 
 #if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
-    fprintf(stderr, "After creating SSL\n");
+    LOG_ERROR("After creating SSL\n");
     if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
         err_sys("ctx not using static memory");
     if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3640,6 +3700,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 if (wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR_OCSP,
                                WOLFSSL_CSR_OCSP_USE_NONCE) != WOLFSSL_SUCCESS) {
                     wolfSSL_free(ssl); ssl = NULL;
+                    CloseSocket(sockfd);
                     wolfSSL_CTX_free(ctx); ctx = NULL;
                     err_sys("UseCertificateStatusRequest failed");
                 }
@@ -3651,6 +3712,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                     WOLFSSL_CSR2_OCSP, WOLFSSL_CSR2_OCSP_USE_NONCE)
                                                            != WOLFSSL_SUCCESS) {
                     wolfSSL_free(ssl); ssl = NULL;
+                    CloseSocket(sockfd);
                     wolfSSL_CTX_free(ctx); ctx = NULL;
                     err_sys("UseCertificateStatusRequest failed");
                 }
@@ -3660,6 +3722,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                     WOLFSSL_CSR2_OCSP_MULTI, 0)
                                                            != WOLFSSL_SUCCESS) {
                     wolfSSL_free(ssl); ssl = NULL;
+                    CloseSocket(sockfd);
                     wolfSSL_CTX_free(ctx); ctx = NULL;
                     err_sys("UseCertificateStatusRequest failed");
                 }
@@ -3688,6 +3751,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, ssl);
     if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
         wolfSSL_free(ssl); ssl = NULL;
+        CloseSocket(sockfd);
         wolfSSL_CTX_free(ctx); ctx = NULL;
         err_sys("error in setting fd");
     }
@@ -3703,6 +3767,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (doSTARTTLS) {
         if (StartTLS_Init(&sockfd) != WOLFSSL_SUCCESS) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error during STARTTLS protocol");
         }
@@ -3716,17 +3781,20 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 
         if (wolfSSL_EnableCRL(ssl, WOLFSSL_CRL_CHECKALL) != WOLFSSL_SUCCESS) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("can't enable crl check");
         }
         if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, 0)
                                                            != WOLFSSL_SUCCESS) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("can't load crl, check crlfile and date validity");
         }
         if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("can't set crl callback");
         }
@@ -3736,6 +3804,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (scr) {
         if (wolfSSL_UseSecureRenegotiation(ssl) != WOLFSSL_SUCCESS) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("can't enable secure renegotiation");
         }
@@ -3796,7 +3865,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
 #endif
     if (ret != WOLFSSL_SUCCESS) {
         err = wolfSSL_get_error(ssl, 0);
-        fprintf(stderr, "wolfSSL_connect error %d, %s\n", err,
+        LOG_ERROR("wolfSSL_connect error %d, %s\n", err,
             wolfSSL_ERR_error_string(err, buffer));
 
         /* cleanup */
@@ -3888,6 +3957,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         size = wolfSSL_get_client_random(NULL, NULL, 0);
         if (size == 0) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error getting client random buffer size");
         }
@@ -3895,6 +3965,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         rnd = (byte*)XMALLOC(size, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         if (rnd == NULL) {
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error creating client random buffer");
         }
@@ -3903,6 +3974,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         if (size == 0) {
             XFREE(rnd, NULL, DYNAMIC_TYPE_TMP_BUFFER);
             wolfSSL_free(ssl); ssl = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error getting client random buffer");
         }
@@ -3941,6 +4013,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         if (XSTRCMP(starttlsProt, "smtp") == 0) {
             if (SMTP_Shutdown(ssl, wc_shutdown) != WOLFSSL_SUCCESS) {
                 wolfSSL_free(ssl); ssl = NULL;
+                CloseSocket(sockfd);
                 wolfSSL_CTX_free(ctx); ctx = NULL;
                 err_sys("error closing STARTTLS connection");
             }
@@ -3952,7 +4025,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         wolfSSL_CTX_free(ctx); ctx = NULL;
 
         ((func_args*)args)->return_code = 0;
-        return 0;
+        WOLFSSL_RETURN_FROM_THREAD(0);
     }
 
 #ifdef HAVE_ALPN
@@ -4052,16 +4125,17 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                     }
                     if (ret != WOLFSSL_SUCCESS) {
                         err = wolfSSL_get_error(ssl, 0);
-                        fprintf(stderr, "wolfSSL_Rehandshake error %d, %s\n", err,
+                        LOG_ERROR("wolfSSL_Rehandshake error %d, %s\n", err,
                             wolfSSL_ERR_error_string(err, buffer));
                         wolfSSL_free(ssl); ssl = NULL;
+                        CloseSocket(sockfd);
                         wolfSSL_CTX_free(ctx); ctx = NULL;
                         err_sys("non-blocking wolfSSL_Rehandshake failed");
                     }
                 }
             }
             else {
-                fprintf(stderr, "not doing secure resumption with non-blocking");
+                LOG_ERROR("not doing secure resumption with non-blocking");
             }
         } else {
             if (!resumeScr) {
@@ -4085,6 +4159,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                         printf("err = %d, %s\n", err,
                                         wolfSSL_ERR_error_string(err, buffer));
                         wolfSSL_free(ssl); ssl = NULL;
+                        CloseSocket(sockfd);
                         wolfSSL_CTX_free(ctx); ctx = NULL;
                         err_sys("wolfSSL_Rehandshake failed");
                     }
@@ -4114,6 +4189,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                         printf("err = %d, %s\n", err,
                                         wolfSSL_ERR_error_string(err, buffer));
                         wolfSSL_free(ssl); ssl = NULL;
+                        CloseSocket(sockfd);
                         wolfSSL_CTX_free(ctx); ctx = NULL;
                         err_sys("wolfSSL_SecureResume failed");
                     }
@@ -4150,6 +4226,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
             if (exitWithRet) {
                 ((func_args*)args)->return_code = err;
                 wolfSSL_free(ssl); ssl = NULL;
+                CloseSocket(sockfd);
                 wolfSSL_CTX_free(ctx); ctx = NULL;
                 goto exit;
             }
@@ -4164,18 +4241,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         wolfSSL_update_keys(ssl);
 #endif
 
-    err = ClientWrite(ssl, msg, msgSz, "", exitWithRet);
-    if (exitWithRet && (err != 0)) {
-        ((func_args*)args)->return_code = err;
-        wolfSSL_free(ssl); ssl = NULL;
-        wolfSSL_CTX_free(ctx); ctx = NULL;
-        goto exit;
-    }
-
-    err = ClientRead(ssl, reply, sizeof(reply)-1, 1, "", exitWithRet);
+    err = ClientWriteRead(ssl, msg, msgSz, reply, sizeof(reply)-1, 1, "",
+            exitWithRet);
     if (exitWithRet && (err != 0)) {
         ((func_args*)args)->return_code = err;
         wolfSSL_free(ssl); ssl = NULL;
+        CloseSocket(sockfd);
         wolfSSL_CTX_free(ctx); ctx = NULL;
         goto exit;
     }
@@ -4243,12 +4314,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 break;
             }
             else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
-                fprintf(stderr, "Bidirectional shutdown failed\n");
+                LOG_ERROR("Bidirectional shutdown failed\n");
                 break;
             }
         }
         if (ret != WOLFSSL_SUCCESS)
-            fprintf(stderr, "Bidirectional shutdown failed\n");
+            LOG_ERROR("Bidirectional shutdown failed\n");
     }
 #if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
     if (atomicUser)
@@ -4260,8 +4331,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
     if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
         err_sys("static memory was not used with ssl");
 
-    fprintf(stderr, "\nprint off SSL memory stats\n");
-    fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
+    LOG_ERROR("\nprint off SSL memory stats\n");
+    LOG_ERROR("*** This is memory state before wolfSSL_free is called\n");
     wolfSSL_PrintStatsConn(&ssl_stats);
 #endif
 
@@ -4293,6 +4364,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, sslResume);
         if (wolfSSL_set_fd(sslResume, sockfd) != WOLFSSL_SUCCESS) {
             wolfSSL_free(sslResume); sslResume = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("error in setting fd");
         }
@@ -4313,6 +4385,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         if (scr) {
             if (wolfSSL_UseSecureRenegotiation(sslResume) != WOLFSSL_SUCCESS) {
                 wolfSSL_free(sslResume); sslResume = NULL;
+                CloseSocket(sockfd);
                 wolfSSL_CTX_free(ctx); ctx = NULL;
                 err_sys("can't enable secure renegotiation");
             }
@@ -4384,9 +4457,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         ret = NonBlockingSSL_Connect(sslResume);  /* will keep retrying on timeout */
 #endif
         if (ret != WOLFSSL_SUCCESS) {
-            fprintf(stderr, "wolfSSL_connect resume error %d, %s\n", err,
+            LOG_ERROR("wolfSSL_connect resume error %d, %s\n", err,
                 wolfSSL_ERR_error_string(err, buffer));
             wolfSSL_free(sslResume); sslResume = NULL;
+            CloseSocket(sockfd);
             wolfSSL_CTX_free(ctx); ctx = NULL;
             err_sys("wolfSSL_connect resume failed");
         }
@@ -4397,7 +4471,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         if (wolfSSL_session_reused(sslResume))
             printf("reused session id\n");
         else
-            fprintf(stderr, "didn't reuse session id!!!\n");
+            LOG_ERROR("didn't reuse session id!!!\n");
 
 #ifdef HAVE_ALPN
         if (alpnList != NULL) {
@@ -4432,9 +4506,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 printf("Beginning secure renegotiation.\n");
                 if (wolfSSL_Rehandshake(sslResume) != WOLFSSL_SUCCESS) {
                     err = wolfSSL_get_error(sslResume, 0);
-                    fprintf(stderr, "err = %d, %s\n", err,
+                    LOG_ERROR("err = %d, %s\n", err,
                                     wolfSSL_ERR_error_string(err, buffer));
                     wolfSSL_free(sslResume); sslResume = NULL;
+                    CloseSocket(sockfd);
                     wolfSSL_CTX_free(ctx); ctx = NULL;
                     err_sys("wolfSSL_Rehandshake failed");
                 }
@@ -4446,9 +4521,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
                 printf("Beginning secure resumption.\n");
                 if (wolfSSL_SecureResume(sslResume) != WOLFSSL_SUCCESS) {
                     err = wolfSSL_get_error(sslResume, 0);
-                    fprintf(stderr, "err = %d, %s\n", err,
+                    LOG_ERROR("err = %d, %s\n", err,
                                     wolfSSL_ERR_error_string(err, buffer));
                     wolfSSL_free(sslResume); sslResume = NULL;
+                    CloseSocket(sockfd);
                     wolfSSL_CTX_free(ctx); ctx = NULL;
                     err_sys("wolfSSL_SecureResume failed");
                 }
@@ -4469,10 +4545,9 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
             msgSz = (int)XSTRLEN(kResumeMsg);
             XMEMCPY(msg, kResumeMsg, msgSz);
         }
-        (void)ClientWrite(sslResume, msg, msgSz, " resume", 0);
 
-        (void)ClientRead(sslResume, reply, sizeof(reply)-1, sendGET,
-                         "Server resume: ", 0);
+        (void)ClientWriteRead(sslResume, msg, msgSz, reply, sizeof(reply)-1,
+                sendGET, " resume", 0);
 
         ret = wolfSSL_shutdown(sslResume);
         if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
@@ -4483,8 +4558,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
         if (wolfSSL_is_static_memory(sslResume, &ssl_stats) != 1)
             err_sys("static memory was not used with ssl");
 
-        fprintf(stderr, "\nprint off SSLresume memory stats\n");
-        fprintf(stderr, "*** This is memory state before wolfSSL_free is called\n");
+        LOG_ERROR("\nprint off SSLresume memory stats\n");
+        LOG_ERROR("*** This is memory state before wolfSSL_free is called\n");
         wolfSSL_PrintStatsConn(&ssl_stats);
     #endif
 
@@ -4503,7 +4578,7 @@ exit:
     wolfsentry_ret =
         wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL));
     if (wolfsentry_ret < 0) {
-        fprintf(stderr,
+        LOG_ERROR(
                 "wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n",
                 WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret));
     }
@@ -4528,9 +4603,7 @@ exit:
     (void) useVerifyCb;
     (void) customVerifyCert;
 
-#if !defined(WOLFSSL_TIRTOS)
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 #endif /* !NO_WOLFSSL_CLIENT */
@@ -4546,7 +4619,7 @@ exit:
 
         StartTCP();
 
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
         args.srtp_helper = NULL;
 #endif
         args.argc = argc;
diff --git a/extra/wolfssl/wolfssl/examples/client/client.vcproj b/extra/wolfssl/wolfssl/examples/client/client.vcproj
index 614995b2..ab4204d2 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.vcproj
+++ b/extra/wolfssl/wolfssl/examples/client/client.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -117,7 +117,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/client/client.vcxproj b/extra/wolfssl/wolfssl/examples/client/client.vcxproj
index 3704f4fe..3f5c79a0 100644
--- a/extra/wolfssl/wolfssl/examples/client/client.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/client/client.vcxproj
@@ -159,7 +159,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -218,7 +218,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -237,7 +237,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -259,7 +259,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -281,7 +281,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -302,7 +302,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/configs/README.md b/extra/wolfssl/wolfssl/examples/configs/README.md
index e2ae4b03..8ed282cc 100644
--- a/extra/wolfssl/wolfssl/examples/configs/README.md
+++ b/extra/wolfssl/wolfssl/examples/configs/README.md
@@ -12,6 +12,7 @@ Example wolfSSL configuration file templates for use when autoconf is not availa
 * `user_settings_fipsv5.h`: The FIPS v5 (ready) 140-3 build options. Equivalent to `./configure --enable-fips=v5-dev`.
 * `user_settings_stm32.h`: Example configuration file generated from the wolfSSL STM32 Cube pack.
 * `user_settings_wolftpm.h`: Minimum options for building wolfTPM. See comment at top for ./configure used to generate.
+*.`user_settings_EBSnet.h`: Example configuration file for use with EBSnet ports.
 
 ## Usage
 
diff --git a/extra/wolfssl/wolfssl/examples/configs/include.am b/extra/wolfssl/wolfssl/examples/configs/include.am
index d5977610..781fbcbc 100644
--- a/extra/wolfssl/wolfssl/examples/configs/include.am
+++ b/extra/wolfssl/wolfssl/examples/configs/include.am
@@ -10,3 +10,4 @@ EXTRA_DIST += examples/configs/user_settings_fipsv2.h
 EXTRA_DIST += examples/configs/user_settings_fipsv5.h
 EXTRA_DIST += examples/configs/user_settings_stm32.h
 EXTRA_DIST += examples/configs/user_settings_wolftpm.h
+EXTRA_DIST += examples/configs/user_settings_EBSnet.h
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_last.c b/extra/wolfssl/wolfssl/examples/configs/user_settings_EBSnet.h
index 472f358f..3d148699 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/wolfcrypt_last.c
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_EBSnet.h
@@ -1,4 +1,4 @@
-/* wolfcrypt_last.c
+/* user_settings_EBSnet.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,36 +19,38 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/* Example wolfSSL user settings for use with EBSnet ports.
+ * This file is included with wolfssl/wolfcrypt/settings.h when WOLFSSL_USER_SETTINGS is defined.
+ */
 
-/* This file needs to be linked last in order to work correctly */
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
 
-#ifdef HAVE_CONFIG_H
-    #include <config.h>
+#ifdef __cplusplus
+extern "C" {
 #endif
 
-/* in case user set HAVE_FIPS there */
-#include <cyassl/ctaocrypt/settings.h>
+#define OPENSSL_EXTRA_X509_SMALL
 
-#ifdef HAVE_FIPS
+#define USE_FAST_MATH
+#define TFM_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+#define ECC_TIMING_RESISTANT
 
-#ifdef USE_WINDOWS_API
-    #pragma code_seg(".fipsA$l")
-    #pragma const_seg(".fipsB$l")
-#endif
+#define HAVE_ECC
+#define HAVE_CURVE25519
+#define HAVE_AESGCM
+#define WOLFSSL_SHA384
 
+#define NO_DSA
+#define NO_RC4
+#define NO_MD4
+#define NO_MD5
+#define NO_DES3
 
-/* last function of text/code segment */
-int wolfCrypt_FIPS_last(void);
-int wolfCrypt_FIPS_last(void)
-{
-    return 0;
+#ifdef __cplusplus
 }
+#endif
 
-
-/* read only end address */
-const unsigned int wolfCrypt_FIPS_ro_end[] =
-{ 0x1a2b3c4d, 0xffffffff };
-
-
-#endif /* HAVE_FIPS */
+#endif /* WOLFSSL_USER_SETTINGS_H */
 
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
index c708a64e..c484b90b 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_all.h
@@ -125,7 +125,7 @@ extern "C" {
 #define WOLFSSL_DER_TO_PEM
 #define WOLFSSL_CUSTOM_OID
 #define HAVE_OID_ENCODING
-//#define WOLFSSL_ASN_TEMPLATE /* Not enabled yet by default */
+#define WOLFSSL_ASN_TEMPLATE
 
 /* Certificate Revocation */
 #define HAVE_OCSP
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
index eb60161d..9f02cf2b 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_stm32.h
@@ -1,4 +1,5 @@
-/* wolfSSL_conf.h (example of generated wolfSSL.I-CUBE-wolfSSL_conf.h)
+/* wolfSSL_conf.h (example of generated wolfSSL.I-CUBE-wolfSSL_conf.h using
+ * default_conf.ftl and STM32CubeIDE or STM32CubeMX tool)
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -23,12 +24,16 @@
  * Generated automatically using `default_conf.ftl` template
  *
  * Included automatically when USE_HAL_DRIVER is defined
- * (and not WOLFSSL_USER_SETTINGS or HAVE_CONF_H).
+ * (and not WOLFSSL_USER_SETTINGS or HAVE_CONFIG_H).
  */
 
 #ifndef __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
 #define __WOLFSSL_I_CUBE_WOLFSSL_CONF_H__
 
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 
 /*---------- WOLF_CONF_DEBUG -----------*/
 #define WOLF_CONF_DEBUG      0
@@ -51,6 +56,9 @@
 /*---------- WOLF_CONF_RTOS -----------*/
 #define WOLF_CONF_RTOS      2
 
+/*---------- WOLF_CONF_RNG -----------*/
+#define WOLF_CONF_RNG      1
+
 /*---------- WOLF_CONF_RSA -----------*/
 #define WOLF_CONF_RSA      1
 
@@ -111,17 +119,29 @@
 /*---------- WOLF_CONF_TEST -----------*/
 #define WOLF_CONF_TEST      1
 
+/*---------- WOLF_CONF_PQM4 -----------*/
+#define WOLF_CONF_PQM4      0
+
 /* ------------------------------------------------------------------------- */
 /* Hardware platform */
 /* ------------------------------------------------------------------------- */
+/* Setup default (No crypto hardware acceleration or TLS UART test).
+ * Use undef in platform section to enable it.
+ */
 #define NO_STM32_HASH
 #define NO_STM32_CRYPTO
+#define NO_TLS_UART_TEST
 
 #if defined(STM32WB55xx)
     #define WOLFSSL_STM32WB
     #define WOLFSSL_STM32_PKA
     #undef  NO_STM32_CRYPTO
     #define HAL_CONSOLE_UART huart1
+#elif defined(STM32WL55xx)
+    #define WOLFSSL_STM32WL
+    #define WOLFSSL_STM32_PKA
+    #undef  NO_STM32_CRYPTO
+    #define HAL_CONSOLE_UART huart2
 #elif defined(STM32F407xx)
     #define WOLFSSL_STM32F4
     #define HAL_CONSOLE_UART huart2
@@ -137,11 +157,20 @@
     #undef  NO_STM32_CRYPTO
     #define STM32_HAL_V2
     #define HAL_CONSOLE_UART huart2
+#elif defined(STM32F756xx)
+    #define WOLFSSL_STM32F7
+    #undef  NO_STM32_HASH
+    #undef  NO_STM32_CRYPTO
+    #define STM32_HAL_V2
+    #define HAL_CONSOLE_UART huart3
 #elif defined(STM32H753xx)
     #define WOLFSSL_STM32H7
     #undef  NO_STM32_HASH
     #undef  NO_STM32_CRYPTO
     #define HAL_CONSOLE_UART huart3
+#elif defined(STM32H723xx)
+    #define WOLFSSL_STM32H7
+    #define HAL_CONSOLE_UART huart3
 #elif defined(STM32L4A6xx)
     #define WOLFSSL_STM32L4
     #undef  NO_STM32_HASH
@@ -163,6 +192,9 @@
 #elif defined(STM32F207xx)
     #define WOLFSSL_STM32F2
     #define HAL_CONSOLE_UART huart3
+#elif defined(STM32F217xx)
+    #define WOLFSSL_STM32F2
+    #define HAL_CONSOLE_UART huart2
 #elif defined(STM32F107xC)
     #define WOLFSSL_STM32F1
     #define HAL_CONSOLE_UART huart4
@@ -171,18 +203,34 @@
     #define WOLFSSL_STM32F4
     #define HAL_CONSOLE_UART huart2
     #define NO_STM32_RNG
-    #define WOLFSSL_GENSEED_FORTEST
+    #define WOLFSSL_GENSEED_FORTEST /* no HW RNG is available use test seed */
 #elif defined(STM32G071xx)
     #define WOLFSSL_STM32G0
     #define HAL_CONSOLE_UART huart2
     #define NO_STM32_RNG
-    #define WOLFSSL_GENSEED_FORTEST
+    #define WOLFSSL_GENSEED_FORTEST /* no HW RNG is available use test seed */
+#elif defined(STM32U575xx) || defined(STM32U585xx)
+    #define HAL_CONSOLE_UART huart1
+    #define WOLFSSL_STM32U5
+    #define STM32_HAL_V2
+    #ifdef STM32U585xx
+        #undef  NO_STM32_HASH
+        #undef  NO_STM32_CRYPTO
+        #define WOLFSSL_STM32_PKA
+    #endif
+#elif defined(STM32H563xx)
+    #define WOLFSSL_STM32H5
+    #define HAL_CONSOLE_UART huart3
+    #define STM32_HAL_V2
+    #undef  NO_STM32_HASH
+
 #else
     #warning Please define a hardware platform!
     /* This means there is not a pre-defined platform for your board/CPU */
     /* You need to define a CPU type, HW crypto and debug UART */
     /* CPU Type: WOLFSSL_STM32F1, WOLFSSL_STM32F2, WOLFSSL_STM32F4,
-        WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4 and WOLFSSL_STM32L5 */
+        WOLFSSL_STM32F7, WOLFSSL_STM32H7, WOLFSSL_STM32L4, WOLFSSL_STM32L5,
+        WOLFSSL_STM32G0, WOLFSSL_STM32WB and WOLFSSL_STM32U5 */
     #define WOLFSSL_STM32F4
 
     /* Debug UART used for printf */
@@ -195,6 +243,7 @@
     //#define NO_STM32_RNG
     //#undef  NO_STM32_HASH
     //#undef  NO_STM32_CRYPTO
+    /* if no HW RNG is available use test seed */
     //#define WOLFSSL_GENSEED_FORTEST
     //#define STM32_HAL_V2
 #endif
@@ -222,33 +271,60 @@
 /* ------------------------------------------------------------------------- */
 /* Math Configuration */
 /* ------------------------------------------------------------------------- */
-/* 1=Fast, 2=Normal, 3=SP C, 4=SP Cortex-M */
-#if defined(WOLF_CONF_MATH) && WOLF_CONF_MATH != 2
-    /* fast (stack) math */
+/* 1=Fast (stack)
+ * 2=Normal (heap)
+ * 3=Single Precision C (only common curves/key sizes)
+ * 4=Single Precision ASM Cortex-M3+
+ * 5=Single Precision ASM Cortex-M0 (Generic Thumb)
+ * 6=Single Precision C all small
+ * 7=Single Precision C all big
+ */
+#if defined(WOLF_CONF_MATH) && WOLF_CONF_MATH == 1
+    /* fast (stack) math - tfm.c */
     #define USE_FAST_MATH
     #define TFM_TIMING_RESISTANT
 
     /* Optimizations (TFM_ARM, TFM_ASM or none) */
     //#define TFM_NO_ASM
     //#define TFM_ASM
-#endif
-#if defined(WOLF_CONF_MATH) && (WOLF_CONF_MATH == 3 || WOLF_CONF_MATH == 4)
+#elif defined(WOLF_CONF_MATH) && WOLF_CONF_MATH == 2
+    /* heap math - integer.c */
+    #define USE_INTEGER_HEAP_MATH
+#elif defined(WOLF_CONF_MATH) && (WOLF_CONF_MATH >= 3)
     /* single precision only */
     #define WOLFSSL_SP
-    #define WOLFSSL_SP_SMALL      /* use smaller version of code */
-    #define WOLFSSL_HAVE_SP_RSA
-    #define WOLFSSL_HAVE_SP_DH
-    #define WOLFSSL_HAVE_SP_ECC
-    #define WOLFSSL_SP_MATH
+    #if WOLF_CONF_MATH != 7
+        #define WOLFSSL_SP_SMALL      /* use smaller version of code */
+    #endif
+    #if defined(WOLF_CONF_RSA) && WOLF_CONF_RSA == 1
+        #define WOLFSSL_HAVE_SP_RSA
+    #endif
+    #if defined(WOLF_CONF_DH) && WOLF_CONF_DH == 1
+        #define WOLFSSL_HAVE_SP_DH
+    #endif
+    #if defined(WOLF_CONF_ECC) && WOLF_CONF_ECC == 1
+        #define WOLFSSL_HAVE_SP_ECC
+    #endif
+    #if WOLF_CONF_MATH == 6 || WOLF_CONF_MATH == 7
+        #define WOLFSSL_SP_MATH_ALL /* use sp_int.c multi precision math */
+    #else
+        #define WOLFSSL_SP_MATH    /* disable non-standard curves / key sizes */
+    #endif
     #define SP_WORD_SIZE 32
 
+    /* Enable to put all math on stack (no heap) */
     //#define WOLFSSL_SP_NO_MALLOC
-    //#define WOLFSSL_SP_CACHE_RESISTANT
 
-    /* single precision Cortex-M only */
-    #if WOLF_CONF_MATH == 4
+    #if WOLF_CONF_MATH == 4 || WOLF_CONF_MATH == 5
         #define WOLFSSL_SP_ASM /* required if using the ASM versions */
-        #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+        #if WOLF_CONF_MATH == 4
+            /* ARM Cortex-M3+ */
+            #define WOLFSSL_SP_ARM_CORTEX_M_ASM
+        #endif
+        #if WOLF_CONF_MATH == 5
+            /* Generic ARM Thumb (Cortex-M0) Assembly */
+            #define WOLFSSL_SP_ARM_THUMB_ASM
+        #endif
     #endif
 #endif
 
@@ -280,8 +356,14 @@
 #if defined(WOLF_CONF_BASE64_ENCODE) && WOLF_CONF_BASE64_ENCODE == 1
     #define WOLFSSL_BASE64_ENCODE
 #endif
-#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA == 1
+#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA >= 1
     #define OPENSSL_EXTRA
+    #if !defined(INT_MAX)
+        #include <limits.h>
+    #endif
+#endif
+#if defined(WOLF_CONF_OPENSSL_EXTRA) && WOLF_CONF_OPENSSL_EXTRA >= 2
+    #define OPENSSL_ALL
 #endif
 
 /* TLS Session Cache */
@@ -291,6 +373,14 @@
     #define NO_SESSION_CACHE
 #endif
 
+/* Post Quantum
+ * Note: PQM4 is compatible with STM32. The project can be found at:
+ * https://github.com/mupq/pqm4
+ */
+#if defined(WOLF_CONF_PQM4) && WOLF_CONF_PQM4 == 1
+    #define HAVE_PQM4
+#endif
+
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@@ -520,7 +610,6 @@
 /* Allows custom "custom_time()" function to be used for benchmark */
 #define WOLFSSL_USER_CURRTIME
 
-
 /* ------------------------------------------------------------------------- */
 /* RNG */
 /* ------------------------------------------------------------------------- */
@@ -533,7 +622,6 @@
     #define WC_NO_RNG
 #endif
 
-
 /* ------------------------------------------------------------------------- */
 /* Disable Features */
 /* ------------------------------------------------------------------------- */
@@ -576,7 +664,6 @@
     #define NO_ASN_TIME
 #endif
 
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h b/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
index 4bc6da71..f8673fab 100644
--- a/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
+++ b/extra/wolfssl/wolfssl/examples/configs/user_settings_template.h
@@ -52,8 +52,8 @@ extern "C" {
     /* reduce stack use. For variables over 100 bytes allocate from heap */
     #define WOLFSSL_SMALL_STACK
 
-    /* disable the built-in socket support and use the IO callbacks.
-     * Set with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
+    /* Disable the built-in socket support and use the IO callbacks.
+     * Set IO callbacks with wolfSSL_CTX_SetIORecv/wolfSSL_CTX_SetIOSend
      */
     #define WOLFSSL_USER_IO
 #endif
@@ -61,17 +61,7 @@ extern "C" {
 /* ------------------------------------------------------------------------- */
 /* Math Configuration */
 /* ------------------------------------------------------------------------- */
-#undef USE_FAST_MATH
-#if 1
-    /* fast math (tfmc.) (stack based and timing resistant) */
-    #define USE_FAST_MATH
-    #define TFM_TIMING_RESISTANT
-#else
-    /* normal heap based integer.c (not timing resistant) */
-#endif
-
 /* Wolf Single Precision Math */
-#undef WOLFSSL_SP
 #if 1
     #define WOLFSSL_HAVE_SP_RSA
     #define WOLFSSL_HAVE_SP_DH
@@ -79,8 +69,7 @@ extern "C" {
     //#define WOLFSSL_SP_4096 /* Enable RSA/RH 4096-bit support */
     //#define WOLFSSL_SP_384 /* Enable ECC 384-bit SECP384R1 support */
 
-    //#define WOLFSSL_SP_CACHE_RESISTANT
-    #define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
+    //#define WOLFSSL_SP_MATH     /* only SP math - disables integer.c/tfm.c */
     #define WOLFSSL_SP_MATH_ALL /* use SP math for all key sizes and curves */
 
     //#define WOLFSSL_SP_NO_MALLOC
@@ -99,8 +88,16 @@ extern "C" {
     //#define WOLFSSL_SP_ARM64_ASM
     //#define WOLFSSL_SP_ARM_THUMB_ASM
     //#define WOLFSSL_SP_ARM_CORTEX_M_ASM
+#elif 1
+    /* Fast Math (tfm.c) (stack based and timing resistant) */
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#else
+    /* Normal (integer.c) (heap based, not timing resistant) - not recommended*/
+    #define USE_INTEGER_HEAP_MATH
 #endif
 
+
 /* ------------------------------------------------------------------------- */
 /* Crypto */
 /* ------------------------------------------------------------------------- */
@@ -184,7 +181,7 @@ extern "C" {
             /* use heap allocation for ECC points */
             #define ALT_ECC_SIZE
 
-            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overriden */
+            /* wolfSSL will compute the FP_MAX_BITS_ECC, but it can be overridden */
             //#define FP_MAX_BITS_ECC (256 * 2)
         #endif
 
@@ -508,6 +505,9 @@ extern "C" {
 //#define NO_CRYPT_BENCHMARK
 //#define WOLFCRYPT_ONLY
 
+/* do not warm when file is included to be built and not required to be */
+#define WOLFSSL_IGNORE_FILE_WARN
+
 /* In-lining of misc.c functions */
 /* If defined, must include wolfcrypt/src/misc.c in build */
 /* Slower, but about 1k smaller */
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
index 740af4ed..662aca0f 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.c
@@ -24,14 +24,14 @@
     #include <config.h>
 #endif
 
-#include <cyassl/ctaocrypt/settings.h>
+#include <wolfssl/wolfcrypt/settings.h>
 /* let's use cyassl layer AND cyassl openssl layer */
 #undef TEST_OPENSSL_COEXIST /* can't use this option with this example */
-#include <cyassl/ssl.h>
+#include <wolfssl/ssl.h>
 
 /* Force enable the compatibility macros for this example */
-#ifdef CYASSL_DTLS
-    #include <cyassl/error-ssl.h>
+#ifdef WOLFSSL_DTLS
+    #include <wolfssl/error-ssl.h>
 #endif
 
 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
@@ -43,12 +43,12 @@
         #include "wolfssl_MDK_ARM.h"
 #endif
 
-#include <cyassl/test.h>
+#include <wolfssl/test.h>
 
 #ifndef OPENSSL_EXTRA_X509_SMALL
 #define OPENSSL_EXTRA_X509_SMALL
 #endif
-#include <cyassl/openssl/ssl.h>
+#include <wolfssl/openssl/ssl.h>
 
 #include <examples/echoclient/echoclient.h>
 
@@ -97,7 +97,7 @@ void echoclient_test(void* args)
     char** argv = 0;
 #endif
     word16 port;
-    char buffer[CYASSL_MAX_ERROR_SZ];
+    char buffer[WOLFSSL_MAX_ERROR_SZ];
 
     ((func_args*)args)->return_code = -1; /* error state */
 
@@ -118,11 +118,11 @@ void echoclient_test(void* args)
     if (!fin)  err_sys("can't open input file");
     if (!fout) err_sys("can't open output file");
 
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
     doDTLS  = 1;
 #endif
 
-#ifdef CYASSL_LEANPSK
+#ifdef WOLFSSL_LEANPSK
     doPSK = 1;
 #endif
 #if defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
@@ -134,10 +134,10 @@ void echoclient_test(void* args)
 #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(WOLFSSL_MDK_SHELL)
     port = ((func_args*)args)->signal->port;
 #else
-    port = yasslPort;
+    port = wolfSSLPort;
 #endif
 
-#if defined(CYASSL_DTLS)
+#if defined(WOLFSSL_DTLS)
     #ifdef WOLFSSL_DTLS13
     method = wolfDTLSv1_3_client_method();
     #elif !defined(WOLFSSL_NO_TLS12)
@@ -145,9 +145,9 @@ void echoclient_test(void* args)
     #endif
 #elif !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
-    method = CyaTLSv1_2_client_method();
+    method = wolfTLSv1_2_client_method();
     #else
-    method = CyaSSLv23_client_method();
+    method = wolfSSLv23_client_method();
     #endif
 #elif defined(WOLFSSL_ALLOW_SSLV3)
     method = SSLv3_client_method();
@@ -178,7 +178,7 @@ void echoclient_test(void* args)
             err_sys("can't load ca buffer");
 #endif
 
-#if defined(CYASSL_SNIFFER)
+#if defined(WOLFSSL_SNIFFER)
     /* Only set if not running testsuite */
     if (XSTRSTR(argv[0], "testsuite") == NULL) {
         /* don't use EDH, can't sniff tmp keys */
@@ -189,7 +189,7 @@ void echoclient_test(void* args)
     if (doPSK) {
         const char *defaultCipherList;
 
-        CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
+        wolfSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb);
         #ifdef HAVE_NULL_CIPHER
             defaultCipherList = "PSK-NULL-SHA256";
         #elif defined(HAVE_AESGCM) && !defined(NO_DH)
@@ -211,7 +211,7 @@ void echoclient_test(void* args)
         #else
             defaultCipherList = "PSK-AES128-CBC-SHA256";
         #endif
-        if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
+        if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=WOLFSSL_SUCCESS)
             err_sys("client can't set cipher list 2");
         wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
     }
@@ -222,7 +222,7 @@ void echoclient_test(void* args)
 #endif
 
 #if defined(WOLFSSL_MDK_ARM)
-    CyaSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
+    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, 0);
 #endif
 
 #ifdef WOLFSSL_ASYNC_CRYPT
@@ -234,10 +234,10 @@ void echoclient_test(void* args)
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
     ssl = SSL_new(ctx);
-    tcp_connect(&sockfd, yasslIP, port, doDTLS, 0, ssl);
+    tcp_connect(&sockfd, wolfSSLIP, port, doDTLS, 0, ssl);
 
     SSL_set_fd(ssl, sockfd);
-#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER)
+#if defined(USE_WINDOWS_API) && defined(WOLFSSL_DTLS) && defined(NO_MAIN_DRIVER)
     /* let echoserver bind first, TODO: add Windows signal like pthreads does */
     Sleep(100);
 #endif
@@ -319,7 +319,7 @@ void echoclient_test(void* args)
                 LIBCALL_CHECK_RET(fflush(fout));
                 sendSz -= ret;
             }
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
             else if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
                 /* This condition is OK. The packet should be dropped
                  * silently when there is a decrypt or MAC error on
@@ -336,7 +336,7 @@ void echoclient_test(void* args)
     }
 
 
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
     strncpy(msg, "break", 6);
     sendSz = (int)strlen(msg);
     /* try to tell server done */
@@ -394,18 +394,18 @@ void echoclient_test(void* args)
         args.argv = argv;
         args.return_code = 0;
 
-        CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(WOLFSSL_MDK_SHELL)
-        CyaSSL_Debugging_ON();
+        wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
+        wolfSSL_Debugging_ON();
 #endif
-#ifndef CYASSL_TIRTOS
+#ifndef WOLFSSL_TIRTOS
         ChangeToWolfRoot();
 #endif
 #ifndef NO_WOLFSSL_CLIENT
         echoclient_test(&args);
 #endif
 
-        CyaSSL_Cleanup();
+        wolfSSL_Cleanup();
 
 #ifdef HAVE_WNR
         if (wc_FreeNetRandom() < 0)
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
index c6ed9578..0ea89b22 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -117,7 +117,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
index b291d634..9fa8aad0 100644
--- a/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/echoclient/echoclient.vcxproj
@@ -159,7 +159,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -218,7 +218,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -237,7 +237,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -259,7 +259,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -281,7 +281,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -302,7 +302,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
index e839f0b0..c6afdcb0 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.c
@@ -24,10 +24,10 @@
     #include <config.h>
 #endif
 
-#include <cyassl/ssl.h> /* name change portability layer */
-#include <cyassl/ctaocrypt/settings.h>
+#include <wolfssl/ssl.h> /* name change portability layer */
+#include <wolfssl/wolfcrypt/settings.h>
 #ifdef HAVE_ECC
-    #include <cyassl/ctaocrypt/ecc.h>   /* ecc_fp_free */
+    #include <wolfssl/wolfcrypt/ecc.h>   /* ecc_fp_free */
 #endif
 
 #if defined(WOLFSSL_MDK_ARM) || defined(WOLFSSL_KEIL_TCP_NET)
@@ -39,8 +39,8 @@
         #include "wolfssl_MDK_ARM.h"
 #endif
 
-#include <cyassl/ssl.h>
-#include <cyassl/test.h>
+#include <wolfssl/ssl.h>
+#include <wolfssl/test.h>
 
 #ifndef NO_MAIN_DRIVER
     #define ECHO_OUT
@@ -67,26 +67,26 @@
 
 static void SignalReady(void* args, word16 port)
 {
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+#if defined(NO_MAIN_DRIVER) && defined(WOLFSSL_COND)
     /* signal ready to tcp_accept */
     func_args* server_args = (func_args*)args;
     tcp_ready* ready = server_args->signal;
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
+    THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
     ready->ready = 1;
     ready->port = port;
-    PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
-#endif
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+#endif /* NO_MAIN_DRIVER && WOLFSSL_COND */
     (void)args;
     (void)port;
 }
 
 
-THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
+THREAD_RETURN WOLFSSL_THREAD echoserver_test(void* args)
 {
     SOCKET_T       sockfd = 0;
-    CYASSL_METHOD* method = 0;
-    CYASSL_CTX*    ctx    = 0;
+    WOLFSSL_METHOD* method = 0;
+    WOLFSSL_CTX*    ctx    = 0;
 
     int    ret = 0;
     int    doDTLS = 0;
@@ -97,7 +97,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     word16 port;
     int    argc = ((func_args*)args)->argc;
     char** argv = ((func_args*)args)->argv;
-    char   buffer[CYASSL_MAX_ERROR_SZ];
+    char   buffer[WOLFSSL_MAX_ERROR_SZ];
 #ifdef HAVE_TEST_SESSION_TICKET
     MyTicketCtx myTicketCtx;
 #endif
@@ -116,19 +116,19 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
     ((func_args*)args)->return_code = -1; /* error state */
 
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
     doDTLS  = 1;
 #endif
 
 #if (defined(NO_RSA) && !defined(HAVE_ECC) && !defined(HAVE_ED25519) && \
-                                !defined(HAVE_ED448)) || defined(CYASSL_LEANPSK)
+                                !defined(HAVE_ED448)) || defined(WOLFSSL_LEANPSK)
     doPSK = 1;
 #else
     doPSK = 0;
 #endif
 
-#if defined(NO_MAIN_DRIVER) && !defined(CYASSL_SNIFFER) && \
-     !defined(WOLFSSL_MDK_SHELL) && !defined(CYASSL_TIRTOS) && \
+#if defined(NO_MAIN_DRIVER) && !defined(WOLFSSL_SNIFFER) && \
+     !defined(WOLFSSL_MDK_SHELL) && !defined(WOLFSSL_TIRTOS) && \
      !defined(USE_WINDOWS_API)
     /* Let tcp_listen assign port */
     port = 0;
@@ -141,34 +141,34 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     useAnyAddr = 1;
 #endif
 
-#ifdef CYASSL_TIRTOS
+#ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
 #endif
 
     tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
 
-#if defined(CYASSL_DTLS)
+#if defined(WOLFSSL_DTLS)
     #ifdef WOLFSSL_DTLS13
     method = wolfDTLSv1_3_server_method();
     #elif !defined(WOLFSSL_NO_TLS12)
-    method  = CyaDTLSv1_2_server_method();
+    method  = wolfDTLSv1_2_server_method();
     #endif
 #elif !defined(NO_TLS)
     #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SNIFFER)
-    method = CyaTLSv1_2_server_method();
+    method = wolfTLSv1_2_server_method();
     #else
-    method = CyaSSLv23_server_method();
+    method = wolfSSLv23_server_method();
     #endif
 #elif defined(WOLFSSL_ALLOW_SSLV3)
-    method = CyaSSLv3_server_method();
+    method = wolfSSLv3_server_method();
 #else
     #error "no valid server method built in"
 #endif
-    ctx    = CyaSSL_CTX_new(method);
-    /* CyaSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_OFF); */
+    ctx    = wolfSSL_CTX_new(method);
+    /* wolfSSL_CTX_set_session_cache_mode(ctx, WOLFSSL_SESS_CACHE_OFF); */
 
 #ifdef WOLFSSL_ENCRYPTED_KEYS
-    CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+    wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
 #endif
 
 #ifdef HAVE_TEST_SESSION_TICKET
@@ -181,36 +181,36 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
 #ifndef NO_FILESYSTEM
     if (doPSK == 0) {
-    #if defined(HAVE_ECC) && !defined(CYASSL_SNIFFER)
+    #if defined(HAVE_ECC) && !defined(WOLFSSL_SNIFFER)
         /* ecc */
-        if (CyaSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)
+        if (wolfSSL_CTX_use_certificate_file(ctx, eccCertFile, WOLFSSL_FILETYPE_PEM)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)
+        if (wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile, WOLFSSL_FILETYPE_PEM)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
-    #elif defined(HAVE_ED25519) && !defined(CYASSL_SNIFFER)
+    #elif defined(HAVE_ED25519) && !defined(WOLFSSL_SNIFFER)
         /* ed25519 */
-        if (CyaSSL_CTX_use_certificate_chain_file(ctx, edCertFile)
+        if (wolfSSL_CTX_use_certificate_chain_file(ctx, edCertFile)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)
+        if (wolfSSL_CTX_use_PrivateKey_file(ctx, edKeyFile, WOLFSSL_FILETYPE_PEM)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
-    #elif defined(HAVE_ED448) && !defined(CYASSL_SNIFFER)
+    #elif defined(HAVE_ED448) && !defined(WOLFSSL_SNIFFER)
         /* ed448 */
-        if (CyaSSL_CTX_use_certificate_chain_file(ctx, ed448CertFile)
+        if (wolfSSL_CTX_use_certificate_chain_file(ctx, ed448CertFile)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
+        if (wolfSSL_CTX_use_PrivateKey_file(ctx, ed448KeyFile,
                 WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
@@ -218,12 +218,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         /* do nothing, just don't load cert files */
     #else
         /* normal */
-        if (CyaSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
+        if (wolfSSL_CTX_use_certificate_file(ctx, svrCertFile, WOLFSSL_FILETYPE_PEM)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server cert file, "
                     "Please run from wolfSSL home dir");
 
-        if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
+        if (wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, WOLFSSL_FILETYPE_PEM)
                 != WOLFSSL_SUCCESS)
             err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");
@@ -231,23 +231,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     } /* doPSK */
 #elif !defined(NO_CERTS)
     if (!doPSK) {
-        if (CyaSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
+        if (wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
             sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1)
             != WOLFSSL_SUCCESS)
             err_sys("can't load server cert buffer");
 
-        if (CyaSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
+        if (wolfSSL_CTX_use_PrivateKey_buffer(ctx, server_key_der_2048,
             sizeof_server_key_der_2048, WOLFSSL_FILETYPE_ASN1)
             != WOLFSSL_SUCCESS)
             err_sys("can't load server key buffer");
     }
 #endif
 
-#if defined(CYASSL_SNIFFER)
+#if defined(WOLFSSL_SNIFFER)
     /* Only set if not running testsuite */
     if (XSTRSTR(argv[0], "testsuite") == NULL) {
         /* don't use EDH, can't sniff tmp keys */
-        CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
+        wolfSSL_CTX_set_cipher_list(ctx, "AES256-SHA");
     }
 #endif
 
@@ -255,8 +255,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 #ifndef NO_PSK
         const char *defaultCipherList;
 
-        CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
-        CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        wolfSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        wolfSSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
         #ifdef HAVE_NULL_CIPHER
             defaultCipherList = "PSK-NULL-SHA256";
         #elif defined(HAVE_AESGCM) && !defined(NO_DH)
@@ -278,7 +278,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         #else
             defaultCipherList = "PSK-AES128-CBC-SHA256";
         #endif
-        if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
+        if (wolfSSL_CTX_set_cipher_list(ctx, defaultCipherList) != WOLFSSL_SUCCESS)
             err_sys("server can't set cipher list 2");
         wolfSSL_CTX_set_psk_callback_ctx(ctx, (void*)defaultCipherList);
 #endif
@@ -295,8 +295,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     SignalReady(args, port);
 
     while (!shutDown) {
-        CYASSL* ssl = NULL;
-        CYASSL* write_ssl = NULL;   /* may have separate w/ HAVE_WRITE_DUP */
+        WOLFSSL* ssl = NULL;
+        WOLFSSL* write_ssl = NULL;   /* may have separate w/ HAVE_WRITE_DUP */
         char    command[SVR_COMMAND_SIZE+1];
         int     clientfd;
         int     firstRead = 1;
@@ -304,7 +304,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         int     err = 0;
         SOCKADDR_IN_T client;
         socklen_t     client_len = sizeof(client);
-#ifndef CYASSL_DTLS
+#ifndef WOLFSSL_DTLS
         clientfd = accept(sockfd, (struct sockaddr*)&client,
                          (ACCEPT_THIRD_T)&client_len);
 #else
@@ -323,23 +323,23 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 #endif
         if (WOLFSSL_SOCKET_IS_INVALID(clientfd)) err_sys("tcp accept failed");
 
-        ssl = CyaSSL_new(ctx);
+        ssl = wolfSSL_new(ctx);
         if (ssl == NULL) err_sys("SSL_new failed");
-        CyaSSL_set_fd(ssl, clientfd);
-        #ifdef CYASSL_DTLS
+        wolfSSL_set_fd(ssl, clientfd);
+        #ifdef WOLFSSL_DTLS
             wolfSSL_dtls_set_peer(ssl, &client, client_len);
         #endif
         #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && !defined(NO_ASN)
-            CyaSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
+            wolfSSL_SetTmpDH_file(ssl, dhParamFile, WOLFSSL_FILETYPE_PEM);
         #elif !defined(NO_DH)
             SetDH(ssl);  /* will repick suites with DHE, higher than PSK */
         #endif
 
         do {
             err = 0; /* Reset error */
-            ret = CyaSSL_accept(ssl);
+            ret = wolfSSL_accept(ssl);
             if (ret != WOLFSSL_SUCCESS) {
-                err = CyaSSL_get_error(ssl, 0);
+                err = wolfSSL_get_error(ssl, 0);
             #ifdef WOLFSSL_ASYNC_CRYPT
                 if (err == WC_PENDING_E) {
                     ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -350,9 +350,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         } while (err == WC_PENDING_E);
         if (ret != WOLFSSL_SUCCESS) {
             fprintf(stderr, "SSL_accept error = %d, %s\n", err,
-                CyaSSL_ERR_error_string(err, buffer));
+                wolfSSL_ERR_error_string(err, buffer));
             fprintf(stderr, "SSL_accept failed\n");
-            CyaSSL_free(ssl);
+            wolfSSL_free(ssl);
             CloseSocket(clientfd);
             continue;
         }
@@ -364,7 +364,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         write_ssl = wolfSSL_write_dup(ssl);
         if (write_ssl == NULL) {
             fprintf(stderr, "wolfSSL_write_dup failed\n");
-            CyaSSL_free(ssl);
+            wolfSSL_free(ssl);
             CloseSocket(clientfd);
             continue;
         }
@@ -377,9 +377,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
             do {
                 err = 0; /* reset error */
-                ret = CyaSSL_read(ssl, command, sizeof(command)-1);
+                ret = wolfSSL_read(ssl, command, sizeof(command)-1);
                 if (ret <= 0) {
-                    err = CyaSSL_get_error(ssl, 0);
+                    err = wolfSSL_get_error(ssl, 0);
                 #ifdef WOLFSSL_ASYNC_CRYPT
                     if (err == WC_PENDING_E) {
                         ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -391,7 +391,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
             if (ret <= 0) {
                 if (err != WOLFSSL_ERROR_WANT_READ && err != WOLFSSL_ERROR_ZERO_RETURN){
                     fprintf(stderr, "SSL_read echo error %d, %s!\n", err,
-                        CyaSSL_ERR_error_string(err, buffer));
+                        wolfSSL_ERR_error_string(err, buffer));
                 }
                 break;
             }
@@ -421,7 +421,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
             }
 #ifdef PRINT_SESSION_STATS
             if ( strncmp(command, "printstats", 10) == 0) {
-                CyaSSL_PrintSessionStats();
+                wolfSSL_PrintSessionStats();
                 break;
             }
 #endif
@@ -440,9 +440,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
                 do {
                     err = 0; /* reset error */
-                    ret = CyaSSL_write(write_ssl, command, echoSz);
+                    ret = wolfSSL_write(write_ssl, command, echoSz);
                     if (ret <= 0) {
-                        err = CyaSSL_get_error(write_ssl, 0);
+                        err = wolfSSL_get_error(write_ssl, 0);
                     #ifdef WOLFSSL_ASYNC_CRYPT
                         if (err == WC_PENDING_E) {
                             ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -453,7 +453,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
                 } while (err == WC_PENDING_E);
                 if (ret != echoSz) {
                     fprintf(stderr, "SSL_write get error = %d, %s\n", err,
-                        CyaSSL_ERR_error_string(err, buffer));
+                        wolfSSL_ERR_error_string(err, buffer));
                     err_sys("SSL_write get failed");
                 }
                 break;
@@ -466,9 +466,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
             do {
                 err = 0; /* reset error */
-                ret = CyaSSL_write(write_ssl, command, echoSz);
+                ret = wolfSSL_write(write_ssl, command, echoSz);
                 if (ret <= 0) {
-                    err = CyaSSL_get_error(write_ssl, 0);
+                    err = wolfSSL_get_error(write_ssl, 0);
                 #ifdef WOLFSSL_ASYNC_CRYPT
                     if (err == WC_PENDING_E) {
                         ret = wolfSSL_AsyncPoll(write_ssl, WOLF_POLL_FLAG_CHECK_HW);
@@ -480,26 +480,26 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
             if (ret != echoSz) {
                 fprintf(stderr, "SSL_write echo error = %d, %s\n", err,
-                        CyaSSL_ERR_error_string(err, buffer));
+                        wolfSSL_ERR_error_string(err, buffer));
                 err_sys("SSL_write echo failed");
             }
         }
-#ifndef CYASSL_DTLS
-        CyaSSL_shutdown(ssl);
+#ifndef WOLFSSL_DTLS
+        wolfSSL_shutdown(ssl);
 #endif
 #ifdef HAVE_WRITE_DUP
-        CyaSSL_free(write_ssl);
+        wolfSSL_free(write_ssl);
 #endif
-        CyaSSL_free(ssl);
+        wolfSSL_free(ssl);
         CloseSocket(clientfd);
-#ifdef CYASSL_DTLS
+#ifdef WOLFSSL_DTLS
         tcp_listen(&sockfd, &port, useAnyAddr, doDTLS, 0);
         SignalReady(args, port);
 #endif
     }
 
     CloseSocket(sockfd);
-    CyaSSL_CTX_free(ctx);
+    wolfSSL_CTX_free(ctx);
 
 #ifdef ECHO_OUT
     if (outCreated)
@@ -510,10 +510,10 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
 
 #if defined(NO_MAIN_DRIVER) && defined(HAVE_ECC) && defined(FP_ECC) \
                             && defined(HAVE_THREAD_LS)
-    ecc_fp_free();  /* free per thread cache */
+    wc_ecc_fp_free();  /* free per thread cache */
 #endif
 
-#ifdef CYASSL_TIRTOS
+#ifdef WOLFSSL_TIRTOS
     fdCloseSession(Task_self());
 #endif
 
@@ -525,9 +525,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
     wolfAsync_DevClose(&devId);
 #endif
 
-#ifndef CYASSL_TIRTOS
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 #endif /* !NO_WOLFSSL_SERVER */
@@ -551,15 +549,15 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
         args.argv = argv;
         args.return_code = 0;
 
-        CyaSSL_Init();
-#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
-        CyaSSL_Debugging_ON();
+        wolfSSL_Init();
+#if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_MDK_SHELL)
+        wolfSSL_Debugging_ON();
 #endif
         ChangeToWolfRoot();
 #ifndef NO_WOLFSSL_SERVER
         echoserver_test(&args);
 #endif
-        CyaSSL_Cleanup();
+        wolfSSL_Cleanup();
 
 #ifdef HAVE_WNR
         if (wc_FreeNetRandom() < 0)
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
index 47d27833..236888d8 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -117,7 +117,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="USE_ANY_ADDR;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
index 775ccc81..28bd2a83 100644
--- a/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/echoserver/echoserver.vcxproj
@@ -159,7 +159,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -218,7 +218,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -237,7 +237,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -259,7 +259,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -281,7 +281,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -302,7 +302,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>USE_ANY_ADDR;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/examples/include.am b/extra/wolfssl/wolfssl/examples/include.am
index 76f48161..4b7ad2f8 100644
--- a/extra/wolfssl/wolfssl/examples/include.am
+++ b/extra/wolfssl/wolfssl/examples/include.am
@@ -1,6 +1,7 @@
 # vim:ft=automake
 # All paths should be given relative to the root
 
+include examples/async/include.am
 include examples/benchmark/include.am
 include examples/client/include.am
 include examples/echoclient/include.am
@@ -9,4 +10,5 @@ include examples/server/include.am
 include examples/sctp/include.am
 include examples/configs/include.am
 include examples/asn1/include.am
+include examples/pem/include.am
 EXTRA_DIST += examples/README.md
diff --git a/extra/wolfssl/wolfssl/examples/pem/include.am b/extra/wolfssl/wolfssl/examples/pem/include.am
new file mode 100644
index 00000000..ceb47f67
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/pem/include.am
@@ -0,0 +1,12 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+
+if BUILD_EXAMPLE_ASN1
+noinst_PROGRAMS += examples/pem/pem
+examples_pem_pem_SOURCES = examples/pem/pem.c
+examples_pem_pem_LDADD        = src/libwolfssl@LIBSUFFIX@.la $(LIB_STATIC_ADD)
+examples_pem_pem_DEPENDENCIES = src/libwolfssl@LIBSUFFIX@.la
+endif
+
diff --git a/extra/wolfssl/wolfssl/examples/pem/pem.c b/extra/wolfssl/wolfssl/examples/pem/pem.c
new file mode 100644
index 00000000..61d7e1ae
--- /dev/null
+++ b/extra/wolfssl/wolfssl/examples/pem/pem.c
@@ -0,0 +1,1044 @@
+/* pem.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#ifndef WOLFSSL_USER_SETTINGS
+    #include <wolfssl/options.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/coding.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/wc_encrypt.h>
+#ifdef DEBUG_WOLFSSL
+    #include <wolfssl/wolfcrypt/logging.h>
+#endif
+#include <stdio.h>
+
+#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
+
+/* Increment allocated data by this much. */
+#define DATA_INC_LEN        256
+/* Maximum block size of a cipher. */
+#define BLOCK_SIZE_MAX      16
+/* Maximum PEM type string length. */
+#define PEM_TYPE_MAX_LEN    32
+/* Maximum salt length. */
+#define SALT_MAX_LEN        64
+/* Default PBE iterations. */
+#define DEFAULT_ITERATIONS  100000
+
+/* Maps a string to a value. */
+typedef struct Str2Val {
+    /* String to be matched. */
+    const char* string;
+    /* Corresponding value. */
+    int val;
+} String2Val;
+
+/* Get the value corresponding to the string.
+ *
+ * @param [in]  map  Map of strings to values.
+ * @param [in]  len  Number of entries in map.
+ * @param [in]  str  String to look-up.
+ * @param [out] val  Value corresponding to string.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int StringToVal(const String2Val* map, int len, const char* str,
+    int* val)
+{
+    int ret = 1;
+    int i;
+
+    for (i = 0; i < len; i++) {
+        if (strcmp(str, map[i].string) == 0) {
+            *val = map[i].val;
+            ret = 0;
+            break;
+        }
+    }
+
+    return ret;
+}
+
+/* Read the contents of a file into a dynamically allocated buffer.
+ *
+ * Uses realloc as input may be stdin.
+ *
+ * @param [in]  fp     File pointer to read from.
+ * @param [out] pdata  Pointer to data.
+ * @param [out] plen   Pointer to length.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int pemApp_ReadFile(FILE* fp, unsigned char** pdata, word32* plen)
+{
+    int ret = 0;
+    word32 len = 0;
+    size_t read_len;
+    /* Allocate a minimum amount. */
+    unsigned char* data = (unsigned char*)malloc(DATA_INC_LEN + BLOCK_SIZE_MAX);
+
+    if (data != NULL) {
+        /* Read more data. */
+        while ((read_len = fread(data + len, 1, DATA_INC_LEN, fp)) != 0) {
+            unsigned char* p;
+
+            /* Add read data amount to length. */
+            len += (word32)read_len;
+
+            /* Stop if we are at end-of-file. */
+            if (feof(fp)) {
+                break;
+            }
+
+            /* Make space for more data to be added to buffer. */
+            p = (unsigned char*)realloc(data, len + DATA_INC_LEN +
+                BLOCK_SIZE_MAX);
+            if (p == NULL) {
+                /* Reallocation failed - free current buffer. */
+                free(data);
+                data = NULL;
+                break;
+            }
+            /* Set data to new pointer. */
+            data = p;
+        }
+        /* Done with file. */
+        fclose(fp);
+    }
+
+    if (data != NULL) {
+        /* Return data and length. */
+        *pdata = data;
+        *plen = len;
+    }
+    else {
+        /* Failed to allocate data. */
+        ret = MEMORY_E;
+    }
+    return ret;
+}
+
+/* Write the data to the file.
+ *
+ * @param [in] fp    File pointer to write to.
+ * @param [in] data  Data to write.
+ * @param [in] len   Length of data to write in bytes.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int WriteFile(FILE* fp, const char* data, word32 len)
+{
+    int ret = 0;
+
+    /* Write data to file. */
+    if (fwrite(data, 1, len, fp) != len) {
+       /* Not all data was written. */
+       fprintf(stderr, "Failed to write\n");
+       ret = 1;
+    }
+    /* Close file. */
+    fclose(fp);
+
+    return ret;
+}
+
+/* List of known PEM types. */
+static const String2Val type_map[] = {
+    { "CERTIFICATE"          , CERT_TYPE                 },
+#ifdef WOLFSSL_CERT_REQ
+    { "CERTIFICATE REQUEST"  , CERTREQ_TYPE              },
+#endif
+#ifndef NO_DH
+    { "DH PARAMETERS"        , DH_PARAM_TYPE             },
+    { "X9.42 DH PARAMETERS"  , X942_PARAM_TYPE           },
+#endif
+#ifndef NO_DSA
+    { "DSA PARAMETERS"       , DSA_PARAM_TYPE            },
+#endif
+#ifdef HAVE_CRL
+    { "X509 CRL"             , CRL_TYPE                  },
+#endif
+    { "RSA PRIVATE KEY"      , RSA_TYPE                  },
+    { "RSA PUBLIC KEY"       , RSA_PUBLICKEY_TYPE        },
+    { "PRIVATE KEY"          , PKCS8_PRIVATEKEY_TYPE     },
+    { "ENCRYPTED PRIVATE KEY", PKCS8_ENC_PRIVATEKEY_TYPE },
+#ifdef HAVE_ECC
+    { "EC PRIVATE KEY"       , ECC_PRIVATEKEY_TYPE       },
+#ifdef OPENSSL_EXTRA
+    { "EC PARAMETERS"        , ECC_PARAM_TYPE            },
+#endif /* OPENSSL_EXTRA */
+#endif /* HAVE_ECC */
+#ifndef NO_DSA
+    { "DSA PRIVATE KEY"      , DSA_PRIVATEKEY_TYPE       },
+#endif
+    { "PUBLIC KEY"           , ECC_PUBLICKEY_TYPE        },
+#if defined(HAVE_ED25519) || defined(HAVE_ED448)
+    { "EDDSA PRIVATE KEY"    , EDDSA_PRIVATEKEY_TYPE     },
+#endif
+};
+/* Number of entries in PEM type map. */
+#define TYPE_MAP_LEN    ((int)(sizeof(type_map) / sizeof(*type_map)))
+
+/* Convert string to PEM type value.
+ *
+ * @param [in]  str   PEM type as a string.
+ * @param [out] type  PEM type as a value.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int StringToType(const char* str, int* type)
+{
+    int ret = StringToVal(type_map, TYPE_MAP_LEN, str, type);
+    if (ret == 1) {
+        fprintf(stderr, "String doesn't match known PEM types: %s\n", str);
+    }
+    return ret;
+}
+
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+/* Password callback for returning the password set in the user data.
+ *
+ * @param [out] passwd    Password buffer.
+ * @param [in]  sz        Size of password buffer.
+ * @param [in]  rw        Ignored.
+ * @param [in]  userdata  Data associated with callback in EncryptedInfo.
+ * @return  Length of password.
+ */
+static int password_from_userdata(char* passwd, int sz, int rw, void* userdata)
+{
+    (void)rw;
+    /* Copy user data into buffer. */
+    strncpy(passwd, (const char*)userdata, (size_t)sz);
+    passwd[sz - 1] = '\0';
+    /* Return length of password returned. */
+    return (int)XSTRLEN((const char*)passwd);
+}
+#endif
+
+/* Find needle in haystack.
+ *
+ * @param [in]  haystack       String to find needle in.
+ * @param [in]  offset         Offset into haystack to start looking.
+ * @param [in]  len            Length of haystack.
+ * @param [in]  needle         String to find in haystack.
+ * @param [in]  needle_len     Length of string to find.
+ * @param [out] needle_offset  Offset into haystack at which needle was found.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int FindStr(char* haystack, word32 offset, word32 len,
+    const char* needle, word32 needle_len, word32* needle_offset)
+{
+    /* Assume failure. */
+    int ret = 1;
+    word32 i;
+
+    /* Ensure there is enough space for needle. */
+    if (len >= needle_len) {
+        /* Look through haystack starting at offset until not enough space for
+         * needle. */
+        for (i = offset; i <= len - needle_len; i++) {
+            /* Check if needle found. */
+            if ((haystack[i] == needle[0]) &&
+                    (strncmp(haystack + i, needle, needle_len) == 0)) {
+                /* Return offset at which needle found. */
+                *needle_offset = i;
+                /* Return success. */
+                ret = 0;
+                /* Stop looking. */
+                break;
+            }
+        }
+    }
+
+    return ret;
+}
+
+/* Find the next PEM block.
+ *
+ * @param [in]  data    PEM data.
+ * @param [in]  offset  Offset into data to start looking.
+ * @param [in]  len     Length of PEM data.
+ * @param [out] start   Start of Base64 encoding.
+ * @param [out] end     End of Base64 encoding.
+ * @param [out] type    PEM type.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int FindPem(char* data, word32 offset, word32 len, word32* start,
+    word32* end, int* type)
+{
+    int ret = 0;
+    word32 i;
+    word32 type_off;
+    char str[PEM_TYPE_MAX_LEN];
+
+    /* Find header. */
+    ret = FindStr(data, offset, len, "-----BEGIN ", 11, &i);
+    if (ret == 1) {
+        /* Got to end without finding PEM header. */
+        fprintf(stderr, "No PEM header found\n");
+    }
+    if (ret == 0) {
+        /* Return start of PEM. */
+        *start = i;
+        /* Get start of type. */
+        type_off = i + 11;
+
+        /* Confirm header. */
+        ret = FindStr(data, i + 11, len, "-----", 5, &i);
+        if (ret == 1) {
+            /* Got to end without finding rest of PEM header. */
+            fprintf(stderr, "Invalid PEM header\n");
+        }
+    }
+    if (ret == 0) {
+        /* Found end of header - convert type string to value. */
+        word32 type_len = i - type_off;
+        if (type_len >= PEM_TYPE_MAX_LEN) {
+            ret = 1;
+        }
+        if (ret == 0) {
+            if (type_len > 0)
+                memcpy(str, data + type_off, type_len);
+            str[type_len] = '\0';
+            ret = StringToType(str, type);
+        }
+    }
+    if (ret == 0) {
+        /* Find footer. */
+        ret = FindStr(data, i + 5, len, "-----END ", 9, &i);
+        if (ret == 1) {
+            /* Got to end without finding PEM footer. */
+            fprintf(stderr, "No PEM footer found\n");
+        }
+    }
+    if (ret == 0) {
+        /* Confirm header. */
+        ret = FindStr(data, i + 9, len, "-----", 5, &i);
+        if (ret == 1) {
+            /* Got to end without finding rest of PEM footer. */
+            fprintf(stderr, "Invalid PEM footer\n");
+        }
+    }
+    if (ret == 0) {
+        /* Return end of  */
+        *end = i + 6;
+    }
+
+    return ret;
+}
+
+/* Convert PEM to DER and write to file.
+ *
+ * @param [in]  in      Array of characters that is the PEM data.
+ * @param [in]  offset  Offset into array to start looking for PEM block.
+ * @param [in]  len     Length of data in array in bytes.
+ * @param [out] der     Buffer holding DER encoded data.
+ * @param [in]  type    PEM type. -1 indicates to determine from array.
+ * @param [in]  info    Encryption information.
+ * @return  0 on success.
+ * @return  Not 0 on failure.
+ */
+static int ConvPemToDer(char* in, word32 offset, word32 len, DerBuffer** der,
+    int type, EncryptedInfo* info, int padding)
+{
+    int ret = 0;
+    word32 start = 0;
+    word32 end = 0;
+    /* Set point to start looking and length. */
+    char* pem = in + offset;
+    word32 pem_len = len - offset;
+
+    /* Check if we need to discover PEM type. */
+    if ((ret == 0) && (type == -1)) {
+        /* Find PEM block and type. */
+        ret = FindPem(pem, 0, pem_len, &start, &end, &type);
+        if (ret != 0) {
+            fprintf(stderr, "Could not find PEM header\n");
+        }
+        /* Update start pointer and length. */
+        pem += start;
+        pem_len = end - start;
+    }
+    if (ret == 0) {
+        /* Convert to DER. */
+        ret = wc_PemToDer((unsigned char*)pem, pem_len, type, der, NULL, info,
+            NULL);
+        if (ret != 0) {
+            fprintf(stderr, "Could not convert PEM to DER\n");
+        }
+    }
+    /* Remove padding from encryption if requested. */
+    if ((ret == 0) && padding) {
+        unsigned char pad = (*der)->buffer[(*der)->length - 1];
+        word32 i;
+
+        /* Simple padding validation. */
+        if ((pad == 0) || (pad > (*der)->length)) {
+            fprintf(stderr, "Invalid padding: %02x\n", pad);
+            ret = 1;
+        }
+        else {
+            /* Check padding is valid. */
+            for (i = 1; i < pad; i++) {
+                if ((*der)->buffer[(*der)->length - 1 - i] != pad) {
+                    fprintf(stderr, "Invalid padding: %d\n", pad);
+                    ret = 1;
+                    break;
+                }
+            }
+            if (ret == 0) {
+                /* Don't write out padding. */
+                (*der)->length -= pad;
+            }
+        }
+    }
+
+    return ret;
+}
+
+#ifdef WOLFSSL_DER_TO_PEM
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+/* List of known PBE algorithms. */
+static const String2Val pbe_map[] = {
+#ifndef NO_SHA
+    #ifndef NO_RC4
+        { "SHA1_RC4_128"  , ENC_PKCS8_PBE_SHA1_RC4_128   },
+    #endif
+    #ifndef NO_DES
+        { "SHA1_DES3"     , ENC_PKCS8_PBE_SHA1_DES3      },
+        { "PBES1_SHA1_DES", ENC_PKCS8_PBES1_SHA1_DES     },
+    #endif
+    #ifdef WC_RC2
+        { "SHA1_40RC2_CBC", ENC_PKCS8_PBE_SHA1_40RC2_CBC },
+    #endif
+#endif
+#ifndef NO_MD5
+    #ifndef NO_DES
+        { "PBES1_MD5_DES" , ENC_PKCS8_PBES1_MD5_DES      },
+    #endif
+#endif
+        { "PBES2"         , ENC_PKCS8_PBES2              },
+};
+/* Number of entries in PBE map. */
+#define PBE_MAP_LEN     ((int)(sizeof(pbe_map) / sizeof(*pbe_map)))
+
+/* Convert string to PBE value.
+ *
+ * @param [in]  str  PBE as a string.
+ * @param [out] pbe  PBE as a value.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int StringToPbe(char* str, int* pbe)
+{
+    int ret = StringToVal(pbe_map, PBE_MAP_LEN, str, pbe);
+    if (ret == 1) {
+        fprintf(stderr, "String doesn't match known PBE algorithms: %s\n", str);
+    }
+    return ret;
+}
+
+/* List of known PBE versions. */
+static const String2Val pbe_ver_map[] = {
+    { "PKCS12"  , ENC_PKCS8_VER_PKCS12 },
+    { "PKCS12v1", ENC_PKCS8_VER_PKCS12 },
+    { "PKCS5"   , ENC_PKCS8_VER_PKCS5  },
+};
+/* Number of entries in PBE versions map. */
+#define PBE_VER_MAP_LEN     ((int)(sizeof(pbe_ver_map) / sizeof(*pbe_ver_map)))
+
+/* Convert string to PBE version value.
+ *
+ * @param [in]  str      PBE version as a string.
+ * @param [out] pbe_ver  PBE version as a value.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int StringToPbeVer(char* str, int* pbe_ver)
+{
+    int ret = StringToVal(pbe_ver_map, PBE_VER_MAP_LEN, str, pbe_ver);
+    if (ret == 1) {
+        fprintf(stderr, "String doesn't match known PBE versions: %s\n", str);
+    }
+    return ret;
+}
+
+/* List of known PKCS#5v2 PBE encryption algorithms. */
+static const String2Val pbe_alg_map[] = {
+    { "AES-128-CBC", ENC_PKCS8_ALG_AES128CBC },
+    { "AES-256-CBC", ENC_PKCS8_ALG_AES256CBC },
+    { "DES"        , ENC_PKCS8_ALG_DES       },
+    { "DES3"       , ENC_PKCS8_ALG_DES3      },
+};
+/* Number of entries in PBE algorithm map. */
+#define PBE_ALG_MAP_LEN     ((int)(sizeof(pbe_alg_map) / sizeof(*pbe_alg_map)))
+
+/* Convert string to PBE algorithm value.
+ *
+ * @param [in]  str      PBE algorithm as a string.
+ * @param [out] pbe_alg  PBE algorithm as a value.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int StringToPbeAlg(char* str, int* pbe_alg)
+{
+    int ret = StringToVal(pbe_alg_map, PBE_ALG_MAP_LEN, str, pbe_alg);
+    if (ret == 1) {
+        fprintf(stderr, "String doesn't match known PBE algorithms: %s\n", str);
+    }
+    return ret;
+}
+
+/* Encrypt the DER data.
+ *
+ * @param [in]  in           DER data to encrypt.
+ * @param [in]  in_len       Length of DER data.
+ * @param [in]  password     Password to use to derive key for encryption.
+ * @param [in]  iterations   Number of iterations in PBE.
+ * @param [in]  salt_sz      Size of salt to use in bytes.
+ * @param [in]  pbe          PBE algorithm to use.
+ * @param [in]  pbe_ver      Version of PBE algorithm to use.
+ * @param [in]  enc_alg_id   Encryption algorithm id for when using PBES2.
+ * @param [out] enc          DER encrypted data.
+ * @param [out] enc_len      Length of DER encrypted data.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+static int EncryptDer(unsigned char* in, word32 in_len, char* password,
+    unsigned int iterations, unsigned int salt_sz, int pbe, int pbe_ver,
+    int enc_alg_id, unsigned char** enc, word32* enc_len)
+{
+    int ret;
+    WC_RNG rng;
+    unsigned char salt[SALT_MAX_LEN];
+
+    if (password == NULL)
+        return 1;
+
+    XMEMSET(&rng, 0, sizeof(rng));
+
+    /* Create a random number generator. */
+    ret = wc_InitRng(&rng);
+    if (ret == 0) {
+        /* Get salt from random number generator. */
+        ret = wc_RNG_GenerateBlock(&rng, salt, salt_sz);
+    }
+    if (ret == 0) {
+        /* Get length of encrypted DER data. */
+        ret = wc_CreateEncryptedPKCS8Key(in, in_len, NULL, enc_len, password,
+            (int)strlen(password), pbe_ver, pbe, enc_alg_id, salt, salt_sz,
+            (int)iterations, &rng, NULL);
+        if (ret == LENGTH_ONLY_E) {
+            ret = 0;
+        }
+        else if (ret == 0) {
+            ret = 1;
+        }
+    }
+    if (ret == 0) {
+        /* Allocate memory for encrypted DER data. */
+        *enc = (unsigned char*)malloc(*enc_len);
+        if (*enc == NULL) {
+            ret = 1;
+        }
+    }
+    if (ret == 0) {
+        /* Encrypt DER data. */
+        ret = wc_CreateEncryptedPKCS8Key(in, in_len, *enc, enc_len, password,
+            (int)strlen(password), pbe_ver, pbe, enc_alg_id, salt, salt_sz,
+            (int)iterations, &rng, NULL);
+        if (ret > 0) {
+            ret = 0;
+        }
+    }
+
+    wc_FreeRng(&rng);
+    return ret;
+}
+#endif
+
+/* Convert DER to PEM and write to file.
+ *
+ * @param [in]  in          Array of bytes holding the DER encoding.
+ * @param [in]  offset      Offset into array of data to convert to PEM.
+ * @param [in]  len         Length of data in array in bytes.
+ * @param [out] out         Allocated buffer holding PEM encoding.
+ * @param [out] out_len     Length of PEM encoding in bytes.
+ * @param [in]  type        PEM type.
+ * @param [in]  cipher_str  String to write into encrypted key.
+ * @return  0 on success.
+ * @return  Not 0 on failure.
+ */
+static int ConvDerToPem(unsigned char* in, word32 offset, word32 len,
+    unsigned char** out, word32* out_len, int type, const char* cipher_str)
+{
+    int ret = 0;
+    unsigned char* pem = NULL;
+    unsigned int pem_len = 0;
+    /* Set point to start looking and length. */
+    unsigned char* der = in + offset;
+    word32 der_len = len - offset;
+
+    /* Get length of PEM based on DER. */
+    ret = wc_DerToPemEx(der, der_len, NULL, 0, (byte*)cipher_str, type);
+    if (ret <= 0) {
+        fprintf(stderr, "Could not determine length of PEM\n");
+    }
+    pem_len = (unsigned int)ret;
+    if (ret > 0) {
+        ret = 0;
+    }
+    if ((ret == 0) && (pem_len > 0)) {
+        /* Allocate memory to hold PEM encoding. */
+        pem = (unsigned char*)malloc(pem_len);
+        if (pem == NULL) {
+            ret = 1;
+        }
+    }
+    if (ret == 0) {
+        /* Convert DER to PEM. */
+        ret = wc_DerToPemEx(der, der_len, pem, pem_len, (byte*)cipher_str,
+            type);
+        if (ret <= 0) {
+            fprintf(stderr, "Could not convert DER to PEM\n");
+            free(pem);
+        }
+        if (ret > 0) {
+            *out = pem;
+            *out_len = (word32)ret;
+            ret = 0;
+        }
+    }
+
+    return ret;
+}
+#endif
+
+/* Usage lines to show. */
+const char* usage[] = {
+    "pem [OPTION]...",
+    "Convert to/from PEM and DER.",
+    "",
+    "Options:",
+    "  -?, --help       display this help and exit",
+    "  -t --type        string representing type of data",
+    "  -in              name of file to read (uses stdin otherwise)",
+    "  -out             name of file to write to (uses stdout otherwise)",
+    "  -o --offset      offset into file where data to convert starts",
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+    "  -p --pass        password to use with encrypted keys",
+#endif
+#ifdef WOLFSSL_DER_TO_PEM
+    "  -d --der         input is DER and output is PEM",
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+    "  --padding        Remove padding on decrypted data",
+    "  -e --encrypt     DER key is to be encrypted",
+    "  -v --pbe-ver     PBE version to use when encrypting key (see below)",
+    "  -p --pbe         PBE to use when encrypting key (see below)",
+    "  -a --pbe-alg     PBES2 algorithm to use when encrypting key (see below)",
+    "  -i --iter        number of iterations of PBE - default: 100000",
+    "  -s --salt-sz     length, in bytes, of salt to generate - 0-64",
+#endif
+#endif
+#ifdef DEBUG_WOLFSSL
+    "  -l --log         turn on wolfSSL logging",
+#endif
+    "",
+};
+/* Number of usage lines. */
+#define USAGE_SZ  ((int)(sizeof(usage) / sizeof(*usage)))
+
+const struct string_usage_st {
+    const char* str;
+    const String2Val* map;
+    int len;
+} known_strings[] = {
+    { "Known PEM header/trailer strings:", type_map   , TYPE_MAP_LEN    },
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+    !defined(NO_PWDBASED)
+    { "Known PBE version strings:"       , pbe_ver_map, PBE_VER_MAP_LEN },
+    { "Known PBE strings:"               , pbe_map    , PBE_MAP_LEN     },
+    { "Known PBES2 algorithm strings:"   , pbe_alg_map, PBE_ALG_MAP_LEN },
+#endif
+};
+/* Number of usage lines. */
+#define KNOWN_STRINGS_SZ    \
+    ((int)(sizeof(known_strings) / sizeof(*known_strings)))
+
+/* Print out usage lines.
+ */
+static void Usage(void)
+{
+    int i;
+    int j;
+
+    /* Usage lines. */
+    for (i = 0; i < USAGE_SZ; i++) {
+        printf("%s\n", usage[i]);
+    }
+    /* Known strings for options. */
+    for (j = 0; j < KNOWN_STRINGS_SZ; j++) {
+        printf("%s\n", known_strings[j].str);
+        for (i = 0; i < known_strings[j].len; i++) {
+            printf("    %s\n", known_strings[j].map[i].string);
+        }
+    }
+}
+
+/* Main entry of ASN.1 printing program.
+ *
+ * @param [in] argc  Count of command line arguments.
+ * @param [in] argv  Command line arguments.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+int main(int argc, char* argv[])
+{
+    int ret = 0;
+    /* Default to reading STDIN. */
+    FILE* in_file = stdin;
+    /* Default to writing to STDOUT. */
+    FILE* out_file = stdout;
+    const char* out_name = NULL;
+    unsigned char* in = NULL;
+    word32 in_len = 0;
+    word32 offset = 0;
+    unsigned char* out = NULL;
+    word32 out_len = 0;
+    int pem = 1;
+    const char* type_str = NULL;
+    int type = -1;
+    DerBuffer* der = NULL;
+    EncryptedInfo info;
+    int padding = 0;
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+    !defined(NO_PWDBASED)
+    int enc_der = 0;
+    unsigned char* enc = NULL;
+    word32 enc_len = 0;
+    unsigned int iterations = DEFAULT_ITERATIONS;
+    unsigned int salt_sz = 8;
+    int pbe_ver = ENC_PKCS8_VER_PKCS5;
+    int pbe = ENC_PKCS8_PBES2;
+    int pbe_alg = ENC_PKCS8_ALG_AES256CBC;
+#endif
+#ifdef DEBUG_WOLFSSL
+    int log = 0;
+#endif
+
+    memset(&info, 0, sizeof(info));
+
+    /* Skip over program name. */
+    argc--;
+    argv++;
+    while (argc > 0) {
+        /* PEM header type. */
+        if ((strcmp(argv[0], "-t") == 0) ||
+                 (strcmp(argv[0], "--type") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No type string provided\n");
+                return 1;
+            }
+            type_str = argv[0];
+        }
+        /* Name of input file. */
+        else if (strcmp(argv[0], "-in") == 0) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No filename provided\n");
+                return 1;
+            }
+            in_file = fopen(argv[0], "r");
+            if (in_file == NULL) {
+                fprintf(stderr, "File not able to be read: %s\n", argv[0]);
+                return 1;
+            }
+        }
+        /* Name of output file. */
+        else if (strcmp(argv[0], "-out") == 0) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No filename provided\n");
+                return 1;
+            }
+            out_name = argv[0];
+        }
+        /* Offset into input data to start from. */
+        else if ((strcmp(argv[0], "-o") == 0) ||
+                 (strcmp(argv[0], "--offset") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No filename provided\n");
+                return 1;
+            }
+            offset = (word32)strtoul(argv[0], NULL, 10);
+        }
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+        /* Password to use when encrypting or decrypting keys with PEM. */
+        else if ((strcmp(argv[0], "-p") == 0) ||
+                 (strcmp(argv[0], "--pass") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No password provided\n");
+                return 1;
+            }
+            info.passwd_cb = password_from_userdata;
+            info.passwd_userdata = argv[0];
+        }
+#endif
+#ifdef WOLFSSL_DER_TO_PEM
+        /* Input is DER and we are converting to PEM. */
+        else if ((strcmp(argv[0], "-d") == 0) ||
+                 (strcmp(argv[0], "--der") == 0)) {
+            pem = 0;
+        }
+#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+        /* Remove padding leftover from decryption. */
+        else if (strcmp(argv[0], "--padding") == 0) {
+            padding = 1;
+        }
+        /* Encrypting the DER data. */
+        else if ((strcmp(argv[0], "-e") == 0) ||
+                 (strcmp(argv[0], "--encrypt") == 0)) {
+            enc_der = 1;
+        }
+        /* PBE version. */
+        else if ((strcmp(argv[0], "-v") == 0) ||
+                 (strcmp(argv[0], "--pbe-ver") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No PBE version provided\n");
+                return 1;
+            }
+            if (StringToPbeVer(argv[0], &pbe_ver) != 0) {
+                return 1;
+            }
+        }
+        /* PBE algorithm. */
+        else if ((strcmp(argv[0], "-p") == 0) ||
+                 (strcmp(argv[0], "--pbe") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No PBE provided\n");
+                return 1;
+            }
+            if (StringToPbe(argv[0], &pbe) != 0) {
+                return 1;
+            }
+        }
+        /* PBES2 algorithm. */
+        else if ((strcmp(argv[0], "-a") == 0) ||
+                 (strcmp(argv[0], "--pbe-alg") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No PBE algorithm provided\n");
+                return 1;
+            }
+            if (StringToPbeAlg(argv[0], &pbe_alg) != 0) {
+                return 1;
+            }
+        }
+        /* Number of PBE iterations. */
+        else if ((strcmp(argv[0], "-i") == 0) ||
+                 (strcmp(argv[0], "--iter") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No filename provided\n");
+                return 1;
+            }
+            iterations = (unsigned int)strtoul(argv[0], NULL, 10);
+        }
+        /* Size of salt to be generated. */
+        else if ((strcmp(argv[0], "-s") == 0) ||
+                 (strcmp(argv[0], "--salt-sz") == 0)) {
+            argc--;
+            argv++;
+            if (argc == 0) {
+                fprintf(stderr, "No salt size provided\n");
+                return 1;
+            }
+            salt_sz = (unsigned int)strtoul(argv[0], NULL, 10);
+            if (salt_sz > SALT_MAX_LEN) {
+                fprintf(stderr, "Salt size must be no bigger than %d: %d\n",
+                    SALT_MAX_LEN, salt_sz);
+                return 1;
+            }
+        }
+#endif /* WOLFSSL_ENCRYPTED_KEYS !NO_PWDBASED */
+#endif /* WOLFSSL_DER_TO_PEM */
+#ifdef DEBUG_WOLFSSL
+        /* Turn on logging. */
+        else if ((strcmp(argv[0], "-l") == 0) ||
+                 (strcmp(argv[0], "--log") == 0)) {
+            log = 1;
+        }
+#endif
+        /* Display help/usage. */
+        else if ((strcmp(argv[0], "-?") == 0) ||
+                 (strcmp(argv[0], "--help") == 0)) {
+            Usage();
+            return 0;
+        }
+        else {
+            fprintf(stderr, "Bad option: %s\n", argv[0]);
+            Usage();
+            return 1;
+        }
+
+        /* Move on to next command line argument. */
+        argc--;
+        argv++;
+    }
+
+#ifdef DEBUG_WOLFSSL
+    if (log) {
+        wolfSSL_Debugging_ON();
+    }
+#endif
+
+    /* Convert PEM type string to value. */
+    if (type_str != NULL) {
+        ret = StringToType(type_str, &type);
+    }
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+    !defined(NO_PWDBASED)
+    /* Check whether we are encrypting DER. */
+    if ((!pem) && (type == PKCS8_ENC_PRIVATEKEY_TYPE)) {
+        enc_der = 1;
+    }
+#endif
+    /* Read all of PEM file. */
+    if ((ret == 0) && (pemApp_ReadFile(in_file, &in, &in_len) != 0)) {
+        fprintf(stderr, "Reading file failed\n");
+        ret = 1;
+    }
+
+    if ((ret == 0) && pem) {
+        /* Convert PEM to DER. */
+        ret = ConvPemToDer((char*)in, offset, in_len, &der, type, &info,
+            padding);
+        if (ret == 0) {
+            out = der->buffer;
+            out_len = der->length;
+        }
+    }
+    else {
+#ifdef WOLFSSL_DER_TO_PEM
+    #if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_PWDBASED)
+        if (enc_der) {
+            /* Encrypt DER first. */
+            ret = EncryptDer(in + offset, in_len - offset,
+                (char*)info.passwd_userdata, iterations, salt_sz, pbe, pbe_ver,
+                pbe_alg, &enc, &enc_len);
+            if (ret == 0) {
+                /* Convert encrypted DER data to PEM. */
+                ret = ConvDerToPem(enc, 0, enc_len, &out, &out_len, type,
+                    NULL);
+            }
+        }
+        else
+    #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
+        {
+            /* Convert DER data to PEM. */
+            ret = ConvDerToPem(in, offset, in_len, &out, &out_len, type, NULL);
+        }
+#else
+        fprintf(stderr, "DER to PEM not supported by wolfSSL\n");
+        ret = 1;
+#endif
+    }
+
+    if ((ret == 0) && (out_name != NULL)) {
+        /*Open write named file to write to. */
+        out_file = fopen(out_name, "w");
+        if (out_file == NULL) {
+            fprintf(stderr, "File not able to be written: %s\n", out_name);
+            ret = 1;
+        }
+    }
+    if (ret == 0) {
+        /* Write out PEM. */
+        ret = WriteFile(out_file, out ? (const char *)out : "", out_len);
+        if (ret != 0) {
+            fprintf(stderr, "Could not write file\n");
+        }
+    }
+
+    /* Dispose of allocated data. */
+    if (der != NULL) {
+        wc_FreeDer(&der);
+    }
+    else if (out != NULL) {
+        free(out);
+    }
+#if defined(WOLFSSL_DER_TO_PEM) && defined(WOLFSSL_ENCRYPTED_KEYS) && \
+    !defined(NO_PWDBASED)
+    if (enc != NULL) {
+        free(enc);
+    }
+#endif
+    if (in != NULL) {
+        free(in);
+    }
+    if (ret < 0) {
+        fprintf(stderr, "%s\n", wc_GetErrorString(ret));
+    }
+    return (ret == 0) ? 0 : 1;
+}
+
+#else
+
+/* Main entry of ASN.1 printing program.
+ *
+ * @param [in] argc  Count of command line arguments.
+ * @param [in] argv  Command line arguments.
+ * @return  0 on success.
+ * @return  1 on failure.
+ */
+int main(int argc, char* argv[])
+{
+    (void)argc;
+    (void)argv;
+    fprintf(stderr, "PEM to DER conversion of file system support not compiled"
+                    " in.\n");
+    return 0;
+}
+
+#endif /* WOLFSSL_PEM_TO_DER && !NO_FILESYSTEM */
diff --git a/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c b/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
index dcc42653..d38f5579 100644
--- a/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
+++ b/extra/wolfssl/wolfssl/examples/sctp/sctp-client-dtls.c
@@ -27,7 +27,7 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
 /* sctp */
 #include <sys/socket.h>
 #include <sys/types.h>
@@ -47,13 +47,13 @@ static int err_sys(const char* msg)
     perror(msg);
     exit(EXIT_FAILURE);
 }
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
 
 int main(int argc, char **argv)
 {
     (void)argc;
     (void)argv;
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
     int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP);
 
     if (sd < 0)
@@ -126,7 +126,7 @@ int main(int argc, char **argv)
     wolfSSL_CTX_free(ctx);
 
     close(sd);
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
 
     return 0;
 }
diff --git a/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c b/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
index 802b7d40..c02522f2 100644
--- a/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
+++ b/extra/wolfssl/wolfssl/examples/sctp/sctp-server-dtls.c
@@ -26,7 +26,7 @@
 #include <wolfssl/wolfcrypt/settings.h>
 #include <wolfssl/ssl.h>
 
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
 /* sctp */
 #include <sys/socket.h>
 #include <sys/types.h>
@@ -47,13 +47,13 @@ static int err_sys(const char* msg)
     perror(msg);
     exit(EXIT_FAILURE);
 }
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
 
 int main(int argc, char **argv)
 {
     (void)argc;
     (void)argv;
-#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS)
+#if defined(WOLFSSL_SCTP) && defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
     int sd = socket(PF_INET, SOCK_STREAM, IPPROTO_SCTP);
 
     if (sd < 0)
@@ -125,6 +125,6 @@ int main(int argc, char **argv)
     wolfSSL_CTX_free(ctx);
 
     close(sd);
-#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS */
+#endif /* WOLFSSL_SCTP && WOLFSSL_DTLS && !WOLFSSL_NO_TLS12 */
     return 0;
 }
diff --git a/extra/wolfssl/wolfssl/examples/server/server.c b/extra/wolfssl/wolfssl/examples/server/server.c
index 9b695a44..c88f3759 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.c
+++ b/extra/wolfssl/wolfssl/examples/server/server.c
@@ -148,8 +148,16 @@ int catastrophic = 0; /* Use with -x flag to still exit when an error is
                       * cert to send to clients attempting to connect. The
                       * server should error out completely in that case
                       */
+static int quieter = 0; /* Print fewer messages. This is helpful with overly
+                         * ambitious log parsers. */
 static int lng_index = 0;
 
+#define LOG_ERROR(...) \
+    do {                                  \
+        if (!quieter)                     \
+            fprintf(stderr, __VA_ARGS__); \
+    } while(0)
+
 #ifdef WOLFSSL_CALLBACKS
     #if !defined(NO_OLD_TIMEVAL_NAME)
         Timeval srvTo;
@@ -186,8 +194,8 @@ static int lng_index = 0;
 static void err_sys_ex(int out, const char* msg)
 {
     if (out == 1) { /* if server is running w/ -x flag, print error w/o exit */
-        fprintf(stderr, "wolfSSL error: %s\n", msg);
-        fprintf(stderr, "Continuing server execution...\n\n");
+        LOG_ERROR("wolfSSL error: %s\n", msg);
+        LOG_ERROR("Continuing server execution...\n\n");
     } else {
         err_sys(msg);
     }
@@ -448,7 +456,7 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
                                              err != WOLFSSL_ERROR_WANT_WRITE &&
                                              err != WOLFSSL_ERROR_ZERO_RETURN &&
                                              err != APP_DATA_READY) {
-                        fprintf(stderr, "SSL_read echo error %d\n", err);
+                        LOG_ERROR("SSL_read echo error %d\n", err);
                         err_sys_ex(runWithErrors, "SSL_read failed");
                         break;
                     }
@@ -483,7 +491,7 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
                 }
             } while (err == WC_PENDING_E);
             if (ret != (int)min(len, rx_pos)) {
-                fprintf(stderr, "SSL_write echo error %d\n", err);
+                LOG_ERROR("SSL_write echo error %d\n", err);
                 err_sys_ex(runWithErrors, "SSL_write failed");
             }
 
@@ -557,7 +565,7 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
         #endif
         #ifdef WOLFSSL_DTLS
             if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
-                fprintf(stderr, "Dropped client's message due to a bad MAC\n");
+                LOG_ERROR("Dropped client's message due to a bad MAC\n");
             }
             else
         #endif
@@ -568,7 +576,7 @@ static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
                     && err != APP_DATA_READY
         #endif
             ) {
-                fprintf(stderr, "SSL_read input error %d, %s\n", err,
+                LOG_ERROR("SSL_read input error %d, %s\n", err,
                                                  ERR_error_string(err, buffer));
                 err_sys_ex(runWithErrors, "SSL_read failed");
             }
@@ -641,7 +649,7 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
     } while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_WRITE);
     if (ret != outputLen) {
         char buffer[WOLFSSL_MAX_ERROR_SZ];
-        fprintf(stderr, "SSL_write msg error %d, %s\n", err,
+        LOG_ERROR("SSL_write msg error %d, %s\n", err,
                                                  ERR_error_string(err, buffer));
         err_sys_ex(runWithErrors, "SSL_write failed");
     }
@@ -744,6 +752,18 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
                 else
                     err_sys("unable to use curve secp256r1");
             } while (ret == WC_PENDING_E);
+        #elif defined(WOLFSSL_SM2)
+            do {
+                ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SM2P256V1);
+                if (ret == WOLFSSL_SUCCESS)
+                    groups[count++] = WOLFSSL_ECC_SM2P256V1;
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                else if (ret == WC_PENDING_E)
+                    wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
+            #endif
+                else
+                    err_sys("unable to use curve sm2p256r1");
+            } while (ret == WC_PENDING_E);
         #endif
     #endif
         }
@@ -1319,7 +1339,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
     size_t srtp_secret_length;
     byte *srtp_secret, *p;
     int ret;
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
     srtp_test_helper *srtp_helper = args->srtp_helper;
 #else
     (void)args;
@@ -1328,7 +1348,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
     ret = wolfSSL_export_dtls_srtp_keying_material(ssl, NULL,
                                                    &srtp_secret_length);
     if (ret != LENGTH_ONLY_E) {
-        fprintf(stderr, "DTLS SRTP: Error getting key material length\n");
+        LOG_ERROR("DTLS SRTP: Error getting key material length\n");
         return ret;
     }
 
@@ -1342,7 +1362,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
                                                    &srtp_secret_length);
     if (ret != WOLFSSL_SUCCESS) {
         XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        fprintf(stderr, "DTLS SRTP: Error getting key material\n");
+        LOG_ERROR("DTLS SRTP: Error getting key material\n");
         return ret;
     }
 
@@ -1351,7 +1371,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
         printf("%02X", *p);
     printf("\n");
 
-#if !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#ifdef WOLFSSL_COND
     if (srtp_helper != NULL) {
         srtp_helper_set_ekm(srtp_helper, srtp_secret, srtp_secret_length);
 
@@ -1359,7 +1379,7 @@ static int server_srtp_test(WOLFSSL *ssl, func_args *args)
            correctness */
         return 0;
     }
-#endif /* _POSIX_THREADS */
+#endif /* WOLFSSL_COND */
 
     XFREE(srtp_secret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     return 0;
@@ -1391,7 +1411,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
         { "wolfsentry-config", 1, 256 },
 #endif
         { "help", 0, 257 },
+#ifndef NO_MULTIBYTE_PRINT
         { "ヘルプ", 0, 258 },
+#endif
 #if defined(HAVE_PQC)
         { "pqc", 1, 259 },
 #endif
@@ -1410,6 +1432,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #ifdef HAVE_SUPPORTED_CURVES
         {"onlyPskDheKe", 2, 264},
 #endif /* HAVE_SUPPORTED_CURVES */
+#ifdef HAVE_CRL
+        {"crl-dir", 1, 265},
+#endif
+        {"quieter", 0, 266},
         { 0, 0, 0 }
     };
 #endif
@@ -1419,7 +1445,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #else
     int    doCliCertCheck = 0;
 #endif
-#ifdef HAVE_CRL
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
     int    disableCRL = 0;
 #endif
     int    useAnyAddr = 0;
@@ -1531,6 +1557,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     int useDtlsCID = 0;
     char dtlsCID[DTLS_CID_BUFFER_SIZE] = { 0 };
 #endif /* WOLFSSL_DTLS_CID */
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+    char* crlDir = NULL;
+#endif
 
 #ifdef WOLFSSL_STATIC_MEMORY
     /* Note: Actual memory used is much less, this is the entire buffer buckets,
@@ -1693,7 +1722,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                 break;
 
             case 'V' :
-                #ifdef HAVE_CRL
+                #if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
                     disableCRL = 1;
                 #endif
                 break;
@@ -2107,7 +2136,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                 nonBlocking = 1;
                 simulateWantWrite = 1;
 #else
-                fprintf(stderr, "Ignoring -6 since async I/O support not "
+                LOG_ERROR("Ignoring -6 since async I/O support not "
                                 "compiled in.\n");
 #endif
                 break;
@@ -2252,9 +2281,9 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                 if (force_curve_group_id <= 0) {
                     if (lng_index == 1) {
                         /* TODO: Need Japanese translation */
-                        fprintf(stderr, "Invalid curve '%s'\n", myoptarg);
+                        LOG_ERROR("Invalid curve '%s'\n", myoptarg);
                     } else {
-                        fprintf(stderr, "Invalid curve '%s'\n", myoptarg);
+                        LOG_ERROR("Invalid curve '%s'\n", myoptarg);
                     }
                     XEXIT_T(EXIT_FAILURE);
                 }
@@ -2281,7 +2310,17 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
         #endif
 #endif
             break;
+        case 265:
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+            crlDir = myoptarg;
+#endif
+            break;
+
+        case 266:
+            quieter = 1;
+            break;
 
+        case -1:
             default:
                 Usage();
                 XEXIT_T(MY_EX_USAGE);
@@ -2327,7 +2366,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 
 #ifndef HAVE_SESSION_TICKET
     if ((version >= 4) && resume) {
-        fprintf(stderr, "Can't do TLS 1.3 resumption; need session tickets!\n");
+        LOG_ERROR("Can't do TLS 1.3 resumption; need session tickets!\n");
     }
 #endif
 
@@ -2341,7 +2380,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     if (usePqc) {
         if (version == SERVER_DOWNGRADE_VERSION ||
             version == EITHER_DOWNGRADE_VERSION) {
-            fprintf(stderr,
+            LOG_ERROR(
                    "WARNING: If a TLS 1.3 connection is not negotiated, you "
                    "will not be using a post-quantum group.\n");
         } else if (version != 4 && version != -4) {
@@ -2438,11 +2477,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     #ifdef DEBUG_WOLFSSL
     /* print off helper buffer sizes for use with static memory
      * printing to stderr in case of debug mode turned on */
-    fprintf(stderr, "static memory management size = %d\n",
+    LOG_ERROR("static memory management size = %d\n",
             wolfSSL_MemoryPaddingSz());
-    fprintf(stderr, "calculated optimum general buffer size = %d\n",
+    LOG_ERROR("calculated optimum general buffer size = %d\n",
             wolfSSL_StaticBufferSz(memory, sizeof(memory), 0));
-    fprintf(stderr, "calculated optimum IO buffer size      = %d\n",
+    LOG_ERROR("calculated optimum IO buffer size      = %d\n",
             wolfSSL_StaticBufferSz(memoryIO, sizeof(memoryIO),
                                                   WOLFMEM_IO_POOL_FIXED));
     #endif /* DEBUG_WOLFSSL */
@@ -2823,7 +2862,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfAsync_DevOpen(&devId);
     if (ret < 0) {
-        fprintf(stderr, "Async device open failed\nRunning without async\n");
+        LOG_ERROR("Async device open failed\nRunning without async\n");
     }
     wolfSSL_CTX_SetDevId(ctx, devId);
 #endif /* WOLFSSL_ASYNC_CRYPT */
@@ -2846,6 +2885,30 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
         wolfSSL_CTX_NoTicketTLSv12(ctx);
 #endif
 #endif
+#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
+    if (!disableCRL) {
+        /* Need to load CA's to confirm CRL signatures */
+        unsigned int verify_flags = 0;
+#ifdef TEST_BEFORE_DATE
+        verify_flags |= WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY;
+#endif
+        if (wolfSSL_CTX_load_verify_locations_ex(ctx, verifyCert, 0,
+            verify_flags) != WOLFSSL_SUCCESS) {
+            err_sys_ex(catastrophic,
+                       "can't load ca file, Please run from wolfSSL home dir");
+        }
+#ifdef HAVE_CRL_MONITOR
+        crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
+#endif
+        if (wolfSSL_CTX_EnableCRL(ctx, 0) != WOLFSSL_SUCCESS)
+            err_sys_ex(runWithErrors, "unable to enable CRL");
+        if (wolfSSL_CTX_LoadCRL(ctx, crlDir != NULL ? crlDir : crlPemDir,
+                            WOLFSSL_FILETYPE_PEM, crlFlags) != WOLFSSL_SUCCESS)
+            err_sys_ex(runWithErrors, "unable to load CRL");
+        if (wolfSSL_CTX_SetCRL_Cb(ctx, CRL_CallBack) != WOLFSSL_SUCCESS)
+            err_sys_ex(runWithErrors, "unable to set CRL callback url");
+    }
+#endif
 
 
     while (1) {
@@ -2865,7 +2928,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
             }
         }
 #if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
-        fprintf(stderr, "Before creating SSL\n");
+        LOG_ERROR("Before creating SSL\n");
         if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
             err_sys_ex(runWithErrors, "ctx not using static memory");
         if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -2954,7 +3017,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #endif
 
 #if defined(WOLFSSL_STATIC_MEMORY) && defined(DEBUG_WOLFSSL)
-        fprintf(stderr, "After creating SSL\n");
+        LOG_ERROR("After creating SSL\n");
         if (wolfSSL_CTX_is_static_memory(ctx, &mem_stats) != 1)
             err_sys_ex(runWithErrors, "ctx not using static memory");
         if (wolfSSL_PrintStats(&mem_stats) != 1) /* function in test.h */
@@ -3022,20 +3085,6 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #ifndef NO_HANDSHAKE_DONE_CB
         wolfSSL_SetHsDoneCb(ssl, myHsDoneCb, NULL);
 #endif
-#if defined(HAVE_CRL) && !defined(NO_FILESYSTEM)
-    if (!disableCRL) {
-#ifdef HAVE_CRL_MONITOR
-        crlFlags = WOLFSSL_CRL_MONITOR | WOLFSSL_CRL_START_MON;
-#endif
-        if (wolfSSL_EnableCRL(ssl, 0) != WOLFSSL_SUCCESS)
-            err_sys_ex(runWithErrors, "unable to enable CRL");
-        if (wolfSSL_LoadCRL(ssl, crlPemDir, WOLFSSL_FILETYPE_PEM, crlFlags)
-                            != WOLFSSL_SUCCESS)
-            err_sys_ex(runWithErrors, "unable to load CRL");
-        if (wolfSSL_SetCRL_Cb(ssl, CRL_CallBack) != WOLFSSL_SUCCESS)
-            err_sys_ex(runWithErrors, "unable to set CRL callback url");
-    }
-#endif
 #ifdef HAVE_OCSP
         if (useOcsp) {
             if (ocspUrl != NULL) {
@@ -3285,6 +3334,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
     }
 #endif /* WOLFSSL_DTLS_CID */
 
+#ifdef WOLFSSL_DTLS_CH_FRAG
+    if (doDTLS)
+        wolfSSL_dtls13_allow_ch_frag(ssl, 1);
+#endif
+
 #ifndef WOLFSSL_CALLBACKS
         if (nonBlocking) {
             #ifdef WOLFSSL_DTLS
@@ -3304,7 +3358,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                     err = 0; /* reset error */
                     ret = wolfSSL_read_early_data(ssl, input, sizeof(input)-1,
                                                                           &len);
-                    if (ret != WOLFSSL_SUCCESS) {
+                    if (ret <= 0) {
                         err = SSL_get_error(ssl, 0);
                     #ifdef WOLFSSL_ASYNC_CRYPT
                         if (err == WC_PENDING_E) {
@@ -3338,7 +3392,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
             } while (err == WC_PENDING_E);
         }
 #else
-        (void)nonBlocking;
+        if (nonBlocking) {
+            #ifdef WOLFSSL_DTLS
+            if (doDTLS) {
+                wolfSSL_dtls_set_using_nonblock(ssl, 1);
+            }
+            #endif
+            tcp_set_nonblocking(&clientfd);
+        }
         ret = NonBlockingSSL_Accept(ssl);
 #endif
 #ifdef WOLFSSL_EARLY_DATA
@@ -3346,8 +3407,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #endif
         if (ret != WOLFSSL_SUCCESS) {
             err = SSL_get_error(ssl, 0);
-            fprintf(stderr, "SSL_accept error %d, %s\n", err,
-                                                ERR_error_string(err, buffer));
+            LOG_ERROR("SSL_accept error %d, %s\n", err,
+                                            ERR_error_string(err, buffer));
             if (!exitWithRet) {
                 err_sys_ex(runWithErrors, "SSL_accept failed");
             } else {
@@ -3560,7 +3621,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                     }
                     if (ret != WOLFSSL_SUCCESS) {
                         err = wolfSSL_get_error(ssl, 0);
-                        fprintf(stderr,
+                        LOG_ERROR(
                             "wolfSSL_Rehandshake error %d, %s\n", err,
                             wolfSSL_ERR_error_string(err, buffer));
                         wolfSSL_free(ssl); ssl = NULL;
@@ -3620,10 +3681,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
 #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
             if (sendTicket) {
                 if (wolfSSL_send_SessionTicket(ssl) != WOLFSSL_SUCCESS) {
-                    fprintf(stderr, "Sending new session ticket failed\n");
+                    LOG_ERROR("Sending new session ticket failed\n");
                 }
                 else {
-                    fprintf(stderr, "New session ticket sent\n");
+                    LOG_ERROR("New session ticket sent\n");
                 }
             }
 #endif
@@ -3692,12 +3753,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
                     break;
                 }
                 else if (ret != WOLFSSL_SHUTDOWN_NOT_DONE) {
-                    fprintf(stderr, "Bidirectional shutdown failed\n");
+                    LOG_ERROR("Bidirectional shutdown failed\n");
                     break;
                 }
             }
             if (ret != WOLFSSL_SUCCESS)
-                fprintf(stderr, "Bidirectional shutdown failed\n");
+                LOG_ERROR("Bidirectional shutdown failed\n");
         }
 
         /* display collected statistics */
@@ -3705,8 +3766,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
         if (wolfSSL_is_static_memory(ssl, &ssl_stats) != 1)
             err_sys_ex(runWithErrors, "static memory was not used with ssl");
 
-        fprintf(stderr, "\nprint off SSL memory stats\n");
-        fprintf(stderr, "*** This is memory state before wolfSSL_free is "
+        LOG_ERROR("\nprint off SSL memory stats\n");
+        LOG_ERROR("*** This is memory state before wolfSSL_free is "
                 "called\n");
         wolfSSL_PrintStatsConn(&ssl_stats);
 
@@ -3722,8 +3783,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
         resumeCount = 0;
 
         cnt++;
-        if (loops > 0 && --loops == 0) {
-            break;  /* out of while loop, done with normal and resume option */
+        if (loops > 0) {
+            if (--loops == 0) {
+                break;  /* out of while loop, done with normal and resume
+                         * option
+                         */
+            }
         }
     } /* while(1) */
 
@@ -3746,7 +3811,7 @@ exit:
     wolfsentry_ret =
         wolfsentry_shutdown(WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(&wolfsentry, NULL));
     if (wolfsentry_ret < 0) {
-        fprintf(stderr,
+        LOG_ERROR(
                 "wolfsentry_shutdown() returned " WOLFSENTRY_ERROR_FMT "\n",
                 WOLFSENTRY_ERROR_FMT_ARGS(wolfsentry_ret));
     }
@@ -3785,9 +3850,7 @@ exit:
 #if defined(WOLFSSL_CALLBACKS) && defined(WOLFSSL_EARLY_DATA)
     (void) earlyData;
 #endif
-#ifndef WOLFSSL_TIRTOS
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 #endif /* !NO_WOLFSSL_SERVER */
@@ -3807,7 +3870,7 @@ exit:
         args.argv = argv;
         args.signal = &ready;
         args.return_code = 0;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
         args.srtp_helper = NULL;
 #endif
         InitTcpReady(&ready);
diff --git a/extra/wolfssl/wolfssl/examples/server/server.h b/extra/wolfssl/wolfssl/examples/server/server.h
index dbf492b1..e0c8ad7b 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.h
+++ b/extra/wolfssl/wolfssl/examples/server/server.h
@@ -27,7 +27,7 @@
 THREAD_RETURN WOLFSSL_THREAD server_test(void* args);
 
 /* Echo bytes using buffer of blockSize until [echoData] bytes are complete. */
-/* If [bechmarkThroughput] set the statistcs will be output at the end */
+/* If [benchmarkThroughput] set the statistics will be output at the end */
 int ServerEchoData(WOLFSSL* ssl, int clientfd, int echoData, int blockSize,
                    size_t benchmarkThroughput);
 
diff --git a/extra/wolfssl/wolfssl/examples/server/server.vcproj b/extra/wolfssl/wolfssl/examples/server/server.vcproj
index fef8b2a2..671ae454 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.vcproj
+++ b/extra/wolfssl/wolfssl/examples/server/server.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -117,7 +117,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../../;../../IDE/WIN"
-				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/examples/server/server.vcxproj b/extra/wolfssl/wolfssl/examples/server/server.vcxproj
index 59e1ed7f..8f11fee8 100644
--- a/extra/wolfssl/wolfssl/examples/server/server.vcxproj
+++ b/extra/wolfssl/wolfssl/examples/server/server.vcxproj
@@ -159,7 +159,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -218,7 +218,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -237,7 +237,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -259,7 +259,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -281,7 +281,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -302,7 +302,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../../;../../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/fips-check.sh b/extra/wolfssl/wolfssl/fips-check.sh
index 5902cdb4..b31b16dd 100755
--- a/extra/wolfssl/wolfssl/fips-check.sh
+++ b/extra/wolfssl/wolfssl/fips-check.sh
@@ -7,407 +7,314 @@
 # copy of our FIPS approved code.
 #
 # This should check out all the approved flavors. The command line
-# option selects the flavor.
-#
-#     $ ./fips-check [flavor] [keep]
-#
-#     - flavor: linux (default), ios, android, windows, freertos, linux-ecc, netbsd-selftest, linuxv2, fipsv2-OE-ready, stm32l4-v2, linuxv5, fips-ready, fips-dev
-#
-#     - keep: (default off) XXX-fips-test temp dir around for inspection
-#
+# option selects the flavor. The keep option keeps the output
+# directory.
+
+# These variables may be overridden on the command line.
+MAKE="${MAKE:-make}"
+GIT="${GIT:-git -c advice.detachedHead=false}"
+TEST_DIR="${TEST_DIR:-XXX-fips-test}"
+FLAVOR="${FLAVOR:-linux}"
+KEEP="${KEEP:-no}"
+FIPS_REPO="${FIPS_REPO:-git@github.com:wolfssl/fips.git}"
 
 Usage() {
     cat <<usageText
-Usage: $0 [flavor [keep]]
+Usage: $0 [flavor] [keep]
 Flavor is one of:
-    linux (default)
-    ios
-    android
-    windows
-    freertos
-    openrtos-3.9.2
-    linux-ecc
-    netbsd-selftest
-    marvell-linux-selftest
-    sgx
-    netos-7.6
     linuxv2 (FIPSv2, use for Win10)
-    stm32l4-v2 (FIPSv2, use for STM32L4)
-    wolfrand
+    fipsv2-OE-ready (ready FIPSv2)
     solaris
+    netbsd-selftest
+    marvell-linux-selftest
     linuxv5 (current FIPS 140-3)
     fips-ready (ready FIPS 140-3)
     fips-dev (dev FIPS 140-3)
-Keep (default off) retains the XXX-fips-test temp dir for inspection.
+    wolfrand
+Keep (default off) retains the temp dir $TEST_DIR for inspection.
 
 Example:
     $0 windows keep
 usageText
 }
 
-MAKE='make'
-
-LINUX_FIPS_VERSION=v3.2.6
-LINUX_FIPS_REPO=git@github.com:wolfSSL/fips.git
-LINUX_CRYPT_VERSION=v3.2.6
-LINUX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-LINUX_ECC_FIPS_VERSION=v3.10.3
-LINUX_ECC_FIPS_REPO=git@github.com:wolfSSL/fips.git
-LINUX_ECC_CRYPT_VERSION=v3.2.6
-LINUX_ECC_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-IOS_FIPS_VERSION=v3.4.8a
-IOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-IOS_CRYPT_VERSION=v3.4.8.fips
-IOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-ANDROID_FIPS_VERSION=v3.5.0
-ANDROID_FIPS_REPO=git@github.com:wolfSSL/fips.git
-ANDROID_CRYPT_VERSION=v3.5.0
-ANDROID_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-WINDOWS_FIPS_VERSION=v3.6.6
-WINDOWS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-WINDOWS_CRYPT_VERSION=v3.6.6
-WINDOWS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-FREERTOS_FIPS_VERSION=v3.6.1-FreeRTOS
-FREERTOS_FIPS_REPO=git@github.com:wolfSSL/fips.git
-FREERTOS_CRYPT_VERSION=v3.6.1
-FREERTOS_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-OPENRTOS_3_9_2_FIPS_VERSION=v3.9.2-OpenRTOS
-OPENRTOS_3_9_2_FIPS_REPO=git@github.com:wolfSSL/fips.git
-OPENRTOS_3_9_2_CRYPT_VERSION=v3.6.1
-OPENRTOS_3_9_2_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-#NOTE: Does not include the SGX examples yet, update version once fipsv2 is
-#      finished and merge conflicts can be resolved. This will be tagged as
-#      v3.12.4.sgx-examples
-#SGX_FIPS_VERSION=v3.12.4.sgx-examples
-SGX_FIPS_VERSION=v3.6.6
-SGX_FIPS_REPO=git@github.com:wolfSSL/fips.git
-SGX_CRYPT_VERSION=v3.12.4
-SGX_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-NETOS_7_6_FIPS_VERSION=v3.12.6
-NETOS_7_6_FIPS_REPO=git@github.com:wolfSSL/fips.git
-NETOS_7_6_CRYPT_VERSION=v3.12.4
-NETOS_7_6_CRYPT_REPO=git@github.com:cyassl/cyassl.git
-
-# non-FIPS, CAVP only but pull in selftest
-# will reset above variables below in flavor switch
-NETBSD_FIPS_VERSION=v3.14.2b
-NETBSD_FIPS_REPO=git@github.com:wolfssl/fips.git
-NETBSD_CRYPT_VERSION=v3.14.2
-NETBSD_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
-
-# non-FIPS, CAVP only but pull in selftest
-# will reset above variables below in flavor switch
-MARVELL_LINUX_FIPS_VERSION=v3.14.2b
-MARVELL_LINUX_FIPS_REPO=git@github.com:wolfssl/fips.git
-MARVELL_LINUX_CRYPT_VERSION=v4.1.0-stable
-MARVELL_LINUX_CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
-
-STM32L4_V2_FIPS_VERSION=WCv4.0.1-stable
-STM32L4_V2_FIPS_REPO=git@github.com:wolfSSL/fips.git
-STM32L4_V2_CRYPT_VERSION=WCv4.0.1-stable
-
-FIPS_SRCS=( fips.c fips_test.c )
-WC_MODS=( aes des3 sha sha256 sha512 rsa hmac random aes_asm )
-TEST_DIR=XXX-fips-test
-CRYPT_INC_PATH=cyassl/ctaocrypt
-CRYPT_SRC_PATH=ctaocrypt/src
-RNG_VERSION=v3.6.0
-FIPS_OPTION=v1
-CAVP_SELFTEST_ONLY="no"
-GIT="git -c advice.detachedHead=false"
-
-if [ "$1" == "" ]; then FLAVOR="linux"; else FLAVOR="$1"; fi
-
-if [ "$2" == "keep" ]; then KEEP="yes"; else KEEP="no"; fi
+while [ "$1" ]; do
+  if [ "$1" = 'keep' ]; then KEEP='yes'; else FLAVOR="$1"; fi
+  shift
+done
 
 case "$FLAVOR" in
-ios)
-  FIPS_VERSION=$IOS_FIPS_VERSION
-  FIPS_REPO=$IOS_FIPS_REPO
-  CRYPT_VERSION=$IOS_CRYPT_VERSION
-  CRYPT_REPO=$IOS_CRYPT_REPO
-  ;;
-android)
-  FIPS_VERSION=$ANDROID_FIPS_VERSION
-  FIPS_REPO=$ANDROID_FIPS_REPO
-  CRYPT_VERSION=$ANDROID_CRYPT_VERSION
-  CRYPT_REPO=$ANDROID_CRYPT_REPO
-  ;;
-windows)
-  FIPS_VERSION=$WINDOWS_FIPS_VERSION
-  FIPS_REPO=$WINDOWS_FIPS_REPO
-  CRYPT_VERSION=$WINDOWS_CRYPT_VERSION
-  CRYPT_REPO=$WINDOWS_CRYPT_REPO
-  ;;
-freertos)
-  FIPS_VERSION=$FREERTOS_FIPS_VERSION
-  FIPS_REPO=$FREERTOS_FIPS_REPO
-  CRYPT_VERSION=$FREERTOS_CRYPT_VERSION
-  CRYPT_REPO=$FREERTOS_CRYPT_REPO
-  ;;
-openrtos-3.9.2)
-  FIPS_VERSION=$OPENRTOS_3_9_2_FIPS_VERSION
-  FIPS_REPO=$OPENRTOS_3_9_2_FIPS_REPO
-  CRYPT_VERSION=$OPENRTOS_3_9_2_CRYPT_VERSION
-  CRYPT_REPO=$OPENRTOS_3_9_2_CRYPT_REPO
-  FIPS_CONFLICTS=( aes hmac random sha256 )
-  ;;
-linux)
-  FIPS_VERSION=$LINUX_FIPS_VERSION
-  FIPS_REPO=$LINUX_FIPS_REPO
-  CRYPT_VERSION=$LINUX_CRYPT_VERSION
-  CRYPT_REPO=$LINUX_CRYPT_REPO
-  ;;
-linux-ecc)
-  FIPS_VERSION=$LINUX_ECC_FIPS_VERSION
-  FIPS_REPO=$LINUX_ECC_FIPS_REPO
-  CRYPT_VERSION=$LINUX_ECC_CRYPT_VERSION
-  CRYPT_REPO=$LINUX_ECC_CRYPT_REPO
-  ;;
-linuxv2 | fipsv2-OE-ready)
-  FIPS_VERSION=WCv4-stable
-  FIPS_REPO=git@github.com:wolfssl/fips.git
-  CRYPT_VERSION=WCv4-stable
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  WC_MODS+=( cmac dh ecc sha3 )
-  RNG_VERSION=WCv4-rng-stable
-  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=v2
+linuxv2|fipsv2-OE-ready|solaris)
+  FIPS_OPTION='v2'
+  FIPS_FILES=(
+    'wolfcrypt/src/fips.c:WCv4-stable'
+    'wolfcrypt/src/fips_test.c:WCv4-stable'
+    'wolfcrypt/src/wolfcrypt_first.c:WCv4-stable'
+    'wolfcrypt/src/wolfcrypt_last.c:WCv4-stable'
+    'wolfssl/wolfcrypt/fips.h:WCv4-stable'
+  )
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/aes.c:WCv4-stable'
+    'wolfcrypt/src/aes_asm.asm:WCv4-stable'
+    'wolfcrypt/src/aes_asm.S:WCv4-stable'
+    'wolfcrypt/src/cmac.c:WCv4-stable'
+    'wolfcrypt/src/des3.c:WCv4-stable'
+    'wolfcrypt/src/dh.c:WCv4-stable'
+    'wolfcrypt/src/ecc.c:WCv4-stable'
+    'wolfcrypt/src/hmac.c:WCv4-stable'
+    'wolfcrypt/src/random.c:WCv4-rng-stable'
+    'wolfcrypt/src/rsa.c:WCv4-stable'
+    'wolfcrypt/src/sha.c:WCv4-stable'
+    'wolfcrypt/src/sha256.c:WCv4-stable'
+    'wolfcrypt/src/sha3.c:WCv4-stable'
+    'wolfcrypt/src/sha512.c:WCv4-stable'
+    'wolfssl/wolfcrypt/aes.h:WCv4-stable'
+    'wolfssl/wolfcrypt/cmac.h:WCv4-stable'
+    'wolfssl/wolfcrypt/des3.h:WCv4-stable'
+    'wolfssl/wolfcrypt/dh.h:WCv4-stable'
+    'wolfssl/wolfcrypt/ecc.h:WCv4-stable'
+    'wolfssl/wolfcrypt/hmac.h:WCv4-stable'
+    'wolfssl/wolfcrypt/random.h:WCv4-rng-stable'
+    'wolfssl/wolfcrypt/rsa.h:WCv4-stable'
+    'wolfssl/wolfcrypt/sha.h:WCv4-stable'
+    'wolfssl/wolfcrypt/sha256.h:WCv4-stable'
+    'wolfssl/wolfcrypt/sha3.h:WCv4-stable'
+    'wolfssl/wolfcrypt/sha512.h:WCv4-stable'
+  )
+  if [ "$FLAVOR" = 'solaris' ]; then MAKE='gmake'; fi
   ;;
 netbsd-selftest)
-  FIPS_VERSION=$NETBSD_FIPS_VERSION
-  FIPS_REPO=$NETBSD_FIPS_REPO
-  CRYPT_VERSION=$NETBSD_CRYPT_VERSION
-  CRYPT_REPO=$NETBSD_CRYPT_REPO
-  FIPS_SRCS=( selftest.c )
-  WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  CAVP_SELFTEST_ONLY="yes"
+  # non-FIPS, CAVP only but pull in selftest
+  FIPS_OPTION='cavp-selftest'
+  FIPS_FILES=('wolfcrypt/src/selftest.c:v3.14.2b')
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/aes.c:v3.14.2'
+    'wolfcrypt/src/dh.c:v3.14.2'
+    'wolfcrypt/src/dsa.c:v3.14.2'
+    'wolfcrypt/src/ecc.c:v3.14.2'
+    'wolfcrypt/src/hmac.c:v3.14.2'
+    'wolfcrypt/src/random.c:v3.14.2'
+    'wolfcrypt/src/rsa.c:v3.14.2'
+    'wolfcrypt/src/sha.c:v3.14.2'
+    'wolfcrypt/src/sha256.c:v3.14.2'
+    'wolfcrypt/src/sha512.c:v3.14.2'
+    'wolfssl/wolfcrypt/aes.h:v3.14.2'
+    'wolfssl/wolfcrypt/dh.h:v3.14.2'
+    'wolfssl/wolfcrypt/dsa.h:v3.14.2'
+    'wolfssl/wolfcrypt/ecc.h:v3.14.2'
+    'wolfssl/wolfcrypt/hmac.h:v3.14.2'
+    'wolfssl/wolfcrypt/random.h:v3.14.2'
+    'wolfssl/wolfcrypt/rsa.h:v3.14.2'
+    'wolfssl/wolfcrypt/sha.h:v3.14.2'
+    'wolfssl/wolfcrypt/sha256.h:v3.14.2'
+    'wolfssl/wolfcrypt/sha512.h:v3.14.2'
+  )
   ;;
 marvell-linux-selftest)
-  FIPS_VERSION=$MARVELL_LINUX_FIPS_VERSION
-  FIPS_REPO=$MARVELL_LINUX_FIPS_REPO
-  CRYPT_VERSION=$MARVELL_LINUX_CRYPT_VERSION
-  CRYPT_REPO=$MARVELL_LINUX_CRYPT_REPO
-  FIPS_SRCS=( selftest.c )
-  WC_MODS=( dh ecc rsa dsa aes sha sha256 sha512 hmac random )
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  CAVP_SELFTEST_ONLY="yes"
-  CAVP_SELFTEST_OPTION=v2
+  # non-FIPS, CAVP only but pull in selftest
+  FIPS_OPTION='cavp-selftest-v2'
+  FIPS_FILES=('wolfcrypt/src/selftest.c:v3.14.2b')
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/aes.c:v4.1.0-stable'
+    'wolfcrypt/src/dh.c:v4.1.0-stable'
+    'wolfcrypt/src/dsa.c:v4.1.0-stable'
+    'wolfcrypt/src/ecc.c:v4.1.0-stable'
+    'wolfcrypt/src/hmac.c:v4.1.0-stable'
+    'wolfcrypt/src/random.c:v4.1.0-stable'
+    'wolfcrypt/src/rsa.c:v4.1.0-stable'
+    'wolfcrypt/src/sha.c:v4.1.0-stable'
+    'wolfcrypt/src/sha256.c:v4.1.0-stable'
+    'wolfcrypt/src/sha512.c:v4.1.0-stable'
+    'wolfssl/wolfcrypt/aes.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/dh.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/dsa.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/ecc.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/hmac.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/random.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/rsa.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/sha.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/sha256.h:v4.1.0-stable'
+    'wolfssl/wolfcrypt/sha512.h:v4.1.0-stable'
+  )
   ;;
-sgx)
-  FIPS_VERSION=$SGX_FIPS_VERSION
-  FIPS_REPO=$SGX_FIPS_REPO
-  CRYPT_VERSION=$SGX_CRYPT_VERSION
-  CRYPT_REPO=$SGX_CRYPT_REPO
-  ;;
-netos-7.6)
-  FIPS_VERSION=$NETOS_7_6_FIPS_VERSION
-  FIPS_REPO=$NETOS_7_6_FIPS_REPO
-  CRYPT_VERSION=$NETOS_7_6_CRYPT_VERSION
-  CRYPT_REPO=$NETOS_7_6_CRYPT_REPO
-  ;;
-
 linuxv5)
-  FIPS_REPO="git@github.com:wolfSSL/fips.git"
-  FIPS_VERSION="WCv5.0-RC12"
-  CRYPT_REPO="git@github.com:wolfSSL/wolfssl.git"
-  CRYPT_VERSION="WCv5.0-RC12"
-  CRYPT_INC_PATH="wolfssl/wolfcrypt"
-  CRYPT_SRC_PATH="wolfcrypt/src"
-  WC_MODS=( aes sha sha256 sha512 rsa hmac random cmac dh ecc sha3 kdf
-            aes_asm sha256_asm sha512_asm )
-  RNG_VERSION="WCv5.0-RC12"
-  FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION="v5"
-  COPY_DIRECT=( wolfcrypt/src/aes_gcm_asm.S )
+  FIPS_OPTION='v5'
+  FIPS_FILES=(
+    'wolfcrypt/src/fips.c:WCv5.0-RC12'
+    'wolfcrypt/src/fips_test.c:WCv5.0-RC12'
+    'wolfcrypt/src/wolfcrypt_first.c:WCv5.0-RC12'
+    'wolfcrypt/src/wolfcrypt_last.c:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/fips.h:WCv5.0-RC12'
+  )
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/aes.c:WCv5.0-RC12'
+    'wolfcrypt/src/aes_asm.asm:WCv5.0-RC12'
+    'wolfcrypt/src/aes_asm.S:WCv5.0-RC12'
+    'wolfcrypt/src/aes_gcm_asm.S:WCv5.0-RC12'
+    'wolfcrypt/src/cmac.c:WCv5.0-RC12'
+    'wolfcrypt/src/dh.c:WCv5.0-RC12'
+    'wolfcrypt/src/ecc.c:WCv5.0-RC12'
+    'wolfcrypt/src/hmac.c:WCv5.0-RC12'
+    'wolfcrypt/src/kdf.c:WCv5.0-RC12'
+    'wolfcrypt/src/random.c:WCv5.0-RC12'
+    'wolfcrypt/src/rsa.c:WCv5.0-RC12'
+    'wolfcrypt/src/sha.c:WCv5.0-RC12'
+    'wolfcrypt/src/sha256.c:WCv5.0-RC12'
+    'wolfcrypt/src/sha256_asm.S:WCv5.0-RC12'
+    'wolfcrypt/src/sha3.c:WCv5.0-RC12'
+    'wolfcrypt/src/sha512.c:WCv5.0-RC12'
+    'wolfcrypt/src/sha512_asm.S:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/aes.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/cmac.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/dh.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/ecc.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/fips_test.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/hmac.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/kdf.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/random.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/rsa.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/sha.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/sha256.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/sha3.h:WCv5.0-RC12'
+    'wolfssl/wolfcrypt/sha512.h:WCv5.0-RC12'
+  )
   ;;
-fips-ready)
-  FIPS_REPO="git@github.com:wolfSSL/fips.git"
-  FIPS_VERSION="master"
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  FIPS_SRCS=( fips.c fips_test.c wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=ready
+linuxv5.2.1)
+  FIPS_OPTION='v5'
+  FIPS_FILES=(
+    'wolfcrypt/src/fips.c:v5.2.1-stable'
+    'wolfcrypt/src/fips_test.c:v5.2.1-stable'
+    'wolfcrypt/src/wolfcrypt_first.c:v5.2.1-stable'
+    'wolfcrypt/src/wolfcrypt_last.c:v5.2.1-stable'
+    'wolfssl/wolfcrypt/fips.h:v5.2.1-stable'
+  )
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/aes.c:v5.2.1-stable'
+    'wolfcrypt/src/aes_asm.asm:v5.2.1-stable'
+    'wolfcrypt/src/aes_asm.S:v5.2.1-stable'
+    'wolfcrypt/src/aes_gcm_asm.S:v5.2.1-stable'
+    'wolfcrypt/src/cmac.c:v5.2.1-stable'
+    'wolfcrypt/src/dh.c:v5.2.1-stable'
+    'wolfcrypt/src/ecc.c:v5.2.1-stable'
+    'wolfcrypt/src/hmac.c:v5.2.1-stable'
+    'wolfcrypt/src/kdf.c:v5.2.1-stable'
+    'wolfcrypt/src/random.c:v5.2.1-stable'
+    'wolfcrypt/src/rsa.c:v5.2.1-stable'
+    'wolfcrypt/src/sha.c:v5.2.1-stable'
+    'wolfcrypt/src/sha256.c:v5.2.1-stable'
+    'wolfcrypt/src/sha256_asm.S:v5.2.1-stable'
+    'wolfcrypt/src/sha3.c:v5.2.1-stable'
+    'wolfcrypt/src/sha512.c:v5.2.1-stable'
+    'wolfcrypt/src/sha512_asm.S:v5.2.1-stable'
+    'wolfssl/wolfcrypt/aes.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/cmac.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/dh.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/ecc.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/fips_test.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/hmac.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/kdf.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/random.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/rsa.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/sha.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/sha256.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/sha3.h:v5.2.1-stable'
+    'wolfssl/wolfcrypt/sha512.h:v5.2.1-stable'
+  )
   ;;
-fips-dev)
-  FIPS_REPO="git@github.com:wolfSSL/fips.git"
-  FIPS_VERSION="master"
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=dev
-  ;;
-
-stm32l4-v2)
-  FIPS_VERSION=$STM32L4_V2_FIPS_VERSION
-  FIPS_REPO=$STM32L4_V2_FIPS_REPO
-  CRYPT_VERSION=$STM32L4_V2_CRYPT_VERSION
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-# Replace the WC_MODS list for now. Do not want to copy over random.c yet.
-  WC_MODS=( aes des3 sha sha256 sha512 rsa hmac )
-  WC_MODS+=( cmac dh ecc )
-  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=v2
+fips-ready|fips-dev)
+  FIPS_OPTION='ready'
+  FIPS_FILES=(
+    'wolfcrypt/src/fips.c:master'
+    'wolfcrypt/src/fips_test.c:master'
+    'wolfcrypt/src/wolfcrypt_first.c:master'
+    'wolfcrypt/src/wolfcrypt_last.c:master'
+    'wolfssl/wolfcrypt/fips.h:master'
+  )
+  WOLFCRYPT_FILES=()
+  if [ "$FLAVOR" = 'fips-dev' ]; then FIPS_OPTION='dev'; fi
   ;;
 wolfrand)
-  FIPS_REPO=git@github.com:wolfssl/fips.git
-  FIPS_VERSION=WRv4-stable
-  CRYPT_REPO=git@github.com:wolfssl/wolfssl.git
-  CRYPT_VERSION=WCv4-stable
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  RNG_VERSION=WCv4-rng-stable
-  WC_MODS=( hmac sha256 random )
-  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=rand
-  ;;
-solaris)
-  FIPS_VERSION=WCv4-stable
-  FIPS_REPO=git@github.com:wolfssl/fips.git
-  CRYPT_VERSION=WCv4-stable
-  CRYPT_INC_PATH=wolfssl/wolfcrypt
-  CRYPT_SRC_PATH=wolfcrypt/src
-  WC_MODS+=( cmac dh ecc sha3 )
-  RNG_VERSION=WCv4-rng-stable
-  FIPS_SRCS+=( wolfcrypt_first.c wolfcrypt_last.c )
-  FIPS_INCS=( fips.h )
-  FIPS_OPTION=v2
-  MAKE=gmake
+  FIPS_OPTION='rand'
+  FIPS_FILES=(
+    'wolfcrypt/src/fips.c:WRv4-stable'
+    'wolfcrypt/src/fips_test.c:WRv4-stable'
+    'wolfcrypt/src/wolfcrypt_first.c:WRv4-stable'
+    'wolfcrypt/src/wolfcrypt_last.c:WRv4-stable'
+    'wolfssl/wolfcrypt/fips.h:WRv4-stable'
+  )
+  WOLFCRYPT_FILES=(
+    'wolfcrypt/src/hmac.c:WCv4-stable'
+    'wolfcrypt/src/random.c:WCv4-rng-stable'
+    'wolfcrypt/src/sha256.c:WCv4-stable'
+    'wolfssl/wolfcrypt/hmac.h:WCv4-stable'
+    'wolfssl/wolfcrypt/random.h:WCv4-rng-stable'
+    'wolfssl/wolfcrypt/sha256.h:WCv4-stable'
+  )
   ;;
-
 *)
   Usage
   exit 1
 esac
 
-if ! $GIT clone . "$TEST_DIR"; then
-    echo "fips-check: Couldn't duplicate current working directory."
-    exit 1
-fi
-
-pushd "$TEST_DIR" || exit 2
-
-case "$FIPS_OPTION" in
-
-*dev)
-    echo "Don't need to copy in tagged wolfCrypt files for fips-dev."
-    ;;
-
-*ready)
-    echo "Don't need to copy in tagged wolfCrypt files for FIPS Ready."
-    ;;
-
-v1)
-    # make a clone of the last FIPS release tag
-    if ! $GIT clone --depth 1 -b "$CRYPT_VERSION" "$CRYPT_REPO" old-tree; then
-        echo "fips-check: Couldn't checkout the FIPS release."
-        exit 1
-    fi
-
-    for MOD in "${WC_MODS[@]}"
-    do
-        cp "old-tree/$CRYPT_SRC_PATH/${MOD}.c" "$CRYPT_SRC_PATH"
-        cp "old-tree/$CRYPT_INC_PATH/${MOD}.h" "$CRYPT_INC_PATH"
-    done
-
-    # We are using random.c from a separate release.
-    # This is forcefully overwriting any other checkout of the cyassl sources.
-    # Removing this as default behavior for SGX and netos projects.
-    if [ "$CAVP_SELFTEST_ONLY" == "no" ] && [ "$FLAVOR" != "sgx" ] && \
-       [ "$FLAVOR" != "netos-7.6" ];
-    then
-        pushd old-tree || exit 2
-        $GIT fetch origin "$RNG_VERSION" || exit $?
-        $GIT checkout FETCH_HEAD || exit $?
-        popd || exit 2
-        cp "old-tree/$CRYPT_SRC_PATH/random.c" "$CRYPT_SRC_PATH"
-        cp "old-tree/$CRYPT_INC_PATH/random.h" "$CRYPT_INC_PATH"
-    fi
-    ;;
-
-v2|rand|v5*)
-    $GIT branch --no-track "my$CRYPT_VERSION" "$CRYPT_VERSION" || exit $?
-    # Checkout the fips versions of the wolfCrypt files from the repo.
-    for MOD in "${WC_MODS[@]}"
+# checkout_files takes an array of pairs of file paths and git tags to
+# checkout. It will check to see if mytag exists and if not will make that
+# tag a branch.
+function checkout_files() {
+    local name
+    local tag
+    for file_entry in "$@"
     do
-        if [ -f "$CRYPT_SRC_PATH/$MOD.c" ]; then
-            $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.c" || exit $?
-        fi
-        # aes_asm.S, sha256_asm.S sha512_asm.S
-        if [ -f "$CRYPT_SRC_PATH/$MOD.S" ]; then
-            echo "Checking out asm file: $MOD.S"
-            $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.S" || exit $?
-        fi
-        # aes_asm.asm
-        if [ -f "$CRYPT_SRC_PATH/$MOD.asm" ]; then
-            echo "Checking out asm file: $MOD.asm"
-            $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_SRC_PATH/$MOD.asm" || exit $?
-        fi
-        if [ -f "$CRYPT_INC_PATH/$MOD.h" ]; then
-            $GIT checkout "my$CRYPT_VERSION" -- "$CRYPT_INC_PATH/$MOD.h" || exit $?
+        name=${file_entry%%:*}
+        tag=${file_entry#*:}
+        if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
+        then
+            $GIT branch --no-track "my$tag" "$tag" || exit $?
         fi
+        $GIT checkout "my$tag" -- "$name" || exit $?
     done
+}
 
-    for MOD in "${COPY_DIRECT[@]}"
+# copy_fips_files takes an array of pairs of file paths and git tags to
+# checkout. It will check to see if mytag exists and if now will make that
+# tag a branch.  It breaks the filepath apart into file name and path, then
+# copies it from the file from the fips directory to the path.
+function copy_fips_files() {
+    local name
+    local bname
+    local dname
+    local tag
+    for file_entry in "$@"
     do
-        $GIT checkout "my$CRYPT_VERSION" -- "$MOD" || exit $?
+        name=${file_entry%%:*}
+        tag=${file_entry#*:}
+        bname=$(basename "$name")
+        dname=$(dirname "$name")
+        if ! $GIT rev-parse -q --verify "my$tag" >/dev/null
+        then
+            $GIT branch --no-track "my$tag" "$tag" || exit $?
+        fi
+        $GIT checkout "my$tag" -- "$bname" || exit $?
+        cp "$bname" "../$dname"
     done
+}
 
-    $GIT branch --no-track "myrng$RNG_VERSION" "$RNG_VERSION" || exit $?
-    # Checkout the fips versions of the wolfCrypt files from the repo.
-    $GIT checkout "myrng$RNG_VERSION" -- "$CRYPT_SRC_PATH/random.c" "$CRYPT_INC_PATH/random.h" || exit $?
-    ;;
-
-*)
-    echo "fips-check: Invalid FIPS option \"${FIPS_OPTION}\"."
+if ! $GIT clone . "$TEST_DIR"; then
+    echo "fips-check: Couldn't duplicate current working directory."
     exit 1
-    ;;
-esac
+fi
 
-# clone the FIPS repository
-case "$FIPS_OPTION" in
-    *dev)
-        if ! $GIT clone --depth 1 "$FIPS_REPO" fips; then
-            echo "fips-check: Couldn't check out the FIPS repository for fips-dev."
-            exit 1
-        fi
-        ;;
-    *)
-        if ! $GIT clone --depth 1 -b "$FIPS_VERSION" "$FIPS_REPO" fips; then
-            echo "fips-check: Couldn't check out ${FIPS_VERSION} from repository ${FIPS_REPO}."
-            exit 1
-        fi
-        ;;
-esac
+pushd "$TEST_DIR" || exit 2
 
-for SRC in "${FIPS_SRCS[@]}"
-do
-    cp "fips/$SRC" "$CRYPT_SRC_PATH"
-done
+if ! $GIT clone "$FIPS_REPO" fips
+then
+    echo "fips-check: Couldn't check out FIPS repository."
+    exit 1
+fi
 
-for INC in "${FIPS_INCS[@]}"
-do
-    cp "fips/$INC" "$CRYPT_INC_PATH"
-done
+checkout_files "${WOLFCRYPT_FILES[@]}" || exit 3
+pushd fips || exit 2
+copy_fips_files "${FIPS_FILES[@]}" || exit 3
+popd || exit 2
 
 # When checking out cert 3389 ready code, NIST will no longer perform
 # new certifications on 140-2 modules. If we were to use the latest files from
@@ -415,62 +322,52 @@ done
 # Since OE additions can still be processed for cert3389 we will call 140-2
 # ready "fipsv2-OE-ready" indicating it is ready to use for an OE addition but
 # would not be good for a new certification effort with the latest files.
-if [ "$FLAVOR" = "fipsv2-OE-ready" ]; then
-    OLD_VERSION="    return \"v4.0.0-alpha\";"
-    OE_READY_VERSION="    return \"fipsv2-OE-ready\";"
-    cp "${CRYPT_SRC_PATH}/fips.c" "${CRYPT_SRC_PATH}/fips.c.bak"
-    sed "s/^${OLD_VERSION}/${OE_READY_VERSION}/" "${CRYPT_SRC_PATH}/fips.c.bak" >"${CRYPT_SRC_PATH}/fips.c"
+if [ "$FLAVOR" = 'fipsv2-OE-ready' ] && [ -s wolfcrypt/src/fips.c ]
+then
+    cp wolfcrypt/src/fips.c wolfcrypt/src/fips.c.bak
+    sed "s/v4.0.0-alpha/fipsv2-OE-ready/" wolfcrypt/src/fips.c.bak >wolfcrypt/src/fips.c
 fi
 
 # run the make test
 ./autogen.sh
-if [ "$CAVP_SELFTEST_ONLY" == "yes" ];
-then
-    if [ "$CAVP_SELFTEST_OPTION" == "v2" ]
-    then
-        ./configure --enable-selftest=v2
-    else
-        ./configure --enable-selftest
-    fi
-else
+
+case "$FIPS_OPTION" in
+cavp-selftest)
+    ./configure --enable-selftest
+    ;;
+cavp-selftest-v2)
+    ./configure --enable-selftest=v2
+    ;;
+*)
     ./configure --enable-fips=$FIPS_OPTION
-fi
-if ! $MAKE; then
-    echo "fips-check: Make failed. Debris left for analysis."
+    ;;
+esac
+
+if ! $MAKE
+then
+    echo 'fips-check: Make failed. Debris left for analysis.'
     exit 3
 fi
 
-if [ "$CAVP_SELFTEST_ONLY" == "no" ];
+if [ -s wolfcrypt/src/fips_test.c ]
 then
     NEWHASH=$(./wolfcrypt/test/testwolfcrypt | sed -n 's/hash = \(.*\)/\1/p')
     if [ -n "$NEWHASH" ]; then
-        cp "${CRYPT_SRC_PATH}/fips_test.c" "${CRYPT_SRC_PATH}/fips_test.c.bak"
-        sed "s/^\".*\";/\"${NEWHASH}\";/" "${CRYPT_SRC_PATH}/fips_test.c.bak" >"${CRYPT_SRC_PATH}/fips_test.c"
+        cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
+        sed "s/^\".*\";/\"${NEWHASH}\";/" wolfcrypt/src/fips_test.c.bak >wolfcrypt/src/fips_test.c
         make clean
     fi
 fi
 
-if ! $MAKE test; then
-    echo "fips-check: Test failed. Debris left for analysis."
-    exit 3
-fi
-
-if [ ${#FIPS_CONFLICTS[@]} -ne 0 ];
+if ! $MAKE check
 then
-    echo "Due to the way this package is compiled by the customer duplicate"
-    echo "source file names are an issue, renaming:"
-    for FNAME in "${FIPS_CONFLICTS[@]}"
-    do
-        echo "wolfcrypt/src/$FNAME.c to wolfcrypt/src/wc_$FNAME.c"
-        mv "./wolfcrypt/src/$FNAME.c" "./wolfcrypt/src/wc_$FNAME.c"
-    done
-    echo "Confirming files were renamed..."
-    ls -la ./wolfcrypt/src/wc_*.c
+    echo 'fips-check: Test failed. Debris left for analysis.'
+    exit 3
 fi
 
 # Clean up
 popd || exit 2
-if [ "$KEEP" == "no" ];
+if [ "$KEEP" = 'no' ];
 then
     rm -rf "$TEST_DIR"
 fi
diff --git a/extra/wolfssl/wolfssl/gencertbuf.pl b/extra/wolfssl/wolfssl/gencertbuf.pl
index 9d8a381f..5bc01887 100755
--- a/extra/wolfssl/wolfssl/gencertbuf.pl
+++ b/extra/wolfssl/wolfssl/gencertbuf.pl
@@ -19,18 +19,19 @@ my $outputFile = "./wolfssl/certs_test.h";
 # Used with HAVE_ECC && USE_CERT_BUFFERS_256
 
 my @fileList_ecc = (
-        [ "./certs/ecc-client-key.der",    "ecc_clikey_der_256" ],
-        [ "./certs/ecc-client-keyPub.der", "ecc_clikeypub_der_256" ],
-        [ "./certs/client-ecc-cert.der",   "cliecc_cert_der_256" ],
-        [ "./certs/ecc-key.der",           "ecc_key_der_256" ],
-        [ "./certs/ecc-keyPub.der",        "ecc_key_pub_der_256" ],
-        [ "./certs/server-ecc-comp.der",   "serv_ecc_comp_der_256" ],
-        [ "./certs/server-ecc-rsa.der",    "serv_ecc_rsa_der_256" ],
-        [ "./certs/server-ecc.der",        "serv_ecc_der_256" ],
-        [ "./certs/ca-ecc-key.der",        "ca_ecc_key_der_256" ],
-        [ "./certs/ca-ecc-cert.der",       "ca_ecc_cert_der_256" ],
-        [ "./certs/ca-ecc384-key.der",     "ca_ecc_key_der_384" ],
-        [ "./certs/ca-ecc384-cert.der",    "ca_ecc_cert_der_384" ]
+        [ "./certs/ecc-client-key.der",              "ecc_clikey_der_256" ],
+        [ "./certs/ecc-client-keyPub.der",           "ecc_clikeypub_der_256" ],
+        [ "./certs/client-ecc-cert.der",             "cliecc_cert_der_256" ],
+        [ "./certs/ecc-key.der",                     "ecc_key_der_256" ],
+        [ "./certs/ecc-keyPub.der",                  "ecc_key_pub_der_256" ],
+        [ "./certs/statickeys/ecc-secp256r1.der",    "ecc_secp_r1_statickey_der_256" ],
+        [ "./certs/server-ecc-comp.der",             "serv_ecc_comp_der_256" ],
+        [ "./certs/server-ecc-rsa.der",              "serv_ecc_rsa_der_256" ],
+        [ "./certs/server-ecc.der",                  "serv_ecc_der_256" ],
+        [ "./certs/ca-ecc-key.der",                  "ca_ecc_key_der_256" ],
+        [ "./certs/ca-ecc-cert.der",                 "ca_ecc_cert_der_256" ],
+        [ "./certs/ca-ecc384-key.der",               "ca_ecc_key_der_384" ],
+        [ "./certs/ca-ecc384-cert.der",              "ca_ecc_cert_der_384" ]
         );
 
 
@@ -44,6 +45,14 @@ my @fileList_ed = (
         [ "./certs/ed25519/client-ed25519-key.der", "client_ed25519_key" ]
         );
 
+# x25519 keys and certs
+# Used with USE_CERT_BUFFERS_25519 define.
+my @fileList_x = (
+        [ "./certs/statickeys/x25519.der",      "x25519_statickey_der" ],
+        [ "./certs/statickeys/x25519-pub.der",  "x25519_pub_statickey_der" ]
+        );
+
+
 # 1024-bit certs/keys to be converted
 # Used with USE_CERT_BUFFERS_1024 define.
 
@@ -68,6 +77,8 @@ my @fileList_2048 = (
         [ "./certs/client-cert.der", "client_cert_der_2048" ],
         [ "./certs/dh2048.der", "dh_key_der_2048" ],
         [ "./certs/dh-pubkey-2048.der", "dh_pub_key_der_2048" ],
+        [ "./certs/statickeys/dh-ffdhe2048.der", "dh_ffdhe_statickey_der_2048" ],
+        [ "./certs/statickeys/dh-ffdhe2048-pub.der", "dh_ffdhe_pub_statickey_der_2048" ],
         [ "./certs/dsa-pubkey-2048.der", "dsa_pub_key_der_2048" ],
         [ "./certs/dsa2048.der", "dsa_key_der_2048" ],
         [ "./certs/rsa2048.der", "rsa_key_der_2048" ],
@@ -129,6 +140,7 @@ my @fileList_sphincs = (
 
 my $num_ecc = @fileList_ecc;
 my $num_ed = @fileList_ed;
+my $num_x = @fileList_x;
 my $num_1024 = @fileList_1024;
 my $num_2048 = @fileList_2048;
 my $num_3072 = @fileList_3072;
@@ -358,6 +370,24 @@ for (my $i = 0; $i < $num_ed; $i++) {
 }
 print OUT_FILE "#endif /* HAVE_ED25519 */\n\n";
 
+
+# convert and print CURVE25519 cert/keys
+print OUT_FILE "#if defined(USE_CERT_BUFFERS_25519)\n\n";
+for (my $i = 0; $i < $num_x; $i++) {
+
+    my $fname = $fileList_x[$i][0];
+    my $sname = $fileList_x[$i][1];
+
+    print OUT_FILE "/* $fname, CURVE25519 */\n";
+    print OUT_FILE "static const unsigned char $sname\[] =\n";
+    print OUT_FILE "{\n";
+    file_to_hex($fname);
+    print OUT_FILE "};\n";
+    print OUT_FILE "static const int sizeof_$sname = sizeof($sname);\n\n";
+}
+print OUT_FILE "#endif /* USE_CERT_BUFFERS_25519 */\n\n";
+
+
 print OUT_FILE "#endif /* WOLFSSL_CERTS_TEST_H */\n\n";
 
 # close certs_test.h file
diff --git a/extra/wolfssl/wolfssl/linuxkm/Kbuild b/extra/wolfssl/wolfssl/linuxkm/Kbuild
index 3133ea8f..093a7a11 100644
--- a/extra/wolfssl/wolfssl/linuxkm/Kbuild
+++ b/extra/wolfssl/wolfssl/linuxkm/Kbuild
@@ -103,6 +103,8 @@ $(obj)/wolfcrypt/src/aes_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DIS
 $(obj)/wolfcrypt/src/aes_asm.o: OBJECT_FILES_NON_STANDARD := y
 $(obj)/wolfcrypt/src/aes_gcm_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
 $(obj)/wolfcrypt/src/aes_gcm_asm.o: OBJECT_FILES_NON_STANDARD := y
+$(obj)/wolfcrypt/src/aes_xts_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
+$(obj)/wolfcrypt/src/aes_xts_asm.o: OBJECT_FILES_NON_STANDARD := y
 $(obj)/wolfcrypt/src/sp_x86_64_asm.o: asflags-y = $(WOLFSSL_ASFLAGS) $(ASFLAGS_FPU_DISABLE_SIMD_ENABLE)
 $(obj)/wolfcrypt/src/sp_x86_64_asm.o: OBJECT_FILES_NON_STANDARD := y
 
diff --git a/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h b/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
index 2794dba6..3e738d00 100644
--- a/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
+++ b/extra/wolfssl/wolfssl/linuxkm/linuxkm_wc_port.h
@@ -133,6 +133,10 @@
              * reference to unexported __show_free_areas().
              */
             #define __show_free_areas my__show_free_areas
+            void my__show_free_areas(
+                unsigned int flags,
+                nodemask_t *nodemask,
+                int max_zone_idx);
         #endif
     #endif
     #include <linux/mm.h>
@@ -181,6 +185,7 @@
         #endif
         #ifndef SAVE_VECTOR_REGISTERS
             #define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_x86(); if (_svr_ret != 0) { fail_clause } }
+            #define SAVE_VECTOR_REGISTERS2() save_vector_registers_x86()
         #endif
         #ifndef RESTORE_VECTOR_REGISTERS
             #define RESTORE_VECTOR_REGISTERS() restore_vector_registers_x86()
@@ -189,6 +194,7 @@
         #include <asm/fpsimd.h>
         #ifndef SAVE_VECTOR_REGISTERS
             #define SAVE_VECTOR_REGISTERS(fail_clause) { int _svr_ret = save_vector_registers_arm(); if (_svr_ret != 0) { fail_clause } }
+            #define SAVE_VECTOR_REGISTERS2() save_vector_registers_arm()
         #endif
         #ifndef RESTORE_VECTOR_REGISTERS
             #define RESTORE_VECTOR_REGISTERS() restore_vector_registers_arm()
diff --git a/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template b/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
index 62d6cf1c..b8266f84 100644
--- a/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
+++ b/extra/wolfssl/wolfssl/linuxkm/module_exports.c.template
@@ -151,12 +151,14 @@
 
 #ifdef OPENSSL_EXTRA
   #ifndef WOLFCRYPT_ONLY
-    #include <wolfssl/openssl/evp.h>
+      #include <wolfssl/openssl/evp.h>
   #endif
     #include <wolfssl/openssl/rand.h>
     #include <wolfssl/openssl/hmac.h>
     #include <wolfssl/openssl/aes.h>
     #include <wolfssl/openssl/des.h>
+    #include <wolfssl/openssl/modes.h>
+    #include <wolfssl/openssl/rc4.h>
 #endif
 
 #if defined(NO_FILESYSTEM)
diff --git a/extra/wolfssl/wolfssl/linuxkm/module_hooks.c b/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
index fb7f1142..5b513374 100644
--- a/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
+++ b/extra/wolfssl/wolfssl/linuxkm/module_hooks.c
@@ -508,11 +508,11 @@ static int set_up_wolfssl_linuxkm_pie_redirect_table(void) {
 
 #include <wolfssl/wolfcrypt/coding.h>
 
-PRAGMA_GCC_DIAG_PUSH;
-PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"");
-PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"");
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wnested-externs\"")
+PRAGMA_GCC("GCC diagnostic ignored \"-Wpointer-arith\"")
 #include <crypto/hash.h>
-PRAGMA_GCC_DIAG_POP;
+PRAGMA_GCC_DIAG_POP
 
 extern char verifyCore[WC_SHA256_DIGEST_SIZE*2 + 1];
 extern const char coreKey[WC_SHA256_DIGEST_SIZE*2 + 1];
diff --git a/extra/wolfssl/wolfssl/mcapi/crypto.h b/extra/wolfssl/wolfssl/mcapi/crypto.h
index 979d6500..45111930 100644
--- a/extra/wolfssl/wolfssl/mcapi/crypto.h
+++ b/extra/wolfssl/wolfssl/mcapi/crypto.h
@@ -173,9 +173,9 @@ enum {
 typedef struct CRYPT_AES_CTX {
     /* big enough to hold internal, but check on init */
     #ifdef WOLF_PRIVATE_KEY_ID
-    int holder[108];
+    int holder[110];
     #else
-    int holder[90];
+    int holder[92];
     #endif
 } CRYPT_AES_CTX;
 
diff --git a/extra/wolfssl/wolfssl/mcapi/mcapi_test.c b/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
index 3e79de2f..7e5acbc0 100644
--- a/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
+++ b/extra/wolfssl/wolfssl/mcapi/mcapi_test.c
@@ -311,7 +311,7 @@ static int check_sha256(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
-        printf("sha256 final memcmp fialed\n");
+        printf("sha256 final memcmp failed\n");
         return -1;
     }
     printf("sha256      mcapi test passed\n");
@@ -351,7 +351,7 @@ static int check_sha384(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
-        printf("sha384 final memcmp fialed\n");
+        printf("sha384 final memcmp failed\n");
         return -1;
     }
     printf("sha384      mcapi test passed\n");
@@ -391,7 +391,7 @@ static int check_sha512(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
-        printf("sha512 final memcmp fialed\n");
+        printf("sha512 final memcmp failed\n");
         return -1;
     }
     printf("sha512      mcapi test passed\n");
@@ -434,7 +434,7 @@ static int check_hmac(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) {
-        printf("hmac sha final memcmp fialed\n");
+        printf("hmac sha final memcmp failed\n");
         return -1;
     }
     printf("hmac sha    mcapi test passed\n");
@@ -462,7 +462,7 @@ static int check_hmac(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) {
-        printf("hmac sha256 final memcmp fialed\n");
+        printf("hmac sha256 final memcmp failed\n");
         return -1;
     }
     printf("hmac sha256 mcapi test passed\n");
@@ -490,7 +490,7 @@ static int check_hmac(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) {
-        printf("hmac sha384 final memcmp fialed\n");
+        printf("hmac sha384 final memcmp failed\n");
         return -1;
     }
     printf("hmac sha384 mcapi test passed\n");
@@ -518,7 +518,7 @@ static int check_hmac(void)
     }
 
     if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) {
-        printf("hmac sha512 final memcmp fialed\n");
+        printf("hmac sha512 final memcmp failed\n");
         return -1;
     }
     printf("hmac sha512 mcapi test passed\n");
diff --git a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
index c7ce08bc..47943b54 100644
--- a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
+++ b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.c
@@ -134,8 +134,8 @@ int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle,
 }
 
 int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
-		         MQX_FILE_PTR *filesystem_handle,
-		         char *partman_name, char *filesystem_name)
+                 MQX_FILE_PTR *filesystem_handle,
+                 char *partman_name, char *filesystem_name)
 {
 	_mqx_int	error_code;
 
diff --git a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
index cd11b492..0d2267fd 100644
--- a/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
+++ b/extra/wolfssl/wolfssl/mqx/util_lib/Sources/util.h
@@ -4,11 +4,11 @@
 #define UTIL_H_
 
 int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle, 
-			 	MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
-		        char *partman_name, char *filesystem_name);
+                MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle,
+                char *partman_name, char *filesystem_name);
 
 int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle,
-		         MQX_FILE_PTR *filesystem_handle,
-		         char *partman_name, char *filesystem_name);
+                 MQX_FILE_PTR *filesystem_handle,
+                 char *partman_name, char *filesystem_name);
 
 #endif /* UTIL_H_ */
diff --git a/extra/wolfssl/wolfssl/rpm/include.am b/extra/wolfssl/wolfssl/rpm/include.am
index 6e400b2e..5d15a1ca 100644
--- a/extra/wolfssl/wolfssl/rpm/include.am
+++ b/extra/wolfssl/wolfssl/rpm/include.am
@@ -22,6 +22,13 @@ clean-rpm:
 
 rpm: rpm-build
 
+rpm-docker:
+	docker build -t "fedora-builder:Dockerfile" Docker/packaging/fedora
+	docker run --rm -v $(CURDIR):/opt/wolfssl fedora-builder:Dockerfile \
+		bash -c 'make -C /opt/wolfssl rpm'
+# To allow the user to keep using the configuration on the host
+	@./config.status --recheck &> /dev/null
+
 release: rpm-sign
 
 auto-rpmbuild:
diff --git a/extra/wolfssl/wolfssl/rpm/spec.in b/extra/wolfssl/wolfssl/rpm/spec.in
index f0ccaedf..b99f3bed 100644
--- a/extra/wolfssl/wolfssl/rpm/spec.in
+++ b/extra/wolfssl/wolfssl/rpm/spec.in
@@ -15,7 +15,7 @@ BuildRequires: sed
 BuildRequires: tar
 URL: http://www.wolfssl.com/
 
-Packager: Brian Aker <brian@tangent.org>
+Packager: wolfSSL <support@wolfssl.com>
 
 Source: http://wolfssl.com/%{name}-%{version}.tar.gz
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot
@@ -51,6 +51,7 @@ fi
 %{__make} install  DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS=""
 mkdir -p $RPM_BUILD_ROOT/
 %{__rm} -f %{buildroot}/%{_libdir}/libwolfssl@LIBSUFFIX@.la
+%{__rm} -f %{buildroot}/%{_libdir}/libwolfssl.a
 
 %check
 
@@ -66,10 +67,12 @@ mkdir -p $RPM_BUILD_ROOT/
 %defattr(-,root,root,-)
 %doc AUTHORS ChangeLog.md COPYING README README.md
 %{_docdir}/wolfssl/taoCert.txt
-%{_docdir}/wolfssl/example/echoserver.c
+%{_docdir}/wolfssl/example/async_client.c
+%{_docdir}/wolfssl/example/async_server.c
+%{_docdir}/wolfssl/example/client.c
 %{_docdir}/wolfssl/example/server.c
 %{_docdir}/wolfssl/example/echoclient.c
-%{_docdir}/wolfssl/example/client.c
+%{_docdir}/wolfssl/example/echoserver.c
 %{_docdir}/wolfssl/example/sctp-client.c
 %{_docdir}/wolfssl/example/sctp-server.c
 %{_docdir}/wolfssl/example/sctp-client-dtls.c
@@ -77,257 +80,17 @@ mkdir -p $RPM_BUILD_ROOT/
 %{_docdir}/wolfssl/example/tls_bench.c
 %{_docdir}/wolfssl/README.txt
 %{_docdir}/wolfssl/QUIC.md
-
-%{_libdir}/libwolfssl@LIBSUFFIX@.so
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@
-%{_libdir}/libwolfssl@LIBSUFFIX@.so.@WOLFSSL_LIBRARY_VERSION_FIRST@.@WOLFSSL_LIBRARY_VERSION_SECOND@.@WOLFSSL_LIBRARY_VERSION_THIRD@
+%{_libdir}/libwolfssl@LIBSUFFIX@.so.*
 
 %files devel
 %defattr(-,root,root,-)
 %doc AUTHORS ChangeLog.md COPYING README README.md
 %{_bindir}/wolfssl-config
-%{_includedir}/cyassl/callbacks.h
-%{_includedir}/cyassl/certs_test.h
-%{_includedir}/cyassl/crl.h
-%{_includedir}/cyassl/ctaocrypt/aes.h
-%{_includedir}/cyassl/ctaocrypt/arc4.h
-%{_includedir}/cyassl/ctaocrypt/asn.h
-%{_includedir}/cyassl/ctaocrypt/asn_public.h
-%{_includedir}/cyassl/ctaocrypt/blake2-impl.h
-%{_includedir}/cyassl/ctaocrypt/blake2-int.h
-%{_includedir}/cyassl/ctaocrypt/blake2.h
-%{_includedir}/cyassl/ctaocrypt/camellia.h
-%{_includedir}/cyassl/ctaocrypt/chacha.h
-%{_includedir}/cyassl/ctaocrypt/coding.h
-%{_includedir}/cyassl/ctaocrypt/compress.h
-%{_includedir}/cyassl/ctaocrypt/des3.h
-%{_includedir}/cyassl/ctaocrypt/dh.h
-%{_includedir}/cyassl/ctaocrypt/dsa.h
-%{_includedir}/cyassl/ctaocrypt/ecc.h
-%{_includedir}/cyassl/ctaocrypt/error-crypt.h
-%{_includedir}/cyassl/ctaocrypt/fips_test.h
-%{_includedir}/cyassl/ctaocrypt/hmac.h
-%{_includedir}/cyassl/ctaocrypt/integer.h
-%{_includedir}/cyassl/ctaocrypt/logging.h
-%{_includedir}/cyassl/ctaocrypt/md2.h
-%{_includedir}/cyassl/ctaocrypt/md4.h
-%{_includedir}/cyassl/ctaocrypt/md5.h
-%{_includedir}/cyassl/ctaocrypt/memory.h
-%{_includedir}/cyassl/ctaocrypt/misc.h
-%{_includedir}/cyassl/ctaocrypt/mpi_class.h
-%{_includedir}/cyassl/ctaocrypt/mpi_superclass.h
-%{_includedir}/cyassl/ctaocrypt/pkcs7.h
-%{_includedir}/cyassl/ctaocrypt/poly1305.h
-%{_includedir}/cyassl/ctaocrypt/pwdbased.h
-%{_includedir}/cyassl/ctaocrypt/random.h
-%{_includedir}/cyassl/ctaocrypt/ripemd.h
-%{_includedir}/cyassl/ctaocrypt/rsa.h
-%{_includedir}/cyassl/ctaocrypt/settings.h
-%{_includedir}/cyassl/ctaocrypt/settings_comp.h
-%{_includedir}/cyassl/ctaocrypt/sha.h
-%{_includedir}/cyassl/ctaocrypt/sha256.h
-%{_includedir}/cyassl/ctaocrypt/sha512.h
-%{_includedir}/cyassl/ctaocrypt/tfm.h
-%{_includedir}/cyassl/ctaocrypt/types.h
-%{_includedir}/cyassl/ctaocrypt/visibility.h
-%{_includedir}/cyassl/ctaocrypt/wc_port.h
-%{_includedir}/cyassl/error-ssl.h
-%{_includedir}/cyassl/ocsp.h
-%{_includedir}/cyassl/openssl/asn1.h
-%{_includedir}/cyassl/openssl/bio.h
-%{_includedir}/cyassl/openssl/bn.h
-%{_includedir}/cyassl/openssl/conf.h
-%{_includedir}/cyassl/openssl/crypto.h
-%{_includedir}/cyassl/openssl/des.h
-%{_includedir}/cyassl/openssl/dh.h
-%{_includedir}/cyassl/openssl/dsa.h
-%{_includedir}/cyassl/openssl/ec.h
-%{_includedir}/cyassl/openssl/ec25519.h
-%{_includedir}/cyassl/openssl/ec448.h
-%{_includedir}/cyassl/openssl/ecdh.h
-%{_includedir}/cyassl/openssl/ecdsa.h
-%{_includedir}/cyassl/openssl/ed25519.h
-%{_includedir}/cyassl/openssl/ed448.h
-%{_includedir}/cyassl/openssl/engine.h
-%{_includedir}/cyassl/openssl/err.h
-%{_includedir}/cyassl/openssl/evp.h
-%{_includedir}/cyassl/openssl/hmac.h
-%{_includedir}/cyassl/openssl/lhash.h
-%{_includedir}/cyassl/openssl/md4.h
-%{_includedir}/cyassl/openssl/md5.h
-%{_includedir}/cyassl/openssl/ocsp.h
-%{_includedir}/cyassl/openssl/opensslconf.h
-%{_includedir}/cyassl/openssl/opensslv.h
-%{_includedir}/cyassl/openssl/ossl_typ.h
-%{_includedir}/cyassl/openssl/pem.h
-%{_includedir}/cyassl/openssl/pkcs12.h
-%{_includedir}/cyassl/openssl/rand.h
-%{_includedir}/cyassl/openssl/ripemd.h
-%{_includedir}/cyassl/openssl/rsa.h
-%{_includedir}/cyassl/openssl/sha.h
-%{_includedir}/cyassl/openssl/ssl.h
-%{_includedir}/cyassl/openssl/ssl23.h
-%{_includedir}/cyassl/openssl/stack.h
-%{_includedir}/cyassl/openssl/ui.h
-%{_includedir}/cyassl/openssl/x509.h
-%{_includedir}/cyassl/openssl/x509v3.h
-%{_includedir}/cyassl/options.h
-%{_includedir}/cyassl/sniffer.h
-%{_includedir}/cyassl/sniffer_error.h
-%{_includedir}/cyassl/ssl.h
-%{_includedir}/cyassl/test.h
-%{_includedir}/cyassl/version.h
-%{_includedir}/wolfssl/callbacks.h
-%{_includedir}/wolfssl/certs_test.h
-%{_includedir}/wolfssl/crl.h
-%{_includedir}/wolfssl/error-ssl.h
-%{_includedir}/wolfssl/ocsp.h
-%{_includedir}/wolfssl/openssl/aes.h
-%{_includedir}/wolfssl/openssl/asn1.h
-%{_includedir}/wolfssl/openssl/asn1t.h
-%{_includedir}/wolfssl/openssl/bio.h
-%{_includedir}/wolfssl/openssl/bn.h
-%{_includedir}/wolfssl/openssl/cms.h
-%{_includedir}/wolfssl/openssl/buffer.h
-%{_includedir}/wolfssl/openssl/camellia.h
-%{_includedir}/wolfssl/openssl/cmac.h
-%{_includedir}/wolfssl/openssl/compat_types.h
-%{_includedir}/wolfssl/openssl/conf.h
-%{_includedir}/wolfssl/openssl/crypto.h
-%{_includedir}/wolfssl/openssl/des.h
-%{_includedir}/wolfssl/openssl/dh.h
-%{_includedir}/wolfssl/openssl/dsa.h
-%{_includedir}/wolfssl/openssl/ec.h
-%{_includedir}/wolfssl/openssl/ec25519.h
-%{_includedir}/wolfssl/openssl/ec448.h
-%{_includedir}/wolfssl/openssl/ecdh.h
-%{_includedir}/wolfssl/openssl/ecdsa.h
-%{_includedir}/wolfssl/openssl/ed25519.h
-%{_includedir}/wolfssl/openssl/ed448.h
-%{_includedir}/wolfssl/openssl/engine.h
-%{_includedir}/wolfssl/openssl/err.h
-%{_includedir}/wolfssl/openssl/evp.h
-%{_includedir}/wolfssl/openssl/fips_rand.h
-%{_includedir}/wolfssl/openssl/hmac.h
-%{_includedir}/wolfssl/openssl/kdf.h
-%{_includedir}/wolfssl/openssl/lhash.h
-%{_includedir}/wolfssl/openssl/md4.h
-%{_includedir}/wolfssl/openssl/md5.h
-%{_includedir}/wolfssl/openssl/modes.h
-%{_includedir}/wolfssl/openssl/obj_mac.h
-%{_includedir}/wolfssl/openssl/objects.h
-%{_includedir}/wolfssl/openssl/ocsp.h
-%{_includedir}/wolfssl/openssl/opensslconf.h
-%{_includedir}/wolfssl/openssl/opensslv.h
-%{_includedir}/wolfssl/openssl/ossl_typ.h
-%{_includedir}/wolfssl/openssl/pem.h
-%{_includedir}/wolfssl/openssl/pkcs12.h
-%{_includedir}/wolfssl/openssl/pkcs7.h
-%{_includedir}/wolfssl/openssl/rand.h
-%{_includedir}/wolfssl/openssl/rc4.h
-%{_includedir}/wolfssl/openssl/ripemd.h
-%{_includedir}/wolfssl/openssl/rsa.h
-%{_includedir}/wolfssl/openssl/sha.h
-%{_includedir}/wolfssl/openssl/srp.h
-%{_includedir}/wolfssl/openssl/sha3.h
-%{_includedir}/wolfssl/openssl/ssl.h
-%{_includedir}/wolfssl/openssl/ssl23.h
-%{_includedir}/wolfssl/openssl/stack.h
-%{_includedir}/wolfssl/openssl/txt_db.h
-%{_includedir}/wolfssl/openssl/tls1.h
-%{_includedir}/wolfssl/openssl/ui.h
-%{_includedir}/wolfssl/openssl/x509.h
-%{_includedir}/wolfssl/openssl/x509_vfy.h
-%{_includedir}/wolfssl/openssl/x509v3.h
-%{_includedir}/wolfssl/options.h
-%{_includedir}/wolfssl/quic.h
-%{_includedir}/wolfssl/sniffer.h
-%{_includedir}/wolfssl/sniffer_error.h
-%{_includedir}/wolfssl/ssl.h
-%{_includedir}/wolfssl/test.h
-%{_includedir}/wolfssl/version.h
-%{_includedir}/wolfssl/wolfcrypt/aes.h
-%{_includedir}/wolfssl/wolfcrypt/arc4.h
-%{_includedir}/wolfssl/wolfcrypt/asn.h
-%{_includedir}/wolfssl/wolfcrypt/asn_public.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-impl.h
-%{_includedir}/wolfssl/wolfcrypt/blake2-int.h
-%{_includedir}/wolfssl/wolfcrypt/blake2.h
-%{_includedir}/wolfssl/wolfcrypt/camellia.h
-%{_includedir}/wolfssl/wolfcrypt/chacha.h
-%{_includedir}/wolfssl/wolfcrypt/chacha20_poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/cmac.h
-%{_includedir}/wolfssl/wolfcrypt/coding.h
-%{_includedir}/wolfssl/wolfcrypt/compress.h
-%{_includedir}/wolfssl/wolfcrypt/cpuid.h
-%{_includedir}/wolfssl/wolfcrypt/cryptocb.h
-%{_includedir}/wolfssl/wolfcrypt/curve25519.h
-%{_includedir}/wolfssl/wolfcrypt/curve448.h
-%{_includedir}/wolfssl/wolfcrypt/des3.h
-%{_includedir}/wolfssl/wolfcrypt/dh.h
-%{_includedir}/wolfssl/wolfcrypt/dsa.h
-%{_includedir}/wolfssl/wolfcrypt/ecc.h
-%{_includedir}/wolfssl/wolfcrypt/eccsi.h
-%{_includedir}/wolfssl/wolfcrypt/ed25519.h
-%{_includedir}/wolfssl/wolfcrypt/ed448.h
-%{_includedir}/wolfssl/wolfcrypt/error-crypt.h
-%{_includedir}/wolfssl/wolfcrypt/ext_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/falcon.h
-%{_includedir}/wolfssl/wolfcrypt/dilithium.h
-%{_includedir}/wolfssl/wolfcrypt/sphincs.h
-%{_includedir}/wolfssl/wolfcrypt/fe_448.h
-%{_includedir}/wolfssl/wolfcrypt/fe_operations.h
-%{_includedir}/wolfssl/wolfcrypt/fips_test.h
-%{_includedir}/wolfssl/wolfcrypt/ge_448.h
-%{_includedir}/wolfssl/wolfcrypt/ge_operations.h
-%{_includedir}/wolfssl/wolfcrypt/hash.h
-%{_includedir}/wolfssl/wolfcrypt/hmac.h
-%{_includedir}/wolfssl/wolfcrypt/hpke.h
-%{_includedir}/wolfssl/wolfcrypt/integer.h
-%{_includedir}/wolfssl/wolfcrypt/kdf.h
-%{_includedir}/wolfssl/wolfcrypt/kyber.h
-%{_includedir}/wolfssl/wolfcrypt/logging.h
-%{_includedir}/wolfssl/wolfcrypt/md2.h
-%{_includedir}/wolfssl/wolfcrypt/md4.h
-%{_includedir}/wolfssl/wolfcrypt/md5.h
-%{_includedir}/wolfssl/wolfcrypt/mem_track.h
-%{_includedir}/wolfssl/wolfcrypt/memory.h
-%{_includedir}/wolfssl/wolfcrypt/misc.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_class.h
-%{_includedir}/wolfssl/wolfcrypt/mpi_superclass.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs12.h
-%{_includedir}/wolfssl/wolfcrypt/pkcs7.h
-%{_includedir}/wolfssl/wolfcrypt/poly1305.h
-%{_includedir}/wolfssl/wolfcrypt/pwdbased.h
-%{_includedir}/wolfssl/wolfcrypt/random.h
-%{_includedir}/wolfssl/wolfcrypt/ripemd.h
-%{_includedir}/wolfssl/wolfcrypt/rc2.h
-%{_includedir}/wolfssl/wolfcrypt/rsa.h
-%{_includedir}/wolfssl/wolfcrypt/sakke.h
-%{_includedir}/wolfssl/wolfcrypt/settings.h
-%{_includedir}/wolfssl/wolfcrypt/sha.h
-%{_includedir}/wolfssl/wolfcrypt/sha256.h
-%{_includedir}/wolfssl/wolfcrypt/sha3.h
-%{_includedir}/wolfssl/wolfcrypt/sha512.h
-%{_includedir}/wolfssl/wolfcrypt/siphash.h
-%{_includedir}/wolfssl/wolfcrypt/signature.h
-%if "@INCLUDE_SP_INT@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/sp_int.h
-%endif
-%{_includedir}/wolfssl/wolfcrypt/srp.h
-%{_includedir}/wolfssl/wolfcrypt/tfm.h
-%{_includedir}/wolfssl/wolfcrypt/types.h
-%{_includedir}/wolfssl/wolfcrypt/visibility.h
-%{_includedir}/wolfssl/wolfcrypt/wc_encrypt.h
-%{_includedir}/wolfssl/wolfcrypt/wc_port.h
-%{_includedir}/wolfssl/wolfcrypt/wc_kyber.h
-%{_includedir}/wolfssl/wolfcrypt/wolfevent.h
-%{_includedir}/wolfssl/wolfcrypt/wolfmath.h
-%{_includedir}/wolfssl/wolfio.h
+%{_includedir}/wolfssl/*.h
+%{_includedir}/wolfssl/wolfcrypt/*.h
+%{_includedir}/wolfssl/openssl/*.h
 %{_libdir}/pkgconfig/wolfssl.pc
-%if "@ENABLED_FIPS@" != "no"
-%{_includedir}/wolfssl/wolfcrypt/fips.h
-%endif
+%{_libdir}/libwolfssl@LIBSUFFIX@.so
 
 %changelog
 * Mon Oct 17 2022 Juliusz Sosinowicz <juliusz@wolfssl.com>
@@ -372,7 +135,7 @@ mkdir -p $RPM_BUILD_ROOT/
 * Thu May 31 2018 John Safranek <john@wolfssl.com>
 - Update the version number on the library SO file.
 * Fri Mar 02 2018 Jacob Barthelmeh <jacob@wolfssl.com>
-- Added headder files fips.h, buffer.h, objects.h, rc4.h and example tls_bench.c
+- Added header files fips.h, buffer.h, objects.h, rc4.h and example tls_bench.c
 * Fri Sep 08 2017 Jacob Barthelmeh <jacob@wolfssl.com>
 - Change name for header wolfssl/io.h to wolfssl/wolfio.h
 * Fri Aug 04 2017 Jacob Barthelmeh <jacob@wolfssl.com>
diff --git a/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh b/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh
new file mode 100644
index 00000000..1a6258fc
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/aria-cmake-build-test.sh
@@ -0,0 +1,201 @@
+#!/bin/bash
+#
+# aria_cmake_build_test.sh
+#
+# This is a test script for building wolfSSL examples with various settings
+# for the ARIA Magic Crypto ciphers.
+#
+# See https://github.com/wolfSSL/wolfssl/pull/6400 and
+#      https://github.com/wolfSSL/wolfssl/pull/6600
+#
+# The basic steps for building:
+#
+# # set to your path
+# export ARIA_DIR=/mnt/c/workspace/MagicCrypto
+#
+# mkdir -p out
+# pushd out
+# cmake .. -DWOLFSSL_ARIA=yes
+# cmake --build .
+#
+# # View the available ciphers with:
+# ./examples/client/client -e
+#
+# or with grep:
+# ./examples/client/client -e | grep -i ARIA
+#
+# Note the OPENSSL_EXTRA and WOLF_CRYPTOCB macros may need to be defined
+# in certain circumstances. The LD_LIBRARY_PATH=$ARIA_DIR may also be needed.
+#
+
+export ARIA_BUILD_DIR=./out_temp
+
+export ARIA_ERROR_RM_FAIL=1
+export ARIA_ERROR_MKDIR_FAIL=2
+export ARIA_ERROR_CMAKE_FAIL=3
+export ARIA_ERROR_BUILD_FAIL=4
+export ARIA_ERROR_CLIENT_FAIL=5
+export ARIA_ERROR_CIPHER_FAIL=6
+export ARIA_ERROR_CONFIG_FAIL=7
+
+#
+# function build_aria_test()
+#
+build_aria_test() {
+    local EXPECTED_ERROR=$1 # First parameter; 0, 1, 2, etc
+    local EXPECTED_ARIA=$2  # Second parameter: typically "Y" or "N"
+    local BUILD_MESSAGE=$3  # Third parameter; "some message"
+    local BUILD_DIR=$4      # Fourth parameter: "./someDirectory"
+    local BUILD_OPTION=$5   # Fifth parameter. Optional: ""
+
+    echo "********************************************************************"
+    echo "Starting $BUILD_MESSAGE"
+    echo "********************************************************************"
+    if [[ -z "$BUILD_DIR" ]]; then
+        local BUILD_DIR=out
+    fi
+
+    echo "BUILD_DIR=$BUILD_DIR"
+    echo "BUILD_OPTION=$BUILD_OPTION"
+
+    # remove build directory
+    rm -rf   $BUILD_DIR
+    if [ $? -eq 0 ]; then
+        echo "$BUILD_DIR removed."
+    else
+        echo "Failed to remove directory."
+        return $ARIA_ERROR_RM_FAIL
+    fi
+
+    # create a fresh directory
+    mkdir -p $BUILD_DIR
+    if [ $? -eq 0 ]; then
+        echo "$BUILD_DIR created."
+    else
+        echo "Failed to create directory $BUILD_DIR"
+        return $ARIA_ERROR_MKDIR_FAIL
+    fi
+
+    # change into build directory
+    pushd    $BUILD_DIR
+
+    # initial cmake
+    echo "********************************************************************"
+    echo "CMake for $BUILD_MESSAGE"
+    if [ -z "$BUILD_OPTION" ]; then
+        echo "(No additional build options)"
+    else
+        echo "Using build option: $BUILD_OPTION"
+    fi
+    echo "********************************************************************"
+    cmake .. $BUILD_OPTION
+    if [ $? -eq 0 ]; then
+        echo "cmake successful."
+    else
+        echo "ERROR: cmake failed"
+        return $ARIA_ERROR_CMAKE_FAIL
+    fi
+
+    # build
+    echo "********************************************************************"
+    echo "Build for $BUILD_MESSAGE"
+    if [ -z "$BUILD_OPTION" ]; then
+        echo "(No additional build options)"
+    else
+        echo "Using build option: $BUILD_OPTION"
+    fi
+    echo "********************************************************************"
+    cmake --build .
+    if [ $? -eq 0 ]; then
+        echo "cmake build successful."
+    else
+        echo "ERROR: cmake build failed"
+        return $ARIA_ERROR_BUILD_FAIL
+    fi
+
+    # View the available ciphers with:
+    echo "checking wolfsl client ssl version numbers SSLv3(0) - TLS1.3(4):"
+    ./examples/client/client -V
+    if [ $? -eq 0 ]; then
+        echo "Confirmed ./examples/client/client operational."
+    else
+        echo "ERROR ./examples/client/client error = $?"
+        return $ARIA_ERROR_CLIENT_FAIL
+    fi
+
+    # now see if we have ARIA ciphers
+    if ./examples/client/client -e | awk '/ARIA/{found=1} END{exit !found}'; then
+        if [ "$EXPECTED_ARIA" == "Y"  ]; then
+            echo "Found ARIA ciphers as expected."
+        else
+            echo "ERROR: Found ARIA ciphers when NOT expected."
+            return $ARIA_ERROR_CIPHER_FAIL
+        fi
+    else
+        if [ "$EXPECTED_ARIA" == "N" ]; then
+            echo "No ARIA ciphers found as expected with ./examples/client/client -e"
+        else
+            echo "ERROR: No ARIA ciphers found, EXPECTED_ARIA parameter = \"$EXPECTED_ARIA\"; expected \"N\"."
+            return $ARIA_ERROR_CONFIG_FAIL
+        fi
+    fi
+    ./examples/client/client -e
+
+    echo "Return to working directory."
+    popd
+
+    echo "********************************************************************"
+    echo "Completed $BUILD_MESSAGE"
+    echo "********************************************************************"
+    echo ""
+}
+
+set -e
+
+# No ARIA Environment Variable
+export ARIA_DIR=
+export THIS_MESSAGE="No ARIA Environment Variable, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=
+export THIS_MESSAGE="No ARIA Environment Variable, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with MagicCrypto in local user directory
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in local user directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in local user directory, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with MagicCrypto in wolfssl directory
+export ARIA_DIR=~/MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in wolfssl directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+export ARIA_DIR=./MagicCrypto
+export THIS_MESSAGE="ARIA Environment Variable with MagicCrypto in wolfssl, ARIA Enabled"
+build_aria_test 0 Y "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+
+# ARIA Environment Variable with bad directory, ARIA not enabled so bad directory ignored
+export ARIA_DIR=./UnknownDirectory
+export THIS_MESSAGE="ARIA Environment Variable with bad directory, ARIA not enabled."
+build_aria_test 0 N "$THIS_MESSAGE" "$ARIA_BUILD_DIR"
+
+# ARIA Environment Variable with bad directory, ARIA enabled so bad directory should fail
+set +e
+export ARIA_DIR=./UnknownDirectory
+export THIS_MESSAGE="ARIA Environment Variable with bad directory, ARIA Enabled"
+build_aria_test $ARIA_ERROR_CMAKE_FAIL N "$THIS_MESSAGE" "$ARIA_BUILD_DIR" "-DWOLFSSL_ARIA=yes"
+if [ $? -eq $ARIA_ERROR_CMAKE_FAIL ]; then
+    echo "Properly detected bad directory and failed as expected."
+else
+    echo "Error: expected failure not detected."
+    exit 1
+fi
+
+echo "Done. aria_cmake_build_test completed successfully!"
+
+exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/crl-revoked.test b/extra/wolfssl/wolfssl/scripts/crl-revoked.test
index 2f48b11e..da245d48 100755
--- a/extra/wolfssl/wolfssl/scripts/crl-revoked.test
+++ b/extra/wolfssl/wolfssl/scripts/crl-revoked.test
@@ -22,6 +22,7 @@ cp -rp . $RUNNING_DIR/.
 cd $RUNNING_DIR
 
 revocation_code="-361"
+revocation_code_openssl="23"
 exit_code=1
 counter=0
 # need a unique resume port since may run the same time as testsuite
@@ -112,7 +113,7 @@ run_test() {
     server_result=$?
 
     case  "$capture_out" in
-    *$revocation_code*)
+    *"$revocation_code"*|*"$revocation_code_openssl"*)
         # only exit with zero on detection of the expected error code
         echo ""
         echo "Successful Revocation!!!!"
@@ -178,7 +179,7 @@ run_hashdir_test() {
   server_result=$?
 
   case  "$capture_out" in
-    *$revocation_code*)
+    *"$revocation_code"*|*"$revocation_code_openssl"*)
         # only exit with zero on detection of the expected error code
         echo ""
         echo "Successful Revocation!!!! with hash dir"
diff --git a/extra/wolfssl/wolfssl/scripts/dtls.test b/extra/wolfssl/wolfssl/scripts/dtls.test
new file mode 100755
index 00000000..2bf36d19
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/dtls.test
@@ -0,0 +1,169 @@
+#!/bin/bash
+
+# This script can be run with several environment variables set dictating its
+# run. You can set the following to what you like:
+WOLFSSL_ROOT=${WOLFSSL_ROOT:-$(pwd)}
+UDP_PROXY_BIN=${UDP_PROXY_BIN:-"udp_proxy"}
+DTLS_VERSION=${DTLS_VERSION:-"-v4"}
+PCAP_FILENAME=${PCAP_FILENAME:-"dtls${DTLS_VERSION}.pcap"}
+# Additionally, you can add the following tests by setting it to '1':
+DO_EXTENDED_SERVER_PERMUTATION_TEST=${DO_EXTENDED_SERVER_PERMUTATION_TEST:-0}
+DO_DELAY_TEST=${DO_DELAY_TEST:-0}
+
+# An example use would be: DTLS_VERSION=-v3 scripts/dtls.test
+# Note the output also consists of a single PCAP file which has a set of
+# three packets (1-byte, strlen()-byte, 1-byte payload) deliniating each test.
+
+#set -x # enable debug output
+
+# bwrap execution environment to avoid port conflicts
+if [ "${AM_BWRAPPED-}" != "yes" ]; then
+    bwrap_path="$(command -v bwrap)"
+    if [ -n "$bwrap_path" ]; then
+        export AM_BWRAPPED=yes
+        exec "$bwrap_path" --cap-add ALL --unshare-net --dev-bind / / "$0" "$@"
+    fi
+fi
+
+cleanup () {
+    echo
+    echo "Cleaning up..."
+    if [ ! -z "$UDP_PROXY_PID" ];then
+        echo "Killing udp_proxy $UDP_PROXY_PID"
+        kill $UDP_PROXY_PID
+    fi
+    if [ ! -z "$SERVER_PID" ];then
+        echo "Killing server $SERVER_PID"
+        kill $SERVER_PID
+    fi
+    if [ ! -z "$TCPDUMP_PID" ];then
+        echo "Killing tcpdump $TCPDUMP_PID"
+        sleep 1
+        kill $TCPDUMP_PID
+    fi
+}
+
+trap cleanup err exit
+
+PROXY_PORT=1234
+SERVER_PORT=4321
+KEY_UPDATE_SIZE=35
+NUM_TESTS_FAILED=0
+NUM_TESTS_RUN=0
+
+if [ "$DTLS_VERSION" = "-v4" ]; then
+    UDP_PROXY_EXTRA_ARGS="-u"
+fi
+
+# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
+
+set -o pipefail
+prepend() { # Usage: cmd 2>&1 | prepend "sometext "
+    while read line; do echo "${1}${line}"; done
+}
+
+run_test() { # usage: run_test "<testName>" "<udp-proxy args>" "<server args>" "<client args>"
+    ((NUM_TESTS_RUN++))
+    echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+    echo "$1" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+    echo "" | nc -u 127.0.0.1 $SERVER_PORT # This is a marker for the PCAP file
+    echo -e "\n${1}\n"
+    stdbuf -oL -eL $WOLFSSL_ROOT/examples/server/server -u -p$SERVER_PORT $DTLS_VERSION $3 2>&1 | prepend "[server] " &
+    SERVER_PID=$(($! - 1))
+    stdbuf -oL -eL $UDP_PROXY_BIN -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT $UDP_PROXY_EXTRA_ARGS $2 2>&1 | prepend "[udp-proxy] " &
+    UDP_PROXY_PID=$(($! - 1))
+    sleep 0.2
+    # Wrap this command in a timeout so that a deadlock won't bring down the entire test
+    timeout -s KILL 1m stdbuf -oL -eL $WOLFSSL_ROOT/examples/client/client -u -p$PROXY_PORT $DTLS_VERSION $4 2>&1 | prepend "[client] "
+    if [ $? != 0 ]; then
+        echo "***Test failed***"
+        ((NUM_TESTS_FAILED++))
+    fi
+    kill $SERVER_PID >&/dev/null # make sure the server is no longer running
+    SERVER_PID=
+    kill $UDP_PROXY_PID
+    UDP_PROXY_PID=
+}
+
+test_dropping_packets () {
+    for i in $(seq 0 11);do
+        run_test "Dropping ${i}th packet" "-f $i" "-Ta" ""
+    done
+
+    # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
+    for i in $(seq 0 10);do
+        run_test "Testing WANT_WRITE: dropping packet $i" "-f $i" "-Ta -6" "-6"
+    done
+}
+
+# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
+test_dropping_new_session_ticket() { # usage: test_dropping_new_session_ticket <size>
+    run_test "Dropping new session ticket packet of size $1" "-F $1" "-w" "-w --waitTicket"
+}
+
+test_permutations () {
+    SIDE=$1
+    PERMUTATIONS=$(python3 << EOF
+import itertools
+for p in itertools.permutations("$2"):
+    print(''.join(p))
+EOF
+    )
+    for i in $PERMUTATIONS;do
+        UDP_LOGFILE=$(mktemp)
+        run_test "Testing $SIDE permutations order $i" "-r $i -S $SIDE -l $UDP_LOGFILE" "-Ta -w" "-w"
+        echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
+        rm -f $UDP_LOGFILE
+    done
+    echo "All $SIDE msg permutations succeeded"
+}
+
+
+test_time_delays () {
+    DELAYS=$(python3 << EOF
+import itertools
+t = [0.1, 0.5, 1.1]
+tt = []
+for i in itertools.product(t, t, t):
+    tt.append(i * 15)
+for i in tt:
+    print(','.join(map(lambda x: str(x) , i)))
+EOF
+    )
+    for DELAY in $DELAYS;do
+        UDP_LOGFILE=$(mktemp)
+        run_test "Testing delay $DELAY" "-l $UDP_LOGFILE -t $DELAY" "-Ta -w" "-w"
+        echo "...produced $(grep -P 'client:|server:' $UDP_LOGFILE | wc -l) messages"
+        rm -f $UDP_LOGFILE
+    done
+}
+
+echo "Starting capture"
+tcpdump -i lo -n port ${SERVER_PORT} -w ${PCAP_FILENAME} -U &
+TCPDUMP_PID=$!
+sleep 0.5
+
+test_dropping_packets
+test_permutations client 012
+
+if [ "$DO_EXTENDED_SERVER_PERMUTATION_TEST" = "1" ];then
+   test_permutations server 0123456
+else
+   test_permutations server 012
+fi
+
+test_dropping_new_session_ticket 200
+
+# TODO: fix udp_proxy to not re-order close alert before app data
+if [ "$DO_DELAY_TEST" = "1" ];then
+   test_time_delays
+fi
+
+if [ $NUM_TESTS_FAILED == 0 ]; then
+    echo -e "\nAll $NUM_TESTS_RUN tests SUCCEEDED!!!\n"
+else
+    echo -e "\nThere were $NUM_TESTS_FAILED failures out of $NUM_TESTS_RUN tests\n"
+fi
+
+echo "The script ran for $SECONDS seconds"
+exit $NUM_TESTS_FAILED
diff --git a/extra/wolfssl/wolfssl/scripts/dtls13.test b/extra/wolfssl/wolfssl/scripts/dtls13.test
deleted file mode 100755
index af04b444..00000000
--- a/extra/wolfssl/wolfssl/scripts/dtls13.test
+++ /dev/null
@@ -1,171 +0,0 @@
-#!/bin/bash
-
-set -e
-
-cleanup () {
-    echo
-    echo "Cleaning up..."
-    if [ ! -z "$UDP_PROXY_PID" ];then
-        echo "Killing udp_proxy $UDP_PROXY_PID"
-        kill $UDP_PROXY_PID
-    fi
-    if [ ! -z "$SERVER_PID" ];then
-        echo "Killing server $SERVER_PID"
-        kill $SERVER_PID
-    fi
-}
-
-trap cleanup err exit
-
-WOLFSSL_ROOT=$(pwd)
-if [ -z $UDP_PROXY_PATH ];then
-UDP_PROXY_PATH=$WOLFSSL_ROOT/../udp-proxy/udp_proxy
-fi
-PROXY_PORT=12345
-SERVER_PORT=11111
-NEW_SESSION_TICKET_SIZE=200
-KEY_UPDATE_SIZE=35
-
-(killall udp_proxy || true)
-(killall lt-server || true)
-(killall lt-client || true)
-
-# $WOLFSSL_ROOT/tests/unit.test tests/test-dtls13.conf
-
-test_dropping_packets () {
-    for i in $(seq 0 11);do
-        echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
-        $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp &
-        UDP_PROXY_PID=$!
-        $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta 2>>/tmp/serr &
-        SERVER_PID=$!
-        sleep 0.2
-        now=$(date +%s.%N)
-        $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT 2>>/tmp/cerr
-        elapsed=$(echo $(date +%s.%N) - $now | bc)
-        echo "it took ${elapsed} sec(s)" >> /tmp/udp
-        wait $SERVER_PID
-        SERVER_PID=
-        kill $UDP_PROXY_PID
-        UDP_PROXY_PID=
-    done
-
-
-    echo -e "\nTesting WANT_WRITE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
-
-    # dropping last ack would be client error as wolfssl_read doesn't support WANT_WRITE as returned error
-    for i in $(seq 0 10);do
-        echo -e "\ndropping packet $i\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
-        $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -f $i -u >>/tmp/udp &
-        UDP_PROXY_PID=$!
-        $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -6 2>>/tmp/serr &
-        SERVER_PID=$!
-        sleep 0.2
-        now=$(date +%s.%N)
-        $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -6 2>>/tmp/cerr
-        elapsed=$(echo $(date +%s.%N) - $now | bc)
-        echo "it took ${elapsed} sec(s)" >> /tmp/udp
-        wait $SERVER_PID
-        SERVER_PID=
-        kill $UDP_PROXY_PID
-        UDP_PROXY_PID=
-    done
-}
-
-# this test is based on detecting newSessionTicket message by its size. This is rather fragile.
-test_dropping_new_session_ticket() {
-    echo -e "\ndropping new session ticket packet of size $NEW_SESSION_TICKET_SIZE\n" | tee -a /tmp/serr | tee -a /tmp/cerr | tee -a /tmp/udp
-    $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -F $NEW_SESSION_TICKET_SIZE -u >>/tmp/udp &
-    UDP_PROXY_PID=$!
-    $WOLFSSL_ROOT/examples/server/server -v4 -w -u 2>>/tmp/serr &
-    SERVER_PID=$!
-    sleep 0.2
-    now=$(date +%s.%N)
-    $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w --waitTicket 2>>/tmp/cerr
-    elapsed=$(echo $(date +%s.%N) - $now | bc)
-    echo "it took ${elapsed} sec(s)" >> /tmp/udp
-    wait $SERVER_PID
-    SERVER_PID=
-    kill $UDP_PROXY_PID
-    UDP_PROXY_PID=
-}
-
-test_permutations () {
-    SIDE=$1
-    PERMUTATIONS=$(python3 << EOF
-import itertools
-for p in itertools.permutations("$2"):
-    print(''.join(p))
-EOF
-    )
-    echo "Testing $SIDE msg permutations"
-    for i in $PERMUTATIONS;do
-        echo -n "Testing $SIDE order $i"
-        UDP_LOGFILE=/tmp/udp-$SIDE-$i
-        $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -r $i -l $UDP_LOGFILE -S $SIDE &
-        UDP_PROXY_PID=$!
-        $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr &
-        SERVER_PID=$!
-        sleep 0.2
-        now=$(date +%s.%N)
-        $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr
-        elapsed=$(echo $(date +%s.%N) - $now | bc)
-        udp_lines=$(grep -P 'client:|server:' $UDP_LOGFILE | wc -l)
-        echo " took ${elapsed} sec(s) and produced ${udp_lines} messages"
-        wait $SERVER_PID
-        SERVER_PID=
-        kill $UDP_PROXY_PID
-        UDP_PROXY_PID=
-        rm $UDP_LOGFILE
-    done
-    echo "All $SIDE msg permutations succeeded"
-}
-
-
-test_time_delays () {
-    DELAYS=$(python3 << EOF
-import itertools
-t = [0.1, 0.5, 1.1]
-tt = []
-for i in itertools.product(t, t, t):
-    tt.append(i * 15)
-for i in tt:
-    print(','.join(map(lambda x: str(x) , i)))
-EOF
-    )
-    for DELAY in $DELAYS;do
-        echo -n "Testing delay $DELAY"
-        UDP_LOGFILE=/tmp/udp-delay-$DELAY
-        $UDP_PROXY_PATH -p $PROXY_PORT -s 127.0.0.1:$SERVER_PORT -u -l "$UDP_LOGFILE" -t $DELAY &
-        UDP_PROXY_PID=$!
-        $WOLFSSL_ROOT/examples/server/server -v4 -u -Ta -w &> /tmp/serr &
-        SERVER_PID=$!
-        sleep 0.2
-        now=$(date +%s.%N)
-        $WOLFSSL_ROOT/examples/client/client -v4 -u -p$PROXY_PORT -w &> /tmp/cerr
-        elapsed=$(echo $(date +%s.%N) - $now | bc)
-        udp_lines=$(grep -P 'client:|server:' "$UDP_LOGFILE" | wc -l)
-        echo " took ${elapsed} sec(s) and produced ${udp_lines} messages"
-        wait $SERVER_PID
-        SERVER_PID=
-        kill $UDP_PROXY_PID
-        UDP_PROXY_PID=
-        rm "$UDP_LOGFILE"
-    done
-}
-
-test_dropping_packets
-test_permutations client 012
-test_dropping_new_session_ticket
-
-if [ ! -z $DTLS13_DO_SERVER_PERMUTATION_TEST ];then
-   test_permutations server 0123456
-fi
-
-# TODO: fix udp_proxy to not re-order close alert before app data
-if [ ! -z $DTLS13_DO_DELAY_TEST ];then
-   test_time_delays
-fi
-
-echo
-echo "All tests SUCCEEDED!!!"
diff --git a/extra/wolfssl/wolfssl/scripts/external.test b/extra/wolfssl/wolfssl/scripts/external.test
index 39b88e99..671f6f9a 100755
--- a/extra/wolfssl/wolfssl/scripts/external.test
+++ b/extra/wolfssl/wolfssl/scripts/external.test
@@ -45,4 +45,15 @@ RESULT=$?
 RESULT=$?
 [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed" && exit 1
 
+# test again, but using system CA certs to verify the server if support is enabled.
+# We don't want to use --sys-ca-certs with static memory, as we don't know how
+# much memory will be required to store an unbounded number of certs
+BUILD_FLAGS="$(./examples/client/client '-#')"
+if echo "$BUILD_FLAGS" | grep -q "WOLFSSL_SYS_CA_CERTS" && ! echo "$BUILD_FLAGS" | grep -q "WOLFSSL_STATIC_MEMORY"; then
+    echo -e "\nConnecting using WOLFSSL_SYS_CA_CERTS..."
+    ./examples/client/client -X -C -h $server -p 443 -g --sys-ca-certs
+    RESULT=$?
+    [ $RESULT -ne 0 ] && echo -e "\n\nClient connection failed when using WOLFSSL_SYS_CA_CERTS" && exit 1
+fi
+
 exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/include.am b/extra/wolfssl/wolfssl/scripts/include.am
index 97aae077..eab99c61 100644
--- a/extra/wolfssl/wolfssl/scripts/include.am
+++ b/extra/wolfssl/wolfssl/scripts/include.am
@@ -87,6 +87,8 @@ noinst_SCRIPTS+= scripts/unit.test.in
 endif
 endif
 
+dist_noinst_SCRIPTS+= scripts/pem.test
+
 EXTRA_DIST +=  scripts/sniffer-static-rsa.pcap \
                scripts/sniffer-ipv6.pcap \
                scripts/sniffer-tls13-dh.pcap \
@@ -101,7 +103,8 @@ EXTRA_DIST +=  scripts/sniffer-static-rsa.pcap \
                scripts/benchmark.test \
                scripts/memtest.sh \
                scripts/makedistsmall.sh \
-               scripts/openssl_srtp.test
+               scripts/openssl_srtp.test \
+               scripts/aria-cmake-build-test.sh
 
 
 # leave openssl.test as extra until non bash works
@@ -114,8 +117,9 @@ EXTRA_DIST += scripts/stm32l4-v4_0_1_build.sh
 
 EXTRA_DIST += scripts/cleanup_testfiles.sh
 
+EXTRA_DIST += scripts/dtls.test
+
 if BUILD_DTLS13
-EXTRA_DIST += scripts/dtls13.test
 EXTRA_DIST += scripts/dtlscid.test
 endif
 
diff --git a/extra/wolfssl/wolfssl/scripts/makedistsmall.sh b/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
index 24bd7f19..9c38e568 100755
--- a/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
+++ b/extra/wolfssl/wolfssl/scripts/makedistsmall.sh
@@ -9,6 +9,7 @@
 if [ "$1" == "keep" ]; then KEEP="yes"; else KEEP="no"; fi
 
 WOLFSSL_TEMPDIR=$(mktemp -d) || exit $?
+WOLFSSL_BRANCH=$(git symbolic-ref --short HEAD)
 
 function cleanup_on_exit() {
     if [ "$KEEP" == "no" ];
@@ -34,15 +35,13 @@ fi
 echo "Setting up work directory..."
 git clone -q -n --shared . "$WOLFSSL_TEMPDIR" || exit $?
 pushd "$WOLFSSL_TEMPDIR" >/dev/null || exit $?
-git checkout -q master || exit $?
+git checkout -q "$WOLFSSL_BRANCH"
 
 # cleanup example directories
 echo "Removing files not needed..."
 rm -rf -- ./.git*
 rm -rf ./build-aux
 rm -rf ./certs
-rm -rf ./ctaocrypt
-rm -rf ./cyassl
 rm -rf ./doc
 rm -rf ./Docker
 # these use test.h, which are not portable
@@ -73,7 +72,7 @@ find . -name "*.vcxproj" -delete
 find . -name "*.vcproj" -delete
 find . -name "*.sln" -delete
 
-# TLS/Compatiblity layer
+# TLS/Compatibility layer
 #rm -rf ./src
 #rm -rf ./wolfssl/openssl
 
diff --git a/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test b/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
index cdc03f56..c14fbf0e 100755
--- a/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
+++ b/extra/wolfssl/wolfssl/scripts/ocsp-stapling.test
@@ -243,16 +243,18 @@ else
     OPENSSL_RESULT=$?
     echo "$OPENSSL_OUTPUT"
     fgrep -q 'self signed certificate in certificate chain' <<< "$OPENSSL_OUTPUT"
-    FGREP_RESULT=$?
-    if [ $OPENSSL_RESULT -eq 0 -a $FGREP_RESULT -ne 0 ]; then
+    FGREP1_RESULT=$?
+    fgrep -q 'self-signed certificate in certificate chain' <<< "$OPENSSL_OUTPUT"
+    FGREP2_RESULT=$?
+    if [ $OPENSSL_RESULT -eq 0 -a $FGREP1_RESULT -ne 0 -a $FGREP2_RESULT -ne 0 ]; then
         printf '%s\n' "Expected verification error from s_client is missing."
         remove_single_rF "$ready_file"
         exit 1
     fi
     remove_single_rF "$ready_file"
     wait $wolf_pid
-    if [ $? -ne 1 ]; then
-        printf '%s\n' "wolfSSL server unexpected fail value"
+    if [ $? -ne 0 ]; then
+        printf '%s\n' "wolfSSL server unexpected fail"
         exit 1
     fi
 fi
diff --git a/extra/wolfssl/wolfssl/scripts/openssl.test b/extra/wolfssl/wolfssl/scripts/openssl.test
index 8a515333..9bd98e5f 100755
--- a/extra/wolfssl/wolfssl/scripts/openssl.test
+++ b/extra/wolfssl/wolfssl/scripts/openssl.test
@@ -2,7 +2,7 @@
 
 # openssl.test
 
-# Enviornment variables used:
+# Environment variables used:
 # OPENSSL            (openssl app to use)
 # OPENSSL_ENGINE_ID  (engine id if any i.e. "wolfengine")
 
@@ -490,7 +490,7 @@ IFS="$OIFS" #restore separator
 # Start OpenSSL servers
 #
 
-# Check for cerificate support in wolfSSL
+# Check for certificate support in wolfSSL
 wolf_certs=`$WOLFSSL_CLIENT -? 2>&1`
 case $wolf_certs in
 *"cert"*)
diff --git a/extra/wolfssl/wolfssl/scripts/pem.test b/extra/wolfssl/wolfssl/scripts/pem.test
new file mode 100755
index 00000000..7c32f8b0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/pem.test
@@ -0,0 +1,459 @@
+#!/bin/bash
+
+# pem.test
+# Copyright wolfSSL 2023-2023
+
+tmp_file=./pem_test.$$
+tmp_der_file=./pem_test_out_der.$$
+tmp_pem_file=./pem_test_out_pem.$$
+PEM_EXE=./examples/pem/pem
+ASN1_EXE=./examples/asn1/asn1
+TEST_CNT=0
+TEST_PASS_CNT=0
+TEST_SKIP_CNT=0
+TEST_FAIL_CNT=0
+TEST_FAIL=
+TEST_CASES=()
+RUN_ALL="YES"
+CR=$'\n'
+ENC_STRING="encrypt"
+DER_TO_PEM_STRING="input is DER and output is PEM"
+
+# Cleanup temporaries created during testing.
+do_cleanup() {
+    echo
+    echo "in cleanup"
+
+    if [ -e "$tmp_der_file" ]; then
+        echo -e "removing existing temporary DER output file"
+        rm "$tmp_der_file"
+    fi
+    if [ -e "$tmp_pem_file" ]; then
+        echo -e "removing existing temporary PEM output file"
+        rm "$tmp_pem_file"
+    fi
+    if [ -e "$tmp_file" ]; then
+        echo -e "removing existing temporary output file"
+        rm "$tmp_file"
+    fi
+}
+
+# Called when a signal is trapped.
+do_trap() {
+    echo
+    echo "got trap"
+    do_cleanup
+    exit 1
+}
+
+# Trap keyboard interrupt and termination signal.
+trap do_trap INT TERM
+
+# Check the usage text for a string to determine feature support.
+#
+# @param [in] $1  String to search for,
+# @return  1 when string is found.
+# @return  0 otherwise.
+check_usage_string() {
+    $PEM_EXE -? | grep "$1" >$tmp_file 2>&1
+    if [ "$?" = "0" ]; then
+        return 1
+    fi
+    return 0
+}
+
+# Check whether the test case is to be run.
+# When command line parameters given - only run those.
+#
+# @return  1 when test case is to be run.
+# @return  0 otherwise.
+check_run() {
+    # When RUN_ALL set them all test cases are run.
+    if [ "$RUN_ALL" != "" ]; then
+       return 1
+    else
+       # Check if test case number in list.
+       for T in "${TEST_CASE[@]}"; do
+           if [ "$T" = "$TEST_CNT" ]; then
+               return 1
+           fi
+       done
+       return 0
+    fi
+}
+
+# Setup for new test case.
+#
+# @param [in] $*  Name of test case.
+test_setup() {
+    TEST_CNT=$((TEST_CNT+1))
+    TEST_DESC="$TEST_CNT: $*"
+    FAILED=
+    SKIP=
+
+    if [ "$USAGE_STRING" != "" ]; then
+        # Check usage output for string to see whether we have to skip test case
+        # due to wolfSSL missing features.
+        check_usage_string "$USAGE_STRING"
+        if [ "$?" = "0" ] ; then
+            echo
+            echo "$TEST_DESC"
+            echo "SKIPPED"
+            SKIP="missing feature"
+        fi
+        USAGE_STRING=
+    fi
+
+    if [ "$SKIP" = "" ]; then
+        # Check whether this test case is to be run.
+        check_run
+        if [ "$?" = "1" ]; then
+            echo
+            echo "$TEST_DESC"
+            TEST_PASS_CNT=$((TEST_PASS_CNT+1))
+        else
+            SKIP="not requested"
+        fi
+    fi
+
+    # Handle skipping
+    if [ "$SKIP" != "" ]; then
+        TEST_SKIP_CNT=$((TEST_SKIP_CNT+1))
+    fi
+}
+
+# Handle when a test case failed.
+test_fail() {
+    if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+        TEST_PASS_CNT=$((TEST_PASS_CNT-1))
+        TEST_FAIL_CNT=$((TEST_FAIL_CNT+1))
+        TEST_FAIL="$TEST_FAIL$CR  $TEST_DESC"
+        FAILED=yes
+    fi
+}
+
+# Use asn1 to check DER produced is valid.
+check_der() {
+    $ASN1_EXE $tmp_der_file >$tmp_file 2>&1
+    if [ "$?" != "0" ]; then
+        echo
+        echo "  DER result bad"
+        test_fail
+    fi
+}
+
+# Convert PEM file to DER
+#
+# @param [in] $*  Command line parameters to pem example.
+convert_to_der() {
+    if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+        echo "    $PEM_EXE $* -out $tmp_pem_file"
+        $PEM_EXE "$@" -out $tmp_der_file
+        if [ "$?" != "0" ]; then
+            echo "  Failed to convert to DER"
+            test_fail
+        fi
+        check_der
+    fi
+}
+
+# Compare generated DER file to existing file.
+#
+# @param [in] $1  File to compare to.
+compare_der() {
+    diff $tmp_der_file $1
+    if [ "$?" != "0" ]; then
+        echo "  Created DER file different from expected"
+        test_fail
+    fi
+}
+
+# Convert DER file to PEM
+#
+# PEM_TYPE contains PEM header to encode.
+#
+# @param [in] $*  Command line parameters to pem example.
+convert_to_pem() {
+    if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+        echo "    $PEM_EXE --der -t \"$PEM_TYPE\" $* -out $tmp_pem_file"
+        $PEM_EXE --der "$@" -t "$PEM_TYPE" -out $tmp_pem_file
+        if [ "$?" != "0" ]; then
+            test_fail
+        fi
+    fi
+}
+
+# Compare generated PEM file to existing file.
+compare_pem() {
+    diff $tmp_pem_file $1 >$tmp_file 2>&1
+    if [ "$?" != "0" ]; then
+        cat $tmp_file
+        echo
+        echo "  Created PEM file different from expected"
+        test_fail
+    fi
+}
+
+# Convert to and from PEM and DER and compare to file containing expected DER.
+#
+# @param [in] $1  Name of PEM file to read.
+# @param [in] $2  Name of DER file to compare to.
+# @param [in] $3  PEM type expected in PEM file and to place in created PEM
+#                 file.
+pem_der_exp() {
+    if [ "$SKIP" = "" -a "$FAILED" = "" ]; then
+        PEM_FILE=$1
+        DER_FILE=$2
+        PEM_TYPE="$3"
+
+        # Convert PEM to DER
+        convert_to_der -in $PEM_FILE
+        if [ "$FAILED" = "" ]; then
+          # On success, compare to DER file.
+          compare_der $DER_FILE
+        fi
+        # Check if converting from DER to PEM is supported.
+        check_usage_string $DER_TO_PEM_STRING
+        if [ "$?" = "1" ]; then
+            if [ "$FAILED" = "" ]; then
+                # Convert expected DER file to PEM
+                convert_to_pem -in $DER_FILE
+            fi
+            if [ "$FAILED" = "" ]; then
+                # On success, compare to original PEM file.
+                compare_pem $PEM_FILE
+            fi
+        fi
+    fi
+}
+
+# Convert DER to encrypted PEM.
+#
+# @param [in] $@  Command line parameters to pem example when encrypting.
+der_pem_enc() {
+    PEM_TYPE="ENCRYPTED PRIVATE KEY"
+    convert_to_pem -in ./certs/server-key.der -p yassl123 "$@"
+    convert_to_der -in $tmp_pem_file -p yassl123
+}
+
+
+################################################################################
+
+# Check for pem example - can't test without it.
+if [ ! -x $PEM_EXE ]; then
+    echo "PEM example not available, won't run"
+    exit 77
+fi
+# Check for asn1 example - don't want to test without it.
+if [ ! -x $ASN1_EXE ]; then
+    echo "ASN.1 example not available, won't run"
+    exit 77
+fi
+
+# Check the available features compiled into pem example.
+echo "wolfSSL features:"
+check_usage_string $DER_TO_PEM_STRING
+if [ "$?" = "1" ]; then
+    echo "  Conversion from DER to PEM support compiled in."
+else
+    echo "  Conversion from DER to PEM support NOT compiled in."
+fi
+check_usage_string $ENC_STRING
+if [ "$?" = "1" ]; then
+    echo "  Encryption support compiled in."
+else
+    echo "  Encryption support NOT compiled in."
+fi
+echo
+
+# Command line parameters are test cases to run.
+while [ $# -gt 0 ]; do
+    TEST_CASE[${#TEST_CASE[@]}]=$1
+    RUN_ALL=
+    shift 1
+done
+
+
+test_setup "Convert PEM certificate (first of many) to DER"
+convert_to_der -in ./certs/server-cert.pem
+
+test_setup "Convert PEM certificate (second of many) to DER"
+convert_to_der -in ./certs/server-cert.pem --offset 6000
+
+test_setup "RSA private key"
+pem_der_exp ./certs/server-key.pem \
+            ./certs/server-key.der "RSA PRIVATE KEY"
+
+test_setup "RSA public key"
+pem_der_exp ./certs/server-keyPub.pem \
+            ./certs/server-keyPub.der "RSA PUBLIC KEY"
+
+test_setup "DH parameters"
+pem_der_exp ./certs/dh3072.pem \
+            ./certs/dh3072.der "DH PARAMETERS"
+
+test_setup "X9.42 parameters"
+pem_der_exp ./certs/x942dh2048.pem \
+            ./certs/x942dh2048.der "X9.42 DH PARAMETERS"
+
+USAGE_STRING="  DSA PARAMETERS"
+test_setup "DSA parameters"
+pem_der_exp ./certs/dsaparams.pem \
+            ./certs/dsaparams.der "DSA PARAMETERS"
+
+USAGE_STRING="  DSA PRIVATE KEY"
+test_setup "DSA private key"
+pem_der_exp ./certs/1024/dsa1024.pem \
+            ./certs/1024/dsa1024.der "DSA PRIVATE KEY"
+
+USAGE_STRING="  EC PRIVATE KEY"
+test_setup "ECC private key"
+pem_der_exp ./certs/ecc-keyPkcs8.pem \
+            ./certs/ecc-keyPkcs8.der "PRIVATE KEY"
+
+USAGE_STRING="  EC PRIVATE KEY"
+test_setup "EC PRIVATE KEY"
+pem_der_exp ./certs/ecc-privkey.pem \
+            ./certs/ecc-privkey.der "EC PRIVATE KEY"
+
+USAGE_STRING="  EC PARAMETERS"
+test_setup "ECC parameters"
+pem_der_exp ./certs/ecc-params.pem \
+            ./certs/ecc-params.der "EC PARAMETERS"
+
+test_setup "ECC public key"
+pem_der_exp ./certs/ecc-keyPub.pem \
+            ./certs/ecc-keyPub.der "PUBLIC KEY"
+
+test_setup "Ed25519 public key"
+pem_der_exp ./certs/ed25519/client-ed25519-key.pem \
+            ./certs/ed25519/client-ed25519-key.der 'PUBLIC KEY'
+
+test_setup "Ed25519 private key"
+pem_der_exp ./certs/ed25519/client-ed25519-priv.pem \
+            ./certs/ed25519/client-ed25519-priv.der 'PRIVATE KEY'
+
+USAGE_STRING="  EDDSA PRIVATE KEY"
+test_setup "EdDSA private key"
+pem_der_exp ./certs/ed25519/eddsa-ed25519.pem \
+            ./certs/ed25519/eddsa-ed25519.der 'EDDSA PRIVATE KEY'
+
+test_setup "Ed448 public key"
+pem_der_exp ./certs/ed448/client-ed448-key.pem \
+            ./certs/ed448/client-ed448-key.der 'PUBLIC KEY'
+
+test_setup "Ed448 private key"
+pem_der_exp ./certs/ed448/client-ed448-priv.pem \
+            ./certs/ed448/client-ed448-priv.der 'PRIVATE KEY'
+
+USAGE_STRING="  CERTIFICATE REQUEST"
+test_setup "Certificate Request"
+pem_der_exp ./certs/csr.dsa.pem \
+            ./certs/csr.dsa.der 'CERTIFICATE REQUEST'
+
+USAGE_STRING="  X509 CRL"
+test_setup "X509 CRL"
+pem_der_exp ./certs/crl/caEccCrl.pem \
+            ./certs/crl/caEccCrl.der 'X509 CRL'
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key with header"
+convert_to_der -in ./certs/server-keyEnc.pem -p yassl123 --padding
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key - PKCS#8"
+convert_to_der -in ./certs/server-keyPkcs8Enc.pem -p yassl123
+
+USAGE_STRING=$ENC_STRING
+test_setup "Encrypted Key - PKCS#8 (PKCS#12 PBE)"
+convert_to_der -in ./certs/server-keyPkcs8Enc12.pem -p yassl123
+
+USAGE_STRING="PBES1_MD5_DES"
+test_setup "Encrypted Key - PKCS#8 (PKCS#5 PBES1-MD5-DES)"
+convert_to_der -in ./certs/ecc-keyPkcs8Enc.pem -p yassl123
+
+USAGE_STRING=" DES3"
+test_setup "Encrypted Key - PKCS#8 (PKCS#5v2 PBE-SHA1-DES3)"
+convert_to_der -in ./certs/server-keyPkcs8Enc2.pem -p yassl123
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (Default: PKCS#5 PBES2 AES-256-CBC)"
+der_pem_enc
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - Large salt"
+der_pem_enc -s 16
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - 10000 iterations (DER encoding check)"
+der_pem_enc -i 10000
+
+USAGE_STRING="AES-256-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 - 100 iterations (DER encoding check)"
+der_pem_enc -i 100
+
+USAGE_STRING="AES-128-CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 AES-128-CBC)"
+der_pem_enc --pbe-alg AES-128-CBC
+
+USAGE_STRING="DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 DES)"
+der_pem_enc --pbe-alg DES
+
+
+USAGE_STRING="DES3"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES2 DES3)"
+der_pem_enc --pbe-alg DES3
+
+USAGE_STRING="PBES1_MD5_DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES1-MD5-DES)"
+der_pem_enc --pbe PBES1_MD5_DES
+
+USAGE_STRING="PBES1_SHA1_DES"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#5 PBES1-SHA1-DES)"
+der_pem_enc --pbe PBES1_SHA1_DES
+
+USAGE_STRING="  SHA1_RC4_128"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-RC4-128)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_RC4_128
+
+USAGE_STRING="  SHA1_DES3"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-DES3)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_DES3
+
+USAGE_STRING="SHA1_40RC2_CBC"
+PEM_TYPE="ENCRYPTED PRIVATE KEY"
+test_setup "Encrypt Key - PKCS#8 (PKCS#12 PBE-SHA1-40RC2-CBC)"
+der_pem_enc --pbe-ver PKCS12 --pbe SHA1_40RC2_CBC
+
+# Note: PKCS#12 with SHA1_DES doesn't work as we encode as PKCS#5 SHA1_DES as
+# ids are the same
+
+
+# Report results
+echo
+if [ "$TEST_SKIP_CNT" = "0" ]; then
+    echo "RESULT: $TEST_PASS_CNT/$TEST_CNT (pass/total)"
+else
+    echo "RESULT: $TEST_PASS_CNT/$TEST_SKIP_CNT/$TEST_CNT (pass/skip/total)"
+fi
+if [ "$TEST_FAIL_CNT" != "0" ]; then
+    echo "FAILURES ($TEST_FAIL_CNT):$TEST_FAIL"
+else
+    echo "PASSED"
+fi
+
+# Cleanup temporaries
+do_cleanup
+
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh b/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
index c58352a3..eac16097 100755
--- a/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-gen.sh
@@ -1,4 +1,5 @@
 #!/bin/bash
+#set -x
 
 # Run this script from the wolfSSL root
 if [ ! -f wolfssl/ssl.h ]; then
@@ -6,93 +7,110 @@ if [ ! -f wolfssl/ssl.h ]; then
     exit 1
 fi
 
-run_sequence() {
-    if [ "$1" == "dh" ] || [ "$1" == "ecc" ]; then
-        # TLS v1.3
-        ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256
-
-        ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384
-
-        ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256
-    fi
-    if [ "$1" == "dh-resume" ] || [ "$1" == "ecc-resume" ]; then
-        # TLS v1.3 Resumption
-        ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r
-
-        ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r
-
-        ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r
-    fi
+server_pid=0
+tcpdump_pid=0
 
-    if [ "$1" == "x25519" ]; then
-        # TLS v1.3
-        ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+cleanup() {
+    if [ "$server_pid" -ne 0 ]; then kill $server_pid; server_pid=0; fi
+    if [ "$tcpdump_pid" -ne 0 ]; then sleep 1; kill -15 $tcpdump_pid; tcpdump_pid=0; fi
+}
+trap cleanup EXIT INT TERM HUP
 
-        ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+set -o pipefail
+prepend() { # Usage: cmd 2>&1 | prepend "sometext "
+    while read line; do echo "${1}${line}"; done
+}
 
-        ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+run_test() { # Usage: run_test <cipher> [serverArgs [clientArgs]]
+    echo "Running test $1"
+    CIPHER=$1
+    if [ "$CIPHER" != "" ]; then
+        CIPHER="-l $CIPHER"
     fi
-    # Run: with x25519_resume
-    if [ "$1" == "x25519-resume" ]; then
-        # TLS v1.3 Resumption
-        ./examples/server/server -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES128-GCM-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
-
-        ./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
-
-        ./examples/server/server -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem &
-        sleep 0.1
-        ./examples/client/client -v 4 -l TLS13-CHACHA20-POLY1305-SHA256 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem
+    stdbuf -oL -eL ./examples/server/server -i -x $CIPHER $2 2>&1 | prepend "[server] " &
+    server_pid=$!
+    ((server_pid--)) # Get the first PID in the pipe
+    sleep 0.1
+    stdbuf -oL -eL ./examples/client/client $CIPHER $3 2>&1 | prepend "[client] "
+    RET=$?
+    if [ "$RET" != 0 ]; then
+        echo "Error in test: $RET"
+        exit $RET
     fi
+    kill $server_pid; server_pid=0
+    echo "Test passed: $1"
+}
 
-    # TLS v1.3 Hello Retry Request
-    if [ "$1" == "hrr" ]; then
-        # TLS v1.3 Hello Retry Request
-        ./examples/server/server -v 4 -i -x -g &
-        server_pid=$!
-        sleep 0.1
-        ./examples/client/client -v 4 -J
-        kill $server_pid
+run_sequence() {
+    if [ "$1" == "tls13-dh" ] || [ "$1" == "tls13-ecc" ] || [ "$1" == "tls13-keylog" ]; then # TLS v1.3
+        run_test "TLS13-AES128-GCM-SHA256" "-v 4" "-v 4"
+        run_test "TLS13-AES256-GCM-SHA384" "-v 4" "-v 4"
+        run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4" "-v 4"
+    elif [ "$1" == "tls12" ] || [ "$1" == "tls12-keylog" ]; then # TLS v1.2
+        run_test "ECDHE-ECDSA-AES128-GCM-SHA256" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-key.pem -c ./certs/intermediate/server-chain-ecc.pem -V" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-client-key.pem -c ./certs/intermediate/client-chain-ecc.pem -C"
+        run_test "ECDHE-ECDSA-AES256-GCM-SHA384" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-key.pem -c ./certs/intermediate/server-chain-ecc.pem -V" "-v 3 -A ./certs/ca-ecc-cert.pem -k ./certs/ecc-client-key.pem -c ./certs/intermediate/client-chain-ecc.pem -C"
+    elif [ "$1" == "tls13-dh-resume" ] || [ "$1" == "tls13-ecc-resume" ]; then # TLS v1.3 Resumption
+        run_test "TLS13-AES128-GCM-SHA256" "-v 4 -r" "-v 4 -r"
+        run_test "TLS13-AES256-GCM-SHA384" "-v 4 -r" "-v 4 -r"
+        run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -r" "-v 4 -r"
+    elif [ "$1" == "tls13-x25519" ]; then # TLS v1.3
+        run_test "TLS13-AES128-GCM-SHA256" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+        run_test "TLS13-AES256-GCM-SHA384" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+        run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+    elif [ "$1" == "tls13-x25519-resume" ]; then # TLS v1.3 x25519 Resumption
+        run_test "TLS13-AES128-GCM-SHA256" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+        run_test "TLS13-AES256-GCM-SHA384" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+        run_test "TLS13-CHACHA20-POLY1305-SHA256" "-v 4 -r -c ./certs/ed25519/server-ed25519.pem -k ./certs/ed25519/server-ed25519-priv.pem -A ./certs/ed25519/client-ed25519.pem" "-v 4 -r -c ./certs/ed25519/client-ed25519.pem -k ./certs/ed25519/client-ed25519-priv.pem -A ./certs/ed25519/root-ed25519.pem"
+    elif [ "$1" == "tls13-hrr" ]; then # TLS v1.3 Hello Retry Request
+        run_test "" "-v 4 -g" "-v 4 -J"
+    else
+        echo "Invalid test"
+        exit 1
     fi
-    sleep 1
 }
 
-run_capture(){
-    echo -e "\nconfiguring and building wolfssl..."
-    ./configure --enable-sniffer $2 1>/dev/null || exit $?
+
+run_capture() {
+    local config_flags=()
+    echo -e "\nconfiguring and building wolfssl ($1)..."
+
+    # Add default flags
+    config_flags+=(--enable-sniffer)
+
+    # If additional arguments are provided, add them to the array
+    if [ -n "$2" ]; then
+        # Convert string into an array, respecting quoted strings as a single element
+        eval "config_flags+=($2)"
+    fi
+
+    ./configure "${config_flags[@]}" 1>/dev/null || exit $?
     make 1>/dev/null || exit $?
+
+    if [[ "$1" == "tls12-keylog" || "$1" == "tls13-keylog" ]]; then
+        rm -f ./sslkeylog.log
+    fi
+
     echo "starting capture"
-    tcpdump -i lo0 -nn port 11111 -w ./scripts/sniffer-tls13-$1.pcap &
+    tcpdump -i lo -n port 11111 -w ./scripts/sniffer-${1}.pcap -U &
     tcpdump_pid=$!
     run_sequence $1
-    kill $tcpdump_pid
+    sleep 1
+    kill -15 $tcpdump_pid; tcpdump_pid=0
+
+    if [[ "$1" == "tls12-keylog" || "$1" == "tls13-keylog" ]]; then
+        cp ./sslkeylog.log ./scripts/sniffer-${1}.sslkeylog
+    fi
 }
 
-run_capture "ecc"           ""
-run_capture "ecc-resume"    "--enable-session-ticket"
-run_capture "dh"            "--disable-ecc"
-run_capture "dh-resume"     "--disable-ecc --enable-session-ticket"
-run_capture "x25519"        "--enable-curve25519 --disable-dh --disable-ecc"
-run_capture "x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket"
-run_capture "hrr"           "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"
+run_capture "tls12"               ""
+run_capture "tls12-keylog"        "--enable-enc-then-mac=no --enable-keylog-export CFLAGS='-Wno-cpp -DWOLFSSL_SNIFFER_KEYLOGFILE'"
+run_capture "tls13-keylog"        "--enable-keylog-export CFLAGS='-Wno-cpp -DWOLFSSL_SNIFFER_KEYLOGFILE'"
+run_capture "tls13-ecc"           ""
+run_capture "tls13-ecc-resume"    "--enable-session-ticket"
+run_capture "tls13-dh"            "--disable-ecc"
+run_capture "tls13-dh-resume"     "--disable-ecc --enable-session-ticket"
+run_capture "tls13-x25519"        "--enable-curve25519 --disable-dh --disable-ecc"
+run_capture "tls13-x25519-resume" "--enable-curve25519 --disable-dh --disable-ecc --enable-session-ticket"
+run_capture "tls13-hrr"           "--disable-dh CFLAGS=-DWOLFSSL_SNIFFER_WATCH"
+
+echo "Tests passed in $SECONDS seconds"
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test b/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
index 574ea93f..0be4587f 100755
--- a/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-testsuite.test
@@ -59,6 +59,12 @@ has_static_rsa=no
 if [ $? -eq 0 ]; then
     has_static_rsa=yes
 fi
+# ./configure --enable-sniffer CFLAGS="-DWOLFSSL_SNIFFER_KEYLOGFILE"
+has_keylog=no
+./sslSniffer/sslSnifferTest/snifftest -? 2>&1 | grep -- 'ssl_keylog_file'
+if [ $? -eq 0 ]; then
+    has_keylog=yes
+fi
 
 
 RESULT=0
@@ -66,8 +72,8 @@ RESULT=0
 # TLS v1.2 Static RSA Test
 if test $RESULT -eq 0 && test $has_rsa == yes && test $has_tlsv12 == yes && test $has_static_rsa == yes
 then
-    echo -e "\nStaring snifftest on testsuite.pcap...\n"
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-static-rsa.pcap ./certs/server-key.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-static-rsa.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-static-rsa.pcap -key ./certs/server-key.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest static RSA failed\n" && exit 1
@@ -76,17 +82,54 @@ fi
 # TLS v1.2 Static RSA Test (IPv6)
 if test $RESULT -eq 0 && test $has_rsa == yes && test $has_tlsv12 == yes && test $has_static_rsa == yes
 then
-    echo -e "\nStaring snifftest on sniffer-ipv6.pcap...\n"
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-ipv6.pcap ./certs/server-key.pem ::1 11111
+    echo -e "\nStarting snifftest on sniffer-ipv6.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-ipv6.pcap -key ./certs/server-key.pem -server ::1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest (ipv6) failed\n" && exit 1
 fi
 
+#  TLS v1.2 and v1.3 sniffer keylog file test: runs sniffer on pcap and associated keylog file and compares decrypted traffic with known good output.
+#  To regenerate the known good output, run `scripts/sniffer-gen.sh` to regenerate the pcap and keylog file, then run the sniffer on it
+#  with the same arguments as in the test below, but redirect output to `./scripts/sniffer-tls12-keylog.out`.
+if test $RESULT -eq 0 && test $has_keylog == yes
+then
+    for tlsver in tls12 tls13
+    do
+        # skip tls versions we don't have compiled-in support for
+        [[ $tlsver == "tls12" && $has_tlsv12 == "no" ]] && continue
+        [[ $tlsver == "tls13" && $has_tlsv13 == "no" ]] && continue
+
+        echo -e "\nStarting snifftest on sniffer-$tlsver-keylog.pcap...\n"
+
+        TMPFILE=$(mktemp)
+        RESULT=$?
+        [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: unable to create tmpfile\n" && rm $TMPFILE && exit 1
+
+        ./sslSniffer/sslSnifferTest/snifftest \
+            -pcap scripts/sniffer-$tlsver-keylog.pcap \
+            -keylogfile scripts/sniffer-$tlsver-keylog.sslkeylog \
+            -server 127.0.0.1 -port 11111 | tee $TMPFILE
+
+        RESULT=$?
+        [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: snifftest returned $RESULT\n" && rm $TMPFILE && exit 1
+
+        # use grep to only compare against decrypted output
+        SEARCH_STRING="SSL App Data"
+        grep "$SEARCH_STRING" $TMPFILE | diff - <(grep "$SEARCH_STRING" scripts/sniffer-$tlsver-keylog.out)
+
+        RESULT=$?
+        [ $RESULT -ne 0 ] && echo -e "\n$tlsver snifftest keylog test failed: snifftest diff returned $RESULT\n" && rm $TMPFILE && exit 1
+
+        rm $TMPFILE
+    done
+fi
+
 # TLS v1.3 sniffer test ECC
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-ecc.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-ecc.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-ecc.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 ECC failed\n" && exit 1
@@ -95,7 +138,8 @@ fi
 # TLS v1.3 sniffer test DH
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_dh == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-dh.pcap ./certs/statickeys/dh-ffdhe2048.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-dh.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-dh.pcap -key ./certs/statickeys/dh-ffdhe2048.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH failed\n" && exit 1
@@ -104,7 +148,8 @@ fi
 # TLS v1.3 sniffer test X25519
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_x25519 == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-x25519.pcap ./certs/statickeys/x25519.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-x25519.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-x25519.pcap -key ./certs/statickeys/x25519.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 X25519 failed\n" && exit 1
@@ -113,7 +158,8 @@ fi
 # TLS v1.3 sniffer test ECC resumption
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes && test $session_ticket == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-ecc-resume.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-ecc-resume.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-ecc-resume.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 ECC failed\n" && exit 1
@@ -122,7 +168,8 @@ fi
 # TLS v1.3 sniffer test DH
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_dh == yes && test $session_ticket == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-dh-resume.pcap ./certs/statickeys/dh-ffdhe2048.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-dh-resume.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-dh-resume.pcap -key ./certs/statickeys/dh-ffdhe2048.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 DH failed\n" && exit 1
@@ -131,7 +178,8 @@ fi
 # TLS v1.3 sniffer test X25519
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_x25519 == yes && test $session_ticket == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-x25519-resume.pcap ./certs/statickeys/x25519.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-x25519-resume.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-x25519-resume.pcap -key ./certs/statickeys/x25519.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 X25519 failed\n" && exit 1
@@ -140,12 +188,12 @@ fi
 # TLS v1.3 sniffer test hello_retry_request (HRR) with ECDHE
 if test $RESULT -eq 0 && test $has_tlsv13 == yes && test $has_ecc == yes
 then
-    ./sslSniffer/sslSnifferTest/snifftest ./scripts/sniffer-tls13-hrr.pcap ./certs/statickeys/ecc-secp256r1.pem 127.0.0.1 11111
+    echo -e "\nStarting snifftest on sniffer-tls13-hrr.pcap...\n"
+    ./sslSniffer/sslSnifferTest/snifftest -pcap ./scripts/sniffer-tls13-hrr.pcap -key ./certs/statickeys/ecc-secp256r1.pem -server 127.0.0.1 -port 11111
 
     RESULT=$?
     [ $RESULT -ne 0 ] && echo -e "\nsnifftest TLS v1.3 HRR failed\n" && exit 1
 fi
 
 echo -e "\nSuccess!\n"
-
 exit 0
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out
new file mode 100644
index 00000000..5c32c858
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.out
@@ -0,0 +1,7 @@
+snifftest 5.6.3
+sniffer features: key_callback tls_v13 tls_v12 static_ephemeral sni extended_master rsa dh ecc rsa_static dh_static ssl_keylog_file 
+
+SSL App Data(26:14):hello wolfssl!
+SSL App Data(27:22):I hear you fa shizzle!
+SSL App Data(57:14):hello wolfssl!
+SSL App Data(58:22):I hear you fa shizzle!
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap
new file mode 100644
index 00000000..577e38ba
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.pcap
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog
new file mode 100644
index 00000000..a2bcddaf
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls12-keylog.sslkeylog
@@ -0,0 +1,4 @@
+CLIENT_RANDOM 10b90b535c84a76d92d655789c6ae562c02448f6b1ad95eecf2b619a61cdff32 dbb3e0d1968e59f16259f5c86f10df10156d2002277984c19fd6ef187a98534d01df0cc617f6e4fe644bf45bb5c371e8
+CLIENT_RANDOM 10b90b535c84a76d92d655789c6ae562c02448f6b1ad95eecf2b619a61cdff32 dbb3e0d1968e59f16259f5c86f10df10156d2002277984c19fd6ef187a98534d01df0cc617f6e4fe644bf45bb5c371e8
+CLIENT_RANDOM 0b524527d36bef5e8537e8a728ddea96b3587c84329c0f1ff524f20589e08ee4 05aae5a9ea9cc56f61801189e867a00ca780e578389ba79a287da9e7c86198061fbed81b325b754091b7b96c37182ee9
+CLIENT_RANDOM 0b524527d36bef5e8537e8a728ddea96b3587c84329c0f1ff524f20589e08ee4 05aae5a9ea9cc56f61801189e867a00ca780e578389ba79a287da9e7c86198061fbed81b325b754091b7b96c37182ee9
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out
new file mode 100644
index 00000000..844e204b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.out
@@ -0,0 +1,9 @@
+snifftest 5.6.3
+sniffer features: key_callback tls_v13 tls_v12 static_ephemeral sni extended_master rsa dh ecc rsa_static dh_static ssl_keylog_file 
+
+SSL App Data(22:14):hello wolfssl!
+SSL App Data(24:22):I hear you fa shizzle!
+SSL App Data(50:14):hello wolfssl!
+SSL App Data(51:22):I hear you fa shizzle!
+SSL App Data(77:14):hello wolfssl!
+SSL App Data(78:22):I hear you fa shizzle!
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap
new file mode 100644
index 00000000..a7dce5cb
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.pcap
diff --git a/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog
new file mode 100644
index 00000000..8a557837
--- /dev/null
+++ b/extra/wolfssl/wolfssl/scripts/sniffer-tls13-keylog.sslkeylog
@@ -0,0 +1,24 @@
+CLIENT_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 d7e90625f07d9ca3c09862eb23badbcfeadee90341564f0e08ccb6dca4169fa0
+CLIENT_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 d7e90625f07d9ca3c09862eb23badbcfeadee90341564f0e08ccb6dca4169fa0
+SERVER_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 6887aa8833f3c6e9b4d211e62f105100f1ec30a0e66e8bec08349388bbb1ea14
+SERVER_HANDSHAKE_TRAFFIC_SECRET d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 6887aa8833f3c6e9b4d211e62f105100f1ec30a0e66e8bec08349388bbb1ea14
+CLIENT_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 45d90c7debf4fa6123f86a229a6beacc3e4f6ccfa2fa9144f8822a31d1cd6887
+SERVER_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 5341d729eb66e2f098adc7b7fbf38efddf58cfd3946cfa45d5e43923d6d8d6e7
+CLIENT_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 45d90c7debf4fa6123f86a229a6beacc3e4f6ccfa2fa9144f8822a31d1cd6887
+SERVER_TRAFFIC_SECRET_0 d99819b631844f268f7179381e8003976d100e553ff7d55c4c79919d09231009 5341d729eb66e2f098adc7b7fbf38efddf58cfd3946cfa45d5e43923d6d8d6e7
+CLIENT_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 363cd576478d733f04895c0aff54f9393d542485548f29be71e43ea89c7ebbc7c527735ca97500a9bcc975e78c9fb59e
+SERVER_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 217e25b3934b5fcb9d7f78c26c2a4a3de048d3bf6defed80901971c69c9cf805a71a3b916e8c0d1bfc274b7e45231f00
+CLIENT_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 363cd576478d733f04895c0aff54f9393d542485548f29be71e43ea89c7ebbc7c527735ca97500a9bcc975e78c9fb59e
+SERVER_HANDSHAKE_TRAFFIC_SECRET f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 217e25b3934b5fcb9d7f78c26c2a4a3de048d3bf6defed80901971c69c9cf805a71a3b916e8c0d1bfc274b7e45231f00
+CLIENT_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 246b412ade0a21f52fd763996e07e55a12927bf342f00f26eea660803d79d31c9ccfbaca010ea2bae970cca15050af3a
+SERVER_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 19135dd5d1c271e50a7a1721a21258bfab412f2bd8d607397b09eca381785b77ec7e56b014c49776de76b6c9089a8ecc
+CLIENT_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 246b412ade0a21f52fd763996e07e55a12927bf342f00f26eea660803d79d31c9ccfbaca010ea2bae970cca15050af3a
+SERVER_TRAFFIC_SECRET_0 f894c097fd8487eb0814460a3cb087889dde2c9ffe1ecdbe38e61ceac549263f 19135dd5d1c271e50a7a1721a21258bfab412f2bd8d607397b09eca381785b77ec7e56b014c49776de76b6c9089a8ecc
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 8b105eb411a40a629cb1cfd3163066f9e31863b5a01226c16ecbf95274022b7c
+SERVER_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 532d887bc52a937c6101278100eda09542affd953151e7484ef12ce653cc3afb
+CLIENT_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 8b105eb411a40a629cb1cfd3163066f9e31863b5a01226c16ecbf95274022b7c
+SERVER_HANDSHAKE_TRAFFIC_SECRET b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 532d887bc52a937c6101278100eda09542affd953151e7484ef12ce653cc3afb
+CLIENT_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 76ebcabed6ecf6bc7cdcc65bb15dba6d530f204b13486e926bb81a139d267240
+SERVER_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 7371413fec66d8e960bb284295514716c14c7aa451fb63f9d17aaa0c0fa8daa2
+CLIENT_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 76ebcabed6ecf6bc7cdcc65bb15dba6d530f204b13486e926bb81a139d267240
+SERVER_TRAFFIC_SECRET_0 b72cb4fa8af218c7162d459673d577cc98110edf0460ce3d3d3366b40a4af5b0 7371413fec66d8e960bb284295514716c14c7aa451fb63f9d17aaa0c0fa8daa2
diff --git a/extra/wolfssl/wolfssl/src/bio.c b/extra/wolfssl/wolfssl/src/bio.c
index 5f845cf0..85de16dd 100644
--- a/extra/wolfssl/wolfssl/src/bio.c
+++ b/extra/wolfssl/wolfssl/src/bio.c
@@ -1155,6 +1155,32 @@ long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **ptr)
     return ret;
 }
 
+#ifdef OPENSSL_ALL
+    int wolfSSL_BIO_set_mem_buf(WOLFSSL_BIO* bio, WOLFSSL_BUF_MEM* bufMem,
+                                int closeFlag)
+    {
+        if (!bio || !bufMem ||
+            (closeFlag != BIO_NOCLOSE && closeFlag != BIO_CLOSE))
+            return BAD_FUNC_ARG;
+
+        if (bio->mem_buf)
+            if (closeFlag == BIO_CLOSE)
+                wolfSSL_BUF_MEM_free(bio->mem_buf);
+
+        bio->mem_buf = bufMem;
+        bio->shutdown = closeFlag;
+
+        bio->wrSz = (int)bio->mem_buf->length;
+        bio->wrSzReset = bio->wrSz;
+        bio->num = (int)bio->mem_buf->max;
+        bio->ptr = bio->mem_buf->data;
+        bio->wrIdx = 0;
+        bio->rdIdx = 0;
+
+        return WOLFSSL_SUCCESS;
+    }
+#endif
+
 WOLFSSL_API long wolfSSL_BIO_int_ctrl(WOLFSSL_BIO *bp, int cmd, long larg, int iarg)
 {
     (void) bp;
@@ -1937,10 +1963,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
     WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_md(void)
     {
-        static WOLFSSL_BIO_METHOD meth;
+        static WOLFSSL_BIO_METHOD meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_MD);
 
         WOLFSSL_ENTER("wolfSSL_BIO_f_md");
-        meth.type = WOLFSSL_BIO_MD;
 
         return &meth;
     }
@@ -1960,10 +1986,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
     WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_buffer(void)
     {
-        static WOLFSSL_BIO_METHOD meth;
+        static WOLFSSL_BIO_METHOD meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BUFFER);
 
         WOLFSSL_ENTER("wolfSSL_BIO_f_buffer");
-        meth.type = WOLFSSL_BIO_BUFFER;
 
         return &meth;
     }
@@ -1991,10 +2017,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
     WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_bio(void)
     {
-        static WOLFSSL_BIO_METHOD bio_meth;
+        static WOLFSSL_BIO_METHOD bio_meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BIO);
 
         WOLFSSL_ENTER("wolfSSL_BIO_s_bio");
-        bio_meth.type = WOLFSSL_BIO_BIO;
 
         return &bio_meth;
     }
@@ -2003,10 +2029,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 #ifndef NO_FILESYSTEM
     WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_file(void)
     {
-        static WOLFSSL_BIO_METHOD file_meth;
+        static WOLFSSL_BIO_METHOD file_meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_FILE);
 
         WOLFSSL_ENTER("wolfSSL_BIO_s_file");
-        file_meth.type = WOLFSSL_BIO_FILE;
 
         return &file_meth;
     }
@@ -2015,10 +2041,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
     WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_ssl(void)
     {
-        static WOLFSSL_BIO_METHOD meth;
+        static WOLFSSL_BIO_METHOD meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_SSL);
 
         WOLFSSL_ENTER("wolfSSL_BIO_f_ssl");
-        meth.type = WOLFSSL_BIO_SSL;
 
         return &meth;
     }
@@ -2026,10 +2052,10 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
     WOLFSSL_BIO_METHOD *wolfSSL_BIO_s_socket(void)
     {
-        static WOLFSSL_BIO_METHOD meth;
+        static WOLFSSL_BIO_METHOD meth =
+                WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_SOCKET);
 
         WOLFSSL_ENTER("wolfSSL_BIO_s_socket");
-        meth.type = WOLFSSL_BIO_SOCKET;
 
         return &meth;
     }
@@ -2069,9 +2095,15 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
 
             bio->ip = (char*)XMALLOC((port - str) + 1, /* +1 for null char */
                     bio->heap, DYNAMIC_TYPE_OPENSSL);
-            XMEMCPY(bio->ip, str, port - str);
-            bio->ip[port - str] = '\0';
-            bio->type  = WOLFSSL_BIO_SOCKET;
+            if (bio->ip != NULL) {
+                XMEMCPY(bio->ip, str, port - str);
+                bio->ip[port - str] = '\0';
+                bio->type  = WOLFSSL_BIO_SOCKET;
+            }
+            else {
+                BIO_free(bio);
+                bio = NULL;
+            }
         }
         return bio;
     }
@@ -2328,14 +2360,13 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
         return WOLFSSL_SUCCESS;
     }
 
-    WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx)
+    WOLFSSL_BIO* wolfSSL_BIO_new_ssl(WOLFSSL_CTX* ctx, int client)
     {
         WOLFSSL* ssl = NULL;
         WOLFSSL_BIO* sslBio = NULL;
-        WOLFSSL_BIO* connBio = NULL;
         int err = 0;
 
-        WOLFSSL_ENTER("wolfSSL_BIO_new_ssl_connect");
+        WOLFSSL_ENTER("wolfSSL_BIO_new_ssl");
 
         if (ctx == NULL) {
             WOLFSSL_MSG("ctx is NULL.");
@@ -2356,11 +2387,46 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
                 err = 1;
             }
         }
+        if (err == 0) {
+            if (!client)
+                wolfSSL_set_accept_state(ssl);
+            else
+                wolfSSL_set_connect_state(ssl);
+        }
         if (err == 0 && wolfSSL_BIO_set_ssl(sslBio, ssl, BIO_CLOSE) !=
             WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("Failed to set SSL pointer in BIO.");
             err = 1;
         }
+
+        if (err) {
+            wolfSSL_free(ssl);
+            wolfSSL_BIO_free(sslBio);
+        }
+
+        return sslBio;
+    }
+
+    WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx)
+    {
+        WOLFSSL_BIO* sslBio = NULL;
+        WOLFSSL_BIO* connBio = NULL;
+        int err = 0;
+
+        WOLFSSL_ENTER("wolfSSL_BIO_new_ssl_connect");
+
+        if (ctx == NULL) {
+            WOLFSSL_MSG("ctx is NULL.");
+            err = 1;
+        }
+
+        if (err == 0) {
+            sslBio = wolfSSL_BIO_new_ssl(ctx, 1);
+            if (sslBio == NULL) {
+                WOLFSSL_MSG("Failed to create SSL BIO.");
+                err = 1;
+            }
+        }
         if (err == 0) {
             connBio = wolfSSL_BIO_new(wolfSSL_BIO_s_socket());
             if (connBio == NULL) {
@@ -2373,7 +2439,6 @@ int wolfSSL_BIO_flush(WOLFSSL_BIO* bio)
         }
 
         if (err == 1) {
-            wolfSSL_free(ssl);
             wolfSSL_BIO_free(sslBio);
             sslBio = NULL;
             wolfSSL_BIO_free(connBio);
@@ -2738,10 +2803,10 @@ WOLFSSL_BIO* wolfSSL_BIO_pop(WOLFSSL_BIO* bio)
 
 WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void)
 {
-    static WOLFSSL_BIO_METHOD meth;
+    static WOLFSSL_BIO_METHOD meth =
+            WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_MEMORY);
 
     WOLFSSL_ENTER("wolfSSL_BIO_s_mem");
-    meth.type = WOLFSSL_BIO_MEMORY;
 
     return &meth;
 }
@@ -2749,10 +2814,10 @@ WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_mem(void)
 
 WOLFSSL_BIO_METHOD* wolfSSL_BIO_f_base64(void)
 {
-    static WOLFSSL_BIO_METHOD meth;
+    static WOLFSSL_BIO_METHOD meth =
+            WOLFSSL_BIO_METHOD_INIT(WOLFSSL_BIO_BASE64);
 
     WOLFSSL_ENTER("wolfSSL_BIO_f_base64");
-    meth.type = WOLFSSL_BIO_BASE64;
 
     return &meth;
 }
@@ -3213,6 +3278,26 @@ int wolfSSL_BIO_should_retry(WOLFSSL_BIO *bio)
     return ret;
 }
 
+int wolfSSL_BIO_should_read(WOLFSSL_BIO *bio)
+{
+    int ret = 0;
+    if (bio != NULL) {
+        ret = (int)(bio->flags & WOLFSSL_BIO_FLAG_READ);
+    }
+
+    return ret;
+}
+
+int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio)
+{
+    int ret = 0;
+    if (bio != NULL) {
+        ret = (int)(bio->flags & WOLFSSL_BIO_FLAG_WRITE);
+    }
+
+    return ret;
+}
+
 #endif /* OPENSSL_ALL */
 
 #endif /* WOLFSSL_BIO_INCLUDED */
diff --git a/extra/wolfssl/wolfssl/src/conf.c b/extra/wolfssl/wolfssl/src/conf.c
index 6ad5b640..cfc6085a 100644
--- a/extra/wolfssl/wolfssl/src/conf.c
+++ b/extra/wolfssl/wolfssl/src/conf.c
@@ -143,7 +143,7 @@ WOLFSSL_TXT_DB *wolfSSL_TXT_DB_read(WOLFSSL_BIO *in, int num)
     failed = 0;
 error:
     if (failed && ret) {
-        XFREE(ret, NULL, DYNAMIC_TYPE_OPENSSL);
+        wolfSSL_TXT_DB_free(ret);
         ret = NULL;
     }
     if (buf) {
@@ -458,6 +458,7 @@ int wolfSSL_CONF_add_string(WOLFSSL_CONF *conf,
     }
     if (wolfSSL_sk_CONF_VALUE_push(conf->data, value) != WOLFSSL_SUCCESS) {
         WOLFSSL_MSG("wolfSSL_sk_CONF_VALUE_push error");
+        wolfssl_sk_pop_type(sk, STACK_TYPE_CONF_VALUE);
         return WOLFSSL_FAILURE;
     }
 
@@ -743,7 +744,7 @@ static char* expandValue(WOLFSSL_CONF *conf, const char* section,
                     strIdx += 2;
                     startIdx = strIdx;
                 }
-                while (*strIdx && (XISALNUM((int)(*strIdx)) || *strIdx == '_'))
+                while (*strIdx && (XISALNUM((unsigned char)*strIdx) || *strIdx == '_'))
                     strIdx++;
                 endIdx = strIdx;
                 if (startIdx == endIdx) {
@@ -948,6 +949,7 @@ int wolfSSL_NCONF_load(WOLFSSL_CONF *conf, const char *file, long *eline)
 
             if (wolfSSL_CONF_add_string(conf, section, newVal) !=
                     WOLFSSL_SUCCESS) {
+                wolfSSL_X509V3_conf_free(newVal);
                 WOLFSSL_MSG("wolfSSL_CONF_add_string error");
                 goto cleanup;
             }
diff --git a/extra/wolfssl/wolfssl/src/crl.c b/extra/wolfssl/wolfssl/src/crl.c
index 559e459c..9c847b8c 100644
--- a/extra/wolfssl/wolfssl/src/crl.c
+++ b/extra/wolfssl/wolfssl/src/crl.c
@@ -28,6 +28,9 @@ CRL Options:
  * CRL_MAX_REVOKED_CERTS:                                          default: 4
  *                         Specifies the number of buffers to hold RevokedCerts.
  *                         The default value is set to 4.
+ * CRL_REPORT_LOAD_ERRORS:                                         default: off
+ *                         Return any errors encountered during loading CRL
+ *                         from a directory.
 */
 #ifdef HAVE_CONFIG_H
     #include <config.h>
@@ -46,10 +49,11 @@ CRL Options:
 #endif
 
 #ifdef HAVE_CRL_MONITOR
-    #if (defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__))
-        static int StopMonitor(int mfd);
+    #if defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__) || \
+         defined(_MSC_VER)
+        static int StopMonitor(wolfSSL_CRL_mfd_t mfd);
     #else
-        #error "CRL monitor only currently supported on linux or mach"
+        #error "CRL monitor only currently supported on linux or mach or windows"
     #endif
 #endif /* HAVE_CRL_MONITOR */
 
@@ -68,18 +72,18 @@ int InitCRL(WOLFSSL_CRL* crl, WOLFSSL_CERT_MANAGER* cm)
     crl->monitors[0].path = NULL;
     crl->monitors[1].path = NULL;
 #ifdef HAVE_CRL_MONITOR
-    crl->tid   =  0;
-    crl->mfd   = -1;    /* mfd for bsd is kqueue fd, eventfd for linux */
-    crl->setup = 0;     /* thread setup done predicate */
-    if (pthread_cond_init(&crl->cond, 0) != 0) {
-        WOLFSSL_MSG("Pthread condition init failed");
+    crl->tid = INVALID_THREAD_VAL;
+    crl->mfd = WOLFSSL_CRL_MFD_INIT_VAL;
+    crl->setup = 0; /* thread setup done predicate */
+    if (wolfSSL_CondInit(&crl->cond) != 0) {
+        WOLFSSL_MSG("thread condition init failed");
         return BAD_COND_E;
     }
 #endif
 #ifdef HAVE_CRL_IO
     crl->crlIOCb = NULL;
 #endif
-    if (wc_InitMutex(&crl->crlLock) != 0) {
+    if (wc_InitRwLock(&crl->crlLock) != 0) {
         WOLFSSL_MSG("Init Mutex failed");
         return BAD_MUTEX_E;
     }
@@ -164,9 +168,23 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
     return 0;
 }
 
+static CRL_Entry* CRL_Entry_new(void* heap)
+{
+    CRL_Entry* crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap,
+                                          DYNAMIC_TYPE_CRL_ENTRY);
+    if (crle != NULL) {
+        XMEMSET(crle, 0, sizeof(CRL_Entry));
+        if (wc_InitMutex(&crle->verifyMutex) != 0) {
+            XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
+            crle = NULL;
+        }
+    }
+    (void)heap;
+    return crle;
+}
 
 /* Free all CRL Entry resources */
-static void FreeCRL_Entry(CRL_Entry* crle, void* heap)
+static void CRL_Entry_free(CRL_Entry* crle, void* heap)
 {
 #ifdef CRL_STATIC_REVOKED_LIST
     if (crle != NULL) {
@@ -194,16 +212,21 @@ static void FreeCRL_Entry(CRL_Entry* crle, void* heap)
         XFREE(crle->issuer, heap, DYNAMIC_TYPE_X509);
     }
 #endif
+    wc_FreeMutex(&crle->verifyMutex);
+    XFREE(crle, heap, DYNAMIC_TYPE_CRL_ENTRY);
     (void)heap;
 }
 
 
-
 /* Free all CRL resources */
 void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
 {
-    CRL_Entry* tmp = crl->crlList;
+    CRL_Entry* tmp;
+
+    if (crl == NULL)
+        return;
 
+    tmp = crl->crlList;
     WOLFSSL_ENTER("FreeCRL");
     if (crl->monitors[0].path)
         XFREE(crl->monitors[0].path, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
@@ -215,37 +238,34 @@ void FreeCRL(WOLFSSL_CRL* crl, int dynamic)
     crl->currentEntry = NULL;
     while(tmp) {
         CRL_Entry* next = tmp->next;
-        FreeCRL_Entry(tmp, crl->heap);
-        XFREE(tmp, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+        CRL_Entry_free(tmp, crl->heap);
         tmp = next;
     }
 
 #ifdef HAVE_CRL_MONITOR
-    if (crl->tid != 0) {
+    if (crl->tid != INVALID_THREAD_VAL) {
         WOLFSSL_MSG("stopping monitor thread");
         if (StopMonitor(crl->mfd) == 0) {
-            int _pthread_ret = pthread_join(crl->tid, NULL);
-            if (_pthread_ret != 0)
-                WOLFSSL_MSG("stop monitor failed in pthread_join");
+            if (wolfSSL_JoinThread(crl->tid) != 0)
+                WOLFSSL_MSG("stop monitor failed in wolfSSL_JoinThread");
         }
         else {
             WOLFSSL_MSG("stop monitor failed");
         }
     }
-    {
-        int _pthread_ret = pthread_cond_destroy(&crl->cond);
-        if (_pthread_ret != 0)
-            WOLFSSL_MSG("pthread_cond_destroy failed in FreeCRL");
-    }
+    if (wolfSSL_CondFree(&crl->cond) != 0)
+        WOLFSSL_MSG("wolfSSL_CondFree failed in FreeCRL");
 #endif
-    wc_FreeMutex(&crl->crlLock);
+    wc_FreeRwLock(&crl->crlLock);
     if (dynamic)   /* free self */
         XFREE(crl, crl->heap, DYNAMIC_TYPE_CRL);
 }
 
-static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
+static int FindRevokedSerial(RevokedCert* rc, byte* serial, int serialSz,
+        byte* serialHash, int totalCerts)
 {
     int ret = 0;
+    byte hash[SIGNER_DIGEST_SIZE];
 #ifdef CRL_STATIC_REVOKED_LIST
     /* do binary search */
     int low, high, mid;
@@ -256,11 +276,10 @@ static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
     while (low <= high) {
         mid = (low + high) / 2;
 
-        if (XMEMCMP(rc[mid].serialNumber, cert->serial, rc->serialSz) < 0) {
+        if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) < 0) {
             low = mid + 1;
         }
-        else if (XMEMCMP(rc[mid].serialNumber, cert->serial,
-                                                        rc->serialSz) > 0) {
+        else if (XMEMCMP(rc[mid].serialNumber, serial, rc->serialSz) > 0) {
             high = mid - 1;
         }
         else {
@@ -274,119 +293,95 @@ static int FindRevokedSerial(DecodedCert* cert, RevokedCert* rc, int totalCerts)
     /* search in the linked list*/
 
     while (rc) {
-        if (rc->serialSz == cert->serialSz &&
-               XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) {
-            WOLFSSL_MSG("Cert revoked");
-            ret = CRL_CERT_REVOKED;
-            break;
+        if (serialHash == NULL) {
+            if (rc->serialSz == serialSz &&
+                   XMEMCMP(rc->serialNumber, serial, rc->serialSz) == 0) {
+                WOLFSSL_MSG("Cert revoked");
+                ret = CRL_CERT_REVOKED;
+                break;
+            }
+        }
+        else {
+            ret = CalcHashId(rc->serialNumber, rc->serialSz, hash);
+            if (ret != 0)
+                break;
+            if (XMEMCMP(hash, serialHash, SIGNER_DIGEST_SIZE) == 0) {
+                WOLFSSL_MSG("Cert revoked");
+                ret = CRL_CERT_REVOKED;
+                break;
+            }
         }
         rc = rc->next;
     }
 #endif
     return ret;
 }
-static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntry)
+
+static int VerifyCRLE(const WOLFSSL_CRL* crl, CRL_Entry* crle)
+{
+    Signer* ca = NULL;
+    SignatureCtx sigCtx;
+    int ret = 0;
+
+#ifndef NO_SKID
+    if (crle->extAuthKeyIdSet)
+        ca = GetCA(crl->cm, crle->extAuthKeyId);
+    if (ca == NULL)
+        ca = GetCAByName(crl->cm, crle->issuerHash);
+#else /* NO_SKID */
+    ca = GetCA(crl->cm, crle->issuerHash);
+#endif /* NO_SKID */
+    if (ca == NULL) {
+        WOLFSSL_MSG("Did NOT find CRL issuer CA");
+        return ASN_CRL_NO_SIGNER_E;
+    }
+
+    ret = VerifyCRL_Signature(&sigCtx, crle->toBeSigned, crle->tbsSz,
+            crle->signature, crle->signatureSz, crle->signatureOID, ca,
+            crl->heap);
+
+    if (ret == 0)
+        crle->verified = 1;
+    else
+        crle->verified = ret;
+
+    return ret;
+}
+
+static int CheckCertCRLList(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
+        int serialSz, byte* serialHash, int *pFoundEntry)
 {
     CRL_Entry* crle;
     int        foundEntry = 0;
     int        ret = 0;
 
-    if (wc_LockMutex(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex failed");
+    if (wc_LockRwLock_Rd(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("wc_LockRwLock_Rd failed");
         return BAD_MUTEX_E;
     }
 
-    crle = crl->crlList;
-
-    while (crle) {
-        if (XMEMCMP(crle->issuerHash, cert->issuerHash, CRL_DIGEST_SIZE) == 0) {
+    for (crle = crl->crlList; crle != NULL; crle = crle->next) {
+        if (XMEMCMP(crle->issuerHash, issuerHash, CRL_DIGEST_SIZE) == 0) {
             WOLFSSL_MSG("Found CRL Entry on list");
 
             if (crle->verified == 0) {
-                Signer* ca = NULL;
-            #ifndef NO_SKID
-                byte extAuthKeyId[KEYID_SIZE];
-            #endif
-                byte issuerHash[CRL_DIGEST_SIZE];
-                byte* tbs;
-                word32 tbsSz = crle->tbsSz;
-                byte* sig = NULL;
-                word32 sigSz = crle->signatureSz;
-                word32 sigOID = crle->signatureOID;
-                SignatureCtx sigCtx;
-
-                tbs = (byte*)XMALLOC(tbsSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                if (tbs == NULL) {
-                    wc_UnLockMutex(&crl->crlLock);
-                    return MEMORY_E;
-                }
-                sig = (byte*)XMALLOC(sigSz, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                if (sig == NULL) {
-                    XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                    wc_UnLockMutex(&crl->crlLock);
-                    return MEMORY_E;
-                }
-
-                XMEMCPY(tbs, crle->toBeSigned, tbsSz);
-                XMEMCPY(sig, crle->signature, sigSz);
-            #ifndef NO_SKID
-                XMEMCPY(extAuthKeyId, crle->extAuthKeyId,
-                                                          sizeof(extAuthKeyId));
-            #endif
-                XMEMCPY(issuerHash, crle->issuerHash, sizeof(issuerHash));
-
-                wc_UnLockMutex(&crl->crlLock);
-
-            #ifndef NO_SKID
-                if (crle->extAuthKeyIdSet)
-                    ca = GetCA(crl->cm, extAuthKeyId);
-                if (ca == NULL)
-                    ca = GetCAByName(crl->cm, issuerHash);
-            #else /* NO_SKID */
-                ca = GetCA(crl->cm, issuerHash);
-            #endif /* NO_SKID */
-                if (ca == NULL) {
-                    XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                    XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                    WOLFSSL_MSG("Did NOT find CRL issuer CA");
-                    return ASN_CRL_NO_SIGNER_E;
+                if (wc_LockMutex(&crle->verifyMutex) != 0) {
+                    WOLFSSL_MSG("wc_LockMutex failed");
+                    break;
                 }
 
-                ret = VerifyCRL_Signature(&sigCtx, tbs, tbsSz, sig, sigSz,
-                                          sigOID, ca, crl->heap);
-
-                XFREE(sig, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-                XFREE(tbs, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+                /* A different thread may have verified the entry while we were
+                 * waiting for the mutex. */
+                if (crle->verified == 0)
+                    ret = VerifyCRLE(crl, crle);
 
-                if (wc_LockMutex(&crl->crlLock) != 0) {
-                    WOLFSSL_MSG("wc_LockMutex failed");
-                    return BAD_MUTEX_E;
-                }
+                wc_UnLockMutex(&crle->verifyMutex);
 
-                crle = crl->crlList;
-                while (crle) {
-                    if (XMEMCMP(crle->issuerHash, cert->issuerHash,
-                        CRL_DIGEST_SIZE) == 0) {
-
-                        if (ret == 0)
-                            crle->verified = 1;
-                        else
-                            crle->verified = ret;
-
-                        XFREE(crle->toBeSigned, crl->heap,
-                                                        DYNAMIC_TYPE_CRL_ENTRY);
-                        crle->toBeSigned = NULL;
-                        XFREE(crle->signature, crl->heap,
-                                                        DYNAMIC_TYPE_CRL_ENTRY);
-                        crle->signature = NULL;
-                        break;
-                    }
-                    crle = crle->next;
-                }
-                if (crle == NULL || crle->verified < 0)
+                if (ret != 0)
                     break;
             }
-            else if (crle->verified < 0) {
+
+            if (crle->verified < 0) {
                 WOLFSSL_MSG("Cannot use CRL as it didn't verify");
                 ret = crle->verified;
                 break;
@@ -398,7 +393,7 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
             if (crle->nextDateFormat != ASN_OTHER_TYPE)
         #endif
             {
-            #ifndef NO_ASN_TIME
+            #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
                 if (!XVALIDATE_DATE(crle->nextDate,crle->nextDateFormat, AFTER)) {
                     WOLFSSL_MSG("CRL next date is no longer valid");
                     ret = ASN_AFTER_DATE_E;
@@ -407,52 +402,58 @@ static int CheckCertCRLList(WOLFSSL_CRL* crl, DecodedCert* cert, int *pFoundEntr
             }
             if (ret == 0) {
                 foundEntry = 1;
+                ret = FindRevokedSerial(crle->certs, serial, serialSz,
+                        serialHash, crle->totalCerts);
+                if (ret != 0)
+                    break;
             }
-            break;
         }
-        crle = crle->next;
     }
 
-    if (foundEntry) {
-        ret = FindRevokedSerial(cert, crle->certs, crle->totalCerts);
-    }
-
-    wc_UnLockMutex(&crl->crlLock);
+    wc_UnLockRwLock(&crl->crlLock);
 
     *pFoundEntry = foundEntry;
 
     return ret;
 }
 
-/* Is the cert ok with CRL, return 0 on success */
-int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
+int CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash, byte* serial,
+        int serialSz, byte* serialHash, const byte* extCrlInfo,
+        int extCrlInfoSz, void* issuerName)
 {
     int        foundEntry = 0;
     int        ret = 0;
 
     WOLFSSL_ENTER("CheckCertCRL");
+    (void)issuerName;
+
+    if ((serial == NULL || serialSz == 0) && serialHash == NULL) {
+        WOLFSSL_MSG("Either serial or hash has to be provided");
+        return BUFFER_ERROR;
+    }
 
 #ifdef WOLFSSL_CRL_ALLOW_MISSING_CDP
     /* Skip CRL verification in case no CDP in peer cert */
-    if (!cert->extCrlInfo) {
+    if (!extCrlInfo) {
         return ret;
     }
 #endif
 
-    ret = CheckCertCRLList(crl, cert, &foundEntry);
+    ret = CheckCertCRLList(crl, issuerHash, serial, serialSz, serialHash,
+            &foundEntry);
 
 #ifdef HAVE_CRL_IO
     if (foundEntry == 0) {
         /* perform embedded lookup */
         if (crl->crlIOCb) {
-            ret = crl->crlIOCb(crl, (const char*)cert->extCrlInfo,
-                                                        cert->extCrlInfoSz);
+            ret = crl->crlIOCb(crl, (const char*)extCrlInfo, extCrlInfoSz);
             if (ret == WOLFSSL_CBIO_ERR_WANT_READ) {
                 ret = OCSP_WANT_READ;
             }
             else if (ret >= 0) {
                 /* try again */
-                ret = CheckCertCRLList(crl, cert, &foundEntry);
+                ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
+                        serialHash, &foundEntry);
             }
         }
     }
@@ -469,10 +470,11 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
     if ((foundEntry == 0) && (ret != OCSP_WANT_READ)) {
         if (crl->cm->x509_store_p != NULL) {
             ret = LoadCertByIssuer(crl->cm->x509_store_p,
-                          (WOLFSSL_X509_NAME*)cert->issuerName, X509_LU_CRL);
+                          (WOLFSSL_X509_NAME*)issuerName, X509_LU_CRL);
             if (ret == WOLFSSL_SUCCESS) {
                 /* try again */
-                ret = CheckCertCRLList(crl, cert, &foundEntry);
+                ret = CheckCertCRLList(crl, issuerHash, serial, serialSz,
+                        serialHash, &foundEntry);
             }
         }
     }
@@ -488,10 +490,10 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
 
             WOLFSSL_MSG("Issuing missing CRL callback");
             url[0] = '\0';
-            if (cert->extCrlInfo) {
-                if (cert->extCrlInfoSz < (int)sizeof(url) -1 ) {
-                    XMEMCPY(url, cert->extCrlInfo, cert->extCrlInfoSz);
-                    url[cert->extCrlInfoSz] = '\0';
+            if (extCrlInfo) {
+                if (extCrlInfoSz < (int)sizeof(url) -1 ) {
+                    XMEMCPY(url, extCrlInfo, extCrlInfoSz);
+                    url[extCrlInfoSz] = '\0';
                 }
                 else  {
                     WOLFSSL_MSG("CRL url too long");
@@ -505,6 +507,18 @@ int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
     return ret;
 }
 
+/* Is the cert ok with CRL, return 0 on success */
+int CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert)
+{
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+    void* issuerName = cert->issuerName;
+#else
+    void* issuerName = NULL;
+#endif
+    return CheckCertCRL_ex(crl, cert->issuerHash, cert->serial, cert->serialSz,
+            NULL, cert->extCrlInfo, cert->extCrlInfoSz, issuerName);
+}
+
 
 /* Add Decoded CRL, 0 on success */
 static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
@@ -520,8 +534,7 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
     crle = crl->currentEntry;
 
     if (crle == NULL) {
-        crle = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap,
-                                   DYNAMIC_TYPE_CRL_ENTRY);
+        crle = CRL_Entry_new(crl->heap);
         if (crle == NULL) {
             WOLFSSL_MSG("alloc CRL Entry failed");
             return MEMORY_E;
@@ -530,25 +543,19 @@ static int AddCRL(WOLFSSL_CRL* crl, DecodedCRL* dcrl, const byte* buff,
 
     if (InitCRL_Entry(crle, dcrl, buff, verified, crl->heap) < 0) {
         WOLFSSL_MSG("Init CRL Entry failed");
-        FreeCRL_Entry(crle, crl->heap);
-        if (crle != crl->currentEntry) {
-            XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-        }
+        CRL_Entry_free(crle, crl->heap);
         return -1;
     }
 
-    if (wc_LockMutex(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex failed");
-        FreeCRL_Entry(crle, crl->heap);
-        if (crle != crl->currentEntry) {
-            XFREE(crle, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
-        }
+    if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("wc_LockRwLock_Wr failed");
+        CRL_Entry_free(crle, crl->heap);
         return BAD_MUTEX_E;
     }
 
     crle->next = crl->crlList;
     crl->crlList = crle;
-    wc_UnLockMutex(&crl->crlLock);
+    wc_UnLockRwLock(&crl->crlLock);
     /* Avoid heap-use-after-free after crl->crlList is released */
     crl->currentEntry = NULL;
 
@@ -599,8 +606,7 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
     }
 #endif
 
-    crl->currentEntry = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), crl->heap,
-                                        DYNAMIC_TYPE_CRL_ENTRY);
+    crl->currentEntry = CRL_Entry_new(crl->heap);
     if (crl->currentEntry == NULL) {
         WOLFSSL_MSG("alloc CRL Entry failed");
     #ifdef WOLFSSL_SMALL_STACK
@@ -609,20 +615,20 @@ int BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz, int type,
         FreeDer(&der);
         return MEMORY_E;
     }
-    XMEMSET(crl->currentEntry, 0, sizeof(CRL_Entry));
 
     InitDecodedCRL(dcrl, crl->heap);
     ret = ParseCRL(crl->currentEntry->certs, dcrl, myBuffer, (word32)sz,
                    verify, crl->cm);
     if (ret != 0 && !(ret == ASN_CRL_NO_SIGNER_E && verify == NO_VERIFY)) {
         WOLFSSL_MSG("ParseCRL error");
-        XFREE(crl->currentEntry, crl->heap, DYNAMIC_TYPE_CRL_ENTRY);
+        CRL_Entry_free(crl->currentEntry, crl->heap);
         crl->currentEntry = NULL;
     }
     else {
         ret = AddCRL(crl, dcrl, myBuffer, ret != ASN_CRL_NO_SIGNER_E);
         if (ret != 0) {
             WOLFSSL_MSG("AddCRL error");
+            crl->currentEntry = NULL;
         }
     }
 
@@ -701,75 +707,49 @@ static RevokedCert *DupRevokedCertList(RevokedCert* in, void* heap)
 static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap)
 {
     CRL_Entry *dupl;
+    const size_t copyOffset = OFFSETOF(CRL_Entry, verifyMutex) +
+            sizeof(ent->verifyMutex);
 #ifdef CRL_STATIC_REVOKED_LIST
     if (ent->totalCerts > CRL_MAX_REVOKED_CERTS) {
         return NULL;
     }
 #endif
-    dupl = (CRL_Entry*)XMALLOC(sizeof(CRL_Entry), heap, DYNAMIC_TYPE_CRL_ENTRY);
+    dupl = CRL_Entry_new(heap);
     if (dupl == NULL) {
         WOLFSSL_MSG("alloc CRL Entry failed");
         return NULL;
     }
-    XMEMSET(dupl, 0, sizeof(CRL_Entry));
 
-    XMEMCPY(dupl->issuerHash, ent->issuerHash, CRL_DIGEST_SIZE);
-    XMEMCPY(dupl->lastDate, ent->lastDate, MAX_DATE_SIZE);
-    XMEMCPY(dupl->nextDate, ent->nextDate, MAX_DATE_SIZE);
-    dupl->lastDateFormat = ent->lastDateFormat;
-    dupl->nextDateFormat = ent->nextDateFormat;
+    XMEMCPY((byte*)dupl + copyOffset, (byte*)ent + copyOffset,
+            sizeof(CRL_Entry) - copyOffset);
 
-#if defined(OPENSSL_EXTRA)
-    dupl->lastDateAsn1.length = MAX_DATE_SIZE;
-    XMEMCPY (dupl->lastDateAsn1.data, dupl->lastDate,
-             dupl->lastDateAsn1.length);
-    dupl->lastDateAsn1.type = dupl->lastDateFormat;
-    dupl->nextDateAsn1.length = MAX_DATE_SIZE;
-    XMEMCPY (dupl->nextDateAsn1.data, dupl->nextDate,
-             dupl->nextDateAsn1.length);
-    dupl->nextDateAsn1.type = dupl->nextDateFormat;
-#endif
-
-#ifdef CRL_STATIC_REVOKED_LIST
-    XMEMCPY(dupl->certs, ent->certs, ent->totalCerts*sizeof(RevokedCert));
-#else
+#ifndef CRL_STATIC_REVOKED_LIST
     dupl->certs = DupRevokedCertList(ent->certs, heap);
 #endif
-    dupl->totalCerts = ent->totalCerts;
-    dupl->verified = ent->verified;
+#ifdef OPENSSL_EXTRA
+    dupl->issuer = wolfSSL_X509_NAME_dup(ent->issuer);
+#endif
 
     if (!ent->verified) {
-        dupl->tbsSz = ent->tbsSz;
-        dupl->signatureSz = ent->signatureSz;
-        dupl->signatureOID = ent->signatureOID;
         dupl->toBeSigned = (byte*)XMALLOC(dupl->tbsSz, heap,
                                           DYNAMIC_TYPE_CRL_ENTRY);
-        if (dupl->toBeSigned == NULL) {
-            FreeCRL_Entry(dupl, heap);
-            XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY);
-            return NULL;
-        }
-
         dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap,
                                          DYNAMIC_TYPE_CRL_ENTRY);
-        if (dupl->signature == NULL) {
-            FreeCRL_Entry(dupl, heap);
-            XFREE(dupl, heap, DYNAMIC_TYPE_CRL_ENTRY);
+        if (dupl->toBeSigned == NULL || dupl->signature == NULL) {
+            CRL_Entry_free(dupl, heap);
             return NULL;
         }
         XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz);
         XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz);
-    #ifndef NO_SKID
-        dupl->extAuthKeyIdSet = ent->extAuthKeyIdSet;
-        if (dupl->extAuthKeyIdSet)
-            XMEMCPY(dupl->extAuthKeyId, ent->extAuthKeyId, KEYID_SIZE);
-    #endif
     }
     else {
         dupl->toBeSigned = NULL;
         dupl->tbsSz = 0;
         dupl->signature = NULL;
         dupl->signatureSz = 0;
+#if !defined(NO_SKID) && !defined(NO_ASN)
+        dupl->extAuthKeyIdSet = 0;
+#endif
     }
 
     return dupl;
@@ -781,33 +761,26 @@ static CRL_Entry* DupCRL_list(CRL_Entry* crl, void* heap)
 {
     CRL_Entry* current;
     CRL_Entry* head = NULL;
-    CRL_Entry* prev = NULL;
+    CRL_Entry** prev = &head;
 
-    current = crl;
-    while (current != NULL) {
+    for (current = crl; current != NULL; current = current->next) {
         CRL_Entry* tmp = DupCRL_Entry(current, heap);
         if (tmp != NULL) {
-            tmp->next = NULL;
-            if (head == NULL)
-                head = tmp;
-            if (prev != NULL)
-                prev->next = tmp;
-            prev = tmp;
+            *prev = tmp;
+            prev = &tmp->next;
         }
         else {
             WOLFSSL_MSG("Failed to allocate new CRL_Entry structure");
             /* free up any existing list */
             while (head != NULL) {
-                current = head;
-                head = head->next;
-                FreeCRL_Entry(current, heap);
-                XFREE(current, heap, DYNAMIC_TYPE_CRL_ENTRY);
+                CRL_Entry* next = head->next;
+                CRL_Entry_free(head, heap);
+                head = next;
             }
-
             return NULL;
         }
-        current = current->next;
     }
+
     return head;
 }
 
@@ -860,8 +833,8 @@ static int DupX509_CRL(WOLFSSL_X509_CRL *dupl, const WOLFSSL_X509_CRL* crl)
 /* returns WOLFSSL_SUCCESS on success. Does not take ownership of newcrl */
 int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newcrl)
 {
-    CRL_Entry   *crle;
     WOLFSSL_X509_CRL *crl;
+    int ret = 0;
 
     WOLFSSL_ENTER("wolfSSL_X509_STORE_add_crl");
     if (store == NULL || newcrl == NULL || store->cm == NULL)
@@ -870,11 +843,17 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
     if (store->cm->crl == NULL) {
         crl = wolfSSL_X509_crl_new(store->cm);
         if (crl == NULL) {
+            WOLFSSL_MSG("wolfSSL_X509_crl_new failed");
             return WOLFSSL_FAILURE;
         }
-        if (DupX509_CRL(crl, newcrl) != 0) {
-            if (crl != NULL)
-                FreeCRL(crl, 1);
+        if (wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
+            WOLFSSL_MSG("wc_LockRwLock_Rd failed");
+            return BAD_MUTEX_E;
+        }
+        ret = DupX509_CRL(crl, newcrl);
+        wc_UnLockRwLock(&newcrl->crlLock);
+        if (ret != 0) {
+            FreeCRL(crl, 1);
             return WOLFSSL_FAILURE;
         }
         store->crl = store->cm->crl = crl;
@@ -888,26 +867,29 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
 
     /* find tail of current list and add new list */
     crl  = store->cm->crl;
-    crle = crl->crlList;
     if (newcrl->crlList != NULL) {
-        CRL_Entry *tail = crle;
+        CRL_Entry **tail;
         CRL_Entry *toAdd;
 
-        if (wc_LockMutex(&crl->crlLock) != 0)
-        {
-            WOLFSSL_MSG("wc_LockMutex failed");
+        if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+            WOLFSSL_MSG("wc_LockRwLock_Wr failed");
             return BAD_MUTEX_E;
         }
 
-        toAdd = DupCRL_list(newcrl->crlList, crl->heap);
-        if (tail == NULL) {
-            crl->crlList = toAdd;
-        }
-        else {
-            while (tail->next != NULL) tail = tail->next;
-            tail->next = toAdd;
+        if (crl != newcrl && wc_LockRwLock_Rd(&newcrl->crlLock) != 0) {
+            WOLFSSL_MSG("wc_LockRwLock_Wr failed");
+            wc_UnLockRwLock(&crl->crlLock);
+            return BAD_MUTEX_E;
         }
-        wc_UnLockMutex(&crl->crlLock);
+        toAdd = DupCRL_list(newcrl->crlList, crl->heap);
+        if (crl != newcrl)
+            wc_UnLockRwLock(&newcrl->crlLock);
+
+        tail = &crl->crlList;
+        while (*tail != NULL)
+            tail = &(*tail)->next;
+        *tail = toAdd;
+        wc_UnLockRwLock(&crl->crlLock);
     }
 
     if (wolfSSL_CertManagerEnableCRL(store->cm, WOLFSSL_CRL_CHECKALL)
@@ -928,23 +910,20 @@ int wolfSSL_X509_STORE_add_crl(WOLFSSL_X509_STORE *store, WOLFSSL_X509_CRL *newc
 /* Signal Monitor thread is setup, save status to setup flag, 0 on success */
 static int SignalSetup(WOLFSSL_CRL* crl, int status)
 {
-    int ret;
+    int ret, condRet;
 
-    /* signal to calling thread we're setup */
-    if (wc_LockMutex(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex crlLock failed");
-        return BAD_MUTEX_E;
-    }
-
-        crl->setup = status;
-        ret = pthread_cond_signal(&crl->cond);
+    ret = wolfSSL_CondStart(&crl->cond);
+    if (ret != 0)
+        return ret;
 
-    wc_UnLockMutex(&crl->crlLock);
+    crl->setup = status;
 
+    condRet = wolfSSL_CondSignal(&crl->cond);
+    ret = wolfSSL_CondEnd(&crl->cond);
     if (ret != 0)
-        return BAD_COND_E;
+        return ret;
 
-    return 0;
+    return condRet;
 }
 
 
@@ -997,8 +976,8 @@ static int SwapLists(WOLFSSL_CRL* crl)
         }
     }
 
-    if (wc_LockMutex(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex failed");
+    if (wc_LockRwLock_Wr(&crl->crlLock) != 0) {
+        WOLFSSL_MSG("wc_LockRwLock_Wr failed");
         FreeCRL(tmp, 0);
 #ifdef WOLFSSL_SMALL_STACK
         XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1012,7 +991,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
     tmp->crlList  = crl->crlList;
     crl->crlList = newList;
 
-    wc_UnLockMutex(&crl->crlLock);
+    wc_UnLockRwLock(&crl->crlLock);
 
     FreeCRL(tmp, 0);
 
@@ -1035,7 +1014,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
 #ifdef __MACH__
     #define XEVENT_MODE O_EVTONLY
 #elif defined(__FreeBSD__)
-    #define XEVENT_MODE EVFILT_VNODE
+    #define XEVENT_MODE O_RDONLY
 #endif
 
 
@@ -1047,7 +1026,7 @@ static int SwapLists(WOLFSSL_CRL* crl)
 
 
 /* shutdown monitor thread, 0 on success */
-static int StopMonitor(int mfd)
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
 {
     struct kevent change;
 
@@ -1063,7 +1042,7 @@ static int StopMonitor(int mfd)
 
 
 /* OS X  monitoring */
-static void* DoMonitor(void* arg)
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
 {
     int fPEM, fDER;
     struct kevent change;
@@ -1114,11 +1093,11 @@ static void* DoMonitor(void* arg)
     }
 
     if (fPEM != -1)
-        EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+        EV_SET(&change, fPEM, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
                 NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
 
     if (fDER != -1)
-        EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_ONESHOT,
+        EV_SET(&change, fDER, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
                 NOTE_DELETE | NOTE_EXTEND | NOTE_WRITE | NOTE_ATTRIB, 0, 0);
 
     /* signal to calling thread we're setup */
@@ -1180,7 +1159,7 @@ static void* DoMonitor(void* arg)
 
 
 /* shutdown monitor thread, 0 on success */
-static int StopMonitor(int mfd)
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
 {
     word64 w64 = 1;
 
@@ -1195,7 +1174,7 @@ static int StopMonitor(int mfd)
 
 
 /* linux monitoring */
-static void* DoMonitor(void* arg)
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
 {
     int         notifyFd;
     int         wd  = -1;
@@ -1247,18 +1226,9 @@ static void* DoMonitor(void* arg)
         }
     }
 
-#ifdef WOLFSSL_SMALL_STACK
-    buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (buff == NULL)
-        return NULL;
-#endif
 
     /* signal to calling thread we're setup */
     if (SignalSetup(crl, 1) != 0) {
-        #ifdef WOLFSSL_SMALL_STACK
-            XFREE(buff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        #endif
-
         if (wd > 0) {
             if (inotify_rm_watch(notifyFd, wd) < 0)
                 WOLFSSL_MSG("inotify_rm_watch #1 failed in DoMonitor");
@@ -1268,6 +1238,12 @@ static void* DoMonitor(void* arg)
         return NULL;
     }
 
+#ifdef WOLFSSL_SMALL_STACK
+    buff = (char*)XMALLOC(8192, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (buff == NULL)
+        return NULL;
+#endif
+
     for (;;) {
         fd_set readfds;
         int    result;
@@ -1326,7 +1302,145 @@ static void* DoMonitor(void* arg)
     return NULL;
 }
 
-#endif /* MACH or linux */
+#elif defined(_MSC_VER)
+
+/* shutdown monitor thread, 0 on success */
+static int StopMonitor(wolfSSL_CRL_mfd_t mfd)
+{
+    if (SetEvent(mfd) == 0) {
+        WOLFSSL_MSG("SetEvent custom event trigger failed");
+        return -1;
+    }
+    return 0;
+}
+
+#ifdef DEBUG_WOLFSSL
+#define SHOW_WINDOWS_ERROR() do {                               \
+    LPVOID lpMsgBuf;                                            \
+    DWORD dw = GetLastError();                                  \
+    FormatMessageA(                                             \
+        FORMAT_MESSAGE_ALLOCATE_BUFFER |                        \
+        FORMAT_MESSAGE_FROM_SYSTEM |                            \
+        FORMAT_MESSAGE_IGNORE_INSERTS,                          \
+        NULL,                                                   \
+        dw,                                                     \
+        MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),              \
+        (LPSTR) &lpMsgBuf,                                      \
+        0, NULL );                                              \
+    WOLFSSL_MSG_EX("DoMonitor failed with error %d: %s\n",      \
+        dw, lpMsgBuf);                                          \
+    LocalFree(lpMsgBuf);                                        \
+} while(0)
+#else
+#define SHOW_WINDOWS_ERROR() WC_DO_NOTHING
+#endif
+
+#define DM_ERROR() do {                                         \
+    SHOW_WINDOWS_ERROR();                                       \
+    status = MONITOR_SETUP_E;                                   \
+    goto cleanup;                                               \
+} while(0)
+
+/* windows monitoring
+ * Tested initially by hand by running
+ * .\server.exe -A certs/ca-cert.pem -i -x
+ * and connecting to with
+ * .\client.exe -C -c certs/server-cert.pem -k certs/server-key.pem
+ * This connection succeeds by default. By deleting all files from certs/crl
+ * except for crl.revoked we disallow the client to connect. Deleting files
+ * is done while the server is running to show that the monitor reacts to
+ * changes in the crl directory. */
+static THREAD_RETURN WOLFSSL_THREAD DoMonitor(void* arg)
+{
+    WOLFSSL_CRL* crl = (WOLFSSL_CRL*)arg;
+    int status = 0;
+    HANDLE handles[WOLFSSL_CRL_MONITORS_LEN + 1];
+    DWORD handlesLen = 0;
+    int i;
+
+    WOLFSSL_ENTER("DoMonitor");
+
+    handles[0] = crl->mfd = CreateEventA(NULL, FALSE, FALSE, NULL);
+    if (crl->mfd == NULL) {
+        WOLFSSL_MSG("CreateEventA failed");
+        DM_ERROR();
+    }
+    handlesLen++;
+
+    for (i = 0; i < WOLFSSL_CRL_MONITORS_LEN; i++) {
+        if (crl->monitors[i].path) {
+            handles[handlesLen] = FindFirstChangeNotificationA(
+                crl->monitors[i].path, TRUE,
+                /* Watch for any changes that may affect what CRL's we load.
+                 * This may trigger on the same file multiple times but this
+                 * way we are certain that we have the most up to date and
+                 * accurate set of CRL's. We don't expect this to trigger
+                 * often enough for it to be a bottleneck. */
+                FILE_NOTIFY_CHANGE_FILE_NAME | FILE_NOTIFY_CHANGE_ATTRIBUTES |
+                FILE_NOTIFY_CHANGE_SIZE | FILE_NOTIFY_CHANGE_LAST_WRITE |
+                FILE_NOTIFY_CHANGE_SECURITY);
+            if (handles[handlesLen] == INVALID_HANDLE_VALUE) {
+                WOLFSSL_MSG("FindFirstChangeNotificationA failed");
+                DM_ERROR();
+            }
+            handlesLen++;
+        }
+    }
+
+    if (handlesLen == 1) {
+        WOLFSSL_MSG("Nothing to watch. Only custom event handle set.");
+        DM_ERROR();
+    }
+
+    if (SignalSetup(crl, 1) != 0) {
+        WOLFSSL_MSG("Call to SignalSetup failed");
+        DM_ERROR();
+    }
+
+    for (;;) {
+        DWORD waitRet = WaitForMultipleObjects(handlesLen, handles, FALSE,
+                                               INFINITE);
+        WOLFSSL_MSG("Got notify event");
+
+        if (waitRet >= WAIT_OBJECT_0 && waitRet < WAIT_OBJECT_0 + handlesLen) {
+            if (waitRet == WAIT_OBJECT_0) {
+                WOLFSSL_MSG("got custom shutdown event, breaking out");
+                break;
+            }
+            else if (SwapLists(crl) < 0) {
+                WOLFSSL_MSG("SwapLists problem, continue");
+            }
+        }
+        else {
+            WOLFSSL_MSG("Unexpected WaitForMultipleObjects return. Continue.");
+        }
+
+        for (i = 1; i < (int)handlesLen; i++) {
+            if (FindNextChangeNotification(handles[i]) == 0) {
+                WOLFSSL_MSG("FindNextChangeNotification failed");
+                DM_ERROR();
+            }
+        }
+    }
+
+cleanup:
+    if (status != 0)
+        SignalSetup(crl, status);
+    for (i = 0; i < (int)handlesLen; i++) {
+        BOOL closeRet;
+        if (i == 0) /* First handle is our custom event */
+            closeRet = CloseHandle(handles[i]);
+        else
+            closeRet = FindCloseChangeNotification(handles[i]);
+        if (closeRet == 0) {
+            WOLFSSL_MSG("Failed to close handle");
+        }
+    }
+    crl->mfd = INVALID_HANDLE_VALUE;
+    return 0;
+}
+
+#endif /* MACH or linux or windows */
 
 
 /* Start Monitoring the CRL path(s) in a thread */
@@ -1339,58 +1453,44 @@ static int StartMonitorCRL(WOLFSSL_CRL* crl)
     if (crl == NULL)
         return BAD_FUNC_ARG;
 
-    if (crl->tid != 0) {
+    if (crl->tid != INVALID_THREAD_VAL) {
         WOLFSSL_MSG("Monitor thread already running");
         return ret;  /* that's ok, someone already started */
     }
 
-    if (pthread_create(&crl->tid, NULL, DoMonitor, crl) != 0) {
+    if (wolfSSL_NewThread(&crl->tid, DoMonitor, crl) != 0) {
         WOLFSSL_MSG("Thread creation error");
         return THREAD_CREATE_E;
     }
 
     /* wait for setup to complete */
-    if (wc_LockMutex(&crl->crlLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex crlLock error");
+    if (wolfSSL_CondStart(&crl->cond) != 0) {
+        WOLFSSL_MSG("wolfSSL_CondStart failed");
         return BAD_MUTEX_E;
     }
-
-        while (crl->setup == 0) {
-            if (pthread_cond_wait(&crl->cond, &crl->crlLock) != 0) {
-                ret = BAD_COND_E;
-                break;
-            }
+    while (crl->setup == 0) {
+        int condRet;
+        condRet = wolfSSL_CondWait(&crl->cond);
+        if (condRet != 0) {
+            ret = BAD_COND_E;
+            break;
         }
-        if (crl->setup < 0)
-            ret = crl->setup;  /* store setup error */
-
-    wc_UnLockMutex(&crl->crlLock);
+    }
+    if (ret >= 0 && crl->setup < 0)
+        ret = crl->setup;  /* store setup error */
 
     if (ret < 0) {
         WOLFSSL_MSG("DoMonitor setup failure");
-        crl->tid = 0;  /* thread already done */
+        crl->tid = INVALID_THREAD_VAL;  /* thread already done */
+    }
+    if (wolfSSL_CondEnd(&crl->cond) != 0) {
+        WOLFSSL_MSG("wolfSSL_CondEnd failed");
+        return BAD_MUTEX_E;
     }
 
     return ret;
 }
 
-
-#else /* HAVE_CRL_MONITOR */
-
-#if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
-
-static int StartMonitorCRL(WOLFSSL_CRL* crl)
-{
-    (void)crl;
-
-    WOLFSSL_ENTER("StartMonitorCRL");
-    WOLFSSL_MSG("Not compiled in");
-
-    return NOT_COMPILED_IN;
-}
-
-#endif /* !NO_FILESYSTEM && !NO_WOLFSSL_DIR */
-
 #endif  /* HAVE_CRL_MONITOR */
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
@@ -1436,28 +1536,41 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
             }
         }
 
+#ifndef CRL_REPORT_LOAD_ERRORS
         if (!skip && ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl,
                                  VERIFY) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("CRL file load failed, continuing");
         }
+#else
+        if (!skip) {
+            ret = ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl, VERIFY);
+            if (ret != WOLFSSL_SUCCESS) {
+                WOLFSSL_MSG("CRL file load failed");
+                return ret;
+            }
+        }
+#endif
 
         ret = wc_ReadDirNext(readCtx, path, &name);
     }
     wc_ReadDirClose(readCtx);
-    ret = WOLFSSL_SUCCESS; /* load failures not reported, for backwards compat */
+
+    /* load failures not reported, for backwards compat */
+    ret = WOLFSSL_SUCCESS;
 
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(readCtx, crl->heap, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
 
     if (monitor & WOLFSSL_CRL_MONITOR) {
+#ifdef HAVE_CRL_MONITOR
         word32 pathLen;
         char* pathBuf;
 
         WOLFSSL_MSG("monitor path requested");
 
         pathLen = (word32)XSTRLEN(path);
-        pathBuf = (char*)XMALLOC(pathLen+1, crl->heap,DYNAMIC_TYPE_CRL_MONITOR);
+        pathBuf = (char*)XMALLOC(pathLen+1, crl->heap, DYNAMIC_TYPE_CRL_MONITOR);
         if (pathBuf) {
             XMEMCPY(pathBuf, path, pathLen+1);
 
@@ -1488,6 +1601,10 @@ int LoadCRL(WOLFSSL_CRL* crl, const char* path, int type, int monitor)
         else {
             ret = MEMORY_E;
         }
+#else
+        WOLFSSL_MSG("CRL monitoring requested but not compiled in");
+        ret = NOT_COMPILED_IN;
+#endif
     }
 
     return ret;
diff --git a/extra/wolfssl/wolfssl/src/dtls.c b/extra/wolfssl/wolfssl/src/dtls.c
index d604b5a2..fceeedbe 100644
--- a/extra/wolfssl/wolfssl/src/dtls.c
+++ b/extra/wolfssl/wolfssl/src/dtls.c
@@ -21,11 +21,29 @@
 
 /*
  * WOLFSSL_DTLS_NO_HVR_ON_RESUME
+ * WOLFSSL_DTLS13_NO_HRR_ON_RESUME
  *     If defined, a DTLS server will not do a cookie exchange on successful
  *     client resumption: the resumption will be faster (one RTT less) and
- *     will consume less bandwidth (one ClientHello and one HelloVerifyRequest
- *     less). On the other hand, if a valid SessionID is collected, forged
- *     clientHello messages will consume resources on the server.
+ *     will consume less bandwidth (one ClientHello and one
+ *     HelloVerifyRequest/HelloRetryRequest less). On the other hand, if a valid
+ *     SessionID/ticket/psk is collected, forged clientHello messages will
+ *     consume resources on the server. For DTLS 1.3, using this option also
+ *     allows for the server to process Early Data/0-RTT Data. Without this, the
+ *     Early Data would be dropped since the server doesn't enter stateful
+ *     processing until receiving a verified ClientHello with the cookie.
+ *
+ *     To allow DTLS 1.3 resumption without the cookie exchange:
+ *     - Compile wolfSSL with WOLFSSL_DTLS13_NO_HRR_ON_RESUME defined
+ *     - Call wolfSSL_dtls13_no_hrr_on_resume(ssl, 1) on the WOLFSSL object to
+ *       disable the cookie exchange on resumption
+ *     - Continue like with a normal connection
+ * WOLFSSL_DTLS_CH_FRAG
+ *     Allow a server to process a fragmented second/verified (one containing a
+ *     valid cookie response) ClientHello message. The first/unverified (one
+ *     without a cookie extension) ClientHello MUST be unfragmented so that the
+ *     DTLS server can process it statelessly. This is only implemented for
+ *     DTLS 1.3. The user MUST call wolfSSL_dtls13_allow_ch_frag() on the server
+ *     to explicitly enable this during runtime.
  */
 
 #ifdef HAVE_CONFIG_H
@@ -75,6 +93,7 @@ void DtlsResetState(WOLFSSL* ssl)
     ssl->options.connectState = CONNECT_BEGIN;
     ssl->options.acceptState = ACCEPT_BEGIN;
     ssl->options.handShakeState = NULL_STATE;
+    ssl->options.seenUnifiedHdr = 0;
     ssl->msgsReceived.got_client_hello = 0;
     ssl->keys.dtls_handshake_number = 0;
     ssl->keys.dtls_expected_peer_handshake_number = 0;
@@ -262,10 +281,13 @@ static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch,
     return ret;
 }
 
-static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch)
+static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch,
+        byte isFirstCHFrag)
 {
     word32 idx = 0;
 
+    (void)isFirstCHFrag;
+
     /* protocol version, random and session id length check */
     if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
         return BUFFER_ERROR;
@@ -285,10 +307,24 @@ static int ParseClientHello(const byte* input, word32 helloSz, WolfSSL_CH* ch)
     if (idx > helloSz - OPAQUE8_LEN)
         return BUFFER_ERROR;
     idx += ReadVector8(input + idx, &ch->compression);
-    if (idx > helloSz - OPAQUE16_LEN)
-        return BUFFER_ERROR;
-    idx += ReadVector16(input + idx, &ch->extension);
-    if (idx > helloSz)
+    if (idx < helloSz - OPAQUE16_LEN) {
+        /* Extensions are optional */
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        word32 extStart = idx + OPAQUE16_LEN;
+#endif
+        idx += ReadVector16(input + idx, &ch->extension);
+        if (idx > helloSz) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+            idx = helloSz;
+            /* Allow incomplete extensions if we are parsing a fragment */
+            if (isFirstCHFrag && extStart < helloSz)
+                ch->extension.size = helloSz - extStart;
+            else
+#endif
+                return BUFFER_ERROR;
+        }
+    }
+    if (idx != helloSz)
         return BUFFER_ERROR;
     ch->length = idx;
     return 0;
@@ -718,8 +754,8 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
 #ifdef HAVE_SUPPORTED_CURVES
         if (doKE) {
             byte searched = 0;
-            ret = TLSX_KeyShare_Choose(ssl, parsedExts, &cs.clientKSE,
-                    &searched);
+            ret = TLSX_KeyShare_Choose(ssl, parsedExts, cs.cipherSuite0,
+                    cs.cipherSuite, &cs.clientKSE, &searched);
             if (ret != 0)
                 goto dtls13_cleanup;
             if (cs.clientKSE == NULL && searched)
@@ -744,6 +780,15 @@ static int SendStatelessReplyDtls13(const WOLFSSL* ssl, WolfSSL_CH* ch)
         }
     }
 
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+    if (ssl->options.dtls13NoHrrOnResume && usePSK && pskInfo.isValid &&
+            !cs.doHelloRetry) {
+        /* Skip HRR on resumption */
+        ((WOLFSSL*)ssl)->options.dtlsStateful = 1;
+        goto dtls13_cleanup;
+    }
+#endif
+
 #ifdef HAVE_SUPPORTED_CURVES
     if (cs.doHelloRetry) {
         ret = TLSX_KeyShare_SetSupported(ssl, &parsedExts);
@@ -823,6 +868,7 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13)
     else
 #endif
     {
+#if !defined(WOLFSSL_NO_TLS12)
         if (!ch->dtls12cookieSet) {
             ret = CreateDtls12Cookie(ssl, ch, ch->dtls12cookie);
             if (ret != 0)
@@ -831,6 +877,11 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13)
         }
         ret = SendHelloVerifyRequest((WOLFSSL*)ssl, ch->dtls12cookie,
                 DTLS_COOKIE_SZ);
+#else
+        WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
+        WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
+        ret = NOT_COMPILED_IN;
+#endif
     }
     return ret;
 }
@@ -856,17 +907,30 @@ static int ClientHelloSanityCheck(WolfSSL_CH* ch, byte isTls13)
     return 0;
 }
 
-int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
-                           word32* inOutIdx, word32 helloSz)
+int DoClientHelloStateless(WOLFSSL* ssl, const byte* input, word32 helloSz,
+        byte isFirstCHFrag, byte* tls13)
 {
     int ret;
     WolfSSL_CH ch;
     byte isTls13 = 0;
 
+    WOLFSSL_ENTER("DoClientHelloStateless");
+    if (isFirstCHFrag) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        WOLFSSL_MSG("\tProcessing fragmented ClientHello");
+#else
+        WOLFSSL_MSG("\tProcessing fragmented ClientHello but "
+                "WOLFSSL_DTLS_CH_FRAG is not defined. This should not happen.");
+        return BAD_STATE_E;
+#endif
+    }
+    if (tls13 != NULL)
+        *tls13 = 0;
+
     XMEMSET(&ch, 0, sizeof(ch));
 
     ssl->options.dtlsStateful = 0;
-    ret = ParseClientHello(input + *inOutIdx, helloSz, &ch);
+    ret = ParseClientHello(input, helloSz, &ch, isFirstCHFrag);
     if (ret != 0)
         return ret;
 
@@ -875,6 +939,8 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
         ret = TlsCheckSupportedVersion(ssl, &ch, &isTls13);
         if (ret != 0)
             return ret;
+        if (tls13 != NULL)
+            *tls13 = isTls13;
         if (isTls13) {
             int tlsxFound;
             ret = FindExtByType(&ch.cookieExt, TLSX_COOKIE, ch.extension,
@@ -890,7 +956,7 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
         return ret;
 
 #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
-    if (!isTls13) {
+    if (!isTls13 && !isFirstCHFrag) {
         int resume = FALSE;
         ret = TlsResumptionIsValid(ssl, &ch, &resume);
         if (ret != 0)
@@ -903,7 +969,13 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
 #endif
 
     if (ch.cookie.size == 0 && ch.cookieExt.size == 0) {
-        ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        /* Don't send anything here when processing fragment */
+        if (isFirstCHFrag)
+            ret = COOKIE_ERROR;
+        else
+#endif
+            ret = SendStatelessReply(ssl, &ch, isTls13);
     }
     else {
         byte cookieGood;
@@ -918,10 +990,24 @@ int DoClientHelloStateless(WOLFSSL* ssl, const byte* input,
                 ret = INVALID_PARAMETER;
             else
 #endif
-                ret = SendStatelessReply((WOLFSSL*)ssl, &ch, isTls13);
+#ifdef WOLFSSL_DTLS_CH_FRAG
+            /* Don't send anything here when processing fragment */
+            if (isFirstCHFrag)
+                ret = COOKIE_ERROR;
+            else
+#endif
+                ret = SendStatelessReply(ssl, &ch, isTls13);
         }
-        else
+        else {
             ssl->options.dtlsStateful = 1;
+            /* Update the window now that we enter the stateful parsing */
+#ifdef WOLFSSL_DTLS13
+            if (isTls13)
+                ret = Dtls13UpdateWindowRecordRecvd(ssl);
+            else
+#endif
+                DtlsUpdateWindow(ssl);
+        }
     }
 
     return ret;
@@ -1105,7 +1191,7 @@ int TLSX_ConnectionID_Use(WOLFSSL* ssl)
     /* CIDInfo needs to be accessed every time we send or receive a record. To
      * avoid the cost of the extension lookup save a pointer to the structure
      * inside the SSL object itself, and save a pointer to the SSL object in the
-     * extension. The extension freeing routine uses te pointer to the SSL
+     * extension. The extension freeing routine uses the pointer to the SSL
      * object to find the structure and to set ssl->dtlsCidInfo pointer to NULL
      * after freeing the structure. */
     ssl->dtlsCidInfo = info;
diff --git a/extra/wolfssl/wolfssl/src/dtls13.c b/extra/wolfssl/wolfssl/src/dtls13.c
index b5fecafd..3591d67b 100644
--- a/extra/wolfssl/wolfssl/src/dtls13.c
+++ b/extra/wolfssl/wolfssl/src/dtls13.c
@@ -277,10 +277,7 @@ static int Dtls13GetRnMask(WOLFSSL* ssl, const byte* ciphertext, byte* mask,
         /* assuming CIPHER[0..3] should be interpreted as little endian 32-bits
            integer. The draft rfc isn't really clear on that. See sec 4.2.3 of
            the draft. See also Section 2.3 of the Chacha RFC. */
-        XMEMCPY(&counter, ciphertext, sizeof(counter));
-#ifdef BIG_ENDIAN
-        counter = ByteReverseWord32(counter);
-#endif /* BIG_ENDIAN */
+        ato32le(ciphertext, &counter);
 
         ret = wc_Chacha_SetIV(c->chacha, &ciphertext[4], counter);
         if (ret != 0)
@@ -355,6 +352,7 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
     WOLFSSL_ENTER("Dtls13ProcessBufferedMessages");
 
     while (msg != NULL) {
+        int downgraded = 0;
         idx = 0;
 
         /* message not in order */
@@ -365,8 +363,32 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
         if (!msg->ready)
             break;
 
-        ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
-                msg->sz, msg->sz);
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+        ret = MsgCheckEncryption(ssl, msg->type, msg->encrypted);
+        if (ret != 0) {
+            SendAlert(ssl, alert_fatal, unexpected_message);
+            break;
+        }
+#endif
+
+        /* We may have DTLS <=1.2 msgs stored from before we knew which version
+         * we were going to use. Interpret correctly. */
+        if (IsAtLeastTLSv1_3(ssl->version)) {
+            ret = DoTls13HandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
+                    msg->sz, msg->sz);
+            if (!IsAtLeastTLSv1_3(ssl->version))
+                downgraded = 1;
+        }
+        else {
+#if !defined(WOLFSSL_NO_TLS12)
+            ret = DoHandShakeMsgType(ssl, msg->fullMsg, &idx, msg->type,
+                    msg->sz, msg->sz);
+#else
+            WOLFSSL_MSG("DTLS1.2 disabled with WOLFSSL_NO_TLS12");
+            WOLFSSL_ERROR_VERBOSE(NOT_COMPILED_IN);
+            ret = NOT_COMPILED_IN;
+#endif
+        }
 
         /* processing certificate_request triggers a connect. The error came
          * from there, the message can be considered processed successfully.
@@ -374,7 +396,13 @@ int Dtls13ProcessBufferedMessages(WOLFSSL* ssl)
          * waiting to flush the output buffer. */
         if ((ret == 0 || ret == WANT_WRITE) || (msg->type == certificate_request &&
                          ssl->options.handShakeDone && ret == WC_PENDING_E)) {
-            Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
+            if (IsAtLeastTLSv1_3(ssl->version))
+                Dtls13MsgWasProcessed(ssl, (enum HandShakeType)msg->type);
+            else if (downgraded)
+                /* DoHandShakeMsgType normally handles the hs number but if
+                 * DoTls13HandShakeMsgType processed 1.2 msgs then this wasn't
+                 * incremented. */
+                ssl->keys.dtls_expected_peer_handshake_number++;
 
             ssl->dtls_rx_msg_list = msg->next;
             DtlsMsgDelete(msg, ssl->heap);
@@ -628,7 +656,7 @@ static void Dtls13RtxRecordUnlink(WOLFSSL* ssl, Dtls13RtxRecord** prevNext,
     *prevNext = r->next;
 }
 
-static void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket)
+void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket)
 {
     Dtls13RtxRecord *r, **prevNext;
 
@@ -809,10 +837,16 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs,
             Dtls13MaybeSaveClientHello(ssl);
 
         /* In the handshake, receiving part of the next flight, acknowledge the
-           sent flight. The only exception is, on the server side, receiving the
-           last client flight does not ACK any sent new_session_ticket
-           messages. */
-        Dtls13RtxFlushBuffered(ssl, 1);
+         * sent flight. */
+        /* On the server side, receiving the last client flight does not ACK any
+         * sent new_session_ticket messages. */
+        /* We don't want to clear the buffer until we have done version
+         * negotiation in the SH or have received a unified header in the
+         * DTLS record. */
+        if (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
+                    ssl->options.seenUnifiedHdr)
+            /* Use 1.2 API to clear 1.2 buffers too */
+            DtlsMsgPoolReset(ssl);
     }
 
     if (ssl->keys.dtls_peer_handshake_number <
@@ -856,6 +890,8 @@ static int Dtls13RtxMsgRecvd(WOLFSSL* ssl, enum HandShakeType hs,
 void Dtls13FreeFsmResources(WOLFSSL* ssl)
 {
     Dtls13RtxFlushAcks(ssl);
+    /* Use 1.2 API to clear 1.2 buffers too */
+    DtlsMsgPoolReset(ssl);
     Dtls13RtxFlushBuffered(ssl, 0);
 }
 
@@ -921,8 +957,10 @@ static int Dtls13SendFragmentedInternal(WOLFSSL* ssl)
         }
 
         ret = CheckAvailableSize(ssl, recordLength + MAX_MSG_EXTRA);
-        if (ret != 0)
+        if (ret != 0) {
+            Dtls13FreeFragmentsBuffer(ssl);
             return ret;
+        }
 
         output = GetOutputBuffer(ssl);
 
@@ -1551,6 +1589,19 @@ static int Dtls13RtxSendBuffered(WOLFSSL* ssl)
     return 0;
 }
 
+static int Dtls13AcceptFragmented(WOLFSSL *ssl, enum HandShakeType type)
+{
+    if (IsEncryptionOn(ssl, 0))
+        return 1;
+    if (ssl->options.side == WOLFSSL_CLIENT_END && type == server_hello)
+        return 1;
+#ifdef WOLFSSL_DTLS_CH_FRAG
+    if (ssl->options.side == WOLFSSL_SERVER_END && type == client_hello &&
+            ssl->options.dtls13ChFrag && ssl->options.dtlsStateful)
+        return 1;
+#endif
+    return 0;
+}
 /**
  * Dtls13HandshakeRecv() - process an handshake message. Deal with
  fragmentation if needed
@@ -1579,6 +1630,13 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
     if (ret != 0)
         return PARSE_ERROR;
 
+    /* Need idx + fragLength as we don't advance the inputBuffer idx value */
+    ret = EarlySanityCheckMsgReceived(ssl, handshakeType, idx + fragLength);
+    if (ret != 0) {
+        WOLFSSL_ERROR(ret);
+        return ret;
+    }
+
     if (ssl->options.side == WOLFSSL_SERVER_END &&
             ssl->options.acceptState < TLS13_ACCEPT_FIRST_REPLY_DONE) {
         if (handshakeType != client_hello) {
@@ -1624,13 +1682,35 @@ static int _Dtls13HandshakeRecv(WOLFSSL* ssl, byte* input, word32 size,
     isFirst = fragOff == 0;
     isComplete = isFirst && fragLength == messageLength;
 
-    if (!isComplete && !IsEncryptionOn(ssl, 0)) {
+    if (!isComplete && !Dtls13AcceptFragmented(ssl, handshakeType)) {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        byte tls13 = 0;
+        /* check if the first CH fragment contains a valid cookie */
+        if (ssl->options.dtls13ChFrag && !ssl->options.dtlsStateful &&
+                isFirst && handshakeType == client_hello &&
+                DoClientHelloStateless(ssl, input + idx, fragLength, 1, &tls13)
+                    == 0 && tls13) {
+            /* We can save this message and continue as stateful. */
+            if (ssl->chGoodCb != NULL) {
+                int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+                if (cbret < 0) {
+                    ssl->error = cbret;
+                    WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+                    return WOLFSSL_FATAL_ERROR;
+                }
+            }
+            WOLFSSL_MSG("ClientHello fragment verified");
+        }
+        else
+#endif
+        {
 #ifdef WOLFSSL_DEBUG_TLS
-        WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message");
+            WOLFSSL_MSG("DTLS1.3 not accepting fragmented plaintext message");
 #endif /* WOLFSSL_DEBUG_TLS */
-        /* ignore the message */
-        *processedSize = idx + fragLength + ssl->keys.padSz;
-        return 0;
+            /* ignore the message */
+            *processedSize = idx + fragLength + ssl->keys.padSz;
+            return 0;
+        }
     }
 
     usingAsyncCrypto = ssl->devId != INVALID_DEVID;
@@ -2347,7 +2427,11 @@ static int Dtls13WriteAckMessage(WOLFSSL* ssl,
     c16toa(msgSz, ackMessage);
     ackMessage += OPAQUE16_LEN;
 
+    WOLFSSL_MSG("write ack records");
+
     while (recordNumberList != NULL) {
+        WOLFSSL_MSG_EX("epoch %d seq %d", recordNumberList->epoch,
+                recordNumberList->seq);
         c64toa(&recordNumberList->epoch, ackMessage);
         ackMessage += OPAQUE64_LEN;
         c64toa(&recordNumberList->seq, ackMessage);
@@ -2474,7 +2558,12 @@ int Dtls13RtxTimeout(WOLFSSL* ssl)
 {
     int ret = 0;
 
-    if (ssl->dtls13Rtx.seenRecords != NULL) {
+    /* We don't want to send acks until we have done version
+     * negotiation in the SH or have received a unified header in the
+     * DTLS record. */
+    if (ssl->dtls13Rtx.seenRecords != NULL &&
+            (ssl->options.serverState >= SERVER_HELLO_COMPLETE ||
+                    ssl->options.seenUnifiedHdr)) {
         ssl->dtls13Rtx.sendAcks = 0;
         /* reset fast timeout as we are sending ACKs */
         ssl->dtls13FastTimeout = 0;
@@ -2534,10 +2623,13 @@ int DoDtls13Ack(WOLFSSL* ssl, const byte* input, word32 inputSize,
     if (length % (DTLS13_RN_SIZE) != 0)
         return PARSE_ERROR;
 
+    WOLFSSL_MSG("read ack records");
+
     ackMessage = input + OPAQUE16_LEN;
     for (i = 0; i < length; i += DTLS13_RN_SIZE) {
         ato64(ackMessage + i, &epoch);
         ato64(ackMessage + i + OPAQUE64_LEN, &seq);
+        WOLFSSL_MSG_EX("epoch %d seq %d", epoch, seq);
         Dtls13RtxRemoveRecord(ssl, epoch, seq);
     }
 
@@ -2608,14 +2700,13 @@ int SendDtls13Ack(WOLFSSL* ssl)
     if (ret != 0)
         return ret;
 
-    if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
-
-        ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
-        if (ret != 0)
-            return ret;
+    ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
+    if (ret != 0)
+        return ret;
 
-        output = GetOutputBuffer(ssl);
+    output = GetOutputBuffer(ssl);
 
+    if (w64IsZero(ssl->dtls13EncryptEpoch->epochNumber)) {
         ret = Dtls13RlAddPlaintextHeader(ssl, output, ack, (word16)length);
         if (ret != 0)
             return ret;
@@ -2623,13 +2714,6 @@ int SendDtls13Ack(WOLFSSL* ssl)
         ssl->buffers.outputBuffer.length += length + DTLS_RECORD_HEADER_SZ;
     }
     else {
-
-        ret = Dtls13WriteAckMessage(ssl, ssl->dtls13Rtx.seenRecords, &length);
-        if (ret != 0)
-            return ret;
-
-        output = GetOutputBuffer(ssl);
-
         outputSize = ssl->buffers.outputBuffer.bufferSize -
                      ssl->buffers.outputBuffer.idx -
                      ssl->buffers.outputBuffer.length;
@@ -2770,4 +2854,26 @@ int Dtls13CheckAEADFailLimit(WOLFSSL* ssl)
 }
 #endif
 
+#ifdef WOLFSSL_DTLS_CH_FRAG
+int wolfSSL_dtls13_allow_ch_frag(WOLFSSL *ssl, int enabled)
+{
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        return WOLFSSL_FAILURE;
+    }
+    ssl->options.dtls13ChFrag = !!enabled;
+    return WOLFSSL_SUCCESS;
+}
+#endif
+
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+int wolfSSL_dtls13_no_hrr_on_resume(WOLFSSL *ssl, int enabled)
+{
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        return WOLFSSL_FAILURE;
+    }
+    ssl->options.dtls13NoHrrOnResume = !!enabled;
+    return WOLFSSL_SUCCESS;
+}
+#endif
+
 #endif /* WOLFSSL_DTLS13 */
diff --git a/extra/wolfssl/wolfssl/src/include.am b/extra/wolfssl/wolfssl/src/include.am
index d2c40e6d..a69822ff 100644
--- a/extra/wolfssl/wolfssl/src/include.am
+++ b/extra/wolfssl/wolfssl/src/include.am
@@ -3,8 +3,6 @@
 # All paths should be given relative to the root
 
 FIPS_FILES =					\
-	ctaocrypt/src/fips.c			\
-	ctaocrypt/src/fips_test.c		\
 	wolfcrypt/src/async.c			\
 	wolfcrypt/src/fips.c			\
 	wolfcrypt/src/fips_test.c		\
@@ -21,6 +19,8 @@ EXTRA_DIST += src/conf.c
 EXTRA_DIST += src/pk.c
 EXTRA_DIST += src/ssl_asn1.c
 EXTRA_DIST += src/ssl_bn.c
+EXTRA_DIST += src/ssl_certman.c
+EXTRA_DIST += src/ssl_crypto.c
 EXTRA_DIST += src/ssl_misc.c
 EXTRA_DIST += src/x509.c
 EXTRA_DIST += src/x509_str.c
@@ -53,42 +53,6 @@ endif # BUILD_FAST_RSA
 
 if BUILD_FIPS
 
-if BUILD_FIPS_V1
-# fips first  file
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c
-
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += \
-               ctaocrypt/src/hmac.c \
-               ctaocrypt/src/random.c \
-               ctaocrypt/src/sha256.c
-
-if BUILD_RSA
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/rsa.c
-endif
-
-if BUILD_AES
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/aes.c
-endif
-
-if BUILD_DES3
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/des3.c
-endif
-
-if BUILD_SHA
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/sha.c
-endif
-
-if BUILD_SHA512
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/sha512.c
-endif
-
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/fips.c
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/fips_test.c
-
-# fips last file
-src_libwolfssl@LIBSUFFIX@_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c
-endif BUILD_FIPS_V1
-
 if BUILD_FIPS_V2
 # FIPSv2 first file
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += \
@@ -117,6 +81,7 @@ if BUILD_X86_ASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
 endif
 endif
 
@@ -196,11 +161,27 @@ if BUILD_AES
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes.c
 if BUILD_ARMASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-aes.c
+endif BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if !BUILD_ARMASM_CRYPTO
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
-endif
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif !BUILD_ARMASM_CRYPTO
+else
+if BUILD_ARMASM
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_AES
 
 if BUILD_AESNI
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_asm.S
@@ -208,6 +189,7 @@ if BUILD_X86_ASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
 endif
 endif
 
@@ -215,22 +197,33 @@ if BUILD_SHA
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha.c
 endif
 
+if BUILD_ARMASM_NEON
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
+else
 if BUILD_ARMASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
-endif
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256.c
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256_asm.S
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
 
 if BUILD_SHA512
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -238,24 +231,35 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-a
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+endif !BUILD_ARMASM_INLINE
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512.c
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512_asm.S
-endif
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_SHA512
 
 if BUILD_SHA3
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3.c
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm.S
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM_NEON
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3_asm.S
 endif
@@ -320,18 +324,29 @@ endif !BUILD_FIPS_CURRENT
 
 if !BUILD_FIPS_CURRENT
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256.c
+if BUILD_ARMASM_NEON
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
+else
 if BUILD_ARMASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha256.c
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
-endif
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+endif !BUILD_ARMASM_INLINE
 else
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha256_asm.S
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
 endif !BUILD_FIPS_CURRENT
 
 if BUILD_AFALG
@@ -409,13 +424,31 @@ if BUILD_AES
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes.c
 if BUILD_ARMASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-aes.c
+endif BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if !BUILD_ARMASM_CRYPTO
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
 endif !BUILD_ARMASM_CRYPTO
+else
+if BUILD_ARMASM
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-aes-asm.S
+endif !BUILD_ARMASM_INLINE
 endif BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
 if BUILD_AFALG
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/af_alg/afalg_aes.c
-endif
+endif BUILD_AFALG
 endif BUILD_AES
 endif !BUILD_FIPS_CURRENT
 
@@ -439,7 +472,7 @@ endif !BUILD_FIPS_CURRENT
 
 if !BUILD_FIPS_CURRENT
 if BUILD_SHA512
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -447,32 +480,93 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-a
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512-asm.S
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha512.c
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+endif !BUILD_ARMASM_INLINE
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512.c
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha512_asm.S
-endif
-endif
-endif
+endif BUILD_INTELASM
+endif !BUILD_ARMASM
+endif !BUILD_ARMASM_NEON
+endif BUILD_SHA512
 endif !BUILD_FIPS_CURRENT
 
 if !BUILD_FIPS_CURRENT
 if BUILD_SHA3
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3.c
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-sha3-asm.S
-endif
-endif
+endif !BUILD_ARMASM_INLINE
+endif BUILD_ARMASM_NEON
 if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sha3_asm.S
 endif
 endif
 endif !BUILD_FIPS_CURRENT
 
+if !BUILD_FIPS_CURRENT
+if BUILD_SM2
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm2.c
+if BUILD_SP
+if BUILD_SP_C32
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_c32.c
+endif
+if BUILD_SP_C64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_c64.c
+endif
+
+if BUILD_SP_X86_64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_x86_64.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_x86_64_asm.S
+endif
+if !BUILD_FIPS_V2
+if BUILD_SP_ARM32
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_arm32.c
+endif
+endif
+if BUILD_SP_ARM_THUMB
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_armthumb.c
+endif
+if !BUILD_FIPS_V2
+if BUILD_SP_ARM64
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_arm64.c
+endif
+endif
+if BUILD_SP_ARM_CORTEX
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sp_sm2_cortexm.c
+endif
+endif BUILD_SP
+endif BUILD_SM2
+endif !BUILD_FIPS_CURRENT
+
+if !BUILD_FIPS_CURRENT
+if BUILD_SM3
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3.c
+if BUILD_INTELASM
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm3_asm.S
+endif
+endif BUILD_SM3
+endif !BUILD_FIPS_CURRENT
+
+if !BUILD_FIPS_CURRENT
+if BUILD_SM4
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sm4.c
+endif BUILD_SM4
+endif !BUILD_FIPS_CURRENT
+
 endif !BUILD_FIPS_RAND
 
 if BUILD_SIPHASH
@@ -561,6 +655,7 @@ if BUILD_X86_ASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_x86_asm.S
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_gcm_asm.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/aes_xts_asm.S
 endif
 endif
 endif
@@ -585,7 +680,7 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/blake2s.c
 endif
 
 if BUILD_CHACHA
-if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-chacha.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/chacha.c
@@ -633,6 +728,14 @@ endif
 endif
 endif
 
+if BUILD_WC_LMS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_lms.c
+endif
+
+if BUILD_WC_XMSS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/wc_xmss.c
+endif
+
 if BUILD_CURVE25519
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/curve25519.c
 endif
@@ -649,19 +752,31 @@ if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
 else
 if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519.S
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
-endif
+endif !BUILD_ARMASM_INLINE
+else
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-32-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
+endif !BUILD_ARMASM_INLINE
+endif !BUILD_ARMASM_NEON
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
-endif
-endif
-endif
-endif
+endif !BUILD_ARMASM
+endif !BUILD_INTELASM
+endif !BUILD_CURVE25519_SMALL
+endif BUILD_FEMATH
 
 if BUILD_GEMATH
 if BUILD_ED25519_SMALL
@@ -673,12 +788,22 @@ if BUILD_INTELASM
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_x25519_asm.S
 else
 if BUILD_ARMASM
+if BUILD_ARMASM_NEON
 if BUILD_ARMASM_INLINE
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
 else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
 endif
 else
+if BUILD_ARMASM_INLINE
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519_c.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519_c.c
+else
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/thumb2-curve25519.S
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/arm/armv8-curve25519.S
+endif
+endif
+else
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/fe_operations.c
 endif
 endif
@@ -712,6 +837,14 @@ src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/sphincs.c
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_kyber.c
 endif
 
+if BUILD_LIBLMS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_lms.c
+endif
+
+if BUILD_LIBXMSS
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/ext_xmss.c
+endif
+
 if BUILD_LIBZ
 src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/compress.c
 endif
@@ -769,3 +902,8 @@ endif !BUILD_CRYPTONLY
 
 
 endif !BUILD_FIPS_RAND
+
+if BUILD_ARIA
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-crypt.c
+src_libwolfssl@LIBSUFFIX@_la_SOURCES += wolfcrypt/src/port/aria/aria-cryptocb.c
+endif
diff --git a/extra/wolfssl/wolfssl/src/internal.c b/extra/wolfssl/wolfssl/src/internal.c
index ca166e8d..2274ab7e 100644
--- a/extra/wolfssl/wolfssl/src/internal.c
+++ b/extra/wolfssl/wolfssl/src/internal.c
@@ -89,6 +89,9 @@
  *     - WOLFSSL_HARDEN_TLS_NO_SCR_CHECK
  *     - WOLFSSL_HARDEN_TLS_NO_PKEY_CHECK
  *     - WOLFSSL_HARDEN_TLS_ALLOW_ALL_CIPHERSUITES
+ * WOLFSSL_NO_INIT_CTX_KEY
+ *      Allows SSL objects to be created from a CTX without a loaded key/cert
+ *      pair
  */
 
 
@@ -125,6 +128,11 @@
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
 
+#ifdef HAVE_ARIA
+    /* included to get ARIA devId value */
+    #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
+
 #if defined(DEBUG_WOLFSSL) || defined(SHOW_SECRETS) || \
     defined(CHACHA_AEAD_TEST) || defined(WOLFSSL_SESSION_EXPORT_DEBUG)
     #ifndef NO_STDIO_FILESYSTEM
@@ -185,8 +193,13 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
 
 #endif /* !WOLFSSL_NO_TLS12 */
 
-#ifndef NO_WOLFSSL_SERVER
-    #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
+#if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SESSION_TICKET)
+    #if defined(WOLFSSL_HAPROXY)
+        #define SSL_TICKET_CTX(ssl) ssl->initial_ctx->ticketEncCtx
+    #else
+        #define SSL_TICKET_CTX(ssl) ssl->ctx->ticketEncCtx
+    #endif
+    #if !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
         static int TicketEncCbCtx_Init(WOLFSSL_CTX* ctx,
                                        TicketEncCbCtx* keyCtx);
         static void TicketEncCbCtx_Free(TicketEncCbCtx* keyCtx);
@@ -202,9 +215,16 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
 
 #ifdef WOLFSSL_DTLS
     static int _DtlsCheckWindow(WOLFSSL* ssl);
-    static int _DtlsUpdateWindow(WOLFSSL* ssl);
 #endif
 
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+#include <Security/SecCertificate.h>
+#include <Security/SecTrust.h>
+#include <Security/SecPolicy.h>
+static int DoAppleNativeCertValidation(const WOLFSSL_BUFFER_INFO* certs,
+                                            int totalCerts);
+#endif /* #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
 #ifdef WOLFSSL_DTLS13
 #ifndef WOLFSSL_DTLS13_SEND_MOREACK_DEFAULT
 #define WOLFSSL_DTLS13_SEND_MOREACK_DEFAULT 0
@@ -246,7 +266,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
 #endif /* !WOLFSSL_NO_TLS12 */
 
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -259,6 +279,7 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
                        const unsigned char* secret, int secretSz, void* ctx);
 #endif
 
+
     /* Label string for client random. */
     #define SSC_CR      "CLIENT_RANDOM"
 
@@ -526,7 +547,7 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv)
     return ret;
 }
 
-int IsEncryptionOn(WOLFSSL* ssl, int isSend)
+int IsEncryptionOn(const WOLFSSL* ssl, int isSend)
 {
     #ifdef WOLFSSL_DTLS
     /* For DTLS, epoch 0 is always not encrypted. */
@@ -1284,6 +1305,14 @@ static int ExportOptions(WOLFSSL* ssl, byte* exp, word32 len, byte ver,
 #endif
     }
 
+    if (ver > WOLFSSL_EXPORT_VERSION_4) {
+#ifdef WOLFSSL_DTLS
+        exp[idx++] = options->dtlsStateful;
+#else
+        exp[idx++] = 0;
+#endif
+    }
+
     /* version of connection */
     exp[idx++] = ssl->version.major;
     exp[idx++] = ssl->version.minor;
@@ -1299,6 +1328,13 @@ static int ExportOptions(WOLFSSL* ssl, byte* exp, word32 len, byte ver,
             }
             break;
 
+        case WOLFSSL_EXPORT_VERSION_4:
+            if (idx != DTLS_EXPORT_OPT_SZ_4 && type == WOLFSSL_EXPORT_DTLS) {
+                WOLFSSL_MSG("Update DTLS_EXPORT_OPT_SZ and version of export");
+                return DTLS_EXPORT_VER_E;
+            }
+            break;
+
         case WOLFSSL_EXPORT_VERSION:
             if (idx != DTLS_EXPORT_OPT_SZ && type == WOLFSSL_EXPORT_DTLS) {
                 WOLFSSL_MSG("Update DTLS_EXPORT_OPT_SZ and version of export");
@@ -1334,6 +1370,13 @@ static int ImportOptions(WOLFSSL* ssl, const byte* exp, word32 len, byte ver,
             }
             break;
 
+        case WOLFSSL_EXPORT_VERSION_4:
+            if (len < DTLS_EXPORT_OPT_SZ_4) {
+                WOLFSSL_MSG("Sanity check on buffer size failed");
+                return BAD_FUNC_ARG;
+            }
+            break;
+
         case WOLFSSL_EXPORT_VERSION_3:
             if (len < DTLS_EXPORT_OPT_SZ_3) {
                 WOLFSSL_MSG("Sanity check on buffer size failed");
@@ -1467,6 +1510,17 @@ static int ImportOptions(WOLFSSL* ssl, const byte* exp, word32 len, byte ver,
 #endif
     }
 
+    /* If we had a connection established, let's assume that we can act
+     * statefully */
+    options->dtlsStateful = 1;
+    if (ver > WOLFSSL_EXPORT_VERSION_4) {
+#ifdef WOLFSSL_DTLS
+        options->dtlsStateful = exp[idx++];
+#else
+        idx++;
+#endif
+    }
+
     /* version of connection */
     if (ssl->version.major != exp[idx++] || ssl->version.minor != exp[idx++]) {
         WOLFSSL_MSG("Version mismatch ie DTLS v1 vs v1.2");
@@ -1535,7 +1589,8 @@ static int ImportPeerInfo(WOLFSSL* ssl, const byte* buf, word32 len, byte ver)
     word16 port;
     char   ip[MAX_EXPORT_IP];
 
-    if (ver != WOLFSSL_EXPORT_VERSION && ver != WOLFSSL_EXPORT_VERSION_3) {
+    if (ver != WOLFSSL_EXPORT_VERSION && ver != WOLFSSL_EXPORT_VERSION_4 &&
+            ver != WOLFSSL_EXPORT_VERSION_3) {
         WOLFSSL_MSG("Export version not supported");
         return BAD_FUNC_ARG;
     }
@@ -1793,6 +1848,15 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
                 }
                 break;
 
+            case WOLFSSL_EXPORT_VERSION_4:
+                if (type == WOLFSSL_EXPORT_DTLS) {
+                    optSz = DTLS_EXPORT_OPT_SZ_4;
+                }
+                else {
+                    optSz = TLS_EXPORT_OPT_SZ;
+                }
+                break;
+
             case WOLFSSL_EXPORT_VERSION_3:
                 WOLFSSL_MSG("Importing older version 3");
                 optSz = DTLS_EXPORT_OPT_SZ_3;
@@ -1913,7 +1977,7 @@ int wolfSSL_session_import_internal(WOLFSSL* ssl, const unsigned char* buf,
     /* set hmac function to use when verifying */
     if (ret == 0 && (ssl->options.tls == 1 || ssl->options.tls1_1 == 1 ||
                      ssl->options.dtls == 1)) {
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
         ssl->hmac = TLS_hmac;
     #else
@@ -2154,7 +2218,12 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
     XMEMSET(ctx, 0, sizeof(WOLFSSL_CTX));
 
     ctx->method   = method;
-    ctx->heap     = ctx;        /* defaults to self */
+    if (heap == NULL) {
+        ctx->heap = ctx;  /* defaults to self */
+    }
+    else {
+        ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */
+    }
     ctx->timeout  = WOLFSSL_SESSION_TIMEOUT;
 
 #ifdef WOLFSSL_DTLS
@@ -2261,6 +2330,11 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
     #endif /* MICRIUM */
 #endif /* WOLFSSL_USER_IO */
 
+#if defined(HAVE_RPK)
+    wolfSSL_CTX_set_client_cert_type(ctx, NULL, 0); /* set to default */
+    wolfSSL_CTX_set_server_cert_type(ctx, NULL, 0); /* set to default */
+#endif /* HAVE_RPK */
+
 #ifdef HAVE_PQC
 #ifdef HAVE_FALCON
     if (method->side == WOLFSSL_CLIENT_END)
@@ -2289,6 +2363,8 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
 #ifdef WOLFSSL_QNX_CAAM
     /* default to try using CAAM when built */
     ctx->devId = WOLFSSL_CAAM_DEVID;
+#elif defined(HAVE_ARIA) && defined(WOLF_CRYPTO_CB)
+    ctx->devId = WOLFSSL_ARIA_DEVID;
 #else
     ctx->devId = INVALID_DEVID;
 #endif
@@ -2402,6 +2478,11 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
     maxq10xx_SetupPkCallbacks(ctx, &method->version);
 #endif /* WOLFSSL_MAXQ10XX_TLS */
 
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+    /* Should only be set when wolfSSL_CTX_load_system_CA_certs() is called */
+    ctx->doAppleNativeCertValidationFlag = 0;
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
     return ret;
 }
 
@@ -2528,8 +2609,8 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
         wolfSSL_X509_STORE_free(ctx->x509_store_pt);
     #endif
     #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
-        wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL);
-        ctx->ca_names = NULL;
+        wolfSSL_sk_X509_NAME_pop_free(ctx->client_ca_names, NULL);
+        ctx->client_ca_names = NULL;
     #endif
     #ifdef OPENSSL_EXTRA
         if (ctx->x509Chain) {
@@ -2694,6 +2775,10 @@ void InitCiphers(WOLFSSL* ssl)
     ssl->encrypt.aes = NULL;
     ssl->decrypt.aes = NULL;
 #endif
+#ifdef HAVE_ARIA
+    ssl->encrypt.aria = NULL;
+    ssl->decrypt.aria = NULL;
+#endif
 #ifdef HAVE_CAMELLIA
     ssl->encrypt.cam = NULL;
     ssl->decrypt.cam = NULL;
@@ -2737,22 +2822,33 @@ void FreeCiphers(WOLFSSL* ssl)
     XFREE(ssl->encrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
     XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER);
 #endif
-#if defined(BUILD_AES) || defined(BUILD_AESGCM) /* See: InitKeys() in keys.c
-                                                 * on addition of BUILD_AESGCM
-                                                 * check (enc->aes, dec->aes) */
+#if defined(BUILD_AES) || defined(BUILD_AESGCM) || defined(HAVE_ARIA)
+    /* See: InitKeys() in keys.c on addition of BUILD_AESGCM check (enc->aes, dec->aes) */
     wc_AesFree(ssl->encrypt.aes);
     wc_AesFree(ssl->decrypt.aes);
-    #if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && \
-                                                      !defined(WOLFSSL_NO_TLS12)
-        XFREE(ssl->decrypt.additional, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
-        XFREE(ssl->encrypt.additional, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
-    #endif
     XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
     XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER);
 #endif
+#if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+    wc_Sm4Free(ssl->encrypt.sm4);
+    wc_Sm4Free(ssl->decrypt.sm4);
+    XFREE(ssl->encrypt.sm4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.sm4, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#if (defined(BUILD_AESGCM) || defined(BUILD_AESCCM) || defined(HAVE_ARIA)) && \
+    !defined(WOLFSSL_NO_TLS12)
+    XFREE(ssl->decrypt.additional, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->encrypt.additional, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
 #ifdef CIPHER_NONCE
-    XFREE(ssl->decrypt.nonce, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
-    XFREE(ssl->encrypt.nonce, ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+    XFREE(ssl->decrypt.nonce, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->encrypt.nonce, ssl->heap, DYNAMIC_TYPE_CIPHER);
+#endif
+#ifdef HAVE_ARIA
+    wc_AriaFreeCrypt(ssl->encrypt.aria);
+    wc_AriaFreeCrypt(ssl->decrypt.aria);
+    XFREE(ssl->encrypt.aria, ssl->heap, DYNAMIC_TYPE_CIPHER);
+    XFREE(ssl->decrypt.aria, ssl->heap, DYNAMIC_TYPE_CIPHER);
 #endif
 #ifdef HAVE_CAMELLIA
     XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER);
@@ -2835,12 +2931,16 @@ static int GetMacDigestSize(byte macAlgo)
         case sha512_mac:
             return WC_SHA512_DIGEST_SIZE;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            return WC_SM3_DIGEST_SIZE;
+    #endif
         default:
             break;
     }
     return NOT_COMPILED_IN;
 }
-#endif /* USE_ECDSA_KEYSZ_HASH_ALGO */
+#endif /* USE_ECDSA_KEYSZ_HASH_ALGO || (WOLFSSL_TLS13 && HAVE_ECC) */
 
 #define ADD_HASH_SIG_ALGO(out, inOutIdx, major, minor)  \
     do {                                                \
@@ -2869,6 +2969,13 @@ static WC_INLINE void AddSuiteHashSigAlgo(byte* hashSigAlgo, byte macAlgo,
 #endif /* USE_ECDSA_KEYSZ_HASH_ALGO */
 
     if (addSigAlgo) {
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        if (sigAlgo == sm2_sa_algo) {
+            ADD_HASH_SIG_ALGO(hashSigAlgo, inOutIdx,
+                SM2_SA_MAJOR, SM2_SA_MINOR);
+        }
+        else
+    #endif
     #ifdef HAVE_ED25519
         if (sigAlgo == ed25519_sa_algo) {
             ADD_HASH_SIG_ALGO(hashSigAlgo, inOutIdx,
@@ -2932,18 +3039,8 @@ static WC_INLINE void AddSuiteHashSigAlgo(byte* hashSigAlgo, byte macAlgo,
     }
 }
 
-void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
-    int haveFalconSig, int haveDilithiumSig, int haveAnon, int tls1_2,
-    int keySz)
-{
-    InitSuitesHashSigAlgo_ex(suites->hashSigAlgo, haveECDSAsig, haveRSAsig,
-            haveFalconSig, haveDilithiumSig, haveAnon, tls1_2, keySz,
-            &suites->hashSigAlgoSz);
-}
-
-void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
-    int haveRSAsig, int haveFalconSig, int haveDilithiumSig, int haveAnon,
-    int tls1_2, int keySz, word16* len)
+void InitSuitesHashSigAlgo_ex2(byte* hashSigAlgo, int haveSig, int tls1_2,
+    int keySz, word16* len)
 {
     word16 idx = 0;
 
@@ -2951,7 +3048,7 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
     (void)keySz;
 
 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
-    if (haveECDSAsig) {
+    if (haveSig & SIG_ECDSA) {
 #ifdef HAVE_ECC
     #ifdef WOLFSSL_SHA512
         AddSuiteHashSigAlgo(hashSigAlgo, sha512_mac, ecc_dsa_sa_algo, keySz,
@@ -2978,29 +3075,33 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
     #endif
     }
 #endif /* HAVE_ECC || HAVE_ED25519 || HAVE_ED448 */
-    if (haveFalconSig) {
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if (haveSig & SIG_SM2) {
+        AddSuiteHashSigAlgo(hashSigAlgo, sm3_mac, sm2_sa_algo, keySz,
+            &idx);
+    }
+#endif
 #if defined(HAVE_PQC)
 #ifdef HAVE_FALCON
+    if (haveSig & SIG_FALCON) {
         AddSuiteHashSigAlgo(hashSigAlgo, no_mac, falcon_level1_sa_algo, keySz,
             &idx);
         AddSuiteHashSigAlgo(hashSigAlgo, no_mac, falcon_level5_sa_algo, keySz,
             &idx);
-#endif /* HAVE_FALCON */
-#endif /* HAVE_PQC */
     }
-    if (haveDilithiumSig) {
-#if defined(HAVE_PQC)
+#endif /* HAVE_FALCON */
 #ifdef HAVE_DILITHIUM
+    if (haveSig & SIG_DILITHIUM) {
         AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level2_sa_algo,
             keySz, &idx);
         AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level3_sa_algo,
             keySz, &idx);
         AddSuiteHashSigAlgo(hashSigAlgo, no_mac, dilithium_level5_sa_algo,
             keySz, &idx);
+    }
 #endif /* HAVE_DILITHIUM */
 #endif /* HAVE_PQC */
-    }
-    if (haveRSAsig) {
+    if (haveSig & SIG_RSA) {
     #ifdef WC_RSA_PSS
         if (tls1_2) {
         #ifdef WOLFSSL_SHA512
@@ -3036,17 +3137,39 @@ void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
     }
 
 #ifdef HAVE_ANON
-    if (haveAnon) {
+    if (haveSig & SIG_ANON) {
         AddSuiteHashSigAlgo(hashSigAlgo, sha_mac, anonymous_sa_algo, keySz,
             &idx);
     }
 #endif
 
-    (void)haveAnon;
-    (void)haveECDSAsig;
     *len = idx;
 }
 
+void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
+    int haveFalconSig, int haveDilithiumSig, int haveAnon, int tls1_2,
+    int keySz)
+{
+    InitSuitesHashSigAlgo_ex(suites->hashSigAlgo, haveECDSAsig, haveRSAsig,
+            haveFalconSig, haveDilithiumSig, haveAnon, tls1_2, keySz,
+            &suites->hashSigAlgoSz);
+}
+
+void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
+    int haveRSAsig, int haveFalconSig, int haveDilithiumSig, int haveAnon,
+    int tls1_2, int keySz, word16* len)
+{
+    int have = 0;
+
+    if (haveECDSAsig)     have |= SIG_ECDSA;
+    if (haveRSAsig)       have |= SIG_RSA;
+    if (haveFalconSig)    have |= SIG_FALCON;
+    if (haveDilithiumSig) have |= SIG_DILITHIUM;
+    if (haveAnon)         have |= SIG_ANON;
+
+    InitSuitesHashSigAlgo_ex2(hashSigAlgo, have, tls1_2, keySz, len);
+}
+
 int AllocateCtxSuites(WOLFSSL_CTX* ctx)
 {
     if (ctx->suites == NULL) {
@@ -3161,6 +3284,19 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
     }
 #endif
 
+#ifdef BUILD_TLS_SM4_GCM_SM3
+    if (tls1_3) {
+        suites->suites[idx++] = CIPHER_BYTE;
+        suites->suites[idx++] = TLS_SM4_GCM_SM3;
+    }
+#endif
+#ifdef BUILD_TLS_SM4_CCM_SM3
+    if (tls1_3) {
+        suites->suites[idx++] = CIPHER_BYTE;
+        suites->suites[idx++] = TLS_SM4_CCM_SM3;
+    }
+#endif
+
 #ifdef HAVE_NULL_CIPHER
     #ifdef BUILD_TLS_SHA256_SHA256
         if (tls1_3 && haveNull) {
@@ -3227,14 +3363,23 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
+    /* OpenSSL enables ECDHE when using ECDHE aliases without RSA */
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
     }
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
     }
@@ -3296,6 +3441,20 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
     }
 #endif
 
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+    if (tls1_2 && haveECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384;
+    }
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+    if (tls1_2 && haveECC) {
+        suites->suites[idx++] = ECC_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256;
+    }
+#endif
+
 #ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
     if (tls1_2 && haveDH && havePSK) {
         suites->suites[idx++] = CIPHER_BYTE;
@@ -3346,7 +3505,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = CHACHA_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256;
     }
@@ -3370,7 +3533,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
     }
@@ -3398,7 +3565,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
     }
@@ -3482,7 +3653,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    #ifdef OPENSSL_EXTRA
+    if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+    #else
     if (tls && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
     }
@@ -3496,7 +3671,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+    #ifdef OPENSSL_EXTRA
+    if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+    #else
     if (tls && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
     }
@@ -3524,7 +3703,11 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+    #ifdef OPENSSL_EXTRA
+    if ((tls && haveRSA) || (tls && haveECDSAsig)) {
+    #else
     if (tls && haveRSA) {
+    #endif
         suites->suites[idx++] = ECC_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
     }
@@ -3667,14 +3850,22 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
 #endif
 
 #ifdef BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = CHACHA_BYTE;
         suites->suites[idx++] = TLS_ECDHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256;
     }
 #endif
 
 #ifdef BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256
+    #ifdef OPENSSL_EXTRA
+    if ((tls1_2 && haveRSA) || (tls1_2 && haveECDSAsig)) {
+    #else
     if (tls1_2 && haveRSA) {
+    #endif
         suites->suites[idx++] = CHACHA_BYTE;
         suites->suites[idx++] = TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256;
     }
@@ -4041,14 +4232,41 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
     }
 #endif
 
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+    if (tls && haveECC) {
+        suites->suites[idx++] = SM_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3;
+    }
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+    if (tls && haveECC) {
+        suites->suites[idx++] = SM_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3;
+    }
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+    if (tls && haveECC) {
+        suites->suites[idx++] = SM_BYTE;
+        suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3;
+    }
+#endif
+
 #endif /* !WOLFSSL_NO_TLS12 */
 
     suites->suiteSz = idx;
 
     if (suites->hashSigAlgoSz == 0) {
-        InitSuitesHashSigAlgo(suites, haveECDSAsig | haveECC,
-                              haveRSAsig | haveRSA, haveFalconSig,
-                              haveDilithiumSig, 0, tls1_2, keySz);
+        int haveSig = 0;
+        haveSig |= (haveRSAsig | haveRSA) ? SIG_RSA : 0;
+        haveSig |= (haveECDSAsig | haveECC) ? SIG_ECDSA : 0;
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        haveSig |= (haveECDSAsig | haveECC) ? SIG_SM2 : 0;
+    #endif
+        haveSig |= haveFalconSig ? SIG_FALCON : 0;
+        haveSig |= haveDilithiumSig ? SIG_DILITHIUM : 0;
+        haveSig &= ~SIG_ANON;
+        InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, tls1_2, keySz,
+            &suites->hashSigAlgoSz);
     }
 }
 
@@ -4061,7 +4279,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
  * hashalgo  The hash algorithm.
  * hsType    The signature type.
  */
-static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
+void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
 {
     *hsType = invalid_sa_algo;
     switch (input[0]) {
@@ -4097,6 +4315,16 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy
                 *hashAlgo = input[1];
             }
             break;
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        case SM2_SA_MAJOR:
+            /* SM2: 0x0708 */
+            if (input[1] == SM2_SA_MINOR) {
+                *hsType = sm2_sa_algo;
+                /* Hash performed as part of sign/verify operation. */
+                *hashAlgo = sm3_mac;
+            }
+            break;
+    #endif
 #ifdef HAVE_PQC
         case PQC_SA_MAJOR:
             /* Hash performed as part of sign/verify operation. */
@@ -4139,7 +4367,7 @@ static WC_INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsTy
 #if !defined(NO_DH) || defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
              defined(HAVE_CURVE448) || (!defined(NO_RSA) && defined(WC_RSA_PSS))
 
-static enum wc_HashType HashAlgoToType(int hashAlgo)
+enum wc_HashType HashAlgoToType(int hashAlgo)
 {
     switch (hashAlgo) {
     #ifdef WOLFSSL_SHA512
@@ -4150,6 +4378,10 @@ static enum wc_HashType HashAlgoToType(int hashAlgo)
         case sha384_mac:
             return WC_HASH_TYPE_SHA384;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            return WC_HASH_TYPE_SM3;
+    #endif
     #ifndef NO_SHA256
         case sha256_mac:
             return WC_HASH_TYPE_SHA256;
@@ -4380,6 +4612,13 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
             (void)hashAlgo;
             break;
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        case sm2_sa_algo:
+            output[0] = SM2_SA_MAJOR;
+            output[1] = SM2_SA_MINOR;
+            (void)hashAlgo;
+            break;
+#endif
 #ifndef NO_RSA
         case rsa_sa_algo:
             output[0] = hashAlgo;
@@ -4419,6 +4658,13 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo)
             ssl->buffers.digest.length = WC_SHA256_DIGEST_SIZE;
             break;
     #endif /* !NO_SHA256 */
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            ssl->options.dontFreeDigest = 1;
+            ssl->buffers.digest.buffer = ssl->hsHashes->certHashes.sm3;
+            ssl->buffers.digest.length = WC_SM3_DIGEST_SIZE;
+            break;
+    #endif /* WOLFSSL_SM2 */
     #ifdef WOLFSSL_SHA384
         case sha384_mac:
             ssl->options.dontFreeDigest = 1;
@@ -4442,7 +4688,7 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo)
 #endif /* !NO_CERTS */
 
 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
-static word32 MacSize(WOLFSSL* ssl)
+static word32 MacSize(const WOLFSSL* ssl)
 {
 #ifdef HAVE_TRUNCATED_HMAC
     word32 digestSz = ssl->truncated_hmac ? (byte)TRUNCATED_HMAC_SZ
@@ -4665,7 +4911,7 @@ int RsaVerify(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, int sigAlgo,
         void* ctx = wolfSSL_GetRsaVerifyCtx(ssl);
         ret = ssl->ctx->RsaVerifyCb(ssl, in, inSz, out, keyBuf, keySz, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
     else
     #else
@@ -4924,7 +5170,7 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
         void* ctx = wolfSSL_GetRsaEncCtx(ssl);
         ret = ssl->ctx->RsaEncCb(ssl, in, inSz, out, outSz, keyBuf, keySz, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS)
     else
     #else
@@ -5052,7 +5298,7 @@ int EccVerify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* out,
         ret = ssl->ctx->EccVerifyCb(ssl, in, inSz, out, outSz, keyBuf, keySz,
             &ssl->eccVerifyRes, ctx);
     }
-    #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
         !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
         !defined(WOLFSSL_MAXQ108X)
     else
@@ -5171,6 +5417,24 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
         if (ssl->ecdhCurveOID > 0) {
             ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL);
         }
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+        (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+         defined(WOLFSSL_SM4_CCM))
+        if ((ssl->options.cipherSuite0 == SM_BYTE) && (0
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+            || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3)
+        #endif
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+            || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3)
+        #endif
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+            || (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3)
+        #endif
+            )) {
+            keySz = 32;
+            ecc_curve = ECC_SM2P256V1;
+        }
+    #endif
     }
     else {
         keySz = peer->dp->size;
@@ -5209,6 +5473,63 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
 }
 #endif /* HAVE_ECC */
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+
+int Sm2wSm3Sign(WOLFSSL* ssl, const byte* id, word32 idSz, const byte* in,
+    word32 inSz, byte* out, word32* outSz, ecc_key* key, DerBuffer* keyBufInfo)
+{
+    int ret;
+    byte hash[WC_SM3_DIGEST_SIZE];
+
+    (void)ssl;
+    (void)keyBufInfo;
+
+    WOLFSSL_ENTER("Sm2wSm3Sign");
+
+    ret = wc_ecc_sm2_create_digest(id, idSz, in, inSz, WC_HASH_TYPE_SM3, hash,
+        sizeof(hash), key);
+    if (ret == 0) {
+        ret = wc_ecc_sm2_sign_hash(hash, sizeof(hash), out, outSz, ssl->rng,
+            key);
+    }
+
+    WOLFSSL_LEAVE("Sm2wSm3Sign", ret);
+
+    return ret;
+}
+
+int Sm2wSm3Verify(WOLFSSL* ssl, const byte* id, word32 idSz, const byte* sig,
+    word32 sigSz, const byte* msg, word32 msgSz, ecc_key* key,
+    buffer* keyBufInfo)
+{
+    int ret = SIG_VERIFY_E;
+    byte hash[WC_SM3_DIGEST_SIZE];
+
+    (void)ssl;
+    (void)keyBufInfo;
+
+    WOLFSSL_ENTER("Sm2wSm3Verify");
+
+    ret = wc_ecc_sm2_create_digest(id, idSz, msg, msgSz, WC_HASH_TYPE_SM3, hash,
+        sizeof(hash), key);
+    if (ret == 0) {
+        ret = wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash),
+            &ssl->eccVerifyRes, key);
+        if (ret == 0 && ssl->eccVerifyRes == 0) {
+            ret = VERIFY_SIGN_ERROR;
+        }
+    }
+    if (ret != 0) {
+        WOLFSSL_ERROR_VERBOSE(ret);
+    }
+
+    WOLFSSL_LEAVE("Sm2wSm3Verify", ret);
+
+    return ret;
+}
+
+#endif /* WOLFSSL_SM2 */
+
 #ifdef HAVE_ED25519
 /* Check whether the key contains a public key.
  * If not then pull it out of the leaf certificate.
@@ -6049,7 +6370,7 @@ static void InitSuites_EitherSide(Suites* suites, ProtocolVersion pv, int keySz,
         word16 haveFalconSig, word16 haveDilithiumSig, word16 haveAnon,
         int side)
 {
-    /* make sure server has DH parms, and add PSK if there */
+    /* make sure server has DH params, and add PSK if there */
     if (side == WOLFSSL_SERVER_END) {
         InitSuites(suites, pv, keySz, haveRSA, havePSK, haveDH, haveECDSAsig,
                    haveECC, TRUE, haveStaticECC, haveFalconSig,
@@ -6120,11 +6441,13 @@ int InitSSL_Suites(WOLFSSL* ssl)
         ssl->options.maxEarlyDataSz = ssl->ctx->maxEarlyDataSz;
 #endif
 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
     ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END ||
                                       ssl->buffers.keyType == ed25519_sa_algo ||
-                                      ssl->buffers.keyType == ed448_sa_algo;
+                                      ssl->buffers.keyType == ed448_sa_algo ||
+                                      ssl->buffers.keyType == sm2_sa_algo;
 #endif
 
 #ifndef NO_CERTS
@@ -6188,7 +6511,7 @@ int InitSSL_Suites(WOLFSSL* ssl)
    WOLFSSL_SUCCESS return value on success */
 int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 {
-    int ret;
+    int ret = WOLFSSL_SUCCESS; /* set default ret */
     byte newSSL;
 
     WOLFSSL_ENTER("SetSSL_CTX");
@@ -6211,19 +6534,33 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     }
 
     /* increment CTX reference count */
-    wolfSSL_RefInc(&ctx->ref, &ret);
+    ret = wolfSSL_CTX_up_ref(ctx);
 #ifdef WOLFSSL_REFCNT_ERROR_RETURN
-    if (ret < 0) {
+    if (ret != WOLFSSL_SUCCESS) {
         return ret;
     }
 #else
     (void)ret;
 #endif
-    ret = WOLFSSL_SUCCESS; /* set default ret */
 
     ssl->ctx     = ctx; /* only for passing to calls, options could change */
     /* Don't change version on a SSL object that has already started a
      * handshake */
+#if defined(WOLFSSL_HAPROXY)
+    if (ssl->initial_ctx == NULL) {
+        ret = wolfSSL_CTX_up_ref(ctx);
+        if (ret == WOLFSSL_SUCCESS) {
+            ssl->initial_ctx = ctx; /* Save access to session key materials */
+        }
+        else {
+        #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+            return ret;
+        #else
+            (void)ret;
+        #endif
+        }
+    }
+#endif
     if (!ssl->msgsReceived.got_client_hello &&
             !ssl->msgsReceived.got_server_hello)
         ssl->version = ctx->method->version;
@@ -6392,6 +6729,11 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     ssl->buffers.serverDH_G = ctx->serverDH_G;
 #endif
 
+#if defined(HAVE_RPK)
+    ssl->options.rpkConfig  = ctx->rpkConfig;
+    ssl->options.rpkState   = ctx->rpkState;
+#endif /* HAVE_RPK */
+
 #ifndef NO_CERTS
     /* ctx still owns certificate, certChain, key, dh, and cm */
     ssl->buffers.certificate = ctx->certificate;
@@ -6407,11 +6749,13 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     ssl->buffers.keyDevId = ctx->privateKeyDevId;
 #endif
 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
     ssl->options.cacheMessages = ssl->options.side == WOLFSSL_SERVER_END ||
                                       ssl->buffers.keyType == ed25519_sa_algo ||
-                                      ssl->buffers.keyType == ed448_sa_algo;
+                                      ssl->buffers.keyType == ed448_sa_algo ||
+                                      ssl->buffers.keyType == sm2_sa_algo;
 #endif
 
 
@@ -6537,6 +6881,14 @@ int InitHandshakeHashes(WOLFSSL* ssl)
         wc_Sha512SetFlags(&ssl->hsHashes->hashSha512, WC_HASH_FLAG_WILLCOPY);
     #endif
 #endif
+#ifdef WOLFSSL_SM3
+    ret = wc_InitSm3(&ssl->hsHashes->hashSm3, ssl->heap, ssl->devId);
+    if (ret != 0)
+        return ret;
+    #ifdef WOLFSSL_HASH_FLAGS
+        wc_Sm3SetFlags(&ssl->hsHashes->hashSm3, WC_HASH_FLAG_WILLCOPY);
+    #endif
+#endif
 
     return ret;
 }
@@ -6561,8 +6913,12 @@ void FreeHandshakeHashes(WOLFSSL* ssl)
     #ifdef WOLFSSL_SHA512
         wc_Sha512Free(&ssl->hsHashes->hashSha512);
     #endif
-    #if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
-                                                !defined(WOLFSSL_NO_CLIENT_AUTH)
+    #ifdef WOLFSSL_SM3
+        wc_Sm3Free(&ssl->hsHashes->hashSm3);
+    #endif
+    #if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+         (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+        !defined(WOLFSSL_NO_CLIENT_AUTH)
         if (ssl->hsHashes->messages != NULL) {
             ForceZero(ssl->hsHashes->messages, ssl->hsHashes->length);
             XFREE(ssl->hsHashes->messages, ssl->heap, DYNAMIC_TYPE_HASHES);
@@ -6619,8 +6975,14 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
             ret = wc_Sha512Copy(&source->hashSha512,
                 &(*destination)->hashSha512);
     #endif
-    #if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
-                                              !defined(WOLFSSL_NO_CLIENT_AUTH)
+    #ifdef WOLFSSL_SM3
+        if (ret == 0)
+            ret = wc_Sm3Copy(&source->hashSm3,
+                &(*destination)->hashSm3);
+    #endif
+    #if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+         (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+        !defined(WOLFSSL_NO_CLIENT_AUTH)
         if (ret == 0 && source->messages != NULL) {
             (*destination)->messages = (byte*)XMALLOC(source->length, ssl->heap,
                 DYNAMIC_TYPE_HASHES);
@@ -6640,7 +7002,7 @@ int InitHandshakeHashesAndCopy(WOLFSSL* ssl, HS_Hashes* source,
     return ret;
 }
 
-/* called if user attempts to re-use WOLFSSL object for a new session.
+/* called if user attempts to reuse WOLFSSL object for a new session.
  * For example wolfSSL_clear() is called then wolfSSL_connect or accept */
 int ReinitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 {
@@ -6876,12 +7238,6 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     #endif
     #if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
         ssl->dtlsMtuSz                  = ctx->dtlsMtuSz;
-        /* Add some bytes so that we can operate with slight difference
-         * in set MTU size on each peer */
-        ssl->dtls_expected_rx           = ssl->dtlsMtuSz +
-                                            DTLS_MTU_ADDITIONAL_READ_BUFFER;
-    #else
-        ssl->dtls_expected_rx = MAX_MTU;
     #endif
     ssl->dtls_timeout_init              = DTLS_TIMEOUT_INIT;
     ssl->dtls_timeout_max               = DTLS_TIMEOUT_MAX;
@@ -6917,7 +7273,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     #ifndef NO_OLD_TLS
         ssl->hmac = SSL_hmac; /* default to SSLv3 */
     #elif !defined(WOLFSSL_NO_TLS12) && !defined(NO_TLS)
-      #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+      #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
           !defined(WOLFSSL_RENESAS_TSIP_TLS)
         ssl->hmac = TLS_hmac;
       #else
@@ -6961,6 +7317,10 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
         XMEMCPY(ssl->group, ctx->group, sizeof(*ctx->group) * ctx->numGroups);
         ssl->numGroups = ctx->numGroups;
     }
+
+    #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+        ssl->options.tls13MiddleBoxCompat = 1;
+    #endif
 #endif
 
 #ifdef HAVE_TLS_EXTENSIONS
@@ -7004,10 +7364,12 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     ssl->alert_history.last_tx.code  = -1;
     ssl->alert_history.last_tx.level = -1;
 
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* copy over application session context ID */
     ssl->sessionCtxSz = ctx->sessionCtxSz;
     XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
+#endif
+#ifdef OPENSSL_EXTRA
     ssl->cbioFlag = ctx->cbioFlag;
 
     ssl->protoMsgCb  = ctx->protoMsgCb;
@@ -7055,9 +7417,13 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
 
     /* Initialize SSL with the appropriate fields from it's ctx */
     /* requires valid arrays and suites unless writeDup ing */
-    if ((ret = SetSSL_CTX(ssl, ctx, writeDup)) != WOLFSSL_SUCCESS)
+    if ((ret = SetSSL_CTX(ssl, ctx, writeDup)) != WOLFSSL_SUCCESS
+#ifdef WOLFSSL_NO_INIT_CTX_KEY
+        && ret != NO_PRIVATE_KEY
+#endif
+        ) {
         return ret;
-
+    }
     ssl->options.dtls = ssl->version.major == DTLS_MAJOR;
 
 #ifdef HAVE_WRITE_DUP
@@ -7155,7 +7521,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
             ret = wolfSSL_UseSecureRenegotiation(ssl);
             if (ret != WOLFSSL_SUCCESS)
                 return ret;
-            }
+        }
     }
 #endif /* HAVE_SECURE_RENEGOTIATION */
 
@@ -7184,6 +7550,11 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
         return ret;
 #endif
 
+#if defined(HAVE_SECRET_CALLBACK) && defined(SHOW_SECRETS) && \
+    defined(WOLFSSL_SSLKEYLOGFILE) && defined(WOLFSSL_TLS13)
+    (void)wolfSSL_set_tls13_secret_cb(ssl, tls13ShowSecrets, NULL);
+#endif
+
     return 0;
 }
 
@@ -7298,6 +7669,12 @@ int AllocKey(WOLFSSL* ssl, int type, void** pKey)
     /* Sanity check key destination */
     if (*pKey != NULL) {
         WOLFSSL_MSG("Key already present!");
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        /* allow calling this again for async reentry */
+        if (ssl->error == WC_PENDING_E) {
+            return 0;
+        }
+    #endif
         return BAD_STATE_E;
     }
 
@@ -7612,6 +7989,8 @@ void SSL_ResourceFree(WOLFSSL* ssl)
     if (ssl->options.weOwnRng) {
         wc_FreeRng(ssl->rng);
         XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG);
+        ssl->rng = NULL;
+        ssl->options.weOwnRng = 0;
     }
     FreeSuites(ssl);
     FreeHandshakeHashes(ssl);
@@ -7662,7 +8041,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
     FreeKey(ssl, DYNAMIC_TYPE_RSA, (void**)&ssl->peerRsaKey);
     ssl->peerRsaKeyPresent = 0;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     XFREE(ssl->peerSceTsipEncRsaKeyIndex, ssl->heap, DYNAMIC_TYPE_RSA);
     Renesas_cmn_Cleanup(ssl);
 #endif
@@ -7886,7 +8265,7 @@ void SSL_ResourceFree(WOLFSSL* ssl)
         if (FreeFixedIO(ctx_heap, &(ssl_hint->inBuf)) != 1) {
             WOLFSSL_MSG("Error freeing fixed output buffer");
         }
-        if (ssl_hint->haFlag) { /* check if handshake count has been decreased*/
+        if (ssl_hint->haFlag && ctx_heap->curHa > 0) { /* check if handshake count has been decreased*/
             ctx_heap->curHa--;
         }
         wc_UnLockMutex(&(ctx_heap->memory_mutex));
@@ -7911,8 +8290,8 @@ void SSL_ResourceFree(WOLFSSL* ssl)
     #endif
 #endif
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
-    wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
-    ssl->ca_names = NULL;
+    wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+    ssl->client_ca_names = NULL;
 #endif
 #ifdef WOLFSSL_DTLS13
     Dtls13FreeFsmResources(ssl);
@@ -7920,6 +8299,10 @@ void SSL_ResourceFree(WOLFSSL* ssl)
 #ifdef WOLFSSL_QUIC
     wolfSSL_quic_free(ssl);
 #endif
+#if defined(WOLFSSL_HAPROXY)
+    wolfSSL_CTX_free(ssl->initial_ctx);
+    ssl->initial_ctx = NULL;
+#endif
 }
 
 /* Free any handshake resources no longer needed */
@@ -8118,13 +8501,25 @@ void FreeHandshakeResources(WOLFSSL* ssl)
     }
 #endif /* HAVE_PK_CALLBACKS */
 
-#if defined(HAVE_TLS_EXTENSIONS) && !defined(HAVE_SNI) && \
-!defined(NO_TLS) && !defined(HAVE_ALPN) && !defined(WOLFSSL_POST_HANDSHAKE_AUTH) && \
-    !defined(WOLFSSL_DTLS_CID)
+#if defined(HAVE_TLS_EXTENSIONS) && !defined(NO_TLS)
+#if !defined(HAVE_SNI) && !defined(HAVE_ALPN) && !defined(WOLFSSL_DTLS_CID) && \
+    !defined(WOLFSSL_POST_HANDSHAKE_AUTH)
     /* Some extensions need to be kept for post-handshake querying. */
     TLSX_FreeAll(ssl->extensions, ssl->heap);
     ssl->extensions = NULL;
+#else
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
+    TLSX_Remove(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, ssl->heap);
+#endif
+    TLSX_Remove(&ssl->extensions, TLSX_EC_POINT_FORMATS, ssl->heap);
+    TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_GROUPS, ssl->heap);
+#ifdef WOLFSSL_TLS13
+    TLSX_Remove(&ssl->extensions, TLSX_SUPPORTED_VERSIONS, ssl->heap);
+    TLSX_Remove(&ssl->extensions, TLSX_KEY_SHARE, ssl->heap);
 #endif
+#endif /* !HAVE_SNI && && !HAVE_ALPN && !WOLFSSL_DTLS_CID &&
+        * !WOLFSSL_POST_HANDSHAKE_AUTH */
+#endif /* HAVE_TLS_EXTENSIONS && !NO_TLS */
 
 #ifdef WOLFSSL_STATIC_MEMORY
     /* when done with handshake decrement current handshake count */
@@ -8140,7 +8535,9 @@ void FreeHandshakeResources(WOLFSSL* ssl)
         if (wc_LockMutex(&(ctx_heap->memory_mutex)) != 0) {
             WOLFSSL_MSG("Bad memory_mutex lock");
         }
-        ctx_heap->curHa--;
+        if (ctx_heap->curHa > 0) {
+            ctx_heap->curHa--;
+        }
         ssl_hint->haFlag = 0; /* set to zero since handshake has been dec */
         wc_UnLockMutex(&(ctx_heap->memory_mutex));
     #ifdef WOLFSSL_HEAP_TEST
@@ -8167,7 +8564,8 @@ void FreeSSL(WOLFSSL* ssl, void* heap)
 
 #if !defined(NO_OLD_TLS) || defined(WOLFSSL_DTLS) || \
     !defined(WOLFSSL_NO_TLS12) || \
-    ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM)) \
+    ((defined(HAVE_CHACHA) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || \
+     defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) \
      && defined(HAVE_AEAD))
 
 #if defined(WOLFSSL_DTLS) || !defined(WOLFSSL_NO_TLS12)
@@ -8291,7 +8689,8 @@ void WriteSEQ(WOLFSSL* ssl, int verifyOrder, byte* out)
 }
 #endif /* WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 */
 #endif /* !NO_OLD_TLS || WOLFSSL_DTLS || !WOLFSSL_NO_TLS12 ||
-        *     ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM) && HAVE_AEAD) */
+        *     ((HAVE_CHACHA || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_SM4_GCM ||
+        *       WOLFSSL_SM4_CCM) && HAVE_AEAD) */
 
 #ifdef WOLFSSL_DTLS
 
@@ -8573,7 +8972,8 @@ static void DtlsMsgAssembleCompleteMessage(DtlsMsg* msg)
 }
 
 int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch, const byte* data, byte type,
-               word32 fragOffset, word32 fragSz, void* heap, word32 totalLen)
+               word32 fragOffset, word32 fragSz, void* heap, word32 totalLen,
+               byte encrypted)
 {
     word32 fragOffsetEnd = fragOffset + fragSz;
 
@@ -8594,11 +8994,13 @@ int DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch, const byte* data, byte ty
             WOLFSSL_ERROR_VERBOSE(SEQUENCE_ERROR);
             return SEQUENCE_ERROR;
         }
+        msg->encrypted = msg->encrypted && encrypted;
     }
     else {
         msg->type = type;
         msg->epoch = epoch;
         msg->seq = seq;
+        msg->encrypted = encrypted;
     }
 
     if (msg->fragBucketList == NULL) {
@@ -8719,6 +9121,7 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
      */
 
     DtlsMsg* head = ssl->dtls_rx_msg_list;
+    byte encrypted = ssl->keys.decryptedCur == 1;
     WOLFSSL_ENTER("DtlsMsgStore");
 
     if (head != NULL) {
@@ -8727,7 +9130,7 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
             cur = DtlsMsgNew(dataSz, 0, heap);
             if (cur != NULL) {
                 if (DtlsMsgSet(cur, seq, epoch, data, type,
-                                       fragOffset, fragSz, heap, dataSz) < 0) {
+                             fragOffset, fragSz, heap, dataSz, encrypted) < 0) {
                     DtlsMsgDelete(cur, heap);
                 }
                 else {
@@ -8739,13 +9142,13 @@ void DtlsMsgStore(WOLFSSL* ssl, word16 epoch, word32 seq, const byte* data,
         else {
             /* If this fails, the data is just dropped. */
             DtlsMsgSet(cur, seq, epoch, data, type, fragOffset,
-                    fragSz, heap, dataSz);
+                    fragSz, heap, dataSz, encrypted);
         }
     }
     else {
         head = DtlsMsgNew(dataSz, 0, heap);
         if (DtlsMsgSet(head, seq, epoch, data, type, fragOffset,
-                    fragSz, heap, dataSz) < 0) {
+                    fragSz, heap, dataSz, encrypted) < 0) {
             DtlsMsgDelete(head, heap);
             head = NULL;
         }
@@ -8861,6 +9264,10 @@ void DtlsMsgPoolReset(WOLFSSL* ssl)
         ssl->dtls_tx_msg = NULL;
         ssl->dtls_tx_msg_list_sz = 0;
     }
+#ifdef WOLFSSL_DTLS13
+    /* Clear DTLS 1.3 buffer too */
+    Dtls13RtxFlushBuffered(ssl, 1);
+#endif
 }
 
 
@@ -8871,13 +9278,21 @@ int VerifyForDtlsMsgPoolSend(WOLFSSL* ssl, byte type, word32 fragOffset)
      * to be used for triggering retransmission of whole DtlsMsgPool.
      * change cipher suite type is not verified here
      */
-    return ((fragOffset == 0) &&
-           (((ssl->options.side == WOLFSSL_SERVER_END) &&
-             ((type == client_hello) ||
-             ((ssl->options.verifyPeer) && (type == certificate)) ||
-             ((!ssl->options.verifyPeer) && (type == client_key_exchange)))) ||
-            ((ssl->options.side == WOLFSSL_CLIENT_END) &&
-             (type == hello_request || type == server_hello))));
+    if (fragOffset == 0) {
+        if (ssl->options.side == WOLFSSL_SERVER_END) {
+            if (type == client_hello)
+                return 1;
+            else if (ssl->options.verifyPeer && type == certificate)
+                return 1;
+            else if (!ssl->options.verifyPeer && type == client_key_exchange)
+                return 1;
+        }
+        else {
+            if (type == hello_request || type == server_hello)
+                return 1;
+        }
+    }
+    return 0;
 }
 
 
@@ -9256,6 +9671,13 @@ ProtocolVersion MakeDTLSv1_3(void)
         return sys_now()/1000;
     }
 
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+    word32 LowResTimer(void)
+    {
+        return (word32)osKernelGetTickCount() / 1000;
+    }
+
 #elif defined(WOLFSSL_TIRTOS)
 
     word32 LowResTimer(void)
@@ -9347,7 +9769,8 @@ ProtocolVersion MakeDTLSv1_3(void)
 #endif /* !NO_ASN_TIME */
 
 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
 /* Store the message for use with CertificateVerify using EdDSA.
  *
@@ -9453,8 +9876,19 @@ int HashRaw(WOLFSSL* ssl, const byte* data, int sz)
         WOLFSSL_BUFFER(digest, WC_SHA512_DIGEST_SIZE);
     #endif
     #endif
+    #ifdef WOLFSSL_SM3
+        ret = wc_Sm3Update(&ssl->hsHashes->hashSm3, data, sz);
+        if (ret != 0)
+            return ret;
+    #ifdef WOLFSSL_DEBUG_TLS
+        WOLFSSL_MSG("SM3");
+        wc_Sm3GetHash(&ssl->hsHashes->hashSm3, digest);
+        WOLFSSL_BUFFER(digest, WC_SM3_DIGEST_SIZE);
+    #endif
+    #endif
     #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
         ret = EdDSA_Update(ssl, data, sz);
         if (ret != 0)
@@ -9986,6 +10420,8 @@ void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree)
 
 int SendBuffered(WOLFSSL* ssl)
 {
+    int retryLimit = WOLFSSL_MODE_AUTO_RETRY_ATTEMPTS;
+
     if (ssl->CBIOSend == NULL && !WOLFSSL_IS_QUIC(ssl)) {
         WOLFSSL_MSG("Your IO Send callback is null, please set");
         return SOCKET_ERROR_E;
@@ -10006,15 +10442,22 @@ int SendBuffered(WOLFSSL* ssl)
 #endif
 
     while (ssl->buffers.outputBuffer.length > 0) {
-        int sent = ssl->CBIOSend(ssl,
-                                      (char*)ssl->buffers.outputBuffer.buffer +
-                                      ssl->buffers.outputBuffer.idx,
-                                      (int)ssl->buffers.outputBuffer.length,
-                                      ssl->IOCB_WriteCtx);
+        int sent = 0;
+retry:
+        sent = ssl->CBIOSend(ssl,
+                             (char*)ssl->buffers.outputBuffer.buffer +
+                             ssl->buffers.outputBuffer.idx,
+                             (int)ssl->buffers.outputBuffer.length,
+                             ssl->IOCB_WriteCtx);
         if (sent < 0) {
             switch (sent) {
 
                 case WOLFSSL_CBIO_ERR_WANT_WRITE:        /* would block */
+                    if (retryLimit > 0 && ssl->ctx->autoRetry &&
+                            !ssl->options.handShakeDone && !ssl->options.dtls) {
+                        retryLimit--;
+                        goto retry;
+                    }
                     return WANT_WRITE;
 
                 case WOLFSSL_CBIO_ERR_CONN_RST:          /* connection reset */
@@ -10239,13 +10682,12 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
 
 #ifdef WOLFSSL_DTLS
     if (ssl->options.dtls) {
-        if (size + ssl->buffers.outputBuffer.length >
 #if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
-                ssl->dtlsMtuSz
+        word32 mtu = (word32)ssl->dtlsMtuSz;
 #else
-                ssl->dtls_expected_rx
+        word32 mtu = MAX_MTU;
 #endif
-                ) {
+        if ((word32)size + ssl->buffers.outputBuffer.length > mtu) {
             int ret;
             WOLFSSL_MSG("CheckAvailableSize() flushing buffer "
                         "to make room for new message");
@@ -10253,12 +10695,7 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
                 return ret;
             }
         }
-        if (size > (int)
-#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
-                ssl->dtlsMtuSz
-#else
-                ssl->dtls_expected_rx
-#endif
+        if ((word32)size > mtu
 #ifdef WOLFSSL_DTLS13
             /* DTLS1.3 uses the output buffer to store the full message and deal
                with fragmentation later in dtls13HandshakeSend() */
@@ -10281,6 +10718,297 @@ int CheckAvailableSize(WOLFSSL *ssl, int size)
     return 0;
 }
 
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+
+int MsgCheckEncryption(WOLFSSL* ssl, byte type, byte encrypted)
+{
+#ifdef WOLFSSL_QUIC
+    /* QUIC protects messages outside of the TLS scope */
+    if (WOLFSSL_IS_QUIC(ssl) && IsAtLeastTLSv1_3(ssl->version))
+        return 0;
+#endif
+    /* Verify which messages always have to be encrypted */
+    if (IsAtLeastTLSv1_3(ssl->version)) {
+        switch ((enum HandShakeType)type) {
+            case client_hello:
+            case server_hello:
+            case hello_verify_request:
+            case hello_retry_request:
+            case change_cipher_hs:
+                if (encrypted) {
+                    WOLFSSL_MSG("Message can not be encrypted");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case hello_request:
+            case session_ticket:
+            case end_of_early_data:
+            case encrypted_extensions:
+            case certificate:
+            case server_key_exchange:
+            case certificate_request:
+            case server_hello_done:
+            case certificate_verify:
+            case client_key_exchange:
+            case finished:
+            case certificate_status:
+            case key_update:
+                if (!encrypted) {
+                    WOLFSSL_MSG("Message always has to be encrypted");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case message_hash:
+            case no_shake:
+            default:
+                WOLFSSL_MSG("Unknown message type");
+                WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+                return SANITY_MSG_E;
+        }
+    }
+    else {
+        switch ((enum HandShakeType)type) {
+            case client_hello:
+                if ((IsSCR(ssl) || ssl->options.handShakeDone) && !encrypted) {
+                    WOLFSSL_MSG("Message has to be encrypted for SCR");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case server_hello:
+            case hello_verify_request:
+            case hello_retry_request:
+            case certificate:
+            case server_key_exchange:
+            case certificate_request:
+            case server_hello_done:
+            case certificate_verify:
+            case client_key_exchange:
+            case certificate_status:
+            case session_ticket:
+            case change_cipher_hs:
+                if (IsSCR(ssl)) {
+                    if (!encrypted) {
+                        WOLFSSL_MSG("Message has to be encrypted during SCR");
+                        WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                        return OUT_OF_ORDER_E;
+                    }
+                }
+                else if (encrypted) {
+                    WOLFSSL_MSG("Message can not be encrypted in regular "
+                                "handshake");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case hello_request:
+            case finished:
+                if (!encrypted) {
+                    WOLFSSL_MSG("Message always has to be encrypted");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case key_update:
+            case encrypted_extensions:
+            case end_of_early_data:
+            case message_hash:
+            case no_shake:
+            default:
+                WOLFSSL_MSG("Unknown message type");
+                WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+                return SANITY_MSG_E;
+        }
+    }
+    return 0;
+}
+
+static WC_INLINE int isLastMsg(const WOLFSSL* ssl, word32 msgSz)
+{
+    word32 extra = 0;
+    if (IsEncryptionOn(ssl, 0)) {
+        extra = ssl->keys.padSz;
+#if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
+        if (ssl->options.startedETMRead)
+            extra += MacSize(ssl);
+#endif
+    }
+    return (ssl->buffers.inputBuffer.idx - ssl->curStartIdx) + msgSz + extra
+            == ssl->curSize;
+}
+
+/* Check if the msg is the last msg in a record. This is also an easy way
+ * to check that a record doesn't span different key boundaries. */
+static int MsgCheckBoundary(const WOLFSSL* ssl, byte type,
+        byte version_negotiated, word32 msgSz)
+{
+    if (version_negotiated) {
+        if (IsAtLeastTLSv1_3(ssl->version)) {
+            switch ((enum HandShakeType)type) {
+                case hello_request:
+                case client_hello:
+                case server_hello:
+                case hello_verify_request:
+                case hello_retry_request:
+                case finished:
+                case end_of_early_data:
+                    if (!isLastMsg(ssl, msgSz)) {
+                        WOLFSSL_MSG("Message type is not last in record");
+                        WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                        return OUT_OF_ORDER_E;
+                    }
+                    break;
+                case session_ticket:
+                case encrypted_extensions:
+                case certificate:
+                case server_key_exchange:
+                case certificate_request:
+                case certificate_verify:
+                case client_key_exchange:
+                case certificate_status:
+                case key_update:
+                case change_cipher_hs:
+                    break;
+                case server_hello_done:
+                case message_hash:
+                case no_shake:
+                default:
+                    WOLFSSL_MSG("Unknown message type");
+                    WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+                    return SANITY_MSG_E;
+            }
+        }
+        else {
+            switch ((enum HandShakeType)type) {
+                case hello_request:
+                case client_hello:
+                case hello_verify_request:
+                    if (!isLastMsg(ssl, msgSz)) {
+                        WOLFSSL_MSG("Message type is not last in record");
+                        WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                        return OUT_OF_ORDER_E;
+                    }
+                    break;
+                case server_hello:
+                case session_ticket:
+                case end_of_early_data:
+                case certificate:
+                case server_key_exchange:
+                case certificate_request:
+                case server_hello_done:
+                case certificate_verify:
+                case client_key_exchange:
+                case finished:
+                case certificate_status:
+                case change_cipher_hs:
+                    break;
+                case hello_retry_request:
+                case encrypted_extensions:
+                case key_update:
+                case message_hash:
+                case no_shake:
+                default:
+                    WOLFSSL_MSG("Unknown message type");
+                    WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+                    return SANITY_MSG_E;
+            }
+        }
+    }
+    else {
+        switch ((enum HandShakeType)type) {
+            case hello_request:
+            case client_hello:
+            case hello_verify_request:
+                if (!isLastMsg(ssl, msgSz)) {
+                    WOLFSSL_MSG("Message type is not last in record");
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+                break;
+            case server_hello:
+            case session_ticket:
+            case end_of_early_data:
+            case hello_retry_request:
+            case encrypted_extensions:
+            case certificate:
+            case server_key_exchange:
+            case certificate_request:
+            case server_hello_done:
+            case certificate_verify:
+            case client_key_exchange:
+            case finished:
+            case certificate_status:
+            case key_update:
+            case change_cipher_hs:
+                break;
+            case message_hash:
+            case no_shake:
+            default:
+                WOLFSSL_MSG("Unknown message type");
+                WOLFSSL_ERROR_VERBOSE(SANITY_MSG_E);
+                return SANITY_MSG_E;
+        }
+    }
+    return 0;
+}
+
+#endif /* WOLFSSL_DISABLE_EARLY_SANITY_CHECKS */
+
+/**
+ * This check is performed as soon as the handshake message type becomes known.
+ * These checks can not be delayed and need to be performed when the msg is
+ * received and not when it is processed (fragmentation may cause messages to
+ * be processed at a later time). This function CAN NOT be called on stored
+ * messages as it relies on the state of the WOLFSSL object right after
+ * receiving the message.
+ *
+ * @param ssl   The current connection
+ * @param type  The enum HandShakeType of the current message
+ * @param msgSz Size of the current message
+ * @return
+ */
+int EarlySanityCheckMsgReceived(WOLFSSL* ssl, byte type, word32 msgSz)
+{
+    int ret = 0;
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+    byte version_negotiated = 0;
+
+    WOLFSSL_ENTER("EarlySanityCheckMsgReceived");
+
+#ifdef WOLFSSL_DTLS
+    /* Version has only been negotiated after we either send or process a
+     * ServerHello message */
+    if (ssl->options.dtls)
+        version_negotiated = ssl->options.serverState >= SERVER_HELLO_COMPLETE;
+    else
+#endif
+        version_negotiated = 1;
+
+    if (version_negotiated)
+        ret = MsgCheckEncryption(ssl, type, ssl->keys.decryptedCur == 1);
+
+    if (ret == 0)
+        ret = MsgCheckBoundary(ssl, type, version_negotiated, msgSz);
+
+    if (ret != 0
+#ifdef WOLFSSL_DTLS
+            && ssl->options.dtls && ssl->options.dtlsStateful
+#endif
+            )
+        SendAlert(ssl, alert_fatal, unexpected_message);
+
+    WOLFSSL_LEAVE("EarlySanityCheckMsgReceived", ret);
+#else
+    (void)ssl;
+    (void)type;
+    (void)msgSz;
+#endif
+
+    return ret;
+}
+
 #ifdef WOLFSSL_DTLS13
 static int GetInputData(WOLFSSL *ssl, word32 size);
 static int GetDtls13RecordHeader(WOLFSSL* ssl, word32* inOutIdx,
@@ -10397,6 +11125,7 @@ static int GetDtlsRecordHeader(WOLFSSL* ssl, word32* inOutIdx,
     int ret;
 
     if (Dtls13IsUnifiedHeader(*(ssl->buffers.inputBuffer.buffer + *inOutIdx))) {
+        ssl->options.seenUnifiedHdr = 1; /* We can send ACKs to the peer */
 
         /* version 1.3 already negotiated */
         if (ssl->options.tls1_3) {
@@ -10833,31 +11562,19 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
 #endif /* WOLFSSL_NO_TLS12 */
 
 #if !defined(NO_WOLFSSL_SERVER) || !defined(NO_WOLFSSL_CLIENT)
-    /* cipher requirements */
-    enum {
-        REQUIRES_RSA,
-        REQUIRES_DHE,
-        REQUIRES_ECC,
-        REQUIRES_ECC_STATIC,
-        REQUIRES_PSK,
-        REQUIRES_RSA_SIG,
-        REQUIRES_AEAD
-    };
-
-
-
-    /* Does this cipher suite (first, second) have the requirement
-       an ephemeral key exchange will still require the key for signing
-       the key exchange so ECDHE_RSA requires an rsa key thus rsa_kea */
-    static int CipherRequires(byte first, byte second, int requirement)
-    {
 
-        (void)requirement;
+/* Does this cipher suite (first, second) have the requirement
+   an ephemeral key exchange will still require the key for signing
+   the key exchange so ECDHE_RSA requires an rsa key thus rsa_kea */
+int CipherRequires(byte first, byte second, int requirement)
+{
+
+    (void)requirement;
 
 #ifndef WOLFSSL_NO_TLS12
 
 #ifdef HAVE_CHACHA
-        if (first == CHACHA_BYTE) {
+    if (first == CHACHA_BYTE) {
 
         switch (second) {
             case TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 :
@@ -10911,208 +11628,220 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
                 if (requirement == REQUIRES_DHE)
                     return 1;
                 break;
+
+            default:
+                WOLFSSL_MSG("Unsupported cipher suite, CipherRequires CHACHA");
+                return 0;
         }
 
         if (requirement == REQUIRES_AEAD)
             return 1;
-        }
+    }
 #endif /* HAVE_CHACHA */
 
-        /* ECC extensions */
-        if (first == ECC_BYTE) {
+    /* ECC extensions */
+    if (first == ECC_BYTE) {
 
         switch (second) {
 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
     #ifndef NO_RSA
-        case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            break;
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                break;
 
-    #ifndef NO_DES3
-        case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+        #ifndef NO_DES3
+            case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            break;
-    #endif /* !NO_DES3 */
+            case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                break;
+        #endif /* !NO_DES3 */
 
-    #ifndef NO_RC4
-        case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+        #ifndef NO_RC4
+            case TLS_ECDHE_RSA_WITH_RC4_128_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_RC4_128_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            break;
-    #endif /* !NO_RC4 */
+            case TLS_ECDH_RSA_WITH_RC4_128_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                break;
+        #endif /* !NO_RC4 */
     #endif /* NO_RSA */
 
-    #ifndef NO_DES3
-        case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+        #ifndef NO_DES3
+            case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
-    #endif /* !NO_DES3  */
-    #ifndef NO_RC4
-        case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
+        #endif /* !NO_DES3  */
+        #ifndef NO_RC4
+            case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
-    #endif /* !NO_RC4 */
-    #ifndef NO_RSA
-        case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_RC4_128_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
+        #endif /* !NO_RC4 */
+        #ifndef NO_RSA
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            break;
-    #endif /* !NO_RSA */
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                break;
+        #endif /* !NO_RSA */
 
-        case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
 
 #ifndef NO_RSA
     #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
-        case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
     #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
     #ifdef HAVE_AESCCM
-        case TLS_RSA_WITH_AES_128_CCM_8 :
-        case TLS_RSA_WITH_AES_256_CCM_8 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_128_CCM_8 :
+            case TLS_RSA_WITH_AES_256_CCM_8 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
     #endif /* HAVE_AESCCM */
     #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
 
-        case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
-        case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 :
+            case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
-        case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
+            case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
+            case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 :
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
     #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
 #endif /* !NO_RSA */
 
+#ifdef HAVE_ARIA
+        case TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 :
+        case TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 :
+            if (requirement == REQUIRES_ECC)
+                return 1;
+            break;
+#endif /* HAVE_ARIA */
+
 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
         case TLS_ECDHE_ECDSA_WITH_AES_128_CCM :
         case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
@@ -11123,315 +11852,363 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
                 return 1;
             break;
 
-        case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
-        case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+            case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 :
+            case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
-        case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            if (requirement == REQUIRES_ECC_STATIC)
-                return 1;
-            break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+            case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 :
+            case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                if (requirement == REQUIRES_ECC_STATIC)
+                    return 1;
+                break;
+    #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
 
-#ifndef NO_PSK
-        case TLS_PSK_WITH_AES_128_CCM:
-        case TLS_PSK_WITH_AES_256_CCM:
-        case TLS_PSK_WITH_AES_128_CCM_8:
-        case TLS_PSK_WITH_AES_256_CCM_8:
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+    #ifndef NO_PSK
+            case TLS_PSK_WITH_AES_128_CCM:
+            case TLS_PSK_WITH_AES_256_CCM:
+            case TLS_PSK_WITH_AES_128_CCM_8:
+            case TLS_PSK_WITH_AES_256_CCM_8:
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_DHE_PSK_WITH_AES_128_CCM:
-        case TLS_DHE_PSK_WITH_AES_256_CCM:
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
-#endif /* !NO_PSK */
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
-        case TLS_ECDHE_ECDSA_WITH_NULL_SHA :
-            if (requirement == REQUIRES_ECC)
-                return 1;
-            break;
+            case TLS_DHE_PSK_WITH_AES_128_CCM:
+            case TLS_DHE_PSK_WITH_AES_256_CCM:
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
+    #endif /* !NO_PSK */
+    #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+            case TLS_ECDHE_ECDSA_WITH_NULL_SHA :
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_PSK_WITH_NULL_SHA256 :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            break;
+            case TLS_ECDHE_PSK_WITH_NULL_SHA256 :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                break;
 
-        case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+            case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                break;
+    #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
 
-#if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
-        case TLS_SHA256_SHA256:
-            break;
-        case TLS_SHA384_SHA384:
-            break;
-#endif
+    #if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER)
+            case TLS_SHA256_SHA256:
+                break;
+            case TLS_SHA384_SHA384:
+                break;
+    #endif
 
-        default:
-            WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
-            return 0;
+            default:
+                WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC");
+                return 0;
         }   /* switch */
-        }   /* if     */
+    }   /* if */
 
-        /* ECC extensions */
-        if (first == ECDHE_PSK_BYTE) {
+    /* ECC extensions */
+    if (first == ECDHE_PSK_BYTE) {
 
         switch (second) {
-#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
-        case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            break;
-#endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
-        default:
-            WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC PSK");
-            return 0;
+    #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+            case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                break;
+    #endif /* HAVE_ECC || HAVE_CURVE25519 || HAVE_CURVE448 */
+            default:
+                WOLFSSL_MSG("Unsupported cipher suite, CipherRequires ECC PSK");
+                return 0;
         }   /* switch */
-        }   /* if     */
+    }   /* if     */
 #endif /* !WOLFSSL_NO_TLS12 */
 
-        /* Distinct TLS v1.3 cipher suites with cipher and digest only. */
-        if (first == TLS13_BYTE) {
-
-            switch (second) {
 #ifdef WOLFSSL_TLS13
+    /* Distinct TLS v1.3 cipher suites with cipher and digest only. */
+    if (first == TLS13_BYTE) {
+
+        switch (second) {
             case TLS_AES_128_GCM_SHA256:
             case TLS_AES_256_GCM_SHA384:
             case TLS_CHACHA20_POLY1305_SHA256:
             case TLS_AES_128_CCM_SHA256:
             case TLS_AES_128_CCM_8_SHA256:
-                break;
-#endif
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                return 0;
 
             default:
                 WOLFSSL_MSG("Unsupported cipher suite, CipherRequires "
                             "TLS v1.3");
                 return 0;
-            }
         }
+    }
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && defined(WOLFSSL_SM4)
+    if (first == CIPHER_BYTE) {
+        /* Other cipher suites for TLS 1.2 below.  */
+        switch (second) {
+        #if defined(WOLFSSL_SM4_GCM)
+            case TLS_SM4_GCM_SM3:
+                return 0;
+                break;
+        #endif
+        #if defined(WOLFSSL_SM4_CCM)
+            case TLS_SM4_CCM_SM3:
+                return 0;
+                break;
+        #endif
+        }
+    }
+#endif /* WOLFSSL_SM2 && WOLFSSL_SM3 && WOLFSSL_SM4 */
+#endif /* WOLFSSL_TLS13 */
 
 #ifndef WOLFSSL_NO_TLS12
 
-        if (first != ECC_BYTE && first != CHACHA_BYTE &&
-            first != TLS13_BYTE && first != ECDHE_PSK_BYTE) {
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && defined(WOLFSSL_SM4)
+    if (first == SM_BYTE) {
+        switch (second) {
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+            case TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3:
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
+        #endif
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+            case TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3:
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
+        #endif
+        #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+            case TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3:
+                if (requirement == REQUIRES_ECC)
+                    return 1;
+                break;
+        #endif
+
+            default:
+                WOLFSSL_MSG("Unsupported cipher suite, CipherRequires SM");
+                return 0;
+        }
+    }
+#endif
+
+    if (first == CIPHER_BYTE) {
         /* normal suites */
         switch (second) {
 
-#ifndef NO_RSA
-    #ifndef NO_RC4
-        case SSL_RSA_WITH_RC4_128_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+    #ifndef NO_RSA
+        #ifndef NO_RC4
+            case SSL_RSA_WITH_RC4_128_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case SSL_RSA_WITH_RC4_128_MD5 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
-    #endif /* NO_RC4 */
+            case SSL_RSA_WITH_RC4_128_MD5 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
+        #endif /* NO_RC4 */
 
-        case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case SSL_RSA_WITH_3DES_EDE_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_AES_128_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_128_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_AES_256_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_256_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_NULL_MD5 :
-        case TLS_RSA_WITH_NULL_SHA :
-        case TLS_RSA_WITH_NULL_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+            case TLS_RSA_WITH_NULL_MD5 :
+            case TLS_RSA_WITH_NULL_SHA :
+            case TLS_RSA_WITH_NULL_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-#endif /* !NO_RSA */
+    #endif /* !NO_RSA */
 
-#ifndef NO_PSK
-        case TLS_PSK_WITH_AES_128_GCM_SHA256 :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+    #ifndef NO_PSK
+            case TLS_PSK_WITH_AES_128_GCM_SHA256 :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_PSK_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_PSK_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_PSK_WITH_AES_128_CBC_SHA256 :
-        case TLS_PSK_WITH_AES_256_CBC_SHA384 :
-        case TLS_PSK_WITH_AES_128_CBC_SHA :
-        case TLS_PSK_WITH_AES_256_CBC_SHA :
-        case TLS_PSK_WITH_NULL_SHA384 :
-        case TLS_PSK_WITH_NULL_SHA256 :
-        case TLS_PSK_WITH_NULL_SHA :
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            break;
+            case TLS_PSK_WITH_AES_128_CBC_SHA256 :
+            case TLS_PSK_WITH_AES_256_CBC_SHA384 :
+            case TLS_PSK_WITH_AES_128_CBC_SHA :
+            case TLS_PSK_WITH_AES_256_CBC_SHA :
+            case TLS_PSK_WITH_NULL_SHA384 :
+            case TLS_PSK_WITH_NULL_SHA256 :
+            case TLS_PSK_WITH_NULL_SHA :
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                break;
 
-        case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
-        case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 :
+            case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
-        case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
-        case TLS_DHE_PSK_WITH_NULL_SHA384 :
-        case TLS_DHE_PSK_WITH_NULL_SHA256 :
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            if (requirement == REQUIRES_PSK)
-                return 1;
-            break;
-#endif /* NO_PSK */
+            case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 :
+            case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 :
+            case TLS_DHE_PSK_WITH_NULL_SHA384 :
+            case TLS_DHE_PSK_WITH_NULL_SHA256 :
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                if (requirement == REQUIRES_PSK)
+                    return 1;
+                break;
+    #endif /* NO_PSK */
 
-#ifndef NO_RSA
-        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
+    #ifndef NO_RSA
+            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
 
-        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
+            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
 
-        case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
+            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
 
-        case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
+            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
 
-        case TLS_RSA_WITH_AES_128_GCM_SHA256 :
-        case TLS_RSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_RSA_WITH_AES_128_GCM_SHA256 :
+            case TLS_RSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-        case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
-        case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
+            case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 :
+            case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
 
-#ifdef HAVE_CAMELLIA
-        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
-        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
-        case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
-        case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            break;
+        #ifdef HAVE_CAMELLIA
+            case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA :
+            case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA :
+            case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+            case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                break;
 
-        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
-        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
-        case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
-        case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
-#endif /* HAVE_CAMELLIA */
+            case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA :
+            case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA :
+            case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 :
+            case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 :
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
+        #endif /* HAVE_CAMELLIA */
 
-        case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-            if (requirement == REQUIRES_RSA)
-                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
-#endif
-#ifdef HAVE_ANON
-        case TLS_DH_anon_WITH_AES_128_CBC_SHA :
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            break;
-        case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-            if (requirement == REQUIRES_DHE)
-                return 1;
-            if (requirement == REQUIRES_AEAD)
-                return 1;
-            break;
-#endif
-#ifdef WOLFSSL_MULTICAST
-        case WDM_WITH_NULL_SHA256 :
-            break;
-#endif
+            case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
+                if (requirement == REQUIRES_RSA)
+                    return 1;
+                if (requirement == REQUIRES_RSA_SIG)
+                    return 1;
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
+    #endif /* !NO_RSA */
+    #ifdef HAVE_ANON
+            case TLS_DH_anon_WITH_AES_128_CBC_SHA :
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                break;
+            case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
+                if (requirement == REQUIRES_DHE)
+                    return 1;
+                if (requirement == REQUIRES_AEAD)
+                    return 1;
+                break;
+    #endif
+    #ifdef WOLFSSL_MULTICAST
+            case WDM_WITH_NULL_SHA256 :
+                break;
+    #endif
 
-        default:
-            WOLFSSL_MSG("Unsupported cipher suite, CipherRequires");
-            return 0;
+            default:
+                WOLFSSL_MSG("Unsupported cipher suite, CipherRequires");
+                return 0;
         }  /* switch */
-        }  /* if ECC / Normal suites else */
+    }  /* if ECC / Normal suites else */
 
 #endif /* !WOLFSSL_NO_TLS12 */
 
-        return 0;
-    }
+    return 0;
+}
 
 #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
 
@@ -11460,8 +12237,11 @@ int MatchDomainName(const char* pattern, int len, const char* str)
         if (p == '*') {
             char s;
 
-            while (--len > 0 &&
-                (p = (char)XTOLOWER((unsigned char)*pattern++)) == '*') {
+            while (--len > 0) {
+                p = (char)XTOLOWER((unsigned char)*pattern);
+                pattern++;
+                if (p != '*')
+                    break;
             }
 
             if (len == 0)
@@ -11622,7 +12402,7 @@ static void AddSessionCertToChain(WOLFSSL_X509_CHAIN* chain,
 
 #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
     defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
-static void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
+void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType)
 {
     if (nameType == SUBJECT) {
         XSTRNCPY(name->name, dCert->subject, ASN_NAME_MAX);
@@ -12302,7 +13082,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
 
     /* only setup the verify callback if a PK is set */
 #ifdef HAVE_ECC
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     sigCtx->pkCbEcc = Renesas_cmn_SigPkCbEccVerify;
     sigCtx->pkCtxEcc = (void*)&sigCtx->CertAtt;
     (void)SigPkCbEccVerify;
@@ -12316,7 +13096,7 @@ int InitSigPkCb(WOLFSSL* ssl, SignatureCtx* sigCtx)
 #endif
 #ifndef NO_RSA
     /* only setup the verify callback if a PK is set */
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     sigCtx->pkCbRsa = Renesas_cmn_SigPkCbRsaVerify;
     sigCtx->pkCtxRsa = (void*)&sigCtx->CertAtt;
     (void)SigPkCbRsaVerify;
@@ -12348,7 +13128,9 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret)
     alertWhy = bad_certificate;
     if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) {
         alertWhy = certificate_expired;
-    } else if (ret == ASN_NO_SIGNER_E) {
+    }
+    else if (ret == ASN_NO_SIGNER_E || ret == ASN_PATHLEN_INV_E ||
+            ret == ASN_PATHLEN_SIZE_E) {
         alertWhy = unknown_ca;
     }
 #ifdef OPENSSL_EXTRA
@@ -12356,6 +13138,11 @@ void DoCertFatalAlert(WOLFSSL* ssl, int ret)
         alertWhy = certificate_revoked;
     }
 #endif
+#if defined(HAVE_RPK)
+    else if (ret == UNSUPPORTED_CERTIFICATE) {
+        alertWhy = unsupported_certificate;
+    }
+#endif /* HAVE_RPK */
     else if (ret == NO_PEER_CERT) {
 #ifdef WOLFSSL_TLS13
         if (ssl->options.tls1_3) {
@@ -12781,9 +13568,11 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
 
     len = wolfSSL_i2d_X509_NAME_canon(issuer, &pbuf);
     if (len > 0) {
-        #ifndef NO_SHA
+    #if defined(NO_SHA) && !defined(NO_SHA256)
+        retHash = wc_Sha256Hash((const byte*)pbuf, len, dgt);
+    #elif !defined(NO_SHA)
         retHash = wc_ShaHash((const byte*)pbuf, len, dgt);
-        #endif
+    #endif
         if (retHash == 0) {
             /* 4 bytes in little endian as unsigned long */
             hash = (((unsigned long)dgt[3] << 24) |
@@ -12921,6 +13710,7 @@ int LoadCertByIssuer(WOLFSSL_X509_STORE* store, X509_NAME* issuer, int type)
         }
 
         XFREE(filename, NULL, DYNAMIC_TYPE_OPENSSL);
+        filename = NULL;
     }
 #else
     (void) type;
@@ -12946,6 +13736,9 @@ static int ProcessPeerCertParse(WOLFSSL* ssl, ProcPeerCertArgs* args,
     buffer* cert;
     byte* subjectHash = NULL;
     int alreadySigner = 0;
+#if defined(HAVE_RPK)
+    int cType;
+#endif
 #ifdef WOLFSSL_SMALL_CERT_VERIFY
     int sigRet = 0;
 #endif
@@ -13047,6 +13840,37 @@ PRAGMA_GCC_DIAG_POP
 
     /* Parse Certificate */
     ret = ParseCertRelative(args->dCert, certType, verify, SSL_CM(ssl));
+
+#if defined(HAVE_RPK)
+    /* if cert type has negotiated with peer, confirm the cert received has
+     * the same type.
+     */
+    if (ret == 0 ) {
+        if (ssl->options.side ==  WOLFSSL_CLIENT_END) {
+            if (ssl->options.rpkState.received_ServerCertTypeCnt == 1) {
+                cType = ssl->options.rpkState.received_ServerCertTypes[0];
+                if ((cType == WOLFSSL_CERT_TYPE_RPK && !args->dCert->isRPK) ||
+                    (cType == WOLFSSL_CERT_TYPE_X509 && args->dCert->isRPK)) {
+                    /* cert type mismatch */
+                    WOLFSSL_MSG("unsupported certificate type received");
+                    ret = UNSUPPORTED_CERTIFICATE;
+                }
+            }
+        }
+        else if (ssl->options.side == WOLFSSL_SERVER_END) {
+            if (ssl->options.rpkState.received_ClientCertTypeCnt == 1) {
+                cType = ssl->options.rpkState.sending_ClientCertTypes[0];
+                if ((cType == WOLFSSL_CERT_TYPE_RPK && !args->dCert->isRPK) ||
+                    (cType == WOLFSSL_CERT_TYPE_X509 && args->dCert->isRPK)) {
+                    /* cert type mismatch */
+                    WOLFSSL_MSG("unsupported certificate type received");
+                    ret = UNSUPPORTED_CERTIFICATE;
+                }
+            }
+        }
+    }
+#endif /* HAVE_RPK */
+
     /* perform below checks for date failure cases */
     if (ret == 0 || ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) {
         /* get subject and determine if already loaded */
@@ -13208,6 +14032,24 @@ static int ProcessPeerCertCheckKey(WOLFSSL* ssl, ProcPeerCertArgs* args)
     return ret;
 }
 
+#ifdef HAVE_CRL
+static int ProcessPeerCertsChainCRLCheck(WOLFSSL_CERT_MANAGER* cm, Signer* ca)
+{
+    Signer* prev = NULL;
+    int ret = 0;
+    /* End loop if no more issuers found or if we have
+     * found a self signed cert (ca == prev) */
+    for (; ret == 0 && ca != NULL && ca != prev;
+            prev = ca, ca = GetCAByName(cm, ca->issuerNameHash)) {
+        ret = CheckCertCRL_ex(cm->crl, ca->issuerNameHash, NULL, 0,
+                ca->serialHash, NULL, 0, NULL);
+        if (ret != 0)
+            break;
+    }
+    return ret;
+}
+#endif
+
 int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                      word32 totalSz)
 {
@@ -13236,7 +14078,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     args = (ProcPeerCertArgs*)ssl->async->args;
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_ppc;
@@ -13248,7 +14090,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         /* Re-entry after non-blocking OCSP */
     #ifdef WOLFSSL_ASYNC_CRYPT
         /* if async operationg not pending, reset error code */
-        if (ret == WC_NOT_PENDING_E)
+        if (ret == WC_NO_PENDING_E)
             ret = 0;
     #endif
     }
@@ -13559,7 +14401,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     /* select last certificate */
                     args->certIdx = args->count - 1;
 
-                    ret = ProcessPeerCertParse(ssl, args, CERT_TYPE,
+                    ret = ProcessPeerCertParse(ssl, args, CHAIN_CERT_TYPE,
                         !ssl->options.verifyNone ? VERIFY : NO_VERIFY,
                         &subjectHash, &alreadySigner);
 #if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
@@ -13574,7 +14416,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                             FreeDecodedCert(args->dCert);
                             args->dCertInit = 0;
                             /* once again */
-                            ret = ProcessPeerCertParse(ssl, args, CERT_TYPE,
+                            ret = ProcessPeerCertParse(ssl, args, CHAIN_CERT_TYPE,
                                 !ssl->options.verifyNone ? VERIFY : NO_VERIFY,
                                 &subjectHash, &alreadySigner);
                         }
@@ -13591,6 +14433,12 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     if (ret == 0) {
                         ret = ProcessPeerCertCheckKey(ssl, args);
                     }
+                    else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
+                             ret == MEMORY_E) {
+                        WOLFSSL_MSG(
+                            "Got Peer cert ASN PARSE_E, BUFFER E, MEMORY_E");
+                        ERROR_OUT(ret, exit_ppc);
+                    }
 
                     if (ret == 0 && args->dCert->isCA == 0) {
                         WOLFSSL_MSG("Chain cert is not a CA, not adding as one");
@@ -13631,7 +14479,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                                             SSL_CM(ssl)->ocspCheckAll) {
                             WOLFSSL_MSG("Doing Non Leaf OCSP check");
                             ret = CheckCertOCSP_ex(SSL_CM(ssl)->ocsp,
-                                                    args->dCert, NULL, ssl);
+                                                    args->dCert, ssl);
                         #ifdef WOLFSSL_NONBLOCK_OCSP
                             if (ret == OCSP_WANT_READ) {
                                 args->lastErr = ret;
@@ -13679,6 +14527,16 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                                     WOLFSSL_ERROR_VERBOSE(ret);
                                     WOLFSSL_MSG("\tCRL check not ok");
                                 }
+                                if (ret == 0 &&
+                                        args->certIdx == args->totalCerts-1) {
+                                    ret = ProcessPeerCertsChainCRLCheck(
+                                            SSL_CM(ssl), args->dCert->ca);
+                                    if (ret != 0) {
+                                        WOLFSSL_ERROR_VERBOSE(ret);
+                                        WOLFSSL_MSG("\tCRL chain check not ok");
+                                        args->fatal = 0;
+                                    }
+                                }
                             }
                         }
                 #endif /* HAVE_CRL */
@@ -13719,6 +14577,26 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     }
                 #endif /* WOLFSSL_ALT_CERT_CHAINS */
 
+                #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+                    /* If we are using native Apple CA validation, it is okay
+                     * for a CA cert to fail validation here, as we will verify
+                     * the entire chain when we hit the peer (leaf) cert */
+                    if ((ssl->ctx->doAppleNativeCertValidationFlag)
+                        && (ret == ASN_NO_SIGNER_E)) {
+
+                        WOLFSSL_MSG("Bypassing errors to allow for Apple native"
+                                    " CA validation");
+                        ret = 0; /* clear errors and continue */
+                        args->verifyErr = 0;
+                        #if defined(OPENSSL_EXTRA) \
+                            || defined(OPENSSL_EXTRA_X509_SMALL)
+                        ssl->peerVerifyRet = 0;
+                        #endif
+                        /* do not add to certificate manager */
+                        skipAddCA = 1;
+                    }
+                #endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
                     /* Do verify callback */
                     ret = DoVerifyCallback(SSL_CM(ssl), ssl, ret, args);
                     if (ssl->options.verifyNone &&
@@ -13758,6 +14636,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
 
                             /* CA already verified above in ParseCertRelative */
                             WOLFSSL_MSG("Adding CA from chain");
+                            SSL_CM_WARNING(ssl);
                             ret = AddCA(SSL_CM(ssl), &add, WOLFSSL_CHAIN_CA,
                                 NO_VERIFY);
                             if (ret == WOLFSSL_SUCCESS) {
@@ -13773,6 +14652,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         if (!ssl->options.verifyNone) {
                             WOLFSSL_ERROR_VERBOSE(ret);
                             DoCertFatalAlert(ssl, ret);
+                            args->lastErr = ret;
+                            break; /* We sent a fatal alert.
+                                    * No point continuing. */
                         }
                         if (args->lastErr == 0) {
                             args->lastErr = ret; /* save error from last time */
@@ -13783,7 +14665,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     FreeDecodedCert(args->dCert);
                     args->dCertInit = 0;
                     args->count--;
-                } /* while (count > 0 && !args->haveTrustPeer) */
+                } /* while (count > 1 && !args->haveTrustPeer) */
             } /* if (count > 0) */
 
             /* Check for error */
@@ -13857,6 +14739,20 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                      * OpenSSL doesn't appear to be performing this check.
                      * For TLS 1.3 see RFC8446 Section 4.4.2.3 */
                     if (ssl->options.side == WOLFSSL_SERVER_END) {
+                #if defined(HAVE_RPK)
+                        if (args->dCert->isRPK) {
+                            /* to verify Raw Public Key cert, DANE(RFC6698)
+                             * should be introduced. Without DANE, no
+                             * authentication is performed.
+                             */
+                        #if defined(HAVE_DANE)
+                            if (ssl->useDANE) {
+                                /* DANE authentication should be added */
+                            }
+                        #endif /* HAVE_DANE */
+                        }
+                        else /* skip followingx509 version check */
+                #endif  /* HAVE_RPK */
                         if (args->dCert->version != WOLFSSL_X509_V3) {
                             WOLFSSL_MSG("Peers certificate was not version 3!");
                             args->lastErr = ASN_VERSION_E;
@@ -13875,8 +14771,10 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         args->fatal = 0;
                     }
                 }
-                else if (ret == ASN_PARSE_E || ret == BUFFER_E) {
-                    WOLFSSL_MSG("Got Peer cert ASN PARSE or BUFFER ERROR");
+                else if (ret == ASN_PARSE_E || ret == BUFFER_E ||
+                         ret == MEMORY_E || ret == BAD_FUNC_ARG) {
+                    WOLFSSL_MSG("Got Peer cert ASN_PARSE_E, BUFFER_E, MEMORY_E,"
+                                " BAD_FUNC_ARG");
                 #if defined(WOLFSSL_EXTRA_ALERTS) || defined(OPENSSL_EXTRA) || \
                                                defined(OPENSSL_EXTRA_X509_SMALL)
                     DoCertFatalAlert(ssl, ret);
@@ -13889,6 +14787,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 }
                 else {
                     WOLFSSL_MSG("Failed to verify Peer's cert");
+
                     #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
                     if (ssl->peerVerifyRet == 0) { /* Return first cert error here */
                         if (ret == ASN_BEFORE_DATE_E) {
@@ -13906,6 +14805,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         }
                     }
                     #endif
+
                     if (ssl->verifyCallback) {
                         WOLFSSL_MSG(
                             "\tCallback override available, will continue");
@@ -13914,6 +14814,18 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         if (args->fatal)
                             DoCertFatalAlert(ssl, ret);
                     }
+                    #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+                    /* Disregard failure to verify peer cert, as we will verify
+                     * the whole chain with the native API later */
+                    else if (ssl->ctx->doAppleNativeCertValidationFlag) {
+                        WOLFSSL_MSG("\tApple native CA validation override"
+                                    " available, will continue");
+                        /* check if fatal error */
+                        args->fatal = (args->verifyErr) ? 1 : 0;
+                        if (args->fatal)
+                            DoCertFatalAlert(ssl, ret);
+                    }
+                    #endif/*defined(__APPLE__)&& defined(WOLFSSL_SYS_CA_CERTS)*/
                     else {
                         WOLFSSL_MSG("\tNo callback override available, fatal");
                         args->fatal = 1;
@@ -13930,8 +14842,8 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         /* compare against previous time */
                         if (ssl->secure_renegotiation->subject_hash_set) {
                             if (XMEMCMP(args->dCert->subjectHash,
-                                        ssl->secure_renegotiation->subject_hash,
-                                        KEYID_SIZE) != 0) {
+                                    ssl->secure_renegotiation->subject_hash,
+                                    KEYID_SIZE) != 0) {
                                 WOLFSSL_MSG(
                                   "Peer sent different cert during scr, fatal");
                                 args->fatal = 1;
@@ -14018,7 +14930,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     if (doLookup && SSL_CM(ssl)->ocspEnabled) {
                         WOLFSSL_MSG("Doing Leaf OCSP check");
                         ret = CheckCertOCSP_ex(SSL_CM(ssl)->ocsp,
-                                                    args->dCert, NULL, ssl);
+                                                    args->dCert, ssl);
                     #ifdef WOLFSSL_NONBLOCK_OCSP
                         if (ret == OCSP_WANT_READ) {
                             goto exit_ppc;
@@ -14063,11 +14975,27 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                                 ssl->peerVerifyRet =
                                         ret == CRL_CERT_REVOKED
                                             ? WOLFSSL_X509_V_ERR_CERT_REVOKED
-                                            : WOLFSSL_X509_V_ERR_CERT_REJECTED;;
+                                            : WOLFSSL_X509_V_ERR_CERT_REJECTED;
                             }
                         #endif
                         }
                     }
+                    if (ret == 0 && doLookup && SSL_CM(ssl)->crlEnabled &&
+                            SSL_CM(ssl)->crlCheckAll && args->totalCerts == 1) {
+                        /* Check the entire cert chain */
+                        if (args->dCert->ca != NULL) {
+                            ret = ProcessPeerCertsChainCRLCheck(SSL_CM(ssl),
+                                    args->dCert->ca);
+                            if (ret != 0) {
+                                WOLFSSL_ERROR_VERBOSE(ret);
+                                WOLFSSL_MSG("\tCRL chain check not ok");
+                                args->fatal = 0;
+                            }
+                        }
+                        else {
+                            WOLFSSL_MSG("No CA signer set");
+                        }
+                    }
                 #endif /* HAVE_CRL */
                     (void)doLookup;
                 }
@@ -14264,7 +15192,7 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         else {
                             ssl->peerRsaKeyPresent = 1;
                     #if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-                                             defined(WOLFSSL_RENESAS_SCEPROTECT)
+                                             defined(WOLFSSL_RENESAS_FSPSM_TLS)
                         /* copy encrypted tsip key index into ssl object */
                         if (args->dCert->sce_tsip_encRsaKeyIdx) {
                             if (!ssl->peerSceTsipEncRsaKeyIndex) {
@@ -14322,11 +15250,14 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                     }
                 #endif /* NO_RSA */
                 #ifdef HAVE_ECC
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                    case SM2k:
+                #endif
                     case ECDSAk:
                     {
                         int keyRet = 0;
                         word32 idx = 0;
-                    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+                    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
                         defined(WOLFSSL_RENESAS_TSIP_TLS)
                         /* copy encrypted tsip/sce key index into ssl object */
                         if (args->dCert->sce_tsip_encRsaKeyIdx) {
@@ -14654,6 +15585,22 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             }
         #endif
 
+        #if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+            /* If we can't validate the peer cert chain against the CAs loaded
+             * into wolfSSL, try to validate against the system certificates
+             * using Apple's native trust APIs */
+            if ((ret != 0) && (ssl->ctx->doAppleNativeCertValidationFlag)) {
+                if (DoAppleNativeCertValidation(args->certs,
+                                                     args->totalCerts)) {
+                    WOLFSSL_MSG("Apple native cert chain validation SUCCESS");
+                    ret = 0;
+                }
+                else {
+                    WOLFSSL_MSG("Apple native cert chain validation FAIL");
+                }
+            }
+        #endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
+
             /* Do verify callback */
             ret = DoVerifyCallback(SSL_CM(ssl), ssl, ret, args);
 
@@ -14749,11 +15696,17 @@ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     WOLFSSL_ENTER("DoCertificate");
 
 #ifdef SESSION_CERTS
-    /* Reset the session cert chain count in case the session resume failed. */
-    ssl->session->chain.count = 0;
-    #ifdef WOLFSSL_ALT_CERT_CHAINS
+    /* Reset the session cert chain count in case the session resume failed,
+     * do not reset if we are resuming after an async wait */
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_NONBLOCK_OCSP)
+    if (ssl->error != OCSP_WANT_READ && ssl->error != WC_PENDING_E)
+#endif
+    {
+        ssl->session->chain.count = 0;
+#ifdef WOLFSSL_ALT_CERT_CHAINS
         ssl->session->altChain.count = 0;
-    #endif
+#endif
+    }
 #endif /* SESSION_CERTS */
 
     ret = ProcessPeerCerts(ssl, input, inOutIdx, size);
@@ -14884,6 +15837,8 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                         else if (idx == 1) /* server cert must be OK */
                             ret = BAD_CERTIFICATE_STATUS_ERROR;
                     }
+
+                    /* only frees 'single' if single->isDynamic is set */
                     FreeOcspResponse(response);
 
                     *inOutIdx   += status_length;
@@ -15084,6 +16039,9 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
 #endif
             ssl->options.handShakeState = HANDSHAKE_DONE;
             ssl->options.handShakeDone  = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+            ssl->options.resumed = ssl->options.resuming;
+#endif
         }
     }
     else {
@@ -15100,6 +16058,9 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
 #endif
             ssl->options.handShakeState = HANDSHAKE_DONE;
             ssl->options.handShakeDone  = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+            ssl->options.resumed = ssl->options.resuming;
+#endif
         }
     }
 #ifdef WOLFSSL_DTLS
@@ -15119,7 +16080,6 @@ int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size,
     return 0;
 }
 
-
 /* Make sure no duplicates, no fast forward, or other problems; 0 on success */
 static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
 {
@@ -15197,6 +16157,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
                 WOLFSSL_ERROR_VERBOSE(DUPLICATE_MSG_E);
                 return DUPLICATE_MSG_E;
             }
+            if (ssl->msgsReceived.got_hello_retry_request) {
+                WOLFSSL_MSG("Received HelloVerifyRequest after a "
+                            "HelloRetryRequest");
+                WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
+                return VERSION_ERROR;
+            }
             ssl->msgsReceived.got_hello_verify_request = 1;
 
             break;
@@ -15300,43 +16266,44 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
                 WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
                 return OUT_OF_ORDER_E;
             }
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+                                     defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
             if (ssl->msgsReceived.got_certificate_status == 0) {
+                int csrRet = 0;
 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
-                if (ssl->status_request) {
-                    int ret;
-
+                if (csrRet == 0 && ssl->status_request) {
                     WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
-                    if ((ret = TLSX_CSR_ForceRequest(ssl)) != 0)
-                        return ret;
+                    csrRet = TLSX_CSR_ForceRequest(ssl);
                 }
 #endif
 #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
-                if (ssl->status_request_v2) {
-                    int ret;
-
+                if (csrRet == 0 && ssl->status_request_v2) {
                     WOLFSSL_MSG("No CertificateStatus before ServerKeyExchange");
-                    if ((ret = TLSX_CSR2_ForceRequest(ssl)) != 0)
-                        return ret;
+                    csrRet = TLSX_CSR2_ForceRequest(ssl);
                 }
 #endif
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
-                                     defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+                if (csrRet != 0) {
+                    /* Error out if OCSP lookups are enabled and failed or if
+                     * the user requires stapling. */
+                    if (SSL_CM(ssl)->ocspEnabled || SSL_CM(ssl)->ocspMustStaple)
+                        return csrRet;
+                }
                 /* Check that a status request extension was seen as the
                  * CertificateStatus wasn't when an OCSP staple is required.
                  */
                 if (
-    #ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
                      !ssl->status_request &&
-    #endif
-    #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+#endif
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
                      !ssl->status_request_v2 &&
-    #endif
+#endif
                                                  SSL_CM(ssl)->ocspMustStaple) {
                     WOLFSSL_ERROR_VERBOSE(OCSP_CERT_UNKNOWN);
                     return OCSP_CERT_UNKNOWN;
                 }
-                #endif
             }
+#endif
 
             break;
 #endif
@@ -15569,7 +16536,7 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
 }
 
 
-static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
+int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                           byte type, word32 size, word32 totalSz)
 {
     int ret = 0;
@@ -15649,8 +16616,10 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     }
 
     if (ssl->options.side == WOLFSSL_CLIENT_END && ssl->options.dtls == 0 &&
-               ssl->options.serverState == NULL_STATE && type != server_hello) {
-        WOLFSSL_MSG("First server message not server hello");
+               ssl->options.serverState == NULL_STATE && type != server_hello &&
+               type != hello_request) {
+        WOLFSSL_MSG("First server message not server hello or "
+                    "hello request");
         SendAlert(ssl, alert_fatal, unexpected_message);
         WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
         return OUT_OF_ORDER_E;
@@ -15697,7 +16666,23 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         case certificate_request:
         case server_hello_done:
             if (ssl->options.resuming) {
-#ifdef WOLFSSL_WPAS
+                /* https://www.rfc-editor.org/rfc/rfc5077.html#section-3.4
+                 *   Alternatively, the client MAY include an empty Session ID
+                 *   in the ClientHello.  In this case, the client ignores the
+                 *   Session ID sent in the ServerHello and determines if the
+                 *   server is resuming a session by the subsequent handshake
+                 *   messages.
+                 */
+#ifndef WOLFSSL_WPAS
+                if (ssl->session->sessionIDSz != 0) {
+                    /* Fatal error. Only try to send an alert. RFC 5246 does not
+                     * allow for reverting back to a full handshake after the
+                     * server has indicated the intention to do a resumption. */
+                    (void)SendAlert(ssl, alert_fatal, unexpected_message);
+                    WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
+                    return OUT_OF_ORDER_E;
+                }
+#endif
                 /* This can occur when ssl->sessionSecretCb is set. EAP-FAST
                  * (RFC 4851) allows for detecting server session resumption
                  * based on the msg received after the ServerHello. */
@@ -15705,14 +16690,6 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 ssl->options.resuming = 0;
                 /* No longer resuming, reset peer authentication state. */
                 ssl->options.peerAuthGood = 0;
-#else
-                /* Fatal error. Only try to send an alert. RFC 5246 does not
-                 * allow for reverting back to a full handshake after the
-                 * server has indicated the intention to do a resumption. */
-                (void)SendAlert(ssl, alert_fatal, unexpected_message);
-                WOLFSSL_ERROR_VERBOSE(OUT_OF_ORDER_E);
-                return OUT_OF_ORDER_E;
-#endif
             }
         }
     }
@@ -15761,7 +16738,8 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         WOLFSSL_MSG("processing server hello");
         ret = DoServerHello(ssl, input, inOutIdx, size);
     #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
         if (ssl->options.resuming || !IsAtLeastTLSv1_2(ssl) ||
                                                IsAtLeastTLSv1_3(ssl->version)) {
@@ -15843,7 +16821,8 @@ static int DoHandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         WOLFSSL_MSG("processing client hello");
         ret = DoClientHello(ssl, input, inOutIdx, size);
     #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
         if (ssl->options.resuming || !ssl->options.verifyPeer || \
                      !IsAtLeastTLSv1_2(ssl) || IsAtLeastTLSv1_3(ssl->version)) {
@@ -15965,6 +16944,12 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             return PARSE_ERROR;
         }
 
+        ret = EarlySanityCheckMsgReceived(ssl, type, size);
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
         if (size > MAX_HANDSHAKE_SZ) {
             WOLFSSL_MSG("Handshake message too large");
             WOLFSSL_ERROR_VERBOSE(HANDSHAKE_SIZE_ERROR);
@@ -15988,6 +16973,13 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             return PARSE_ERROR;
         }
 
+        ret = EarlySanityCheckMsgReceived(ssl, type,
+                min(inputLength - HANDSHAKE_HEADER_SZ, size));
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
         /* Cap the maximum size of a handshake message to something reasonable.
          * By default is the maximum size of a certificate message assuming
          * nine 2048-bit RSA certificates in the chain. */
@@ -16026,6 +17018,13 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         if (inputLength > pendSz)
             inputLength = pendSz;
 
+        ret = EarlySanityCheckMsgReceived(ssl, ssl->arrays->pendingMsgType,
+                inputLength);
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
     #ifdef WOLFSSL_ASYNC_CRYPT
         if (ssl->error != WC_PENDING_E)
     #endif
@@ -16082,6 +17081,9 @@ int SendFatalAlertOnly(WOLFSSL *ssl, int error)
     case WANT_WRITE:
     case WANT_READ:
     case ZERO_RETURN:
+#ifdef WOLFSSL_NONBLOCK_OCSP
+    case OCSP_WANT_READ:
+#endif
 #ifdef WOLFSSL_ASYNC_CRYPT
     case WC_PENDING_E:
 #endif
@@ -16248,6 +17250,8 @@ static WC_INLINE int Dtls13CheckWindow(WOLFSSL* ssl)
     int wordIndex;
     word32 diff;
 
+    WOLFSSL_ENTER("Dtls13CheckWindow");
+
     if (ssl->dtls13DecryptEpoch == NULL) {
         WOLFSSL_MSG("Can't find decrypting epoch");
         return 0;
@@ -16401,7 +17405,7 @@ int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
         diff %= DTLS_WORD_BITS;
 
         if (idx < WOLFSSL_DTLS_WINDOW_WORDS)
-            window[idx] |= (1 << diff);
+            window[idx] |= (1U << diff);
     }
     else {
         _DtlsUpdateWindowGTSeq(diff + 1, window);
@@ -16415,7 +17419,7 @@ int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
     return 1;
 }
 
-static int _DtlsUpdateWindow(WOLFSSL* ssl)
+int DtlsUpdateWindow(WOLFSSL* ssl)
 {
     WOLFSSL_DTLS_PEERSEQ* peerSeq = ssl->keys.peerSeq;
     word16 *next_hi;
@@ -16481,7 +17485,13 @@ static int _DtlsUpdateWindow(WOLFSSL* ssl)
 }
 
 #ifdef WOLFSSL_DTLS13
-static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
+
+/* Update DTLS 1.3 window
+ * Return
+ *   0 on successful update
+ *  <0 on error
+ */
+static int Dtls13UpdateWindow(WOLFSSL* ssl)
 {
     w64wrapper nextSeq, seq;
     w64wrapper diff64;
@@ -16489,14 +17499,26 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
     int wordOffset;
     int wordIndex;
     word32 diff;
+    Dtls13Epoch* e = ssl->dtls13DecryptEpoch;
+
+    WOLFSSL_ENTER("Dtls13UpdateWindow");
 
     if (ssl->dtls13DecryptEpoch == NULL) {
         WOLFSSL_MSG("Can't find decrypting Epoch");
         return BAD_STATE_E;
     }
 
-    nextSeq = ssl->dtls13DecryptEpoch->nextPeerSeqNumber;
-    window = ssl->dtls13DecryptEpoch->window;
+    if (!w64Equal(ssl->keys.curEpoch64, ssl->dtls13DecryptEpoch->epochNumber)) {
+        /* ssl->dtls13DecryptEpoch has been updated since we received the msg */
+        e = Dtls13GetEpoch(ssl, ssl->keys.curEpoch64);
+        if (e == NULL) {
+            WOLFSSL_MSG("Can't find decrypting Epoch");
+            return BAD_STATE_E;
+        }
+    }
+
+    nextSeq = e->nextPeerSeqNumber;
+    window = e->window;
     seq = ssl->keys.curSeq;
 
     /* seq < nextSeq */
@@ -16517,7 +17539,7 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
         }
 
         window[wordIndex] |= (1 << wordOffset);
-        return 1;
+        return 0;
     }
 
     /* seq >= nextSeq, seq - nextSeq */
@@ -16528,9 +17550,17 @@ static WC_INLINE int Dtls13UpdateWindow(WOLFSSL* ssl)
     _DtlsUpdateWindowGTSeq(w64GetLow32(diff64), window);
 
     w64Increment(&seq);
-    ssl->dtls13DecryptEpoch->nextPeerSeqNumber = seq;
+    e->nextPeerSeqNumber = seq;
 
-    return 1;
+    return 0;
+}
+
+int Dtls13UpdateWindowRecordRecvd(WOLFSSL* ssl)
+{
+    int ret = Dtls13UpdateWindow(ssl);
+    if (ret != 0)
+        return ret;
+    return Dtls13RecordRecvd(ssl);
 }
 #endif /* WOLFSSL_DTLS13 */
 
@@ -16549,6 +17579,14 @@ int DtlsMsgDrain(WOLFSSL* ssl)
             item->ready && ret == 0) {
         word32 idx = 0;
 
+    #ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+        ret = MsgCheckEncryption(ssl, item->type, item->encrypted);
+        if (ret != 0) {
+            SendAlert(ssl, alert_fatal, unexpected_message);
+            break;
+        }
+    #endif
+
     #ifdef WOLFSSL_NO_TLS12
         ret = DoTls13HandShakeMsgType(ssl, item->fullMsg, &idx, item->type,
                                       item->sz, item->sz);
@@ -16598,6 +17636,12 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
         return PARSE_ERROR;
     }
 
+    ret = EarlySanityCheckMsgReceived(ssl, type, fragSz);
+    if (ret != 0) {
+        WOLFSSL_ERROR(ret);
+        return ret;
+    }
+
     /* Cap the maximum size of a handshake message to something reasonable.
      * By default is the maximum size of a certificate message assuming
      * nine 2048-bit RSA certificates in the chain. */
@@ -17155,7 +18199,7 @@ int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
  *
  * Return 0 on success negative values in error case
  */
-static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
                            word16 sz)
 {
     byte add[AEAD_AUTH_DATA_SZ];
@@ -17358,6 +18402,25 @@ static int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
 
 #endif
 
+#if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+
+/* The following type is used to share code between SM4-GCM and SM4-CCM. */
+typedef int (*Sm4AuthEncryptFunc)(wc_Sm4* sm4, byte* out, const byte* in,
+    word32 sz, const byte* nonce, word32 nonceSz, byte* tag, word32 tagSz,
+    const byte* aad, word32 aadSz);
+typedef int (*Sm4AuthDecryptFunc)(wc_Sm4* sm4, byte* out, const byte* in,
+    word32 sz, const byte* nonce, word32 nonceSz, const byte* tag, word32 tagSz,
+    const byte* aad, word32 aadSz);
+
+#define SM4_AUTH_ENCRYPT_FUNC Sm4AuthEncryptFunc
+#define SM4_AUTH_DECRYPT_FUNC Sm4AuthDecryptFunc
+#define SM4_GCM_ENCRYPT_FUNC wc_Sm4GcmEncrypt
+#define SM4_CCM_ENCRYPT_FUNC wc_Sm4CcmEncrypt
+#define SM4_GCM_DECRYPT_FUNC wc_Sm4GcmDecrypt
+#define SM4_CCM_DECRYPT_FUNC wc_Sm4CcmDecrypt
+
+#endif
+
 
 static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
     word16 sz, int asyncOkay)
@@ -17513,6 +18576,58 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
         break;
     #endif /* BUILD_AESGCM || HAVE_AESCCM */
 
+    #ifdef HAVE_ARIA
+        case wolfssl_aria_gcm:
+        {
+            const byte* additionalSrc = input - RECORD_HEADER_SZ;
+            byte *outBuf = NULL;
+            XMEMSET(ssl->encrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+            /* sequence number field is 64-bits */
+            WriteSEQ(ssl, CUR_ORDER, ssl->encrypt.additional);
+
+            /* Store the type, version. Unfortunately, they are in
+             * the input buffer ahead of the plaintext. */
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+            }
+        #endif
+            XMEMCPY(ssl->encrypt.additional + AEAD_TYPE_OFFSET,
+                                                        additionalSrc, 3);
+
+            /* Store the length of the plain text minus the explicit
+             * IV length minus the authentication tag size. */
+            c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                ssl->encrypt.additional + AEAD_LEN_OFFSET);
+            XMEMCPY(ssl->encrypt.nonce,
+                                ssl->keys.aead_enc_imp_IV, AESGCM_IMP_IV_SZ);
+            XMEMCPY(ssl->encrypt.nonce + AESGCM_IMP_IV_SZ,
+                                ssl->keys.aead_exp_IV, AESGCM_EXP_IV_SZ);
+            outBuf = (byte*)XMALLOC(sz - AESGCM_EXP_IV_SZ, ssl->heap,
+                                    DYNAMIC_TYPE_TMP_BUFFER);
+            if (outBuf == NULL) {
+                ret = MEMORY_ERROR;
+                break;
+            }
+            ret = wc_AriaEncrypt(ssl->encrypt.aria, outBuf,
+                    (byte*) input + AESGCM_EXP_IV_SZ,
+                    sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                    ssl->encrypt.nonce, AESGCM_NONCE_SZ,
+                    ssl->encrypt.additional, AEAD_AUTH_DATA_SZ,
+                    out + sz - ssl->specs.aead_mac_size,
+                    ssl->specs.aead_mac_size
+                    );
+            if (ret != 0)
+                break;
+            XMEMCPY(out,
+                    ssl->encrypt.nonce + AESGCM_IMP_IV_SZ, AESGCM_EXP_IV_SZ);
+            XMEMCPY(out + AESGCM_EXP_IV_SZ,outBuf,sz - AESGCM_EXP_IV_SZ);
+            XFREE(outBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            break;
+        }
+    #endif
+
     #ifdef HAVE_CAMELLIA
         case wolfssl_camellia:
             ret = wc_CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz);
@@ -17526,6 +18641,95 @@ static WC_INLINE int EncryptDo(WOLFSSL* ssl, byte* out, const byte* input,
             break;
     #endif
 
+    #ifdef WOLFSSL_SM4_CBC
+        case wolfssl_sm4_cbc:
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            /* initialize event */
+            asyncDev = &ssl->encrypt.sm4->asyncDev;
+            ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags);
+            if (ret != 0)
+                break;
+        #endif
+            ret = wc_Sm4CbcEncrypt(ssl->encrypt.sm4, out, input, sz);
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (ret == WC_PENDING_E && asyncOkay) {
+                ret = wolfSSL_AsyncPush(ssl, asyncDev);
+            }
+        #endif
+            break;
+    #endif
+
+    #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+        case wolfssl_sm4_gcm:
+        case wolfssl_sm4_ccm:/* GCM AEAD macros use same size as CCM */
+        {
+            SM4_AUTH_ENCRYPT_FUNC sm4_auth_fn;
+            const byte* additionalSrc;
+
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            /* initialize event */
+            asyncDev = &ssl->encrypt.sm4->asyncDev;
+            ret = wolfSSL_AsyncInit(ssl, asyncDev, event_flags);
+            if (ret != 0)
+                break;
+        #endif
+
+        #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM4_CCM)
+            sm4_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+                            ? SM4_GCM_ENCRYPT_FUNC : SM4_CCM_ENCRYPT_FUNC;
+        #elif defined(WOLFSSL_SM4_GCM)
+            sm4_auth_fn = SM4_GCM_ENCRYPT_FUNC;
+        #else
+            sm4_auth_fn = SM4_CCM_ENCRYPT_FUNC;
+        #endif
+            additionalSrc = input - 5;
+
+            XMEMSET(ssl->encrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+            /* sequence number field is 64-bits */
+            WriteSEQ(ssl, CUR_ORDER, ssl->encrypt.additional);
+
+            /* Store the type, version. Unfortunately, they are in
+             * the input buffer ahead of the plaintext. */
+        #ifdef WOLFSSL_DTLS
+            if (ssl->options.dtls) {
+                additionalSrc -= DTLS_HANDSHAKE_EXTRA;
+            }
+        #endif
+            XMEMCPY(ssl->encrypt.additional + AEAD_TYPE_OFFSET,
+                                                        additionalSrc, 3);
+
+            /* Store the length of the plain text minus the explicit
+             * IV length minus the authentication tag size. */
+            c16toa(sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                ssl->encrypt.additional + AEAD_LEN_OFFSET);
+            XMEMCPY(ssl->encrypt.nonce,
+                                ssl->keys.aead_enc_imp_IV, GCM_IMP_IV_SZ);
+            XMEMCPY(ssl->encrypt.nonce + GCM_IMP_IV_SZ,
+                                ssl->keys.aead_exp_IV, GCM_EXP_IV_SZ);
+            ret = sm4_auth_fn(ssl->encrypt.sm4,
+                    out + GCM_EXP_IV_SZ, input + GCM_EXP_IV_SZ,
+                    sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                    ssl->encrypt.nonce, GCM_NONCE_SZ,
+                    out + sz - ssl->specs.aead_mac_size,
+                    ssl->specs.aead_mac_size,
+                    ssl->encrypt.additional, AEAD_AUTH_DATA_SZ);
+
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (ret == WC_PENDING_E && asyncOkay) {
+                ret = wolfSSL_AsyncPush(ssl, asyncDev);
+            }
+        #endif
+#if !defined(NO_PUBLIC_GCM_SET_IV) && \
+    ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)))
+            XMEMCPY(out,
+                    ssl->encrypt.nonce + GCM_IMP_IV_SZ, GCM_EXP_IV_SZ);
+#endif
+        }
+        break;
+    #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
+
     #ifdef HAVE_NULL_CIPHER
         case wolfssl_cipher_null:
             if (input != out) {
@@ -17582,18 +18786,19 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
                 ssl->fuzzerCb(ssl, input, sz, FUZZ_ENCRYPT, ssl->fuzzerCtx);
         #endif
 
-        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
             /* make sure AES GCM/CCM memory is allocated */
             /* free for these happens in FreeCiphers */
             if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
-                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm) {
                 /* make sure auth iv and auth are allocated */
                 if (ssl->encrypt.additional == NULL)
                     ssl->encrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
                 if (ssl->encrypt.nonce == NULL) {
                     ssl->encrypt.nonce = (byte*)XMALLOC(AESGCM_NONCE_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
                 #ifdef WOLFSSL_CHECK_MEM_ZERO
                     if (ssl->encrypt.nonce != NULL) {
                         wc_MemZero_Add("Encrypt nonce", ssl->encrypt.nonce,
@@ -17606,7 +18811,33 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
                     return MEMORY_E;
                 }
             }
-        #endif /* BUILD_AESGCM || HAVE_AESCCM */
+        #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+
+        #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+            /* make sure SM4 GCM/CCM memory is allocated */
+            /* free for these happens in FreeCiphers */
+            if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+                /* make sure auth iv and auth are allocated */
+                if (ssl->encrypt.additional == NULL)
+                    ssl->encrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
+                if (ssl->encrypt.nonce == NULL) {
+                    ssl->encrypt.nonce = (byte*)XMALLOC(GCM_NONCE_SZ,
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
+                #ifdef WOLFSSL_CHECK_MEM_ZERO
+                    if (ssl->encrypt.nonce != NULL) {
+                        wc_MemZero_Add("Encrypt nonce", ssl->encrypt.nonce,
+                            GCM_NONCE_SZ);
+                    }
+                #endif
+                }
+                if (ssl->encrypt.additional == NULL ||
+                         ssl->encrypt.nonce == NULL) {
+                    return MEMORY_E;
+                }
+            }
+        #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
 
             /* Advance state and proceed */
             ssl->encrypt.state = CIPHER_STATE_DO;
@@ -17644,9 +18875,10 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
                 sizeof(ssl->encrypt.sanityCheck));
         #endif
 
-        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
             if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
-                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm)
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm)
             {
                 /* finalize authentication cipher */
 #if !defined(NO_PUBLIC_GCM_SET_IV) && \
@@ -17657,7 +18889,17 @@ static WC_INLINE int Encrypt(WOLFSSL* ssl, byte* out, const byte* input,
                 if (ssl->encrypt.nonce)
                     ForceZero(ssl->encrypt.nonce, AESGCM_NONCE_SZ);
             }
-        #endif /* BUILD_AESGCM || HAVE_AESCCM */
+        #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+        #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+            if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+            {
+                /* finalize authentication cipher */
+                AeadIncrementExpIV(ssl);
+                if (ssl->encrypt.nonce)
+                    ForceZero(ssl->encrypt.nonce, GCM_NONCE_SZ);
+            }
+        #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
         #ifdef WOLFSSL_CHECK_MEM_ZERO
             if ((ssl->specs.bulk_cipher_algorithm != wolfssl_cipher_null) &&
                     (out != input) && (ret == 0)) {
@@ -17814,6 +19056,57 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
         break;
     #endif /* BUILD_AESGCM || HAVE_AESCCM */
 
+    #ifdef HAVE_ARIA
+        case wolfssl_aria_gcm:
+        {
+            byte *outBuf = NULL;
+            XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+            /* sequence number field is 64-bits */
+            WriteSEQ(ssl, PEER_ORDER, ssl->decrypt.additional);
+
+            ssl->decrypt.additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+            ssl->decrypt.additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+            ssl->decrypt.additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+            c16toa(sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                    ssl->decrypt.additional + AEAD_LEN_OFFSET);
+
+        #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
+            if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl))
+                XMEMCPY(ssl->decrypt.nonce,
+                        ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV,
+                        AESGCM_IMP_IV_SZ);
+            else
+        #endif
+                XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV,
+                        AESGCM_IMP_IV_SZ);
+            XMEMCPY(ssl->decrypt.nonce + AESGCM_IMP_IV_SZ, input,
+                                                            AESGCM_EXP_IV_SZ);
+            outBuf = (byte*)XMALLOC(sz - AESGCM_EXP_IV_SZ, ssl->heap,
+                                                       DYNAMIC_TYPE_TMP_BUFFER);
+            if (outBuf == NULL) {
+                ret = MEMORY_ERROR;
+                break;
+            }
+            ret = wc_AriaDecrypt(ssl->decrypt.aria, outBuf,
+                                (byte *)input + AESGCM_EXP_IV_SZ,
+                                sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                ssl->decrypt.nonce, AESGCM_NONCE_SZ,
+                                ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
+                                (byte *)input + sz - ssl->specs.aead_mac_size,
+                                ssl->specs.aead_mac_size
+                                );
+            if (ret != 0)
+                break;
+            XMEMCPY(plain + AESGCM_EXP_IV_SZ,
+                    outBuf,
+                    sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size);
+            XFREE(outBuf, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            break;
+        }
+    #endif /* HAVE_ARIA */
+
     #ifdef HAVE_CAMELLIA
         case wolfssl_camellia:
             ret = wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
@@ -17827,6 +19120,88 @@ static WC_INLINE int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
             break;
     #endif
 
+    #ifdef WOLFSSL_SM4_CBC
+        case wolfssl_sm4_cbc:
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            /* initialize event */
+            ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.aes->asyncDev,
+                WC_ASYNC_FLAG_CALL_AGAIN);
+            if (ret != 0)
+                break;
+        #endif
+            ret = wc_Sm4CbcDecrypt(ssl->decrypt.sm4, plain, input, sz);
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            if (ret == WC_PENDING_E) {
+                ret = wolfSSL_AsyncPush(ssl, &ssl->decrypt.aes->asyncDev);
+            }
+        #endif
+            break;
+    #endif
+
+    #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+        case wolfssl_sm4_gcm:
+        case wolfssl_sm4_ccm: /* GCM AEAD macros use same size as CCM */
+        {
+            SM4_AUTH_DECRYPT_FUNC sm4_auth_fn;
+
+        #ifdef WOLFSSL_ASYNC_CRYPT
+            /* initialize event */
+            ret = wolfSSL_AsyncInit(ssl, &ssl->decrypt.sm4->asyncDev,
+                WC_ASYNC_FLAG_CALL_AGAIN);
+            if (ret != 0)
+                break;
+        #endif
+
+        #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM4_CCM)
+            sm4_auth_fn = (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm)
+                            ? SM4_GCM_DECRYPT_FUNC : SM4_CCM_DECRYPT_FUNC;
+        #elif defined(WOLFSSL_SM4_GCM)
+            sm4_auth_fn = SM4_GCM_DECRYPT_FUNC;
+        #else
+            sm4_auth_fn = SM4_CCM_DECRYPT_FUNC;
+        #endif
+
+            XMEMSET(ssl->decrypt.additional, 0, AEAD_AUTH_DATA_SZ);
+
+            /* sequence number field is 64-bits */
+            WriteSEQ(ssl, PEER_ORDER, ssl->decrypt.additional);
+
+            ssl->decrypt.additional[AEAD_TYPE_OFFSET] = ssl->curRL.type;
+            ssl->decrypt.additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor;
+            ssl->decrypt.additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor;
+
+            c16toa(sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                                    ssl->decrypt.additional + AEAD_LEN_OFFSET);
+
+        #if defined(WOLFSSL_DTLS) && defined(HAVE_SECURE_RENEGOTIATION)
+            if (ssl->options.dtls && IsDtlsMsgSCRKeys(ssl))
+                XMEMCPY(ssl->decrypt.nonce,
+                        ssl->secure_renegotiation->tmp_keys.aead_dec_imp_IV,
+                        GCM_IMP_IV_SZ);
+            else
+        #endif
+                XMEMCPY(ssl->decrypt.nonce, ssl->keys.aead_dec_imp_IV,
+                        GCM_IMP_IV_SZ);
+            XMEMCPY(ssl->decrypt.nonce + GCM_IMP_IV_SZ, input, GCM_EXP_IV_SZ);
+            if ((ret = sm4_auth_fn(ssl->decrypt.sm4,
+                        plain + GCM_EXP_IV_SZ,
+                        input + GCM_EXP_IV_SZ,
+                        sz - GCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                        ssl->decrypt.nonce, GCM_NONCE_SZ,
+                        input + sz - ssl->specs.aead_mac_size,
+                        ssl->specs.aead_mac_size,
+                        ssl->decrypt.additional, AEAD_AUTH_DATA_SZ)) < 0) {
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                if (ret == WC_PENDING_E) {
+                    ret = wolfSSL_AsyncPush(ssl,
+                                            &ssl->decrypt.sm4->asyncDev);
+                }
+            #endif
+            }
+        }
+        break;
+    #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
+
     #ifdef HAVE_NULL_CIPHER
         case wolfssl_cipher_null:
             if (input != plain) {
@@ -17857,7 +19232,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* check for still pending */
         if (ret == WC_PENDING_E)
             return ret;
@@ -17883,18 +19258,19 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
                 return DECRYPT_ERROR;
             }
 
-        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
             /* make sure AES GCM/CCM memory is allocated */
             /* free for these happens in FreeCiphers */
             if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
-                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_aria_gcm) {
                 /* make sure auth iv and auth are allocated */
                 if (ssl->decrypt.additional == NULL)
                     ssl->decrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
                 if (ssl->decrypt.nonce == NULL) {
                     ssl->decrypt.nonce = (byte*)XMALLOC(AESGCM_NONCE_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
                 #ifdef WOLFSSL_CHECK_MEM_ZERO
                     if (ssl->decrypt.nonce != NULL) {
                         wc_MemZero_Add("DecryptTls nonce", ssl->decrypt.nonce,
@@ -17907,7 +19283,33 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
                     return MEMORY_E;
                 }
             }
-        #endif /* BUILD_AESGCM || HAVE_AESCCM */
+        #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+
+        #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+            /* make sure SM4 GCM/CCM memory is allocated */
+            /* free for these happens in FreeCiphers */
+            if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+                /* make sure auth iv and auth are allocated */
+                if (ssl->decrypt.additional == NULL)
+                    ssl->decrypt.additional = (byte*)XMALLOC(AEAD_AUTH_DATA_SZ,
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
+                if (ssl->decrypt.nonce == NULL) {
+                    ssl->decrypt.nonce = (byte*)XMALLOC(GCM_NONCE_SZ,
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
+                #ifdef WOLFSSL_CHECK_MEM_ZERO
+                    if (ssl->decrypt.nonce != NULL) {
+                        wc_MemZero_Add("DecryptTls nonce", ssl->decrypt.nonce,
+                            GCM_NONCE_SZ);
+                    }
+                #endif
+                }
+                if (ssl->decrypt.additional == NULL ||
+                         ssl->decrypt.nonce == NULL) {
+                    return MEMORY_E;
+                }
+            }
+        #endif /* WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM */
 
             /* Advance state and proceed */
             ssl->decrypt.state = CIPHER_STATE_DO;
@@ -17955,7 +19357,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
         FALL_THROUGH;
         case CIPHER_STATE_END:
         {
-        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM)
+        #if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
             /* make sure AES GCM/CCM nonce is cleared */
             if (ssl->specs.bulk_cipher_algorithm == wolfssl_aes_ccm ||
                 ssl->specs.bulk_cipher_algorithm == wolfssl_aes_gcm) {
@@ -17967,6 +19369,19 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input, word16 sz)
                     WOLFSSL_ERROR_VERBOSE(ret);
                 }
             }
+        #endif /* BUILD_AESGCM || HAVE_AESCCM || HAVE_ARIA */
+        #if defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+            /* make sure SM4 GCM/CCM nonce is cleared */
+            if (ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_ccm ||
+                ssl->specs.bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+                if (ssl->decrypt.nonce)
+                    ForceZero(ssl->decrypt.nonce, GCM_NONCE_SZ);
+
+                if (ret < 0) {
+                    ret = VERIFY_MAC_ERROR;
+                    WOLFSSL_ERROR_VERBOSE(ret);
+                }
+            }
         #endif /* BUILD_AESGCM || HAVE_AESCCM */
             break;
         }
@@ -18554,7 +19969,8 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff)
         return BUFFER_ERROR;
     }
 #ifdef WOLFSSL_EARLY_DATA
-    if (ssl->earlyData > early_data_ext) {
+    if (ssl->options.side == WOLFSSL_SERVER_END &&
+            ssl->earlyData > early_data_ext) {
         if (ssl->earlyDataSz + dataSz > ssl->options.maxEarlyDataSz) {
             if (sniff == NO_SNIFF) {
                 SendAlert(ssl, alert_fatal, unexpected_message);
@@ -18594,11 +20010,14 @@ int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx, int sniff)
 #endif
 
     *inOutIdx = idx;
+#ifdef WOLFSSL_DTLS13
+    if (ssl->options.connectState == WAIT_FINISHED_ACK) {
+        /* DTLS 1.3 is waiting for an ACK but we can still return app data. */
+        return APP_DATA_READY;
+    }
+#endif
 #ifdef HAVE_SECURE_RENEGOTIATION
     if (IsSCR(ssl)) {
-        /* Reset the processReply state since
-         * we finished processing this message. */
-        ssl->options.processReply = doProcessInit;
         /* If we are in a secure renegotiation then APP DATA is treated
          * differently */
         return APP_DATA_READY;
@@ -18913,10 +20332,16 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
     inSz       = (int)(size - usedLength);      /* from last partial read */
 
 #ifdef WOLFSSL_DTLS
-    if (ssl->options.dtls) {
-        if (size < ssl->dtls_expected_rx)
-            dtlsExtra = (int)(ssl->dtls_expected_rx - size);
-        inSz = ssl->dtls_expected_rx;
+    if (ssl->options.dtls && IsDtlsNotSctpMode(ssl)) {
+        /* Add DTLS_MTU_ADDITIONAL_READ_BUFFER bytes so that we can operate with
+         * slight difference in set MTU size on each peer */
+#ifdef WOLFSSL_DTLS_MTU
+        inSz = (word32)ssl->dtlsMtuSz + DTLS_MTU_ADDITIONAL_READ_BUFFER;
+#else
+        inSz = MAX_MTU + DTLS_MTU_ADDITIONAL_READ_BUFFER;
+#endif
+        if (size < (word32)inSz)
+            dtlsExtra = (int)(inSz - size);
     }
 #endif
 
@@ -19125,9 +20550,10 @@ static int HandleDTLSDecryptFailed(WOLFSSL* ssl)
 
 static int DtlsShouldDrop(WOLFSSL* ssl, int retcode)
 {
-    if (ssl->options.handShakeDone && !IsEncryptionOn(ssl, 0)) {
+    if (ssl->options.handShakeDone && !IsEncryptionOn(ssl, 0) &&
+            !ssl->options.dtlsHsRetain) {
         WOLFSSL_MSG("Silently dropping plaintext DTLS message "
-                    "on established connection.");
+                    "on established connection when we have nothing to send.");
         return 1;
     }
 
@@ -19148,21 +20574,9 @@ static int DtlsShouldDrop(WOLFSSL* ssl, int retcode)
 
 #ifndef NO_WOLFSSL_SERVER
     if (ssl->options.side == WOLFSSL_SERVER_END
-            && ssl->curRL.type != handshake) {
-        int beforeCookieVerified = 0;
-        if (!IsAtLeastTLSv1_3(ssl->version)) {
-            beforeCookieVerified =
-                ssl->options.acceptState < ACCEPT_FIRST_REPLY_DONE;
-        }
-#ifdef WOLFSSL_DTLS13
-        else {
-            beforeCookieVerified =
-                ssl->options.acceptState < TLS13_ACCEPT_SECOND_REPLY_DONE;
-        }
-#endif /* WOLFSSL_DTLS13 */
-
-        if (beforeCookieVerified) {
-            WOLFSSL_MSG("Drop non-handshake record before handshake");
+            && ssl->curRL.type != handshake && !IsSCR(ssl)) {
+        if (!ssl->options.dtlsStateful) {
+            WOLFSSL_MSG("Drop non-handshake record when not stateful");
             return 1;
         }
     }
@@ -19185,7 +20599,6 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
 {
     int    ret = 0, type = internal_error, readSz;
     int    atomicUser = 0;
-    word32 startIdx = 0;
 #if defined(WOLFSSL_DTLS)
     int    used;
 #endif
@@ -19196,7 +20609,7 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
 #endif
 
     if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE
-    #ifdef HAVE_SECURE_RENEGOTIATION
+    #if defined(HAVE_SECURE_RENEGOTIATION) || defined(WOLFSSL_DTLS13)
         && ssl->error != APP_DATA_READY
     #endif
     #ifdef WOLFSSL_ASYNC_CRYPT
@@ -19367,7 +20780,7 @@ int ProcessReplyEx(WOLFSSL* ssl, int allowSocketErr)
         case getRecordLayerHeader:
 
             /* DTLSv1.3 record numbers in the header are encrypted, and AAD
-             * uses the unecrypted form. Because of this we need to modify the
+             * uses the unencrypted form. Because of this we need to modify the
              * header, decrypting the numbers inside
              * DtlsParseUnifiedRecordLayer(). This violates the const attribute
              * of the buffer parameter of GetRecordHeader() used here. */
@@ -19477,7 +20890,8 @@ default:
             ssl->keys.padSz = 0;
 
             ssl->options.processReply = verifyEncryptedMessage;
-            startIdx = ssl->buffers.inputBuffer.idx;  /* in case > 1 msg per */
+            /* in case > 1 msg per record */
+            ssl->curStartIdx = ssl->buffers.inputBuffer.idx;
             FALL_THROUGH;
 
         /* verify digest of encrypted message */
@@ -19734,7 +21148,7 @@ default:
                             return HandleDTLSDecryptFailed(ssl);
                         }
                     #endif /* WOLFSSL_DTLS */
-                    #ifdef WOLFSSL_EXTRA_ALERTS
+                    #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_ETM_ALERT)
                         if (!ssl->options.dtls)
                             SendAlert(ssl, alert_fatal, bad_record_mac);
                     #endif
@@ -19778,31 +21192,32 @@ default:
         /* the record layer is here */
         case runProcessingOneRecord:
 #ifdef WOLFSSL_DTLS13
-            if (ssl->options.dtls && IsAtLeastTLSv1_3(ssl->version)) {
-
-                if(!Dtls13CheckWindow(ssl)) {
-                    /* drop packet */
-                    WOLFSSL_MSG(
-                            "Dropping DTLS record outside receiving window");
-                    ssl->options.processReply = doProcessInit;
-                    ssl->buffers.inputBuffer.idx += ssl->curSize;
-                    if (ssl->buffers.inputBuffer.idx >
-                            ssl->buffers.inputBuffer.length)
-                        return BUFFER_E;
+            if (ssl->options.dtls) {
+                if (IsAtLeastTLSv1_3(ssl->version)) {
+                    if (!Dtls13CheckWindow(ssl)) {
+                        /* drop packet */
+                        WOLFSSL_MSG("Dropping DTLS record outside receiving "
+                                    "window");
+                        ssl->options.processReply = doProcessInit;
+                        ssl->buffers.inputBuffer.idx += ssl->curSize;
+                        if (ssl->buffers.inputBuffer.idx >
+                                ssl->buffers.inputBuffer.length)
+                            return BUFFER_E;
 
-                    continue;
-                }
+                        continue;
+                    }
 
-                ret = Dtls13UpdateWindow(ssl);
-                if (ret != 1) {
-                    WOLFSSL_ERROR(ret);
-                    return ret;
+                    /* Only update the window once we enter stateful parsing */
+                    if (ssl->options.dtlsStateful) {
+                        ret = Dtls13UpdateWindowRecordRecvd(ssl);
+                        if (ret != 0) {
+                            WOLFSSL_ERROR(ret);
+                            return ret;
+                        }
+                    }
                 }
-
-                ret = Dtls13RecordRecvd(ssl);
-                if (ret != 0) {
-                    WOLFSSL_ERROR(ret);
-                    return ret;
+                else if (IsDtlsNotSctpMode(ssl)) {
+                    DtlsUpdateWindow(ssl);
                 }
             }
 #endif /* WOLFSSL_DTLS13 */
@@ -19820,7 +21235,7 @@ default:
                 /* For TLS v1.1 the block size and explicit IV are added to idx,
                  * so it needs to be included in this limit check */
                 if ((ssl->curSize - ssl->keys.padSz -
-                        (ssl->buffers.inputBuffer.idx - startIdx) -
+                        (ssl->buffers.inputBuffer.idx - ssl->curStartIdx) -
                         MacSize(ssl) > MAX_PLAINTEXT_SZ)
 #ifdef WOLFSSL_ASYNC_CRYPT
                         && ssl->buffers.inputBuffer.length !=
@@ -19828,7 +21243,7 @@ default:
 #endif
                                 ) {
                     WOLFSSL_MSG("Plaintext too long - Encrypt-Then-MAC");
-            #if defined(WOLFSSL_EXTRA_ALERTS)
+            #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_ETM_ALERT)
                     SendAlert(ssl, alert_fatal, record_overflow);
             #endif
                     WOLFSSL_ERROR_VERBOSE(BUFFER_ERROR);
@@ -19837,16 +21252,16 @@ default:
             }
             else
        #endif
-                /* TLS13 plaintext limit is checked earlier before decryption */
-                /* For TLS v1.1 the block size and explicit IV are added to idx,
-                 * so it needs to be included in this limit check */
-                if (!IsAtLeastTLSv1_3(ssl->version)
-                        && ssl->curSize - ssl->keys.padSz -
-                            (ssl->buffers.inputBuffer.idx - startIdx)
-                                > MAX_PLAINTEXT_SZ
+            /* TLS13 plaintext limit is checked earlier before decryption */
+            /* For TLS v1.1 the block size and explicit IV are added to idx,
+             * so it needs to be included in this limit check */
+            if (!IsAtLeastTLSv1_3(ssl->version)
+                    && ssl->curSize - ssl->keys.padSz -
+                        (ssl->buffers.inputBuffer.idx - ssl->curStartIdx)
+                            > MAX_PLAINTEXT_SZ
 #ifdef WOLFSSL_ASYNC_CRYPT
-                        && ssl->buffers.inputBuffer.length !=
-                                ssl->buffers.inputBuffer.idx
+                    && ssl->buffers.inputBuffer.length !=
+                            ssl->buffers.inputBuffer.idx
 #endif
                                 ) {
                 WOLFSSL_MSG("Plaintext too long");
@@ -19857,17 +21272,6 @@ default:
                 return BUFFER_ERROR;
             }
 
-#ifdef WOLFSSL_DTLS
-            if (IsDtlsNotSctpMode(ssl) && !IsAtLeastTLSv1_3(ssl->version)) {
-                _DtlsUpdateWindow(ssl);
-            }
-
-            if (ssl->options.dtls) {
-                /* Reset timeout as we have received a valid DTLS message */
-                ssl->dtls_timeout = ssl->dtls_timeout_init;
-            }
-#endif /* WOLFSSL_DTLS */
-
             WOLFSSL_MSG("received record layer msg");
 
             switch (ssl->curRL.type) {
@@ -19877,16 +21281,21 @@ default:
                     if (ssl->options.dtls) {
 #ifdef WOLFSSL_DTLS
                         if (!IsAtLeastTLSv1_3(ssl->version)) {
-                                ret = DoDtlsHandShakeMsg(ssl,
-                                                         ssl->buffers.inputBuffer.buffer,
-                                                         &ssl->buffers.inputBuffer.idx,
-                                                         ssl->buffers.inputBuffer.length);
-                                if (ret != 0) {
-                                    if (SendFatalAlertOnly(ssl, ret)
-                                            == SOCKET_ERROR_E) {
-                                        ret = SOCKET_ERROR_E;
-                                    }
+                            ret = DoDtlsHandShakeMsg(ssl,
+                                ssl->buffers.inputBuffer.buffer,
+                                &ssl->buffers.inputBuffer.idx,
+                                ssl->buffers.inputBuffer.length);
+                            if (ret == 0 || ret == WC_PENDING_E) {
+                                /* Reset timeout as we have received a valid
+                                 * DTLS handshake message */
+                                ssl->dtls_timeout = ssl->dtls_timeout_init;
+                            }
+                            else {
+                                if (SendFatalAlertOnly(ssl, ret)
+                                        == SOCKET_ERROR_E) {
+                                    ret = SOCKET_ERROR_E;
                                 }
+                            }
                         }
 #endif
 #ifdef WOLFSSL_DTLS13
@@ -20168,7 +21577,13 @@ default:
                                                 &ssl->buffers.inputBuffer.idx,
                                                               NO_SNIFF)) != 0) {
                         WOLFSSL_ERROR(ret);
-                        return ret;
+                    #if defined(WOLFSSL_DTLS13) || \
+                        defined(HAVE_SECURE_RENEGOTIATION)
+                        /* Not really an error. We will return after cleaning
+                         * up the processReply state. */
+                        if (ret != APP_DATA_READY)
+                    #endif
+                            return ret;
                     }
                     break;
 
@@ -20225,9 +21640,18 @@ default:
             /* input exhausted */
             if (ssl->buffers.inputBuffer.idx >= ssl->buffers.inputBuffer.length
 #ifdef WOLFSSL_DTLS
-                /* If app data was processed then return now to avoid
-                 * dropping any app data. */
-                || (ssl->options.dtls && ssl->curRL.type == application_data)
+                || (ssl->options.dtls &&
+                    /* If app data was processed then return now to avoid
+                     * dropping any app data. */
+                    (ssl->curRL.type == application_data ||
+                    /* client: if we processed a finished message, return to
+                     *         allow higher layers to establish the crypto
+                     *         parameters of the connection. The remaining data
+                     *         may be app data that we would drop without the
+                     *         crypto setup. */
+                    (ssl->options.side == WOLFSSL_CLIENT_END &&
+                        ssl->options.serverState == SERVER_FINISHED_COMPLETE &&
+                        ssl->options.handShakeState != HANDSHAKE_DONE)))
 #endif
                 ) {
                 /* Shrink input buffer when we successfully finish record
@@ -20237,7 +21661,8 @@ default:
                 return ret;
             }
             /* more messages per record */
-            else if ((ssl->buffers.inputBuffer.idx - startIdx) < ssl->curSize) {
+            else if ((ssl->buffers.inputBuffer.idx - ssl->curStartIdx)
+                    < ssl->curSize) {
                 WOLFSSL_MSG("More messages in record");
 
                 ssl->options.processReply = runProcessingOneMessage;
@@ -20283,6 +21708,11 @@ default:
             if (ret != 0)
                 return ret;
 #endif
+#if defined(WOLFSSL_DTLS13) || defined(HAVE_SECURE_RENEGOTIATION)
+            /* Signal to user that we have application data ready to read */
+            if (ret == APP_DATA_READY)
+                return ret;
+#endif
             /* It is safe to shrink the input buffer here now. local vars will
              * be reset to the new starting value. */
             if (ret == 0 && ssl->buffers.inputBuffer.dynamicFlag)
@@ -20679,6 +22109,12 @@ int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes)
                 if (ret != 0)
                     return ret;
             #endif
+            #ifdef WOLFSSL_SM3
+                ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3,
+                                       hashes->sm3);
+                if (ret != 0)
+                    return ret;
+            #endif
         }
     }
     else {
@@ -20757,7 +22193,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
 #endif
 
 #ifdef WOLFSSL_ASYNC_CRYPT
-    ret = WC_NOT_PENDING_E;
+    ret = WC_NO_PENDING_E;
     if (asyncOkay) {
         if (ssl->async == NULL) {
             return BAD_FUNC_ARG;
@@ -20765,7 +22201,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
         args = &ssl->async->buildArgs;
 
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.buildMsgState);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* Check for error */
             if (ret < 0)
                 goto exit_buildmsg;
@@ -20779,7 +22215,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
 
     /* Reset state */
 #ifdef WOLFSSL_ASYNC_CRYPT
-    if (ret == WC_NOT_PENDING_E)
+    if (ret == WC_NO_PENDING_E)
 #endif
     {
         ret = 0;
@@ -21328,6 +22764,9 @@ int SendFinished(WOLFSSL* ssl)
         #endif
             ssl->options.handShakeState = HANDSHAKE_DONE;
             ssl->options.handShakeDone  = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+            ssl->options.resumed = ssl->options.resuming;
+#endif
         }
     }
     else {
@@ -21340,6 +22779,9 @@ int SendFinished(WOLFSSL* ssl)
         #endif
             ssl->options.handShakeState = HANDSHAKE_DONE;
             ssl->options.handShakeDone  = 1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+            ssl->options.resumed = ssl->options.resuming;
+#endif
         }
     }
 
@@ -21489,7 +22931,8 @@ int CreateOcspResponse(WOLFSSL* ssl, OcspRequest** ocspRequest,
 
     if (ret == 0) {
         request->ssl = ssl;
-        ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, request, response);
+        ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling, request, response,
+                               ssl->heap);
 
         /* Suppressing, not critical */
         if (ret == OCSP_CERT_REVOKED ||
@@ -21829,7 +23272,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
     int    sendSz;
     word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
     word32 dnLen = 0;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
     WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
 #endif
     const Suites* suites = WOLFSSL_SUITES(ssl);
@@ -21843,7 +23286,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
     if (IsAtLeastTLSv1_2(ssl))
         reqSz += LENGTH_SZ + suites->hashSigAlgoSz;
 
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
     /* Certificate Authorities */
     names = SSL_CA_NAMES(ssl);
     while (names != NULL) {
@@ -21899,7 +23342,26 @@ int SendCertificateRequest(WOLFSSL* ssl)
          ssl->options.cipherSuite0 == CHACHA_BYTE) &&
                      ssl->specs.sig_algo == ecc_dsa_sa_algo) {
         output[i++] = ecdsa_sign;
-    } else
+    }
+    else
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+    (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+     defined(WOLFSSL_SM4_CCM))
+    if (ssl->options.cipherSuite0 == SM_BYTE && (0
+    #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+        || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+    #endif
+    #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+        || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+    #endif
+    #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+        || ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+    #endif
+        )) {
+        output[i++] = ecdsa_sign;
+    }
+    else
+#endif
 #endif /* HAVE_ECC */
     {
         output[i++] = rsa_sign;
@@ -21917,7 +23379,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
     /* Certificate Authorities */
     c16toa((word16)dnLen, &output[i]);  /* auth's */
     i += REQ_HEADER_SZ;
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
     names = SSL_CA_NAMES(ssl);
     while (names != NULL) {
         byte seq[MAX_SEQ_SZ];
@@ -22166,7 +23628,13 @@ int SendCertificateStatus(WOLFSSL* ssl)
 
             if (ret == 0 && response.buffer) {
                 ret = BuildCertificateStatus(ssl, status_type, &response, 1);
+            }
 
+            /* Let's not error out the connection if we can't verify our cert */
+            if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+                ret = 0;
+
+            if (response.buffer) {
                 XFREE(response.buffer, ssl->heap, DYNAMIC_TYPE_OCSP_REQUEST);
                 response.buffer = NULL;
             }
@@ -22243,7 +23711,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
                         if (ret == 0) {
                             request->ssl = ssl;
                         ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
-                                                    request, &responses[i + 1]);
+                                        request, &responses[i + 1], ssl->heap);
 
                             /* Suppressing, not critical */
                             if (ret == OCSP_CERT_REVOKED ||
@@ -22269,7 +23737,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
                             NULL != (request = ssl->ctx->chainOcspRequest[i])) {
                     request->ssl = ssl;
                     ret = CheckOcspRequest(SSL_CM(ssl)->ocsp_stapling,
-                                                request, &responses[++i]);
+                                           request, &responses[++i], ssl->heap);
 
                     /* Suppressing, not critical */
                     if (ret == OCSP_CERT_REVOKED ||
@@ -22294,6 +23762,10 @@ int SendCertificateStatus(WOLFSSL* ssl)
                 }
             }
 
+            /* Let's not error out the connection if we can't verify our cert */
+            if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+                ret = 0;
+
             break;
         }
     #endif /* HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
@@ -22440,6 +23912,18 @@ static int CheckTLS13AEADSendLimit(WOLFSSL* ssl)
                 limit = AEAD_AES_LIMIT; /* Limit is 2^24.5 */
             break;
 #endif
+#ifdef WOLFSSL_SM4_GCM
+        case wolfssl_sm4_gcm:
+            /* Limit is 2^22 - 1 */
+            limit = AEAD_SM4_GCM_LIMIT;
+            break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        case wolfssl_sm4_ccm:
+            /* Limit is 2^10 - 1 */
+            limit = AEAD_SM4_CCM_LIMIT;
+            break;
+#endif
         case wolfssl_cipher_null:
             /* No encryption being done */
             return 0;
@@ -22507,6 +23991,12 @@ int SendData(WOLFSSL* ssl, const void* data, int sz)
         groupMsgs = 1;
     #endif
     }
+    else if (IsAtLeastTLSv1_3(ssl->version) &&
+            ssl->options.side == WOLFSSL_SERVER_END &&
+            ssl->options.acceptState >= TLS13_ACCEPT_FINISHED_SENT) {
+        /* We can send data without waiting on peer finished msg */
+        WOLFSSL_MSG("server sending data before receiving client finished");
+    }
     else
 #endif
     if (ssl->options.handShakeState != HANDSHAKE_DONE && !IsSCR(ssl)) {
@@ -22744,7 +24234,7 @@ int ReceiveData(WOLFSSL* ssl, byte* output, int sz, int peek)
 #ifdef WOLFSSL_ASYNC_CRYPT
             && ssl->error != WC_PENDING_E
 #endif
-#ifdef HAVE_SECURE_RENEGOTIATION
+#if defined(HAVE_SECURE_RENEGOTIATION) || defined(WOLFSSL_DTLS13)
             && ssl->error != APP_DATA_READY
 #endif
     ) {
@@ -23100,12 +24590,11 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
 #else
 
     int error = (int)e;
-#ifdef OPENSSL_EXTRA
+
     /* OpenSSL uses positive error codes */
     if (error > 0) {
         error = -error;
     }
-#endif
 
     /* pass to wolfCrypt */
     if (error < MAX_CODE_E && error > MIN_CODE_E) {
@@ -23204,7 +24693,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
         return "peer ip address mismatch";
 
     case WANT_READ :
-    case WOLFSSL_ERROR_WANT_READ :
+    case -WOLFSSL_ERROR_WANT_READ :
         return "non-blocking socket wants data to be read";
 
     case NOT_READY_ERROR :
@@ -23214,9 +24703,22 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
         return "record layer version error";
 
     case WANT_WRITE :
-    case WOLFSSL_ERROR_WANT_WRITE :
+    case -WOLFSSL_ERROR_WANT_WRITE :
         return "non-blocking socket write buffer full";
 
+    case -WOLFSSL_ERROR_WANT_CONNECT:
+    case -WOLFSSL_ERROR_WANT_ACCEPT:
+        return "The underlying BIO was not yet connected";
+
+    case -WOLFSSL_ERROR_SYSCALL:
+        return "fatal I/O error in TLS layer";
+
+    case -WOLFSSL_ERROR_WANT_X509_LOOKUP:
+        return "application client cert callback asked to be called again";
+
+    case -WOLFSSL_ERROR_SSL:
+        return "fatal TLS protocol error";
+
     case BUFFER_ERROR :
         return "malformed buffer input error";
 
@@ -23254,7 +24756,7 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
         return "can't decode peer key";
 
     case ZERO_RETURN:
-    case WOLFSSL_ERROR_ZERO_RETURN:
+    case -WOLFSSL_ERROR_ZERO_RETURN:
         return "peer sent close notify alert";
 
     case ECC_CURVETYPE_ERROR:
@@ -23534,6 +25036,9 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
     case SOCKET_FILTERED_E:
         return "Session stopped by network filter";
 
+    case UNSUPPORTED_CERTIFICATE:
+        return "Unsupported certificate type";
+
 #ifdef HAVE_HTTP_CLIENT
     case HTTP_TIMEOUT:
         return "HTTP timeout for OCSP or CRL req";
@@ -23550,10 +25055,36 @@ const char* wolfSSL_ERR_reason_error_string(unsigned long e)
     case HTTP_APPSTR_ERR:
         return "HTTP Application string error";
 #endif
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    /* TODO: -WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE. Conflicts with
+     *       -WOLFSSL_ERROR_WANT_CONNECT. */
+    case -WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID:
+        return "certificate not yet valid";
+    case -WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED:
+        return "certificate has expired";
+    case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+        return "certificate signature failure";
+    case -WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+        return "format error in certificate's notAfter field";
+    case -WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+        return "self-signed certificate in certificate chain";
     case -WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
         return "unable to get local issuer certificate";
-#endif
+    case -WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+        return "unable to verify the first certificate";
+    case -WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG:
+        return "certificate chain too long";
+    case -WOLFSSL_X509_V_ERR_CERT_REVOKED:
+        return "certificate revoked";
+    case -WOLFSSL_X509_V_ERR_INVALID_CA:
+        return "invalid CA certificate";
+    case -WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED:
+        return "path length constraint exceeded";
+    case -WOLFSSL_X509_V_ERR_CERT_REJECTED:
+        return "certificate rejected";
+    case -WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH:
+        return "subject issuer mismatch";
+#endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL || HAVE_WEBSERVER */
     case UNSUPPORTED_PROTO_VERSION:
         #ifdef OPENSSL_EXTRA
         return "WRONG_SSL_VERSION";
@@ -23633,18 +25164,18 @@ void SetErrorString(int error, char* str)
     #ifndef NO_ERROR_STRINGS
         #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
             #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
-            #define SUITE_ALIAS(x,z,w,v,u)
+            #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
         #else
             #define SUITE_INFO(x,y,z,w,v,u) {(x),(y),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
-            #define SUITE_ALIAS(x,z,w,v,u)
+            #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
         #endif
     #else
         #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
             #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),(v),(u),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
-            #define SUITE_ALIAS(x,z,w,v,u)
+            #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
         #else
             #define SUITE_INFO(x,y,z,w,v,u) {(x),(z),(w),WOLFSSL_CIPHER_SUITE_FLAG_NONE}
-            #define SUITE_ALIAS(x,z,w,v,u)
+            #define SUITE_ALIAS(x,z,w,v,u) /* null expansion */
         #endif
     #endif
 #else /* !NO_CIPHER_SUITE_ALIASES */
@@ -23699,6 +25230,14 @@ static const CipherSuiteInfo cipher_names[] =
     SUITE_ALIAS("TLS13-AES128-CCM8-SHA256",TLS13_BYTE,TLS_AES_128_CCM_8_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR)
 #endif
 
+#ifdef BUILD_TLS_SM4_GCM_SM3
+    SUITE_INFO("TLS13-SM4-GCM-SM3","TLS_SM4_GCM_SM3",CIPHER_BYTE,TLS_SM4_GCM_SM3, TLSv1_3_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_SM4_CCM_SM3
+    SUITE_INFO("TLS13-SM4-CCM-SM3","TLS_SM4_CCM_SM3",CIPHER_BYTE,TLS_SM4_CCM_SM3, TLSv1_3_MINOR, SSLv3_MAJOR),
+#endif
+
 #ifdef BUILD_TLS_SHA256_SHA256
     SUITE_INFO("TLS13-SHA256-SHA256","TLS_SHA256_SHA256",ECC_BYTE,TLS_SHA256_SHA256,TLSv1_3_MINOR, SSLv3_MAJOR),
 #endif
@@ -24075,6 +25614,18 @@ static const CipherSuiteInfo cipher_names[] =
     SUITE_INFO("DHE-RSA-CHACHA20-POLY1305-OLD","TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256",CHACHA_BYTE,TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256, TLSv1_2_MINOR, SSLv3_MAJOR),
 #endif
 
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+    SUITE_INFO("ECDHE-ECDSA-SM4-CBC-SM3","TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+    SUITE_INFO("ECDHE-ECDSA-SM4-GCM-SM3","TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+    SUITE_INFO("ECDHE-ECDSA-SM4-CCM-SM3","TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3",SM_BYTE,TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
 #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA
     SUITE_INFO("ADH-AES128-SHA","TLS_DH_anon_WITH_AES_128_CBC_SHA",CIPHER_BYTE,TLS_DH_anon_WITH_AES_128_CBC_SHA, TLSv1_2_MINOR, SSLv3_MAJOR),
 #endif
@@ -24119,6 +25670,14 @@ static const CipherSuiteInfo cipher_names[] =
     SUITE_INFO("EDH-RSA-DES-CBC3-SHA","TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA",CIPHER_BYTE,TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, TLSv1_MINOR, SSLv3_MAJOR),
 #endif
 
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+    SUITE_INFO("ECDHE-ECDSA-ARIA128-GCM-SHA256","TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+    SUITE_INFO("ECDHE-ECDSA-ARIA256-GCM-SHA384","TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384",ECC_BYTE,TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384, TLSv1_2_MINOR, SSLv3_MAJOR),
+#endif
+
 #ifdef BUILD_WDM_WITH_NULL_SHA256
     SUITE_INFO("WDM-NULL-SHA256","WDM_WITH_NULL_SHA256",CIPHER_BYTE,WDM_WITH_NULL_SHA256, TLSv1_3_MINOR, SSLv3_MAJOR)
 #endif
@@ -24318,12 +25877,37 @@ const char* GetCipherEncStr(char n[][MAX_SEGMENT_SZ]) {
              (XSTRCMP(n[2],"AES") == 0 && XSTRCMP(n[3],"256") == 0))
         encStr = "AES(256)";
 
+#ifdef HAVE_ARIA
+    else if ((XSTRCMP(n[0],"ARIA256") == 0) ||
+             (XSTRCMP(n[2],"ARIA256") == 0))
+        encStr = "ARIA(256)";
+    else if ((XSTRCMP(n[0],"ARIA128") == 0) ||
+             (XSTRCMP(n[2],"ARIA128") == 0))
+        encStr = "ARIA(128)";
+#endif
     else if ((XSTRCMP(n[0],"CAMELLIA256") == 0) ||
              (XSTRCMP(n[2],"CAMELLIA256") == 0))
         encStr = "CAMELLIA(256)";
     else if ((XSTRCMP(n[0],"CAMELLIA128") == 0) ||
              (XSTRCMP(n[2],"CAMELLIA128") == 0))
         encStr = "CAMELLIA(128)";
+#ifdef WOLFSSL_SM4_GCM
+    else if ((XSTRCMP(n[0],"SM4") == 0 && XSTRCMP(n[1],"GCM") == 0) ||
+             (XSTRCMP(n[1],"SM4") == 0 && XSTRCMP(n[2],"GCM") == 0) ||
+             (XSTRCMP(n[2],"SM4") == 0 && XSTRCMP(n[3],"GCM") == 0))
+        encStr = "SM4-GCM";
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    else if ((XSTRCMP(n[0],"SM4") == 0 && XSTRCMP(n[1],"CCM") == 0) ||
+             (XSTRCMP(n[1],"SM4") == 0 && XSTRCMP(n[2],"CCM") == 0) ||
+             (XSTRCMP(n[2],"SM4") == 0 && XSTRCMP(n[3],"CCM") == 0))
+        encStr = "SM4-CCM";
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    else if ((XSTRCMP(n[0],"SM4") == 0) ||
+             (XSTRCMP(n[2],"SM4") == 0))
+        encStr = "SM4";
+#endif
     else if ((XSTRCMP(n[0],"RC4") == 0) || (XSTRCMP(n[1],"RC4") == 0) ||
             (XSTRCMP(n[2],"RC4") == 0))
         encStr = "RC4";
@@ -24380,6 +25964,13 @@ const char* GetCipherMacStr(char n[][MAX_SEGMENT_SZ]) {
              (XSTRCMP(n[2],"SHA384") == 0) ||
              (XSTRCMP(n[1],"SHA384") == 0))
         macStr = "SHA384";
+#ifdef WOLFSSL_SM3
+    else if ((XSTRCMP(n[4],"SM3") == 0) ||
+             (XSTRCMP(n[3],"SM3") == 0) ||
+             (XSTRCMP(n[2],"SM3") == 0) ||
+             (XSTRCMP(n[1],"SM3") == 0))
+        macStr = "SM3";
+#endif
     else if ((XSTRCMP(n[4],"SHA") == 0) || (XSTRCMP(n[3],"SHA") == 0) ||
              (XSTRCMP(n[2],"SHA") == 0) || (XSTRCMP(n[1],"SHA") == 0) ||
              (XSTRCMP(n[1],"MD5") == 0))
@@ -24519,11 +26110,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
 {
     int       ret              = 0;
     int       idx              = 0;
-    word16    haveRSAsig       = 0;
-    word16    haveECDSAsig     = 0;
-    word16    haveFalconSig    = 0;
-    word16    haveDilithiumSig = 0;
-    word16    haveAnon         = 0;
+    int       haveSig          = 0;
     word16    haveRSA          = 0;
 #ifdef OPENSSL_EXTRA
     word16    haveDH           = 0;
@@ -24537,8 +26124,6 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
     const int suiteSz       = GetCipherNamesSize();
     const char* next        = list;
 
-    (void)haveRSA;
-
     if (suites == NULL || list == NULL) {
         WOLFSSL_MSG("SetCipherList parameter error");
         return 0;
@@ -24631,11 +26216,11 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
 
         if (XSTRCMP(name, "DEFAULT") == 0 || XSTRCMP(name, "ALL") == 0) {
             if (XSTRCMP(name, "ALL") == 0)
-                haveAnon = 1;
+                haveSig |= SIG_ANON;
             else
-                haveAnon = 0;
+                haveSig &= ~SIG_ANON;
         #ifdef HAVE_ANON
-            ctx->haveAnon = haveAnon;
+            ctx->haveAnon = (haveSig & SIG_ANON) == SIG_ANON;
         #endif
             haveRSA = 1;
             haveDH = 1;
@@ -24645,7 +26230,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
              * static ECC suites here
              * haveStaticECC = 1; */
             haveStaticRSA = 1;
-            haveRSAsig = 1;
+            haveSig |= SIG_RSA;
             havePSK = 1;
             haveNull = 0;
 
@@ -24658,7 +26243,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
          * ciphersuites. */
         if (XSTRCMP(name, "HIGH") == 0 && allowing) {
             /* Disable static, anonymous, and null ciphers */
-            haveAnon = 0;
+            haveSig &= ~SIG_ANON;
         #ifdef HAVE_ANON
             ctx->haveAnon = 0;
         #endif
@@ -24667,7 +26252,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
             haveECC = 1;
             haveStaticECC = 0;
             haveStaticRSA = 0;
-            haveRSAsig = 1;
+            haveSig |= SIG_RSA;
             havePSK = 1;
             haveNull = 0;
 
@@ -24677,7 +26262,10 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
         }
 
         if (XSTRCMP(name, "aNULL") == 0) {
-            haveAnon = allowing;
+            if (allowing)
+                haveSig |= SIG_ANON;
+            else
+                haveSig &= ~SIG_ANON;
         #ifdef HAVE_ANON
             ctx->haveAnon = allowing;
         #endif
@@ -24685,8 +26273,8 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
                 /* Allow RSA by default. */
                 if (!haveECC)
                     haveRSA = 1;
-                if (!haveECDSAsig)
-                    haveRSAsig = 1;
+                if ((haveSig & SIG_ECDSA) == 0)
+                    haveSig |= SIG_RSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24699,8 +26287,8 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
                 /* Allow RSA by default. */
                 if (!haveECC)
                     haveRSA = 1;
-                if (!haveECDSAsig)
-                    haveRSAsig = 1;
+                if ((haveSig & SIG_ECDSA) == 0)
+                    haveSig |= SIG_RSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24708,20 +26296,27 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
         }
 
         if (XSTRCMP(name, "kDH") == 0) {
-            haveStaticECC = allowing;
             if (allowing) {
-                haveECC = 1;
-                haveECDSAsig = 1;
+                haveDH = 1;
                 callInitSuites = 1;
                 ret = 1;
             }
             continue;
         }
 
-        if (XSTRCMP(name, "ECDHE") == 0) {
+        if (XSTRCMP(name, "DHE") == 0 || XSTRCMP(name, "EDH") == 0) {
+            if (allowing) {
+                haveDH = 1;
+                callInitSuites = 1;
+                ret = 1;
+            }
+            continue;
+        }
+
+        if (XSTRCMP(name, "ECDHE") == 0 || XSTRCMP(name, "EECDH") == 0) {
             if (allowing) {
                 haveECC = 1;
-                haveECDSAsig = 1;
+                haveSig |= SIG_ECDSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24732,7 +26327,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
             haveStaticRSA = allowing;
             if (allowing) {
                 haveRSA = 1;
-                haveRSAsig = 1;
+                haveSig |= SIG_RSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24741,13 +26336,13 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
 
         if (XSTRCMP(name, "PSK") == 0) {
             havePSK = allowing;
-            haveRSAsig = 1;
+            haveSig |= SIG_RSA;
             if (allowing) {
                 /* Allow RSA by default. */
                 if (!haveECC)
                     haveRSA = 1;
-                if (!haveECDSAsig)
-                    haveRSAsig = 1;
+                if ((haveSig & SIG_ECDSA) == 0)
+                    haveSig |= SIG_RSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24759,7 +26354,7 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
             if (allowing) {
                 /* Allow RSA by default */
                 haveRSA = 1;
-                haveRSAsig = 1;
+                haveSig |= SIG_RSA;
                 callInitSuites = 1;
                 ret = 1;
             }
@@ -24817,46 +26412,81 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
                 suites->suites[idx++] = cipher_names[i].cipherSuite;
                 /* The suites are either ECDSA, RSA, PSK, or Anon. The RSA
                  * suites don't necessarily have RSA in the name. */
-            #ifdef WOLFSSL_TLS13
+        #ifdef WOLFSSL_TLS13
                 if (cipher_names[i].cipherSuite0 == TLS13_BYTE ||
                          (cipher_names[i].cipherSuite0 == ECC_BYTE &&
                           (cipher_names[i].cipherSuite == TLS_SHA256_SHA256 ||
                            cipher_names[i].cipherSuite == TLS_SHA384_SHA384))) {
                 #ifndef NO_RSA
-                    haveRSAsig = 1;
+                    haveSig |= SIG_RSA;
                 #endif
                 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \
                                                              defined(HAVE_ED448)
-                    haveECDSAsig = 1;
+                    haveSig |= SIG_ECDSA;
                 #endif
                 #if defined(HAVE_PQC)
                 #ifdef HAVE_FALCON
-                    haveFalconSig = 1;
+                    haveSig |= SIG_FALCON;
                 #endif /* HAVE_FALCON */
                 #ifdef HAVE_DILITHIUM
-                    haveDilithiumSig = 1;
+                    haveSig |= SIG_DILITHIUM;
                 #endif /* HAVE_DILITHIUM */
                 #endif /* HAVE_PQC */
                 }
                 else
+            #ifdef BUILD_TLS_SM4_GCM_SM3
+                if ((cipher_names[i].cipherSuite0 == CIPHER_BYTE) &&
+                       (cipher_names[i].cipherSuite == TLS_SM4_GCM_SM3)) {
+                    haveSig |= SIG_SM2;
+                }
+                else
+            #endif
+            #ifdef BUILD_TLS_SM4_CCM_SM3
+                if ((cipher_names[i].cipherSuite0 == CIPHER_BYTE) &&
+                       (cipher_names[i].cipherSuite == TLS_SM4_CCM_SM3)) {
+                    haveSig |= SIG_SM2;
+                }
+                else
+            #endif
+        #endif /* WOLFSSL_TLS13 */
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+            (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+             defined(WOLFSSL_SM4_CCM))
+                if ((cipher_names[i].cipherSuite0 == SM_BYTE) && (0
+                #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+                     || (cipher_names[i].cipherSuite ==
+                            TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3)
+                #endif
+                #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+                     || (cipher_names[i].cipherSuite ==
+                            TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3)
+                #endif
+                #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+                     || (cipher_names[i].cipherSuite ==
+                            TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3)
+                #endif
+                    )) {
+                    haveSig |= SIG_SM2;
+                }
+                else
             #endif
             #if defined(HAVE_ECC) || defined(HAVE_ED25519) || \
                                                              defined(HAVE_ED448)
-                if ((haveECDSAsig == 0) && XSTRSTR(name, "ECDSA"))
-                    haveECDSAsig = 1;
+                if (XSTRSTR(name, "ECDSA"))
+                    haveSig |= SIG_ECDSA;
                 else
             #endif
             #ifdef HAVE_ANON
                 if (XSTRSTR(name, "ADH"))
-                    haveAnon = 1;
+                    haveSig |= SIG_ANON;
                 else
             #endif
-                if (haveRSAsig == 0
-                    #ifndef NO_PSK
-                        && (XSTRSTR(name, "PSK") == NULL)
-                    #endif
-                   ) {
-                    haveRSAsig = 1;
+            #ifndef NO_PSK
+                if (XSTRSTR(name, "PSK") == NULL)
+            #endif
+                {
+                    /* Fall back to RSA */
+                    haveSig |= SIG_RSA;
                 }
 
                 ret = 1; /* found at least one */
@@ -24873,17 +26503,18 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
     #endif
     #ifdef OPENSSL_EXTRA
         if (callInitSuites) {
-            byte tmp[WOLFSSL_MAX_SUITE_SZ];
-            XMEMCPY(tmp, suites->suites, idx); /* Store copy */
             suites->setSuites = 0; /* Force InitSuites */
             suites->hashSigAlgoSz = 0; /* Force InitSuitesHashSigAlgo call
                                         * inside InitSuites */
-            InitSuites(suites, ctx->method->version, keySz, haveRSA,
-                       havePSK, haveDH, haveECDSAsig,
-                       haveECC, haveStaticRSA,
-                       haveStaticECC, haveFalconSig,
-                       haveDilithiumSig, haveAnon,
-                       haveNull, ctx->method->side);
+            InitSuites(suites, ctx->method->version, keySz, (word16)haveRSA,
+                       (word16)havePSK, (word16)haveDH,
+                       (word16)((haveSig & SIG_ECDSA) != 0),
+                       (word16)haveECC, (word16)haveStaticRSA,
+                       (word16)haveStaticECC,
+                       (word16)((haveSig & SIG_FALCON) != 0),
+                       (word16)((haveSig & SIG_DILITHIUM) != 0),
+                       (word16)((haveSig & SIG_ANON) != 0),
+                       (word16)haveNull, ctx->method->side);
             /* Restore user ciphers ahead of defaults */
             XMEMMOVE(suites->suites + idx, suites->suites,
                     min(suites->suiteSz, WOLFSSL_MAX_SUITE_SZ-idx));
@@ -24893,10 +26524,22 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
     #endif
         {
             suites->suiteSz   = (word16)idx;
-            InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig,
-                                  haveFalconSig, haveDilithiumSig, haveAnon,
-                                  1, keySz);
+            InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
+                 &suites->hashSigAlgoSz);
         }
+
+#ifdef HAVE_RENEGOTIATION_INDICATION
+        if (ctx->method->side == WOLFSSL_CLIENT_END) {
+            if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
+                WOLFSSL_MSG("Too many ciphersuites");
+                return 0;
+            }
+            suites->suites[suites->suiteSz] = CIPHER_BYTE;
+            suites->suites[suites->suiteSz+1] =
+                TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
+            suites->suiteSz += 2;
+        }
+#endif
         suites->setSuites = 1;
     }
 
@@ -24973,8 +26616,10 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
          * suites don't necessarily have RSA in the name. */
     #ifdef WOLFSSL_TLS13
         if (firstByte == TLS13_BYTE || (firstByte == ECC_BYTE &&
-                                        (secondByte == TLS_SHA256_SHA256 ||
-                                         secondByte == TLS_SHA384_SHA384))) {
+             (secondByte == TLS_SHA256_SHA256 ||
+              secondByte == TLS_SHA384_SHA384)) ||
+            (firstByte == CIPHER_BYTE && (secondByte == TLS_SM4_GCM_SM3 ||
+              secondByte == TLS_SM4_CCM_SM3))) {
         #ifndef NO_RSA
             haveRSAsig = 1;
         #endif
@@ -25015,13 +26660,33 @@ int SetCipherListFromBytes(WOLFSSL_CTX* ctx, Suites* suites, const byte* list,
 
     if (ret) {
         int keySz = 0;
+        int haveSig = 0;
     #ifndef NO_CERTS
         keySz = ctx->privateKeySz;
     #endif
         suites->suiteSz = (word16)idx;
-        InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig,
-                              haveFalconSig, haveDilithiumSig, haveAnon, 1,
-                              keySz);
+        haveSig |= haveECDSAsig ? SIG_ECDSA : 0;
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        haveSig |= haveECDSAsig ? SIG_SM2 : 0;
+    #endif
+        haveSig |= haveRSAsig ? SIG_RSA : 0;
+        haveSig |= haveFalconSig ? SIG_FALCON : 0;
+        haveSig |= haveDilithiumSig ? SIG_DILITHIUM : 0;
+        haveSig |= haveAnon ? SIG_ANON : 0;
+        InitSuitesHashSigAlgo_ex2(suites->hashSigAlgo, haveSig, 1, keySz,
+            &suites->hashSigAlgoSz);
+#ifdef HAVE_RENEGOTIATION_INDICATION
+        if (ctx->method->side == WOLFSSL_CLIENT_END) {
+            if (suites->suiteSz > WOLFSSL_MAX_SUITE_SZ - 2) {
+                WOLFSSL_MSG("Too many ciphersuites");
+                return 0;
+            }
+            suites->suites[suites->suiteSz] = CIPHER_BYTE;
+            suites->suites[suites->suiteSz+1] =
+                TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
+            suites->suiteSz += 2;
+        }
+#endif
         suites->setSuites = 1;
     }
 
@@ -25050,6 +26715,9 @@ struct mac_algs {
 #ifdef WOLFSSL_SHA224
     { sha224_mac, "SHA224" },
 #endif
+#ifdef WOLFSSL_SM3
+    { sm3_mac,    "SM3" },
+#endif
 #if !defined(NO_SHA) && (!defined(NO_OLD_TLS) || \
                                                 defined(WOLFSSL_ALLOW_TLS_SHA1))
     { sha_mac,    "SHA1" },
@@ -25097,6 +26765,9 @@ struct sig_algs {
 #ifndef NO_DSA
     { dsa_sa_algo,     "DSA" },
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    { sm2_sa_algo,     "SM2" },
+#endif
 };
 #define SIG_NAMES_SZ    (int)(sizeof(sig_names)/sizeof(*sig_names))
 
@@ -25262,9 +26933,15 @@ static int CmpEccStrength(int hashAlgo, int curveSz)
 static byte MinHashAlgo(WOLFSSL* ssl)
 {
 #ifdef WOLFSSL_TLS13
+#ifndef NO_SHA256
     if (IsAtLeastTLSv1_3(ssl->version)) {
         return sha256_mac;
     }
+#elif defined(WOLFSSL_SM3)
+    if (IsAtLeastTLSv1_3(ssl->version)) {
+        return sm3_mac;
+    }
+#endif
 #endif
 #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_ALLOW_TLS_SHA1)
     if (IsAtLeastTLSv1_2(ssl)) {
@@ -25365,6 +27042,23 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
 
     #if defined(HAVE_ECC) && (defined(WOLFSSL_TLS13) || \
                                               defined(WOLFSSL_ECDSA_MATCH_HASH))
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        if (sigAlgo == sm2_sa_algo && hashAlgo == sm3_mac
+        #ifndef WOLFSSL_ECDSA_MATCH_HASH
+            && IsAtLeastTLSv1_3(ssl->version)
+        #endif
+           ) {
+            /* Must be exact match. */
+            if (CmpEccStrength(hashAlgo, ssl->buffers.keySz) != 0)
+                continue;
+            /* Matched SM2-SM3 - set chosen and finished. */
+            ssl->options.sigAlgo = sigAlgo;
+            ssl->options.hashAlgo = hashAlgo;
+            ret = 0;
+            break;
+        }
+        else
+    #endif
         if (sigAlgo == ecc_dsa_sa_algo
         #ifndef WOLFSSL_ECDSA_MATCH_HASH
             && IsAtLeastTLSv1_3(ssl->version)
@@ -25429,12 +27123,15 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
         #ifdef WOLFSSL_SHA512
             case sha512_mac:
         #endif
+        #ifdef WOLFSSL_SM3
+            case sm3_mac:
+        #endif
             #ifdef WOLFSSL_STRONGEST_HASH_SIG
                 /* Is hash algorithm weaker than chosen/min? */
                 if (hashAlgo < ssl->options.hashAlgo)
                     break;
             #else
-                /* Is hash algorithm stonger than last chosen? */
+                /* Is hash algorithm stronger than last chosen? */
                 if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
                     break;
             #endif
@@ -25456,6 +27153,9 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
                     #ifdef WOLFSSL_SHA512
                         && (hashAlgo != sha512_mac)
                     #endif
+                    #ifdef WOLFSSL_SM3
+                        && (hashAlgo != sm3_mac)
+                    #endif
                         )
                         {
                             break;
@@ -25620,7 +27320,7 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
             /* add data, put in buffer if bigger than static buffer */
             info->packets[info->numberPackets].valueSz = totalSz;
             if (totalSz < MAX_VALUE_SZ) {
-                XMEMCPY(info->packets[info->numberPackets].value, data + lateRL,
+                XMEMCPY(info->packets[info->numberPackets].value + lateRL, data,
                                sz);
             }
             else {
@@ -25772,7 +27472,7 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
             || wolfSSL_CTX_IsPrivatePkSet(ssl->ctx)
         #endif
         ) {
-            *length = GetPrivateKeySigSize(ssl);
+            *length = (word16)GetPrivateKeySigSize(ssl);
             return 0;
         }
         else
@@ -25906,7 +27606,11 @@ int DecodePrivateKey(WOLFSSL *ssl, word16* length)
     FreeKey(ssl, ssl->hsType, (void**)&ssl->hsKey);
 #endif /* !NO_RSA */
 
-    if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0) {
+    if (ssl->buffers.keyType == ecc_dsa_sa_algo || ssl->buffers.keyType == 0
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+         || ssl->buffers.keyType == sm2_sa_algo
+    #endif
+        ) {
         ssl->hsType = DYNAMIC_TYPE_ECC;
         ret = AllocKey(ssl, ssl->hsType, &ssl->hsKey);
         if (ret != 0) {
@@ -26245,6 +27949,43 @@ exit_dpk:
       ((defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) && \
        (defined(HAVE_ED25519) || defined(HAVE_ED448) || !defined(NO_RSA)))) || \
      (!defined(NO_DH) && (!defined(NO_RSA) || defined(HAVE_ANON))))
+/* Returns whether the signature algorithm requires caching of messages.
+ *
+ * @param [in] sigAlgo  Signature algorithm.
+ * @return  1 when caching required.
+ * @return  0 when caching not required.
+ */
+static int SigAlgoCachesMsgs(int sigAlgo)
+{
+    int ret;
+
+    (void)sigAlgo;
+
+#ifdef HAVE_ED25519
+    if (sigAlgo == ed25519_sa_algo) {
+        ret = 1;
+    }
+    else
+#endif
+#ifdef HAVE_ED448
+    if (sigAlgo == ed448_sa_algo) {
+        ret = 1;
+    }
+    else
+#endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if (sigAlgo == sm2_sa_algo) {
+        ret = 1;
+    }
+    else
+#endif
+    {
+        ret = 0;
+    }
+
+    return ret;
+}
+
 static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
     const byte* data, int sz, byte sigAlgo)
 {
@@ -26273,8 +28014,8 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
         /* message */
         XMEMCPY(&ssl->buffers.sig.buffer[RAN_LEN * 2], data, sz);
     }
-    if (ret == 0 && sigAlgo != ed25519_sa_algo && sigAlgo != ed448_sa_algo) {
-         ssl->buffers.digest.length = (unsigned int)digest_sz;
+    if (ret == 0 && !SigAlgoCachesMsgs(sigAlgo)) {
+        ssl->buffers.digest.length = (unsigned int)digest_sz;
 
         /* buffer for hash */
         if (!ssl->buffers.digest.buffer) {
@@ -26291,7 +28032,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
             ret = MEMORY_E;
         }
     }
-    if (ret == 0 && sigAlgo != ed25519_sa_algo && sigAlgo != ed448_sa_algo) {
+    if (ret == 0 && !SigAlgoCachesMsgs(sigAlgo)) {
         /* Perform hash. Only wc_Hash supports MD5_SHA1. */
         ret = wc_Hash(hashType, ssl->buffers.sig.buffer,
                                 ssl->buffers.sig.length,
@@ -26315,6 +28056,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
 /* client only parts */
 #ifndef NO_WOLFSSL_CLIENT
 
+    int HaveUniqueSessionObj(WOLFSSL* ssl)
+    {
+        if (ssl->session->ref.count > 1) {
+            WOLFSSL_SESSION* newSession = wolfSSL_SESSION_dup(ssl->session);
+            if (newSession == NULL) {
+                WOLFSSL_MSG("Session duplicate failed");
+                return 0;
+            }
+            wolfSSL_FreeSession(ssl->ctx, ssl->session);
+            ssl->session = newSession;
+        }
+        return 1;
+    }
+
 #ifndef WOLFSSL_NO_TLS12
 
     /* handle generation of client_hello (1) */
@@ -26332,13 +28087,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
             return BAD_FUNC_ARG;
         }
 
-        idSz = ssl->options.resuming ? ssl->session->sessionIDSz : 0;
-
 #ifdef WOLFSSL_TLS13
         if (IsAtLeastTLSv1_3(ssl->version))
             return SendTls13ClientHello(ssl);
 #endif
 
+#ifdef HAVE_SECURE_RENEGOTIATION
+        /* We don't want to resume in SCR */
+        if (IsSCR(ssl))
+            ssl->options.resuming = 0;
+#endif
+
+        idSz = ssl->options.resuming ? ssl->session->sessionIDSz : 0;
+
+
         WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND);
         WOLFSSL_ENTER("SendClientHello");
 
@@ -26653,9 +28415,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
 #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_TLS13)
         if (IsAtLeastTLSv1_3(ssl->version) && ssl->options.dtls) {
             /* we sent a TLSv1.3 ClientHello but received a
-             * HELLO_VERIFY_REQUEST */
+             * HELLO_VERIFY_REQUEST. We only check if DTLSv1_3_MINOR is the
+             * min downgrade option as per the server_version field comments in
+             * https://www.rfc-editor.org/rfc/rfc6347#section-4.2.1 */
             if (!ssl->options.downgrade ||
-                    ssl->options.minDowngrade < pv.minor)
+                    ssl->options.minDowngrade <= DTLSv1_3_MINOR)
                 return VERSION_ERROR;
         }
 #endif /* defined(WOLFSSL_DTLS13) && defined(WOLFSSL_TLS13) */
@@ -27145,6 +28909,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
         else {
             if (DSH_CheckSessionId(ssl)) {
                 if (SetCipherSpecs(ssl) == 0) {
+                    if (!HaveUniqueSessionObj(ssl)) {
+                        WOLFSSL_MSG("Unable to have unique session object");
+                        WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
+                        return MEMORY_ERROR;
+                    }
 
                     XMEMCPY(ssl->arrays->masterSecret,
                             ssl->session->masterSecret, SECRET_LEN);
@@ -27288,10 +29057,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
             return BUFFER_ERROR;
 
     #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
-        if (ssl->ca_names != ssl->ctx->ca_names)
-            wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
-        ssl->ca_names = wolfSSL_sk_X509_NAME_new(NULL);
-        if (ssl->ca_names == NULL) {
+        if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+            wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+        ssl->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+        if (ssl->client_ca_names == NULL) {
             return MEMORY_ERROR;
         }
     #endif
@@ -27327,7 +29096,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
                 ret = GetName(cert, SUBJECT, dnSz);
 
                 if (ret == 0) {
-                    if ((name = wolfSSL_X509_NAME_new()) == NULL)
+                    if ((name = wolfSSL_X509_NAME_new_ex(cert->heap)) == NULL)
                         ret = MEMORY_ERROR;
                 }
 
@@ -27336,7 +29105,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
                 }
 
                 if (ret == 0) {
-                    if (wolfSSL_sk_X509_NAME_push(ssl->ca_names, name)
+                    if (wolfSSL_sk_X509_NAME_push(ssl->client_ca_names, name)
                         == WOLFSSL_FAILURE)
                     {
                         ret = MEMORY_ERROR;
@@ -27469,6 +29238,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
         #ifdef HAVE_ECC_BRAINPOOL
             case WOLFSSL_ECC_BRAINPOOLP256R1: return ECC_BRAINPOOLP256R1_OID;
         #endif /* HAVE_ECC_BRAINPOOL */
+        #ifdef WOLFSSL_SM2
+            case WOLFSSL_ECC_SM2P256V1: return ECC_SM2P256V1_OID;
+        #endif /* WOLFSSL_SM2 */
     #endif
         #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448
             case WOLFSSL_ECC_X448: return ECC_X448_OID;
@@ -27819,7 +29591,7 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
     args = (DskeArgs*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_dske;
@@ -28293,6 +30065,13 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                         }
                         else
                     #endif
+                    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                        if (sigAlgo == sm2_sa_algo &&
+                                             args->sigAlgo == ecc_dsa_sa_algo) {
+                            args->sigAlgo = sigAlgo;
+                        }
+                        else
+                    #endif
                     #ifdef HAVE_ED25519
                         if (sigAlgo == ed25519_sa_algo &&
                                              args->sigAlgo == ecc_dsa_sa_algo) {
@@ -28363,6 +30142,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                         }
                     #endif /* !NO_RSA */
                     #ifdef HAVE_ECC
+                    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                        case sm2_sa_algo:
+                    #endif
                         case ecc_dsa_sa_algo:
                         {
                             if (!ssl->peerEccDsaKeyPresent) {
@@ -28484,6 +30266,9 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                         }
                     #endif /* !NO_RSA */
                     #ifdef HAVE_ECC
+                    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                        case sm2_sa_algo:
+                    #endif
                         case ecc_dsa_sa_algo:
                         {
                             ret = NOT_COMPILED_IN;
@@ -28498,17 +30283,36 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                             }
                         #endif /* HAVE_PK_CALLBACKS */
                             if (ret == NOT_COMPILED_IN) {
-                                ret = EccVerify(ssl,
-                                    args->verifySig, args->verifySigSz,
-                                    ssl->buffers.digest.buffer,
-                                    ssl->buffers.digest.length,
-                                    ssl->peerEccDsaKey,
-                                #ifdef HAVE_PK_CALLBACKS
-                                    &ssl->buffers.peerEccDsaKey
-                                #else
-                                    NULL
-                                #endif
-                                );
+                            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                                if (args->sigAlgo == sm2_sa_algo) {
+                                    ret = Sm2wSm3Verify(ssl,
+                                        TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                                        args->verifySig, args->verifySigSz,
+                                        ssl->buffers.sig.buffer,
+                                        ssl->buffers.sig.length,
+                                        ssl->peerEccDsaKey,
+                                    #ifdef HAVE_PK_CALLBACKS
+                                        &ssl->buffers.peerEccDsaKey
+                                    #else
+                                        NULL
+                                    #endif
+                                    );
+                                }
+                                else
+                            #endif
+                                {
+                                    ret = EccVerify(ssl,
+                                        args->verifySig, args->verifySigSz,
+                                        ssl->buffers.digest.buffer,
+                                        ssl->buffers.digest.length,
+                                        ssl->peerEccDsaKey,
+                                    #ifdef HAVE_PK_CALLBACKS
+                                        &ssl->buffers.peerEccDsaKey
+                                    #else
+                                        NULL
+                                    #endif
+                                    );
+                                }
                             }
 
                         #ifdef WOLFSSL_ASYNC_CRYPT
@@ -28661,8 +30465,8 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                     #endif
                         case rsa_sa_algo:
                         {
-                            #if (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-                                defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)) || \
+                            #if (defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+                                defined(WOLFSSL_RENESAS_FSPSM_ECC)) || \
                                 defined(WOLFSSL_RENESAS_TSIP_TLS)
                             /* already checked signature result by SCE */
                             /* skip the sign checks below              */
@@ -28720,6 +30524,11 @@ static int DoServerKeyExchange(WOLFSSL* ssl, const byte* input,
                             /* Nothing to do in this algo */
                             break;
                     #endif /* HAVE_ECC */
+                    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                        case sm2_sa_algo:
+                            /* Nothing to do in this algo */
+                            break;
+                    #endif /* WOLFSSL_SM2 && WOLFSSL_SM3 */
                     #if defined(HAVE_ED25519)
                         case ed25519_sa_algo:
                             /* Nothing to do in this algo */
@@ -28865,7 +30674,7 @@ int SendClientKeyExchange(WOLFSSL* ssl)
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_scke;
@@ -30134,7 +31943,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
     if (ssl->error != WC_PENDING_E ||
             ssl->options.asyncState != TLS_ASYNC_END)
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_scv;
@@ -30195,7 +32004,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
             if (ssl->buffers.key == NULL) {
             #ifdef HAVE_PK_CALLBACKS
                 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
-                    args->length = GetPrivateKeySigSize(ssl);
+                    args->length = (word16)GetPrivateKeySigSize(ssl);
                 else
             #endif
                     ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
@@ -30260,7 +32069,15 @@ int SendCertificateVerify(WOLFSSL* ssl)
                     args->sigAlgo = rsa_sa_algo;
             }
             else if (ssl->hsType == DYNAMIC_TYPE_ECC)
-                args->sigAlgo = ecc_dsa_sa_algo;
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (ssl->buffers.keyType == sm2_sa_algo) {
+                    args->sigAlgo = sm2_sa_algo;
+                }
+                else
+        #endif
+                {
+                    args->sigAlgo = ecc_dsa_sa_algo;
+                }
             else if (ssl->hsType == DYNAMIC_TYPE_ED25519)
                 args->sigAlgo = ed25519_sa_algo;
             else if (ssl->hsType == DYNAMIC_TYPE_ED448)
@@ -30334,17 +32151,36 @@ int SendCertificateVerify(WOLFSSL* ssl)
             if (ssl->hsType == DYNAMIC_TYPE_ECC) {
                 ecc_key* key = (ecc_key*)ssl->hsKey;
 
-                ret = EccSign(ssl,
-                    ssl->buffers.digest.buffer, ssl->buffers.digest.length,
-                    ssl->buffers.sig.buffer,
-                    (word32*)&ssl->buffers.sig.length,
-                    key,
-            #ifdef HAVE_PK_CALLBACKS
-                    ssl->buffers.key
-            #else
-                    NULL
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (args->sigAlgo == sm2_sa_algo) {
+                    ret = Sm2wSm3Sign(ssl,
+                        TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                        ssl->hsHashes->messages, ssl->hsHashes->length,
+                        ssl->buffers.sig.buffer,
+                        (word32*)&ssl->buffers.sig.length,
+                        key,
+                #ifdef HAVE_PK_CALLBACKS
+                        ssl->buffers.key
+                #else
+                        NULL
+                #endif
+                    );
+                }
+                else
             #endif
-                );
+                {
+                    ret = EccSign(ssl,
+                        ssl->buffers.digest.buffer, ssl->buffers.digest.length,
+                        ssl->buffers.sig.buffer,
+                        (word32*)&ssl->buffers.sig.length,
+                        key,
+                #ifdef HAVE_PK_CALLBACKS
+                        ssl->buffers.key
+                #else
+                        NULL
+                #endif
+                    );
+                }
             }
         #endif /* HAVE_ECC */
         #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)
@@ -30418,16 +32254,34 @@ int SendCertificateVerify(WOLFSSL* ssl)
                 {
                     ecc_key* key = (ecc_key*)ssl->hsKey;
 
-                    ret = EccVerify(ssl,
-                        ssl->buffers.sig.buffer, ssl->buffers.sig.length,
-                        ssl->buffers.digest.buffer, ssl->buffers.digest.length,
-                        key,
-                    #ifdef HAVE_PK_CALLBACKS
-                        ssl->buffers.key
-                    #else
-                        NULL
-                    #endif
-                    );
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                    if (ssl->buffers.keyType == sm2_sa_algo) {
+                        ret = Sm3wSm2Verify(ssl,
+                            TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                            ssl->buffers.sig.buffer, ssl->buffers.sig.length,
+                            ssl->buffers.digest.buffer,
+                            ssl->buffers.digest.length, key,
+                        #ifdef HAVE_PK_CALLBACKS
+                            ssl->buffers.key
+                        #else
+                            NULL
+                        #endif
+                        );
+                    }
+                    else
+                #endif
+                    {
+                        ret = EccVerify(ssl,
+                            ssl->buffers.sig.buffer, ssl->buffers.sig.length,
+                            ssl->buffers.digest.buffer,
+                            ssl->buffers.digest.length, key,
+                        #ifdef HAVE_PK_CALLBACKS
+                            ssl->buffers.key
+                        #else
+                            NULL
+                        #endif
+                        );
+                    }
                     if (ret != 0) {
                         WOLFSSL_MSG("Failed to verify ECC signature");
                         goto exit_scv;
@@ -30575,6 +32429,9 @@ exit_scv:
 #ifdef HAVE_SESSION_TICKET
 int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
 {
+    if (!HaveUniqueSessionObj(ssl))
+        return MEMORY_ERROR;
+
     /* Free old dynamic ticket if we already had one */
     if (ssl->session->ticketLenAlloc > 0) {
         XFREE(ssl->session->ticket, ssl->heap, DYNAMIC_TYPE_SESSION_TICK);
@@ -30780,6 +32637,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             case ECC_BRAINPOOLP256R1_OID:
                 return WOLFSSL_ECC_BRAINPOOLP256R1;
         #endif /* HAVE_ECC_BRAINPOOL */
+        #ifdef WOLFSSL_SM2
+            case ECC_SM2P256V1_OID:
+                return WOLFSSL_ECC_SM2P256V1;
+        #endif /* WOLFSSL_SM2 */
     #endif
     #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
         #ifndef NO_ECC_SECP
@@ -31173,7 +33034,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         args = (SskeArgs*)ssl->async->args;
     #ifdef WOLFSSL_ASYNC_CRYPT
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* Check for error */
             if (ret < 0)
                 goto exit_sske;
@@ -31467,6 +33328,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                     ssl->eccTempKeyPresent =
                                         DYNAMIC_TYPE_CURVE25519;
                                 }
+                                else {
+                                    FreeKey(ssl, DYNAMIC_TYPE_CURVE25519,
+                                    (void**)&ssl->eccTempKey);
+                                }
                             }
                             break;
                         }
@@ -31490,6 +33355,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                     ssl->eccTempKeyPresent =
                                         DYNAMIC_TYPE_CURVE448;
                                 }
+                                else {
+                                    FreeKey(ssl, DYNAMIC_TYPE_CURVE448,
+                                    (void**)&ssl->eccTempKey);
+                                }
                             }
                             break;
                         }
@@ -31861,6 +33730,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             }
                         #endif /* !NO_RSA */
                         #ifdef HAVE_ECC
+                        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                            case sm2_sa_algo:
+                        #endif
                             case ecc_dsa_sa_algo:
                             {
                                 word16 keySz;
@@ -32053,6 +33925,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                 break;
                         #endif
                         #endif /* !NO_RSA */
+                        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                            case sm2_sa_algo:
+                        #endif
                             case ecc_dsa_sa_algo:
                             {
                                 break;
@@ -32102,7 +33977,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             if (ssl->buffers.key == NULL) {
                             #ifdef HAVE_PK_CALLBACKS
                                 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
-                                    keySz = (word32)GetPrivateKeySigSize(ssl);
+                                    keySz = (word16)GetPrivateKeySigSize(ssl);
                                 else
                             #endif
                                     ERROR_OUT(NO_PRIVATE_KEY, exit_sske);
@@ -32332,6 +34207,27 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             }
                         #endif /* !NO_RSA */
                         #ifdef HAVE_ECC
+                        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                            case sm2_sa_algo:
+                            {
+                                ecc_key* key = (ecc_key*)ssl->hsKey;
+
+                                ret = Sm2wSm3Sign(ssl,
+                                    TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                                    ssl->buffers.sig.buffer,
+                                    ssl->buffers.sig.length,
+                                    args->output + LENGTH_SZ + args->idx,
+                                    &args->sigSz,
+                                    key,
+                            #ifdef HAVE_PK_CALLBACKS
+                                    ssl->buffers.key
+                            #else
+                                    NULL
+                            #endif
+                                );
+                                break;
+                            }
+                        #endif
                             case ecc_dsa_sa_algo:
                             {
                                 ecc_key* key = (ecc_key*)ssl->hsKey;
@@ -32513,23 +34409,46 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                 break;
                             }
                         #endif
+                        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                            case sm2_sa_algo:
+                        #endif /* WOLFSSL_SM2 */
                             case ecc_dsa_sa_algo:
                         #ifdef WOLFSSL_CHECK_SIG_FAULTS
                             {
                                 ecc_key* key = (ecc_key*)ssl->hsKey;
 
-                                ret = EccVerify(ssl,
-                                    args->output + LENGTH_SZ + args->idx,
-                                    args->sigSz,
-                                    ssl->buffers.digest.buffer,
-                                    ssl->buffers.digest.length,
-                                    key,
-                                #ifdef HAVE_PK_CALLBACKS
-                                    ssl->buffers.key
-                                #else
-                                    NULL
-                                #endif
-                                );
+                            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                                if (ssl->options.sigAlgo == sm2_sa_algo) {
+                                    ret = Sm2wSm3Verify(ssl,
+                                        TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                                        args->output + LENGTH_SZ + args->idx,
+                                        args->sigSz,
+                                        ssl->buffers.sig.buffer,
+                                        ssl->buffers.sig.length,
+                                        key,
+                                    #ifdef HAVE_PK_CALLBACKS
+                                        ssl->buffers.key
+                                    #else
+                                        NULL
+                                    #endif
+                                    );
+                                }
+                                else
+                            #endif /* WOLFSSL_SM2 */
+                                {
+                                    ret = EccVerify(ssl,
+                                        args->output + LENGTH_SZ + args->idx,
+                                        args->sigSz,
+                                        ssl->buffers.digest.buffer,
+                                        ssl->buffers.digest.length,
+                                        key,
+                                    #ifdef HAVE_PK_CALLBACKS
+                                        ssl->buffers.key
+                                    #else
+                                        NULL
+                                    #endif
+                                    );
+                                }
                                 if (ret != 0) {
                                     WOLFSSL_MSG(
                                         "Failed to verify ECC signature");
@@ -32826,16 +34745,23 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                                       ssl->options.side == WOLFSSL_SERVER_END) {
     #ifdef HAVE_SUPPORTED_CURVES
             byte searched = 0;
-            int ret = TLSX_KeyShare_Choose(ssl, extensions, &cs->clientKSE,
-                                           &searched);
+            int ret = TLSX_KeyShare_Choose(ssl, extensions, first, second,
+                                           &cs->clientKSE, &searched);
 
             if (ret == MEMORY_E) {
                 WOLFSSL_MSG("TLSX_KeyShare_Choose() failed in "
                             "VerifyServerSuite() with MEMORY_E");
                 return 0;
             }
-            if (cs->clientKSE == NULL && searched)
+            if (cs->clientKSE == NULL && searched) {
+            #ifdef WOLFSSL_SEND_HRR_COOKIE
+                /* If the CH contains a cookie then we need to send an alert to
+                 * start from scratch. */
+                if (TLSX_Find(extensions, TLSX_COOKIE) != NULL)
+                    return INVALID_PARAMETER;
+            #endif
                 cs->doHelloRetry = 1;
+            }
         #ifdef WOLFSSL_ASYNC_CRYPT
             if (ret == WC_PENDING_E)
                 return ret;
@@ -32844,8 +34770,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                 return 0; /* not found */
     #endif /* HAVE_SUPPORTED_CURVES */
         }
-        else if (first == TLS13_BYTE || (first == ECC_BYTE &&
-                (second == TLS_SHA256_SHA256 || second == TLS_SHA384_SHA384))) {
+        else if ((first == TLS13_BYTE) || ((first == ECC_BYTE) &&
+                 ((second == TLS_SHA256_SHA256) ||
+                  (second == TLS_SHA384_SHA384))) ||
+                 ((first == CIPHER_BYTE) && ((second == TLS_SM4_GCM_SM3) ||
+                  (second == TLS_SM4_CCM_SM3)))) {
             /* Can't negotiate TLS 1.3 cipher suites with lower protocol
              * version. */
             return 0;
@@ -32956,6 +34885,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
 #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
         if (cs.doHelloRetry) {
+            /* Make sure we don't send HRR twice */
+            if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
+                return INVALID_PARAMETER;
             ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
             return TLSX_KeyShare_SetSupported(ssl, &ssl->extensions);
         }
@@ -33195,19 +35127,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
      *  session ticket validation check in TLS1.2 and below, define
      *  WOLFSSL_NO_TICKET_EXPIRE.
      */
-    int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites)
+    int HandleTlsResumption(WOLFSSL* ssl, Suites* clSuites)
     {
         int ret = 0;
         WOLFSSL_SESSION* session;
-        (void)bogusID;
     #ifdef HAVE_SESSION_TICKET
         if (ssl->options.useTicket == 1) {
             session = ssl->session;
         }
-        else if (bogusID == 1 && ssl->options.rejectTicket == 0) {
-            WOLFSSL_MSG("Bogus session ID without session ticket");
-            return BUFFER_ERROR;
-        }
         else
     #endif
         {
@@ -33218,14 +35145,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             ssl->options.resuming = 0;
             return ret;
         }
-#if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_TICKET_EXPIRE) && \
-                                    !defined(NO_ASN_TIME)
+#if !defined(WOLFSSL_NO_TICKET_EXPIRE) && !defined(NO_ASN_TIME)
         /* check if the ticket is valid */
         if (LowResTimer() > session->bornOn + ssl->timeout) {
-            WOLFSSL_MSG("Expired session ticket, fall back to full handshake.");
+            WOLFSSL_MSG("Expired session, fall back to full handshake.");
             ssl->options.resuming = 0;
         }
-#endif /* HAVE_SESSION_TICKET && !WOLFSSL_NO_TICKET_EXPIRE && !NO_ASN_TIME */
+#endif /* !WOLFSSL_NO_TICKET_EXPIRE && !NO_ASN_TIME */
 
         else if (session->haveEMS != ssl->options.haveEMS) {
             /* RFC 7627, 5.3, server-side */
@@ -33316,7 +35242,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                              word32 helloSz)
     {
         byte            b;
-        byte            bogusID = 0;   /* flag for a bogus session id */
         ProtocolVersion pv;
 #ifdef WOLFSSL_SMALL_STACK
         Suites*         clSuites = NULL;
@@ -33340,9 +35265,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #ifdef WOLFSSL_DTLS
         /* Update the ssl->options.dtlsStateful setting `if` statement in
          * wolfSSL_accept when changing this one. */
-        if (IsDtlsNotSctpMode(ssl) && IsDtlsNotSrtpMode(ssl) && !IsSCR(ssl)) {
+        if (IsDtlsNotSctpMode(ssl) && IsDtlsNotSrtpMode(ssl) && !IsSCR(ssl) &&
+                !ssl->options.dtlsStateful) {
             DtlsSetSeqNumForReply(ssl);
-            ret = DoClientHelloStateless(ssl, input, inOutIdx, helloSz);
+            ret = DoClientHelloStateless(ssl, input + *inOutIdx, helloSz, 0,
+                    NULL);
             if (ret != 0 || !ssl->options.dtlsStateful) {
                 int alertType = TranslateErrorToAlert(ret);
                 if (alertType != invalid_alert) {
@@ -33359,10 +35286,22 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                     ret = 0;
                 return ret;
             }
+            if (ssl->chGoodCb != NULL) {
+                int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+                if (cbret < 0) {
+                    ssl->error = cbret;
+                    WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+                    return WOLFSSL_FATAL_ERROR;
+                }
+            }
         }
         ssl->options.dtlsStateful = 1;
 #endif /* WOLFSSL_DTLS */
 
+        /* Reset to sane value for SCR */
+        ssl->options.resuming = 0;
+        ssl->arrays->sessionIDSz = 0;
+
         /* protocol version, random and session id length check */
         if (OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz)
             return BUFFER_ERROR;
@@ -33498,6 +35437,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                 WOLFSSL_OP_NO_SSLv3) {
                 WOLFSSL_MSG("\tError, option set to not allow SSLv3");
                 ret = VERSION_ERROR;
+#ifdef WOLFSSL_EXTRA_ALERTS
+                SendAlert(ssl, alert_fatal, wolfssl_alert_protocol_version);
+#endif
                 goto out;
             }
 
@@ -33551,31 +35493,26 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
         /* session id */
         b = input[i++];
-
-#ifdef HAVE_SESSION_TICKET
-        if (b > 0 && b < ID_LEN) {
-            bogusID = 1;
-            WOLFSSL_MSG("Client sent bogus session id, let's allow for echo");
+        if (b > ID_LEN) {
+            WOLFSSL_MSG("Invalid session ID size");
+            ret = BUFFER_ERROR; /* session ID greater than 32 bytes long */
+            goto out;
         }
-#endif
-
-        if (b == ID_LEN || bogusID) {
+        else if (b > 0 && !IsSCR(ssl)) {
             if ((i - begin) + b > helloSz) {
                 ret = BUFFER_ERROR;
                 goto out;
             }
 
+            /* Always save session ID in case we want to echo it. */
             XMEMCPY(ssl->arrays->sessionID, input + i, b);
             ssl->arrays->sessionIDSz = b;
-            i += b;
-            ssl->options.resuming = 1; /* client wants to resume */
+
+            if (b == ID_LEN)
+                ssl->options.resuming = 1; /* client wants to resume */
             WOLFSSL_MSG("Client wants to resume session");
         }
-        else if (b) {
-            WOLFSSL_MSG("Invalid session ID size");
-            ret = BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */
-            goto out;
-        }
+        i += b;
 
 #ifdef WOLFSSL_DTLS
             /* cookie */
@@ -33854,7 +35791,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
         /* ProcessOld uses same resume code */
         if (ssl->options.resuming) {
-            ret = HandleTlsResumption(ssl, bogusID, clSuites);
+            ret = HandleTlsResumption(ssl, clSuites);
             if (ret != 0)
                 goto out;
 
@@ -33890,6 +35827,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #endif
 
 #ifdef OPENSSL_EXTRA
+        ssl->clSuites = clSuites;
         /* Give user last chance to provide a cert for cipher selection */
         if (ret == 0 && ssl->ctx->certSetupCb != NULL)
             ret = CertSetupCbWrapper(ssl);
@@ -33913,7 +35851,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #endif
 
     out:
-
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
+        ssl->clSuites = NULL;
+#endif
 #ifdef WOLFSSL_SMALL_STACK
         if (clSuites != NULL)
             XFREE(clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
@@ -33977,7 +35917,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         args = (DcvArgs*)ssl->async->args;
 
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* Check for error */
             if (ret < 0)
                 goto exit_dcv;
@@ -34030,8 +35970,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                     args->sigAlgo = rsa_sa_algo;
             #endif
             #ifdef HAVE_ECC
-                else if (ssl->peerEccDsaKeyPresent)
-                    args->sigAlgo = ecc_dsa_sa_algo;
+                else if (ssl->peerEccDsaKeyPresent) {
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                    if (ssl->peerEccDsaKey->dp->id == ECC_SM2P256V1) {
+                        args->sigAlgo = sm2_sa_algo;
+                    }
+                    else
+                #endif
+                    {
+                        args->sigAlgo = ecc_dsa_sa_algo;
+                    }
+                }
             #endif
             #if defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)
                 else if (ssl->peerEd25519KeyPresent)
@@ -34064,6 +36013,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                     SetDigest(ssl, sha_mac);
                 #elif !defined(NO_SHA256)
                     SetDigest(ssl, sha256_mac);
+                #elif defined(WOLFSSL_SM3)
+                    SetDigest(ssl, sm3_mac);
                 #elif defined(WOLFSSL_SHA384)
                     SetDigest(ssl, sha384_mac);
                 #elif defined(WOLFSSL_SHA512)
@@ -34073,7 +36024,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                 #endif
 
                     if (IsAtLeastTLSv1_2(ssl)) {
-                        if (args->sigAlgo != ecc_dsa_sa_algo) {
+                        if (args->sigAlgo != ecc_dsa_sa_algo
+                        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                            && args->sigAlgo != sm2_sa_algo
+                        #endif
+                            ) {
                             WOLFSSL_MSG("Oops, peer sent ECC key but not in verify");
                         }
 
@@ -34140,16 +36095,35 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                 if (ssl->peerEccDsaKeyPresent) {
                     WOLFSSL_MSG("Doing ECC peer cert verify");
 
-                    ret = EccVerify(ssl,
-                        input + args->idx, args->sz,
-                        ssl->buffers.digest.buffer, ssl->buffers.digest.length,
-                        ssl->peerEccDsaKey,
-                    #ifdef HAVE_PK_CALLBACKS
-                        &ssl->buffers.peerEccDsaKey
-                    #else
-                        NULL
-                    #endif
-                    );
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                    if (args->sigAlgo == sm2_sa_algo) {
+                        ret = Sm2wSm3Verify(ssl,
+                            TLS12_SM2_SIG_ID, TLS12_SM2_SIG_ID_SZ,
+                            input + args->idx, args->sz,
+                            ssl->hsHashes->messages, ssl->hsHashes->prevLen,
+                            ssl->peerEccDsaKey,
+                        #ifdef HAVE_PK_CALLBACKS
+                            &ssl->buffers.peerEccDsaKey
+                        #else
+                            NULL
+                        #endif
+                        );
+                    }
+                    else
+                #endif
+                    {
+                        ret = EccVerify(ssl,
+                            input + args->idx, args->sz,
+                            ssl->buffers.digest.buffer,
+                            ssl->buffers.digest.length,
+                            ssl->peerEccDsaKey,
+                        #ifdef HAVE_PK_CALLBACKS
+                            &ssl->buffers.peerEccDsaKey
+                        #else
+                            NULL
+                        #endif
+                        );
+                    }
                     /* SERVER: Data verified with certificate's public key. */
                     ssl->options.peerAuthGood = ssl->options.havePeerCert &&
                                                 (ret == 0);
@@ -34478,7 +36452,61 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
 #ifdef HAVE_SESSION_TICKET
 
-    /* create a new session ticket, 0 on success */
+#ifdef WOLFSSL_TICKET_HAVE_ID
+    static void GetRealSessionID(WOLFSSL* ssl, const byte** id, byte* idSz)
+    {
+        if (ssl->session->haveAltSessionID) {
+            *id = ssl->session->altSessionID;
+            *idSz = ID_LEN;
+        }
+        else if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
+            *id = ssl->arrays->sessionID;
+            *idSz = ssl->arrays->sessionIDSz;
+        }
+        else {
+            *id = ssl->session->sessionID;
+            *idSz = ssl->session->sessionIDSz;
+        }
+    }
+#endif
+
+    int SetupTicket(WOLFSSL* ssl)
+    {
+        int ret = 0;
+
+        (void)ssl;
+
+#ifdef WOLFSSL_TLS13
+        {
+            /* Client adds to ticket age to obfuscate. */
+            byte ageAdd[AGEADD_LEN]; /* Obfuscation of age */
+            ret = wc_RNG_GenerateBlock(ssl->rng, ageAdd, AGEADD_LEN);
+            if (ret != 0)
+                return ret;
+            ato32(ageAdd, &ssl->session->ticketAdd);
+        }
+#endif
+
+#ifdef WOLFSSL_TICKET_HAVE_ID
+        {
+            const byte* id = NULL;
+            byte idSz = 0;
+
+            GetRealSessionID(ssl, &id, &idSz);
+            if (idSz == 0) {
+                ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
+                                           ID_LEN);
+                if (ret != 0)
+                    return ret;
+                ssl->session->haveAltSessionID = 1;
+            }
+        }
+#endif
+        return ret;
+    }
+
+    /* create a new session ticket, 0 on success
+     * Do any kind of setup in SetupTicket */
     int CreateTicket(WOLFSSL* ssl)
     {
         InternalTicket* it;
@@ -34521,6 +36549,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     #endif
 
         if (!ssl->options.tls1_3) {
+            if (ssl->arrays == NULL) {
+                WOLFSSL_MSG("CreateTicket called with null arrays");
+                ret = BAD_FUNC_ARG;
+                goto error;
+            }
             XMEMCPY(it->msecret, ssl->arrays->masterSecret, SECRET_LEN);
 #ifndef NO_ASN_TIME
             c32toa(LowResTimer(), it->timestamp);
@@ -34539,14 +36572,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                 goto error;
             }
 
-            /* Client adds to ticket age to obfuscate. */
-            ret = wc_RNG_GenerateBlock(ssl->rng, it->ageAdd,
-                                       sizeof(it->ageAdd));
-            if (ret != 0) {
-                ret = BAD_TICKET_ENCRYPT;
-                goto error;
-            }
-            ato32(it->ageAdd, &ssl->session->ticketAdd);
+            c32toa(ssl->session->ticketAdd, it->ageAdd);
             c16toa(ssl->session->namedGroup, it->namedGroup);
         #ifdef WOLFSSL_32BIT_MILLI_TIME
             c32toa(now, it->timestamp);
@@ -34567,31 +36593,16 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #endif
         }
 
+#ifdef OPENSSL_EXTRA
+        it->sessionCtxSz = ssl->sessionCtxSz;
+        XMEMCPY(it->sessionCtx, ssl->sessionCtx, ID_LEN);
+#endif
+
 #ifdef WOLFSSL_TICKET_HAVE_ID
         {
             const byte* id = NULL;
             byte idSz = 0;
-            if (ssl->session->haveAltSessionID) {
-                id = ssl->session->altSessionID;
-                idSz = ID_LEN;
-            }
-            else if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
-                id = ssl->arrays->sessionID;
-                idSz = ssl->arrays->sessionIDSz;
-            }
-            else {
-                id = ssl->session->sessionID;
-                idSz = ssl->session->sessionIDSz;
-            }
-            if (idSz == 0) {
-                ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
-                                           ID_LEN);
-                if (ret != 0)
-                    goto error;
-                ssl->session->haveAltSessionID = 1;
-                id = ssl->session->altSessionID;
-                idSz = ID_LEN;
-            }
+            GetRealSessionID(ssl, &id, &idSz);
             /* make sure idSz is not larger than ID_LEN */
             if (idSz > ID_LEN)
                 idSz = ID_LEN;
@@ -34619,7 +36630,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             if (error == 0) {
                 ret = ssl->ctx->ticketEncCb(ssl, et->key_name, et->iv, et->mac,
                         1, et->enc_ticket, sizeof(InternalTicket), &encLen,
-                        ssl->ctx->ticketEncCtx);
+                        SSL_TICKET_CTX(ssl));
             }
             else {
                 ret = WOLFSSL_TICKET_RET_FATAL;
@@ -34744,7 +36755,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             ret = ssl->ctx->ticketEncCb((WOLFSSL*)ssl, et->key_name, et->iv,
                                     et->enc_ticket + inLen, 0,
                                     et->enc_ticket, inLen, &outLen,
-                                    ssl->ctx->ticketEncCtx);
+                                    SSL_TICKET_CTX(ssl));
         }
         if (ret != WOLFSSL_TICKET_RET_OK) {
         #ifdef WOLFSSL_ASYNC_CRYPT
@@ -34867,6 +36878,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         if (!FindSuiteSSL(ssl, psk->it->suite))
             return -1;
 #endif
+#ifdef OPENSSL_EXTRA
+        if (ssl->sessionCtxSz > 0 &&
+               (psk->it->sessionCtxSz != ssl->sessionCtxSz ||
+                XMEMCMP(psk->it->sessionCtx, ssl->sessionCtx,
+                        ssl->sessionCtxSz) != 0))
+            return -1;
+#endif
         return 0;
     }
 #endif /* WOLFSSL_SLT13 */
@@ -34999,6 +37017,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         else
             XMEMCPY(it->id, sess->sessionID, ID_LEN);
 #endif
+#ifdef OPENSSL_EXTRA
+        it->sessionCtxSz = sess->sessionCtxSz;
+        XMEMCPY(it->sessionCtx, sess->sessionCtx, sess->sessionCtxSz);
+#endif
     }
 
 
@@ -35104,6 +37126,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             break;
         default:
             psk->decryptRet = PSK_DECRYPT_FAIL;
+            WOLFSSL_LEAVE("DoClientTicket_ex", decryptRet);
             return decryptRet;
         }
 #ifdef WOLFSSL_CHECK_MEM_ZERO
@@ -35119,8 +37142,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #ifdef WOLFSSL_CHECK_MEM_ZERO
             wc_MemZero_Check(psk->it, sizeof(InternalTicket));
 #endif
+            WOLFSSL_LEAVE("DoClientTicket_ex", ret);
             return ret;
         }
+        WOLFSSL_LEAVE("DoClientTicket_ex", decryptRet);
         return decryptRet;
     }
 #endif /* WOLFSL_TLS13 */
@@ -35130,7 +37155,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     {
         int decryptRet = WOLFSSL_TICKET_RET_REJECT;
         int ret;
-        InternalTicket* it;
+        InternalTicket* it = NULL;
 #ifdef WOLFSSL_TLS13
         InternalTicket staticIt;
         const WOLFSSL_SESSION* sess = NULL;
@@ -35223,6 +37248,9 @@ cleanup:
         WOLFSSL_ENTER("SendTicket");
 
         if (ssl->options.createTicket) {
+            ret = SetupTicket(ssl);
+            if (ret != 0)
+                return ret;
             ret = CreateTicket(ssl);
             if (ret != 0)
                 return ret;
@@ -35525,6 +37553,75 @@ static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz,
 
     return ret;
 }
+#elif defined(WOLFSSL_SM4_GCM)
+/* Ticket encryption/decryption implementation.
+ *
+ * @param [in]   key     Key for encryption/decryption.
+ * @param [in]   keyLen  Length of key in bytes.
+ * @param [in]   iv      IV/Nonce for encryption/decryption.
+ * @param [in]   aad     Additional authentication data.
+ * @param [in]   aadSz   Length of additional authentication data.
+ * @param [in]   in      Data to encrypt/decrypt.
+ * @param [in]   inLen   Length of encrypted data.
+ * @param [out]  out     Resulting data from encrypt/decrypt.
+ * @param [out]  outLen  Size of resulting data.
+ * @param [in]   tag     Authentication tag for encrypted data.
+ * @param [in]   heap    Dynamic memory allocation data hint.
+ * @param [in]   enc     1 when encrypting, 0 when decrypting.
+ * @return  0 on success.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  Other value when encryption/decryption fails.
+ */
+static int TicketEncDec(byte* key, int keyLen, byte* iv, byte* aad, int aadSz,
+                        byte* in, int inLen, byte* out, int* outLen, byte* tag,
+                        void* heap, int enc)
+{
+    int ret;
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sm4* sm4;
+#else
+    wc_Sm4 sm4[1];
+#endif
+
+    (void)heap;
+
+#ifdef WOLFSSL_SMALL_STACK
+    sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sm4 == NULL)
+        return MEMORY_E;
+#endif
+
+    if (enc) {
+        ret = wc_Sm4Init(sm4, NULL, INVALID_DEVID);
+        if (ret == 0) {
+            ret = wc_Sm4GcmSetKey(sm4, key, keyLen);
+        }
+        if (ret == 0) {
+            ret = wc_Sm4GcmEncrypt(sm4, in, out, inLen, iv, GCM_NONCE_MID_SZ,
+                                   tag, SM4_BLOCK_SIZE, aad, aadSz);
+        }
+        wc_Sm4Free(sm4);
+    }
+    else {
+        ret = wc_Sm4Init(sm4, NULL, INVALID_DEVID);
+        if (ret == 0) {
+            ret = wc_Sm4GcmSetKey(sm4, key, keyLen);
+        }
+        if (ret == 0) {
+            ret = wc_Sm4GcmDecrypt(sm4, in, out, inLen, iv, GCM_NONCE_MID_SZ,
+                                   tag, SM$_BLOCK_SIZE, aad, aadSz);
+        }
+        wc_Sm4Free(sm4);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(sm4, heap, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    *outLen = inLen;
+
+    return ret;
+}
 #else
     #error "No encryption algorithm available for default ticket encryption."
 #endif
@@ -35587,7 +37684,7 @@ static int TicketEncCbCtx_ChooseKey(TicketEncCbCtx* keyCtx, int ticketHint,
 
 /* Default Session Ticket encryption/decryption callback.
  *
- * Use ChaCha20-Poly1305 or AES-GCM to encrypt/decrypt the ticket.
+ * Use ChaCha20-Poly1305, AES-GCM or SM4-GCM to encrypt/decrypt the ticket.
  * Two keys are used:
  *  - When the first expires for encryption, then use the other.
  *  - Don't encrypt with key if the ticket lifetime will go beyond expirary.
@@ -35972,7 +38069,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
         args = (DckeArgs*)ssl->async->args;
 
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* Check for error */
             if (ret < 0)
                 goto exit_dcke;
@@ -36726,6 +38823,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
                     case rsa_kea:
                     {
                         RsaKey* key = (RsaKey*)ssl->hsKey;
+                        int lenErrMask;
 
                         ret = RsaDec(ssl,
                             input + args->idx,
@@ -36751,7 +38849,9 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
                         if (ret == BAD_FUNC_ARG)
                             goto exit_dcke;
 
-                        args->lastErr = ret - (SECRET_LEN - args->sigSz);
+                        lenErrMask = 0 - (SECRET_LEN != args->sigSz);
+                        args->lastErr = (ret & (~lenErrMask)) |
+                            (RSA_PAD_E & lenErrMask);
                         ret = 0;
                         break;
                     } /* rsa_kea */
@@ -37185,6 +39285,13 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
         int ad = 0;
         int sniRet = 0;
         int ret = 0;
+
+        /* OpenSSL defaults alert to SSL_AD_UNRECOGNIZED_NAME, use this if
+           WOLFSSL_EXTRA_ALERTS is defined, indicating user is OK with
+           potential information disclosure from alerts. */
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EXTRA_ALERTS)
+        ad = SSL_AD_UNRECOGNIZED_NAME;
+#endif
         /* Stunnel supports a custom sni callback to switch an SSL's ctx
         * when SNI is received. Call it now if exists */
         if(ssl && ssl->ctx && ssl->ctx->sniRecvCb) {
@@ -37231,22 +39338,31 @@ int wolfSSL_AsyncPop(WOLFSSL* ssl, byte* state)
         event = &asyncDev->event;
 
         ret = wolfAsync_EventPop(event, WOLF_EVENT_TYPE_ASYNC_WOLFSSL);
-        if (ret != WC_NOT_PENDING_E && ret != WC_PENDING_E) {
-
+        if (ret != WC_NO_PENDING_E && ret != WC_PENDING_E) {
             /* advance key share state if doesn't need called again */
             if (state && (asyncDev->event.flags & WC_ASYNC_FLAG_CALL_AGAIN) == 0) {
                 (*state)++;
             }
-
-            /* clear event */
+            /* clear event and async device */
             XMEMSET(&asyncDev->event, 0, sizeof(WOLF_EVENT));
-
-            /* clear async dev */
             ssl->asyncDev = NULL;
         }
+        /* for crypto or PK callback, if pending remove from queue */
+    #if (defined(WOLF_CRYPTO_CB) || defined(HAVE_PK_CALLBACKS)) && \
+        !defined(WOLFSSL_ASYNC_CRYPT_SW) && !defined(HAVE_INTEL_QA) && \
+        !defined(HAVE_CAVIUM)
+        else if (ret == WC_PENDING_E) {
+            /* Allow the underlying crypto API to be called again to trigger the
+             * crypto or PK callback. The actual callback must be called, since
+             * the completion is not detected in the poll like Intel QAT or
+             * Nitrox */
+            ret = wolfEventQueue_Remove(&ssl->ctx->event_queue, event);
+
+        }
+    #endif
     }
     else {
-        ret = WC_NOT_PENDING_E;
+        ret = WC_NO_PENDING_E;
     }
 
     WOLFSSL_LEAVE("wolfSSL_AsyncPop", ret);
@@ -37763,6 +39879,139 @@ int wolfSSL_sk_BY_DIR_entry_push(WOLF_STACK_OF(WOLFSSL_BY_DIR_entry)* sk,
 
 #endif /* OPENSSL_ALL */
 
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+
+/*
+ * Converts a DER formatted certificate to a SecCertificateRef
+ *
+ * @param derCert pointer to the DER formatted certificate
+ * @param derLen length of the DER formatted cert, in bytes
+ *
+ * @return The newly created SecCertificateRef. Must be freed by caller when
+ * no longer in use
+ */
+static SecCertificateRef ConvertToSecCertificateRef(const byte* derCert,
+                                                    int derLen)
+{
+    CFDataRef         derData = NULL;
+    SecCertificateRef secCert = NULL;
+
+    WOLFSSL_ENTER("ConvertToSecCertificateRef");
+
+    /* Create a CFDataRef from the DER encoded certificate */
+    derData = CFDataCreate(kCFAllocatorDefault, derCert, derLen);
+    if (!derData) {
+        WOLFSSL_MSG("Error: can't create CFDataRef object for DER cert");
+        goto cleanup;
+    }
+
+    /* Create a SecCertificateRef from the CFDataRef */
+    secCert = SecCertificateCreateWithData(kCFAllocatorDefault, derData);
+    if (!secCert) {
+        WOLFSSL_MSG("Error: can't create SecCertificateRef from CFDataRef");
+        goto cleanup;
+    }
+
+cleanup:
+    if (derData) {
+        CFRelease(derData);
+    }
+
+    WOLFSSL_LEAVE("ConvertToSecCertificateRef", !!secCert);
+
+    return secCert;
+}
+
+
+/*
+ * Validates a chain of certificates using the Apple system trust APIs
+ *
+ * @param certs pointer to the certificate chain to validate
+ * @param totalCerts the number of certificates in certs
+ *
+ * @return 1 if chain is valid and trusted
+ * @return 0 if chain is invalid or untrusted
+ *
+ * As of MacOS 14.0 we are still able to access system certificates and load
+ * them manually into wolfSSL. For other apple devices, apple has removed the
+ * ability to obtain certificates from the trust store, so we can't use
+ * wolfSSL's built-in certificate validation mechanisms anymore. We instead
+ * must call into the Security Framework APIs to authenticate peer certificates
+ */
+static int DoAppleNativeCertValidation(const WOLFSSL_BUFFER_INFO* certs,
+                                            int totalCerts)
+{
+    int i;
+    int ret;
+    OSStatus status;
+    CFMutableArrayRef certArray = NULL;
+    SecCertificateRef secCert   = NULL;
+    SecTrustRef       trust     = NULL;
+    SecPolicyRef      policy    = NULL ;
+
+    WOLFSSL_ENTER("DoAppleNativeCertValidation");
+
+    certArray = CFArrayCreateMutable(kCFAllocatorDefault,
+                                     totalCerts,
+                                     &kCFTypeArrayCallBacks);
+    if (!certArray) {
+        WOLFSSL_MSG("Error: can't allocate CFArray for certificates");
+        ret = 0;
+        goto cleanup;
+    }
+
+    for (i = 0; i < totalCerts; i++) {
+        secCert = ConvertToSecCertificateRef(certs[i].buffer, certs[i].length);
+        if (!secCert) {
+            WOLFSSL_MSG("Error: can't convert DER cert to SecCertificateRef");
+            ret = 0;
+            goto cleanup;
+        }
+        else {
+            CFArrayAppendValue(certArray, secCert);
+            /* Release, since the array now holds the reference */
+            CFRelease(secCert);
+        }
+    }
+
+    /* Create trust object for SecCertifiate Ref */
+    policy = SecPolicyCreateSSL(true, NULL);
+    status = SecTrustCreateWithCertificates(certArray, policy, &trust);
+    if (status != errSecSuccess) {
+        WOLFSSL_MSG_EX("Error creating trust object, "
+                       "SecTrustCreateWithCertificates returned %d",status);
+        ret = 0;
+        goto cleanup;
+    }
+
+    /* Evaluate the certificate's authenticity */
+    if (SecTrustEvaluateWithError(trust, NULL) == 1) {
+        WOLFSSL_MSG("Cert chain is trusted");
+        ret = 1;
+    }
+    else {
+        WOLFSSL_MSG("Cert chain trust evaluation failed"
+                    "SecTrustEvaluateWithError returned 0");
+        ret = 0;
+    }
+
+    /* Cleanup */
+cleanup:
+    if (certArray) {
+        CFRelease(certArray);
+    }
+    if (trust) {
+        CFRelease(trust);
+    }
+    if (policy) {
+        CFRelease(policy);
+    }
+
+    WOLFSSL_LEAVE("DoAppleNativeCertValidation", ret);
+
+    return ret;
+}
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
 
 #undef ERROR_OUT
 
diff --git a/extra/wolfssl/wolfssl/src/keys.c b/extra/wolfssl/wolfssl/src/keys.c
index 82512793..fa04c4db 100644
--- a/extra/wolfssl/wolfssl/src/keys.c
+++ b/extra/wolfssl/wolfssl/src/keys.c
@@ -38,7 +38,7 @@
     #endif
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -54,7 +54,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
     #ifndef NO_TLS
             ssl->options.tls = 1;
         #if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_AEAD_ONLY)
-            #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+            #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                 !defined(WOLFSSL_RENESAS_TSIP_TLS)
             ssl->hmac = TLS_hmac;
             #else
@@ -77,7 +77,7 @@ int SetCipherSpecs(WOLFSSL* ssl)
     #if defined(WOLFSSL_DTLS)
         if (ssl->options.dtls && ssl->version.major == DTLS_MAJOR) {
         #ifndef WOLFSSL_AEAD_ONLY
-            #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+            #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                 !defined(WOLFSSL_RENESAS_TSIP_TLS)
             ssl->hmac = TLS_hmac;
             #else
@@ -1019,6 +1019,42 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite,
         break;
 #endif
 
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+    case TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 :
+        specs->bulk_cipher_algorithm = wolfssl_aria_gcm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sha256_mac;
+        specs->kea                   = ecc_diffie_hellman_kea;
+        specs->sig_algo              = ecc_dsa_sa_algo;
+        specs->hash_size             = WC_SHA256_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = ARIA_128_KEY_SIZE;
+        specs->block_size            = ARIA_BLOCK_SIZE;
+        specs->iv_size               = AESGCM_IMP_IV_SZ;
+        specs->aead_mac_size         = ARIA_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+    case TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 :
+        specs->bulk_cipher_algorithm = wolfssl_aria_gcm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sha384_mac;
+        specs->kea                   = ecc_diffie_hellman_kea;
+        specs->sig_algo              = ecc_dsa_sa_algo;
+        specs->hash_size             = WC_SHA384_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = ARIA_256_KEY_SIZE;
+        specs->block_size            = ARIA_BLOCK_SIZE;
+        specs->iv_size               = AESGCM_IMP_IV_SZ;
+        specs->aead_mac_size         = ARIA_GCM_AUTH_SZ;
+
+        break;
+#endif
+
 #endif /* HAVE_ECC */
 
 #ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8
@@ -1354,13 +1390,114 @@ int GetCipherSpec(word16 side, byte cipherSuite0, byte cipherSuite,
     }
     }
 
+    if (cipherSuite0 == SM_BYTE) {
+
+    switch (cipherSuite) {
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+    case TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3 :
+        specs->bulk_cipher_algorithm = wolfssl_sm4_cbc;
+        specs->cipher_type           = block;
+        specs->mac_algorithm         = sm3_mac;
+        specs->kea                   = ecc_diffie_hellman_kea;
+        specs->sig_algo              = sm2_sa_algo;
+        specs->hash_size             = WC_SM3_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = SM4_KEY_SIZE;
+        specs->iv_size               = SM4_IV_SIZE;
+        specs->block_size            = SM4_BLOCK_SIZE;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+    case TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3 :
+        specs->bulk_cipher_algorithm = wolfssl_sm4_gcm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sm3_mac;
+        specs->kea                   = ecc_diffie_hellman_kea;
+        specs->sig_algo              = sm2_sa_algo;
+        specs->hash_size             = WC_SM3_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = SM4_KEY_SIZE;
+        specs->block_size            = SM4_BLOCK_SIZE;
+        specs->iv_size               = GCM_IMP_IV_SZ;
+        specs->aead_mac_size         = SM4_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+    case TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3 :
+        specs->bulk_cipher_algorithm = wolfssl_sm4_ccm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sm3_mac;
+        specs->kea                   = ecc_diffie_hellman_kea;
+        specs->sig_algo              = sm2_sa_algo;
+        specs->hash_size             = WC_SM3_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = SM4_KEY_SIZE;
+        specs->block_size            = SM4_BLOCK_SIZE;
+        specs->iv_size               = GCM_IMP_IV_SZ;
+        specs->aead_mac_size         = SM4_CCM_AUTH_SZ;
+
+        break;
+#endif
+
+    default:
+        break;
+    }
+    }
 
     if (cipherSuite0 != ECC_BYTE &&
         cipherSuite0 != ECDHE_PSK_BYTE &&
         cipherSuite0 != CHACHA_BYTE &&
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+    (defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_GCM) || \
+     defined(WOLFSSL_SM4_CCM))
+        cipherSuite0 != SM_BYTE &&
+#endif
         cipherSuite0 != TLS13_BYTE) {   /* normal suites */
     switch (cipherSuite) {
 
+#ifdef BUILD_TLS_SM4_GCM_SM3
+    case TLS_SM4_GCM_SM3 :
+        specs->bulk_cipher_algorithm = wolfssl_sm4_gcm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sm3_mac;
+        specs->kea                   = 0;
+        specs->sig_algo              = 0;
+        specs->hash_size             = WC_SM3_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = SM4_KEY_SIZE;
+        specs->block_size            = SM4_BLOCK_SIZE;
+        specs->iv_size               = SM4_GCM_NONCE_SZ;
+        specs->aead_mac_size         = SM4_GCM_AUTH_SZ;
+
+        break;
+#endif
+
+#ifdef BUILD_TLS_SM4_CCM_SM3
+    case TLS_SM4_CCM_SM3 :
+        specs->bulk_cipher_algorithm = wolfssl_sm4_ccm;
+        specs->cipher_type           = aead;
+        specs->mac_algorithm         = sm3_mac;
+        specs->kea                   = 0;
+        specs->sig_algo              = 0;
+        specs->hash_size             = WC_SM3_DIGEST_SIZE;
+        specs->pad_size              = PAD_SHA;
+        specs->static_ecdh           = 0;
+        specs->key_size              = SM4_KEY_SIZE;
+        specs->block_size            = SM4_BLOCK_SIZE;
+        specs->iv_size               = SM4_CCM_NONCE_SZ;
+        specs->aead_mac_size         = SM4_CCM_AUTH_SZ;
+
+        break;
+#endif
+
 #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
     case SSL_RSA_WITH_RC4_128_SHA :
         specs->bulk_cipher_algorithm = wolfssl_rc4;
@@ -2728,6 +2865,106 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
     }
 #endif /* HAVE_AESCCM */
 
+#ifdef HAVE_ARIA
+    /* check that buffer sizes are sufficient */
+    #if (MAX_WRITE_IV_SZ < 16) /* AES_IV_SIZE */
+        #error MAX_WRITE_IV_SZ too small for AES
+    #endif
+
+    if (specs->bulk_cipher_algorithm == wolfssl_aria_gcm) {
+        int ret = 0;
+        MC_ALGID algo;
+
+        switch(specs->key_size) {
+            case ARIA_128_KEY_SIZE:
+                algo = MC_ALGID_ARIA_128BITKEY;
+                break;
+            case ARIA_192_KEY_SIZE:
+                algo = MC_ALGID_ARIA_192BITKEY;
+                break;
+            case ARIA_256_KEY_SIZE:
+                algo = MC_ALGID_ARIA_256BITKEY;
+                break;
+            default:
+                return WOLFSSL_NOT_IMPLEMENTED; /* This should never happen */
+        }
+
+        if (enc) {
+            if (enc->aria == NULL) {
+                enc->aria = (wc_Aria*)XMALLOC(sizeof(wc_Aria), heap, DYNAMIC_TYPE_CIPHER);
+                if (enc->aria == NULL)
+                    return MEMORY_E;
+            } else {
+                wc_AriaFreeCrypt(enc->aria);
+            }
+
+            XMEMSET(enc->aria, 0, sizeof(wc_Aria));
+            if (wc_AriaInitCrypt(enc->aria, algo) != 0) {
+                WOLFSSL_MSG("AriaInit failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+        if (dec) {
+            if (dec->aria == NULL) {
+                dec->aria = (wc_Aria*)XMALLOC(sizeof(wc_Aria), heap, DYNAMIC_TYPE_CIPHER);
+                if (dec->aria == NULL)
+                    return MEMORY_E;
+            } else {
+                wc_AriaFreeCrypt(dec->aria);
+            }
+
+            XMEMSET(dec->aria, 0, sizeof(wc_Aria));
+            if (wc_AriaInitCrypt(dec->aria, algo) != 0) {
+                WOLFSSL_MSG("AriaInit failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                ret = wc_AriaSetKey(enc->aria, keys->client_write_key);
+                if (ret != 0) return ret;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+                if (!tls13) {
+                    ret = wc_AriaGcmSetIV(enc->aria, AESGCM_NONCE_SZ,
+                            keys->client_write_IV, AESGCM_IMP_IV_SZ, rng);
+                    if (ret != 0) return ret;
+                }
+            }
+            if (dec) {
+                ret = wc_AriaSetKey(dec->aria, keys->server_write_key);
+                if (ret != 0) return ret;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        else {
+            if (enc) {
+                ret = wc_AriaSetKey(enc->aria, keys->server_write_key);
+                if (ret != 0) return ret;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+                if (!tls13) {
+                    ret = wc_AriaGcmSetIV(enc->aria, AESGCM_NONCE_SZ,
+                            keys->server_write_IV, AESGCM_IMP_IV_SZ, rng);
+                    if (ret != 0) return ret;
+                }
+            }
+            if (dec) {
+                ret = wc_AriaSetKey(dec->aria, keys->client_write_key);
+                if (ret != 0) return ret;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif /* HAVE_ARIA */
+
 #ifdef HAVE_CAMELLIA
     /* check that buffer sizes are sufficient */
     #if (MAX_WRITE_IV_SZ < 16) /* CAMELLIA_IV_SIZE */
@@ -2780,6 +3017,284 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs,
     }
 #endif /* HAVE_CAMELLIA */
 
+#ifdef WOLFSSL_SM4_CBC
+    /* check that buffer sizes are sufficient */
+    #if (MAX_WRITE_IV_SZ < 16) /* AES_IV_SIZE */
+        #error MAX_WRITE_IV_SZ too small for SM4_CBC
+    #endif
+
+    if (specs->bulk_cipher_algorithm == wolfssl_sm4_cbc) {
+        int sm4Ret = 0;
+
+        if (enc) {
+            if (enc->sm4 == NULL) {
+                enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                    DYNAMIC_TYPE_CIPHER);
+                if (enc->sm4 == NULL)
+                    return MEMORY_E;
+            }
+            else {
+                wc_Sm4Free(enc->sm4);
+            }
+
+            XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+        }
+        if (dec) {
+            if (dec->sm4 == NULL) {
+                dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                    DYNAMIC_TYPE_CIPHER);
+                if (dec->sm4 == NULL)
+                    return MEMORY_E;
+            }
+            else {
+                wc_Sm4Free(dec->sm4);
+            }
+
+            XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+        }
+        if (enc) {
+            if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+        if (dec) {
+            if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                sm4Ret = wc_Sm4SetKey(enc->sm4, keys->client_write_key,
+                    specs->key_size);
+                if (sm4Ret != 0) return sm4Ret;
+                sm4Ret = wc_Sm4SetIV(enc->sm4, keys->client_write_IV);
+                if (sm4Ret != 0) return sm4Ret;
+            }
+            if (dec) {
+                sm4Ret = wc_Sm4SetKey(dec->sm4, keys->server_write_key,
+                    specs->key_size);
+                if (sm4Ret != 0) return sm4Ret;
+                sm4Ret = wc_Sm4SetIV(dec->sm4, keys->server_write_IV);
+                if (sm4Ret != 0) return sm4Ret;
+            }
+        }
+        else {
+            if (enc) {
+                sm4Ret = wc_Sm4SetKey(enc->sm4, keys->server_write_key,
+                    specs->key_size);
+                if (sm4Ret != 0) return sm4Ret;
+                sm4Ret = wc_Sm4SetIV(enc->sm4, keys->server_write_IV);
+                if (sm4Ret != 0) return sm4Ret;
+            }
+            if (dec) {
+                sm4Ret = wc_Sm4SetKey(dec->sm4, keys->client_write_key,
+                    specs->key_size);
+                if (sm4Ret != 0) return sm4Ret;
+                sm4Ret = wc_Sm4SetIV(dec->sm4, keys->client_write_IV);
+                if (sm4Ret != 0) return sm4Ret;
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif /* WOLFSSL_SM4_CBC */
+
+#ifdef WOLFSSL_SM4_GCM
+    /* check that buffer sizes are sufficient */
+    #if (AEAD_MAX_IMP_SZ < 4) /* SM4-GCM_IMP_IV_SZ */
+        #error AEAD_MAX_IMP_SZ too small for SM4-GCM
+    #endif
+    #if (AEAD_MAX_EXP_SZ < 8) /* SM4-GCM_EXP_IV_SZ */
+        #error AEAD_MAX_EXP_SZ too small for SM4-GCM
+    #endif
+    #if (MAX_WRITE_IV_SZ < 4) /* SM4-GCM_IMP_IV_SZ */
+        #error MAX_WRITE_IV_SZ too small for SM4-GCM
+    #endif
+
+    if (specs->bulk_cipher_algorithm == wolfssl_sm4_gcm) {
+        int gcmRet;
+
+        if (enc) {
+            if (enc->sm4 == NULL) {
+                enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                                            DYNAMIC_TYPE_CIPHER);
+                if (enc->sm4 == NULL)
+                    return MEMORY_E;
+            } else {
+                wc_Sm4Free(enc->sm4);
+            }
+
+            XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+        }
+        if (dec) {
+            if (dec->sm4 == NULL) {
+                dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                                            DYNAMIC_TYPE_CIPHER);
+                if (dec->sm4 == NULL)
+                    return MEMORY_E;
+            } else {
+                wc_Sm4Free(dec->sm4);
+            }
+
+            XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+        }
+
+        if (enc) {
+            if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+        if (dec) {
+            if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                gcmRet = wc_Sm4GcmSetKey(enc->sm4, keys->client_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+            if (dec) {
+                gcmRet = wc_Sm4GcmSetKey(dec->sm4, keys->server_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        else {
+            if (enc) {
+                gcmRet = wc_Sm4GcmSetKey(enc->sm4, keys->server_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+            if (dec) {
+                gcmRet = wc_Sm4GcmSetKey(dec->sm4, keys->client_write_key,
+                                      specs->key_size);
+                if (gcmRet != 0) return gcmRet;
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif /* WOLFSSL_SM4_GCM */
+
+#ifdef WOLFSSL_SM4_CCM
+    /* check that buffer sizes are sufficient (CCM is same size as GCM) */
+    #if (AEAD_MAX_IMP_SZ < 4) /* SM4-CCM_IMP_IV_SZ */
+        #error AEAD_MAX_IMP_SZ too small for SM4-CCM
+    #endif
+    #if (AEAD_MAX_EXP_SZ < 8) /* SM4-CCM_EXP_IV_SZ */
+        #error AEAD_MAX_EXP_SZ too small for SM4-CCM
+    #endif
+    #if (MAX_WRITE_IV_SZ < 4) /* SM4-CCM_IMP_IV_SZ */
+        #error MAX_WRITE_IV_SZ too small for SM4-CCM
+    #endif
+
+    if (specs->bulk_cipher_algorithm == wolfssl_sm4_ccm) {
+        int CcmRet;
+
+        if (enc) {
+            if (enc->sm4 == NULL) {
+                enc->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                                            DYNAMIC_TYPE_CIPHER);
+                if (enc->sm4 == NULL)
+                    return MEMORY_E;
+            } else {
+                wc_Sm4Free(enc->sm4);
+            }
+
+            XMEMSET(enc->sm4, 0, sizeof(wc_Sm4));
+        }
+        if (dec) {
+            if (dec->sm4 == NULL) {
+                dec->sm4 = (wc_Sm4*)XMALLOC(sizeof(wc_Sm4), heap,
+                                            DYNAMIC_TYPE_CIPHER);
+                if (dec->sm4 == NULL)
+                return MEMORY_E;
+            } else {
+                wc_Sm4Free(dec->sm4);
+            }
+            XMEMSET(dec->sm4, 0, sizeof(wc_Sm4));
+        }
+
+        if (enc) {
+            if (wc_Sm4Init(enc->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+        if (dec) {
+            if (wc_Sm4Init(dec->sm4, heap, devId) != 0) {
+                WOLFSSL_MSG("Sm4Init failed in SetKeys");
+                return ASYNC_INIT_E;
+            }
+        }
+
+        if (side == WOLFSSL_CLIENT_END) {
+            if (enc) {
+                CcmRet = wc_Sm4SetKey(enc->sm4, keys->client_write_key,
+                                      specs->key_size);
+                if (CcmRet != 0) {
+                    return CcmRet;
+                }
+                XMEMCPY(keys->aead_enc_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+            if (dec) {
+                CcmRet = wc_Sm4SetKey(dec->sm4, keys->server_write_key,
+                                      specs->key_size);
+                if (CcmRet != 0) {
+                    return CcmRet;
+                }
+                XMEMCPY(keys->aead_dec_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        else {
+            if (enc) {
+                CcmRet = wc_Sm4SetKey(enc->sm4, keys->server_write_key,
+                                      specs->key_size);
+                if (CcmRet != 0) {
+                    return CcmRet;
+                }
+                XMEMCPY(keys->aead_enc_imp_IV, keys->server_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+            if (dec) {
+                CcmRet = wc_Sm4SetKey(dec->sm4, keys->client_write_key,
+                                      specs->key_size);
+                if (CcmRet != 0) {
+                    return CcmRet;
+                }
+                XMEMCPY(keys->aead_dec_imp_IV, keys->client_write_IV,
+                        AEAD_MAX_IMP_SZ);
+            }
+        }
+        if (enc)
+            enc->setup = 1;
+        if (dec)
+            dec->setup = 1;
+    }
+#endif /* WOLFSSL_SM4_CCM */
+
 #ifdef HAVE_NULL_CIPHER
     if (specs->bulk_cipher_algorithm == wolfssl_cipher_null) {
     #ifdef WOLFSSL_TLS13
diff --git a/extra/wolfssl/wolfssl/src/ocsp.c b/extra/wolfssl/wolfssl/src/ocsp.c
index 30f5e16a..c56ec22f 100644
--- a/extra/wolfssl/wolfssl/src/ocsp.c
+++ b/extra/wolfssl/wolfssl/src/ocsp.c
@@ -28,6 +28,13 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
+/*
+ * WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK:
+ *     Disable looking for an authorized responder in the verification path of
+ *     the issuer. This will make the authorized responder only look at the
+ *     OCSP response signer and direct issuer.
+ */
+
 #ifndef WOLFCRYPT_ONLY
 #ifdef HAVE_OCSP
 
@@ -135,7 +142,7 @@ static int xstat2err(int st)
     }
 }
 
-int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuffer, WOLFSSL* ssl)
+int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, WOLFSSL* ssl)
 {
     int ret = OCSP_LOOKUP_FAIL;
 
@@ -160,7 +167,7 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuff
     if (InitOcspRequest(ocspRequest, cert, ocsp->cm->ocspSendNonce,
                                                          ocsp->cm->heap) == 0) {
         ocspRequest->ssl = ssl;
-        ret = CheckOcspRequest(ocsp, ocspRequest, responseBuffer);
+        ret = CheckOcspRequest(ocsp, ocspRequest, NULL, NULL);
 
         FreeOcspRequest(ocspRequest);
     }
@@ -172,9 +179,9 @@ int CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuff
     WOLFSSL_LEAVE("CheckCertOCSP", ret);
     return ret;
 }
-int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert, buffer* responseBuffer)
+int CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert)
 {
-    return CheckCertOCSP_ex(ocsp, cert, responseBuffer, NULL);
+    return CheckCertOCSP_ex(ocsp, cert, NULL);
 }
 
 static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
@@ -217,12 +224,14 @@ static int GetOcspEntry(WOLFSSL_OCSP* ocsp, OcspRequest* request,
  * Returns OCSP status
  */
 static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
-                  OcspEntry* entry, CertStatus** status, buffer* responseBuffer)
+                  OcspEntry* entry, CertStatus** status, buffer* responseBuffer,
+                  void* heap)
 {
     int ret = OCSP_INVALID_STATUS;
 
     WOLFSSL_ENTER("GetOcspStatus");
 
+    (void)heap;
     *status = NULL;
 
     if (wc_LockMutex(&ocsp->ocspLock) != 0) {
@@ -252,7 +261,8 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
 
             if (responseBuffer) {
                 responseBuffer->buffer = (byte*)XMALLOC(
-                   (*status)->rawOcspResponseSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+                   (*status)->rawOcspResponseSz, heap,
+                   DYNAMIC_TYPE_TMP_BUFFER);
 
                 if (responseBuffer->buffer) {
                     responseBuffer->length = (*status)->rawOcspResponseSz;
@@ -277,11 +287,13 @@ static int GetOcspStatus(WOLFSSL_OCSP* ocsp, OcspRequest* request,
  * reponseBuffer  Buffer object to return the response with.
  * status         The certificate status object.
  * entry          The OCSP entry for this certificate.
+ * ocspRequest    Request corresponding to response.
+ * heap           Heap hint used for responseBuffer
  * returns OCSP_LOOKUP_FAIL when the response is bad and 0 otherwise.
  */
 int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
                       WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
-                      OcspEntry *entry, OcspRequest *ocspRequest)
+                      OcspEntry *entry, OcspRequest *ocspRequest, void* heap)
 {
 #ifdef WOLFSSL_SMALL_STACK
     CertStatus*   newStatus;
@@ -295,6 +307,8 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
     int           ret;
     int           validated      = 0;    /* ocsp validation flag */
 
+    (void)heap;
+
 #ifdef WOLFSSL_SMALL_STACK
     newStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
                                                        DYNAMIC_TYPE_OCSP_STATUS);
@@ -336,7 +350,7 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
     }
 
     if (responseBuffer) {
-        responseBuffer->buffer = (byte*)XMALLOC(responseSz, ocsp->cm->heap,
+        responseBuffer->buffer = (byte*)XMALLOC(responseSz, heap,
                                                 DYNAMIC_TYPE_TMP_BUFFER);
 
         if (responseBuffer->buffer) {
@@ -395,10 +409,14 @@ int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
 end:
     if (ret == 0 && validated == 1) {
         WOLFSSL_MSG("New OcspResponse validated");
-    } else if ((ret == ocsp->error) && (ocspResponse->single->status->status == CERT_UNKNOWN)) {
+    }
+    else if (ret == OCSP_CERT_REVOKED) {
+        WOLFSSL_MSG("OCSP revoked");
+    }
+    else if (ret == OCSP_CERT_UNKNOWN) {
         WOLFSSL_MSG("OCSP unknown");
-        ret = OCSP_CERT_UNKNOWN;
-    } else if (ret != OCSP_CERT_REVOKED) {
+    }
+    else {
         WOLFSSL_MSG("OCSP lookup failure");
         ret = OCSP_LOOKUP_FAIL;
     }
@@ -418,7 +436,7 @@ end:
 #define OCSP_MAX_REQUEST_SZ 2048
 #endif
 int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
-                                                      buffer* responseBuffer)
+                     buffer* responseBuffer, void* heap)
 {
     OcspEntry*  entry          = NULL;
     CertStatus* status         = NULL;
@@ -446,10 +464,16 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
     if (ret != 0)
         return ret;
 
-    ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer);
+    ret = GetOcspStatus(ocsp, ocspRequest, entry, &status, responseBuffer,
+                        heap);
     if (ret != OCSP_INVALID_STATUS)
         return ret;
 
+    if (responseBuffer) {
+        XFREE(responseBuffer->buffer, heap, DYNAMIC_TYPE_TMP_BUFFER);
+        responseBuffer->buffer = NULL;
+    }
+
     /* get SSL and IOCtx */
     ssl = (WOLFSSL*)ocspRequest->ssl;
     ioCtx = (ssl && ssl->ocspIOCtx != NULL) ?
@@ -457,16 +481,26 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
 
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
     if (ocsp->statusCb != NULL && ssl != NULL) {
+        WOLFSSL_MSG("Calling ocsp->statusCb");
         ret = ocsp->statusCb(ssl, ioCtx);
-        if (ret == 0) {
-            ret = wolfSSL_get_ocsp_response(ssl, &response);
-            ret = CheckOcspResponse(ocsp, response, ret, responseBuffer, status,
-                                entry, NULL);
-            if (response != NULL)
-                XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
-            return ret;
+        switch (ret) {
+            case SSL_TLSEXT_ERR_OK:
+                ret = wolfSSL_get_ocsp_response(ssl, &response);
+                ret = CheckOcspResponse(ocsp, response, ret, responseBuffer,
+                                        status, entry, NULL, heap);
+                if (response != NULL)
+                    XFREE(response, NULL, DYNAMIC_TYPE_OPENSSL);
+                break;
+            case SSL_TLSEXT_ERR_NOACK:
+                ret = OCSP_LOOKUP_FAIL;
+                break;
+            case SSL_TLSEXT_ERR_ALERT_FATAL:
+            default:
+                WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
+                ret = WOLFSSL_FATAL_ERROR;
+                break;
         }
-        WOLFSSL_LEAVE("CheckOcspRequest", ocsp->error);
+        WOLFSSL_LEAVE("CheckOcspRequest", ret);
         return ret;
     }
 #endif
@@ -491,10 +525,6 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
     request = (byte*)XMALLOC(requestSz, ocsp->cm->heap, DYNAMIC_TYPE_OCSP);
     if (request == NULL) {
         WOLFSSL_LEAVE("CheckCertOCSP", MEMORY_ERROR);
-        if (responseBuffer) {
-            XFREE(responseBuffer->buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            responseBuffer->buffer = NULL;
-        }
         return MEMORY_ERROR;
     }
 
@@ -511,7 +541,7 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
 
     if (responseSz >= 0 && response) {
         ret = CheckOcspResponse(ocsp, response, responseSz, responseBuffer, status,
-                            entry, ocspRequest);
+                            entry, ocspRequest, heap);
     }
 
     if (response != NULL && ocsp->cm->ocspRespFreeCb)
@@ -523,9 +553,104 @@ int CheckOcspRequest(WOLFSSL_OCSP* ocsp, OcspRequest* ocspRequest,
     return ret;
 }
 
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+static int CheckOcspResponderChain(OcspEntry* single, DecodedCert *cert,
+        void* vp) {
+    /* Attempt to build a chain up to cert's issuer */
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+    Signer* ca = NULL;
+    Signer* prev = NULL;
+    int passed = 0;
+
+    /*
+     *       Relation between certs:
+     *                 CA
+     *        /                 \
+     *  intermediate(s)   cert in OCSP response
+     *        |           with OCSP key usage ext
+     *  issuer of cert
+     *  in OCSP request
+     */
+
+    /* End loop if no more issuers found or if we have found a self
+     * signed cert (ca == prev) */
+    for (ca = GetCAByName(cm, single->issuerHash); ca != NULL && ca != prev;
+            prev = ca, ca = GetCAByName(cm, ca->issuerNameHash)) {
+        if (XMEMCMP(cert->issuerHash, ca->issuerNameHash,
+                OCSP_DIGEST_SIZE) == 0) {
+            WOLFSSL_MSG("\tOCSP Response signed by authorized "
+                    "responder delegated by issuer "
+                    "(found in chain)");
+            passed = 1;
+            break;
+        }
+    }
+    return passed;
+}
+#endif
+
+/**
+ * Enforce https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2
+ * @param bs   The basic response to verify
+ * @param cert The decoded bs->cert
+ * @return
+ */
+int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert, void* vp)
+{
+    int ret = 0;
+    OcspEntry* single;
+
+    /* Both evaluate to enum values so can't use a pre-processor check */
+    WOLFSSL_ASSERT_EQ(OCSP_DIGEST_SIZE, SIGNER_DIGEST_SIZE);
+
+    (void)vp;
+
+    WOLFSSL_ENTER("CheckOcspResponder");
+
+    /* In the future if this API is used more then it could be beneficial to
+     * implement calling InitDecodedCert and ParseCertRelative here
+     * automatically when cert == NULL. */
+    if (bs == NULL || cert == NULL)
+        return BAD_FUNC_ARG;
+
+    /* Traverse the list and check that the cert has the authority to provide
+     * an OCSP response for each entry. */
+    for (single = bs->single; single != NULL; single = single->next) {
+        int passed = 0;
+
+        if (XMEMCMP(cert->subjectHash, single->issuerHash, OCSP_DIGEST_SIZE)
+                == 0) {
+            WOLFSSL_MSG("\tOCSP Response signed by issuer");
+            passed = 1;
+        }
+        else if ((cert->extExtKeyUsage & EXTKEYUSE_OCSP_SIGN) != 0) {
+            if (XMEMCMP(cert->issuerHash, single->issuerHash,
+                        OCSP_DIGEST_SIZE) == 0) {
+                WOLFSSL_MSG("\tOCSP Response signed by authorized responder "
+                            "delegated by issuer");
+                passed = 1;
+            }
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHAIN_CHECK
+            else if (vp != NULL) {
+                passed = CheckOcspResponderChain(single, cert, vp);
+            }
+#endif
+        }
+
+        if (!passed) {
+            WOLFSSL_MSG("\tOCSP Responder not authorized");
+#ifdef OPENSSL_EXTRA
+            bs->verifyError = OCSP_BAD_ISSUER;
+#endif
+            ret = BAD_OCSP_RESPONDER;
+            break;
+        }
+    }
+    return ret;
+}
+
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
     defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
-
 int wolfSSL_OCSP_resp_find_status(WOLFSSL_OCSP_BASICRESP *bs,
     WOLFSSL_OCSP_CERTID* id, int* status, int* reason,
     WOLFSSL_ASN1_TIME** revtime, WOLFSSL_ASN1_TIME** thisupd,
@@ -659,6 +784,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id(
     InitDecodedCert(cert, subject->derCert->buffer,
                     subject->derCert->length, NULL);
     if (ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm) != 0) {
+        FreeDecodedCert(cert);
         goto out;
     }
     else {
@@ -676,11 +802,12 @@ out:
     if (ret != 0) {
         if (derCert != NULL)
             FreeDer(&derCert);
-        if (certId != NULL)
+        if (certId != NULL) {
             XFREE(certId, cm->heap, DYNAMIC_TYPE_OPENSSL);
+            certId = NULL;
+        }
         if (certStatus)
             XFREE(certStatus, cm->heap, DYNAMIC_TYPE_OPENSSL);
-        return NULL;
     }
 
 #ifdef WOLFSSL_SMALL_STACK
@@ -704,38 +831,60 @@ void wolfSSL_OCSP_BASICRESP_free(WOLFSSL_OCSP_BASICRESP* basicResponse)
 int wolfSSL_OCSP_basic_verify(WOLFSSL_OCSP_BASICRESP *bs,
     WOLF_STACK_OF(WOLFSSL_X509) *certs, WOLFSSL_X509_STORE *st, unsigned long flags)
 {
-    int         ret;
+    int         ret = WOLFSSL_FAILURE;
 #ifdef WOLFSSL_SMALL_STACK
-    DecodedCert *cert = (DecodedCert *)
-        XMALLOC(sizeof(*cert), (st && st->cm) ? st->cm->heap : NULL,
-                DYNAMIC_TYPE_DCERT);
-    if (cert == NULL)
-        return WOLFSSL_FAILURE;
+    DecodedCert *cert;
 #else
     DecodedCert cert[1];
 #endif
+    byte        certInit = 0;
+    int         idx;
 
     (void)certs;
 
-    if (flags & OCSP_NOVERIFY) {
-        ret = WOLFSSL_SUCCESS;
-        goto out;
-    }
+    if (flags & OCSP_NOVERIFY)
+        return WOLFSSL_SUCCESS;
+
+#ifdef WOLFSSL_SMALL_STACK
+    cert = (DecodedCert *)
+        XMALLOC(sizeof(*cert), (st && st->cm) ? st->cm->heap : NULL,
+                DYNAMIC_TYPE_DCERT);
+    if (cert == NULL)
+        return WOLFSSL_FAILURE;
+#endif
 
 #ifdef OPENSSL_EXTRA
-    if (bs->verifyError != OCSP_VERIFY_ERROR_NONE) {
-        ret = WOLFSSL_FAILURE;
+    if (bs->verifyError != OCSP_VERIFY_ERROR_NONE)
         goto out;
-    }
 #endif
 
-    ret = WOLFSSL_SUCCESS;
+    if (flags & OCSP_TRUSTOTHER) {
+        for (idx = 0; idx < wolfSSL_sk_X509_num(certs); idx++) {
+            WOLFSSL_X509* x = wolfSSL_sk_X509_value(certs, idx);
+            int derSz = 0;
+            const byte* der = wolfSSL_X509_get_der(x, &derSz);
+            if (der != NULL && derSz == (int)bs->certSz &&
+                    XMEMCMP(bs->cert, der, derSz) == 0) {
+                ret = WOLFSSL_SUCCESS;
+                goto out;
+            }
+        }
+    }
+
     InitDecodedCert(cert, bs->cert, bs->certSz, NULL);
+    certInit = 1;
     if (ParseCertRelative(cert, CERT_TYPE, VERIFY, st->cm) < 0)
-        ret = WOLFSSL_FAILURE;
-    FreeDecodedCert(cert);
+        goto out;
 
+    if (!(flags & OCSP_NOCHECKS)) {
+        if (CheckOcspResponder(bs, cert, st->cm) != 0)
+            goto out;
+    }
+
+    ret = WOLFSSL_SUCCESS;
 out:
+    if (certInit)
+        FreeDecodedCert(cert);
 
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(cert, (st && st->cm) ? st->cm->heap : NULL, DYNAMIC_TYPE_DCERT);
@@ -988,6 +1137,11 @@ WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req,
     if (req == NULL || cid == NULL || cid->status == NULL)
         return NULL;
 
+    if (req->cid != NULL)
+        wolfSSL_OCSP_CERTID_free((WOLFSSL_OCSP_CERTID*)req->cid);
+    /* Keep to free */
+    req->cid = (void*)cid;
+
     XMEMCPY(req->issuerHash, cid->issuerHash, KEYID_SIZE);
     XMEMCPY(req->issuerKeyHash, cid->issuerKeyHash, KEYID_SIZE);
     if (cid->status->serialSz > req->serialSz) {
@@ -1115,7 +1269,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_d2i_OCSP_CERTID(WOLFSSL_OCSP_CERTID** cidOut,
         }
     }
 
-    if (cid && (!cidOut || cid != *cidOut)) {
+    if ((cid != NULL) && ((cidOut == NULL) || (cid != *cidOut))) {
         XFREE(cid, NULL, DYNAMIC_TYPE_OPENSSL);
     }
 
diff --git a/extra/wolfssl/wolfssl/src/pk.c b/extra/wolfssl/wolfssl/src/pk.c
index 57cd5a14..f3d1483b 100644
--- a/extra/wolfssl/wolfssl/src/pk.c
+++ b/extra/wolfssl/wolfssl/src/pk.c
@@ -825,6 +825,7 @@ WOLFSSL_RSA_METHOD *wolfSSL_RSA_meth_new(const char *name, int flags)
     if (err) {
         /* meth->name won't be allocated on error. */
         XFREE(meth, NULL, DYNAMIC_TYPE_OPENSSL);
+        meth = NULL;
     }
     return meth;
 }
@@ -2109,7 +2110,7 @@ int wolfSSL_PEM_write_RSAPrivateKey(XFILE fp, WOLFSSL_RSA *rsa,
 {
     int ret = 1;
     byte* pem = NULL;
-    int pLen;
+    int pLen = 0;
 
     (void)cb;
     (void)arg;
@@ -2751,6 +2752,15 @@ int wolfSSL_RSA_set0_crt_params(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *dmp1,
 
         /* Set the values into the wolfCrypt RSA key. */
         if (SetRsaInternal(rsa) != 1) {
+            if (dmp1 != NULL) {
+                rsa->dmp1 = NULL;
+            }
+            if (dmq1 != NULL) {
+                rsa->dmq1 = NULL;
+            }
+            if (iqmp != NULL) {
+                rsa->iqmp = NULL;
+            }
             ret = 0;
         }
     }
@@ -2815,6 +2825,12 @@ int wolfSSL_RSA_set0_factors(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *p,
 
         /* Set the values into the wolfCrypt RSA key. */
         if (SetRsaInternal(rsa) != 1) {
+             if (p != NULL) {
+                 rsa->p = NULL;
+             }
+             if (q != NULL) {
+                 rsa->q = NULL;
+             }
              ret = 0;
         }
     }
@@ -2890,6 +2906,15 @@ int wolfSSL_RSA_set0_key(WOLFSSL_RSA *rsa, WOLFSSL_BIGNUM *n, WOLFSSL_BIGNUM *e,
 
         /* Set the values into the wolfCrypt RSA key. */
         if (SetRsaInternal(rsa) != 1) {
+            if (n != NULL) {
+                rsa->n = NULL;
+            }
+            if (e != NULL) {
+                rsa->e = NULL;
+            }
+            if (d != NULL) {
+                rsa->d = NULL;
+            }
             ret = 0;
         }
     }
@@ -3531,13 +3556,16 @@ int wolfSSL_RSA_verify_PKCS1_PSS(WOLFSSL_RSA *rsa, const unsigned char *mHash,
 
     if (ret == 1) {
         /* Calculate the salt length to use for special cases. */
-        /* TODO: use special case wolfCrypt values. */
         switch (saltLen) {
         /* Negative saltLen values are treated differently */
         case RSA_PSS_SALTLEN_DIGEST:
             saltLen = hashLen;
             break;
-        case RSA_PSS_SALTLEN_MAX_SIGN:
+        case RSA_PSS_SALTLEN_AUTO:
+        #ifdef WOLFSSL_PSS_SALT_LEN_DISCOVER
+            saltLen = RSA_PSS_SALT_LEN_DISCOVER;
+            break;
+        #endif
         case RSA_PSS_SALTLEN_MAX:
         #ifdef WOLFSSL_PSS_LONG_SALT
             saltLen = emLen - hashLen - 2;
@@ -7598,7 +7626,7 @@ static int wolfssl_dhparams_to_der(WOLFSSL_DH* dh, unsigned char** out,
     int err = 0;
     byte* der = NULL;
     word32 derSz;
-    DhKey* key;
+    DhKey* key = NULL;
 
     (void)heap;
 
@@ -7930,10 +7958,10 @@ void wolfSSL_DH_get0_pqg(const WOLFSSL_DH *dh, const WOLFSSL_BIGNUM **p,
  * free'd with a call to wolfSSL_DH_free -- not individually.
  *
  * @param [in, out] dh   DH key to set.
- * @parma [in]      p    Prime value to set. May be NULL when value already
+ * @param [in]      p    Prime value to set. May be NULL when value already
  *                       present.
- * @parma [in]      q    Order value to set. May be NULL.
- * @parma [in]      g    Generator value to set. May be NULL when value already
+ * @param [in]      q    Order value to set. May be NULL.
+ * @param [in]      g    Generator value to set. May be NULL when value already
  *                       present.
  * @return  1 on success.
  * @return  0 on failure.
@@ -8233,7 +8261,7 @@ int wolfSSL_DH_check(const WOLFSSL_DH *dh, int *codes)
 /* Generate DH parameters.
  *
  * @param [in] prime_len  Length of prime in bits.
- * @param [in] generator  Gnerator value to use.
+ * @param [in] generator  Generator value to use.
  * @param [in] callback   Called with progress information. Unused.
  * @param [in] cb_arg     User callback argument. Unused.
  * @return  NULL on failure.
@@ -8268,7 +8296,7 @@ WOLFSSL_DH *wolfSSL_DH_generate_parameters(int prime_len, int generator,
  *
  * @param [in] dh         DH key to generate parameters into.
  * @param [in] prime_len  Length of prime in bits.
- * @param [in] generator  Gnerator value to use.
+ * @param [in] generator  Generator value to use.
  * @param [in] callback   Called with progress information. Unused.
  * @param [in] cb_arg     User callback argument. Unused.
  * @return  0 on failure.
@@ -8278,7 +8306,7 @@ int wolfSSL_DH_generate_parameters_ex(WOLFSSL_DH* dh, int prime_len,
     int generator, void (*callback) (int, int, void *))
 {
     int ret = 1;
-    DhKey* key;
+    DhKey* key = NULL;
 #ifdef WOLFSSL_SMALL_STACK
     WC_RNG* tmpRng = NULL;
 #else
@@ -8790,6 +8818,10 @@ int EccEnumToNID(int n)
             return NID_brainpoolP384r1;
         case ECC_BRAINPOOLP512R1:
             return NID_brainpoolP512r1;
+    #ifdef WOLFSSL_SM2
+        case ECC_SM2P256V1:
+            return NID_sm2;
+    #endif
         default:
             WOLFSSL_MSG("NID not found");
             return -1;
@@ -9682,27 +9714,27 @@ void wolfSSL_EC_POINT_dump(const char *msg, const WOLFSSL_EC_POINT *point)
 
     WOLFSSL_ENTER("wolfSSL_EC_POINT_dump");
 
-    /* Only print when debugging on and logging callback set. */
-    if (WOLFSSL_IS_DEBUG_ON() && (wolfSSL_GetLoggingCb() == NULL)) {
+    /* Only print when debugging on. */
+    if (WOLFSSL_IS_DEBUG_ON()) {
         if (point == NULL) {
             /* No point passed in so just put out "NULL". */
-            XFPRINTF(stderr, "%s = NULL\n", msg);
+            WOLFSSL_MSG_EX("%s = NULL\n", msg);
         }
         else {
             /* Put out message and status of internal/external data set. */
-            XFPRINTF(stderr, "%s:\n\tinSet=%d, exSet=%d\n", msg, point->inSet,
+            WOLFSSL_MSG_EX("%s:\n\tinSet=%d, exSet=%d\n", msg, point->inSet,
                 point->exSet);
             /* Get x-ordinate as a hex string and print. */
             num = wolfSSL_BN_bn2hex(point->X);
-            XFPRINTF(stderr, "\tX = %s\n", num);
+            WOLFSSL_MSG_EX("\tX = %s\n", num);
             XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
             /* Get x-ordinate as a hex string and print. */
             num = wolfSSL_BN_bn2hex(point->Y);
-            XFPRINTF(stderr, "\tY = %s\n", num);
+            WOLFSSL_MSG_EX("\tY = %s\n", num);
             XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
             /* Get z-ordinate as a hex string and print. */
             num = wolfSSL_BN_bn2hex(point->Z);
-            XFPRINTF(stderr, "\tZ = %s\n", num);
+            WOLFSSL_MSG_EX("\tZ = %s\n", num);
             XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
         }
     }
@@ -9893,6 +9925,8 @@ int wolfSSL_ECPoint_d2i(const unsigned char *in, unsigned int len,
     const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *point)
 {
     int ret = 1;
+    WOLFSSL_BIGNUM* x = NULL;
+    WOLFSSL_BIGNUM* y = NULL;
 
     WOLFSSL_ENTER("wolfSSL_ECPoint_d2i");
 
@@ -9929,17 +9963,49 @@ int wolfSSL_ECPoint_d2i(const unsigned char *in, unsigned int len,
     #endif
     }
 
+    if (ret == 1)
+        point->inSet = 1;
+
     /* Set new external point. */
-    if ((ret == 1) && (ec_point_external_set(point) != 1)) {
+    if (ret == 1 && ec_point_external_set(point) != 1) {
         WOLFSSL_MSG("ec_point_external_set failed");
         ret = 0;
     }
 
+    if (ret == 1 && !wolfSSL_BN_is_one(point->Z)) {
+#if !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+        x = wolfSSL_BN_new();
+        y = wolfSSL_BN_new();
+        if (x == NULL || y == NULL)
+            ret = 0;
+
+        if (ret == 1 && wolfSSL_EC_POINT_get_affine_coordinates_GFp(group,
+                point, x, y, NULL) != 1) {
+            WOLFSSL_MSG("wolfSSL_EC_POINT_get_affine_coordinates_GFp failed");
+            ret = 0;
+        }
+
+        /* wolfSSL_EC_POINT_set_affine_coordinates_GFp check that the point is
+         * on the curve. */
+        if (ret == 1 && wolfSSL_EC_POINT_set_affine_coordinates_GFp(group,
+                point, x, y, NULL) != 1) {
+            WOLFSSL_MSG("wolfSSL_EC_POINT_set_affine_coordinates_GFp failed");
+            ret = 0;
+        }
+#else
+        WOLFSSL_MSG("Importing non-affine point. This may cause issues in math "
+                    "operations later on.");
+#endif
+    }
+
     if (ret == 1) {
         /* Dump new point. */
         wolfSSL_EC_POINT_dump("d2i p", point);
     }
 
+    wolfSSL_BN_free(x);
+    wolfSSL_BN_free(y);
+
     return ret;
 }
 
@@ -10031,6 +10097,14 @@ size_t wolfSSL_EC_POINT_point2oct(const WOLFSSL_EC_GROUP *group,
         }
     }
 
+#if defined(DEBUG_WOLFSSL)
+    if (!err) {
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_point2oct point", point);
+        WOLFSSL_MSG("\twolfSSL_EC_POINT_point2oct output:");
+        WOLFSSL_BUFFER(buf, enc_len);
+    }
+#endif
+
     /* On error, return encoding length of 0. */
     if (err) {
         enc_len = 0;
@@ -10176,15 +10250,15 @@ int wolfSSL_EC_POINT_is_on_curve(const WOLFSSL_EC_GROUP *group,
 /* Convert Jacobian ordinates to affine.
  *
  * @param [in]      group  EC group.
- * @param [in]      point  EC point to get co-ordinates from.
+ * @param [in]      point  EC point to get coordinates from.
  * @return  1 on success.
  * @return  0 on error.
  */
-static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
+int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
     WOLFSSL_EC_POINT *point)
 {
     int err = 0;
-    mp_digit mp;
+    mp_digit mp = 0;
 #ifdef WOLFSSL_SMALL_STACK
     mp_int* modulus;
 #else
@@ -10241,9 +10315,9 @@ static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
     return err;
 }
 
-/* Get the affine co-ordinates of the EC point on a Prime curve.
+/* Get the affine coordinates of the EC point on a Prime curve.
  *
- * When z-ordinate is not one then co-ordinates are Jacobian and need to be
+ * When z-ordinate is not one then coordinates are Jacobian and need to be
  * converted to affine before storing in BNs.
  *
  * Return code compliant with OpenSSL.
@@ -10251,7 +10325,7 @@ static int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
  * TODO: OpenSSL doesn't change point when Jacobian. Do the same?
  *
  * @param [in]      group  EC group.
- * @param [in]      point  EC point to get co-ordinates from.
+ * @param [in]      point  EC point to get coordinates from.
  * @param [in, out] x      BN to hold x-ordinate.
  * @param [in, out] y      BN to hold y-ordinate.
  * @param [in]      ctx    Context to use for BN operations. Unused.
@@ -10305,10 +10379,10 @@ int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
 }
 #endif /* !WOLFSSL_SP_MATH && !WOLF_CRYPTO_CB_ONLY_ECC */
 
-/* Sets the affine co-ordinates that belong on a prime curve.
+/* Sets the affine coordinates that belong on a prime curve.
  *
  * @param [in]      group  EC group.
- * @param [in, out] point  EC point to set co-ordinates into.
+ * @param [in, out] point  EC point to set coordinates into.
  * @param [in]      x      BN holding x-ordinate.
  * @param [in]      y      BN holding y-ordinate.
  * @param [in]      ctx    Context to use for BN operations. Unused.
@@ -10362,7 +10436,7 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
         WOLFSSL_MSG("wolfSSL_BN_copy failed");
         ret = 0;
     }
-    /* z-ordinate is one for affine co-ordinates. */
+    /* z-ordinate is one for affine coordinates. */
     if ((ret == 1) && ((wolfSSL_BN_one(point->Z)) == 0)) {
         WOLFSSL_MSG("wolfSSL_BN_one failed");
         ret = 0;
@@ -10393,7 +10467,7 @@ int wolfSSL_EC_POINT_set_affine_coordinates_GFp(const WOLFSSL_EC_GROUP* group,
 /* Add two points on the same together.
  *
  * @param [in]  curveIdx  Index of curve in ecc_set.
- * @oaram [out] r         Result point.
+ * @param [out] r         Result point.
  * @param [in]  p1        First point to add.
  * @param [in]  p2        Second point to add.
  * @return  1 on success.
@@ -10526,7 +10600,7 @@ static int wolfssl_ec_point_add(int curveIdx, ecc_point* r, ecc_point* p1,
         ret = 0;
     }
 
-    /* Map point back to affine co-ordinates. Converts from Montogomery form. */
+    /* Map point back to affine coordinates. Converts from Montogomery form. */
     if ((ret == 1) && (ecc_map(r, prime, mp) != MP_OKAY)) {
         WOLFSSL_MSG("ecc_map error");
         ret = 0;
@@ -10577,6 +10651,20 @@ int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP* group, WOLFSSL_EC_POINT* r,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+        const char* curve = wolfSSL_OBJ_nid2ln(nid);
+        const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add p1", p1);
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add p2", p2);
+        if (curve != NULL)
+            WOLFSSL_MSG_EX("curve name: %s", curve);
+        if (nistName != NULL)
+            WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+    }
+#endif
+
     if (ret == 1) {
         /* Add points using wolfCrypt objects. */
         ret = wolfssl_ec_point_add(group->curve_idx, (ecc_point*)r->internal,
@@ -10589,6 +10677,12 @@ int wolfSSL_EC_POINT_add(const WOLFSSL_EC_GROUP* group, WOLFSSL_EC_POINT* r,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_add result", r);
+    }
+#endif
+
     return ret;
 }
 
@@ -10646,7 +10740,7 @@ static int ec_mul2add(ecc_point* r, ecc_point* b, mp_int* n, ecc_point* q,
         WOLFSSL_MSG("wc_ecc_mulmod nqm error");
         ret = 0;
     }
-    /* Map point back to affine co-ordinates. Converts from Montogomery
+    /* Map point back to affine coordinates. Converts from Montogomery
      * form. */
     if ((ret == 1) && (ecc_map(r, prime, mp) != MP_OKAY)) {
         WOLFSSL_MSG("ecc_map nqm error");
@@ -10750,7 +10844,7 @@ static int wolfssl_ec_point_mul(int curveIdx, ecc_point* r, mp_int* n,
 
     if ((ret == 1) && (n != NULL) && (q != NULL) && (m != NULL)) {
         /* r = base point * n + q * m */
-        ec_mul2add(r, r, m, q, n, a, prime);
+        ret = ec_mul2add(r, r, n, q, m, a, prime);
     }
     /* Not all values present, see if we are only doing base point * n. */
     else if ((ret == 1) && (n != NULL)) {
@@ -10823,6 +10917,26 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+        const char* curve = wolfSSL_OBJ_nid2ln(nid);
+        const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+        char* num;
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_mul input q", q);
+        num = wolfSSL_BN_bn2hex(n);
+        WOLFSSL_MSG_EX("\tn = %s", num);
+        XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
+        num = wolfSSL_BN_bn2hex(m);
+        WOLFSSL_MSG_EX("\tm = %s", num);
+        XFREE(num, NULL, DYNAMIC_TYPE_OPENSSL);
+        if (curve != NULL)
+            WOLFSSL_MSG_EX("curve name: %s", curve);
+        if (nistName != NULL)
+            WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+    }
+#endif
+
     if (ret == 1) {
         mp_int* ni = (n != NULL) ? (mp_int*)n->internal : NULL;
         ecc_point* qi = (q != NULL) ? (ecc_point*)q->internal : NULL;
@@ -10843,6 +10957,12 @@ int wolfSSL_EC_POINT_mul(const WOLFSSL_EC_GROUP *group, WOLFSSL_EC_POINT *r,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_mul result", r);
+    }
+#endif
+
     return ret;
 }
 #endif /* !WOLFSSL_ATECC508A && !WOLFSSL_ATECC608A && !HAVE_SELFTEST &&
@@ -10931,6 +11051,30 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        int nid = wolfSSL_EC_GROUP_get_curve_name(group);
+        const char* curve = wolfSSL_OBJ_nid2ln(nid);
+        const char* nistName = wolfSSL_EC_curve_nid2nist(nid);
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_invert input", point);
+        if (curve != NULL)
+            WOLFSSL_MSG_EX("curve name: %s", curve);
+        if (nistName != NULL)
+            WOLFSSL_MSG_EX("nist curve name: %s", nistName);
+
+    }
+#endif
+
+    if (ret == 1 && !wolfSSL_BN_is_one(point->Z)) {
+#if !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+        if (ec_point_convert_to_affine(group, point) != 0)
+            ret = 0;
+#else
+        WOLFSSL_MSG("wolfSSL_EC_POINT_invert called on non-affine point");
+        ret = 0;
+#endif
+    }
+
     if (ret == 1) {
         /* Perform inversion using wolfCrypt objects. */
         ret = wolfssl_ec_point_invert(group->curve_idx,
@@ -10943,6 +11087,12 @@ int wolfSSL_EC_POINT_invert(const WOLFSSL_EC_GROUP *group,
         ret = 0;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == 1) {
+        wolfSSL_EC_POINT_dump("wolfSSL_EC_POINT_invert result", point);
+    }
+#endif
+
     return ret;
 }
 
@@ -13299,7 +13449,7 @@ int wolfSSL_i2d_ECDSA_SIG(const WOLFSSL_ECDSA_SIG *sig, unsigned char **pp)
     return (int)len;
 }
 
-/* Get the pointer to the feilds of the ECDSA signature.
+/* Get the pointer to the fields of the ECDSA signature.
  *
  * r and s untouched when sig is NULL.
  *
diff --git a/extra/wolfssl/wolfssl/src/quic.c b/extra/wolfssl/wolfssl/src/quic.c
index a8a590bf..02622a7e 100644
--- a/extra/wolfssl/wolfssl/src/quic.c
+++ b/extra/wolfssl/wolfssl/src/quic.c
@@ -130,7 +130,7 @@ static int quic_record_append(WOLFSSL *ssl, QuicRecord *qr, const uint8_t *data,
 
         qr->len = qr_length(qr->data, qr->end);
         if (qr->len > qr->capacity) {
-            uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->head,
+            uint8_t *ndata = (uint8_t*)XREALLOC(qr->data, qr->len, ssl->heap,
                                                 DYNAMIC_TYPE_TMP_BUFFER);
             if (!ndata) {
                 ret = WOLFSSL_FAILURE;
@@ -950,8 +950,18 @@ cleanup:
 
 const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_aead(WOLFSSL* ssl)
 {
-    WOLFSSL_CIPHER* cipher = wolfSSL_get_current_cipher(ssl);
-    const WOLFSSL_EVP_CIPHER* evp_cipher;
+    WOLFSSL_CIPHER* cipher = NULL;
+    const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
+
+    if (ssl == NULL) {
+        return NULL;
+    }
+
+    cipher = wolfSSL_get_current_cipher(ssl);
+
+    if (cipher == NULL) {
+        return NULL;
+    }
 
     switch (cipher->cipherSuite) {
 #if !defined(NO_AES) && defined(HAVE_AESGCM)
@@ -997,8 +1007,18 @@ static int evp_cipher_eq(const WOLFSSL_EVP_CIPHER* c1,
 
 const WOLFSSL_EVP_CIPHER* wolfSSL_quic_get_hp(WOLFSSL* ssl)
 {
-    WOLFSSL_CIPHER* cipher = wolfSSL_get_current_cipher(ssl);
-    const WOLFSSL_EVP_CIPHER* evp_cipher;
+    WOLFSSL_CIPHER* cipher = NULL;
+    const WOLFSSL_EVP_CIPHER* evp_cipher = NULL;
+
+    if (ssl == NULL) {
+        return NULL;
+    }
+
+    cipher = wolfSSL_get_current_cipher(ssl);
+
+    if (cipher == NULL) {
+        return NULL;
+    }
 
     switch (cipher->cipherSuite) {
 #if !defined(NO_AES) && defined(HAVE_AESGCM)
@@ -1055,8 +1075,9 @@ size_t wolfSSL_quic_get_aead_tag_len(const WOLFSSL_EVP_CIPHER* aead_cipher)
         ret = 0;
     }
 
+    (void)wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
 #ifdef WOLFSSL_SMALL_STACK
-    XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUF);
+    XFREE(ctx, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
 
     return ret;
diff --git a/extra/wolfssl/wolfssl/src/sniffer.c b/extra/wolfssl/wolfssl/src/sniffer.c
index 3a85d525..ddcb5403 100644
--- a/extra/wolfssl/wolfssl/src/sniffer.c
+++ b/extra/wolfssl/wolfssl/src/sniffer.c
@@ -373,6 +373,9 @@ static const char* const msgTable[] =
     "Setting up keys",
     "Unsupported TLS Version",
     "Server Client Key Mismatch",
+
+    /* 99 */
+    "Invalid or missing keylog file",
 };
 
 
@@ -436,6 +439,11 @@ typedef struct SnifferServer {
     NamedKey*      namedKeys;                    /* mapping of names and keys */
     wolfSSL_Mutex  namedKeysMutex;               /* mutex for namedKey list */
 #endif
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    byte           useKeyLogFile; /* True if session secrets are coming from a
+                                     keylog file */
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
     struct SnifferServer* next;                  /* for list */
 } SnifferServer;
 
@@ -619,8 +627,8 @@ static void UpdateMissedDataSessions(void)
 
 #ifdef WOLFSSL_SNIFFER_STATS
     #ifdef HAVE_C___ATOMIC
-        #define LOCK_STAT()
-        #define UNLOCK_STAT()
+        #define LOCK_STAT() WC_DO_NOTHING
+        #define UNLOCK_STAT() WC_DO_NOTHING
         #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); \
             __atomic_fetch_add(&x, y, __ATOMIC_RELAXED); })
     #else
@@ -636,10 +644,10 @@ static void UpdateMissedDataSessions(void)
 #endif /* WOLFSSL_SNIFFER_STATS */
 
 #ifdef HAVE_C___ATOMIC
-    #define LOCK_SESSION()
-    #define UNLOCK_SESSION()
-    #define LOCK_SERVER_LIST()
-    #define UNLOCK_SERVER_LIST()
+    #define LOCK_SESSION() WC_DO_NOTHING
+    #define UNLOCK_SESSION() WC_DO_NOTHING
+    #define LOCK_SERVER_LIST() WC_DO_NOTHING
+    #define UNLOCK_SERVER_LIST() WC_DO_NOTHING
 #else
     #define LOCK_SESSION() wc_LockMutex(&SessionMutex)
     #define UNLOCK_SESSION() wc_UnLockMutex(&SessionMutex)
@@ -652,6 +660,24 @@ static void UpdateMissedDataSessions(void)
     static WOLFSSL_GLOBAL int CryptoDeviceId = INVALID_DEVID;
 #endif
 
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+static int addSecretNode(unsigned char* clientRandom,
+                         int type,
+                         unsigned char* masterSecret,
+                         char* error);
+static void hexToBin(const char* hex, unsigned char* bin, int binLength);
+static int parseKeyLogFile(const char* fileName, char* error);
+static unsigned char* findSecret(unsigned char* clientRandom, int type);
+static void freeSecretList(void);
+static int snifferSecretCb(unsigned char* client_random,
+                           int type,
+                           unsigned char* output_secret);
+static void setSnifferSecretCb(SnifferSession* session);
+static int addKeyLogSnifferServerHelper(const char* address,
+                                        int port,
+                                        char* error);
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
 
 /* Initialize overall Sniffer */
 void ssl_InitSniffer_ex(int devId)
@@ -867,8 +893,16 @@ void ssl_FreeSniffer(void)
     }
     ServerList = NULL;
 
+
+
     UNLOCK_SESSION();
     UNLOCK_SERVER_LIST();
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    freeSecretList();
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
 #ifndef WOLFSSL_SNIFFER_NO_RECOVERY
     wc_FreeMutex(&RecoveryMutex);
 #endif
@@ -1162,8 +1196,14 @@ static void TraceSetServer(const char* srv, int port, const char* keyFile)
 {
     if (TraceOn) {
         XFPRINTF(TraceFile, "\tTrying to install a new Sniffer Server with\n");
-        XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n", srv, port,
-                                                                    keyFile);
+        if (keyFile != NULL) {
+            XFPRINTF(TraceFile, "\tserver: %s, port: %d, keyFile: %s\n",
+                     srv, port, keyFile);
+        }
+        else {
+            XFPRINTF(TraceFile, "\tserver: %s, port: %d\n",
+                     srv, port);
+        }
     }
 }
 
@@ -1732,6 +1772,7 @@ static int CreateWatchSnifferServer(char* error)
 
 #endif
 
+
 /* Caller locks ServerListMutex */
 static int SetNamedPrivateKey(const char* name, const char* address, int port,
     const char* keyFile, int keySz, int typeKey, const char* password,
@@ -1780,10 +1821,11 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port,
     if (serverIp.ip4 == XINADDR_NONE) {
     #ifdef FUSION_RTOS
         if (XINET_PTON(AF_INET6, address, serverIp.ip6,
-                       sizeof(serverIp.ip4)) == 1) {
+                       sizeof(serverIp.ip4)) == 1)
     #else
-        if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1) {
+        if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
     #endif
+        {
             serverIp.version = IPV6;
         }
     }
@@ -2432,7 +2474,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
     args = (SetupKeysArgs*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_sk;
@@ -2463,6 +2505,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
     }
 #endif
 
+    #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    if (session->context->useKeyLogFile) {
+        ret = 0;
+        XMEMSET(args, 0, sizeof(SetupKeysArgs));
+
+        /* We want to skip all the key setup and go right to master secret generation, which is
+         * where we inject the master secret obtained from the keylog file */
+        ssl->options.asyncState = TLS_ASYNC_FINALIZE;
+    }
+    #endif
+
     switch (ssl->options.asyncState) {
     case TLS_ASYNC_BEGIN:
     {
@@ -3084,12 +3137,17 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
 
     case TLS_ASYNC_FINALIZE:
     {
-        /* store for client side as well */
-        XMEMCPY(session->sslClient->arrays->preMasterSecret,
-            session->sslServer->arrays->preMasterSecret,
-            session->sslServer->arrays->preMasterSz);
-        session->sslClient->arrays->preMasterSz =
-            session->sslServer->arrays->preMasterSz;
+    #if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+        if (!session->context->useKeyLogFile)
+    #endif /* !WOLFSSL_SNIFFER_KEYLOGFILE */
+        {
+            /* store for client side as well */
+            XMEMCPY(session->sslClient->arrays->preMasterSecret,
+                    session->sslServer->arrays->preMasterSecret,
+                    session->sslServer->arrays->preMasterSz);
+            session->sslClient->arrays->preMasterSz =
+                session->sslServer->arrays->preMasterSz;
+        }
 
     #ifdef SHOW_SECRETS
         PrintSecret("pre master secret",
@@ -3267,6 +3325,11 @@ static int ProcessKeyShare(KeyShareInfo* info, const byte* input, int len,
                 info->curve_id = ECC_SECP256R1;
                 break;
             #endif /* !NO_ECC_SECP */
+            #ifdef WOLFSSL_SM2
+            case WOLFSSL_ECC_SM2P256V1:
+                info->curve_id = ECC_SM2P256V1;
+                break;
+            #endif /* WOLFSSL_SM2 */
         #endif
         #if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
             #ifndef NO_ECC_SECP
@@ -4551,14 +4614,21 @@ static int DoHandShake(const byte* input, int* sslBytes,
             Trace(GOT_CERT_REQ_STR);
             break;
         case server_key_exchange:
-#ifdef WOLFSSL_SNIFFER_STATS
-            INC_STAT(SnifferStats.sslEphemeralMisses);
-#endif
             Trace(GOT_SERVER_KEY_EX_STR);
-            /* can't know temp key passively */
-            SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
-            session->verboseErr = 1;
-            ret = -1;
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+            if (!session->context->useKeyLogFile)
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+            {
+                /* can't know temp key passively */
+                SetError(BAD_CIPHER_SPEC_STR, error, session, FATAL_ERROR_STATE);
+                session->verboseErr = 1;
+                ret = -1;
+
+#if defined(WOLFSSL_SNIFFER_STATS)
+                INC_STAT(SnifferStats.sslEphemeralMisses);
+#endif /* WOLFSSL_SNIFFER_STATS */
+            }
             break;
         case encrypted_extensions:
             Trace(GOT_ENC_EXT_STR);
@@ -4715,6 +4785,8 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
         case wolfssl_aes_gcm:
         case wolfssl_aes_ccm: /* GCM AEAD macros use same size as CCM */
         {
+            /* For ciphers that use AEAD use the encrypt routine to
+             * bypass the auth tag checking */
             wc_AesAuthEncryptFunc aes_auth_fn;
 
         #ifdef WOLFSSL_ASYNC_CRYPT
@@ -4744,7 +4816,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
                         input + AESGCM_EXP_IV_SZ,
                           sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
                         ssl->decrypt.nonce, AESGCM_NONCE_SZ,
-                        ssl->decrypt.additional, ssl->specs.aead_mac_size,
+                        ssl->decrypt.additional, AEAD_AUTH_DATA_SZ,
                         NULL, 0)) < 0) {
             #ifdef WOLFSSL_ASYNC_CRYPT
                 if (ret == WC_PENDING_E) {
@@ -4756,6 +4828,18 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
         break;
     #endif /* HAVE_AESGCM || HAVE_AESCCM */
 
+    #ifdef HAVE_ARIA
+        case wolfssl_aria_gcm:
+            ret = wc_AriaDecrypt(ssl->decrypt.aria,
+                        plain,
+                        (byte *)input + AESGCM_EXP_IV_SZ,
+                          sz - AESGCM_EXP_IV_SZ - ssl->specs.aead_mac_size,
+                        ssl->decrypt.nonce, AESGCM_NONCE_SZ,
+                        ssl->decrypt.additional, ssl->specs.aead_mac_size,
+                        NULL, 0);
+            break;
+    #endif
+
     #ifdef HAVE_CAMELLIA
         case wolfssl_camellia:
             ret = wc_CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz);
@@ -4765,7 +4849,7 @@ static int DecryptDo(WOLFSSL* ssl, byte* plain, const byte* input,
     #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
         !defined(NO_CHAPOL_AEAD)
         case wolfssl_chacha:
-            ret = ChachaAEADEncrypt(ssl, plain, input, sz);
+            ret = ChachaAEADDecrypt(ssl, plain, input, sz);
             break;
     #endif
 
@@ -4793,7 +4877,7 @@ static int DecryptTls(WOLFSSL* ssl, byte* plain, const byte* input,
 #ifdef WOLFSSL_ASYNC_CRYPT
     if (ssl->decrypt.state != CIPHER_STATE_BEGIN) {
         ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* check for still pending */
             if (ret == WC_PENDING_E)
                 return ret;
@@ -5105,6 +5189,13 @@ static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
     /* put server back into server mode */
     session->sslServer->options.side = WOLFSSL_SERVER_END;
 
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    if (session->context->useKeyLogFile) {
+        setSnifferSecretCb(session);
+    }
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
     row = SessionHash(ipInfo, tcpInfo);
 
     /* add it to the session table */
@@ -6475,10 +6566,10 @@ static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo,
                               SnifferSession* session, char* error)
 {
     if (session && session->flags.fatalError == FATAL_ERROR_STATE) {
-        RemoveSession(session, ipInfo, tcpInfo, 0);
         if (!session->verboseErr) {
             SetError(FATAL_ERROR_STR, error, NULL, 0);
         }
+        RemoveSession(session, ipInfo, tcpInfo, 0);
         return 1;
     }
     return 0;
@@ -7115,6 +7206,409 @@ int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents, WOLF_EVENT_FLAG flags,
 }
 #endif
 
+
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+
+/* Maximum length of the NSS Keylog prefix string */
+#define MAX_PREFIX_LENGTH (31)
+/* Maximum length (in bytes) required to store the binary representation of
+ * the "client random" value parsed from keylog file */
+#define CLIENT_RANDOM_LENGTH (32)
+/* Maximum length (in bytes) required to store the binary representation of the
+ * "secret" value parsed from keylog file */
+#define SECRET_LENGTH (48)
+
+typedef struct SecretNode {
+    unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
+    unsigned char secrets[SNIFFER_SECRET_NUM_SECRET_TYPES][SECRET_LENGTH];
+    struct SecretNode* next;
+} SecretNode;
+
+
+/* Default to the same size hash table as the session table,
+ * but allow user to override */
+#ifndef WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE
+#define WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE HASH_SIZE
+#endif
+
+static THREAD_LS_T WOLFSSL_GLOBAL
+SecretNode*
+secretHashTable[WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE] = {NULL};
+#ifndef HAVE_C___ATOMIC
+static WOLFSSL_GLOBAL wolfSSL_Mutex secretListMutex;
+#endif
+
+static unsigned int secretHashFunction(unsigned char* clientRandom);
+
+#ifdef HAVE_C___ATOMIC
+    #define LOCK_SECRET_LIST() WC_DO_NOTHING
+    #define UNLOCK_SECRET_LIST() WC_DO_NOTHING
+#else
+    #define LOCK_SECRET_LIST() wc_LockMutex(&secretListMutex)
+    #define UNLOCK_SECRET_LIST() wc_UnLockMutex(&secretListMutex)
+#endif
+
+
+/*
+ * Basic polynomial hash function that maps a 32-byte client random value to an
+ * array index
+ */
+static unsigned int secretHashFunction(unsigned char* clientRandom)
+{
+    int i = 0;
+    unsigned int hash = 0;
+    const int CLIENT_RANDOM_NUM_BITS = CLIENT_RANDOM_LENGTH * 8;
+
+    for (i = 0; i < CLIENT_RANDOM_LENGTH; i++) {
+        hash = (hash * CLIENT_RANDOM_NUM_BITS + clientRandom[i])
+            % WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE;
+    }
+
+    return hash;
+}
+
+
+/*
+ * Adds a new secret to the secret table, creating a new node based on the
+ * client random if necessary. If the client random is already present in the
+ * list, the requested secret will be updated.
+ */
+static int addSecretNode(unsigned char* clientRandom,
+                         int type,
+                         unsigned char* secret,
+                         char* error)
+{
+    int index = 0;
+    int ret = 0;
+    SecretNode* node = NULL;
+
+    if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
+        return WOLFSSL_SNIFFER_ERROR;
+    }
+
+    LOCK_SECRET_LIST();
+
+    index = secretHashFunction(clientRandom);
+    node = secretHashTable[index];
+
+    while(node) {
+        /* Node already exists, so just add the requested secret */
+        if (XMEMCMP(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH)
+            == 0)
+        {
+            XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
+            ret = 0;
+            goto unlockReturn;
+        }
+        node = node ->next;
+    }
+
+    node = (SecretNode*)XMALLOC(sizeof(SecretNode),
+                                NULL,
+                                DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
+    if (node == NULL) {
+        SetError(MEMORY_STR, error, NULL, 0);
+        ret = WOLFSSL_SNIFFER_ERROR;
+        goto unlockReturn;
+    }
+
+    XMEMCPY(node->clientRandom, clientRandom, CLIENT_RANDOM_LENGTH);
+    XMEMCPY(node->secrets[type], secret, SECRET_LENGTH);
+    node->next = secretHashTable[index];
+    secretHashTable[index] = node;
+
+unlockReturn:
+
+    UNLOCK_SECRET_LIST();
+
+    return ret;
+}
+
+
+/*
+ * Looks up a master secret for a given client random from the keylog file
+ */
+static unsigned char* findSecret(unsigned char* clientRandom, int type)
+{
+    unsigned char* secret = NULL;
+    SecretNode* node = NULL;
+    unsigned int index = 0;
+
+    LOCK_SECRET_LIST();
+
+    index = secretHashFunction(clientRandom);
+    node  = secretHashTable[index];
+
+    while (node != NULL) {
+        if (XMEMCMP(node->clientRandom,
+                    clientRandom, CLIENT_RANDOM_LENGTH) == 0) {
+            secret = node->secrets[type];
+            break;
+        }
+        node = node->next;
+    }
+
+    UNLOCK_SECRET_LIST();
+
+    return secret;
+}
+
+
+static void hexToBin(const char* hex, unsigned char* bin, int binLength)
+{
+    int i = 0;
+    for (i = 0; i < binLength; i++) {
+        sscanf(hex + 2*i, "%02hhx", &bin[i]);
+    }
+}
+
+/*
+ * Helper function to parse secrets from the keylog file into the secret table
+ */
+static int parseKeyLogFile(const char* fileName, char* error)
+{
+    unsigned char clientRandom[CLIENT_RANDOM_LENGTH];
+    unsigned char secret[SECRET_LENGTH];
+    FILE* file = NULL;
+    int ret = 0;
+    int  type = 0;
+    /* +1 for null terminator */
+    char prefix[MAX_PREFIX_LENGTH + 1] = {0};
+    /* 2 chars for Hexadecimal representation, plus null terminator */
+    char clientRandomHex[2 * CLIENT_RANDOM_LENGTH + 1] = {0};
+    char secretHex[2 * SECRET_LENGTH + 1] = {0};
+
+
+    file = fopen(fileName, "r");
+    if (file == NULL) {
+        fprintf(stderr, "Could not open keylog file: %s\n", fileName);
+        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+        return WOLFSSL_SNIFFER_ERROR;
+    }
+
+    /* Format specifiers for each column should be:
+     * MAX_PREFIX_LENGTH, 2*CLIENT_RANDOM_LENGTH, and 2*SECRET_LENGTH */
+    while (fscanf(file, "%31s %64s %96s", prefix, clientRandomHex, secretHex)
+            == 3) {
+
+        if (XSTRCMP(prefix, "CLIENT_RANDOM") == 0) {
+            type = SNIFFER_SECRET_TLS12_MASTER_SECRET;
+        }
+#if defined(WOLFSSL_TLS13)
+        else if (XSTRCMP(prefix, "CLIENT_EARLY_TRAFFIC_SECRET") == 0) {
+            type = SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET;
+        }
+        else if (XSTRCMP(prefix, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) {
+            type = SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET;
+        }
+        else if (XSTRCMP(prefix, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) {
+            type = SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET;
+        }
+        else if (XSTRCMP(prefix, "CLIENT_TRAFFIC_SECRET_0") == 0) {
+            type = SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET;
+        }
+        else if (XSTRCMP(prefix, "SERVER_TRAFFIC_SECRET_0") == 0) {
+            type = SNIFFER_SECRET_SERVER_TRAFFIC_SECRET;
+        }
+#endif /* WOLFSSL_TLS13 */
+        else {
+            fprintf(stderr, "unrecognized prefix: %s\n", prefix);
+            continue;
+        }
+
+        hexToBin(clientRandomHex, clientRandom, CLIENT_RANDOM_LENGTH);
+        hexToBin(secretHex, secret, SECRET_LENGTH);
+        ret = addSecretNode(clientRandom, type, secret, error);
+
+        if (ret != 0) {
+            fclose(file);
+            return ret;
+        }
+    }
+    fclose(file);
+
+    return 0;
+}
+
+
+static void freeSecretList(void)
+{
+    int i = 0;
+
+    LOCK_SECRET_LIST();
+
+    for (i=0; i<WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE; i++)
+    {
+        SecretNode* current = secretHashTable[i];
+        SecretNode * next = NULL;
+
+        while (current != NULL) {
+            next = current->next;
+            XFREE(current, NULL, DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE);
+            current = next;
+        }
+    }
+
+    UNLOCK_SECRET_LIST();
+}
+
+
+/*
+ * Looks up secret based on client random and copies it to output_secret
+ */
+static int snifferSecretCb(unsigned char* client_random,
+                           int type,
+                           unsigned char* output_secret)
+{
+    unsigned char* secret = NULL;
+
+    if (client_random == NULL || output_secret == NULL) {
+        return WOLFSSL_SNIFFER_FATAL_ERROR;
+    }
+
+    if (type >= SNIFFER_SECRET_NUM_SECRET_TYPES) {
+        return WOLFSSL_SNIFFER_FATAL_ERROR;
+    }
+
+    /* get secret from secret table based on client random */
+    secret = findSecret(client_random, type);
+    if (secret != NULL) {
+        XMEMCPY(output_secret, secret, SECRET_LENGTH);
+        return 0;
+    }
+
+    /* didn't find the secret */
+    return WOLFSSL_SNIFFER_ERROR;
+}
+
+
+static void setSnifferSecretCb(SnifferSession* session)
+{
+    session->context->useKeyLogFile = 1;
+    session->sslServer->snifferSecretCb = snifferSecretCb;
+    session->sslClient->snifferSecretCb = snifferSecretCb;
+}
+
+
+/*
+ * Helper function that creates a sniffer server object that can decrypt using
+ * a keylog file, and adds it to the server list
+ *
+ * NOTE: the caller is responsible for locking and unlocking the server list
+ */
+static int addKeyLogSnifferServerHelper(const char* address,
+                                        int port,
+                                        char* error)
+{
+    IpAddrInfo     serverIp = {0};
+    SnifferServer *sniffer = NULL;
+
+    TraceHeader();
+    TraceSetServer(address, port, NULL);
+
+    serverIp.version = IPV4;
+    serverIp.ip4 = XINET_ADDR(address);
+    if (serverIp.ip4 == XINADDR_NONE) {
+    #ifdef FUSION_RTOS
+        if (XINET_PTON(AF_INET6, address, serverIp.ip6,
+                       sizeof(serverIp.ip4)) == 1)
+    #else
+        if (XINET_PTON(AF_INET6, address, serverIp.ip6) == 1)
+    #endif
+        {
+            serverIp.version = IPV6;
+        }
+    }
+
+    sniffer = ServerList;
+    while (sniffer != NULL &&
+            (!MatchAddr(sniffer->server, serverIp) || sniffer->port != port)) {
+        sniffer = sniffer->next;
+    }
+
+    if (sniffer == NULL) {
+        sniffer = (SnifferServer*)XMALLOC(sizeof(SnifferServer),
+                NULL, DYNAMIC_TYPE_SNIFFER_SERVER);
+        if (sniffer == NULL) {
+            SetError(MEMORY_STR, error, NULL, 0);
+            return WOLFSSL_SNIFFER_ERROR;
+        }
+        InitSnifferServer(sniffer);
+
+        XSTRNCPY(sniffer->address, address, MAX_SERVER_ADDRESS-1);
+        sniffer->address[MAX_SERVER_ADDRESS-1] = '\0';
+        sniffer->server = serverIp;
+        sniffer->port = port;
+
+        sniffer->ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
+        if (!sniffer->ctx) {
+            SetError(MEMORY_STR, error, NULL, 0);
+            FreeSnifferServer(sniffer);
+            return WOLFSSL_SNIFFER_ERROR;
+        }
+    #if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT)
+        if (CryptoDeviceId != INVALID_DEVID)
+            wolfSSL_CTX_SetDevId(sniffer->ctx, CryptoDeviceId);
+    #endif
+
+        sniffer->next = ServerList;
+        ServerList = sniffer;
+    }
+    else {
+        printf("SESSION ALREADY EXISTS\n");
+    }
+
+    /* Tag the new or existing server as requiring keylog support to
+     * decrypt, otherwise it won't be usable */
+    sniffer->useKeyLogFile = 1;
+
+    return 0;
+}
+
+/*
+ * Creates a sniffer server that is able to decrypt using secrets from a
+ * keylog file, and adds it to the server list
+ *
+ * If a server at the address and port already exists, it will be marked
+ * for keylog file decryption
+ */
+int ssl_CreateKeyLogSnifferServer(const char* address, int port, char* error)
+{
+    int ret = 0;
+
+    if (address == NULL) {
+        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+        return WOLFSSL_SNIFFER_ERROR;
+    }
+
+    LOCK_SERVER_LIST();
+
+    ret = addKeyLogSnifferServerHelper(address, port, error);
+
+    UNLOCK_SERVER_LIST();
+
+    return ret;
+}
+
+
+/*
+ * Loads secrets to decrypt TLS traffic from a keylog file. Only sniffer
+ * servers registered with ssl_createKeyLogSnifferServer() will be able to
+ * decrypt using these secrets
+ */
+int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile, char* error)
+{
+    if (keylogfile == NULL) {
+        SetError(KEYLOG_FILE_INVALID, error, NULL, 0);
+        return WOLFSSL_SNIFFER_ERROR;
+    }
+
+    return parseKeyLogFile(keylogfile, error);
+}
+
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+
+
 #undef ERROR_OUT
 
 #endif /* WOLFSSL_SNIFFER */
diff --git a/extra/wolfssl/wolfssl/src/ssl.c b/extra/wolfssl/wolfssl/src/ssl.c
index fb8ee5c6..e99f702f 100644
--- a/extra/wolfssl/wolfssl/src/ssl.c
+++ b/extra/wolfssl/wolfssl/src/ssl.c
@@ -208,6 +208,15 @@
 #define WOLFSSL_EVP_INCLUDED
 #include "wolfcrypt/src/evp.c"
 
+/* Crypto code uses EVP APIs. */
+#define WOLFSSL_SSL_CRYPTO_INCLUDED
+#include "src/ssl_crypto.c"
+
+#ifndef WOLFCRYPT_ONLY
+#define WOLFSSL_SSL_CERTMAN_INCLUDED
+#include "src/ssl_certman.c"
+#endif
+
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
     !defined(WOLFCRYPT_ONLY)
 /* Convert shortname to NID.
@@ -449,6 +458,9 @@ const WOLF_EC_NIST_NAME kNistCurves[] = {
     {XSTR_SIZEOF("P521_KYBER_LEVEL5"), "P521_KYBER_LEVEL5", WOLFSSL_P521_KYBER_LEVEL5},
 #endif
 #endif
+#ifdef WOLFSSL_SM2
+    {XSTR_SIZEOF("SM2"),     "SM2",     NID_sm2},
+#endif
     {0, NULL, 0},
 };
 #endif
@@ -1047,7 +1059,7 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen)
 #endif /* WOLFSSL_TLS13 && HAVE_ECH */
 
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -1253,8 +1265,12 @@ int wolfSSL_send_session(WOLFSSL* ssl)
 
 /* prevent multiple mutex initializations */
 static volatile WOLFSSL_GLOBAL int initRefCount = 0;
+#ifdef WOLFSSL_MUTEX_INITIALIZER
+static WOLFSSL_GLOBAL wolfSSL_Mutex count_mutex = WOLFSSL_MUTEX_INITIALIZER;
+#else
 static WOLFSSL_GLOBAL wolfSSL_Mutex count_mutex;   /* init ref count mutex */
 static WOLFSSL_GLOBAL int count_mutex_valid = 0;
+#endif
 
 /* Create a new WOLFSSL_CTX struct and return the pointer to created struct.
    WOLFSSL_METHOD pointer passed in is given to ctx to manage.
@@ -1537,6 +1553,8 @@ void FreeWriteDup(WOLFSSL* ssl)
 */
 static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
 {
+    word16 tmp_weOwnRng;
+
     /* shared dupWrite setup */
     ssl->dupWrite = (WriteDup*)XMALLOC(sizeof(WriteDup), ssl->heap,
                                        DYNAMIC_TYPE_WRITEDUP);
@@ -1553,6 +1571,8 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
     ssl->dupWrite->dupCount = 2;    /* both sides have a count to start */
     dup->dupWrite = ssl->dupWrite; /* each side uses */
 
+    tmp_weOwnRng = dup->options.weOwnRng;
+
     /* copy write parts over to dup writer */
     XMEMCPY(&dup->specs,   &ssl->specs,   sizeof(CipherSpecs));
     XMEMCPY(&dup->options, &ssl->options, sizeof(Options));
@@ -1578,6 +1598,9 @@ static int DupSSL(WOLFSSL* dup, WOLFSSL* ssl)
     dup->truncated_hmac = ssl->truncated_hmac;
 #endif
 
+    /* Restore rng option */
+    dup->options.weOwnRng = tmp_weOwnRng;
+
     /* unique side dup setup */
     dup->dupSide = WRITE_DUP_SIDE;
     ssl->dupSide = READ_DUP_SIDE;
@@ -2217,15 +2240,19 @@ static int DtlsSrtpSelProfiles(word16* id, const char* profile_str)
     do {
         current = next;
         next = XSTRSTR(current, ":");
-        current_length = (!next) ? (word32)XSTRLEN(current)
-                                 : (word32)(next - current);
+        if (next) {
+            current_length = (word32)(next - current);
+            ++next; /* ++ needed to skip ':' */
+        } else {
+            current_length = (word32)XSTRLEN(current);
+        }
         if (current_length < length)
             length = current_length;
         profile = DtlsSrtpFindProfile(current, current_length, 0);
         if (profile != NULL) {
             *id |= (1 << profile->id); /* selected bit based on ID */
         }
-    } while (next != NULL && next++); /* ++ needed to skip ':' */
+    } while (next != NULL);
     return WOLFSSL_SUCCESS;
 }
 
@@ -2648,6 +2675,9 @@ int wolfSSL_GetObjectSize(void)
 #ifdef HAVE_CHACHA
     printf("\tsizeof chacha       = %lu\n", (unsigned long)sizeof(ChaCha));
 #endif
+#ifdef WOLFSSL_SM4
+    printf("\tsizeof sm4          = %lu\n", (unsigned long)sizeof(Sm4));
+#endif
     printf("sizeof cipher specs     = %lu\n", (unsigned long)sizeof(CipherSpecs));
     printf("sizeof keys             = %lu\n", (unsigned long)sizeof(Keys));
     printf("sizeof Hashes(2)        = %lu\n", (unsigned long)sizeof(Hashes));
@@ -2669,6 +2699,9 @@ int wolfSSL_GetObjectSize(void)
 #ifdef WOLFSSL_SHA384
     printf("\tsizeof SHA512       = %lu\n", (unsigned long)sizeof(wc_Sha512));
 #endif
+#ifdef WOLFSSL_SM3
+    printf("\tsizeof sm3          = %lu\n", (unsigned long)sizeof(Sm3));
+#endif
     printf("sizeof Buffers          = %lu\n", (unsigned long)sizeof(Buffers));
     printf("sizeof Options          = %lu\n", (unsigned long)sizeof(Options));
     printf("sizeof Arrays           = %lu\n", (unsigned long)sizeof(Arrays));
@@ -3208,7 +3241,14 @@ int wolfSSL_write(WOLFSSL* ssl, const void* data, int sz)
     }
 #endif
 #ifdef WOLFSSL_EARLY_DATA
-    if (ssl->earlyData != no_early_data && (ret = wolfSSL_negotiate(ssl)) < 0) {
+    if (IsAtLeastTLSv1_3(ssl->version) &&
+            ssl->options.side == WOLFSSL_SERVER_END &&
+            ssl->options.acceptState >= TLS13_ACCEPT_FINISHED_SENT) {
+        /* We can send data without waiting on peer finished msg */
+        WOLFSSL_MSG("server sending data before receiving client finished");
+    }
+    else if (ssl->earlyData != no_early_data &&
+            (ret = wolfSSL_negotiate(ssl)) < 0) {
         ssl->error = ret;
         return WOLFSSL_FATAL_ERROR;
     }
@@ -3315,22 +3355,6 @@ static int wolfSSL_read_internal(WOLFSSL* ssl, void* data, int sz, int peek)
         errno = 0;
 #endif
 
-#ifdef WOLFSSL_DTLS
-    if (ssl->options.dtls) {
-        ssl->dtls_expected_rx = max(sz + DTLS_MTU_ADDITIONAL_READ_BUFFER,
-                MAX_MTU);
-#ifdef WOLFSSL_SCTP
-        if (ssl->options.dtlsSctp)
-#endif
-#if defined(WOLFSSL_SCTP) || defined(WOLFSSL_DTLS_MTU)
-            /* Add some bytes so that we can operate with slight difference
-             * in set MTU size on each peer */
-            ssl->dtls_expected_rx = max(ssl->dtls_expected_rx,
-                    ssl->dtlsMtuSz + (word32)DTLS_MTU_ADDITIONAL_READ_BUFFER);
-#endif
-    }
-#endif
-
     ret = ReceiveData(ssl, (byte*)data, sz, peek);
 
 #ifdef HAVE_WRITE_DUP
@@ -3692,6 +3716,7 @@ static int isValidCurveGroup(word16 name)
         case WOLFSSL_ECC_BRAINPOOLP256R1:
         case WOLFSSL_ECC_BRAINPOOLP384R1:
         case WOLFSSL_ECC_BRAINPOOLP512R1:
+        case WOLFSSL_ECC_SM2P256V1:
         case WOLFSSL_ECC_X25519:
         case WOLFSSL_ECC_X448:
 
@@ -3989,7 +4014,7 @@ int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx)
     return WOLFSSL_SUCCESS;
 }
 
-
+#ifdef HAVE_SECURE_RENEGOTIATION
 /* do a secure renegotiation handshake, user forced, we discourage */
 static int _Rehandshake(WOLFSSL* ssl)
 {
@@ -4054,7 +4079,7 @@ static int _Rehandshake(WOLFSSL* ssl)
 
         ssl->secure_renegotiation->cache_status = SCR_CACHE_NEEDED;
 
-#if !defined(NO_WOLFSSL_SERVER) && defined(HAVE_SECURE_RENEGOTIATION)
+#if !defined(NO_WOLFSSL_SERVER)
         if (ssl->options.side == WOLFSSL_SERVER_END) {
             ret = SendHelloRequest(ssl);
             if (ret != 0) {
@@ -4062,7 +4087,7 @@ static int _Rehandshake(WOLFSSL* ssl)
                 return WOLFSSL_FATAL_ERROR;
             }
         }
-#endif /* !NO_WOLFSSL_SERVER && HAVE_SECURE_RENEGOTIATION */
+#endif /* !NO_WOLFSSL_SERVER */
 
         ret = InitHandshakeHashes(ssl);
         if (ret != 0) {
@@ -4093,6 +4118,8 @@ int wolfSSL_Rehandshake(WOLFSSL* ssl)
     if (ssl->options.side == WOLFSSL_SERVER_END) {
         /* Reset option to send certificate verify. */
         ssl->options.sendVerify = 0;
+        /* Reset resuming flag to do full secure handshake. */
+        ssl->options.resuming = 0;
     }
     else {
         /* Reset resuming flag to do full secure handshake. */
@@ -4134,6 +4161,8 @@ int wolfSSL_SecureResume(WOLFSSL* ssl)
 
 #endif /* NO_WOLFSSL_CLIENT */
 
+#endif /* HAVE_SECURE_RENEGOTIATION */
+
 long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("wolfSSL_SSL_get_secure_renegotiation_support");
@@ -4446,12 +4475,14 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
         /* call wolfSSL_shutdown again for bidirectional shutdown */
         if (ssl->options.sentNotify && !ssl->options.closeNotify) {
             ret = ProcessReply(ssl);
-            if (ret == ZERO_RETURN) {
+            if ((ret == ZERO_RETURN) || (ret == SOCKET_ERROR_E)) {
                 /* simulate OpenSSL behavior */
                 ssl->options.shutdownDone = 1;
                 /* Clear error */
                 ssl->error = WOLFSSL_ERROR_NONE;
                 ret = WOLFSSL_SUCCESS;
+            } else if (ret == MEMORY_E) {
+                ret = WOLFSSL_FATAL_ERROR;
             } else if (ssl->error == WOLFSSL_ERROR_NONE) {
                 ret = WOLFSSL_SHUTDOWN_NOT_DONE;
             } else {
@@ -4462,7 +4493,7 @@ int wolfSSL_shutdown(WOLFSSL* ssl)
     }
 
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
-    /* reset WOLFSSL structure state for possible re-use */
+    /* reset WOLFSSL structure state for possible reuse */
     if (ret == WOLFSSL_SUCCESS) {
         if (wolfSSL_clear(ssl) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("could not clear WOLFSSL");
@@ -4507,7 +4538,15 @@ int wolfSSL_get_error(WOLFSSL* ssl, int ret)
         return WOLFSSL_ERROR_WANT_WRITE;        /* convert to OpenSSL type */
     else if (ssl->error == ZERO_RETURN || ssl->options.shutdownDone)
         return WOLFSSL_ERROR_ZERO_RETURN;       /* convert to OpenSSL type */
-    return ssl->error;
+#ifdef OPENSSL_EXTRA
+    else if (ssl->error == SOCKET_PEER_CLOSED_E)
+        return WOLFSSL_ERROR_SYSCALL;           /* convert to OpenSSL type */
+#endif
+#if defined(WOLFSSL_HAPROXY)
+    return GetX509Error(ssl->error);
+#else
+    return (ssl->error);
+#endif
 }
 
 
@@ -5018,7 +5057,6 @@ int wolfSSL_GetSequenceNumber(WOLFSSL* ssl, word64 *seq)
 #endif /* ATOMIC_USER */
 
 #ifndef NO_CERTS
-
 WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX* ctx)
 {
     WOLFSSL_CERT_MANAGER* cm = NULL;
@@ -5026,298 +5064,6 @@ WOLFSSL_CERT_MANAGER* wolfSSL_CTX_GetCertManager(WOLFSSL_CTX* ctx)
         cm = ctx->cm;
     return cm;
 }
-
-WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
-{
-    WOLFSSL_CERT_MANAGER* cm;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerNew");
-
-    cm = (WOLFSSL_CERT_MANAGER*) XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), heap,
-                                         DYNAMIC_TYPE_CERT_MANAGER);
-    if (cm) {
-        int ret;
-
-        XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
-
-        if (wc_InitMutex(&cm->caLock) != 0) {
-            WOLFSSL_MSG("Bad mutex init");
-            wolfSSL_CertManagerFree(cm);
-            return NULL;
-        }
-
-        wolfSSL_RefInit(&cm->ref, &ret);
-    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
-        if (ret != 0) {
-            WOLFSSL_MSG("Bad mutex init");
-            wolfSSL_CertManagerFree(cm);
-            return NULL;
-        }
-    #else
-        (void)ret;
-    #endif
-
-        #ifdef WOLFSSL_TRUST_PEER_CERT
-        if (wc_InitMutex(&cm->tpLock) != 0) {
-            WOLFSSL_MSG("Bad mutex init");
-            wolfSSL_CertManagerFree(cm);
-            return NULL;
-        }
-        #endif
-
-        /* set default minimum key size allowed */
-        #ifndef NO_RSA
-            cm->minRsaKeySz = MIN_RSAKEY_SZ;
-        #endif
-        #ifdef HAVE_ECC
-            cm->minEccKeySz = MIN_ECCKEY_SZ;
-        #endif
-        #ifdef HAVE_PQC
-        #ifdef HAVE_FALCON
-            cm->minFalconKeySz = MIN_FALCONKEY_SZ;
-        #endif /* HAVE_FALCON */
-        #ifdef HAVE_DILITHIUM
-            cm->minDilithiumKeySz = MIN_DILITHIUMKEY_SZ;
-        #endif /* HAVE_DILITHIUM */
-        #endif /* HAVE_PQC */
-
-            cm->heap = heap;
-    }
-
-    return cm;
-}
-
-
-WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
-{
-    return wolfSSL_CertManagerNew_ex(NULL);
-}
-
-
-void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerFree");
-
-    if (cm) {
-        int doFree = 0;
-        int ret;
-
-        wolfSSL_RefDec(&cm->ref, &doFree, &ret);
-    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
-        if (ret != 0) {
-            WOLFSSL_MSG("Couldn't lock cm mutex");
-        }
-    #else
-        (void)ret;
-    #endif
-        if (doFree) {
-            #ifdef HAVE_CRL
-                if (cm->crl)
-                    FreeCRL(cm->crl, 1);
-            #endif
-            #ifdef HAVE_OCSP
-                if (cm->ocsp)
-                    FreeOCSP(cm->ocsp, 1);
-                XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
-            #if !defined(NO_WOLFSSL_SERVER) && \
-                (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
-                 defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
-                if (cm->ocsp_stapling)
-                    FreeOCSP(cm->ocsp_stapling, 1);
-            #endif
-            #endif
-            FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
-            wc_FreeMutex(&cm->caLock);
-
-            #ifdef WOLFSSL_TRUST_PEER_CERT
-            FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
-            wc_FreeMutex(&cm->tpLock);
-            #endif
-            wolfSSL_RefFree(&cm->ref);
-            XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER);
-        }
-    }
-
-}
-
-int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm)
-{
-    if (cm) {
-        int ret;
-
-        wolfSSL_RefInc(&cm->ref, &ret);
-    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
-        if (ret != 0) {
-            WOLFSSL_MSG("Failed to lock cm mutex");
-            return WOLFSSL_FAILURE;
-        }
-    #else
-        (void)ret;
-    #endif
-
-        return WOLFSSL_SUCCESS;
-    }
-
-    return WOLFSSL_FAILURE;
-}
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
-#if defined(WOLFSSL_SIGNER_DER_CERT)
-/******************************************************************************
-* wolfSSL_CertManagerGetCerts - retrieve stack of X509 certificates in a
-* certificate manager (CM).
-*
-* RETURNS:
-* returns stack of X509 certs on success, otherwise returns a NULL.
-*/
-WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_STACK* sk = NULL;
-    int numCerts = 0;
-    DerBuffer** certBuffers = NULL;
-    const byte* derBuffer = NULL;
-    Signer* signers = NULL;
-    word32  row = 0;
-    WOLFSSL_X509* x509 = NULL;
-    int i = 0;
-    int ret = 0;
-
-    if (cm == NULL)
-        return NULL;
-
-    sk = wolfSSL_sk_X509_new_null();
-    if (sk == NULL)
-        goto error;
-
-    if (wc_LockMutex(&cm->caLock) != 0)
-        goto error;
-
-    /* Iterate once to get the number of certs, for memory allocation
-       purposes. */
-    for (row = 0; row < CA_TABLE_SIZE; row++) {
-        signers = cm->caTable[row];
-        while (signers && signers->derCert && signers->derCert->buffer) {
-            ++numCerts;
-            signers = signers->next;
-        }
-    }
-
-    if (numCerts == 0) {
-        wc_UnLockMutex(&cm->caLock);
-        goto error;
-    }
-
-    certBuffers = (DerBuffer**)XMALLOC(sizeof(DerBuffer*) * numCerts, cm->heap,
-                                       DYNAMIC_TYPE_TMP_BUFFER);
-    if (certBuffers == NULL) {
-        wc_UnLockMutex(&cm->caLock);
-        goto error;
-    }
-    XMEMSET(certBuffers, 0, sizeof(DerBuffer*) * numCerts);
-
-    /* Copy the certs locally so that we can release the caLock. If the lock is
-       held when wolfSSL_d2i_X509 is called, GetCA will also try to get the
-       lock, leading to deadlock. */
-    for (row = 0; row < CA_TABLE_SIZE; row++) {
-        signers = cm->caTable[row];
-        while (signers && signers->derCert && signers->derCert->buffer) {
-            ret = AllocDer(&certBuffers[i], signers->derCert->length, CA_TYPE,
-                           cm->heap);
-            if (ret < 0) {
-                wc_UnLockMutex(&cm->caLock);
-                goto error;
-            }
-
-            XMEMCPY(certBuffers[i]->buffer, signers->derCert->buffer,
-                    signers->derCert->length);
-            certBuffers[i]->length = signers->derCert->length;
-
-            ++i;
-            signers = signers->next;
-        }
-    }
-
-    wc_UnLockMutex(&cm->caLock);
-
-    for (i = 0; i < numCerts; ++i) {
-        derBuffer = certBuffers[i]->buffer;
-        wolfSSL_d2i_X509(&x509, &derBuffer, certBuffers[i]->length);
-        if (x509 == NULL)
-            goto error;
-
-        if (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) {
-            wolfSSL_X509_free(x509);
-            goto error;
-        }
-    }
-
-    for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
-        FreeDer(&certBuffers[i]);
-    }
-
-    XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return sk;
-
-error:
-    if (sk)
-        wolfSSL_sk_X509_pop_free(sk, NULL);
-
-    if (certBuffers != NULL) {
-        for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
-            FreeDer(&certBuffers[i]);
-        }
-    }
-
-    if (certBuffers)
-        XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-
-    return NULL;
-}
-
-#endif /* WOLFSSL_SIGNER_DER_CERT */
-#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM */
-
-/* Unload the CA signer list */
-int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerUnloadCAs");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (wc_LockMutex(&cm->caLock) != 0)
-        return BAD_MUTEX_E;
-
-    FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
-
-    wc_UnLockMutex(&cm->caLock);
-
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-#ifdef WOLFSSL_TRUST_PEER_CERT
-int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerUnload_trust_peers");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (wc_LockMutex(&cm->tpLock) != 0)
-        return BAD_MUTEX_E;
-
-    FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
-
-    wc_UnLockMutex(&cm->tpLock);
-
-
-    return WOLFSSL_SUCCESS;
-}
-#endif /* WOLFSSL_TRUST_PEER_CERT */
-
 #endif /* NO_CERTS */
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) \
@@ -5787,6 +5533,46 @@ Signer* GetCA(void* vp, byte* hash)
     return ret;
 }
 
+#ifdef WOLFSSL_AKID_NAME
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+        const byte* serial, word32 serialSz)
+{
+    WOLFSSL_CERT_MANAGER* cm = (WOLFSSL_CERT_MANAGER*)vp;
+    Signer* ret = NULL;
+    Signer* signers;
+    byte nameHash[SIGNER_DIGEST_SIZE];
+    byte serialHash[SIGNER_DIGEST_SIZE];
+    word32 row;
+
+    if (cm == NULL || issuer == NULL || issuerSz == 0 ||
+            serial == NULL || serialSz == 0)
+        return NULL;
+
+    if (CalcHashId(issuer, issuerSz, nameHash) != 0 ||
+            CalcHashId(serial, serialSz, serialHash) != 0)
+        return NULL;
+
+    if (wc_LockMutex(&cm->caLock) != 0)
+        return ret;
+
+    /* Unfortunately we need to look through the entire table */
+    for (row = 0; row < CA_TABLE_SIZE && ret == NULL; row++) {
+        for (signers = cm->caTable[row]; signers != NULL;
+                signers = signers->next) {
+            if (XMEMCMP(signers->subjectNameHash, nameHash, SIGNER_DIGEST_SIZE)
+                    == 0 && XMEMCMP(signers->serialHash, serialHash,
+                                    SIGNER_DIGEST_SIZE) == 0) {
+                ret = signers;
+                break;
+            }
+        }
+    }
+
+    wc_UnLockMutex(&cm->caLock);
+
+    return ret;
+}
+#endif
 
 #ifndef NO_SKID
 /* return CA if found, otherwise NULL. Walk through hash table. */
@@ -6090,6 +5876,10 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
         if (!signer)
             ret = MEMORY_ERROR;
     }
+#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
+    if (ret == 0 && signer != NULL)
+        ret = CalcHashId(cert->serial, cert->serialSz, signer->serialHash);
+#endif
     if (ret == 0 && signer != NULL) {
     #ifdef WOLFSSL_SIGNER_DER_CERT
         ret = AllocDer(&signer->derCert, der->length, der->type, NULL);
@@ -6106,9 +5896,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
             signer->nameLen        = cert->subjectCNLen;
             signer->name           = cert->subjectCN;
         }
-        signer->pathLength     = cert->pathLength;
         signer->maxPathLen     = cert->maxPathLen;
-        signer->pathLengthSet  = cert->pathLengthSet;
         signer->selfSigned     = cert->selfSigned;
     #ifndef IGNORE_NAME_CONSTRAINTS
         signer->permittedNames = cert->permittedNames;
@@ -6120,6 +5908,10 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
     #endif
         XMEMCPY(signer->subjectNameHash, cert->subjectHash,
                 SIGNER_DIGEST_SIZE);
+    #if defined(HAVE_OCSP) || defined(HAVE_CRL)
+        XMEMCPY(signer->issuerNameHash, cert->issuerHash,
+                SIGNER_DIGEST_SIZE);
+    #endif
     #ifdef HAVE_OCSP
         XMEMCPY(signer->subjectKeyHash, cert->subjectKeyHash,
                 KEYID_SIZE);
@@ -6152,7 +5944,7 @@ int AddCA(WOLFSSL_CERT_MANAGER* cm, DerBuffer** pDer, int type, int verify)
             ret = BAD_MUTEX_E;
         }
     }
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     /* Verify CA by TSIP so that generated tsip key is going to be able to */
     /* be used for peer's cert verification                                */
     /* TSIP is only able to handle USER CA, and only one CA.               */
@@ -6474,6 +6266,7 @@ int wolfSSL_Init(void)
         }
     #endif
 #endif
+#ifndef WOLFSSL_MUTEX_INITIALIZER
         if (ret == WOLFSSL_SUCCESS) {
             if (wc_InitMutex(&count_mutex) != 0) {
                 WOLFSSL_MSG("Bad Init Mutex count");
@@ -6483,6 +6276,7 @@ int wolfSSL_Init(void)
                 count_mutex_valid = 1;
             }
         }
+#endif /* !WOLFSSL_MUTEX_INITIALIZER */
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ATEXIT)
         /* OpenSSL registers cleanup using atexit */
         if ((ret == WOLFSSL_SUCCESS) && (atexit(AtExitCleanup) != 0)) {
@@ -6528,7 +6322,8 @@ static int ProcessUserChain(WOLFSSL_CTX* ctx, const unsigned char* buff,
     }
 
     /* we may have a user cert chain, try to consume */
-    if ((type == CERT_TYPE || type == CA_TYPE) && (info->consumed < sz)) {
+    if ((type == CERT_TYPE || type == CHAIN_CERT_TYPE || type == CA_TYPE) &&
+            (info->consumed < sz)) {
     #ifdef WOLFSSL_SMALL_STACK
         byte   staticBuffer[1];                 /* force heap usage */
     #else
@@ -6688,7 +6483,8 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
 #ifdef WOLF_PRIVATE_KEY_ID
     if ((ret != 0) && (devId != INVALID_DEVID
     #ifdef HAVE_PK_CALLBACKS
-        || wolfSSL_CTX_IsPrivatePkSet(ctx)
+            || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+                                wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
     #endif
     )) {
         word32 nSz;
@@ -6766,7 +6562,8 @@ static int ProcessBufferTryDecodeRsa(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     #ifdef WOLF_PRIVATE_KEY_ID
         if (ret != 0 && (devId != INVALID_DEVID
         #ifdef HAVE_PK_CALLBACKS
-            || wolfSSL_CTX_IsPrivatePkSet(ctx)
+            || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+                                wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
         #endif
         )) {
             /* if using crypto or PK callbacks, try public key decode */
@@ -6847,7 +6644,8 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     #ifdef WOLF_PRIVATE_KEY_ID
         if (ret != 0 && (devId != INVALID_DEVID
         #ifdef HAVE_PK_CALLBACKS
-            || wolfSSL_CTX_IsPrivatePkSet(ctx)
+            || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+                                wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
         #endif
         )) {
             /* if using crypto or PK callbacks, try public key decode */
@@ -6868,11 +6666,23 @@ static int ProcessBufferTryDecodeEcc(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
             if (ssl) {
                 ssl->options.haveStaticECC = 1;
                 ssl->buffers.keyType = ecc_dsa_sa_algo;
+            #ifdef WOLFSSL_SM2
+                if (key->dp->id == ECC_SM2P256V1)
+                    ssl->buffers.keyType = sm2_sa_algo;
+                else
+            #endif
+                    ssl->buffers.keyType = ecc_dsa_sa_algo;
                 ssl->buffers.keySz = *keySz;
             }
             else {
                 ctx->haveStaticECC = 1;
                 ctx->privateKeyType = ecc_dsa_sa_algo;
+            #ifdef WOLFSSL_SM2
+                if (key->dp->id == ECC_SM2P256V1)
+                    ctx->privateKeyType = sm2_sa_algo;
+                else
+            #endif
+                    ctx->privateKeyType = ecc_dsa_sa_algo;
                 ctx->privateKeySz = *keySz;
             }
 
@@ -6921,7 +6731,8 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     #ifdef WOLF_PRIVATE_KEY_ID
         if (ret != 0 && (devId != INVALID_DEVID
         #ifdef HAVE_PK_CALLBACKS
-            || wolfSSL_CTX_IsPrivatePkSet(ctx)
+            || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+                                wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
         #endif
         )) {
             /* if using crypto or PK callbacks, try public key decode */
@@ -6949,9 +6760,11 @@ static int ProcessBufferTryDecodeEd25519(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
 
                 *keyFormat = ED25519k;
                 if (ssl != NULL) {
+#if !defined(WOLFSSL_NO_CLIENT_AUTH) && !defined(NO_ED25519_CLIENT_AUTH)
                     /* ED25519 requires caching enabled for tracking message
                      * hash used in EdDSA_Update for signing */
                     ssl->options.cacheMessages = 1;
+#endif
                     if (ssl->options.side == WOLFSSL_SERVER_END) {
                         *resetSuites = 1;
                     }
@@ -6998,7 +6811,8 @@ static int ProcessBufferTryDecodeEd448(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     #ifdef WOLF_PRIVATE_KEY_ID
         if (ret != 0 && (devId != INVALID_DEVID
         #ifdef HAVE_PK_CALLBACKS
-            || wolfSSL_CTX_IsPrivatePkSet(ctx)
+            || ((ssl == NULL) ? wolfSSL_CTX_IsPrivatePkSet(ctx) :
+                                wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
         #endif
         )) {
             /* if using crypto or PK callbacks, try public key decode */
@@ -7227,7 +7041,11 @@ static int ProcessBufferTryDecode(WOLFSSL_CTX* ctx, WOLFSSL* ssl,
     }
 #endif
 #ifdef HAVE_ECC
-    if ((*keyFormat == 0 || *keyFormat == ECDSAk)) {
+    if ((*keyFormat == 0) || (*keyFormat == ECDSAk)
+    #ifdef WOLFSSL_SM2
+        || (*keyFormat == SM2k)
+    #endif
+        ) {
         ret = ProcessBufferTryDecodeEcc(ctx, ssl, der, keySz, idx, resetSuites,
             keyFormat, heap, devId);
         if (ret != 0)
@@ -7316,6 +7134,10 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
     if (ctx == NULL && ssl == NULL)
         return BAD_FUNC_ARG;
 
+    /* This API does not handle CHAIN_CERT_TYPE */
+    if (type == CHAIN_CERT_TYPE)
+        return BAD_FUNC_ARG;
+
 #ifdef WOLFSSL_SMALL_STACK
     info = (EncryptedInfo*)XMALLOC(sizeof(EncryptedInfo), heap,
                                    DYNAMIC_TYPE_ENCRYPTEDINFO);
@@ -7341,20 +7163,18 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
     else {
         /* ASN1 (DER) */
         int length = (int)sz;
-        if (format == WOLFSSL_FILETYPE_ASN1) {
-            /* get length of der (read sequence or octet string) */
-            word32 inOutIdx = 0;
-            if (GetSequence(buff, &inOutIdx, &length, (word32)sz) >= 0) {
-                length += inOutIdx; /* include leading sequence */
-            }
-            /* get length using octet string (allowed for private key types) */
-            else if (type == PRIVATEKEY_TYPE &&
+        word32 inOutIdx = 0;
+        /* get length of der (read sequence or octet string) */
+        if (GetSequence(buff, &inOutIdx, &length, (word32)sz) >= 0) {
+            length += inOutIdx; /* include leading sequence */
+        }
+        /* get length using octet string (allowed for private key types) */
+        else if (type == PRIVATEKEY_TYPE &&
                     GetOctetString(buff, &inOutIdx, &length, (word32)sz) >= 0) {
-                length += inOutIdx; /* include leading oct string */
-            }
-            else {
-                ret = ASN_PARSE_E;
-            }
+            length += inOutIdx; /* include leading oct string */
+        }
+        else {
+            ret = ASN_PARSE_E;
         }
 
         info->consumed = length;
@@ -7393,8 +7213,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
          * Remainder are processed using ProcessUserChain and are loaded into
          *   ssl->buffers.certChain. */
         if (userChain) {
-            ret = ProcessUserChain(ctx, buff, sz, format, type, ssl, used, info,
-                                   verify);
+            ret = ProcessUserChain(ctx, buff, sz, format, CHAIN_CERT_TYPE, ssl,
+                                   used, info, verify);
             if (ret == ASN_NO_PEM_HEADER) { /* Additional chain is optional */
                 unsigned long pemErr = 0;
                 CLEAR_ASN_NO_PEM_HEADER_ERROR(pemErr);
@@ -7434,9 +7254,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
     else if (type == TRUSTED_PEER_TYPE) {
         /* add trusted peer cert. der is freed within */
         if (ctx != NULL)
-            ret = AddTrustedPeer(ctx->cm, &der, !ctx->verifyNone);
-        else
-            ret = AddTrustedPeer(SSL_CM(ssl), &der, !ssl->options.verifyNone);
+            ret = AddTrustedPeer(ctx->cm, &der, verify);
+        else {
+            SSL_CM_WARNING(ssl);
+            ret = AddTrustedPeer(SSL_CM(ssl), &der, verify);
+        }
         if (ret != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("Error adding trusted peer");
         }
@@ -7555,12 +7377,12 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
         }
     #endif /* WOLFSSL_ENCRYPTED_KEYS && !NO_PWDBASED */
 
-    #ifdef WOLFSSL_SMALL_STACK
-        XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
-    #endif
-
-        if (ret != 0)
+        if (ret != 0) {
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+        #endif
             return ret;
+        }
         if (keyFormat == 0) {
 #ifdef OPENSSL_EXTRA
             /* Reaching this point probably means that the
@@ -7568,10 +7390,17 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
             if (info->passwd_cb)
                 EVPerr(0, EVP_R_BAD_DECRYPT);
 #endif
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+        #endif
             WOLFSSL_ERROR(WOLFSSL_BAD_FILE);
             return WOLFSSL_BAD_FILE;
         }
 
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(info, heap, DYNAMIC_TYPE_ENCRYPTEDINFO);
+    #endif
+
         (void)devId;
     }
     else if (type == CERT_TYPE) {
@@ -7602,6 +7431,20 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
         #endif
             return WOLFSSL_BAD_FILE;
         }
+#if defined(HAVE_RPK)
+        if (ssl) {
+            ssl->options.rpkState.isRPKLoaded = 0;
+            if (cert->isRPK) {
+                ssl->options.rpkState.isRPKLoaded = 1;
+            }
+        }
+        else if (ctx) {
+            ctx->rpkState.isRPKLoaded = 0;
+            if (cert->isRPK) {
+                ctx->rpkState.isRPKLoaded = 1;
+            }
+        }
+#endif /* HAVE_RPK */
 
         if (ssl) {
             if (ssl->options.side == WOLFSSL_SERVER_END)
@@ -7622,6 +7465,9 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
             case CTC_SHA512wECDSA:
             case CTC_ED25519:
             case CTC_ED448:
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+            case CTC_SM3wSM2:
+        #endif
                 WOLFSSL_MSG("ECDSA/ED25519/ED448 cert signature");
                 if (ssl)
                     ssl->options.haveECDSAsig = 1;
@@ -7671,6 +7517,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
             }
             #endif
             #endif
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                else if (cert->keyOID == SM2k) {
+                    ssl->options.haveECC = 1;
+                }
+            #endif
             #ifdef HAVE_ED25519
                 else if (cert->keyOID == ED25519k) {
                     ssl->options.haveECC = 1;
@@ -7718,6 +7569,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
             }
             #endif
             #endif
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+            else if (cert->keyOID == SM2k) {
+                ctx->haveECC = 1;
+            }
+            #endif
             #ifdef HAVE_ED25519
                 else if (cert->keyOID == ED25519k) {
                     ctx->haveECC = 1;
@@ -7790,8 +7646,16 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                 keyType = ecc_dsa_sa_algo;
             #endif
                 /* Determine ECC key size based on curve */
-                keySz = wc_ecc_get_curve_size_from_id(
-                    wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+            #ifdef WOLFSSL_CUSTOM_CURVES
+                if (cert->pkCurveOID == 0 && cert->pkCurveSize != 0) {
+                    keySz = cert->pkCurveSize * 8;
+                }
+                else
+            #endif
+                {
+                    keySz = wc_ecc_get_curve_size_from_id(
+                        wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+                }
 
                 if (ssl && !ssl->options.verifyNone) {
                     if (ssl->options.minEccKeySz < 0 ||
@@ -7809,6 +7673,30 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                 }
                 break;
         #endif /* HAVE_ECC */
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+            case SM2k:
+            #ifdef WOLF_PRIVATE_KEY_ID
+                keyType = sm2_sa_algo;
+            #endif
+                /* Determine ECC key size based on curve */
+                keySz = wc_ecc_get_curve_size_from_id(
+                    wc_ecc_get_oid(cert->pkCurveOID, NULL, NULL));
+                if (ssl && !ssl->options.verifyNone) {
+                    if (ssl->options.minEccKeySz < 0 ||
+                          keySz < (int)ssl->options.minEccKeySz) {
+                        ret = ECC_KEY_SIZE_E;
+                        WOLFSSL_MSG("Certificate Ed key size error");
+                    }
+                }
+                else if (ctx && !ctx->verifyNone) {
+                    if (ctx->minEccKeySz < 0 ||
+                                  keySz < (int)ctx->minEccKeySz) {
+                        ret = ECC_KEY_SIZE_E;
+                        WOLFSSL_MSG("Certificate ECC key size error");
+                    }
+                }
+                break;
+        #endif /* HAVE_ED25519 */
         #ifdef HAVE_ED25519
             case ED25519k:
             #ifdef WOLF_PRIVATE_KEY_ID
@@ -7908,11 +7796,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
 
     #ifdef WOLF_PRIVATE_KEY_ID
         if (ssl != NULL) {
-            ssl->buffers.keyType = keyType;
+            ssl->buffers.keyType = (byte)keyType;
             ssl->buffers.keySz = keySz;
         }
         else if (ctx != NULL) {
-            ctx->privateKeyType = keyType;
+            ctx->privateKeyType = (byte)keyType;
             ctx->privateKeySz = keySz;
         }
     #endif
@@ -8061,116 +7949,8 @@ static int ProcessChainBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
 }
 
 
-static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void)
-{
-    #ifndef NO_WOLFSSL_CLIENT
-        #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
-            return wolfSSLv3_client_method();
-        #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
-            return wolfTLSv1_client_method();
-        #elif !defined(NO_OLD_TLS)
-            return wolfTLSv1_1_client_method();
-        #elif !defined(WOLFSSL_NO_TLS12)
-            return wolfTLSv1_2_client_method();
-        #elif defined(WOLFSSL_TLS13)
-            return wolfTLSv1_3_client_method();
-        #else
-            return NULL;
-        #endif
-    #elif !defined(NO_WOLFSSL_SERVER)
-        #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
-            return wolfSSLv3_server_method();
-        #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
-            return wolfTLSv1_server_method();
-        #elif !defined(NO_OLD_TLS)
-            return wolfTLSv1_1_server_method();
-        #elif !defined(WOLFSSL_NO_TLS12)
-            return wolfTLSv1_2_server_method();
-        #elif defined(WOLFSSL_TLS13)
-            return wolfTLSv1_3_server_method();
-        #else
-            return NULL;
-        #endif
-    #else
-        return NULL;
-    #endif
-}
-
-
-int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
-                                       const unsigned char* in, long sz,
-                                       int format, int userChain, word32 flags)
-{
-    int ret = WOLFSSL_FATAL_ERROR;
-    WOLFSSL_CTX* tmp;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCABuffer_ex");
-
-    if (cm == NULL) {
-        WOLFSSL_MSG("No CertManager error");
-        return ret;
-    }
-    tmp = wolfSSL_CTX_new(cm_pick_method());
-
-    if (tmp == NULL) {
-        WOLFSSL_MSG("CTX new failed");
-        return ret;
-    }
-
-    /* for tmp use */
-    wolfSSL_CertManagerFree(tmp->cm);
-    tmp->cm = cm;
-
-    ret = wolfSSL_CTX_load_verify_buffer_ex(tmp, in, sz, format,
-                                            userChain, flags);
-
-    /* don't loose our good one */
-    tmp->cm = NULL;
-    wolfSSL_CTX_free(tmp);
-
-    return ret;
-}
-
-/* like load verify locations, 1 for success, < 0 for error */
-int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
-                                    const unsigned char* in, long sz,
-                                    int format)
-{
-    return wolfSSL_CertManagerLoadCABuffer_ex(cm, in, sz, format, 0,
-                                             WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);
-}
-
 #ifdef HAVE_CRL
 
-int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
-                                   const unsigned char* buff, long sz, int type)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLBuffer");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (cm->crl == NULL) {
-        if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("Enable CRL failed");
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    return BufferLoadCRL(cm->crl, buff, sz, type, VERIFY);
-}
-
-int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerFreeCRL");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-    if (cm->crl != NULL){
-        FreeCRL(cm->crl, 1);
-        cm->crl = NULL;
-    }
-    return WOLFSSL_SUCCESS;
-}
-
 int wolfSSL_CTX_LoadCRLBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                               long sz, int type)
 {
@@ -8191,443 +7971,20 @@ int wolfSSL_LoadCRLBuffer(WOLFSSL* ssl, const unsigned char* buff,
     if (ssl == NULL || ssl->ctx == NULL)
         return BAD_FUNC_ARG;
 
+    SSL_CM_WARNING(ssl);
     return wolfSSL_CertManagerLoadCRLBuffer(SSL_CM(ssl), buff, sz, type);
 }
 
-
 #endif /* HAVE_CRL */
 
-/* turn on CRL if off and compiled in, set options */
-int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    (void)options;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    #ifdef HAVE_CRL
-        if (cm->crl == NULL) {
-            cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,
-                                            DYNAMIC_TYPE_CRL);
-            if (cm->crl == NULL)
-                return MEMORY_E;
-
-            if (InitCRL(cm->crl, cm) != 0) {
-                WOLFSSL_MSG("Init CRL failed");
-                FreeCRL(cm->crl, 1);
-                cm->crl = NULL;
-                return WOLFSSL_FAILURE;
-            }
-
-        #if defined(HAVE_CRL_IO) && defined(USE_WOLFSSL_IO)
-            cm->crl->crlIOCb = EmbedCrlLookup;
-        #endif
-        }
-
-        cm->crlEnabled = 1;
-        if (options & WOLFSSL_CRL_CHECKALL)
-            cm->crlCheckAll = 1;
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-
-    return ret;
-}
-
-
-int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    cm->crlEnabled = 0;
-
-    return WOLFSSL_SUCCESS;
-}
-
-#ifndef NO_WOLFSSL_CM_VERIFY
-void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerSetVerify");
-    if (cm == NULL)
-        return;
-
-    cm->verifyCallback = vc;
-}
-#endif /* NO_WOLFSSL_CM_VERIFY */
-
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
-                                    long sz, int format, int err_val)
-{
-    int ret = 0;
-    DerBuffer* der = NULL;
-#ifdef WOLFSSL_SMALL_STACK
-    DecodedCert* cert;
-#else
-    DecodedCert  cert[1];
-#endif
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerVerifyBuffer");
-
-#ifdef WOLFSSL_SMALL_STACK
-    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
-                                 DYNAMIC_TYPE_DCERT);
-    if (cert == NULL)
-        return MEMORY_E;
-#endif
-
-    if (format == WOLFSSL_FILETYPE_PEM) {
-#ifdef WOLFSSL_PEM_TO_DER
-        ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, NULL, NULL);
-        if (ret != 0) {
-            FreeDer(&der);
-        #ifdef WOLFSSL_SMALL_STACK
-            XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-        #endif
-            return ret;
-        }
-        InitDecodedCert(cert, der->buffer, der->length, cm->heap);
-#else
-        ret = NOT_COMPILED_IN;
-#endif
-    }
-    else {
-        InitDecodedCert(cert, buff, (word32)sz, cm->heap);
-    }
-
-    if (ret == 0)
-        ret = ParseCertRelative(cert, CERT_TYPE, 1, cm);
-
-#ifdef HAVE_CRL
-    if (ret == 0 && cm->crlEnabled)
-        ret = CheckCertCRL(cm->crl, cert);
-#endif
-
-#ifndef NO_WOLFSSL_CM_VERIFY
-    /* if verify callback has been set */
-    if (cm->verifyCallback) {
-        buffer certBuf;
-    #ifdef WOLFSSL_SMALL_STACK
-        ProcPeerCertArgs* args;
-        args = (ProcPeerCertArgs*)XMALLOC(
-            sizeof(ProcPeerCertArgs), cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (args == NULL) {
-            XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-            return MEMORY_E;
-        }
-    #else
-        ProcPeerCertArgs  args[1];
-    #endif
-
-        certBuf.buffer = (byte*)buff;
-        certBuf.length = (unsigned int)sz;
-        XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
-
-        args->totalCerts = 1;
-        args->certs = &certBuf;
-        args->dCert = cert;
-        args->dCertInit = 1;
-
-        if (err_val != 0) {
-            ret = err_val;
-        }
-        ret = DoVerifyCallback(cm, NULL, ret, args);
-    #ifdef WOLFSSL_SMALL_STACK
-        XFREE(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    #endif
-    }
-#else
-    (void)err_val;
-#endif
-
-    FreeDecodedCert(cert);
-    FreeDer(&der);
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-#endif
-
-    return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
-                                    long sz, int format)
-{
-    return CM_VerifyBuffer_ex(cm, buff, sz, format, 0);
-}
-#endif /* !NO_WOLFSSL_CLIENT || !WOLFSSL_NO_CLIENT_AUTH */
-
-/* turn on OCSP if off and compiled in, set options */
-int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    (void)options;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSP");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    #ifdef HAVE_OCSP
-        if (cm->ocsp == NULL) {
-            cm->ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm->heap,
-                                              DYNAMIC_TYPE_OCSP);
-            if (cm->ocsp == NULL)
-                return MEMORY_E;
-
-            if (InitOCSP(cm->ocsp, cm) != 0) {
-                WOLFSSL_MSG("Init OCSP failed");
-                FreeOCSP(cm->ocsp, 1);
-                cm->ocsp = NULL;
-                return WOLFSSL_FAILURE;
-            }
-        }
-        cm->ocspEnabled = 1;
-        if (options & WOLFSSL_OCSP_URL_OVERRIDE)
-            cm->ocspUseOverrideURL = 1;
-        if (options & WOLFSSL_OCSP_NO_NONCE)
-            cm->ocspSendNonce = 0;
-        else
-            cm->ocspSendNonce = 1;
-        if (options & WOLFSSL_OCSP_CHECKALL)
-            cm->ocspCheckAll = 1;
-        #ifndef WOLFSSL_USER_IO
-            cm->ocspIOCb = EmbedOcspLookup;
-            cm->ocspRespFreeCb = EmbedOcspRespFree;
-            cm->ocspIOCtx = cm->heap;
-        #endif /* WOLFSSL_USER_IO */
-    #else
-        ret = NOT_COMPILED_IN;
-    #endif
-
-    return ret;
-}
-
-
-int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSP");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    cm->ocspEnabled = 0;
-
-    return WOLFSSL_SUCCESS;
-}
-
-/* turn on OCSP Stapling if off and compiled in, set options */
-int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    #ifndef NO_WOLFSSL_SERVER
-    if (cm->ocsp_stapling == NULL) {
-        cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
-                                               cm->heap, DYNAMIC_TYPE_OCSP);
-        if (cm->ocsp_stapling == NULL)
-            return MEMORY_E;
-
-        if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
-            WOLFSSL_MSG("Init OCSP failed");
-            FreeOCSP(cm->ocsp_stapling, 1);
-            cm->ocsp_stapling = NULL;
-            return WOLFSSL_FAILURE;
-        }
-    }
-
-    #ifndef WOLFSSL_USER_IO
-        cm->ocspIOCb = EmbedOcspLookup;
-        cm->ocspRespFreeCb = EmbedOcspRespFree;
-        cm->ocspIOCtx = cm->heap;
-    #endif /* WOLFSSL_USER_IO */
-    #endif /* NO_WOLFSSL_SERVER */
-    cm->ocspStaplingEnabled = 1;
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-int wolfSSL_CertManagerDisableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPStapling");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    cm->ocspStaplingEnabled = 0;
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-    return ret;
-}
-
-/* require OCSP stapling response */
-int wolfSSL_CertManagerEnableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
-{
-    int ret;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPMustStaple");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    #ifndef NO_WOLFSSL_CLIENT
-        cm->ocspMustStaple = 1;
-    #endif
-    ret = WOLFSSL_SUCCESS;
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-
-    return ret;
-}
-
-int wolfSSL_CertManagerDisableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
-{
-    int ret;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPMustStaple");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
- || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
-    #ifndef NO_WOLFSSL_CLIENT
-        cm->ocspMustStaple = 0;
-    #endif
-    ret = WOLFSSL_SUCCESS;
-#else
-    ret = NOT_COMPILED_IN;
-#endif
-    return ret;
-}
-
 #ifdef HAVE_OCSP
-/* check CRL if enabled, WOLFSSL_SUCCESS  */
-int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
-{
-    int ret;
-#ifdef WOLFSSL_SMALL_STACK
-    DecodedCert* cert = NULL;
-#else
-    DecodedCert  cert[1];
-#endif
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (cm->ocspEnabled == 0)
-        return WOLFSSL_SUCCESS;
-
-#ifdef WOLFSSL_SMALL_STACK
-    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap, DYNAMIC_TYPE_DCERT);
-    if (cert == NULL)
-        return MEMORY_E;
-#endif
-
-    InitDecodedCert(cert, der, sz, NULL);
-
-    if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm)) != 0) {
-        WOLFSSL_MSG("ParseCert failed");
-    }
-    else if ((ret = CheckCertOCSP(cm->ocsp, cert, NULL)) != 0) {
-        WOLFSSL_MSG("CheckCertOCSP failed");
-    }
-
-    FreeDecodedCert(cert);
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
-#endif
-
-    return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
-    byte *response, int responseSz, buffer *responseBuffer,
-    CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
-{
-    int ret;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSPResponse");
-    if (cm == NULL || response == NULL)
-        return BAD_FUNC_ARG;
-    if (cm->ocspEnabled == 0)
-        return WOLFSSL_SUCCESS;
-
-    ret = CheckOcspResponse(cm->ocsp, response, responseSz, responseBuffer, status,
-                        entry, ocspRequest);
-
-    return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
-                                          const char* url)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSPOverrideURL");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
-    if (url != NULL) {
-        int urlSz = (int)XSTRLEN(url) + 1;
-        cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, DYNAMIC_TYPE_URL);
-        if (cm->ocspOverrideURL != NULL) {
-            XMEMCPY(cm->ocspOverrideURL, url, urlSz);
-        }
-        else
-            return MEMORY_E;
-    }
-    else
-        cm->ocspOverrideURL = NULL;
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
-                        CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSP_Cb");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    cm->ocspIOCb = ioCb;
-    cm->ocspRespFreeCb = respFreeCb;
-    cm->ocspIOCtx = ioCbCtx;
-
-    return WOLFSSL_SUCCESS;
-}
-
-
 int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options)
 {
     WOLFSSL_ENTER("wolfSSL_EnableOCSP");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerEnableOCSP(SSL_CM(ssl), options);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -8635,8 +7992,10 @@ int wolfSSL_EnableOCSP(WOLFSSL* ssl, int options)
 int wolfSSL_DisableOCSP(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("wolfSSL_DisableOCSP");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerDisableOCSP(SSL_CM(ssl));
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -8645,8 +8004,10 @@ int wolfSSL_DisableOCSP(WOLFSSL* ssl)
 int wolfSSL_EnableOCSPStapling(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("wolfSSL_EnableOCSPStapling");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerEnableOCSPStapling(SSL_CM(ssl));
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -8654,8 +8015,10 @@ int wolfSSL_EnableOCSPStapling(WOLFSSL* ssl)
 int wolfSSL_DisableOCSPStapling(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("wolfSSL_DisableOCSPStapling");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerDisableOCSPStapling(SSL_CM(ssl));
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -8663,8 +8026,10 @@ int wolfSSL_DisableOCSPStapling(WOLFSSL* ssl)
 int wolfSSL_SetOCSP_OverrideURL(WOLFSSL* ssl, const char* url)
 {
     WOLFSSL_ENTER("wolfSSL_SetOCSP_OverrideURL");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerSetOCSPOverrideURL(SSL_CM(ssl), url);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -8675,6 +8040,7 @@ int wolfSSL_SetOCSP_Cb(WOLFSSL* ssl,
 {
     WOLFSSL_ENTER("wolfSSL_SetOCSP_Cb");
     if (ssl) {
+        SSL_CM_WARNING(ssl);
         ssl->ocspIOCtx = ioCbCtx; /* use SSL specific ioCbCtx */
         return wolfSSL_CertManagerSetOCSP_Cb(SSL_CM(ssl),
                                              ioCb, respFreeCb, NULL);
@@ -8972,7 +8338,7 @@ int wolfSSL_CTX_load_verify_locations_ex(WOLFSSL_CTX* ctx, const char* file,
         /* pass directory read failure to response code */
         if (fileRet != WC_READDIR_NOFILE) {
             ret = fileRet;
-    #if defined(WOLFSSL_QT)
+    #if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
             if (ret == BAD_PATH_ERROR &&
                 flags & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR) {
                /* QSslSocket always loads certs in system folder
@@ -9076,6 +8442,18 @@ static int LoadSystemCaCertsWindows(WOLFSSL_CTX* ctx, byte* loaded)
 
 #elif defined(__APPLE__)
 
+#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
+  && !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+/*
+ * Manually obtains certificates from the system trust store and loads them
+ * directly into wolfSSL "the old way".
+ *
+ * As of MacOS 14.0 we are still able to use this method to access system
+ * certificates. Accessibility of this API is indicated by the presence of the
+ * Security/SecTrustSettings.h header. In the likely event that Apple removes
+ * access to this API on Macs, this function should be removed and the
+ * DoAppleNativeCertValidation() routine should be used for all devices.
+ */
 static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
 {
     int ret = WOLFSSL_SUCCESS;
@@ -9136,6 +8514,7 @@ static int LoadSystemCaCertsMac(WOLFSSL_CTX* ctx, byte* loaded)
 
     return ret;
 }
+#endif /* defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) */
 
 #else
 
@@ -9209,11 +8588,51 @@ int wolfSSL_CTX_load_system_CA_certs(WOLFSSL_CTX* ctx)
     WOLFSSL_ENTER("wolfSSL_CTX_load_system_CA_certs");
 
 #ifdef USE_WINDOWS_API
+
     ret = LoadSystemCaCertsWindows(ctx, &loaded);
+
 #elif defined(__APPLE__)
+
+#if defined(HAVE_SECURITY_SECTRUSTSETTINGS_H) \
+  && !defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+    /* As of MacOS 14.0 we are still able to access system certificates and
+     * load them manually into wolfSSL "the old way". Accessibility of this API
+     * is indicated by the presence of the Security/SecTrustSettings.h header */
     ret = LoadSystemCaCertsMac(ctx, &loaded);
+#elif defined(WOLFSSL_APPLE_NATIVE_CERT_VALIDATION)
+    /* For other Apple devices, Apple has removed the ability to obtain
+     * certificates from the trust store, so we can't use wolfSSL's built-in
+     * certificate validation mechanisms anymore. We instead must call into the
+     * Security Framework APIs to authenticate peer certificates when received.
+     * (see src/internal.c:DoAppleNativeCertValidation()).
+     * Thus, there is no CA "loading" required, but to keep behavior consistent
+     * with the current API (not using system CA certs unless this function has
+     * been called), we simply set a flag indicating that the new apple trust
+     * verification routine should be used later */
+    ctx->doAppleNativeCertValidationFlag = 1;
+    ret = WOLFSSL_SUCCESS;
+    loaded = 1;
+
+#if FIPS_VERSION_GE(2,0) /* Gate back to cert 3389 FIPS modules */
+#warning "Cryptographic operations may occur outside the FIPS module boundary" \
+         "Please review FIPS claims for cryptography on this Apple device"
+#endif /* FIPS_VERSION_GE(2,0) */
+
+#else
+/* HAVE_SECURITY_SECXXX_H macros are set by autotools or CMake when searching
+ * system for the required SDK headers. If building with user_settings.h, you
+ * will need to manually define WOLFSSL_APPLE_NATIVE_CERT_VALIDATION
+ * and ensure the appropriate Security.framework headers and libraries are
+ * visible to your compiler */
+#error "WOLFSSL_SYS_CA_CERTS on Apple devices requires Security.framework" \
+       " header files to be detected, or a manual override with" \
+       " WOLFSSL_APPLE_NATIVE_CERT_VALIDATION"
+#endif
+
 #else
+
     ret = LoadSystemCaCertsNix(ctx, &loaded);
+
 #endif
 
     if (ret == WOLFSSL_SUCCESS && !loaded) {
@@ -9258,210 +8677,17 @@ int wolfSSL_trust_peer_cert(WOLFSSL* ssl, const char* file, int type)
 }
 #endif /* WOLFSSL_TRUST_PEER_CERT */
 
-
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
-/* Verify the certificate, WOLFSSL_SUCCESS for ok, < 0 for error */
-int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
-                             int format)
-{
-    int    ret = WOLFSSL_FATAL_ERROR;
-#ifdef WOLFSSL_SMALL_STACK
-    byte   staticBuffer[1]; /* force heap usage */
-#else
-    byte   staticBuffer[FILE_BUFFER_SIZE];
-#endif
-    byte*  myBuffer = staticBuffer;
-    int    dynamic = 0;
-    long   sz = 0;
-    XFILE  file = XFOPEN(fname, "rb");
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerVerify");
-
-    if (file == XBADFILE) return WOLFSSL_BAD_FILE;
-    if(XFSEEK(file, 0, XSEEK_END) != 0) {
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-    sz = XFTELL(file);
-    if(XFSEEK(file, 0, XSEEK_SET) != 0) {
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-
-    if (sz > MAX_WOLFSSL_FILE_SIZE || sz <= 0) {
-        WOLFSSL_MSG("CertManagerVerify file size error");
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-
-    if (sz > (long)sizeof(staticBuffer)) {
-        WOLFSSL_MSG("Getting dynamic buffer");
-        myBuffer = (byte*) XMALLOC(sz, cm->heap, DYNAMIC_TYPE_FILE);
-        if (myBuffer == NULL) {
-            XFCLOSE(file);
-            return WOLFSSL_BAD_FILE;
-        }
-        dynamic = 1;
-    }
-
-    if ((size_t)XFREAD(myBuffer, 1, sz, file) != (size_t)sz)
-        ret = WOLFSSL_BAD_FILE;
-    else
-        ret = wolfSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format);
-
-    XFCLOSE(file);
-    if (dynamic)
-        XFREE(myBuffer, cm->heap, DYNAMIC_TYPE_FILE);
-
-    return ret;
-}
-#endif
-
-/* like load verify locations, 1 for success, < 0 for error */
-int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
-                             const char* path)
-{
-    int ret = WOLFSSL_FATAL_ERROR;
-    WOLFSSL_CTX* tmp;
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCA");
-
-    if (cm == NULL) {
-        WOLFSSL_MSG("No CertManager error");
-        return ret;
-    }
-    tmp = wolfSSL_CTX_new(cm_pick_method());
-
-    if (tmp == NULL) {
-        WOLFSSL_MSG("CTX new failed");
-        return ret;
-    }
-
-    /* for tmp use */
-    wolfSSL_CertManagerFree(tmp->cm);
-    tmp->cm = cm;
-
-    ret = wolfSSL_CTX_load_verify_locations(tmp, file, path);
-
-    /* don't lose our good one */
-    tmp->cm = NULL;
-    wolfSSL_CTX_free(tmp);
-
-    return ret;
-}
-
-
 #endif /* NO_FILESYSTEM */
 
 #ifdef HAVE_CRL
 
-/* check CRL if enabled, WOLFSSL_SUCCESS  */
-int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm, byte* der, int sz)
-{
-    int ret = 0;
-#ifdef WOLFSSL_SMALL_STACK
-    DecodedCert* cert = NULL;
-#else
-    DecodedCert  cert[1];
-#endif
-
-    WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");
-
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (cm->crlEnabled == 0)
-        return WOLFSSL_SUCCESS;
-
-#ifdef WOLFSSL_SMALL_STACK
-    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT);
-    if (cert == NULL)
-        return MEMORY_E;
-#endif
-
-    InitDecodedCert(cert, der, sz, NULL);
-
-    if ((ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm)) != 0) {
-        WOLFSSL_MSG("ParseCert failed");
-    }
-    else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {
-        WOLFSSL_MSG("CheckCertCRL failed");
-    }
-
-    FreeDecodedCert(cert);
-#ifdef WOLFSSL_SMALL_STACK
-    XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
-#endif
-
-    return ret == 0 ? WOLFSSL_SUCCESS : ret;
-}
-
-
-int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    cm->cbMissingCRL = cb;
-
-    return WOLFSSL_SUCCESS;
-}
-
-#ifdef HAVE_CRL_IO
-int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)
-{
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    cm->crl->crlIOCb = cb;
-
-    return WOLFSSL_SUCCESS;
-}
-#endif
-
-#ifndef NO_FILESYSTEM
-int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
-                              int type, int monitor)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");
-    if (cm == NULL)
-        return BAD_FUNC_ARG;
-
-    if (cm->crl == NULL) {
-        if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("Enable CRL failed");
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    return LoadCRL(cm->crl, path, type, monitor);
-}
-
-int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm, const char* file,
-                              int type)
-{
-    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLFile");
-    if (cm == NULL || file == NULL)
-        return BAD_FUNC_ARG;
-
-    if (cm->crl == NULL) {
-        if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("Enable CRL failed");
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    return ProcessFile(NULL, file, type, CRL_TYPE, NULL, 0, cm->crl,
-            VERIFY);
-}
-#endif
-
 int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
 {
     WOLFSSL_ENTER("wolfSSL_EnableCRL");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerEnableCRL(SSL_CM(ssl), options);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -9470,8 +8696,10 @@ int wolfSSL_EnableCRL(WOLFSSL* ssl, int options)
 int wolfSSL_DisableCRL(WOLFSSL* ssl)
 {
     WOLFSSL_ENTER("wolfSSL_DisableCRL");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerDisableCRL(SSL_CM(ssl));
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -9480,17 +8708,21 @@ int wolfSSL_DisableCRL(WOLFSSL* ssl)
 int wolfSSL_LoadCRL(WOLFSSL* ssl, const char* path, int type, int monitor)
 {
     WOLFSSL_ENTER("wolfSSL_LoadCRL");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerLoadCRL(SSL_CM(ssl), path, type, monitor);
+    }
     else
         return BAD_FUNC_ARG;
 }
 
 int wolfSSL_LoadCRLFile(WOLFSSL* ssl, const char* file, int type)
 {
-    WOLFSSL_ENTER("wolfSSL_LoadCRL");
-    if (ssl)
+    WOLFSSL_ENTER("wolfSSL_LoadCRLFile");
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerLoadCRLFile(SSL_CM(ssl), file, type);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -9500,8 +8732,10 @@ int wolfSSL_LoadCRLFile(WOLFSSL* ssl, const char* file, int type)
 int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
 {
     WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerSetCRL_Cb(SSL_CM(ssl), cb);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -9510,8 +8744,10 @@ int wolfSSL_SetCRL_Cb(WOLFSSL* ssl, CbMissingCRL cb)
 int wolfSSL_SetCRL_IOCb(WOLFSSL* ssl, CbCrlIO cb)
 {
     WOLFSSL_ENTER("wolfSSL_SetCRL_Cb");
-    if (ssl)
+    if (ssl) {
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerSetCRL_IOCb(SSL_CM(ssl), cb);
+    }
     else
         return BAD_FUNC_ARG;
 }
@@ -9982,6 +9218,11 @@ WOLFSSL_EVP_PKEY* wolfSSL_CTX_get0_privatekey(const WOLFSSL_CTX* ctx)
             type = EVP_PKEY_EC;
             break;
 #endif
+#ifdef WOLFSSL_SM2
+        case sm2_sa_algo:
+            type = EVP_PKEY_EC;
+            break;
+#endif
         default:
             /* Other key types not supported either as ssl private keys
              * or in the EVP layer */
@@ -11057,6 +10298,232 @@ int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509)
 
 #endif /* OPENSSL_EXTRA */
 
+#if defined(HAVE_RPK)
+/* Confirm that all the byte data in the buffer is unique.
+ * return 1 if all the byte data in the buffer is unique, otherwise 0.
+ */
+static int isArrayUnique(const char* buf, size_t len)
+{
+    size_t i, j;
+    /* check the array is unique */
+    for (i = 0; i < len -1; ++i) {
+        for (j = i+ 1; j < len; ++j) {
+            if (buf[i] == buf[j]) {
+                return 0;
+            }
+        }
+    }
+    return 1;
+}
+
+/* Set user preference for the client_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx,
+                                          const char* buf, int bufLen)
+{
+    int i;
+
+    if (ctx == NULL || bufLen > MAX_CLIENT_CERT_TYPE_CNT) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+    if (buf == NULL || bufLen == 0) {
+        ctx->rpkConfig.preferred_ClientCertTypeCnt = 1;
+        ctx->rpkConfig.preferred_ClientCertTypes[0]= WOLFSSL_CERT_TYPE_X509;
+        ctx->rpkConfig.preferred_ClientCertTypes[1]= WOLFSSL_CERT_TYPE_X509;
+        return WOLFSSL_SUCCESS;
+    }
+
+    if (!isArrayUnique(buf, bufLen))
+        return BAD_FUNC_ARG;
+
+    for (i = 0; i < bufLen; i++){
+        if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+            return BAD_FUNC_ARG;
+
+        ctx->rpkConfig.preferred_ClientCertTypes[i] = buf[i];
+    }
+    ctx->rpkConfig.preferred_ClientCertTypeCnt = bufLen;
+
+    return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the server_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx,
+                                                const char* buf, int bufLen)
+{
+    int i;
+
+    if (ctx == NULL || bufLen > MAX_SERVER_CERT_TYPE_CNT) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+    if (buf == NULL || bufLen == 0) {
+        ctx->rpkConfig.preferred_ServerCertTypeCnt = 1;
+        ctx->rpkConfig.preferred_ServerCertTypes[0]= WOLFSSL_CERT_TYPE_X509;
+        ctx->rpkConfig.preferred_ServerCertTypes[1]= WOLFSSL_CERT_TYPE_X509;
+        return WOLFSSL_SUCCESS;
+    }
+
+    if (!isArrayUnique(buf, bufLen))
+        return BAD_FUNC_ARG;
+
+    for (i = 0; i < bufLen; i++){
+        if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+            return BAD_FUNC_ARG;
+
+        ctx->rpkConfig.preferred_ServerCertTypes[i] = buf[i];
+    }
+    ctx->rpkConfig.preferred_ServerCertTypeCnt = bufLen;
+
+    return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the client_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_set_client_cert_type(WOLFSSL* ssl,
+                                          const char* buf, int bufLen)
+{
+    int i;
+
+    if (ssl == NULL || bufLen > MAX_CLIENT_CERT_TYPE_CNT) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+    if (buf == NULL || bufLen == 0) {
+        ssl->options.rpkConfig.preferred_ClientCertTypeCnt = 1;
+        ssl->options.rpkConfig.preferred_ClientCertTypes[0]
+                                                    = WOLFSSL_CERT_TYPE_X509;
+        ssl->options.rpkConfig.preferred_ClientCertTypes[1]
+                                                    = WOLFSSL_CERT_TYPE_X509;
+        return WOLFSSL_SUCCESS;
+    }
+
+    if (!isArrayUnique(buf, bufLen))
+        return BAD_FUNC_ARG;
+
+    for (i = 0; i < bufLen; i++){
+        if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+            return BAD_FUNC_ARG;
+
+        ssl->options.rpkConfig.preferred_ClientCertTypes[i] = buf[i];
+    }
+    ssl->options.rpkConfig.preferred_ClientCertTypeCnt = bufLen;
+
+    return WOLFSSL_SUCCESS;
+}
+
+/* Set user preference for the server_cert_type exetnsion.
+ * Takes byte array containing cert types the caller can provide to its peer.
+ * Cert types are in preferred order in the array.
+ */
+WOLFSSL_API int wolfSSL_set_server_cert_type(WOLFSSL* ssl,
+                                          const char* buf, int bufLen)
+{
+    int i;
+
+    if (ssl == NULL || bufLen > MAX_SERVER_CERT_TYPE_CNT) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* if buf is set to NULL or bufLen is set to zero, it defaults the setting*/
+    if (buf == NULL || bufLen == 0) {
+        ssl->options.rpkConfig.preferred_ServerCertTypeCnt = 1;
+        ssl->options.rpkConfig.preferred_ServerCertTypes[0]
+                                                    = WOLFSSL_CERT_TYPE_X509;
+        ssl->options.rpkConfig.preferred_ServerCertTypes[1]
+                                                    = WOLFSSL_CERT_TYPE_X509;
+        return WOLFSSL_SUCCESS;
+    }
+
+    if (!isArrayUnique(buf, bufLen))
+        return BAD_FUNC_ARG;
+
+    for (i = 0; i < bufLen; i++){
+        if (buf[i] != WOLFSSL_CERT_TYPE_RPK && buf[i] != WOLFSSL_CERT_TYPE_X509)
+            return BAD_FUNC_ARG;
+
+        ssl->options.rpkConfig.preferred_ServerCertTypes[i] = buf[i];
+    }
+    ssl->options.rpkConfig.preferred_ServerCertTypeCnt = bufLen;
+
+    return WOLFSSL_SUCCESS;
+}
+
+/* get negotiated certificate type value and return it to the second parameter.
+ * cert type value:
+ * -1: WOLFSSL_CERT_TYPE_UNKNOWN
+ *  0: WOLFSSL_CERT_TYPE_X509
+ *  2: WOLFSSL_CERT_TYPE_RPK
+ * return WOLFSSL_SUCCESS on success, otherwise negative value.
+ * in case no negotiation performed, it returns WOLFSSL_SUCCESS and -1 is for
+ * cert type.
+ */
+WOLFSSL_API int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    if (ssl == NULL || tp == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        if (ssl->options.rpkState.received_ClientCertTypeCnt == 1)
+            *tp = ssl->options.rpkState.received_ClientCertTypes[0];
+        else
+            *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+    }
+    else {
+        if (ssl->options.rpkState.sending_ClientCertTypeCnt == 1)
+            *tp = ssl->options.rpkState.sending_ClientCertTypes[0];
+        else
+            *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+    }
+    return ret;
+}
+
+/* get negotiated certificate type value and return it to the second parameter.
+ * cert type value:
+ * -1: WOLFSSL_CERT_TYPE_UNKNOWN
+ *  0: WOLFSSL_CERT_TYPE_X509
+ *  2: WOLFSSL_CERT_TYPE_RPK
+ * return WOLFSSL_SUCCESS on success, otherwise negative value.
+ * in case no negotiation performed, it returns WOLFSSL_SUCCESS and -1 is for
+ * cert type.
+ */
+WOLFSSL_API int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    if (ssl == NULL || tp == NULL)
+        return BAD_FUNC_ARG;
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        if (ssl->options.rpkState.received_ServerCertTypeCnt == 1)
+            *tp = ssl->options.rpkState.received_ServerCertTypes[0];
+        else
+            *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+    }
+    else {
+        if (ssl->options.rpkState.sending_ServerCertTypeCnt == 1)
+            *tp = ssl->options.rpkState.sending_ServerCertTypes[0];
+        else
+            *tp = WOLFSSL_CERT_TYPE_UNKNOWN;
+    }
+    return ret;
+}
+
+#endif /* HAVE_RPK */
+
 int wolfSSL_use_certificate_ASN1(WOLFSSL* ssl, const unsigned char* der,
                                  int derSz)
 {
@@ -11172,7 +10639,11 @@ int wolfSSL_CTX_SetTmpEC_DHE_Sz(WOLFSSL_CTX* ctx, word16 sz)
     }
 
     /* check size */
-    if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+#if ECC_MIN_KEY_SZ > 0
+    if (sz < ECC_MINSIZE)
+        return BAD_FUNC_ARG;
+#endif
+    if (sz > ECC_MAXSIZE)
         return BAD_FUNC_ARG;
 
     ctx->eccTempKeySz = sz;
@@ -11188,7 +10659,11 @@ int wolfSSL_SetTmpEC_DHE_Sz(WOLFSSL* ssl, word16 sz)
         return BAD_FUNC_ARG;
 
     /* check size */
-    if (sz < ECC_MINSIZE || sz > ECC_MAXSIZE)
+#if ECC_MIN_KEY_SZ > 0
+    if (sz < ECC_MINSIZE)
+        return BAD_FUNC_ARG;
+#endif
+    if (sz > ECC_MAXSIZE)
         return BAD_FUNC_ARG;
 
     ssl->eccTempKeySz = sz;
@@ -11367,8 +10842,9 @@ void wolfSSL_set_verify_result(WOLFSSL *ssl, long v)
     if (ssl == NULL)
         return;
 
-#ifdef OPENSSL_ALL
-    ssl->verifyCallbackResult = v;
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+    defined(OPENSSL_ALL)
+    ssl->peerVerifyRet = v;
 #else
     (void)v;
     WOLFSSL_STUB("wolfSSL_set_verify_result");
@@ -12050,13 +11526,19 @@ long wolfSSL_CTX_set_session_cache_mode(WOLFSSL_CTX* ctx, long mode)
     if (ctx == NULL)
         return WOLFSSL_FAILURE;
 
-    if (mode == WOLFSSL_SESS_CACHE_OFF)
+    if (mode == WOLFSSL_SESS_CACHE_OFF) {
         ctx->sessionCacheOff = 1;
+#ifdef HAVE_EXT_CACHE
+        ctx->internalCacheOff = 1;
+        ctx->internalCacheLookupOff = 1;
+#endif
+    }
 
     if ((mode & WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR) != 0)
         ctx->sessionCacheFlushOff = 1;
 
 #ifdef HAVE_EXT_CACHE
+    /* WOLFSSL_SESS_CACHE_NO_INTERNAL activates both if's */
     if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE) != 0)
         ctx->internalCacheOff = 1;
     if ((mode & WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP) != 0)
@@ -12105,462 +11587,6 @@ long wolfSSL_CTX_get_session_cache_mode(WOLFSSL_CTX* ctx)
 
 #endif /* NO_SESSION_CACHE */
 
-
-#if !defined(NO_CERTS)
-#if defined(PERSIST_CERT_CACHE)
-
-
-#define WOLFSSL_CACHE_CERT_VERSION 1
-
-typedef struct {
-    int version;                 /* cache cert layout version id */
-    int rows;                    /* hash table rows, CA_TABLE_SIZE */
-    int columns[CA_TABLE_SIZE];  /* columns per row on list */
-    int signerSz;                /* sizeof Signer object */
-} CertCacheHeader;
-
-/* current cert persistence layout is:
-
-   1) CertCacheHeader
-   2) caTable
-
-   update WOLFSSL_CERT_CACHE_VERSION if change layout for the following
-   PERSIST_CERT_CACHE functions
-*/
-
-
-/* Return memory needed to persist this signer, have lock */
-static WC_INLINE int GetSignerMemory(Signer* signer)
-{
-    int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID)
-           + sizeof(signer->nameLen)    + sizeof(signer->subjectNameHash);
-
-#if !defined(NO_SKID)
-        sz += (int)sizeof(signer->subjectKeyIdHash);
-#endif
-
-    /* add dynamic bytes needed */
-    sz += signer->pubKeySize;
-    sz += signer->nameLen;
-
-    return sz;
-}
-
-
-/* Return memory needed to persist this row, have lock */
-static WC_INLINE int GetCertCacheRowMemory(Signer* row)
-{
-    int sz = 0;
-
-    while (row) {
-        sz += GetSignerMemory(row);
-        row = row->next;
-    }
-
-    return sz;
-}
-
-
-/* get the size of persist cert cache, have lock */
-static WC_INLINE int GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
-{
-    int sz;
-    int i;
-
-    sz = sizeof(CertCacheHeader);
-
-    for (i = 0; i < CA_TABLE_SIZE; i++)
-        sz += GetCertCacheRowMemory(cm->caTable[i]);
-
-    return sz;
-}
-
-
-/* Store cert cache header columns with number of items per list, have lock */
-static WC_INLINE void SetCertHeaderColumns(WOLFSSL_CERT_MANAGER* cm, int* columns)
-{
-    int     i;
-    Signer* row;
-
-    for (i = 0; i < CA_TABLE_SIZE; i++) {
-        int count = 0;
-        row = cm->caTable[i];
-
-        while (row) {
-            ++count;
-            row = row->next;
-        }
-        columns[i] = count;
-    }
-}
-
-
-/* Restore whole cert row from memory, have lock, return bytes consumed,
-   < 0 on error, have lock */
-static WC_INLINE int RestoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current,
-                                 int row, int listSz, const byte* end)
-{
-    int idx = 0;
-
-    if (listSz < 0) {
-        WOLFSSL_MSG("Row header corrupted, negative value");
-        return PARSE_ERROR;
-    }
-
-    while (listSz) {
-        Signer* signer;
-        byte*   publicKey;
-        byte*   start = current + idx;  /* for end checks on this signer */
-        int     minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) +
-                      sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
-        #ifndef NO_SKID
-                minSz += (int)sizeof(signer->subjectKeyIdHash);
-        #endif
-
-        if (start + minSz > end) {
-            WOLFSSL_MSG("Would overread restore buffer");
-            return BUFFER_E;
-        }
-        signer = MakeSigner(cm->heap);
-        if (signer == NULL)
-            return MEMORY_E;
-
-        /* pubKeySize */
-        XMEMCPY(&signer->pubKeySize, current + idx, sizeof(signer->pubKeySize));
-        idx += (int)sizeof(signer->pubKeySize);
-
-        /* keyOID */
-        XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID));
-        idx += (int)sizeof(signer->keyOID);
-
-        /* publicKey */
-        if (start + minSz + signer->pubKeySize > end) {
-            WOLFSSL_MSG("Would overread restore buffer");
-            FreeSigner(signer, cm->heap);
-            return BUFFER_E;
-        }
-        publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,
-                                   DYNAMIC_TYPE_KEY);
-        if (publicKey == NULL) {
-            FreeSigner(signer, cm->heap);
-            return MEMORY_E;
-        }
-
-        XMEMCPY(publicKey, current + idx, signer->pubKeySize);
-        signer->publicKey = publicKey;
-        idx += signer->pubKeySize;
-
-        /* nameLen */
-        XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen));
-        idx += (int)sizeof(signer->nameLen);
-
-        /* name */
-        if (start + minSz + signer->pubKeySize + signer->nameLen > end) {
-            WOLFSSL_MSG("Would overread restore buffer");
-            FreeSigner(signer, cm->heap);
-            return BUFFER_E;
-        }
-        signer->name = (char*)XMALLOC(signer->nameLen, cm->heap,
-                                      DYNAMIC_TYPE_SUBJECT_CN);
-        if (signer->name == NULL) {
-            FreeSigner(signer, cm->heap);
-            return MEMORY_E;
-        }
-
-        XMEMCPY(signer->name, current + idx, signer->nameLen);
-        idx += signer->nameLen;
-
-        /* subjectNameHash */
-        XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE);
-        idx += SIGNER_DIGEST_SIZE;
-
-        #ifndef NO_SKID
-            /* subjectKeyIdHash */
-            XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE);
-            idx += SIGNER_DIGEST_SIZE;
-        #endif
-
-        signer->next = cm->caTable[row];
-        cm->caTable[row] = signer;
-
-        --listSz;
-    }
-
-    return idx;
-}
-
-
-/* Store whole cert row into memory, have lock, return bytes added */
-static WC_INLINE int StoreCertRow(WOLFSSL_CERT_MANAGER* cm, byte* current, int row)
-{
-    int     added  = 0;
-    Signer* list   = cm->caTable[row];
-
-    while (list) {
-        XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize));
-        added += (int)sizeof(list->pubKeySize);
-
-        XMEMCPY(current + added, &list->keyOID,     sizeof(list->keyOID));
-        added += (int)sizeof(list->keyOID);
-
-        XMEMCPY(current + added, list->publicKey, list->pubKeySize);
-        added += list->pubKeySize;
-
-        XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen));
-        added += (int)sizeof(list->nameLen);
-
-        XMEMCPY(current + added, list->name, list->nameLen);
-        added += list->nameLen;
-
-        XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE);
-        added += SIGNER_DIGEST_SIZE;
-
-        #ifndef NO_SKID
-            XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE);
-            added += SIGNER_DIGEST_SIZE;
-        #endif
-
-        list = list->next;
-    }
-
-    return added;
-}
-
-
-/* Persist cert cache to memory, have lock */
-static WC_INLINE int DoMemSaveCertCache(WOLFSSL_CERT_MANAGER* cm,
-                                     void* mem, int sz)
-{
-    int realSz;
-    int ret = WOLFSSL_SUCCESS;
-    int i;
-
-    WOLFSSL_ENTER("DoMemSaveCertCache");
-
-    realSz = GetCertCacheMemSize(cm);
-    if (realSz > sz) {
-        WOLFSSL_MSG("Mem output buffer too small");
-        ret = BUFFER_E;
-    }
-    else {
-        byte*           current;
-        CertCacheHeader hdr;
-
-        hdr.version  = WOLFSSL_CACHE_CERT_VERSION;
-        hdr.rows     = CA_TABLE_SIZE;
-        SetCertHeaderColumns(cm, hdr.columns);
-        hdr.signerSz = (int)sizeof(Signer);
-
-        XMEMCPY(mem, &hdr, sizeof(CertCacheHeader));
-        current = (byte*)mem + sizeof(CertCacheHeader);
-
-        for (i = 0; i < CA_TABLE_SIZE; ++i)
-            current += StoreCertRow(cm, current, i);
-    }
-
-    return ret;
-}
-
-
-#if !defined(NO_FILESYSTEM)
-
-/* Persist cert cache to file */
-int CM_SaveCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
-{
-    XFILE file;
-    int   rc = WOLFSSL_SUCCESS;
-    int   memSz;
-    byte* mem;
-
-    WOLFSSL_ENTER("CM_SaveCertCache");
-
-    file = XFOPEN(fname, "w+b");
-    if (file == XBADFILE) {
-       WOLFSSL_MSG("Couldn't open cert cache save file");
-       return WOLFSSL_BAD_FILE;
-    }
-
-    if (wc_LockMutex(&cm->caLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex on caLock failed");
-        XFCLOSE(file);
-        return BAD_MUTEX_E;
-    }
-
-    memSz = GetCertCacheMemSize(cm);
-    mem   = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (mem == NULL) {
-        WOLFSSL_MSG("Alloc for tmp buffer failed");
-        rc = MEMORY_E;
-    } else {
-        rc = DoMemSaveCertCache(cm, mem, memSz);
-        if (rc == WOLFSSL_SUCCESS) {
-            int ret = (int)XFWRITE(mem, memSz, 1, file);
-            if (ret != 1) {
-                WOLFSSL_MSG("Cert cache file write failed");
-                rc = FWRITE_ERROR;
-            }
-        }
-        XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    wc_UnLockMutex(&cm->caLock);
-    XFCLOSE(file);
-
-    return rc;
-}
-
-
-/* Restore cert cache from file */
-int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
-{
-    XFILE file;
-    int   rc = WOLFSSL_SUCCESS;
-    int   ret;
-    int   memSz;
-    byte* mem;
-
-    WOLFSSL_ENTER("CM_RestoreCertCache");
-
-    file = XFOPEN(fname, "rb");
-    if (file == XBADFILE) {
-       WOLFSSL_MSG("Couldn't open cert cache save file");
-       return WOLFSSL_BAD_FILE;
-    }
-
-    if(XFSEEK(file, 0, XSEEK_END) != 0) {
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-    memSz = (int)XFTELL(file);
-    if(XFSEEK(file, 0, XSEEK_SET) != 0) {
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-
-    if (memSz > MAX_WOLFSSL_FILE_SIZE || memSz <= 0) {
-        WOLFSSL_MSG("CM_RestoreCertCache file size error");
-        XFCLOSE(file);
-        return WOLFSSL_BAD_FILE;
-    }
-
-    mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (mem == NULL) {
-        WOLFSSL_MSG("Alloc for tmp buffer failed");
-        XFCLOSE(file);
-        return MEMORY_E;
-    }
-
-    ret = (int)XFREAD(mem, memSz, 1, file);
-    if (ret != 1) {
-        WOLFSSL_MSG("Cert file read error");
-        rc = FREAD_ERROR;
-    } else {
-        rc = CM_MemRestoreCertCache(cm, mem, memSz);
-        if (rc != WOLFSSL_SUCCESS) {
-            WOLFSSL_MSG("Mem restore cert cache failed");
-        }
-    }
-
-    XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    XFCLOSE(file);
-
-    return rc;
-}
-
-#endif /* NO_FILESYSTEM */
-
-
-/* Persist cert cache to memory */
-int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz, int* used)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("CM_MemSaveCertCache");
-
-    if (wc_LockMutex(&cm->caLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex on caLock failed");
-        return BAD_MUTEX_E;
-    }
-
-    ret = DoMemSaveCertCache(cm, mem, sz);
-    if (ret == WOLFSSL_SUCCESS)
-        *used  = GetCertCacheMemSize(cm);
-
-    wc_UnLockMutex(&cm->caLock);
-
-    return ret;
-}
-
-
-/* Restore cert cache from memory */
-int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
-{
-    int ret = WOLFSSL_SUCCESS;
-    int i;
-    CertCacheHeader* hdr = (CertCacheHeader*)mem;
-    byte*            current = (byte*)mem + sizeof(CertCacheHeader);
-    byte*            end     = (byte*)mem + sz;  /* don't go over */
-
-    WOLFSSL_ENTER("CM_MemRestoreCertCache");
-
-    if (current > end) {
-        WOLFSSL_MSG("Cert Cache Memory buffer too small");
-        return BUFFER_E;
-    }
-
-    if (hdr->version  != WOLFSSL_CACHE_CERT_VERSION ||
-        hdr->rows     != CA_TABLE_SIZE ||
-        hdr->signerSz != (int)sizeof(Signer)) {
-
-        WOLFSSL_MSG("Cert Cache Memory header mismatch");
-        return CACHE_MATCH_ERROR;
-    }
-
-    if (wc_LockMutex(&cm->caLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex on caLock failed");
-        return BAD_MUTEX_E;
-    }
-
-    FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
-
-    for (i = 0; i < CA_TABLE_SIZE; ++i) {
-        int added = RestoreCertRow(cm, current, i, hdr->columns[i], end);
-        if (added < 0) {
-            WOLFSSL_MSG("RestoreCertRow error");
-            ret = added;
-            break;
-        }
-        current += added;
-    }
-
-    wc_UnLockMutex(&cm->caLock);
-
-    return ret;
-}
-
-
-/* get how big the the cert cache save buffer needs to be */
-int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
-{
-    int sz;
-
-    WOLFSSL_ENTER("CM_GetCertCacheMemSize");
-
-    if (wc_LockMutex(&cm->caLock) != 0) {
-        WOLFSSL_MSG("wc_LockMutex on caLock failed");
-        return BAD_MUTEX_E;
-    }
-
-    sz = GetCertCacheMemSize(cm);
-
-    wc_UnLockMutex(&cm->caLock);
-
-    return sz;
-}
-
-#endif /* PERSIST_CERT_CACHE */
-#endif /* NO_CERTS */
-
 #ifdef OPENSSL_EXTRA
 
 /*
@@ -12667,7 +11693,7 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, Suites* suites,
 #ifndef WOLFSSL_SMALL_STACK
     byte    suitesCpy[WOLFSSL_MAX_SUITE_SZ];
 #else
-    byte*   suitesCpy;
+    byte*   suitesCpy = NULL;
 #endif
     word16  suitesCpySz = 0;
     word16  i = 0;
@@ -12707,12 +11733,16 @@ static int wolfSSL_parse_cipher_list(WOLFSSL_CTX* ctx, Suites* suites,
     /* list contains ciphers either only for TLS 1.3 or <= TLS 1.2 */
 
 #ifdef WOLFSSL_SMALL_STACK
-    suitesCpy = (byte*)XMALLOC(suites->suiteSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (suitesCpy == NULL)
-        return WOLFSSL_FAILURE;
+    if (suites->suiteSz > 0) {
+        suitesCpy = (byte*)XMALLOC(suites->suiteSz, NULL,
+                DYNAMIC_TYPE_TMP_BUFFER);
+        if (suitesCpy == NULL)
+            return WOLFSSL_FAILURE;
+    }
 #endif
 
-    XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
+    if (suites->suiteSz > 0)
+        XMEMCPY(suitesCpy, suites->suites, suites->suiteSz);
     suitesCpySz = suites->suiteSz;
 
     ret = SetCipherList(ctx, suites, list);
@@ -13395,7 +12425,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
         WOLFSSL_ENTER("wolfSSL_connect");
 
         /* make sure this wolfSSL object has arrays and rng setup. Protects
-         * case where the WOLFSSL object is re-used via wolfSSL_clear() */
+         * case where the WOLFSSL object is reused via wolfSSL_clear() */
         if ((ret = ReinitSSL(ssl, ssl->ctx, 0)) != 0) {
             return ret;
         }
@@ -13519,7 +12549,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                     return WOLFSSL_FATAL_ERROR;
                 }
                 /* if resumption failed, reset needed state */
-                else if (neededState == SERVER_FINISHED_COMPLETE)
+                else if (neededState == SERVER_FINISHED_COMPLETE) {
                     if (!ssl->options.resuming) {
                     #ifdef WOLFSSL_DTLS
                         if (IsDtlsNotSctpMode(ssl))
@@ -13528,17 +12558,19 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                     #endif
                             neededState = SERVER_HELLODONE_COMPLETE;
                     }
-#ifdef WOLFSSL_DTLS13
+                }
 
+#ifdef WOLFSSL_DTLS13
                 if (ssl->options.dtls && IsAtLeastTLSv1_3(ssl->version)
-                    && ssl->dtls13Rtx.sendAcks == 1) {
-                    ssl->dtls13Rtx.sendAcks = 0;
+                    && ssl->dtls13Rtx.sendAcks == 1
+                    && ssl->options.seenUnifiedHdr) {
                     /* we aren't negotiated the version yet, so we aren't sure
                      * the other end can speak v1.3. On the other side we have
                      * received a unified records, assuming that the
                      * ServerHello got lost, we will send an empty ACK. In case
                      * the server is a DTLS with version less than 1.3, it
                      * should just ignore the message */
+                    ssl->dtls13Rtx.sendAcks = 0;
                     if ((ssl->error = SendDtls13Ack(ssl)) < 0) {
                         if (ssl->error == WANT_WRITE)
                             ssl->dtls13SendingAckOrRtx = 1;
@@ -13546,8 +12578,6 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
                         return WOLFSSL_FATAL_ERROR;
                     }
                 }
-
-
 #endif /* WOLFSSL_DTLS13 */
             }
 
@@ -13883,7 +12913,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
         WOLFSSL_ENTER("wolfSSL_accept");
 
         /* make sure this wolfSSL object has arrays and rng setup. Protects
-         * case where the WOLFSSL object is re-used via wolfSSL_clear() */
+         * case where the WOLFSSL object is reused via wolfSSL_clear() */
         if ((ret = ReinitSSL(ssl, ssl->ctx, 0)) != 0) {
             return ret;
         }
@@ -14064,17 +13094,6 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
             }
 #endif
 
-#ifdef WOLFSSL_DTLS
-            if (ssl->chGoodCb != NULL && !IsSCR(ssl)) {
-                int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
-                if (cbret < 0) {
-                    ssl->error = cbret;
-                    WOLFSSL_MSG("ClientHello Good Cb don't continue error");
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-#endif
-
             ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE;
             WOLFSSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE");
             FALL_THROUGH;
@@ -14352,7 +13371,6 @@ int wolfSSL_SetHsDoneCb(WOLFSSL* ssl, HandShakeDoneCb cb, void* user_ctx)
     ssl->hsDoneCb  = cb;
     ssl->hsDoneCtx = user_ctx;
 
-
     return WOLFSSL_SUCCESS;
 }
 
@@ -14370,21 +13388,30 @@ int wolfSSL_Cleanup(void)
 
     WOLFSSL_ENTER("wolfSSL_Cleanup");
 
-    if (initRefCount == 0)
-        return ret;  /* possibly no init yet, but not failure either way */
-
-    if ((count_mutex_valid == 1) && (wc_LockMutex(&count_mutex) != 0)) {
-        WOLFSSL_MSG("Bad Lock Mutex count");
-        ret = BAD_MUTEX_E;
+#ifndef WOLFSSL_MUTEX_INITIALIZER
+    if (count_mutex_valid == 1) {
+#endif
+        if (wc_LockMutex(&count_mutex) != 0) {
+            WOLFSSL_MSG("Bad Lock Mutex count");
+            return BAD_MUTEX_E;
+        }
+#ifndef WOLFSSL_MUTEX_INITIALIZER
     }
+#endif
 
-    release = initRefCount-- == 1;
-    if (initRefCount < 0)
-        initRefCount = 0;
+    if (initRefCount > 0) {
+        --initRefCount;
+        if (initRefCount == 0)
+            release = 1;
+    }
 
+#ifndef WOLFSSL_MUTEX_INITIALIZER
     if (count_mutex_valid == 1) {
+#endif
         wc_UnLockMutex(&count_mutex);
+#ifndef WOLFSSL_MUTEX_INITIALIZER
     }
+#endif
 
     if (!release)
         return ret;
@@ -14404,7 +13431,7 @@ int wolfSSL_Cleanup(void)
         SessionCache[i].lock_valid = 0;
     }
     #else
-    if ((session_lock_valid == 1) && (wc_UnLockRwLock(&session_lock) != 0)) {
+    if ((session_lock_valid == 1) && (wc_FreeRwLock(&session_lock) != 0)) {
         if (ret == WOLFSSL_SUCCESS)
             ret = BAD_MUTEX_E;
     }
@@ -14434,11 +13461,13 @@ int wolfSSL_Cleanup(void)
     #endif
 #endif /* !NO_SESSION_CACHE */
 
+#ifndef WOLFSSL_MUTEX_INITIALIZER
     if ((count_mutex_valid == 1) && (wc_FreeMutex(&count_mutex) != 0)) {
         if (ret == WOLFSSL_SUCCESS)
             ret = BAD_MUTEX_E;
     }
     count_mutex_valid = 0;
+#endif
 
 #ifdef OPENSSL_EXTRA
     wolfSSL_RAND_Cleanup();
@@ -14479,6 +13508,10 @@ int wolfSSL_Cleanup(void)
     crypto_ex_cb_ctx_session = NULL;
 #endif
 
+#ifdef WOLFSSL_MEM_FAIL_COUNT
+    wc_MemFailCount_Free();
+#endif
+
     return ret;
 }
 
@@ -14488,18 +13521,23 @@ void SetupSession(WOLFSSL* ssl)
 
     WOLFSSL_ENTER("SetupSession");
 
-    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL &&
-            !session->haveAltSessionID) {
+    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) {
         /* Make sure the session ID is available when the user calls any
          * get_session API */
-        XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
-        session->sessionIDSz = ssl->arrays->sessionIDSz;
+        if (!session->haveAltSessionID) {
+            XMEMCPY(session->sessionID, ssl->arrays->sessionID, ID_LEN);
+            session->sessionIDSz = ssl->arrays->sessionIDSz;
+        }
+        else {
+            XMEMCPY(session->sessionID, session->altSessionID, ID_LEN);
+            session->sessionIDSz = ID_LEN;
+        }
     }
     session->side = (byte)ssl->options.side;
     if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
         XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
     session->haveEMS = ssl->options.haveEMS;
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* If using compatibility layer then check for and copy over session context
      * id. */
     if (ssl->sessionCtxSz > 0 && ssl->sessionCtxSz < ID_LEN) {
@@ -14777,7 +13815,7 @@ static int SessionTicketNoncePrealloc(byte** buf, byte* len, void *heap)
     if (*buf == NULL) {
         WOLFSSL_MSG("Failed to preallocate ticket nonce buffer");
         *len = 0;
-        return WOLFSSL_FAILURE;
+        return 1;
     }
 
     *len = PREALLOC_SESSION_TICKET_NONCE_LEN;
@@ -14850,6 +13888,22 @@ static int TlsSessionCacheGetAndLock(const byte *id,
     return 0;
 }
 
+static int CheckSessionMatch(const WOLFSSL* ssl, const WOLFSSL_SESSION* sess)
+{
+    if (ssl == NULL || sess == NULL)
+        return 0;
+#ifdef OPENSSL_EXTRA
+    if (ssl->sessionCtxSz > 0 && (ssl->sessionCtxSz != sess->sessionCtxSz ||
+           XMEMCMP(ssl->sessionCtx, sess->sessionCtx, sess->sessionCtxSz) != 0))
+        return 0;
+#endif
+#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
+    if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version))
+        return 0;
+#endif
+    return 1;
+}
+
 int TlsSessionCacheGetAndRdLock(const byte *id, const WOLFSSL_SESSION **sess,
         word32 *lockedRow, byte side)
 {
@@ -14898,7 +13952,7 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
     if (SslSessionCacheOff(ssl, ssl->session))
         return WOLFSSL_FAILURE;
 
-    if (ssl->options.haveSessionId == 0)
+    if (ssl->options.haveSessionId == 0 && !ssl->session->haveAltSessionID)
         return WOLFSSL_FAILURE;
 
 #ifdef HAVE_SESSION_TICKET
@@ -14907,7 +13961,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
 #endif
 
     XMEMSET(bogusID, 0, sizeof(bogusID));
-    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
+    if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL
+            && !ssl->session->haveAltSessionID)
         id = ssl->arrays->sessionID;
     else if (ssl->session->haveAltSessionID) {
         id = ssl->session->altSessionID;
@@ -14924,37 +13979,38 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
 #ifdef HAVE_EXT_CACHE
     if (ssl->ctx->get_sess_cb != NULL) {
         int copy = 0;
+        int found = 0;
         WOLFSSL_SESSION* extSess;
         /* Attempt to retrieve the session from the external cache. */
         WOLFSSL_MSG("Calling external session cache");
         extSess = ssl->ctx->get_sess_cb(ssl, (byte*)id, ID_LEN, &copy);
         if ((extSess != NULL)
-        #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
-            && (IsAtLeastTLSv1_3(ssl->version) ==
-                IsAtLeastTLSv1_3(extSess->version))
-        #endif
+                && CheckSessionMatch(ssl, extSess)
             ) {
             WOLFSSL_MSG("Session found in external cache");
+            found = 1;
+
             error = wolfSSL_DupSession(extSess, output, 0);
 #ifdef HAVE_EX_DATA
             extSess->ownExData = 1;
             output->ownExData = 0;
 #endif
-            /* If copy not set then free immediately */
-            if (!copy)
-                wolfSSL_FreeSession(ssl->ctx, extSess);
             /* We want to restore the bogus ID for TLS compatibility */
             if (ssl->session->haveAltSessionID &&
                     output == ssl->session) {
                 XMEMCPY(ssl->session->sessionID, bogusID, ID_LEN);
                 ssl->session->sessionIDSz = bogusIDSz;
             }
-            return error;
         }
+        /* If copy not set then free immediately */
+        if (extSess != NULL && !copy)
+            wolfSSL_FreeSession(ssl->ctx, extSess);
+        if (found)
+            return error;
         WOLFSSL_MSG("Session not found in external cache");
     }
 
-    if (ssl->ctx->internalCacheLookupOff) {
+    if (ssl->options.internalCacheLookupOff) {
         WOLFSSL_MSG("Internal cache lookup turned off");
         return WOLFSSL_FAILURE;
     }
@@ -14973,7 +14029,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
 #endif
         if (output->ticketLenAlloc)
             XFREE(output->ticket, output->heap, DYNAMIC_TYPE_SESSION_TICK);
-        output->ticket = tmpTicket;
+        output->ticket = tmpTicket; /* cppcheck-suppress autoVariables
+                                     */
         output->ticketLenAlloc = PREALLOC_SESSION_TICKET_LEN;
         output->ticketLen = 0;
         tmpBufSet = 1;
@@ -15038,9 +14095,8 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
 #endif
     }
     else {
-#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
-        if (IsAtLeastTLSv1_3(ssl->version) != IsAtLeastTLSv1_3(sess->version)) {
-            WOLFSSL_MSG("Invalid session: different protocol version");
+        if (!CheckSessionMatch(ssl, sess)) {
+            WOLFSSL_MSG("Invalid session: can't be used in this context");
             TlsSessionCacheUnlockRow(row);
             error = WOLFSSL_FAILURE;
         }
@@ -15051,16 +14107,19 @@ int wolfSSL_GetSessionFromCache(WOLFSSL* ssl, WOLFSSL_SESSION* output)
             TlsSessionCacheUnlockRow(row);
             /* Attempt to get a write lock */
             error = TlsSessionCacheGetAndWrLock(id, &wrSess, &row,
-                    ssl->options.side);
+                    (byte)ssl->options.side);
             if (error == 0 && wrSess != NULL) {
                 EvictSessionFromCache(wrSess);
                 TlsSessionCacheUnlockRow(row);
             }
             error = WOLFSSL_FAILURE;
         }
-#endif /* HAVE_SESSION_TICKET && WOLFSSL_TLS13 */
     }
 
+    /* mollify confused cppcheck nullPointer warning. */
+    if (sess == NULL)
+        error = WOLFSSL_FAILURE;
+
     if (error == WOLFSSL_SUCCESS) {
 #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TLS13)
         error = wolfSSL_DupSessionEx(sess, output, 1,
@@ -15215,11 +14274,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
         if (ssl->session == session) {
             WOLFSSL_MSG("ssl->session and session same");
         }
-        else
-#ifdef HAVE_STUNNEL
-        /* stunnel depends on the ex_data not being duplicated. Copy OpenSSL
-         * behaviour for now. */
-        if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
+        else if (session->type != WOLFSSL_SESSION_TYPE_CACHE) {
             if (wolfSSL_SESSION_up_ref(session) == WOLFSSL_SUCCESS) {
                 wolfSSL_FreeSession(ssl->ctx, ssl->session);
                 ssl->session = session;
@@ -15227,9 +14282,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
             else
                 ret = WOLFSSL_FAILURE;
         }
-        else
-#endif
-        {
+        else {
             ret = wolfSSL_DupSession(session, ssl->session, 0);
             if (ret != WOLFSSL_SUCCESS)
                 WOLFSSL_MSG("Session duplicate failed");
@@ -15254,7 +14307,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
     if (ret != WOLFSSL_SUCCESS)
         return ret;
 
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* check for application context id */
     if (ssl->sessionCtxSz > 0) {
         if (XMEMCMP(ssl->sessionCtx, ssl->session->sessionCtx, ssl->sessionCtxSz)) {
@@ -15263,7 +14316,7 @@ int wolfSSL_SetSession(WOLFSSL* ssl, WOLFSSL_SESSION* session)
             return WOLFSSL_FAILURE;
         }
     }
-#endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SESSION_ID_CTX */
 
     if (LowResTimer() >= (ssl->session->bornOn + ssl->session->timeout)) {
 #if !defined(OPENSSL_EXTRA) || !defined(WOLFSSL_ERROR_CODE_OPENSSL)
@@ -15307,6 +14360,8 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
 {
     int error = -1;
     word32 clientRow = 0, clientIdx = 0;
+    ClientSession* ret = NULL;
+
     (void)useTicket;
     if (side == WOLFSSL_CLIENT_END
             && row != INVALID_SESSION_ROW
@@ -15354,6 +14409,9 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
             }
             if (error == 0) {
                 WOLFSSL_MSG("Adding client cache entry");
+
+                ret = &ClientCache[clientRow].Clients[clientIdx];
+
                 if (ClientCache[clientRow].totalCount < CLIENT_SESSIONS_PER_ROW)
                     ClientCache[clientRow].totalCount++;
                 ClientCache[clientRow].nextIdx++;
@@ -15364,16 +14422,13 @@ ClientSession* AddSessionToClientCache(int side, int row, int idx, byte* serverI
         }
         else {
             WOLFSSL_MSG("Hash session or lock failed");
-            error = -1;
         }
     }
     else {
         WOLFSSL_MSG("Skipping client cache");
     }
-    if (error == 0)
-        return &ClientCache[clientRow].Clients[clientIdx];
-    else
-        return NULL;
+
+    return ret;
 }
 #endif /* !NO_CLIENT_CACHE */
 
@@ -15548,9 +14603,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
         WOLFSSL_MSG("Hash session failed");
     #ifdef HAVE_SESSION_TICKET
         XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
-    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
-        if (preallocNonce != NULL)
-            XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
     #endif
     #endif
         return ret;
@@ -15560,9 +14614,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
     if (SESSION_ROW_WR_LOCK(sessRow) != 0) {
     #ifdef HAVE_SESSION_TICKET
         XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
-    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
-        if (preallocNonce != NULL)
-            XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+    #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
     #endif
     #endif
         WOLFSSL_MSG("Session row lock failed");
@@ -15600,9 +14653,8 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
         if (cacheSession == NULL) {
         #ifdef HAVE_SESSION_TICKET
             XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
-        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKE_NONCE_MALLOC)
-            if (preallocNonce != NULL)
-                XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+        #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC)
+            XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
         #endif
         #endif
             SESSION_ROW_UNLOCK(sessRow);
@@ -15645,7 +14697,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
     cacheSession->peer = NULL;
 #endif
 #ifdef HAVE_SESSION_TICKET
-    /* If we can re-use the existing buffer in cacheSession then we won't touch
+    /* If we can reuse the existing buffer in cacheSession then we won't touch
      * ticBuff at all making it a very cheap malloc/free. The page on a modern
      * OS will most likely not even be allocated to the process. */
     if (ticBuff != NULL && cacheSession->ticketLenAlloc < ticLen) {
@@ -15668,7 +14720,7 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
         cacheSession->ticketNonce.data = cacheSession->ticketNonce.dataStatic;
         cacheSession->ticketNonce.len = 0;
     }
-#endif /* WOFLSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
+#endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
 #endif
 #ifdef SESSION_CERTS
     if (overwrite &&
@@ -15757,14 +14809,11 @@ int AddSessionToCache(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* addSession,
 #ifdef HAVE_SESSION_TICKET
     if (ticBuff != NULL && !ticBuffUsed)
         XFREE(ticBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
-    if (cacheTicBuff != NULL)
-        XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
+    XFREE(cacheTicBuff, NULL, DYNAMIC_TYPE_SESSION_TICK);
 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&         \
     (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
-    if (preallocNonce != NULL)
-        XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
-    if (toFree != NULL)
-        XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+    XFREE(preallocNonce, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
+    XFREE(toFree, addSession->heap, DYNAMIC_TYPE_SESSION_TICK);
 #endif /* WOLFSSL_TLS13 && WOLFSSL_TICKET_NONCE_MALLOC && FIPS_VERSION_GE(5,3)*/
 #endif
 
@@ -15822,27 +14871,32 @@ void AddSession(WOLFSSL* ssl)
         idSz = ID_LEN;
     }
 
-    /* Try to add the session to internal cache or external cache
-    if a new_sess_cb is set. Its ok if we don't succeed. */
-    (void)AddSessionToCache(ssl->ctx, session, id, idSz,
+#ifdef HAVE_EXT_CACHE
+    if (!ssl->options.internalCacheOff)
+#endif
+    {
+        /* Try to add the session to internal cache or external cache
+        if a new_sess_cb is set. Its ok if we don't succeed. */
+        (void)AddSessionToCache(ssl->ctx, session, id, idSz,
 #ifdef SESSION_INDEX
-            &ssl->sessionIndex,
+                &ssl->sessionIndex,
 #else
-            NULL,
+                NULL,
 #endif
-            ssl->options.side,
+                ssl->options.side,
 #ifdef HAVE_SESSION_TICKET
-            ssl->options.useTicket,
+                ssl->options.useTicket,
 #else
-            0,
+                0,
 #endif
 #ifdef NO_SESSION_CACHE_REF
-            NULL
+                NULL
 #else
-            (ssl->options.side == WOLFSSL_CLIENT_END) ?
-                    &ssl->clientSession : NULL
+                (ssl->options.side == WOLFSSL_CLIENT_END) ?
+                        &ssl->clientSession : NULL
 #endif
-                    );
+                        );
+    }
 
 #ifdef HAVE_EXT_CACHE
     if (error == 0 && ssl->ctx->new_sess_cb != NULL) {
@@ -16253,10 +15307,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
            /* myBuffer may not be initialized fully, but the span up to the
             * sending length will be.
             */
-            PRAGMA_GCC_DIAG_PUSH;
-            PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+            PRAGMA_GCC_DIAG_PUSH
+            PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
             ret = wolfSSL_write(ssl, myBuffer, sending);
-            PRAGMA_GCC_DIAG_POP;
+            PRAGMA_GCC_DIAG_POP
 
             if (dynamic)
                 XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV);
@@ -16503,8 +15557,10 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
     {
         WOLFSSL_ENTER("wolfSSL_set_psk_use_session_callback");
 
-        ssl->options.havePSK = 1;
-        ssl->options.session_psk_cb = cb;
+        if (ssl != NULL) {
+            ssl->options.havePSK = 1;
+            ssl->options.session_psk_cb = cb;
+        }
 
         WOLFSSL_LEAVE("wolfSSL_set_psk_use_session_callback", WOLFSSL_SUCCESS);
     }
@@ -16698,6 +15754,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
                                        const unsigned char* in,
                                        long sz, int format)
     {
+        int verify;
         WOLFSSL_ENTER("wolfSSL_CTX_trust_peer_buffer");
 
         /* sanity check on arguments */
@@ -16705,12 +15762,17 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             return BAD_FUNC_ARG;
         }
 
+        verify = GET_VERIFY_SETTING_CTX(ctx);
+        if (WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS &
+                 WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY)
+            verify = VERIFY_SKIP_DATE;
+
         if (format == WOLFSSL_FILETYPE_PEM)
             return ProcessChainBuffer(ctx, in, sz, format, TRUSTED_PEER_TYPE,
-                                      NULL, GET_VERIFY_SETTING_CTX(ctx));
+                                      NULL, verify);
         else
             return ProcessBuffer(ctx, in, sz, format, TRUSTED_PEER_TYPE, NULL,
-                                 NULL, 0, GET_VERIFY_SETTING_CTX(ctx));
+                                 NULL, 0, verify);
     }
 #endif /* WOLFSSL_TRUST_PEER_CERT */
 
@@ -17087,6 +16149,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
         if (ssl == NULL)
             return BAD_FUNC_ARG;
 
+        SSL_CM_WARNING(ssl);
         return wolfSSL_CertManagerUnload_trust_peers(SSL_CM(ssl));
     }
 #endif /* WOLFSSL_LOCAL_X509_STORE */
@@ -17224,8 +16287,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
     {
         WOLFSSL_ENTER("wolfSSL_CTX_set_client_CA_list");
         if (ctx != NULL) {
-            wolfSSL_sk_X509_NAME_pop_free(ctx->ca_names, NULL);
-            ctx->ca_names = names;
+            wolfSSL_sk_X509_NAME_pop_free(ctx->client_ca_names, NULL);
+            ctx->client_ca_names = names;
         }
     }
 
@@ -17234,9 +16297,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
     {
         WOLFSSL_ENTER("wolfSSL_set_client_CA_list");
         if (ssl != NULL) {
-            if (ssl->ca_names != ssl->ctx->ca_names)
-                wolfSSL_sk_X509_NAME_pop_free(ssl->ca_names, NULL);
-            ssl->ca_names = names;
+            if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+                wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+            ssl->client_ca_names = names;
         }
     }
 
@@ -17263,6 +16326,163 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
         ctx->certSetupCbArg = arg;
     }
 
+    int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+            const byte** suites, word16* suiteSz,
+            const byte** hashSigAlgo, word16* hashSigAlgoSz)
+    {
+        WOLFSSL_ENTER("wolfSSL_get_client_suites_sigalgs");
+
+        if (suites != NULL)
+            *suites = NULL;
+        if (suiteSz != NULL)
+            *suiteSz = 0;
+        if (hashSigAlgo != NULL)
+            *hashSigAlgo = NULL;
+        if (hashSigAlgoSz != NULL)
+            *hashSigAlgoSz = 0;
+
+        if (ssl != NULL && ssl->clSuites != NULL) {
+            if (suites != NULL && suiteSz != NULL) {
+                *suites = ssl->clSuites->suites;
+                *suiteSz = ssl->clSuites->suiteSz;
+            }
+            if (hashSigAlgo != NULL && hashSigAlgoSz != NULL) {
+                *hashSigAlgo = ssl->clSuites->hashSigAlgo;
+                *hashSigAlgoSz = ssl->clSuites->hashSigAlgoSz;
+            }
+            return WOLFSSL_SUCCESS;
+        }
+        return WOLFSSL_FAILURE;
+    }
+    WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+            byte second)
+    {
+        WOLFSSL_CIPHERSUITE_INFO info;
+        info.rsaAuth = (byte)(CipherRequires(first, second, REQUIRES_RSA) ||
+                CipherRequires(first, second, REQUIRES_RSA_SIG));
+        info.eccAuth = (byte)(CipherRequires(first, second, REQUIRES_ECC) ||
+                /* Static ECC ciphers may require RSA for authentication */
+                (CipherRequires(first, second, REQUIRES_ECC_STATIC) &&
+                        !CipherRequires(first, second, REQUIRES_RSA_SIG)));
+        info.eccStatic =
+                (byte)CipherRequires(first, second, REQUIRES_ECC_STATIC);
+        info.psk = (byte)CipherRequires(first, second, REQUIRES_PSK);
+        return info;
+    }
+
+    /**
+     * @param first First byte of the hash and signature algorithm
+     * @param second Second byte of the hash and signature algorithm
+     * @param hashAlgo The enum wc_HashType of the MAC algorithm
+     * @param sigAlgo The enum Key_Sum of the authentication algorithm
+     */
+    int wolfSSL_get_sigalg_info(byte first, byte second,
+            int* hashAlgo, int* sigAlgo)
+    {
+        byte input[2];
+        byte hashType;
+        byte sigType;
+
+        if (hashAlgo == NULL || sigAlgo == NULL)
+            return BAD_FUNC_ARG;
+
+        input[0] = first;
+        input[1] = second;
+        DecodeSigAlg(input, &hashType, &sigType);
+
+        /* cast so that compiler reminds us of unimplemented values */
+        switch ((enum SignatureAlgorithm)sigType) {
+        case anonymous_sa_algo:
+            *sigAlgo = (enum Key_Sum)0;
+            break;
+        case rsa_sa_algo:
+            *sigAlgo = RSAk;
+            break;
+        case dsa_sa_algo:
+            *sigAlgo = DSAk;
+            break;
+        case ecc_dsa_sa_algo:
+            *sigAlgo = ECDSAk;
+            break;
+        case rsa_pss_sa_algo:
+            *sigAlgo = RSAPSSk;
+            break;
+        case ed25519_sa_algo:
+            *sigAlgo = ED25519k;
+            break;
+        case rsa_pss_pss_algo:
+            *sigAlgo = RSAPSSk;
+            break;
+        case ed448_sa_algo:
+            *sigAlgo = ED448k;
+            break;
+        case falcon_level1_sa_algo:
+            *sigAlgo = FALCON_LEVEL1k;
+            break;
+        case falcon_level5_sa_algo:
+            *sigAlgo = FALCON_LEVEL5k;
+            break;
+        case dilithium_level2_sa_algo:
+            *sigAlgo = DILITHIUM_LEVEL2k;
+            break;
+        case dilithium_level3_sa_algo:
+            *sigAlgo = DILITHIUM_LEVEL3k;
+            break;
+        case dilithium_level5_sa_algo:
+            *sigAlgo = DILITHIUM_LEVEL5k;
+            break;
+        case sm2_sa_algo:
+            *sigAlgo = SM2k;
+            break;
+        case invalid_sa_algo:
+        default:
+            *hashAlgo = WC_HASH_TYPE_NONE;
+            *sigAlgo = 0;
+            return BAD_FUNC_ARG;
+        }
+
+        /* cast so that compiler reminds us of unimplemented values */
+        switch((enum wc_MACAlgorithm)hashType) {
+        case no_mac:
+        case rmd_mac: /* Don't have a RIPEMD type in wc_HashType */
+            *hashAlgo = WC_HASH_TYPE_NONE;
+            break;
+        case md5_mac:
+            *hashAlgo = WC_HASH_TYPE_MD5;
+            break;
+        case sha_mac:
+            *hashAlgo = WC_HASH_TYPE_SHA;
+            break;
+        case sha224_mac:
+            *hashAlgo = WC_HASH_TYPE_SHA224;
+            break;
+        case sha256_mac:
+            *hashAlgo = WC_HASH_TYPE_SHA256;
+            break;
+        case sha384_mac:
+            *hashAlgo = WC_HASH_TYPE_SHA384;
+            break;
+        case sha512_mac:
+            *hashAlgo = WC_HASH_TYPE_SHA512;
+            break;
+        case blake2b_mac:
+            *hashAlgo = WC_HASH_TYPE_BLAKE2B;
+            break;
+        case sm3_mac:
+#ifdef WOLFSSL_SM3
+            *hashAlgo = WC_HASH_TYPE_SM3;
+#else
+            *hashAlgo = WC_HASH_TYPE_NONE;
+#endif
+            break;
+        default:
+            *hashAlgo = WC_HASH_TYPE_NONE;
+            *sigAlgo = 0;
+            return BAD_FUNC_ARG;
+        }
+        return 0;
+    }
+
     /**
      * Internal wrapper for calling certSetupCb
      * @param ssl The SSL/TLS Object
@@ -17296,7 +16516,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
 
 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || HAVE_WEBSERVER */
 
-#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+#ifndef WOLFSSL_NO_CA_NAMES
     WOLF_STACK_OF(WOLFSSL_X509_NAME)* wolfSSL_CTX_get_client_CA_list(
             const WOLFSSL_CTX *ctx)
     {
@@ -17307,7 +16527,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             return NULL;
         }
 
-        return ctx->ca_names;
+        return ctx->client_ca_names;
     }
 
     /* returns the CA's set on server side or the CA's sent from server when
@@ -17337,9 +16557,9 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             return WOLFSSL_FAILURE;
         }
 
-        if (ctx->ca_names == NULL) {
-            ctx->ca_names = wolfSSL_sk_X509_NAME_new(NULL);
-            if (ctx->ca_names == NULL) {
+        if (ctx->client_ca_names == NULL) {
+            ctx->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+            if (ctx->client_ca_names == NULL) {
                 WOLFSSL_MSG("wolfSSL_sk_X509_NAME_new error");
                 return WOLFSSL_FAILURE;
             }
@@ -17351,7 +16571,7 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
             return WOLFSSL_FAILURE;
         }
 
-        if (wolfSSL_sk_X509_NAME_push(ctx->ca_names, nameCopy) != WOLFSSL_SUCCESS) {
+        if (wolfSSL_sk_X509_NAME_push(ctx->client_ca_names, nameCopy) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("wolfSSL_sk_X509_NAME_push error");
             wolfSSL_X509_NAME_free(nameCopy);
             return WOLFSSL_FAILURE;
@@ -17446,17 +16666,50 @@ cleanup:
     /*
      * This is an OpenSSL compatibility layer function, but it doesn't mirror
      * the exact functionality of its OpenSSL counterpart. We don't support the
-     * notion of an "OpenSSL directory," nor do we support the environment
-     * variables SSL_CERT_DIR or SSL_CERT_FILE. This function is simply a
-     * wrapper around our native wolfSSL_CTX_load_system_CA_certs function. This
-     * function does conform to OpenSSL's return value conventions, though.
+     * notion of an "OpenSSL directory". This function will attempt to load the
+     * environment variables SSL_CERT_DIR and SSL_CERT_FILE, if either are found,
+     * they will be loaded. Otherwise, it will act as a wrapper around our
+     * native wolfSSL_CTX_load_system_CA_certs function. This function does
+     * conform to OpenSSL's return value conventions.
      */
     int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX* ctx)
     {
         int ret;
+#ifdef XGETENV
+        char* certDir;
+        char* certFile;
+        word32 flags;
+#endif
 
         WOLFSSL_ENTER("wolfSSL_CTX_set_default_verify_paths");
 
+#ifdef XGETENV
+        certDir = XGETENV("SSL_CERT_DIR");
+        certFile = XGETENV("SSL_CERT_FILE");
+        flags = WOLFSSL_LOAD_FLAG_PEM_CA_ONLY;
+
+        if (certDir || certFile) {
+            if (certDir) {
+               /*
+                * We want to keep trying to load more CAs even if one cert in
+                * the directory is bad and can't be used (e.g. if one is expired),
+                * so we use WOLFSSL_LOAD_FLAG_IGNORE_ERR.
+                */
+                flags |= WOLFSSL_LOAD_FLAG_IGNORE_ERR;
+            }
+
+            ret = wolfSSL_CTX_load_verify_locations_ex(ctx, certFile, certDir,
+                    flags);
+            if (ret != WOLFSSL_SUCCESS) {
+                WOLFSSL_MSG_EX("Failed to load CA certs from SSL_CERT_FILE: %s"
+                                " SSL_CERT_DIR: %s. Error: %d", certFile,
+                                certDir, ret);
+                return WOLFSSL_FAILURE;
+            }
+            return ret;
+        }
+#endif
+
         ret = wolfSSL_CTX_load_system_CA_certs(ctx);
         if (ret == WOLFSSL_BAD_PATH) {
             /*
@@ -17737,11 +16990,13 @@ cleanup:
 #endif /* OPENSSL_EXTRA || WOLFSSL_EXTRA || WOLFSSL_WPAS_SMALL */
 
     /* return true if connection established */
-    int wolfSSL_is_init_finished(WOLFSSL* ssl)
+    int wolfSSL_is_init_finished(const WOLFSSL* ssl)
     {
         if (ssl == NULL)
             return 0;
 
+        /* Can't use ssl->options.connectState and ssl->options.acceptState because
+         * they differ in meaning for TLS <=1.2 and 1.3 */
         if (ssl->options.handShakeState == HANDSHAKE_DONE)
             return 1;
 
@@ -17946,6 +17201,32 @@ cleanup:
                                                     and free it with CTX free*/
     }
 
+#ifdef OPENSSL_ALL
+    int wolfSSL_CTX_set1_verify_cert_store(WOLFSSL_CTX* ctx, WOLFSSL_X509_STORE* str)
+    {
+        WOLFSSL_ENTER("wolfSSL_CTX_set1_verify_cert_store");
+
+        if (ctx == NULL || str == NULL) {
+            WOLFSSL_MSG("Bad parameter");
+            return WOLFSSL_FAILURE;
+        }
+
+        /* NO-OP when setting existing store */
+        if (str == CTX_STORE(ctx))
+            return WOLFSSL_SUCCESS;
+
+        if (wolfSSL_X509_STORE_up_ref(str) != WOLFSSL_SUCCESS) {
+            WOLFSSL_MSG("wolfSSL_X509_STORE_up_ref error");
+            return WOLFSSL_FAILURE;
+        }
+
+        /* free existing store if it exists */
+        wolfSSL_X509_STORE_free(ctx->x509_store_pt);
+        ctx->x509_store_pt = str; /* take ownership of store and free it
+                                     with CTX free */
+        return WOLFSSL_SUCCESS;
+    }
+#endif
 
     int wolfSSL_set0_verify_cert_store(WOLFSSL *ssl, WOLFSSL_X509_STORE* str)
     {
@@ -18043,13 +17324,26 @@ cleanup:
 #endif /* WOLFSSL_ENCRYPTED_KEYS */
 
 
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
+    unsigned long wolfSSL_ERR_get_error(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_ERR_get_error");
+#ifdef WOLFSSL_HAVE_ERROR_QUEUE
+        return wc_GetErrorNodeErr();
+#else
+        return (unsigned long)(0 - NOT_COMPILED_IN);
+#endif
+    }
+#endif
+
 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+
     int wolfSSL_num_locks(void)
     {
         return 0;
     }
 
-    void wolfSSL_set_locking_callback(void (*f)(int, int, const char*, int))
+    void wolfSSL_set_locking_callback(mutex_cb* f)
     {
         WOLFSSL_ENTER("wolfSSL_set_locking_callback");
 
@@ -18058,6 +17352,13 @@ cleanup:
         }
     }
 
+    mutex_cb* wolfSSL_get_locking_callback(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_get_locking_callback");
+
+        return wc_GetMutexCb();
+    }
+
 
     typedef unsigned long (idCb)(void);
     static idCb* inner_idCb = NULL;
@@ -18078,16 +17379,6 @@ cleanup:
         inner_idCb = f;
     }
 
-    unsigned long wolfSSL_ERR_get_error(void)
-    {
-        WOLFSSL_ENTER("wolfSSL_ERR_get_error");
-#ifdef WOLFSSL_HAVE_ERROR_QUEUE
-        return wc_GetErrorNodeErr();
-#else
-        return (unsigned long)(0 - NOT_COMPILED_IN);
-#endif
-    }
-
 #ifdef WOLFSSL_HAVE_ERROR_QUEUE
 #ifndef NO_BIO
     /* print out and clear all errors */
@@ -18176,7 +17467,7 @@ size_t wolfSSL_get_server_random(const WOLFSSL *ssl, unsigned char *out,
  * NOTE: currently wolfSSL_KeepHandshakeResources(WOLFSSL* ssl) must be called
  *       before the ephemeral key is stored.
  * return WOLFSSL_SUCCESS on success */
-int wolfSSL_get_server_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey)
+int wolfSSL_get_peer_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey)
 {
     WOLFSSL_EVP_PKEY* ret = NULL;
 
@@ -18994,1173 +18285,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
     }
 #endif /* OPENSSL_EXTRA */
 
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
-#ifndef NO_MD5
-    int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
-    {
-        int ret;
-        typedef char md5_test[sizeof(MD5_CTX) >= sizeof(wc_Md5) ? 1 : -1];
-        (void)sizeof(md5_test);
-
-        WOLFSSL_ENTER("MD5_Init");
-        ret = wc_InitMd5((wc_Md5*)md5);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("MD5_Update");
-        ret = wc_Md5Update((wc_Md5*)md5, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-
-    int wolfSSL_MD5_Final(byte* output, WOLFSSL_MD5_CTX* md5)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("MD5_Final");
-        ret = wc_Md5Final((wc_Md5*)md5, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Md5Free((wc_Md5*)md5);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    /* Apply MD5 transformation to the data */
-    int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("MD5_Transform");
-
-        /* sanity check */
-        if (md5 == NULL || data == NULL) {
-            return 0;
-        }
-    #if defined(BIG_ENDIAN_ORDER)
-        ByteReverseWords((word32*)data, (word32*)data, WC_MD5_BLOCK_SIZE);
-    #endif
-
-        ret = wc_Md5Transform((wc_Md5*)md5, data);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    unsigned char *wolfSSL_MD5(const unsigned char* data, size_t len,
-            unsigned char* hash)
-    {
-        static unsigned char out[WC_MD5_DIGEST_SIZE];
-
-        WOLFSSL_ENTER("wolfSSL_MD5");
-
-        if (hash == NULL)
-            hash = out;
-        if (wc_Md5Hash(data, (word32)len, hash) != 0) {
-            WOLFSSL_MSG("wc_Md5Hash error");
-            return NULL;
-        }
-        return hash;
-    }
-#endif /* !NO_MD5 */
-
-
-#ifndef NO_SHA
-    int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA_CTX) >= sizeof(wc_Sha) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA_Init");
-        ret = wc_InitSha((wc_Sha*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-
-    int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA_Update");
-        ret = wc_ShaUpdate((wc_Sha*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-
-    int wolfSSL_SHA_Final(byte* output, WOLFSSL_SHA_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA_Final");
-        ret = wc_ShaFinal((wc_Sha*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_ShaFree((wc_Sha*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-    /* Apply SHA1 transformation to the data */
-    int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha,
-                                         const unsigned char* data)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA_Transform");
-        /* sanity check */
-        if (sha == NULL || data == NULL) {
-            return 0;
-        }
-    #if defined(LITTLE_ENDIAN_ORDER)
-        ByteReverseWords((word32*)data, (word32*)data, WC_SHA_BLOCK_SIZE);
-    #endif
-        ret = wc_ShaTransform((wc_Sha*)sha, data);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    #endif
-
-    int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha)
-    {
-        WOLFSSL_ENTER("SHA1_Init");
-        return SHA_Init(sha);
-    }
-
-
-    int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
-                            unsigned long sz)
-    {
-        WOLFSSL_ENTER("SHA1_Update");
-        return SHA_Update(sha, input, sz);
-    }
-
-
-    int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha)
-    {
-        WOLFSSL_ENTER("SHA1_Final");
-        return SHA_Final(output, sha);
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-    /* Apply SHA1 transformation to the data */
-    int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha,
-                                         const unsigned char* data)
-    {
-       WOLFSSL_ENTER("SHA1_Transform");
-       return (wolfSSL_SHA_Transform(sha, data));
-    }
-    #endif
-#endif /* !NO_SHA */
-
-#ifndef NO_SHA256
-#ifdef WOLFSSL_SHA224
-
-    int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA224_CTX) >= sizeof(wc_Sha224) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA224_Init");
-        ret = wc_InitSha224((wc_Sha224*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-
-    int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA224_Update");
-        ret = wc_Sha224Update((wc_Sha224*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-
-    int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA224_Final");
-        ret = wc_Sha224Final((wc_Sha224*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha224Free((wc_Sha224*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-#endif /* WOLFSSL_SHA224 */
-
-    int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(wc_Sha256) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA256_Init");
-        ret = wc_InitSha256((wc_Sha256*)sha256);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha, const void* input,
-                              unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA256_Update");
-        ret = wc_Sha256Update((wc_Sha256*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA256_Final");
-        ret = wc_Sha256Final((wc_Sha256*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha256Free((wc_Sha256*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
-        !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
-        !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
-    /* Apply SHA256 transformation to the data */
-    int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
-                                                const unsigned char* data)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA256_Transform");
-        /* sanity check */
-        if (sha256 == NULL || data == NULL) {
-            return 0;
-        }
-    #if defined(LITTLE_ENDIAN_ORDER)
-        ByteReverseWords((word32*)data, (word32*)data, WC_SHA256_BLOCK_SIZE);
-    #endif
-        ret = wc_Sha256Transform((wc_Sha256*)sha256, data);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    #endif
-#endif /* !NO_SHA256 */
-
-
-#ifdef WOLFSSL_SHA384
-
-    int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(wc_Sha384) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA384_Init");
-        ret = wc_InitSha384((wc_Sha384*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA384_Update");
-        ret = wc_Sha384Update((wc_Sha384*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA384_Final");
-        ret = wc_Sha384Final((wc_Sha384*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha384Free((wc_Sha384*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-#endif /* WOLFSSL_SHA384 */
-
-
-#ifdef WOLFSSL_SHA512
-
-    int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(wc_Sha512) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA512_Init");
-        ret = wc_InitSha512((wc_Sha512*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_Update");
-        ret = wc_Sha512Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_Final");
-        ret = wc_Sha512Final((wc_Sha512*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha512Free((wc_Sha512*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
-        !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
-    /* Apply SHA512 transformation to the data */
-    int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
-                                          const unsigned char* data)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_Transform");
-        /* sanity check */
-        if (sha512 == NULL || data == NULL) {
-            return WOLFSSL_FAILURE;
-        }
-
-        ret = wc_Sha512Transform((wc_Sha512*)sha512, data);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
-              (HAVE_FIPS_VERSION > 2)) && !WOLFSSL_KCAPI_HASH */
-
-#if !defined(WOLFSSL_NOSHA512_224) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-    int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_224_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_224_Init");
-        ret = wc_InitSha512_224((wc_Sha512*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha,
-                                        const void* input, unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_224_Update");
-        ret = wc_Sha512_224Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_SHA512_224_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_224_Final");
-        ret = wc_Sha512_224Final((wc_Sha512*)sha, output);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-    /* Apply SHA512 transformation to the data */
-    int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
-                                          const unsigned char* data)
-    {
-       int ret;
-
-       WOLFSSL_ENTER("SHA512_224_Transform");
-       /* sanity check */
-       if (sha512 == NULL || data == NULL) {
-            return WOLFSSL_FAILURE;
-       }
-
-       ret = wc_Sha512_224Transform((wc_Sha512*)sha512, data);
-
-       /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
-              (HAVE_FIPS_VERSION > 2)) */
-
-#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
-
-#if !defined(WOLFSSL_NOSHA512_256) && \
-   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-    int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_256_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_256_Init");
-        ret = wc_InitSha512_256((wc_Sha512*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha,
-                                        const void* input, unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_256_Update");
-        ret = wc_Sha512_256Update((wc_Sha512*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA512_256_Final");
-        ret = wc_Sha512_256Final((wc_Sha512*)sha, output);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-    /* Apply SHA512 transformation to the data */
-    int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
-                                          const unsigned char* data)
-    {
-       int ret;
-
-       WOLFSSL_ENTER("SHA512_256_Transform");
-       /* sanity check */
-       if (sha512 == NULL || data == NULL) {
-            return WOLFSSL_FAILURE;
-       }
-
-       ret = wc_Sha512_256Transform((wc_Sha512*)sha512, data);
-
-       /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-    #endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
-              (HAVE_FIPS_VERSION > 2)) */
-
-#endif /* !WOLFSSL_NOSHA512_256 && !FIPS ... */
-
-#endif /* WOLFSSL_SHA512 */
-
-#ifdef WOLFSSL_SHA3
-#ifndef WOLFSSL_NOSHA3_224
-    int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA3_224_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA3_224_Init");
-        ret = wc_InitSha3_224((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_224_Update");
-        ret = wc_Sha3_224_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_224_Final(byte* output, WOLFSSL_SHA3_224_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_224_Final");
-        ret = wc_Sha3_224_Final((wc_Sha3*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha3_224_Free((wc_Sha3*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-#endif /* WOLFSSL_NOSHA3_224 */
-
-#ifndef WOLFSSL_NOSHA3_256
-    int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha3_256)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA3_256_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA3_256_Init");
-        ret = wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, INVALID_DEVID);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha, const void* input,
-                              unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_256_Update");
-        ret = wc_Sha3_256_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_256_Final(byte* output, WOLFSSL_SHA3_256_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_256_Final");
-        ret = wc_Sha3_256_Final((wc_Sha3*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha3_256_Free((wc_Sha3*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-#endif /* WOLFSSL_NOSHA3_256 */
-
-    int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA3_384_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA3_384_Init");
-        ret = wc_InitSha3_384((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_384_Update");
-        ret = wc_Sha3_384_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_384_Final(byte* output, WOLFSSL_SHA3_384_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_384_Final");
-        ret = wc_Sha3_384_Final((wc_Sha3*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha3_384_Free((wc_Sha3*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-#ifndef WOLFSSL_NOSHA3_512
-    int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha)
-    {
-        int ret;
-
-        typedef char sha_test[sizeof(SHA3_512_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
-        (void)sizeof(sha_test);
-
-        WOLFSSL_ENTER("SHA3_512_Init");
-        ret = wc_InitSha3_512((wc_Sha3*)sha, NULL, INVALID_DEVID);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha, const void* input,
-                           unsigned long sz)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_512_Update");
-        ret = wc_Sha3_512_Update((wc_Sha3*)sha, (const byte*)input, (word32)sz);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-
-    int wolfSSL_SHA3_512_Final(byte* output, WOLFSSL_SHA3_512_CTX* sha)
-    {
-        int ret;
-
-        WOLFSSL_ENTER("SHA3_512_Final");
-        ret = wc_Sha3_512_Final((wc_Sha3*)sha, output);
-
-        /* have to actually free the resources (if any) here, because the
-         * OpenSSL API doesn't include SHA*_Free().
-         */
-        wc_Sha3_512_Free((wc_Sha3*)sha);
-
-        /* return 1 on success, 0 otherwise */
-        if (ret == 0)
-            return WOLFSSL_SUCCESS;
-        return WOLFSSL_FAILURE;
-    }
-#endif /* WOLFSSL_NOSHA3_512 */
-#endif /* WOLFSSL_SHA3 */
-#endif
-
 #ifdef OPENSSL_EXTRA
-
-    unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key,
-                                int key_len, const unsigned char* d, int n,
-                                unsigned char* md, unsigned int* md_len)
-    {
-        int type;
-        int mdlen;
-        unsigned char* ret = NULL;
-#ifdef WOLFSSL_SMALL_STACK
-        Hmac* hmac = NULL;
-#else
-        Hmac  hmac[1];
-#endif
-        void* heap = NULL;
-
-        WOLFSSL_ENTER("wolfSSL_HMAC");
-        if (!md) {
-            WOLFSSL_MSG("Static buffer not supported, pass in md buffer");
-            return NULL;  /* no static buffer support */
-        }
-
-#ifndef NO_MD5
-        if (XSTRCMP(evp_md, "MD5") == 0) {
-            type = WC_MD5;
-            mdlen = WC_MD5_DIGEST_SIZE;
-        } else
-#endif
-#ifdef WOLFSSL_SHA224
-        if (XSTRCMP(evp_md, "SHA224") == 0) {
-            type = WC_SHA224;
-            mdlen = WC_SHA224_DIGEST_SIZE;
-        } else
-#endif
-#ifndef NO_SHA256
-        if (XSTRCMP(evp_md, "SHA256") == 0) {
-            type = WC_SHA256;
-            mdlen = WC_SHA256_DIGEST_SIZE;
-        } else
-#endif
-#ifdef WOLFSSL_SHA384
-        if (XSTRCMP(evp_md, "SHA384") == 0) {
-            type = WC_SHA384;
-            mdlen = WC_SHA384_DIGEST_SIZE;
-        } else
-#endif
-#ifdef WOLFSSL_SHA512
-        if (XSTRCMP(evp_md, "SHA512") == 0) {
-            type = WC_SHA512;
-            mdlen = WC_SHA512_DIGEST_SIZE;
-        } else
-#endif
-#ifdef WOLFSSL_SHA3
-    #ifndef WOLFSSL_NOSHA3_224
-        if (XSTRCMP(evp_md, "SHA3_224") == 0) {
-            type = WC_SHA3_224;
-            mdlen = WC_SHA3_224_DIGEST_SIZE;
-        } else
-    #endif
-    #ifndef WOLFSSL_NOSHA3_256
-        if (XSTRCMP(evp_md, "SHA3_256") == 0) {
-            type = WC_SHA3_256;
-            mdlen = WC_SHA3_256_DIGEST_SIZE;
-        } else
-    #endif
-        if (XSTRCMP(evp_md, "SHA3_384") == 0) {
-            type = WC_SHA3_384;
-            mdlen = WC_SHA3_384_DIGEST_SIZE;
-        } else
-    #ifndef WOLFSSL_NOSHA3_512
-        if (XSTRCMP(evp_md, "SHA3_512") == 0) {
-            type = WC_SHA3_512;
-            mdlen = WC_SHA3_512_DIGEST_SIZE;
-        } else
-    #endif
-#endif
-#ifndef NO_SHA
-        if (XSTRCMP(evp_md, "SHA") == 0 || XSTRCMP(evp_md, "SHA1") == 0) {
-            type = WC_SHA;
-            mdlen = WC_SHA_DIGEST_SIZE;
-        }
-        else
-#endif
-        {
-            return NULL;
-        }
-
-    #ifdef WOLFSSL_SMALL_STACK
-        hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
-        if (hmac == NULL)
-            return NULL;
-    #endif
-
-        if (wc_HmacInit(hmac, heap, INVALID_DEVID) == 0) {
-            if (wc_HmacSetKey(hmac, type, (const byte*)key, key_len) == 0) {
-                if (wc_HmacUpdate(hmac, d, n) == 0) {
-                    if (wc_HmacFinal(hmac, md) == 0) {
-                        if (md_len)
-                            *md_len = mdlen;
-                        ret = md;
-                    }
-                }
-            }
-            wc_HmacFree(hmac);
-        }
-
-    #ifdef WOLFSSL_SMALL_STACK
-        XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
-    #endif
-
-        (void)evp_md;
-        return ret;
-    }
-
-#ifndef NO_DES3
-    /* 0 on ok */
-    int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
-                              WOLFSSL_DES_key_schedule* schedule)
-    {
-        WOLFSSL_ENTER("wolfSSL_DES_key_sched");
-
-        if (key == NULL || schedule == NULL) {
-            WOLFSSL_MSG("Null argument passed in");
-        }
-        else {
-            XMEMCPY(schedule, key, sizeof(WOLFSSL_const_DES_cblock));
-        }
-
-        return 0;
-    }
-
-
-    /* intended to behave similar to Kerberos mit_des_cbc_cksum
-     * return the last 4 bytes of cipher text */
-    WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
-            WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc,
-            WOLFSSL_const_DES_cblock* iv)
-    {
-        WOLFSSL_DES_LONG ret;
-        unsigned char* tmp;
-        unsigned char* data   = (unsigned char*)in;
-        long           dataSz = length;
-        byte dynamicFlag = 0; /* when padding the buffer created needs free'd */
-
-        WOLFSSL_ENTER("wolfSSL_DES_cbc_cksum");
-
-        if (in == NULL || out == NULL || sc == NULL || iv == NULL) {
-            WOLFSSL_MSG("Bad argument passed in");
-            return 0;
-        }
-
-        /* if input length is not a multiple of DES_BLOCK_SIZE pad with 0s */
-        if (dataSz % DES_BLOCK_SIZE) {
-            dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE);
-            data = (unsigned char*)XMALLOC(dataSz, NULL,
-                                           DYNAMIC_TYPE_TMP_BUFFER);
-            if (data == NULL) {
-                WOLFSSL_MSG("Issue creating temporary buffer");
-                return 0;
-            }
-            dynamicFlag = 1; /* set to free buffer at end */
-            XMEMCPY(data, in, length);
-            XMEMSET(data + length, 0, dataSz - length); /* padding */
-        }
-
-        tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (tmp == NULL) {
-            WOLFSSL_MSG("Issue creating temporary buffer");
-            if (dynamicFlag == 1) {
-                XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            }
-            return 0;
-        }
-
-        wolfSSL_DES_cbc_encrypt(data, tmp, dataSz, sc,
-                (WOLFSSL_DES_cblock*)iv, 1);
-        XMEMCPY((unsigned char*)out, tmp + (dataSz - DES_BLOCK_SIZE),
-                DES_BLOCK_SIZE);
-
-        ret = (((*((unsigned char*)out + 4) & 0xFF) << 24)|
-               ((*((unsigned char*)out + 5) & 0xFF) << 16)|
-               ((*((unsigned char*)out + 6) & 0xFF) << 8) |
-               (*((unsigned char*)out + 7) & 0xFF));
-
-        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        if (dynamicFlag == 1) {
-            XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-        }
-
-        return ret;
-    }
-
-
-    void wolfSSL_DES_cbc_encrypt(const unsigned char* input,
-                                 unsigned char* output, long length,
-                                 WOLFSSL_DES_key_schedule* schedule,
-                                 WOLFSSL_DES_cblock* ivec, int enc)
-    {
-        Des myDes;
-        byte lastblock[DES_BLOCK_SIZE];
-        int  lb_sz;
-        long  blk;
-
-        WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
-
-        /* OpenSSL compat, no ret */
-        if (wc_Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec,
-                !enc) != 0) {
-            WOLFSSL_MSG("wc_Des_SetKey return error.");
-            return;
-        }
-        lb_sz = length%DES_BLOCK_SIZE;
-        blk   = length/DES_BLOCK_SIZE;
-
-        if (enc == DES_ENCRYPT){
-            wc_Des_CbcEncrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE);
-            if(lb_sz){
-                XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
-                XMEMCPY(lastblock, input+length-lb_sz, lb_sz);
-                wc_Des_CbcEncrypt(&myDes, output+blk*DES_BLOCK_SIZE,
-                    lastblock, (word32)DES_BLOCK_SIZE);
-            }
-        }
-        else {
-            wc_Des_CbcDecrypt(&myDes, output, input, (word32)blk*DES_BLOCK_SIZE);
-            if(lb_sz){
-                wc_Des_CbcDecrypt(&myDes, lastblock, input+length-lb_sz, (word32)DES_BLOCK_SIZE);
-                XMEMCPY(output+length-lb_sz, lastblock, lb_sz);
-            }
-        }
-    }
-
-
-    /* WOLFSSL_DES_key_schedule is a unsigned char array of size 8 */
-    void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
-                                      unsigned char* output, long sz,
-                                      WOLFSSL_DES_key_schedule* ks1,
-                                      WOLFSSL_DES_key_schedule* ks2,
-                                      WOLFSSL_DES_key_schedule* ks3,
-                                      WOLFSSL_DES_cblock* ivec, int enc)
-    {
-        int ret;
-        Des3 des;
-        byte key[24];/* EDE uses 24 size key */
-        byte lastblock[DES_BLOCK_SIZE];
-        int  lb_sz;
-        long  blk;
-
-        WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
-
-        if (sz <= 0)
-            return;
-
-        XMEMSET(key, 0, sizeof(key));
-        XMEMCPY(key, *ks1, DES_BLOCK_SIZE);
-        XMEMCPY(&key[DES_BLOCK_SIZE], *ks2, DES_BLOCK_SIZE);
-        XMEMCPY(&key[DES_BLOCK_SIZE * 2], *ks3, DES_BLOCK_SIZE);
-        lb_sz = sz%DES_BLOCK_SIZE;
-        blk   = sz/DES_BLOCK_SIZE;
-
-        /* OpenSSL compat, no ret */
-        (void)wc_Des3Init(&des, NULL, INVALID_DEVID);
-
-        if (enc == DES_ENCRYPT) {
-            if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
-                    DES_ENCRYPTION) == 0) {
-                ret = wc_Des3_CbcEncrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
-            #if defined(WOLFSSL_ASYNC_CRYPT)
-                ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-            #endif
-                (void)ret; /* ignore return codes for processing */
-                if(lb_sz){
-                    XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
-                    XMEMCPY(lastblock, input+sz-lb_sz, lb_sz);
-                    ret = wc_Des3_CbcEncrypt(&des, output+blk*DES_BLOCK_SIZE,
-                        lastblock, (word32)DES_BLOCK_SIZE);
-                #if defined(WOLFSSL_ASYNC_CRYPT)
-                    ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
-                    (void)ret; /* ignore return codes for processing */
-                    XMEMCPY(ivec, output+blk*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-                }
-                else {
-                    XMEMCPY(ivec, output+(blk-1)*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-                }
-            }
-        }
-        else {
-            if (wc_Des3_SetKey(&des, key, (const byte*)ivec,
-                    DES_DECRYPTION) == 0) {
-                if(lb_sz)
-                    XMEMCPY(ivec, input+sz-lb_sz, DES_BLOCK_SIZE);
-                else
-                    XMEMCPY(ivec, input+(blk-1)*DES_BLOCK_SIZE, DES_BLOCK_SIZE);
-                ret = wc_Des3_CbcDecrypt(&des, output, input, (word32)blk*DES_BLOCK_SIZE);
-            #if defined(WOLFSSL_ASYNC_CRYPT)
-                ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-            #endif
-                (void)ret; /* ignore return codes for processing */
-                if(lb_sz){
-                    ret = wc_Des3_CbcDecrypt(&des, lastblock, input+sz-lb_sz, (word32)DES_BLOCK_SIZE);
-                #if defined(WOLFSSL_ASYNC_CRYPT)
-                    ret = wc_AsyncWait(ret, &des.asyncDev, WC_ASYNC_FLAG_NONE);
-                #endif
-                    (void)ret; /* ignore return codes for processing */
-                    XMEMCPY(output+sz-lb_sz, lastblock, lb_sz);
-                }
-            }
-        }
-        wc_Des3Free(&des);
-    }
-
-
-    /* correctly sets ivec for next call */
-    void wolfSSL_DES_ncbc_encrypt(const unsigned char* input,
-                     unsigned char* output, long length,
-                     WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
-                     int enc)
-    {
-        Des myDes;
-        byte lastblock[DES_BLOCK_SIZE];
-        int  lb_sz;
-        long idx = length;
-        long blk;
-
-        WOLFSSL_ENTER("wolfSSL_DES_ncbc_encrypt");
-
-        /* OpenSSL compat, no ret */
-        if (wc_Des_SetKey(&myDes, (const byte*)schedule,
-                         (const byte*)ivec, !enc) != 0) {
-            WOLFSSL_MSG("wc_Des_SetKey return error.");
-            return;
-        }
-
-        lb_sz = length%DES_BLOCK_SIZE;
-        blk   = length/DES_BLOCK_SIZE;
-        idx  -= sizeof(DES_cblock);
-        if (lb_sz) {
-            idx += DES_BLOCK_SIZE - lb_sz;
-        }
-        if (enc == DES_ENCRYPT){
-            wc_Des_CbcEncrypt(&myDes, output, input,
-                    (word32)blk * DES_BLOCK_SIZE);
-            if (lb_sz){
-                XMEMSET(lastblock, 0, DES_BLOCK_SIZE);
-                XMEMCPY(lastblock, input+length-lb_sz, lb_sz);
-                wc_Des_CbcEncrypt(&myDes, output + blk * DES_BLOCK_SIZE,
-                    lastblock, (word32)DES_BLOCK_SIZE);
-            }
-            XMEMCPY(ivec, output + idx, sizeof(DES_cblock));
-        } else {
-            WOLFSSL_DES_cblock tmp;
-            XMEMCPY(tmp, input + idx, sizeof(DES_cblock));
-            wc_Des_CbcDecrypt(&myDes, output, input,
-                    (word32)blk * DES_BLOCK_SIZE);
-            if (lb_sz){
-                wc_Des_CbcDecrypt(&myDes, lastblock, input + length - lb_sz,
-                        (word32)DES_BLOCK_SIZE);
-                XMEMCPY(output+length-lb_sz, lastblock, lb_sz);
-            }
-            XMEMCPY(ivec, tmp, sizeof(WOLFSSL_DES_cblock));
-        }
-
-    }
-
-#endif /* NO_DES3 */
-
     void wolfSSL_ERR_free_strings(void)
     {
         /* handled internally */
@@ -20225,6 +18350,9 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
         ssl->options.haveSessionId = 0;
         ssl->options.tls = 0;
         ssl->options.tls1_1 = 0;
+    #ifdef WOLFSSL_DTLS
+        ssl->options.dtlsStateful = 0;
+    #endif
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
         ssl->options.noPskDheKe = 0;
       #ifdef HAVE_SUPPORTED_CURVES
@@ -20280,7 +18408,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
 
 #endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
 
-#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
     long wolfSSL_CTX_set_mode(WOLFSSL_CTX* ctx, long mode)
     {
         /* WOLFSSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is wolfSSL default mode */
@@ -20336,39 +18464,7 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
     }
 #endif
 
-#ifdef OPENSSL_EXTRA
-
-    #ifndef NO_WOLFSSL_STUB
-    long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
-    {
-        /* TODO: */
-        (void)ssl;
-        WOLFSSL_STUB("SSL_get_mode");
-        return 0;
-    }
-    #endif
-
-    #ifndef NO_WOLFSSL_STUB
-    long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
-    {
-        /* TODO: */
-        (void)ctx;
-        WOLFSSL_STUB("SSL_CTX_get_mode");
-        return 0;
-    }
-    #endif
-
-    #ifndef NO_WOLFSSL_STUB
-    void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
-    {
-        /* TODO: maybe? */
-        (void)ctx;
-        (void)m;
-        WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
-    }
-    #endif
-
-
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* Storing app session context id, this value is inherited by WOLFSSL
      * objects created from WOLFSSL_CTX. Any session that is imported with a
      * different session context id will be rejected.
@@ -20419,6 +18515,39 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out,
 
         return WOLFSSL_SUCCESS;
     }
+#endif
+
+#ifdef OPENSSL_EXTRA
+
+    #ifndef NO_WOLFSSL_STUB
+    long wolfSSL_SSL_get_mode(WOLFSSL* ssl)
+    {
+        /* TODO: */
+        (void)ssl;
+        WOLFSSL_STUB("SSL_get_mode");
+        return 0;
+    }
+    #endif
+
+    #ifndef NO_WOLFSSL_STUB
+    long wolfSSL_CTX_get_mode(WOLFSSL_CTX* ctx)
+    {
+        /* TODO: */
+        (void)ctx;
+        WOLFSSL_STUB("SSL_CTX_get_mode");
+        return 0;
+    }
+    #endif
+
+    #ifndef NO_WOLFSSL_STUB
+    void wolfSSL_CTX_set_default_read_ahead(WOLFSSL_CTX* ctx, int m)
+    {
+        /* TODO: maybe? */
+        (void)ctx;
+        (void)m;
+        WOLFSSL_STUB("SSL_CTX_set_default_read_ahead");
+    }
+    #endif
 
 
     long wolfSSL_CTX_sess_get_cache_size(WOLFSSL_CTX* ctx)
@@ -20743,6 +18872,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl)
         if (ret == 0 && i == ssl->session->chain.count-1) {
             /* On the last element in the chain try to add the CA chain
              * first if we have one for this cert */
+            SSL_CM_WARNING(ssl);
             if (PushCAx509Chain(SSL_CM(ssl), x509, sk)
                     == WOLFSSL_FATAL_ERROR) {
                 ret = WOLFSSL_FATAL_ERROR;
@@ -21214,8 +19344,13 @@ int wolfSSL_session_reused(WOLFSSL* ssl)
 {
     int resuming = 0;
     WOLFSSL_ENTER("wolfSSL_session_reused");
-    if (ssl)
+    if (ssl) {
+#ifndef HAVE_SECURE_RENEGOTIATION
         resuming = ssl->options.resuming;
+#else
+        resuming = ssl->options.resuming || ssl->options.resumed;
+#endif
+    }
     WOLFSSL_LEAVE("wolfSSL_session_reused", resuming);
     return resuming;
 }
@@ -21352,8 +19487,8 @@ static int wolfSSL_DupSessionEx(const WOLFSSL_SESSION* input,
     }
 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_TICKET_NONCE_MALLOC) &&          \
     (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
-        /* free the data, it would be better to re-use the buffer but this
-         * maintain the code simpler. A smart allocator should re-use the free'd
+        /* free the data, it would be better to reuse the buffer but this
+         * maintain the code simpler. A smart allocator should reuse the free'd
          * buffer in the next malloc without much performance penalties. */
     if (output->ticketNonce.data != output->ticketNonce.dataStatic) {
 
@@ -21575,7 +19710,6 @@ int wolfSSL_DupSession(const WOLFSSL_SESSION* input, WOLFSSL_SESSION* output,
 
 WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
 {
-#ifdef HAVE_EXT_CACHE
     WOLFSSL_SESSION* copy;
 
     WOLFSSL_ENTER("wolfSSL_SESSION_dup");
@@ -21598,11 +19732,6 @@ WOLFSSL_SESSION* wolfSSL_SESSION_dup(WOLFSSL_SESSION* session)
         copy = NULL;
     }
     return copy;
-#else
-    WOLFSSL_MSG("wolfSSL_SESSION_dup feature not compiled in");
-    (void)session;
-    return NULL;
-#endif /* HAVE_EXT_CACHE */
 }
 
 void wolfSSL_FreeSession(WOLFSSL_CTX* ctx, WOLFSSL_SESSION* session)
@@ -22051,6 +20180,8 @@ const char* wolfSSL_get_curve_name(WOLFSSL* ssl)
 {
     const char* cName = NULL;
 
+    WOLFSSL_ENTER("wolfSSL_get_curve_name");
+
     if (ssl == NULL)
         return NULL;
 
@@ -22498,6 +20629,11 @@ static WC_INLINE const char* wolfssl_sigalg_to_string(int sig_algo)
             authStr = "ECDSA";
             break;
 #endif
+#ifdef WOLFSSL_SM2
+        case sm2_sa_algo:
+            authStr = "SM2";
+            break;
+#endif
 #ifdef HAVE_ED25519
         case ed25519_sa_algo:
             authStr = "Ed25519";
@@ -22571,6 +20707,18 @@ static WC_INLINE const char* wolfssl_cipher_to_string(int cipher, int key_size)
             encStr = "CHACHA20/POLY1305(256)";
             break;
 #endif
+#ifdef HAVE_ARIA
+        case wolfssl_aria_gcm:
+            if (key_size == 128)
+                encStr = "Aria(128)";
+            else if (key_size == 192)
+                encStr = "Aria(192)";
+            else if (key_size == 256)
+                encStr = "Aria(256)";
+            else
+                encStr = "Aria(?)";
+            break;
+#endif
 #ifdef HAVE_CAMELLIA
         case wolfssl_camellia:
             if (key_size == 128)
@@ -22711,35 +20859,6 @@ int wolfSSL_OCSP_parse_url(char* url, char** host, char** port, char** path,
 }
 #endif
 
-#ifndef NO_MD4
-
-void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4)
-{
-    /* make sure we have a big enough buffer */
-    typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1];
-    (void) sizeof(ok);
-
-    WOLFSSL_ENTER("MD4_Init");
-    wc_InitMd4((Md4*)md4);
-}
-
-
-void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
-                       unsigned long len)
-{
-    WOLFSSL_ENTER("MD4_Update");
-    wc_Md4Update((Md4*)md4, (const byte*)data, (word32)len);
-}
-
-
-void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
-{
-    WOLFSSL_ENTER("MD4_Final");
-    wc_Md4Final((Md4*)md4, digest);
-}
-
-#endif /* NO_MD4 */
-
 #ifndef NO_WOLFSSL_STUB
 void wolfSSL_RAND_screen(void)
 {
@@ -23064,6 +21183,18 @@ void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
     }
 }
 
+void wolfSSL_set_info_callback(WOLFSSL* ssl,
+       void (*f)(const WOLFSSL* ssl, int type, int val))
+{
+    WOLFSSL_ENTER("wolfSSL_set_info_callback");
+    if (ssl == NULL) {
+        WOLFSSL_MSG("Bad function argument");
+    }
+    else {
+        ssl->CBIS = f;
+    }
+}
+
 
 unsigned long wolfSSL_ERR_peek_error(void)
 {
@@ -23114,8 +21245,9 @@ int wolfSSL_ERR_GET_REASON(unsigned long err)
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
     /* Nginx looks for this error to know to stop parsing certificates.
      * Same for HAProxy. */
-    if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE)
-        || (err & 0xFFFFFFL) == -ASN_NO_PEM_HEADER)
+    if (err == ((ERR_LIB_PEM << 24) | PEM_R_NO_START_LINE) ||
+       ((err & 0xFFFFFFL) == -ASN_NO_PEM_HEADER) ||
+       ((err & 0xFFFL) == PEM_R_NO_START_LINE ))
         return PEM_R_NO_START_LINE;
     if (err == ((ERR_LIB_SSL << 24) | -SSL_R_HTTP_REQUEST))
         return SSL_R_HTTP_REQUEST;
@@ -23744,7 +21876,7 @@ long wolfSSL_set_tlsext_debug_arg(WOLFSSL* ssl, void *arg)
 }
 #endif /* HAVE_PK_CALLBACKS */
 
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_NGINX)
 const unsigned char *wolfSSL_SESSION_get0_id_context(
                       const WOLFSSL_SESSION *sess, unsigned int *sid_ctx_length)
 {
@@ -24027,7 +22159,8 @@ size_t wolfSSL_get_peer_finished(const WOLFSSL *ssl, void *buf, size_t count)
 }
 #endif /* WOLFSSL_HAVE_TLS_UNIQUE */
 
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+    defined(OPENSSL_ALL)
 long wolfSSL_get_verify_result(const WOLFSSL *ssl)
 {
     if (ssl == NULL) {
@@ -24333,676 +22466,6 @@ long wolfSSL_CTX_set_tlsext_opaque_prf_input_callback_arg(WOLFSSL_CTX* ctx,
     return WOLFSSL_SUCCESS;
 }
 
-
-#ifndef NO_DES3
-/* 0 on success */
-int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* myDes,
-                                               WOLFSSL_DES_key_schedule* key)
-{
-#ifdef WOLFSSL_CHECK_DESKEY
-    return wolfSSL_DES_set_key_checked(myDes, key);
-#else
-    wolfSSL_DES_set_key_unchecked(myDes, key);
-    return 0;
-#endif
-}
-
-
-
-/* return true in fail case (1) */
-static int DES_check(word32 mask, word32 mask2, unsigned char* key)
-{
-    word32 value[2];
-
-    /* sanity check on length made in wolfSSL_DES_set_key_checked */
-    value[0] = mask;
-    value[1] = mask2;
-    return (XMEMCMP(value, key, sizeof(value)) == 0)? 1: 0;
-}
-
-
-/* check that the key is odd parity and is not a weak key
- * returns -1 if parity is wrong, -2 if weak/null key and 0 on success */
-int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* myDes,
-                                               WOLFSSL_DES_key_schedule* key)
-{
-    if (myDes == NULL || key == NULL) {
-        WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
-        return -2;
-    }
-    else {
-        word32 sz = sizeof(WOLFSSL_DES_key_schedule);
-
-        /* sanity check before call to DES_check */
-        if (sz != (sizeof(word32) * 2)) {
-            WOLFSSL_MSG("Unexpected WOLFSSL_DES_key_schedule size");
-            return -2;
-        }
-
-        /* check odd parity */
-        if (wolfSSL_DES_check_key_parity(myDes) != 1) {
-            WOLFSSL_MSG("Odd parity test fail");
-            return -1;
-        }
-
-        if (wolfSSL_DES_is_weak_key(myDes) == 1) {
-            WOLFSSL_MSG("Weak key found");
-            return -2;
-        }
-
-        /* passed tests, now copy over key */
-        XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
-
-        return 0;
-    }
-}
-
-
-/* check is not weak. Weak key list from Nist "Recommendation for the Triple
- * Data Encryption Algorithm (TDEA) Block Cipher"
- *
- * returns 1 if is weak 0 if not
- */
-int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key)
-{
-    word32 mask, mask2;
-
-    WOLFSSL_ENTER("wolfSSL_DES_is_weak_key");
-
-    if (key == NULL) {
-        WOLFSSL_MSG("NULL key passed in");
-        return 1;
-    }
-
-    mask = 0x01010101; mask2 = 0x01010101;
-    if (DES_check(mask, mask2, *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask = 0xFEFEFEFE; mask2 = 0xFEFEFEFE;
-    if (DES_check(mask, mask2, *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask = 0xE0E0E0E0; mask2 = 0xF1F1F1F1;
-    if (DES_check(mask, mask2, *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask = 0x1F1F1F1F; mask2 = 0x0E0E0E0E;
-    if (DES_check(mask, mask2, *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    /* semi-weak *key check (list from same Nist paper) */
-    mask  = 0x011F011F; mask2 = 0x010E010E;
-    if (DES_check(mask, mask2, *key) ||
-       DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask  = 0x01E001E0; mask2 = 0x01F101F1;
-    if (DES_check(mask, mask2, *key) ||
-       DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask  = 0x01FE01FE; mask2 = 0x01FE01FE;
-    if (DES_check(mask, mask2, *key) ||
-       DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask  = 0x1FE01FE0; mask2 = 0x0EF10EF1;
-    if (DES_check(mask, mask2, *key) ||
-       DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    mask  = 0x1FFE1FFE; mask2 = 0x0EFE0EFE;
-    if (DES_check(mask, mask2, *key) ||
-       DES_check(ByteReverseWord32(mask), ByteReverseWord32(mask2), *key)) {
-        WOLFSSL_MSG("Weak key found");
-        return 1;
-    }
-
-    return 0;
-}
-
-
-void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* myDes,
-                                               WOLFSSL_DES_key_schedule* key)
-{
-    if (myDes != NULL && key != NULL) {
-        XMEMCPY(key, myDes, sizeof(WOLFSSL_const_DES_cblock));
-    }
-}
-
-
-/* Sets the parity of the DES key for use */
-void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* myDes)
-{
-    word32 i;
-    word32 sz = sizeof(WOLFSSL_DES_cblock);
-
-    WOLFSSL_ENTER("wolfSSL_DES_set_odd_parity");
-
-    for (i = 0; i < sz; i++) {
-        unsigned char c = (*myDes)[i];
-        if ((
-            ((c >> 1) & 0x01) ^
-            ((c >> 2) & 0x01) ^
-            ((c >> 3) & 0x01) ^
-            ((c >> 4) & 0x01) ^
-            ((c >> 5) & 0x01) ^
-            ((c >> 6) & 0x01) ^
-            ((c >> 7) & 0x01)) == (c & 0x01)) {
-            WOLFSSL_MSG("Flipping parity bit");
-            (*myDes)[i] = c ^ 0x01;
-        }
-    }
-}
-
-int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *myDes)
-{
-    word32 i;
-    word32 sz = sizeof(WOLFSSL_DES_cblock);
-
-    WOLFSSL_ENTER("wolfSSL_DES_check_key_parity");
-
-    for (i = 0; i < sz; i++) {
-        unsigned char c = (*myDes)[i];
-        if ((
-            ((c >> 1) & 0x01) ^
-            ((c >> 2) & 0x01) ^
-            ((c >> 3) & 0x01) ^
-            ((c >> 4) & 0x01) ^
-            ((c >> 5) & 0x01) ^
-            ((c >> 6) & 0x01) ^
-            ((c >> 7) & 0x01)) == (c & 0x01)) {
-            return 0;
-        }
-    }
-    return 1;
-}
-
-#ifdef WOLFSSL_DES_ECB
-/* Encrypt or decrypt input message desa with key and get output in desb.
- * if enc is DES_ENCRYPT,input message is encrypted or
- * if enc is DES_DECRYPT,input message is decrypted.
- * */
-void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* desa,
-             WOLFSSL_DES_cblock* desb, WOLFSSL_DES_key_schedule* key, int enc)
-{
-    Des myDes;
-
-    WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt");
-
-    if (desa == NULL || key == NULL || desb == NULL ||
-        (enc != DES_ENCRYPT && enc != DES_DECRYPT)) {
-        WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
-    } else {
-        if (wc_Des_SetKey(&myDes, (const byte*) key,
-                           (const byte*) NULL, !enc) != 0) {
-            WOLFSSL_MSG("wc_Des_SetKey return error.");
-            return;
-        }
-        if (enc == DES_ENCRYPT){
-            if (wc_Des_EcbEncrypt(&myDes, (byte*) desb, (const byte*) desa,
-                        sizeof(WOLFSSL_DES_cblock)) != 0){
-                WOLFSSL_MSG("wc_Des_EcbEncrypt return error.");
-            }
-        } else {
-            if (wc_Des_EcbDecrypt(&myDes, (byte*) desb, (const byte*) desa,
-                        sizeof(WOLFSSL_DES_cblock)) != 0){
-                WOLFSSL_MSG("wc_Des_EcbDecrpyt return error.");
-            }
-        }
-    }
-}
-#endif
-#endif /* NO_DES3 */
-
-#ifndef NO_RC4
-/* Set the key state for Arc4 structure.
- *
- * key  Arc4 structure to use
- * len  length of data buffer
- * data initial state to set Arc4 structure
- */
-void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len,
-        const unsigned char* data)
-{
-    typedef char rc4_test[sizeof(WOLFSSL_RC4_KEY) >= sizeof(Arc4) ? 1 : -1];
-    (void)sizeof(rc4_test);
-
-    WOLFSSL_ENTER("wolfSSL_RC4_set_key");
-
-    if (key == NULL || len < 0) {
-        WOLFSSL_MSG("bad argument passed in");
-        return;
-    }
-
-    XMEMSET(key, 0, sizeof(WOLFSSL_RC4_KEY));
-    wc_Arc4SetKey((Arc4*)key, data, (word32)len);
-}
-
-
-/* Encrypt/decrypt with Arc4 structure.
- *
- * len length of buffer to encrypt/decrypt (in/out)
- * in  buffer to encrypt/decrypt
- * out results of encryption/decryption
- */
-void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len,
-        const unsigned char* in, unsigned char* out)
-{
-    WOLFSSL_ENTER("wolfSSL_RC4");
-
-    if (key == NULL || in == NULL || out == NULL) {
-        WOLFSSL_MSG("Bad argument passed in");
-        return;
-    }
-
-    wc_Arc4Process((Arc4*)key, out, in, (word32)len);
-}
-#endif /* NO_RC4 */
-
-#ifndef NO_AES
-
-#ifdef WOLFSSL_AES_DIRECT
-/* AES encrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input.
- *
- * input  Data to encrypt
- * output Encrypted data after done
- * key    AES key to use for encryption
- */
-void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output,
-        AES_KEY *key)
-{
-    WOLFSSL_ENTER("wolfSSL_AES_encrypt");
-
-    if (input == NULL || output == NULL || key == NULL) {
-        WOLFSSL_MSG("Null argument passed in");
-        return;
-    }
-
-#if !defined(HAVE_SELFTEST) && \
-    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
-    if (wc_AesEncryptDirect((Aes*)key, output, input) != 0) {
-        WOLFSSL_MSG("wc_AesEncryptDirect failed");
-        return;
-    }
-#else
-    wc_AesEncryptDirect((Aes*)key, output, input);
-#endif
-}
-
-
-/* AES decrypt direct, it is expected to be blocks of AES_BLOCK_SIZE for input.
- *
- * input  Data to decrypt
- * output Decrypted data after done
- * key    AES key to use for encryption
- */
-void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
-        AES_KEY *key)
-{
-    WOLFSSL_ENTER("wolfSSL_AES_decrypt");
-
-    if (input == NULL || output == NULL || key == NULL) {
-        WOLFSSL_MSG("Null argument passed in");
-        return;
-    }
-
-#if !defined(HAVE_SELFTEST) && \
-    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
-    if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
-        WOLFSSL_MSG("wc_AesDecryptDirect failed");
-        return;
-    }
-#else
-    wc_AesDecryptDirect((Aes*)key, output, input);
-#endif
-}
-#endif /* WOLFSSL_AES_DIRECT */
-
-/* Setup of an AES key to use for encryption.
- *
- * key  key in bytes to use for encryption
- * bits size of key in bits
- * aes  AES structure to initialize
- */
-int wolfSSL_AES_set_encrypt_key(const unsigned char *key, const int bits,
-        AES_KEY *aes)
-{
-    typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
-    (void)sizeof(aes_test);
-
-    WOLFSSL_ENTER("wolfSSL_AES_set_encrypt_key");
-
-    if (key == NULL || aes == NULL) {
-        WOLFSSL_MSG("Null argument passed in");
-        return -1;
-    }
-
-    XMEMSET(aes, 0, sizeof(AES_KEY));
-    if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_ENCRYPT) != 0) {
-        WOLFSSL_MSG("Error in setting AES key");
-        return -1;
-    }
-    return 0;
-}
-
-
-/* Setup of an AES key to use for decryption.
- *
- * key  key in bytes to use for decryption
- * bits size of key in bits
- * aes  AES structure to initialize
- */
-int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits,
-        AES_KEY *aes)
-{
-    typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
-    (void)sizeof(aes_test);
-
-    WOLFSSL_ENTER("wolfSSL_AES_set_decrypt_key");
-
-    if (key == NULL || aes == NULL) {
-        WOLFSSL_MSG("Null argument passed in");
-        return -1;
-    }
-
-    XMEMSET(aes, 0, sizeof(AES_KEY));
-    if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, AES_DECRYPT) != 0) {
-        WOLFSSL_MSG("Error in setting AES key");
-        return -1;
-    }
-    return 0;
-}
-
-
-#ifdef HAVE_AES_ECB
-/* Encrypt/decrypt a 16 byte block of data using the key passed in.
- *
- * in  buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * key AES structure to use with encryption/decryption
- * enc AES_ENCRPT for encryption and AES_DECRYPT for decryption
- */
-void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out,
-                             AES_KEY *key, const int enc)
-{
-    Aes* aes;
-
-    WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt");
-
-    if (key == NULL || in == NULL || out == NULL) {
-        WOLFSSL_MSG("Error, Null argument passed in");
-        return;
-    }
-
-    aes = (Aes*)key;
-    if (enc == AES_ENCRYPT) {
-        if (wc_AesEcbEncrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
-            WOLFSSL_MSG("Error with AES CBC encrypt");
-        }
-    }
-    else {
-    #ifdef HAVE_AES_DECRYPT
-        if (wc_AesEcbDecrypt(aes, out, in, AES_BLOCK_SIZE) != 0) {
-            WOLFSSL_MSG("Error with AES CBC decrypt");
-        }
-    #else
-        WOLFSSL_MSG("AES decryption not compiled in");
-    #endif
-    }
-}
-#endif /* HAVE_AES_ECB */
-
-#ifdef HAVE_AES_CBC
-/* Encrypt data using key and iv passed in. iv gets updated to most recent iv
- * state after encryption/decryption.
- *
- * in  buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * len length of input buffer
- * key AES structure to use with encryption/decryption
- * iv  iv to use with operation
- * enc 1 for encryption and 0 for decryption
- */
-void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out,
-        size_t len, AES_KEY *key, unsigned char* iv, const int enc)
-{
-    Aes* aes;
-
-    WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
-
-    if (key == NULL || in == NULL || out == NULL || iv == NULL || len == 0) {
-        WOLFSSL_MSG("Error, Null argument passed in");
-        return;
-    }
-
-    aes = (Aes*)key;
-    if (wc_AesSetIV(aes, (const byte*)iv) != 0) {
-        WOLFSSL_MSG("Error with setting iv");
-        return;
-    }
-
-    if (enc == AES_ENCRYPT) {
-        if (wc_AesCbcEncrypt(aes, out, in, (word32)len) != 0) {
-            WOLFSSL_MSG("Error with AES CBC encrypt");
-            return;
-        }
-    }
-    else {
-        if (wc_AesCbcDecrypt(aes, out, in, (word32)len) != 0) {
-            WOLFSSL_MSG("Error with AES CBC decrypt");
-            return;
-        }
-    }
-
-    /* to be compatible copy iv to iv buffer after completing operation */
-    XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
-}
-#endif /* HAVE_AES_CBC */
-
-
-/* Encrypt data using CFB mode with key and iv passed in. iv gets updated to
- * most recent iv state after encryption/decryption.
- *
- * in  buffer to encrypt/decrypt
- * out buffer to hold result of encryption/decryption
- * len length of input buffer
- * key AES structure to use with encryption/decryption
- * iv  iv to use with operation
- * num contains the amount of block used
- * enc AES_ENCRYPT for encryption and AES_DECRYPT for decryption
- */
-void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
-        size_t len, AES_KEY *key, unsigned char* iv, int* num,
-        const int enc)
-{
-#ifndef WOLFSSL_AES_CFB
-    WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB");
-    (void)in;
-    (void)out;
-    (void)len;
-    (void)key;
-    (void)iv;
-    (void)num;
-    (void)enc;
-
-    return;
-#else
-    Aes* aes;
-
-    WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
-    if (key == NULL || in == NULL || out == NULL || iv == NULL) {
-        WOLFSSL_MSG("Error, Null argument passed in");
-        return;
-    }
-
-    aes = (Aes*)key;
-
-    /*
-     * We copy the IV directly into reg here because using wc_AesSetIV will
-     * clear the leftover bytes field "left", and this function relies on the
-     * leftover bytes being preserved between calls.
-     */
-    XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
-
-    if (enc == AES_ENCRYPT) {
-        if (wc_AesCfbEncrypt(aes, out, in, (word32)len) != 0) {
-            WOLFSSL_MSG("Error with AES CBC encrypt");
-            return;
-        }
-    }
-    else {
-        if (wc_AesCfbDecrypt(aes, out, in, (word32)len) != 0) {
-            WOLFSSL_MSG("Error with AES CBC decrypt");
-            return;
-        }
-    }
-
-    /* to be compatible copy iv to iv buffer after completing operation */
-    XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
-
-    /* store number of left over bytes to num */
-    *num = (aes->left)? AES_BLOCK_SIZE - aes->left : 0;
-#endif /* WOLFSSL_AES_CFB */
-}
-
-/* wc_AesKey*Wrap_ex API not available in FIPS and SELFTEST */
-#if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv,
-                 unsigned char *out,
-                 const unsigned char *in, unsigned int inlen)
-{
-    int ret;
-
-    WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
-
-    if (out == NULL || in == NULL) {
-        WOLFSSL_MSG("Error, Null argument passed in");
-        return WOLFSSL_FAILURE;
-    }
-
-    ret = wc_AesKeyWrap_ex((Aes*)key, in, inlen, out, inlen + KEYWRAP_BLOCK_SIZE, iv);
-
-    return ret < 0 ? WOLFSSL_FAILURE : ret;
-}
-
-int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
-                   unsigned char *out,
-                   const unsigned char *in, unsigned int inlen)
-{
-    int ret;
-
-    WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
-
-    if (out == NULL || in == NULL) {
-        WOLFSSL_MSG("Error, Null argument passed in");
-        return WOLFSSL_FAILURE;
-    }
-
-    ret = wc_AesKeyUnWrap_ex((Aes*)key, in, inlen, out, inlen + KEYWRAP_BLOCK_SIZE, iv);
-
-    return ret < 0 ? WOLFSSL_FAILURE : ret;
-}
-#endif /* HAVE_AES_KEYWRAP && !HAVE_FIPS && !HAVE_SELFTEST */
-
-#ifdef HAVE_CTS
-/*
- * Ciphertext stealing interface compatible with RFC2040 and RFC3962.
- */
-size_t wolfSSL_CRYPTO_cts128_encrypt(const unsigned char *in,
-        unsigned char *out, size_t len, const void *key,
-        unsigned char *iv, WOLFSSL_CBC128_CB cbc)
-{
-    byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
-    int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
-    WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_encrypt");
-
-    if (in == NULL || out == NULL || len < WOLFSSL_CTS128_BLOCK_SZ ||
-            cbc == NULL) {
-        WOLFSSL_MSG("Bad parameter");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (lastBlkLen == 0)
-        lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
-
-    /* Encrypt data up to last block */
-    (*cbc)(in, out, len - lastBlkLen, key, iv, AES_ENCRYPT);
-
-    /* Move to last block */
-    in += len - lastBlkLen;
-    out += len - lastBlkLen;
-
-    /* RFC2040: Pad Pn with zeros at the end to create P of length BB. */
-    XMEMCPY(lastBlk, in, lastBlkLen);
-    XMEMSET(lastBlk + lastBlkLen, 0, WOLFSSL_CTS128_BLOCK_SZ - lastBlkLen);
-    /* RFC2040: Select the first Ln bytes of En-1 to create Cn */
-    XMEMCPY(out, out - WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
-    (*cbc)(lastBlk, out - WOLFSSL_CTS128_BLOCK_SZ, WOLFSSL_CTS128_BLOCK_SZ,
-            key, iv, AES_ENCRYPT);
-
-    return len;
-}
-
-size_t wolfSSL_CRYPTO_cts128_decrypt(const unsigned char *in,
-        unsigned char *out, size_t len, const void *key,
-        unsigned char *iv, WOLFSSL_CBC128_CB cbc)
-{
-    byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
-    byte prevBlk[WOLFSSL_CTS128_BLOCK_SZ];
-    int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
-    WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_decrypt");
-
-    if (in == NULL || out == NULL || len <= WOLFSSL_CTS128_BLOCK_SZ ||
-            cbc == NULL) {
-        WOLFSSL_MSG("Bad parameter");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (lastBlkLen == 0)
-        lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
-
-    /* Decrypt up to last two blocks */
-    (*cbc)(in, out, len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ, key, iv,
-            AES_DECRYPTION);
-
-    /* Move to last two blocks */
-    in += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
-    out += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
-
-    /* RFC2040: Decrypt Cn-1 to create Dn.
-     * Use 0 buffer as IV to do straight decryption.
-     * This places the Cn-1 block at lastBlk */
-    XMEMSET(lastBlk, 0, WOLFSSL_CTS128_BLOCK_SZ);
-    (*cbc)(in, prevBlk, WOLFSSL_CTS128_BLOCK_SZ, key, lastBlk, AES_DECRYPT);
-    /* RFC2040: Append the tail (BB minus Ln) bytes of Xn to Cn
-     *          to create En. */
-    XMEMCPY(prevBlk, in + WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
-    /* Cn and Cn-1 can now be decrypted */
-    (*cbc)(prevBlk, out, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
-    (*cbc)(lastBlk, lastBlk, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
-    XMEMCPY(out + WOLFSSL_CTS128_BLOCK_SZ, lastBlk, lastBlkLen);
-    return len;
-}
-#endif /* HAVE_CTS */
-#endif /* NO_AES */
-
 #endif /* OPENSSL_EXTRA */
 
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
@@ -25174,6 +22637,38 @@ error:
     return NULL;
 }
 
+
+WOLFSSL_STACK* wolfSSL_shallow_sk_dup(WOLFSSL_STACK* sk)
+{
+
+    WOLFSSL_STACK* ret = NULL;
+    WOLFSSL_STACK** prev = &ret;
+
+    WOLFSSL_ENTER("wolfSSL_shallow_sk_dup");
+
+    for (; sk != NULL; sk = sk->next) {
+        WOLFSSL_STACK* cur = wolfSSL_sk_new_node(sk->heap);
+
+        if (!cur) {
+            WOLFSSL_MSG("wolfSSL_sk_new_node error");
+            goto error;
+        }
+
+        XMEMCPY(cur, sk, sizeof(WOLFSSL_STACK));
+        cur->next = NULL;
+
+        *prev = cur;
+        prev = &cur->next;
+    }
+    return ret;
+
+error:
+    if (ret) {
+        wolfSSL_sk_free(ret);
+    }
+    return NULL;
+}
+
 /* Free the just the stack structure */
 void wolfSSL_sk_free(WOLFSSL_STACK* sk)
 {
@@ -25510,7 +23005,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
     /* ServerID len | ServerID */
     size += OPAQUE16_LEN + sess->idLen;
 #endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* session context ID len | session context ID */
     size += OPAQUE8_LEN + sess->sessionCtxSz;
 #endif
@@ -25590,7 +23085,7 @@ int wolfSSL_i2d_SSL_SESSION(WOLFSSL_SESSION* sess, unsigned char** p)
         XMEMCPY(data + idx, sess->serverID, sess->idLen);
         idx += sess->idLen;
 #endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
         data[idx++] = sess->sessionCtxSz;
         XMEMCPY(data + idx, sess->sessionCtx, sess->sessionCtxSz);
         idx += sess->sessionCtxSz;
@@ -25770,7 +23265,7 @@ WOLFSSL_SESSION* wolfSSL_d2i_SSL_SESSION(WOLFSSL_SESSION** sess,
     }
     XMEMCPY(s->serverID, data + idx, s->idLen); idx += s->idLen;
 #endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* byte for length of session context ID */
     if (i - idx < OPAQUE8_LEN) {
         ret = BUFFER_ERROR;
@@ -25949,6 +23444,20 @@ long wolfSSL_SESSION_get_timeout(const WOLFSSL_SESSION* sess)
     return timeout;
 }
 
+long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
+{
+    word32 tmptime;
+
+    ses = ClientSessionToSession(ses);
+    if (ses == NULL || t < 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    tmptime = t & 0xFFFFFFFF;
+    ses->timeout = tmptime;
+
+    return WOLFSSL_SUCCESS;
+}
 
 long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
 {
@@ -25960,19 +23469,15 @@ long wolfSSL_SESSION_get_time(const WOLFSSL_SESSION* sess)
     return bornOn;
 }
 
-long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t)
+long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t)
 {
-    word32 tmptime;
 
     ses = ClientSessionToSession(ses);
     if (ses == NULL || t < 0) {
-        return BAD_FUNC_ARG;
+        return 0;
     }
-
-    tmptime = t & 0xFFFFFFFF;
-    ses->timeout = tmptime;
-
-    return WOLFSSL_SUCCESS;
+    ses->bornOn = (word32)t;
+    return t;
 }
 
 #endif /* !NO_SESSION_CACHE && OPENSSL_EXTRA || HAVE_EXT_CACHE */
@@ -26103,7 +23608,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
 
     /* oidCertNameType */
     { NID_commonName, NID_commonName, oidCertNameType, "CN", "commonName"},
+#if !defined(WOLFSSL_CERT_REQ)
     { NID_surname, NID_surname, oidCertNameType, "SN", "surname"},
+#endif
     { NID_serialNumber, NID_serialNumber, oidCertNameType, "serialNumber",
                                                             "serialNumber"},
     { NID_userId, NID_userId, oidCertNameType, "UID", "userid"},
@@ -26187,6 +23694,9 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
         { NID_sha3_512, SHA3_512h, oidHashType, "SHA3-512", "sha3-512"},
         #endif
     #endif /* WOLFSSL_SHA3 */
+    #ifdef WOLFSSL_SM3
+        { NID_sm3, SM3h, oidHashType, "SM3", "sm3"},
+    #endif
         /* oidSigType */
     #ifndef NO_DSA
         #ifndef NO_SHA
@@ -26359,6 +23869,10 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
         { NID_brainpoolP320r1, ECC_BRAINPOOLP320R1_OID,  oidCurveType, "brainpoolP320r1", "brainpoolP320r1"},
         { NID_brainpoolP384r1, ECC_BRAINPOOLP384R1_OID,  oidCurveType, "brainpoolP384r1", "brainpoolP384r1"},
         { NID_brainpoolP512r1, ECC_BRAINPOOLP512R1_OID,  oidCurveType, "brainpoolP512r1", "brainpoolP512r1"},
+
+    #ifdef WOLFSSL_SM2
+        { NID_sm2, ECC_SM2P256V1_OID, oidCurveType, "sm2", "sm2"},
+    #endif
     #endif /* HAVE_ECC */
 
         /* oidBlkType */
@@ -26461,724 +23975,6 @@ const WOLFSSL_ObjectInfo wolfssl_object_info[] = {
 const size_t wolfssl_object_info_sz = WOLFSSL_OBJECT_INFO_SZ;
 #endif
 
-#ifdef OPENSSL_EXTRA
-WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void)
-{
-    WOLFSSL_HMAC_CTX* hmac_ctx = (WOLFSSL_HMAC_CTX*)XMALLOC(
-        sizeof(WOLFSSL_HMAC_CTX), NULL, DYNAMIC_TYPE_OPENSSL);
-    if (hmac_ctx != NULL) {
-        XMEMSET(hmac_ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
-    }
-    return hmac_ctx;
-}
-
-int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx)
-{
-    WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init");
-
-    if (ctx != NULL) {
-        /* wc_HmacSetKey sets up ctx->hmac */
-        XMEMSET(ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key,
-                             int keylen, const EVP_MD* type, WOLFSSL_ENGINE* e)
-{
-    WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex");
-
-    /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */
-    (void)e;
-    return wolfSSL_HMAC_Init(ctx, key, keylen, type);
-}
-
-
-/* helper function for Deep copy of internal wolfSSL hmac structure
- * returns WOLFSSL_SUCCESS on success */
-int wolfSSL_HmacCopy(Hmac* des, Hmac* src)
-{
-    void* heap;
-    int ret;
-
-#ifndef HAVE_FIPS
-    heap = src->heap;
-#else
-    heap = NULL;
-#endif
-    if (wc_HmacInit(des, heap, 0) != 0) {
-        return WOLFSSL_FAILURE;
-    }
-
-    /* requires that hash structures have no dynamic parts to them */
-    switch (src->macType) {
-    #ifndef NO_MD5
-        case WC_MD5:
-            ret = wc_Md5Copy(&src->hash.md5, &des->hash.md5);
-            break;
-    #endif /* !NO_MD5 */
-
-    #ifndef NO_SHA
-        case WC_SHA:
-            ret = wc_ShaCopy(&src->hash.sha, &des->hash.sha);
-            break;
-    #endif /* !NO_SHA */
-
-    #ifdef WOLFSSL_SHA224
-        case WC_SHA224:
-            ret = wc_Sha224Copy(&src->hash.sha224, &des->hash.sha224);
-            break;
-    #endif /* WOLFSSL_SHA224 */
-
-    #ifndef NO_SHA256
-        case WC_SHA256:
-            ret = wc_Sha256Copy(&src->hash.sha256, &des->hash.sha256);
-            break;
-    #endif /* !NO_SHA256 */
-
-    #ifdef WOLFSSL_SHA384
-        case WC_SHA384:
-            ret = wc_Sha384Copy(&src->hash.sha384, &des->hash.sha384);
-            break;
-    #endif /* WOLFSSL_SHA384 */
-    #ifdef WOLFSSL_SHA512
-        case WC_SHA512:
-            ret = wc_Sha512Copy(&src->hash.sha512, &des->hash.sha512);
-            break;
-    #endif /* WOLFSSL_SHA512 */
-#ifdef WOLFSSL_SHA3
-    #ifndef WOLFSSL_NOSHA3_224
-        case WC_SHA3_224:
-            ret = wc_Sha3_224_Copy(&src->hash.sha3, &des->hash.sha3);
-            break;
-    #endif /* WOLFSSL_NO_SHA3_224 */
-    #ifndef WOLFSSL_NOSHA3_256
-        case WC_SHA3_256:
-            ret = wc_Sha3_256_Copy(&src->hash.sha3, &des->hash.sha3);
-            break;
-    #endif /* WOLFSSL_NO_SHA3_256 */
-    #ifndef WOLFSSL_NOSHA3_384
-        case WC_SHA3_384:
-            ret = wc_Sha3_384_Copy(&src->hash.sha3, &des->hash.sha3);
-            break;
-    #endif /* WOLFSSL_NO_SHA3_384 */
-    #ifndef WOLFSSL_NOSHA3_512
-        case WC_SHA3_512:
-            ret = wc_Sha3_512_Copy(&src->hash.sha3, &des->hash.sha3);
-            break;
-    #endif /* WOLFSSL_NO_SHA3_512 */
-#endif /* WOLFSSL_SHA3 */
-
-        default:
-            return WOLFSSL_FAILURE;
-    }
-
-    if (ret != 0)
-        return WOLFSSL_FAILURE;
-
-    XMEMCPY((byte*)des->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
-    XMEMCPY((byte*)des->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
-    XMEMCPY((byte*)des->innerHash, (byte*)src->innerHash, WC_MAX_DIGEST_SIZE);
-#ifndef HAVE_FIPS
-    des->heap    = heap;
-#endif
-    des->macType = src->macType;
-    des->innerHashKeyed = src->innerHashKeyed;
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    XMEMCPY(&des->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV));
-    des->keyLen = src->keyLen;
-    #ifdef HAVE_CAVIUM
-        des->data = (byte*)XMALLOC(src->dataLen, des->heap,
-                DYNAMIC_TYPE_HMAC);
-        if (des->data == NULL) {
-            return BUFFER_E;
-        }
-        XMEMCPY(des->data, src->data, src->dataLen);
-        des->dataLen = src->dataLen;
-    #endif /* HAVE_CAVIUM */
-#endif /* WOLFSSL_ASYNC_CRYPT */
-        return WOLFSSL_SUCCESS;
-}
-
-
-/* Deep copy of information from src to des structure
- *
- * des destination to copy information to
- * src structure to get information from
- *
- * Returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on error
- */
-int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* des, WOLFSSL_HMAC_CTX* src)
-{
-    WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
-
-    if (des == NULL || src == NULL) {
-        return WOLFSSL_FAILURE;
-    }
-
-    des->type = src->type;
-    XMEMCPY((byte *)&des->save_ipad, (byte *)&src->hmac.ipad,
-                                        WC_HMAC_BLOCK_SIZE);
-    XMEMCPY((byte *)&des->save_opad, (byte *)&src->hmac.opad,
-                                        WC_HMAC_BLOCK_SIZE);
-
-    return wolfSSL_HmacCopy(&des->hmac, &src->hmac);
-}
-
-
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-static int _HMAC_Init(Hmac* hmac, int type, void* heap)
-{
-    int ret = 0;
-
-    switch (type) {
-    #ifndef NO_MD5
-        case WC_MD5:
-            ret = wc_InitMd5(&hmac->hash.md5);
-            break;
-    #endif /* !NO_MD5 */
-
-    #ifndef NO_SHA
-        case WC_SHA:
-            ret = wc_InitSha(&hmac->hash.sha);
-            break;
-    #endif /* !NO_SHA */
-
-    #ifdef WOLFSSL_SHA224
-        case WC_SHA224:
-            ret = wc_InitSha224(&hmac->hash.sha224);
-            break;
-    #endif /* WOLFSSL_SHA224 */
-
-    #ifndef NO_SHA256
-        case WC_SHA256:
-            ret = wc_InitSha256(&hmac->hash.sha256);
-            break;
-    #endif /* !NO_SHA256 */
-
-    #ifdef WOLFSSL_SHA384
-        case WC_SHA384:
-            ret = wc_InitSha384(&hmac->hash.sha384);
-            break;
-    #endif /* WOLFSSL_SHA384 */
-    #ifdef WOLFSSL_SHA512
-        case WC_SHA512:
-            ret = wc_InitSha512(&hmac->hash.sha512);
-            break;
-    #endif /* WOLFSSL_SHA512 */
-
-    #ifdef WOLFSSL_SHA3
-        case WC_SHA3_224:
-            ret = wc_InitSha3_224(&hmac->hash.sha3, heap, INVALID_DEVID);
-            break;
-        case WC_SHA3_256:
-            ret = wc_InitSha3_256(&hmac->hash.sha3, heap, INVALID_DEVID);
-            break;
-        case WC_SHA3_384:
-            ret = wc_InitSha3_384(&hmac->hash.sha3, heap, INVALID_DEVID);
-            break;
-        case WC_SHA3_512:
-            ret = wc_InitSha3_512(&hmac->hash.sha3, heap, INVALID_DEVID);
-            break;
-    #endif
-
-        default:
-            ret = BAD_FUNC_ARG;
-            break;
-    }
-
-    (void)heap;
-
-    return ret;
-}
-
-#else
-    #define _HMAC_Init _InitHmac
-#endif
-
-
-int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
-                  const EVP_MD* type)
-{
-    int hmac_error = 0;
-    void* heap = NULL;
-    int inited;
-
-    WOLFSSL_MSG("wolfSSL_HMAC_Init");
-
-    if (ctx == NULL) {
-        WOLFSSL_MSG("no ctx on init");
-        return WOLFSSL_FAILURE;
-    }
-
-#ifndef HAVE_FIPS
-    heap = ctx->hmac.heap;
-#endif
-
-    if (type) {
-        WOLFSSL_MSG("init has type");
-
-#ifndef NO_MD5
-        if (XSTRNCMP(type, "MD5", 3) == 0) {
-            WOLFSSL_MSG("md5 hmac");
-            ctx->type = WC_MD5;
-        }
-        else
-#endif
-#ifdef WOLFSSL_SHA224
-        if (XSTRNCMP(type, "SHA224", 6) == 0) {
-            WOLFSSL_MSG("sha224 hmac");
-            ctx->type = WC_SHA224;
-        }
-        else
-#endif
-#ifndef NO_SHA256
-        if (XSTRNCMP(type, "SHA256", 6) == 0) {
-            WOLFSSL_MSG("sha256 hmac");
-            ctx->type = WC_SHA256;
-        }
-        else
-#endif
-#ifdef WOLFSSL_SHA384
-        if (XSTRNCMP(type, "SHA384", 6) == 0) {
-            WOLFSSL_MSG("sha384 hmac");
-            ctx->type = WC_SHA384;
-        }
-        else
-#endif
-#ifdef WOLFSSL_SHA512
-        if (XSTRNCMP(type, "SHA512", 6) == 0) {
-            WOLFSSL_MSG("sha512 hmac");
-            ctx->type = WC_SHA512;
-        }
-        else
-#endif
-#ifdef WOLFSSL_SHA3
-    #ifndef WOLFSSL_NOSHA3_224
-        if (XSTRNCMP(type, "SHA3_224", 8) == 0) {
-            WOLFSSL_MSG("sha3_224 hmac");
-            ctx->type = WC_SHA3_224;
-        }
-        else
-    #endif
-    #ifndef WOLFSSL_NOSHA3_256
-        if (XSTRNCMP(type, "SHA3_256", 8) == 0) {
-            WOLFSSL_MSG("sha3_256 hmac");
-            ctx->type = WC_SHA3_256;
-        }
-        else
-    #endif
-        if (XSTRNCMP(type, "SHA3_384", 8) == 0) {
-            WOLFSSL_MSG("sha3_384 hmac");
-            ctx->type = WC_SHA3_384;
-        }
-        else
-    #ifndef WOLFSSL_NOSHA3_512
-        if (XSTRNCMP(type, "SHA3_512", 8) == 0) {
-            WOLFSSL_MSG("sha3_512 hmac");
-            ctx->type = WC_SHA3_512;
-        }
-        else
-    #endif
-#endif
-
-#ifndef NO_SHA
-        /* has to be last since would pick or 256, 384, or 512 too */
-        if (XSTRNCMP(type, "SHA", 3) == 0) {
-            WOLFSSL_MSG("sha hmac");
-            ctx->type = WC_SHA;
-        }
-        else
-#endif
-        {
-            WOLFSSL_MSG("bad init type");
-            return WOLFSSL_FAILURE;
-        }
-    }
-
-    /* Check if init has been called before */
-    inited = (ctx->hmac.macType != WC_HASH_TYPE_NONE);
-    /* Free if needed */
-    if (inited) {
-        wc_HmacFree(&ctx->hmac);
-    }
-    if (key != NULL) {
-        WOLFSSL_MSG("keying hmac");
-
-        if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
-            hmac_error = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
-                                       (word32)keylen);
-            if (hmac_error < 0){
-                /* in FIPS mode a key < 14 characters will fail here */
-                WOLFSSL_MSG("hmac set key error");
-                WOLFSSL_ERROR(hmac_error);
-                wc_HmacFree(&ctx->hmac);
-                return WOLFSSL_FAILURE;
-            }
-            XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
-                                        WC_HMAC_BLOCK_SIZE);
-            XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
-                                        WC_HMAC_BLOCK_SIZE);
-        }
-        /* OpenSSL compat, no error */
-    }
-    else if (!inited) {
-        return WOLFSSL_FAILURE;
-    }
-    else if (ctx->type >= 0) { /* MD5 == 0 */
-        WOLFSSL_MSG("recover hmac");
-        if (wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID) == 0) {
-            ctx->hmac.macType = (byte)ctx->type;
-            ctx->hmac.innerHashKeyed = 0;
-            XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
-                                       WC_HMAC_BLOCK_SIZE);
-            XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
-                                       WC_HMAC_BLOCK_SIZE);
-            if ((hmac_error = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap))
-                    !=0) {
-                WOLFSSL_MSG("hmac init error");
-                WOLFSSL_ERROR(hmac_error);
-                return WOLFSSL_FAILURE;
-            }
-        }
-    }
-
-    (void)hmac_error;
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
-                    int len)
-{
-    WOLFSSL_MSG("wolfSSL_HMAC_Update");
-
-    if (ctx == NULL) {
-        WOLFSSL_MSG("no ctx");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (data) {
-        int hmac_error = 0;
-
-        WOLFSSL_MSG("updating hmac");
-        hmac_error = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
-        if (hmac_error < 0){
-            WOLFSSL_MSG("hmac update error");
-            return WOLFSSL_FAILURE;
-        }
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
-                   unsigned int* len)
-{
-    int hmac_error;
-
-    WOLFSSL_MSG("wolfSSL_HMAC_Final");
-
-    /* "len" parameter is optional. */
-    if (ctx == NULL || hash == NULL) {
-        WOLFSSL_MSG("invalid parameter");
-        return WOLFSSL_FAILURE;
-    }
-
-    WOLFSSL_MSG("final hmac");
-    hmac_error = wc_HmacFinal(&ctx->hmac, hash);
-    if (hmac_error < 0){
-        WOLFSSL_MSG("final hmac error");
-        return WOLFSSL_FAILURE;
-    }
-
-    if (len) {
-        WOLFSSL_MSG("setting output len");
-        switch (ctx->type) {
-            #ifndef NO_MD5
-            case WC_MD5:
-                *len = WC_MD5_DIGEST_SIZE;
-                break;
-            #endif
-
-            #ifndef NO_SHA
-            case WC_SHA:
-                *len = WC_SHA_DIGEST_SIZE;
-                break;
-            #endif
-
-            #ifdef WOLFSSL_SHA224
-            case WC_SHA224:
-                *len = WC_SHA224_DIGEST_SIZE;
-                break;
-            #endif
-
-            #ifndef NO_SHA256
-            case WC_SHA256:
-                *len = WC_SHA256_DIGEST_SIZE;
-                break;
-            #endif
-
-            #ifdef WOLFSSL_SHA384
-            case WC_SHA384:
-                *len = WC_SHA384_DIGEST_SIZE;
-                break;
-            #endif
-
-            #ifdef WOLFSSL_SHA512
-            case WC_SHA512:
-                *len = WC_SHA512_DIGEST_SIZE;
-                break;
-            #endif
-
-        #ifdef WOLFSSL_SHA3
-            #ifndef WOLFSSL_NOSHA3_224
-            case WC_SHA3_224:
-                *len = WC_SHA3_224_DIGEST_SIZE;
-                break;
-            #endif
-            #ifndef WOLFSSL_NOSHA3_256
-            case WC_SHA3_256:
-                *len = WC_SHA3_256_DIGEST_SIZE;
-                break;
-            #endif
-            #ifndef WOLFSSL_NOSHA3_384
-            case WC_SHA3_384:
-                *len = WC_SHA3_384_DIGEST_SIZE;
-                break;
-            #endif
-            #ifndef WOLFSSL_NOSHA3_512
-            case WC_SHA3_512:
-                *len = WC_SHA3_512_DIGEST_SIZE;
-                break;
-            #endif
-        #endif
-
-            default:
-                WOLFSSL_MSG("bad hmac type");
-                return WOLFSSL_FAILURE;
-        }
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-
-int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
-{
-    WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
-
-    if (ctx) {
-        wc_HmacFree(&ctx->hmac);
-    }
-
-    return WOLFSSL_SUCCESS;
-}
-
-void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx)
-{
-    if (ctx) {
-        wolfSSL_HMAC_cleanup(ctx);
-    }
-}
-
-void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx)
-{
-    if (ctx) {
-        wolfSSL_HMAC_CTX_cleanup(ctx);
-        XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
-    }
-}
-
-size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX *ctx)
-{
-    if (!ctx) {
-        return 0;
-    }
-
-    return (size_t)wc_HashGetDigestSize((enum wc_HashType)ctx->hmac.macType);
-}
-
-const WOLFSSL_EVP_MD *wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX *ctx)
-{
-    if (!ctx) {
-        return NULL;
-    }
-
-    return wolfSSL_macType2EVP_md((enum wc_HashType)ctx->type);
-}
-
-#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
-    defined(WOLFSSL_AES_DIRECT)
-WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void)
-{
-    WOLFSSL_CMAC_CTX* ctx = NULL;
-
-    ctx = (WOLFSSL_CMAC_CTX*)XMALLOC(sizeof(WOLFSSL_CMAC_CTX), NULL,
-                                     DYNAMIC_TYPE_OPENSSL);
-    if (ctx != NULL) {
-        ctx->internal = (Cmac*)XMALLOC(sizeof(Cmac), NULL, DYNAMIC_TYPE_CMAC);
-        if (ctx->internal == NULL) {
-            XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
-            ctx = NULL;
-        }
-    }
-    if (ctx != NULL) {
-        ctx->cctx = wolfSSL_EVP_CIPHER_CTX_new();
-        if (ctx->cctx == NULL) {
-            XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
-            XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
-            ctx = NULL;
-        }
-    }
-
-    return ctx;
-}
-
-void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx)
-{
-    if (ctx != NULL) {
-        if (ctx->internal != NULL) {
-            XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
-        }
-        if (ctx->cctx != NULL) {
-            wolfSSL_EVP_CIPHER_CTX_free(ctx->cctx);
-        }
-        XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
-    }
-}
-
-WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(WOLFSSL_CMAC_CTX* ctx)
-{
-    WOLFSSL_EVP_CIPHER_CTX* cctx = NULL;
-
-    if (ctx != NULL) {
-        cctx = ctx->cctx;
-    }
-
-    return cctx;
-}
-
-int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keyLen,
-                      const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    (void)engine;
-
-    WOLFSSL_ENTER("wolfSSL_CMAC_Init");
-
-    if (ctx == NULL || cipher == NULL || (
-            cipher != EVP_AES_128_CBC &&
-            cipher != EVP_AES_192_CBC &&
-            cipher != EVP_AES_256_CBC)) {
-        ret = WOLFSSL_FAILURE;
-    }
-
-    if (ret == WOLFSSL_SUCCESS) {
-        /* Check input keyLen matches input cipher. */
-        if ((int) keyLen != wolfSSL_EVP_Cipher_key_length(cipher)) {
-            ret = WOLFSSL_FAILURE;
-        }
-    }
-
-    if (ret == WOLFSSL_SUCCESS) {
-        ret = wc_InitCmac((Cmac*)ctx->internal, (const byte*)key,
-                          (word32)keyLen, WC_CMAC_AES, NULL);
-        if (ret != 0) {
-            ret = WOLFSSL_FAILURE;
-        }
-        else {
-            ret = WOLFSSL_SUCCESS;
-        }
-    }
-    if (ret == WOLFSSL_SUCCESS) {
-        ret = wolfSSL_EVP_CipherInit(ctx->cctx, cipher, (const byte*)key, NULL,
-                                     1);
-    }
-
-    WOLFSSL_LEAVE("wolfSSL_CMAC_Init", ret);
-
-    return ret;
-}
-
-int wolfSSL_CMAC_Update(WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len)
-{
-    int ret = WOLFSSL_SUCCESS;
-
-    WOLFSSL_ENTER("wolfSSL_CMAC_Update");
-
-    if (ctx == NULL || ctx->internal == NULL) {
-        ret = WOLFSSL_FAILURE;
-    }
-
-    if (ret == WOLFSSL_SUCCESS) {
-        if (data) {
-            ret = wc_CmacUpdate((Cmac*)ctx->internal, (const byte*)data,
-                                (word32)len);
-            if (ret != 0){
-                ret = WOLFSSL_FAILURE;
-            }
-            else {
-                ret = WOLFSSL_SUCCESS;
-            }
-        }
-    }
-
-    WOLFSSL_LEAVE("wolfSSL_CMAC_Update", ret);
-
-    return ret;
-}
-
-int wolfSSL_CMAC_Final(WOLFSSL_CMAC_CTX* ctx, unsigned char* out,
-                       size_t* len)
-{
-    int ret = WOLFSSL_SUCCESS;
-    int blockSize;
-
-    WOLFSSL_ENTER("wolfSSL_CMAC_Final");
-
-    if (ctx == NULL || ctx->cctx == NULL || ctx->internal == NULL ||
-                                                                  len == NULL) {
-        ret = WOLFSSL_FAILURE;
-    }
-
-    if (ret == WOLFSSL_SUCCESS) {
-        blockSize = EVP_CIPHER_CTX_block_size(ctx->cctx);
-        if (blockSize <= 0) {
-            ret = WOLFSSL_FAILURE;
-        }
-        else {
-            *len = blockSize;
-        }
-    }
-    if (ret == WOLFSSL_SUCCESS) {
-        word32 len32 = (word32)*len;
-
-        ret = wc_CmacFinal((Cmac*)ctx->internal, out, &len32);
-        *len = (size_t)len32;
-        if (ret != 0) {
-            ret = WOLFSSL_FAILURE;
-        }
-        else {
-            ret = WOLFSSL_SUCCESS;
-        }
-    }
-
-    WOLFSSL_LEAVE("wolfSSL_CMAC_Final", ret);
-
-    return ret;
-}
-#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
-#endif /* OPENSSL_EXTRA */
-
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 /* Free the dynamically allocated data.
  *
@@ -27631,6 +24427,9 @@ struct WOLFSSL_HashSigInfo {
         { sha_mac,    ecc_dsa_sa_algo, CTC_SHAwECDSA },
     #endif
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    { sm3_mac, sm2_sa_algo, CTC_SM3wSM2 },
+#endif
 #ifdef HAVE_ED25519
     { no_mac, ed25519_sa_algo, CTC_ED25519 },
 #endif
@@ -27868,8 +24667,8 @@ WOLFSSL_EVP_PKEY *wolfSSL_PEM_read_PUBKEY(XFILE fp, WOLFSSL_EVP_PKEY **key,
 
     WOLFSSL_ENTER("wolfSSL_PEM_read_PUBKEY");
 
-    if (pem_read_file_key(fp, cb, pass, PUBLICKEY_TYPE, &keyFormat, &der)
-            >= 0) {
+    if ((pem_read_file_key(fp, cb, pass, PUBLICKEY_TYPE, &keyFormat, &der)
+            >= 0) && (der != NULL)) {
         const unsigned char* ptr = der->buffer;
 
         /* handle case where reuse is attempted */
@@ -29631,7 +26430,7 @@ void* wolfSSL_GetHKDFExtractCtx(WOLFSSL* ssl)
                 return obj_info->sName;
             }
         }
-        WOLFSSL_MSG("SN not found");
+        WOLFSSL_MSG_EX("SN not found (nid:%d)",n);
         return NULL;
     }
 
@@ -30917,12 +27716,16 @@ static void SESSION_ex_data_cache_update(WOLFSSL_SESSION* session, int idx,
         #endif
             ) {
             if (get) {
-                *getRet = wolfSSL_CRYPTO_get_ex_data(
+                if (getRet) {
+                    *getRet = wolfSSL_CRYPTO_get_ex_data(
                         &cacheSession->ex_data, idx);
+                }
             }
             else {
-                *setRet = wolfSSL_CRYPTO_set_ex_data(
+                if (setRet) {
+                    *setRet = wolfSSL_CRYPTO_set_ex_data(
                         &cacheSession->ex_data, idx, data);
+                }
             }
             foundCache = 1;
             break;
@@ -31030,7 +27833,8 @@ int wolfSSL_SESSION_get_ex_new_index(long ctx_l,void* ctx_ptr,
 }
 #endif
 
-#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY)
+#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_DEBUG_MEMORY) && \
+    !defined(WOLFSSL_STATIC_MEMORY)
 static wolfSSL_OSSL_Malloc_cb  ossl_malloc  = NULL;
 static wolfSSL_OSSL_Free_cb    ossl_free    = NULL;
 static wolfSSL_OSSL_Realloc_cb ossl_realloc = NULL;
@@ -31056,14 +27860,15 @@ static void* OSSL_Realloc(void *ptr, size_t size)
     else
         return NULL;
 }
-#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY */
+#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_DEBUG_MEMORY &&
+        * !WOLFSSL_STATIC_MEMORY */
 
 int wolfSSL_CRYPTO_set_mem_functions(
         wolfSSL_OSSL_Malloc_cb  m,
         wolfSSL_OSSL_Realloc_cb r,
         wolfSSL_OSSL_Free_cb    f)
 {
-#ifdef USE_WOLFSSL_MEMORY
+#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
 #ifdef WOLFSSL_DEBUG_MEMORY
     WOLFSSL_MSG("mem functions will receive function name instead of "
                 "file name");
@@ -31242,9 +28047,8 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
 #else
     (void)ret;
 #endif
-    if (ssl->ctx) {
+    if (ssl->ctx != NULL)
         wolfSSL_CTX_free(ssl->ctx);
-    }
     ssl->ctx = ctx;
 
 #ifndef NO_CERTS
@@ -31270,7 +28074,7 @@ WOLFSSL_CTX* wolfSSL_set_SSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx)
     ssl->options.haveDilithiumSig = ctx->haveDilithiumSig;
 #endif
 
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* copy over application session context ID */
     ssl->sessionCtxSz = ctx->sessionCtxSz;
     XMEMCPY(ssl->sessionCtx, ctx->sessionCtx, ctx->sessionCtxSz);
@@ -31446,6 +28250,12 @@ const byte* wolfSSL_SESSION_get_id(const WOLFSSL_SESSION* sess,
         WOLFSSL_MSG("Bad func args. Please provide idLen");
         return NULL;
     }
+#ifdef HAVE_SESSION_TICKET
+    if (sess->haveAltSessionID) {
+        *idLen = ID_LEN;
+        return sess->altSessionID;
+    }
+#endif
     *idLen = sess->sessionIDSz;
     return sess->sessionID;
 }
@@ -32862,13 +29672,17 @@ int wolfSSL_SSL_in_init(WOLFSSL *ssl)
 {
     WOLFSSL_ENTER("wolfSSL_SSL_in_init");
 
+    return !wolfSSL_is_init_finished(ssl);
+}
+
+int wolfSSL_SSL_in_before(const WOLFSSL *ssl)
+{
+    WOLFSSL_ENTER("wolfSSL_SSL_in_before");
+
     if (ssl == NULL)
         return WOLFSSL_FAILURE;
 
-    if (ssl->options.side == WOLFSSL_CLIENT_END) {
-        return ssl->options.connectState < SECOND_REPLY_DONE;
-    }
-    return ssl->options.acceptState < ACCEPT_THIRD_REPLY_DONE;
+    return ssl->options.handShakeState == NULL_STATE;
 }
 
 int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl)
@@ -33038,6 +29852,8 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl,
 end:
 
     (void)wc_HmacFree(&hmacCtx.hmac);
+    (void)wolfSSL_EVP_CIPHER_CTX_cleanup(evpCtx);
+
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(evpCtx, ssl->heap, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
@@ -33230,8 +30046,7 @@ int wolfSSL_CTX_get_extra_chain_certs(WOLFSSL_CTX* ctx, WOLF_STACK_OF(X509)** ch
 
     /* Create a new stack of WOLFSSL_X509 object from chain buffer. */
     for (idx = 0; idx < ctx->certChain->length; ) {
-        node = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK), NULL,
-                                       DYNAMIC_TYPE_OPENSSL);
+        node = wolfSSL_sk_X509_new_null();
         if (node == NULL)
             return WOLFSSL_FAILURE;
         node->next = NULL;
@@ -33318,8 +30133,11 @@ int wolfSSL_CTX_get0_chain_certs(WOLFSSL_CTX *ctx,
         WOLFSSL_MSG("Bad parameter");
         return WOLFSSL_FAILURE;
     }
-    *sk = ctx->x509Chain;
-    return WOLFSSL_SUCCESS;
+
+    /* This function should return ctx->x509Chain if it is populated, otherwise
+       it should be populated from ctx->certChain.  This matches the behavior of
+       wolfSSL_CTX_get_extra_chain_certs, so it is used directly. */
+    return wolfSSL_CTX_get_extra_chain_certs(ctx, sk);
 }
 
 #ifdef KEEP_OUR_CERT
@@ -33438,6 +30256,20 @@ int wolfSSL_select_next_proto(unsigned char **out, unsigned char *outLen,
     return OPENSSL_NPN_NO_OVERLAP;
 }
 
+void wolfSSL_set_alpn_select_cb(WOLFSSL *ssl,
+                                int (*cb) (WOLFSSL *ssl,
+                                           const unsigned char **out,
+                                           unsigned char *outlen,
+                                           const unsigned char *in,
+                                           unsigned int inlen,
+                                           void *arg), void *arg)
+{
+    if (ssl != NULL) {
+        ssl->alpnSelect = cb;
+        ssl->alpnSelectArg = arg;
+    }
+}
+
 void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx,
                                     int (*cb) (WOLFSSL *ssl,
                                                const unsigned char **out,
@@ -33494,9 +30326,20 @@ void wolfSSL_get0_next_proto_negotiated(const WOLFSSL *s, const unsigned char **
 #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
 int wolfSSL_curve_is_disabled(const WOLFSSL* ssl, word16 curve_id)
 {
-    return (curve_id <= WOLFSSL_ECC_MAX &&
-            ssl->disabledCurves &&
-            ssl->disabledCurves & (1 << curve_id));
+    if (curve_id >= WOLFSSL_FFDHE_START) {
+        /* DH parameters are never disabled. */
+        return 0;
+    }
+    if (curve_id > WOLFSSL_ECC_MAX_AVAIL) {
+        WOLFSSL_MSG("Curve id out of supported range");
+        /* Disabled if not in valid range. */
+        return 1;
+    }
+    if (curve_id >= 32) {
+        /* 0 is for invalid and 1-14 aren't used otherwise. */
+        return (ssl->disabledCurves & (1 << (curve_id - 32))) != 0;
+    }
+    return (ssl->disabledCurves & (1 << curve_id)) != 0;
 }
 
 #if (defined(HAVE_ECC) || \
@@ -33552,6 +30395,13 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
         {
             curve = WOLFSSL_ECC_SECP521R1;
         }
+    #ifdef WOLFSSL_SM2
+        else if ((XSTRNCMP(name, "sm2p256v1", len) == 0) ||
+                 (XSTRNCMP(name, "SM2", len) == 0))
+        {
+            curve = WOLFSSL_ECC_SM2P256V1;
+        }
+    #endif
     #ifdef HAVE_CURVE25519
         else if (XSTRNCMP(name, "X25519", len) == 0)
         {
@@ -33588,10 +30438,8 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
         #endif
         }
 
-        if (curve >= (sizeof(word32) * WOLFSSL_BIT_SIZE)) {
-            /* shift left more than size of ctx->disabledCurves causes static
-             * analysis report */
-            WOLFSSL_MSG("curve value is too large for upcoming shift");
+        if (curve >= WOLFSSL_ECC_MAX_AVAIL) {
+            WOLFSSL_MSG("curve value is not supported");
             goto leave;
         }
 
@@ -33618,7 +30466,13 @@ static int set_curves_list(WOLFSSL* ssl, WOLFSSL_CTX *ctx, const char* names)
     for (i = 0; i < groups_len; ++i) {
         /* Switch the bit to off and therefore is enabled. */
         curve = (word16)groups[i];
-        disabled &= ~(1U << curve);
+        if (curve >= 32) {
+            /* 0 is for invalid and 1-14 aren't used otherwise. */
+            disabled &= ~(1U << (curve - 32));
+        }
+        else {
+            disabled &= ~(1U << curve);
+        }
     #ifdef HAVE_SUPPORTED_CURVES
     #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_OLD_SET_CURVES_LIST)
         /* using the wolfSSL API to set the groups, this will populate
@@ -33822,7 +30676,7 @@ int wolfSSL_set_alpn_protos(WOLFSSL* ssl,
         const unsigned char* p, unsigned int p_len)
 {
     WOLFSSL_BIO* bio;
-    char* pt;
+    char* pt = NULL;
 
     unsigned int sz;
     unsigned int idx = 0;
@@ -34265,6 +31119,24 @@ word32 nid2oid(int nid, int grp)
             }
             break;
 
+        /* oidCmsKeyAgreeType */
+    #ifdef WOLFSSL_CERT_REQ
+        case oidCsrAttrType:
+            switch (nid) {
+                case NID_pkcs9_contentType:
+                    return PKCS9_CONTENT_TYPE_OID;
+                case NID_pkcs9_challengePassword:
+                    return CHALLENGE_PASSWORD_OID;
+                case NID_serialNumber:
+                    return SERIAL_NUMBER_OID;
+                case NID_userId:
+                    return USER_ID_OID;
+                case NID_surname:
+                    return SURNAME_OID;
+            }
+            break;
+    #endif
+
         default:
             WOLFSSL_MSG("NID not in table");
             /* MSVC warns without the cast */
@@ -34643,7 +31515,7 @@ int oid2nid(word32 oid, int grp)
 #endif
 
         default:
-            WOLFSSL_MSG("NID not in table");
+            WOLFSSL_MSG("OID not in table");
     }
     /* If not found in above switch then try the table */
     for (i = 0; i < WOLFSSL_OBJECT_INFO_SZ; i++) {
@@ -36455,6 +33327,15 @@ int wolfSSL_RAND_poll(void)
 #endif /* WOLFSSL_AES_XTS */
 #endif /* NO_AES */
 
+#ifdef HAVE_ARIA
+            case ARIA_128_GCM_TYPE :
+            case ARIA_192_GCM_TYPE :
+            case ARIA_256_GCM_TYPE :
+                WOLFSSL_MSG("ARIA GCM");
+                XMEMCPY(ctx->iv, &ctx->cipher.aria.nonce, ARIA_BLOCK_SIZE);
+                break;
+#endif /* HAVE_ARIA */
+
 #ifndef NO_DES3
             case DES_CBC_TYPE :
                 WOLFSSL_MSG("DES CBC");
@@ -36488,6 +33369,35 @@ int wolfSSL_RAND_poll(void)
                 break;
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+            case SM4_ECB_TYPE:
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+            case SM4_CBC_TYPE:
+                WOLFSSL_MSG("SM4 CBC");
+                XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+            case SM4_CTR_TYPE:
+                WOLFSSL_MSG("SM4 CTR");
+                XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+            case SM4_GCM_TYPE:
+                WOLFSSL_MSG("SM4 GCM");
+                XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+            case SM4_CCM_TYPE:
+                WOLFSSL_MSG("SM4 CCM");
+                XMEMCPY(&ctx->cipher.sm4.iv, ctx->iv, SM4_BLOCK_SIZE);
+                break;
+#endif
+
             case NULL_CIPHER_TYPE :
                 WOLFSSL_MSG("NULL");
                 break;
@@ -36548,6 +33458,15 @@ int wolfSSL_RAND_poll(void)
 
 #endif /* NO_AES */
 
+#ifdef HAVE_ARIA
+            case ARIA_128_GCM_TYPE :
+            case ARIA_192_GCM_TYPE :
+            case ARIA_256_GCM_TYPE :
+                WOLFSSL_MSG("ARIA GCM");
+                XMEMCPY(&ctx->cipher.aria.nonce, ctx->iv, ARIA_BLOCK_SIZE);
+                break;
+#endif /* HAVE_ARIA */
+
 #ifndef NO_DES3
             case DES_CBC_TYPE :
                 WOLFSSL_MSG("DES CBC");
@@ -36582,6 +33501,35 @@ int wolfSSL_RAND_poll(void)
                 break;
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+            case SM4_ECB_TYPE:
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+            case SM4_CBC_TYPE:
+                WOLFSSL_MSG("SM4 CBC");
+                XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+            case SM4_CTR_TYPE:
+                WOLFSSL_MSG("SM4 CTR");
+                XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+            case SM4_GCM_TYPE:
+                WOLFSSL_MSG("SM4 GCM");
+                XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+            case SM4_CCM_TYPE:
+                WOLFSSL_MSG("SM4 CCM");
+                XMEMCPY(ctx->iv, &ctx->cipher.sm4.iv, ctx->ivSz);
+                break;
+#endif
+
             case NULL_CIPHER_TYPE :
                 WOLFSSL_MSG("NULL");
                 break;
@@ -36734,19 +33682,14 @@ PKCS7* wolfSSL_d2i_PKCS7(PKCS7** p7, const unsigned char** in, int len)
     return wolfSSL_d2i_PKCS7_ex(p7, in, len, NULL, 0);
 }
 
-/*****************************************************************************
-* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
-* into a PKCS7 object.  Optionally, accepts a byte buffer of content which
-* is stored as the PKCS7 object's content, to support detached signatures.
-* @param content The content which is signed, in case the signature is
-*                detached.  Ignored if NULL.
-* @param contentSz The size of the passed in content.
+/* This internal function is only decoding and setting up the PKCS7 struct. It
+* does not verify the PKCS7 signature.
 *
 * RETURNS:
 * returns pointer to a PKCS7 structure on success, otherwise returns NULL
 */
-PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
-        byte* content, word32 contentSz)
+static PKCS7* wolfSSL_d2i_PKCS7_only(PKCS7** p7, const unsigned char** in,
+    int len, byte* content, word32 contentSz)
 {
     WOLFSSL_PKCS7* pkcs7 = NULL;
 
@@ -36770,12 +33713,6 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
         pkcs7->pkcs7.content = content;
         pkcs7->pkcs7.contentSz = contentSz;
     }
-    if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
-                                                                         != 0) {
-        WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
-        wolfSSL_PKCS7_free((PKCS7*)pkcs7);
-        return NULL;
-    }
 
     if (p7 != NULL)
         *p7 = (PKCS7*)pkcs7;
@@ -36783,6 +33720,46 @@ PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
     return (PKCS7*)pkcs7;
 }
 
+
+/*****************************************************************************
+* wolfSSL_d2i_PKCS7_ex - Converts the given unsigned char buffer of size len
+* into a PKCS7 object.  Optionally, accepts a byte buffer of content which
+* is stored as the PKCS7 object's content, to support detached signatures.
+* @param content The content which is signed, in case the signature is
+*                detached.  Ignored if NULL.
+* @param contentSz The size of the passed in content.
+*
+* RETURNS:
+* returns pointer to a PKCS7 structure on success, otherwise returns NULL
+*/
+PKCS7* wolfSSL_d2i_PKCS7_ex(PKCS7** p7, const unsigned char** in, int len,
+        byte* content, word32 contentSz)
+{
+    WOLFSSL_PKCS7* pkcs7 = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_d2i_PKCS7_ex");
+
+    if (in == NULL || *in == NULL || len < 0)
+        return NULL;
+
+    pkcs7 = (WOLFSSL_PKCS7*)wolfSSL_d2i_PKCS7_only(p7, in, len, content,
+            contentSz);
+    if (pkcs7 != NULL) {
+        if (wc_PKCS7_VerifySignedData(&pkcs7->pkcs7, pkcs7->data, pkcs7->len)
+                                                                         != 0) {
+            WOLFSSL_MSG("wc_PKCS7_VerifySignedData failed");
+            wolfSSL_PKCS7_free((PKCS7*)pkcs7);
+            if (p7 != NULL) {
+                *p7 = NULL;
+            }
+            return NULL;
+        }
+    }
+
+    return (PKCS7*)pkcs7;
+}
+
+
 /**
  * This API was added as a helper function for libest. It
  * extracts a stack of certificates from the pkcs7 object.
@@ -37177,7 +34154,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
 #endif
     XMEMSET(line, 0, MAX_MIME_LINE_LEN);
 
-    while ((lineLen = wolfSSL_BIO_gets(in, line, (int)sizeof(line))) > 0) {
+    while ((lineLen = wolfSSL_BIO_gets(in, line, MAX_MIME_LINE_LEN)) > 0) {
 
         if (line[lineLen - 1] == '\r' || line[lineLen - 1] == '\n') {
             canonLineLen = (word32)lineLen;
@@ -37188,7 +34165,7 @@ static int wolfSSL_BIO_to_MIME_crlf(WOLFSSL_BIO* in, WOLFSSL_BIO* out)
             }
 
             /* remove trailing null */
-            if (canonLine[canonLineLen] == '\0') {
+            if (canonLineLen >= 1 && canonLine[canonLineLen-1] == '\0') {
                 canonLineLen--;
             }
 
@@ -37562,7 +34539,7 @@ int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7)
     hashType = wc_OidGetHash(p7->hashOID);
     hashSz = wc_HashGetDigestSize(hashType);
     if (hashSz > WC_MAX_DIGEST_SIZE)
-        return WOLFSSL_FAILURE;
+        goto error;
 
     /* only SIGNED_DATA is supported */
     switch (p7->contentOID) {
@@ -37570,18 +34547,18 @@ int wolfSSL_PEM_write_bio_PKCS7(WOLFSSL_BIO* bio, PKCS7* p7)
             break;
         default:
             WOLFSSL_MSG("Unknown PKCS#7 Type");
-            return WOLFSSL_FAILURE;
+            goto error;
     };
 
     if ((wc_PKCS7_EncodeSignedData_ex(p7, hashBuf, hashSz,
         outputHead, &outputHeadSz, outputFoot, &outputFootSz)) != 0)
-        return WOLFSSL_FAILURE;
+        goto error;
 
     outputSz = outputHeadSz + p7->contentSz + outputFootSz;
     output = (byte*)XMALLOC(outputSz, bio->heap, DYNAMIC_TYPE_TMP_BUFFER);
 
     if (!output)
-         return WOLFSSL_FAILURE;
+        goto error;
 
     XMEMSET(output, 0, outputSz);
     outputSz = 0;
@@ -37777,6 +34754,9 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
             }
 
             lineLen = wolfSSL_BIO_gets(in, section, remainLen);
+            if (lineLen < 0) {
+                goto error;
+            }
             while (XSTRNCMP(&section[sectionLen], boundary, boundLen) &&
                             remainLen > 0) {
                 canonLineLen = lineLen;
@@ -37951,7 +34931,7 @@ PKCS7* wolfSSL_SMIME_read_PKCS7(WOLFSSL_BIO* in,
         WOLFSSL_MSG("Error base64 decoding S/MIME message.");
         goto error;
     }
-    pkcs7 = wolfSSL_d2i_PKCS7_ex(NULL, (const unsigned char**)&out, outLen,
+    pkcs7 = wolfSSL_d2i_PKCS7_only(NULL, (const unsigned char**)&out, outLen,
         bcontMem, bcontMemSz);
 
     wc_MIME_free_hdrs(allHdrs);
@@ -37967,6 +34947,8 @@ error:
     XFREE(section, NULL, DYNAMIC_TYPE_PKCS7);
     if (canonSection != NULL)
         XFREE(canonSection, NULL, DYNAMIC_TYPE_PKCS7);
+    if (canonLine != NULL)
+        XFREE(canonLine, NULL, DYNAMIC_TYPE_PKCS7);
     if (bcont) {
         wolfSSL_BIO_free(*bcont);
         *bcont = NULL; /* reset 'bcount' pointer to NULL on failure */
@@ -38878,252 +35860,3 @@ void wolfSSL_FIPS_drbg_set_app_data(WOLFSSL_DRBG_CTX *ctx, void *app_data)
 
 #endif /* !WOLFCRYPT_ONLY */
 
-/*******************************************************************************
- * START OF CRYPTO-ONLY APIs
- ******************************************************************************/
-
-#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
-    defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
-    defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
-    defined(WOLFSSL_HAPROXY)
-
-#ifndef NO_SHA
-    /* One shot SHA1 hash of message.
-     *
-     * d  message to hash
-     * n  size of d buffer
-     * md buffer to hold digest. Should be SHA_DIGEST_SIZE.
-     *
-     * Note: if md is null then a static buffer of SHA_DIGEST_SIZE is used.
-     *       When the static buffer is used this function is not thread safe.
-     *
-     * Returns a pointer to the message digest on success and NULL on failure.
-     */
-    unsigned char *wolfSSL_SHA1(const unsigned char *d, size_t n,
-            unsigned char *md)
-    {
-        static byte dig[WC_SHA_DIGEST_SIZE];
-        byte* ret = md;
-        wc_Sha sha;
-
-        WOLFSSL_ENTER("wolfSSL_SHA1");
-
-        if (wc_InitSha_ex(&sha, NULL, INVALID_DEVID) != 0) {
-            WOLFSSL_MSG("SHA1 Init failed");
-            return NULL;
-        }
-
-        if (wc_ShaUpdate(&sha, (const byte*)d, (word32)n) != 0) {
-            WOLFSSL_MSG("SHA1 Update failed");
-            return NULL;
-        }
-
-        if (md == NULL) {
-            WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA1 IS NOT "
-                        "THREAD SAFE WHEN md == NULL");
-            ret = dig;
-        }
-        if (wc_ShaFinal(&sha, ret) != 0) {
-            WOLFSSL_MSG("SHA1 Final failed");
-            wc_ShaFree(&sha);
-            return NULL;
-        }
-        wc_ShaFree(&sha);
-
-        return ret;
-    }
-#endif /* ! NO_SHA */
-
-#ifdef WOLFSSL_SHA224
-    /* One shot SHA224 hash of message.
-     *
-     * d  message to hash
-     * n  size of d buffer
-     * md buffer to hold digest. Should be WC_SHA224_DIGEST_SIZE.
-     *
-     * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
-     *       When the static buffer is used this function is not thread safe.
-     *
-     * Returns a pointer to the message digest on success and NULL on failure.
-     */
-      unsigned char *wolfSSL_SHA224(const unsigned char *d, size_t n,
-            unsigned char *md)
-     {
-        static byte dig[WC_SHA224_DIGEST_SIZE];
-        byte* ret = md;
-        wc_Sha256 sha;
-
-        WOLFSSL_ENTER("wolfSSL_SHA224");
-
-        if (wc_InitSha224_ex(&sha, NULL, INVALID_DEVID) != 0) {
-            WOLFSSL_MSG("SHA224 Init failed");
-            return NULL;
-        }
-
-        if (wc_Sha224Update(&sha, (const byte*)d, (word32)n) != 0) {
-            WOLFSSL_MSG("SHA224 Update failed");
-            return NULL;
-        }
-
-        if (md == NULL) {
-            WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA224 IS NOT "
-                        "THREAD SAFE WHEN md == NULL");
-            ret = dig;
-        }
-        if (wc_Sha224Final(&sha, ret) != 0) {
-            WOLFSSL_MSG("SHA224 Final failed");
-            wc_Sha224Free(&sha);
-            return NULL;
-        }
-        wc_Sha224Free(&sha);
-
-        return ret;
-    }
-#endif
-
-#ifndef NO_SHA256
-    /* One shot SHA256 hash of message.
-     *
-     * d  message to hash
-     * n  size of d buffer
-     * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
-     *
-     * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
-     *       When the static buffer is used this function is not thread safe.
-     *
-     * Returns a pointer to the message digest on success and NULL on failure.
-     */
-    unsigned char *wolfSSL_SHA256(const unsigned char *d, size_t n,
-            unsigned char *md)
-    {
-        static byte dig[WC_SHA256_DIGEST_SIZE];
-        byte* ret = md;
-        wc_Sha256 sha;
-
-        WOLFSSL_ENTER("wolfSSL_SHA256");
-
-        if (wc_InitSha256_ex(&sha, NULL, INVALID_DEVID) != 0) {
-            WOLFSSL_MSG("SHA256 Init failed");
-            return NULL;
-        }
-
-        if (wc_Sha256Update(&sha, (const byte*)d, (word32)n) != 0) {
-            WOLFSSL_MSG("SHA256 Update failed");
-            return NULL;
-        }
-
-        if (md == NULL) {
-            WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA256 IS NOT "
-                        "THREAD SAFE WHEN md == NULL");
-            ret = dig;
-        }
-        if (wc_Sha256Final(&sha, ret) != 0) {
-            WOLFSSL_MSG("SHA256 Final failed");
-            wc_Sha256Free(&sha);
-            return NULL;
-        }
-        wc_Sha256Free(&sha);
-
-        return ret;
-    }
-#endif /* ! NO_SHA256 */
-
-#ifdef WOLFSSL_SHA384
-     /* One shot SHA384 hash of message.
-      *
-      * d  message to hash
-      * n  size of d buffer
-      * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
-      *
-      * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
-      *       When the static buffer is used this function is not thread safe.
-      *
-      * Returns a pointer to the message digest on success and NULL on failure.
-      */
-     unsigned char *wolfSSL_SHA384(const unsigned char *d, size_t n,
-             unsigned char *md)
-     {
-         static byte dig[WC_SHA384_DIGEST_SIZE];
-         byte* ret = md;
-         wc_Sha384 sha;
-
-         WOLFSSL_ENTER("wolfSSL_SHA384");
-
-         if (wc_InitSha384_ex(&sha, NULL, INVALID_DEVID) != 0) {
-             WOLFSSL_MSG("SHA384 Init failed");
-             return NULL;
-         }
-
-         if (wc_Sha384Update(&sha, (const byte*)d, (word32)n) != 0) {
-             WOLFSSL_MSG("SHA384 Update failed");
-             return NULL;
-         }
-
-         if (md == NULL) {
-             WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA384 IS NOT "
-                         "THREAD SAFE WHEN md == NULL");
-             ret = dig;
-         }
-         if (wc_Sha384Final(&sha, ret) != 0) {
-             WOLFSSL_MSG("SHA384 Final failed");
-             wc_Sha384Free(&sha);
-             return NULL;
-         }
-         wc_Sha384Free(&sha);
-
-         return ret;
-     }
-#endif /* WOLFSSL_SHA384  */
-
-#if defined(WOLFSSL_SHA512)
-     /* One shot SHA512 hash of message.
-      *
-      * d  message to hash
-      * n  size of d buffer
-      * md buffer to hold digest. Should be WC_SHA256_DIGEST_SIZE.
-      *
-      * Note: if md is null then a static buffer of WC_SHA256_DIGEST_SIZE is used.
-      *       When the static buffer is used this function is not thread safe.
-      *
-      * Returns a pointer to the message digest on success and NULL on failure.
-      */
-     unsigned char *wolfSSL_SHA512(const unsigned char *d, size_t n,
-             unsigned char *md)
-     {
-         static byte dig[WC_SHA512_DIGEST_SIZE];
-         byte* ret = md;
-         wc_Sha512 sha;
-
-         WOLFSSL_ENTER("wolfSSL_SHA512");
-
-         if (wc_InitSha512_ex(&sha, NULL, INVALID_DEVID) != 0) {
-             WOLFSSL_MSG("SHA512 Init failed");
-             return NULL;
-         }
-
-         if (wc_Sha512Update(&sha, (const byte*)d, (word32)n) != 0) {
-             WOLFSSL_MSG("SHA512 Update failed");
-             return NULL;
-         }
-
-         if (md == NULL) {
-             WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA512 IS NOT "
-                         "THREAD SAFE WHEN md == NULL");
-             ret = dig;
-         }
-         if (wc_Sha512Final(&sha, ret) != 0) {
-             WOLFSSL_MSG("SHA512 Final failed");
-             wc_Sha512Free(&sha);
-             return NULL;
-         }
-         wc_Sha512Free(&sha);
-
-         return ret;
-     }
-#endif /* WOLFSSL_SHA512 */
-#endif /* OPENSSL_EXTRA || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
-        * HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
-
-/*******************************************************************************
- * END OF CRYPTO-ONLY APIs
- ******************************************************************************/
diff --git a/extra/wolfssl/wolfssl/src/ssl_asn1.c b/extra/wolfssl/wolfssl/src/ssl_asn1.c
index fb33a254..eecf4674 100644
--- a/extra/wolfssl/wolfssl/src/ssl_asn1.c
+++ b/extra/wolfssl/wolfssl/src/ssl_asn1.c
@@ -1139,7 +1139,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a)
  * @param [in]       len     Length of number in bytes.
  * @param [in, out]  neg     Indicates number is negative.
  * @param [out]      pad     Number of padding bytes required.
- * @param [out]      padVal  Padding byte to preprend.
+ * @param [out]      padVal  Padding byte to prepend.
  */
 static void wolfssl_asn1_integer_pad(unsigned char* data, int len,
     unsigned char* neg, char* pad, unsigned char* padVal)
@@ -1606,6 +1606,9 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
         dupl->grp   = obj->grp;
         dupl->nid   = obj->nid;
         dupl->objSz = obj->objSz;
+    #ifdef OPENSSL_EXTRA
+        dupl->ca    = obj->ca;
+    #endif
         /* Check for encoding. */
         if (obj->obj) {
             /* Allocate memory for ASN.1 OBJECT_ID DER encoding. */
@@ -1630,7 +1633,7 @@ WOLFSSL_ASN1_OBJECT* wolfSSL_ASN1_OBJECT_dup(WOLFSSL_ASN1_OBJECT* obj)
 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
 #endif /* !NO_ASN */
 
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 
 /**
  * Parse DER encoding and return header information.
@@ -1859,6 +1862,10 @@ WOLFSSL_ASN1_OBJECT *wolfSSL_c2i_ASN1_OBJECT(WOLFSSL_ASN1_OBJECT **a,
     return ret;
 }
 
+#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
+
+#ifdef OPENSSL_EXTRA
+
 /* Write at most buf_len bytes of textual representation of ASN.1 OBJECT_ID.
  *
  * @param [in, out] buf      Buffer to write to.
@@ -2312,7 +2319,7 @@ int wolfSSL_ASN1_STRING_to_UTF8(unsigned char **out, WOLFSSL_ASN1_STRING *asn1)
  * Assumes length is greater than 0.
  *
  * @param [in] s  ASN.1 STRING object.
- * @return  Buffer cotaining string representation on success.
+ * @return  Buffer containing string representation on success.
  * @return  NULL when dynamic memory allocation fails.
  * @return  NULL when encoding a character as hex fails.
  */
@@ -3227,7 +3234,7 @@ static int wolfssl_asn1_time_to_secs(const WOLFSSL_ASN1_TIME* t,
 /* Calculate difference in time of two ASN.1 TIME objects.
  *
  * @param [out] days  Number of whole days between from and to.
- * @param [out] secs  Number of serconds less than a day between from and to.
+ * @param [out] secs  Number of seconds less than a day between from and to.
  * @param [in]  from  ASN.1 TIME object as start time.
  * @param [in]  to    ASN.1 TIME object as end time.
  * @return  1 on success.
@@ -3918,7 +3925,7 @@ int wolfSSL_ASN1_UTCTIME_print(WOLFSSL_BIO* bio, const WOLFSSL_ASN1_UTCTIME* a)
  * ASN1_TYPE APIs
  ******************************************************************************/
 
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 
 /**
  * Allocate a new ASN.1 TYPE object.
@@ -3954,12 +3961,12 @@ static void wolfssl_asn1_type_free_value(WOLFSSL_ASN1_TYPE* at)
             wolfSSL_ASN1_OBJECT_free(at->value.object);
             break;
         case V_ASN1_UTCTIME:
-        #ifndef NO_ASN_TIME
+        #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
             wolfSSL_ASN1_TIME_free(at->value.utctime);
         #endif
             break;
         case V_ASN1_GENERALIZEDTIME:
-        #ifndef NO_ASN_TIME
+        #if !defined(NO_ASN_TIME) && defined(OPENSSL_EXTRA)
             wolfSSL_ASN1_TIME_free(at->value.generalizedtime);
         #endif
             break;
@@ -3991,9 +3998,10 @@ void wolfSSL_ASN1_TYPE_free(WOLFSSL_ASN1_TYPE* at)
     XFREE(at, NULL, DYNAMIC_TYPE_OPENSSL);
 }
 
-#endif /* OPENSSL_EXTRA */
+#endif /* OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL */
 
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS)
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS) || \
+    defined(WOLFSSL_WPAS_SMALL)
 /**
  * Set ASN.1 TYPE object with a type and value.
  *
diff --git a/extra/wolfssl/wolfssl/src/ssl_bn.c b/extra/wolfssl/wolfssl/src/ssl_bn.c
index 9102a8e0..8a054c80 100644
--- a/extra/wolfssl/wolfssl/src/ssl_bn.c
+++ b/extra/wolfssl/wolfssl/src/ssl_bn.c
@@ -1689,23 +1689,31 @@ int wolfSSL_BN_div(WOLFSSL_BIGNUM* dv, WOLFSSL_BIGNUM* rem,
     const WOLFSSL_BIGNUM* a, const WOLFSSL_BIGNUM* d, WOLFSSL_BN_CTX* ctx)
 {
     int ret = 1;
+    WOLFSSL_BIGNUM* res = dv;
 
     /* BN context not needed. */
     (void)ctx;
 
     WOLFSSL_ENTER("wolfSSL_BN_div");
 
+    if (BN_IS_NULL(res)) {
+        res = wolfSSL_BN_new();
+    }
+
     /* Validate parameters. */
-    if (BN_IS_NULL(dv) || BN_IS_NULL(rem) || BN_IS_NULL(a) || BN_IS_NULL(d)) {
+    if (BN_IS_NULL(res) || BN_IS_NULL(rem) || BN_IS_NULL(a) || BN_IS_NULL(d)) {
         ret = 0;
     }
 
     /* Have wolfCrypt perform operation with internal representations. */
     if ((ret == 1) && (mp_div((mp_int*)a->internal, (mp_int*)d->internal,
-            (mp_int*)dv->internal, (mp_int*)rem->internal) != MP_OKAY)) {
+            (mp_int*)res->internal, (mp_int*)rem->internal) != MP_OKAY)) {
         ret = 0;
     }
 
+    if (res != dv)
+        wolfSSL_BN_free(res);
+
     WOLFSSL_LEAVE("wolfSSL_BN_div", ret);
     return ret;
 }
diff --git a/extra/wolfssl/wolfssl/src/ssl_certman.c b/extra/wolfssl/wolfssl/src/ssl_certman.c
new file mode 100644
index 00000000..65a6c559
--- /dev/null
+++ b/extra/wolfssl/wolfssl/src/ssl_certman.c
@@ -0,0 +1,2372 @@
+/* ssl_certman.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+ #include <wolfssl/internal.h>
+
+#if !defined(WOLFSSL_SSL_CERTMAN_INCLUDED)
+    #ifndef WOLFSSL_IGNORE_FILE_WARN
+        #warning ssl_certman.c does not need to be compiled separately from ssl.c
+    #endif
+#else
+
+#ifndef NO_CERTS
+
+/* Pick an available TLS method.
+ *
+ * Used when creating temporary WOLFSSL_CTX.
+ *
+ * @return  A TLS method on success.
+ * @return  NULL when no TLS method built into wolfSSL.
+ */
+static WC_INLINE WOLFSSL_METHOD* cm_pick_method(void)
+{
+    #ifndef NO_WOLFSSL_CLIENT
+        #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
+            return wolfSSLv3_client_method();
+        #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
+            return wolfTLSv1_client_method();
+        #elif !defined(NO_OLD_TLS)
+            return wolfTLSv1_1_client_method();
+        #elif !defined(WOLFSSL_NO_TLS12)
+            return wolfTLSv1_2_client_method();
+        #elif defined(WOLFSSL_TLS13)
+            return wolfTLSv1_3_client_method();
+        #else
+            return NULL;
+        #endif
+    #elif !defined(NO_WOLFSSL_SERVER)
+        #if !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_SSLV3)
+            return wolfSSLv3_server_method();
+        #elif !defined(NO_OLD_TLS) && defined(WOLFSSL_ALLOW_TLSV10)
+            return wolfTLSv1_server_method();
+        #elif !defined(NO_OLD_TLS)
+            return wolfTLSv1_1_server_method();
+        #elif !defined(WOLFSSL_NO_TLS12)
+            return wolfTLSv1_2_server_method();
+        #elif defined(WOLFSSL_TLS13)
+            return wolfTLSv1_3_server_method();
+        #else
+            return NULL;
+        #endif
+    #else
+        return NULL;
+    #endif
+}
+
+/* Create a new certificate manager with a heap hint.
+ *
+ * @param [in] heap  Heap hint.
+ * @return  Certificate manager object on success.
+ * @return  NULL on failure.
+ */
+WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew_ex(void* heap)
+{
+    int err = 0;
+    WOLFSSL_CERT_MANAGER* cm;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerNew");
+
+    /* Allocate memory for certificate manager. */
+    cm = (WOLFSSL_CERT_MANAGER*)XMALLOC(sizeof(WOLFSSL_CERT_MANAGER), heap,
+        DYNAMIC_TYPE_CERT_MANAGER);
+    if (cm == NULL) {
+        err = 1;
+    }
+    if (!err) {
+        /* Reset all fields. */
+        XMEMSET(cm, 0, sizeof(WOLFSSL_CERT_MANAGER));
+
+        /* Create a mutex for use when modify table of stored CAs. */
+        if (wc_InitMutex(&cm->caLock) != 0) {
+            WOLFSSL_MSG("Bad mutex init");
+            err = 1;
+        }
+    }
+    if (!err) {
+        /* Initialize reference count. */
+        wolfSSL_RefInit(&cm->ref, &err);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+        if (err != 0) {
+            WOLFSSL_MSG("Bad reference count init");
+        }
+    #endif
+    }
+#ifdef WOLFSSL_TRUST_PEER_CERT
+    /* Create a mutex for use when modify table of trusted peers. */
+    if ((!err) && (wc_InitMutex(&cm->tpLock) != 0)) {
+        WOLFSSL_MSG("Bad mutex init");
+        err = 1;
+    }
+#endif
+    if (!err) {
+        /* Set default minimum key sizes allowed. */
+    #ifndef NO_RSA
+        cm->minRsaKeySz = MIN_RSAKEY_SZ;
+    #endif
+    #ifdef HAVE_ECC
+        cm->minEccKeySz = MIN_ECCKEY_SZ;
+    #endif
+    #ifdef HAVE_PQC
+    #ifdef HAVE_FALCON
+        cm->minFalconKeySz = MIN_FALCONKEY_SZ;
+    #endif /* HAVE_FALCON */
+    #ifdef HAVE_DILITHIUM
+        cm->minDilithiumKeySz = MIN_DILITHIUMKEY_SZ;
+    #endif /* HAVE_DILITHIUM */
+    #endif /* HAVE_PQC */
+
+        /* Set heap hint to use in certificate manager operations. */
+        cm->heap = heap;
+    }
+
+    /* Dispose of certificate manager on error. */
+    if (err && (cm != NULL)) {
+        wolfSSL_CertManagerFree(cm);
+        cm = NULL;
+    }
+    return cm;
+}
+
+/* Create a new certificate manager.
+ *
+ * @return  Certificate manager object on success.
+ * @return  NULL on failure.
+ */
+WOLFSSL_CERT_MANAGER* wolfSSL_CertManagerNew(void)
+{
+    /* No heap hint. */
+    return wolfSSL_CertManagerNew_ex(NULL);
+}
+
+/* Dispose of certificate manager.
+ *
+ * @param [in, out] cm  Certificate manager.
+ */
+void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerFree");
+
+    /* Validate parameter. */
+    if (cm != NULL) {
+        int doFree = 0;
+        int ret;
+
+        /* Decrement reference count and check if value is 0. */
+        wolfSSL_RefDec(&cm->ref, &doFree, &ret);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+        if (ret != 0) {
+            WOLFSSL_MSG("Couldn't lock cm mutex");
+        }
+    #else
+        (void)ret;
+    #endif
+        if (doFree) {
+        #ifdef HAVE_CRL
+            /* Dispose of CRL handler. */
+            if (cm->crl != NULL) {
+                /* Dispose of CRL object - indicating dynamically allocated. */
+                FreeCRL(cm->crl, 1);
+            }
+        #endif
+
+    #ifdef HAVE_OCSP
+            /* Dispose of OCSP handler. */
+            if (cm->ocsp != NULL) {
+                FreeOCSP(cm->ocsp, 1);
+            }
+            /* Dispose of URL. */
+            XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
+        #if !defined(NO_WOLFSSL_SERVER) && \
+            (defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+             defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2))
+            /* Dispose of OCSP stapling handler. */
+            if (cm->ocsp_stapling) {
+                FreeOCSP(cm->ocsp_stapling, 1);
+            }
+        #endif
+    #endif /* HAVE_OCSP */
+
+            /* Dispose of CA table and mutex. */
+            FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+            wc_FreeMutex(&cm->caLock);
+
+        #ifdef WOLFSSL_TRUST_PEER_CERT
+            /* Dispose of trusted peer table and mutex. */
+            FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
+            wc_FreeMutex(&cm->tpLock);
+        #endif
+
+            /* Dispose of reference count. */
+            wolfSSL_RefFree(&cm->ref);
+            /* Dispose of certificate manager memory. */
+            XFREE(cm, cm->heap, DYNAMIC_TYPE_CERT_MANAGER);
+        }
+    }
+}
+
+/* Increase reference count on certificate manager.
+ *
+ * @param [in, out] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  0 when cm is NULL or locking mutex fails.
+ */
+int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = 0;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        int err;
+
+        /* Increment reference. */
+        wolfSSL_RefInc(&cm->ref, &err);
+    #ifdef WOLFSSL_REFCNT_ERROR_RETURN
+        if (err) {
+            WOLFSSL_MSG("Failed to lock cm mutex");
+            ret = 0;
+        }
+    #else
+        (void)err;
+    #endif
+    }
+
+    return ret;
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
+#if defined(WOLFSSL_SIGNER_DER_CERT)
+static WC_INLINE int wolfssl_cm_get_certs_der(WOLFSSL_CERT_MANAGER* cm,
+    DerBuffer*** buffers, int* cnt)
+{
+    int err = 0;
+    Signer* signers = NULL;
+    DerBuffer** certBuffers = NULL;
+    int i = 0;
+    word32 row = 0;
+    int numCerts = 0;
+
+    /* Iterate once to get the number of certs, for memory allocation
+     * purposes. */
+    for (row = 0; row < CA_TABLE_SIZE; row++) {
+        /* Get signer information of CAs in a row. */
+        signers = cm->caTable[row];
+        /* Count each signer in row that has a DER certificate buffer. */
+        while ((signers != NULL) && (signers->derCert != NULL) &&
+                (signers->derCert->buffer != NULL)) {
+            ++numCerts;
+            signers = signers->next;
+        }
+    }
+    /* Check we found certificates. */
+    if (numCerts == 0) {
+        err = 1;
+    }
+
+    if (!err) {
+        /* Allocate memory for pointers to each DER buffer. */
+        certBuffers = (DerBuffer**)XMALLOC(
+            sizeof(DerBuffer*) * (size_t)numCerts, cm->heap,
+            DYNAMIC_TYPE_TMP_BUFFER);
+        if (certBuffers == NULL) {
+            err = 1;
+        }
+    }
+    if (!err) {
+        /* Reset pointers. */
+        XMEMSET(certBuffers, 0, sizeof(DerBuffer*) * (size_t)numCerts);
+    }
+
+    /* Copy the certs locally so that we can release the caLock. If the lock
+     * is held when wolfSSL_d2i_X509 is called, GetCA will also try to get
+     * the lock, leading to deadlock. */
+    for (row = 0; (!err) && (row < CA_TABLE_SIZE); row++) {
+        /* Get signer information of CAs in a row. */
+        signers = cm->caTable[row];
+        /* Copy each DER certificate buffer of signers in a row. */
+        while ((signers != NULL) && (signers->derCert != NULL) &&
+                (signers->derCert->buffer != NULL)) {
+            /* Allocate memory to hold DER certificate buffer. */
+            int ret = AllocDer(&certBuffers[i], signers->derCert->length,
+                CA_TYPE, cm->heap);
+            if (ret < 0) {
+                err = 1;
+                break;
+            }
+
+            /* Copy buffer into array element. */
+            XMEMCPY(certBuffers[i]->buffer, signers->derCert->buffer,
+                signers->derCert->length);
+            certBuffers[i]->length = signers->derCert->length;
+
+            /* Store in next index. */
+            ++i;
+            /* Move on to next signer in row. */
+            signers = signers->next;
+        }
+    }
+
+    *buffers = certBuffers;
+    *cnt = numCerts;
+    return err;
+}
+
+/* Retrieve stack of X509 certificates in a certificate manager (CM).
+ *
+ * @param [in] cm  Certificate manager.
+ *
+ * @return  Stack of X509 certs on success
+ * @return  NULL on failure.
+ */
+WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm)
+{
+    WOLFSSL_STACK* sk = NULL;
+    int numCerts = 0;
+    DerBuffer** certBuffers = NULL;
+    int i = 0;
+    int err = 0;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerGetCerts");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        err = 1;
+    }
+    if (!err) {
+        /* Create an empty certificate stack to return. */
+        sk = wolfSSL_sk_X509_new_null();
+        if (sk == NULL) {
+            err = 1;
+        }
+    }
+    /* Lock CA table. */
+    if ((!err) && (wc_LockMutex(&cm->caLock) != 0)) {
+        err = 1;
+    }
+    if (!err) {
+        err = wolfssl_cm_get_certs_der(cm, &certBuffers, &numCerts);
+        /* Release CA lock. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    /* Put each DER certificate buffer into a stack of WOLFSSL_X509 */
+    for (i = 0; (!err) && (i < numCerts); ++i) {
+        const byte* derBuffer = NULL;
+        WOLFSSL_X509* x509 = NULL;
+
+        /* Get pointer to DER encoding of certificate. */
+        derBuffer = certBuffers[i]->buffer;
+        /* Decode certificate. */
+        wolfSSL_d2i_X509(&x509, &derBuffer, (int)certBuffers[i]->length);
+        if (x509 == NULL) {
+            err = 1;
+        }
+
+        /* Decode certificate. */
+        if ((!err) && (wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS)) {
+            wolfSSL_X509_free(x509);
+            err = 1;
+        }
+    }
+
+    if (certBuffers != NULL) {
+        /* Dispose of temporary cert storage (for access outside of lock). */
+        for (i = 0; i < numCerts && certBuffers[i] != NULL; ++i) {
+            FreeDer(&certBuffers[i]);
+        }
+        XFREE(certBuffers, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+
+    /* Dispose of stack of certificates on error. */
+    if (err && (sk != NULL)) {
+        wolfSSL_sk_X509_pop_free(sk, NULL);
+        sk = NULL;
+    }
+    return sk;
+}
+
+#endif /* WOLFSSL_SIGNER_DER_CERT */
+#endif /* OPENSSL_EXTRA && !NO_FILESYSTEM */
+
+/* Unload the CA signer table.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  BAD_MUTEX_E when locking fails.
+ */
+int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerUnloadCAs");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    /* Lock CA table. */
+    if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+        ret = BAD_MUTEX_E;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Dispose of CA table. */
+        FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+
+        /* Unlock CA table. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    return ret;
+}
+
+
+#ifdef WOLFSSL_TRUST_PEER_CERT
+/* Unload the trusted peers table.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  BAD_MUTEX_E when locking fails.
+ */
+int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerUnload_trust_peers");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    /* Lock trusted peers table. */
+    if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->tpLock) != 0)) {
+        ret = BAD_MUTEX_E;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Dispose of trusted peers table. */
+        FreeTrustedPeerTable(cm->tpTable, TP_TABLE_SIZE, cm->heap);
+
+        /* Unlock trusted peers table. */
+        wc_UnLockMutex(&cm->tpLock);
+    }
+
+    return ret;
+}
+#endif /* WOLFSSL_TRUST_PEER_CERT */
+
+/* Load certificate/s from buffer with flags.
+ *
+ * @param [in] cm         Certificate manager.
+ * @param [in] buff       Buffer holding encoding of certificate.
+ * @param [in] sz         Length in bytes of data in buffer.
+ * @param [in] format     Format of encoding. Valid values:
+ *                          WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] userChain  Indicates buffer holds chain of certificates.
+ * @param [in] flags      Flags to modify behaviour of loading. Valid flags:
+ *                          WOLFSSL_LOAD_FLAG_IGNORE_ERR,
+ *                          WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY,
+ *                          WOLFSSL_LOAD_FLAG_PEM_CA_ONLY,
+ *                          WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR, and
+ *                          WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_FATAL_ERROR when cm is NULL or failed create WOLFSSL_CTX.
+ * @return  Other values on loading failure.
+ */
+int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* buff, long sz, int format, int userChain, word32 flags)
+{
+    int ret = WOLFSSL_SUCCESS;
+    WOLFSSL_CTX* tmp = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCABuffer_ex");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        WOLFSSL_MSG("No CertManager error");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+    /* Allocate a temporary WOLFSSL_CTX to load with. */
+    if ((ret == WOLFSSL_SUCCESS) && ((tmp = wolfSSL_CTX_new(cm_pick_method()))
+            == NULL)) {
+        WOLFSSL_MSG("CTX new failed");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Some configurations like OPENSSL_COMPATIBLE_DEFAULTS may turn off
+         * verification by default. Let's restore our desired defaults. */
+        wolfSSL_CTX_set_verify(tmp, WOLFSSL_VERIFY_DEFAULT, NULL);
+
+        /* Replace certificate manager with one to load certificate/s into. */
+        wolfSSL_CertManagerFree(tmp->cm);
+        tmp->cm = cm;
+
+        /* Load certificate buffer. */
+        ret = wolfSSL_CTX_load_verify_buffer_ex(tmp, buff, sz, format,
+            userChain, flags);
+
+        /* Clear certificate manager in WOLFSSL_CTX so it won't be freed. */
+        tmp->cm = NULL;
+    }
+
+    /* Dispose of temporary WOLFSSL_CTX. */
+    wolfSSL_CTX_free(tmp);
+    return ret;
+}
+
+/* Load certificate/s from buffer into table.
+ *
+ * Uses default load verification flags and is not a user chain.
+ *
+ * @param [in] cm         Certificate manager.
+ * @param [in] buff       Buffer holding encoding of certificate.
+ * @param [in] sz         Length in bytes of data in buffer.
+ * @param [in] format     Format of encoding. Valid values:
+ *                          WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_FATAL_ERROR when cm is NULL or failed create WOLFSSL_CTX.
+ * @return  Other values on loading failure.
+ */
+int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* buff, long sz, int format)
+{
+    return wolfSSL_CertManagerLoadCABuffer_ex(cm, buff, sz, format, 0,
+        WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS);
+}
+
+#ifndef NO_WOLFSSL_CM_VERIFY
+/* Set the verification callback into certificate manager.
+ *
+ * @param [in] cm  Certificate manager.
+ * @param [in] vc  Verification callback.
+ */
+void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm, VerifyCallback vc)
+{
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetVerify");
+    if (cm != NULL) {
+        cm->verifyCallback = vc;
+    }
+}
+#endif /* NO_WOLFSSL_CM_VERIFY */
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+/* Verify the certificate.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm        Certificate manager.
+ * @param [in] buff      Buffer holding encoded certificate.
+ * @param [in] sz        Size in bytes of data in buffer.
+ * @param [in] format    Format of encoding. Valid values:
+ *                         WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err  Previous error. Passed to callback.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ *          the wolfSSL build.
+ */
+int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const unsigned char* buff,
+    long sz, int format, int prev_err)
+{
+    int ret = 0;
+    int fatal = 0;
+    DerBuffer* der = NULL;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("CM_VerifyBuffer_ex");
+
+    (void)prev_err;
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate memory for decoded certificate. */
+    cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
+         DYNAMIC_TYPE_DCERT);
+    if (cert == NULL) {
+        ret = MEMORY_E;
+        fatal = 1;
+    }
+    if (ret == 0)
+#endif
+    {
+        /* Reset fields of decoded certificate. */
+        XMEMSET(cert, 0, sizeof(DecodedCert));
+
+        if (format == WOLFSSL_FILETYPE_PEM) {
+        #ifndef WOLFSSL_PEM_TO_DER
+            ret = NOT_COMPILED_IN;
+            fatal = 1;
+        #else
+            /* Convert to DER from PEM. */
+            ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, NULL, NULL);
+            if (ret != 0) {
+                fatal = 1;
+            }
+            else {
+                /* Replace buffer pointer and size with DER buffer. */
+                buff = der->buffer;
+                sz = (long)der->length;
+            }
+        #endif
+        }
+    }
+    if (ret == 0) {
+        /* Create a decoded certificate with DER buffer. */
+        InitDecodedCert(cert, buff, (word32)sz, cm->heap);
+
+        /* Parse DER into decoded certificate fields and verify signature
+         * against a known CA. */
+        ret = ParseCertRelative(cert, CERT_TYPE, VERIFY, cm);
+     }
+
+#ifdef HAVE_CRL
+    if ((ret == 0) && cm->crlEnabled) {
+        /* Check for a CRL for the CA and check validity of certificate. */
+        ret = CheckCertCRL(cm->crl, cert);
+    }
+#endif
+
+    (void)fatal;
+
+#ifndef NO_WOLFSSL_CM_VERIFY
+    /* Use callback to perform verification too if available. */
+    if ((!fatal) && cm->verifyCallback) {
+    #ifdef WOLFSSL_SMALL_STACK
+        ProcPeerCertArgs* args;
+    #else
+        ProcPeerCertArgs  args[1];
+    #endif
+        buffer certBuf;
+
+    #ifdef WOLFSSL_SMALL_STACK
+        /* Allocate memory for object to hold arguments for callback. */
+        args = (ProcPeerCertArgs*)XMALLOC(sizeof(ProcPeerCertArgs), cm->heap,
+            DYNAMIC_TYPE_TMP_BUFFER);
+        if (args == NULL) {
+            ret = MEMORY_E;
+            fatal = 1;
+        }
+        if (!fatal)
+    #endif
+        {
+            XMEMSET(args, 0, sizeof(ProcPeerCertArgs));
+
+            /* DER encoding. */
+            certBuf.buffer = (byte*)buff;
+            certBuf.length = (unsigned int)sz;
+
+            /* One certificate available. */
+            args->totalCerts = 1;
+            args->certs = &certBuf;
+            args->dCert = cert;
+            args->dCertInit = 1;
+
+            /* Replace value in ret with an error value passed in. */
+            if (prev_err != 0) {
+                ret = prev_err;
+            }
+            /* Use callback to verify certificate. */
+            ret = DoVerifyCallback(cm, NULL, ret, args);
+        }
+    #ifdef WOLFSSL_SMALL_STACK
+        /* Dispose of allocated callback args. */
+        XFREE(args, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+#endif
+
+    /* Dispose of allocated memory. */
+    FreeDecodedCert(cert);
+    FreeDer(&der);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
+#endif
+
+    /* Convert the ret value to a return value. */
+    return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Verify the certificate.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm        Certificate manager.
+ * @param [in] buff      Buffer holding encoded certificate.
+ * @param [in] sz        Size in bytes of data in buffer.
+ * @param [in] format    Format of encoding. Valid values:
+ *                         WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err  Previous error. Passed to callback.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or buff is NULL or sz is negative or zero.
+ * @return  WOLFSSL_BAD_FILETYPE when format is invalid.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ *          the wolfSSL build.
+ */
+int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* buff, long sz, int format)
+{
+    int ret;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerVerifyBuffer");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (buff == NULL) || (sz <= 0)) {
+        ret = BAD_FUNC_ARG;
+    }
+    else if ((format != WOLFSSL_FILETYPE_ASN1) &&
+             (format != WOLFSSL_FILETYPE_PEM)) {
+        ret = WOLFSSL_BAD_FILETYPE;
+    }
+    else {
+        /* No previous error. */
+        ret = CM_VerifyBuffer_ex(cm, buff, sz, format, 0);
+    }
+
+    return ret;
+}
+#endif /* !NO_WOLFSSL_CLIENT || !WOLFSSL_NO_CLIENT_AUTH */
+
+#ifndef NO_FILESYSTEM
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+/* Verify the certificate loaded from a file.
+ *
+ * Uses the verification callback if available.
+ *
+ * @param [in] cm        Certificate manager.
+ * @param [in] format    Format of encoding. Valid values:
+ *                         WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] prev_err  Previous error. Passed to callback.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or buff is NULL or sz is negative.
+ * @return  WOLFSSL_BAD_FILETYPE when format is invalid.
+ * @return  WOLFSSL_BAD_FILE when reading the certificate file fails.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when converting from PEM to DER is not a feature of
+ *          the wolfSSL build.
+ */
+int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* fname,
+    int format)
+{
+    int    ret = WOLFSSL_SUCCESS;
+#ifndef WOLFSSL_SMALL_STACK
+    byte   staticBuffer[FILE_BUFFER_SIZE];
+#endif
+    byte*  buff = NULL;
+    long   sz = 0;
+    XFILE  file = XBADFILE;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerVerify");
+
+#ifndef WOLFSSL_SMALL_STACK
+    buff = staticBuffer;
+#endif
+
+    /* Validate parameters. cm and format validated in:
+     *   wolfSSL_CertManagerVerifyBuffer */
+    if ((cm == NULL) || (fname == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Open the file containing a certificate. */
+    if ((ret == WOLFSSL_SUCCESS) &&
+            ((file = XFOPEN(fname, "rb")) == XBADFILE)) {
+        ret = WOLFSSL_BAD_FILE;
+    }
+    /* Get the length of the file. */
+    if (ret == WOLFSSL_SUCCESS) {
+        ret = wolfssl_file_len(file, &sz);
+        if (ret == 0) {
+            ret = WOLFSSL_SUCCESS;
+        }
+    }
+    /* Allocate dynamic memory for file contents if no static buffer or too
+     * small. */
+#ifndef WOLFSSL_SMALL_STACK
+    if ((ret == WOLFSSL_SUCCESS) && (sz > (long)sizeof(staticBuffer)))
+#else
+
+    if (ret == WOLFSSL_SUCCESS)
+#endif
+    {
+        WOLFSSL_MSG("Getting dynamic buffer");
+        buff = (byte*)XMALLOC((size_t)sz, cm->heap, DYNAMIC_TYPE_FILE);
+        if (buff == NULL) {
+            ret = WOLFSSL_BAD_FILE;
+        }
+    }
+    /* Read all the file into buffer. */
+    if ((ret == WOLFSSL_SUCCESS) && (XFREAD(buff, 1, (size_t)sz, file) !=
+            (size_t)sz)) {
+        ret = WOLFSSL_BAD_FILE;
+    }
+    /* Close file if opened. */
+    if (file != XBADFILE) {
+        XFCLOSE(file);
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Verify the certificate read. */
+        ret = wolfSSL_CertManagerVerifyBuffer(cm, buff, sz, format);
+    }
+
+    /* Dispose of buffer if it was allocated. */
+#ifndef WOLFSSL_SMALL_STACK
+    if (buff != staticBuffer)
+#endif
+    {
+        if (cm != NULL) {
+            XFREE(buff, cm->heap, DYNAMIC_TYPE_FILE);
+        }
+    }
+    return ret;
+}
+#endif
+
+/* Load the CA file and/or certificate files in a path.
+ *
+ * @param [in] cm    Certificate manager.
+ * @param [in] file  Name of CA file.
+ * @param [in] path  Path to a directory containing certificates.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_FATAL_ERROR when cm is NULL or unable to create WOLFSSL_CTX.
+ * @return  Otherwise failure.
+ */
+int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* file,
+                             const char* path)
+{
+    int ret = WOLFSSL_SUCCESS;
+    WOLFSSL_CTX* tmp = NULL;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCA");
+
+    /* Validate parameters. file and path validated in:
+     *   wolfSSL_CTX_load_verify_locations*/
+    if (cm == NULL) {
+        WOLFSSL_MSG("No CertManager error");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+    /* Create temporary WOLFSSL_CTX. */
+    if ((ret == WOLFSSL_SUCCESS) && ((tmp = wolfSSL_CTX_new(cm_pick_method()))
+            == NULL)) {
+        WOLFSSL_MSG("CTX new failed");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Some configurations like OPENSSL_COMPATIBLE_DEFAULTS may turn off
+         * verification by default. Let's restore our desired defaults. */
+        wolfSSL_CTX_set_verify(tmp, WOLFSSL_VERIFY_DEFAULT, NULL);
+
+        /* Replace certificate manager with one to load certificate/s into. */
+        wolfSSL_CertManagerFree(tmp->cm);
+        tmp->cm = cm;
+
+        /* Load certificate from file and path. */
+        ret = wolfSSL_CTX_load_verify_locations(tmp, file, path);
+
+        /* Clear certificate manager in WOLFSSL_CTX so it won't be freed. */
+        tmp->cm = NULL;
+    }
+
+    /* Dispose of temporary WOLFSSL_CTX. */
+    wolfSSL_CTX_free(tmp);
+    return ret;
+}
+
+#endif /* NO_FILESYSTEM */
+
+#if defined(PERSIST_CERT_CACHE)
+
+/* Version of layout of cache of CA certificates. */
+#define WOLFSSL_CACHE_CERT_VERSION 1
+
+/* CA certificates cache information. */
+typedef struct {
+    /* Cache certificate layout version id. */
+    int version;
+    /* Number of hash table rows. Maximum of CA_TABLE_SIZE. */
+    int rows;
+    /* Number of columns per row. */
+    int columns[CA_TABLE_SIZE];
+    /* Size of Signer object. */
+    int signerSz;
+} CertCacheHeader;
+
+/* current cert persistence layout is:
+
+   1) CertCacheHeader
+   2) caTable
+
+   update WOLFSSL_CERT_CACHE_VERSION if change layout for the following
+   PERSIST_CERT_CACHE functions
+*/
+
+
+/* Return number of bytes of memory needed to persist this signer.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] Signer  Signer entry in CA table.
+ * @return  Number of bytes.
+ */
+static WC_INLINE int cm_get_signer_memory(Signer* signer)
+{
+    int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID)
+           + sizeof(signer->nameLen)    + sizeof(signer->subjectNameHash);
+
+#if !defined(NO_SKID)
+        sz += (int)sizeof(signer->subjectKeyIdHash);
+#endif
+
+    /* Add dynamic bytes needed. */
+    sz += (int)signer->pubKeySize;
+    sz += signer->nameLen;
+
+    return sz;
+}
+
+
+/* Return number of bytes of memory needed to persist this row.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] row  A row of signers from the CA table.
+ * @return  Number of bytes.
+ */
+static WC_INLINE int cm_get_cert_cache_row_memory(Signer* row)
+{
+    int sz = 0;
+
+    /* Each signer in row. */
+    while (row != NULL) {
+        /* Add in size of this signer. */
+        sz += cm_get_signer_memory(row);
+        row = row->next;
+    }
+
+    return sz;
+}
+
+
+/* Return the number of bytes of memory to persist cert cache.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  Number of bytes.
+ */
+static WC_INLINE int cm_get_cert_cache_mem_size(WOLFSSL_CERT_MANAGER* cm)
+{
+    int sz;
+    int i;
+
+    sz = sizeof(CertCacheHeader);
+
+    /* Each row in table. */
+    for (i = 0; i < CA_TABLE_SIZE; i++) {
+        /* Add in size of this row. */
+        sz += cm_get_cert_cache_row_memory(cm->caTable[i]);
+    }
+
+    return sz;
+}
+
+
+/* Get count of columns for each row.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] columns  Array of row counts.
+ */
+static WC_INLINE void cm_set_cert_header_Columns(WOLFSSL_CERT_MANAGER* cm,
+    int* columns)
+{
+    int     i;
+    Signer* row;
+
+    /* Each row in table. */
+    for (i = 0; i < CA_TABLE_SIZE; i++) {
+        int count = 0;
+
+        /* Get row from table. */
+        row = cm->caTable[i];
+        /* Each entry in row. */
+        while (row != NULL) {
+            /* Update count. */
+            ++count;
+            row = row->next;
+        }
+        /* Store row count. */
+        columns[i] = count;
+    }
+}
+
+
+/* Restore whole cert row from memory,
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] current  Buffer containing rows.
+ * @param [in] row      Row number being restored.
+ * @param [in] listSz   Number of entries in row.
+ * @param [in] end      End of data in buffer.
+ * @return  Number of bytes consumed on success.
+ * @return  PARSE_ERROR when listSz is less than zero.
+ * @return  BUFFER_E when buffer is too small.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  Negative value on error.
+ */
+static WC_INLINE int cm_restore_cert_row(WOLFSSL_CERT_MANAGER* cm,
+    byte* current, int row, int listSz, const byte* end)
+{
+    int ret = 0;
+    int idx = 0;
+
+    /* Validate parameters. */
+    if (listSz < 0) {
+        WOLFSSL_MSG("Row header corrupted, negative value");
+        ret = PARSE_ERROR;
+    }
+
+    /* Process all entries. */
+    while ((ret == 0) && (listSz > 0)) {
+        Signer* signer = NULL;
+        byte*   publicKey;
+        byte*   start = current + idx;  /* for end checks on this signer */
+        int     minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) +
+                      sizeof(signer->nameLen) + sizeof(signer->subjectNameHash);
+        #ifndef NO_SKID
+                minSz += (int)sizeof(signer->subjectKeyIdHash);
+        #endif
+
+        /* Check minimal size of bytes available. */
+        if (start + minSz > end) {
+            WOLFSSL_MSG("Would overread restore buffer");
+            ret = BUFFER_E;
+        }
+        /* Make a new signer. */
+        if ((ret == 0) && ((signer = MakeSigner(cm->heap)) == NULL)) {
+            ret = MEMORY_E;
+        }
+
+        if (ret == 0) {
+            /* Copy in public key size. */
+            XMEMCPY(&signer->pubKeySize, current + idx,
+                sizeof(signer->pubKeySize));
+            idx += (int)sizeof(signer->pubKeySize);
+
+            /* Copy in public key OID. */
+            XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID));
+            idx += (int)sizeof(signer->keyOID);
+
+            /* Check bytes available for public key. */
+            if (start + minSz + signer->pubKeySize > end) {
+                WOLFSSL_MSG("Would overread restore buffer");
+                ret = BUFFER_E;
+            }
+        }
+        if (ret == 0) {
+            /* Allocate memory for public key to be stored in. */
+            publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap,
+                DYNAMIC_TYPE_KEY);
+            if (publicKey == NULL) {
+                ret = MEMORY_E;
+            }
+        }
+
+        if (ret == 0) {
+            /* Copy in public key. */
+            XMEMCPY(publicKey, current + idx, signer->pubKeySize);
+            signer->publicKey = publicKey;
+            idx += (int)signer->pubKeySize;
+
+            /* Copy in certificate name length. */
+            XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen));
+            idx += (int)sizeof(signer->nameLen);
+
+            /* Check bytes available for certificate name. */
+            if (start + minSz + signer->pubKeySize + signer->nameLen > end) {
+                WOLFSSL_MSG("Would overread restore buffer");
+                ret = BUFFER_E;
+            }
+        }
+        if (ret == 0) {
+            /* Allocate memory for public key to be stored in. */
+            signer->name = (char*)XMALLOC((size_t)signer->nameLen, cm->heap,
+                DYNAMIC_TYPE_SUBJECT_CN);
+            if (signer->name == NULL) {
+                ret = MEMORY_E;
+            }
+        }
+
+        if (ret == 0) {
+            /* Copy in certificate name. */
+            XMEMCPY(signer->name, current + idx, (size_t)signer->nameLen);
+            idx += signer->nameLen;
+
+            /* Copy in hash of subject name. */
+            XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE);
+            idx += SIGNER_DIGEST_SIZE;
+
+        #ifndef NO_SKID
+            /* Copy in hash of subject key. */
+            XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE);
+            idx += SIGNER_DIGEST_SIZE;
+        #endif
+
+            /* Make next Signer the head of the row. */
+            signer->next = cm->caTable[row];
+            /* Add Signer to start of row. */
+            cm->caTable[row] = signer;
+
+            /* Done one more Signer. */
+            --listSz;
+        }
+
+        if ((ret != 0) && (signer != NULL)) {
+            /* Dispose of allocated signer. */
+            FreeSigner(signer, cm->heap);
+        }
+    }
+
+    if (ret == 0) {
+        /* Return the number of bytes used on success. */
+        ret = idx;
+    }
+    return ret;
+}
+
+
+/* Store whole CA certificate row into memory.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] current  Buffer to write to.
+ * @param [in] row      Row number being stored.
+ * @return  Number of bytes added.
+ */
+static WC_INLINE int cm_store_cert_row(WOLFSSL_CERT_MANAGER* cm, byte* current,
+    int row)
+{
+    int     added  = 0;
+    Signer* list;
+
+    /* Get the row - a linked list. */
+    list  = cm->caTable[row];
+    /* Each certificate in row. */
+    while (list != NULL) {
+        /* Public key size. */
+        XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize));
+        added += (int)sizeof(list->pubKeySize);
+
+        /* Public key OID. */
+        XMEMCPY(current + added, &list->keyOID,     sizeof(list->keyOID));
+        added += (int)sizeof(list->keyOID);
+
+        /* Public key. */
+        XMEMCPY(current + added, list->publicKey, (size_t)list->pubKeySize);
+        added += (int)list->pubKeySize;
+
+        /* Certificate name length. */
+        XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen));
+        added += (int)sizeof(list->nameLen);
+
+        /* Certificate name. */
+        XMEMCPY(current + added, list->name, (size_t)list->nameLen);
+        added += list->nameLen;
+
+        /* Hash of subject name. */
+        XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE);
+        added += SIGNER_DIGEST_SIZE;
+
+    #ifndef NO_SKID
+        /* Hash of public key. */
+        XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE);
+        added += SIGNER_DIGEST_SIZE;
+    #endif
+
+        /* Next certificate in row. */
+        list = list->next;
+    }
+
+    return added;
+}
+
+
+/* Persist CA certificate cache to memory.
+ *
+ * Assumes we have locked CA table.
+ *
+ * @param [in] cm   Certificate manager.
+ * @param [in] mem  Memory to persist into.
+ * @param [in] sz   Size in bytes of memory.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BUFFER_E when memory is too small.
+ */
+static WC_INLINE int cm_do_mem_save_cert_cache(WOLFSSL_CERT_MANAGER* cm,
+    void* mem, int sz)
+{
+    int ret = WOLFSSL_SUCCESS;
+    int realSz;
+    int i;
+
+    WOLFSSL_ENTER("cm_do_mem_save_cert_cache");
+
+    /* Calculate amount of memory required to store CA certificate table. */
+    realSz = cm_get_cert_cache_mem_size(cm);
+    if (realSz > sz) {
+        WOLFSSL_MSG("Mem output buffer too small");
+        ret = BUFFER_E;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        byte*           current;
+        CertCacheHeader hdr;
+
+        /* Create header for storage. */
+        hdr.version  = WOLFSSL_CACHE_CERT_VERSION;
+        hdr.rows     = CA_TABLE_SIZE;
+        cm_set_cert_header_Columns(cm, hdr.columns);
+        hdr.signerSz = (int)sizeof(Signer);
+
+        /* Copy header into memory. */
+        XMEMCPY(mem, &hdr, sizeof(CertCacheHeader));
+        current = (byte*)mem + sizeof(CertCacheHeader);
+
+        /* Each row of table. */
+        for (i = 0; i < CA_TABLE_SIZE; ++i) {
+            /* Append row to memory. */
+            current += cm_store_cert_row(cm, current, i);
+        }
+    }
+
+    return ret;
+}
+
+
+#if !defined(NO_FILESYSTEM)
+
+/* Persist CA certificate cache to file.
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm     Certificate manager.
+ * @param [in] fname  File name to write to.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_BAD_FILE when opening file fails.
+ * @return  BAD_MUTEX_E when locking fails.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  FWRITE_ERROR when writing to file fails.
+ */
+int CM_SaveCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+    XFILE file;
+    int   ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("CM_SaveCertCache");
+
+    /* Open file for writing. */
+    file = XFOPEN(fname, "w+b");
+    if (file == XBADFILE) {
+       WOLFSSL_MSG("Couldn't open cert cache save file");
+       ret = WOLFSSL_BAD_FILE;
+    }
+
+    /* Lock CA table. */
+    if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+        WOLFSSL_MSG("wc_LockMutex on caLock failed");
+        ret = BAD_MUTEX_E;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        byte* mem;
+        /* Calculate size of memory required to store CA table. */
+        size_t memSz = (size_t)cm_get_cert_cache_mem_size(cm);
+        /* Allocate memory to hold CA table. */
+        mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        if (mem == NULL) {
+            WOLFSSL_MSG("Alloc for tmp buffer failed");
+            ret = MEMORY_E;
+        }
+        if (ret == WOLFSSL_SUCCESS) {
+            /* Store CA table in memory. */
+            ret = cm_do_mem_save_cert_cache(cm, mem, (int)memSz);
+        }
+        if (ret == WOLFSSL_SUCCESS) {
+            /* Write memory to file. */
+            int sz = (int)XFWRITE(mem, memSz, 1, file);
+            if (sz != 1) {
+                WOLFSSL_MSG("Cert cache file write failed");
+                ret = FWRITE_ERROR;
+            }
+        }
+        if (mem != NULL) {
+            XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        }
+
+        /* Unlock CA table. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    /* Close file. */
+    if (file != XBADFILE) {
+        XFCLOSE(file);
+    }
+    return ret;
+}
+
+
+/* Restore CA certificate cache from file.
+ *
+ * @param [in] cm     Certificate manager.
+ * @param [in] fname  File name to write to.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_BAD_FILE when opening or using file fails.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  FREAD_ERROR when reading from file fails.
+ */
+int CM_RestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const char* fname)
+{
+    XFILE file;
+    int   ret = WOLFSSL_SUCCESS;
+    int   memSz = 0;
+    byte* mem = NULL;
+
+    WOLFSSL_ENTER("CM_RestoreCertCache");
+
+    /* Open file for reading. */
+    file = XFOPEN(fname, "rb");
+    if (file == XBADFILE) {
+       WOLFSSL_MSG("Couldn't open cert cache save file");
+       ret = WOLFSSL_BAD_FILE;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Read file into allocated memory. */
+        ret = wolfssl_read_file(file, (char**)&mem, &memSz);
+        if (ret == 0) {
+            ret = WOLFSSL_SUCCESS;
+        }
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Create the CA certificate table from memory. */
+        ret = CM_MemRestoreCertCache(cm, mem, memSz);
+        if (ret != WOLFSSL_SUCCESS) {
+            WOLFSSL_MSG("Mem restore cert cache failed");
+        }
+    }
+
+    /* Dispose of dynamic memory read into. */
+    XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    /* Close file. */
+    if (file != XBADFILE) {
+        XFCLOSE(file);
+    }
+    return ret;
+}
+
+#endif /* NO_FILESYSTEM */
+
+
+/* Persist CA certificate cache to memory.
+ *
+ * Locks CA table.
+ *
+ * @param [in]  cm    Certificate manager.
+ * @param [in]  mem   Memory to persist into.
+ * @param [in]  sz    Size in bytes of memory.
+ * @param [out] used  Number of bytes used when persisting cache.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_MUTEX_E when locking fails.
+ * @return  BUFFER_E when memory is too small.
+ */
+int CM_MemSaveCertCache(WOLFSSL_CERT_MANAGER* cm, void* mem, int sz, int* used)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("CM_MemSaveCertCache");
+
+    /* Lock CA table. */
+    if (wc_LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("wc_LockMutex on caLock failed");
+        ret = BAD_MUTEX_E;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Save CA table into memory. */
+        ret = cm_do_mem_save_cert_cache(cm, mem, sz);
+        if (ret == WOLFSSL_SUCCESS) {
+            /* Get the number of bytes used. */
+            *used  = cm_get_cert_cache_mem_size(cm);
+        }
+
+        /* Unlock CA table. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    return ret;
+}
+
+
+/* Restore CA certificate table from memory,
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm   Certificate manager.
+ * @param [in] mem  Buffer containing rows.
+ * @param [in] sz   Size in bytes of data in buffer.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BUFFER_E when buffer is too small.
+ * @return  BAD_MUTEX_E when locking fails.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ */
+int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm, const void* mem, int sz)
+{
+    int ret = WOLFSSL_SUCCESS;
+    int i;
+    CertCacheHeader* hdr = (CertCacheHeader*)mem;
+    byte*            current = (byte*)mem + sizeof(CertCacheHeader);
+    byte*            end     = (byte*)mem + sz;  /* don't go over */
+
+    WOLFSSL_ENTER("CM_MemRestoreCertCache");
+
+    /* Check memory available is bigger than cache header. */
+    if (current > end) {
+        WOLFSSL_MSG("Cert Cache Memory buffer too small");
+        ret = BUFFER_E;
+    }
+
+    /* Validate the cache header. */
+    if ((ret == WOLFSSL_SUCCESS) &&
+            ((hdr->version  != WOLFSSL_CACHE_CERT_VERSION) ||
+             (hdr->rows     != CA_TABLE_SIZE) ||
+             (hdr->signerSz != (int)sizeof(Signer)))) {
+        WOLFSSL_MSG("Cert Cache Memory header mismatch");
+        ret = CACHE_MATCH_ERROR;
+    }
+
+    /* Lock CA table. */
+    if ((ret == WOLFSSL_SUCCESS) && (wc_LockMutex(&cm->caLock) != 0)) {
+        WOLFSSL_MSG("wc_LockMutex on caLock failed");
+        ret = BAD_MUTEX_E;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Dispose of current CA certificate table. */
+        FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap);
+
+        /* Each row. */
+        for (i = 0; i < CA_TABLE_SIZE; ++i) {
+            /* Restore a row from memory. */
+            int added = cm_restore_cert_row(cm, current, i, hdr->columns[i],
+                end);
+            /* Bail on error. */
+            if (added < 0) {
+                WOLFSSL_MSG("cm_restore_cert_row error");
+                ret = added;
+                break;
+            }
+            /* Update pointer to data of next row. */
+            current += added;
+        }
+
+        /* Unlock CA table. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    return ret;
+}
+
+
+/* Calculate size of CA certificate cache when persisted to memory.
+ *
+ * Locks CA table.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  Number of bytes on success.
+ * @return  BAD_MUTEX_E when locking fails.
+ */
+int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret;
+
+    WOLFSSL_ENTER("CM_GetCertCacheMemSize");
+
+    /* Lock CA table. */
+    if (wc_LockMutex(&cm->caLock) != 0) {
+        WOLFSSL_MSG("wc_LockMutex on caLock failed");
+        ret = BAD_MUTEX_E;
+    }
+    else {
+        /* Calculate memory size. */
+        ret = cm_get_cert_cache_mem_size(cm);
+
+        /* Unlock CA table. */
+        wc_UnLockMutex(&cm->caLock);
+    }
+
+    return ret;
+}
+
+#endif /* PERSIST_CERT_CACHE */
+
+/*******************************************************************************
+ * CRL handling
+ ******************************************************************************/
+
+/* Enables/disables the use of CRLs when validating certificates.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] options  Options for using CRLs. Valid flags:
+ *                        WOLFSSL_CRL_CHECKALL, WOLFSSL_CRL_CHECK.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  WOLFSSL_FAILURE when initializing the CRL object fails.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when the CRL feature is disabled.
+ */
+int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableCRL");
+
+    (void)options;
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+    /* If disabling then don't worry about whether CRL feature is enabled. */
+    if ((ret == WOLFSSL_SUCCESS) && (options == 0)) {
+        /* Disable leaf CRL check. */
+        cm->crlEnabled = 0;
+        /* Disable all CRL checks. */
+        cm->crlCheckAll = 0;
+    }
+    else
+#endif
+    if (ret == WOLFSSL_SUCCESS) {
+#ifndef HAVE_CRL
+        /* CRL feature not enabled. */
+        ret = NOT_COMPILED_IN;
+#else
+        /* Create CRL object if not present. */
+        if (cm->crl == NULL) {
+            /* Allocate memory for CRL object. */
+            cm->crl = (WOLFSSL_CRL*)XMALLOC(sizeof(WOLFSSL_CRL), cm->heap,
+                                            DYNAMIC_TYPE_CRL);
+            if (cm->crl == NULL) {
+                ret = MEMORY_E;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                /* Reset fields of CRL object. */
+                XMEMSET(cm->crl, 0, sizeof(WOLFSSL_CRL));
+                /* Initialize CRL object. */
+                if (InitCRL(cm->crl, cm) != 0) {
+                    WOLFSSL_MSG("Init CRL failed");
+                    /* Dispose of CRL object - indicating dynamically allocated.
+                     */
+                    FreeCRL(cm->crl, 1);
+                    cm->crl = NULL;
+                    ret = WOLFSSL_FAILURE;
+                }
+            }
+        }
+
+        if (ret == WOLFSSL_SUCCESS) {
+        #if defined(HAVE_CRL_IO) && defined(USE_WOLFSSL_IO)
+            /* Use built-in callback to lookup CRL from URL. */
+            cm->crl->crlIOCb = EmbedCrlLookup;
+        #endif
+        #if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+            if ((options & WOLFSSL_CRL_CHECKALL) ||
+                (options & WOLFSSL_CRL_CHECK))
+        #endif
+            {
+                /* Enable leaf CRL check. */
+                cm->crlEnabled = 1;
+                if (options & WOLFSSL_CRL_CHECKALL) {
+                    /* Enable all CRL check. */
+                    cm->crlCheckAll = 1;
+                }
+            }
+        }
+#endif
+    }
+
+    return ret;
+}
+
+
+/* Disables the CRL checks.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableCRL");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Disable CRL checking. */
+        cm->crlEnabled = 0;
+        cm->crlCheckAll = 0;
+    }
+
+    return ret;
+}
+
+#ifdef HAVE_CRL
+
+/* Load CRL for use.
+ *
+ * @param [in] cm    Certificate manager.
+ * @param [in] buff  Buffer holding CRL.
+ * @param [in] sz    Size in bytes of CRL in buffer.
+ * @param [in] type  Format of encoding. Valid values:
+ *                     WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or buff is NULL or sz is negative or zero.
+ * @return  WOLFSSL_FATAL_ERROR when creating CRL object fails.
+ */
+int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* buff, long sz, int type)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLBuffer");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (buff == NULL) || (sz <= 0)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Create a CRL object if not available and enable CRL checking. */
+    if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+            (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+             WOLFSSL_SUCCESS)) {
+        WOLFSSL_MSG("Enable CRL failed");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Load CRL into CRL object of the certificate manager. */
+        ret = BufferLoadCRL(cm->crl, buff, sz, type, VERIFY);
+    }
+
+    return ret;
+}
+
+/* Free the CRL object of the certificate manager.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerFreeCRL");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    /* Check whether CRL object exists. */
+    if ((ret == WOLFSSL_SUCCESS) && (cm->crl != NULL)) {
+        /* Dispose of CRL object - indicating dynamically allocated. */
+        FreeCRL(cm->crl, 1);
+        cm->crl = NULL;
+    }
+
+    return ret;
+}
+
+/* Check DER encoded certificate against CRLs if checking enabled.
+ *
+ * @param [in] cm   Certificate manager.
+ * @param [in] der  DER encode certificate.
+ * @param [in] sz   Size in bytes of DER encode certificate.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or der is NULL or sz is negative or zero.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* der, int sz)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerCheckCRL");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (der == NULL) || (sz <= 0)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Check if CRL checking enabled. */
+    if ((ret == 0) && cm->crlEnabled) {
+    #ifdef WOLFSSL_SMALL_STACK
+        /* Allocate memory for decoded certificate. */
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
+            DYNAMIC_TYPE_DCERT);
+        if (cert == NULL)
+            ret = MEMORY_E;
+        if (ret == 0)
+    #endif
+        {
+            /* Initialize decoded certificate with buffer. */
+            InitDecodedCert(cert, der, (word32)sz, NULL);
+
+            /* Parse certificate and perform CRL checks. */
+            ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_CRL, cm);
+            if (ret != 0) {
+                WOLFSSL_MSG("ParseCert failed");
+            }
+            /* Do CRL checks with decoded certificate. */
+            else if ((ret = CheckCertCRL(cm->crl, cert)) != 0) {
+                WOLFSSL_MSG("CheckCertCRL failed");
+            }
+
+            /* Dispose of dynamically allocated memory. */
+            FreeDecodedCert(cert);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(cert, NULL, DYNAMIC_TYPE_DCERT);
+        #endif
+        }
+    }
+
+    return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Set the missing CRL callback.
+ *
+ * @param [in] cm  Certificate manager.
+ * @param [in] cb  Missing CRL callback.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm, CbMissingCRL cb)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetCRL_Cb");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Store callback. */
+        cm->cbMissingCRL = cb;
+    }
+
+    return ret;
+}
+
+#ifdef HAVE_CRL_IO
+/* Set the CRL I/O callback.
+ *
+ * @param [in] cm  Certificate manager.
+ * @param [in] cb  CRL I/O callback.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm, CbCrlIO cb)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if ((ret == WOLFSSL_SUCCESS) && (cm->crl != NULL)) {
+        /* Store callback. */
+        cm->crl->crlIOCb = cb;
+    }
+
+    return ret;
+}
+#endif
+
+#ifndef NO_FILESYSTEM
+/* Load CRL/s from path with the option of monitoring for changes.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] path     Path to a directory containing CRLs.
+ * @param [in] type     Format of encoding. Valid values:
+ *                        WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @param [in] monitor  Whether to monitor path for changes to files.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or path is NULL.
+ * @return  WOLFSSL_FATAL_ERROR when enabling CRLs fails.
+ */
+int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm, const char* path,
+    int type, int monitor)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRL");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (path == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Create a CRL object if not available. */
+    if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+            (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+             WOLFSSL_SUCCESS)) {
+        WOLFSSL_MSG("Enable CRL failed");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Load CRLs from path into CRL object of certificate manager. */
+        ret = LoadCRL(cm->crl, path, type, monitor);
+    }
+
+    return ret;
+}
+
+/* Load CRL from file.
+ *
+ * @param [in] cm    Certificate manager.
+ * @param [in] file  Path to a directory containing CRLs.
+ * @param [in] type  Format of encoding. Valid values:
+ *                       WOLFSSL_FILETYPE_ASN1, WOLFSSL_FILETYPE_PEM.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or file is NULL.
+ * @return  WOLFSSL_FATAL_ERROR when enabling CRLs fails.
+ */
+int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm, const char* file,
+    int type)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerLoadCRLFile");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (file == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Create a CRL object if not available. */
+    if ((ret == WOLFSSL_SUCCESS) && (cm->crl == NULL) &&
+            (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK) !=
+             WOLFSSL_SUCCESS)) {
+        WOLFSSL_MSG("Enable CRL failed");
+        ret = WOLFSSL_FATAL_ERROR;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Load CRL file into CRL object of certificate manager. */
+        ret = ProcessFile(NULL, file, type, CRL_TYPE, NULL, 0, cm->crl, VERIFY);
+    }
+
+    return ret;
+}
+#endif /* !NO_FILESYSTEM */
+
+#endif /* HAVE_CRL */
+
+/*******************************************************************************
+ * OCSP handling
+ ******************************************************************************/
+
+/* Enables OCSP when validating certificates and sets options.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] options  Options for using OCSP. Valid flags:
+ *                        WOLFSSL_OCSP_URL_OVERRIDE, WOLFSSL_OCSP_NO_NONCE,
+ *                        WOLFSSL_OCSP_CHECKALL.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  0 when initializing the OCSP object fails.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when the OCSP feature is disabled.
+ */
+int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm, int options)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    (void)options;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSP");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#ifndef HAVE_OCSP
+    if (ret == WOLFSSL_SUCCESS) {
+        /* OCSP feature not enabled. */
+        ret = NOT_COMPILED_IN;
+    }
+#else
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Check whether OCSP object is available. */
+        if (cm->ocsp == NULL) {
+            /* Allocate memory for OCSP object. */
+            cm->ocsp = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP), cm->heap,
+                DYNAMIC_TYPE_OCSP);
+            if (cm->ocsp == NULL) {
+                ret = MEMORY_E;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                /* Reset the fields of the OCSP object. */
+                XMEMSET(cm->ocsp, 0, sizeof(WOLFSSL_OCSP));
+                /* Initialize the OCSP object. */
+                if (InitOCSP(cm->ocsp, cm) != 0) {
+                    WOLFSSL_MSG("Init OCSP failed");
+                    /* Dispose of OCSP object - indicating dynamically allocated.
+                     */
+                    FreeOCSP(cm->ocsp, 1);
+                    cm->ocsp = NULL;
+                    ret = 0;
+                }
+            }
+        }
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Enable OCSP checking. */
+        cm->ocspEnabled = 1;
+        /* Enable URL override if requested. */
+        if (options & WOLFSSL_OCSP_URL_OVERRIDE) {
+            cm->ocspUseOverrideURL = 1;
+        }
+        /* Set nonce option for creating OCSP requests. */
+        cm->ocspSendNonce = (options & WOLFSSL_OCSP_NO_NONCE) !=
+            WOLFSSL_OCSP_NO_NONCE;
+        /* Set all OCSP checks on if requested. */
+        if (options & WOLFSSL_OCSP_CHECKALL) {
+            cm->ocspCheckAll = 1;
+        }
+    #ifndef WOLFSSL_USER_IO
+        /* Set built-in OCSP lookup. */
+        cm->ocspIOCb = EmbedOcspLookup;
+        cm->ocspRespFreeCb = EmbedOcspRespFree;
+        cm->ocspIOCtx = cm->heap;
+    #endif /* WOLFSSL_USER_IO */
+    }
+#endif /* HAVE_OCSP */
+
+    return ret;
+}
+
+/* Disables the OCSP checks.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSP");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Disable use of OCSP with certificate validation. */
+        cm->ocspEnabled = 0;
+    }
+
+    return ret;
+}
+
+/* Enables OCSP stapling with certificates in manager.
+ *
+ * @param [in] cm       Certificate manager.
+ * @param [in] options  Options for using OCSP. Valid flags:
+ *                        WOLFSSL_OCSP_URL_OVERRIDE, WOLFSSL_OCSP_NO_NONCE,
+ *                        WOLFSSL_OCSP_CHECKALL.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  0 when initializing the OCSP stapling object fails.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ * @return  NOT_COMPILED_IN when the OCSP stapling feature is disabled.
+ */
+int wolfSSL_CertManagerEnableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPStapling");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
+    !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    if (ret == WOLFSSL_SUCCESS) {
+        /* OCSP stapling feature not enabled. */
+        ret = NOT_COMPILED_IN;
+    }
+#else
+#ifndef NO_WOLFSSL_SERVER
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Check whether OCSP object is available. */
+        if (cm->ocsp_stapling == NULL) {
+            /* Allocate memory for OCSP stapling object. */
+            cm->ocsp_stapling = (WOLFSSL_OCSP*)XMALLOC(sizeof(WOLFSSL_OCSP),
+                cm->heap, DYNAMIC_TYPE_OCSP);
+            if (cm->ocsp_stapling == NULL) {
+                ret = MEMORY_E;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                /* Reset the fields of the OCSP object. */
+                XMEMSET(cm->ocsp_stapling, 0, sizeof(WOLFSSL_OCSP));
+                /* Initialize the OCSP stapling object. */
+                if (InitOCSP(cm->ocsp_stapling, cm) != 0) {
+                    WOLFSSL_MSG("Init OCSP failed");
+                    /* Dispose of OCSP stapling object - indicating dynamically
+                     * allocated. */
+                    FreeOCSP(cm->ocsp_stapling, 1);
+                    cm->ocsp_stapling = NULL;
+                    ret = 0;
+                }
+            }
+        }
+    }
+#ifndef WOLFSSL_USER_IO
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Set built-in OCSP lookup. */
+        cm->ocspIOCb = EmbedOcspLookup;
+        cm->ocspRespFreeCb = EmbedOcspRespFree;
+        cm->ocspIOCtx = cm->heap;
+    }
+#endif /* WOLFSSL_USER_IO */
+#endif /* NO_WOLFSSL_SERVER */
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Enable OCSP stapling. */
+        cm->ocspStaplingEnabled = 1;
+    }
+#endif /* HAVE_CERTIFICATE_STATUS_REQUEST ||
+        * HAVE_CERTIFICATE_STATUS_REQUEST_V2 */
+
+    return ret;
+}
+
+/* Disables OCSP Stapling.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSPStapling(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPStapling");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+    #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+        defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+        /* Disable use of OCSP Stapling. */
+        cm->ocspStaplingEnabled = 0;
+    #else
+        /* OCSP stapling feature not enabled. */
+        ret = NOT_COMPILED_IN;
+    #endif
+    }
+
+    return ret;
+}
+
+/* Enable the must use OCSP Stapling option.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerEnableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerEnableOCSPMustStaple");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+    defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    #ifndef NO_WOLFSSL_CLIENT
+        /* Enable must use OCSP Stapling option. */
+        cm->ocspMustStaple = 1;
+    #endif
+#else
+        /* OCSP stapling feature not enabled. */
+        ret = NOT_COMPILED_IN;
+#endif
+    }
+
+    return ret;
+}
+
+/* Disable the must use OCSP Stapling option.
+ *
+ * @param [in] cm  Certificate manager.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerDisableOCSPMustStaple(WOLFSSL_CERT_MANAGER* cm)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerDisableOCSPMustStaple");
+
+    /* Validate parameter. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+    defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    #ifndef NO_WOLFSSL_CLIENT
+        /* Disable must use OCSP Stapling option. */
+        cm->ocspMustStaple = 0;
+    #endif
+#else
+        /* OCSP stapling feature not enabled. */
+        ret = NOT_COMPILED_IN;
+#endif
+    }
+
+    return ret;
+}
+
+#ifdef HAVE_OCSP
+/* Check DER encoded certificate against with OCSP if checking enabled.
+ *
+ * @param [in] cm   Certificate manager.
+ * @param [in] der  DER encode certificate.
+ * @param [in] sz   Size in bytes of DER encode certificate.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or der is NULL or sz is negative or 0.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
+    const unsigned char* der, int sz)
+{
+    int ret = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    DecodedCert* cert = NULL;
+#else
+    DecodedCert  cert[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSP");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (der == NULL) || (sz <= 0)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Check if OCSP checking enabled. */
+    if ((ret == 0) && cm->ocspEnabled) {
+    #ifdef WOLFSSL_SMALL_STACK
+        /* Allocate memory for decoded certificate. */
+        cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), cm->heap,
+            DYNAMIC_TYPE_DCERT);
+        if (cert == NULL) {
+            ret = MEMORY_E;
+        }
+        if (ret == 0)
+    #endif
+        {
+            /* Initialize decoded certificate with buffer. */
+            InitDecodedCert(cert, der, (word32)sz, NULL);
+
+            /* Parse certificate and perform CRL checks. */
+            ret = ParseCertRelative(cert, CERT_TYPE, VERIFY_OCSP, cm);
+            if (ret != 0) {
+                WOLFSSL_MSG("ParseCert failed");
+            }
+            /* Do OCSP checks with decoded certificate. */
+            else if ((ret = CheckCertOCSP(cm->ocsp, cert)) != 0) {
+                WOLFSSL_MSG("CheckCertOCSP failed");
+            }
+
+            /* Dispose of dynamically allocated memory. */
+            FreeDecodedCert(cert);
+        #ifdef WOLFSSL_SMALL_STACK
+            XFREE(cert, cm->heap, DYNAMIC_TYPE_DCERT);
+        #endif
+        }
+    }
+
+    return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Check OCSP response.
+ *
+ * @param [in] cm              Certificate manager.
+ * @param [in] response        Buffer holding OCSP response.
+ * @param [in] responseSz      Size in bytes of OCSP response.
+ * @param [in] responseBuffer  Buffer to copy response into.
+ * @param [in] status          Place to store certificate status.
+ * @param [in] entry           Place to store OCSP entry.
+ * @param [in] ocspRequest     OCSP request to match with response.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm or response is NULL.
+ */
+int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER *cm,
+    byte *response, int responseSz, buffer *responseBuffer,
+    CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest)
+{
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerCheckOCSPResponse");
+
+    /* Validate parameters. */
+    if ((cm == NULL) || (response == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+    if ((ret == 0) && cm->ocspEnabled) {
+        /* Check OCSP response with OCSP object from certificate manager. */
+        ret = CheckOcspResponse(cm->ocsp, response, responseSz, responseBuffer,
+            status, entry, ocspRequest, NULL);
+    }
+
+    return (ret == 0) ? WOLFSSL_SUCCESS : ret;
+}
+
+/* Set the OCSP override URL.
+ *
+ * @param [in] cm   Certificate manager.
+ * @param [in] url  URL to get an OCSP response from.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ */
+int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
+    const char* url)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSPOverrideURL");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Dispose of old URL. */
+        XFREE(cm->ocspOverrideURL, cm->heap, DYNAMIC_TYPE_URL);
+        if (url != NULL) {
+            /* Calculate size of URL string. Include terminator character. */
+            int urlSz = (int)XSTRLEN(url) + 1;
+            /* Allocate memory for URL to be copied into. */
+            cm->ocspOverrideURL = (char*)XMALLOC((size_t)urlSz, cm->heap,
+                DYNAMIC_TYPE_URL);
+            if (cm->ocspOverrideURL == NULL) {
+                ret = MEMORY_E;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                /* Copy URL into certificate manager. */
+                XMEMCPY(cm->ocspOverrideURL, url, (size_t)urlSz);
+            }
+        }
+        else {
+            /* No URL to set so make it NULL. */
+            cm->ocspOverrideURL = NULL;
+        }
+    }
+
+    return ret;
+}
+
+/* Set the OCSP I/O callback, OCSP response free callback and related data.
+ *
+ * @param [in] cm          Certificate manager.
+ * @param [in] ioCb        OCSP callback.
+ * @param [in] respFreeCb  Callback to free OCSP response buffer.
+ * @param [in] ioCbCtx     Context data to pass to OCSP callbacks.
+ * @return  WOLFSSL_SUCCESS on success.
+ * @return  BAD_FUNC_ARG when cm is NULL.
+ */
+int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm, CbOCSPIO ioCb,
+    CbOCSPRespFree respFreeCb, void* ioCbCtx)
+{
+    int ret = WOLFSSL_SUCCESS;
+
+    WOLFSSL_ENTER("wolfSSL_CertManagerSetOCSP_Cb");
+
+    /* Validate parameters. */
+    if (cm == NULL) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == WOLFSSL_SUCCESS) {
+        /* Set callbacks and data into certificate manager. */
+        cm->ocspIOCb = ioCb;
+        cm->ocspRespFreeCb = respFreeCb;
+        cm->ocspIOCtx = ioCbCtx;
+    }
+
+    return ret;
+}
+
+#endif /* HAVE_OCSP */
+
+#endif /* NO_CERTS */
+
+#endif /* !WOLFSSL_SSL_CERTMAN_INCLUDED */
diff --git a/extra/wolfssl/wolfssl/src/ssl_crypto.c b/extra/wolfssl/wolfssl/src/ssl_crypto.c
new file mode 100644
index 00000000..3c73b88f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/src/ssl_crypto.c
@@ -0,0 +1,3499 @@
+/* ssl_crypto.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef WOLFSSL_SSL_CRYPTO_INCLUDED
+    #ifndef WOLFSSL_IGNORE_FILE_WARN
+        #warning ssl_crypto.c does not need to be compiled separately from ssl.c
+    #endif
+#else
+
+/*******************************************************************************
+ * START OF Digest APIs
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+#ifndef NO_MD4
+/* Initialize MD4 hash operation.
+ *
+ * @param [in, out] md4  MD4 context object.
+ */
+void wolfSSL_MD4_Init(WOLFSSL_MD4_CTX* md4)
+{
+    /* Ensure WOLFSSL_MD4_CTX is big enough for wolfCrypt Md4. */
+    typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1];
+    (void)sizeof(ok);
+
+    WOLFSSL_ENTER("MD4_Init");
+
+    /* Initialize wolfCrypt MD4 object. */
+    wc_InitMd4((Md4*)md4);
+}
+
+/* Update MD4 hash with data.
+ *
+ * @param [in, out] md4   MD4 context object.
+ * @param [in]      data  Data to be hashed.
+ * @param [in]      len   Length of data in bytes.
+ */
+void wolfSSL_MD4_Update(WOLFSSL_MD4_CTX* md4, const void* data,
+    unsigned long len)
+{
+    WOLFSSL_ENTER("MD4_Update");
+
+    /* Update wolfCrypt MD4 object with data. */
+    wc_Md4Update((Md4*)md4, (const byte*)data, (word32)len);
+}
+
+/* Finalize MD4 hash and return output.
+ *
+ * @param [out]     digest  Hash output.
+ *                          Must be able to hold MD4_DIGEST_SIZE bytes.
+ * @param [in, out] md4     MD4 context object.
+ */
+void wolfSSL_MD4_Final(unsigned char* digest, WOLFSSL_MD4_CTX* md4)
+{
+    WOLFSSL_ENTER("MD4_Final");
+
+    /* Finalize wolfCrypt MD4 hash into digest. */
+    wc_Md4Final((Md4*)md4, digest);
+}
+
+#endif /* NO_MD4 */
+#endif /* OPENSSL_EXTRA */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
+#ifndef NO_MD5
+/* Initialize MD5 hash operation.
+ *
+ * @param [in, out] md5  MD5 context object.
+ * @return  1 on success.
+ * @return  0 when md5 is NULL.
+ */
+int wolfSSL_MD5_Init(WOLFSSL_MD5_CTX* md5)
+{
+    /* Ensure WOLFSSL_MD5_CTX is big enough for wolfCrypt wc_Md5. */
+    typedef char md5_test[sizeof(WOLFSSL_MD5_CTX) >= sizeof(wc_Md5) ? 1 : -1];
+    (void)sizeof(md5_test);
+
+    WOLFSSL_ENTER("MD5_Init");
+
+    /* Initialize wolfCrypt MD5 object. */
+    return wc_InitMd5((wc_Md5*)md5) == 0;
+}
+
+/* Update MD5 hash with data.
+ *
+ * @param [in, out] md5    MD5 context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when md5 is NULL.
+ */
+int wolfSSL_MD5_Update(WOLFSSL_MD5_CTX* md5, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("MD5_Update");
+
+    /* Update wolfCrypt MD5 object with data. */
+    return wc_Md5Update((wc_Md5*)md5, (const byte*)input, (word32)sz) == 0;
+}
+
+/* Finalize MD5 hash and return output.
+ *
+ * @param [out]     digest  Hash output.
+ *                          Must be able to hold MD5_DIGEST_SIZE bytes.
+ * @param [in, out] md5     MD5 context object.
+ * @return  1 on success.
+ * @return  0 when md5 or output is NULL.
+ */
+int wolfSSL_MD5_Final(byte* output, WOLFSSL_MD5_CTX* md5)
+{
+    int ret;
+
+    WOLFSSL_ENTER("MD5_Final");
+
+    /* Finalize wolfCrypt MD5 hash into output. */
+    ret = (wc_Md5Final((wc_Md5*)md5, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include MD5_Free(). */
+    wc_Md5Free((wc_Md5*)md5);
+
+    return ret;
+}
+
+/* Apply MD5 transformation to the data.
+ *
+ * 'data' has words reversed in this function when big endian.
+ *
+ * @param [in, out] md5   MD5 context object.
+ * @param [in, out] data  One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when md5 or data is NULL.
+ */
+int wolfSSL_MD5_Transform(WOLFSSL_MD5_CTX* md5, const unsigned char* data)
+{
+    WOLFSSL_ENTER("MD5_Transform");
+
+#if defined(BIG_ENDIAN_ORDER)
+    /* Byte reversal done outside transform. */
+    if ((md5 != NULL) && (data != NULL)) {
+        ByteReverseWords((word32*)data, (word32*)data, WC_MD5_BLOCK_SIZE);
+    }
+#endif
+    /* Transform block of data with wolfCrypt MD5 object. */
+    return wc_Md5Transform((wc_Md5*)md5, data) == 0;
+}
+
+/* One shot MD5 hash of data.
+ *
+ * When hash is null, a static buffer of MD5_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to be hashed.
+ * @param [in]  len   Length of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold MD5_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_MD5(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static unsigned char dgst[WC_MD5_DIGEST_SIZE];
+
+    WOLFSSL_ENTER("wolfSSL_MD5");
+
+    /* Ensure buffer available for digest result. */
+    if (hash == NULL) {
+        hash = dgst;
+    }
+    /* One shot MD5 hash with wolfCrypt. */
+    if (wc_Md5Hash(data, (word32)len, hash) != 0) {
+        WOLFSSL_MSG("wc_Md5Hash error");
+        hash = NULL;
+    }
+
+    return hash;
+}
+#endif /* !NO_MD5 */
+
+#ifndef NO_SHA
+/* Initialize SHA hash operation.
+ *
+ * @param [in, out] sha  SHA context object.
+ * @return  1 on success.
+ * @return  0 when sha is NULL.
+ */
+int wolfSSL_SHA_Init(WOLFSSL_SHA_CTX* sha)
+{
+    /* Ensure WOLFSSL_SHA_CTX is big enough for wolfCrypt wc_Sha. */
+    typedef char sha_test[sizeof(WOLFSSL_SHA_CTX) >= sizeof(wc_Sha) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA_Init");
+
+    /* Initialize wolfCrypt SHA object. */
+    return wc_InitSha((wc_Sha*)sha) == 0;
+}
+
+/* Update SHA hash with data.
+ *
+ * @param [in, out] sha    SHA context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when md5 is NULL.
+ */
+int wolfSSL_SHA_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA_Update");
+
+    /* Update wolfCrypt SHA object with data. */
+    return wc_ShaUpdate((wc_Sha*)sha, (const byte*)input, (word32)sz) == 0;
+}
+
+/* Finalize SHA hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @param [in, out] sha     SHA context object.
+ * @return  1 on success.
+ * @return  0 when sha or output is NULL.
+ */
+int wolfSSL_SHA_Final(byte* output, WOLFSSL_SHA_CTX* sha)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA_Final");
+
+    /* Finalize wolfCrypt SHA hash into output. */
+    ret = (wc_ShaFinal((wc_Sha*)sha, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA_Free(). */
+    wc_ShaFree((wc_Sha*)sha);
+
+    return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha   SHA context object.
+ * @param [in, out] data  One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha or data is NULL.
+ */
+int wolfSSL_SHA_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char* data)
+{
+    WOLFSSL_ENTER("SHA_Transform");
+
+#if defined(LITTLE_ENDIAN_ORDER)
+    /* Byte reversal done outside transform. */
+    if ((sha != NULL) && (data != NULL)) {
+        ByteReverseWords((word32*)data, (word32*)data, WC_SHA_BLOCK_SIZE);
+    }
+#endif
+    /* Transform block of data with wolfCrypt SHA object. */
+    return wc_ShaTransform((wc_Sha*)sha, data) == 0;
+}
+#endif
+
+/* Initialize SHA-1 hash operation.
+ *
+ * @param [in, out] sha  SHA context object.
+ * @return  1 on success.
+ * @return  0 when sha is NULL.
+ */
+int wolfSSL_SHA1_Init(WOLFSSL_SHA_CTX* sha)
+{
+    WOLFSSL_ENTER("SHA1_Init");
+
+    return SHA_Init(sha);
+}
+
+
+/* Update SHA-1 hash with data.
+ *
+ * @param [in, out] sha    SHA context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha is NULL.
+ */
+int wolfSSL_SHA1_Update(WOLFSSL_SHA_CTX* sha, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA1_Update");
+
+    return SHA_Update(sha, input, sz);
+}
+
+/* Finalize SHA-1 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @param [in, out] sha     SHA context object.
+ * @return  1 on success.
+ * @return  0 when sha or output is NULL.
+ */
+int wolfSSL_SHA1_Final(byte* output, WOLFSSL_SHA_CTX* sha)
+{
+    WOLFSSL_ENTER("SHA1_Final");
+
+    return SHA_Final(output, sha);
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-1 transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha   SHA context object.
+ * @param [in, out] data  One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha or data is NULL.
+ */
+int wolfSSL_SHA1_Transform(WOLFSSL_SHA_CTX* sha, const unsigned char* data)
+{
+   WOLFSSL_ENTER("SHA1_Transform");
+
+   return wolfSSL_SHA_Transform(sha, data);
+}
+#endif
+#endif /* !NO_SHA */
+
+#ifndef NO_SHA256
+#ifdef WOLFSSL_SHA224
+/* Initialize SHA-224 hash operation.
+ *
+ * @param [in, out] sha224  SHA-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha224 is NULL.
+ */
+int wolfSSL_SHA224_Init(WOLFSSL_SHA224_CTX* sha224)
+{
+    /* Ensure WOLFSSL_SHA224_CTX is big enough for wolfCrypt wc_Sha224. */
+    typedef char sha_test[sizeof(SHA224_CTX) >= sizeof(wc_Sha224) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA224_Init");
+
+    /* Initialize wolfCrypt SHA-224 object. */
+    return wc_InitSha224((wc_Sha224*)sha224) == 0;
+}
+
+/* Update SHA-224 hash with data.
+ *
+ * @param [in, out] sha224  SHA-224 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha224 is NULL.
+ */
+int wolfSSL_SHA224_Update(WOLFSSL_SHA224_CTX* sha224, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA224_Update");
+
+    /* Update wolfCrypt SHA-224 object with data. */
+    return wc_Sha224Update((wc_Sha224*)sha224, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA-224 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @param [in, out] sha224  SHA-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha224 or output is NULL.
+ */
+int wolfSSL_SHA224_Final(byte* output, WOLFSSL_SHA224_CTX* sha224)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA224_Final");
+
+    /* Finalize wolfCrypt SHA-224 hash into output. */
+    ret = (wc_Sha224Final((wc_Sha224*)sha224, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA224_Free(). */
+    wc_Sha224Free((wc_Sha224*)sha224);
+
+    return ret;
+}
+
+#endif /* WOLFSSL_SHA224 */
+
+/* Initialize SHA-256 hash operation.
+ *
+ * @param [in, out] sha256  SHA-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha256 is NULL.
+ */
+int wolfSSL_SHA256_Init(WOLFSSL_SHA256_CTX* sha256)
+{
+    /* Ensure WOLFSSL_SHA256_CTX is big enough for wolfCrypt wc_Sha256. */
+    typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(wc_Sha256) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA256_Init");
+
+    /* Initialize wolfCrypt SHA-256 object. */
+    return wc_InitSha256((wc_Sha256*)sha256) == 0;
+}
+
+/* Update SHA-256 hash with data.
+ *
+ * @param [in, out] sha256  SHA-256 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha256 is NULL.
+ */
+int wolfSSL_SHA256_Update(WOLFSSL_SHA256_CTX* sha256, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA256_Update");
+
+    /* Update wolfCrypt SHA-256 object with data. */
+    return wc_Sha256Update((wc_Sha256*)sha256, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA-256 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @param [in, out] sha256  SHA-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha256 or output is NULL.
+ */
+int wolfSSL_SHA256_Final(byte* output, WOLFSSL_SHA256_CTX* sha256)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA256_Final");
+
+    /* Finalize wolfCrypt SHA-256 hash into output. */
+    ret = (wc_Sha256Final((wc_Sha256*)sha256, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA256_Free(). */
+    wc_Sha256Free((wc_Sha256*)sha256);
+
+    return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+    !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
+    !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
+/* Apply SHA-256 transformation to the data.
+ *
+ * 'data' has words reversed in this function when little endian.
+ *
+ * @param [in, out] sha256  SHA256 context object.
+ * @param [in, out] data    One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha256 or data is NULL.
+ */
+int wolfSSL_SHA256_Transform(WOLFSSL_SHA256_CTX* sha256,
+    const unsigned char* data)
+{
+    WOLFSSL_ENTER("SHA256_Transform");
+
+#if defined(LITTLE_ENDIAN_ORDER)
+    /* Byte reversal done outside transform. */
+    if ((sha256 != NULL) && (data != NULL)) {
+        ByteReverseWords((word32*)data, (word32*)data, WC_SHA256_BLOCK_SIZE);
+    }
+#endif
+    /* Transform block of data with wolfCrypt SHA-256 object. */
+    return wc_Sha256Transform((wc_Sha256*)sha256, data) == 0;
+}
+#endif
+#endif /* !NO_SHA256 */
+
+#ifdef WOLFSSL_SHA384
+
+/* Initialize SHA-384 hash operation.
+ *
+ * @param [in, out] sha384  SHA-384 context object.
+ * @return  1 on success.
+ * @return  0 when sha384 is NULL.
+ */
+int wolfSSL_SHA384_Init(WOLFSSL_SHA384_CTX* sha384)
+{
+    /* Ensure WOLFSSL_SHA384_CTX is big enough for wolfCrypt wc_Sha384. */
+    typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(wc_Sha384) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA384_Init");
+
+    /* Initialize wolfCrypt SHA-384 object. */
+    return wc_InitSha384((wc_Sha384*)sha384) == 0;
+}
+
+/* Update SHA-384 hash with data.
+ *
+ * @param [in, out] sha384  SHA-384 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha384 is NULL.
+ */
+int wolfSSL_SHA384_Update(WOLFSSL_SHA384_CTX* sha384, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA384_Update");
+
+    /* Update wolfCrypt SHA-384 object with data. */
+    return wc_Sha384Update((wc_Sha384*)sha384, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA-384 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA384_DIGEST_SIZE bytes.
+ * @param [in, out] sha384  SHA-384 context object.
+ * @return  1 on success.
+ * @return  0 when sha384 or output is NULL.
+ */
+int wolfSSL_SHA384_Final(byte* output, WOLFSSL_SHA384_CTX* sha384)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA384_Final");
+
+    /* Finalize wolfCrypt SHA-384 hash into output. */
+    ret = (wc_Sha384Final((wc_Sha384*)sha384, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA384_Free(). */
+    wc_Sha384Free((wc_Sha384*)sha384);
+
+    return ret;
+}
+#endif /* WOLFSSL_SHA384 */
+
+#ifdef WOLFSSL_SHA512
+/* Initialize SHA-512 hash operation.
+ *
+ * @param [in, out] sha512  SHA-512 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_Init(WOLFSSL_SHA512_CTX* sha512)
+{
+    /* Ensure WOLFSSL_SHA512_CTX is big enough for wolfCrypt wc_Sha512. */
+    typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(wc_Sha512) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA512_Init");
+
+    /* Initialize wolfCrypt SHA-512 object. */
+    return wc_InitSha512((wc_Sha512*)sha512) == 0;
+}
+
+/* Update SHA-512 hash with data.
+ *
+ * @param [in, out] sha512  SHA-512 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_Update(WOLFSSL_SHA512_CTX* sha512, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA512_Update");
+
+    /* Update wolfCrypt SHA-512 object with data. */
+    return wc_Sha512Update((wc_Sha512*)sha512, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA-512 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA512_DIGEST_SIZE bytes.
+ * @param [in, out] sha512  SHA-512 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_Final(byte* output, WOLFSSL_SHA512_CTX* sha512)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA512_Final");
+
+    /* Finalize wolfCrypt SHA-512 hash into output. */
+    ret = (wc_Sha512Final((wc_Sha512*)sha512, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA512_Free(). */
+    wc_Sha512Free((wc_Sha512*)sha512);
+
+    return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+    !defined(WOLFSSL_KCAPI_HASH) /* doesn't support direct transform */
+/* Apply SHA-512 transformation to the data.
+ *
+ * @param [in, out] sha512  SHA512 context object.
+ * @param [in]      data    One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_Transform(WOLFSSL_SHA512_CTX* sha512,
+    const unsigned char* data)
+{
+    WOLFSSL_ENTER("SHA512_Transform");
+
+    /* Transform block of data with wolfCrypt SHA-512 object. */
+    return wc_Sha512Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+          (HAVE_FIPS_VERSION > 2)) && !WOLFSSL_KCAPI_HASH */
+
+#if !defined(WOLFSSL_NOSHA512_224) && \
+   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+/* Initialize SHA-512-224 hash operation.
+ *
+ * @param [in, out] sha512  SHA-512-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_224_Init(WOLFSSL_SHA512_224_CTX* sha512)
+{
+    WOLFSSL_ENTER("SHA512_224_Init");
+
+    /* Initialize wolfCrypt SHA-512-224 object. */
+    return wc_InitSha512_224((wc_Sha512*)sha512) == 0;
+}
+
+/* Update SHA-512-224 hash with data.
+ *
+ * @param [in, out] sha512  SHA-512-224 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_224_Update(WOLFSSL_SHA512_224_CTX* sha512, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA512_224_Update");
+
+    /* Update wolfCrypt SHA-512-224 object with data. */
+    return wc_Sha512_224Update((wc_Sha512*)sha512, (const byte*)input,
+        (word32)sz) == 0;
+}
+
+/* Finalize SHA-512-224 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @param [in, out] sha512  SHA-512-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_224_Final(byte* output, WOLFSSL_SHA512_224_CTX* sha512)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA512_224_Final");
+
+    /* Finalize wolfCrypt SHA-512-224 hash into output. */
+    ret = (wc_Sha512_224Final((wc_Sha512*)sha512, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA512_224_Free(). */
+    wc_Sha512_224Free((wc_Sha512*)sha512);
+
+    return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-512-224 transformation to the data.
+ *
+ * @param [in, out] sha512  SHA512 context object.
+ * @param [in]      data    One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_224_Transform(WOLFSSL_SHA512_CTX* sha512,
+    const unsigned char* data)
+{
+    WOLFSSL_ENTER("SHA512_224_Transform");
+
+    /* Transform block of data with wolfCrypt SHA-512-224 object. */
+    return wc_Sha512_224Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+          (HAVE_FIPS_VERSION > 2)) */
+
+#endif /* !WOLFSSL_NOSHA512_224 && !FIPS ... */
+
+#if !defined(WOLFSSL_NOSHA512_256) && \
+   (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+/* Initialize SHA-512-256 hash operation.
+ *
+ * @param [in, out] sha512  SHA-512-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_256_Init(WOLFSSL_SHA512_256_CTX* sha)
+{
+    WOLFSSL_ENTER("SHA512_256_Init");
+
+    /* Initialize wolfCrypt SHA-512-256 object. */
+    return wc_InitSha512_256((wc_Sha512*)sha) == 0;
+}
+
+/* Update SHA-512-256 hash with data.
+ *
+ * @param [in, out] sha512  SHA-512-256 context object.
+ * @param [in]      input   Data to be hashed.
+ * @param [in]      sz      Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha512 is NULL.
+ */
+int wolfSSL_SHA512_256_Update(WOLFSSL_SHA512_256_CTX* sha512, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA512_256_Update");
+
+    /* Update wolfCrypt SHA-512-256 object with data. */
+    return wc_Sha512_256Update((wc_Sha512*)sha512, (const byte*)input,
+        (word32)sz) == 0;
+}
+
+/* Finalize SHA-512-256 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @param [in, out] sha512  SHA-512-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha512 or output is NULL.
+ */
+int wolfSSL_SHA512_256_Final(byte* output, WOLFSSL_SHA512_256_CTX* sha512)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA512_256_Final");
+
+    /* Finalize wolfCrypt SHA-512-256 hash into output. */
+    ret = (wc_Sha512_256Final((wc_Sha512*)sha512, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA512_256_Free(). */
+    wc_Sha512_224Free((wc_Sha512*)sha512);
+
+    return ret;
+}
+
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+/* Apply SHA-512-256 transformation to the data.
+ *
+ * @param [in, out] sha512  SHA512 context object.
+ * @param [in]      data    One block of data to be hashed.
+ * @return  1 on success.
+ * @return  0 when sha512 or data is NULL.
+ */
+int wolfSSL_SHA512_256_Transform(WOLFSSL_SHA512_CTX* sha512,
+    const unsigned char* data)
+{
+    WOLFSSL_ENTER("SHA512_256_Transform");
+
+    /* Transform block of data with wolfCrypt SHA-512-256 object. */
+    return wc_Sha512_256Transform((wc_Sha512*)sha512, data) == 0;
+}
+#endif /* !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+          (HAVE_FIPS_VERSION > 2)) */
+#endif /* !WOLFSSL_NOSHA512_256 && !FIPS ... */
+#endif /* WOLFSSL_SHA512 */
+
+#ifdef WOLFSSL_SHA3
+#ifndef WOLFSSL_NOSHA3_224
+/* Initialize SHA3-224 hash operation.
+ *
+ * @param [in, out] sha3_224  SHA3-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha3_224 is NULL.
+ */
+int wolfSSL_SHA3_224_Init(WOLFSSL_SHA3_224_CTX* sha3_224)
+{
+    /* Ensure WOLFSSL_SHA3_224_CTX is big enough for wolfCrypt wc_Sha3. */
+    typedef char sha_test[sizeof(SHA3_224_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA3_224_Init");
+
+    /* Initialize wolfCrypt SHA3-224 object. */
+    return wc_InitSha3_224((wc_Sha3*)sha3_224, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-224 hash with data.
+ *
+ * @param [in, out] sha3   SHA3-224 context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_224_Update(WOLFSSL_SHA3_224_CTX* sha3, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA3_224_Update");
+
+    /* Update wolfCrypt SHA3-224 object with data. */
+    return wc_Sha3_224_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA3-224 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA3_224_DIGEST_SIZE bytes.
+ * @param [in, out] sha3    SHA3-224 context object.
+ * @return  1 on success.
+ * @return  0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_224_Final(byte* output, WOLFSSL_SHA3_224_CTX* sha3)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA3_224_Final");
+
+    /* Finalize wolfCrypt SHA3-224 hash into output. */
+    ret = (wc_Sha3_224_Final((wc_Sha3*)sha3, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA3_224_Free(). */
+    wc_Sha3_224_Free((wc_Sha3*)sha3);
+
+    return ret;
+}
+#endif /* WOLFSSL_NOSHA3_224 */
+
+#ifndef WOLFSSL_NOSHA3_256
+/* Initialize SHA3-256 hash operation.
+ *
+ * @param [in, out] sha3_256  SHA3-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha3_256 is NULL.
+ */
+int wolfSSL_SHA3_256_Init(WOLFSSL_SHA3_256_CTX* sha3_256)
+{
+    /* Ensure WOLFSSL_SHA3_256_CTX is big enough for wolfCrypt wc_Sha3. */
+    typedef char sha_test[sizeof(SHA3_256_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA3_256_Init");
+
+    /* Initialize wolfCrypt SHA3-256 object. */
+    return wc_InitSha3_256((wc_Sha3*)sha3_256, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-256 hash with data.
+ *
+ * @param [in, out] sha3   SHA3-256 context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_256_Update(WOLFSSL_SHA3_256_CTX* sha3, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA3_256_Update");
+
+    /* Update wolfCrypt SHA3-256 object with data. */
+    return wc_Sha3_256_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA3-256 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA3_256_DIGEST_SIZE bytes.
+ * @param [in, out] sha3    SHA3-256 context object.
+ * @return  1 on success.
+ * @return  0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_256_Final(byte* output, WOLFSSL_SHA3_256_CTX* sha3)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA3_256_Final");
+
+    /* Finalize wolfCrypt SHA3-256 hash into output. */
+    ret = (wc_Sha3_256_Final((wc_Sha3*)sha3, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA3_256_Free(). */
+    wc_Sha3_256_Free((wc_Sha3*)sha3);
+
+    return ret;
+}
+#endif /* WOLFSSL_NOSHA3_256 */
+
+#ifndef WOLFSSL_NOSHA3_384
+/* Initialize SHA3-384 hash operation.
+ *
+ * @param [in, out] sha3_384  SHA3-384 context object.
+ * @return  1 on success.
+ * @return  0 when sha3_384 is NULL.
+ */
+int wolfSSL_SHA3_384_Init(WOLFSSL_SHA3_384_CTX* sha3_384)
+{
+    /* Ensure WOLFSSL_SHA3_384_CTX is big enough for wolfCrypt wc_Sha3. */
+    typedef char sha_test[sizeof(SHA3_384_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA3_384_Init");
+
+    /* Initialize wolfCrypt SHA3-384 object. */
+    return wc_InitSha3_384((wc_Sha3*)sha3_384, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-384 hash with data.
+ *
+ * @param [in, out] sha3   SHA3-384 context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_384_Update(WOLFSSL_SHA3_384_CTX* sha3, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA3_384_Update");
+
+    /* Update wolfCrypt SHA3-384 object with data. */
+    return wc_Sha3_384_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA3-384 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA3_384_DIGEST_SIZE bytes.
+ * @param [in, out] sha3    SHA3-384 context object.
+ * @return  1 on success.
+ * @return  0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_384_Final(byte* output, WOLFSSL_SHA3_384_CTX* sha3)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA3_384_Final");
+
+    /* Finalize wolfCrypt SHA3-384 hash into output. */
+    ret = (wc_Sha3_384_Final((wc_Sha3*)sha3, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA3_384_Free(). */
+    wc_Sha3_384_Free((wc_Sha3*)sha3);
+
+    return ret;
+}
+#endif /* WOLFSSL_NOSHA3_384 */
+
+#ifndef WOLFSSL_NOSHA3_512
+/* Initialize SHA3-512 hash operation.
+ *
+ * @param [in, out] sha3_512  SHA3-512 context object.
+ * @return  1 on success.
+ * @return  0 when sha3_512 is NULL.
+ */
+int wolfSSL_SHA3_512_Init(WOLFSSL_SHA3_512_CTX* sha3_512)
+{
+    /* Ensure WOLFSSL_SHA3_512_CTX is big enough for wolfCrypt wc_Sha3. */
+    typedef char sha_test[sizeof(SHA3_512_CTX) >= sizeof(wc_Sha3) ? 1 : -1];
+    (void)sizeof(sha_test);
+
+    WOLFSSL_ENTER("SHA3_512_Init");
+
+    /* Initialize wolfCrypt SHA3-512 object. */
+    return wc_InitSha3_512((wc_Sha3*)sha3_512, NULL, INVALID_DEVID) == 0;
+}
+
+/* Update SHA3-512 hash with data.
+ *
+ * @param [in, out] sha3   SHA3-512 context object.
+ * @param [in]      input  Data to be hashed.
+ * @param [in]      sz     Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when sha3 is NULL.
+ */
+int wolfSSL_SHA3_512_Update(WOLFSSL_SHA3_512_CTX* sha3, const void* input,
+    unsigned long sz)
+{
+    WOLFSSL_ENTER("SHA3_512_Update");
+
+    /* Update wolfCrypt SHA3-512 object with data. */
+    return wc_Sha3_512_Update((wc_Sha3*)sha3, (const byte*)input, (word32)sz)
+        == 0;
+}
+
+/* Finalize SHA3-512 hash and return output.
+ *
+ * @param [out]     output  Hash output.
+ *                          Must be able to hold SHA3_512_DIGEST_SIZE bytes.
+ * @param [in, out] sha3    SHA3-512 context object.
+ * @return  1 on success.
+ * @return  0 when sha3 or output is NULL.
+ */
+int wolfSSL_SHA3_512_Final(byte* output, WOLFSSL_SHA3_512_CTX* sha3)
+{
+    int ret;
+
+    WOLFSSL_ENTER("SHA3_512_Final");
+
+    /* Finalize wolfCrypt SHA3-512 hash into output. */
+    ret = (wc_Sha3_512_Final((wc_Sha3*)sha3, output) == 0);
+    /* Free resources here, as OpenSSL API doesn't include SHA3_512_Free(). */
+    wc_Sha3_512_Free((wc_Sha3*)sha3);
+
+    return ret;
+}
+#endif /* WOLFSSL_NOSHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+#endif /* OPENSSL_EXTRA || HAVE_CURL */
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_LIGHTY) || \
+    defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(HAVE_STUNNEL) || \
+    defined(WOLFSSL_NGINX) || defined(HAVE_POCO_LIB) || \
+    defined(WOLFSSL_HAPROXY)
+
+#ifndef NO_SHA
+/* One shot SHA1 hash of data.
+ *
+ * When hash is null, a static buffer of SHA_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Size of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold SHA_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA1(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static byte dgst[WC_SHA_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sha* sha;
+#else
+    wc_Sha sha[1];
+#endif
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SHA1");
+
+    /* Use static buffer if none passed in. */
+    if (hash == NULL) {
+        WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA1 IS NOT "
+                    "THREAD SAFE WHEN hash == NULL");
+        hash = dgst;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate dynamic memory for a wolfSSL SHA object. */
+    sha = (wc_Sha*)XMALLOC(sizeof(wc_Sha), NULL, DYNAMIC_TYPE_DIGEST);
+    if (sha == NULL) {
+        ret = MEMORY_E;
+    }
+#endif
+
+    if (ret == 0) {
+        /* Initialize wolfCrypt SHA object. */
+        ret = wc_InitSha_ex(sha, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA1 Init failed");
+            hash = NULL;
+        }
+    }
+    if (ret == 0) {
+        /* Update wolfCrypt SHA object with data. */
+        ret = wc_ShaUpdate(sha, (const byte*)data, (word32)len);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA1 Update failed");
+            hash = NULL;
+        }
+
+        if (ret == 0) {
+            /* Finalize wolfCrypt SHA hash into hash. */
+            ret = wc_ShaFinal(sha, hash);
+            if (ret != 0) {
+                WOLFSSL_MSG("SHA1 Final failed");
+                hash = NULL;
+            }
+        }
+        /* Dispose of dynamic memory associated with SHA object. */
+        wc_ShaFree(sha);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL SHA object. */
+    XFREE(sha, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+    return hash;
+}
+#endif /* ! NO_SHA */
+
+#ifdef WOLFSSL_SHA224
+/* One shot SHA-224 hash of data.
+ *
+ * When hash is null, a static buffer of SHA224_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Size of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold SHA224_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA224(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static byte dgst[WC_SHA224_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sha224* sha224;
+#else
+    wc_Sha224 sha224[1];
+#endif
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SHA224");
+
+    /* Use static buffer if none passed in. */
+    if (hash == NULL) {
+        WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA224 IS NOT "
+                    "THREAD SAFE WHEN hash == NULL");
+        hash = dgst;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate dynamic memory for a wolfSSL SHA-224 object. */
+    sha224 = (wc_Sha224*)XMALLOC(sizeof(wc_Sha224), NULL, DYNAMIC_TYPE_DIGEST);
+    if (sha224 == NULL) {
+        ret = MEMORY_E;
+    }
+#endif
+
+    if (ret == 0) {
+        /* Initialize wolfCrypt SHA224 object. */
+        ret = wc_InitSha224_ex(sha224, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA224 Init failed");
+            hash = NULL;
+        }
+    }
+    if (ret == 0) {
+        /* Update wolfCrypt SHA-224 object with data. */
+        ret = wc_Sha224Update(sha224, (const byte*)data, (word32)len);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA224 Update failed");
+            hash = NULL;
+        }
+
+        if (ret == 0) {
+            /* Finalize wolfCrypt SHA-224 hash into hash. */
+            ret = wc_Sha224Final(sha224, hash);
+            if (ret != 0) {
+                WOLFSSL_MSG("SHA224 Final failed");
+                hash = NULL;
+            }
+        }
+        /* Dispose of dynamic memory associated with SHA-224 object. */
+        wc_Sha224Free(sha224);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL SHA-224 object. */
+    XFREE(sha224, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+    return hash;
+}
+#endif
+
+#ifndef NO_SHA256
+/* One shot SHA-256 hash of data.
+ *
+ * When hash is null, a static buffer of SHA256_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Size of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold SHA256_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA256(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static byte dgst[WC_SHA256_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sha256* sha256;
+#else
+    wc_Sha256 sha256[1];
+#endif
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SHA256");
+
+    /* Use static buffer if none passed in. */
+    if (hash == NULL) {
+        WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA256 IS NOT "
+                    "THREAD SAFE WHEN hash == NULL");
+        hash = dgst;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate dynamic memory for a wolfSSL SHA-256 object. */
+    sha256 = (wc_Sha256*)XMALLOC(sizeof(wc_Sha256), NULL, DYNAMIC_TYPE_DIGEST);
+    if (sha256 == NULL) {
+        ret = MEMORY_E;
+    }
+#endif
+
+    if (ret == 0) {
+        /* Initialize wolfCrypt SHA256 object. */
+        ret = wc_InitSha256_ex(sha256, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA256 Init failed");
+            hash = NULL;
+        }
+    }
+    if (ret == 0) {
+        /* Update wolfCrypt SHA-256 object with data. */
+        ret = wc_Sha256Update(sha256, (const byte*)data, (word32)len);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA256 Update failed");
+            hash = NULL;
+        }
+
+        if (ret == 0) {
+            /* Finalize wolfCrypt SHA-256 hash into hash. */
+            ret = wc_Sha256Final(sha256, hash);
+            if (ret != 0) {
+                WOLFSSL_MSG("SHA256 Final failed");
+                hash = NULL;
+            }
+        }
+        /* Dispose of dynamic memory associated with SHA-256 object. */
+        wc_Sha256Free(sha256);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL SHA object. */
+    XFREE(sha256, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+    return hash;
+}
+#endif /* ! NO_SHA256 */
+
+#ifdef WOLFSSL_SHA384
+/* One shot SHA-384 hash of data.
+ *
+ * When hash is null, a static buffer of SHA384_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Size of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold SHA384_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA384(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static byte dgst[WC_SHA384_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sha384* sha384;
+#else
+    wc_Sha384 sha384[1];
+#endif
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SHA384");
+
+    /* Use static buffer if none passed in. */
+    if (hash == NULL) {
+        WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA384 IS NOT "
+                    "THREAD SAFE WHEN hash == NULL");
+        hash = dgst;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate dynamic memory for a wolfSSL SHA-384 object. */
+    sha384 = (wc_Sha384*)XMALLOC(sizeof(wc_Sha384), NULL, DYNAMIC_TYPE_DIGEST);
+    if (sha384 == NULL) {
+        ret = MEMORY_E;
+    }
+#endif
+
+    if (ret == 0) {
+        /* Initialize wolfCrypt SHA384 object. */
+        ret = wc_InitSha384_ex(sha384, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA384 Init failed");
+            hash = NULL;
+        }
+    }
+    if (ret == 0) {
+        /* Update wolfCrypt SHA-384 object with data. */
+        ret = wc_Sha384Update(sha384, (const byte*)data, (word32)len);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA384 Update failed");
+            hash = NULL;
+        }
+
+        if (ret == 0) {
+            /* Finalize wolfCrypt SHA-384 hash into hash. */
+            ret = wc_Sha384Final(sha384, hash);
+            if (ret != 0) {
+                WOLFSSL_MSG("SHA384 Final failed");
+                hash = NULL;
+            }
+        }
+        /* Dispose of dynamic memory associated with SHA-384 object. */
+        wc_Sha384Free(sha384);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL SHA-384 object. */
+    XFREE(sha384, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+    return hash;
+}
+#endif /* WOLFSSL_SHA384  */
+
+#if defined(WOLFSSL_SHA512)
+/* One shot SHA-512 hash of data.
+ *
+ * When hash is null, a static buffer of SHA512_DIGEST_SIZE is used.
+ * When the static buffer is used this function is not thread safe.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Size of data in bytes.
+ * @param [out] hash  Buffer to hold digest. May be NULL.
+ *                    Must be able to hold SHA512_DIGEST_SIZE bytes.
+ * @return  Buffer holding hash on success.
+ * @return  NULL when hashing fails.
+ */
+unsigned char* wolfSSL_SHA512(const unsigned char* data, size_t len,
+    unsigned char* hash)
+{
+    /* Buffer to use when hash is NULL. */
+    static byte dgst[WC_SHA512_DIGEST_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    wc_Sha512* sha512;
+#else
+    wc_Sha512 sha512[1];
+#endif
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_SHA512");
+
+    /* Use static buffer if none passed in. */
+    if (hash == NULL) {
+        WOLFSSL_MSG("STATIC BUFFER BEING USED. wolfSSL_SHA512 IS NOT "
+                    "THREAD SAFE WHEN hash == NULL");
+        hash = dgst;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Allocate dynamic memory for a wolfSSL SHA-512 object. */
+    sha512 = (wc_Sha512*)XMALLOC(sizeof(wc_Sha512), NULL, DYNAMIC_TYPE_DIGEST);
+    if (sha512 == NULL) {
+        ret = MEMORY_E;
+    }
+#endif
+
+    if (ret == 0) {
+        /* Initialize wolfCrypt SHA512 object. */
+        ret = wc_InitSha512_ex(sha512, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA512 Init failed");
+            hash = NULL;
+        }
+    }
+    if (ret == 0) {
+        /* Update wolfCrypt SHA-512 object with data. */
+        ret = wc_Sha512Update(sha512, (const byte*)data, (word32)len);
+        if (ret != 0) {
+            WOLFSSL_MSG("SHA512 Update failed");
+            hash = NULL;
+        }
+
+        if (ret == 0) {
+            /* Finalize wolfCrypt SHA-512 hash into hash. */
+            ret = wc_Sha512Final(sha512, hash);
+            if (ret != 0) {
+                WOLFSSL_MSG("SHA512 Final failed");
+                hash = NULL;
+            }
+        }
+        /* Dispose of dynamic memory associated with SHA-512 object. */
+        wc_Sha512Free(sha512);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL SHA-512 object. */
+    XFREE(sha512, NULL, DYNAMIC_TYPE_DIGEST);
+#endif
+    return hash;
+}
+#endif /* WOLFSSL_SHA512 */
+#endif /* OPENSSL_EXTRA || HAVE_LIGHTY || WOLFSSL_MYSQL_COMPATIBLE ||
+        * HAVE_STUNNEL || WOLFSSL_NGINX || HAVE_POCO_LIB || WOLFSSL_HAPROXY */
+
+/*******************************************************************************
+ * END OF Digest APIs
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF HMAC API
+ ******************************************************************************/
+
+/* _Internal Hmac object initialization. */
+#define _HMAC_Init _InitHmac
+
+#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
+
+/*
+ * Helper Functions
+ */
+
+/* Copy a wolfSSL HMAC object.
+ *
+ * Requires that hash structures have no dynamic parts to them.
+ *
+ * @param [out] dst  Copy into this object.
+ * @param [in]  src  Copy from this object.
+ * @return  1 on success.
+ * @return  0 on failure.
+ */
+int wolfSSL_HmacCopy(Hmac* dst, Hmac* src)
+{
+    void* heap;
+    int ret = 1;
+
+#ifndef HAVE_FIPS
+    heap = src->heap;
+#else
+    heap = NULL;
+#endif
+
+    /* Initialize the destination object to reset state. */
+    if (wc_HmacInit(dst, heap, 0) != 0) {
+        ret = 0;
+    }
+
+    if (ret == 1) {
+        int rc;
+
+        /* Copy the digest object based on the MAC type. */
+        switch (src->macType) {
+    #ifndef NO_MD5
+        case WC_MD5:
+            rc = wc_Md5Copy(&src->hash.md5, &dst->hash.md5);
+            break;
+    #endif /* !NO_MD5 */
+
+    #ifndef NO_SHA
+        case WC_SHA:
+            rc = wc_ShaCopy(&src->hash.sha, &dst->hash.sha);
+            break;
+    #endif /* !NO_SHA */
+
+    #ifdef WOLFSSL_SHA224
+        case WC_SHA224:
+            rc = wc_Sha224Copy(&src->hash.sha224, &dst->hash.sha224);
+            break;
+    #endif /* WOLFSSL_SHA224 */
+
+    #ifndef NO_SHA256
+        case WC_SHA256:
+            rc = wc_Sha256Copy(&src->hash.sha256, &dst->hash.sha256);
+            break;
+    #endif /* !NO_SHA256 */
+
+    #ifdef WOLFSSL_SHA384
+        case WC_SHA384:
+            rc = wc_Sha384Copy(&src->hash.sha384, &dst->hash.sha384);
+            break;
+    #endif /* WOLFSSL_SHA384 */
+    #ifdef WOLFSSL_SHA512
+        case WC_SHA512:
+            rc = wc_Sha512Copy(&src->hash.sha512, &dst->hash.sha512);
+            break;
+    #endif /* WOLFSSL_SHA512 */
+#ifdef WOLFSSL_SHA3
+    #ifndef WOLFSSL_NOSHA3_224
+        case WC_SHA3_224:
+            rc = wc_Sha3_224_Copy(&src->hash.sha3, &dst->hash.sha3);
+            break;
+    #endif /* WOLFSSL_NO_SHA3_224 */
+    #ifndef WOLFSSL_NOSHA3_256
+        case WC_SHA3_256:
+            rc = wc_Sha3_256_Copy(&src->hash.sha3, &dst->hash.sha3);
+            break;
+    #endif /* WOLFSSL_NO_SHA3_256 */
+    #ifndef WOLFSSL_NOSHA3_384
+        case WC_SHA3_384:
+            rc = wc_Sha3_384_Copy(&src->hash.sha3, &dst->hash.sha3);
+            break;
+    #endif /* WOLFSSL_NO_SHA3_384 */
+    #ifndef WOLFSSL_NOSHA3_512
+        case WC_SHA3_512:
+            rc = wc_Sha3_512_Copy(&src->hash.sha3, &dst->hash.sha3);
+            break;
+    #endif /* WOLFSSL_NO_SHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+
+        default:
+            /* Digest algorithm not supported. */
+            rc = BAD_FUNC_ARG;
+        }
+
+        /* Check result of digest object copy. */
+        if (rc != 0) {
+            ret = 0;
+        }
+    }
+
+    if (ret == 1) {
+        /* Copy the pads which are derived from the key. */
+        XMEMCPY((byte*)dst->ipad, (byte*)src->ipad, WC_HMAC_BLOCK_SIZE);
+        XMEMCPY((byte*)dst->opad, (byte*)src->opad, WC_HMAC_BLOCK_SIZE);
+        /* Copy the inner hash that is the current state. */
+        XMEMCPY((byte*)dst->innerHash, (byte*)src->innerHash,
+            WC_MAX_DIGEST_SIZE);
+        /* Copy other fields. */
+    #ifndef HAVE_FIPS
+        dst->heap    = heap;
+    #endif
+        dst->macType = src->macType;
+        dst->innerHashKeyed = src->innerHashKeyed;
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+        XMEMCPY(&dst->asyncDev, &src->asyncDev, sizeof(WC_ASYNC_DEV));
+        dst->keyLen = src->keyLen;
+    #ifdef HAVE_CAVIUM
+        /* Copy the dynamic data. */
+        dst->data = (byte*)XMALLOC(src->dataLen, dst->heap, DYNAMIC_TYPE_HMAC);
+        if (dst->data == NULL) {
+            ret = BUFFER_E;
+        }
+        else {
+            XMEMCPY(dst->data, src->data, src->dataLen);
+            dst->dataLen = src->dataLen;
+       }
+    #endif /* HAVE_CAVIUM */
+#endif /* WOLFSSL_ASYNC_CRYPT */
+    }
+
+    return ret;
+}
+
+
+/*
+ * wolfSSL_HMAC_CTX APIs.
+ */
+
+/* Allocate a new HMAC context object and initialize.
+ *
+ * @return  A cleared HMAC context object on success.
+ * @return  NULL on failure.
+ */
+WOLFSSL_HMAC_CTX* wolfSSL_HMAC_CTX_new(void)
+{
+    WOLFSSL_HMAC_CTX* hmac_ctx;
+
+    /* Allocate dynamic memory for HMAC context object. */
+    hmac_ctx = (WOLFSSL_HMAC_CTX*)XMALLOC(sizeof(WOLFSSL_HMAC_CTX), NULL,
+        DYNAMIC_TYPE_OPENSSL);
+    if (hmac_ctx != NULL) {
+        /* Initialize HMAC context object. */
+        wolfSSL_HMAC_CTX_Init(hmac_ctx);
+    }
+
+    return hmac_ctx;
+}
+
+/* Initialize a HMAC context object.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx  HMAC context object.
+ * @return  1 indicating success.
+ */
+int wolfSSL_HMAC_CTX_Init(WOLFSSL_HMAC_CTX* ctx)
+{
+    WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init");
+
+    if (ctx != NULL) {
+        /* Clear all fields. */
+        XMEMSET(ctx, 0, sizeof(WOLFSSL_HMAC_CTX));
+        /* type field is 0 == WC_HASH_TYPE_NONE. */
+        /* TODO: for FIPS and selftest 0 == WC_HASH_TYPE_MD5 instead. */
+    }
+
+    return 1;
+}
+
+/* Deep copy of information from one HMAC context object to another.
+ *
+ * @param [out] dst  Copy into this object.
+ * @param [in]  src  Copy from this object.
+ * @return  1 on success.
+ * @return  0 on failure.
+ */
+int wolfSSL_HMAC_CTX_copy(WOLFSSL_HMAC_CTX* dst, WOLFSSL_HMAC_CTX* src)
+{
+    int ret = 1;
+
+    WOLFSSL_ENTER("wolfSSL_HMAC_CTX_copy");
+
+    /* Validate parameters. */
+    if ((dst == NULL) || (src == NULL)) {
+        ret = 0;
+    }
+
+    if (ret == 1) {
+        /* Copy hash type. */
+        dst->type = src->type;
+        /* Move pads derived from key into save space. */
+        XMEMCPY((byte *)&dst->save_ipad, (byte *)&src->hmac.ipad,
+            WC_HMAC_BLOCK_SIZE);
+        XMEMCPY((byte *)&dst->save_opad, (byte *)&src->hmac.opad,
+            WC_HMAC_BLOCK_SIZE);
+        /* Copy the wolfSSL Hmac ocbject. */
+        ret = wolfSSL_HmacCopy(&dst->hmac, &src->hmac);
+    }
+
+    return ret;
+}
+
+/* Cleanup internal state of HMAC context object.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx  HMAC context object.
+ */
+void wolfSSL_HMAC_CTX_cleanup(WOLFSSL_HMAC_CTX* ctx)
+{
+    if (ctx != NULL) {
+        /* Cleanup HMAC operation data. */
+        wolfSSL_HMAC_cleanup(ctx);
+    }
+}
+
+/* Free HMAC context object.
+ *
+ * ctx is deallocated and can no longer be used after this call.
+ *
+ * @param [in] ctx  HMAC context object.
+ */
+void wolfSSL_HMAC_CTX_free(WOLFSSL_HMAC_CTX* ctx)
+{
+    if (ctx != NULL) {
+        /* Cleanup HMAC context object, including freeing dynamic data. */
+        wolfSSL_HMAC_CTX_cleanup(ctx);
+        /* Dispose of the memory for the HMAC context object. */
+        XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+    }
+}
+
+/* Get the EVP digest of the HMAC context.
+ *
+ * @param [in] ctx  HMAC context object.
+ * @return  EVP digest object.
+ * @return  NULL when ctx is NULL or EVP digest not set.
+ */
+const WOLFSSL_EVP_MD* wolfSSL_HMAC_CTX_get_md(const WOLFSSL_HMAC_CTX* ctx)
+{
+    const WOLFSSL_EVP_MD* ret = NULL;
+
+    if (ctx != NULL) {
+        /* Get EVP digest based on digest type. */
+        ret = wolfSSL_macType2EVP_md((enum wc_HashType)ctx->type);
+    }
+
+    return ret;
+}
+
+/*
+ * wolfSSL_HMAC APIs.
+ */
+
+/* Initialize the HMAC operation.
+ *
+ * @param [in, out] ctx    HMAC context object.
+ * @param [in]      key    Array of bytes representing key.
+ *                         May be NULL indicating to use the same key as
+ *                         previously.
+ * @param [in]      keySz  Number of bytes in key.
+ *                         0+ in non-FIPS, 14+ in FIPS.
+ * @param [in]      type   EVP digest indicate digest type.
+ *                         May be NULL if initialized previously.
+ * @param [in]      e      wolfSSL engine. Ignored.
+ * @return  1 on success.
+ * @return  0 on failure.
+ */
+int wolfSSL_HMAC_Init_ex(WOLFSSL_HMAC_CTX* ctx, const void* key, int keySz,
+    const EVP_MD* type, WOLFSSL_ENGINE* e)
+{
+    WOLFSSL_ENTER("wolfSSL_HMAC_Init_ex");
+
+    /* WOLFSSL_ENGINE not used, call wolfSSL_HMAC_Init */
+    (void)e;
+
+    return wolfSSL_HMAC_Init(ctx, key, keySz, type);
+}
+
+/* Initialize the HMAC operation.
+ *
+ * @param [in, out] ctx    HMAC context object.
+ * @param [in]      key    Array of bytes representing key.
+ *                         May be NULL indicating to use the same key as
+ *                         previously.
+ * @param [in]      keySz  Number of bytes in key.
+ *                         0+ in non-FIPS, 14+ in FIPS.
+ * @param [in]      type   EVP digest indicate digest type.
+ *                         May be NULL if initialized previously.
+ * @return  1 on success.
+ * @return  0 on failure.
+ */
+int wolfSSL_HMAC_Init(WOLFSSL_HMAC_CTX* ctx, const void* key, int keylen,
+    const EVP_MD* type)
+{
+    int ret = 1;
+    void* heap = NULL;
+    int rc;
+
+    WOLFSSL_MSG("wolfSSL_HMAC_Init");
+
+    /* Validate parameters. */
+    if (ctx == NULL) {
+        WOLFSSL_MSG("no ctx on init");
+        ret = 0;
+    }
+    /* Digest type must have been previously set if not specified. */
+    if ((ret == 1) && (type == NULL) && (ctx->type == (int)WC_HASH_TYPE_NONE)) {
+        WOLFSSL_MSG("no hash type");
+        ret = 0;
+    }
+    /* wolfSSL HMAC object must have been setup with a key if not specified. */
+    if ((ret == 1) && (key == NULL) &&
+            (ctx->hmac.macType == (int)WC_HASH_TYPE_NONE)) {
+        WOLFSSL_MSG("wolfCrypt hash not setup");
+        ret = 0;
+    }
+
+    if (ret == 1) {
+    #ifndef HAVE_FIPS
+        heap = ctx->hmac.heap;
+    #endif
+
+        if (type != NULL) {
+            WOLFSSL_MSG("init has type");
+            /* Get the digest type based on EVP digest. */
+            if (wolfssl_evp_md_to_hash_type(type, &ctx->type) != 0) {
+                WOLFSSL_MSG("bad init type");
+                ret = 0;
+            }
+        }
+    }
+
+    if (ret == 1) {
+        /* Check if init has been called before */
+        int inited = (ctx->hmac.macType != WC_HASH_TYPE_NONE);
+        /* Free if wolfSSL HMAC object when initialized. */
+        if (inited) {
+            wc_HmacFree(&ctx->hmac);
+        }
+        /* Initialize wolfSSL HMAC object for new HMAC operation. */
+        rc = wc_HmacInit(&ctx->hmac, NULL, INVALID_DEVID);
+        if (rc != 0) {
+            ret = 0;
+        }
+    }
+    if ((ret == 1) && (key != NULL)) {
+        /* Set the key into wolfSSL HMAC object. */
+        rc = wc_HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key,
+            (word32)keylen);
+        if (rc != 0) {
+            /* in FIPS mode a key < 14 characters will fail here */
+            WOLFSSL_MSG("hmac set key error");
+            WOLFSSL_ERROR(rc);
+            wc_HmacFree(&ctx->hmac);
+            ret = 0;
+        }
+        if (ret == 1) {
+            /* Save the pads which are derived from the key. Used to re-init. */
+            XMEMCPY((byte *)&ctx->save_ipad, (byte *)&ctx->hmac.ipad,
+                WC_HMAC_BLOCK_SIZE);
+            XMEMCPY((byte *)&ctx->save_opad, (byte *)&ctx->hmac.opad,
+                WC_HMAC_BLOCK_SIZE);
+        }
+    }
+    else if (ret == 1) {
+        WOLFSSL_MSG("recover hmac");
+        /* Set state of wolfSSL HMAC object. */
+        ctx->hmac.macType = (byte)ctx->type;
+        ctx->hmac.innerHashKeyed = 0;
+        /* Restore key by copying in saved pads. */
+        XMEMCPY((byte *)&ctx->hmac.ipad, (byte *)&ctx->save_ipad,
+            WC_HMAC_BLOCK_SIZE);
+        XMEMCPY((byte *)&ctx->hmac.opad, (byte *)&ctx->save_opad,
+            WC_HMAC_BLOCK_SIZE);
+        /* Initialize the wolfSSL HMAC object. */
+        rc = _HMAC_Init(&ctx->hmac, ctx->hmac.macType, heap);
+        if (rc != 0) {
+            WOLFSSL_MSG("hmac init error");
+            WOLFSSL_ERROR(rc);
+            ret = 0;
+        }
+    }
+
+    return ret;
+}
+
+/* Update the HMAC operation with more data.
+ *
+ * TODO: 'len' should be a signed type.
+ *
+ * @param [in, out] ctx   HMAC context object.
+ * @param [in]      data  Array of byted to MAC. May be NULL.
+ * @param [in]      len   Number of bytes to MAC. May be 0.
+ * @return  1 on success.
+ * @return  0 when ctx is NULL or HMAC update fails.
+ */
+int wolfSSL_HMAC_Update(WOLFSSL_HMAC_CTX* ctx, const unsigned char* data,
+    int len)
+{
+    int ret = 1;
+
+    WOLFSSL_MSG("wolfSSL_HMAC_Update");
+
+    /* Validate parameters. */
+    if (ctx == NULL) {
+        WOLFSSL_MSG("no ctx");
+        ret = 0;
+    }
+
+    /* Update when there is data to add. */
+    if ((ret == 1) && (data != NULL) && (len > 0)) {
+        int rc;
+
+        WOLFSSL_MSG("updating hmac");
+        /* Update wolfSSL HMAC object. */
+        rc = wc_HmacUpdate(&ctx->hmac, data, (word32)len);
+        if (rc != 0){
+            WOLFSSL_MSG("hmac update error");
+            ret = 0;
+        }
+    }
+
+    return ret;
+}
+
+/* Finalize HMAC operation.
+ *
+ * @param [in, out] ctx   HMAC context object.
+ * @param [out]     hash  Buffer to hold HMAC result.
+ *                        Must be able to hold bytes equivalent to digest size.
+ * @param [out]     len   Length of HMAC result. May be NULL.
+ * @return  1 on success.
+ * @return  0 when ctx or hash is NULL.
+ * @return  0 when HMAC finalization fails.
+ */
+int wolfSSL_HMAC_Final(WOLFSSL_HMAC_CTX* ctx, unsigned char* hash,
+    unsigned int* len)
+{
+    int ret = 1;
+    int rc;
+
+    WOLFSSL_MSG("wolfSSL_HMAC_Final");
+
+    /* Validate parameters. */
+    if ((ctx == NULL) || (hash == NULL)) {
+        WOLFSSL_MSG("invalid parameter");
+        ret = 0;
+    }
+
+    if (ret == 1) {
+        WOLFSSL_MSG("final hmac");
+        /* Finalize wolfSSL HMAC object. */
+        rc = wc_HmacFinal(&ctx->hmac, hash);
+        if (rc != 0){
+            WOLFSSL_MSG("final hmac error");
+            ret = 0;
+        }
+    }
+    if ((ret == 1) && (len != NULL)) {
+        WOLFSSL_MSG("setting output len");
+        /* Get the length of the output based on digest type. */
+        *len = wolfssl_mac_len((unsigned char)ctx->type);
+    }
+
+    return ret;
+}
+
+
+/* Cleanup the HMAC operation.
+ *
+ * Not an OpenSSL compatibility API.
+ *
+ * @param [in, out] ctx  HMAC context object.
+ * @return  1 indicating success.
+ */
+int wolfSSL_HMAC_cleanup(WOLFSSL_HMAC_CTX* ctx)
+{
+    WOLFSSL_MSG("wolfSSL_HMAC_cleanup");
+
+    if (ctx != NULL) {
+        /* Free the dynamic data in the wolfSSL HMAC object. */
+        wc_HmacFree(&ctx->hmac);
+    }
+
+    return 1;
+}
+
+/* HMAC data using the specified EVP digest.
+ *
+ * @param [in]  evp_md  EVP digest.
+ * @param [in]  key     Array of bytes representing key.
+ * @param [in]  keySz   Number of bytes in key.
+ *                      0+ in non-FIPS, 14+ in FIPS.
+ * @param [in]  data    Data to MAC.
+ * @param [in]  len     Length in bytes of data to MAC.
+ * @param [out] md      HMAC output.
+ * @param [out] md_len  Length of HMAC output in bytes. May be NULL.
+ * @return  Buffer holding HMAC output.
+ * @return  NULL on failure.
+ */
+unsigned char* wolfSSL_HMAC(const WOLFSSL_EVP_MD* evp_md, const void* key,
+    int key_len, const unsigned char* data, int len, unsigned char* md,
+    unsigned int* md_len)
+{
+    unsigned char* ret = NULL;
+    int rc = 0;
+    int type = 0;
+    int hmacLen = 0;
+#ifdef WOLFSSL_SMALL_STACK
+    Hmac* hmac = NULL;
+#else
+    Hmac  hmac[1];
+#endif
+    void* heap = NULL;
+
+    /* Validate parameters. */
+    if ((evp_md == NULL) || (key == NULL) || (md == NULL)) {
+        rc = BAD_FUNC_ARG;
+    }
+
+    if (rc == 0) {
+        /* Get the hash type corresponding to the EVP digest. */
+        rc = wolfssl_evp_md_to_hash_type(evp_md, &type);
+    }
+#ifdef WOLFSSL_SMALL_STACK
+    if (rc == 0) {
+        /* Allocate dynamic memory for a wolfSSL HMAC object. */
+        hmac = (Hmac*)XMALLOC(sizeof(Hmac), heap, DYNAMIC_TYPE_HMAC);
+        if (hmac == NULL) {
+            rc = MEMORY_E;
+        }
+    }
+#endif
+    if (rc == 0)  {
+        /* Get the HMAC output length. */
+        hmacLen = wolfssl_mac_len((unsigned char)type);
+        /* 0 indicates the digest is not supported. */
+        if (hmacLen == 0) {
+            rc = BAD_FUNC_ARG;
+        }
+    }
+    /* Initialize the wolfSSL HMAC object. */
+    if ((rc == 0) && (wc_HmacInit(hmac, heap, INVALID_DEVID) == 0)) {
+        /* Set the key into the wolfSSL HMAC object. */
+        rc = wc_HmacSetKey(hmac, type, (const byte*)key, key_len);
+        if (rc == 0) {
+           /* Update the wolfSSL HMAC object with data. */
+            rc = wc_HmacUpdate(hmac, data, len);
+        }
+        /* Finalize the wolfSSL HMAC object. */
+        if ((rc == 0) && (wc_HmacFinal(hmac, md) == 0)) {
+            /* Return the length of the HMAC output if required. */
+            if (md_len != NULL) {
+                *md_len = hmacLen;
+            }
+            /* Set the buffer to return. */
+            ret = md;
+        }
+        /* Dispose of dynamic memory associated with the wolfSSL HMAC object. */
+        wc_HmacFree(hmac);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    /* Free dynamic memory of a wolfSSL HMAC object. */
+    XFREE(hmac, heap, DYNAMIC_TYPE_HMAC);
+#endif
+    return ret;
+}
+
+/* Get the HMAC output size.
+ *
+ * @param [in] ctx  HMAC context object.
+ * @return  Size of HMAC output in bytes.
+ * @return  0 when ctx is NULL or no digest algorithm set.
+ */
+size_t wolfSSL_HMAC_size(const WOLFSSL_HMAC_CTX* ctx)
+{
+    size_t ret = 0;
+
+    if (ctx != NULL) {
+        /* Look up digest size with wolfSSL. */
+        ret = (size_t)wc_HashGetDigestSize((enum wc_HashType)ctx->hmac.macType);
+    }
+
+    return ret;
+}
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF HMAC API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF CMAC API
+ ******************************************************************************/
+
+#if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
+#if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
+    defined(WOLFSSL_AES_DIRECT)
+/* Allocate a new CMAC context object.
+ *
+ * TODO: make fields static.
+ *
+ * @return  A CMAC context object on success.
+ * @return  NULL on failure.
+ */
+WOLFSSL_CMAC_CTX* wolfSSL_CMAC_CTX_new(void)
+{
+    WOLFSSL_CMAC_CTX* ctx = NULL;
+
+    /* Allocate memory for CMAC context object. */
+    ctx = (WOLFSSL_CMAC_CTX*)XMALLOC(sizeof(WOLFSSL_CMAC_CTX), NULL,
+        DYNAMIC_TYPE_OPENSSL);
+    if (ctx != NULL) {
+        /* Memory for wolfSSL CMAC object is allocated in
+         * wolfSSL_CMAC_Init().
+         */
+        ctx->internal = NULL;
+        /* Allocate memory for EVP cipher context object. */
+        ctx->cctx = wolfSSL_EVP_CIPHER_CTX_new();
+        if (ctx->cctx == NULL) {
+            XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+            XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+            ctx = NULL;
+        }
+    }
+
+    return ctx;
+}
+
+/* Free CMAC context object and dynamically allocated fields.
+ *
+ * ctx is deallocated and can no longer be used after this call.
+ *
+ * @param [in] ctx  CMAC context object.
+ */
+void wolfSSL_CMAC_CTX_free(WOLFSSL_CMAC_CTX *ctx)
+{
+    if (ctx != NULL) {
+        /* Deallocate dynamically allocated fields. */
+        if (ctx->internal != NULL) {
+#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+            wc_CmacFree((Cmac*)ctx->internal);
+#endif
+            XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+        }
+        if (ctx->cctx != NULL) {
+            wolfSSL_EVP_CIPHER_CTX_cleanup(ctx->cctx);
+            wolfSSL_EVP_CIPHER_CTX_free(ctx->cctx);
+        }
+        /* Deallocate CMAC context object. */
+        XFREE(ctx, NULL, DYNAMIC_TYPE_OPENSSL);
+    }
+}
+
+/* Return a reference to the EVP cipher context.
+ *
+ * @param [in] ctx  CMAC context object.
+ * @return  EVP cipher context.
+ * @return  NULL when ctx is NULL.
+ */
+WOLFSSL_EVP_CIPHER_CTX* wolfSSL_CMAC_CTX_get0_cipher_ctx(WOLFSSL_CMAC_CTX* ctx)
+{
+    WOLFSSL_EVP_CIPHER_CTX* cctx = NULL;
+
+    if (ctx != NULL) {
+        /* Return EVP cipher context object. */
+        cctx = ctx->cctx;
+    }
+
+    return cctx;
+}
+
+/* Initialize the CMAC operation.
+ *
+ * @param [in, out] cmac    CMAC context object.
+ * @param [in]      key     Symmetric key to use.
+ * @param [in]      keySz   Length of key in bytes.
+ * @param [in]      cipher  EVP cipher object describing encryption algorithm
+ *                          to use.
+ * @param [in]      engine  wolfSSL Engine. Not used.
+ * @return  1 on success.
+ * @return  0 when ctx or cipher is NULL.
+ * @return  0 when cipher is not an AES-CBC algorithm.
+ * @return  0 when key length does not match cipher.
+ */
+int wolfSSL_CMAC_Init(WOLFSSL_CMAC_CTX* ctx, const void *key, size_t keySz,
+    const WOLFSSL_EVP_CIPHER* cipher, WOLFSSL_ENGINE* engine)
+{
+    int ret = 1;
+
+    (void)engine;
+
+    WOLFSSL_ENTER("wolfSSL_CMAC_Init");
+
+    /* Validate parameters. */
+    if ((ctx == NULL) || (cipher == NULL)) {
+        ret = 0;
+    }
+    /* Only AES-CBC ciphers are supported. */
+    if ((ret == 1) && (cipher != EVP_AES_128_CBC) &&
+            (cipher != EVP_AES_192_CBC) && (cipher != EVP_AES_256_CBC)) {
+        WOLFSSL_MSG("wolfSSL_CMAC_Init: requested cipher is unsupported");
+        ret = 0;
+    }
+    /* Key length must match cipher. */
+    if ((ret == 1) && ((int)keySz != wolfSSL_EVP_Cipher_key_length(cipher))) {
+        WOLFSSL_MSG("wolfSSL_CMAC_Init: "
+                    "supplied key size doesn't match requested cipher");
+        ret = 0;
+    }
+
+    if ((ret == 1) && (ctx->internal == NULL)) {
+        /* Allocate memory for wolfSSL CMAC object. */
+        ctx->internal = (Cmac*)XMALLOC(sizeof(Cmac), NULL, DYNAMIC_TYPE_CMAC);
+        if (ctx->internal == NULL)
+            ret = 0;
+    }
+
+    /* Initialize the wolfCrypt CMAC object. */
+    if ((ret == 1) && (wc_InitCmac((Cmac*)ctx->internal, (const byte*)key,
+            (word32)keySz, WC_CMAC_AES, NULL) != 0)) {
+        WOLFSSL_MSG("wolfSSL_CMAC_Init: wc_InitCmac() failed");
+        XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+        ctx->internal = NULL;
+        ret = 0;
+    }
+    if (ret == 1) {
+        /* Initialize the EVP cipher context object for encryption. */
+        ret = wolfSSL_EVP_CipherInit(ctx->cctx, cipher, (const byte*)key, NULL,
+            1);
+        if (ret != WOLFSSL_SUCCESS)
+            WOLFSSL_MSG("wolfSSL_CMAC_Init: wolfSSL_EVP_CipherInit() failed");
+    }
+
+    WOLFSSL_LEAVE("wolfSSL_CMAC_Init", ret);
+
+    return ret;
+}
+
+/* Update the CMAC operation with data.
+ *
+ * @param [in, out] ctx   CMAC context object.
+ * @param [in]      data  Data to MAC as a byte array.
+ * @param [in]      len   Length of data in bytes.
+ * @return  1 on success.
+ * @return  0 when ctx is NULL.
+ */
+int wolfSSL_CMAC_Update(WOLFSSL_CMAC_CTX* ctx, const void* data, size_t len)
+{
+    int ret = 1;
+
+    WOLFSSL_ENTER("wolfSSL_CMAC_Update");
+
+    /* Validate parameters. */
+    if (ctx == NULL) {
+        ret = 0;
+    }
+
+    /* Update the wolfCrypto CMAC object with data. */
+    if ((ret == 1) && (data != NULL) && (wc_CmacUpdate((Cmac*)ctx->internal,
+            (const byte*)data, (word32)len) != 0)) {
+        ret = 0;
+    }
+
+    WOLFSSL_LEAVE("wolfSSL_CMAC_Update", ret);
+
+    return ret;
+}
+
+/* Finalize the CMAC operation into output buffer.
+ *
+ * @param [in, out] ctx  CMAC context object.
+ * @param [out]     out  Buffer to place CMAC result into.
+ *                       Must be able to hold AES_BLOCK_SIZE bytes.
+ * @param [out]     len  Length of CMAC result. May be NULL.
+ * @return  1 on success.
+ * @return  0 when ctx is NULL.
+ */
+int wolfSSL_CMAC_Final(WOLFSSL_CMAC_CTX* ctx, unsigned char* out, size_t* len)
+{
+    int ret = 1;
+    int blockSize;
+    word32 len32;
+
+    WOLFSSL_ENTER("wolfSSL_CMAC_Final");
+
+    /* Validate parameters. */
+    if (ctx == NULL) {
+        ret = 0;
+    }
+
+    if (ret == 1) {
+        /* Get the expected output size. */
+        blockSize = EVP_CIPHER_CTX_block_size(ctx->cctx);
+        /* Check value is valid. */
+        if (blockSize <= 0) {
+            ret = 0;
+        }
+        else {
+            /* wolfCrypt CMAC expects buffer size. */
+            len32 = (word32)blockSize;
+            /* Return size if required. */
+            if (len != NULL) {
+                *len = blockSize;
+            }
+        }
+    }
+    if ((ret == 1) && (out != NULL)) {
+        /* Calculate MAC result with wolfCrypt CMAC object. */
+        if (wc_CmacFinal((Cmac*)ctx->internal, out, &len32) != 0) {
+            ret = 0;
+        }
+        /* TODO: Is this necessary? Length should not change. */
+        /* Return actual size if required. */
+        else if (len != NULL) {
+            *len = (size_t)len32;
+        }
+
+        XFREE(ctx->internal, NULL, DYNAMIC_TYPE_CMAC);
+        ctx->internal = NULL;
+    }
+
+    WOLFSSL_LEAVE("wolfSSL_CMAC_Final", ret);
+
+    return ret;
+}
+#endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
+#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
+
+/*******************************************************************************
+ * END OF CMAC API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF DES API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+#ifndef NO_DES3
+/* Set parity of the DES key.
+ *
+ * @param [in, out] key  DES key.
+ */
+void wolfSSL_DES_set_odd_parity(WOLFSSL_DES_cblock* key)
+{
+    int i;
+
+    WOLFSSL_ENTER("wolfSSL_DES_set_odd_parity");
+
+    for (i = 0; i < DES_KEY_SIZE; i++) {
+        unsigned char c = (*key)[i];
+        /* Set bottom bit to odd parity - XOR of each bit is to be 1.
+         * XOR 1 to XOR of each bit.
+         * When even parity, the value will be 1 and the bottom bit will be
+         * flipped.
+         * When odd parity, the value will be 0 and the bottom bit will be
+         * unchanged.
+         */
+        c ^= ((c >> 0) ^ (c >> 1) ^ (c >> 2) ^ (c >> 3) ^ (c >> 4) ^ (c >> 5) ^
+              (c >> 6) ^ (c >> 7) ^ 0x01) & 0x01;
+        (*key)[i] = c;
+    }
+}
+
+/* Check parity of the DES key.
+ *
+ * @param [in] key  DES key.
+ * @return  1 when odd parity on all bytes.
+ * @return  0 when even parity on any byte.
+ */
+int wolfSSL_DES_check_key_parity(WOLFSSL_DES_cblock *key)
+{
+    int i;
+    /* Assume odd parity. */
+    unsigned char p = 1;
+
+    WOLFSSL_ENTER("wolfSSL_DES_check_key_parity");
+
+    for (i = 0; i < DES_KEY_SIZE; i++) {
+        unsigned char c = (*key)[i];
+        /* p will be 0 when parity is even (XOR of bits is 0). */
+        p &= (c >> 0) ^ (c >> 1) ^ (c >> 2) ^ (c >> 3) ^ (c >> 4) ^ (c >> 5) ^
+             (c >> 6) ^ (c >> 7);
+    }
+
+    /* Only care about bottom bit. */
+    return p & 1;
+}
+
+/* Check whether key data is the two 32-bit words.
+ *
+ * return true in fail case (1)
+ *
+ * @param [in] k1   First part of key.
+ * @param [in] k2   Second part of key.
+ * @param [in] key  DES key as an array of bytes.
+ **/
+static int wolfssl_des_check(word32 k1, word32 k2, unsigned char* key)
+{
+    /* Compare the two 32-bit words. */
+    return (((word32*)key)[0] == k1) && (((word32*)key)[1] == k2);
+}
+
+/* Check key is not weak.
+ *
+ * Weak key list from Nist "Recommendation for the Triple Data Encryption
+ * Algorithm (TDEA) Block Cipher"
+ *
+ * @param [in] key  DES key.
+ * @return  0 when #key is not a weak key.
+ * @return  1 when #key is a weak key.
+ */
+int wolfSSL_DES_is_weak_key(WOLFSSL_const_DES_cblock* key)
+{
+    int ret = 0;
+
+    WOLFSSL_ENTER("wolfSSL_DES_is_weak_key");
+
+    /* Validate parameter. */
+    if (key == NULL) {
+        WOLFSSL_MSG("NULL key passed in");
+        ret = 1;
+    }
+
+    /* Check weak keys - endian doesn't matter. */
+    if ((ret == 0) && (wolfssl_des_check(0x01010101, 0x01010101, *key) ||
+                       wolfssl_des_check(0xFEFEFEFE, 0xFEFEFEFE, *key) ||
+                       wolfssl_des_check(0xE0E0E0E0, 0xF1F1F1F1, *key) ||
+                       wolfssl_des_check(0x1F1F1F1F, 0x0E0E0E0E, *key))) {
+        WOLFSSL_MSG("Weak key found");
+        ret = 1;
+    }
+
+    /* Check semi-weak keys - endian doesn't matter. */
+    if ((ret == 0) && (wolfssl_des_check(0x011F011F, 0x010E010E, *key) ||
+                       wolfssl_des_check(0x1F011F01, 0x0E010E01, *key) ||
+                       wolfssl_des_check(0x01E001E0, 0x01F101F1, *key) ||
+                       wolfssl_des_check(0xE001E001, 0xF101F101, *key) ||
+                       wolfssl_des_check(0x01FE01FE, 0x01FE01FE, *key) ||
+                       wolfssl_des_check(0xFE01FE01, 0xFE01FE01, *key) ||
+                       wolfssl_des_check(0x1FE01FE0, 0x0EF10EF1, *key) ||
+                       wolfssl_des_check(0xE01FE01F, 0xF10EF10E, *key) ||
+                       wolfssl_des_check(0x1FFE1FFE, 0x0EFE0EFE, *key) ||
+                       wolfssl_des_check(0xFE1FFE1F, 0xFE0EFE0E, *key) ||
+                       wolfssl_des_check(0xE0FEE0FE, 0xF1FEF1FE, *key) ||
+                       wolfssl_des_check(0xFEE0FEE0, 0xFEF1FEF1, *key))) {
+        WOLFSSL_MSG("Semi-weak key found");
+        ret = 1;
+    }
+
+    return ret;
+}
+
+/* Set key into schedule if key parity is odd and key is not weak.
+ *
+ * @param [in]  key       DES key data.
+ * @param [out] schedule  DES key schedule.
+ * @return  0 on success.
+ * @return  -1 when parity is not odd.
+ * @return  -2 when key or schedule is NULL.
+ * @return  -2 when key is weak or semi-weak.
+ */
+int wolfSSL_DES_set_key_checked(WOLFSSL_const_DES_cblock* key,
+    WOLFSSL_DES_key_schedule* schedule)
+{
+    int ret = 0;
+
+    /* Validate parameters. */
+    if ((key == NULL) || (schedule == NULL)) {
+        WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_set_key_checked");
+        ret = -2;
+    }
+
+    /* Check key parity is odd. */
+    if ((ret == 0) && (!wolfSSL_DES_check_key_parity(key))) {
+        WOLFSSL_MSG("Odd parity test fail");
+        ret = -1;
+    }
+    /* Check whether key is weak. */
+    if ((ret == 0) && wolfSSL_DES_is_weak_key(key)) {
+        WOLFSSL_MSG("Weak key found");
+        ret = -2;
+    }
+    if (ret == 0) {
+        /* Key data passed checks, now copy key into schedule. */
+        XMEMCPY(schedule, key, DES_KEY_SIZE);
+    }
+
+    return ret;
+}
+
+/* Set key into schedule - no checks on key data performed.
+ *
+ * @param [in]  key       DES key data.
+ * @param [out] schedule  DES key schedule.
+ */
+void wolfSSL_DES_set_key_unchecked(WOLFSSL_const_DES_cblock* key,
+    WOLFSSL_DES_key_schedule* schedule)
+{
+    /* Validate parameters. */
+    if ((key != NULL) && (schedule != NULL)) {
+        /* Copy the key data into the schedule. */
+        XMEMCPY(schedule, key, DES_KEY_SIZE);
+    }
+}
+
+/* Set key into schedule.
+ *
+ * @param [in]  key       DES key data.
+ * @param [out] schedule  DES key schedule.
+ * @return  0 on success.
+ * @return  -1 when parity is not odd.
+ * @return  -2 when key or schedule is NULL.
+ * @return  -2 when key is weak or semi-weak.
+ */
+int wolfSSL_DES_set_key(WOLFSSL_const_DES_cblock* key,
+    WOLFSSL_DES_key_schedule* schedule)
+{
+#ifdef WOLFSSL_CHECK_DESKEY
+    return wolfSSL_DES_set_key_checked(key, schedule);
+#else
+    wolfSSL_DES_set_key_unchecked(key, schedule);
+    return 0;
+#endif
+}
+
+/* Set the key schedule from the DES key.
+ *
+ * TODO: OpenSSL checks parity and weak keys.
+ *
+ * @param [in]  key       DES key data.
+ * @param [out] schedule  DES key schedule.
+ * @return  0 on success.
+ */
+int wolfSSL_DES_key_sched(WOLFSSL_const_DES_cblock* key,
+    WOLFSSL_DES_key_schedule* schedule)
+{
+    WOLFSSL_ENTER("wolfSSL_DES_key_sched");
+
+    /* Check parameters are usable. */
+    if ((key == NULL) || (schedule == NULL)) {
+        WOLFSSL_MSG("Null argument passed in");
+    }
+    else {
+        /* Copy the key data into the schedule. */
+        XMEMCPY(schedule, key, sizeof(WOLFSSL_const_DES_cblock));
+    }
+
+    return 0;
+}
+
+/* Encrypt with DES-CBC to create a checksum.
+ *
+ * Intended to behave similar to Kerberos mit_des_cbc_cksum.
+ * Returns the last 4 bytes of cipher text.
+ *
+ * TODO: Encrypt one block at a time instead of allocating a large amount.
+ *
+ * @param [in]  in      Data to encrypt.
+ * @param [out] out     Last encrypted block.
+ * @param [in]  length  Length of data to encrypt.
+ * @param [in]  sc      Key schedule for encryption.
+ * @param [in]  iv      Initialization vector for CBC.
+ * @return  Checksum of encryption.
+ * @return  0 on error.
+ */
+WOLFSSL_DES_LONG wolfSSL_DES_cbc_cksum(const unsigned char* in,
+    WOLFSSL_DES_cblock* out, long length, WOLFSSL_DES_key_schedule* sc,
+    WOLFSSL_const_DES_cblock* iv)
+{
+    WOLFSSL_DES_LONG ret = 0;
+    int err = 0;
+    unsigned char* data = (unsigned char*)in;
+    unsigned char* tmp = NULL;
+    long dataSz = length;
+
+    WOLFSSL_ENTER("wolfSSL_DES_cbc_cksum");
+
+    /* Validate parameters. */
+    if ((in == NULL) || (out == NULL) || (sc == NULL) || (iv == NULL)) {
+        WOLFSSL_MSG("Bad argument passed in");
+        err = 1;
+    }
+
+    /* When input length is not a multiple of DES_BLOCK_SIZE pad with 0s. */
+    if ((!err) && (dataSz % DES_BLOCK_SIZE)) {
+        /* Allocate a buffer big enough to hold padded input. */
+        dataSz += DES_BLOCK_SIZE - (dataSz % DES_BLOCK_SIZE);
+        data = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (data == NULL) {
+            WOLFSSL_MSG("Issue creating temporary buffer");
+            err = 1;
+        }
+        else {
+            /* Copy input and pad with 0s. */
+            XMEMCPY(data, in, length);
+            XMEMSET(data + length, 0, dataSz - length);
+        }
+    }
+
+    if (!err) {
+        /* Allocate buffer to hold encrypted data. */
+        tmp = (unsigned char*)XMALLOC(dataSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (tmp == NULL) {
+            WOLFSSL_MSG("Issue creating temporary buffer");
+            err = 1;
+        }
+    }
+
+    if (!err) {
+        /* Encrypt data into temporary. */
+        wolfSSL_DES_cbc_encrypt(data, tmp, dataSz, sc, (WOLFSSL_DES_cblock*)iv,
+            DES_ENCRYPT);
+        /* Copy out last block. */
+        XMEMCPY((unsigned char*)out, tmp + (dataSz - DES_BLOCK_SIZE),
+            DES_BLOCK_SIZE);
+
+        /* Use the last half of the encrypted block as the checksum. */
+        ret = (((*((unsigned char*)out + 4) & 0xFF) << 24) |
+               ((*((unsigned char*)out + 5) & 0xFF) << 16) |
+               ((*((unsigned char*)out + 6) & 0xFF) <<  8) |
+                (*((unsigned char*)out + 7) & 0xFF)      );
+    }
+
+    /* Dispose of allocated memory. */
+    XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (data != in) {
+        XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    return ret;
+}
+
+/* Encrypt/decrypt data with DES-CBC.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ *       we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in]  input     Data to encipher.
+ * @param [out] output    Enciphered data.
+ * @param [in]  length    Length of data to encipher.
+ * @param [in]  schedule  Key schedule.
+ * @param [in]  ivec      IV for CBC operation.
+ * @param [in]  enc       Whether to encrypt.
+ */
+void wolfSSL_DES_cbc_encrypt(const unsigned char* input, unsigned char* output,
+    long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+    int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    Des* des = NULL;
+#else
+    Des  des[1];
+#endif
+    byte lastBlock[DES_BLOCK_SIZE];
+
+    WOLFSSL_ENTER("wolfSSL_DES_cbc_encrypt");
+
+#ifdef WOLFSSL_SMALL_STACK
+    des = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
+    if (des == NULL) {
+        WOLFSSL_MSG("Failed to allocate memory for Des object");
+    }
+    else
+#endif
+    /* OpenSSL compat, no ret */
+    if (wc_Des_SetKey(des, (const byte*)schedule, (const byte*)ivec,
+            !enc) != 0) {
+        WOLFSSL_MSG("wc_Des_SetKey return error.");
+    }
+    else {
+        /* Last incomplete block size. 0 means none over. */
+        int    lb_sz = length % DES_BLOCK_SIZE;
+        /* Length of data that is a multiple of a block. */
+        word32 len   = (word32)(length - lb_sz);
+
+        if (enc == DES_ENCRYPT) {
+            /* Encrypt full blocks into output. */
+            wc_Des_CbcEncrypt(des, output, input, len);
+            if (lb_sz != 0) {
+                /* Create a 0 padded block from remaining bytes. */
+                XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
+                XMEMCPY(lastBlock, input + len, lb_sz);
+                /* Encrypt last block into output. */
+                wc_Des_CbcEncrypt(des, output + len, lastBlock,
+                    (word32)DES_BLOCK_SIZE);
+            }
+        }
+        else {
+            /* Decrypt full blocks into output. */
+            wc_Des_CbcDecrypt(des, output, input, len);
+            if (lb_sz != 0) {
+                /* Decrypt the last block that is not going to be full size. */
+                wc_Des_CbcDecrypt(des, lastBlock, input + len,
+                    (word32)DES_BLOCK_SIZE);
+                /* Copy out the required amount of the decrypted block. */
+                XMEMCPY(output + len, lastBlock, lb_sz);
+            }
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(des, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+
+/* Encrypt/decrypt data with DES-CBC. Sets the IV for following operation.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ *       we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in]      input     Data to encipher.
+ * @param [out]     output    Enciphered data.
+ * @param [in]      length    Length of data to encipher.
+ * @param [in]      schedule  Key schedule.
+ * @param [in, out] ivec      IV for CBC operation.
+ * @param [in]      enc       Whether to encrypt.
+ */
+void wolfSSL_DES_ncbc_encrypt(const unsigned char* input, unsigned char* output,
+    long length, WOLFSSL_DES_key_schedule* schedule, WOLFSSL_DES_cblock* ivec,
+    int enc)
+{
+    unsigned char tmp[DES_IV_SIZE];
+    /* Calculate length to a multiple of block size. */
+    size_t offset = (size_t)length;
+
+    WOLFSSL_ENTER("wolfSSL_DES_ncbc_encrypt");
+
+    offset = (offset + DES_BLOCK_SIZE - 1) / DES_BLOCK_SIZE;
+    offset *= DES_BLOCK_SIZE;
+    offset -= DES_BLOCK_SIZE;
+    if (enc == DES_ENCRYPT) {
+        /* Encrypt data. */
+        wolfSSL_DES_cbc_encrypt(input, output, length, schedule, ivec, enc);
+        /* Use last encrypted block as new IV. */
+        XMEMCPY(ivec, output + offset, DES_IV_SIZE);
+    }
+    else {
+        /* Get last encrypted block for new IV. */
+        XMEMCPY(tmp, input + offset, DES_IV_SIZE);
+        /* Decrypt data. */
+        wolfSSL_DES_cbc_encrypt(input, output, length, schedule, ivec, enc);
+        /* Use last encrypted block as new IV. */
+        XMEMCPY(ivec, tmp, DES_IV_SIZE);
+    }
+}
+
+/* Encrypt/decrypt data with DES-CBC.
+ *
+ * WOLFSSL_DES_key_schedule is an unsigned char array of size 8.
+ *
+ * TODO: OpenSSL expects a length that is a multiple of the block size but
+ *       we are padding the last block. This is not a padding API.
+ * TODO: Validate parameters?
+ *
+ * @param [in]      input     Data to encipher.
+ * @param [out]     output    Enciphered data.
+ * @param [in]      length    Length of data to encipher.
+ * @param [in]      schedule  Key schedule.
+ * @param [in, out] ivec      IV for CBC operation.
+ * @param [in]      enc       Whether to encrypt.
+ */
+void wolfSSL_DES_ede3_cbc_encrypt(const unsigned char* input,
+    unsigned char* output, long sz, WOLFSSL_DES_key_schedule* ks1,
+    WOLFSSL_DES_key_schedule* ks2, WOLFSSL_DES_key_schedule* ks3,
+    WOLFSSL_DES_cblock* ivec, int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    Des3* des3;
+#else
+    Des3  des3[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_DES_ede3_cbc_encrypt");
+
+#ifdef WOLFSSL_SMALL_STACK
+    des3 = XMALLOC(sizeof(Des3), NULL, DYNAMIC_TYPE_CIPHER);
+    if (des3 == NULL) {
+        WOLFSSL_MSG("Failed to allocate memory for Des3 object");
+        sz = 0;
+    }
+#endif
+
+    if (sz > 0) {
+        int    ret;
+        byte   key[DES3_KEY_SIZE];
+        byte   lastBlock[DES_BLOCK_SIZE];
+        int    lb_sz;
+        word32 len;
+
+        /* Copy the three keys into the buffer for wolfCrypt DES. */
+        XMEMCPY(key + 0 * DES_BLOCK_SIZE, *ks1, DES_BLOCK_SIZE);
+        XMEMCPY(key + 1 * DES_BLOCK_SIZE, *ks2, DES_BLOCK_SIZE);
+        XMEMCPY(key + 2 * DES_BLOCK_SIZE, *ks3, DES_BLOCK_SIZE);
+
+        /* Last incomplete block size. 0 means none over. */
+        lb_sz = sz % DES_BLOCK_SIZE;
+        /* Length of data that is a multiple of a block. */
+        len   = (word32)(sz - lb_sz);
+
+        /* Initialize wolfCrypt DES3 object. */
+        XMEMSET(des3, 0, sizeof(Des3));
+        ret = wc_Des3Init(des3, NULL, INVALID_DEVID);
+        (void)ret;
+
+        if (enc == DES_ENCRYPT) {
+            /* Initialize wolfCrypt DES3 object. */
+            if (wc_Des3_SetKey(des3, key, (const byte*)ivec, DES_ENCRYPTION)
+                    == 0) {
+                /* Encrypt full blocks into output. */
+                ret = wc_Des3_CbcEncrypt(des3, output, input, len);
+                (void)ret;
+            #if defined(WOLFSSL_ASYNC_CRYPT)
+                ret = wc_AsyncWait(ret, &des3->asyncDev, WC_ASYNC_FLAG_NONE);
+                (void)ret;
+            #endif
+                if (lb_sz != 0) {
+                    /* Create a 0 padded block from remaining bytes. */
+                    XMEMSET(lastBlock, 0, DES_BLOCK_SIZE);
+                    XMEMCPY(lastBlock, input + len, lb_sz);
+                    /* Encrypt last block into output. */
+                    ret = wc_Des3_CbcEncrypt(des3, output + len, lastBlock,
+                        (word32)DES_BLOCK_SIZE);
+                    (void)ret;
+                #if defined(WOLFSSL_ASYNC_CRYPT)
+                    ret = wc_AsyncWait(ret, &des3->asyncDev,
+                        WC_ASYNC_FLAG_NONE);
+                    (void)ret;
+                #endif
+                    /* Copy the last encrypted block as IV for next decrypt. */
+                    XMEMCPY(ivec, output + len, DES_BLOCK_SIZE);
+                }
+                else {
+                    /* Copy the last encrypted block as IV for next decrypt. */
+                    XMEMCPY(ivec, output + len - DES_BLOCK_SIZE,
+                        DES_BLOCK_SIZE);
+                }
+            }
+        }
+        else {
+            /* Initialize wolfCrypt DES3 object. */
+            if (wc_Des3_SetKey(des3, key, (const byte*)ivec, DES_DECRYPTION)
+                    == 0) {
+                /* Copy the last encrypted block as IV for next decrypt. */
+                if (lb_sz != 0) {
+                    XMEMCPY(ivec, input + len, DES_BLOCK_SIZE);
+                }
+                else {
+                    XMEMCPY(ivec, input + len - DES_BLOCK_SIZE, DES_BLOCK_SIZE);
+                }
+                /* Decrypt full blocks into output. */
+                ret = wc_Des3_CbcDecrypt(des3, output, input, len);
+                (void)ret;
+            #if defined(WOLFSSL_ASYNC_CRYPT)
+                ret = wc_AsyncWait(ret, &des3->asyncDev, WC_ASYNC_FLAG_NONE);
+                (void)ret;
+            #endif
+                if (lb_sz != 0) {
+                   /* Decrypt the last block that is not going to be full size.
+                    */
+                    ret = wc_Des3_CbcDecrypt(des3, lastBlock, input + len,
+                        (word32)DES_BLOCK_SIZE);
+                    (void)ret;
+                #if defined(WOLFSSL_ASYNC_CRYPT)
+                    ret = wc_AsyncWait(ret, &des3->asyncDev,
+                        WC_ASYNC_FLAG_NONE);
+                    (void)ret;
+                #endif
+                    /* Copy out the required amount of the decrypted block. */
+                    XMEMCPY(output + len, lastBlock, lb_sz);
+                }
+            }
+        }
+        wc_Des3Free(des3);
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(des3, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+
+#ifdef WOLFSSL_DES_ECB
+/* Encrypt or decrypt input message desa with key and get output in desb.
+ *
+ * @param [in]  in   Block to encipher with DES-ECB.
+ * @param [out] out  Enciphered block.
+ * @param [in]  key  DES key schedule.
+ * @param [in]  enc  Whether to encrypt.
+ */
+void wolfSSL_DES_ecb_encrypt(WOLFSSL_DES_cblock* in, WOLFSSL_DES_cblock* out,
+    WOLFSSL_DES_key_schedule* key, int enc)
+{
+#ifdef WOLFSSL_SMALL_STACK
+    Des* des = NULL;
+#else
+    Des  des[1];
+#endif
+
+    WOLFSSL_ENTER("wolfSSL_DES_ecb_encrypt");
+
+    /* Validate parameters. */
+    if ((in == NULL) || (out == NULL) || (key == NULL) ||
+           ((enc != DES_ENCRYPT) && (enc != DES_DECRYPT))) {
+        WOLFSSL_MSG("Bad argument passed to wolfSSL_DES_ecb_encrypt");
+    }
+#ifdef WOLFSSL_SMALL_STACK
+    else if ((des = XMALLOC(sizeof(Des), NULL, DYNAMIC_TYPE_CIPHER)) == NULL) {
+        WOLFSSL_MSG("Failed to allocate memory for Des object");
+    }
+#endif
+    /* Set key in wolfCrypt DES object for encryption or decryption.
+     * DES_ENCRYPT = 1, wolfSSL DES_ENCRYPTION = 0.
+     * DES_DECRYPT = 0, wolfSSL DES_DECRYPTION = 1.
+     */
+    else if (wc_Des_SetKey(des, (const byte*)key, NULL, !enc) != 0) {
+        WOLFSSL_MSG("wc_Des_SetKey return error.");
+    }
+    else if (enc == DES_ENCRYPT) {
+        /* Encrypt a block with wolfCrypt DES object. */
+        if (wc_Des_EcbEncrypt(des, (byte*)out, (const byte*)in, DES_KEY_SIZE)
+                != 0) {
+            WOLFSSL_MSG("wc_Des_EcbEncrypt return error.");
+        }
+    }
+    else {
+        /* Decrypt a block with wolfCrypt DES object. */
+        if (wc_Des_EcbDecrypt(des, (byte*)out, (const byte*)in, DES_KEY_SIZE)
+                != 0) {
+            WOLFSSL_MSG("wc_Des_EcbDecrpyt return error.");
+        }
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(des, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+}
+#endif
+#endif /* NO_DES3 */
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF DES API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF AES API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+
+#if !defined(NO_AES) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+
+/* Sets the key into the AES key object for encryption or decryption.
+ *
+ * TODO: check bits value?
+ *
+ * @param [in]  key   Key data.
+ * @param [in]  bits  Number of bits in key.
+ * @param [out] aes   AES key object.
+ * @param [in]  enc   Whether to encrypt. AES_ENCRYPT or AES_DECRYPT.
+ * @return  0 on success.
+ * @return  -1 when key or aes is NULL.
+ * @return  -1 when setting key with wolfCrypt fails.
+ */
+static int wolfssl_aes_set_key(const unsigned char *key, const int bits,
+    AES_KEY *aes, int enc)
+{
+    typedef char aes_test[sizeof(AES_KEY) >= sizeof(Aes) ? 1 : -1];
+    (void)sizeof(aes_test);
+
+    /* Validate parameters. */
+    if ((key == NULL) || (aes == NULL)) {
+        WOLFSSL_MSG("Null argument passed in");
+        return -1;
+    }
+
+    XMEMSET(aes, 0, sizeof(AES_KEY));
+
+    if (wc_AesInit((Aes*)aes, NULL, INVALID_DEVID) != 0) {
+        WOLFSSL_MSG("Error in initting AES key");
+        return -1;
+    }
+
+    if (wc_AesSetKey((Aes*)aes, key, ((bits)/8), NULL, enc) != 0) {
+        WOLFSSL_MSG("Error in setting AES key");
+        return -1;
+    }
+    return 0;
+}
+
+/* Sets the key into the AES key object for encryption.
+ *
+ * @param [in]  key   Key data.
+ * @param [in]  bits  Number of bits in key.
+ * @param [out] aes   AES key object.
+ * @return  0 on success.
+ * @return  -1 when key or aes is NULL.
+ * @return  -1 when setting key with wolfCrypt fails.
+ */
+int wolfSSL_AES_set_encrypt_key(const unsigned char *key, const int bits,
+    AES_KEY *aes)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_set_encrypt_key");
+
+    return wolfssl_aes_set_key(key, bits, aes, AES_ENCRYPT);
+}
+
+/* Sets the key into the AES key object for decryption.
+ *
+ * @param [in]  key   Key data.
+ * @param [in]  bits  Number of bits in key.
+ * @param [out] aes   AES key object.
+ * @return  0 on success.
+ * @return  -1 when key or aes is NULL.
+ * @return  -1 when setting key with wolfCrypt fails.
+ */
+int wolfSSL_AES_set_decrypt_key(const unsigned char *key, const int bits,
+    AES_KEY *aes)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_set_decrypt_key");
+
+    return wolfssl_aes_set_key(key, bits, aes, AES_DECRYPT);
+}
+
+#ifdef WOLFSSL_AES_DIRECT
+/* Encrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_encrypt_key() must have been called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in]  input   Data to encrypt.
+ * @param [out] output  Encrypted data.
+ * @param [in]  key     AES key to use for encryption.
+ */
+void wolfSSL_AES_encrypt(const unsigned char* input, unsigned char* output,
+    AES_KEY *key)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_encrypt");
+
+    /* Validate parameters. */
+    if ((input == NULL) || (output == NULL) || (key == NULL)) {
+        WOLFSSL_MSG("Null argument passed in");
+    }
+    else
+#if !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+    /* Encrypt a block with wolfCrypt AES. */
+    if (wc_AesEncryptDirect((Aes*)key, output, input) != 0) {
+        WOLFSSL_MSG("wc_AesEncryptDirect failed");
+    }
+#else
+    {
+        /* Encrypt a block with wolfCrypt AES. */
+        wc_AesEncryptDirect((Aes*)key, output, input);
+    }
+#endif
+}
+
+
+/* Decrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_decrypt_key() must have been called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in]  input   Data to decrypt.
+ * @param [out] output  Decrypted data.
+ * @param [in]  key     AES key to use for encryption.
+ */
+void wolfSSL_AES_decrypt(const unsigned char* input, unsigned char* output,
+    AES_KEY *key)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_decrypt");
+
+    /* Validate parameters. */
+    if ((input == NULL) || (output == NULL) || (key == NULL)) {
+        WOLFSSL_MSG("Null argument passed in");
+    }
+    else
+#if !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+    /* Decrypt a block with wolfCrypt AES. */
+    if (wc_AesDecryptDirect((Aes*)key, output, input) != 0) {
+        WOLFSSL_MSG("wc_AesDecryptDirect failed");
+    }
+#else
+    {
+        /* Decrypt a block with wolfCrypt AES. */
+        wc_AesDecryptDirect((Aes*)key, output, input);
+    }
+#endif
+}
+#endif /* WOLFSSL_AES_DIRECT */
+
+
+
+#ifdef HAVE_AES_ECB
+/* Encrypt/decrypt a 16-byte block of data using AES-ECB.
+ *
+ * wolfSSL_AES_set_encrypt_key() or wolfSSL_AES_set_decrypt_key ()must have been
+ * called.
+ *
+ * #input must contain AES_BLOCK_SIZE bytes of data.
+ * #output must be a buffer at least AES_BLOCK_SIZE bytes in length.
+ *
+ * @param [in]  in   Data to encipher.
+ * @param [out] out  Enciphered data.
+ * @param [in]  key  AES key to use for encryption/decryption.
+ * @param [in]  enc  Whether to encrypt.
+ *                   AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_ecb_encrypt(const unsigned char *in, unsigned char* out,
+    AES_KEY *key, const int enc)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_ecb_encrypt");
+
+    /* Validate parameters. */
+    if ((key == NULL) || (in == NULL) || (out == NULL)) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+    }
+    else if (enc == AES_ENCRYPT) {
+        /* Encrypt block. */
+        if (wc_AesEcbEncrypt((Aes*)key, out, in, AES_BLOCK_SIZE) != 0) {
+            WOLFSSL_MSG("Error with AES CBC encrypt");
+        }
+    }
+    else {
+    #ifdef HAVE_AES_DECRYPT
+        /* Decrypt block. */
+        if (wc_AesEcbDecrypt((Aes*)key, out, in, AES_BLOCK_SIZE) != 0) {
+            WOLFSSL_MSG("Error with AES CBC decrypt");
+        }
+    #else
+        WOLFSSL_MSG("AES decryption not compiled in");
+    #endif
+    }
+}
+#endif /* HAVE_AES_ECB */
+
+#ifdef HAVE_AES_CBC
+/* Encrypt/decrypt data with IV using AES-CBC.
+ *
+ * wolfSSL_AES_set_encrypt_key() or wolfSSL_AES_set_decrypt_key() must have been
+ * called.
+ *
+ * @param [in]       in   Data to encipher.
+ * @param [out]      out  Enciphered data.
+ * @param [in]       len  Length of data to encipher.
+ * @param [in]       key  AES key to use for encryption/decryption.
+ * @param [in, out]  iv   Initialization Vector (IV) of CBC mode.
+ *                        On in, used with first block.
+ *                        On out, IV for further operations.
+ * @param [in]       enc  Whether to encrypt.
+ *                   AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_cbc_encrypt(const unsigned char *in, unsigned char* out,
+    size_t len, AES_KEY *key, unsigned char* iv, const int enc)
+{
+    WOLFSSL_ENTER("wolfSSL_AES_cbc_encrypt");
+
+    /* Validate parameters. */
+    if ((key == NULL) || (in == NULL) || (out == NULL) || (iv == NULL) ||
+            (len == 0)) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+    }
+    /* Set IV for operation. */
+    else {
+        int ret;
+        Aes* aes = (Aes*)key;
+
+        if ((ret = wc_AesSetIV(aes, (const byte*)iv)) != 0) {
+            WOLFSSL_MSG("Error with setting iv");
+        }
+        else if (enc == AES_ENCRYPT) {
+            /* Encrypt with wolfCrypt AES object. */
+            if ((ret = wc_AesCbcEncrypt(aes, out, in, (word32)len)) != 0) {
+                WOLFSSL_MSG("Error with AES CBC encrypt");
+            }
+        }
+        else {
+            /* Decrypt with wolfCrypt AES object. */
+            if ((ret = wc_AesCbcDecrypt(aes, out, in, (word32)len)) != 0) {
+                WOLFSSL_MSG("Error with AES CBC decrypt");
+            }
+        }
+
+        if (ret == 0) {
+            /* Get IV for next operation. */
+            XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
+        }
+    }
+}
+#endif /* HAVE_AES_CBC */
+
+
+/* Encrypt/decrypt data with IV using AES-CFB.
+ *
+ * wolfSSL_AES_set_encrypt_key() must have been called.
+ *
+ * @param [in]       in   Data to encipher.
+ * @param [out]      out  Enciphered data.
+ * @param [in]       len  Length of data to encipher.
+ * @param [in]       key  AES key to use for encryption/decryption.
+ * @param [in, out]  iv   Initialization Vector (IV) of CFB mode.
+ *                        On in, used with first block.
+ *                        On out, IV for further operations.
+ * @param [out]      num  Number of bytes used from last incomplete block.
+ * @param [in]       enc  Whether to encrypt.
+ *                   AES_ENCRPT for encryption, AES_DECRYPT for decryption.
+ */
+void wolfSSL_AES_cfb128_encrypt(const unsigned char *in, unsigned char* out,
+    size_t len, AES_KEY *key, unsigned char* iv, int* num, const int enc)
+{
+#ifndef WOLFSSL_AES_CFB
+    WOLFSSL_MSG("CFB mode not enabled please use macro WOLFSSL_AES_CFB");
+
+    (void)in;
+    (void)out;
+    (void)len;
+    (void)key;
+    (void)iv;
+    (void)num;
+    (void)enc;
+#else
+    WOLFSSL_ENTER("wolfSSL_AES_cfb_encrypt");
+
+    /* Validate parameters. */
+    if ((key == NULL) || (in == NULL) || (out == NULL) || (iv == NULL)) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+    }
+    else {
+        int ret;
+        Aes* aes = (Aes*)key;
+
+        /* Copy the IV directly into reg here because wc_AesSetIV clears
+         * leftover bytes field "left", and this function relies on the leftover
+         * bytes being preserved between calls.
+         */
+        XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
+
+        if (enc == AES_ENCRYPT) {
+            /* Encrypt data with AES-CFB. */
+            if ((ret = wc_AesCfbEncrypt(aes, out, in, (word32)len)) != 0) {
+                WOLFSSL_MSG("Error with AES CBC encrypt");
+            }
+        }
+        else {
+            /* Decrypt data with AES-CFB. */
+            if ((ret = wc_AesCfbDecrypt(aes, out, in, (word32)len)) != 0) {
+                WOLFSSL_MSG("Error with AES CBC decrypt");
+            }
+        }
+
+        if (ret == 0) {
+            /* Copy IV out after operation. */
+            XMEMCPY(iv, (byte*)(aes->reg), AES_BLOCK_SIZE);
+
+            /* Store number of left over bytes to num. */
+            if (num != NULL) {
+                *num = (AES_BLOCK_SIZE - aes->left) % AES_BLOCK_SIZE;
+            }
+        }
+    }
+#endif /* WOLFSSL_AES_CFB */
+}
+
+/* wc_AesKey*Wrap_ex API not available in FIPS and SELFTEST */
+#if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+/* Wrap (encrypt) a key using RFC3394 AES key wrap.
+ *
+ * @param [in, out] key   AES key.
+ * @param [in]      iv    Initialization vector used by encryption mode.
+ * @param [out]     out   Wrapped key.
+ * @param [in]      in    Key data to wrap.
+ * @param [in]      inSz  Length of key to wrap in bytes.
+ * @return  Length of encrypted key in bytes.
+ * @return  0 when key, iv, out or in is NULL.
+ * @return  0 when key length is not valid.
+ */
+int wolfSSL_AES_wrap_key(AES_KEY *key, const unsigned char *iv,
+    unsigned char *out, const unsigned char *in, unsigned int inSz)
+{
+    int ret = 0;
+    int len = 0;
+
+    WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
+
+    /* Validate parameters. */
+    if ((out == NULL) || (in == NULL)) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Wrap key. */
+    if ((ret == 0) && ((ret = wc_AesKeyWrap_ex((Aes*)key, in, inSz, out,
+            inSz + KEYWRAP_BLOCK_SIZE, iv)) > 0)) {
+        /* Get the length of the wrapped key. */
+        len = ret;
+    }
+
+    return len;
+}
+
+/* Unwrap (decrypt) a key using RFC3394 AES key wrap.
+ *
+ * @param [in, out] key   AES key.
+ * @param [in]      iv    Initialization vector used by decryption mode.
+ * @param [out]     out   Unwrapped key.
+ * @param [in]      in    Wrapped key data.
+ * @param [in]      inSz  Length of wrapped key data in bytes.
+ * @return  Length of decrypted key in bytes.
+ * @return  0 when key, iv, out or in is NULL.
+ * @return  0 when wrapped key data length is not valid.
+ */
+int wolfSSL_AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
+    unsigned char *out, const unsigned char *in, unsigned int inSz)
+{
+    int ret = 0;
+    int len = 0;
+
+    WOLFSSL_ENTER("wolfSSL_AES_wrap_key");
+
+    /* Validate parameters. */
+    if ((out == NULL) || (in == NULL)) {
+        WOLFSSL_MSG("Error, Null argument passed in");
+        ret = BAD_FUNC_ARG;
+    }
+
+    /* Unwrap key. */
+    if ((ret == 0) && ((ret = wc_AesKeyUnWrap_ex((Aes*)key, in, inSz, out,
+            inSz + KEYWRAP_BLOCK_SIZE, iv)) > 0)) {
+        /* Get the length of the unwrapped key. */
+        len = ret;
+    }
+
+    return len;
+}
+#endif /* HAVE_AES_KEYWRAP && !HAVE_FIPS && !HAVE_SELFTEST */
+
+#ifdef HAVE_CTS
+/* Ciphertext stealing encryption compatible with RFC2040 and RFC3962.
+ *
+ * @param [in]  in   Data to encrypt.
+ * @param [out] out  Encrypted data.
+ * @param [in]  len  Length of data to encrypt.
+ * @param [in]  key  Symmetric key.
+ * @param [in]  iv   Initialization Vector for encryption mode.
+ * @param [in]  cbc  CBC mode encryption function.
+ * @return  Length of encrypted data in bytes on success.
+ * @return  0 when in, out, cbc, key or iv are NULL.
+ * @return  0 when len is less than or equal to 16 bytes.
+ */
+size_t wolfSSL_CRYPTO_cts128_encrypt(const unsigned char *in,
+    unsigned char *out, size_t len, const void *key, unsigned char *iv,
+    WOLFSSL_CBC128_CB cbc)
+{
+    byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
+    int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
+
+    WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_encrypt");
+
+    /* Validate parameters. */
+    if ((in == NULL) || (out == NULL) || (len <= WOLFSSL_CTS128_BLOCK_SZ) ||
+            (cbc == NULL) || (key == NULL) || (iv == NULL)) {
+        WOLFSSL_MSG("Bad parameter");
+        len = 0;
+    }
+
+    if (len > 0) {
+        /* Must have a last block. */
+        if (lastBlkLen == 0) {
+            lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
+        }
+
+        /* Encrypt data up to last block */
+        (*cbc)(in, out, len - lastBlkLen, key, iv, AES_ENCRYPT);
+
+        /* Move to last block */
+        in += len - lastBlkLen;
+        out += len - lastBlkLen;
+
+        /* RFC2040: Pad Pn with zeros at the end to create P of length BB. */
+        XMEMCPY(lastBlk, in, lastBlkLen);
+        XMEMSET(lastBlk + lastBlkLen, 0, WOLFSSL_CTS128_BLOCK_SZ - lastBlkLen);
+        /* RFC2040: Select the first Ln bytes of En-1 to create Cn */
+        XMEMCPY(out, out - WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
+        /* Encrypt last block. */
+        (*cbc)(lastBlk, out - WOLFSSL_CTS128_BLOCK_SZ, WOLFSSL_CTS128_BLOCK_SZ,
+                key, iv, AES_ENCRYPT);
+    }
+
+    return len;
+}
+
+/* Ciphertext stealing decryption compatible with RFC2040 and RFC3962.
+ *
+ * @param [in]  in   Data to decrypt.
+ * @param [out] out  Decrypted data.
+ * @param [in]  len  Length of data to decrypt.
+ * @param [in]  key  Symmetric key.
+ * @param [in]  iv   Initialization Vector for decryption mode.
+ * @param [in]  cbc  CBC mode encryption function.
+ * @return  Length of decrypted data in bytes on success.
+ * @return  0 when in, out, cbc, key or iv are NULL.
+ * @return  0 when len is less than or equal to 16 bytes.
+ */
+size_t wolfSSL_CRYPTO_cts128_decrypt(const unsigned char *in,
+    unsigned char *out, size_t len, const void *key, unsigned char *iv,
+    WOLFSSL_CBC128_CB cbc)
+{
+    byte lastBlk[WOLFSSL_CTS128_BLOCK_SZ];
+    byte prevBlk[WOLFSSL_CTS128_BLOCK_SZ];
+    int lastBlkLen = len % WOLFSSL_CTS128_BLOCK_SZ;
+
+    WOLFSSL_ENTER("wolfSSL_CRYPTO_cts128_decrypt");
+
+    /* Validate parameters. */
+    if ((in == NULL) || (out == NULL) || (len <= WOLFSSL_CTS128_BLOCK_SZ) ||
+            (cbc == NULL) || (key == NULL) || (iv == NULL)) {
+        WOLFSSL_MSG("Bad parameter");
+        len = 0;
+    }
+
+    if (len > 0) {
+        /* Must have a last block. */
+        if (lastBlkLen == 0) {
+            lastBlkLen = WOLFSSL_CTS128_BLOCK_SZ;
+        }
+
+        if (len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ != 0) {
+            /* Decrypt up to last two blocks */
+            (*cbc)(in, out, len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ, key, iv,
+                    AES_DECRYPTION);
+
+            /* Move to last two blocks */
+            in += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
+            out += len - lastBlkLen - WOLFSSL_CTS128_BLOCK_SZ;
+        }
+
+        /* RFC2040: Decrypt Cn-1 to create Dn.
+         * Use 0 buffer as IV to do straight decryption.
+         * This places the Cn-1 block at lastBlk */
+        XMEMSET(lastBlk, 0, WOLFSSL_CTS128_BLOCK_SZ);
+        (*cbc)(in, prevBlk, WOLFSSL_CTS128_BLOCK_SZ, key, lastBlk, AES_DECRYPT);
+        /* RFC2040: Append the tail (BB minus Ln) bytes of Xn to Cn
+         *          to create En. */
+        XMEMCPY(prevBlk, in + WOLFSSL_CTS128_BLOCK_SZ, lastBlkLen);
+        /* Cn and Cn-1 can now be decrypted */
+        (*cbc)(prevBlk, out, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
+        (*cbc)(lastBlk, lastBlk, WOLFSSL_CTS128_BLOCK_SZ, key, iv, AES_DECRYPT);
+        XMEMCPY(out + WOLFSSL_CTS128_BLOCK_SZ, lastBlk, lastBlkLen);
+    }
+
+    return len;
+}
+#endif /* HAVE_CTS */
+#endif /* !NO_AES && !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF AES API
+ ******************************************************************************/
+
+/*******************************************************************************
+ * START OF RC4 API
+ ******************************************************************************/
+
+#ifdef OPENSSL_EXTRA
+
+#ifndef NO_RC4
+/* Set the key state for Arc4 key.
+ *
+ * @param [out] key   Arc4 key.
+ * @param [in]  len   Length of key in buffer.
+ * @param [in]  data  Key data buffer.
+ */
+void wolfSSL_RC4_set_key(WOLFSSL_RC4_KEY* key, int len,
+    const unsigned char* data)
+{
+    typedef char rc4_test[sizeof(WOLFSSL_RC4_KEY) >= sizeof(Arc4) ? 1 : -1];
+    (void)sizeof(rc4_test);
+
+    WOLFSSL_ENTER("wolfSSL_RC4_set_key");
+
+    /* Validate parameters. */
+    if ((key == NULL) || (len < 0) || (data == NULL)) {
+        WOLFSSL_MSG("bad argument passed in");
+    }
+    else {
+        /* Reset wolfCrypt Arc4 object. */
+        XMEMSET(key, 0, sizeof(WOLFSSL_RC4_KEY));
+        /* Set key into wolfCrypt Arc4 object. */
+        wc_Arc4SetKey((Arc4*)key, data, (word32)len);
+    }
+}
+
+
+/* Encrypt/decrypt with Arc4 key.
+ *
+ * @param [in]  len  Length of data to encrypt/decrypt.
+ * @param [in]  in   Data to encrypt/decrypt.
+ * @param [out] out  Enciphered data.
+ */
+void wolfSSL_RC4(WOLFSSL_RC4_KEY* key, size_t len, const unsigned char* in,
+    unsigned char* out)
+{
+    WOLFSSL_ENTER("wolfSSL_RC4");
+
+    /* Validate parameters. */
+    if ((key == NULL) || (in == NULL) || (out == NULL)) {
+        WOLFSSL_MSG("Bad argument passed in");
+    }
+    else {
+        /* Encrypt/decrypt data. */
+        wc_Arc4Process((Arc4*)key, out, in, (word32)len);
+    }
+}
+#endif /* NO_RC4 */
+
+#endif /* OPENSSL_EXTRA */
+
+/*******************************************************************************
+ * END OF RC4 API
+ ******************************************************************************/
+
+#endif /* WOLFSSL_SSL_CRYPTO_INCLUDED */
+
diff --git a/extra/wolfssl/wolfssl/src/ssl_misc.c b/extra/wolfssl/wolfssl/src/ssl_misc.c
index af0b99ba..9bc42ddd 100644
--- a/extra/wolfssl/wolfssl/src/ssl_misc.c
+++ b/extra/wolfssl/wolfssl/src/ssl_misc.c
@@ -203,8 +203,12 @@ static int wolfssl_read_bio(WOLFSSL_BIO* bio, char** data, int* dataSz,
     return ret;
 }
 #endif /* !NO_BIO */
+#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
 
-#if !defined(NO_FILESYSTEM)
+#if (defined(OPENSSL_EXTRA) || defined(PERSIST_CERT_CACHE) || \
+     (!defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+      !defined(WOLFSSL_NO_CLIENT_AUTH)))) && !defined(WOLFCRYPT_ONLY) && \
+    !defined(NO_FILESYSTEM)
 /* Read all the data from a file.
  *
  * @param [in]  fp          File pointer to read with.
@@ -253,7 +257,10 @@ static int wolfssl_file_len(XFILE fp, long* fileSz)
 
     return ret;
 }
+#endif
 
+#if (defined(OPENSSL_EXTRA) || defined(PERSIST_CERT_CACHE)) && \
+    !defined(WOLFCRYPT_ONLY) && !defined(NO_FILESYSTEM)
 /* Read all the data from a file.
  *
  * @param [in]  fp          File pointer to read with.
@@ -290,7 +297,7 @@ static int wolfssl_read_file(XFILE fp, char** data, int* dataSz)
     XFREE(mem, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }
-#endif /* !NO_FILESYSTEM */
-#endif /* OPENSSL_EXTRA && !WOLFCRYPT_ONLY */
+#endif /* (OPENSSL_EXTRA || PERSIST_CERT_CACHE) && !WOLFCRYPT_ONLY &&
+        * !NO_FILESYSTEM */
 #endif /* !WOLFSSL_SSL_MISC_INCLUDED */
 
diff --git a/extra/wolfssl/wolfssl/src/tls.c b/extra/wolfssl/wolfssl/src/tls.c
index 656a337f..48d76dfa 100644
--- a/extra/wolfssl/wolfssl/src/tls.c
+++ b/extra/wolfssl/wolfssl/src/tls.c
@@ -106,7 +106,8 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions);
 #endif
 
 /* Warn if secrets logging is enabled */
-#if defined(SHOW_SECRETS) || defined(WOLFSSL_SSLKEYLOGFILE)
+#if (defined(SHOW_SECRETS) || defined(WOLFSSL_SSLKEYLOGFILE)) && \
+    !defined(WOLFSSL_KEYLOG_EXPORT_WARNED)
     #ifndef _MSC_VER
         #warning The SHOW_SECRETS and WOLFSSL_SSLKEYLOGFILE options should only be used for debugging and never in a production environment
     #else
@@ -114,13 +115,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions);
     #endif
 #endif
 
-/* Optional Pre-Master-Secret logging for Wireshark */
-#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE)
-#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
-    #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
-#endif
-#endif
-
 #ifndef WOLFSSL_NO_TLS12
 
 #ifdef WOLFSSL_SHA384
@@ -157,6 +151,12 @@ int BuildTlsHandshakeHash(WOLFSSL* ssl, byte* hash, word32* hashLen)
             hashSz = WC_SHA384_DIGEST_SIZE;
         }
 #endif
+#ifdef WOLFSSL_SM3
+        if (ssl->specs.mac_algorithm == sm3_mac) {
+            ret |= wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+            hashSz = WC_SM3_DIGEST_SIZE;
+        }
+#endif
     }
 
     *hashLen = hashSz;
@@ -517,6 +517,21 @@ int MakeTlsMasterSecret(WOLFSSL* ssl)
 {
     int ret;
 
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support, obtain
+     * the master secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        ret = ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                                   SNIFFER_SECRET_TLS12_MASTER_SECRET,
+                                   ssl->arrays->masterSecret);
+        if (ret != 0) {
+            return ret;
+        }
+        ret = DeriveTlsKeys(ssl);
+        return ret;
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
 #ifdef HAVE_EXTENDED_MASTER
     if (ssl->options.haveEMS) {
         word32 hashSz = HSHASH_SZ;
@@ -663,50 +678,6 @@ int wolfSSL_make_eap_keys(WOLFSSL* ssl, void* msk, unsigned int len,
     return ret;
 }
 
-int wolfSSL_GetHmacType_ex(CipherSpecs* specs)
-{
-    if (specs == NULL)
-        return BAD_FUNC_ARG;
-
-    switch (specs->mac_algorithm) {
-        #ifndef NO_MD5
-        case md5_mac:
-        {
-            return WC_MD5;
-        }
-        #endif
-        #ifndef NO_SHA256
-        case sha256_mac:
-        {
-            return WC_SHA256;
-        }
-        #endif
-        #ifdef WOLFSSL_SHA384
-        case sha384_mac:
-        {
-            return WC_SHA384;
-        }
-
-        #endif
-        #ifndef NO_SHA
-        case sha_mac:
-        {
-            return WC_SHA;
-        }
-        #endif
-        #ifdef HAVE_BLAKE2
-        case blake2b_mac:
-        {
-            return BLAKE2B_ID;
-        }
-        #endif
-        default:
-        {
-            return WOLFSSL_FATAL_ERROR;
-        }
-    }
-}
-
 /* return HMAC digest type in wolfSSL format */
 int wolfSSL_GetHmacType(WOLFSSL* ssl)
 {
@@ -775,6 +746,12 @@ static int Hmac_HashUpdate(Hmac* hmac, const byte* data, word32 sz)
             break;
     #endif /* WOLFSSL_SHA512 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_Sm3Update(&hmac->hash.sm3, data, sz);
+            break;
+    #endif /* WOLFSSL_SM3 */
+
         default:
             break;
     }
@@ -817,6 +794,12 @@ static int Hmac_HashFinalRaw(Hmac* hmac, unsigned char* hash)
             break;
     #endif /* WOLFSSL_SHA512 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_Sm3FinalRaw(&hmac->hash.sm3, hash);
+            break;
+    #endif /* WOLFSSL_SM3 */
+
         default:
             break;
     }
@@ -913,6 +896,14 @@ static int Hmac_UpdateFinal_CT(Hmac* hmac, byte* digest, const byte* in,
             break;
     #endif /* WOLFSSL_SHA512 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            blockSz = WC_SM3_BLOCK_SIZE;
+            blockBits = 6;
+            padSz = WC_SM3_BLOCK_SIZE - WC_SM3_PAD_SIZE + 1;
+            break;
+    #endif /* WOLFSSL_SM3 */
+
         default:
             return BAD_FUNC_ARG;
     }
@@ -1028,7 +1019,7 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
                             word32 sz, byte* header)
 {
     byte       dummy[WC_MAX_BLOCK_SIZE] = {0};
-    int        ret;
+    int        ret = 0;
     word32     msgSz, blockSz, macSz, padSz, maxSz, realSz;
     word32     offset = 0;
     int        msgBlocks, blocks, blockBits;
@@ -1080,7 +1071,17 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
             break;
     #endif /* HAVE_BLAKE2 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            blockSz = WC_SM3_BLOCK_SIZE;
+            blockBits = 6;
+            macSz = WC_SM3_DIGEST_SIZE;
+            padSz = WC_SM3_BLOCK_SIZE - WC_SM3_PAD_SIZE + 1;
+            break;
+    #endif
+
         default:
+            WOLFSSL_MSG("ERROR: Hmac_UpdateFinal failed, no hmac->macType");
             return BAD_FUNC_ARG;
     }
 
@@ -1089,6 +1090,8 @@ static int Hmac_UpdateFinal(Hmac* hmac, byte* digest, const byte* in,
     msgSz &= ~(0 - (msgSz >> 31));
     realSz = WOLFSSL_TLS_HMAC_INNER_SZ + msgSz;
     maxSz = WOLFSSL_TLS_HMAC_INNER_SZ + (sz - 1) - macSz;
+    /* Make negative result 0 */
+    maxSz &= ~(0 - (maxSz >> 31));
 
     /* Calculate #blocks processed in HMAC for max and real data. */
     blocks      = maxSz >> blockBits;
@@ -1227,6 +1230,55 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, int padSz,
 
 #endif /* !WOLFSSL_NO_TLS12 */
 
+int wolfSSL_GetHmacType_ex(CipherSpecs* specs)
+{
+    if (specs == NULL)
+        return BAD_FUNC_ARG;
+
+    switch (specs->mac_algorithm) {
+        #ifndef NO_MD5
+        case md5_mac:
+        {
+            return WC_MD5;
+        }
+        #endif
+        #ifndef NO_SHA256
+        case sha256_mac:
+        {
+            return WC_SHA256;
+        }
+        #endif
+        #ifdef WOLFSSL_SHA384
+        case sha384_mac:
+        {
+            return WC_SHA384;
+        }
+        #endif
+        #ifdef WOLFSSL_SM3
+        case sm3_mac:
+        {
+            return WC_SM3;
+        }
+        #endif
+        #ifndef NO_SHA
+        case sha_mac:
+        {
+            return WC_SHA;
+        }
+        #endif
+        #ifdef HAVE_BLAKE2
+        case blake2b_mac:
+        {
+            return BLAKE2B_ID;
+        }
+        #endif
+        default:
+        {
+            return WOLFSSL_FATAL_ERROR;
+        }
+    }
+}
+
 #ifdef HAVE_TLS_EXTENSIONS
 
 /**
@@ -1652,19 +1704,28 @@ int ALPN_Select(WOLFSSL *ssl)
 
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
     if (ssl->alpnSelect != NULL && ssl->options.side == WOLFSSL_SERVER_END) {
-        if (ssl->alpnSelect(ssl, &sel, &sel_len, ssl->alpn_peer_requested,
-                            ssl->alpn_peer_requested_length,
-                            ssl->alpnSelectArg) == 0) {
-            WOLFSSL_MSG("ALPN protocol match");
-        }
-        else {
-            sel = NULL;
-            sel_len = 0;
+        r = ssl->alpnSelect(ssl, &sel, &sel_len, ssl->alpn_peer_requested,
+                ssl->alpn_peer_requested_length, ssl->alpnSelectArg);
+        switch (r) {
+            case SSL_TLSEXT_ERR_OK:
+                WOLFSSL_MSG("ALPN protocol match");
+                break;
+            case SSL_TLSEXT_ERR_NOACK:
+                WOLFSSL_MSG("ALPN cb no match but not fatal");
+                sel = NULL;
+                sel_len = 0;
+                break;
+            case SSL_TLSEXT_ERR_ALERT_FATAL:
+            default:
+                WOLFSSL_MSG("ALPN cb no match and fatal");
+                SendAlert(ssl, alert_fatal, no_application_protocol);
+                WOLFSSL_ERROR_VERBOSE(UNKNOWN_ALPN_PROTOCOL_NAME_E);
+                return UNKNOWN_ALPN_PROTOCOL_NAME_E;
         }
     }
+    else
 #endif
-
-    if (sel == NULL) {
+    {
         r = ALPN_find_match(ssl, &extension, &sel, &sel_len,
                             ssl->alpn_peer_requested,
                             ssl->alpn_peer_requested_length);
@@ -1803,6 +1864,9 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
     if (extensions == NULL || data == NULL || dataSz == NULL)
         return BAD_FUNC_ARG;
 
+    *data = NULL;
+    *dataSz = 0;
+
     extension = TLSX_Find(extensions, TLSX_APPLICATION_LAYER_PROTOCOL);
     if (extension == NULL) {
         WOLFSSL_MSG("TLS extension not found");
@@ -1813,8 +1877,6 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
     alpn = (ALPN *)extension->data;
     if (alpn == NULL) {
         WOLFSSL_MSG("ALPN extension not found");
-        *data = NULL;
-        *dataSz = 0;
         WOLFSSL_ERROR_VERBOSE(WOLFSSL_FATAL_ERROR);
         return WOLFSSL_FATAL_ERROR;
     }
@@ -1853,7 +1915,7 @@ int TLSX_ALPN_GetRequest(TLSX* extensions, void** data, word16 *dataSz)
 
 #else /* HAVE_ALPN */
 
-#define ALPN_FREE_ALL(list, heap)
+#define ALPN_FREE_ALL(list, heap) WC_DO_NOTHING
 #define ALPN_GET_SIZE(list)     0
 #define ALPN_WRITE(a, b)        0
 #define ALPN_PARSE(a, b, c, d)  0
@@ -2470,7 +2532,7 @@ int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz,
 
 #else
 
-#define SNI_FREE_ALL(list, heap)
+#define SNI_FREE_ALL(list, heap) WC_DO_NOTHING
 #define SNI_GET_SIZE(list)     0
 #define SNI_WRITE(a, b)        0
 #define SNI_PARSE(a, b, c, d)  0
@@ -2810,7 +2872,7 @@ int TLSX_UseTrustedCA(TLSX** extensions, byte type,
 
 #else /* HAVE_TRUSTED_CA */
 
-#define TCA_FREE_ALL(list, heap)
+#define TCA_FREE_ALL(list, heap) WC_DO_NOTHING
 #define TCA_GET_SIZE(list)     0
 #define TCA_WRITE(a, b)        0
 #define TCA_PARSE(a, b, c, d)  0
@@ -2904,7 +2966,7 @@ int TLSX_UseMaxFragment(TLSX** extensions, byte mfl, void* heap)
 
 #else
 
-#define MFL_FREE_ALL(a, b)
+#define MFL_FREE_ALL(a, b) WC_DO_NOTHING
 #define MFL_GET_SIZE(a)       0
 #define MFL_WRITE(a, b)       0
 #define MFL_PARSE(a, b, c, d) 0
@@ -2981,6 +3043,12 @@ static void TLSX_CSR_Free(CertificateStatusRequest* csr, void* heap)
         break;
     }
 
+#ifdef WOLFSSL_TLS13
+    if (csr->response.buffer != NULL) {
+        XFREE(csr->response.buffer, csr->ssl->heap,
+                DYNAMIC_TYPE_TMP_BUFFER);
+    }
+#endif
     XFREE(csr, heap, DYNAMIC_TYPE_TLSX);
     (void)heap;
 }
@@ -3112,7 +3180,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                                      csr->status_type, csr->options, ssl,
                                      ssl->heap, ssl->devId);
             if (ret != WOLFSSL_SUCCESS)
-                return ret;
+                return ret == 0 ? -1 : ret;
 
             switch (csr->status_type) {
                 case WOLFSSL_CSR_OCSP:
@@ -3155,7 +3223,13 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                     ret = BUFFER_ERROR;
             }
             if (ret == 0) {
-                csr->response.buffer = (byte*)(input + offset);
+                csr->response.buffer = (byte*)XMALLOC(resp_length, ssl->heap,
+                        DYNAMIC_TYPE_TMP_BUFFER);
+                if (csr->response.buffer == NULL)
+                    ret = MEMORY_ERROR;
+            }
+            if (ret == 0) {
+                XMEMCPY(csr->response.buffer, input + offset, resp_length);
                 csr->response.length = resp_length;
             }
 
@@ -3217,7 +3291,7 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         ret = TLSX_UseCertificateStatusRequest(&ssl->extensions, status_type,
                                                  0, ssl, ssl->heap, ssl->devId);
         if (ret != WOLFSSL_SUCCESS)
-            return ret; /* throw error */
+            return ret == 0 ? -1 : ret; /* throw error */
 
     #if defined(WOLFSSL_TLS13)
         if (ssl->options.tls1_3) {
@@ -3233,15 +3307,22 @@ static int TLSX_CSR_Parse(WOLFSSL* ssl, const byte* input, word16 length,
             InitDecodedCert(cert, ssl->buffers.certificate->buffer,
                             ssl->buffers.certificate->length, ssl->heap);
             ret = ParseCert(cert, CERT_TYPE, 1, SSL_CM(ssl));
-            if (ret != 0 ) {
+            if (ret != 0) {
+                FreeDecodedCert(cert);
                 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
+                /* Let's not error out the connection if we can't verify our
+                 * cert */
+                if (ret == ASN_SELF_SIGNED_E || ret == ASN_NO_SIGNER_E)
+                    ret = 0;
                 return ret;
             }
             ret = TLSX_CSR_InitRequest(ssl->extensions, cert, ssl->heap);
             if (ret != 0 ) {
+                FreeDecodedCert(cert);
                 XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
                 return ret;
             }
+            FreeDecodedCert(cert);
             XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
 
             extension = TLSX_Find(ssl->extensions, TLSX_STATUS_REQUEST);
@@ -3326,7 +3407,7 @@ int TLSX_CSR_ForceRequest(WOLFSSL* ssl)
                 if (SSL_CM(ssl)->ocspEnabled) {
                     csr->request.ocsp.ssl = ssl;
                     return CheckOcspRequest(SSL_CM(ssl)->ocsp,
-                                                      &csr->request.ocsp, NULL);
+                                              &csr->request.ocsp, NULL, NULL);
                 }
                 else {
                     WOLFSSL_ERROR_VERBOSE(OCSP_LOOKUP_FAIL);
@@ -3396,7 +3477,7 @@ int TLSX_UseCertificateStatusRequest(TLSX** extensions, byte status_type,
 
 #else
 
-#define CSR_FREE_ALL(data, heap)
+#define CSR_FREE_ALL(data, heap) WC_DO_NOTHING
 #define CSR_GET_SIZE(a, b)    0
 #define CSR_WRITE(a, b, c)    0
 #define CSR_PARSE(a, b, c, d) 0
@@ -3758,7 +3839,7 @@ int TLSX_CSR2_ForceRequest(WOLFSSL* ssl)
                 if (SSL_CM(ssl)->ocspEnabled) {
                     csr2->request.ocsp[0].ssl = ssl;
                     return CheckOcspRequest(SSL_CM(ssl)->ocsp,
-                                                  &csr2->request.ocsp[0], NULL);
+                                          &csr2->request.ocsp[0], NULL, NULL);
                 }
                 else {
                     WOLFSSL_ERROR_VERBOSE(OCSP_LOOKUP_FAIL);
@@ -3842,7 +3923,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
 
 #else
 
-#define CSR2_FREE_ALL(data, heap)
+#define CSR2_FREE_ALL(data, heap) WC_DO_NOTHING
 #define CSR2_GET_SIZE(a, b)    0
 #define CSR2_WRITE(a, b, c)    0
 #define CSR2_PARSE(a, b, c, d) 0
@@ -3859,7 +3940,7 @@ int TLSX_UseCertificateStatusRequestV2(TLSX** extensions, byte status_type,
                        && !defined(HAVE_FFDHE) && !defined(HAVE_PQC)
 #error Elliptic Curves Extension requires Elliptic Curve Cryptography or liboqs groups. \
        Use --enable-ecc and/or --enable-liboqs in the configure script or \
-       define HAVE_ECC. Alternatively use FFDHE for DH ciphersuites.
+       define HAVE_ECC. Alternatively use FFDHE for DH cipher suites.
 #endif
 
 static int TLSX_SupportedCurve_New(SupportedCurve** curve, word16 name,
@@ -3986,6 +4067,21 @@ static void TLSX_SupportedCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
     for (i = 0; i < suites->suiteSz; i += 2) {
         if (suites->suites[i] == TLS13_BYTE)
             return;
+    #ifdef BUILD_TLS_SM4_GCM_SM3
+        if ((suites->suites[i] == CIPHER_BYTE) &&
+            (suites->suites[i+1] == TLS_SM4_GCM_SM3))
+            return;
+    #endif
+    #ifdef BUILD_TLS_SM4_CCM_SM3
+        if ((suites->suites[i] == CIPHER_BYTE) &&
+            (suites->suites[i+1] == TLS_SM4_CCM_SM3))
+            return;
+    #endif
+    #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+        if ((suites->suites[i] == SM_BYTE) &&
+            (suites->suites[i+1] == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+            return;
+    #endif
         if ((suites->suites[i] == ECC_BYTE) ||
             (suites->suites[i] == ECDHE_PSK_BYTE) ||
             (suites->suites[i] == CHACHA_BYTE)) {
@@ -4023,6 +4119,21 @@ static void TLSX_PointFormat_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
     for (i = 0; i < suites->suiteSz; i += 2) {
         if (suites->suites[i] == TLS13_BYTE)
             return;
+    #ifdef BUILD_TLS_SM4_GCM_SM3
+        if ((suites->suites[i] == CIPHER_BYTE) &&
+            (suites->suites[i+1] == TLS_SM4_GCM_SM3))
+            return;
+    #endif
+    #ifdef BUILD_TLS_SM4_CCM_SM3
+        if ((suites->suites[i] == CIPHER_BYTE) &&
+            (suites->suites[i+1] == TLS_SM4_CCM_SM3))
+            return;
+    #endif
+    #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+        if ((suites->suites[i] == SM_BYTE) &&
+            (suites->suites[i+1] == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+            return;
+    #endif
         if ((suites->suites[i] == ECC_BYTE) ||
             (suites->suites[i] == ECDHE_PSK_BYTE) ||
             (suites->suites[i] == CHACHA_BYTE)) {
@@ -4050,6 +4161,21 @@ static void TLSX_PointFormat_ValidateResponse(WOLFSSL* ssl, byte* semaphore)
 
     if (ssl->options.cipherSuite0 == TLS13_BYTE)
         return;
+#ifdef BUILD_TLS_SM4_GCM_SM3
+    if ((ssl->options.cipherSuite0 == CIPHER_BYTE) &&
+        (ssl->options.cipherSuite == TLS_SM4_GCM_SM3))
+        return;
+#endif
+#ifdef BUILD_TLS_SM4_CCM_SM3
+    if ((ssl->options.cipherSuite0 == CIPHER_BYTE) &&
+        (ssl->options.cipherSuite == TLS_SM4_CCM_SM3))
+        return;
+#endif
+#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+    if ((ssl->options.cipherSuite0 == SM_BYTE) &&
+        (ssl->options.cipherSuite == TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3))
+        return;
+#endif
 #if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
     if (ssl->options.cipherSuite0 == ECC_BYTE ||
         ssl->options.cipherSuite0 == ECDHE_PSK_BYTE ||
@@ -4064,7 +4190,7 @@ static void TLSX_PointFormat_ValidateResponse(WOLFSSL* ssl, byte* semaphore)
 
 #endif /* !NO_WOLFSSL_SERVER */
 
-#ifndef NO_WOLFSSL_CLIENT
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
 
 static word16 TLSX_SupportedCurve_GetSize(SupportedCurve* list)
 {
@@ -4094,7 +4220,7 @@ static word16 TLSX_PointFormat_GetSize(PointFormat* list)
     return length;
 }
 
-#ifndef NO_WOLFSSL_CLIENT
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
 
 static word16 TLSX_SupportedCurve_Write(SupportedCurve* list, byte* output)
 {
@@ -4585,8 +4711,7 @@ int TLSX_ValidateSupportedCurves(const WOLFSSL* ssl, byte first, byte second,
     #ifdef OPENSSL_EXTRA
         /* skip if name is not in supported ECC range
          * or disabled by user */
-        if (curve->name > WOLFSSL_ECC_MAX ||
-            wolfSSL_curve_is_disabled(ssl, curve->name))
+        if (wolfSSL_curve_is_disabled(ssl, curve->name))
             continue;
     #endif
 
@@ -4670,6 +4795,12 @@ int TLSX_ValidateSupportedCurves(const WOLFSSL* ssl, byte first, byte second,
                 octets = 32;
                 break;
         #endif /* HAVE_ECC_BRAINPOOL */
+        #ifdef WOLFSSL_SM2
+            case WOLFSSL_ECC_SM2P256V1:
+                oid = ECC_SM2P256V1_OID;
+                octets = 32;
+                break;
+        #endif /* WOLFSSL_SM2 */
     #endif
     #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
         #ifndef NO_ECC_SECP
@@ -4983,7 +5114,10 @@ int TLSX_UsePointFormat(TLSX** extensions, byte format, void* heap)
 #define EC_FREE_ALL         TLSX_SupportedCurve_FreeAll
 #define EC_VALIDATE_REQUEST TLSX_SupportedCurve_ValidateRequest
 
-#ifndef NO_WOLFSSL_CLIENT
+/* In TLS 1.2 the server never sends supported curve extension, but in TLS 1.3
+ * the server can send supported groups extension to indicate what it will
+ * support for later connections. */
+#if !defined(NO_WOLFSSL_CLIENT) || defined(WOLFSSL_TLS13)
 #define EC_GET_SIZE TLSX_SupportedCurve_GetSize
 #define EC_WRITE    TLSX_SupportedCurve_Write
 #else
@@ -5013,18 +5147,18 @@ int TLSX_UsePointFormat(TLSX** extensions, byte format, void* heap)
 
 #else
 
-#define EC_FREE_ALL(list, heap)
+#define EC_FREE_ALL(list, heap) WC_DO_NOTHING
 #define EC_GET_SIZE(list)         0
 #define EC_WRITE(a, b)            0
 #define EC_PARSE(a, b, c, d, e)   0
-#define EC_VALIDATE_REQUEST(a, b)
+#define EC_VALIDATE_REQUEST(a, b) WC_DO_NOTHING
 
-#define PF_FREE_ALL(list, heap)
+#define PF_FREE_ALL(list, heap)   WC_DO_NOTHING
 #define PF_GET_SIZE(list)         0
 #define PF_WRITE(a, b)            0
 #define PF_PARSE(a, b, c, d)      0
-#define PF_VALIDATE_REQUEST(a, b)
-#define PF_VALIDATE_RESPONSE(a, b)
+#define PF_VALIDATE_REQUEST(a, b) WC_DO_NOTHING
+#define PF_VALIDATE_RESPONSE(a, b) WC_DO_NOTHING
 
 #endif /* HAVE_SUPPORTED_CURVES */
 
@@ -5219,7 +5353,7 @@ int TLSX_AddEmptyRenegotiationInfo(TLSX** extensions, void* heap)
 
 #else
 
-#define SCR_FREE_ALL(a, heap)
+#define SCR_FREE_ALL(a, heap) WC_DO_NOTHING
 #define SCR_GET_SIZE(a, b)    0
 #define SCR_WRITE(a, b, c)    0
 #define SCR_PARSE(a, b, c, d) 0
@@ -5296,6 +5430,13 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, const byte* input,
             return 0;
         }
 
+#ifdef HAVE_SECURE_RENEGOTIATION
+        if (IsSCR(ssl)) {
+            WOLFSSL_MSG("Client sent session ticket during SCR. Ignoring.");
+            return 0;
+        }
+#endif
+
         if (length > SESSION_TICKET_LEN) {
             ret = BAD_TICKET_MSG_SZ;
             WOLFSSL_ERROR_VERBOSE(ret);
@@ -5418,8 +5559,8 @@ int TLSX_UseSessionTicket(TLSX** extensions, SessionTicket* ticket, void* heap)
 
 #else
 
-#define WOLF_STK_FREE(a, b)
-#define WOLF_STK_VALIDATE_REQUEST(a)
+#define WOLF_STK_FREE(a, b) WC_DO_NOTHING
+#define WOLF_STK_VALIDATE_REQUEST(a) WC_DO_NOTHING
 #define WOLF_STK_GET_SIZE(a, b)      0
 #define WOLF_STK_WRITE(a, b, c)      0
 #define WOLF_STK_PARSE(a, b, c, d)   0
@@ -5685,6 +5826,12 @@ static int TLSX_UseSRTP_Parse(WOLFSSL* ssl, const byte* input, word16 length,
         /* parse remainder one profile at a time, looking for match in CTX */
         ret = 0;
         for (i=offset; i<length; i+=OPAQUE16_LEN) {
+            if (length < (i + OPAQUE16_LEN)) {
+                WOLFSSL_MSG("Unexpected length when parsing SRTP profile");
+                ret = BUFFER_ERROR;
+                break;
+            }
+
             ato16(input+i, &profile_value);
             /* find first match */
             if (profile_value < 16 &&
@@ -5775,7 +5922,7 @@ static int TLSX_UseSRTP(TLSX** extensions, word16 profiles, void* heap)
     #define SRTP_WRITE    TLSX_UseSRTP_Write
     #define SRTP_GET_SIZE TLSX_UseSRTP_GetSize
 #else
-    #define SRTP_FREE(a, b)
+    #define SRTP_FREE(a, b) WC_DO_NOTHING
     #define SRTP_PARSE(a, b, c, d)      0
     #define SRTP_WRITE(a, b)            0
     #define SRTP_GET_SIZE(a)            0
@@ -6421,6 +6568,183 @@ int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, word16 len, byte* mac,
 #define CKE_PARSE(a, b, c, d) 0
 
 #endif
+
+#if defined(WOLFSSL_TLS13) && !defined(NO_CERTS) && \
+    !defined(WOLFSSL_NO_CA_NAMES) && defined(OPENSSL_EXTRA)
+/* Currently only settable through compatibility API */
+/******************************************************************************/
+/* Certificate Authorities                                                       */
+/******************************************************************************/
+
+static word16 TLSX_CA_Names_GetSize(void* data)
+{
+    WOLFSSL* ssl = (WOLFSSL*)data;
+    WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
+    word16 size = 0;
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        /* To add support use a different member like ssl->ca_names and
+         * add accessor functions:
+         * - *_set0_CA_list
+         * - *_get0_CA_list */
+        WOLFSSL_MSG("We don't currently support sending the client's list.");
+        return 0;
+    }
+
+    /* Length of names */
+    size += OPAQUE16_LEN;
+    for (names = SSL_CA_NAMES(ssl); names != NULL; names = names->next) {
+        byte seq[MAX_SEQ_SZ];
+        WOLFSSL_X509_NAME* name = names->data.name;
+
+        if (name != NULL) {
+            /* 16-bit length | SEQ | Len | DER of name */
+            size += (word16)(OPAQUE16_LEN + SetSequence(name->rawLen, seq) +
+                             name->rawLen);
+        }
+    }
+    return size;
+}
+
+static word16 TLSX_CA_Names_Write(void* data, byte* output)
+{
+    WOLFSSL* ssl = (WOLFSSL*)data;
+    WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
+    byte* len;
+
+    if (ssl->options.side == WOLFSSL_CLIENT_END) {
+        /* To add support use a different member like ssl->ca_names and
+         * add accessor functions:
+         * - *_set0_CA_list
+         * - *_get0_CA_list */
+        WOLFSSL_MSG("We don't currently support sending the client's list.");
+        return 0;
+    }
+
+    /* Reserve space for the length value */
+    len = output;
+    output += OPAQUE16_LEN;
+    for (names = SSL_CA_NAMES(ssl); names != NULL; names = names->next) {
+        byte seq[MAX_SEQ_SZ];
+        WOLFSSL_X509_NAME* name = names->data.name;
+
+        if (name != NULL) {
+            c16toa((word16)name->rawLen +
+                   (word16)SetSequence(name->rawLen, seq), output);
+            output += OPAQUE16_LEN;
+            output += SetSequence(name->rawLen, output);
+            XMEMCPY(output, name->raw, name->rawLen);
+            output += name->rawLen;
+        }
+    }
+    /* Write the total length */
+    c16toa((word16)(output - len - OPAQUE16_LEN), len);
+    return (word16)(output - len);
+}
+
+static int TLSX_CA_Names_Parse(WOLFSSL *ssl, const byte* input,
+                                  word16 length, byte isRequest)
+{
+    word16 extLen;
+
+    (void)isRequest;
+
+    if (ssl->options.side == WOLFSSL_SERVER_END) {
+        /* To add support use a different member like ssl->ca_names and
+         * add accessor functions:
+         * - *_set0_CA_list
+         * - *_get0_CA_list */
+        WOLFSSL_MSG("We don't currently support parsing the client's list.");
+        return 0;
+    }
+
+    if (ssl->client_ca_names != ssl->ctx->client_ca_names)
+        wolfSSL_sk_X509_NAME_pop_free(ssl->client_ca_names, NULL);
+    ssl->client_ca_names = wolfSSL_sk_X509_NAME_new(NULL);
+    if (ssl->client_ca_names == NULL)
+        return MEMORY_ERROR;
+
+    if (length < OPAQUE16_LEN)
+        return BUFFER_ERROR;
+
+    ato16(input, &extLen);
+    input += OPAQUE16_LEN;
+    length -= OPAQUE16_LEN;
+    if (extLen != length)
+        return BUFFER_ERROR;
+
+    while (length) {
+        word32 idx = 0;
+        WOLFSSL_X509_NAME* name = NULL;
+        int ret = 0;
+        int didInit = FALSE;
+        /* Use a DecodedCert struct to get access to GetName to
+         * parse DN name */
+#ifdef WOLFSSL_SMALL_STACK
+        DecodedCert *cert = (DecodedCert *)XMALLOC(
+            sizeof(*cert), ssl->heap, DYNAMIC_TYPE_DCERT);
+        if (cert == NULL)
+            return MEMORY_ERROR;
+#else
+        DecodedCert cert[1];
+#endif
+
+        if (length < OPAQUE16_LEN) {
+            ret = BUFFER_ERROR;
+        }
+
+        if (ret == 0) {
+            ato16(input, &extLen);
+            idx += OPAQUE16_LEN;
+
+            if (idx + extLen > length)
+                ret = BUFFER_ERROR;
+        }
+
+        if (ret == 0) {
+            InitDecodedCert(cert, input + idx, extLen, ssl->heap);
+            didInit = TRUE;
+            idx += extLen;
+            ret = GetName(cert, SUBJECT, extLen);
+        }
+
+        if (ret == 0 && (name = wolfSSL_X509_NAME_new()) == NULL)
+            ret = MEMORY_ERROR;
+
+        if (ret == 0) {
+            CopyDecodedName(name, cert, SUBJECT);
+            if (wolfSSL_sk_X509_NAME_push(ssl->client_ca_names, name)
+                    == WOLFSSL_FAILURE)
+                ret = MEMORY_ERROR;
+        }
+
+        if (didInit)
+            FreeDecodedCert(cert);
+
+#ifdef WOLFSSL_SMALL_STACK
+        XFREE(cert, ssl->heap, DYNAMIC_TYPE_DCERT);
+#endif
+        if (ret != 0)
+            return ret;
+
+        input += idx;
+        length -= (word16)idx;
+    }
+    return 0;
+}
+
+#define CAN_GET_SIZE  TLSX_CA_Names_GetSize
+#define CAN_WRITE     TLSX_CA_Names_Write
+#define CAN_PARSE     TLSX_CA_Names_Parse
+
+#else
+
+#define CAN_GET_SIZE(...)  0
+#define CAN_WRITE(...)     0
+#define CAN_PARSE(...)     0
+
+#endif
+
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
 /******************************************************************************/
 /* Signature Algorithms                                                       */
@@ -7087,7 +7411,7 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
     word16 curveId = (word16) ECC_CURVE_INVALID;
     ecc_key* eccKey = (ecc_key*)kse->key;
 
-    /* TODO: [TLS13] The key sizes should come from wolfcrypt. */
+    /* TODO: [TLS13] Get key sizes using wc_ecc_get_curve_size_from_id. */
     /* Translate named group to a curve id. */
     switch (kse->group) {
     #if (!defined(NO_ECC256)  || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
@@ -7097,6 +7421,12 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
             keySize = 32;
             break;
         #endif /* !NO_ECC_SECP */
+        #ifdef WOLFSSL_SM2
+        case WOLFSSL_ECC_SM2P256V1:
+            curveId = ECC_SM2P256V1;
+            keySize = 32;
+            break;
+        #endif /* !NO_ECC_SECP */
     #endif
     #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
         #ifndef NO_ECC_SECP
@@ -7120,15 +7450,6 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
     }
 
     if (kse->key == NULL) {
-        kse->keyLen = keySize;
-        kse->pubKeyLen = keySize * 2 + 1;
-
-    #if defined(WOLFSSL_RENESAS_TSIP_TLS)
-        ret = tsip_Tls13GenEccKeyPair(ssl, kse);
-        if (ret != CRYPTOCB_UNAVAILABLE) {
-            return ret;
-        }
-    #endif
         /* Allocate an ECC key to hold private key. */
         kse->key = (byte*)XMALLOC(sizeof(ecc_key), ssl->heap, DYNAMIC_TYPE_ECC);
         if (kse->key == NULL) {
@@ -7136,9 +7457,19 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
             return MEMORY_E;
         }
 
-        /* Make an ECC key */
+        /* Initialize an ECC key struct for the ephemeral key */
         ret = wc_ecc_init_ex((ecc_key*)kse->key, ssl->heap, ssl->devId);
+
         if (ret == 0) {
+            kse->keyLen = keySize;
+            kse->pubKeyLen = keySize * 2 + 1;
+
+        #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+            ret = tsip_Tls13GenEccKeyPair(ssl, kse);
+            if (ret != CRYPTOCB_UNAVAILABLE) {
+                return ret;
+            }
+        #endif
             /* setting eccKey means okay to call wc_ecc_free */
             eccKey = (ecc_key*)kse->key;
 
@@ -7150,11 +7481,21 @@ static int TLSX_KeyShare_GenEccKey(WOLFSSL *ssl, KeyShareEntry* kse)
                 /* set curve info for EccMakeKey "peer" info */
                 ret = wc_ecc_set_curve(eccKey, kse->keyLen, curveId);
                 if (ret == 0) {
-                    /* Generate ephemeral ECC key */
-                    /* For async this is called once and when event is done, the
-                    *   provided buffers in key be populated.
-                    * Final processing is x963 key export below. */
-                    ret = EccMakeKey(ssl, eccKey, eccKey);
+            #ifdef WOLFSSL_ASYNC_CRYPT
+                    /* Detect when private key generation is done */
+                    if (ssl->error == WC_PENDING_E &&
+                            eccKey->type == ECC_PRIVATEKEY) {
+                        ret = 0; /* ECC Key Generation is done */
+                    }
+                    else
+            #endif
+                    {
+                        /* Generate ephemeral ECC key */
+                        /* For async this is called once and when event is done, the
+                        *   provided buffers in key be populated.
+                        * Final processing is x963 key export below. */
+                        ret = EccMakeKey(ssl, eccKey, eccKey);
+                    }
                 }
             #ifdef WOLFSSL_ASYNC_CRYPT
                 if (ret == WC_PENDING_E)
@@ -7887,6 +8228,11 @@ static int TLSX_KeyShare_ProcessEcc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
             curveId = ECC_SECP256R1;
             break;
         #endif /* !NO_ECC_SECP */
+        #ifdef WOLFSSL_SM2
+        case WOLFSSL_ECC_SM2P256V1:
+            curveId = ECC_SM2P256V1;
+            break;
+        #endif
     #endif
     #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
         #ifndef NO_ECC_SECP
@@ -8044,7 +8390,7 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
         XMEMCPY(ssl->arrays->preMasterSecret, keyShareEntry->ke,
                 keyShareEntry->keLen);
         ssl->arrays->preMasterSz = keyShareEntry->keLen;
-        XFREE(keyShareEntry->ke, sl->heap, DYNAMIC_TYPE_SECRET)
+        XFREE(keyShareEntry->ke, ssl->heap, DYNAMIC_TYPE_SECRET)
         keyShareEntry->ke = NULL;
         keyShareEntry->keLen = 0;
         return 0;
@@ -8053,16 +8399,24 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
     /* I am the client, the ciphertext is in keyShareEntry->ke */
     findEccPqc(&ecc_group, &oqs_group, keyShareEntry->group);
 
+    ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Memory allocation error.");
+        return MEMORY_E;
+    }
+
     ret = kyber_id2type(oqs_group, &type);
     if (ret != 0) {
+        wc_ecc_free(&eccpubkey);
         WOLFSSL_MSG("Invalid OQS algorithm specified.");
-        ret = BAD_FUNC_ARG;
+        return BAD_FUNC_ARG;
     }
-    if (ret == 0) {
-        ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
-        if (ret != 0) {
-            WOLFSSL_MSG("Error creating Kyber KEM");
-        }
+
+    ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
+    if (ret != 0) {
+        wc_ecc_free(&eccpubkey);
+        WOLFSSL_MSG("Error creating Kyber KEM");
+        return MEMORY_E;
     }
 
     if (ret == 0) {
@@ -8086,12 +8440,6 @@ static int TLSX_KeyShare_ProcessPqc(WOLFSSL* ssl, KeyShareEntry* keyShareEntry)
         default:
             break;
         }
-
-        ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
-        if (ret != 0) {
-            WOLFSSL_MSG("Memory allocation error.");
-            ret = MEMORY_E;
-        }
     }
     if (ret == 0) {
         sharedSecret = (byte*)XMALLOC(sharedSecretLen, ssl->heap,
@@ -8320,8 +8668,7 @@ static int TLSX_SupportedGroups_Find(const WOLFSSL* ssl, word16 name,
     TLSX*          extension;
     SupportedCurve* curve = NULL;
 
-    if ((extension = TLSX_Find(extensions,
-                                              TLSX_SUPPORTED_GROUPS)) == NULL) {
+    if ((extension = TLSX_Find(extensions, TLSX_SUPPORTED_GROUPS)) == NULL) {
         if ((extension = TLSX_Find(ssl->ctx->extensions,
                                               TLSX_SUPPORTED_GROUPS)) == NULL) {
             return 0;
@@ -8392,7 +8739,7 @@ int TLSX_KeyShare_Parse_ClientHello(const WOLFSSL* ssl,
 int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                                byte msgType)
 {
-    int ret;
+    int ret = 0;
     KeyShareEntry *keyShareEntry = NULL;
     word16 group;
 
@@ -8472,12 +8819,7 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
                 return ret;
         }
 
-#ifdef HAVE_PQC
-        /* For post-quantum groups, do this in TLSX_PopulateExtensions(). */
-        if (!WOLFSSL_NAMED_GROUP_IS_PQC(group))
-#endif
-            ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL, &ssl->extensions);
-
+        ret = TLSX_KeyShare_Use(ssl, group, 0, NULL, NULL, &ssl->extensions);
         if (ret == 0)
             ssl->session->namedGroup = ssl->namedGroup = group;
     }
@@ -8553,16 +8895,22 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
     ret = kyber_id2type(oqs_group, &type);
     if (ret != 0) {
         WOLFSSL_MSG("Invalid Kyber algorithm specified.");
-        ret = BAD_FUNC_ARG;
+        return BAD_FUNC_ARG;
     }
 
-    if (ret == 0) {
-        ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
-        if (ret != 0) {
-            WOLFSSL_MSG("Could not do ECC public key initialization.");
-            ret = MEMORY_E;
-        }
+    ret = wc_ecc_init_ex(&eccpubkey, ssl->heap, ssl->devId);
+    if (ret != 0) {
+        WOLFSSL_MSG("Could not do ECC public key initialization.");
+        return MEMORY_E;
+    }
+
+    ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
+    if (ret != 0) {
+        wc_ecc_free(&eccpubkey);
+        WOLFSSL_MSG("Error creating Kyber KEM");
+        return MEMORY_E;
     }
+
     if (ret == 0) {
         ecc_kse = (KeyShareEntry*)XMALLOC(sizeof(*ecc_kse), ssl->heap,
             DYNAMIC_TYPE_TLSX);
@@ -8579,20 +8927,10 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
     if (ret == 0 && ecc_group != 0) {
         ecc_kse->group = ecc_group;
         ret = TLSX_KeyShare_GenEccKey(ssl, ecc_kse);
-        if (ret != 0) {
-            /* No message, TLSX_KeyShare_GenEccKey() will do it. */
-            return ret;
-        }
-        ret = 0;
+        /* No message, TLSX_KeyShare_GenEccKey() will do it. */
     }
 
     if (ret == 0) {
-        ret = wc_KyberKey_Init(type, kem, ssl->heap, INVALID_DEVID);
-        if (ret != 0) {
-            WOLFSSL_MSG("Error creating Kyber KEM");
-        }
-    }
-    if (ret == 0) {
         ret = wc_KyberKey_PublicKeySize(kem, &pubSz);
     }
     if (ret == 0) {
@@ -8609,7 +8947,7 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
 
     if (ret == 0) {
         sharedSecret = (byte*)XMALLOC(ecc_kse->keyLen + ssSz, ssl->heap,
-            DYNAMIC_TYPE_TLSX);
+            DYNAMIC_TYPE_SECRET);
         ciphertext = (byte*)XMALLOC(ecc_kse->pubKeyLen + ctSz, ssl->heap,
             DYNAMIC_TYPE_TLSX);
 
@@ -8675,11 +9013,15 @@ static int server_generate_pqc_ciphertext(WOLFSSL* ssl,
         keyShareEntry->pubKey = ciphertext;
         keyShareEntry->pubKeyLen = (word32)(ecc_kse->pubKeyLen + ctSz);
         ciphertext = NULL;
+
+        /* Set namedGroup so wolfSSL_get_curve_name() can function properly on
+         * the server side. */
+        ssl->namedGroup = keyShareEntry->group;
     }
 
     TLSX_KeyShare_FreeAll(ecc_kse, ssl->heap);
     if (sharedSecret != NULL)
-        XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_TLSX);
+        XFREE(sharedSecret, ssl->heap, DYNAMIC_TYPE_SECRET);
     if (ciphertext != NULL)
         XFREE(ciphertext, ssl->heap, DYNAMIC_TYPE_TLSX);
     wc_ecc_free(&eccpubkey);
@@ -8833,6 +9175,10 @@ static int TLSX_KeyShare_IsSupported(int namedGroup)
         case WOLFSSL_ECC_BRAINPOOLP256R1:
             break;
         #endif
+        #ifdef WOLFSSL_SM2
+        case WOLFSSL_ECC_SM2P256V1:
+            break;
+        #endif /* WOLFSSL_SM2 */
     #endif
     #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
         case WOLFSSL_ECC_X25519:
@@ -8948,6 +9294,9 @@ static const word16 preferredGroup[] = {
 #if defined(HAVE_ECC) && (!defined(NO_ECC256) || \
     defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 256
     WOLFSSL_ECC_SECP256R1,
+#if !defined(HAVE_FIPS) && defined(WOLFSSL_SM2)
+    WOLFSSL_ECC_SM2P256V1,
+#endif
 #endif
 #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256
     WOLFSSL_ECC_X25519,
@@ -9123,7 +9472,7 @@ int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl, TLSX** extensions)
 
 /* Server side KSE processing */
 int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
-                         KeyShareEntry** kse, byte* searched)
+    byte cipherSuite0, byte cipherSuite, KeyShareEntry** kse, byte* searched)
 {
     TLSX*          extension;
     KeyShareEntry* clientKSE = NULL;
@@ -9132,6 +9481,9 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
     int preferredRank = WOLFSSL_MAX_GROUP_COUNT;
     int rank;
 
+    (void)cipherSuite0;
+    (void)cipherSuite;
+
     if (ssl == NULL || ssl->options.side != WOLFSSL_SERVER_END)
         return BAD_FUNC_ARG;
 
@@ -9162,6 +9514,19 @@ int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
         if (clientKSE->ke == NULL)
             continue;
 
+#ifdef WOLFSSL_SM2
+        if ((cipherSuite0 == CIPHER_BYTE) &&
+            ((cipherSuite == TLS_SM4_GCM_SM3) ||
+             (cipherSuite == TLS_SM4_CCM_SM3))) {
+           if (clientKSE->group != WOLFSSL_ECC_SM2P256V1) {
+               continue;
+           }
+        }
+        else if (clientKSE->group == WOLFSSL_ECC_SM2P256V1) {
+           continue;
+        }
+#endif
+
         /* Check consistency now - extensions in any order. */
         if (!TLSX_SupportedGroups_Find(ssl, clientKSE->group, extensions))
             continue;
@@ -9275,6 +9640,7 @@ int TLSX_KeyShare_Setup(WOLFSSL *ssl, KeyShareEntry* clientKSE)
     serverKSE->keLen = clientKSE->keLen;
     clientKSE->ke = NULL;
     clientKSE->keLen = 0;
+    ssl->namedGroup = serverKSE->group;
 
     TLSX_KeyShare_FreeAll((KeyShareEntry*)extension->data, ssl->heap);
     extension->data = (void *)serverKSE;
@@ -9297,7 +9663,8 @@ int TLSX_KeyShare_Establish(WOLFSSL *ssl, int* doHelloRetry)
 
     *doHelloRetry = 0;
 
-    ret = TLSX_KeyShare_Choose(ssl, ssl->extensions, &clientKSE, &searched);
+    ret = TLSX_KeyShare_Choose(ssl, ssl->extensions, ssl->cipher.cipherSuite0,
+        ssl->cipher.cipherSuite, &clientKSE, &searched);
     if (ret != 0 || !searched)
         return ret;
 
@@ -9325,7 +9692,7 @@ int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl)
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, NULL);
     /* Check for error */
-    if (ret != WC_NOT_PENDING_E && ret < 0) {
+    if (ret != WC_NO_PENDING_E && ret < 0) {
         return ret;
     }
 #endif
@@ -9351,7 +9718,7 @@ int TLSX_KeyShare_DeriveSecret(WOLFSSL *ssl)
 
 #else
 
-#define KS_FREE_ALL(a, b)
+#define KS_FREE_ALL(a, b) WC_DO_NOTHING
 #define KS_GET_SIZE(a, b)    0
 #define KS_WRITE(a, b, c)    0
 #define KS_PARSE(a, b, c, d) 0
@@ -9501,7 +9868,7 @@ static int TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
         word16 len;
         int ret;
 
-        /* Write identites only. Binders after HMACing over this. */
+        /* Write identities only. Binders after HMACing over this. */
         lenIdx = idx;
         idx += OPAQUE16_LEN;
         while (current != NULL) {
@@ -9518,7 +9885,7 @@ static int TLSX_PreSharedKey_Write(PreSharedKey* list, byte* output,
 
             current = current->next;
         }
-        /* Length of the identites. */
+        /* Length of the identities. */
         len = idx - lenIdx - OPAQUE16_LEN;
         c16toa(len, output + lenIdx);
 
@@ -9779,6 +10146,12 @@ static WC_INLINE byte GetHmacLength(int hmac)
         case sha512_mac:
             return WC_SHA512_DIGEST_SIZE;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            return WC_SM3_DIGEST_SIZE;
+    #endif
+        default:
+            break;
     }
     return 0;
 }
@@ -9790,8 +10163,8 @@ static WC_INLINE byte GetHmacLength(int hmac)
  * len           The length of the identity data.
  * age           The age of the identity.
  * hmac          The HMAC algorithm.
- * ciphersuite0  The first byte of the ciphersuite to use.
- * ciphersuite   The second byte of the ciphersuite to use.
+ * cipherSuite0  The first byte of the cipher suite to use.
+ * cipherSuite   The second byte of the cipher suite to use.
  * resumption    The PSK is for resumption of a session.
  * preSharedKey  The new pre-shared key object.
  * returns 0 on success and other values indicate failure.
@@ -9857,7 +10230,7 @@ int TLSX_PreSharedKey_Use(TLSX** extensions, const byte* identity, word16 len,
 
 #else
 
-#define PSK_FREE_ALL(a, b)
+#define PSK_FREE_ALL(a, b) WC_DO_NOTHING
 #define PSK_GET_SIZE(a, b, c) 0
 #define PSK_WRITE(a, b, c, d) 0
 #define PSK_PARSE(a, b, c, d) 0
@@ -9979,7 +10352,10 @@ static int TLSX_PskKeModes_Parse(WOLFSSL* ssl, const byte* input, word16 length,
     if (ret == 0)
         ret = TLSX_PskKeyModes_Use(ssl, modes);
 
-    WOLFSSL_ERROR_VERBOSE(ret);
+    if (ret != 0) {
+        WOLFSSL_ERROR_VERBOSE(ret);
+    }
+
     return ret;
 }
 
@@ -10397,6 +10773,497 @@ static int TLSX_QuicTP_Parse(WOLFSSL *ssl, const byte *input, size_t len, int ex
 #define CID_FREE(a, b) 0
 #endif /* defined(WOLFSSL_DTLS_CID) */
 
+#if defined(HAVE_RPK)
+/******************************************************************************/
+/* Client_Certificate_Type extension                                          */
+/******************************************************************************/
+/* return 1 if specified type is included in the given list, otherwise 0 */
+static int IsCertTypeListed(byte type, byte cnt, const byte* list)
+{
+    int ret = 0;
+    int i;
+
+    if (cnt == 0 || list == NULL)
+        return ret;
+
+    if (cnt > 0 && cnt <= MAX_CLIENT_CERT_TYPE_CNT) {
+        for (i = 0; i < cnt; i++) {
+            if (list[i] == type)
+                return 1;
+        }
+    }
+    return 0;
+}
+
+/* Search both arrays from above to find a common value between the two given
+ * arrays(a and b). return 1 if it finds a common value, otherwise return 0.
+ */
+static int GetCommonItem(const byte* a, byte aLen, const byte* b, byte bLen,
+                                                                    byte* type)
+{
+    int i, j;
+
+    if (a == NULL || b == NULL)
+        return 0;
+
+    for (i = 0; i < aLen; i++) {
+        for (j = 0; j < bLen; j++) {
+            if (a[i] == b[j]) {
+                *type = a[i];
+                return 1;
+            }
+        }
+    }
+    return 0;
+}
+
+/* Creates a "client certificate type" extension if necessary.
+ * Returns 0 if no error occurred, negative value otherwise.
+ * A return of 0, it does not indicae that the extension was created.
+ */
+static int TLSX_ClientCertificateType_Use(WOLFSSL* ssl, byte isServer)
+{
+    int ret = 0;
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (isServer) {
+        /* [in server side]
+         */
+
+        if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+                        ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+                        ssl->options.rpkConfig.preferred_ClientCertTypes)) {
+
+            WOLFSSL_MSG("Adding Client Certificate Type extension");
+            ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE, ssl,
+                                                                    ssl->heap);
+            if (ret == 0) {
+                TLSX_SetResponse(ssl, TLSX_CLIENT_CERTIFICATE_TYPE);
+            }
+        }
+    }
+    else {
+        /* [in client side]
+         * This extension MUST be omitted from the ClientHello unless the RPK
+         * certificate is preferred by the user and actually loaded.
+         */
+
+        if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+                        ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+                        ssl->options.rpkConfig.preferred_ClientCertTypes)) {
+
+            if (ssl->options.rpkState.isRPKLoaded) {
+
+                ssl->options.rpkState.sending_ClientCertTypeCnt = 1;
+                ssl->options.rpkState.sending_ClientCertTypes[0] =
+                                                        WOLFSSL_CERT_TYPE_RPK;
+
+                /* Push new client_certificate_type extension. */
+                WOLFSSL_MSG("Adding Client Certificate Type extension");
+                ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE,
+                                                                ssl, ssl->heap);
+            }
+            else {
+                WOLFSSL_MSG("Willing to use RPK cert but not loaded it");
+            }
+        }
+        else {
+            WOLFSSL_MSG("No will to use RPK cert");
+        }
+    }
+    return ret;
+}
+
+/* Parse a "client certificate type" extension received from peer.
+ * returns 0 on success and other values indicate failure.
+ */
+static int TLSX_ClientCertificateType_Parse(WOLFSSL* ssl, const byte* input,
+                                                word16 length, byte msgType)
+{
+    byte typeCnt;
+    int idx = 0;
+    int ret = 0;
+    int i;
+    int populate = 0;
+    byte  cmnType;
+
+
+    if (msgType == client_hello) {
+        /* [parse ClientHello in server end]
+         * case 1) if peer verify is disabled, this extension must be omitted
+         *         from ServerHello.
+         * case 2) if user have not set his preference, find X509 in parsed
+         *         result, then populate "Client Certificate Type" extension.
+         * case 3) if user have not set his preference and X509 isn't included
+         *         in parsed result, send "unsupported certificate" alert.
+         * case 4) if user have set his preference, find a common cert type
+         *         in users preference and received cert types.
+         * case 5) if user have set his preference, but no common cert type
+         *         found.
+         */
+
+        /* case 1 */
+        if (ssl->options.verifyNone) {
+            return ret;
+        }
+
+        /* parse extension */
+        if (length < OPAQUE8_LEN)
+            return BUFFER_E;
+
+        typeCnt = input[idx];
+
+        if (typeCnt > MAX_CLIENT_CERT_TYPE_CNT)
+            return BUFFER_E;
+
+        if ((typeCnt + 1) * OPAQUE8_LEN != length){
+            return BUFFER_E;
+        }
+
+        ssl->options.rpkState.received_ClientCertTypeCnt = input[idx];
+        idx += OPAQUE8_LEN;
+
+        for (i = 0; i < typeCnt; i++) {
+            ssl->options.rpkState.received_ClientCertTypes[i] = input[idx];
+            idx += OPAQUE8_LEN;
+        }
+
+        if (ssl->options.rpkConfig.preferred_ClientCertTypeCnt == 0) {
+            /* case 2 */
+            if (IsCertTypeListed(WOLFSSL_CERT_TYPE_X509,
+                            ssl->options.rpkState.received_ClientCertTypeCnt,
+                            ssl->options.rpkState.received_ClientCertTypes)) {
+
+                ssl->options.rpkState.sending_ClientCertTypeCnt = 1;
+                ssl->options.rpkState.sending_ClientCertTypes[0] =
+                                                        WOLFSSL_CERT_TYPE_X509;
+                populate = 1;
+            }
+            /* case 3 */
+            else {
+                WOLFSSL_MSG("No common cert type found in client_certificate_type ext");
+                SendAlert(ssl, alert_fatal, unsupported_certificate);
+                return UNSUPPORTED_CERTIFICATE;
+            }
+        }
+        else if (ssl->options.rpkConfig.preferred_ClientCertTypeCnt > 0) {
+            /* case 4 */
+            if (GetCommonItem(
+                            ssl->options.rpkConfig.preferred_ClientCertTypes,
+                            ssl->options.rpkConfig.preferred_ClientCertTypeCnt,
+                            ssl->options.rpkState.received_ClientCertTypes,
+                            ssl->options.rpkState.received_ClientCertTypeCnt,
+                            &cmnType)) {
+                ssl->options.rpkState.sending_ClientCertTypeCnt  = 1;
+                ssl->options.rpkState.sending_ClientCertTypes[0] = cmnType;
+                populate = 1;
+            }
+            /* case 5 */
+            else {
+                WOLFSSL_MSG("No common cert type found in client_certificate_type ext");
+                SendAlert(ssl, alert_fatal, unsupported_certificate);
+                return UNSUPPORTED_CERTIFICATE;
+            }
+        }
+
+        /* populate client_certificate_type extension */
+        if (populate) {
+            WOLFSSL_MSG("Adding Client Certificate Type extension");
+            ret = TLSX_Push(&ssl->extensions, TLSX_CLIENT_CERTIFICATE_TYPE, ssl,
+                                                                    ssl->heap);
+            if (ret == 0) {
+                TLSX_SetResponse(ssl, TLSX_CLIENT_CERTIFICATE_TYPE);
+            }
+        }
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* parse it in client side */
+        if (length == 1) {
+            ssl->options.rpkState.received_ClientCertTypeCnt  = 1;
+            ssl->options.rpkState.received_ClientCertTypes[0] = *input;
+        }
+        else {
+            return BUFFER_E;
+        }
+    }
+
+    return ret;
+}
+
+/* Write out the "client certificate type" extension data into the given buffer.
+ * return the size wrote in the buffer on success, negative value on error.
+ */
+static word16 TLSX_ClientCertificateType_Write(void* data, byte* output,
+                                              byte msgType)
+{
+    WOLFSSL* ssl = (WOLFSSL*)data;
+    word16 idx = 0;
+    byte cnt = 0;
+    int i;
+
+    /* skip to write extension if count is zero */
+    cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;
+
+    if (cnt == 0)
+        return 0;
+
+    if (msgType == client_hello) {
+        /* client side */
+
+        *(output + idx) = cnt;
+        idx += OPAQUE8_LEN;
+
+        for (i = 0; i < cnt; i++) {
+            *(output + idx) = ssl->options.rpkState.sending_ClientCertTypes[i];
+            idx += OPAQUE8_LEN;
+        }
+        return idx;
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* sever side */
+        if (cnt == 1) {
+            *(output + idx) = ssl->options.rpkState.sending_ClientCertTypes[0];
+            idx += OPAQUE8_LEN;
+        }
+    }
+    return idx;
+}
+
+/* Calculate then return the size of the "client certificate type" extension
+ * data.
+ * return the extension data size on success, negative value on error.
+*/
+static int TLSX_ClientCertificateType_GetSize(WOLFSSL* ssl, byte msgType)
+{
+    int ret = 0;
+    byte cnt;
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (msgType == client_hello) {
+        /* client side */
+        cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;
+        ret = (int)(OPAQUE8_LEN + cnt * OPAQUE8_LEN);
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* sever side */
+        cnt = ssl->options.rpkState.sending_ClientCertTypeCnt;/* must be one */
+        ret = OPAQUE8_LEN;
+    }
+    else {
+        return SANITY_MSG_E;
+    }
+    return ret;
+}
+
+    #define CCT_GET_SIZE  TLSX_ClientCertificateType_GetSize
+    #define CCT_WRITE     TLSX_ClientCertificateType_Write
+    #define CCT_PARSE     TLSX_ClientCertificateType_Parse
+#else
+    #define CCT_GET_SIZE(a)  0
+    #define CCT_WRITE(a, b)  0
+    #define CCT_PARSE(a, b, c, d) 0
+#endif /* HAVE_RPK */
+
+#if defined(HAVE_RPK)
+/******************************************************************************/
+/* Server_Certificate_Type extension                                          */
+/******************************************************************************/
+/* Creates a "server certificate type" extension if necessary.
+ * Returns 0 if no error occurred, negative value otherwise.
+ * A return of 0, it does not indicae that the extension was created.
+ */
+static int TLSX_ServerCertificateType_Use(WOLFSSL* ssl, byte isServer)
+{
+    int ret = 0;
+    byte ctype;
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (isServer) {
+        /* [in server side] */
+        /* find common cert type to both end */
+        if (GetCommonItem(
+                ssl->options.rpkConfig.preferred_ServerCertTypes,
+                ssl->options.rpkConfig.preferred_ServerCertTypeCnt,
+                ssl->options.rpkState.received_ServerCertTypes,
+                ssl->options.rpkState.received_ServerCertTypeCnt,
+                &ctype)) {
+            ssl->options.rpkState.sending_ServerCertTypeCnt = 1;
+            ssl->options.rpkState.sending_ServerCertTypes[0] = ctype;
+
+            /* Push new server_certificate_type extension. */
+            WOLFSSL_MSG("Adding Server Certificate Type extension");
+            ret = TLSX_Push(&ssl->extensions, TLSX_SERVER_CERTIFICATE_TYPE, ssl,
+                                                                    ssl->heap);
+            if (ret == 0) {
+                TLSX_SetResponse(ssl, TLSX_SERVER_CERTIFICATE_TYPE);
+            }
+        }
+        else {
+            /* no common cert type found */
+            WOLFSSL_MSG("No common cert type found in server_certificate_type ext");
+            SendAlert(ssl, alert_fatal, unsupported_certificate);
+            ret = UNSUPPORTED_CERTIFICATE;
+        }
+    }
+    else {
+        /* [in client side] */
+        if (IsCertTypeListed(WOLFSSL_CERT_TYPE_RPK,
+                            ssl->options.rpkConfig.preferred_ServerCertTypeCnt,
+                            ssl->options.rpkConfig.preferred_ServerCertTypes)) {
+
+            ssl->options.rpkState.sending_ServerCertTypeCnt =
+                        ssl->options.rpkConfig.preferred_ServerCertTypeCnt;
+            XMEMCPY(ssl->options.rpkState.sending_ServerCertTypes,
+                    ssl->options.rpkConfig.preferred_ServerCertTypes,
+                    ssl->options.rpkConfig.preferred_ServerCertTypeCnt);
+
+            /* Push new server_certificate_type extension. */
+            WOLFSSL_MSG("Adding Server Certificate Type extension");
+            ret = TLSX_Push(&ssl->extensions, TLSX_SERVER_CERTIFICATE_TYPE, ssl,
+                                                                    ssl->heap);
+        }
+        else {
+            WOLFSSL_MSG("No will to accept RPK cert");
+        }
+    }
+
+    return ret;
+}
+
+/* Parse a "server certificate type" extension received from peer.
+ * returns 0 on success and other values indicate failure.
+ */
+static int TLSX_ServerCertificateType_Parse(WOLFSSL* ssl, const byte* input,
+                                                word16 length, byte msgType)
+{
+    byte typeCnt;
+    int idx = 0;
+    int ret = 0;
+    int i;
+
+    if (msgType == client_hello) {
+        /* in server side */
+
+        if (length < OPAQUE8_LEN)
+            return BUFFER_E;
+
+        typeCnt = input[idx];
+
+        if (typeCnt > MAX_SERVER_CERT_TYPE_CNT)
+            return BUFFER_E;
+
+        if ((typeCnt + 1) * OPAQUE8_LEN != length){
+            return BUFFER_E;
+        }
+        ssl->options.rpkState.received_ServerCertTypeCnt = input[idx];
+        idx += OPAQUE8_LEN;
+
+        for (i = 0; i < typeCnt; i++) {
+            ssl->options.rpkState.received_ServerCertTypes[i] = input[idx];
+            idx += OPAQUE8_LEN;
+        }
+
+        ret = TLSX_ServerCertificateType_Use(ssl, 1);
+        if (ret == 0) {
+            TLSX_SetResponse(ssl, TLSX_SERVER_CERTIFICATE_TYPE);
+        }
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* in client side */
+        if (length != 1)                     /* length slould be 1 */
+            return BUFFER_E;
+
+        ssl->options.rpkState.received_ServerCertTypeCnt  = 1;
+        ssl->options.rpkState.received_ServerCertTypes[0] = *input;
+    }
+
+    return 0;
+}
+
+/* Write out the "server certificate type" extension data into the given buffer.
+ * return the size wrote in the buffer on success, negative value on error.
+ */
+static word16 TLSX_ServerCertificateType_Write(void* data, byte* output,
+                                                                byte msgType)
+{
+    WOLFSSL* ssl = (WOLFSSL*)data;
+    word16 idx = 0;
+    int cnt = 0;
+    int i;
+
+    /* skip to write extension if count is zero */
+    cnt = ssl->options.rpkState.sending_ServerCertTypeCnt;
+
+    if (cnt == 0)
+        return 0;
+
+    if (msgType == client_hello) {
+        /* in client side */
+
+        *(output + idx) = cnt;
+        idx += OPAQUE8_LEN;
+
+        for (i = 0; i < cnt; i++) {
+            *(output + idx) = ssl->options.rpkState.sending_ServerCertTypes[i];
+            idx += OPAQUE8_LEN;
+        }
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* in server side */
+        /* ensure cnt is one */
+        if (cnt != 1)
+            return 0;
+
+        *(output + idx) =  ssl->options.rpkState.sending_ServerCertTypes[0];
+        idx += OPAQUE8_LEN;
+    }
+    return idx;
+}
+
+/* Calculate then return the size of the "server certificate type" extension
+ * data.
+ * return the extension data size on success, negative value on error.
+*/
+static int TLSX_ServerCertificateType_GetSize(WOLFSSL* ssl, byte msgType)
+{
+    int ret = 0;
+    int cnt;
+
+    if (ssl == NULL)
+        return BAD_FUNC_ARG;
+
+    if (msgType == client_hello) {
+        /* in clent side */
+        cnt = ssl->options.rpkState.sending_ServerCertTypeCnt;
+        if (cnt > 0) {
+            ret = (int)(OPAQUE8_LEN + cnt * OPAQUE8_LEN);
+        }
+    }
+    else if (msgType == server_hello || msgType == encrypted_extensions) {
+        /* in server side */
+        ret = (int)OPAQUE8_LEN;
+    }
+    else {
+        return SANITY_MSG_E;
+    }
+    return ret;
+}
+
+    #define SCT_GET_SIZE  TLSX_ServerCertificateType_GetSize
+    #define SCT_WRITE     TLSX_ServerCertificateType_Write
+    #define SCT_PARSE     TLSX_ServerCertificateType_Parse
+#else
+    #define SCT_GET_SIZE(a)  0
+    #define SCT_WRITE(a, b)  0
+    #define SCT_PARSE(a, b, c, d) 0
+#endif /* HAVE_RPK */
+
 /******************************************************************************/
 /* TLS Extensions Framework                                                   */
 /******************************************************************************/
@@ -11136,102 +12003,143 @@ void TLSX_FreeAll(TLSX* list, void* heap)
 
         switch (extension->type) {
 
+#if defined(HAVE_RPK)
+            case TLSX_CLIENT_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Client Certificate Type extension free");
+                /* nothing to do */
+                break;
+            case TLSX_SERVER_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Server Certificate Type extension free");
+                /* nothing to do */
+                break;
+#endif
+
 #ifdef HAVE_SNI
             case TLSX_SERVER_NAME:
+                WOLFSSL_MSG("SNI extension free");
                 SNI_FREE_ALL((SNI*)extension->data, heap);
                 break;
 #endif
 
             case TLSX_TRUSTED_CA_KEYS:
+                WOLFSSL_MSG("Trusted CA Indication extension free");
                 TCA_FREE_ALL((TCA*)extension->data, heap);
                 break;
 
             case TLSX_MAX_FRAGMENT_LENGTH:
+                WOLFSSL_MSG("Max Fragment Length extension free");
                 MFL_FREE_ALL(extension->data, heap);
                 break;
 
             case TLSX_EXTENDED_MASTER_SECRET:
+                WOLFSSL_MSG("Extended Master Secret free");
+                /* Nothing to do. */
+                break;
             case TLSX_TRUNCATED_HMAC:
+                WOLFSSL_MSG("Truncated HMAC extension free");
                 /* Nothing to do. */
                 break;
 
             case TLSX_SUPPORTED_GROUPS:
+                WOLFSSL_MSG("Supported Groups extension free");
                 EC_FREE_ALL((SupportedCurve*)extension->data, heap);
                 break;
 
             case TLSX_EC_POINT_FORMATS:
+                WOLFSSL_MSG("Point Formats extension free");
                 PF_FREE_ALL((PointFormat*)extension->data, heap);
                 break;
 
             case TLSX_STATUS_REQUEST:
+                WOLFSSL_MSG("Certificate Status Request extension free");
                 CSR_FREE_ALL((CertificateStatusRequest*)extension->data, heap);
                 break;
 
             case TLSX_STATUS_REQUEST_V2:
+                WOLFSSL_MSG("Certificate Status Request v2 extension free");
                 CSR2_FREE_ALL((CertificateStatusRequestItemV2*)extension->data,
                         heap);
                 break;
 
             case TLSX_RENEGOTIATION_INFO:
+                WOLFSSL_MSG("Secure Renegotiation extension free");
                 SCR_FREE_ALL(extension->data, heap);
                 break;
 
             case TLSX_SESSION_TICKET:
+                WOLFSSL_MSG("Session Ticket extension free");
                 WOLF_STK_FREE(extension->data, heap);
                 break;
 
             case TLSX_APPLICATION_LAYER_PROTOCOL:
+                WOLFSSL_MSG("ALPN extension free");
                 ALPN_FREE_ALL((ALPN*)extension->data, heap);
                 break;
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
             case TLSX_SIGNATURE_ALGORITHMS:
+                WOLFSSL_MSG("Signature Algorithms extension to free");
                 SA_FREE_ALL((SignatureAlgorithms*)extension->data, heap);
                 break;
 #endif
 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
             case TLSX_ENCRYPT_THEN_MAC:
+                WOLFSSL_MSG("Encrypt-Then-Mac extension free");
                 break;
 #endif
 #ifdef WOLFSSL_TLS13
             case TLSX_SUPPORTED_VERSIONS:
+                WOLFSSL_MSG("Supported Versions extension free");
                 break;
 
     #ifdef WOLFSSL_SEND_HRR_COOKIE
             case TLSX_COOKIE:
+                WOLFSSL_MSG("Cookie extension free");
                 CKE_FREE_ALL((Cookie*)extension->data, heap);
                 break;
     #endif
 
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
             case TLSX_PRE_SHARED_KEY:
+                WOLFSSL_MSG("Pre-Shared Key extension free");
                 PSK_FREE_ALL((PreSharedKey*)extension->data, heap);
                 break;
 
             case TLSX_PSK_KEY_EXCHANGE_MODES:
+                WOLFSSL_MSG("PSK Key Exchange Modes extension free");
                 break;
     #endif
 
     #ifdef WOLFSSL_EARLY_DATA
             case TLSX_EARLY_DATA:
+                WOLFSSL_MSG("Early Data extension free");
                 break;
     #endif
 
     #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
             case TLSX_POST_HANDSHAKE_AUTH:
+                WOLFSSL_MSG("Post-Handshake Authentication extension free");
                 break;
     #endif
 
     #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
             case TLSX_SIGNATURE_ALGORITHMS_CERT:
+                WOLFSSL_MSG("Signature Algorithms extension free");
                 break;
     #endif
 
             case TLSX_KEY_SHARE:
+                WOLFSSL_MSG("Key Share extension free");
                 KS_FREE_ALL((KeyShareEntry*)extension->data, heap);
                 break;
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            case TLSX_CERTIFICATE_AUTHORITIES:
+                WOLFSSL_MSG("Certificate Authorities extension free");
+                break;
+    #endif
 #endif
 #ifdef WOLFSSL_SRTP
             case TLSX_USE_SRTP:
+                WOLFSSL_MSG("SRTP extension free");
                 SRTP_FREE((TlsxSrtp*)extension->data, heap);
                 break;
 #endif
@@ -11240,19 +12148,22 @@ void TLSX_FreeAll(TLSX* list, void* heap)
             case TLSX_KEY_QUIC_TP_PARAMS:
                 FALL_THROUGH;
             case TLSX_KEY_QUIC_TP_PARAMS_DRAFT:
+                WOLFSSL_MSG("QUIC transport parameter free");
                 QTP_FREE((QuicTransportParam*)extension->data, heap);
                 break;
     #endif
 
 #ifdef WOLFSSL_DTLS_CID
-        case TLSX_CONNECTION_ID:
-            CID_FREE((byte*)extension->data, heap);
-            break;
+            case TLSX_CONNECTION_ID:
+                WOLFSSL_MSG("Connection ID extension free");
+                CID_FREE((byte*)extension->data, heap);
+                break;
 #endif /* WOLFSSL_DTLS_CID */
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
-        case TLSX_ECH:
-            ECH_FREE((WOLFSSL_ECH*)extension->data, heap);
-            break;
+            case TLSX_ECH:
+                WOLFSSL_MSG("ECH extension free");
+                ECH_FREE((WOLFSSL_ECH*)extension->data, heap);
+                break;
 #endif
             default:
                 break;
@@ -11403,6 +12314,11 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
             case TLSX_KEY_SHARE:
                 length += KS_GET_SIZE((KeyShareEntry*)extension->data, msgType);
                 break;
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            case TLSX_CERTIFICATE_AUTHORITIES:
+                length += CAN_GET_SIZE(extension->data);
+                break;
+    #endif
 #endif
 #ifdef WOLFSSL_SRTP
             case TLSX_USE_SRTP:
@@ -11410,6 +12326,16 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType,
                 break;
 #endif
 
+#ifdef HAVE_RPK
+            case TLSX_CLIENT_CERTIFICATE_TYPE:
+                length += CCT_GET_SIZE((WOLFSSL*)extension->data, msgType);
+                break;
+
+            case TLSX_SERVER_CERTIFICATE_TYPE:
+                length += SCT_GET_SIZE((WOLFSSL*)extension->data, msgType);
+                break;
+#endif /* HAVE_RPK */
+
 #ifdef WOLFSSL_QUIC
             case TLSX_KEY_QUIC_TP_PARAMS:
                 FALL_THROUGH; /* followed by */
@@ -11609,12 +12535,32 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
                 offset += KS_WRITE((KeyShareEntry*)extension->data,
                                                       output + offset, msgType);
                 break;
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            case TLSX_CERTIFICATE_AUTHORITIES:
+                WOLFSSL_MSG("Certificate Authorities extension to write");
+                offset += CAN_WRITE(extension->data, output + offset);
+                break;
+    #endif
 #endif
 #ifdef WOLFSSL_SRTP
             case TLSX_USE_SRTP:
+                WOLFSSL_MSG("SRTP extension to write");
                 offset += SRTP_WRITE((TlsxSrtp*)extension->data, output+offset);
                 break;
 #endif
+
+#ifdef HAVE_RPK
+            case TLSX_CLIENT_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Client Certificate Type extension to write");
+                offset += CCT_WRITE(extension->data, output + offset, msgType);
+                break;
+
+            case TLSX_SERVER_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Server Certificate Type extension to write");
+                offset += SCT_WRITE(extension->data, output + offset, msgType);
+                break;
+#endif /* HAVE_RPK */
+
 #ifdef WOLFSSL_QUIC
             case TLSX_KEY_QUIC_TP_PARAMS:
                 FALL_THROUGH;
@@ -11626,12 +12572,14 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore,
 #endif
 #ifdef WOLFSSL_DTLS_CID
             case TLSX_CONNECTION_ID:
+                WOLFSSL_MSG("Connection ID extension to write");
                 offset += CID_WRITE((byte*)extension->data, output+offset);
                 break;
 
 #endif /* WOLFSSL_DTLS_CID */
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
             case TLSX_ECH:
+                WOLFSSL_MSG("ECH extension to write");
                 ret = ECH_WRITE((WOLFSSL_ECH*)extension->data,
                     output + offset, &offset);
                 break;
@@ -11737,6 +12685,11 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
                                         WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
                 if (ret != WOLFSSL_SUCCESS) return ret;
             #endif
+            #ifdef WOLFSSL_SM2
+                ret = TLSX_UseSupportedCurve(extensions,
+                                              WOLFSSL_ECC_SM2P256V1, ssl->heap);
+                if (ret != WOLFSSL_SUCCESS) return ret;
+            #endif
         #endif
 #endif /* HAVE_ECC */
 
@@ -11906,6 +12859,16 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
 
     /* server will add extension depending on what is parsed from client */
     if (!isServer) {
+#if defined(HAVE_RPK)
+        ret = TLSX_ClientCertificateType_Use(ssl, isServer);
+        if (ret != 0)
+            return ret;
+
+        ret = TLSX_ServerCertificateType_Use(ssl, isServer);
+        if (ret != 0)
+            return ret;
+#endif /* HAVE_RPK */
+
 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
         if (!ssl->options.disallowEncThenMac) {
             ret = TLSX_EncryptThenMac_Use(ssl);
@@ -11955,6 +12918,17 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
     ret = 0;
 #endif
 #ifdef WOLFSSL_TLS13
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+        if (isServer && IsAtLeastTLSv1_3(ssl->version)) {
+            if (SSL_CA_NAMES(ssl) != NULL) {
+                WOLFSSL_MSG("Adding certificate authorities extension");
+                if ((ret = TLSX_Push(&ssl->extensions,
+                        TLSX_CERTIFICATE_AUTHORITIES, ssl, ssl->heap)) != 0) {
+                        return ret;
+                }
+            }
+        }
+    #endif
         if (!isServer && IsAtLeastTLSv1_3(ssl->version)) {
             /* Add mandatory TLS v1.3 extension: supported version */
             WOLFSSL_MSG("Adding supported versions extension");
@@ -12041,19 +13015,8 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
                     namedGroup = kse->group;
             }
             if (namedGroup != WOLFSSL_NAMED_GROUP_INVALID) {
-#ifdef HAVE_PQC
-                /* For KEMs, the key share has already been generated, but not
-                 * if we are resuming. */
-                if (!WOLFSSL_NAMED_GROUP_IS_PQC(namedGroup)
-#ifdef HAVE_SESSION_TICKET
-                    || ssl->options.resuming
-#endif /* HAVE_SESSION_TICKET */
-                   )
-#endif /* HAVE_PQC */
-                {
-                    ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL,
-                            &ssl->extensions);
-                }
+                ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL,
+                        &ssl->extensions);
                 if (ret != 0)
                     return ret;
             }
@@ -12135,6 +13098,16 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
                     }
                     else
                 #endif
+                #if (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+                    defined(WOLFSSL_SM3)
+                    if (cipherSuite0 == CIPHER_BYTE) {
+                        if ((cipherSuite != TLS_SM4_GCM_SM3) &&
+                            (cipherSuite != TLS_SM4_CCM_SM3)) {
+                            continue;
+                        }
+                    }
+                    else
+                #endif
                     if (cipherSuite0 != TLS13_BYTE)
                         continue;
 
@@ -12174,7 +13147,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
         #endif
             if (ssl->options.client_psk_cb != NULL ||
                                      ssl->options.client_psk_tls13_cb != NULL) {
-                /* Default ciphersuite. */
+                /* Default cipher suite. */
                 byte cipherSuite0 = TLS13_BYTE;
                 byte cipherSuite = WOLFSSL_DEF_PSK_CIPHER;
                 int cipherSuiteFlags = WOLFSSL_CIPHER_SUITE_FLAG_NONE;
@@ -12421,8 +13394,9 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
 #endif
 #if defined(WOLFSSL_TLS13)
-        if (!IsAtLeastTLSv1_2(ssl))
+        if (!IsAtLeastTLSv1_2(ssl)) {
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS));
+        }
     #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS)
         if (!IsAtLeastTLSv1_3(ssl->version)) {
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE));
@@ -12439,6 +13413,10 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
         #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));
         #endif
+        #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            TURN_ON(semaphore,
+                    TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+        #endif
         }
     #endif
 #endif /* WOLFSSL_TLS13 */
@@ -12460,8 +13438,11 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
         TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
 #endif
-        /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP,
-         *       TLSX_CERTIFICATE_AUTHORITIES, OID_FILTERS
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+        if (SSL_CA_NAMES(ssl) != NULL)
+            TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+#endif
+        /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, OID_FILTERS
          *       TLSX_STATUS_REQUEST
          */
     }
@@ -12664,6 +13645,10 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
         #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
             TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH));
         #endif
+        #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            TURN_ON(semaphore,
+                    TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+        #endif
         }
     #endif
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
@@ -12691,8 +13676,13 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
 #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
         TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
 #endif
-        /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP,
-         *       TLSX_CERTIFICATE_AUTHORITIES, TLSX_OID_FILTERS
+#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+        if (SSL_CA_NAMES(ssl) != NULL) {
+            TURN_OFF(semaphore,
+                    TLSX_ToSemaphore(TLSX_CERTIFICATE_AUTHORITIES));
+        }
+#endif
+        /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, TLSX_OID_FILTERS
          *       TLSX_STATUS_REQUEST
          */
     }
@@ -13203,15 +14193,16 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
             #endif
 
 #ifdef WOLFSSL_TLS13
+                /* RFC 8446 4.2.4 states trusted_ca_keys is not used
+                   in TLS 1.3. */
                 if (IsAtLeastTLSv1_3(ssl->version)) {
-                    if (msgType != client_hello &&
-                        msgType != encrypted_extensions)
-                        return EXT_NOT_ALLOWED;
+                    return EXT_NOT_ALLOWED;
                 }
                 else
 #endif
                 {
-                    if (msgType != client_hello)
+                    if (msgType != client_hello &&
+                        msgType != server_hello)
                         return EXT_NOT_ALLOWED;
                 }
                 ret = TCA_PARSE(ssl, input + offset, size, isRequest);
@@ -13601,6 +14592,26 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
                 break;
     #endif
 
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+            case TLSX_CERTIFICATE_AUTHORITIES:
+                WOLFSSL_MSG("Certificate Authorities extension received");
+            #ifdef WOLFSSL_DEBUG_TLS
+                WOLFSSL_BUFFER(input + offset, size);
+            #endif
+
+                if (!IsAtLeastTLSv1_3(ssl->version))
+                    break;
+
+                if (msgType != client_hello &&
+                        msgType != certificate_request) {
+                    WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
+                    return EXT_NOT_ALLOWED;
+                }
+
+                ret = CAN_PARSE(ssl, input + offset, size, isRequest);
+                break;
+    #endif
+
             case TLSX_KEY_SHARE:
                 WOLFSSL_MSG("Key Share extension received");
             #ifdef WOLFSSL_DEBUG_TLS
@@ -13669,8 +14680,20 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
                 break;
 
 #endif /* defined(WOLFSSL_DTLS_CID) */
+#if defined(HAVE_RPK)
+            case TLSX_CLIENT_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Client Certificate Type extension received");
+                ret = CCT_PARSE(ssl, input + offset, size, msgType);
+                break;
+
+            case TLSX_SERVER_CERTIFICATE_TYPE:
+                WOLFSSL_MSG("Server Certificate Type extension received");
+                ret = SCT_PARSE(ssl, input + offset, size, msgType);
+                break;
+#endif /* HAVE_RPK */
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
             case TLSX_ECH:
+                WOLFSSL_MSG("ECH extension received");
                 ret = ECH_PARSE(ssl, input + offset, size, msgType);
                 break;
 #endif
@@ -14261,4 +15284,5 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
 #endif /* NO_WOLFSSL_SERVER */
 
 #endif /* NO_TLS */
+
 #endif /* WOLFCRYPT_ONLY */
diff --git a/extra/wolfssl/wolfssl/src/tls13.c b/extra/wolfssl/wolfssl/src/tls13.c
index 4726c832..d16a5761 100644
--- a/extra/wolfssl/wolfssl/src/tls13.c
+++ b/extra/wolfssl/wolfssl/src/tls13.c
@@ -77,7 +77,7 @@
  *    Requires client to set a client certificate
  * WOLFSSL_PSK_MULTI_ID_PER_CS
  *    When multiple PSK identities are available for the same cipher suite.
- *    Sets the first byte of the client identity to the count of identites
+ *    Sets the first byte of the client identity to the count of identities
  *    that have been seen so far for the cipher suite.
  * WOLFSSL_CHECK_SIG_FAULTS
  *    Verifies the ECC signature after signing in case of faults in the
@@ -262,15 +262,15 @@ static int Tls13HKDFExpandKeyLabel(WOLFSSL* ssl, byte* okm, word32 okmLen,
 /* hash buffer may not be fully initialized, but the sending length won't
  * extend beyond the initialized span.
  */
-PRAGMA_GCC_DIAG_PUSH;
-PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+PRAGMA_GCC_DIAG_PUSH
+PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
     (void)ssl;
     (void)side;
     return wc_Tls13_HKDF_Expand_Label(okm, okmLen, prk, prkLen,
                                       protocol, protocolLen,
                                       label, labelLen,
                                       info, infoLen, digest);
-PRAGMA_GCC_DIAG_POP;
+PRAGMA_GCC_DIAG_POP
 }
 #endif /* !HAVE_FIPS || !wc_Tls13_HKDF_Expand_Label */
 
@@ -339,6 +339,19 @@ static int DeriveKeyMsg(WOLFSSL* ssl, byte* output, int outputLen,
             digestAlg = WC_SHA512;
             break;
 #endif
+#ifdef WOLFSSL_SM3
+        case sm3_mac:
+            ret = wc_InitSm3(&digest.sm3, ssl->heap, INVALID_DEVID);
+            if (ret == 0) {
+                ret = wc_Sm3Update(&digest.sm3, msg, msgLen);
+                if (ret == 0)
+                    ret = wc_Sm3Final(&digest.sm3, hash);
+                wc_Sm3Free(&digest.sm3);
+            }
+            hashSz = WC_SM3_DIGEST_SIZE;
+            digestAlg = WC_SM3;
+            break;
+#endif
         default:
             digestAlg = -1;
             break;
@@ -401,6 +414,7 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
     word32      protocolLen;
     int         digestAlg = 0;
 
+
     switch (hashAlgo) {
     #ifndef NO_SHA256
         case sha256_mac:
@@ -429,6 +443,15 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
             break;
     #endif
 
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            hashSz    = WC_SM3_DIGEST_SIZE;
+            digestAlg = WC_SM3;
+            if (includeMsgs)
+                ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+            break;
+    #endif
+
         default:
             ret = HASH_TYPE_E;
             break;
@@ -454,8 +477,8 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
     /* hash buffer may not be fully initialized, but the sending length won't
      * extend beyond the initialized span.
      */
-    PRAGMA_GCC_DIAG_PUSH;
-    PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"");
+    PRAGMA_GCC_DIAG_PUSH
+    PRAGMA_GCC("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
     PRIVATE_KEY_UNLOCK();
     #if defined(HAVE_FIPS) && defined(wc_Tls13_HKDF_Expand_Label)
     (void)side;
@@ -473,7 +496,7 @@ int Tls13DeriveKey(WOLFSSL* ssl, byte* output, int outputLen,
     wc_MemZero_Add("TLS 1.3 derived key", output, outputLen);
 #endif
     return ret;
-    PRAGMA_GCC_DIAG_POP;
+    PRAGMA_GCC_DIAG_POP
 }
 
 /* Convert TLS mac ID to a hash algorithm ID
@@ -502,6 +525,13 @@ static WC_INLINE int mac2hash(int mac)
             hash = WC_SHA512;
             break;
         #endif
+
+        #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            hash = WC_SM3;
+            break;
+        #endif
+
     default:
         hash = WC_HASH_TYPE_NONE;
     }
@@ -581,6 +611,17 @@ static int DeriveEarlyTrafficSecret(WOLFSSL* ssl, byte* key, int side)
     if (ssl == NULL || ssl->arrays == NULL) {
         return BAD_FUNC_ARG;
     }
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support,
+     * obtain the appropriate secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                                    SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET,
+                                    key);
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
     ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->secret,
                     earlyTrafficLabel, EARLY_TRAFFIC_LABEL_SZ,
                     ssl->specs.mac_algorithm, 1, side);
@@ -629,6 +670,16 @@ static int DeriveClientHandshakeSecret(WOLFSSL* ssl, byte* key)
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support,
+     * obtain the appropriate secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                               SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+                               key);
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
     ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret,
                     clientHandshakeLabel, CLIENT_HANDSHAKE_LABEL_SZ,
                     ssl->specs.mac_algorithm, 1, WOLFSSL_CLIENT_END);
@@ -674,9 +725,21 @@ static int DeriveServerHandshakeSecret(WOLFSSL* ssl, byte* key)
     if (ssl == NULL || ssl->arrays == NULL) {
         return BAD_FUNC_ARG;
     }
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support,
+     * obtain the appropriate secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                                SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+                                key);
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
     ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->preMasterSecret,
                     serverHandshakeLabel, SERVER_HANDSHAKE_LABEL_SZ,
                     ssl->specs.mac_algorithm, 1, WOLFSSL_SERVER_END);
+
 #ifdef HAVE_SECRET_CALLBACK
     if (ret == 0 && ssl->tls13SecretCb != NULL) {
         ret = ssl->tls13SecretCb(ssl, SERVER_HANDSHAKE_TRAFFIC_SECRET, key,
@@ -719,9 +782,21 @@ static int DeriveClientTrafficSecret(WOLFSSL* ssl, byte* key)
     if (ssl == NULL || ssl->arrays == NULL) {
         return BAD_FUNC_ARG;
     }
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support,
+     * obtain the appropriate secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                                    SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET,
+                                    key);
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
     ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret,
                     clientAppLabel, CLIENT_APP_LABEL_SZ,
                     ssl->specs.mac_algorithm, 1, WOLFSSL_CLIENT_END);
+
 #ifdef HAVE_SECRET_CALLBACK
     if (ret == 0 && ssl->tls13SecretCb != NULL) {
         ret = ssl->tls13SecretCb(ssl, CLIENT_TRAFFIC_SECRET, key,
@@ -764,9 +839,21 @@ static int DeriveServerTrafficSecret(WOLFSSL* ssl, byte* key)
     if (ssl == NULL || ssl->arrays == NULL) {
         return BAD_FUNC_ARG;
     }
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    /* If this is called from a sniffer session with keylog file support,
+     * obtain the appropriate secret from the callback */
+    if (ssl->snifferSecretCb != NULL) {
+        return ssl->snifferSecretCb(ssl->arrays->clientRandom,
+                                    SNIFFER_SECRET_SERVER_TRAFFIC_SECRET,
+                                    key);
+    }
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
     ret = Tls13DeriveKey(ssl, key, -1, ssl->arrays->masterSecret,
                     serverAppLabel, SERVER_APP_LABEL_SZ,
                     ssl->specs.mac_algorithm, 1, WOLFSSL_SERVER_END);
+
 #ifdef HAVE_SECRET_CALLBACK
     if (ret == 0 && ssl->tls13SecretCb != NULL) {
         ret = ssl->tls13SecretCb(ssl, SERVER_TRAFFIC_SECRET, key,
@@ -1202,6 +1289,12 @@ int DeriveResumptionPSK(WOLFSSL* ssl, byte* nonce, byte nonceLen, byte* secret)
             break;
         #endif
 
+        #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            digestAlg = WC_SM3;
+            break;
+        #endif
+
         default:
             return BAD_FUNC_ARG;
     }
@@ -1271,6 +1364,13 @@ static int BuildTls13HandshakeHmac(WOLFSSL* ssl, byte* key, byte* hash,
             ret = wc_Sha512GetHash(&ssl->hsHashes->hashSha512, hash);
             break;
     #endif /* WOLFSSL_TLS13_SHA512 */
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            hashType = WC_SM3;
+            hashSz = WC_SM3_DIGEST_SIZE;
+            ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+            break;
+    #endif /* WOLFSSL_SM3 */
         default:
             break;
     }
@@ -1713,6 +1813,14 @@ end:
     {
         return sys_now();
     }
+
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+    word32 TimeNowInMilliseconds(void)
+    {
+        return (word32)osKernelGetTickCount();
+    }
+
 #elif defined(WOLFSSL_TIRTOS)
     /* The time in milliseconds.
      * Used for tickets to represent difference between when first seen and when
@@ -1996,6 +2104,14 @@ end:
     {
         return sys_now();
     }
+
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+    sword64 TimeNowInMilliseconds(void)
+    {
+        return (sword64)osKernelGetTickCount();
+    }
+
 #elif defined(WOLFSSL_TIRTOS)
     /* The time in milliseconds.
      * Used for tickets to represent difference between when first seen and when
@@ -2466,7 +2582,7 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
         #ifdef CIPHER_NONCE
             if (ssl->encrypt.nonce == NULL) {
                 ssl->encrypt.nonce = (byte*)XMALLOC(AEAD_NONCE_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
             #ifdef WOLFSSL_CHECK_MEM_ZERO
                 if (ssl->encrypt.nonce != NULL) {
                     wc_MemZero_Add("EncryptTls13 nonce", ssl->encrypt.nonce,
@@ -2580,6 +2696,24 @@ static int EncryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
                     break;
             #endif
 
+            #ifdef WOLFSSL_SM4_GCM
+                case wolfssl_sm4_gcm:
+                    nonceSz = SM4_GCM_NONCE_SZ;
+                    ret = wc_Sm4GcmEncrypt(ssl->encrypt.sm4, output, input,
+                        dataSz, ssl->encrypt.nonce, nonceSz, output + dataSz,
+                        macSz, aad, aadSz);
+                    break;
+            #endif
+
+            #ifdef WOLFSSL_SM4_CCM
+                case wolfssl_sm4_ccm:
+                    nonceSz = SM4_CCM_NONCE_SZ;
+                    ret = wc_Sm4CcmEncrypt(ssl->encrypt.sm4, output, input,
+                        dataSz, ssl->encrypt.nonce, nonceSz, output + dataSz,
+                        macSz, aad, aadSz);
+                    break;
+            #endif
+
             #ifdef HAVE_NULL_CIPHER
                 case wolfssl_cipher_null:
                     ret = Tls13IntegrityOnly_Encrypt(ssl, output, input, dataSz,
@@ -2811,7 +2945,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, &ssl->decrypt.state);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* check for still pending */
         if (ret == WC_PENDING_E)
             return ret;
@@ -2850,7 +2984,7 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
         #ifdef CIPHER_NONCE
             if (ssl->decrypt.nonce == NULL) {
                 ssl->decrypt.nonce = (byte*)XMALLOC(AEAD_NONCE_SZ,
-                                            ssl->heap, DYNAMIC_TYPE_AES_BUFFER);
+                                                ssl->heap, DYNAMIC_TYPE_CIPHER);
             #ifdef WOLFSSL_CHECK_MEM_ZERO
                 if (ssl->decrypt.nonce != NULL) {
                     wc_MemZero_Add("DecryptTls13 nonce", ssl->decrypt.nonce,
@@ -2956,6 +3090,24 @@ int DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input, word16 sz,
                     break;
             #endif
 
+            #ifdef WOLFSSL_SM4_GCM
+                case wolfssl_sm4_gcm:
+                    nonceSz = SM4_GCM_NONCE_SZ;
+                    ret = wc_Sm4GcmDecrypt(ssl->decrypt.sm4, output, input,
+                        dataSz, ssl->decrypt.nonce, nonceSz, output + dataSz,
+                        macSz, aad, aadSz);
+                    break;
+            #endif
+
+            #ifdef WOLFSSL_SM4_CCM
+                case wolfssl_sm4_ccm:
+                    nonceSz = SM4_CCM_NONCE_SZ;
+                    ret = wc_Sm4CcmDecrypt(ssl->decrypt.sm4, output, input,
+                        dataSz, ssl->decrypt.nonce, nonceSz, output + dataSz,
+                        macSz, aad, aadSz);
+                    break;
+            #endif
+
             #ifdef HAVE_NULL_CIPHER
                 case wolfssl_cipher_null:
                     ret = Tls13IntegrityOnly_Decrypt(ssl, output, input, dataSz,
@@ -3056,7 +3208,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
     WOLFSSL_ENTER("BuildTls13Message");
 
 #ifdef WOLFSSL_ASYNC_CRYPT
-    ret = WC_NOT_PENDING_E;
+    ret = WC_NO_PENDING_E;
     if (asyncOkay) {
         WOLFSSL_ASSERT_SIZEOF_GE(ssl->async->args, *args);
 
@@ -3070,7 +3222,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
         args = (BuildMsg13Args*)ssl->async->args;
 
         ret = wolfSSL_AsyncPop(ssl, &ssl->options.buildMsgState);
-        if (ret != WC_NOT_PENDING_E) {
+        if (ret != WC_NO_PENDING_E) {
             /* Check for error */
             if (ret < 0)
                 goto exit_buildmsg;
@@ -3084,7 +3236,7 @@ int BuildTls13Message(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
 
     /* Reset state */
 #ifdef WOLFSSL_ASYNC_CRYPT
-    if (ret == WC_NOT_PENDING_E)
+    if (ret == WC_NO_PENDING_E)
 #endif
     {
         ret = 0;
@@ -3323,6 +3475,25 @@ byte SuiteMac(const byte* suite)
                 break;
         }
     }
+#if (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+     defined(WOLFSSL_SM3)
+    else if (suite[0] == CIPHER_BYTE) {
+        switch (suite[1]) {
+        #ifdef BUILD_TLS_SM4_GCM_SM3
+            case TLS_SM4_GCM_SM3:
+                mac = sm3_mac;
+                break;
+        #endif
+        #ifdef BUILD_TLS_SM4_CCM_SM3
+            case TLS_SM4_CCM_SM3:
+                mac = sm3_mac;
+                break;
+        #endif
+            default:
+                break;
+        }
+    }
+#endif
 #ifdef HAVE_NULL_CIPHER
     else if (suite[0] == ECC_BYTE) {
         switch (suite[1]) {
@@ -3456,6 +3627,11 @@ static int CreateCookie(const WOLFSSL* ssl, byte** hash, byte* hashSz,
             *hash = hashes->sha512;
             break;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            *hash = hashes->sm3;
+            break;
+    #endif
     }
     *hashSz = ssl->specs.hash_size;
 
@@ -3586,6 +3762,12 @@ static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk, int clientHello)
     if (psk == NULL)
         return BAD_FUNC_ARG;
 
+    if (!HaveUniqueSessionObj(ssl)) {
+        WOLFSSL_MSG("Unable to have unique session object");
+        WOLFSSL_ERROR_VERBOSE(MEMORY_ERROR);
+        return MEMORY_ERROR;
+    }
+
     suite[0] = ssl->options.cipherSuite0;
     suite[1] = ssl->options.cipherSuite;
 
@@ -3968,6 +4150,49 @@ static int EchHashHelloInner(WOLFSSL* ssl, WOLFSSL_ECH* ech)
 }
 #endif
 
+static void GetTls13SessionId(WOLFSSL* ssl, byte* output, word32* idx)
+{
+    if (ssl->session->sessionIDSz > 0) {
+        /* Session resumption for old versions of protocol. */
+        if (ssl->session->sessionIDSz <= ID_LEN) {
+            if (output != NULL)
+                output[*idx] = ssl->session->sessionIDSz;
+            (*idx)++;
+            if (output != NULL) {
+                XMEMCPY(output + *idx, ssl->session->sessionID,
+                    ssl->session->sessionIDSz);
+            }
+            *idx += ssl->session->sessionIDSz;
+        }
+        else {
+            /* Invalid session ID length. Reset it. */
+            ssl->session->sessionIDSz = 0;
+            if (output != NULL)
+                output[*idx] = 0;
+            (*idx)++;
+        }
+    }
+    else {
+    #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+        if (ssl->options.tls13MiddleBoxCompat) {
+            if (output != NULL)
+                output[*idx] = ID_LEN;
+            (*idx)++;
+            if (output != NULL)
+                XMEMCPY(output + *idx, ssl->arrays->clientRandom, ID_LEN);
+            *idx += ID_LEN;
+        }
+        else
+    #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */
+        {
+            /* TLS v1.3 does not use session id - 0 length. */
+            if (output != NULL)
+                output[*idx] = 0;
+            (*idx)++;
+        }
+    }
+}
+
 /* handle generation of TLS 1.3 client_hello (1) */
 /* Send a ClientHello message to the server.
  * Include the information required to start a handshake with servers using
@@ -4060,7 +4285,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
     args = (Sch13Args*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             return ret;
@@ -4076,6 +4301,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
     switch (ssl->options.asyncState) {
     case TLS_ASYNC_BEGIN:
     {
+    word32 sessIdSz = 0;
 
     args->idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
 
@@ -4084,8 +4310,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
         args->idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA;
 #endif /* WOLFSSL_DTLS13 */
 
-    /* Version | Random | Session Id | Cipher Suites | Compression */
-    args->length = VERSION_SZ + RAN_LEN + ENUM_LEN + suites->suiteSz +
+    /* Version | Random | Cipher Suites | Compression */
+    args->length = VERSION_SZ + RAN_LEN + suites->suiteSz +
             SUITE_LEN + COMP_LEN + ENUM_LEN;
 #ifdef WOLFSSL_QUIC
     if (WOLFSSL_IS_QUIC(ssl)) {
@@ -4093,17 +4319,9 @@ int SendTls13ClientHello(WOLFSSL* ssl)
         ssl->session->sessionIDSz = 0;
         ssl->options.tls13MiddleBoxCompat = 0;
     }
-    else
-#endif
-#if defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
-    {
-        args->length += ID_LEN;
-        ssl->options.tls13MiddleBoxCompat = 1;
-    }
-#else
-    if (ssl->options.resuming && ssl->session->sessionIDSz > 0)
-        args->length += ssl->session->sessionIDSz;
 #endif
+    GetTls13SessionId(ssl, NULL, &sessIdSz);
+    args->length += (word16)sessIdSz;
 
 #ifdef WOLFSSL_DTLS13
     if (ssl->options.dtls) {
@@ -4192,10 +4410,37 @@ int SendTls13ClientHello(WOLFSSL* ssl)
     }
 #endif
 
-    /* Include length of TLS extensions. */
-    ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
-    if (ret != 0)
-        return ret;
+    {
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        int maxFrag = wolfSSL_GetMaxFragSize(ssl, MAX_RECORD_SIZE);
+        word16 lenWithoutExts = args->length;
+#endif
+
+        /* Include length of TLS extensions. */
+        ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
+        if (ret != 0)
+            return ret;
+
+#ifdef WOLFSSL_DTLS_CH_FRAG
+        if (ssl->options.dtls && args->length > maxFrag &&
+                TLSX_Find(ssl->extensions, TLSX_COOKIE) == NULL) {
+            /* Try again with an empty key share if we would be fragmenting
+             * without a cookie */
+            ret = TLSX_KeyShare_Empty(ssl);
+            if (ret != 0)
+                return ret;
+            args->length = lenWithoutExts;
+            ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
+            if (ret != 0)
+                return ret;
+            if (args->length > maxFrag) {
+                WOLFSSL_MSG("Can't fit first CH in one fragment.");
+                return BUFFER_ERROR;
+            }
+            WOLFSSL_MSG("Sending empty key share so we don't fragment CH1");
+        }
+#endif
+    }
 
     /* Total message size. */
     args->sendSz = args->length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;
@@ -4243,33 +4488,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
 
     args->idx += RAN_LEN;
 
-    if (ssl->session->sessionIDSz > 0) {
-        /* Session resumption for old versions of protocol. */
-        if (ssl->options.resuming) {
-            args->output[args->idx++] = ID_LEN;
-            XMEMCPY(args->output + args->idx, ssl->session->sessionID,
-                ssl->session->sessionIDSz);
-            args->idx += ID_LEN;
-        }
-        else {
-            /* Not resuming, zero length session ID */
-            args->output[args->idx++] = 0;
-        }
-    }
-    else {
-    #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
-        if (ssl->options.tls13MiddleBoxCompat) {
-            args->output[args->idx++] = ID_LEN;
-            XMEMCPY(args->output + args->idx, ssl->arrays->clientRandom, ID_LEN);
-            args->idx += ID_LEN;
-        }
-        else
-    #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */
-        {
-            /* TLS v1.3 does not use session id - 0 length. */
-            args->output[args->idx++] = 0;
-        }
-    }
+    GetTls13SessionId(ssl, args->output, &args->idx);
 
 #ifdef WOLFSSL_DTLS13
     if (ssl->options.dtls) {
@@ -4504,41 +4723,38 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
     int digestSize;
     HS_Hashes* tmpHashes;
     HS_Hashes* acceptHashes;
-    byte zeros[WC_MAX_DIGEST_SIZE] = {0};
+    byte zeros[WC_MAX_DIGEST_SIZE];
     byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
     byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
     byte acceptConfirmation[ECH_ACCEPT_CONFIRMATION_SZ];
-
+    XMEMSET(zeros, 0, sizeof(zeros));
+    XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
+    XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
+    XMEMSET(acceptConfirmation, 0, sizeof(acceptConfirmation));
     /* copy ech hashes to accept */
     ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashesEch, &acceptHashes);
-
     /* swap hsHashes to acceptHashes */
     tmpHashes = ssl->hsHashes;
     ssl->hsHashes = acceptHashes;
-
     /* hash up to the last 8 bytes */
     if (ret == 0)
         ret = HashRaw(ssl, input, serverRandomOffset + RAN_LEN -
             ECH_ACCEPT_CONFIRMATION_SZ);
-
     /* hash 8 zeros */
     if (ret == 0)
         ret = HashRaw(ssl, zeros, ECH_ACCEPT_CONFIRMATION_SZ);
-
     /* hash the rest of the hello */
-    if (ret == 0)
+    if (ret == 0) {
         ret = HashRaw(ssl, input + serverRandomOffset + RAN_LEN,
             helloSz + HANDSHAKE_HEADER_SZ - (serverRandomOffset + RAN_LEN));
-
+    }
     /* get the modified transcript hash */
     if (ret == 0)
         ret = GetMsgHash(ssl, transcriptEchConf);
-
     if (ret > 0)
         ret = 0;
-
     /* pick the right type and size based on mac_algorithm */
-    if (ret == 0)
+    if (ret == 0) {
         switch (ssl->specs.mac_algorithm) {
 #ifndef NO_SHA256
             case sha256_mac:
@@ -4558,16 +4774,21 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
                 digestSize = WC_SHA512_DIGEST_SIZE;
                 break;
 #endif /* WOLFSSL_TLS13_SHA512 */
+#ifdef WOLFSSL_SM3
+            case sm3_mac:
+                digestType = WC_SM3;
+                digestSize = WC_SM3_DIGEST_SIZE;
+                break;
+#endif /* WOLFSSL_SM3 */
             default:
                 ret = -1;
                 break;
         }
-
+    }
     /* extract clientRandomInner with a key of all zeros */
     if (ret == 0)
         ret = wc_HKDF_Extract(digestType, zeros, digestSize,
             ssl->arrays->clientRandomInner, RAN_LEN, expandLabelPrk);
-
     /* tls expand with the confirmation label */
     if (ret == 0)
         ret = wc_Tls13_HKDF_Expand_Label(acceptConfirmation,
@@ -4576,52 +4797,39 @@ static int EchCheckAcceptance(WOLFSSL* ssl, const byte* input,
             TLS13_PROTOCOL_LABEL_SZ, echAcceptConfirmationLabel,
             ECH_ACCEPT_CONFIRMATION_LABEL_SZ, transcriptEchConf, digestSize,
             digestType);
-
     if (ret == 0) {
         /* last 8 bytes should match our expand output */
         ret = XMEMCMP(acceptConfirmation,
             ssl->arrays->serverRandom + RAN_LEN - ECH_ACCEPT_CONFIRMATION_SZ,
             ECH_ACCEPT_CONFIRMATION_SZ);
-
         /* ech accepted */
         if (ret == 0) {
             /* use the inner random for client random */
             XMEMCPY(ssl->arrays->clientRandom, ssl->arrays->clientRandomInner,
               RAN_LEN);
-
-            /* switch back to original hsHashes */
+            /* switch back to original hsHashes to free */
             ssl->hsHashes = tmpHashes;
-
-            /* free hsHashes */
-            FreeHandshakeHashes(ssl);
-
             /* set the final hsHashes to the ech hashes */
             tmpHashes = ssl->hsHashesEch;
-
-            /* set hsHashesEch to NULL to avoid double free */
-            ssl->hsHashesEch = NULL;
         }
         /* ech rejected */
         else {
-            /* switch to hsHashesEch */
+            /* switch to hsHashesEch to free */
             ssl->hsHashes = ssl->hsHashesEch;
-
-            /* free ech hashes */
-            FreeHandshakeHashes(ssl);
         }
-
+        /* free hsHashes */
+        FreeHandshakeHashes(ssl);
+        /* set hsHashesEch to NULL to avoid double free */
+        ssl->hsHashesEch = NULL;
         /* continue with outer if we failed to verify ech was accepted */
         ret = 0;
     }
-
     /* switch to acceptHashes */
     ssl->hsHashes = acceptHashes;
-
     /* free acceptHashes */
     FreeHandshakeHashes(ssl);
-
+    /* swap to tmp, will ech if accepted, hsHashes if rejected */
     ssl->hsHashes = tmpHashes;
-
     return ret;
 }
 
@@ -4635,9 +4843,12 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* output,
     int digestSize;
     HS_Hashes* tmpHashes;
     HS_Hashes* acceptHashes;
-    byte zeros[WC_MAX_DIGEST_SIZE] = {0};
+    byte zeros[WC_MAX_DIGEST_SIZE];
     byte transcriptEchConf[WC_MAX_DIGEST_SIZE];
     byte expandLabelPrk[WC_MAX_DIGEST_SIZE];
+    XMEMSET(zeros, 0, sizeof(zeros));
+    XMEMSET(transcriptEchConf, 0, sizeof(transcriptEchConf));
+    XMEMSET(expandLabelPrk, 0, sizeof(expandLabelPrk));
 
     /* copy ech hashes to accept */
     ret = InitHandshakeHashesAndCopy(ssl, ssl->hsHashes, &acceptHashes);
@@ -4688,6 +4899,12 @@ static int EchWriteAcceptance(WOLFSSL* ssl, byte* output,
                 digestSize = WC_SHA512_DIGEST_SIZE;
                 break;
 #endif /* WOLFSSL_TLS13_SHA512 */
+#ifdef WOLFSSL_SM3
+            case sm3_mac:
+                digestType = WC_SM3;
+                digestSize = WC_SM3_DIGEST_SIZE;
+                break;
+#endif /* WOLFSSL_SM3 */
             default:
                 ret = -1;
                 break;
@@ -4791,7 +5008,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     args = (Dsh13Args*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0) {
             if (ret == WC_PENDING_E) {
@@ -4884,6 +5101,13 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         WOLFSSL_MSG("HelloRetryRequest format");
         *extMsgType = hello_retry_request;
 
+        if (ssl->msgsReceived.got_hello_verify_request) {
+            WOLFSSL_MSG("Received HelloRetryRequest after a "
+                        "HelloVerifyRequest");
+            WOLFSSL_ERROR_VERBOSE(VERSION_ERROR);
+            return VERSION_ERROR;
+        }
+
         /* A HelloRetryRequest comes in as an ServerHello for MiddleBox compat.
          * Found message to be a HelloRetryRequest.
          * Don't allow more than one HelloRetryRequest or ServerHello.
@@ -5200,6 +5424,20 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     }
     else
 #endif
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM3)
+    if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+            ssl->options.cipherSuite == TLS_SM4_GCM_SM3) {
+        ; /* Do nothing. */
+    }
+    else
+#endif
+#if defined(WOLFSSL_SM4_CCM) && defined(WOLFSSL_SM3)
+    if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+            ssl->options.cipherSuite == TLS_SM4_CCM_SM3) {
+        ; /* Do nothing. */
+    }
+    else
+#endif
     /* Check that the negotiated ciphersuite matches protocol version. */
     if (ssl->options.cipherSuite0 != TLS13_BYTE) {
         WOLFSSL_MSG("Server sent non-TLS13 cipher suite in TLS 1.3 packet");
@@ -5379,6 +5617,11 @@ static int DoTls13CertificateRequest(WOLFSSL* ssl, const byte* input,
     if (ssl->toInfoOn) AddLateName("CertificateRequest", &ssl->timeoutInfo);
 #endif
 
+#ifdef OPENSSL_EXTRA
+    if ((ret = CertSetupCbWrapper(ssl)) != 0)
+        return ret;
+#endif
+
     if (OPAQUE8_LEN > size)
         return BUFFER_ERROR;
 
@@ -5479,7 +5722,7 @@ static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites)
     if (AllocateSuites(ssl) != 0)
         return;
 
-    XMEMSET(suites, 0, WOLFSSL_MAX_SUITE_SZ);
+    XMEMSET(suites, 0, sizeof(suites));
 
     if (!ssl->options.useClientOrder) {
         /* Server order refining. */
@@ -5606,6 +5849,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err)
     int         found = 0;
     byte        foundSuite[SUITE_LEN];
 
+    WOLFSSL_ENTER("FindPsk");
+
     ret = FindPskSuite(ssl, psk, ssl->arrays->psk_key, &ssl->arrays->psk_keySz,
                        suite, &found, foundSuite);
     if (ret == 0 && found) {
@@ -5640,6 +5885,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err)
     }
 
     *err = ret;
+    WOLFSSL_LEAVE("FindPsk", found);
+    WOLFSSL_LEAVE("FindPsk", ret);
     return found;
 }
 #endif /* !NO_PSK */
@@ -5856,7 +6103,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
     int    first = 0;
 #ifndef WOLFSSL_PSK_ONE_ID
     int    i;
-    const Suites* suites = WOLFSSL_SUITES(ssl);
+    const Suites* suites;
 #else
     byte   suite[2];
 #endif
@@ -5894,11 +6141,12 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
 
     /* Refine list for PSK processing. */
     RefineSuites(ssl, clSuites);
-
 #ifndef WOLFSSL_PSK_ONE_ID
     if (usingPSK == NULL)
         return BAD_FUNC_ARG;
 
+    /* set after refineSuites, to avoid taking a stale ptr to ctx->Suites */
+    suites = WOLFSSL_SUITES(ssl);
     /* Server list has only common suites from refining in server or client
      * order. */
     for (i = 0; !(*usingPSK) && i < suites->suiteSz; i += 2) {
@@ -5961,6 +6209,8 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
                 if ((ret = SetKeysSide(ssl, DECRYPT_SIDE_ONLY)) != 0)
                     return ret;
 
+                ssl->keys.encryptionOn = 1;
+
 #ifdef WOLFSSL_DTLS13
                 if (ssl->options.dtls) {
                     ret = Dtls13NewEpoch(ssl,
@@ -6349,6 +6599,9 @@ static void FreeDch13Args(WOLFSSL* ssl, void* pArgs)
         XFREE(args->clSuites, ssl->heap, DYNAMIC_TYPE_SUITES);
         args->clSuites = NULL;
     }
+#ifdef OPENSSL_EXTRA
+    ssl->clSuites = NULL;
+#endif
 }
 
 int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
@@ -6379,7 +6632,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
     args = (Dch13Args*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0) {
             goto exit_dch;
@@ -6415,12 +6668,21 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
     /* Update the ssl->options.dtlsStateful setting `if` statement in
      * wolfSSL_accept_TLSv13 when changing this one. */
-    if (IsDtlsNotSctpMode(ssl) && ssl->options.sendCookie) {
-        ret = DoClientHelloStateless(ssl, input, inOutIdx, helloSz);
+    if (IsDtlsNotSctpMode(ssl) && ssl->options.sendCookie &&
+            !ssl->options.dtlsStateful) {
+        ret = DoClientHelloStateless(ssl, input + *inOutIdx, helloSz, 0, NULL);
         if (ret != 0 || !ssl->options.dtlsStateful) {
             *inOutIdx += helloSz;
             goto exit_dch;
         }
+        if (ssl->chGoodCb != NULL) {
+            int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
+            if (cbret < 0) {
+                ssl->error = cbret;
+                WOLFSSL_MSG("ClientHello Good Cb don't continue error");
+                return WOLFSSL_FATAL_ERROR;
+            }
+        }
     }
     ssl->options.dtlsStateful = 1;
 #endif /* WOLFSSL_DTLS */
@@ -6520,7 +6782,12 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 #endif
 
     sessIdSz = input[args->idx++];
-    if (sessIdSz != ID_LEN && sessIdSz != 0) {
+#ifndef WOLFSSL_TLS13_MIDDLEBOX_COMPAT
+    if (sessIdSz > ID_LEN)
+#else
+    if (sessIdSz != ID_LEN && sessIdSz != 0)
+#endif
+    {
         ERROR_OUT(INVALID_PARAMETER, exit_dch);
     }
 
@@ -6528,10 +6795,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         ERROR_OUT(BUFFER_ERROR, exit_dch);
 
     ssl->session->sessionIDSz = sessIdSz;
-    if (sessIdSz == ID_LEN) {
+    if (sessIdSz > 0)
         XMEMCPY(ssl->session->sessionID, input + args->idx, sessIdSz);
-        args->idx += ID_LEN;
-    }
+    args->idx += sessIdSz;
 
 #ifdef WOLFSSL_DTLS13
     /* legacy_cookie */
@@ -6660,7 +6926,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             }
         }
         else {
-            ERROR_OUT(HRR_COOKIE_ERROR, exit_dch);
+#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_DTLS13_NO_HRR_ON_RESUME)
+            /* Don't error out as we may be resuming. We confirm this later. */
+            if (!ssl->options.dtls)
+#endif
+                ERROR_OUT(HRR_COOKIE_ERROR, exit_dch);
         }
     }
 #endif
@@ -6716,6 +6986,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
     case TLS_ASYNC_DO:
     {
+#ifdef OPENSSL_EXTRA
+    ssl->clSuites = args->clSuites;
+    if ((ret = CertSetupCbWrapper(ssl)) != 0)
+        goto exit_dch;
+#endif
 #ifndef NO_CERTS
     if (!args->usingPSK) {
         if ((ret = MatchSuite(ssl, args->clSuites)) < 0) {
@@ -6726,7 +7001,6 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
             goto exit_dch;
         }
     }
-    else
 #endif
 #ifdef HAVE_SUPPORTED_CURVES
     if (args->usingPSK == 2) {
@@ -6734,6 +7008,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         int doHelloRetry = 0;
         ret = TLSX_KeyShare_Establish(ssl, &doHelloRetry);
         if (doHelloRetry) {
+            /* Make sure we don't send HRR twice */
+            if (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE)
+                ERROR_OUT(INVALID_PARAMETER, exit_dch);
             ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
             if (ret != WC_PENDING_E)
                 ret = 0; /* for hello_retry return 0 */
@@ -6779,6 +7056,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
 
     if (!args->usingPSK) {
 #ifndef NO_CERTS
+        /* Check that the negotiated ciphersuite matches protocol version. */
     #ifdef HAVE_NULL_CIPHER
         if (ssl->options.cipherSuite0 == ECC_BYTE &&
                               (ssl->options.cipherSuite == TLS_SHA256_SHA256 ||
@@ -6787,7 +7065,20 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         }
         else
     #endif
-        /* Check that the negotiated ciphersuite matches protocol version. */
+    #if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_SM3)
+        if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+                ssl->options.cipherSuite == TLS_SM4_GCM_SM3) {
+            ; /* Do nothing. */
+        }
+        else
+    #endif
+    #if defined(WOLFSSL_SM4_CCM) && defined(WOLFSSL_SM3)
+        if (ssl->options.cipherSuite0 == CIPHER_BYTE &&
+                ssl->options.cipherSuite == TLS_SM4_CCM_SM3) {
+            ; /* Do nothing. */
+        }
+        else
+    #endif
         if (ssl->options.cipherSuite0 != TLS13_BYTE) {
             WOLFSSL_MSG("Negotiated ciphersuite from lesser version than "
                         "TLS v1.3");
@@ -6812,32 +7103,58 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         ret = INPUT_CASE_ERROR;
     } /* switch (ssl->options.asyncState) */
 
-#if defined(WOLFSSL_SEND_HRR_COOKIE)
-    if (ret == 0 && ssl->options.sendCookie && ssl->options.cookieGood &&
-            (ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE
+#ifdef WOLFSSL_SEND_HRR_COOKIE
+    if (ret == 0 && ssl->options.sendCookie) {
+        if (ssl->options.cookieGood &&
+                ssl->options.acceptState == TLS13_ACCEPT_FIRST_REPLY_DONE) {
+            /* Processing second ClientHello. Clear HRR state. */
+            ssl->options.serverState = NULL_STATE;
+        }
+
+        if (ssl->options.cookieGood &&
+            ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+            /* If we already verified the peer with a cookie then we can't
+             * do another HRR for cipher negotiation. Send alert and restart
+             * the entire handshake. */
+            ERROR_OUT(INVALID_PARAMETER, exit_dch);
+        }
 #ifdef WOLFSSL_DTLS13
-                    /* DTLS cookie exchange should be done in stateless code in
-                     * DoClientHelloStateless. If we verified the cookie then
-                     * always advance the state. */
-                    || ssl->options.dtls
+        if (ssl->options.dtls &&
+            ssl->options.serverState == SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+            /* Cookie and key share negotiation should be handled in
+             * DoClientHelloStateless. If we enter here then something went
+             * wrong in our logic. */
+            ERROR_OUT(BAD_HELLO, exit_dch);
+        }
 #endif
-                    ))
-        ssl->options.serverState = SERVER_HELLO_COMPLETE;
+        /* Send a cookie */
+        if (!ssl->options.cookieGood &&
+            ssl->options.serverState != SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+#ifdef WOLFSSL_DTLS13
+            if (ssl->options.dtls) {
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+                /* We can skip cookie on resumption */
+                if (!ssl->options.dtls || !ssl->options.dtls13NoHrrOnResume ||
+                        !args->usingPSK)
+#endif
+                    ERROR_OUT(BAD_HELLO, exit_dch);
+            }
+            else
 #endif
+            {
+                /* Need to remove the keyshare ext if we found a common group
+                 * and are not doing curve negotiation. */
+                TLSX_Remove(&ssl->extensions, TLSX_KEY_SHARE, ssl->heap);
+                ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
+            }
 
-#if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
-    if (ret == 0 && ssl->options.dtls && ssl->options.sendCookie &&
-        ssl->options.serverState <= SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
-        /* Cookie and key share negotiation should be handled in
-         * DoClientHelloStateless. If we enter here then something went wrong
-         * in our logic. */
-        ERROR_OUT(BAD_HELLO, exit_dch);
+        }
     }
 #endif /* WOLFSSL_DTLS13 */
 
 #ifdef WOLFSSL_DTLS_CID
     /* do not modify CID state if we are sending an HRR  */
-    if (ssl->options.useDtlsCID &&
+    if (ret == 0 && ssl->options.dtls && ssl->options.useDtlsCID &&
             ssl->options.serverState != SERVER_HELLO_RETRY_REQUEST_COMPLETE)
         DtlsCIDOnExtensionsParsed(ssl);
 #endif /* WOLFSSL_DTLS_CID */
@@ -7254,6 +7571,10 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
     word16 reqSz;
     word16 hashSigAlgoSz = 0;
     SignatureAlgorithms* sa;
+    int haveSig = SIG_RSA | SIG_ECDSA | SIG_FALCON | SIG_DILITHIUM;
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    haveSig |= SIG_SM2;
+#endif
 
     WOLFSSL_START(WC_FUNC_CERTIFICATE_REQUEST_SEND);
     WOLFSSL_ENTER("SendTls13CertificateRequest");
@@ -7264,13 +7585,13 @@ static int SendTls13CertificateRequest(WOLFSSL* ssl, byte* reqCtx,
         return SIDE_ERROR;
 
     /* Get the length of the hashSigAlgo buffer */
-    InitSuitesHashSigAlgo_ex(NULL, 1, 1, 1, 1, 0, 1, ssl->buffers.keySz,
-                             &hashSigAlgoSz);
+    InitSuitesHashSigAlgo_ex2(NULL, haveSig, 1, ssl->buffers.keySz,
+        &hashSigAlgoSz);
     sa = TLSX_SignatureAlgorithms_New(ssl, hashSigAlgoSz, ssl->heap);
     if (sa == NULL)
         return MEMORY_ERROR;
-    InitSuitesHashSigAlgo_ex(sa->hashSigAlgo, 1, 1, 1, 1, 0, 1,
-                             ssl->buffers.keySz, &sa->hashSigAlgoSz);
+    InitSuitesHashSigAlgo_ex2(sa->hashSigAlgo, haveSig, 1, ssl->buffers.keySz,
+        &hashSigAlgoSz);
     ret = TLSX_Push(&ssl->extensions, TLSX_SIGNATURE_ALGORITHMS, sa, ssl->heap);
     if (ret != 0) {
         TLSX_SignatureAlgorithms_FreeAll(sa, ssl->heap);
@@ -7379,6 +7700,12 @@ static WC_INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
             output[1] = ecc_dsa_sa_algo;
             break;
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        case sm2_sa_algo:
+            output[0] = SM2_SA_MAJOR;
+            output[1] = SM2_SA_MINOR;
+            break;
+#endif
 #ifdef HAVE_ED25519
         /* ED25519: 0x0807 */
         case ed25519_sa_algo:
@@ -7446,6 +7773,16 @@ static WC_INLINE int DecodeTls13SigAlg(byte* input, byte* hashAlgo,
     int ret = 0;
 
     switch (input[0]) {
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        case SM2_SA_MAJOR:
+            if (input[1] == SM2_SA_MINOR) {
+                *hsType = sm2_sa_algo;
+                *hashAlgo = sm3_mac;
+            }
+            else
+                ret = INVALID_PARAMETER;
+            break;
+    #endif
         case NEW_SA_MAJOR:
             /* PSS signatures: 0x080[4-6] */
             if (input[1] >= sha256_mac && input[1] <= sha512_mac) {
@@ -7546,6 +7883,13 @@ static WC_INLINE int GetMsgHash(WOLFSSL* ssl, byte* hash)
                 ret = WC_SHA512_DIGEST_SIZE;
             break;
     #endif /* WOLFSSL_TLS13_SHA512 */
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            ret = wc_Sm3GetHash(&ssl->hsHashes->hashSm3, hash);
+            if (ret == 0)
+                ret = WC_SM3_DIGEST_SIZE;
+            break;
+    #endif /* WOLFSSL_SM3 */
         default:
             break;
     }
@@ -7913,11 +8257,6 @@ static int SendTls13Certificate(WOLFSSL* ssl)
         listSz = 0;
     }
     else {
-#ifdef OPENSSL_EXTRA
-        if ((ret = CertSetupCbWrapper(ssl)) != 0)
-            return ret;
-#endif
-
         if (!ssl->buffers.certificate) {
             WOLFSSL_MSG("Send Cert missing certificate buffer");
             return BUFFER_ERROR;
@@ -8238,7 +8577,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
     args = (Scv13Args*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_scv;
@@ -8302,7 +8641,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             if (ssl->buffers.key == NULL) {
             #ifdef HAVE_PK_CALLBACKS
                 if (wolfSSL_CTX_IsPrivatePkSet(ssl->ctx))
-                    args->length = GetPrivateKeySigSize(ssl);
+                    args->length = (word16)GetPrivateKeySigSize(ssl);
                 else
             #endif
                     ERROR_OUT(NO_PRIVATE_KEY, exit_scv);
@@ -8325,8 +8664,17 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             if (ssl->hsType == DYNAMIC_TYPE_RSA)
                 args->sigAlgo = rsa_pss_sa_algo;
         #ifdef HAVE_ECC
-            else if (ssl->hsType == DYNAMIC_TYPE_ECC)
-                args->sigAlgo = ecc_dsa_sa_algo;
+            else if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (ssl->buffers.keyType == sm2_sa_algo) {
+                    args->sigAlgo = sm2_sa_algo;
+                }
+                else
+        #endif
+                {
+                    args->sigAlgo = ecc_dsa_sa_algo;
+                }
+            }
         #endif
         #ifdef HAVE_ED25519
             else if (ssl->hsType == DYNAMIC_TYPE_ED25519)
@@ -8382,19 +8730,21 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             }
             EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo, args->verify);
 
-            if (ssl->hsType == DYNAMIC_TYPE_RSA) {
-                int sigLen = MAX_SIG_DATA_SZ;
-                if (args->length > MAX_SIG_DATA_SZ)
-                    sigLen = args->length;
-                args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
-                                                        DYNAMIC_TYPE_SIGNATURE);
-            }
-            else {
-                args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
-                                                        DYNAMIC_TYPE_SIGNATURE);
-            }
             if (args->sigData == NULL) {
-                ERROR_OUT(MEMORY_E, exit_scv);
+                if (ssl->hsType == DYNAMIC_TYPE_RSA) {
+                    int sigLen = MAX_SIG_DATA_SZ;
+                    if (args->length > MAX_SIG_DATA_SZ)
+                        sigLen = args->length;
+                    args->sigData = (byte*)XMALLOC(sigLen, ssl->heap,
+                                                            DYNAMIC_TYPE_SIGNATURE);
+                }
+                else {
+                    args->sigData = (byte*)XMALLOC(MAX_SIG_DATA_SZ, ssl->heap,
+                                                            DYNAMIC_TYPE_SIGNATURE);
+                }
+                if (args->sigData == NULL) {
+                    ERROR_OUT(MEMORY_E, exit_scv);
+                }
             }
 
             /* Create the data to be signed. */
@@ -8427,12 +8777,17 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             if (ssl->hsType == DYNAMIC_TYPE_ECC) {
                 sig->length = args->sendSz - args->idx - HASH_SIG_SIZE -
                               VERIFY_HEADER;
-                ret = CreateECCEncodedSig(args->sigData,
-                    args->sigDataSz, ssl->options.hashAlgo);
-                if (ret < 0)
-                    goto exit_scv;
-                args->sigDataSz = (word16)ret;
-                ret = 0;
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (ssl->buffers.keyType != sm2_sa_algo)
+            #endif
+                {
+                    ret = CreateECCEncodedSig(args->sigData,
+                        args->sigDataSz, ssl->options.hashAlgo);
+                    if (ret < 0)
+                        goto exit_scv;
+                    args->sigDataSz = (word16)ret;
+                    ret = 0;
+                }
             }
         #endif /* HAVE_ECC */
         #ifdef HAVE_ED25519
@@ -8474,16 +8829,27 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
         case TLS_ASYNC_DO:
         {
         #ifdef HAVE_ECC
-           if (ssl->hsType == DYNAMIC_TYPE_ECC) {
-                ret = EccSign(ssl, args->sigData, args->sigDataSz,
-                    args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
-                    (word32*)&sig->length, (ecc_key*)ssl->hsKey,
-            #ifdef HAVE_PK_CALLBACKS
-                    ssl->buffers.key
-            #else
-                    NULL
+            if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (ssl->buffers.keyType == sm2_sa_algo) {
+                    ret = Sm2wSm3Sign(ssl, TLS13_SM2_SIG_ID,
+                        TLS13_SM2_SIG_ID_SZ, args->sigData, args->sigDataSz,
+                        args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+                        (word32*)&sig->length, (ecc_key*)ssl->hsKey, NULL);
+                }
+                else
             #endif
-                );
+                {
+                    ret = EccSign(ssl, args->sigData, args->sigDataSz,
+                        args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+                        (word32*)&sig->length, (ecc_key*)ssl->hsKey,
+                #ifdef HAVE_PK_CALLBACKS
+                        ssl->buffers.key
+                #else
+                        NULL
+                #endif
+                    );
+                }
                 args->length = (word16)sig->length;
             }
         #endif /* HAVE_ECC */
@@ -8579,17 +8945,29 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
             }
         #endif /* !NO_RSA */
         #if defined(HAVE_ECC) && defined(WOLFSSL_CHECK_SIG_FAULTS)
-           if (ssl->hsType == DYNAMIC_TYPE_ECC) {
-                ret = EccVerify(ssl,
-                    args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
-                    sig->length, args->sigData, args->sigDataSz,
-                    (ecc_key*)ssl->hsKey,
-            #ifdef HAVE_PK_CALLBACKS
-                    ssl->buffers.key
-            #else
-                    NULL
+            if (ssl->hsType == DYNAMIC_TYPE_ECC) {
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (ssl->buffers.keyType == sm2_sa_algo) {
+                    ret = Sm2wSm3Verify(ssl, TLS13_SM2_SIG_ID,
+                        TLS13_SM2_SIG_ID_SZ,
+                        args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+                        sig->length, args->sigData, args->sigDataSz,
+                        (ecc_key*)ssl->hsKey, NULL);
+                }
+                else
             #endif
-                );
+                {
+                    ret = EccVerify(ssl,
+                        args->verify + HASH_SIG_SIZE + VERIFY_HEADER,
+                        sig->length, args->sigData, args->sigDataSz,
+                        (ecc_key*)ssl->hsKey,
+                #ifdef HAVE_PK_CALLBACKS
+                        ssl->buffers.key
+                #else
+                        NULL
+                #endif
+                    );
+                }
             }
         #endif
 
@@ -8828,7 +9206,7 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
     args = (Dcv13Args*)ssl->async->args;
 
     ret = wolfSSL_AsyncPop(ssl, &ssl->options.asyncState);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             goto exit_dcv;
@@ -8915,6 +9293,13 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
                                                       ssl->peerEccDsaKeyPresent;
             }
         #endif
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+            if (args->sigAlgo == sm2_sa_algo) {
+                WOLFSSL_MSG("Peer sent SM2 sig");
+                validSigAlgo = (ssl->peerEccDsaKey != NULL) &&
+                                                      ssl->peerEccDsaKeyPresent;
+            }
+        #endif
         #ifdef HAVE_PQC
             if (args->sigAlgo == falcon_level1_sa_algo) {
                 WOLFSSL_MSG("Peer sent Falcon Level 1 sig");
@@ -8979,12 +9364,17 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
                 ret = CreateSigData(ssl, args->sigData, &args->sigDataSz, 1);
                 if (ret != 0)
                     goto exit_dcv;
-                ret = CreateECCEncodedSig(args->sigData,
-                    args->sigDataSz, args->hashAlgo);
-                if (ret < 0)
-                    goto exit_dcv;
-                args->sigDataSz = (word16)ret;
-                ret = 0;
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (args->sigAlgo != sm2_sa_algo)
+            #endif
+                {
+                    ret = CreateECCEncodedSig(args->sigData,
+                        args->sigDataSz, args->hashAlgo);
+                    if (ret < 0)
+                        goto exit_dcv;
+                    args->sigDataSz = (word16)ret;
+                    ret = 0;
+                }
             }
         #endif
         #ifdef HAVE_ED25519
@@ -9068,15 +9458,26 @@ static int DoTls13CertificateVerify(WOLFSSL* ssl, byte* input,
         #endif /* !NO_RSA */
         #ifdef HAVE_ECC
             if (ssl->peerEccDsaKeyPresent) {
-                ret = EccVerify(ssl, input + args->idx, args->sz,
-                    args->sigData, args->sigDataSz,
-                    ssl->peerEccDsaKey,
-                #ifdef HAVE_PK_CALLBACKS
-                    &ssl->buffers.peerEccDsaKey
-                #else
-                    NULL
-                #endif
-                );
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                if (args->sigAlgo == sm2_sa_algo) {
+                    ret = Sm2wSm3Verify(ssl, TLS13_SM2_SIG_ID,
+                        TLS13_SM2_SIG_ID_SZ, input + args->idx, args->sz,
+                        args->sigData, args->sigDataSz,
+                        ssl->peerEccDsaKey, NULL);
+                }
+                else
+            #endif
+                {
+                    ret = EccVerify(ssl, input + args->idx, args->sz,
+                        args->sigData, args->sigDataSz,
+                        ssl->peerEccDsaKey,
+                    #ifdef HAVE_PK_CALLBACKS
+                        &ssl->buffers.peerEccDsaKey
+                    #else
+                        NULL
+                    #endif
+                    );
+                }
 
                 if (ret >= 0) {
                     /* CLIENT/SERVER: data verified with public key from
@@ -10221,6 +10622,13 @@ static int ExpectedResumptionSecret(WOLFSSL* ssl)
                 return ret;
             break;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            ret = wc_Sm3Copy(&ssl->hsHashes->hashSm3, &digest.sm3);
+            if (ret != 0)
+                return ret;
+            break;
+    #endif
     }
 
     /* Generate the Client's Finished message and hash it. */
@@ -10274,6 +10682,15 @@ static int ExpectedResumptionSecret(WOLFSSL* ssl)
                 return ret;
             break;
     #endif
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            wc_Sm3Free(&ssl->hsHashes->hashSm3);
+            ret = wc_Sm3Copy(&digest.sm3, &ssl->hsHashes->hashSm3);
+            wc_Sm3Free(&digest.sm3);
+            if (ret != 0)
+                return ret;
+            break;
+    #endif
     }
 
     return ret;
@@ -10323,9 +10740,24 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
             ssl->session->ticketNonce.data[0]++;
     }
 
+    if ((ssl->options.mask & WOLFSSL_OP_NO_TICKET) != 0) {
+        /* In this case we only send the ID as the ticket. Let's generate a new
+         * ID for the new ticket so that we don't overwrite any old ones */
+        ret = wc_RNG_GenerateBlock(ssl->rng, ssl->session->altSessionID,
+                                   ID_LEN);
+        if (ret != 0)
+            return ret;
+        ssl->session->haveAltSessionID = 1;
+    }
+
     if (!ssl->options.noTicketTls13) {
-        if ((ret = CreateTicket(ssl)) != 0)
+        if ((ret = SetupTicket(ssl)) != 0)
             return ret;
+        /* No need to create the ticket if we only send the ID */
+        if ((ssl->options.mask & WOLFSSL_OP_NO_TICKET) == 0) {
+            if ((ret = CreateTicket(ssl)) != 0)
+                return ret;
+        }
     }
 
 #ifdef WOLFSSL_EARLY_DATA
@@ -10384,7 +10816,7 @@ static int SendTls13NewSessionTicket(WOLFSSL* ssl)
         if (ssl->session->haveAltSessionID)
             XMEMCPY(output + idx, ssl->session->altSessionID, ID_LEN);
         else
-            XMEMCPY(output + idx, ssl->session->sessionID, ID_LEN);
+            return BAD_FUNC_ARG; /* Should not happen */
         idx += ID_LEN;
     }
     else {
@@ -11185,12 +11617,12 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx,
          * == 0) */
         *inOutIdx -= HANDSHAKE_HEADER_SZ;
     }
-#endif
 
-    /* reset error */
-    if (ret == 0 && ssl->error == WC_PENDING_E)
+    /* make sure async error is cleared */
+    if (ret == 0 && (ssl->error == WC_PENDING_E || ssl->error == OCSP_WANT_READ)) {
         ssl->error = 0;
-
+    }
+#endif
     if (ret == 0 && type != client_hello && type != session_ticket &&
                                                            type != key_update) {
         ret = HashInput(ssl, input + inIdx, size);
@@ -11355,8 +11787,6 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
     WOLFSSL_ENTER("DoTls13HandShakeMsg");
 
     if (ssl->arrays == NULL) {
-
-
         if (GetHandshakeHeader(ssl, input, inOutIdx, &type, &size,
                                                                 totalSz) != 0) {
             SendAlert(ssl, alert_fatal, unexpected_message);
@@ -11364,6 +11794,12 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             return PARSE_ERROR;
         }
 
+        ret = EarlySanityCheckMsgReceived(ssl, type, size);
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
         return DoTls13HandShakeMsgType(ssl, input, inOutIdx, type, size,
                                        totalSz);
     }
@@ -11380,6 +11816,13 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             return PARSE_ERROR;
         }
 
+        ret = EarlySanityCheckMsgReceived(ssl, type,
+                min(inputLength - HANDSHAKE_HEADER_SZ, size));
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
         /* Cap the maximum size of a handshake message to something reasonable.
          * By default is the maximum size of a certificate message assuming
          * nine 2048-bit RSA certificates in the chain. */
@@ -11415,6 +11858,14 @@ int DoTls13HandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
             inputLength = ssl->arrays->pendingMsgSz -
                                                   ssl->arrays->pendingMsgOffset;
         }
+
+        ret = EarlySanityCheckMsgReceived(ssl, ssl->arrays->pendingMsgType,
+                inputLength);
+        if (ret != 0) {
+            WOLFSSL_ERROR(ret);
+            return ret;
+        }
+
         XMEMCPY(ssl->arrays->pendingMsg + ssl->arrays->pendingMsgOffset,
                 input + *inOutIdx, inputLength);
         ssl->arrays->pendingMsgOffset += inputLength;
@@ -11530,7 +11981,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
         && ssl->error != WC_PENDING_E
     #endif
     ) {
-        if ((ssl->error = SendBuffered(ssl)) == 0) {
+        if ((ret = SendBuffered(ssl)) == 0) {
             if (ssl->fragOffset == 0 && !ssl->options.buildingMsg) {
                 if (advanceState) {
 #ifdef WOLFSSL_DTLS13
@@ -11623,7 +12074,7 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
         case CLIENT_HELLO_SENT:
             /* Get the response/s from the server. */
             while (ssl->options.serverState <
-                                          SERVER_HELLO_RETRY_REQUEST_COMPLETE) {
+                    SERVER_HELLOVERIFYREQUEST_COMPLETE) {
                 if ((ssl->error = ProcessReply(ssl)) < 0) {
                         WOLFSSL_ERROR(ssl->error);
                         return WOLFSSL_FATAL_ERROR;
@@ -11974,7 +12425,7 @@ int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group)
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     ret = wolfSSL_AsyncPop(ssl, NULL);
-    if (ret != WC_NOT_PENDING_E) {
+    if (ret != WC_NO_PENDING_E) {
         /* Check for error */
         if (ret < 0)
             return ret;
@@ -12739,7 +13190,8 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
                 && !ssl->dtls13SendingAckOrRtx;
 #endif /* WOLFSSL_DTLS13 */
 
-        if ((ssl->error = SendBuffered(ssl)) == 0) {
+        ret = SendBuffered(ssl);
+        if (ret == 0) {
             if (ssl->fragOffset == 0 && !ssl->options.buildingMsg) {
                 if (advanceState) {
                     ssl->options.acceptState++;
@@ -12876,17 +13328,6 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl)
 
         case TLS13_ACCEPT_SECOND_REPLY_DONE :
 
-#ifdef WOLFSSL_DTLS
-            if (ssl->chGoodCb != NULL) {
-                int cbret = ssl->chGoodCb(ssl, ssl->chGoodCtx);
-                if (cbret < 0) {
-                    ssl->error = cbret;
-                    WOLFSSL_MSG("ClientHello Good Cb don't continue error");
-                    return WOLFSSL_FATAL_ERROR;
-                }
-            }
-#endif
-
             if ((ssl->error = SendTls13ServerHello(ssl, server_hello)) != 0) {
                 WOLFSSL_ERROR(ssl->error);
                 return WOLFSSL_FATAL_ERROR;
@@ -13387,6 +13828,79 @@ int wolfSSL_set_tls13_secret_cb(WOLFSSL* ssl, Tls13SecretCb cb, void* ctx)
 
     return WOLFSSL_SUCCESS;
 }
+
+#if defined(SHOW_SECRETS) && defined(WOLFSSL_SSLKEYLOGFILE)
+int tls13ShowSecrets(WOLFSSL* ssl, int id, const unsigned char* secret,
+    int secretSz, void* ctx)
+{
+    int i;
+    const char* str = NULL;
+    byte clientRandom[RAN_LEN];
+    int clientRandomSz;
+    XFILE fp;
+
+    (void) ctx;
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+    fp = XFOPEN(WOLFSSL_SSLKEYLOGFILE_OUTPUT, "ab");
+    if (fp == XBADFILE) {
+        return BAD_FUNC_ARG;
+    }
+#else
+    fp = stderr;
+#endif
+
+    clientRandomSz = (int)wolfSSL_get_client_random(ssl, clientRandom,
+        sizeof(clientRandom));
+
+    if (clientRandomSz <= 0) {
+        printf("Error getting server random %d\n", clientRandomSz);
+    }
+
+#if 0
+    printf("TLS Server Secret CB: Rand %d, Secret %d\n",
+        serverRandomSz, secretSz);
+#endif
+
+    switch (id) {
+        case CLIENT_EARLY_TRAFFIC_SECRET:
+            str = "CLIENT_EARLY_TRAFFIC_SECRET"; break;
+        case EARLY_EXPORTER_SECRET:
+            str = "EARLY_EXPORTER_SECRET"; break;
+        case CLIENT_HANDSHAKE_TRAFFIC_SECRET:
+            str = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; break;
+        case SERVER_HANDSHAKE_TRAFFIC_SECRET:
+            str = "SERVER_HANDSHAKE_TRAFFIC_SECRET"; break;
+        case CLIENT_TRAFFIC_SECRET:
+            str = "CLIENT_TRAFFIC_SECRET_0"; break;
+        case SERVER_TRAFFIC_SECRET:
+            str = "SERVER_TRAFFIC_SECRET_0"; break;
+        case EXPORTER_SECRET:
+            str = "EXPORTER_SECRET"; break;
+        default:
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+            XFCLOSE(fp);
+#endif
+            return BAD_FUNC_ARG;
+            break;
+    }
+
+    fprintf(fp, "%s ", str);
+    for (i = 0; i < (int)clientRandomSz; i++) {
+        fprintf(fp, "%02x", clientRandom[i]);
+    }
+    fprintf(fp, " ");
+    for (i = 0; i < secretSz; i++) {
+        fprintf(fp, "%02x", secret[i]);
+    }
+    fprintf(fp, "\n");
+
+#ifdef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+    XFCLOSE(fp);
+#endif
+
+    return 0;
+}
+#endif
 #endif
 
 #undef ERROR_OUT
diff --git a/extra/wolfssl/wolfssl/src/wolfio.c b/extra/wolfssl/wolfssl/src/wolfio.c
index 26c11ad4..4fee9583 100644
--- a/extra/wolfssl/wolfssl/src/wolfio.c
+++ b/extra/wolfssl/wolfssl/src/wolfio.c
@@ -20,6 +20,9 @@
  */
 
 
+#ifndef WOLFSSL_STRERROR_BUFFER_SIZE
+#define WOLFSSL_STRERROR_BUFFER_SIZE 256
+#endif
 
 #ifdef HAVE_CONFIG_H
     #include <config.h>
@@ -121,6 +124,12 @@ static WC_INLINE int wolfSSL_LastError(int err)
 
 static int TranslateIoError(int err)
 {
+#ifdef  _WIN32
+    size_t errstr_offset;
+    char errstr[WOLFSSL_STRERROR_BUFFER_SIZE];
+#endif /* _WIN32 */
+
+
     if (err > 0)
         return err;
 
@@ -151,7 +160,20 @@ static int TranslateIoError(int err)
         return WOLFSSL_CBIO_ERR_CONN_CLOSE;
     }
 
+#if defined(_WIN32)
+    strcpy_s(errstr, sizeof(errstr), "\tGeneral error: ");
+    errstr_offset = strlen(errstr);
+    FormatMessageA(FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
+        NULL,
+        err,
+        MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
+        (LPSTR)(errstr + errstr_offset),
+        (DWORD)(sizeof(errstr) - errstr_offset),
+        NULL);
+    WOLFSSL_MSG(errstr);
+#else
     WOLFSSL_MSG("\tGeneral error");
+#endif
     return WOLFSSL_CBIO_ERR_GENERAL;
 }
 #endif /* USE_WOLFSSL_IO || HAVE_HTTP_CLIENT */
@@ -396,12 +418,12 @@ static int PeerIsIpv6(const SOCKADDR_S *peer, XSOCKLENT len)
 
 static int isDGramSock(int sfd)
 {
-    char type = 0;
+    int type = 0;
     /* optvalue 'type' is of size int */
-    XSOCKLENT length = (XSOCKLENT)sizeof(char);
+    XSOCKLENT length = (XSOCKLENT)sizeof(type);
 
-    if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, &type, &length) == 0 &&
-            type != SOCK_DGRAM) {
+    if (getsockopt(sfd, SOL_SOCKET, SO_TYPE, (XSOCKOPT_TYPE_OPTVAL_TYPE)&type,
+            &length) == 0 && type != SOCK_DGRAM) {
         return 0;
     }
     else {
@@ -634,7 +656,7 @@ int EmbedSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
         peerSz = dtlsCtx->peer.sz;
 #ifndef WOLFSSL_IPV6
         if (PeerIsIpv6(peer, peerSz)) {
-            WOLFSSL_MSG("ipv6 dtls peer setted but no ipv6 support compiled");
+            WOLFSSL_MSG("ipv6 dtls peer set but no ipv6 support compiled");
             return NOT_COMPILED_IN;
         }
 #endif
@@ -1084,7 +1106,11 @@ int wolfIO_TcpConnect(SOCKET_T* sockfd, const char* ip, word16 port, int to_sec)
     /* use gethostbyname for c99 */
 #if defined(HAVE_GETADDRINFO)
     XMEMSET(&hints, 0, sizeof(hints));
+#ifdef WOLFSSL_IPV6
     hints.ai_family = AF_UNSPEC; /* detect IPv4 or IPv6 */
+#else
+    hints.ai_family = AF_INET;   /* detect only IPv4 */
+#endif
     hints.ai_socktype = SOCK_STREAM;
     hints.ai_protocol = IPPROTO_TCP;
 
@@ -2463,11 +2489,18 @@ int MicriumSendTo(WOLFSSL* ssl, char *buf, int sz, void *ctx)
 /* Micrium DTLS Generate Cookie callback
  *  return : number of bytes copied into buf, or error
  */
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    #define MICRIUM_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+    #define MICRIUM_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+    #error Must enable either SHA-1 or SHA256 (or both) for Micrium.
+#endif
 int MicriumGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
 {
     NET_SOCK_ADDR peer;
     NET_SOCK_ADDR_LEN peerSz = sizeof(peer);
-    byte digest[WC_SHA_DIGEST_SIZE];
+    byte digest[MICRIUM_COOKIE_DIGEST_SIZE];
     int  ret = 0;
 
     (void)ctx;
@@ -2479,12 +2512,16 @@ int MicriumGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *ctx)
         return GEN_COOKIE_E;
     }
 
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    ret = wc_Sha256Hash((byte*)&peer, peerSz, digest);
+#else
     ret = wc_ShaHash((byte*)&peer, peerSz, digest);
+#endif
     if (ret != 0)
         return ret;
 
-    if (sz > WC_SHA_DIGEST_SIZE)
-        sz = WC_SHA_DIGEST_SIZE;
+    if (sz > MICRIUM_COOKIE_DIGEST_SIZE)
+        sz = MICRIUM_COOKIE_DIGEST_SIZE;
     XMEMCPY(buf, digest, sz);
 
     return sz;
@@ -2778,20 +2815,31 @@ int uIPReceive(WOLFSSL *ssl, char *buf, int sz, void *_ctx)
 /* uIP DTLS Generate Cookie callback
  *  return : number of bytes copied into buf, or error
  */
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    #define UIP_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+    #define UIP_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+    #error Must enable either SHA-1 or SHA256 (or both) for uIP.
+#endif
 int uIPGenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
 {
     uip_wolfssl_ctx *ctx = (uip_wolfssl_ctx *)_ctx;
     byte token[32];
-    byte digest[WC_SHA_DIGEST_SIZE];
+    byte digest[UIP_COOKIE_DIGEST_SIZE];
     int  ret = 0;
     XMEMSET(token, 0, sizeof(token));
     XMEMCPY(token, &ctx->peer_addr, sizeof(uip_ipaddr_t));
     XMEMCPY(token + sizeof(uip_ipaddr_t), &ctx->peer_port, sizeof(word16));
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    ret = wc_Sha256Hash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
+#else
     ret = wc_ShaHash(token, sizeof(uip_ipaddr_t) + sizeof(word16), digest);
+#endif
     if (ret != 0)
         return ret;
-    if (sz > WC_SHA_DIGEST_SIZE)
-        sz = WC_SHA_DIGEST_SIZE;
+    if (sz > UIP_COOKIE_DIGEST_SIZE)
+        sz = UIP_COOKIE_DIGEST_SIZE;
     XMEMCPY(buf, digest, sz);
     return sz;
 }
@@ -2855,13 +2903,20 @@ int GNRC_ReceiveFrom(WOLFSSL *ssl, char *buf, int sz, void *_ctx)
  *  return : number of bytes copied into buf, or error
  */
 #define GNRC_MAX_TOKEN_SIZE (32)
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    #define GNRC_COOKIE_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
+#elif !defined(NO_SHA)
+    #define GNRC_COOKIE_DIGEST_SIZE WC_SHA_DIGEST_SIZE
+#else
+    #error Must enable either SHA-1 or SHA256 (or both) for GNRC.
+#endif
 int GNRC_GenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
 {
     sock_tls_t *ctx = (sock_tls_t *)_ctx;
     if (!ctx)
         return WOLFSSL_CBIO_ERR_GENERAL;
     byte token[GNRC_MAX_TOKEN_SIZE];
-    byte digest[WC_SHA_DIGEST_SIZE];
+    byte digest[GNRC_COOKIE_DIGEST_SIZE];
     int  ret = 0;
     size_t token_size = sizeof(sock_udp_ep_t);
     (void)ssl;
@@ -2869,11 +2924,15 @@ int GNRC_GenerateCookie(WOLFSSL* ssl, byte *buf, int sz, void *_ctx)
         token_size = GNRC_MAX_TOKEN_SIZE;
     XMEMSET(token, 0, GNRC_MAX_TOKEN_SIZE);
     XMEMCPY(token, &ctx->peer_addr, token_size);
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    ret = wc_Sha256Hash(token, token_size, digest);
+#else
     ret = wc_ShaHash(token, token_size, digest);
+#endif
     if (ret != 0)
         return ret;
-    if (sz > WC_SHA_DIGEST_SIZE)
-        sz = WC_SHA_DIGEST_SIZE;
+    if (sz > GNRC_COOKIE_DIGEST_SIZE)
+        sz = GNRC_COOKIE_DIGEST_SIZE;
     XMEMCPY(buf, digest, sz);
     return sz;
 }
diff --git a/extra/wolfssl/wolfssl/src/x509.c b/extra/wolfssl/wolfssl/src/x509.c
index 90844832..a1c4fc4d 100644
--- a/extra/wolfssl/wolfssl/src/x509.c
+++ b/extra/wolfssl/wolfssl/src/x509.c
@@ -541,6 +541,10 @@ int wolfSSL_X509_get_ext_by_OBJ(const WOLFSSL_X509 *x,
     return -1;
 }
 
+#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
+
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
+    defined(WOLFSSL_WPAS_SMALL)
 /* Set a general name from the DNS entry data.
  *
  * @param [in]      dns  DNS entry.
@@ -565,6 +569,10 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
         static const unsigned char upn_oid[] = {
             0x2B, 0x06, 0x01, 0x04, 0x01, 0x82, 0x37, 0x14, 0x02, 0x03
         };
+        /* FASCN OID: 2.16.840.1.101.3.6.6 */
+        static const unsigned char fascn_oid[] = {
+            0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x06, 0x06
+        };
         const unsigned char* oid;
         word32 oidSz;
 
@@ -574,6 +582,10 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
                 oid = upn_oid;
                 oidSz = (word32)sizeof(upn_oid);
             }
+            else if (dns->oidSum == FASCN_OID) {
+                oid = fascn_oid;
+                oidSz = (word32)sizeof(fascn_oid);
+            }
             else {
                 goto err;
             }
@@ -650,7 +662,9 @@ static int wolfssl_dns_entry_othername_to_gn(DNS_entry* dns,
 err:
     return ret;
 }
+#endif /* OPENSSL_ALL || WOLFSSL_WPAS_SMALL */
 
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
 static int wolfssl_x509_alt_names_to_gn(WOLFSSL_X509* x509,
     WOLFSSL_X509_EXTENSION* ext)
 {
@@ -1186,7 +1200,9 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
 
                 /* Get extension data and copy as ASN1_STRING */
                 tmpIdx = idx + length;
-                if ((tmpIdx >= (word32)sz) || (input[tmpIdx++] != ASN_OCTET_STRING)) {
+                if ((tmpIdx >= (word32)sz) ||
+                    (input[tmpIdx] != ASN_OCTET_STRING))
+                {
                     WOLFSSL_MSG("Error decoding unknown extension data");
                     wolfSSL_ASN1_OBJECT_free(ext->obj);
                     wolfSSL_X509_EXTENSION_free(ext);
@@ -1197,6 +1213,8 @@ WOLFSSL_X509_EXTENSION* wolfSSL_X509_set_ext(WOLFSSL_X509* x509, int loc)
                     return NULL;
                 }
 
+                tmpIdx++;
+
                 if (GetLength(input, &tmpIdx, &length, sz) <= 0) {
                     WOLFSSL_MSG("Error: Invalid Input Length.");
                     wolfSSL_ASN1_OBJECT_free(ext->obj);
@@ -1354,11 +1372,45 @@ int wolfSSL_X509_add_ext(WOLFSSL_X509 *x509, WOLFSSL_X509_EXTENSION *ext, int lo
         break;
     }
     case NID_key_usage:
-        if (ext && ext->value.data &&
-                ext->value.length == sizeof(word16)) {
-            x509->keyUsage = *(word16*)ext->value.data;
-            x509->keyUsageCrit = (byte)ext->crit;
-            x509->keyUsageSet = 1;
+        if (ext && ext->value.data) {
+            if (ext->value.length == sizeof(word16)) {
+                /* if ext->value is already word16, set directly */
+                x509->keyUsage = *(word16*)ext->value.data;
+                x509->keyUsageCrit = (byte)ext->crit;
+                x509->keyUsageSet = 1;
+            }
+            else if (ext->value.length > 0) {
+                /* ext->value is comma-delimited string, convert to word16 */
+                if (ParseKeyUsageStr(ext->value.data, &x509->keyUsage,
+                                     x509->heap) != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+                x509->keyUsageCrit = (byte)ext->crit;
+                x509->keyUsageSet = 1;
+            }
+            else {
+                return WOLFSSL_FAILURE;
+            }
+        }
+        break;
+    case NID_ext_key_usage:
+        if (ext && ext->value.data) {
+            if (ext->value.length == sizeof(byte)) {
+                /* if ext->value is already word16, set directly */
+                x509->extKeyUsage = *(byte*)ext->value.data;
+                x509->extKeyUsageCrit = (byte)ext->crit;
+            }
+            else if (ext->value.length > 0) {
+                /* ext->value is comma-delimited string, convert to word16 */
+                if (ParseExtKeyUsageStr(ext->value.data, &x509->extKeyUsage,
+                                        x509->heap) != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+                x509->extKeyUsageCrit = (byte)ext->crit;
+            }
+            else {
+                return WOLFSSL_FAILURE;
+            }
         }
         break;
     case NID_basic_constraints:
@@ -1496,15 +1548,19 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
                     if (sk->next) {
                         if ((valLen = XSNPRINTF(val, len, "%*s%s,",
                                       indent, "", str->strData))
-                            >= len)
+                            >= len) {
+                            XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                             return rc;
+                        }
                     } else {
                         if ((valLen = XSNPRINTF(val, len, "%*s%s",
                                       indent, "", str->strData))
-                            >= len)
+                            >= len) {
+                            XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                             return rc;
+                        }
                     }
-                    if (tmpLen + valLen > tmpSz) {
+                    if ((tmpLen + valLen) >= tmpSz) {
                         XFREE(val, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                         return rc;
                     }
@@ -1521,11 +1577,9 @@ int wolfSSL_X509V3_EXT_print(WOLFSSL_BIO *out, WOLFSSL_X509_EXTENSION *ext,
         {
             char* asn1str;
             asn1str = wolfSSL_i2s_ASN1_STRING(NULL, str);
-            if ((tmpLen = XSNPRINTF(
-                     tmp, tmpSz, "%*s%s", indent, "", asn1str))
-                >= tmpSz)
-                return rc;
+            tmpLen = XSNPRINTF(tmp, tmpSz, "%*s%s", indent, "", asn1str);
             XFREE(asn1str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            if (tmpLen >= tmpSz) return rc;
             break;
         }
         case AUTH_INFO_OID:
@@ -2118,7 +2172,7 @@ out:
     return found ? extCount : WOLFSSL_FATAL_ERROR;
 }
 
-#endif /* OPENSSL_ALL */
+#endif /* OPENSSL_ALL || OPENSSL_EXTRA */
 
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)
 /* Looks for the extension matching the passed in nid
@@ -2775,6 +2829,14 @@ static WOLFSSL_X509_EXTENSION* createExtFromStr(int nid, const char *value)
             }
             ext->value.type = KEY_USAGE_OID;
             break;
+        case NID_ext_key_usage:
+            if (wolfSSL_ASN1_STRING_set(&ext->value, value, -1)
+                    != WOLFSSL_SUCCESS) {
+                WOLFSSL_MSG("wolfSSL_ASN1_STRING_set error");
+                goto err_cleanup;
+            }
+            ext->value.type = EXT_KEY_USAGE_OID;
+            break;
         default:
             WOLFSSL_MSG("invalid or unsupported NID");
             goto err_cleanup;
@@ -4378,8 +4440,9 @@ error:
  * @return  WOLFSSL_FAILURE on invalid parameter or memory error,
  *          WOLFSSL_SUCCESS otherwise.
  */
-int wolfSSL_GENERAL_NAME_set0_othername(GENERAL_NAME* gen, ASN1_OBJECT* oid,
-                                        ASN1_TYPE* value) {
+int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
+                                        ASN1_OBJECT* oid, ASN1_TYPE* value)
+{
     WOLFSSL_ASN1_OBJECT *x = NULL;
 
     if ((gen == NULL) || (oid == NULL) || (value == NULL)) {
@@ -4782,6 +4845,39 @@ int wolfSSL_GENERAL_NAME_set_type(WOLFSSL_GENERAL_NAME* name, int typ)
     return ret;
 }
 
+/* Set the value in a general name. This is a compat layer API.
+ *
+ * @param [out] a       Pointer to the GENERAL_NAME where the othername is set.
+ * @param [in]  type    The type of this general name.
+ * @param [in]  value   The ASN.1 string that is the value.
+ * @return none
+ * @note the set0 indicates we take ownership so the user does NOT free value.
+ */
+void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a, int type,
+                                     void *value)
+{
+    WOLFSSL_ASN1_STRING *val = (WOLFSSL_ASN1_STRING *)value;
+    if (a == NULL) {
+        WOLFSSL_MSG("a is NULL");
+        return;
+    }
+
+    if (val == NULL) {
+        WOLFSSL_MSG("value is NULL");
+        return;
+    }
+
+    if (type != GEN_DNS) {
+        WOLFSSL_MSG("Only GEN_DNS is supported");
+        return;
+    }
+
+    wolfSSL_GENERAL_NAME_type_free(a);
+    a->type = type;
+    if (type == GEN_DNS) {
+        a->d.dNSName = val;
+    }
+}
 
 /* Frees GENERAL_NAME objects.
 */
@@ -4807,6 +4903,17 @@ void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES *gens)
     wolfSSL_sk_GENERAL_NAME_free(gens);
 }
 
+void wolfSSL_EXTENDED_KEY_USAGE_free(WOLFSSL_STACK * sk)
+{
+    WOLFSSL_ENTER("wolfSSL_EXTENDED_KEY_USAGE_free");
+
+    if (sk == NULL) {
+        return;
+    }
+
+    wolfSSL_sk_X509_pop_free(sk, NULL);
+}
+
 #if defined(OPENSSL_ALL) && !defined(NO_BIO)
 /* Outputs name string of the given WOLFSSL_GENERAL_NAME_OBJECT to WOLFSSL_BIO.
  * Can handle following GENERAL_NAME_OBJECT types:
@@ -5111,7 +5218,7 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
     const unsigned char* buf, int sz, int format, int type)
 {
 
-    int ret;
+    int ret = 0;
     WOLFSSL_X509* x509 = NULL;
     DerBuffer* der = NULL;
 
@@ -5119,7 +5226,8 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
 
     if (format == WOLFSSL_FILETYPE_PEM) {
     #ifdef WOLFSSL_PEM_TO_DER
-        if (PemToDer(buf, sz, type, &der, NULL, NULL, NULL) != 0) {
+        ret = PemToDer(buf, sz, type, &der, NULL, NULL, NULL);
+        if (ret != 0) {
             FreeDer(&der);
         }
     #else
@@ -5145,20 +5253,28 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
     #ifdef WOLFSSL_SMALL_STACK
         cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL,
                                      DYNAMIC_TYPE_DCERT);
-        if (cert != NULL)
+        if (cert == NULL) {
+            ret = MEMORY_ERROR;
+        }
+        else
     #endif
         {
             InitDecodedCert(cert, der->buffer, der->length, NULL);
-            if (ParseCertRelative(cert, type, 0, NULL) == 0) {
+            ret = ParseCertRelative(cert, type, 0, NULL);
+            if (ret == 0) {
                 x509 = (WOLFSSL_X509*)XMALLOC(sizeof(WOLFSSL_X509), NULL,
                                                              DYNAMIC_TYPE_X509);
                 if (x509 != NULL) {
                     InitX509(x509, 1, NULL);
-                    if (CopyDecodedToX509(x509, cert) != 0) {
+                    ret = CopyDecodedToX509(x509, cert);
+                    if (ret != 0) {
                         wolfSSL_X509_free(x509);
                         x509 = NULL;
                     }
                 }
+                else {
+                    ret = MEMORY_ERROR;
+                }
             }
 
             FreeDecodedCert(cert);
@@ -5170,6 +5286,10 @@ static WOLFSSL_X509* loadX509orX509REQFromBuffer(
         FreeDer(&der);
     }
 
+    if (ret != 0) {
+        WOLFSSL_ERROR(ret);
+    }
+
     return x509;
 }
 
@@ -5784,11 +5904,21 @@ static int X509PrintSubjAltName(WOLFSSL_BIO* bio, WOLFSSL_X509* x509,
                 else if (entry->type == ASN_URI_TYPE) {
                     len = XSNPRINTF(scratch, MAX_WIDTH, "URI:%s",
                         entry->name);
+                     if (len >= MAX_WIDTH) {
+                        ret = WOLFSSL_FAILURE;
+                        break;
+                    }
+                }
+            #if defined(OPENSSL_ALL)
+                else if (entry->type == ASN_RID_TYPE) {
+                    len = XSNPRINTF(scratch, MAX_WIDTH, "Registered ID:%s",
+                        entry->ridString);
                     if (len >= MAX_WIDTH) {
                         ret = WOLFSSL_FAILURE;
                         break;
                     }
                 }
+            #endif
                 else if (entry->type == ASN_OTHER_TYPE) {
                     len = XSNPRINTF(scratch, MAX_WIDTH,
                         "othername <unsupported>");
@@ -6378,7 +6508,8 @@ static int X509PrintSignature_ex(WOLFSSL_BIO* bio, byte* sig,
                     break;
                 }
             }
-            if (valLen >= (int)sizeof(tmp) - tmpLen - 1) {
+            if ((tmpLen < 0) || (valLen < 0) ||
+                    (valLen >= ((int)sizeof(tmp) - tmpLen - 1))) {
                 ret = WOLFSSL_FAILURE;
                 break;
             }
@@ -7022,7 +7153,8 @@ int wolfSSL_X509_LOOKUP_load_file(WOLFSSL_X509_LOOKUP* lookup,
             WOLFSSL_CERT_MANAGER* cm = lookup->store->cm;
 
             if (cm->crl == NULL) {
-                if (wolfSSL_CertManagerEnableCRL(cm, 0) != WOLFSSL_SUCCESS) {
+                if (wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK)
+                    != WOLFSSL_SUCCESS) {
                     WOLFSSL_MSG("Enable CRL failed");
                     goto end;
                 }
@@ -7357,6 +7489,7 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
 {
     const unsigned char* der;
     int derSz = 0;
+    int advance = 1;
 
     WOLFSSL_ENTER("wolfSSL_i2d_X509");
 
@@ -7377,10 +7510,14 @@ int wolfSSL_i2d_X509(WOLFSSL_X509* x509, unsigned char** out)
             WOLFSSL_LEAVE("wolfSSL_i2d_X509", MEMORY_E);
             return MEMORY_E;
         }
+        advance = 0;
     }
 
-    if (out != NULL)
+    if (out != NULL) {
         XMEMCPY(*out, der, derSz);
+        if (advance)
+            *out += derSz;
+    }
 
     WOLFSSL_LEAVE("wolfSSL_i2d_X509", derSz);
     return derSz;
@@ -9470,7 +9607,9 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
     {
         WOLFSSL_ENTER("wolfSSL_X509_NAME_free");
         FreeX509Name(name);
-        XFREE(name, NULL, DYNAMIC_TYPE_X509);
+        if (name != NULL) {
+            XFREE(name, name->heap, DYNAMIC_TYPE_X509);
+        }
     }
 
 
@@ -9478,20 +9617,24 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
      *
      * returns NULL on failure, otherwise returns a new structure.
      */
-    WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void)
+    WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap)
     {
         WOLFSSL_X509_NAME* name;
 
-        WOLFSSL_ENTER("wolfSSL_X509_NAME_new");
+        WOLFSSL_ENTER("wolfSSL_X509_NAME_new_ex");
 
-        name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), NULL,
+        name = (WOLFSSL_X509_NAME*)XMALLOC(sizeof(WOLFSSL_X509_NAME), heap,
                 DYNAMIC_TYPE_X509);
         if (name != NULL) {
-            InitX509Name(name, 1, NULL);
+            InitX509Name(name, 1, heap);
         }
         return name;
     }
 
+    WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void) {
+        return wolfSSL_X509_NAME_new_ex(NULL);
+    }
+
     /* Creates a duplicate of a WOLFSSL_X509_NAME structure.
        Returns a new WOLFSSL_X509_NAME structure or NULL on failure */
     WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME *name)
@@ -9505,7 +9648,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
             return NULL;
         }
 
-        if (!(copy = wolfSSL_X509_NAME_new())) {
+        if (!(copy = wolfSSL_X509_NAME_new_ex(name->heap))) {
             return NULL;
         }
 
@@ -9588,7 +9731,8 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_chain_up_ref(
             }
             if (req->keyUsageSet)
                 cert->keyUsage = req->keyUsage;
-            /* Extended Key Usage not supported. */
+
+            cert->extKeyUsage = req->extKeyUsage;
     #endif
 
             XMEMCPY(cert->challengePw, req->challengePw, CTC_NAME_SIZE);
@@ -10411,6 +10555,7 @@ static int ConvertNIDToWolfSSL(int nid)
         case NID_organizationName: return ASN_ORG_NAME;
         case NID_organizationalUnitName: return ASN_ORGUNIT_NAME;
         case NID_emailAddress: return ASN_EMAIL_NAME;
+        case NID_pkcs9_contentType: return ASN_CONTENT_TYPE;
         case NID_serialNumber: return ASN_SERIAL_NUMBER;
         case NID_userId: return ASN_USER_ID;
         case NID_businessCategory: return ASN_BUS_CAT;
@@ -10618,6 +10763,7 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
                 case MBSTRING_UTF8:
                     type = CTC_UTF8;
                     break;
+                case MBSTRING_ASC:
                 case V_ASN1_PRINTABLESTRING:
                     type = CTC_PRINTABLE;
                     break;
@@ -10727,8 +10873,8 @@ int wolfSSL_i2d_X509_NAME(WOLFSSL_X509_NAME* name, unsigned char** out)
             goto cleanup;
         }
 
-        if (!(tmp = wolfSSL_X509_NAME_new())) {
-            WOLFSSL_MSG("wolfSSL_X509_NAME_new error");
+        if (!(tmp = wolfSSL_X509_NAME_new_ex(cert->heap))) {
+            WOLFSSL_MSG("wolfSSL_X509_NAME_new_ex error");
             goto cleanup;
         }
 
@@ -12434,7 +12580,7 @@ WOLF_STACK_OF(WOLFSSL_X509_NAME) *wolfSSL_dup_CA_list(
 
     for (i = 0; i < num; i++) {
         name = wolfSSL_X509_NAME_dup(wolfSSL_sk_X509_NAME_value(sk, i));
-        if (name == NULL || 0 != wolfSSL_sk_X509_NAME_push(copy, name)) {
+        if (name == NULL || WOLFSSL_SUCCESS != wolfSSL_sk_X509_NAME_push(copy, name)) {
             WOLFSSL_MSG("Memory error");
             wolfSSL_sk_X509_NAME_pop_free(copy, wolfSSL_X509_NAME_free);
             return NULL;
@@ -12506,6 +12652,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
             str = "ST";
             len = 2;
             break;
+        case NID_streetAddress:
+            str = "street";
+            len = 6;
+            break;
         case NID_organizationName:
             str = "O";
             len = 1;
@@ -12514,6 +12664,10 @@ static int get_dn_attr_by_nid(int n, const char** buf)
             str = "OU";
             len = 2;
             break;
+        case NID_postalCode:
+            str = "postalCode";
+            len = 10;
+            break;
         case NID_emailAddress:
             str = "emailAddress";
             len = 12;
@@ -12542,6 +12696,14 @@ static int get_dn_attr_by_nid(int n, const char** buf)
             str = "DC";
             len = 2;
             break;
+        case NID_pkcs9_contentType:
+            str = "contentType";
+            len = 11;
+            break;
+        case NID_userId:
+            str = "UID";
+            len = 3;
+            break;
         default:
             WOLFSSL_MSG("Attribute type not found");
             str = NULL;
@@ -12695,6 +12857,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
                 >= tmpSz)
             {
                 WOLFSSL_MSG("buffer overrun");
+                XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                 return WOLFSSL_FAILURE;
             }
 
@@ -12705,6 +12868,7 @@ int wolfSSL_X509_NAME_print_ex(WOLFSSL_BIO* bio, WOLFSSL_X509_NAME* name,
                 >= tmpSz)
             {
                 WOLFSSL_MSG("buffer overrun");
+                XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
                 return WOLFSSL_FAILURE;
             }
             tmpSz = len + nameStrSz + 1; /* 1 for '=' */
@@ -13490,7 +13654,7 @@ int wolfSSL_X509_set_notBefore(WOLFSSL_X509* x509, const WOLFSSL_ASN1_TIME* t)
 int wolfSSL_X509_set_serialNumber(WOLFSSL_X509* x509, WOLFSSL_ASN1_INTEGER* s)
 {
     WOLFSSL_ENTER("wolfSSL_X509_set_serialNumber");
-    if (!x509 || !s || s->length >= EXTERNAL_SERIAL_SIZE)
+    if (x509 == NULL || s == NULL || s->length >= EXTERNAL_SERIAL_SIZE)
         return WOLFSSL_FAILURE;
 
     /* WOLFSSL_ASN1_INTEGER has type | size | data
@@ -13970,6 +14134,10 @@ int wolfSSL_X509_REQ_add1_attr_by_NID(WOLFSSL_X509 *req,
             }
         }
         ret = wolfSSL_sk_push(req->reqAttributes, attr);
+        if ((ret != WOLFSSL_SUCCESS) || (req->reqAttributes->type == STACK_TYPE_CIPHER)) {
+            /* CIPHER type makes a copy */
+            wolfSSL_X509_ATTRIBUTE_free(attr);
+        }
     }
 
     return ret;
diff --git a/extra/wolfssl/wolfssl/src/x509_str.c b/extra/wolfssl/wolfssl/src/x509_str.c
index 4ba0ce69..b0b365bc 100644
--- a/extra/wolfssl/wolfssl/src/x509_str.c
+++ b/extra/wolfssl/wolfssl/src/x509_str.c
@@ -84,16 +84,40 @@ int wolfSSL_X509_STORE_CTX_init(WOLFSSL_X509_STORE_CTX* ctx,
         #endif
 
         ctx->chain  = sk;
-        /* Add intermediate certificates from stack to store */
-        while (sk != NULL) {
-            WOLFSSL_X509* x509_cert = sk->data.x509;
-            if (x509_cert != NULL && x509_cert->isCa) {
-                ret = wolfSSL_X509_STORE_add_cert(store, x509_cert);
-                if (ret < 0) {
-                    return WOLFSSL_FAILURE;
+        /* Add intermediate certs, that verify to a loaded CA, to the store */
+        if (sk != NULL) {
+            byte addedAtLeastOne = 1;
+            WOLF_STACK_OF(WOLFSSL_X509)* head = wolfSSL_shallow_sk_dup(sk);
+            if (head == NULL)
+                return WOLFSSL_FAILURE;
+            while (addedAtLeastOne) {
+                WOLF_STACK_OF(WOLFSSL_X509)* cur = head;
+                WOLF_STACK_OF(WOLFSSL_X509)** prev = &head;
+                addedAtLeastOne = 0;
+                while (cur) {
+                    WOLFSSL_X509* cert = cur->data.x509;
+                    if (cert != NULL && cert->derCert != NULL &&
+                            wolfSSL_CertManagerVerifyBuffer(store->cm,
+                                    cert->derCert->buffer,
+                                    cert->derCert->length,
+                                    WOLFSSL_FILETYPE_ASN1) == WOLFSSL_SUCCESS) {
+                        ret = wolfSSL_X509_STORE_add_cert(store, cert);
+                        if (ret < 0) {
+                            wolfSSL_sk_free(head);
+                            return WOLFSSL_FAILURE;
+                        }
+                        addedAtLeastOne = 1;
+                        *prev = cur->next;
+                        wolfSSL_sk_free_node(cur);
+                        cur = *prev;
+                    }
+                    else {
+                        prev = &cur->next;
+                        cur = cur->next;
+                    }
                 }
             }
-            sk = sk->next;
+            wolfSSL_sk_free(head);
         }
 
         ctx->sesChain = NULL;
@@ -140,7 +164,9 @@ void wolfSSL_X509_STORE_CTX_free(WOLFSSL_X509_STORE_CTX* ctx)
     }
 }
 
-
+/* Its recommended to use a full free -> init cycle of all the objects
+ * because wolfSSL_X509_STORE_CTX_init may modify the store too which doesn't
+ * get reset here. */
 void wolfSSL_X509_STORE_CTX_cleanup(WOLFSSL_X509_STORE_CTX* ctx)
 {
     if (ctx != NULL) {
@@ -168,9 +194,9 @@ int GetX509Error(int e)
 {
     switch (e) {
         case ASN_BEFORE_DATE_E:
-            return WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+            return WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID;
         case ASN_AFTER_DATE_E:
-            return WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+            return WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED;
         case ASN_NO_SIGNER_E: /* get issuer error if no CA found locally */
             return WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
         case ASN_SELF_SIGNED_E:
@@ -183,6 +209,11 @@ int GetX509Error(int e)
         case ASN_SIG_HASH_E:
         case ASN_SIG_KEY_E:
             return WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE;
+        case CRL_CERT_REVOKED:
+            return WOLFSSL_X509_V_ERR_CERT_REVOKED;
+        case 0:
+        case 1:
+            return 0;
         default:
 #ifdef HAVE_WOLFSSL_MSG_EX
             WOLFSSL_MSG_EX("Error not configured or implemented yet: %d", e);
@@ -193,6 +224,19 @@ int GetX509Error(int e)
     }
 }
 
+static void SetupStoreCtxError(WOLFSSL_X509_STORE_CTX* ctx, int ret)
+{
+    int depth = 0;
+    int error = GetX509Error(ret);
+
+    /* Set error depth */
+    if (ctx->chain)
+        depth = (int)ctx->chain->num;
+
+    wolfSSL_X509_STORE_CTX_set_error(ctx, error);
+    wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
+}
+
 /* Verifies certificate chain using WOLFSSL_X509_STORE_CTX
  * returns 0 on success or < 0 on failure.
  */
@@ -202,66 +246,39 @@ int wolfSSL_X509_verify_cert(WOLFSSL_X509_STORE_CTX* ctx)
 
     if (ctx != NULL && ctx->store != NULL && ctx->store->cm != NULL
          && ctx->current_cert != NULL && ctx->current_cert->derCert != NULL) {
-        int ret = 0;
-        int depth = 0;
-        int error;
-    #ifndef NO_ASN_TIME
-        byte *afterDate, *beforeDate;
-    #endif
-
-        ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
+        int ret = wolfSSL_CertManagerVerifyBuffer(ctx->store->cm,
                 ctx->current_cert->derCert->buffer,
                 ctx->current_cert->derCert->length,
                 WOLFSSL_FILETYPE_ASN1);
-        /* If there was an error, process it and add it to CTX */
-        if (ret < 0) {
-            /* Get corresponding X509 error */
-            error = GetX509Error(ret);
-            /* Set error depth */
-            if (ctx->chain)
-                depth = (int)ctx->chain->num;
-
-            wolfSSL_X509_STORE_CTX_set_error(ctx, error);
-            wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
-        #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
-            if (ctx->store && ctx->store->verify_cb)
-                ctx->store->verify_cb(0, ctx);
-        #endif
-        }
+        SetupStoreCtxError(ctx, ret);
 
     #ifndef NO_ASN_TIME
-        error = 0;
-        /* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
-         ASN_BEFORE_DATE_E if there are no additional errors found in the
-         cert. Therefore, check if the cert is expired or not yet valid
-         in order to return the correct expected error. */
-        afterDate = ctx->current_cert->notAfter.data;
-        beforeDate = ctx->current_cert->notBefore.data;
-
-        if (XVALIDATE_DATE(afterDate, (byte)ctx->current_cert->notAfter.type,
-                                                                   AFTER) < 1) {
-            error = WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED;
-        }
-        else if (XVALIDATE_DATE(beforeDate,
-                    (byte)ctx->current_cert->notBefore.type, BEFORE) < 1) {
-            error = WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID;
+        if (ret != ASN_BEFORE_DATE_E && ret != ASN_AFTER_DATE_E) {
+            /* wolfSSL_CertManagerVerifyBuffer only returns ASN_AFTER_DATE_E or
+             ASN_BEFORE_DATE_E if there are no additional errors found in the
+             cert. Therefore, check if the cert is expired or not yet valid
+             in order to return the correct expected error. */
+            byte *afterDate = ctx->current_cert->notAfter.data;
+            byte *beforeDate = ctx->current_cert->notBefore.data;
+
+            if (XVALIDATE_DATE(afterDate,
+                        (byte)ctx->current_cert->notAfter.type, AFTER) < 1) {
+                ret = ASN_AFTER_DATE_E;
+            }
+            else if (XVALIDATE_DATE(beforeDate,
+                        (byte)ctx->current_cert->notBefore.type, BEFORE) < 1) {
+                ret = ASN_BEFORE_DATE_E;
+            }
+            SetupStoreCtxError(ctx, ret);
         }
+    #endif
 
-        if (error != 0 ) {
-            wolfSSL_X509_STORE_CTX_set_error(ctx, error);
-            wolfSSL_X509_STORE_CTX_set_error_depth(ctx, depth);
-        #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
-            if (ctx->store && ctx->store->verify_cb)
-                ctx->store->verify_cb(0, ctx);
-        #endif
-        }
+    #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
+        if (ctx->store && ctx->store->verify_cb)
+            ret = ctx->store->verify_cb(ret >= 0 ? 1 : 0, ctx) == 1 ? 0 : -1;
     #endif
 
-        /* OpenSSL returns 0 when a chain can't be built */
-        if (ret == ASN_NO_SIGNER_E)
-            return WOLFSSL_FAILURE;
-        else
-            return ret;
+        return ret >= 0 ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
     }
     return WOLFSSL_FATAL_ERROR;
 }
@@ -980,7 +997,11 @@ int wolfSSL_X509_STORE_set_flags(WOLFSSL_X509_STORE* store, unsigned long flag)
     if ((flag & WOLFSSL_CRL_CHECKALL) || (flag & WOLFSSL_CRL_CHECK)) {
         ret = wolfSSL_CertManagerEnableCRL(store->cm, (int)flag);
     }
-
+#if defined(OPENSSL_COMPATIBLE_DEFAULTS)
+    else if (flag == 0) {
+        ret = wolfSSL_CertManagerDisableCRL(store->cm);
+    }
+#endif
     return ret;
 }
 
@@ -1023,7 +1044,11 @@ WOLFSSL_API int wolfSSL_X509_STORE_load_locations(WOLFSSL_X509_STORE *str,
 
 #ifdef HAVE_CRL
     if (str->cm->crl == NULL) {
-        if (wolfSSL_CertManagerEnableCRL(str->cm, 0) != WOLFSSL_SUCCESS) {
+        /* Workaround to allocate the internals to load CRL's but don't enable
+         * CRL checking by default */
+        if (wolfSSL_CertManagerEnableCRL(str->cm, WOLFSSL_CRL_CHECK)
+                != WOLFSSL_SUCCESS ||
+                wolfSSL_CertManagerDisableCRL(str->cm) != WOLFSSL_SUCCESS) {
             WOLFSSL_MSG("Enable CRL failed");
             wolfSSL_CTX_free(ctx);
             return WOLFSSL_FAILURE;
diff --git a/extra/wolfssl/wolfssl/sslSniffer/README.md b/extra/wolfssl/wolfssl/sslSniffer/README.md
index 22582f28..27a6f527 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/README.md
+++ b/extra/wolfssl/wolfssl/sslSniffer/README.md
@@ -39,13 +39,17 @@ The STARTTLS option allows the sniffer to receive and ignore plaintext before re
 
 `./configure --enable-sniffer CPPFLAGS=-DSTARTTLS_ALLOWED`
 
+The SSL Keylog file option enables the sniffer to decrypt TLS traffic using the master secret obtained from a [NSS keylog file](https://web.archive.org/web/20220531072242/https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html). This allows the sniffer to decrypt all TLS traffic, even for TLS connections using ephemeral cipher suites. Keylog file sniffing is supported for TLS versions 1.2 and 1.3. WolfSSL can be configured to export a keylog file using the `--enable-keylog-export` configure option, independently from the sniffer feature (NOTE: never do this in a production environment, as it is inherently insecure). To enable sniffer support for keylog files, use the following configure command line and build as before:
+
+`./configure --enable-sniffer CPPFLAGS=-DWOLFSSL_SNIFFER_KEYLOGFILE`
+
 All options may be enabled with the following configure command line:
 
 ```sh
 ./configure --enable-sniffer \
     CPPFLAGS="-DWOLFSSL_SNIFFER_STATS -DWOLFSSL_SNIFFER_WATCH \
     -DWOLFSSL_SNIFFER_STORE_DATA_CB -DWOLFSSL_SNIFFER_CHAIN_INPUT \
-    -DSTARTTLS_ALLOWED"
+    -DSTARTTLS_ALLOWED -DWOLFSSL_SNIFFER_KEYLOGFILE"
 ```
 
 To add some other cipher support to the sniffer, you can add options like:
@@ -88,7 +92,11 @@ To build with OCTEON III support for a Linux host:
 
 ## Command Line Options
 
-The wolfSSL sniffer includes a test application `snifftest` in the `sslSniffer/sslSnifferTest/` directory. The command line application has several options that can be passed in at runtime to change the default behavior of the application. To execute a “live� sniff just run the application without any parameters and then pick an interface to sniff on followed by the port.
+The wolfSSL sniffer includes a test application `snifftest` in the `sslSniffer/sslSnifferTest/` directory. The command line application has two sniffing modes: "live" mode and "offline" mode. In "live" mode, the application will prompt the user for network information and other parameters and then actively sniff real network traffic on an interface. In "offline" mode, the user provides the application with a pcap file and other network information via command line arguments, and the sniffer
+will then decrypt the relevant TLS traffic captured in the pcap file.
+
+### Live Sniff Mode
+To execute a “live� sniff just run the application without any parameters and then pick an interface to sniff on followed by the port.
 
 An example startup may look like this:
 
@@ -116,41 +124,50 @@ The above example sniffs on the localhost interface (lo0) with the default wolfS
 
 Trace output will be written to a file named `tracefile.txt`.
 
-To decode a previously saved pcap file you will need to enter a few parameters.
+### Offline Sniff Mode
+
+Offline mode allows traffic to be decoded from a previously saved pcap file. To run the sniffer in offline mode, you will need to provide the application with some command line arguments, some of which are mandatory and some of which are optional
 
-The following table lists the accepted inputs in saved file mode.
+The following table lists the accepted inputs in offline mode.
 
 Synopsis:
 
-`snifftest  dumpFile pemKey [server] [port] [password] [threads]`
+`snifftest -pcap pcap_arg -key key_arg [-password password_arg] [-server server_arg] [-port port_arg] [-keylogfile keylogfile_arg] [-threads threads_arg]`
 
 `snifftest` Options Summary:
 
 ```
-Option      Description                                 Default Value
-dumpFile    A previously saved pcap file                NA
-pemKey      The server’s private key in PEM format      NA
-server      The server’s IP address (v4 or v6)          127.0.0.1
-port        The server port to sniff                    443
-password    Private Key Password if required            NA
-threads     The number of threads to run with           5
+Option           Description                                 Default Value   Mandatory
+pcap_arg         A previously saved pcap file                NA              Y
+key_arg          The server’s private key in PEM format      NA              Y
+password_arg     Private Key Password if required            NA              N
+server_arg       The server’s IP address (v4 or v6)          127.0.0.1       N
+port_arg         The server port to sniff                    443             N
+threads          The number of threads to run with           5               N
+keylogfile_arg   Keylog file containing decryption secrets   NA              N
 ```
 
 To decode a pcap file named test.pcap with a server key file called myKey.pem that was generated on the localhost with a server at port 443 just use:
 
-`./snifftest test.pcap myKey.pem`
+`./snifftest -pcap test.pcap -key myKey.pem`
 
 If the server was on 10.0.1.2 and on port 12345 you could instead use:
 
-`./snifftest test.pcap myKey.pem 10.0.1.2 12345`
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345`
 
 If the server was on localhost using IPv6 and on port 12345 you could instead use:
 
-`./snifftest test.pcap myKey.pem ::1 12345`
+`./snifftest -pcap test.pcap -key myKey.pem -server ::1 -port 12345`
 
 If you wanted to use 15 threads to decode `test.pcap` and your key does not require a password, you could use a dummy password and run:
 
-`./snifftest test.pcap myKey.pem 10.0.1.2 12345 pass 15`
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345 -password pass -threads 15`
+
+If the server exported its secrets in a [NSS keylog file](https://web.archive.org/web/20220531072242/https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html)
+named "sslkeylog.log", you could decrypt the traffic using:
+
+`./snifftest -pcap test.pcap -key myKey.pem -server 10.0.1.2 -port 12345 -keylogfile /path/to/sslkeylog.log`
+
 
 ## API Usage
 
@@ -164,7 +181,7 @@ Use the include `#include <wolfssl/sniffer.h>`.
 void ssl_InitSniffer(void);
 ```
 
-Initializes the wolfSSL sniffer for use and should be called once per application.  
+Initializes the wolfSSL sniffer for use and should be called once per application.
 
 ### ssl_FreeSniffer
 
@@ -285,8 +302,8 @@ Return Values:
 ### ssl_SetEphemeralKey
 
 ```c
-int ssl_SetEphemeralKey(const char* address, int port, 
-                        const char* keyFile, int typeKey, 
+int ssl_SetEphemeralKey(const char* address, int port,
+                        const char* keyFile, int typeKey,
                         const char* password, char* error)
 ```
 Creates a sniffer session based on the `serverAddress` and `port` inputs using ECC or DH static ephemeral key.
@@ -300,6 +317,35 @@ Return Values:
 * 0 on success
 * -1 if a problem occurred, the string error will hold a message describing the problem
 
+### ssl_LoadSecretsFromKeyLogFile
+
+```c
+int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile, char* error)
+```
+
+Loads secrets to decrypt TLS traffic from a keylog file. Only sniffer servers registered with `ssl_createKeyLogSnifferServer()` will be able to decrypt using these secrets
+
+This function requires that sniffer keylog file support (`WOLFSSL_SNIFFER_KEYLOGFILE`) is enabled in the build. Keylog file sniffing is supported for TLS versions 1.2 and 1.3.
+
+Return Values:
+* 0 on success
+* -1 if a problem occurred, the string error will hold a message describing the problem
+
+### ssl_CreateKeyLogSnifferServer
+
+```c
+int ssl_CreateKeyLogSnifferServer(const char* address, int port, char* error)
+```
+
+Creates a sniffer session based on `serverAddress` and `port`, and uses secrets obtained from a keylog file to decrypt traffic. Keylog files should be loaded using `ssl_LoadSecretsFromKeyLogFile()`.
+
+This function requires that sniffer keylog file support (`WOLFSSL_SNIFFER_KEYLOGFILE`) is enabled in the build. Keylog file sniffing is supported for TLS versions 1.2 and 1.3.
+
+Return Values:
+* 0 on success
+* -1 if a problem occurred, the string error will hold a message describing the problem
+
+
 ### ssl_DecodePacket
 
 ```c
@@ -525,7 +571,7 @@ Return Values:
 ### ssl_SetWatchKey_buffer
 
 ```c
-int ssl_SetWatchKey_buffer(void* vSniffer, const unsigned char* key, 
+int ssl_SetWatchKey_buffer(void* vSniffer, const unsigned char* key,
     unsigned int keySz, int keyType, char* error);
 ```
 
@@ -633,7 +679,7 @@ Remember to always start the sniffing application before the server.  This is im
 
 ### Cipher Suite Limitations
 
-As a passive sniffer the wolfSSL sniffer will not be able to decode any SSL session that uses DHE (Ephemeral Diffie-Hellman) because it will not have access to the temporary key that the server generates.  You may need to disable DHE cipher suites on the server and/or client to prevent these cipher suites from being used.
+As a passive sniffer the wolfSSL sniffer will not be able to decode any SSL session that uses DHE (Ephemeral Diffie-Hellman) because it will not have access to the temporary key that the server generates. You may need to disable DHE cipher suites on the server and/or client to prevent these cipher suites from being used. The notable exception to this is if the sniffer session uses the keylog file feature, in which case any session using TLS 1.2 or 1.3 can be decoded.
 
 ### Thread Safety
 
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
index f5d4053c..598b1522 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../;../IDE/WIN"
-				PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -118,7 +118,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../;../IDE/WIN"
-				PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
index 75c7bf2a..7395cac1 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSniffer.vcxproj
@@ -89,7 +89,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -109,7 +109,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -128,7 +128,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -150,7 +150,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;SSL_SNIFFER_EXPORTS;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c b/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
index d3ba59d6..64053ec9 100644
--- a/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
+++ b/extra/wolfssl/wolfssl/sslSniffer/sslSnifferTest/snifftest.c
@@ -76,7 +76,7 @@ int main(void)
 #include <signal.h>        /* signal */
 #include <ctype.h>         /* isprint */
 
-#include <cyassl/sniffer.h>
+#include <wolfssl/sniffer.h>
 
 
 #ifndef _WIN32
@@ -144,6 +144,8 @@ enum {
     #endif
 #endif
 
+#define DEFAULT_SERVER_IP   "127.0.0.1"
+#define DEFAULT_SERVER_PORT (443)
 
 #ifdef WOLFSSL_SNIFFER_WATCH
 static const byte rsaHash[] = {
@@ -470,20 +472,12 @@ static void show_appinfo(void)
     #ifdef WOLFSSL_STATIC_DH
         "dh_static "
     #endif
+    #ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+        "ssl_keylog_file "
+    #endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
     "\n\n"
     );
 }
-static void show_usage(void)
-{
-    printf("usage:\n");
-    printf("\t./snifftest\n");
-    printf("\t\tprompts for options\n");
-#ifdef THREADED_SNIFFTEST
-    printf("\t./snifftest dump pemKey [server] [port] [password] [threads]\n");
-#else
-    printf("\t./snifftest dump pemKey [server] [port] [password]\n");
-#endif
-}
 
 typedef struct SnifferPacket {
     byte* packet;
@@ -955,7 +949,6 @@ int main(int argc, char** argv)
     int          ret = 0;
     int          hadBadPacket = 0;
     int          inum = 0;
-    int          port = 0;
     int          saveFile = 0;
     int          i = 0, defDev = 0;
     int          packetNumber = 0;
@@ -963,9 +956,13 @@ int main(int argc, char** argv)
     char         err[PCAP_ERRBUF_SIZE];
     char         filter[32];
     const char  *keyFilesSrc = NULL;
+#ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+    const char  *sslKeyLogFile = NULL;
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
     char         keyFilesBuf[MAX_FILENAME_SZ];
     char         keyFilesUser[MAX_FILENAME_SZ];
-    const char  *server = NULL;
+    const char  *server = DEFAULT_SERVER_IP;
+    int          port   = DEFAULT_SERVER_PORT;
     const char  *sniName = NULL;
     const char  *passwd = NULL;
     pcap_if_t   *d;
@@ -977,18 +974,13 @@ int main(int argc, char** argv)
     workerThreadCount = 1;
 #else
     workerThreadCount = 5;
-    if (argc >= 7)
-        workerThreadCount = XATOI(argv[6]);
 #endif
-    SnifferWorker workers[workerThreadCount];
-    int           used[workerThreadCount];
 #endif
 
     show_appinfo();
 
     signal(SIGINT, sig_handler);
 
-
 #ifndef THREADED_SNIFFTEST
     #ifndef _WIN32
     ssl_InitSniffer();   /* dll load on Windows */
@@ -1140,51 +1132,117 @@ int main(int argc, char** argv)
             }
         }
     }
-    else if (argc >= 3) {
-        saveFile = 1;
-        pcap = pcap_open_offline(argv[1], err);
-        if (pcap == NULL) {
-            printf("pcap_open_offline failed %s\n", err);
-            ret = -1;
+    else {
+        char *pcapFile = NULL;
+
+        for (i = 1; i < argc; i++) {
+            if (strcmp(argv[i], "-pcap") == 0 && i + 1 < argc) {
+                pcapFile = argv[++i];
+            }
+            else if (strcmp(argv[i], "-key") == 0 && i + 1 < argc) {
+                keyFilesSrc = argv[++i];
+            }
+            else if (strcmp(argv[i], "-server") == 0 && i + 1 < argc) {
+                server = argv[++i];
+            }
+            else if (strcmp(argv[i], "-port") == 0 && i + 1 < argc) {
+                port = XATOI(argv[++i]);
+            }
+            else if (strcmp(argv[i], "-password") == 0 && i + 1 < argc) {
+                passwd = argv[++i];
+            }
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+            else if (strcmp(argv[i], "-keylogfile") == 0 && i + 1 < argc) {
+                sslKeyLogFile = argv[++i];
+            }
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+#if defined(THREADED_SNIFFTEST)
+            else if (strcmp(argv[i], "-threads") == 0 && i + 1 < argc) {
+                workerThreadCount = XATOI(argv[++i]);
+            }
+#endif /* THREADED_SNIFFTEST */
+            else {
+                fprintf(stderr, "Invalid option or missing argument: %s\n", argv[i]);
+                fprintf(stderr, "Usage: %s -pcap pcap_arg -key key_arg"
+                        " [-password password_arg] [-server server_arg] [-port port_arg]"
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+                        " [-keylogfile keylogfile_arg]"
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+#if defined(THREADED_SNIFFTEST)
+                        " [-threads threads_arg]"
+#endif /* THREADED_SNIFFTEST */
+                        "\n", argv[0]);
+                exit(EXIT_FAILURE);
+            }
         }
-        else {
-            /* defaults for server and port */
-            port = 443;
-            server = "127.0.0.1";
-            keyFilesSrc = argv[2];
 
-            if (argc >= 4)
-                server = argv[3];
+        if (!pcapFile) {
+            fprintf(stderr, "Error: -pcap option is required.\n");
+            exit(EXIT_FAILURE);
+        }
 
-            if (argc >= 5)
-                port = XATOI(argv[4]);
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+        /* If we offer keylog support, then user must provide EITHER a pubkey
+         * OR a keylog file but NOT both */
+        if ((!keyFilesSrc && !sslKeyLogFile) || (keyFilesSrc && sslKeyLogFile)) {
+            fprintf(stderr, "Error: either -key OR -keylogfile option required but NOT both.\n");
+            exit(EXIT_FAILURE);
+        }
+#else
+        if (!keyFilesSrc) {
+            fprintf(stderr, "Error: -key option is required.\n");
+            exit(EXIT_FAILURE);
+        }
+#endif
 
-            if (argc >= 6)
-                passwd = argv[5];
+        saveFile = 1;
+        pcap = pcap_open_offline(pcapFile , err);
+        if (pcap == NULL) {
+            fprintf(stderr, "pcap_open_offline failed %s\n", err);
+            err_sys(err);
+        }
+        else {
+#if defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+            if (sslKeyLogFile != NULL) {
+                ret = ssl_LoadSecretsFromKeyLogFile(sslKeyLogFile, err);
+                if (ret != 0) {
+                    fprintf(stderr, "ERROR=%d, unable to load secrets from keylog file\n",ret);
+                    err_sys(err);
+                }
 
-            ret = load_key(NULL, server, port, keyFilesSrc, passwd, err);
-            if (ret != 0) {
-                exit(EXIT_FAILURE);
+                ret = ssl_CreateKeyLogSnifferServer(server, port, err);
+                if (ret != 0) {
+                    fprintf(stderr, "ERROR=%d, unable to create keylog sniffer server\n",ret);
+                    err_sys(err);
+                }
+            }
+            else
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
+            {
+                ret = load_key(NULL, server, port, keyFilesSrc, passwd, err);
+                if (ret != 0) {
+                    fprintf(stderr, "Failed to load key\n");
+                    err_sys(err);
+                }
             }
 
+
             /* Only let through TCP/IP packets */
             ret = pcap_compile(pcap, &pcap_fp, "(ip6 or ip) and tcp", 0, 0);
             if (ret != 0) {
-                printf("pcap_compile failed %s\n", pcap_geterr(pcap));
+                fprintf(stderr, "pcap_compile failed %s\n", pcap_geterr(pcap));
                 exit(EXIT_FAILURE);
             }
 
             ret = pcap_setfilter(pcap, &pcap_fp);
             if (ret != 0) {
-                printf("pcap_setfilter failed %s\n", pcap_geterr(pcap));
+                fprintf(stderr, "pcap_setfilter failed %s\n", pcap_geterr(pcap));
                 exit(EXIT_FAILURE);
             }
+
+
         }
     }
-    else {
-        show_usage();
-        exit(EXIT_FAILURE);
-    }
 
     if (ret != 0)
         err_sys(err);
@@ -1193,6 +1251,9 @@ int main(int argc, char** argv)
         frame = NULL_IF_FRAME_LEN;
 
 #ifdef THREADED_SNIFFTEST
+    SnifferWorker workers[workerThreadCount];
+    int           used[workerThreadCount];
+
     XMEMSET(used, 0, sizeof(used));
     XMEMSET(&workers, 0, sizeof(workers));
 
diff --git a/extra/wolfssl/wolfssl/tests/api.c b/extra/wolfssl/wolfssl/tests/api.c
index 73b0dd00..19cca234 100644
--- a/extra/wolfssl/wolfssl/tests/api.c
+++ b/extra/wolfssl/wolfssl/tests/api.c
@@ -47,6 +47,20 @@
 #endif
 #if defined(WOLFSSL_STATIC_MEMORY)
     #include <wolfssl/wolfcrypt/memory.h>
+
+#if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
+    #if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
+         defined(SESSION_CERTS)
+        #ifdef OPENSSL_EXTRA
+            #define TEST_TLS_STATIC_MEMSZ (400000)
+        #else
+            #define TEST_TLS_STATIC_MEMSZ (320000)
+        #endif
+    #else
+            #define TEST_TLS_STATIC_MEMSZ (80000)
+    #endif
+#endif
+
 #endif /* WOLFSSL_STATIC_MEMORY */
 #ifndef HEAP_HINT
     #define HEAP_HINT NULL
@@ -123,6 +137,9 @@
     #if !defined(DER_SZ)
         #define DER_SZ(ks) ((ks) * 2 + 1)
     #endif
+    #ifdef WOLFSSL_SM2
+        #include <wolfssl/wolfcrypt/sm2.h>
+    #endif
 #endif
 #ifndef NO_ASN
     #include <wolfssl/wolfcrypt/asn_public.h>
@@ -159,12 +176,19 @@
     #endif
 #endif
 
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+
 #ifndef NO_AES
     #include <wolfssl/wolfcrypt/aes.h>
     #ifdef HAVE_AES_DECRYPT
         #include <wolfssl/wolfcrypt/wc_encrypt.h>
     #endif
 #endif
+#ifdef WOLFSSL_SM4
+    #include <wolfssl/wolfcrypt/sm4.h>
+#endif
 #ifdef WOLFSSL_RIPEMD
     #include <wolfssl/wolfcrypt/ripemd.h>
 #endif
@@ -319,6 +343,9 @@
 #ifndef NO_DES3
     #include <wolfssl/openssl/des.h>
 #endif
+#ifndef NO_RC4
+    #include <wolfssl/openssl/rc4.h>
+#endif
 #ifdef HAVE_ECC
     #include <wolfssl/openssl/ecdsa.h>
 #endif
@@ -342,7 +369,8 @@
     defined(HAVE_SESSION_TICKET) || (defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)) || \
     defined(WOLFSSL_TEST_STATIC_BUILD) || defined(WOLFSSL_DTLS) || \
-    defined(HAVE_ECH) || defined(HAVE_EX_DATA)
+    defined(HAVE_ECH) || defined(HAVE_EX_DATA) || !defined(NO_SESSION_CACHE) \
+    || !defined(WOLFSSL_NO_TLS12) || defined(WOLFSSL_TLS13)
     /* for testing SSL_get_peer_cert_chain, or SESSION_TICKET_HINT_DEFAULT,
      * for setting authKeyIdSrc in WOLFSSL_X509, or testing DTLS sequence
      * number tracking */
@@ -358,6 +386,15 @@
 #endif
 #include <wolfssl/certs_test.h>
 
+#include "tests/utils.h"
+
+/* include misc.c here regardless of NO_INLINE, because misc.c implementations
+ * have default (hidden) visibility, and in the absence of visibility, it's
+ * benign to mask out the library implementation.
+ */
+#define WOLFSSL_MISC_INCLUDED
+#include <wolfcrypt/src/misc.c>
+
 #ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
     /* FIPS build has replaced ecc.h. */
     #define wc_ecc_key_get_priv(key) (&((key)->k))
@@ -401,6 +438,7 @@ typedef struct testVector {
 typedef int (*ctx_cb)(WOLFSSL_CTX* ctx);
 typedef int (*ssl_cb)(WOLFSSL* ssl);
 typedef int (*test_cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
+typedef int (*hs_cb)(WOLFSSL_CTX **ctx, WOLFSSL **ssl);
 
 typedef struct test_ssl_cbf {
     method_provider method;
@@ -408,6 +446,7 @@ typedef struct test_ssl_cbf {
     ssl_cb ssl_ready;
     ssl_cb on_result;
     ssl_cb on_cleanup;
+    hs_cb  on_handshake;
     WOLFSSL_CTX* ctx;
     const char* caPemFile;
     const char* certPemFile;
@@ -454,6 +493,12 @@ typedef struct test_ssl_memio_ctx {
 int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
     test_ssl_cbf* server_cb, test_cbType client_on_handshake);
 
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+const char* currentTestName;
+char tmpDirName[16];
+int tmpDirNameSet = 0;
+#endif
+
 /*----------------------------------------------------------------------------*
  | Constants
  *----------------------------------------------------------------------------*/
@@ -592,23 +637,17 @@ static WOLFSSL_BIO_METHOD* wolfSSL_BIO_s_fixed_mem(void)
 
 static int test_wolfSSL_Init(void)
 {
-    int result;
-
-    result = wolfSSL_Init();
-
-    result = TEST_RES_CHECK(result == WOLFSSL_SUCCESS);
-    return result;
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_Init(), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_Cleanup(void)
 {
-    int result;
-
-    result = wolfSSL_Cleanup();
-
-    result = TEST_RES_CHECK(result == WOLFSSL_SUCCESS);
-    return result;
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_Cleanup(), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
 }
 
 
@@ -617,23 +656,17 @@ static int test_wolfSSL_Cleanup(void)
  */
 static int test_wolfCrypt_Init(void)
 {
-    int result;
-
-    result = wolfCrypt_Init();
-
-    result = TEST_RES_CHECK(result == 0);
-    return result;
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfCrypt_Init(), 0);
+    return EXPECT_RESULT();
 
 } /* END test_wolfCrypt_Init */
 
 static int test_wolfCrypt_Cleanup(void)
 {
-    int result;
-
-    result = wolfCrypt_Cleanup();
-
-    result = TEST_RES_CHECK(result == 0);
-    return result;
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfCrypt_Cleanup(), 0);
+    return EXPECT_RESULT();
 }
 
 /*----------------------------------------------------------------------------*
@@ -641,9 +674,8 @@ static int test_wolfCrypt_Cleanup(void)
  *----------------------------------------------------------------------------*/
 static int test_fileAccess(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM)
     EXPECT_DECLS;
+#if defined(WOLFSSL_TEST_PLATFORMDEPEND) && !defined(NO_FILESYSTEM)
     const char *fname[] = {
         svrCertFile, svrKeyFile, caCertFile,
         eccCertFile, eccKeyFile, eccRsaCertFile,
@@ -660,7 +692,7 @@ static int test_fileAccess(void)
     int i;
 
     ExpectTrue(XFOPEN("badfilename", "rb") == XBADFILE);
-    for (i=0; fname[i] != NULL ; i++) {
+    for (i=0; EXPECT_SUCCESS() && fname[i] != NULL ; i++) {
         ExpectTrue((f = XFOPEN(fname[i], "rb")) != XBADFILE);
         XFCLOSE(f);
     }
@@ -674,10 +706,8 @@ static int test_fileAccess(void)
     ExpectIntEQ(XMEMCMP(server_cert_der_2048, buff, sz), 0);
     XFREE(buff, NULL, DYNAMIC_TYPE_FILE);
     XFCLOSE(f);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*----------------------------------------------------------------------------*
@@ -989,11 +1019,10 @@ static int test_for_double_Free(void)
 
 static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
-    (!defined(NO_RSA) || defined(HAVE_ECC))
-    EXPECT_DECLS;
+    (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
     const char* testCertFile;
     const char* testKeyFile;
     WOLFSSL_CTX* ctx = NULL;
@@ -1179,20 +1208,17 @@ static int test_wolfSSL_CTX_set_cipher_list_bytes(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* (OPENSSL_EXTRA || WOLFSSL_SET_CIPHER_BYTES) &&
     (!NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER) && (!NO_RSA || HAVE_ECC) */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_CTX_use_certificate_file(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_CTX *ctx = NULL;
 
     ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@@ -1217,31 +1243,26 @@ static int test_wolfSSL_CTX_use_certificate_file(void)
 #endif
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
 static int test_wolfSSL_CTX_use_certificate_ASN1(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER) && !defined(NO_ASN)
-    WOLFSSL_CTX*            ctx;
-    int                     ret;
+    WOLFSSL_CTX* ctx = NULL;
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
 
-    ret = SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
-                server_cert_der_2048);
+    ExpectIntEQ(SSL_CTX_use_certificate_ASN1(ctx, sizeof_server_cert_der_2048,
+        server_cert_der_2048), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(ret == WOLFSSL_SUCCESS);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
 
@@ -1252,10 +1273,9 @@ static int test_wolfSSL_CTX_use_certificate_ASN1(void)
  */
 static int test_wolfSSL_CTX_use_certificate_buffer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048) && \
         !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     int          ret;
 
@@ -1266,18 +1286,15 @@ static int test_wolfSSL_CTX_use_certificate_buffer(void)
         WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 
-} /*END test_wolfSSL_CTX_use_certificate_buffer*/
+} /* END test_wolfSSL_CTX_use_certificate_buffer */
 
 static int test_wolfSSL_CTX_use_PrivateKey_file(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_CTX *ctx = NULL;
 
     ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
@@ -1303,21 +1320,18 @@ static int test_wolfSSL_CTX_use_PrivateKey_file(void)
 #endif
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 /* test both file and buffer versions along with unloading trusted peer certs */
 static int test_wolfSSL_CTX_trust_peer_cert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && defined(WOLFSSL_TRUST_PEER_CERT) && \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_RSA)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL* ssl = NULL;
 
@@ -1382,24 +1396,28 @@ static int test_wolfSSL_CTX_trust_peer_cert(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
-
 static int test_wolfSSL_CTX_load_verify_locations(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_WOLFSSL_CLIENT)
     WOLFSSL_CTX *ctx = NULL;
 #ifndef NO_RSA
     WOLFSSL_CERT_MANAGER* cm = NULL;
 #ifdef PERSIST_CERT_CACHE
-    int cacheSz;
+    int cacheSz = 0;
+    unsigned char* cache = NULL;
+    int used = 0;
+#ifndef NO_FILESYSTEM
+    const char* cacheFile = "./tests/cert_cache.tmp";
+#endif
+    int i;
+    int t;
+    int* p;
 #endif
 #endif
 #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS)
@@ -1422,12 +1440,17 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
 
 
 #if !defined(NO_WOLFSSL_DIR) && !defined(WOLFSSL_TIRTOS) && \
-  (defined(WOLFSSL_QT) && \
+  ((defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)) && \
   !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR))
     /* invalid path */
     ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, NULL, bogusFile),
         WS_RETURN_CODE(BAD_PATH_ERROR,WOLFSSL_FAILURE));
 #endif
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
+    /* test ignoring the invalid path */
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx, NULL, bogusFile,
+        WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR), WOLFSSL_SUCCESS);
+#endif
 
     /* load ca cert */
 #ifdef NO_RSA
@@ -1440,6 +1463,99 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
 #ifdef PERSIST_CERT_CACHE
     /* Get cert cache size */
     ExpectIntGT(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), 0);
+
+    ExpectNotNull(cache = (byte*)XMALLOC(cacheSz, NULL,
+                            DYNAMIC_TYPE_TMP_BUFFER));
+
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, -1, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, -1, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, cacheSz, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, NULL, -1, &used),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(NULL, cache, cacheSz, &used),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, NULL, cacheSz, &used),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, -1, &used),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz - 10, &used),
+        BUFFER_E);
+    ExpectIntEQ(wolfSSL_CTX_memsave_cert_cache(ctx, cache, cacheSz, &used), 1);
+    ExpectIntEQ(cacheSz, used);
+
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, -1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, -1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, -1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, NULL, cacheSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(NULL, cache, cacheSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, NULL, cacheSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, -1),
+        BAD_FUNC_ARG);
+    /* Smaller than header. */
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, 1), BUFFER_E);
+    for (i = 1; i < cacheSz; i++) {
+        ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz - i),
+            BUFFER_E);
+    }
+    if (EXPECT_SUCCESS()) {
+        /* Modify header for bad results! */
+        p = (int*)cache;
+        /* version */
+        t = p[0]; p[0] = 0xff;
+        ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+            CACHE_MATCH_ERROR);
+        p[0] = t; p++;
+        /* rows */
+        t = p[0]; p[0] = 0xff;
+        ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+            CACHE_MATCH_ERROR);
+        p[0] = t; p++;
+        /* columns[0] */
+        t = p[0]; p[0] = -1;
+        ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+            PARSE_ERROR);
+        p[0] = t; p += CA_TABLE_SIZE;
+        /* signerSz*/
+        t = p[0]; p[0] = 0xff;
+        ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz),
+            CACHE_MATCH_ERROR);
+        p[0] = t;
+    }
+
+    ExpectIntEQ(wolfSSL_CTX_memrestore_cert_cache(ctx, cache, cacheSz), 1);
+    ExpectIntEQ(cacheSz = wolfSSL_CTX_get_cert_cache_memsize(ctx), used);
+
+#ifndef NO_FILESYSTEM
+    ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_save_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_save_cert_cache(ctx, cacheFile), 1);
+
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(NULL, cacheFile), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "no-file"),
+        WOLFSSL_BAD_FILE);
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, cacheFile), 1);
+    /* File contents is not a cache. */
+    ExpectIntEQ(wolfSSL_CTX_restore_cert_cache(ctx, "./certs/ca-cert.pem"),
+        CACHE_MATCH_ERROR);
+#endif
+
+    XFREE(cache, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
     /* Test unloading CA's */
     ExpectIntEQ(wolfSSL_CTX_UnloadCAs(ctx), WOLFSSL_SUCCESS);
@@ -1504,11 +1620,9 @@ static int test_wolfSSL_CTX_load_verify_locations(void)
 #endif
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_load_system_CA_certs(void)
@@ -1578,7 +1692,8 @@ static int test_wolfSSL_CTX_load_system_CA_certs(void)
 }
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
-static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz, int file_type)
+static int test_cm_load_ca_buffer(const byte* cert_buf, size_t cert_sz,
+    int file_type)
 {
     int ret;
     WOLFSSL_CERT_MANAGER* cm;
@@ -1715,390 +1830,185 @@ static int test_cm_load_ca_file_ex(const char* ca_cert_file, word32 flags)
 
 #endif /* !NO_FILESYSTEM && !NO_CERTS */
 
-static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
+static int test_wolfSSL_CertManagerAPI(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_OCSP) && !defined(NO_RSA)
-/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
-    defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
-    defined(HAVE_LIGHTY)
     EXPECT_DECLS;
+#ifndef NO_CERTS
     WOLFSSL_CERT_MANAGER* cm = NULL;
-    /* Raw OCSP response bytes captured using the following setup:
-     * - Run responder with
-     *      openssl ocsp -port 9999 -ndays 9999
-     *      -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
-     *      -rsigner certs/ocsp/ocsp-responder-cert.pem
-     *      -rkey certs/ocsp/ocsp-responder-key.pem
-     *      -CA certs/ocsp/intermediate1-ca-cert.pem
-     * - Run client with
-     *      openssl ocsp -host 127.0.0.1:9999 -respout resp.out
-     *      -issuer certs/ocsp/intermediate1-ca-cert.pem
-     *      -cert certs/ocsp/server1-cert.pem
-     *      -CAfile certs/ocsp/root-ca-cert.pem -noverify
-     * - Copy raw response from Wireshark.
-     */
-    byte response[] = {
-        0x30, 0x82, 0x07, 0x40, 0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, 0x82, 0x07, 0x35, 0x06,
-        0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, 0x07, 0x26, 0x30, 0x82,
-        0x07, 0x22, 0x30, 0x82, 0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09,
-        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
-        0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10,
-        0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65,
-        0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53,
-        0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67,
-        0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x04,
-        0x03, 0x0c, 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, 0x43, 0x53, 0x50, 0x20,
-        0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a,
-        0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77,
-        0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x31,
-        0x30, 0x35, 0x30, 0x33, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30, 0x5a, 0x30, 0x64, 0x30, 0x62, 0x30,
-        0x3a, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14, 0x71, 0x4d,
-        0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18,
-        0xda, 0x04, 0x04, 0x14, 0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2,
-        0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, 0x00, 0x18, 0x0f, 0x32,
-        0x30, 0x32, 0x31, 0x30, 0x35, 0x30, 0x33, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30, 0x5a, 0xa0, 0x11,
-        0x18, 0x0f, 0x32, 0x30, 0x34, 0x38, 0x30, 0x39, 0x31, 0x37, 0x32, 0x31, 0x34, 0x37, 0x31, 0x30,
-        0x5a, 0xa1, 0x23, 0x30, 0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x30,
-        0x01, 0x02, 0x04, 0x12, 0x04, 0x10, 0x38, 0x31, 0x60, 0x99, 0xc8, 0x05, 0x09, 0x68, 0x1c, 0x33,
-        0x49, 0xea, 0x45, 0x26, 0x2f, 0x6d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
-        0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x4d, 0x58, 0xcc, 0x69, 0x42, 0xe2,
-        0x9e, 0x64, 0xf6, 0x57, 0xce, 0xcb, 0x5f, 0x14, 0xaf, 0x08, 0x6c, 0xc1, 0x52, 0x7a, 0x40, 0x0a,
-        0xfd, 0xb6, 0xce, 0xbb, 0x40, 0xf4, 0xb9, 0xa5, 0x88, 0xc7, 0xf3, 0x42, 0x9f, 0xa9, 0x94, 0xbe,
-        0x6e, 0x7e, 0x09, 0x30, 0x9d, 0x0e, 0x10, 0x6f, 0x9c, 0xd9, 0x4c, 0x71, 0x81, 0x41, 0x64, 0x95,
-        0xf5, 0x85, 0x77, 0x94, 0x81, 0x61, 0x88, 0xc8, 0x0b, 0x50, 0xbb, 0x37, 0xc8, 0x86, 0x76, 0xd8,
-        0xa2, 0xed, 0x66, 0x34, 0xfb, 0xe4, 0xe7, 0x09, 0x8c, 0xf5, 0xb5, 0x85, 0xd0, 0x4b, 0xb5, 0xe6,
-        0x23, 0x62, 0xc3, 0xd0, 0xef, 0xf7, 0x42, 0x89, 0x02, 0x80, 0x64, 0xc9, 0xed, 0xdd, 0x7c, 0x8f,
-        0x0d, 0xe7, 0x43, 0x9b, 0x88, 0x1f, 0xb0, 0xfd, 0x24, 0x01, 0xc7, 0x55, 0xc3, 0x73, 0x12, 0x84,
-        0x09, 0x7c, 0x57, 0xa8, 0x5d, 0xab, 0x75, 0x29, 0x5c, 0x36, 0x97, 0x64, 0x40, 0x0b, 0x55, 0x34,
-        0x0a, 0x5d, 0xb1, 0x1b, 0x61, 0x1b, 0xdc, 0xe5, 0x89, 0xdd, 0x92, 0x62, 0x57, 0xa7, 0x52, 0xb4,
-        0x38, 0x9a, 0x48, 0xc8, 0x3a, 0x14, 0xde, 0x69, 0x42, 0xe9, 0x37, 0xa4, 0xe7, 0x2d, 0x00, 0xa7,
-        0x0b, 0x29, 0x18, 0xd5, 0xce, 0xd9, 0x0d, 0xdd, 0xfe, 0xae, 0x86, 0xb3, 0x32, 0x1c, 0xc9, 0x33,
-        0xb0, 0x2b, 0xb7, 0x3c, 0x0d, 0x43, 0xd8, 0x6c, 0xf2, 0xb7, 0xcd, 0x7b, 0xd5, 0x7d, 0xf0, 0xde,
-        0x34, 0x9f, 0x6d, 0x83, 0xb9, 0xd5, 0xed, 0xe3, 0xda, 0x96, 0x40, 0x9e, 0xd6, 0xa6, 0xfd, 0x70,
-        0x80, 0x70, 0x87, 0x61, 0x0f, 0xc5, 0x9f, 0x75, 0xfe, 0x11, 0x78, 0x34, 0xc9, 0x42, 0x16, 0x73,
-        0x46, 0x7b, 0x05, 0x53, 0x28, 0x43, 0xbe, 0xee, 0x88, 0x67, 0x1d, 0xcc, 0x74, 0xa7, 0xb6, 0x58,
-        0x7b, 0x29, 0x68, 0x40, 0xcf, 0xce, 0x7b, 0x19, 0x33, 0x68, 0xa0, 0x82, 0x04, 0xc6, 0x30, 0x82,
-        0x04, 0xc2, 0x30, 0x82, 0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02,
-        0x01, 0x04, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
-        0x00, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
-        0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68,
-        0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c,
-        0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04,
-        0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03,
-        0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67,
-        0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, 0x53,
-        0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09,
-        0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40,
-        0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17, 0x0d, 0x32,
-        0x31, 0x30, 0x32, 0x31, 0x30, 0x31, 0x39, 0x34, 0x39, 0x35, 0x34, 0x5a, 0x17, 0x0d, 0x32, 0x33,
-        0x31, 0x31, 0x30, 0x37, 0x31, 0x39, 0x34, 0x39, 0x35, 0x34, 0x5a, 0x30, 0x81, 0x9e, 0x31, 0x0b,
-        0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06,
-        0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e,
-        0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74,
-        0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c,
-        0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45,
-        0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x03,
-        0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, 0x43, 0x53,
-        0x50, 0x20, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, 0x1d, 0x06,
-        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f,
-        0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x82, 0x01, 0x22,
-        0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03,
-        0x82, 0x01, 0x0f, 0x00, 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xb8, 0xba, 0x23,
-        0xb4, 0xf6, 0xc3, 0x7b, 0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, 0x1e, 0x63, 0xb9, 0x85,
-        0x23, 0x34, 0x50, 0x6d, 0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, 0x5c, 0x2d, 0xf7, 0x63,
-        0x88, 0xd1, 0x07, 0x7a, 0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, 0x22, 0xb4, 0x94, 0x41,
-        0x38, 0xe2, 0x9d, 0x74, 0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, 0xca, 0x3f, 0x46, 0x2b,
-        0xfe, 0xe5, 0x5a, 0x3f, 0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, 0xc3, 0xee, 0x42, 0xf8,
-        0x8d, 0xeb, 0x92, 0x95, 0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, 0x16, 0x80, 0x90, 0xce,
-        0x24, 0x35, 0x21, 0xc4, 0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, 0x0a, 0x5a, 0x4f, 0x4a,
-        0x73, 0x31, 0x50, 0xee, 0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, 0x87, 0xb1, 0x99, 0xe2,
-        0x10, 0xa7, 0x06, 0x72, 0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, 0x76, 0xf8, 0xe0, 0x4a,
-        0xec, 0xbc, 0x93, 0xf4, 0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, 0xb4, 0x90, 0x30, 0xbb,
-        0x17, 0xb0, 0xfe, 0x97, 0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, 0x19, 0x12, 0x3c, 0xab,
-        0x82, 0x71, 0x78, 0xff, 0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, 0x8c, 0x27, 0xac, 0x11,
-        0xb8, 0xd8, 0x43, 0x49, 0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, 0x24, 0x87, 0x17, 0x3b,
-        0xd8, 0x04, 0x65, 0x6c, 0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, 0x73, 0x68, 0x26, 0x14,
-        0x87, 0x95, 0xc3, 0x5f, 0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, 0x0a, 0x8b, 0x98, 0xf3,
-        0xe3, 0xff, 0x4e, 0x44, 0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, 0x39, 0x02, 0x03, 0x01,
-        0x00, 0x01, 0xa3, 0x82, 0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, 0x06, 0x03, 0x55, 0x1d,
-        0x13, 0x04, 0x02, 0x30, 0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14,
-        0x32, 0x67, 0xe1, 0xb1, 0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, 0x40, 0x50, 0xb5, 0x46,
-        0x56, 0xb8, 0x30, 0x36, 0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x81, 0xbc, 0x30,
-        0x81, 0xb9, 0x80, 0x14, 0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, 0x47, 0xa5, 0x38, 0xd7,
-        0xb0, 0x04, 0x82, 0x3a, 0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, 0x81, 0x9a, 0x30, 0x81,
-        0x97, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13,
-        0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67,
-        0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65,
-        0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07,
-        0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b,
-        0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30,
-        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20,
-        0x72, 0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
-        0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c,
-        0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, 0x13, 0x06, 0x03, 0x55,
-        0x1d, 0x25, 0x04, 0x0c, 0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09,
-        0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03,
-        0x82, 0x01, 0x01, 0x00, 0x07, 0xca, 0xa6, 0xa1, 0x9f, 0xbf, 0xaf, 0x92, 0x41, 0x35, 0x66, 0x51,
-        0xac, 0xbc, 0x2c, 0xec, 0xe7, 0x8d, 0x65, 0x7e, 0xe9, 0x40, 0xfe, 0x5a, 0xab, 0x8a, 0x1d, 0x3d,
-        0x13, 0xdb, 0xb4, 0x43, 0x2c, 0x9a, 0x36, 0x98, 0x21, 0xa5, 0xe8, 0xca, 0xa9, 0x4d, 0xfc, 0xe3,
-        0xf7, 0x45, 0x88, 0xcd, 0x33, 0xbf, 0x8a, 0x62, 0x10, 0x2f, 0xb2, 0xb7, 0x04, 0xef, 0x26, 0x43,
-        0x51, 0x1d, 0x43, 0x62, 0x7d, 0x1e, 0x50, 0xc8, 0xd5, 0x98, 0x94, 0x71, 0x8f, 0x3b, 0x23, 0x26,
-        0xf1, 0x71, 0x8e, 0x1e, 0x3d, 0x3f, 0x21, 0xfd, 0xb7, 0x2d, 0x65, 0xe4, 0x07, 0x65, 0xac, 0x3c,
-        0xfc, 0xc0, 0x47, 0xa9, 0x32, 0xf6, 0xda, 0x26, 0x93, 0x10, 0xb2, 0xd1, 0x6d, 0xc8, 0x81, 0x31,
-        0x7c, 0xb0, 0x6b, 0xc5, 0x22, 0x8d, 0xb3, 0xfa, 0xbe, 0x82, 0xea, 0x41, 0x42, 0xc4, 0xc0, 0xef,
-        0xe3, 0x84, 0x0f, 0x6f, 0x9a, 0x03, 0x63, 0xb3, 0x30, 0xe0, 0x31, 0x81, 0x2a, 0x16, 0xb3, 0x47,
-        0xd9, 0x5b, 0x38, 0x93, 0x07, 0xd0, 0x6e, 0x79, 0x52, 0x2c, 0xe5, 0x50, 0x84, 0x79, 0x10, 0xe7,
-        0xf6, 0x31, 0x7a, 0x3e, 0x48, 0xa2, 0x38, 0x21, 0x90, 0x7a, 0xf2, 0x5f, 0x48, 0xa4, 0x46, 0x93,
-        0x87, 0xdd, 0x5c, 0x83, 0x64, 0xea, 0xb5, 0x99, 0xa2, 0xe9, 0x01, 0x40, 0xfe, 0xf0, 0x48, 0x66,
-        0x4f, 0x96, 0xf7, 0x83, 0x52, 0xf8, 0x6d, 0xf8, 0x5f, 0xed, 0x0c, 0xbb, 0xbe, 0xd0, 0x69, 0x10,
-        0x4b, 0x99, 0x8f, 0xf8, 0x61, 0x53, 0x9d, 0x12, 0xca, 0x86, 0xaa, 0xb1, 0x80, 0xb4, 0xa6, 0xc1,
-        0xcb, 0xb7, 0x48, 0xf7, 0x9f, 0x55, 0xb4, 0x6e, 0xab, 0xd3, 0xa1, 0xaa, 0x4b, 0xa7, 0x21, 0x6e,
-        0x16, 0x7f, 0xad, 0xbb, 0xea, 0x0f, 0x41, 0x80, 0x9b, 0x7f, 0xd6, 0x46, 0xa2, 0xc0, 0x61, 0x72,
-        0x59, 0x59, 0xa0, 0x07
-    };
-    OcspEntry entry[1];
-    CertStatus status[1];
-    OcspRequest* request = NULL;
-
-    byte serial[] = {0x05};
-    byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04};
-    byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e};
-
-
-    XMEMSET(entry, 0, sizeof(OcspEntry));
-    XMEMSET(status, 0, sizeof(CertStatus));
-
-    ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
-    ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
-                                                   DYNAMIC_TYPE_OCSP_REQUEST));
-
-    if ((request != NULL) && (request->serial != NULL)) {
-        request->serialSz = sizeof(serial);
-        XMEMCPY(request->serial, serial, sizeof(serial));
-        XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
-        XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash));
-    }
+    unsigned char c;
 
     ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
-    ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
-    ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm,
-        "./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS);
-
-    /* Response should be valid. */
-    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, response,
-        sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
-
-    /* Flip a byte in the request serial number, response should be invalid
-     * now. */
-    if ((request != NULL) && (request->serial != NULL))
-        request->serial[0] ^= request->serial[0];
-    ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, response,
-        sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
-
-
-    wolfSSL_OCSP_REQUEST_free(request);
-    wolfSSL_CertManagerFree(cm);
-
-    res = EXPECT_RESULT();
-#endif /* OPENSSL_ALL || WOLFSSL_NGINX ||  WOLFSSL_HAPROXY ||
-        * WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */
-#endif /* HAVE_OCSP */
-    return res;
-}
-
-static int test_wolfSSL_CheckOCSPResponse(void)
-{
-    int result = TEST_SKIPPED;
-#if defined(HAVE_OCSP) && !defined(NO_RSA) && defined(OPENSSL_ALL)
-    EXPECT_DECLS;
-    const char* responseFile = "./certs/ocsp/test-response.der";
-    const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
-    const char* responseNoInternFile =
-        "./certs/ocsp/test-response-nointern.der";
-    const char* caFile = "./certs/ocsp/root-ca-cert.pem";
-    OcspResponse* res = NULL;
-    byte data[4096];
-    const unsigned char* pt;
-    int  dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from
-                      * gcc sanitizer with --enable-heapmath.
-                      */
-    XFILE f = XBADFILE;
-    WOLFSSL_OCSP_BASICRESP* bs = NULL;
-    WOLFSSL_X509_STORE* st = NULL;
-    WOLFSSL_X509* issuer = NULL;
-
-
-    ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE);
-    ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
-    XFCLOSE(f);
-    f = XBADFILE;
-
-    pt = data;
-    ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
-    ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
-        SSL_FILETYPE_PEM));
-    ExpectNotNull(st = wolfSSL_X509_STORE_new());
-    ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
-    ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
-    ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
-    wolfSSL_OCSP_BASICRESP_free(bs);
-    bs = NULL;
-    wolfSSL_OCSP_RESPONSE_free(res);
-    res = NULL;
-    wolfSSL_X509_STORE_free(st);
-    st = NULL;
-    wolfSSL_X509_free(issuer);
-    issuer = NULL;
 
-    /* check loading a response with optional certs */
-    ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE);
-    ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
-    if (f != XBADFILE)
-        XFCLOSE(f);
-    f = XBADFILE;
-
-    pt = data;
-    ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
-    wolfSSL_OCSP_RESPONSE_free(res);
-    res = NULL;
+    wolfSSL_CertManagerFree(NULL);
+    ExpectIntEQ(wolfSSL_CertManager_up_ref(NULL), 0);
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_TRUST_PEER_CERT
+    ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(NULL), BAD_FUNC_ARG);
+#endif
+
+    ExpectIntEQ(wolfSSL_CertManagerLoadCABuffer_ex(NULL, &c, 1,
+        WOLFSSL_FILETYPE_ASN1, 0, 0), WOLFSSL_FATAL_ERROR);
+
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, NULL, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(NULL, &c, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, NULL, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, &c, 1, -1),
+        WOLFSSL_BAD_FILETYPE);
+#endif
 
-    /* check loading a response with multiple certs */
+#if !defined(NO_FILESYSTEM)
     {
-        WOLFSSL_CERT_MANAGER* cm = NULL;
-        OcspEntry *entry = NULL;
-        CertStatus* status = NULL;
-        OcspRequest* request = NULL;
-
-        byte serial1[] = {0x01};
-        byte serial[] = {0x02};
-
-        byte issuerHash[] = {
-            0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83,
-            0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52,
-            0x37, 0x15, 0x8A, 0x88
-        };
-        byte issuerKeyHash[] = {
-            0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF,
-            0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A,
-            0x7E, 0x72, 0x15, 0x21
-        };
-
-        ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
-             DYNAMIC_TYPE_OPENSSL));
-
-        ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
-             DYNAMIC_TYPE_OPENSSL));
-
-        if (entry != NULL)
-            XMEMSET(entry, 0, sizeof(OcspEntry));
-        if (status != NULL)
-            XMEMSET(status, 0, sizeof(CertStatus));
-
-        ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
-        ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
-                                                    DYNAMIC_TYPE_OCSP_REQUEST));
-
-        if (request != NULL && request->serial != NULL) {
-             request->serialSz = sizeof(serial);
-             XMEMCPY(request->serial, serial, sizeof(serial));
-             XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
-             XMEMCPY(request->issuerKeyHash, issuerKeyHash,
-                 sizeof(issuerKeyHash));
-        }
-
-        ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
-        ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
-        ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL),
-            WOLFSSL_SUCCESS);
-
-        ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE);
-        ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
-        if (f != XBADFILE)
-            XFCLOSE(f);
-        f = XBADFILE;
+        const char* ca_cert = "./certs/ca-cert.pem";
+    #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+        const char* ca_cert_der = "./certs/ca-cert.der";
+    #endif
+        const char* ca_path = "./certs";
+
+    #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
+        ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, NULL, -1),
+            BAD_FUNC_ARG);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(cm, NULL, WOLFSSL_FILETYPE_ASN1),
+            BAD_FUNC_ARG);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(NULL, ca_cert,
+            WOLFSSL_FILETYPE_PEM), BAD_FUNC_ARG);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert, -1),
+            WOLFSSL_BAD_FILETYPE);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(cm, "no-file",
+            WOLFSSL_FILETYPE_ASN1), WOLFSSL_BAD_FILE);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(cm, ca_cert_der,
+            WOLFSSL_FILETYPE_PEM), ASN_NO_PEM_HEADER);
+    #endif
 
-        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
-            dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
-        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
-            dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
-        ExpectNotNull(entry->status);
+        ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, NULL),
+            WOLFSSL_FATAL_ERROR);
+        ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, NULL),
+            WOLFSSL_FATAL_ERROR);
+        ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, NULL, ca_path),
+            WOLFSSL_FATAL_ERROR);
+        ExpectIntEQ(wolfSSL_CertManagerLoadCA(NULL, ca_cert, ca_path),
+            WOLFSSL_FATAL_ERROR);
+    }
+#endif
 
-        if (request != NULL && request->serial != NULL)
-            XMEMCPY(request->serial, serial1, sizeof(serial1));
-        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
-            dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+#ifdef OPENSSL_COMPATIBLE_DEFAULTS
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), 1);
+#elif !defined(HAVE_CRL)
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 0), NOT_COMPILED_IN);
+#endif
 
-        /* store both status's in the entry to check that "next" is not
-         * overwritten */
-        if (EXPECT_SUCCESS() && status != NULL && entry != NULL) {
-            status->next  = entry->status;
-            entry->status = status;
-        }
+    ExpectIntEQ(wolfSSL_CertManagerDisableCRL(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerDisableCRL(cm), 1);
+#ifdef HAVE_CRL
+    /* Test APIs when CRL is disabled. */
+#ifdef HAVE_CRL_IO
+    ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
+#endif
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+        sizeof_server_cert_der_2048), 1);
+    ExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
+#endif
+
+    /* OCSP */
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(NULL), BAD_FUNC_ARG);
+#if !defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
+    !defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), NOT_COMPILED_IN);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), NOT_COMPILED_IN);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), NOT_COMPILED_IN);
+#endif
+
+#ifdef HAVE_OCSP
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, -1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, -1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, -1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(NULL, &c, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, -1), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, NULL, 0,
+        NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, NULL, 1,
+        NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(NULL, &c, 1,
+        NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(NULL, ""),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, NULL), 1);
 
-        if (request != NULL && request->serial != NULL)
-            XMEMCPY(request->serial, serial, sizeof(serial));
-        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
-            dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
-        ExpectNotNull(entry->status->next);
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(NULL, NULL, NULL, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSP_Cb(cm, NULL, NULL, NULL), 1);
 
-        /* compare the status found */
-        ExpectIntEQ(status->serialSz, entry->status->serialSz);
-        ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial,
-            status->serialSz), 0);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSP(cm), 1);
+    /* Test APIs when OCSP is disabled. */
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, &c, 1,
+        NULL, NULL, NULL, NULL), 1);
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, &c, 1), 1);
 
-        if (status != NULL && entry != NULL && entry->status != status) {
-            XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL);
-        }
-        wolfSSL_OCSP_CERTID_free(entry);
-        wolfSSL_OCSP_REQUEST_free(request);
-        wolfSSL_CertManagerFree(cm);
-    }
+#endif
 
-#if defined(WC_RSA_PSS)
-    {
-        const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
+    ExpectIntEQ(wolfSSL_CertManager_up_ref(cm), 1);
+    wolfSSL_CertManagerFree(cm);
+    wolfSSL_CertManagerFree(cm);
+    cm = NULL;
 
-        /* check loading a response with RSA-PSS signature */
-        ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE);
-        ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
-        if (f != XBADFILE)
-            XFCLOSE(f);
+    ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
 
-        pt = data;
-        ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+#ifdef HAVE_OCSP
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, WOLFSSL_OCSP_URL_OVERRIDE |
+         WOLFSSL_OCSP_CHECKALL), 1);
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) || \
+    defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPStapling(cm), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPStapling(cm), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSPMustStaple(cm), 1);
+    ExpectIntEQ(wolfSSL_CertManagerDisableOCSPMustStaple(cm), 1);
+#endif
 
-        /* try to verify the response */
-        ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
-            SSL_FILETYPE_PEM));
-        ExpectNotNull(st = wolfSSL_X509_STORE_new());
-        ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
-        ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
-        ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0),
-            WOLFSSL_SUCCESS);
-        wolfSSL_OCSP_BASICRESP_free(bs);
-        wolfSSL_OCSP_RESPONSE_free(res);
-        wolfSSL_X509_STORE_free(st);
-        wolfSSL_X509_free(issuer);
-    }
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
+    ExpectIntEQ(wolfSSL_CertManagerSetOCSPOverrideURL(cm, ""), 1);
 #endif
 
-    result = EXPECT_RESULT();
-#endif /* HAVE_OCSP */
-    return result;
+#ifdef WOLFSSL_TRUST_PEER_CERT
+    ExpectIntEQ(wolfSSL_CertManagerUnload_trust_peers(cm), 1);
+#endif
+    wolfSSL_CertManagerFree(cm);
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerLoadCABuffer(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
     EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
     const char* ca_cert = "./certs/ca-cert.pem";
     const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
     int ret;
 
-    ret = test_cm_load_ca_file(ca_cert);
+    ExpectIntLE(ret = test_cm_load_ca_file(ca_cert), 1);
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
     ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
 #elif defined(NO_RSA)
@@ -2107,33 +2017,31 @@ static int test_wolfSSL_CertManagerLoadCABuffer(void)
     ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
 
-    ret = test_cm_load_ca_file(ca_expired_cert);
+    ExpectIntLE(ret = test_cm_load_ca_file(ca_expired_cert), 1);
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
     ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
 #elif defined(NO_RSA)
     ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
 #elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
-    !defined(OPENSSL_COMPATIBLE_DEFAULTS) && !defined(NO_ASN_TIME)
+      !defined(NO_ASN_TIME)
     ExpectIntEQ(ret, ASN_AFTER_DATE_E);
 #else
     ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
-    res = EXPECT_RESULT();
 #endif
-
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
     EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
     const char* ca_cert = "./certs/ca-cert.pem";
     const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
     int ret;
 
-    ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE);
+    ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_cert, WOLFSSL_LOAD_FLAG_NONE),
+        1);
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
     ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
 #elif defined(NO_RSA)
@@ -2142,30 +2050,32 @@ static int test_wolfSSL_CertManagerLoadCABuffer_ex(void)
     ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
 
-    ret = test_cm_load_ca_file_ex(ca_expired_cert,
-                                  WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY);
+    ExpectIntLE(ret = test_cm_load_ca_file_ex(ca_expired_cert,
+        WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), 1);
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
     ExpectIntEQ(ret, WOLFSSL_FATAL_ERROR);
 #elif defined(NO_RSA)
     ExpectIntEQ(ret, ASN_UNKNOWN_OID_E);
+#elif !(WOLFSSL_LOAD_VERIFY_DEFAULT_FLAGS & WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY) && \
+      !defined(NO_ASN_TIME) && defined(WOLFSSL_TRUST_PEER_CERT) && \
+      defined(OPENSSL_COMPATIBLE_DEFAULTS)
+    ExpectIntEQ(ret, ASN_AFTER_DATE_E);
 #else
     ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
 
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_CertManagerGetCerts(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
      defined(WOLFSSL_SIGNER_DER_CERT)
-    EXPECT_DECLS;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     WOLFSSL_STACK* sk = NULL;
     X509* x509 = NULL;
@@ -2186,6 +2096,7 @@ static int test_wolfSSL_CertManagerGetCerts(void)
         fclose(file1);
     }
 
+    ExpectNull(sk = wolfSSL_CertManagerGetCerts(NULL));
     ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
     ExpectNull(sk = wolfSSL_CertManagerGetCerts(cm));
 
@@ -2205,7 +2116,7 @@ static int test_wolfSSL_CertManagerGetCerts(void)
 
     ExpectNotNull(sk = wolfSSL_CertManagerGetCerts(cm));
 
-    for (i = 0; i < sk_X509_num(sk); i++) {
+    for (i = 0; EXPECT_SUCCESS() && i < sk_X509_num(sk); i++) {
         ExpectNotNull(x509 = sk_X509_value(sk, i));
         ExpectIntEQ(0, wolfSSL_X509_cmp(x509, cert1));
 
@@ -2221,62 +2132,59 @@ static int test_wolfSSL_CertManagerGetCerts(void)
     wolfSSL_X509_free(cert1);
     sk_X509_pop_free(sk, NULL);
     wolfSSL_CertManagerFree(cm);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
           !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
           defined(WOLFSSL_SIGNER_DER_CERT) */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerSetVerify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
-    EXPECT_DECLS;
-    int ret = 0;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     int tmp = myVerifyAction;
     const char* ca_cert = "./certs/ca-cert.pem";
     const char* expiredCert = "./certs/test/expired/expired-cert.pem";
 
+    wolfSSL_CertManagerSetVerify(NULL, NULL);
+    wolfSSL_CertManagerSetVerify(NULL, myVerify);
+
     ExpectNotNull(cm = wolfSSL_CertManagerNew());
 
     wolfSSL_CertManagerSetVerify(cm, myVerify);
 
-    #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
-    ExpectIntEQ(ret = wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1);
-    #else
-    ExpectIntEQ(ret = wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL),
+#if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
+    ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL), -1);
+#else
+    ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL),
                 WOLFSSL_SUCCESS);
-    #endif
+#endif
     /* Use the test CB that always accepts certs */
     myVerifyAction = VERIFY_OVERRIDE_ERROR;
 
-    ExpectIntEQ(ret = wolfSSL_CertManagerVerify(cm, expiredCert,
+    ExpectIntEQ(wolfSSL_CertManagerVerify(cm, expiredCert,
         WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
 
 #ifdef WOLFSSL_ALWAYS_VERIFY_CB
     {
-        const char* verifyCert = "./certs/server-cert.pem";
+        const char* verifyCert = "./certs/server-cert.der";
         /* Use the test CB that always fails certs */
         myVerifyAction = VERIFY_FORCE_FAIL;
 
-        ExpectIntEQ(ret = wolfSSL_CertManagerVerify(cm, verifyCert,
-            WOLFSSL_FILETYPE_PEM), VERIFY_CERT_ERROR);
+        ExpectIntEQ(wolfSSL_CertManagerVerify(cm, verifyCert,
+            WOLFSSL_FILETYPE_ASN1), VERIFY_CERT_ERROR);
     }
 #endif
 
     wolfSSL_CertManagerFree(cm);
     myVerifyAction = tmp;
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
@@ -2300,20 +2208,19 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName)
     }
 }
 #else
-#define DEBUG_WRITE_CERT_X509(x509, fileName)
-#define DEBUG_WRITE_DER(der, derSz, fileName)
+#define DEBUG_WRITE_CERT_X509(x509, fileName) WC_DO_NOTHING
+#define DEBUG_WRITE_DER(der, derSz, fileName) WC_DO_NOTHING
 #endif
 
 
 static int test_wolfSSL_CertManagerNameConstraint(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
     !defined(NO_SHA256)
-    EXPECT_DECLS;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     WOLFSSL_EVP_PKEY *priv = NULL;
     WOLFSSL_X509_NAME* name = NULL;
@@ -2458,22 +2365,19 @@ static int test_wolfSSL_CertManagerNameConstraint(void)
     wolfSSL_X509_free(x509);
     wolfSSL_X509_free(ca);
     wolfSSL_EVP_PKEY_free(priv);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_CertManagerNameConstraint2(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES)
-    EXPECT_DECLS;
     const char* ca_cert  = "./certs/test/cert-ext-ndir.der";
     const char* ca_cert2 = "./certs/test/cert-ext-ndir-exc.der";
     const char* server_cert = "./certs/server-cert.pem";
@@ -2660,22 +2564,19 @@ static int test_wolfSSL_CertManagerNameConstraint2(void)
     wolfSSL_X509_free(x509);
     wolfSSL_X509_free(ca);
     wolfSSL_EVP_PKEY_free(priv);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerNameConstraint3(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
     !defined(NO_SHA256)
-    EXPECT_DECLS;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     WOLFSSL_EVP_PKEY *priv = NULL;
     WOLFSSL_X509_NAME* name = NULL;
@@ -2789,22 +2690,19 @@ static int test_wolfSSL_CertManagerNameConstraint3(void)
     wolfSSL_X509_free(x509);
     wolfSSL_X509_free(ca);
     wolfSSL_EVP_PKEY_free(priv);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerNameConstraint4(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
     !defined(NO_SHA256)
-    EXPECT_DECLS;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     WOLFSSL_EVP_PKEY *priv = NULL;
     WOLFSSL_X509_NAME* name = NULL;
@@ -2965,22 +2863,19 @@ static int test_wolfSSL_CertManagerNameConstraint4(void)
     wolfSSL_X509_free(x509);
     wolfSSL_X509_free(ca);
     wolfSSL_EVP_PKEY_free(priv);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertManagerNameConstraint5(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CM_VERIFY) && !defined(NO_RSA) && \
     defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_ALT_NAMES) && \
     !defined(NO_SHA256)
-    EXPECT_DECLS;
     WOLFSSL_CERT_MANAGER* cm = NULL;
     WOLFSSL_EVP_PKEY *priv = NULL;
     WOLFSSL_X509_NAME* name = NULL;
@@ -3137,18 +3032,684 @@ static int test_wolfSSL_CertManagerNameConstraint5(void)
     wolfSSL_CertManagerFree(cm);
     wolfSSL_X509_free(ca);
     wolfSSL_EVP_PKEY_free(priv);
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = TEST_RES_CHECK(1);
+static int test_wolfSSL_CertManagerCRL(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
+    !defined(NO_RSA)
+    const char* ca_cert = "./certs/ca-cert.pem";
+    const char* crl1     = "./certs/crl/crl.pem";
+    const char* crl2     = "./certs/crl/crl2.pem";
+    const unsigned char crl_buff[] = {
+        0x30, 0x82, 0x02, 0x04, 0x30, 0x81, 0xed, 0x02,
+        0x01, 0x01, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
+        0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05,
+        0x00, 0x30, 0x81, 0x94, 0x31, 0x0b, 0x30, 0x09,
+        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
+        0x53, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55,
+        0x04, 0x08, 0x0c, 0x07, 0x4d, 0x6f, 0x6e, 0x74,
+        0x61, 0x6e, 0x61, 0x31, 0x10, 0x30, 0x0e, 0x06,
+        0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x42, 0x6f,
+        0x7a, 0x65, 0x6d, 0x61, 0x6e, 0x31, 0x11, 0x30,
+        0x0f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x08,
+        0x53, 0x61, 0x77, 0x74, 0x6f, 0x6f, 0x74, 0x68,
+        0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04,
+        0x0b, 0x0c, 0x0a, 0x43, 0x6f, 0x6e, 0x73, 0x75,
+        0x6c, 0x74, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f,
+        0x77, 0x77, 0x77, 0x2e, 0x77, 0x6f, 0x6c, 0x66,
+        0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x31,
+        0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48,
+        0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10,
+        0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c,
+        0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d,
+        0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
+        0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x17,
+        0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32,
+        0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, 0x14,
+        0x30, 0x12, 0x02, 0x01, 0x02, 0x17, 0x0d, 0x32,
+        0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31,
+        0x37, 0x35, 0x30, 0x5a, 0xa0, 0x0e, 0x30, 0x0c,
+        0x30, 0x0a, 0x06, 0x03, 0x55, 0x1d, 0x14, 0x04,
+        0x03, 0x02, 0x01, 0x02, 0x30, 0x0d, 0x06, 0x09,
+        0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
+        0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00,
+        0x39, 0x44, 0xff, 0x39, 0xf4, 0x04, 0x45, 0x79,
+        0x7e, 0x73, 0xe2, 0x42, 0x48, 0xdb, 0x85, 0x66,
+        0xfd, 0x99, 0x76, 0x94, 0x7c, 0xb5, 0x79, 0x5d,
+        0x15, 0x71, 0x36, 0xa9, 0x87, 0xf0, 0x73, 0x05,
+        0x50, 0x08, 0x6b, 0x1c, 0x6e, 0xde, 0x96, 0x45,
+        0x31, 0xc3, 0xc0, 0xba, 0xba, 0xf5, 0x08, 0x1d,
+        0x05, 0x4a, 0x52, 0x39, 0xe9, 0x03, 0xef, 0x59,
+        0xc8, 0x1d, 0x4a, 0xf2, 0x86, 0x05, 0x99, 0x7b,
+        0x4b, 0x74, 0xf6, 0xd3, 0x75, 0x8d, 0xb2, 0x57,
+        0xba, 0xac, 0xa7, 0x11, 0x14, 0xd6, 0x6c, 0x71,
+        0xc4, 0x4c, 0x1c, 0x68, 0xbc, 0x49, 0x78, 0xf0,
+        0xc9, 0x52, 0x8a, 0xe7, 0x8b, 0x54, 0xe6, 0x20,
+        0x58, 0x20, 0x60, 0x66, 0xf5, 0x14, 0xd8, 0xcb,
+        0xff, 0xe0, 0xa0, 0x45, 0xbc, 0xb4, 0x81, 0xad,
+        0x1d, 0xbc, 0xcf, 0xf8, 0x8e, 0xa8, 0x87, 0x24,
+        0x55, 0x99, 0xd9, 0xce, 0x47, 0xf7, 0x5b, 0x4a,
+        0x33, 0x6d, 0xdb, 0xbf, 0x93, 0x64, 0x1a, 0xa6,
+        0x46, 0x5f, 0x27, 0xdc, 0xd8, 0xd4, 0xf9, 0xc2,
+        0x42, 0x2a, 0x7e, 0xb2, 0x7c, 0xdd, 0x98, 0x77,
+        0xf5, 0x88, 0x7d, 0x15, 0x25, 0x08, 0xbc, 0xe0,
+        0xd0, 0x8d, 0xf4, 0xc3, 0xc3, 0x04, 0x41, 0xa4,
+        0xd1, 0xb1, 0x39, 0x4a, 0x6b, 0x2c, 0xb5, 0x2e,
+        0x9a, 0x65, 0x43, 0x0d, 0x0e, 0x73, 0xf4, 0x06,
+        0xe1, 0xb3, 0x49, 0x34, 0x94, 0xb0, 0xb7, 0xff,
+        0xc0, 0x27, 0xc1, 0xb5, 0xea, 0x06, 0xf7, 0x71,
+        0x71, 0x97, 0xbb, 0xbc, 0xc7, 0x1a, 0x9f, 0xeb,
+        0xf6, 0x3d, 0xa5, 0x7b, 0x55, 0xa7, 0xbf, 0xdd,
+        0xd7, 0xee, 0x97, 0xb8, 0x9d, 0xdc, 0xcd, 0xe3,
+        0x06, 0xdb, 0x9a, 0x2c, 0x60, 0xbf, 0x70, 0x84,
+        0xfa, 0x6b, 0x8d, 0x70, 0x7d, 0xde, 0xe8, 0xb7,
+        0xab, 0xb0, 0x38, 0x68, 0x6c, 0xc0, 0xb1, 0xe1,
+        0xba, 0x45, 0xe0, 0xd7, 0x12, 0x3d, 0x71, 0x5b
+    };
+
+    WOLFSSL_CERT_MANAGER* cm = NULL;
+
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECK), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm,
+        WOLFSSL_CRL_CHECK | WOLFSSL_CRL_CHECKALL), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, 16), 1);
+    ExpectIntEQ(wolfSSL_CertManagerEnableCRL(cm, WOLFSSL_CRL_CHECKALL), 1);
+
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, -1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, -1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, -1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(NULL, server_cert_der_2048, 1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048, -1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+        sizeof_server_cert_der_2048), ASN_NO_SIGNER_E);
+
+    ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerSetCRL_Cb(cm, NULL), 1);
+#ifdef HAVE_CRL_IO
+    ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerSetCRL_IOCb(cm, NULL), 1);
 #endif
 
-    return res;
+#ifndef NO_FILESYSTEM
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRL(NULL, NULL, WOLFSSL_FILETYPE_ASN1,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, NULL, WOLFSSL_FILETYPE_ASN1,
+        0), BAD_FUNC_ARG);
+    /* -1 seen as !WOLFSSL_FILETYPE_PEM */
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRL(cm, "./certs/crl", -1, 0), 1);
+
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(NULL, NULL,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, NULL, WOLFSSL_FILETYPE_ASN1),
+        BAD_FUNC_ARG);
+    /* -1 seen as !WOLFSSL_FILETYPE_PEM */
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, "./certs/crl/crl.pem", -1),
+        ASN_PARSE_E);
+#endif
+
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, NULL, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(NULL, crl_buff, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, NULL, 1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, -1,
+        WOLFSSL_FILETYPE_ASN1), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_CertManagerFreeCRL(NULL), BAD_FUNC_ARG);
+    DoExpectIntEQ(wolfSSL_CertManagerFreeCRL(cm), 1);
+
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
+    wolfSSL_CertManagerFreeCRL(cm);
+
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+    ExpectIntEQ(wolfSSL_CertManagerCheckCRL(cm, server_cert_der_2048,
+        sizeof_server_cert_der_2048), CRL_MISSING);
+    ExpectIntEQ(wolfSSL_CertManagerVerifyBuffer(cm, server_cert_der_2048,
+        sizeof_server_cert_der_2048, WOLFSSL_FILETYPE_ASN1), CRL_MISSING);
+
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLBuffer(cm, crl_buff, sizeof(crl_buff),
+        WOLFSSL_FILETYPE_ASN1), 1);
+
+    wolfSSL_CertManagerFree(cm);
+#endif
+
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CertManagerCheckOCSPResponse(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA)
+/* Need one of these for wolfSSL_OCSP_REQUEST_new. */
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+    defined(HAVE_LIGHTY)
+    WOLFSSL_CERT_MANAGER* cm = NULL;
+    /* Raw OCSP response bytes captured using the following setup:
+     * - Run responder with
+     *      openssl ocsp -port 9999 -ndays 9999
+     *      -index certs/ocsp/index-intermediate1-ca-issued-certs.txt
+     *      -rsigner certs/ocsp/ocsp-responder-cert.pem
+     *      -rkey certs/ocsp/ocsp-responder-key.pem
+     *      -CA certs/ocsp/intermediate1-ca-cert.pem
+     * - Run client with
+     *      openssl ocsp -host 127.0.0.1:9999 -respout resp.out
+     *      -issuer certs/ocsp/intermediate1-ca-cert.pem
+     *      -cert certs/ocsp/server1-cert.pem
+     *      -CAfile certs/ocsp/root-ca-cert.pem -noverify
+     * - Select the response packet in Wireshark, and export it using
+     *   "File->Export Packet Dissection->As "C" Arrays".  Select "Selected
+     *   packets only".  After importing into the editor, remove the initial
+     *   ~148 bytes of header, ending with the Content-Length and the \r\n\r\n.
+     */
+    static const byte response[] = {
+        0x30, 0x82, 0x07, 0x40, /* ....0..@ */
+        0x0a, 0x01, 0x00, 0xa0, 0x82, 0x07, 0x39, 0x30, /* ......90 */
+        0x82, 0x07, 0x35, 0x06, 0x09, 0x2b, 0x06, 0x01, /* ..5..+.. */
+        0x05, 0x05, 0x07, 0x30, 0x01, 0x01, 0x04, 0x82, /* ...0.... */
+        0x07, 0x26, 0x30, 0x82, 0x07, 0x22, 0x30, 0x82, /* .&0.."0. */
+        0x01, 0x40, 0xa1, 0x81, 0xa1, 0x30, 0x81, 0x9e, /* .@...0.. */
+        0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+        0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
+        0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
+        0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
+        0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
+        0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
+        0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
+        0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
+        0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
+        0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
+        0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+        0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, 0x30, 0x1d, /* ring1.0. */
+        0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x16, 0x77, /* ..U....w */
+        0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x4f, /* olfSSL O */
+        0x43, 0x53, 0x50, 0x20, 0x52, 0x65, 0x73, 0x70, /* CSP Resp */
+        0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, 0x1f, 0x30, /* onder1.0 */
+        0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, /* ...*.H.. */
+        0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, /* ......in */
+        0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, /* fo@wolfs */
+        0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x18, 0x0f, /* sl.com.. */
+        0x32, 0x30, 0x32, 0x33, 0x31, 0x31, 0x30, 0x38, /* 20231108 */
+        0x30, 0x30, 0x32, 0x36, 0x33, 0x37, 0x5a, 0x30, /* 002637Z0 */
+        0x64, 0x30, 0x62, 0x30, 0x3a, 0x30, 0x09, 0x06, /* d0b0:0.. */
+        0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, /* .+...... */
+        0x04, 0x14, 0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, /* ..qM.#@Y */
+        0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, /* ...7C.1. */
+        0xba, 0xb1, 0x43, 0x18, 0xda, 0x04, 0x04, 0x14, /* ..C..... */
+        0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, /* ..:.,... */
+        0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, /* ..L.*.q. */
+        0x64, 0x44, 0xda, 0x0e, 0x02, 0x01, 0x05, 0x80, /* dD...... */
+        0x00, 0x18, 0x0f, 0x32, 0x30, 0x32, 0x33, 0x31, /* ...20231 */
+        0x31, 0x30, 0x38, 0x30, 0x30, 0x32, 0x36, 0x33, /* 10800263 */
+        0x37, 0x5a, 0xa0, 0x11, 0x18, 0x0f, 0x32, 0x30, /* 7Z....20 */
+        0x35, 0x31, 0x30, 0x33, 0x32, 0x35, 0x30, 0x30, /* 51032500 */
+        0x32, 0x36, 0x33, 0x37, 0x5a, 0xa1, 0x23, 0x30, /* 2637Z.#0 */
+        0x21, 0x30, 0x1f, 0x06, 0x09, 0x2b, 0x06, 0x01, /* !0...+.. */
+        0x05, 0x05, 0x07, 0x30, 0x01, 0x02, 0x04, 0x12, /* ...0.... */
+        0x04, 0x10, 0xdb, 0xbc, 0x2a, 0x76, 0xa0, 0xb4, /* ....*v.. */
+        0x1e, 0x5d, 0xf6, 0x2b, 0x8e, 0x38, 0x62, 0xdb, /* .].+.8b. */
+        0x90, 0xed, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, /* ..0...*. */
+        0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, /* H....... */
+        0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x87, 0xde, /* ........ */
+        0xfb, 0xf9, 0x3a, 0x90, 0x1f, 0x90, 0xde, 0xcf, /* ..:..... */
+        0xfe, 0xad, 0x64, 0x19, 0x34, 0x17, 0xf8, 0x15, /* ..d.4... */
+        0x01, 0x22, 0x5f, 0x67, 0x41, 0xa4, 0x18, 0xf7, /* ."_gA... */
+        0x16, 0xb7, 0xc9, 0xf3, 0xe1, 0x9f, 0xcd, 0x40, /* .......@ */
+        0x56, 0x77, 0x6e, 0x6a, 0xfb, 0x92, 0x6a, 0x6f, /* Vwnj..jo */
+        0x28, 0x3e, 0x22, 0x48, 0xa1, 0xc2, 0xd8, 0x1d, /* (>"H.... */
+        0xc7, 0xe6, 0x78, 0x7f, 0xb6, 0x09, 0xfe, 0x2c, /* ..x...., */
+        0xb5, 0xef, 0x29, 0x7c, 0xc5, 0x51, 0x16, 0x7b, /* ..)|.Q.{ */
+        0x8f, 0xfb, 0x44, 0xa8, 0xcd, 0xf5, 0x5c, 0x0f, /* ..D...\. */
+        0x46, 0x0e, 0xb1, 0xa4, 0xeb, 0x5b, 0xf5, 0x86, /* F....[.. */
+        0x11, 0x0f, 0xcd, 0xe2, 0xe5, 0x3c, 0x91, 0x72, /* .....<.r */
+        0x0d, 0x6a, 0xcb, 0x95, 0x99, 0x39, 0x91, 0x48, /* .j...9.H */
+        0x65, 0x97, 0xb9, 0x78, 0xb5, 0x88, 0x7f, 0x76, /* e..x...v */
+        0xa1, 0x43, 0x2f, 0xf6, 0x1f, 0x49, 0xb7, 0x08, /* .C/..I.. */
+        0x36, 0xe4, 0x2e, 0x34, 0x25, 0xda, 0x16, 0x74, /* 6..4%..t */
+        0x47, 0x62, 0x56, 0xff, 0x2f, 0x02, 0x03, 0x44, /* GbV./..D */
+        0x89, 0x04, 0xe7, 0xb8, 0xde, 0x0a, 0x35, 0x43, /* ......5C */
+        0xae, 0xd7, 0x54, 0xbe, 0xc3, 0x7c, 0x95, 0xa5, /* ..T..|.. */
+        0xc8, 0xe0, 0x2e, 0x52, 0xb6, 0xea, 0x99, 0x45, /* ...R...E */
+        0xfd, 0xda, 0x4b, 0xd5, 0x79, 0x07, 0x64, 0xca, /* ..K.y.d. */
+        0x64, 0xba, 0x52, 0x12, 0x62, 0x8c, 0x08, 0x9a, /* d.R.b... */
+        0x32, 0xeb, 0x85, 0x65, 0x05, 0x39, 0x07, 0x5d, /* 2..e.9.] */
+        0x39, 0x4a, 0xcf, 0xa5, 0x30, 0xf6, 0xd1, 0xf7, /* 9J..0... */
+        0x29, 0xaa, 0x23, 0x42, 0xc6, 0x85, 0x16, 0x7f, /* ).#B.... */
+        0x64, 0x16, 0xb1, 0xb0, 0x5d, 0xcd, 0x88, 0x2d, /* d...]..- */
+        0x06, 0xb0, 0xa9, 0xdf, 0xa3, 0x9f, 0x25, 0x41, /* ......%A */
+        0x89, 0x9a, 0x19, 0xe1, 0xaa, 0xcd, 0xdf, 0x51, /* .......Q */
+        0xcb, 0xa9, 0xc3, 0x7e, 0x27, 0xbc, 0x7d, 0x9b, /* ...~'.}. */
+        0x6f, 0x4d, 0x79, 0x87, 0x09, 0x3f, 0xac, 0xd2, /* oMy..?.. */
+        0x4a, 0x3b, 0xbe, 0xf8, 0x7a, 0xa4, 0x93, 0x45, /* J;..z..E */
+        0x11, 0x64, 0x40, 0xc5, 0x03, 0xc9, 0x24, 0x5b, /* .d@...$[ */
+        0xe9, 0x6d, 0xfc, 0x94, 0x08, 0xbe, 0xa0, 0x82, /* .m...... */
+        0x04, 0xc6, 0x30, 0x82, 0x04, 0xc2, 0x30, 0x82, /* ..0...0. */
+        0x04, 0xbe, 0x30, 0x82, 0x03, 0xa6, 0xa0, 0x03, /* ..0..... */
+        0x02, 0x01, 0x02, 0x02, 0x01, 0x04, 0x30, 0x0d, /* ......0. */
+        0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, /* ..*.H... */
+        0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x81, 0x97, /* .....0.. */
+        0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+        0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x13, 0x30, /* ...US1.0 */
+        0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, /* ...U.... */
+        0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, 0x67, 0x74, /* Washingt */
+        0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, /* on1.0... */
+        0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, 0x65, 0x61, /* U....Sea */
+        0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, 0x30, 0x0e, /* ttle1.0. */
+        0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x07, 0x77, /* ..U....w */
+        0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x31, 0x14, /* olfSSL1. */
+        0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0b, 0x0c, /* 0...U... */
+        0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, 0x65, 0x65, /* .Enginee */
+        0x72, 0x69, 0x6e, 0x67, 0x31, 0x18, 0x30, 0x16, /* ring1.0. */
+        0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x0f, 0x77, /* ..U....w */
+        0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, 0x20, 0x72, /* olfSSL r */
+        0x6f, 0x6f, 0x74, 0x20, 0x43, 0x41, 0x31, 0x1f, /* oot CA1. */
+        0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, /* 0...*.H. */
+        0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, /* .......i */
+        0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, 0x66, /* nfo@wolf */
+        0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x30, /* ssl.com0 */
+        0x1e, 0x17, 0x0d, 0x32, 0x32, 0x31, 0x32, 0x31, /* ...22121 */
+        0x36, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, /* 6211750Z */
+        0x17, 0x0d, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, /* ..250911 */
+        0x32, 0x31, 0x31, 0x37, 0x35, 0x30, 0x5a, 0x30, /* 211750Z0 */
+        0x81, 0x9e, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, /* ..1.0... */
+        0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, /* U....US1 */
+        0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, /* .0...U.. */
+        0x0c, 0x0a, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6e, /* ..Washin */
+        0x67, 0x74, 0x6f, 0x6e, 0x31, 0x10, 0x30, 0x0e, /* gton1.0. */
+        0x06, 0x03, 0x55, 0x04, 0x07, 0x0c, 0x07, 0x53, /* ..U....S */
+        0x65, 0x61, 0x74, 0x74, 0x6c, 0x65, 0x31, 0x10, /* eattle1. */
+        0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, /* 0...U... */
+        0x07, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
+        0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, /* 1.0...U. */
+        0x0b, 0x0c, 0x0b, 0x45, 0x6e, 0x67, 0x69, 0x6e, /* ...Engin */
+        0x65, 0x65, 0x72, 0x69, 0x6e, 0x67, 0x31, 0x1f, /* eering1. */
+        0x30, 0x1d, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, /* 0...U... */
+        0x16, 0x77, 0x6f, 0x6c, 0x66, 0x53, 0x53, 0x4c, /* .wolfSSL */
+        0x20, 0x4f, 0x43, 0x53, 0x50, 0x20, 0x52, 0x65, /*  OCSP Re */
+        0x73, 0x70, 0x6f, 0x6e, 0x64, 0x65, 0x72, 0x31, /* sponder1 */
+        0x1f, 0x30, 0x1d, 0x06, 0x09, 0x2a, 0x86, 0x48, /* .0...*.H */
+        0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01, 0x16, 0x10, /* ........ */
+        0x69, 0x6e, 0x66, 0x6f, 0x40, 0x77, 0x6f, 0x6c, /* info@wol */
+        0x66, 0x73, 0x73, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, /* fssl.com */
+        0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, /* 0.."0... */
+        0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
+        0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, /* ........ */
+        0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, /* 0....... */
+        0x00, 0xb8, 0xba, 0x23, 0xb4, 0xf6, 0xc3, 0x7b, /* ...#...{ */
+        0x14, 0xc3, 0xa4, 0xf5, 0x1d, 0x61, 0xa1, 0xf5, /* .....a.. */
+        0x1e, 0x63, 0xb9, 0x85, 0x23, 0x34, 0x50, 0x6d, /* .c..#4Pm */
+        0xf8, 0x7c, 0xa2, 0x8a, 0x04, 0x8b, 0xd5, 0x75, /* .|.....u */
+        0x5c, 0x2d, 0xf7, 0x63, 0x88, 0xd1, 0x07, 0x7a, /* \-.c...z */
+        0xea, 0x0b, 0x45, 0x35, 0x2b, 0xeb, 0x1f, 0xb1, /* ..E5+... */
+        0x22, 0xb4, 0x94, 0x41, 0x38, 0xe2, 0x9d, 0x74, /* "..A8..t */
+        0xd6, 0x8b, 0x30, 0x22, 0x10, 0x51, 0xc5, 0xdb, /* ..0".Q.. */
+        0xca, 0x3f, 0x46, 0x2b, 0xfe, 0xe5, 0x5a, 0x3f, /* .?F+..Z? */
+        0x41, 0x74, 0x67, 0x75, 0x95, 0xa9, 0x94, 0xd5, /* Atgu.... */
+        0xc3, 0xee, 0x42, 0xf8, 0x8d, 0xeb, 0x92, 0x95, /* ..B..... */
+        0xe1, 0xd9, 0x65, 0xb7, 0x43, 0xc4, 0x18, 0xde, /* ..e.C... */
+        0x16, 0x80, 0x90, 0xce, 0x24, 0x35, 0x21, 0xc4, /* ....$5!. */
+        0x55, 0xac, 0x5a, 0x51, 0xe0, 0x2e, 0x2d, 0xb3, /* U.ZQ..-. */
+        0x0a, 0x5a, 0x4f, 0x4a, 0x73, 0x31, 0x50, 0xee, /* .ZOJs1P. */
+        0x4a, 0x16, 0xbd, 0x39, 0x8b, 0xad, 0x05, 0x48, /* J..9...H */
+        0x87, 0xb1, 0x99, 0xe2, 0x10, 0xa7, 0x06, 0x72, /* .......r */
+        0x67, 0xca, 0x5c, 0xd1, 0x97, 0xbd, 0xc8, 0xf1, /* g.\..... */
+        0x76, 0xf8, 0xe0, 0x4a, 0xec, 0xbc, 0x93, 0xf4, /* v..J.... */
+        0x66, 0x4c, 0x28, 0x71, 0xd1, 0xd8, 0x66, 0x03, /* fL(q..f. */
+        0xb4, 0x90, 0x30, 0xbb, 0x17, 0xb0, 0xfe, 0x97, /* ..0..... */
+        0xf5, 0x1e, 0xe8, 0xc7, 0x5d, 0x9b, 0x8b, 0x11, /* ....]... */
+        0x19, 0x12, 0x3c, 0xab, 0x82, 0x71, 0x78, 0xff, /* ..<..qx. */
+        0xae, 0x3f, 0x32, 0xb2, 0x08, 0x71, 0xb2, 0x1b, /* .?2..q.. */
+        0x8c, 0x27, 0xac, 0x11, 0xb8, 0xd8, 0x43, 0x49, /* .'....CI */
+        0xcf, 0xb0, 0x70, 0xb1, 0xf0, 0x8c, 0xae, 0xda, /* ..p..... */
+        0x24, 0x87, 0x17, 0x3b, 0xd8, 0x04, 0x65, 0x6c, /* $..;..el */
+        0x00, 0x76, 0x50, 0xef, 0x15, 0x08, 0xd7, 0xb4, /* .vP..... */
+        0x73, 0x68, 0x26, 0x14, 0x87, 0x95, 0xc3, 0x5f, /* sh&...._ */
+        0x6e, 0x61, 0xb8, 0x87, 0x84, 0xfa, 0x80, 0x1a, /* na...... */
+        0x0a, 0x8b, 0x98, 0xf3, 0xe3, 0xff, 0x4e, 0x44, /* ......ND */
+        0x1c, 0x65, 0x74, 0x7c, 0x71, 0x54, 0x65, 0xe5, /* .et|qTe. */
+        0x39, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3, 0x82, /* 9....... */
+        0x01, 0x0a, 0x30, 0x82, 0x01, 0x06, 0x30, 0x09, /* ..0...0. */
+        0x06, 0x03, 0x55, 0x1d, 0x13, 0x04, 0x02, 0x30, /* ..U....0 */
+        0x00, 0x30, 0x1d, 0x06, 0x03, 0x55, 0x1d, 0x0e, /* .0...U.. */
+        0x04, 0x16, 0x04, 0x14, 0x32, 0x67, 0xe1, 0xb1, /* ....2g.. */
+        0x79, 0xd2, 0x81, 0xfc, 0x9f, 0x23, 0x0c, 0x70, /* y....#.p */
+        0x40, 0x50, 0xb5, 0x46, 0x56, 0xb8, 0x30, 0x36, /* @P.FV.06 */
+        0x30, 0x81, 0xc4, 0x06, 0x03, 0x55, 0x1d, 0x23, /* 0....U.# */
+        0x04, 0x81, 0xbc, 0x30, 0x81, 0xb9, 0x80, 0x14, /* ...0.... */
+        0x73, 0xb0, 0x1c, 0xa4, 0x2f, 0x82, 0xcb, 0xcf, /* s.../... */
+        0x47, 0xa5, 0x38, 0xd7, 0xb0, 0x04, 0x82, 0x3a, /* G.8....: */
+        0x7e, 0x72, 0x15, 0x21, 0xa1, 0x81, 0x9d, 0xa4, /* ~r.!.... */
+        0x81, 0x9a, 0x30, 0x81, 0x97, 0x31, 0x0b, 0x30, /* ..0..1.0 */
+        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, /* ...U.... */
+        0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, /* US1.0... */
+        0x55, 0x04, 0x08, 0x0c, 0x0a, 0x57, 0x61, 0x73, /* U....Was */
+        0x68, 0x69, 0x6e, 0x67, 0x74, 0x6f, 0x6e, 0x31, /* hington1 */
+        0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x07, /* .0...U.. */
+        0x0c, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6c, /* ..Seattl */
+        0x65, 0x31, 0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, /* e1.0...U */
+        0x04, 0x0a, 0x0c, 0x07, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
+        0x53, 0x53, 0x4c, 0x31, 0x14, 0x30, 0x12, 0x06, /* SSL1.0.. */
+        0x03, 0x55, 0x04, 0x0b, 0x0c, 0x0b, 0x45, 0x6e, /* .U....En */
+        0x67, 0x69, 0x6e, 0x65, 0x65, 0x72, 0x69, 0x6e, /* gineerin */
+        0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, /* g1.0...U */
+        0x04, 0x03, 0x0c, 0x0f, 0x77, 0x6f, 0x6c, 0x66, /* ....wolf */
+        0x53, 0x53, 0x4c, 0x20, 0x72, 0x6f, 0x6f, 0x74, /* SSL root */
+        0x20, 0x43, 0x41, 0x31, 0x1f, 0x30, 0x1d, 0x06, /*  CA1.0.. */
+        0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, /* .*.H.... */
+        0x09, 0x01, 0x16, 0x10, 0x69, 0x6e, 0x66, 0x6f, /* ....info */
+        0x40, 0x77, 0x6f, 0x6c, 0x66, 0x73, 0x73, 0x6c, /* @wolfssl */
+        0x2e, 0x63, 0x6f, 0x6d, 0x82, 0x01, 0x63, 0x30, /* .com..c0 */
+        0x13, 0x06, 0x03, 0x55, 0x1d, 0x25, 0x04, 0x0c, /* ...U.%.. */
+        0x30, 0x0a, 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, /* 0...+... */
+        0x05, 0x07, 0x03, 0x09, 0x30, 0x0d, 0x06, 0x09, /* ....0... */
+        0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, /* *.H..... */
+        0x0b, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, /* ........ */
+        0x2f, 0xb7, 0x6b, 0xec, 0xb7, 0x12, 0x63, 0xb9, /* /.k...c. */
+        0x57, 0xdc, 0x04, 0x4d, 0x9c, 0x67, 0x74, 0x98, /* W..M.gt. */
+        0x06, 0x28, 0x68, 0x37, 0x34, 0xc2, 0x50, 0xe9, /* .(h74.P. */
+        0x2a, 0xd4, 0x1a, 0xb2, 0x32, 0x1a, 0x9d, 0x2b, /* *...2..+ */
+        0x4f, 0x23, 0x50, 0xea, 0xb4, 0x95, 0x86, 0xc3, /* O#P..... */
+        0xb9, 0x5f, 0x34, 0x3e, 0x99, 0x91, 0xa7, 0x80, /* ._4>.... */
+        0x5f, 0x6e, 0x1b, 0x6e, 0xdb, 0xe9, 0x02, 0x38, /* _n.n...8 */
+        0x6f, 0xdf, 0xc5, 0x9b, 0x0d, 0xa3, 0x1c, 0xa9, /* o....... */
+        0x15, 0x76, 0x16, 0x66, 0xa8, 0x4e, 0xfb, 0xd3, /* .v.f.N.. */
+        0x43, 0x76, 0xf1, 0x72, 0xb7, 0xd1, 0xfa, 0xee, /* Cv.r.... */
+        0x39, 0xa6, 0x96, 0xc1, 0xa2, 0x93, 0xa4, 0x9b, /* 9....... */
+        0x1e, 0x9f, 0xba, 0x71, 0x8f, 0xba, 0xbd, 0x67, /* ...q...g */
+        0x6a, 0xf2, 0x15, 0x5f, 0xf1, 0x64, 0xe7, 0xcf, /* j.._.d.. */
+        0x26, 0xb8, 0x4c, 0xc0, 0xeb, 0x85, 0x04, 0x58, /* &.L....X */
+        0xd9, 0x4a, 0x6b, 0xd9, 0x86, 0xf5, 0x80, 0x21, /* .Jk....! */
+        0xbf, 0x91, 0xc8, 0x4b, 0x9f, 0x04, 0xed, 0x57, /* ...K...W */
+        0x7a, 0xd2, 0x58, 0xac, 0x5b, 0x47, 0xaf, 0x4d, /* z.X.[G.M */
+        0x7f, 0x5b, 0x1d, 0x6d, 0x68, 0x9b, 0x84, 0x98, /* .[.mh... */
+        0x2a, 0x31, 0x02, 0x2c, 0xe9, 0x1b, 0xaf, 0x11, /* *1.,.... */
+        0x0b, 0x78, 0x49, 0xbe, 0x68, 0x68, 0xcb, 0x9c, /* .xI.hh.. */
+        0x41, 0x56, 0xe8, 0xb5, 0x59, 0xda, 0xff, 0xca, /* AV..Y... */
+        0x59, 0x99, 0x17, 0x3e, 0x11, 0x0a, 0x8f, 0x49, /* Y..>...I */
+        0x24, 0x0b, 0x81, 0x42, 0x63, 0xcd, 0x4f, 0xf6, /* $..Bc.O. */
+        0x2b, 0x9d, 0xd1, 0x79, 0x75, 0xd7, 0x4a, 0xcc, /* +..yu.J. */
+        0x4c, 0xb7, 0x2b, 0xd7, 0xe8, 0xe7, 0xd4, 0x48, /* L.+....H */
+        0x3c, 0x14, 0x3b, 0x1c, 0x28, 0xe8, 0x46, 0x7a, /* <.;.(.Fz */
+        0xdc, 0x11, 0x9d, 0x7f, 0x1c, 0xab, 0x10, 0x95, /* ........ */
+        0x17, 0xb2, 0xc7, 0x7a, 0xbb, 0x17, 0x44, 0x59, /* ...z..DY */
+        0x69, 0x8e, 0x16, 0x05, 0x94, 0x8c, 0x88, 0xd9, /* i....... */
+        0xdc, 0x9a, 0xfd, 0xf2, 0x93, 0xbe, 0x68, 0xba, /* ......h. */
+        0x3c, 0xd6, 0x2b, 0x61, 0x3a, 0x8b, 0xf7, 0x66, /* <.+a:..f */
+        0xcb, 0x54, 0xe8, 0xe4, 0xdb, 0x9f, 0xcc, 0x9e  /* .T...... */
+    };
+    OcspEntry entry[1];
+    CertStatus status[1];
+    OcspRequest* request = NULL;
+#ifndef NO_FILESYSTEM
+    const char* ca_cert = "./certs/ca-cert.pem";
+#endif
+
+    byte serial[] = {0x05};
+    byte issuerHash[] = {0x71, 0x4d, 0x82, 0x23, 0x40, 0x59, 0xc0, 0x96, 0xa1, 0x37, 0x43, 0xfa, 0x31, 0xdb, 0xba, 0xb1, 0x43, 0x18, 0xda, 0x04};
+    byte issuerKeyHash[] = {0x83, 0xc6, 0x3a, 0x89, 0x2c, 0x81, 0xf4, 0x02, 0xd7, 0x9d, 0x4c, 0xe2, 0x2a, 0xc0, 0x71, 0x82, 0x64, 0x44, 0xda, 0x0e};
+
+
+    XMEMSET(entry, 0, sizeof(OcspEntry));
+    XMEMSET(status, 0, sizeof(CertStatus));
+
+    ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
+    ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
+                                                   DYNAMIC_TYPE_OCSP_REQUEST));
+
+    if ((request != NULL) && (request->serial != NULL)) {
+        request->serialSz = sizeof(serial);
+        XMEMCPY(request->serial, serial, sizeof(serial));
+        XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
+        XMEMCPY(request->issuerKeyHash, issuerKeyHash, sizeof(issuerKeyHash));
+    }
+
+    ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+    ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm,
+        "./certs/ocsp/intermediate1-ca-cert.pem", NULL), WOLFSSL_SUCCESS);
+
+    /* Response should be valid. */
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
+        sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+    /* Flip a byte in the request serial number, response should be invalid
+     * now. */
+    if ((request != NULL) && (request->serial != NULL))
+        request->serial[0] ^= request->serial[0];
+    ExpectIntNE(wolfSSL_CertManagerCheckOCSPResponse(cm, (byte *)response,
+        sizeof(response), NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+#ifndef NO_FILESYSTEM
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
+        sizeof(server_cert_der_2048)), ASN_NO_SIGNER_E);
+    ExpectIntEQ(WOLFSSL_SUCCESS,
+        wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
+    ExpectIntEQ(wolfSSL_CertManagerCheckOCSP(cm, server_cert_der_2048,
+        sizeof(server_cert_der_2048)), 1);
+#endif
+
+    wolfSSL_OCSP_REQUEST_free(request);
+    wolfSSL_CertManagerFree(cm);
+#endif /* OPENSSL_ALL || WOLFSSL_NGINX ||  WOLFSSL_HAPROXY ||
+        * WOLFSSL_APACHE_HTTPD || HAVE_LIGHTY */
+#endif /* HAVE_OCSP */
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CheckOCSPResponse(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_OCSP) && !defined(NO_RSA) && !defined(NO_SHA) && \
+       defined(OPENSSL_ALL)
+    const char* responseFile = "./certs/ocsp/test-response.der";
+    const char* responseMultiFile = "./certs/ocsp/test-multi-response.der";
+    const char* responseNoInternFile =
+        "./certs/ocsp/test-response-nointern.der";
+    const char* caFile = "./certs/ocsp/root-ca-cert.pem";
+    OcspResponse* res = NULL;
+    byte data[4096];
+    const unsigned char* pt;
+    int  dataSz = 0; /* initialize to mitigate spurious maybe-uninitialized from
+                      * gcc sanitizer with --enable-heapmath.
+                      */
+    XFILE f = XBADFILE;
+    WOLFSSL_OCSP_BASICRESP* bs = NULL;
+    WOLFSSL_X509_STORE* st = NULL;
+    WOLFSSL_X509* issuer = NULL;
+
+
+    ExpectTrue((f = XFOPEN(responseFile, "rb")) != XBADFILE);
+    ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
+
+    pt = data;
+    ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+    ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
+        SSL_FILETYPE_PEM));
+    ExpectNotNull(st = wolfSSL_X509_STORE_new());
+    ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
+    ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
+    ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0), WOLFSSL_SUCCESS);
+    wolfSSL_OCSP_BASICRESP_free(bs);
+    bs = NULL;
+    wolfSSL_OCSP_RESPONSE_free(res);
+    res = NULL;
+    wolfSSL_X509_STORE_free(st);
+    st = NULL;
+    wolfSSL_X509_free(issuer);
+    issuer = NULL;
+
+    /* check loading a response with optional certs */
+    ExpectTrue((f = XFOPEN(responseNoInternFile, "rb")) != XBADFILE);
+    ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
+    f = XBADFILE;
+
+    pt = data;
+    ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+    wolfSSL_OCSP_RESPONSE_free(res);
+    res = NULL;
+
+    /* check loading a response with multiple certs */
+    {
+        WOLFSSL_CERT_MANAGER* cm = NULL;
+        OcspEntry *entry = NULL;
+        CertStatus* status = NULL;
+        OcspRequest* request = NULL;
+
+        byte serial1[] = {0x01};
+        byte serial[] = {0x02};
+
+        byte issuerHash[] = {
+            0x44, 0xA8, 0xDB, 0xD1, 0xBC, 0x97, 0x0A, 0x83,
+            0x3B, 0x5B, 0x31, 0x9A, 0x4C, 0xB8, 0xD2, 0x52,
+            0x37, 0x15, 0x8A, 0x88
+        };
+        byte issuerKeyHash[] = {
+            0x73, 0xB0, 0x1C, 0xA4, 0x2F, 0x82, 0xCB, 0xCF,
+            0x47, 0xA5, 0x38, 0xD7, 0xB0, 0x04, 0x82, 0x3A,
+            0x7E, 0x72, 0x15, 0x21
+        };
+
+        ExpectNotNull(entry = (OcspEntry*)XMALLOC(sizeof(OcspEntry), NULL,
+             DYNAMIC_TYPE_OPENSSL));
+
+        ExpectNotNull(status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL,
+             DYNAMIC_TYPE_OPENSSL));
+
+        if (entry != NULL)
+            XMEMSET(entry, 0, sizeof(OcspEntry));
+        if (status != NULL)
+            XMEMSET(status, 0, sizeof(CertStatus));
+
+        ExpectNotNull(request = wolfSSL_OCSP_REQUEST_new());
+        ExpectNotNull(request->serial = (byte*)XMALLOC(sizeof(serial), NULL,
+                                                    DYNAMIC_TYPE_OCSP_REQUEST));
+
+        if (request != NULL && request->serial != NULL) {
+             request->serialSz = sizeof(serial);
+             XMEMCPY(request->serial, serial, sizeof(serial));
+             XMEMCPY(request->issuerHash, issuerHash, sizeof(issuerHash));
+             XMEMCPY(request->issuerKeyHash, issuerKeyHash,
+                 sizeof(issuerKeyHash));
+        }
+
+        ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+        ExpectIntEQ(wolfSSL_CertManagerEnableOCSP(cm, 0), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, caFile, NULL),
+            WOLFSSL_SUCCESS);
+
+        ExpectTrue((f = XFOPEN(responseMultiFile, "rb")) != XBADFILE);
+        ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+        if (f != XBADFILE)
+            XFCLOSE(f);
+        f = XBADFILE;
+
+        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+            dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+            dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
+        ExpectNotNull(entry->status);
+
+        if (request != NULL && request->serial != NULL)
+            XMEMCPY(request->serial, serial1, sizeof(serial1));
+        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+            dataSz, NULL, status, entry, request), WOLFSSL_SUCCESS);
+
+        /* store both status's in the entry to check that "next" is not
+         * overwritten */
+        if (EXPECT_SUCCESS() && status != NULL && entry != NULL) {
+            status->next  = entry->status;
+            entry->status = status;
+        }
+
+        if (request != NULL && request->serial != NULL)
+            XMEMCPY(request->serial, serial, sizeof(serial));
+        ExpectIntEQ(wolfSSL_CertManagerCheckOCSPResponse(cm, data,
+            dataSz, NULL, entry->status, entry, request), WOLFSSL_SUCCESS);
+        ExpectNotNull(entry->status->next);
+
+        /* compare the status found */
+        ExpectIntEQ(status->serialSz, entry->status->serialSz);
+        ExpectIntEQ(XMEMCMP(status->serial, entry->status->serial,
+            status->serialSz), 0);
+
+        if (status != NULL && entry != NULL && entry->status != status) {
+            XFREE(status, NULL, DYNAMIC_TYPE_OPENSSL);
+        }
+        wolfSSL_OCSP_CERTID_free(entry);
+        wolfSSL_OCSP_REQUEST_free(request);
+        wolfSSL_CertManagerFree(cm);
+    }
+
+#if defined(WC_RSA_PSS)
+    {
+        const char* responsePssFile = "./certs/ocsp/test-response-rsapss.der";
+
+        /* check loading a response with RSA-PSS signature */
+        ExpectTrue((f = XFOPEN(responsePssFile, "rb")) != XBADFILE);
+        ExpectIntGT(dataSz = (word32)XFREAD(data, 1, sizeof(data), f), 0);
+        if (f != XBADFILE)
+            XFCLOSE(f);
+
+        pt = data;
+        ExpectNotNull(res = wolfSSL_d2i_OCSP_RESPONSE(NULL, &pt, dataSz));
+
+        /* try to verify the response */
+        ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caFile,
+            SSL_FILETYPE_PEM));
+        ExpectNotNull(st = wolfSSL_X509_STORE_new());
+        ExpectIntEQ(wolfSSL_X509_STORE_add_cert(st, issuer), WOLFSSL_SUCCESS);
+        ExpectNotNull(bs = wolfSSL_OCSP_response_get1_basic(res));
+        ExpectIntEQ(wolfSSL_OCSP_basic_verify(bs, NULL, st, 0),
+            WOLFSSL_SUCCESS);
+        wolfSSL_OCSP_BASICRESP_free(bs);
+        wolfSSL_OCSP_RESPONSE_free(res);
+        wolfSSL_X509_STORE_free(st);
+        wolfSSL_X509_free(issuer);
+    }
+#endif
+#endif /* HAVE_OCSP */
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_FPKI(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
     EXPECT_DECLS;
+#if defined(WOLFSSL_FPKI) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
     XFILE f = XBADFILE;
     const char* fpkiCert = "./certs/fpki-cert.der";
     DecodedCert cert;
@@ -3177,20 +3738,17 @@ static int test_wolfSSL_FPKI(void)
     ExpectIntEQ(wc_GetUUIDFromCert(&cert, uuid, &uuidSz), 0);
     XFREE(uuid, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     wc_FreeDecodedCert(&cert);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* use RID in confuncture with other names to test parsing of unknown other
  * names */
 static int test_wolfSSL_OtherName(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
     EXPECT_DECLS;
+#if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
     XFILE f = XBADFILE;
     const char* ridCert = "./certs/rid-cert.der";
     DecodedCert cert;
@@ -3205,22 +3763,19 @@ static int test_wolfSSL_OtherName(void)
     wc_InitDecodedCert(&cert, buf, bytes, NULL);
     ExpectIntEQ(wc_ParseCert(&cert, CERT_TYPE, 0, NULL), 0);
     wc_FreeDecodedCert(&cert);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CertRsaPss(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 /* FIPS v2 and below don't support long salts. */
 #if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM) && \
     (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
      (HAVE_FIPS_VERSION > 2))) && (!defined(HAVE_SELFTEST) || \
      (defined(HAVE_SELFTEST_VERSION) && (HAVE_SELFTEST_VERSION > 2)))
-    EXPECT_DECLS;
     XFILE f = XBADFILE;
     const char* rsaPssSha256Cert = "./certs/rsapss/ca-rsapss.der";
     const char* rsaPssRootSha256Cert = "./certs/rsapss/root-rsapss.pem";
@@ -3266,52 +3821,16 @@ static int test_wolfSSL_CertRsaPss(void)
 #endif
 
     wolfSSL_CertManagerFree(cm);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
-}
-
-static int test_wolfSSL_CertManagerCRL(void)
-{
-    int res = TEST_SKIPPED;
-#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(HAVE_CRL) && \
-    !defined(NO_RSA)
-    EXPECT_DECLS;
-    const char* ca_cert = "./certs/ca-cert.pem";
-    const char* crl1     = "./certs/crl/crl.pem";
-    const char* crl2     = "./certs/crl/crl2.pem";
-
-    WOLFSSL_CERT_MANAGER* cm = NULL;
-
-    ExpectNotNull(cm = wolfSSL_CertManagerNew());
-    ExpectIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
-    ExpectIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
-    ExpectIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CertManagerLoadCRL(cm, crl2, WOLFSSL_FILETYPE_PEM, 0));
-    wolfSSL_CertManagerFreeCRL(cm);
-
-    ExpectIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CertManagerLoadCRL(cm, crl1, WOLFSSL_FILETYPE_PEM, 0));
-    ExpectIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CertManagerLoadCA(cm, ca_cert, NULL));
-    wolfSSL_CertManagerFree(cm);
-
-    res = EXPECT_RESULT();
-#endif
-
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_load_verify_locations_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
     !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     const char* ca_cert = "./certs/ca-cert.pem";
     const char* ca_expired_cert = "./certs/test/expired/expired-ca.pem";
@@ -3335,24 +3854,21 @@ static int test_wolfSSL_CTX_load_verify_locations_ex(void)
             WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
     defined(USE_CERT_BUFFERS_2048)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx;
     const char* ca_expired_cert_file = "./certs/test/expired/expired-ca.der";
     byte ca_expired_cert[TWOK_BUF];
-    word32 sizeof_ca_expired_cert;
+    word32 sizeof_ca_expired_cert = 0;
     XFILE fp = XBADFILE;
 
 #ifndef NO_WOLFSSL_CLIENT
@@ -3395,20 +3911,17 @@ static int test_wolfSSL_CTX_load_verify_buffer_ex(void)
 
     wolfSSL_CTX_free(ctx);
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(USE_CERT_BUFFERS_2048) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
 
   #ifndef NO_WOLFSSL_CLIENT
@@ -3422,19 +3935,16 @@ static int test_wolfSSL_CTX_load_verify_chain_buffer_format(void)
         WOLFSSL_FILETYPE_ASN1));
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_add1_chain_cert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && defined(OPENSSL_EXTRA) && \
     defined(KEEP_OUR_CERT) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX*        ctx;
     WOLFSSL*            ssl = NULL;
     const char *certChain[] = {
@@ -3451,14 +3961,14 @@ static int test_wolfSSL_CTX_add1_chain_cert(void)
     ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
     ExpectNotNull(ssl = wolfSSL_new(ctx));
 
-    for (cert = certChain; *cert != NULL; cert++) {
+    for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
         ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
             WOLFSSL_FILETYPE_PEM));
         ExpectIntEQ(SSL_CTX_add1_chain_cert(ctx, x509), 1);
         X509_free(x509);
         x509 = NULL;
     }
-    for (cert = certChain; *cert != NULL; cert++) {
+    for (cert = certChain; EXPECT_SUCCESS() && *cert != NULL; cert++) {
         ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(*cert,
             WOLFSSL_FILETYPE_PEM));
         ExpectIntEQ(SSL_add1_chain_cert(ssl, x509), 1);
@@ -3473,18 +3983,15 @@ static int test_wolfSSL_CTX_add1_chain_cert(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     const char* server_chain_der = "./certs/server-cert-chain.der";
     const char* client_single_pem = "./certs/client-cert.pem";
     WOLFSSL_CTX* ctx;
@@ -3506,18 +4013,15 @@ static int test_wolfSSL_CTX_use_certificate_chain_file_format(void)
         client_single_pem, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_SetTmpDH_file(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
 
     (void)ctx;
@@ -3544,18 +4048,15 @@ static int test_wolfSSL_CTX_SetTmpDH_file(void)
                 WOLFSSL_FILETYPE_PEM));
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_DH) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
 
   #ifndef NO_WOLFSSL_CLIENT
@@ -3583,18 +4084,15 @@ static int test_wolfSSL_CTX_SetTmpDH_buffer(void)
                 WOLFSSL_FILETYPE_ASN1));
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_DH) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx;
 
     (void)ctx;
@@ -3630,18 +4128,15 @@ static int test_wolfSSL_CTX_SetMinMaxDhKey_Sz(void)
                 WOLFSSL_FILETYPE_ASN1));
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_der_load_verify_locations(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(WOLFSSL_DER_LOAD) && \
     (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     const char* derCert = "./certs/server-cert.der";
     const char* nullPath = NULL;
@@ -3677,18 +4172,15 @@ static int test_wolfSSL_CTX_der_load_verify_locations(void)
 #endif
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_enable_disable(void)
 {
-    int res = TEST_SKIPPED;
-#ifndef NO_CERTS
     EXPECT_DECLS;
+#ifndef NO_CERTS
     WOLFSSL_CTX* ctx = NULL;
 
   #ifdef HAVE_CRL
@@ -3750,18 +4242,15 @@ static int test_wolfSSL_CTX_enable_disable(void)
     #endif
         wolfSSL_CTX_free(ctx);
   #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-
-    res = EXPECT_RESULT();
 #endif /* NO_CERTS */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_ticket_API(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_CTX* ctx = NULL;
     void *userCtx = (void*)"this is my ctx";
 
@@ -3774,17 +4263,14 @@ static int test_wolfSSL_CTX_ticket_API(void)
 
     ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_set_TicketEncCtx(NULL, userCtx));
     ExpectNull(wolfSSL_CTX_get_TicketEncCtx(NULL));
-
-    res = EXPECT_RESULT();
 #endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_set_minmax_proto_version(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
 
@@ -3818,11 +4304,9 @@ static int test_wolfSSL_set_minmax_proto_version(void)
 
     wolfSSL_CTX_free(ctx);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \
@@ -3880,10 +4364,9 @@ static int test_wolfSSL_CTX_set_max_proto_version(void)
 
 static int test_server_wolfSSL_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
         !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL_CTX *ctx_nocert = NULL;
     WOLFSSL *ssl = NULL;
@@ -3899,7 +4382,7 @@ static int test_server_wolfSSL_new(void)
     /* invalid context */
     ExpectNull(ssl = wolfSSL_new(NULL));
 #if !defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_QT) && \
-        !defined(OPENSSL_EXTRA)
+        !defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_INIT_CTX_KEY)
     ExpectNull(ssl = wolfSSL_new(ctx_nocert));
 #endif
 
@@ -3909,20 +4392,17 @@ static int test_server_wolfSSL_new(void)
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
     wolfSSL_CTX_free(ctx_nocert);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_client_wolfSSL_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
         !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL_CTX *ctx_nocert = NULL;
     WOLFSSL *ssl = NULL;
@@ -3946,19 +4426,16 @@ static int test_client_wolfSSL_new(void)
 
     wolfSSL_CTX_free(ctx);
     wolfSSL_CTX_free(ctx_nocert);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SetTmpDH_file(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_DH) && \
         !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
 
@@ -4002,18 +4479,15 @@ static int test_wolfSSL_SetTmpDH_file(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SetTmpDH_buffer(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
 
@@ -4040,18 +4514,15 @@ static int test_wolfSSL_SetTmpDH_buffer(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_DH) && !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL_CTX *ctx2 = NULL;
     WOLFSSL *ssl = NULL;
@@ -4098,10 +4569,8 @@ static int test_wolfSSL_SetMinMaxDhKey_Sz(void)
     wolfSSL_CTX_free(ctx2);
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -4153,7 +4622,7 @@ static int test_wolfSSL_SetMinVersion(void)
 #ifdef OPENSSL_EXTRA
 static int test_ED25519(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
     defined(WOLFSSL_KEY_GEN)
     byte         priv[ED25519_PRV_KEY_SIZE];
@@ -4167,30 +4636,28 @@ static int test_ED25519(void)
     unsigned int sigSz = (unsigned int)sizeof(sig);
 #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
 
-    AssertIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(privSz, ED25519_PRV_KEY_SIZE);
-    AssertIntEQ(pubSz, ED25519_PUB_KEY_SIZE);
+    ExpectIntEQ(wolfSSL_ED25519_generate_key(priv, &privSz, pub, &pubSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(privSz, ED25519_PRV_KEY_SIZE);
+    ExpectIntEQ(pubSz, ED25519_PUB_KEY_SIZE);
 
 #if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_IMPORT)
-    AssertIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
-                                      &sigSz), WOLFSSL_SUCCESS);
-    AssertIntEQ(sigSz, ED25519_SIG_SIZE);
+    ExpectIntEQ(wolfSSL_ED25519_sign((byte*)msg, msglen, priv, privSz, sig,
+        &sigSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(sigSz, ED25519_SIG_SIZE);
 
 #ifdef HAVE_ED25519_VERIFY
-    AssertIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
-                                       sigSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_ED25519_verify((byte*)msg, msglen, pub, pubSz, sig,
+        sigSz), WOLFSSL_SUCCESS);
 #endif /* HAVE_ED25519_VERIFY */
 #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_IMPORT */
-
-    res = TEST_RES_CHECK(1);
 #endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT && WOLFSSL_KEY_GEN */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_ED448(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
     defined(WOLFSSL_KEY_GEN)
     byte         priv[ED448_PRV_KEY_SIZE];
@@ -4204,25 +4671,23 @@ static int test_ED448(void)
     unsigned int sigSz = (unsigned int)sizeof(sig);
 #endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
 
-    AssertIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(privSz, ED448_PRV_KEY_SIZE);
-    AssertIntEQ(pubSz, ED448_PUB_KEY_SIZE);
+    ExpectIntEQ(wolfSSL_ED448_generate_key(priv, &privSz, pub, &pubSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(privSz, ED448_PRV_KEY_SIZE);
+    ExpectIntEQ(pubSz, ED448_PUB_KEY_SIZE);
 
 #if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_IMPORT)
-    AssertIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
-                                   &sigSz), WOLFSSL_SUCCESS);
-    AssertIntEQ(sigSz, ED448_SIG_SIZE);
+    ExpectIntEQ(wolfSSL_ED448_sign((byte*)msg, msglen, priv, privSz, sig,
+        &sigSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(sigSz, ED448_SIG_SIZE);
 
 #ifdef HAVE_ED448_VERIFY
-    AssertIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
-                                     sigSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_ED448_verify((byte*)msg, msglen, pub, pubSz, sig,
+        sigSz), WOLFSSL_SUCCESS);
 #endif /* HAVE_ED448_VERIFY */
 #endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_IMPORT */
-
-    res = TEST_RES_CHECK(1);
 #endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT && WOLFSSL_KEY_GEN */
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* OPENSSL_EXTRA */
 
@@ -4233,9 +4698,8 @@ static int test_ED448(void)
 
 static int test_wolfSSL_EVP_PKEY_print_public(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     WOLFSSL_BIO* rbio = NULL;
     WOLFSSL_BIO* wbio = NULL;
     WOLFSSL_EVP_PKEY* pkey = NULL;
@@ -4486,18 +4950,15 @@ static int test_wolfSSL_EVP_PKEY_print_public(void)
     (void)line;
     (void)line1;
     (void)i;
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 /* Test functions for base64 encode/decode */
 static int test_wolfSSL_EVP_ENCODE_CTX_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && \
 ( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
-    EXPECT_DECLS;
     EVP_ENCODE_CTX* ctx = NULL;
 
     ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
@@ -4505,32 +4966,26 @@ static int test_wolfSSL_EVP_ENCODE_CTX_new(void)
     ExpectIntEQ(ctx->data[0],0);
     ExpectIntEQ(ctx->data[sizeof(ctx->data) -1],0);
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
-#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE)*/
-    return res;
+#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_ENCODE_CTX_free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && \
 ( defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE))
-    EXPECT_DECLS;
     EVP_ENCODE_CTX* ctx = NULL;
 
     ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
-#endif /*OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE)*/
-    return res;
+#endif /* OPENSSL_EXTRA && (WOLFSSL_BASE64_ENCODE || WOLFSSL_BASE64_DECODE) */
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_EncodeInit(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     EVP_ENCODE_CTX* ctx = NULL;
 
     ExpectNotNull(ctx = EVP_ENCODE_CTX_new());
@@ -4551,16 +5006,13 @@ static int test_wolfSSL_EVP_EncodeInit(void)
     ExpectIntEQ(ctx->data[sizeof(ctx->data) -1], 0);
 
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_EncodeUpdate(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     int outl;
     int total;
 
@@ -4568,6 +5020,7 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
     const unsigned char plain1[] = {"This is a base64 encodeing test."};
     const unsigned char plain2[] = {"This is additional data."};
 
+    const unsigned char encBlock0[] = {"VGg="};
     const unsigned char enc0[]   = {"VGg=\n"};
     /* expected encoded result for the first output 64 chars plus trailing LF*/
     const unsigned char enc1[]   = {"VGhpcyBpcyBhIGJhc2U2NCBlbmNvZGVpbmcgdGVzdC5UaGlzIGlzIGFkZGl0aW9u\n"};
@@ -4669,12 +5122,8 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
 
     XMEMSET( encOutBuff,0, sizeof(encOutBuff));
     ExpectIntEQ(EVP_EncodeBlock(encOutBuff, plain0, sizeof(plain0)-1),
-                sizeof(enc0)-1);
-    ExpectIntEQ(
-        XSTRNCMP(
-            (const char*)encOutBuff,
-            (const char*)enc0,sizeof(enc0) ),
-    0);
+                sizeof(encBlock0)-1);
+    ExpectStrEQ(encOutBuff, encBlock0);
 
     /* pass small size( < 48bytes ) input, then make sure they are not
      * encoded  and just stored in ctx
@@ -4748,10 +5197,8 @@ static int test_wolfSSL_EVP_EncodeUpdate(void)
     EVP_EncodeFinal(NULL, NULL, NULL);
 
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFSSL_BASE64_ENCODE*/
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_EncodeFinal(void)
 {
@@ -4768,9 +5215,8 @@ static int test_wolfSSL_EVP_EncodeFinal(void)
 
 static int test_wolfSSL_EVP_DecodeInit(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
     EVP_ENCODE_CTX* ctx = NULL;
 
     ExpectNotNull( ctx = EVP_ENCODE_CTX_new());
@@ -4791,16 +5237,13 @@ static int test_wolfSSL_EVP_DecodeInit(void)
     ExpectIntEQ( ctx->data[sizeof(ctx->data) -1],0);
 
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL && WOLFSSL_BASE_DECODE */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_DecodeUpdate(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_DECODE)
     int outl;
     unsigned char decOutBuff[300];
 
@@ -4907,7 +5350,7 @@ static int test_wolfSSL_EVP_DecodeUpdate(void)
                 &outl),
             1                    /* expected result code 1: success */
             );
-        ExpectIntEQ(outl, 0);   /* expected DecodeFinal outout no data */
+        ExpectIntEQ(outl, 0);   /* expected DecodeFinal output no data */
 
         ExpectIntEQ(XSTRNCMP( (const char*)plain2,(const char*)decOutBuff,
                               sizeof(plain2) -1 ),0);
@@ -5033,10 +5476,8 @@ static int test_wolfSSL_EVP_DecodeUpdate(void)
     }
 
     EVP_ENCODE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL && WOLFSSL_BASE_DECODE */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_DecodeFinal(void)
 {
@@ -5056,109 +5497,110 @@ static int test_wolfSSL_EVP_DecodeFinal(void)
 #ifdef OPENSSL_EXTRA
 static int test_wolfSSL_EVP_get_cipherbynid(void)
 {
+    EXPECT_DECLS;
 #ifndef NO_AES
     const WOLFSSL_EVP_CIPHER* c;
 
     c = wolfSSL_EVP_get_cipherbynid(419);
     #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
          defined(WOLFSSL_AES_128)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_128_CBC", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_128_CBC", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(423);
     #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
          defined(WOLFSSL_AES_192)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_192_CBC", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_192_CBC", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(427);
     #if (defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)) && \
          defined(WOLFSSL_AES_256)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_256_CBC", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_256_CBC", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(904);
     #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_128)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_128_CTR", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_128_CTR", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(905);
     #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_192)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_192_CTR", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_192_CTR", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(906);
     #if defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_256_CTR", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_256_CTR", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(418);
     #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_128)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_128_ECB", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_128_ECB", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(422);
     #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_192)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_192_ECB", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_192_ECB", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 
     c = wolfSSL_EVP_get_cipherbynid(426);
     #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
-        AssertNotNull(c);
-        AssertNotNull(strcmp("EVP_AES_256_ECB", c));
+        ExpectNotNull(c);
+        ExpectNotNull(XSTRCMP("EVP_AES_256_ECB", c));
     #else
-        AssertNull(c);
+        ExpectNull(c);
     #endif
 #endif /* !NO_AES */
 
 #ifndef NO_DES3
-    AssertNotNull(strcmp("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
+    ExpectNotNull(XSTRCMP("EVP_DES_CBC", wolfSSL_EVP_get_cipherbynid(31)));
 #ifdef WOLFSSL_DES_ECB
-    AssertNotNull(strcmp("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
+    ExpectNotNull(XSTRCMP("EVP_DES_ECB", wolfSSL_EVP_get_cipherbynid(29)));
 #endif
-    AssertNotNull(strcmp("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
+    ExpectNotNull(XSTRCMP("EVP_DES_EDE3_CBC", wolfSSL_EVP_get_cipherbynid(44)));
 #ifdef WOLFSSL_DES_ECB
-    AssertNotNull(strcmp("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
+    ExpectNotNull(XSTRCMP("EVP_DES_EDE3_ECB", wolfSSL_EVP_get_cipherbynid(33)));
 #endif
 #endif /* !NO_DES3 */
 
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-    AssertNotNull(strcmp("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018)));
+    ExpectNotNull(XSTRCMP("EVP_CHACHA20_POLY13O5", EVP_get_cipherbynid(1018)));
 #endif
 
     /* test for nid is out of range */
-    AssertNull(wolfSSL_EVP_get_cipherbynid(1));
+    ExpectNull(wolfSSL_EVP_get_cipherbynid(1));
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_CTX(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
     EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
     const EVP_CIPHER *init = EVP_aes_128_cbc();
@@ -5166,23 +5608,21 @@ static int test_wolfSSL_EVP_CIPHER_CTX(void)
     byte key[AES_BLOCK_SIZE] = {0};
     byte iv[AES_BLOCK_SIZE] = {0};
 
-    AssertNotNull(ctx);
+    ExpectNotNull(ctx);
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
     test = EVP_CIPHER_CTX_cipher(ctx);
-    AssertTrue(init == test);
-    AssertIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
+    ExpectTrue(init == test);
+    ExpectIntEQ(EVP_CIPHER_nid(test), NID_aes_128_cbc);
 
-    AssertIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_CIPHER_CTX_reset(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CIPHER_CTX_reset(NULL), WOLFSSL_FAILURE);
 
     EVP_CIPHER_CTX_free(ctx);
     /* test EVP_CIPHER_CTX_cleanup with NULL */
-    AssertIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(EVP_CIPHER_CTX_cleanup(NULL), WOLFSSL_SUCCESS);
 #endif /* !NO_AES && HAVE_AES_CBC && WOLFSSL_AES_128 */
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* OPENSSL_EXTRA */
 
@@ -5242,7 +5682,7 @@ static int test_wolfSSL_EVP_CIPHER_CTX(void)
         return 0;
     }
 
-    static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl,
+    static int myTicketEncCbOpenSSL(WOLFSSL* ssl,
                              byte name[WOLFSSL_TICKET_NAME_SZ],
                              byte iv[WOLFSSL_TICKET_IV_SZ],
                              WOLFSSL_EVP_CIPHER_CTX *ectx,
@@ -5294,11 +5734,29 @@ static WC_INLINE int test_ssl_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
     }
 
     if ((unsigned)(*len + sz) > TEST_SSL_MEMIO_BUF_SZ)
-            return WOLFSSL_CBIO_ERR_WANT_READ;
+        return WOLFSSL_CBIO_ERR_WANT_WRITE;
 
     XMEMCPY(buf + *len, data, sz);
     *len += sz;
 
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+    {
+        /* This can be imported into Wireshark by transforming the file with
+         *   od -Ax -tx1 -v test_output.dump > test_output.dump.hex
+         * And then loading test_output.dump.hex into Wireshark using the
+         * "Import from Hex Dump..." option ion and selecting the TCP
+         * encapsulation option. */
+        char dump_file_name[64];
+        WOLFSSL_BIO *dump_file;
+        sprintf(dump_file_name, "%s/%s.dump", tmpDirName, currentTestName);
+        dump_file = wolfSSL_BIO_new_file(dump_file_name, "a");
+        if (dump_file != NULL) {
+            (void)wolfSSL_BIO_write(dump_file, data, sz);
+            wolfSSL_BIO_free(dump_file);
+        }
+    }
+#endif
+
     return sz;
 }
 
@@ -5368,14 +5826,18 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
 #ifdef WOLFSSL_ENCRYPTED_KEYS
     wolfSSL_CTX_set_default_passwd_cb(ctx->c_ctx, PasswordCallBack);
 #endif
-    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx, caCertFile, 0),
-        WOLFSSL_SUCCESS);
+    if (ctx->c_cb.caPemFile != NULL)
+        ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
+                ctx->c_cb.caPemFile, 0), WOLFSSL_SUCCESS);
+    else
+        ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->c_ctx,
+                caCertFile, 0), WOLFSSL_SUCCESS);
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)
     if (!c_sharedCtx)
 #endif
     {
-        ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx->c_ctx, cliCertFile,
-            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->c_ctx,
+            cliCertFile), WOLFSSL_SUCCESS);
         ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx->c_ctx, cliKeyFile,
             WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
     }
@@ -5415,9 +5877,6 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
             method = wolfSSLv23_server_method();
         }
         ExpectNotNull(ctx->s_ctx = wolfSSL_CTX_new(method));
-        if (EXPECT_FAIL()) {
-            XFREE(method, NULL, DYNAMIC_TYPE_METHOD);
-        }
         ctx->s_cb.isSharedCtx = 0;
     }
     if (!ctx->s_cb.ticNoInit && (ctx->s_ctx != NULL)) {
@@ -5436,8 +5895,12 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
     wolfSSL_SetIOSend(ctx->s_ctx, test_ssl_memio_write_cb);
     wolfSSL_CTX_set_verify(ctx->s_ctx, WOLFSSL_VERIFY_PEER |
         WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
-    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx, cliCertFile, 0),
-        WOLFSSL_SUCCESS);
+    if (ctx->s_cb.caPemFile != NULL)
+        ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
+                ctx->s_cb.caPemFile, 0), WOLFSSL_SUCCESS);
+    else
+        ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx->s_ctx,
+                cliCertFile, 0), WOLFSSL_SUCCESS);
 #ifdef WOLFSSL_ENCRYPTED_KEYS
     wolfSSL_CTX_set_default_passwd_cb(ctx->s_ctx, PasswordCallBack);
 #endif
@@ -5448,8 +5911,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
     if (!s_sharedCtx)
 #endif
     {
-        ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx->s_ctx, certFile,
-            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CTX_use_certificate_chain_file(ctx->s_ctx,
+            certFile), WOLFSSL_SUCCESS);
     }
     if (ctx->s_cb.keyPemFile != NULL) {
         keyFile = ctx->s_cb.keyPemFile;
@@ -5482,8 +5945,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
 #endif
         )
     {
-        ExpectIntEQ(wolfSSL_use_certificate_file(ctx->c_ssl, cliCertFile,
-            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->c_ssl, cliCertFile),
+            WOLFSSL_SUCCESS);
         ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->c_ssl, cliKeyFile,
             WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
     }
@@ -5503,8 +5966,8 @@ static WC_INLINE int test_ssl_memio_setup(test_ssl_memio_ctx *ctx)
 #endif
         )
     {
-        ExpectIntEQ(wolfSSL_use_certificate_file(ctx->s_ssl, certFile,
-            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_use_certificate_chain_file(ctx->s_ssl, certFile),
+            WOLFSSL_SUCCESS);
         ExpectIntEQ(wolfSSL_use_PrivateKey_file(ctx->s_ssl, keyFile,
             WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
     }
@@ -5537,7 +6000,9 @@ static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
     }
     while ((!handshake_complete) && (max_rounds > 0)) {
         if (!hs_c) {
+            wolfSSL_SetLoggingPrefix("client");
             ret = wolfSSL_connect(ctx->c_ssl);
+            wolfSSL_SetLoggingPrefix(NULL);
             if (ret == WOLFSSL_SUCCESS) {
                 hs_c = 1;
             }
@@ -5554,7 +6019,9 @@ static int test_ssl_memio_do_handshake(test_ssl_memio_ctx* ctx, int max_rounds,
             }
         }
         if (!hs_s) {
+            wolfSSL_SetLoggingPrefix("server");
             ret = wolfSSL_accept(ctx->s_ssl);
+            wolfSSL_SetLoggingPrefix(NULL);
             if (ret == WOLFSSL_SUCCESS) {
                 hs_s = 1;
             }
@@ -5603,7 +6070,9 @@ static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
         msglen_s = ctx->s_msglen;
     }
 
+    wolfSSL_SetLoggingPrefix("client");
     ExpectIntEQ(wolfSSL_write(ctx->c_ssl, msg_c, msglen_c), msglen_c);
+    wolfSSL_SetLoggingPrefix("server");
     ExpectIntGT(idx = wolfSSL_read(ctx->s_ssl, input, sizeof(input) - 1), 0);
     if (idx >= 0) {
         input[idx] = '\0';
@@ -5611,7 +6080,9 @@ static int test_ssl_memio_read_write(test_ssl_memio_ctx* ctx)
     ExpectIntGT(fprintf(stderr, "Client message: %s\n", input), 0);
     ExpectIntEQ(wolfSSL_write(ctx->s_ssl, msg_s, msglen_s), msglen_s);
     ctx->s_cb.return_code = EXPECT_RESULT();
+    wolfSSL_SetLoggingPrefix("client");
     ExpectIntGT(idx = wolfSSL_read(ctx->c_ssl, input, sizeof(input) - 1), 0);
+    wolfSSL_SetLoggingPrefix(NULL);
     if (idx >= 0) {
         input[idx] = '\0';
     }
@@ -5687,6 +6158,14 @@ int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
         ExpectIntEQ(client_on_handshake(test_ctx.c_ctx, test_ctx.c_ssl),
             TEST_SUCCESS);
     }
+    if (client_cb->on_handshake != NULL) {
+        ExpectIntEQ(client_cb->on_handshake(&test_ctx.c_ctx, &test_ctx.c_ssl),
+            TEST_SUCCESS);
+    }
+    if (server_cb->on_handshake != NULL) {
+        ExpectIntEQ(server_cb->on_handshake(&test_ctx.s_ctx, &test_ctx.s_ssl),
+            TEST_SUCCESS);
+    }
 #ifdef WOLFSSL_HAVE_TLS_UNIQUE
     XMEMSET(server_side_msg2, 0, MD_MAX_SIZE);
     msg_len = wolfSSL_get_peer_finished(test_ctx.s_ssl, server_side_msg2,
@@ -5703,7 +6182,9 @@ int test_wolfSSL_client_server_nofail_memio(test_ssl_cbf* client_cb,
     test_ssl_memio_cleanup(&test_ctx);
 
     client_cb->return_code = test_ctx.c_cb.return_code;
+    client_cb->last_err = test_ctx.c_cb.last_err;
     server_cb->return_code = test_ctx.s_cb.return_code;
+    server_cb->last_err = test_ctx.s_cb.last_err;
 
     return EXPECT_RESULT();
 }
@@ -5814,8 +6295,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
     word16 port;
 
     callback_functions* cbf;
-    WOLFSSL_CTX* ctx = 0;
-    WOLFSSL* ssl = 0;
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL* ssl = NULL;
     func_args* opts = (func_args*)args;
 
     char msg[] = "I hear you fa shizzle!";
@@ -5833,6 +6314,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
     size_t msg_len = 0;
 #endif
 
+    wolfSSL_SetLoggingPrefix("server");
+
 #ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
 #endif
@@ -5858,10 +6341,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
     }
     if (ctx == NULL) {
         /* Release the wait for TCP ready. */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-        opts->signal->ready = 1;
-        PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+        signal_ready(opts->signal);
         goto done;
     }
 
@@ -6046,7 +6526,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
             if (ret < 0) { break; } else if (ret == 0) { continue; }
         }
     #endif
-        ret = wolfSSL_accept(ssl);
+        ret = wolfSSL_negotiate(ssl);
         err = wolfSSL_get_error(ssl, 0);
     } while (err == WC_PENDING_E);
     if (ret != WOLFSSL_SUCCESS) {
@@ -6123,9 +6603,9 @@ done:
 #endif
     }
 
-#ifndef WOLFSSL_TIRTOS
-    return 0;
-#endif
+    wolfSSL_SetLoggingPrefix(NULL);
+
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
@@ -6196,10 +6676,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
                                                            != WOLFSSL_SUCCESS) {
         /*err_sys("can't load ca file, Please run from wolfSSL home dir");*/
         /* Release the wait for TCP ready. */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-        opts->signal->ready = 1;
-        PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+        signal_ready(opts->signal);
         goto done;
     }
     if (!sharedCtx && wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
@@ -6207,10 +6684,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
         /*err_sys("can't load server cert chain file, "
                 "Please run from wolfSSL home dir");*/
         /* Release the wait for TCP ready. */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-        opts->signal->ready = 1;
-        PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+        signal_ready(opts->signal);
         goto done;
     }
     if (!sharedCtx && wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
@@ -6218,10 +6692,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
         /*err_sys("can't load server key file, "
                 "Please run from wolfSSL home dir");*/
         /* Release the wait for TCP ready. */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-        opts->signal->ready = 1;
-        PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+        signal_ready(opts->signal);
         goto done;
     }
     /* call ctx setup callback */
@@ -6232,33 +6703,23 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
     while (count != loop_count) {
         ssl = wolfSSL_new(ctx);
         if (ssl == NULL) {
-            /* Release the wait for TCP ready. */
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-            opts->signal->ready = 1;
-            PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+            signal_ready(opts->signal);
             goto done;
         }
         if (sharedCtx && wolfSSL_use_certificate_file(ssl, svrCertFile,
-                                        WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
+                                     WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
             /*err_sys("can't load server cert chain file, "
                     "Please run from wolfSSL home dir");*/
             /* Release the wait for TCP ready. */
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-            opts->signal->ready = 1;
-            PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+            signal_ready(opts->signal);
             goto done;
         }
         if (sharedCtx && wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
-                                        WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
+                                     WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
             /*err_sys("can't load server key file, "
                     "Please run from wolfSSL home dir");*/
             /* Release the wait for TCP ready. */
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&opts->signal->mutex));
-            opts->signal->ready = 1;
-            PTHREAD_CHECK_RET(pthread_cond_signal(&opts->signal->cond));
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&opts->signal->mutex));
+            signal_ready(opts->signal);
             goto done;
         }
 
@@ -6272,7 +6733,8 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_loop(void* args)
             cbf->ssl_ready(ssl);
         }
         /* do it here to detect failure */
-        tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
+        tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0,
+            0);
         CloseSocket(sockfd);
         if (wolfSSL_set_fd(ssl, clientfd) != WOLFSSL_SUCCESS) {
             /*err_sys("SSL_set_fd failed");*/
@@ -6342,9 +6804,7 @@ done:
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
 
-#ifndef WOLFSSL_TIRTOS
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */
 
@@ -6368,6 +6828,8 @@ static int test_client_nofail(void* args, cbType cb)
     int  doUdp = 0;
     const char* cipherName1, *cipherName2;
 
+    wolfSSL_SetLoggingPrefix("client");
+
 #ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
 #endif
@@ -6510,7 +6972,7 @@ static int test_client_nofail(void* args, cbType cb)
             if (ret < 0) { break; } else if (ret == 0) { continue; }
         }
     #endif
-        ret = wolfSSL_connect(ssl);
+        ret = wolfSSL_negotiate(ssl);
         err = wolfSSL_get_error(ssl, 0);
     } while (err == WC_PENDING_E);
     if (ret != WOLFSSL_SUCCESS) {
@@ -6587,6 +7049,9 @@ done:
     (void)args;
     (void)cb;
 #endif /* !NO_WOLFSSL_CLIENT */
+
+    wolfSSL_SetLoggingPrefix(NULL);
+
     return 0;
 }
 
@@ -6692,8 +7157,8 @@ static void test_client_reuse_WOLFSSLobj(void* args, cbType cb,
     tcp_connect(&sockfd, wolfSSLIP, ((func_args*)args)->signal->port,
                 0, 0, NULL);
 
-    if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) != WOLFSSL_SUCCESS)
-    {
+    if (wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0) !=
+                                                              WOLFSSL_SUCCESS) {
         /* err_sys("can't load ca file, Please run from wolfSSL home dir");*/
         goto done;
     }
@@ -6719,7 +7184,7 @@ static void test_client_reuse_WOLFSSLobj(void* args, cbType cb,
     if (ssl == NULL) {
         goto done;
     }
-    /* keep handshakre resources for re-using WOLFSSL obj */
+    /* keep handshake resources for re-using WOLFSSL obj */
     wolfSSL_KeepArrays(ssl);
     if (wolfSSL_KeepHandshakeResources(ssl)) {
         /* err_sys("SSL_KeepHandshakeResources failed"); */
@@ -6956,11 +7421,11 @@ static THREAD_RETURN WOLFSSL_THREAD run_wolfssl_server(void* args)
     }
 #else
     ctx = wolfSSL_CTX_new(callbacks->method());
+#endif
     if (ctx == NULL) {
         fprintf(stderr, "CTX new failed\n");
         goto cleanup;
     }
-#endif
 
     /* set defaults */
     if (callbacks->caPemFile == NULL)
@@ -7169,9 +7634,7 @@ cleanup:
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
 
-#ifndef WOLFSSL_TIRTOS
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 /* TLS Client for API unit testing - generic */
@@ -7209,14 +7672,12 @@ static void run_wolfssl_client(void* args)
         }
     }
 #else
-    if (ctx == NULL) {
-        ctx = wolfSSL_CTX_new(callbacks->method());
-    }
+    ctx = wolfSSL_CTX_new(callbacks->method());
+#endif
     if (ctx == NULL) {
         fprintf(stderr, "CTX new failed\n");
         goto cleanup;
     }
-#endif
 
 #ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
@@ -7424,11 +7885,11 @@ static int test_wolfSSL_read_write(void)
 
 static int test_wolfSSL_reuse_WOLFSSLobj(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && \
     !defined(WOLFSSL_NO_TLS12)
     /* The unit test for session resumption by re-using WOLFSSL object.
-     * WOLFSSL object is not cleared after first session. It re-use the obeject
+     * WOLFSSL object is not cleared after first session. It reuse the object
      * for second connection.
     */
     tcp_ready ready;
@@ -7437,7 +7898,6 @@ static int test_wolfSSL_reuse_WOLFSSLobj(void)
     THREAD_TYPE serverThread;
     callback_functions client_cbf;
     callback_functions server_cbf;
-    EXPECT_DECLS;
 
     XMEMSET(&client_args, 0, sizeof(func_args));
     XMEMSET(&server_args, 0, sizeof(func_args));
@@ -7478,10 +7938,9 @@ static int test_wolfSSL_reuse_WOLFSSLobj(void)
 #ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
 #endif
-
-    res = EXPECT_RESULT();
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) && !defined(WOLFSSL_TLS13) */
-    return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_SESSION_CACHE) &&
+        * !defined(WOLFSSL_TLS13) */
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7498,15 +7957,14 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_1_ctx_ready(
 
 static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
     defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     test_ssl_cbf client_cbf;
     test_ssl_cbf server_cbf;
 
-    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
-    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+    XMEMSET(&server_cbf, 0, sizeof(server_cbf));
 
 #ifdef WOLFSSL_TLS13
     client_cbf.method = wolfTLSv1_3_client_method;
@@ -7520,12 +7978,10 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_1(void)
 
     ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
     ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
         * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7534,23 +7990,22 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_2_ctx_ready(
     WOLFSSL_CTX* ctx)
 {
     wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify);
-    myVerifyAction = VERIFY_USE_PREVERFIY;
-    wolfSSL_CTX_set_verify_depth(ctx, 1);
+    myVerifyAction = VERIFY_OVERRIDE_ERROR;
+    wolfSSL_CTX_set_verify_depth(ctx, 0);
     return TEST_SUCCESS;
 }
 #endif
 
 static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
     defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     test_ssl_cbf client_cbf;
     test_ssl_cbf server_cbf;
 
-    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
-    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+    XMEMSET(&server_cbf, 0, sizeof(server_cbf));
 
 #ifdef WOLFSSL_TLS13
     client_cbf.method = wolfTLSv1_3_client_method;
@@ -7568,12 +8023,10 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_2(void)
 
     ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
     ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
         * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
@@ -7590,15 +8043,14 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_3_ctx_ready(
 
 static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_TIRTOS) && \
     defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     test_ssl_cbf client_cbf;
     test_ssl_cbf server_cbf;
 
-    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
-    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+    XMEMSET(&server_cbf, 0, sizeof(server_cbf));
 
 #ifdef WOLFSSL_TLS13
     client_cbf.method = wolfTLSv1_3_client_method;
@@ -7612,16 +8064,16 @@ static int test_wolfSSL_CTX_verifyDepth_ServerClient_3(void)
      * therefore, handshake becomes failure.
      */
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
-        &server_cbf, NULL), TEST_SUCCESS);
+        &server_cbf, NULL), TEST_FAIL);
 
-    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
-    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
+    ExpectIntEQ(client_cbf.return_code, TEST_FAIL);
+    ExpectIntEQ(server_cbf.return_code, TEST_FAIL);
+    ExpectIntEQ(client_cbf.last_err, MAX_CHAIN_ERROR);
+    ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
 #endif /* OPENSSL_EXTRA && !WOLFSSL_TIRTOS &&
         * HAVE_SSL_MEMIO_TESTS_DEPENDENCIES */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -7644,12 +8096,10 @@ static int test_wolfSSL_CTX_set_cipher_list_client_ctx_ready(WOLFSSL_CTX* ctx)
 
 static int test_wolfSSL_CTX_set_cipher_list(void)
 {
-    int res = TEST_SKIPPED;
-
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
     !defined(WOLFSSL_TIRTOS) && !defined(NO_AES) && !defined(WOLFSSL_NO_TLS12) \
     && !defined(NO_SHA256) && defined(HAVE_ECC)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctxClient = NULL;
     WOLFSSL*     sslClient = NULL;
     test_ssl_cbf client_cbf;
@@ -7674,7 +8124,7 @@ static int test_wolfSSL_CTX_set_cipher_list(void)
     ExpectTrue(wolfSSL_CTX_set_cipher_list(ctxClient, "ECDHE+AESGCM"));
     ExpectNotNull((sslClient = wolfSSL_new(ctxClient)));
 
-    /* check for the existance of an ECDHE ECDSA cipher suite */
+    /* check for the existence of an ECDHE ECDSA cipher suite */
     if (EXPECT_SUCCESS()) {
         int i = 0;
         int found = 0;
@@ -7699,10 +8149,8 @@ static int test_wolfSSL_CTX_set_cipher_list(void)
 
     wolfSSL_free(sslClient);
     wolfSSL_CTX_free(ctxClient);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -7724,16 +8172,16 @@ static int test_wolfSSL_get_finished_client_on_handshake(WOLFSSL_CTX* ctx,
     XMEMSET(client_side_msg2, 0, MD_MAX_SIZE);
     msg_len = wolfSSL_get_peer_finished(ssl, client_side_msg2, MD_MAX_SIZE);
     ExpectIntGE(msg_len, 0);
+
     return EXPECT_RESULT();
 }
 #endif
 
 static int test_wolfSSL_get_finished(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
     defined(WOLFSSL_HAVE_TLS_UNIQUE)
-    EXPECT_DECLS;
     test_ssl_cbf client_cbf;
     test_ssl_cbf server_cbf;
 
@@ -7747,11 +8195,9 @@ static int test_wolfSSL_get_finished(void)
     /* test received msg vs sent msg */
     ExpectIntEQ(0, XMEMCMP(client_side_msg1, server_side_msg2, MD_MAX_SIZE));
     ExpectIntEQ(0, XMEMCMP(client_side_msg2, server_side_msg1, MD_MAX_SIZE));
-
-    res = EXPECT_RESULT();
 #endif /* HAVE_SSL_MEMIO_TESTS_DEPENDENCIES && WOLFSSL_HAVE_TLS_UNIQUE */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
@@ -7852,11 +8298,10 @@ static void test_wolfSSL_CTX_add_session_ssl_ready(WOLFSSL* ssl)
 
 static int test_wolfSSL_CTX_add_session(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
     !defined(SINGLE_THREADED) && defined(WOLFSSL_TLS13) && \
     !defined(NO_SESSION_CACHE)
-    EXPECT_DECLS;
     tcp_ready ready;
     func_args client_args;
     func_args server_args;
@@ -7952,11 +8397,9 @@ static int test_wolfSSL_CTX_add_session(void)
         if (EXPECT_FAIL())
             break;
     }
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 #if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
      defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
@@ -7996,7 +8439,9 @@ static hashTable server_sessionCache;
 static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess)
 {
     int i;
+    unsigned int len;
     (void)ssl;
+
     /*
      * This example uses a hash table.
      * Steps you should take for a non-demo code:
@@ -8018,11 +8463,7 @@ static int twcase_new_sessionCb(WOLFSSL *ssl, WOLFSSL_SESSION *sess)
     }
     for (i = 0; i < SESSION_CACHE_SIZE; i++) {
         if (server_sessionCache.entries[i].value == NULL) {
-            if (sess->haveAltSessionID == 1)
-                server_sessionCache.entries[i].key = sess->altSessionID;
-            else
-                server_sessionCache.entries[i].key = sess->sessionID;
-
+            server_sessionCache.entries[i].key = SSL_SESSION_get_id(sess, &len);
             server_sessionCache.entries[i].value = sess;
             server_sessionCache.length++;
             break;
@@ -8134,7 +8575,7 @@ static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx)
             WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE,
             WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE);
 #endif
-    /* off - Donot setup external cache */
+    /* off - Do not setup external cache */
 
     /* Require both peers to provide certs */
     wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
@@ -8143,12 +8584,11 @@ static int twcase_cache_intOff_extOff(WOLFSSL_CTX* ctx)
 
 static int twcase_cache_intOn_extOff(WOLFSSL_CTX* ctx)
 {
-    EXPECT_DECLS;
-    /* on - internal cache is on by default*/
-    /* off - Donot setup external cache */
+    /* on - internal cache is on by default */
+    /* off - Do not setup external cache */
     /* Require both peers to provide certs */
     wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
-    return EXPECT_RESULT();
+    return TEST_SUCCESS;
 }
 
 static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx)
@@ -8174,7 +8614,6 @@ static int twcase_cache_intOff_extOn(WOLFSSL_CTX* ctx)
 
 static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx)
 {
-    EXPECT_DECLS;
     /* on - internal cache is on by default */
     /* on - Enable external cache */
     wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
@@ -8183,11 +8622,10 @@ static int twcase_cache_intOn_extOn(WOLFSSL_CTX* ctx)
 
     /* Require both peers to provide certs */
     wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
-    return EXPECT_RESULT();
+    return TEST_SUCCESS;
 }
 static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx)
 {
-    EXPECT_DECLS;
     /* on - internal cache is on by default */
     /* on - Enable external cache */
     wolfSSL_CTX_sess_set_new_cb(ctx, twcase_new_sessionCb);
@@ -8197,7 +8635,7 @@ static int twcase_cache_intOn_extOn_noTicket(WOLFSSL_CTX* ctx)
     wolfSSL_CTX_set_options(ctx, WOLFSSL_OP_NO_TICKET);
     /* Require both peers to provide certs */
     wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
-    return EXPECT_RESULT();
+    return TEST_SUCCESS;
 }
 static int twcase_server_sess_ctx_pre_shutdown(WOLFSSL* ssl)
 {
@@ -8291,51 +8729,19 @@ static int twcase_client_set_sess_ssl_ready(WOLFSSL* ssl)
                 WOLFSSL_SUCCESS);
     return EXPECT_RESULT();
 }
-#endif
 
-static int test_wolfSSL_CTX_add_session_ext(void)
+struct test_add_session_ext_params {
+    method_provider client_meth;
+    method_provider server_meth;
+    const char* tls_version;
+};
+
+static int test_wolfSSL_CTX_add_session_ext(
+    struct test_add_session_ext_params* param)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
-     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
-     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
-     defined(HAVE_SESSION_TICKET) && \
-    !defined(TITAN_SESSION_CACHE) && \
-    !defined(HUGE_SESSION_CACHE) && \
-    !defined(BIG_SESSION_CACHE) && \
-    !defined(MEDIUM_SESSION_CACHE)
     EXPECT_DECLS;
     /* Test the default 33 sessions */
-
-    struct test_params {
-        method_provider client_meth;
-        method_provider server_meth;
-        const char* tls_version;
-    } params[] = {
-#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
-    defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
-        { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
-#ifdef WOLFSSL_DTLS13
-        { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
-#endif
-#endif
-#ifndef WOLFSSL_NO_TLS12
-        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
-#ifdef WOLFSSL_DTLS
-        { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
-#endif
-#endif
-#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
-        !defined(NO_DES3))
-        { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
-#ifdef WOLFSSL_DTLS
-        { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
-#endif
-#endif
-    };
-
-    const int paramsLen = sizeof(params)/sizeof(*params);
-    int i, j;
+    int j;
 
     /* Clear cache before starting */
     wolfSSL_CTX_flush_sessions(NULL, -1);
@@ -8345,234 +8751,358 @@ static int test_wolfSSL_CTX_add_session_ext(void)
         return BAD_MUTEX_E;
     server_sessionCache.capacity = SESSION_CACHE_SIZE;
 
-    for (i = 0; i < paramsLen; i++) {
-        fprintf(stderr, "\tBegin %s\n", params[i].tls_version);
-        for (j = 0; j < 5; j++) {
-            int tls13 = XSTRSTR(params[i].tls_version, "TLSv1_3") != NULL;
-            int dtls = XSTRSTR(params[i].tls_version, "DTLS") != NULL;
-            test_ssl_cbf client_cb;
-            test_ssl_cbf server_cb;
-
-            (void)dtls;
-
-            /* Test five cache configurations */
-            twcase_client_first_session_ptr = NULL;
-            twcase_server_first_session_ptr = NULL;
-            twcase_server_current_ctx_ptr = NULL;
-            twcase_new_session_called    = 0;
-            twcase_remove_session_called = 0;
-            twcase_get_session_called    = 0;
-
-            /* connection 1 - first connection */
-            fprintf(stderr, "\tconnect: %s: j=%d, methodsLen=%d\n",
-                    params[i].tls_version, j, paramsLen);
-
-            XMEMSET(&client_cb, 0, sizeof(callback_functions));
-            XMEMSET(&server_cb, 0, sizeof(callback_functions));
-            client_cb.method  = params[i].client_meth;
-            server_cb.method  = params[i].server_meth;
-
-            if (dtls)
-                client_cb.doUdp = server_cb.doUdp = 1;
+    fprintf(stderr, "\tBegin %s\n", param->tls_version);
+    for (j = 0; j < 5; j++) {
+        int tls13 = XSTRSTR(param->tls_version, "TLSv1_3") != NULL;
+        int dtls = XSTRSTR(param->tls_version, "DTLS") != NULL;
+        test_ssl_cbf client_cb;
+        test_ssl_cbf server_cb;
+
+        (void)dtls;
+
+        /* Test five cache configurations */
+        twcase_client_first_session_ptr = NULL;
+        twcase_server_first_session_ptr = NULL;
+        twcase_server_current_ctx_ptr = NULL;
+        twcase_new_session_called    = 0;
+        twcase_remove_session_called = 0;
+        twcase_get_session_called    = 0;
+
+        /* connection 1 - first connection */
+        fprintf(stderr, "\tconnect: %s: j=%d\n", param->tls_version, j);
+
+        XMEMSET(&client_cb, 0, sizeof(client_cb));
+        XMEMSET(&server_cb, 0, sizeof(server_cb));
+        client_cb.method  = param->client_meth;
+        server_cb.method  = param->server_meth;
+
+        if (dtls)
+            client_cb.doUdp = server_cb.doUdp = 1;
+
+        /* Setup internal and external cache */
+        switch (j) {
+            case 0:
+                /* SSL_OP_NO_TICKET stateful ticket case */
+                server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket;
+                break;
+            case 1:
+                server_cb.ctx_ready = twcase_cache_intOn_extOn;
+                break;
+            case 2:
+                server_cb.ctx_ready = twcase_cache_intOff_extOn;
+                break;
+            case 3:
+                server_cb.ctx_ready = twcase_cache_intOn_extOff;
+                break;
+            case 4:
+                server_cb.ctx_ready = twcase_cache_intOff_extOff;
+                break;
+        }
+        client_cb.ctx_ready = twcase_cache_intOff_extOff;
 
-            /* Setup internal and external cache */
-            switch (j) {
-                case 0:
-                    /* SSL_OP_NO_TICKET stateful ticket case */
-                    server_cb.ctx_ready = twcase_cache_intOn_extOn_noTicket;
-                    break;
-                case 1:
-                    server_cb.ctx_ready = twcase_cache_intOn_extOn;
-                    break;
-                case 2:
-                    server_cb.ctx_ready = twcase_cache_intOff_extOn;
-                    break;
-                case 3:
-                    server_cb.ctx_ready = twcase_cache_intOn_extOff;
-                    break;
-                case 4:
-                    server_cb.ctx_ready = twcase_cache_intOff_extOff;
-                    break;
-            }
-            client_cb.ctx_ready = twcase_cache_intOff_extOff;
+        /* Add session to internal cache and save SSL session for testing */
+        server_cb.on_result = twcase_server_sess_ctx_pre_shutdown;
+        /* Save client SSL session for testing */
+        client_cb.on_result = twcase_client_sess_ctx_pre_shutdown;
+        server_cb.ticNoInit = 1; /* Use default builtin */
+        /* Don't free/release ctx */
+        server_cb.ctx = twcase_server_current_ctx_ptr;
+        server_cb.isSharedCtx = 1;
 
-            /* Add session to internal cache and save SSL session for testing */
-            server_cb.on_result = twcase_server_sess_ctx_pre_shutdown;
-            /* Save client SSL session for testing */
-            client_cb.on_result = twcase_client_sess_ctx_pre_shutdown;
-            server_cb.ticNoInit = 1; /* Use default builtin */
-            /* Don't free/release ctx */
-            server_cb.ctx = twcase_server_current_ctx_ptr;
-            server_cb.isSharedCtx = 1;
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
+            &server_cb, NULL), TEST_SUCCESS);
 
-            ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
-                &server_cb, NULL), TEST_SUCCESS);
+        ExpectIntEQ(twcase_get_session_called, 0);
+        if (EXPECT_FAIL()) {
+            wolfSSL_SESSION_free(twcase_client_first_session_ptr);
+            wolfSSL_SESSION_free(twcase_server_first_session_ptr);
+            wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
+            break;
+        }
 
-            ExpectIntEQ(twcase_get_session_called, 0);
-            if (EXPECT_FAIL()) {
-                wolfSSL_SESSION_free(twcase_client_first_session_ptr);
-                wolfSSL_SESSION_free(twcase_server_first_session_ptr);
-                wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
+        switch (j) {
+            case 0:
+            case 1:
+            case 2:
+                /* cache cannot be searched with out a connection */
+                /* Add a new session */
+                ExpectIntEQ(twcase_new_session_called, 1);
+                /* In twcase_server_sess_ctx_pre_shutdown
+                 * wolfSSL_CTX_add_session which evicts the existing session
+                 * in cache and adds it back in */
+                ExpectIntLE(twcase_remove_session_called, 1);
                 break;
-            }
-
-            switch (j) {
-                case 0:
-                case 1:
-                case 2:
-                    /* cache cannot be searched with out a connection */
-                    /* Add a new session */
-                    ExpectIntEQ(twcase_new_session_called, 1);
-                    /* In twcase_server_sess_ctx_pre_shutdown
-                     * wolfSSL_CTX_add_session which evicts the existing session
-                     * in cache and adds it back in */
-                    ExpectIntLE(twcase_remove_session_called, 1);
-                    break;
-                case 3:
-                case 4:
-                    /* no external cache  */
-                    ExpectIntEQ(twcase_new_session_called, 0);
-                    ExpectIntEQ(twcase_remove_session_called, 0);
-                    break;
-            }
+            case 3:
+            case 4:
+                /* no external cache  */
+                ExpectIntEQ(twcase_new_session_called, 0);
+                ExpectIntEQ(twcase_remove_session_called, 0);
+                break;
+        }
 
-            /* connection 2 - session resume */
-            fprintf(stderr, "\tresume: %s: j=%d, methodsLen=%d\n",
-                    params[i].tls_version, j, paramsLen);
-            twcase_new_session_called    = 0;
-            twcase_remove_session_called = 0;
-            twcase_get_session_called    = 0;
-            server_cb.on_result = 0;
-            client_cb.on_result = 0;
-            server_cb.ticNoInit = 1; /* Use default builtin */
+        /* connection 2 - session resume */
+        fprintf(stderr, "\tresume: %s: j=%d\n", param->tls_version, j);
+        twcase_new_session_called    = 0;
+        twcase_remove_session_called = 0;
+        twcase_get_session_called    = 0;
+        server_cb.on_result = 0;
+        client_cb.on_result = 0;
+        server_cb.ticNoInit = 1; /* Use default builtin */
 
-            server_cb.ctx = twcase_server_current_ctx_ptr;
+        server_cb.ctx = twcase_server_current_ctx_ptr;
 
-            /* try session resumption */
-            client_cb.ssl_ready = twcase_client_set_sess_ssl_ready;
+        /* try session resumption */
+        client_cb.ssl_ready = twcase_client_set_sess_ssl_ready;
 
-            ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
-                &server_cb, NULL), TEST_SUCCESS);
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
+            &server_cb, NULL), TEST_SUCCESS);
 
-            /* Clear cache before checking */
-            wolfSSL_CTX_flush_sessions(NULL, -1);
+        /* Clear cache before checking */
+        wolfSSL_CTX_flush_sessions(NULL, -1);
 
-            switch (j) {
-                case 0:
-                    if (tls13) {
-                        /* (D)TLSv1.3 stateful case */
-                        /* cache hit */
-                        /* DTLS accesses cache once for stateless parsing and
-                         * once for stateful parsing */
-                        ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+        switch (j) {
+            case 0:
+                if (tls13) {
+                    /* (D)TLSv1.3 stateful case */
+                    /* cache hit */
+                    /* DTLS accesses cache once for stateless parsing and
+                     * once for stateful parsing */
+                    ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
 
-                        /* (D)TLSv1.3 creates a new ticket,
-                         * updates both internal and external cache */
-                        ExpectIntEQ(twcase_new_session_called, 1);
-                        ExpectIntEQ(twcase_remove_session_called, 1);
+                    /* (D)TLSv1.3 creates a new ticket,
+                     * updates both internal and external cache */
+                    ExpectIntEQ(twcase_new_session_called, 1);
+                    /* A new session ID is created for a new ticket */
+                    ExpectIntEQ(twcase_remove_session_called, 2);
 
-                    }
-                    else {
-                        /* non (D)TLSv1.3 case, no update */
-                        /* DTLS accesses cache once for stateless parsing and
-                         * once for stateful parsing */
+                }
+                else {
+                    /* non (D)TLSv1.3 case, no update */
+                    /* DTLS accesses cache once for stateless parsing and
+                     * once for stateful parsing */
 #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
-                        ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+                    ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
 #else
-                        ExpectIntEQ(twcase_get_session_called, 1);
+                    ExpectIntEQ(twcase_get_session_called, 1);
 #endif
-                        ExpectIntEQ(twcase_new_session_called, 0);
-                        /* Called on session added in
-                         * twcase_server_sess_ctx_pre_shutdown */
-                        ExpectIntEQ(twcase_remove_session_called, 1);
-                    }
-                    break;
-                case 1:
-                    if (tls13) {
-                        /* (D)TLSv1.3 case */
-                        /* cache hit */
-                        ExpectIntEQ(twcase_get_session_called, 1);
-                        /* (D)TLSv1.3 creates a new ticket,
-                         * updates both internal and external cache */
-                        ExpectIntEQ(twcase_new_session_called, 1);
-                        /* Called on session added in
-                         * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
-                        ExpectIntEQ(twcase_remove_session_called, 1);
-                    }
-                    else {
-                        /* non (D)TLSv1.3 case */
-                        /* cache hit */
-                        /* DTLS accesses cache once for stateless parsing and
-                         * once for stateful parsing */
+                    ExpectIntEQ(twcase_new_session_called, 0);
+                    /* Called on session added in
+                     * twcase_server_sess_ctx_pre_shutdown */
+                    ExpectIntEQ(twcase_remove_session_called, 1);
+                }
+                break;
+            case 1:
+                if (tls13) {
+                    /* (D)TLSv1.3 case */
+                    /* cache hit */
+                    ExpectIntEQ(twcase_get_session_called, 1);
+                    /* (D)TLSv1.3 creates a new ticket,
+                     * updates both internal and external cache */
+                    ExpectIntEQ(twcase_new_session_called, 1);
+                    /* Called on session added in
+                     * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
+                    ExpectIntEQ(twcase_remove_session_called, 1);
+                }
+                else {
+                    /* non (D)TLSv1.3 case */
+                    /* cache hit */
+                    /* DTLS accesses cache once for stateless parsing and
+                     * once for stateful parsing */
 #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
-                        ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+                    ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
 #else
-                        ExpectIntEQ(twcase_get_session_called, 1);
+                    ExpectIntEQ(twcase_get_session_called, 1);
 #endif
-                        ExpectIntEQ(twcase_new_session_called, 0);
-                        /* Called on session added in
-                         * twcase_server_sess_ctx_pre_shutdown */
-                        ExpectIntEQ(twcase_remove_session_called, 1);
-                    }
-                    break;
-                case 2:
-                    if (tls13) {
-                        /* (D)TLSv1.3 case */
-                        /* cache hit */
-                        ExpectIntEQ(twcase_get_session_called, 1);
-                        /* (D)TLSv1.3 creates a new ticket,
-                         * updates both internal and external cache */
-                        ExpectIntEQ(twcase_new_session_called, 1);
-                        /* Called on session added in
-                         * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
-                        ExpectIntEQ(twcase_remove_session_called, 1);
-                    }
-                    else {
-                        /* non (D)TLSv1.3 case */
-                        /* cache hit */
-                        /* DTLS accesses cache once for stateless parsing and
-                         * once for stateful parsing */
+                    ExpectIntEQ(twcase_new_session_called, 0);
+                    /* Called on session added in
+                     * twcase_server_sess_ctx_pre_shutdown */
+                    ExpectIntEQ(twcase_remove_session_called, 1);
+                }
+                break;
+            case 2:
+                if (tls13) {
+                    /* (D)TLSv1.3 case */
+                    /* cache hit */
+                    ExpectIntEQ(twcase_get_session_called, 1);
+                    /* (D)TLSv1.3 creates a new ticket,
+                     * updates both internal and external cache */
+                    ExpectIntEQ(twcase_new_session_called, 1);
+                    /* Called on session added in
+                     * twcase_server_sess_ctx_pre_shutdown and by wolfSSL */
+                    ExpectIntEQ(twcase_remove_session_called, 1);
+                }
+                else {
+                    /* non (D)TLSv1.3 case */
+                    /* cache hit */
+                    /* DTLS accesses cache once for stateless parsing and
+                     * once for stateful parsing */
 #ifdef WOLFSSL_DTLS_NO_HVR_ON_RESUME
-                        ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
+                    ExpectIntEQ(twcase_get_session_called, !dtls ? 1 : 2);
 #else
-                        ExpectIntEQ(twcase_get_session_called, 1);
+                    ExpectIntEQ(twcase_get_session_called, 1);
 #endif
-                        ExpectIntEQ(twcase_new_session_called, 0);
-                        /* Called on session added in
-                         * twcase_server_sess_ctx_pre_shutdown */
-                        ExpectIntEQ(twcase_remove_session_called, 1);
-                    }
-                    break;
-                case 3:
-                case 4:
-                    /* no external cache */
-                    ExpectIntEQ(twcase_get_session_called, 0);
                     ExpectIntEQ(twcase_new_session_called, 0);
-                    ExpectIntEQ(twcase_remove_session_called, 0);
-                    break;
-            }
-            wolfSSL_SESSION_free(twcase_client_first_session_ptr);
-            wolfSSL_SESSION_free(twcase_server_first_session_ptr);
-            wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
-
-            if (EXPECT_FAIL())
+                    /* Called on session added in
+                     * twcase_server_sess_ctx_pre_shutdown */
+                    ExpectIntEQ(twcase_remove_session_called, 1);
+                }
+                break;
+            case 3:
+            case 4:
+                /* no external cache */
+                ExpectIntEQ(twcase_get_session_called, 0);
+                ExpectIntEQ(twcase_new_session_called, 0);
+                ExpectIntEQ(twcase_remove_session_called, 0);
                 break;
         }
-        twcase_get_sessionCb_cleanup();
-        XMEMSET(&server_sessionCache.entries, 0,
-                sizeof(server_sessionCache.entries));
-        fprintf(stderr, "\tEnd %s\n", params[i].tls_version);
+        wolfSSL_SESSION_free(twcase_client_first_session_ptr);
+        wolfSSL_SESSION_free(twcase_server_first_session_ptr);
+        wolfSSL_CTX_free(twcase_server_current_ctx_ptr);
 
         if (EXPECT_FAIL())
             break;
     }
+    twcase_get_sessionCb_cleanup();
+    XMEMSET(&server_sessionCache.entries, 0,
+            sizeof(server_sessionCache.entries));
+    fprintf(stderr, "\tEnd %s\n", param->tls_version);
+
     wc_FreeMutex(&server_sessionCache.htLock);
-    res = EXPECT_RESULT();
-#endif
 
-    return res;
+    return EXPECT_RESULT();
 }
+#endif
 
+static int test_wolfSSL_CTX_add_session_ext_tls13(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+    defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
+    struct test_add_session_ext_params param[1] =  {
+        { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls13(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+    defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID)
+#ifdef WOLFSSL_DTLS13
+    struct test_add_session_ext_params param[1] =  {
+        { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_tls12(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#ifndef WOLFSSL_NO_TLS12
+    struct test_add_session_ext_params param[1] =  {
+        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls12(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#ifndef WOLFSSL_NO_TLS12
+#ifdef WOLFSSL_DTLS
+    struct test_add_session_ext_params param[1] =  {
+        { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_tls11(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+        !defined(NO_DES3))
+    struct test_add_session_ext_params param[1] =  {
+        { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_CTX_add_session_ext_dtls1(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_EXT_CACHE) && \
+     defined(WOLFSSL_TLS13) && !defined(NO_SESSION_CACHE) && \
+     defined(OPENSSL_EXTRA) && defined(SESSION_CERTS) && \
+     defined(HAVE_SESSION_TICKET) && \
+    !defined(TITAN_SESSION_CACHE) && \
+    !defined(HUGE_SESSION_CACHE) && \
+    !defined(BIG_SESSION_CACHE) && \
+    !defined(MEDIUM_SESSION_CACHE)
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+        !defined(NO_DES3))
+#ifdef WOLFSSL_DTLS
+    struct test_add_session_ext_params param[1] =  {
+        { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" }
+    };
+    ExpectIntEQ(test_wolfSSL_CTX_add_session_ext(param), TEST_SUCCESS);
+#endif
+#endif
+#endif
+    return EXPECT_RESULT();
+}
 
 #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
 /* canned export of a session using older version 3 */
@@ -8632,9 +9162,8 @@ static unsigned char version_3[] = {
 
 static int test_wolfSSL_dtls_export(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
     EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT)
     tcp_ready ready;
     func_args client_args;
     func_args server_args;
@@ -8779,7 +9308,7 @@ static int test_wolfSSL_dtls_export(void)
     ExpectIntGT(wolfSSL_dtls_export_state_only(ssl, window, &windowSz), 0);
     wolfSSL_free(ssl);
 
-    for (i = 1; i < server_args.argc; i++) {
+    for (i = 1; EXPECT_SUCCESS() && i < server_args.argc; i++) {
         /* restore state */
         ExpectNotNull(ssl = wolfSSL_new(ctx));
         ExpectIntGT(wolfSSL_dtls_import(ssl, session, sessionSz), 0);
@@ -8806,14 +9335,11 @@ static int test_wolfSSL_dtls_export(void)
     fdOpenSession(Task_self());
 #endif
     }
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
-
 #if defined(WOLFSSL_SESSION_EXPORT) && !defined(WOLFSSL_NO_TLS12)
 #ifdef WOLFSSL_TLS13
 static const byte canned_client_tls13_session[] = {
@@ -9064,11 +9590,7 @@ static THREAD_RETURN WOLFSSL_THREAD tls_export_server(void* args)
 
     if (wolfSSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) {
         /*err_sys("SSL_write failed");*/
-#ifdef WOLFSSL_TIRTOS
-        return;
-#else
-        return 0;
-#endif
+        WOLFSSL_RETURN_FROM_THREAD(0);
     }
 
 #ifdef WOLFSSL_TIRTOS
@@ -9102,9 +9624,7 @@ done:
 #endif
 #endif
 
-#ifndef WOLFSSL_TIRTOS
-    return 0;
-#endif
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 
@@ -9308,9 +9828,8 @@ static void test_wolfSSL_client_server(callback_functions* client_callbacks,
 #ifdef HAVE_SNI
 static int test_wolfSSL_UseSNI_params(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if !defined(NO_WOLFSSL_CLIENT)
     WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
     WOLFSSL     *ssl = wolfSSL_new(ctx);
 
@@ -9332,11 +9851,9 @@ static int test_wolfSSL_UseSNI_params(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* BEGIN of connection tests callbacks */
@@ -9449,89 +9966,117 @@ static int test_wolfSSL_UseSNI_connection(void)
     callback_functions client_cb;
     callback_functions server_cb;
     size_t i;
-
+#ifdef WOLFSSL_STATIC_MEMORY
+    byte cliMem[TEST_TLS_STATIC_MEMSZ];
+    byte svrMem[TEST_TLS_STATIC_MEMSZ];
+#endif
     struct {
         method_provider client_meth;
         method_provider server_meth;
+    #ifdef WOLFSSL_STATIC_MEMORY
+        wolfSSL_method_func client_meth_ex;
+        wolfSSL_method_func server_meth_ex;
+    #endif
     } methods[] = {
 #if defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_TLS13)
-        {wolfSSLv23_client_method, wolfSSLv23_server_method},
+        {wolfSSLv23_client_method, wolfSSLv23_server_method
+        #ifdef WOLFSSL_STATIC_MEMORY
+            ,wolfSSLv23_client_method_ex, wolfSSLv23_server_method_ex
+        #endif
+        },
 #endif
 #ifndef WOLFSSL_NO_TLS12
-        {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method},
+        {wolfTLSv1_2_client_method, wolfTLSv1_2_server_method
+        #ifdef WOLFSSL_STATIC_MEMORY
+            ,wolfTLSv1_2_client_method_ex, wolfTLSv1_2_server_method_ex
+        #endif
+        },
 #endif
 #ifdef WOLFSSL_TLS13
-        {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method},
+        {wolfTLSv1_3_client_method, wolfTLSv1_3_server_method
+        #ifdef WOLFSSL_STATIC_MEMORY
+            ,wolfTLSv1_3_client_method_ex, wolfTLSv1_3_server_method_ex
+        #endif
+        },
 #endif
     };
+    size_t methodsSz = sizeof(methods) / sizeof(*methods);
 
-    for (i = 0; i < (sizeof(methods)/sizeof(*methods)); i++) {
-    XMEMSET(&client_cb, 0, sizeof(callback_functions));
-    XMEMSET(&server_cb, 0, sizeof(callback_functions));
-    client_cb.method = methods[i].client_meth;
-    server_cb.method = methods[i].server_meth;
-    client_cb.devId = testDevId;
-    server_cb.devId = testDevId;
-
-    /* success case at ctx */
-    printf("success case at ctx\n");
-    client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
-    server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* success case at ssl */
-    printf("success case at ssl\n");
-    client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching;
-    server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* default mismatch behavior */
-    printf("default mismatch behavior\n");
-    client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client;
-    server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl;       server_cb.on_result = verify_UNKNOWN_SNI_on_server;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* continue on mismatch */
-    printf("continue on mismatch\n");
-    client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl;         client_cb.on_result = NULL;
-    server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* fake answer on mismatch */
-    printf("fake answer on mismatch\n");
-    client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl;            client_cb.on_result = NULL;
-    server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* sni abort - success */
-    printf("sni abort - success\n");
-    client_cb.ctx_ready = use_SNI_at_ctx;           client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
-    server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* sni abort - abort when absent (ctx) */
-    printf("sni abort - abort when absent (ctx)\n");
-    client_cb.ctx_ready = NULL;                     client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
-    server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* sni abort - abort when absent (ssl) */
-    printf("sni abort - abort when absent (ssl)\n");
-    client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL;                     client_cb.on_result = verify_FATAL_ERROR_on_client;
-    server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
-
-    /* sni abort - success when overwritten */
-    printf("sni abort - success when overwritten\n");
-    client_cb.ctx_ready = NULL;                     client_cb.ssl_ready = NULL;           client_cb.on_result = NULL;
-    server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
+    for (i = 0; i < methodsSz; i++) {
+        XMEMSET(&client_cb, 0, sizeof(callback_functions));
+        XMEMSET(&server_cb, 0, sizeof(callback_functions));
+        client_cb.method = methods[i].client_meth;
+        server_cb.method = methods[i].server_meth;
+        client_cb.devId = testDevId;
+        server_cb.devId = testDevId;
+    #ifdef WOLFSSL_STATIC_MEMORY
+        client_cb.method_ex = methods[i].client_meth_ex;
+        server_cb.method_ex = methods[i].server_meth_ex;
+        client_cb.mem = cliMem;
+        client_cb.memSz = (word32)sizeof(cliMem);
+        server_cb.mem = svrMem;
+        server_cb.memSz = (word32)sizeof(svrMem);;
+    #endif
 
-    /* sni abort - success when allowing mismatches */
-    printf("sni abort - success when allowing mismatches\n");
-    client_cb.ctx_ready = NULL;                            client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
-    server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL;                 server_cb.on_result = verify_SNI_fake_matching;
-    test_wolfSSL_client_server(&client_cb, &server_cb);
+        /* success case at ctx */
+        fprintf(stderr, "\n\tsuccess case at ctx\n");
+        client_cb.ctx_ready = use_SNI_at_ctx; client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
+        server_cb.ctx_ready = use_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* success case at ssl */
+        fprintf(stderr, "\tsuccess case at ssl\n");
+        client_cb.ctx_ready = NULL; client_cb.ssl_ready = use_SNI_at_ssl; client_cb.on_result = verify_SNI_real_matching;
+        server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_real_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* default mismatch behavior */
+        fprintf(stderr, "\tdefault mismatch behavior\n");
+        client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = verify_FATAL_ERROR_on_client;
+        server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_at_ssl;       server_cb.on_result = verify_UNKNOWN_SNI_on_server;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* continue on mismatch */
+        fprintf(stderr, "\tcontinue on mismatch\n");
+        client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl;         client_cb.on_result = NULL;
+        server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; server_cb.on_result = verify_SNI_no_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* fake answer on mismatch */
+        fprintf(stderr, "\tfake answer on mismatch\n");
+        client_cb.ctx_ready = NULL; client_cb.ssl_ready = different_SNI_at_ssl;            client_cb.on_result = NULL;
+        server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; server_cb.on_result = verify_SNI_fake_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* sni abort - success */
+        fprintf(stderr, "\tsni abort - success\n");
+        client_cb.ctx_ready = use_SNI_at_ctx;           client_cb.ssl_ready = NULL; client_cb.on_result = NULL;
+        server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_real_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* sni abort - abort when absent (ctx) */
+        fprintf(stderr, "\tsni abort - abort when absent (ctx)\n");
+        client_cb.ctx_ready = NULL;                     client_cb.ssl_ready = NULL; client_cb.on_result = verify_FATAL_ERROR_on_client;
+        server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL; server_cb.on_result = verify_SNI_ABSENT_on_server;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* sni abort - abort when absent (ssl) */
+        fprintf(stderr, "\tsni abort - abort when absent (ssl)\n");
+        client_cb.ctx_ready = NULL; client_cb.ssl_ready = NULL;                     client_cb.on_result = verify_FATAL_ERROR_on_client;
+        server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_MANDATORY_SNI_at_ssl; server_cb.on_result = verify_SNI_ABSENT_on_server;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* sni abort - success when overwritten */
+        fprintf(stderr, "\tsni abort - success when overwritten\n");
+        client_cb.ctx_ready = NULL;                     client_cb.ssl_ready = NULL;           client_cb.on_result = NULL;
+        server_cb.ctx_ready = use_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = use_SNI_at_ssl; server_cb.on_result = verify_SNI_no_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
+
+        /* sni abort - success when allowing mismatches */
+        fprintf(stderr, "\tsni abort - success when allowing mismatches\n");
+        client_cb.ctx_ready = NULL;                            client_cb.ssl_ready = different_SNI_at_ssl; client_cb.on_result = NULL;
+        server_cb.ctx_ready = use_PSEUDO_MANDATORY_SNI_at_ctx; server_cb.ssl_ready = NULL;                 server_cb.on_result = verify_SNI_fake_matching;
+        test_wolfSSL_client_server(&client_cb, &server_cb);
     }
 
     res = TEST_RES_CHECK(1);
@@ -9607,7 +10152,7 @@ static int test_wolfSSL_SNI_GetFromBuffer(void)
 
     byte buff5[] = { /* SSL v2.0 client hello */
         0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00,
-        /* dummy bytes bellow, just to pass size check */
+        /* dummy bytes below, just to pass size check */
         0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
         0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
         0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
@@ -9678,13 +10223,120 @@ static int test_wolfSSL_SNI_GetFromBuffer(void)
 
 #endif /* HAVE_IO_TESTS_DEPENDENCIES */
 
+
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
+    defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+/* Dummy peer functions to satisfy the exporter/importer */
+static int test_wolfSSL_dtls_export_peers_get_peer(WOLFSSL* ssl, char* ip,
+        int* ipSz, unsigned short* port, int* fam)
+{
+    (void)ssl;
+    ip[0] = -1;
+    *ipSz = 1;
+    *port = 1;
+    *fam = 2;
+    return 1;
+}
+
+static int test_wolfSSL_dtls_export_peers_set_peer(WOLFSSL* ssl, char* ip,
+        int ipSz, unsigned short port, int fam)
+{
+    (void)ssl;
+    if (ip[0] != -1 || ipSz != 1 || port != 1 || fam != 2)
+        return 0;
+    return 1;
+}
+
+static int test_wolfSSL_dtls_export_peers_on_handshake(WOLFSSL_CTX **ctx,
+        WOLFSSL **ssl)
+{
+    EXPECT_DECLS;
+    unsigned char* sessionBuf = NULL;
+    unsigned int sessionSz = 0;
+    void* ioWriteCtx = wolfSSL_GetIOWriteCtx(*ssl);
+    void* ioReadCtx = wolfSSL_GetIOReadCtx(*ssl);
+
+    wolfSSL_CTX_SetIOGetPeer(*ctx, test_wolfSSL_dtls_export_peers_get_peer);
+    wolfSSL_CTX_SetIOSetPeer(*ctx, test_wolfSSL_dtls_export_peers_set_peer);
+    ExpectIntGE(wolfSSL_dtls_export(*ssl, NULL, &sessionSz), 0);
+    ExpectNotNull(sessionBuf =
+        (unsigned char*)XMALLOC(sessionSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntGE(wolfSSL_dtls_export(*ssl, sessionBuf, &sessionSz), 0);
+    wolfSSL_free(*ssl);
+    *ssl = NULL;
+    ExpectNotNull(*ssl = wolfSSL_new(*ctx));
+    ExpectIntGE(wolfSSL_dtls_import(*ssl, sessionBuf, sessionSz), 0);
+    wolfSSL_SetIOWriteCtx(*ssl, ioWriteCtx);
+    wolfSSL_SetIOReadCtx(*ssl, ioReadCtx);
+
+    XFREE(sessionBuf, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_wolfSSL_dtls_export_peers(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(WOLFSSL_SESSION_EXPORT) && \
+    defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+    test_ssl_cbf client_cbf;
+    test_ssl_cbf server_cbf;
+    size_t i, j;
+    struct test_params {
+        method_provider client_meth;
+        method_provider server_meth;
+        const char* dtls_version;
+    } params[] = {
+#ifndef NO_OLD_TLS
+        {wolfDTLSv1_client_method, wolfDTLSv1_server_method, "1.0"},
+#endif
+        {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "1.2"},
+        /* TODO DTLS 1.3 exporting not supported
+#ifdef WOLFSSL_DTLS13
+        {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "1.3"},
+#endif
+         */
+    };
+
+    for (i = 0; i < sizeof(params)/sizeof(*params); i++) {
+        for (j = 0; j <= 0b11; j++) {
+            XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+            XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+            printf("\n\tTesting DTLS %s connection;", params[i].dtls_version);
+
+            client_cbf.method = params[i].client_meth;
+            server_cbf.method = params[i].server_meth;
+
+            if (j & 0b01) {
+                client_cbf.on_handshake =
+                        test_wolfSSL_dtls_export_peers_on_handshake;
+                printf(" With client export;");
+            }
+            if (j & 0b10) {
+                server_cbf.on_handshake =
+                        test_wolfSSL_dtls_export_peers_on_handshake;
+                printf(" With server export;");
+            }
+
+            printf("\n");
+
+            ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+                &server_cbf, NULL), TEST_SUCCESS);
+            if (!EXPECT_SUCCESS())
+                break;
+        }
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
 static int test_wolfSSL_UseTrustedCA(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_TRUSTED_CA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
     && !defined(NO_RSA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL     *ssl = NULL;
     byte        id[20];
@@ -9726,21 +10378,18 @@ static int test_wolfSSL_UseTrustedCA(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* HAVE_TRUSTED_CA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_UseMaxFragment(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_MAX_FRAGMENT) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA)
 
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
   #ifndef NO_WOLFSSL_SERVER
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
   #else
@@ -9812,20 +10461,17 @@ static int test_wolfSSL_UseMaxFragment(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_UseTruncatedHMAC(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_TRUNCATED_HMAC) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
   #ifndef NO_WOLFSSL_SERVER
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
   #else
@@ -9852,19 +10498,16 @@ static int test_wolfSSL_UseTruncatedHMAC(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_UseSupportedCurve(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_SUPPORTED_CURVES) && !defined(NO_WOLFSSL_CLIENT) && \
     !defined(NO_TLS)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
     WOLFSSL     *ssl = wolfSSL_new(ctx);
 
@@ -9888,11 +10531,9 @@ static int test_wolfSSL_UseSupportedCurve(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
@@ -10029,6 +10670,60 @@ static void verify_ALPN_client_list(WOLFSSL* ssl)
     AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_ALPN_FreePeerProtocol(ssl, &clist));
 }
 
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
+
+/* ALPN select callback, success with spdy/2 */
+static int select_ALPN_spdy2(WOLFSSL *ssl, const unsigned char **out,
+    unsigned char *outlen, const unsigned char *in,
+    unsigned int inlen, void *arg)
+{
+    /* spdy/2 */
+    const char proto[] = {0x73, 0x70, 0x64, 0x79, 0x2f, 0x32};
+
+    (void)ssl;
+    (void)arg;
+
+    /* adding +1 since LEN byte comes first */
+    if (inlen < sizeof(proto) + 1) {
+        return SSL_TLSEXT_ERR_ALERT_FATAL;
+    }
+
+    if (XMEMCMP(in + 1, proto, sizeof(proto)) == 0) {
+        *out = in + 1;
+        *outlen = (unsigned char)sizeof(proto);
+        return SSL_TLSEXT_ERR_OK;
+    }
+
+    return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+
+/* ALPN select callback, force failure */
+static int select_ALPN_failure(WOLFSSL *ssl, const unsigned char **out,
+    unsigned char *outlen, const unsigned char *in,
+    unsigned int inlen, void *arg)
+{
+    (void)ssl;
+    (void)out;
+    (void)outlen;
+    (void)in;
+    (void)inlen;
+    (void)arg;
+
+    return SSL_TLSEXT_ERR_ALERT_FATAL;
+}
+
+static void use_ALPN_spdy2_callback(WOLFSSL* ssl)
+{
+    wolfSSL_set_alpn_select_cb(ssl, select_ALPN_spdy2, NULL);
+}
+
+static void use_ALPN_failure_callback(WOLFSSL* ssl)
+{
+    wolfSSL_set_alpn_select_cb(ssl, select_ALPN_failure, NULL);
+}
+#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY | QUIC */
+
 static int test_wolfSSL_UseALPN_connection(void)
 {
     int res = TEST_SKIPPED;
@@ -10084,6 +10779,30 @@ static int test_wolfSSL_UseALPN_connection(void)
     server_cb.ctx_ready = NULL; server_cb.ssl_ready = use_ALPN_unknown; server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
     test_wolfSSL_client_server(&client_cb, &server_cb);
 
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(HAVE_LIGHTY)
+
+    /* WOLFSSL-level ALPN select callback tests */
+    /* Callback: success (one protocol, spdy/2) */
+    client_cb.ctx_ready = NULL;
+    client_cb.ssl_ready = use_ALPN_one;
+    client_cb.on_result = verify_ALPN_matching_spdy2;
+    server_cb.ctx_ready = NULL;
+    server_cb.ssl_ready = use_ALPN_spdy2_callback;
+    server_cb.on_result = verify_ALPN_matching_spdy2;
+    test_wolfSSL_client_server(&client_cb, &server_cb);
+
+    /* Callback: failure (one client protocol, spdy/2) */
+    client_cb.ctx_ready = NULL;
+    client_cb.ssl_ready = use_ALPN_one;
+    client_cb.on_result = NULL;
+    server_cb.ctx_ready = NULL;
+    server_cb.ssl_ready = use_ALPN_failure_callback;
+    server_cb.on_result = verify_ALPN_FATAL_ERROR_on_client;
+    test_wolfSSL_client_server(&client_cb, &server_cb);
+
+#endif /* OPENSSL_ALL | NGINX | HAPROXY | LIGHTY */
+
     res = TEST_RES_CHECK(1);
 #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
     return res;
@@ -10091,9 +10810,8 @@ static int test_wolfSSL_UseALPN_connection(void)
 
 static int test_wolfSSL_UseALPN_params(void)
 {
-    int res = TEST_SKIPPED;
-#ifndef NO_WOLFSSL_CLIENT
     EXPECT_DECLS;
+#ifndef NO_WOLFSSL_CLIENT
     /* "http/1.1" */
     char http1[] = {0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31};
     /* "spdy/1" */
@@ -10162,10 +10880,8 @@ static int test_wolfSSL_UseALPN_params(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* HAVE_ALPN  */
 
@@ -10273,9 +10989,8 @@ static int test_wolfSSL_set_alpn_protos(void)
 
 static int test_wolfSSL_DisableExtendedMasterSecret(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT)
     WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
     WOLFSSL     *ssl = wolfSSL_new(ctx);
 
@@ -10292,17 +11007,14 @@ static int test_wolfSSL_DisableExtendedMasterSecret(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if defined(HAVE_SECURE_RENEGOTIATION) && !defined(NO_WOLFSSL_CLIENT)
     WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
     WOLFSSL     *ssl = wolfSSL_new(ctx);
 
@@ -10319,21 +11031,18 @@ static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Test reconnecting with a different ciphersuite after a renegotiation. */
 static int test_wolfSSL_SCR_Reconnect(void)
 {
-    int res = TEST_SKIPPED;
-
+    EXPECT_DECLS;
 #if defined(HAVE_SECURE_RENEGOTIATION) && \
     defined(BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) && \
-    defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256)
-    EXPECT_DECLS;
+    defined(BUILD_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256) && \
+    defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
     struct test_memio_ctx test_ctx;
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
@@ -10372,10 +11081,8 @@ static int test_wolfSSL_SCR_Reconnect(void)
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_s);
     wolfSSL_CTX_free(ctx_c);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_SERVER) && \
@@ -10418,10 +11125,9 @@ static int BufferInfoRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
  */
 static int test_tls_ext_duplicate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_WOLFSSL_SERVER) && (!defined(NO_RSA) || defined(HAVE_ECC)) && \
     !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     const unsigned char clientHelloDupTlsExt[] = {
         0x16, 0x03, 0x03, 0x00, 0x6a, 0x01, 0x00, 0x00,
         0x66, 0x03, 0x03, 0xf4, 0x65, 0xbd, 0x22, 0xfe,
@@ -10484,10 +11190,8 @@ static int test_tls_ext_duplicate(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*----------------------------------------------------------------------------*
@@ -10495,12 +11199,11 @@ static int test_tls_ext_duplicate(void)
  *----------------------------------------------------------------------------*/
 static int test_wolfSSL_X509_NAME_get_entry(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA)
 #if defined(OPENSSL_ALL) || \
         (defined(OPENSSL_EXTRA) && \
             (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS)))
-    EXPECT_DECLS;
     /* use openssl like name to test mapping */
     X509_NAME_ENTRY* ne;
     X509_NAME* name;
@@ -10550,18 +11253,16 @@ static int test_wolfSSL_X509_NAME_get_entry(void)
     ExpectNotNull(ne = X509_NAME_get_entry(name, idx));
     ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
     wolfSSL_FreeX509(x509);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_ALL || (OPENSSL_EXTRA && (KEEP_PEER_CERT || SESSION_CERTS) */
 #endif /* !NO_CERTS && !NO_RSA */
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Testing functions dealing with PKCS12 parsing out X509 certs */
 static int test_wolfSSL_PKCS12(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
     /* .p12 file is encrypted with DES3 */
 #ifndef HAVE_FIPS /* Password used in cert "wolfSSL test" is only 12-bytes
                    * (96-bit) FIPS mode requires Minimum of 14-byte (112-bit)
@@ -10570,7 +11271,6 @@ static int test_wolfSSL_PKCS12(void)
 #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && !defined(NO_FILESYSTEM) && \
     !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_RSA) && \
     !defined(NO_SHA) && defined(HAVE_PKCS12) && !defined(NO_BIO)
-    EXPECT_DECLS;
     byte buf[6000];
     char file[] = "./certs/test-servercert.p12";
     char order[] = "./certs/ecc-rsa-server.p12";
@@ -10899,7 +11599,7 @@ static int test_wolfSSL_PKCS12(void)
     ExpectNull(pkey);
     ExpectNull(cert);
 
-    /* check parse iwth not extra certs kept */
+    /* check parse with not extra certs kept */
     ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, NULL),
         WOLFSSL_SUCCESS);
     ExpectNotNull(pkey);
@@ -10912,7 +11612,7 @@ static int test_wolfSSL_PKCS12(void)
 
     /* check parse with extra certs kept */
     ExpectIntEQ(ret = PKCS12_parse(pkcs12, "wolfSSL test", &pkey, &cert, &ca),
-        WOLFSSL_SUCCESS);;
+        WOLFSSL_SUCCESS);
     ExpectNotNull(pkey);
     ExpectNotNull(cert);
     ExpectNotNull(ca);
@@ -10945,11 +11645,9 @@ static int test_wolfSSL_PKCS12(void)
     BIO_free(bio);
 
     (void)order;
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
 #endif /* HAVE_FIPS */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -10981,16 +11679,15 @@ static WC_INLINE int FailTestCallBack(char* passwd, int sz, int rw, void* userda
 
 static int test_wolfSSL_no_password_cb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \
     && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     byte buff[FOURK_BUF];
     const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der";
     const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem";
     XFILE f = XBADFILE;
-    int bytes;
+    int bytes = 0;
 
 #ifndef NO_WOLFSSL_CLIENT
     ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLS_client_method()));
@@ -11021,10 +11718,8 @@ static int test_wolfSSL_no_password_cb(void)
 
     /* Password callback should not be called by default */
     ExpectIntEQ(failTestCallbackCalled, 0);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifdef TEST_PKCS8_ENC
@@ -11054,11 +11749,10 @@ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata)
 /* Testing functions dealing with PKCS8 */
 static int test_wolfSSL_PKCS8(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) && \
     !defined(WOLFCRYPT_ONLY)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     byte buff[FOURK_BUF];
     byte der[FOURK_BUF];
     #ifndef NO_RSA
@@ -11260,20 +11954,17 @@ static int test_wolfSSL_PKCS8(void)
 #endif /* HAVE_ECC */
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* !NO_FILESYSTEM && !NO_ASN && HAVE_PKCS8 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS8_ED25519(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
     defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED25519) && \
     defined(HAVE_ED25519_KEY_IMPORT)
-    EXPECT_DECLS;
     const byte encPrivKey[] = \
     "-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
     "MIGbMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAheCGLmWGh7+AICCAAw\n"
@@ -11299,20 +11990,17 @@ static int test_wolfSSL_PKCS8_ED25519(void)
         WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS8_ED448(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && defined(HAVE_PKCS8) && defined(HAVE_AES_CBC) && \
     defined(WOLFSSL_ENCRYPTED_KEYS) && defined(HAVE_ED448) && \
     defined(HAVE_ED448_KEY_IMPORT)
-    EXPECT_DECLS;
     const byte encPrivKey[] = \
     "-----BEGIN ENCRYPTED PRIVATE KEY-----\n"
     "MIGrMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAjSbZKnG4EPggICCAAw\n"
@@ -11338,19 +12026,16 @@ static int test_wolfSSL_PKCS8_ED448(void)
         WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Testing functions dealing with PKCS5 */
 static int test_wolfSSL_PKCS5(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA) && !defined(NO_PWDBASED)
 #ifdef HAVE_FIPS /* Password minimum length is 14 (112-bit) in FIPS MODE */
     const char* passwd = "myfipsPa$$W0rd";
 #else
@@ -11373,20 +12058,17 @@ static int test_wolfSSL_PKCS5(void)
 #endif
 
     XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_SHA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* test parsing URI from certificate */
 static int test_wolfSSL_URI(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
     && (defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \
     defined(OPENSSL_EXTRA))
-    EXPECT_DECLS;
     WOLFSSL_X509* x509 = NULL;
     const char uri[] = "./certs/client-uri-cert.pem";
     const char urn[] = "./certs/client-absolute-urn.pem";
@@ -11411,19 +12093,16 @@ static int test_wolfSSL_URI(void)
         WOLFSSL_FILETYPE_PEM));
 #endif
     wolfSSL_FreeX509(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_TBS(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
     && defined(OPENSSL_EXTRA)
-    EXPECT_DECLS;
     WOLFSSL_X509* x509 = NULL;
     const unsigned char* tbs;
     int tbsSz;
@@ -11437,18 +12116,15 @@ static int test_wolfSSL_TBS(void)
     ExpectIntEQ(tbsSz, 1003);
 
     wolfSSL_FreeX509(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_verify(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \
-    && defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
+    defined(OPENSSL_EXTRA)
     WOLFSSL_X509* ca = NULL;
     WOLFSSL_X509* serv = NULL;
     WOLFSSL_EVP_PKEY* pkey = NULL;
@@ -11456,24 +12132,24 @@ static int test_wolfSSL_X509_verify(void)
     const unsigned char* pt = NULL;
     int bufSz;
 
-    ExpectNotNull(ca =
-          wolfSSL_X509_load_certificate_file(caCertFile, WOLFSSL_FILETYPE_PEM));
+    ExpectNotNull(ca = wolfSSL_X509_load_certificate_file(caCertFile,
+        WOLFSSL_FILETYPE_PEM));
 
     ExpectIntNE(wolfSSL_X509_get_pubkey_buffer(NULL, buf, &bufSz),
-            WOLFSSL_SUCCESS);
+        WOLFSSL_SUCCESS);
     ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, NULL, &bufSz),
-            WOLFSSL_SUCCESS);
+        WOLFSSL_SUCCESS);
     ExpectIntEQ(bufSz, 294);
 
     bufSz = 2048;
     ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(ca, buf, &bufSz),
-            WOLFSSL_SUCCESS);
+        WOLFSSL_SUCCESS);
     ExpectIntEQ(wolfSSL_X509_get_pubkey_type(NULL), WOLFSSL_FAILURE);
     ExpectIntEQ(wolfSSL_X509_get_pubkey_type(ca), RSAk);
 
 
-    ExpectNotNull(serv =
-          wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM));
+    ExpectNotNull(serv = wolfSSL_X509_load_certificate_file(svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
 
     /* success case */
     pt = buf;
@@ -11488,7 +12164,7 @@ static int test_wolfSSL_X509_verify(void)
     /* fail case */
     bufSz = 2048;
     ExpectIntEQ(wolfSSL_X509_get_pubkey_buffer(serv, buf, &bufSz),
-            WOLFSSL_SUCCESS);
+        WOLFSSL_SUCCESS);
     pt = buf;
     ExpectNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz));
     ExpectIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_FAILURE);
@@ -11499,10 +12175,8 @@ static int test_wolfSSL_X509_verify(void)
 
     wolfSSL_FreeX509(ca);
     wolfSSL_FreeX509(serv);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -11600,11 +12274,10 @@ static int test_set_override_x509(WOLFSSL_CTX* ctx)
 
 static int test_wolfSSL_X509_TLS_version_test_1(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
          defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
          defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
-    EXPECT_DECLS;
     test_ssl_cbf func_cb_client;
     test_ssl_cbf func_cb_server;
 
@@ -11632,25 +12305,22 @@ static int test_wolfSSL_X509_TLS_version_test_1(void)
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
         &func_cb_server, NULL), TEST_SUCCESS);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_TLS_version_test_2(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DH) && !defined(NO_AES) && defined(WOLFSSL_CERT_GEN) && \
          defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
          defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
-    EXPECT_DECLS;
     test_ssl_cbf func_cb_client;
     test_ssl_cbf func_cb_server;
 
-    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
-    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
 
     func_cb_client.ctx_ready = &test_set_x509_badversion;
     func_cb_server.ctx_ready = &test_set_override_x509;
@@ -11668,11 +12338,9 @@ static int test_wolfSSL_X509_TLS_version_test_2(void)
 
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
         &func_cb_server, NULL), TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Testing function  wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
@@ -11732,10 +12400,9 @@ static int test_wolfSSL_CTX_SetMinVersion(void)
  */
 static int test_wolfSSL_UseOCSPStapling(void)
 {
-    int             res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP) && \
         !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX*    ctx = NULL;
     WOLFSSL*        ssl = NULL;
 
@@ -11766,11 +12433,9 @@ static int test_wolfSSL_UseOCSPStapling(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
-} /*END test_wolfSSL_UseOCSPStapling */
+    return EXPECT_RESULT();
+} /* END test_wolfSSL_UseOCSPStapling */
 
 
 /* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 function. OCSP
@@ -11780,10 +12445,9 @@ static int test_wolfSSL_UseOCSPStapling(void)
  */
 static int test_wolfSSL_UseOCSPStaplingV2(void)
 {
-    int                 res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP) && \
         !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX*        ctx = NULL;
     WOLFSSL*            ssl = NULL;
 
@@ -11814,10 +12478,8 @@ static int test_wolfSSL_UseOCSPStaplingV2(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wolfSSL_UseOCSPStaplingV2 */
 
@@ -11826,10 +12488,9 @@ static int test_wolfSSL_UseOCSPStaplingV2(void)
  *----------------------------------------------------------------------------*/
 static int test_wolfSSL_mcast(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_DTLS) && defined(WOLFSSL_MULTICAST) && \
     (defined(WOLFSSL_TLS13) || defined(WOLFSSL_SNIFFER))
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL* ssl = NULL;
     byte preMasterSecret[512];
@@ -11857,11 +12518,9 @@ static int test_wolfSSL_mcast(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* WOLFSSL_DTLS && WOLFSSL_MULTICAST && (WOLFSSL_TLS13 ||
         * WOLFSSL_SNIFFER) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -11874,186 +12533,89 @@ static int test_wolfSSL_mcast(void)
  */
 static int test_wc_InitBlake2b(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_BLAKE2
     Blake2b blake;
-    int ret = 0;
 
     /* Test good arg. */
-    ret = wc_InitBlake2b(&blake, 64);
-    if (ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitBlake2b(&blake, 64), 0);
     /* Test bad arg. */
-    if (!ret) {
-        ret = wc_InitBlake2b(NULL, 64);
-        if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
-
-    if (!ret) {
-        ret = wc_InitBlake2b(NULL, 128);
-        if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
-
-    if (!ret) {
-        ret = wc_InitBlake2b(&blake, 128);
-        if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
-
-    if (!ret) {
-        ret = wc_InitBlake2b(NULL, 0);
-        if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
-
-    if (!ret) {
-        ret = wc_InitBlake2b(&blake, 0);
-        if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
-
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitBlake2b(NULL, 64), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b(NULL, 128), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b(&blake, 128), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b(&blake, 0), BAD_FUNC_ARG);
 #endif
-    return res;
-}     /*END test_wc_InitBlake2b*/
+    return EXPECT_RESULT();
+}     /* END test_wc_InitBlake2b*/
 
 /*
  * Unit test for the wc_InitBlake2b_WithKey()
  */
 static int test_wc_InitBlake2b_WithKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_BLAKE2
     Blake2b     blake;
     word32      digestSz = BLAKE2B_KEYBYTES;
     byte        key[BLAKE2B_KEYBYTES];
     word32      keylen = BLAKE2B_KEYBYTES;
-    int ret = 0;
 
     XMEMSET(key, 0, sizeof(key));
 
     /* Test good arg. */
-    ret = wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen);
-    if (ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, keylen), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitBlake2b_WithKey(&blake, digestSz, key, 256);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen);
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitBlake2b_WithKey(NULL, digestSz, key, keylen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, key, 256),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2b_WithKey(&blake, digestSz, NULL, keylen), 0);
 #endif
-    return res;
-}     /*END wc_InitBlake2b_WithKey*/
+    return EXPECT_RESULT();
+}     /* END wc_InitBlake2b_WithKey*/
 
 /*
  * Unit test for the wc_InitBlake2s_WithKey()
  */
 static int test_wc_InitBlake2s_WithKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_BLAKE2S
     Blake2s     blake;
     word32      digestSz = BLAKE2S_KEYBYTES;
     byte        *key = (byte*)"01234567890123456789012345678901";
     word32      keylen = BLAKE2S_KEYBYTES;
-    int ret = 0;
 
     /* Test good arg. */
-    ret = wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen);
-    if (ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, keylen), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitBlake2s_WithKey(&blake, digestSz, key, 256);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen);
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitBlake2s_WithKey(NULL, digestSz, key, keylen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, key, 256),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitBlake2s_WithKey(&blake, digestSz, NULL, keylen), 0);
 #endif
-    return res;
-}     /*END wc_InitBlake2s_WithKey*/
+    return EXPECT_RESULT();
+}     /* END wc_InitBlake2s_WithKey*/
 
 /*
  * Unit test for the wc_InitMd5()
  */
 static int test_wc_InitMd5(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_MD5
     wc_Md5 md5;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitMd5(&md5);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitMd5(&md5), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitMd5(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitMd5(NULL), BAD_FUNC_ARG);
 
     wc_Md5Free(&md5);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }     /* END test_wc_InitMd5 */
 
 
@@ -12062,97 +12624,44 @@ static int test_wc_InitMd5(void)
  */
 static int test_wc_Md5Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_MD5
     wc_Md5 md5;
     byte hash[WC_MD5_DIGEST_SIZE];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitMd5(&md5);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitMd5(&md5), 0);
 
     /* Input */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Md5Final(&md5, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Md5Update(&md5, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
-                    "\x72";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Md5Final(&md5, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    /*Pass in bad values. */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_MD5_DIGEST_SIZE;
-
-        ret = wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+               "\x72";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Md5Update(&md5, (byte*) a.input, (word32) a.inLen), 0);
+    ExpectIntEQ(wc_Md5Final(&md5, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        ret = wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Pass in bad values. */
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_Md5Update(&md5, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_MD5_DIGEST_SIZE;
+    ExpectIntEQ(wc_Md5Update(&md5, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Md5Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Md5Free(&md5);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Md5Update()  */
 
 
@@ -12161,7 +12670,7 @@ static int test_wc_Md5Update(void)
  */
 static int test_wc_Md5Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_MD5
     /* Instantiate */
     wc_Md5 md5;
@@ -12169,59 +12678,27 @@ static int test_wc_Md5Final(void)
     byte hash1[WC_MD5_DIGEST_SIZE];
     byte hash2[2*WC_MD5_DIGEST_SIZE];
     byte hash3[5*WC_MD5_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitMd5(&md5);
-    if (ret != 0)  {
-        flag = ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitMd5(&md5), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test)/sizeof(byte*);
-
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Md5Final(&md5, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        ExpectIntEQ(wc_Md5Final(&md5, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_Md5Final(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Md5Final(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Md5Final(&md5, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Md5Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Md5Final(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Md5Final(&md5, NULL), BAD_FUNC_ARG);
 
     wc_Md5Free(&md5);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*
@@ -12229,32 +12706,18 @@ static int test_wc_Md5Final(void)
  */
 static int test_wc_InitSha(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA
     wc_Sha sha;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha(&sha);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha(&sha), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha(NULL), BAD_FUNC_ARG);
 
     wc_ShaFree(&sha);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha */
 
 /*
@@ -12262,108 +12725,48 @@ static int test_wc_InitSha(void)
  */
 static int test_wc_ShaUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA
     wc_Sha sha;
     byte hash[WC_SHA_DIGEST_SIZE];
     testVector a, b, c;
-    int flag = 0;
-    int ret;
 
-    ret = wc_InitSha(&sha);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha(&sha), 0);
 
     /* Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
 
-        ret = wc_ShaUpdate(&sha, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_ShaUpdate(&sha, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_ShaFinal(&sha, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_ShaUpdate(&sha, NULL, 0), 0);
+    ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
-                    "\x6C\x9C\xD0\xD8\x9D";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_ShaFinal(&sha, hash);
-        if (ret !=0) {
-            flag = ret;
-        }
-    }
+    a.input = "abc";
+    a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+               "\x6C\x9C\xD0\xD8\x9D";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
 
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
 
     /* Try passing in bad values. */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA_DIGEST_SIZE;
-
-        ret = wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_SHA_DIGEST_SIZE;
+    ExpectIntEQ(wc_ShaUpdate(&sha, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ShaUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_ShaFree(&sha);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_ShaUpdate() */
 
 
@@ -12372,66 +12775,34 @@ static int test_wc_ShaUpdate(void)
  */
 static int test_wc_ShaFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA
     wc_Sha sha;
     byte* hash_test[3];
     byte hash1[WC_SHA_DIGEST_SIZE];
     byte hash2[2*WC_SHA_DIGEST_SIZE];
     byte hash3[5*WC_SHA_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
-
-    /*Initialize*/
-    ret = wc_InitSha(&sha);
-    if (ret) {
-        flag =  ret;
-    }
+    int times, i;
 
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    /* Initialize*/
+    ExpectIntEQ(wc_InitSha(&sha), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test)/sizeof(byte*);
-
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_ShaFinal(&sha, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        ExpectIntEQ(wc_ShaFinal(&sha, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_ShaFinal(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_ShaFinal(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_ShaFinal(&sha, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ShaFinal(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ShaFinal(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ShaFinal(&sha, NULL), BAD_FUNC_ARG);
 
     wc_ShaFree(&sha);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ShaFinal */
 
 
@@ -12440,31 +12811,18 @@ static int test_wc_ShaFinal(void)
  */
 static int test_wc_InitSha256(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256 sha256;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha256(&sha256);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha256(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha256(NULL), BAD_FUNC_ARG);
 
     wc_Sha256Free(&sha256);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha256 */
 
 
@@ -12473,109 +12831,53 @@ static int test_wc_InitSha256(void)
  */
 static int test_wc_Sha256Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256 sha256;
     byte hash[WC_SHA256_DIGEST_SIZE];
+    byte hash_unaligned[WC_SHA256_DIGEST_SIZE+1];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha256(&sha256);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
 
     /*  Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha256Update(&sha256, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha256Update(&sha256, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256Final(&sha256, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha256Update(&sha256, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
-                    "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
-                    "\x15\xAD";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256Final(&sha256, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "abc";
+    a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+               "\x15\xAD";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha256Final(&sha256, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Unaligned check. */
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)a.input+1, (word32)a.inLen-1),
+        0);
+    ExpectIntEQ(wc_Sha256Final(&sha256, hash_unaligned + 1), 0);
 
     /* Try passing in bad values */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA256_DIGEST_SIZE;
-
-        ret = wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_SHA256_DIGEST_SIZE;
+    ExpectIntEQ(wc_Sha256Update(&sha256, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Sha256Free(&sha256);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256Update */
 
 
@@ -12584,74 +12886,41 @@ static int test_wc_Sha256Update(void)
  */
 static int test_wc_Sha256Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256 sha256;
     byte* hash_test[3];
     byte hash1[WC_SHA256_DIGEST_SIZE];
     byte hash2[2*WC_SHA256_DIGEST_SIZE];
     byte hash3[5*WC_SHA256_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha256(&sha256);
-    if (ret != 0) {
-        flag =  ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha256Final(&sha256, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        ExpectIntEQ(wc_Sha256Final(&sha256, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag ) {
-        ret = wc_Sha256Final(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256Final(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256Final(&sha256, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha256Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Final(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Final(&sha256, NULL), BAD_FUNC_ARG);
 
     wc_Sha256Free(&sha256);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256Final */
 /*
  * Unit test function for wc_Sha256FinalRaw()
  */
 static int test_wc_Sha256FinalRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_SHA256) && !defined(HAVE_SELFTEST) && !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
     !defined(WOLFSSL_NO_HASH_RAW)
@@ -12660,59 +12929,27 @@ static int test_wc_Sha256FinalRaw(void)
     byte hash1[WC_SHA256_DIGEST_SIZE];
     byte hash2[2*WC_SHA256_DIGEST_SIZE];
     byte hash3[5*WC_SHA256_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha256(&sha256);
-    if (ret != 0) {
-        flag =  ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha256FinalRaw(&sha256, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        ExpectIntEQ(wc_Sha256FinalRaw(&sha256, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_Sha256FinalRaw(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256FinalRaw(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha256FinalRaw(&sha256, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha256FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256FinalRaw(&sha256, NULL), BAD_FUNC_ARG);
 
     wc_Sha256Free(&sha256);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha256FinalRaw */
 /*
@@ -12720,28 +12957,20 @@ static int test_wc_Sha256FinalRaw(void)
  */
 static int test_wc_Sha256GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_SHA256) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha256 sha256;
     word32 flags = 0;
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha256(&sha256);
-    if (flag == 0) {
-        flag = wc_Sha256GetFlags(&sha256, &flags);
-    }
-    if (flag == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
 
-    wc_Sha256Free(&sha256);
+    ExpectIntEQ(wc_Sha256GetFlags(&sha256, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha256Free(&sha256);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha256GetFlags */
 /*
@@ -12749,136 +12978,84 @@ static int test_wc_Sha256GetFlags(void)
  */
 static int test_wc_Sha256Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256Free */
 /*
  * Unit test function for wc_Sha256GetHash()
  */
 static int test_wc_Sha256GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256 sha256;
     byte hash1[WC_SHA256_DIGEST_SIZE];
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha256(&sha256);
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
 
-    if (flag == 0) {
-        flag = wc_Sha256GetHash(&sha256, hash1);
-    }
-    /*test bad arguments*/
-    if (flag == 0) {
-        flag = wc_Sha256GetHash(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
-    if (flag == 0) {
-        flag = wc_Sha256GetHash(NULL, hash1);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
-    if (flag == 0) {
-        flag = wc_Sha256GetHash(&sha256, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_Sha256GetHash(&sha256, hash1), 0);
 
-    wc_Sha256Free(&sha256);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha256GetHash(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256GetHash(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256GetHash(&sha256, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha256Free(&sha256);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256GetHash */
 /*
  * Unit test function for wc_Sha256Copy()
  */
 static int test_wc_Sha256Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_SHA256
     wc_Sha256 sha256;
     wc_Sha256 temp;
-    int flag = 0;
+
+    XMEMSET(&sha256, 0, sizeof(sha256));
+    XMEMSET(&temp, 0, sizeof(temp));
 
     /* Initialize */
-    flag = wc_InitSha256(&sha256);
-    if (flag == 0) {
-        flag = wc_InitSha256(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha256Copy(&sha256, &temp);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha256Copy(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha256Copy(NULL, &temp);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha256Copy(&sha256, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha256(&sha256), 0);
+    ExpectIntEQ(wc_InitSha256(&temp), 0);
+
+    ExpectIntEQ(wc_Sha256Copy(&sha256, &temp), 0);
+
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha256Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Copy(&sha256, NULL), BAD_FUNC_ARG);
 
     wc_Sha256Free(&sha256);
     wc_Sha256Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256Copy */
 /*
  * Testing wc_InitSha512()
  */
 static int test_wc_InitSha512(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha512(&sha512);
-    if (ret != 0) {
-        flag  = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha512(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha512(NULL), BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha512 */
 
 
@@ -12887,115 +13064,63 @@ static int test_wc_InitSha512(void)
  */
 static int test_wc_Sha512Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
     byte hash[WC_SHA512_DIGEST_SIZE];
+    byte hash_unaligned[WC_SHA512_DIGEST_SIZE + 1];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha512(&sha512);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
 
     /* Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha512Update(&sha512, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512Update(&sha512,(byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha512Update(&sha512, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha512Update(&sha512,(byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
-                    "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
-                    "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
-                    "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
-                    "\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "abc";
+    a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+               "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b"
+               "\x55\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c"
+               "\x23\xa3\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a"
+               "\x9a\xc9\x4f\xa5\x4c\xa4\x9f";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha512Update(&sha512, (byte*) a.input, (word32) a.inLen), 0);
+    ExpectIntEQ(wc_Sha512Final(&sha512, hash), 0);
 
-    if (!flag) {
-        ret = wc_Sha512Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA512_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Unaligned check. */
+    ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)a.input+1, (word32)a.inLen-1),
+        0);
+    ExpectIntEQ(wc_Sha512Final(&sha512, hash_unaligned+1), 0);
 
     /* Try passing in bad values */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA512_DIGEST_SIZE;
-
-        ret = wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_SHA512_DIGEST_SIZE;
+    ExpectIntEQ(wc_Sha512Update(&sha512, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha512Update  */
 
 #ifdef WOLFSSL_SHA512
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
         (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
-/* Perfoms test for
+/* Performs test for
  * - wc_Sha512Final/wc_Sha512FinalRaw
  * - wc_Sha512_224Final/wc_Sha512_224Final
  * - wc_Sha512_256Final/wc_Sha512_256Final
@@ -13007,12 +13132,13 @@ static int test_wc_Sha512Update(void)
  */
 static int test_Sha512_Family_Final(int type, int isRaw)
 {
+    EXPECT_DECLS;
     wc_Sha512 sha512;
     byte* hash_test[3];
     byte hash1[WC_SHA512_DIGEST_SIZE];
     byte hash2[2*WC_SHA512_DIGEST_SIZE];
     byte hash3[5*WC_SHA512_DIGEST_SIZE];
-    int times, i, ret;
+    int times, i;
 
     int(*initFp)(wc_Sha512*);
     int(*finalFp)(wc_Sha512*, byte*);
@@ -13056,41 +13182,25 @@ static int test_Sha512_Family_Final(int type, int isRaw)
         return TEST_FAIL;
 
     /* Initialize  */
-    ret = initFp(&sha512);
-
-    if (!ret) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(initFp(&sha512), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte *);
 
     /* Good test args. */
-    for (i = 0; i < times && ret == 0; i++) {
-        ret = finalFp(&sha512, hash_test[i]);
+    for (i = 0; i < times; i++) {
+        ExpectIntEQ(finalFp(&sha512, hash_test[i]), 0);
     }
     /* Test bad args. */
-    if (!ret) {
-        if (finalFp(NULL, NULL) != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (!ret) {
-        if (finalFp(NULL, hash1) != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!ret) {
-        if (finalFp(&sha512, NULL) != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(finalFp(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(finalFp(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(finalFp(&sha512, NULL), BAD_FUNC_ARG);
 
     freeFp(&sha512);
 
-    return ret;
+    return EXPECT_RESULT();
 }
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
                         (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
@@ -13100,100 +13210,61 @@ static int test_Sha512_Family_Final(int type, int isRaw)
  */
 static int test_wc_Sha512Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
     byte* hash_test[3];
     byte hash1[WC_SHA512_DIGEST_SIZE];
     byte hash2[2*WC_SHA512_DIGEST_SIZE];
     byte hash3[5*WC_SHA512_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize  */
-    ret = wc_InitSha512(&sha512);
-    if (ret != 0) {
-        flag =  ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte *);
-
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha512Final(&sha512, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
-    /* Test bad args. */
-    if (!flag) {
-        ret = wc_Sha512Final(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+         ExpectIntEQ(wc_Sha512Final(&sha512, hash_test[i]), 0);
     }
 
-    if (!flag) {
-        ret = wc_Sha512Final(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512Final(&sha512, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_Sha512Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Final(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Final(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512Final */
 /*
  * Unit test function for wc_Sha512GetFlags()
  */
 static int test_wc_Sha512GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA512) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha512 sha512;
     word32 flags = 0;
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha512(&sha512);
-    if (flag == 0) {
-        flag = wc_Sha512GetFlags(&sha512, &flags);
-    }
-    if (flag == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
 
-    wc_Sha512Free(&sha512);
+    ExpectIntEQ(wc_Sha512GetFlags(&sha512, &flags), 0);
+    ExpectIntEQ((flags & WC_HASH_FLAG_ISCOPY), 0);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha512Free(&sha512);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512GetFlags */
 /*
  * Unit test function for wc_Sha512FinalRaw()
  */
 static int test_wc_Sha512FinalRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(WOLFSSL_SHA512) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
     !defined(WOLFSSL_NO_HASH_RAW)
@@ -13202,60 +13273,28 @@ static int test_wc_Sha512FinalRaw(void)
     byte hash1[WC_SHA512_DIGEST_SIZE];
     byte hash2[2*WC_SHA512_DIGEST_SIZE];
     byte hash3[5*WC_SHA512_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha512(&sha512);
-    if (ret != 0) {
-        flag =  ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     /* Good test args. */
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha512FinalRaw(&sha512, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+         ExpectIntEQ(wc_Sha512FinalRaw(&sha512, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag ) {
-        ret = wc_Sha512FinalRaw(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512FinalRaw(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512FinalRaw(&sha512, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha512FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512FinalRaw(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512FinalRaw */
 
 /*
@@ -13263,13 +13302,13 @@ static int test_wc_Sha512FinalRaw(void)
  */
 static int test_wc_Sha512Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512Free */
 #ifdef WOLFSSL_SHA512
 
@@ -13277,7 +13316,7 @@ static int test_wc_Sha512Free(void)
         (!defined(WOLFSSL_NOSHA512_224) || !defined(WOLFSSL_NOSHA512_256))
 static int test_Sha512_Family_GetHash(int type )
 {
-    int flag = 0;
+    EXPECT_DECLS;
     int(*initFp)(wc_Sha512*);
     int(*ghashFp)(wc_Sha512*, byte*);
     wc_Sha512 sha512;
@@ -13309,32 +13348,16 @@ static int test_Sha512_Family_GetHash(int type )
     if (initFp == NULL || ghashFp == NULL)
         return TEST_FAIL;
 
-    if (!flag) {
-        flag = initFp(&sha512);
-    }
-
-    if (!flag) {
-        flag = ghashFp(&sha512, hash1);
-    }
+    ExpectIntEQ(initFp(&sha512), 0);
+    ExpectIntEQ(ghashFp(&sha512, hash1), 0);
 
-    /*test bad arguments*/
-     if (!flag) {
-        if (ghashFp(NULL, NULL) != BAD_FUNC_ARG )
-            flag = WOLFSSL_FATAL_ERROR;
-     }
-
-     if (!flag) {
-        if (ghashFp(NULL, hash1) != BAD_FUNC_ARG )
-            flag = WOLFSSL_FATAL_ERROR;
-     }
-
-     if (!flag) {
-        if (ghashFp(&sha512, NULL) != BAD_FUNC_ARG )
-            flag = WOLFSSL_FATAL_ERROR;
-    }
+    /* test bad arguments*/
+    ExpectIntEQ(ghashFp(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(ghashFp(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(ghashFp(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
-    return flag;
+    return EXPECT_RESULT();
 }
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST &&
                         (!WOLFSSL_NOSHA512_224 || !WOLFSSL_NOSHA512_256) */
@@ -13344,43 +13367,24 @@ static int test_Sha512_Family_GetHash(int type )
  */
 static int test_wc_Sha512GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
     byte hash1[WC_SHA512_DIGEST_SIZE];
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha512(&sha512);
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
 
-    if (flag == 0) {
-        flag = wc_Sha512GetHash(&sha512, hash1);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha512GetHash(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha512GetHash(NULL, hash1);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha512GetHash(&sha512, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_Sha512GetHash(&sha512, hash1), 0);
 
-    wc_Sha512Free(&sha512);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha512GetHash(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512GetHash(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512GetHash(&sha512, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha512Free(&sha512);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512GetHash */
 
 /*
@@ -13388,552 +13392,365 @@ static int test_wc_Sha512GetHash(void)
  */
 static int test_wc_Sha512Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
     wc_Sha512 temp;
-    int flag;
+
+    XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+    XMEMSET(&temp, 0, sizeof(wc_Sha512));
 
     /* Initialize */
-    flag = wc_InitSha512(&sha512);
-    if (flag == 0) {
-        flag = wc_InitSha512(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha512Copy(&sha512, &temp);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha512Copy(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha512Copy(NULL, &temp);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha512Copy(&sha512, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha512(&sha512), 0);
+    ExpectIntEQ(wc_InitSha512(&temp), 0);
+
+    ExpectIntEQ(wc_Sha512Copy(&sha512, &temp), 0);
+
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha512Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Copy(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512Free(&sha512);
     wc_Sha512Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha512Copy */
 
 static int test_wc_InitSha512_224(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
     wc_Sha512 sha512;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha512_224(&sha512);
-    if (ret != 0) {
-        flag  = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha512_224(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha512_224(NULL), BAD_FUNC_ARG);
 
     wc_Sha512_224Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
     wc_Sha512 sha512;
     byte hash[WC_SHA512_DIGEST_SIZE];
     testVector a, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha512_224(&sha512);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
 
     /* Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha512_224Update(&sha512, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_224Update(&sha512,(byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_224Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha512_224Update(&sha512, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha512_224Update(&sha512,(byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)a.input, (word32)a.inLen),
+        0);
+    ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08"
-                   "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa";
-
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512_224Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA512_224_DIGEST_SIZE;
-
-        ret = wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\x46\x34\x27\x0f\x70\x7b\x6a\x54\xda\xae\x75\x30\x46\x08"
+               "\x42\xe2\x0e\x37\xed\x26\x5c\xee\xe9\xa4\x3e\x89\x24\xaa";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*) a.input, (word32) a.inLen),
+        0);
+    ExpectIntEQ(wc_Sha512_224Final(&sha512, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_224_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        ret = wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    c.input = NULL;
+    c.inLen = WC_SHA512_224_DIGEST_SIZE;
+    ExpectIntEQ(wc_Sha512_224Update(&sha512, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_224Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Sha512_224Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
-    int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 0),
+        TEST_SUCCESS);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_224 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224) && defined(WOLFSSL_HASH_FLAGS)
-    wc_Sha512 sha512, copy;
+    wc_Sha512 sha512;
+    wc_Sha512 copy;
     word32 flags = 0;
-    int flag = 0;
+
+    XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+    XMEMSET(&copy, 0, sizeof(wc_Sha512));
 
     /* Initialize */
-    flag = wc_InitSha512_224(&sha512);
-    if (!flag) {
-        flag = wc_InitSha512_224(&copy);
-    }
-    if (!flag) {
-        flag = wc_Sha512_224Copy(&sha512, &copy);
-    }
-    if (!flag) {
-        flag = wc_Sha512_224GetFlags(&copy, &flags);
-    }
-    if (!flag) {
-        if (flags & WC_HASH_FLAG_ISCOPY)
-            flag = 0;
-        else
-            flag = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
+    ExpectIntEQ(wc_InitSha512_224(&copy), 0);
+
+    ExpectIntEQ(wc_Sha512_224GetFlags(&sha512, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+
+    ExpectIntEQ(wc_Sha512_224Copy(&sha512, &copy), 0);
+    ExpectIntEQ(wc_Sha512_224GetFlags(&copy, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
+
     wc_Sha512_224Free(&copy);
     wc_Sha512_224Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224FinalRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
     defined(WOLFSSL_SHA512) &&  !defined(WOLFSSL_NOSHA512_224) && \
     !defined(WOLFSSL_NO_HASH_RAW)
-    int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_224, 1),
+        TEST_SUCCESS);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
     wc_Sha512_224Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_224GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
-    int ret = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_224),
+        TEST_SUCCESS);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wc_Sha512_224Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_224)
     wc_Sha512 sha512;
     wc_Sha512 temp;
-    int flag = 0;
+
+    XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+    XMEMSET(&temp, 0, sizeof(wc_Sha512));
 
     /* Initialize */
-    flag = wc_InitSha512_224(&sha512);
-    if (flag == 0) {
-        flag = wc_InitSha512_224(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha512_224Copy(&sha512, &temp);
-    }
-    /*test bad arguments*/
-    if (flag == 0) {
-        if (wc_Sha512_224Copy(NULL, NULL) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-    }
-    if (flag == 0) {
-        if (wc_Sha512_224Copy(NULL, &temp) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-    }
-    if (flag == 0) {
-        if (wc_Sha512_224Copy(&sha512, NULL) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitSha512_224(&sha512), 0);
+    ExpectIntEQ(wc_InitSha512_224(&temp), 0);
+
+    ExpectIntEQ(wc_Sha512_224Copy(&sha512, &temp), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha512_224Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_224Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_224Copy(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512_224Free(&sha512);
     wc_Sha512_224Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_InitSha512_256(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
     wc_Sha512 sha512;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha512_256(&sha512);
-    if (ret != 0) {
-        flag  = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha512_256(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha512_256(NULL), BAD_FUNC_ARG);
 
     wc_Sha512_256Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
     wc_Sha512 sha512;
     byte hash[WC_SHA512_DIGEST_SIZE];
     testVector a, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha512_256(&sha512);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
 
     /* Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha512_256Update(&sha512, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_256Update(&sha512,(byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha512_256Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha512_256Update(&sha512, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha512_256Update(&sha512,(byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)a.input, (word32)a.inLen),
+        0);
+    ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c"
-                   "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31"
-                   "\x07\xe7\xaf\x23";
-
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha512_256Final(&sha512, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA512_256_DIGEST_SIZE;
-
-        ret = wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\x53\x04\x8e\x26\x81\x94\x1e\xf9\x9b\x2e\x29\xb7\x6b\x4c"
+               "\x7d\xab\xe4\xc2\xd0\xc6\x34\xfc\x6d\x46\xe0\xe2\xf1\x31"
+               "\x07\xe7\xaf\x23";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*) a.input, (word32) a.inLen),
+        0);
+    ExpectIntEQ(wc_Sha512_256Final(&sha512, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA512_256_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        ret = wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    c.input = NULL;
+    c.inLen = WC_SHA512_256_DIGEST_SIZE;
+    ExpectIntEQ(wc_Sha512_256Update(&sha512, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_256Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Sha512_256Free(&sha512);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
-    int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 0),
+        TEST_SUCCESS);
 #endif /* WOLFSSL_SHA512 && !WOLFSSL_NOSHA512_256 */
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha512 sha512, copy;
     word32 flags = 0;
-    int flag = 0;
+
+    XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+    XMEMSET(&copy, 0, sizeof(wc_Sha512));
 
     /* Initialize */
-    flag = wc_InitSha512_256(&sha512);
-    if (!flag ) {
-        flag = wc_InitSha512_256(&copy);
-    }
-    if (!flag ) {
-        flag = wc_Sha512_256Copy(&sha512, &copy);
-    }
-    if (!flag ) {
-        flag = wc_Sha512_256GetFlags(&copy, &flags);
-    }
-    if (!flag) {
-        if (flags & WC_HASH_FLAG_ISCOPY)
-            flag = 0;
-        else
-            flag = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
+    ExpectIntEQ(wc_InitSha512_256(&copy), 0);
 
-    wc_Sha512_256Free(&sha512);
+    ExpectIntEQ(wc_Sha512_256GetFlags(&sha512, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
 
-    res = TEST_RES_CHECK(flag == 0);
+    ExpectIntEQ(wc_Sha512_256Copy(&sha512, &copy), 0);
+    ExpectIntEQ(wc_Sha512_256GetFlags(&copy, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == WC_HASH_FLAG_ISCOPY);
+
+    wc_Sha512_256Free(&sha512);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256FinalRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && \
     defined(WOLFSSL_SHA512) &&  !defined(WOLFSSL_NOSHA512_256) && \
     !defined(WOLFSSL_NO_HASH_RAW)
-    int ret = test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_Final(WC_HASH_TYPE_SHA512_256, 1),
+        TEST_SUCCESS);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
     wc_Sha512_256Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Sha512_256GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
-    int ret = test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(test_Sha512_Family_GetHash(WC_HASH_TYPE_SHA512_256),
+        TEST_SUCCESS);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 
 }
 static int test_wc_Sha512_256Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
 #if defined(WOLFSSL_SHA512) && !defined(WOLFSSL_NOSHA512_256)
     wc_Sha512 sha512;
     wc_Sha512 temp;
-    int flag = 0;
+
+    XMEMSET(&sha512, 0, sizeof(wc_Sha512));
+    XMEMSET(&temp, 0, sizeof(wc_Sha512));
 
     /* Initialize */
-    flag = wc_InitSha512_256(&sha512);
-    if (flag == 0) {
-        flag = wc_InitSha512_256(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha512_256Copy(&sha512, &temp);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        if (wc_Sha512_256Copy(NULL, NULL) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-     }
-     if (flag == 0) {
-        if (wc_Sha512_256Copy(NULL, &temp) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-     }
-     if (flag == 0) {
-        if (wc_Sha512_256Copy(&sha512, NULL) != BAD_FUNC_ARG)
-            flag = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitSha512_256(&sha512), 0);
+    ExpectIntEQ(wc_InitSha512_256(&temp), 0);
+
+    ExpectIntEQ(wc_Sha512_256Copy(&sha512, &temp), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha512_256Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_256Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_256Copy(&sha512, NULL), BAD_FUNC_ARG);
 
     wc_Sha512_256Free(&sha512);
     wc_Sha512_256Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
 #endif /* !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -13943,31 +13760,18 @@ static int test_wc_Sha512_256Copy(void)
  */
 static int test_wc_InitSha384(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384 sha384;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha384(&sha384);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha384(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha384(NULL), BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha384 */
 
 
@@ -13976,109 +13780,48 @@ static int test_wc_InitSha384(void)
  */
 static int test_wc_Sha384Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384 sha384;
     byte hash[WC_SHA384_DIGEST_SIZE];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha384(&sha384);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
 
     /* Input */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha384Update(&sha384, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha384Update(&sha384, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384Final(&sha384, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha384Update(&sha384, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
-                   "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
-                   "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
-                   "\xc8\x25\xa7";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384Final(&sha384, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+               "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+               "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+               "\xc8\x25\xa7";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha384Final(&sha384, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
 
     /* Pass in bad values. */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA384_DIGEST_SIZE;
-
-        ret = wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_Sha384Update(&sha384, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_SHA384_DIGEST_SIZE;
+    ExpectIntEQ( wc_Sha384Update(&sha384, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384Update(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384Update */
 
 /*
@@ -14086,96 +13829,54 @@ static int test_wc_Sha384Update(void)
  */
 static int test_wc_Sha384Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384 sha384;
     byte* hash_test[3];
     byte hash1[WC_SHA384_DIGEST_SIZE];
     byte hash2[2*WC_SHA384_DIGEST_SIZE];
     byte hash3[5*WC_SHA384_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha384(&sha384);
-    if (ret) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     /* Good test args. */
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha384Final(&sha384, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+         ExpectIntEQ(wc_Sha384Final(&sha384, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_Sha384Final(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384Final(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384Final(&sha384, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha384Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384Final(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384Final(&sha384, NULL), BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384Final */
 /*
  * Unit test function for wc_Sha384GetFlags()
  */
 static int test_wc_Sha384GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA384) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha384 sha384;
     word32 flags = 0;
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha384(&sha384);
-    if (flag == 0) {
-        flag = wc_Sha384GetFlags(&sha384, &flags);
-    }
-    if (flag == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
+    ExpectIntEQ(wc_Sha384GetFlags(&sha384, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha384GetFlags */
 /*
@@ -14183,7 +13884,7 @@ static int test_wc_Sha384GetFlags(void)
  */
 static int test_wc_Sha384FinalRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(WOLFSSL_SHA384) && !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3)))) && \
     !defined(WOLFSSL_NO_HASH_RAW)
@@ -14192,74 +13893,41 @@ static int test_wc_Sha384FinalRaw(void)
     byte hash1[WC_SHA384_DIGEST_SIZE];
     byte hash2[2*WC_SHA384_DIGEST_SIZE];
     byte hash3[5*WC_SHA384_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha384(&sha384);
-    if (ret != 0) {
-        flag =  ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     /* Good test args. */
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha384FinalRaw(&sha384, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+         ExpectIntEQ(wc_Sha384FinalRaw(&sha384, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag ) {
-        ret = wc_Sha384FinalRaw(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384FinalRaw(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha384FinalRaw(&sha384, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha384FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384FinalRaw(&sha384, NULL), BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384FinalRaw */
 /*
  * Unit test function for wc_Sha384Free()
  */
 static int test_wc_Sha384Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha384Free */
 /*
@@ -14267,91 +13935,51 @@ static int test_wc_Sha384Free(void)
  */
 static int test_wc_Sha384GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384 sha384;
     byte hash1[WC_SHA384_DIGEST_SIZE];
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha384(&sha384);
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
 
-    if (flag == 0) {
-        flag = wc_Sha384GetHash(&sha384, hash1);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha384GetHash(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha384GetHash(NULL, hash1);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha384GetHash(&sha384, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_Sha384GetHash(&sha384, hash1), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha384GetHash(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384GetHash(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384GetHash(&sha384, NULL), BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384GetHash */
 /*
  * Unit test function for wc_Sha384Copy()
  */
 static int test_wc_Sha384Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA384
     wc_Sha384 sha384;
     wc_Sha384 temp;
-    int flag = 0;
+
+    XMEMSET(&sha384, 0, sizeof(wc_Sha384));
+    XMEMSET(&temp, 0, sizeof(wc_Sha384));
 
     /* Initialize */
-    flag = wc_InitSha384(&sha384);
-    if (flag == 0) {
-        flag = wc_InitSha384(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha384Copy(&sha384, &temp);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha384Copy(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha384Copy(NULL, &temp);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha384Copy(&sha384, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha384(&sha384), 0);
+    ExpectIntEQ(wc_InitSha384(&temp), 0);
+
+    ExpectIntEQ(wc_Sha384Copy(&sha384, &temp), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha384Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha384Copy(&sha384, NULL), BAD_FUNC_ARG);
 
     wc_Sha384Free(&sha384);
     wc_Sha384Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384Copy */
 
 /*
@@ -14359,31 +13987,18 @@ static int test_wc_Sha384Copy(void)
  */
 static int test_wc_InitSha224(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224 sha224;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitSha224(&sha224);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitSha224(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitSha224(NULL), BAD_FUNC_ARG);
 
     wc_Sha224Free(&sha224);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha224 */
 
 /*
@@ -14391,108 +14006,46 @@ static int test_wc_InitSha224(void)
  */
 static int test_wc_Sha224Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224 sha224;
     byte hash[WC_SHA224_DIGEST_SIZE];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitSha224(&sha224);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
 
     /* Input. */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_Sha224Update(&sha224, NULL, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha224Update(&sha224, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-
-        ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha224Final(&sha224, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_Sha224Update(&sha224, NULL, 0), 0);
+    ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, 0), 0);
+    ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
-                    "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha224Final(&sha224, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    /* Pass  in bad values. */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = WC_SHA224_DIGEST_SIZE;
-
-        ret = wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2"
+               "\x55\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_Sha224Final(&sha224, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
 
-    if (!flag) {
-        ret = wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Pass in bad values. */
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = WC_SHA224_DIGEST_SIZE;
+    ExpectIntEQ(wc_Sha224Update(&sha224, (byte*)c.input, (word32)c.inLen),
+       BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224Update(NULL, (byte*)a.input, (word32)a.inLen),
+       BAD_FUNC_ARG);
 
     wc_Sha224Free(&sha224);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224Update */
 
 /*
@@ -14500,68 +14053,36 @@ static int test_wc_Sha224Update(void)
  */
 static int test_wc_Sha224Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224 sha224;
     byte* hash_test[3];
     byte hash1[WC_SHA224_DIGEST_SIZE];
     byte hash2[2*WC_SHA224_DIGEST_SIZE];
     byte hash3[5*WC_SHA224_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitSha224(&sha224);
-    if (ret) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     /* Good test args. */
     /* Testing oversized buffers. */
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_Sha224Final(&sha224, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        ExpectIntEQ(wc_Sha224Final(&sha224, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_Sha224Final(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha224Final(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_Sha224Final(&sha224, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha224Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224Final(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224Final(&sha224, NULL), BAD_FUNC_ARG);
 
     wc_Sha224Free(&sha224);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224Final */
 
 /*
@@ -14569,28 +14090,22 @@ static int test_wc_Sha224Final(void)
  */
 static int test_wc_Sha224SetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha224 sha224;
-    word32 flags = 0;
-    int flag = 0;
+    word32 flags = WC_HASH_FLAG_WILLCOPY;
 
     /* Initialize */
-    flag = wc_InitSha224(&sha224);
-    if (flag == 0) {
-        flag = wc_Sha224SetFlags(&sha224, flags);
-    }
-    if (flag == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
 
-    wc_Sha224Free(&sha224);
+    ExpectIntEQ(wc_Sha224SetFlags(&sha224, flags), 0);
+    flags = 0;
+    ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
+    ExpectTrue(flags == WC_HASH_FLAG_WILLCOPY);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha224Free(&sha224);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224SetFlags */
 
 /*
@@ -14598,42 +14113,33 @@ static int test_wc_Sha224SetFlags(void)
  */
 static int test_wc_Sha224GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA224) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha224 sha224;
     word32 flags = 0;
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha224(&sha224);
-    if (flag == 0) {
-        flag = wc_Sha224GetFlags(&sha224, &flags);
-    }
-    if (flag == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
 
-    wc_Sha224Free(&sha224);
+    ExpectIntEQ(wc_Sha224GetFlags(&sha224, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
 
-    res = TEST_RES_CHECK(flag == 0);
+    wc_Sha224Free(&sha224);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224GetFlags */
 /*
  * Unit test function for wc_Sha224Free()
  */
 static int test_wc_Sha224Free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224Free(NULL);
-
-    res = TEST_RES_CHECK(1);
+    /* Set result to SUCCESS. */
+    ExpectTrue(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Sha224Free */
 
@@ -14642,43 +14148,23 @@ static int test_wc_Sha224Free(void)
  */
 static int test_wc_Sha224GetHash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224 sha224;
     byte hash1[WC_SHA224_DIGEST_SIZE];
-    int flag = 0;
 
     /* Initialize */
-    flag = wc_InitSha224(&sha224);
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
 
-    if (flag == 0) {
-        flag = wc_Sha224GetHash(&sha224, hash1);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha224GetHash(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha224GetHash(NULL, hash1);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha224GetHash(&sha224, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_Sha224GetHash(&sha224, hash1), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha224GetHash(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224GetHash(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224GetHash(&sha224, NULL), BAD_FUNC_ARG);
 
     wc_Sha224Free(&sha224);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224GetHash */
 
 /*
@@ -14686,47 +14172,28 @@ static int test_wc_Sha224GetHash(void)
  */
 static int test_wc_Sha224Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHA224
     wc_Sha224 sha224;
     wc_Sha224 temp;
-    int flag = 0;
+
+    XMEMSET(&sha224, 0, sizeof(wc_Sha224));
+    XMEMSET(&temp, 0, sizeof(wc_Sha224));
 
     /* Initialize */
-    flag = wc_InitSha224(&sha224);
-    if (flag == 0) {
-        flag = wc_InitSha224(&temp);
-    }
-    if (flag == 0) {
-        flag = wc_Sha224Copy(&sha224, &temp);
-    }
-    /*test bad arguments*/
-     if (flag == 0) {
-        flag = wc_Sha224Copy(NULL, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha224Copy(NULL, &temp);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-     }
-     if (flag == 0) {
-        flag = wc_Sha224Copy(&sha224, NULL);
-        if (flag == BAD_FUNC_ARG) {
-            flag = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha224(&sha224), 0);
+    ExpectIntEQ(wc_InitSha224(&temp), 0);
 
+    ExpectIntEQ(wc_Sha224Copy(&sha224, &temp), 0);
+    /* test bad arguments*/
+    ExpectIntEQ(wc_Sha224Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224Copy(NULL, &temp), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha224Copy(&sha224, NULL), BAD_FUNC_ARG);
 
     wc_Sha224Free(&sha224);
     wc_Sha224Free(&temp);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224Copy */
 
 
@@ -14735,29 +14202,16 @@ static int test_wc_Sha224Copy(void)
  */
 static int test_wc_InitRipeMd(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_RIPEMD
     RipeMd ripemd;
-    int ret;
-    int flag = 0;
 
     /* Test good arg. */
-    ret = wc_InitRipeMd(&ripemd);
-    if (ret != 0) {
-        flag = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
     /* Test bad arg. */
-    if (!flag) {
-        ret = wc_InitRipeMd(NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    res = TEST_RES_CHECK(flag == 0);
+    ExpectIntEQ(wc_InitRipeMd(NULL), BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_InitRipeMd */
 
@@ -14766,96 +14220,42 @@ static int test_wc_InitRipeMd(void)
  */
 static int test_wc_RipeMdUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_RIPEMD
     RipeMd ripemd;
     byte hash[RIPEMD_DIGEST_SIZE];
     testVector a, b, c;
-    int ret;
-    int flag = 0;
 
-    ret = wc_InitRipeMd(&ripemd);
-    if (ret != 0) {
-        flag = ret;
-    }
+    ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
 
     /* Input */
-    if (!flag) {
-        a.input = "a";
-        a.inLen = XSTRLEN(a.input);
-
-        ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_RipeMdFinal(&ripemd, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    a.input = "a";
+    a.inLen = XSTRLEN(a.input);
+    ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
 
     /* Update input. */
-    if (!flag) {
-        a.input = "abc";
-        a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
-                   "\xb0\x87\xf1\x5a\x0b\xfc";
-        a.inLen = XSTRLEN(a.input);
-        a.outLen = XSTRLEN(a.output);
-
-        ret = wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_RipeMdFinal(&ripemd, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    a.input = "abc";
+    a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+               "\xb0\x87\xf1\x5a\x0b\xfc";
+    a.inLen = XSTRLEN(a.input);
+    a.outLen = XSTRLEN(a.output);
+    ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, RIPEMD_DIGEST_SIZE), 0);
 
     /* Pass in bad values. */
-    if (!flag) {
-        b.input = NULL;
-        b.inLen = 0;
-
-        ret = wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        c.input = NULL;
-        c.inLen = RIPEMD_DIGEST_SIZE;
-
-        ret = wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    res = TEST_RES_CHECK(flag == 0);
+    b.input = NULL;
+    b.inLen = 0;
+    ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)b.input, (word32)b.inLen), 0);
+    c.input = NULL;
+    c.inLen = RIPEMD_DIGEST_SIZE;
+    ExpectIntEQ(wc_RipeMdUpdate(&ripemd, (byte*)c.input, (word32)c.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RipeMdUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_RipeMdUdpate */
 
 /*
@@ -14863,65 +14263,33 @@ static int test_wc_RipeMdUpdate(void)
  */
 static int test_wc_RipeMdFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_RIPEMD
     RipeMd ripemd;
     byte* hash_test[3];
     byte hash1[RIPEMD_DIGEST_SIZE];
     byte hash2[2*RIPEMD_DIGEST_SIZE];
     byte hash3[5*RIPEMD_DIGEST_SIZE];
-    int times, i, ret;
-    int flag = 0;
+    int times, i;
 
     /* Initialize */
-    ret = wc_InitRipeMd(&ripemd);
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        hash_test[0] = hash1;
-        hash_test[1] = hash2;
-        hash_test[2] = hash3;
-    }
+    ExpectIntEQ(wc_InitRipeMd(&ripemd), 0);
 
+    hash_test[0] = hash1;
+    hash_test[1] = hash2;
+    hash_test[2] = hash3;
     times = sizeof(hash_test) / sizeof(byte*);
-
     /* Testing oversized buffers. */
     for (i = 0; i < times; i++) {
-        if (!flag) {
-            ret = wc_RipeMdFinal(&ripemd, hash_test[i]);
-            if (ret != 0) {
-                flag = WOLFSSL_FATAL_ERROR;
-            }
-        }
+         ExpectIntEQ(wc_RipeMdFinal(&ripemd, hash_test[i]), 0);
     }
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_RipeMdFinal(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_RipeMdFinal(NULL, hash1);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_RipeMdFinal(&ripemd, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    res = TEST_RES_CHECK(flag == 0);
+    ExpectIntEQ(wc_RipeMdFinal(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RipeMdFinal(NULL, hash1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RipeMdFinal(&ripemd, NULL), BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_RipeMdFinal */
 
 
@@ -14931,81 +14299,38 @@ static int test_wc_RipeMdFinal(void)
  */
 static int test_wc_InitSha3(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3)
     wc_Sha3 sha3;
-    int     ret = 0;
 
     (void)sha3;
 
-    #if !defined(WOLFSSL_NOSHA3_224)
-        ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_InitSha3_224(NULL, HEAP_HINT, testDevId);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        wc_Sha3_224_Free(&sha3);
-    #endif /* NOSHA3_224 */
-    #if !defined(WOLFSSL_NOSHA3_256)
-        if (ret == 0) {
-            ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
-            /* Test bad args. */
-            if (ret == 0) {
-                ret = wc_InitSha3_256(NULL, HEAP_HINT, testDevId);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = 0;
-                }
-                else if (ret == 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            wc_Sha3_256_Free(&sha3);
-        } /* END sha3_256 */
-    #endif /* NOSHA3_256 */
-    #if !defined(WOLFSSL_NOSHA3_384)
-        if (ret == 0) {
-            ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
-            /* Test bad args. */
-            if (ret == 0) {
-                ret = wc_InitSha3_384(NULL, HEAP_HINT, testDevId);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = 0;
-                }
-                else if (ret == 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            wc_Sha3_384_Free(&sha3);
-        } /* END sha3_384 */
-    #endif /* NOSHA3_384 */
-    #if !defined(WOLFSSL_NOSHA3_512)
-        if (ret == 0) {
-            ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
-            /* Test bad args. */
-            if (ret == 0) {
-                ret = wc_InitSha3_512(NULL, HEAP_HINT, testDevId);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = 0;
-                }
-                else if (ret == 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            wc_Sha3_512_Free(&sha3);
-        } /* END sha3_512 */
-    #endif /* NOSHA3_512 */
-
-    res = TEST_RES_CHECK(ret == 0);
+#if !defined(WOLFSSL_NOSHA3_224)
+    ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_InitSha3_224(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+    wc_Sha3_224_Free(&sha3);
+#endif /* NOSHA3_224 */
+#if !defined(WOLFSSL_NOSHA3_256)
+    ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_InitSha3_256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+    wc_Sha3_256_Free(&sha3);
+#endif /* NOSHA3_256 */
+#if !defined(WOLFSSL_NOSHA3_384)
+    ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_InitSha3_384(NULL, HEAP_HINT, testDevId),  BAD_FUNC_ARG);
+    wc_Sha3_384_Free(&sha3);
+#endif /* NOSHA3_384 */
+#if !defined(WOLFSSL_NOSHA3_512)
+    ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_InitSha3_512(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
+    wc_Sha3_512_Free(&sha3);
+#endif /* NOSHA3_512 */
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_InitSha3 */
 
 
@@ -15014,7 +14339,7 @@ static int test_wc_InitSha3(void)
  */
 static int testing_wc_Sha3_Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_XILINX_CRYPT) && \
    !defined(WOLFSSL_AFALG_XILINX)
     wc_Sha3 sha3;
@@ -15028,171 +14353,92 @@ static int testing_wc_Sha3_Update(void)
     word32  msglen = sizeof(msg) - 1;
     word32  msg2len = sizeof(msg2);
     word32  msgCmplen = sizeof(msgCmp);
-    int     ret = 0;
 
     #if !defined(WOLFSSL_NOSHA3_224)
-        ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
+        ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg, msglen), 0);
+        ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+        ExpectTrue(sha3.i == msglen);
+
+        ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
 
-        ret = wc_Sha3_224_Update(&sha3, msg, msglen);
-        if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        if (ret == 0) {
-            ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
-            if (ret == 0 && XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
         /* Pass bad args. */
-        if (ret == 0) {
-            ret = wc_Sha3_224_Update(NULL, msg2, msg2len);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_Sha3_224_Update(&sha3, NULL, 5);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                wc_Sha3_224_Free(&sha3);
-                if (wc_InitSha3_224(&sha3, HEAP_HINT, testDevId)) {
-                    return TEST_FAIL;
-                }
-                ret = wc_Sha3_224_Update(&sha3, NULL, 0);
-                if (ret == 0) {
-                    ret = wc_Sha3_224_Update(&sha3, msg2, msg2len);
-                }
-                if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-        }
+        ExpectIntEQ(wc_Sha3_224_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+        wc_Sha3_224_Free(&sha3);
+
+        ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_224_Update(&sha3, NULL, 0), 0);
+        ExpectIntEQ(wc_Sha3_224_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
         wc_Sha3_224_Free(&sha3);
     #endif /* SHA3_224 */
 
     #if !defined(WOLFSSL_NOSHA3_256)
-        if (ret == 0) {
-            ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
-            if (ret != 0) {
-                return TEST_FAIL;
-            }
-            ret = wc_Sha3_256_Update(&sha3, msg, msglen);
-            if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-            if (ret == 0) {
-                ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
-                if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            /* Pass bad args. */
-            if (ret == 0) {
-                ret = wc_Sha3_256_Update(NULL, msg2, msg2len);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = wc_Sha3_256_Update(&sha3, NULL, 5);
-                }
-                if (ret == BAD_FUNC_ARG) {
-                    wc_Sha3_256_Free(&sha3);
-                    if (wc_InitSha3_256(&sha3, HEAP_HINT, testDevId)) {
-                        return TEST_FAIL;
-                    }
-                    ret = wc_Sha3_256_Update(&sha3, NULL, 0);
-                    if (ret == 0) {
-                        ret = wc_Sha3_256_Update(&sha3, msg2, msg2len);
-                    }
-                    if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
-                        ret = WOLFSSL_FATAL_ERROR;
-                    }
-                }
-            }
-            wc_Sha3_256_Free(&sha3);
-        }
+        ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg, msglen), 0);
+        ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+        ExpectTrue(sha3.i == msglen);
+
+        ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
+
+        /* Pass bad args. */
+        ExpectIntEQ(wc_Sha3_256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+        wc_Sha3_256_Free(&sha3);
+
+        ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_256_Update(&sha3, NULL, 0), 0);
+        ExpectIntEQ(wc_Sha3_256_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+        wc_Sha3_256_Free(&sha3);
     #endif /* SHA3_256 */
 
     #if !defined(WOLFSSL_NOSHA3_384)
-        if (ret == 0) {
-            ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
-            if (ret != 0) {
-                return TEST_FAIL;
-            }
-            ret = wc_Sha3_384_Update(&sha3, msg, msglen);
-            if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-            if (ret == 0) {
-                ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
-                if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            /* Pass bad args. */
-            if (ret == 0) {
-                ret = wc_Sha3_384_Update(NULL, msg2, msg2len);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = wc_Sha3_384_Update(&sha3, NULL, 5);
-                }
-                if (ret == BAD_FUNC_ARG) {
-                    wc_Sha3_384_Free(&sha3);
-                    if (wc_InitSha3_384(&sha3, HEAP_HINT, testDevId)) {
-                        return TEST_FAIL;
-                    }
-                    ret = wc_Sha3_384_Update(&sha3, NULL, 0);
-                    if (ret == 0) {
-                        ret = wc_Sha3_384_Update(&sha3, msg2, msg2len);
-                    }
-                    if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
-                        ret = WOLFSSL_FATAL_ERROR;
-                    }
-                }
-            }
-            wc_Sha3_384_Free(&sha3);
-        }
+        ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg, msglen), 0);
+        ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+        ExpectTrue(sha3.i == msglen);
+
+        ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
+
+        /* Pass bad args. */
+        ExpectIntEQ(wc_Sha3_384_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+        wc_Sha3_384_Free(&sha3);
+
+        ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_384_Update(&sha3, NULL, 0), 0);
+        ExpectIntEQ(wc_Sha3_384_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+        wc_Sha3_384_Free(&sha3);
     #endif /* SHA3_384 */
 
     #if !defined(WOLFSSL_NOSHA3_512)
-        if (ret == 0) {
-            ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
-            if (ret != 0) {
-                return TEST_FAIL;
-            }
-            ret = wc_Sha3_512_Update(&sha3, msg, msglen);
-            if (XMEMCMP(msg, sha3.t, msglen) || sha3.i != msglen) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-            if (ret == 0) {
-                ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
-                if (XMEMCMP(sha3.t, msgCmp, msgCmplen) != 0) {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            }
-            /* Pass bad args. */
-            if (ret == 0) {
-                ret = wc_Sha3_512_Update(NULL, msg2, msg2len);
-                if (ret == BAD_FUNC_ARG) {
-                    ret = wc_Sha3_512_Update(&sha3, NULL, 5);
-                }
-                if (ret == BAD_FUNC_ARG) {
-                    wc_Sha3_512_Free(&sha3);
-                    if (wc_InitSha3_512(&sha3, HEAP_HINT, testDevId)) {
-                        return TEST_FAIL;
-                    }
-                    ret = wc_Sha3_512_Update(&sha3, NULL, 0);
-                    if (ret == 0) {
-                        ret = wc_Sha3_512_Update(&sha3, msg2, msg2len);
-                    }
-                    if (ret == 0 && XMEMCMP(msg2, sha3.t, msg2len) != 0) {
-                        ret = WOLFSSL_FATAL_ERROR;
-                    }
-                }
-            }
-            wc_Sha3_512_Free(&sha3);
-        }
-    #endif /* SHA3_512 */
+        ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg, msglen), 0);
+        ExpectIntEQ(XMEMCMP(msg, sha3.t, msglen), 0);
+        ExpectTrue(sha3.i == msglen);
 
-    res = TEST_RES_CHECK(ret == 0);
-#endif /* WOLFSSL_SHA3 */
-    return res;
+        ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(sha3.t, msgCmp, msgCmplen), 0);
 
+        /* Pass bad args. */
+        ExpectIntEQ(wc_Sha3_512_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 5), BAD_FUNC_ARG);
+        wc_Sha3_512_Free(&sha3);
+
+        ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+        ExpectIntEQ(wc_Sha3_512_Update(&sha3, NULL, 0), 0);
+        ExpectIntEQ(wc_Sha3_512_Update(&sha3, msg2, msg2len), 0);
+        ExpectIntEQ(XMEMCMP(msg2, sha3.t, msg2len), 0);
+        wc_Sha3_512_Free(&sha3);
+    #endif /* SHA3_512 */
+#endif /* WOLFSSL_SHA3 */
+    return EXPECT_RESULT();
 } /* END testing_wc_Sha3_Update */
 
 /*
@@ -15200,7 +14446,7 @@ static int testing_wc_Sha3_Update(void)
  */
 static int test_wc_Sha3_224_Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
     wc_Sha3     sha3;
     const char* msg    = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15210,79 +14456,36 @@ static int test_wc_Sha3_224_Final(void)
                          "\x64\xea\xd0\xfc\xce\x33";
     byte        hash[WC_SHA3_224_DIGEST_SIZE];
     byte        hashRet[WC_SHA3_224_DIGEST_SIZE];
-    int         ret = 0;
 
     /* Init stack variables. */
     XMEMSET(hash, 0, sizeof(hash));
 
-    ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE), 0);
 
-    ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-    if (ret == 0) {
-        ret = wc_Sha3_224_Final(&sha3, hash);
-        if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_224_DIGEST_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_224_Final(NULL, hash);
-        if (ret == 0) {
-            ret = wc_Sha3_224_Final(&sha3, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_224_Final(NULL, hash), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_224_Final(&sha3, NULL), BAD_FUNC_ARG);
     wc_Sha3_224_Free(&sha3);
 
-    if (ret == 0) {
-        ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-
-        /* Init stack variables. */
-        XMEMSET(hash, 0, sizeof(hash));
-        XMEMSET(hashRet, 0, sizeof(hashRet));
-
-        ret= wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-        if (ret == 0) {
-            ret = wc_Sha3_224_GetHash(&sha3, hashRet);
-        }
+    ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+    /* Init stack variables. */
+    XMEMSET(hash, 0, sizeof(hash));
+    XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, hashRet), 0);
+    ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE), 0);
 
-        if (ret == 0) {
-            ret = wc_Sha3_224_Final(&sha3, hash);
-            if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_224_DIGEST_SIZE) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* Test bad args. */
-            ret = wc_Sha3_224_GetHash(NULL, hashRet);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_Sha3_224_GetHash(&sha3, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_Sha3_224_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_224_GetHash(&sha3, NULL), BAD_FUNC_ARG);
 
     wc_Sha3_224_Free(&sha3);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_224_Final */
 
 
@@ -15291,7 +14494,7 @@ static int test_wc_Sha3_224_Final(void)
  */
 static int test_wc_Sha3_256_Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
     wc_Sha3     sha3;
     const char* msg    = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15301,77 +14504,36 @@ static int test_wc_Sha3_256_Final(void)
                         "\xdd\x97\x49\x6d\x33\x76";
     byte        hash[WC_SHA3_256_DIGEST_SIZE];
     byte        hashRet[WC_SHA3_256_DIGEST_SIZE];
-    int         ret = 0;
 
     /* Init stack variables. */
     XMEMSET(hash, 0, sizeof(hash));
 
-    ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE), 0);
 
-    ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-    if (ret == 0) {
-        ret = wc_Sha3_256_Final(&sha3, hash);
-        if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_256_DIGEST_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_256_Final(NULL, hash);
-        if (ret == 0) {
-            ret = wc_Sha3_256_Final(&sha3, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_256_Final(NULL, hash), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_256_Final(&sha3, NULL), BAD_FUNC_ARG);
     wc_Sha3_256_Free(&sha3);
 
-    if (ret == 0) {
-        ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-        /* Init stack variables. */
-        XMEMSET(hash, 0, sizeof(hash));
-        XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+    /* Init stack variables. */
+    XMEMSET(hash, 0, sizeof(hash));
+    XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, hashRet), 0);
+    ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE), 0);
 
-        ret= wc_Sha3_256_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-        if (ret == 0) {
-            ret = wc_Sha3_256_GetHash(&sha3, hashRet);
-        }
-        if (ret == 0) {
-            ret = wc_Sha3_256_Final(&sha3, hash);
-            if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_256_DIGEST_SIZE) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* Test bad args. */
-            ret = wc_Sha3_256_GetHash(NULL, hashRet);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_Sha3_256_GetHash(&sha3, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_Sha3_256_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_256_GetHash(&sha3, NULL), BAD_FUNC_ARG);
 
     wc_Sha3_256_Free(&sha3);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_256_Final */
 
 
@@ -15380,7 +14542,7 @@ static int test_wc_Sha3_256_Final(void)
  */
 static int test_wc_Sha3_384_Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
     wc_Sha3        sha3;
     const char* msg    = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15391,77 +14553,36 @@ static int test_wc_Sha3_384_Final(void)
                          "\xa1\x9e\xef\x51\xac\xd0\x65\x7c\x22";
     byte        hash[WC_SHA3_384_DIGEST_SIZE];
     byte        hashRet[WC_SHA3_384_DIGEST_SIZE];
-    int         ret = 0;
 
     /* Init stack variables. */
     XMEMSET(hash, 0, sizeof(hash));
 
-    ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE), 0);
 
-    ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-    if (ret == 0) {
-        ret = wc_Sha3_384_Final(&sha3, hash);
-        if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_384_DIGEST_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_384_Final(NULL, hash);
-        if (ret == 0) {
-            ret = wc_Sha3_384_Final(&sha3, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_384_Final(NULL, hash), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_384_Final(&sha3, NULL), BAD_FUNC_ARG);
     wc_Sha3_384_Free(&sha3);
 
-    if (ret == 0) {
-        ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-        /* Init stack variables. */
-        XMEMSET(hash, 0, sizeof(hash));
-        XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+    /* Init stack variables. */
+    XMEMSET(hash, 0, sizeof(hash));
+    XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, hashRet), 0);
+    ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE), 0);
 
-        ret= wc_Sha3_384_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-        if (ret == 0) {
-            ret = wc_Sha3_384_GetHash(&sha3, hashRet);
-        }
-        if (ret == 0) {
-            ret = wc_Sha3_384_Final(&sha3, hash);
-            if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_384_DIGEST_SIZE) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* Test bad args. */
-            ret = wc_Sha3_384_GetHash(NULL, hashRet);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_Sha3_384_GetHash(&sha3, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_Sha3_384_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_384_GetHash(&sha3, NULL), BAD_FUNC_ARG);
 
     wc_Sha3_384_Free(&sha3);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_384_Final */
 
 
@@ -15471,7 +14592,7 @@ static int test_wc_Sha3_384_Final(void)
  */
 static int test_wc_Sha3_512_Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512) && \
    !defined(WOLFSSL_NOSHA3_384)
     wc_Sha3     sha3;
@@ -15484,77 +14605,36 @@ static int test_wc_Sha3_512_Final(void)
                          "\x9c\x03\x0d\x99\xa2\x7d\xaf\x11\x39\xd6\xe7\x5e";
     byte        hash[WC_SHA3_512_DIGEST_SIZE];
     byte        hashRet[WC_SHA3_512_DIGEST_SIZE];
-    int         ret = 0;
 
     /* Init stack variables. */
     XMEMSET(hash, 0, sizeof(hash));
 
-    ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE), 0);
 
-    ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-    if (ret == 0) {
-        ret = wc_Sha3_512_Final(&sha3, hash);
-        if (ret == 0 && XMEMCMP(expOut, hash, WC_SHA3_512_DIGEST_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_512_Final(NULL, hash);
-        if (ret == 0) {
-            ret = wc_Sha3_384_Final(&sha3, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_512_Final(NULL, hash), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_512_Final(&sha3, NULL), BAD_FUNC_ARG);
     wc_Sha3_512_Free(&sha3);
 
-    if (ret == 0) {
-        ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-        /* Init stack variables. */
-        XMEMSET(hash, 0, sizeof(hash));
-        XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+    /* Init stack variables. */
+    XMEMSET(hash, 0, sizeof(hash));
+    XMEMSET(hashRet, 0, sizeof(hashRet));
+    ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg)), 0);
+    ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, hashRet), 0);
+    ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE), 0);
 
-        ret= wc_Sha3_512_Update(&sha3, (byte*)msg, (word32)XSTRLEN(msg));
-        if (ret == 0) {
-            ret = wc_Sha3_512_GetHash(&sha3, hashRet);
-        }
-        if (ret == 0) {
-            ret = wc_Sha3_512_Final(&sha3, hash);
-            if (ret == 0 && XMEMCMP(hash, hashRet, WC_SHA3_512_DIGEST_SIZE) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* Test bad args. */
-            ret = wc_Sha3_512_GetHash(NULL, hashRet);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_Sha3_512_GetHash(&sha3, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_Sha3_512_GetHash(NULL, hashRet), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_512_GetHash(&sha3, NULL), BAD_FUNC_ARG);
 
     wc_Sha3_512_Free(&sha3);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_512_Final */
 
 
@@ -15563,61 +14643,35 @@ static int test_wc_Sha3_512_Final(void)
  */
 static int test_wc_Sha3_224_Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_224)
     wc_Sha3     sha3, sha3Cpy;
     const char* msg = TEST_STRING;
     word32      msglen = (word32)TEST_STRING_SZ;
     byte        hash[WC_SHA3_224_DIGEST_SIZE];
     byte        hashCpy[WC_SHA3_224_DIGEST_SIZE];
-    int         ret = 0;
 
     XMEMSET(hash, 0, sizeof(hash));
     XMEMSET(hashCpy, 0, sizeof(hashCpy));
+    XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+    XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
 
-    ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-
-    ret = wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        wc_Sha3_224_Free(&sha3);
-        return TEST_FAIL;
-    }
-
-    ret = wc_Sha3_224_Update(&sha3, (byte*)msg, msglen);
+    ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitSha3_224(&sha3Cpy, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_224_Update(&sha3, (byte*)msg, msglen), 0);
+    ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, &sha3), 0);
+    ExpectIntEQ(wc_Sha3_224_Final(&sha3, hash), 0);
+    ExpectIntEQ(wc_Sha3_224_Final(&sha3Cpy, hashCpy), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
 
-    if (ret == 0) {
-        ret = wc_Sha3_224_Copy(&sha3Cpy, &sha3);
-        if (ret == 0) {
-            ret = wc_Sha3_224_Final(&sha3, hash);
-            if (ret == 0) {
-                ret = wc_Sha3_224_Final(&sha3Cpy, hashCpy);
-            }
-        }
-        if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_224_Copy(NULL, &sha3);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Sha3_224_Copy(&sha3Cpy, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_224_Copy(NULL, &sha3), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_224_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Sha3_224_Free(&sha3);
+    wc_Sha3_224_Free(&sha3Cpy);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_224_Copy */
 
 
@@ -15627,61 +14681,35 @@ static int test_wc_Sha3_224_Copy(void)
  */
 static int test_wc_Sha3_256_Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
     wc_Sha3     sha3, sha3Cpy;
     const char* msg = TEST_STRING;
     word32      msglen = (word32)TEST_STRING_SZ;
     byte        hash[WC_SHA3_256_DIGEST_SIZE];
     byte        hashCpy[WC_SHA3_256_DIGEST_SIZE];
-    int         ret = 0;
 
     XMEMSET(hash, 0, sizeof(hash));
     XMEMSET(hashCpy, 0, sizeof(hashCpy));
+    XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+    XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
 
-    ret = wc_InitSha3_256(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_256(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_256_Update(&sha3, (byte*)msg, msglen), 0);
+    ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, &sha3), 0);
+    ExpectIntEQ(wc_Sha3_256_Final(&sha3, hash), 0);
+    ExpectIntEQ(wc_Sha3_256_Final(&sha3Cpy, hashCpy), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
 
-    ret = wc_InitSha3_256(&sha3Cpy, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        wc_Sha3_256_Free(&sha3);
-        return TEST_FAIL;
-    }
-
-    ret = wc_Sha3_256_Update(&sha3, (byte*)msg, msglen);
-
-    if (ret == 0) {
-        ret = wc_Sha3_256_Copy(&sha3Cpy, &sha3);
-        if (ret == 0) {
-            ret = wc_Sha3_256_Final(&sha3, hash);
-            if (ret == 0) {
-                ret = wc_Sha3_256_Final(&sha3Cpy, hashCpy);
-            }
-        }
-        if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_256_Copy(NULL, &sha3);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Sha3_256_Copy(&sha3Cpy, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_256_Copy(NULL, &sha3), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_256_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Sha3_256_Free(&sha3);
+    wc_Sha3_256_Free(&sha3Cpy);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_256_Copy */
 
 
@@ -15691,61 +14719,35 @@ static int test_wc_Sha3_256_Copy(void)
  */
 static int test_wc_Sha3_384_Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_384)
     wc_Sha3     sha3, sha3Cpy;
     const char* msg = TEST_STRING;
     word32      msglen = (word32)TEST_STRING_SZ;
     byte        hash[WC_SHA3_384_DIGEST_SIZE];
     byte        hashCpy[WC_SHA3_384_DIGEST_SIZE];
-    int         ret = 0;
 
     XMEMSET(hash, 0, sizeof(hash));
     XMEMSET(hashCpy, 0, sizeof(hashCpy));
+    XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+    XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
 
-    ret = wc_InitSha3_384(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-
-    ret = wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        wc_Sha3_384_Free(&sha3);
-        return TEST_FAIL;
-    }
-
-    ret = wc_Sha3_384_Update(&sha3, (byte*)msg, msglen);
+    ExpectIntEQ(wc_InitSha3_384(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitSha3_384(&sha3Cpy, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_384_Update(&sha3, (byte*)msg, msglen), 0);
+    ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, &sha3), 0);
+    ExpectIntEQ(wc_Sha3_384_Final(&sha3, hash), 0);
+    ExpectIntEQ(wc_Sha3_384_Final(&sha3Cpy, hashCpy), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
 
-    if (ret == 0) {
-        ret = wc_Sha3_384_Copy(&sha3Cpy, &sha3);
-        if (ret == 0) {
-            ret = wc_Sha3_384_Final(&sha3, hash);
-            if (ret == 0) {
-                ret = wc_Sha3_384_Final(&sha3Cpy, hashCpy);
-            }
-        }
-        if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_384_Copy(NULL, &sha3);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Sha3_384_Copy(&sha3Cpy, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_384_Copy(NULL, &sha3), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_384_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Sha3_384_Free(&sha3);
+    wc_Sha3_384_Free(&sha3Cpy);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_384_Copy */
 
 
@@ -15754,125 +14756,75 @@ static int test_wc_Sha3_384_Copy(void)
  */
 static int test_wc_Sha3_512_Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_512)
     wc_Sha3     sha3, sha3Cpy;
     const char* msg = TEST_STRING;
     word32      msglen = (word32)TEST_STRING_SZ;
     byte        hash[WC_SHA3_512_DIGEST_SIZE];
     byte        hashCpy[WC_SHA3_512_DIGEST_SIZE];
-    int         ret = 0;
 
     XMEMSET(hash, 0, sizeof(hash));
     XMEMSET(hashCpy, 0, sizeof(hashCpy));
+    XMEMSET(&sha3, 0, sizeof(wc_Sha3));
+    XMEMSET(&sha3Cpy, 0, sizeof(wc_Sha3));
 
-    ret = wc_InitSha3_512(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-
-    ret = wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId);
-    if (ret != 0) {
-    wc_Sha3_512_Free(&sha3);
-    return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitSha3_512(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitSha3_512(&sha3Cpy, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_512_Update(&sha3, (byte*)msg, msglen), 0);
+    ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, &sha3), 0);
+    ExpectIntEQ(wc_Sha3_512_Final(&sha3, hash), 0);
+    ExpectIntEQ(wc_Sha3_512_Final(&sha3Cpy, hashCpy), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
 
-    ret = wc_Sha3_512_Update(&sha3, (byte*)msg, msglen);
-
-    if (ret == 0) {
-        ret = wc_Sha3_512_Copy(&sha3Cpy, &sha3);
-        if (ret == 0) {
-            ret = wc_Sha3_512_Final(&sha3, hash);
-            if (ret == 0) {
-                ret = wc_Sha3_512_Final(&sha3Cpy, hashCpy);
-            }
-        }
-        if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Sha3_512_Copy(NULL, &sha3);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Sha3_512_Copy(&sha3Cpy, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Sha3_512_Copy(NULL, &sha3), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha3_512_Copy(&sha3Cpy, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Sha3_512_Free(&sha3);
+    wc_Sha3_512_Free(&sha3Cpy);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_512_Copy */
 /*
  * Unit test function for wc_Sha3_GetFlags()
  */
 static int test_wc_Sha3_GetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_HASH_FLAGS)
     wc_Sha3 sha3;
     word32  flags = 0;
-    int     ret = 0;
 
     /* Initialize */
-    ret = wc_InitSha3_224(&sha3, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    if (ret == 0) {
-        ret = wc_Sha3_GetFlags(&sha3, &flags);
-    }
-    if (ret == 0) {
-        if (flags & WC_HASH_FLAG_ISCOPY) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitSha3_224(&sha3, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Sha3_GetFlags(&sha3, &flags), 0);
+    ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
     wc_Sha3_224_Free(&sha3);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Sha3_GetFlags */
 
 
 static int test_wc_InitShake256(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHAKE256
     wc_Shake shake;
-    int      ret = 0;
 
-    ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
+    ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_InitShake256(NULL, HEAP_HINT, testDevId);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    wc_Shake256_Free(&shake);
+    ExpectIntEQ(wc_InitShake256(NULL, HEAP_HINT, testDevId), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Shake256_Free(&shake);
 #endif
-    return res;
-
-} /* END test_wc_InitSha3 */
+    return EXPECT_RESULT();
+}
 
 
 static int testing_wc_Shake256_Update(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHAKE256
     wc_Shake shake;
     byte     msg[] = "Everybody's working for the weekend.";
@@ -15885,52 +14837,32 @@ static int testing_wc_Shake256_Update(void)
     word32   msglen = sizeof(msg) - 1;
     word32   msg2len = sizeof(msg2);
     word32   msgCmplen = sizeof(msgCmp);
-    int      ret = 0;
 
-    ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    ret = wc_Shake256_Update(&shake, msg, msglen);
-    if (XMEMCMP(msg, shake.t, msglen) || shake.i != msglen) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0) {
-        ret = wc_Shake256_Update(&shake, msg2, msg2len);
-        if (XMEMCMP(shake.t, msgCmp, msgCmplen) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Shake256_Update(&shake, msg, msglen), 0);
+    ExpectIntEQ(XMEMCMP(msg, shake.t, msglen), 0);
+    ExpectTrue(shake.i == msglen);
+
+    ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
+    ExpectIntEQ(XMEMCMP(shake.t, msgCmp, msgCmplen), 0);
+
     /* Pass bad args. */
-    if (ret == 0) {
-        ret = wc_Shake256_Update(NULL, msg2, msg2len);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Shake256_Update(&shake, NULL, 5);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            wc_Shake256_Free(&shake);
-            if (wc_InitShake256(&shake, HEAP_HINT, testDevId)) {
-                return TEST_FAIL;
-            }
-            ret = wc_Shake256_Update(&shake, NULL, 0);
-            if (ret == 0) {
-                ret = wc_Shake256_Update(&shake, msg2, msg2len);
-            }
-            if (ret == 0 && XMEMCMP(msg2, shake.t, msg2len) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_Shake256_Update(NULL, msg2, msg2len), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 5), BAD_FUNC_ARG);
     wc_Shake256_Free(&shake);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Shake256_Update(&shake, NULL, 0), 0);
+    ExpectIntEQ(wc_Shake256_Update(&shake, msg2, msg2len), 0);
+    ExpectIntEQ(XMEMCMP(msg2, shake.t, msg2len), 0);
+    wc_Shake256_Free(&shake);
 #endif /* WOLFSSL_SHAKE256 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_Shake256_Final(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHAKE256
     wc_Shake    shake;
     const char* msg    = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnom"
@@ -15945,48 +14877,32 @@ static int test_wc_Shake256_Final(void)
                          "\x08\xba\xf1\x9b\xe2\x12\x33\xf3\xde\xbe\x78\xd0\x67"
                          "\x60\xcf\xa5\x51\xee\x1e\x07\x91\x41\xd4";
     byte        hash[114];
-    int         ret = 0;
 
     /* Init stack variables. */
     XMEMSET(hash, 0, sizeof(hash));
 
-    ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg)),
+        0);
+    ExpectIntEQ(wc_Shake256_Final(&shake, hash, (word32)sizeof(hash)), 0);
+    ExpectIntEQ(XMEMCMP(expOut, hash, (word32)sizeof(hash)), 0);
 
-    ret= wc_Shake256_Update(&shake, (byte*)msg, (word32)XSTRLEN(msg));
-    if (ret == 0) {
-        ret = wc_Shake256_Final(&shake, hash, (word32)sizeof(hash));
-        if (ret == 0 && XMEMCMP(expOut, hash, (word32)sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Shake256_Final(NULL, hash, (word32)sizeof(hash));
-        if (ret == 0) {
-            ret = wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    wc_Shake256_Free(&shake);
+    ExpectIntEQ(wc_Shake256_Final(NULL, hash, (word32)sizeof(hash)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Shake256_Final(&shake, NULL, (word32)sizeof(hash)),
+        BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Shake256_Free(&shake);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 /*
  *  Testing wc_Shake256_Copy()
  */
 static int test_wc_Shake256_Copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHAKE256
     wc_Shake    shake, shakeCpy;
     const char* msg = TEST_STRING;
@@ -15995,61 +14911,34 @@ static int test_wc_Shake256_Copy(void)
     byte        hashCpy[144];
     word32      hashLen = sizeof(hash);
     word32      hashLenCpy = sizeof(hashCpy);
-    int         ret;
 
     XMEMSET(hash, 0, sizeof(hash));
     XMEMSET(hashCpy, 0, sizeof(hashCpy));
 
-    ret = wc_InitShake256(&shake, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-
-    ret = wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId);
-    if (ret != 0) {
-        wc_Shake256_Free(&shake);
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_InitShake256(&shake, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitShake256(&shakeCpy, HEAP_HINT, testDevId), 0);
 
-    ret = wc_Shake256_Update(&shake, (byte*)msg, msglen);
+    ExpectIntEQ(wc_Shake256_Update(&shake, (byte*)msg, msglen), 0);
+    ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, &shake), 0);
+    ExpectIntEQ(wc_Shake256_Final(&shake, hash, hashLen), 0);
+    ExpectIntEQ(wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy), 0);
+    ExpectIntEQ(XMEMCMP(hash, hashCpy, sizeof(hash)), 0);
 
-    if (ret == 0) {
-        ret = wc_Shake256_Copy(&shakeCpy, &shake);
-        if (ret == 0) {
-            ret = wc_Shake256_Final(&shake, hash, hashLen);
-            if (ret == 0) {
-                ret = wc_Shake256_Final(&shakeCpy, hashCpy, hashLenCpy);
-            }
-        }
-        if (ret == 0 && XMEMCMP(hash, hashCpy, sizeof(hash)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Shake256_Copy(NULL, &shake);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Shake256_Copy(&shakeCpy, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    wc_Shake256_Free(&shake);
+    ExpectIntEQ(wc_Shake256_Copy(NULL, &shake), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Shake256_Copy(&shakeCpy, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Shake256_Free(&shake);
+    wc_Shake256_Free(&shakeCpy);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Shake256_Copy */
 /*
  * Unit test function for wc_Shake256Hash()
  */
 static int test_wc_Shake256Hash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_SHAKE256
     const byte data[] = { /* Hello World */
         0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
@@ -16058,25 +14947,284 @@ static int test_wc_Shake256Hash(void)
     word32     len = sizeof(data);
     byte       hash[144];
     word32     hashLen = sizeof(hash);
-    int        ret;
-
-    ret = wc_Shake256Hash(data, len, hash, hashLen);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Shake256Hash(data, len, hash, hashLen), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }  /* END test_wc_Shake256Hash */
 
+
+/*
+ *  Testing wc_InitSm3(), wc_Sm3Free()
+ */
+static int test_wc_InitSm3Free(void)
+{
+    EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+    wc_Sm3 sm3;
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_InitSm3(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
+
+    /* Valid Parameters */
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+    wc_Sm3Free(NULL);
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_InitSm3 */
+
+/*
+ *  Testing wc_Sm3Update(), wc_Sm3Final()
+ */
+static int test_wc_Sm3UpdateFinal(void)
+{
+    EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+    wc_Sm3 sm3;
+    byte data[WC_SM3_BLOCK_SIZE * 4];
+    byte hash[WC_SM3_DIGEST_SIZE];
+    byte calcHash[WC_SM3_DIGEST_SIZE];
+    byte expHash[WC_SM3_DIGEST_SIZE] = {
+        0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
+        0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
+        0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
+        0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
+    };
+    word32 chunk;
+    word32 i;
+
+    XMEMSET(data, 0, sizeof(data));
+
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_Sm3Update(NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Update(NULL, data, 1), BAD_FUNC_ARG);
+
+    /* Valid Parameters */
+    ExpectIntEQ(wc_Sm3Update(&sm3, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE - 2), 0);
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_BLOCK_SIZE * 2), 0);
+    /* Ensure too many bytes for lengths. */
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, WC_SM3_PAD_SIZE), 0);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_Sm3Final(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Final(&sm3, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Final(NULL, hash), BAD_FUNC_ARG);
+
+    /* Valid Parameters */
+    ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+    ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
+
+    /* Chunk tests. */
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
+    ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+    for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
+        for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
+            ExpectIntEQ(wc_Sm3Update(&sm3, data + i, chunk), 0);
+        }
+        if (i < (word32)sizeof(data)) {
+            ExpectIntEQ(wc_Sm3Update(&sm3, data + i, (word32)sizeof(data) - i),
+                0);
+        }
+        ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+        ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+    }
+
+    /* Not testing when the low 32-bit length overflows. */
+
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_Sm3Update */
+
+/*
+ *  Testing wc_Sm3GetHash()
+ */
+static int test_wc_Sm3GetHash(void)
+{
+    EXPECT_DECLS;
+#ifdef WOLFSSL_SM3
+    wc_Sm3 sm3;
+    byte hash[WC_SM3_DIGEST_SIZE];
+    byte calcHash[WC_SM3_DIGEST_SIZE];
+    byte data[WC_SM3_BLOCK_SIZE];
+
+    XMEMSET(data, 0, sizeof(data));
+
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_Sm3GetHash(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3GetHash(&sm3, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3GetHash(NULL, hash), BAD_FUNC_ARG);
+
+    /* Valid Parameters */
+    ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
+    ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+
+    /* With update. */
+    ExpectIntEQ(wc_Sm3Update(&sm3, data, sizeof(data)), 0);
+    ExpectIntEQ(wc_Sm3GetHash(&sm3, hash), 0);
+    ExpectIntEQ(wc_Sm3Final(&sm3, calcHash), 0);
+    ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_Sm3Update */
+
+/*
+ *  Testing wc_Sm3Copy()
+ */
+static int test_wc_Sm3Copy(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+    wc_Sm3 sm3;
+    wc_Sm3 sm3Copy;
+    byte hash[WC_SM3_DIGEST_SIZE];
+    byte hashCopy[WC_SM3_DIGEST_SIZE];
+    byte data[WC_SM3_BLOCK_SIZE + 1];
+    int i;
+
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_Sm3Copy(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Copy(&sm3, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Copy(NULL, &sm3Copy), BAD_FUNC_ARG);
+
+    /* Valid Parameters */
+    ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+
+    /* Ensure all parts of data updated during hashing are copied. */
+    for (i = 0; i < WC_SM3_BLOCK_SIZE + 1; i++) {
+        ExpectIntEQ(wc_Sm3Update(&sm3, data, i), 0);
+        ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+        ExpectIntEQ(wc_Sm3Update(&sm3, data, 1), 0);
+        ExpectIntEQ(wc_Sm3Update(&sm3Copy, data, 1), 0);
+        ExpectIntEQ(wc_Sm3Final(&sm3, hash), 0);
+        ExpectIntEQ(wc_Sm3Final(&sm3Copy, hashCopy), 0);
+        ExpectBufEQ(hash, hashCopy, WC_SM3_DIGEST_SIZE);
+    }
+
+    wc_Sm3Free(&sm3Copy);
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_Sm3Copy */
+
+/*
+ * Testing wc_Sm3FinalRaw()
+ */
+static int test_wc_Sm3FinalRaw(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && !defined(HAVE_SELFTEST) && \
+    !defined(WOLFSSL_DEVCRYPTO) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 3))) && \
+    !defined(WOLFSSL_NO_HASH_RAW)
+    wc_Sm3 sm3;
+    byte hash1[WC_SM3_DIGEST_SIZE];
+    byte hash2[WC_SM3_DIGEST_SIZE];
+    byte hash3[WC_SM3_DIGEST_SIZE];
+    byte* hash_test[3] = { hash1, hash2, hash3 };
+    int times;
+    int i;
+
+    XMEMSET(&sm3, 0, sizeof(sm3));
+
+    /* Initialize */
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(wc_Sm3FinalRaw(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3FinalRaw(&sm3, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3FinalRaw(NULL, hash1), BAD_FUNC_ARG);
+
+    times = sizeof(hash_test) / sizeof(byte*);
+    for (i = 0; i < times; i++) {
+        ExpectIntEQ(wc_Sm3FinalRaw(&sm3, hash_test[i]), 0);
+    }
+
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+} /* END test_wc_Sm3FinalRaw */
+/*
+ *  Testing wc_Sm3GetFlags, wc_Sm3SetFlags()
+ */
+static int test_wc_Sm3GetSetFlags(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+    wc_Sm3 sm3;
+    wc_Sm3 sm3Copy;
+    word32 flags = 0;
+
+    ExpectIntEQ(wc_InitSm3(&sm3, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_InitSm3(&sm3Copy, NULL, INVALID_DEVID), 0);
+
+    ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
+    ExpectIntEQ(flags, 0);
+    ExpectIntEQ(wc_Sm3SetFlags(NULL, WC_HASH_FLAG_WILLCOPY), 0);
+    ExpectIntEQ(wc_Sm3GetFlags(NULL, &flags), 0);
+    ExpectIntEQ(flags, 0);
+    ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
+    ExpectIntEQ(flags, 0);
+    ExpectIntEQ(wc_Sm3SetFlags(&sm3, WC_HASH_FLAG_WILLCOPY), 0);
+    ExpectIntEQ(wc_Sm3GetFlags(&sm3, &flags), 0);
+    ExpectIntEQ(flags, WC_HASH_FLAG_WILLCOPY);
+
+    ExpectIntEQ(wc_Sm3Copy(&sm3, &sm3Copy), 0);
+    ExpectIntEQ(wc_Sm3GetFlags(&sm3Copy, &flags), 0);
+    ExpectIntEQ(flags, WC_HASH_FLAG_ISCOPY | WC_HASH_FLAG_WILLCOPY);
+
+    wc_Sm3Free(&sm3Copy);
+    wc_Sm3Free(&sm3);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_Sm3Update */
+
+/*
+ *  Testing wc_Sm3Hash()
+ */
+static int test_wc_Sm3Hash(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_SM3) && defined(WOLFSSL_HASH_FLAGS)
+    byte data[WC_SM3_BLOCK_SIZE];
+    byte hash[WC_SM3_DIGEST_SIZE];
+
+    /* Invalid parameters. */
+    ExpectIntEQ(wc_Sm3Hash(NULL, sizeof(data), hash), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), NULL), BAD_FUNC_ARG);
+
+    /* Valid parameters. */
+    ExpectIntEQ(wc_Sm3Hash(data, sizeof(data), hash), 0);
+#endif
+    return EXPECT_RESULT();
+}  /* END test_wc_Sm3Hash */
+
 /*
  * Test function for wc_HmacSetKey
  */
 static int test_wc_Md5HmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_MD5)
     Hmac hmac;
     int ret, times, itr;
-    int flag = 0;
 
     const char* keys[]=
     {
@@ -16086,74 +15234,40 @@ static int test_wc_Md5HmacSetKey(void)
 #endif
         "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
     };
-
     times = sizeof(keys) / sizeof(char*);
-    flag = 0;
 
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
 
     for (itr = 0; itr < times; itr++) {
         ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[itr],
-                            (word32)XSTRLEN(keys[itr]));
+            (word32)XSTRLEN(keys[itr]));
 #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
         wc_HmacFree(&hmac);
-        if (ret == BAD_FUNC_ARG) {
-            return TEST_SUCCESS;
-        }
-        else {
-            return TEST_FAIL;
-        }
+        ExpectIntEQ(ret, BAD_FUNC_ARG);
 #else
-        if (ret != 0) {
-            flag = ret;
-        }
+        ExpectIntEQ(ret, 0);
 #endif
     }
 
     /* Bad args. */
-    if (!flag) {
-        ret = wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
-                                        (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
-                                        (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
-#ifdef HAVE_FIPS
-        if (ret != HMAC_MIN_KEYLEN_E) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_HmacSetKey(NULL, WC_MD5, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, NULL, (word32)XSTRLEN(keys[0])),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys[0], 0);
+#if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
+    ExpectIntEQ(ret, BAD_FUNC_ARG);
+#elif defined(HAVE_FIPS)
+    ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
 #else
-        if (ret != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, 0);
 #endif
-    }
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Md5HmacSetKey */
 
 
@@ -16162,11 +15276,10 @@ static int test_wc_Md5HmacSetKey(void)
  */
 static int test_wc_ShaHmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA)
     Hmac hmac;
     int ret, times, itr;
-    int flag = 0;
 
     const char* keys[]=
     {
@@ -16180,62 +15293,32 @@ static int test_wc_ShaHmacSetKey(void)
     };
 
     times = sizeof(keys) / sizeof(char*);
-    flag = 0;
 
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
 
     for (itr = 0; itr < times; itr++) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
-                                        (word32)XSTRLEN(keys[itr]));
-        if (ret != 0) {
-            flag = ret;
-        }
+        ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[itr],
+            (word32)XSTRLEN(keys[itr])), 0);
     }
 
     /* Bad args. */
-    if (!flag) {
-        ret = wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
-                                        (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
-                                        (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, NULL, (word32)XSTRLEN(keys[0])),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
+    ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys[0], 0);
 #ifdef HAVE_FIPS
-        if (ret != HMAC_MIN_KEYLEN_E) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
 #else
-        if (ret != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, 0);
 #endif
-    }
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ShaHmacSetKey() */
 
 /*
@@ -16243,11 +15326,10 @@ static int test_wc_ShaHmacSetKey(void)
  */
 static int test_wc_Sha224HmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
     Hmac hmac;
     int ret, times, itr;
-    int flag = 0;
 
     const char* keys[]=
     {
@@ -16259,64 +15341,32 @@ static int test_wc_Sha224HmacSetKey(void)
         "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
                                                                 "\xAA\xAA\xAA"
     };
-
     times = sizeof(keys) / sizeof(char*);
-    flag = 0;
 
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
 
     for (itr = 0; itr < times; itr++) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
-                                            (word32)XSTRLEN(keys[itr]));
-        if (ret != 0) {
-            flag = ret;
-        }
+        ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[itr],
+            (word32)XSTRLEN(keys[itr])), 0);
     }
 
     /* Bad args. */
-    if (!flag) {
-        ret = wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
+    ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA224, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, NULL, (word32)XSTRLEN(keys[0])),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys[0], 0);
 #ifdef HAVE_FIPS
-        if (ret != HMAC_MIN_KEYLEN_E) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
 #else
-        if (ret != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, 0);
 #endif
-    }
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224HmacSetKey() */
 
  /*
@@ -16324,11 +15374,10 @@ static int test_wc_Sha224HmacSetKey(void)
   */
 static int test_wc_Sha256HmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA256)
     Hmac hmac;
     int ret, times, itr;
-    int flag = 0;
 
     const char* keys[]=
     {
@@ -16340,64 +15389,32 @@ static int test_wc_Sha256HmacSetKey(void)
         "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
                                                                 "\xAA\xAA\xAA"
     };
-
     times = sizeof(keys) / sizeof(char*);
-    flag = 0;
 
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
 
     for (itr = 0; itr < times; itr++) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
-                                            (word32)XSTRLEN(keys[itr]));
-        if (ret != 0) {
-            flag = ret;
-        }
+        ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[itr],
+            (word32)XSTRLEN(keys[itr])), 0);
     }
 
     /* Bad args. */
-    if (!flag) {
-        ret = wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
+    ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA256, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, NULL, (word32)XSTRLEN(keys[0])),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys[0], 0);
 #ifdef HAVE_FIPS
-        if (ret != HMAC_MIN_KEYLEN_E) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
 #else
-        if (ret != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, 0);
 #endif
-    }
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256HmacSetKey() */
 
 
@@ -16406,11 +15423,10 @@ static int test_wc_Sha256HmacSetKey(void)
  */
 static int test_wc_Sha384HmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
     Hmac hmac;
     int ret, times, itr;
-    int flag = 0;
 
     const char* keys[]=
     {
@@ -16422,64 +15438,32 @@ static int test_wc_Sha384HmacSetKey(void)
         "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
                                                                 "\xAA\xAA\xAA"
     };
-
     times = sizeof(keys) / sizeof(char*);
-    flag = 0;
 
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
 
     for (itr = 0; itr < times; itr++) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
-                                            (word32)XSTRLEN(keys[itr]));
-        if (ret != 0) {
-            flag = ret;
-        }
+        ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[itr],
+            (word32)XSTRLEN(keys[itr])), 0);
     }
 
     /* Bad args. */
-    if (!flag) {
-        ret = wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, 20, (byte*)keys[0],
-                                            (word32)XSTRLEN(keys[0]));
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
+    ExpectIntEQ(wc_HmacSetKey(NULL, WC_SHA384, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, NULL, (word32)XSTRLEN(keys[0])),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, 21, (byte*)keys[0],
+        (word32)XSTRLEN(keys[0])), BAD_FUNC_ARG);
+    ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys[0], 0);
 #ifdef HAVE_FIPS
-        if (ret != HMAC_MIN_KEYLEN_E) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, HMAC_MIN_KEYLEN_E);
 #else
-        if (ret != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(ret, 0);
 #endif
-    }
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384HmacSetKey() */
 
 
@@ -16488,12 +15472,10 @@ static int test_wc_Sha384HmacSetKey(void)
  */
 static int test_wc_Md5HmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
     Hmac hmac;
     testVector a, b;
-    int ret;
-    int flag = 0;
 #ifdef HAVE_FIPS
     const char* keys =
         "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16503,62 +15485,26 @@ static int test_wc_Md5HmacUpdate(void)
 
     a.input = "what do ya want for nothing?";
     a.inLen  = XSTRLEN(a.input);
-
     b.input = "Hi There";
     b.inLen = XSTRLEN(b.input);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys, (word32)XSTRLEN(keys));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)keys,
+        (word32)XSTRLEN(keys)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
     /* Update Hmac. */
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Md5HmacUpdate */
 
 /*
@@ -16566,12 +15512,10 @@ static int test_wc_Md5HmacUpdate(void)
  */
 static int test_wc_ShaHmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA)
     Hmac hmac;
     testVector a, b;
-    int ret;
-    int flag = 0;
 #ifdef HAVE_FIPS
     const char* keys =
         "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16581,62 +15525,26 @@ static int test_wc_ShaHmacUpdate(void)
 
     a.input = "what do ya want for nothing?";
     a.inLen  = XSTRLEN(a.input);
-
     b.input = "Hi There";
     b.inLen = XSTRLEN(b.input);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys, (word32)XSTRLEN(keys));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)keys,
+        (word32)XSTRLEN(keys)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
     /* Update Hmac. */
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ShaHmacUpdate */
 
 /*
@@ -16644,12 +15552,10 @@ static int test_wc_ShaHmacUpdate(void)
  */
 static int test_wc_Sha224HmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
     Hmac hmac;
     testVector a, b;
-    int ret;
-    int flag = 0;
 #ifdef HAVE_FIPS
     const char* keys =
         "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16659,62 +15565,26 @@ static int test_wc_Sha224HmacUpdate(void)
 
     a.input = "what do ya want for nothing?";
     a.inLen  = XSTRLEN(a.input);
-
     b.input = "Hi There";
     b.inLen = XSTRLEN(b.input);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys, (word32)XSTRLEN(keys));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)keys,
+        (word32)XSTRLEN(keys)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
     /* Update Hmac. */
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224HmacUpdate */
 
 /*
@@ -16722,12 +15592,10 @@ static int test_wc_Sha224HmacUpdate(void)
  */
 static int test_wc_Sha256HmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA256)
     Hmac hmac;
     testVector a, b;
-    int ret;
-    int flag = 0;
 #ifdef HAVE_FIPS
     const char* keys =
         "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16737,62 +15605,26 @@ static int test_wc_Sha256HmacUpdate(void)
 
     a.input = "what do ya want for nothing?";
     a.inLen  = XSTRLEN(a.input);
-
     b.input = "Hi There";
     b.inLen = XSTRLEN(b.input);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys, (word32)XSTRLEN(keys));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)keys,
+        (word32)XSTRLEN(keys)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
     /* Update Hmac. */
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256HmacUpdate */
 
 /*
@@ -16800,12 +15632,10 @@ static int test_wc_Sha256HmacUpdate(void)
  */
 static int test_wc_Sha384HmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
     Hmac hmac;
     testVector a, b;
-    int ret;
-    int flag = 0;
 #ifdef HAVE_FIPS
     const char* keys =
         "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
@@ -16815,62 +15645,26 @@ static int test_wc_Sha384HmacUpdate(void)
 
     a.input = "what do ya want for nothing?";
     a.inLen  = XSTRLEN(a.input);
-
     b.input = "Hi There";
     b.inLen = XSTRLEN(b.input);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys, (word32)XSTRLEN(keys));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)keys,
+        (word32)XSTRLEN(keys)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)b.input, (word32)b.inLen), 0);
     /* Update Hmac. */
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
 
     /* Test bad args. */
-    if (!flag) {
-        ret = wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, NULL, (word32)a.inLen);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(NULL, (byte*)a.input, (word32)a.inLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, NULL, (word32)a.inLen), BAD_FUNC_ARG);
 
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, 0);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, 0), 0);
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384HmacUpdate */
 
 /*
@@ -16879,14 +15673,12 @@ static int test_wc_Sha384HmacUpdate(void)
 
 static int test_wc_Md5HmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5))
     Hmac hmac;
     byte hash[WC_MD5_DIGEST_SIZE];
     testVector a;
-    int ret;
     const char* key;
-    int flag = 0;
 
     key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
     a.input = "Hi There";
@@ -16895,60 +15687,22 @@ static int test_wc_Md5HmacFinal(void)
     a.inLen  = XSTRLEN(a.input);
     a.outLen = XSTRLEN(a.output);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_MD5, (byte*)key, (word32)XSTRLEN(key)),
+        0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_MD5_DIGEST_SIZE), 0);
 
     /* Try bad parameters. */
-    if (!flag) {
-        ret = wc_HmacFinal(NULL, hash);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
 #ifndef HAVE_FIPS
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
 #endif
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_Md5HmacFinal */
 
 /*
@@ -16956,13 +15710,11 @@ static int test_wc_Md5HmacFinal(void)
  */
 static int test_wc_ShaHmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA)
     Hmac hmac;
     byte hash[WC_SHA_DIGEST_SIZE];
     testVector a;
-    int ret;
-    int flag = 0;
     const char* key;
 
     key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -16973,60 +15725,22 @@ static int test_wc_ShaHmacFinal(void)
     a.inLen  = XSTRLEN(a.input);
     a.outLen = XSTRLEN(a.output);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA, (byte*)key, (word32)XSTRLEN(key)),
+        0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA_DIGEST_SIZE), 0);
 
     /* Try bad parameters. */
-    if (!flag) {
-        ret = wc_HmacFinal(NULL, hash);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
 #ifndef HAVE_FIPS
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
 #endif
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_ShaHmacFinal */
 
 
@@ -17035,13 +15749,11 @@ static int test_wc_ShaHmacFinal(void)
  */
 static int test_wc_Sha224HmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
     Hmac hmac;
     byte hash[WC_SHA224_DIGEST_SIZE];
     testVector a;
-    int ret;
-    int flag = 0;
     const char* key;
 
     key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17052,59 +15764,22 @@ static int test_wc_Sha224HmacFinal(void)
     a.inLen  = XSTRLEN(a.input);
     a.outLen = XSTRLEN(a.output);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key, (word32)XSTRLEN(key));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA224, (byte*)key,
+        (word32)XSTRLEN(key)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA224_DIGEST_SIZE), 0);
 
     /* Try bad parameters. */
-    if (!flag) {
-        ret = wc_HmacFinal(NULL, hash);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
 #ifndef HAVE_FIPS
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
 #endif
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha224HmacFinal */
 
 /*
@@ -17112,13 +15787,11 @@ static int test_wc_Sha224HmacFinal(void)
  */
 static int test_wc_Sha256HmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && !defined(NO_SHA256)
     Hmac hmac;
     byte hash[WC_SHA256_DIGEST_SIZE];
     testVector a;
-    int ret;
-    int flag = 0;
     const char* key;
 
     key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17130,59 +15803,22 @@ static int test_wc_Sha256HmacFinal(void)
     a.inLen  = XSTRLEN(a.input);
     a.outLen = XSTRLEN(a.output);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return TEST_FAIL;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key, (word32)XSTRLEN(key));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA256, (byte*)key,
+        (word32)XSTRLEN(key)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA256_DIGEST_SIZE), 0);
 
     /* Try bad parameters. */
-    if (!flag) {
-        ret = wc_HmacFinal(NULL, hash);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
 #ifndef HAVE_FIPS
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
 #endif
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha256HmacFinal */
 
 /*
@@ -17190,13 +15826,11 @@ static int test_wc_Sha256HmacFinal(void)
  */
 static int test_wc_Sha384HmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
     Hmac hmac;
     byte hash[WC_SHA384_DIGEST_SIZE];
     testVector a;
-    int ret;
-    int flag = 0;
     const char* key;
 
     key = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
@@ -17209,58 +15843,22 @@ static int test_wc_Sha384HmacFinal(void)
     a.inLen  = XSTRLEN(a.input);
     a.outLen = XSTRLEN(a.output);
 
-    flag = 0;
-
-    ret = wc_HmacInit(&hmac, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key, (word32)XSTRLEN(key));
-    if (ret != 0) {
-        flag = ret;
-    }
-
-    if (!flag) {
-        ret = wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, hash);
-        if (ret != 0) {
-            flag = ret;
-        }
-    }
-
-    if (!flag) {
-        if (XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE) != 0) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacInit(&hmac, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_HmacSetKey(&hmac, WC_SHA384, (byte*)key,
+        (word32)XSTRLEN(key)), 0);
+    ExpectIntEQ(wc_HmacUpdate(&hmac, (byte*)a.input, (word32)a.inLen), 0);
+    ExpectIntEQ(wc_HmacFinal(&hmac, hash), 0);
+    ExpectIntEQ(XMEMCMP(hash, a.output, WC_SHA384_DIGEST_SIZE), 0);
 
     /* Try bad parameters. */
-    if (!flag) {
-        ret = wc_HmacFinal(NULL, hash);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(NULL, hash), BAD_FUNC_ARG);
 #ifndef HAVE_FIPS
-    if (!flag) {
-        ret = wc_HmacFinal(&hmac, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            flag = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_HmacFinal(&hmac, NULL), BAD_FUNC_ARG);
 #endif
 
     wc_HmacFree(&hmac);
-
-    res = TEST_RES_CHECK(flag == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Sha384HmacFinal */
 
 
@@ -17270,9 +15868,11 @@ static int test_wc_Sha384HmacFinal(void)
  */
 static int test_wc_InitCmac(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CMAC) && !defined(NO_AES)
-    Cmac        cmac1, cmac2, cmac3;
+    Cmac        cmac1;
+    Cmac        cmac2;
+    Cmac        cmac3;
     /* AES 128 key. */
     byte        key1[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
                          "\x09\x10\x11\x12\x13\x14\x15\x16";
@@ -17280,67 +15880,45 @@ static int test_wc_InitCmac(void)
     byte        key2[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
                          "\x09\x01\x11\x12\x13\x14\x15\x16"
                          "\x01\x02\x03\x04\x05\x06\x07\x08";
-
     /* AES 256 key. */
     byte        key3[] = "\x01\x02\x03\x04\x05\x06\x07\x08"
                          "\x09\x01\x11\x12\x13\x14\x15\x16"
                          "\x01\x02\x03\x04\x05\x06\x07\x08"
                          "\x09\x01\x11\x12\x13\x14\x15\x16";
-
     word32      key1Sz = (word32)sizeof(key1) - 1;
     word32      key2Sz = (word32)sizeof(key2) - 1;
     word32      key3Sz = (word32)sizeof(key3) - 1;
     int         type   = WC_CMAC_AES;
-    int         ret = 0;
+
+    (void)key1;
+    (void)key1Sz;
+    (void)key2;
+    (void)key2Sz;
+
+    XMEMSET(&cmac1, 0, sizeof(Cmac));
+    XMEMSET(&cmac2, 0, sizeof(Cmac));
+    XMEMSET(&cmac3, 0, sizeof(Cmac));
 
 #ifdef WOLFSSL_AES_128
-    ret = wc_InitCmac(&cmac1, key1, key1Sz, type, NULL);
+    ExpectIntEQ(wc_InitCmac(&cmac1, key1, key1Sz, type, NULL), 0);
 #endif
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        wc_AesFree(&cmac1.aes);
-        ret = wc_InitCmac(&cmac2, key2, key2Sz, type, NULL);
-    }
+    wc_AesFree(&cmac1.aes);
+    ExpectIntEQ(wc_InitCmac(&cmac2, key2, key2Sz, type, NULL), 0);
 #endif
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        wc_AesFree(&cmac2.aes);
-        ret = wc_InitCmac(&cmac3, key3, key3Sz, type, NULL);
-    }
+    wc_AesFree(&cmac2.aes);
+    ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, type, NULL), 0);
 #endif
 
+    wc_AesFree(&cmac3.aes);
     /* Test bad args. */
-    if (ret == 0) {
-        wc_AesFree(&cmac3.aes);
-        ret = wc_InitCmac(NULL, key3, key3Sz, type, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_InitCmac(&cmac3, key3, 0, type, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    (void)key1;
-    (void)key1Sz;
-    (void)key2;
-    (void)key2Sz;
-    (void)cmac1;
-    (void)cmac2;
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitCmac(NULL, key3, key3Sz, type, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitCmac(&cmac3, NULL, key3Sz, type, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitCmac(&cmac3, key3, 0, type, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_InitCmac(&cmac3, key3, key3Sz, 0, NULL), BAD_FUNC_ARG);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_InitCmac */
 
 
@@ -17349,11 +15927,10 @@ static int test_wc_InitCmac(void)
  */
 static int test_wc_CmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
     Cmac        cmac;
-    byte        key[] =
-    {
+    byte        key[] = {
         0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
         0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
     };
@@ -17362,38 +15939,21 @@ static int test_wc_CmacUpdate(void)
                        "\xb3\x78\xcf\x85\x22\x41\x74\xd9"
                        "\xa0\x97\x39\x71\x62\xf1\x8e\x8f"
                        "\xf4";
-
     word32      inSz  = (word32)sizeof(in) - 1;
     word32      keySz = (word32)sizeof(key);
     int         type  = WC_CMAC_AES;
-    int         ret = 0;
 
-    ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
-    if (ret != 0) {
-        return ret;
-    }
+    XMEMSET(&cmac, 0, sizeof(Cmac));
 
-    ret = wc_CmacUpdate(&cmac, in, inSz);
+    ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
+    ExpectIntEQ(wc_CmacUpdate(&cmac, in, inSz), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_CmacUpdate(NULL, in, inSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_CmacUpdate(&cmac, NULL, 30);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        wc_AesFree(&cmac.aes);
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_CmacUpdate(NULL, in, inSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CmacUpdate(&cmac, NULL, 30), BAD_FUNC_ARG);
+    wc_AesFree(&cmac.aes);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_CmacUpdate */
 
 
@@ -17402,16 +15962,14 @@ static int test_wc_CmacUpdate(void)
  */
 static int test_wc_CmacFinal(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
     Cmac        cmac;
-    byte        key[] =
-    {
+    byte        key[] = {
         0x64, 0x4c, 0xbf, 0x12, 0x85, 0x9d, 0xf0, 0x55,
         0x7e, 0xa9, 0x1f, 0x08, 0xe0, 0x51, 0xff, 0x27
     };
-    byte        msg[] =
-    {
+    byte        msg[] = {
         0xe2, 0xb4, 0xb6, 0xf9, 0x48, 0x44, 0x02, 0x64,
         0x5c, 0x47, 0x80, 0x9e, 0xd5, 0xa8, 0x3a, 0x17,
         0xb3, 0x78, 0xcf, 0x85, 0x22, 0x41, 0x74, 0xd9,
@@ -17422,8 +15980,7 @@ static int test_wc_CmacFinal(void)
      * http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html#cmac
      * Per RFC4493 truncation of lsb is possible.
      */
-    byte        expMac[] =
-    {
+    byte        expMac[] = {
         0x4e, 0x6e, 0xc5, 0x6f, 0xf9, 0x5d, 0x0e, 0xae,
         0x1c, 0xf8, 0x3e, 0xfc, 0xf4, 0x4b, 0xeb
     };
@@ -17434,43 +15991,33 @@ static int test_wc_CmacFinal(void)
     word32      badMacSz = 17;
     int         expMacSz = sizeof(expMac);
     int         type     = WC_CMAC_AES;
-    int         ret = 0;
 
+    XMEMSET(&cmac, 0, sizeof(Cmac));
     XMEMSET(mac, 0, macSz);
 
-    ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
-    if (ret != 0) {
-        return ret;
-    }
-    ret = wc_CmacUpdate(&cmac, msg, msgSz);
+    ExpectIntEQ(wc_InitCmac(&cmac, key, keySz, type, NULL), 0);
+    ExpectIntEQ(wc_CmacUpdate(&cmac, msg, msgSz), 0);
 
-    if (ret == 0) {
-        ret = wc_CmacFinal(&cmac, mac, &macSz);
-        if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_CmacFinal(NULL, mac, &macSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_CmacFinal(&cmac, NULL, &macSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_CmacFinal(&cmac, mac, &badMacSz);
-                if (ret == BUFFER_E) {
-                    ret = 0;
-                }
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+#if (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_CmacFinalNoFree(NULL, mac, &macSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CmacFinalNoFree(&cmac, NULL, &macSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CmacFinalNoFree(&cmac, mac, &badMacSz), BUFFER_E);
 
-    res = TEST_RES_CHECK(ret == 0);
-#endif
-    return res;
+    /* For the last call, use the API with implicit wc_CmacFree(). */
+    ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
+    ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
+#else /* !HAVE_FIPS || FIPS>=5.3 */
+    ExpectIntEQ(wc_CmacFinal(&cmac, mac, &macSz), 0);
+    ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
 
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_CmacFinal(NULL, mac, &macSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CmacFinal(&cmac, NULL, &macSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CmacFinal(&cmac, mac, &badMacSz), BUFFER_E);
+#endif /* !HAVE_FIPS || FIPS>=5.3 */
+#endif
+    return EXPECT_RESULT();
 } /* END test_wc_CmacFinal */
 
 
@@ -17479,11 +16026,9 @@ static int test_wc_CmacFinal(void)
  */
 static int test_wc_AesCmacGenerate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_128)
-    Cmac        cmac;
-    byte        key[] =
-    {
+    byte        key[] = {
         0x26, 0xef, 0x8b, 0x40, 0x34, 0x11, 0x7d, 0x9e,
         0xbe, 0xc0, 0xc7, 0xfc, 0x31, 0x08, 0x54, 0x69
     };
@@ -17496,77 +16041,36 @@ static int test_wc_AesCmacGenerate(void)
     word32      macSz    = sizeof(mac);
     word32      msgSz    = sizeof(msg) - 1;
     word32      expMacSz = sizeof(expMac) - 1;
-    int         type     = WC_CMAC_AES;
-    int         ret = 0;
 
     XMEMSET(mac, 0, macSz);
 
-    ret = wc_InitCmac(&cmac, key, keySz, type, NULL);
-    if (ret != 0) {
-        return ret;
-    }
-
-    ret = wc_CmacUpdate(&cmac, msg, msgSz);
-    if (ret != 0) {
-        return ret;
-    }
-    else {
-        wc_AesFree(&cmac.aes);
-    }
+    ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz), 0);
+    ExpectIntEQ(XMEMCMP(mac, expMac, expMacSz), 0);
 
-    ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, keySz);
-    if (ret == 0 && XMEMCMP(mac, expMac, expMacSz) != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz);
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_AesCmacGenerate(NULL, &macSz, msg, msgSz, key, keySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, NULL, keySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, msg, msgSz, key, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacGenerate(mac, &macSz, NULL, msgSz, key, keySz),
+        BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, keySz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_AesCmacVerify(NULL, macSz, msg, msgSz, key, keySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacVerify(mac, 0, msg, msgSz, key, keySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, NULL, keySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacVerify(mac, macSz, msg, msgSz, key, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCmacVerify(mac, macSz, NULL, msgSz, key, keySz),
+        BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_AesCmacGenerate */
 
@@ -17576,10 +16080,9 @@ static int test_wc_AesCmacGenerate(void)
  */
 static int test_wc_AesGcmStream(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(WOLFSSL_AES_128) && defined(HAVE_AESGCM) && \
     defined(WOLFSSL_AESGCM_STREAM)
-    int ret = 0;
     int i;
     WC_RNG rng[1];
     Aes aesEnc[1];
@@ -17605,179 +16108,884 @@ static int test_wc_AesGcmStream(void)
         0xe0, 0x31, 0x57, 0x60, 0xb7, 0x92, 0xa3, 0x6d
     };
 
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    XMEMSET(&aesEnc, 0, sizeof(Aes));
+    XMEMSET(&aesDec, 0, sizeof(Aes));
+
     /* Create a random for generating IV/nonce. */
-    AssertIntEQ(wc_InitRng(rng), 0);
+    ExpectIntEQ(wc_InitRng(rng), 0);
 
     /* Initialize data structures. */
-    AssertIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
-    AssertIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
 
     /* BadParameters to streaming init. */
-    AssertIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptInit(NULL, NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, AES_128_KEY_SIZE, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptInit(aesEnc, NULL, 0, NULL, GCM_NONCE_MID_SZ),
+        BAD_FUNC_ARG);
 
     /* Bad parameters to encrypt update. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, in, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, NULL, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, NULL, 1),
+        BAD_FUNC_ARG);
     /* Bad parameters to decrypt update. */
-    AssertIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(NULL, NULL, NULL, 0, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, in, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, out, NULL, 1, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, NULL, 1),
+        BAD_FUNC_ARG);
 
     /* Bad parameters to encrypt final. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(NULL, NULL, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, NULL, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE + 1),
+        BAD_FUNC_ARG);
     /* Bad parameters to decrypt final. */
-    AssertIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, tag, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(NULL, NULL, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, NULL, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE + 1),
+        BAD_FUNC_ARG);
 
     /* Check calling final before setting key fails. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY);
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_KEY);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_KEY);
     /* Check calling update before setting key else fails. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
-                MISSING_KEY);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
-                MISSING_KEY);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
+        MISSING_KEY);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
+        MISSING_KEY);
 
     /* Set key but not IV. */
-    AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), NULL, 0), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), NULL, 0), 0);
     /* Check calling final before setting IV fails. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV);
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, sizeof(tag)), MISSING_IV);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesDec, tag, sizeof(tag)), MISSING_IV);
     /* Check calling update before setting IV else fails. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
-                MISSING_IV);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
-                MISSING_IV);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1),
+        MISSING_IV);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1),
+        MISSING_IV);
 
     /* Set IV using fixed part IV and external IV APIs. */
-    AssertIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ,
-                               rng), 0);
-    AssertIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut,
-                                        GCM_NONCE_MID_SZ), 0);
-    AssertIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0);
+    ExpectIntEQ(wc_AesGcmSetIV(aesEnc, GCM_NONCE_MID_SZ, iv, AES_IV_FIXED_SZ,
+        rng), 0);
+    ExpectIntEQ(wc_AesGcmEncryptInit_ex(aesEnc, NULL, 0, ivOut,
+        GCM_NONCE_MID_SZ), 0);
+    ExpectIntEQ(wc_AesGcmSetExtIV(aesDec, ivOut, GCM_NONCE_MID_SZ), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, NULL, 0, NULL, 0), 0);
     /* Encrypt and decrypt data. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0);
-    AssertIntEQ(XMEMCMP(plain, in, 1), 0);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, aad, 1), 0);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, aad, 1), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
     /* Finalize and check tag matches. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
 
     /* Set key and IV through streaming init API. */
-    AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    wc_AesFree(aesEnc);
+    wc_AesFree(aesDec);
+    ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
     /* Encrypt/decrypt one block and AAD of one block. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad,
-                                       AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad,
-                                       AES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, AES_BLOCK_SIZE, aad,
+        AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, AES_BLOCK_SIZE, aad,
+        AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, AES_BLOCK_SIZE), 0);
     /* Finalize and check tag matches. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
 
     /* Set key and IV through streaming init API. */
-    AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    wc_AesFree(aesEnc);
+    wc_AesFree(aesDec);
+    ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
     /* No data to encrypt/decrypt one byte of AAD. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad, 1), 0);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad, 1), 0);
     /* Finalize and check tag matches. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(tag, expTagAAD1, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
 
     /* Set key and IV through streaming init API. */
-    AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    wc_AesFree(aesEnc);
+    wc_AesFree(aesDec);
+    ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
     /* Encrypt/decrypt one byte and no AAD. */
-    AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0);
-    AssertIntEQ(XMEMCMP(plain, in, 1), 0);
+    ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out, in, 1, NULL, 0), 0);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain, out, 1, NULL, 0), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, 1), 0);
     /* Finalize and check tag matches. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(tag, expTagPlain1, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
 
     /* Set key and IV through streaming init API. */
-    AssertIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
-    AssertIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    wc_AesFree(aesEnc);
+    wc_AesFree(aesDec);
+    ExpectIntEQ(wc_AesInit(aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesEnc, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
     /* Encryption AES is one byte at a time */
     for (i = 0; i < (int)sizeof(aad); i++) {
-        AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1),
+        ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, NULL, NULL, 0, aad + i, 1),
             0);
     }
     for (i = 0; i < (int)sizeof(in); i++) {
-        AssertIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0),
-                    0);
+        ExpectIntEQ(wc_AesGcmEncryptUpdate(aesEnc, out + i, in + i, 1, NULL, 0),
+            0);
     }
     /* Decryption AES is two bytes at a time */
     for (i = 0; i < (int)sizeof(aad); i += 2) {
-        AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2),
+        ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, NULL, NULL, 0, aad + i, 2),
             0);
     }
     for (i = 0; i < (int)sizeof(aad); i += 2) {
-        AssertIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL,
-                                           0), 0);
+        ExpectIntEQ(wc_AesGcmDecryptUpdate(aesDec, plain + i, out + i, 2, NULL,
+            0), 0);
     }
-    AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
     /* Finalize and check tag matches. */
-    AssertIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmEncryptFinal(aesEnc, tag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(tag, expTag, AES_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(aesDec, tag, AES_BLOCK_SIZE), 0);
 
     /* Check streaming encryption can be decrypted with one shot. */
-    AssertIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0);
-    AssertIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv,
+    wc_AesFree(aesDec);
+    ExpectIntEQ(wc_AesInit(aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(aesDec, key, sizeof(key), iv, AES_IV_SIZE), 0);
+    ExpectIntEQ(wc_AesGcmSetKey(aesDec, key, sizeof(key)), 0);
+    ExpectIntEQ(wc_AesGcmDecrypt(aesDec, plain, out, sizeof(in), iv,
         AES_IV_SIZE, tag, AES_BLOCK_SIZE, aad, sizeof(aad)), 0);
-    AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
 
     wc_AesFree(aesEnc);
     wc_AesFree(aesDec);
     wc_FreeRng(rng);
+#endif
+    return EXPECT_RESULT();
+} /* END test_wc_AesGcmStream */
 
-    res = TEST_RES_CHECK(ret == 0);
+
+/*
+ * Testing streaming SM4 API.
+ */
+static int test_wc_Sm4(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
+    defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
+    unsigned char key[SM4_KEY_SIZE];
+#endif
+#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
+    unsigned char iv[SM4_IV_SIZE];
+#endif
+
+    /* Invalid parameters - wc_Sm4Init */
+    ExpectIntEQ(wc_Sm4Init(NULL, NULL, INVALID_DEVID), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4Init */
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+
+#if defined(WOLFSSL_SM4_ECB) || defined(WOLFSSL_SM4_CBC) || \
+    defined(WOLFSSL_SM4_CTR) || defined(WOLFSSL_SM4_CCM)
+    XMEMSET(key, 0, sizeof(key));
+
+    /* Invalid parameters - wc_Sm4SetKey. */
+    ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(NULL, key, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE-1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE+1), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4SetKey. */
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+#endif
+
+#if defined(WOLFSSL_SM4_CBC) || defined(WOLFSSL_SM4_CTR)
+    XMEMSET(iv, 0, sizeof(iv));
+
+    /* Invalid parameters - wc_Sm4SetIV. */
+    ExpectIntEQ(wc_Sm4SetIV(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4SetIV(NULL, iv), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4SetIV. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+#endif
+
+    /* Valid cases - wc_Sm4Free */
+    wc_Sm4Free(NULL);
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
 #endif
     return res;
+} /* END test_wc_Sm4 */
 
-} /* END test_wc_AesGcmStream */
+/*
+ * Testing block based SM4-ECB API.
+ */
+static int test_wc_Sm4Ecb(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_ECB
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+    unsigned char key[SM4_KEY_SIZE];
+    unsigned char in[SM4_BLOCK_SIZE * 2];
+    unsigned char out[SM4_BLOCK_SIZE * 2];
+    unsigned char out2[SM4_BLOCK_SIZE];
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(in, 0, sizeof(in));
+
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), MISSING_KEY);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), MISSING_KEY);
+
+    /* Tested in test_wc_Sm4. */
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+    /* Invalid parameters - wc_Sm4EcbEncrypt. */
+    ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4EcbEncrypt. */
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, 0), 0);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+    /*   In and out are same pointer. */
+    ExpectIntEQ(wc_Sm4EcbEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+    /* Invalid parameters - wc_Sm4EcbDecrypt. */
+    ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4EcbDecrypt. */
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, 0), 0);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+    /*   In and out are same pointer. */
+    ExpectIntEQ(wc_Sm4EcbDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+} /* END test_wc_Sm4Ecb */
+
+/*
+ * Testing block based SM4-CBC API.
+ */
+static int test_wc_Sm4Cbc(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CBC
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+    unsigned char key[SM4_KEY_SIZE];
+    unsigned char iv[SM4_IV_SIZE];
+    unsigned char in[SM4_BLOCK_SIZE * 2];
+    unsigned char out[SM4_BLOCK_SIZE * 2];
+    unsigned char out2[SM4_BLOCK_SIZE];
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(iv, 0, sizeof(iv));
+    XMEMSET(in, 0, sizeof(in));
+
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_KEY);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_KEY);
+    /* Tested in test_wc_Sm4. */
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), MISSING_IV);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), MISSING_IV);
+    /* Tested in test_wc_Sm4. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+
+    /* Invalid parameters - wc_Sm4CbcEncrypt. */
+    ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4CbcEncrypt. */
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, 0), 0);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+    /*   In and out are same pointer. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CbcEncrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+    /* Invalid parameters - wc_Sm4CbcDecrypt. */
+    ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, NULL, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, in, 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 1), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    /* Valid cases - wc_Sm4CbcDecrypt. */
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, 0), 0);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+    /*   In and out are same pointer. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CbcDecrypt(&sm4, in, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+} /* END test_wc_Sm4Cbc */
+
+/*
+ * Testing streaming SM4-CTR API.
+ */
+static int test_wc_Sm4Ctr(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CTR
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+    unsigned char key[SM4_KEY_SIZE];
+    unsigned char iv[SM4_IV_SIZE];
+    unsigned char in[SM4_BLOCK_SIZE * 4];
+    unsigned char out[SM4_BLOCK_SIZE * 4];
+    unsigned char out2[SM4_BLOCK_SIZE * 4];
+    word32 chunk;
+    word32 i;
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(iv, 0, sizeof(iv));
+    XMEMSET(in, 0, sizeof(in));
+
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_KEY);
+    /* Tested in test_wc_Sm4. */
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), MISSING_IV);
+    /* Tested in test_wc_Sm4. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+
+    /* Invalid parameters - wc_Sm4CtrEncrypt. */
+    ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, NULL, in, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(NULL, out, in, 0), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4CtrEncrypt. */
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 0), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, 1), 0);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, 1), 0);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, SM4_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(out2, out, 2), 0);
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(out, out2, SM4_BLOCK_SIZE), 0);
+    /*   In and out are same pointer. Also check encrypt of cipher text produces
+     *   plaintext.
+     */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, out, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(XMEMCMP(in, out, SM4_BLOCK_SIZE * 2), 0);
+
+    /* Chunking tests. */
+    ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+    ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, in, (word32)sizeof(in)), 0);
+    for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) {
+        ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+        for (i = 0; i + chunk <= (word32)sizeof(in); i += chunk) {
+             ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i, chunk), 0);
+        }
+        if (i < (word32)sizeof(in)) {
+             ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out + i, in + i,
+                 (word32)sizeof(in) - i), 0);
+        }
+        ExpectIntEQ(XMEMCMP(out, out2, (word32)sizeof(out)), 0);
+    }
+
+    for (i = 0; i < (word32)sizeof(iv); i++) {
+        iv[i] = 0xff;
+        ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+        ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2), 0);
+        ExpectIntEQ(wc_Sm4SetIV(&sm4, iv), 0);
+        ExpectIntEQ(wc_Sm4CtrEncrypt(&sm4, out2, out, SM4_BLOCK_SIZE * 2), 0);
+        ExpectIntEQ(XMEMCMP(out2, in, SM4_BLOCK_SIZE * 2), 0);
+    }
+
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+} /* END test_wc_Sm4Ctr */
+
+/*
+ * Testing stream SM4-GCM API.
+ */
+static int test_wc_Sm4Gcm(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_GCM
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+    unsigned char key[SM4_KEY_SIZE];
+    unsigned char nonce[GCM_NONCE_MAX_SZ];
+    unsigned char in[SM4_BLOCK_SIZE * 2];
+    unsigned char in2[SM4_BLOCK_SIZE * 2];
+    unsigned char out[SM4_BLOCK_SIZE * 2];
+    unsigned char out2[SM4_BLOCK_SIZE * 2];
+    unsigned char dec[SM4_BLOCK_SIZE * 2];
+    unsigned char tag[SM4_BLOCK_SIZE];
+    unsigned char aad[SM4_BLOCK_SIZE * 2];
+    word32 i;
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(nonce, 0, sizeof(nonce));
+    XMEMSET(in, 0, sizeof(in));
+    XMEMSET(in2, 0, sizeof(in2));
+    XMEMSET(aad, 0, sizeof(aad));
+
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+
+    /* Invalid parameters - wc_Sm4GcmSetKey. */
+    ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(NULL, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, NULL, SM4_KEY_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmSetKey(NULL, key, SM4_KEY_SIZE), BAD_FUNC_ARG);
+
+    /* Valid parameters - wc_Sm4GcmSetKey. */
+    ExpectIntEQ(wc_Sm4GcmSetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+    /* Invalid parameters - wc_Sm4GcmEncrypt. */
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+        NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+        SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
+        NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+    /* Invalid parameters - wc_Sm4GcmDecrypt. */
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+        NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+        SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(NULL, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, in, 1, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, NULL, 1, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, NULL, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ,
+        NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 1, nonce, GCM_NONCE_MID_SZ, tag,
+        SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, NULL, NULL, 0, nonce, GCM_NONCE_MID_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
+
+    /* Check vald values of nonce - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+        GCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
+        SM4_GCM_AUTH_E);
+
+    /* Check valid values of tag size - wc_Sm4GcmEncrypt/wc_Sm4GcmDecrypt. */
+    for (i = WOLFSSL_MIN_AUTH_TAG_SZ; i < SM4_BLOCK_SIZE; i++) {
+        ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+            GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
+        ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+            GCM_NONCE_MID_SZ, tag, i, aad, sizeof(aad)), 0);
+    }
+
+    /* Check different in/out sizes. */
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 0, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, out, in, 0, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, 1, nonce,
+        GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
+        XMEMCPY(out2, out, i - 1);
+        ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, out, in, i, nonce, GCM_NONCE_MID_SZ,
+            tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
+        ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, dec, out, i, nonce, GCM_NONCE_MID_SZ,
+            tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(in, dec, i), 0);
+    }
+
+    /* Force the counter to roll over in first byte. */
+    {
+        static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
+        static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
+
+        ExpectIntEQ(wc_Sm4GcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
+            nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(wc_Sm4GcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
+            nonce, GCM_NONCE_MID_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
+    }
+
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+} /* END test_wc_Sm4Gcm */
+
+/*
+ * Testing stream SM4-CCM API.
+ */
+static int test_wc_Sm4Ccm(void)
+{
+    int res = TEST_SKIPPED;
+#ifdef WOLFSSL_SM4_CCM
+    EXPECT_DECLS;
+    wc_Sm4 sm4;
+    unsigned char key[SM4_KEY_SIZE];
+    unsigned char nonce[CCM_NONCE_MAX_SZ];
+    unsigned char in[SM4_BLOCK_SIZE * 2];
+    unsigned char in2[SM4_BLOCK_SIZE * 2];
+    unsigned char out[SM4_BLOCK_SIZE * 2];
+    unsigned char out2[SM4_BLOCK_SIZE * 2];
+    unsigned char dec[SM4_BLOCK_SIZE * 2];
+    unsigned char tag[SM4_BLOCK_SIZE];
+    unsigned char aad[SM4_BLOCK_SIZE * 2];
+    word32 i;
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(nonce, 0, sizeof(nonce));
+    XMEMSET(in, 0, sizeof(in));
+    XMEMSET(in2, 0, sizeof(in2));
+    XMEMSET(aad, 0, sizeof(aad));
+
+    ExpectIntEQ(wc_Sm4Init(&sm4, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), MISSING_KEY);
+    ExpectIntEQ(wc_Sm4SetKey(&sm4, key, SM4_KEY_SIZE), 0);
+
+    /* Invalid parameters - wc_Sm4CcmEncrypt. */
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+        NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+        SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, 0, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
+        NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        WOLFSSL_MIN_AUTH_TAG_SZ-1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE+1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+    /* Invalid parameters - wc_Sm4CcmDecrypt. */
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, NULL, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, in, 1, NULL, 0, NULL, 0, NULL,
+        0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+        NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, NULL, NULL, 1, NULL, 0, tag,
+        SM4_BLOCK_SIZE, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(NULL, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, in, 1, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, NULL, 1, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, NULL, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, 0, tag,
+        SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ,
+        NULL, SM4_BLOCK_SIZE, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        WOLFSSL_MIN_AUTH_TAG_SZ - 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 1, nonce, CCM_NONCE_MAX_SZ, tag,
+        SM4_BLOCK_SIZE + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+
+    /* Valid cases - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, NULL, NULL, 0, nonce, CCM_NONCE_MAX_SZ,
+        tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 1), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE * 2, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE * 2, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(XMEMCMP(in2, out, SM4_BLOCK_SIZE * 2), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in2, in2, SM4_BLOCK_SIZE * 2, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    ExpectIntEQ(XMEMCMP(in2, in, SM4_BLOCK_SIZE * 2), 0);
+
+    /* Check vald values of nonce - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+    for (i = CCM_NONCE_MIN_SZ; i <= CCM_NONCE_MAX_SZ; i++) {
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+            i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+            i, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+    }
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+        CCM_NONCE_MIN_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)),
+        SM4_CCM_AUTH_E);
+
+    /* Check invalid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt. */
+    for (i = 0; i < 4; i++) {
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    }
+    /*   Odd values in range 4..SM4_BLOCK_SIZE. */
+    for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2 + 1, aad, sizeof(aad)), BAD_FUNC_ARG);
+    }
+    /* Check valid values of tag size - wc_Sm4CcmEncrypt/wc_Sm4CcmDecrypt.
+     * Even values in range 4..SM4_BLOCK_SIZE.
+     */
+    for (i = 2; i < SM4_BLOCK_SIZE / 2; i++) {
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, in, out, SM4_BLOCK_SIZE, nonce,
+            CCM_NONCE_MAX_SZ, tag, i * 2, aad, sizeof(aad)), 0);
+    }
+
+    /* Check different in/out sizes. */
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 0, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, out, in, 0, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, 1, nonce,
+        CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, NULL, 0), 0);
+    for (i = 2; i <= SM4_BLOCK_SIZE * 2; i++) {
+        XMEMCPY(out2, out, i - 1);
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, out, in, i, nonce, CCM_NONCE_MAX_SZ,
+            tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(out, out2, i - 1), 0);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, dec, out, i, nonce, CCM_NONCE_MAX_SZ,
+            tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(in, dec, i), 0);
+    }
+
+    /* Force the counter to roll over in first byte. */
+    {
+        static unsigned char largeIn[256 * SM4_BLOCK_SIZE];
+        static unsigned char largeOut[256 * SM4_BLOCK_SIZE];
+
+        ExpectIntEQ(wc_Sm4CcmEncrypt(&sm4, largeOut, largeIn, sizeof(largeIn),
+            nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(wc_Sm4CcmDecrypt(&sm4, largeOut, largeOut, sizeof(largeIn),
+            nonce, CCM_NONCE_MAX_SZ, tag, SM4_BLOCK_SIZE, aad, sizeof(aad)), 0);
+        ExpectIntEQ(XMEMCMP(largeOut, largeIn, sizeof(largeIn)), 0);
+    }
+
+    wc_Sm4Free(&sm4);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+} /* END test_wc_Sm4Ccm */
 
 
 /*
@@ -17785,55 +16993,36 @@ static int test_wc_AesGcmStream(void)
  */
 static int test_wc_Des3_SetIV(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DES3
     Des3 des;
-    int  ret = 0;
-    const byte key[] =
-    {
+    const byte key[] = {
         0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
         0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
         0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
     };
-
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
         0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
         0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
     };
 
-    ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&des, 0, sizeof(Des3));
 
-    /* DES_ENCRYPTION or DES_DECRYPTION */
-    ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
+    ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
 
-    if (ret == 0) {
-        if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* DES_ENCRYPTION or DES_DECRYPTION */
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+    ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
 
 #ifndef HAVE_FIPS /* no sanity checks with FIPS wrapper */
     /* Test explicitly wc_Des3_SetIV()  */
-    if (ret == 0) {
-        ret = wc_Des3_SetIV(NULL, iv);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_SetIV(&des, NULL);
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Des3_SetIV(NULL, iv), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_SetIV(&des, NULL), 0);
 #endif
-
     wc_Des3Free(&des);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Des3_SetIV */
 
@@ -17842,56 +17031,38 @@ static int test_wc_Des3_SetIV(void)
  */
 static int test_wc_Des3_SetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DES3
     Des3 des;
-    int  ret = 0;
-    const byte key[] =
-    {
+    const byte key[] = {
         0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
         0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
         0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
     };
-
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
         0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
         0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
     };
 
-    ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&des, 0, sizeof(Des3));
+
+    ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
 
     /* DES_ENCRYPTION or DES_DECRYPTION */
-    ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
-    if (ret == 0) {
-        if (XMEMCMP(iv, des.reg, DES_BLOCK_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+    ExpectIntEQ(XMEMCMP(iv, des.reg, DES_BLOCK_SIZE), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_SetKey(&des, key, iv, -1);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            /* Default case. Should return 0. */
-            ret = wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION);
-        }
-    } /* END if ret != 0 */
+    ExpectIntEQ(wc_Des3_SetKey(NULL, key, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_SetKey(&des, NULL, iv, DES_ENCRYPTION), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, -1), BAD_FUNC_ARG);
+    /* Default case. Should return 0. */
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, NULL, DES_ENCRYPTION), 0);
 
     wc_Des3Free(&des);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Des3_SetKey */
 
@@ -17901,94 +17072,50 @@ static int test_wc_Des3_SetKey(void)
  */
 static int test_wc_Des3_CbcEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DES3
     Des3 des;
-    int ret = 0;
     byte cipher[24];
     byte plain[24];
-
-    const byte key[] =
-    {
+    const byte key[] = {
         0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
         0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
         0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
     };
-
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
         0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
         0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
     };
-
     const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
 
-    ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
-    ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
-
-    if (ret == 0) {
-        ret = wc_Des3_CbcEncrypt(&des, cipher, vector, 24);
+    XMEMSET(&des, 0, sizeof(Des3));
 
-        if (ret == 0) {
-            ret = wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION);
-        }
-        if (ret == 0) {
-            ret = wc_Des3_CbcDecrypt(&des, plain, cipher, 24);
-        }
-    }
+    ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
 
-    if (ret == 0) {
-        if (XMEMCMP(plain, vector, 24) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, vector, 24), 0);
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_DECRYPTION), 0);
+    ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, cipher, 24), 0);
+    ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_Des3_CbcEncrypt(NULL, cipher, vector, 24);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcEncrypt(&des, NULL, vector, 24);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector));
-        }
-        if (ret != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_Des3_CbcEncrypt(NULL, cipher, vector, 24), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcEncrypt(&des, NULL, vector, 24), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcEncrypt(&des, cipher, NULL, sizeof(vector)),
+        BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_Des3_CbcDecrypt(NULL, plain, cipher, 24);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcDecrypt(&des, NULL, cipher, 24);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcDecrypt(&des, plain, NULL, 24);
-        }
-        if (ret != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_Des3_CbcDecrypt(NULL, plain, cipher, 24), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcDecrypt(&des, NULL, cipher, 24), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcDecrypt(&des, plain, NULL, 24), BAD_FUNC_ARG);
 
     wc_Des3Free(&des);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END wc_Des3_CbcEncrypt */
 
@@ -17997,166 +17124,101 @@ static int test_wc_Des3_CbcEncryptDecrypt(void)
  */
 static int test_wc_Des3_CbcEncryptDecryptWithKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DES3
-    int ret = 0;
     word32 vectorSz, cipherSz;
     byte cipher[24];
     byte plain[24];
-
-    byte vector[] = /* Now is the time for all w/o trailing 0 */
-    {
+    byte vector[] = { /* Now is the time for all w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
-
-    byte key[] =
-    {
+    byte key[] = {
         0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
         0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
         0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
     };
-
-    byte iv[] =
-    {
+    byte iv[] = {
         0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
         0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
         0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
     };
 
-
     vectorSz = sizeof(byte) * 24;
     cipherSz = sizeof(byte) * 24;
 
-    ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv);
-    if (ret == 0) {
-        ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv);
-        if (ret == 0) {
-            if (XMEMCMP(plain, vector, 24) !=  0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, iv),
+        0);
+    ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, iv), 0);
+    ExpectIntEQ(XMEMCMP(plain, vector, 24), 0);
 
     /* pass in bad args. */
-    if (ret == 0) {
-        ret = wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz,
-                                                                    key, NULL);
-        }
-        else {
-            /* Return code catch. */
-            ret = WOLFSSL_FAILURE;
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL);
-        }
-        else {
-            ret = WOLFSSL_FAILURE;
-        }
-    }
+    ExpectIntEQ(wc_Des3_CbcEncryptWithKey(NULL, vector, vectorSz, key, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, NULL, vectorSz, key, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, NULL, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcEncryptWithKey(cipher, vector, vectorSz, key, NULL),
+        0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Des3_CbcDecryptWithKey(NULL, cipher, cipherSz, key, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, NULL, cipherSz, key, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, NULL, iv),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_CbcDecryptWithKey(plain, cipher, cipherSz, key, NULL),
+        0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Des3_CbcEncryptDecryptWithKey */
 /*
  *  Unit test for wc_Des3_EcbEncrypt
  */
 static int test_wc_Des3_EcbEncrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
     Des3    des;
-    int     ret = 0;
     byte    cipher[24];
     word32  cipherSz = sizeof(cipher);
-
-    const byte key[] =
-    {
+    const byte key[] = {
         0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
         0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
         0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
     };
-
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
         0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
         0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
     };
-
     const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
 
-    ret = wc_Des3Init(&des, NULL, INVALID_DEVID);
-    if (ret != 0) {
-        return ret;
-    }
-    if (ret == 0 ) {
-        ret = wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION);
-    }
+    XMEMSET(&des, 0, sizeof(Des3));
+
+    ExpectIntEQ(wc_Des3Init(&des, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Des3_SetKey(&des, key, iv, DES_ENCRYPTION), 0);
+
     /* Bad Cases */
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(&des, cipher, vector, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(NULL, 0, NULL, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, 0, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_EcbEncrypt(NULL, cipher, vector, cipherSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_EcbEncrypt(&des, 0, vector, cipherSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, NULL, cipherSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, 0), 0);
+
     /* Good Cases */
-    if (ret == 0) {
-        ret = wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz);
-    }
-    wc_Des3Free(&des);
+    ExpectIntEQ(wc_Des3_EcbEncrypt(&des, cipher, vector, cipherSz), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    wc_Des3Free(&des);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Des3_EcbEncrypt */
 
 /*
@@ -18164,51 +17226,29 @@ static int test_wc_Des3_EcbEncrypt(void)
  */
 static int test_wc_Chacha_SetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CHACHA
-    ChaCha      ctx;
-    const byte  key[] =
-    {
+    ChaCha     ctx;
+    const byte key[] = {
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
     };
-    byte        cipher[128];
-    int         ret = 0;
+    word32 keySz = (word32)(sizeof(key)/sizeof(byte));
+    byte       cipher[128];
 
-    ret = wc_Chacha_SetKey(&ctx, key, (word32)(sizeof(key)/sizeof(byte)));
+    XMEMSET(cipher, 0, sizeof(cipher));
+    ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, keySz), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Chacha_SetKey(NULL, key, (word32)(sizeof(key)/sizeof(byte)));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Chacha_SetKey(&ctx, key, 18);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Chacha_SetKey(NULL, key, keySz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Chacha_SetKey(&ctx, key, 18), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_Chacha_SetIV(&ctx, cipher, 0);
-    }
-    if (ret == 0) {
-        /* Test bad args. */
-        ret = wc_Chacha_SetIV(NULL, cipher, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FAILURE;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Chacha_SetIV(&ctx, cipher, 0), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_Chacha_SetIV(NULL, cipher, 0), BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Chacha_SetKey */
 
 /*
@@ -18216,9 +17256,9 @@ static int test_wc_Chacha_SetKey(void)
  */
 static int test_wc_Poly1305SetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_POLY1305
-    Poly1305      ctx;
+    Poly1305    ctx;
     const byte  key[] =
     {
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -18226,29 +17266,16 @@ static int test_wc_Poly1305SetKey(void)
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
          0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
     };
-    int ret = 0;
+    word32 keySz = (word32)(sizeof(key)/sizeof(byte));
 
-    ret = wc_Poly1305SetKey(&ctx, key, (word32)(sizeof(key)/sizeof(byte)));
-    /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Poly1305SetKey(NULL, key, (word32)(sizeof(key)/sizeof(byte)));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Poly1305SetKey(&ctx, NULL, (word32)(sizeof(key)/sizeof(byte)));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Poly1305SetKey(&ctx, key, 18);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, keySz), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_Poly1305SetKey(NULL, key,keySz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Poly1305SetKey(&ctx, NULL, keySz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Poly1305SetKey(&ctx, key, 18), BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Poly1305_SetKey() */
 
 /*
@@ -18256,7 +17283,7 @@ static int test_wc_Poly1305SetKey(void)
  */
 static int test_wc_Chacha_Process(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CHACHA
     ChaCha      enc, dec;
     byte        cipher[128];
@@ -18271,47 +17298,35 @@ static int test_wc_Chacha_Process(void)
     const char* input = "Everybody gets Friday off.";
     word32      keySz = sizeof(key)/sizeof(byte);
     unsigned long int inlen = XSTRLEN(input);
-    int         ret = 0;
 
-    /*Initialize stack varialbes.*/
+    /* Initialize stack variables. */
     XMEMSET(cipher, 0, 128);
     XMEMSET(plain, 0, 128);
 
-    ret = wc_Chacha_SetKey(&enc, key, keySz);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_SetKey(&dec, key, keySz);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_SetIV(&enc, cipher, 0);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_SetIV(&dec, cipher, 0);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_Chacha_SetKey(&enc, key, keySz), 0);
+    ExpectIntEQ(wc_Chacha_SetKey(&dec, key, keySz), 0);
+    ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
+    ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
 
-    ret = wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_Process(&dec, plain, cipher, (word32)inlen);
-    AssertIntEQ(ret, 0);
-    ret = XMEMCMP(input, plain, (int)inlen);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen),
+        0);
+    ExpectIntEQ(wc_Chacha_Process(&dec, plain, cipher, (word32)inlen), 0);
+    ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
 
 #if !defined(USE_INTEL_CHACHA_SPEEDUP) && !defined(WOLFSSL_ARMASM)
     /* test checking and using leftovers, currently just in C code */
-    ret = wc_Chacha_SetIV(&enc, cipher, 0);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_SetIV(&dec, cipher, 0);
-    AssertIntEQ(ret, 0);
-
-    ret = wc_Chacha_Process(&enc, cipher, (byte*)input, (word32)inlen - 2);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_Process(&enc, cipher + (inlen - 2),
-            (byte*)input + (inlen - 2), 2);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_Process(&dec, plain, (byte*)cipher, (word32)inlen - 2);
-    AssertIntEQ(ret, 0);
-    ret = wc_Chacha_Process(&dec, cipher + (inlen - 2),
-            (byte*)input + (inlen - 2), 2);
-    AssertIntEQ(ret, 0);
-    ret = XMEMCMP(input, plain, (int)inlen);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_Chacha_SetIV(&enc, cipher, 0), 0);
+    ExpectIntEQ(wc_Chacha_SetIV(&dec, cipher, 0), 0);
+
+    ExpectIntEQ(wc_Chacha_Process(&enc, cipher, (byte*)input,
+        (word32)inlen - 2), 0);
+    ExpectIntEQ(wc_Chacha_Process(&enc, cipher + (inlen - 2),
+        (byte*)input + (inlen - 2), 2), 0);
+    ExpectIntEQ(wc_Chacha_Process(&dec, plain, (byte*)cipher,
+        (word32)inlen - 2), 0);
+    ExpectIntEQ(wc_Chacha_Process(&dec, cipher + (inlen - 2),
+        (byte*)input + (inlen - 2), 2), 0);
+    ExpectIntEQ(XMEMCMP(input, plain, (int)inlen), 0);
 
     /* check edge cases with counter increment */
     {
@@ -18360,38 +17375,28 @@ static int test_wc_Chacha_Process(void)
         for (i = 0; i < 256; i++)
             input2[i] = i;
 
-        ret = wc_Chacha_SetIV(&enc, iv2, 0);
-        AssertIntEQ(ret, 0);
+        ExpectIntEQ(wc_Chacha_SetIV(&enc, iv2, 0), 0);
 
-        ret = wc_Chacha_Process(&enc, cipher, input2, 64);
-        AssertIntEQ(ret, 0);
-        AssertIntEQ(XMEMCMP(expected, cipher, 64), 0);
+        ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2, 64), 0);
+        ExpectIntEQ(XMEMCMP(expected, cipher, 64), 0);
 
-        ret = wc_Chacha_Process(&enc, cipher, input2 + 64, 128);
-        AssertIntEQ(ret, 0);
-        AssertIntEQ(XMEMCMP(expected + 64, cipher, 128), 0);
+        ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 64, 128), 0);
+        ExpectIntEQ(XMEMCMP(expected + 64, cipher, 128), 0);
 
         /* partial */
-        ret = wc_Chacha_Process(&enc, cipher, input2 + 192, 32);
-        AssertIntEQ(ret, 0);
-        AssertIntEQ(XMEMCMP(expected + 192, cipher, 32), 0);
+        ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 192, 32), 0);
+        ExpectIntEQ(XMEMCMP(expected + 192, cipher, 32), 0);
 
-        ret = wc_Chacha_Process(&enc, cipher, input2 + 224, 32);
-        AssertIntEQ(ret, 0);
-        AssertIntEQ(XMEMCMP(expected + 224, cipher, 32), 0);
+        ExpectIntEQ(wc_Chacha_Process(&enc, cipher, input2 + 224, 32), 0);
+        ExpectIntEQ(XMEMCMP(expected + 224, cipher, 32), 0);
     }
 #endif
 
     /* Test bad args. */
-    ret = wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen);
-    AssertIntEQ(ret, BAD_FUNC_ARG);
-    if (ret == BAD_FUNC_ARG) {
-        ret = 0;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Chacha_Process(NULL, cipher, (byte*)input, (word32)inlen),
+        BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Chacha_Process */
 
 /*
@@ -18399,7 +17404,7 @@ static int test_wc_Chacha_Process(void)
  */
 static int test_wc_ChaCha20Poly1305_aead(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
     const byte  key[] = {
         0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
@@ -18407,7 +17412,6 @@ static int test_wc_ChaCha20Poly1305_aead(void)
         0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
         0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f
     };
-
     const byte  plaintext[] = {
         0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61,
         0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c,
@@ -18425,12 +17429,10 @@ static int test_wc_ChaCha20Poly1305_aead(void)
         0x75, 0x6c, 0x64, 0x20, 0x62, 0x65, 0x20, 0x69,
         0x74, 0x2e
     };
-
     const byte  iv[] = {
         0x07, 0x00, 0x00, 0x00, 0x40, 0x41, 0x42, 0x43,
         0x44, 0x45, 0x46, 0x47
     };
-
     const byte  aad[] = { /* additional data */
         0x50, 0x51, 0x52, 0x53, 0xc0, 0xc1, 0xc2, 0xc3,
         0xc4, 0xc5, 0xc6, 0xc7
@@ -18459,78 +17461,57 @@ static int test_wc_ChaCha20Poly1305_aead(void)
     byte        generatedCiphertext[272];
     byte        generatedPlaintext[272];
     byte        generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
-    int         ret = 0;
 
     /* Initialize stack variables. */
     XMEMSET(generatedCiphertext, 0, 272);
     XMEMSET(generatedPlaintext, 0, 272);
 
     /* Test Encrypt */
-    ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), plaintext,
-                sizeof(plaintext), generatedCiphertext, generatedAuthTag);
-    AssertIntEQ(ret, 0);
-    ret = XMEMCMP(generatedCiphertext, cipher, sizeof(cipher)/sizeof(byte));
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+        plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+        0);
+    ExpectIntEQ(XMEMCMP(generatedCiphertext, cipher,
+        sizeof(cipher)/sizeof(byte)), 0);
 
     /* Test bad args. */
-    ret = wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad), plaintext,
-                    sizeof(plaintext), generatedCiphertext, generatedAuthTag);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
-                                        plaintext, sizeof(plaintext),
-                                        generatedCiphertext, generatedAuthTag);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
-                    sizeof(plaintext), generatedCiphertext, generatedAuthTag);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
-                NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
-                    plaintext, sizeof(plaintext), NULL, generatedAuthTag);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
-                    plaintext, sizeof(plaintext), generatedCiphertext, NULL);
-    if (ret == BAD_FUNC_ARG) {
-        ret = 0;
-        (void)ret; /* suppress never read */
-    }
-
-    ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
-                            sizeof(cipher), authTag, generatedPlaintext);
-    AssertIntEQ(ret, 0);
-    ret = XMEMCMP(generatedPlaintext, plaintext,
-                                        sizeof(plaintext)/sizeof(byte));
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(NULL, iv, aad, sizeof(aad),
+        plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, NULL, aad, sizeof(aad),
+        plaintext, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad), NULL,
+        sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+        NULL, sizeof(plaintext), generatedCiphertext, generatedAuthTag),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+        plaintext, sizeof(plaintext), NULL, generatedAuthTag), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Encrypt(key, iv, aad, sizeof(aad),
+        plaintext, sizeof(plaintext), generatedCiphertext, NULL), BAD_FUNC_ARG);
 
-    /* Test bad args. */
-    ret = wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
-                                sizeof(cipher), authTag, generatedPlaintext);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
-                        cipher, sizeof(cipher), authTag, generatedPlaintext);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
-                                sizeof(cipher), authTag, generatedPlaintext);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
-                                    sizeof(cipher), NULL, generatedPlaintext);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
-                                                sizeof(cipher), authTag, NULL);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    ret = wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
-                                   sizeof(cipher), authTag, generatedPlaintext);
-    AssertIntEQ(ret,  BAD_FUNC_ARG);
-    if (ret == BAD_FUNC_ARG) {
-        ret = 0;
-    }
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+        sizeof(cipher), authTag, generatedPlaintext), 0);
+    ExpectIntEQ(XMEMCMP(generatedPlaintext, plaintext,
+        sizeof(plaintext)/sizeof(byte)), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(NULL, iv, aad, sizeof(aad), cipher,
+        sizeof(cipher), authTag, generatedPlaintext),  BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, NULL, aad, sizeof(aad),
+        cipher, sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
+        sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+        sizeof(cipher), NULL, generatedPlaintext), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), cipher,
+        sizeof(cipher), authTag, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ChaCha20Poly1305_Decrypt(key, iv, aad, sizeof(aad), NULL,
+        sizeof(cipher), authTag, generatedPlaintext), BAD_FUNC_ARG);
 #endif
-    return res;
-
-} /* END test-wc_ChaCha20Poly1305_EncryptDecrypt */
+    return EXPECT_RESULT();
+} /* END test_wc_ChaCha20Poly1305_aead */
 
 
 /*
@@ -18538,78 +17519,38 @@ static int test_wc_ChaCha20Poly1305_aead(void)
  */
 static int test_wc_Rc2SetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WC_RC2
-    Rc2     rc2;
-    byte    key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
-    byte    iv[]    = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
-    int     ret = 0;
+    Rc2  rc2;
+    byte key40[] = { 0x01, 0x02, 0x03, 0x04, 0x05 };
+    byte iv[]    = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
 
     /* valid key and IV */
-    ret = wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
-                       iv, 40);
-    if (ret == 0) {
-        /* valid key, no IV */
-        ret = wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
-                           NULL, 40);
-    }
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
+        iv, 40), 0);
+    /* valid key, no IV */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32) sizeof(key40) / sizeof(byte),
+        NULL, 40), 0);
 
     /* bad arguments  */
-    if (ret == 0) {
-        /* null Rc2 struct */
-        ret = wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte),
-                           iv, 40);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null key */
-        ret = wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte),
-                           iv, 40);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* key size == 0 */
-        ret = wc_Rc2SetKey(&rc2, key40, 0, iv, 40);
-        if (ret == WC_KEY_SIZE_E) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* key size > 128 */
-        ret = wc_Rc2SetKey(&rc2, key40, 129, iv, 40);
-        if (ret == WC_KEY_SIZE_E) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* effective bits == 0 */
-        ret = wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
-                           iv, 0);
-        if (ret == WC_KEY_SIZE_E) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* effective bits > 1024 */
-        ret = wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
-                           iv, 1025);
-        if (ret == WC_KEY_SIZE_E) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    /* null Rc2 struct */
+    ExpectIntEQ(wc_Rc2SetKey(NULL, key40, (word32) sizeof(key40) / sizeof(byte),
+        iv, 40), BAD_FUNC_ARG);
+    /* null key */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, NULL, (word32) sizeof(key40) / sizeof(byte),
+        iv, 40), BAD_FUNC_ARG);
+    /* key size == 0 */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 0, iv, 40), WC_KEY_SIZE_E);
+    /* key size > 128 */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, 129, iv, 40), WC_KEY_SIZE_E);
+    /* effective bits == 0 */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
+        iv, 0), WC_KEY_SIZE_E);
+    /* effective bits > 1024 */
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key40, (word32)sizeof(key40) / sizeof(byte),
+        iv, 1025), WC_KEY_SIZE_E);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_Rc2SetKey */
 
 /*
@@ -18617,46 +17558,34 @@ static int test_wc_Rc2SetKey(void)
  */
 static int test_wc_Rc2SetIV(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WC_RC2
-    Rc2     rc2;
-    byte    iv[]    = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
-    int     ret = 0;
+    Rc2  rc2;
+    byte iv[] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 };
 
     /* valid IV */
-    ret = wc_Rc2SetIV(&rc2, iv);
-    if (ret == 0) {
-        /* valid NULL IV */
-        ret = wc_Rc2SetIV(&rc2, NULL);
-    }
+    ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
+    /* valid NULL IV */
+    ExpectIntEQ(wc_Rc2SetIV(&rc2, NULL), 0);
 
     /* bad arguments */
-    if (ret == 0) {
-        ret = wc_Rc2SetIV(NULL, iv);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Rc2SetIV(NULL, iv), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Rc2SetIV(NULL, NULL), BAD_FUNC_ARG);
 #endif
-    return res;
-} /* END test_wc_Rc2SetKey */
+    return EXPECT_RESULT();
+} /* END test_wc_Rc2SetIV */
 
 /*
- * Testing function for wc_Rc2EcbEncrypt().
+ * Testing function for wc_Rc2EcbEncrypt() and wc_Rc2EcbDecrypt().
  */
 static int test_wc_Rc2EcbEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WC_RC2
-    Rc2     rc2;
-    int     ret = 0;
+    Rc2 rc2;
     int effectiveKeyBits = 63;
-
     byte cipher[RC2_BLOCK_SIZE];
     byte plain[RC2_BLOCK_SIZE];
-
     byte key[]    = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
     byte input[]  = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
     byte output[] = { 0xeb, 0xb7, 0x73, 0xf9, 0x93, 0x27, 0x8e, 0xff };
@@ -18664,115 +17593,62 @@ static int test_wc_Rc2EcbEncryptDecrypt(void)
     XMEMSET(cipher, 0, sizeof(cipher));
     XMEMSET(plain, 0, sizeof(plain));
 
-    ret = wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
-                       NULL, effectiveKeyBits);
-    if (ret == 0) {
-        ret = wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE);
-        if (ret != 0 || XMEMCMP(cipher, output, RC2_BLOCK_SIZE) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
+        NULL, effectiveKeyBits), 0);
+    ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, RC2_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(cipher, output, RC2_BLOCK_SIZE), 0);
 
-        if (ret == 0) {
-            ret = wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE);
-            if (ret != 0 || XMEMCMP(plain, input, RC2_BLOCK_SIZE) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, cipher, RC2_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(plain, input, RC2_BLOCK_SIZE), 0);
 
     /* Rc2EcbEncrypt bad arguments */
-    if (ret == 0) {
-        /* null Rc2 struct */
-        ret = wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null out buffer */
-        ret = wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null input buffer */
-        ret = wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* output buffer sz != RC2_BLOCK_SIZE (8) */
-        ret = wc_Rc2EcbEncrypt(&rc2, cipher, input, 7);
-        if (ret == BUFFER_E) {
-            ret = 0;
-        }
-    }
+    /* null Rc2 struct */
+    ExpectIntEQ(wc_Rc2EcbEncrypt(NULL, cipher, input, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* null out buffer */
+    ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, NULL, input, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* null input buffer */
+    ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, NULL, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* output buffer sz != RC2_BLOCK_SIZE (8) */
+    ExpectIntEQ(wc_Rc2EcbEncrypt(&rc2, cipher, input, 7), BUFFER_E);
 
     /* Rc2EcbDecrypt bad arguments */
-    if (ret == 0) {
-        /* null Rc2 struct */
-        ret = wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null out buffer */
-        ret = wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null input buffer */
-        ret = wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* output buffer sz != RC2_BLOCK_SIZE (8) */
-        ret = wc_Rc2EcbDecrypt(&rc2, plain, output, 7);
-        if (ret == BUFFER_E) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    /* null Rc2 struct */
+    ExpectIntEQ(wc_Rc2EcbDecrypt(NULL, plain, output, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* null out buffer */
+    ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, NULL, output, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* null input buffer */
+    ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, NULL, RC2_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    /* output buffer sz != RC2_BLOCK_SIZE (8) */
+    ExpectIntEQ(wc_Rc2EcbDecrypt(&rc2, plain, output, 7), BUFFER_E);
 #endif
-    return res;
-} /* END test_wc_Rc2SetKey */
+    return EXPECT_RESULT();
+} /* END test_wc_Rc2EcbEncryptDecrypt */
 
 /*
- * Testing function for wc_Rc2CbcEncrypt().
+ * Testing function for wc_Rc2CbcEncrypt() and wc_Rc2CbcDecrypt().
  */
 static int test_wc_Rc2CbcEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WC_RC2
-    Rc2     rc2;
-    int     ret = 0;
+    Rc2 rc2;
     int effectiveKeyBits = 63;
-
     byte cipher[RC2_BLOCK_SIZE*2];
     byte plain[RC2_BLOCK_SIZE*2];
-
     /* vector taken from test.c */
-    byte key[]    = {
+    byte key[] = {
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
     };
     byte iv[] = {
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
     };
-    byte input[]  = {
+    byte input[] = {
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
     };
@@ -18784,88 +17660,42 @@ static int test_wc_Rc2CbcEncryptDecrypt(void)
     XMEMSET(cipher, 0, sizeof(cipher));
     XMEMSET(plain, 0, sizeof(plain));
 
-    ret = wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
-                       iv, effectiveKeyBits);
-    if (ret == 0) {
-        ret = wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input));
-        if (ret != 0 || XMEMCMP(cipher, output, sizeof(output)) != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            /* reset IV for decrypt */
-            ret = wc_Rc2SetIV(&rc2, iv);
-        }
+    ExpectIntEQ(wc_Rc2SetKey(&rc2, key, (word32) sizeof(key) / sizeof(byte),
+        iv, effectiveKeyBits), 0);
+    ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, input, sizeof(input)), 0);
+    ExpectIntEQ(XMEMCMP(cipher, output, sizeof(output)), 0);
 
-        if (ret == 0) {
-            ret = wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher));
-            if (ret != 0 || XMEMCMP(plain, input, sizeof(input)) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* reset IV for decrypt */
+    ExpectIntEQ(wc_Rc2SetIV(&rc2, iv), 0);
+    ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, cipher, sizeof(cipher)), 0);
+    ExpectIntEQ(XMEMCMP(plain, input, sizeof(input)), 0);
 
     /* Rc2CbcEncrypt bad arguments */
-    if (ret == 0) {
-        /* null Rc2 struct */
-        ret = wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null out buffer */
-        ret = wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null input buffer */
-        ret = wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    /* null Rc2 struct */
+    ExpectIntEQ(wc_Rc2CbcEncrypt(NULL, cipher, input, sizeof(input)),
+        BAD_FUNC_ARG);
+    /* null out buffer */
+    ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, NULL, input, sizeof(input)),
+        BAD_FUNC_ARG);
+    /* null input buffer */
+    ExpectIntEQ(wc_Rc2CbcEncrypt(&rc2, cipher, NULL, sizeof(input)),
+        BAD_FUNC_ARG);
 
     /* Rc2CbcDecrypt bad arguments */
-    if (ret == 0) {
-        /* in size is 0 */
-        ret = wc_Rc2CbcDecrypt(&rc2, plain, output, 0);
-        if (ret != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (ret == 0) {
-        /* null Rc2 struct */
-        ret = wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null out buffer */
-        ret = wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    if (ret == 0) {
-        /* null input buffer */
-        ret = wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output));
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    /* in size is 0 */
+    ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, output, 0), 0);
+    /* null Rc2 struct */
+    ExpectIntEQ(wc_Rc2CbcDecrypt(NULL, plain, output, sizeof(output)),
+        BAD_FUNC_ARG);
+    /* null out buffer */
+    ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, NULL, output, sizeof(output)),
+        BAD_FUNC_ARG);
+    /* null input buffer */
+    ExpectIntEQ(wc_Rc2CbcDecrypt(&rc2, plain, NULL, sizeof(output)),
+        BAD_FUNC_ARG);
 #endif
-    return res;
-} /* END test_wc_Rc2SetKey */
+    return EXPECT_RESULT();
+} /* END test_wc_Rc2CbcEncryptDecrypt */
 
 
 /*
@@ -18919,82 +17749,61 @@ static int test_wc_AesSetIV(void)
  */
 static int test_wc_AesSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_AES
-    Aes     aes;
-    int     ret = 0;
-    byte    key16[] =
-    {
+    Aes  aes;
+    byte key16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #ifdef WOLFSSL_AES_192
-    byte    key24[] =
-    {
+    byte key24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
     };
 #endif
 #ifdef WOLFSSL_AES_256
-    byte    key32[] =
-    {
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #endif
-    byte    badKey16[] =
-    {
+    byte badKey16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
     };
-    byte    iv[]    = "1234567890abcdef";
+    byte iv[] = "1234567890abcdef";
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&aes, 0, sizeof(Aes));
+
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
 
 #ifdef WOLFSSL_AES_128
-    ret = wc_AesSetKey(&aes, key16, (word32) sizeof(key16) / sizeof(byte),
-                                                        iv, AES_ENCRYPTION);
+    ExpectIntEQ(wc_AesSetKey(&aes, key16, (word32)sizeof(key16) / sizeof(byte),
+        iv, AES_ENCRYPTION), 0);
 #endif
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        ret = wc_AesSetKey (&aes, key24, (word32) sizeof(key24) / sizeof(byte),
-                                                           iv, AES_ENCRYPTION);
-    }
+    ExpectIntEQ(wc_AesSetKey(&aes, key24, (word32)sizeof(key24) / sizeof(byte),
+        iv, AES_ENCRYPTION), 0);
 #endif
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        ret = wc_AesSetKey (&aes, key32, (word32) sizeof(key32) / sizeof(byte),
-                                                           iv, AES_ENCRYPTION);
-    }
+    ExpectIntEQ(wc_AesSetKey(&aes, key32, (word32)sizeof(key32) / sizeof(byte),
+        iv, AES_ENCRYPTION), 0);
 #endif
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_AesSetKey (NULL, key16, (word32) sizeof(key16) / sizeof(byte),
-                                                           iv, AES_ENCRYPTION);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_AesSetKey(&aes, badKey16,
-                                    (word32) sizeof(badKey16) / sizeof(byte),
-                                                         iv, AES_ENCRYPTION);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_AesSetKey(NULL, key16, (word32)sizeof(key16) / sizeof(byte),
+        iv, AES_ENCRYPTION), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesSetKey(&aes, badKey16,
+        (word32)sizeof(badKey16) / sizeof(byte), iv, AES_ENCRYPTION),
+        BAD_FUNC_ARG);
 
     wc_AesFree(&aes);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_AesSetKey */
 
 
@@ -19005,192 +17814,110 @@ static int test_wc_AesSetKey(void)
  */
 static int test_wc_AesCbcEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(HAVE_AES_DECRYPT)&& \
     defined(WOLFSSL_AES_256)
-    Aes     aes;
-    int     ret = 0;
-    byte    key32[] =
-    {
+    Aes  aes;
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
-    byte    vector[] = /* Now is the time for all good men w/o trailing 0 */
-    {
-        0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
-        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
-        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20,
-        0x67,0x6f,0x6f,0x64,0x20,0x6d,0x65,0x6e
+    byte vector[] = { /* Now is the time for all good men w/o trailing 0 */
+        0x4e, 0x6f, 0x77, 0x20, 0x69, 0x73, 0x20, 0x74,
+        0x68, 0x65, 0x20, 0x74, 0x69, 0x6d, 0x65, 0x20,
+        0x66, 0x6f, 0x72, 0x20, 0x61, 0x6c, 0x6c, 0x20,
+        0x67, 0x6f, 0x6f, 0x64, 0x20, 0x6d, 0x65, 0x6e
     };
-    byte    iv[]    = "1234567890abcdef";
+    byte    iv[]   = "1234567890abcdef";
     byte    enc[sizeof(vector)];
     byte    dec[sizeof(vector)];
-    int     cbcE    =   WOLFSSL_FATAL_ERROR;
-    int     cbcD    =   WOLFSSL_FATAL_ERROR;
-    int     cbcDWK  =   WOLFSSL_FATAL_ERROR;
     byte    dec2[sizeof(vector)];
 
     /* Init stack variables. */
+    XMEMSET(&aes, 0, sizeof(Aes));
     XMEMSET(enc, 0, sizeof(enc));
     XMEMSET(dec, 0, sizeof(vector));
     XMEMSET(dec2, 0, sizeof(vector));
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
+        AES_ENCRYPTION), 0);
+    ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector)), 0);
 
-    ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv, AES_ENCRYPTION);
-    if (ret == 0) {
-        ret = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector));
-        if (ret == 0) {
-            /* Re init for decrypt and set flag. */
-            cbcE = 0;
-            wc_AesFree(&aes);
-            ret = wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2,
-                                                    iv, AES_DECRYPTION);
-        }
-        if (ret == 0) {
-            ret = wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector));
-            if (ret != 0 || XMEMCMP(vector, dec, sizeof(vector)) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-            else {
-                /* Set flag. */
-                cbcD = 0;
-            }
-        }
-    }
-    /* If encrypt succeeds but cbc decrypt fails, we can still test. */
-    if (ret == 0 || cbcE == 0) {
-        ret = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
-                                     key32, sizeof(key32)/sizeof(byte), iv);
-        if (ret == 0 || XMEMCMP(vector, dec2, AES_BLOCK_SIZE) == 0) {
-            cbcDWK = 0;
-        }
-    }
+    /* Re init for decrypt and set flag. */
+    ExpectIntEQ(wc_AesSetKey(&aes, key32, AES_BLOCK_SIZE * 2, iv,
+        AES_DECRYPTION), 0);
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, sizeof(vector)), 0);
+    ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
+
+    ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE, key32,
+        sizeof(key32)/sizeof(byte), iv), 0);
+    ExpectIntEQ(XMEMCMP(vector, dec2, AES_BLOCK_SIZE), 0);
 
     /* Pass in bad args */
-    if (cbcE == 0) {
-        cbcE = wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector));
-        if (cbcE == BAD_FUNC_ARG) {
-            cbcE = wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector));
-        }
-        if (cbcE == BAD_FUNC_ARG) {
-            cbcE = wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector));
-        }
-        if (cbcE == BAD_FUNC_ARG) {
-            cbcE = 0;
-        }
-        else {
-            cbcE = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_AesCbcEncrypt(NULL, enc, vector, sizeof(vector)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcEncrypt(&aes, NULL, vector, sizeof(vector)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, NULL, sizeof(vector)),
+        BAD_FUNC_ARG);
 #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (cbcE == 0) {
-            cbcE = wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1);
-        }
-        if (cbcE == BAD_LENGTH_E) {
-            cbcE = 0;
-        }
-        else {
-            cbcE = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, sizeof(vector) - 1),
+        BAD_LENGTH_E);
 #endif
+#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
+    (HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI)
+    fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS "
+                    "mode (v2), skip test");
+#else
+    /* Test passing in size of 0  */
+    XMEMSET(enc, 0, sizeof(enc));
+    ExpectIntEQ(wc_AesCbcEncrypt(&aes, enc, vector, 0), 0);
+    /* Check enc was not modified */
+    {
+        int i;
+        for (i = 0; i < (int)sizeof(enc); i++)
+            ExpectIntEQ(enc[i], 0);
     }
-    if (cbcE == 0) {
-    #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
-        (HAVE_FIPS_VERSION == 2) && defined(WOLFSSL_AESNI)
-        fprintf(stderr, "Zero length inputs not supported with AESNI in FIPS "
-                        "mode (v2), skip test");
-    #else
-        /* Test passing in size of 0  */
-        XMEMSET(enc, 0, sizeof(enc));
-        cbcE = wc_AesCbcEncrypt(&aes, enc, vector, 0);
-        if (cbcE == 0) {
-            /* Check enc was not modified */
-            int i;
-            for (i = 0; i < (int)sizeof(enc); i++)
-                cbcE |= enc[i];
-        }
-    #endif
-    }
-    if (cbcE != 0) {
-        wc_AesFree(&aes);
-        return TEST_FAIL;
-    }
+#endif
 
-    if (cbcD == 0) {
-        cbcD = wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE);
-        if (cbcD == BAD_FUNC_ARG) {
-            cbcD = wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE);
-        }
-        if (cbcD == BAD_FUNC_ARG) {
-            cbcD = wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE);
-        }
-        if (cbcD == BAD_FUNC_ARG) {
-            cbcD = wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1);
-        }
+    ExpectIntEQ(wc_AesCbcDecrypt(NULL, dec, enc, AES_BLOCK_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, NULL, enc, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, NULL, AES_BLOCK_SIZE),
+        BAD_FUNC_ARG);
 #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
-        if (cbcD == BAD_LENGTH_E) {
-            cbcD = 0;
-        }
-        else {
-            cbcD = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
+        BAD_LENGTH_E);
 #else
-        if (cbcD == BAD_FUNC_ARG) {
-            cbcD = 0;
-        }
-        else {
-            cbcD = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, AES_BLOCK_SIZE * 2 - 1),
+        BAD_FUNC_ARG);
 #endif
-    }
-    if (cbcD == 0) {
-        /* Test passing in size of 0  */
-        XMEMSET(dec, 0, sizeof(dec));
-        cbcD = wc_AesCbcDecrypt(&aes, dec, enc, 0);
-        if (cbcD == 0) {
-            /* Check dec was not modified */
-            int i;
-            for (i = 0; i < (int)sizeof(dec); i++)
-                cbcD |= dec[i];
-        }
-    }
-    if (cbcD != 0) {
-        wc_AesFree(&aes);
-        return TEST_FAIL;
-    }
 
-    if (cbcDWK == 0) {
-        cbcDWK = wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
-                                     key32, sizeof(key32)/sizeof(byte), iv);
-        if (cbcDWK == BAD_FUNC_ARG) {
-            cbcDWK = wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
-                                     key32, sizeof(key32)/sizeof(byte), iv);
-        }
-        if (cbcDWK == BAD_FUNC_ARG) {
-            cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
-                                     NULL, sizeof(key32)/sizeof(byte), iv);
-        }
-        if (cbcDWK == BAD_FUNC_ARG) {
-            cbcDWK = wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
-                                     key32, sizeof(key32)/sizeof(byte), NULL);
-        }
-        if (cbcDWK == BAD_FUNC_ARG) {
-            cbcDWK = 0;
-        }
-        else {
-            cbcDWK = WOLFSSL_FATAL_ERROR;
-        }
+    /* Test passing in size of 0  */
+    XMEMSET(dec, 0, sizeof(dec));
+    ExpectIntEQ(wc_AesCbcDecrypt(&aes, dec, enc, 0), 0);
+    /* Check dec was not modified */
+    {
+        int i;
+        for (i = 0; i < (int)sizeof(dec); i++)
+            ExpectIntEQ(dec[i], 0);
     }
 
-    wc_AesFree(&aes);
+    ExpectIntEQ(wc_AesCbcDecryptWithKey(NULL, enc, AES_BLOCK_SIZE,
+        key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, NULL, AES_BLOCK_SIZE,
+        key32, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
+        NULL, sizeof(key32)/sizeof(byte), iv), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCbcDecryptWithKey(dec2, enc, AES_BLOCK_SIZE,
+        key32, sizeof(key32)/sizeof(byte), NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(cbcDWK == 0);
+    wc_AesFree(&aes);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_AesCbcEncryptDecrypt */
 
 /*
@@ -19198,82 +17925,57 @@ static int test_wc_AesCbcEncryptDecrypt(void)
  */
 static int test_wc_AesCtrEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(WOLFSSL_AES_COUNTER) && defined(WOLFSSL_AES_256)
-    Aes     aesEnc, aesDec;
-    int     ret = 0;
-    byte    key32[] =
-    {
+    Aes aesEnc;
+    Aes aesDec;
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
-    byte    vector[] = /* Now is the time for all w/o trailing 0 */
-    {
+    byte vector[] = { /* Now is the time for all w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
-    byte    iv[]    = "1234567890abcdef";
-    byte    enc[AES_BLOCK_SIZE * 2];
-    byte    dec[AES_BLOCK_SIZE * 2];
+    byte iv[] = "1234567890abcdef";
+    byte enc[AES_BLOCK_SIZE * 2];
+    byte dec[AES_BLOCK_SIZE * 2];
 
     /* Init stack variables. */
+    XMEMSET(&aesEnc, 0, sizeof(Aes));
+    XMEMSET(&aesDec, 0, sizeof(Aes));
     XMEMSET(enc, 0, AES_BLOCK_SIZE * 2);
     XMEMSET(dec, 0, AES_BLOCK_SIZE * 2);
 
-    ret = wc_AesInit(&aesEnc, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-    ret = wc_AesInit(&aesDec, NULL, INVALID_DEVID);
-    if (ret != 0) {
-        wc_AesFree(&aesEnc);
-        return ret;
-    }
-
-    ret = wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2,
-                                                    iv, AES_ENCRYPTION);
-    if (ret == 0) {
-        ret = wc_AesCtrEncrypt(&aesEnc, enc, vector,
-                                            sizeof(vector)/sizeof(byte));
-        if (ret == 0) {
-            /* Decrypt with wc_AesCtrEncrypt() */
-            ret = wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2,
-                                                    iv, AES_ENCRYPTION);
-        }
-        if (ret == 0) {
-            ret = wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte));
-            if (ret != 0 || XMEMCMP(vector, dec, sizeof(vector))) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
+
+    ExpectIntEQ(wc_AesSetKey(&aesEnc, key32, AES_BLOCK_SIZE * 2, iv,
+        AES_ENCRYPTION), 0);
+    ExpectIntEQ(wc_AesCtrEncrypt(&aesEnc, enc, vector,
+        sizeof(vector)/sizeof(byte)), 0);
+    /* Decrypt with wc_AesCtrEncrypt() */
+    ExpectIntEQ(wc_AesSetKey(&aesDec, key32, AES_BLOCK_SIZE * 2, iv,
+        AES_ENCRYPTION), 0);
+    ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, enc, sizeof(enc)/sizeof(byte)),
+        0);
+    ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_AesCtrEncrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, NULL, enc, sizeof(enc)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCtrEncrypt(&aesDec, dec, NULL, sizeof(enc)/sizeof(byte)),
+        BAD_FUNC_ARG);
 
     wc_AesFree(&aesEnc);
     wc_AesFree(&aesDec);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_AesCtrEncryptDecrypt */
 
 /*
@@ -19281,93 +17983,69 @@ static int test_wc_AesCtrEncryptDecrypt(void)
  */
 static int test_wc_AesGcmSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if  !defined(NO_AES) && defined(HAVE_AESGCM)
-    Aes     aes;
-    int     ret = 0;
+    Aes aes;
 #ifdef WOLFSSL_AES_128
-    byte    key16[] =
-    {
+    byte key16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #endif
 #ifdef WOLFSSL_AES_192
-    byte    key24[] =
-    {
+    byte key24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
     };
 #endif
 #ifdef WOLFSSL_AES_256
-    byte    key32[] =
-    {
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #endif
-    byte    badKey16[] =
-    {
+    byte badKey16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
     };
-    byte    badKey24[] =
-    {
+    byte badKey24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36
     };
-    byte   badKey32[] =
-    {
+    byte badKey32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x37, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65
     };
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
 
 #ifdef WOLFSSL_AES_128
-    ret = wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte));
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, key16, sizeof(key16)/sizeof(byte)), 0);
 #endif
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        ret = wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte));
-    }
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, key24, sizeof(key24)/sizeof(byte)), 0);
 #endif
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
-    }
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
 #endif
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey16, sizeof(badKey16)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey24, sizeof(badKey24)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, badKey32, sizeof(badKey32)/sizeof(byte)),
+        BAD_FUNC_ARG);
 
     wc_AesFree(&aes);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_AesGcmSetKey */
 
 /*
@@ -19375,97 +18053,67 @@ static int test_wc_AesGcmSetKey(void)
  */
 static int test_wc_AesGcmEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
     /* WOLFSSL_AFALG requires 12 byte IV */
 #if !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) && \
     !defined(WOLFSSL_AFALG) && !defined(WOLFSSL_DEVCRYPTO_AES)
-
-    Aes     aes;
-    byte    key32[] =
-    {
+    Aes  aes;
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
-    byte    vector[] = /* Now is the time for all w/o trailing 0 */
-    {
+    byte vector[] = { /* Now is the time for all w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
-    const byte a[] =
-    {
+    const byte a[] = {
         0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
         0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
         0xab, 0xad, 0xda, 0xd2
     };
-    byte    iv[]   = "1234567890a";
-    byte    longIV[]  = "1234567890abcdefghij";
-    byte    enc[sizeof(vector)];
-    byte    resultT[AES_BLOCK_SIZE];
-    byte    dec[sizeof(vector)];
-    int     gcmD     =   WOLFSSL_FATAL_ERROR;
-    int     gcmE     =   WOLFSSL_FATAL_ERROR;
-    int     ret = 0;
+    byte iv[] = "1234567890a";
+    byte longIV[] = "1234567890abcdefghij";
+    byte enc[sizeof(vector)];
+    byte resultT[AES_BLOCK_SIZE];
+    byte dec[sizeof(vector)];
 
     /* Init stack variables. */
+    XMEMSET(&aes, 0, sizeof(Aes));
     XMEMSET(enc, 0, sizeof(vector));
     XMEMSET(dec, 0, sizeof(vector));
     XMEMSET(resultT, 0, AES_BLOCK_SIZE);
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
 
-    ret = wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte));
-    if (ret == 0) {
-        gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector),
-                                        iv, sizeof(iv)/sizeof(byte), resultT,
-                                        sizeof(resultT), a, sizeof(a));
-    }
-    if (gcmE == 0) { /* If encrypt fails, no decrypt. */
-        gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector),
-                                        iv, sizeof(iv)/sizeof(byte), resultT,
-                                        sizeof(resultT), a, sizeof(a));
-        if (gcmD == 0 && (XMEMCMP(vector, dec, sizeof(vector)) != 0)) {
-            gcmD = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    /*Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
-    if (gcmE == 0) {
-        gcmE = wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector),
-                        iv, sizeof(iv)/sizeof(byte), resultT, sizeof(resultT),
-                        a, sizeof(a));
-        if (gcmE == BAD_FUNC_ARG) {
-            gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
-                    sizeof(vector), iv, sizeof(iv)/sizeof(byte),
-                    resultT, sizeof(resultT) + 1, a, sizeof(a));
-        }
-        if (gcmE == BAD_FUNC_ARG) {
-            gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
-                    sizeof(vector), iv, sizeof(iv)/sizeof(byte),
-                    resultT, sizeof(resultT) - 5, a, sizeof(a));
-        }
+    ExpectIntEQ(wc_AesGcmSetKey(&aes, key32, sizeof(key32)/sizeof(byte)), 0);
+    ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(vector), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)), 0);
+    ExpectIntEQ(XMEMCMP(vector, dec, sizeof(vector)), 0);
+
+    /* Test bad args for wc_AesGcmEncrypt and wc_AesGcmDecrypt */
+    ExpectIntEQ(wc_AesGcmEncrypt(NULL, enc, vector, sizeof(vector), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) - 5, a, sizeof(a)),
+        BAD_FUNC_ARG);
 
 #if (defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
         (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST) || \
         defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
         /* FIPS does not check the lower bound of ivSz */
 #else
-        if (gcmE == BAD_FUNC_ARG) {
-            gcmE = wc_AesGcmEncrypt(&aes, enc, vector,
-                    sizeof(vector), iv, 0,
-                    resultT, sizeof(resultT), a, sizeof(a));
-        }
+        ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), iv, 0,
+            resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
 #endif
-        if (gcmE == BAD_FUNC_ARG) {
-            gcmE = 0;
-        }
-        else {
-            gcmE = WOLFSSL_FATAL_ERROR;
-        }
-    }
 
     /* This case is now considered good. Long IVs are now allowed.
      * Except for the original FIPS release, it still has an upper
@@ -19473,76 +18121,46 @@ static int test_wc_AesGcmEncryptDecrypt(void)
 #if (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
     !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
-    if (gcmE == 0) {
-        gcmE = wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
-                        sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT),
-                        a, sizeof(a));
-    }
+    ExpectIntEQ(wc_AesGcmEncrypt(&aes, enc, vector, sizeof(vector), longIV,
+        sizeof(longIV)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        0);
 #else
     (void)longIV;
 #endif /* Old FIPS */
     /* END wc_AesGcmEncrypt */
 
-    if (gcmE != 0) {
-        wc_AesFree(&aes);
-        return TEST_FAIL;
-    }
-
-    #ifdef HAVE_AES_DECRYPT
-        if (gcmD == 0) {
-            gcmD = wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte),
-                                   iv, sizeof(iv)/sizeof(byte), resultT,
-                                   sizeof(resultT), a, sizeof(a));
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte),
-                                   iv, sizeof(iv)/sizeof(byte), resultT,
-                                   sizeof(resultT), a, sizeof(a));
-            }
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte),
-                                   iv, sizeof(iv)/sizeof(byte), resultT,
-                                   sizeof(resultT), a, sizeof(a));
-            }
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
-                                   NULL, sizeof(iv)/sizeof(byte), resultT,
-                                   sizeof(resultT), a, sizeof(a));
-            }
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
-                                   iv, sizeof(iv)/sizeof(byte), NULL,
-                                   sizeof(resultT), a, sizeof(a));
-            }
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
-                                   iv, sizeof(iv)/sizeof(byte), resultT,
-                                   sizeof(resultT) + 1, a, sizeof(a));
-            }
-        #if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
-                (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \
-                !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
-                /* FIPS does not check the lower bound of ivSz */
-        #else
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
-                                   iv, 0, resultT,
-                                   sizeof(resultT), a, sizeof(a));
-            }
-        #endif
-            if (gcmD == BAD_FUNC_ARG) {
-                gcmD = 0;
-            }
-            else {
-                gcmD = WOLFSSL_FATAL_ERROR;
-            }
-
-            res = TEST_RES_CHECK(gcmD == 0);
-        } /* END wc_AesGcmDecrypt */
-    #endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AES_DECRYPT
+    ExpectIntEQ(wc_AesGcmDecrypt(NULL, dec, enc, sizeof(enc)/sizeof(byte), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, NULL, enc, sizeof(enc)/sizeof(byte), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, NULL, sizeof(enc)/sizeof(byte), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), NULL,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
+        sizeof(iv)/sizeof(byte), NULL, sizeof(resultT), a, sizeof(a)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte), iv,
+        sizeof(iv)/sizeof(byte), resultT, sizeof(resultT) + 1, a, sizeof(a)),
+        BAD_FUNC_ARG);
+    #if ((defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && \
+            (HAVE_FIPS_VERSION == 2)) || defined(HAVE_SELFTEST)) && \
+            !defined(WOLFSSL_AES_GCM_FIXED_IV_AAD)
+            /* FIPS does not check the lower bound of ivSz */
+    #else
+        ExpectIntEQ(wc_AesGcmDecrypt(&aes, dec, enc, sizeof(enc)/sizeof(byte),
+            iv, 0, resultT, sizeof(resultT), a, sizeof(a)), BAD_FUNC_ARG);
+    #endif
+#endif /* HAVE_AES_DECRYPT */
 
     wc_AesFree(&aes);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_AesGcmEncryptDecrypt */
 
@@ -19552,64 +18170,58 @@ static int test_wc_AesGcmEncryptDecrypt(void)
  */
 static int test_wc_AesGcmMixedEncDecLongIV(void)
 {
-    int ret = TEST_SKIPPED;
-
+    EXPECT_DECLS;
 #if  (!defined(HAVE_FIPS) || \
       (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) && \
      !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
-
     const byte key[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
-
     const byte in[] = {
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
         0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
     };
-
     const byte aad[] = {
         0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
         0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
         0xab, 0xad, 0xda, 0xd2
     };
+    Aes aesEnc;
+    Aes aesDec;
+    byte iv[] = "1234567890abcdefghij";
+    byte out[sizeof(in)];
+    byte plain[sizeof(in)];
+    byte tag[AES_BLOCK_SIZE];
 
-    Aes     aesEnc, aesDec;
-    byte    iv[]  = "1234567890abcdefghij";
-    byte    out[sizeof(in)];
-    byte    plain[sizeof(in)];
-    byte    tag[AES_BLOCK_SIZE];
-
+    XMEMSET(&aesEnc, 0, sizeof(Aes));
+    XMEMSET(&aesDec, 0, sizeof(Aes));
     XMEMSET(out, 0, sizeof(out));
     XMEMSET(plain, 0, sizeof(plain));
     XMEMSET(tag, 0, sizeof(tag));
 
     /* Perform one-shot encryption using long IV */
-    AssertIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
-    AssertIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0);
-    AssertIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv),
-                                 tag, sizeof(tag), aad, sizeof(aad)), 0);
+    ExpectIntEQ(wc_AesInit(&aesEnc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmSetKey(&aesEnc, key, sizeof(key)), 0);
+    ExpectIntEQ(wc_AesGcmEncrypt(&aesEnc, out, in, sizeof(in), iv, sizeof(iv),
+        tag, sizeof(tag), aad, sizeof(aad)), 0);
 
     /* Perform streaming decryption using long IV */
-    AssertIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
-    AssertIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0);
-    AssertIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad,
-                                       sizeof(aad)), 0);
-    AssertIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0);
-    AssertIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
+    ExpectIntEQ(wc_AesInit(&aesDec, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesGcmInit(&aesDec, key, sizeof(key), iv, sizeof(iv)), 0);
+    ExpectIntEQ(wc_AesGcmDecryptUpdate(&aesDec, plain, out, sizeof(out), aad,
+        sizeof(aad)), 0);
+    ExpectIntEQ(wc_AesGcmDecryptFinal(&aesDec, tag, sizeof(tag)), 0);
+    ExpectIntEQ(XMEMCMP(plain, in, sizeof(in)), 0);
 
     /* Free resources */
     wc_AesFree(&aesEnc);
     wc_AesFree(&aesDec);
-
-    ret = TEST_SUCCESS;
-
 #endif
-
-    return ret;
+    return EXPECT_RESULT();
 
 } /* END wc_AesGcmMixedEncDecLongIV */
 
@@ -19618,98 +18230,73 @@ static int test_wc_AesGcmMixedEncDecLongIV(void)
  */
 static int test_wc_GmacSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(HAVE_AESGCM)
-    Gmac    gmac;
-    byte    key16[] =
-    {
+    Gmac gmac;
+    byte key16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #ifdef WOLFSSL_AES_192
-    byte    key24[] =
-    {
+    byte key24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
     };
 #endif
 #ifdef WOLFSSL_AES_256
-    byte    key32[] =
-    {
+    byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 #endif
-    byte    badKey16[] =
-    {
+    byte badKey16[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x66
     };
-    byte    badKey24[] =
-    {
+    byte badKey24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
     };
-    byte    badKey32[] =
-    {
+    byte badKey32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
-    int     ret = 0;
 
-    ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&gmac, 0, sizeof(Gmac));
+
+    ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
 
 #ifdef WOLFSSL_AES_128
-    ret = wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte));
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)/sizeof(byte)), 0);
 #endif
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
-    }
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
 #endif
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
-    }
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
 #endif
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte));
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_GmacSetKey(NULL, key16, sizeof(key16)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, NULL, sizeof(key16)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, badKey16, sizeof(badKey16)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, badKey24, sizeof(badKey24)/sizeof(byte)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, badKey32, sizeof(badKey32)/sizeof(byte)),
+        BAD_FUNC_ARG);
 
     wc_AesFree(&gmac.aes);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_GmacSetKey */
 
 /*
@@ -19717,27 +18304,24 @@ static int test_wc_GmacSetKey(void)
  */
 static int test_wc_GmacUpdate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(HAVE_AESGCM)
-    Gmac    gmac;
+    Gmac gmac;
 #ifdef WOLFSSL_AES_128
-    const byte key16[] =
-    {
+    const byte key16[] = {
         0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
         0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
     };
 #endif
 #ifdef WOLFSSL_AES_192
-    byte    key24[] =
-    {
+    byte key24[] = {
         0x41, 0xc5, 0xda, 0x86, 0x67, 0xef, 0x72, 0x52,
         0x20, 0xff, 0xe3, 0x9a, 0xe0, 0xac, 0x59, 0x0a,
         0xc9, 0xfc, 0xa7, 0x29, 0xab, 0x60, 0xad, 0xa0
     };
 #endif
 #ifdef WOLFSSL_AES_256
-   byte    key32[] =
-    {
+   byte key32[] = {
         0x78, 0xdc, 0x4e, 0x0a, 0xaf, 0x52, 0xd9, 0x35,
         0xc3, 0xc0, 0x1e, 0xea, 0x57, 0x42, 0x8f, 0x00,
         0xca, 0x1f, 0xd4, 0x75, 0xf5, 0xda, 0x86, 0xa4,
@@ -19745,144 +18329,104 @@ static int test_wc_GmacUpdate(void)
     };
 #endif
 #ifdef WOLFSSL_AES_128
-    const byte authIn[] =
-    {
+    const byte authIn[] = {
         0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
         0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
     };
 #endif
 #ifdef WOLFSSL_AES_192
-    const byte authIn2[] =
-    {
+    const byte authIn2[] = {
        0x8b, 0x5c, 0x12, 0x4b, 0xef, 0x6e, 0x2f, 0x0f,
        0xe4, 0xd8, 0xc9, 0x5c, 0xd5, 0xfa, 0x4c, 0xf1
     };
 #endif
-    const byte authIn3[] =
-    {
+    const byte authIn3[] = {
         0xb9, 0x6b, 0xaa, 0x8c, 0x1c, 0x75, 0xa6, 0x71,
         0xbf, 0xb2, 0xd0, 0x8d, 0x06, 0xbe, 0x5f, 0x36
     };
 #ifdef WOLFSSL_AES_128
-    const byte tag1[] = /* Known. */
-    {
+    const byte tag1[] = { /* Known. */
         0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
         0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
     };
 #endif
 #ifdef WOLFSSL_AES_192
-    const byte tag2[] = /* Known */
-    {
+    const byte tag2[] = { /* Known */
         0x20, 0x4b, 0xdb, 0x1b, 0xd6, 0x21, 0x54, 0xbf,
         0x08, 0x92, 0x2a, 0xaa, 0x54, 0xee, 0xd7, 0x05
     };
 #endif
-    const byte tag3[] = /* Known */
-    {
+    const byte tag3[] = { /* Known */
         0x3e, 0x5d, 0x48, 0x6a, 0xa2, 0xe3, 0x0b, 0x22,
         0xe0, 0x40, 0xb8, 0x57, 0x23, 0xa0, 0x6e, 0x76
     };
 #ifdef WOLFSSL_AES_128
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
         0xe2, 0x8c, 0x8f, 0x16
     };
 #endif
 #ifdef WOLFSSL_AES_192
-    const byte iv2[] =
-    {
+    const byte iv2[] = {
         0x05, 0xad, 0x13, 0xa5, 0xe2, 0xc2, 0xab, 0x66,
         0x7e, 0x1a, 0x6f, 0xbc
     };
 #endif
-    const byte iv3[] =
-    {
+    const byte iv3[] = {
         0xd7, 0x9c, 0xf2, 0x2d, 0x50, 0x4c, 0xc7, 0x93,
         0xc3, 0xfb, 0x6c, 0x8a
     };
-    byte    tagOut[16];
-    byte    tagOut2[24];
-    byte    tagOut3[32];
-    int     ret = 0;
+    byte tagOut[16];
+    byte tagOut2[24];
+    byte tagOut3[32];
 
     /* Init stack variables. */
+    XMEMSET(&gmac, 0, sizeof(Gmac));
     XMEMSET(tagOut, 0, sizeof(tagOut));
     XMEMSET(tagOut2, 0, sizeof(tagOut2));
     XMEMSET(tagOut3, 0, sizeof(tagOut3));
 
-    ret = wc_AesInit(&gmac.aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
-
 #ifdef WOLFSSL_AES_128
-    ret = wc_GmacSetKey(&gmac, key16, sizeof(key16));
-    if (ret == 0) {
-        ret = wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
-                                                    tagOut, sizeof(tag1));
-        if (ret == 0) {
-            ret = XMEMCMP(tag1, tagOut, sizeof(tag1));
-        }
-        wc_AesFree(&gmac.aes);
-    }
-
+    ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key16, sizeof(key16)), 0);
+    ExpectIntEQ(wc_GmacUpdate(&gmac, iv, sizeof(iv), authIn, sizeof(authIn),
+        tagOut, sizeof(tag1)), 0);
+    ExpectIntEQ(XMEMCMP(tag1, tagOut, sizeof(tag1)), 0);
+    wc_AesFree(&gmac.aes);
 #endif
 
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        XMEMSET(&gmac, 0, sizeof(Gmac));
-        ret = wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte));
-    }
-    if (ret == 0) {
-        ret = wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2,
-                            sizeof(authIn2), tagOut2, sizeof(tag2));
-    }
-    if (ret == 0) {
-        ret = XMEMCMP(tagOut2, tag2, sizeof(tag2));
-        wc_AesFree(&gmac.aes);
-    }
+    ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
+    ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key24, sizeof(key24)/sizeof(byte)), 0);
+    ExpectIntEQ(wc_GmacUpdate(&gmac, iv2, sizeof(iv2), authIn2, sizeof(authIn2),
+        tagOut2, sizeof(tag2)), 0);
+    ExpectIntEQ(XMEMCMP(tagOut2, tag2, sizeof(tag2)), 0);
+    wc_AesFree(&gmac.aes);
 #endif
 
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        XMEMSET(&gmac, 0, sizeof(Gmac));
-        ret = wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte));
-    }
-    if (ret == 0) {
-        ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
-                            sizeof(authIn3), tagOut3, sizeof(tag3));
-    }
-    if (ret == 0) {
-        ret = XMEMCMP(tag3, tagOut3, sizeof(tag3));
-    }
+    ExpectNotNull(XMEMSET(&gmac, 0, sizeof(Gmac)));
+    ExpectIntEQ(wc_AesInit(&gmac.aes, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_GmacSetKey(&gmac, key32, sizeof(key32)/sizeof(byte)), 0);
+    ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+        tagOut3, sizeof(tag3)), 0);
+    ExpectIntEQ(XMEMCMP(tag3, tagOut3, sizeof(tag3)), 0);
+    wc_AesFree(&gmac.aes);
 #endif
 
-    /*Pass bad args. */
-    if (ret == 0) {
-        ret = wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3,
-                                sizeof(authIn3), tagOut3, sizeof(tag3));
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
-                                sizeof(authIn3), tagOut3, sizeof(tag3) - 5);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3,
-                                sizeof(authIn3), tagOut3, sizeof(tag3) + 1);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    /* Pass bad args. */
+    ExpectIntEQ(wc_AesInit(&gmac.aes, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_GmacUpdate(NULL, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+        tagOut3, sizeof(tag3)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+        tagOut3, sizeof(tag3) - 5), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_GmacUpdate(&gmac, iv3, sizeof(iv3), authIn3, sizeof(authIn3),
+        tagOut3, sizeof(tag3) + 1),  BAD_FUNC_ARG);
     wc_AesFree(&gmac.aes);
 
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_GmacUpdate */
 
 
@@ -19891,73 +18435,50 @@ static int test_wc_GmacUpdate(void)
  */
 static int test_wc_CamelliaSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CAMELLIA
     Camellia camellia;
     /*128-bit key*/
-    static const byte key16[] =
-    {
+    static const byte key16[] = {
         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
         0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
     };
     /* 192-bit key */
-    static const byte key24[] =
-    {
+    static const byte key24[] = {
         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
         0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
         0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
     };
     /* 256-bit key */
-    static const byte key32[] =
-    {
+    static const byte key32[] = {
         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
         0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
         0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
         0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
     };
-    static const byte iv[] =
-    {
+    static const byte iv[] = {
         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
         0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
     };
-    int ret = 0;
 
-    ret = wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv);
-    if (ret == 0) {
-        ret = wc_CamelliaSetKey(&camellia, key16,
-                                        (word32)sizeof(key16), NULL);
-        if (ret == 0) {
-            ret = wc_CamelliaSetKey(&camellia, key24,
-                                        (word32)sizeof(key24), iv);
-        }
-        if (ret == 0) {
-            ret = wc_CamelliaSetKey(&camellia, key24,
-                                        (word32)sizeof(key24), NULL);
-        }
-        if (ret == 0) {
-            ret = wc_CamelliaSetKey(&camellia, key32,
-                                        (word32)sizeof(key32), iv);
-        }
-        if (ret == 0) {
-            ret = wc_CamelliaSetKey(&camellia, key32,
-                                        (word32)sizeof(key32), NULL);
-        }
-    }
-    /* Bad args. */
-    if (ret == 0) {
-        ret = wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv);
-        if (ret != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    } /* END bad args. */
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16), iv),
+        0);
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key16, (word32)sizeof(key16),
+        NULL), 0);
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
+        0);
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+        NULL), 0);
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32), iv),
+        0);
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key32, (word32)sizeof(key32),
+        NULL), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Bad args. */
+    ExpectIntEQ(wc_CamelliaSetKey(NULL, key32, (word32)sizeof(key32), iv),
+        BAD_FUNC_ARG);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_CammeliaSetKey */
 
 /*
@@ -19965,121 +18486,69 @@ static int test_wc_CamelliaSetKey(void)
  */
 static int test_wc_CamelliaSetIV(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CAMELLIA
     Camellia    camellia;
-    static const byte iv[] =
-    {
+    static const byte iv[] = {
         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
         0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
     };
-    int ret = 0;
 
-    ret = wc_CamelliaSetIV(&camellia, iv);
-    if (ret == 0) {
-        ret = wc_CamelliaSetIV(&camellia, NULL);
-    }
-    /* Bad args. */
-    if (ret == 0) {
-        ret = wc_CamelliaSetIV(NULL, NULL);
-        if (ret != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_CamelliaSetIV(&camellia, iv), 0);
+    ExpectIntEQ(wc_CamelliaSetIV(&camellia, NULL), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Bad args. */
+    ExpectIntEQ(wc_CamelliaSetIV(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaSetIV(NULL, iv), BAD_FUNC_ARG);
 #endif
-    return res;
-} /*END test_wc_CamelliaSetIV*/
+    return EXPECT_RESULT();
+} /* END test_wc_CamelliaSetIV*/
 
 /*
  * Test wc_CamelliaEncryptDirect and wc_CamelliaDecryptDirect
  */
 static int test_wc_CamelliaEncryptDecryptDirect(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CAMELLIA
     Camellia camellia;
-    static const byte key24[] =
-    {
+    static const byte key24[] = {
         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
         0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
         0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
     };
-    static const byte iv[] =
-    {
+    static const byte iv[] = {
         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
         0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
     };
-    static const byte plainT[] =
-    {
+    static const byte plainT[] = {
         0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
         0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
     };
     byte    enc[sizeof(plainT)];
     byte    dec[sizeof(enc)];
-    int     camE = WOLFSSL_FATAL_ERROR;
-    int     camD = WOLFSSL_FATAL_ERROR;
-    int     ret = 0;
 
-    /*Init stack variables.*/
+    /* Init stack variables.*/
     XMEMSET(enc, 0, 16);
     XMEMSET(enc, 0, 16);
 
-    ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv);
-    if (ret == 0) {
-        ret = wc_CamelliaEncryptDirect(&camellia, enc, plainT);
-        if (ret == 0) {
-            ret = wc_CamelliaDecryptDirect(&camellia, dec, enc);
-            if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
-    /* Pass bad args. */
-    if (ret == 0) {
-        camE = wc_CamelliaEncryptDirect(NULL, enc, plainT);
-        if (camE == BAD_FUNC_ARG) {
-            camE = wc_CamelliaEncryptDirect(&camellia, NULL, plainT);
-        }
-        if (camE == BAD_FUNC_ARG) {
-            camE = wc_CamelliaEncryptDirect(&camellia, enc, NULL);
-        }
-        if (camE == BAD_FUNC_ARG) {
-            camE = 0;
-        }
-        else {
-            camE = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (camE != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), iv),
+        0);
+    ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, plainT), 0);
+    ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, enc), 0);
+    ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
 
-    if (ret == 0) {
-        camD = wc_CamelliaDecryptDirect(NULL, dec, enc);
-        if (camD == BAD_FUNC_ARG) {
-            camD = wc_CamelliaDecryptDirect(&camellia, NULL, enc);
-        }
-        if (camD == BAD_FUNC_ARG) {
-            camD = wc_CamelliaDecryptDirect(&camellia, dec, NULL);
-        }
-        if (camD == BAD_FUNC_ARG) {
-            camD = 0;
-        }
-        else {
-            camD = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* Pass bad args. */
+    ExpectIntEQ(wc_CamelliaEncryptDirect(NULL, enc, plainT), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, NULL, plainT),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaEncryptDirect(&camellia, enc, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(camD == 0);
+    ExpectIntEQ(wc_CamelliaDecryptDirect(NULL, dec, enc), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, NULL, enc), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaDecryptDirect(&camellia, dec, NULL), BAD_FUNC_ARG);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test-wc_CamelliaEncryptDecryptDirect */
 
 /*
@@ -20087,92 +18556,52 @@ static int test_wc_CamelliaEncryptDecryptDirect(void)
  */
 static int test_wc_CamelliaCbcEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CAMELLIA
     Camellia camellia;
-    static const byte key24[] =
-    {
+    static const byte key24[] = {
         0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
         0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
         0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
     };
-    static const byte plainT[] =
-    {
+    static const byte plainT[] = {
         0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
         0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
     };
     byte    enc[CAMELLIA_BLOCK_SIZE];
     byte    dec[CAMELLIA_BLOCK_SIZE];
-    int     camCbcE = WOLFSSL_FATAL_ERROR;
-    int     camCbcD = WOLFSSL_FATAL_ERROR;
-    int     ret = 0;
 
     /* Init stack variables. */
     XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
     XMEMSET(enc, 0, CAMELLIA_BLOCK_SIZE);
 
-    ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
-    if (ret == 0) {
-        ret = wc_CamelliaCbcEncrypt(&camellia, enc, plainT, CAMELLIA_BLOCK_SIZE);
-        if (ret != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24), NULL);
-        if (ret == 0) {
-            ret = wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE);
-            if (XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE)) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
-
-    /* Pass in bad args. */
-    if (ret == 0) {
-        camCbcE = wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE);
-        if (camCbcE == BAD_FUNC_ARG) {
-            camCbcE = wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
-                                                    CAMELLIA_BLOCK_SIZE);
-        }
-        if (camCbcE == BAD_FUNC_ARG) {
-            camCbcE = wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
-                                                    CAMELLIA_BLOCK_SIZE);
-        }
-        if (camCbcE == BAD_FUNC_ARG) {
-            camCbcE = 0;
-        }
-        else {
-            camCbcE = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+        NULL), 0);
+    ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, plainT,
+        CAMELLIA_BLOCK_SIZE), 0);
 
-    if (camCbcE != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_CamelliaSetKey(&camellia, key24, (word32)sizeof(key24),
+        NULL), 0);
+    ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, enc, CAMELLIA_BLOCK_SIZE),
+        0);
+    ExpectIntEQ(XMEMCMP(plainT, dec, CAMELLIA_BLOCK_SIZE), 0);
 
-    if (ret == 0) {
-        camCbcD = wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE);
-        if (camCbcD == BAD_FUNC_ARG) {
-            camCbcD = wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
-                                                    CAMELLIA_BLOCK_SIZE);
-        }
-        if (camCbcD == BAD_FUNC_ARG) {
-            camCbcD = wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
-                                                    CAMELLIA_BLOCK_SIZE);
-        }
-        if (camCbcD == BAD_FUNC_ARG) {
-            camCbcD = 0;
-        }
-        else {
-            camCbcD = WOLFSSL_FATAL_ERROR;
-        }
-    } /* END bad args. */
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_CamelliaCbcEncrypt(NULL, enc, plainT, CAMELLIA_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, NULL, plainT,
+        CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaCbcEncrypt(&camellia, enc, NULL,
+        CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(camCbcD == 0);
+    ExpectIntEQ(wc_CamelliaCbcDecrypt(NULL, dec, enc, CAMELLIA_BLOCK_SIZE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, NULL, enc,
+        CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CamelliaCbcDecrypt(&camellia, dec, NULL,
+        CAMELLIA_BLOCK_SIZE), BAD_FUNC_ARG);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_CamelliaCbcEncryptDecrypt */
 
 
@@ -20181,30 +18610,19 @@ static int test_wc_CamelliaCbcEncryptDecrypt(void)
  */
 static int test_wc_Arc4SetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_RC4
     Arc4 arc;
     const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
     int keyLen = 8;
-    int ret = 0;
 
-    ret = wc_Arc4SetKey(&arc, (byte*)key, keyLen);
+    ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, keyLen), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_Arc4SetKey(NULL, (byte*)key, keyLen);
-        if (ret == BAD_FUNC_ARG)
-            ret = wc_Arc4SetKey(&arc, NULL, keyLen); /* NULL key */
-        if (ret == BAD_FUNC_ARG)
-            ret = wc_Arc4SetKey(&arc, (byte*)key, 0); /* length == 0 */
-        if (ret == BAD_FUNC_ARG)
-            ret = WOLFSSL_ERROR_NONE;
-        else
-            ret = WOLFSSL_FATAL_ERROR;
-    } /* END test bad args. */
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_Arc4SetKey(NULL, (byte*)key, keyLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Arc4SetKey(&arc, NULL      , keyLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Arc4SetKey(&arc, (byte*)key, 0     ), BAD_FUNC_ARG);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_Arc4SetKey */
 
@@ -20213,70 +18631,44 @@ static int test_wc_Arc4SetKey(void)
  */
 static int test_wc_Arc4Process(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_RC4
-    Arc4 enc, dec;
+    Arc4 enc;
+    Arc4 dec;
     const char* key = "\x01\x23\x45\x67\x89\xab\xcd\xef";
     int keyLen = 8;
     const char* input = "\x01\x23\x45\x67\x89\xab\xcd\xef";
     byte cipher[8];
     byte plain[8];
-    int ret;
 
     /* Init stack variables */
+    XMEMSET(&enc, 0, sizeof(Arc4));
+    XMEMSET(&dec, 0, sizeof(Arc4));
     XMEMSET(cipher, 0, sizeof(cipher));
     XMEMSET(plain, 0, sizeof(plain));
 
     /* Use for async. */
-    ret = wc_Arc4Init(&enc, NULL, INVALID_DEVID);
-    if (ret == 0) {
-        ret = wc_Arc4Init(&dec, NULL, INVALID_DEVID);
-    }
+    ExpectIntEQ(wc_Arc4Init(&enc, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_Arc4Init(&dec, NULL, INVALID_DEVID), 0);
 
-    if (ret == 0) {
-        ret = wc_Arc4SetKey(&enc, (byte*)key, keyLen);
-    }
-    if (ret == 0) {
-        ret = wc_Arc4SetKey(&dec, (byte*)key, keyLen);
-    }
-    if (ret == 0) {
-        ret = wc_Arc4Process(&enc, cipher, (byte*)input, keyLen);
-    }
-    if (ret == 0) {
-        ret = wc_Arc4Process(&dec, plain, cipher, keyLen);
-        if (ret != 0 || XMEMCMP(plain, input, keyLen)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_Arc4SetKey(&enc, (byte*)key, keyLen), 0);
+    ExpectIntEQ(wc_Arc4SetKey(&dec, (byte*)key, keyLen), 0);
+
+    ExpectIntEQ(wc_Arc4Process(&enc, cipher, (byte*)input, keyLen), 0);
+    ExpectIntEQ(wc_Arc4Process(&dec, plain, cipher, keyLen), 0);
+    ExpectIntEQ(XMEMCMP(plain, input, keyLen), 0);
 
     /* Bad args. */
-    if (ret == 0) {
-        ret = wc_Arc4Process(NULL, plain, cipher, keyLen);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Arc4Process(&dec, NULL, cipher, keyLen);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_Arc4Process(&dec, plain, NULL, keyLen);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_Arc4Process(NULL, plain, cipher, keyLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Arc4Process(&dec, NULL, cipher, keyLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Arc4Process(&dec, plain, NULL, keyLen), BAD_FUNC_ARG);
 
     wc_Arc4Free(&enc);
     wc_Arc4Free(&dec);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
-}/* END test_wc_Arc4Process */
+} /* END test_wc_Arc4Process */
 
 
 /*
@@ -20284,38 +18676,24 @@ static int test_wc_Arc4Process(void)
  */
 static int test_wc_InitRsaKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_RSA
-    RsaKey  key;
-    int     ret = 0;
+    RsaKey key;
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
+    XMEMSET(&key, 0, sizeof(RsaKey));
 
-    /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_InitRsaKey(NULL, HEAP_HINT);
-        #ifndef HAVE_USER_RSA
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-        #else
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-        #endif
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    } /* end if */
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
 
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    /* Test bad args. */
+#ifndef HAVE_USER_RSA
+    ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), BAD_FUNC_ARG);
+#else
+    ExpectIntEQ(wc_InitRsaKey(NULL, HEAP_HINT), USER_CRYPTO_ERROR);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_InitRsaKey */
 
 
@@ -20324,79 +18702,52 @@ static int test_wc_InitRsaKey(void)
  */
 static int test_wc_RsaPrivateKeyDecode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
         || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
-    RsaKey  key;
-    byte*   tmp;
-    word32  idx = 0;
-    int     bytes = 0;
-    int     ret = 0;
+    RsaKey key;
+    byte*  tmp = NULL;
+    word32 idx = 0;
+    int    bytes = 0;
 
-    tmp = (byte*)XMALLOC(FOURK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tmp == NULL) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0) {
-        ret = wc_InitRsaKey(&key, HEAP_HINT);
-    }
-    if (ret == 0) {
-        #ifdef USE_CERT_BUFFERS_1024
-            XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
-            bytes = sizeof_client_key_der_1024;
-        #else
-            XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
-            bytes = sizeof_client_key_der_2048;
-        #endif /* Use cert buffers. */
-
-        ret = wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
-    }
-    #ifndef HAVE_USER_RSA
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Test bad args. User RSA. */
-        if (ret == 0) {
-            ret = wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
+    XMEMSET(&key, 0, sizeof(RsaKey));
 
+    ExpectNotNull(tmp = (byte*)XMALLOC(FOURK_BUF, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
     if (tmp != NULL) {
-        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
+    #ifdef USE_CERT_BUFFERS_1024
+        XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
+        bytes = sizeof_client_key_der_1024;
+    #else
+        XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
+        bytes = sizeof_client_key_der_2048;
+    #endif /* Use cert buffers. */
     }
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes), 0);
+#ifndef HAVE_USER_RSA
+    /* Test bad args. */
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes),
+        BAD_FUNC_ARG);
+#else
+    /* Test bad args. User RSA. */
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(NULL, &idx, &key, (word32)bytes),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, NULL, &key, (word32)bytes),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, NULL, (word32)bytes),
+        USER_CRYPTO_ERROR);
 #endif
-    return res;
+
+    XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+#endif
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaPrivateKeyDecode */
 
@@ -20405,115 +18756,87 @@ static int test_wc_RsaPrivateKeyDecode(void)
  */
 static int test_wc_RsaPublicKeyDecode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && (defined(USE_CERT_BUFFERS_1024)\
         || defined(USE_CERT_BUFFERS_2048)) && !defined(HAVE_FIPS)
-    RsaKey  keyPub;
-    byte*   tmp;
-    word32  idx = 0;
-    int     bytes = 0;
-    word32  keySz = 0;
-    word32  tstKeySz = 0;
-    int     ret = 0;
+    RsaKey keyPub;
+    byte*  tmp = NULL;
+    word32 idx = 0;
+    int    bytes = 0;
+    word32 keySz = 0;
+    word32 tstKeySz = 0;
 #if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
-    XFILE f;
+    XFILE f = XBADFILE;
     const char* rsaPssPubKey = "./certs/rsapss/ca-rsapss-key.der";
     const char* rsaPssPubKeyNoParams = "./certs/rsapss/ca-3072-rsapss-key.der";
     byte buf[4096];
 #endif
 
-    tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (tmp == NULL) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0) {
-        ret = wc_InitRsaKey(&keyPub, HEAP_HINT);
-    }
-    if (ret == 0) {
-        #ifdef USE_CERT_BUFFERS_1024
-            XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
-            bytes = sizeof_client_keypub_der_1024;
-            keySz = 1024;
-        #else
-            XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
-            bytes = sizeof_client_keypub_der_2048;
-            keySz = 2048;
-        #endif
+    XMEMSET(&keyPub, 0, sizeof(RsaKey));
 
-        ret = wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes);
-    }
-    #ifndef HAVE_USER_RSA
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
+    ExpectNotNull(tmp = (byte*)XMALLOC(GEN_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(wc_InitRsaKey(&keyPub, HEAP_HINT), 0);
+    if (tmp != NULL) {
+    #ifdef USE_CERT_BUFFERS_1024
+        XMEMCPY(tmp, client_keypub_der_1024, sizeof_client_keypub_der_1024);
+        bytes = sizeof_client_keypub_der_1024;
+        keySz = 1024;
     #else
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
+        XMEMCPY(tmp, client_keypub_der_2048, sizeof_client_keypub_der_2048);
+        bytes = sizeof_client_keypub_der_2048;
+        keySz = 2048;
     #endif
-
-    if (wc_FreeRsaKey(&keyPub) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
     }
 
-    if (ret == 0) {
-        /* Test for getting modulus key size */
-        idx = 0;
-        ret = wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL,
-            &tstKeySz, NULL, NULL);
-        ret = (ret == 0 && tstKeySz == keySz/8) ? 0 : WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, &keyPub, (word32)bytes), 0);
+#ifndef HAVE_USER_RSA
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes),
+        BAD_FUNC_ARG);
+#else
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_RsaPublicKeyDecode(NULL, &idx, &keyPub, (word32)bytes),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, NULL, &keyPub, (word32)bytes),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPublicKeyDecode(tmp, &idx, NULL, (word32)bytes),
+        USER_CRYPTO_ERROR);
+#endif
+
+    DoExpectIntEQ(wc_FreeRsaKey(&keyPub), 0);
+
+    /* Test for getting modulus key size */
+    idx = 0;
+    ExpectIntEQ(wc_RsaPublicKeyDecode_ex(tmp, &idx, (word32)bytes, NULL,
+        &tstKeySz, NULL, NULL), 0);
+    ExpectIntEQ(tstKeySz, keySz/8);
 
 #if defined(WC_RSA_PSS) && !defined(NO_FILESYSTEM)
-    f = XFOPEN(rsaPssPubKey, "rb");
-    AssertTrue((f != XBADFILE));
-    bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(rsaPssPubKey, "rb")) != XBADFILE);
+    ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
     idx = 0;
-    AssertIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
-                                         NULL), 0);
-    f = XFOPEN(rsaPssPubKeyNoParams, "rb");
-    AssertTrue((f != XBADFILE));
-    bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
+        NULL), 0);
+    ExpectTrue((f = XFOPEN(rsaPssPubKeyNoParams, "rb")) != XBADFILE);
+    ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
     idx = 0;
-    AssertIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
-                                         NULL), 0);
+    ExpectIntEQ(wc_RsaPublicKeyDecode_ex(buf, &idx, bytes, NULL, NULL, NULL,
+        NULL), 0);
 #endif
 
-    if (tmp != NULL) {
-        XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }  /* END test_wc_RsaPublicKeyDecode */
 
 /*
@@ -20521,62 +18844,37 @@ static int test_wc_RsaPublicKeyDecode(void)
  */
 static int test_wc_RsaPublicKeyDecodeRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA)
-    RsaKey      key;
-    const byte  n = 0x23;
-    const byte  e = 0x03;
-    int         nSz = sizeof(n);
-    int         eSz = sizeof(e);
-    int         ret;
-
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
-    if (ret == 0) {
-        ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key);
-    }
+    RsaKey     key;
+    const byte n = 0x23;
+    const byte e = 0x03;
+    int        nSz = sizeof(n);
+    int        eSz = sizeof(e);
+
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, &key), 0);
 #ifndef HAVE_USER_RSA
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key),
+       BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key),
+       BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL),
+       BAD_FUNC_ARG);
 #else
     /* Pass in bad args. User RSA. */
-    if (ret == 0) {
-        ret = wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key);
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key);
-        }
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL);
-        }
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(NULL, nSz, &e, eSz, &key),
+       USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, NULL, eSz, &key),
+       USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaPublicKeyDecodeRaw(&n, nSz, &e, eSz, NULL),
+       USER_CRYPTO_ERROR);
 #endif
 
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaPublicKeyDecodeRaw */
 
@@ -20611,83 +18909,50 @@ static int test_wc_RsaPublicKeyDecodeRaw(void)
  */
 static int test_wc_MakeRsaKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
 
-    RsaKey  genKey;
-    WC_RNG  rng;
-    #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
-    int     bits = 1024;
-    #else
-    int     bits = 2048;
-    #endif
-    int     ret = 0;
+    RsaKey genKey;
+    WC_RNG rng;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+    int bits = 1024;
+#else
+    int bits = 2048;
+#endif
 
-    ret = wc_InitRsaKey(&genKey, HEAP_HINT);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-        if (ret == 0) {
-            ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng);
-            if (ret == 0 && wc_FreeRsaKey(&genKey) != 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
-    #ifndef HAVE_USER_RSA
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng);
-            if (ret == BAD_FUNC_ARG) {
-                ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                /* e < 3 */
-                ret = MAKE_RSA_KEY(&genKey, bits, 2, &rng);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                /* e & 1 == 0 */
-                ret = MAKE_RSA_KEY(&genKey, bits, 6, &rng);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                /* e < 3 */
-                ret = MAKE_RSA_KEY(&genKey, bits, 2, &rng);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                /* e & 1 == 0 */
-                ret = MAKE_RSA_KEY(&genKey, bits, 6, &rng);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
+    XMEMSET(&genKey, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+#ifndef HAVE_USER_RSA
+    /* Test bad args. */
+    ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL),
+        BAD_FUNC_ARG);
+    /* e < 3 */
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), BAD_FUNC_ARG);
+    /* e & 1 == 0 */
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), BAD_FUNC_ARG);
+#else
+    /* Test bad args. */
+    ExpectIntEQ(MAKE_RSA_KEY(NULL, bits, WC_RSA_EXPONENT, &rng),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, NULL),
+        USER_CRYPTO_ERROR);
+    /* e < 3 */
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 2, &rng), USER_CRYPTO_ERROR);
+    /* e & 1 == 0 */
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, 6, &rng), USER_CRYPTO_ERROR);
+#endif /* HAVE_USER_RSA */
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_MakeRsaKey */
 
 /*
@@ -20701,7 +18966,7 @@ static int test_wc_MakeRsaKey(void)
  */
 static int test_RsaDecryptBoundsCheck(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WC_RSA_NO_PADDING) && \
     (defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)) && \
     defined(WOLFSSL_PUBLIC_MP) && !defined(NO_RSA_BOUNDS_CHECK)
@@ -20711,16 +18976,14 @@ static int test_RsaDecryptBoundsCheck(void)
     word32 flatCSz;
     byte out[256];
     word32 outSz = sizeof(out);
-    int ret;
 
-    XMEMSET(&rng, 0, sizeof(rng));
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_InitRng(&rng);
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    if (ret == 0)
-        ret = wc_InitRsaKey(&key, HEAP_HINT);
-
-    if (ret == 0) {
+    if (EXPECT_SUCCESS()) {
         const byte* derKey;
         word32 derKeySz;
         word32 idx = 0;
@@ -20735,37 +18998,30 @@ static int test_RsaDecryptBoundsCheck(void)
             flatCSz = 256;
         #endif
 
-        ret = wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz);
+        ExpectIntEQ(wc_RsaPrivateKeyDecode(derKey, &idx, &key, derKeySz), 0);
     }
 
-    if (ret == 0) {
+    if (EXPECT_SUCCESS()) {
         XMEMSET(flatC, 0, flatCSz);
         flatC[flatCSz-1] = 1;
 
-        ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
-                           RSA_PRIVATE_DECRYPT, &rng);
-
-        if (ret == RSA_OUT_OF_RANGE_E) {
+        ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
+            RSA_PRIVATE_DECRYPT, &rng), RSA_OUT_OF_RANGE_E);
+        if (EXPECT_SUCCESS()) {
             mp_int c;
-            mp_init_copy(&c, &key.n);
-            mp_sub_d(&c, 1, &c);
-            mp_to_unsigned_bin(&c, flatC);
-            ret = wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
-                               RSA_PRIVATE_DECRYPT, NULL);
+            ExpectIntEQ(mp_init_copy(&c, &key.n), 0);
+            ExpectIntEQ(mp_sub_d(&c, 1, &c), 0);
+            ExpectIntEQ(mp_to_unsigned_bin(&c, flatC), 0);
+            ExpectIntEQ(wc_RsaDirect(flatC, flatCSz, out, &outSz, &key,
+                RSA_PRIVATE_DECRYPT, NULL), RSA_OUT_OF_RANGE_E);
             mp_clear(&c);
         }
-        if (ret == RSA_OUT_OF_RANGE_E)
-            ret = 0;
-        else
-            ret = WOLFSSL_FATAL_ERROR;
     }
 
-    if (wc_FreeRsaKey(&key) || wc_FreeRng(&rng) || ret != 0)
-        ret = WOLFSSL_FATAL_ERROR;
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_RsaDecryptBoundsCheck */
 
 /*
@@ -20773,67 +19029,38 @@ static int test_RsaDecryptBoundsCheck(void)
  */
 static int test_wc_SetKeyUsage(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN) && !defined(HAVE_FIPS)
-    Cert    myCert;
-    int     ret = 0;
+    Cert myCert;
 
-    ret = wc_InitCert(&myCert);
+    ExpectIntEQ(wc_InitCert(&myCert), 0);
 
-    if (ret == 0) {
-        ret = wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement");
-        if (ret == 0) {
-            ret = wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation");
-        }
-        if (ret == 0) {
-            ret = wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly");
-        }
-        if (ret == 0) {
-            ret = wc_SetKeyUsage(&myCert, "decipherOnly");
-        }
-        if (ret == 0) {
-            ret = wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign");
-        }
-    }
-    /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_SetKeyUsage(NULL, "decipherOnly");
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_SetKeyUsage(&myCert, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_SetKeyUsage(&myCert, "");
-        }
-        if (ret == KEYUSAGE_E) {
-            ret = wc_SetKeyUsage(&myCert, ",");
-        }
-        if (ret == KEYUSAGE_E) {
-            ret = wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign");
-        }
-        if (ret == KEYUSAGE_E) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "keyEncipherment,keyAgreement"), 0);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature,nonRepudiation"), 0);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "contentCommitment,encipherOnly"), 0);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "decipherOnly"), 0);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "cRLSign,keyCertSign"), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_SetKeyUsage(NULL, "decipherOnly"), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, ""), KEYUSAGE_E);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, ","), KEYUSAGE_E);
+    ExpectIntEQ(wc_SetKeyUsage(&myCert, "digitalSignature, cRLSign"),
+        KEYUSAGE_E);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END  test_wc_SetKeyUsage */
+
 /*
  * Testing wc_CheckProbablePrime()
  */
 static int test_wc_CheckProbablePrime(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
  !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING)
-
 #define CHECK_PROBABLE_PRIME_KEY_BITS 2048
-
     RsaKey key;
     WC_RNG rng;
     byte   e[3];
@@ -20847,360 +19074,204 @@ static int test_wc_CheckProbablePrime(void)
     byte   q[CHECK_PROBABLE_PRIME_KEY_BITS / 8 / 2];
     word32 qSz = (word32)sizeof(q);
     int    nlen = CHECK_PROBABLE_PRIME_KEY_BITS;
-    int    ret = 0;
     int*   isPrime;
     int    test[5];
     isPrime = test;
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_RsaSetRNG(&key, &rng);
-    }
-    if (ret == 0) {
-        ret = wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS, WC_RSA_EXPONENT, &rng);
-    }
-    if (ret == 0) {
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz,
-                                p, &pSz, q, &qSz);
-        PRIVATE_KEY_LOCK();
-    }
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+    ExpectIntEQ(wc_MakeRsaKey(&key, CHECK_PROBABLE_PRIME_KEY_BITS,
+        WC_RSA_EXPONENT, &rng), 0);
+    PRIVATE_KEY_UNLOCK();
+    ExpectIntEQ(wc_RsaExportKey(&key, e, &eSz, n, &nSz, d, &dSz, p, &pSz, q,
+        &qSz), 0);
+    PRIVATE_KEY_LOCK();
+
     /* Bad cases */
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, 0, q, qSz, e, eSz,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, pSz, q, 0, e, eSz,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, pSz, q, qSz, e, 0,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0,
-                                     nlen, isPrime);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_CheckProbablePrime(NULL, pSz, q, qSz, e, eSz, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(p, 0, q, qSz, e, eSz, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(p, pSz, NULL, qSz, e, eSz, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, 0, e, eSz, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, NULL, eSz, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, 0, nlen, isPrime),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_CheckProbablePrime(NULL, 0, NULL, 0, NULL, 0, nlen, isPrime),
+        BAD_FUNC_ARG);
 
     /* Good case */
-    if (ret == 0) {
-        ret = wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz,
-                                     nlen, isPrime);
-    }
-    wc_FreeRsaKey(&key);
-    wc_FreeRng(&rng);
+    ExpectIntEQ(wc_CheckProbablePrime(p, pSz, q, qSz, e, eSz, nlen, isPrime),
+        0);
 
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    wc_FreeRng(&rng);
 #undef CHECK_PROBABLE_PRIME_KEY_BITS
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END  test_wc_CheckProbablePrime */
 /*
  * Testing wc_RsaPSS_Verify()
  */
 static int test_wc_RsaPSS_Verify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
  !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
     RsaKey        key;
     WC_RNG        rng;
     int           sz = 256;
-    byte*         pt;
     const char*   szMessage = "This is the string to be signed";
     unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
     unsigned char pDecrypted[2048/8];
+    byte*         pt = pDecrypted;
     word32        outLen = sizeof(pDecrypted);
-    int           ret = 0;
-    pt = pDecrypted;
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_RsaSetRNG(&key, &rng);
-    }
-    if (ret == 0) {
-            ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
-    }
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+    ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+
+    ExpectIntGT(sz = wc_RsaPSS_Sign((byte*)szMessage,
+        (word32)XSTRLEN(szMessage)+1, pSignature, sizeof(pSignature),
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
 
-    if (ret == 0) {
-        ret = wc_RsaPSS_Sign((byte*)szMessage, (word32)XSTRLEN(szMessage)+1,
-                pSignature, sizeof(pSignature),
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
-        if (ret > 0) {
-            sz = ret;
-            ret = 0;
-        }
-    }
     /* Bad cases */
-    if (ret == 0) {
-        ret = wc_RsaPSS_Verify(NULL, sz, pt, outLen,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_Verify(pSignature, 0, pt, outLen,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_Verify(pSignature, sz, NULL, outLen,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_Verify(NULL, 0, NULL, outLen,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
+    ExpectIntEQ(wc_RsaPSS_Verify(NULL, sz, pt, outLen,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_Verify(pSignature, 0, pt, outLen,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_Verify(pSignature, sz, NULL, outLen,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_Verify(NULL, 0, NULL, outLen,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+
     /* Good case */
-    if (ret == 0) {
-        ret = wc_RsaPSS_Verify(pSignature, sz, pt, outLen,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret > 0) {
-                ret = 0;
-            }
-    }
-    wc_FreeRsaKey(&key);
-    wc_FreeRng(&rng);
+    ExpectIntGT(wc_RsaPSS_Verify(pSignature, sz, pt, outLen,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    wc_FreeRng(&rng);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END  test_wc_RsaPSS_Verify */
 /*
  * Testing wc_RsaPSS_VerifyCheck()
  */
 static int test_wc_RsaPSS_VerifyCheck(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
  !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
     RsaKey        key;
     WC_RNG        rng;
     int           sz = 256; /* 2048/8 */
-    byte*         pt;
     byte          digest[32];
     word32        digestSz = sizeof(digest);
     unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
     word32        pSignatureSz = sizeof(pSignature);
     unsigned char pDecrypted[2048/8];
+    byte*         pt = pDecrypted;
     word32        outLen = sizeof(pDecrypted);
-    int           ret = 0;
-    pt = pDecrypted;
+
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
     XMEMSET(digest, 0, sizeof(digest));
     XMEMSET(pSignature, 0, sizeof(pSignature));
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
-
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_RsaSetRNG(&key, &rng);
-    }
-    if (ret == 0) {
-            ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
-    }
-    if (ret == 0) {
-        digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256);
-        ret = wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz);
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+    ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+    ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
+    ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz),
+        0);
 
-    }
+    ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz,
+        WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
 
-    if (ret == 0) {
-        ret = wc_RsaPSS_Sign(digest, digestSz, pSignature, pSignatureSz,
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
-        if (ret > 0) {
-            sz = ret;
-            ret = 0;
-        }
-    }
     /* Bad cases */
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheck(NULL, sz, pt, outLen,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheck(pSignature, sz, NULL, outLen,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
+    ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, sz, pt, outLen, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, 0, pt, outLen, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheck(pSignature, sz, NULL, outLen, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheck(NULL, 0, NULL, outLen, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
 
     /* Good case */
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheck(pSignature, sz, pt, outLen,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret > 0) {
-                ret = 0;
-            }
-    }
-    wc_FreeRsaKey(&key);
-    wc_FreeRng(&rng);
+    ExpectIntGT(wc_RsaPSS_VerifyCheck(pSignature, sz, pt, outLen, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    wc_FreeRng(&rng);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END  test_wc_RsaPSS_VerifyCheck */
 /*
  * Testing wc_RsaPSS_VerifyCheckInline()
  */
 static int test_wc_RsaPSS_VerifyCheckInline(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_SELFTEST) && \
  !defined(HAVE_FIPS) && defined(WC_RSA_BLINDING) && defined(WC_RSA_PSS)
-    RsaKey              key;
-    WC_RNG              rng;
-    int                 sz = 256;
-    byte*               pt;
-    byte                digest[32];
-    word32              digestSz = sizeof(digest);
-    unsigned char       pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
-    unsigned char       pDecrypted[2048/8];
-    int                 ret;
-    pt = pDecrypted;
-
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
+    RsaKey        key;
+    WC_RNG        rng;
+    int           sz = 256;
+    byte          digest[32];
+    word32        digestSz = sizeof(digest);
+    unsigned char pSignature[2048/8]; /* 2048 is RSA_KEY_SIZE */
+    unsigned char pDecrypted[2048/8];
+    byte*         pt = pDecrypted;
+
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
     XMEMSET(digest, 0, sizeof(digest));
     XMEMSET(pSignature, 0, sizeof(pSignature));
 
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_RsaSetRNG(&key, &rng);
-    }
-    if (ret == 0) {
-            ret = wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng);
-    }
-    if (ret == 0) {
-        digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256);
-        ret = wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz);
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+    ExpectIntEQ(wc_MakeRsaKey(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+    ExpectTrue((digestSz = wc_HashGetDigestSize(WC_HASH_TYPE_SHA256)) > 0);
+    ExpectIntEQ(wc_Hash(WC_HASH_TYPE_SHA256, pSignature, sz, digest, digestSz),
+        0);
 
-    }
+    ExpectIntGT(sz = wc_RsaPSS_Sign(digest, digestSz, pSignature,
+        sizeof(pSignature), WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng), 0);
 
-    if (ret == 0) {
-        ret = wc_RsaPSS_Sign(digest, digestSz, pSignature, sizeof(pSignature),
-                WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key, &rng);
-        if (ret > 0) {
-            sz = ret;
-            ret = 0;
-        }
-    }
     /* Bad Cases */
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheckInline(NULL, sz, &pt,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt,
-                digest, digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-    }
+    ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, sz, &pt, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, 0, NULL, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(NULL, 0, &pt, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest,
+        digestSz, WC_HASH_TYPE_SHA, WC_MGF1SHA256, &key), BAD_FUNC_ARG);
+
     /* Good case */
-    if (ret == 0) {
-        ret = wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt,
-                digest, digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key);
-            if (ret > 0) {
-                ret = 0;
-            }
-    }
-    wc_FreeRsaKey(&key);
-    wc_FreeRng(&rng);
+    ExpectIntGT(wc_RsaPSS_VerifyCheckInline(pSignature, sz, &pt, digest,
+        digestSz, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    wc_FreeRng(&rng);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END  test_wc_RsaPSS_VerifyCheckInline */
 
 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
@@ -21217,162 +19288,100 @@ static void sample_mutex_cb (int flag, int type, const char* file, int line)
  */
 static int test_wc_LockMutex_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
-    int ret = 0;
     int flag = CRYPTO_LOCK;
     int type = 0;
     const char* file = "./test-LockMutex_ex.txt";
     int line = 0;
 
     /* without SetMutexCb */
-    ret = wc_LockMutex_ex(flag, type, file, line);
-    if (ret ==  BAD_STATE_E) {
-        ret = 0;
-    }
+    ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), BAD_STATE_E);
     /* with SetMutexCb */
-    if (ret == 0) {
-        ret = wc_SetMutexCb(sample_mutex_cb);
-        if (ret == 0) {
-             ret = wc_LockMutex_ex(flag, type, file, line);
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
+    ExpectIntEQ(wc_LockMutex_ex(flag, type, file, line), 0);
+    ExpectIntEQ(wc_SetMutexCb(NULL), 0);
 #endif
-    return res;
-}/*End test_wc_LockMutex_ex*/
+    return EXPECT_RESULT();
+} /* End test_wc_LockMutex_ex*/
 /*
  * Testing wc_SetMutexCb
  */
 static int test_wc_SetMutexCb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
-    int ret = wc_SetMutexCb(sample_mutex_cb);
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_SetMutexCb(sample_mutex_cb), 0);
+    ExpectIntEQ(wc_SetMutexCb(NULL), 0);
 #endif
-    return res;
-}/*End test_wc_SetMutexCb*/
+    return EXPECT_RESULT();
+} /* End test_wc_SetMutexCb*/
 
 /*
  * Testing wc_RsaKeyToDer()
  */
 static int test_wc_RsaKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey  genKey;
-    WC_RNG  rng;
-    byte*   der;
-    int     ret = 0;
-    #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+    RsaKey genKey;
+    WC_RNG rng;
+    byte*  der = NULL;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
     int     bits = 1024;
     word32  derSz = 611;
     /* (2 x 128) + 2 (possible leading 00) + (5 x 64) + 5 (possible leading 00)
        + 3 (e) + 8 (ASN tag) + 10 (ASN length) + 4 seqSz + 3 version */
-    #else
+#else
     int     bits = 2048;
     word32  derSz = 1196;
     /* (2 x 256) + 2 (possible leading 00) + (5 x 128) + 5 (possible leading 00)
        + 3 (e) + 8 (ASN tag) + 17 (ASN length) + 4 seqSz + 3 version */
-    #endif
+#endif
+
     XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&genKey, 0, sizeof(genKey));
 
-    der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (der == NULL) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectNotNull(der = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
     /* Init structures. */
-    if (ret == 0) {
-        ret = wc_InitRsaKey(&genKey, HEAP_HINT);
-    }
-        if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
+    ExpectIntEQ(wc_InitRsaKey(&genKey, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
     /* Make key. */
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng);
-        if (ret != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(MAKE_RSA_KEY(&genKey, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    if (ret == 0) {
-        ret = wc_RsaKeyToDer(&genKey, der, derSz);
-        if (ret > 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    #ifndef HAVE_USER_RSA
-        /* Pass good/bad args. */
-        if (ret == 0) {
-            ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
-            if (ret == BAD_FUNC_ARG) {
-                /* Get just the output length */
-                ret = wc_RsaKeyToDer(&genKey, NULL, 0);
-            }
-            if (ret > 0) {
-                /* Try Public Key. */
-                genKey.type = 0;
-                ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                /* Put back to Private Key */
-                genKey.type = 1;
-            #endif
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Pass good/bad args. */
-        if (ret == 0) {
-            ret = wc_RsaKeyToDer(NULL, der, FOURK_BUF);
-            if (ret == USER_CRYPTO_ERROR) {
-                /* Get just the output length */
-                ret = wc_RsaKeyToDer(&genKey, NULL, 0);
-            }
-            if (ret > 0) {
-                /* Try Public Key. */
-                genKey.type = 0;
-                ret = wc_RsaKeyToDer(&genKey, der, FOURK_BUF);
-            #ifdef WOLFSSL_CHECK_MEM_ZERO
-                /* Put back to Private Key */
-                genKey.type = 1;
-            #endif
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
+    ExpectIntGT(wc_RsaKeyToDer(&genKey, der, derSz), 0);
+#ifndef HAVE_USER_RSA
+    /* Pass good/bad args. */
+    ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+    /* Get just the output length */
+    ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0);
+    /* Try Public Key. */
+    genKey.type = 0;
+    ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), BAD_FUNC_ARG);
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        /* Put back to Private Key */
+        genKey.type = 1;
     #endif
+#else
+    /* Pass good/bad args. */
+    ExpectIntEQ(wc_RsaKeyToDer(NULL, der, FOURK_BUF), USER_CRYPTO_ERROR);
+    /* Get just the output length */
+    ExpectIntGT(wc_RsaKeyToDer(&genKey, NULL, 0), 0);
+    /* Try Public Key. */
+    genKey.type = 0;
+    ExpectIntEQ(wc_RsaKeyToDer(&genKey, der, FOURK_BUF), USER_CRYPTO_ERROR);
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        /* Put back to Private Key */
+        genKey.type = 1;
+    #endif
+#endif
 
-    if (der != NULL) {
-        XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (wc_FreeRsaKey(&genKey) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    DoExpectIntEQ(wc_FreeRsaKey(&genKey), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_RsaKeyToDer */
 
 /*
@@ -21380,113 +19389,55 @@ static int test_wc_RsaKeyToDer(void)
  */
 static int test_wc_RsaKeyToPublicDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey      key;
-    WC_RNG      rng;
-    byte*       der;
-    int         ret = 0;
-    #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
-    int         bits = 1024;
-    word32      derLen = 162;
-    #else
-    int         bits = 2048;
-    word32      derLen = 294;
-    #endif
+    RsaKey key;
+    WC_RNG rng;
+    byte*  der = NULL;
+#if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
+    int    bits = 1024;
+    word32 derLen = 162;
+#else
+    int    bits = 2048;
+    word32 derLen = 294;
+#endif
+#ifndef HAVE_USER_RSA
+    int    ret;
+#endif
 
     XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&key, 0, sizeof(key));
 
-    der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (der == NULL) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0) {
-        ret = wc_InitRsaKey(&key, HEAP_HINT);
-    }
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
-    }
-
-    if (ret == 0) {
-        /* test getting size only */
-        ret = wc_RsaKeyToPublicDer(&key, NULL, derLen);
-        if (ret >= 0)
-            ret = 0;
-    }
-    if (ret == 0) {
-        ret = wc_RsaKeyToPublicDer(&key, der, derLen);
-        if (ret >= 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectNotNull(der = (byte*)XMALLOC(derLen, NULL, DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    if (ret == 0) {
-        /* test getting size only */
-        ret = wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0);
-        if (ret >= 0)
-            ret = 0;
-    }
-    if (ret == 0) {
-        ret = wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0);
-        if (ret >= 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* test getting size only */
+    ExpectIntGT(wc_RsaKeyToPublicDer(&key, NULL, derLen), 0);
+    ExpectIntGT(wc_RsaKeyToPublicDer(&key, der, derLen), 0);
 
-    #ifndef HAVE_USER_RSA
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaKeyToPublicDer(&key, der, -1);
-            }
-            if (ret == BUFFER_E || ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_RsaKeyToPublicDer(NULL, der, derLen);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaKeyToPublicDer(&key, der, -1);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
+    /* test getting size only */
+    ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, NULL, derLen, 0), 0);
+    ExpectIntGT(wc_RsaKeyToPublicDer_ex(&key, der, derLen, 0), 0);
 
-    if (der != NULL) {
-        XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+#ifndef HAVE_USER_RSA
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), BAD_FUNC_ARG);
+    ExpectIntLT(ret = wc_RsaKeyToPublicDer(&key, der, -1), 0);
+    ExpectTrue((ret == BUFFER_E) || (ret == BAD_FUNC_ARG));
+#else
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_RsaKeyToPublicDer(NULL, der, derLen), USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaKeyToPublicDer(&key, der, -1), USER_CRYPTO_ERROR);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
+    XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaKeyToPublicDer */
 
@@ -21495,86 +19446,57 @@ static int test_wc_RsaKeyToPublicDer(void)
  */
 static int test_wc_RsaPublicEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey  key;
-    WC_RNG  rng;
-    int     ret = 0;
+    RsaKey key;
+    WC_RNG rng;
     const char inStr[] = TEST_STRING;
     const word32 plainLen = (word32)TEST_STRING_SZ;
     const word32 inLen = (word32)TEST_STRING_SZ;
     int          bits = TEST_RSA_BITS;
     const word32 cipherLen = TEST_RSA_BYTES;
     word32 cipherLenResult = cipherLen;
-
     WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
     WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
     WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
 
 #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
-    if (in == NULL || plain == NULL || cipher == NULL) {
-        fprintf(stderr, "test_wc_RsaPublicEncryptDecrypt malloc failed\n");
-        return MEMORY_E;
-}
+    ExpectNotNull(in);
+    ExpectNotNull(plain);
+    ExpectNotNull(cipher);
 #endif
-    XMEMCPY(in, inStr, inLen);
+    ExpectNotNull(XMEMCPY(in, inStr, inLen));
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
-    }
-    /* Encrypt. */
+    /* Initialize stack structures. */
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_RsaPublicEncrypt(in, inLen, cipher, cipherLen, &key, &rng);
-        if (ret >= 0) {
-            cipherLenResult = ret;
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    /* Pass bad args. */
-    /* Tests PsaPublicEncryptEx() which, is tested by another fn. No need dup.*/
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    /* Encrypt. */
+    ExpectIntGT(cipherLenResult = wc_RsaPublicEncrypt(in, inLen, cipher,
+        cipherLen, &key, &rng), 0);
+    /* Pass bad args - tested in another testing function.*/
 
     /* Decrypt */
-    #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
-        /* Bind rng */
-        if (ret == 0) {
-            ret = wc_RsaSetRNG(&key, &rng);
-        }
-    #endif
-    if (ret == 0) {
-        ret = wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen, &key);
-    }
-    if (ret >= 0) {
-        ret = XMEMCMP(plain, inStr, plainLen);
-    }
-
-    /* Pass in bad args. */
-   /* Tests RsaPrivateDecryptEx() which, is tested by another fn. No need dup.*/
+#if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
+    /* Bind rng */
+    ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
+#endif
+    ExpectIntGE(wc_RsaPrivateDecrypt(cipher, cipherLenResult, plain, plainLen,
+        &key), 0);
+    ExpectIntEQ(XMEMCMP(plain, inStr, plainLen), 0);
+    /* Pass bad args - tested in another testing function.*/
 
     WC_FREE_VAR(in, NULL);
     WC_FREE_VAR(plain, NULL);
     WC_FREE_VAR(cipher, NULL);
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaPublicEncryptDecrypt */
 
@@ -21583,13 +19505,12 @@ static int test_wc_RsaPublicEncryptDecrypt(void)
  */
 static int test_wc_RsaPublicEncryptDecrypt_ex(void)
 {
-    int result = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(HAVE_FIPS)\
         && !defined(WC_NO_RSA_OAEP) && !defined(HAVE_USER_RSA)\
         && !defined(NO_SHA256)
     RsaKey  key;
     WC_RNG  rng;
-    int     ret;
     const char inStr[] = TEST_STRING;
     const word32 inLen = (word32)TEST_STRING_SZ;
     const word32 plainSz = (word32)TEST_STRING_SZ;
@@ -21603,99 +19524,47 @@ static int test_wc_RsaPublicEncryptDecrypt_ex(void)
     WC_DECLARE_VAR(cipher, byte, TEST_RSA_BYTES, NULL);
 
 #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
-    if (in == NULL || plain == NULL || cipher == NULL) {
-        fprintf(stderr, "test_wc_RsaPublicEncryptDecrypt_exmalloc failed\n");
-        return TEST_FAIL;
-    }
+    ExpectNotNull(in);
+    ExpectNotNull(plain);
+    ExpectNotNull(cipher);
 #endif
-    XMEMCPY(in, inStr, inLen);
+    ExpectNotNull(XMEMCPY(in, inStr, inLen));
 
     /* Initialize stack structures. */
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
-    }
-    /* Encrypt */
-    if (ret == 0) {
-        ret = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key, &rng,
-                WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0);
-        if (ret >= 0) {
-            idx = ret;
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitRsaKey_ex(&key, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    /* Pass bad args. */
-    /* Tests RsaPublicEncryptEx again. No need duplicate. */
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    /* Encrypt */
+    ExpectIntGE(idx = wc_RsaPublicEncrypt_ex(in, inLen, cipher, cipherSz, &key,
+        &rng, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+    /* Pass bad args - tested in another testing function.*/
 
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
     /* Decrypt */
     #if defined(WC_RSA_BLINDING) && !defined(HAVE_FIPS)
-        if (ret == 0) {
-            ret = wc_RsaSetRNG(&key, &rng);
-        }
+        ExpectIntEQ(wc_RsaSetRNG(&key, &rng), 0);
     #endif
-    if (ret == 0) {
-        ret = wc_RsaPrivateDecrypt_ex(cipher, (word32)idx,
-                plain, plainSz, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256,
-                WC_MGF1SHA256, NULL, 0);
-    }
-    if (ret >= 0) {
-        if (!XMEMCMP(plain, inStr, plainSz)) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    /*Pass bad args.*/
-   /* Tests RsaPrivateDecryptEx() again. No need duplicate. */
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
+    ExpectIntGE(wc_RsaPrivateDecrypt_ex(cipher, (word32)idx, plain, plainSz,
+        &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+    ExpectIntEQ(XMEMCMP(plain, inStr, plainSz), 0);
+    /* Pass bad args - tested in another testing function.*/
 
-    if (ret == 0) {
-        ret = wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx,
-                &res, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256,
-                WC_MGF1SHA256, NULL, 0);
-
-        if (ret >= 0) {
-            if (!XMEMCMP(inStr, res, plainSz)) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntGE(wc_RsaPrivateDecryptInline_ex(cipher, (word32)idx, &res, &key,
+        WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA256, WC_MGF1SHA256, NULL, 0), 0);
+    ExpectIntEQ(XMEMCMP(inStr, res, plainSz), 0);
 #endif
 
     WC_FREE_VAR(in, NULL);
     WC_FREE_VAR(plain, NULL);
     WC_FREE_VAR(cipher, NULL);
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    result = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return result;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaPublicEncryptDecrypt_ex */
 
@@ -21704,16 +19573,15 @@ static int test_wc_RsaPublicEncryptDecrypt_ex(void)
  */
 static int test_wc_RsaSSL_SignVerify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey  key;
-    WC_RNG  rng;
-    int     ret = 0;
+    RsaKey key;
+    WC_RNG rng;
     const char inStr[] = TEST_STRING;
     const word32 plainSz = (word32)TEST_STRING_SZ;
     const word32 inLen = (word32)TEST_STRING_SZ;
-    word32  idx = 0;
-    int          bits = TEST_RSA_BITS;
+    word32 idx = 0;
+    int    bits = TEST_RSA_BITS;
     const word32 outSz = TEST_RSA_BYTES;
 
     WC_DECLARE_VAR(in, byte, TEST_STRING_SZ, NULL);
@@ -21721,142 +19589,75 @@ static int test_wc_RsaSSL_SignVerify(void)
     WC_DECLARE_VAR(plain, byte, TEST_STRING_SZ, NULL);
 
 #ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
-    if (in == NULL || out == NULL || plain == NULL) {
-        fprintf(stderr, "test_wc_RsaSSL_SignVerify failed\n");
-        return TEST_FAIL;
-    }
+    ExpectNotNull(in);
+    ExpectNotNull(out);
+    ExpectNotNull(plain);
 #endif
-    XMEMCPY(in, inStr, inLen);
+    ExpectNotNull(XMEMCPY(in, inStr, inLen));
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
-    }
     /* Sign. */
-
-    if (ret == 0) {
-        ret = wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng);
-        if (ret == (int)outSz) {
-            idx = ret;
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, &key, &rng), (int)outSz);
+    idx = (int)outSz;
 #ifndef HAVE_USER_RSA
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng),
+        BAD_FUNC_ARG);
 #else
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng);
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng);
-        }
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng);
-        }
-        if (ret == USER_CRYPTO_ERROR) {
-           ret = wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng);
-        }
-        if (ret == USER_CRYPTO_ERROR) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_RsaSSL_Sign(NULL, inLen, out, outSz, &key, &rng),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, 0, out, outSz, &key, &rng),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, NULL, outSz, &key, &rng),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Sign(in, inLen, out, outSz, NULL, &rng),
+        USER_CRYPTO_ERROR);
 #endif
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
 
     /* Verify. */
-    ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, &key);
-    if (ret == (int)inLen) {
-        ret = 0;
-    }
-    else {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    #ifndef HAVE_USER_RSA
-        /* Pass bad args. */
-         if (ret == 0) {
-                ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
-            }
-            if (ret == BAD_FUNC_ARG) {
-               ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Pass bad args. */
-         if (ret == 0) {
-                ret = wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaSSL_Verify(out, 0, plain, plainSz, &key);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-               ret = wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
+    ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, &key), (int)inLen);
+#ifndef HAVE_USER_RSA
+    /* Pass bad args. */
+    ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL),
+        BAD_FUNC_ARG);
+#else
+    /* Pass bad args. */
+    ExpectIntEQ(wc_RsaSSL_Verify(NULL, idx, plain, plainSz, &key),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, 0, plain, plainSz, &key),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, idx, NULL, plainSz, &key),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaSSL_Verify(out, idx, plain, plainSz, NULL),
+        USER_CRYPTO_ERROR);
+#endif
 
     WC_FREE_VAR(in, NULL);
     WC_FREE_VAR(out, NULL);
     WC_FREE_VAR(plain, NULL);
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaSSL_SignVerify */
 
@@ -21865,76 +19666,39 @@ static int test_wc_RsaSSL_SignVerify(void)
  */
 static int test_wc_RsaEncryptSize(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey  key;
-    WC_RNG  rng;
-    int     ret;
+    RsaKey key;
+    WC_RNG rng;
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
 #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng);
-        if (ret == 0) {
-            ret = wc_RsaEncryptSize(&key);
-        }
-        if (ret == 128) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    else {
-        ret = 0;
-    }
+    ExpectIntEQ(MAKE_RSA_KEY(&key, 1024, WC_RSA_EXPONENT, &rng), 0);
+
+    ExpectIntEQ(wc_RsaEncryptSize(&key), 128);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
 #endif
 
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng);
-        if (ret == 0) {
-            ret = wc_RsaEncryptSize(&key);
-        }
-        if (ret == 256) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(MAKE_RSA_KEY(&key, 2048, WC_RSA_EXPONENT, &rng), 0);
+    ExpectIntEQ(wc_RsaEncryptSize(&key), 256);
 
     /* Pass in bad arg. */
-    if (ret == 0) {
-        ret = wc_RsaEncryptSize(NULL);
-        #ifndef HAVE_USER_RSA
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        #endif
-    }
-
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+#ifndef HAVE_USER_RSA
+    ExpectIntEQ(wc_RsaEncryptSize(NULL), BAD_FUNC_ARG);
+#else
+    ExpectIntEQ(wc_RsaEncryptSize(NULL), 0);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaEncryptSize*/
 
@@ -21943,97 +19707,59 @@ static int test_wc_RsaEncryptSize(void)
  */
 static int test_wc_RsaFlattenPublicKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    RsaKey  key;
-    WC_RNG  rng;
-    int     ret = 0;
-    byte    e[256];
-    byte    n[256];
-    word32  eSz = sizeof(e);
-    word32  nSz = sizeof(n);
+    RsaKey key;
+    WC_RNG rng;
+    byte   e[256];
+    byte   n[256];
+    word32 eSz = sizeof(e);
+    word32 nSz = sizeof(n);
     #if (!defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
         (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 4))
-    int         bits = 1024;
+    int    bits = 1024;
     #else
-    int         bits = 2048;
+    int    bits = 2048;
     #endif
 
-    ret = wc_InitRsaKey(&key, HEAP_HINT);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
+    XMEMSET(&key, 0, sizeof(RsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng);
-        if (ret >= 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&key, bits, WC_RSA_EXPONENT, &rng), 0);
 
-    if (ret == 0) {
-        ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz);
-    }
-    #ifndef HAVE_USER_RSA
-        /* Pass bad args. */
-        if (ret == 0) {
-            ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #else
-        /* Pass bad args. */
-        if (ret == 0) {
-            ret = wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz);
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL);
-            }
-            if (ret == USER_CRYPTO_ERROR) {
-                ret = 0;
-            }
-            else {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
-    if (wc_FreeRsaKey(&key) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (wc_FreeRng(&rng) || ret != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, &nSz), 0);
+#ifndef HAVE_USER_RSA
+    /* Pass bad args. */
+    ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL),
+        BAD_FUNC_ARG);
+#else
+    /* Pass bad args. */
+    ExpectIntEQ(wc_RsaFlattenPublicKey(NULL, e, &eSz, n, &nSz),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, NULL, &eSz, n, &nSz),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, NULL, n, &nSz),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, NULL, &nSz),
+        USER_CRYPTO_ERROR);
+    ExpectIntEQ(wc_RsaFlattenPublicKey(&key, e, &eSz, n, NULL),
+        USER_CRYPTO_ERROR);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&key), 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_RsaFlattenPublicKey */
 
@@ -22044,69 +19770,47 @@ static int test_wc_RsaFlattenPublicKey(void)
  */
 static int test_wc_AesCcmSetKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESCCM
     Aes aes;
-    int ret = 0;
-    const byte  key16[] =
-    {
+    const byte key16[] = {
         0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
         0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
     };
-    const byte  key24[] =
-    {
+    const byte key24[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37
     };
-    const byte  key32[] =
-    {
+    const byte key32[] = {
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66,
         0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
         0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66
     };
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&aes, 0, sizeof(Aes));
+
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
 
 #ifdef WOLFSSL_AES_128
-    ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
+    ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
 #endif
 #ifdef WOLFSSL_AES_192
-    if (ret == 0) {
-        ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24));
-    }
+    ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24)), 0);
 #endif
 #ifdef WOLFSSL_AES_256
-    if (ret == 0) {
-        ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32));
-    }
+    ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32)), 0);
 #endif
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1);
-        }
-        if (ret != BAD_FUNC_ARG) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+   ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16) - 1), BAD_FUNC_ARG);
+   ExpectIntEQ(wc_AesCcmSetKey(&aes, key24, sizeof(key24) - 1), BAD_FUNC_ARG);
+   ExpectIntEQ(wc_AesCcmSetKey(&aes, key32, sizeof(key32) - 1), BAD_FUNC_ARG);
 
     wc_AesFree(&aes);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_AesCcmSetKey */
 
@@ -22115,209 +19819,1606 @@ static int test_wc_AesCcmSetKey(void)
  */
 static int test_wc_AesCcmEncryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_AESCCM) && defined(WOLFSSL_AES_128)
     Aes aes;
-    int ret = 0;
-    const byte  key16[] =
-    {
+    const byte key16[] = {
         0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
         0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
     };
     /* plaintext */
-    const byte plainT[] =
-    {
+    const byte plainT[] = {
         0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
         0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
         0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
     };
     /* nonce */
-    const byte iv[] =
-    {
+    const byte iv[] = {
         0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
         0xa1, 0xa2, 0xa3, 0xa4, 0xa5
     };
-    const byte c[] =  /* cipher text. */
-    {
+    const byte c[] = { /* cipher text. */
         0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
         0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
         0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
     };
-    const byte t[] =  /* Auth tag */
-    {
+    const byte t[] = { /* Auth tag */
         0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
     };
-    const byte authIn[] =
-    {
+    const byte authIn[] = {
         0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
     };
     byte cipherOut[sizeof(plainT)];
     byte authTag[sizeof(t)];
-    int ccmE = WOLFSSL_FATAL_ERROR;
-    #ifdef HAVE_AES_DECRYPT
-        int ccmD = WOLFSSL_FATAL_ERROR;
-        byte plainOut[sizeof(cipherOut)];
-    #endif
+#ifdef HAVE_AES_DECRYPT
+    byte plainOut[sizeof(cipherOut)];
+#endif
 
-    ret = wc_AesInit(&aes, NULL, INVALID_DEVID);
-    if (ret != 0)
-        return ret;
+    XMEMSET(&aes, 0, sizeof(Aes));
 
-    ret = wc_AesCcmSetKey(&aes, key16, sizeof(key16));
-    if (ret == 0) {
-        ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv), authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
-        if ((XMEMCMP(cipherOut, c, sizeof(c)) && ccmE == 0) ||
-                XMEMCMP(t, authTag, sizeof(t))) {
-            ccmE = WOLFSSL_FATAL_ERROR;
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        #ifdef HAVE_AES_DECRYPT
-            if (ret == 0) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
-                                        sizeof(plainOut), iv, sizeof(iv),
-                                        authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-                if (XMEMCMP(plainOut, plainT, sizeof(plainT)) && ccmD == 0) {
-                    ccmD = WOLFSSL_FATAL_ERROR;
-                }
-            }
-        #endif
-    }
+    ExpectIntEQ(wc_AesInit(&aes, NULL, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_AesCcmSetKey(&aes, key16, sizeof(key16)), 0);
+
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)), 0);
+    ExpectIntEQ(XMEMCMP(cipherOut, c, sizeof(c)), 0);
+    ExpectIntEQ(XMEMCMP(t, authTag, sizeof(t)), 0);
+#ifdef HAVE_AES_DECRYPT
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)), 0);
+    ExpectIntEQ(XMEMCMP(plainOut, plainT, sizeof(plainT)), 0);
+#endif
 
     /* Pass in bad args. Encrypt*/
-    if (ret == 0 && ccmE == 0) {
-        ccmE = wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv), authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv), authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
-        }
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
-                                    iv, sizeof(iv), authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
-        }
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
-                                    NULL, sizeof(iv), authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
+    ExpectIntEQ(wc_AesCcmEncrypt(NULL, cipherOut, plainT, sizeof(cipherOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, NULL, plainT, sizeof(cipherOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, NULL, sizeof(cipherOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+        NULL, sizeof(iv), authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+        iv, sizeof(iv), NULL, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+        iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
+        iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn , sizeof(authIn)),
+        BAD_FUNC_ARG);
+
+#ifdef HAVE_AES_DECRYPT
+    /* Pass in bad args. Decrypt*/
+    ExpectIntEQ(wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
+        iv, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+        NULL, sizeof(iv), authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv), NULL, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv) + 1, authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesCcmDecrypt(&aes, plainOut, cipherOut, sizeof(plainOut),
+        iv, sizeof(iv) - 7, authTag, sizeof(authTag), authIn, sizeof(authIn)),
+        BAD_FUNC_ARG);
+    #endif
+
+    wc_AesFree(&aes);
+#endif  /* HAVE_AESCCM */
+    return EXPECT_RESULT();
+} /* END test_wc_AesCcmEncryptDecrypt */
+
+
+#if defined(WOLFSSL_AES_EAX) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+
+/*
+ * Testing test_wc_AesEaxVectors()
+ */
+static int test_wc_AesEaxVectors(void)
+{
+    EXPECT_DECLS;
+
+    typedef struct {
+        byte key[AES_256_KEY_SIZE];
+        int key_length;
+        byte iv[AES_BLOCK_SIZE];
+        int iv_length;
+        byte aad[AES_BLOCK_SIZE * 2];
+        int aad_length;
+        byte msg[AES_BLOCK_SIZE * 5];
+        int msg_length;
+        byte ct[AES_BLOCK_SIZE * 5];
+        int ct_length;
+        byte tag[AES_BLOCK_SIZE];
+        int tag_length;
+        int valid;
+    } AadVector;
+
+    /*  Test vectors obtained from Google wycheproof project
+     *  https://github.com/google/wycheproof
+     *  from testvectors/aes_eax_test.json
+     */
+    const AadVector vectors[] = {
+        {
+            /* key, key length  */
+            {0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f,
+             0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16,
+            /* iv, iv length  */
+            {0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07,
+             0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16,
+            /* aad, aad length  */
+            {0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8,
+            /* msg, msg length  */
+            {0x00}, 0,
+            /* ct, ct length  */
+            {0x00}, 0,
+            /* tag, tag length  */
+            {0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2, 0x7b,
+             0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x91, 0x94, 0x5d, 0x3f, 0x4d, 0xcb, 0xee, 0x0b,
+             0xf4, 0x5e, 0xf5, 0x22, 0x55, 0xf0, 0x95, 0xa4}, 16,
+            /* iv, iv length  */
+            {0xbe, 0xca, 0xf0, 0x43, 0xb0, 0xa2, 0x3d, 0x84,
+             0x31, 0x94, 0xba, 0x97, 0x2c, 0x66, 0xde, 0xbd}, 16,
+            /* aad, aad length  */
+            {0xfa, 0x3b, 0xfd, 0x48, 0x06, 0xeb, 0x53, 0xfa}, 8,
+            /* msg, msg length  */
+            {0xf7, 0xfb}, 2,
+            /* ct, ct length  */
+            {0x19, 0xdd}, 2,
+            /* tag, tag length  */
+            {0x5c, 0x4c, 0x93, 0x31, 0x04, 0x9d, 0x0b, 0xda,
+             0xb0, 0x27, 0x74, 0x08, 0xf6, 0x79, 0x67, 0xe5}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x01, 0xf7, 0x4a, 0xd6, 0x40, 0x77, 0xf2, 0xe7,
+             0x04, 0xc0, 0xf6, 0x0a, 0xda, 0x3d, 0xd5, 0x23}, 16,
+            /* iv, iv length  */
+            {0x70, 0xc3, 0xdb, 0x4f, 0x0d, 0x26, 0x36, 0x84,
+             0x00, 0xa1, 0x0e, 0xd0, 0x5d, 0x2b, 0xff, 0x5e}, 16,
+            /* aad, aad length  */
+            {0x23, 0x4a, 0x34, 0x63, 0xc1, 0x26, 0x4a, 0xc6}, 8,
+            /* msg, msg length  */
+            {0x1a, 0x47, 0xcb, 0x49, 0x33}, 5,
+            /* ct, ct length  */
+            {0xd8, 0x51, 0xd5, 0xba, 0xe0}, 5,
+            /* tag, tag length  */
+            {0x3a, 0x59, 0xf2, 0x38, 0xa2, 0x3e, 0x39, 0x19,
+             0x9d, 0xc9, 0x26, 0x66, 0x26, 0xc4, 0x0f, 0x80}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0xd0, 0x7c, 0xf6, 0xcb, 0xb7, 0xf3, 0x13, 0xbd,
+             0xde, 0x66, 0xb7, 0x27, 0xaf, 0xd3, 0xc5, 0xe8}, 16,
+            /* iv, iv length  */
+            {0x84, 0x08, 0xdf, 0xff, 0x3c, 0x1a, 0x2b, 0x12,
+             0x92, 0xdc, 0x19, 0x9e, 0x46, 0xb7, 0xd6, 0x17}, 16,
+            /* aad, aad length  */
+            {0x33, 0xcc, 0xe2, 0xea, 0xbf, 0xf5, 0xa7, 0x9d}, 8,
+            /* msg, msg length  */
+            {0x48, 0x1c, 0x9e, 0x39, 0xb1}, 5,
+            /* ct, ct length  */
+            {0x63, 0x2a, 0x9d, 0x13, 0x1a}, 5,
+            /* tag, tag length  */
+            {0xd4, 0xc1, 0x68, 0xa4, 0x22, 0x5d, 0x8e, 0x1f,
+             0xf7, 0x55, 0x93, 0x99, 0x74, 0xa7, 0xbe, 0xde}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x35, 0xb6, 0xd0, 0x58, 0x00, 0x05, 0xbb, 0xc1,
+             0x2b, 0x05, 0x87, 0x12, 0x45, 0x57, 0xd2, 0xc2}, 16,
+            /* iv, iv length  */
+            {0xfd, 0xb6, 0xb0, 0x66, 0x76, 0xee, 0xdc, 0x5c,
+             0x61, 0xd7, 0x42, 0x76, 0xe1, 0xf8, 0xe8, 0x16}, 16,
+            /* aad, aad length  */
+            {0xae, 0xb9, 0x6e, 0xae, 0xbe, 0x29, 0x70, 0xe9}, 8,
+            /* msg, msg length  */
+            {0x40, 0xd0, 0xc0, 0x7d, 0xa5, 0xe4}, 6,
+            /* ct, ct length  */
+            {0x07, 0x1d, 0xfe, 0x16, 0xc6, 0x75}, 6,
+            /* tag, tag length  */
+            {0xcb, 0x06, 0x77, 0xe5, 0x36, 0xf7, 0x3a, 0xfe,
+             0x6a, 0x14, 0xb7, 0x4e, 0xe4, 0x98, 0x44, 0xdd}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0xbd, 0x8e, 0x6e, 0x11, 0x47, 0x5e, 0x60, 0xb2,
+             0x68, 0x78, 0x4c, 0x38, 0xc6, 0x2f, 0xeb, 0x22}, 16,
+            /* iv, iv length  */
+            {0x6e, 0xac, 0x5c, 0x93, 0x07, 0x2d, 0x8e, 0x85,
+             0x13, 0xf7, 0x50, 0x93, 0x5e, 0x46, 0xda, 0x1b}, 16,
+            /* aad, aad length  */
+            {0xd4, 0x48, 0x2d, 0x1c, 0xa7, 0x8d, 0xce, 0x0f}, 8,
+            /* msg, msg length  */
+            {0x4d, 0xe3, 0xb3, 0x5c, 0x3f, 0xc0, 0x39, 0x24,
+             0x5b, 0xd1, 0xfb, 0x7d}, 12,
+            /* ct, ct length  */
+            {0x83, 0x5b, 0xb4, 0xf1, 0x5d, 0x74, 0x3e, 0x35,
+             0x0e, 0x72, 0x84, 0x14}, 12,
+            /* tag, tag length  */
+            {0xab, 0xb8, 0x64, 0x4f, 0xd6, 0xcc, 0xb8, 0x69,
+             0x47, 0xc5, 0xe1, 0x05, 0x90, 0x21, 0x0a, 0x4f}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x7c, 0x77, 0xd6, 0xe8, 0x13, 0xbe, 0xd5, 0xac,
+             0x98, 0xba, 0xa4, 0x17, 0x47, 0x7a, 0x2e, 0x7d}, 16,
+            /* iv, iv length  */
+            {0x1a, 0x8c, 0x98, 0xdc, 0xd7, 0x3d, 0x38, 0x39,
+             0x3b, 0x2b, 0xf1, 0x56, 0x9d, 0xee, 0xfc, 0x19}, 16,
+            /* aad, aad length  */
+            {0x65, 0xd2, 0x01, 0x79, 0x90, 0xd6, 0x25, 0x28}, 8,
+            /* msg, msg length  */
+            {0x8b, 0x0a, 0x79, 0x30, 0x6c, 0x9c, 0xe7, 0xed,
+             0x99, 0xda, 0xe4, 0xf8, 0x7f, 0x8d, 0xd6, 0x16,
+             0x36}, 17,
+            /* ct, ct length  */
+            {0x02, 0x08, 0x3e, 0x39, 0x79, 0xda, 0x01, 0x48,
+             0x12, 0xf5, 0x9f, 0x11, 0xd5, 0x26, 0x30, 0xda,
+             0x30}, 17,
+            /* tag, tag length  */
+            {0x13, 0x73, 0x27, 0xd1, 0x06, 0x49, 0xb0, 0xaa,
+             0x6e, 0x1c, 0x18, 0x1d, 0xb6, 0x17, 0xd7, 0xf2}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x5f, 0xff, 0x20, 0xca, 0xfa, 0xb1, 0x19, 0xca,
+             0x2f, 0xc7, 0x35, 0x49, 0xe2, 0x0f, 0x5b, 0x0d}, 16,
+            /* iv, iv length  */
+            {0xdd, 0xe5, 0x9b, 0x97, 0xd7, 0x22, 0x15, 0x6d,
+             0x4d, 0x9a, 0xff, 0x2b, 0xc7, 0x55, 0x98, 0x26}, 16,
+            /* aad, aad length  */
+            {0x54, 0xb9, 0xf0, 0x4e, 0x6a, 0x09, 0x18, 0x9a}, 8,
+            /* msg, msg length  */
+            {0x1b, 0xda, 0x12, 0x2b, 0xce, 0x8a, 0x8d, 0xba,
+             0xf1, 0x87, 0x7d, 0x96, 0x2b, 0x85, 0x92, 0xdd,
+             0x2d, 0x56}, 18,
+            /* ct, ct length  */
+            {0x2e, 0xc4, 0x7b, 0x2c, 0x49, 0x54, 0xa4, 0x89,
+             0xaf, 0xc7, 0xba, 0x48, 0x97, 0xed, 0xcd, 0xae,
+             0x8c, 0xc3}, 18,
+            /* tag, tag length  */
+            {0x3b, 0x60, 0x45, 0x05, 0x99, 0xbd, 0x02, 0xc9,
+             0x63, 0x82, 0x90, 0x2a, 0xef, 0x7f, 0x83, 0x2a}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0xa4, 0xa4, 0x78, 0x2b, 0xcf, 0xfd, 0x3e, 0xc5,
+             0xe7, 0xef, 0x6d, 0x8c, 0x34, 0xa5, 0x61, 0x23}, 16,
+            /* iv, iv length  */
+            {0xb7, 0x81, 0xfc, 0xf2, 0xf7, 0x5f, 0xa5, 0xa8,
+             0xde, 0x97, 0xa9, 0xca, 0x48, 0xe5, 0x22, 0xec}, 16,
+            /* aad, aad length  */
+            {0x89, 0x9a, 0x17, 0x58, 0x97, 0x56, 0x1d, 0x7e}, 8,
+            /* msg, msg length  */
+            {0x6c, 0xf3, 0x67, 0x20, 0x87, 0x2b, 0x85, 0x13,
+             0xf6, 0xea, 0xb1, 0xa8, 0xa4, 0x44, 0x38, 0xd5,
+             0xef, 0x11}, 18,
+            /* ct, ct length  */
+            {0x0d, 0xe1, 0x8f, 0xd0, 0xfd, 0xd9, 0x1e, 0x7a,
+             0xf1, 0x9f, 0x1d, 0x8e, 0xe8, 0x73, 0x39, 0x38,
+             0xb1, 0xe8}, 18,
+            /* tag, tag length  */
+            {0xe7, 0xf6, 0xd2, 0x23, 0x16, 0x18, 0x10, 0x2f,
+             0xdb, 0x7f, 0xe5, 0x5f, 0xf1, 0x99, 0x17, 0x00}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x83, 0x95, 0xfc, 0xf1, 0xe9, 0x5b, 0xeb, 0xd6,
+             0x97, 0xbd, 0x01, 0x0b, 0xc7, 0x66, 0xaa, 0xc3}, 16,
+            /* iv, iv length  */
+            {0x22, 0xe7, 0xad, 0xd9, 0x3c, 0xfc, 0x63, 0x93,
+             0xc5, 0x7e, 0xc0, 0xb3, 0xc1, 0x7d, 0x6b, 0x44}, 16,
+            /* aad, aad length  */
+            {0x12, 0x67, 0x35, 0xfc, 0xc3, 0x20, 0xd2, 0x5a}, 8,
+            /* msg, msg length  */
+            {0xca, 0x40, 0xd7, 0x44, 0x6e, 0x54, 0x5f, 0xfa,
+             0xed, 0x3b, 0xd1, 0x2a, 0x74, 0x0a, 0x65, 0x9f,
+             0xfb, 0xbb, 0x3c, 0xea, 0xb7}, 21,
+            /* ct, ct length  */
+            {0xcb, 0x89, 0x20, 0xf8, 0x7a, 0x6c, 0x75, 0xcf,
+             0xf3, 0x96, 0x27, 0xb5, 0x6e, 0x3e, 0xd1, 0x97,
+             0xc5, 0x52, 0xd2, 0x95, 0xa7}, 21,
+            /* tag, tag length  */
+            {0xcf, 0xc4, 0x6a, 0xfc, 0x25, 0x3b, 0x46, 0x52,
+             0xb1, 0xaf, 0x37, 0x95, 0xb1, 0x24, 0xab, 0x6e}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75,
+             0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23,
+             0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13,
+             0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93,
+             0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32,
+            /* tag, tag length  */
+            {0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf,
+             0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0xae, 0xf0, 0x3d, 0x00, 0x59, 0x84, 0x94, 0xe9,
+             0xfb, 0x03, 0xcd, 0x7d, 0x8b, 0x59, 0x08, 0x66}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0xd1, 0x9a, 0xc5, 0x98, 0x49, 0x02, 0x6a, 0x91,
+             0xaa, 0x1b, 0x9a, 0xec, 0x29, 0xb1, 0x1a, 0x20,
+             0x2a, 0x4d, 0x73, 0x9f, 0xd8, 0x6c, 0x28, 0xe3,
+             0xae, 0x3d, 0x58, 0x8e, 0xa2, 0x1d, 0x70, 0xc6}, 32,
+            /* tag, tag length  */
+            {0xc3, 0x0f, 0x6c, 0xd9, 0x20, 0x20, 0x74, 0xed,
+             0x6e, 0x2a, 0x2a, 0x36, 0x0e, 0xac, 0x8c, 0x47}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x55, 0xd1, 0x25, 0x11, 0xc6, 0x96, 0xa8, 0x0d,
+             0x05, 0x14, 0xd1, 0xff, 0xba, 0x49, 0xca, 0xda}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0x21, 0x08, 0x55, 0x8a, 0xc4, 0xb2, 0xc2, 0xd5,
+             0xcc, 0x66, 0xce, 0xa5, 0x1d, 0x62, 0x10, 0xe0,
+             0x46, 0x17, 0x7a, 0x67, 0x63, 0x1c, 0xd2, 0xdd,
+             0x8f, 0x09, 0x46, 0x97, 0x33, 0xac, 0xb5, 0x17}, 32,
+            /* tag, tag length  */
+            {0xfc, 0x35, 0x5e, 0x87, 0xa2, 0x67, 0xbe, 0x3a,
+             0xe3, 0xe4, 0x4c, 0x0b, 0xf3, 0xf9, 0x9b, 0x2b}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x79, 0x42, 0x2d, 0xdd, 0x91, 0xc4, 0xee, 0xe2,
+             0xde, 0xae, 0xf1, 0xf9, 0x68, 0x30, 0x53, 0x04}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0x4d, 0x2c, 0x15, 0x24, 0xca, 0x4b, 0xaa, 0x4e,
+             0xef, 0xcc, 0xe6, 0xb9, 0x1b, 0x22, 0x7e, 0xe8,
+             0x3a, 0xba, 0xff, 0x81, 0x05, 0xdc, 0xaf, 0xa2,
+             0xab, 0x19, 0x1f, 0x5d, 0xf2, 0x57, 0x50, 0x35}, 32,
+            /* tag, tag length  */
+            {0xe2, 0xc8, 0x65, 0xce, 0x2d, 0x7a, 0xbd, 0xac,
+             0x02, 0x4c, 0x6f, 0x99, 0x1a, 0x84, 0x83, 0x90}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x0a, 0xf5, 0xaa, 0x7a, 0x76, 0x76, 0xe2, 0x83,
+             0x06, 0x30, 0x6b, 0xcd, 0x9b, 0xf2, 0x00, 0x3a}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0x8e, 0xb0, 0x1e, 0x62, 0x18, 0x5d, 0x78, 0x2e,
+             0xb9, 0x28, 0x7a, 0x34, 0x1a, 0x68, 0x62, 0xac,
+             0x52, 0x57, 0xd6, 0xf9, 0xad, 0xc9, 0x9e, 0xe0,
+             0xa2, 0x4d, 0x9c, 0x22, 0xb3, 0xe9, 0xb3, 0x8a}, 32,
+            /* tag, tag length  */
+            {0x39, 0xc3, 0x39, 0xbc, 0x8a, 0x74, 0xc7, 0x5e,
+             0x2c, 0x65, 0xc6, 0x11, 0x95, 0x44, 0xd6, 0x1e}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0xaf, 0x5a, 0x03, 0xae, 0x7e, 0xdd, 0x73, 0x47,
+             0x1b, 0xdc, 0xdf, 0xac, 0x5e, 0x19, 0x4a, 0x60}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length  */
+            {0x94, 0xc5, 0xd2, 0xac, 0xa6, 0xdb, 0xbc, 0xe8,
+             0xc2, 0x45, 0x13, 0xa2, 0x5e, 0x09, 0x5c, 0x0e,
+             0x54, 0xa9, 0x42, 0x86, 0x0d, 0x32, 0x7a, 0x22,
+             0x2a, 0x81, 0x5c, 0xc7, 0x13, 0xb1, 0x63, 0xb4}, 32,
+            /* tag, tag length  */
+            {0xf5, 0x0b, 0x30, 0x30, 0x4e, 0x45, 0xc9, 0xd4,
+             0x11, 0xe8, 0xdf, 0x45, 0x08, 0xa9, 0x86, 0x12}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0xb3, 0x70, 0x87, 0x68, 0x0f, 0x0e, 0xdd, 0x5a,
+             0x52, 0x22, 0x8b, 0x8c, 0x7a, 0xae, 0xa6, 0x64}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+             0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+             0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+             0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33}, 64,
+            /* ct, ct length  */
+            {0x3b, 0xb6, 0x17, 0x3e, 0x37, 0x72, 0xd4, 0xb6,
+             0x2e, 0xef, 0x37, 0xf9, 0xef, 0x07, 0x81, 0xf3,
+             0x60, 0xb6, 0xc7, 0x4b, 0xe3, 0xbf, 0x6b, 0x37,
+             0x10, 0x67, 0xbc, 0x1b, 0x09, 0x0d, 0x9d, 0x66,
+             0x22, 0xa1, 0xfb, 0xec, 0x6a, 0xc4, 0x71, 0xb3,
+             0x34, 0x9c, 0xd4, 0x27, 0x7a, 0x10, 0x1d, 0x40,
+             0x89, 0x0f, 0xbf, 0x27, 0xdf, 0xdc, 0xd0, 0xb4,
+             0xe3, 0x78, 0x1f, 0x98, 0x06, 0xda, 0xab, 0xb6}, 64,
+            /* tag, tag length  */
+            {0xa0, 0x49, 0x87, 0x45, 0xe5, 0x99, 0x99, 0xdd,
+             0xc3, 0x2d, 0x5b, 0x14, 0x02, 0x41, 0x12, 0x4e}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x4f, 0x80, 0x2d, 0xa6, 0x2a, 0x38, 0x45, 0x55,
+             0xa1, 0x9b, 0xc2, 0xb3, 0x82, 0xeb, 0x25, 0xaf}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+             0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+             0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+             0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
+             0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44,
+             0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44, 0x44}, 80,
+            /* ct, ct length  */
+            {0xe9, 0xb0, 0xbb, 0x88, 0x57, 0x81, 0x8c, 0xe3,
+             0x20, 0x1c, 0x36, 0x90, 0xd2, 0x1d, 0xaa, 0x7f,
+             0x26, 0x4f, 0xb8, 0xee, 0x93, 0xcc, 0x7a, 0x46,
+             0x74, 0xea, 0x2f, 0xc3, 0x2b, 0xf1, 0x82, 0xfb,
+             0x2a, 0x7e, 0x8a, 0xd5, 0x15, 0x07, 0xad, 0x4f,
+             0x31, 0xce, 0xfc, 0x23, 0x56, 0xfe, 0x79, 0x36,
+             0xa7, 0xf6, 0xe1, 0x9f, 0x95, 0xe8, 0x8f, 0xdb,
+             0xf1, 0x76, 0x20, 0x91, 0x6d, 0x3a, 0x6f, 0x3d,
+             0x01, 0xfc, 0x17, 0xd3, 0x58, 0x67, 0x2f, 0x77,
+             0x7f, 0xd4, 0x09, 0x92, 0x46, 0xe4, 0x36, 0xe1}, 80,
+            /* tag, tag length  */
+            {0x67, 0x91, 0x0b, 0xe7, 0x44, 0xb8, 0x31, 0x5a,
+             0xe0, 0xeb, 0x61, 0x24, 0x59, 0x0c, 0x5d, 0x8b}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0xb6, 0x7b, 0x1a, 0x6e, 0xfd, 0xd4, 0x0d, 0x37,
+             0x08, 0x0f, 0xbe, 0x8f, 0x80, 0x47, 0xae, 0xb9}, 16,
+            /* iv, iv length  */
+            {0xfa, 0x29, 0x4b, 0x12, 0x99, 0x72, 0xf7, 0xfc,
+             0x5b, 0xbd, 0x5b, 0x96, 0xbb, 0xa8, 0x37, 0xc9}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x00}, 0,
+            /* ct, ct length  */
+            {0x00}, 0,
+            /* tag, tag length  */
+            {0xb1, 0x4b, 0x64, 0xfb, 0x58, 0x98, 0x99, 0x69,
+             0x95, 0x70, 0xcc, 0x91, 0x60, 0xe3, 0x98, 0x96}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x20, 0x9e, 0x6d, 0xbf, 0x2a, 0xd2, 0x6a, 0x10,
+             0x54, 0x45, 0xfc, 0x02, 0x07, 0xcd, 0x9e, 0x9a}, 16,
+            /* iv, iv length  */
+            {0x94, 0x77, 0x84, 0x9d, 0x6c, 0xcd, 0xfc, 0xa1,
+             0x12, 0xd9, 0x2e, 0x53, 0xfa, 0xe4, 0xa7, 0xca}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x01}, 1,
+            /* ct, ct length  */
+            {0x1d}, 1,
+            /* tag, tag length  */
+            {0x52, 0xa5, 0xf6, 0x00, 0xfe, 0x53, 0x38, 0x02,
+             0x6a, 0x7c, 0xb0, 0x9c, 0x11, 0x64, 0x00, 0x82}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0xa5, 0x49, 0x44, 0x2e, 0x35, 0x15, 0x40, 0x32,
+             0xd0, 0x7c, 0x86, 0x66, 0x00, 0x6a, 0xa6, 0xa2}, 16,
+            /* iv, iv length  */
+            {0x51, 0x71, 0x52, 0x45, 0x68, 0xe8, 0x1d, 0x97,
+             0xe8, 0xc4, 0xde, 0x4b, 0xa5, 0x6c, 0x10, 0xa0}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x11, 0x82, 0xe9, 0x35, 0x96, 0xca, 0xc5, 0x60,
+             0x89, 0x46, 0x40, 0x0b, 0xc7, 0x3f, 0x3a}, 15,
+            /* ct, ct length  */
+            {0xd7, 0xb8, 0xa6, 0xb4, 0x3d, 0x2e, 0x9f, 0x98,
+             0xc2, 0xb4, 0x4c, 0xe5, 0xe3, 0xcf, 0xdb}, 15,
+            /* tag, tag length  */
+            {0x1b, 0xdd, 0x52, 0xfc, 0x98, 0x7d, 0xaf, 0x0e,
+             0xe1, 0x92, 0x34, 0xc9, 0x05, 0xea, 0x64, 0x5f}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x95, 0x8b, 0xcd, 0xb6, 0x6a, 0x39, 0x52, 0xb5,
+             0x37, 0x01, 0x58, 0x2a, 0x68, 0xa0, 0xe4, 0x74}, 16,
+            /* iv, iv length  */
+            {0x0e, 0x6e, 0xc8, 0x79, 0xb0, 0x2c, 0x6f, 0x51,
+             0x69, 0x76, 0xe3, 0x58, 0x98, 0x42, 0x8d, 0xa7}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x14, 0x04, 0x15, 0x82, 0x3e, 0xcc, 0x89, 0x32,
+             0xa0, 0x58, 0x38, 0x4b, 0x73, 0x8e, 0xa6, 0xea,
+             0x6d, 0x4d, 0xfe, 0x3b, 0xbe, 0xee}, 22,
+            /* ct, ct length  */
+            {0x73, 0xe5, 0xc6, 0xf0, 0xe7, 0x03, 0xa5, 0x2d,
+             0x02, 0xf7, 0xf7, 0xfa, 0xeb, 0x1b, 0x77, 0xfd,
+             0x4f, 0xd0, 0xcb, 0x42, 0x1e, 0xaf}, 22,
+            /* tag, tag length  */
+            {0x6c, 0x15, 0x4a, 0x85, 0x96, 0x8e, 0xdd, 0x74,
+             0x77, 0x65, 0x75, 0xa4, 0x45, 0x0b, 0xd8, 0x97}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x96, 0x5b, 0x75, 0x7b, 0xa5, 0x01, 0x8a, 0x8d,
+             0x66, 0xed, 0xc7, 0x8e, 0x0c, 0xee, 0xe8, 0x6b}, 16,
+            /* iv, iv length  */
+            {0x2e, 0x35, 0x90, 0x1a, 0xe7, 0xd4, 0x91, 0xee,
+             0xcc, 0x88, 0x38, 0xfe, 0xdd, 0x63, 0x14, 0x05}, 16,
+            /* aad, aad length  */
+            {0xdf, 0x10, 0xd0, 0xd2, 0x12, 0x24, 0x24, 0x50}, 8,
+            /* msg, msg length  */
+            {0x36, 0xe5, 0x7a, 0x76, 0x39, 0x58, 0xb0, 0x2c,
+             0xea, 0x9d, 0x6a, 0x67, 0x6e, 0xbc, 0xe8, 0x1f}, 16,
+            /* ct, ct length  */
+            {0x93, 0x6b, 0x69, 0xb6, 0xc9, 0x55, 0xad, 0xfd,
+             0x15, 0x53, 0x9b, 0x9b, 0xe4, 0x98, 0x9c, 0xb6}, 16,
+            /* tag, tag length  */
+            {0xee, 0x15, 0xa1, 0x45, 0x4e, 0x88, 0xfa, 0xad,
+             0x8e, 0x48, 0xa8, 0xdf, 0x29, 0x83, 0xb4, 0x25}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x88, 0xd0, 0x20, 0x33, 0x78, 0x1c, 0x7b, 0x41,
+             0x64, 0x71, 0x1a, 0x05, 0x42, 0x0f, 0x25, 0x6e}, 16,
+            /* iv, iv length  */
+            {0x7f, 0x29, 0x85, 0x29, 0x63, 0x15, 0x50, 0x7a,
+             0xa4, 0xc0, 0xa9, 0x3d, 0x5c, 0x12, 0xbd, 0x77}, 16,
+            /* aad, aad length  */
+            {0x7c, 0x57, 0x1d, 0x2f, 0xbb, 0x5f, 0x62, 0x52,
+             0x3c, 0x0e, 0xb3, 0x38, 0xbe, 0xf9, 0xa9}, 15,
+            /* msg, msg length  */
+            {0xd9, 0x8a, 0xdc, 0x03, 0xd9, 0xd5, 0x82, 0x73,
+             0x2e, 0xb0, 0x7d, 0xf2, 0x3d, 0x7b, 0x9f, 0x74}, 16,
+            /* ct, ct length  */
+            {0x67, 0xca, 0xac, 0x35, 0x44, 0x3a, 0x31, 0x38,
+             0xd2, 0xcb, 0x81, 0x1f, 0x0c, 0xe0, 0x4d, 0xd2}, 16,
+            /* tag, tag length  */
+            {0xb7, 0x96, 0x8e, 0x0b, 0x56, 0x40, 0xe3, 0xb2,
+             0x36, 0x56, 0x96, 0x53, 0x20, 0x8b, 0x9d, 0xeb}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x51, 0x58, 0x40, 0xcf, 0x67, 0xd2, 0xe4, 0x0e,
+             0xb6, 0x5e, 0x54, 0xa2, 0x4c, 0x72, 0xcb, 0xf2}, 16,
+            /* iv, iv length  */
+            {0xbf, 0x47, 0xaf, 0xdf, 0xd4, 0x92, 0x13, 0x7a,
+             0x24, 0x23, 0x6b, 0xc3, 0x67, 0x97, 0xa8, 0x8e}, 16,
+            /* aad, aad length  */
+            {0x16, 0x84, 0x3c, 0x09, 0x1d, 0x43, 0xb0, 0xa1,
+             0x91, 0xd0, 0xc7, 0x3d, 0x15, 0x60, 0x1b, 0xe9}, 16,
+            /* msg, msg length  */
+            {0xc8, 0x34, 0x58, 0x8c, 0xb6, 0xda, 0xf9, 0xf0,
+             0x6d, 0xd2, 0x35, 0x19, 0xf4, 0xbe, 0x9f, 0x56}, 16,
+            /* ct, ct length  */
+            {0x20, 0x0a, 0xc4, 0x51, 0xfb, 0xeb, 0x0f, 0x61,
+             0x51, 0xd6, 0x15, 0x83, 0xa4, 0x3b, 0x73, 0x43}, 16,
+            /* tag, tag length  */
+            {0x2a, 0xd4, 0x3e, 0x4c, 0xaa, 0x51, 0x98, 0x3a,
+             0x9d, 0x4d, 0x24, 0x48, 0x1b, 0xf4, 0xc8, 0x39}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x2e, 0x44, 0x92, 0xd4, 0x44, 0xe5, 0xb6, 0xf4,
+             0xce, 0xc8, 0xc2, 0xd3, 0x61, 0x5a, 0xc8, 0x58}, 16,
+            /* iv, iv length  */
+            {0xd0, 0x2b, 0xf0, 0x76, 0x3a, 0x9f, 0xef, 0xbf,
+             0x70, 0xc3, 0x3a, 0xee, 0x1e, 0x9d, 0xa1, 0xd6}, 16,
+            /* aad, aad length  */
+            {0x90, 0x4d, 0x86, 0xf1, 0x33, 0xce, 0xc1, 0x5a,
+             0x0c, 0x3c, 0xaf, 0x14, 0xd7, 0xe0, 0x29, 0xc8,
+             0x2a, 0x07, 0x70, 0x5a, 0x23, 0xf0, 0xd0, 0x80}, 24,
+            /* msg, msg length  */
+            {0x9e, 0x62, 0xd6, 0x51, 0x1b, 0x0b, 0xda, 0x7d,
+             0xd7, 0x74, 0x0b, 0x61, 0x4d, 0x97, 0xba, 0xe0}, 16,
+            /* ct, ct length  */
+            {0x27, 0xc6, 0xe9, 0xa6, 0x53, 0xc5, 0x25, 0x3c,
+             0xa1, 0xc5, 0x67, 0x3f, 0x97, 0xb9, 0xb3, 0x3e}, 16,
+            /* tag, tag length  */
+            {0x2d, 0x58, 0x12, 0x71, 0xe1, 0xfa, 0x9e, 0x36,
+             0x86, 0x13, 0x6c, 0xaa, 0x8f, 0x4d, 0x6c, 0x8e}, 16,
+            /* valid */
+            1,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe4, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0x66, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0f, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x12, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x11, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0xd2, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0xb8, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb0, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9a, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x99, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x1b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa6}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa5}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xe7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x53, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0xd0, 0x13, 0xa6, 0xdb, 0x72,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe6, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0x72,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0x27}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0x19, 0xf1, 0x83, 0xaf, 0xec, 0x59, 0x24, 0x0d,
+             0xad, 0x67, 0x4e, 0x6d, 0x64, 0x3c, 0xa9, 0x58}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
+             0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0x66, 0x8e, 0xfc, 0xd0, 0x93, 0x26, 0x5b, 0x72,
+             0xd2, 0x18, 0x31, 0x12, 0x1b, 0x43, 0xd6, 0x27}, 16,
+            /* valid */
+            0,
+        },
+        {
+            /* key, key length  */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length  */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length  */
+            {0x00}, 0,
+            /* msg, msg length  */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct, ct length  */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length  */
+            {0xe7, 0x0f, 0x7d, 0x51, 0x12, 0xa7, 0xda, 0xf3,
+             0x53, 0x99, 0xb0, 0x93, 0x9a, 0xc2, 0x57, 0xa6}, 16,
+            /* valid */
+            0,
+        },
+    };
+
+    byte ciphertext[sizeof(vectors[0].ct)];
+    byte authtag[sizeof(vectors[0].tag)];
+    int i;
+    int len;
+    int ret;
+
+
+    for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) {
+
+        XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+        len = sizeof(authtag);
+        ExpectIntEQ(wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length,
+                                         ciphertext,
+                                         vectors[i].msg, vectors[i].msg_length,
+                                         vectors[i].iv, vectors[i].iv_length,
+                                         authtag, len,
+                                         vectors[i].aad, vectors[i].aad_length),
+                                         0);
+
+        /* check ciphertext matches vector */
+        ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length),
+                    0);
+
+        /* check that computed tag matches vector only for vectors marked as valid */
+        ret = XMEMCMP(authtag, vectors[i].tag, len);
+        if (vectors[i].valid) {
+            ExpectIntEQ(ret, 0);
         }
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv), NULL, sizeof(authTag),
-                                    authIn , sizeof(authIn));
+        else {
+            ExpectIntNE(ret, 0);
         }
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv) + 1, authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
+
+        XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+        /* Decrypt, checking that the computed auth tags match */
+        ExpectIntEQ(wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length,
+                                         ciphertext,
+                                         vectors[i].ct, vectors[i].ct_length,
+                                         vectors[i].iv, vectors[i].iv_length,
+                                         authtag, len,
+                                         vectors[i].aad, vectors[i].aad_length),
+                                         0);
+
+        /* check decrypted ciphertext matches vector plaintext */
+        ExpectIntEQ(XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length),
+                    0);
+    }
+    return EXPECT_RESULT();
+} /* END test_wc_AesEaxVectors */
+
+
+/*
+ * Testing test_wc_AesEaxEncryptAuth()
+ */
+static int test_wc_AesEaxEncryptAuth(void)
+{
+    EXPECT_DECLS;
+
+    const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+                        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                        0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+    const byte iv[]  = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+                        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                        0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+    const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
+    const byte msg[] = {0x00, 0x01, 0x02, 0x03, 0x04};
+
+    byte ciphertext[sizeof(msg)];
+    byte authtag[AES_BLOCK_SIZE];
+    int i;
+    int len;
+
+    len = sizeof(authtag);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     0);
+
+    /* Test null checking */
+    ExpectIntEQ(wc_AesEaxEncryptAuth(NULL, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     NULL,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     NULL, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     NULL, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     NULL, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     NULL, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+
+    /* Test bad key lengths */
+    for (i = 0; i <= 32; i++) {
+        int exp_ret;
+        if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
+                                  || i == AES_256_KEY_SIZE) {
+            exp_ret = 0;
         }
-        if (ccmE == BAD_FUNC_ARG) {
-            ccmE = wc_AesCcmEncrypt(&aes, cipherOut, plainT, sizeof(cipherOut),
-                                    iv, sizeof(iv) - 7, authTag, sizeof(authTag),
-                                    authIn , sizeof(authIn));
+        else {
+            exp_ret = BAD_FUNC_ARG;
         }
 
-        if (ccmE != BAD_FUNC_ARG) {
-            ccmE = WOLFSSL_FATAL_ERROR;
+        ExpectIntEQ(wc_AesEaxEncryptAuth(key, i,
+                                         ciphertext,
+                                         msg, sizeof(msg),
+                                         iv, sizeof(iv),
+                                         authtag, len,
+                                         aad, sizeof(aad)),
+                                         exp_ret);
+    }
+
+
+    /* Test auth tag size out of range */
+    len = AES_BLOCK_SIZE + 1;
+    ExpectIntEQ(wc_AesEaxEncryptAuth(key, sizeof(key),
+                                     ciphertext,
+                                     msg, sizeof(msg),
+                                     iv, sizeof(iv),
+                                     authtag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+
+    return EXPECT_RESULT();
+} /* END test_wc_AesEaxEncryptAuth() */
+
+
+/*
+ * Testing test_wc_AesEaxDecryptAuth()
+ */
+static int test_wc_AesEaxDecryptAuth(void)
+{
+    EXPECT_DECLS;
+
+    const byte key[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+                        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                        0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+    const byte iv[]  = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
+                        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+                        0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
+    const byte aad[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07};
+    const byte ct[] =  {0x00, 0x01, 0x02, 0x03, 0x04};
+    /* Garbage tag that should always fail for above aad */
+    const byte tag[] = {0xFE, 0xED, 0xBE, 0xEF, 0xDE, 0xAD, 0xC0, 0xDE,
+                        0xCA, 0xFE, 0xBE, 0xEF, 0xDE, 0xAF, 0xBE, 0xEF};
+
+    byte plaintext[sizeof(ct)];
+    int i;
+    int len;
+
+    len = sizeof(tag);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     AES_EAX_AUTH_E);
+
+    /* Test null checking */
+    ExpectIntEQ(wc_AesEaxDecryptAuth(NULL, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     NULL,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     NULL, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     NULL, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     NULL, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     NULL, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+
+    /* Test bad key lengths */
+    for (i = 0; i <= 32; i++) {
+        int exp_ret;
+        if (i == AES_128_KEY_SIZE || i == AES_192_KEY_SIZE
+                                  || i == AES_256_KEY_SIZE) {
+            exp_ret = AES_EAX_AUTH_E;
         }
         else {
-            ccmE = 0;
+            exp_ret = BAD_FUNC_ARG;
         }
-    } /* End Encrypt */
 
-    if (ccmE != 0) {
-        wc_AesFree(&aes);
-        return TEST_FAIL;
+        ExpectIntEQ(wc_AesEaxDecryptAuth(key, i,
+                                         plaintext,
+                                         ct, sizeof(ct),
+                                         iv, sizeof(iv),
+                                         tag, len,
+                                         aad, sizeof(aad)),
+                                         exp_ret);
     }
-    #ifdef HAVE_AES_DECRYPT
-        /* Pass in bad args. Decrypt*/
-        if (ret == 0 && ccmD == 0) {
-            ccmD = wc_AesCcmDecrypt(NULL, plainOut, cipherOut, sizeof(plainOut),
-                                        iv, sizeof(iv), authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, NULL, cipherOut, sizeof(plainOut),
-                                        iv, sizeof(iv), authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            }
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, NULL, sizeof(plainOut),
-                                        iv, sizeof(iv), authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            }
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
-                                        sizeof(plainOut), NULL, sizeof(iv),
-                                        authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            }
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
-                                        sizeof(plainOut), iv, sizeof(iv), NULL,
-                                        sizeof(authTag), authIn, sizeof(authIn));
-            }
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
-                                        sizeof(plainOut), iv, sizeof(iv) + 1,
-                                        authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            }
-            if (ccmD == BAD_FUNC_ARG) {
-                ccmD = wc_AesCcmDecrypt(&aes, plainOut, cipherOut,
-                                        sizeof(plainOut), iv, sizeof(iv) - 7,
-                                        authTag, sizeof(authTag),
-                                        authIn, sizeof(authIn));
-            }
-            if (ccmD != BAD_FUNC_ARG) {
-                ccmD = WOLFSSL_FATAL_ERROR;
-            }
-            else {
-                ccmD = 0;
-            }
-        } /* END Decrypt */
 
-        res = TEST_RES_CHECK(ccmD == 0);
-    #endif
 
-    wc_AesFree(&aes);
-#endif  /* HAVE_AESCCM */
-    return res;
-} /* END test_wc_AesCcmEncryptDecrypt */
+    /* Test auth tag size out of range */
+    len = AES_BLOCK_SIZE + 1;
+    ExpectIntEQ(wc_AesEaxDecryptAuth(key, sizeof(key),
+                                     plaintext,
+                                     ct, sizeof(ct),
+                                     iv, sizeof(iv),
+                                     tag, len,
+                                     aad, sizeof(aad)),
+                                     BAD_FUNC_ARG);
+
+    return EXPECT_RESULT();
+} /* END test_wc_AesEaxDecryptAuth() */
 
+#endif /* WOLFSSL_AES_EAX &&
+        * (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) && !HAVE_SELFTEST
+        */
 
 /*
  * Testing wc_InitDsaKey()
  */
 static int test_wc_InitDsaKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DSA
-    DsaKey  key;
-    int     ret = 0;
+    DsaKey key;
+
+    XMEMSET(&key, 0, sizeof(DsaKey));
 
-    ret = wc_InitDsaKey(&key);
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_InitDsaKey(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitDsaKey(NULL), BAD_FUNC_ARG);
 
     wc_FreeDsaKey(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_InitDsaKey */
 
@@ -22326,131 +21427,78 @@ static int test_wc_InitDsaKey(void)
  */
 static int test_wc_DsaSignVerify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA)
-    DsaKey  key;
-    WC_RNG  rng;
-    wc_Sha  sha;
-    int     ret = 0;
-    byte    signature[DSA_SIG_SIZE];
-    byte    hash[WC_SHA_DIGEST_SIZE];
-    word32  idx = 0;
-    word32  bytes;
-    int      answer;
+    DsaKey key;
+    WC_RNG rng;
+    wc_Sha sha;
+    byte   signature[DSA_SIG_SIZE];
+    byte   hash[WC_SHA_DIGEST_SIZE];
+    word32 idx = 0;
+    word32 bytes;
+    int    answer;
 #ifdef USE_CERT_BUFFERS_1024
-    byte    tmp[ONEK_BUF];
+    byte   tmp[ONEK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
     bytes = sizeof_dsa_key_der_1024;
 #elif defined(USE_CERT_BUFFERS_2048)
-    byte    tmp[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
     bytes = sizeof_dsa_key_der_2048;
 #else
-    byte    tmp[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+    XFILE  fp = XBADFILE;
+
     XMEMSET(tmp, 0, sizeof(tmp));
-    XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
-    if (fp == XBADFILE) {
-        return WOLFSSL_BAD_FILE;
-    }
-    bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+    ExpectTrue((bytes = (word32)XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif /* END USE_CERT_BUFFERS_1024 */
 
-    ret = wc_InitSha(&sha);
-    if (ret == 0) {
-        ret = wc_ShaUpdate(&sha, tmp, bytes);
-        if (ret == 0) {
-            ret = wc_ShaFinal(&sha, hash);
-        }
-        if (ret == 0) {
-            ret = wc_InitDsaKey(&key);
-        }
-        if (ret == 0) {
-            ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
-        }
-        if (ret == 0) {
-            ret = wc_InitRng(&rng);
-        }
-    }
+    ExpectIntEQ(wc_InitSha(&sha), 0);
+    ExpectIntEQ(wc_ShaUpdate(&sha, tmp, bytes), 0);
+    ExpectIntEQ(wc_ShaFinal(&sha, hash), 0);
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
     /* Sign. */
-    if (ret == 0) {
-        ret = wc_DsaSign(hash, signature, &key, &rng);
-    }
-
+    ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_DsaSign(NULL, signature, &key, &rng);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaSign(hash, NULL, &key, &rng);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaSign(hash, signature, NULL, &rng);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaSign(hash, signature, &key, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (ret == 0) {
-        /* Verify. */
-        ret = wc_DsaVerify(hash, signature, &key, &answer);
-        if (ret != 0 || answer != 1) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        else {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_DsaSign(NULL, signature, &key, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaSign(hash, NULL, &key, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaSign(hash, signature, NULL, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaSign(hash, signature, &key, NULL), BAD_FUNC_ARG);
 
+    /* Verify. */
+    ExpectIntEQ(wc_DsaVerify(hash, signature, &key, &answer), 0);
+    ExpectIntEQ(answer, 1);
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_DsaVerify(NULL, signature, &key, &answer);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaVerify(hash, NULL, &key, &answer);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaVerify(hash, signature, NULL, &answer);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaVerify(hash, signature, &key, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_DsaVerify(NULL, signature, &key, &answer), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaVerify(hash, NULL, &key, &answer), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaVerify(hash, signature, NULL, &answer), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaVerify(hash, signature, &key, NULL), BAD_FUNC_ARG);
 
 #if !defined(HAVE_FIPS) && defined(WOLFSSL_PUBLIC_MP)
     /* hard set q to 0 and test fail case */
     mp_free(&key.q);
     mp_init(&key.q);
-    AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
 
     mp_set(&key.q, 1);
-    AssertIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaSign(hash, signature, &key, &rng), BAD_FUNC_ARG);
 #endif
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
+    DoExpectIntEQ(wc_FreeRng(&rng),0);
     wc_FreeDsaKey(&key);
     wc_ShaFree(&sha);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_DsaSign */
 
@@ -22459,95 +21507,55 @@ static int test_wc_DsaSignVerify(void)
  */
 static int test_wc_DsaPublicPrivateKeyDecode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA)
-    DsaKey  key;
-    word32  bytes;
-    word32  idx  = 0;
-    int     priv = 0;
-    int     pub  = 0;
-    int     ret = 0;
-
+    DsaKey key;
+    word32 bytes;
+    word32 idx  = 0;
+    int    ret;
 #ifdef USE_CERT_BUFFERS_1024
-    byte    tmp[ONEK_BUF];
+    byte   tmp[ONEK_BUF];
+
     XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
     bytes = sizeof_dsa_key_der_1024;
 #elif defined(USE_CERT_BUFFERS_2048)
-    byte    tmp[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+
     XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
     bytes = sizeof_dsa_key_der_2048;
 #else
-    byte    tmp[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+    XFILE  fp = XBADFILE;
+
     XMEMSET(tmp, 0, sizeof(tmp));
-    XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
-    if (fp == XBADFILE)
-    {
-        return WOLFSSL_BAD_FILE;
-    }
-    bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+    ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif /* END USE_CERT_BUFFERS_1024 */
 
-    ret = wc_InitDsaKey(&key);
-
-    if (ret == 0) {
-        priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
-
-        /* Test bad args. */
-        if (priv == 0) {
-            priv = wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes);
-            if (priv == BAD_FUNC_ARG) {
-                priv = wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes);
-            }
-            if (priv == BAD_FUNC_ARG) {
-                priv = wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes);
-            }
-            if (priv == BAD_FUNC_ARG) {
-                priv = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
-            }
-            if (priv == ASN_PARSE_E || priv == BUFFER_E) {
-                priv = 0;
-            }
-            else {
-                priv = WOLFSSL_FATAL_ERROR;
-            }
-        }
-
-        wc_FreeDsaKey(&key);
-        ret = wc_InitDsaKey(&key);
-    }
-
-    if (ret == 0) {
-        idx = 0; /* Reset */
-        pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
-
-        /* Test bad args. */
-        if (pub == 0) {
-            pub = wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes);
-            if (pub == BAD_FUNC_ARG) {
-                pub = wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes);
-            }
-            if (pub == BAD_FUNC_ARG) {
-                pub = wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes);
-            }
-            if (pub == BAD_FUNC_ARG) {
-                pub = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes);
-            }
-            if (pub == ASN_PARSE_E || pub == BUFFER_E) {
-                pub = 0;
-            }
-            else {
-                pub = WOLFSSL_FATAL_ERROR;
-            }
-        }
-
-    } /* END Public Key */
-
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
+    ExpectIntLT(ret = wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+    ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
     wc_FreeDsaKey(&key);
 
-    res = TEST_RES_CHECK(ret == 0 && pub == 0 && priv == 0);
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    idx = 0; /* Reset */
+    ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_DsaPublicKeyDecode(NULL, &idx, &key, bytes), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, NULL, &key, bytes), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaPublicKeyDecode(tmp, &idx, NULL, bytes), BAD_FUNC_ARG);
+    ExpectIntLT(ret = wc_DsaPublicKeyDecode(tmp, &idx, &key, bytes), 0);
+    ExpectTrue((ret == ASN_PARSE_E) || (ret == BUFFER_E));
+    wc_FreeDsaKey(&key);
 #endif /* !NO_DSA */
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_DsaPublicPrivateKeyDecode */
 
@@ -22557,67 +21565,33 @@ static int test_wc_DsaPublicPrivateKeyDecode(void)
  */
 static int test_wc_MakeDsaKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
-    DsaKey  genKey;
-    WC_RNG  rng;
-    int     ret = 0;
+    DsaKey genKey;
+    WC_RNG rng;
 
-    XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&genKey, 0, sizeof(genKey));
+    XMEMSET(&rng, 0, sizeof(rng));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_InitDsaKey(&genKey);
-    }
+    ExpectIntEQ(wc_InitDsaKey(&genKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    if (ret == 0) {
-        ret = wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey);
-    }
+    ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_MakeDsaParameters(&rng, ONEK_BUF, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_MakeDsaKey(&rng, &genKey);
-    }
+    ExpectIntEQ(wc_MakeDsaParameters(NULL, ONEK_BUF, &genKey), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF + 1, &genKey),
+        BAD_FUNC_ARG);
 
+    ExpectIntEQ(wc_MakeDsaKey(&rng, &genKey), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_MakeDsaKey(NULL, &genKey);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_MakeDsaKey(&rng, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FAILURE;
-    }
+    ExpectIntEQ(wc_MakeDsaKey(NULL, &genKey), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_MakeDsaKey(&rng, NULL), BAD_FUNC_ARG);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_FreeDsaKey(&genKey);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_MakeDsaKey */
 
 /*
@@ -22625,88 +21599,54 @@ static int test_wc_MakeDsaKey(void)
  */
 static int test_wc_DsaKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
-    DsaKey  genKey;
-    WC_RNG  rng;
-    word32  bytes;
-    word32  idx = 0;
-    int     ret = 0;
+    DsaKey key;
+    word32 bytes;
+    word32 idx = 0;
 #ifdef USE_CERT_BUFFERS_1024
-    byte    tmp[ONEK_BUF];
-    byte    der[ONEK_BUF];
+    byte   tmp[ONEK_BUF];
+    byte   der[ONEK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMSET(der, 0, sizeof(der));
     XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
     bytes = sizeof_dsa_key_der_1024;
 #elif defined(USE_CERT_BUFFERS_2048)
-    byte    tmp[TWOK_BUF];
-    byte    der[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+    byte   der[TWOK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMSET(der, 0, sizeof(der));
     XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
     bytes = sizeof_dsa_key_der_2048;
 #else
-    byte    tmp[TWOK_BUF];
-    byte    der[TWOK_BUF];
+    byte   tmp[TWOK_BUF];
+    byte   der[TWOK_BUF];
+    XFILE fp = XBADFILE;
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMSET(der, 0, sizeof(der));
-    XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
-    if (fp == XBADFILE) {
-        return WOLFSSL_BAD_FILE;
-    }
-    bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+    ExpectTrue((bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp)) > 0);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif /* END USE_CERT_BUFFERS_1024 */
 
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&genKey, 0, sizeof(genKey));
+    XMEMSET(&key, 0, sizeof(DsaKey));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_InitDsaKey(&genKey);
-    }
-    if (ret == 0) {
-        ret = wc_MakeDsaParameters(&rng, sizeof(tmp), &genKey);
-        if (ret == 0) {
-            wc_FreeDsaKey(&genKey);
-            ret = wc_InitDsaKey(&genKey);
-        }
-    }
-    if (ret == 0) {
-        ret = wc_DsaPrivateKeyDecode(tmp, &idx, &genKey, bytes);
-    }
-
-    if (ret == 0) {
-        ret = wc_DsaKeyToDer(&genKey, der, bytes);
-        if ( ret >= 0 && ( ret = XMEMCMP(der, tmp, bytes) ) == 0 ) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_DsaPrivateKeyDecode(tmp, &idx, &key, bytes), 0);
+    ExpectIntGE(wc_DsaKeyToDer(&key, der, bytes), 0);
+    ExpectIntEQ(XMEMCMP(der, tmp, bytes), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_DsaKeyToDer(NULL, der, FOURK_BUF);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaKeyToDer(&genKey, NULL, FOURK_BUF);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_DsaKeyToDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaKeyToDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    wc_FreeDsaKey(&genKey);
-
-    res = TEST_RES_CHECK(ret == 0);
+    wc_FreeDsaKey(&key);
 #endif /* !NO_DSA && WOLFSSL_KEY_GEN */
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_DsaKeyToDer */
 
@@ -22716,89 +21656,47 @@ static int test_wc_DsaKeyToDer(void)
  */
 static int test_wc_DsaKeyToPublicDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef HAVE_SELFTEST
 #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
-    DsaKey  genKey;
-    WC_RNG  rng;
-    byte*   der;
-    word32  sz;
-    int     ret = 0;
+    DsaKey key;
+    WC_RNG rng;
+    byte*  der = NULL;
+    word32 sz = 0;
+    word32 idx = 0;
 
-    der = (byte*)XMALLOC(ONEK_BUF, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    if (der == NULL) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0) {
-        ret = wc_InitDsaKey(&genKey);
-    }
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_MakeDsaParameters(&rng, ONEK_BUF, &genKey);
-    }
-    if (ret == 0) {
-        ret = wc_MakeDsaKey(&rng, &genKey);
-    }
+    XMEMSET(&key, 0, sizeof(DsaKey));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectNotNull(der = (byte*)XMALLOC(ONEK_BUF, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_MakeDsaParameters(&rng, ONEK_BUF, &key), 0);
+    ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
+
+    ExpectIntGE(sz = wc_DsaKeyToPublicDer(&key, der, ONEK_BUF), 0);
+    wc_FreeDsaKey(&key);
+
+    idx = 0;
+    ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
 
-    if (ret == 0) {
-        ret = wc_DsaKeyToPublicDer(&genKey, der, ONEK_BUF);
-        if (ret >= 0) {
-            sz = ret;
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (ret == 0) {
-        word32 idx = 0;
-        wc_FreeDsaKey(&genKey);
-        ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz);
-    }
     /* Test without the SubjectPublicKeyInfo header */
-    if (ret == 0) {
-        ret = wc_SetDsaPublicKey(der, &genKey, ONEK_BUF, 0);
-        if (ret >= 0) {
-            sz = ret;
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (ret == 0) {
-        word32 idx = 0;
-        wc_FreeDsaKey(&genKey);
-        ret = wc_DsaPublicKeyDecode(der, &idx, &genKey, sz);
-    }
+    ExpectIntGE(sz = wc_SetDsaPublicKey(der, &key, ONEK_BUF, 0), 0);
+    wc_FreeDsaKey(&key);
+    idx = 0;
+    ExpectIntEQ(wc_DsaPublicKeyDecode(der, &idx, &key, sz), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_DsaKeyToPublicDer(&genKey, NULL, FOURK_BUF);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_DsaKeyToPublicDer(NULL, der, FOURK_BUF), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DsaKeyToPublicDer(&key, NULL, FOURK_BUF), BAD_FUNC_ARG);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_FreeDsaKey(&key);
     XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-    wc_FreeDsaKey(&genKey);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif /* !NO_DSA && WOLFSSL_KEY_GEN */
 #endif /* !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_DsaKeyToPublicDer */
 
@@ -22807,11 +21705,9 @@ static int test_wc_DsaKeyToPublicDer(void)
  */
 static int test_wc_DsaImportParamsRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA)
-    DsaKey  key;
-    int     ret = 0;
-
+    DsaKey key;
     /* [mod = L=1024, N=160], from CAVP KeyPair */
     const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
                     "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22826,44 +21722,28 @@ static int test_wc_DsaImportParamsRaw(void)
                     "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
                     "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
                     "76341a7e7d9";
-
     /* invalid p and q parameters */
     const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
     const char* invalidQ = "96c5390a";
 
-    ret = wc_InitDsaKey(&key);
-    if (ret == 0) {
-        ret = wc_DsaImportParamsRaw(&key, p, q, g);
-    }
-
-    /* test bad args */
-    if (ret == 0) {
-        /* null key struct */
-        ret = wc_DsaImportParamsRaw(NULL, p, q, g);
-        if (ret == BAD_FUNC_ARG) {
-            /* null param pointers */
-            ret = wc_DsaImportParamsRaw(&key, NULL, NULL, NULL);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            /* illegal p length */
-            ret = wc_DsaImportParamsRaw(&key, invalidP, q, g);
-        }
+    XMEMSET(&key, 0, sizeof(DsaKey));
 
-        if (ret == BAD_FUNC_ARG) {
-            /* illegal q length */
-            ret = wc_DsaImportParamsRaw(&key, p, invalidQ, g);
-            if (ret == BAD_FUNC_ARG)
-                ret = 0;
-        }
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
 
-    }
+    /* test bad args */
+    /* null key struct */
+    ExpectIntEQ(wc_DsaImportParamsRaw(NULL, p, q, g), BAD_FUNC_ARG);
+    /* null param pointers */
+    ExpectIntEQ(wc_DsaImportParamsRaw(&key, NULL, NULL, NULL), BAD_FUNC_ARG);
+    /* illegal p length */
+    ExpectIntEQ(wc_DsaImportParamsRaw(&key, invalidP, q, g), BAD_FUNC_ARG);
+    /* illegal q length */
+    ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, invalidQ, g), BAD_FUNC_ARG);
 
     wc_FreeDsaKey(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_DsaImportParamsRaw */
 
@@ -22872,11 +21752,10 @@ static int test_wc_DsaImportParamsRaw(void)
  */
 static int test_wc_DsaImportParamsRawCheck(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-    DsaKey  key;
-    int     ret = 0;
-    int     trusted = 0;
+    DsaKey key;
+    int    trusted = 0;
     /* [mod = L=1024, N=160], from CAVP KeyPair */
     const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
                     "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22891,44 +21770,30 @@ static int test_wc_DsaImportParamsRawCheck(void)
                     "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
                     "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
                     "76341a7e7d9";
-
     /* invalid p and q parameters */
     const char* invalidP = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d";
     const char* invalidQ = "96c5390a";
 
-    ret = wc_InitDsaKey(&key);
-    if (ret == 0) {
-        ret = wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL);
-    }
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, q, g, trusted, NULL), 0);
 
     /* test bad args */
-    if (ret == 0) {
-        /* null key struct */
-        ret = wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            /* null param pointers */
-            ret = wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted, NULL);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            /* illegal p length */
-            ret = wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            /* illegal q length */
-            ret = wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL);
-            if (ret == BAD_FUNC_ARG)
-                ret = 0;
-        }
-
-    }
+    /* null key struct */
+    ExpectIntEQ(wc_DsaImportParamsRawCheck(NULL, p, q, g, trusted, NULL),
+        BAD_FUNC_ARG);
+    /* null param pointers */
+    ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, NULL, NULL, NULL, trusted,
+        NULL), BAD_FUNC_ARG);
+    /* illegal p length */
+    ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, invalidP, q, g, trusted, NULL),
+        BAD_FUNC_ARG);
+    /* illegal q length */
+    ExpectIntEQ(wc_DsaImportParamsRawCheck(&key, p, invalidQ, g, trusted, NULL),
+        BAD_FUNC_ARG);
 
     wc_FreeDsaKey(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_DsaImportParamsRawCheck */
 
 /*
@@ -22936,11 +21801,9 @@ static int test_wc_DsaImportParamsRawCheck(void)
  */
 static int test_wc_DsaExportParamsRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA)
-    DsaKey  key;
-    int     ret = 0;
-
+    DsaKey key;
     /* [mod = L=1024, N=160], from CAVP KeyPair */
     const char* p = "d38311e2cd388c3ed698e82fdf88eb92b5a9a483dc88005d"
                     "4b725ef341eabb47cf8a7a8a41e792a156b7ce97206c4f9c"
@@ -22955,7 +21818,6 @@ static int test_wc_DsaExportParamsRaw(void)
                     "07610fcc9ee68491dbc1e34cd12615474e52b18bc934fb00c"
                     "61d39e7da8902291c4434a4e2224c3f4fd9f93cd6f4f17fc0"
                     "76341a7e7d9";
-
     const char* pCompare = "\xd3\x83\x11\xe2\xcd\x38\x8c\x3e\xd6\x98\xe8\x2f"
                            "\xdf\x88\xeb\x92\xb5\xa9\xa4\x83\xdc\x88\x00\x5d"
                            "\x4b\x72\x5e\xf3\x41\xea\xbb\x47\xcf\x8a\x7a\x8a"
@@ -22980,84 +21842,56 @@ static int test_wc_DsaExportParamsRaw(void)
                            "\xb0\x0c\x61\xd3\x9e\x7d\xa8\x90\x22\x91\xc4\x43"
                            "\x4a\x4e\x22\x24\xc3\xf4\xfd\x9f\x93\xcd\x6f\x4f"
                            "\x17\xfc\x07\x63\x41\xa7\xe7\xd9";
-
     byte pOut[MAX_DSA_PARAM_SIZE];
     byte qOut[MAX_DSA_PARAM_SIZE];
     byte gOut[MAX_DSA_PARAM_SIZE];
-    word32 pOutSz, qOutSz, gOutSz;
-
-    ret = wc_InitDsaKey(&key);
-    if (ret == 0) {
-        /* first test using imported raw parameters, for expected */
-        ret = wc_DsaImportParamsRaw(&key, p, q, g);
-    }
-
-    if (ret == 0) {
-        pOutSz = sizeof(pOut);
-        qOutSz = sizeof(qOut);
-        gOutSz = sizeof(gOut);
-        ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
-                                    gOut, &gOutSz);
-    }
-
-    if (ret == 0) {
-        /* validate exported parameters are correct */
-        if ((XMEMCMP(pOut, pCompare, pOutSz) != 0) ||
-            (XMEMCMP(qOut, qCompare, qOutSz) != 0) ||
-            (XMEMCMP(gOut, gCompare, gOutSz) != 0) ) {
-            ret = -1;
-        }
-    }
+    word32 pOutSz;
+    word32 qOutSz;
+    word32 gOutSz;
+
+    XMEMSET(&key, 0, sizeof(DsaKey));
+
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    /* first test using imported raw parameters, for expected */
+    ExpectIntEQ(wc_DsaImportParamsRaw(&key, p, q, g), 0);
+    pOutSz = sizeof(pOut);
+    qOutSz = sizeof(qOut);
+    gOutSz = sizeof(gOut);
+    ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+        &gOutSz), 0);
+    /* validate exported parameters are correct */
+    ExpectIntEQ(XMEMCMP(pOut, pCompare, pOutSz), 0);
+    ExpectIntEQ(XMEMCMP(qOut, qCompare, qOutSz), 0);
+    ExpectIntEQ(XMEMCMP(gOut, gCompare, gOutSz), 0);
 
     /* test bad args */
-    if (ret == 0) {
-        /* null key struct */
-        ret = wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz,
-                                    gOut, &gOutSz);
-
-        if (ret == BAD_FUNC_ARG) {
-            /* null output pointers */
-            ret = wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz,
-                                        NULL, &gOutSz);
-        }
-
-        if (ret == LENGTH_ONLY_E) {
-            /* null output size pointers */
-            ret = wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL,
-                                        gOut, NULL);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            /* p output buffer size too small */
-            pOutSz = 1;
-            ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
-                                        gOut, &gOutSz);
-            pOutSz = sizeof(pOut);
-        }
-
-        if (ret == BUFFER_E) {
-            /* q output buffer size too small */
-            qOutSz = 1;
-            ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
-                                        gOut, &gOutSz);
-            qOutSz = sizeof(qOut);
-        }
-
-        if (ret == BUFFER_E) {
-            /* g output buffer size too small */
-            gOutSz = 1;
-            ret = wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz,
-                                        gOut, &gOutSz);
-            if (ret == BUFFER_E)
-                ret = 0;
-        }
-    }
+    /* null key struct */
+    ExpectIntEQ(wc_DsaExportParamsRaw(NULL, pOut, &pOutSz, qOut, &qOutSz, gOut,
+        &gOutSz), BAD_FUNC_ARG);
+    /* null output pointers */
+    ExpectIntEQ(wc_DsaExportParamsRaw(&key, NULL, &pOutSz, NULL, &qOutSz, NULL,
+        &gOutSz), LENGTH_ONLY_E);
+    /* null output size pointers */
+    ExpectIntEQ( wc_DsaExportParamsRaw(&key, pOut, NULL, qOut, NULL, gOut,
+        NULL), BAD_FUNC_ARG);
+    /* p output buffer size too small */
+    pOutSz = 1;
+    ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+        &gOutSz), BUFFER_E);
+    pOutSz = sizeof(pOut);
+    /* q output buffer size too small */
+    qOutSz = 1;
+    ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+        &gOutSz), BUFFER_E);
+    qOutSz = sizeof(qOut);
+    /* g output buffer size too small */
+    gOutSz = 1;
+    ExpectIntEQ(wc_DsaExportParamsRaw(&key, pOut, &pOutSz, qOut, &qOutSz, gOut,
+        &gOutSz), BUFFER_E);
 
     wc_FreeDsaKey(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_DsaExportParamsRaw */
 
 /*
@@ -23065,77 +21899,51 @@ static int test_wc_DsaExportParamsRaw(void)
  */
 static int test_wc_DsaExportKeyRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA) && defined(WOLFSSL_KEY_GEN)
-    DsaKey  key;
-    WC_RNG  rng;
-    int     ret = 0;
-
+    DsaKey key;
+    WC_RNG rng;
     byte xOut[MAX_DSA_PARAM_SIZE];
     byte yOut[MAX_DSA_PARAM_SIZE];
     word32 xOutSz, yOutSz;
 
-    XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&key, 0, sizeof(key));
+    XMEMSET(&rng, 0, sizeof(rng));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_InitDsaKey(&key);
-    }
-
-    if (ret == 0) {
-        ret = wc_MakeDsaParameters(&rng, 1024, &key);
-
-        if (ret == 0)  {
-            ret = wc_MakeDsaKey(&rng, &key);
-        }
-    }
+    ExpectIntEQ(wc_InitDsaKey(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_MakeDsaParameters(&rng, 1024, &key), 0);
+    ExpectIntEQ(wc_MakeDsaKey(&rng, &key), 0);
 
     /* try successful export */
-    if (ret == 0) {
-        xOutSz = sizeof(xOut);
-        yOutSz = sizeof(yOut);
-        ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
-    }
+    xOutSz = sizeof(xOut);
+    yOutSz = sizeof(yOut);
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz), 0);
 
     /* test bad args */
-    if (ret == 0) {
-        /* null key struct */
-        ret = wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz);
-
-        if (ret == BAD_FUNC_ARG) {
-            /* null output pointers */
-            ret = wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz);
-        }
-
-        if (ret == LENGTH_ONLY_E) {
-            /* null output size pointers */
-            ret = wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            /* x output buffer size too small */
-            xOutSz = 1;
-            ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
-            xOutSz = sizeof(xOut);
-        }
-
-        if (ret == BUFFER_E) {
-            /* y output buffer size too small */
-            yOutSz = 1;
-            ret = wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz);
-
-            if (ret == BUFFER_E)
-                ret = 0;
-        }
-    }
-
+    /* null key struct */
+    ExpectIntEQ(wc_DsaExportKeyRaw(NULL, xOut, &xOutSz, yOut, &yOutSz),
+        BAD_FUNC_ARG);
+    /* null output pointers */
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, NULL, &xOutSz, NULL, &yOutSz),
+        LENGTH_ONLY_E);
+    /* null output size pointers */
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, NULL, yOut, NULL),
+        BAD_FUNC_ARG);
+    /* x output buffer size too small */
+    xOutSz = 1;
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
+        BUFFER_E);
+    xOutSz = sizeof(xOut);
+    /* y output buffer size too small */
+    yOutSz = 1;
+    ExpectIntEQ(wc_DsaExportKeyRaw(&key, xOut, &xOutSz, yOut, &yOutSz),
+        BUFFER_E);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_FreeDsaKey(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_DsaExportParamsRaw */
 
 
@@ -23144,89 +21952,59 @@ static int test_wc_DsaExportKeyRaw(void)
  */
 static int test_wc_ed25519_make_key(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_ED25519)
-    ed25519_key     key;
-    WC_RNG          rng;
-    unsigned char   pubkey[ED25519_PUB_KEY_SIZE];
-    int ret = 0;
+    EXPECT_DECLS;
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
+    ed25519_key   key;
+    WC_RNG        rng;
+    unsigned char pubkey[ED25519_PUB_KEY_SIZE+1];
+    int           pubkey_sz = ED25519_PUB_KEY_SIZE;
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed25519_init(&key);
-    }
-    if (ret == 0) {
-        ret = wc_ed25519_make_public(&key, pubkey, sizeof(pubkey));
-        if (ret == ECC_PRIV_KEY_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-    }
-    /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    wc_ed25519_free(&key);
+    ExpectIntEQ(wc_ed25519_make_public(&key, pubkey, pubkey_sz),
+        ECC_PRIV_KEY_E);
+    ExpectIntEQ(wc_ed25519_make_public(&key, pubkey+1, pubkey_sz),
+        ECC_PRIV_KEY_E);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_make_key(NULL, ED25519_KEY_SIZE, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE - 1, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE + 1, &key),
+        BAD_FUNC_ARG);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ed25519_free(&key);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_make_key */
 
-
 /*
  * Testing wc_ed25519_init()
  */
 static int test_wc_ed25519_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519)
-    ed25519_key    key;
-    int             ret = 0;
+    ed25519_key key;
 
-    ret = wc_ed25519_init(&key);
+    XMEMSET(&key, 0, sizeof(ed25519_key));
 
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed25519_init(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed25519_init(NULL), BAD_FUNC_ARG);
 
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_init */
 
 /*
@@ -23234,116 +22012,74 @@ static int test_wc_ed25519_init(void)
  */
 static int test_wc_ed25519_sign_msg(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_SIGN)
-    WC_RNG          rng;
-    ed25519_key     key;
-    int             ret = 0;
-    byte            msg[] = "Everybody gets Friday off.\n";
-    byte            sig[ED25519_SIG_SIZE];
-    word32          msglen = sizeof(msg);
-    word32          siglen = sizeof(sig);
-    word32          badSigLen = sizeof(sig) - 1;
+    WC_RNG      rng;
+    ed25519_key key;
+    byte        msg[] = "Everybody gets Friday off.\n";
+    byte        sig[ED25519_SIG_SIZE+1];
+    word32      msglen = sizeof(msg);
+    word32      siglen = ED25519_SIG_SIZE;
+    word32      badSigLen = ED25519_SIG_SIZE - 1;
 #ifdef HAVE_ED25519_VERIFY
-    int             verify_ok = 0; /*1 = Verify success.*/
+    int         verify_ok = 0; /*1 = Verify success.*/
 #endif
 
     /* Initialize stack variables. */
-    XMEMSET(sig, 0, siglen);
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    XMEMSET(sig, 0, sizeof(sig));
 
     /* Initialize key. */
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed25519_init(&key);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-        }
-    }
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key), 0);
+    ExpectIntEQ(siglen, ED25519_SIG_SIZE);
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig+1, &siglen, &key), 0);
+    ExpectIntEQ(siglen, ED25519_SIG_SIZE);
 
-    if (ret == 0) {
-        ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, &key);
-    }
     /* Test bad args. */
-    if (ret == 0 && siglen == ED25519_SIG_SIZE) {
-        ret = wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key);
-        }
-        if (ret == BUFFER_E && badSigLen == ED25519_SIG_SIZE) {
-            badSigLen -= 1;
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    } /* END sign */
+    ExpectIntEQ(wc_ed25519_sign_msg(NULL, msglen, sig, &siglen, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, NULL, &siglen, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, NULL, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &siglen, NULL),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_sign_msg(msg, msglen, sig, &badSigLen, &key),
+        BUFFER_E);
+    ExpectIntEQ(badSigLen, ED25519_SIG_SIZE);
+    badSigLen -= 1;
 
 #ifdef HAVE_ED25519_VERIFY
-    if (ret == 0) {
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
+        &key), 0);
+    ExpectIntEQ(verify_ok, 1);
 
-        ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key);
-        if (ret == 0  && verify_ok == 1) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-
-        /* Test bad args. */
-        if (ret == 0) {
-            AssertIntEQ(wc_ed25519_verify_msg(sig, siglen - 1, msg,
-                                              msglen, &verify_ok, &key),
-                                              BAD_FUNC_ARG);
-            AssertIntEQ(wc_ed25519_verify_msg(sig, siglen + 1, msg,
-                                              msglen, &verify_ok, &key),
-                                              BAD_FUNC_ARG);
-
-            ret = wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
-                                                                    &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_verify_msg(sig, siglen, NULL, msglen,
-                                                            &verify_ok, &key);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
-                                                              NULL, &key);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_verify_msg(sig, siglen, msg, msglen,
-                                                            &verify_ok, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_verify_msg(sig, badSigLen, msg, msglen,
-                                                            &verify_ok, &key);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-
-    } /* END verify. */
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen - 1, msg, msglen,
+        &verify_ok, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen + 1, msg, msglen,
+        &verify_ok, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
+        &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, NULL, msglen, &verify_ok,
+        &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, NULL, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, siglen, msg, msglen, &verify_ok,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_verify_msg(sig+1, badSigLen, msg, msglen, &verify_ok,
+        &key), BAD_FUNC_ARG);
 #endif /* Verify. */
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_ed25519_sign_msg */
 
@@ -23352,58 +22088,34 @@ static int test_wc_ed25519_sign_msg(void)
  */
 static int test_wc_ed25519_import_public(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
-    WC_RNG          rng;
-    ed25519_key     pubKey;
-    const byte      in[] = "Ed25519PublicKeyUnitTest......\n";
-    word32          inlen = sizeof(in);
-    int             ret = 0;
+    ed25519_key pubKey;
+    WC_RNG      rng;
+    const byte  in[] = "Ed25519PublicKeyUnitTest......\n";
+    word32      inlen = sizeof(in);
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed25519_init(&pubKey);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey);
-        }
-    }
+    XMEMSET(&pubKey, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed25519_import_public_ex(in, inlen, &pubKey, 1);
+    ExpectIntEQ(wc_ed25519_init(&pubKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &pubKey), 0);
+#endif
 
-        if (ret == 0 && XMEMCMP(in, pubKey.p, inlen) == 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_ed25519_import_public_ex(in, inlen, &pubKey, 1), 0);
+    ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
 
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_ed25519_import_public(NULL, inlen, &pubKey);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_import_public(in, inlen, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_import_public(in, inlen - 1, &pubKey);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_public(in, inlen, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&pubKey);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END wc_ed25519_import_public */
 
 /*
@@ -23411,11 +22123,10 @@ static int test_wc_ed25519_import_public(void)
  */
 static int test_wc_ed25519_import_private_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_IMPORT)
-    WC_RNG      rng;
     ed25519_key key;
-    int         ret;
+    WC_RNG      rng;
     const byte  privKey[] = "Ed25519PrivateKeyUnitTest.....\n";
     const byte  pubKey[] = "Ed25519PublicKeyUnitTest......\n";
     word32      privKeySz = sizeof(privKey);
@@ -23425,80 +22136,46 @@ static int test_wc_ed25519_import_private_key(void)
     word32      bothKeysSz = sizeof(bothKeys);
 #endif
 
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return ret;
-    }
-    ret = wc_ed25519_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return ret;
-    }
-    ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey,
-                                                             pubKeySz, &key, 1);
-        if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0
-                                || XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#endif
 
-#ifdef HAVE_ED25519_KEY_EXPORT
-    if (ret == 0)
-        ret = wc_ed25519_export_private(&key, bothKeys, &bothKeysSz);
+    ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, privKeySz, pubKey,
+        pubKeySz, &key, 1), 0);
+    ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+    ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
 
-    if (ret == 0) {
-        ret = wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
-            &key, 1);
-        if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0
-                                || XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+#ifdef HAVE_ED25519_KEY_EXPORT
+    ExpectIntEQ(wc_ed25519_export_private(&key, bothKeys, &bothKeysSz), 0);
+    ExpectIntEQ(wc_ed25519_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
+        &key, 1), 0);
+    ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+    ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
 #endif
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
-                                                                        &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_import_private_key(privKey, privKeySz, NULL,
-                                                                pubKeySz, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
-                                                                pubKeySz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
-                                                                pubKeySz, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
-                                                            pubKeySz - 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_import_private_key(privKey, privKeySz, NULL,
-                                                            0, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_ed25519_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
+        &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL,
+        pubKeySz, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
+        pubKeySz, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz - 1, pubKey,
+        pubKeySz, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, pubKey,
+        pubKeySz - 1, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_import_private_key(privKey, privKeySz, NULL, 0,
+        &key), BAD_FUNC_ARG);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_import_private_key */
 
 /*
@@ -23506,85 +22183,64 @@ static int test_wc_ed25519_import_private_key(void)
  */
 static int test_wc_ed25519_export(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    WC_RNG          rng;
-    ed25519_key     key;
-    int             ret = 0;
-    byte            priv[ED25519_PRV_KEY_SIZE];
-    byte            pub[ED25519_PUB_KEY_SIZE];
-    word32          privSz = sizeof(priv);
-    word32          pubSz = sizeof(pub);
-
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return ret;
-    }
+    ed25519_key key;
+    WC_RNG      rng;
+    byte        priv[ED25519_PRV_KEY_SIZE];
+    byte        pub[ED25519_PUB_KEY_SIZE];
+    word32      privSz = sizeof(priv);
+    word32      pubSz = sizeof(pub);
+#ifndef HAVE_ED25519_MAKE_KEY
+    const byte  privKey[] = {
+        0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+        0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+        0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+        0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+    };
+    const byte  pubKey[] = {
+        0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+        0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+        0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+        0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+    };
+#endif
 
-    ret = wc_ed25519_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return ret;
-    }
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-    }
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+    ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+        pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
 
-    if (ret == 0) {
-        ret = wc_ed25519_export_public(&key, pub, &pubSz);
-        if (ret == 0 && (pubSz != ED25519_KEY_SIZE
-                                        || XMEMCMP(key.p, pub, pubSz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        if (ret == 0) {
-            ret = wc_ed25519_export_public(NULL, pub, &pubSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_public(&key, NULL, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_public(&key, pub, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_ed25519_export_public(&key, pub, &pubSz), 0);
+    ExpectIntEQ(pubSz, ED25519_KEY_SIZE);
+    ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_public(&key, pub, NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed25519_export_private_only(&key, priv, &privSz);
-        if (ret == 0 && (privSz != ED25519_KEY_SIZE
-                                        || XMEMCMP(key.k, priv, privSz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        if (ret == 0) {
-            ret = wc_ed25519_export_private_only(NULL, priv, &privSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_private_only(&key, NULL, &privSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_private_only(&key, priv, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, &privSz), 0);
+    ExpectIntEQ(privSz, ED25519_KEY_SIZE);
+    ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_export_private_only(NULL, priv, &privSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_private_only(&key, NULL, &privSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_private_only(&key, priv, NULL),
+        BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_export */
 
 /*
@@ -23592,86 +22248,57 @@ static int test_wc_ed25519_export(void)
  */
 static int test_wc_ed25519_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519)
-    WC_RNG          rng;
-    ed25519_key     key;
-    int             ret;
+    ed25519_key key;
+    WC_RNG      rng;
+#ifndef HAVE_ED25519_MAKE_KEY
+    const byte  privKey[] = {
+        0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+        0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+        0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+        0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+    };
+    const byte  pubKey[] = {
+        0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+        0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+        0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+        0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+    };
+#endif
 
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return ret;
-    }
-    ret = wc_ed25519_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return ret;
-    }
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        wc_ed25519_free(&key);
-        return ret;
-    }
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+    ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+        pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
 
-    ret = wc_ed25519_size(&key);
+    ExpectIntEQ(wc_ed25519_size(&key), ED25519_KEY_SIZE);
     /* Test bad args. */
-    if (ret == ED25519_KEY_SIZE) {
-        ret = wc_ed25519_size(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_ed25519_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed25519_sig_size(&key);
-        if (ret == ED25519_SIG_SIZE) {
-            ret = 0;
-        }
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_ed25519_sig_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed25519_sig_size() */
+    ExpectIntEQ(wc_ed25519_sig_size(&key), ED25519_SIG_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_sig_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed25519_pub_size(&key);
-        if (ret == ED25519_PUB_KEY_SIZE) {
-            ret = 0;
-        }
-        if (ret == 0) {
-            ret = wc_ed25519_pub_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed25519_pub_size */
+    ExpectIntEQ(wc_ed25519_pub_size(&key), ED25519_PUB_KEY_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_pub_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed25519_priv_size(&key);
-        if (ret == ED25519_PRV_KEY_SIZE) {
-            ret = 0;
-        }
-        if (ret == 0) {
-            ret = wc_ed25519_priv_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed25519_pub_size */
+    ExpectIntEQ(wc_ed25519_priv_size(&key), ED25519_PRV_KEY_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_priv_size(NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_size */
 
 /*
@@ -23679,90 +22306,71 @@ static int test_wc_ed25519_size(void)
  */
 static int test_wc_ed25519_exportKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    WC_RNG          rng;
-    ed25519_key     key;
-    int             ret = 0;
-    byte            priv[ED25519_PRV_KEY_SIZE];
-    byte            pub[ED25519_PUB_KEY_SIZE];
-    byte            privOnly[ED25519_PRV_KEY_SIZE];
-    word32          privSz      = sizeof(priv);
-    word32          pubSz       = sizeof(pub);
-    word32          privOnlySz  = sizeof(privOnly);
-
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    ret = wc_ed25519_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
+    WC_RNG      rng;
+    ed25519_key key;
+    byte        priv[ED25519_PRV_KEY_SIZE];
+    byte        pub[ED25519_PUB_KEY_SIZE];
+    byte        privOnly[ED25519_PRV_KEY_SIZE];
+    word32      privSz      = sizeof(priv);
+    word32      pubSz       = sizeof(pub);
+    word32      privOnlySz  = sizeof(privOnly);
+#ifndef HAVE_ED25519_MAKE_KEY
+    const byte  privKey[] = {
+        0xf8, 0x55, 0xb7, 0xb6, 0x49, 0x3f, 0x99, 0x9c,
+        0x88, 0xe3, 0xc5, 0x42, 0x6a, 0xa4, 0x47, 0x4a,
+        0xe4, 0x95, 0xda, 0xdb, 0xbf, 0xf8, 0xa7, 0x42,
+        0x9d, 0x0e, 0xe7, 0xd0, 0x57, 0x8f, 0x16, 0x69
+    };
+    const byte  pubKey[] = {
+        0x42, 0x3b, 0x7a, 0xf9, 0x82, 0xcf, 0xf9, 0xdf,
+        0x19, 0xdd, 0xf3, 0xf0, 0x32, 0x29, 0x6d, 0xfa,
+        0xfd, 0x76, 0x4f, 0x68, 0xc2, 0xc2, 0xe0, 0x6c,
+        0x47, 0xae, 0xc2, 0x55, 0x68, 0xac, 0x0d, 0x4d
+    };
+#endif
 
-    ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        wc_ed25519_free(&key);
-        return TEST_FAIL;
-    }
+    XMEMSET(&key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_ed25519_export_private(&key, privOnly, &privOnlySz);
-    if (ret == 0) {
-        ret = wc_ed25519_export_private(NULL, privOnly, &privOnlySz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_export_private(&key, NULL, &privOnlySz);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed25519_export_private(&key, privOnly, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+#ifdef HAVE_ED25519_MAKE_KEY
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+#else
+    ExpectIntEQ(wc_ed25519_import_private_key_ex(privKey, sizeof(privKey),
+        pubKey, sizeof(pubKey), &key, 1), 0);
+#endif
 
-    if (ret == 0) {
-        ret = wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz);
-        if (ret == 0) {
-            ret = wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed25519_export_key(&key, priv, &privSz, pub, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    } /* END wc_ed25519_export_key() */
+    ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, &privOnlySz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_export_private(NULL, privOnly, &privOnlySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_private(&key, NULL, &privOnlySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, &pubSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed25519_export_key(NULL, priv, &privSz, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_key(&key, NULL, &privSz, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_key(&key, priv, NULL, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, NULL, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_export_key(&key, priv, &privSz, pub, NULL),
+        BAD_FUNC_ARG);
 
     /* Cross check output. */
-    if (ret == 0 && XMEMCMP(priv, privOnly, privSz) != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed25519_exportKey */
 
 /*
@@ -23770,61 +22378,36 @@ static int test_wc_ed25519_exportKey(void)
  */
 static int test_wc_Ed25519PublicKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    int tmp;
     ed25519_key key;
-    byte derBuf[1024];
-    int ret = 0;
+    byte        derBuf[1024];
 
-    /* Test bad args */
-    tmp = wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0);
-    if (tmp != BAD_FUNC_ARG) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    XMEMSET(&key, 0, sizeof(ed25519_key));
 
-    if (ret == 0) {
-        wc_ed25519_init(&key);
-        tmp = wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0);
-        if (tmp != BUFFER_E) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        wc_ed25519_free(&key);
-    }
+    /* Test bad args */
+    ExpectIntEQ(wc_Ed25519PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed25519_init(&key), 0);
+    ExpectIntEQ(wc_Ed25519PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
+    wc_ed25519_free(&key);
 
     /*  Test good args */
-    if (ret == 0) {
-        WC_RNG          rng;
-        ret = wc_InitRng(&rng);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-        ret = wc_ed25519_init(&key);
-        if (ret != 0) {
-            wc_FreeRng(&rng);
-            return TEST_FAIL;
-        }
+    if (EXPECT_SUCCESS()) {
+        WC_RNG rng;
 
-        ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
-        if (ret != 0) {
-            wc_FreeRng(&rng);
-            wc_ed25519_free(&key);
-            return TEST_FAIL;
-        }
+        XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        tmp = wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1);
-        if (tmp <= 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+        ExpectIntEQ(wc_ed25519_init(&key), 0);
+        ExpectIntEQ(wc_InitRng(&rng), 0);
+        ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key), 0);
+        ExpectIntGT(wc_Ed25519PublicKeyToDer(&key, derBuf, 1024, 1), 0);
 
-        wc_FreeRng(&rng);
+        DoExpectIntEQ(wc_FreeRng(&rng), 0);
         wc_ed25519_free(&key);
     }
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END testing wc_Ed25519PublicKeyToDer */
 
 /*
@@ -23832,59 +22415,40 @@ static int test_wc_Ed25519PublicKeyToDer(void)
  */
 static int test_wc_curve25519_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    curve25519_key  key;
-    int ret = 0;
+    curve25519_key key;
 
-    ret = wc_curve25519_init(&key);
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
     /* Test bad args for wc_curve25519_init */
-    if (ret == 0) {
-        ret = wc_curve25519_init(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_curve25519_init(NULL), BAD_FUNC_ARG);
 
-    /*  Test good args for wc_curve_25519_free */
+    /* Test good args for wc_curve_25519_free */
     wc_curve25519_free(&key);
-
+    /* Test bad args for wc_curve25519 free. */
     wc_curve25519_free(NULL);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_curve25519_init and wc_curve_25519_free*/
 /*
  * Testing test_wc_curve25519_size.
  */
 static int test_wc_curve25519_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    curve25519_key  key;
-    int ret = 0;
-
-    ret = wc_curve25519_init(&key);
+    curve25519_key key;
 
-    /*  Test good args for wc_curve25519_size */
-    if (ret == 0) {
-        ret = wc_curve25519_size(&key);
-    }
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
 
+    /* Test good args for wc_curve25519_size */
+    ExpectIntEQ(wc_curve25519_size(&key), CURVE25519_KEYSIZE);
     /* Test bad args for wc_curve25519_size */
-    if (ret != 0) {
-        ret = wc_curve25519_size(NULL);
-    }
+    ExpectIntEQ(wc_curve25519_size(NULL), 0);
 
     wc_curve25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_curve25519_size*/
 
 /*
@@ -23892,120 +22456,67 @@ static int test_wc_curve25519_size(void)
  */
 static int test_wc_curve25519_export_key_raw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
-    curve25519_key  key;
-    WC_RNG          rng;
-    int             ret = 0;
-
-    byte            privateKey[CURVE25519_KEYSIZE];
-    byte            publicKey[CURVE25519_KEYSIZE];
-    word32          prvkSz;
-    word32          pubkSz;
-
-    byte            prik[CURVE25519_KEYSIZE];
-    byte            pubk[CURVE25519_KEYSIZE];
-    word32          prksz;
-    word32          pbksz;
-
-    if (0 != wc_InitRng(&rng)) {
-        return TEST_FAIL;
-    }
-    if (0 != wc_curve25519_init(&key)) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
-
-    ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-
-    /*
-        bad-argument-test cases
-        target function sould return BAD_FUNC_ARG
-     */
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
-                 NULL, privateKey, &prvkSz, publicKey, &pubkSz)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
-                &key, NULL, &prvkSz, publicKey, &pubkSz)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
-                &key, privateKey, NULL, publicKey, &pubkSz)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        /* prvkSz = CURVE25519_KEYSIZE; */
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
-                &key, privateKey, &prvkSz, NULL, &pubkSz)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw(
-                &key, privateKey, &prvkSz, publicKey, NULL )) {
-            ret = -1;
-        }
-    }
-
-    /*
-        cross-testing
-    */
-    if (ret == 0) {
-        prksz = CURVE25519_KEYSIZE;
-        ret = wc_curve25519_export_private_raw(&key, prik, &prksz);
-    }
-
-    if (ret == 0) {
-        pbksz = CURVE25519_KEYSIZE;
-        ret = wc_curve25519_export_public(&key, pubk, &pbksz);
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        /* pubkSz = CURVE25519_KEYSIZE; */
-        ret = wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
-                                                     publicKey,  &pubkSz);
-    }
-
-    if (ret == 0) {
-        if ((prksz  == CURVE25519_KEYSIZE) &&
-            (pbksz  == CURVE25519_KEYSIZE) &&
-            (prvkSz == CURVE25519_KEYSIZE) &&
-            (pubkSz == CURVE25519_KEYSIZE)) {
-
-            if (0 != XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE) ||
-                0 != XMEMCMP(publicKey,  pubk, CURVE25519_KEYSIZE)) {
-                ret = -1;
-            }
-        }
-    }
-
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           privateKey[CURVE25519_KEYSIZE];
+    byte           publicKey[CURVE25519_KEYSIZE];
+    word32         prvkSz;
+    word32         pubkSz;
+    byte           prik[CURVE25519_KEYSIZE];
+    byte           pubk[CURVE25519_KEYSIZE];
+    word32         prksz;
+    word32         pbksz;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+    /* bad-argument-test cases - target function should return BAD_FUNC_ARG */
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw(NULL, privateKey, &prvkSz,
+        publicKey, &pubkSz), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw(&key, NULL, &prvkSz, publicKey,
+        &pubkSz), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, NULL,
+        publicKey, &pubkSz), BAD_FUNC_ARG);
+    /* prvkSz = CURVE25519_KEYSIZE; */
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+        NULL, &pubkSz), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+        publicKey, NULL), BAD_FUNC_ARG);
+
+    /* cross-testing */
+    prksz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_private_raw(&key, prik, &prksz), 0);
+    pbksz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_public(&key, pubk, &pbksz), 0);
+    prvkSz = CURVE25519_KEYSIZE;
+    /* pubkSz = CURVE25519_KEYSIZE; */
+    ExpectIntEQ(wc_curve25519_export_key_raw(&key, privateKey, &prvkSz,
+        publicKey,  &pubkSz), 0);
+    ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
+    ExpectIntEQ(XMEMCMP(publicKey,  pubk, CURVE25519_KEYSIZE), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* end of test_wc_curve25519_export_key_raw */
 
 /*
@@ -24013,198 +22524,105 @@ static int test_wc_curve25519_export_key_raw(void)
  */
 static int test_wc_curve25519_export_key_raw_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519) && defined(HAVE_CURVE25519_KEY_EXPORT)
-    curve25519_key  key;
-    WC_RNG          rng;
-    int             ret;
-
-    byte            privateKey[CURVE25519_KEYSIZE];
-    byte            publicKey[CURVE25519_KEYSIZE];
-    word32          prvkSz;
-    word32          pubkSz;
-
-    byte            prik[CURVE25519_KEYSIZE];
-    byte            pubk[CURVE25519_KEYSIZE];
-    word32          prksz;
-    word32          pbksz;
-
-    if (0 != wc_InitRng(&rng)) {
-        return TEST_FAIL;
-    }
-    if (0 != wc_curve25519_init(&key)) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
-
-    ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-
-    /*
-        bad-argument-test cases
-        target function sould return BAD_FUNC_ARG
-    */
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( NULL , privateKey,
-                          &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key , NULL,
-                          &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key,privateKey,
-                             NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        /* prvkSz = CURVE25519_KEYSIZE; */
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
-                               &prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
-                             &prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        /* pubkSz = CURVE25519_KEYSIZE; */
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( NULL, privateKey,
-                             &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, NULL,
-                             &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
-                                NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        /* prvkSz = CURVE25519_KEYSIZE; */
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
-                                  &prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex( &key, privateKey,
-                                &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN)) {
-            ret = -1;
-        }
-    }
-
-    /* illegal value for endien */
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        /* pubkSz = CURVE25519_KEYSIZE; */
-        if (BAD_FUNC_ARG != wc_curve25519_export_key_raw_ex(&key, privateKey,
-                           &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN + 10)) {
-            ret = -1;
-        }
-    }
-
-    /*
-        cross-testing
-    */
-    if (ret == 0) {
-        prksz = CURVE25519_KEYSIZE;
-        ret = wc_curve25519_export_private_raw( &key, prik, &prksz);
-    }
-
-    if (ret == 0) {
-        pbksz = CURVE25519_KEYSIZE;
-        ret = wc_curve25519_export_public( &key, pubk, &pbksz);
-    }
-
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        /* pubkSz = CURVE25519_KEYSIZE; */
-        ret = wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
-                                        publicKey, &pubkSz, EC25519_BIG_ENDIAN);
-    }
-
-    if (ret == 0 && (prksz  != CURVE25519_KEYSIZE ||
-                     pbksz  != CURVE25519_KEYSIZE ||
-                     prvkSz != CURVE25519_KEYSIZE ||
-                     pubkSz != CURVE25519_KEYSIZE)) {
-        ret = -1;
-    }
-
-    if (ret == 0 && (0 != XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE) ||
-                     0 != XMEMCMP(publicKey,  pubk, CURVE25519_KEYSIZE))) {
-        ret = -1;
-    }
-
-    if (ret == 0) {
-        ret = wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
-                                     publicKey, &pubkSz, EC25519_LITTLE_ENDIAN);
-    }
-    if (ret == 0 && (prvkSz != CURVE25519_KEYSIZE ||
-                     pubkSz != CURVE25519_KEYSIZE)) {
-        ret = -1;
-    }
-
-    /*
-        try once with another endian
-    */
-    if (ret == 0) {
-        prvkSz = CURVE25519_KEYSIZE;
-        pubkSz = CURVE25519_KEYSIZE;
-        ret = wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
-                                       publicKey, &pubkSz, EC25519_BIG_ENDIAN);
-    }
-    if (ret == 0 && (prvkSz != CURVE25519_KEYSIZE ||
-                     pubkSz != CURVE25519_KEYSIZE)) {
-        ret = -1;
-    }
-
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           privateKey[CURVE25519_KEYSIZE];
+    byte           publicKey[CURVE25519_KEYSIZE];
+    word32         prvkSz;
+    word32         pubkSz;
+    byte           prik[CURVE25519_KEYSIZE];
+    byte           pubk[CURVE25519_KEYSIZE];
+    word32         prksz;
+    word32         pbksz;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+    /* bad-argument-test cases - target function should return BAD_FUNC_ARG */
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
+        &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
+        &prvkSz, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        NULL, publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+    /* prvkSz = CURVE25519_KEYSIZE; */
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        &prvkSz, NULL, &pubkSz, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        &prvkSz, publicKey, NULL, EC25519_LITTLE_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    /* pubkSz = CURVE25519_KEYSIZE; */
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(NULL, privateKey,
+        &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, NULL,
+        &prvkSz, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        NULL, publicKey, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+    /* prvkSz = CURVE25519_KEYSIZE; */
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        &prvkSz, NULL, &pubkSz, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey,
+        &prvkSz, publicKey, NULL, EC25519_BIG_ENDIAN), BAD_FUNC_ARG);
+
+    /* illegal value for endian */
+    prvkSz = CURVE25519_KEYSIZE;
+    /* pubkSz = CURVE25519_KEYSIZE; */
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+        publicKey, NULL, EC25519_BIG_ENDIAN + 10), BAD_FUNC_ARG);
+
+    /* cross-testing */
+    prksz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_private_raw( &key, prik, &prksz), 0);
+    pbksz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_public( &key, pubk, &pbksz), 0);
+    prvkSz = CURVE25519_KEYSIZE;
+    /* pubkSz = CURVE25519_KEYSIZE; */
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+        publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
+    ExpectIntEQ(prksz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pbksz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(XMEMCMP(privateKey, prik, CURVE25519_KEYSIZE), 0);
+    ExpectIntEQ(XMEMCMP(publicKey,  pubk, CURVE25519_KEYSIZE), 0);
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex(&key, privateKey, &prvkSz,
+        publicKey, &pubkSz, EC25519_LITTLE_ENDIAN), 0);
+    ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+
+    /* try once with another endian */
+    prvkSz = CURVE25519_KEYSIZE;
+    pubkSz = CURVE25519_KEYSIZE;
+    ExpectIntEQ(wc_curve25519_export_key_raw_ex( &key, privateKey, &prvkSz,
+        publicKey, &pubkSz, EC25519_BIG_ENDIAN), 0);
+    ExpectIntEQ(prvkSz, CURVE25519_KEYSIZE);
+    ExpectIntEQ(pubkSz, CURVE25519_KEYSIZE);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* end of test_wc_curve25519_export_key_raw_ex */
 
 /*
@@ -24212,559 +22630,312 @@ static int test_wc_curve25519_export_key_raw_ex(void)
  */
 static int test_wc_curve25519_make_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    WC_RNG          rng;
-    curve25519_key  key;
-    int             keysize;
-    int             ret;
+    curve25519_key key;
+    WC_RNG         rng;
+    int            keysize;
 
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-        if (ret == 0) {
-            keysize = wc_curve25519_size(&key);
-            if (keysize != CURVE25519_KEYSIZE) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_curve25519_make_key(&rng, keysize, &key);
-        }
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(NULL, 0, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(&rng, keysize, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(NULL, keysize, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(&rng, 0, &key);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+    ExpectIntEQ(keysize = wc_curve25519_size(&key), CURVE25519_KEYSIZE);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, &key), 0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_curve25519_free(&key);
 #endif
-    return res;
-} /*END test_wc_curve25519_make_key*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_make_key*/
+
 /*
  * Testing wc_curve25519_shared_secret_ex
  */
 static int test_wc_curve25519_shared_secret_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    WC_RNG          rng;
-    curve25519_key  private_key, public_key;
-    byte            out[CURVE25519_KEYSIZE];
-    word32          outLen = sizeof(out);
-    int             endian = EC25519_BIG_ENDIAN;
-    int             ret;
-
-    ret = wc_curve25519_init(&private_key);
-    if (ret == 0) {
-        ret = wc_curve25519_init(&public_key);
-    }
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key);
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key);
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
-                                              &outLen, endian);
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(NULL, NULL, NULL,
-                                              0, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(NULL, &public_key, out,
-                                             &outLen, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(&private_key, NULL, out,
-                                              &outLen, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL,
-                                              &outLen, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
-                                              NULL, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    curve25519_key private_key;
+    curve25519_key public_key;
+    WC_RNG         rng;
+    byte           out[CURVE25519_KEYSIZE];
+    word32         outLen = sizeof(out);
+    int            endian = EC25519_BIG_ENDIAN;
+
+    ExpectIntEQ(wc_curve25519_init(&private_key), 0);
+    ExpectIntEQ(wc_curve25519_init(&public_key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &private_key),
+        0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &public_key),
+        0);
 
-    if (ret == 0) {
-    /*curve25519.c is checking for public_key size less than or equal to 0x7f,
-     *increasing to 0x8f checks for error being returned*/
-        public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F;
-        ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
-                                              &outLen, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == ECC_BAD_ARG_E) {
-           ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+        &outLen, endian), 0);
+
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, NULL, NULL, 0, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(NULL, &public_key, out, &outLen,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, NULL, out, &outLen,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, NULL,
+        &outLen, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+        NULL, endian), BAD_FUNC_ARG);
+
+    /* curve25519.c is checking for public_key size less than or equal to 0x7f,
+     * increasing to 0x8f checks for error being returned*/
+    public_key.p.point[CURVE25519_KEYSIZE-1] = 0x8F;
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+        &outLen, endian), ECC_BAD_ARG_E);
 
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
-                                              &outLen, endian);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve25519_shared_secret_ex(&private_key, &public_key, out,
+        &outLen, endian), BAD_FUNC_ARG);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&private_key);
     wc_curve25519_free(&public_key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /*END test_wc_curve25519_shared_secret_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_shared_secret_ex*/
+
 /*
  * Testing wc_curve25519_make_pub
  */
 static int test_wc_curve25519_make_pub(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_CURVE25519
-    WC_RNG          rng;
-    curve25519_key  key;
-    byte            out[CURVE25519_KEYSIZE];
-    int             ret;
-
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-        if (ret == 0) {
-            ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-        }
-    }
-    if (ret == 0) {
-      ret = wc_curve25519_make_pub((int)sizeof(out), out, (int)sizeof(key.k), key.k);
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k, (int)sizeof out, out);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), NULL);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_pub((int)sizeof out - 1, out, (int)sizeof(key.k), key.k);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_make_pub((int)sizeof out, NULL, (int)sizeof(key.k), key.k);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        /* verify clamping test */
-        key.k[0] |= ~248;
-        ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        key.k[0] &= 248;
-    }
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           out[CURVE25519_KEYSIZE];
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(out), out,
+        (int)sizeof(key.k), key.k), 0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof(key.k) - 1, key.k,
+        (int)sizeof out, out), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+        NULL), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out - 1, out,
+        (int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, NULL,
+        (int)sizeof(key.k), key.k), ECC_BAD_ARG_E);
+    /* verify clamping test */
+    key.k[0] |= ~248;
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+        key.k), ECC_BAD_ARG_E);
+    key.k[0] &= 248;
     /* repeat the expected-to-succeed test. */
-    if (ret == 0) {
-      ret = wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k), key.k);
-    }
+    ExpectIntEQ(wc_curve25519_make_pub((int)sizeof out, out, (int)sizeof(key.k),
+        key.k), 0);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /*END test_wc_curve25519_make_pub */
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_make_pub */
+
 /*
  * Testing test_wc_curve25519_export_public_ex
  */
 static int test_wc_curve25519_export_public_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    WC_RNG          rng;
-    curve25519_key  key;
-    byte            out[CURVE25519_KEYSIZE];
-    word32          outLen = sizeof(out);
-    int             endian = EC25519_BIG_ENDIAN;
-    int             ret;
-
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve25519_export_public(&key, out, &outLen);
-            }
-        if (ret == 0) {
-            ret = wc_curve25519_export_public_ex(&key, out, &outLen, endian);
-        }
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_export_public_ex(NULL, NULL, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_public_ex(NULL, out, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_public_ex(&key, NULL, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_public_ex(&key, out, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           out[CURVE25519_KEYSIZE];
+    word32         outLen = sizeof(out);
+    int            endian = EC25519_BIG_ENDIAN;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve25519_export_public(&key, out, &outLen), 0);
+    ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian), 0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_export_public_ex(NULL, NULL, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_public_ex(NULL, out, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_public_ex(&key, NULL, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, NULL, endian),
+        BAD_FUNC_ARG);
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve25519_export_public_ex(&key, out, &outLen, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve25519_export_public_ex(&key, out, &outLen, endian),
+        ECC_BAD_ARG_E);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
-} /*END test_wc_curve25519_export_public_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_export_public_ex*/
 /*
  * Testing test_wc_curve25519_import_private_raw_ex
  */
 static int test_wc_curve25519_import_private_raw_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    WC_RNG          rng;
-    curve25519_key  key;
-    byte            priv[CURVE25519_KEYSIZE];
-    byte            pub[CURVE25519_KEYSIZE];
-    word32          privSz = sizeof(priv);
-    word32          pubSz = sizeof(pub);
-    int             endian = EC25519_BIG_ENDIAN;
-    int             ret;
-
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve25519_export_private_raw_ex(&key, priv, &privSz, endian);
-        }
-        if (ret == 0) {
-            ret = wc_curve25519_export_public(&key, pub, &pubSz);
-        }
-        if (ret == 0) {
-            ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                     &key, endian);
-        }
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL,
-                                                   endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz,
-                                                 &key, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz,
-                                                 &key, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                 NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz,
-                                                 &key, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0,
-                                                 &key, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                 &key, EC25519_LITTLE_ENDIAN);
-
-    }
-
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           priv[CURVE25519_KEYSIZE];
+    byte           pub[CURVE25519_KEYSIZE];
+    word32         privSz = sizeof(priv);
+    word32         pubSz = sizeof(pub);
+    int            endian = EC25519_BIG_ENDIAN;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, priv, &privSz,
+        endian), 0);
+    ExpectIntEQ(wc_curve25519_export_public(&key, pub, &pubSz), 0);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+        &key, endian), 0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, 0, NULL, 0, NULL,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(NULL, privSz, pub, pubSz,
+        &key, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, NULL, pubSz,
+        &key, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+        NULL, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, 0, pub, pubSz,
+        &key, endian), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, 0,
+        &key, endian), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve25519_import_private_raw_ex(priv, privSz, pub, pubSz,
+        &key, EC25519_LITTLE_ENDIAN), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /*END test_wc_curve25519_import_private_raw_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_import_private_raw_ex*/
 
 /*
  * Testing test_wc_curve25519_import_private
  */
 static int test_wc_curve25519_import_private(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    curve25519_key     key;
-    WC_RNG             rng;
-    byte               priv[CURVE25519_KEYSIZE];
-    word32             privSz = sizeof(priv);
-    int                ret;
+    curve25519_key key;
+    WC_RNG         rng;
+    byte           priv[CURVE25519_KEYSIZE];
+    word32         privSz = sizeof(priv);
 
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        ret = wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve25519_export_private_raw(&key, priv, &privSz);
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_import_private(priv, privSz, &key);
-    }
-    wc_curve25519_free(&key);
-    wc_FreeRng(&rng);
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve25519_make_key(&rng, CURVE25519_KEYSIZE, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_curve25519_export_private_raw(&key, priv, &privSz), 0);
+    ExpectIntEQ(wc_curve25519_import_private(priv, privSz, &key), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_curve25519_free(&key);
 #endif
-    return res;
-} /*END test_wc_curve25519_import*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_import*/
 
 /*
  * Testing test_wc_curve25519_export_private_raw_ex
  */
 static int test_wc_curve25519_export_private_raw_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE25519)
-    curve25519_key  key;
-    byte            out[CURVE25519_KEYSIZE];
-    word32          outLen = sizeof(out);
-    int             endian = EC25519_BIG_ENDIAN;
-    int             ret;
+    curve25519_key key;
+    byte           out[CURVE25519_KEYSIZE];
+    word32         outLen = sizeof(out);
+    int            endian = EC25519_BIG_ENDIAN;
 
-    ret = wc_curve25519_init(&key);
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian);
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(&key, NULL, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(&key, out, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen,
-                                                 EC25519_LITTLE_ENDIAN);
-    }
+    ExpectIntEQ(wc_curve25519_init(&key), 0);
+
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
+        0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, NULL, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(NULL, out, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, NULL, &outLen,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen,
+        EC25519_LITTLE_ENDIAN), 0);
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve25519_export_private_raw_ex(&key, out, &outLen, endian),
+        ECC_BAD_ARG_E);
 
     wc_curve25519_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-}/*END test_wc_curve25519_export_private_raw_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve25519_export_private_raw_ex*/
 
 /*
  * Testing wc_ed448_make_key().
  */
 static int test_wc_ed448_make_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448)
     ed448_key     key;
     WC_RNG        rng;
     unsigned char pubkey[ED448_PUB_KEY_SIZE];
-    int           ret;
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed448_init(&key);
-    }
-    if (ret == 0) {
-        ret = wc_ed448_make_public(&key, pubkey, sizeof(pubkey));
-        if (ret == ECC_PRIV_KEY_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-    }
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+
+    ExpectIntEQ(wc_ed448_make_public(&key, pubkey, sizeof(pubkey)),
+        ECC_PRIV_KEY_E);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed448_make_key(NULL, ED448_KEY_SIZE, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE - 1, &key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE + 1, &key),
+        BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_make_key */
 
 
@@ -24773,29 +22944,19 @@ static int test_wc_ed448_make_key(void)
  */
 static int test_wc_ed448_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448)
-    ed448_key    key;
-    int          ret;
+    ed448_key key;
 
-    ret = wc_ed448_init(&key);
+    XMEMSET(&key, 0, sizeof(ed448_key));
 
+    ExpectIntEQ(wc_ed448_init(&key), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed448_init(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed448_init(NULL), BAD_FUNC_ARG);
 
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_init */
 
 /*
@@ -24803,116 +22964,70 @@ static int test_wc_ed448_init(void)
  */
 static int test_wc_ed448_sign_msg(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_SIGN)
-    WC_RNG        rng;
-    ed448_key     key;
-    byte          msg[] = "Everybody gets Friday off.\n";
-    byte          sig[ED448_SIG_SIZE];
-    word32        msglen = sizeof(msg);
-    word32        siglen = sizeof(sig);
-    word32        badSigLen = sizeof(sig) - 1;
+    ed448_key key;
+    WC_RNG    rng;
+    byte      msg[] = "Everybody gets Friday off.\n";
+    byte      sig[ED448_SIG_SIZE];
+    word32    msglen = sizeof(msg);
+    word32    siglen = sizeof(sig);
+    word32    badSigLen = sizeof(sig) - 1;
 #ifdef HAVE_ED448_VERIFY
-    int           verify_ok = 0; /*1 = Verify success.*/
+    int       verify_ok = 0; /*1 = Verify success.*/
 #endif
-    int           ret;
 
     /* Initialize stack variables. */
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(sig, 0, siglen);
 
     /* Initialize key. */
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed448_init(&key);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-        }
-    }
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
 
-    if (ret == 0) {
-        ret = wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0);
-    }
+    ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, &key, NULL, 0), 0);
+    ExpectIntEQ(siglen, ED448_SIG_SIZE);
     /* Test bad args. */
-    if (ret == 0 && siglen == ED448_SIG_SIZE) {
-        ret = wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key,
-                                    NULL, 0);
-        }
-        if (ret == BUFFER_E && badSigLen == ED448_SIG_SIZE) {
-            badSigLen -= 1;
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    } /* END sign */
+    ExpectIntEQ(wc_ed448_sign_msg(NULL, msglen, sig, &siglen, &key, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, NULL, &siglen, &key, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, NULL, &key, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &siglen, NULL, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_sign_msg(msg, msglen, sig, &badSigLen, &key, NULL, 0),
+        BUFFER_E);
+    ExpectIntEQ(badSigLen, ED448_SIG_SIZE);
+    badSigLen -= 1;
 
 #ifdef HAVE_ED448_VERIFY
-    if (ret == 0) {
-
-        ret = wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok,
-                                  &key, NULL, 0);
-        if (ret == 0  && verify_ok == 1) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-
-        /* Test bad args. */
-        if (ret == 0) {
-            AssertIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg,
-                msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG);
-            AssertIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg,
-                msglen, &verify_ok, &key, NULL, 0), BAD_FUNC_ARG);
-
-            ret = wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
-                                      &key, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_verify_msg(sig, siglen, NULL, msglen,
-                                          &verify_ok, &key, NULL, 0);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_verify_msg(sig, siglen, msg, msglen,
-                                          NULL, &key, NULL, 0);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_verify_msg(sig, siglen, msg, msglen,
-                                          &verify_ok, NULL, NULL, 0);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_verify_msg(sig, badSigLen, msg, msglen,
-                                          &verify_ok, &key, NULL, 0);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-
-    } /* END verify. */
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok, &key,
+        NULL, 0), 0);
+    ExpectIntEQ(verify_ok, 1);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen - 1, msg, msglen, &verify_ok,
+        &key, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen + 1, msg, msglen, &verify_ok,
+        &key, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(NULL, siglen, msg, msglen, &verify_ok,
+        &key, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, NULL, msglen, &verify_ok,
+        &key, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, NULL,
+        &key, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(sig, siglen, msg, msglen, &verify_ok,
+        NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_verify_msg(sig, badSigLen, msg, msglen, &verify_ok,
+        &key, NULL, 0), BAD_FUNC_ARG);
 #endif /* Verify. */
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_sign_msg */
 
 /*
@@ -24920,59 +23035,32 @@ static int test_wc_ed448_sign_msg(void)
  */
 static int test_wc_ed448_import_public(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
-    WC_RNG          rng;
-    ed448_key     pubKey;
-    const byte      in[] =
+    ed448_key  pubKey;
+    WC_RNG     rng;
+    const byte in[] =
                     "Ed448PublicKeyUnitTest.................................\n";
-    word32          inlen = sizeof(in);
-    int             ret = 0;
+    word32     inlen = sizeof(in);
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ed448_init(&pubKey);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey);
-        }
-    }
-
-    if (ret == 0) {
-        ret = wc_ed448_import_public_ex(in, inlen, &pubKey, 1);
+    XMEMSET(&pubKey, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        if (ret == 0 && XMEMCMP(in, pubKey.p, inlen) == 0) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+    ExpectIntEQ(wc_ed448_init(&pubKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &pubKey), 0);
 
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_ed448_import_public(NULL, inlen, &pubKey);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_import_public(in, inlen, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_import_public(in, inlen - 1, &pubKey);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_ed448_import_public_ex(in, inlen, &pubKey, 1), 0);
+    ExpectIntEQ(XMEMCMP(in, pubKey.p, inlen), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_import_public(NULL, inlen, &pubKey), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_public(in, inlen, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_public(in, inlen - 1, &pubKey), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&pubKey);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END wc_ed448_import_public */
 
 /*
@@ -24980,97 +23068,59 @@ static int test_wc_ed448_import_public(void)
  */
 static int test_wc_ed448_import_private_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_IMPORT)
-    WC_RNG      rng;
-    ed448_key   key;
-    const byte  privKey[] =
-                    "Ed448PrivateKeyUnitTest................................\n";
-    const byte  pubKey[] =
-                    "Ed448PublicKeyUnitTest.................................\n";
-    word32      privKeySz = sizeof(privKey);
-    word32      pubKeySz = sizeof(pubKey);
+    ed448_key  key;
+    WC_RNG     rng;
+    const byte privKey[] =
+        "Ed448PrivateKeyUnitTest................................\n";
+    const byte pubKey[] =
+        "Ed448PublicKeyUnitTest.................................\n";
+    word32     privKeySz = sizeof(privKey);
+    word32     pubKeySz = sizeof(pubKey);
 #ifdef HAVE_ED448_KEY_EXPORT
-    byte        bothKeys[sizeof(privKey) + sizeof(pubKey)];
-    word32      bothKeysSz = sizeof(bothKeys);
+    byte       bothKeys[sizeof(privKey) + sizeof(pubKey)];
+    word32     bothKeysSz = sizeof(bothKeys);
 #endif
-    int         ret;
 
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    ret = wc_ed448_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
-    ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey,
-                                                             pubKeySz, &key, 1);
-        if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0 ||
-                                      XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
 
-#ifdef HAVE_ED448_KEY_EXPORT
-    if (ret == 0)
-        ret = wc_ed448_export_private(&key, bothKeys, &bothKeysSz);
+    ExpectIntEQ(wc_ed448_import_private_key_ex(privKey, privKeySz, pubKey,
+        pubKeySz, &key, 1), 0);
+    ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+    ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
 
-    if (ret == 0) {
-        ret = wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
-                                                                       &key, 1);
-        if (ret == 0 && (XMEMCMP(pubKey, key.p, privKeySz) != 0 ||
-                                      XMEMCMP(privKey, key.k, pubKeySz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+#ifdef HAVE_ED448_KEY_EXPORT
+    ExpectIntEQ(wc_ed448_export_private(&key, bothKeys, &bothKeysSz), 0);
+    ExpectIntEQ(wc_ed448_import_private_key_ex(bothKeys, bothKeysSz, NULL, 0,
+        &key, 1), 0);
+    ExpectIntEQ(XMEMCMP(pubKey, key.p, privKeySz), 0);
+    ExpectIntEQ(XMEMCMP(privKey, key.k, pubKeySz), 0);
 #endif
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
-                                                                          &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_import_private_key(privKey, privKeySz, NULL,
-                                                                pubKeySz, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_import_private_key(privKey, privKeySz, pubKey,
-                                                                pubKeySz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey,
-                                                                pubKeySz, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_import_private_key(privKey, privKeySz, pubKey,
-                                                            pubKeySz - 1, &key);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_import_private_key(privKey, privKeySz, NULL,
-                                                            0, &key);
-        }
-
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ed448_import_private_key(NULL, privKeySz, pubKey, pubKeySz,
+        &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, pubKeySz,
+        &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
+        pubKeySz, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz - 1, pubKey,
+        pubKeySz, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, pubKey,
+        pubKeySz - 1, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_import_private_key(privKey, privKeySz, NULL, 0, &key),
+        BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_import_private_key */
 
 /*
@@ -25078,86 +23128,44 @@ static int test_wc_ed448_import_private_key(void)
  */
 static int test_wc_ed448_export(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    WC_RNG          rng;
-    ed448_key       key;
-    byte            priv[ED448_PRV_KEY_SIZE];
-    byte            pub[ED448_PUB_KEY_SIZE];
-    word32          privSz = sizeof(priv);
-    word32          pubSz = sizeof(pub);
-    int             ret;
-
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-
-    ret = wc_ed448_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
-
-    if (ret == 0) {
-        ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-    }
-
-    if (ret == 0) {
-        ret = wc_ed448_export_public(&key, pub, &pubSz);
-        if (ret == 0 && (pubSz != ED448_KEY_SIZE ||
-                                             XMEMCMP(key.p, pub, pubSz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        if (ret == 0) {
-            ret = wc_ed448_export_public(NULL, pub, &pubSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_public(&key, NULL, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_public(&key, pub, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ed448_key key;
+    WC_RNG    rng;
+    byte      priv[ED448_PRV_KEY_SIZE];
+    byte      pub[ED448_PUB_KEY_SIZE];
+    word32    privSz = sizeof(priv);
+    word32    pubSz = sizeof(pub);
+
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_ed448_export_public(&key, pub, &pubSz), 0);
+    ExpectIntEQ(pubSz, ED448_KEY_SIZE);
+    ExpectIntEQ(XMEMCMP(key.p, pub, pubSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_export_public(NULL, pub, &pubSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_public(&key, NULL, &pubSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_public(&key, pub, NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed448_export_private_only(&key, priv, &privSz);
-        if (ret == 0 && (privSz != ED448_KEY_SIZE ||
-                                           XMEMCMP(key.k, priv, privSz) != 0)) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        if (ret == 0) {
-            ret = wc_ed448_export_private_only(NULL, priv, &privSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_private_only(&key, NULL, &privSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_private_only(&key, priv, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ExpectIntEQ(wc_ed448_export_private_only(&key, priv, &privSz), 0);
+    ExpectIntEQ(privSz, ED448_KEY_SIZE);
+    ExpectIntEQ(XMEMCMP(key.k, priv, privSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_export_private_only(NULL, priv, &privSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_private_only(&key, NULL, &privSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_private_only(&key, priv, NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_export */
 
 /*
@@ -25165,86 +23173,38 @@ static int test_wc_ed448_export(void)
  */
 static int test_wc_ed448_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448)
-    WC_RNG          rng;
-    ed448_key       key;
-    int             ret = 0;
+    ed448_key key;
+    WC_RNG    rng;
 
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    ret = wc_ed448_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        wc_ed448_free(&key);
-        return TEST_FAIL;
-    }
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
 
-    ret = wc_ed448_size(&key);
+    ExpectIntEQ(wc_ed448_size(&key), ED448_KEY_SIZE);
     /* Test bad args. */
-    if (ret == ED448_KEY_SIZE) {
-        ret = wc_ed448_size(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_ed448_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed448_sig_size(&key);
-        if (ret == ED448_SIG_SIZE) {
-            ret = 0;
-        }
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_ed448_sig_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed448_sig_size() */
+    ExpectIntEQ(wc_ed448_sig_size(&key), ED448_SIG_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_sig_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed448_pub_size(&key);
-        if (ret == ED448_PUB_KEY_SIZE) {
-            ret = 0;
-        }
-        if (ret == 0) {
-            ret = wc_ed448_pub_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed448_pub_size */
+    ExpectIntEQ(wc_ed448_pub_size(&key), ED448_PUB_KEY_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_pub_size(NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed448_priv_size(&key);
-        if (ret == ED448_PRV_KEY_SIZE) {
-            ret = 0;
-        }
-        if (ret == 0) {
-            ret = wc_ed448_priv_size(NULL);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-    } /* END wc_ed448_pub_size */
+    ExpectIntEQ(wc_ed448_priv_size(&key), ED448_PRV_KEY_SIZE);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_priv_size(NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_size */
 
 /*
@@ -25252,90 +23212,51 @@ static int test_wc_ed448_size(void)
  */
 static int test_wc_ed448_exportKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    WC_RNG          rng;
-    ed448_key       key;
-    byte            priv[ED448_PRV_KEY_SIZE];
-    byte            pub[ED448_PUB_KEY_SIZE];
-    byte            privOnly[ED448_PRV_KEY_SIZE];
-    word32          privSz      = sizeof(priv);
-    word32          pubSz       = sizeof(pub);
-    word32          privOnlySz  = sizeof(privOnly);
-    int             ret;
-
-    ret = wc_InitRng(&rng);
-    if (ret != 0) {
-        return TEST_FAIL;
-    }
-    ret = wc_ed448_init(&key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        return TEST_FAIL;
-    }
-
-    ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-    if (ret != 0) {
-        wc_FreeRng(&rng);
-        wc_ed448_free(&key);
-        return TEST_FAIL;
-    }
-
-    ret = wc_ed448_export_private(&key, privOnly, &privOnlySz);
-    if (ret == 0) {
-        ret = wc_ed448_export_private(NULL, privOnly, &privOnlySz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_export_private(&key, NULL, &privOnlySz);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ed448_export_private(&key, privOnly, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ed448_key key;
+    WC_RNG    rng;
+    byte      priv[ED448_PRV_KEY_SIZE];
+    byte      pub[ED448_PUB_KEY_SIZE];
+    byte      privOnly[ED448_PRV_KEY_SIZE];
+    word32    privSz      = sizeof(priv);
+    word32    pubSz       = sizeof(pub);
+    word32    privOnlySz  = sizeof(privOnly);
+
+    XMEMSET(&key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_ed448_export_private(&key, privOnly, &privOnlySz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_export_private(NULL, privOnly, &privOnlySz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_private(&key, NULL, &privOnlySz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_private(&key, privOnly, NULL), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz);
-        if (ret == 0) {
-            ret = wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_key(&key, priv, NULL, pub, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ed448_export_key(&key, priv, &privSz, pub, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    } /* END wc_ed448_export_key() */
+    ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, &pubSz), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ed448_export_key(NULL, priv, &privSz, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_key(&key, NULL, &privSz, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_key(&key, priv, NULL, pub, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, NULL, &pubSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ed448_export_key(&key, priv, &privSz, pub, NULL),
+        BAD_FUNC_ARG);
 
     /* Cross check output. */
-    if (ret == 0 && XMEMCMP(priv, privOnly, privSz) != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(XMEMCMP(priv, privOnly, privSz), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ed448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ed448_exportKey */
 
 /*
@@ -25343,61 +23264,38 @@ static int test_wc_ed448_exportKey(void)
  */
 static int test_wc_Ed448PublicKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    int       tmp;
     ed448_key key;
     byte      derBuf[1024];
-    int       ret = 0;
+
+    XMEMSET(&key, 0, sizeof(ed448_key));
 
     /* Test bad args */
-    tmp = wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0);
-    if (tmp != BAD_FUNC_ARG) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_Ed448PublicKeyToDer(NULL, NULL, 0, 0), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        wc_ed448_init(&key);
-        tmp = wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0);
-        if (tmp != BUFFER_E) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        wc_ed448_free(&key);
-    }
+    ExpectIntEQ(wc_ed448_init(&key), 0);
+    ExpectIntEQ(wc_Ed448PublicKeyToDer(&key, derBuf, 0, 0), BUFFER_E);
+    wc_ed448_free(&key);
 
     /*  Test good args */
-    if (ret == 0) {
-        WC_RNG          rng;
-        ret = wc_InitRng(&rng);
-        if (ret != 0) {
-            return TEST_FAIL;
-        }
-        ret = wc_ed448_init(&key);
-        if (ret != 0) {
-            wc_FreeRng(&rng);
-            return TEST_FAIL;
-        }
+    if (EXPECT_SUCCESS()) {
+        WC_RNG rng;
 
-        ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key);
-        if (ret != 0) {
-            wc_FreeRng(&rng);
-            wc_ed448_free(&key);
-            return TEST_FAIL;
-        }
+        XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        tmp = wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1);
-        if (tmp <= 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+        ExpectIntEQ(wc_ed448_init(&key), 0);
+        ExpectIntEQ(wc_InitRng(&rng), 0);
+        ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &key), 0);
+
+        ExpectIntGT(wc_Ed448PublicKeyToDer(&key, derBuf, 1024, 1), 0);
 
-        wc_FreeRng(&rng);
+        DoExpectIntEQ(wc_FreeRng(&rng), 0);
         wc_ed448_free(&key);
     }
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END testing wc_Ed448PublicKeyToDer */
 
 /*
@@ -25405,32 +23303,21 @@ static int test_wc_Ed448PublicKeyToDer(void)
  */
 static int test_wc_curve448_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    curve448_key  key;
-    int ret = 0;
-
-    ret = wc_curve448_init(&key);
+    curve448_key key;
 
     /* Test bad args for wc_curve448_init */
-    if (ret == 0) {
-        ret = wc_curve448_init(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    /* Test bad args for wc_curve448_init */
+    ExpectIntEQ(wc_curve448_init(NULL), BAD_FUNC_ARG);
 
-    /*  Test good args for wc_curve_448_free */
+    /* Test good args for wc_curve_448_free */
     wc_curve448_free(&key);
-
+    /* Test bad args for wc_curve448_free */
     wc_curve448_free(NULL);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_curve448_init and wc_curve_448_free*/
 
 /*
@@ -25438,479 +23325,276 @@ static int test_wc_curve448_init(void)
  */
 static int test_wc_curve448_make_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    WC_RNG        rng;
-    curve448_key  key;
-    int           keysize;
-    int           ret;
+    curve448_key key;
+    WC_RNG       rng;
+    int          keysize;
 
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
-        if (ret == 0) {
-            keysize = wc_curve448_size(&key);
-            if (keysize != CURVE448_KEY_SIZE) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_curve448_make_key(&rng, keysize, &key);
-        }
-    }
-    /* test bad cases */
-    if (ret == 0) {
-        ret = wc_curve448_make_key(NULL, 0, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_make_key(&rng, keysize, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_make_key(NULL, keysize, &key);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_make_key(&rng, 0, &key);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    if (wc_FreeRng(&rng) != 0 && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+    ExpectIntEQ(keysize = wc_curve448_size(&key), CURVE448_KEY_SIZE);
+    ExpectIntEQ(wc_curve448_make_key(&rng, keysize, &key), 0);
 
-    wc_curve448_free(&key);
+    /* test bad cases */
+    ExpectIntEQ(wc_curve448_make_key(NULL, 0, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_make_key(&rng, keysize, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_make_key(NULL, keysize, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_make_key(&rng, 0, &key), ECC_BAD_ARG_E);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_curve448_free(&key);
 #endif
-    return res;
-} /*END test_wc_curve448_make_key*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_make_key*/
 /*
  * Testing test_wc_curve448_shared_secret_ex
  */
 static int test_wc_curve448_shared_secret_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    WC_RNG        rng;
-    curve448_key  private_key, public_key;
-    byte          out[CURVE448_KEY_SIZE];
-    word32        outLen = sizeof(out);
-    int           endian = EC448_BIG_ENDIAN;
-    int           ret;
+    curve448_key private_key;
+    curve448_key public_key;
+    WC_RNG       rng;
+    byte         out[CURVE448_KEY_SIZE];
+    word32       outLen = sizeof(out);
+    int          endian = EC448_BIG_ENDIAN;
 
-    ret = wc_curve448_init(&private_key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-        if (ret == 0) {
-            ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key);
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_init(&public_key);
-    }
-    if (ret == 0) {
-        if (ret == 0) {
-            ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key);
-        }
-    }
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve448_init(&private_key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &private_key), 0);
+
+    ExpectIntEQ(wc_curve448_init(&public_key), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &public_key), 0);
+    ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+        &outLen, endian), 0);
 
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
-                                            &outLen, endian);
-    }
     /* test bad cases */
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(NULL, &public_key, out,
-                                            &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(&private_key, NULL, out,
-                                            &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(&private_key, &public_key, NULL,
-                                            &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
-                                            NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, NULL, NULL, 0, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_shared_secret_ex(NULL, &public_key, out, &outLen,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, NULL, out, &outLen,
+        endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, NULL,
+        &outLen, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+        NULL, endian), BAD_FUNC_ARG);
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve448_shared_secret_ex(&private_key, &public_key, out,
-                                            &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_shared_secret_ex(&private_key, &public_key, out,
+        &outLen, endian), BAD_FUNC_ARG);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve448_free(&private_key);
     wc_curve448_free(&public_key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /*END test_wc_curve448_shared_secret_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_shared_secret_ex*/
 
 /*
  * Testing test_wc_curve448_export_public_ex
  */
 static int test_wc_curve448_export_public_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
     WC_RNG        rng;
     curve448_key  key;
     byte          out[CURVE448_KEY_SIZE];
     word32        outLen = sizeof(out);
     int           endian = EC448_BIG_ENDIAN;
-    int           ret;
 
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve448_export_public(&key, out, &outLen);
-            }
-        if (ret == 0) {
-            ret = wc_curve448_export_public_ex(&key, out, &outLen, endian);
-        }
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve448_export_public_ex(NULL, NULL, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_public_ex(NULL, out, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_public_ex(&key, NULL, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_public_ex(&key, out, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve448_export_public(&key, out, &outLen), 0);
+    ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian), 0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve448_export_public_ex(NULL, NULL, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_public_ex(NULL, out, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_public_ex(&key, NULL, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_public_ex(&key, out, NULL, endian),
+        BAD_FUNC_ARG);
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve448_export_public_ex(&key, out, &outLen, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_export_public_ex(&key, out, &outLen, endian),
+        ECC_BAD_ARG_E);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve448_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
-} /*END test_wc_curve448_export_public_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_export_public_ex*/
 
 /*
  * Testing test_wc_curve448_export_private_raw_ex
  */
 static int test_wc_curve448_export_private_raw_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    curve448_key  key;
-    byte          out[CURVE448_KEY_SIZE];
-    word32        outLen = sizeof(out);
-    int           endian = EC448_BIG_ENDIAN;
-    int           ret;
+    curve448_key key;
+    byte         out[CURVE448_KEY_SIZE];
+    word32       outLen = sizeof(out);
+    int          endian = EC448_BIG_ENDIAN;
 
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(&key, out, &outLen, endian);
-    }
-    /*test bad cases*/
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(&key, out, NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(&key, out, &outLen,
-                                                 EC448_LITTLE_ENDIAN);
-    }
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
+        0);
+    /* test bad cases*/
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, NULL, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(NULL, out, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, NULL, &outLen, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, NULL, endian),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen,
+        EC448_LITTLE_ENDIAN), 0);
     outLen = outLen - 2;
-    if (ret == 0) {
-        ret = wc_curve448_export_private_raw_ex(&key, out, &outLen, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_curve448_export_private_raw_ex(&key, out, &outLen, endian),
+        ECC_BAD_ARG_E);
 
     wc_curve448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-}/*END test_wc_curve448_export_private_raw_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_export_private_raw_ex*/
 
 /*
  * Testing test_wc_curve448_import_private_raw_ex
  */
 static int test_wc_curve448_import_private_raw_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    WC_RNG             rng;
-    curve448_key    key;
-    byte            priv[CURVE448_KEY_SIZE];
-    byte            pub[CURVE448_KEY_SIZE];
-    word32          privSz = sizeof(priv);
-    word32          pubSz = sizeof(pub);
-    int             endian = EC448_BIG_ENDIAN;
-    int             ret;
-
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-
-        ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve448_export_private_raw(&key, priv, &privSz);
-        }
-        if (ret == 0) {
-            ret = wc_curve448_export_public(&key, pub, &pubSz);
-            }
-        if (ret == 0) {
-            ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                     &key, endian);
-        }
-    }
+    curve448_key key;
+    WC_RNG       rng;
+    byte         priv[CURVE448_KEY_SIZE];
+    byte         pub[CURVE448_KEY_SIZE];
+    word32       privSz = sizeof(priv);
+    word32       pubSz = sizeof(pub);
+    int          endian = EC448_BIG_ENDIAN;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+    ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+        &key, endian), 0);
     /* test bad cases */
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz,
-                                                 &key, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz,
-                                                 &key, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                 NULL, endian);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz,
-                                                 &key, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, 0,
-                                                 &key, endian);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
-                                                 &key, EC448_LITTLE_ENDIAN);
-
-    }
-
-    if (wc_FreeRng(&rng) != 0 && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, 0, NULL, 0, NULL, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(NULL, privSz, pub, pubSz,
+        &key, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, NULL, pubSz,
+        &key, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+        NULL, endian), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, 0, pub, pubSz,
+        &key, endian), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, 0,
+        &key, endian), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_curve448_import_private_raw_ex(priv, privSz, pub, pubSz,
+        &key, EC448_LITTLE_ENDIAN), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /*END test_wc_curve448_import_private_raw_ex*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_import_private_raw_ex*/
 /*
  * Testing test_curve448_export_key_raw
  */
 static int test_wc_curve448_export_key_raw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    WC_RNG          rng;
-    curve448_key    key;
-    byte            priv[CURVE448_KEY_SIZE];
-    byte            pub[CURVE448_KEY_SIZE];
-    word32          privSz = sizeof(priv);
-    word32          pubSz = sizeof(pub);
-    int             ret;
-
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
-
-        ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve448_export_private_raw(&key, priv, &privSz);
-        }
-        if (ret == 0) {
-            ret = wc_curve448_export_public(&key, pub, &pubSz);
-            }
-        if (ret == 0) {
-            ret = wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz);
-        }
-    }
+    curve448_key key;
+    WC_RNG       rng;
+    byte         priv[CURVE448_KEY_SIZE];
+    byte         pub[CURVE448_KEY_SIZE];
+    word32       privSz = sizeof(priv);
+    word32       pubSz = sizeof(pub);
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
+
+    ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+    ExpectIntEQ(wc_curve448_export_public(&key, pub, &pubSz), 0);
+    ExpectIntEQ(wc_curve448_export_key_raw(&key, priv, &privSz, pub, &pubSz),
+        0);
 
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_curve448_free(&key);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-}/*END test_wc_curve448_import_private_raw_ex*/
-
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_import_private_raw_ex*/
 
 /*
  * Testing test_wc_curve448_import_private
  */
 static int test_wc_curve448_import_private(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    curve448_key       key;
-    WC_RNG             rng;
-    byte               priv[CURVE448_KEY_SIZE];
-    word32             privSz = sizeof(priv);
-    int                ret;
+    curve448_key key;
+    WC_RNG       rng;
+    byte         priv[CURVE448_KEY_SIZE];
+    word32       privSz = sizeof(priv);
 
-    ret = wc_curve448_init(&key);
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
-    if (ret == 0) {
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-        ret = wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key);
-        if (ret == 0) {
-            ret = wc_curve448_export_private_raw(&key, priv, &privSz);
-        }
-    }
-    if (ret == 0) {
-        ret = wc_curve448_import_private(priv, privSz, &key);
-    }
-    wc_curve448_free(&key);
-    wc_FreeRng(&rng);
+    ExpectIntEQ(wc_curve448_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_curve448_make_key(&rng, CURVE448_KEY_SIZE, &key), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_curve448_export_private_raw(&key, priv, &privSz), 0);
+    ExpectIntEQ(wc_curve448_import_private(priv, privSz, &key), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_curve448_free(&key);
 #endif
-    return res;
-} /*END test_wc_curve448_import*/
+    return EXPECT_RESULT();
+} /* END test_wc_curve448_import*/
 /*
  * Testing test_wc_curve448_size.
  */
 static int test_wc_curve448_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_CURVE448)
-    curve448_key  key;
-    int ret = 0;
+    curve448_key key;
 
-    ret = wc_curve448_init(&key);
+    ExpectIntEQ(wc_curve448_init(&key), 0);
 
     /*  Test good args for wc_curve448_size */
-    if (ret == 0) {
-        ret = wc_curve448_size(&key);
-    }
-
+    ExpectIntEQ(wc_curve448_size(&key), CURVE448_KEY_SIZE);
     /* Test bad args for wc_curve448_size */
-    if (ret != 0) {
-        ret = wc_curve448_size(NULL);
-    }
+    ExpectIntEQ(wc_curve448_size(NULL), 0);
 
     wc_curve448_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_curve448_size*/
 
 /*
@@ -25918,50 +23602,35 @@ static int test_wc_curve448_size(void)
  */
 static int test_wc_ecc_make_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG)
-    WC_RNG  rng;
     ecc_key key;
+    WC_RNG  rng;
     int     ret;
 
-    ret = wc_InitRng(&rng);
-    if (ret != 0)
-        return TEST_FAIL;
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_ecc_init(&key);
-    if (ret == 0) {
-        ret = wc_ecc_make_key(&rng, KEY14, &key);
-    #if defined(WOLFSSL_ASYNC_CRYPT)
-        ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-    #endif
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-        /* Pass in bad args. */
-        if (ret == 0) {
-            ret = wc_ecc_make_key(NULL, KEY14, &key);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_make_key(&rng, KEY14, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        wc_ecc_free(&key);
-    }
+    /* Pass in bad args. */
+    ExpectIntEQ(wc_ecc_make_key(NULL, KEY14, &key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_make_key(&rng, KEY14, NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) != 0 && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_make_key */
 
 
@@ -25970,28 +23639,19 @@ static int test_wc_ecc_make_key(void)
  */
 static int test_wc_ecc_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_ECC
-    ecc_key     key;
-    int         ret;
+    ecc_key key;
 
-    ret = wc_ecc_init(&key);
+    XMEMSET(&key, 0, sizeof(ecc_key));
+
+    ExpectIntEQ(wc_ecc_init(&key), 0);
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_init(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(NULL), BAD_FUNC_ARG);
 
     wc_ecc_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_init */
 
 /*
@@ -25999,53 +23659,36 @@ static int test_wc_ecc_init(void)
  */
 static int test_wc_ecc_check_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG)
-    WC_RNG      rng;
-    ecc_key     key;
-    int         ret;
+    ecc_key key;
+    WC_RNG  rng;
+    int     ret;
 
     XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&key, 0, sizeof(key));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_check_key(&key);
-    }
+    ExpectIntEQ(wc_ecc_check_key(&key), 0);
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_check_key(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_check_key(NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_check_key */
 
 /*
@@ -26053,40 +23696,28 @@ static int test_wc_ecc_check_key(void)
  */
 static int test_wc_ecc_get_generator(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
     !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
-    ecc_point* pt;
-    int        ret = 0;
+    ecc_point* pt = NULL;
 
-    pt = wc_ecc_new_point();
-    if (!pt) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectNotNull(pt = wc_ecc_new_point());
 
-    if (ret == 0) {
-        ret = wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1));
-    }
+    ExpectIntEQ(wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1)),
+        MP_OKAY);
 
     /* Test bad args. */
-    if (ret == MP_OKAY) {
-        /* Returns Zero for bad arg. */
-        ret = wc_ecc_get_generator(pt, -1);
-        if (ret != MP_OKAY)
-            wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1));
-        if (ret != MP_OKAY)
-            wc_ecc_get_generator(pt, 1000); /* If we ever get to 1000 curves
-                                             * increase this number */
-        if (ret != MP_OKAY)
-            wc_ecc_get_generator(NULL, -1);
-        ret = (ret == MP_OKAY) ? WOLFSSL_FATAL_ERROR : 0;
-    }
+    /* Returns Zero for bad arg. */
+    ExpectIntNE(wc_ecc_get_generator(pt, -1), MP_OKAY);
+    ExpectIntNE(wc_ecc_get_generator(NULL, wc_ecc_get_curve_idx(ECC_SECP256R1)),
+        MP_OKAY);
+    /* If we ever get to 1000 curves increase this number */
+    ExpectIntNE(wc_ecc_get_generator(pt, 1000), MP_OKAY);
+    ExpectIntNE(wc_ecc_get_generator(NULL, -1), MP_OKAY);
 
     wc_ecc_del_point(pt);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_get_generator */
 
 /*
@@ -26094,54 +23725,37 @@ static int test_wc_ecc_get_generator(void)
  */
 static int test_wc_ecc_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG)
     WC_RNG      rng;
     ecc_key     key;
     int         ret;
 
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_size(&key);
-        if (ret == KEY14) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_size(&key), KEY14);
     /* Test bad args. */
-    if (ret == 0) {
-        /* Returns Zero for bad arg. */
-        ret = wc_ecc_size(NULL);
-    }
+    /* Returns Zero for bad arg. */
+    ExpectIntEQ(wc_ecc_size(NULL), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_size */
 
 static int test_wc_ecc_params(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
     /* FIPS/CAVP self-test modules do not have `wc_ecc_get_curve_params`.
         It was added after certifications */
 #if defined(HAVE_ECC) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
@@ -26149,20 +23763,17 @@ static int test_wc_ecc_params(void)
 #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
     /* Test for SECP256R1 curve */
     int curve_id = ECC_SECP256R1;
-    int curve_idx = wc_ecc_get_curve_idx(curve_id);
-    AssertIntNE(curve_idx, ECC_CURVE_INVALID);
-    ecc_set = wc_ecc_get_curve_params(curve_idx);
-    AssertNotNull(ecc_set);
-    AssertIntEQ(ecc_set->id, curve_id);
+    int curve_idx;
+
+    ExpectIntNE(curve_idx = wc_ecc_get_curve_idx(curve_id), ECC_CURVE_INVALID);
+    ExpectNotNull(ecc_set = wc_ecc_get_curve_params(curve_idx));
+    ExpectIntEQ(ecc_set->id, curve_id);
 #endif
     /* Test case when SECP256R1 is not enabled */
     /* Test that we get curve params for index 0 */
-    ecc_set = wc_ecc_get_curve_params(0);
-    AssertNotNull(ecc_set);
-
-    res = TEST_RES_CHECK(1);
+    ExpectNotNull(ecc_set = wc_ecc_get_curve_params(0));
 #endif /* HAVE_ECC && !HAVE_FIPS && !HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*
@@ -26170,127 +23781,87 @@ static int test_wc_ecc_params(void)
  */
 static int test_wc_ecc_signVerify_hash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && !defined(NO_ASN) && !defined(WC_NO_RNG)
-    WC_RNG      rng;
-    ecc_key     key;
-    int         ret;
-    int         signH = WOLFSSL_FATAL_ERROR;
-    #ifdef HAVE_ECC_VERIFY
-        int     verifyH = WOLFSSL_FATAL_ERROR;
-        int     verify  = 0;
-    #endif
-    word32      siglen = ECC_BUFSIZE;
-    byte        sig[ECC_BUFSIZE];
-    byte        adjustedSig[ECC_BUFSIZE+1];
-    byte        digest[] = TEST_STRING;
-    word32      digestlen = (word32)TEST_STRING_SZ;
+    ecc_key key;
+    WC_RNG  rng;
+    int     ret;
+#ifdef HAVE_ECC_VERIFY
+    int     verify = 0;
+#endif
+    word32  siglen = ECC_BUFSIZE;
+    byte    sig[ECC_BUFSIZE];
+    byte    adjustedSig[ECC_BUFSIZE+1];
+    byte    digest[] = TEST_STRING;
+    word32  digestlen = (word32)TEST_STRING_SZ;
 
     /* Init stack var */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(sig, 0, siglen);
-    XMEMSET(&key, 0, sizeof(key));
     XMEMSET(adjustedSig, 0, ECC_BUFSIZE+1);
 
     /* Init structs. */
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key);
-    }
+    ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, &key),
+        0);
 
     /* Check bad args. */
-    if (ret == 0) {
-        signH = wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key);
-        if (signH == ECC_BAD_ARG_E) {
-            signH = wc_ecc_sign_hash(digest, digestlen, NULL, &siglen,
-                                                                &rng, &key);
-        }
-        if (signH == ECC_BAD_ARG_E) {
-            signH = wc_ecc_sign_hash(digest, digestlen, sig, NULL,
-                                                                &rng, &key);
-        }
-        if (signH == ECC_BAD_ARG_E) {
-            signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
-                                                                NULL, &key);
-        }
-        if (signH == ECC_BAD_ARG_E) {
-            signH = wc_ecc_sign_hash(digest, digestlen, sig, &siglen,
-                                                                &rng, NULL);
-        }
-        if (signH == ECC_BAD_ARG_E) {
-            signH = 0;
-        }
-        else {
-            signH = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_sign_hash(NULL, digestlen, sig, &siglen, &rng, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, NULL, &siglen, &rng, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, NULL, &rng, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, NULL, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash(digest, digestlen, sig, &siglen, &rng, NULL),
+        ECC_BAD_ARG_E);
 
 #ifdef HAVE_ECC_VERIFY
-    ret = wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify, &key);
-    if (verify != 1 && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
+        &key), 0);
+    ExpectIntEQ(verify, 1);
 
     /* test check on length of signature passed in */
     XMEMCPY(adjustedSig, sig, siglen);
     adjustedSig[1] = adjustedSig[1] + 1; /* add 1 to length for extra byte*/
 #ifndef NO_STRICT_ECDSA_LEN
-    AssertIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
-                &verify, &key), 0);
+    ExpectIntNE(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
+        &verify, &key), 0);
 #else
     /* if NO_STRICT_ECDSA_LEN is set then extra bytes after the signature
      * is allowed */
-    AssertIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
-                &verify, &key), 0);
+    ExpectIntEQ(wc_ecc_verify_hash(adjustedSig, siglen+1, digest, digestlen,
+        &verify, &key), 0);
 #endif
 
     /* Test bad args. */
-    if (ret == 0) {
-        verifyH = wc_ecc_verify_hash(NULL, siglen, digest, digestlen,
-                                                        &verify, &key);
-        if (verifyH == ECC_BAD_ARG_E) {
-            verifyH = wc_ecc_verify_hash(sig, siglen, NULL, digestlen,
-                                                        &verify, &key);
-        }
-        if (verifyH == ECC_BAD_ARG_E) {
-            verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
-                                                            NULL, &key);
-        }
-        if (verifyH == ECC_BAD_ARG_E) {
-            verifyH = wc_ecc_verify_hash(sig, siglen, digest, digestlen,
-                                                        &verify, NULL);
-        }
-        if (verifyH == ECC_BAD_ARG_E) {
-            verifyH = 0;
-        }
-        else {
-            verifyH = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
+    ExpectIntEQ(wc_ecc_verify_hash(NULL, siglen, digest, digestlen, &verify,
+        &key), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, NULL, digestlen, &verify, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, NULL, &key),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash(sig, siglen, digest, digestlen, &verify,
+        NULL), ECC_BAD_ARG_E);
 #endif /* HAVE_ECC_VERIFY */
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0 && signH == 0 && verifyH == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /*  END test_wc_ecc_sign_hash */
 
 
@@ -26299,11 +23870,14 @@ static int test_wc_ecc_signVerify_hash(void)
  */
 static int test_wc_ecc_shared_secret(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG)
-    ecc_key     key, pubKey;
+    ecc_key     key;
+    ecc_key     pubKey;
     WC_RNG      rng;
+#if defined(NO_ECC256)
     int         ret;
+#endif
     byte        out[KEY32];
     int         keySz = sizeof(out);
     word32      outlen = (word32)sizeof(out);
@@ -26328,102 +23902,68 @@ static int test_wc_ecc_shared_secret(void)
     PRIVATE_KEY_UNLOCK();
 
     /* Initialize variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&pubKey, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, keySz);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
-    XMEMSET(&pubKey, 0, sizeof(pubKey));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_init(&pubKey);
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_ecc_init(&pubKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-#if defined(HAVE_ECC) && !defined(NO_ECC256)
-    if (ret == 0) {
-        ret = wc_ecc_import_raw(&key, qx, qy, d, curveName);
-    }
-    if (ret == 0) {
-        ret = wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName);
-    }
+#if !defined(NO_ECC256)
+    ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
+    ExpectIntEQ(wc_ecc_import_raw(&pubKey, qx, qy, NULL, curveName), 0);
 #else
-    if (ret == 0) {
-        ret = wc_ecc_make_key(&rng, keySz, &key);
-    #if defined(WOLFSSL_ASYNC_CRYPT)
-        ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-    #endif
-    }
-    if (ret == 0) {
-        ret = wc_ecc_make_key(&rng, keySz, &pubKey);
-    #if defined(WOLFSSL_ASYNC_CRYPT)
-        ret = wc_AsyncWait(ret, &pubKey.asyncDev, WC_ASYNC_FLAG_NONE);
-    #endif
-    }
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 #endif
 
 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
     !defined(HAVE_SELFTEST)
-    if (ret == 0) {
-        ret = wc_ecc_set_rng(&key, &rng);
-    }
+    ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
 #endif
 
-    if (ret == 0) {
-        ret = wc_ecc_shared_secret(&key, &pubKey, out, &outlen);
+    ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen), 0);
 
-#if defined(HAVE_ECC) && !defined(NO_ECC256)
-        if (ret == 0) {
-            if (0 != XMEMCMP(out, expected_shared_secret, outlen)) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
+#if !defined(NO_ECC256)
+    ExpectIntEQ(XMEMCMP(out, expected_shared_secret, outlen), 0);
 #endif
 
-        /* Test bad args. */
-        if (ret == 0) {
-            ret = wc_ecc_shared_secret(NULL, &pubKey, out, &outlen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_shared_secret(&key, NULL, out, &outlen);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_shared_secret(&key, &pubKey, out, NULL);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                /* Invalid length */
-                outlen = 1;
-                ret = wc_ecc_shared_secret(&key, &pubKey, out, &outlen);
-            }
-
-            if (ret == BUFFER_E) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    /* Test bad args. */
+    ExpectIntEQ(wc_ecc_shared_secret(NULL, &pubKey, out, &outlen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret(&key, NULL, out, &outlen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, NULL, &outlen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, NULL),
+        BAD_FUNC_ARG);
+    /* Invalid length */
+    outlen = 1;
+    ExpectIntEQ(wc_ecc_shared_secret(&key, &pubKey, out, &outlen),
+        BUFFER_E);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    wc_ecc_free(&key);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&pubKey);
+    wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
 
     PRIVATE_KEY_LOCK();
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END tests_wc_ecc_shared_secret */
 
 /*
@@ -26431,59 +23971,39 @@ static int test_wc_ecc_shared_secret(void)
  */
 static int test_wc_ecc_export_x963(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
     ecc_key key;
     WC_RNG  rng;
     byte    out[ECC_ASN963_MAX_BUF_SZ];
     word32  outlen = sizeof(out);
-    int     ret = 0;
+    int     ret;
 
     PRIVATE_KEY_UNLOCK();
 
     /* Initialize variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, outlen);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY20, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
-    if (ret == 0) {
-        ret = wc_ecc_export_x963(&key, out, &outlen);
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY20, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_export_x963(NULL, out, &outlen);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_export_x963(&key, NULL, &outlen);
-        }
-        if (ret == LENGTH_ONLY_E) {
-            ret = wc_ecc_export_x963(&key, out, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            key.idx = -4;
-            ret = wc_ecc_export_x963(&key, out, &outlen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_export_x963(NULL, out, &outlen), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_export_x963(&key, NULL, &outlen), LENGTH_ONLY_E);
+    ExpectIntEQ(wc_ecc_export_x963(&key, out, NULL), ECC_BAD_ARG_E);
+    key.idx = -4;
+    ExpectIntEQ(wc_ecc_export_x963(&key, out, &outlen), ECC_BAD_ARG_E);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
 
 #ifdef FP_ECC
@@ -26491,10 +24011,8 @@ static int test_wc_ecc_export_x963(void)
 #endif
 
     PRIVATE_KEY_LOCK();
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_export_x963 */
 
 /*
@@ -26503,11 +24021,11 @@ static int test_wc_ecc_export_x963(void)
  */
 static int test_wc_ecc_export_x963_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
     ecc_key key;
     WC_RNG  rng;
-    int     ret = 0;
+    int     ret;
     byte    out[ECC_ASN963_MAX_BUF_SZ];
     word32  outlen = sizeof(out);
     #ifdef HAVE_COMP_KEY
@@ -26515,97 +24033,58 @@ static int test_wc_ecc_export_x963_ex(void)
     #endif
 
     /* Init stack variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, outlen);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY64, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY64, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    #ifdef HAVE_COMP_KEY
-        if (ret == 0) {
-            ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
-        }
-    #else
-        if (ret == 0) {
-            ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
-        }
-    #endif
+#ifdef HAVE_COMP_KEY
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), 0);
+#else
+    ExpectIntEQ(ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP), 0);
+#endif
 
     /* Test bad args. */
-    #ifdef HAVE_COMP_KEY
-    if (ret == 0) {
-        ret = wc_ecc_export_x963_ex(NULL, out, &outlen, COMP);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_export_x963_ex(&key, out, NULL, COMP);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP);
-        }
+#ifdef HAVE_COMP_KEY
+    ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, COMP), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, COMP), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, COMP), BAD_FUNC_ARG);
 #if defined(HAVE_FIPS) && (!defined(FIPS_VERSION_LT) || FIPS_VERSION_LT(5,3))
-        if (ret == BUFFER_E)
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP), BUFFER_E);
 #else
-        if (ret == LENGTH_ONLY_E)
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &badOutLen, COMP),
+        LENGTH_ONLY_E);
+#endif
+    key.idx = -4;
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, COMP), ECC_BAD_ARG_E);
+#else
+    ExpectIntEQ(wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP),
+        LENGTH_ONLY_E);
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, 1), NOT_COMPILED_IN);
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP),
+        ECC_BAD_ARG_E);
+    key.idx = -4;
+    ExpectIntEQ(wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP),
+        ECC_BAD_ARG_E);
 #endif
-        {
-            key.idx = -4;
-            ret = wc_ecc_export_x963_ex(&key, out, &outlen, COMP);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    #else
-        if (ret == 0) {
-            ret = wc_ecc_export_x963_ex(NULL, out, &outlen, NOCOMP);
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_export_x963_ex(&key, NULL, &outlen, NOCOMP);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = wc_ecc_export_x963_ex(&key, out, &outlen, 1);
-            }
-            if (ret == NOT_COMPILED_IN) {
-                ret = wc_ecc_export_x963_ex(&key, out, NULL, NOCOMP);
-            }
-            if (ret == BAD_FUNC_ARG) {
-                key.idx = -4;
-                ret = wc_ecc_export_x963_ex(&key, out, &outlen, NOCOMP);
-            }
-            if (ret == ECC_BAD_ARG_E) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    #endif
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_export_x963_ex */
 
 /*
@@ -26613,85 +24092,63 @@ static int test_wc_ecc_export_x963_ex(void)
  */
 static int test_wc_ecc_import_x963(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
     defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
-    ecc_key pubKey, key;
+    ecc_key pubKey;
+    ecc_key key;
     WC_RNG  rng;
     byte    x963[ECC_ASN963_MAX_BUF_SZ];
     word32  x963Len = (word32)sizeof(x963);
     int     ret;
 
     /* Init stack variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&pubKey, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(x963, 0, x963Len);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
-    XMEMSET(&pubKey, 0, sizeof(pubKey));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&pubKey);
-        if (ret == 0) {
-            ret = wc_ecc_init(&key);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY24, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            PRIVATE_KEY_UNLOCK();
-            ret = wc_ecc_export_x963(&key, x963, &x963Len);
-            PRIVATE_KEY_LOCK();
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&pubKey), 0);
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY24, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_import_x963(x963, x963Len, &pubKey);
-    }
+    PRIVATE_KEY_UNLOCK();
+    ExpectIntEQ(wc_ecc_export_x963(&key, x963, &x963Len), 0);
+    PRIVATE_KEY_LOCK();
+
+    ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, &pubKey), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_import_x963(NULL, x963Len, &pubKey);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_x963(x963, x963Len, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_x963(x963, x963Len + 1, &pubKey);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_import_x963(NULL, x963Len, &pubKey), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_x963(x963, x963Len, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_x963(x963, x963Len + 1, &pubKey), ECC_BAD_ARG_E);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
     wc_ecc_free(&pubKey);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END wc_ecc_import_x963 */
 
 /*
  * testing wc_ecc_import_private_key()
  */
-static int ecc_import_private_key(void)
+static int test_wc_ecc_import_private_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_IMPORT) && \
     defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
-    ecc_key key, keyImp;
+    ecc_key key;
+    ecc_key keyImp;
     WC_RNG  rng;
     byte    privKey[ECC_PRIV_KEY_BUF]; /* Raw private key.*/
     byte    x963Key[ECC_ASN963_MAX_BUF_SZ];
@@ -26700,68 +24157,44 @@ static int ecc_import_private_key(void)
     int     ret;
 
     /* Init stack variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&keyImp, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(privKey, 0, privKeySz);
     XMEMSET(x963Key, 0, x963KeySz);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
-    XMEMSET(&keyImp, 0, sizeof(keyImp));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_init(&keyImp);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY48, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            PRIVATE_KEY_UNLOCK();
-            ret = wc_ecc_export_x963(&key, x963Key, &x963KeySz);
-            PRIVATE_KEY_LOCK();
-        }
-        if (ret == 0) {
-            ret = wc_ecc_export_private_only(&key, privKey, &privKeySz);
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_ecc_init(&keyImp), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY48, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
-                                                x963KeySz, &keyImp);
-    }
+    PRIVATE_KEY_UNLOCK();
+    ExpectIntEQ(wc_ecc_export_x963(&key, x963Key, &x963KeySz), 0);
+    PRIVATE_KEY_LOCK();
+    ExpectIntEQ(wc_ecc_export_private_only(&key, privKey, &privKeySz), 0);
+
+    ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
+        x963KeySz, &keyImp), 0);
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_import_private_key(privKey, privKeySz, x963Key,
-                                                x963KeySz, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_private_key(NULL, privKeySz, x963Key,
-                                                x963KeySz, &keyImp);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_import_private_key(privKey, privKeySz, x963Key,
+        x963KeySz, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_private_key(NULL, privKeySz, x963Key, x963KeySz,
+        &keyImp), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    wc_ecc_free(&key);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&keyImp);
+    wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-} /* END wc_ecc_import_private_key */
+    return EXPECT_RESULT();
+} /* END test_wc_ecc_import_private_key */
 
 
 /*
@@ -26769,7 +24202,7 @@ static int ecc_import_private_key(void)
  */
 static int test_wc_ecc_export_private_only(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
     ecc_key key;
     WC_RNG  rng;
@@ -26778,52 +24211,32 @@ static int test_wc_ecc_export_private_only(void)
     int     ret;
 
     /* Init stack variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(out, 0, outlen);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY32, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
-    if (ret == 0) {
-        ret = wc_ecc_export_private_only(&key, out, &outlen);
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY32, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    ExpectIntEQ(wc_ecc_export_private_only(&key, out, &outlen), 0);
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_export_private_only(NULL, out, &outlen);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_export_private_only(&key, NULL, &outlen);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_export_private_only(&key, out, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_export_private_only(NULL, out, &outlen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_export_private_only(&key, NULL, &outlen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_export_private_only(&key, out, NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_export_private_only */
 
 
@@ -26832,183 +24245,136 @@ static int test_wc_ecc_export_private_only(void)
  */
 static int test_wc_ecc_rs_to_sig(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(NO_ASN)
     /* first [P-192,SHA-1] vector from FIPS 186-3 NIST vectors */
-    const char*   R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
-    const char*   S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
-    const char*   zeroStr = "0";
-    byte          sig[ECC_MAX_SIG_SIZE];
-    word32        siglen = (word32)sizeof(sig);
-    /*R and S max size is the order of curve. 2^192.*/
-    int           keySz = KEY24;
-    byte          r[KEY24];
-    byte          s[KEY24];
-    word32        rlen = (word32)sizeof(r);
-    word32        slen = (word32)sizeof(s);
-    int           ret;
+    const char* R = "6994d962bdd0d793ffddf855ec5bf2f91a9698b46258a63e";
+    const char* S = "02ba6465a234903744ab02bc8521405b73cf5fc00e1a9f41";
+    const char* zeroStr = "0";
+    byte        sig[ECC_MAX_SIG_SIZE];
+    word32      siglen = (word32)sizeof(sig);
+    /* R and S max size is the order of curve. 2^192.*/
+    int         keySz = KEY24;
+    byte        r[KEY24];
+    byte        s[KEY24];
+    word32      rlen = (word32)sizeof(r);
+    word32      slen = (word32)sizeof(s);
 
     /* Init stack variables. */
     XMEMSET(sig, 0, ECC_MAX_SIG_SIZE);
     XMEMSET(r, 0, keySz);
     XMEMSET(s, 0, keySz);
 
-    ret = wc_ecc_rs_to_sig(R, S, sig, &siglen);
-    if (ret == 0) {
-        ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen);
-    #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
-        if (ret == ASN_PARSE_E) {
-            ret = 0;
-        }
-    #endif
-    }
+    ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, &siglen), 0);
+    ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, &slen), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_rs_to_sig(NULL, S, sig, &siglen);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_rs_to_sig(R, NULL, sig, &siglen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_rs_to_sig(R, S, sig, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_rs_to_sig(R, S, NULL, &siglen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen);
-        }
-        if (ret == MP_ZERO_E) {
-            ret = wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen);
-        }
-        if (ret == MP_ZERO_E) {
-            ret = wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_ecc_rs_to_sig(NULL, S, sig, &siglen), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_rs_to_sig(R, NULL, sig, &siglen), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_rs_to_sig(R, S, sig, NULL), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_rs_to_sig(R, S, NULL, &siglen), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_rs_to_sig(R, zeroStr, sig, &siglen), MP_ZERO_E);
+    ExpectIntEQ(wc_ecc_rs_to_sig(zeroStr, S, sig, &siglen), MP_ZERO_E);
+    ExpectIntEQ(wc_ecc_sig_to_rs(NULL, siglen, r, &rlen, s, &slen),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, NULL, &rlen, s, &slen),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, NULL, s, &slen),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, NULL, &slen),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sig_to_rs(sig, siglen, r, &rlen, s, NULL),
+        ECC_BAD_ARG_E);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_rs_to_sig */
 
 static int test_wc_ecc_import_raw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(NO_ECC256)
     ecc_key     key;
-    int         ret = 0;
     const char* qx =
-              "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
+        "bb33ac4c27504ac64aa504c33cde9f36db722dce94ea2bfacb2009392c16e861";
     const char* qy =
-              "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
+        "02e9af4dd302939a315b9792217ff0cf18da9111023486e82058330b803489d8";
     const char* d  =
-             "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
+        "45b66902739c6c85a1385b72e8e8c7acc4038d533504fa6c28dc348de1a8098c";
     const char* curveName = "SECP256R1";
 #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
     const char* kNullStr = "";
+    int ret;
 #endif
 
-    ret = wc_ecc_init(&key);
+    XMEMSET(&key, 0, sizeof(ecc_key));
+
+    ExpectIntEQ(wc_ecc_init(&key), 0);
 
     /* Test good import */
-    if (ret == 0) {
-        ret = wc_ecc_import_raw(&key, qx, qy, d, curveName);
-    }
+    ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, curveName), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_import_raw(NULL, qx, qy, d, curveName);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_raw(&key, NULL, qy, d, curveName);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_raw(&key, qx, NULL, d, curveName);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_raw(&key, qx, qy, d, NULL);
-        }
-    #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
-        if (ret == BAD_FUNC_ARG) {
-        #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
-            wc_ecc_free(&key);
-        #endif
-            ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr, curveName);
-            if (ret == ECC_INF_E)
-                ret = BAD_FUNC_ARG; /* This is expected by other tests */
-        }
+    ExpectIntEQ(wc_ecc_import_raw(NULL, qx, qy, d, curveName), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_raw(&key, NULL, qy, d, curveName), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_raw(&key, qx, NULL, d, curveName), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_raw(&key, qx, qy, d, NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+    #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+        wc_ecc_free(&key);
     #endif
-    #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-        if (ret == BAD_FUNC_ARG) {
-        #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
-            wc_ecc_free(&key);
-        #endif
-            ret = wc_ecc_import_raw(&key, "0", qy, d, curveName);
-            /* Note: SP math "is point" failure returns MP_VAL */
-            if (ret == ECC_INF_E || ret == MP_VAL) {
-                ret = BAD_FUNC_ARG; /* This is expected by other tests */
-            }
-        }
-        if (ret == BAD_FUNC_ARG) {
-        #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
-            wc_ecc_free(&key);
-        #endif
-            ret = wc_ecc_import_raw(&key, qx, "0", d, curveName);
-            /* Note: SP math "is point" failure returns MP_VAL */
-            if (ret == ECC_INF_E || ret == MP_VAL) {
-                ret = BAD_FUNC_ARG; /* This is expected by other tests */
-            }
-        }
+    ExpectIntLT(ret = wc_ecc_import_raw(&key, kNullStr, kNullStr, kNullStr,
+        curveName), 0);
+    ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
+#endif
+#if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+    #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+        wc_ecc_free(&key);
     #endif
-
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+    ExpectIntLT(ret = wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
+    ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
+#else
+    ExpectIntEQ(wc_ecc_import_raw(&key, "0", qy, d, curveName), 0);
+#endif
+    #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+        wc_ecc_free(&key);
+    #endif
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+    ExpectIntLT(ret = wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
+    ExpectTrue((ret == BAD_FUNC_ARG) || (ret == MP_VAL));
+#else
+    ExpectIntEQ(wc_ecc_import_raw(&key, qx, "0", d, curveName), 0);
+#endif
+    #if !defined(USE_FAST_MATH) && !defined(WOLFSSL_SP_MATH)
+        wc_ecc_free(&key);
+    #endif
+    ExpectIntEQ(wc_ecc_import_raw(&key, "0", "0", d, curveName), ECC_INF_E);
+#endif
 
     wc_ecc_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_import_raw */
 
 static int test_wc_ecc_import_unsigned(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
-    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
-    ecc_key     key;
-    const byte  qx[] = {
+    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+     HAVE_FIPS_VERSION >= 2))
+    ecc_key    key;
+    const byte qx[] = {
         0xbb, 0x33, 0xac, 0x4c, 0x27, 0x50, 0x4a, 0xc6,
         0x4a, 0xa5, 0x04, 0xc3, 0x3c, 0xde, 0x9f, 0x36,
         0xdb, 0x72, 0x2d, 0xce, 0x94, 0xea, 0x2b, 0xfa,
         0xcb, 0x20, 0x09, 0x39, 0x2c, 0x16, 0xe8, 0x61
     };
-    const byte  qy[] = {
+    const byte qy[] = {
         0x02, 0xe9, 0xaf, 0x4d, 0xd3, 0x02, 0x93, 0x9a,
         0x31, 0x5b, 0x97, 0x92, 0x21, 0x7f, 0xf0, 0xcf,
         0x18, 0xda, 0x91, 0x11, 0x02, 0x34, 0x86, 0xe8,
         0x20, 0x58, 0x33, 0x0b, 0x80, 0x34, 0x89, 0xd8
     };
-    const byte  d[] = {
+    const byte d[] = {
         0x45, 0xb6, 0x69, 0x02, 0x73, 0x9c, 0x6c, 0x85,
         0xa1, 0x38, 0x5b, 0x72, 0xe8, 0xe8, 0xc7, 0xac,
         0xc4, 0x03, 0x8d, 0x53, 0x35, 0x04, 0xfa, 0x6c,
@@ -27016,48 +24382,34 @@ static int test_wc_ecc_import_unsigned(void)
     };
 #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
     const byte nullBytes[32] = {0};
-#endif
-    int curveId = ECC_SECP256R1;
     int ret;
+#endif
+    int        curveId = ECC_SECP256R1;
 
-    ret = wc_ecc_init(&key);
+    XMEMSET(&key, 0, sizeof(ecc_key));
 
-    if (ret == 0) {
-        ret = wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
-            curveId);
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+
+    ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
+        curveId), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
-            curveId);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
-                curveId);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
-                curveId);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
-                ECC_CURVE_INVALID);
-        }
-    #ifdef WOLFSSL_VALIDATE_ECC_IMPORT
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
-                (byte*)nullBytes, (byte*)nullBytes, curveId);
-        }
-    #endif
-        if (ret == BAD_FUNC_ARG || ret == ECC_INF_E) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_ecc_import_unsigned(NULL, (byte*)qx, (byte*)qy, (byte*)d,
+        curveId), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_unsigned(&key, NULL, (byte*)qy, (byte*)d,
+        curveId), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, NULL, (byte*)d,
+        curveId), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_import_unsigned(&key, (byte*)qx, (byte*)qy, (byte*)d,
+        ECC_CURVE_INVALID), BAD_FUNC_ARG);
+#ifdef WOLFSSL_VALIDATE_ECC_IMPORT
+    ExpectIntLT(ret = wc_ecc_import_unsigned(&key, (byte*)nullBytes,
+        (byte*)nullBytes, (byte*)nullBytes, curveId), 0);
+    ExpectTrue((ret == ECC_INF_E) || (ret == BAD_FUNC_ARG));
+#endif
 
     wc_ecc_free(&key);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_import_unsigned */
 
 
@@ -27066,41 +24418,31 @@ static int test_wc_ecc_import_unsigned(void)
  */
 static int test_wc_ecc_sig_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG)
-    ecc_key     key;
-    WC_RNG      rng;
-    int         keySz = KEY16;
-    int         ret = 0;
+    ecc_key key;
+    WC_RNG  rng;
+    int     keySz = KEY16;
+    int     ret;
 
     XMEMSET(&rng, 0, sizeof(rng));
     XMEMSET(&key, 0, sizeof(key));
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
 
-    if (ret == 0) {
-        ret = wc_ecc_sig_size(&key);
-        if (ret <= (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ)) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-    wc_ecc_free(&key);
+    ExpectIntLE(wc_ecc_sig_size(&key),
+         (2 * keySz + SIG_HEADER_SZ + ECC_MAX_PAD_SZ));
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ecc_free(&key);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_sig_size */
 
 /*
@@ -27108,47 +24450,30 @@ static int test_wc_ecc_sig_size(void)
  */
 static int test_wc_ecc_ctx_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
-    WC_RNG      rng;
-    int         ret = 0;
-    ecEncCtx*   cli = NULL;
-    ecEncCtx*   srv = NULL;
+    WC_RNG    rng;
+    ecEncCtx* cli = NULL;
+    ecEncCtx* srv = NULL;
 
-    ret = wc_InitRng(&rng);
-
-    if (ret == 0) {
-        cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng);
-        srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng);
-    }
-    if (ret == 0 && (cli == NULL || srv == NULL)) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectNotNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+    ExpectNotNull(srv = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
     wc_ecc_ctx_free(cli);
+    cli = NULL;
     wc_ecc_ctx_free(srv);
 
     /* Test bad args. */
-    if (ret == 0) {
-        /* wc_ecc_ctx_new_ex() will free if returned NULL. */
-        cli = wc_ecc_ctx_new(0, &rng);
-        if (cli != NULL) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL);
-        if (cli != NULL) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    /* wc_ecc_ctx_new_ex() will free if returned NULL. */
+    ExpectNull(cli = wc_ecc_ctx_new(0, &rng));
+    ExpectNull(cli = wc_ecc_ctx_new(REQ_RESP_CLIENT, NULL));
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_ctx_free(cli);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_ctx_new */
 
 /*
@@ -27156,45 +24481,26 @@ static int test_wc_ecc_ctx_new(void)
  */
 static int test_wc_ecc_ctx_reset(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
-    ecEncCtx*   ctx = NULL;
-    WC_RNG      rng;
-    int         ret = 0;
+    ecEncCtx* ctx = NULL;
+    WC_RNG    rng;
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    XMEMSET(&rng, 0, sizeof(rng));
 
-    if (ret == 0) {
-        ret = wc_ecc_ctx_reset(ctx, &rng);
-    }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+
+    ExpectIntEQ(wc_ecc_ctx_reset(ctx, &rng), 0);
 
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_ctx_reset(NULL, &rng);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_ctx_reset(ctx, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_ctx_reset(NULL, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_ctx_reset(ctx, NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
     wc_ecc_ctx_free(ctx);
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_ctx_reset */
 
 /*
@@ -27202,65 +24508,36 @@ static int test_wc_ecc_ctx_reset(void)
  */
 static int test_wc_ecc_ctx_set_peer_salt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
-    WC_RNG          rng;
-    ecEncCtx*       cliCtx      = NULL;
-    ecEncCtx*       servCtx     = NULL;
-    const byte*     cliSalt     = NULL;
-    const byte*     servSalt    = NULL;
-    int         ret = 0;
-
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        if ( ( (cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL ) ||
-           ( (servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng)) == NULL) ) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    WC_RNG      rng;
+    ecEncCtx*   cliCtx      = NULL;
+    ecEncCtx*   servCtx     = NULL;
+    const byte* cliSalt     = NULL;
+    const byte* servSalt    = NULL;
+
+    XMEMSET(&rng, 0, sizeof(rng));
+
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectNotNull(cliCtx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+    ExpectNotNull(servCtx = wc_ecc_ctx_new(REQ_RESP_SERVER, &rng));
 
     /* Test bad args. */
-    if (ret == 0) {
-        cliSalt  = wc_ecc_ctx_get_own_salt(NULL);
-        if (cliSalt != NULL) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectNull(cliSalt = wc_ecc_ctx_get_own_salt(NULL));
 
-    if (ret == 0) {
-        cliSalt  = wc_ecc_ctx_get_own_salt(cliCtx);
-        servSalt = wc_ecc_ctx_get_own_salt(servCtx);
-        if (cliSalt == NULL || servSalt == NULL) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectNotNull(cliSalt = wc_ecc_ctx_get_own_salt(cliCtx));
+    ExpectNotNull(servSalt = wc_ecc_ctx_get_own_salt(servCtx));
 
-    if (ret == 0) {
-        ret = wc_ecc_ctx_set_peer_salt(cliCtx, servSalt);
-    }
+    ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, servSalt), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_ctx_set_peer_salt(NULL, servSalt);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_ctx_set_peer_salt(cliCtx, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_ctx_set_peer_salt(NULL, servSalt), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_ctx_set_peer_salt(cliCtx, NULL), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
     wc_ecc_ctx_free(cliCtx);
     wc_ecc_ctx_free(servCtx);
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 
 } /* END test_wc_ecc_ctx_set_peer_salt */
 
@@ -27269,48 +24546,31 @@ static int test_wc_ecc_ctx_set_peer_salt(void)
  */
 static int test_wc_ecc_ctx_set_info(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG)
     ecEncCtx*   ctx = NULL;
     WC_RNG      rng;
-    int         ret;
     const char* optInfo = "Optional Test Info.";
     int         optInfoSz = (int)XSTRLEN(optInfo);
     const char* badOptInfo = NULL;
 
-    ret = wc_InitRng(&rng);
-    if ( (ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng)) == NULL || ret != 0 ) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    XMEMSET(&rng, 0, sizeof(rng));
 
-    if (ret == 0) {
-        ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz);
-    }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectNotNull(ctx = wc_ecc_ctx_new(REQ_RESP_CLIENT, &rng));
+
+    ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, optInfoSz), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_ctx_set_info(NULL, (byte*)optInfo, optInfoSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)badOptInfo, optInfoSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_ctx_set_info(ctx, (byte*)optInfo, -1), BAD_FUNC_ARG);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
     wc_ecc_ctx_free(ctx);
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_ctx_set_info */
 
 /*
@@ -27318,10 +24578,12 @@ static int test_wc_ecc_ctx_set_info(void)
  */
 static int test_wc_ecc_encryptDecrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_ENCRYPT) && !defined(WC_NO_RNG) && \
     defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
-    ecc_key     srvKey, cliKey, tmpKey;
+    ecc_key     srvKey;
+    ecc_key     cliKey;
+    ecc_key     tmpKey;
     WC_RNG      rng;
     int         ret;
     const char* msg   = "EccBlock Size 16";
@@ -27332,7 +24594,8 @@ static int test_wc_ecc_encryptDecrypt(void)
     byte        out[KEY20 * 2 + 1 + AES_BLOCK_SIZE +
                     (sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
 #else
-    byte        out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) + WC_SHA256_DIGEST_SIZE];
+    byte        out[KEY20 * 2 + 1 + (sizeof("EccBlock Size 16") - 1) +
+                    WC_SHA256_DIGEST_SIZE];
 #endif
     word32      outSz = (word32)sizeof(out);
     byte        plain[sizeof("EccBlock Size 16")];
@@ -27343,130 +24606,78 @@ static int test_wc_ecc_encryptDecrypt(void)
     XMEMSET(out, 0, outSz);
     XMEMSET(plain, 0, plainSz);
     XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&srvKey, 0, sizeof(srvKey));
-    XMEMSET(&cliKey, 0, sizeof(cliKey));
+    XMEMSET(&srvKey, 0, sizeof(ecc_key));
+    XMEMSET(&cliKey, 0, sizeof(ecc_key));
+    XMEMSET(&tmpKey, 0, sizeof(ecc_key));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&cliKey);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &cliKey);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            ret = wc_ecc_init(&srvKey);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &srvKey);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            ret = wc_ecc_init(&tmpKey);
-        }
-    }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ecc_init(&cliKey), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &cliKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &cliKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    ExpectIntEQ(wc_ecc_init(&srvKey), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &srvKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &srvKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    ExpectIntEQ(wc_ecc_init(&tmpKey), 0);
 
 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
     !defined(HAVE_SELFTEST)
-    if (ret == 0) {
-        ret = wc_ecc_set_rng(&srvKey, &rng);
-    }
-    if (ret == 0) {
-        ret = wc_ecc_set_rng(&cliKey, &rng);
-    }
+    ExpectIntEQ(wc_ecc_set_rng(&srvKey, &rng), 0);
+    ExpectIntEQ(wc_ecc_set_rng(&cliKey, &rng), 0);
 #endif
 
-    if (ret == 0) {
-        ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
-                                                            &outSz, NULL);
-    }
-    if (ret == 0) {
-        ret = wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out,
-                                                            &outSz, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out,
-                                                            &outSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out,
-                                                            &outSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
-                                                            &outSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
-                                                            NULL, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out,
+        &outSz, NULL), 0);
+    /* Test bad args. */
+    ExpectIntEQ(wc_ecc_encrypt(NULL, &srvKey, (byte*)msg, msgSz, out, &outSz,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_encrypt(&cliKey, NULL, (byte*)msg, msgSz, out, &outSz,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, NULL, msgSz, out, &outSz,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, NULL,
+        &outSz, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_encrypt(&cliKey, &srvKey, (byte*)msg, msgSz, out, NULL,
+        NULL), BAD_FUNC_ARG);
 
 #ifdef WOLFSSL_ECIES_OLD
-    if (ret == 0) {
-        tmpKey.dp = cliKey.dp;
-        ret = wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey);
-    }
+    tmpKey.dp = cliKey.dp;
+    ExpectIntEQ(wc_ecc_copy_point(&cliKey.pubkey, &tmpKey.pubkey), 0);
 #endif
 
-    if (ret == 0) {
-        ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain,
-                                                        &plainSz, NULL);
-    }
-    if (ret == 0) {
-        ret = wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain,
-                                                        &plainSz, NULL);
-    #ifdef WOLFSSL_ECIES_OLD
-        /* NULL parameter allowed in new implementations - public key comes from
-         * the message. */
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain,
-                                                        &plainSz, NULL);
-        }
-    #endif
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain,
-                                                        &plainSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL,
-                                                        &plainSz, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz,
-                                                        plain, NULL, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, &plainSz,
+         NULL), 0);
+    ExpectIntEQ(wc_ecc_decrypt(NULL, &tmpKey, out, outSz, plain, &plainSz,
+         NULL), BAD_FUNC_ARG);
+#ifdef WOLFSSL_ECIES_OLD
+    /* NULL parameter allowed in new implementations - public key comes from
+     * the message. */
+    ExpectIntEQ(wc_ecc_decrypt(&srvKey, NULL, out, outSz, plain, &plainSz,
+        NULL), BAD_FUNC_ARG);
+#endif
+    ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, NULL, outSz, plain, &plainSz,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, NULL, &plainSz,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_decrypt(&srvKey, &tmpKey, out, outSz, plain, NULL, NULL),
+        BAD_FUNC_ARG);
 
-    if (XMEMCMP(msg, plain, msgSz) != 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    ExpectIntEQ(XMEMCMP(msg, plain, msgSz), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
     wc_ecc_free(&tmpKey);
-    wc_ecc_free(&cliKey);
     wc_ecc_free(&srvKey);
-
-    res = TEST_RES_CHECK(ret == 0);
+    wc_ecc_free(&cliKey);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_encryptDecrypt */
 
 /*
@@ -27474,17 +24685,14 @@ static int test_wc_ecc_encryptDecrypt(void)
  */
 static int test_wc_ecc_del_point(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC)
-    ecc_point*   pt;
+    ecc_point* pt = NULL;
 
-    pt = wc_ecc_new_point();
+    ExpectNotNull(pt = wc_ecc_new_point());
     wc_ecc_del_point(pt);
-
-    res = TEST_RES_CHECK(pt != NULL);
 #endif
-    return res;
-
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_del_point */
 
 /*
@@ -27494,179 +24702,88 @@ static int test_wc_ecc_del_point(void)
  */
 static int test_wc_ecc_pointFns(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && \
     !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
     !defined(WOLFSSL_ATECC608A)
-    ecc_key     key;
-    WC_RNG      rng;
-    int         ret;
-    ecc_point*  point = NULL;
-    ecc_point*  cpypt = NULL;
-    int         idx = 0;
-    int         keySz = KEY32;
-    byte        der[DER_SZ(KEY32)];
-    word32      derlenChk = 0;
-    word32      derSz = DER_SZ(KEY32);
+    ecc_key    key;
+    WC_RNG     rng;
+    int        ret;
+    ecc_point* point = NULL;
+    ecc_point* cpypt = NULL;
+    int        idx = 0;
+    int        keySz = KEY32;
+    byte       der[DER_SZ(KEY32)];
+    word32     derlenChk = 0;
+    word32     derSz = DER_SZ(KEY32);
 
     /* Init stack variables. */
     XMEMSET(der, 0, derSz);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
-
-    if (ret == 0) {
-        point = wc_ecc_new_point();
-        if (!point) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        cpypt = wc_ecc_new_point();
-        if (!cpypt) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectNotNull(point = wc_ecc_new_point());
+    ExpectNotNull(cpypt = wc_ecc_new_point());
 
     /* Export */
-    if (ret == 0) {
-        ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
-                                                       NULL, &derlenChk);
-        /* Check length value. */
-        if (derSz == derlenChk && ret == LENGTH_ONLY_E) {
-            ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
-                                                           der, &derSz);
-        }
-    }
+    ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, NULL,
+        &derlenChk), LENGTH_ONLY_E);
+    /* Check length value. */
+    ExpectIntEQ(derSz, derlenChk);
+    ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
+        &derSz), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_export_point_der((idx = key.idx), &key.pubkey,
-                                                                der, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_export_point_der(-2, &key.pubkey, der, &derSz),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), NULL, der, &derSz),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_export_point_der((idx = key.idx), &key.pubkey, der,
+        NULL), ECC_BAD_ARG_E);
 
     /* Import */
-    if (ret == 0) {
-        ret = wc_ecc_import_point_der(der, derSz, idx, point);
-        /* Condition double checks wc_ecc_cmp_point().  */
-        if (ret == 0 &&
-            XMEMCMP((void *)&key.pubkey, (void *)point, sizeof(key.pubkey))) {
-            ret = wc_ecc_cmp_point(&key.pubkey, point);
-        }
-    }
+    ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, point), 0);
+    ExpectIntEQ(wc_ecc_cmp_point(&key.pubkey, point), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_import_point_der(NULL, derSz, idx, point);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_import_point_der(der, derSz, idx, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_import_point_der(der, derSz, -1, point);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_import_point_der(der, derSz + 1, idx, point);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ( wc_ecc_import_point_der(NULL, derSz, idx, point),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_import_point_der(der, derSz, idx, NULL), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_import_point_der(der, derSz, -1, point), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_import_point_der(der, derSz + 1, idx, point),
+        ECC_BAD_ARG_E);
 
     /* Copy */
-    if (ret == 0) {
-        ret = wc_ecc_copy_point(point, cpypt);
-    }
+    ExpectIntEQ(wc_ecc_copy_point(point, cpypt), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_copy_point(NULL, cpypt);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_copy_point(point, NULL);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_copy_point(NULL, cpypt), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_copy_point(point, NULL), ECC_BAD_ARG_E);
 
     /* Compare point */
-    if (ret == 0) {
-        ret = wc_ecc_cmp_point(point, cpypt);
-    }
+    ExpectIntEQ(wc_ecc_cmp_point(point, cpypt), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_cmp_point(NULL, cpypt);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_cmp_point(point, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_cmp_point(NULL, cpypt), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_cmp_point(point, NULL), BAD_FUNC_ARG);
 
     /* At infinity if return == 1, otherwise return == 0. */
-    if (ret == 0) {
-        ret = wc_ecc_point_is_at_infinity(point);
-    }
+    ExpectIntEQ(wc_ecc_point_is_at_infinity(point), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_point_is_at_infinity(NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_point_is_at_infinity(NULL), BAD_FUNC_ARG);
 
 #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
 #ifdef USE_ECC_B_PARAM
     /* On curve if ret == 0 */
-    if (ret == 0) {
-        ret = wc_ecc_point_is_on_curve(point, idx);
-    }
+    ExpectIntEQ(wc_ecc_point_is_on_curve(point, idx), 0);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_point_is_on_curve(NULL, idx);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_point_is_on_curve(point, 1000);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_point_is_on_curve(NULL, idx), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_point_is_on_curve(point, 1000), ECC_BAD_ARG_E);
 #endif /* USE_ECC_B_PARAM */
 #endif /* !HAVE_SELFTEST && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
 
@@ -27674,13 +24791,9 @@ static int test_wc_ecc_pointFns(void)
     wc_ecc_del_point(point);
     wc_ecc_del_point(cpypt);
     wc_ecc_free(&key);
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_pointFns */
 
 
@@ -27689,101 +24802,73 @@ static int test_wc_ecc_pointFns(void)
  */
 static int test_wc_ecc_shared_secret_ssh(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_DHE) && \
     !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
     !defined(WOLFSSL_ATECC608A)
-    ecc_key     key, key2;
-    WC_RNG      rng;
-    int         ret;
-    int         keySz = KEY32;
-    int         key2Sz = KEY24;
-    byte        secret[KEY32];
-    word32      secretLen = keySz;
+    ecc_key key;
+    ecc_key key2;
+    WC_RNG  rng;
+    int     ret;
+    int     keySz = KEY32;
+    int     key2Sz = KEY24;
+    byte    secret[KEY32];
+    word32  secretLen = keySz;
 
     /* Init stack variables. */
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&key2, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
     XMEMSET(secret, 0, secretLen);
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
-    XMEMSET(&key2, 0, sizeof(key2));
+
     /* Make keys */
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (wc_FreeRng(&rng) && ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-        if (ret == 0) {
-            ret = wc_ecc_init(&key2);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, key2Sz, &key2);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+    ExpectIntEQ(wc_ecc_init(&key2), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, key2Sz, &key2);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key2.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
     !defined(HAVE_SELFTEST)
-    if (ret == 0) {
-        ret = wc_ecc_set_rng(&key, &rng);
-    }
+    ExpectIntEQ(wc_ecc_set_rng(&key, &rng), 0);
 #endif
 
-    if (ret == 0) {
-        ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
-    }
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
+        &secretLen), 0);
     /* Pass in bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret, &secretLen);
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL);
-        }
-        if (ret == BAD_FUNC_ARG) {
-            key.type = ECC_PUBLICKEY;
-            ret = wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, &secretLen);
-            if (ret == ECC_BAD_ARG_E) {
-                ret = 0;
-            }
-            else if (ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(NULL, &key2.pubkey, secret,
+        &secretLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, NULL, secret, &secretLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, NULL, &secretLen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret, NULL),
+        BAD_FUNC_ARG);
+    key.type = ECC_PUBLICKEY;
+    ExpectIntEQ(wc_ecc_shared_secret_ssh(&key, &key2.pubkey, secret,
+        &secretLen), ECC_BAD_ARG_E);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
     wc_ecc_free(&key2);
 
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_shared_secret_ssh */
 
 /*
@@ -27791,142 +24876,93 @@ static int test_wc_ecc_shared_secret_ssh(void)
  */
 static int test_wc_ecc_verify_hash_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_SIGN) && defined(WOLFSSL_PUBLIC_MP) \
     && !defined(WC_NO_RNG) && !defined(WOLFSSL_ATECC508A) && \
        !defined(WOLFSSL_ATECC608A) && !defined(WOLFSSL_KCAPI_ECC)
-    ecc_key         key;
-    WC_RNG          rng;
-    int             ret;
-    mp_int          r;
-    mp_int          s;
-    mp_int          z;
-    unsigned char   hash[] = "Everyone gets Friday off.EccSig";
-    unsigned char   iHash[] = "Everyone gets Friday off.......";
-    unsigned char   shortHash[] = TEST_STRING;
-    word32          hashlen = sizeof(hash);
-    word32          iHashLen = sizeof(iHash);
-    word32          shortHashLen = sizeof(shortHash);
-    int             keySz = KEY32;
-    int             sig = WOLFSSL_FATAL_ERROR;
-    int             ver = WOLFSSL_FATAL_ERROR;
-    int             verify_ok = 0;
-
-    /* Initialize r and s. */
-    ret = mp_init_multi(&r, &s, &z, NULL, NULL, NULL);
-    if (ret != MP_OKAY) {
-        return MP_INIT_E;
-    }
-
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, keySz, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
-    if (ret == 0) {
-        ret = wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s);
-        if (ret == 0) {
-            /* verify_ok should be 1. */
-            ret = wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key);
-            if (verify_ok != 1 && ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* verify_ok should be 0 */
-            ret = wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen,
-                                                    &verify_ok, &key);
-            if (verify_ok != 0 && ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-        if (ret == 0) {
-            /* verify_ok should be 0. */
-            ret = wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
-                                                            &verify_ok, &key);
-            if (verify_ok != 0 && ret == 0) {
-                ret = WOLFSSL_FATAL_ERROR;
-            }
-        }
-    }
+    ecc_key       key;
+    WC_RNG        rng;
+    int           ret;
+    mp_int        r;
+    mp_int        s;
+    mp_int        z;
+    unsigned char hash[] = "Everyone gets Friday off.EccSig";
+    unsigned char iHash[] = "Everyone gets Friday off.......";
+    unsigned char shortHash[] = TEST_STRING;
+    word32        hashlen = sizeof(hash);
+    word32        iHashLen = sizeof(iHash);
+    word32        shortHashLen = sizeof(shortHash);
+    int           keySz = KEY32;
+    int           verify_ok = 0;
+
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    XMEMSET(&r, 0, sizeof(mp_int));
+    XMEMSET(&s, 0, sizeof(mp_int));
+    XMEMSET(&z, 0, sizeof(mp_int));
+
+    /* Initialize r, s and z. */
+    ExpectIntEQ(mp_init_multi(&r, &s, &z, NULL, NULL, NULL), MP_OKAY);
+
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, keySz, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, &s), 0);
+    /* verify_ok should be 1. */
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, hash, hashlen, &verify_ok, &key),
+        0);
+    ExpectIntEQ(verify_ok, 1);
+
+    /* verify_ok should be 0 */
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, iHash, iHashLen, &verify_ok,
+        &key), 0);
+    ExpectIntEQ(verify_ok, 0);
+
+    /* verify_ok should be 0. */
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
+        &verify_ok, &key), 0);
+    ExpectIntEQ(verify_ok, 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        if (wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s)
-                                                == ECC_BAD_ARG_E) {
-            sig = 0;
-        }
-        if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s)
-                                                            != ECC_BAD_ARG_E) {
-            sig = WOLFSSL_FATAL_ERROR;
-        }
-        if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s)
-                                                            != ECC_BAD_ARG_E) {
-            sig = WOLFSSL_FATAL_ERROR;
-        }
-        if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s)
-                                                            != ECC_BAD_ARG_E) {
-            sig = WOLFSSL_FATAL_ERROR;
-        }
-        if (sig == 0 && wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL)
-                                                            != ECC_BAD_ARG_E) {
-            sig = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_sign_hash_ex(NULL, hashlen, &rng, &key, &r, &s),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, NULL, &key, &r, &s),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, NULL, &r, &s),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, NULL, &s),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_sign_hash_ex(hash, hashlen, &rng, &key, &r, NULL),
+        ECC_BAD_ARG_E);
     /* Test bad args. */
-    if (ret == 0) {
-        if (wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen, &verify_ok, &key)
-                                                            == ECC_BAD_ARG_E) {
-            ver = 0;
-        }
-        if (ver == 0 && wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
-                                                &verify_ok, &key) != ECC_BAD_ARG_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen, &verify_ok, &key)
-                                                            != MP_ZERO_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen, &verify_ok, &key)
-                                                            != MP_ZERO_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen, &verify_ok, &key)
-                                                            != MP_ZERO_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
-                                                       &key) != ECC_BAD_ARG_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
-                                                NULL, &key) != ECC_BAD_ARG_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-        if (ver == 0 && wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
-                                                &verify_ok, NULL) != ECC_BAD_ARG_E) {
-            ver = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_verify_hash_ex(NULL, &s, shortHash, shortHashLen,
+        &verify_ok, &key), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, NULL, shortHash, shortHashLen,
+        &verify_ok, &key), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &s, shortHash, shortHashLen,
+        &verify_ok, &key), MP_ZERO_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &z, shortHash, shortHashLen,
+        &verify_ok, &key), MP_ZERO_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&z, &z, shortHash, shortHashLen,
+        &verify_ok, &key), MP_ZERO_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, NULL, shortHashLen, &verify_ok,
+        &key), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen, NULL,
+        &key), ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_verify_hash_ex(&r, &s, shortHash, shortHashLen,
+        &verify_ok, NULL), ECC_BAD_ARG_E);
 
     wc_ecc_free(&key);
     mp_free(&r);
     mp_free(&s);
-    if (wc_FreeRng(&rng)) {
-        return WOLFSSL_FATAL_ERROR;
-    }
-    if (ret == 0 && (sig != 0 || ver != 0)) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_verify_hash_ex */
 
 /*
@@ -27935,73 +24971,53 @@ static int test_wc_ecc_verify_hash_ex(void)
 
 static int test_wc_ecc_mulmod(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
     !(defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
       defined(WOLFSSL_VALIDATE_ECC_IMPORT))
-    ecc_key     key1, key2, key3;
+    ecc_key     key1;
+    ecc_key     key2;
+    ecc_key     key3;
     WC_RNG      rng;
-    int         ret = 0;
+    int         ret;
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key1);
-        if (ret == 0) {
-            ret = wc_ecc_init(&key2);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_init(&key3);
-        }
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY32, &key1);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        wc_FreeRng(&rng);
-    }
-    if (ret == 0) {
-        ret = wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy, key1.dp->Af,
-                                                                 ECC_SECP256R1);
-        if (ret == 0) {
-            ret = wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
-                                        key1.dp->prime, ECC_SECP256R1);
-        }
-    }
+    XMEMSET(&key1, 0, sizeof(ecc_key));
+    XMEMSET(&key2, 0, sizeof(ecc_key));
+    XMEMSET(&key3, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
-                            &key3.pubkey, wc_ecc_key_get_priv(&key2),
-                            wc_ecc_key_get_priv(&key3), 1);
-    }
+    ExpectIntEQ(wc_ecc_init(&key1), 0);
+    ExpectIntEQ(wc_ecc_init(&key2), 0);
+    ExpectIntEQ(wc_ecc_init(&key3), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, KEY32, &key1);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key1.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+    ExpectIntEQ(wc_ecc_import_raw_ex(&key2, key1.dp->Gx, key1.dp->Gy,
+        key1.dp->Af, ECC_SECP256R1), 0);
+    ExpectIntEQ(wc_ecc_import_raw_ex(&key3, key1.dp->Gx, key1.dp->Gy,
+        key1.dp->prime, ECC_SECP256R1), 0);
+
+    ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
+        &key3.pubkey, wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3),
+        1), 0);
 
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
-                            wc_ecc_key_get_priv(&key2),
-                            wc_ecc_key_get_priv(&key3), 1);
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
-                                wc_ecc_key_get_priv(&key2),
-                                wc_ecc_key_get_priv(&key3), 1);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
-                                wc_ecc_key_get_priv(&key2),
-                                wc_ecc_key_get_priv(&key3), 1);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
-                                &key3.pubkey, wc_ecc_key_get_priv(&key2), NULL,
-                                1);
-        }
-        if (ret == ECC_BAD_ARG_E) {
-            ret = 0;
-        }
-        else if (ret == 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(ret = wc_ecc_mulmod(NULL, &key2.pubkey, &key3.pubkey,
+        wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), NULL, &key3.pubkey,
+        wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey, NULL,
+        wc_ecc_key_get_priv(&key2), wc_ecc_key_get_priv(&key3), 1),
+        ECC_BAD_ARG_E);
+    ExpectIntEQ(wc_ecc_mulmod(wc_ecc_key_get_priv(&key1), &key2.pubkey,
+        &key3.pubkey, wc_ecc_key_get_priv(&key2), NULL, 1), ECC_BAD_ARG_E);
 
     wc_ecc_free(&key1);
     wc_ecc_free(&key2);
@@ -28010,10 +25026,8 @@ static int test_wc_ecc_mulmod(void)
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif /* HAVE_ECC && !WOLFSSL_ATECC508A */
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_mulmod */
 
 /*
@@ -28021,300 +25035,830 @@ static int test_wc_ecc_mulmod(void)
  */
 static int test_wc_ecc_is_valid_idx(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG)
-    ecc_key     key;
-    WC_RNG      rng;
-    int         ret;
-    int         iVal = -2;
-    int         iVal2 = 3000;
+    ecc_key key;
+    WC_RNG  rng;
+    int     ret;
+    int     iVal = -2;
+    int     iVal2 = 3000;
 
-    XMEMSET(&rng, 0, sizeof(rng));
-    XMEMSET(&key, 0, sizeof(key));
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, 32, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-    }
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, 32, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
 
-    if (ret == 0) {
-        ret = wc_ecc_is_valid_idx(key.idx);
-        if (ret == 1) {
-            ret = 0;
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_is_valid_idx(key.idx), 1);
     /* Test bad args. */
-    if (ret == 0) {
-        ret = wc_ecc_is_valid_idx(iVal); /* should return 0 */
-        if (ret == 0) {
-            ret = wc_ecc_is_valid_idx(iVal2);
-        }
-        if (ret != 0) {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-    }
+    ExpectIntEQ(wc_ecc_is_valid_idx(iVal), 0);
+    ExpectIntEQ(wc_ecc_is_valid_idx(iVal2), 0);
 
-    if (wc_FreeRng(&rng) && ret == 0) {
-        ret = WOLFSSL_FATAL_ERROR;
-    }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
+
 #ifdef FP_ECC
     wc_ecc_fp_free();
 #endif
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-
-
+    return EXPECT_RESULT();
 } /* END test_wc_ecc_is_valid_idx */
+
 /*
  * Testing wc_ecc_get_curve_id_from_oid()
  */
 static int test_wc_ecc_get_curve_id_from_oid(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(HAVE_SELFTEST) && \
     !defined(HAVE_FIPS)
     const byte oid[] = {0x2A,0x86,0x48,0xCE,0x3D,0x03,0x01,0x07};
     word32 len = sizeof(oid);
-    int ret;
 
     /* Bad Cases */
-    ret = wc_ecc_get_curve_id_from_oid(NULL, len);
-    if (ret == BAD_FUNC_ARG) {
-        ret = 0;
-    }
-    if (ret == 0) {
-        ret = wc_ecc_get_curve_id_from_oid(oid, 0);
-        if (ret == ECC_CURVE_INVALID) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_ecc_get_curve_id_from_oid(NULL, len), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, 0), ECC_CURVE_INVALID);
     /* Good Case */
-    if (ret == 0) {
-        ret = wc_ecc_get_curve_id_from_oid(oid, len);
-        if (ret == ECC_SECP256R1) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_oid(oid, len), ECC_SECP256R1);
 #endif
-    return res;
-}/* END test_wc_ecc_get_curve_id_from_oid */
+    return EXPECT_RESULT();
+} /* END test_wc_ecc_get_curve_id_from_oid */
+
 /*
  * Testing wc_ecc_sig_size_calc()
  */
 static int test_wc_ecc_sig_size_calc(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST)
-    ecc_key     key;
-    WC_RNG      rng;
-    int         sz = 0;
-    int         ret = 0;
+    ecc_key key;
+    WC_RNG  rng;
+    int     sz = 0;
+    int     ret;
 
-    ret = wc_InitRng(&rng);
-    if (ret == 0) {
-        ret = wc_ecc_init(&key);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, 16, &key);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        sz = key.dp->size;
-    }
-    if (ret == 0) {
-        ret = wc_ecc_sig_size_calc(sz);
-        if (ret > 0) {
-            ret = 0;
-        }
-    }
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ret = wc_ecc_make_key(&rng, 16, &key);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &key.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+    sz = key.dp->size;
+    ExpectIntGT(wc_ecc_sig_size_calc(sz), 0);
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
     wc_ecc_free(&key);
-    wc_FreeRng(&rng);
+#endif
+    return EXPECT_RESULT();
+} /* END test_wc_ecc_sig_size_calc */
 
-    res = TEST_RES_CHECK(ret == 0);
+/*
+ * Testing wc_ecc_sm2_make_key()
+ */
+static int test_wc_ecc_sm2_make_key(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
+    EXPECT_DECLS;
+    WC_RNG  rng[1];
+    ecc_key key[1];
+
+    XMEMSET(rng, 0, sizeof(*rng));
+    XMEMSET(key, 0, sizeof(*key));
+
+    ExpectIntEQ(wc_InitRng(rng), 0);
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_make_key(NULL, NULL, WC_ECC_FLAG_NONE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, NULL, WC_ECC_FLAG_NONE),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_make_key(NULL, key, WC_ECC_FLAG_NONE),
+        BAD_FUNC_ARG);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+    ExpectIntEQ(key->dp->id, ECC_SM2P256V1);
+
+    wc_ecc_free(key);
+    wc_FreeRng(rng);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
 #endif
     return res;
-} /* END test_wc_ecc_sig_size_calc */
+}
+
+/*
+ * Testing wc_ecc_sm2_shared_secret()
+ */
+static int test_wc_ecc_sm2_shared_secret(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2)
+    EXPECT_DECLS;
+    WC_RNG  rng[1];
+    ecc_key keyA[1];
+    ecc_key keyB[1];
+    byte outA[32];
+    byte outB[32];
+    word32 outALen = 32;
+    word32 outBLen = 32;
+
+    XMEMSET(rng, 0, sizeof(*rng));
+    XMEMSET(keyA, 0, sizeof(*keyA));
+    XMEMSET(keyB, 0, sizeof(*keyB));
+
+    ExpectIntEQ(wc_InitRng(rng), 0);
+    ExpectIntEQ(wc_ecc_init(keyA), 0);
+    ExpectIntEQ(wc_ecc_init(keyB), 0);
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyA, WC_ECC_FLAG_NONE), 0);
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, keyB, WC_ECC_FLAG_NONE), 0);
+
+#ifdef ECC_TIMING_RESISTANT
+    ExpectIntEQ(wc_ecc_set_rng(keyA, rng), 0);
+    ExpectIntEQ(wc_ecc_set_rng(keyB, rng), 0);
+#endif
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, outA, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, NULL, NULL, &outALen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(NULL, keyB, outA, &outALen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, NULL, outA, &outALen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, NULL, &outALen),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, NULL), BAD_FUNC_ARG);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyA, keyB, outA, &outALen), 0);
+    ExpectIntLE(outALen, 32);
+    ExpectIntEQ(wc_ecc_sm2_shared_secret(keyB, keyA, outB, &outBLen), 0);
+    ExpectIntLE(outBLen, 32);
+    ExpectIntEQ(outALen, outBLen);
+    ExpectBufEQ(outA, outB, outALen);
+
+    wc_ecc_free(keyB);
+    wc_ecc_free(keyA);
+    wc_FreeRng(rng);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_create_digest()
+ */
+static int test_wc_ecc_sm2_create_digest(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && !defined(NO_HASH_WRAPPER) && \
+    (defined(WOLFSSL_SM3) || !defined(NO_SHA256))
+    EXPECT_DECLS;
+    ecc_key key[1];
+    enum wc_HashType hashType;
+    unsigned char pub[] = {
+        0x04,
+        0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+        0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+        0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+        0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+        0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+        0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+        0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+        0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+    };
+    unsigned char id[] = {
+        0x01, 0x02, 0x03,
+    };
+    unsigned char msg[] = {
+        0x01, 0x02, 0x03,
+    };
+    unsigned char hash[32];
+#ifdef WOLFSSL_SM3
+    unsigned char expHash[32] = {
+        0xc1, 0xdd, 0x92, 0xc5, 0x60, 0xd3, 0x94, 0x28,
+        0xeb, 0x0f, 0x57, 0x79, 0x3f, 0xc9, 0x96, 0xc5,
+        0xfa, 0xf5, 0x90, 0xb2, 0x64, 0x2f, 0xaf, 0x9c,
+        0xc8, 0x57, 0x21, 0x6a, 0x52, 0x7e, 0xf1, 0x95
+    };
+#else
+    unsigned char expHash[32] = {
+        0xea, 0x41, 0x55, 0x21, 0x61, 0x00, 0x5c, 0x9a,
+        0x57, 0x35, 0x6b, 0x49, 0xca, 0x8f, 0x65, 0xc2,
+        0x0e, 0x29, 0x0c, 0xa0, 0x1d, 0xa7, 0xc4, 0xed,
+        0xdd, 0x51, 0x12, 0xf6, 0xe7, 0x55, 0xc5, 0xf4
+    };
+#endif
+
+#ifdef WOLFSSL_SM3
+    hashType = WC_HASH_TYPE_SM3;
+#else
+    hashType = WC_HASH_TYPE_SHA256;
+#endif
+
+    XMEMSET(key, 0, sizeof(*key));
+
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test with no curve set. */
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+        hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
+        hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
+        hashType, NULL, sizeof(hash), NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+        hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), NULL, sizeof(msg),
+        hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(NULL, sizeof(id), msg, sizeof(msg),
+        hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), NULL, sizeof(msg),
+        hashType, hash, sizeof(hash), key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        hashType, NULL, sizeof(hash), key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        hashType, hash, sizeof(hash), NULL), BAD_FUNC_ARG);
+
+    /* Bad hash type. */
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        -1, hash, 0, key), BAD_FUNC_ARG);
+    /* Bad hash size. */
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        hashType, hash, 0, key), BUFFER_E);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_create_digest(id, sizeof(id), msg, sizeof(msg),
+        hashType, hash, sizeof(hash), key), 0);
+    ExpectBufEQ(hash, expHash, sizeof(expHash));
+
+    wc_ecc_free(key);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+/*
+ * Testing wc_ecc_sm2_verify_hash_ex()
+ */
+static int test_wc_ecc_sm2_verify_hash_ex(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY) && \
+    defined(WOLFSSL_PUBLIC_MP)
+    EXPECT_DECLS;
+    ecc_key key[1];
+    mp_int r[1];
+    mp_int s[1];
+    int verified;
+    unsigned char pub[] = {
+        0x04,
+        0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+        0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+        0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+        0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+        0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+        0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+        0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+        0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+    };
+    unsigned char hash[] = {
+        0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
+        0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
+        0x50, 0x69, 0x5B, 0x20
+    };
+    unsigned char rData[] = {
+        0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
+        0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
+        0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
+        0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE7,
+    };
+    unsigned char sData[] = {
+        0x1D,
+        0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+        0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+        0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+        0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
+    };
+    unsigned char rBadData[] = {
+        0xD2, 0xFC, 0xA3, 0x88, 0xE3, 0xDF, 0xA3, 0x00,
+        0x73, 0x9B, 0x3C, 0x2A, 0x0D, 0xAD, 0x44, 0xA2,
+        0xFC, 0x62, 0xD5, 0x6B, 0x84, 0x54, 0xD8, 0x40,
+        0x22, 0x62, 0x3D, 0x5C, 0xA6, 0x61, 0x9B, 0xE8,
+    };
+
+    XMEMSET(key, 0, sizeof(*key));
+    XMEMSET(r, 0, sizeof(*r));
+    XMEMSET(s, 0, sizeof(*s));
+
+    ExpectIntEQ(mp_init(r), 0);
+    ExpectIntEQ(mp_init(s), 0);
+    ExpectIntEQ(mp_read_unsigned_bin(r, rData, sizeof(rData)), 0);
+    ExpectIntEQ(mp_read_unsigned_bin(s, sData, sizeof(sData)), 0);
+
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test with no curve set. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, NULL, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, NULL, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, hash, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+        &verified, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, NULL, NULL, sizeof(hash),
+        NULL, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(NULL, s, hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, NULL, hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, NULL, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        NULL, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        &verified, NULL), BAD_FUNC_ARG);
+
+    /* Make key not on the SM2 curve. */
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        &verified, key), 0);
+    ExpectIntEQ(verified, 1);
+
+    ExpectIntEQ(mp_read_unsigned_bin(r, rBadData, sizeof(rBadData)), 0);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash),
+        &verified, key), 0);
+    ExpectIntEQ(verified, 0);
+
+    mp_free(s);
+    mp_free(r);
+    wc_ecc_free(key);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_verify_hash()
+ */
+static int test_wc_ecc_sm2_verify_hash(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_VERIFY)
+    EXPECT_DECLS;
+    ecc_key key[1];
+    int verified;
+    unsigned char pub[] = {
+        0x04,
+        0x63, 0x7F, 0x1B, 0x13, 0x50, 0x36, 0xC9, 0x33,
+        0xDC, 0x3F, 0x7A, 0x8E, 0xBB, 0x1B, 0x7B, 0x2F,
+        0xD1, 0xDF, 0xBD, 0x26, 0x8D, 0x4F, 0x89, 0x4B,
+        0x5A, 0xD4, 0x7D, 0xBD, 0xBE, 0xCD, 0x55, 0x8F,
+        0xE8, 0x81, 0x01, 0xD0, 0x80, 0x48, 0xE3, 0x6C,
+        0xCB, 0xF6, 0x1C, 0xA3, 0x8D, 0xDF, 0x7A, 0xBA,
+        0x54, 0x2B, 0x44, 0x86, 0xE9, 0x9E, 0x49, 0xF3,
+        0xA7, 0x47, 0x0A, 0x85, 0x7A, 0x09, 0x64, 0x33
+    };
+    unsigned char hash[] = {
+        0x3B, 0xFA, 0x5F, 0xFB, 0xC4, 0x27, 0x8C, 0x9D,
+        0x02, 0x3A, 0x19, 0xCB, 0x1E, 0xAA, 0xD2, 0xF1,
+        0x50, 0x69, 0x5B, 0x20
+    };
+    unsigned char sig[] = {
+        0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
+        0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
+        0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
+        0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
+        0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
+        0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+        0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+        0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+        0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDC
+    };
+    unsigned char sigBad[] = {
+        0x30, 0x45, 0x02, 0x21, 0x00, 0xD2, 0xFC, 0xA3,
+        0x88, 0xE3, 0xDF, 0xA3, 0x00, 0x73, 0x9B, 0x3C,
+        0x2A, 0x0D, 0xAD, 0x44, 0xA2, 0xFC, 0x62, 0xD5,
+        0x6B, 0x84, 0x54, 0xD8, 0x40, 0x22, 0x62, 0x3D,
+        0x5C, 0xA6, 0x61, 0x9B, 0xE7, 0x02, 0x20, 0x1D,
+        0xB5, 0xB5, 0xD9, 0xD8, 0xF1, 0x20, 0xDD, 0x97,
+        0x92, 0xBF, 0x7E, 0x9B, 0x3F, 0xE6, 0x3C, 0x4B,
+        0x03, 0xD8, 0x80, 0xBD, 0xB7, 0x27, 0x7E, 0x6A,
+        0x84, 0x23, 0xDE, 0x61, 0x7C, 0x8D, 0xDD
+    };
+
+
+    XMEMSET(key, 0, sizeof(*key));
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test with no curve set. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ecc_import_x963_ex(pub, sizeof(pub), key, ECC_SM2P256V1), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
+        NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+        &verified, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), NULL, sizeof(hash),
+        NULL, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(NULL, sizeof(sig), hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), NULL, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+        NULL, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+        &verified, NULL), BAD_FUNC_ARG);
+
+    /* Make key not on the SM2 curve. */
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+        &verified, key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash),
+        &verified, key), 0);
+    ExpectIntEQ(verified, 1);
+
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sigBad, sizeof(sigBad), hash,
+        sizeof(hash), &verified, key), 0);
+    ExpectIntEQ(verified, 0);
+
+    wc_ecc_free(key);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+/*
+ * Testing wc_ecc_sm2_verify_hash_ex()
+ */
+static int test_wc_ecc_sm2_sign_hash_ex(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN) && \
+    defined(WOLFSSL_PUBLIC_MP)
+    EXPECT_DECLS;
+    WC_RNG  rng[1];
+    ecc_key key[1];
+    mp_int r[1];
+    mp_int s[1];
+    unsigned char hash[32];
+#ifdef HAVE_ECC_VERIFY
+    int verified;
+#endif
+
+    XMEMSET(rng, 0, sizeof(*rng));
+    XMEMSET(key, 0, sizeof(*key));
+    XMEMSET(r, 0, sizeof(*r));
+    XMEMSET(s, 0, sizeof(*s));
+
+    ExpectIntEQ(wc_InitRng(rng), 0);
+    ExpectIntEQ(mp_init(r), 0);
+    ExpectIntEQ(mp_init(s), 0);
+    ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
+
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test with no curve set. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+        BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, key, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, r,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), NULL, NULL, NULL,
+        s), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(NULL, sizeof(hash), rng, key, r, s),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), NULL, key, r, s),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, NULL, r, s),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, NULL, s),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, NULL),
+        BAD_FUNC_ARG);
+
+    /* Make key not on the SM2 curve. */
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+#ifdef WOLFSSL_SP_MATH_ALL
+    {
+        mp_int smallR[1];
+        sp_init_size(smallR, 1);
+        /* Force failure in _ecc_sm2_calc_r_s by r being too small. */
+        ExpectIntLT(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key,
+            smallR, s), 0);
+    }
+#endif
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash_ex(hash, sizeof(hash), rng, key, r, s),
+        0);
+#ifdef HAVE_ECC_VERIFY
+    ExpectIntEQ(wc_ecc_sm2_verify_hash_ex(r, s, hash, sizeof(hash), &verified,
+        key), 0);
+    ExpectIntEQ(verified, 1);
+#endif
+
+    mp_free(s);
+    mp_free(r);
+    wc_ecc_free(key);
+    wc_FreeRng(rng);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+
+/*
+ * Testing wc_ecc_sm2_verify_hash()
+ */
+static int test_wc_ecc_sm2_sign_hash(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(HAVE_ECC) && defined(WOLFSSL_SM2) && defined(HAVE_ECC_SIGN)
+    EXPECT_DECLS;
+    WC_RNG  rng[1];
+    ecc_key key[1];
+    unsigned char hash[32];
+    unsigned char sig[72];
+    word32 sigSz = sizeof(sig);
+#ifdef HAVE_ECC_VERIFY
+    int verified;
+#endif
+
+    XMEMSET(rng, 0, sizeof(*rng));
+    XMEMSET(key, 0, sizeof(*key));
+
+    ExpectIntEQ(wc_InitRng(rng), 0);
+    ExpectIntEQ(wc_RNG_GenerateBlock(rng, hash, sizeof(hash)), 0);
+
+    ExpectIntEQ(wc_ecc_init(key), 0);
+
+    /* Test with no curve set. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+        BAD_FUNC_ARG);
+
+    ExpectIntEQ(wc_ecc_sm2_make_key(rng, key, WC_ECC_FLAG_NONE), 0);
+
+    /* Test invalid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, NULL, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, &sigSz, NULL,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, rng,
+        NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), NULL, NULL, NULL,
+        key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(NULL, sizeof(hash), sig, &sigSz, rng,
+        key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), NULL, &sigSz, rng,
+        key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, NULL, rng,
+        key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, NULL,
+        key), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng,
+        NULL), BAD_FUNC_ARG);
+
+    /* Make key not on the SM2 curve. */
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SECP256R1), 0);
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_set_curve(key, 32, ECC_SM2P256V1), 0);
+
+    /* Test valid parameters. */
+    ExpectIntEQ(wc_ecc_sm2_sign_hash(hash, sizeof(hash), sig, &sigSz, rng, key),
+        0);
+#ifdef HAVE_ECC_VERIFY
+    ExpectIntEQ(wc_ecc_sm2_verify_hash(sig, sigSz, hash, sizeof(hash),
+        &verified, key), 0);
+    ExpectIntEQ(verified, 1);
+#endif
+
+    wc_ecc_free(key);
+    wc_FreeRng(rng);
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+
 /*
  * Testing ToTraditional
  */
 static int test_ToTraditional(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && (defined(HAVE_PKCS8) || defined(HAVE_PKCS12)) && \
     (defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
-     defined(OPENSSL_EXTRA_X509_SMALL))
+     defined(OPENSSL_EXTRA_X509_SMALL)) && !defined(NO_FILESYSTEM)
+    XFILE  f = XBADFILE;
+    byte   input[TWOK_BUF];
+    word32 sz;
 
-    XFILE   f;
-    byte    input[TWOK_BUF];
-    word32  sz;
-    int     ret;
-
-    f = XFOPEN("./certs/server-keyPkcs8.der", "rb");
-    AssertTrue((f != XBADFILE));
-    sz = (word32)XFREAD(input, 1, sizeof(input), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN("./certs/server-keyPkcs8.der", "rb")) != XBADFILE);
+    ExpectTrue((sz = (word32)XFREAD(input, 1, sizeof(input), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* Good case */
-    ret = ToTraditional(input, sz);
-    if (ret > 0) {
-        ret = 0;
-    }
+    ExpectIntGT(ToTraditional(input, sz), 0);
     /* Bad cases */
-    if (ret == 0) {
-        ret = ToTraditional(NULL, 0);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = ToTraditional(NULL, sz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = ToTraditional(input, 0);
-        if (ret == ASN_PARSE_E || ret == BUFFER_E) {
-            ret = 0;
-        }
-    }
-
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(ToTraditional(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(ToTraditional(NULL, sz), BAD_FUNC_ARG);
+#ifdef WOLFSSL_ASN_TEMPLATE
+    ExpectIntEQ(ToTraditional(input, 0), BUFFER_E);
+#else
+    ExpectIntEQ(ToTraditional(input, 0), ASN_PARSE_E);
 #endif
-    return res;
-}/* End test_ToTraditional*/
+#endif
+    return EXPECT_RESULT();
+} /* End test_ToTraditional*/
 
 /*
  * Testing wc_EccPrivateKeyToDer
  */
 static int test_wc_EccPrivateKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
-    byte            output[ONEK_BUF];
-    ecc_key         eccKey;
-    WC_RNG          rng;
-    word32          inLen;
-    int             ret;
+    byte    output[ONEK_BUF];
+    ecc_key eccKey;
+    WC_RNG  rng;
+    word32  inLen;
+    word32  outLen = 0;
+    int     ret;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&eccKey, 0, sizeof(ecc_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ecc_init(&eccKey);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        inLen = (word32)sizeof(output);
-        /* Bad Cases */
-        if (ret == 0) {
-            ret = wc_EccPrivateKeyToDer(NULL, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_EccPrivateKeyToDer(NULL, output, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_EccPrivateKeyToDer(&eccKey, NULL, inLen);
-            if (ret == LENGTH_ONLY_E) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_EccPrivateKeyToDer(&eccKey, output, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        /*Good Case */
-        if (ret == 0) {
-            ret = wc_EccPrivateKeyToDer(&eccKey, output, inLen);
-            if (ret > 0) {
-        #if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
-                /* test importing private only into a PKEY struct */
-                EC_KEY*   ec;
-                EVP_PKEY* pkey;
-                const unsigned char* der = output;
-
-                pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, ret);
-                AssertNotNull(pkey);
-
-                der = output;
-                ec  = d2i_ECPrivateKey(NULL, &der, ret);
-                AssertNotNull(ec);
-                AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
-                EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
-        #endif
-                ret = 0;
-            }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    ExpectIntEQ(ret, 0);
+
+    inLen = (word32)sizeof(output);
+    /* Bad Cases */
+    ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_EccPrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, NULL, inLen), LENGTH_ONLY_E);
+    ExpectIntEQ(wc_EccPrivateKeyToDer(&eccKey, output, 0), BAD_FUNC_ARG);
+    /* Good Case */
+    ExpectIntGT(outLen = wc_EccPrivateKeyToDer(&eccKey, output, inLen), 0);
+
+    wc_ecc_free(&eccKey);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ALL_CURVES)
+    {
+        /* test importing private only into a PKEY struct */
+        EC_KEY*   ec = NULL;
+        EVP_PKEY* pkey = NULL;
+        const unsigned char* der;
+
+        der = output;
+        ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &der, outLen));
+
+        der = output;
+        ExpectNotNull(ec = d2i_ECPrivateKey(NULL, &der, outLen));
+        ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ec), SSL_SUCCESS);
+        if (EXPECT_FAIL()) {
+            EC_KEY_free(ec);
         }
-        wc_ecc_free(&eccKey);
+        EVP_PKEY_free(pkey); /* EC_KEY should be free'd by free'ing pkey */
     }
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-}/* End test_wc_EccPrivateKeyToDer*/
+#endif
+    return EXPECT_RESULT();
+} /* End test_wc_EccPrivateKeyToDer*/
 
 /*
  * Testing wc_DhPublicKeyDecode
  */
 static int test_wc_DhPublicKeyDecode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_DH
 #if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048)
     DhKey  key;
     word32 inOutIdx;
 
-    AssertIntEQ(wc_InitDhKey(&key), 0);
+    XMEMSET(&key, 0, sizeof(DhKey));
+
+    ExpectIntEQ(wc_InitDhKey(&key), 0);
 
-    AssertIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0),
-                                                        BAD_FUNC_ARG);
-    AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
-                                                        BAD_FUNC_ARG);
-    AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
-                                                        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DhPublicKeyDecode(NULL,NULL,NULL,0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,NULL,NULL,0),
+        BAD_FUNC_ARG);
     inOutIdx = 0;
-    AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0),
-                                                        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,NULL, 0),
+        BAD_FUNC_ARG);
     inOutIdx = 0;
-    AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0),
-                                                        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key, 0),
+        BAD_FUNC_ARG);
     inOutIdx = 0;
-    AssertIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key,
-                                            sizeof_dh_pub_key_der_2048), 0);
-    AssertTrue(key.p.used != 0 && key.g.used != 0 && key.q.used == 0 &&
-              key.pub.used != 0 && key.priv.used == 0);
-
-    wc_FreeDhKey(&key);
+    ExpectIntEQ(wc_DhPublicKeyDecode(dh_pub_key_der_2048,&inOutIdx,&key,
+        sizeof_dh_pub_key_der_2048), 0);
+    ExpectIntNE(key.p.used, 0);
+    ExpectIntNE(key.g.used, 0);
+    ExpectIntEQ(key.q.used, 0);
+    ExpectIntNE(key.pub.used, 0);
+    ExpectIntEQ(key.priv.used, 0);
 
-    res = TEST_RES_CHECK(1);
+    DoExpectIntEQ(wc_FreeDhKey(&key), 0);
 #endif
 #endif /* !NO_DH */
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*
@@ -28322,505 +25866,352 @@ static int test_wc_DhPublicKeyDecode(void)
  */
 static int test_wc_Ed25519KeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    byte            output[ONEK_BUF];
-    ed25519_key     ed25519Key;
-    WC_RNG          rng;
-    word32          inLen;
-    int             ret;
+    byte        output[ONEK_BUF];
+    ed25519_key ed25519Key;
+    WC_RNG      rng;
+    word32      inLen;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed25519_init(&ed25519Key);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
-        }
-        inLen = (word32)sizeof(output);
+    ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+    inLen = (word32)sizeof(output);
 
-        /* Bad Cases */
-        if (ret == 0) {
-            ret = wc_Ed25519KeyToDer(NULL, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519KeyToDer(NULL, output, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519KeyToDer(&ed25519Key, output, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        /* Good Cases */
-        if (ret == 0) {
-            /* length only */
-            ret = wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519KeyToDer(&ed25519Key, output, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        wc_ed25519_free(&ed25519Key);
-    }
-    wc_FreeRng(&rng);
+    /* Bad Cases */
+    ExpectIntEQ(wc_Ed25519KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed25519KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed25519KeyToDer(&ed25519Key, output, 0), BAD_FUNC_ARG);
+    /* Good Cases */
+    /* length only */
+    ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, NULL, inLen), 0);
+    ExpectIntGT(wc_Ed25519KeyToDer(&ed25519Key, output, inLen), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ed25519_free(&ed25519Key);
 #endif
-    return res;
-}/* End test_wc_Ed25519KeyToDer*/
+    return EXPECT_RESULT();
+} /* End test_wc_Ed25519KeyToDer*/
+
 /*
  * Testing wc_Ed25519PrivateKeyToDer
  */
 static int test_wc_Ed25519PrivateKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    byte            output[ONEK_BUF];
-    ed25519_key     ed25519PrivKey;
-    WC_RNG          rng;
-    word32          inLen;
-    int             ret;
+    byte        output[ONEK_BUF];
+    ed25519_key ed25519PrivKey;
+    WC_RNG      rng;
+    word32      inLen;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&ed25519PrivKey, 0, sizeof(ed25519_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed25519_init(&ed25519PrivKey);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey);
-        }
-        inLen = (word32)sizeof(output);
+    ExpectIntEQ(wc_ed25519_init(&ed25519PrivKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519PrivKey),
+        0);
+    inLen = (word32)sizeof(output);
 
-        /* Bad Cases */
-        if (ret == 0) {
-            ret = wc_Ed25519PrivateKeyToDer(NULL, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519PrivateKeyToDer(NULL, output, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        /* Good Cases */
-        if (ret == 0) {
-            /* length only */
-            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        wc_ed25519_free(&ed25519PrivKey);
-    }
-    wc_FreeRng(&rng);
+    /* Bad Cases */
+    ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed25519PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, 0),
+        BAD_FUNC_ARG);
+    /* Good Cases */
+    /* length only */
+    ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, NULL, inLen), 0);
+    ExpectIntGT(wc_Ed25519PrivateKeyToDer(&ed25519PrivKey, output, inLen), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ed25519_free(&ed25519PrivKey);
 #endif
-    return res;
-}/* End test_wc_Ed25519PrivateKeyToDer*/
+    return EXPECT_RESULT();
+} /* End test_wc_Ed25519PrivateKeyToDer*/
+
 /*
  * Testing wc_Ed448KeyToDer
  */
 static int test_wc_Ed448KeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    byte            output[ONEK_BUF];
-    ed448_key       ed448Key;
-    WC_RNG          rng;
-    word32          inLen;
-    int             ret;
+    byte      output[ONEK_BUF];
+    ed448_key ed448Key;
+    WC_RNG    rng;
+    word32    inLen;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed448_init(&ed448Key);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
-        }
-        inLen = sizeof(output);
+    ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+    inLen = (word32)sizeof(output);
 
-        /* Bad Cases */
-        if (ret == 0) {
-            ret = wc_Ed448KeyToDer(NULL, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448KeyToDer(NULL, output, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448KeyToDer(&ed448Key, output, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        /* Good Cases */
-        if (ret == 0) {
-            /* length only */
-            ret = wc_Ed448KeyToDer(&ed448Key, NULL, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448KeyToDer(&ed448Key, output, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        wc_ed448_free(&ed448Key);
-    }
-    wc_FreeRng(&rng);
+    /* Bad Cases */
+    ExpectIntEQ(wc_Ed448KeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed448KeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed448KeyToDer(&ed448Key, output, 0), BAD_FUNC_ARG);
+    /* Good Cases */
+    /* length only */
+    ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, NULL, inLen), 0);
+    ExpectIntGT(wc_Ed448KeyToDer(&ed448Key, output, inLen), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ed448_free(&ed448Key);
 #endif
-    return res;
-}/* End test_wc_Ed448KeyToDer*/
+    return EXPECT_RESULT();
+} /* End test_wc_Ed448KeyToDer*/
+
 /*
  * Testing wc_Ed448PrivateKeyToDer
  */
 static int test_wc_Ed448PrivateKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT) && \
     (defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN))
-    byte            output[ONEK_BUF];
-    ed448_key       ed448PrivKey;
-    WC_RNG          rng;
-    word32          inLen;
-    int             ret;
+    byte      output[ONEK_BUF];
+    ed448_key ed448PrivKey;
+    WC_RNG    rng;
+    word32    inLen;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&ed448PrivKey, 0, sizeof(ed448_key));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = wc_ed448_init(&ed448PrivKey);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey);
-        }
-        inLen = sizeof(output);
+    ExpectIntEQ(wc_ed448_init(&ed448PrivKey), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448PrivKey),
+        0);
+    inLen = (word32)sizeof(output);
 
-        /* Bad Cases */
-        if (ret == 0) {
-            ret = wc_Ed448PrivateKeyToDer(NULL, NULL, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448PrivateKeyToDer(NULL, output, inLen);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        /* Good cases */
-        if (ret == 0) {
-            /* length only */
-            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen);
-            if (ret > 0) {
-                ret = 0;
-            }
-        }
-        wc_ed448_free(&ed448PrivKey);
-    }
-    wc_FreeRng(&rng);
+    /* Bad Cases */
+    ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed448PrivateKeyToDer(NULL, output, inLen), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, 0),
+        BAD_FUNC_ARG);
+    /* Good cases */
+    /* length only */
+    ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, NULL, inLen), 0);
+    ExpectIntGT(wc_Ed448PrivateKeyToDer(&ed448PrivKey, output, inLen), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+    wc_ed448_free(&ed448PrivKey);
 #endif
-    return res;
-}/* End test_wc_Ed448PrivateKeyToDer*/
+    return EXPECT_RESULT();
+} /* End test_wc_Ed448PrivateKeyToDer*/
+
 /*
  * Testing wc_SetSubjectBuffer
  */
 static int test_wc_SetSubjectBuffer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
-    Cert    cert;
-    FILE*   file;
-    byte*   der;
-    word32  derSz;
-    int     ret = 0;
+    Cert   cert;
+    XFILE  file = XBADFILE;
+    byte*  der = NULL;
+    word32 derSz;
 
     derSz = FOURK_BUF;
-    der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if (der == NULL) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        file = XFOPEN("./certs/ca-cert.der", "rb");
-        if (file != NULL) {
-            derSz = (word32)XFREAD(der, 1, FOURK_BUF, file);
-            XFCLOSE(file);
-        }
-        else {
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        ret = wc_InitCert(&cert);
-    }
+    ExpectNotNull(der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectTrue((file = XFOPEN("./certs/ca-cert.der", "rb")) != XBADFILE);
+    ExpectTrue((derSz = (word32)XFREAD(der, 1, FOURK_BUF, file)) > 0);
+    if (file != XBADFILE)
+        XFCLOSE(file);
 
-    if (ret == 0) {
-        ret = wc_SetSubjectBuffer(&cert, der, derSz);
-    }
+    ExpectIntEQ(wc_InitCert(&cert), 0);
+    ExpectIntEQ(wc_SetSubjectBuffer(&cert, der, derSz), 0);
+    ExpectIntEQ(wc_SetSubjectBuffer(NULL, der, derSz), BAD_FUNC_ARG);
 
-    if (ret == 0) {
-        ret = wc_SetSubjectBuffer(NULL, der, derSz);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
     XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
-}/* End test_wc_SetSubjectBuffer*/
+    return EXPECT_RESULT();
+} /* End test_wc_SetSubjectBuffer*/
 
 /*
  * Testing wc_SetSubjectKeyIdFromPublicKey_ex
  */
 static int test_wc_SetSubjectKeyIdFromPublicKey_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-    WC_RNG          rng;
-    Cert            cert;
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    ed25519_key     ed25519Key;
-#endif
+    WC_RNG      rng;
+    Cert        cert;
 #if !defined(NO_RSA) && defined(HAVE_RSA)
-    RsaKey          rsaKey;
-    int             bits = 2048;
+    RsaKey      rsaKey;
+    int         bits = 2048;
 #endif
 #if defined(HAVE_ECC)
-    ecc_key         eccKey;
+    ecc_key     eccKey;
+    int         ret;
+#endif
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+    ed25519_key ed25519Key;
 #endif
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    ed448_key       ed448Key;
+    ed448_key   ed448Key;
 #endif
-    int             ret = 0;
 
 #ifndef HAVE_FIPS
-    ret = wc_InitRng_ex(&rng, HEAP_HINT, testDevId);
+    ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
 #else
-    ret = wc_InitRng(&rng);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 #endif
 
-    wc_InitCert(&cert);
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    if (ret == 0) { /*ED25519*/
-        ret = wc_ed25519_init(&ed25519Key);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
-        }
-        if (ret == 0) {
-            ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
-                                                  &ed25519Key);
-        }
-        wc_ed25519_free(&ed25519Key);
-    }
-#endif
+    ExpectIntEQ(wc_InitCert(&cert), 0);
+
 #if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
-    if (ret == 0) { /*RSA*/
-        ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
-        if (ret == 0) {
-            MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng);
-        }
-        if (ret == 0) {
-            ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey);
-        }
-        wc_FreeRsaKey(&rsaKey);
-    }
+    /* RSA */
+    XMEMSET(&rsaKey, 0, sizeof(RsaKey));
+    ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
+    ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey),
+        0);
+    DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
 #endif
+
 #if defined(HAVE_ECC)
-    if (ret == 0) { /*ECC*/
-        ret = wc_ecc_init(&eccKey);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
-        }
-        wc_ecc_free(&eccKey);
-    }
+    /* ECC */
+    XMEMSET(&eccKey, 0, sizeof(ecc_key));
+    ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    if (ret == 0) { /*ED448*/
-        ret = wc_ed448_init(&ed448Key);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
-        }
-        if (ret == 0) {
-            ret = wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
-                                                  &ed448Key);
-        }
-        wc_ed448_free(&ed448Key);
-    }
+    ExpectIntEQ(ret, 0);
+    ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey),
+        0);
+    DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
 #endif
 
-    wc_FreeRng(&rng);
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+    /* ED25519 */
+    XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+    ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+    ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
+        &ed25519Key), 0);
+    wc_ed25519_free(&ed25519Key);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+    /* ED448 */
+    XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+    ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+    ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
+        &ed448Key), 0);
+    wc_ed448_free(&ed448Key);
 #endif
-    return res;
-}/* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/
+
+    wc_FreeRng(&rng);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+#endif /* WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
+    return EXPECT_RESULT();
+} /* End test_wc_SetSubjectKeyIdFromPublicKey_ex*/
 
 /*
  * Testing wc_SetAuthKeyIdFromPublicKey_ex
  */
 static int test_wc_SetAuthKeyIdFromPublicKey_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-    WC_RNG          rng;
-    Cert            cert;
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    ed25519_key     ed25519Key;
-#endif
+    WC_RNG      rng;
+    Cert        cert;
 #if !defined(NO_RSA) && defined(HAVE_RSA)
-    RsaKey          rsaKey;
-    int             bits = 2048;
+    RsaKey      rsaKey;
+    int         bits = 2048;
 #endif
 #if defined(HAVE_ECC)
-    ecc_key         eccKey;
+    ecc_key     eccKey;
+    int         ret;
+#endif
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+    ed25519_key ed25519Key;
 #endif
 #if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    ed448_key       ed448Key;
+    ed448_key   ed448Key;
 #endif
-    int             ret = 0;
 
 #ifndef HAVE_FIPS
-    ret = wc_InitRng_ex(&rng, HEAP_HINT, testDevId);
+    ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
 #else
-    ret = wc_InitRng(&rng);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 #endif
 
-    wc_InitCert(&cert);
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-    if (ret == 0) { /*ED25519*/
-        ret = wc_ed25519_init(&ed25519Key);
-        if (ret == 0) {
-            ret = wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key);
-        }
-        if (ret == 0) {
-            ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
-                                                  &ed25519Key);
-        }
-        wc_ed25519_free(&ed25519Key);
-    }
-#endif
+    ExpectIntEQ(wc_InitCert(&cert), 0);
+
 #if !defined(NO_RSA) && defined(HAVE_RSA) && defined(WOLFSSL_KEY_GEN)
-    if (ret == 0) { /*RSA*/
-        ret = wc_InitRsaKey(&rsaKey, HEAP_HINT);
-        if (ret == 0) {
-            MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng);
-        }
-        if (ret == 0) {
-            ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey);
-        }
-        wc_FreeRsaKey(&rsaKey);
-    }
+    /* RSA */
+    XMEMSET(&rsaKey, 0, sizeof(RsaKey));
+    ExpectIntEQ(wc_InitRsaKey(&rsaKey, HEAP_HINT), 0);
+    ExpectIntEQ(MAKE_RSA_KEY(&rsaKey, bits, WC_RSA_EXPONENT, &rng), 0);
+    ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, RSA_TYPE, &rsaKey), 0);
+    DoExpectIntEQ(wc_FreeRsaKey(&rsaKey), 0);
 #endif
+
 #if defined(HAVE_ECC)
-    if (ret == 0) { /*ECC*/
-        ret = wc_ecc_init(&eccKey);
-        if (ret == 0) {
-            ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
-        #if defined(WOLFSSL_ASYNC_CRYPT)
-            ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
-        #endif
-        }
-        if (ret == 0) {
-            ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey);
-        }
-        wc_ecc_free(&eccKey);
-    }
+    /* ECC */
+    XMEMSET(&eccKey, 0, sizeof(ecc_key));
+    ExpectIntEQ(wc_ecc_init(&eccKey), 0);
+    ret = wc_ecc_make_key(&rng, KEY14, &eccKey);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &eccKey.asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-    if (ret == 0) { /*ED448*/
-        ret = wc_ed448_init(&ed448Key);
-        if (ret == 0) {
-            ret = wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key);
-        }
-        if (ret == 0) {
-            ret = wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE,
-                                                  &ed448Key);
-        }
-        wc_ed448_free(&ed448Key);
-    }
+    ExpectIntEQ(ret, 0);
+    ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ECC_TYPE, &eccKey), 0);
+    DoExpectIntEQ(wc_ecc_free(&eccKey), 0);
 #endif
 
-    wc_FreeRng(&rng);
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+    /* ED25519 */
+    XMEMSET(&ed25519Key, 0, sizeof(ed25519_key));
+    ExpectIntEQ(wc_ed25519_init(&ed25519Key), 0);
+    ExpectIntEQ(wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &ed25519Key), 0);
+    ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED25519_TYPE,
+        &ed25519Key), 0);
+    wc_ed25519_free(&ed25519Key);
+#endif
 
-    res = TEST_RES_CHECK(ret == 0);
-#endif /*defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/
-    return res;
-}/* End test_wc_SetAuthKeyIdFromPublicKey_ex*/
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+    /* ED448 */
+    XMEMSET(&ed448Key, 0, sizeof(ed448_key));
+    ExpectIntEQ(wc_ed448_init(&ed448Key), 0);
+    ExpectIntEQ(wc_ed448_make_key(&rng, ED448_KEY_SIZE, &ed448Key), 0);
+    ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey_ex(&cert, ED448_TYPE, &ed448Key),
+        0);
+    wc_ed448_free(&ed448Key);
+#endif
+
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
+#endif /* defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)*/
+    return EXPECT_RESULT();
+} /* End test_wc_SetAuthKeyIdFromPublicKey_ex*/
 
 /*
  * Testing wc_PKCS7_New()
  */
 static int test_wc_PKCS7_New(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*      pkcs7;
+    PKCS7* pkcs7 = NULL;
 
-    pkcs7 = wc_PKCS7_New(NULL, testDevId);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, testDevId));
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(pkcs7 != NULL);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test-wc_PKCS7_New */
 
 /*
@@ -28828,24 +26219,20 @@ static int test_wc_PKCS7_New(void)
  */
 static int test_wc_PKCS7_Init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*      pkcs7;
-    void*       heap = NULL;
-
-    pkcs7 = wc_PKCS7_New(heap, testDevId);
-    AssertNotNull(pkcs7);
+    PKCS7* pkcs7 = NULL;
+    void*  heap = NULL;
 
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
 
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
     /* Pass in bad args. */
-    AssertIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_Init(NULL, heap, testDevId), BAD_FUNC_ARG);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test-wc_PKCS7_Init */
 
 
@@ -28854,47 +26241,53 @@ static int test_wc_PKCS7_Init(void)
  */
 static int test_wc_PKCS7_InitWithCert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*       pkcs7;
+    PKCS7* pkcs7 = NULL;
 
 #ifndef NO_RSA
     #if defined(USE_CERT_BUFFERS_2048)
         unsigned char    cert[sizeof(client_cert_der_2048)];
         int              certSz = (int)sizeof(cert);
+
         XMEMSET(cert, 0, certSz);
         XMEMCPY(cert, client_cert_der_2048, sizeof(client_cert_der_2048));
     #elif defined(USE_CERT_BUFFERS_1024)
         unsigned char    cert[sizeof(client_cert_der_1024)];
         int              certSz = (int)sizeof(cert);
+
         XMEMSET(cert, 0, certSz);
         XMEMCPY(cert, client_cert_der_1024, sizeof_client_cert_der_1024);
     #else
         unsigned char   cert[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz;
-        fp = XFOPEN("./certs/1024/client-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
 
-        certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+            fp), 0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #elif defined(HAVE_ECC)
     #if defined(USE_CERT_BUFFERS_256)
         unsigned char    cert[sizeof(cliecc_cert_der_256)];
         int              certSz = (int)sizeof(cert);
+
         XMEMSET(cert, 0, certSz);
         XMEMCPY(cert, cliecc_cert_der_256, sizeof(cliecc_cert_der_256));
     #else
         unsigned char   cert[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz;
-        fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
 
-        AssertTrue(fp != XBADFILE);
-
-        certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256), fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof(cliecc_cert_der_256),
+            fp), 0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #else
         #error PKCS7 requires ECC or RSA
@@ -28976,35 +26369,35 @@ static int test_wc_PKCS7_InitWithCert(void)
         0x64, 0xAB, 0xA6, 0xBE, 0x02, 0x21, 0x00, 0xAA, 0xC5, 0xA3, 0x50, 0xF6,
         0xF1, 0xA5, 0xDB, 0x05, 0xE0, 0x75, 0xD2, 0xF7, 0xBA, 0x49, 0x5F, 0x8F,
         0x7D, 0x1C, 0x44, 0xB1, 0x6E, 0xDF, 0xC8, 0xDA, 0x10, 0x48, 0x2D, 0x53,
-        0x08, 0xA8, 0xB4};
+        0x08, 0xA8, 0xB4
+        };
 #endif
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
         /* If initialization is not successful, it's free'd in init func. */
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
-
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz),
+            0);
         wc_PKCS7_Free(pkcs7);
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        pkcs7 = NULL;
 
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
         /* Valid initialization usage. */
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
 
         /* Pass in bad args. No need free for null checks, free at end.*/
-        AssertIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
-                    BAD_FUNC_ARG);
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz),
-                    BAD_FUNC_ARG);
+        ExpectIntEQ(wc_PKCS7_InitWithCert(NULL, (byte*)cert, (word32)certSz),
+            BAD_FUNC_ARG);
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, (word32)certSz),
+            BAD_FUNC_ARG);
 
 #ifdef HAVE_ECC
-        AssertIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey,
-                                          sizeof(certWithInvalidEccKey)), 0);
+        ExpectIntLT(wc_PKCS7_InitWithCert(pkcs7, certWithInvalidEccKey,
+            sizeof(certWithInvalidEccKey)), 0);
     }
 #endif
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_InitWithCert */
 
 
@@ -29013,11 +26406,11 @@ static int test_wc_PKCS7_InitWithCert(void)
  */
 static int test_wc_PKCS7_EncodeData(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*      pkcs7;
-    byte        output[FOURK_BUF];
-    byte        data[] = "My encoded DER cert.";
+    PKCS7* pkcs7 = NULL;
+    byte   output[FOURK_BUF];
+    byte   data[] = "My encoded DER cert.";
 
 #ifndef NO_RSA
     #if defined(USE_CERT_BUFFERS_2048)
@@ -29025,36 +26418,43 @@ static int test_wc_PKCS7_EncodeData(void)
         unsigned char key[sizeof(client_key_der_2048)];
         int certSz = (int)sizeof(cert);
         int keySz = (int)sizeof(key);
+
         XMEMSET(cert, 0, certSz);
         XMEMSET(key, 0, keySz);
         XMEMCPY(cert, client_cert_der_2048, certSz);
         XMEMCPY(key, client_key_der_2048, keySz);
-
     #elif defined(USE_CERT_BUFFERS_1024)
         unsigned char cert[sizeof(sizeof_client_cert_der_1024)];
         unsigned char key[sizeof_client_key_der_1024];
         int certSz = (int)sizeof(cert);
         int keySz = (int)sizeof(key);
+
         XMEMSET(cert, 0, certSz);
         XMEMSET(key, 0, keySz);
         XMEMCPY(cert, client_cert_der_1024, certSz);
         XMEMCPY(key, client_key_der_1024, keySz);
     #else
-        unsigned char   cert[ONEK_BUF];
-        unsigned char   key[ONEK_BUF];
-        XFILE           fp;
-        int             certSz;
-        int             keySz;
+        unsigned char cert[ONEK_BUF];
+        unsigned char key[ONEK_BUF];
+        XFILE         fp = XBADFILE;
+        int           certSz;
+        int           keySz;
 
-        fp = XFOPEN("./certs/1024/client-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/1024/client-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+            0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #elif defined(HAVE_ECC)
     #if defined(USE_CERT_BUFFERS_256)
@@ -29069,46 +26469,52 @@ static int test_wc_PKCS7_EncodeData(void)
     #else
         unsigned char   cert[ONEK_BUF];
         unsigned char   key[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz, keySz;
 
-        fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/client-ecc-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+            0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #endif
 
     XMEMSET(output, 0, sizeof(output));
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
 
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, certSz), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, certSz), 0);
 
-    pkcs7->content = data;
-    pkcs7->contentSz = sizeof(data);
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = keySz;
-    AssertIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = sizeof(data);
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = keySz;
+    }
+    ExpectIntGT(wc_PKCS7_EncodeData(pkcs7, output, (word32)sizeof(output)), 0);
 
     /* Test bad args. */
-    AssertIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
+    ExpectIntEQ(wc_PKCS7_EncodeData(NULL, output, (word32)sizeof(output)),
                                                             BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)),
+    ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, NULL, (word32)sizeof(output)),
                                                             BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E);
+    ExpectIntEQ(wc_PKCS7_EncodeData(pkcs7, output, 5), BUFFER_E);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }  /* END test_wc_PKCS7_EncodeData */
 
 
@@ -29183,16 +26589,15 @@ static int rsaSignRawDigestCb(PKCS7* pkcs7, byte* digest, word32 digestSz,
  */
 static int test_wc_PKCS7_EncodeSignedData(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*      pkcs7;
-    WC_RNG      rng;
-    byte        output[FOURK_BUF];
-    byte        badOut[1];
-    word32      outputSz = (word32)sizeof(output);
-    word32      badOutSz = 0;
-    byte        data[] = "Test data to encode.";
-
+    PKCS7* pkcs7 = NULL;
+    WC_RNG rng;
+    byte   output[FOURK_BUF];
+    byte   badOut[1];
+    word32 outputSz = (word32)sizeof(output);
+    word32 badOutSz = 0;
+    byte   data[] = "Test data to encode.";
 #ifndef NO_RSA
     #if defined(USE_CERT_BUFFERS_2048)
         byte        key[sizeof(client_key_der_2048)];
@@ -29215,19 +26620,25 @@ static int test_wc_PKCS7_EncodeSignedData(void)
     #else
         unsigned char   cert[ONEK_BUF];
         unsigned char   key[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz;
         int             keySz;
 
-        fp = XFOPEN("./certs/1024/client-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/1024/client-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+            0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #elif defined(HAVE_ECC)
     #if defined(USE_CERT_BUFFERS_256)
@@ -29242,83 +26653,98 @@ static int test_wc_PKCS7_EncodeSignedData(void)
     #else
         unsigned char   cert[ONEK_BUF];
         unsigned char   key[ONEK_BUF];
-        XFILE           fp;
-        int             certSz, keySz;
+        XFILE           fp = XBADFILE;
+        int             certSz;
+        int             keySz;
 
-        fp = XOPEN("./certs/client-ecc-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XOPEN("./certs/client-ecc-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, ONEK_BUF, fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/client-ecc-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, ONEK_BUF, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, ONEK_BUF, fp), 0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #endif
 
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
     XMEMSET(output, 0, outputSz);
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
 
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
 
-    pkcs7->content = data;
-    pkcs7->contentSz = (word32)sizeof(data);
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
-    pkcs7->hashOID = SHA256h;
-#else
-    pkcs7->hashOID = SHAh;
-#endif
-    pkcs7->rng = &rng;
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = (word32)sizeof(data);
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        pkcs7->encryptOID = RSAk;
+    #ifdef NO_SHA
+        pkcs7->hashOID = SHA256h;
+    #else
+        pkcs7->hashOID = SHAh;
+    #endif
+        pkcs7->rng = &rng;
+    }
 
-    AssertIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
+    ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
 
     wc_PKCS7_Free(pkcs7);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    pkcs7 = NULL;
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
 
     /* Pass in bad args. */
-    AssertIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData(NULL, output, outputSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, NULL, outputSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, badOut,
                                 badOutSz), BAD_FUNC_ARG);
-    pkcs7->hashOID = 0; /* bad hashOID */
-    AssertIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->hashOID = 0; /* bad hashOID */
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz),
+        BAD_FUNC_ARG);
 
 #if defined(HAVE_PKCS7) && defined(HAVE_PKCS7_RSA_RAW_SIGN_CALLBACK) && \
     !defined(NO_RSA) && !defined(NO_SHA256)
     /* test RSA sign raw digest callback, if using RSA and compiled in.
      * Example callback assumes SHA-256, so only run test if compiled in. */
     wc_PKCS7_Free(pkcs7);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    pkcs7 = NULL;
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
 
-    pkcs7->content = data;
-    pkcs7->contentSz = (word32)sizeof(data);
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    pkcs7->encryptOID = RSAk;
-    pkcs7->hashOID = SHA256h;
-    pkcs7->rng = &rng;
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = (word32)sizeof(data);
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        pkcs7->encryptOID = RSAk;
+        pkcs7->hashOID = SHA256h;
+        pkcs7->rng = &rng;
+    }
 
-    AssertIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0);
+    ExpectIntEQ(wc_PKCS7_SetRsaSignRawDigestCb(pkcs7, rsaSignRawDigestCb), 0);
 
-    AssertIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
+    ExpectIntGT(wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz), 0);
 #endif
 
     wc_PKCS7_Free(pkcs7);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(1);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_EncodeSignedData */
 
 
@@ -29327,17 +26753,17 @@ static int test_wc_PKCS7_EncodeSignedData(void)
  */
 static int test_wc_PKCS7_EncodeSignedData_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    int         ret, i;
-    PKCS7*      pkcs7;
-    WC_RNG      rng;
-    byte        outputHead[FOURK_BUF/2];
-    byte        outputFoot[FOURK_BUF/2];
-    word32      outputHeadSz = (word32)sizeof(outputHead);
-    word32      outputFootSz = (word32)sizeof(outputFoot);
-    byte        data[FOURK_BUF];
-    wc_HashAlg  hash;
+    int        i;
+    PKCS7*     pkcs7 = NULL;
+    WC_RNG     rng;
+    byte       outputHead[FOURK_BUF/2];
+    byte       outputFoot[FOURK_BUF/2];
+    word32     outputHeadSz = (word32)sizeof(outputHead);
+    word32     outputFootSz = (word32)sizeof(outputFoot);
+    byte       data[FOURK_BUF];
+    wc_HashAlg hash;
 #ifdef NO_SHA
     enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
 #else
@@ -29366,181 +26792,202 @@ static int test_wc_PKCS7_EncodeSignedData_ex(void)
         XMEMCPY(key, client_key_der_1024, keySz);
         XMEMCPY(cert, client_cert_der_1024, certSz);
     #else
-        unsigned char   cert[ONEK_BUF];
-        unsigned char   key[ONEK_BUF];
-        XFILE           fp;
-        int             certSz;
-        int             keySz;
+        unsigned char  cert[ONEK_BUF];
+        unsigned char  key[ONEK_BUF];
+        XFILE          fp = XBADFILE;
+        int            certSz;
+        int            keySz;
 
-        fp = XFOPEN("./certs/1024/client-cert.der", "rb");
-        AssertTrue((fp != XBADFILE));
-        certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTure((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/1024/client-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+            0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #elif defined(HAVE_ECC)
     #if defined(USE_CERT_BUFFERS_256)
-        unsigned char    cert[sizeof(cliecc_cert_der_256)];
-        unsigned char    key[sizeof(ecc_clikey_der_256)];
-        int              certSz = (int)sizeof(cert);
-        int              keySz = (int)sizeof(key);
+        unsigned char   cert[sizeof(cliecc_cert_der_256)];
+        unsigned char   key[sizeof(ecc_clikey_der_256)];
+        int             certSz = (int)sizeof(cert);
+        int             keySz = (int)sizeof(key);
+
         XMEMSET(cert, 0, certSz);
         XMEMSET(key, 0, keySz);
         XMEMCPY(cert, cliecc_cert_der_256, sizeof_cliecc_cert_der_256);
         XMEMCPY(key, ecc_clikey_der_256, sizeof_ecc_clikey_der_256);
     #else
-        unsigned char   cert[ONEK_BUF];
-        unsigned char   key[ONEK_BUF];
-        XFILE           fp;
-        int             certSz, keySz;
+        unsigned char cert[ONEK_BUF];
+        unsigned char key[ONEK_BUF];
+        XFILE         fp = XBADFILE;
+        int           certSz;
+        int           keySz;
 
-        fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/client-ecc-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+            0);
+        if (fp != XBADFILE)
+            XFCLOSE(fp);
     #endif
 #endif
 
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
     /* initialize large data with sequence */
     for (i=0; i<(int)sizeof(data); i++)
         data[i] = i & 0xff;
 
     XMEMSET(outputHead, 0, outputHeadSz);
     XMEMSET(outputFoot, 0, outputFootSz);
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
 
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
 
-    pkcs7->content = NULL; /* not used for ex */
-    pkcs7->contentSz = (word32)sizeof(data);
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
-    pkcs7->hashOID = SHA256h;
-#else
-    pkcs7->hashOID = SHAh;
-#endif
-    pkcs7->rng = &rng;
+    if (pkcs7 != NULL) {
+        pkcs7->content = NULL; /* not used for ex */
+        pkcs7->contentSz = (word32)sizeof(data);
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        pkcs7->encryptOID = RSAk;
+    #ifdef NO_SHA
+        pkcs7->hashOID = SHA256h;
+    #else
+        pkcs7->hashOID = SHAh;
+    #endif
+        pkcs7->rng = &rng;
+    }
 
     /* calculate hash for content */
-    ret = wc_HashInit(&hash, hashType);
-    if (ret == 0) {
-        ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
-        if (ret == 0) {
-            ret = wc_HashFinal(&hash, hashType, hashBuf);
-        }
-        wc_HashFree(&hash, hashType);
-    }
-    AssertIntEQ(ret, 0);
+    XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+    ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+    ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+    ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+    DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
 
     /* Perform PKCS7 sign using hash directly */
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, &outputHeadSz, outputFoot, &outputFootSz), 0);
-    AssertIntGT(outputHeadSz, 0);
-    AssertIntGT(outputFootSz, 0);
+    ExpectIntGT(outputHeadSz, 0);
+    ExpectIntGT(outputFootSz, 0);
 
     wc_PKCS7_Free(pkcs7);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    pkcs7 = NULL;
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
 
     /* required parameter even on verify when using _ex, if using outputHead
      * and outputFoot */
-    pkcs7->contentSz = (word32)sizeof(data);
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    if (pkcs7 != NULL) {
+        pkcs7->contentSz = (word32)sizeof(data);
+    }
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, outputHeadSz, outputFoot, outputFootSz), 0);
 
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* assembly complete PKCS7 sign and use normal verify */
     {
-        byte* output = (byte*)XMALLOC(
-                outputHeadSz + sizeof(data) + outputFootSz,
-                HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        byte* output = NULL;
         word32 outputSz = 0;
-        AssertNotNull(output);
-        XMEMCPY(&output[outputSz], outputHead, outputHeadSz);
-        outputSz += outputHeadSz;
-        XMEMCPY(&output[outputSz], data, sizeof(data));
-        outputSz += sizeof(data);
-        XMEMCPY(&output[outputSz], outputFoot, outputFootSz);
-        outputSz += outputFootSz;
-
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-        AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+
+        ExpectNotNull(output = (byte*)XMALLOC(
+            outputHeadSz + sizeof(data) + outputFootSz, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        if (output != NULL) {
+            XMEMCPY(&output[outputSz], outputHead, outputHeadSz);
+            outputSz += outputHeadSz;
+            XMEMCPY(&output[outputSz], data, sizeof(data));
+            outputSz += sizeof(data);
+            XMEMCPY(&output[outputSz], outputFoot, outputFootSz);
+            outputSz += outputFootSz;
+        }
+
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
         XFREE(output, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     }
 
     /* Pass in bad args. */
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(NULL, hashBuf, hashSz, outputHead,
         &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, NULL, hashSz, outputHead,
         &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, 0, outputHead,
         &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz, NULL,
         &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, NULL, outputFoot, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, &outputHeadSz, NULL, &outputFootSz), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, &outputHeadSz, outputFoot, NULL), BAD_FUNC_ARG);
-    pkcs7->hashOID = 0; /* bad hashOID */
-    AssertIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
+    if (pkcs7 != NULL) {
+        pkcs7->hashOID = 0; /* bad hashOID */
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeSignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, &outputHeadSz, outputFoot, &outputFootSz), BAD_FUNC_ARG);
 
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(NULL, hashBuf, hashSz, outputHead,
         outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
 
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, NULL, hashSz, outputHead,
         outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
 #ifndef NO_PKCS7_STREAM
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
         outputHeadSz, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
 #else
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, 0, outputHead,
         outputHeadSz, outputFoot, outputFootSz), BUFFER_E);
 #endif
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz, NULL,
         outputHeadSz, outputFoot, outputFootSz), BAD_FUNC_ARG);
 #ifndef NO_PKCS7_STREAM
     /* can pass in 0 buffer length with streaming API */
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, 0, outputFoot, outputFootSz), WC_PKCS7_WANT_READ_E);
 #else
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, 0, outputFoot, outputFootSz), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, outputHeadSz, NULL, outputFootSz), BAD_FUNC_ARG);
 #ifndef NO_PKCS7_STREAM
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, outputHeadSz, outputFoot, 0), WC_PKCS7_WANT_READ_E);
 #else
-    AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+    ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
         outputHead, outputHeadSz, outputFoot, 0), BUFFER_E);
 #endif
 
     wc_PKCS7_Free(pkcs7);
-    wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(1);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_EncodeSignedData_ex */
 
 
@@ -29560,8 +27007,9 @@ static int LoadPKCS7SignedDataCerts(
         byte* cert, word32* certSz,
         byte* key, word32* keySz)
 {
+    EXPECT_DECLS;
     int ret = 0;
-    FILE*  fp = NULL;
+    XFILE fp = XBADFILE;
 
 #ifndef NO_RSA
     const char* intCARootRSA   = "./certs/ca-cert.der";
@@ -29600,35 +27048,45 @@ static int LoadPKCS7SignedDataCerts(
 #ifndef NO_RSA
         case RSA_TYPE:
             if (useIntermediateCertChain == 1) {
-                fp = XFOPEN(intCARootRSA, "rb");
-                AssertNotNull(fp);
+                ExpectTrue((fp = XFOPEN(intCARootRSA, "rb")) != XBADFILE);
                 *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCARootSz, 0);
+                if (fp != XBADFILE) {
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCARootSz, 0);
 
-                fp = XFOPEN(intCA1RSA, "rb");
-                AssertNotNull(fp);
-                *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCA1Sz, 0);
+                ExpectTrue((fp = XFOPEN(intCA1RSA, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCA1Sz, 0);
 
-                fp = XFOPEN(intCA2RSA, "rb");
-                AssertNotNull(fp);
-                *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCA2Sz, 0);
+                ExpectTrue((fp = XFOPEN(intCA2RSA, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCA2Sz, 0);
 
-                fp = XFOPEN(intServCertRSA, "rb");
-                AssertNotNull(fp);
-                *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*certSz, 0);
+                ExpectTrue((fp = XFOPEN(intServCertRSA, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*certSz, 0);
 
-                fp = XFOPEN(intServKeyRSA, "rb");
-                AssertNotNull(fp);
-                *keySz = (word32)XFREAD(key, 1, *keySz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*keySz, 0);
+                ExpectTrue((fp = XFOPEN(intServKeyRSA, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*keySz, 0);
             }
             else {
             #if defined(USE_CERT_BUFFERS_2048)
@@ -29642,17 +27100,21 @@ static int LoadPKCS7SignedDataCerts(
                 XMEMCPY(key, client_key_der_1024, *keySz);
                 XMEMCPY(cert, client_cert_der_1024, *certSz);
             #else
-                fp = XFOPEN(cli1024Key, "rb");
-                AssertNotNull(fp);
-                *keySz = (word32)XFREAD(key, 1, *keySz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*keySz, 0);
+                ExpectTrue((fp = XFOPEN(cli1024Key, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*keySz, 0);
 
-                fp = XFOPEN(cli1024Cert, "rb");
-                AssertNotNull(fp);
-                *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*certSz, 0);
+                ExpectTrue((fp = XFOPEN(cli1024Cert, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*certSz, 0);
             #endif /* USE_CERT_BUFFERS_2048 */
             }
             break;
@@ -29660,35 +27122,46 @@ static int LoadPKCS7SignedDataCerts(
 #ifdef HAVE_ECC
         case ECC_TYPE:
             if (useIntermediateCertChain == 1) {
-                fp = XFOPEN(intCARootECC, "rb");
-                AssertNotNull(fp);
-                *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCARootSz, 0);
+                ExpectTrue((fp = XFOPEN(intCARootECC, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *intCARootSz = (word32)XFREAD(intCARoot, 1, *intCARootSz,
+                                                  fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCARootSz, 0);
 
-                fp = XFOPEN(intCA1ECC, "rb");
-                AssertNotNull(fp);
-                *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCA1Sz, 0);
+                ExpectTrue((fp = XFOPEN(intCA1ECC, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *intCA1Sz = (word32)XFREAD(intCA1, 1, *intCA1Sz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCA1Sz, 0);
 
-                fp = XFOPEN(intCA2ECC, "rb");
-                AssertNotNull(fp);
-                *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*intCA2Sz, 0);
+                ExpectTrue((fp = XFOPEN(intCA2ECC, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *intCA2Sz = (word32)XFREAD(intCA2, 1, *intCA2Sz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*intCA2Sz, 0);
 
-                fp = XFOPEN(intServCertECC, "rb");
-                AssertNotNull(fp);
-                *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*certSz, 0);
+                ExpectTrue((fp = XFOPEN(intServCertECC, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*certSz, 0);
 
-                fp = XFOPEN(intServKeyECC, "rb");
-                AssertNotNull(fp);
-                *keySz = (word32)XFREAD(key, 1, *keySz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*keySz, 0);
+                ExpectTrue((fp = XFOPEN(intServKeyECC, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*keySz, 0);
             }
             else {
             #if defined(USE_CERT_BUFFERS_256)
@@ -29697,17 +27170,21 @@ static int LoadPKCS7SignedDataCerts(
                 XMEMCPY(key, ecc_clikey_der_256, *keySz);
                 XMEMCPY(cert, cliecc_cert_der_256, *certSz);
             #else
-                fp = XFOPEN(cliEccKey, "rb");
-                AssertNotNull(fp);
-                *keySz = (word32)XFREAD(key, 1, *keySz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*keySz, 0);
+                ExpectTrue((fp = XFOPEN(cliEccKey, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *keySz = (word32)XFREAD(key, 1, *keySz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*keySz, 0);
 
-                fp = XFOPEN(cliEccCert, "rb");
-                AssertNotNull(fp);
-                *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
-                XFCLOSE(fp);
-                AssertIntGT(*certSz, 0);
+                ExpectTrue((fp = XFOPEN(cliEccCert, "rb")) != XBADFILE);
+                if (fp != XBADFILE) {
+                    *certSz = (word32)XFREAD(cert, 1, *certSz, fp);
+                    XFCLOSE(fp);
+                    fp = XBADFILE;
+                }
+                ExpectIntGT(*certSz, 0);
             #endif /* USE_CERT_BUFFERS_256 */
             }
             break;
@@ -29718,6 +27195,9 @@ static int LoadPKCS7SignedDataCerts(
             break;
     }
 
+    if (EXPECT_FAIL() && (ret == 0)) {
+        ret = BAD_FUNC_ARG;
+    }
     return ret;
 }
 
@@ -29741,6 +27221,7 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
                                  int useIntermediateCertChain,
                                  int pkAlgoType)
 {
+    EXPECT_DECLS;
     int ret = 0;
     WC_RNG rng;
     PKCS7* pkcs7 = NULL;
@@ -29777,62 +27258,68 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
     ret = LoadPKCS7SignedDataCerts(useIntermediateCertChain, pkAlgoType,
                 intCARoot, &intCARootSz, intCA1, &intCA1Sz, intCA2, &intCA2Sz,
                 cert, &certSz, key, &keySz);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(ret, 0);
 
     XMEMSET(output, 0, outputSz);
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
 
     if (useIntermediateCertChain == 1) {
         /* Add intermediate and root CA certs into SignedData Certs SET */
-        AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0);
-        AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0);
-        AssertIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0);
+        ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA2, intCA2Sz), 0);
+        ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCA1, intCA1Sz), 0);
+        ExpectIntEQ(wc_PKCS7_AddCertificate(pkcs7, intCARoot, intCARootSz), 0);
     }
 
-    pkcs7->content = data;
-    pkcs7->contentSz = dataSz;
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    if (pkAlgoType == RSA_TYPE) {
-        pkcs7->encryptOID = RSAk;
-    }
-    else {
-        pkcs7->encryptOID = ECDSAk;
-    }
-#ifdef NO_SHA
-    pkcs7->hashOID = SHA256h;
-#else
-    pkcs7->hashOID = SHAh;
-#endif
-    pkcs7->rng = &rng;
-    if (withAttribs) {
-        /* include a signed attribute */
-        pkcs7->signedAttribs   = attribs;
-        pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib));
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = dataSz;
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        if (pkAlgoType == RSA_TYPE) {
+            pkcs7->encryptOID = RSAk;
+        }
+        else {
+            pkcs7->encryptOID = ECDSAk;
+        }
+    #ifdef NO_SHA
+        pkcs7->hashOID = SHA256h;
+    #else
+        pkcs7->hashOID = SHAh;
+    #endif
+        pkcs7->rng = &rng;
+        if (withAttribs) {
+            /* include a signed attribute */
+            pkcs7->signedAttribs   = attribs;
+            pkcs7->signedAttribsSz = (sizeof(attribs)/sizeof(PKCS7Attrib));
+        }
     }
 
     if (detachedSig) {
-        AssertIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0);
+        ExpectIntEQ(wc_PKCS7_SetDetached(pkcs7, 1), 0);
     }
 
     outputSz = wc_PKCS7_EncodeSignedData(pkcs7, output, outputSz);
-    AssertIntGT(outputSz, 0);
+    ExpectIntGT(outputSz, 0);
     wc_PKCS7_Free(pkcs7);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    if (detachedSig) {
+    pkcs7 = NULL;
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    if (detachedSig && (pkcs7 != NULL)) {
         pkcs7->content = data;
         pkcs7->contentSz = dataSz;
     }
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
 
     wc_PKCS7_Free(pkcs7);
     wc_FreeRng(&rng);
 
+    if (EXPECT_FAIL()) {
+        outputSz = 0;
+    }
     return outputSz;
 }
 #endif
@@ -29840,20 +27327,18 @@ static int CreatePKCS7SignedData(unsigned char* output, int outputSz,
 /*
  * Testing wc_PKCS_VerifySignedData()
  */
-static int test_wc_PKCS7_VerifySignedData(void)
+static int test_wc_PKCS7_VerifySignedData_RSA(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
-    PKCS7* pkcs7;
+    EXPECT_DECLS;
+#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+    PKCS7* pkcs7 = NULL;
     byte   output[6000]; /* Large size needed for bundles with int CA certs */
     word32 outputSz = sizeof(output);
     byte   data[] = "Test data to encode.";
     byte   badOut[1];
     word32 badOutSz = 0;
     byte   badContent[] = "This is different content than was signed";
-
-    int ret;
-    wc_HashAlg  hash;
+    wc_HashAlg hash;
 #ifdef NO_SHA
     enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
 #else
@@ -29861,10 +27346,8 @@ static int test_wc_PKCS7_VerifySignedData(void)
 #endif
     byte        hashBuf[WC_MAX_DIGEST_SIZE];
     word32      hashSz = wc_HashGetDigestSize(hashType);
-
 #ifndef NO_RSA
     PKCS7DecodedAttrib* decodedAttrib = NULL;
-
     /* contentType OID (1.2.840.113549.1.9.3) */
     static const byte contentTypeOid[] =
         { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, 0x09, 0x03 };
@@ -29876,13 +27359,11 @@ static int test_wc_PKCS7_VerifySignedData(void)
     /* messageDigest OID (1.2.840.113549.1.9.4) */
     static const byte messageDigestOid[] =
         { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x04 };
-
 #ifndef NO_ASN_TIME
     /* signingTime OID () */
     static const byte signingTimeOid[] =
         { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x05};
 #endif
-
 #if !defined(NO_ASN) && !defined(NO_ASN_TIME)
     int dateLength = 0;
     byte dateFormat;
@@ -29896,227 +27377,252 @@ static int test_wc_PKCS7_VerifySignedData(void)
 #endif
 #endif /* !NO_ASN && !NO_ASN_TIME */
 
+    XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+
     /* Success test with RSA certs/key */
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
-                                                  (word32)sizeof(data),
-                                                  0, 0, 0, RSA_TYPE)), 0);
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+        (word32)sizeof(data), 0, 0, 0, RSA_TYPE)), 0);
 
     /* calculate hash for content, used later */
-    ret = wc_HashInit(&hash, hashType);
-    if (ret == 0) {
-        ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
-        if (ret == 0) {
-            ret = wc_HashFinal(&hash, hashType, hashBuf);
-        }
-        wc_HashFree(&hash, hashType);
-    }
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+    ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+    ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+    DoExpectIntEQ(wc_HashFree(&hash, hashType), 0);
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
 
     /* Check that decoded signed attributes are correct */
 
     /* messageDigest should be first */
-    decodedAttrib = pkcs7->decodedAttrib;
-    AssertNotNull(decodedAttrib);
-    AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid));
-    AssertIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid,
-                        decodedAttrib->oidSz), 0);
+    if (pkcs7 != NULL) {
+        decodedAttrib = pkcs7->decodedAttrib;
+    }
+    ExpectNotNull(decodedAttrib);
+    ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(messageDigestOid));
+    ExpectIntEQ(XMEMCMP(decodedAttrib->oid, messageDigestOid,
+        decodedAttrib->oidSz), 0);
     /* + 2 for OCTET STRING and length bytes */
-    AssertIntEQ(decodedAttrib->valueSz, hashSz + 2);
-    AssertNotNull(decodedAttrib->value);
-    AssertIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0);
+    ExpectIntEQ(decodedAttrib->valueSz, hashSz + 2);
+    ExpectNotNull(decodedAttrib->value);
+    ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, hashBuf, hashSz), 0);
 
 #ifndef NO_ASN_TIME
     /* signingTime should be second */
-    decodedAttrib = decodedAttrib->next;
-    AssertNotNull(decodedAttrib);
-    AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid));
-    AssertIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid,
-                        decodedAttrib->oidSz), 0);
+    if (decodedAttrib != NULL) {
+        decodedAttrib = decodedAttrib->next;
+    }
+    ExpectNotNull(decodedAttrib);
+    ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(signingTimeOid));
+    ExpectIntEQ(XMEMCMP(decodedAttrib->oid, signingTimeOid,
+        decodedAttrib->oidSz), 0);
 
-    AssertIntGT(decodedAttrib->valueSz, 0);
-    AssertNotNull(decodedAttrib->value);
+    ExpectIntGT(decodedAttrib->valueSz, 0);
+    ExpectNotNull(decodedAttrib->value);
 #endif
 
     /* Verify signingTime if ASN and time are available */
 #if !defined(NO_ASN) && !defined(NO_ASN_TIME)
-    AssertIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz,
-                               &datePart, &dateFormat, &dateLength), 0);
-    AssertNotNull(datePart);
-    AssertIntGT(dateLength, 0);
+    ExpectIntEQ(wc_GetDateInfo(decodedAttrib->value, decodedAttrib->valueSz,
+        &datePart, &dateFormat, &dateLength), 0);
+    ExpectNotNull(datePart);
+    ExpectIntGT(dateLength, 0);
     XMEMSET(&timearg, 0, sizeof(timearg));
-    AssertIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat,
-                                         &timearg), 0);
+    ExpectIntEQ(wc_GetDateAsCalendarTime(datePart, dateLength, dateFormat,
+         &timearg), 0);
 
     /* Get current time and compare year/month/day against attribute value */
-    AssertIntEQ(wc_GetTime(&now, sizeof(now)), 0);
+    ExpectIntEQ(wc_GetTime(&now, sizeof(now)), 0);
     nowTm = (struct tm*)XGMTIME((time_t*)&now, tmpTime);
-    AssertNotNull(nowTm);
+    ExpectNotNull(nowTm);
 
-    AssertIntEQ(timearg.tm_year, nowTm->tm_year);
-    AssertIntEQ(timearg.tm_mon, nowTm->tm_mon);
-    AssertIntEQ(timearg.tm_mday, nowTm->tm_mday);
+    ExpectIntEQ(timearg.tm_year, nowTm->tm_year);
+    ExpectIntEQ(timearg.tm_mon, nowTm->tm_mon);
+    ExpectIntEQ(timearg.tm_mday, nowTm->tm_mday);
 #endif /* !NO_ASN && !NO_ASN_TIME */
 
     /* contentType should be third */
-    decodedAttrib = decodedAttrib->next;
-    AssertNotNull(decodedAttrib);
-    AssertIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid));
-    AssertIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid,
-                        decodedAttrib->oidSz), 0);
-    AssertIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2);
-    AssertNotNull(decodedAttrib->value);
-    AssertIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType,
-                        sizeof(dataType)), 0);
+    if (decodedAttrib != NULL) {
+        decodedAttrib = decodedAttrib->next;
+    }
+    ExpectNotNull(decodedAttrib);
+    ExpectIntEQ(decodedAttrib->oidSz, (word32)sizeof(contentTypeOid));
+    ExpectIntEQ(XMEMCMP(decodedAttrib->oid, contentTypeOid,
+        decodedAttrib->oidSz), 0);
+    ExpectIntEQ(decodedAttrib->valueSz, (int)sizeof(dataType) + 2);
+    ExpectNotNull(decodedAttrib->value);
+    ExpectIntEQ(XMEMCMP(decodedAttrib->value + 2, dataType, sizeof(dataType)),
+        0);
 #endif /* !NO_RSA */
 
-#ifdef HAVE_ECC
-    #ifndef NO_RSA
-    wc_PKCS7_Free(pkcs7);
-    #endif
-
-    /* Success test with ECC certs/key */
-    outputSz = sizeof(output);
-    XMEMSET(output, 0, outputSz);
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
-                                                  (word32)sizeof(data),
-                                                  0, 0, 0, ECC_TYPE)), 0);
-
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
-#endif /* HAVE_ECC */
-
     /* Test bad args. */
-#if !defined(NO_RSA) || defined(HAVE_ECC)
-    AssertIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz),
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(NULL, output, outputSz),
                                           BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz),
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, NULL, outputSz),
                                           BAD_FUNC_ARG);
     #ifndef NO_PKCS7_STREAM
         /* can pass in 0 buffer length with streaming API */
-        AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
                                     badOutSz), WC_PKCS7_WANT_READ_E);
     #else
-        AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, badOut,
                                     badOutSz), BAD_FUNC_ARG);
     #endif
     wc_PKCS7_Free(pkcs7);
-#endif /* !NO_RSA || HAVE_ECC */
+    pkcs7 = NULL;
 
-    /* Invalid content should error, use detached signature so we can
-     * easily change content */
 #ifndef NO_RSA
     /* Try RSA certs/key/sig first */
     outputSz = sizeof(output);
     XMEMSET(output, 0, outputSz);
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
                                                   (word32)sizeof(data),
                                                   1, 1, 0, RSA_TYPE)), 0);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    pkcs7->content = badContent;
-    pkcs7->contentSz = sizeof(badContent);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content = badContent;
+        pkcs7->contentSz = sizeof(badContent);
+    }
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
                 SIG_VERIFY_E);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* Test success case with detached signature and valid content */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    pkcs7->content = data;
-    pkcs7->contentSz = sizeof(data);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = sizeof(data);
+    }
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* verify using pre-computed content digest only (no content) */
     {
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
-        AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
-                                                 output, outputSz,
-                                                 NULL, 0), 0);
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
+        ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+            output, outputSz, NULL, 0), 0);
         wc_PKCS7_Free(pkcs7);
+        pkcs7 = NULL;
     }
 #endif /* !NO_RSA */
-#ifdef HAVE_ECC
-    /* Try ECC certs/key/sig next */
+
+    /* Test verify on signedData containing intermediate/root CA certs */
+#ifndef NO_RSA
     outputSz = sizeof(output);
     XMEMSET(output, 0, outputSz);
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
                                                   (word32)sizeof(data),
-                                                  1, 1, 0, ECC_TYPE)), 0);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    pkcs7->content = badContent;
-    pkcs7->contentSz = sizeof(badContent);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
-                SIG_VERIFY_E);
+                                                  0, 0, 1, RSA_TYPE)), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
+#endif /* !NO_RSA */
+#endif
+    return EXPECT_RESULT();
+} /* END test_wc_PKCS7_VerifySignedData()_RSA */
+
+/*
+ * Testing wc_PKCS_VerifySignedData()
+ */
+static int test_wc_PKCS7_VerifySignedData_ECC(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
+    PKCS7* pkcs7 = NULL;
+    byte   output[6000]; /* Large size needed for bundles with int CA certs */
+    word32 outputSz = sizeof(output);
+    byte   data[] = "Test data to encode.";
+    byte   badContent[] = "This is different content than was signed";
+    wc_HashAlg hash;
+#ifdef NO_SHA
+    enum wc_HashType hashType = WC_HASH_TYPE_SHA256;
+#else
+    enum wc_HashType hashType = WC_HASH_TYPE_SHA;
+#endif
+    byte        hashBuf[WC_MAX_DIGEST_SIZE];
+    word32      hashSz = wc_HashGetDigestSize(hashType);
+
+    XMEMSET(&hash, 0, sizeof(wc_HashAlg));
+
+    /* Success test with ECC certs/key */
+    outputSz = sizeof(output);
+    XMEMSET(output, 0, outputSz);
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+        (word32)sizeof(data), 0, 0, 0, ECC_TYPE)), 0);
+
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
+
+    /* Invalid content should error, use detached signature so we can
+     * easily change content */
+    outputSz = sizeof(output);
+    XMEMSET(output, 0, outputSz);
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+        (word32)sizeof(data), 1, 1, 0, ECC_TYPE)), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content = badContent;
+        pkcs7->contentSz = sizeof(badContent);
+    }
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz),
+        SIG_VERIFY_E);
+    wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* Test success case with detached signature and valid content */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    pkcs7->content = data;
-    pkcs7->contentSz = sizeof(data);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content = data;
+        pkcs7->contentSz = sizeof(data);
+    }
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* verify using pre-computed content digest only (no content) */
     {
         /* calculate hash for content */
-        ret = wc_HashInit(&hash, hashType);
-        if (ret == 0) {
-            ret = wc_HashUpdate(&hash, hashType, data, sizeof(data));
-            if (ret == 0) {
-                ret = wc_HashFinal(&hash, hashType, hashBuf);
-            }
-            wc_HashFree(&hash, hashType);
-        }
-        AssertIntEQ(ret, 0);
-
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
-        AssertIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
-                                                 output, outputSz,
-                                                 NULL, 0), 0);
+        ExpectIntEQ(wc_HashInit(&hash, hashType), 0);
+        ExpectIntEQ(wc_HashUpdate(&hash, hashType, data, sizeof(data)), 0);
+        ExpectIntEQ(wc_HashFinal(&hash, hashType, hashBuf), 0);
+        ExpectIntEQ(wc_HashFree(&hash, hashType), 0);
+
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(pkcs7, NULL, 0), 0);
+        ExpectIntEQ(wc_PKCS7_VerifySignedData_ex(pkcs7, hashBuf, hashSz,
+            output, outputSz, NULL, 0), 0);
         wc_PKCS7_Free(pkcs7);
+        pkcs7 = NULL;
     }
-#endif
 
     /* Test verify on signedData containing intermediate/root CA certs */
-#ifndef NO_RSA
     outputSz = sizeof(output);
     XMEMSET(output, 0, outputSz);
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
-                                                  (word32)sizeof(data),
-                                                  0, 0, 1, RSA_TYPE)), 0);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
+    ExpectIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
+        (word32)sizeof(data), 0, 0, 1, ECC_TYPE)), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
     wc_PKCS7_Free(pkcs7);
-#endif /* !NO_RSA */
-#ifdef HAVE_ECC
-    outputSz = sizeof(output);
-    XMEMSET(output, 0, outputSz);
-    AssertIntGT((outputSz = CreatePKCS7SignedData(output, outputSz, data,
-                                                  (word32)sizeof(data),
-                                                  0, 0, 1, ECC_TYPE)), 0);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, output, outputSz), 0);
-    wc_PKCS7_Free(pkcs7);
-#endif /* HAVE_ECC */
-
-    res = TEST_RES_CHECK(1);
+    pkcs7 = NULL;
 #endif
-    return res;
-} /* END test_wc_PKCS7_VerifySignedData() */
+    return EXPECT_RESULT();
+} /* END test_wc_PKCS7_VerifySignedData_ECC() */
 
 
 #if defined(HAVE_PKCS7) && !defined(NO_AES) && defined(HAVE_AES_CBC) && \
@@ -30227,9 +27733,9 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
  */
 static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7)
-    PKCS7*      pkcs7;
+    PKCS7*      pkcs7 = NULL;
 #ifdef ECC_TIMING_RESISTANT
     WC_RNG      rng;
 #endif
@@ -30240,7 +27746,6 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     int         testSz = 0;
     #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) || \
         !defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
-
         byte*   rsaCert     = NULL;
         byte*   rsaPrivKey  = NULL;
         word32  rsaCertSz;
@@ -30255,7 +27760,6 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     #endif
     #if defined(HAVE_ECC) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
         !defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
-
         byte*   eccCert     = NULL;
         byte*   eccPrivKey  = NULL;
         word32  eccCertSz;
@@ -30270,8 +27774,12 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     byte    decoded[sizeof(input)/sizeof(char)];
     int     decodedSz = 0;
 #ifndef NO_FILESYSTEM
-    XFILE certFile;
-    XFILE keyFile;
+    XFILE certFile = XBADFILE;
+    XFILE keyFile = XBADFILE;
+#endif
+
+#ifdef ECC_TIMING_RESISTANT
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 #endif
 
 #if !defined(NO_RSA) && (!defined(NO_AES) || (!defined(NO_SHA) ||\
@@ -30280,43 +27788,51 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     #if defined(USE_CERT_BUFFERS_1024)
         rsaCertSz = (word32)sizeof_client_cert_der_1024;
         /* Allocate buffer space. */
-        AssertNotNull(rsaCert =
-                (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
         /* Init buffer. */
-        XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
+        if (rsaCert != NULL) {
+            XMEMCPY(rsaCert, client_cert_der_1024, rsaCertSz);
+        }
         rsaPrivKeySz = (word32)sizeof_client_key_der_1024;
-        AssertNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
-                                DYNAMIC_TYPE_TMP_BUFFER));
-        XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
-
+        ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        if (rsaPrivKey != NULL) {
+            XMEMCPY(rsaPrivKey, client_key_der_1024, rsaPrivKeySz);
+        }
     #elif defined(USE_CERT_BUFFERS_2048)
         rsaCertSz = (word32)sizeof_client_cert_der_2048;
         /* Allocate buffer */
-        AssertNotNull(rsaCert =
-                (byte*)XMALLOC(rsaCertSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectNotNull(rsaCert = (byte*)XMALLOC(rsaCertSz, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
         /* Init buffer. */
-        XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
+        if (rsaCert != NULL) {
+            XMEMCPY(rsaCert, client_cert_der_2048, rsaCertSz);
+        }
         rsaPrivKeySz = (word32)sizeof_client_key_der_2048;
-        AssertNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
-                                DYNAMIC_TYPE_TMP_BUFFER));
-        XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
-
+        ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(rsaPrivKeySz, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        if (rsaPrivKey != NULL) {
+            XMEMCPY(rsaPrivKey, client_key_der_2048, rsaPrivKeySz);
+        }
     #else
         /* File system. */
-        certFile = XFOPEN(rsaClientCert, "rb");
-        AssertTrue(certFile != XBADFILE);
+        ExpectTrue((certFile = XFOPEN(rsaClientCert, "rb")) != XBADFILE);
         rsaCertSz = (word32)FOURK_BUF;
-        AssertNotNull(rsaCert =
-                (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-        rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz, certFile);
-        XFCLOSE(certFile);
-        keyFile = XFOPEN(rsaClientKey, "rb");
-        AssertTrue(keyFile != XBADFILE);
-        AssertNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
-                                DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectNotNull(rsaCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectTrue((rsaCertSz = (word32)XFREAD(rsaCert, 1, rsaCertSz,
+            certFile)) > 0);
+        if (certFile != XBADFILE)
+            XFCLOSE(certFile);
+        ExpectTrue((keyFile = XFOPEN(rsaClientKey, "rb")) != XBADFILE);
+        ExpectNotNull(rsaPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
         rsaPrivKeySz = (word32)FOURK_BUF;
-        rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz, keyFile);
-        XFCLOSE(keyFile);
+        ExpectTrue((rsaPrivKeySz = (word32)XFREAD(rsaPrivKey, 1, rsaPrivKeySz,
+            keyFile)) > 0);
+        if (keyFile != XBADFILE)
+            XFCLOSE(keyFile);
     #endif /* USE_CERT_BUFFERS */
 #endif /* NO_RSA */
 
@@ -30325,30 +27841,38 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
     !defined(NO_SHA256) || defined(WOLFSSL_SHA512)))
 
     #ifdef USE_CERT_BUFFERS_256
-        AssertNotNull(eccCert =
-                (byte*)XMALLOC(TWOK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectNotNull(eccCert = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
         /* Init buffer. */
         eccCertSz = (word32)sizeof_cliecc_cert_der_256;
-        XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
-        AssertNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
-                                DYNAMIC_TYPE_TMP_BUFFER));
+        if (eccCert != NULL) {
+            XMEMCPY(eccCert, cliecc_cert_der_256, eccCertSz);
+        }
+        ExpectNotNull(eccPrivKey = (byte*)XMALLOC(TWOK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
         eccPrivKeySz = (word32)sizeof_ecc_clikey_der_256;
-        XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
+        if (eccPrivKey != NULL) {
+            XMEMCPY(eccPrivKey, ecc_clikey_der_256, eccPrivKeySz);
+        }
     #else /* File system. */
-        certFile = XFOPEN(eccClientCert, "rb");
-        AssertTrue(certFile != XBADFILE);
+        ExpectTrue((certFile = XFOPEN(eccClientCert, "rb")) != XBADFILE);
         eccCertSz = (word32)FOURK_BUF;
-        AssertNotNull(eccCert =
-                (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-        eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz, certFile);
-        XFCLOSE(certFile);
-        keyFile = XFOPEN(eccClientKey, "rb");
-        AssertTrue(keyFile != XBADFILE);
+        ExpectNotNull(eccCert = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectTrue((eccCertSz = (word32)XFREAD(eccCert, 1, eccCertSz,
+            certFile)) > 0);
+        if (certFile != XBADFILE) {
+            XFCLOSE(certFile);
+        }
+        ExpectTrue((keyFile = XFOPEN(eccClientKey, "rb")) != XBADFILE);
         eccPrivKeySz = (word32)FOURK_BUF;
-        AssertNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
-                                DYNAMIC_TYPE_TMP_BUFFER));
-        eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz, keyFile);
-        XFCLOSE(keyFile);
+        ExpectNotNull(eccPrivKey = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectTrue((eccPrivKeySz = (word32)XFREAD(eccPrivKey, 1, eccPrivKeySz,
+            keyFile)) > 0);
+        if (keyFile != XBADFILE) {
+            XFCLOSE(keyFile);
+        }
     #endif /* USE_CERT_BUFFERS_256 */
 #endif /* END HAVE_ECC */
 
@@ -30385,198 +27909,234 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
 #if defined(HAVE_ECC)
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
         #if !defined(NO_SHA) && !defined(NO_AES_128)
-            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES128CBCb,
-                AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme, eccCert,
-                eccCertSz, eccPrivKey, eccPrivKeySz},
+            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+                AES128CBCb, AES128_WRAP, dhSinglePass_stdDH_sha1kdf_scheme,
+                eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
         #endif
         #if !defined(NO_SHA256) && !defined(NO_AES_256)
-            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
-                AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme, eccCert,
-                eccCertSz, eccPrivKey, eccPrivKeySz},
+            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+                AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha256kdf_scheme,
+                eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
         #endif
         #if defined(WOLFSSL_SHA512) && !defined(NO_AES_256)
-            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA, AES256CBCb,
-                AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme, eccCert,
-                eccCertSz, eccPrivKey, eccPrivKeySz},
+            {(byte*)input, (word32)(sizeof(input)/sizeof(char)), DATA,
+                AES256CBCb, AES256_WRAP, dhSinglePass_stdDH_sha512kdf_scheme,
+                eccCert, eccCertSz, eccPrivKey, eccPrivKeySz},
         #endif
     #endif /* NO_AES && HAVE_AES_CBC*/
 #endif /* END HAVE_ECC */
     }; /* END pkcs7EnvelopedVector */
 
 #ifdef ECC_TIMING_RESISTANT
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 #endif
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
 
     testSz = (int)sizeof(testVectors)/(int)sizeof(pkcs7EnvelopedVector);
     for (i = 0; i < testSz; i++) {
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (testVectors + i)->cert,
                                     (word32)(testVectors + i)->certSz), 0);
+        if (pkcs7 != NULL) {
 #ifdef ECC_TIMING_RESISTANT
-        pkcs7->rng = &rng;
+            pkcs7->rng = &rng;
 #endif
 
-        pkcs7->content       = (byte*)(testVectors + i)->content;
-        pkcs7->contentSz     = (testVectors + i)->contentSz;
-        pkcs7->contentOID    = (testVectors + i)->contentOID;
-        pkcs7->encryptOID    = (testVectors + i)->encryptOID;
-        pkcs7->keyWrapOID    = (testVectors + i)->keyWrapOID;
-        pkcs7->keyAgreeOID   = (testVectors + i)->keyAgreeOID;
-        pkcs7->privateKey    = (testVectors + i)->privateKey;
-        pkcs7->privateKeySz  = (testVectors + i)->privateKeySz;
+            pkcs7->content       = (byte*)(testVectors + i)->content;
+            pkcs7->contentSz     = (testVectors + i)->contentSz;
+            pkcs7->contentOID    = (testVectors + i)->contentOID;
+            pkcs7->encryptOID    = (testVectors + i)->encryptOID;
+            pkcs7->keyWrapOID    = (testVectors + i)->keyWrapOID;
+            pkcs7->keyAgreeOID   = (testVectors + i)->keyAgreeOID;
+            pkcs7->privateKey    = (testVectors + i)->privateKey;
+            pkcs7->privateKeySz  = (testVectors + i)->privateKeySz;
+        }
 
-        AssertIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
-                            (word32)sizeof(output)), 0);
+        ExpectIntGE(wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
+            (word32)sizeof(output)), 0);
 
         decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
-                (word32)sizeof(output), decoded, (word32)sizeof(decoded));
-        AssertIntGE(decodedSz, 0);
+            (word32)sizeof(output), decoded, (word32)sizeof(decoded));
+        ExpectIntGE(decodedSz, 0);
         /* Verify the size of each buffer. */
-        AssertIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
+        ExpectIntEQ((word32)sizeof(input)/sizeof(char), decodedSz);
         /* Don't free the last time through the loop. */
         if (i < testSz - 1) {
             wc_PKCS7_Free(pkcs7);
-            AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+            pkcs7 = NULL;
+            ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
         }
     }  /* END test loop. */
     }
 
     /* Test bad args. */
-    AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
+    ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(NULL, output,
                     (word32)sizeof(output)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL,
+    ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, NULL,
                     (word32)sizeof(output)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeEnvelopedData(pkcs7, output, 0), BAD_FUNC_ARG);
 
     /* Decode.  */
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(NULL, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
         (word32)sizeof(output), NULL, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
         (word32)sizeof(output), decoded, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded,
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, NULL,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output, 0, decoded,
         (word32)sizeof(decoded)), BAD_FUNC_ARG);
     /* Should get a return of BAD_FUNC_ARG with structure data. Order matters.*/
 #if defined(HAVE_ECC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
     /* only a failure for KARI test cases */
-    tempWrd32 = pkcs7->singleCertSz;
-    pkcs7->singleCertSz = 0;
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    pkcs7->singleCertSz = tempWrd32;
-
-    tmpBytePtr = pkcs7->singleCert;
-    pkcs7->singleCert = NULL;
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    pkcs7->singleCert = tmpBytePtr;
-#endif
-    tempWrd32 = pkcs7->privateKeySz;
-    pkcs7->privateKeySz = 0;
-
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    pkcs7->privateKeySz = tempWrd32;
-
-    tmpBytePtr = pkcs7->privateKey;
-    pkcs7->privateKey = NULL;
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
-        (word32)sizeof(output), decoded, (word32)sizeof(decoded)), BAD_FUNC_ARG);
-    pkcs7->privateKey = tmpBytePtr;
+    if (pkcs7 != NULL) {
+        tempWrd32 = pkcs7->singleCertSz;
+        pkcs7->singleCertSz = 0;
+    }
+    #if defined(WOLFSSL_ASN_TEMPLATE)
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BUFFER_E);
+    #else
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        ASN_PARSE_E);
+    #endif
+    if (pkcs7 != NULL) {
+        pkcs7->singleCertSz = tempWrd32;
+
+        tmpBytePtr = pkcs7->singleCert;
+        pkcs7->singleCert = NULL;
+    }
+  #ifndef NO_RSA
+    #if defined(NO_PKCS7_STREAM)
+    /* when none streaming mode is used and PKCS7 is in bad state buffer error
+     * is returned from kari parse which gets set to bad func arg */
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BAD_FUNC_ARG);
+    #else
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        ASN_PARSE_E);
+    #endif
+  #endif /* !NO_RSA */
+    if (pkcs7 != NULL) {
+        pkcs7->singleCert = tmpBytePtr;
+    }
+#endif
+    if (pkcs7 != NULL) {
+        tempWrd32 = pkcs7->privateKeySz;
+        pkcs7->privateKeySz = 0;
+    }
+
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->privateKeySz = tempWrd32;
+
+        tmpBytePtr = pkcs7->privateKey;
+        pkcs7->privateKey = NULL;
+    }
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        (word32)sizeof(output), decoded, (word32)sizeof(decoded)),
+        BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->privateKey = tmpBytePtr;
+    }
 
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
 #if !defined(NO_AES) && defined(HAVE_AES_CBC) && !defined(NO_AES_256)
     /* test of decrypt callback with KEKRI enveloped data */
     {
-        int envelopedSz;
+        int envelopedSz = 0;
         const byte keyId[] = { 0x00 };
 
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        pkcs7->content      = (byte*)input;
-        pkcs7->contentSz    = (word32)(sizeof(input)/sizeof(char));
-        pkcs7->contentOID   = DATA;
-        pkcs7->encryptOID   = AES256CBCb;
-        AssertIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP,
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        if (pkcs7 != NULL) {
+            pkcs7->content      = (byte*)input;
+            pkcs7->contentSz    = (word32)(sizeof(input)/sizeof(char));
+            pkcs7->contentOID   = DATA;
+            pkcs7->encryptOID   = AES256CBCb;
+        }
+        ExpectIntGT(wc_PKCS7_AddRecipient_KEKRI(pkcs7, AES256_WRAP,
                     (byte*)defKey, sizeof(defKey), (byte*)keyId,
                     sizeof(keyId), NULL, NULL, 0, NULL, 0, 0), 0);
-        AssertIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0);
-        AssertIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
+        ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, CMS_SKID), 0);
+        ExpectIntGT((envelopedSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, output,
                         (word32)sizeof(output))), 0);
         wc_PKCS7_Free(pkcs7);
+        pkcs7 = NULL;
 
         /* decode envelopedData */
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0);
-        AssertIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0);
-        AssertIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_SetWrapCEKCb(pkcs7, myCEKwrapFunc), 0);
+        ExpectIntEQ(wc_PKCS7_SetDecodeEncryptedCb(pkcs7, myDecryptionFunc), 0);
+        ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(pkcs7, output,
                         envelopedSz, decoded, sizeof(decoded))), 0);
         wc_PKCS7_Free(pkcs7);
+        pkcs7 = NULL;
     }
 #endif /* !NO_AES && !NO_AES_256 */
 
 #ifndef NO_RSA
-    if (rsaCert) {
-        XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (rsaPrivKey) {
-        XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-#endif /*NO_RSA */
+    XFREE(rsaCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(rsaPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#endif /* NO_RSA */
 #ifdef HAVE_ECC
-    if (eccCert) {
-        XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    if (eccPrivKey) {
-        XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    }
+    XFREE(eccCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(eccPrivKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #endif /* HAVE_ECC */
 
 #ifdef ECC_TIMING_RESISTANT
-    wc_FreeRng(&rng);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
 
 #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DES3) && \
     !defined(NO_RSA) && !defined(NO_SHA)
     {
         byte   out[7];
-        byte   *cms;
+        byte   *cms = NULL;
         word32 cmsSz;
-        XFILE  cmsFile;
+        XFILE  cmsFile = XBADFILE;
 
         XMEMSET(out, 0, sizeof(out));
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb");
-        AssertTrue(cmsFile != XBADFILE);
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectTrue((cmsFile = XFOPEN("./certs/test/ktri-keyid-cms.msg", "rb"))
+            != XBADFILE);
         cmsSz = (word32)FOURK_BUF;
-        AssertNotNull(cms =
-                (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-        cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile);
-        XFCLOSE(cmsFile);
-
-        AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048,
-                    sizeof_client_cert_der_2048), 0);
-        pkcs7->privateKey   = (byte*)client_key_der_2048;
-        pkcs7->privateKeySz = sizeof_client_key_der_2048;
-        AssertIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
-                    2), 0);
-        AssertIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
-                    sizeof(out)), 0);
+        ExpectNotNull(cms = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER));
+        ExpectTrue((cmsSz = (word32)XFREAD(cms, 1, cmsSz, cmsFile)) > 0);
+        if (cmsFile != XBADFILE)
+            XFCLOSE(cmsFile);
+
+        ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)client_cert_der_2048,
+            sizeof_client_cert_der_2048), 0);
+        if (pkcs7 != NULL) {
+            pkcs7->privateKey   = (byte*)client_key_der_2048;
+            pkcs7->privateKeySz = sizeof_client_key_der_2048;
+        }
+        ExpectIntLT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
+            2), 0);
+        ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, cms, cmsSz, out,
+            sizeof(out)), 0);
         XFREE(cms, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        AssertIntEQ(XMEMCMP(out, "test", 4), 0);
+        ExpectIntEQ(XMEMCMP(out, "test", 4), 0);
         wc_PKCS7_Free(pkcs7);
+        pkcs7 = NULL;
     }
 #endif /* USE_CERT_BUFFERS_2048 && !NO_DES3 && !NO_RSA && !NO_SHA */
-
-    res = TEST_RES_CHECK(1);
 #endif /* HAVE_PKCS7 */
-    return res;
-} /* END test_wc_PKCS7_EncodeEnvelopedData() */
+    return EXPECT_RESULT();
+} /* END test_wc_PKCS7_EncodeDecodeEnvelopedData() */
 
 
 /*
@@ -30584,7 +28144,7 @@ static int test_wc_PKCS7_EncodeDecodeEnvelopedData(void)
  */
 static int test_wc_PKCS7_EncodeEncryptedData(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_PKCS7_ENCRYPTED_DATA)
     PKCS7*      pkcs7 = NULL;
     byte*       tmpBytePtr = NULL;
@@ -30593,15 +28153,13 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
     word32      tmpWrd32 = 0;
     int         tmpInt = 0;
     int         decodedSz;
-    int         encryptedSz;
+    int         encryptedSz = 0;
     int         testSz;
     int         i;
-
     const byte data[] = { /* Hello World */
         0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
         0x72,0x6c,0x64
     };
-
     #ifndef NO_DES3
         byte desKey[] = {
             0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
@@ -30612,7 +28170,6 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
             0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
         };
     #endif
-
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
         #ifndef NO_AES_128
         byte aes128Key[] = {
@@ -30665,95 +28222,111 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
     testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
 
     for (i = 0; i < testSz; i++) {
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
-        pkcs7->content              = (byte*)testVectors[i].content;
-        pkcs7->contentSz            = testVectors[i].contentSz;
-        pkcs7->contentOID           = testVectors[i].contentOID;
-        pkcs7->encryptOID           = testVectors[i].encryptOID;
-        pkcs7->encryptionKey        = testVectors[i].encryptionKey;
-        pkcs7->encryptionKeySz      = testVectors[i].encryptionKeySz;
-        pkcs7->heap                 = HEAP_HINT;
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+        if (pkcs7 != NULL) {
+            pkcs7->content              = (byte*)testVectors[i].content;
+            pkcs7->contentSz            = testVectors[i].contentSz;
+            pkcs7->contentOID           = testVectors[i].contentOID;
+            pkcs7->encryptOID           = testVectors[i].encryptOID;
+            pkcs7->encryptionKey        = testVectors[i].encryptionKey;
+            pkcs7->encryptionKeySz      = testVectors[i].encryptionKeySz;
+            pkcs7->heap                 = HEAP_HINT;
+        }
 
         /* encode encryptedData */
-        encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                                                   sizeof(encrypted));
-        AssertIntGT(encryptedSz, 0);
+        ExpectIntGT(encryptedSz = wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+            sizeof(encrypted)), 0);
 
         /* Decode encryptedData */
-        decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
-                                                    decoded, sizeof(decoded));
+        ExpectIntGT(decodedSz = wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted,
+            encryptedSz, decoded, sizeof(decoded)), 0);
 
-        AssertIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
+        ExpectIntEQ(XMEMCMP(decoded, data, decodedSz), 0);
         /* Keep values for last itr. */
         if (i < testSz - 1) {
             wc_PKCS7_Free(pkcs7);
+            pkcs7 = NULL;
         }
     }
     if (pkcs7 == NULL || testSz == 0) {
-        AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+        ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
     }
 
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
-                     sizeof(encrypted)),BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL,
-                     sizeof(encrypted)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                     0), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(NULL, encrypted,
+        sizeof(encrypted)),BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, NULL,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        0), BAD_FUNC_ARG);
     /* Testing the struct. */
-    tmpBytePtr = pkcs7->content;
-    pkcs7->content = NULL;
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                             sizeof(encrypted)), BAD_FUNC_ARG);
-    pkcs7->content = tmpBytePtr;
-    tmpWrd32 = pkcs7->contentSz;
-    pkcs7->contentSz = 0;
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                             sizeof(encrypted)), BAD_FUNC_ARG);
-    pkcs7->contentSz = tmpWrd32;
-    tmpInt = pkcs7->encryptOID;
-    pkcs7->encryptOID = 0;
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                             sizeof(encrypted)), BAD_FUNC_ARG);
-    pkcs7->encryptOID = tmpInt;
-    tmpBytePtr = pkcs7->encryptionKey;
-    pkcs7->encryptionKey = NULL;
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                             sizeof(encrypted)), BAD_FUNC_ARG);
-    pkcs7->encryptionKey = tmpBytePtr;
-    tmpWrd32 = pkcs7->encryptionKeySz;
-    pkcs7->encryptionKeySz = 0;
-    AssertIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
-                             sizeof(encrypted)), BAD_FUNC_ARG);
-    pkcs7->encryptionKeySz = tmpWrd32;
-
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz,
-                decoded, sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, encryptedSz,
-                decoded, sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0,
-                decoded, sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
-                NULL, sizeof(decoded)), BAD_FUNC_ARG);
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
-                decoded, 0), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        tmpBytePtr = pkcs7->content;
+        pkcs7->content = NULL;
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->content = tmpBytePtr;
+        tmpWrd32 = pkcs7->contentSz;
+        pkcs7->contentSz = 0;
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->contentSz = tmpWrd32;
+        tmpInt = pkcs7->encryptOID;
+        pkcs7->encryptOID = 0;
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->encryptOID = tmpInt;
+        tmpBytePtr = pkcs7->encryptionKey;
+        pkcs7->encryptionKey = NULL;
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->encryptionKey = tmpBytePtr;
+        tmpWrd32 = pkcs7->encryptionKeySz;
+        pkcs7->encryptionKeySz = 0;
+    }
+    ExpectIntEQ(wc_PKCS7_EncodeEncryptedData(pkcs7, encrypted,
+        sizeof(encrypted)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->encryptionKeySz = tmpWrd32;
+    }
+
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(NULL, encrypted, encryptedSz,
+        decoded, sizeof(decoded)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, NULL, encryptedSz,
+        decoded, sizeof(decoded)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, 0,
+        decoded, sizeof(decoded)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+        NULL, sizeof(decoded)), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+        decoded, 0), BAD_FUNC_ARG);
     /* Test struct fields */
 
-    tmpBytePtr = pkcs7->encryptionKey;
-    pkcs7->encryptionKey = NULL;
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
-                                   decoded, sizeof(decoded)), BAD_FUNC_ARG);
-    pkcs7->encryptionKey = tmpBytePtr;
-    pkcs7->encryptionKeySz = 0;
-    AssertIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
-                                   decoded, sizeof(decoded)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        tmpBytePtr = pkcs7->encryptionKey;
+        pkcs7->encryptionKey = NULL;
+    }
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+        decoded, sizeof(decoded)), BAD_FUNC_ARG);
+    if (pkcs7 != NULL) {
+        pkcs7->encryptionKey = tmpBytePtr;
+        pkcs7->encryptionKeySz = 0;
+    }
+    ExpectIntEQ(wc_PKCS7_DecodeEncryptedData(pkcs7, encrypted, encryptedSz,
+        decoded, sizeof(decoded)), BAD_FUNC_ARG);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_EncodeEncryptedData() */
 
 /*
@@ -30761,42 +28334,41 @@ static int test_wc_PKCS7_EncodeEncryptedData(void)
  */
 static int test_wc_PKCS7_Degenerate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
-    PKCS7* pkcs7;
+    PKCS7* pkcs7 = NULL;
     char   fName[] = "./certs/test-degenerate.p7b";
-    XFILE  f;
+    XFILE  f = XBADFILE;
     byte   der[4096];
-    word32 derSz;
-    int    ret;
+    word32 derSz = 0;
 
-    AssertNotNull(f = XFOPEN(fName, "rb"));
-    AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
-    derSz = (word32)ret;
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
+    ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* test degenerate success */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
 #ifndef NO_RSA
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
 #else
-    AssertIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+    ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
 #endif
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* test with turning off degenerate cases */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
     wc_PKCS7_AllowDegenerate(pkcs7, 0); /* override allowing degenerate case */
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), PKCS7_NO_SIGNER_E);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz),
+        PKCS7_NO_SIGNER_E);
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_Degenerate() */
 
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
@@ -30999,92 +28571,97 @@ static byte berContent[] = {
  */
 static int test_wc_PKCS7_BER(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
     !defined(NO_SHA) && defined(ASN_BER_TO_DER)
-    PKCS7* pkcs7;
+    PKCS7* pkcs7 = NULL;
     char   fName[] = "./certs/test-ber-exp02-05-2022.p7b";
-    XFILE  f;
+    XFILE  f = XBADFILE;
     byte   der[4096];
 #ifndef NO_DES3
     byte   decoded[2048];
 #endif
-    word32 derSz;
-    int    ret;
+    word32 derSz = 0;
 
-    AssertNotNull(f = XFOPEN(fName, "rb"));
-    AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
-    derSz = (word32)ret;
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(fName, "rb")) != XBADFILE);
+    ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, INVALID_DEVID), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
 #ifndef NO_RSA
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
 #else
-    AssertIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
+    ExpectIntNE(wc_PKCS7_VerifySignedData(pkcs7, der, derSz), 0);
 #endif
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
 #ifndef NO_DES3
     /* decode BER content */
-    AssertNotNull(f = XFOPEN("./certs/1024/client-cert.der", "rb"));
-    AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
-    derSz = (word32)ret;
-    XFCLOSE(f);
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectTrue((f = XFOPEN("./certs/1024/client-cert.der", "rb")) != XBADFILE);
+    ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
 #ifndef NO_RSA
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
 #else
-    AssertIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
+    ExpectIntNE(wc_PKCS7_InitWithCert(pkcs7, der, derSz), 0);
 #endif
 
-    AssertNotNull(f = XFOPEN("./certs/1024/client-key.der", "rb"));
-    AssertIntGT((ret = (int)fread(der, 1, sizeof(der), f)), 0);
-    derSz = (word32)ret;
-    XFCLOSE(f);
-    pkcs7->privateKey   = der;
-    pkcs7->privateKeySz = derSz;
+    ExpectTrue((f = XFOPEN("./certs/1024/client-key.der", "rb")) != XBADFILE);
+    ExpectTrue((derSz = (word32)XFREAD(der, 1, sizeof(der), f)) > 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
+    if (pkcs7 != NULL) {
+        pkcs7->privateKey   = der;
+        pkcs7->privateKeySz = derSz;
+    }
 #ifndef NO_RSA
 #ifdef WOLFSSL_SP_MATH
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
         sizeof(berContent), decoded, sizeof(decoded)), WC_KEY_SIZE_E);
 #else
-    AssertIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+    ExpectIntGT(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
         sizeof(berContent), decoded, sizeof(decoded)), 0);
 #endif
 #else
-    AssertIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
+    ExpectIntEQ(wc_PKCS7_DecodeEnvelopedData(pkcs7, berContent,
         sizeof(berContent), decoded, sizeof(decoded)), NOT_COMPILED_IN);
 #endif
     wc_PKCS7_Free(pkcs7);
 #endif /* !NO_DES3 */
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_PKCS7_BER() */
 
-static int test_PKCS7_signed_enveloped(void)
+static int test_wc_PKCS7_signed_enveloped(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_RSA) && !defined(NO_AES) && \
     !defined(NO_FILESYSTEM)
-    XFILE  f;
-    PKCS7* pkcs7;
+    XFILE  f = XBADFILE;
+    PKCS7* pkcs7 = NULL;
 #ifdef HAVE_AES_CBC
-    PKCS7* inner;
+    PKCS7* inner = NULL;
 #endif
-    void*  pt;
+    void*  pt = NULL;
     WC_RNG rng;
     unsigned char key[FOURK_BUF/2];
     unsigned char cert[FOURK_BUF/2];
     unsigned char env[FOURK_BUF];
     int envSz  = FOURK_BUF;
-    int keySz;
-    int certSz;
-
+    int keySz = 0;
+    int certSz = 0;
     unsigned char sig[FOURK_BUF * 2];
     int sigSz = FOURK_BUF * 2;
 #ifdef HAVE_AES_CBC
@@ -31092,74 +28669,96 @@ static int test_PKCS7_signed_enveloped(void)
     int decodedSz = FOURK_BUF;
 #endif
 
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+
     /* load cert */
-    AssertNotNull(f = XFOPEN(cliCertDerFile, "rb"));
-    AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(cliCertDerFile, "rb")) != XBADFILE);
+    ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), f)), 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
     /* load key */
-    AssertNotNull(f = XFOPEN(cliKeyFile, "rb"));
-    AssertIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0);
-    XFCLOSE(f);
-    keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL);
+    ExpectTrue((f = XFOPEN(cliKeyFile, "rb")) != XBADFILE);
+    ExpectIntGT((keySz = (int)XFREAD(key, 1, sizeof(key), f)), 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
+    ExpectIntGT(keySz = wolfSSL_KeyPemToDer(key, keySz, key, keySz, NULL), 0);
 
     /* sign cert for envelope */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_InitRng(&rng), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
-    pkcs7->content    = cert;
-    pkcs7->contentSz  = certSz;
-    pkcs7->contentOID = DATA;
-    pkcs7->privateKey   = key;
-    pkcs7->privateKeySz = keySz;
-    pkcs7->encryptOID   = RSAk;
-    pkcs7->hashOID      = SHA256h;
-    pkcs7->rng          = &rng;
-    AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content    = cert;
+        pkcs7->contentSz  = certSz;
+        pkcs7->contentOID = DATA;
+        pkcs7->privateKey   = key;
+        pkcs7->privateKeySz = keySz;
+        pkcs7->encryptOID   = RSAk;
+        pkcs7->hashOID      = SHA256h;
+        pkcs7->rng          = &rng;
+    }
+    ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
     wc_PKCS7_Free(pkcs7);
-    wc_FreeRng(&rng);
+    pkcs7 = NULL;
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 
 #ifdef HAVE_AES_CBC
     /* create envelope */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
-    pkcs7->content   = sig;
-    pkcs7->contentSz = sigSz;
-    pkcs7->contentOID = DATA;
-    pkcs7->encryptOID = AES256CBCb;
-    pkcs7->privateKey   = key;
-    pkcs7->privateKeySz = keySz;
-    AssertIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, envSz)), 0);
-    AssertIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content   = sig;
+        pkcs7->contentSz = sigSz;
+        pkcs7->contentOID = DATA;
+        pkcs7->encryptOID = AES256CBCb;
+        pkcs7->privateKey   = key;
+        pkcs7->privateKeySz = keySz;
+    }
+    ExpectIntGT((envSz = wc_PKCS7_EncodeEnvelopedData(pkcs7, env, envSz)), 0);
+    ExpectIntLT(wc_PKCS7_EncodeEnvelopedData(pkcs7, env, 2), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 #endif
 
     /* create bad signed enveloped data */
     sigSz = FOURK_BUF * 2;
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_InitRng(&rng), 0);
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
-    pkcs7->content    = env;
-    pkcs7->contentSz  = envSz;
-    pkcs7->contentOID = DATA;
-    pkcs7->privateKey   = key;
-    pkcs7->privateKeySz = keySz;
-    pkcs7->encryptOID   = RSAk;
-    pkcs7->hashOID      = SHA256h;
-    pkcs7->rng = &rng;
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    if (pkcs7 != NULL) {
+        pkcs7->content    = env;
+        pkcs7->contentSz  = envSz;
+        pkcs7->contentOID = DATA;
+        pkcs7->privateKey   = key;
+        pkcs7->privateKeySz = keySz;
+        pkcs7->encryptOID   = RSAk;
+        pkcs7->hashOID      = SHA256h;
+        pkcs7->rng = &rng;
+    }
 
     /* Set no certs in bundle for this test. Hang on to the pointer though to
      * free it later. */
-    pt = (void*)pkcs7->certList;
-    pkcs7->certList = NULL; /* no certs in bundle */
-    AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
-    pkcs7->certList = (Pkcs7Cert*)pt; /* restore pointer for PKCS7 free call */
+    if (pkcs7 != NULL) {
+        pt = (void*)pkcs7->certList;
+        pkcs7->certList = NULL; /* no certs in bundle */
+    }
+    ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+    if (pkcs7 != NULL) {
+        /* restore pointer for PKCS7 free call */
+        pkcs7->certList = (Pkcs7Cert*)pt;
+    }
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* check verify fails */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz),
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz),
             PKCS7_SIGNEEDS_CHECK);
 
     /* try verifying the signature manually */
@@ -31170,444 +28769,382 @@ static int test_PKCS7_signed_enveloped(void)
             WC_MAX_DIGEST_SIZE];
         int  digestSz;
 
-        AssertIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
-        AssertIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0);
-        digestSz = wc_RsaSSL_Verify(pkcs7->signature, pkcs7->signatureSz,
-                    digest, sizeof(digest), &rKey);
-        AssertIntGT(digestSz, 0);
-        AssertIntEQ(digestSz, pkcs7->pkcs7DigestSz);
-        AssertIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
-        AssertIntEQ(wc_FreeRsaKey(&rKey), 0);
+        ExpectIntEQ(wc_InitRsaKey(&rKey, HEAP_HINT), 0);
+        ExpectIntEQ(wc_RsaPrivateKeyDecode(key, &idx, &rKey, keySz), 0);
+        ExpectIntGT(digestSz = wc_RsaSSL_Verify(pkcs7->signature,
+            pkcs7->signatureSz, digest, sizeof(digest), &rKey), 0);
+        ExpectIntEQ(digestSz, pkcs7->pkcs7DigestSz);
+        ExpectIntEQ(XMEMCMP(digest, pkcs7->pkcs7Digest, digestSz), 0);
+        ExpectIntEQ(wc_FreeRsaKey(&rKey), 0);
         /* verify was success */
     }
 
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* initializing the PKCS7 struct with the signing certificate should pass */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, cert, certSz), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* create valid degenerate bundle */
     sigSz = FOURK_BUF * 2;
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    pkcs7->content    = env;
-    pkcs7->contentSz  = envSz;
-    pkcs7->contentOID = DATA;
-    pkcs7->privateKey   = key;
-    pkcs7->privateKeySz = keySz;
-    pkcs7->encryptOID   = RSAk;
-    pkcs7->hashOID      = SHA256h;
-    pkcs7->rng = &rng;
-    AssertIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
-    AssertIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    if (pkcs7 != NULL) {
+        pkcs7->content    = env;
+        pkcs7->contentSz  = envSz;
+        pkcs7->contentOID = DATA;
+        pkcs7->privateKey   = key;
+        pkcs7->privateKeySz = keySz;
+        pkcs7->encryptOID   = RSAk;
+        pkcs7->hashOID      = SHA256h;
+        pkcs7->rng = &rng;
+    }
+    ExpectIntEQ(wc_PKCS7_SetSignerIdentifierType(pkcs7, DEGENERATE_SID), 0);
+    ExpectIntGT((sigSz = wc_PKCS7_EncodeSignedData(pkcs7, sig, sigSz)), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
     wc_FreeRng(&rng);
 
     /* check verify */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
-    AssertNotNull(pkcs7->content);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, sig, sigSz), 0);
+    ExpectNotNull(pkcs7->content);
 
 #ifdef HAVE_AES_CBC
     /* check decode */
-    AssertNotNull(inner = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_InitWithCert(inner, cert, certSz), 0);
-    inner->privateKey   = key;
-    inner->privateKeySz = keySz;
-    AssertIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content,
+    ExpectNotNull(inner = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(inner, cert, certSz), 0);
+    if (inner != NULL) {
+        inner->privateKey   = key;
+        inner->privateKeySz = keySz;
+    }
+    ExpectIntGT((decodedSz = wc_PKCS7_DecodeEnvelopedData(inner, pkcs7->content,
                    pkcs7->contentSz, decoded, decodedSz)), 0);
     wc_PKCS7_Free(inner);
+    inner = NULL;
 #endif
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
 #ifdef HAVE_AES_CBC
     /* check cert set */
-    AssertNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
-    AssertIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, decodedSz), 0);
-    AssertNotNull(pkcs7->singleCert);
-    AssertIntNE(pkcs7->singleCertSz, 0);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(NULL, 0));
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, NULL, 0), 0);
+    ExpectIntEQ(wc_PKCS7_VerifySignedData(pkcs7, decoded, decodedSz), 0);
+    ExpectNotNull(pkcs7->singleCert);
+    ExpectIntNE(pkcs7->singleCertSz, 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif /* HAVE_PKCS7 && !NO_RSA && !NO_AES */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PKCS7_NoDefaultSignedAttribs(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
     && !defined(NO_AES)
-    PKCS7*      pkcs7;
-    void*       heap = NULL;
-
-    pkcs7 = wc_PKCS7_New(heap, testDevId);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+    PKCS7* pkcs7 = NULL;
+    void*  heap = NULL;
 
-    AssertIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
 
-    AssertIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0);
+    ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_NoDefaultSignedAttribs(pkcs7), 0);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PKCS7_SetOriEncryptCtx(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
     && !defined(NO_AES)
-    PKCS7*      pkcs7;
-    void*       heap = NULL;
-    WOLFSSL_CTX* ctx;
-    ctx = NULL;
-
-    pkcs7 = wc_PKCS7_New(heap, testDevId);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+    PKCS7*       pkcs7 = NULL;
+    void*        heap = NULL;
+    WOLFSSL_CTX* ctx = NULL;
 
-    AssertIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
 
-    AssertIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0);
+    ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(NULL, ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_SetOriEncryptCtx(pkcs7, ctx), 0);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PKCS7_SetOriDecryptCtx(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
     && !defined(NO_AES)
-    PKCS7*      pkcs7;
-    void*       heap = NULL;
-    WOLFSSL_CTX* ctx;
-    ctx = NULL;
-
-    pkcs7 = wc_PKCS7_New(heap, testDevId);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
+    PKCS7*       pkcs7 = NULL;
+    void*        heap = NULL;
+    WOLFSSL_CTX* ctx = NULL;
 
-    AssertIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG);
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(heap, testDevId));
+    ExpectIntEQ(wc_PKCS7_Init(pkcs7, heap, testDevId), 0);
 
-    AssertIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0);
+    ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(NULL, ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_PKCS7_SetOriDecryptCtx(pkcs7, ctx), 0);
 
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PKCS7_DecodeCompressedData(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
     && !defined(NO_AES) && defined(HAVE_LIBZ)
-    PKCS7* pkcs7;
+    PKCS7* pkcs7 = NULL;
     void*  heap = NULL;
     byte   out[4096];
-    byte   *decompressed;
-    int    outSz, decompressedSz;
-
+    byte*  decompressed = NULL;
+    int    outSz;
+    int    decompressedSz;
     const char* cert = "./certs/client-cert.pem";
     byte*  cert_buf = NULL;
     size_t cert_sz = 0;
 
-    AssertIntEQ(load_file(cert, &cert_buf, &cert_sz), 0);
-    AssertNotNull((decompressed =
-                (byte*)XMALLOC(cert_sz, heap, DYNAMIC_TYPE_TMP_BUFFER)));
+    ExpectIntEQ(load_file(cert, &cert_buf, &cert_sz), 0);
+    ExpectNotNull((decompressed = (byte*)XMALLOC(cert_sz, heap,
+        DYNAMIC_TYPE_TMP_BUFFER)));
     decompressedSz = (int)cert_sz;
-    AssertNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
+    ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
 
-    pkcs7->content    = (byte*)cert_buf;
-    pkcs7->contentSz  = (word32)cert_sz;
-    pkcs7->contentOID = DATA;
+    if (pkcs7 != NULL) {
+        pkcs7->content    = (byte*)cert_buf;
+        pkcs7->contentSz  = (word32)cert_sz;
+        pkcs7->contentOID = DATA;
+    }
 
-    AssertIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out,
-                    sizeof(out))), 0);
+    ExpectIntGT((outSz = wc_PKCS7_EncodeCompressedData(pkcs7, out,
+        sizeof(out))), 0);
     wc_PKCS7_Free(pkcs7);
+    pkcs7 = NULL;
 
     /* compressed key should be smaller than when started */
-    AssertIntLT(outSz, cert_sz);
+    ExpectIntLT(outSz, cert_sz);
 
     /* test decompression */
-    AssertNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
-    AssertIntEQ(pkcs7->contentOID, 0);
+    ExpectNotNull((pkcs7 = wc_PKCS7_New(heap, testDevId)));
+    ExpectIntEQ(pkcs7->contentOID, 0);
 
     /* fail case with out buffer too small */
-    AssertIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
-                decompressed, outSz), 0);
+    ExpectIntLT(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
+        decompressed, outSz), 0);
 
     /* success case */
-    AssertIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
-                decompressed, decompressedSz), cert_sz);
-    AssertIntEQ(pkcs7->contentOID, DATA);
-    AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+    ExpectIntEQ(wc_PKCS7_DecodeCompressedData(pkcs7, out, outSz,
+        decompressed, decompressedSz), cert_sz);
+    ExpectIntEQ(pkcs7->contentOID, DATA);
+    ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
     XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
     decompressed = NULL;
 
     /* test decompression function with different 'max' inputs */
     outSz = sizeof(out);
-    AssertIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)),
-            0);
-    AssertIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER,
-            out, outSz, 0, heap), 0);
-    AssertNull(decompressed);
-    AssertIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER,
-            out, outSz, 0, heap), 0);
-    AssertNotNull(decompressed);
-    AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+    ExpectIntGT((outSz = wc_Compress(out, outSz, cert_buf, (word32)cert_sz, 0)),
+        0);
+    ExpectIntLT(wc_DeCompressDynamic(&decompressed, 1, DYNAMIC_TYPE_TMP_BUFFER,
+        out, outSz, 0, heap), 0);
+    ExpectNull(decompressed);
+    ExpectIntGT(wc_DeCompressDynamic(&decompressed, -1, DYNAMIC_TYPE_TMP_BUFFER,
+        out, outSz, 0, heap), 0);
+    ExpectNotNull(decompressed);
+    ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
     XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
     decompressed = NULL;
 
-    AssertIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5,
-            out, outSz, 0, heap), 0);
-    AssertNotNull(decompressed);
-    AssertIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
+    ExpectIntGT(wc_DeCompressDynamic(&decompressed, DYNAMIC_TYPE_TMP_BUFFER, 5,
+        out, outSz, 0, heap), 0);
+    ExpectNotNull(decompressed);
+    ExpectIntEQ(XMEMCMP(decompressed, cert_buf, cert_sz), 0);
     XFREE(decompressed, heap, DYNAMIC_TYPE_TMP_BUFFER);
 
-    if (cert_buf)
+    if (cert_buf != NULL)
         free(cert_buf);
     wc_PKCS7_Free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_i2d_PKCS12(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_PWDBASED) && defined(HAVE_PKCS12) \
     && !defined(NO_FILESYSTEM) && !defined(NO_RSA) \
     && !defined(NO_AES) && !defined(NO_DES3) && !defined(NO_SHA)
     WC_PKCS12* pkcs12 = NULL;
     unsigned char der[FOURK_BUF * 2];
     unsigned char* pt;
-    int derSz;
+    int derSz = 0;
     unsigned char out[FOURK_BUF * 2];
     int outSz = FOURK_BUF * 2;
-
     const char p12_f[] = "./certs/test-servercert.p12";
-    XFILE f;
+    XFILE f = XBADFILE;
 
-    f =  XFOPEN(p12_f, "rb");
-    AssertNotNull(f);
-    derSz = (int)XFREAD(der, 1, sizeof(der), f);
-    AssertIntGT(derSz, 0);
-    XFCLOSE(f);
+    ExpectTrue((f =  XFOPEN(p12_f, "rb")) != XBADFILE);
+    ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), f), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    AssertNotNull(pkcs12 = wc_PKCS12_new());
-    AssertIntEQ(wc_d2i_PKCS12(der, derSz, pkcs12), 0);
-    AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
-    AssertIntEQ(outSz, derSz);
+    ExpectNotNull(pkcs12 = wc_PKCS12_new());
+    ExpectIntEQ(wc_d2i_PKCS12(der, derSz, pkcs12), 0);
+    ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+    ExpectIntEQ(outSz, derSz);
 
     outSz = derSz - 1;
     pt = out;
-    AssertIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0);
+    ExpectIntLE(wc_i2d_PKCS12(pkcs12, &pt, &outSz), 0);
 
     outSz = derSz;
-    AssertIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz);
-    AssertIntEQ((pt == out), 0);
+    ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, &outSz), derSz);
+    ExpectIntEQ((pt == out), 0);
 
     pt = NULL;
-    AssertIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz);
+    ExpectIntEQ(wc_i2d_PKCS12(pkcs12, &pt, NULL), derSz);
     XFREE(pt, NULL, DYNAMIC_TYPE_PKCS);
     wc_PKCS12_free(pkcs12);
+    pkcs12 = NULL;
 
     /* Run the same test but use wc_d2i_PKCS12_fp. */
-    AssertNotNull(pkcs12 = wc_PKCS12_new());
-    AssertIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
-    AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
-    AssertIntEQ(outSz, derSz);
+    ExpectNotNull(pkcs12 = wc_PKCS12_new());
+    ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
+    ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+    ExpectIntEQ(outSz, derSz);
     wc_PKCS12_free(pkcs12);
+    pkcs12 = NULL;
 
     /* wc_d2i_PKCS12_fp can also allocate the PKCS12 object for the caller. */
-    pkcs12 = NULL;
-    AssertIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
-    AssertIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
-    AssertIntEQ(outSz, derSz);
+    ExpectIntEQ(wc_d2i_PKCS12_fp("./certs/test-servercert.p12", &pkcs12), 0);
+    ExpectIntEQ(wc_i2d_PKCS12(pkcs12, NULL, &outSz), LENGTH_ONLY_E);
+    ExpectIntEQ(outSz, derSz);
     wc_PKCS12_free(pkcs12);
-
-    res = TEST_RES_CHECK(1);
+    pkcs12 = NULL;
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 /* Testing wc_SignatureGetSize() for signature type ECC */
 static int test_wc_SignatureGetSize_ecc(void)
 {
-    int res = TEST_SKIPPED;
-#ifndef NO_SIG_WRAPPER
-    int ret;
-    #if defined(HAVE_ECC) && !defined(NO_ECC256)
-        enum wc_SignatureType sig_type;
-        word32 key_len;
-
-        /* Initialize ECC Key */
-        ecc_key ecc;
-        const char* qx =
-            "fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0";
-        const char* qy =
-            "d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09";
-        const char* d =
-            "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
-
-        ret = wc_ecc_init(&ecc);
-        if (ret == 0) {
-            ret = wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1");
-        }
-        if (ret == 0) {
-            /* Input for signature type ECC */
-            sig_type = WC_SIGNATURE_TYPE_ECC;
-            key_len = sizeof(ecc_key);
-            ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
+    EXPECT_DECLS;
+#if !defined(NO_SIG_WRAPPER) && defined(HAVE_ECC) && !defined(NO_ECC256)
+    enum wc_SignatureType sig_type;
+    word32 key_len;
+    ecc_key ecc;
+    const char* qx =
+        "fa2737fb93488d19caef11ae7faf6b7f4bcd67b286e3fc54e8a65c2b74aeccb0";
+    const char* qy =
+        "d4ccd6dae698208aa8c3a6f39e45510d03be09b2f124bfc067856c324f9b4d09";
+    const char* d =
+        "be34baa8d040a3b991f9075b56ba292f755b90e4b6dc10dad36715c33cfdac25";
 
-            /* Test bad args */
-            if (ret > 0) {
-                sig_type = (enum wc_SignatureType) 100;
-                ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
-                if (ret == BAD_FUNC_ARG) {
-                    sig_type = WC_SIGNATURE_TYPE_ECC;
-                    ret = wc_SignatureGetSize(sig_type, NULL, key_len);
-                }
-                if (ret >= 0) {
-                    key_len = (word32) 0;
-                    ret = wc_SignatureGetSize(sig_type, &ecc, key_len);
-                }
-                if (ret == BAD_FUNC_ARG) {
-                    ret = SIG_TYPE_E;
-                }
-            }
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        wc_ecc_free(&ecc);
-    #else
-        ret = SIG_TYPE_E;
-    #endif
+    XMEMSET(&ecc, 0, sizeof(ecc_key));
 
-    res = TEST_RES_CHECK(ret == SIG_TYPE_E);
-#endif /* NO_SIG_WRAPPER */
-    return res;
-}/* END test_wc_SignatureGetSize_ecc() */
+    ExpectIntEQ(wc_ecc_init(&ecc), 0);
+    ExpectIntEQ(wc_ecc_import_raw(&ecc, qx, qy, d, "SECP256R1"), 0);
+    /* Input for signature type ECC */
+    sig_type = WC_SIGNATURE_TYPE_ECC;
+    key_len = sizeof(ecc_key);
+    ExpectIntGT(wc_SignatureGetSize(sig_type, &ecc, key_len), 0);
+
+    /* Test bad args */
+    sig_type = (enum wc_SignatureType) 100;
+    ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
+    sig_type = WC_SIGNATURE_TYPE_ECC;
+    ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
+    key_len = (word32)0;
+    ExpectIntEQ(wc_SignatureGetSize(sig_type, &ecc, key_len), BAD_FUNC_ARG);
+
+    DoExpectIntEQ(wc_ecc_free(&ecc), 0);
+#endif /* !NO_SIG_WRAPPER && HAVE_ECC && !NO_ECC256 */
+    return EXPECT_RESULT();
+} /* END test_wc_SignatureGetSize_ecc() */
 
 /* Testing wc_SignatureGetSize() for signature type rsa */
 static int test_wc_SignatureGetSize_rsa(void)
 {
-    int res = TEST_SKIPPED;
-#ifndef NO_SIG_WRAPPER
-    int ret = 0;
-    #ifndef NO_RSA
-        enum wc_SignatureType sig_type;
-        word32 key_len;
-        word32 idx = 0;
-
-        /* Initialize RSA Key */
-        RsaKey rsa_key;
-        byte* tmp = NULL;
-        size_t bytes;
+    EXPECT_DECLS;
+#if !defined(NO_SIG_WRAPPER) && !defined(NO_RSA)
+    enum wc_SignatureType sig_type;
+    word32 key_len;
+    word32 idx = 0;
+    RsaKey rsa_key;
+    byte* tmp = NULL;
+    size_t bytes;
 
-        #ifdef USE_CERT_BUFFERS_1024
-            bytes = (size_t)sizeof_client_key_der_1024;
-            if (bytes < (size_t)sizeof_client_key_der_1024)
-                bytes = (size_t)sizeof_client_cert_der_1024;
-        #elif defined(USE_CERT_BUFFERS_2048)
-            bytes = (size_t)sizeof_client_key_der_2048;
-            if (bytes < (size_t)sizeof_client_cert_der_2048)
-                bytes = (size_t)sizeof_client_cert_der_2048;
-        #else
-            bytes = FOURK_BUF;
-        #endif
+    XMEMSET(&rsa_key, 0, sizeof(RsaKey));
 
-        tmp = (byte*)XMALLOC(bytes, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        if (tmp != NULL) {
-            #ifdef USE_CERT_BUFFERS_1024
-                XMEMCPY(tmp, client_key_der_1024,
-                    (size_t)sizeof_client_key_der_1024);
-            #elif defined(USE_CERT_BUFFERS_2048)
-                XMEMCPY(tmp, client_key_der_2048,
-                    (size_t)sizeof_client_key_der_2048);
-            #elif !defined(NO_FILESYSTEM)
-                file = XFOPEN(clientKey, "rb");
-                if (file != XBADFILE) {
-                    bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file);
-                    XFCLOSE(file);
-                }
-                else {
-                    ret = WOLFSSL_FATAL_ERROR;
-                }
-            #else
-                ret = WOLFSSL_FATAL_ERROR;
-            #endif
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
+    #ifdef USE_CERT_BUFFERS_1024
+        bytes = (size_t)sizeof_client_key_der_1024;
+        if (bytes < (size_t)sizeof_client_key_der_1024)
+            bytes = (size_t)sizeof_client_cert_der_1024;
+    #elif defined(USE_CERT_BUFFERS_2048)
+        bytes = (size_t)sizeof_client_key_der_2048;
+        if (bytes < (size_t)sizeof_client_cert_der_2048)
+            bytes = (size_t)sizeof_client_cert_der_2048;
+    #else
+        bytes = FOURK_BUF;
+    #endif
 
-        if (ret == 0) {
-            ret = wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId);
-        }
-        if (ret == 0) {
-            ret = wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes);
+    ExpectNotNull(tmp = (byte*)XMALLOC(bytes, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (tmp != NULL) {
+    #ifdef USE_CERT_BUFFERS_1024
+        XMEMCPY(tmp, client_key_der_1024, (size_t)sizeof_client_key_der_1024);
+    #elif defined(USE_CERT_BUFFERS_2048)
+        XMEMCPY(tmp, client_key_der_2048, (size_t)sizeof_client_key_der_2048);
+    #elif !defined(NO_FILESYSTEM)
+        XFILE file = XBADFILE;
+        ExpectTrue((file = XFOPEN(clientKey, "rb")) != XBADFILE);
+        ExpectIntGT(bytes = (size_t)XFREAD(tmp, 1, FOURK_BUF, file), 0);
+        if (file != XBADFILE)
+            XFCLOSE(file);
         }
+    #else
+        ExpectFail();
+    #endif
+    }
 
-        if (ret == 0) {
-            /* Input for signature type RSA */
-            sig_type = WC_SIGNATURE_TYPE_RSA;
-            key_len = sizeof(RsaKey);
-            ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
+    ExpectIntEQ(wc_InitRsaKey_ex(&rsa_key, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(tmp, &idx, &rsa_key, (word32)bytes), 0);
+    /* Input for signature type RSA */
+    sig_type = WC_SIGNATURE_TYPE_RSA;
+    key_len = sizeof(RsaKey);
+    ExpectIntGT(wc_SignatureGetSize(sig_type, &rsa_key, key_len), 0);
 
-            /* Test bad args */
-            if (ret > 0) {
-                sig_type = (enum wc_SignatureType) 100;
-                ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
-                if (ret == BAD_FUNC_ARG) {
-                    sig_type = WC_SIGNATURE_TYPE_RSA;
-                    ret = wc_SignatureGetSize(sig_type, NULL, key_len);
-                }
-            #ifndef HAVE_USER_RSA
-                if (ret == BAD_FUNC_ARG)
-            #else
-                if (ret == 0)
-            #endif
-                {
-                    key_len = (word32)0;
-                    ret = wc_SignatureGetSize(sig_type, &rsa_key, key_len);
-                }
-                if (ret == BAD_FUNC_ARG) {
-                    ret = SIG_TYPE_E;
-                }
-            }
-        }
-        else {
-            ret = WOLFSSL_FATAL_ERROR;
-        }
-        wc_FreeRsaKey(&rsa_key);
-        XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    /* Test bad args */
+    sig_type = (enum wc_SignatureType)100;
+    ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
+    sig_type = WC_SIGNATURE_TYPE_RSA;
+    #ifndef HAVE_USER_RSA
+        ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), BAD_FUNC_ARG);
     #else
-        ret = SIG_TYPE_E;
+        ExpectIntEQ(wc_SignatureGetSize(sig_type, NULL, key_len), 0);
     #endif
+    key_len = (word32)0;
+    ExpectIntEQ(wc_SignatureGetSize(sig_type, &rsa_key, key_len), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == SIG_TYPE_E);
-#endif /* NO_SIG_WRAPPER */
-    return res;
-}/* END test_wc_SignatureGetSize_rsa(void) */
+    DoExpectIntEQ(wc_FreeRsaKey(&rsa_key), 0);
+    XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#endif /* !NO_SIG_WRAPPER && !NO_RSA */
+    return EXPECT_RESULT();
+} /* END test_wc_SignatureGetSize_rsa(void) */
 
 /*----------------------------------------------------------------------------*
  | hash.h Tests
@@ -31615,29 +29152,30 @@ static int test_wc_SignatureGetSize_rsa(void)
 
 static int test_wc_HashInit(void)
 {
-    int ret = 0, i;  /* 0 indicates tests passed, 1 indicates failure */
+    EXPECT_DECLS;
+    int i;  /* 0 indicates tests passed, 1 indicates failure */
 
     wc_HashAlg hash;
 
     /* enum for holding supported algorithms, #ifndef's restrict if disabled */
     enum wc_HashType enumArray[] = {
     #ifndef NO_MD5
-            WC_HASH_TYPE_MD5,
+        WC_HASH_TYPE_MD5,
     #endif
     #ifndef NO_SHA
-            WC_HASH_TYPE_SHA,
+        WC_HASH_TYPE_SHA,
     #endif
-    #ifndef WOLFSSL_SHA224
-            WC_HASH_TYPE_SHA224,
+    #ifdef WOLFSSL_SHA224
+        WC_HASH_TYPE_SHA224,
     #endif
     #ifndef NO_SHA256
-            WC_HASH_TYPE_SHA256,
+        WC_HASH_TYPE_SHA256,
     #endif
-    #ifndef WOLFSSL_SHA384
-            WC_HASH_TYPE_SHA384,
+    #ifdef WOLFSSL_SHA384
+        WC_HASH_TYPE_SHA384,
     #endif
-    #ifndef WOLFSSL_SHA512
-            WC_HASH_TYPE_SHA512,
+    #ifdef WOLFSSL_SHA512
+        WC_HASH_TYPE_SHA512,
     #endif
     };
     /* dynamically finds the length */
@@ -31646,31 +29184,24 @@ static int test_wc_HashInit(void)
     /* For loop to test various arguments... */
     for (i = 0; i < enumlen; i++) {
         /* check for bad args */
-        if (wc_HashInit(&hash, enumArray[i]) == BAD_FUNC_ARG) {
-            ret = 1;
-            break;
-        }
+        ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
         wc_HashFree(&hash, enumArray[i]);
 
         /* check for null ptr */
-        if (wc_HashInit(NULL, enumArray[i]) != BAD_FUNC_ARG) {
-            ret = 1;
-            break;
-        }
+        ExpectIntEQ(wc_HashInit(NULL, enumArray[i]), BAD_FUNC_ARG);
 
     }  /* end of for loop */
 
-    return TEST_RES_CHECK(ret == 0);
+    return EXPECT_RESULT();
 }  /* end of test_wc_HashInit */
 /*
  * Unit test function for wc_HashSetFlags()
  */
 static int test_wc_HashSetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_HASH_FLAGS
     wc_HashAlg hash;
-    int ret = 0;
     word32 flags = 0;
     int i, j;
     int notSupportedLen;
@@ -31713,65 +29244,32 @@ static int test_wc_HashSetFlags(void)
 
     /* For loop to test various arguments... */
     for (i = 0; i < enumlen; i++) {
-        ret = wc_HashInit(&hash, enumArray[i]);
-        if (ret == 0) {
-            ret = wc_HashSetFlags(&hash, enumArray[i], flags);
-        }
-        if (ret == 0) {
-            if (flags & WC_HASH_FLAG_ISCOPY) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_HashSetFlags(NULL, enumArray[i], flags);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-
+        ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
+        ExpectIntEQ(wc_HashSetFlags(&hash, enumArray[i], flags), 0);
+        ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+        ExpectIntEQ(wc_HashSetFlags(NULL, enumArray[i], flags), BAD_FUNC_ARG);
         wc_HashFree(&hash, enumArray[i]);
 
     }
     /* For loop to test not supported cases */
     notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
-    for (j = 0; ret == 0 && j < notSupportedLen; j++) {
-        ret = wc_HashInit(&hash, notSupported[j]);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = wc_HashSetFlags(&hash, notSupported[j], flags);
-            if (ret == 0) {
-                ret = -1;
-            }
-            else if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_HashFree(&hash, notSupported[j]);
-            if (ret == 0) {
-                ret = -1;
-            }
-            else if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
+    for (j = 0; j < notSupportedLen; j++) {
+        ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_HashSetFlags(&hash, notSupported[j], flags),
+            BAD_FUNC_ARG);
+        ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
     }
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }  /* END test_wc_HashSetFlags */
 /*
  * Unit test function for wc_HashGetFlags()
  */
 static int test_wc_HashGetFlags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_HASH_FLAGS
     wc_HashAlg hash;
-    int ret = 0;
     word32 flags = 0;
     int i, j;
 
@@ -31812,56 +29310,22 @@ static int test_wc_HashGetFlags(void)
 
     /* For loop to test various arguments... */
     for (i = 0; i < enumlen; i++) {
-        ret = wc_HashInit(&hash, enumArray[i]);
-        if (ret == 0) {
-            ret = wc_HashGetFlags(&hash, enumArray[i], &flags);
-        }
-        if (ret == 0) {
-            if (flags & WC_HASH_FLAG_ISCOPY) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_HashGetFlags(NULL, enumArray[i], &flags);
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
+        ExpectIntEQ(wc_HashInit(&hash, enumArray[i]), 0);
+        ExpectIntEQ(wc_HashGetFlags(&hash, enumArray[i], &flags), 0);
+        ExpectTrue((flags & WC_HASH_FLAG_ISCOPY) == 0);
+        ExpectIntEQ(wc_HashGetFlags(NULL, enumArray[i], &flags), BAD_FUNC_ARG);
         wc_HashFree(&hash, enumArray[i]);
-        if (ret != 0) {
-            break;
-        }
     }
     /* For loop to test not supported cases */
     notSupportedLen = (sizeof(notSupported)/sizeof(enum wc_HashType));
-    for (j = 0; ret == 0 && j < notSupportedLen; j++) {
-        ret = wc_HashInit(&hash, notSupported[j]);
-        if (ret == 0) {
-            ret = -1;
-        }
-        else if (ret == BAD_FUNC_ARG) {
-            ret = wc_HashGetFlags(&hash, notSupported[j], &flags);
-            if (ret == 0) {
-                ret = -1;
-            }
-            else if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
-        if (ret == 0) {
-            ret = wc_HashFree(&hash, notSupported[j]);
-            if (ret == 0) {
-                ret = -1;
-            }
-            if (ret == BAD_FUNC_ARG) {
-                ret = 0;
-            }
-        }
+    for (j = 0; j < notSupportedLen; j++) {
+        ExpectIntEQ(wc_HashInit(&hash, notSupported[j]), BAD_FUNC_ARG);
+        ExpectIntEQ(wc_HashGetFlags(&hash, notSupported[j], &flags),
+            BAD_FUNC_ARG);
+        ExpectIntEQ(wc_HashFree(&hash, notSupported[j]), BAD_FUNC_ARG);
     }
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }  /* END test_wc_HashGetFlags */
 
 /*----------------------------------------------------------------------------*
@@ -31874,9 +29338,8 @@ static int test_wc_HashGetFlags(void)
 
 static int test_wolfSSL_ASN1_BIT_STRING(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(OPENSSL_ALL)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(OPENSSL_ALL)
     ASN1_BIT_STRING* str = NULL;
 
     ExpectNotNull(str = ASN1_BIT_STRING_new());
@@ -31915,17 +29378,14 @@ static int test_wolfSSL_ASN1_BIT_STRING(void)
 
     ASN1_BIT_STRING_free(str);
     ASN1_BIT_STRING_free(NULL);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_INTEGER(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     ASN1_INTEGER* a = NULL;
     ASN1_INTEGER* dup = NULL;
     const unsigned char invalidLenDer[] = {
@@ -31960,17 +29420,14 @@ static int test_wolfSSL_ASN1_INTEGER(void)
     ExpectNotNull(dup = wolfSSL_ASN1_INTEGER_dup(a));
     ASN1_INTEGER_free(dup);
     ASN1_INTEGER_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_INTEGER_cmp(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     ASN1_INTEGER* a = NULL;
     ASN1_INTEGER* b = NULL;
 
@@ -31998,17 +29455,14 @@ static int test_wolfSSL_ASN1_INTEGER_cmp(void)
 
     ASN1_INTEGER_free(b);
     ASN1_INTEGER_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_INTEGER_BN(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     ASN1_INTEGER* ai = NULL;
     ASN1_INTEGER* ai2 = NULL;
     BIGNUM* bn = NULL;
@@ -32103,17 +29557,14 @@ static int test_wolfSSL_ASN1_INTEGER_BN(void)
     BN_free(bn);
     ASN1_INTEGER_free(ai2);
     ASN1_INTEGER_free(ai);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_INTEGER_get_set(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     ASN1_INTEGER *a = NULL;
     long val;
 
@@ -32204,10 +29655,8 @@ static int test_wolfSSL_ASN1_INTEGER_get_set(void)
     ExpectIntEQ(ASN1_INTEGER_set(a, val), 1);
     ExpectTrue(ASN1_INTEGER_get(a) == val);
     ASN1_INTEGER_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA)
@@ -32219,9 +29668,8 @@ typedef struct ASN1IntTestVector {
 #endif
 static int test_wolfSSL_d2i_ASN1_INTEGER(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     size_t i;
     WOLFSSL_ASN1_INTEGER* a = NULL;
     WOLFSSL_ASN1_INTEGER* b = NULL;
@@ -32355,17 +29803,14 @@ static int test_wolfSSL_d2i_ASN1_INTEGER(void)
         wolfSSL_ASN1_INTEGER_free(a);
         a = NULL;
     }
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_a2i_ASN1_INTEGER(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     BIO* bio = NULL;
     BIO* out = NULL;
     BIO* fixed = NULL;
@@ -32444,7 +29889,7 @@ static int test_wolfSSL_a2i_ASN1_INTEGER(void)
 
     ExpectNotNull(fixed = BIO_new(wolfSSL_BIO_s_fixed_mem()));
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, tmp, 1), 1);
     ExpectIntEQ(i2a_ASN1_INTEGER(fixed, ai), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -32452,17 +29897,14 @@ static int test_wolfSSL_a2i_ASN1_INTEGER(void)
     BIO_free(fixed);
 
     ASN1_INTEGER_free(ai);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2c_ASN1_INTEGER(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     ASN1_INTEGER *a = NULL;
     unsigned char *pp,*tpp;
     int ret;
@@ -32680,17 +30122,14 @@ static int test_wolfSSL_i2c_ASN1_INTEGER(void)
     XFREE(pp, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
     wolfSSL_ASN1_INTEGER_free(a);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !NO_ASN */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_OBJECT(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     ASN1_OBJECT* a = NULL;
     ASN1_OBJECT s;
     const unsigned char der[] = { 0x06, 0x01, 0x00 };
@@ -32710,17 +30149,14 @@ static int test_wolfSSL_ASN1_OBJECT(void)
     ExpectNotNull(a = wolfSSL_ASN1_OBJECT_dup(&s));
     ASN1_OBJECT_free(a);
     ASN1_OBJECT_free(&s);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_get_object(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     const unsigned char* derBuf = cliecc_cert_der_256;
     const unsigned char* nullPtr = NULL;
     const unsigned char objDerInvalidLen[] = { 0x30, 0x81 };
@@ -32754,7 +30190,7 @@ static int test_wolfSSL_ASN1_get_object(void)
 
     /* SEQUENCE */
     ExpectIntEQ(ASN1_get_object(&derBuf, &asnLen, &tag, &cls, len) & 0x80, 0);
-    ExpectIntEQ(asnLen, 862);
+    ExpectIntEQ(asnLen, 861);
     ExpectIntEQ(tag, 0x10);
     ExpectIntEQ(cls, 0);
 
@@ -32852,17 +30288,14 @@ static int test_wolfSSL_ASN1_get_object(void)
     XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
 
     ASN1_OBJECT_free(a);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && HAVE_ECC && USE_CERT_BUFFERS_256 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2a_ASN1_OBJECT(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
     ASN1_OBJECT* obj = NULL;
     ASN1_OBJECT* a = NULL;
     BIO *bio = NULL;
@@ -32904,18 +30337,15 @@ static int test_wolfSSL_i2a_ASN1_OBJECT(void)
 
     BIO_free(bio);
     ASN1_OBJECT_free(obj);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2t_ASN1_OBJECT(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-    EXPECT_DECLS;
     char buf[50] = {0};
     ASN1_OBJECT* obj;
     const char* oid = "2.5.29.19";
@@ -32931,17 +30361,14 @@ static int test_wolfSSL_i2t_ASN1_OBJECT(void)
     ExpectIntEQ(i2t_ASN1_OBJECT(buf, sizeof(buf), obj), XSTRLEN(ln));
     ExpectIntEQ(XSTRNCMP(buf, ln, XSTRLEN(ln)), 0);
     ASN1_OBJECT_free(obj);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFSSL_CERT_EXT && WOLFSSL_CERT_GEN */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_sk_ASN1_OBJECT(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
     EXPECT_DECLS;
+#if !defined(NO_ASN) && (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL))
     WOLFSSL_STACK* sk = NULL;
     WOLFSSL_ASN1_OBJECT* obj;
 
@@ -32966,17 +30393,14 @@ static int test_wolfSSL_sk_ASN1_OBJECT(void)
     ExpectPtrEq(obj, wolfSSL_sk_ASN1_OBJECT_pop(sk));
     wolfSSL_sk_ASN1_OBJECT_free(sk);
     wolfSSL_ASN1_OBJECT_free(obj);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_ASN && (OPENSSL_EXTRA || WOLFSSL_WPAS_SMALL) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_STRING(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     ASN1_STRING* str = NULL;
     ASN1_STRING* c = NULL;
     const char data[]  = "hello wolfSSL";
@@ -33032,18 +30456,15 @@ static int test_wolfSSL_ASN1_STRING(void)
 #ifndef NO_WOLFSSL_STUB
     ExpectNull(d2i_DISPLAYTEXT(NULL, NULL, 0));
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_STRING_to_UTF8(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_RSA) && \
     !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509_NAME* subject = NULL;
     WOLFSSL_X509_NAME_ENTRY* e = NULL;
@@ -33084,17 +30505,14 @@ static int test_wolfSSL_ASN1_STRING_to_UTF8(void)
     ExpectNotNull(a = ASN1_STRING_new());
     ExpectIntEQ(wolfSSL_ASN1_STRING_to_UTF8(&actual_output, a), -1);
     ASN1_STRING_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2s_ASN1_STRING(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN)
     WOLFSSL_ASN1_STRING* str = NULL;
     const char* data = "test_wolfSSL_i2s_ASN1_STRING";
     char* ret = NULL;
@@ -33120,19 +30538,16 @@ static int test_wolfSSL_i2s_ASN1_STRING(void)
     XFREE(ret, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
     ASN1_STRING_free(str);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_STRING_canon(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_TEST_STATIC_BUILD)
 #if !defined(NO_CERTS) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA) || \
     defined(OPENSSL_EXTRA_X509_SMALL))
-    EXPECT_DECLS;
     WOLFSSL_ASN1_STRING* orig = NULL;
     WOLFSSL_ASN1_STRING* canon = NULL;
     const char* data = "test_wolfSSL_ASN1_STRING_canon";
@@ -33182,19 +30597,16 @@ static int test_wolfSSL_ASN1_STRING_canon(void)
 
     ASN1_STRING_free(orig);
     ASN1_STRING_free(canon);
-
-    res = EXPECT_RESULT();
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_STRING_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_ASN) && !defined(NO_CERTS) && \
     !defined(NO_BIO)
-    EXPECT_DECLS;
     ASN1_STRING* asnStr = NULL;
     const char HELLO_DATA[]= \
                       {'H','e','l','l','o',' ','w','o','l','f','S','S','L','!'};
@@ -33247,7 +30659,7 @@ static int test_wolfSSL_ASN1_STRING_print(void)
 
     ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
     ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(bio, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print(bio, asnStr), 0);
     ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
@@ -33257,17 +30669,14 @@ static int test_wolfSSL_ASN1_STRING_print(void)
     BIO_free(bio);
 
     ASN1_STRING_free(asnStr);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !NO_ASN && !NO_CERTS && !NO_BIO */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_STRING_print_ex(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_BIO)
     ASN1_STRING* asn_str = NULL;
     const char data[] = "Hello wolfSSL!";
     ASN1_STRING* esc_str = NULL;
@@ -33312,7 +30721,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
     ExpectIntEQ(BIO_read(bio, (void*)rbuf, 15), 15);
     ExpectStrEQ((char*)rbuf, "Hello wolfSSL!");
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33327,7 +30736,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
     ExpectIntEQ(BIO_read(bio, (void*)rbuf, 9), 9);
     ExpectStrEQ((char*)rbuf, "a\\+\\;\\<\\>");
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, esc_str, flags), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33342,7 +30751,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
     ExpectIntEQ(BIO_read(bio, (void*)rbuf, 28), 28);
     ExpectStrEQ((char*)rbuf, "OCTET STRING:Hello wolfSSL!");
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33359,7 +30768,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
     ExpectIntEQ(BIO_read(bio, (void*)rbuf, 31), 31);
     ExpectStrEQ((char*)rbuf, "#48656C6C6F20776F6C6653534C2100");
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33374,7 +30783,7 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
     ExpectIntEQ(BIO_read(bio, (void*)rbuf, 35), 35);
     ExpectStrEQ((char*)rbuf, "#040F48656C6C6F20776F6C6653534C2100");
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, rbuf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_STRING_print_ex(fixed, asn_str, flags), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -33414,17 +30823,14 @@ static int test_wolfSSL_ASN1_STRING_print_ex(void)
 
     ExpectStrEQ(wolfSSL_ASN1_tag2str(-1), "(unknown)");
     ExpectStrEQ(wolfSSL_ASN1_tag2str(31), "(unknown)");
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_ASN)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_ASN)
     ASN1_STRING* asn1str_test = NULL;
     ASN1_STRING* asn1str_answer = NULL;
     /* Each character is encoded using 4 bytes */
@@ -33472,17 +30878,14 @@ static int test_wolfSSL_ASN1_UNIVERSALSTRING_to_string(void)
 
     ASN1_STRING_free(asn1str_test);
     ASN1_STRING_free(asn1str_answer);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_ALL && !NO_ASN */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     WOLFSSL_ASN1_GENERALIZEDTIME* asn1_gtime = NULL;
     unsigned char nullstr[32];
 
@@ -33498,17 +30901,14 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_free(void)
         XFREE(asn1_gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     }
     wolfSSL_ASN1_GENERALIZEDTIME_free(NULL);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     WOLFSSL_ASN1_GENERALIZEDTIME gtime;
     BIO* bio = NULL;
     unsigned char buf[24];
@@ -33538,7 +30938,7 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
 
     ExpectNotNull(bio = BIO_new(wolfSSL_BIO_s_fixed_mem()));
     ExpectIntEQ(BIO_set_write_buf_size(bio, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(bio, buf, 1), 1);
     ExpectIntEQ(wolfSSL_ASN1_GENERALIZEDTIME_print(bio, &gtime), 0);
     for (i = 1; i < 20; i++) {
@@ -33548,17 +30948,14 @@ static int test_wolfSSL_ASN1_GENERALIZEDTIME_print(void)
     BIO_free(bio);
 
     wolfSSL_ASN1_GENERALIZEDTIME_free(&gtime);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     WOLFSSL_ASN1_TIME* asn_time = NULL;
     unsigned char *data;
 
@@ -33585,19 +30982,16 @@ static int test_wolfSSL_ASN1_TIME(void)
 
     ASN1_TIME_free(asn_time);
     ASN1_TIME_free(NULL);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_to_string(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef NO_ASN_TIME
 #if defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
     defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
-    EXPECT_DECLS;
     WOLFSSL_ASN1_TIME* t = NULL;
     char buf[ASN_GENERALIZED_TIME_SIZE];
 
@@ -33616,18 +31010,15 @@ static int test_wolfSSL_ASN1_TIME_to_string(void)
     ExpectNull(ASN1_TIME_to_string(t, buf, 5));
 
     ASN1_TIME_free(t);
-
-    res = EXPECT_RESULT();
 #endif
 #endif /* NO_ASN_TIME */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_diff_compare(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     ASN1_TIME* fromTime = NULL;
     ASN1_TIME* closeToTime = NULL;
     ASN1_TIME* toTime = NULL;
@@ -33712,18 +31103,15 @@ static int test_wolfSSL_ASN1_TIME_diff_compare(void)
     ASN1_TIME_free(closeToTime);
     ASN1_TIME_free(toTime);
     ASN1_TIME_free(invalidTime);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_adj(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
-&& !defined(USER_TIME) && !defined(TIME_OVERRIDES)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
+    !defined(USER_TIME) && !defined(TIME_OVERRIDES)
     const int year = 365*24*60*60;
     const int day  = 24*60*60;
     const int hour = 60*60;
@@ -33814,19 +31202,16 @@ static int test_wolfSSL_ASN1_TIME_adj(void)
     date_str[CTC_DATE_SIZE] = '\0';
     ExpectIntEQ(0, XMEMCMP(date_str, "000222211515Z", 13));
     XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_to_tm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
       defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
       defined(OPENSSL_ALL)) && !defined(NO_ASN_TIME)
-    EXPECT_DECLS;
     ASN1_TIME asnTime;
     struct tm tm;
     time_t testTime = 1683926567; /* Fri May 12 09:22:47 PM UTC 2023 */
@@ -33890,17 +31275,14 @@ static int test_wolfSSL_ASN1_TIME_to_tm(void)
        fields are zeroed out as expected. */
     ExpectIntEQ(tm.tm_isdst, 0);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME)
     WOLFSSL_ASN1_TIME *t = NULL;
     WOLFSSL_ASN1_TIME *out = NULL;
     WOLFSSL_ASN1_TIME *gtime = NULL;
@@ -33988,21 +31370,18 @@ static int test_wolfSSL_ASN1_TIME_to_generalizedtime(void)
 
     XFREE(gtime, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(t, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TIME_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_BIO) && \
     (defined(WOLFSSL_MYSQL_COMPATIBLE) || defined(WOLFSSL_NGINX) || \
      defined(WOLFSSL_HAPROXY) || defined(OPENSSL_EXTRA) || \
      defined(OPENSSL_ALL)) && defined(USE_CERT_BUFFERS_2048) && \
     !defined(NO_ASN_TIME)
-    EXPECT_DECLS;
     BIO*  bio = NULL;
     BIO*  fixed = NULL;
     X509*  x509 = NULL;
@@ -34023,11 +31402,11 @@ static int test_wolfSSL_ASN1_TIME_print(void)
 
     ExpectIntEQ(ASN1_TIME_print(bio, notBefore), 1);
     ExpectIntEQ(BIO_read(bio, buf, sizeof(buf)), 24);
-    ExpectIntEQ(XMEMCMP(buf, "Dec 16 21:17:49 2022 GMT", sizeof(buf) - 1), 0);
+    ExpectIntEQ(XMEMCMP(buf, "Dec 13 22:19:28 2023 GMT", sizeof(buf) - 1), 0);
 
     /* Test BIO_write fails. */
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
-    /* Ensure there is 0 bytes avaialble to write into. */
+    /* Ensure there is 0 bytes available to write into. */
     ExpectIntEQ(BIO_write(fixed, buf, 1), 1);
     ExpectIntEQ(ASN1_TIME_print(fixed, notBefore), 0);
     ExpectIntEQ(BIO_set_write_buf_size(fixed, 1), 1);
@@ -34050,17 +31429,14 @@ static int test_wolfSSL_ASN1_TIME_print(void)
     BIO_free(bio);
     BIO_free(fixed);
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_UTCTIME_print(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && !defined(NO_BIO)
     BIO*  bio = NULL;
     ASN1_UTCTIME* utc = NULL;
     unsigned char buf[25];
@@ -34111,18 +31487,15 @@ static int test_wolfSSL_ASN1_UTCTIME_print(void)
 
     XFREE(utc, NULL, DYNAMIC_TYPE_ASN1);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !NO_ASN_TIME && !NO_BIO */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ASN1_TYPE(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD) || \
     defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_WPAS)
-    EXPECT_DECLS;
     WOLFSSL_ASN1_TYPE* t = NULL;
     WOLFSSL_ASN1_OBJECT* obj = NULL;
 #ifndef NO_ASN_TIME
@@ -34199,10 +31572,8 @@ static int test_wolfSSL_ASN1_TYPE(void)
     ASN1_TYPE_set(t, V_ASN1_SEQUENCE, str);
     wolfSSL_ASN1_TYPE_free(t);
     t = NULL;
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Testing code used in dpp.c in hostap */
@@ -34246,11 +31617,10 @@ IMPLEMENT_ASN1_FUNCTIONS(TEST_FAIL_ASN1)
 
 static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
     /* Testing code used in dpp.c in hostap */
 #if defined(OPENSSL_ALL) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    EXPECT_DECLS;
     EC_KEY *eckey = NULL;
     EVP_PKEY *key = NULL;
     size_t len;
@@ -34393,19 +31763,16 @@ static int test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS(void)
     TEST_FAIL_ASN1_free(NULL);
     XMEMSET(&test_fail_asn1, 0, sizeof(TEST_FAIL_ASN1));
     ExpectIntEQ(i2d_TEST_FAIL_ASN1(&test_fail_asn1, &der), 0);
-
-    res = EXPECT_RESULT();
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* OPENSSL_ALL && HAVE_ECC && USE_CERT_BUFFERS_256 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_lhash(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_ALL
     EXPECT_DECLS;
+#ifdef OPENSSL_ALL
     const char testStr[] = "Like a true nature's child\n"
                            "We were born\n"
                            "Born to be wild";
@@ -34415,21 +31782,18 @@ static int test_wolfSSL_lhash(void)
 #else
     ExpectIntEQ(lh_strhash(testStr), 0x5b7541dc);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_NAME(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
     !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \
     (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT) || \
      defined(OPENSSL_EXTRA))
-    EXPECT_DECLS;
     X509* x509 = NULL;
     const unsigned char* c;
     unsigned char buf[4096];
@@ -34552,18 +31916,15 @@ static int test_wolfSSL_X509_NAME(void)
                 (char*)tmp, sizeof(buf)), -1);
     X509_NAME_free(d2i_name);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_NAME_hash(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) \
-    && !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
+    !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_BIO)
     BIO* bio = NULL;
     X509* x509 = NULL;
 
@@ -34574,21 +31935,18 @@ static int test_wolfSSL_X509_NAME_hash(void)
     ExpectIntEQ(X509_NAME_hash(X509_get_issuer_name(x509)), 0xFDB2DA4);
     X509_free(x509);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_NAME_print_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
      (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
      defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
      defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))) && \
     !defined(NO_BIO) && !defined(NO_RSA)
-    EXPECT_DECLS;
     int memSz;
     byte* mem = NULL;
     BIO* bio = NULL;
@@ -34721,18 +32079,15 @@ static int test_wolfSSL_X509_NAME_print_ex(void)
 
         X509_NAME_free(name);
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 static int test_wolfSSL_X509_INFO_multiple_info(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_RSA)
     STACK_OF(X509_INFO) *info_stack = NULL;
     X509_INFO *info = NULL;
     int len;
@@ -34754,7 +32109,7 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
     /* concatenate the cert and the key file to force PEM_X509_INFO_read_bio
      * to group objects together. */
     ExpectNotNull(concatBIO = BIO_new(BIO_s_mem()));
-    for (curFile = files; *curFile != NULL; curFile++) {
+    for (curFile = files; EXPECT_SUCCESS() && *curFile != NULL; curFile++) {
         int fileLen;
         ExpectNotNull(fileBIO = BIO_new_file(*curFile, "rb"));
         ExpectIntGT(fileLen = wolfSSL_BIO_get_len(fileBIO), 0);
@@ -34762,6 +32117,8 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
             while ((len = BIO_read(fileBIO, tmp, sizeof(tmp))) > 0) {
                 ExpectIntEQ(BIO_write(concatBIO, tmp, len), len);
                 fileLen -= len;
+                if (EXPECT_FAIL())
+                    break;
             }
             /* Make sure we read the entire file */
             ExpectIntEQ(fileLen, 0);
@@ -34789,19 +32146,16 @@ static int test_wolfSSL_X509_INFO_multiple_info(void)
 
     sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
     BIO_free(concatBIO);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif
 
 #ifndef NO_BIO
 static int test_wolfSSL_X509_INFO(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_RSA)
     STACK_OF(X509_INFO) *info_stack = NULL;
     X509_INFO *info = NULL;
     BIO *cert = NULL;
@@ -34858,19 +32212,16 @@ static int test_wolfSSL_X509_INFO(void)
     ExpectNull(info_stack = PEM_X509_INFO_read_bio(cert, NULL, NULL, NULL));
     sk_X509_INFO_pop_free(info_stack, X509_INFO_free);
     BIO_free(cert);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif
 
 static int test_wolfSSL_X509_subject_name_hash(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
-    && !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
+    !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
     X509* x509 = NULL;
     X509_NAME* subjectName = NULL;
     unsigned long ret1 = 0;
@@ -34898,18 +32249,15 @@ static int test_wolfSSL_X509_subject_name_hash(void)
 #endif
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_issuer_name_hash(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
     && !defined(NO_RSA) && (!defined(NO_SHA) || !defined(NO_SHA256))
-    EXPECT_DECLS;
     X509* x509 = NULL;
     X509_NAME* issuertName = NULL;
     unsigned long ret1 = 0;
@@ -34937,18 +32285,15 @@ static int test_wolfSSL_X509_issuer_name_hash(void)
 #endif
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_check_host(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) \
     && !defined(NO_SHA) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509* x509 = NULL;
     const char altName[] = "example.com";
 
@@ -34965,17 +32310,14 @@ static int test_wolfSSL_X509_check_host(void)
 
     ExpectIntEQ(X509_check_host(NULL, altName, XSTRLEN(altName), 0, NULL),
             WOLFSSL_FAILURE);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_check_email(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_CERT_GEN) && !defined(NO_RSA)
     X509* x509 = NULL;
     const char goodEmail[] = "info@wolfssl.com";
     const char badEmail[] = "disinfo@wolfssl.com";
@@ -35001,86 +32343,14 @@ static int test_wolfSSL_X509_check_email(void)
     /* Should fail when x509 is NULL */
     ExpectIntEQ(wolfSSL_X509_check_email(NULL, goodEmail, 0, 0),
             WOLFSSL_FAILURE);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFSSL_CERT_GEN */
-    return res;
-}
-
-static int test_wolfSSL_DES(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
-    EXPECT_DECLS;
-    const_DES_cblock myDes;
-    DES_cblock iv;
-    DES_key_schedule key;
-    word32 i;
-    DES_LONG dl;
-    unsigned char msg[] = "hello wolfssl";
-
-    DES_check_key(1);
-    DES_set_key(&myDes, &key);
-
-    /* check, check of odd parity */
-    XMEMSET(myDes, 4, sizeof(const_DES_cblock));
-    myDes[0] = 6; /*set even parity*/
-    XMEMSET(key, 5, sizeof(DES_key_schedule));
-    ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1);
-    ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
-
-    /* set odd parity for success case */
-    DES_set_odd_parity(&myDes);
-    ExpectIntEQ(DES_check_key_parity(&myDes), 1);
-    fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2],
-        myDes[3]);
-    ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
-    for (i = 0; i < sizeof(DES_key_schedule); i++) {
-        ExpectIntEQ(key[i], myDes[i]);
-    }
-    ExpectIntEQ(DES_is_weak_key(&myDes), 0);
-
-    /* check weak key */
-    XMEMSET(myDes, 1, sizeof(const_DES_cblock));
-    XMEMSET(key, 5, sizeof(DES_key_schedule));
-    ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2);
-    ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
-
-    /* now do unchecked copy of a weak key over */
-    DES_set_key_unchecked(&myDes, &key);
-    /* compare arrays, should be the same */
-    for (i = 0; i < sizeof(DES_key_schedule); i++) {
-        ExpectIntEQ(key[i], myDes[i]);
-    }
-    ExpectIntEQ(DES_is_weak_key(&myDes), 1);
-
-    /* check DES_key_sched API */
-    XMEMSET(key, 1, sizeof(DES_key_schedule));
-    ExpectIntEQ(DES_key_sched(&myDes, NULL), 0);
-    ExpectIntEQ(DES_key_sched(NULL, &key),   0);
-    ExpectIntEQ(DES_key_sched(&myDes, &key), 0);
-    /* compare arrays, should be the same */
-    for (i = 0; i < sizeof(DES_key_schedule); i++) {
-        ExpectIntEQ(key[i], myDes[i]);
-    }
-
-    /* DES_cbc_cksum should return the last 4 of the last 8 bytes after
-     * DES_cbc_encrypt on the input */
-    XMEMSET(iv, 0, sizeof(DES_cblock));
-    XMEMSET(myDes, 5, sizeof(DES_key_schedule));
-    ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
-    ExpectIntEQ(dl, 480052723);
-
-    res = EXPECT_RESULT();
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PemToDer(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
     int ret;
     DerBuffer* pDer = NULL;
     const char* ca_cert = "./certs/server-cert.pem";
@@ -35123,17 +32393,14 @@ static int test_wc_PemToDer(void)
             free(cert_buf);
     }
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_AllocDer(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS)
     EXPECT_DECLS;
+#if !defined(NO_CERTS)
     DerBuffer* pDer = NULL;
     word32 testSize = 1024;
 
@@ -35142,17 +32409,14 @@ static int test_wc_AllocDer(void)
     ExpectIntEQ(wc_AllocDer(&pDer, testSize, CERT_TYPE, HEAP_HINT), 0);
     ExpectNotNull(pDer);
     wc_FreeDer(&pDer);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_CertPemToDer(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
     EXPECT_DECLS;
+#if !defined(NO_CERTS) && defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM)
     const char* ca_cert = "./certs/ca-cert.pem";
     byte* cert_buf = NULL;
     size_t cert_sz = 0;
@@ -35184,17 +32448,14 @@ static int test_wc_CertPemToDer(void)
         free(cert_der);
     if (cert_buf != NULL)
         free(cert_buf);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_KeyPemToDer(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     int ret;
     const byte cert_buf[] = \
     "-----BEGIN PRIVATE KEY-----\n"
@@ -35260,18 +32521,15 @@ static int test_wc_KeyPemToDer(void)
     ExpectIntLE(ret, cert_sz);
     if (cert_der != NULL)
         free(cert_der);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PubKeyPemToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_PEM_TO_DER) && !defined(NO_FILESYSTEM) && \
    (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
-    EXPECT_DECLS;
     int ret = 0;
     const char* key = "./certs/ecc-client-keyPub.pem";
     byte* cert_buf = NULL;
@@ -35305,18 +32563,15 @@ static int test_wc_PubKeyPemToDer(void)
     if (cert_buf != NULL) {
         free(cert_buf);
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_PemPubKeyToDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && \
     (defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER))
-    EXPECT_DECLS;
     const char* key = "./certs/ecc-client-keyPub.pem";
     size_t cert_dersz = 1024;
     byte* cert_der = NULL;
@@ -35329,17 +32584,14 @@ static int test_wc_PemPubKeyToDer(void)
     if (cert_der != NULL) {
         free(cert_der);
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_GetPubKeyDerFromCert(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_RSA) || defined(HAVE_ECC)
     EXPECT_DECLS;
+#if !defined(NO_RSA) || defined(HAVE_ECC)
     int ret;
     word32 idx = 0;
     byte keyDer[TWOK_BUF];  /* large enough for up to RSA 2048 */
@@ -35493,18 +32745,15 @@ static int test_wc_GetPubKeyDerFromCert(void)
 
     wc_FreeDecodedCert(&decoded);
 #endif
-
-    res = EXPECT_RESULT();
 #endif /* !NO_RSA || HAVE_ECC */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_CheckCertSigPubKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA) && defined(WOLFSSL_PEM_TO_DER) && defined(HAVE_ECC)
-    EXPECT_DECLS;
     int ret;
     const char* ca_cert = "./certs/ca-cert.pem";
     byte* cert_buf = NULL;
@@ -35557,18 +32806,15 @@ static int test_wc_CheckCertSigPubKey(void)
         free(cert_der);
     if (cert_buf != NULL)
         free(cert_buf);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_certs(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA)
-    EXPECT_DECLS;
     X509*  x509ext = NULL;
 #ifdef OPENSSL_ALL
     X509*  x509 = NULL;
@@ -35699,7 +32945,7 @@ static int test_wolfSSL_certs(void)
     ExpectNotNull(ext = X509V3_EXT_i2d(NID_ext_key_usage, crit, sk));
     X509_EXTENSION_free(ext);
     ext = NULL;
-    sk_ASN1_OBJECT_pop_free(sk, NULL);
+    EXTENDED_KEY_USAGE_free(sk);
     sk = NULL;
 #else
     sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509ext, NID_ext_key_usage,
@@ -35815,18 +33061,15 @@ static int test_wolfSSL_certs(void)
     X509_free(x509ext);
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !NO_CERTS */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_check_private_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) && \
         defined(USE_CERT_BUFFERS_2048) && !defined(NO_CHECK_PRIVATE_KEY)
-    EXPECT_DECLS;
     X509*  x509 = NULL;
     EVP_PKEY* pkey = NULL;
     const byte* key;
@@ -35854,21 +33097,17 @@ static int test_wolfSSL_X509_check_private_key(void)
 
     EVP_PKEY_free(pkey);
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
-
 static int test_wolfSSL_private_keys(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-       !defined(NO_FILESYSTEM)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+   !defined(NO_FILESYSTEM)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     WOLFSSL*     ssl = NULL;
     WOLFSSL_CTX* ctx = NULL;
     EVP_PKEY* pkey = NULL;
@@ -36084,19 +33323,16 @@ static int test_wolfSSL_private_keys(void)
     (void)ssl;
     (void)ctx;
     (void)pkey;
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-    #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
-    return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_PrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \
     && !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     XFILE file = XBADFILE;
     const char* fname = "./certs/server-key.pem";
     EVP_PKEY* pkey = NULL;
@@ -36129,18 +33365,15 @@ static int test_wolfSSL_PEM_read_PrivateKey(void)
     XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) \
     && !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     XFILE file = XBADFILE;
     const char* fname = "./certs/client-keyPub.pem";
     EVP_PKEY* pkey = NULL;
@@ -36154,18 +33387,15 @@ static int test_wolfSSL_PEM_read_PUBKEY(void)
     EVP_PKEY_free(pkey);
     if (file != XBADFILE)
         XFCLOSE(file);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_PrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(USE_CERT_BUFFERS_2048)
-    EXPECT_DECLS;
 #ifndef NO_BIO
     BIO*      bio = NULL;
 #endif
@@ -36533,25 +33763,21 @@ static int test_wolfSSL_PEM_PrivateKey(void)
     }
     #endif
 
-    res = EXPECT_RESULT();
-
 #ifndef NO_BIO
     (void)bio;
 #endif
     (void)pkey;
     (void)server_key;
-
 #endif /* OPENSSL_EXTRA && !NO_CERTS && !NO_RSA && USE_CERT_BUFFERS_2048 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_file_RSAKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
     defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
     !defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
-    EXPECT_DECLS;
     RSA* rsa = NULL;
     XFILE fp = XBADFILE;
 
@@ -36570,21 +33796,18 @@ static int test_wolfSSL_PEM_file_RSAKey(void)
     ExpectIntEQ(PEM_write_RSA_PUBKEY(stderr, rsa), WOLFSSL_SUCCESS);
 
     RSA_free(rsa);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
          (defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
          !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_file_RSAPrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && \
     (defined(WOLFSSL_PEM_TO_DER) || defined(WOLFSSL_DER_TO_PEM))
-    EXPECT_DECLS;
     RSA* rsa = NULL;
     XFILE f = NULL;
 
@@ -36611,18 +33834,15 @@ static int test_wolfSSL_PEM_file_RSAPrivateKey(void)
     if (f != XBADFILE)
         XFCLOSE(f);
 #endif /* HAVE_ECC */
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_RSA_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
        !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    EXPECT_DECLS;
     XFILE file = XBADFILE;
     const char* fname = "./certs/client-keyPub.pem";
     RSA *rsa = NULL;
@@ -36635,20 +33855,17 @@ static int test_wolfSSL_PEM_read_RSA_PUBKEY(void)
     RSA_free(rsa);
     if (file != XBADFILE)
        XFCLOSE(file);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 static int test_wolfSSL_PEM_bio_RSAKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
     defined(WOLFSSL_KEY_GEN) && !defined(NO_RSA) && \
     !defined(HAVE_USER_RSA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
-    EXPECT_DECLS;
     RSA* rsa = NULL;
     BIO* bio = NULL;
 
@@ -36704,20 +33921,17 @@ static int test_wolfSSL_PEM_bio_RSAKey(void)
     RSA_free(rsa);
     rsa = NULL;
     #endif /* HAVE_ECC */
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
          (defined(WOLFSSL_KEY_GEN) || WOLFSSL_CERT_GEN) && \
          !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_bio_RSAPrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    EXPECT_DECLS;
     RSA* rsa = NULL;
     RSA* rsa_dup = NULL;
     BIO* bio = NULL;
@@ -36754,19 +33968,16 @@ static int test_wolfSSL_PEM_bio_RSAPrivateKey(void)
 
     BIO_free(bio);
 #endif /* HAVE_ECC */
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_bio_DSAKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifndef HAVE_SELFTEST
 #if (defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && !defined(NO_CERTS) && \
     defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && !defined(NO_DSA)
-    EXPECT_DECLS;
     DSA* dsa = NULL;
     BIO* bio = NULL;
 
@@ -36812,21 +34023,18 @@ static int test_wolfSSL_PEM_bio_DSAKey(void)
     DSA_free(dsa);
     dsa = NULL;
     #endif /* HAVE_ECC */
-
-    res = TEST_RES_CHECK(1);
 #endif /* defined(WOLFSSL_QT) || defined(OPENSSL_ALL)) && \
          !defined(NO_CERTS) && defined(WOLFSSL_KEY_GEN) && \
          !defined(NO_FILESYSTEM) && !defined(NO_DSA) */
 #endif /* HAVE_SELFTEST */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_bio_ECKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) && \
     defined(WOLFSSL_KEY_GEN) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC)
-    EXPECT_DECLS;
     EC_KEY* ec = NULL;
     EC_KEY* ec2;
     BIO* bio = NULL;
@@ -36952,17 +34160,14 @@ static int test_wolfSSL_PEM_bio_ECKey(void)
     ExpectNull(PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL));
     BIO_free(bio);
     bio = NULL;
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
     BIO*      bio = NULL;
     EVP_PKEY* pkey  = NULL;
 
@@ -37018,21 +34223,18 @@ static int test_wolfSSL_PEM_PUBKEY(void)
 
     (void)bio;
     (void)pkey;
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #endif /* !NO_BIO */
 
 static int test_DSA_do_sign_verify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
     !defined(NO_DSA)
-    EXPECT_DECLS;
     unsigned char digest[WC_SHA_DIGEST_SIZE];
     DSA_SIG* sig = NULL;
     DSA* dsa = NULL;
@@ -37076,20 +34278,17 @@ static int test_DSA_do_sign_verify(void)
 
     DSA_SIG_free(sig);
     DSA_free(dsa);
-
-    res = EXPECT_RESULT();
 #endif
 #endif /* !HAVE_SELFTEST && !HAVE_FIPS */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_tmp_dh(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     byte buff[6000];
     char file[] = "./certs/dsaparams.pem";
     XFILE f = XBADFILE;
@@ -37148,18 +34347,15 @@ static int test_wolfSSL_tmp_dh(void)
 #endif
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ctrl(void)
 {
-    int res = TEST_SKIPPED;
-#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
     EXPECT_DECLS;
+#if defined (OPENSSL_EXTRA) && !defined(NO_BIO)
     byte buff[6000];
     BIO* bio = NULL;
     int  bytes;
@@ -37179,18 +34375,15 @@ static int test_wolfSSL_ctrl(void)
     */
 
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_BIO) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_EVP_PKEY_new_mac_key(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     static const unsigned char pw[] = "password";
     static const int pwSz = sizeof(pw) - 1;
     size_t checkPwSz = 0;
@@ -37237,19 +34430,16 @@ static int test_wolfSSL_EVP_PKEY_new_mac_key(void)
     ExpectIntEQ((int)checkPwSz, 0);
     wolfSSL_EVP_PKEY_free(key);
     key = NULL;
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_EXTRA
 #if defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT)
-    EXPECT_DECLS;
     const char *priv = "ABCDEFGHIJKLMNOP";
     const WOLFSSL_EVP_CIPHER* cipher = EVP_aes_128_cbc();
     WOLFSSL_EVP_PKEY* key = NULL;
@@ -37264,40 +34454,36 @@ static int test_wolfSSL_EVP_PKEY_new_CMAC_key(void)
     ExpectNotNull(key = wolfSSL_EVP_PKEY_new_CMAC_key(
         NULL, (const unsigned char *)priv, AES_128_KEY_SIZE, cipher));
     wolfSSL_EVP_PKEY_free(key);
-
-    res = EXPECT_RESULT();
-#endif /* defined(WOLFSSL_CMAC) && !defined(NO_AES) && defined(WOLFSSL_AES_DIRECT) */
+#endif /* WOLFSSL_CMAC && !NO_AES && WOLFSSL_AES_DIRECT */
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_Digest(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_PWDBASED)
     const char* in = "abc";
     int   inLen = (int)XSTRLEN(in);
     byte  out[WC_SHA256_DIGEST_SIZE];
     unsigned int outLen;
-    const char* expOut = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
-               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
-               "\x15\xAD";
+    const char* expOut =
+        "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+        "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+        "\x15\xAD";
 
-    ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen, "SHA256", NULL), 1);
+    ExpectIntEQ(wolfSSL_EVP_Digest((unsigned char*)in, inLen, out, &outLen,
+        "SHA256", NULL), 1);
     ExpectIntEQ(outLen, WC_SHA256_DIGEST_SIZE);
     ExpectIntEQ(XMEMCMP(out, expOut, WC_SHA256_DIGEST_SIZE), 0);
-
-    res = EXPECT_RESULT();
 #endif /* OPEN_EXTRA && ! NO_SHA256 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_Digest_all(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     const char* digests[] = {
 #ifndef NO_MD5
         "MD5",
@@ -37348,17 +34534,14 @@ static int test_wolfSSL_EVP_Digest_all(void)
         ExpectIntGT(outLen, 0);
         ExpectIntEQ(EVP_MD_size(*d), outLen);
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_MD_size(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     WOLFSSL_EVP_MD_CTX mdCtx;
 
 #ifdef WOLFSSL_SHA3
@@ -37496,17 +34679,14 @@ static int test_wolfSSL_EVP_MD_size(void)
     ExpectIntEQ(wolfSSL_EVP_MD_CTX_block_size(&mdCtx), BAD_FUNC_ARG);
     /* Cleanup is valid on uninit'ed struct */
     ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_MD_pkey_type(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     const WOLFSSL_EVP_MD* md;
 
 #ifndef NO_MD5
@@ -37531,10 +34711,8 @@ static int test_wolfSSL_EVP_MD_pkey_type(void)
     ExpectNotNull(md = EVP_sha512());
     ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifdef OPENSSL_EXTRA
@@ -37597,9 +34775,8 @@ static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
 
 static int test_wolfSSL_EVP_MD_hmac_signing(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_EXTRA
     EXPECT_DECLS;
+#ifdef OPENSSL_EXTRA
     static const unsigned char testKey[] =
     {
         0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
@@ -37736,19 +34913,16 @@ static int test_wolfSSL_EVP_MD_hmac_signing(void)
         sizeof(testResultSha3_512)), TEST_SUCCESS);
     #endif
 #endif
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_EVP_MD_rsa_signing(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
-                                                  defined(USE_CERT_BUFFERS_2048)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
+    defined(USE_CERT_BUFFERS_2048)
     WOLFSSL_EVP_PKEY* privKey = NULL;
     WOLFSSL_EVP_PKEY* pubKey = NULL;
     WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL;
@@ -37860,18 +35034,15 @@ static int test_wolfSSL_EVP_MD_rsa_signing(void)
 
     wolfSSL_EVP_PKEY_free(pubKey);
     wolfSSL_EVP_PKEY_free(privKey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_EVP_MD_ecc_signing(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     WOLFSSL_EVP_PKEY* privKey = NULL;
     WOLFSSL_EVP_PKEY* pubKey = NULL;
     const char testData[] = "Hi There";
@@ -37934,20 +35105,17 @@ static int test_wolfSSL_EVP_MD_ecc_signing(void)
 
     wolfSSL_EVP_PKEY_free(pubKey);
     wolfSSL_EVP_PKEY_free(privKey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_CTX_add_extra_chain_cert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(NO_BIO)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     char caFile[] = "./certs/client-ca.pem";
     char clientFile[] = "./certs/client-cert.pem";
     SSL_CTX* ctx = NULL;
@@ -38052,24 +35220,21 @@ static int test_wolfSSL_CTX_add_extra_chain_cert(void)
     sk_X509_pop_free(chain, X509_free);
     sk_X509_pop_free(chain2, X509_free);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-    #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-             !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */
-    return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+         !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined (NO_BIO) */
+    return EXPECT_RESULT();
 }
 
 
 #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
 static int test_wolfSSL_ERR_peek_last_error_line(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
     !defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \
     defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(NO_ERROR_QUEUE)
-    EXPECT_DECLS;
     callback_functions client_cb;
     callback_functions server_cb;
     int         line = 0;
@@ -38114,11 +35279,9 @@ static int test_wolfSSL_ERR_peek_last_error_line(void)
     fprintf(stderr, "\nTesting error print out\n");
     ERR_print_errors_fp(stderr);
     fprintf(stderr, "Done testing print out\n\n");
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
         * !defined(NO_FILESYSTEM) && !defined(DEBUG_WOLFSSL) */
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* !NO_WOLFSSL_CLIENT && !NO_WOLFSSL_SERVER */
 
@@ -38135,12 +35298,11 @@ static int verify_cb(int ok, X509_STORE_CTX *ctx)
 
 static int test_wolfSSL_X509_Name_canon(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_SHA) && \
      defined(WOLFSSL_CERT_GEN) && \
     (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && !defined(NO_RSA)
-    EXPECT_DECLS;
     const long ex_hash1 = 0x0fdb2da4;
     const long ex_hash2 = 0x9f3e8c9e;
     X509_NAME *name = NULL;
@@ -38195,17 +35357,14 @@ static int test_wolfSSL_X509_Name_canon(void)
         XFCLOSE(file);
     X509_free(x509);
     XFREE(pbuf, NULL, DYNAMIC_TYPE_OPENSSL);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)
     const int  MAX_DIR = 4;
     const char paths[][32] = {
                              "./certs/ed25519",
@@ -38270,19 +35429,16 @@ static int test_wolfSSL_X509_LOOKUP_ctrl_hash_dir(void)
     #endif
 
     X509_STORE_free(str);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_LOOKUP_ctrl_file(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
     defined(WOLFSSL_SIGNER_DER_CERT)
-    EXPECT_DECLS;
     X509_STORE_CTX* ctx = NULL;
     X509_STORE* str = NULL;
     X509_LOOKUP* lookup = NULL;
@@ -38411,10 +35567,8 @@ static int test_wolfSSL_X509_LOOKUP_ctrl_file(void)
     ExpectIntEQ(X509_LOOKUP_ctrl(NULL, 0, NULL, 0, NULL), 0);
     X509_STORE_free(str);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void)
@@ -38431,9 +35585,8 @@ static int test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup(void)
 
 static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
     X509_STORE_CTX* ctx = NULL;
     X509_STORE* str = NULL;
     X509* x509Ca = NULL;
@@ -38466,18 +35619,15 @@ static int test_wolfSSL_X509_STORE_CTX_get0_current_issuer(void)
     X509_free(x509Svr);
     X509_STORE_free(str);
     X509_free(x509Ca);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS7_certs(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_BIO) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7)
-    EXPECT_DECLS;
     STACK_OF(X509)* sk = NULL;
     STACK_OF(X509_INFO)* info_sk = NULL;
     PKCS7 *p7 = NULL;
@@ -38542,19 +35692,16 @@ static int test_wolfSSL_PKCS7_certs(void)
         PKCS7_free(p7);
         p7 = NULL;
     }
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
          !defined(NO_FILESYSTEM) && !defined(NO_RSA) && defined(HAVE_PKCS7) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_CTX(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-       !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+   !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     X509_STORE_CTX* ctx = NULL;
     X509_STORE* str = NULL;
     X509* x509 = NULL;
@@ -38679,19 +35826,129 @@ static int test_wolfSSL_X509_STORE_CTX(void)
         str = NULL;
     }
 
-    res = EXPECT_RESULT();
-    #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-             !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+        * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
 
-    return res;
+    return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
+static int test_X509_STORE_untrusted_load_cert_to_stack(const char* filename,
+        STACK_OF(X509)* chain)
+{
+    EXPECT_DECLS;
+    XFILE fp = XBADFILE;
+    X509* cert = NULL;
+
+    ExpectTrue((fp = XFOPEN(filename, "rb"))
+            != XBADFILE);
+    ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+    ExpectIntEQ(sk_X509_push(chain, cert), 1);
+    if (EXPECT_FAIL())
+        X509_free(cert);
+
+    return EXPECT_RESULT();
+}
+
+static int test_X509_STORE_untrusted_certs(const char** filenames, int ret,
+        int err, int loadCA)
+{
+    EXPECT_DECLS;
+    X509_STORE_CTX* ctx = NULL;
+    X509_STORE* str = NULL;
+    XFILE fp = XBADFILE;
+    X509* cert = NULL;
+    STACK_OF(X509)* untrusted = NULL;
+
+    ExpectTrue((fp = XFOPEN("./certs/intermediate/server-int-cert.pem", "rb"))
+            != XBADFILE);
+    ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+
+    ExpectNotNull(str = X509_STORE_new());
+    ExpectNotNull(ctx = X509_STORE_CTX_new());
+    ExpectNotNull(untrusted = sk_X509_new_null());
+
+    ExpectIntEQ(X509_STORE_set_flags(str, 0), 1);
+    if (loadCA) {
+        ExpectIntEQ(X509_STORE_load_locations(str, "./certs/ca-cert.pem", NULL),
+                1);
+    }
+    for (; *filenames; filenames++) {
+        ExpectIntEQ(test_X509_STORE_untrusted_load_cert_to_stack(*filenames,
+                untrusted), TEST_SUCCESS);
+    }
+
+    ExpectIntEQ(X509_STORE_CTX_init(ctx, str, cert, untrusted), 1);
+    ExpectIntEQ(X509_verify_cert(ctx), ret);
+    ExpectIntEQ(X509_STORE_CTX_get_error(ctx), err);
+
+    X509_free(cert);
+    X509_STORE_free(str);
+    X509_STORE_CTX_free(ctx);
+    sk_X509_pop_free(untrusted, NULL);
+
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_X509_STORE_untrusted(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
+    const char* untrusted1[] = {
+        "./certs/intermediate/ca-int2-cert.pem",
+        NULL
+    };
+    const char* untrusted2[] = {
+        "./certs/intermediate/ca-int-cert.pem",
+        "./certs/intermediate/ca-int2-cert.pem",
+        NULL
+    };
+    const char* untrusted3[] = {
+        "./certs/intermediate/ca-int-cert.pem",
+        "./certs/intermediate/ca-int2-cert.pem",
+        "./certs/ca-cert.pem",
+        NULL
+    };
+    /* Adding unrelated certs that should be ignored */
+    const char* untrusted4[] = {
+        "./certs/client-ca.pem",
+        "./certs/intermediate/ca-int-cert.pem",
+        "./certs/server-cert.pem",
+        "./certs/intermediate/ca-int2-cert.pem",
+        NULL
+    };
+
+    /* Only immediate issuer in untrusted chain. Fails since can't build chain
+     * to loaded CA. */
+    ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted1, 0,
+            X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 1), TEST_SUCCESS);
+    /* Succeeds because path to loaded CA is available. */
+    ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted2, 1, 0, 1),
+            TEST_SUCCESS);
+    /* Fails because root CA is in the untrusted stack */
+    ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted3, 0,
+            X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY, 0), TEST_SUCCESS);
+    /* Succeeds because path to loaded CA is available. */
+    ExpectIntEQ(test_X509_STORE_untrusted_certs(untrusted4, 1, 0, 1),
+            TEST_SUCCESS);
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_set_flags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509_STORE* store = NULL;
     X509* x509 = NULL;
 
@@ -38710,20 +35967,17 @@ static int test_wolfSSL_X509_STORE_set_flags(void)
 
     wolfSSL_X509_free(x509);
     wolfSSL_X509_STORE_free(store);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
         * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_LOOKUP_load_file(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA) && \
    (!defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH))
-    EXPECT_DECLS;
     WOLFSSL_X509_STORE*  store = NULL;
     WOLFSSL_X509_LOOKUP* lookup = NULL;
 
@@ -38748,18 +36002,15 @@ static int test_wolfSSL_X509_LOOKUP_load_file(void)
     }
 
     wolfSSL_X509_STORE_free(store);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_CRL) &&
         * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_CTX_set_time(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     WOLFSSL_X509_STORE_CTX* ctx = NULL;
     time_t c_time;
 
@@ -38770,18 +36021,15 @@ static int test_wolfSSL_X509_STORE_CTX_set_time(void)
         WOLFSSL_USE_CHECK_TIME);
     ExpectTrue(ctx->param->check_time == c_time);
     wolfSSL_X509_STORE_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_get0_set1_param(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     SSL_CTX* ctx = NULL;
     WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
     WOLFSSL_X509_VERIFY_PARAM* pvpm = NULL;
@@ -38813,7 +36061,7 @@ static int test_wolfSSL_CTX_get0_set1_param(void)
     ExpectIntEQ(0x01, pParam->hostFlags);
     ExpectIntEQ(0, XSTRNCMP(pParam->ipasc, testIPv4, WOLFSSL_MAX_IPSTR));
 
-    /* test for incorrect patameter */
+    /* test for incorrect parameter */
     ExpectIntEQ(1,SSL_CTX_set1_param(ctx, NULL));
     ExpectIntEQ(1,SSL_CTX_set1_param(NULL, pvpm));
     ExpectIntEQ(1,SSL_CTX_set1_param(NULL, NULL));
@@ -38821,19 +36069,16 @@ static int test_wolfSSL_CTX_get0_set1_param(void)
     SSL_CTX_free(ctx);
 
     XFREE(pvpm, NULL, DYNAMIC_TYPE_OPENSSL);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_get0_param(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     SSL_CTX* ctx = NULL;
     SSL*     ssl = NULL;
 
@@ -38851,18 +36096,15 @@ static int test_wolfSSL_get0_param(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* OPENSSL_EXTRA && !defined(NO_RSA)*/
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     const char host[] = "www.example.com";
     WOLFSSL_X509_VERIFY_PARAM* pParam = NULL;
 
@@ -38881,18 +36123,15 @@ static int test_wolfSSL_X509_VERIFY_PARAM_set1_host(void)
 
         XFREE(pParam, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
     }
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_set1_host(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     const char host[] = "www.test_wolfSSL_set1_host.com";
     const char emptyStr[] = "";
     SSL_CTX*   ctx = NULL;
@@ -38929,18 +36168,15 @@ static int test_wolfSSL_set1_host(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     unsigned char buf[16] = {0};
     WOLFSSL_X509_VERIFY_PARAM* param = NULL;
 
@@ -38997,17 +36233,14 @@ static int test_wolfSSL_X509_VERIFY_PARAM_set1_ip(void)
                                                 sizeof(param->ipasc)), 0);
 
     XFREE(param, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_CTX_get0_store(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     X509_STORE* store = NULL;
     X509_STORE_CTX* ctx = NULL;
     X509_STORE_CTX* ctx_no_init = NULL;
@@ -39025,18 +36258,15 @@ static int test_wolfSSL_X509_STORE_CTX_get0_store(void)
     wolfSSL_X509_STORE_CTX_free(ctx);
     wolfSSL_X509_STORE_CTX_free(ctx_no_init);
     X509_STORE_free(store);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_set_client_CA_list(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_BIO)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL* ssl = NULL;
     X509_NAME* name = NULL;
@@ -39156,19 +36386,16 @@ static int test_wolfSSL_CTX_set_client_CA_list(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT &&
         * !NO_BIO */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_add_client_CA(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
     !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509* x509_a = NULL;
@@ -39193,12 +36420,11 @@ static int test_wolfSSL_CTX_add_client_CA(void)
     X509_free(x509);
     X509_free(x509_a);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA  && !NO_RSA && !NO_CERTS && !NO_WOLFSSL_CLIENT */
-    return res;
+    return EXPECT_RESULT();
 }
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES)
 static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
 {
     callback_functions* callbacks = ((func_args*)args)->callbacks;
@@ -39252,12 +36478,12 @@ static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
 
     if (ret != WOLFSSL_SUCCESS) {
         char buff[WOLFSSL_MAX_ERROR_SZ];
-        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
+        fprintf(stderr, "error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buff));
     }
     else {
         if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
             input[idx] = 0;
-            printf("Client message: %s\n", input);
+           fprintf(stderr, "Client message: %s\n", input);
         }
 
         AssertIntEQ(privateNameLen, wolfSSL_write(ssl, privateName,
@@ -39277,7 +36503,7 @@ static THREAD_RETURN WOLFSSL_THREAD server_task_ech(void* args)
     wc_ecc_fp_free();
 #endif
 
-    return 0;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 #endif /* HAVE_ECH && WOLFSSL_TLS13 */
 
@@ -39293,33 +36519,30 @@ static void keyLog_callback(const WOLFSSL* ssl, const char* line )
     fp = XFOPEN("./MyKeyLog.txt", "a");
     XFWRITE( line, 1, strlen(line),fp);
     XFWRITE( (void*)&lf,1,1,fp);
+    XFFLUSH(fp);
     XFCLOSE(fp);
 
 }
 #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
 static int test_wolfSSL_CTX_set_keylog_callback(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
                               !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     SSL_CTX* ctx = NULL;
 
     ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
     SSL_CTX_set_keylog_callback(ctx, keyLog_callback );
     SSL_CTX_free(ctx);
     SSL_CTX_set_keylog_callback(NULL, NULL);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_CTX_get_keylog_callback(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK) && \
                                 !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     SSL_CTX* ctx = NULL;
 
     ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
@@ -39329,10 +36552,8 @@ static int test_wolfSSL_CTX_get_keylog_callback(void)
     SSL_CTX_set_keylog_callback(ctx, NULL );
     ExpectPtrEq(SSL_CTX_get_keylog_callback(ctx),NULL);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && !NO_WOLFSSL_CLIENT */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
@@ -39346,12 +36567,11 @@ static int test_wolfSSL_Tls12_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
 
 static int test_wolfSSL_Tls12_Key_Logging_test(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SECRET_CALLBACK)
 /* This test is intended for checking whether keylog callback is called
  * in client during TLS handshake between the client and a server.
  */
-    EXPECT_DECLS;
     test_ssl_cbf server_cbf;
     test_ssl_cbf client_cbf;
     XFILE fp = XBADFILE;
@@ -39389,10 +36609,10 @@ static int test_wolfSSL_Tls12_Key_Logging_test(void)
     }
     /* a log starting with "CLIENT_RANDOM " should exit in the file */
     ExpectIntEQ(found, 1);
-
-    res = EXPECT_RESULT();
+    /* clean up */
+    ExpectIntEQ(rem_file("./MyKeyLog.txt"), 0);
 #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
@@ -39407,13 +36627,12 @@ static int test_wolfSSL_Tls13_Key_Logging_client_ctx_ready(WOLFSSL_CTX* ctx)
 
 static int test_wolfSSL_Tls13_Key_Logging_test(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_TLS13) && defined(OPENSSL_EXTRA) && \
     defined(HAVE_SECRET_CALLBACK)
 /* This test is intended for checking whether keylog callback is called
  * in client during TLS handshake between the client and a server.
  */
-    EXPECT_DECLS;
     test_ssl_cbf server_cbf;
     test_ssl_cbf client_cbf;
     XFILE fp = XBADFILE;
@@ -39473,12 +36692,11 @@ static int test_wolfSSL_Tls13_Key_Logging_test(void)
         }
         ExpectIntEQ(numfnd, 4);
     }
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && HAVE_SECRET_CALLBACK && WOLFSSL_TLS13 */
-    return res;
+    return EXPECT_RESULT();
 }
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES)
 static int test_wolfSSL_Tls13_ECH_params(void)
 {
     EXPECT_DECLS;
@@ -39676,30 +36894,28 @@ static int post_auth_cb(WOLFSSL* ssl)
 
 static int set_post_auth_cb(WOLFSSL* ssl)
 {
-    EXPECT_DECLS;
     if (!wolfSSL_is_server(ssl)) {
+        EXPECT_DECLS;
         ExpectIntEQ(wolfSSL_allow_post_handshake_auth(ssl), 0);
+        return EXPECT_RESULT();
     }
-    else {
-        wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
-    }
-    return EXPECT_RESULT();
+    wolfSSL_set_verify(ssl, WOLFSSL_VERIFY_POST_HANDSHAKE, NULL);
+    return TEST_SUCCESS;
 }
 #endif
 
 static int test_wolfSSL_Tls13_postauth(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_IO_TESTS_DEPENDENCIES) && \
     defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
-    EXPECT_DECLS;
     test_ssl_cbf server_cbf;
     test_ssl_cbf client_cbf;
 
     /* test version failure doing post auth with TLS 1.2 connection */
-    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
-    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+    XMEMSET(&client_cbf, 0, sizeof(client_cbf));
     server_cbf.method = wolfTLSv1_2_server_method;
     server_cbf.ssl_ready = set_post_auth_cb;
     server_cbf.on_result = post_auth_version_cb;
@@ -39710,8 +36926,8 @@ static int test_wolfSSL_Tls13_postauth(void)
         &server_cbf, NULL), TEST_SUCCESS);
 
     /* tests on post auth with TLS 1.3 */
-    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
-    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+    XMEMSET(&client_cbf, 0, sizeof(client_cbf));
     server_cbf.method = wolfTLSv1_3_server_method;
     server_cbf.ssl_ready = set_post_auth_cb;
     client_cbf.ssl_ready = set_post_auth_cb;
@@ -39720,19 +36936,16 @@ static int test_wolfSSL_Tls13_postauth(void)
 
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
         &server_cbf, NULL), TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509_NID(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
     !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_ASN)
-    EXPECT_DECLS;
     int   sigType;
     int   nameSz;
 
@@ -39798,18 +37011,15 @@ static int test_wolfSSL_X509_NID(void)
 
     EVP_PKEY_free(pubKeyTmp);
     X509_free(cert);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_set_srp_username(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) \
     && !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL* ssl = NULL;
     const char *username = "TESTUSER";
@@ -39833,19 +37043,16 @@ static int test_wolfSSL_CTX_set_srp_username(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
        /* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_set_srp_password(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFCRYPT_HAVE_SRP) && \
     !defined(NO_SHA256) && !defined(WC_NO_RNG) && !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     WOLFSSL_CTX* ctx = NULL;
     const char *username = "TESTUSER";
     const char *password = "TESTPASSWORD";
@@ -39862,18 +37069,15 @@ static int test_wolfSSL_CTX_set_srp_password(void)
     ExpectIntEQ(wolfSSL_CTX_set_srp_password(ctx, (char *)password),
         SSL_SUCCESS);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && WOLFCRYPT_HAVE_SRP */
        /* && !NO_SHA256 && !WC_NO_RNG && !NO_WOLFSSL_CLIENT */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
     X509_STORE *store = NULL;
 
 #ifdef HAVE_CRL
@@ -39921,7 +37125,8 @@ static int test_wolfSSL_X509_STORE(void)
                     SSL_FILETYPE_PEM)));
     ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
     ExpectIntNE(X509_verify_cert(storeCtx), SSL_SUCCESS);
-    ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), CRL_CERT_REVOKED);
+    ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx),
+                WOLFSSL_X509_V_ERR_CERT_REVOKED);
     X509_CRL_free(crl);
     crl = NULL;
     X509_STORE_free(store);
@@ -39963,8 +37168,10 @@ static int test_wolfSSL_X509_STORE(void)
                     SSL_SUCCESS);
             }
             else {
-                ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store),
-                    SSL_SUCCESS);
+                ExpectIntEQ(SSL_set1_verify_cert_store(ssl, store), SSL_SUCCESS);
+                #ifdef OPENSSL_ALL
+                ExpectIntEQ(SSL_CTX_set1_verify_cert_store(ctx, store), SSL_SUCCESS);
+                #endif
             }
             if (EXPECT_FAIL() || (i == 1)) {
                 X509_STORE_free(store);
@@ -39978,18 +37185,15 @@ static int test_wolfSSL_X509_STORE(void)
     #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
     }
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_load_locations(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
     !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
-    EXPECT_DECLS;
     SSL_CTX *ctx = NULL;
     X509_STORE *store = NULL;
 
@@ -40048,18 +37252,15 @@ static int test_wolfSSL_X509_STORE_load_locations(void)
 #endif
 
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_X509_STORE_get0_objects(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
     !defined(NO_WOLFSSL_DIR) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509_STORE *store = NULL;
     X509_STORE *store_cpy = NULL;
     SSL_CTX *ctx = NULL;
@@ -40131,18 +37332,15 @@ static int test_X509_STORE_get0_objects(void)
 
     X509_STORE_free(store_cpy);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_CTX(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     WOLFSSL_BN_CTX* bn_ctx = NULL;
     WOLFSSL_BIGNUM* t = NULL;
 
@@ -40164,18 +37362,15 @@ static int test_wolfSSL_BN_CTX(void)
 
     BN_CTX_free(NULL);
     BN_CTX_free(bn_ctx);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* c = NULL;
@@ -40289,19 +37484,16 @@ static int test_wolfSSL_BN(void)
     BN_free(b);
     BN_free(c);
     BN_clear_free(d);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
 #if !defined(USE_INTEGER_HEAP_MATH) && !defined(HAVE_WOLF_BIGINT)
-    EXPECT_DECLS;
     BIGNUM* ap = NULL;
     BIGNUM bv;
     BIGNUM cv;
@@ -40336,18 +37528,15 @@ static int test_wolfSSL_BN_init(void)
     ExpectIntEQ(BN_get_word(&dv), 1);
 
     BN_free(ap);
-
-    res = EXPECT_RESULT();
 #endif
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_enc_dec(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* c = NULL;
@@ -40437,17 +37626,14 @@ static int test_wolfSSL_BN_enc_dec(void)
 
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_word(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(WOLFSSL_SP_MATH)
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* c = NULL;
@@ -40525,18 +37711,15 @@ static int test_wolfSSL_BN_word(void)
     BN_free(c);
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_bits(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM emptyBN;
 
@@ -40581,18 +37764,15 @@ static int test_wolfSSL_BN_bits(void)
 #endif
 
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_shift(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM emptyBN;
@@ -40633,18 +37813,15 @@ static int test_wolfSSL_BN_shift(void)
 
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_math(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* r = NULL;
@@ -40766,18 +37943,15 @@ static int test_wolfSSL_BN_math(void)
     BN_free(r);
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_math_mod(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* m = NULL;
@@ -40904,19 +38078,16 @@ static int test_wolfSSL_BN_math_mod(void)
     BN_free(m);
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_math_other(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* b = NULL;
     BIGNUM* r = NULL;
@@ -40946,7 +38117,7 @@ static int test_wolfSSL_BN_math_other(void)
     ExpectIntEQ(BN_gcd(r, a, &emptyBN, NULL), 0);
     /* END Invalid parameters. */
 
-    /* No comman factors between 2 and 3. */
+    /* No common factors between 2 and 3. */
     ExpectIntEQ(BN_set_word(a, 2), 1);
     ExpectIntEQ(BN_set_word(b, 3), 1);
     ExpectIntEQ(BN_gcd(r, a, b, NULL), 1);
@@ -40965,18 +38136,15 @@ static int test_wolfSSL_BN_math_other(void)
     BN_free(r);
     BN_free(b);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_rand(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_NO_BN)
     BIGNUM* bn = NULL;
     BIGNUM* range = NULL;
     BIGNUM emptyBN;
@@ -41115,19 +38283,16 @@ static int test_wolfSSL_BN_rand(void)
 
     BN_free(bn);
     BN_free(range);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BN_prime(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(OPENSSL_EXTRA_NO_BN) && !defined(WOLFSSL_SP_MATH)
 #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_RSA) || !defined(NO_DH) || !defined(NO_DSA))
-    EXPECT_DECLS;
     BIGNUM* a = NULL;
     BIGNUM* add = NULL;
     BIGNUM* rem = NULL;
@@ -41183,11 +38348,9 @@ static int test_wolfSSL_BN_prime(void)
     BN_free(rem);
     BN_free(add);
     BN_free(a);
-
-    res = EXPECT_RESULT();
 #endif
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_ASN) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
@@ -41221,14 +38384,15 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl)
     int i, num;
     BIO* bio = NULL;
 #endif
-    (void) ctx;
+
+    ExpectNotNull(ctx);
+    ExpectNotNull(ssl);
+
     fprintf(stderr, "\n===== msgcb called ====\n");
 #if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN)
     ExpectTrue(SSL_get_peer_cert_chain(ssl) != NULL);
     ExpectIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 2);
     ExpectNotNull(SSL_get0_verified_chain(ssl));
-#else
-    (void) ssl;
 #endif
 
 #if defined(OPENSSL_ALL) && defined(SESSION_CERTS) && !defined(NO_BIO)
@@ -41256,15 +38420,14 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl)
 
 static int test_wolfSSL_msgCb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(DEBUG_WOLFSSL) && \
       defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     test_ssl_cbf client_cb;
     test_ssl_cbf server_cb;
 
-    XMEMSET(&client_cb, 0, sizeof(callback_functions));
-    XMEMSET(&server_cb, 0, sizeof(callback_functions));
+    XMEMSET(&client_cb, 0, sizeof(client_cb));
+    XMEMSET(&server_cb, 0, sizeof(server_cb));
 #ifndef WOLFSSL_NO_TLS12
     client_cb.method  = wolfTLSv1_2_client_method;
     server_cb.method  = wolfTLSv1_2_server_method;
@@ -41275,18 +38438,15 @@ static int test_wolfSSL_msgCb(void)
 
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cb,
         &server_cb, msgCb), TEST_SUCCESS);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_either_side(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
     defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     test_ssl_cbf client_cb;
     test_ssl_cbf server_cb;
 
@@ -41306,18 +38466,15 @@ static int test_wolfSSL_either_side(void)
 
     wolfSSL_CTX_free(client_cb.ctx);
     wolfSSL_CTX_free(server_cb.ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DTLS_either_side(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(WOLFSSL_EITHER_SIDE)) && \
     defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS)
-    EXPECT_DECLS;
     test_ssl_cbf client_cb;
     test_ssl_cbf server_cb;
 
@@ -41337,17 +38494,14 @@ static int test_wolfSSL_DTLS_either_side(void)
 
     wolfSSL_CTX_free(client_cb.ctx);
     wolfSSL_CTX_free(server_cb.ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_generate_cookie(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO)
     EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(OPENSSL_EXTRA) && defined(USE_WOLFSSL_IO)
     SSL_CTX* ctx = NULL;
     SSL* ssl = NULL;
     byte    buf[FOURK_BUF] = {0};
@@ -41368,18 +38522,15 @@ static int test_generate_cookie(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_set_options(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     WOLFSSL*     ssl = NULL;
     WOLFSSL_CTX* ctx = NULL;
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -41499,20 +38650,17 @@ static int test_wolfSSL_set_options(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif /* !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_sk_SSL_CIPHER(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
-       !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
+   !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     SSL*     ssl = NULL;
     SSL_CTX* ctx = NULL;
     STACK_OF(SSL_CIPHER) *sk = NULL;
@@ -41538,20 +38686,17 @@ static int test_wolfSSL_sk_SSL_CIPHER(void)
     /* sk is pointer to internal struct that should be free'd in SSL_free */
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-    #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-             !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
+         !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_set1_curves_list(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     SSL*     ssl = NULL;
     SSL_CTX* ctx = NULL;
 
@@ -41600,19 +38745,16 @@ static int test_wolfSSL_set1_curves_list(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_set1_sigalgs_list(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
-#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
+#if !defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)
     SSL*     ssl = NULL;
     SSL_CTX* ctx = NULL;
 
@@ -41728,11 +38870,9 @@ static int test_wolfSSL_set1_sigalgs_list(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif /* !NO_WOLFSSL_CLIENT || !NO_WOLFSSL_SERVER */
-    #endif
-    return res;
+#endif
+    return EXPECT_RESULT();
 }
 
 /* Testing  wolfSSL_set_tlsext_status_type function.
@@ -41740,10 +38880,9 @@ static int test_wolfSSL_set1_sigalgs_list(void)
  */
 static int test_wolfSSL_set_tlsext_status_type(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) && \
     !defined(NO_RSA) && !defined(NO_WOLFSSL_SERVER)
-    EXPECT_DECLS;
     SSL*     ssl = NULL;
     SSL_CTX* ctx = NULL;
 
@@ -41757,20 +38896,17 @@ static int test_wolfSSL_set_tlsext_status_type(void)
     ExpectIntEQ(SSL_get_tlsext_status_type(ssl), TLSEXT_STATUSTYPE_ocsp);
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif  /* OPENSSL_EXTRA && HAVE_CERTIFICATE_STATUS_REQUEST && !NO_RSA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 
 static int test_wolfSSL_PEM_read_bio(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
    !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    EXPECT_DECLS;
     byte buff[6000];
     XFILE f = XBADFILE;
     int  bytes;
@@ -41797,11 +38933,9 @@ static int test_wolfSSL_PEM_read_bio(void)
     BIO_free(bio);
     BUF_MEM_free(buf);
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) &&
         * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -41821,9 +38955,8 @@ static long bioCallback(BIO *bio, int cmd, const char* argp, int argi,
 
 static int test_wolfSSL_BIO(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     const unsigned char* p = NULL;
     byte buff[20];
     BIO* bio1 = NULL;
@@ -42052,10 +39185,8 @@ static int test_wolfSSL_BIO(void)
     ExpectNotNull(bio1 = BIO_new(BIO_s_bio()));
     BIO_vfree(NULL);
     BIO_vfree(bio1);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #endif /* !NO_BIO */
@@ -42063,9 +39194,8 @@ static int test_wolfSSL_BIO(void)
 
 static int test_wolfSSL_a2i_IPADDRESS(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(WOLFSSL_USER_IO)
     const unsigned char* data = NULL;
     int dataSz = 0;
     ASN1_OCTET_STRING *st = NULL;
@@ -42100,55 +39230,16 @@ static int test_wolfSSL_a2i_IPADDRESS(void)
     ExpectIntEQ(dataSz = ASN1_STRING_length(st), WOLFSSL_IP6_ADDR_LEN);
     ExpectIntEQ(XMEMCMP(data, ipv6_exp, dataSz), 0);
     ASN1_STRING_free(st);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
-}
-
-static int test_wolfSSL_DES_ecb_encrypt(void)
-{
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
-    WOLFSSL_DES_cblock input1,input2,output1,output2,back1,back2;
-    WOLFSSL_DES_key_schedule key;
-
-    XMEMCPY(key,"12345678",sizeof(WOLFSSL_DES_key_schedule));
-    XMEMCPY(input1, "Iamhuman",sizeof(WOLFSSL_DES_cblock));
-    XMEMCPY(input2, "Whoisit?",sizeof(WOLFSSL_DES_cblock));
-    XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
-    XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
-    XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
-    XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
-
-    /* Encrypt messages */
-    wolfSSL_DES_ecb_encrypt(&input1,&output1,&key,DES_ENCRYPT);
-    wolfSSL_DES_ecb_encrypt(&input2,&output2,&key,DES_ENCRYPT);
-
-    {
-        /* Decrypt messages */
-        int ret1 = 0;
-        int ret2 = 0;
-        wolfSSL_DES_ecb_encrypt(&output1,&back1,&key,DES_DECRYPT);
-        ret1 = XMEMCMP((unsigned char *) back1,(unsigned char *) input1,sizeof(WOLFSSL_DES_cblock));
-        AssertIntEQ(ret1,0);
-        wolfSSL_DES_ecb_encrypt(&output2,&back2,&key,DES_DECRYPT);
-        ret2 = XMEMCMP((unsigned char *) back2,(unsigned char *) input2,sizeof(WOLFSSL_DES_cblock));
-        AssertIntEQ(ret2,0);
-    }
-
-    res = TEST_RES_CHECK(1);
-    #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509_cmp_time(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) \
 && !defined(USER_TIME) && !defined(TIME_OVERRIDES)
-    EXPECT_DECLS;
     WOLFSSL_ASN1_TIME asn_time;
     time_t t;
 
@@ -42158,20 +39249,17 @@ static int test_wolfSSL_X509_cmp_time(void)
 
     ExpectIntEQ(ASN1_TIME_set_string(&asn_time, "000222211515Z"), 1);
     ExpectIntEQ(-1, wolfSSL_X509_cmp_time(&asn_time, NULL));
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_time_adj(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN_TIME) && \
     !defined(USER_TIME) && !defined(TIME_OVERRIDES) && \
     defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA) && \
     !defined(NO_ASN_TIME)
-    EXPECT_DECLS;
     X509*  x509 = NULL;
     time_t t;
     time_t not_before;
@@ -42190,19 +39278,16 @@ static int test_wolfSSL_X509_time_adj(void)
     ExpectNotNull(X509_gmtime_adj(X509_get_notAfter(x509), not_after));
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA)
-    EXPECT_DECLS;
     X509* x509 = NULL;
 #ifndef NO_BIO
     BIO*  bio = NULL;
@@ -42268,62 +39353,58 @@ static int test_wolfSSL_X509(void)
     X509_free(x509); /* refCount = 2 */
     X509_free(x509); /* refCount = 1 */
     X509_free(x509); /* refCount = 0, free */
-
-    res = EXPECT_RESULT();
-    #endif
-    return res;
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get_ext_count(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA)
     int ret = 0;
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     const char ocspRootCaFile[] = "./certs/ocsp/root-ca-cert.pem";
-    FILE* f;
+    XFILE f = XBADFILE;
 
     /* NULL parameter check */
-    AssertIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_get_ext_count(NULL), WOLFSSL_FAILURE);
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
-                                                             SSL_FILETYPE_PEM));
-    AssertIntEQ(X509_get_ext_count(x509), 5);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        SSL_FILETYPE_PEM));
+    ExpectIntEQ(X509_get_ext_count(x509), 5);
     wolfSSL_X509_free(x509);
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile,
-                                                             SSL_FILETYPE_PEM));
-    AssertIntEQ(X509_get_ext_count(x509), 5);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(ocspRootCaFile,
+        SSL_FILETYPE_PEM));
+    ExpectIntEQ(X509_get_ext_count(x509), 5);
     wolfSSL_X509_free(x509);
 
-    AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
+    ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* wolfSSL_X509_get_ext_count() valid input */
-    AssertIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
+    ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
 
     /* wolfSSL_X509_get_ext_count() NULL argument */
-    AssertIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
+    ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(NULL)), WOLFSSL_FAILURE);
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_sign2(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
     /* test requires WOLFSSL_AKID_NAME to match expected output */
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_ALT_NAMES) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_AKID_NAME) && \
     (defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || \
     defined(WOLFSSL_IP_ALT_NAME))
-    EXPECT_DECLS;
     WOLFSSL_X509 *x509 = NULL;
     WOLFSSL_X509 *ca = NULL;
     const unsigned char *der = NULL;
@@ -42344,8 +39425,8 @@ static int test_wolfSSL_X509_sign2(void)
 
     const unsigned char expected[] = {
         0x30, 0x82, 0x05, 0x13, 0x30, 0x82, 0x03, 0xFB, 0xA0, 0x03, 0x02, 0x01,
-        0x02, 0x02, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07, 0x84,
-        0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D, 0xEA, 0x53, 0x30,
+        0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55, 0x8A,
+        0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30,
         0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
         0x05, 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
@@ -42424,34 +39505,34 @@ static int test_wolfSSL_X509_sign2(void)
         0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
         0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x82, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07,
-        0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D, 0xEA, 0x53,
+        0x6F, 0x6D, 0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55,
+        0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59, 0xB8, 0xE8,
         0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06,
         0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82,
-        0x01, 0x01, 0x00, 0x4A, 0xFD, 0x81, 0xC9, 0xE9, 0xE6, 0x2D, 0xC7, 0x1F,
-        0xFA, 0x0A, 0xDC, 0x80, 0x21, 0xCE, 0xD9, 0x27, 0xD4, 0xA4, 0xA1, 0xEC,
-        0x87, 0x50, 0xA9, 0xE4, 0x6D, 0xF6, 0x04, 0x93, 0x5A, 0x1E, 0x51, 0xF4,
-        0x8F, 0x92, 0x3E, 0x58, 0x90, 0xD7, 0xE5, 0xD7, 0x4A, 0x3D, 0xF3, 0xC6,
-        0x1E, 0xE4, 0x78, 0x57, 0xCB, 0xE7, 0xED, 0x3F, 0x6A, 0x7D, 0x1E, 0xE2,
-        0xF1, 0x9F, 0xAA, 0x18, 0x0A, 0xC9, 0x1A, 0xD6, 0x78, 0x71, 0xB3, 0xB6,
-        0xE9, 0x55, 0x84, 0x27, 0x36, 0xA0, 0x89, 0x5C, 0x5A, 0x0A, 0x97, 0x53,
-        0x95, 0x36, 0x68, 0x39, 0xA9, 0x17, 0x51, 0x84, 0x2A, 0x68, 0x5F, 0xAE,
-        0xF3, 0x26, 0x32, 0x57, 0x99, 0x4A, 0x65, 0xE2, 0x14, 0x1E, 0xD8, 0x00,
-        0x24, 0xC1, 0xD1, 0x75, 0x56, 0xD3, 0x99, 0xD3, 0x55, 0x10, 0x88, 0xEC,
-        0x13, 0x05, 0x89, 0x18, 0x58, 0x55, 0x86, 0xFF, 0xA1, 0x2C, 0xB1, 0x96,
-        0xE5, 0x63, 0x1C, 0x83, 0xCA, 0xF6, 0x58, 0x0C, 0xD5, 0xD2, 0x27, 0x70,
-        0x61, 0x87, 0xCC, 0x17, 0x36, 0x6A, 0x75, 0x55, 0xB1, 0x13, 0xB6, 0xC8,
-        0x94, 0x0B, 0x1F, 0xE0, 0x32, 0xCA, 0x94, 0xA2, 0x46, 0x95, 0xBC, 0xA2,
-        0xA0, 0x2A, 0x4C, 0xEB, 0xFE, 0x14, 0xA3, 0x1D, 0x38, 0x13, 0x07, 0xB9,
-        0x98, 0x62, 0x88, 0xF1, 0x8F, 0xBC, 0xD7, 0x3F, 0x72, 0xD4, 0x2F, 0x77,
-        0xF2, 0x48, 0x0E, 0x9C, 0xAC, 0xE1, 0x44, 0x88, 0x58, 0x9A, 0x8E, 0x81,
-        0xBD, 0xB8, 0x6E, 0xF4, 0x64, 0x9B, 0x3A, 0xF1, 0x1D, 0x13, 0xE3, 0x51,
-        0xB9, 0xD1, 0x4D, 0xA3, 0xB5, 0x5D, 0x7B, 0x18, 0xBD, 0xDE, 0xAB, 0x1F,
-        0x82, 0x23, 0xAE, 0x6E, 0xB7, 0xE9, 0xEA, 0x54, 0xE6, 0xF5, 0x3E, 0x10,
-        0x80, 0x25, 0x36, 0x83, 0x46, 0xB2, 0x97, 0x8D, 0x3A, 0x06, 0xB6, 0xCC,
-        0x8D, 0xBE, 0xB4, 0xE6, 0x5E, 0xCA, 0x7B
+        0x01, 0x01, 0x00, 0x14, 0xFB, 0xD0, 0xCE, 0x31, 0x7F, 0xA5, 0x59, 0xFA,
+        0x7C, 0x68, 0x26, 0xA7, 0xE8, 0x0D, 0x9F, 0x50, 0x57, 0xFA, 0x1C, 0x7C,
+        0x5E, 0x43, 0xA4, 0x97, 0x47, 0xB6, 0x41, 0xAC, 0x63, 0xD3, 0x61, 0x8C,
+        0x1F, 0x42, 0xEF, 0x53, 0xD0, 0xBA, 0x31, 0x4D, 0x99, 0x74, 0xA4, 0x60,
+        0xDC, 0xC6, 0x6F, 0xCC, 0x1E, 0x25, 0x98, 0xE1, 0xA4, 0xA0, 0x67, 0x69,
+        0x97, 0xE3, 0x97, 0x7C, 0x83, 0x28, 0xF1, 0xF4, 0x7D, 0x03, 0xA8, 0x31,
+        0x77, 0xCC, 0xD1, 0x37, 0xEF, 0x7B, 0x4A, 0x71, 0x2D, 0x11, 0x7E, 0x92,
+        0xF5, 0x67, 0xB7, 0x56, 0xBA, 0x28, 0xF8, 0xD6, 0xCE, 0x2A, 0x71, 0xE3,
+        0x70, 0x6B, 0x09, 0x0F, 0x67, 0x6F, 0x7A, 0xE0, 0x89, 0xF6, 0x5E, 0x23,
+        0x0C, 0x0A, 0x44, 0x4E, 0x65, 0x8E, 0x7B, 0x68, 0xD0, 0xAD, 0x76, 0x3E,
+        0x2A, 0x0E, 0xA2, 0x05, 0x11, 0x74, 0x24, 0x08, 0x60, 0xED, 0x9F, 0x98,
+        0x18, 0xE9, 0x91, 0x58, 0x36, 0xEC, 0xEC, 0x25, 0x6B, 0xBA, 0x9C, 0x87,
+        0x38, 0x68, 0xDC, 0xDC, 0x15, 0x6F, 0x20, 0x68, 0xC4, 0xBF, 0x05, 0x5B,
+        0x4A, 0x0C, 0x44, 0x2B, 0x92, 0x3F, 0x10, 0x99, 0xDC, 0xF6, 0x6C, 0x0E,
+        0x34, 0x26, 0x6E, 0x6D, 0x4E, 0x12, 0xBC, 0x60, 0x8F, 0x27, 0x1D, 0x7A,
+        0x00, 0x50, 0xBE, 0x23, 0xDE, 0x48, 0x47, 0x9F, 0xAD, 0x2F, 0x94, 0x3D,
+        0x16, 0x73, 0x48, 0x6B, 0xC8, 0x97, 0xE6, 0xB4, 0xB3, 0x4B, 0xE1, 0x68,
+        0x08, 0xC3, 0xE5, 0x34, 0x5F, 0x9B, 0xDA, 0xAB, 0xCA, 0x6D, 0x55, 0x32,
+        0xEF, 0x6C, 0xEF, 0x9B, 0x8B, 0x5B, 0xC7, 0xF0, 0xC2, 0x0F, 0x8E, 0x93,
+        0x09, 0x60, 0x3C, 0x0B, 0xDC, 0xBD, 0xDB, 0x4A, 0x2D, 0xD0, 0x98, 0xAA,
+        0xAB, 0x6C, 0x6F, 0x6D, 0x6B, 0x6A, 0x5C, 0x33, 0xAC, 0xAD, 0xA8, 0x1B,
+        0x38, 0x5D, 0x9F, 0xDA, 0xE7, 0x70, 0x07
     };
 
     pt = ca_key_der_2048;
@@ -42492,19 +39573,16 @@ static int test_wolfSSL_X509_sign2(void)
     wolfSSL_ASN1_TIME_free(notBefore);
     wolfSSL_ASN1_TIME_free(notAfter);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509_sign(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_ASN_TIME) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA)
-    EXPECT_DECLS;
     int ret;
     char *cn = NULL;
     word32 cnSz;
@@ -42694,17 +39772,14 @@ static int test_wolfSSL_X509_sign(void)
     EVP_PKEY_free(pub);
     X509_free(x509);
     X509_free(ca);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get0_tbs_sigalg(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
     EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
     X509* x509 = NULL;
     const X509_ALGOR* alg;
 
@@ -42714,18 +39789,15 @@ static int test_wolfSSL_X509_get0_tbs_sigalg(void)
     ExpectNotNull(alg = X509_get0_tbs_sigalg(x509));
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_ALGOR_get0(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
     !defined(NO_SHA256) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509* x509 = NULL;
     const ASN1_OBJECT* obj = NULL;
     const X509_ALGOR* alg = NULL;
@@ -42749,18 +39821,15 @@ static int test_wolfSSL_X509_ALGOR_get0(void)
     ExpectIntEQ(OBJ_obj2nid(obj), NID_sha256WithRSAEncryption);
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509_VERIFY_PARAM(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     X509_VERIFY_PARAM *paramTo = NULL;
     X509_VERIFY_PARAM *paramFrom = NULL;
     char testIPv4[] = "127.0.0.1";
@@ -42878,10 +39947,8 @@ static int test_wolfSSL_X509_VERIFY_PARAM(void)
     X509_VERIFY_PARAM_free(paramTo);
     X509_VERIFY_PARAM_free(paramFrom);
     X509_VERIFY_PARAM_free(NULL); /* to confirm NULL parameter gives no harm */
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
@@ -42895,7 +39962,7 @@ static WC_INLINE int test_wolfSSL_check_domain_verify_cb(int preverify,
     ExpectIntEQ(X509_STORE_CTX_get_error(store), 0);
     ExpectIntEQ(preverify, 1);
     ExpectIntGT(++test_wolfSSL_check_domain_verify_count, 0);
-    return EXPECT_RESULT() == TEST_SUCCESS;
+    return EXPECT_SUCCESS();
 }
 
 static int test_wolfSSL_check_domain_client_cb(WOLFSSL* ssl)
@@ -42953,9 +40020,8 @@ static int test_wolfSSL_check_domain(void)
 
 static int test_wolfSSL_X509_get_X509_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
     EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD))
     X509* x509 = NULL;
     X509_PUBKEY* pubKey;
 
@@ -42965,18 +40031,15 @@ static int test_wolfSSL_X509_get_X509_PUBKEY(void)
     ExpectNotNull(pubKey = wolfSSL_X509_get_X509_PUBKEY(x509));
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_PUBKEY_RSA(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
     !defined(NO_SHA256) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509* x509 = NULL;
     ASN1_OBJECT* obj = NULL;
     const ASN1_OBJECT* pa_oid = NULL;
@@ -43018,17 +40081,14 @@ static int test_wolfSSL_X509_PUBKEY_RSA(void)
     X509_PUBKEY_free(pubKey2);
     X509_free(x509);
     EVP_PKEY_free(evpKey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_PUBKEY_EC(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC)
     EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && defined(HAVE_ECC)
     X509* x509 = NULL;
     ASN1_OBJECT* obj = NULL;
     ASN1_OBJECT* poid = NULL;
@@ -43066,17 +40126,14 @@ static int test_wolfSSL_X509_PUBKEY_EC(void)
     X509_PUBKEY_free(pubKey2);
     X509_free(x509);
     EVP_PKEY_free(evpKey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_PUBKEY_DSA(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA)
     EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && !defined(NO_DSA)
     word32  bytes;
 #ifdef USE_CERT_BUFFERS_1024
     byte    tmp[ONEK_BUF];
@@ -43141,26 +40198,21 @@ static int test_wolfSSL_X509_PUBKEY_DSA(void)
 
     X509_PUBKEY_free(pubKey);
     EVP_PKEY_free(evpKey);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BUF(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     BUF_MEM* buf = NULL;
     ExpectNotNull(buf = BUF_MEM_new());
     ExpectIntEQ(BUF_MEM_grow(buf, 10), 10);
     ExpectIntEQ(BUF_MEM_grow(buf, -1), 0);
     BUF_MEM_free(buf);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
@@ -43232,9 +40284,8 @@ static int stub_rand_status(void)
 
 static int test_wolfSSL_RAND_set_rand_method(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(WOLFSSL_NO_OPENSSL_RAND_CB)
     RAND_METHOD rand_methods = {NULL, NULL, NULL, NULL, NULL, NULL};
     unsigned char* buf = NULL;
     int num = 0;
@@ -43287,17 +40338,14 @@ static int test_wolfSSL_RAND_set_rand_method(void)
     RAND_set_rand_method(NULL);
 
     XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA && !WOLFSSL_NO_OPENSSL_RAND_CB */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RAND_bytes(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     const int size1 = RNG_MAX_BLOCK_LEN;        /* in bytes */
     const int size2 = RNG_MAX_BLOCK_LEN + 1;    /* in bytes */
     const int size3 = RNG_MAX_BLOCK_LEN * 2;    /* in bytes */
@@ -43324,17 +40372,14 @@ static int test_wolfSSL_RAND_bytes(void)
     ExpectIntEQ(RAND_bytes(my_buf, size4), 1);
 
     XFREE(my_buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RAND(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     byte seed[16];
 
     XMEMSET(seed, 0, sizeof(seed));
@@ -43353,19 +40398,16 @@ static int test_wolfSSL_RAND(void)
         ExpectIntEQ(RAND_write_file(NULL), 0);
     }
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_PKCS8_Compat(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && defined(HAVE_ECC) && \
     !defined(NO_BIO)
-    EXPECT_DECLS;
     PKCS8_PRIV_KEY_INFO* pt = NULL;
     BIO* bio = NULL;
     XFILE f = XBADFILE;
@@ -43396,17 +40438,14 @@ static int test_wolfSSL_PKCS8_Compat(void)
 
     BIO_free(bio);
     PKCS8_PRIV_KEY_INFO_free(pt);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS8_d2i(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if !defined(HAVE_FIPS) && defined(OPENSSL_EXTRA)
     /* This test ends up using HMAC as a part of PBKDF2, and HMAC
      * requires a 12 byte password in FIPS mode. This test ends up
      * trying to use an 8 byte password. */
@@ -43642,10 +40681,8 @@ static int test_wolfSSL_PKCS8_d2i(void)
 #endif /* HAVE_ECC */
 
 #endif /* !NO_FILESYSTEM */
-
-    res = EXPECT_RESULT();
 #endif /* HAVE_FIPS && OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(ERROR_QUEUE_PER_THREAD) && !defined(NO_ERROR_QUEUE) && \
@@ -43697,7 +40734,7 @@ static THREAD_RETURN WOLFSSL_THREAD test_logging(void* args)
     /* test that the 3 errors over the max were dropped */
     AssertIntEQ(errorCount, ERROR_QUEUE_MAX);
 
-    return 0;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 #endif
 
@@ -43725,10 +40762,9 @@ static int test_error_queue_per_thread(void)
 
 static int test_wolfSSL_ERR_put_error(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
     defined(DEBUG_WOLFSSL)
-    EXPECT_DECLS;
     const char* file;
     int line;
 
@@ -43792,10 +40828,8 @@ static int test_wolfSSL_ERR_put_error(void)
     ERR_put_error(0,SYS_F_ACCEPT, 0, "this file", 0);
     ERR_clear_error();
     ExpectIntEQ(ERR_get_error_line(&file, &line), 0);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*
@@ -43804,10 +40838,8 @@ static int test_wolfSSL_ERR_put_error(void)
  */
 static int test_wolfSSL_ERR_get_error_order(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef WOLFSSL_HAVE_ERROR_QUEUE
     EXPECT_DECLS;
-
+#if defined(WOLFSSL_HAVE_ERROR_QUEUE) && defined(OPENSSL_EXTRA)
     /* Empty the queue. */
     wolfSSL_ERR_clear_error();
 
@@ -43818,28 +40850,25 @@ static int test_wolfSSL_ERR_get_error_order(void)
     ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_NO_SIGNER_E);
     ExpectIntEQ(wolfSSL_ERR_peek_error(), -ASN_SELF_SIGNED_E);
     ExpectIntEQ(wolfSSL_ERR_get_error(), -ASN_SELF_SIGNED_E);
-
-    res = EXPECT_RESULT();
-#endif /* WOLFSSL_HAVE_ERROR_QUEUE */
-    return res;
+#endif /* WOLFSSL_HAVE_ERROR_QUEUE && OPENSSL_EXTRA */
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 
 static int test_wolfSSL_ERR_print_errors(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
     defined(DEBUG_WOLFSSL) && !defined(NO_ERROR_STRINGS)
-    EXPECT_DECLS;
     BIO* bio = NULL;
     char buf[1024];
 
     ExpectNotNull(bio = BIO_new(BIO_s_mem()));
     ERR_clear_error(); /* clear out any error nodes */
     ERR_put_error(0,SYS_F_ACCEPT, -173, "ssl.c", 0);
-    /* Choosing -299 as an unused errno between MIN_CODE_E < x < WC_LAST_E. */
-    ERR_put_error(0,SYS_F_BIND, -299, "asn.c", 100);
+    /* Choosing -600 as an unused errno. */
+    ERR_put_error(0,SYS_F_BIND, -600, "asn.c", 100);
 
     ERR_print_errors(bio);
     ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 56);
@@ -43848,17 +40877,15 @@ static int test_wolfSSL_ERR_print_errors(void)
         buf, 55), 0);
     ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 57);
     ExpectIntEQ(XSTRNCMP(
-        "error:299:wolfSSL library:unknown error number:asn.c:100",
+        "error:600:wolfSSL library:unknown error number:asn.c:100",
         buf, 56), 0);
     ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 1);
     ExpectIntEQ(buf[0], '\0');
     ExpectIntEQ(ERR_get_error_line(NULL, NULL), 0);
 
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
@@ -43872,10 +40899,9 @@ static int test_wolfSSL_error_cb(const char *str, size_t len, void *u)
 
 static int test_wolfSSL_ERR_print_errors_cb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ERROR_QUEUE) && defined(OPENSSL_EXTRA) && \
     defined(DEBUG_WOLFSSL)
-    EXPECT_DECLS;
     BIO* bio = NULL;
     char buf[1024];
 
@@ -43895,11 +40921,9 @@ static int test_wolfSSL_ERR_print_errors_cb(void)
     ExpectIntEQ(BIO_gets(bio, buf, sizeof(buf)), 0);
 
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 /*
  * Testing WOLFSSL_ERROR_MSG
@@ -43916,7 +40940,7 @@ static int test_WOLFSSL_ERROR_MSG(void)
     res = TEST_SUCCESS;
 #endif
     return res;
-}/*End test_WOLFSSL_ERROR_MSG*/
+} /* End test_WOLFSSL_ERROR_MSG */
 /*
  * Testing wc_ERR_remove_state
  */
@@ -43929,16 +40953,15 @@ static int test_wc_ERR_remove_state(void)
     res = TEST_SUCCESS;
 #endif
     return res;
-}/*End test_wc_ERR_remove_state*/
+} /* End test_wc_ERR_remove_state */
 /*
  * Testing wc_ERR_print_errors_fp
  */
 static int test_wc_ERR_print_errors_fp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)) && \
     (!defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM))
-    EXPECT_DECLS;
     long sz;
     XFILE fp = XBADFILE;
 
@@ -43957,11 +40980,9 @@ static int test_wc_ERR_print_errors_fp(void)
     if (fp != XBADFILE)
         XFCLOSE(fp);
     (void)sz;
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
-}/*End test_wc_ERR_print_errors_fp*/
+    return EXPECT_RESULT();
+} /* End test_wc_ERR_print_errors_fp */
 #ifdef DEBUG_WOLFSSL
 static void Logging_cb(const int logLevel, const char *const logMessage)
 {
@@ -43986,10 +41007,972 @@ static int test_wolfSSL_GetLoggingCb(void)
     ExpectNull(wolfSSL_GetLoggingCb());
 
     return EXPECT_RESULT();
-}/*End test_wolfSSL_GetLoggingCb*/
+} /* End test_wolfSSL_GetLoggingCb */
 
 #endif /* !NO_BIO */
 
+static int test_wolfSSL_MD4(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
+    MD4_CTX md4;
+    unsigned char out[16]; /* MD4_DIGEST_SIZE */
+    const char* msg = "12345678901234567890123456789012345678901234567890123456"
+                      "789012345678901234567890";
+    const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
+                       "\xcc\x05\x36";
+    int msgSz = (int)XSTRLEN(msg);
+
+
+    XMEMSET(out, 0, sizeof(out));
+    MD4_Init(&md4);
+    MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
+    MD4_Final(out, &md4);
+    ExpectIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_MD5(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
+    byte input1[] = "";
+    byte input2[] = "message digest";
+    byte hash[WC_MD5_DIGEST_SIZE];
+    unsigned char output1[] =
+        "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e";
+    unsigned char output2[] =
+        "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0";
+    WOLFSSL_MD5_CTX md5;
+
+    XMEMSET(&md5, 0, sizeof(md5));
+
+    /* Test cases for illegal parameters */
+    ExpectIntEQ(MD5_Init(NULL), 0);
+    ExpectIntEQ(MD5_Init(&md5), 1);
+    ExpectIntEQ(MD5_Update(NULL, input1, 0), 0);
+    ExpectIntEQ(MD5_Update(NULL, NULL, 0), 0);
+    ExpectIntEQ(MD5_Update(&md5, NULL, 1), 0);
+    ExpectIntEQ(MD5_Final(NULL, &md5), 0);
+    ExpectIntEQ(MD5_Final(hash, NULL), 0);
+    ExpectIntEQ(MD5_Final(NULL, NULL), 0);
+
+    /* Init MD5 CTX */
+    ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
+    ExpectIntEQ(wolfSSL_MD5_Update(&md5, input1, XSTRLEN((const char*)&input1)),
+        1);
+    ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
+    ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
+
+    /* Init MD5 CTX */
+    ExpectIntEQ(wolfSSL_MD5_Init(&md5), 1);
+    ExpectIntEQ(wolfSSL_MD5_Update(&md5, input2,
+        (int)XSTRLEN((const char*)input2)), 1);
+    ExpectIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
+    ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && \
+  (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
+    ExpectPtrNE(MD5(NULL, 1, (byte*)&hash), &hash);
+    ExpectPtrEq(MD5(input1, 0, (byte*)&hash), &hash);
+    ExpectPtrNE(MD5(input1, 1, NULL), NULL);
+    ExpectPtrNE(MD5(NULL, 0, NULL), NULL);
+
+    ExpectPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash),
+        &hash);
+    ExpectIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
+
+    ExpectPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash),
+        &hash);
+    ExpectIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
+    {
+        byte data[] = "Data to be hashed.";
+        XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE);
+
+        ExpectNotNull(MD5(data, sizeof(data), NULL));
+        ExpectNotNull(MD5(data, sizeof(data), hash));
+        ExpectNotNull(MD5(NULL, 0, hash));
+        ExpectNull(MD5(NULL, sizeof(data), hash));
+    }
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_MD5_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_MD5_BLOCK_SIZE];
+    word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+    unsigned char output1[] =
+        "\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91";
+    unsigned char output2[] =
+        "\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc";
+#else
+    unsigned char output1[] =
+        "\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74";
+    unsigned char output2[] =
+        "\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3";
+#endif
+
+    union {
+        wc_Md5 native;
+        MD5_CTX compat;
+    } md5;
+
+    XMEMSET(&md5.compat, 0, sizeof(md5.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(MD5_Transform(NULL, NULL), 0);
+    ExpectIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(MD5_Transform(&md5.compat, NULL), 0);
+    ExpectIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG);
+
+    /* Init MD5 CTX */
+    ExpectIntEQ(wolfSSL_MD5_Init(&md5.compat), 1);
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
+
+    ExpectIntEQ(XMEMCMP(md5.native.digest, output1, WC_MD5_DIGEST_SIZE), 0);
+
+    /* Init MD5 CTX */
+    ExpectIntEQ(MD5_Init(&md5.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_MD5_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(md5.native.digest, output2, WC_MD5_DIGEST_SIZE), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST)
+    #if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \
+        (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
+    {
+        const unsigned char in[] = "abc";
+        unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
+                                   "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
+        unsigned char out[WC_SHA_DIGEST_SIZE];
+        unsigned char* p;
+        WOLFSSL_SHA_CTX sha;
+
+        XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
+        ExpectNotNull(SHA1(in, XSTRLEN((char*)in), out));
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+
+        /* SHA interface test */
+        XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
+
+        ExpectNull(SHA(NULL, XSTRLEN((char*)in), out));
+        ExpectNotNull(SHA(in, 0, out));
+        ExpectNotNull(SHA(in, XSTRLEN((char*)in), NULL));
+        ExpectNotNull(SHA(NULL, 0, out));
+        ExpectNotNull(SHA(NULL, 0, NULL));
+
+        ExpectNotNull(SHA(in, XSTRLEN((char*)in), out));
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+        ExpectNotNull(p = SHA(in, XSTRLEN((char*)in), NULL));
+        ExpectIntEQ(XMEMCMP(p, expected, WC_SHA_DIGEST_SIZE), 0);
+
+        ExpectIntEQ(wolfSSL_SHA_Init(&sha), 1);
+        ExpectIntEQ(wolfSSL_SHA_Update(&sha, in, XSTRLEN((char*)in)), 1);
+        ExpectIntEQ(wolfSSL_SHA_Final(out, &sha), 1);
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+
+        ExpectIntEQ(wolfSSL_SHA1_Init(&sha), 1);
+        ExpectIntEQ(wolfSSL_SHA1_Update(&sha, in, XSTRLEN((char*)in)), 1);
+        ExpectIntEQ(wolfSSL_SHA1_Final(out, &sha), 1);
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
+    }
+    #endif
+
+    #if !defined(NO_SHA256)
+    {
+        const unsigned char in[] = "abc";
+        unsigned char expected[] =
+            "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+            "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+            "\x15\xAD";
+        unsigned char out[WC_SHA256_DIGEST_SIZE];
+        unsigned char* p;
+
+        XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(SHA256(in, XSTRLEN((char*)in), out));
+#else
+        ExpectNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out));
+#endif
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(p = SHA256(in, XSTRLEN((char*)in), NULL));
+#else
+        ExpectNotNull(p = wolfSSL_SHA256(in, XSTRLEN((char*)in), NULL));
+#endif
+        ExpectIntEQ(XMEMCMP(p, expected, WC_SHA256_DIGEST_SIZE), 0);
+    }
+    #endif
+
+    #if defined(WOLFSSL_SHA384)
+    {
+        const unsigned char in[] = "abc";
+        unsigned char expected[] =
+            "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+            "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+            "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+            "\xc8\x25\xa7";
+        unsigned char out[WC_SHA384_DIGEST_SIZE];
+        unsigned char* p;
+
+        XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(SHA384(in, XSTRLEN((char*)in), out));
+#else
+        ExpectNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out));
+#endif
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(p = SHA384(in, XSTRLEN((char*)in), NULL));
+#else
+        ExpectNotNull(p = wolfSSL_SHA384(in, XSTRLEN((char*)in), NULL));
+#endif
+        ExpectIntEQ(XMEMCMP(p, expected, WC_SHA384_DIGEST_SIZE), 0);
+    }
+    #endif
+
+    #if defined(WOLFSSL_SHA512)
+    {
+        const unsigned char in[] = "abc";
+        unsigned char expected[] =
+            "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+            "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+            "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+            "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+            "\xa5\x4c\xa4\x9f";
+        unsigned char out[WC_SHA512_DIGEST_SIZE];
+        unsigned char* p;
+
+        XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(SHA512(in, XSTRLEN((char*)in), out));
+#else
+        ExpectNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out));
+#endif
+        ExpectIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0);
+#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
+        ExpectNotNull(p = SHA512(in, XSTRLEN((char*)in), NULL));
+#else
+        ExpectNotNull(p = wolfSSL_SHA512(in, XSTRLEN((char*)in), NULL));
+#endif
+        ExpectIntEQ(XMEMCMP(p, expected, WC_SHA512_DIGEST_SIZE), 0);
+    }
+    #endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_SHA_BLOCK_SIZE];
+    word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+    unsigned char output1[] =
+        "\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68"
+        "\x09\xf7\x3a\x93";
+    unsigned char output2[] =
+        "\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0"
+        "\x7c\x6e\x08\xb8";
+#else
+    unsigned char output1[] =
+        "\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf"
+        "\x93\x3a\xf7\x09";
+    unsigned char output2[] =
+        "\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d"
+        "\xb8\x08\x6e\x7c";
+#endif
+
+    union {
+        wc_Sha native;
+        SHA_CTX compat;
+    } sha;
+    union {
+        wc_Sha native;
+        SHA_CTX compat;
+    } sha1;
+
+    XMEMSET(&sha.compat, 0, sizeof(sha.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(SHA_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA_Transform(&sha.compat, NULL), 0);
+    ExpectIntEQ(SHA1_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA1_Transform(&sha.compat, NULL), 0);
+    ExpectIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG);
+
+    /* Init SHA CTX */
+    ExpectIntEQ(SHA_Init(&sha.compat), 1);
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
+
+    /* Init SHA CTX */
+    ExpectIntEQ(SHA_Init(&sha.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
+
+    /* SHA1 */
+    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+    /* Init SHA CTX */
+    ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha1.native.digest, output1, WC_SHA_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA1_Final(local, &sha1.compat), 1); /* frees resources */
+
+    /* Init SHA CTX */
+    ExpectIntEQ(SHA1_Init(&sha1.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha1.native.digest, output2, WC_SHA_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA224(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \
+    !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+    (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
+    unsigned char input[] =
+        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    unsigned char output[] =
+         "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
+         "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25";
+    size_t inLen;
+    byte hash[WC_SHA224_DIGEST_SIZE];
+    unsigned char* p;
+
+    inLen  = XSTRLEN((char*)input);
+
+    XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE);
+
+    ExpectNull(SHA224(NULL, inLen, hash));
+    ExpectNotNull(SHA224(input, 0, hash));
+    ExpectNotNull(SHA224(input, inLen, NULL));
+    ExpectNotNull(SHA224(NULL, 0, hash));
+    ExpectNotNull(SHA224(NULL, 0, NULL));
+
+    ExpectNotNull(SHA224(input, inLen, hash));
+    ExpectIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0);
+    ExpectNotNull(p = SHA224(input, inLen, NULL));
+    ExpectIntEQ(XMEMCMP(p, output, WC_SHA224_DIGEST_SIZE), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA256(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
+    defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+    unsigned char input[] =
+        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    unsigned char output[] =
+        "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+        "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+        "\x06\xC1";
+    size_t inLen;
+    byte hash[WC_SHA256_DIGEST_SIZE];
+
+    inLen  = XSTRLEN((char*)input);
+
+    XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
+    ExpectNotNull(SHA256(input, inLen, hash));
+    ExpectIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA256_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+        !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
+        !defined(WOLFSSL_KCAPI_HASH)
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_SHA256_BLOCK_SIZE];
+    word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+    unsigned char output1[] =
+        "\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca"
+        "\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8";
+    unsigned char output2[] =
+        "\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8"
+        "\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35";
+#else
+    unsigned char output1[] =
+        "\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77"
+        "\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18";
+    unsigned char output2[] =
+        "\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78"
+        "\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91";
+#endif
+    union {
+        wc_Sha256 native;
+        SHA256_CTX compat;
+    } sha256;
+
+    XMEMSET(&sha256.compat, 0, sizeof(sha256.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(SHA256_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA256_Transform(&sha256.compat, NULL), 0);
+    ExpectIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG);
+
+    /* Init SHA256 CTX */
+    ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha256.native.digest, output1, WC_SHA256_DIGEST_SIZE),
+        0);
+    ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
+
+    /* Init SHA256 CTX */
+    ExpectIntEQ(SHA256_Init(&sha256.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha256.native.digest, output2, WC_SHA256_DIGEST_SIZE),
+        0);
+    ExpectIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+        !defined(WOLFSSL_KCAPI_HASH)
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_SHA512_BLOCK_SIZE];
+    word32 sLen = 0;
+#ifdef BIG_ENDIAN_ORDER
+    unsigned char output1[] =
+        "\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70"
+        "\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0"
+        "\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0"
+        "\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee";
+   unsigned char output2[] =
+        "\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21"
+        "\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab"
+        "\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98"
+        "\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0";
+#else
+    unsigned char output1[] =
+        "\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53"
+        "\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30"
+        "\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96"
+        "\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91";
+   unsigned char output2[] =
+        "\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd"
+        "\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2"
+        "\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe"
+        "\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde";
+#endif
+    union {
+        wc_Sha512 native;
+        SHA512_CTX compat;
+    } sha512;
+
+    XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(SHA512_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA512_Transform(&sha512.compat, NULL), 0);
+    ExpectIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1);
+
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+                                                    WC_SHA512_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(SHA512_Init(&sha512.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+                                                    WC_SHA512_DIGEST_SIZE), 0);
+    ExpectIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
+
+    (void)input1;
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_224_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
+    !defined(WOLFSSL_NOSHA512_224)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+        !defined(WOLFSSL_KCAPI_HASH)
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_SHA512_BLOCK_SIZE];
+    word32 sLen = 0;
+    unsigned char output1[] =
+        "\x94\x24\x66\xd4\x60\x3a\xeb\x23\x1d\xa8\x69\x31\x3c\xd2\xde\x11"
+        "\x48\x0f\x4a\x5a\xdf\x3a\x8d\x87\xcf\xcd\xbf\xa5\x03\x21\x50\xf1"
+        "\x8a\x0d\x0f\x0d\x3c\x07\xba\x52\xe0\xaa\x3c\xbb\xf1\xd3\x3f\xca"
+        "\x12\xa7\x61\xf8\x47\xda\x0d\x1b\x79\xc2\x65\x13\x92\xc1\x9c\xa5";
+   unsigned char output2[] =
+        "\x51\x28\xe7\x0b\xca\x1e\xbc\x5f\xd7\x34\x0b\x48\x30\xd7\xc2\x75"
+        "\x6d\x8d\x48\x2c\x1f\xc7\x9e\x2b\x20\x5e\xbb\x0f\x0e\x4d\xb7\x61"
+        "\x31\x76\x33\xa0\xb4\x3d\x5f\x93\xc1\x73\xac\xf7\x21\xff\x69\x17"
+        "\xce\x66\xe5\x1e\x31\xe7\xf3\x22\x0f\x0b\x34\xd7\x5a\x57\xeb\xbf";
+    union {
+        wc_Sha512 native;
+        SHA512_CTX compat;
+    } sha512;
+
+#ifdef BIG_ENDIAN_ORDER
+    ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
+    ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
+#endif
+
+    XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(SHA512_224_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA512_224_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA512_224_Transform(&sha512.compat, NULL), 0);
+    ExpectIntEQ(wc_Sha512_224Transform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_224Transform(NULL, (const byte*)&input1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_224Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(wolfSSL_SHA512_224_Init(&sha512.compat), 1);
+
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
+        1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+        WC_SHA512_DIGEST_SIZE), 0);
+    /* frees resources */
+    ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(SHA512_224_Init(&sha512.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA512_224_Transform(&sha512.compat, (const byte*)&local[0]),
+        1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+        WC_SHA512_DIGEST_SIZE), 0);
+    /* frees resources */
+    ExpectIntEQ(SHA512_224_Final(local, &sha512.compat), 1);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SHA512_256_Transform(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512) && \
+    !defined(WOLFSSL_NOSHA512_256)
+#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
+        !defined(WOLFSSL_KCAPI_HASH)
+    byte input1[] = "";
+    byte input2[] = "abc";
+    byte local[WC_SHA512_BLOCK_SIZE];
+    word32 sLen = 0;
+    unsigned char output1[] =
+        "\xf8\x37\x37\x5a\xd7\x2e\x56\xec\xe2\x51\xa8\x31\x3a\xa0\x63\x2b"
+        "\x7e\x7c\x64\xcc\xd9\xff\x2b\x6b\xeb\xc3\xd4\x4d\x7f\x8a\x3a\xb5"
+        "\x61\x85\x0b\x37\x30\x9f\x3b\x08\x5e\x7b\xd3\xbc\x6d\x00\x61\xc0"
+        "\x65\x9a\xd7\x73\xda\x40\xbe\xc1\xe5\x2f\xc6\x5d\xb7\x9f\xbe\x60";
+   unsigned char output2[] =
+        "\x22\xad\xc0\x30\xee\xd4\x6a\xef\x13\xee\x5a\x95\x8b\x1f\xb7\xb6"
+        "\xb6\xba\xc0\x44\xb8\x18\x3b\xf0\xf6\x4b\x70\x9f\x03\xba\x64\xa1"
+        "\xe1\xe3\x45\x15\x91\x7d\xcb\x0b\x9a\xf0\xd2\x8e\x47\x8b\x37\x78"
+        "\x91\x41\xa6\xc4\xb0\x29\x8f\x8b\xdd\x78\x5c\xf2\x73\x3f\x21\x31";
+    union {
+        wc_Sha512 native;
+        SHA512_CTX compat;
+    } sha512;
+
+#ifdef BIG_ENDIAN_ORDER
+    ByteReverseWords64((word64*)output1, (word64*)output1, sizeof(output1));
+    ByteReverseWords64((word64*)output2, (word64*)output2, sizeof(output2));
+#endif
+
+    XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
+    XMEMSET(&local, 0, sizeof(local));
+
+    /* sanity check */
+    ExpectIntEQ(SHA512_256_Transform(NULL, NULL), 0);
+    ExpectIntEQ(SHA512_256_Transform(NULL, (const byte*)&input1), 0);
+    ExpectIntEQ(SHA512_256_Transform(&sha512.compat, NULL), 0);
+    ExpectIntEQ(wc_Sha512_256Transform(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_256Transform(NULL, (const byte*)&input1),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wc_Sha512_256Transform(&sha512.native, NULL), BAD_FUNC_ARG);
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(wolfSSL_SHA512_256_Init(&sha512.compat), 1);
+
+    /* Do Transform*/
+    sLen = (word32)XSTRLEN((char*)input1);
+    XMEMCPY(local, input1, sLen);
+    ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
+        1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output1,
+        WC_SHA512_DIGEST_SIZE), 0);
+    /* frees resources */
+    ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
+
+    /* Init SHA512 CTX */
+    ExpectIntEQ(SHA512_256_Init(&sha512.compat), 1);
+    sLen = (word32)XSTRLEN((char*)input2);
+    XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
+    XMEMCPY(local, input2, sLen);
+    ExpectIntEQ(SHA512_256_Transform(&sha512.compat, (const byte*)&local[0]),
+        1);
+    ExpectIntEQ(XMEMCMP(sha512.native.digest, output2,
+        WC_SHA512_DIGEST_SIZE), 0);
+    /* frees resources */
+    ExpectIntEQ(SHA512_256_Final(local, &sha512.compat), 1);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
+/* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
+ * buffer of 64 bytes.
+ *
+ * returns the size of the digest buffer on success and a negative value on
+ * failure.
+ */
+static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest,
+    int* sz)
+{
+    EXPECT_DECLS;
+    HMAC_CTX ctx1;
+    HMAC_CTX ctx2;
+
+    unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                          "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
+    unsigned char long_key[] =
+        "0123456789012345678901234567890123456789"
+        "0123456789012345678901234567890123456789"
+        "0123456789012345678901234567890123456789"
+        "0123456789012345678901234567890123456789";
+
+    unsigned char msg[] = "message to hash";
+    unsigned int  digestSz = 64;
+    int keySz = sizeof(key);
+    int long_keySz = sizeof(long_key);
+    int msgSz = sizeof(msg);
+
+    unsigned char digest2[64];
+    unsigned int digestSz2 = 64;
+
+    HMAC_CTX_init(&ctx1);
+
+    ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx1);
+
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx2);
+
+    ExpectIntEQ(digestSz, digestSz2);
+    ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+    /* test HMAC_Init with NULL key */
+
+    /* init after copy */
+    HMAC_CTX_init(&ctx1);
+    ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+    ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx1);
+
+    ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx2);
+
+    ExpectIntEQ(digestSz, digestSz2);
+    ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+    /* long key */
+    HMAC_CTX_init(&ctx1);
+    ExpectIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type),
+        SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+    ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx1);
+
+    ExpectIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx2);
+
+    ExpectIntEQ(digestSz, digestSz2);
+    ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+    /* init before copy */
+    HMAC_CTX_init(&ctx1);
+    ExpectIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
+
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx1);
+
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
+    HMAC_CTX_cleanup(&ctx2);
+
+    ExpectIntEQ(digestSz, digestSz2);
+    ExpectIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
+
+    *sz = digestSz;
+    return EXPECT_RESULT();
+}
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
+
+static int test_wolfSSL_HMAC_CTX(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
+    unsigned char digest[64];
+    int digestSz;
+    WOLFSSL_HMAC_CTX* hmac_ctx = NULL;
+    WOLFSSL_HMAC_CTX ctx1;
+    WOLFSSL_HMAC_CTX ctx2;
+
+    ExpectNotNull(hmac_ctx = wolfSSL_HMAC_CTX_new());
+    ExpectIntEQ(wolfSSL_HMAC_CTX_Init(NULL), 1);
+    ExpectIntEQ(wolfSSL_HMAC_CTX_Init(hmac_ctx), 1);
+    wolfSSL_HMAC_CTX_free(NULL);
+    wolfSSL_HMAC_CTX_free(hmac_ctx);
+
+    XMEMSET(&ctx2, 0, sizeof(WOLFSSL_HMAC_CTX));
+    ExpectIntEQ(HMAC_CTX_init(NULL), 1);
+    ExpectIntEQ(HMAC_CTX_init(&ctx2), 1);
+    ExpectIntEQ(HMAC_CTX_copy(NULL, NULL), 0);
+    ExpectIntEQ(HMAC_CTX_copy(NULL, &ctx2), 0);
+    ExpectIntEQ(HMAC_CTX_copy(&ctx2, NULL), 0);
+#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
+    ((! defined(HAVE_FIPS_VERSION)) || \
+     defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
+    /* Copy object that hasn't had a digest set - MD5. */
+    ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 1);
+#else
+    /* Copy object that hasn't had a digest set. */
+    ExpectIntEQ(HMAC_CTX_copy(&ctx1, &ctx2), 0);
+#endif
+    HMAC_CTX_cleanup(NULL);
+    HMAC_CTX_cleanup(&ctx2);
+
+    ExpectNull(HMAC_CTX_get_md(NULL));
+
+    #ifndef NO_SHA
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha1(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 20);
+    ExpectIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
+                          "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
+    #endif /* !NO_SHA */
+    #ifdef WOLFSSL_SHA224
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha224(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 28);
+    ExpectIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
+                          "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
+                          "\x02\x0E", digest, digestSz), 0);
+    #endif /* WOLFSSL_SHA224 */
+    #ifndef NO_SHA256
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha256(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 32);
+    ExpectIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
+                          "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
+                          "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
+    #endif /* !NO_SHA256 */
+
+    #ifdef WOLFSSL_SHA384
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha384(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 48);
+    ExpectIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
+                          "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
+                          "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
+                          "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
+                          digest, digestSz), 0);
+    #endif /* WOLFSSL_SHA384 */
+    #ifdef WOLFSSL_SHA512
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha512(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 64);
+    ExpectIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
+                          "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
+                          "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
+                          "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
+                          "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
+                          digest, digestSz), 0);
+    #endif /* WOLFSSL_SHA512 */
+
+#ifdef WOLFSSL_SHA3
+    #ifndef WOLFSSL_NOSHA3_224
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_224(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 28);
+    ExpectIntEQ(XMEMCMP("\xdc\x53\x25\x3f\xc0\x9d\x2b\x0c\x7f\x59\x11\x17\x08"
+                        "\x5c\xe8\x43\x31\x01\x5a\xb3\xe3\x08\x37\x71\x26\x0b"
+                        "\x29\x0f", digest, digestSz), 0);
+    #endif
+    #ifndef WOLFSSL_NOSHA3_256
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_256(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 32);
+    ExpectIntEQ(XMEMCMP("\x0f\x00\x89\x82\x15\xce\xd6\x45\x01\x83\xce\xc8\x35"
+                        "\xab\x71\x07\xc9\xfe\x61\x22\x38\xf9\x09\xad\x35\x65"
+                        "\x43\x77\x24\xd4\x1e\xf4", digest, digestSz), 0);
+    #endif
+    #ifndef WOLFSSL_NOSHA3_384
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_384(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 48);
+    ExpectIntEQ(XMEMCMP("\x0f\x6a\xc0\xfb\xc3\xf2\x80\xb1\xb4\x04\xb6\xc8\x45"
+                        "\x23\x3b\xb4\xbe\xc6\xea\x85\x07\xca\x8c\x71\xbb\x6e"
+                        "\x79\xf6\xf9\x2b\x98\xf5\xef\x11\x39\xd4\x5d\xd3\xca"
+                        "\xc0\xe6\x81\xf7\x73\xf9\x85\x5d\x4f",
+                          digest, digestSz), 0);
+    #endif
+    #ifndef WOLFSSL_NOSHA3_512
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_sha3_512(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 64);
+    ExpectIntEQ(XMEMCMP("\x3e\x77\xe3\x59\x42\x89\xed\xc3\xa4\x26\x3d\xa4\x75"
+                        "\xd2\x84\x8c\xb2\xf3\x25\x04\x47\x61\xce\x1c\x42\x86"
+                        "\xcd\xf4\x56\xaa\x2f\x84\xb1\x3b\x18\xed\xe6\xd6\x48"
+                        "\x15\xb0\x29\xc5\x9d\x32\xef\xdd\x3e\x09\xf6\xed\x9e"
+                        "\x70\xbc\x1c\x63\xf7\x3b\x3e\xe1\xdc\x84\x9c\x1c",
+                          digest, digestSz), 0);
+    #endif
+#endif
+
+    #if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || \
+        HAVE_FIPS_VERSION <= 2)
+    ExpectIntEQ((test_HMAC_CTX_helper(EVP_md5(), digest, &digestSz)),
+        TEST_SUCCESS);
+    ExpectIntEQ(digestSz, 16);
+    ExpectIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
+                          "\xE4\x98\xDD", digest, digestSz), 0);
+    #endif /* !NO_MD5 */
+#endif
+    return EXPECT_RESULT();
+}
+
 #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
     defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
     defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
@@ -44004,23 +41987,58 @@ static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len)
 
     ExpectNotNull(hmac = HMAC_CTX_new());
     HMAC_CTX_init(hmac);
-    ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e),
-                SSL_SUCCESS);
+#if defined(HAVE_SELFTEST) || (defined(HAVE_FIPS) && \
+    ((! defined(HAVE_FIPS_VERSION)) || \
+     defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION <= 2)))
+    /* Get size on object that hasn't had a digest set - MD5. */
+    ExpectIntEQ(HMAC_size(hmac), 16);
+    ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 1);
+    ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 1);
+    ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 1);
+#else
+    ExpectIntEQ(HMAC_size(hmac), BAD_FUNC_ARG);
+    ExpectIntEQ(HMAC_Init(hmac, NULL, 0, NULL), 0);
+    ExpectIntEQ(HMAC_Init(hmac, (void*)key, (int)sizeof(key), NULL), 0);
+    ExpectIntEQ(HMAC_Init(hmac, NULL, 0, md), 0);
+#endif
+    ExpectIntEQ(HMAC_Init_ex(NULL, (void*)key, (int)sizeof(key), md, e), 0);
+    ExpectIntEQ(HMAC_Init_ex(hmac, (void*)key, (int)sizeof(key), md, e), 1);
 
     /* re-using test key as data to hash */
-    ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), SSL_SUCCESS);
-    ExpectIntEQ(HMAC_Update(hmac, NULL, 0), SSL_SUCCESS);
-    ExpectIntEQ(HMAC_Final(hmac, hash, &len), SSL_SUCCESS);
+    ExpectIntEQ(HMAC_Update(NULL, key, (int)sizeof(key)), 0);
+    ExpectIntEQ(HMAC_Update(hmac, key, (int)sizeof(key)), 1);
+    ExpectIntEQ(HMAC_Update(hmac, key, 0), 1);
+    ExpectIntEQ(HMAC_Update(hmac, NULL, 0), 1);
+    ExpectIntEQ(HMAC_Update(hmac, NULL, (int)sizeof(key)), 1);
+    ExpectIntEQ(HMAC_Final(NULL, NULL, &len), 0);
+    ExpectIntEQ(HMAC_Final(hmac, NULL, &len), 0);
+    ExpectIntEQ(HMAC_Final(NULL, hash, &len), 0);
+    ExpectIntEQ(HMAC_Final(hmac, hash, &len), 1);
+    ExpectIntEQ(HMAC_Final(hmac, hash, NULL), 1);
     ExpectIntEQ(len, md_len);
+    ExpectIntEQ(HMAC_size(NULL), 0);
     ExpectIntEQ(HMAC_size(hmac), md_len);
     ExpectStrEQ(HMAC_CTX_get_md(hmac), md);
 
+    HMAC_cleanup(NULL);
     HMAC_cleanup(hmac);
     HMAC_CTX_free(hmac);
 
     len = 0;
+    ExpectNull(HMAC(NULL, key, (int)sizeof(key), NULL, 0, hash, &len));
+    ExpectNull(HMAC(md, NULL, (int)sizeof(key), NULL, 0, hash, &len));
+    ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, 0, NULL, &len));
     ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, &len));
     ExpectIntEQ(len, md_len);
+    ExpectNotNull(HMAC(md, key, (int)sizeof(key), NULL, 0, hash, NULL));
+    /* With data. */
+    ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, (int)sizeof(key), hash,
+        &len));
+    /* With NULL data. */
+    ExpectNull(HMAC(md, key, (int)sizeof(key), NULL, (int)sizeof(key), hash,
+        &len));
+    /* With zero length data. */
+    ExpectNotNull(HMAC(md, key, (int)sizeof(key), key, 0, hash, &len));
 
     return EXPECT_RESULT();
 }
@@ -44028,11 +42046,10 @@ static int test_openssl_hmac(const WOLFSSL_EVP_MD* md, int md_len)
 
 static int test_wolfSSL_HMAC(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && (!defined(NO_SHA256) || \
     defined(WOLFSSL_SHA224) || defined(WOLFSSL_SHA384) || \
     defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA3))
-    EXPECT_DECLS;
 #ifndef NO_SHA256
     ExpectIntEQ(test_openssl_hmac(EVP_sha256(), (int)WC_SHA256_DIGEST_SIZE),
         TEST_SUCCESS);
@@ -44071,63 +42088,1035 @@ static int test_wolfSSL_HMAC(void)
     ExpectIntEQ(test_openssl_hmac(EVP_sha1(), (int)WC_SHA_DIGEST_SIZE),
         TEST_SUCCESS);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CMAC(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CMAC) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_AES_DIRECT)
-    EXPECT_DECLS;
     int i;
-    byte key[AES_128_KEY_SIZE];
+    byte key[AES_256_KEY_SIZE];
     CMAC_CTX* cmacCtx = NULL;
     byte out[AES_BLOCK_SIZE];
     size_t outLen = AES_BLOCK_SIZE;
 
-    for (i=0; i < AES_128_KEY_SIZE; ++i) {
+    for (i=0; i < AES_256_KEY_SIZE; ++i) {
         key[i] = i;
     }
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
     /* Check CMAC_CTX_get0_cipher_ctx; return value not used. */
     ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
-        NULL), SSL_SUCCESS);
+        NULL), 1);
     /* re-using test key as data to hash */
-    ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), SSL_SUCCESS);
-    ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), SSL_SUCCESS);
-    ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), SSL_SUCCESS);
+    ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+    ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 1);
     ExpectIntEQ(outLen, AES_BLOCK_SIZE);
+
+    /* No Update works. */
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
+        NULL), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_cbc(),
+        NULL), 1);
+    /* Test parameters with CMAC_Update. */
+    ExpectIntEQ(CMAC_Update(NULL, NULL, 0), 0);
+    ExpectIntEQ(CMAC_Update(NULL, key, 0), 0);
+    ExpectIntEQ(CMAC_Update(NULL, NULL, AES_128_KEY_SIZE), 0);
+    ExpectIntEQ(CMAC_Update(NULL, key, AES_128_KEY_SIZE), 0);
+    ExpectIntEQ(CMAC_Update(cmacCtx, key, 0), 1);
+    ExpectIntEQ(CMAC_Update(cmacCtx, NULL, 0), 1);
+    ExpectIntEQ(CMAC_Update(cmacCtx, NULL, AES_128_KEY_SIZE), 1);
+    /* Test parameters with CMAC_Final. */
+    ExpectIntEQ(CMAC_Final(NULL, NULL, NULL), 0);
+    ExpectIntEQ(CMAC_Final(NULL, out, NULL), 0);
+    ExpectIntEQ(CMAC_Final(NULL, NULL, &outLen), 0);
+    ExpectIntEQ(CMAC_Final(NULL, out, &outLen), 0);
+    ExpectIntEQ(CMAC_Final(cmacCtx, NULL, NULL), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, NULL, &outLen), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
     CMAC_CTX_free(cmacCtx);
 
-    /* give a key too small for the cipher, verify we get failure */
+    /* Test parameters with CMAC Init. */
     cmacCtx = NULL;
     ExpectNotNull(cmacCtx = CMAC_CTX_new());
     ExpectNotNull(CMAC_CTX_get0_cipher_ctx(cmacCtx));
+    ExpectIntEQ(CMAC_Init(NULL, NULL, 0, NULL, NULL), 0);
+    ExpectIntEQ(CMAC_Init(NULL, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+        NULL), 0);
+    ExpectIntEQ(CMAC_Init(cmacCtx, NULL, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+        NULL), 0);
+    /* give a key too small for the cipher, verify we get failure */
     ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_192_cbc(),
-        NULL), SSL_FAILURE);
+        NULL), 0);
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, NULL, NULL), 0);
+    #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128)
+    /* Only AES-CBC supported. */
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_128_KEY_SIZE, EVP_aes_128_gcm(),
+        NULL), 0);
+    #endif
     CMAC_CTX_free(cmacCtx);
 
-    res = EXPECT_RESULT();
+    ExpectNull(CMAC_CTX_get0_cipher_ctx(NULL));
+    cmacCtx = NULL;
+    ExpectNotNull(cmacCtx = CMAC_CTX_new());
+    /* No Init. */
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, &outLen), 0);
+    CMAC_CTX_free(cmacCtx);
+
+    /* Test AES-256-CBC */
+    cmacCtx = NULL;
+    ExpectNotNull(cmacCtx = CMAC_CTX_new());
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_256_KEY_SIZE, EVP_aes_256_cbc(),
+        NULL), 1);
+    ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+    CMAC_CTX_free(cmacCtx);
+
+    /* Test AES-192-CBC */
+    cmacCtx = NULL;
+    ExpectNotNull(cmacCtx = CMAC_CTX_new());
+    ExpectIntEQ(CMAC_Init(cmacCtx, key, AES_192_KEY_SIZE, EVP_aes_192_cbc(),
+        NULL), 1);
+    ExpectIntEQ(CMAC_Update(cmacCtx, key, AES_128_KEY_SIZE), 1);
+    ExpectIntEQ(CMAC_Final(cmacCtx, out, NULL), 1);
+    CMAC_CTX_free(cmacCtx);
+
+    cmacCtx = NULL;
+    ExpectNotNull(cmacCtx = CMAC_CTX_new());
+    CMAC_CTX_free(cmacCtx);
 #endif /* WOLFSSL_CMAC && OPENSSL_EXTRA && WOLFSSL_AES_DIRECT */
-    return res;
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+    const_DES_cblock myDes;
+    DES_cblock iv;
+    DES_key_schedule key;
+    word32 i;
+    DES_LONG dl;
+    unsigned char msg[] = "hello wolfssl";
+    unsigned char weakKey[][8] = {
+        { 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01 },
+        { 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE, 0xFE },
+        { 0xE0, 0xE0, 0xE0, 0xE0, 0xF1, 0xF1, 0xF1, 0xF1 },
+        { 0x1F, 0x1F, 0x1F, 0x1F, 0x0E, 0x0E, 0x0E, 0x0E }
+    };
+    unsigned char semiWeakKey[][8] = {
+        { 0x01, 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E },
+        { 0x1F, 0x01, 0x1F, 0x01, 0x0E, 0x01, 0x0E, 0x01 },
+        { 0x01, 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1 },
+        { 0xE0, 0x01, 0xE0, 0x01, 0xF1, 0x01, 0xF1, 0x01 },
+        { 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE },
+        { 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01, 0xFE, 0x01 },
+        { 0x1F, 0xE0, 0x1F, 0xE0, 0x0E, 0xF1, 0x0E, 0xF1 },
+        { 0xE0, 0x1F, 0xE0, 0x1F, 0xF1, 0x0E, 0xF1, 0x0E },
+        { 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E, 0xFE },
+        { 0xFE, 0x1F, 0xFE, 0x1F, 0xFE, 0x0E, 0xFE, 0x0E },
+        { 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1, 0xFE },
+        { 0xFE, 0xE0, 0xFE, 0xE0, 0xFE, 0xF1, 0xFE, 0xF1 }
+    };
+
+    DES_check_key(1);
+    DES_set_key(&myDes, &key);
+
+    /* check, check of odd parity */
+    XMEMSET(myDes, 4, sizeof(const_DES_cblock));
+    myDes[0] = 6; /* set even parity */
+    XMEMSET(key, 5, sizeof(DES_key_schedule));
+    ExpectIntEQ(DES_set_key_checked(&myDes, &key), -1);
+    ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
+    ExpectIntEQ(DES_set_key_checked(NULL, NULL), -2);
+    ExpectIntEQ(DES_set_key_checked(&myDes, NULL), -2);
+    ExpectIntEQ(DES_set_key_checked(NULL, &key), -2);
+
+    /* set odd parity for success case */
+    DES_set_odd_parity(&myDes);
+    ExpectIntEQ(DES_check_key_parity(&myDes), 1);
+    fprintf(stderr, "%02x %02x %02x %02x", myDes[0], myDes[1], myDes[2],
+        myDes[3]);
+    ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
+    for (i = 0; i < sizeof(DES_key_schedule); i++) {
+        ExpectIntEQ(key[i], myDes[i]);
+    }
+    ExpectIntEQ(DES_is_weak_key(&myDes), 0);
+
+    /* check weak key */
+    XMEMSET(myDes, 1, sizeof(const_DES_cblock));
+    XMEMSET(key, 5, sizeof(DES_key_schedule));
+    ExpectIntEQ(DES_set_key_checked(&myDes, &key), -2);
+    ExpectIntNE(key[0], myDes[0]); /* should not have copied over key */
+
+    DES_set_key_unchecked(NULL, NULL);
+    DES_set_key_unchecked(&myDes, NULL);
+    DES_set_key_unchecked(NULL, &key);
+    /* compare arrays, should be the same */
+    /* now do unchecked copy of a weak key over */
+    DES_set_key_unchecked(&myDes, &key);
+    /* compare arrays, should be the same */
+    for (i = 0; i < sizeof(DES_key_schedule); i++) {
+        ExpectIntEQ(key[i], myDes[i]);
+    }
+    ExpectIntEQ(DES_is_weak_key(&myDes), 1);
+
+    myDes[7] = 2;
+    ExpectIntEQ(DES_set_key_checked(&myDes, &key), 0);
+    ExpectIntEQ(DES_is_weak_key(&myDes), 0);
+    ExpectIntEQ(DES_is_weak_key(NULL), 1);
+
+    /* Test all weak keys. */
+    for (i = 0; i < sizeof(weakKey) / sizeof(*weakKey); i++) {
+        ExpectIntEQ(DES_set_key_checked(&weakKey[i], &key), -2);
+    }
+    /* Test all semi-weak keys. */
+    for (i = 0; i < sizeof(semiWeakKey) / sizeof(*semiWeakKey); i++) {
+        ExpectIntEQ(DES_set_key_checked(&semiWeakKey[i], &key), -2);
+    }
+
+    /* check DES_key_sched API */
+    XMEMSET(key, 1, sizeof(DES_key_schedule));
+    ExpectIntEQ(DES_key_sched(&myDes, NULL), 0);
+    ExpectIntEQ(DES_key_sched(NULL, &key),   0);
+    ExpectIntEQ(DES_key_sched(&myDes, &key), 0);
+    /* compare arrays, should be the same */
+    for (i = 0; i < sizeof(DES_key_schedule); i++) {
+        ExpectIntEQ(key[i], myDes[i]);
+    }
+
+
+    ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, NULL)), 0);
+    ExpectIntEQ((DES_cbc_cksum(msg, NULL, 0, NULL, NULL)), 0);
+    ExpectIntEQ((DES_cbc_cksum(NULL, &key, 0, NULL, NULL)), 0);
+    ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, &myDes, NULL)), 0);
+    ExpectIntEQ((DES_cbc_cksum(NULL, NULL, 0, NULL, &iv)), 0);
+    ExpectIntEQ((DES_cbc_cksum(NULL, &key, sizeof(msg), &myDes, &iv)), 0);
+    ExpectIntEQ((DES_cbc_cksum(msg, NULL, sizeof(msg), &myDes, &iv)), 0);
+    ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), NULL, &iv)), 0);
+    ExpectIntEQ((DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, NULL)), 0);
+    /* DES_cbc_cksum should return the last 4 of the last 8 bytes after
+     * DES_cbc_encrypt on the input */
+    XMEMSET(iv, 0, sizeof(DES_cblock));
+    XMEMSET(myDes, 5, sizeof(DES_key_schedule));
+    ExpectIntGT((dl = DES_cbc_cksum(msg, &key, sizeof(msg), &myDes, &iv)), 0);
+    ExpectIntEQ(dl, 480052723);
+#endif /* defined(OPENSSL_EXTRA) && !defined(NO_DES3) */
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ncbc(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+    const_DES_cblock myDes;
+    DES_cblock iv = {1};
+    DES_key_schedule key = {0};
+    unsigned char msg[] = "hello wolfssl";
+    unsigned char out[DES_BLOCK_SIZE * 2] = {0};
+    unsigned char pln[DES_BLOCK_SIZE * 2] = {0};
+
+    unsigned char exp[]  = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4};
+    unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58};
+
+    /* partial block test */
+    DES_set_key(&key, &myDes);
+    DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
+
+    DES_set_key(&key, &myDes);
+    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+    *((byte*)&iv) = 1;
+    DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(msg, pln, 3), 0);
+    ExpectIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
+
+    /* full block test */
+    DES_set_key(&key, &myDes);
+    XMEMSET(pln, 0, DES_BLOCK_SIZE);
+    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+    *((byte*)&iv) = 1;
+    DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0);
+    ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
+
+    DES_set_key(&key, &myDes);
+    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
+    *((byte*)&iv) = 1;
+    DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(msg, pln, 8), 0);
+    ExpectIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ecb_encrypt(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3) && defined(WOLFSSL_DES_ECB)
+    WOLFSSL_DES_cblock input1, input2, output1, output2, back1, back2;
+    WOLFSSL_DES_key_schedule key;
+
+    XMEMCPY(key, "12345678", sizeof(WOLFSSL_DES_key_schedule));
+    XMEMCPY(input1, "Iamhuman", sizeof(WOLFSSL_DES_cblock));
+    XMEMCPY(input2, "Whoisit?", sizeof(WOLFSSL_DES_cblock));
+    XMEMSET(output1, 0, sizeof(WOLFSSL_DES_cblock));
+    XMEMSET(output2, 0, sizeof(WOLFSSL_DES_cblock));
+    XMEMSET(back1, 0, sizeof(WOLFSSL_DES_cblock));
+    XMEMSET(back2, 0, sizeof(WOLFSSL_DES_cblock));
+
+    wolfSSL_DES_ecb_encrypt(NULL, NULL, NULL, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(&input1, NULL, NULL, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(NULL, &output1, NULL, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(NULL, NULL, &key, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(&input1, &output1, NULL, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(&input1, NULL, &key, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(NULL, &output1, &key, DES_ENCRYPT);
+
+    /* Encrypt messages */
+    wolfSSL_DES_ecb_encrypt(&input1, &output1, &key, DES_ENCRYPT);
+    wolfSSL_DES_ecb_encrypt(&input2, &output2, &key, DES_ENCRYPT);
+
+    {
+        /* Decrypt messages */
+        int ret1 = 0;
+        int ret2 = 0;
+        wolfSSL_DES_ecb_encrypt(&output1, &back1, &key, DES_DECRYPT);
+        ExpectIntEQ(ret1 = XMEMCMP((unsigned char *)back1,
+            (unsigned char *)input1, sizeof(WOLFSSL_DES_cblock)), 0);
+        wolfSSL_DES_ecb_encrypt(&output2, &back2, &key, DES_DECRYPT);
+        ExpectIntEQ(ret2 = XMEMCMP((unsigned char *)back2,
+            (unsigned char *)input2, sizeof(WOLFSSL_DES_cblock)), 0);
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_DES_ede3_cbc_encrypt(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
+    unsigned char input1[8], input2[8];
+    unsigned char output1[8], output2[8];
+    unsigned char back1[8], back2[8];
+    WOLFSSL_DES_cblock iv1, iv2;
+    WOLFSSL_DES_key_schedule key1, key2, key3;
+    int i;
+
+    XMEMCPY(key1, "12345678", sizeof(WOLFSSL_DES_key_schedule));
+    XMEMCPY(key2, "23456781", sizeof(WOLFSSL_DES_key_schedule));
+    XMEMCPY(key3, "34567823", sizeof(WOLFSSL_DES_key_schedule));
+    XMEMCPY(input1, "Iamhuman", sizeof(input1));
+    XMEMCPY(input2, "Whoisit?", sizeof(input2));
+
+    XMEMSET(output1, 0, sizeof(output1));
+    XMEMSET(output2, 0, sizeof(output2));
+    XMEMSET(back1, 0, sizeof(back1));
+    XMEMSET(back2, 0, sizeof(back2));
+
+    XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+    XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+    /* Encrypt messages */
+    wolfSSL_DES_ede3_cbc_encrypt(input1, output1, 8, &key1, &key2, &key3, &iv1,
+        DES_ENCRYPT);
+    wolfSSL_DES_ede3_cbc_encrypt(input2, output2, 8, &key1, &key2, &key3, &iv2,
+        DES_ENCRYPT);
+
+    {
+        XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+        XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+        /* Decrypt messages */
+        wolfSSL_DES_ede3_cbc_encrypt(output1, back1, 8, &key1, &key2, &key3,
+            &iv1, DES_DECRYPT);
+        ExpectIntEQ(XMEMCMP(back1, input1, sizeof(input1)), 0);
+        wolfSSL_DES_ede3_cbc_encrypt(output2, back2, 8, &key1, &key2, &key3,
+            &iv2, DES_DECRYPT);
+        ExpectIntEQ(XMEMCMP(back2, input2, sizeof(input2)), 0);
+    }
+
+    for (i = 0; i < 8; i++) {
+        XMEMSET(output1, 0, sizeof(output1));
+        XMEMSET(output2, 0, sizeof(output2));
+        XMEMSET(back1, 0, sizeof(back1));
+        XMEMSET(back2, 0, sizeof(back2));
+
+        XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+        XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+        /* Encrypt partial messages */
+        wolfSSL_DES_ede3_cbc_encrypt(input1, output1, i, &key1, &key2, &key3,
+            &iv1, DES_ENCRYPT);
+        wolfSSL_DES_ede3_cbc_encrypt(input2, output2, i, &key1, &key2, &key3,
+            &iv2, DES_ENCRYPT);
+
+        {
+            XMEMCPY(iv1, "87654321", sizeof(WOLFSSL_DES_cblock));
+            XMEMCPY(iv2, "98765432", sizeof(WOLFSSL_DES_cblock));
+            /* Decrypt messages */
+            wolfSSL_DES_ede3_cbc_encrypt(output1, back1, i, &key1, &key2,
+                &key3, &iv1, DES_DECRYPT);
+            ExpectIntEQ(XMEMCMP(back1, input1, i), 0);
+            wolfSSL_DES_ede3_cbc_encrypt(output2, back2, i, &key1, &key2,
+                &key3, &iv2, DES_DECRYPT);
+            ExpectIntEQ(XMEMCMP(back2, input2, i), 0);
+        }
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_encrypt(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
+        && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+    AES_KEY enc;
+    AES_KEY dec;
+    const byte msg[] = {
+        0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+        0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+    };
+    const byte exp[] = {
+        0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
+        0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
+    };
+    const byte key[] = {
+        0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+        0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+        0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+        0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+    };
+    byte eout[sizeof(msg)];
+    byte dout[sizeof(msg)];
+
+    ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &enc), 0);
+    ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &dec), 0);
+
+    wolfSSL_AES_encrypt(NULL, NULL, NULL);
+    wolfSSL_AES_encrypt(msg, NULL, NULL);
+    wolfSSL_AES_encrypt(NULL, eout, NULL);
+    wolfSSL_AES_encrypt(NULL, NULL, &enc);
+    wolfSSL_AES_encrypt(msg, eout, NULL);
+    wolfSSL_AES_encrypt(msg, NULL, &enc);
+    wolfSSL_AES_encrypt(NULL, eout, &enc);
+
+    wolfSSL_AES_decrypt(NULL, NULL, NULL);
+    wolfSSL_AES_decrypt(eout, NULL, NULL);
+    wolfSSL_AES_decrypt(NULL, dout, NULL);
+    wolfSSL_AES_decrypt(NULL, NULL, &dec);
+    wolfSSL_AES_decrypt(eout, dout, NULL);
+    wolfSSL_AES_decrypt(eout, NULL, &dec);
+    wolfSSL_AES_decrypt(NULL, dout, &dec);
+
+    wolfSSL_AES_encrypt(msg, eout, &enc);
+    ExpectIntEQ(XMEMCMP(eout, exp, AES_BLOCK_SIZE), 0);
+    wolfSSL_AES_decrypt(eout, dout, &dec);
+    ExpectIntEQ(XMEMCMP(dout, msg, AES_BLOCK_SIZE), 0);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_ecb_encrypt(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB) \
+        && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+    AES_KEY aes;
+    const byte msg[] =
+    {
+      0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+      0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+    };
+
+    const byte verify[] =
+    {
+        0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+        0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+    };
+
+    const byte key[] =
+    {
+      0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+      0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+      0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+      0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+    };
+
+
+    byte out[AES_BLOCK_SIZE];
+
+    ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
+
+#ifdef HAVE_AES_DECRYPT
+    ExpectIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
+#endif
+
+    /* test bad arguments */
+    AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
+    AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
+    AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_cbc_encrypt(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
+        !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+    AES_KEY aes;
+    AES_KEY* aesN = NULL;
+    size_t len = 0;
+    size_t lenB = 0;
+    int keySz0 = 0;
+    int keySzN = -1;
+    byte out[AES_BLOCK_SIZE] = {0};
+    byte* outN = NULL;
+
+    /* Test vectors retrieved from:
+     *   <begin URL>
+     *       https://csrc.nist.gov/
+     *       CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/
+     *       documents/aes/KAT_AES.zip
+     *   </end URL>
+     */
+    const byte* pt128N  = NULL;
+    byte* key128N       = NULL;
+    byte* iv128N        = NULL;
+    byte iv128tmp[AES_BLOCK_SIZE] = {0};
+
+    const byte pt128[]  = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+                            0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
+
+    const byte ct128[]  = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9,
+                            0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 };
+
+    const byte iv128[]  = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+                            0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
+
+    byte key128[]       = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
+                            0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 };
+
+
+    len = sizeof(pt128);
+
+    #define STRESS_T(a, b, c, d, e, f, g, h, i) \
+            wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \
+            ExpectIntNE(XMEMCMP(b, g, h), i)
+
+    #define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE)
+
+    /* Stressing wolfSSL_AES_cbc_encrypt() */
+    STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
+    STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0);
+
+    wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT);
+    ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+    wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT);
+    ExpectIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+
+    STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
+
+    /* Stressing wolfSSL_AES_set_encrypt_key */
+    ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0);
+    ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0);
+    ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0);
+    ExpectIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0);
+
+    /* Stressing wolfSSL_AES_set_decrypt_key */
+    ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0);
+    ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0);
+    ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0);
+    ExpectIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0);
+
+  #ifdef WOLFSSL_AES_128
+
+    /* wolfSSL_AES_cbc_encrypt() 128-bit */
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    RESET_IV(iv128tmp, iv128);
+
+    ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #ifdef HAVE_AES_DECRYPT
+
+    /* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    RESET_IV(iv128tmp, iv128);
+    len = sizeof(ct128);
+
+    ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #endif
+
+  #endif /* WOLFSSL_AES_128 */
+  #ifdef WOLFSSL_AES_192
+  {
+    /* Test vectors from NIST Special Publication 800-38A, 2001 Edition
+     * Appendix F.2.3  */
+
+    byte iv192tmp[AES_BLOCK_SIZE] = {0};
+
+    const byte pt192[]  = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+                            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
+
+    const byte ct192[]  = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
+                            0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 };
+
+    const byte iv192[]  = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+                            0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
+
+    byte key192[]       = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
+                            0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
+                            0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b };
+
+    len = sizeof(pt192);
+
+    /* wolfSSL_AES_cbc_encrypt() 192-bit */
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    RESET_IV(iv192tmp, iv192);
+
+    ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #ifdef HAVE_AES_DECRYPT
+
+    /* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */
+    len = sizeof(ct192);
+    RESET_IV(iv192tmp, iv192);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+
+    ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #endif
+  }
+  #endif /* WOLFSSL_AES_192 */
+  #ifdef WOLFSSL_AES_256
+  {
+    /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
+     * Appendix F.2.5  */
+    byte iv256tmp[AES_BLOCK_SIZE] = {0};
+
+    const byte pt256[]  = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+                            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
+
+    const byte ct256[]  = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
+                            0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 };
+
+    const byte iv256[]  = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+                            0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
+
+    byte key256[]       = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+                            0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+                            0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+                            0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
+
+
+    len = sizeof(pt256);
+
+    /* wolfSSL_AES_cbc_encrypt() 256-bit */
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    RESET_IV(iv256tmp, iv256);
+
+    ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #ifdef HAVE_AES_DECRYPT
+
+    /* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */
+    len = sizeof(ct256);
+    RESET_IV(iv256tmp, iv256);
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+
+    ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0);
+    wc_AesFree((Aes*)&aes);
+
+    #endif
+
+    #if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && \
+        !defined(HAVE_SELFTEST)
+    {
+    byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 };
+    byte wrapPlain[sizeof(key256)] = { 0 };
+    byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 };
+
+    /* wolfSSL_AES_wrap_key() 256-bit NULL iv */
+    ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
+            15), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
+            sizeof(key256)), sizeof(wrapCipher));
+    wc_AesFree((Aes*)&aes);
+
+    /* wolfSSL_AES_unwrap_key() 256-bit NULL iv */
+    ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
+            23), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
+            sizeof(wrapCipher)), sizeof(wrapPlain));
+    ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
+    XMEMSET(wrapCipher, 0, sizeof(wrapCipher));
+    XMEMSET(wrapPlain, 0, sizeof(wrapPlain));
+    wc_AesFree((Aes*)&aes);
+
+    /* wolfSSL_AES_wrap_key() 256-bit custom iv */
+    ExpectIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256,
+            sizeof(key256)), sizeof(wrapCipher));
+    wc_AesFree((Aes*)&aes);
+
+    /* wolfSSL_AES_unwrap_key() 256-bit custom iv */
+    ExpectIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher,
+            sizeof(wrapCipher)), sizeof(wrapPlain));
+    ExpectIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
+    wc_AesFree((Aes*)&aes);
+
+    ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, wrapCipher, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, NULL, NULL, key256, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(NULL, wrapIV, wrapCipher, key256, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, NULL, key256, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, NULL, 0), 0);
+
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, NULL, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, wrapPlain, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, NULL, NULL, wrapCipher, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(NULL, wrapIV, wrapPlain, wrapCipher, 0),
+        0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher, 0),
+        0);
+    ExpectIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, NULL, wrapCipher, 0), 0);
+    ExpectIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapPlain, NULL, 0), 0);
+    }
+    #endif /* HAVE_AES_KEYWRAP */
+  }
+  #endif /* WOLFSSL_AES_256 */
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_AES_cfb128_encrypt(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(WOLFSSL_AES_CFB) && \
+        !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+    AES_KEY aesEnc;
+    AES_KEY aesDec;
+    const byte msg[] = {
+        0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+        0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a
+    };
+    const byte exp[] = {
+        0x16, 0xc9, 0x90, 0x6c, 0x04, 0x0c, 0xd1, 0x2f,
+        0x84, 0x7b, 0x18, 0xed, 0xed, 0x6a, 0xb5, 0xfd
+    };
+    const byte key[] = {
+        0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
+        0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+        0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+        0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
+    };
+    const byte ivData[] = {
+        0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
+        0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+    };
+    byte out[AES_BLOCK_SIZE];
+    byte iv[AES_BLOCK_SIZE];
+    word32 i;
+    int num;
+
+    ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
+    XMEMCPY(iv, ivData, sizeof(iv));
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_cfb128_encrypt(msg, out, sizeof(msg), &aesEnc, iv, NULL, AES_ENCRYPT);
+    ExpectIntEQ(XMEMCMP(out, exp, sizeof(msg)), 0);
+    ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+
+#ifdef HAVE_AES_DECRYPT
+    ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
+    XMEMCPY(iv, ivData, sizeof(iv));
+    XMEMSET(out, 0, AES_BLOCK_SIZE);
+    AES_cfb128_encrypt(exp, out, sizeof(msg), &aesDec, iv, NULL, AES_DECRYPT);
+    ExpectIntEQ(XMEMCMP(out, msg, sizeof(msg)), 0);
+    ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+#endif
+
+    for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(msg)); i++) {
+        ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesEnc), 0);
+        XMEMCPY(iv, ivData, sizeof(iv));
+        XMEMSET(out, 0, AES_BLOCK_SIZE);
+        AES_cfb128_encrypt(msg, out, i, &aesEnc, iv, &num, AES_ENCRYPT);
+        ExpectIntEQ(num, i % AES_BLOCK_SIZE);
+        ExpectIntEQ(XMEMCMP(out, exp, i), 0);
+        if (i == 0) {
+            ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+        }
+        else {
+            ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+        }
+
+    #ifdef HAVE_AES_DECRYPT
+        ExpectIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aesDec), 0);
+        XMEMCPY(iv, ivData, sizeof(iv));
+        XMEMSET(out, 0, AES_BLOCK_SIZE);
+        AES_cfb128_encrypt(exp, out, i, &aesDec, iv, &num, AES_DECRYPT);
+        ExpectIntEQ(num, i % AES_BLOCK_SIZE);
+        ExpectIntEQ(XMEMCMP(out, msg, i), 0);
+        if (i == 0) {
+            ExpectIntEQ(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+        }
+        else {
+            ExpectIntNE(XMEMCMP(iv, ivData, sizeof(iv)), 0);
+        }
+    #endif
+    }
+
+    if (EXPECT_SUCCESS()) {
+        /* test bad arguments */
+        AES_cfb128_encrypt(NULL, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(msg, NULL, 0, NULL, NULL, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(NULL, out, 0, NULL, NULL, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(NULL, NULL, 0, &aesDec, NULL, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(NULL, NULL, 0, NULL, iv, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(NULL, out, 0, &aesDec, iv, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(msg, NULL, 0, &aesDec, iv, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(msg, out, 0, NULL, iv, NULL, AES_DECRYPT);
+        AES_cfb128_encrypt(msg, out, 0, &aesDec, NULL, NULL, AES_DECRYPT);
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_CRYPTO_cts128(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) && \
+    defined(HAVE_CTS) && !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API)
+    byte tmp[64]; /* Largest vector size */
+    /* Test vectors taken form RFC3962 Appendix B */
+    const testVector vects[] = {
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20",
+            "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
+            "\x97",
+            17, 17
+        },
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
+            "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
+            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
+            31, 31
+        },
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
+            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
+            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
+            32, 32
+        },
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
+            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+            "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
+            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
+            47, 47
+        },
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
+            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+            "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
+            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
+            48, 48
+        },
+        {
+            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
+            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
+            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
+            "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
+            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
+            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
+            "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
+            "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
+            64, 64
+        }
+    };
+    byte keyBytes[AES_128_KEY_SIZE] = {
+        0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
+        0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
+    };
+    size_t i;
+    AES_KEY encKey;
+    byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */
+
+    XMEMSET(tmp, 0, sizeof(tmp));
+
+    for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) {
+        AES_KEY decKey;
+
+        ExpectIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
+            &encKey), 0);
+        ExpectIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8,
+            &decKey), 0);
+        XMEMSET(iv, 0, sizeof(iv));
+        ExpectIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input,
+            tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt),
+            vects[i].outLen);
+        ExpectIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0);
+        XMEMSET(iv, 0, sizeof(iv));
+        ExpectIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output,
+            tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt),
+            vects[i].inLen);
+        ExpectIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0);
+    }
+
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, NULL, 17, NULL, NULL,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(NULL, tmp, 17, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, NULL, 17, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, NULL, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, NULL,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
+    /* Length too small. */
+    ExpectIntEQ(CRYPTO_cts128_encrypt(tmp, tmp, 0, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, NULL, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, &encKey, NULL, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, iv, NULL), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, NULL, 17, NULL, NULL,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(NULL, tmp, 17, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, NULL, 17, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, NULL, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, NULL,
+        (cbc128_f)AES_cbc_encrypt), 0);
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 17, &encKey, iv, NULL), 0);
+    /* Length too small. */
+    ExpectIntEQ(CRYPTO_cts128_decrypt(tmp, tmp, 0, &encKey, iv,
+        (cbc128_f)AES_cbc_encrypt), 0);
+#endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */
+    return EXPECT_RESULT();
 }
 
+static int test_wolfSSL_RC4(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_RC4) && defined(OPENSSL_EXTRA)
+    WOLFSSL_RC4_KEY rc4Key;
+    unsigned char key[] =  {
+        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+        0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+    };
+    unsigned char data[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+    };
+    unsigned char enc[sizeof(data)];
+    unsigned char dec[sizeof(data)];
+    word32 i;
+    word32 j;
+
+    wolfSSL_RC4_set_key(NULL, -1, NULL);
+    wolfSSL_RC4_set_key(&rc4Key, -1, NULL);
+    wolfSSL_RC4_set_key(NULL, 0, NULL);
+    wolfSSL_RC4_set_key(NULL, -1, key);
+    wolfSSL_RC4_set_key(&rc4Key, 0, NULL);
+    wolfSSL_RC4_set_key(&rc4Key, -1, key);
+    wolfSSL_RC4_set_key(NULL, 0, key);
+
+    wolfSSL_RC4(NULL, 0, NULL, NULL);
+    wolfSSL_RC4(&rc4Key, 0, NULL, NULL);
+    wolfSSL_RC4(NULL, 0, data, NULL);
+    wolfSSL_RC4(NULL, 0, NULL, enc);
+    wolfSSL_RC4(&rc4Key, 0, data, NULL);
+    wolfSSL_RC4(&rc4Key, 0, NULL, enc);
+    wolfSSL_RC4(NULL, 0, data, enc);
+
+    ExpectIntEQ(1, 1);
+    for (i = 0; EXPECT_SUCCESS() && (i <= sizeof(key)); i++) {
+        for (j = 0; EXPECT_SUCCESS() && (j <= sizeof(data)); j++) {
+            XMEMSET(enc, 0, sizeof(enc));
+            XMEMSET(dec, 0, sizeof(dec));
+
+            /* Encrypt */
+            wolfSSL_RC4_set_key(&rc4Key, i, key);
+            wolfSSL_RC4(&rc4Key, j, data, enc);
+            /* Decrypt */
+            wolfSSL_RC4_set_key(&rc4Key, i, key);
+            wolfSSL_RC4(&rc4Key, j, enc, dec);
+
+            ExpectIntEQ(XMEMCMP(dec, data, j), 0);
+        }
+    }
+#endif
+    return EXPECT_RESULT();
+}
 
 static int test_wolfSSL_OBJ(void)
 {
 /* Password "wolfSSL test" is only 12 (96-bit) too short for testing in FIPS
  * mode
  */
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && !defined(NO_ASN) && \
     !defined(HAVE_FIPS) && !defined(NO_SHA) && defined(WOLFSSL_CERT_EXT) && \
     defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO)
-    EXPECT_DECLS;
     ASN1_OBJECT *obj = NULL;
     ASN1_OBJECT *obj2 = NULL;
     char buf[50];
@@ -44266,17 +43255,14 @@ static int test_wolfSSL_OBJ(void)
         }
     }
 #endif /* HAVE_PKCS12 */
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OBJ_cmp(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
     ASN1_OBJECT *obj = NULL;
     ASN1_OBJECT *obj2 = NULL;
 
@@ -44292,17 +43278,15 @@ static int test_wolfSSL_OBJ_cmp(void)
 
     ASN1_OBJECT_free(obj);
     ASN1_OBJECT_free(obj2);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OBJ_txt2nid(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_WOLFSSL_STUB) && defined(WOLFSSL_APACHE_HTTPD)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+    defined(WOLFSSL_APACHE_HTTPD)
     int i;
     static const struct {
         const char* sn;
@@ -44310,11 +43294,13 @@ static int test_wolfSSL_OBJ_txt2nid(void)
         const char* oid;
         int nid;
     } testVals[] = {
+#ifdef WOLFSSL_APACHE_HTTPD
         { "tlsfeature", "TLS Feature", "1.3.6.1.5.5.7.1.24", NID_tlsfeature },
         { "id-on-dnsSRV", "SRVName", "1.3.6.1.5.5.7.8.7",
                                                              NID_id_on_dnsSRV },
         { "msUPN", "Microsoft User Principal Name",
                                          "1.3.6.1.4.1.311.20.2.3", NID_ms_upn },
+#endif
         { NULL, NULL, NULL, NID_undef }
     };
 
@@ -44328,18 +43314,15 @@ static int test_wolfSSL_OBJ_txt2nid(void)
         ExpectIntEQ(OBJ_txt2nid(testVals[i].ln), testVals[i].nid);
         ExpectIntEQ(OBJ_txt2nid(testVals[i].oid), testVals[i].nid);
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OBJ_txt2obj(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_APACHE_HTTPD) || (defined(OPENSSL_EXTRA) && \
         defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN))
-    EXPECT_DECLS;
     int i;
     char buf[50];
     ASN1_OBJECT* obj = NULL;
@@ -44413,20 +43396,17 @@ static int test_wolfSSL_OBJ_txt2obj(void)
         ASN1_OBJECT_free(obj);
         obj = NULL;
     }
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_write_bio_X509(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL) && \
     defined(WOLFSSL_AKID_NAME) && defined(WOLFSSL_CERT_EXT) && \
     defined(WOLFSSL_CERT_GEN) && !defined(NO_BIO) && !defined(NO_RSA) && \
     !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     /* This test contains the hard coded expected
      * lengths. Update if necessary */
     XFILE fp = XBADFILE;
@@ -44565,18 +43545,15 @@ static int test_wolfSSL_PEM_write_bio_X509(void)
     X509_free(x509b);
     BIO_free(input);
     BIO_free(output);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_NAME_ENTRY(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN)
-    EXPECT_DECLS;
     X509*      x509 = NULL;
 #ifndef NO_BIO
     BIO*       bio = NULL;
@@ -44647,6 +43624,7 @@ static int test_wolfSSL_X509_NAME_ENTRY(void)
 
         ExpectNotNull(subject = X509_NAME_oneline(nm, 0, 0));
         ExpectNotNull(XSTRSTR(subject, "favouriteDrink=tequila"));
+        ExpectNotNull(XSTRSTR(subject, "contentType=Server"));
     #ifdef DEBUG_WOLFSSL
         if (subject != NULL) {
             fprintf(stderr, "\n\t%s\n", subject);
@@ -44685,25 +43663,21 @@ static int test_wolfSSL_X509_NAME_ENTRY(void)
     BIO_free(bio);
 #endif
     X509_free(x509); /* free's nm */
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-/* Note the lack of wolfSSL_ prefix...this is a compatability layer test. */
+/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
 static int test_GENERAL_NAME_set0_othername(void) {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
     defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
-    defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM)  && \
+    defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
     defined(WOLFSSL_FPKI)
     /* ./configure --enable-opensslall --enable-certgen --enable-certreq
      *  --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
      *  -DWOLFSSL_ALT_NAMES  -DWOLFSSL_FPKI' */
-
-    EXPECT_DECLS;
     const char * cert_fname = "./certs/server-cert.der";
     const char * key_fname = "./certs/server-key.der";
     X509* x509 = NULL;
@@ -44773,26 +43747,21 @@ static int test_GENERAL_NAME_set0_othername(void) {
     X509_EXTENSION_free(ext);
     X509_free(x509);
     EVP_PKEY_free(priv);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-/* Note the lack of wolfSSL_ prefix...this is a compatability layer test. */
+/* Note the lack of wolfSSL_ prefix...this is a compatibility layer test. */
 static int test_othername_and_SID_ext(void) {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
     defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ALT_NAMES) && \
     defined(WOLFSSL_CERT_EXT) && !defined(NO_FILESYSTEM) && \
     defined(WOLFSSL_FPKI) && defined(WOLFSSL_ASN_TEMPLATE)
-
     /* ./configure --enable-opensslall --enable-certgen --enable-certreq
      *  --enable-certext --enable-debug 'CPPFLAGS=-DWOLFSSL_CUSTOM_OID
      *  -DWOLFSSL_ALT_NAMES  -DWOLFSSL_FPKI' */
-
-    EXPECT_DECLS;
     const char* csr_fname = "./certs/csr.signed.der";
     const char* key_fname = "./certs/server-key.der";
 
@@ -44938,17 +43907,15 @@ static int test_othername_and_SID_ext(void) {
 
     sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
     X509_REQ_free(x509);
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_set_name(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
-    EXPECT_DECLS;
     X509* x509 = NULL;
     X509_NAME* name = NULL;
 
@@ -44973,22 +43940,19 @@ static int test_wolfSSL_X509_set_name(void)
 
     X509_free(x509);
     X509_NAME_free(name);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_ALL && !NO_CERTS */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_set_notAfter(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
     && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
     !defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) &&\
     !defined(TIME_T_NOT_64BIT) && !defined(NO_64BIT) && !defined(NO_BIO)
     /* Generalized time will overflow time_t if not long */
-    EXPECT_DECLS;
     X509* x = NULL;
     BIO*  bio = NULL;
     ASN1_TIME *asn_time = NULL;
@@ -45036,20 +44000,17 @@ static int test_wolfSSL_X509_set_notAfter(void)
     XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
     X509_free(x);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_set_notBefore(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) \
     && !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
     !defined(TIME_OVERRIDES) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
-    EXPECT_DECLS;
     X509* x = NULL;
     BIO*  bio = NULL;
     ASN1_TIME *asn_time = NULL;
@@ -45100,18 +44061,15 @@ static int test_wolfSSL_X509_set_notBefore(void)
     XFREE(asn_time, NULL, DYNAMIC_TYPE_OPENSSL);
     X509_free(x);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_set_version(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_APACHE_HTTPD)) && \
     !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ)
-    EXPECT_DECLS;
     X509* x509 = NULL;
     long v = 2L;
     long maxInt = INT_MAX;
@@ -45129,27 +44087,32 @@ static int test_wolfSSL_X509_set_version(void)
 
     /* Cleanup */
     X509_free(x509);
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 
 static int test_wolfSSL_BIO_gets(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     BIO* bio = NULL;
     BIO* bio2 = NULL;
     char msg[] = "\nhello wolfSSL\n security plus\t---...**adf\na...b.c";
     char emp[] = "";
     char bio_buffer[20];
     int bufferSz = 20;
+#ifdef OPENSSL_ALL
+    BUF_MEM* emp_bm = NULL;
+    BUF_MEM* msg_bm = NULL;
+#endif
 
     /* try with bad args */
     ExpectNull(bio = BIO_new_mem_buf(NULL, sizeof(msg)));
+#ifdef OPENSSL_ALL
+    ExpectIntEQ(BIO_set_mem_buf(bio, NULL, BIO_NOCLOSE), BAD_FUNC_ARG);
+#endif
 
     /* try with real msg */
     ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
@@ -45171,6 +44134,49 @@ static int test_wolfSSL_BIO_gets(void)
     ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
     ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
 
+#ifdef OPENSSL_ALL
+    /* test setting the mem_buf manually */
+    BIO_free(bio);
+    ExpectNotNull(bio = BIO_new_mem_buf((void*)msg, -1));
+    ExpectNotNull(emp_bm = BUF_MEM_new());
+    ExpectNotNull(msg_bm = BUF_MEM_new());
+    ExpectIntEQ(BUF_MEM_grow(msg_bm, sizeof(msg)), sizeof(msg));
+    if (EXPECT_SUCCESS()) {
+        XFREE(msg_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
+        msg_bm->data = NULL;
+    }
+    /* emp size is 1 for terminator */
+    ExpectIntEQ(BUF_MEM_grow(emp_bm, sizeof(emp)), sizeof(emp));
+    if (EXPECT_SUCCESS()) {
+        XFREE(emp_bm->data, NULL, DYNAMIC_TYPE_OPENSSL);
+        emp_bm->data = emp;
+        msg_bm->data = msg;
+    }
+    ExpectIntEQ(BIO_set_mem_buf(bio, emp_bm, BIO_CLOSE), WOLFSSL_SUCCESS);
+
+    /* check reading an empty string */
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1); /* just terminator */
+    ExpectStrEQ(emp, bio_buffer);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 0); /* Nothing to read */
+
+    /* BIO_gets reads a line of data */
+    ExpectIntEQ(BIO_set_mem_buf(bio, msg_bm, BIO_NOCLOSE), WOLFSSL_SUCCESS);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, -3), 0);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 1);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 14);
+    ExpectStrEQ(bio_buffer, "hello wolfSSL\n");
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 19);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, bufferSz), 8);
+    ExpectIntEQ(BIO_gets(bio, bio_buffer, -1), 0);
+
+    if (EXPECT_SUCCESS())
+        emp_bm->data = NULL;
+    BUF_MEM_free(emp_bm);
+    if (EXPECT_SUCCESS())
+        msg_bm->data = NULL;
+    BUF_MEM_free(msg_bm);
+#endif
+
     /* check not null terminated string */
     BIO_free(bio);
     bio = NULL;
@@ -45267,18 +44273,15 @@ static int test_wolfSSL_BIO_gets(void)
 
     BIO_free(bio);
     bio = NULL;
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_BIO_puts(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     BIO* bio = NULL;
     char input[] = "hello\0world\n.....ok\n\0";
     char output[128];
@@ -45298,17 +44301,14 @@ static int test_wolfSSL_BIO_puts(void)
     ExpectIntEQ(BIO_puts(bio, ""), -1);
 
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_dump(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     BIO* bio;
     static const unsigned char data[] = {
         0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
@@ -45366,9 +44366,8 @@ static int test_wolfSSL_BIO_dump(void)
     ExpectIntEQ(XMEMCMP(output, expectedAll, sizeof(expectedAll) - 1), 0);
 
     BIO_free(bio);
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
@@ -45386,11 +44385,10 @@ static int forceWantRead(WOLFSSL *ssl, char *buf, int sz, void *ctx)
 
 static int test_wolfSSL_BIO_should_retry(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_RSA) && defined(HAVE_EXT_CACHE) && \
     defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(USE_WOLFSSL_IO)
-    EXPECT_DECLS;
     tcp_ready ready;
     func_args server_args;
     THREAD_TYPE serverThread;
@@ -45434,12 +44432,11 @@ static int test_wolfSSL_BIO_should_retry(void)
     tcp_connect(&sockfd, wolfSSLIP, server_args.signal->port, 0, 0, NULL);
 
     /* force retry */
-    ExpectNotNull(ssl = wolfSSL_new(ctx));
+    ExpectNotNull(bio = wolfSSL_BIO_new_ssl(ctx, 1));
+    ExpectIntEQ(BIO_get_ssl(bio, &ssl), 1);
+    ExpectNotNull(ssl);
     ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
     wolfSSL_SSLSetIORecv(ssl, forceWantRead);
-
-    ExpectNotNull(bio = BIO_new(BIO_f_ssl()));
-    ExpectIntEQ(BIO_set_ssl(bio, ssl, BIO_CLOSE), 1);
     if (EXPECT_FAIL()) {
         wolfSSL_free(ssl);
         ssl = NULL;
@@ -45447,6 +44444,8 @@ static int test_wolfSSL_BIO_should_retry(void)
 
     ExpectIntLE(BIO_write(bio, msg, msgSz), 0);
     ExpectIntNE(BIO_should_retry(bio), 0);
+    ExpectIntEQ(BIO_should_read(bio), 0);
+    ExpectIntEQ(BIO_should_write(bio), 0);
 
 
     /* now perform successful connection */
@@ -45456,9 +44455,21 @@ static int test_wolfSSL_BIO_should_retry(void)
     ret = wolfSSL_get_error(ssl, -1);
     if (ret == WOLFSSL_ERROR_WANT_READ || ret == WOLFSSL_ERROR_WANT_WRITE) {
         ExpectIntNE(BIO_should_retry(bio), 0);
+
+        if (ret == WOLFSSL_ERROR_WANT_READ)
+            ExpectIntEQ(BIO_should_read(bio), 1);
+        else
+            ExpectIntEQ(BIO_should_read(bio), 0);
+
+        if (ret == WOLFSSL_ERROR_WANT_WRITE)
+            ExpectIntEQ(BIO_should_write(bio), 1);
+        else
+            ExpectIntEQ(BIO_should_write(bio), 0);
     }
     else {
         ExpectIntEQ(BIO_should_retry(bio), 0);
+        ExpectIntEQ(BIO_should_read(bio), 0);
+        ExpectIntEQ(BIO_should_write(bio), 0);
     }
     ExpectIntEQ(XMEMCMP(reply, "I hear you fa shizzle!",
                 XSTRLEN("I hear you fa shizzle!")), 0);
@@ -45473,18 +44484,15 @@ static int test_wolfSSL_BIO_should_retry(void)
 #ifdef WOLFSSL_TIRTOS
     fdOpenSession(Task_self());
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_connect(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
             defined(HAVE_HTTP_CLIENT) && !defined(NO_WOLFSSL_CLIENT)
-    EXPECT_DECLS;
     tcp_ready ready;
     func_args server_args;
     THREAD_TYPE serverThread;
@@ -45584,18 +44592,15 @@ static int test_wolfSSL_BIO_connect(void)
 #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_BIO_tls(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if !defined(NO_BIO) && defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_CLIENT)
     SSL_CTX* ctx = NULL;
     SSL *ssl = NULL;
     BIO *readBio = NULL;
@@ -45633,10 +44638,8 @@ static int test_wolfSSL_BIO_tls(void)
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
@@ -45666,16 +44669,15 @@ static THREAD_RETURN WOLFSSL_THREAD test_wolfSSL_BIO_accept_client(void* args)
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
 
-    return 0;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 #endif
 
 static int test_wolfSSL_BIO_accept(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
     defined(HAVE_HTTP_CLIENT)
-    EXPECT_DECLS;
     BIO* serverBindBio = NULL;
     BIO* serverAcceptBio = NULL;
     SSL* sslServer = NULL;
@@ -45715,17 +44717,14 @@ static int test_wolfSSL_BIO_accept(void)
 #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_write(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_BASE64_ENCODE)
     BIO* bio = NULL;
     BIO* bio64 = NULL;
     BIO* bio_mem = NULL;
@@ -45811,18 +44810,15 @@ static int test_wolfSSL_BIO_write(void)
     ExpectNotNull(bio = BIO_new_mem_buf(out, 0));
     ExpectIntEQ(BIO_write(bio, msg, sizeof(msg)), sizeof(msg));
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_BIO_printf(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL)
     BIO* bio = NULL;
     int  sz = 7;
     char msg[] = "TLS 1.3 for the world";
@@ -45836,17 +44832,14 @@ static int test_wolfSSL_BIO_printf(void)
     ExpectIntEQ(BIO_read(bio, out, sizeof(out)), 30);
     ExpectIntEQ(XSTRNCMP(out, expected, sizeof(expected)), 0);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_f_md(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_SHA256)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && !defined(NO_SHA256)
     BIO* bio = NULL;
     BIO* mem = NULL;
     char msg[] = "message to hash";
@@ -45942,17 +44935,14 @@ static int test_wolfSSL_BIO_f_md(void)
     EVP_PKEY_free(key);
     BIO_free(bio);
     BIO_free(mem);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_up_ref(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
     BIO* bio = NULL;
 
     ExpectNotNull(bio = BIO_new(BIO_f_md()));
@@ -45962,16 +44952,13 @@ static int test_wolfSSL_BIO_up_ref(void)
     ExpectIntEQ(BIO_up_ref(bio), 1);
     BIO_free(bio);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_BIO_reset(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)
     BIO* bio = NULL;
     byte buf[16];
 
@@ -45990,10 +44977,8 @@ static int test_wolfSSL_BIO_reset(void)
     ExpectIntEQ(BIO_read(bio, buf, 16), 16);
     ExpectIntEQ(XMEMCMP(buf, "secure your data", 16), 0);
     BIO_free(bio);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* !NO_BIO */
 
@@ -46002,103 +44987,372 @@ static int test_wolfSSL_BIO_reset(void)
 /* test that the callback arg is correct */
 static int certCbArg = 0;
 
-static int clientCertCb(WOLFSSL* ssl, void* arg)
+static int certCb(WOLFSSL* ssl, void* arg)
 {
     if (ssl == NULL || arg != &certCbArg)
         return 0;
-    if (wolfSSL_use_certificate_file(ssl, cliCertFile,
-            WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
-        return 0;
-    if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
-            WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
-        return 0;
+    if (wolfSSL_is_server(ssl)) {
+        if (wolfSSL_use_certificate_file(ssl, svrCertFile,
+                WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+            return 0;
+        if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
+                WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+            return 0;
+    }
+    else {
+        if (wolfSSL_use_certificate_file(ssl, cliCertFile,
+                WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+            return 0;
+        if (wolfSSL_use_PrivateKey_file(ssl, cliKeyFile,
+                WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+            return 0;
+    }
     return 1;
 }
 
-static int clientCertSetupCb(WOLFSSL_CTX* ctx)
+static int certSetupCb(WOLFSSL_CTX* ctx)
 {
-    SSL_CTX_set_cert_cb(ctx, clientCertCb, &certCbArg);
+    SSL_CTX_set_cert_cb(ctx, certCb, &certCbArg);
     return TEST_SUCCESS;
 }
 
 /**
- * This is only done because test_client_nofail has no way to stop
- * certificate and key loading
+ * This is only done because test_wolfSSL_client_server_nofail_memio has no way
+ * to stop certificate and key loading
  */
-static int clientCertClearCb(WOLFSSL* ssl)
+static int certClearCb(WOLFSSL* ssl)
 {
     /* Clear the loaded certs to force the callbacks to set them up */
     SSL_certs_clear(ssl);
     return TEST_SUCCESS;
 }
 
-static int serverCertCb(WOLFSSL* ssl, void* arg)
+#endif
+
+static int test_wolfSSL_cert_cb(void)
 {
-    if (ssl == NULL || arg != &certCbArg)
-        return 0;
-    if (wolfSSL_use_certificate_file(ssl, svrCertFile,
-            WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+    test_ssl_cbf func_cb_client;
+    test_ssl_cbf func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+    func_cb_client.ctx_ready = certSetupCb;
+    func_cb_client.ssl_ready = certClearCb;
+    func_cb_server.ctx_ready = certSetupCb;
+    func_cb_server.ssl_ready = certClearCb;
+
+    ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
+        &func_cb_server, NULL), TEST_SUCCESS);
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+
+static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_cipher = NULL;
+static const char* test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs = NULL;
+static int test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx,
+        test_wolfSSL_cert_cb_dyn_ciphers_client_cipher), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set1_sigalgs_list(ctx,
+        test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_cert_cb_dyn_ciphers_certCB(WOLFSSL* ssl, void* arg)
+{
+    const byte* suites = NULL;
+    word16 suiteSz = 0;
+    const byte* hashSigAlgo = NULL;
+    word16 hashSigAlgoSz = 0;
+    word16 idx = 0;
+    int haveRSA = 0;
+    int haveECC = 0;
+
+    (void)arg;
+
+    if (wolfSSL_get_client_suites_sigalgs(ssl, &suites, &suiteSz, &hashSigAlgo,
+            &hashSigAlgoSz) != WOLFSSL_SUCCESS)
         return 0;
-    if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile,
-            WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS)
+    if (suites == NULL || suiteSz == 0 || hashSigAlgo == NULL ||
+            hashSigAlgoSz == 0)
         return 0;
+
+    for (idx = 0; idx < suiteSz; idx += 2) {
+        WOLFSSL_CIPHERSUITE_INFO info =
+                wolfSSL_get_ciphersuite_info(suites[idx], suites[idx+1]);
+
+        if (info.rsaAuth)
+            haveRSA = 1;
+        else if (info.eccAuth)
+            haveECC = 1;
+    }
+
+    if (hashSigAlgoSz > 0) {
+        /* sigalgs extension takes precedence over ciphersuites */
+        haveRSA = 0;
+        haveECC = 0;
+    }
+    for (idx = 0; idx < hashSigAlgoSz; idx += 2) {
+        int hashAlgo = 0;
+        int sigAlgo = 0;
+
+        if (wolfSSL_get_sigalg_info(hashSigAlgo[idx+0], hashSigAlgo[idx+1],
+                &hashAlgo, &sigAlgo) != 0)
+            return 0;
+
+        if (sigAlgo == RSAk || sigAlgo == RSAPSSk)
+            haveRSA = 1;
+        else if (sigAlgo == ECDSAk)
+            haveECC = 1;
+    }
+
+    if (haveRSA) {
+        if (wolfSSL_use_certificate_file(ssl, svrCertFile, WOLFSSL_FILETYPE_PEM)
+                != WOLFSSL_SUCCESS)
+            return 0;
+        if (wolfSSL_use_PrivateKey_file(ssl, svrKeyFile, WOLFSSL_FILETYPE_PEM)
+                != WOLFSSL_SUCCESS)
+            return 0;
+    }
+    else if (haveECC) {
+        if (wolfSSL_use_certificate_file(ssl, eccCertFile, WOLFSSL_FILETYPE_PEM)
+                != WOLFSSL_SUCCESS)
+            return 0;
+        if (wolfSSL_use_PrivateKey_file(ssl, eccKeyFile, WOLFSSL_FILETYPE_PEM)
+                != WOLFSSL_SUCCESS)
+            return 0;
+    }
+
     return 1;
 }
 
-static int serverCertSetupCb(WOLFSSL_CTX* ctx)
+static int test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready(WOLFSSL_CTX* ctx)
 {
-    SSL_CTX_set_cert_cb(ctx, serverCertCb, &certCbArg);
+    SSL_CTX_set_cert_cb(ctx, test_wolfSSL_cert_cb_dyn_ciphers_certCB, NULL);
+    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_NONE, NULL);
     return TEST_SUCCESS;
 }
 
-/**
- * This is only done because test_server_nofail has no way to stop
- * certificate and key loading
- */
-static int serverCertClearCb(WOLFSSL* ssl)
+#endif
+
+/* Testing dynamic ciphers offered by client */
+static int test_wolfSSL_cert_cb_dyn_ciphers(void)
 {
-    /* Clear the loaded certs to force the callbacks to set them up */
-    SSL_certs_clear(ssl);
-    return TEST_SUCCESS;
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+    test_ssl_cbf func_cb_client;
+    test_ssl_cbf func_cb_server;
+    struct {
+        method_provider client_meth;
+        const char* client_ciphers;
+        const char* client_sigalgs;
+        const char* client_ca;
+        method_provider server_meth;
+    } test_params[] = {
+#if !defined(NO_SHA256) && defined(HAVE_AESGCM)
+#ifdef WOLFSSL_TLS13
+#if !defined(NO_RSA) && defined(WC_RSA_PSS)
+        {wolfTLSv1_3_client_method,
+                "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
+                "RSA-PSS+SHA256", caCertFile, wolfTLSv1_3_server_method},
+#endif
+#ifdef HAVE_ECC
+        {wolfTLSv1_3_client_method,
+                "TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256",
+                "ECDSA+SHA256", caEccCertFile, wolfTLSv1_3_server_method},
+#endif
+#endif
+#ifndef WOLFSSL_NO_TLS12
+#if !defined(NO_RSA) && defined(WC_RSA_PSS) && !defined(NO_DH)
+        {wolfTLSv1_2_client_method,
+                "DHE-RSA-AES128-GCM-SHA256",
+                "RSA-PSS+SHA256", caCertFile, wolfTLSv1_2_server_method},
+#endif
+#ifdef HAVE_ECC
+        {wolfTLSv1_2_client_method,
+                "ECDHE-ECDSA-AES128-GCM-SHA256",
+                "ECDSA+SHA256", caEccCertFile, wolfTLSv1_2_server_method},
+#endif
+#endif
+#endif
+    };
+    size_t i;
+    size_t testCount = sizeof(test_params)/sizeof(*test_params);
+
+    if (testCount > 0) {
+        for (i = 0; i < testCount; i++) {
+            printf("\tTesting %s ciphers with %s sigalgs\n",
+                    test_params[i].client_ciphers,
+                    test_params[i].client_sigalgs);
+
+            XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+            XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+            test_wolfSSL_cert_cb_dyn_ciphers_client_cipher =
+                    test_params[i].client_ciphers;
+            test_wolfSSL_cert_cb_dyn_ciphers_client_sigalgs =
+                    test_params[i].client_sigalgs;
+            func_cb_client.method = test_params[i].client_meth;
+            func_cb_client.caPemFile = test_params[i].client_ca;
+            func_cb_client.ctx_ready =
+                    test_wolfSSL_cert_cb_dyn_ciphers_client_ctx_ready;
+
+            func_cb_server.ctx_ready =
+                    test_wolfSSL_cert_cb_dyn_ciphers_server_ctx_ready;
+            func_cb_server.ssl_ready = certClearCb; /* Reuse from prev test */
+            func_cb_server.method = test_params[i].server_meth;
+
+            ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
+                &func_cb_server, NULL), TEST_SUCCESS);
+        }
+    }
+#endif
+    return EXPECT_RESULT();
 }
 
+static int test_wolfSSL_ciphersuite_auth(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+    WOLFSSL_CIPHERSUITE_INFO info;
+
+    (void)info;
+
+#ifndef WOLFSSL_NO_TLS12
+#ifdef HAVE_CHACHA
+    info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+            TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256);
+    ExpectIntEQ(info.rsaAuth, 1);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+            TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 1);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(CHACHA_BYTE,
+            TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 1);
+#endif
+#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)
+#ifndef NO_RSA
+    info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+            TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA);
+    ExpectIntEQ(info.rsaAuth, 1);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+            TLS_ECDH_RSA_WITH_AES_128_CBC_SHA);
+    ExpectIntEQ(info.rsaAuth, 1);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 1);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+            TLS_ECDH_RSA_WITH_AES_256_CBC_SHA);
+    ExpectIntEQ(info.rsaAuth, 1);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 1);
+    ExpectIntEQ(info.psk, 0);
+#endif
+    info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+            TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 1);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(ECC_BYTE,
+            TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 1);
+    ExpectIntEQ(info.eccStatic, 1);
+    ExpectIntEQ(info.psk, 0);
+
+    info = wolfSSL_get_ciphersuite_info(ECDHE_PSK_BYTE,
+            TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 1);
+#endif
 #endif
 
-static int test_wolfSSL_cert_cb(void)
+#ifdef WOLFSSL_TLS13
+    info = wolfSSL_get_ciphersuite_info(TLS13_BYTE,
+            TLS_AES_128_GCM_SHA256);
+    ExpectIntEQ(info.rsaAuth, 0);
+    ExpectIntEQ(info.eccAuth, 0);
+    ExpectIntEQ(info.eccStatic, 0);
+    ExpectIntEQ(info.psk, 0);
+#endif
+
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_sigalg_info(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
     EXPECT_DECLS;
-    test_ssl_cbf func_cb_client;
-    test_ssl_cbf func_cb_server;
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA)
+    byte hashSigAlgo[WOLFSSL_MAX_SIGALGO];
+    word16 len = 0;
+    word16 idx = 0;
+    int allSigAlgs = SIG_ECDSA | SIG_RSA | SIG_SM2 | SIG_FALCON | SIG_DILITHIUM;
 
-    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
-    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+    InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs, 1, 0xFFFFFFFF, &len);
+    for (idx = 0; idx < len; idx += 2) {
+        int hashAlgo = 0;
+        int sigAlgo = 0;
 
-    func_cb_client.ctx_ready = clientCertSetupCb;
-    func_cb_client.ssl_ready = clientCertClearCb;
-    func_cb_server.ctx_ready = serverCertSetupCb;
-    func_cb_server.ssl_ready = serverCertClearCb;
+        ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
+                hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
 
-    ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
-        &func_cb_server, NULL), TEST_SUCCESS);
+        ExpectIntNE(hashAlgo, 0);
+        ExpectIntNE(sigAlgo, 0);
+    }
+
+    InitSuitesHashSigAlgo_ex2(hashSigAlgo, allSigAlgs | SIG_ANON, 1,
+            0xFFFFFFFF, &len);
+    for (idx = 0; idx < len; idx += 2) {
+        int hashAlgo = 0;
+        int sigAlgo = 0;
+
+        ExpectIntEQ(wolfSSL_get_sigalg_info(hashSigAlgo[idx+0],
+                hashSigAlgo[idx+1], &hashAlgo, &sigAlgo), 0);
+
+        ExpectIntNE(hashAlgo, 0);
+    }
 
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SESSION(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
     !defined(NO_SESSION_CACHE)
-
-    WOLFSSL*     ssl;
-    WOLFSSL_CTX* ctx;
-    WOLFSSL_SESSION* sess;
-    WOLFSSL_SESSION* sess_copy;
+    WOLFSSL*     ssl = NULL;
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL_SESSION* sess = NULL;
+    WOLFSSL_SESSION* sess_copy = NULL;
 #ifdef OPENSSL_EXTRA
 #ifdef HAVE_EXT_CACHE
     unsigned char* sessDer = NULL;
@@ -46121,23 +45375,23 @@ static int test_wolfSSL_SESSION(void)
 #if defined(WOLFSSL_TLS13) && (!defined(HAVE_SESSION_TICKET) && \
     !defined(WOLFSSL_NO_TLS12) || !(defined(HAVE_CHACHA) && \
             defined(HAVE_POLY1305) && !defined(HAVE_AESGCM)))
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
 #else
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
 #endif
 
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
+    ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
         WOLFSSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
+    ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
         WOLFSSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
         WOLFSSL_SUCCESS);
 #ifdef WOLFSSL_ENCRYPTED_KEYS
     wolfSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
 #endif
 #ifdef HAVE_SESSION_TICKET
     /* Use session tickets, for ticket tests below */
-    AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
 #endif
 
     XMEMSET(&server_args, 0, sizeof(func_args));
@@ -46158,9 +45412,9 @@ static int test_wolfSSL_SESSION(void)
     wait_tcp_ready(&server_args);
 
     /* client connection */
-    ssl = wolfSSL_new(ctx);
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
     tcp_connect(&sockfd, wolfSSLIP, ready.port, 0, 0, ssl);
-    AssertIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_fd(ssl, sockfd), WOLFSSL_SUCCESS);
 
     #ifdef WOLFSSL_ASYNC_CRYPT
     err = 0; /* Reset error */
@@ -46175,7 +45429,7 @@ static int test_wolfSSL_SESSION(void)
         ret = wolfSSL_connect(ssl);
         err = wolfSSL_get_error(ssl, 0);
     } while (err == WC_PENDING_E);
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 
     #ifdef WOLFSSL_ASYNC_CRYPT
     err = 0; /* Reset error */
@@ -46190,7 +45444,7 @@ static int test_wolfSSL_SESSION(void)
         ret = wolfSSL_write(ssl, sendGET, (int)XSTRLEN(sendGET));
         err = wolfSSL_get_error(ssl, 0);
     } while (err == WC_PENDING_E);
-    AssertIntEQ(ret, (int)XSTRLEN(sendGET));
+    ExpectIntEQ(ret, (int)XSTRLEN(sendGET));
 
     #ifdef WOLFSSL_ASYNC_CRYPT
     err = 0; /* Reset error */
@@ -46205,12 +45459,12 @@ static int test_wolfSSL_SESSION(void)
         ret = wolfSSL_read(ssl, msg, sizeof(msg));
         err = wolfSSL_get_error(ssl, 0);
     } while (err == WC_PENDING_E);
-    AssertIntEQ(ret, 23);
+    ExpectIntEQ(ret, 23);
 
-    AssertPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */
-    AssertPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */
+    ExpectPtrNE((sess = wolfSSL_get1_session(ssl)), NULL); /* ref count 1 */
+    ExpectPtrNE((sess_copy = wolfSSL_get1_session(ssl)), NULL); /* ref count 2 */
 #ifdef HAVE_EXT_CACHE
-    AssertPtrEq(sess, sess_copy); /* they should be the same pointer but without
+    ExpectPtrEq(sess, sess_copy); /* they should be the same pointer but without
                                    * HAVE_EXT_CACHE we get new objects each time */
 #endif
     wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
@@ -46219,27 +45473,29 @@ static int test_wolfSSL_SESSION(void)
     sess = wolfSSL_get_session(ssl);
 
 #ifdef OPENSSL_EXTRA
-    AssertIntEQ(SSL_SESSION_is_resumable(NULL), 0);
-    AssertIntEQ(SSL_SESSION_is_resumable(sess), 1);
+    ExpectIntEQ(SSL_SESSION_is_resumable(NULL), 0);
+    ExpectIntEQ(SSL_SESSION_is_resumable(sess), 1);
 
-    AssertIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0);
-    AssertIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0);
+    ExpectIntEQ(wolfSSL_SESSION_has_ticket(NULL), 0);
+    ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(NULL), 0);
     #ifdef HAVE_SESSION_TICKET
-    AssertIntEQ(wolfSSL_SESSION_has_ticket(sess), 1);
-    AssertIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess),
+    ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 1);
+    ExpectIntEQ(wolfSSL_SESSION_get_ticket_lifetime_hint(sess),
                 SESSION_TICKET_HINT_DEFAULT);
     #else
-    AssertIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
+    ExpectIntEQ(wolfSSL_SESSION_has_ticket(sess), 0);
     #endif
 #else
     (void)sess;
 #endif /* OPENSSL_EXTRA */
 
     /* Retain copy of the session for later testing */
-    AssertNotNull(sess = wolfSSL_get1_session(ssl));
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl));
 
     wolfSSL_shutdown(ssl);
-    wolfSSL_free(ssl);
+    wolfSSL_free(ssl); ssl = NULL;
+
+    CloseSocket(sockfd);
 
     join_thread(serverThread);
 
@@ -46251,50 +45507,50 @@ static int test_wolfSSL_SESSION(void)
 
 #if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA)
     {
-        X509 *x509;
+        X509 *x509 = NULL;
         char buf[30];
-        int  bufSz;
+        int  bufSz = 0;
 
-        AssertNotNull(x509 = SSL_SESSION_get0_peer(sess));
-        AssertIntGT((bufSz = X509_NAME_get_text_by_NID(
-                    X509_get_subject_name(x509), NID_organizationalUnitName,
-                    buf, sizeof(buf))), 0);
-        AssertIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/
+        ExpectNotNull(x509 = SSL_SESSION_get0_peer(sess));
+        ExpectIntGT((bufSz = X509_NAME_get_text_by_NID(
+            X509_get_subject_name(x509), NID_organizationalUnitName, buf,
+            sizeof(buf))), 0);
+        ExpectIntNE((bufSz == 7 || bufSz == 16), 0); /* should be one of these*/
         if (bufSz == 7) {
-            AssertIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
+            ExpectIntEQ(XMEMCMP(buf, "Support", bufSz), 0);
         }
         if (bufSz == 16) {
-            AssertIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0);
+            ExpectIntEQ(XMEMCMP(buf, "Programming-2048", bufSz), 0);
         }
     }
 #endif
 
 #ifdef HAVE_EXT_CACHE
-    AssertNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
-    wolfSSL_SESSION_free(sess_copy);
+    ExpectNotNull(sess_copy = wolfSSL_SESSION_dup(sess));
+    wolfSSL_SESSION_free(sess_copy); sess_copy = NULL;
     sess_copy = NULL;
 #endif
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_EXT_CACHE)
     /* get session from DER and update the timeout */
-    AssertIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
-    AssertIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
-    wolfSSL_SESSION_free(sess);
+    ExpectIntEQ(wolfSSL_i2d_SSL_SESSION(NULL, &sessDer), BAD_FUNC_ARG);
+    ExpectIntGT((sz = wolfSSL_i2d_SSL_SESSION(sess, &sessDer)), 0);
+    wolfSSL_SESSION_free(sess); sess = NULL;
     sess = NULL;
     ptr = sessDer;
-    AssertNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
-    AssertNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
+    ExpectNull(sess = wolfSSL_d2i_SSL_SESSION(NULL, NULL, sz));
+    ExpectNotNull(sess = wolfSSL_d2i_SSL_SESSION(NULL,
                 (const unsigned char**)&ptr, sz));
     XFREE(sessDer, NULL, DYNAMIC_TYPE_OPENSSL);
     sessDer = NULL;
 
-    AssertIntGT(wolfSSL_SESSION_get_time(sess), 0);
-    AssertIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
+    ExpectIntGT(wolfSSL_SESSION_get_time(sess), 0);
+    ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
 #endif
 
     /* successful set session test */
-    AssertNotNull(ssl = wolfSSL_new(ctx));
-    AssertIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
+    ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
 
 #ifdef HAVE_SESSION_TICKET
     /* Test set/get session ticket */
@@ -46303,52 +45559,179 @@ static int test_wolfSSL_SESSION(void)
         char buf[64] = {0};
         word32 bufSz = (word32)sizeof(buf);
 
-        AssertIntEQ(SSL_SUCCESS,
+        ExpectIntEQ(SSL_SUCCESS,
             wolfSSL_set_SessionTicket(ssl, (byte *)ticket,
                 (word32)XSTRLEN(ticket)));
-        AssertIntEQ(SSL_SUCCESS,
+        ExpectIntEQ(SSL_SUCCESS,
             wolfSSL_get_SessionTicket(ssl, (byte *)buf, &bufSz));
-        AssertStrEQ(ticket, buf);
+        ExpectStrEQ(ticket, buf);
     }
 #endif
 
 #ifdef OPENSSL_EXTRA
     /* session timeout case */
     /* make the session to be expired */
-    AssertIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS);
+    ExpectIntEQ(SSL_SESSION_set_timeout(sess,1), SSL_SUCCESS);
     XSLEEP_MS(1200);
 
     /* SSL_set_session should reject specified session but return success
      * if WOLFSSL_ERROR_CODE_OPENSSL macro is defined for OpenSSL compatibility.
      */
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
-    AssertIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_SUCCESS);
 #else
-    AssertIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE);
+    ExpectIntEQ(wolfSSL_set_session(ssl,sess), SSL_FAILURE);
 #endif
-    AssertIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_SSL_SESSION_set_timeout(sess, 500), SSL_SUCCESS);
 
+#ifdef WOLFSSL_SESSION_ID_CTX
     /* fail case with miss match session context IDs (use compatibility API) */
-    AssertIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
+    ExpectIntEQ(SSL_set_session_id_context(ssl, context, contextSz),
             SSL_SUCCESS);
-    AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
-    wolfSSL_free(ssl);
+    ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+    wolfSSL_free(ssl); ssl = NULL;
 
-    AssertIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
+    ExpectIntEQ(SSL_CTX_set_session_id_context(NULL, context, contextSz),
             SSL_FAILURE);
-    AssertIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
+    ExpectIntEQ(SSL_CTX_set_session_id_context(ctx, context, contextSz),
             SSL_SUCCESS);
-    AssertNotNull(ssl = wolfSSL_new(ctx));
-    AssertIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
+    ExpectIntEQ(wolfSSL_set_session(ssl, sess), SSL_FAILURE);
+#endif
 #endif /* OPENSSL_EXTRA */
 
     wolfSSL_free(ssl);
     wolfSSL_SESSION_free(sess);
     wolfSSL_CTX_free(ctx);
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = TEST_RES_CHECK(1);
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+    !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
+    !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
+    !defined(WOLFSSL_NO_TLS12)
+static WOLFSSL_SESSION* test_wolfSSL_SESSION_expire_sess = NULL;
+
+static void test_wolfSSL_SESSION_expire_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    #ifdef WOLFSSL_ERROR_CODE_OPENSSL
+    /* returns previous timeout value */
+    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), 500);
+    #else
+    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 1), WOLFSSL_SUCCESS);
+    #endif
+}
+
+
+/* set the session to timeout in a second */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready(WOLFSSL* ssl)
+{
+    AssertIntEQ(wolfSSL_set_timeout(ssl, 2), 1);
+}
+
+
+/* store the client side session from the first successful connection */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_result(WOLFSSL* ssl)
+{
+    AssertPtrNE((test_wolfSSL_SESSION_expire_sess = wolfSSL_get1_session(ssl)),
+        NULL); /* ref count 1 */
+}
+
+
+/* wait till session is expired then set it in the WOLFSSL struct for use */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait(WOLFSSL* ssl)
+{
+    AssertIntEQ(wolfSSL_set_timeout(ssl, 1), 1);
+    AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+        WOLFSSL_SUCCESS);
+    XSLEEP_MS(2000); /* wait 2 seconds for session to expire */
+}
+
+
+/* set expired session in the WOLFSSL struct for use */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set(WOLFSSL* ssl)
+{
+    XSLEEP_MS(1200); /* wait a second for session to expire */
+
+    /* set the expired session, call to set session fails but continuing on
+       after failure should be handled here */
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL)
+    AssertIntEQ(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+        WOLFSSL_SUCCESS);
+#else
+    AssertIntNE(wolfSSL_set_session(ssl, test_wolfSSL_SESSION_expire_sess),
+        WOLFSSL_SUCCESS);
 #endif
-    return res;
+}
+
+
+/* check that the expired session was not reused */
+static void test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse(WOLFSSL* ssl)
+{
+    /* since the session has expired it should not have been reused */
+    AssertIntEQ(wolfSSL_session_reused(ssl), 0);
+}
+#endif
+
+static int test_wolfSSL_SESSION_expire_downgrade(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
+    !defined(NO_RSA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
+    !defined(NO_SESSION_CACHE) && defined(OPENSSL_EXTRA) && \
+    !defined(WOLFSSL_NO_TLS12)
+
+    WOLFSSL_CTX* ctx = NULL;
+    callback_functions server_cbf, client_cbf;
+
+    XMEMSET(&server_cbf, 0, sizeof(callback_functions));
+    XMEMSET(&client_cbf, 0, sizeof(callback_functions));
+
+    /* force server side to use TLS 1.2 */
+    server_cbf.ctx = ctx;
+    server_cbf.method = wolfTLSv1_2_server_method;
+
+    client_cbf.method = wolfSSLv23_client_method;
+    server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+    client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready;
+    client_cbf.on_result = test_wolfSSL_SESSION_expire_downgrade_ssl_result;
+
+    test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+    /* set the previously created session and wait till expired */
+    server_cbf.ctx = ctx;
+
+    client_cbf.method = wolfSSLv23_client_method;
+    server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+    client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_wait;
+    client_cbf.on_result =
+        test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
+
+    test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+    /* set the previously created expired session */
+    server_cbf.ctx = ctx;
+
+    client_cbf.method = wolfSSLv23_client_method;
+    server_cbf.ctx_ready = test_wolfSSL_SESSION_expire_downgrade_ctx_ready;
+    client_cbf.ssl_ready = test_wolfSSL_SESSION_expire_downgrade_ssl_ready_set;
+    client_cbf.on_result =
+        test_wolfSSL_SESSION_expire_downgrade_ssl_result_reuse;
+
+    test_wolfSSL_client_server_nofail(&client_cbf, &server_cbf);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+
+    wolfSSL_SESSION_free(test_wolfSSL_SESSION_expire_sess);
+    wolfSSL_CTX_free(ctx);
+
+#endif
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
@@ -46387,21 +45770,26 @@ static void SessRemCtxCb(WOLFSSL_CTX *ctx, WOLFSSL_SESSION *sess)
 
 static int SessRemCtxSetupCb(WOLFSSL_CTX* ctx)
 {
-    EXPECT_DECLS;
     SSL_CTX_sess_set_remove_cb(ctx, SessRemCtxCb);
 #if defined(WOLFSSL_TLS13) && !defined(HAVE_SESSION_TICKET) && \
         !defined(NO_SESSION_CACHE_REF)
-    /* Allow downgrade, set min version, and disable TLS 1.3.
-     * Do this because without NO_SESSION_CACHE_REF we will want to return a
-     * reference to the session cache. But with WOLFSSL_TLS13 and without
-     * HAVE_SESSION_TICKET we won't have a session ID to be able to place the
-     * session in the cache. In this case we need to downgrade to previous
-     * versions to just use the legacy session ID field. */
-    ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), SSL_SUCCESS);
-    ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
-        SSL_SUCCESS);
+    {
+        EXPECT_DECLS;
+        /* Allow downgrade, set min version, and disable TLS 1.3.
+         * Do this because without NO_SESSION_CACHE_REF we will want to return a
+         * reference to the session cache. But with WOLFSSL_TLS13 and without
+         * HAVE_SESSION_TICKET we won't have a session ID to be able to place
+         * the session in the cache. In this case we need to downgrade to
+         * previous versions to just use the legacy session ID field. */
+        ExpectIntEQ(SSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
+            SSL_SUCCESS);
+        ExpectIntEQ(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION),
+            SSL_SUCCESS);
+        return EXPECT_RESULT();
+    }
+#else
+    return TEST_SUCCESS;
 #endif
-    return EXPECT_RESULT();
 }
 
 static int SessRemSslSetupCb(WOLFSSL* ssl)
@@ -46409,27 +45797,25 @@ static int SessRemSslSetupCb(WOLFSSL* ssl)
     EXPECT_DECLS;
     int* side;
 
-    if (EXPECT_SUCCESS()) {
-        if (SSL_is_server(ssl)) {
-            side = &sessRemCtx_Server;
-            serverSessRemCountMalloc++;
-            ExpectNotNull(serverSess = SSL_get1_session(ssl));
-            ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
-                    SSL_SUCCESS);
-        }
-        else {
-            side = &sessRemCtx_Client;
-            clientSessRemCountMalloc++;
-        #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
-            !defined(NO_SESSION_CACHE_REF)
-            ExpectNotNull(clientSess = SSL_get1_session(ssl));
-            ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
-                    SSL_SUCCESS);
-    #endif
-        }
-        ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl),
-            serverSessRemIdx, side), SSL_SUCCESS);
+    if (SSL_is_server(ssl)) {
+        side = &sessRemCtx_Server;
+        serverSessRemCountMalloc++;
+        ExpectNotNull(serverSess = SSL_get1_session(ssl));
+        ExpectIntEQ(SSL_CTX_up_ref(serverSessCtx = SSL_get_SSL_CTX(ssl)),
+                SSL_SUCCESS);
+    }
+    else {
+        side = &sessRemCtx_Client;
+        clientSessRemCountMalloc++;
+    #if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
+        !defined(NO_SESSION_CACHE_REF)
+        ExpectNotNull(clientSess = SSL_get1_session(ssl));
+        ExpectIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
+                SSL_SUCCESS);
+#endif
     }
+    ExpectIntEQ(SSL_SESSION_set_ex_data(SSL_get_session(ssl),
+        serverSessRemIdx, side), SSL_SUCCESS);
 
     return EXPECT_RESULT();
 }
@@ -46437,15 +45823,14 @@ static int SessRemSslSetupCb(WOLFSSL* ssl)
 
 static int test_wolfSSL_CTX_sess_set_remove_cb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && \
     defined(HAVE_EX_DATA) && !defined(NO_SESSION_CACHE)
-    EXPECT_DECLS;
     /* Check that the remove callback gets called for external data in a
      * session object */
     test_ssl_cbf func_cb;
 
-    XMEMSET(&func_cb, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb, 0, sizeof(func_cb));
     func_cb.ctx_ready = SessRemCtxSetupCb;
     func_cb.on_result = SessRemSslSetupCb;
 
@@ -46490,98 +45875,97 @@ static int test_wolfSSL_CTX_sess_set_remove_cb(void)
     SSL_CTX_free(clientSessCtx);
     SSL_SESSION_free(clientSess);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ticket_keys(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
     !defined(NO_WOLFSSL_SERVER)
-    WOLFSSL_CTX* ctx;
+    WOLFSSL_CTX* ctx = NULL;
     byte keys[WOLFSSL_TICKET_KEYS_SZ];
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
 
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
                 WOLFSSL_FAILURE);
 
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, 0),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, NULL, sizeof(keys)),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, NULL, sizeof(keys)),
                 WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(NULL, keys, sizeof(keys)),
                 WOLFSSL_FAILURE);
 
-    AssertIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_get_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
+    ExpectIntEQ(wolfSSL_CTX_set_tlsext_ticket_keys(ctx, keys, sizeof(keys)),
                 WOLFSSL_SUCCESS);
 
     wolfSSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 
 static int test_wolfSSL_d2i_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA)
-    BIO*  bio;
-    EVP_PKEY* pkey;
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
+    BIO* bio = NULL;
+    EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertNull(d2i_PUBKEY_bio(NULL, NULL));
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectNull(d2i_PUBKEY_bio(NULL, NULL));
 
 #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
     /* RSA PUBKEY test */
-    AssertIntGT(BIO_write(bio, client_keypub_der_2048,
-                sizeof_client_keypub_der_2048), 0);
-    AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+    ExpectIntGT(BIO_write(bio, client_keypub_der_2048,
+        sizeof_client_keypub_der_2048), 0);
+    ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
     EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif
 
 #if defined(USE_CERT_BUFFERS_256) && defined(HAVE_ECC)
     /* ECC PUBKEY test */
-    AssertIntGT(BIO_write(bio, ecc_clikeypub_der_256,
-                sizeof_ecc_clikeypub_der_256), 0);
-    AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+    ExpectIntGT(BIO_write(bio, ecc_clikeypub_der_256,
+        sizeof_ecc_clikeypub_der_256), 0);
+    ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
     EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif
 
 #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DSA)
     /* DSA PUBKEY test */
-    AssertIntGT(BIO_write(bio, dsa_pub_key_der_2048,
-                sizeof_dsa_pub_key_der_2048), 0);
-    AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+    ExpectIntGT(BIO_write(bio, dsa_pub_key_der_2048,
+        sizeof_dsa_pub_key_der_2048), 0);
+    ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
     EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif
 
 #if defined(USE_CERT_BUFFERS_2048) && !defined(NO_DH) && \
@@ -46589,31 +45973,29 @@ defined(OPENSSL_EXTRA) && defined(WOLFSSL_DH_EXTRA)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
             (HAVE_FIPS_VERSION > 2))
     /* DH PUBKEY test */
-    AssertIntGT(BIO_write(bio, dh_pub_key_der_2048,
-                sizeof_dh_pub_key_der_2048), 0);
-    AssertNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
+    ExpectIntGT(BIO_write(bio, dh_pub_key_der_2048,
+        sizeof_dh_pub_key_der_2048), 0);
+    ExpectNotNull(pkey = d2i_PUBKEY_bio(bio, NULL));
     EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /*  USE_CERT_BUFFERS_2048 && !NO_DH &&  && OPENSSL_EXTRA */
 
     BIO_free(bio);
 
     (void)pkey;
+#endif
 
-    res = TEST_RES_CHECK(1);
-    #endif
-
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
 static int test_wolfSSL_d2i_PrivateKeys_bio(void)
 {
+    EXPECT_DECLS;
     BIO*      bio = NULL;
     EVP_PKEY* pkey  = NULL;
-#ifndef NO_RSA
-#endif
-    WOLFSSL_CTX* ctx;
+    WOLFSSL_CTX* ctx = NULL;
 
 #if defined(WOLFSSL_KEY_GEN)
     unsigned char buff[4096];
@@ -46621,28 +46003,29 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
 #endif
 
     /* test creating new EVP_PKEY with bad arg */
-    AssertNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
+    ExpectNull((pkey = d2i_PrivateKey_bio(NULL, NULL)));
 
     /* test loading RSA key using BIO */
 #if !defined(NO_RSA) && !defined(NO_FILESYSTEM)
     {
-        XFILE file;
+        XFILE file = XBADFILE;
         const char* fname = "./certs/server-key.der";
         size_t sz;
-        byte* buf;
-
-        file = XFOPEN(fname, "rb");
-        AssertTrue((file != XBADFILE));
-        AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0);
-        sz = XFTELL(file);
-        AssertTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
-        AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
-        AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
-        XFCLOSE(file);
+        byte* buf = NULL;
+
+        ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+        ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
+        ExpectTrue((sz = XFTELL(file)) != 0);
+        ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
+        ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
+        ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
+        if (file != XBADFILE) {
+            XFCLOSE(file);
+        }
 
         /* Test using BIO new mem and loading DER private key */
-        AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
-        AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
+        ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+        ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
         XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
         BIO_free(bio);
         bio = NULL;
@@ -46654,23 +46037,23 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
     /* test loading ECC key using BIO */
 #if defined(HAVE_ECC) && !defined(NO_FILESYSTEM)
     {
-        XFILE file;
+        XFILE file = XBADFILE;
         const char* fname = "./certs/ecc-key.der";
         size_t sz;
-        byte* buf;
-
-        file = XFOPEN(fname, "rb");
-        AssertTrue((file != XBADFILE));
-        AssertTrue(XFSEEK(file, 0, XSEEK_END) == 0);
-        sz = XFTELL(file);
-        AssertTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
-        AssertNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
-        AssertIntEQ(XFREAD(buf, 1, sz, file), sz);
-        XFCLOSE(file);
+        byte* buf = NULL;
+
+        ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+        ExpectTrue(XFSEEK(file, 0, XSEEK_END) == 0);
+        ExpectTrue((sz = XFTELL(file)) != 0);
+        ExpectTrue(XFSEEK(file, 0, XSEEK_SET) == 0);
+        ExpectNotNull(buf = (byte*)XMALLOC(sz, HEAP_HINT, DYNAMIC_TYPE_FILE));
+        ExpectIntEQ(XFREAD(buf, 1, sz, file), sz);
+        if (file != XBADFILE)
+            XFCLOSE(file);
 
         /* Test using BIO new mem and loading DER private key */
-        AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
-        AssertNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
+        ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+        ExpectNotNull((pkey = d2i_PrivateKey_bio(bio, NULL)));
         XFREE(buf, HEAP_HINT, DYNAMIC_TYPE_FILE);
         BIO_free(bio);
         bio = NULL;
@@ -46679,11 +46062,11 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
     }
 #endif
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
 #ifndef NO_WOLFSSL_SERVER
-    AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
 #else
-    AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
+    ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
 #endif
 
 #if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
@@ -46691,39 +46074,39 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
     {
         RSA* rsa = NULL;
         /* Tests bad parameters */
-        AssertNull(d2i_RSAPrivateKey_bio(NULL, NULL));
+        ExpectNull(d2i_RSAPrivateKey_bio(NULL, NULL));
 
         /* RSA not set yet, expecting to fail*/
-        AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG);
+        ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), BAD_FUNC_ARG);
 
 #if defined(USE_CERT_BUFFERS_2048) && defined(WOLFSSL_KEY_GEN)
         /* set RSA using bio*/
-        AssertIntGT(BIO_write(bio, client_key_der_2048,
+        ExpectIntGT(BIO_write(bio, client_key_der_2048,
                     sizeof_client_key_der_2048), 0);
-        AssertNotNull(d2i_RSAPrivateKey_bio(bio, &rsa));
-        AssertNotNull(rsa);
+        ExpectNotNull(d2i_RSAPrivateKey_bio(bio, &rsa));
+        ExpectNotNull(rsa);
 
-        AssertIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CTX_use_RSAPrivateKey(ctx, rsa), WOLFSSL_SUCCESS);
 
-        /*i2d RSAprivate key tests */
-        AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
-        AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192);
-        AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
+        /* i2d RSAprivate key tests */
+        ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(NULL, NULL), BAD_FUNC_ARG);
+        ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 1192);
+        ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
                                                sizeof_client_key_der_2048);
         bufPtr -= sizeof_client_key_der_2048;
-        AssertIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
+        ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
                             sizeof_client_key_der_2048), 0);
         bufPtr = NULL;
-        AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
+        ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, &bufPtr),
                                                sizeof_client_key_der_2048);
-        AssertNotNull(bufPtr);
-        AssertIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
+        ExpectNotNull(bufPtr);
+        ExpectIntEQ(XMEMCMP(bufPtr, client_key_der_2048,
                             sizeof_client_key_der_2048), 0);
         XFREE(bufPtr, NULL, DYNAMIC_TYPE_OPENSSL);
 
         RSA_free(rsa);
         rsa = RSA_new();
-        AssertIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0);
+        ExpectIntEQ(wolfSSL_i2d_RSAPrivateKey(rsa, NULL), 0);
 #endif /* USE_CERT_BUFFERS_2048 WOLFSSL_KEY_GEN */
         RSA_free(rsa);
     }
@@ -46733,57 +46116,60 @@ static int test_wolfSSL_d2i_PrivateKeys_bio(void)
     BIO_free(bio);
     bio = NULL;
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
-#endif /* OPENSSL_ALL || WOLFSSL_ASIO */
+#endif /* OPENSSL_ALL || (WOLFSSL_ASIO && !NO_RSA) */
 
 #endif /* !NO_BIO */
 
 
 static int test_wolfSSL_sk_GENERAL_NAME(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_RSA)
-    X509* x509;
-    GENERAL_NAME* gn;
+    X509* x509 = NULL;
+    GENERAL_NAME* gn = NULL;
     unsigned char buf[4096];
-    const unsigned char* bufPt;
-    int bytes, i;
+    const unsigned char* bufPt = NULL;
+    int bytes = 0;
+    int i;
     int j;
+    XFILE f = XBADFILE;
+    STACK_OF(GENERAL_NAME)* sk = NULL;
 
-    XFILE f;
-    STACK_OF(GENERAL_NAME)* sk;
-
-    f = XFOPEN(cliCertDerFileExt, "rb");
-    AssertTrue((f != XBADFILE));
-    AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
+    ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     for (j = 0; j < 2; ++j) {
         bufPt = buf;
-        AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+        ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
 
-        AssertNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
+        ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
                     NID_subject_alt_name, NULL, NULL));
 
-        AssertIntEQ(sk_GENERAL_NAME_num(sk), 1);
+        ExpectIntEQ(sk_GENERAL_NAME_num(sk), 1);
         for (i = 0; i < sk_GENERAL_NAME_num(sk); i++) {
-            AssertNotNull(gn = sk_GENERAL_NAME_value(sk, i));
+            ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, i));
 
-            switch (gn->type) {
-            case GEN_DNS:
-                fprintf(stderr, "found type GEN_DNS\n");
-                break;
-            case GEN_EMAIL:
-                fprintf(stderr, "found type GEN_EMAIL\n");
-                break;
-            case GEN_URI:
-                fprintf(stderr, "found type GEN_URI\n");
-                break;
+            if (gn != NULL) {
+                switch (gn->type) {
+                case GEN_DNS:
+                    fprintf(stderr, "found type GEN_DNS\n");
+                    break;
+                case GEN_EMAIL:
+                    fprintf(stderr, "found type GEN_EMAIL\n");
+                    break;
+                case GEN_URI:
+                    fprintf(stderr, "found type GEN_URI\n");
+                    break;
+                }
             }
         }
         X509_free(x509);
+        x509 = NULL;
         if (j == 0) {
             sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
         }
@@ -46794,30 +46180,30 @@ static int test_wolfSSL_sk_GENERAL_NAME(void)
              */
             GENERAL_NAMES_free(sk);
         }
+        sk = NULL;
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_GENERAL_NAME_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_BIO) && !defined(NO_RSA)
-    X509* x509;
-    GENERAL_NAME* gn;
+    X509* x509 = NULL;
+    GENERAL_NAME* gn = NULL;
     unsigned char buf[4096];
-    const unsigned char* bufPt;
+    const unsigned char* bufPt = NULL;
     int bytes;
-    XFILE f;
-    STACK_OF(GENERAL_NAME)* sk;
-    BIO* out;
+    XFILE f = XBADFILE;
+    STACK_OF(GENERAL_NAME)* sk = NULL;
+    BIO* out = NULL;
     unsigned char outbuf[128];
 
-    X509_EXTENSION* ext;
-    AUTHORITY_INFO_ACCESS* aia;
-    ACCESS_DESCRIPTION* ad;
+    X509_EXTENSION* ext = NULL;
+    AUTHORITY_INFO_ACCESS* aia = NULL;
+    ACCESS_DESCRIPTION* ad = NULL;
+    ASN1_IA5STRING *dnsname = NULL;
 
     const unsigned char v4Addr[] = {192,168,53,1};
     const unsigned char v6Addr[] =
@@ -46837,507 +46223,378 @@ static int test_wolfSSL_GENERAL_NAME_print(void)
     const char* ediStr   = "EdiPartyName:<unsupported>";
 
     /* BIO to output */
-    AssertNotNull(out = BIO_new(BIO_s_mem()));
+    ExpectNotNull(out = BIO_new(BIO_s_mem()));
 
     /* test for NULL param */
     gn = NULL;
 
-    AssertIntEQ(GENERAL_NAME_print(NULL, NULL), 0);
-    AssertIntEQ(GENERAL_NAME_print(NULL, gn), 0);
-    AssertIntEQ(GENERAL_NAME_print(out, NULL), 0);
+    ExpectIntEQ(GENERAL_NAME_print(NULL, NULL), 0);
+    ExpectIntEQ(GENERAL_NAME_print(NULL, gn), 0);
+    ExpectIntEQ(GENERAL_NAME_print(out, NULL), 0);
 
 
     /* test for GEN_DNS */
-    f = XFOPEN(cliCertDerFileExt, "rb");
-    AssertTrue((f != XBADFILE));
-    AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(cliCertDerFileExt, "rb")) != XBADFILE);
+    ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
     bufPt = buf;
-    AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
-    AssertNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
+    ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+    ExpectNotNull(sk = (STACK_OF(ASN1_OBJECT)*)X509_get_ext_d2i(x509,
                 NID_subject_alt_name, NULL, NULL));
 
-    AssertNotNull(gn = sk_GENERAL_NAME_value(sk, 0));
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectNotNull(gn = sk_GENERAL_NAME_value(sk, 0));
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
 
-    XMEMSET(outbuf,0,sizeof(outbuf));
-    BIO_read(out, outbuf, sizeof(outbuf));
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+    XMEMSET(outbuf, 0, sizeof(outbuf));
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
 
     sk_GENERAL_NAME_pop_free(sk, GENERAL_NAME_free);
+    gn = NULL;
+    sk = NULL;
     X509_free(x509);
+    x509 = NULL;
+
+    /* Lets test for setting as well. */
+    ExpectNotNull(gn = GENERAL_NAME_new());
+    ExpectNotNull(dnsname = ASN1_IA5STRING_new());
+    ExpectIntEQ(ASN1_STRING_set(dnsname, "example.com", -1), 1);
+    GENERAL_NAME_set0_value(gn, GEN_DNS, dnsname);
+    dnsname = NULL;
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+    XMEMSET(outbuf, 0, sizeof(outbuf));
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, dnsStr, XSTRLEN(dnsStr)), 0);
+    GENERAL_NAME_free(gn);
 
     /* test for GEN_URI */
 
-    f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb");
-    AssertTrue((f != XBADFILE));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 4));
-    aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
-    AssertNotNull(aia);
-    ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 4));
+    ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
+        ext));
+    ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION *)wolfSSL_sk_value(aia, 0));
 
-    gn = ad->location;
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    if (ad != NULL) {
+        gn = ad->location;
+    }
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
+    gn = NULL;
 
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, uriStr, XSTRLEN(uriStr)), 0);
 
     wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
+    aia = NULL;
     aia = (AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext);
-    AssertNotNull(aia);
+    ExpectNotNull(aia);
     AUTHORITY_INFO_ACCESS_pop_free(aia, NULL);
+    aia = NULL;
     X509_free(x509);
+    x509 = NULL;
 
     /* test for GEN_IPADD */
 
     /* ip v4 address */
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_IPADD;
-    gn->d.iPAddress->length = sizeof(v4Addr);
-    AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr,
-                                                        sizeof(v4Addr)), 1);
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_IPADD;
+        if (gn->d.iPAddress != NULL) {
+            gn->d.iPAddress->length = sizeof(v4Addr);
+        }
+    }
+    ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v4Addr,
+        sizeof(v4Addr)), 1);
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, v4addStr, XSTRLEN(v4addStr)), 0);
 
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     /* ip v6 address */
 
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_IPADD;
-    gn->d.iPAddress->length = sizeof(v6Addr);
-    AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr,
-                                                        sizeof(v6Addr)), 1);
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_IPADD;
+        if (gn->d.iPAddress != NULL) {
+            gn->d.iPAddress->length = sizeof(v6Addr);
+        }
+    }
+    ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.iPAddress, v6Addr,
+        sizeof(v6Addr)), 1);
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, v6addStr, XSTRLEN(v6addStr)), 0);
 
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     /* test for GEN_EMAIL */
 
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_EMAIL;
-    gn->d.rfc822Name->length = sizeof(email);
-    AssertIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email,
-                                                        sizeof(email)), 1);
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_EMAIL;
+        if (gn->d.rfc822Name != NULL) {
+            gn->d.rfc822Name->length = sizeof(email);
+        }
+    }
+    ExpectIntEQ(wolfSSL_ASN1_STRING_set(gn->d.rfc822Name, email, sizeof(email)),
+        1);
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, emailStr, XSTRLEN(emailStr)), 0);
 
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     /* test for  GEN_OTHERNAME */
 
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_OTHERNAME;
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_OTHERNAME;
+    }
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, othrStr, XSTRLEN(othrStr)), 0);
 
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     /* test for  GEN_X400 */
 
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_X400;
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_X400;
+    }
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, x400Str, XSTRLEN(x400Str)), 0);
 
     /* Restore to GEN_IA5 (default) to avoid memory leak. */
-    gn->type = GEN_IA5;
+    if (gn != NULL) {
+        gn->type = GEN_IA5;
+    }
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     /* test for GEN_EDIPARTY */
 
-    AssertNotNull(gn = wolfSSL_GENERAL_NAME_new());
-    gn->type = GEN_EDIPARTY;
+    ExpectNotNull(gn = wolfSSL_GENERAL_NAME_new());
+    if (gn != NULL) {
+        gn->type = GEN_EDIPARTY;
+    }
 
-    AssertIntEQ(GENERAL_NAME_print(out, gn), 1);
+    ExpectIntEQ(GENERAL_NAME_print(out, gn), 1);
     XMEMSET(outbuf,0,sizeof(outbuf));
-    AssertIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
-    AssertIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0);
+    ExpectIntGT(BIO_read(out, outbuf, sizeof(outbuf)), 0);
+    ExpectIntEQ(XSTRNCMP((const char*)outbuf, ediStr, XSTRLEN(ediStr)), 0);
 
     /* Restore to GEN_IA5 (default) to avoid memory leak. */
-    gn->type = GEN_IA5;
+    if (gn != NULL) {
+        gn->type = GEN_IA5;
+    }
     GENERAL_NAME_free(gn);
+    gn = NULL;
 
     BIO_free(out);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_ALL */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_sk_DIST_POINT(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && \
     !defined(NO_RSA)
-    X509* x509;
+    X509* x509 = NULL;
     unsigned char buf[4096];
     const unsigned char* bufPt;
-    int bytes, i, j;
-    XFILE f;
+    int bytes;
+    int i;
+    int j;
+    XFILE f = XBADFILE;
     DIST_POINT* dp;
     DIST_POINT_NAME* dpn;
     GENERAL_NAME* gn;
     ASN1_IA5STRING* uri;
-    STACK_OF(DIST_POINT)* dps;
-    STACK_OF(GENERAL_NAME)* gns;
+    STACK_OF(DIST_POINT)* dps = NULL;
+    STACK_OF(GENERAL_NAME)* gns = NULL;
     const char cliCertDerCrlDistPoint[] = "./certs/client-crl-dist.der";
 
-    f = XFOPEN(cliCertDerCrlDistPoint, "rb");
-    AssertTrue((f != XBADFILE));
-    AssertIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(cliCertDerCrlDistPoint, "rb")) != XBADFILE);
+    ExpectIntGT((bytes = (int)XFREAD(buf, 1, sizeof(buf), f)), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     bufPt = buf;
-    AssertNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
+    ExpectNotNull(x509 = d2i_X509(NULL, &bufPt, bytes));
 
-    AssertNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509,
-                NID_crl_distribution_points, NULL, NULL));
+    ExpectNotNull(dps = (STACK_OF(DIST_POINT)*)X509_get_ext_d2i(x509,
+        NID_crl_distribution_points, NULL, NULL));
 
-    AssertIntEQ(sk_DIST_POINT_num(dps), 1);
+    ExpectIntEQ(sk_DIST_POINT_num(dps), 1);
     for (i = 0; i < sk_DIST_POINT_num(dps); i++) {
-        AssertNotNull(dp = sk_DIST_POINT_value(dps, i));
-        AssertNotNull(dpn = dp->distpoint);
+        ExpectNotNull(dp = sk_DIST_POINT_value(dps, i));
+        ExpectNotNull(dpn = dp->distpoint);
 
         /* this should be type 0, fullname */
-        AssertIntEQ(dpn->type, 0);
+        ExpectIntEQ(dpn->type, 0);
 
-        gns = dp->distpoint->name.fullname;
-        AssertNotNull(gns);
-        AssertIntEQ(sk_GENERAL_NAME_num(gns), 1);
+        ExpectNotNull(gns = dp->distpoint->name.fullname);
+        ExpectIntEQ(sk_GENERAL_NAME_num(gns), 1);
 
         for (j = 0; j < sk_GENERAL_NAME_num(gns); j++) {
-            gn = sk_GENERAL_NAME_value(gns, j);
-            AssertIntEQ(gn->type, GEN_URI);
-            AssertNotNull(uri = gn->d.uniformResourceIdentifier);
-            AssertNotNull(uri->data);
-            AssertIntGT(uri->length, 0);
+            ExpectNotNull(gn = sk_GENERAL_NAME_value(gns, j));
+            ExpectIntEQ(gn->type, GEN_URI);
+            ExpectNotNull(uri = gn->d.uniformResourceIdentifier);
+            ExpectNotNull(uri->data);
+            ExpectIntGT(uri->length, 0);
         }
     }
 
     X509_free(x509);
     CRL_DIST_POINTS_free(dps);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-static int test_wolfSSL_MD4(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD4)
-    MD4_CTX md4;
-    unsigned char out[16]; /* MD4_DIGEST_SIZE */
-    const char* msg  = "12345678901234567890123456789012345678901234567890123456"
-                       "789012345678901234567890";
-    const char* test = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f"
-                       "\xcc\x05\x36";
-    int msgSz        = (int)XSTRLEN(msg);
-
-
-    XMEMSET(out, 0, sizeof(out));
-    MD4_Init(&md4);
-    MD4_Update(&md4, (const void*)msg, (unsigned long)msgSz);
-    MD4_Final(out, &md4);
-    AssertIntEQ(XMEMCMP(out, test, sizeof(out)), 0);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
 
 
 static int test_wolfSSL_verify_mode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA)
-    WOLFSSL*     ssl;
-    WOLFSSL_CTX* ctx;
-
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    WOLFSSL*     ssl = NULL;
+    WOLFSSL_CTX* ctx = NULL;
 
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
 
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
     SSL_free(ssl);
+    ssl = NULL;
 
     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
 
     wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
-    AssertIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
+    ExpectIntEQ(SSL_CTX_get_verify_mode(ctx), SSL_VERIFY_PEER);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
 
     SSL_free(ssl);
+    ssl = NULL;
 
     wolfSSL_CTX_set_verify(ctx,
-                  WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
-    AssertIntEQ(SSL_get_verify_mode(ssl),
-                WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+        WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_CTX_get_verify_mode(ctx));
+    ExpectIntEQ(SSL_get_verify_mode(ssl),
+        WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
 
     wolfSSL_set_verify(ssl, SSL_VERIFY_PEER, 0);
-    AssertIntEQ(SSL_CTX_get_verify_mode(ctx),
-                WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
+    ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
+        WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_PEER);
 
     wolfSSL_set_verify(ssl, SSL_VERIFY_NONE, 0);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_NONE);
 
     wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_IF_NO_PEER_CERT);
 
     wolfSSL_set_verify(ssl, SSL_VERIFY_FAIL_EXCEPT_PSK, 0);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_FAIL_EXCEPT_PSK);
 
 #if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
     wolfSSL_set_verify(ssl, SSL_VERIFY_POST_HANDSHAKE, 0);
-    AssertIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE);
+    ExpectIntEQ(SSL_get_verify_mode(ssl), SSL_VERIFY_POST_HANDSHAKE);
 #endif
 
-    AssertIntEQ(SSL_CTX_get_verify_mode(ctx),
-                WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
+    ExpectIntEQ(SSL_CTX_get_verify_mode(ctx),
+        WOLFSSL_VERIFY_PEER | WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT);
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_verify_depth(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
-    WOLFSSL*     ssl;
-    WOLFSSL_CTX* ctx;
+    WOLFSSL*     ssl = NULL;
+    WOLFSSL_CTX* ctx = NULL;
     long         depth;
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile, SSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile, SSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0), SSL_SUCCESS);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    ExpectIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
 
-    AssertIntGT((depth = SSL_CTX_get_verify_depth(ctx)), 0);
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_get_verify_depth(ssl), SSL_CTX_get_verify_depth(ctx));
     SSL_free(ssl);
+    ssl = NULL;
 
     SSL_CTX_set_verify_depth(ctx, -1);
-    AssertIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
+    ExpectIntEQ(depth, SSL_CTX_get_verify_depth(ctx));
 
     SSL_CTX_set_verify_depth(ctx, 2);
-    AssertIntEQ(2, SSL_CTX_get_verify_depth(ctx));
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(2, SSL_get_verify_depth(ssl));
+    ExpectIntEQ(2, SSL_CTX_get_verify_depth(ctx));
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(2, SSL_get_verify_depth(ssl));
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
-}
-
-#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
-/* helper function for test_wolfSSL_HMAC_CTX, digest size is expected to be a
- * buffer of 64 bytes.
- *
- * returns the size of the digest buffer on success and a negative value on
- * failure.
- */
-static int test_HMAC_CTX_helper(const EVP_MD* type, unsigned char* digest)
-{
-    HMAC_CTX ctx1;
-    HMAC_CTX ctx2;
-
-    unsigned char key[] = "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
-                          "\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
-    unsigned char long_key[] =
-        "0123456789012345678901234567890123456789"
-        "0123456789012345678901234567890123456789"
-        "0123456789012345678901234567890123456789"
-        "0123456789012345678901234567890123456789";
-
-    unsigned char msg[] = "message to hash";
-    unsigned int  digestSz = 64;
-    int keySz = sizeof(key);
-    int long_keySz = sizeof(long_key);
-    int msgSz = sizeof(msg);
-
-    unsigned char digest2[64];
-    unsigned int digestSz2 = 64;
-
-    HMAC_CTX_init(&ctx1);
-
-    AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx1);
-
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz2), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx2);
-
-    AssertIntEQ(digestSz, digestSz2);
-    AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
-    /* test HMAC_Init with NULL key */
-
-    /* init after copy */
-    HMAC_CTX_init(&ctx1);
-    AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
-    AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx1);
-
-    AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx2);
-
-    AssertIntEQ(digestSz, digestSz2);
-    AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
-    /* long key */
-    HMAC_CTX_init(&ctx1);
-    AssertIntEQ(HMAC_Init(&ctx1, (const void*)long_key, long_keySz, type), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
-    AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx1);
-
-    AssertIntEQ(HMAC_Init(&ctx2, NULL, 0, NULL), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx2);
-
-    AssertIntEQ(digestSz, digestSz2);
-    AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
-    /* init before copy */
-    HMAC_CTX_init(&ctx1);
-    AssertIntEQ(HMAC_Init(&ctx1, (const void*)key, keySz, type), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Init(&ctx1, NULL, 0, NULL), SSL_SUCCESS);
-    AssertIntEQ(HMAC_CTX_copy(&ctx2, &ctx1), SSL_SUCCESS);
-
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx1, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx1, digest, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx1);
-
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Update(&ctx2, msg, msgSz), SSL_SUCCESS);
-    AssertIntEQ(HMAC_Final(&ctx2, digest2, &digestSz), SSL_SUCCESS);
-    HMAC_CTX_cleanup(&ctx2);
-
-    AssertIntEQ(digestSz, digestSz2);
-    AssertIntEQ(XMEMCMP(digest, digest2, digestSz), 0);
-
-    return digestSz;
+    return EXPECT_RESULT();
 }
-#endif /* defined(OPENSSL_EXTRA) && !defined(NO_HMAC) */
 
-static int test_wolfSSL_HMAC_CTX(void)
+static int test_wolfSSL_verify_result(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_HMAC)
-    unsigned char digest[64];
-    int digestSz;
-
-    #ifndef NO_SHA
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha1(), digest)), 20);
-    AssertIntEQ(XMEMCMP("\xD9\x68\x77\x23\x70\xFB\x53\x70\x53\xBA\x0E\xDC\xDA"
-                          "\xBF\x03\x98\x31\x19\xB2\xCC", digest, digestSz), 0);
-    #endif /* !NO_SHA */
-    #ifdef WOLFSSL_SHA224
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha224(), digest)), 28);
-    AssertIntEQ(XMEMCMP("\x57\xFD\xF4\xE1\x2D\xB0\x79\xD7\x4B\x25\x7E\xB1\x95"
-                          "\x9C\x11\xAC\x2D\x1E\x78\x94\x4F\x3A\x0F\xED\xF8\xAD"
-                          "\x02\x0E", digest, digestSz), 0);
-
-    #endif /* WOLFSSL_SHA224 */
-    #ifndef NO_SHA256
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha256(), digest)), 32);
-    AssertIntEQ(XMEMCMP("\x13\xAB\x76\x91\x0C\x37\x86\x8D\xB3\x7E\x30\x0C\xFC"
-                          "\xB0\x2E\x8E\x4A\xD7\xD4\x25\xCC\x3A\xA9\x0F\xA2\xF2"
-                          "\x47\x1E\x62\x6F\x5D\xF2", digest, digestSz), 0);
+    EXPECT_DECLS;
+#if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+    defined(OPENSSL_ALL)) && !defined(NO_WOLFSSL_CLIENT)
+    WOLFSSL*     ssl = NULL;
+    WOLFSSL_CTX* ctx = NULL;
+    long         result = 0xDEADBEEF;
 
-    #endif /* !NO_SHA256 */
+    ExpectIntEQ(WOLFSSL_FAILURE, wolfSSL_get_verify_result(ssl));
 
-    #ifdef WOLFSSL_SHA384
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha384(), digest)), 48);
-    AssertIntEQ(XMEMCMP("\x9E\xCB\x07\x0C\x11\x76\x3F\x23\xC3\x25\x0E\xC4\xB7"
-                          "\x28\x77\x95\x99\xD5\x9D\x7A\xBB\x1A\x9F\xB7\xFD\x25"
-                          "\xC9\x72\x47\x9F\x8F\x86\x76\xD6\x20\x57\x87\xB7\xE7"
-                          "\xCD\xFB\xC2\xCC\x9F\x2B\xC5\x41\xAB",
-                          digest, digestSz), 0);
-    #endif /* WOLFSSL_SHA384 */
-    #ifdef WOLFSSL_SHA512
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_sha512(), digest)), 64);
-    AssertIntEQ(XMEMCMP("\xD4\x21\x0C\x8B\x60\x6F\xF4\xBF\x07\x2F\x26\xCC\xAD"
-                          "\xBC\x06\x0B\x34\x78\x8B\x4F\xD6\xC0\x42\xF1\x33\x10"
-                          "\x6C\x4F\x1E\x55\x59\xDD\x2A\x9F\x15\x88\x62\xF8\x60"
-                          "\xA3\x99\x91\xE2\x08\x7B\xF7\x95\x3A\xB0\x92\x48\x60"
-                          "\x88\x8B\x5B\xB8\x5F\xE9\xB6\xB1\x96\xE3\xB5\xF0",
-                          digest, digestSz), 0);
-    #endif /* WOLFSSL_SHA512 */
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    ExpectNotNull(ssl = SSL_new(ctx));
 
-    #if !defined(NO_MD5) && (!defined(HAVE_FIPS_VERSION) || HAVE_FIPS_VERSION <= 2)
-    AssertIntEQ((digestSz = test_HMAC_CTX_helper(EVP_md5(), digest)), 16);
-    AssertIntEQ(XMEMCMP("\xB7\x27\xC4\x41\xE5\x2E\x62\xBA\x54\xED\x72\x70\x9F"
-                          "\xE4\x98\xDD", digest, digestSz), 0);
-    #endif /* !NO_MD5 */
+    wolfSSL_set_verify_result(ssl, result);
+    ExpectIntEQ(result, wolfSSL_get_verify_result(ssl));
 
-    res = TEST_RES_CHECK(1);
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
@@ -47358,124 +46615,21 @@ static void sslMsgCb(int w, int version, int type, const void* buf,
 
 static int test_wolfSSL_msg_callback(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_CLIENT)
-    WOLFSSL*     ssl;
-    WOLFSSL_CTX* ctx;
-
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
-                SSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
-                SSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0),
-                SSL_SUCCESS);
+    WOLFSSL*     ssl = NULL;
+    WOLFSSL_CTX* ctx = NULL;
 
-    AssertNotNull(ssl = SSL_new(ctx));
-    AssertIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
-    AssertIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
-    AssertIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_set_msg_callback(ssl, NULL), SSL_SUCCESS);
+    ExpectIntEQ(SSL_set_msg_callback(ssl, &sslMsgCb), SSL_SUCCESS);
+    ExpectIntEQ(SSL_set_msg_callback(NULL, &sslMsgCb), SSL_FAILURE);
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_SHA(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(HAVE_SELFTEST)
-    #if !defined(NO_SHA) && defined(NO_OLD_SHA_NAMES) && \
-        (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
-    {
-        const unsigned char in[] = "abc";
-        unsigned char expected[] = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-                                    "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D";
-        unsigned char out[WC_SHA_DIGEST_SIZE];
-
-        XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
-        AssertNotNull(SHA1(in, XSTRLEN((char*)in), out));
-        AssertIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
-
-        /* SHA interface test */
-        XMEMSET(out, 0, WC_SHA_DIGEST_SIZE);
-
-        AssertNull(SHA(NULL, XSTRLEN((char*)in), out));
-        AssertNotNull(SHA(in, 0, out));
-        AssertNotNull(SHA(in, XSTRLEN((char*)in), NULL));
-        AssertNotNull(SHA(NULL, 0, out));
-        AssertNotNull(SHA(NULL, 0, NULL));
-
-        AssertNotNull(SHA(in, XSTRLEN((char*)in), out));
-        AssertIntEQ(XMEMCMP(out, expected, WC_SHA_DIGEST_SIZE), 0);
-    }
-    #endif
-
-    #if !defined(NO_SHA256)
-    {
-        const unsigned char in[] = "abc";
-        unsigned char expected[] = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
-            "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
-            "\x15\xAD";
-        unsigned char out[WC_SHA256_DIGEST_SIZE];
-
-        XMEMSET(out, 0, WC_SHA256_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
-        AssertNotNull(SHA256(in, XSTRLEN((char*)in), out));
-#else
-        AssertNotNull(wolfSSL_SHA256(in, XSTRLEN((char*)in), out));
 #endif
-        AssertIntEQ(XMEMCMP(out, expected, WC_SHA256_DIGEST_SIZE), 0);
-    }
-    #endif
-
-    #if defined(WOLFSSL_SHA384)
-    {
-        const unsigned char in[] = "abc";
-        unsigned char expected[] = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
-            "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
-            "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
-            "\xc8\x25\xa7";
-        unsigned char out[WC_SHA384_DIGEST_SIZE];
-
-        XMEMSET(out, 0, WC_SHA384_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
-        AssertNotNull(SHA384(in, XSTRLEN((char*)in), out));
-#else
-        AssertNotNull(wolfSSL_SHA384(in, XSTRLEN((char*)in), out));
-#endif
-        AssertIntEQ(XMEMCMP(out, expected, WC_SHA384_DIGEST_SIZE), 0);
-    }
-    #endif
-
-    #if defined(WOLFSSL_SHA512)
-    {
-        const unsigned char in[] = "abc";
-        unsigned char expected[] = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
-           "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
-            "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
-            "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
-            "\xa5\x4c\xa4\x9f";
-        unsigned char out[WC_SHA512_DIGEST_SIZE];
-
-        XMEMSET(out, 0, WC_SHA512_DIGEST_SIZE);
-#if !defined(NO_OLD_NAMES) && !defined(HAVE_FIPS)
-        AssertNotNull(SHA512(in, XSTRLEN((char*)in), out));
-#else
-        AssertNotNull(wolfSSL_SHA512(in, XSTRLEN((char*)in), out));
-#endif
-        AssertIntEQ(XMEMCMP(out, expected, WC_SHA512_DIGEST_SIZE), 0);
-    }
-    #endif
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* test_EVP_Cipher_extra, Extra-test on EVP_CipherUpdate/Final. see also test.c */
@@ -47555,10 +46709,9 @@ static void set_plain(unsigned char *plain, int rec)
 
 static int test_wolfSSL_EVP_Cipher_extra(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) &&\
     (!defined(NO_AES) && defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128))
-
     /* aes128-cbc, keylen=16, ivlen=16 */
     byte aes128_cbc_key[] = {
         0x12, 0x34, 0x56, 0x78, 0x90, 0xab, 0xcd, 0xef,
@@ -47598,7 +46751,8 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
 
     byte inb[BUFFSZ];
     byte outb[BUFFSZ+16];
-    int outl, inl;
+    int outl = 0;
+    int inl;
 
     iv = aes128_cbc_iv;
     ivlen = sizeof(aes128_cbc_iv);
@@ -47610,33 +46764,34 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
 
     SSL_library_init();
 
-    AssertNotNull(evp = EVP_CIPHER_CTX_new());
-    AssertIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
+    ExpectNotNull(evp = EVP_CIPHER_CTX_new());
+    ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
 
-    AssertIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
+    ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
 
     klen = EVP_CIPHER_CTX_key_length(evp);
     if (klen > 0 && keylen != klen) {
-        AssertIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
+        ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
     }
     ilen = EVP_CIPHER_CTX_iv_length(evp);
     if (ilen > 0 && ivlen != ilen) {
-        AssertIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
+        ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
     }
 
-    AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+    ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
 
     for (j = 0; j<RECORDS; j++)
     {
         inl = BUFFSZ;
         get_record(plain, inb, inl);
-        AssertIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, inb, inl)), 0);
+        ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, inb, inl)), 0);
         set_record(cipher, outb, outl);
     }
 
     for (i = 0; test_drive[i]; i++) {
 
-    AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+        ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+
         init_offset();
         test_drive_len[i] = 0;
 
@@ -47646,7 +46801,8 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
             test_drive_len[i] += inl;
 
             get_record(plain, inb, inl);
-        AssertIntNE((ret = EVP_EncryptUpdate(evp, outb, &outl, inb, inl)), 0);
+            ExpectIntNE((ret = EVP_EncryptUpdate(evp, outb, &outl, inb, inl)),
+                0);
             /* output to cipher buffer, so that following Dec test can detect
                if any error */
             set_record(cipher, outb, outl);
@@ -47659,10 +46815,9 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
     }
 
     for (i = 0; test_drive[i]; i++) {
+        last_val = 0x0f;
 
-            last_val = 0x0f;
-
-        AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0);
+        ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 0)), 0);
 
         init_offset();
 
@@ -47670,61 +46825,63 @@ static int test_wolfSSL_EVP_Cipher_extra(void)
             inl = test_drive[i][j];
             get_record(cipher, inb, inl);
 
-            AssertIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)), 0);
+            ExpectIntNE((ret = EVP_DecryptUpdate(evp, outb, &outl, inb, inl)),
+                0);
 
             binary_dump(outb, outl);
-            AssertIntEQ((ret = check_result(outb, outl)), 0);
-            AssertFalse(outl > ((inl/16+1)*16) && outl > 16);
+            ExpectIntEQ((ret = check_result(outb, outl)), 0);
+            ExpectFalse(outl > ((inl/16+1)*16) && outl > 16);
         }
 
         ret = EVP_CipherFinal(evp, outb, &outl);
+
         binary_dump(outb, outl);
 
         ret = (((test_drive_len[i] % 16) != 0) && (ret == 0)) ||
                  (((test_drive_len[i] % 16) == 0) && (ret == 1));
-        AssertTrue(ret);
+        ExpectTrue(ret);
     }
 
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(evp), WOLFSSL_SUCCESS);
 
     EVP_CIPHER_CTX_free(evp);
+    evp = NULL;
 
     /* Do an extra test to verify correct behavior with empty input. */
 
-    AssertNotNull(evp = EVP_CIPHER_CTX_new());
-    AssertIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
+    ExpectNotNull(evp = EVP_CIPHER_CTX_new());
+    ExpectIntNE((ret = EVP_CipherInit(evp, type, NULL, iv, 0)), 0);
 
-    AssertIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
+    ExpectIntEQ(EVP_CIPHER_CTX_nid(evp), NID_aes_128_cbc);
 
     klen = EVP_CIPHER_CTX_key_length(evp);
     if (klen > 0 && keylen != klen) {
-        AssertIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
+        ExpectIntNE(EVP_CIPHER_CTX_set_key_length(evp, keylen), 0);
     }
     ilen = EVP_CIPHER_CTX_iv_length(evp);
     if (ilen > 0 && ivlen != ilen) {
-        AssertIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
+        ExpectIntNE(EVP_CIPHER_CTX_set_iv_length(evp, ivlen), 0);
     }
 
-    AssertIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
+    ExpectIntNE((ret = EVP_CipherInit(evp, NULL, key, iv, 1)), 0);
 
     /* outl should be set to 0 after passing NULL, 0 for input args. */
     outl = -1;
-    AssertIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0);
-    AssertIntEQ(outl, 0);
+    ExpectIntNE((ret = EVP_CipherUpdate(evp, outb, &outl, NULL, 0)), 0);
+    ExpectIntEQ(outl, 0);
 
     EVP_CIPHER_CTX_free(evp);
-
-    res = TEST_RES_CHECK(1);
 #endif /* test_EVP_Cipher */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_DHparams(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && \
     !defined(NO_FILESYSTEM)
-    DH* dh;
-    XFILE fp;
+    DH* dh = NULL;
+    XFILE fp = XBADFILE;
     unsigned char derOut[300];
     unsigned char* derOutBuf = derOut;
     int derOutSz = 0;
@@ -47736,618 +46893,145 @@ static int test_wolfSSL_PEM_read_DHparams(void)
     XMEMSET(derExpected, 0, sizeof(derExpected));
 
     /* open DH param file, read into DH struct */
-    AssertNotNull(fp = XFOPEN(dhParamFile, "rb"));
+    ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
 
     /* bad args */
-    AssertNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL));
-    AssertNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL));
+    ExpectNull(dh = PEM_read_DHparams(NULL, &dh, NULL, NULL));
+    ExpectNull(dh = PEM_read_DHparams(NULL, NULL, NULL, NULL));
 
     /* good args */
-    AssertNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
-    XFCLOSE(fp);
+    ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
 
     /* read in certs/dh2048.der for comparison against exported params */
-    fp = XFOPEN("./certs/dh2048.der", "rb");
-    AssertTrue(fp != XBADFILE);
-    derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected), fp);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
+    ExpectIntGT(derExpectedSz = (int)XFREAD(derExpected, 1, sizeof(derExpected),
+        fp), 0);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
 
     /* export DH back to DER and compare */
     derOutSz = wolfSSL_i2d_DHparams(dh, &derOutBuf);
-    AssertIntEQ(derOutSz, derExpectedSz);
-    AssertIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
+    ExpectIntEQ(derOutSz, derExpectedSz);
+    ExpectIntEQ(XMEMCMP(derOut, derExpected, derOutSz), 0);
 
     DH_free(dh);
     dh = NULL;
 
     /* Test parsing with X9.42 header */
-    fp = XFOPEN("./certs/x942dh2048.pem", "rb");
-    AssertNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/x942dh2048.pem", "rb")) != XBADFILE);
+    ExpectNotNull(dh = PEM_read_DHparams(fp, &dh, NULL, NULL));
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 
     DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_AES_ecb_encrypt(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AES_ECB)
-    AES_KEY aes;
-    const byte msg[] =
-    {
-      0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
-      0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
-    };
-
-    const byte verify[] =
-    {
-        0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
-        0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
-    };
-
-    const byte key[] =
-    {
-      0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
-      0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
-      0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
-      0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
-    };
-
-
-    byte out[AES_BLOCK_SIZE];
-
-    AssertIntEQ(AES_set_encrypt_key(key, sizeof(key)*8, &aes), 0);
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    AES_ecb_encrypt(msg, out, &aes, AES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(out, verify, AES_BLOCK_SIZE), 0);
-
-#ifdef HAVE_AES_DECRYPT
-    AssertIntEQ(AES_set_decrypt_key(key, sizeof(key)*8, &aes), 0);
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    AES_ecb_encrypt(verify, out, &aes, AES_DECRYPT);
-    AssertIntEQ(XMEMCMP(out, msg, AES_BLOCK_SIZE), 0);
-#endif
-
-    /* test bad arguments */
-    AES_ecb_encrypt(NULL, out, &aes, AES_DECRYPT);
-    AES_ecb_encrypt(verify, NULL, &aes, AES_DECRYPT);
-    AES_ecb_encrypt(verify, out, NULL, AES_DECRYPT);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_MD5(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
-    byte input1[] = "";
-    byte input2[] = "message digest";
-    byte hash[WC_MD5_DIGEST_SIZE];
-    unsigned char output1[] =
-        "\xd4\x1d\x8c\xd9\x8f\x00\xb2\x04\xe9\x80\x09\x98\xec\xf8\x42\x7e";
-    unsigned char output2[] =
-        "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61\xd0";
-    WOLFSSL_MD5_CTX md5;
-
-    XMEMSET(&md5, 0, sizeof(md5));
-
-    /* Test cases for illegal parameters */
-    AssertIntEQ(MD5_Init(NULL), 0);
-    AssertIntEQ(MD5_Init(&md5), 1);
-    AssertIntEQ(MD5_Update(NULL, input1, 0), 0);
-    AssertIntEQ(MD5_Update(NULL, NULL, 0), 0);
-    AssertIntEQ(MD5_Update(&md5, NULL, 1), 0);
-    AssertIntEQ(MD5_Final(NULL, &md5), 0);
-    AssertIntEQ(MD5_Final(hash, NULL), 0);
-    AssertIntEQ(MD5_Final(NULL, NULL), 0);
-
-    /* Init MD5 CTX */
-    AssertIntEQ(wolfSSL_MD5_Init(&md5), 1);
-    AssertIntEQ(wolfSSL_MD5_Update(&md5, input1,
-                                        XSTRLEN((const char*)&input1)), 1);
-    AssertIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
-    AssertIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
-
-    /* Init MD5 CTX */
-    AssertIntEQ(wolfSSL_MD5_Init(&md5), 1);
-    AssertIntEQ(wolfSSL_MD5_Update(&md5, input2,
-                                    (int)XSTRLEN((const char*)input2)), 1);
-    AssertIntEQ(wolfSSL_MD5_Final(hash, &md5), 1);
-    AssertIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
-#if !defined(NO_OLD_NAMES) && \
-  (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
-    AssertPtrNE(MD5(NULL, 1, (byte*)&hash), &hash);
-    AssertPtrEq(MD5(input1, 0, (byte*)&hash), &hash);
-    AssertPtrNE(MD5(input1, 1, NULL), NULL);
-    AssertPtrNE(MD5(NULL, 0, NULL), NULL);
-
-    AssertPtrEq(MD5(input1, (int)XSTRLEN((const char*)&input1), (byte*)&hash), &hash);
-    AssertIntEQ(XMEMCMP(&hash, output1, WC_MD5_DIGEST_SIZE), 0);
-
-    AssertPtrEq(MD5(input2, (int)XSTRLEN((const char*)&input2), (byte*)&hash), &hash);
-    AssertIntEQ(XMEMCMP(&hash, output2, WC_MD5_DIGEST_SIZE), 0);
-    {
-        byte data[] = "Data to be hashed.";
-        XMEMSET(hash, 0, WC_MD5_DIGEST_SIZE);
-
-        AssertNotNull(MD5(data, sizeof(data), NULL));
-        AssertNotNull(MD5(data, sizeof(data), hash));
-        AssertNotNull(MD5(NULL, 0, hash));
-        AssertNull(MD5(NULL, sizeof(data), hash));
-    }
-#endif
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_MD5_Transform(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_MD5)
-    byte input1[] = "";
-    byte input2[] = "abc";
-    byte local[WC_MD5_BLOCK_SIZE];
-    word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
-    unsigned char output1[] =
-        "\x03\x1f\x1d\xac\x6e\xa5\x8e\xd0\x1f\xab\x67\xb7\x74\x31\x77\x91";
-    unsigned char output2[] =
-        "\xef\xd3\x79\x8d\x67\x17\x25\x90\xa4\x13\x79\xc7\xe3\xa7\x7b\xbc";
-#else
-    unsigned char output1[] =
-        "\xac\x1d\x1f\x03\xd0\x8e\xa5\x6e\xb7\x67\xab\x1f\x91\x77\x31\x74";
-    unsigned char output2[] =
-        "\x8d\x79\xd3\xef\x90\x25\x17\x67\xc7\x79\x13\xa4\xbc\x7b\xa7\xe3";
-#endif
-
-    union {
-        wc_Md5 native;
-        MD5_CTX compat;
-    } md5;
-
-    XMEMSET(&md5.compat, 0, sizeof(md5.compat));
-    XMEMSET(&local, 0, sizeof(local));
-
-    /* sanity check */
-    AssertIntEQ(MD5_Transform(NULL, NULL), 0);
-    AssertIntEQ(MD5_Transform(NULL, (const byte*)&input1), 0);
-    AssertIntEQ(MD5_Transform(&md5.compat, NULL), 0);
-    AssertIntEQ(wc_Md5Transform(NULL, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Md5Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Md5Transform(&md5.native, NULL), BAD_FUNC_ARG);
-
-    /* Init MD5 CTX */
-    AssertIntEQ(wolfSSL_MD5_Init(&md5.compat), 1);
-    /* Do Transform*/
-    sLen = (word32)XSTRLEN((char*)input1);
-    XMEMCPY(local, input1, sLen);
-    AssertIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
-
-    AssertIntEQ(XMEMCMP(md5.native.digest, output1,
-                                                    WC_MD5_DIGEST_SIZE), 0);
-
-    /* Init MD5 CTX */
-    AssertIntEQ(MD5_Init(&md5.compat), 1);
-    sLen = (word32)XSTRLEN((char*)input2);
-    XMEMSET(local, 0, WC_MD5_BLOCK_SIZE);
-    XMEMCPY(local, input2, sLen);
-    AssertIntEQ(MD5_Transform(&md5.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(md5.native.digest, output2,
-                                                    WC_MD5_DIGEST_SIZE), 0);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_SHA224(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA224) && \
-    !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-    (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2))
-    unsigned char input[] =
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
-    unsigned char output[] =
-         "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
-         "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25";
-    size_t inLen;
-    byte hash[WC_SHA224_DIGEST_SIZE];
-
-    inLen  = XSTRLEN((char*)input);
-
-    XMEMSET(hash, 0, WC_SHA224_DIGEST_SIZE);
-
-    AssertNull(SHA224(NULL, inLen, hash));
-    AssertNotNull(SHA224(input, 0, hash));
-    AssertNotNull(SHA224(input, inLen, NULL));
-    AssertNotNull(SHA224(NULL, 0, hash));
-    AssertNotNull(SHA224(NULL, 0, NULL));
-
-    AssertNotNull(SHA224(input, inLen, hash));
-    AssertIntEQ(XMEMCMP(hash, output, WC_SHA224_DIGEST_SIZE), 0);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-static int test_wolfSSL_SHA_Transform(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-    byte input1[] = "";
-    byte input2[] = "abc";
-    byte local[WC_SHA_BLOCK_SIZE];
-    word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
-    unsigned char output1[] =
-        "\x92\xb4\x04\xe5\x56\x58\x8c\xed\x6c\x1a\xcd\x4e\xbf\x05\x3f\x68"
-        "\x09\xf7\x3a\x93";
-    unsigned char output2[] =
-        "\x97\xb2\x74\x8b\x4f\x5b\xbc\xca\x5b\xc0\xe6\xea\x2d\x40\xb4\xa0"
-        "\x7c\x6e\x08\xb8";
-#else
-    unsigned char output1[] =
-        "\xe5\x04\xb4\x92\xed\x8c\x58\x56\x4e\xcd\x1a\x6c\x68\x3f\x05\xbf"
-        "\x93\x3a\xf7\x09";
-    unsigned char output2[] =
-        "\x8b\x74\xb2\x97\xca\xbc\x5b\x4f\xea\xe6\xc0\x5b\xa0\xb4\x40\x2d"
-        "\xb8\x08\x6e\x7c";
-#endif
-
-    union {
-        wc_Sha native;
-        SHA_CTX compat;
-    } sha;
-    union {
-        wc_Sha native;
-        SHA_CTX compat;
-    } sha1;
-
-    XMEMSET(&sha.compat, 0, sizeof(sha.compat));
-    XMEMSET(&local, 0, sizeof(local));
-
-    /* sanity check */
-    AssertIntEQ(SHA_Transform(NULL, NULL), 0);
-    AssertIntEQ(SHA_Transform(NULL, (const byte*)&input1), 0);
-    AssertIntEQ(SHA_Transform(&sha.compat, NULL), 0);
-    AssertIntEQ(SHA1_Transform(NULL, NULL), 0);
-    AssertIntEQ(SHA1_Transform(NULL, (const byte*)&input1), 0);
-    AssertIntEQ(SHA1_Transform(&sha.compat, NULL), 0);
-    AssertIntEQ(wc_ShaTransform(NULL, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wc_ShaTransform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
-    AssertIntEQ(wc_ShaTransform(&sha.native, NULL), BAD_FUNC_ARG);
-
-    /* Init SHA CTX */
-    AssertIntEQ(SHA_Init(&sha.compat), 1);
-    /* Do Transform*/
-    sLen = (word32)XSTRLEN((char*)input1);
-    XMEMCPY(local, input1, sLen);
-    AssertIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha.native.digest, output1,
-                                                        WC_SHA_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
-
-    /* Init SHA CTX */
-    AssertIntEQ(SHA_Init(&sha.compat), 1);
-    sLen = (word32)XSTRLEN((char*)input2);
-    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
-    XMEMCPY(local, input2, sLen);
-    AssertIntEQ(SHA_Transform(&sha.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha.native.digest, output2,
-                                                        WC_SHA_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA_Final(local, &sha.compat), 1); /* frees resources */
-
-    /* SHA1 */
-    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
-    /* Init SHA CTX */
-    AssertIntEQ(SHA1_Init(&sha1.compat), 1);
-    /* Do Transform*/
-    sLen = (word32)XSTRLEN((char*)input1);
-    XMEMCPY(local, input1, sLen);
-    AssertIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha1.native.digest, output1,
-                                                        WC_SHA_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
-
-    /* Init SHA CTX */
-    AssertIntEQ(SHA1_Init(&sha1.compat), 1);
-    sLen = (word32)XSTRLEN((char*)input2);
-    XMEMSET(local, 0, WC_SHA_BLOCK_SIZE);
-    XMEMCPY(local, input2, sLen);
-    AssertIntEQ(SHA1_Transform(&sha1.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha1.native.digest, output2,
-                                                        WC_SHA_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA_Final(local, &sha1.compat), 1); /* frees resources */
-
-    res = TEST_RES_CHECK(1);
-#endif
-#endif
-    return res;
-}
-
-static int test_wolfSSL_SHA256_Transform(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
-        !defined(WOLFSSL_DEVCRYPTO_HASH) && !defined(WOLFSSL_AFALG_HASH) && \
-        !defined(WOLFSSL_KCAPI_HASH)
-    byte input1[] = "";
-    byte input2[] = "abc";
-    byte local[WC_SHA256_BLOCK_SIZE];
-    word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
-    unsigned char output1[] =
-        "\xda\x56\x98\xbe\x17\xb9\xb4\x69\x62\x33\x57\x99\x77\x9f\xbe\xca"
-        "\x8c\xe5\xd4\x91\xc0\xd2\x62\x43\xba\xfe\xf9\xea\x18\x37\xa9\xd8";
-    unsigned char output2[] =
-        "\x1d\x4e\xd4\x67\x67\x7c\x61\x67\x44\x10\x76\x26\x78\x10\xff\xb8"
-        "\x40\xc8\x9a\x39\x73\x16\x60\x8c\xa6\x61\xd6\x05\x91\xf2\x8c\x35";
-#else
-    unsigned char output1[] =
-        "\xbe\x98\x56\xda\x69\xb4\xb9\x17\x99\x57\x33\x62\xca\xbe\x9f\x77"
-        "\x91\xd4\xe5\x8c\x43\x62\xd2\xc0\xea\xf9\xfe\xba\xd8\xa9\x37\x18";
-    unsigned char output2[] =
-        "\x67\xd4\x4e\x1d\x67\x61\x7c\x67\x26\x76\x10\x44\xb8\xff\x10\x78"
-        "\x39\x9a\xc8\x40\x8c\x60\x16\x73\x05\xd6\x61\xa6\x35\x8c\xf2\x91";
-#endif
-    union {
-        wc_Sha256 native;
-        SHA256_CTX compat;
-    } sha256;
-
-    XMEMSET(&sha256.compat, 0, sizeof(sha256.compat));
-    XMEMSET(&local, 0, sizeof(local));
-
-    /* sanity check */
-    AssertIntEQ(SHA256_Transform(NULL, NULL), 0);
-    AssertIntEQ(SHA256_Transform(NULL, (const byte*)&input1), 0);
-    AssertIntEQ(SHA256_Transform(&sha256.compat, NULL), 0);
-    AssertIntEQ(wc_Sha256Transform(NULL, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Sha256Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Sha256Transform(&sha256.native, NULL), BAD_FUNC_ARG);
-
-    /* Init SHA256 CTX */
-    AssertIntEQ(SHA256_Init(&sha256.compat), 1);
-    /* Do Transform*/
-    sLen = (word32)XSTRLEN((char*)input1);
-    XMEMCPY(local, input1, sLen);
-    AssertIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha256.native.digest, output1,
-                                                    WC_SHA256_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
-
-    /* Init SHA256 CTX */
-    AssertIntEQ(SHA256_Init(&sha256.compat), 1);
-    sLen = (word32)XSTRLEN((char*)input2);
-    XMEMSET(local, 0, WC_SHA256_BLOCK_SIZE);
-    XMEMCPY(local, input2, sLen);
-    AssertIntEQ(SHA256_Transform(&sha256.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha256.native.digest, output2,
-                                                    WC_SHA256_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA256_Final(local, &sha256.compat), 1); /* frees resources */
-
-    res = TEST_RES_CHECK(1);
-#endif
 #endif
-    return res;
-}
-
-static int test_wolfSSL_SHA256(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_SHA256) && \
-    defined(NO_OLD_SHA_NAMES) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-    unsigned char input[] =
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
-    unsigned char output[] =
-        "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
-        "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
-        "\x06\xC1";
-    size_t inLen;
-    byte hash[WC_SHA256_DIGEST_SIZE];
-
-    inLen  = XSTRLEN((char*)input);
-
-    XMEMSET(hash, 0, WC_SHA256_DIGEST_SIZE);
-    AssertNotNull(SHA256(input, inLen, hash));
-    AssertIntEQ(XMEMCMP(hash, output, WC_SHA256_DIGEST_SIZE), 0);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-static int test_wolfSSL_SHA512_Transform(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA512)
-#if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
-        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
-        !defined(WOLFSSL_KCAPI_HASH)
-    byte input1[] = "";
-    byte input2[] = "abc";
-    byte local[WC_SHA512_BLOCK_SIZE];
-    word32 sLen = 0;
-#ifdef BIG_ENDIAN_ORDER
-    unsigned char output1[] =
-        "\xcf\x78\x81\xd5\x77\x4a\xcb\xe8\x53\x33\x62\xe0\xfb\xc7\x80\x70"
-        "\x02\x67\x63\x9d\x87\x46\x0e\xda\x30\x86\xcb\x40\xe8\x59\x31\xb0"
-        "\x71\x7d\xc9\x52\x88\xa0\x23\xa3\x96\xba\xb2\xc1\x4c\xe0\xb5\xe0"
-        "\x6f\xc4\xfe\x04\xea\xe3\x3e\x0b\x91\xf4\xd8\x0c\xbd\x66\x8b\xee";
-   unsigned char output2[] =
-        "\x11\x10\x93\x4e\xeb\xa0\xcc\x0d\xfd\x33\x43\x9c\xfb\x04\xc8\x21"
-        "\xa9\xb4\x26\x3d\xca\xab\x31\x41\xe2\xc6\xaa\xaf\xe1\x67\xd7\xab"
-        "\x31\x8f\x2e\x54\x2c\xba\x4e\x83\xbe\x88\xec\x9d\x8f\x2b\x38\x98"
-        "\x14\xd2\x4e\x9d\x53\x8b\x5e\x4d\xde\x68\x6c\x69\xaf\x20\x96\xf0";
-#else
-    unsigned char output1[] =
-        "\xe8\xcb\x4a\x77\xd5\x81\x78\xcf\x70\x80\xc7\xfb\xe0\x62\x33\x53"
-        "\xda\x0e\x46\x87\x9d\x63\x67\x02\xb0\x31\x59\xe8\x40\xcb\x86\x30"
-        "\xa3\x23\xa0\x88\x52\xc9\x7d\x71\xe0\xb5\xe0\x4c\xc1\xb2\xba\x96"
-        "\x0b\x3e\xe3\xea\x04\xfe\xc4\x6f\xee\x8b\x66\xbd\x0c\xd8\xf4\x91";
-   unsigned char output2[] =
-        "\x0d\xcc\xa0\xeb\x4e\x93\x10\x11\x21\xc8\x04\xfb\x9c\x43\x33\xfd"
-        "\x41\x31\xab\xca\x3d\x26\xb4\xa9\xab\xd7\x67\xe1\xaf\xaa\xc6\xe2"
-        "\x83\x4e\xba\x2c\x54\x2e\x8f\x31\x98\x38\x2b\x8f\x9d\xec\x88\xbe"
-        "\x4d\x5e\x8b\x53\x9d\x4e\xd2\x14\xf0\x96\x20\xaf\x69\x6c\x68\xde";
-#endif
-    union {
-        wc_Sha512 native;
-        SHA512_CTX compat;
-    } sha512;
-
-    XMEMSET(&sha512.compat, 0, sizeof(sha512.compat));
-    XMEMSET(&local, 0, sizeof(local));
-
-    /* sanity check */
-    AssertIntEQ(SHA512_Transform(NULL, NULL), 0);
-    AssertIntEQ(SHA512_Transform(NULL, (const byte*)&input1), 0);
-    AssertIntEQ(SHA512_Transform(&sha512.compat, NULL), 0);
-    AssertIntEQ(wc_Sha512Transform(NULL, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Sha512Transform(NULL, (const byte*)&input1), BAD_FUNC_ARG);
-    AssertIntEQ(wc_Sha512Transform(&sha512.native, NULL), BAD_FUNC_ARG);
-
-    /* Init SHA512 CTX */
-    AssertIntEQ(wolfSSL_SHA512_Init(&sha512.compat), 1);
-
-    /* Do Transform*/
-    sLen = (word32)XSTRLEN((char*)input1);
-    XMEMCPY(local, input1, sLen);
-    AssertIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha512.native.digest, output1,
-                                                    WC_SHA512_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
-
-    /* Init SHA512 CTX */
-    AssertIntEQ(SHA512_Init(&sha512.compat), 1);
-    sLen = (word32)XSTRLEN((char*)input2);
-    XMEMSET(local, 0, WC_SHA512_BLOCK_SIZE);
-    XMEMCPY(local, input2, sLen);
-    AssertIntEQ(SHA512_Transform(&sha512.compat, (const byte*)&local[0]), 1);
-    AssertIntEQ(XMEMCMP(sha512.native.digest, output2,
-                                                    WC_SHA512_DIGEST_SIZE), 0);
-    AssertIntEQ(SHA512_Final(local, &sha512.compat), 1); /* frees resources */
-
-    (void)input1;
-
-    res = TEST_RES_CHECK(1);
-#endif
-#endif
-    return res;
-}
 
 static int test_wolfSSL_X509_get_serialNumber(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
-    ASN1_INTEGER* a;
-    BIGNUM* bn;
-    X509*   x509;
-    char *serialHex;
+    ASN1_INTEGER* a = NULL;
+    BIGNUM* bn = NULL;
+    X509*   x509 = NULL;
+    char *serialHex = NULL;
     byte serial[3];
     int  serialSz;
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
-                                                      SSL_FILETYPE_PEM));
-    AssertNotNull(a = X509_get_serialNumber(x509));
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        SSL_FILETYPE_PEM));
+    ExpectNotNull(a = X509_get_serialNumber(x509));
 
     /* check on value of ASN1 Integer */
-    AssertNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
-
+    ExpectNotNull(bn = ASN1_INTEGER_to_BN(a, NULL));
+    a = NULL;
 
     /* test setting serial number and then retrieving it */
-    AssertNotNull(a = ASN1_INTEGER_new());
-    ASN1_INTEGER_set(a, 3);
-    AssertIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
+    ExpectNotNull(a = ASN1_INTEGER_new());
+    ExpectIntEQ(ASN1_INTEGER_set(a, 3), 1);
+    ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
     serialSz = sizeof(serial);
-    AssertIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
-            WOLFSSL_SUCCESS);
-    AssertIntEQ(serialSz, 1);
-    AssertIntEQ(serial[0], 3);
+    ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(serialSz, 1);
+    ExpectIntEQ(serial[0], 3);
     ASN1_INTEGER_free(a);
+    a = NULL;
 
     /* test setting serial number with 0's in it */
     serial[0] = 0x01;
     serial[1] = 0x00;
     serial[2] = 0x02;
 
-    AssertNotNull(a = wolfSSL_ASN1_INTEGER_new());
-    a->data[0] = ASN_INTEGER;
-    a->data[1] = sizeof(serial);
-    XMEMCPY(&a->data[2], serial, sizeof(serial));
-    a->length = sizeof(serial) + 2;
-    AssertIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
+    ExpectNotNull(a = wolfSSL_ASN1_INTEGER_new());
+    if (a != NULL) {
+        a->data[0] = ASN_INTEGER;
+        a->data[1] = sizeof(serial);
+        XMEMCPY(&a->data[2], serial, sizeof(serial));
+        a->length = sizeof(serial) + 2;
+    }
+    ExpectIntEQ(X509_set_serialNumber(x509, a), WOLFSSL_SUCCESS);
 
     XMEMSET(serial, 0, sizeof(serial));
     serialSz = sizeof(serial);
-    AssertIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
-            WOLFSSL_SUCCESS);
-    AssertIntEQ(serialSz, 3);
-    AssertIntEQ(serial[0], 0x01);
-    AssertIntEQ(serial[1], 0x00);
-    AssertIntEQ(serial[2], 0x02);
+    ExpectIntEQ(wolfSSL_X509_get_serial_number(x509, serial, &serialSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(serialSz, 3);
+    ExpectIntEQ(serial[0], 0x01);
+    ExpectIntEQ(serial[1], 0x00);
+    ExpectIntEQ(serial[2], 0x02);
     ASN1_INTEGER_free(a);
+    a = NULL;
 
     X509_free(x509); /* free's a */
 
-    AssertNotNull(serialHex = BN_bn2hex(bn));
+    ExpectNotNull(serialHex = BN_bn2hex(bn));
 #ifndef WC_DISABLE_RADIX_ZERO_PAD
-    AssertStrEQ(serialHex, "01");
+    ExpectStrEQ(serialHex, "01");
 #else
-    AssertStrEQ(serialHex, "1");
+    ExpectStrEQ(serialHex, "1");
 #endif
     OPENSSL_free(serialHex);
-
-    AssertIntEQ(BN_get_word(bn), 1);
-
+    ExpectIntEQ(BN_get_word(bn), 1);
     BN_free(bn);
 
     /* hard test free'ing with dynamic buffer to make sure there is no leaks */
-    a = ASN1_INTEGER_new();
-    if (a) {
-        AssertNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
-                    DYNAMIC_TYPE_OPENSSL));
+    ExpectNotNull(a = ASN1_INTEGER_new());
+    if (a != NULL) {
+        ExpectNotNull(a->data = (unsigned char*)XMALLOC(100, NULL,
+            DYNAMIC_TYPE_OPENSSL));
         a->isDynamic = 1;
         ASN1_INTEGER_free(a);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_OpenSSL_add_all_algorithms(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
-    AssertIntEQ(wolfSSL_add_all_algorithms(),WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_add_all_algorithms(), WOLFSSL_SUCCESS);
 
-    AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(),WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_noconf(), WOLFSSL_SUCCESS);
 
-    AssertIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(),WOLFSSL_SUCCESS);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_OpenSSL_add_all_algorithms_conf(), WOLFSSL_SUCCESS);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OPENSSL_hexstr2buf(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
     #define MAX_HEXSTR_BUFSZ 9
     #define NUM_CASES        5
@@ -48375,94 +47059,89 @@ static int test_wolfSSL_OPENSSL_hexstr2buf(void)
     long len = 0;
     unsigned char* returnedBuf = NULL;
 
-    for (i = 0; i < NUM_CASES; ++i) {
+    for (i = 0; i < NUM_CASES && EXPECT_SUCCESS(); ++i) {
         returnedBuf = wolfSSL_OPENSSL_hexstr2buf(inputs[i], &len);
-
         if (returnedBuf == NULL) {
-            AssertIntEQ(expectedOutputs[i].ret, 0);
+            ExpectIntEQ(expectedOutputs[i].ret, 0);
             continue;
         }
 
-        AssertIntEQ(expectedOutputs[i].ret, len);
+        ExpectIntEQ(expectedOutputs[i].ret, len);
 
         for (j = 0; j < len; ++j) {
-            AssertIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]);
+            ExpectIntEQ(expectedOutputs[i].buffer[j], returnedBuf[j]);
         }
         OPENSSL_free(returnedBuf);
+        returnedBuf = NULL;
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_CA_num(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \
     defined(HAVE_ECC) && !defined(NO_RSA)
-    WOLFSSL_X509_STORE *store;
-    WOLFSSL_X509 *x509_1, *x509_2;
+    WOLFSSL_X509_STORE *store = NULL;
+    WOLFSSL_X509 *x509_1 = NULL;
+    WOLFSSL_X509 *x509_2 = NULL;
     int ca_num = 0;
 
-    store = wolfSSL_X509_STORE_new();
-    x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
-    wolfSSL_X509_STORE_add_cert(store, x509_1);
-    ca_num = wolfSSL_X509_CA_num(store);
-    AssertIntEQ(ca_num, 1);
+    ExpectNotNull(store = wolfSSL_X509_STORE_new());
+    ExpectNotNull(x509_1 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_1), 1);
+    ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 1);
 
-    x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile, WOLFSSL_FILETYPE_PEM);
-    wolfSSL_X509_STORE_add_cert(store, x509_2);
-    ca_num = wolfSSL_X509_CA_num(store);
-    AssertIntEQ(ca_num, 2);
+    ExpectNotNull(x509_2 = wolfSSL_X509_load_certificate_file(eccCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(wolfSSL_X509_STORE_add_cert(store, x509_2), 1);
+    ExpectIntEQ(ca_num = wolfSSL_X509_CA_num(store), 2);
 
     wolfSSL_X509_free(x509_1);
     wolfSSL_X509_free(x509_2);
     wolfSSL_X509_STORE_free(store);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_check_ca(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
-    WOLFSSL_X509 *x509;
+    WOLFSSL_X509 *x509 = NULL;
 
-    x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
-    AssertIntEQ(wolfSSL_X509_check_ca(x509), 1);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(wolfSSL_X509_check_ca(x509), 1);
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_check_ip_asc(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
-    WOLFSSL_X509 *x509;
+    WOLFSSL_X509 *x509 = NULL;
 
-    x509 = wolfSSL_X509_load_certificate_file(cliCertFile, WOLFSSL_FILETYPE_PEM);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFile,
+        WOLFSSL_FILETYPE_PEM));
 #if 0
     /* TODO: add cert gen for testing positive case */
-    AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1);
+    ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "127.0.0.1", 0), 1);
 #endif
-    AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0);
-    AssertIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0);
+    ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, "0.0.0.0", 0), 0);
+    ExpectIntEQ(wolfSSL_X509_check_ip_asc(x509, NULL, 0), 0);
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_make_cert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && \
     defined(WOLFSSL_CERT_EXT)
     int      ret;
@@ -48477,7 +47156,7 @@ static int test_wolfSSL_make_cert(void)
 #ifdef OPENSSL_EXTRA
     const unsigned char* pt;
     int                  certSz;
-    X509*                x509;
+    X509*                x509 = NULL;
     X509_NAME*           x509name;
     X509_NAME_ENTRY*     entry;
     ASN1_STRING*         entryValue;
@@ -48523,20 +47202,20 @@ static int test_wolfSSL_make_cert(void)
     #endif
 #endif /* WOLFSSL_MULTI_ATTRIB */
 
-    AssertIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
+    ExpectIntEQ(wc_InitRsaKey(&key, HEAP_HINT), 0);
 #ifndef HAVE_FIPS
-    AssertIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
+    ExpectIntEQ(wc_InitRng_ex(&rng, HEAP_HINT, testDevId), 0);
 #else
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 #endif
 
     /* load test RSA key */
     idx = 0;
 #if defined(USE_CERT_BUFFERS_1024)
-    AssertIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key,
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_1024, &idx, &key,
                 sizeof_server_key_der_1024), 0);
 #elif defined(USE_CERT_BUFFERS_2048)
-    AssertIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
+    ExpectIntEQ(wc_RsaPrivateKeyDecode(server_key_der_2048, &idx, &key,
                 sizeof_server_key_der_2048), 0);
 #else
     /* error case, no RSA key loaded, happens later */
@@ -48544,7 +47223,7 @@ static int test_wolfSSL_make_cert(void)
 #endif
 
     XMEMSET(&cert, 0 , sizeof(Cert));
-    AssertIntEQ(wc_InitCert(&cert), 0);
+    ExpectIntEQ(wc_InitCert(&cert), 0);
 
     XMEMCPY(&cert.subject, &name, sizeof(CertName));
     XMEMCPY(cert.serial, mySerial, sizeof(mySerial));
@@ -48557,10 +47236,10 @@ static int test_wolfSSL_make_cert(void)
 #endif
 
     /* add SKID from the Public Key */
-    AssertIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0);
+    ExpectIntEQ(wc_SetSubjectKeyIdFromPublicKey(&cert, &key, NULL), 0);
 
     /* add AKID from the Public Key */
-    AssertIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0);
+    ExpectIntEQ(wc_SetAuthKeyIdFromPublicKey(&cert, &key, NULL), 0);
 
     ret = 0;
     do {
@@ -48571,463 +47250,89 @@ static int test_wolfSSL_make_cert(void)
             ret = wc_MakeSelfCert(&cert, der, FOURK_BUF, &key, &rng);
         }
     } while (ret == WC_PENDING_E);
-    AssertIntGT(ret, 0);
+    ExpectIntGT(ret, 0);
 
 #ifdef OPENSSL_EXTRA
     /* der holds a certificate with DC's now check X509 parsing of it */
     certSz = ret;
     pt = der;
-    AssertNotNull(x509 = d2i_X509(NULL, &pt, certSz));
-    AssertNotNull(x509name = X509_get_subject_name(x509));
+    ExpectNotNull(x509 = d2i_X509(NULL, &pt, certSz));
+    ExpectNotNull(x509name = X509_get_subject_name(x509));
 #ifdef WOLFSSL_MULTI_ATTRIB
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
                     -1)), 5);
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
                     idx)), 6);
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
                     idx)), -1);
 #endif /* WOLFSSL_MULTI_ATTRIB */
 
     /* compare DN at index 0 */
-    AssertNotNull(entry = X509_NAME_get_entry(x509name, 0));
-    AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
-    AssertIntEQ(ASN1_STRING_length(entryValue), 2);
-    AssertStrEQ((const char*)ASN1_STRING_data(entryValue), "US");
+    ExpectNotNull(entry = X509_NAME_get_entry(x509name, 0));
+    ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+    ExpectIntEQ(ASN1_STRING_length(entryValue), 2);
+    ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "US");
 
 #ifndef WOLFSSL_MULTI_ATTRIB
     /* compare Serial Number */
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_serialNumber,
                     -1)), 7);
-    AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
-    AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
-    AssertIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345"));
-    AssertStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345");
+    ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+    ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+    ExpectIntEQ(ASN1_STRING_length(entryValue), XSTRLEN("wolfSSL12345"));
+    ExpectStrEQ((const char*)ASN1_STRING_data(entryValue), "wolfSSL12345");
 #endif
 
 #ifdef WOLFSSL_MULTI_ATTRIB
     /* get first and second DC and compare result */
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
                     -1)), 5);
-    AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
-    AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
-    AssertStrEQ((const char *)ASN1_STRING_data(entryValue), "com");
+    ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+    ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+    ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "com");
 
-    AssertIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
+    ExpectIntEQ((idx = X509_NAME_get_index_by_NID(x509name, NID_domainComponent,
                    idx)), 6);
-    AssertNotNull(entry = X509_NAME_get_entry(x509name, idx));
-    AssertNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
-    AssertStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl");
+    ExpectNotNull(entry = X509_NAME_get_entry(x509name, idx));
+    ExpectNotNull(entryValue = X509_NAME_ENTRY_get_data(entry));
+    ExpectStrEQ((const char *)ASN1_STRING_data(entryValue), "wolfssl");
 #endif /* WOLFSSL_MULTI_ATTRIB */
 
     /* try invalid index locations for regression test and sanity check */
-    AssertNull(entry = X509_NAME_get_entry(x509name, 11));
-    AssertNull(entry = X509_NAME_get_entry(x509name, 20));
+    ExpectNull(entry = X509_NAME_get_entry(x509name, 11));
+    ExpectNull(entry = X509_NAME_get_entry(x509name, 20));
 
     X509_free(x509);
 #endif /* OPENSSL_EXTRA */
 
     wc_FreeRsaKey(&key);
     wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_X509_get_version(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    WOLFSSL_X509 *x509;
+    WOLFSSL_X509 *x509 = NULL;
 
-    x509 = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
-    AssertNotNull(x509);
-    AssertIntEQ((int)wolfSSL_X509_get_version(x509), 2);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ((int)wolfSSL_X509_get_version(x509), 2);
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
-}
-
-static int test_wolfSSL_DES_ncbc(void)
-{
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_DES3)
-    const_DES_cblock myDes;
-    DES_cblock iv = {1};
-    DES_key_schedule key = {0};
-    unsigned char msg[] = "hello wolfssl";
-    unsigned char out[DES_BLOCK_SIZE * 2] = {0};
-    unsigned char pln[DES_BLOCK_SIZE * 2] = {0};
-
-    unsigned char exp[]  = {0x31, 0x98, 0x2F, 0x3A, 0x55, 0xBF, 0xD8, 0xC4};
-    unsigned char exp2[] = {0xC7, 0x45, 0x8B, 0x28, 0x10, 0x53, 0xE0, 0x58};
-
-    /* partial block test */
-    DES_set_key(&key, &myDes);
-    DES_ncbc_encrypt(msg, out, 3, &myDes, &iv, DES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(exp, out, DES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
-
-    DES_set_key(&key, &myDes);
-    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
-    *((byte*)&iv) = 1;
-    DES_ncbc_encrypt(out, pln, 3, &myDes, &iv, DES_DECRYPT);
-    AssertIntEQ(XMEMCMP(msg, pln, 3), 0);
-    AssertIntEQ(XMEMCMP(exp, iv, DES_BLOCK_SIZE), 0);
-
-    /* full block test */
-    DES_set_key(&key, &myDes);
-    XMEMSET(pln, 0, DES_BLOCK_SIZE);
-    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
-    *((byte*)&iv) = 1;
-    DES_ncbc_encrypt(msg, out, 8, &myDes, &iv, DES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(exp2, out, DES_BLOCK_SIZE), 0);
-    AssertIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
-
-    DES_set_key(&key, &myDes);
-    XMEMSET((byte*)&iv, 0, DES_BLOCK_SIZE);
-    *((byte*)&iv) = 1;
-    DES_ncbc_encrypt(out, pln, 8, &myDes, &iv, DES_DECRYPT);
-    AssertIntEQ(XMEMCMP(msg, pln, 8), 0);
-    AssertIntEQ(XMEMCMP(exp2, iv, DES_BLOCK_SIZE), 0);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_AES_cbc_encrypt(void)
-{
-    int res = TEST_SKIPPED;
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA)
-    AES_KEY aes;
-    AES_KEY* aesN = NULL;
-    size_t len = 0;
-    size_t lenB = 0;
-    int keySz0 = 0;
-    int keySzN = -1;
-    byte out[AES_BLOCK_SIZE] = {0};
-    byte* outN = NULL;
-
-    /* Test vectors retrieved from:
-     *   <begin URL>
-     *       https://csrc.nist.gov/
-     *       CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/
-     *       documents/aes/KAT_AES.zip
-     *   </end URL>
-     */
-    const byte* pt128N  = NULL;
-    byte* key128N       = NULL;
-    byte* iv128N        = NULL;
-    byte iv128tmp[AES_BLOCK_SIZE] = {0};
-
-    const byte pt128[]  = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-                            0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
-
-    const byte ct128[]  = { 0x87,0x85,0xb1,0xa7,0x5b,0x0f,0x3b,0xd9,
-                            0x58,0xdc,0xd0,0xe2,0x93,0x18,0xc5,0x21 };
-
-    const byte iv128[]  = { 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
-                            0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 };
-
-    byte key128[]       = { 0xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,
-                            0xff,0xff,0xf0,0x00,0x00,0x00,0x00,0x00 };
-
-
-    len = sizeof(pt128);
-
-    #define STRESS_T(a, b, c, d, e, f, g, h, i) \
-            wolfSSL_AES_cbc_encrypt(a, b, c, d, e, f); \
-            AssertIntNE(XMEMCMP(b, g, h), i)
-
-    #define RESET_IV(x, y) XMEMCPY(x, y, AES_BLOCK_SIZE)
-
-    /* Stressing wolfSSL_AES_cbc_encrypt() */
-    STRESS_T(pt128N, out, len, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
-    STRESS_T(pt128, out, len, &aes, iv128N, 1, ct128, AES_BLOCK_SIZE, 0);
-
-    wolfSSL_AES_cbc_encrypt(pt128, outN, len, &aes, iv128tmp, AES_ENCRYPT);
-    AssertIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
-    wolfSSL_AES_cbc_encrypt(pt128, out, len, aesN, iv128tmp, AES_ENCRYPT);
-    AssertIntNE(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
-
-    STRESS_T(pt128, out, lenB, &aes, iv128tmp, 1, ct128, AES_BLOCK_SIZE, 0);
-
-    /* Stressing wolfSSL_AES_set_encrypt_key */
-    AssertIntNE(wolfSSL_AES_set_encrypt_key(key128N, sizeof(key128)*8, &aes),0);
-    AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, aesN),0);
-    AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, keySz0, &aes), 0);
-    AssertIntNE(wolfSSL_AES_set_encrypt_key(key128, keySzN, &aes), 0);
-
-    /* Stressing wolfSSL_AES_set_decrypt_key */
-    AssertIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, &aes),0);
-    AssertIntNE(wolfSSL_AES_set_decrypt_key(key128N, sizeof(key128)*8, aesN),0);
-    AssertIntNE(wolfSSL_AES_set_decrypt_key(key128, keySz0, &aes), 0);
-    AssertIntNE(wolfSSL_AES_set_decrypt_key(key128, keySzN, &aes), 0);
-
-  #ifdef WOLFSSL_AES_128
-
-    /* wolfSSL_AES_cbc_encrypt() 128-bit */
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    RESET_IV(iv128tmp, iv128);
-
-    AssertIntEQ(wolfSSL_AES_set_encrypt_key(key128, sizeof(key128)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(pt128, out, len, &aes, iv128tmp, AES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(out, ct128, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #ifdef HAVE_AES_DECRYPT
-
-    /* wolfSSL_AES_cbc_encrypt() 128-bit in decrypt mode */
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    RESET_IV(iv128tmp, iv128);
-    len = sizeof(ct128);
-
-    AssertIntEQ(wolfSSL_AES_set_decrypt_key(key128, sizeof(key128)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(ct128, out, len, &aes, iv128tmp, AES_DECRYPT);
-    AssertIntEQ(XMEMCMP(out, pt128, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #endif
-
-  #endif /* WOLFSSL_AES_128 */
-  #ifdef WOLFSSL_AES_192
-  {
-    /* Test vectors from NIST Special Publication 800-38A, 2001 Edition
-     * Appendix F.2.3  */
-
-    byte iv192tmp[AES_BLOCK_SIZE] = {0};
-
-    const byte pt192[]  = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
-                            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
-
-    const byte ct192[]  = { 0x4f,0x02,0x1d,0xb2,0x43,0xbc,0x63,0x3d,
-                            0x71,0x78,0x18,0x3a,0x9f,0xa0,0x71,0xe8 };
-
-    const byte iv192[]  = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
-                            0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
-
-    byte key192[]       = { 0x8e,0x73,0xb0,0xf7,0xda,0x0e,0x64,0x52,
-                            0xc8,0x10,0xf3,0x2b,0x80,0x90,0x79,0xe5,
-                            0x62,0xf8,0xea,0xd2,0x52,0x2c,0x6b,0x7b };
-
-    len = sizeof(pt192);
-
-    /* wolfSSL_AES_cbc_encrypt() 192-bit */
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    RESET_IV(iv192tmp, iv192);
-
-    AssertIntEQ(wolfSSL_AES_set_encrypt_key(key192, sizeof(key192)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(pt192, out, len, &aes, iv192tmp, AES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(out, ct192, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #ifdef HAVE_AES_DECRYPT
-
-    /* wolfSSL_AES_cbc_encrypt() 192-bit in decrypt mode */
-    len = sizeof(ct192);
-    RESET_IV(iv192tmp, iv192);
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-
-    AssertIntEQ(wolfSSL_AES_set_decrypt_key(key192, sizeof(key192)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(ct192, out, len, &aes, iv192tmp, AES_DECRYPT);
-    AssertIntEQ(XMEMCMP(out, pt192, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #endif
-  }
-  #endif /* WOLFSSL_AES_192 */
-  #ifdef WOLFSSL_AES_256
-  {
-    /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
-     * Appendix F.2.5  */
-    byte iv256tmp[AES_BLOCK_SIZE] = {0};
-
-    const byte pt256[]  = { 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
-                            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a };
-
-    const byte ct256[]  = { 0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
-                            0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6 };
-
-    const byte iv256[]  = { 0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
-                            0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F };
-
-    byte key256[]       = { 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
-                            0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
-                            0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
-                            0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 };
-
-
-    len = sizeof(pt256);
-
-    /* wolfSSL_AES_cbc_encrypt() 256-bit */
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-    RESET_IV(iv256tmp, iv256);
-
-    AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(pt256, out, len, &aes, iv256tmp, AES_ENCRYPT);
-    AssertIntEQ(XMEMCMP(out, ct256, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #ifdef HAVE_AES_DECRYPT
-
-    /* wolfSSL_AES_cbc_encrypt() 256-bit in decrypt mode */
-    len = sizeof(ct256);
-    RESET_IV(iv256tmp, iv256);
-    XMEMSET(out, 0, AES_BLOCK_SIZE);
-
-    AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    wolfSSL_AES_cbc_encrypt(ct256, out, len, &aes, iv256tmp, AES_DECRYPT);
-    AssertIntEQ(XMEMCMP(out, pt256, AES_BLOCK_SIZE), 0);
-    wc_AesFree((Aes*)&aes);
-
-    #endif
-
-    #if defined(HAVE_AES_KEYWRAP) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-    {
-    byte wrapCipher[sizeof(key256) + KEYWRAP_BLOCK_SIZE] = { 0 };
-    byte wrapPlain[sizeof(key256)] = { 0 };
-    byte wrapIV[KEYWRAP_BLOCK_SIZE] = { 0 };
-
-    /* wolfSSL_AES_wrap_key() 256-bit NULL iv */
-    AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    AssertIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
-            15), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_AES_wrap_key(&aes, NULL, wrapCipher, key256,
-            sizeof(key256)), sizeof(wrapCipher));
-    wc_AesFree((Aes*)&aes);
-
-    /* wolfSSL_AES_unwrap_key() 256-bit NULL iv */
-    AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
-            23), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, NULL, wrapPlain, wrapCipher,
-            sizeof(wrapCipher)), sizeof(wrapPlain));
-    AssertIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
-    XMEMSET(wrapCipher, 0, sizeof(wrapCipher));
-    XMEMSET(wrapPlain, 0, sizeof(wrapPlain));
-    wc_AesFree((Aes*)&aes);
-
-    /* wolfSSL_AES_wrap_key() 256-bit custom iv */
-    AssertIntEQ(wolfSSL_AES_set_encrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    AssertIntEQ(wolfSSL_AES_wrap_key(&aes, wrapIV, wrapCipher, key256,
-            sizeof(key256)), sizeof(wrapCipher));
-    wc_AesFree((Aes*)&aes);
-
-    /* wolfSSL_AES_unwrap_key() 256-bit custom iv */
-    AssertIntEQ(wolfSSL_AES_set_decrypt_key(key256, sizeof(key256)*8, &aes), 0);
-    AssertIntEQ(wolfSSL_AES_unwrap_key(&aes, wrapIV, wrapPlain, wrapCipher,
-            sizeof(wrapCipher)), sizeof(wrapPlain));
-    AssertIntEQ(XMEMCMP(wrapPlain, key256, sizeof(key256)), 0);
-    wc_AesFree((Aes*)&aes);
-    }
-    #endif /* HAVE_AES_KEYWRAP */
-  }
-  #endif /* WOLFSSL_AES_256 */
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_CRYPTO_cts128(void)
-{
-    int res = TEST_SKIPPED;
-#if !defined(NO_AES) && defined(HAVE_AES_CBC) && defined(OPENSSL_EXTRA) \
-    && defined(HAVE_CTS)
-    byte tmp[64]; /* Largest vector size */
-    /* Test vectors taken form RFC3962 Appendix B */
-    const testVector vects[] = {
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20",
-            "\xc6\x35\x35\x68\xf2\xbf\x8c\xb4\xd8\xa5\x80\x36\x2d\xa7\xff\x7f"
-            "\x97",
-            17, 17
-        },
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20",
-            "\xfc\x00\x78\x3e\x0e\xfd\xb2\xc1\xd4\x45\xd4\xc8\xef\xf7\xed\x22"
-            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5",
-            31, 31
-        },
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43",
-            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
-            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84",
-            32, 32
-        },
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
-            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c",
-            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
-            "\xb3\xff\xfd\x94\x0c\x16\xa1\x8c\x1b\x55\x49\xd2\xf8\x38\x02\x9e"
-            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5",
-            47, 47
-        },
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
-            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20",
-            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
-            "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8"
-            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8",
-            48, 48
-        },
-        {
-            "\x49\x20\x77\x6f\x75\x6c\x64\x20\x6c\x69\x6b\x65\x20\x74\x68\x65"
-            "\x20\x47\x65\x6e\x65\x72\x61\x6c\x20\x47\x61\x75\x27\x73\x20\x43"
-            "\x68\x69\x63\x6b\x65\x6e\x2c\x20\x70\x6c\x65\x61\x73\x65\x2c\x20"
-            "\x61\x6e\x64\x20\x77\x6f\x6e\x74\x6f\x6e\x20\x73\x6f\x75\x70\x2e",
-            "\x97\x68\x72\x68\xd6\xec\xcc\xc0\xc0\x7b\x25\xe2\x5e\xcf\xe5\x84"
-            "\x39\x31\x25\x23\xa7\x86\x62\xd5\xbe\x7f\xcb\xcc\x98\xeb\xf5\xa8"
-            "\x48\x07\xef\xe8\x36\xee\x89\xa5\x26\x73\x0d\xbc\x2f\x7b\xc8\x40"
-            "\x9d\xad\x8b\xbb\x96\xc4\xcd\xc0\x3b\xc1\x03\xe1\xa1\x94\xbb\xd8",
-            64, 64
-        }
-    };
-    byte keyBytes[AES_128_KEY_SIZE] = {
-        0x63, 0x68, 0x69, 0x63, 0x6b, 0x65, 0x6e, 0x20,
-        0x74, 0x65, 0x72, 0x69, 0x79, 0x61, 0x6b, 0x69
-    };
-    size_t i;
-    XMEMSET(tmp, 0, sizeof(tmp));
-    for (i = 0; i < sizeof(vects)/sizeof(vects[0]); i++) {
-        AES_KEY encKey;
-        AES_KEY decKey;
-        byte iv[AES_IV_SIZE]; /* All-zero IV for all cases */
-        XMEMSET(iv, 0, sizeof(iv));
-        AssertIntEQ(AES_set_encrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &encKey), 0);
-        AssertIntEQ(AES_set_decrypt_key(keyBytes, AES_128_KEY_SIZE * 8, &decKey), 0);
-        AssertIntEQ(CRYPTO_cts128_encrypt((const unsigned char*)vects[i].input,
-                tmp, vects[i].inLen, &encKey, iv, (cbc128_f)AES_cbc_encrypt),
-                vects[i].outLen);
-        AssertIntEQ(XMEMCMP(tmp, vects[i].output, vects[i].outLen), 0);
-        XMEMSET(iv, 0, sizeof(iv));
-        AssertIntEQ(CRYPTO_cts128_decrypt((const unsigned char*)vects[i].output,
-                tmp, vects[i].outLen, &decKey, iv, (cbc128_f)AES_cbc_encrypt),
-                vects[i].inLen);
-        AssertIntEQ(XMEMCMP(tmp, vects[i].input, vects[i].inLen), 0);
-    }
-
-    res = TEST_RES_CHECK(1);
-#endif /* !NO_AES && HAVE_AES_CBC && OPENSSL_EXTRA && HAVE_CTS */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_ALL)
 static int test_wolfSSL_sk_CIPHER_description(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA)
     const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
-    int i,j,k;
+    int i;
     int numCiphers = 0;
     const SSL_METHOD *method = NULL;
     const SSL_CIPHER *cipher = NULL;
@@ -49040,38 +47345,35 @@ static int test_wolfSSL_sk_CIPHER_description(void)
     const char certPath[] = "./certs/client-cert.pem";
     XMEMSET(buf, 0, sizeof(buf));
 
-    AssertNotNull(method = TLSv1_2_client_method());
-    AssertNotNull(ctx = SSL_CTX_new(method));
-
+    ExpectNotNull(method = TLSv1_2_client_method());
+    ExpectNotNull(ctx = SSL_CTX_new(method));
     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
     SSL_CTX_set_verify_depth(ctx, 4);
-
     SSL_CTX_set_options(ctx, flags);
-    AssertIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
+    ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
                 WOLFSSL_SUCCESS);
 
-    AssertNotNull(ssl = SSL_new(ctx));
+    ExpectNotNull(ssl = SSL_new(ctx));
     /* SSL_get_ciphers returns a stack of all configured ciphers
      * A flag, getCipherAtOffset, is set to later have SSL_CIPHER_description
      */
-    AssertNotNull(supportedCiphers = SSL_get_ciphers(ssl));
+    ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
 
     /* loop through the amount of supportedCiphers */
     numCiphers = sk_num(supportedCiphers);
     for (i = 0; i < numCiphers; ++i) {
-
+        int j;
         /* sk_value increments "sk->data.cipher->cipherOffset".
          * wolfSSL_sk_CIPHER_description sets the description for
          * the cipher based on the provided offset.
          */
-
         if ((cipher = (const WOLFSSL_CIPHER*)sk_value(supportedCiphers, i))) {
             SSL_CIPHER_description(cipher, buf, sizeof(buf));
         }
 
         /* Search cipher description string for "unknown" descriptor */
         for (j = 0; j < (int)XSTRLEN(buf); j++) {
-            k = 0;
+            int k = 0;
             while ((k < (int)XSTRLEN(badStr)) && (buf[j] == badStr[k])) {
                 test_str[k] = badStr[k];
                 j++;
@@ -49079,19 +47381,17 @@ static int test_wolfSSL_sk_CIPHER_description(void)
             }
         }
         /* Fail if test_str == badStr == "unknown" */
-        AssertStrNE(test_str,badStr);
+        ExpectStrNE(test_str,badStr);
     }
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_get_ciphers_compat(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA)
     const SSL_METHOD *method = NULL;
     const char certPath[] = "./certs/client-cert.pem";
@@ -49100,37 +47400,32 @@ static int test_wolfSSL_get_ciphers_compat(void)
     WOLFSSL *ssl = NULL;
     const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION;
 
-    method = SSLv23_client_method();
-    AssertNotNull(method);
-    ctx = SSL_CTX_new(method);
-    AssertNotNull(ctx);
-
+    ExpectNotNull(method = SSLv23_client_method());
+    ExpectNotNull(ctx = SSL_CTX_new(method));
     SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
     SSL_CTX_set_verify_depth(ctx, 4);
-
     SSL_CTX_set_options(ctx, flags);
-    AssertIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
+    ExpectIntEQ(SSL_CTX_load_verify_locations(ctx, certPath, NULL),
                 WOLFSSL_SUCCESS);
 
-    AssertNotNull(ssl = SSL_new(ctx));
+    ExpectNotNull(ssl = SSL_new(ctx));
 
     /* Test Bad NULL input */
-    AssertNull(supportedCiphers = SSL_get_ciphers(NULL));
+    ExpectNull(supportedCiphers = SSL_get_ciphers(NULL));
     /* Test for Good input */
-    AssertNotNull(supportedCiphers = SSL_get_ciphers(ssl));
+    ExpectNotNull(supportedCiphers = SSL_get_ciphers(ssl));
     /* Further usage of SSL_get_ciphers/wolfSSL_get_ciphers_compat is
      * tested in test_wolfSSL_sk_CIPHER_description according to Qt usage */
 
     SSL_free(ssl);
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_PUBKEY_get(void)
 {
+    EXPECT_DECLS;
     WOLFSSL_X509_PUBKEY pubkey;
     WOLFSSL_X509_PUBKEY* key;
     WOLFSSL_EVP_PKEY evpkey ;
@@ -49146,20 +47441,20 @@ static int test_wolfSSL_X509_PUBKEY_get(void)
     evpPkey->type = WOLFSSL_SUCCESS;
     key->pkey = evpPkey;
 
-    AssertNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
-    AssertIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS);
+    ExpectNotNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
+    ExpectIntEQ(retEvpPkey->type, WOLFSSL_SUCCESS);
 
-    AssertNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL));
+    ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(NULL));
 
     key->pkey = NULL;
-    AssertNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
+    ExpectNull(retEvpPkey = wolfSSL_X509_PUBKEY_get(key));
 
-    return TEST_RES_CHECK(retEvpPkey == NULL);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
     DSA       *dsa  = NULL;
     DSA       *setDsa  = NULL;
@@ -49175,6 +47470,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
     const unsigned char* dsaKeyDer = dsa_key_der_1024;
     int dsaKeySz  = sizeof_dsa_key_der_1024;
     byte    tmp[ONEK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
     bytes = dsaKeySz;
@@ -49182,6 +47478,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
     const unsigned char* dsaKeyDer = dsa_key_der_2048;
     int dsaKeySz  = sizeof_dsa_key_der_2048;
     byte    tmp[TWOK_BUF];
+
     XMEMSET(tmp, 0, sizeof(tmp));
     XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
     bytes = dsaKeySz;
@@ -49189,147 +47486,167 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
     byte    tmp[TWOK_BUF];
     const unsigned char* dsaKeyDer = (const unsigned char*)tmp;
     int dsaKeySz;
+    XFILE fp = XBADFILE;
+
     XMEMSET(tmp, 0, sizeof(tmp));
-    XFILE fp = XFOPEN("./certs/dsa2048.der", "rb");
-    if (fp == XBADFILE) {
-        return WOLFSSL_BAD_FILE;
-    }
-    dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
+    ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif /* END USE_CERT_BUFFERS_1024 */
 
     /* Create hash to later Sign and Verify */
-    AssertIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
-    AssertIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
-    AssertIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
+    ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
+    ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
+    ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
 
     /* Initialize pkey with der format dsa key */
-    AssertNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
+    ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
         (long)dsaKeySz));
 
     /* Test wolfSSL_EVP_PKEY_get1_DSA */
     /* Should Fail: NULL argument */
-    AssertNull(dsa = EVP_PKEY_get0_DSA(NULL));
-    AssertNull(dsa = EVP_PKEY_get1_DSA(NULL));
+    ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL));
+    ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL));
     /* Should Pass: Initialized pkey argument */
-    AssertNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
-    AssertNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
+    ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
+    ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
 
 #ifdef USE_CERT_BUFFERS_1024
-    AssertIntEQ(DSA_bits(dsa), 1024);
+    ExpectIntEQ(DSA_bits(dsa), 1024);
 #else
-    AssertIntEQ(DSA_bits(dsa), 2048);
+    ExpectIntEQ(DSA_bits(dsa), 2048);
 #endif
 
     /* Sign */
-    AssertIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
     /* Verify. */
-    AssertIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
+    ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
                 WOLFSSL_SUCCESS);
 
     /* Test wolfSSL_EVP_PKEY_set1_DSA */
     /* Should Fail: set1Pkey not initialized */
-    AssertIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
+    ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
 
     /* Initialize set1Pkey */
     set1Pkey = EVP_PKEY_new();
 
     /* Should Fail Verify: setDsa not initialized from set1Pkey */
-    AssertIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
+    ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
                 WOLFSSL_SUCCESS);
 
     /* Should Pass: set dsa into set1Pkey */
-    AssertIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
 
     DSA_free(dsa);
     DSA_free(setDsa);
     EVP_PKEY_free(pkey);
     EVP_PKEY_free(set1Pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
-    return res;
+    return EXPECT_RESULT();
 } /* END test_EVP_PKEY_set1_get1_DSA */
 
+static int test_wolfSSL_DSA_generate_parameters(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
+    !defined(HAVE_FIPS)
+    DSA *dsa = NULL;
+
+    ExpectNotNull(dsa = DSA_generate_parameters(2048, NULL, 0, NULL, NULL, NULL,
+        NULL));
+    DSA_free(dsa);
+#endif
+    return EXPECT_RESULT();
+}
+
 static int test_wolfSSL_DSA_SIG(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FIPS)
-    DSA          *dsa  = NULL;
-    DSA          *dsa2 = NULL;
-    DSA_SIG      *sig  = NULL;
-    const BIGNUM *p    = NULL;
-    const BIGNUM *q    = NULL;
-    const BIGNUM *g    = NULL;
-    const BIGNUM *pub  = NULL;
-    const BIGNUM *priv = NULL;
+    DSA          *dsa      = NULL;
+    DSA          *dsa2     = NULL;
+    DSA_SIG      *sig      = NULL;
+    const BIGNUM *p        = NULL;
+    const BIGNUM *q        = NULL;
+    const BIGNUM *g        = NULL;
+    const BIGNUM *pub      = NULL;
+    const BIGNUM *priv     = NULL;
+    BIGNUM       *dup_p    = NULL;
+    BIGNUM       *dup_q    = NULL;
+    BIGNUM       *dup_g    = NULL;
+    BIGNUM       *dup_pub  = NULL;
+    BIGNUM       *dup_priv = NULL;
     const byte digest[WC_SHA_DIGEST_SIZE] = {0};
 
-    AssertNotNull(dsa = DSA_generate_parameters(2048,
-            NULL, 0, NULL, NULL, NULL, NULL));
-    DSA_free(dsa);
-    AssertNotNull(dsa = DSA_new());
-    AssertIntEQ(DSA_generate_parameters_ex(dsa, 2048,
-            NULL, 0, NULL, NULL, NULL), 1);
-    AssertIntEQ(DSA_generate_key(dsa), 1);
+    ExpectNotNull(dsa = DSA_new());
+    ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL,
+         NULL), 1);
+    ExpectIntEQ(DSA_generate_key(dsa), 1);
     DSA_get0_pqg(dsa, &p, &q, &g);
     DSA_get0_key(dsa, &pub, &priv);
-    AssertNotNull(p    = BN_dup(p));
-    AssertNotNull(q    = BN_dup(q));
-    AssertNotNull(g    = BN_dup(g));
-    AssertNotNull(pub  = BN_dup(pub));
-    AssertNotNull(priv = BN_dup(priv));
-
-    AssertNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa));
-    AssertNotNull(dsa2 = DSA_new());
-    AssertIntEQ(DSA_set0_pqg(dsa2, (BIGNUM*)p, (BIGNUM*)q, (BIGNUM*)g), 1);
-    AssertIntEQ(DSA_set0_key(dsa2, (BIGNUM*)pub, (BIGNUM*)priv), 1);
-    AssertIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1);
+    ExpectNotNull(dup_p    = BN_dup(p));
+    ExpectNotNull(dup_q    = BN_dup(q));
+    ExpectNotNull(dup_g    = BN_dup(g));
+    ExpectNotNull(dup_pub  = BN_dup(pub));
+    ExpectNotNull(dup_priv = BN_dup(priv));
+
+    ExpectNotNull(sig = DSA_do_sign(digest, sizeof(digest), dsa));
+    ExpectNotNull(dsa2 = DSA_new());
+    ExpectIntEQ(DSA_set0_pqg(dsa2, dup_p, dup_q, dup_g), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(dup_p);
+        BN_free(dup_q);
+        BN_free(dup_g);
+    }
+    ExpectIntEQ(DSA_set0_key(dsa2, dup_pub, dup_priv), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(dup_pub);
+        BN_free(dup_priv);
+    }
+    ExpectIntEQ(DSA_do_verify(digest, sizeof(digest), sig, dsa2), 1);
 
     DSA_free(dsa);
     DSA_free(dsa2);
     DSA_SIG_free(sig);
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY (void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_ECC
-    WOLFSSL_EC_KEY  *ecKey  = NULL;
-    WOLFSSL_EC_KEY  *ecGet1  = NULL;
-    EVP_PKEY  *pkey = NULL;
+    WOLFSSL_EC_KEY* ecKey  = NULL;
+    WOLFSSL_EC_KEY* ecGet1  = NULL;
+    EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
 
     /* Test wolfSSL_EVP_PKEY_set1_EC_KEY */
-    AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
     /* Should fail since ecKey is empty */
-    AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
-    AssertIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
 
     /* Test wolfSSL_EVP_PKEY_get1_EC_KEY */
-    AssertNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
-    AssertNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
+    ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
+    ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
 
     wolfSSL_EC_KEY_free(ecKey);
     wolfSSL_EC_KEY_free(ecGet1);
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif /* HAVE_ECC */
-    return res;
+    return EXPECT_RESULT();
 } /* END test_EVP_PKEY_set1_get1_EC_KEY */
 
 static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
 #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
@@ -49337,7 +47654,7 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
     DH       *setDh = NULL;
     EVP_PKEY *pkey  = NULL;
 
-    FILE* f = NULL;
+    XFILE f = XBADFILE;
     unsigned char buf[4096];
     const unsigned char* pt = buf;
     const char* dh2048 = "./certs/dh2048.der";
@@ -49346,91 +47663,89 @@ static int test_wolfSSL_EVP_PKEY_set1_get1_DH (void)
 
     XMEMSET(buf, 0, sizeof(buf));
 
-    f = XFOPEN(dh2048, "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* Load dh2048.der into DH with internal format */
-    AssertNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+    ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
 
-    AssertIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
-    AssertIntEQ(code, 0);
+    ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
+    ExpectIntEQ(code, 0);
     code = -1;
 
-    pkey = wolfSSL_EVP_PKEY_new();
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
 
     /* Set DH into PKEY */
-    AssertIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
 
     /* Get DH from PKEY */
-    AssertNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
+    ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
 
-    AssertIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
-    AssertIntEQ(code, 0);
+    ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
+    ExpectIntEQ(code, 0);
 
     EVP_PKEY_free(pkey);
     DH_free(setDh);
     DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
-    return res;
+    return EXPECT_RESULT();
 } /* END test_EVP_PKEY_set1_get1_DH */
 
 static int test_wolfSSL_CTX_ctrl(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     char caFile[] = "./certs/client-ca.pem";
     char clientFile[] = "./certs/client-cert.pem";
-    SSL_CTX* ctx;
+    SSL_CTX* ctx = NULL;
     X509* x509 = NULL;
 #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
     byte buf[6000];
     char file[] = "./certs/dsaparams.pem";
-    XFILE f;
+    XFILE f = XBADFILE;
     int  bytes;
-    BIO* bio;
-    DSA* dsa;
-    DH*  dh;
+    BIO* bio = NULL;
+    DSA* dsa = NULL;
+    DH*  dh = NULL;
 #endif
 #ifdef HAVE_ECC
-    WOLFSSL_EC_KEY* ecKey;
+    WOLFSSL_EC_KEY* ecKey = NULL;
 #endif
 
-    AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
 
-    x509 = wolfSSL_X509_load_certificate_file(caFile, WOLFSSL_FILETYPE_PEM);
-    AssertNotNull(x509);
-    AssertIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(caFile,
+         WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ((int)SSL_CTX_add_extra_chain_cert(ctx, x509), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_X509_free(x509);
+    }
 
-    x509 = wolfSSL_X509_load_certificate_file(clientFile, WOLFSSL_FILETYPE_PEM);
-    AssertNotNull(x509);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(clientFile,
+         WOLFSSL_FILETYPE_PEM));
 
 #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
     /* Initialize DH */
-    f = XFOPEN(file, "rb");
-    AssertTrue((f != XBADFILE));
-    bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
+    ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    bio = BIO_new_mem_buf((void*)buf, bytes);
-    AssertNotNull(bio);
+    ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
 
-    dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
-    AssertNotNull(dsa);
+    ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
 
-    dh = wolfSSL_DSA_dup_DH(dsa);
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
 #endif
 #ifdef HAVE_ECC
     /* Initialize WOLFSSL_EC_KEY */
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey),1);
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
 #endif
 
 #if !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA)
@@ -49438,29 +47753,30 @@ static int test_wolfSSL_CTX_ctrl(void)
      * Do not run with user RSA because wolfSSL_RSA_size is not currently
      * allowed with user RSA */
     {
-        EVP_PKEY* pkey;
+        EVP_PKEY* pkey = NULL;
 #if defined(HAVE_ECC)
-        X509* ecX509;
+        X509* ecX509 = NULL;
 #endif /* HAVE_ECC */
 
-        AssertNotNull(pkey = X509_get_pubkey(x509));
+        ExpectNotNull(pkey = X509_get_pubkey(x509));
         /* current RSA key is 2048 bit (256 bytes) */
-        AssertIntEQ(EVP_PKEY_size(pkey), 256);
+        ExpectIntEQ(EVP_PKEY_size(pkey), 256);
 
         EVP_PKEY_free(pkey);
+        pkey = NULL;
 
 #if defined(HAVE_ECC)
 #if defined(USE_CERT_BUFFERS_256)
-        AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
-                      cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
-                      SSL_FILETYPE_ASN1));
+        ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_buffer(
+            cliecc_cert_der_256, sizeof_cliecc_cert_der_256,
+            SSL_FILETYPE_ASN1));
 #else
-        AssertNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
-                      cliEccCertFile, SSL_FILETYPE_PEM));
+        ExpectNotNull(ecX509 = wolfSSL_X509_load_certificate_file(
+            cliEccCertFile, SSL_FILETYPE_PEM));
 #endif
-        AssertNotNull(pkey = X509_get_pubkey(ecX509));
+        ExpectNotNull(pkey = X509_get_pubkey(ecX509));
         /* current ECC key is 256 bit (32 bytes) */
-        AssertIntEQ(EVP_PKEY_size(pkey), 32);
+        ExpectIntEQ(EVP_PKEY_size(pkey), 32);
 
         X509_free(ecX509);
         EVP_PKEY_free(pkey);
@@ -49469,73 +47785,75 @@ static int test_wolfSSL_CTX_ctrl(void)
 #endif /* !defined(HAVE_USER_RSA) && !defined(HAVE_FAST_RSA) */
 
     /* Tests should fail with passed in NULL pointer */
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,NULL),
-                SSL_FAILURE);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, NULL),
+        SSL_FAILURE);
 #if !defined(NO_DH) && !defined(NO_DSA)
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,NULL),
-                SSL_FAILURE);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, NULL),
+        SSL_FAILURE);
 #endif
 #ifdef HAVE_ECC
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,NULL),
-                SSL_FAILURE);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, NULL),
+        SSL_FAILURE);
 #endif
 
     /* Test with SSL_CTRL_EXTRA_CHAIN_CERT
      * wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_add_extra_chain_cert
      */
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_EXTRA_CHAIN_CERT,0,x509),
-                SSL_SUCCESS);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_EXTRA_CHAIN_CERT, 0, x509),
+        SSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_X509_free(x509);
+    }
 
     /* Test with SSL_CTRL_OPTIONS
      * wolfSSL_CTX_ctrl should succesffuly call SSL_CTX_set_options
      */
-    AssertTrue(wolfSSL_CTX_ctrl(ctx,SSL_CTRL_OPTIONS,SSL_OP_NO_TLSv1,NULL)
-               == SSL_OP_NO_TLSv1);
-    AssertTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
+    ExpectTrue(wolfSSL_CTX_ctrl(ctx, SSL_CTRL_OPTIONS, SSL_OP_NO_TLSv1,
+        NULL) == SSL_OP_NO_TLSv1);
+    ExpectTrue(SSL_CTX_get_options(ctx) == SSL_OP_NO_TLSv1);
 
     /* Test with SSL_CTRL_SET_TMP_DH
      * wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_dh
      */
 #if !defined(NO_DH) && !defined(NO_DSA) && !defined(NO_BIO)
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,dh),
-                SSL_SUCCESS);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_DH, 0, dh),
+        SSL_SUCCESS);
 #endif
 
     /* Test with SSL_CTRL_SET_TMP_ECDH
      * wolfSSL_CTX_ctrl should succesffuly call wolfSSL_SSL_CTX_set_tmp_ecdh
      */
 #ifdef HAVE_ECC
-    AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_ECDH,0,ecKey),
-                SSL_SUCCESS);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH, 0, ecKey),
+        SSL_SUCCESS);
 #endif
 
 #ifdef WOLFSSL_ENCRYPTED_KEYS
-    AssertNull(SSL_CTX_get_default_passwd_cb(ctx));
-    AssertNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
-#endif
-
-     /* Test for min/max proto */
-     #ifndef WOLFSSL_NO_TLS12
-     AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
-                                           0, NULL), SSL_SUCCESS);
-     AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
-                                           TLS1_2_VERSION, NULL), SSL_SUCCESS);
-     AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
-
-     #endif
-     #ifdef WOLFSSL_TLS13
-     AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
-                                           0, NULL), SSL_SUCCESS);
-
-     AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
-                                           TLS1_3_VERSION, NULL), SSL_SUCCESS);
-     AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION);
-     #ifndef WOLFSSL_NO_TLS12
-     AssertIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
-                                           TLS1_2_VERSION, NULL), SSL_SUCCESS);
-     AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION);
-     #endif
-     #endif
+    ExpectNull(SSL_CTX_get_default_passwd_cb(ctx));
+    ExpectNull(SSL_CTX_get_default_passwd_cb_userdata(ctx));
+#endif
+
+    /* Test for min/max proto */
+#ifndef WOLFSSL_NO_TLS12
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
+        0, NULL), SSL_SUCCESS);
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION,
+        TLS1_2_VERSION, NULL), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
+#endif
+#ifdef WOLFSSL_TLS13
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+        0, NULL), SSL_SUCCESS);
+
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+        TLS1_3_VERSION, NULL), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_3_VERSION);
+#ifndef WOLFSSL_NO_TLS12
+    ExpectIntEQ((int)wolfSSL_CTX_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION,
+        TLS1_2_VERSION, NULL), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION);
+#endif
+#endif
     /* Cleanup and Pass */
 #if !defined(NO_DH) && !defined(NO_DSA)
 #ifndef NO_BIO
@@ -49548,154 +47866,193 @@ static int test_wolfSSL_CTX_ctrl(void)
     wolfSSL_EC_KEY_free(ecKey);
 #endif
     SSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif /* defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-          !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
-    return res;
+        * !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_assign(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
+#if !defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC)
     int type;
-    WOLFSSL_EVP_PKEY* pkey;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 #ifndef NO_RSA
-    WOLFSSL_RSA* rsa;
+    WOLFSSL_RSA* rsa = NULL;
 #endif
 #ifndef NO_DSA
-    WOLFSSL_DSA* dsa;
+    WOLFSSL_DSA* dsa = NULL;
 #endif
 #ifdef HAVE_ECC
-    WOLFSSL_EC_KEY* ecKey;
+    WOLFSSL_EC_KEY* ecKey = NULL;
 #endif
 
-    (void)pkey;
-
 #ifndef NO_RSA
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        type = EVP_PKEY_RSA;
-        AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-        AssertNotNull(rsa = wolfSSL_RSA_new());
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,rsa),  WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL), WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,rsa),    WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,rsa),  WOLFSSL_SUCCESS);
-        wolfSSL_EVP_PKEY_free(pkey);
-        res = TEST_RES_CHECK(1);
+    type = EVP_PKEY_RSA;
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(rsa = wolfSSL_RSA_new());
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa),  WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa),    WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa),  WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_RSA_free(rsa);
     }
+    wolfSSL_EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif /* NO_RSA */
 
 #ifndef NO_DSA
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        type = EVP_PKEY_DSA;
-        AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-        AssertNotNull(dsa = wolfSSL_DSA_new());
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,dsa),  WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL), WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,dsa),    WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,dsa),  WOLFSSL_SUCCESS);
-        wolfSSL_EVP_PKEY_free(pkey);
-        res = TEST_RES_CHECK(1);
+    type = EVP_PKEY_DSA;
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(dsa = wolfSSL_DSA_new());
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa),  WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa),    WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa),  WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_DSA_free(dsa);
     }
+    wolfSSL_EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif /* NO_DSA */
 
 #ifdef HAVE_ECC
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        type = EVP_PKEY_EC;
-        AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-        AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(NULL,type,ecKey), WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,NULL),  WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,-1,ecKey),   WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,ecKey),   WOLFSSL_FAILURE);
-        AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
-        AssertIntEQ(wolfSSL_EVP_PKEY_assign(pkey,type,ecKey), WOLFSSL_SUCCESS);
-        wolfSSL_EVP_PKEY_free(pkey);
-        res = TEST_RES_CHECK(1);
+    type = EVP_PKEY_EC;
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL),  WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey),   WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_EC_KEY_free(ecKey);
     }
+    wolfSSL_EVP_PKEY_free(pkey);
+    pkey = NULL;
 #endif /* HAVE_ECC */
+#endif /* !NO_RSA || !NO_DSA || HAVE_ECC */
+    return EXPECT_RESULT();
+}
 
-    (void)type;
+static int test_wolfSSL_EVP_PKEY_assign_DH(void)
+{
+    EXPECT_DECLS;
+#if !defined(NO_DH) && \
+ !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+    XFILE                   f = XBADFILE;
+    unsigned char           buf[4096];
+    const unsigned char*    pt = buf;
+    const char*             params1 = "./certs/dh2048.der";
+    long                    len = 0;
+    WOLFSSL_DH*             dh = NULL;
+    WOLFSSL_EVP_PKEY*       pkey = NULL;
+    XMEMSET(buf, 0, sizeof(buf));
 
-    return res;
+    /* Load DH parameters DER. */
+    ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
+
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+    ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
+
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+
+    /* Bad cases */
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE);
+
+    /* Good case */
+    ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_DH_free(dh);
+    }
+
+    EVP_PKEY_free(pkey);
+#endif
+    return EXPECT_RESULT();
 }
+
 static int test_wolfSSL_EVP_PKEY_base_id(void)
 {
-    WOLFSSL_EVP_PKEY* pkey;
+    EXPECT_DECLS;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
 
     EVP_PKEY_free(pkey);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_PKEY_id(void)
 {
-    WOLFSSL_EVP_PKEY* pkey;
+    EXPECT_DECLS;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
 
     EVP_PKEY_free(pkey);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_paramgen(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && \
-    !defined(NO_ECC_SECP) && \
-    /* This last bit is taken from ecc.c. It is the condition that
-     * defines ECC256 */ \
+    EXPECT_DECLS;
+    /* ECC check taken from ecc.c. It is the condition that defines ECC256 */
+#if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \
     ((!defined(NO_ECC256)  || defined(HAVE_ALL_CURVES)) && \
             ECC_MIN_KEY_SZ <= 256)
-    EVP_PKEY_CTX*   ctx;
-    EVP_PKEY*       pkey = NULL;
+    EVP_PKEY_CTX* ctx = NULL;
+    EVP_PKEY*     pkey = NULL;
 
     /* Test error conditions. */
-    AssertIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE);
-    AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
-    AssertIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WOLFSSL_FAILURE);
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
+    ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WOLFSSL_FAILURE);
 
 #ifndef NO_RSA
     EVP_PKEY_CTX_free(ctx);
     /* Parameter generation for RSA not supported yet. */
-    AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
-    AssertIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE);
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
+    ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_FAILURE);
 #endif
 
 #ifdef HAVE_ECC
     EVP_PKEY_CTX_free(ctx);
-    AssertNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
-    AssertIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
-                    NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
-                    WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
+    ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
+        NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
 #endif
 
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_keygen(void)
 {
+    EXPECT_DECLS;
     WOLFSSL_EVP_PKEY* pkey = NULL;
     EVP_PKEY_CTX*     ctx = NULL;
 #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
@@ -49708,42 +48065,44 @@ static int test_wolfSSL_EVP_PKEY_keygen(void)
     byte* derBuffer = NULL;
 #endif
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
 
     /* Bad cases */
-    AssertIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), BAD_FUNC_ARG);
 
     /* Good case */
-    AssertIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
 
     EVP_PKEY_CTX_free(ctx);
+    ctx = NULL;
     EVP_PKEY_free(pkey);
     pkey = NULL;
 
 #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
     /* Test DH keygen */
     {
-        AssertNotNull(params = wolfSSL_EVP_PKEY_new());
-        AssertNotNull(dh = DH_get_2048_256());
-        AssertIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
-        AssertNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
-        AssertIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
-        AssertIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
+        ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
+        ExpectNotNull(dh = DH_get_2048_256());
+        ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
+        ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
+        ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
 
         DH_free(dh);
+        dh = NULL;
         EVP_PKEY_CTX_free(ctx);
         EVP_PKEY_free(params);
 
         /* try exporting generated key to DER, to verify */
-        AssertNotNull(dh = EVP_PKEY_get1_DH(pkey));
+        ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey));
         DH_get0_key(dh, &pubkey, &privkey);
-        AssertNotNull(pubkey);
-        AssertNotNull(privkey);
-        AssertNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
-        AssertIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
+        ExpectNotNull(pubkey);
+        ExpectNotNull(privkey);
+        ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
+        ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
 
         ASN1_INTEGER_free(asn1int);
         DH_free(dh);
@@ -49753,48 +48112,47 @@ static int test_wolfSSL_EVP_PKEY_keygen(void)
     }
 #endif
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_PKEY_keygen_init(void)
 {
-    WOLFSSL_EVP_PKEY*   pkey;
-    EVP_PKEY_CTX        *ctx;
-
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    EXPECT_DECLS;
+    WOLFSSL_EVP_PKEY*   pkey = NULL;
+    EVP_PKEY_CTX        *ctx = NULL;
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
 
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS);
 
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_PKEY_missing_parameters(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
-    WOLFSSL_EVP_PKEY* pkey;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
 
-    AssertIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
+    ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0);
 
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_PKEY_copy_parameters(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_SELFTEST) && (defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || \
     defined(WOLFSSL_OPENSSH)) && defined(WOLFSSL_DH_EXTRA) && \
     !defined(NO_FILESYSTEM)
-
     WOLFSSL_EVP_PKEY* params = NULL;
     WOLFSSL_EVP_PKEY* copy = NULL;
     DH* dh = NULL;
@@ -49806,73 +48164,69 @@ static int test_wolfSSL_EVP_PKEY_copy_parameters(void)
     BIGNUM* q2;
 
     /* create DH with DH_get_2048_256 params */
-    AssertNotNull(params = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(dh = DH_get_2048_256());
-    AssertIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
+    ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(dh = DH_get_2048_256());
+    ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
     DH_get0_pqg(dh, (const BIGNUM**)&p1,
                     (const BIGNUM**)&q1,
                     (const BIGNUM**)&g1);
     DH_free(dh);
+    dh = NULL;
 
     /* create DH with random generated DH params */
-    AssertNotNull(copy = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
-    AssertIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
+    ExpectNotNull(copy = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
+    ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
     DH_free(dh);
+    dh = NULL;
 
-    AssertIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
-    AssertNotNull(dh = EVP_PKEY_get1_DH(copy));
-    AssertNotNull(dh->p);
-    AssertNotNull(dh->g);
-    AssertNotNull(dh->q);
+    ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
+    ExpectNotNull(dh = EVP_PKEY_get1_DH(copy));
+    ExpectNotNull(dh->p);
+    ExpectNotNull(dh->g);
+    ExpectNotNull(dh->q);
     DH_get0_pqg(dh, (const BIGNUM**)&p2,
                     (const BIGNUM**)&q2,
                     (const BIGNUM**)&g2);
 
-    AssertIntEQ(BN_cmp(p1, p2), 0);
-    AssertIntEQ(BN_cmp(q1, q2), 0);
-    AssertIntEQ(BN_cmp(g1, g2), 0);
+    ExpectIntEQ(BN_cmp(p1, p2), 0);
+    ExpectIntEQ(BN_cmp(q1, q2), 0);
+    ExpectIntEQ(BN_cmp(g1, g2), 0);
 
     DH_free(dh);
     EVP_PKEY_free(copy);
     EVP_PKEY_free(params);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void)
 {
-    WOLFSSL_EVP_PKEY*   pkey;
-    EVP_PKEY_CTX        *ctx;
+    EXPECT_DECLS;
+    WOLFSSL_EVP_PKEY*   pkey = NULL;
+    EVP_PKEY_CTX*       ctx = NULL;
     int                 bits = 2048;
 
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-
-    AssertIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
-                WOLFSSL_SUCCESS);
-
+    ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
+        WOLFSSL_SUCCESS);
 
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
 {
+    EXPECT_DECLS;
     /* This is large enough to be used for all key sizes */
     byte key[AES_256_KEY_SIZE] = {0};
     byte iv[AES_BLOCK_SIZE] = {0};
-    int i, enumlen;
-    EVP_CIPHER_CTX *ctx;
-    const EVP_CIPHER *init;
-
-    int enumArray[] = {
-
+    int i;
+    int nids[] = {
     #ifdef HAVE_AES_CBC
          NID_aes_128_cbc,
     #endif
@@ -49891,7 +48245,6 @@ static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
     #endif
     };
     int iv_lengths[] = {
-
     #ifdef HAVE_AES_CBC
          AES_BLOCK_SIZE,
     #endif
@@ -49909,444 +48262,470 @@ static int test_wolfSSL_EVP_CIPHER_CTX_iv_length(void)
          DES_BLOCK_SIZE,
     #endif
     };
+    int nidsLen = (sizeof(nids)/sizeof(int));
 
-
-    enumlen = (sizeof(enumArray)/sizeof(int));
-    for (i = 0; i < enumlen; i++) {
-        ctx = EVP_CIPHER_CTX_new();
-        init = wolfSSL_EVP_get_cipherbynid(enumArray[i]);
-
+    for (i = 0; i < nidsLen; i++) {
+        const EVP_CIPHER* init = wolfSSL_EVP_get_cipherbynid(nids[i]);
+        EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
         wolfSSL_EVP_CIPHER_CTX_init(ctx);
-        AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
-        AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]);
+        ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_iv_length(ctx), iv_lengths[i]);
 
         EVP_CIPHER_CTX_free(ctx);
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_CTX_key_length(void)
 {
-    int res = TEST_SKIPPED;
-#if !defined(NO_DES3)
-    byte key[AES_256_KEY_SIZE] = {0};
-    byte iv[AES_BLOCK_SIZE] = {0};
-    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
-    const EVP_CIPHER *init = EVP_des_ede3_cbc();
-
-    wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
-
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), 24);
-
-    EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
-}
-
-static int test_wolfSSL_EVP_CIPHER_CTX_set_key_length(void)
-{
-    int res = TEST_SKIPPED;
-#if !defined(NO_DES3)
+    EXPECT_DECLS;
     byte key[AES_256_KEY_SIZE] = {0};
     byte iv[AES_BLOCK_SIZE] = {0};
-    int keylen;
-    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
-    const EVP_CIPHER *init = EVP_des_ede3_cbc();
+    int i;
+    int nids[] = {
+    #ifdef HAVE_AES_CBC
+         NID_aes_128_cbc,
+         NID_aes_256_cbc,
+    #endif
+    #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+    #ifdef HAVE_AESGCM
+         NID_aes_128_gcm,
+         NID_aes_256_gcm,
+    #endif
+    #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
+    #ifdef WOLFSSL_AES_COUNTER
+         NID_aes_128_ctr,
+         NID_aes_256_ctr,
+    #endif
+    #ifndef NO_DES3
+         NID_des_cbc,
+         NID_des_ede3_cbc,
+    #endif
+    };
+    int key_lengths[] = {
+    #ifdef HAVE_AES_CBC
+        AES_128_KEY_SIZE,
+        AES_256_KEY_SIZE,
+    #endif
+    #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
+        (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
+    #ifdef HAVE_AESGCM
+        AES_128_KEY_SIZE,
+        AES_256_KEY_SIZE,
+    #endif
+    #endif /* (HAVE_FIPS && !HAVE_SELFTEST) || HAVE_FIPS_VERSION > 2 */
+    #ifdef WOLFSSL_AES_COUNTER
+        AES_128_KEY_SIZE,
+        AES_256_KEY_SIZE,
+    #endif
+    #ifndef NO_DES3
+         DES_KEY_SIZE,
+         DES3_KEY_SIZE,
+    #endif
+    };
+    int nidsLen = (sizeof(nids)/sizeof(int));
 
-    wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    for (i = 0; i < nidsLen; i++) {
+        const EVP_CIPHER *init = wolfSSL_EVP_get_cipherbynid(nids[i]);
+        EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
+        wolfSSL_EVP_CIPHER_CTX_init(ctx);
 
-    keylen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx);
+        ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_key_length(ctx), key_lengths[i]);
 
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, keylen),
-                 WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, key_lengths[i]),
+            WOLFSSL_SUCCESS);
 
-    EVP_CIPHER_CTX_free(ctx);
+        EVP_CIPHER_CTX_free(ctx);
+    }
 
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_CTX_set_iv(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_AESGCM) && !defined(NO_DES3)
-    byte key[DES3_KEY_SIZE] = {0};
-    byte iv[DES_BLOCK_SIZE] = {0};
     int ivLen, keyLen;
     EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
+#ifdef HAVE_AESGCM
+    byte key[AES_128_KEY_SIZE] = {0};
+    byte iv[AES_BLOCK_SIZE] = {0};
+    const EVP_CIPHER *init = EVP_aes_128_gcm();
+#else
+    byte key[DES3_KEY_SIZE] = {0};
+    byte iv[DES_BLOCK_SIZE] = {0};
     const EVP_CIPHER *init = EVP_des_ede3_cbc();
+#endif
 
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
     ivLen = wolfSSL_EVP_CIPHER_CTX_iv_length(ctx);
     keyLen = wolfSSL_EVP_CIPHER_CTX_key_length(ctx);
 
     /* Bad cases */
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, iv, ivLen),
+        WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, NULL, ivLen),
+        WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, 0), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(NULL, NULL, 0), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, keyLen),
+        WOLFSSL_FAILURE);
 
     /* Good case */
-    AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1);
+    ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_set_iv(ctx, iv, ivLen), 1);
 
     EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_CTX_new_id(void)
 {
+    EXPECT_DECLS;
     WOLFSSL_ENGINE* e = NULL;
     int id = 0;
-    EVP_PKEY_CTX *ctx;
+    EVP_PKEY_CTX *ctx = NULL;
 
-    AssertNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
+    ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
 
     EVP_PKEY_CTX_free(ctx);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_rc4(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RC4)
-    res = TEST_RES_CHECK(wolfSSL_EVP_rc4() != NULL);
+    ExpectNotNull(wolfSSL_EVP_rc4());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_enc_null(void)
 {
-    return TEST_RES_CHECK(wolfSSL_EVP_enc_null() != NULL);
+    EXPECT_DECLS;
+    ExpectNotNull(wolfSSL_EVP_enc_null());
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_rc2_cbc(void)
 
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_QT) && !defined(NO_WOLFSSL_STUB)
-    res = TEST_RES_CHECK(wolfSSL_EVP_rc2_cbc() == NULL);
+    ExpectNull(wolfSSL_EVP_rc2_cbc());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_mdc2(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_WOLFSSL_STUB)
-    res = TEST_RES_CHECK(wolfSSL_EVP_mdc2() == NULL);
+    ExpectNull(wolfSSL_EVP_mdc2());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_md4(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_MD4)
-    res = TEST_RES_CHECK(wolfSSL_EVP_md4() != NULL);
+    ExpectNotNull(wolfSSL_EVP_md4());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_aes_256_gcm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESGCM
-    res = TEST_RES_CHECK(wolfSSL_EVP_aes_256_gcm() != NULL);
+    ExpectNotNull(wolfSSL_EVP_aes_256_gcm());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_aes_192_gcm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESGCM
-    res = TEST_RES_CHECK(wolfSSL_EVP_aes_192_gcm() != NULL);
+    ExpectNotNull(wolfSSL_EVP_aes_192_gcm());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_aes_256_ccm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESCCM
-    res = TEST_RES_CHECK(wolfSSL_EVP_aes_256_ccm() != NULL);
+    ExpectNotNull(wolfSSL_EVP_aes_256_ccm());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_aes_192_ccm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESCCM
-    res = TEST_RES_CHECK(wolfSSL_EVP_aes_192_ccm() != NULL);
+    ExpectNotNull(wolfSSL_EVP_aes_192_ccm());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_aes_128_ccm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_AESCCM
-    res = TEST_RES_CHECK(wolfSSL_EVP_aes_128_ccm() != NULL);
+    ExpectNotNull(wolfSSL_EVP_aes_128_ccm());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_ripemd160(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_WOLFSSL_STUB)
-    res = TEST_RES_CHECK(wolfSSL_EVP_ripemd160() == NULL);
+    ExpectNull(wolfSSL_EVP_ripemd160());
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_get_digestbynid(void)
 {
+    EXPECT_DECLS;
+
 #ifndef NO_MD5
-    AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
+    ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_md5));
 #endif
 #ifndef NO_SHA
-    AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
+    ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha1));
 #endif
 #ifndef NO_SHA256
-    AssertNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256));
+    ExpectNotNull(wolfSSL_EVP_get_digestbynid(NID_sha256));
 #endif
-    AssertNull(wolfSSL_EVP_get_digestbynid(0));
+    ExpectNull(wolfSSL_EVP_get_digestbynid(0));
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_MD_nid(void)
 {
+    EXPECT_DECLS;
+
 #ifndef NO_MD5
-    AssertIntEQ(EVP_MD_nid(EVP_md5()), NID_md5);
+    ExpectIntEQ(EVP_MD_nid(EVP_md5()), NID_md5);
 #endif
 #ifndef NO_SHA
-    AssertIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1);
+    ExpectIntEQ(EVP_MD_nid(EVP_sha1()), NID_sha1);
 #endif
 #ifndef NO_SHA256
-    AssertIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256);
+    ExpectIntEQ(EVP_MD_nid(EVP_sha256()), NID_sha256);
 #endif
-    AssertIntEQ(EVP_MD_nid(NULL), NID_undef);
+    ExpectIntEQ(EVP_MD_nid(NULL), NID_undef);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC)
-    WOLFSSL_EVP_PKEY*   pkey;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(pkey = EVP_PKEY_new());
-    AssertNull(EVP_PKEY_get0_EC_KEY(pkey));
-    EVP_PKEY_free(pkey);
+    ExpectNull(EVP_PKEY_get0_EC_KEY(NULL));
 
-    res = TEST_RES_CHECK(1);
+    ExpectNotNull(pkey = EVP_PKEY_new());
+    ExpectNull(EVP_PKEY_get0_EC_KEY(pkey));
+    EVP_PKEY_free(pkey);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_X_STATE(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DES3) && !defined(NO_RC4)
     byte key[DES3_KEY_SIZE] = {0};
     byte iv[DES_IV_SIZE] = {0};
-    EVP_CIPHER_CTX *ctx;
-    const EVP_CIPHER *init;
+    EVP_CIPHER_CTX *ctx = NULL;
+    const EVP_CIPHER *init = NULL;
 
     /* Bad test cases */
-    ctx = EVP_CIPHER_CTX_new();
-    init = EVP_des_ede3_cbc();
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(init = EVP_des_ede3_cbc());
 
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
-    AssertNull(wolfSSL_EVP_X_STATE(NULL));
-    AssertNull(wolfSSL_EVP_X_STATE(ctx));
+    ExpectNull(wolfSSL_EVP_X_STATE(NULL));
+    ExpectNull(wolfSSL_EVP_X_STATE(ctx));
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Good test case */
-    ctx = EVP_CIPHER_CTX_new();
-    init = wolfSSL_EVP_rc4();
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(init = wolfSSL_EVP_rc4());
 
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
-    AssertNotNull(wolfSSL_EVP_X_STATE(ctx));
+    ExpectNotNull(wolfSSL_EVP_X_STATE(ctx));
     EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_X_STATE_LEN(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DES3) && !defined(NO_RC4)
     byte key[DES3_KEY_SIZE] = {0};
     byte iv[DES_IV_SIZE] = {0};
-    EVP_CIPHER_CTX *ctx;
-    const EVP_CIPHER *init;
+    EVP_CIPHER_CTX *ctx = NULL;
+    const EVP_CIPHER *init = NULL;
 
     /* Bad test cases */
-    ctx = EVP_CIPHER_CTX_new();
-    init = EVP_des_ede3_cbc();
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(init = EVP_des_ede3_cbc());
 
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
-    AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0);
-    AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0);
+    ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(NULL), 0);
+    ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), 0);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Good test case */
-    ctx = EVP_CIPHER_CTX_new();
-    init = wolfSSL_EVP_rc4();
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(init = wolfSSL_EVP_rc4());
 
     wolfSSL_EVP_CIPHER_CTX_init(ctx);
-    AssertIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_CipherInit(ctx, init, key, iv, 1), WOLFSSL_SUCCESS);
 
-    AssertIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4));
+    ExpectIntEQ(wolfSSL_EVP_X_STATE_LEN(ctx), sizeof(Arc4));
     EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_block_size(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESGCM) || \
+    defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_ECB) || \
+    defined(WOLFSSL_AES_OFB) || !defined(NO_RC4) || \
+    (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
 
 #ifdef HAVE_AES_CBC
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_cbc()), AES_BLOCK_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_cbc()), AES_BLOCK_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_cbc()), AES_BLOCK_SIZE);
+    #endif
 #endif
 
 #ifdef HAVE_AESGCM
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_gcm()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_gcm()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_gcm()), 1);
+    #endif
 #endif
 
 #ifdef HAVE_AESCCM
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ccm()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ccm()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ccm()), 1);
+    #endif
 #endif
 
 #ifdef WOLFSSL_AES_COUNTER
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ctr()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ctr()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ctr()), 1);
+    #endif
 #endif
 
 #ifdef HAVE_AES_ECB
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ecb()), AES_BLOCK_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ecb()), AES_BLOCK_SIZE);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ecb()), AES_BLOCK_SIZE);
+    #endif
 #endif
 
 #ifdef WOLFSSL_AES_OFB
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        #ifdef WOLFSSL_AES_128
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_192
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1);
-        #endif
-        #ifdef WOLFSSL_AES_256
-        AssertIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1);
-        #endif
-        res = TEST_RES_CHECK(1);
-    }
+    #ifdef WOLFSSL_AES_128
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_128_ofb()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_192
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_192_ofb()), 1);
+    #endif
+    #ifdef WOLFSSL_AES_256
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_aes_256_ofb()), 1);
+    #endif
 #endif
 
 #ifndef NO_RC4
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1);
-        res = TEST_RES_CHECK(1);
-    }
+    ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_rc4()), 1);
 #endif
 
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        AssertIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1);
-        res = TEST_RES_CHECK(1);
-    }
+    ExpectIntEQ(EVP_CIPHER_block_size(wolfSSL_EVP_chacha20_poly1305()), 1);
+#endif
 #endif
 
-    return res;
+#ifdef WOLFSSL_SM4_ECB
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ecb()), SM4_BLOCK_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_cbc()), SM4_BLOCK_SIZE);
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ctr()), 1);
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_gcm()), 1);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    ExpectIntEQ(EVP_CIPHER_block_size(EVP_sm4_ccm()), 1);
+#endif
+
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_CIPHER_iv_length(void)
 {
-    int i, enumlen;
-
-
-    int enumArray[] = {
+    EXPECT_DECLS;
+    int nids[] = {
     #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
     #ifdef WOLFSSL_AES_128
         NID_aes_128_cbc,
@@ -50391,7 +48770,6 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void)
          NID_chacha20_poly1305,
     #endif
     };
-
     int iv_lengths[] = {
     #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
     #ifdef WOLFSSL_AES_128
@@ -50437,134 +48815,89 @@ static int test_wolfSSL_EVP_CIPHER_iv_length(void)
             CHACHA20_POLY1305_AEAD_IV_SIZE,
     #endif
     };
+    int i;
+    int nidsLen = (sizeof(nids)/sizeof(int));
 
-    enumlen = (sizeof(enumArray)/sizeof(int));
-    for (i = 0; i < enumlen; i++) {
-        const EVP_CIPHER *c = EVP_get_cipherbynid(enumArray[i]);
-        AssertIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]);
+    for (i = 0; i < nidsLen; i++) {
+        const EVP_CIPHER *c = EVP_get_cipherbynid(nids[i]);
+        ExpectIntEQ(EVP_CIPHER_iv_length(c), iv_lengths[i]);
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_SignInit_ex(void)
 {
-    WOLFSSL_EVP_MD_CTX  mdCtx;
-    WOLFSSL_ENGINE*     e = 0;
-    const               EVP_MD* md;
-                        md = "SHA256";
+    EXPECT_DECLS;
+    WOLFSSL_EVP_MD_CTX mdCtx;
+    WOLFSSL_ENGINE*    e = 0;
+    const EVP_MD*      md = EVP_sha256();
 
     wolfSSL_EVP_MD_CTX_init(&mdCtx);
-    AssertIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
 
-    AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
+    ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_DigestFinal_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_SHA256)
-    WOLFSSL_EVP_MD_CTX  mdCtx;
-    unsigned int        s = 0;
-    unsigned char       md[WC_SHA256_DIGEST_SIZE];
-    unsigned char       md2[WC_SHA256_DIGEST_SIZE];
+    WOLFSSL_EVP_MD_CTX mdCtx;
+    unsigned int       s = 0;
+    unsigned char      md[WC_SHA256_DIGEST_SIZE];
+    unsigned char      md2[WC_SHA256_DIGEST_SIZE];
 
     /* Bad Case */
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
-
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+    (HAVE_FIPS_VERSION > 2))
     wolfSSL_EVP_MD_CTX_init(&mdCtx);
-    AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0);
-    AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
+    ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), 0);
+    ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
 
 #else
-
     wolfSSL_EVP_MD_CTX_init(&mdCtx);
-    AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md, &s), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
 
 #endif
 
     /* Good Case */
     wolfSSL_EVP_MD_CTX_init(&mdCtx);
-    AssertIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, "SHA256"), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_EVP_DigestInit(&mdCtx, EVP_sha256()), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_DigestFinal_ex(&mdCtx, md2, &s), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), WOLFSSL_SUCCESS);
 #endif
-    return res;
-}
-static int test_wolfSSL_EVP_PKEY_assign_DH(void)
-{
-    int res = TEST_SKIPPED;
-#if !defined(NO_DH) && \
- !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
-    FILE*                   f = NULL;
-    unsigned char           buf[4096];
-    const unsigned char*    pt = buf;
-    const char*             params1 = "./certs/dh2048.der";
-    long                    len = 0;
-    WOLFSSL_DH*             dh = NULL;
-    WOLFSSL_EVP_PKEY*       pkey;
-    XMEMSET(buf, 0, sizeof(buf));
-
-
-    f = XFOPEN(params1, "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
-
-
-    AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
-    AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
-
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-
-    /* Bad cases */
-    AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WOLFSSL_FAILURE);
-
-    /* Good case */
-    AssertIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
-
-    EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
-#endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_QT_EVP_PKEY_CTX_free(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
-    EVP_PKEY*       pkey;
-    EVP_PKEY_CTX*   ctx;
+    EVP_PKEY*     pkey = NULL;
+    EVP_PKEY_CTX* ctx = NULL;
 
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
 
-    #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-        /* void */
-        EVP_PKEY_CTX_free(ctx);
-        AssertTrue(1);
-    #else
-        /* int */
-        AssertIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
-    #endif
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+    /* void */
+    EVP_PKEY_CTX_free(ctx);
+#else
+    /* int */
+    ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
+#endif
 
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_param_check(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
 #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
 
@@ -50582,50 +48915,47 @@ static int test_wolfSSL_EVP_PKEY_param_check(void)
 
     XMEMSET(buf, 0, sizeof(buf));
 
-    f = XFOPEN(dh2048, "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* Load dh2048.der into DH with internal format */
-    AssertNotNull(setDh = d2i_DHparams(NULL, &pt, len));
-    AssertIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
-    AssertIntEQ(code, 0);
+    ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len));
+    ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
+    ExpectIntEQ(code, 0);
     code = -1;
 
     pkey = wolfSSL_EVP_PKEY_new();
     /* Set DH into PKEY */
-    AssertIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
     /* create ctx from pkey */
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-    AssertIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */);
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */);
 
-    /*                    */
-    /* TO DO invlaid case */
-    /*                    */
+    /* TODO: more invalid cases */
+    ExpectIntEQ(EVP_PKEY_param_check(NULL), 0);
 
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(pkey);
     DH_free(setDh);
     DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_BytesToKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_AES) && defined(HAVE_AES_CBC)
     byte                key[AES_BLOCK_SIZE] = {0};
     byte                iv[AES_BLOCK_SIZE] = {0};
-    int                 sz = 5;
     int                 count = 0;
-    const               EVP_MD* md = "SHA256";
+    const               EVP_MD* md = EVP_sha256();
     const EVP_CIPHER    *type;
     const unsigned char *salt = (unsigned char *)"salt1234";
+    int                 sz = 5;
     const byte data[] = {
         0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
         0x72,0x6c,0x64
@@ -50634,27 +48964,25 @@ static int test_wolfSSL_EVP_BytesToKey(void)
     type = wolfSSL_EVP_get_cipherbynid(NID_aes_128_cbc);
 
     /* Bad cases */
-    AssertIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv),
+    ExpectIntEQ(EVP_BytesToKey(NULL, md, salt, data, sz, count, key, iv),
                  0);
-    AssertIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv),
+    ExpectIntEQ(EVP_BytesToKey(type, md, salt, NULL, sz, count, key, iv),
                 16);
     md = "2";
-    AssertIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
+    ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
                  WOLFSSL_FAILURE);
 
     /* Good case */
-    md = "SHA256";
-    AssertIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
+    md = EVP_sha256();
+    ExpectIntEQ(EVP_BytesToKey(type, md, salt, data, sz, count, key, iv),
                  16);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_evp_cipher_aes_gcm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && \
     !defined(HAVE_SELFTEST)) || (defined(HAVE_FIPS_VERSION) && \
     (HAVE_FIPS_VERSION >= 2)))
@@ -50769,8 +49097,8 @@ static int test_evp_cipher_aes_gcm(void)
         expCipherText2,
         expCipherText3
     };
-    byte* cipherText;
-    byte* calcPlainText;
+    byte* cipherText = NULL;
+    byte* calcPlainText = NULL;
     byte tag[AES_BLOCK_SIZE];
     EVP_CIPHER_CTX* encCtx = NULL;
     EVP_CIPHER_CTX* decCtx = NULL;
@@ -50778,12 +49106,12 @@ static int test_evp_cipher_aes_gcm(void)
 
     /****************************************************/
     for (i = 0; i < 3; ++i) {
-        AssertNotNull(encCtx = EVP_CIPHER_CTX_new());
-        AssertNotNull(decCtx = EVP_CIPHER_CTX_new());
+        ExpectNotNull(encCtx = EVP_CIPHER_CTX_new());
+        ExpectNotNull(decCtx = EVP_CIPHER_CTX_new());
 
         /* First iteration, set key before IV. */
         if (i == 0) {
-            AssertIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1),
+            ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), key, NULL, 1),
                         SSL_SUCCESS);
 
             /*
@@ -50792,27 +49120,27 @@ static int test_evp_cipher_aes_gcm(void)
              * subsequent EVP_CTRL_GCM_IV_GEN should fail. This matches OpenSSL
              * behavior.
              */
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
                     (void*)iv), SSL_SUCCESS);
-            AssertIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1),
+            ExpectIntEQ(EVP_CipherInit(encCtx, NULL, NULL, iv, 1),
                         SSL_SUCCESS);
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
                         currentIv), SSL_FAILURE);
 
-            AssertIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0),
+            ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), key, NULL, 0),
                         SSL_SUCCESS);
-            AssertIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0),
+            ExpectIntEQ(EVP_CipherInit(decCtx, NULL, NULL, iv, 0),
                         SSL_SUCCESS);
         }
         /* Second iteration, IV before key. */
         else {
-            AssertIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1),
+            ExpectIntEQ(EVP_CipherInit(encCtx, EVP_aes_256_gcm(), NULL, iv, 1),
                         SSL_SUCCESS);
-            AssertIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1),
+            ExpectIntEQ(EVP_CipherInit(encCtx, NULL, key, NULL, 1),
                         SSL_SUCCESS);
-            AssertIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0),
+            ExpectIntEQ(EVP_CipherInit(decCtx, EVP_aes_256_gcm(), NULL, iv, 0),
                         SSL_SUCCESS);
-            AssertIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0),
+            ExpectIntEQ(EVP_CipherInit(decCtx, NULL, key, NULL, 0),
                         SSL_SUCCESS);
         }
 
@@ -50820,48 +49148,48 @@ static int test_evp_cipher_aes_gcm(void)
          * EVP_CTRL_GCM_IV_GEN should fail if EVP_CTRL_GCM_SET_IV_FIXED hasn't
          * been issued first.
          */
-        AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+        ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
                         currentIv), SSL_FAILURE);
 
-        AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+        ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
                     (void*)iv), SSL_SUCCESS);
-        AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
+        ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_IV_FIXED, -1,
                     (void*)iv), SSL_SUCCESS);
 
         for (j = 0; j < NUM_ENCRYPTIONS; ++j) {
             /*************** Encrypt ***************/
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_IV_GEN, -1,
                         currentIv), SSL_SUCCESS);
             /* Check current IV against expected. */
-            AssertIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
+            ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
 
             /* Add AAD. */
             if (i == 2) {
                 /* Test streaming API. */
-                AssertIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j],
+                ExpectIntEQ(EVP_CipherUpdate(encCtx, NULL, &outl, aads[j],
                                              AAD_SIZE), SSL_SUCCESS);
             }
             else {
-                AssertIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE),
+                ExpectIntEQ(EVP_Cipher(encCtx, NULL, aads[j], AAD_SIZE),
                                        AAD_SIZE);
             }
 
-            AssertNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL,
+            ExpectNotNull(cipherText = (byte*)XMALLOC(plainTextSzs[j], NULL,
                           DYNAMIC_TYPE_TMP_BUFFER));
 
             /* Encrypt plaintext. */
             if (i == 2) {
-                AssertIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl,
+                ExpectIntEQ(EVP_CipherUpdate(encCtx, cipherText, &outl,
                                              plainTexts[j], plainTextSzs[j]),
                             SSL_SUCCESS);
             }
             else {
-                AssertIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j],
+                ExpectIntEQ(EVP_Cipher(encCtx, cipherText, plainTexts[j],
                             plainTextSzs[j]), plainTextSzs[j]);
             }
 
             if (i == 2) {
-                AssertIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl),
+                ExpectIntEQ(EVP_CipherFinal(encCtx, cipherText, &outl),
                             SSL_SUCCESS);
             }
             else {
@@ -50869,79 +49197,82 @@ static int test_evp_cipher_aes_gcm(void)
                  * Calling EVP_Cipher with NULL input and output for AES-GCM is
                  * akin to calling EVP_CipherFinal.
                  */
-                AssertIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0);
+                ExpectIntGE(EVP_Cipher(encCtx, NULL, NULL, 0), 0);
             }
 
             /* Check ciphertext against expected. */
-            AssertIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]),
+            ExpectIntEQ(XMEMCMP(cipherText, expCipherTexts[j], plainTextSzs[j]),
                         0);
 
             /* Get and check tag against expected. */
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(encCtx, EVP_CTRL_GCM_GET_TAG,
                         sizeof(tag), tag), SSL_SUCCESS);
-            AssertIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0);
+            ExpectIntEQ(XMEMCMP(tag, expTags[j], sizeof(tag)), 0);
 
             /*************** Decrypt ***************/
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_IV_GEN, -1,
                         currentIv), SSL_SUCCESS);
             /* Check current IV against expected. */
-            AssertIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
+            ExpectIntEQ(XMEMCMP(currentIv, expIvs[j], GCM_NONCE_MID_SZ), 0);
 
             /* Add AAD. */
             if (i == 2) {
                 /* Test streaming API. */
-                AssertIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j],
+                ExpectIntEQ(EVP_CipherUpdate(decCtx, NULL, &outl, aads[j],
                                              AAD_SIZE), SSL_SUCCESS);
             }
             else {
-                AssertIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE),
+                ExpectIntEQ(EVP_Cipher(decCtx, NULL, aads[j], AAD_SIZE),
                             AAD_SIZE);
             }
 
             /* Set expected tag. */
-            AssertIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG,
+            ExpectIntEQ(EVP_CIPHER_CTX_ctrl(decCtx, EVP_CTRL_GCM_SET_TAG,
                         sizeof(tag), tag), SSL_SUCCESS);
 
             /* Decrypt ciphertext. */
-            AssertNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL,
+            ExpectNotNull(calcPlainText = (byte*)XMALLOC(plainTextSzs[j], NULL,
                           DYNAMIC_TYPE_TMP_BUFFER));
             if (i == 2) {
-                AssertIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl,
+                ExpectIntEQ(EVP_CipherUpdate(decCtx, calcPlainText, &outl,
                                              cipherText, plainTextSzs[j]),
                             SSL_SUCCESS);
             }
             else {
                 /* This first EVP_Cipher call will check the tag, too. */
-                AssertIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText,
+                ExpectIntEQ(EVP_Cipher(decCtx, calcPlainText, cipherText,
                         plainTextSzs[j]), plainTextSzs[j]);
             }
 
             if (i == 2) {
-                AssertIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl),
+                ExpectIntEQ(EVP_CipherFinal(decCtx, calcPlainText, &outl),
                             SSL_SUCCESS);
             }
             else {
-                AssertIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0);
+                ExpectIntGE(EVP_Cipher(decCtx, NULL, NULL, 0), 0);
             }
 
             /* Check plaintext against expected. */
-            AssertIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]),
+            ExpectIntEQ(XMEMCMP(calcPlainText, plainTexts[j], plainTextSzs[j]),
                         0);
 
             XFREE(cipherText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            cipherText = NULL;
             XFREE(calcPlainText, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+            calcPlainText = NULL;
         }
 
         EVP_CIPHER_CTX_free(encCtx);
+        encCtx = NULL;
         EVP_CIPHER_CTX_free(decCtx);
+        decCtx = NULL;
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_OBJ_ln(void)
 {
+    EXPECT_DECLS;
     const int nid_set[] = {
             NID_commonName,
             NID_serialNumber,
@@ -50972,20 +49303,20 @@ static int test_wolfSSL_OBJ_ln(void)
     };
     size_t i = 0, maxIdx = sizeof(ln_set)/sizeof(char*);
 
-    AssertIntEQ(OBJ_ln2nid(NULL), NID_undef);
+    ExpectIntEQ(OBJ_ln2nid(NULL), NID_undef);
 
 #ifdef HAVE_ECC
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
     {
         EC_builtin_curve r[27];
         size_t nCurves = sizeof(r) / sizeof(r[0]);
-        nCurves = EC_get_builtin_curves(r,nCurves);
+        nCurves = EC_get_builtin_curves(r, nCurves);
 
         for (i = 0; i < nCurves; i++) {
             /* skip ECC_CURVE_INVALID */
             if (r[i].nid != ECC_CURVE_INVALID) {
-                AssertIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid);
-                AssertStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment);
+                ExpectIntEQ(OBJ_ln2nid(r[i].comment), r[i].nid);
+                ExpectStrEQ(OBJ_nid2ln(r[i].nid), r[i].comment);
             }
         }
     }
@@ -50993,15 +49324,16 @@ static int test_wolfSSL_OBJ_ln(void)
 #endif
 
     for (i = 0; i < maxIdx; i++) {
-        AssertIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]);
-        AssertStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]);
+        ExpectIntEQ(OBJ_ln2nid(ln_set[i]), nid_set[i]);
+        ExpectStrEQ(OBJ_nid2ln(nid_set[i]), ln_set[i]);
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OBJ_sn(void)
 {
+    EXPECT_DECLS;
     int i = 0, maxIdx = 7;
     const int nid_set[] = {NID_commonName,NID_countryName,NID_localityName,
                            NID_stateOrProvinceName,NID_organizationName,
@@ -51012,13 +49344,13 @@ static int test_wolfSSL_OBJ_sn(void)
                                 WOLFSSL_ORG_NAME, WOLFSSL_ORGUNIT_NAME,
                                 WOLFSSL_EMAIL_ADDR};
 
-    AssertIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
+    ExpectIntEQ(wolfSSL_OBJ_sn2nid(NULL), NID_undef);
     for (i = 0; i < maxIdx; i++) {
-        AssertIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
-        AssertStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
+        ExpectIntEQ(wolfSSL_OBJ_sn2nid(sn_wolf_set[i]), nid_set[i]);
+        ExpectStrEQ(wolfSSL_OBJ_nid2sn(nid_set[i]), sn_open_set[i]);
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 #if !defined(NO_BIO)
@@ -51035,9 +49367,9 @@ static int TXT_DB_cmp(const WOLFSSL_STRING *a, const WOLFSSL_STRING *b)
 
 static int test_wolfSSL_TXT_DB(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
-    BIO *bio;
+    BIO *bio = NULL;
     TXT_DB *db = NULL;
     const int columns = 6;
     const char *fields[6] = {
@@ -51048,114 +49380,116 @@ static int test_wolfSSL_TXT_DB(void)
         "unknown",
         "/CN=rsa doe",
     };
-    char** fields_copy;
+    char** fields_copy = NULL;
 
     /* Test read */
-    AssertNotNull(bio = BIO_new(BIO_s_file()));
-    AssertIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
-    AssertNotNull(db = TXT_DB_read(bio, columns));
-    AssertNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL,
-            DYNAMIC_TYPE_OPENSSL));
-    XMEMCPY(fields_copy, fields, sizeof(fields));
-    AssertIntEQ(TXT_DB_insert(db, fields_copy), 1);
+    ExpectNotNull(bio = BIO_new(BIO_s_file()));
+    ExpectIntGT(BIO_read_filename(bio, "./tests/TXT_DB.txt"), 0);
+    ExpectNotNull(db = TXT_DB_read(bio, columns));
+    ExpectNotNull(fields_copy = (char**)XMALLOC(sizeof(fields), NULL,
+        DYNAMIC_TYPE_OPENSSL));
+    if (fields_copy != NULL) {
+        XMEMCPY(fields_copy, fields, sizeof(fields));
+    }
+    ExpectIntEQ(TXT_DB_insert(db, fields_copy), 1);
+    if (EXPECT_FAIL()) {
+        XFREE(fields_copy, NULL, DYNAMIC_TYPE_OPENSSL);
+    }
     BIO_free(bio);
+    bio = NULL;
 
     /* Test write */
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertIntEQ(TXT_DB_write(bio, db), 1484);
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectIntEQ(TXT_DB_write(bio, db), 1484);
     BIO_free(bio);
 
     /* Test index */
-    AssertIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
-            (wolf_lh_compare_cb)TXT_DB_cmp), 1);
-    AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+    ExpectIntEQ(TXT_DB_create_index(db, 3, NULL, (wolf_sk_hash_cb)TXT_DB_hash,
+        (wolf_lh_compare_cb)TXT_DB_cmp), 1);
+    ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
     fields[3] = "12DA";
-    AssertNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+    ExpectNotNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
     fields[3] = "FFFF";
-    AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+    ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
     fields[3] = "";
-    AssertNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
+    ExpectNull(TXT_DB_get_by_index(db, 3, (WOLFSSL_STRING*)fields));
 
     TXT_DB_free(db);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_NCONF(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_BIO)
     const char* confFile = "./tests/NCONF_test.cnf";
     CONF* conf = NULL;
     long eline = 0;
     long num = 0;
 
-    AssertNotNull(conf = NCONF_new(NULL));
+    ExpectNotNull(conf = NCONF_new(NULL));
 
-    AssertIntEQ(NCONF_load(conf, confFile, &eline), 1);
-    AssertIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
-    AssertIntEQ(num, 1234);
-    AssertIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
-    AssertIntEQ(num, 4321);
-    AssertStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
-    AssertStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
-            "./test-dir/file1");
-    AssertStrEQ(NCONF_get_string(conf, "section2", "file_list"),
-            "./test-dir/file1:./test-dir/file2:./section1:file2");
+    ExpectIntEQ(NCONF_load(conf, confFile, &eline), 1);
+    ExpectIntEQ(NCONF_get_number(conf, NULL, "port", &num), 1);
+    ExpectIntEQ(num, 1234);
+    ExpectIntEQ(NCONF_get_number(conf, "section2", "port", &num), 1);
+    ExpectIntEQ(num, 4321);
+    ExpectStrEQ(NCONF_get_string(conf, NULL, "dir"), "./test-dir");
+    ExpectStrEQ(NCONF_get_string(conf, "section1", "file1_copy"),
+        "./test-dir/file1");
+    ExpectStrEQ(NCONF_get_string(conf, "section2", "file_list"),
+        "./test-dir/file1:./test-dir/file2:./section1:file2");
 
     NCONF_free(conf);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* OPENSSL_ALL */
 
 static int test_wolfSSL_X509V3_EXT_get(void) {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
-    FILE* f;
+    XFILE f = XBADFILE;
     int numOfExt =0;
     int extNid = 0;
     int i = 0;
-    WOLFSSL_X509* x509;
-    WOLFSSL_X509_EXTENSION* ext;
-    const WOLFSSL_v3_ext_method* method;
+    WOLFSSL_X509* x509 = NULL;
+    WOLFSSL_X509_EXTENSION* ext = NULL;
+    const WOLFSSL_v3_ext_method* method = NULL;
 
-    AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
+    ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
     /* wolfSSL_X509V3_EXT_get() return struct and nid test */
-    AssertIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
+    ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
     for (i = 0; i < numOfExt; i++) {
-        AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-        AssertIntNE((extNid = ext->obj->nid), NID_undef);
-        AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
-        AssertIntEQ(method->ext_nid, extNid);
+        ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+        ExpectIntNE((extNid = ext->obj->nid), NID_undef);
+        ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+        ExpectIntEQ(method->ext_nid, extNid);
     }
 
     /* wolfSSL_X509V3_EXT_get() NULL argument test */
-    AssertNull(method = wolfSSL_X509V3_EXT_get(NULL));
+    ExpectNull(method = wolfSSL_X509V3_EXT_get(NULL));
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509V3_EXT_nconf(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_ALL
     const char *ext_names[] = {
         "subjectKeyIdentifier",
         "authorityKeyIdentifier",
         "subjectAltName",
         "keyUsage",
+        "extendedKeyUsage",
     };
     size_t ext_names_count = sizeof(ext_names)/sizeof(*ext_names);
     int ext_nids[] = {
@@ -51163,193 +49497,244 @@ static int test_wolfSSL_X509V3_EXT_nconf(void)
         NID_authority_key_identifier,
         NID_subject_alt_name,
         NID_key_usage,
+        NID_ext_key_usage,
     };
     size_t ext_nids_count = sizeof(ext_nids)/sizeof(*ext_nids);
     const char *ext_values[] = {
         "hash",
         "hash",
         "DNS:example.com, IP:127.0.0.1",
-        "digitalSignature,keyEncipherment,dataEncipherment",
+        "digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,"
+            "keyAgreement,keyCertSign,cRLSign,encipherOnly,decipherOnly",
+        "serverAuth,clientAuth,codeSigning,emailProtection,timeStamping,"
+            "OCSPSigning",
     };
     size_t i;
-    X509_EXTENSION* ext;
-    X509* x509 = X509_new();
+    X509_EXTENSION* ext = NULL;
+    X509* x509 = NULL;
+    unsigned int keyUsageFlags;
+    unsigned int extKeyUsageFlags;
+
+    ExpectNotNull(x509 = X509_new());
+
+    /* keyUsage / extKeyUsage should match string above */
+    keyUsageFlags = KU_DIGITAL_SIGNATURE
+                  | KU_NON_REPUDIATION
+                  | KU_KEY_ENCIPHERMENT
+                  | KU_DATA_ENCIPHERMENT
+                  | KU_KEY_AGREEMENT
+                  | KU_KEY_CERT_SIGN
+                  | KU_CRL_SIGN
+                  | KU_ENCIPHER_ONLY
+                  | KU_DECIPHER_ONLY;
+    extKeyUsageFlags = XKU_SSL_CLIENT
+                     | XKU_SSL_SERVER
+                     | XKU_CODE_SIGN
+                     | XKU_SMIME
+                     | XKU_TIMESTAMP
+                     | XKU_OCSP_SIGN;
 
     for (i = 0; i < ext_names_count; i++) {
-        ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i]);
-        AssertNotNull(ext);
+        ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
+            ext_values[i]));
         X509_EXTENSION_free(ext);
+        ext = NULL;
     }
 
     for (i = 0; i < ext_nids_count; i++) {
-        ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i], ext_values[i]);
-        AssertNotNull(ext);
+        ExpectNotNull(ext = X509V3_EXT_nconf_nid(NULL, NULL, ext_nids[i],
+            ext_values[i]));
         X509_EXTENSION_free(ext);
+        ext = NULL;
     }
 
     /* Test adding extension to X509 */
     for (i = 0; i < ext_nids_count; i++) {
-        ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i], ext_values[i]);
-        AssertIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS);
+        ExpectNotNull(ext = X509V3_EXT_nconf(NULL, NULL, ext_names[i],
+            ext_values[i]));
+        ExpectIntEQ(X509_add_ext(x509, ext, -1), WOLFSSL_SUCCESS);
+
+        if (ext_nids[i] == NID_key_usage) {
+            ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+        }
+        else if (ext_nids[i] == NID_ext_key_usage) {
+            ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
+        }
         X509_EXTENSION_free(ext);
+        ext = NULL;
     }
     X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509V3_EXT(void) {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
-    FILE* f;
-    int numOfExt = 0, nid = 0, i = 0, expected, actual;
-    char* str;
-    unsigned char* data;
-    const WOLFSSL_v3_ext_method* method;
-    WOLFSSL_X509* x509;
-    WOLFSSL_X509_EXTENSION* ext;
-    WOLFSSL_X509_EXTENSION* ext2;
-    WOLFSSL_ASN1_OBJECT *obj, *adObj;
-    WOLFSSL_ASN1_STRING* asn1str;
-    WOLFSSL_AUTHORITY_KEYID* aKeyId;
-    WOLFSSL_AUTHORITY_INFO_ACCESS* aia;
-    WOLFSSL_BASIC_CONSTRAINTS* bc;
-    WOLFSSL_ACCESS_DESCRIPTION* ad;
-    WOLFSSL_GENERAL_NAME* gn;
+    XFILE f = XBADFILE;
+    int numOfExt = 0, nid = 0, i = 0, expected, actual = 0;
+    char* str = NULL;
+    unsigned char* data = NULL;
+    const WOLFSSL_v3_ext_method* method = NULL;
+    WOLFSSL_X509* x509 = NULL;
+    WOLFSSL_X509_EXTENSION* ext = NULL;
+    WOLFSSL_X509_EXTENSION* ext2 = NULL;
+    WOLFSSL_ASN1_OBJECT *obj = NULL;
+    WOLFSSL_ASN1_OBJECT *adObj = NULL;
+    WOLFSSL_ASN1_STRING* asn1str = NULL;
+    WOLFSSL_AUTHORITY_KEYID* aKeyId = NULL;
+    WOLFSSL_AUTHORITY_INFO_ACCESS* aia = NULL;
+    WOLFSSL_BASIC_CONSTRAINTS* bc = NULL;
+    WOLFSSL_ACCESS_DESCRIPTION* ad = NULL;
+    WOLFSSL_GENERAL_NAME* gn = NULL;
 
     /* Check NULL argument */
-    AssertNull(wolfSSL_X509V3_EXT_d2i(NULL));
+    ExpectNull(wolfSSL_X509V3_EXT_d2i(NULL));
 
     /* Using OCSP cert with X509V3 extensions */
-    AssertNotNull(f = fopen("./certs/ocsp/root-ca-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
+    ExpectTrue((f = XFOPEN("./certs/ocsp/root-ca-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    AssertIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
+    ExpectIntEQ((numOfExt = wolfSSL_X509_get_ext_count(x509)), 5);
 
     /* Basic Constraints */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints);
-    AssertNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext));
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_basic_constraints);
+    ExpectNotNull(bc = (WOLFSSL_BASIC_CONSTRAINTS*)wolfSSL_X509V3_EXT_d2i(ext));
 
-    AssertIntEQ(bc->ca, 1);
-    AssertNull(bc->pathlen);
+    ExpectIntEQ(bc->ca, 1);
+    ExpectNull(bc->pathlen);
     wolfSSL_BASIC_CONSTRAINTS_free(bc);
+    bc = NULL;
     i++;
 
     /* Subject Key Identifier */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_subject_key_identifier);
 
-    AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
-    AssertNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0,
-                                                asn1str));
+    ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
+    ExpectNotNull(ext2 = wolfSSL_X509V3_EXT_i2d(NID_subject_key_identifier, 0,
+        asn1str));
     X509_EXTENSION_free(ext2);
-    AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
-    AssertNotNull(method->i2s);
-    AssertNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str));
+    ext2 = NULL;
+    ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+    ExpectNotNull(method->i2s);
+    ExpectNotNull(str = method->i2s((WOLFSSL_v3_ext_method*)method, asn1str));
     wolfSSL_ASN1_STRING_free(asn1str);
-    actual = strcmp(str,
-                 "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
-    AssertIntEQ(actual, 0);
+    asn1str = NULL;
+    if (str != NULL) {
+        actual = strcmp(str,
+            "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
+    }
+    ExpectIntEQ(actual, 0);
     XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    str = NULL;
     i++;
 
     /* Authority Key Identifier */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier);
-
-    AssertNotNull(aKeyId =
-                         (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i(ext));
-    AssertNotNull(method = wolfSSL_X509V3_EXT_get(ext));
-    AssertNotNull(asn1str = aKeyId->keyid);
-    AssertNotNull(str =
-              wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method, asn1str));
-    actual = strcmp(str,
-                 "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
-    AssertIntEQ(actual, 0);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_authority_key_identifier);
+
+    ExpectNotNull(aKeyId = (WOLFSSL_AUTHORITY_KEYID*)wolfSSL_X509V3_EXT_d2i(
+        ext));
+    ExpectNotNull(method = wolfSSL_X509V3_EXT_get(ext));
+    ExpectNotNull(asn1str = aKeyId->keyid);
+    ExpectNotNull(str = wolfSSL_i2s_ASN1_STRING((WOLFSSL_v3_ext_method*)method,
+        asn1str));
+    asn1str = NULL;
+    if (str != NULL) {
+        actual = strcmp(str,
+            "73:B0:1C:A4:2F:82:CB:CF:47:A5:38:D7:B0:04:82:3A:7E:72:15:21");
+    }
+    ExpectIntEQ(actual, 0);
     XFREE(str, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    str = NULL;
     wolfSSL_AUTHORITY_KEYID_free(aKeyId);
+    aKeyId = NULL;
     i++;
 
     /* Key Usage */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_key_usage);
 
-    AssertNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
+    ExpectNotNull(asn1str = (WOLFSSL_ASN1_STRING*)wolfSSL_X509V3_EXT_d2i(ext));
     #if defined(WOLFSSL_QT)
-    AssertNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str));
+    ExpectNotNull(data = (unsigned char*)ASN1_STRING_get0_data(asn1str));
     #else
-    AssertNotNull(data = wolfSSL_ASN1_STRING_data(asn1str));
+    ExpectNotNull(data = wolfSSL_ASN1_STRING_data(asn1str));
     #endif
     expected = KEYUSE_KEY_CERT_SIGN | KEYUSE_CRL_SIGN;
-#ifdef BIG_ENDIAN_ORDER
-    actual = data[1];
-#else
-    actual = data[0];
-#endif
-    AssertIntEQ(actual, expected);
+    if (data != NULL) {
+    #ifdef BIG_ENDIAN_ORDER
+        actual = data[1];
+    #else
+        actual = data[0];
+    #endif
+    }
+    ExpectIntEQ(actual, expected);
     wolfSSL_ASN1_STRING_free(asn1str);
+    asn1str = NULL;
 #if 1
     i++;
 
     /* Authority Info Access */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, i));
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access);
-    AssertNotNull(aia =
-                   (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(ext));
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, i));
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ((nid = wolfSSL_OBJ_obj2nid(obj)), NID_info_access);
+    ExpectNotNull(aia = (WOLFSSL_AUTHORITY_INFO_ACCESS*)wolfSSL_X509V3_EXT_d2i(
+        ext));
 #if defined(WOLFSSL_QT)
-    AssertIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
+    ExpectIntEQ(OPENSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
 #else
-    AssertIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
+    ExpectIntEQ(wolfSSL_sk_num(aia), 1); /* Only one URI entry for this cert */
 #endif
     /* URI entry is an ACCESS_DESCRIPTION type */
 #if defined(WOLFSSL_QT)
-    AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0));
+    ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)wolfSSL_sk_value(aia, 0));
 #else
-    AssertNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0));
+    ExpectNotNull(ad = (WOLFSSL_ACCESS_DESCRIPTION*)OPENSSL_sk_value(aia, 0));
 #endif
-    AssertNotNull(adObj = ad->method);
+    ExpectNotNull(adObj = ad->method);
     /* Make sure nid is OCSP */
-    AssertIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP);
+    ExpectIntEQ(wolfSSL_OBJ_obj2nid(adObj), NID_ad_OCSP);
 
     /* GENERAL_NAME stores URI as an ASN1_STRING */
-    AssertNotNull(gn = ad->location);
-    AssertIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */
-    AssertNotNull(asn1str = gn->d.uniformResourceIdentifier);
-    AssertIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22);
-    #if defined(WOLFSSL_QT)
-    str = (char*)ASN1_STRING_get0_data(asn1str);
-    #else
-    str = (char*)wolfSSL_ASN1_STRING_data(asn1str);
-    #endif
-    actual = strcmp(str, "http://127.0.0.1:22220");
-    AssertIntEQ(actual, 0);
+    ExpectNotNull(gn = ad->location);
+    ExpectIntEQ(gn->type, GEN_URI); /* Type should always be GEN_URI */
+    ExpectNotNull(asn1str = gn->d.uniformResourceIdentifier);
+    ExpectIntEQ(wolfSSL_ASN1_STRING_length(asn1str), 22);
+#if defined(WOLFSSL_QT)
+    ExpectNotNull(str = (char*)ASN1_STRING_get0_data(asn1str));
+#else
+    ExpectNotNull(str = (char*)wolfSSL_ASN1_STRING_data(asn1str));
+#endif
+    if (str != NULL) {
+         actual = strcmp(str, "http://127.0.0.1:22220");
+    }
+    ExpectIntEQ(actual, 0);
 
     wolfSSL_sk_ACCESS_DESCRIPTION_pop_free(aia, NULL);
+    aia = NULL;
 #else
     (void) aia; (void) ad; (void) adObj; (void) gn;
 #endif
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get_extension_flags(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA)
-    XFILE f;
-    X509* x509;
+    XFILE f = XBADFILE;
+    X509* x509 = NULL;
     unsigned int extFlags;
     unsigned int keyUsageFlags;
     unsigned int extKeyUsageFlags;
@@ -51363,14 +49748,18 @@ static int test_wolfSSL_X509_get_extension_flags(void)
     /* and the following extended key usage flags. */
     extKeyUsageFlags = XKU_SSL_CLIENT | XKU_SMIME;
 
-    f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb");
-    AssertTrue(f != XBADFILE);
-    AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
-    XFCLOSE(f);
-    AssertIntEQ(X509_get_extension_flags(x509), extFlags);
-    AssertIntEQ(X509_get_key_usage(x509), keyUsageFlags);
-    AssertIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
+    ExpectTrue((f = XFOPEN("./certs/intermediate/client-int-cert.pem", "rb")) !=
+        XBADFILE);
+    ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
+    ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
+    ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+    ExpectIntEQ(X509_get_extended_key_usage(x509), extKeyUsageFlags);
     X509_free(x509);
+    x509 = NULL;
 
     /* client-cert-ext.pem has the following extension flags. */
     extFlags = EXFLAG_KUSAGE;
@@ -51379,103 +49768,100 @@ static int test_wolfSSL_X509_get_extension_flags(void)
                   | KU_KEY_CERT_SIGN
                   | KU_CRL_SIGN;
 
-    AssertNotNull(f = fopen("./certs/client-cert-ext.pem", "rb"));
-    AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
-    XFCLOSE(f);
-    AssertIntEQ(X509_get_extension_flags(x509), extFlags);
-    AssertIntEQ(X509_get_key_usage(x509), keyUsageFlags);
+    ExpectTrue((f = fopen("./certs/client-cert-ext.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
+    ExpectIntEQ(X509_get_extension_flags(x509), extFlags);
+    ExpectIntEQ(X509_get_key_usage(x509), keyUsageFlags);
     X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_ALL */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get_ext(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
     int ret = 0;
-    FILE* f;
-    WOLFSSL_X509* x509;
+    XFILE f = XBADFILE;
+    WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509_EXTENSION* foundExtension;
 
-    AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
-    AssertIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
+    ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
+    ExpectIntEQ((ret = wolfSSL_X509_get_ext_count(x509)), 5);
 
     /* wolfSSL_X509_get_ext() valid input */
-    AssertNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0));
+    ExpectNotNull(foundExtension = wolfSSL_X509_get_ext(x509, 0));
 
     /* wolfSSL_X509_get_ext() valid x509, idx out of bounds */
-    AssertNull(foundExtension = wolfSSL_X509_get_ext(x509, -1));
-    AssertNull(foundExtension = wolfSSL_X509_get_ext(x509, 100));
+    ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, -1));
+    ExpectNull(foundExtension = wolfSSL_X509_get_ext(x509, 100));
 
     /* wolfSSL_X509_get_ext() NULL x509, idx out of bounds */
-    AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1));
-    AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100));
+    ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, -1));
+    ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 100));
 
     /* wolfSSL_X509_get_ext() NULL x509, valid idx */
-    AssertNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0));
+    ExpectNull(foundExtension = wolfSSL_X509_get_ext(NULL, 0));
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get_ext_by_NID(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA)
     int rc;
-    FILE* f;
-    WOLFSSL_X509* x509;
+    XFILE f = XBADFILE;
+    WOLFSSL_X509* x509 = NULL;
     ASN1_OBJECT* obj = NULL;
 
-    AssertNotNull(f = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
+    ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
-    AssertIntGE(rc, 0);
+    ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+        -1), 0);
 
     /* Start search from last location (should fail) */
-    rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, rc);
-    AssertIntGE(rc, -1);
+    ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+        rc), -1);
 
-    rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -2);
-    AssertIntGE(rc, -1);
+    ExpectIntGE(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints,
+        -2), -1);
 
-    rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints, -1);
-    AssertIntEQ(rc, -1);
+    ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(NULL, NID_basic_constraints,
+        -1), -1);
 
-    rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1);
-    AssertIntEQ(rc, -1);
+    ExpectIntEQ(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_undef, -1), -1);
 
     /* NID_ext_key_usage, check also its nid and oid */
-    rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1);
-    AssertIntGT(rc, -1);
-    AssertNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext(x509, rc)));
-    AssertIntEQ(obj->nid, NID_ext_key_usage);
-    AssertIntEQ(obj->type, EXT_KEY_USAGE_OID);
+    ExpectIntGT(rc = wolfSSL_X509_get_ext_by_NID(x509, NID_ext_key_usage, -1),
+        -1);
+    ExpectNotNull(obj = wolfSSL_X509_EXTENSION_get_object(wolfSSL_X509_get_ext(
+        x509, rc)));
+    ExpectIntEQ(obj->nid, NID_ext_key_usage);
+    ExpectIntEQ(obj->type, EXT_KEY_USAGE_OID);
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_get_ext_subj_alt_name(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA)
     int rc;
-    XFILE f;
-    WOLFSSL_X509* x509;
+    XFILE f = XBADFILE;
+    WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509_EXTENSION* ext;
     WOLFSSL_ASN1_STRING* sanString;
     byte* sanDer;
@@ -51484,160 +49870,153 @@ static int test_wolfSSL_X509_get_ext_subj_alt_name(void)
         0x30, 0x13, 0x82, 0x0b, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e,
         0x63, 0x6f, 0x6d, 0x87, 0x04, 0x7f, 0x00, 0x00, 0x01};
 
-    f = XFOPEN("./certs/server-cert.pem", "rb");
-    AssertTrue(f != XBADFILE);
-    AssertNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
-    fclose(f);
+    ExpectTrue((f = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = PEM_read_X509(f, NULL, NULL, NULL));
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1);
-    AssertIntNE(rc, -1);
-    AssertNotNull(ext = X509_get_ext(x509, rc));
-    AssertNotNull(sanString = X509_EXTENSION_get_data(ext));
-    AssertIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer));
-    AssertNotNull(sanDer = ASN1_STRING_data(sanString));
-    AssertIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0);
+    ExpectIntNE(rc = X509_get_ext_by_NID(x509, NID_subject_alt_name, -1), -1);
+    ExpectNotNull(ext = X509_get_ext(x509, rc));
+    ExpectNotNull(sanString = X509_EXTENSION_get_data(ext));
+    ExpectIntEQ(ASN1_STRING_length(sanString), sizeof(expectedDer));
+    ExpectNotNull(sanDer = ASN1_STRING_data(sanString));
+    ExpectIntEQ(XMEMCMP(sanDer, expectedDer, sizeof(expectedDer)), 0);
 
     X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_EXTENSION_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined (OPENSSL_ALL)
-    WOLFSSL_X509_EXTENSION* ext;
+    WOLFSSL_X509_EXTENSION* ext = NULL;
 
-    AssertNotNull(ext = wolfSSL_X509_EXTENSION_new());
-    AssertNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new());
-    ext->obj->nid = WOLFSSL_SUCCESS;
-    AssertIntEQ(WOLFSSL_SUCCESS, ext->obj->nid);
+    ExpectNotNull(ext = wolfSSL_X509_EXTENSION_new());
+    ExpectNotNull(ext->obj = wolfSSL_ASN1_OBJECT_new());
 
     wolfSSL_X509_EXTENSION_free(ext);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_EXTENSION_get_object(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
-    WOLFSSL_X509* x509;
-    WOLFSSL_X509_EXTENSION* ext;
-    WOLFSSL_ASN1_OBJECT* o;
-    FILE* file;
+    WOLFSSL_X509* x509 = NULL;
+    WOLFSSL_X509_EXTENSION* ext = NULL;
+    WOLFSSL_ASN1_OBJECT* o = NULL;
+    XFILE file = XBADFILE;
 
-    AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
-    fclose(file);
+    ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+    if (file != XBADFILE)
+        XFCLOSE(file);
 
     /* wolfSSL_X509_EXTENSION_get_object() testing ext idx 0 */
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
-    AssertNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
-    AssertIntEQ(o->nid, 128);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+    ExpectNull(wolfSSL_X509_EXTENSION_get_object(NULL));
+    ExpectNotNull(o = wolfSSL_X509_EXTENSION_get_object(ext));
+    ExpectIntEQ(o->nid, 128);
 
     /* wolfSSL_X509_EXTENSION_get_object() NULL argument */
-    AssertNull(o = wolfSSL_X509_EXTENSION_get_object(NULL));
+    ExpectNull(o = wolfSSL_X509_EXTENSION_get_object(NULL));
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_EXTENSION_get_data(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509_EXTENSION* ext;
     WOLFSSL_ASN1_STRING* str;
-    FILE* file;
+    XFILE file = XBADFILE;
 
-    AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
-    fclose(file);
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+    ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+    if (file != XBADFILE)
+        XFCLOSE(file);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
 
-    AssertNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext));
+    ExpectNull(str = wolfSSL_X509_EXTENSION_get_data(NULL));
+    ExpectNotNull(str = wolfSSL_X509_EXTENSION_get_data(ext));
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_EXTENSION_get_critical(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_RSA)
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     WOLFSSL_X509_EXTENSION* ext;
-    FILE* file;
+    XFILE file = XBADFILE;
     int crit;
 
-    AssertNotNull(file = fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
-    fclose(file);
-    AssertNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
+    ExpectTrue((file = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectNotNull(x509 = wolfSSL_PEM_read_X509(file, NULL, NULL, NULL));
+    if (file != XBADFILE)
+        XFCLOSE(file);
+    ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, 0));
 
-    crit = wolfSSL_X509_EXTENSION_get_critical(ext);
-    AssertIntEQ(crit, 0);
+    ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(crit = wolfSSL_X509_EXTENSION_get_critical(ext), 0);
 
     wolfSSL_X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509V3_EXT_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_ALL) && !defined(NO_BIO) && \
     !defined(NO_RSA)
 
     {
-        FILE* f;
-        WOLFSSL_X509* x509;
+        XFILE f = XBADFILE;
+        WOLFSSL_X509* x509 = NULL;
         X509_EXTENSION * ext = NULL;
         int loc;
         BIO *bio = NULL;
 
-        AssertNotNull(f = fopen(svrCertFile, "rb"));
-        AssertNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
-        fclose(f);
+        ExpectTrue((f = XFOPEN(svrCertFile, "rb")) != XBADFILE);
+        ExpectNotNull(x509 = wolfSSL_PEM_read_X509(f, NULL, NULL, NULL));
+        if (f != XBADFILE)
+            fclose(f);
 
-        AssertNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
+        ExpectNotNull(bio = wolfSSL_BIO_new(BIO_s_mem()));
 
-        loc = wolfSSL_X509_get_ext_by_NID(x509, NID_basic_constraints, -1);
-        AssertIntGT(loc, -1);
-        AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
-        AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+        ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+            NID_basic_constraints, -1), -1);
+        ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+        ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
 
-        loc = wolfSSL_X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1);
-        AssertIntGT(loc, -1);
-        AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
-        AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+        ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+            NID_subject_key_identifier, -1), -1);
+        ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+        ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
 
-        loc = wolfSSL_X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
-        AssertIntGT(loc, -1);
-        AssertNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
-        AssertIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
+        ExpectIntGT(loc = wolfSSL_X509_get_ext_by_NID(x509,
+            NID_authority_key_identifier, -1), -1);
+        ExpectNotNull(ext = wolfSSL_X509_get_ext(x509, loc));
+        ExpectIntEQ(wolfSSL_X509V3_EXT_print(bio, ext, 0, 0), WOLFSSL_SUCCESS);
 
         wolfSSL_BIO_free(bio);
         wolfSSL_X509_free(x509);
     }
 
     {
-        X509 *x509;
-        BIO *bio;
+        X509 *x509 = NULL;
+        BIO *bio = NULL;
         X509_EXTENSION *ext;
         unsigned int i;
         unsigned int idx;
@@ -51650,279 +50029,298 @@ static int test_wolfSSL_X509V3_EXT_print(void)
         };
         int* n;
 
-        AssertNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
+        ExpectNotNull(bio = BIO_new_fp(stderr, BIO_NOCLOSE));
 
-        AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
+        ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(cliCertFileExt,
             WOLFSSL_FILETYPE_PEM));
 
-        fprintf(stderr, "\nPrinting extension values:\n");
+        ExpectIntGT(fprintf(stderr, "\nPrinting extension values:\n"), 0);
 
         for (i = 0, n = nids; i<(sizeof(nids)/sizeof(int)); i++, n++) {
             /* X509_get_ext_by_NID should return 3 for now. If that changes then
              * update the index */
-            AssertIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
-            AssertNotNull(ext = X509_get_ext(x509, idx));
-            AssertIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
-            fprintf(stderr, "\n");
+            ExpectIntEQ((idx = X509_get_ext_by_NID(x509, *n, -1)), 3);
+            ExpectNotNull(ext = X509_get_ext(x509, idx));
+            ExpectIntEQ(X509V3_EXT_print(bio, ext, 0, 0), 1);
+            ExpectIntGT(fprintf(stderr, "\n"), 0);
         }
 
         BIO_free(bio);
         X509_free(x509);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_cmp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_RSA)
-    FILE* file1;
-    FILE* file2;
-    WOLFSSL_X509* cert1;
-    WOLFSSL_X509* cert2;
+    XFILE file1 = XBADFILE;
+    XFILE file2 = XBADFILE;
+    WOLFSSL_X509* cert1 = NULL;
+    WOLFSSL_X509* cert2 = NULL;
 
-    AssertNotNull(file1=fopen("./certs/server-cert.pem", "rb"));
-    AssertNotNull(file2=fopen("./certs/3072/client-cert.pem", "rb"));
+    ExpectTrue((file1 = XFOPEN("./certs/server-cert.pem", "rb")) != XBADFILE);
+    ExpectTrue((file2 = XFOPEN("./certs/3072/client-cert.pem", "rb")) !=
+        XBADFILE);
 
-    AssertNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
-    AssertNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL));
-    fclose(file1);
-    fclose(file2);
+    ExpectNotNull(cert1 = wolfSSL_PEM_read_X509(file1, NULL, NULL, NULL));
+    ExpectNotNull(cert2 = wolfSSL_PEM_read_X509(file2, NULL, NULL, NULL));
+    if (file1 != XBADFILE)
+        fclose(file1);
+    if (file2 != XBADFILE)
+        fclose(file2);
 
     /* wolfSSL_X509_cmp() testing matching certs */
-    AssertIntEQ(0, wolfSSL_X509_cmp(cert1, cert1));
+    ExpectIntEQ(0, wolfSSL_X509_cmp(cert1, cert1));
 
     /* wolfSSL_X509_cmp() testing mismatched certs */
-    AssertIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2));
+    ExpectIntEQ(-1, wolfSSL_X509_cmp(cert1, cert2));
 
     /* wolfSSL_X509_cmp() testing NULL, valid args */
-    AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2));
+    ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, cert2));
 
     /* wolfSSL_X509_cmp() testing valid, NULL args */
-    AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL));
+    ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(cert1, NULL));
 
     /* wolfSSL_X509_cmp() testing NULL, NULL args */
-    AssertIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL));
+    ExpectIntEQ(BAD_FUNC_ARG, wolfSSL_X509_cmp(NULL, NULL));
 
     wolfSSL_X509_free(cert1);
     wolfSSL_X509_free(cert2);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-static int test_wolfSSL_PKEY_up_ref(void)
+static int test_wolfSSL_EVP_PKEY_up_ref(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL)
     EVP_PKEY* pkey;
 
     pkey = EVP_PKEY_new();
-    AssertIntEQ(EVP_PKEY_up_ref(NULL), 0);
-    AssertIntEQ(EVP_PKEY_up_ref(pkey), 1);
+    ExpectNotNull(pkey);
+    ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0);
+    ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
     EVP_PKEY_free(pkey);
-    AssertIntEQ(EVP_PKEY_up_ref(pkey), 1);
+    ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
     EVP_PKEY_free(pkey);
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_and_i2d_PublicKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
-    EVP_PKEY* pkey;
+    EVP_PKEY* pkey = NULL;
     const unsigned char* p;
-    unsigned char *der = NULL, *tmp = NULL;
+    unsigned char *der = NULL;
+    unsigned char *tmp = NULL;
     int derLen;
 
     p = client_keypub_der_2048;
     /* Check that key can be successfully decoded. */
-    AssertNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p,
+    ExpectNotNull(pkey = wolfSSL_d2i_PublicKey(EVP_PKEY_RSA, NULL, &p,
         sizeof_client_keypub_der_2048));
     /* Check that key can be successfully encoded. */
-    AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
+    ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
     /* Ensure that the encoded version matches the original. */
-    AssertIntEQ(derLen, sizeof_client_keypub_der_2048);
-    AssertIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
+    ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
+    ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
 
     /* Do same test except with pre-allocated buffer to ensure the der pointer
      * is advanced. */
     tmp = der;
-    AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
-    AssertIntEQ(derLen, sizeof_client_keypub_der_2048);
-    AssertIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
-    AssertTrue(der + derLen == tmp);
+    ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
+    ExpectIntEQ(derLen, sizeof_client_keypub_der_2048);
+    ExpectIntEQ(XMEMCMP(der, client_keypub_der_2048, derLen), 0);
+    ExpectTrue(der + derLen == tmp);
 
     XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
     EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_and_i2d_PublicKey_ecc(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(NO_CERTS) && \
     !defined(NO_ASN) && !defined(NO_PWDBASED)
-    EVP_PKEY* pkey;
+    EVP_PKEY* pkey = NULL;
     const unsigned char* p;
-    unsigned char *der = NULL, *tmp = NULL;
+    unsigned char *der = NULL;
+    unsigned char *tmp = NULL;
     int derLen;
     unsigned char pub_buf[65];
     const int pub_len = 65;
-    BN_CTX * ctx;
-    EC_GROUP * curve;
-    EC_KEY * ephemeral_key;
-    const EC_POINT * h;
+    BN_CTX* ctx;
+    EC_GROUP* curve = NULL;
+    EC_KEY* ephemeral_key = NULL;
+    const EC_POINT* h;
 
     /* Generate an x963 key pair and get public part into pub_buf */
-    AssertNotNull(ctx = BN_CTX_new());
-    AssertNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertNotNull(ephemeral_key = EC_KEY_new_by_curve_name(
-                  NID_X9_62_prime256v1));
-    AssertIntEQ(EC_KEY_generate_key(ephemeral_key), 1);
-    AssertNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
-    AssertIntEQ(pub_len, EC_POINT_point2oct(curve, h,
-                                            POINT_CONVERSION_UNCOMPRESSED,
-                                            pub_buf, pub_len, ctx));
+    ExpectNotNull(ctx = BN_CTX_new());
+    ExpectNotNull(curve = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(ephemeral_key = EC_KEY_new_by_curve_name(
+        NID_X9_62_prime256v1));
+    ExpectIntEQ(EC_KEY_generate_key(ephemeral_key), 1);
+    ExpectNotNull(h = EC_KEY_get0_public_key(ephemeral_key));
+    ExpectIntEQ(pub_len, EC_POINT_point2oct(curve, h,
+        POINT_CONVERSION_UNCOMPRESSED, pub_buf, pub_len, ctx));
     /* Prepare the EVP_PKEY */
-    AssertNotNull(pkey = EVP_PKEY_new());
+    ExpectNotNull(pkey = EVP_PKEY_new());
 
     p = pub_buf;
     /* Check that key can be successfully decoded. */
-    AssertNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p,
+    ExpectNotNull(wolfSSL_d2i_PublicKey(EVP_PKEY_EC, &pkey, &p,
         pub_len));
 
     /* Check that key can be successfully encoded. */
-    AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
+    ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &der)), 0);
     /* Ensure that the encoded version matches the original. */
-    AssertIntEQ(derLen, pub_len);
-    AssertIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
+    ExpectIntEQ(derLen, pub_len);
+    ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
 
     /* Do same test except with pre-allocated buffer to ensure the der pointer
      * is advanced. */
     tmp = der;
-    AssertIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
-    AssertIntEQ(derLen, pub_len);
-    AssertIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
-    AssertTrue(der + derLen == tmp);
+    ExpectIntGE((derLen = wolfSSL_i2d_PublicKey(pkey, &tmp)), 0);
+    ExpectIntEQ(derLen, pub_len);
+    ExpectIntEQ(XMEMCMP(der, pub_buf, derLen), 0);
+    ExpectTrue(der + derLen == tmp);
 
     XFREE(der, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
     EVP_PKEY_free(pkey);
     EC_KEY_free(ephemeral_key);
     EC_GROUP_free(curve);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_and_i2d_DSAparams(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DSA)
-    DSA* dsa;
-    char file[] = "./certs/dsaparams.der";
-    XFILE f;
-    int derInLen;
-    byte* derIn;
-    int derOutLen;
+    DSA* dsa = NULL;
+    byte derIn[] = {
+        0x30, 0x82, 0x01, 0x1f, 0x02, 0x81, 0x81, 0x00,
+        0xcd, 0xde, 0x25, 0x68, 0x80, 0x53, 0x0d, 0xe5,
+        0x77, 0xd6, 0xd2, 0x90, 0x39, 0x3f, 0x90, 0xa2,
+        0x3f, 0x33, 0x94, 0x6e, 0xe8, 0x4f, 0x2b, 0x63,
+        0xab, 0x30, 0xab, 0x15, 0xba, 0x11, 0xea, 0x8a,
+        0x5d, 0x8d, 0xcc, 0xb8, 0xd4, 0xa1, 0xd5, 0xc1,
+        0x47, 0x9d, 0x5a, 0x73, 0x6a, 0x62, 0x49, 0xd1,
+        0x06, 0x07, 0x67, 0xf6, 0x2f, 0xa3, 0x39, 0xbd,
+        0x4e, 0x0d, 0xb4, 0xd3, 0x22, 0x23, 0x84, 0xec,
+        0x93, 0x26, 0x5a, 0x49, 0xee, 0x7c, 0x89, 0x48,
+        0x66, 0x4d, 0xe8, 0xe8, 0xd8, 0x50, 0xfb, 0xa5,
+        0x71, 0x9f, 0x22, 0x18, 0xe5, 0xe6, 0x0b, 0x46,
+        0x87, 0x66, 0xee, 0x52, 0x8f, 0x46, 0x4f, 0xb5,
+        0x03, 0xce, 0xed, 0xe3, 0xbe, 0xe5, 0xb5, 0x81,
+        0xd2, 0x59, 0xe9, 0xc0, 0xad, 0x4d, 0xd0, 0x4d,
+        0x26, 0xf7, 0xba, 0x50, 0xe8, 0xc9, 0x8f, 0xfe,
+        0x24, 0x19, 0x3d, 0x2e, 0xa7, 0x52, 0x3c, 0x6d,
+        0x02, 0x15, 0x00, 0xfb, 0x47, 0xfb, 0xec, 0x81,
+        0x20, 0xc8, 0x1c, 0xe9, 0x4a, 0xba, 0x04, 0x6f,
+        0x19, 0x9b, 0x94, 0xee, 0x82, 0x67, 0xd3, 0x02,
+        0x81, 0x81, 0x00, 0x9b, 0x95, 0xbb, 0x85, 0xc5,
+        0x58, 0x4a, 0x32, 0x9c, 0xaa, 0x44, 0x85, 0xd6,
+        0x68, 0xdc, 0x3e, 0x14, 0xf4, 0xce, 0x6d, 0xa3,
+        0x49, 0x38, 0xea, 0xd6, 0x61, 0x48, 0x92, 0x5a,
+        0x40, 0x95, 0x49, 0x38, 0xaa, 0xe1, 0x39, 0x29,
+        0x68, 0x58, 0x47, 0x8a, 0x4b, 0x01, 0xe1, 0x2e,
+        0x8e, 0x6c, 0x63, 0x6f, 0x40, 0xca, 0x50, 0x3f,
+        0x8c, 0x0b, 0x99, 0xe4, 0x72, 0x42, 0xb8, 0xb1,
+        0xc2, 0x26, 0x48, 0xf1, 0x9c, 0x83, 0xc6, 0x37,
+        0x2e, 0x5a, 0xae, 0x11, 0x09, 0xd9, 0xf3, 0xad,
+        0x1f, 0x6f, 0xad, 0xad, 0x50, 0xe3, 0x78, 0x32,
+        0xe6, 0xde, 0x8e, 0xaa, 0xbf, 0xd1, 0x00, 0x9f,
+        0xb3, 0x02, 0x12, 0x19, 0xa2, 0x15, 0xec, 0x14,
+        0x18, 0x5c, 0x0e, 0x26, 0xce, 0xf9, 0xae, 0xcc,
+        0x7b, 0xb5, 0xd1, 0x26, 0xfc, 0x85, 0xfe, 0x14,
+        0x93, 0xb6, 0x9d, 0x7d, 0x76, 0xe3, 0x35, 0x97,
+        0x1e, 0xde, 0xc4
+    };
+    int derInLen = sizeof(derIn);
     byte* derOut = NULL;
-
-    f = XFOPEN(file, "rb");
-    AssertTrue(f != XBADFILE);
-    AssertTrue(XFSEEK(f, 0, XSEEK_END) == 0);
-    derInLen = (int)XFTELL(f);
-    AssertTrue(XFSEEK(f, 0, XSEEK_SET) == 0);
-    AssertNotNull(derIn = (byte*)XMALLOC(derInLen, HEAP_HINT,
-        DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntEQ(XFREAD(derIn, 1, derInLen, f), derInLen);
-    XFCLOSE(f);
+    int derOutLen;
+    byte* p = derIn;
 
     /* Check that params can be successfully decoded. */
-    AssertNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&derIn, derInLen));
+    ExpectNotNull(dsa = d2i_DSAparams(NULL, (const byte**)&p, derInLen));
     /* Check that params can be successfully encoded. */
-    AssertIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0);
+    ExpectIntGE((derOutLen = i2d_DSAparams(dsa, &derOut)), 0);
     /* Ensure that the encoded version matches the original. */
-    AssertIntEQ(derInLen, derOutLen);
-    AssertIntEQ(XMEMCMP(derIn, derOut, derInLen), 0);
+    ExpectIntEQ(derInLen, derOutLen);
+    ExpectIntEQ(XMEMCMP(derIn, derOut, derInLen), 0);
 
-    XFREE(derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(derOut, HEAP_HINT, DYNAMIC_TYPE_OPENSSL);
     DSA_free(dsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2d_PrivateKey(void)
 {
-    int res = TEST_SKIPPED;
-#if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && !defined(NO_ASN) && !defined(NO_PWDBASED)
+    EXPECT_DECLS;
+#if (!defined(NO_RSA) || defined(HAVE_ECC)) && defined(OPENSSL_EXTRA) && \
+    !defined(NO_ASN) && !defined(NO_PWDBASED)
 
 #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
     {
-        EVP_PKEY* pkey;
-        const unsigned char* server_key = (const unsigned char*)server_key_der_2048;
+        EVP_PKEY* pkey = NULL;
+        const unsigned char* server_key =
+            (const unsigned char*)server_key_der_2048;
         unsigned char buf[FOURK_BUF];
         unsigned char* pt = NULL;
         int bufSz;
 
-        AssertNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
-                    (long)sizeof_server_key_der_2048));
-        AssertIntEQ(i2d_PrivateKey(pkey, NULL), 1193);
+        ExpectNotNull(pkey = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &server_key,
+            (long)sizeof_server_key_der_2048));
+        ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 1193);
         pt = buf;
-        AssertIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193);
-        AssertIntNE((pt - buf), 0);
-        AssertIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0);
+        ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 1193);
+        ExpectIntNE((pt - buf), 0);
+        ExpectIntEQ(XMEMCMP(buf, server_key_der_2048, bufSz), 0);
         EVP_PKEY_free(pkey);
     }
 #endif
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     {
-        EVP_PKEY* pkey;
+        EVP_PKEY* pkey = NULL;
         const unsigned char* client_key =
             (const unsigned char*)ecc_clikey_der_256;
         unsigned char buf[FOURK_BUF];
         unsigned char* pt = NULL;
         int bufSz;
 
-        AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
-                                                   sizeof_ecc_clikey_der_256)));
-        AssertIntEQ(i2d_PrivateKey(pkey, NULL), 121);
+        ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &client_key,
+            (long)sizeof_ecc_clikey_der_256)));
+        ExpectIntEQ(i2d_PrivateKey(pkey, NULL), 121);
         pt = buf;
-        AssertIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121);
-        AssertIntNE((pt - buf), 0);
-        AssertIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0);
+        ExpectIntEQ((bufSz = i2d_PrivateKey(pkey, &pt)), 121);
+        ExpectIntNE((pt - buf), 0);
+        ExpectIntEQ(XMEMCMP(buf, ecc_clikey_der_256, bufSz), 0);
         EVP_PKEY_free(pkey);
     }
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_id_get0_info(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP) && \
-    !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    X509* cert;
-    X509* issuer;
-    OCSP_CERTID* id;
-    OCSP_CERTID* id2;
+    EXPECT_DECLS;
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && \
+    defined(HAVE_OCSP) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
+    X509* cert = NULL;
+    X509* issuer = NULL;
+    OCSP_CERTID* id = NULL;
+    OCSP_CERTID* id2 = NULL;
 
     ASN1_STRING* name = NULL;
     ASN1_OBJECT* pmd  = NULL;
@@ -51930,58 +50328,55 @@ static int test_wolfSSL_OCSP_id_get0_info(void)
     ASN1_INTEGER* serial = NULL;
     ASN1_INTEGER* x509Int;
 
-    AssertNotNull(cert =
-            wolfSSL_X509_load_certificate_file(svrCertFile, SSL_FILETYPE_PEM));
-    AssertNotNull(issuer =
-            wolfSSL_X509_load_certificate_file(caCertFile, SSL_FILETYPE_PEM));
+    ExpectNotNull(cert = wolfSSL_X509_load_certificate_file(svrCertFile,
+        SSL_FILETYPE_PEM));
+    ExpectNotNull(issuer = wolfSSL_X509_load_certificate_file(caCertFile,
+        SSL_FILETYPE_PEM));
 
-    id = OCSP_cert_to_id(NULL, cert, issuer);
-    AssertNotNull(id);
-    id2 = OCSP_cert_to_id(NULL, cert, issuer);
-    AssertNotNull(id2);
+    ExpectNotNull(id = OCSP_cert_to_id(NULL, cert, issuer));
+    ExpectNotNull(id2 = OCSP_cert_to_id(NULL, cert, issuer));
 
-    AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0);
-    AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1);
+    ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, NULL), 0);
+    ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, NULL, id), 1);
 
     /* name, pmd, keyHash not supported yet, expect failure if not NULL */
-    AssertIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0);
-    AssertIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0);
-    AssertIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0);
+    ExpectIntEQ(OCSP_id_get0_info(&name, NULL, NULL, NULL, id), 0);
+    ExpectIntEQ(OCSP_id_get0_info(NULL, &pmd, NULL, NULL, id), 0);
+    ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, &keyHash, NULL, id), 0);
 
-    AssertIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1);
-    AssertNotNull(serial);
+    ExpectIntEQ(OCSP_id_get0_info(NULL, NULL, NULL, &serial, id), 1);
+    ExpectNotNull(serial);
 
     /* compare serial number to one in cert, should be equal */
-    x509Int = X509_get_serialNumber(cert);
-    AssertNotNull(x509Int);
-    AssertIntEQ(x509Int->length, serial->length);
-    AssertIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0);
+    ExpectNotNull(x509Int = X509_get_serialNumber(cert));
+    ExpectIntEQ(x509Int->length, serial->length);
+    ExpectIntEQ(XMEMCMP(x509Int->data, serial->data, serial->length), 0);
 
     /* test OCSP_id_cmp */
-    AssertIntNE(OCSP_id_cmp(NULL, NULL), 0);
-    AssertIntNE(OCSP_id_cmp(id, NULL), 0);
-    AssertIntNE(OCSP_id_cmp(NULL, id2), 0);
-    AssertIntEQ(OCSP_id_cmp(id, id2), 0);
-    id->issuerHash[0] = ~id->issuerHash[0];
-    AssertIntNE(OCSP_id_cmp(id, id2), 0);
+    ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
+    ExpectIntNE(OCSP_id_cmp(id, NULL), 0);
+    ExpectIntNE(OCSP_id_cmp(NULL, id2), 0);
+    ExpectIntEQ(OCSP_id_cmp(id, id2), 0);
+    if (id != NULL) {
+        id->issuerHash[0] = ~id->issuerHash[0];
+    }
+    ExpectIntNE(OCSP_id_cmp(id, id2), 0);
 
     OCSP_CERTID_free(id);
     OCSP_CERTID_free(id2);
     X509_free(cert); /* free's x509Int */
     X509_free(issuer);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2d_OCSP_CERTID(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_CERTID certId;
-    byte* targetBuffer;
-    byte* beginTargetBuffer;
+    byte* targetBuffer = NULL;
+    byte* p;
     /* OCSP CertID bytes taken from PCAP */
     byte rawCertId[] = {
         0x30, 0x49, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
@@ -51992,49 +50387,46 @@ static int test_wolfSSL_i2d_OCSP_CERTID(void)
         0xfd, 0xa3, 0xeb, 0x6e, 0xca, 0x75, 0xc8, 0x88, 0x43, 0x8b, 0x72, 0x4b,
         0xcf, 0xbc, 0x91
     };
-    int ret, i;
+    int ret = 0;
+    int i;
 
     XMEMSET(&certId, 0, sizeof(WOLFSSL_OCSP_CERTID));
     certId.rawCertId = rawCertId;
     certId.rawCertIdSize = sizeof(rawCertId);
-    targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL, DYNAMIC_TYPE_TMP_BUFFER);
 
-    beginTargetBuffer = targetBuffer;
-    ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer);
-    /* If target buffer is not null, function increments targetBuffer to point
-       just past the end of the encoded data. */
-    AssertPtrEq(targetBuffer, (beginTargetBuffer + sizeof(rawCertId)));
+    ExpectNotNull(targetBuffer = (byte*)XMALLOC(sizeof(rawCertId), NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    p = targetBuffer;
     /* Function returns the size of the encoded data. */
-    AssertIntEQ(ret, sizeof(rawCertId));
-    for (i = 0; i < ret; ++i)
-    {
-        AssertIntEQ(beginTargetBuffer[i], rawCertId[i]);
+    ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &p), sizeof(rawCertId));
+    /* If target buffer is not null, function increments targetBuffer to point
+     * just past the end of the encoded data. */
+    ExpectPtrEq(p, (targetBuffer + sizeof(rawCertId)));
+    for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
+        ExpectIntEQ(targetBuffer[i], rawCertId[i]);
     }
-
-    XFREE(beginTargetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(targetBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     targetBuffer = NULL;
-    ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer);
+
     /* If target buffer is null, function allocates memory for a buffer and
-       copies the encoded data into it. targetBuffer then points to the start of
-       this newly allocate buffer. */
-    AssertIntEQ(ret, sizeof(rawCertId));
-    for (i = 0; i < ret; ++i)
-    {
-        AssertIntEQ(targetBuffer[i], rawCertId[i]);
+     * copies the encoded data into it. targetBuffer then points to the start of
+     * this newly allocate buffer. */
+    ExpectIntEQ(ret = wolfSSL_i2d_OCSP_CERTID(&certId, &targetBuffer),
+        sizeof(rawCertId));
+    for (i = 0; EXPECT_SUCCESS() && i < ret; ++i) {
+        ExpectIntEQ(targetBuffer[i], rawCertId[i]);
     }
-
     XFREE(targetBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_OCSP_CERTID(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_HAPROXY)) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_CERTID* certId;
+    WOLFSSL_OCSP_CERTID* certIdGood;
     WOLFSSL_OCSP_CERTID* certIdBad;
     const unsigned char* rawCertIdPtr;
 
@@ -52053,82 +50445,80 @@ static int test_wolfSSL_d2i_OCSP_CERTID(void)
     /* If the cert ID is NULL the function should allocate it and copy the
      * data to it. */
     certId = NULL;
-    certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId));
-
-    AssertNotNull(certId);
-    AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
-
-    XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
-    XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
+    ExpectNotNull(certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
+        sizeof(rawCertId)));
+    ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
+    if (certId != NULL) {
+        XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
+        XFREE(certId, NULL, DYNAMIC_TYPE_OPENSSL);
+    }
 
     /* If the cert ID is not NULL the function will just copy the data to it. */
-    certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
-                                           DYNAMIC_TYPE_TMP_BUFFER);
-    AssertNotNull(certId);
-    XMEMSET(certId, 0, sizeof(*certId));
+    ExpectNotNull(certId = (WOLFSSL_OCSP_CERTID*)XMALLOC(sizeof(*certId), NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectNotNull(certId);
+    ExpectNotNull(XMEMSET(certId, 0, sizeof(*certId)));
 
     /* Reset rawCertIdPtr since it was push forward in the previous call. */
     rawCertIdPtr = &rawCertId[0];
-    certId = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, sizeof(rawCertId));
-
-    AssertNotNull(certId);
-    AssertIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
-
-    XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
-    XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    ExpectNotNull(certIdGood = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr,
+        sizeof(rawCertId)));
+    ExpectPtrEq(certIdGood, certId);
+    ExpectIntEQ(certId->rawCertIdSize, sizeof(rawCertId));
+    if (certId != NULL) {
+        XFREE(certId->rawCertId, NULL, DYNAMIC_TYPE_OPENSSL);
+        XFREE(certId, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        certId = NULL;
+    }
 
     /* The below tests should fail when passed bad parameters. NULL should
      * always be returned. */
-    certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr, sizeof(rawCertId));
-    AssertNull(certIdBad);
-
-    certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL, sizeof(rawCertId));
-    AssertNull(certIdBad);
-
-    certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0);
-    AssertNull(certIdBad);
-
-    res = TEST_RES_CHECK(1);
+    ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(NULL, &rawCertIdPtr,
+        sizeof(rawCertId)));
+    ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, NULL,
+        sizeof(rawCertId)));
+    ExpectNull(certIdBad = wolfSSL_d2i_OCSP_CERTID(&certId, &rawCertIdPtr, 0));
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_id_cmp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
     OCSP_CERTID id1;
     OCSP_CERTID id2;
 
     XMEMSET(&id1, 0, sizeof(id1));
     XMEMSET(&id2, 0, sizeof(id2));
-    AssertIntEQ(OCSP_id_cmp(&id1, &id2), 0);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(OCSP_id_cmp(&id1, &id2), 0);
+    ExpectIntNE(OCSP_id_cmp(NULL, NULL), 0);
+    ExpectIntNE(OCSP_id_cmp(&id1, NULL), 0);
+    ExpectIntNE(OCSP_id_cmp(NULL, &id2), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_SINGLERESP_get0_id(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_SINGLERESP single;
     const WOLFSSL_OCSP_CERTID* certId;
 
     XMEMSET(&single, 0, sizeof(single));
-    certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single);
 
-    AssertPtrEq(&single, certId);
+    certId = wolfSSL_OCSP_SINGLERESP_get0_id(&single);
+    ExpectPtrEq(&single, certId);
 
-    res = TEST_RES_CHECK(1);
+    ExpectNull(wolfSSL_OCSP_SINGLERESP_get0_id(NULL));
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_single_get0_status(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_SINGLERESP single;
     CertStatus certStatus;
@@ -52149,52 +50539,46 @@ static int test_wolfSSL_OCSP_single_get0_status(void)
 
     ret = wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, &thisDate,
                                           &nextDate);
-    AssertIntEQ(ret, CERT_GOOD);
-    AssertPtrEq(thisDate, &certStatus.thisDateParsed);
-    AssertPtrEq(nextDate, &certStatus.nextDateParsed);
+    ExpectIntEQ(ret, CERT_GOOD);
+    ExpectPtrEq(thisDate, &certStatus.thisDateParsed);
+    ExpectPtrEq(nextDate, &certStatus.nextDateParsed);
 
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_OCSP_single_get0_status(NULL, NULL, NULL, NULL, NULL),
+        CERT_GOOD);
+    ExpectIntEQ(wolfSSL_OCSP_single_get0_status(&single, NULL, NULL, NULL,
+        NULL), CERT_GOOD);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_resp_count(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_BASICRESP basicResp;
     WOLFSSL_OCSP_SINGLERESP singleRespOne;
     WOLFSSL_OCSP_SINGLERESP singleRespTwo;
-    int count;
 
     XMEMSET(&basicResp,     0, sizeof(WOLFSSL_OCSP_BASICRESP));
     XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
     XMEMSET(&singleRespTwo, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
 
-    count = wolfSSL_OCSP_resp_count(&basicResp);
-    AssertIntEQ(count, 0);
-
+    ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 0);
     basicResp.single = &singleRespOne;
-    count = wolfSSL_OCSP_resp_count(&basicResp);
-    AssertIntEQ(count, 1);
-
+    ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 1);
     singleRespOne.next = &singleRespTwo;
-    count = wolfSSL_OCSP_resp_count(&basicResp);
-    AssertIntEQ(count, 2);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_OCSP_resp_count(&basicResp), 2);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OCSP_resp_get0(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_OCSP)
     WOLFSSL_OCSP_BASICRESP basicResp;
     WOLFSSL_OCSP_SINGLERESP singleRespOne;
     WOLFSSL_OCSP_SINGLERESP singleRespTwo;
-    WOLFSSL_OCSP_SINGLERESP* ret;
 
     XMEMSET(&basicResp,     0, sizeof(WOLFSSL_OCSP_BASICRESP));
     XMEMSET(&singleRespOne, 0, sizeof(WOLFSSL_OCSP_SINGLERESP));
@@ -52202,87 +50586,84 @@ static int test_wolfSSL_OCSP_resp_get0(void)
 
     basicResp.single = &singleRespOne;
     singleRespOne.next = &singleRespTwo;
-
-    ret = wolfSSL_OCSP_resp_get0(&basicResp, 0);
-    AssertPtrEq(ret, &singleRespOne);
-
-    ret = wolfSSL_OCSP_resp_get0(&basicResp, 1);
-    AssertPtrEq(ret, &singleRespTwo);
-
-    res = TEST_RES_CHECK(1);
+    ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 0), &singleRespOne);
+    ExpectPtrEq(wolfSSL_OCSP_resp_get0(&basicResp, 1), &singleRespTwo);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PKEY_derive(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
 #if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
-
-    EVP_PKEY_CTX *ctx;
-    unsigned char *skey;
+    EVP_PKEY_CTX *ctx = NULL;
+    unsigned char *skey = NULL;
     size_t skeylen;
-    EVP_PKEY *pkey, *peerkey;
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY *peerkey = NULL;
     const unsigned char* key;
 
 #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
     /* DH */
     key = dh_key_der_2048;
-    AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
-                                         sizeof_dh_key_der_2048)));
-    AssertIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
+    ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
+        sizeof_dh_key_der_2048)));
+    ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
     key = dh_key_der_2048;
-    AssertNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
-                                            sizeof_dh_key_der_2048)));
-    AssertIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-    AssertIntEQ(EVP_PKEY_derive_init(ctx), 1);
-    AssertIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
-    AssertIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
-    AssertNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL));
-    AssertIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
+    ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
+        sizeof_dh_key_der_2048)));
+    ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
+    ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
+    ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
+        DYNAMIC_TYPE_OPENSSL));
+    ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
 
     EVP_PKEY_CTX_free(ctx);
+    ctx = NULL;
     EVP_PKEY_free(peerkey);
+    peerkey = NULL;
     EVP_PKEY_free(pkey);
+    pkey = NULL;
     XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
+    skey = NULL;
 #endif
 
 #ifdef HAVE_ECC
     /* ECDH */
     key = ecc_clikey_der_256;
-    AssertNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
-                                         sizeof_ecc_clikey_der_256)));
+    ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
+        sizeof_ecc_clikey_der_256)));
     key = ecc_clikeypub_der_256;
-    AssertNotNull((peerkey = d2i_PUBKEY(NULL, &key,
-                                        sizeof_ecc_clikeypub_der_256)));
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-    AssertIntEQ(EVP_PKEY_derive_init(ctx), 1);
-    AssertIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
-    AssertIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
-    AssertNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL));
-    AssertIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
+    ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key,
+        sizeof_ecc_clikeypub_der_256)));
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
+    ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
+    ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
+        DYNAMIC_TYPE_OPENSSL));
+    ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
 
     EVP_PKEY_CTX_free(ctx);
     EVP_PKEY_free(peerkey);
     EVP_PKEY_free(pkey);
     XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
 #endif /* HAVE_ECC */
-
-    res = TEST_RES_CHECK(1);
 #endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */
 #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_PBE_scrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5))
 #if !defined(NO_PWDBASED) &&  !defined(NO_SHA256)
-
     int ret;
 
     const char  pwd[]    = {'p','a','s','s','w','o','r','d'};
@@ -52304,82 +50685,78 @@ static int test_wolfSSL_EVP_PBE_scrypt(void)
 
     /*                                               N  r  p  mx key keylen */
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* N must be greater than 1 */
+    ExpectIntEQ(ret, 0); /* N must be greater than 1 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* N must be power of 2 */
+    ExpectIntEQ(ret, 0); /* N must be power of 2 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* r must be greater than 0 */
+    ExpectIntEQ(ret, 0); /* r must be greater than 0 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64);
-    AssertIntEQ(ret, 0); /* p must be greater than 0 */
+    ExpectIntEQ(ret, 0); /* p must be greater than 0 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0);
-    AssertIntEQ(ret, 0); /* keylen must be greater than 0 */
+    ExpectIntEQ(ret, 0); /* keylen must be greater than 0 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* r must be smaller than 9 */
+    ExpectIntEQ(ret, 0); /* r must be smaller than 9 */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64);
-    AssertIntEQ(ret, 1); /* should succeed if key is NULL  */
+    ExpectIntEQ(ret, 1); /* should succeed if key is NULL  */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 1); /* should succeed */
+    ExpectIntEQ(ret, 1); /* should succeed */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0,
                                                                     key, 64);
-    AssertIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */
+    ExpectIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0,
                                                                     key, 64);
-    AssertIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */
+    ExpectIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 1); /* should succeed even if salt is NULL */
+    ExpectIntEQ(ret, 1); /* should succeed even if salt is NULL */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/
+    ExpectIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/
 
     ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/
+    ExpectIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/
 
     ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */
+    ExpectIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */
 
     ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */
+    ExpectIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */
 
     ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64);
-    AssertIntEQ(ret, 1);
+    ExpectIntEQ(ret, 1);
 
     ret = XMEMCMP(expectedKey, key, sizeof(expectedKey));
-    AssertIntEQ(ret, 0); /* derived key must be the same as expected-key */
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(ret, 0); /* derived key must be the same as expected-key */
 #endif /* !NO_PWDBASED && !NO_SHA256 */
 #endif /* OPENSSL_EXTRA && HAVE_SCRYPT && HAVE_PBKDF2 */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_no_op_functions(void)
 {
-    int res = TEST_SKIPPED;
-    #if defined(OPENSSL_EXTRA)
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     /* this makes sure wolfSSL can compile and run these no-op functions */
     SSL_load_error_strings();
     ENGINE_load_builtin_engines();
     OpenSSL_add_all_ciphers();
-    AssertIntEQ(CRYPTO_malloc_init(), 0);
-
-    res = TEST_RES_CHECK(1);
-    #endif
-    return res;
+    ExpectIntEQ(CRYPTO_malloc_init(), 0);
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CRYPTO_memcmp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_EXTRA
     char a[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
                "implementation of TLS/SSL for embedded devices to the cloud.";
@@ -52388,12 +50765,10 @@ static int test_wolfSSL_CRYPTO_memcmp(void)
     char c[] = "wolfSSL (formerly CyaSSL) is a small, fast, portable "
                "implementation of TLS/SSL for embedded devices to the cloud!";
 
-    AssertIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
-    AssertIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(CRYPTO_memcmp(a, b, sizeof(a)), 0);
+    ExpectIntNE(CRYPTO_memcmp(a, c, sizeof(a)), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*----------------------------------------------------------------------------*
@@ -52402,7 +50777,7 @@ static int test_wolfSSL_CRYPTO_memcmp(void)
 
 static int test_wc_CreateEncryptedPKCS8Key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_PKCS8) && !defined(NO_PWDBASED) && defined(WOLFSSL_AES_256) \
  && !defined(NO_AES_CBC) && !defined(NO_RSA) && !defined(NO_SHA)
     WC_RNG rng;
@@ -52413,170 +50788,162 @@ static int test_wc_CreateEncryptedPKCS8Key(void)
     word32 passwordSz = (word32)XSTRLEN(password);
     word32 tradIdx = 0;
 
-    AssertIntEQ(wc_InitRng(&rng), 0);
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    ExpectIntEQ(wc_InitRng(&rng), 0);
     /* Call with NULL for out buffer to get necessary length. */
-    AssertIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
+    ExpectIntEQ(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
         sizeof_server_key_der_2048, NULL, &encKeySz, password, passwordSz,
         PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
         LENGTH_ONLY_E);
-    AssertNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT,
+    ExpectNotNull(encKey = (byte*)XMALLOC(encKeySz, HEAP_HINT,
         DYNAMIC_TYPE_TMP_BUFFER));
     /* Call with the allocated out buffer. */
-    AssertIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
+    ExpectIntGT(wc_CreateEncryptedPKCS8Key((byte*)server_key_der_2048,
         sizeof_server_key_der_2048, encKey, &encKeySz, password, passwordSz,
         PKCS5, PBES2, AES256CBCb, NULL, 0, WC_PKCS12_ITT_DEFAULT, &rng, NULL),
         0);
     /* Decrypt the encrypted PKCS8 key we just made. */
-    AssertIntGT((decKeySz = wc_DecryptPKCS8Key(encKey, encKeySz, password,
+    ExpectIntGT((decKeySz = wc_DecryptPKCS8Key(encKey, encKeySz, password,
         passwordSz)), 0);
     /* encKey now holds the decrypted key (decrypted in place). */
-    AssertIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0);
+    ExpectIntGT(wc_GetPkcs8TraditionalOffset(encKey, &tradIdx, decKeySz), 0);
     /* Check that the decrypted key matches the key prior to encryption. */
-    AssertIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048,
+    ExpectIntEQ(XMEMCMP(encKey + tradIdx, server_key_der_2048,
         sizeof_server_key_der_2048), 0);
 
-    if (encKey != NULL)
-        XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    XFREE(encKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_GetPkcs8TraditionalOffset(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(HAVE_PKCS8)
-    int length, derSz;
+    int length;
+    int derSz = 0;
     word32 inOutIdx;
     const char* path = "./certs/server-keyPkcs8.der";
-    XFILE file;
+    XFILE file = XBADFILE;
     byte der[2048];
 
-    file = XFOPEN(path, "rb");
-    AssertTrue(file != XBADFILE);
-    derSz = (int)XFREAD(der, 1, sizeof(der), file);
-    XFCLOSE(file);
+    ExpectTrue((file = XFOPEN(path, "rb")) != XBADFILE);
+    ExpectIntGT(derSz = (int)XFREAD(der, 1, sizeof(der), file), 0);
+    if (file != XBADFILE)
+        XFCLOSE(file);
 
     /* valid case */
     inOutIdx = 0;
-    length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
-    AssertIntGT(length, 0);
+    ExpectIntGT(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+        0);
 
     /* inOutIdx > sz */
     inOutIdx = 4000;
-    length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
-    AssertIntEQ(length, BAD_FUNC_ARG);
+    ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+        BAD_FUNC_ARG);
 
     /* null input */
     inOutIdx = 0;
-    length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0);
-    AssertIntEQ(length, BAD_FUNC_ARG);
+    ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(NULL, &inOutIdx, 0),
+        BAD_FUNC_ARG);
 
     /* invalid input, fill buffer with 1's */
     XMEMSET(der, 1, sizeof(der));
     inOutIdx = 0;
-    length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz);
-    AssertIntEQ(length, ASN_PARSE_E);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(length = wc_GetPkcs8TraditionalOffset(der, &inOutIdx, derSz),
+        ASN_PARSE_E);
 #endif /* NO_ASN */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_SetSubjectRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
     const char* joiCertFile = "./certs/test/cert-ext-joi.der";
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     int peerCertSz;
-    const byte* peerCertBuf;
+    const byte* peerCertBuf = NULL;
     Cert forgedCert;
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+        WOLFSSL_FILETYPE_ASN1));
 
-    AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+    ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
 
-    AssertIntEQ(0, wc_InitCert(&forgedCert));
+    ExpectIntEQ(0, wc_InitCert(&forgedCert));
 
-    AssertIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz));
+    ExpectIntEQ(0, wc_SetSubjectRaw(&forgedCert, peerCertBuf, peerCertSz));
 
     wolfSSL_FreeX509(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_GetSubjectRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)
     Cert cert;
     byte *subjectRaw;
 
-    AssertIntEQ(0, wc_InitCert(&cert));
-    AssertIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert));
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(0, wc_InitCert(&cert));
+    ExpectIntEQ(0, wc_GetSubjectRaw(&subjectRaw, &cert));
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_SetIssuerRaw(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
     const char* joiCertFile = "./certs/test/cert-ext-joi.der";
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     int peerCertSz;
     const byte* peerCertBuf;
     Cert forgedCert;
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+        WOLFSSL_FILETYPE_ASN1));
 
-    AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+    ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
 
-    AssertIntEQ(0, wc_InitCert(&forgedCert));
+    ExpectIntEQ(0, wc_InitCert(&forgedCert));
 
-    AssertIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz));
+    ExpectIntEQ(0, wc_SetIssuerRaw(&forgedCert, peerCertBuf, peerCertSz));
 
     wolfSSL_FreeX509(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_SetIssueBuffer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && !defined(NO_RSA)
     const char* joiCertFile = "./certs/test/cert-ext-joi.der";
-    WOLFSSL_X509* x509;
+    WOLFSSL_X509* x509 = NULL;
     int peerCertSz;
     const byte* peerCertBuf;
     Cert forgedCert;
 
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile, WOLFSSL_FILETYPE_ASN1));
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(joiCertFile,
+        WOLFSSL_FILETYPE_ASN1));
 
-    AssertNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
+    ExpectNotNull(peerCertBuf = wolfSSL_X509_get_der(x509, &peerCertSz));
 
-    AssertIntEQ(0, wc_InitCert(&forgedCert));
+    ExpectIntEQ(0, wc_InitCert(&forgedCert));
 
-    AssertIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz));
+    ExpectIntEQ(0, wc_SetIssuerBuffer(&forgedCert, peerCertBuf, peerCertSz));
 
     wolfSSL_FreeX509(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*
@@ -52584,21 +50951,19 @@ static int test_wc_SetIssueBuffer(void)
  */
 static int test_wc_SetSubjectKeyId(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
     Cert cert;
     const char* file = "certs/ecc-client-keyPub.pem";
 
-    AssertIntEQ(0, wc_InitCert(&cert));
-    AssertIntEQ(0, wc_SetSubjectKeyId(&cert, file));
+    ExpectIntEQ(0, wc_InitCert(&cert));
+    ExpectIntEQ(0, wc_SetSubjectKeyId(&cert, file));
 
-    AssertIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file));
-    AssertIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name"));
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubjectKeyId(NULL, file));
+    ExpectIntGT(0, wc_SetSubjectKeyId(&cert, "badfile.name"));
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_SetSubjectKeyId */
 
 /*
@@ -52606,89 +50971,94 @@ static int test_wc_SetSubjectKeyId(void)
  */
 static int test_wc_SetSubject(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_ASN) && !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT) && defined(HAVE_ECC)
     Cert cert;
     const char* file = "./certs/ca-ecc-cert.pem";
 
-    AssertIntEQ(0, wc_InitCert(&cert));
-    AssertIntEQ(0, wc_SetSubject(&cert, file));
-
-    AssertIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file));
-    AssertIntGT(0, wc_SetSubject(&cert, "badfile.name"));
+    ExpectIntEQ(0, wc_InitCert(&cert));
+    ExpectIntEQ(0, wc_SetSubject(&cert, file));
 
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(BAD_FUNC_ARG, wc_SetSubject(NULL, file));
+    ExpectIntGT(0, wc_SetSubject(&cert, "badfile.name"));
 #endif
-    return res;
+    return EXPECT_RESULT();
 } /* END test_wc_SetSubject */
 
 
 static int test_CheckCertSignature(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && defined(WOLFSSL_SMALL_CERT_VERIFY)
     WOLFSSL_CERT_MANAGER* cm = NULL;
 #if !defined(NO_FILESYSTEM) && (!defined(NO_RSA) || defined(HAVE_ECC))
-    FILE* fp;
+    XFILE fp = XBADFILE;
     byte  cert[4096];
     int   certSz;
 #endif
 
-    AssertIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, NULL));
-    AssertNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
-    AssertIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, cm));
+    ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, NULL));
+    ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+    ExpectIntEQ(BAD_FUNC_ARG, CheckCertSignature(NULL, 0, NULL, cm));
 
 #ifndef NO_RSA
 #ifdef USE_CERT_BUFFERS_1024
-    AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_1024,
+    ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_1024,
                 sizeof_server_cert_der_1024, NULL, cm));
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
                 ca_cert_der_1024, sizeof_ca_cert_der_1024,
                 WOLFSSL_FILETYPE_ASN1));
-    AssertIntEQ(0, CheckCertSignature(server_cert_der_1024,
+    ExpectIntEQ(0, CheckCertSignature(server_cert_der_1024,
                 sizeof_server_cert_der_1024, NULL, cm));
 #elif defined(USE_CERT_BUFFERS_2048)
-    AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_2048,
+    ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(server_cert_der_2048,
                 sizeof_server_cert_der_2048, NULL, cm));
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
                 ca_cert_der_2048, sizeof_ca_cert_der_2048,
                 WOLFSSL_FILETYPE_ASN1));
-    AssertIntEQ(0, CheckCertSignature(server_cert_der_2048,
+    ExpectIntEQ(0, CheckCertSignature(server_cert_der_2048,
                 sizeof_server_cert_der_2048, NULL, cm));
 #endif
 #endif
 
 #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
-    AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(serv_ecc_der_256,
+    ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(serv_ecc_der_256,
                 sizeof_serv_ecc_der_256, NULL, cm));
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCABuffer(cm,
                 ca_ecc_cert_der_256, sizeof_ca_ecc_cert_der_256,
                 WOLFSSL_FILETYPE_ASN1));
-    AssertIntEQ(0, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256,
+    ExpectIntEQ(0, CheckCertSignature(serv_ecc_der_256, sizeof_serv_ecc_der_256,
                 NULL, cm));
 #endif
 
 #if !defined(NO_FILESYSTEM)
     wolfSSL_CertManagerFree(cm);
-    AssertNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
+    cm = NULL;
+    ExpectNotNull(cm = wolfSSL_CertManagerNew_ex(NULL));
 #ifndef NO_RSA
-    AssertNotNull(fp = XFOPEN("./certs/server-cert.der", "rb"));
-    AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
-    XFCLOSE(fp);
-    AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
+    ExpectTrue((fp = XFOPEN("./certs/server-cert.der", "rb")) != XBADFILE);
+    ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+    ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
                 "./certs/ca-cert.pem", NULL));
-    AssertIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
+    ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
 #endif
 #ifdef HAVE_ECC
-    AssertNotNull(fp = XFOPEN("./certs/server-ecc.der", "rb"));
-    AssertIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
-    XFCLOSE(fp);
-    AssertIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
+    ExpectTrue((fp = XFOPEN("./certs/server-ecc.der", "rb")) != XBADFILE);
+    ExpectIntGT((certSz = (int)XFREAD(cert, 1, sizeof(cert), fp)), 0);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+    ExpectIntEQ(ASN_NO_SIGNER_E, CheckCertSignature(cert, certSz, NULL, cm));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CertManagerLoadCA(cm,
                 "./certs/ca-ecc-cert.pem", NULL));
-    AssertIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
+    ExpectIntEQ(0, CheckCertSignature(cert, certSz, NULL, cm));
 #endif
 #endif
 
@@ -52699,32 +51069,28 @@ static int test_CheckCertSignature(void)
 #endif
 
     wolfSSL_CertManagerFree(cm);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_ParseCert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA)
     DecodedCert decodedCert;
     const byte* rawCert = client_cert_der_2048;
     const int rawCertSize = sizeof_client_cert_der_2048;
 
     wc_InitDecodedCert(&decodedCert, rawCert, rawCertSize, NULL);
-    AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+    ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
 #ifndef IGNORE_NAME_CONSTRAINTS
     /* check that the subjects emailAddress was not put in the alt name list */
-    AssertNotNull(decodedCert.subjectEmail);
-    AssertNull(decodedCert.altEmailNames);
+    ExpectNotNull(decodedCert.subjectEmail);
+    ExpectNull(decodedCert.altEmailNames);
 #endif
     wc_FreeDecodedCert(&decodedCert);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Test wc_ParseCert decoding of various encodings and scenarios ensuring that
@@ -52733,7 +51099,7 @@ static int test_wc_ParseCert(void)
  */
 static int test_wc_ParseCert_Error(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(HAVE_SELFTEST) && \
     (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
@@ -52764,18 +51130,16 @@ static int test_wc_ParseCert_Error(void)
     for (i = 0; i < tSz; i++) {
         WOLFSSL_MSG_EX("i == %d", i);
         wc_InitDecodedCert(&decodedCert, t[i].c, t[i].cSz, NULL);
-        AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet);
+        ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), t[i].expRet);
         wc_FreeDecodedCert(&decodedCert);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_MakeCertWithPathLen(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME) && \
     defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
     const byte expectedPathLen = 7;
@@ -52785,19 +51149,27 @@ static int test_MakeCertWithPathLen(void)
     int derSize = 0;
     WC_RNG rng;
     ecc_key key;
+    int ret;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&cert, 0, sizeof(Cert));
+    XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
 
-    AssertIntEQ(wc_InitRng(&rng), 0);
-    AssertIntEQ(wc_ecc_init(&key), 0);
-    AssertIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
-    AssertIntEQ(wc_InitCert(&cert), 0);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
+    ExpectIntEQ(wc_InitCert(&cert), 0);
 
     (void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
     (void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
     (void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
     (void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
     (void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
-    (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com", CTC_NAME_SIZE);
-    (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
+        CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
+        CTC_NAME_SIZE);
 
     cert.selfSigned = 1;
     cert.isCA       = 1;
@@ -52809,22 +51181,77 @@ static int test_MakeCertWithPathLen(void)
     cert.keyUsage |= KEYUSE_KEY_CERT_SIGN;
 #endif
 
-    AssertIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
-    derSize = wc_SignCert(cert.bodySz, cert.sigType, der, FOURK_BUF, NULL,
-                          &key, &rng);
-    AssertIntGE(derSize, 0);
+    ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
+    ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
+        FOURK_BUF, NULL, &key, &rng), 0);
 
     wc_InitDecodedCert(&decodedCert, der, derSize, NULL);
-    AssertIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
-    AssertIntEQ(decodedCert.pathLength, expectedPathLen);
+    ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+    ExpectIntEQ(decodedCert.pathLength, expectedPathLen);
 
     wc_FreeDecodedCert(&decodedCert);
-    AssertIntEQ(wc_ecc_free(&key), 0);
-    AssertIntEQ(wc_FreeRng(&rng), 0);
+    ret = wc_ecc_free(&key);
+    ExpectIntEQ(ret, 0);
+    ret = wc_FreeRng(&rng);
+    ExpectIntEQ(ret, 0);
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = TEST_RES_CHECK(1);
+static int test_MakeCertWithCaFalse(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE) && defined(WOLFSSL_CERT_REQ) && \
+    !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_GEN) && defined(HAVE_ECC)
+    const byte expectedIsCa = 0;
+    Cert cert;
+    DecodedCert decodedCert;
+    byte der[FOURK_BUF];
+    int derSize = 0;
+    WC_RNG rng;
+    ecc_key key;
+    int ret;
+
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    XMEMSET(&key, 0, sizeof(ecc_key));
+    XMEMSET(&cert, 0, sizeof(Cert));
+    XMEMSET(&decodedCert, 0, sizeof(DecodedCert));
+
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    ExpectIntEQ(wc_ecc_init(&key), 0);
+    ExpectIntEQ(wc_ecc_make_key(&rng, 32, &key), 0);
+    ExpectIntEQ(wc_InitCert(&cert), 0);
+
+    (void)XSTRNCPY(cert.subject.country, "US", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.state, "state", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.locality, "Bozeman", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.org, "yourOrgNameHere", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.unit, "yourUnitNameHere", CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.commonName, "www.yourDomain.com",
+        CTC_NAME_SIZE);
+    (void)XSTRNCPY(cert.subject.email, "yourEmail@yourDomain.com",
+        CTC_NAME_SIZE);
+
+    cert.selfSigned = 1;
+    cert.isCA       = expectedIsCa;
+    cert.isCaSet    = 1;
+    cert.sigType    = CTC_SHA256wECDSA;
+
+    ExpectIntGE(wc_MakeCert(&cert, der, FOURK_BUF, NULL, &key, &rng), 0);
+    ExpectIntGE(derSize = wc_SignCert(cert.bodySz, cert.sigType, der,
+        FOURK_BUF, NULL, &key, &rng), 0);
+
+    wc_InitDecodedCert(&decodedCert, der, derSize, NULL);
+    ExpectIntEQ(wc_ParseCert(&decodedCert, CERT_TYPE, NO_VERIFY, NULL), 0);
+    ExpectIntEQ(decodedCert.isCA, expectedIsCa);
+
+    wc_FreeDecodedCert(&decodedCert);
+    ret = wc_ecc_free(&key);
+    ExpectIntEQ(ret, 0);
+    ret = wc_FreeRng(&rng);
+    ExpectIntEQ(ret, 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /*----------------------------------------------------------------------------*
@@ -52833,101 +51260,81 @@ static int test_MakeCertWithPathLen(void)
 
 static int test_wc_ecc_get_curve_size_from_name(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_ECC
-    int ret;
-
     #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-        ret = wc_ecc_get_curve_size_from_name("SECP256R1");
-        AssertIntEQ(ret, 32);
+        ExpectIntEQ(wc_ecc_get_curve_size_from_name("SECP256R1"), 32);
     #endif
-
     /* invalid case */
-    ret = wc_ecc_get_curve_size_from_name("BADCURVE");
-    AssertIntEQ(ret, -1);
-
+    ExpectIntEQ(wc_ecc_get_curve_size_from_name("BADCURVE"), -1);
     /* NULL input */
-    ret = wc_ecc_get_curve_size_from_name(NULL);
-    AssertIntEQ(ret, BAD_FUNC_ARG);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wc_ecc_get_curve_size_from_name(NULL), BAD_FUNC_ARG);
 #endif /* HAVE_ECC */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wc_ecc_get_curve_id_from_name(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_ECC
-    int id;
-
     #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-        id = wc_ecc_get_curve_id_from_name("SECP256R1");
-        AssertIntEQ(id, ECC_SECP256R1);
+        ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"),
+            ECC_SECP256R1);
     #endif
-
     /* invalid case */
-    id = wc_ecc_get_curve_id_from_name("BADCURVE");
-    AssertIntEQ(id, -1);
-
+    ExpectIntEQ(wc_ecc_get_curve_id_from_name("BADCURVE"), -1);
     /* NULL input */
-    id = wc_ecc_get_curve_id_from_name(NULL);
-    AssertIntEQ(id, BAD_FUNC_ARG);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_name(NULL), BAD_FUNC_ARG);
 #endif /* HAVE_ECC */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
     !defined(HAVE_SELFTEST) && \
     !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
-
 static int test_wc_ecc_get_curve_id_from_dp_params(void)
 {
-    int id;
+    EXPECT_DECLS;
 #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-    int curve_id;
     ecc_key* key;
-    const ecc_set_type* params;
+    const ecc_set_type* params = NULL;
     int ret;
 #endif
     WOLFSSL_EC_KEY *ecKey = NULL;
 
     #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-        id = wc_ecc_get_curve_id_from_name("SECP256R1");
-        AssertIntEQ(id, ECC_SECP256R1);
-
-        ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
-        AssertNotNull(ecKey);
+        ExpectIntEQ(wc_ecc_get_curve_id_from_name("SECP256R1"), ECC_SECP256R1);
+        ExpectNotNull(ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
 
-        ret = EC_KEY_generate_key(ecKey);
+        if (EXPECT_SUCCESS()) {
+            ret = EC_KEY_generate_key(ecKey);
+        } else
+            ret = 0;
 
-        if (ret == 0) {
+        if (ret == 1) {
             /* normal test */
             key = (ecc_key*)ecKey->internal;
-            params = key->dp;
+            if (key != NULL) {
+                params = key->dp;
+            }
 
-            curve_id = wc_ecc_get_curve_id_from_dp_params(params);
-            AssertIntEQ(curve_id, id);
+            ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(params),
+                ECC_SECP256R1);
         }
     #endif
     /* invalid case, NULL input*/
+    ExpectIntEQ(wc_ecc_get_curve_id_from_dp_params(NULL), BAD_FUNC_ARG);
 
-    id = wc_ecc_get_curve_id_from_dp_params(NULL);
-    AssertIntEQ(id, BAD_FUNC_ARG);
     wolfSSL_EC_KEY_free(ecKey);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */
 
 static int test_wc_ecc_get_curve_id_from_params(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_ECC
-    int id;
-
     const byte prime[] =
     {
         0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x01,
@@ -52988,38 +51395,33 @@ static int test_wc_ecc_get_curve_id_from_params(void)
     int fieldSize = 256;
 
     #if !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-        id = wc_ecc_get_curve_id_from_params(fieldSize, prime, sizeof(prime),
-                Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
-                Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
-        AssertIntEQ(id, ECC_SECP256R1);
+        ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
+            prime, sizeof(prime), Af, sizeof(Af), Bf, sizeof(Bf),
+            order, sizeof(order), Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor),
+            ECC_SECP256R1);
     #endif
 
     /* invalid case, fieldSize = 0 */
-    id = wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
-            Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
-            Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
-    AssertIntEQ(id, ECC_CURVE_INVALID);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_params(0, prime, sizeof(prime),
+        Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+        Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
 
     /* invalid case, NULL prime */
-    id = wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
-            Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
-            Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
-    AssertIntEQ(id, BAD_FUNC_ARG);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize, NULL, sizeof(prime),
+        Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+        Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), BAD_FUNC_ARG);
 
     /* invalid case, invalid prime */
-    id = wc_ecc_get_curve_id_from_params(fieldSize,
-            primeInvalid, sizeof(primeInvalid),
-            Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
-            Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor);
-    AssertIntEQ(id, ECC_CURVE_INVALID);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wc_ecc_get_curve_id_from_params(fieldSize,
+        primeInvalid, sizeof(primeInvalid),
+        Af, sizeof(Af), Bf, sizeof(Bf), order, sizeof(order),
+        Gx, sizeof(Gx), Gy, sizeof(Gy), cofactor), ECC_CURVE_INVALID);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_PKEY_encrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FAST_RSA)
     WOLFSSL_RSA* rsa = NULL;
@@ -53038,65 +51440,83 @@ static int test_wolfSSL_EVP_PKEY_encrypt(void)
     byte*  outDecTmp = NULL;
 #endif
 
-    AssertNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    XMEMSET(outEnc, 0, rsaKeySz);
-    AssertNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    XMEMSET(outDec, 0, rsaKeySz);
+    ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (outEnc != NULL) {
+        XMEMSET(outEnc, 0, rsaKeySz);
+    }
+    ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (outDec != NULL) {
+        XMEMSET(outDec, 0, rsaKeySz);
+    }
 
-    AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
-    AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-    AssertIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
-                WOLFSSL_SUCCESS);
+    ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        RSA_free(rsa);
+    }
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+        WOLFSSL_SUCCESS);
 
     /* Test pkey references count is decremented. pkey shouldn't be destroyed
      since ctx uses it.*/
-    AssertIntEQ(pkey->ref.count, 2);
+    ExpectIntEQ(pkey->ref.count, 2);
     EVP_PKEY_free(pkey);
-    AssertIntEQ(pkey->ref.count, 1);
+    ExpectIntEQ(pkey->ref.count, 1);
 
     /* Encrypt data */
     /* Check that we can get the required output buffer length by passing in a
      * NULL output buffer. */
-    AssertIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
+    ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
                             (const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
-    AssertIntEQ(rsaKeySz, outEncLen);
+    ExpectIntEQ(rsaKeySz, outEncLen);
     /* Now do the actual encryption. */
-    AssertIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
+    ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
                             (const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
 
     /* Decrypt data */
-    AssertIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
     /* Check that we can get the required output buffer length by passing in a
      * NULL output buffer. */
-    AssertIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
+    ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
                                  WOLFSSL_SUCCESS);
-    AssertIntEQ(rsaKeySz, outDecLen);
+    ExpectIntEQ(rsaKeySz, outDecLen);
     /* Now do the actual decryption. */
-    AssertIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
+    ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
                                  WOLFSSL_SUCCESS);
 
-    AssertIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
+    ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
 
 #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
     /* The input length must be the same size as the RSA key.*/
-    AssertNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    XMEMSET(inTmp, 9, rsaKeySz);
-    AssertNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    XMEMSET(outEncTmp, 0, rsaKeySz);
-    AssertNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    XMEMSET(outDecTmp, 0, rsaKeySz);
-    AssertIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
-                                             WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
-                                 WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp, outEncLen),
-                                 WOLFSSL_SUCCESS);
-    AssertIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
+    ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (inTmp != NULL) {
+        XMEMSET(inTmp, 9, rsaKeySz);
+    }
+    ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (outEncTmp != NULL) {
+        XMEMSET(outEncTmp, 0, rsaKeySz);
+    }
+    ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    if (outDecTmp != NULL) {
+        XMEMSET(outDecTmp, 0, rsaKeySz);
+    }
+    ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp,
+        outEncLen), WOLFSSL_SUCCESS);
+    ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
 #endif
     EVP_PKEY_CTX_free(ctx);
     XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -53106,18 +51526,52 @@ static int test_wolfSSL_EVP_PKEY_encrypt(void)
     XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
-static int test_wolfSSL_EVP_PKEY_sign_verify(void)
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+    !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+        #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+    #endif
+#endif
+#endif
+#if defined(OPENSSL_EXTRA)
+#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
+    #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+        #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+    #endif
+#endif
+#endif
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+        #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+    #endif
+#endif
+#endif
+
+#ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
+static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+    !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    WOLFSSL_RSA* rsa = NULL;
+#endif
+#endif
 #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
     WOLFSSL_DSA* dsa = NULL;
 #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    WOLFSSL_EC_KEY* ecKey = NULL;
+#endif
+#endif
     WOLFSSL_EVP_PKEY* pkey = NULL;
     WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
     WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL;
@@ -53131,275 +51585,295 @@ static int test_wolfSSL_EVP_PKEY_sign_verify(void)
     size_t siglen;
     size_t siglenOnlyLen;
     size_t keySz = 2048/8;  /* Bytes */
-    int i;
-    int encs[3] = {0};
 
-#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
-    !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    encs[0] = EVP_PKEY_RSA;
-#endif
-#endif
-#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
-    encs[1] = EVP_PKEY_DSA;
-#endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
-#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    encs[2] = EVP_PKEY_EC;
-#endif
-#endif
-
-    AssertNotNull(sig =
+    ExpectNotNull(sig =
         (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
-    AssertNotNull(sigVerify =
+    ExpectNotNull(sigVerify =
         (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
 
-    for (i = 0; i < 3; i++) {
-        if (encs[i] == 0)
-            continue;
-
-        siglen = keySz;
-        XMEMSET(sig, 0, keySz);
-        XMEMSET(sigVerify, 0, keySz);
+    siglen = keySz;
+    ExpectNotNull(XMEMSET(sig, 0, keySz));
+    ExpectNotNull(XMEMSET(sigVerify, 0, keySz));
 
-        /* Generate hash */
-        SHA256_Init(&c);
-        SHA256_Update(&c, in, inlen);
-        SHA256_Final(hash, &c);
+    /* Generate hash */
+    SHA256_Init(&c);
+    SHA256_Update(&c, in, inlen);
+    SHA256_Final(hash, &c);
 #ifdef WOLFSSL_SMALL_STACK_CACHE
-        /* workaround for small stack cache case */
-        wc_Sha256Free((wc_Sha256*)&c);
+    /* workaround for small stack cache case */
+    wc_Sha256Free((wc_Sha256*)&c);
 #endif
 
-        /* Generate key */
-        AssertNotNull(pkey = EVP_PKEY_new());
-        switch (encs[i]) {
-            case EVP_PKEY_RSA:
+    /* Generate key */
+    ExpectNotNull(pkey = EVP_PKEY_new());
+    switch (keyType) {
+        case EVP_PKEY_RSA:
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-            {
-                WOLFSSL_RSA* rsa = NULL;
-                AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
-                AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
-            }
+        {
+            ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+            ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+        }
 #endif
 #endif
-                break;
-            case EVP_PKEY_DSA:
+            break;
+        case EVP_PKEY_DSA:
 #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
-                AssertNotNull(dsa = DSA_new());
-                AssertIntEQ(DSA_generate_parameters_ex(dsa, 2048,
-                    NULL, 0, NULL, NULL, NULL), 1);
-                AssertIntEQ(DSA_generate_key(dsa), 1);
-                AssertIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
+            ExpectNotNull(dsa = DSA_new());
+            ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048,
+                NULL, 0, NULL, NULL, NULL), 1);
+            ExpectIntEQ(DSA_generate_key(dsa), 1);
+            ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
 #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
-                break;
-            case EVP_PKEY_EC:
+            break;
+        case EVP_PKEY_EC:
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-            {
-                WOLFSSL_EC_KEY* ecKey = NULL;
-                AssertNotNull(ecKey = EC_KEY_new());
-                AssertIntEQ(EC_KEY_generate_key(ecKey), 1);
-                AssertIntEQ(
-                    EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+        {
+            ExpectNotNull(ecKey = EC_KEY_new());
+            ExpectIntEQ(EC_KEY_generate_key(ecKey), 1);
+            ExpectIntEQ(
+                EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+            if (EXPECT_FAIL()) {
+                EC_KEY_free(ecKey);
             }
+        }
 #endif
 #endif
-                break;
-        }
-        AssertNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
-        AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+            break;
+    }
+    ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-        if (encs[i] == EVP_PKEY_RSA)
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
-                        WOLFSSL_SUCCESS);
+    if (keyType == EVP_PKEY_RSA)
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+                    WOLFSSL_SUCCESS);
 #endif
 #endif
 
-        /* Check returning only length */
-        AssertIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
-            SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
-        AssertIntGT(siglenOnlyLen, 0);
-        /* Sign data */
-        AssertIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
-            SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
-        AssertIntGE(siglenOnlyLen, siglen);
+    /* Check returning only length */
+    ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
+        SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
+    ExpectIntGT(siglenOnlyLen, 0);
+    /* Sign data */
+    ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
+        SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
+    ExpectIntGE(siglenOnlyLen, siglen);
 
-        /* Verify signature */
-        AssertNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
-        AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+    /* Verify signature */
+    ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
+    ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-        if (encs[i] == EVP_PKEY_RSA)
-            AssertIntEQ(
-                EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
-                WOLFSSL_SUCCESS);
+    if (keyType == EVP_PKEY_RSA)
+        ExpectIntEQ(
+            EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
+            WOLFSSL_SUCCESS);
 #endif
 #endif
-        AssertIntEQ(EVP_PKEY_verify(
-            ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
-            WOLFSSL_SUCCESS);
-        AssertIntEQ(EVP_PKEY_verify(
-            ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
-            WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_verify(
+        ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_verify(
+        ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
+        WOLFSSL_FAILURE);
 
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-        if (encs[i] == EVP_PKEY_RSA) {
-        #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
-            /* Try RSA sign/verify with no padding. */
-            AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
-                WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
-                siglen), WOLFSSL_SUCCESS);
-            AssertIntGE(siglenOnlyLen, siglen);
-            AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
-                RSA_NO_PADDING), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
-                siglen), WOLFSSL_SUCCESS);
-        #endif
+    if (keyType == EVP_PKEY_RSA) {
+    #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
+        /* Try RSA sign/verify with no padding. */
+        ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
+            siglen), WOLFSSL_SUCCESS);
+        ExpectIntGE(siglenOnlyLen, siglen);
+        ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+            RSA_NO_PADDING), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
+            siglen), WOLFSSL_SUCCESS);
+    #endif
 
-            /* Wrong padding schemes. */
-            AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
-                RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
-            AssertIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
-                siglen), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
-                RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
-            AssertIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
-                siglen), WOLFSSL_SUCCESS);
-
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
-                WOLFSSL_SUCCESS);
-            AssertIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
-                RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
-        }
+        /* Wrong padding schemes. */
+        ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
+            RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
+        ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
+            siglen), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+            RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
+        ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
+            siglen), WOLFSSL_SUCCESS);
+
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
+            RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
+    }
 #endif
 #endif
 
-        /* error cases */
-        siglen = keySz; /* Reset because sig size may vary slightly */
-        AssertIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
-        AssertIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
-        AssertIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
-                                  WOLFSSL_SUCCESS);
-        AssertIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
-                                  WOLFSSL_SUCCESS);
+    /* error cases */
+    siglen = keySz; /* Reset because sig size may vary slightly */
+    ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
+    ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
+                              WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
+                              WOLFSSL_SUCCESS);
 
-        EVP_PKEY_free(pkey);
+    EVP_PKEY_free(pkey);
+    pkey = NULL;
 #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
-        DSA_free(dsa);
-        dsa = NULL;
+    DSA_free(dsa);
+    dsa = NULL;
 #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */
-        EVP_PKEY_CTX_free(ctx_verify);
-        EVP_PKEY_CTX_free(ctx);
-    }
+    EVP_PKEY_CTX_free(ctx_verify);
+    ctx_verify = NULL;
+    EVP_PKEY_CTX_free(ctx);
+    ctx = NULL;
 
     XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
+    !defined(HAVE_FAST_RSA) && !defined(HAVE_SELFTEST)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
+#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
+    ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_EVP_PKEY_sign_verify_ec(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
+#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
+    ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS);
+#endif
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_EVP_PKEY_rsa(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
-    WOLFSSL_RSA* rsa;
-    WOLFSSL_EVP_PKEY* pkey;
-
-    AssertNotNull(rsa = wolfSSL_RSA_new());
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
-    AssertPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
-    wolfSSL_EVP_PKEY_free(pkey);
+    WOLFSSL_RSA* rsa = NULL;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    res = TEST_RES_CHECK(1);
+    ExpectNotNull(rsa = wolfSSL_RSA_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_RSA_free(rsa);
+    }
+    ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
+    wolfSSL_EVP_PKEY_free(pkey);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_EVP_PKEY_ec(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    WOLFSSL_EC_KEY* ecKey;
-    WOLFSSL_EVP_PKEY* pkey;
+    WOLFSSL_EC_KEY* ecKey = NULL;
+    WOLFSSL_EVP_PKEY* pkey = NULL;
 
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertNotNull(pkey = wolfSSL_EVP_PKEY_new());
-    AssertIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
+    ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WOLFSSL_FAILURE);
     /* Should fail since ecKey is empty */
-    AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
-    AssertIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
+    if (EXPECT_FAIL()) {
+        wolfSSL_EC_KEY_free(ecKey);
+    }
     wolfSSL_EVP_PKEY_free(pkey);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_EVP_PKEY_cmp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
-    EVP_PKEY *a, *b;
+    EVP_PKEY *a = NULL;
+    EVP_PKEY *b = NULL;
     const unsigned char *in;
 
 #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
     in = client_key_der_2048;
-    AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+    ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
         &in, (long)sizeof_client_key_der_2048));
     in = client_key_der_2048;
-    AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+    ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
         &in, (long)sizeof_client_key_der_2048));
 
     /* Test success case RSA */
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
-    AssertIntEQ(EVP_PKEY_cmp(a, b), 1);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
 #else
-    AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
 #endif /* WOLFSSL_ERROR_CODE_OPENSSL */
 
     EVP_PKEY_free(b);
+    b = NULL;
     EVP_PKEY_free(a);
+    a = NULL;
 #endif
 
 #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
     in = ecc_clikey_der_256;
-    AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+    ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
         &in, (long)sizeof_ecc_clikey_der_256));
     in = ecc_clikey_der_256;
-    AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+    ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
         &in, (long)sizeof_ecc_clikey_der_256));
 
     /* Test success case ECC */
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
-    AssertIntEQ(EVP_PKEY_cmp(a, b), 1);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
 #else
-    AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
 #endif /* WOLFSSL_ERROR_CODE_OPENSSL */
 
     EVP_PKEY_free(b);
+    b = NULL;
     EVP_PKEY_free(a);
+    a = NULL;
 #endif
 
     /* Test failure cases */
@@ -53407,59 +51881,58 @@ static int test_EVP_PKEY_cmp(void)
      defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
 
     in = client_key_der_2048;
-    AssertNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
+    ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
         &in, (long)sizeof_client_key_der_2048));
     in = ecc_clikey_der_256;
-    AssertNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
+    ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
         &in, (long)sizeof_ecc_clikey_der_256));
 
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
-    AssertIntEQ(EVP_PKEY_cmp(a, b), -1);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), -1);
 #else
-    AssertIntNE(EVP_PKEY_cmp(a, b), 0);
+    ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
 #endif /* WOLFSSL_ERROR_CODE_OPENSSL */
     EVP_PKEY_free(b);
+    b = NULL;
     EVP_PKEY_free(a);
+    a = NULL;
 #endif
 
     /* invalid or empty failure cases */
     a = EVP_PKEY_new();
     b = EVP_PKEY_new();
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
-    AssertIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
-    AssertIntEQ(EVP_PKEY_cmp(a, NULL), 0);
-    AssertIntEQ(EVP_PKEY_cmp(NULL, b), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0);
 #ifdef NO_RSA
     /* Type check will fail since RSA is the default EVP key type */
-    AssertIntEQ(EVP_PKEY_cmp(a, b), -2);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), -2);
 #else
-    AssertIntEQ(EVP_PKEY_cmp(a, b), 0);
+    ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
 #endif
 #else
-    AssertIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
-    AssertIntNE(EVP_PKEY_cmp(a, NULL), 0);
-    AssertIntNE(EVP_PKEY_cmp(NULL, b), 0);
-    AssertIntNE(EVP_PKEY_cmp(a, b), 0);
+    ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
+    ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0);
+    ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0);
+    ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
 #endif
     EVP_PKEY_free(b);
     EVP_PKEY_free(a);
 
     (void)in;
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_ERR_load_crypto_strings(void)
 {
-    int res = TEST_SKIPPED;
 #if defined(OPENSSL_ALL)
     ERR_load_crypto_strings();
-
-    res = TEST_RES_CHECK(1);
+    return TEST_SUCCESS;
+#else
+    return TEST_SKIPPED;
 #endif
-    return res;
 }
 
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS)
@@ -53471,27 +51944,27 @@ static void free_x509(X509* x)
 
 static int test_sk_X509(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS)
     {
-        STACK_OF(X509)* s;
+        STACK_OF(X509)* s = NULL;
 
-        AssertNotNull(s = sk_X509_new_null());
-        AssertIntEQ(sk_X509_num(s), 0);
+        ExpectNotNull(s = sk_X509_new_null());
+        ExpectIntEQ(sk_X509_num(s), 0);
         sk_X509_pop_free(s, NULL);
 
-        AssertNotNull(s = sk_X509_new_null());
-        AssertIntEQ(sk_X509_num(s), 0);
+        ExpectNotNull(s = sk_X509_new_null());
+        ExpectIntEQ(sk_X509_num(s), 0);
         sk_X509_pop_free(s, NULL);
 
-        AssertNotNull(s = sk_X509_new_null());
+        ExpectNotNull(s = sk_X509_new_null());
         sk_X509_push(s, (X509*)1);
-        AssertIntEQ(sk_X509_num(s), 1);
-        AssertIntEQ((sk_X509_value(s, 0) == (X509*)1), 1);
+        ExpectIntEQ(sk_X509_num(s), 1);
+        ExpectIntEQ((sk_X509_value(s, 0) == (X509*)1), 1);
         sk_X509_push(s, (X509*)2);
-        AssertIntEQ(sk_X509_num(s), 2);
-        AssertIntEQ((sk_X509_value(s, 0) == (X509*)2), 1);
-        AssertIntEQ((sk_X509_value(s, 1) == (X509*)1), 1);
+        ExpectIntEQ(sk_X509_num(s), 2);
+        ExpectIntEQ((sk_X509_value(s, 0) == (X509*)2), 1);
+        ExpectIntEQ((sk_X509_value(s, 1) == (X509*)1), 1);
         sk_X509_push(s, (X509*)2);
         sk_X509_pop_free(s, free_x509);
     }
@@ -53499,22 +51972,24 @@ static int test_sk_X509(void)
     {
         /* Push a list of 10 X509s onto stack, then verify that
          * value(), push(), shift(), and pop() behave as expected. */
-        STACK_OF(X509)* s;
+        STACK_OF(X509)* s = NULL;
         X509*     xList[10];
         int       i = 0;
         const int len = (sizeof(xList) / sizeof(xList[0]));
 
-        for (i = 0; i < len; ++i)
-            AssertNotNull(xList[i] = X509_new());
+        for (i = 0; i < len; ++i) {
+            xList[i] = NULL;
+            ExpectNotNull(xList[i] = X509_new());
+        }
 
         /* test push, pop, and free */
-        AssertNotNull(s = sk_X509_new_null());
+        ExpectNotNull(s = sk_X509_new_null());
 
         for (i = 0; i < len; ++i) {
             sk_X509_push(s, xList[i]);
-            AssertIntEQ(sk_X509_num(s), i + 1);
-            AssertIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
-            AssertIntEQ((sk_X509_value(s, i) == xList[0]), 1);
+            ExpectIntEQ(sk_X509_num(s), i + 1);
+            ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
+            ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
         }
 
         /* pop returns and removes last pushed on stack, which is index 0
@@ -53524,21 +51999,22 @@ static int test_sk_X509(void)
             X509 * y = sk_X509_pop(s);
             X509 * z = xList[len - 1 - i];
 
-            AssertIntEQ((x == y), 1);
-            AssertIntEQ((x == z), 1);
-            AssertIntEQ(sk_X509_num(s), len - 1 - i);
+            ExpectIntEQ((x == y), 1);
+            ExpectIntEQ((x == z), 1);
+            ExpectIntEQ(sk_X509_num(s), len - 1 - i);
         }
 
         sk_free(s);
+        s = NULL;
 
         /* test push, shift, and free */
-        AssertNotNull(s = sk_X509_new_null());
+        ExpectNotNull(s = sk_X509_new_null());
 
         for (i = 0; i < len; ++i) {
             sk_X509_push(s, xList[i]);
-            AssertIntEQ(sk_X509_num(s), i + 1);
-            AssertIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
-            AssertIntEQ((sk_X509_value(s, i) == xList[0]), 1);
+            ExpectIntEQ(sk_X509_num(s), i + 1);
+            ExpectIntEQ((sk_X509_value(s, 0) == xList[i]), 1);
+            ExpectIntEQ((sk_X509_value(s, i) == xList[0]), 1);
         }
 
         /* shift returns and removes first pushed on stack, which is index i
@@ -53548,9 +52024,9 @@ static int test_sk_X509(void)
             X509 * y = sk_X509_shift(s);
             X509 * z = xList[i];
 
-            AssertIntEQ((x == y), 1);
-            AssertIntEQ((x == z), 1);
-            AssertIntEQ(sk_X509_num(s), len - 1 - i);
+            ExpectIntEQ((x == y), 1);
+            ExpectIntEQ((x == z), 1);
+            ExpectIntEQ(sk_X509_num(s), len - 1 - i);
         }
 
         sk_free(s);
@@ -53558,67 +52034,65 @@ static int test_sk_X509(void)
         for (i = 0; i < len; ++i)
             X509_free(xList[i]);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_sk_X509_CRL(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && defined(HAVE_CRL)
-    X509_CRL* crl;
-    XFILE fp;
-    STACK_OF(X509_CRL)* s;
+    X509_CRL* crl = NULL;
+    XFILE fp = XBADFILE;
+    STACK_OF(X509_CRL)* s = NULL;
 
-    fp = XFOPEN("./certs/crl/crl.pem", "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL));
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
+    ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+        NULL, NULL));
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 
-    AssertNotNull(s = sk_X509_CRL_new());
-    AssertIntEQ(sk_X509_CRL_num(s), 0);
-    AssertIntEQ(sk_X509_CRL_push(s, crl), 1);
-    AssertIntEQ(sk_X509_CRL_num(s), 1);
-    AssertPtrEq(sk_X509_CRL_value(s, 0), crl);
+    ExpectNotNull(s = sk_X509_CRL_new());
+    ExpectIntEQ(sk_X509_CRL_num(s), 0);
+    ExpectIntEQ(sk_X509_CRL_push(s, crl), 1);
+    if (EXPECT_FAIL()) {
+        X509_CRL_free(crl);
+    }
+    ExpectIntEQ(sk_X509_CRL_num(s), 1);
+    ExpectPtrEq(sk_X509_CRL_value(s, 0), crl);
     sk_X509_CRL_free(s);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_X509_get_signature_nid(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    X509*   x509;
+    X509*   x509 = NULL;
 
-    AssertIntEQ(X509_get_signature_nid(NULL), 0);
-    AssertNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
-                                                             SSL_FILETYPE_PEM));
-    AssertIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
+    ExpectIntEQ(X509_get_signature_nid(NULL), 0);
+    ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(svrCertFile,
+        SSL_FILETYPE_PEM));
+    ExpectIntEQ(X509_get_signature_nid(x509), NID_sha256WithRSAEncryption);
     X509_free(x509);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_X509_REQ(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
     defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_BIO)
-    X509_NAME* name;
+    X509_NAME* name = NULL;
 #ifndef NO_RSA
-    X509_NAME* subject;
+    X509_NAME* subject = NULL;
 #endif
 #if !defined(NO_RSA) || defined(HAVE_ECC)
-    X509_REQ* req;
-    EVP_PKEY* priv;
-    EVP_PKEY* pub;
+    X509_REQ* req = NULL;
+    EVP_PKEY* priv = NULL;
+    EVP_PKEY* pub = NULL;
     unsigned char* der = NULL;
     int len;
 #endif
@@ -53638,91 +52112,95 @@ static int test_X509_REQ(void)
     const unsigned char* ecPub = (unsigned char*)ecc_clikeypub_der_256;
 #endif
 
-    AssertNotNull(name = X509_NAME_new());
-    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
-                                           (byte*)"wolfssl.com", 11, 0, 1),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
-                                           (byte*)"support@wolfssl.com", 19, -1,
-                                           1), WOLFSSL_SUCCESS);
+    ExpectNotNull(name = X509_NAME_new());
+    ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "commonName", MBSTRING_UTF8,
+        (byte*)"wolfssl.com", 11, 0, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_NAME_add_entry_by_txt(name, "emailAddress", MBSTRING_UTF8,
+        (byte*)"support@wolfssl.com", 19, -1, 1), WOLFSSL_SUCCESS);
 
 #ifndef NO_RSA
-    AssertNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
-                                        (long)sizeof_client_key_der_2048));
-    AssertNotNull(pub = d2i_PUBKEY(NULL, &rsaPub,
-                                   (long)sizeof_client_keypub_der_2048));
-    AssertNotNull(req = X509_REQ_new());
-    AssertIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+    ExpectNotNull(priv = d2i_PrivateKey(EVP_PKEY_RSA, NULL, &rsaPriv,
+        (long)sizeof_client_key_der_2048));
+    ExpectNotNull(pub = d2i_PUBKEY(NULL, &rsaPub,
+        (long)sizeof_client_keypub_der_2048));
+    ExpectNotNull(req = X509_REQ_new());
+    ExpectIntEQ(X509_REQ_set_subject_name(NULL, name), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_set_subject_name(req, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_set_pubkey(NULL, pub), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_set_pubkey(req, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_sign(NULL, priv, EVP_sha256()), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_sign(req, NULL, EVP_sha256()), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_sign(req, priv, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
     len = i2d_X509_REQ(req, &der);
     DEBUG_WRITE_DER(der, len, "req.der");
 #ifdef USE_CERT_BUFFERS_1024
-    AssertIntEQ(len, 381);
+    ExpectIntEQ(len, 381);
 #else
-    AssertIntEQ(len, 643);
+    ExpectIntEQ(len, 643);
 #endif
     XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
     der = NULL;
 
     mctx = EVP_MD_CTX_new();
-    AssertIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestSignInit(mctx, &pkctx, EVP_sha256(), NULL, priv),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_sign_ctx(req, mctx), WOLFSSL_SUCCESS);
 
     EVP_MD_CTX_free(mctx);
+    mctx = NULL;
     X509_REQ_free(NULL);
     X509_REQ_free(req);
+    req = NULL;
 
     /* Test getting the subject from a newly created X509_REQ */
-    AssertNotNull(req = X509_REQ_new());
-    AssertNotNull(subject = X509_REQ_get_subject_name(req));
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName,
-            MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1);
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName,
-            MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1);
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName,
-            MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1);
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName,
-            MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1);
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName,
-            MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1);
-    AssertIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName,
-            MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1);
-    AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+    ExpectNotNull(req = X509_REQ_new());
+    ExpectNotNull(subject = X509_REQ_get_subject_name(req));
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_commonName,
+        MBSTRING_UTF8, (unsigned char*)"www.wolfssl.com", -1, -1, 0), 1);
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_countryName,
+        MBSTRING_UTF8, (unsigned char*)"US", -1, -1, 0), 1);
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_localityName,
+        MBSTRING_UTF8, (unsigned char*)"Bozeman", -1, -1, 0), 1);
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_stateOrProvinceName,
+        MBSTRING_UTF8, (unsigned char*)"Montana", -1, -1, 0), 1);
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationName,
+        MBSTRING_UTF8, (unsigned char*)"wolfSSL", -1, -1, 0), 1);
+    ExpectIntEQ(X509_NAME_add_entry_by_NID(subject, NID_organizationalUnitName,
+        MBSTRING_UTF8, (unsigned char*)"Testing", -1, -1, 0), 1);
+    ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
     len = i2d_X509_REQ(req, &der);
     DEBUG_WRITE_DER(der, len, "req2.der");
 #ifdef USE_CERT_BUFFERS_1024
-    AssertIntEQ(len, 435);
+    ExpectIntEQ(len, 435);
 #else
-    AssertIntEQ(len, 696);
+    ExpectIntEQ(len, 696);
 #endif
     XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
     der = NULL;
 
     EVP_PKEY_free(pub);
+    pub = NULL;
     EVP_PKEY_free(priv);
+    priv = NULL;
     X509_REQ_free(req);
+    req = NULL;
 #endif
 #ifdef HAVE_ECC
-    AssertNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv,
-                                                    sizeof_ecc_clikey_der_256));
-    AssertNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub,
-                                                 sizeof_ecc_clikeypub_der_256));
-    AssertNotNull(req = X509_REQ_new());
-    AssertIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
-    AssertIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
+    ExpectNotNull(priv = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &ecPriv,
+        sizeof_ecc_clikey_der_256));
+    ExpectNotNull(pub = wolfSSL_d2i_PUBKEY(NULL, &ecPub,
+        sizeof_ecc_clikeypub_der_256));
+    ExpectNotNull(req = X509_REQ_new());
+    ExpectIntEQ(X509_REQ_set_subject_name(req, name), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_set_pubkey(req, pub), WOLFSSL_SUCCESS);
+    ExpectIntEQ(X509_REQ_sign(req, priv, EVP_sha256()), WOLFSSL_SUCCESS);
     /* Signature is random and may be shorter or longer. */
-    AssertIntGE((len = i2d_X509_REQ(req, &der)), 245);
-    AssertIntLE(len, 253);
+    ExpectIntGE((len = i2d_X509_REQ(req, &der)), 245);
+    ExpectIntLE(len, 253);
     XFREE(der, NULL, DYNAMIC_TYPE_OPENSSL);
     X509_REQ_free(req);
     EVP_PKEY_free(pub);
@@ -53734,70 +52212,71 @@ static int test_X509_REQ(void)
 #endif /* HAVE_ECC */
 
     X509_NAME_free(name);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_PKCS7(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
     !defined(NO_RSA)
-    PKCS7* pkcs7;
+    PKCS7* pkcs7 = NULL;
     byte   data[FOURK_BUF];
     word32 len = sizeof(data);
     const byte*  p = data;
     byte   content[] = "Test data to encode.";
 #if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
-    BIO*   bio;
+    BIO*   bio = NULL;
     byte   key[sizeof(client_key_der_2048)];
     word32 keySz = (word32)sizeof(key);
     byte*  out = NULL;
 #endif
 
-    AssertIntGT((len = CreatePKCS7SignedData(data, len, content,
-                                             (word32)sizeof(content),
-                                             0, 0, 0, RSA_TYPE)), 0);
+    ExpectIntGT((len = CreatePKCS7SignedData(data, len, content,
+        (word32)sizeof(content), 0, 0, 0, RSA_TYPE)), 0);
 
-    AssertNull(pkcs7 = d2i_PKCS7(NULL, NULL, len));
-    AssertNull(pkcs7 = d2i_PKCS7(NULL, &p, 0));
-    AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
-    AssertIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL,
-                                              PKCS7_NOVERIFY), WOLFSSL_FAILURE);
+    ExpectNull(pkcs7 = d2i_PKCS7(NULL, NULL, len));
+    ExpectNull(pkcs7 = d2i_PKCS7(NULL, &p, 0));
+    ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+    ExpectIntEQ(wolfSSL_PKCS7_verify(NULL, NULL, NULL, NULL, NULL,
+        PKCS7_NOVERIFY), WOLFSSL_FAILURE);
     PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* fail case, without PKCS7_NOVERIFY */
     p = data;
-    AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
-                                                           0), WOLFSSL_FAILURE);
+    ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
+        0), WOLFSSL_FAILURE);
     PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* success case, with PKCS7_NOVERIFY */
     p = data;
-    AssertNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
-                                              PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
+    ExpectNotNull(pkcs7 = d2i_PKCS7(NULL, &p, len));
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, NULL, NULL,
+        PKCS7_NOVERIFY), WOLFSSL_SUCCESS);
 
 #if !defined(NO_RSA) & defined(USE_CERT_BUFFERS_2048)
     /* test i2d */
     XMEMCPY(key, client_key_der_2048, keySz);
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
-    pkcs7->hashOID = SHA256h;
-#else
-    pkcs7->hashOID = SHAh;
-#endif
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
+    if (pkcs7 != NULL) {
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        pkcs7->encryptOID = RSAk;
+    #ifdef NO_SHA
+        pkcs7->hashOID = SHA256h;
+    #else
+        pkcs7->hashOID = SHAh;
+    #endif
+    }
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectIntEQ(i2d_PKCS7_bio(bio, pkcs7), 1);
 #ifndef NO_ASN_TIME
-    AssertIntEQ(i2d_PKCS7(pkcs7, &out), 655);
+    ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 655);
 #else
-    AssertIntEQ(i2d_PKCS7(pkcs7, &out), 625);
+    ExpectIntEQ(i2d_PKCS7(pkcs7, &out), 625);
 #endif
     XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     BIO_free(bio);
@@ -53805,15 +52284,13 @@ static int test_wolfssl_PKCS7(void)
 
     PKCS7_free(NULL);
     PKCS7_free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS7_sign(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_BIO) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA)
 
@@ -53839,63 +52316,66 @@ static int test_wolfSSL_PKCS7_sign(void)
     X509_STORE* store = NULL;
 
     /* read signer cert/key into BIO */
-    AssertNotNull(certBio = BIO_new_file(cert, "r"));
-    AssertNotNull(keyBio = BIO_new_file(key, "r"));
-    AssertNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
-    AssertNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
+    ExpectNotNull(certBio = BIO_new_file(cert, "r"));
+    ExpectNotNull(keyBio = BIO_new_file(key, "r"));
+    ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
+    ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
 
     /* read CA cert into store (for verify) */
-    AssertNotNull(caBio = BIO_new_file(ca, "r"));
-    AssertNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
-    AssertNotNull(store = X509_STORE_new());
-    AssertIntEQ(X509_STORE_add_cert(store, caCert), 1);
+    ExpectNotNull(caBio = BIO_new_file(ca, "r"));
+    ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
+    ExpectNotNull(store = X509_STORE_new());
+    ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
 
     /* data to be signed into BIO */
-    AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-    AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+    ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+    ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
     /* PKCS7_sign, bad args: signer NULL */
-    AssertNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0));
+    ExpectNull(p7 = PKCS7_sign(NULL, signKey, NULL, inBio, 0));
     /* PKCS7_sign, bad args: signer key NULL */
-    AssertNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0));
+    ExpectNull(p7 = PKCS7_sign(signCert, NULL, NULL, inBio, 0));
     /* PKCS7_sign, bad args: in data NULL without PKCS7_STREAM */
-    AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0));
+    ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, NULL, 0));
     /* PKCS7_sign, bad args: PKCS7_NOCERTS flag not supported */
-    AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS));
+    ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_NOCERTS));
     /* PKCS7_sign, bad args: PKCS7_PARTIAL flag not supported */
-    AssertNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL));
+    ExpectNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, PKCS7_PARTIAL));
 
     /* TEST SUCCESS: Not detached, not streaming, not MIME */
     {
         flags = PKCS7_BINARY;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
 
         /* verify with d2i_PKCS7 */
         tmpPtr = out;
-        AssertNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+        ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
 
         /* verify with wc_PKCS7_VerifySignedData */
-        AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
-        AssertIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
-        AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+        ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+        ExpectIntEQ(wc_PKCS7_Init(p7Ver, HEAP_HINT, INVALID_DEVID), 0);
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
 
         /* compare the signer found to expected signer */
-        AssertIntNE(p7Ver->verifyCertSz, 0);
+        ExpectIntNE(p7Ver->verifyCertSz, 0);
         tmpPtr = NULL;
-        AssertIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
-        AssertIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
+        ExpectIntEQ(i2d_X509(signCert, &tmpPtr), p7Ver->verifyCertSz);
+        ExpectIntEQ(XMEMCMP(tmpPtr, p7Ver->verifyCert, p7Ver->verifyCertSz), 0);
         XFREE(tmpPtr, NULL, DYNAMIC_TYPE_OPENSSL);
         tmpPtr = NULL;
 
         wc_PKCS7_Free(p7Ver);
+        p7Ver = NULL;
 
-        AssertNotNull(out);
+        ExpectNotNull(out);
         XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         out = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* TEST SUCCESS: Not detached, streaming, not MIME. Also bad arg
@@ -53903,82 +52383,96 @@ static int test_wolfSSL_PKCS7_sign(void)
     {
         /* re-populate input BIO, may have been consumed */
         BIO_free(inBio);
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        inBio = NULL;
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_BINARY | PKCS7_STREAM;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertIntEQ(PKCS7_final(p7, inBio, flags), 1);
-        AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
+        ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
 
         /* PKCS7_final, bad args: PKCS7 null */
-        AssertIntEQ(PKCS7_final(NULL, inBio, 0), 0);
+        ExpectIntEQ(PKCS7_final(NULL, inBio, 0), 0);
         /* PKCS7_final, bad args: PKCS7 null */
-        AssertIntEQ(PKCS7_final(p7, NULL, 0), 0);
+        ExpectIntEQ(PKCS7_final(p7, NULL, 0), 0);
 
         tmpPtr = out;
-        AssertNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+        ExpectNotNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
 
-        AssertNotNull(out);
+        ExpectNotNull(out);
         XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         out = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* TEST SUCCESS: Detached, not streaming, not MIME */
     {
         /* re-populate input BIO, may have been consumed */
         BIO_free(inBio);
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        inBio = NULL;
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_BINARY | PKCS7_DETACHED;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
 
         /* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
-        AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
-        p7Ver->content = data;
-        p7Ver->contentSz = sizeof(data);
-        AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+        ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+        if (p7Ver != NULL) {
+            p7Ver->content = data;
+            p7Ver->contentSz = sizeof(data);
+        }
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
         wc_PKCS7_Free(p7Ver);
+        p7Ver = NULL;
 
         /* verify expected failure (NULL return) from d2i_PKCS7, it does not
          * yet support detached content */
         tmpPtr = out;
-        AssertNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
+        ExpectNull(p7Ver = d2i_PKCS7(NULL, (const byte**)&tmpPtr, outLen));
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
 
-        AssertNotNull(out);
+        ExpectNotNull(out);
         XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         out = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* TEST SUCCESS: Detached, streaming, not MIME */
     {
         /* re-populate input BIO, may have been consumed */
         BIO_free(inBio);
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        inBio = NULL;
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_BINARY | PKCS7_DETACHED | PKCS7_STREAM;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertIntEQ(PKCS7_final(p7, inBio, flags), 1);
-        AssertIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectIntEQ(PKCS7_final(p7, inBio, flags), 1);
+        ExpectIntGT((outLen = i2d_PKCS7(p7, &out)), 0);
 
         /* verify with wolfCrypt, d2i_PKCS7 does not support detached content */
-        AssertNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
-        p7Ver->content = data;
-        p7Ver->contentSz = sizeof(data);
-        AssertIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
+        ExpectNotNull(p7Ver = wc_PKCS7_New(HEAP_HINT, testDevId));
+        if (p7Ver != NULL) {
+            p7Ver->content = data;
+            p7Ver->contentSz = sizeof(data);
+        }
+        ExpectIntEQ(wc_PKCS7_VerifySignedData(p7Ver, out, outLen), 0);
         wc_PKCS7_Free(p7Ver);
+        p7Ver = NULL;
 
-        AssertNotNull(out);
+        ExpectNotNull(out);
         XFREE(out, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     X509_STORE_free(store);
@@ -53989,33 +52483,28 @@ static int test_wolfSSL_PKCS7_sign(void)
     BIO_free(keyBio);
     BIO_free(certBio);
     BIO_free(caBio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PKCS7_SIGNED_new(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7)
-    PKCS7_SIGNED* pkcs7;
+    PKCS7_SIGNED* pkcs7 = NULL;
 
-    pkcs7 = PKCS7_SIGNED_new();
-    AssertNotNull(pkcs7);
-    AssertIntEQ(pkcs7->contentOID, SIGNED_DATA);
+    ExpectNotNull(pkcs7 = PKCS7_SIGNED_new());
+    ExpectIntEQ(pkcs7->contentOID, SIGNED_DATA);
 
     PKCS7_SIGNED_free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 static int test_wolfSSL_PEM_write_bio_PKCS7(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM)
     PKCS7* pkcs7 = NULL;
     BIO* bio = NULL;
@@ -54048,19 +52537,27 @@ static int test_wolfSSL_PEM_write_bio_PKCS7(void)
     #else
         unsigned char   cert[ONEK_BUF];
         unsigned char   key[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz;
         int             keySz;
 
-        fp = XFOPEN("./certs/1024/client-cert.der", "rb");
-        AssertTrue((fp != XBADFILE));
-        certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_client_cert_der_1024,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/1024/client-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/1024/client-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_client_key_der_1024, fp),
+            0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
     #endif
 #elif defined(HAVE_ECC)
     #if defined(USE_CERT_BUFFERS_256)
@@ -54075,66 +52572,75 @@ static int test_wolfSSL_PEM_write_bio_PKCS7(void)
     #else
         unsigned char   cert[ONEK_BUF];
         unsigned char   key[ONEK_BUF];
-        XFILE           fp;
+        XFILE           fp = XBADFILE;
         int             certSz, keySz;
 
-        fp = XFOPEN("./certs/client-ecc-cert.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-cert.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(certSz = (int)XFREAD(cert, 1, sizeof_cliecc_cert_der_256,
+            fp), 0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
 
-        fp = XFOPEN("./certs/client-ecc-key.der", "rb");
-        AssertTrue(fp != XBADFILE);
-        keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp);
-        XFCLOSE(fp);
+        ExpectTrue((fp = XFOPEN("./certs/client-ecc-key.der", "rb")) !=
+            XBADFILE);
+        ExpectIntGT(keySz = (int)XFREAD(key, 1, sizeof_ecc_clikey_der_256, fp),
+            0);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
     #endif
 #else
     #error PKCS7 requires ECC or RSA
 #endif
 
-    AssertNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
+    ExpectNotNull(pkcs7 = wc_PKCS7_New(HEAP_HINT, testDevId));
     /* initialize with DER encoded cert */
-    AssertIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
+    ExpectIntEQ(wc_PKCS7_InitWithCert(pkcs7, (byte*)cert, (word32)certSz), 0);
 
     /* init rng */
-    AssertIntEQ(wc_InitRng(&rng), 0);
-
-    pkcs7->rng = &rng;
-    pkcs7->content   = (byte*)data; /* not used for ex */
-    pkcs7->contentSz = (word32)sizeof(data);
-    pkcs7->contentOID = SIGNED_DATA;
-    pkcs7->privateKey = key;
-    pkcs7->privateKeySz = (word32)sizeof(key);
-    pkcs7->encryptOID = RSAk;
-#ifdef NO_SHA
-    pkcs7->hashOID = SHA256h;
-#else
-    pkcs7->hashOID = SHAh;
-#endif
-    pkcs7->signedAttribs   = NULL;
-    pkcs7->signedAttribsSz = 0;
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+
+    if (pkcs7 != NULL) {
+        pkcs7->rng = &rng;
+        pkcs7->content   = (byte*)data; /* not used for ex */
+        pkcs7->contentSz = (word32)sizeof(data);
+        pkcs7->contentOID = SIGNED_DATA;
+        pkcs7->privateKey = key;
+        pkcs7->privateKeySz = (word32)sizeof(key);
+        pkcs7->encryptOID = RSAk;
+    #ifdef NO_SHA
+        pkcs7->hashOID = SHA256h;
+    #else
+        pkcs7->hashOID = SHAh;
+    #endif
+        pkcs7->signedAttribs   = NULL;
+        pkcs7->signedAttribsSz = 0;
+    }
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
     /* Write PKCS#7 PEM to BIO, the function converts the DER to PEM cert*/
-    AssertIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
+    ExpectIntEQ(PEM_write_bio_PKCS7(bio, pkcs7), WOLFSSL_SUCCESS);
 
     /* Read PKCS#7 PEM from BIO */
     ret = wolfSSL_BIO_get_mem_data(bio, &cert_buf);
-    AssertIntGE(ret, 0);
+    ExpectIntGE(ret, 0);
 
     BIO_free(bio);
     wc_PKCS7_Free(pkcs7);
     wc_FreeRng(&rng);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifdef HAVE_SMIME
 static int test_wolfSSL_SMIME_read_PKCS7(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA)
     PKCS7* pkcs7 = NULL;
@@ -54144,80 +52650,89 @@ static int test_wolfSSL_SMIME_read_PKCS7(void)
     const byte* outBuf = NULL;
     int outBufLen = 0;
     static const char contTypeText[] = "Content-Type: text/plain\r\n\r\n";
-    XFILE smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r");
+    XFILE smimeTestFile = XBADFILE;
+
+    ExpectTrue((smimeTestFile = XFOPEN("./certs/test/smime-test.p7s", "r")) !=
+        XBADFILE);
 
     /* smime-test.p7s */
     bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
-    AssertNotNull(bio);
-    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    ExpectNotNull(bio);
+    ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
-                                     PKCS7_NOVERIFY), SSL_SUCCESS);
+    ExpectNotNull(pkcs7);
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+        PKCS7_NOVERIFY), SSL_SUCCESS);
     XFCLOSE(smimeTestFile);
     if (bcont) BIO_free(bcont);
+    bcont = NULL;
     wolfSSL_PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* smime-test-multipart.p7s */
     smimeTestFile = XFOPEN("./certs/test/smime-test-multipart.p7s", "r");
-    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
-                                     PKCS7_NOVERIFY), SSL_SUCCESS);
+    ExpectNotNull(pkcs7);
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+        PKCS7_NOVERIFY), SSL_SUCCESS);
     XFCLOSE(smimeTestFile);
     if (bcont) BIO_free(bcont);
+    bcont = NULL;
     wolfSSL_PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* smime-test-multipart-badsig.p7s */
     smimeTestFile = XFOPEN("./certs/test/smime-test-multipart-badsig.p7s", "r");
-    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
-    AssertNull(pkcs7);
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
-                                     PKCS7_NOVERIFY), SSL_FAILURE);
+    ExpectNotNull(pkcs7); /* can read in the unverified smime bundle */
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+        PKCS7_NOVERIFY), SSL_FAILURE);
     XFCLOSE(smimeTestFile);
     if (bcont) BIO_free(bcont);
+    bcont = NULL;
     wolfSSL_PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* smime-test-canon.p7s */
     smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
-    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
-    AssertNotNull(pkcs7);
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
-                                     PKCS7_NOVERIFY), SSL_SUCCESS);
+    ExpectNotNull(pkcs7);
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, NULL,
+        PKCS7_NOVERIFY), SSL_SUCCESS);
     XFCLOSE(smimeTestFile);
     if (bcont) BIO_free(bcont);
+    bcont = NULL;
     wolfSSL_PKCS7_free(pkcs7);
+    pkcs7 = NULL;
 
     /* Test PKCS7_TEXT, PKCS7_verify() should remove Content-Type: text/plain */
     smimeTestFile = XFOPEN("./certs/test/smime-test-canon.p7s", "r");
-    AssertIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_BIO_set_fp(bio, smimeTestFile, BIO_CLOSE), SSL_SUCCESS);
     pkcs7 = wolfSSL_SMIME_read_PKCS7(bio, &bcont);
-    AssertNotNull(pkcs7);
+    ExpectNotNull(pkcs7);
     out = wolfSSL_BIO_new(BIO_s_mem());
-    AssertNotNull(out);
-    AssertIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
-                PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
-    AssertIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
+    ExpectNotNull(out);
+    ExpectIntEQ(wolfSSL_PKCS7_verify(pkcs7, NULL, NULL, bcont, out,
+        PKCS7_NOVERIFY | PKCS7_TEXT), SSL_SUCCESS);
+    ExpectIntGT((outBufLen = BIO_get_mem_data(out, &outBuf)), 0);
     /* Content-Type should not show up at beginning of output buffer */
-    AssertIntGT(outBufLen, XSTRLEN(contTypeText));
-    AssertIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
+    ExpectIntGT(outBufLen, XSTRLEN(contTypeText));
+    ExpectIntGT(XMEMCMP(outBuf, contTypeText, XSTRLEN(contTypeText)), 0);
 
     BIO_free(out);
     BIO_free(bio);
     if (bcont) BIO_free(bcont);
     wolfSSL_PKCS7_free(pkcs7);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SMIME_write_PKCS7(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && defined(HAVE_PKCS7) && !defined(NO_RSA)
     PKCS7* p7 = NULL;
     PKCS7* p7Ver = NULL;
@@ -54240,101 +52755,121 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
     X509_STORE* store = NULL;
 
     /* read signer cert/key into BIO */
-    AssertNotNull(certBio = BIO_new_file(cert, "r"));
-    AssertNotNull(keyBio = BIO_new_file(key, "r"));
-    AssertNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
-    AssertNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
+    ExpectNotNull(certBio = BIO_new_file(cert, "r"));
+    ExpectNotNull(keyBio = BIO_new_file(key, "r"));
+    ExpectNotNull(signCert = PEM_read_bio_X509(certBio, NULL, 0, NULL));
+    ExpectNotNull(signKey = PEM_read_bio_PrivateKey(keyBio, NULL, 0, NULL));
 
     /* read CA cert into store (for verify) */
-    AssertNotNull(caBio = BIO_new_file(ca, "r"));
-    AssertNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
-    AssertNotNull(store = X509_STORE_new());
-    AssertIntEQ(X509_STORE_add_cert(store, caCert), 1);
+    ExpectNotNull(caBio = BIO_new_file(ca, "r"));
+    ExpectNotNull(caCert = PEM_read_bio_X509(caBio, NULL, 0, NULL));
+    ExpectNotNull(store = X509_STORE_new());
+    ExpectIntEQ(X509_STORE_add_cert(store, caCert), 1);
 
 
     /* generate and verify SMIME: not detached */
     {
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_STREAM;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertNotNull(outBio = BIO_new(BIO_s_mem()));
-        AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+        ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
 
         /* bad arg: out NULL */
-        AssertIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0);
+        ExpectIntEQ(SMIME_write_PKCS7(NULL, p7, inBio, flags), 0);
         /* bad arg: pkcs7 NULL */
-        AssertIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0);
+        ExpectIntEQ(SMIME_write_PKCS7(outBio, NULL, inBio, flags), 0);
 
-        AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+        ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
 
         BIO_free(content);
+        content = NULL;
         BIO_free(inBio);
+        inBio = NULL;
         BIO_free(outBio);
+        outBio = NULL;
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* generate and verify SMIME: not detached, add Content-Type */
     {
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_STREAM | PKCS7_TEXT;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertNotNull(outBio = BIO_new(BIO_s_mem()));
-        AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+        ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
 
-        AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
+        ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, NULL, NULL, flags), 1);
 
         BIO_free(content);
+        content = NULL;
         BIO_free(inBio);
+        inBio = NULL;
         BIO_free(outBio);
+        outBio = NULL;
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* generate and verify SMIME: detached */
     {
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_DETACHED | PKCS7_STREAM;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertNotNull(outBio = BIO_new(BIO_s_mem()));
-        AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+        ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
 
-        AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
+        ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
 
         BIO_free(content);
+        content = NULL;
         BIO_free(inBio);
+        inBio = NULL;
         BIO_free(outBio);
+        outBio = NULL;
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     /* generate and verify SMIME: PKCS7_TEXT to add Content-Type header */
     {
-        AssertNotNull(inBio = BIO_new(BIO_s_mem()));
-        AssertIntGT(BIO_write(inBio, data, sizeof(data)), 0);
+        ExpectNotNull(inBio = BIO_new(BIO_s_mem()));
+        ExpectIntGT(BIO_write(inBio, data, sizeof(data)), 0);
 
         flags = PKCS7_STREAM | PKCS7_DETACHED | PKCS7_TEXT;
-        AssertNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
-        AssertNotNull(outBio = BIO_new(BIO_s_mem()));
-        AssertIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
+        ExpectNotNull(p7 = PKCS7_sign(signCert, signKey, NULL, inBio, flags));
+        ExpectNotNull(outBio = BIO_new(BIO_s_mem()));
+        ExpectIntEQ(SMIME_write_PKCS7(outBio, p7, inBio, flags), 1);
 
-        AssertNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
-        AssertIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
+        ExpectNotNull(p7Ver = SMIME_read_PKCS7(outBio, &content));
+        ExpectIntEQ(PKCS7_verify(p7Ver, NULL, store, content, NULL, flags), 1);
 
         BIO_free(content);
+        content = NULL;
         BIO_free(inBio);
+        inBio = NULL;
         BIO_free(outBio);
+        outBio = NULL;
         PKCS7_free(p7Ver);
+        p7Ver = NULL;
         PKCS7_free(p7);
+        p7 = NULL;
     }
 
     X509_STORE_free(store);
@@ -54344,10 +52879,8 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
     BIO_free(keyBio);
     BIO_free(certBio);
     BIO_free(caBio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* HAVE_SMIME */
 #endif /* !NO_BIO */
@@ -54356,183 +52889,189 @@ static int test_wolfSSL_SMIME_write_PKCS7(void)
  * returns 0) */
 static int test_X509_STORE_No_SSL_CTX(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
-    !defined(NO_WOLFSSL_DIR) && defined(HAVE_CRL) && \
+    EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
     (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
+    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)  && \
     (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
-    !defined(NO_RSA)
+    defined(HAVE_CRL) && !defined(NO_RSA)
 
-    X509_STORE *     store;
-    X509_STORE_CTX * storeCtx;
-    X509_CRL *       crl;
-    X509 *           ca;
-    X509 *           cert;
+    X509_STORE *     store = NULL;
+    X509_STORE_CTX * storeCtx = NULL;
+    X509_CRL *       crl = NULL;
+    X509 *           ca = NULL;
+    X509 *           cert = NULL;
     const char       cliCrlPem[] = "./certs/crl/cliCrl.pem";
     const char       srvCert[] = "./certs/server-cert.pem";
     const char       caCert[] = "./certs/ca-cert.pem";
     const char       caDir[] = "./certs/crl/hash_pem";
-    XFILE            fp;
-    X509_LOOKUP *    lookup;
+    XFILE            fp = XBADFILE;
+    X509_LOOKUP *    lookup = NULL;
 
-    AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+    ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
 
     /* Set up store with CA */
-    AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+    ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
 
     /* Add CRL lookup directory to store
      * NOTE: test uses ./certs/crl/hash_pem/0fdb2da4.r0, which is a copy
      * of crl.pem */
-    AssertNotNull((lookup = X509_STORE_add_lookup(store,
-            X509_LOOKUP_hash_dir())));
-    AssertIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
-            X509_FILETYPE_PEM, NULL), SSL_SUCCESS);
+    ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+        X509_LOOKUP_hash_dir())));
+    ExpectIntEQ(X509_LOOKUP_ctrl(lookup, X509_L_ADD_DIR, caDir,
+        X509_FILETYPE_PEM, NULL), SSL_SUCCESS);
 
-    AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
-            SSL_SUCCESS);
+    ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+        SSL_SUCCESS);
 
     /* Add CRL to store NOT containing the verified certificate, which
      * forces use of the CRL lookup directory */
-    fp = XFOPEN(cliCrlPem, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
-            NULL, NULL));
-    XFCLOSE(fp);
-    AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+    ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+    ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+        NULL, NULL));
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
+    ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
 
     /* Create verification context outside of an SSL session */
-    AssertNotNull((storeCtx = X509_STORE_CTX_new()));
-    AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+    ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+    ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
 
     /* Perform verification, which should NOT indicate CRL missing due to the
      * store CM's X509 store pointer being NULL */
-    AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
+    ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
 
     X509_CRL_free(crl);
     X509_STORE_free(store);
     X509_STORE_CTX_free(storeCtx);
     X509_free(cert);
     X509_free(ca);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Test of X509 store use outside of SSL context w/ CRL lookup, but
  * with X509_LOOKUP_add_dir and X509_FILETYPE_ASN1. */
 static int test_X509_LOOKUP_add_dir(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && \
-    !defined(NO_WOLFSSL_DIR) && defined(HAVE_CRL) && \
+    EXPECT_DECLS;
+#if defined(OPENSSL_ALL) && defined(WOLFSSL_CERT_GEN) && \
     (defined(WOLFSSL_CERT_REQ) || defined(WOLFSSL_CERT_EXT)) && \
+    !defined(NO_FILESYSTEM) && !defined(NO_WOLFSSL_DIR)  && \
     (defined(OPENSSL_EXTRA) || defined(WOLFSSL_WPAS_SMALL)) && \
-    !defined(NO_RSA)
+    defined(HAVE_CRL) && !defined(NO_RSA)
 
-    X509_STORE *     store;
-    X509_STORE_CTX * storeCtx;
-    X509_CRL *       crl;
-    X509 *           ca;
-    X509 *           cert;
+    X509_STORE *     store = NULL;
+    X509_STORE_CTX * storeCtx = NULL;
+    X509_CRL *       crl = NULL;
+    X509 *           ca = NULL;
+    X509 *           cert = NULL;
     const char       cliCrlPem[] = "./certs/crl/cliCrl.pem";
     const char       srvCert[] = "./certs/server-cert.pem";
     const char       caCert[] = "./certs/ca-cert.pem";
     const char       caDir[] = "./certs/crl/hash_der";
-    XFILE            fp;
-    X509_LOOKUP *    lookup;
+    XFILE            fp = XBADFILE;
+    X509_LOOKUP *    lookup = NULL;
 
-    AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+    ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
 
     /* Set up store with CA */
-    AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+    ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
 
     /* Add CRL lookup directory to store.
      * Test uses ./certs/crl/hash_der/0fdb2da4.r0, which is a copy
      * of crl.der */
-    AssertNotNull((lookup = X509_STORE_add_lookup(store,
-            X509_LOOKUP_hash_dir())));
+    ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+        X509_LOOKUP_hash_dir())));
 
-    AssertIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1),
-            SSL_SUCCESS);
+    ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_ASN1),
+        SSL_SUCCESS);
 
-    AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
-            SSL_SUCCESS);
+    ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+        SSL_SUCCESS);
 
     /* Add CRL to store NOT containing the verified certificate, which
      * forces use of the CRL lookup directory */
-    fp = XFOPEN(cliCrlPem, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
-            NULL, NULL));
-    XFCLOSE(fp);
-    AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+    ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+    ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+        NULL, NULL));
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+    ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
 
     /* Create verification context outside of an SSL session */
-    AssertNotNull((storeCtx = X509_STORE_CTX_new()));
-    AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+    ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+    ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
 
     /* Perform verification, which should NOT return CRL missing */
-    AssertIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
+    ExpectIntNE(X509_verify_cert(storeCtx), CRL_MISSING);
 
     X509_CRL_free(crl);
+    crl = NULL;
     X509_STORE_free(store);
+    store = NULL;
     X509_STORE_CTX_free(storeCtx);
+    storeCtx = NULL;
     X509_free(cert);
+    cert = NULL;
     X509_free(ca);
+    ca = NULL;
 
     /* Now repeat the same, but look for X509_FILETYPE_PEM.
      * We should get CRL_MISSING at the end, because the lookup
      * dir has only ASN1 CRLs. */
 
-    AssertNotNull(store = (X509_STORE *)X509_STORE_new());
+    ExpectNotNull(store = (X509_STORE *)X509_STORE_new());
 
-    AssertNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
+    ExpectNotNull((ca = wolfSSL_X509_load_certificate_file(caCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_add_cert(store, ca), SSL_SUCCESS);
 
-    AssertNotNull((lookup = X509_STORE_add_lookup(store,
-            X509_LOOKUP_hash_dir())));
+    ExpectNotNull((lookup = X509_STORE_add_lookup(store,
+        X509_LOOKUP_hash_dir())));
 
-    AssertIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM),
-            SSL_SUCCESS);
+    ExpectIntEQ(X509_LOOKUP_add_dir(lookup, caDir, X509_FILETYPE_PEM),
+        SSL_SUCCESS);
 
-    AssertIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
-            SSL_SUCCESS);
+    ExpectIntEQ(X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK),
+        SSL_SUCCESS);
 
-    fp = XFOPEN(cliCrlPem, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
-            NULL, NULL));
-    XFCLOSE(fp);
-    AssertIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
+    ExpectTrue((fp = XFOPEN(cliCrlPem, "rb")) != XBADFILE);
+    ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+        NULL, NULL));
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
+    ExpectIntEQ(X509_STORE_add_crl(store, crl), SSL_SUCCESS);
 
-    AssertNotNull((storeCtx = X509_STORE_CTX_new()));
-    AssertNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
-            SSL_FILETYPE_PEM)));
-    AssertIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
+    ExpectNotNull((storeCtx = X509_STORE_CTX_new()));
+    ExpectNotNull((cert = wolfSSL_X509_load_certificate_file(srvCert,
+        SSL_FILETYPE_PEM)));
+    ExpectIntEQ(X509_STORE_CTX_init(storeCtx, store, cert, NULL), SSL_SUCCESS);
 
     /* Now we SHOULD get CRL_MISSING, because we looked for PEM
      * in dir containing only ASN1/DER. */
-    AssertIntEQ(X509_verify_cert(storeCtx), CRL_MISSING);
+    ExpectIntEQ(X509_verify_cert(storeCtx), WOLFSSL_FAILURE);
+    ExpectIntEQ(X509_STORE_CTX_get_error(storeCtx), CRL_MISSING);
 
     X509_CRL_free(crl);
     X509_STORE_free(store);
     X509_STORE_CTX_free(storeCtx);
     X509_free(cert);
     X509_free(ca);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
@@ -54541,125 +53080,128 @@ static int test_X509_LOOKUP_add_dir(void)
  | Certificate Failure Checks
  *----------------------------------------------------------------------------*/
 #if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
-                    !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
-    /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
-    static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
-        int type)
-    {
-        int ret;
-        WOLFSSL_CERT_MANAGER* cm = NULL;
-
-        switch (type) {
-            case TESTING_RSA:
-            #ifdef NO_RSA
-                fprintf(stderr, "RSA disabled, skipping test\n");
-                return ASN_SIG_CONFIRM_E;
-            #else
-                break;
-            #endif
-            case TESTING_ECC:
-            #ifndef HAVE_ECC
-                fprintf(stderr, "ECC disabled, skipping test\n");
-                return ASN_SIG_CONFIRM_E;
-            #else
-                break;
-            #endif
-            default:
-                fprintf(stderr, "Bad function argument\n");
-                return BAD_FUNC_ARG;
-        }
-        cm = wolfSSL_CertManagerNew();
-        if (cm == NULL) {
-            fprintf(stderr, "wolfSSL_CertManagerNew failed\n");
-            return -1;
-        }
-
-    #ifndef NO_FILESYSTEM
-        ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
-        if (ret != WOLFSSL_SUCCESS) {
-            fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n");
-            wolfSSL_CertManagerFree(cm);
-            return ret;
-        }
-    #else
-        (void)ca;
-    #endif
+                   !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
+#if !defined(NO_RSA) || defined(HAVE_ECC)
+/* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
+static int verify_sig_cm(const char* ca, byte* cert_buf, size_t cert_sz,
+    int type)
+{
+    int ret;
+    WOLFSSL_CERT_MANAGER* cm = NULL;
 
-        ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz, WOLFSSL_FILETYPE_ASN1);
-        /* Let AssertIntEQ handle return code */
+    switch (type) {
+        case TESTING_RSA:
+        #ifdef NO_RSA
+            fprintf(stderr, "RSA disabled, skipping test\n");
+            return ASN_SIG_CONFIRM_E;
+        #else
+            break;
+        #endif
+        case TESTING_ECC:
+        #ifndef HAVE_ECC
+            fprintf(stderr, "ECC disabled, skipping test\n");
+            return ASN_SIG_CONFIRM_E;
+        #else
+            break;
+        #endif
+        default:
+            fprintf(stderr, "Bad function argument\n");
+            return BAD_FUNC_ARG;
+    }
+    cm = wolfSSL_CertManagerNew();
+    if (cm == NULL) {
+        fprintf(stderr, "wolfSSL_CertManagerNew failed\n");
+        return -1;
+    }
 
+#ifndef NO_FILESYSTEM
+    ret = wolfSSL_CertManagerLoadCA(cm, ca, 0);
+    if (ret != WOLFSSL_SUCCESS) {
+        fprintf(stderr, "wolfSSL_CertManagerLoadCA failed\n");
         wolfSSL_CertManagerFree(cm);
-
         return ret;
     }
+#else
+    (void)ca;
+#endif
 
- #if !defined(NO_FILESYSTEM)
-    static int test_RsaSigFailure_cm(void)
-    {
-        int ret = 0;
-        const char* ca_cert = "./certs/ca-cert.pem";
-        const char* server_cert = "./certs/server-cert.der";
-        byte* cert_buf = NULL;
-        size_t cert_sz = 0;
+    ret = wolfSSL_CertManagerVerifyBuffer(cm, cert_buf, cert_sz,
+        WOLFSSL_FILETYPE_ASN1);
+    /* Let ExpectIntEQ handle return code */
 
-        ret = load_file(server_cert, &cert_buf, &cert_sz);
-        if (ret == 0) {
-            /* corrupt DER - invert last byte, which is signature */
-            cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+    wolfSSL_CertManagerFree(cm);
 
-            /* test bad cert */
-            ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA);
-        }
+    return ret;
+}
+#endif
 
-        if (cert_buf)
-            free(cert_buf);
+#if !defined(NO_FILESYSTEM)
+static int test_RsaSigFailure_cm(void)
+{
+    EXPECT_DECLS;
+#ifndef NO_RSA
+    const char* ca_cert = "./certs/ca-cert.pem";
+    const char* server_cert = "./certs/server-cert.der";
+    byte* cert_buf = NULL;
+    size_t cert_sz = 0;
+
+    ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
+    if (cert_buf != NULL) {
+        /* corrupt DER - invert last byte, which is signature */
+        cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+        /* test bad cert */
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
-        if (ret == WOLFSSL_FATAL_ERROR) {
-            ret = 0;
-        }
+        ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
+           WOLFSSL_FATAL_ERROR);
 #else
-        if (ret == ASN_SIG_CONFIRM_E) {
-            ret = 0;
-        }
-#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
-        return TEST_RES_CHECK(ret == 0);
+        ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_RSA),
+           ASN_SIG_CONFIRM_E);
+#endif
     }
 
-    static int test_EccSigFailure_cm(void)
-    {
-        int ret = 0;
-        /* self-signed ECC cert, so use server cert as CA */
-        const char* ca_cert = "./certs/ca-ecc-cert.pem";
-        const char* server_cert = "./certs/server-ecc.der";
-        byte* cert_buf = NULL;
-        size_t cert_sz = 0;
-
-        ret = load_file(server_cert, &cert_buf, &cert_sz);
-        if (ret == 0) {
-            /* corrupt DER - invert last byte, which is signature */
-            cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
+    /* load_file() uses malloc. */
+    if (cert_buf != NULL) {
+        free(cert_buf);
+    }
+#endif /* !NO_RSA */
+    return EXPECT_RESULT();
+}
 
-            /* test bad cert */
-            ret = verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC);
-        }
+static int test_EccSigFailure_cm(void)
+{
+    EXPECT_DECLS;
+#ifdef HAVE_ECC
+    /* self-signed ECC cert, so use server cert as CA */
+    const char* ca_cert = "./certs/ca-ecc-cert.pem";
+    const char* server_cert = "./certs/server-ecc.der";
+    byte* cert_buf = NULL;
+    size_t cert_sz = 0;
 
-        if (cert_buf)
-            free(cert_buf);
+    ExpectIntEQ(load_file(server_cert, &cert_buf, &cert_sz), 0);
+    if (cert_buf != NULL) {
+        /* corrupt DER - invert last byte, which is signature */
+        cert_buf[cert_sz-1] = ~cert_buf[cert_sz-1];
 
-#ifdef FP_ECC
-    wc_ecc_fp_free();
-#endif
+        /* test bad cert */
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
-        if (ret == WOLFSSL_FATAL_ERROR) {
-            ret = 0;
-        }
+        ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
+           WOLFSSL_FATAL_ERROR);
 #else
-        if (ret == ASN_SIG_CONFIRM_E) {
-            ret = 0;
-        }
-#endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
-        return TEST_RES_CHECK(ret == 0);
+        ExpectIntEQ(verify_sig_cm(ca_cert, cert_buf, cert_sz, TESTING_ECC),
+           ASN_SIG_CONFIRM_E);
+#endif
+    }
+
+    /* load_file() uses malloc. */
+    if (cert_buf != NULL) {
+        free(cert_buf);
     }
+#ifdef FP_ECC
+    wc_ecc_fp_free();
+#endif
+#endif /* HAVE_ECC */
+    return EXPECT_RESULT();
+}
 
 #endif /* !NO_FILESYSTEM */
 #endif /* NO_CERTS */
@@ -54679,24 +53221,25 @@ static       char earlyDataBuffer[1];
 
 static int test_tls13_apis(void)
 {
-    int          ret = 0;
+    EXPECT_DECLS;
+    int          ret;
 #ifndef WOLFSSL_NO_TLS12
 #ifndef NO_WOLFSSL_CLIENT
-    WOLFSSL_CTX* clientTls12Ctx;
-    WOLFSSL*     clientTls12Ssl;
+    WOLFSSL_CTX* clientTls12Ctx = NULL;
+    WOLFSSL*     clientTls12Ssl = NULL;
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    WOLFSSL_CTX* serverTls12Ctx;
-    WOLFSSL*     serverTls12Ssl;
+    WOLFSSL_CTX* serverTls12Ctx = NULL;
+    WOLFSSL*     serverTls12Ssl = NULL;
 #endif
 #endif
 #ifndef NO_WOLFSSL_CLIENT
-    WOLFSSL_CTX* clientCtx;
-    WOLFSSL*     clientSsl;
+    WOLFSSL_CTX* clientCtx = NULL;
+    WOLFSSL*     clientSsl = NULL;
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    WOLFSSL_CTX* serverCtx;
-    WOLFSSL*     serverSsl;
+    WOLFSSL_CTX* serverCtx = NULL;
+    WOLFSSL*     serverSsl = NULL;
 #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
     const char*  ourCert = svrCertFile;
     const char*  ourKey  = svrKeyFile;
@@ -54752,7 +53295,8 @@ static int test_tls13_apis(void)
     serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
 #if !defined(NO_CERTS) && !defined(NO_FILESYSTEM)
     wolfSSL_CTX_use_certificate_chain_file(serverTls12Ctx, ourCert);
-    wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM);
+    wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey,
+        WOLFSSL_FILETYPE_PEM);
 #endif
     serverTls12Ssl = wolfSSL_new(serverTls12Ctx);
 #endif
@@ -54769,28 +53313,30 @@ static int test_tls13_apis(void)
     wolfSSL_CTX_use_PrivateKey_file(serverCtx, ourKey, WOLFSSL_FILETYPE_PEM);
 #endif
     serverSsl = wolfSSL_new(serverCtx);
-    AssertNotNull(serverSsl);
+    ExpectNotNull(serverSsl);
 #endif
 
 #ifdef WOLFSSL_SEND_HRR_COOKIE
-    AssertIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0),
+        BAD_FUNC_ARG);
 #endif
 
-    AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
+        WOLFSSL_SUCCESS);
 #endif
 #endif
 
 #ifdef HAVE_SUPPORTED_CURVES
 #ifdef HAVE_ECC
-    AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
+        BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
     do {
         ret = wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1);
@@ -54798,8 +53344,9 @@ static int test_tls13_apis(void)
         if (ret == WC_PENDING_E)
             wolfSSL_AsyncPoll(serverSsl, WOLF_POLL_FLAG_CHECK_HW);
     #endif
-    } while (ret == WC_PENDING_E);
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
+    }
+    while (ret == WC_PENDING_E);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
@@ -54809,8 +53356,9 @@ static int test_tls13_apis(void)
         if (ret == WC_PENDING_E)
             wolfSSL_AsyncPoll(clientTls12Ssl, WOLF_POLL_FLAG_CHECK_HW);
     #endif
-    } while (ret == WC_PENDING_E);
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
+    }
+    while (ret == WC_PENDING_E);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
     do {
         ret = wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1);
@@ -54818,282 +53366,285 @@ static int test_tls13_apis(void)
         if (ret == WC_PENDING_E)
             wolfSSL_AsyncPoll(clientSsl, WOLF_POLL_FLAG_CHECK_HW);
     #endif
-    } while (ret == WC_PENDING_E);
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
+    }
+    while (ret == WC_PENDING_E);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 #endif
 #elif defined(HAVE_CURVE25519)
-    AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
+        WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
+        WOLFSSL_SUCCESS);
 #endif
-    AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
+        WOLFSSL_SUCCESS);
 #endif
 #elif defined(HAVE_CURVE448)
-    AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X448), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X448),
+        WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X448),
+        WOLFSSL_SUCCESS);
 #endif
-    AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X448),
+        WOLFSSL_SUCCESS);
 #endif
 #else
-    AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1),
+        BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
-                NOT_COMPILED_IN);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
+        NOT_COMPILED_IN);
 #endif
-    AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
-                NOT_COMPILED_IN);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
+        NOT_COMPILED_IN);
 #endif
 #endif
 
 #if defined(HAVE_PQC)
-    AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_KYBER_LEVEL3), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_KYBER_LEVEL3),
+        WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_KYBER_LEVEL3),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_KYBER_LEVEL3),
+        WOLFSSL_SUCCESS);
 #endif
 #endif
 
-    AssertIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
 #endif
-    AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
 #endif
 #endif /* HAVE_SUPPORTED_CURVES */
 
-    AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
+    ExpectIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
+    ExpectIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
+    ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
+    ExpectIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
+    ExpectIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
+    ExpectIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
+    ExpectIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
+    ExpectIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
 #endif
 
-    AssertIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_key_update_response(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_key_update_response(NULL, &required), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_key_update_response(clientTls12Ssl, &required),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_key_update_response(clientSsl, NULL), BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_key_update_response(serverSsl, NULL), BAD_FUNC_ARG);
 #endif
 
 #if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
-    AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
+    ExpectIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
+    ExpectIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
+    ExpectIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
 #endif
 #endif
 
 #ifdef HAVE_ECC
 #ifndef WOLFSSL_NO_SERVER_GROUPS_EXT
-    AssertIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
+    ExpectIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
 #endif
 #endif
 
 #ifdef HAVE_SUPPORTED_CURVES
-    AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
-                                       WOLFSSL_MAX_GROUP_COUNT + 1),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
+        WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, numGroups),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(clientCtx, bad_groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, groups, numGroups),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set_groups(serverCtx, bad_groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
 
-    AssertIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_set_groups(clientSsl, groups,
-                                   WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups,
+        WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_groups(clientSsl, bad_groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_groups(serverSsl, groups, numGroups),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_groups(serverSsl, bad_groups, numGroups),
+        BAD_FUNC_ARG);
 #endif
 
 #ifdef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, NULL),
+        WOLFSSL_FAILURE);
 #endif
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(NULL, groupList),
+        WOLFSSL_FAILURE);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),
-                WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientTls12Ctx, groupList),
+        WOLFSSL_FAILURE);
 #endif
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(clientCtx, groupList),
+        WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set1_groups_list(serverCtx, groupList),
+        WOLFSSL_SUCCESS);
 #endif
 
-    AssertIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_set1_groups_list(NULL, NULL), WOLFSSL_FAILURE);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, NULL), WOLFSSL_FAILURE);
 #endif
-    AssertIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_set1_groups_list(NULL, groupList), WOLFSSL_FAILURE);
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList),
-                WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_set1_groups_list(clientTls12Ssl, groupList),
+        WOLFSSL_FAILURE);
 #endif
-    AssertIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set1_groups_list(clientSsl, groupList),
+        WOLFSSL_SUCCESS);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList),
-                WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set1_groups_list(serverSsl, groupList),
+        WOLFSSL_SUCCESS);
 #endif
 #endif /* OPENSSL_EXTRA */
 #endif /* HAVE_SUPPORTED_CURVES */
@@ -55101,149 +53652,140 @@ static int test_tls13_apis(void)
 
 #ifdef WOLFSSL_EARLY_DATA
 #ifndef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
 #else
-    AssertIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_CTX_get_max_early_data(NULL), BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
-    AssertIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
 #else
-    AssertIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
-    AssertIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
+    ExpectIntEQ(SSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
+    ExpectIntEQ(SSL_CTX_get_max_early_data(clientCtx), SIDE_ERROR);
 #endif
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
 #ifndef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
 #else
-    AssertIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
-                BAD_FUNC_ARG);
-    AssertIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_CTX_set_max_early_data(serverTls12Ctx, 0),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_CTX_get_max_early_data(serverTls12Ctx), BAD_FUNC_ARG);
 #endif
 #endif
 #ifndef OPENSSL_EXTRA
 #ifdef WOLFSSL_ERROR_CODE_OPENSSL
-    AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32),
+        WOLFSSL_SUCCESS);
 #else
-    AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
+    ExpectIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 32), 0);
 #endif
-    AssertIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
+    ExpectIntEQ(wolfSSL_CTX_get_max_early_data(serverCtx), 32);
 #else
-    AssertIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
-    AssertIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
+    ExpectIntEQ(SSL_CTX_set_max_early_data(serverCtx, 32), 1);
+    ExpectIntEQ(SSL_CTX_get_max_early_data(serverCtx), 32);
 #endif
 #endif
 
 #ifndef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_get_max_early_data(NULL), BAD_FUNC_ARG);
 #else
-    AssertIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_get_max_early_data(NULL), BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef OPENSSL_EXTRA
 #ifdef WOLFSSL_ERROR_CODE_OPENSSL
-    AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
 #else
-    AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0);
+    ExpectIntEQ(wolfSSL_set_max_early_data(clientSsl, 17), 0);
 #endif
-    AssertIntEQ(wolfSSL_get_max_early_data(clientSsl), 17);
+    ExpectIntEQ(wolfSSL_get_max_early_data(clientSsl), 17);
 #else
-    AssertIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
-    AssertIntEQ(SSL_get_max_early_data(clientSsl), 17);
+    ExpectIntEQ(SSL_set_max_early_data(clientSsl, 17), WOLFSSL_SUCCESS);
+    ExpectIntEQ(SSL_get_max_early_data(clientSsl), 17);
 #endif
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
 #ifndef OPENSSL_EXTRA
-    AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
 #else
-    AssertIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
-    AssertIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(SSL_get_max_early_data(serverTls12Ssl), BAD_FUNC_ARG);
 #endif
 #endif
 #ifndef OPENSSL_EXTRA
 #ifdef WOLFSSL_ERROR_CODE_OPENSSL
-    AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), WOLFSSL_SUCCESS);
 #else
-    AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
+    ExpectIntEQ(wolfSSL_set_max_early_data(serverSsl, 16), 0);
 #endif
-    AssertIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
+    ExpectIntEQ(wolfSSL_get_max_early_data(serverSsl), 16);
 #else
-    AssertIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
-    AssertIntEQ(SSL_get_max_early_data(serverSsl), 16);
+    ExpectIntEQ(SSL_set_max_early_data(serverSsl, 16), 1);
+    ExpectIntEQ(SSL_get_max_early_data(serverSsl), 16);
 #endif
 #endif
 
 
-    AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
-                                         &outSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
+        &outSz), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
-                                         &outSz), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
-                                         sizeof(earlyData), NULL),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_write_early_data(clientSsl, NULL, sizeof(earlyData),
+        &outSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, -1, &outSz),
+        BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
+        sizeof(earlyData), NULL), BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
-                                         sizeof(earlyData), &outSz),
-                SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
+        sizeof(earlyData), &outSz), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
-                                         sizeof(earlyData), &outSz),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
+        sizeof(earlyData), &outSz), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
-                                         sizeof(earlyData), &outSz),
-                WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
+        sizeof(earlyData), &outSz), WOLFSSL_FATAL_ERROR);
 #endif
 
-    AssertIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
-                                        sizeof(earlyDataBuffer), &outSz),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_read_early_data(NULL, earlyDataBuffer,
+        sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
 #ifndef NO_WOLFSSL_SERVER
-    AssertIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
-                                        sizeof(earlyDataBuffer), &outSz),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1, &outSz),
-                BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
-                                        sizeof(earlyDataBuffer), NULL),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_read_early_data(serverSsl, NULL,
+        sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, -1,
+        &outSz), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
+        sizeof(earlyDataBuffer), NULL), BAD_FUNC_ARG);
 #endif
 #ifndef NO_WOLFSSL_CLIENT
-    AssertIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
-                                        sizeof(earlyDataBuffer), &outSz),
-                SIDE_ERROR);
+    ExpectIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
+        sizeof(earlyDataBuffer), &outSz), SIDE_ERROR);
 #endif
 #ifndef NO_WOLFSSL_SERVER
 #ifndef WOLFSSL_NO_TLS12
-    AssertIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
-                                        sizeof(earlyDataBuffer), &outSz),
-                BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
+        sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG);
 #endif
-    AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
-                                        sizeof(earlyDataBuffer), &outSz),
-                WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
+        sizeof(earlyDataBuffer), &outSz), WOLFSSL_FATAL_ERROR);
 #endif
 #endif
 
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_EARLY_DATA)
-    AssertIntLT(SSL_get_early_data_status(NULL), 0);
+    ExpectIntLT(SSL_get_early_data_status(NULL), 0);
 #endif
 
 
@@ -55267,7 +53809,7 @@ static int test_tls13_apis(void)
 #endif
 #endif
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
@@ -55308,12 +53850,12 @@ static int CsRecv(WOLFSSL* ssl, char* buf, int sz, void* ctx)
 
 static int test_tls13_cipher_suites(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
     defined(HAVE_ECC) && defined(BUILD_TLS_AES_128_GCM_SHA256) && \
     defined(BUILD_TLS_AES_256_GCM_SHA384)
-    WOLFSSL_CTX* ctx;
-    WOLFSSL *ssl;
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL *ssl = NULL;
     int i;
     byte clientHello[] = {
         0x16, 0x03, 0x03, 0x01, 0x9b, 0x01, 0x00, 0x01,
@@ -55391,10 +53933,10 @@ static int test_tls13_cipher_suites(void)
 #endif
 
     /* Set up wolfSSL context. */
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+    ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx, eccCertFile,
         WOLFSSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
+    ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx, eccKeyFile,
         WOLFSSL_FILETYPE_PEM));
     /* Read from 'msg'. */
     wolfSSL_SetIORecv(ctx, CsRecv);
@@ -55402,13 +53944,13 @@ static int test_tls13_cipher_suites(void)
     wolfSSL_SetIOSend(ctx, CsSend);
 
     /* Test cipher suite list with many copies of a cipher suite. */
-    AssertNotNull(ssl = wolfSSL_new(ctx));
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
     msg.buffer = clientHello;
     msg.length = (unsigned int)sizeof(clientHello);
     wolfSSL_SetIOReadCtx(ssl, &msg);
     /* Force server to have as many occurrences of same cipher suite as
      * possible. */
-    {
+    if (ssl != NULL) {
         Suites* suites = (Suites*)WOLFSSL_SUITES(ssl);
         suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
         for (i = 0; i < suites->suiteSz; i += 2) {
@@ -55417,8 +53959,9 @@ static int test_tls13_cipher_suites(void)
         }
     }
     /* Test multiple occurrences of same cipher suite. */
-    wolfSSL_accept_TLSv13(ssl);
+    ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
     wolfSSL_free(ssl);
+    ssl = NULL;
 
     /* Set client order opposite to server order:
      *   TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384 */
@@ -55428,63 +53971,63 @@ static int test_tls13_cipher_suites(void)
     clientHello[csOff + 3] = TLS_AES_256_GCM_SHA384;
 
     /* Test server order negotiation. */
-    AssertNotNull(ssl = wolfSSL_new(ctx));
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
     msg.buffer = clientHello;
     msg.length = (unsigned int)sizeof(clientHello);
     wolfSSL_SetIOReadCtx(ssl, &msg);
     /* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
-    AssertIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
     /* Negotiate cipher suites in server order: TLS13-AES256-GCM-SHA384 */
-    wolfSSL_accept_TLSv13(ssl);
+    ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
     /* Check refined order - server order. */
-    AssertIntEQ(ssl->suites->suiteSz, 4);
-    AssertIntEQ(ssl->suites->suites[0], TLS13_BYTE);
-    AssertIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384);
-    AssertIntEQ(ssl->suites->suites[2], TLS13_BYTE);
-    AssertIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256);
+    ExpectIntEQ(ssl->suites->suiteSz, 4);
+    ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
+    ExpectIntEQ(ssl->suites->suites[1], TLS_AES_256_GCM_SHA384);
+    ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
+    ExpectIntEQ(ssl->suites->suites[3], TLS_AES_128_GCM_SHA256);
     wolfSSL_free(ssl);
+    ssl = NULL;
 
     /* Test client order negotiation. */
-    AssertNotNull(ssl = wolfSSL_new(ctx));
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
     msg.buffer = clientHello;
     msg.length = (unsigned int)sizeof(clientHello);
     wolfSSL_SetIOReadCtx(ssl, &msg);
     /* Server order: TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256 */
-    AssertIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_UseClientSuites(ssl), 0);
+    ExpectIntEQ(wolfSSL_set_cipher_list(ssl, serverCs), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseClientSuites(ssl), 0);
     /* Negotiate cipher suites in client order: TLS13-AES128-GCM-SHA256 */
-    wolfSSL_accept_TLSv13(ssl);
+    ExpectIntEQ(wolfSSL_accept_TLSv13(ssl), WOLFSSL_FATAL_ERROR);
     /* Check refined order - client order. */
-    AssertIntEQ(ssl->suites->suiteSz, 4);
-    AssertIntEQ(ssl->suites->suites[0], TLS13_BYTE);
-    AssertIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256);
-    AssertIntEQ(ssl->suites->suites[2], TLS13_BYTE);
-    AssertIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384);
+    ExpectIntEQ(ssl->suites->suiteSz, 4);
+    ExpectIntEQ(ssl->suites->suites[0], TLS13_BYTE);
+    ExpectIntEQ(ssl->suites->suites[1], TLS_AES_128_GCM_SHA256);
+    ExpectIntEQ(ssl->suites->suites[2], TLS13_BYTE);
+    ExpectIntEQ(ssl->suites->suites[3], TLS_AES_256_GCM_SHA384);
     wolfSSL_free(ssl);
+    ssl = NULL;
 
     /* Check duplicate detection is working. */
-    AssertIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS);
-    AssertIntEQ(ctx->suites->suiteSz, 4);
-    AssertIntEQ(ctx->suites->suites[0], TLS13_BYTE);
-    AssertIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256);
-    AssertIntEQ(ctx->suites->suites[2], TLS13_BYTE);
-    AssertIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384);
+    ExpectIntEQ(wolfSSL_CTX_set_cipher_list(ctx, dupCs), WOLFSSL_SUCCESS);
+    ExpectIntEQ(ctx->suites->suiteSz, 4);
+    ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
+    ExpectIntEQ(ctx->suites->suites[1], TLS_AES_128_GCM_SHA256);
+    ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
+    ExpectIntEQ(ctx->suites->suites[3], TLS_AES_256_GCM_SHA384);
 
 #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_SET_CIPHER_BYTES)
-    AssertIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes,
+    ExpectIntEQ(wolfSSL_CTX_set_cipher_list_bytes(ctx, dupCsBytes,
         sizeof(dupCsBytes)), WOLFSSL_SUCCESS);
-    AssertIntEQ(ctx->suites->suiteSz, 4);
-    AssertIntEQ(ctx->suites->suites[0], TLS13_BYTE);
-    AssertIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384);
-    AssertIntEQ(ctx->suites->suites[2], TLS13_BYTE);
-    AssertIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256);
+    ExpectIntEQ(ctx->suites->suiteSz, 4);
+    ExpectIntEQ(ctx->suites->suites[0], TLS13_BYTE);
+    ExpectIntEQ(ctx->suites->suites[1], TLS_AES_256_GCM_SHA384);
+    ExpectIntEQ(ctx->suites->suites[2], TLS13_BYTE);
+    ExpectIntEQ(ctx->suites->suites[3], TLS_AES_128_GCM_SHA256);
 #endif
 
     wolfSSL_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #endif
@@ -55559,11 +54102,10 @@ static int test_dh_ssl_setup_fail(WOLFSSL* ssl)
 
 static int test_DhCallbacks(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && !defined(NO_DH) && \
         !defined(NO_AES) && defined(HAVE_AES_CBC) && \
          defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    EXPECT_DECLS;
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL     *ssl = NULL;
     int  test;
@@ -55605,8 +54147,8 @@ static int test_DhCallbacks(void)
         &func_cb_server, NULL), TEST_SUCCESS);
 
     /* Test fail */
-    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
-    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
 
     /* set callbacks to use DH functions */
     func_cb_client.ctx_ready = &test_dh_ctx_setup;
@@ -55619,10 +54161,8 @@ static int test_DhCallbacks(void)
 
     ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&func_cb_client,
         &func_cb_server, NULL), TEST_FAIL);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* HAVE_PK_CALLBACKS */
 
@@ -55631,371 +54171,249 @@ static int test_DhCallbacks(void)
 #ifdef TEST_RESEED_INTERVAL
 static int test_wc_RNG_GenerateBlock_Reseed(void)
 {
-    int i, ret;
+    EXPECT_DECLS;
+    int i;
     WC_RNG rng;
     byte key[32];
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
-            ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
-            if (ret != 0) {
-                break;
-            }
-        }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    for (i = 0; i < WC_RESEED_INTERVAL + 10; i++) {
+        ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
     }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 
-    wc_FreeRng(&rng);
-
-    return TEST_RES_CHECK(ret == 0);
+    return EXPECT_RESULT();
 }
 #endif /* TEST_RESEED_INTERVAL */
 
 static int test_wc_RNG_GenerateBlock(void)
 {
-    int i, ret;
+    EXPECT_DECLS;
+    int i;
     WC_RNG rng;
     byte key[32];
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        for (i = 0; i < 10; i++) {
-            ret = wc_RNG_GenerateBlock(&rng, key, sizeof(key));
-            if (ret != 0) {
-                break;
-            }
-        }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
+    for (i = 0; i < 10; i++) {
+        ExpectIntEQ(wc_RNG_GenerateBlock(&rng, key, sizeof(key)), 0);
     }
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 
-    wc_FreeRng(&rng);
+    return EXPECT_RESULT();
+}
 
-    (void)rng; /* for WC_NO_RNG case */
-    (void)key;
+#endif /* HAVE_HASHDRBG */
 
-    return TEST_RES_CHECK(ret == 0);
-}
-#endif
 /*
  * Testing get_rand_digit
  */
 static int test_get_rand_digit(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(WC_NO_RNG) && defined(WOLFSSL_PUBLIC_MP)
-    int      ret = 0;
     WC_RNG   rng;
     mp_digit d;
 
-    ret = wc_InitRng(&rng);
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = get_rand_digit(&rng, &d);
-    }
-    if (ret == 0) {
-        ret = get_rand_digit(NULL, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = get_rand_digit(NULL, &d);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = get_rand_digit(&rng, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    if (ret == 0) {
-        ret = wc_FreeRng(&rng);
-    }
+    ExpectIntEQ(get_rand_digit(&rng, &d), 0);
+    ExpectIntEQ(get_rand_digit(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(get_rand_digit(NULL, &d), BAD_FUNC_ARG);
+    ExpectIntEQ(get_rand_digit(&rng, NULL), BAD_FUNC_ARG);
 
-    res = TEST_RES_CHECK(ret == 0);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
+} /* End test_get_rand_digit*/
 
-}/* End test_get_rand_digit*/
 /*
  * Testing get_digit_count
  */
 static int test_get_digit_count(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(WOLFSSL_SP_MATH) && defined(WOLFSSL_PUBLIC_MP)
-    int ret = 0;
     mp_int a;
 
-    if (mp_init(&a) != MP_OKAY) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        ret = get_digit_count(NULL);
-    }
-    if (ret == 0) {
-        ret = get_digit_count(&a);
-    }
+    XMEMSET(&a, 0, sizeof(mp_int));
 
-    mp_clear(&a);
+    ExpectIntEQ(mp_init(&a), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(get_digit_count(NULL), 0);
+    ExpectIntEQ(get_digit_count(&a), 0);
+
+    mp_clear(&a);
 #endif
-    return res;
+    return EXPECT_RESULT();
+} /* End test_get_digit_count*/
 
-}/* End test_get_digit_count*/
 /*
  * Testing mp_cond_copy
  */
 static int test_mp_cond_copy(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(HAVE_ECC) || defined(WOLFSSL_MP_COND_COPY)) && \
     defined(WOLFSSL_PUBLIC_MP)
-    int     ret = 0;
-    mp_int  a;
-    mp_int  b;
-    int     copy = 0;
+    mp_int a;
+    mp_int b;
+    int    copy = 0;
 
-    if (mp_init(&a) != MP_OKAY) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        if (mp_init(&b) != MP_OKAY) {
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_cond_copy(NULL, copy, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_cond_copy(NULL, copy, &b);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_cond_copy(&a, copy, NULL);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_cond_copy(&a, copy, &b);
-    }
+    XMEMSET(&a, 0, sizeof(mp_int));
+    XMEMSET(&b, 0, sizeof(mp_int));
+
+    ExpectIntEQ(mp_init(&a), MP_OKAY);
+    ExpectIntEQ(mp_init(&b), MP_OKAY);
+
+    ExpectIntEQ(mp_cond_copy(NULL, copy, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(mp_cond_copy(NULL, copy, &b), BAD_FUNC_ARG);
+    ExpectIntEQ(mp_cond_copy(&a, copy, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(mp_cond_copy(&a, copy, &b), 0);
 
     mp_clear(&a);
     mp_clear(&b);
-
-    res = TEST_RES_CHECK(ret == 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
+} /* End test_mp_cond_copy*/
 
-}/* End test_mp_cond_copy*/
 /*
  * Testing mp_rand
  */
 static int test_mp_rand(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WC_RSA_BLINDING) && defined(WOLFSSL_PUBLIC_MP)
-    int ret = 0;
-    mp_int  a;
-    int     digits = 1;
-    WC_RNG  rng;
+    mp_int a;
+    WC_RNG rng;
+    int    digits = 1;
 
-    if (mp_init(&a) != MP_OKAY) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        ret = wc_InitRng(&rng);
-    }
+    XMEMSET(&a, 0, sizeof(mp_int));
+    XMEMSET(&rng, 0, sizeof(WC_RNG));
 
-    if (ret == 0) {
-        ret = mp_rand(&a, digits, NULL);
-        if (ret == MISSING_RNG_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_rand(NULL, digits, &rng);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_rand(&a, 0, &rng);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        ret = mp_rand(&a, digits, &rng);
-    }
+    ExpectIntEQ(mp_init(&a), MP_OKAY);
+    ExpectIntEQ(wc_InitRng(&rng), 0);
 
-    mp_clear(&a);
-    wc_FreeRng(&rng);
+    ExpectIntEQ(mp_rand(&a, digits, NULL), MISSING_RNG_E);
+    ExpectIntEQ(mp_rand(NULL, digits, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(mp_rand(&a, 0, &rng), BAD_FUNC_ARG);
+    ExpectIntEQ(mp_rand(&a, digits, &rng), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    mp_clear(&a);
+    DoExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
-}/* End test_mp_rand*/
+    return EXPECT_RESULT();
+} /* End test_mp_rand*/
+
 /*
  * Testing get_digit
  */
 static int test_get_digit(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_PUBLIC_MP)
-    int     ret = 0;
-    mp_int  a;
-    int     n = 0;
+    mp_int a;
+    int    n = 0;
 
-    if (mp_init(&a) != MP_OKAY) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        if (get_digit(NULL, n) != 0) { /* Should not hit this */
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        if (get_digit(NULL, n) == 0) { /* Should hit this */
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        if (get_digit(&a, n) != 0) { /* Should not hit this */
-            ret = -1;
-        }
-    }
-    if (ret == 0) {
-        if (get_digit(&a, n) == 0) { /* Should hit this */
-            ret = 0;
-        }
-    }
+    XMEMSET(&a, 0, sizeof(mp_int));
 
-    mp_clear(&a);
+    ExpectIntEQ(mp_init(&a), MP_OKAY);
+    ExpectIntEQ(get_digit(NULL, n), 0);
+    ExpectIntEQ(get_digit(&a, n), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    mp_clear(&a);
 #endif
-    return res;
-}/* End test_get_digit*/
+    return EXPECT_RESULT();
+} /* End test_get_digit*/
+
 /*
  * Testing wc_export_int
  */
 static int test_wc_export_int(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(HAVE_ECC) || defined(WOLFSSL_EXPORT_INT)) && \
     defined(WOLFSSL_PUBLIC_MP)
-    int         ret = 0;
-    mp_int      mp;
-    byte        buf[32];
-    word32      keySz = (word32)sizeof(buf);
-    word32      len = (word32)sizeof(buf);
+    mp_int mp;
+    byte   buf[32];
+    word32 keySz = (word32)sizeof(buf);
+    word32 len = (word32)sizeof(buf);
 
-    if (mp_init(&mp) != MP_OKAY) {
-        ret = -1;
-    }
-    if (ret == 0) {
-        ret = mp_set(&mp, 1234);
-    }
-    if (ret == 0) {
-        ret = wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
-        if (ret == BAD_FUNC_ARG) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        len = sizeof(buf)-1;
-        ret = wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
-        if (ret == BUFFER_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        len = sizeof(buf);
-        ret = wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN);
-    }
-    if (ret == 0) {
-        len = 4; /* test input too small */
-        ret = wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR);
-        if (ret == BUFFER_E) {
-            ret = 0;
-        }
-    }
-    if (ret == 0) {
-        len = sizeof(buf);
-        ret = wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR);
-        /* hex version of 1234 is 04D2 and should be 4 digits + 1 null */
-        if (ret == 0 && len != 5) {
-            ret = BAD_FUNC_ARG;
-        }
-    }
+    XMEMSET(&mp, 0, sizeof(mp_int));
 
-    mp_clear(&mp);
+    ExpectIntEQ(mp_init(&mp), MP_OKAY);
+    ExpectIntEQ(mp_set(&mp, 1234), 0);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_export_int(NULL, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
+        BAD_FUNC_ARG);
+    len = sizeof(buf)-1;
+    ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN),
+        BUFFER_E);
+    len = sizeof(buf);
+    ExpectIntEQ(wc_export_int(&mp, buf, &len, keySz, WC_TYPE_UNSIGNED_BIN), 0);
+    len = 4; /* test input too small */
+    ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), BUFFER_E);
+    len = sizeof(buf);
+    ExpectIntEQ(wc_export_int(&mp, buf, &len, 0, WC_TYPE_HEX_STR), 0);
+    /* hex version of 1234 is 04D2 and should be 4 digits + 1 null */
+    ExpectIntEQ(len, 5);
+
+    mp_clear(&mp);
 #endif
-    return res;
+    return EXPECT_RESULT();
+
+} /* End test_wc_export_int*/
 
-}/* End test_wc_export_int*/
 static int test_wc_InitRngNonce(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
-   (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
-    int     ret;
-    WC_RNG  rng;
-    byte    nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
-                      "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
-    word32  nonceSz = sizeof(nonce);
-
-    ret = wc_InitRngNonce(&rng, nonce, nonceSz);
-    wc_FreeRng(&rng);
+    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+     HAVE_FIPS_VERSION >= 2))
+    WC_RNG rng;
+    byte   nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
+                     "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
+    word32 nonceSz = sizeof(nonce);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitRngNonce(&rng, nonce, nonceSz), 0);
+    ExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
-}/* End test_wc_InitRngNonce*/
+    return EXPECT_RESULT();
+} /* End test_wc_InitRngNonce*/
+
 /*
  * Testing wc_InitRngNonce_ex
  */
 static int test_wc_InitRngNonce_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(WC_NO_RNG) && !defined(HAVE_SELFTEST) && \
-   (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION >= 2))
-    int     ret;
-    WC_RNG  rng;
-    byte    nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
-                      "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
-    word32  nonceSz = sizeof(nonce);
-
-    ret = wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId);
-    wc_FreeRng(&rng);
+    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+     HAVE_FIPS_VERSION >= 2))
+    WC_RNG rng;
+    byte   nonce[] = "\x0D\x74\xDB\x42\xA9\x10\x77\xDE"
+                     "\x45\xAC\x13\x7A\xE1\x48\xAF\x16";
+    word32 nonceSz = sizeof(nonce);
 
-    res = TEST_RES_CHECK(ret == 0);
+    ExpectIntEQ(wc_InitRngNonce_ex(&rng, nonce, nonceSz, HEAP_HINT, testDevId),
+        0);
+    ExpectIntEQ(wc_FreeRng(&rng), 0);
 #endif
-    return res;
-}/*End test_wc_InitRngNonce_ex*/
+    return EXPECT_RESULT();
+} /* End test_wc_InitRngNonce_ex */
 
 
 
 static int test_wolfSSL_X509_CRL(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL)
-
-    X509_CRL *crl;
+    X509_CRL *crl = NULL;
     char pem[][100] = {
         "./certs/crl/crl.pem",
         "./certs/crl/crl2.pem",
@@ -56005,7 +54423,7 @@ static int test_wolfSSL_X509_CRL(void)
         ""
     };
 #ifndef NO_BIO
-    BIO *bio;
+    BIO *bio = NULL;
 #endif
 
 #ifdef HAVE_TEST_d2i_X509_CRL_fp
@@ -56015,63 +54433,82 @@ static int test_wolfSSL_X509_CRL(void)
         ""};
 #endif
 
-    XFILE fp;
+    XFILE fp = XBADFILE;
     int i;
 
     for (i = 0; pem[i][0] != '\0'; i++)
     {
-        fp = XFOPEN(pem[i], "rb");
-        AssertTrue((fp != XBADFILE));
-        AssertNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL, NULL, NULL));
-        AssertNotNull(crl);
+        ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
+        ExpectNotNull(crl = (X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+            NULL, NULL));
+        ExpectNotNull(crl);
         X509_CRL_free(crl);
-        XFCLOSE(fp);
-        fp = XFOPEN(pem[i], "rb");
-        AssertTrue((fp != XBADFILE));
-        AssertNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL, NULL));
-        AssertNotNull(crl);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
+        ExpectTrue((fp = XFOPEN(pem[i], "rb")) != XBADFILE);
+        ExpectNotNull((X509_CRL *)PEM_read_X509_CRL(fp, (X509_CRL **)&crl, NULL,
+            NULL));
+        if (EXPECT_FAIL()) {
+            crl = NULL;
+        }
+        ExpectNotNull(crl);
         X509_CRL_free(crl);
-        XFCLOSE(fp);
+        crl = NULL;
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
     }
 
 #ifndef NO_BIO
     for (i = 0; pem[i][0] != '\0'; i++)
     {
-        AssertNotNull(bio = BIO_new_file(pem[i], "rb"));
-        AssertNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
+        ExpectNotNull(bio = BIO_new_file(pem[i], "rb"));
+        ExpectNotNull(crl = PEM_read_bio_X509_CRL(bio, NULL, NULL, NULL));
         X509_CRL_free(crl);
+        crl = NULL;
         BIO_free(bio);
+        bio = NULL;
     }
 #endif
 
 #ifdef HAVE_TEST_d2i_X509_CRL_fp
     for (i = 0; der[i][0] != '\0'; i++) {
-        fp = XFOPEN(der[i], "rb");
-        AssertTrue((fp != XBADFILE));
-        AssertNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL));
-        AssertNotNull(crl);
+        ExpectTrue((fp = XFOPEN(der[i], "rb")) != XBADFILE);
+        ExpectTrue((fp != XBADFILE));
+        ExpectNotNull(crl = (X509_CRL *)d2i_X509_CRL_fp((fp, X509_CRL **)NULL));
+        ExpectNotNull(crl);
         X509_CRL_free(crl);
-        XFCLOSE(fp);
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
         fp = XFOPEN(der[i], "rb");
-        AssertTrue((fp != XBADFILE));
-        AssertNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl));
-        AssertNotNull(crl);
+        ExpectTrue((fp != XBADFILE));
+        ExpectNotNull((X509_CRL *)d2i_X509_CRL_fp(fp, (X509_CRL **)&crl));
+        if (EXPECT_FAIL()) {
+            crl = NULL;
+        }
+        ExpectNotNull(crl);
         X509_CRL_free(crl);
-        XFCLOSE(fp);
+        crl = NULL;
+        if (fp != XBADFILE) {
+            XFCLOSE(fp);
+            fp = XBADFILE;
+        }
     }
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_load_crl_file(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA) && !defined(NO_BIO)
-    EXPECT_DECLS;
     int i;
     char pem[][100] = {
         "./certs/crl/crl.pem",
@@ -56153,20 +54590,43 @@ static int test_wolfSSL_X509_load_crl_file(void)
 
     X509_STORE_free(store);
     store = NULL;
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = EXPECT_RESULT();
+static int test_wolfSSL_i2d_X509(void)
+{
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && defined(USE_CERT_BUFFERS_2048) && !defined(NO_RSA)
+    const unsigned char* cert_buf = server_cert_der_2048;
+    unsigned char* out = NULL;
+    unsigned char* tmp = NULL;
+    X509* cert = NULL;
+
+    ExpectNotNull(d2i_X509(&cert, &cert_buf, sizeof_server_cert_der_2048));
+    /* Pointer should be advanced */
+    ExpectPtrGT(cert_buf, server_cert_der_2048);
+    ExpectIntGT(i2d_X509(cert, &out), 0);
+    ExpectNotNull(out);
+    tmp = out;
+    ExpectIntGT(i2d_X509(cert, &tmp), 0);
+    ExpectPtrGT(tmp, out);
+
+    if (out != NULL)
+        XFREE(out, NULL, DYNAMIC_TYPE_OPENSSL);
+    X509_free(cert);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_X509_REQ(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_BIO) && \
     (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA)) && \
     !defined(WOLFSSL_SP_MATH)
-    /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der were
-     * generated by libest
+    /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der
+     * were generated by libest
      * ./certs/csr.attr.der contains sample attributes
      * ./certs/csr.ext.der contains sample extensions */
     const char* csrFile = "./certs/csr.signed.der";
@@ -56180,64 +54640,71 @@ static int test_wolfSSL_d2i_X509_REQ(void)
      */
 #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
     const char* csrDsaFile = "./certs/csr.dsa.pem";
-    XFILE f;
+    XFILE f = XBADFILE;
 #endif
     BIO* bio = NULL;
     X509* req = NULL;
     EVP_PKEY *pub_key = NULL;
 
     {
-        AssertNotNull(bio = BIO_new_file(csrFile, "rb"));
-        AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+        ExpectNotNull(bio = BIO_new_file(csrFile, "rb"));
+        ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
 
         /*
          * Extract the public key from the CSR
          */
-        AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+        ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
 
         /*
          * Verify the signature in the CSR
          */
-        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+        ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
 
         X509_free(req);
+        req = NULL;
         BIO_free(bio);
+        bio = NULL;
         EVP_PKEY_free(pub_key);
+        pub_key = NULL;
     }
     {
 #ifdef OPENSSL_ALL
         X509_ATTRIBUTE* attr;
         ASN1_TYPE *at;
 #endif
-        AssertNotNull(bio = BIO_new_file(csrPopFile, "rb"));
-        AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+        ExpectNotNull(bio = BIO_new_file(csrPopFile, "rb"));
+        ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
 
         /*
          * Extract the public key from the CSR
          */
-        AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+        ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
 
         /*
          * Verify the signature in the CSR
          */
-        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+        ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
 
 #ifdef OPENSSL_ALL
         /*
          * Obtain the challenge password from the CSR
          */
-        AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
-                1);
-        AssertNotNull(attr = X509_REQ_get_attr(req, 1));
-        AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
-        AssertNotNull(at->value.asn1_string);
-        AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "2xIE+qqp/rhyTXP+");
-        AssertIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1);
+        ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
+            -1), 1);
+        ExpectNotNull(attr = X509_REQ_get_attr(req, 1));
+        ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
+        ExpectNotNull(at->value.asn1_string);
+        ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string),
+            "2xIE+qqp/rhyTXP+");
+        ExpectIntEQ(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), -1);
 #endif
 
         X509_free(req);
+        req = NULL;
         BIO_free(bio);
+        bio = NULL;
         EVP_PKEY_free(pub_key);
+        pub_key = NULL;
     }
     {
 #ifdef OPENSSL_ALL
@@ -56245,170 +54712,175 @@ static int test_wolfSSL_d2i_X509_REQ(void)
         ASN1_TYPE *at;
         STACK_OF(X509_EXTENSION) *exts = NULL;
 #endif
-        AssertNotNull(bio = BIO_new_file(csrExtFile, "rb"));
+        ExpectNotNull(bio = BIO_new_file(csrExtFile, "rb"));
         /* This CSR contains an Extension Request attribute so
          * we test extension parsing in a CSR attribute here. */
-        AssertNotNull(d2i_X509_REQ_bio(bio, &req));
+        ExpectNotNull(d2i_X509_REQ_bio(bio, &req));
 
         /*
          * Extract the public key from the CSR
          */
-        AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+        ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
 
         /*
          * Verify the signature in the CSR
          */
-        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+        ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
 
 #ifdef OPENSSL_ALL
-        AssertNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(req));
-        AssertIntEQ(sk_X509_EXTENSION_num(exts), 2);
+        ExpectNotNull(exts = (STACK_OF(X509_EXTENSION)*)X509_REQ_get_extensions(
+            req));
+        ExpectIntEQ(sk_X509_EXTENSION_num(exts), 2);
         sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
         /*
          * Obtain the challenge password from the CSR
          */
-        AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
-                0);
-        AssertNotNull(attr = X509_REQ_get_attr(req, 0));
-        AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
-        AssertNotNull(at->value.asn1_string);
-        AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
-        AssertIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0);
-        AssertIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0);
+        ExpectIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword,
+            -1), 0);
+        ExpectNotNull(attr = X509_REQ_get_attr(req, 0));
+        ExpectNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
+        ExpectNotNull(at->value.asn1_string);
+        ExpectStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
+        ExpectIntGE(X509_get_ext_by_NID(req, NID_key_usage, -1), 0);
+        ExpectIntGE(X509_get_ext_by_NID(req, NID_subject_alt_name, -1), 0);
 #endif
 
         X509_free(req);
+        req = NULL;
         BIO_free(bio);
+        bio = NULL;
         EVP_PKEY_free(pub_key);
+        pub_key = NULL;
     }
 #if !defined(NO_DSA) && !defined(HAVE_SELFTEST)
     {
-        AssertNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
-        AssertNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
+        ExpectNotNull(bio = BIO_new_file(csrDsaFile, "rb"));
+        ExpectNotNull(PEM_read_bio_X509_REQ(bio, &req, NULL, NULL));
 
         /*
          * Extract the public key from the CSR
          */
-        AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
+        ExpectNotNull(pub_key = X509_REQ_get_pubkey(req));
 
         /*
          * Verify the signature in the CSR
          */
-        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+        ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
 
         X509_free(req);
+        req = NULL;
         BIO_free(bio);
 
         /* Run the same test, but with a file pointer instead of a BIO.
          * (PEM_read_X509_REQ)*/
-        AssertTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE);
-        AssertNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL));
-        AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
+        ExpectTrue((f = XFOPEN(csrDsaFile, "rb")) != XBADFILE);
+        ExpectNotNull(PEM_read_X509_REQ(f, &req, NULL, NULL));
+        ExpectIntEQ(X509_REQ_verify(req, pub_key), 1);
 
         X509_free(req);
         EVP_PKEY_free(pub_key);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif /* !NO_DSA && !HAVE_SELFTEST */
 #endif /* WOLFSSL_CERT_REQ && (OPENSSL_ALL || OPENSSL_EXTRA) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_X509(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CRL) && !defined(NO_FILESYSTEM) && \
     !defined(NO_RSA)
     X509 *x509 = NULL;
-    XFILE fp;
+    XFILE fp = XBADFILE;
 
-    fp = XFOPEN(svrCertFile, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL));
+    ExpectTrue((fp = XFOPEN(svrCertFile, "rb")) != XBADFILE);
+    ExpectNotNull(x509 = (X509 *)PEM_read_X509(fp, (X509 **)NULL, NULL, NULL));
     X509_free(x509);
-    XFCLOSE(fp);
-
-    res = TEST_RES_CHECK(1);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_BIO)
     const char* filename = "./certs/server-keyEnc.pem";
-    XFILE fp;
+    XFILE fp = XBADFILE;
     char* name = NULL;
     char* header = NULL;
     byte* data = NULL;
     long len;
     EVP_CIPHER_INFO cipher;
-    WOLFSSL_BIO* bio;
-    byte* fileData;
-    size_t fileDataSz;
+    WOLFSSL_BIO* bio = NULL;
+    byte* fileData = NULL;
+    size_t fileDataSz = 0;
     byte* out;
 
-    fp = XFOPEN(filename, "rb");
-    AssertTrue((fp != XBADFILE));
+    ExpectTrue((fp = XFOPEN(filename, "rb")) != XBADFILE);
 
     /* Fail cases. */
-    AssertIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE);
-
-    AssertIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
-
-    AssertIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
-    AssertIntGT(XSTRLEN(header), 0);
-    AssertIntGT(len, 0);
-
-    AssertIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
-    AssertIntGT((fileDataSz = XFTELL(fp)), 0);
-    AssertIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
-    AssertNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
-                                                      DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
-    XFCLOSE(fp);
+    ExpectIntEQ(PEM_read(fp, NULL, &header, &data, &len), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_read(fp, &name, NULL, &data, &len), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_read(fp, &name, &header, NULL, &len), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_read(fp, &name, &header, &data, NULL), WOLFSSL_FAILURE);
+
+    ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
+    ExpectIntGT(XSTRLEN(header), 0);
+    ExpectIntGT(len, 0);
+
+    ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
+    ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
+    ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
+    ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
 
-    AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+    ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
 
     /* Fail cases. */
-    AssertIntEQ(PEM_write_bio(NULL, name, header, data, len), 0);
-    AssertIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0);
-    AssertIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0);
-    AssertIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0);
+    ExpectIntEQ(PEM_write_bio(NULL, name, header, data, len), 0);
+    ExpectIntEQ(PEM_write_bio(bio, NULL, header, data, len), 0);
+    ExpectIntEQ(PEM_write_bio(bio, name, NULL, data, len), 0);
+    ExpectIntEQ(PEM_write_bio(bio, name, header, NULL, len), 0);
 
-    AssertIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
-    AssertIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
-    AssertIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
+    ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
+    ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
+    ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
 
     /* Fail cases. */
-    AssertIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(NULL, &cipher), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_get_EVP_CIPHER_INFO((char*)"", &cipher), WOLFSSL_FAILURE);
 
 #ifndef NO_DES3
-    AssertIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS);
+    ExpectIntEQ(PEM_get_EVP_CIPHER_INFO(header, &cipher), WOLFSSL_SUCCESS);
 #endif
 
     /* Fail cases. */
-    AssertIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack,
-                              (void*)"yassl123"), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack,
-                              (void*)"yassl123"), WOLFSSL_FAILURE);
-    AssertIntEQ(PEM_do_header(&cipher, data, &len, NULL,
-                              (void*)"yassl123"), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_do_header(&cipher, NULL, &len, PasswordCallBack,
+        (void*)"yassl123"), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_do_header(&cipher, data, NULL, PasswordCallBack,
+        (void*)"yassl123"), WOLFSSL_FAILURE);
+    ExpectIntEQ(PEM_do_header(&cipher, data, &len, NULL,
+        (void*)"yassl123"), WOLFSSL_FAILURE);
 
 #if !defined(NO_DES3) && !defined(NO_MD5)
-    AssertIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
+    ExpectIntEQ(PEM_do_header(&cipher, data, &len, PasswordCallBack,
                               (void*)"yassl123"), WOLFSSL_SUCCESS);
 #endif
 
     BIO_free(bio);
+    bio = NULL;
     XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    fileData = NULL;
     XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
@@ -56416,40 +54888,38 @@ static int test_wolfSSL_PEM_read(void)
     name = NULL;
     header = NULL;
     data = NULL;
-    fp = XFOPEN(svrKeyFile, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
-    AssertIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
-    AssertIntEQ(XSTRLEN(header), 0);
-    AssertIntGT(len, 0);
-
-    AssertIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
-    AssertIntGT((fileDataSz = XFTELL(fp)), 0);
-    AssertIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
-    AssertNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
-                                                      DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
+    ExpectIntEQ(PEM_read(fp, &name, &header, &data, &len), WOLFSSL_SUCCESS);
+    ExpectIntEQ(XSTRNCMP(name, "RSA PRIVATE KEY", 15), 0);
+    ExpectIntEQ(XSTRLEN(header), 0);
+    ExpectIntGT(len, 0);
+
+    ExpectIntEQ(XFSEEK(fp, 0, SEEK_END), 0);
+    ExpectIntGT((fileDataSz = XFTELL(fp)), 0);
+    ExpectIntEQ(XFSEEK(fp, 0, SEEK_SET), 0);
+    ExpectNotNull(fileData = (unsigned char*)XMALLOC(fileDataSz, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntEQ(XFREAD(fileData, 1, fileDataSz, fp), fileDataSz);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 
-    AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
-    AssertIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
-    AssertIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
-    AssertIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
+    ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+    ExpectIntEQ(PEM_write_bio(bio, name, header, data, len), fileDataSz);
+    ExpectIntEQ(wolfSSL_BIO_get_mem_data(bio, &out), fileDataSz);
+    ExpectIntEQ(XMEMCMP(out, fileData, fileDataSz), 0);
 
     BIO_free(bio);
     XFREE(fileData, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(name, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
     !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
     const byte iv[12] = { 0 };
@@ -56466,111 +54936,111 @@ static int test_wolfssl_EVP_aes_gcm_AAD_2_parts(void)
     byte out2Part[16];
     byte outTag2Part[16];
     byte decryptBuf[16];
-    int len;
+    int len = 0;
     int tlen;
     EVP_CIPHER_CTX* ctx = NULL;
 
     /* ENCRYPT */
     /* Send AAD and data in 1 part */
-    AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
     tlen = 0;
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
                 1);
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext,
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, out1Part, &len, cleartext,
                                   sizeof(cleartext)), 1);
     tlen += len;
-    AssertIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1);
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out1Part, &len), 1);
     tlen += len;
-    AssertIntEQ(tlen, sizeof(cleartext));
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
+    ExpectIntEQ(tlen, sizeof(cleartext));
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
                                     outTag1Part), 1);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* DECRYPT */
     /* Send AAD and data in 1 part */
-    AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
     tlen = 0;
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
                 1);
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part,
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, sizeof(aad)), 1);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part,
                                   sizeof(cleartext)), 1);
     tlen += len;
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
                                     outTag1Part), 1);
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1);
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf, &len), 1);
     tlen += len;
-    AssertIntEQ(tlen, sizeof(cleartext));
+    ExpectIntEQ(tlen, sizeof(cleartext));
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
-    AssertIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
+    ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
 
     /* ENCRYPT */
     /* Send AAD and data in 2 parts */
-    AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
     tlen = 0;
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
                 1);
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad, 1), 1);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
                 1);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part, &len, cleartext, 1), 1);
     tlen += len;
-    AssertIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1,
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, out2Part + tlen, &len, cleartext + 1,
                                   sizeof(cleartext) - 1), 1);
     tlen += len;
-    AssertIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1);
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, out2Part + tlen, &len), 1);
     tlen += len;
-    AssertIntEQ(tlen, sizeof(cleartext));
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
+    ExpectIntEQ(tlen, sizeof(cleartext));
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16,
                                     outTag2Part), 1);
 
-    AssertIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0);
-    AssertIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0);
+    ExpectIntEQ(XMEMCMP(out1Part, out2Part, sizeof(out1Part)), 0);
+    ExpectIntEQ(XMEMCMP(outTag1Part, outTag2Part, sizeof(outTag1Part)), 0);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* DECRYPT */
     /* Send AAD and data in 2 parts */
-    AssertNotNull(ctx = EVP_CIPHER_CTX_new());
+    ExpectNotNull(ctx = EVP_CIPHER_CTX_new());
     tlen = 0;
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL),
                 1);
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), 1);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad, 1), 1);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &len, aad + 1, sizeof(aad) - 1),
                 1);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf, &len, out1Part, 1), 1);
     tlen += len;
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1,
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptBuf + tlen, &len, out1Part + 1,
                                   sizeof(cleartext) - 1), 1);
     tlen += len;
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16,
                                     outTag1Part), 1);
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1);
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptBuf + tlen, &len), 1);
     tlen += len;
-    AssertIntEQ(tlen, sizeof(cleartext));
+    ExpectIntEQ(tlen, sizeof(cleartext));
 
-    AssertIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
+    ExpectIntEQ(XMEMCMP(decryptBuf, cleartext, len), 0);
 
-    /* Test AAD re-use */
+    /* Test AAD reuse */
     EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
     !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
     /* Zero length plain text */
-
     byte key[] = {
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -56584,9 +55054,10 @@ static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
     int ivSz  = 12;
     int plaintxtSz = 0;
     unsigned char tag[16];
-    unsigned char tag_kat[] =
-        {0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,
-        0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b};
+    unsigned char tag_kat[] = {
+        0x53,0x0f,0x8a,0xfb,0xc7,0x45,0x36,0xb9,
+        0xa9,0x63,0xb4,0xf1,0xc4,0xcb,0x73,0x8b
+    };
 
     byte ciphertxt[AES_BLOCK_SIZE * 4] = {0};
     byte decryptedtxt[AES_BLOCK_SIZE * 4] = {0};
@@ -56597,42 +55068,39 @@ static int test_wolfssl_EVP_aes_gcm_zeroLen(void)
     EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
     EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
 
-    AssertIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv));
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
-    AssertIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
-                                     plaintxtSz));
-    AssertIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+    ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_gcm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+        plaintxtSz));
+    ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
     ciphertxtSz += len;
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
-    AssertIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
 
-    AssertIntEQ(0, ciphertxtSz);
-    AssertIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
+    ExpectIntEQ(0, ciphertxtSz);
+    ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
 
     EVP_CIPHER_CTX_init(de);
-    AssertIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv));
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
-    AssertIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+    ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_gcm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
     decryptedtxtSz = len;
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
-    AssertIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
     decryptedtxtSz += len;
-    AssertIntEQ(0, decryptedtxtSz);
+    ExpectIntEQ(0, decryptedtxtSz);
 
     EVP_CIPHER_CTX_free(en);
     EVP_CIPHER_CTX_free(de);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_aes_gcm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESGCM) && \
     !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-
     /* A 256 bit key, AES_128 will use the first 128 bit*/
     byte *key = (byte*)"01234567890123456789012345678901";
     /* A 128 bit IV */
@@ -56656,76 +55124,258 @@ static int test_wolfssl_EVP_aes_gcm(void)
     EVP_CIPHER_CTX de[2];
 
     for (i = 0; i < 2; i++) {
-
         EVP_CIPHER_CTX_init(&en[i]);
-
         if (i == 0) {
             /* Default uses 96-bits IV length */
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
+                key, iv));
 #endif
         }
         else {
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_gcm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_gcm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_gcm(), NULL,
+                NULL, NULL));
 #endif
              /* non-default must to set the IV length first */
-            AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
         }
-        AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
-        AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+            plaintxtSz));
         ciphertxtSz = len;
-        AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+        ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
         ciphertxtSz += len;
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, AES_BLOCK_SIZE, tag));
-        AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
+            AES_BLOCK_SIZE, tag));
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
 
         EVP_CIPHER_CTX_init(&de[i]);
         if (i == 0) {
             /* Default uses 96-bits IV length */
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+                key, iv));
+#elif defined(WOLFSSL_AES_192)
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+                key, iv));
+#elif defined(WOLFSSL_AES_256)
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+                key, iv));
+#endif
+        }
+        else {
+#ifdef WOLFSSL_AES_128
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+                NULL, NULL));
+#elif defined(WOLFSSL_AES_192)
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+                NULL, NULL));
+#elif defined(WOLFSSL_AES_256)
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+                NULL, NULL));
+#endif
+            /* non-default must to set the IV length first */
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+        }
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        decryptedtxtSz = len;
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+            AES_BLOCK_SIZE, tag));
+        ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        decryptedtxtSz += len;
+        ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+        ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+        /* modify tag*/
+        if (i == 0) {
+            /* Default uses 96-bits IV length */
+#ifdef WOLFSSL_AES_128
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+                key, iv));
 #endif
         }
         else {
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_gcm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_gcm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_gcm(), NULL,
+                NULL, NULL));
 #endif
             /* non-default must to set the IV length first */
-            AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+        }
+        tag[AES_BLOCK_SIZE-1]+=0xBB;
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+            AES_BLOCK_SIZE, tag));
+        /* fail due to wrong tag */
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        ExpectIntEQ(0, len);
+
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+    }
+#endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESGCM */
+    return EXPECT_RESULT();
+}
+
+static int test_wolfssl_EVP_aria_gcm(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ARIA) && \
+    !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
+
+    /* A 256 bit key, AES_128 will use the first 128 bit*/
+    byte *key = (byte*)"01234567890123456789012345678901";
+    /* A 128 bit IV */
+    byte *iv = (byte*)"0123456789012345";
+    int ivSz = ARIA_BLOCK_SIZE;
+    /* Message to be encrypted */
+    const int plaintxtSz = 40;
+    byte plaintxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
+    XMEMCPY(plaintxt,"for things to change you have to change",plaintxtSz);
+    /* Additional non-confidential data */
+    byte *aad = (byte*)"Don't spend major time on minor things.";
+
+    unsigned char tag[ARIA_BLOCK_SIZE] = {0};
+    int aadSz = (int)XSTRLEN((char*)aad);
+    byte ciphertxt[WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(plaintxtSz)];
+    byte decryptedtxt[plaintxtSz];
+    int ciphertxtSz = 0;
+    int decryptedtxtSz = 0;
+    int len = 0;
+    int i = 0;
+    #define TEST_ARIA_GCM_COUNT 6
+    EVP_CIPHER_CTX en[TEST_ARIA_GCM_COUNT];
+    EVP_CIPHER_CTX de[TEST_ARIA_GCM_COUNT];
+
+    for (i = 0; i < TEST_ARIA_GCM_COUNT; i++) {
+
+        EVP_CIPHER_CTX_init(&en[i]);
+        switch (i) {
+            case 0:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, key, iv));
+                break;
+            case 1:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, key, iv));
+                break;
+            case 2:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, key, iv));
+                break;
+            case 3:
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+                break;
+            case 4:
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+                break;
+            case 5:
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+                break;
+        }
+        XMEMSET(ciphertxt,0,sizeof(ciphertxt));
+        AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+        AssertIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt, plaintxtSz));
+        ciphertxtSz = len;
+        AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+        AssertIntNE(0, XMEMCMP(plaintxt, ciphertxt, plaintxtSz));
+        ciphertxtSz += len;
+        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG, ARIA_BLOCK_SIZE, tag));
+        AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
 
+        EVP_CIPHER_CTX_init(&de[i]);
+        switch (i) {
+            case 0:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, key, iv));
+                break;
+            case 1:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, key, iv));
+                break;
+            case 2:
+                /* Default uses 96-bits IV length */
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, key, iv));
+                break;
+            case 3:
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_128_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+                break;
+            case 4:
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_192_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+                break;
+            case 5:
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aria_256_gcm(), NULL, NULL, NULL));
+                /* non-default must to set the IV length first */
+                AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+                AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+                break;
         }
+        XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
         AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
         AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
         decryptedtxtSz = len;
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
+        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
         AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
         decryptedtxtSz += len;
-        AssertIntEQ(ciphertxtSz, decryptedtxtSz);
+        AssertIntEQ(plaintxtSz, decryptedtxtSz);
         AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
 
+        XMEMSET(decryptedtxt,0,sizeof(decryptedtxt));
         /* modify tag*/
         tag[AES_BLOCK_SIZE-1]+=0xBB;
         AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, AES_BLOCK_SIZE, tag));
+        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG, ARIA_BLOCK_SIZE, tag));
         /* fail due to wrong tag */
         AssertIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt, ciphertxtSz));
         AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
@@ -56740,11 +55390,10 @@ static int test_wolfssl_EVP_aes_gcm(void)
 
 static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
     !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
     /* Zero length plain text */
-
     byte key[] = {
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
@@ -56768,41 +55417,38 @@ static int test_wolfssl_EVP_aes_ccm_zeroLen(void)
     EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
     EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
 
-    AssertIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv));
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
-    AssertIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+    ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_aes_256_ccm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
                                      plaintxtSz));
-    AssertIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+    ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
     ciphertxtSz += len;
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
-    AssertIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
 
-    AssertIntEQ(0, ciphertxtSz);
+    ExpectIntEQ(0, ciphertxtSz);
 
     EVP_CIPHER_CTX_init(de);
-    AssertIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv));
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
-    AssertIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+    ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_aes_256_ccm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
     decryptedtxtSz = len;
-    AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
-    AssertIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
     decryptedtxtSz += len;
-    AssertIntEQ(0, decryptedtxtSz);
+    ExpectIntEQ(0, decryptedtxtSz);
 
     EVP_CIPHER_CTX_free(en);
     EVP_CIPHER_CTX_free(de);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_aes_ccm(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_AES) && defined(HAVE_AESCCM) && \
     !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-
     /* A 256 bit key, AES_128 will use the first 128 bit*/
     byte *key = (byte*)"01234567890123456789012345678901";
     /* A 128 bit IV */
@@ -56822,117 +55468,115 @@ static int test_wolfssl_EVP_aes_ccm(void)
     int decryptedtxtSz = 0;
     int len = 0;
     int i = 0;
+    int ret;
     EVP_CIPHER_CTX en[2];
     EVP_CIPHER_CTX de[2];
 
     for (i = 0; i < 2; i++) {
-
         EVP_CIPHER_CTX_init(&en[i]);
 
         if (i == 0) {
             /* Default uses 96-bits IV length */
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_128_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_192_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_256_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
+                key, iv));
 #endif
         }
         else {
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_128_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_128_ccm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_192_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_192_ccm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        EVP_aes_256_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_aes_256_ccm(), NULL,
+                NULL, NULL));
 #endif
              /* non-default must to set the IV length first */
-            AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i],
-                        EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
-            AssertIntEQ(1, EVP_EncryptInit_ex(&en[i],
-                        NULL, NULL, key, iv));
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
         }
-        AssertIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
-        AssertIntEQ(1, EVP_EncryptUpdate(&en[i],
-                    ciphertxt, &len, plaintxt, plaintxtSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+              plaintxtSz));
         ciphertxtSz = len;
-        AssertIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+        ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
         ciphertxtSz += len;
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i],
-                    EVP_CTRL_CCM_GET_TAG, AES_BLOCK_SIZE, tag));
-        AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
+            AES_BLOCK_SIZE, tag));
+        ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]);
+        ExpectIntEQ(ret, 1);
 
         EVP_CIPHER_CTX_init(&de[i]);
         if (i == 0) {
             /* Default uses 96-bits IV length */
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_128_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_192_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
+                key, iv));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_256_ccm(), NULL, key, iv));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
+                key, iv));
 #endif
         }
         else {
 #ifdef WOLFSSL_AES_128
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_128_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_128_ccm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_192)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_192_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_192_ccm(), NULL,
+                NULL, NULL));
 #elif defined(WOLFSSL_AES_256)
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i],
-                        EVP_aes_256_ccm(), NULL, NULL, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_aes_256_ccm(), NULL,
+                NULL, NULL));
 #endif
             /* non-default must to set the IV length first */
-            AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
-                        EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
-            AssertIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
 
         }
-        AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
-        AssertIntEQ(1, EVP_DecryptUpdate(&de[i],
-                    decryptedtxt, &len, ciphertxt, ciphertxtSz));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
         decryptedtxtSz = len;
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
-                    EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag));
-        AssertIntEQ(1, EVP_DecryptFinal_ex(&de[i],
-                    decryptedtxt, &len));
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+            AES_BLOCK_SIZE, tag));
+        ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
         decryptedtxtSz += len;
-        AssertIntEQ(ciphertxtSz, decryptedtxtSz);
-        AssertIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+        ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+        ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
 
         /* modify tag*/
         tag[AES_BLOCK_SIZE-1]+=0xBB;
-        AssertIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
-        AssertIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i],
-                    EVP_CTRL_CCM_SET_TAG, AES_BLOCK_SIZE, tag));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+            AES_BLOCK_SIZE, tag));
         /* fail due to wrong tag */
-        AssertIntEQ(1, EVP_DecryptUpdate(&de[i],
-                    decryptedtxt, &len, ciphertxt, ciphertxtSz));
-        AssertIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
-        AssertIntEQ(0, len);
-        AssertIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        ExpectIntEQ(0, len);
+        ret = wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]);
+        ExpectIntEQ(ret, 1);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA && !NO_AES && HAVE_AESCCM */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_chacha20_poly1305(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
     byte key[CHACHA20_POLY1305_AEAD_KEYSIZE];
     byte iv [CHACHA20_POLY1305_AEAD_IV_SIZE];
@@ -56941,150 +55585,657 @@ static int test_wolfssl_EVP_chacha20_poly1305(void)
     byte cipherText[sizeof(plainText)];
     byte decryptedText[sizeof(plainText)];
     byte tag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
-    EVP_CIPHER_CTX* ctx;
+    EVP_CIPHER_CTX* ctx = NULL;
     int outSz;
 
     /* Encrypt. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
                 NULL), WOLFSSL_SUCCESS);
     /* Invalid IV length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
                 CHACHA20_POLY1305_AEAD_IV_SIZE-1, NULL), WOLFSSL_FAILURE);
     /* Valid IV length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
                 CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
     /* Invalid tag length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                 CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, NULL), WOLFSSL_FAILURE);
     /* Valid tag length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                 CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, NULL), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
                WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(aad));
-    AssertIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+    ExpectIntEQ(outSz, sizeof(aad));
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
                 sizeof(plainText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(plainText));
-    AssertIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
     /* Invalid tag length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
                 CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE-1, tag), WOLFSSL_FAILURE);
     /* Valid tag length. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
                 CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Decrypt. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, NULL,
                 NULL), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN,
                 CHACHA20_POLY1305_AEAD_IV_SIZE, NULL), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                 CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE, tag), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, NULL, &outSz, aad, sizeof(aad)),
                WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(aad));
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+    ExpectIntEQ(outSz, sizeof(aad));
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
                 sizeof(cipherText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(cipherText));
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, 0);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Test partial Inits. CipherInit() allow setting of key and iv
      * in separate calls. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(),
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20_poly1305(),
                 key, NULL, 1), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz,
+    ExpectIntEQ(wolfSSL_EVP_CipherUpdate(ctx, NULL, &outSz,
                 aad, sizeof(aad)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(aad));
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+    ExpectIntEQ(outSz, sizeof(aad));
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
                 sizeof(cipherText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(cipherText));
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
             WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, 0);
     EVP_CIPHER_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfssl_EVP_chacha20(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_CHACHA)
     byte key[CHACHA_MAX_KEY_SZ];
     byte iv [WOLFSSL_EVP_CHACHA_IV_BYTES];
     byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
     byte cipherText[sizeof(plainText)];
     byte decryptedText[sizeof(plainText)];
-    EVP_CIPHER_CTX* ctx;
+    EVP_CIPHER_CTX* ctx = NULL;
     int outSz;
 
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(iv, 0, sizeof(iv));
     /* Encrypt. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
                 NULL), WOLFSSL_SUCCESS);
     /* Any tag length must fail - not an AEAD cipher. */
-    AssertIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG,
                 16, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
                 sizeof(plainText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(plainText));
-    AssertIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Decrypt. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_chacha20(), NULL, NULL,
                 NULL), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
                 sizeof(cipherText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(cipherText));
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, 0);
     EVP_CIPHER_CTX_free(ctx);
+    ctx = NULL;
 
     /* Test partial Inits. CipherInit() allow setting of key and iv
      * in separate calls. */
-    AssertNotNull((ctx = EVP_CIPHER_CTX_new()));
-    AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(),
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_chacha20(),
                 key, NULL, 1), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
                 sizeof(cipherText)), WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, sizeof(cipherText));
-    AssertIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
             WOLFSSL_SUCCESS);
-    AssertIntEQ(outSz, 0);
+    ExpectIntEQ(outSz, 0);
     EVP_CIPHER_CTX_free(ctx);
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = TEST_RES_CHECK(1);
+static int test_wolfssl_EVP_sm4_ecb(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_ECB)
+    EXPECT_DECLS;
+    byte key[SM4_KEY_SIZE];
+    byte plainText[SM4_BLOCK_SIZE] = {
+        0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
+    };
+    byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
+    byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
+    EVP_CIPHER_CTX* ctx;
+    int outSz;
+
+    XMEMSET(key, 0, sizeof(key));
+
+    /* Encrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    /* Any tag length must fail - not an AEAD cipher. */
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+        WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+        sizeof(plainText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
+    ExpectBufNE(cipherText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    /* Decrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ecb(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+        sizeof(cipherText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    res = EXPECT_RESULT();
 #endif
     return res;
 }
 
-static int test_wolfSSL_EVP_PKEY_hkdf(void)
+static int test_wolfssl_EVP_sm4_cbc(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CBC)
+    EXPECT_DECLS;
+    byte key[SM4_KEY_SIZE];
+    byte iv[SM4_BLOCK_SIZE];
+    byte plainText[SM4_BLOCK_SIZE] = {
+        0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF
+    };
+    byte cipherText[sizeof(plainText) + SM4_BLOCK_SIZE];
+    byte decryptedText[sizeof(plainText) + SM4_BLOCK_SIZE];
+    EVP_CIPHER_CTX* ctx;
+    int outSz;
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(iv, 0, sizeof(iv));
+
+    /* Encrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    /* Any tag length must fail - not an AEAD cipher. */
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+        WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+        sizeof(plainText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText + outSz, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, SM4_BLOCK_SIZE);
+    ExpectBufNE(cipherText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    /* Decrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_cbc(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+        sizeof(cipherText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    /* Test partial Inits. CipherInit() allow setting of key and iv
+     * in separate calls. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_cbc(), key, NULL, 0),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 0),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+         sizeof(cipherText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText + outSz, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+static int test_wolfssl_EVP_sm4_ctr(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CTR)
+    EXPECT_DECLS;
+    byte key[SM4_KEY_SIZE];
+    byte iv[SM4_BLOCK_SIZE];
+    byte plainText[] = {0xDE, 0xAD, 0xBE, 0xEF};
+    byte cipherText[sizeof(plainText)];
+    byte decryptedText[sizeof(plainText)];
+    EVP_CIPHER_CTX* ctx;
+    int outSz;
+
+    XMEMSET(key, 0, sizeof(key));
+    XMEMSET(iv, 0, sizeof(iv));
+
+    /* Encrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    /* Any tag length must fail - not an AEAD cipher. */
+    ExpectIntEQ(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, 16, NULL),
+        WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_EncryptUpdate(ctx, cipherText, &outSz, plainText,
+        sizeof(plainText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(plainText));
+    ExpectIntEQ(EVP_EncryptFinal_ex(ctx, cipherText, &outSz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufNE(cipherText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    /* Decrypt. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, EVP_sm4_ctr(), NULL, NULL, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+        sizeof(cipherText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    /* Test partial Inits. CipherInit() allow setting of key and iv
+     * in separate calls. */
+    ExpectNotNull((ctx = EVP_CIPHER_CTX_new()));
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, EVP_sm4_ctr(), key, NULL, 1),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EVP_CipherInit(ctx, NULL, NULL, iv, 1),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DecryptUpdate(ctx, decryptedText, &outSz, cipherText,
+         sizeof(cipherText)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, sizeof(cipherText));
+    ExpectIntEQ(EVP_DecryptFinal_ex(ctx, decryptedText, &outSz),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(outSz, 0);
+    ExpectBufEQ(decryptedText, plainText, sizeof(plainText));
+    EVP_CIPHER_CTX_free(ctx);
+
+    res = EXPECT_RESULT();
+#endif
+    return res;
+}
+
+static int test_wolfssl_EVP_sm4_gcm_zeroLen(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
+    /* Zero length plain text */
+    EXPECT_DECLS;
+    byte key[] = {
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    }; /* align */
+    byte iv[]  = {
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    }; /* align */
+    byte plaintxt[1];
+    int ivSz  = 12;
+    int plaintxtSz = 0;
+    unsigned char tag[16];
+    unsigned char tag_kat[16] = {
+        0x23,0x2f,0x0c,0xfe,0x30,0x8b,0x49,0xea,
+        0x6f,0xc8,0x82,0x29,0xb5,0xdc,0x85,0x8d
+    };
+
+    byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+    byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+    int ciphertxtSz = 0;
+    int decryptedtxtSz = 0;
+    int len = 0;
+
+    EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
+    EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
+
+    ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_gcm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+        plaintxtSz));
+    ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+    ciphertxtSz += len;
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_GCM_GET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+
+    ExpectIntEQ(0, ciphertxtSz);
+    ExpectIntEQ(0, XMEMCMP(tag, tag_kat, sizeof(tag)));
+
+    EVP_CIPHER_CTX_init(de);
+    ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_gcm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+    decryptedtxtSz = len;
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_GCM_SET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+    decryptedtxtSz += len;
+    ExpectIntEQ(0, decryptedtxtSz);
+
+    EVP_CIPHER_CTX_free(en);
+    EVP_CIPHER_CTX_free(de);
+
+    res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
+    return res;
+}
+
+static int test_wolfssl_EVP_sm4_gcm(void)
 {
     int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_GCM)
+    EXPECT_DECLS;
+    byte *key = (byte*)"0123456789012345";
+    /* A 128 bit IV */
+    byte *iv = (byte*)"0123456789012345";
+    int ivSz = SM4_BLOCK_SIZE;
+    /* Message to be encrypted */
+    byte *plaintxt = (byte*)"for things to change you have to change";
+    /* Additional non-confidential data */
+    byte *aad = (byte*)"Don't spend major time on minor things.";
+
+    unsigned char tag[SM4_BLOCK_SIZE] = {0};
+    int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
+    int aadSz = (int)XSTRLEN((char*)aad);
+    byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+    byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+    int ciphertxtSz = 0;
+    int decryptedtxtSz = 0;
+    int len = 0;
+    int i = 0;
+    EVP_CIPHER_CTX en[2];
+    EVP_CIPHER_CTX de[2];
+
+    for (i = 0; i < 2; i++) {
+        EVP_CIPHER_CTX_init(&en[i]);
+
+        if (i == 0) {
+            /* Default uses 96-bits IV length */
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, key,
+                iv));
+        }
+        else {
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_gcm(), NULL, NULL,
+                NULL));
+             /* non-default must to set the IV length first */
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+        }
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+            plaintxtSz));
+        ciphertxtSz = len;
+        ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+        ciphertxtSz += len;
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_GCM_GET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+
+        EVP_CIPHER_CTX_init(&de[i]);
+        if (i == 0) {
+            /* Default uses 96-bits IV length */
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, key,
+                iv));
+        }
+        else {
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_gcm(), NULL, NULL,
+                NULL));
+            /* non-default must to set the IV length first */
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+        }
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        decryptedtxtSz = len;
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        decryptedtxtSz += len;
+        ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+        ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+        /* modify tag*/
+        tag[SM4_BLOCK_SIZE-1]+=0xBB;
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_GCM_SET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        /* fail due to wrong tag */
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        ExpectIntEQ(0, len);
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+    }
+
+    res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_GCM */
+    return res;
+}
+
+static int test_wolfssl_EVP_sm4_ccm_zeroLen(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
+    /* Zero length plain text */
+    EXPECT_DECLS;
+    byte key[] = {
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    }; /* align */
+    byte iv[]  = {
+        0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
+    }; /* align */
+    byte plaintxt[1];
+    int ivSz  = 12;
+    int plaintxtSz = 0;
+    unsigned char tag[16];
+
+    byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+    byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+    int ciphertxtSz = 0;
+    int decryptedtxtSz = 0;
+    int len = 0;
+
+    EVP_CIPHER_CTX *en = EVP_CIPHER_CTX_new();
+    EVP_CIPHER_CTX *de = EVP_CIPHER_CTX_new();
+
+    ExpectIntEQ(1, EVP_EncryptInit_ex(en, EVP_sm4_ccm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_EncryptUpdate(en, ciphertxt, &ciphertxtSz , plaintxt,
+                                     plaintxtSz));
+    ExpectIntEQ(1, EVP_EncryptFinal_ex(en, ciphertxt, &len));
+    ciphertxtSz += len;
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(en, EVP_CTRL_CCM_GET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_cleanup(en));
+
+    ExpectIntEQ(0, ciphertxtSz);
+
+    EVP_CIPHER_CTX_init(de);
+    ExpectIntEQ(1, EVP_DecryptInit_ex(de, EVP_sm4_ccm(), NULL, key, iv));
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_IVLEN, ivSz, NULL));
+    ExpectIntEQ(1, EVP_DecryptUpdate(de, NULL, &len, ciphertxt, len));
+    decryptedtxtSz = len;
+    ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(de, EVP_CTRL_CCM_SET_TAG, 16, tag));
+    ExpectIntEQ(1, EVP_DecryptFinal_ex(de, decryptedtxt, &len));
+    decryptedtxtSz += len;
+    ExpectIntEQ(0, decryptedtxtSz);
+
+    EVP_CIPHER_CTX_free(en);
+    EVP_CIPHER_CTX_free(de);
+
+    res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
+    return res;
+}
+
+static int test_wolfssl_EVP_sm4_ccm(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM4_CCM)
+    EXPECT_DECLS;
+    byte *key = (byte*)"0123456789012345";
+    byte *iv = (byte*)"0123456789012";
+    int ivSz = (int)XSTRLEN((char*)iv);
+    /* Message to be encrypted */
+    byte *plaintxt = (byte*)"for things to change you have to change";
+    /* Additional non-confidential data */
+    byte *aad = (byte*)"Don't spend major time on minor things.";
+
+    unsigned char tag[SM4_BLOCK_SIZE] = {0};
+    int plaintxtSz = (int)XSTRLEN((char*)plaintxt);
+    int aadSz = (int)XSTRLEN((char*)aad);
+    byte ciphertxt[SM4_BLOCK_SIZE * 4] = {0};
+    byte decryptedtxt[SM4_BLOCK_SIZE * 4] = {0};
+    int ciphertxtSz = 0;
+    int decryptedtxtSz = 0;
+    int len = 0;
+    int i = 0;
+    EVP_CIPHER_CTX en[2];
+    EVP_CIPHER_CTX de[2];
+
+    for (i = 0; i < 2; i++) {
+        EVP_CIPHER_CTX_init(&en[i]);
+
+        if (i == 0) {
+            /* Default uses 96-bits IV length */
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, key,
+                iv));
+        }
+        else {
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], EVP_sm4_ccm(), NULL, NULL,
+                NULL));
+             /* non-default must to set the IV length first */
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_EncryptInit_ex(&en[i], NULL, NULL, key, iv));
+        }
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_EncryptUpdate(&en[i], ciphertxt, &len, plaintxt,
+            plaintxtSz));
+        ciphertxtSz = len;
+        ExpectIntEQ(1, EVP_EncryptFinal_ex(&en[i], ciphertxt, &len));
+        ciphertxtSz += len;
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&en[i], EVP_CTRL_CCM_GET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&en[i]), 1);
+
+        EVP_CIPHER_CTX_init(&de[i]);
+        if (i == 0) {
+            /* Default uses 96-bits IV length */
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, key,
+                iv));
+        }
+        else {
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], EVP_sm4_ccm(), NULL, NULL,
+                NULL));
+            /* non-default must to set the IV length first */
+            ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_IVLEN,
+                ivSz, NULL));
+            ExpectIntEQ(1, EVP_DecryptInit_ex(&de[i], NULL, NULL, key, iv));
+
+        }
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        decryptedtxtSz = len;
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        ExpectIntEQ(1, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        decryptedtxtSz += len;
+        ExpectIntEQ(ciphertxtSz, decryptedtxtSz);
+        ExpectIntEQ(0, XMEMCMP(plaintxt, decryptedtxt, decryptedtxtSz));
+
+        /* modify tag*/
+        tag[SM4_BLOCK_SIZE-1]+=0xBB;
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], NULL, &len, aad, aadSz));
+        ExpectIntEQ(1, EVP_CIPHER_CTX_ctrl(&de[i], EVP_CTRL_CCM_SET_TAG,
+            SM4_BLOCK_SIZE, tag));
+        /* fail due to wrong tag */
+        ExpectIntEQ(1, EVP_DecryptUpdate(&de[i], decryptedtxt, &len, ciphertxt,
+            ciphertxtSz));
+        ExpectIntEQ(0, EVP_DecryptFinal_ex(&de[i], decryptedtxt, &len));
+        ExpectIntEQ(0, len);
+        ExpectIntEQ(wolfSSL_EVP_CIPHER_CTX_cleanup(&de[i]), 1);
+    }
+
+    res = EXPECT_RESULT();
+#endif /* OPENSSL_EXTRA && WOLFSSL_SM4_CCM */
+    return res;
+}
+
+static int test_wolfSSL_EVP_PKEY_hkdf(void)
+{
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF)
-    EVP_PKEY_CTX* ctx;
+    EVP_PKEY_CTX* ctx = NULL;
     byte salt[]  = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
                     0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
     byte key[]   = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
@@ -57116,134 +56267,132 @@ static int test_wolfSSL_EVP_PKEY_hkdf(void)
         0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A
     };
 
-    AssertNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
-    AssertIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
+    ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
+    ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
     /* NULL ctx. */
-    AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WOLFSSL_FAILURE);
     /* NULL md. */
-    AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
     /* NULL ctx. */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
                 WOLFSSL_FAILURE);
     /* NULL salt is ok. */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
                 WOLFSSL_SUCCESS);
     /* Salt length <= 0. */
     /* Length 0 salt is ok. */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
                 WOLFSSL_SUCCESS);
     /* NULL ctx. */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
                 WOLFSSL_FAILURE);
     /* NULL key. */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
                 WOLFSSL_FAILURE);
     /* Key length <= 0 */
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
                 WOLFSSL_SUCCESS);
     /* NULL ctx. */
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
                 WOLFSSL_FAILURE);
     /* NULL info is ok. */
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
                 WOLFSSL_SUCCESS);
     /* Info length <= 0 */
     /* Length 0 info is ok. */
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE);
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
                 WOLFSSL_SUCCESS);
     /* NULL ctx. */
-    AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
+    ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
                 WOLFSSL_FAILURE);
     /* Extract and expand (default). */
-    AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outKeySz, sizeof(extractAndExpand));
-    AssertIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outKeySz, sizeof(extractAndExpand));
+    ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
     /* Extract only. */
-    AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
+    ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outKeySz, sizeof(extractOnly));
-    AssertIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outKeySz, sizeof(extractOnly));
+    ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
     outKeySz = sizeof(outKey);
     /* Expand only. */
-    AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
+    ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outKeySz, sizeof(expandOnly));
-    AssertIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outKeySz, sizeof(expandOnly));
+    ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
     outKeySz = sizeof(outKey);
     /* Extract and expand with appended additional info. */
-    AssertIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
+    ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
                 WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
+    ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
                 EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS);
-    AssertIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
-    AssertIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
-    AssertIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
+    ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
+    ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
 
     EVP_PKEY_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA && HAVE_HKDF */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 static int test_wolfSSL_PEM_X509_INFO_read_bio(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    BIO* bio;
-    X509_INFO* info;
-    STACK_OF(X509_INFO)* sk;
-    char* subject;
-    char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
-    char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
+    BIO* bio = NULL;
+    X509_INFO* info = NULL;
+    STACK_OF(X509_INFO)* sk = NULL;
+    char* subject = NULL;
+    char exp1[] = "/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/"
+                  "CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
+    char exp2[] = "/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Support/"
+                  "CN=www.wolfssl.com/emailAddress=info@wolfssl.com";
 
-    AssertNotNull(bio = BIO_new(BIO_s_file()));
-    AssertIntGT(BIO_read_filename(bio, svrCertFile), 0);
-    AssertNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
-    AssertIntEQ(sk_X509_INFO_num(sk), 2);
+    ExpectNotNull(bio = BIO_new(BIO_s_file()));
+    ExpectIntGT(BIO_read_filename(bio, svrCertFile), 0);
+    ExpectNotNull(sk = PEM_X509_INFO_read_bio(bio, NULL, NULL, NULL));
+    ExpectIntEQ(sk_X509_INFO_num(sk), 2);
 
     /* using dereference to maintain testing for Apache port*/
-    AssertNotNull(info = sk_X509_INFO_pop(sk));
-    AssertNotNull(subject =
-            X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0));
+    ExpectNotNull(info = sk_X509_INFO_pop(sk));
+    ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
+        0, 0));
 
-    AssertIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
+    ExpectIntEQ(0, XSTRNCMP(subject, exp1, sizeof(exp1)));
     XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
     X509_INFO_free(info);
+    info = NULL;
 
-    AssertNotNull(info = sk_X509_INFO_pop(sk));
-    AssertNotNull(subject =
-            X509_NAME_oneline(X509_get_subject_name(info->x509), 0, 0));
+    ExpectNotNull(info = sk_X509_INFO_pop(sk));
+    ExpectNotNull(subject = X509_NAME_oneline(X509_get_subject_name(info->x509),
+        0, 0));
 
-    AssertIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
+    ExpectIntEQ(0, XSTRNCMP(subject, exp2, sizeof(exp2)));
     XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
     X509_INFO_free(info);
-    AssertNull(info = sk_X509_INFO_pop(sk));
+    ExpectNull(info = sk_X509_INFO_pop(sk));
 
     sk_X509_INFO_pop_free(sk, X509_INFO_free);
     BIO_free(bio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* !NO_BIO */
 
 static int test_wolfSSL_X509_NAME_ENTRY_get_object(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && !defined(NO_RSA)
     X509 *x509 = NULL;
     X509_NAME* name = NULL;
     int idx = 0;
@@ -57259,18 +56408,15 @@ static int test_wolfSSL_X509_NAME_ENTRY_get_object(void)
     ExpectNotNull(object = X509_NAME_ENTRY_get_object(ne));
 
     X509_free(x509);
-
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_STORE_get1_certs(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \
     !defined(NO_FILESYSTEM) && !defined(NO_RSA)
-    EXPECT_DECLS;
     X509_STORE_CTX *storeCtx = NULL;
     X509_STORE *store = NULL;
     X509 *caX509 = NULL;
@@ -57314,21 +56460,50 @@ static int test_wolfSSL_X509_STORE_get1_certs(void)
     X509_STORE_CTX_free(storeCtx);
     X509_free(svrX509);
     X509_free(caX509);
+#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
+    return EXPECT_RESULT();
+}
+static int test_wolfSSL_dup_CA_list(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_ALL)
+    EXPECT_DECLS;
+    STACK_OF(X509_NAME) *originalStack = NULL;
+    STACK_OF(X509_NAME) *copyStack = NULL;
+    int originalCount = 0;
+    int copyCount = 0;
+    X509_NAME *name = NULL;
+    int i;
+
+    originalStack = sk_X509_NAME_new_null();
+    ExpectNotNull(originalStack);
+
+    for (i = 0; i < 3; i++) {
+        name = X509_NAME_new();
+        ExpectNotNull(name);
+        AssertIntEQ(sk_X509_NAME_push(originalStack, name), WOLFSSL_SUCCESS);
+    }
+
+    copyStack = SSL_dup_CA_list(originalStack);
+    ExpectNotNull(copyStack);
+    originalCount = sk_X509_NAME_num(originalStack);
+    copyCount = sk_X509_NAME_num(copyStack);
+
+    AssertIntEQ(originalCount, copyCount);
+    sk_X509_NAME_pop_free(originalStack, X509_NAME_free);
+    sk_X509_NAME_pop_free(copyStack, X509_NAME_free);
+
+    originalStack = NULL;
+    copyStack = NULL;
 
     res = EXPECT_RESULT();
-#endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
+#endif /* OPENSSL_ALL */
     return res;
 }
 
-/* include misc.c here regardless of NO_INLINE, because misc.c implementations
- * have default (hidden) visibility, and in the absence of visibility, it's
- * benign to mask out the library implementation.
- */
-#define WOLFSSL_MISC_INCLUDED
-#include <wolfcrypt/src/misc.c>
-
 static int test_ForceZero(void)
 {
+    EXPECT_DECLS;
     unsigned char data[32];
     unsigned int i, j, len;
 
@@ -57345,138 +56520,134 @@ static int test_ForceZero(void)
 
             for (j = 0; j < sizeof(data); j++) {
                 if (j < i || j >= i + len) {
-                    if (data[j] == 0x00)
-                        return -10200;
+                    ExpectIntNE(data[j], 0x00);
+                }
+                else {
+                    ExpectIntEQ(data[j], 0x00);
                 }
-                else if (data[j] != 0x00)
-                    return -10201;
             }
         }
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 #ifndef NO_BIO
 
 static int test_wolfSSL_X509_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
    !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(XSNPRINTF)
-    X509 *x509;
-    BIO *bio;
+    X509 *x509 = NULL;
+    BIO *bio = NULL;
 #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
     const X509_ALGOR *cert_sig_alg;
 #endif
 
-    x509 = X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM);
-    AssertNotNull(x509);
+    ExpectNotNull(x509 = X509_load_certificate_file(svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
 
     /* print to memory */
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
 
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
   #if defined(WC_DISABLE_RADIX_ZERO_PAD)
      /* Will print IP address subject alt name. */
-     AssertIntEQ(BIO_get_mem_data(bio, NULL), 3349);
+     ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3349);
   #elif defined(NO_ASN_TIME)
       /* Will print IP address subject alt name but not Validity. */
-     AssertIntEQ(BIO_get_mem_data(bio, NULL), 3235);
+     ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3235);
   #else
       /* Will print IP address subject alt name. */
-     AssertIntEQ(BIO_get_mem_data(bio, NULL), 3350);
+     ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3350);
   #endif
 #elif defined(NO_ASN_TIME)
     /* With NO_ASN_TIME defined, X509_print skips printing Validity. */
-    AssertIntEQ(BIO_get_mem_data(bio, NULL), 3213);
+    ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3213);
 #else
-    AssertIntEQ(BIO_get_mem_data(bio, NULL), 3328);
+    ExpectIntEQ(BIO_get_mem_data(bio, NULL), 3328);
 #endif
     BIO_free(bio);
+    bio = NULL;
 
-    AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+    ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
 
 #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_DIR)
     /* Print signature */
-    AssertNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
-    AssertIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
+    ExpectNotNull(cert_sig_alg = X509_get0_tbs_sigalg(x509));
+    ExpectIntEQ(X509_signature_print(bio, cert_sig_alg, NULL), SSL_SUCCESS);
 #endif
 
     /* print to stderr */
 #if !defined(NO_WOLFSSL_DIR)
-    AssertIntEQ(X509_print(bio, x509), SSL_SUCCESS);
+    ExpectIntEQ(X509_print(bio, x509), SSL_SUCCESS);
 #endif
     /* print again */
-    AssertIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS);
+    ExpectIntEQ(X509_print_fp(stderr, x509), SSL_SUCCESS);
 
     X509_free(x509);
     BIO_free(bio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_X509_CRL_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && defined(HAVE_CRL)\
     && !defined(NO_FILESYSTEM) && defined(XSNPRINTF)
-    X509_CRL* crl;
-    BIO *bio;
-    XFILE fp;
+    X509_CRL* crl = NULL;
+    BIO *bio = NULL;
+    XFILE fp = XBADFILE;
 
-    fp = XFOPEN("./certs/crl/crl.pem", "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
-                NULL, NULL));
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN("./certs/crl/crl.pem", "rb")) != XBADFILE);
+    ExpectNotNull(crl = (X509_CRL*)PEM_read_X509_CRL(fp, (X509_CRL **)NULL,
+        NULL, NULL));
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS);
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectIntEQ(X509_CRL_print(bio, crl), SSL_SUCCESS);
 
     X509_CRL_free(crl);
     BIO_free(bio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_BIO_get_len(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
     BIO *bio = NULL;
     const char txt[] = "Some example text to push to the BIO.";
 
-    AssertIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_BIO_get_len(bio), BAD_FUNC_ARG);
 
-    AssertNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
+    ExpectNotNull(bio = wolfSSL_BIO_new(wolfSSL_BIO_s_mem()));
 
-    AssertIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
-    AssertIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
+    ExpectIntEQ(wolfSSL_BIO_write(bio, txt, sizeof(txt)), sizeof(txt));
+    ExpectIntEQ(wolfSSL_BIO_get_len(bio), sizeof(txt));
     BIO_free(bio);
+    bio = NULL;
 
-    AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
-    AssertIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE);
+    ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+    ExpectIntEQ(wolfSSL_BIO_get_len(bio), WOLFSSL_BAD_FILE);
     BIO_free(bio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #endif /* !NO_BIO */
 
 static int test_wolfSSL_RSA(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
     defined(WOLFSSL_KEY_GEN)
-    RSA* rsa;
+    RSA* rsa = NULL;
     const BIGNUM *n;
     const BIGNUM *e;
     const BIGNUM *d;
@@ -57486,105 +56657,131 @@ static int test_wolfSSL_RSA(void)
     const BIGNUM *dmq1;
     const BIGNUM *iqmp;
 
-    AssertNotNull(rsa = RSA_new());
-    AssertIntEQ(RSA_size(NULL), 0);
-    AssertIntEQ(RSA_size(rsa), 0);
-    AssertIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0);
-    AssertIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0);
-    AssertIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0);
+    ExpectNotNull(rsa = RSA_new());
+    ExpectIntEQ(RSA_size(NULL), 0);
+    ExpectIntEQ(RSA_size(rsa), 0);
+    ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 0);
+    ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 0);
+    ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 0);
 #ifdef WOLFSSL_RSA_KEY_CHECK
-    AssertIntEQ(RSA_check_key(rsa), 0);
+    ExpectIntEQ(RSA_check_key(rsa), 0);
 #endif
 
     RSA_free(rsa);
-    AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
-    AssertIntEQ(RSA_size(rsa), 256);
+    rsa = NULL;
+    ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+    ExpectIntEQ(RSA_size(rsa), 256);
 
 #ifdef WOLFSSL_RSA_KEY_CHECK
-    AssertIntEQ(RSA_check_key(NULL), 0);
-    AssertIntEQ(RSA_check_key(rsa), 1);
+    ExpectIntEQ(RSA_check_key(NULL), 0);
+    ExpectIntEQ(RSA_check_key(rsa), 1);
 #endif
 
     /* sanity check */
-    AssertIntEQ(RSA_bits(NULL), 0);
+    ExpectIntEQ(RSA_bits(NULL), 0);
 
     /* key */
-    AssertIntEQ(RSA_bits(rsa), 2048);
+    ExpectIntEQ(RSA_bits(rsa), 2048);
     RSA_get0_key(rsa, &n, &e, &d);
-    AssertPtrEq(rsa->n, n);
-    AssertPtrEq(rsa->e, e);
-    AssertPtrEq(rsa->d, d);
-    AssertNotNull(n = BN_new());
-    AssertNotNull(e = BN_new());
-    AssertNotNull(d = BN_new());
-    AssertIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
-    AssertPtrEq(rsa->n, n);
-    AssertPtrEq(rsa->e, e);
-    AssertPtrEq(rsa->d, d);
-    AssertIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1);
-    AssertIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0);
+    ExpectPtrEq(rsa->n, n);
+    ExpectPtrEq(rsa->e, e);
+    ExpectPtrEq(rsa->d, d);
+    n = NULL;
+    e = NULL;
+    d = NULL;
+    ExpectNotNull(n = BN_new());
+    ExpectNotNull(e = BN_new());
+    ExpectNotNull(d = BN_new());
+    ExpectIntEQ(RSA_set0_key(rsa, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 1);
+    if (EXPECT_FAIL()) {
+        BN_free((BIGNUM*)n);
+        BN_free((BIGNUM*)e);
+        BN_free((BIGNUM*)d);
+    }
+    ExpectPtrEq(rsa->n, n);
+    ExpectPtrEq(rsa->e, e);
+    ExpectPtrEq(rsa->d, d);
+    ExpectIntEQ(RSA_set0_key(rsa, NULL, NULL, NULL), 1);
+    ExpectIntEQ(RSA_set0_key(NULL, (BIGNUM*)n, (BIGNUM*)e, (BIGNUM*)d), 0);
 
     /* crt_params */
     RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
-    AssertPtrEq(rsa->dmp1, dmp1);
-    AssertPtrEq(rsa->dmq1, dmq1);
-    AssertPtrEq(rsa->iqmp, iqmp);
-    AssertNotNull(dmp1 = BN_new());
-    AssertNotNull(dmq1 = BN_new());
-    AssertNotNull(iqmp = BN_new());
-    AssertIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
+    ExpectPtrEq(rsa->dmp1, dmp1);
+    ExpectPtrEq(rsa->dmq1, dmq1);
+    ExpectPtrEq(rsa->iqmp, iqmp);
+    dmp1 = NULL;
+    dmq1 = NULL;
+    iqmp = NULL;
+    ExpectNotNull(dmp1 = BN_new());
+    ExpectNotNull(dmq1 = BN_new());
+    ExpectNotNull(iqmp = BN_new());
+    ExpectIntEQ(RSA_set0_crt_params(rsa, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
         (BIGNUM*)iqmp), 1);
-    AssertPtrEq(rsa->dmp1, dmp1);
-    AssertPtrEq(rsa->dmq1, dmq1);
-    AssertPtrEq(rsa->iqmp, iqmp);
-    AssertIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1);
-    AssertIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
+    if (EXPECT_FAIL()) {
+        BN_free((BIGNUM*)dmp1);
+        BN_free((BIGNUM*)dmq1);
+        BN_free((BIGNUM*)iqmp);
+    }
+    ExpectPtrEq(rsa->dmp1, dmp1);
+    ExpectPtrEq(rsa->dmq1, dmq1);
+    ExpectPtrEq(rsa->iqmp, iqmp);
+    ExpectIntEQ(RSA_set0_crt_params(rsa, NULL, NULL, NULL), 1);
+    ExpectIntEQ(RSA_set0_crt_params(NULL, (BIGNUM*)dmp1, (BIGNUM*)dmq1,
         (BIGNUM*)iqmp), 0);
     RSA_get0_crt_params(NULL, NULL, NULL, NULL);
     RSA_get0_crt_params(rsa, NULL, NULL, NULL);
     RSA_get0_crt_params(NULL, &dmp1, &dmq1, &iqmp);
-    AssertNull(dmp1);
-    AssertNull(dmq1);
-    AssertNull(iqmp);
+    ExpectNull(dmp1);
+    ExpectNull(dmq1);
+    ExpectNull(iqmp);
 
     /* factors */
     RSA_get0_factors(rsa, NULL, NULL);
     RSA_get0_factors(rsa, &p, &q);
-    AssertPtrEq(rsa->p, p);
-    AssertPtrEq(rsa->q, q);
-    AssertNotNull(p = BN_new());
-    AssertNotNull(q = BN_new());
-    AssertIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1);
-    AssertPtrEq(rsa->p, p);
-    AssertPtrEq(rsa->q, q);
-    AssertIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1);
-    AssertIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0);
+    ExpectPtrEq(rsa->p, p);
+    ExpectPtrEq(rsa->q, q);
+    p = NULL;
+    q = NULL;
+    ExpectNotNull(p = BN_new());
+    ExpectNotNull(q = BN_new());
+    ExpectIntEQ(RSA_set0_factors(rsa, (BIGNUM*)p, (BIGNUM*)q), 1);
+    if (EXPECT_FAIL()) {
+        BN_free((BIGNUM*)p);
+        BN_free((BIGNUM*)q);
+    }
+    ExpectPtrEq(rsa->p, p);
+    ExpectPtrEq(rsa->q, q);
+    ExpectIntEQ(RSA_set0_factors(rsa, NULL, NULL), 1);
+    ExpectIntEQ(RSA_set0_factors(NULL, (BIGNUM*)p, (BIGNUM*)q), 0);
     RSA_get0_factors(NULL, NULL, NULL);
     RSA_get0_factors(NULL, &p, &q);
-    AssertNull(p);
-    AssertNull(q);
+    ExpectNull(p);
+    ExpectNull(q);
 
-    AssertIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1);
-    AssertIntEQ(RSA_bits(rsa), 21);
+    ExpectIntEQ(BN_hex2bn(&rsa->n, "1FFFFF"), 1);
+    ExpectIntEQ(RSA_bits(rsa), 21);
     RSA_free(rsa);
+    rsa = NULL;
 
 #if !defined(USE_FAST_MATH) || (FP_MAX_BITS >= (3072*2))
-    AssertNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
-    AssertIntEQ(RSA_size(rsa), 384);
-    AssertIntEQ(RSA_bits(rsa), 3072);
+    ExpectNotNull(rsa = RSA_generate_key(3072, 17, NULL, NULL));
+    ExpectIntEQ(RSA_size(rsa), 384);
+    ExpectIntEQ(RSA_bits(rsa), 3072);
     RSA_free(rsa);
+    rsa = NULL;
 #endif
 
     /* remove for now with odd key size until adjusting rsa key size check with
        wc_MakeRsaKey()
-    AssertNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
+    ExpectNotNull(rsa = RSA_generate_key(2999, 65537, NULL, NULL));
     RSA_free(rsa);
+    rsa = NULL;
     */
 
-    AssertNull(RSA_generate_key(-1, 3, NULL, NULL));
-    AssertNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL));
-    AssertNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL));
-    AssertNull(RSA_generate_key(2048, 0, NULL, NULL));
+    ExpectNull(RSA_generate_key(-1, 3, NULL, NULL));
+    ExpectNull(RSA_generate_key(RSA_MIN_SIZE - 1, 3, NULL, NULL));
+    ExpectNull(RSA_generate_key(RSA_MAX_SIZE + 1, 3, NULL, NULL));
+    ExpectNull(RSA_generate_key(2048, 0, NULL, NULL));
 
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_ASN)
@@ -57593,32 +56790,30 @@ static int test_wolfSSL_RSA(void)
         byte der[FOURK_BUF];
         const char PrivKeyPemFile[] = "certs/client-keyEnc.pem";
 
-        XFILE f;
+        XFILE f = XBADFILE;
         int bytes;
 
         /* test loading encrypted RSA private pem w/o password */
-        f = XFOPEN(PrivKeyPemFile, "rb");
-        AssertTrue((f != XBADFILE));
-        bytes = (int)XFREAD(buff, 1, sizeof(buff), f);
-        XFCLOSE(f);
+        ExpectTrue((f = XFOPEN(PrivKeyPemFile, "rb")) != XBADFILE);
+        ExpectIntGT(bytes = (int)XFREAD(buff, 1, sizeof(buff), f), 0);
+        if (f != XBADFILE)
+            XFCLOSE(f);
         XMEMSET(der, 0, sizeof(der));
         /* test that error value is returned with no password */
-        AssertIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""), 0);
+        ExpectIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), ""),
+            0);
     }
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_DER(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(NO_RSA) && !defined(HAVE_USER_RSA) && defined(OPENSSL_EXTRA)
-
-    RSA *rsa;
+    RSA *rsa = NULL;
     int i;
     const unsigned char *buff = NULL;
     unsigned char *newBuff = NULL;
@@ -57651,101 +56846,102 @@ static int test_wolfSSL_RSA_DER(void)
         {NULL, 0}
     };
 
-    AssertNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz));
+    ExpectNull(d2i_RSAPublicKey(&rsa, NULL, pub[0].sz));
     buff = pub[0].der;
-    AssertNull(d2i_RSAPublicKey(&rsa, &buff, 1));
-    AssertNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz));
+    ExpectNull(d2i_RSAPublicKey(&rsa, &buff, 1));
+    ExpectNull(d2i_RSAPrivateKey(&rsa, NULL, tbl[0].sz));
     buff = tbl[0].der;
-    AssertNull(d2i_RSAPrivateKey(&rsa, &buff, 1));
+    ExpectNull(d2i_RSAPrivateKey(&rsa, &buff, 1));
 
-    AssertIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG);
+    ExpectIntEQ(i2d_RSAPublicKey(NULL, NULL), BAD_FUNC_ARG);
     rsa = RSA_new();
-    AssertIntEQ(i2d_RSAPublicKey(rsa, NULL), 0);
+    ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), 0);
     RSA_free(rsa);
+    rsa = NULL;
 
     for (i = 0; tbl[i].der != NULL; i++)
     {
         /* Passing in pointer results in pointer moving. */
         buff = tbl[i].der;
-        AssertNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz));
-        AssertNotNull(rsa);
+        ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, tbl[i].sz));
+        ExpectNotNull(rsa);
         RSA_free(rsa);
+        rsa = NULL;
     }
     for (i = 0; tbl[i].der != NULL; i++)
     {
         /* Passing in pointer results in pointer moving. */
         buff = tbl[i].der;
-        AssertNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz));
-        AssertNotNull(rsa);
+        ExpectNotNull(d2i_RSAPrivateKey(&rsa, &buff, tbl[i].sz));
+        ExpectNotNull(rsa);
         RSA_free(rsa);
+        rsa = NULL;
     }
 
     for (i = 0; pub[i].der != NULL; i++)
     {
         buff = pub[i].der;
-        AssertNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz));
-        AssertNotNull(rsa);
-        AssertIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz);
+        ExpectNotNull(d2i_RSAPublicKey(&rsa, &buff, pub[i].sz));
+        ExpectNotNull(rsa);
+        ExpectIntEQ(i2d_RSAPublicKey(rsa, NULL), pub[i].sz);
         newBuff = NULL;
-        AssertIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz);
-        AssertNotNull(newBuff);
-        AssertIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0);
+        ExpectIntEQ(i2d_RSAPublicKey(rsa, &newBuff), pub[i].sz);
+        ExpectNotNull(newBuff);
+        ExpectIntEQ(XMEMCMP((void *)newBuff, (void *)pub[i].der, pub[i].sz), 0);
         XFREE((void *)newBuff, NULL, DYNAMIC_TYPE_TMP_BUFFER);
         RSA_free(rsa);
+        rsa = NULL;
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_print(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
    !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && defined(WOLFSSL_KEY_GEN) && \
    !defined(HAVE_FAST_RSA) && !defined(NO_BIO) && defined(XFPRINTF)
-    BIO *bio;
+    BIO *bio = NULL;
     WOLFSSL_RSA* rsa = NULL;
 
-    AssertNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
-    AssertNotNull(rsa = RSA_new());
+    ExpectNotNull(bio = BIO_new_fd(STDERR_FILENO, BIO_NOCLOSE));
+    ExpectNotNull(rsa = RSA_new());
 
-    AssertIntEQ(RSA_print(NULL, rsa, 0), -1);
-    AssertIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0);
-    AssertIntEQ(RSA_print(bio, NULL, 0), -1);
-    AssertIntEQ(RSA_print_fp(stderr, NULL, 0), 0);
+    ExpectIntEQ(RSA_print(NULL, rsa, 0), -1);
+    ExpectIntEQ(RSA_print_fp(XBADFILE, rsa, 0), 0);
+    ExpectIntEQ(RSA_print(bio, NULL, 0), -1);
+    ExpectIntEQ(RSA_print_fp(stderr, NULL, 0), 0);
     /* Some very large number of indent spaces. */
-    AssertIntEQ(RSA_print(bio, rsa, 128), -1);
+    ExpectIntEQ(RSA_print(bio, rsa, 128), -1);
     /* RSA is empty. */
-    AssertIntEQ(RSA_print(bio, rsa, 0), 0);
-    AssertIntEQ(RSA_print_fp(stderr, rsa, 0), 0);
+    ExpectIntEQ(RSA_print(bio, rsa, 0), 0);
+    ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 0);
 
     RSA_free(rsa);
-    AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+    rsa = NULL;
+    ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
 
-    AssertIntEQ(RSA_print(bio, rsa, 0), 1);
-    AssertIntEQ(RSA_print(bio, rsa, 4), 1);
-    AssertIntEQ(RSA_print(bio, rsa, -1), 1);
-    AssertIntEQ(RSA_print_fp(stderr, rsa, 0), 1);
-    AssertIntEQ(RSA_print_fp(stderr, rsa, 4), 1);
-    AssertIntEQ(RSA_print_fp(stderr, rsa, -1), 1);
+    ExpectIntEQ(RSA_print(bio, rsa, 0), 1);
+    ExpectIntEQ(RSA_print(bio, rsa, 4), 1);
+    ExpectIntEQ(RSA_print(bio, rsa, -1), 1);
+    ExpectIntEQ(RSA_print_fp(stderr, rsa, 0), 1);
+    ExpectIntEQ(RSA_print_fp(stderr, rsa, 4), 1);
+    ExpectIntEQ(RSA_print_fp(stderr, rsa, -1), 1);
 
     BIO_free(bio);
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
-#ifndef NO_RSA
 static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
+#ifndef NO_RSA
 #if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    RSA *rsa;
+    RSA *rsa = NULL;
     const unsigned char *derBuf = client_key_der_2048;
     unsigned char em[256] = {0}; /* len = 2048/8 */
     /* Random data simulating a hash */
@@ -57755,62 +56951,60 @@ static int test_wolfSSL_RSA_padding_add_PKCS1_PSS(void)
         0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
     };
 
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_DIGEST), 0);
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_DIGEST), 0);
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_DIGEST), 0);
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL,
-                                          RSA_PSS_SALTLEN_DIGEST), 0);
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0);
-
-    AssertIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 0);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 0);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 0);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 0);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 0);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0);
-
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_DIGEST), 1);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_DIGEST), 1);
-
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_MAX_SIGN), 1);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_MAX_SIGN), 1);
-
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
-                                          RSA_PSS_SALTLEN_MAX), 1);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
-                                     RSA_PSS_SALTLEN_MAX), 1);
-
-    AssertIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1);
-    AssertIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1);
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(NULL, em, mHash, EVP_sha256(),
+        RSA_PSS_SALTLEN_DIGEST), 0);
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, NULL, mHash, EVP_sha256(),
+        RSA_PSS_SALTLEN_DIGEST), 0);
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, NULL, EVP_sha256(),
+        RSA_PSS_SALTLEN_DIGEST), 0);
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, NULL,
+        RSA_PSS_SALTLEN_DIGEST), 0);
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), -5), 0);
+
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(NULL, mHash, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_MAX_SIGN), 0);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, NULL, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_MAX_SIGN), 0);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, NULL, em,
+        RSA_PSS_SALTLEN_MAX_SIGN), 0);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), NULL,
+        RSA_PSS_SALTLEN_MAX_SIGN), 0);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_MAX_SIGN), 0);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, -5), 0);
+
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+        RSA_PSS_SALTLEN_DIGEST), 1);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_DIGEST), 1);
+
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+        RSA_PSS_SALTLEN_MAX_SIGN), 1);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_MAX_SIGN), 1);
+
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(),
+        RSA_PSS_SALTLEN_MAX), 1);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em,
+        RSA_PSS_SALTLEN_MAX), 1);
+
+    ExpectIntEQ(RSA_padding_add_PKCS1_PSS(rsa, em, mHash, EVP_sha256(), 10), 1);
+    ExpectIntEQ(RSA_verify_PKCS1_PSS(rsa, mHash, EVP_sha256(), em, 10), 1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
-    return res;
-}
 #endif
+    return EXPECT_RESULT();
+}
 
 static int test_wolfSSL_RSA_sign_sha3(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(WOLFSSL_SHA3) && !defined(WOLFSSL_NOSHA3_256)
 #if defined(OPENSSL_ALL) && defined(WC_RSA_PSS) && !defined(WC_NO_RNG)
-    RSA *rsa;
+    RSA* rsa = NULL;
     const unsigned char *derBuf = client_key_der_2048;
     unsigned char sigRet[256] = {0};
     unsigned int sigLen = sizeof(sigRet);
@@ -57821,21 +57015,19 @@ static int test_wolfSSL_RSA_sign_sha3(void)
         0x6f, 0x8a, 0x3c, 0x42, 0xab, 0x21, 0xad, 0x28
     };
 
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
-    AssertIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet,
-                            &sigLen, rsa), 1);
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &derBuf, sizeof_client_key_der_2048));
+    ExpectIntEQ(RSA_sign(NID_sha3_256, mHash, sizeof(mHash), sigRet, &sigLen,
+        rsa), 1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_ALL && WC_RSA_PSS && !WC_NO_RNG*/
 #endif /* !NO_RSA && WOLFSSL_SHA3 && !WOLFSSL_NOSHA3_256*/
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_get0_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_USER_RSA)
     RSA *rsa = NULL;
     const BIGNUM* n = NULL;
@@ -57860,115 +57052,118 @@ static int test_wolfSSL_RSA_get0_key(void)
         RSA_get0_key(NULL, NULL, NULL, NULL);
         RSA_get0_key(rsa, NULL, NULL, NULL);
         RSA_get0_key(NULL, &n, &e, &d);
-        AssertNull(n);
-        AssertNull(e);
-        AssertNull(d);
+        ExpectNull(n);
+        ExpectNull(e);
+        ExpectNull(d);
 
-        AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz));
-        AssertNotNull(rsa);
+        ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, derSz));
+        ExpectNotNull(rsa);
 
         RSA_get0_key(rsa, NULL, NULL, NULL);
         RSA_get0_key(rsa, &n, NULL, NULL);
-        AssertNotNull(n);
+        ExpectNotNull(n);
         RSA_get0_key(rsa, NULL, &e, NULL);
-        AssertNotNull(e);
+        ExpectNotNull(e);
         RSA_get0_key(rsa, NULL, NULL, &d);
-        AssertNotNull(d);
+        ExpectNotNull(d);
         RSA_get0_key(rsa, &n, &e, &d);
-        AssertNotNull(n);
-        AssertNotNull(e);
-        AssertNotNull(d);
+        ExpectNotNull(n);
+        ExpectNotNull(e);
+        ExpectNotNull(d);
 
         RSA_free(rsa);
     }
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_meth(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
-    RSA *rsa;
-    RSA_METHOD *rsa_meth;
+    RSA *rsa = NULL;
+    RSA_METHOD *rsa_meth = NULL;
 
 #ifdef WOLFSSL_KEY_GEN
-    AssertNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+    ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
     RSA_free(rsa);
+    rsa = NULL;
 #else
-    AssertNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
+    ExpectNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
 #endif
 
-    AssertNotNull(RSA_get_default_method());
+    ExpectNotNull(RSA_get_default_method());
 
     wolfSSL_RSA_meth_free(NULL);
 
-    AssertNull(wolfSSL_RSA_meth_new(NULL, 0));
+    ExpectNull(wolfSSL_RSA_meth_new(NULL, 0));
 
-    AssertNotNull(rsa_meth =
-            RSA_meth_new("placeholder RSA method", RSA_METHOD_FLAG_NO_CHECK));
+    ExpectNotNull(rsa_meth = RSA_meth_new("placeholder RSA method",
+        RSA_METHOD_FLAG_NO_CHECK));
 
 #ifndef NO_WOLFSSL_STUB
-    AssertIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
-    AssertIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_pub_enc(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_pub_dec(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_priv_enc(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_priv_dec(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_init(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set_finish(rsa_meth, NULL), 1);
+    ExpectIntEQ(RSA_meth_set0_app_data(rsa_meth, NULL), 1);
 #endif
 
-    AssertIntEQ(RSA_flags(NULL), 0);
+    ExpectIntEQ(RSA_flags(NULL), 0);
     RSA_set_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
     RSA_clear_flags(NULL, RSA_FLAG_CACHE_PUBLIC);
-    AssertIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0);
+    ExpectIntEQ(RSA_test_flags(NULL, RSA_FLAG_CACHE_PUBLIC), 0);
 
-    AssertNotNull(rsa = RSA_new());
+    ExpectNotNull(rsa = RSA_new());
     /* No method set. */
-    AssertIntEQ(RSA_flags(rsa), 0);
+    ExpectIntEQ(RSA_flags(rsa), 0);
     RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
     RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
-    AssertIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+    ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
 
-    AssertIntEQ(RSA_set_method(NULL, rsa_meth), 1);
-    AssertIntEQ(RSA_set_method(rsa, rsa_meth), 1);
-    AssertNull(RSA_get_method(NULL));
-    AssertPtrEq(RSA_get_method(rsa), rsa_meth);
-    AssertIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
+    ExpectIntEQ(RSA_set_method(NULL, rsa_meth), 1);
+    ExpectIntEQ(RSA_set_method(rsa, rsa_meth), 1);
+    if (EXPECT_FAIL()) {
+        wolfSSL_RSA_meth_free(rsa_meth);
+    }
+    ExpectNull(RSA_get_method(NULL));
+    ExpectPtrEq(RSA_get_method(rsa), rsa_meth);
+    ExpectIntEQ(RSA_flags(rsa), RSA_METHOD_FLAG_NO_CHECK);
     RSA_set_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
-    AssertIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
-    AssertIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC |
+    ExpectIntNE(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+    ExpectIntEQ(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC |
                                 RSA_METHOD_FLAG_NO_CHECK);
     RSA_clear_flags(rsa, RSA_FLAG_CACHE_PUBLIC);
-    AssertIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
-    AssertIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
+    ExpectIntEQ(RSA_test_flags(rsa, RSA_FLAG_CACHE_PUBLIC), 0);
+    ExpectIntNE(RSA_flags(rsa), RSA_FLAG_CACHE_PUBLIC);
 
     /* rsa_meth is freed here */
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_verify(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA) && \
     !defined(NO_FILESYSTEM)
 #ifndef NO_BIO
-    XFILE fp;
-    RSA *pKey, *pubKey;
-    X509 *cert;
+    XFILE fp = XBADFILE;
+    RSA *pKey = NULL;
+    RSA *pubKey = NULL;
+    X509 *cert = NULL;
     const char *text = "Hello wolfSSL !";
     unsigned char hash[SHA256_DIGEST_LENGTH];
     unsigned char signature[2048/8];
     unsigned int signatureLength;
-    byte *buf;
-    BIO *bio;
+    byte *buf = NULL;
+    BIO *bio = NULL;
     SHA256_CTX c;
-    EVP_PKEY *evpPkey, *evpPubkey;
+    EVP_PKEY *evpPkey = NULL;
+    EVP_PKEY *evpPubkey = NULL;
     size_t sz;
 
     /* generate hash */
@@ -57981,39 +57176,41 @@ static int test_wolfSSL_RSA_verify(void)
 #endif
 
     /* read privete key file */
-    fp = XFOPEN(svrKeyFile, "rb");
-    AssertTrue((fp != XBADFILE));
-    AssertIntEQ(XFSEEK(fp, 0, XSEEK_END), 0);
-    sz = XFTELL(fp);
-    AssertIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0);
-    AssertNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
-    AssertIntEQ(XFREAD(buf, 1, sz, fp), sz);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN(svrKeyFile, "rb")) != XBADFILE);
+    ExpectIntEQ(XFSEEK(fp, 0, XSEEK_END), 0);
+    ExpectTrue((sz = XFTELL(fp)) > 0);
+    ExpectIntEQ(XFSEEK(fp, 0, XSEEK_SET), 0);
+    ExpectNotNull(buf = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE));
+    ExpectIntEQ(XFREAD(buf, 1, sz, fp), sz);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
 
     /* read private key and sign hash data */
-    AssertNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
-    AssertNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
-    AssertNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey));
-    AssertIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH,
-                            signature, &signatureLength, pKey), SSL_SUCCESS);
+    ExpectNotNull(bio = BIO_new_mem_buf(buf, (int)sz));
+    ExpectNotNull(evpPkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL));
+    ExpectNotNull(pKey = EVP_PKEY_get1_RSA(evpPkey));
+    ExpectIntEQ(RSA_sign(NID_sha256, hash, SHA256_DIGEST_LENGTH,
+        signature, &signatureLength, pKey), SSL_SUCCESS);
 
     /* read public key and verify signed data */
-    fp = XFOPEN(svrCertFile,"rb");
-    AssertTrue((fp != XBADFILE));
-    cert = PEM_read_X509(fp, 0, 0, 0 );
-    XFCLOSE(fp);
-    evpPubkey = X509_get_pubkey(cert);
-    pubKey = EVP_PKEY_get1_RSA(evpPubkey);
-    AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
-                                signatureLength, pubKey), SSL_SUCCESS);
+    ExpectTrue((fp = XFOPEN(svrCertFile,"rb")) != XBADFILE);
+    ExpectNotNull(cert = PEM_read_X509(fp, 0, 0, 0 ));
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
+    ExpectNotNull(evpPubkey = X509_get_pubkey(cert));
+    ExpectNotNull(pubKey = EVP_PKEY_get1_RSA(evpPubkey));
+    ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
+        signatureLength, pubKey), SSL_SUCCESS);
 
-    AssertIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL,
+    ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, NULL,
         signatureLength, NULL), SSL_FAILURE);
-    AssertIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature,
+    ExpectIntEQ(RSA_verify(NID_sha256, NULL, SHA256_DIGEST_LENGTH, signature,
         signatureLength, pubKey), SSL_FAILURE);
-    AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL,
+    ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, NULL,
         signatureLength, pubKey), SSL_FAILURE);
-    AssertIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
+    ExpectIntEQ(RSA_verify(NID_sha256, hash, SHA256_DIGEST_LENGTH, signature,
         signatureLength, NULL), SSL_FAILURE);
 
 
@@ -58024,16 +57221,14 @@ static int test_wolfSSL_RSA_verify(void)
     X509_free(cert);
     BIO_free(bio);
     XFREE(buf, NULL, DYNAMIC_TYPE_FILE);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_sign(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
     RSA *rsa;
     unsigned char hash[SHA256_DIGEST_LENGTH];
@@ -58057,43 +57252,42 @@ static int test_wolfSSL_RSA_sign(void)
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0);
-    AssertIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature,
+    /* Invalid parameters. */
+    ExpectIntEQ(RSA_sign(NID_rsaEncryption, NULL, 0, NULL, NULL, NULL), 0);
+    ExpectIntEQ(RSA_sign(NID_rsaEncryption, hash, sizeof(hash), signature,
         &signatureLen, rsa), 0);
-    AssertIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature,
+    ExpectIntEQ(RSA_sign(NID_sha256, NULL, sizeof(hash), signature,
         &signatureLen, rsa), 0);
-    AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL,
+    ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), NULL,
         &signatureLen, rsa), 0);
-    AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
         NULL, rsa), 0);
-    AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, NULL), 0);
 
-    AssertIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(RSA_sign(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, rsa), 1);
 
     RSA_free(rsa);
     der = pubDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+    ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
 
-    AssertIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
         signatureLen, rsa), 1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_sign_ex(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
-    RSA *rsa;
+    RSA *rsa = NULL;
     unsigned char hash[SHA256_DIGEST_LENGTH];
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
@@ -58125,63 +57319,61 @@ static int test_wolfSSL_RSA_sign_ex(void)
 
     XMEMSET(hash, 0, sizeof(hash));
 
-    AssertNotNull(rsa = wolfSSL_RSA_new());
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectNotNull(rsa = wolfSSL_RSA_new());
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, rsa, 1), 0);
     wolfSSL_RSA_free(rsa);
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption,NULL, 0, NULL, NULL, NULL,
         -1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash),
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_rsaEncryption, hash, sizeof(hash),
         signature, &signatureLen, rsa, 1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
         &signatureLen, rsa, 1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
         &signatureLen, rsa, 1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         NULL, rsa, 1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, NULL, 1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, rsa, -1), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, NULL, sizeof(hash), signature,
         &signatureLen, rsa, 0), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), NULL,
         &signatureLen, rsa, 0), 0);
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         NULL, rsa, 0), 0);
 
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), signature,
         &signatureLen, rsa, 1), 1);
     /* Test returning encoded hash. */
-    AssertIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash,
+    ExpectIntEQ(wolfSSL_RSA_sign_ex(NID_sha256, hash, sizeof(hash), encodedHash,
         &encodedHashLen, rsa, 0), 1);
-    AssertIntEQ(encodedHashLen, sizeof(expEncHash));
-    AssertIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0);
+    ExpectIntEQ(encodedHashLen, sizeof(expEncHash));
+    ExpectIntEQ(XMEMCMP(encodedHash, expEncHash, sizeof(expEncHash)), 0);
 
     RSA_free(rsa);
     der = pubDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+    ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
 
-    AssertIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
+    ExpectIntEQ(RSA_verify(NID_sha256, hash, sizeof(hash), signature,
         signatureLen, rsa), 1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 
 static int test_wolfSSL_RSA_public_decrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
     RSA *rsa;
     unsigned char msg[SHA256_DIGEST_LENGTH];
@@ -58317,48 +57509,46 @@ static int test_wolfSSL_RSA_public_decrypt(void)
 
     der = pubDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+    ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
 
-    AssertIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1);
-    AssertIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa,
+    ExpectIntEQ(RSA_public_decrypt(0, NULL, NULL, NULL, 0), -1);
+    ExpectIntEQ(RSA_public_decrypt(-1, encMsg, decMsg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), NULL, decMsg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, NULL,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
         RSA_PKCS1_PSS_PADDING), -1);
 
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsg), encMsg, decMsg, rsa,
         RSA_PKCS1_PADDING), 32);
-    AssertIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0);
+    ExpectIntEQ(XMEMCMP(decMsg, msg, sizeof(msg)), 0);
 
 #if !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || \
     (defined(HAVE_FIPS_VERSION) && HAVE_FIPS_VERSION > 2)) && \
     defined(WC_RSA_NO_PADDING)
-    AssertIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg,
+    ExpectIntEQ(RSA_public_decrypt(sizeof(encMsgNoPad), encMsgNoPad, decMsg,
         rsa, RSA_NO_PADDING), sizeof(decMsg));
     /* Zeros before actual data. */
     for (i = 0; i < (int)(sizeof(decMsg) - sizeof(msg)); i += sizeof(msg)) {
-        AssertIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
+        ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
     }
     /* Check actual data. */
     XMEMSET(msg, 0x01, sizeof(msg));
-    AssertIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
+    ExpectIntEQ(XMEMCMP(decMsg + i, msg, sizeof(msg)), 0);
 #endif
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_private_encrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
     RSA *rsa;
     unsigned char msg[SHA256_DIGEST_LENGTH];
@@ -58485,104 +57675,98 @@ static int test_wolfSSL_RSA_private_encrypt(void)
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1);
-    AssertIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING),
+    ExpectIntEQ(RSA_private_encrypt(0, NULL, NULL, NULL, 0), -1);
+    ExpectIntEQ(RSA_private_encrypt(0, msg, encMsg, rsa, RSA_PKCS1_PADDING),
         -1);
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), NULL, encMsg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, NULL, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, NULL,
          RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
          RSA_PKCS1_PSS_PADDING), -1);
 
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
          RSA_PKCS1_PADDING), sizeof(encMsg));
-    AssertIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0);
+    ExpectIntEQ(XMEMCMP(encMsg, expEncMsg, sizeof(expEncMsg)), 0);
 
 #ifdef WC_RSA_NO_PADDING
     /* Non-zero message. */
     XMEMSET(msg, 0x01, sizeof(msg));
-    AssertIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
+    ExpectIntEQ(RSA_private_encrypt(sizeof(msg), msg, encMsg, rsa,
          RSA_NO_PADDING), sizeof(encMsg));
-    AssertIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0);
+    ExpectIntEQ(XMEMCMP(encMsg, expEncMsgNoPad, sizeof(expEncMsgNoPad)), 0);
 #endif
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_public_encrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
-    RSA* rsa;
+    RSA* rsa = NULL;
     const unsigned char msg[2048/8] = { 0 };
     unsigned char encMsg[2048/8];
 
-    AssertNotNull(rsa = RSA_new());
+    ExpectNotNull(rsa = RSA_new());
 
-    AssertIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa,
+    ExpectIntEQ(RSA_public_encrypt(-1, msg, encMsg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa,
+    ExpectIntEQ(RSA_public_encrypt(sizeof(msg), NULL, encMsg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa,
+    ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, NULL, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL,
+    ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, NULL,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
+    ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
         RSA_PKCS1_PSS_PADDING), -1);
     /* Empty RSA key. */
-    AssertIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
+    ExpectIntEQ(RSA_public_encrypt(sizeof(msg), msg, encMsg, rsa,
         RSA_PKCS1_PADDING), -1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_private_decrypt(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(HAVE_FAST_RSA)
-    RSA* rsa;
+    RSA* rsa = NULL;
     unsigned char msg[2048/8];
     const unsigned char encMsg[2048/8] = { 0 };
 
-    AssertNotNull(rsa = RSA_new());
+    ExpectNotNull(rsa = RSA_new());
 
-    AssertIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa,
+    ExpectIntEQ(RSA_private_decrypt(-1, encMsg, msg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa,
+    ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), NULL, msg, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
+    ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, NULL, rsa,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL,
+    ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, NULL,
         RSA_PKCS1_PADDING), -1);
-    AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
+    ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
         RSA_PKCS1_PSS_PADDING), -1);
     /* Empty RSA key. */
-    AssertIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
+    ExpectIntEQ(RSA_private_decrypt(sizeof(encMsg), encMsg, msg, rsa,
         RSA_PKCS1_PADDING), -1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_GenAdd(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
     RSA *rsa;
 #ifdef USE_CERT_BUFFERS_1024
@@ -58600,36 +57784,34 @@ static int test_wolfSSL_RSA_GenAdd(void)
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(wolfSSL_RSA_GenAdd(NULL), -1);
+    ExpectIntEQ(wolfSSL_RSA_GenAdd(NULL), -1);
 #ifndef RSA_LOW_MEM
-    AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), 1);
+    ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), 1);
 #else
     /* dmp1 and dmq1 are not set (allocated) when RSA_LOW_MEM. */
-    AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
+    ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
 #endif
 
     RSA_free(rsa);
     der = pubDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+    ExpectNotNull(d2i_RSAPublicKey(&rsa, &der, pubDerSz));
     /* Need private values. */
-    AssertIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
+    ExpectIntEQ(wolfSSL_RSA_GenAdd(rsa), -1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_blinding_on(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && !defined(NO_WOLFSSL_STUB)
     RSA *rsa;
-    WOLFSSL_BN_CTX *bnCtx;
+    WOLFSSL_BN_CTX *bnCtx = NULL;
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
     size_t privDerSz = sizeof_client_key_der_1024;
@@ -58641,64 +57823,60 @@ static int test_wolfSSL_RSA_blinding_on(void)
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
-    AssertNotNull(bnCtx = wolfSSL_BN_CTX_new());
+    ExpectNotNull(d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(bnCtx = wolfSSL_BN_CTX_new());
 
     /* Does nothing so all parameters are valid. */
-    AssertIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1);
-    AssertIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1);
-    AssertIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1);
-    AssertIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1);
+    ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, NULL), 1);
+    ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, NULL), 1);
+    ExpectIntEQ(wolfSSL_RSA_blinding_on(NULL, bnCtx), 1);
+    ExpectIntEQ(wolfSSL_RSA_blinding_on(rsa, bnCtx), 1);
 
     wolfSSL_BN_CTX_free(bnCtx);
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_ex_data(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA)
-    RSA* rsa;
+    RSA* rsa = NULL;
     unsigned char data[1];
 
-    rsa = RSA_new();
+    ExpectNotNull(rsa = RSA_new());
 
-    AssertNull(wolfSSL_RSA_get_ex_data(NULL, 0));
-    AssertNull(wolfSSL_RSA_get_ex_data(rsa, 0));
+    ExpectNull(wolfSSL_RSA_get_ex_data(NULL, 0));
+    ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
 #ifdef MAX_EX_DATA
-    AssertNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA));
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0);
+    ExpectNull(wolfSSL_RSA_get_ex_data(rsa, MAX_EX_DATA));
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, MAX_EX_DATA, data), 0);
 #endif
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0);
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0);
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, NULL), 0);
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(NULL, 0, data), 0);
 
 #ifdef HAVE_EX_DATA
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1);
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1);
-    AssertPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data);
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 1);
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 1);
+    ExpectPtrEq(wolfSSL_RSA_get_ex_data(rsa, 0), data);
 #else
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0);
-    AssertIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0);
-    AssertNull(wolfSSL_RSA_get_ex_data(rsa, 0));
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, NULL), 0);
+    ExpectIntEQ(wolfSSL_RSA_set_ex_data(rsa, 0, data), 0);
+    ExpectNull(wolfSSL_RSA_get_ex_data(rsa, 0));
 #endif
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !NO_RSA && OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_RSA_LoadDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && (defined(OPENSSL_EXTRA) || \
     defined(OPENSSL_EXTRA_X509_SMALL))
-    RSA *rsa;
+    RSA *rsa = NULL;
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
     size_t privDerSz = sizeof_client_key_der_1024;
@@ -58707,29 +57885,27 @@ static int test_wolfSSL_RSA_LoadDer(void)
     size_t privDerSz = sizeof_client_key_der_2048;
 #endif
 
-    AssertNotNull(rsa = RSA_new());
+    ExpectNotNull(rsa = RSA_new());
 
-    AssertIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1);
-    AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1);
-    AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1);
+    ExpectIntEQ(wolfSSL_RSA_LoadDer(NULL, privDer, (int)privDerSz), -1);
+    ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, NULL, (int)privDerSz), -1);
+    ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, 0), -1);
 
-    AssertIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1);
+    ExpectIntEQ(wolfSSL_RSA_LoadDer(rsa, privDer, (int)privDerSz), 1);
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !NO_RSA && OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* Local API. */
 static int test_wolfSSL_RSA_To_Der(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLFSSL_TEST_STATIC_BUILD
 #if defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA) && \
     defined(OPENSSL_EXTRA) && !defined(NO_RSA)
-     RSA* rsa;
+    RSA* rsa;
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
     size_t privDerSz = sizeof_client_key_der_1024;
@@ -58748,93 +57924,87 @@ static int test_wolfSSL_RSA_To_Der(void)
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(NULL, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 2, HEAP_HINT), BAD_FUNC_ARG);
 
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 0, HEAP_HINT), privDerSz);
     outDer = out;
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
-    AssertIntEQ(XMEMCMP(out, privDer, privDerSz), 0);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
+    ExpectIntEQ(XMEMCMP(out, privDer, privDerSz), 0);
     outDer = NULL;
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
-    AssertNotNull(outDer);
-    AssertIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), privDerSz);
+    ExpectNotNull(outDer);
+    ExpectIntEQ(XMEMCMP(outDer, privDer, privDerSz), 0);
     XFREE(outDer, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, NULL, 1, HEAP_HINT), pubDerSz);
     outDer = out;
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz);
-    AssertIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), pubDerSz);
+    ExpectIntEQ(XMEMCMP(out, pubDer, pubDerSz), 0);
 
     RSA_free(rsa);
 
-    AssertNotNull(rsa = RSA_new());
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG);
+    ExpectNotNull(rsa = RSA_new());
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 1, HEAP_HINT), BAD_FUNC_ARG);
     RSA_free(rsa);
 
     der = pubDer;
     rsa = NULL;
-    AssertNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz));
-    AssertIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
+    ExpectNotNull(wolfSSL_d2i_RSAPublicKey(&rsa, &der, pubDerSz));
+    ExpectIntEQ(wolfSSL_RSA_To_Der(rsa, &outDer, 0, HEAP_HINT), BAD_FUNC_ARG);
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
 static int test_wolfSSL_PEM_read_RSAPublicKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM)
-    XFILE file;
+    XFILE file = XBADFILE;
     const char* fname = "./certs/server-keyPub.pem";
-    RSA *rsa;
+    RSA *rsa = NULL;
 
-    AssertNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL));
+    ExpectNull(wolfSSL_PEM_read_RSAPublicKey(XBADFILE, NULL, NULL, NULL));
 
-    file = XFOPEN(fname, "rb");
-    AssertTrue((file != XBADFILE));
-    AssertNotNull((rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL)));
-    AssertIntEQ(RSA_size(rsa), 256);
+    ExpectTrue((file = XFOPEN(fname, "rb")) != XBADFILE);
+    ExpectNotNull(rsa = PEM_read_RSA_PUBKEY(file, NULL, NULL, NULL));
+    ExpectIntEQ(RSA_size(rsa), 256);
     RSA_free(rsa);
-    XFCLOSE(file);
-
-    res = TEST_RES_CHECK(1);
+    if (file != XBADFILE)
+        XFCLOSE(file);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 /* wolfSSL_PEM_read_RSAPublicKey is a stub function. */
 static int test_wolfSSL_PEM_write_RSA_PUBKEY(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && !defined(NO_FILESYSTEM) && \
     defined(WOLFSSL_KEY_GEN) && !defined(HAVE_USER_RSA)
     RSA* rsa = NULL;
 
-    AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0);
-    AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0);
+    ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(XBADFILE, NULL), 0);
+    ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, NULL), 0);
     /* Valid but stub so returns 0. */
-    AssertIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_PEM_write_RSA_PUBKEY(stderr, rsa), 0);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_write_RSAPrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_USER_RSA) && (defined(WOLFSSL_PEM_TO_DER) || \
     defined(WOLFSSL_DER_TO_PEM)) && !defined(NO_FILESYSTEM)
-    RSA* rsa;
+    RSA* rsa = NULL;
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
     size_t privDerSz = sizeof_client_key_der_1024;
@@ -58847,42 +58017,40 @@ static int test_wolfSSL_PEM_write_RSAPrivateKey(void)
     unsigned char passwd[] = "password";
 #endif
 
-    AssertNotNull(rsa = RSA_new());
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
+    ExpectNotNull(rsa = RSA_new());
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
         NULL, NULL), 0);
     RSA_free(rsa);
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0,
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(XBADFILE, rsa, NULL, NULL, 0,
         NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0,
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, NULL, NULL, NULL, 0,
         NULL, NULL), 0);
 
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, NULL, NULL, 0,
         NULL, NULL), 1);
 #ifndef NO_AES
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
         NULL, 0, NULL, NULL), 1);
-    AssertIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
+    ExpectIntEQ(wolfSSL_PEM_write_RSAPrivateKey(stderr, rsa, EVP_aes_128_cbc(),
         passwd, sizeof(passwd) - 1, NULL, NULL), 1);
 #endif
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_RSA) && defined(OPENSSL_EXTRA) && defined(WOLFSSL_KEY_GEN) && \
     !defined(HAVE_USER_RSA) && (defined(WOLFSSL_PEM_TO_DER) || \
     defined(WOLFSSL_DER_TO_PEM))
-    RSA* rsa;
+    RSA* rsa = NULL;
 #ifdef USE_CERT_BUFFERS_1024
     const unsigned char* privDer = client_key_der_1024;
     size_t privDerSz = sizeof_client_key_der_1024;
@@ -58894,54 +58062,54 @@ static int test_wolfSSL_PEM_write_mem_RSAPrivateKey(void)
 #ifndef NO_AES
     unsigned char passwd[] = "password";
 #endif
-    unsigned char* pem;
+    unsigned char* pem = NULL;
     int plen;
 
-    AssertNotNull(rsa = RSA_new());
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+    ExpectNotNull(rsa = RSA_new());
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
         &plen), 0);
     RSA_free(rsa);
 
     der = privDer;
     rsa = NULL;
-    AssertNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
+    ExpectNotNull(wolfSSL_d2i_RSAPrivateKey(&rsa, &der, privDerSz));
 
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem,
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(NULL, NULL, NULL, 0, &pem,
         &plen), 0);
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL,
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, NULL,
         &plen), 0);
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
         NULL), 0);
 
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, NULL, NULL, 0, &pem,
         &plen), 1);
     XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
+    pem = NULL;
 #ifndef NO_AES
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
         NULL, 0, &pem, &plen), 1);
     XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
-    AssertIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
+    pem = NULL;
+    ExpectIntEQ(wolfSSL_PEM_write_mem_RSAPrivateKey(rsa, EVP_aes_128_cbc(),
         passwd, sizeof(passwd) - 1, &pem, &plen), 1);
     XFREE(pem, NULL, DYNAMIC_TYPE_KEY);
 #endif
 
     RSA_free(rsa);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DH)
     DH *dh = NULL;
     BIGNUM* p;
     BIGNUM* q;
     BIGNUM* g;
-    BIGNUM* pub;
-    BIGNUM* priv;
+    BIGNUM* pub = NULL;
+    BIGNUM* priv = NULL;
 #if defined(OPENSSL_ALL)
 #if !defined(HAVE_FIPS) || \
         (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))
@@ -58953,70 +58121,97 @@ static int test_wolfSSL_DH(void)
     dh = NULL;
     XMEMSET(buf, 0, sizeof(buf));
     /* Test 2048 bit parameters */
-    f = XFOPEN("./certs/dh2048.der", "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN("./certs/dh2048.der", "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    AssertNotNull(dh = d2i_DHparams(NULL, &pt, len));
-    AssertNotNull(dh->p);
-    AssertNotNull(dh->g);
-    AssertTrue(pt == buf);
-    AssertIntEQ(DH_generate_key(dh), 1);
-    AssertIntEQ(DH_generate_key(dh), 1);
-    AssertIntEQ(DH_compute_key(NULL, NULL, NULL), -1);
-    AssertNotNull(pub = BN_new());
-    AssertIntEQ(BN_set_word(pub, 1), 1);
-    AssertIntEQ(DH_compute_key(buf, NULL, NULL), -1);
-    AssertIntEQ(DH_compute_key(NULL, pub, NULL), -1);
-    AssertIntEQ(DH_compute_key(NULL, NULL, dh), -1);
-    AssertIntEQ(DH_compute_key(buf, pub, NULL), -1);
-    AssertIntEQ(DH_compute_key(buf, NULL, dh), -1);
-    AssertIntEQ(DH_compute_key(NULL, pub, dh), -1);
-    AssertIntEQ(DH_compute_key(buf, pub, dh), -1);
+    ExpectNotNull(dh = d2i_DHparams(NULL, &pt, len));
+    ExpectNotNull(dh->p);
+    ExpectNotNull(dh->g);
+    ExpectTrue(pt == buf);
+    ExpectIntEQ(DH_generate_key(dh), 1);
+    ExpectIntEQ(DH_generate_key(dh), 1);
+    ExpectIntEQ(DH_compute_key(NULL, NULL, NULL), -1);
+    ExpectNotNull(pub = BN_new());
+    ExpectIntEQ(BN_set_word(pub, 1), 1);
+    ExpectIntEQ(DH_compute_key(buf, NULL, NULL), -1);
+    ExpectIntEQ(DH_compute_key(NULL, pub, NULL), -1);
+    ExpectIntEQ(DH_compute_key(NULL, NULL, dh), -1);
+    ExpectIntEQ(DH_compute_key(buf, pub, NULL), -1);
+    ExpectIntEQ(DH_compute_key(buf, NULL, dh), -1);
+    ExpectIntEQ(DH_compute_key(NULL, pub, dh), -1);
+    ExpectIntEQ(DH_compute_key(buf, pub, dh), -1);
     BN_free(pub);
+    pub = NULL;
 
     DH_get0_pqg(dh, (const BIGNUM**)&p,
                     (const BIGNUM**)&q,
                     (const BIGNUM**)&g);
-    AssertPtrEq(p, dh->p);
-    AssertPtrEq(q, dh->q);
-    AssertPtrEq(g, dh->g);
+    ExpectPtrEq(p, dh->p);
+    ExpectPtrEq(q, dh->q);
+    ExpectPtrEq(g, dh->g);
     DH_get0_key(NULL, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
     DH_get0_key(dh, (const BIGNUM**)&pub, (const BIGNUM**)&priv);
-    AssertPtrEq(pub, dh->pub_key);
-    AssertPtrEq(priv, dh->priv_key);
+    ExpectPtrEq(pub, dh->pub_key);
+    ExpectPtrEq(priv, dh->priv_key);
     DH_get0_key(dh, (const BIGNUM**)&pub, NULL);
-    AssertPtrEq(pub, dh->pub_key);
+    ExpectPtrEq(pub, dh->pub_key);
     DH_get0_key(dh, NULL, (const BIGNUM**)&priv);
-    AssertPtrEq(priv, dh->priv_key);
-    AssertNotNull(pub = BN_new());
-    AssertNotNull(priv = BN_new());
-    AssertIntEQ(DH_set0_key(NULL, pub, priv), 0);
-    AssertIntEQ(DH_set0_key(dh, pub, priv), 1);
-    AssertNotNull(pub = BN_new());
-    AssertIntEQ(DH_set0_key(dh, pub, NULL), 1);
-    AssertNotNull(priv = BN_new());
-    AssertIntEQ(DH_set0_key(dh, NULL, priv), 1);
-    AssertPtrEq(pub, dh->pub_key);
-    AssertPtrEq(priv, dh->priv_key);
+    ExpectPtrEq(priv, dh->priv_key);
+    pub = NULL;
+    priv = NULL;
+    ExpectNotNull(pub = BN_new());
+    ExpectNotNull(priv = BN_new());
+    ExpectIntEQ(DH_set0_key(NULL, pub, priv), 0);
+    ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(pub);
+        BN_free(priv);
+    }
+    pub = NULL;
+    priv = NULL;
+    ExpectNotNull(pub = BN_new());
+    ExpectIntEQ(DH_set0_key(dh, pub, NULL), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(pub);
+    }
+    ExpectNotNull(priv = BN_new());
+    ExpectIntEQ(DH_set0_key(dh, NULL, priv), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(priv);
+    }
+    ExpectPtrEq(pub, dh->pub_key);
+    ExpectPtrEq(priv, dh->priv_key);
+    pub = NULL;
+    priv = NULL;
 
     DH_free(dh);
+    dh = NULL;
 
-    AssertNotNull(dh = DH_new());
-    AssertNotNull(p = BN_new());
-    AssertIntEQ(BN_set_word(p, 1), 1);
-    AssertIntEQ(DH_compute_key(buf, p, dh), -1);
-    AssertNotNull(pub = BN_new());
-    AssertNotNull(priv = BN_new());
-    AssertIntEQ(DH_set0_key(dh, pub, priv), 1);
-    AssertIntEQ(DH_compute_key(buf, p, dh), -1);
+    ExpectNotNull(dh = DH_new());
+    p = NULL;
+    ExpectNotNull(p = BN_new());
+    ExpectIntEQ(BN_set_word(p, 1), 1);
+    ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
+    ExpectNotNull(pub = BN_new());
+    ExpectNotNull(priv = BN_new());
+    ExpectIntEQ(DH_set0_key(dh, pub, priv), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(pub);
+        BN_free(priv);
+    }
+    pub = NULL;
+    priv = NULL;
+    ExpectIntEQ(DH_compute_key(buf, p, dh), -1);
     BN_free(p);
+    p = NULL;
     DH_free(dh);
+    dh = NULL;
 
 #ifdef WOLFSSL_KEY_GEN
-    AssertNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
-    AssertIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0);
+    ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
+    ExpectIntEQ(wolfSSL_DH_generate_parameters_ex(NULL, 2048, 2, NULL), 0);
     DH_free(dh);
 #endif
 #endif /* !HAVE_FIPS || (HAVE_FIPS_VERSION && HAVE_FIPS_VERSION > 2) */
@@ -59029,8 +58224,7 @@ static int test_wolfSSL_DH(void)
     (void)pub;
     (void)priv;
 
-    dh =  wolfSSL_DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_DH_new());
 
     /* invalid parameters test */
     DH_get0_pqg(NULL, (const BIGNUM**)&p,
@@ -59044,183 +58238,221 @@ static int test_wolfSSL_DH(void)
     DH_get0_pqg(dh, NULL, NULL, (const BIGNUM**)&g);
 
     DH_get0_pqg(dh, NULL, NULL, NULL);
-    AssertTrue(1);
 
     DH_get0_pqg(dh, (const BIGNUM**)&p,
                     (const BIGNUM**)&q,
                     (const BIGNUM**)&g);
 
-    AssertPtrEq(p, NULL);
-    AssertPtrEq(q, NULL);
-    AssertPtrEq(g, NULL);
+    ExpectPtrEq(p, NULL);
+    ExpectPtrEq(q, NULL);
+    ExpectPtrEq(g, NULL);
     DH_free(dh);
+    dh = NULL;
 
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS) && !defined(WOLFSSL_DH_EXTRA)) \
  || (defined(HAVE_FIPS_VERSION) && FIPS_VERSION_GT(2,0))
 #if defined(OPENSSL_ALL) || \
     defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
     dh = wolfSSL_DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh);
     p = wolfSSL_BN_new();
-    AssertNotNull(p);
-    AssertIntEQ(BN_set_word(p, 11), 1);
+    ExpectNotNull(p);
+    ExpectIntEQ(BN_set_word(p, 11), 1);
     g = wolfSSL_BN_new();
-    AssertNotNull(g);
-    AssertIntEQ(BN_set_word(g, 2), 1);
+    ExpectNotNull(g);
+    ExpectIntEQ(BN_set_word(g, 2), 1);
     q = wolfSSL_BN_new();
-    AssertNotNull(q);
-    AssertIntEQ(BN_set_word(q, 5), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0);
+    ExpectNotNull(q);
+    ExpectIntEQ(BN_set_word(q, 5), 1);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, q, NULL), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, NULL, NULL, g), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(NULL, p, q, g), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, g), 0);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, NULL), 0);
     /* Don't need q. */
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(p);
+        BN_free(g);
+    }
+    p = NULL;
+    g = NULL;
     /* Setting again will free the p and g. */
     wolfSSL_BN_free(q);
+    q = NULL;
     DH_free(dh);
+    dh = NULL;
 
     dh = wolfSSL_DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh);
 
     p = wolfSSL_BN_new();
-    AssertNotNull(p);
-    AssertIntEQ(BN_set_word(p, 11), 1);
+    ExpectNotNull(p);
+    ExpectIntEQ(BN_set_word(p, 11), 1);
     g = wolfSSL_BN_new();
-    AssertNotNull(g);
-    AssertIntEQ(BN_set_word(g, 2), 1);
+    ExpectNotNull(g);
+    ExpectIntEQ(BN_set_word(g, 2), 1);
     q = wolfSSL_BN_new();
-    AssertNotNull(q);
-    AssertIntEQ(BN_set_word(q, 5), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1);
+    ExpectNotNull(q);
+    ExpectIntEQ(BN_set_word(q, 5), 1);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, q, g), 1);
     /* p, q and g are now owned by dh - don't free. */
+    if (EXPECT_FAIL()) {
+        BN_free(p);
+        BN_free(q);
+        BN_free(g);
+    }
+    p = NULL;
+    q = NULL;
+    g = NULL;
 
     p = wolfSSL_BN_new();
-    AssertNotNull(p);
-    AssertIntEQ(BN_set_word(p, 11), 1);
+    ExpectNotNull(p);
+    ExpectIntEQ(BN_set_word(p, 11), 1);
     g = wolfSSL_BN_new();
-    AssertNotNull(g);
-    AssertIntEQ(BN_set_word(g, 2), 1);
+    ExpectNotNull(g);
+    ExpectIntEQ(BN_set_word(g, 2), 1);
     q = wolfSSL_BN_new();
-    AssertNotNull(q);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1);
+    ExpectNotNull(q);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, NULL), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(p);
+    }
+    p = NULL;
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, q, NULL), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(q);
+    }
+    q = NULL;
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, g), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(g);
+    }
+    g = NULL;
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, NULL, NULL, NULL), 1);
     /* p, q and g are now owned by dh - don't free. */
 
     DH_free(dh);
+    dh = NULL;
 
-    AssertIntEQ(DH_generate_key(NULL), 0);
-    AssertNotNull(dh = DH_new());
-    AssertIntEQ(DH_generate_key(dh), 0);
+    ExpectIntEQ(DH_generate_key(NULL), 0);
+    ExpectNotNull(dh = DH_new());
+    ExpectIntEQ(DH_generate_key(dh), 0);
     p = wolfSSL_BN_new();
-    AssertNotNull(p);
-    AssertIntEQ(BN_set_word(p, 0), 1);
+    ExpectNotNull(p);
+    ExpectIntEQ(BN_set_word(p, 0), 1);
     g = wolfSSL_BN_new();
-    AssertNotNull(g);
-    AssertIntEQ(BN_set_word(g, 2), 1);
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
-    AssertIntEQ(DH_generate_key(dh), 0);
+    ExpectNotNull(g);
+    ExpectIntEQ(BN_set_word(g, 2), 1);
+    ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+    if (EXPECT_FAIL()) {
+        BN_free(p);
+        BN_free(g);
+    }
+    p = NULL;
+    g = NULL;
+    ExpectIntEQ(DH_generate_key(dh), 0);
     DH_free(dh);
+    dh = NULL;
 #endif
 #endif
 
     /* Test DH_up_ref() */
     dh = wolfSSL_DH_new();
-    AssertNotNull(dh);
-    AssertIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS);
+    ExpectNotNull(dh);
+    ExpectIntEQ(wolfSSL_DH_up_ref(NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_DH_up_ref(dh), WOLFSSL_SUCCESS);
     DH_free(dh); /* decrease ref count */
     DH_free(dh); /* free WOLFSSL_DH */
+    q = NULL;
 
-    AssertNull((dh = DH_new_by_nid(NID_sha1)));
+    ExpectNull((dh = DH_new_by_nid(NID_sha1)));
 #if (defined(HAVE_PUBLIC_FFDHE) || (defined(HAVE_FIPS) && \
     FIPS_VERSION_EQ(2,0))) || (!defined(HAVE_PUBLIC_FFDHE) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)))
 #ifdef HAVE_FFDHE_2048
-    AssertNotNull((dh = DH_new_by_nid(NID_ffdhe2048)));
+    ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe2048)));
     DH_free(dh);
+    q = NULL;
 #endif
 #ifdef HAVE_FFDHE_3072
-    AssertNotNull((dh = DH_new_by_nid(NID_ffdhe3072)));
+    ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe3072)));
     DH_free(dh);
+    q = NULL;
 #endif
 #ifdef HAVE_FFDHE_4096
-    AssertNotNull((dh = DH_new_by_nid(NID_ffdhe4096)));
+    ExpectNotNull((dh = DH_new_by_nid(NID_ffdhe4096)));
     DH_free(dh);
+    q = NULL;
 #endif
 #else
-    AssertNull((dh = DH_new_by_nid(NID_ffdhe2048)));
+    ExpectNull((dh = DH_new_by_nid(NID_ffdhe2048)));
 #endif /* (HAVE_PUBLIC_FFDHE || (HAVE_FIPS && HAVE_FIPS_VERSION == 2)) ||
         * (!HAVE_PUBLIC_FFDHE && (!HAVE_FIPS || HAVE_FIPS_VERSION > 2))*/
 
-    AssertIntEQ(wolfSSL_DH_size(NULL), -1);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(wolfSSL_DH_size(NULL), -1);
 #endif /* OPENSSL_EXTRA && !NO_DH */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_dup(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
 #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) || defined(WOLFSSL_OPENSSH) || \
     defined(OPENSSL_EXTRA)
-    DH *dh;
-    DH *dhDup;
-    WOLFSSL_BIGNUM* p;
-    WOLFSSL_BIGNUM* g;
-
-    AssertNotNull(p = wolfSSL_BN_new());
-    AssertNotNull(g = wolfSSL_BN_new());
-    AssertIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS);
+    DH *dh = NULL;
+    DH *dhDup = NULL;
 
-    dhDup = wolfSSL_DH_dup(NULL);
-    AssertNull(dhDup);
+    ExpectNotNull(dh = wolfSSL_DH_new());
 
-    dh = wolfSSL_DH_new();
-    AssertNotNull(dh);
+    ExpectNull(dhDup = wolfSSL_DH_dup(NULL));
+    ExpectNull(dhDup = wolfSSL_DH_dup(dh));
 
-    dhDup = wolfSSL_DH_dup(dh);
-    AssertNull(dhDup);
 #if defined(OPENSSL_ALL) || \
     defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-    AssertIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
-    dhDup = wolfSSL_DH_dup(dh);
-    AssertNotNull(dhDup);
-    wolfSSL_DH_free(dhDup);
-#else
-    wolfSSL_BN_free(p);
-    wolfSSL_BN_free(g);
+    {
+        WOLFSSL_BIGNUM* p = NULL;
+        WOLFSSL_BIGNUM* g = NULL;
+
+        ExpectNotNull(p = wolfSSL_BN_new());
+        ExpectNotNull(g = wolfSSL_BN_new());
+        ExpectIntEQ(wolfSSL_BN_set_word(p, 11), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_BN_set_word(g, 2), WOLFSSL_SUCCESS);
+
+        ExpectIntEQ(wolfSSL_DH_set0_pqg(dh, p, NULL, g), 1);
+        if (EXPECT_FAIL()) {
+            wolfSSL_BN_free(p);
+            wolfSSL_BN_free(g);
+        }
+
+        ExpectNotNull(dhDup = wolfSSL_DH_dup(dh));
+        wolfSSL_DH_free(dhDup);
+    }
 #endif
 
     wolfSSL_DH_free(dh);
-    res = TEST_RES_CHECK(1);
 #endif
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_check(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_ALL
 #ifndef NO_DH
 #ifndef NO_BIO
 #ifndef NO_DSA
     byte buf[6000];
     char file[] = "./certs/dsaparams.pem";
-    XFILE f;
+    XFILE f = XBADFILE;
     int  bytes;
-    BIO* bio;
-    DSA* dsa;
+    BIO* bio = NULL;
+    DSA* dsa = NULL;
 #elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
     static const byte dh2048[] = {
         0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
@@ -59261,37 +58493,34 @@ static int test_wolfSSL_DH_check(void)
     const byte* params;
 #endif
     DH*  dh = NULL;
-    WOLFSSL_BIGNUM* p;
-    WOLFSSL_BIGNUM* g;
+    WOLFSSL_BIGNUM* p = NULL;
+    WOLFSSL_BIGNUM* g = NULL;
     WOLFSSL_BIGNUM* pTmp = NULL;
     WOLFSSL_BIGNUM* gTmp = NULL;
     int codes = -1;
 
 #ifndef NO_DSA
     /* Initialize DH */
-    f = XFOPEN(file, "rb");
-    AssertTrue((f != XBADFILE));
-    bytes = (int)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(file, "rb")) != XBADFILE);
+    ExpectIntGT(bytes = (int)XFREAD(buf, 1, sizeof(buf), f), 0);
+    if (f != XBADFILE)
+        XFCLOSE(f);
 
-    bio = BIO_new_mem_buf((void*)buf, bytes);
-    AssertNotNull(bio);
+    ExpectNotNull(bio = BIO_new_mem_buf((void*)buf, bytes));
 
-    dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL);
-    AssertNotNull(dsa);
+    ExpectNotNull(dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL));
 
-    dh = wolfSSL_DSA_dup_DH(dsa);
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_DSA_dup_DH(dsa));
+    ExpectNotNull(dh);
 
     BIO_free(bio);
     DSA_free(dsa);
 #elif !defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)
     params = dh2048;
-    dh = wolfSSL_d2i_DHparams(NULL, &params, (long)sizeof(dh2048));
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &params,
+        (long)sizeof(dh2048)));
 #else
-    dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048);
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_DH_new_by_nid(NID_ffdhe2048));
 #endif
 
     /* Test assumed to be valid dh.
@@ -59299,131 +58528,147 @@ static int test_wolfSSL_DH_check(void)
      * codes should be 0
      * Invalid codes = {DH_NOT_SUITABLE_GENERATOR, DH_CHECK_P_NOT_PRIME}
      */
-    AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
-    AssertIntEQ(codes, 0);
+    ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+    ExpectIntEQ(codes, 0);
 
     /* Test NULL dh: expected BAD_FUNC_ARG */
-    AssertIntEQ(wolfSSL_DH_check(NULL, &codes), 0);
+    ExpectIntEQ(wolfSSL_DH_check(NULL, &codes), 0);
 
     /* Break dh prime to test if codes = DH_CHECK_P_NOT_PRIME */
-    pTmp = dh->p;
-    dh->p  = NULL;
-    AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
-    AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
-    AssertIntEQ(codes, DH_CHECK_P_NOT_PRIME);
-    /* set dh->p back to normal so it wont fail on next tests */
-    dh->p = pTmp;
-    pTmp = NULL;
+    if (dh != NULL) {
+        pTmp = dh->p;
+        dh->p  = NULL;
+    }
+    ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+    ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+    ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
+    /* set dh->p back to normal so it won't fail on next tests */
+    if (dh != NULL) {
+        dh->p = pTmp;
+        pTmp = NULL;
+    }
 
     /* Break dh generator to test if codes = DH_NOT_SUITABLE_GENERATOR */
-    gTmp = dh->g;
-    dh->g = NULL;
-    AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
-    AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
-    AssertIntEQ(codes, DH_NOT_SUITABLE_GENERATOR);
-    dh->g = gTmp;
-    gTmp = NULL;
+    if (dh != NULL) {
+        gTmp = dh->g;
+        dh->g = NULL;
+    }
+    ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+    ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+    ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR);
+    if (dh != NULL) {
+        dh->g = gTmp;
+        gTmp = NULL;
+    }
 
     /* Cleanup */
     DH_free(dh);
+    dh = NULL;
 
     dh = DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh);
     /* Check empty DH. */
-    AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
-    AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
-    AssertIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME);
+    ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+    ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+    ExpectIntEQ(codes, DH_NOT_SUITABLE_GENERATOR | DH_CHECK_P_NOT_PRIME);
     /* Check non-prime valued p. */
-    AssertNotNull(p = BN_new());
-    AssertIntEQ(BN_set_word(p, 4), 1);
-    AssertNotNull(g = BN_new());
-    AssertIntEQ(BN_set_word(g, 2), 1);
-    AssertIntEQ(DH_set0_pqg(dh, p, NULL, g), 1);
-    AssertIntEQ(wolfSSL_DH_check(dh, &codes), 1);
-    AssertIntEQ(wolfSSL_DH_check(dh, NULL), 0);
-    AssertIntEQ(codes, DH_CHECK_P_NOT_PRIME);
+    ExpectNotNull(p = BN_new());
+    ExpectIntEQ(BN_set_word(p, 4), 1);
+    ExpectNotNull(g = BN_new());
+    ExpectIntEQ(BN_set_word(g, 2), 1);
+    ExpectIntEQ(DH_set0_pqg(dh, p, NULL, g), 1);
+    if (EXPECT_FAIL()) {
+        wolfSSL_BN_free(p);
+        wolfSSL_BN_free(g);
+    }
+    ExpectIntEQ(wolfSSL_DH_check(dh, &codes), 1);
+    ExpectIntEQ(wolfSSL_DH_check(dh, NULL), 0);
+    ExpectIntEQ(codes, DH_CHECK_P_NOT_PRIME);
     DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif /* !NO_DH  && !NO_DSA */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_prime(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DH)
-    WOLFSSL_BIGNUM* bn;
+    WOLFSSL_BIGNUM* bn = NULL;
 #if WOLFSSL_MAX_BN_BITS >= 768
-    WOLFSSL_BIGNUM* bn2;
+    WOLFSSL_BIGNUM* bn2 = NULL;
 #endif
 
     bn = wolfSSL_DH_768_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 768
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     bn2 = wolfSSL_DH_768_prime(bn);
-    AssertNotNull(bn2);
-    AssertTrue(bn == bn2);
+    ExpectNotNull(bn2);
+    ExpectTrue(bn == bn2);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
 
     bn = wolfSSL_DH_1024_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 1024
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
     bn = wolfSSL_DH_2048_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 2048
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
     bn = wolfSSL_DH_3072_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 3072
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
     bn = wolfSSL_DH_4096_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 4096
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
     bn = wolfSSL_DH_6144_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 6144
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
     bn = wolfSSL_DH_8192_prime(NULL);
 #if WOLFSSL_MAX_BN_BITS >= 8192
-    AssertNotNull(bn);
+    ExpectNotNull(bn);
     wolfSSL_BN_free(bn);
+    bn = NULL;
 #else
-    AssertNull(bn);
+    ExpectNull(bn);
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_1536_prime(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DH)
-    BIGNUM* bn;
+    BIGNUM* bn = NULL;
     unsigned char bits[200];
     int sz = 192; /* known binary size */
     const byte expected[] = {
@@ -59453,22 +58698,20 @@ static int test_wolfSSL_DH_1536_prime(void)
         0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
     };
 
-    bn = get_rfc3526_prime_1536(NULL);
-    AssertNotNull(bn);
-    AssertIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
-    AssertIntEQ(0, XMEMCMP(expected, bits, sz));
+    ExpectNotNull(bn = get_rfc3526_prime_1536(NULL));
+    ExpectIntEQ(sz, BN_bn2bin((const BIGNUM*)bn, bits));
+    ExpectIntEQ(0, XMEMCMP(expected, bits, sz));
 
     BN_free(bn);
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_get_2048_256(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_DH)
-    WOLFSSL_DH* dh;
+    WOLFSSL_DH* dh = NULL;
     const WOLFSSL_BIGNUM* pBn;
     const WOLFSSL_BIGNUM* gBn;
     const WOLFSSL_BIGNUM* qBn;
@@ -59528,51 +58771,52 @@ static int test_wolfSSL_DH_get_2048_256(void)
     int pSz;
     int qSz;
     int gSz;
-    byte* pReturned;
-    byte* qReturned;
-    byte* gReturned;
+    byte* pReturned = NULL;
+    byte* qReturned = NULL;
+    byte* gReturned = NULL;
 
-    AssertNotNull((dh = wolfSSL_DH_get_2048_256()));
+    ExpectNotNull((dh = wolfSSL_DH_get_2048_256()));
     wolfSSL_DH_get0_pqg(dh, &pBn, &qBn, &gBn);
 
-    AssertIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0);
-    AssertNotNull(pReturned = (byte*)XMALLOC(pSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0);
-    AssertIntEQ(pSz, sizeof(pExpected));
-    AssertIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0);
+    ExpectIntGT((pSz = wolfSSL_BN_num_bytes(pBn)), 0);
+    ExpectNotNull(pReturned = (byte*)XMALLOC(pSz, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntGT((pSz = wolfSSL_BN_bn2bin(pBn, pReturned)), 0);
+    ExpectIntEQ(pSz, sizeof(pExpected));
+    ExpectIntEQ(XMEMCMP(pExpected, pReturned, pSz), 0);
 
-    AssertIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0);
-    AssertNotNull(qReturned = (byte*)XMALLOC(qSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0);
-    AssertIntEQ(qSz, sizeof(qExpected));
-    AssertIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0);
+    ExpectIntGT((qSz = wolfSSL_BN_num_bytes(qBn)), 0);
+    ExpectNotNull(qReturned = (byte*)XMALLOC(qSz, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntGT((qSz = wolfSSL_BN_bn2bin(qBn, qReturned)), 0);
+    ExpectIntEQ(qSz, sizeof(qExpected));
+    ExpectIntEQ(XMEMCMP(qExpected, qReturned, qSz), 0);
 
-    AssertIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0);
-    AssertNotNull(gReturned = (byte*)XMALLOC(gSz, NULL, DYNAMIC_TYPE_TMP_BUFFER));
-    AssertIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0);
-    AssertIntEQ(gSz, sizeof(gExpected));
-    AssertIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0);
+    ExpectIntGT((gSz = wolfSSL_BN_num_bytes(gBn)), 0);
+    ExpectNotNull(gReturned = (byte*)XMALLOC(gSz, NULL,
+        DYNAMIC_TYPE_TMP_BUFFER));
+    ExpectIntGT((gSz = wolfSSL_BN_bn2bin(gBn, gReturned)), 0);
+    ExpectIntEQ(gSz, sizeof(gExpected));
+    ExpectIntEQ(XMEMCMP(gExpected, gReturned, gSz), 0);
 
     wolfSSL_DH_free(dh);
     XFREE(pReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(gReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     XFREE(qReturned, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_write_DHparams(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) && \
     !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
-    DH* dh;
-    BIO* bio;
-    XFILE fp;
+    DH* dh = NULL;
+    BIO* bio = NULL;
+    XFILE fp = XBADFILE;
     byte pem[2048];
-    int  pemSz;
+    int  pemSz = 0;
     const char expected[] =
         "-----BEGIN DH PARAMETERS-----\n"
         "MIIBCAKCAQEAsKEIBpwIE7pZBjy8MNX1AMFPRKfW70rGJScc6NKWUwpckd2iwpSE\n"
@@ -59590,60 +58834,70 @@ static int test_wolfSSL_PEM_write_DHparams(void)
         "MAA=\n"
         "-----END DH PARAMETERS-----\n";
 
-    AssertNotNull(fp = XFOPEN(dhParamFile, "rb"));
-    AssertIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
-    XFCLOSE(fp);
+    ExpectTrue((fp = XFOPEN(dhParamFile, "rb")) != XBADFILE);
+    ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
 
-    AssertNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_DHparams(NULL, NULL, NULL, NULL));
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
-    AssertIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)),
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+    ExpectIntEQ(BIO_write(bio, badPem, (int)sizeof(badPem)),
         (int)sizeof(badPem));
-    AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+    ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
-    AssertIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)),
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+    ExpectIntEQ(BIO_write(bio, emptySeqPem, (int)sizeof(emptySeqPem)),
         (int)sizeof(emptySeqPem));
-    AssertNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+    ExpectNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
-    AssertNotNull(bio = BIO_new(BIO_s_mem()));
-    AssertIntEQ(BIO_write(bio, pem, pemSz), pemSz);
-    AssertNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
+    ExpectNotNull(bio = BIO_new(BIO_s_mem()));
+    ExpectIntEQ(BIO_write(bio, pem, pemSz), pemSz);
+    ExpectNotNull(dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
-    AssertNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
-    AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
-    AssertIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
+    ExpectNotNull(fp = XFOPEN("./test-write-dhparams.pem", "wb"));
+    ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_SUCCESS);
+    ExpectIntEQ(PEM_write_DHparams(fp, NULL), WOLFSSL_FAILURE);
     DH_free(dh);
+    dh = NULL;
 
     dh = wolfSSL_DH_new();
-    AssertIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
-    XFCLOSE(fp);
+    ExpectIntEQ(PEM_write_DHparams(fp, dh), WOLFSSL_FAILURE);
+    if (fp != XBADFILE) {
+        XFCLOSE(fp);
+        fp = XBADFILE;
+    }
     wolfSSL_DH_free(dh);
+    dh = NULL;
 
     /* check results */
     XMEMSET(pem, 0, sizeof(pem));
-    AssertNotNull(fp = XFOPEN("./test-write-dhparams.pem", "rb"));
-    AssertIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
-    AssertIntEQ(XMEMCMP(pem, expected, pemSz), 0);
-    XFCLOSE(fp);
-
-    res = TEST_RES_CHECK(1);
+    ExpectTrue((fp = XFOPEN("./test-write-dhparams.pem", "rb")) != XBADFILE);
+    ExpectIntGT((pemSz = (int)XFREAD(pem, 1, sizeof(pem), fp)), 0);
+    ExpectIntEQ(XMEMCMP(pem, expected, pemSz), 0);
+    if (fp != XBADFILE)
+        XFCLOSE(fp);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_d2i_DHparams(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_ALL
 #if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    FILE* f = NULL;
+    XFILE f = XBADFILE;
     unsigned char buf[4096];
     const unsigned char* pt = buf;
 #ifdef HAVE_FFDHE_2048
@@ -59658,67 +58912,67 @@ static int test_wolfSSL_d2i_DHparams(void)
 
     /* Test 2048 bit parameters */
 #ifdef HAVE_FFDHE_2048
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        f = XFOPEN(params1, "rb");
-        AssertTrue(f != XBADFILE);
-        len = (long)XFREAD(buf, 1, sizeof(buf), f);
+    ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE) {
         XFCLOSE(f);
+        f = XBADFILE;
+    }
 
-        /* Valid case */
-        AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
-        AssertNotNull(dh->p);
-        AssertNotNull(dh->g);
-        AssertTrue(pt == buf);
-        AssertIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0);
-        AssertIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1);
-        AssertIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
+    /* Valid case */
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+    ExpectNotNull(dh->p);
+    ExpectNotNull(dh->g);
+    ExpectTrue(pt == buf);
+    ExpectIntEQ(DH_set_length(NULL, BN_num_bits(dh->p)), 0);
+    ExpectIntEQ(DH_set_length(dh, BN_num_bits(dh->p)), 1);
+    ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
 
-        /* Invalid cases */
-        AssertNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
-        AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
-        AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, 10));
+    /* Invalid cases */
+    ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
+    ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
+    ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, 10));
 
-        DH_free(dh);
+    DH_free(dh);
+    dh = NULL;
 
-        *buf = 0;
-        pt = buf;
-        res = TEST_RES_CHECK(1);
-    }
+    *buf = 0;
+    pt = buf;
 #endif /* HAVE_FFDHE_2048 */
 
     /* Test 3072 bit parameters */
 #ifdef HAVE_FFDHE_3072
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        f = XFOPEN(params2, "rb");
-        AssertTrue(f != XBADFILE);
-        len = (long)XFREAD(buf, 1, sizeof(buf), f);
+    ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE) {
         XFCLOSE(f);
+        f = XBADFILE;
+    }
 
-        /* Valid case */
-        AssertNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len));
-        AssertNotNull(dh->p);
-        AssertNotNull(dh->g);
-        AssertTrue(pt != buf);
-        AssertIntEQ(DH_generate_key(dh), 1);
+    /* Valid case */
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(&dh, &pt, len));
+    ExpectNotNull(dh->p);
+    ExpectNotNull(dh->g);
+    ExpectTrue(pt != buf);
+    ExpectIntEQ(DH_generate_key(dh), 1);
 
-        /* Invalid cases */
-        AssertNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
-        AssertNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
+    /* Invalid cases */
+    ExpectNull(wolfSSL_d2i_DHparams(NULL, NULL, len));
+    ExpectNull(wolfSSL_d2i_DHparams(NULL, &pt, -1));
 
-        DH_free(dh);
-        res = TEST_RES_CHECK(1);
-    }
+    DH_free(dh);
+    dh = NULL;
 #endif /* HAVE_FFDHE_3072 */
 
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* !NO_DH */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_DH_LoadDer(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) && \
     defined(OPENSSL_EXTRA)
     static const byte dh2048[] = {
@@ -59757,31 +59011,28 @@ static int test_wolfSSL_DH_LoadDer(void)
         0xfa, 0xc8, 0xe2, 0x1e, 0x7e, 0xaf, 0x00, 0x3f,
         0x93, 0x02, 0x01, 0x02
     };
-    WOLFSSL_DH* dh;
+    WOLFSSL_DH* dh = NULL;
 
-    dh = wolfSSL_DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh = wolfSSL_DH_new());
 
-    AssertIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1);
-    AssertIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1);
-    AssertIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1);
+    ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, NULL, 0), -1);
+    ExpectIntEQ(wolfSSL_DH_LoadDer(dh, NULL, 0), -1);
+    ExpectIntEQ(wolfSSL_DH_LoadDer(NULL, dh2048, sizeof(dh2048)), -1);
 
-    AssertIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1);
+    ExpectIntEQ(wolfSSL_DH_LoadDer(dh, dh2048, sizeof(dh2048)), 1);
 
     wolfSSL_DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_i2d_DHparams(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_ALL
 #if !defined(NO_DH) && (defined(HAVE_FFDHE_2048) || defined(HAVE_FFDHE_3072))
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
-    FILE* f;
+    XFILE f = XBADFILE;
     unsigned char buf[4096];
     const unsigned char* pt;
     unsigned char* pt2;
@@ -59792,29 +59043,31 @@ static int test_wolfSSL_i2d_DHparams(void)
     const char* params2 = "./certs/dh3072.der";
 #endif
     long len;
-    WOLFSSL_DH* dh;
+    WOLFSSL_DH* dh = NULL;
 
     /* Test 2048 bit parameters */
 #ifdef HAVE_FFDHE_2048
     pt = buf;
     pt2 = buf;
 
-    f = XFOPEN(params1, "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
     /* Valid case */
-    AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
-    AssertTrue(pt == buf);
-    AssertIntEQ(DH_generate_key(dh), 1);
-    AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268);
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+    ExpectTrue(pt == buf);
+    ExpectIntEQ(DH_generate_key(dh), 1);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 268);
 
     /* Invalid case */
-    AssertIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
 
     /* Return length only */
-    AssertIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 268);
 
     DH_free(dh);
 
@@ -59826,37 +59079,37 @@ static int test_wolfSSL_i2d_DHparams(void)
     pt = buf;
     pt2 = buf;
 
-    f = XFOPEN(params2, "rb");
-    AssertTrue(f != XBADFILE);
-    len = (long)XFREAD(buf, 1, sizeof(buf), f);
-    XFCLOSE(f);
+    ExpectTrue((f = XFOPEN(params2, "rb")) != XBADFILE);
+    ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
+    if (f != XBADFILE) {
+        XFCLOSE(f);
+        f = XBADFILE;
+    }
 
     /* Valid case */
-    AssertNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
-    AssertTrue(pt == buf);
-    AssertIntEQ(DH_generate_key(dh), 1);
-    AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396);
+    ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
+    ExpectTrue(pt == buf);
+    ExpectIntEQ(DH_generate_key(dh), 1);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 396);
 
     /* Invalid case */
-    AssertIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(NULL, &pt2), 0);
 
     /* Return length only */
-    AssertIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(dh, NULL), 396);
 
     DH_free(dh);
 #endif
 
     dh = DH_new();
-    AssertNotNull(dh);
+    ExpectNotNull(dh);
     pt2 = buf;
-    AssertIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0);
+    ExpectIntEQ(wolfSSL_i2d_DHparams(dh, &pt2), 0);
     DH_free(dh);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* !NO_DH && (HAVE_FFDHE_2048 || HAVE_FFDHE_3072) */
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_ECC) && !defined(OPENSSL_NO_PK)
@@ -59867,15 +59120,15 @@ static int test_wolfSSL_i2d_DHparams(void)
 
 static int test_wolfSSL_EC_GROUP(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_EXTRA
-    EC_GROUP *group;
-    EC_GROUP *group2;
-    EC_GROUP *group3;
+    EC_GROUP *group = NULL;
+    EC_GROUP *group2 = NULL;
+    EC_GROUP *group3 = NULL;
 #ifndef HAVE_ECC_BRAINPOOL
-    EC_GROUP *group4;
+    EC_GROUP *group4 = NULL;
 #endif
-    WOLFSSL_BIGNUM* order;
+    WOLFSSL_BIGNUM* order = NULL;
     int group_bits;
     int i;
     static const int knownEccNids[] = {
@@ -59939,45 +59192,45 @@ static int test_wolfSSL_EC_GROUP(void)
     };
     int knowEccEnumsLen = (int)(sizeof(knownEccEnums) / sizeof(*knownEccEnums));
 
-    AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertNotNull(group2 = EC_GROUP_dup(group));
-    AssertNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1));
+    ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(group2 = EC_GROUP_dup(group));
+    ExpectNotNull(group3 = wolfSSL_EC_GROUP_new_by_curve_name(NID_secp384r1));
 #ifndef HAVE_ECC_BRAINPOOL
-    AssertNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name(
+    ExpectNotNull(group4 = wolfSSL_EC_GROUP_new_by_curve_name(
         NID_brainpoolP256r1));
 #endif
 
-    AssertNull(EC_GROUP_dup(NULL));
+    ExpectNull(EC_GROUP_dup(NULL));
 
-    AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0);
-    AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
 
-    AssertIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0);
-    AssertIntEQ((group_bits = EC_GROUP_order_bits(group)), 256);
+    ExpectIntEQ((group_bits = EC_GROUP_order_bits(NULL)), 0);
+    ExpectIntEQ((group_bits = EC_GROUP_order_bits(group)), 256);
 #ifndef HAVE_ECC_BRAINPOOL
-    AssertIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0);
+    ExpectIntEQ((group_bits = EC_GROUP_order_bits(group4)), 0);
 #endif
 
-    AssertIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0);
-    AssertIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_degree(group), 256);
 
-    AssertNotNull(order = BN_new());
-    AssertIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1);
+    ExpectNotNull(order = BN_new());
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_order(NULL, order, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_GROUP_get_order(group, order, NULL), 1);
     wolfSSL_BN_free(order);
 
-    AssertNotNull(EC_GROUP_method_of(group));
+    ExpectNotNull(EC_GROUP_method_of(group));
 
-    AssertIntEQ(EC_METHOD_get_field_type(NULL), 0);
-    AssertIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)),
+    ExpectIntEQ(EC_METHOD_get_field_type(NULL), 0);
+    ExpectIntEQ(EC_METHOD_get_field_type(EC_GROUP_method_of(group)),
         NID_X9_62_prime_field);
 
-    AssertIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1);
-    AssertIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1);
-    AssertIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1);
-    AssertIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1);
+    ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, NULL, NULL), -1);
+    ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, NULL, NULL), -1);
+    ExpectIntEQ(wolfSSL_EC_GROUP_cmp(NULL, group, NULL), -1);
+    ExpectIntEQ(wolfSSL_EC_GROUP_cmp(group, group3, NULL), 1);
 
 #ifndef NO_WOLFSSL_STUB
     wolfSSL_EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
@@ -59991,30 +59244,30 @@ static int test_wolfSSL_EC_GROUP(void)
     EC_GROUP_free(group);
 
     for (i = 0; i < knowEccNidsLen; i++) {
-        AssertNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i]));
-        AssertIntGT(wolfSSL_EC_GROUP_get_degree(group), 0);
+        group = NULL;
+        ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccNids[i]));
+        ExpectIntGT(wolfSSL_EC_GROUP_get_degree(group), 0);
         EC_GROUP_free(group);
     }
     for (i = 0; i < knowEccEnumsLen; i++) {
-        AssertNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i]));
-        AssertIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]);
+        group = NULL;
+        ExpectNotNull(group = EC_GROUP_new_by_curve_name(knownEccEnums[i]));
+        ExpectIntEQ(wolfSSL_EC_GROUP_get_curve_name(group), knownEccNids[i]);
         EC_GROUP_free(group);
     }
-
-    res = TEST_RES_CHECK(1);
 #endif
-   return res;
+   return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_PEM_read_bio_ECPKParameters(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
-    EC_GROUP *group;
-    BIO* bio;
+    EC_GROUP *group = NULL;
+    BIO* bio = NULL;
 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
     ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
-    EC_GROUP *ret;
+    EC_GROUP *ret = NULL;
     static char ec_nc_p384[] = "-----BEGIN EC PARAMETERS-----\n"
                                "BgUrgQQAIg==\n"
                                "-----END EC PARAMETERS-----";
@@ -60033,89 +59286,96 @@ static int test_wolfSSL_PEM_read_bio_ECPKParameters(void)
                                 "-----END EC PARAMETERS-----";
 
     /* Test that first parameter, bio, being NULL fails. */
-    AssertNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_ECPKParameters(NULL, NULL, NULL, NULL));
 
     /* Test that reading named parameters works. */
-    AssertNotNull(bio = BIO_new(BIO_s_file()));
-    AssertIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS);
-    AssertNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
-    AssertIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
+    ExpectNotNull(bio = BIO_new(BIO_s_file()));
+    ExpectIntEQ(BIO_read_filename(bio, eccKeyFile), WOLFSSL_SUCCESS);
+    ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+    ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_X9_62_prime256v1);
     BIO_free(bio);
+    bio = NULL;
+    EC_GROUP_free(group);
+    group = NULL;
 
 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && \
     ECC_MIN_KEY_SZ <= 384 && !defined(NO_ECC_SECP)
     /* Test that reusing group works. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
         sizeof(ec_nc_p384)));
-    AssertNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
-    AssertIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
+    ExpectNotNull(group = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
+    ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
     BIO_free(bio);
+    bio = NULL;
     EC_GROUP_free(group);
     group = NULL;
 
     /* Test that returning through group works. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_p384,
         sizeof(ec_nc_p384)));
-    AssertNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
-    AssertIntEQ(group == ret, 1);
-    AssertIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
+    ExpectNotNull(ret = PEM_read_bio_ECPKParameters(bio, &group, NULL, NULL));
+    ExpectIntEQ(group == ret, 1);
+    ExpectIntEQ(EC_GROUP_get_curve_name(group), NID_secp384r1);
     BIO_free(bio);
-#endif
+    bio = NULL;
     EC_GROUP_free(group);
+    group = NULL;
+#endif
 
     /* Test 0x30, 0x00 (not and object id) fails. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_1,
         sizeof(ec_nc_bad_1)));
-    AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
     /* Test 0x06, 0x00 (empty object id) fails. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_2,
         sizeof(ec_nc_bad_2)));
-    AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
     /* Test 0x06, 0x01 (badly formed object id) fails. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_3,
         sizeof(ec_nc_bad_3)));
-    AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
     BIO_free(bio);
+    bio = NULL;
 
     /* Test invalid PEM encoding - invalid character. */
-    AssertNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4,
+    ExpectNotNull(bio = BIO_new_mem_buf((unsigned char*)ec_nc_bad_4,
         sizeof(ec_nc_bad_4)));
-    AssertNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
+    ExpectNull(PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL));
     BIO_free(bio);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_POINT(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(WOLFSSL_SP_MATH) && \
   (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)))
 
 #ifdef OPENSSL_EXTRA
-    BN_CTX* ctx;
-    EC_GROUP* group;
+    BN_CTX* ctx = NULL;
+    EC_GROUP* group = NULL;
 #ifndef HAVE_ECC_BRAINPOOL
-    EC_GROUP* group2;
+    EC_GROUP* group2 = NULL;
 #endif
-    EC_POINT* Gxy;
-    EC_POINT* new_point;
-    EC_POINT* set_point;
-    EC_POINT* infinity;
+    EC_POINT* Gxy = NULL;
+    EC_POINT* new_point = NULL;
+    EC_POINT* set_point = NULL;
+    EC_POINT* infinity = NULL;
     BIGNUM* k = NULL;
     BIGNUM* Gx = NULL;
     BIGNUM* Gy = NULL;
     BIGNUM* Gz = NULL;
-    BIGNUM* X;
-    BIGNUM* Y;
-    BIGNUM* set_point_bn;
-    char* hexStr;
+    BIGNUM* X = NULL;
+    BIGNUM* Y = NULL;
+    BIGNUM* set_point_bn = NULL;
+    char* hexStr = NULL;
 
     const char* kTest = "F4F8338AFCC562C5C3F3E1E46A7EFECD"
                         "17AF381913FF7A96314EA47055EA0FD0";
@@ -60126,9 +59386,9 @@ static int test_wolfSSL_EC_POINT(void)
                         "2BCE33576B315ECECBB6406837BF51F5";
 
 #ifndef HAVE_SELFTEST
-    EC_POINT *tmp;
+    EC_POINT *tmp = NULL;
     size_t bin_len;
-    unsigned int blen;
+    unsigned int blen = 0;
     unsigned char* buf = NULL;
     unsigned char bufInf[1] = { 0x00 };
 
@@ -60164,175 +59424,196 @@ static int test_wolfSSL_EC_POINT(void)
 #endif
 #endif
 
-    AssertNotNull(ctx = BN_CTX_new());
-    AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(ctx = BN_CTX_new());
+    ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
 #ifndef HAVE_ECC_BRAINPOOL
     /* Used to make groups curve_idx == -1. */
-    AssertNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1));
+    ExpectNotNull(group2 = EC_GROUP_new_by_curve_name(NID_brainpoolP256r1));
 #endif
 
-    AssertNull(EC_POINT_new(NULL));
-    AssertNotNull(Gxy = EC_POINT_new(group));
-    AssertNotNull(new_point = EC_POINT_new(group));
-    AssertNotNull(set_point = EC_POINT_new(group));
-    AssertNotNull(X = BN_new());
-    AssertNotNull(Y = BN_new());
-    AssertNotNull(set_point_bn = BN_new());
+    ExpectNull(EC_POINT_new(NULL));
+    ExpectNotNull(Gxy = EC_POINT_new(group));
+    ExpectNotNull(new_point = EC_POINT_new(group));
+    ExpectNotNull(set_point = EC_POINT_new(group));
+    ExpectNotNull(X = BN_new());
+    ExpectNotNull(Y = BN_new());
+    ExpectNotNull(set_point_bn = BN_new());
 
-    AssertNotNull(infinity = EC_POINT_new(group));
+    ExpectNotNull(infinity = EC_POINT_new(group));
 
     /* load test values */
-    AssertIntEQ(BN_hex2bn(&k,  kTest), WOLFSSL_SUCCESS);
-    AssertIntEQ(BN_hex2bn(&Gx, kGx),   WOLFSSL_SUCCESS);
-    AssertIntEQ(BN_hex2bn(&Gy, kGy),   WOLFSSL_SUCCESS);
-    AssertIntEQ(BN_hex2bn(&Gz, "1"),   WOLFSSL_SUCCESS);
+    ExpectIntEQ(BN_hex2bn(&k,  kTest), WOLFSSL_SUCCESS);
+    ExpectIntEQ(BN_hex2bn(&Gx, kGx),   WOLFSSL_SUCCESS);
+    ExpectIntEQ(BN_hex2bn(&Gy, kGy),   WOLFSSL_SUCCESS);
+    ExpectIntEQ(BN_hex2bn(&Gz, "1"),   WOLFSSL_SUCCESS);
 
     /* populate coordinates for input point */
-    Gxy->X = Gx;
-    Gxy->Y = Gy;
-    Gxy->Z = Gz;
+    if (Gxy != NULL) {
+        Gxy->X = Gx;
+        Gxy->Y = Gy;
+        Gxy->Z = Gz;
+    }
 
     /* Test handling of NULL point. */
     EC_POINT_clear_free(NULL);
 
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
         NULL, NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
         NULL, NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
         NULL, NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
         X, NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, NULL,
         NULL, Y, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(NULL, Gxy,
         X, Y, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, NULL,
         X, Y, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
         NULL, Y, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, Gxy,
         X, NULL, ctx), 0);
     /* Getting point at infinity returns an error. */
-    AssertIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity,
+    ExpectIntEQ(wolfSSL_EC_POINT_get_affine_coordinates_GFp(group, infinity,
         X, Y, ctx), 0);
 
 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
     !defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
     !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-    AssertIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0);
-    AssertIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0);
-    AssertIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0);
-    AssertIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0);
-    AssertIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0);
-
-    AssertIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0);
-    AssertIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0);
-    AssertIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0);
-
-    AssertIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1);
+    ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(group, NULL, NULL, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(NULL, new_point, NULL, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(NULL, NULL, new_point, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(NULL, NULL, NULL, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(NULL, new_point, new_point, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(group, NULL, new_point, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(group, new_point, NULL, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_add(group, new_point, new_point, NULL, ctx), 0);
+
+    ExpectIntEQ(EC_POINT_mul(NULL, NULL, Gx, Gxy, k, ctx), 0);
+    ExpectIntEQ(EC_POINT_mul(NULL, new_point, Gx, Gxy, k, ctx), 0);
+    ExpectIntEQ(EC_POINT_mul(group, NULL, Gx, Gxy, k, ctx), 0);
+
+    ExpectIntEQ(EC_POINT_add(group, new_point, new_point, Gxy, ctx), 1);
     /* perform point multiplication */
-    AssertIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1);
-    AssertIntEQ(BN_is_zero(new_point->X), 0);
-    AssertIntEQ(BN_is_zero(new_point->Y), 0);
-    AssertIntEQ(BN_is_zero(new_point->Z), 0);
-    AssertIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1);
-    AssertIntEQ(BN_is_zero(new_point->X), 0);
-    AssertIntEQ(BN_is_zero(new_point->Y), 0);
-    AssertIntEQ(BN_is_zero(new_point->Z), 0);
-    AssertIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1);
-    AssertIntEQ(BN_is_zero(new_point->X), 0);
-    AssertIntEQ(BN_is_zero(new_point->Y), 0);
-    AssertIntEQ(BN_is_zero(new_point->Z), 0);
-    AssertIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1);
-    AssertIntEQ(BN_is_zero(new_point->X), 1);
-    AssertIntEQ(BN_is_zero(new_point->Y), 1);
-    AssertIntEQ(BN_is_zero(new_point->Z), 1);
+    ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, Gxy, k, ctx), 1);
+    ExpectIntEQ(BN_is_zero(new_point->X), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+    ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, Gxy, k, ctx), 1);
+    ExpectIntEQ(BN_is_zero(new_point->X), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+    ExpectIntEQ(EC_POINT_mul(group, new_point, Gx, NULL, NULL, ctx), 1);
+    ExpectIntEQ(BN_is_zero(new_point->X), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 0);
+    ExpectIntEQ(EC_POINT_mul(group, new_point, NULL, NULL, NULL, ctx), 1);
+    ExpectIntEQ(BN_is_zero(new_point->X), 1);
+    ExpectIntEQ(BN_is_zero(new_point->Y), 1);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 1);
     /* Set point to something. */
-    AssertIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1);
+    ExpectIntEQ(EC_POINT_add(group, new_point, Gxy, Gxy, ctx), 1);
 #else
-    AssertIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy,
+    ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, new_point, Gx, Gy,
         ctx), 1);
-    AssertIntEQ(BN_is_zero(new_point->X), 0);
-    AssertIntEQ(BN_is_zero(new_point->Y), 0);
-    AssertIntEQ(BN_is_zero(new_point->Z), 0);
+    ExpectIntEQ(BN_is_zero(new_point->X), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Y), 0);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 0);
 #endif
 
     /* check if point X coordinate is zero */
-    AssertIntEQ(BN_is_zero(new_point->X), 0);
+    ExpectIntEQ(BN_is_zero(new_point->X), 0);
 
 #if defined(USE_ECC_B_PARAM) && !defined(HAVE_SELFTEST) && \
     (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
-    AssertIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1);
+    ExpectIntEQ(EC_POINT_is_on_curve(group, new_point, ctx), 1);
 #endif
 
     /* extract the coordinates from point */
-    AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
+    ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
         ctx), WOLFSSL_SUCCESS);
 
     /* check if point X coordinate is zero */
-    AssertIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
+    ExpectIntEQ(BN_is_zero(X), WOLFSSL_FAILURE);
 
     /* set the same X and Y points in another object */
-    AssertIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y,
+    ExpectIntEQ(EC_POINT_set_affine_coordinates_GFp(group, set_point, X, Y,
         ctx), WOLFSSL_SUCCESS);
 
     /* compare points as they should be the same */
-    AssertIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1);
-    AssertIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0);
+    ExpectIntEQ(EC_POINT_cmp(NULL, NULL, NULL, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(group, NULL, NULL, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(NULL, new_point, NULL, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(NULL, NULL, set_point, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(NULL, new_point, set_point, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(group, NULL, set_point, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(group, new_point, NULL, ctx), -1);
+    ExpectIntEQ(EC_POINT_cmp(group, new_point, set_point, ctx), 0);
 
     /* Test copying */
-    AssertIntEQ(EC_POINT_copy(NULL, NULL), 0);
-    AssertIntEQ(EC_POINT_copy(NULL, set_point), 0);
-    AssertIntEQ(EC_POINT_copy(new_point, NULL), 0);
-    AssertIntEQ(EC_POINT_copy(new_point, set_point), 1);
+    ExpectIntEQ(EC_POINT_copy(NULL, NULL), 0);
+    ExpectIntEQ(EC_POINT_copy(NULL, set_point), 0);
+    ExpectIntEQ(EC_POINT_copy(new_point, NULL), 0);
+    ExpectIntEQ(EC_POINT_copy(new_point, set_point), 1);
 
     /* Test inverting */
-    AssertIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0);
-    AssertIntEQ(EC_POINT_invert(group, NULL, ctx), 0);
-    AssertIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
+    ExpectIntEQ(EC_POINT_invert(NULL, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_invert(NULL, new_point, ctx), 0);
+    ExpectIntEQ(EC_POINT_invert(group, NULL, ctx), 0);
+    ExpectIntEQ(EC_POINT_invert(group, new_point, ctx), 1);
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+    !defined(HAVE_SELFTEST) && !defined(WOLFSSL_SP_MATH) && \
+    !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+    {
+        EC_POINT* orig_point = NULL;
+        ExpectNotNull(orig_point = EC_POINT_new(group));
+        ExpectIntEQ(EC_POINT_add(group, orig_point, set_point, set_point, NULL),
+                    1);
+        /* new_point should be set_point inverted so adding it will revert
+         * the point back to set_point */
+        ExpectIntEQ(EC_POINT_add(group, orig_point, orig_point, new_point,
+                                 NULL), 1);
+        ExpectIntEQ(EC_POINT_cmp(group, orig_point, set_point, NULL), 0);
+        EC_POINT_free(orig_point);
+    }
+#endif
 
     /* Test getting affine converts from projective. */
-    AssertIntEQ(EC_POINT_copy(set_point, new_point), 1);
+    ExpectIntEQ(EC_POINT_copy(set_point, new_point), 1);
     /* Force non-affine coordinates */
-    AssertIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
+    ExpectIntEQ(BN_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
         (WOLFSSL_BIGNUM*)BN_value_one()), 1);
-    new_point->inSet = 0;
+    if (new_point != NULL) {
+        new_point->inSet = 0;
+    }
     /* extract the coordinates from point */
-    AssertIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
+    ExpectIntEQ(EC_POINT_get_affine_coordinates_GFp(group, new_point, X, Y,
         ctx), WOLFSSL_SUCCESS);
     /* check if point ordinates have changed. */
-    AssertIntNE(BN_cmp(X, set_point->X), 0);
-    AssertIntNE(BN_cmp(Y, set_point->Y), 0);
+    ExpectIntNE(BN_cmp(X, set_point->X), 0);
+    ExpectIntNE(BN_cmp(Y, set_point->Y), 0);
 
     /* Test check for infinity */
 #ifndef WOLF_CRYPTO_CB_ONLY_ECC
-    AssertIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0);
-    AssertIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0);
-    AssertIntEQ(EC_POINT_is_at_infinity(group, NULL), 0);
-    AssertIntEQ(EC_POINT_is_at_infinity(group, infinity), 1);
-    AssertIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0);
+    ExpectIntEQ(EC_POINT_is_at_infinity(NULL, NULL), 0);
+    ExpectIntEQ(EC_POINT_is_at_infinity(NULL, infinity), 0);
+    ExpectIntEQ(EC_POINT_is_at_infinity(group, NULL), 0);
+    ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 1);
+    ExpectIntEQ(EC_POINT_is_at_infinity(group, Gxy), 0);
 #else
-    AssertIntEQ(EC_POINT_is_at_infinity(group, infinity), 0);
+    ExpectIntEQ(EC_POINT_is_at_infinity(group, infinity), 0);
 #endif
 
-    AssertPtrEq(EC_POINT_point2bn(group, set_point,
+    ExpectPtrEq(EC_POINT_point2bn(group, set_point,
         POINT_CONVERSION_UNCOMPRESSED, set_point_bn, ctx), set_point_bn);
 
     /* check bn2hex */
     hexStr = BN_bn2hex(k);
-    AssertStrEQ(hexStr, kTest);
+    ExpectStrEQ(hexStr, kTest);
 #if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
     BN_print_fp(stderr, k);
     fprintf(stderr, "\n");
@@ -60340,7 +59621,7 @@ static int test_wolfSSL_EC_POINT(void)
     XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
 
     hexStr = BN_bn2hex(Gx);
-    AssertStrEQ(hexStr, kGx);
+    ExpectStrEQ(hexStr, kGx);
 #if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
     BN_print_fp(stderr, Gx);
     fprintf(stderr, "\n");
@@ -60348,7 +59629,7 @@ static int test_wolfSSL_EC_POINT(void)
     XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
 
     hexStr = BN_bn2hex(Gy);
-    AssertStrEQ(hexStr, kGy);
+    ExpectStrEQ(hexStr, kGy);
 #if !defined(NO_FILESYSTEM) && defined(XFPRINTF)
     BN_print_fp(stderr, Gy);
     fprintf(stderr, "\n");
@@ -60357,164 +59638,171 @@ static int test_wolfSSL_EC_POINT(void)
 
 #ifndef HAVE_SELFTEST
     /* Test point to hex */
-    AssertNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectNull(EC_POINT_point2hex(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
         ctx));
-    AssertNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectNull(EC_POINT_point2hex(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
         ctx));
-    AssertNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectNull(EC_POINT_point2hex(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
         ctx));
 #ifndef HAVE_ECC_BRAINPOOL
     /* Group not supported in wolfCrypt. */
-    AssertNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectNull(EC_POINT_point2hex(group2, Gxy, POINT_CONVERSION_UNCOMPRESSED,
         ctx));
 #endif
 
     hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_UNCOMPRESSED, ctx);
-    AssertStrEQ(hexStr, uncompG);
+    ExpectNotNull(hexStr);
+    ExpectStrEQ(hexStr, uncompG);
     XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
 
     hexStr = EC_POINT_point2hex(group, Gxy, POINT_CONVERSION_COMPRESSED, ctx);
-    AssertStrEQ(hexStr, compG);
+    ExpectNotNull(hexStr);
+    ExpectStrEQ(hexStr, compG);
     XFREE(hexStr, NULL, DYNAMIC_TYPE_ECC);
 
     /* Test point to oct */
-    AssertIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectIntEQ(EC_POINT_point2oct(NULL, NULL, POINT_CONVERSION_UNCOMPRESSED,
         NULL, 0, ctx), 0);
-    AssertIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectIntEQ(EC_POINT_point2oct(NULL, Gxy, POINT_CONVERSION_UNCOMPRESSED,
         NULL, 0, ctx), 0);
-    AssertIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectIntEQ(EC_POINT_point2oct(group, NULL, POINT_CONVERSION_UNCOMPRESSED,
         NULL, 0, ctx), 0);
     bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
         NULL, 0, ctx);
-    AssertIntEQ(bin_len, sizeof(binUncompG));
-    AssertNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
+    ExpectIntEQ(bin_len, sizeof(binUncompG));
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
          DYNAMIC_TYPE_ECC));
-    AssertIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
+    ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_UNCOMPRESSED,
         buf, bin_len, ctx), bin_len);
-    AssertIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
+    ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
     XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
 
     /* Infinity (x=0, y=0) encodes as '0x00'. */
-    AssertIntEQ(EC_POINT_point2oct(group, infinity,
+    ExpectIntEQ(EC_POINT_point2oct(group, infinity,
         POINT_CONVERSION_UNCOMPRESSED, NULL, 0, ctx), 1);
-    AssertIntEQ(EC_POINT_point2oct(group, infinity,
+    ExpectIntEQ(EC_POINT_point2oct(group, infinity,
         POINT_CONVERSION_UNCOMPRESSED, bufInf, 0, ctx), 0);
-    AssertIntEQ(EC_POINT_point2oct(group, infinity,
+    ExpectIntEQ(EC_POINT_point2oct(group, infinity,
         POINT_CONVERSION_UNCOMPRESSED, bufInf, 1, ctx), 1);
-    AssertIntEQ(bufInf[0], 0);
+    ExpectIntEQ(bufInf[0], 0);
 
     wolfSSL_EC_POINT_dump(NULL, NULL);
     /* Test point i2d */
-    AssertIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0);
-    AssertIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0);
-    AssertIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0);
-    AssertIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0);
-    AssertIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1);
-    AssertIntEQ(blen, sizeof(binUncompG));
-    AssertNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC));
+    ExpectIntEQ(ECPoint_i2d(NULL, NULL, NULL, &blen), 0);
+    ExpectIntEQ(ECPoint_i2d(NULL, Gxy, NULL, &blen), 0);
+    ExpectIntEQ(ECPoint_i2d(group, NULL, NULL, &blen), 0);
+    ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, NULL), 0);
+    ExpectIntEQ(ECPoint_i2d(group, Gxy, NULL, &blen), 1);
+    ExpectIntEQ(blen, sizeof(binUncompG));
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(blen, NULL, DYNAMIC_TYPE_ECC));
     blen -= 1;
-    AssertIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0);
+    ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 0);
     blen += 1;
-    AssertIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1);
-    AssertIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
+    ExpectIntEQ(ECPoint_i2d(group, Gxy, buf, &blen), 1);
+    ExpectIntEQ(XMEMCMP(buf, binUncompG, sizeof(binUncompG)), 0);
     XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
 
 #ifdef HAVE_COMP_KEY
     /* Test point to oct compressed */
     bin_len = EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, NULL,
         0, ctx);
-    AssertIntEQ(bin_len, sizeof(binCompG));
-    AssertNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
+    ExpectIntEQ(bin_len, sizeof(binCompG));
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(bin_len, NULL,
         DYNAMIC_TYPE_ECC));
-    AssertIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf,
+    ExpectIntEQ(EC_POINT_point2oct(group, Gxy, POINT_CONVERSION_COMPRESSED, buf,
         bin_len, ctx), bin_len);
-    AssertIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0);
+    ExpectIntEQ(XMEMCMP(buf, binCompG, sizeof(binCompG)), 0);
     XFREE(buf, NULL, DYNAMIC_TYPE_ECC);
 #endif
 
     /* Test point BN */
-    AssertNull(wolfSSL_EC_POINT_point2bn(NULL, NULL,
+    ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, NULL,
         POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
-    AssertNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy,
+    ExpectNull(wolfSSL_EC_POINT_point2bn(NULL, Gxy,
         POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
-    AssertNull(wolfSSL_EC_POINT_point2bn(group, NULL,
+    ExpectNull(wolfSSL_EC_POINT_point2bn(group, NULL,
         POINT_CONVERSION_UNCOMPRESSED, NULL, ctx));
-    AssertNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx));
+    ExpectNull(wolfSSL_EC_POINT_point2bn(group, Gxy, 0, NULL, ctx));
 
     /* Test oct to point */
-    AssertNotNull(tmp = EC_POINT_new(group));
-    AssertIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG),
+    ExpectNotNull(tmp = EC_POINT_new(group));
+    ExpectIntEQ(EC_POINT_oct2point(NULL, NULL, binUncompG, sizeof(binUncompG),
         ctx), 0);
-    AssertIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG),
+    ExpectIntEQ(EC_POINT_oct2point(NULL, tmp, binUncompG, sizeof(binUncompG),
         ctx), 0);
-    AssertIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG),
+    ExpectIntEQ(EC_POINT_oct2point(group, NULL, binUncompG, sizeof(binUncompG),
         ctx), 0);
-    AssertIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad,
+    ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompGBad,
         sizeof(binUncompGBad), ctx), 0);
-    AssertIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG),
+    ExpectIntEQ(EC_POINT_oct2point(group, tmp, binUncompG, sizeof(binUncompG),
         ctx), 1);
-    AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
     EC_POINT_free(tmp);
+    tmp = NULL;
 
     /* Test setting BN ordinates. */
-    AssertNotNull(tmp = EC_POINT_new(group));
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
+    ExpectNotNull(tmp = EC_POINT_new(group));
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
         NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, NULL,
         NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, NULL,
         NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, Gx,
         NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, NULL, NULL,
         Gy, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(NULL, tmp, Gx, Gy,
         ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, NULL, Gx, Gy,
         ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, NULL,
         Gy, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx,
         NULL, ctx), 0);
-    AssertIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy,
+    ExpectIntEQ(wolfSSL_EC_POINT_set_affine_coordinates_GFp(group, tmp, Gx, Gy,
         ctx), 1);
     EC_POINT_free(tmp);
+    tmp = NULL;
 
     /* Test point d2i */
-    AssertNotNull(tmp = EC_POINT_new(group));
-    AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0);
-    AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0);
-    AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0);
-    AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0);
-    AssertIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0);
-    AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0);
-    AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0);
-    AssertIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0);
-    AssertIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1);
-    AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+    ExpectNotNull(tmp = EC_POINT_new(group));
+    ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, NULL), 0);
+    ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, NULL), 0);
+    ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, NULL), 0);
+    ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), NULL, tmp), 0);
+    ExpectIntEQ(ECPoint_d2i(NULL, sizeof(binUncompG), group, tmp), 0);
+    ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), NULL, tmp), 0);
+    ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, NULL), 0);
+    ExpectIntEQ(ECPoint_d2i(binUncompGBad, sizeof(binUncompG), group, tmp), 0);
+    ExpectIntEQ(ECPoint_d2i(binUncompG, sizeof(binUncompG), group, tmp), 1);
+    ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
     EC_POINT_free(tmp);
+    tmp = NULL;
 
 #ifdef HAVE_COMP_KEY
     /* Test oct compressed to point */
-    AssertNotNull(tmp = EC_POINT_new(group));
-    AssertIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx),
+    ExpectNotNull(tmp = EC_POINT_new(group));
+    ExpectIntEQ(EC_POINT_oct2point(group, tmp, binCompG, sizeof(binCompG), ctx),
         1);
-    AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+    ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
     EC_POINT_free(tmp);
+    tmp = NULL;
 
     /* Test point d2i - compressed */
-    AssertNotNull(tmp = EC_POINT_new(group));
-    AssertIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1);
-    AssertIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
+    ExpectNotNull(tmp = EC_POINT_new(group));
+    ExpectIntEQ(ECPoint_d2i(binCompG, sizeof(binCompG), group, tmp), 1);
+    ExpectIntEQ(EC_POINT_cmp(group, tmp, Gxy, ctx), 0);
     EC_POINT_free(tmp);
+    tmp = NULL;
 #endif
 #endif
 
     /* test BN_mod_add */
-    AssertIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
+    ExpectIntEQ(BN_mod_add(new_point->Z, (WOLFSSL_BIGNUM*)BN_value_one(),
         (WOLFSSL_BIGNUM*)BN_value_one(), (WOLFSSL_BIGNUM*)BN_value_one(), NULL),
         1);
-    AssertIntEQ(BN_is_zero(new_point->Z), 1);
+    ExpectIntEQ(BN_is_zero(new_point->Z), 1);
 
     /* cleanup */
     BN_free(X);
@@ -60530,52 +59818,176 @@ static int test_wolfSSL_EC_POINT(void)
 #endif
     EC_GROUP_free(group);
     BN_CTX_free(ctx);
-
-    res = TEST_RES_CHECK(1);
 #endif
 #endif /* !WOLFSSL_SP_MATH && ( !HAVE_FIPS || HAVE_FIPS_VERSION > 2) */
-    return res;
+    return EXPECT_RESULT();
+}
+
+static int test_wolfSSL_SPAKE(void)
+{
+    EXPECT_DECLS;
+
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && !defined(WOLFSSL_ATECC508A) \
+    && !defined(WOLFSSL_ATECC608A) && !defined(HAVE_SELFTEST) && \
+       !defined(WOLFSSL_SP_MATH) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+    BIGNUM* x = NULL; /* kdc priv */
+    BIGNUM* y = NULL; /* client priv */
+    BIGNUM* w = NULL; /* shared value */
+    byte M_bytes[] = {
+        /* uncompressed */
+        0x04,
+        /* x */
+        0x88, 0x6e, 0x2f, 0x97, 0xac, 0xe4, 0x6e, 0x55, 0xba, 0x9d, 0xd7, 0x24,
+        0x25, 0x79, 0xf2, 0x99, 0x3b, 0x64, 0xe1, 0x6e, 0xf3, 0xdc, 0xab, 0x95,
+        0xaf, 0xd4, 0x97, 0x33, 0x3d, 0x8f, 0xa1, 0x2f,
+        /* y */
+        0x5f, 0xf3, 0x55, 0x16, 0x3e, 0x43, 0xce, 0x22, 0x4e, 0x0b, 0x0e, 0x65,
+        0xff, 0x02, 0xac, 0x8e, 0x5c, 0x7b, 0xe0, 0x94, 0x19, 0xc7, 0x85, 0xe0,
+        0xca, 0x54, 0x7d, 0x55, 0xa1, 0x2e, 0x2d, 0x20
+    };
+    EC_POINT* M = NULL; /* shared value */
+    byte N_bytes[] = {
+        /* uncompressed */
+        0x04,
+        /* x */
+        0xd8, 0xbb, 0xd6, 0xc6, 0x39, 0xc6, 0x29, 0x37, 0xb0, 0x4d, 0x99, 0x7f,
+        0x38, 0xc3, 0x77, 0x07, 0x19, 0xc6, 0x29, 0xd7, 0x01, 0x4d, 0x49, 0xa2,
+        0x4b, 0x4f, 0x98, 0xba, 0xa1, 0x29, 0x2b, 0x49,
+        /* y */
+        0x07, 0xd6, 0x0a, 0xa6, 0xbf, 0xad, 0xe4, 0x50, 0x08, 0xa6, 0x36, 0x33,
+        0x7f, 0x51, 0x68, 0xc6, 0x4d, 0x9b, 0xd3, 0x60, 0x34, 0x80, 0x8c, 0xd5,
+        0x64, 0x49, 0x0b, 0x1e, 0x65, 0x6e, 0xdb, 0xe7
+    };
+    EC_POINT* N = NULL; /* shared value */
+    EC_POINT* T = NULL; /* kdc pub */
+    EC_POINT* tmp1 = NULL; /* kdc pub */
+    EC_POINT* tmp2 = NULL; /* kdc pub */
+    EC_POINT* S = NULL; /* client pub */
+    EC_POINT* client_secret = NULL;
+    EC_POINT* kdc_secret = NULL;
+    EC_GROUP* group = NULL;
+    BN_CTX* bn_ctx = NULL;
+
+    /* Values taken from a test run of Kerberos 5 */
+
+    ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(bn_ctx = BN_CTX_new());
+
+    ExpectNotNull(M = EC_POINT_new(group));
+    ExpectNotNull(N = EC_POINT_new(group));
+    ExpectNotNull(T = EC_POINT_new(group));
+    ExpectNotNull(tmp1 = EC_POINT_new(group));
+    ExpectNotNull(tmp2 = EC_POINT_new(group));
+    ExpectNotNull(S = EC_POINT_new(group));
+    ExpectNotNull(client_secret = EC_POINT_new(group));
+    ExpectNotNull(kdc_secret = EC_POINT_new(group));
+    ExpectIntEQ(BN_hex2bn(&x, "DAC3027CD692B4BDF0EDFE9B7D0E4E7"
+                              "E5D8768A725EAEEA6FC68EC239A17C0"), 1);
+    ExpectIntEQ(BN_hex2bn(&y, "6F6A1D394E26B1655A54B26DCE30D49"
+                              "90CC47EBE08F809EF3FF7F6AEAABBB5"), 1);
+    ExpectIntEQ(BN_hex2bn(&w, "1D992AB8BA851B9BA05353453D81EE9"
+                              "506AB395478F0AAB647752CF117B36250"), 1);
+    ExpectIntEQ(EC_POINT_oct2point(group, M, M_bytes, sizeof(M_bytes), bn_ctx),
+                1);
+    ExpectIntEQ(EC_POINT_oct2point(group, N, N_bytes, sizeof(N_bytes), bn_ctx),
+                1);
+
+    /* Function pattern similar to ossl_keygen and ossl_result in krb5 */
+
+    /* kdc */
+    /* T=x*P+w*M */
+    /* All in one function call */
+    ExpectIntEQ(EC_POINT_mul(group, T, x, M, w, bn_ctx), 1);
+    /* Spread into separate calls */
+    ExpectIntEQ(EC_POINT_mul(group, tmp1, x, NULL, NULL, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, M, w, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
+                1);
+    ExpectIntEQ(EC_POINT_cmp(group, T, tmp1, bn_ctx), 0);
+    /* client */
+    /* S=y*P+w*N */
+    /* All in one function call */
+    ExpectIntEQ(EC_POINT_mul(group, S, y, N, w, bn_ctx), 1);
+    /* Spread into separate calls */
+    ExpectIntEQ(EC_POINT_mul(group, tmp1, y, NULL, NULL, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_mul(group, tmp2, NULL, N, w, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_add(group, tmp1, tmp1, tmp2, bn_ctx),
+                1);
+    ExpectIntEQ(EC_POINT_cmp(group, S, tmp1, bn_ctx), 0);
+    /* K=y*(T-w*M) */
+    ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, M, w, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_invert(group, client_secret, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_add(group, client_secret, T, client_secret, bn_ctx),
+                1);
+    ExpectIntEQ(EC_POINT_mul(group, client_secret, NULL, client_secret, y,
+                             bn_ctx), 1);
+    /* kdc */
+    /* K=x*(S-w*N) */
+    ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, N, w, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_invert(group, kdc_secret, bn_ctx), 1);
+    ExpectIntEQ(EC_POINT_add(group, kdc_secret, S, kdc_secret, bn_ctx),
+                1);
+    ExpectIntEQ(EC_POINT_mul(group, kdc_secret, NULL, kdc_secret, x, bn_ctx),
+                1);
+
+    /* kdc_secret == client_secret */
+    ExpectIntEQ(EC_POINT_cmp(group, client_secret, kdc_secret, bn_ctx), 0);
+
+    BN_free(x);
+    BN_free(y);
+    BN_free(w);
+    EC_POINT_free(M);
+    EC_POINT_free(N);
+    EC_POINT_free(T);
+    EC_POINT_free(tmp1);
+    EC_POINT_free(tmp2);
+    EC_POINT_free(S);
+    EC_POINT_free(client_secret);
+    EC_POINT_free(kdc_secret);
+    EC_GROUP_free(group);
+    BN_CTX_free(bn_ctx);
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_generate(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_EXTRA
-    WOLFSSL_EC_KEY* key;
+    WOLFSSL_EC_KEY* key = NULL;
 #ifndef HAVE_ECC_BRAINPOOL
-    WOLFSSL_EC_GROUP* group;
+    WOLFSSL_EC_GROUP* group = NULL;
 #endif
 
-    AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
 
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0);
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
     wolfSSL_EC_KEY_free(key);
+    key = NULL;
 
 #ifndef HAVE_ECC_BRAINPOOL
-    AssertNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name(
+    ExpectNotNull(group = wolfSSL_EC_GROUP_new_by_curve_name(
         NID_brainpoolP256r1));
-    AssertNotNull(key = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1);
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 0);
+    ExpectNotNull(key = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_set_group(key, group), 1);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 0);
     wolfSSL_EC_KEY_free(key);
     wolfSSL_EC_GROUP_free(group);
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_EC_i2d(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(HAVE_FIPS)
-    EC_KEY *key;
+    EC_KEY *key = NULL;
     EC_KEY *copy = NULL;
-    int len;
+    int len = 0;
     unsigned char *buf = NULL;
-    unsigned char *p;
+    unsigned char *p = NULL;
     const unsigned char *tmp = NULL;
     const unsigned char octBad[] = {
         0x09, 0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47, 0xf8, 0xbc,
@@ -60586,362 +59998,374 @@ static int test_EC_i2d(void)
         0x5e, 0xce, 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5,
     };
 
-    AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertIntEQ(EC_KEY_generate_key(key), 1);
-    AssertIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0);
-    AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+    ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectIntEQ(EC_KEY_generate_key(key), 1);
+    ExpectIntGT((len = i2d_EC_PUBKEY(key, NULL)), 0);
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
         DYNAMIC_TYPE_TMP_BUFFER));
     p = buf;
-    AssertIntEQ(i2d_EC_PUBKEY(key, &p), len);
-
-    AssertNull(o2i_ECPublicKey(NULL, NULL, -1));
-    AssertNull(o2i_ECPublicKey(&copy, NULL, -1));
-    AssertNull(o2i_ECPublicKey(&key, NULL, -1));
-    AssertNull(o2i_ECPublicKey(NULL, &tmp, -1));
-    AssertNull(o2i_ECPublicKey(NULL, NULL, 0));
-    AssertNull(o2i_ECPublicKey(&key, NULL, 0));
-    AssertNull(o2i_ECPublicKey(&key, &tmp, 0));
+    ExpectIntEQ(i2d_EC_PUBKEY(key, &p), len);
+
+    ExpectNull(o2i_ECPublicKey(NULL, NULL, -1));
+    ExpectNull(o2i_ECPublicKey(&copy, NULL, -1));
+    ExpectNull(o2i_ECPublicKey(&key, NULL, -1));
+    ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
+    ExpectNull(o2i_ECPublicKey(NULL, NULL, 0));
+    ExpectNull(o2i_ECPublicKey(&key, NULL, 0));
+    ExpectNull(o2i_ECPublicKey(&key, &tmp, 0));
     tmp = buf;
-    AssertNull(o2i_ECPublicKey(NULL, &tmp, 0));
-    AssertNull(o2i_ECPublicKey(&copy, &tmp, 0));
-    AssertNull(o2i_ECPublicKey(NULL, &tmp, -1));
-    AssertNull(o2i_ECPublicKey(&key, &tmp, -1));
+    ExpectNull(o2i_ECPublicKey(NULL, &tmp, 0));
+    ExpectNull(o2i_ECPublicKey(&copy, &tmp, 0));
+    ExpectNull(o2i_ECPublicKey(NULL, &tmp, -1));
+    ExpectNull(o2i_ECPublicKey(&key, &tmp, -1));
 
-    AssertIntEQ(i2o_ECPublicKey(NULL, NULL), 0);
-    AssertIntEQ(i2o_ECPublicKey(NULL, &buf), 0);
+    ExpectIntEQ(i2o_ECPublicKey(NULL, NULL), 0);
+    ExpectIntEQ(i2o_ECPublicKey(NULL, &buf), 0);
 
     tmp = buf;
-    AssertNull(d2i_ECPrivateKey(NULL, &tmp, 0));
-    AssertNull(d2i_ECPrivateKey(NULL, &tmp, 1));
-    AssertNull(d2i_ECPrivateKey(&copy, &tmp, 0));
-    AssertNull(d2i_ECPrivateKey(&copy, &tmp, 1));
-    AssertNull(d2i_ECPrivateKey(&key, &tmp, 0));
-
-    AssertIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
-    AssertIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
-
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1,
+    ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 0));
+    ExpectNull(d2i_ECPrivateKey(NULL, &tmp, 1));
+    ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 0));
+    ExpectNull(d2i_ECPrivateKey(&copy, &tmp, 1));
+    ExpectNull(d2i_ECPrivateKey(&key, &tmp, 0));
+
+    ExpectIntEQ(i2d_ECPrivateKey(NULL, &p), 0);
+    ExpectIntEQ(i2d_ECPrivateKey(NULL, NULL), 0);
+
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer(NULL, NULL, -1), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1, 0), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, -1, 0), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, -1, 0), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, 0, 0), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, NULL, -1,
         WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len,
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(NULL, buf, len,
         WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len,
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, NULL, len,
         WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1,
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, -1,
         WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len,
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len, 0), -1);
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, buf, len,
         WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
         WOLFSSL_EC_KEY_LOAD_PRIVATE), -1);
-    AssertIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
+    ExpectIntEQ(wolfSSL_EC_KEY_LoadDer_ex(key, octBad, sizeof(octBad),
         WOLFSSL_EC_KEY_LOAD_PUBLIC), -1);
 
     XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     buf = NULL;
+    buf = NULL;
 
-    AssertIntGT((len = i2d_ECPrivateKey(key, NULL)), 0);
-    AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+    ExpectIntGT((len = i2d_ECPrivateKey(key, NULL)), 0);
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
         DYNAMIC_TYPE_TMP_BUFFER));
     p = buf;
-    AssertIntEQ(i2d_ECPrivateKey(key, &p), len);
+    ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
 
     p = NULL;
-    AssertIntEQ(i2d_ECPrivateKey(key, &p), len);
+    ExpectIntEQ(i2d_ECPrivateKey(key, &p), len);
     XFREE(p, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    p = NULL;
 
     /* Bad point is also an invalid private key. */
     tmp = octBad;
-    AssertNull(d2i_ECPrivateKey(&copy, &tmp, sizeof(octBad)));
+    ExpectNull(d2i_ECPrivateKey(&copy, &tmp, sizeof(octBad)));
     tmp = buf;
-    AssertNotNull(d2i_ECPrivateKey(&copy, &tmp, len));
+    ExpectNotNull(d2i_ECPrivateKey(&copy, &tmp, len));
     XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     buf = NULL;
+    buf = NULL;
 
-    AssertIntGT((len = i2o_ECPublicKey(key, NULL)), 0);
-    AssertNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
+    ExpectIntGT((len = i2o_ECPublicKey(key, NULL)), 0);
+    ExpectNotNull(buf = (unsigned char*)XMALLOC(len, NULL,
         DYNAMIC_TYPE_TMP_BUFFER));
     p = buf;
-    AssertIntGT((len = i2o_ECPublicKey(key, &p)), 0);
+    ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
     p = NULL;
-    AssertIntGT((len = i2o_ECPublicKey(key, &p)), 0);
+    ExpectIntGT((len = i2o_ECPublicKey(key, &p)), 0);
     tmp = buf;
-    AssertNotNull(o2i_ECPublicKey(&copy, &tmp, len));
+    ExpectNotNull(o2i_ECPublicKey(&copy, &tmp, len));
     tmp = octBad;
-    AssertNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad)));
+    ExpectNull(o2i_ECPublicKey(&key, &tmp, sizeof(octBad)));
 
-    AssertIntEQ(EC_KEY_check_key(NULL), 0);
-    AssertIntEQ(EC_KEY_check_key(key), 1);
+    ExpectIntEQ(EC_KEY_check_key(NULL), 0);
+    ExpectIntEQ(EC_KEY_check_key(key), 1);
 
     XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL);
     XFREE(buf, NULL, DYNAMIC_TYPE_OPENSSL);
 
     EC_KEY_free(key);
     EC_KEY_free(copy);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_curve(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
     int nid = NID_secp160k1;
-    const char* nid_name;
+    const char* nid_name = NULL;
 
-    AssertNull(EC_curve_nid2nist(NID_sha256));
+    ExpectNull(EC_curve_nid2nist(NID_sha256));
 
-    AssertNotNull(nid_name = EC_curve_nid2nist(nid));
-    AssertIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0);
+    ExpectNotNull(nid_name = EC_curve_nid2nist(nid));
+    ExpectIntEQ(XMEMCMP(nid_name, "K-160", XSTRLEN("K-160")), 0);
 
-    AssertIntEQ(EC_curve_nist2nid("INVALID"), 0);
-    AssertIntEQ(EC_curve_nist2nid(nid_name), nid);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(EC_curve_nist2nid("INVALID"), 0);
+    ExpectIntEQ(EC_curve_nist2nid(nid_name), nid);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_dup(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS)
-    WOLFSSL_EC_KEY* ecKey;
-    WOLFSSL_EC_KEY* dupKey;
-    ecc_key* srcKey;
-    ecc_key* destKey;
+    WOLFSSL_EC_KEY* ecKey = NULL;
+    WOLFSSL_EC_KEY* dupKey = NULL;
+    ecc_key* srcKey = NULL;
+    ecc_key* destKey = NULL;
 
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
 
     /* Valid cases */
-    AssertNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
-    AssertIntEQ(EC_KEY_check_key(dupKey), 1);
+    ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    ExpectIntEQ(EC_KEY_check_key(dupKey), 1);
 
     /* Compare pubkey */
-    srcKey = (ecc_key*)ecKey->internal;
-    destKey = (ecc_key*)dupKey->internal;
-    AssertIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0);
+    if (ecKey != NULL) {
+        srcKey = (ecc_key*)ecKey->internal;
+    }
+    if (dupKey != NULL) {
+        destKey = (ecc_key*)dupKey->internal;
+    }
+    ExpectIntEQ(wc_ecc_cmp_point(&srcKey->pubkey, &destKey->pubkey), 0);
 
     /* compare EC_GROUP */
-    AssertIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ);
+    ExpectIntEQ(wolfSSL_EC_GROUP_cmp(ecKey->group, dupKey->group, NULL), MP_EQ);
 
     /* compare EC_POINT */
-    AssertIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \
+    ExpectIntEQ(wolfSSL_EC_POINT_cmp(ecKey->group, ecKey->pub_key, \
                 dupKey->pub_key, NULL), MP_EQ);
 
     /* compare BIGNUM */
-    AssertIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ);
+    ExpectIntEQ(wolfSSL_BN_cmp(ecKey->priv_key, dupKey->priv_key), MP_EQ);
     wolfSSL_EC_KEY_free(dupKey);
+    dupKey = NULL;
 
     /* Invalid cases */
     /* NULL key */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(NULL));
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(NULL));
     /* NULL ecc_key */
-    wc_ecc_free((ecc_key*)ecKey->internal);
-    XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC);
-    ecKey->internal = NULL; /* Set ecc_key to NULL */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    if (ecKey != NULL) {
+        wc_ecc_free((ecc_key*)ecKey->internal);
+        XFREE(ecKey->internal, NULL, DYNAMIC_TYPE_ECC);
+        ecKey->internal = NULL; /* Set ecc_key to NULL */
+    }
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
     wolfSSL_EC_KEY_free(ecKey);
+    ecKey = NULL;
     wolfSSL_EC_KEY_free(dupKey);
+    dupKey = NULL;
 
     /* NULL Group */
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
-    wolfSSL_EC_GROUP_free(ecKey->group);
-    ecKey->group = NULL; /* Set group to NULL */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    if (ecKey != NULL) {
+        wolfSSL_EC_GROUP_free(ecKey->group);
+        ecKey->group = NULL; /* Set group to NULL */
+    }
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
     wolfSSL_EC_KEY_free(ecKey);
+    ecKey = NULL;
     wolfSSL_EC_KEY_free(dupKey);
+    dupKey = NULL;
 
     /* NULL public key */
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
-    wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal);
-    ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
-
-    wolfSSL_EC_POINT_free(ecKey->pub_key);
-    ecKey->pub_key = NULL; /* Set pub_key to NULL */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    if (ecKey != NULL) {
+        wc_ecc_del_point((ecc_point*)ecKey->pub_key->internal);
+        ecKey->pub_key->internal = NULL; /* Set ecc_point to NULL */
+    }
+
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    if (ecKey != NULL) {
+        wolfSSL_EC_POINT_free(ecKey->pub_key);
+        ecKey->pub_key = NULL; /* Set pub_key to NULL */
+    }
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
     wolfSSL_EC_KEY_free(ecKey);
+    ecKey = NULL;
     wolfSSL_EC_KEY_free(dupKey);
+    dupKey = NULL;
 
     /* NULL private key */
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
 
-    wolfSSL_BN_free(ecKey->priv_key);
-    ecKey->priv_key = NULL; /* Set priv_key to NULL */
-    AssertNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    if (ecKey != NULL) {
+        wolfSSL_BN_free(ecKey->priv_key);
+        ecKey->priv_key = NULL; /* Set priv_key to NULL */
+    }
+    ExpectNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
 
     wolfSSL_EC_KEY_free(ecKey);
+    ecKey = NULL;
     wolfSSL_EC_KEY_free(dupKey);
+    dupKey = NULL;
 
     /* Test EC_KEY_up_ref */
-    AssertNotNull(ecKey = wolfSSL_EC_KEY_new());
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS);
+    ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_up_ref(NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_up_ref(ecKey), WOLFSSL_SUCCESS);
     /* reference count doesn't follow duplicate */
-    AssertNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
-    AssertIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */
-    AssertIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */
+    ExpectNotNull(dupKey = wolfSSL_EC_KEY_dup(ecKey));
+    ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +1 */
+    ExpectIntEQ(wolfSSL_EC_KEY_up_ref(dupKey), WOLFSSL_SUCCESS); /* +2 */
     wolfSSL_EC_KEY_free(dupKey); /* 3 */
     wolfSSL_EC_KEY_free(dupKey); /* 2 */
     wolfSSL_EC_KEY_free(dupKey); /* 1, free */
     wolfSSL_EC_KEY_free(ecKey);  /* 2 */
     wolfSSL_EC_KEY_free(ecKey);  /* 1, free */
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_set_group(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
     defined(OPENSSL_EXTRA)
     EC_KEY   *key    = NULL;
     EC_GROUP *group  = NULL;
     const EC_GROUP *group2 = NULL;
 
-    AssertNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertNotNull(key = EC_KEY_new());
+    ExpectNotNull(group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(key = EC_KEY_new());
 
-    AssertNull(EC_KEY_get0_group(NULL));
-    AssertIntEQ(EC_KEY_set_group(NULL, NULL), 0);
-    AssertIntEQ(EC_KEY_set_group(key, NULL), 0);
-    AssertIntEQ(EC_KEY_set_group(NULL, group), 0);
+    ExpectNull(EC_KEY_get0_group(NULL));
+    ExpectIntEQ(EC_KEY_set_group(NULL, NULL), 0);
+    ExpectIntEQ(EC_KEY_set_group(key, NULL), 0);
+    ExpectIntEQ(EC_KEY_set_group(NULL, group), 0);
 
-    AssertIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS);
-    AssertNotNull(group2 = EC_KEY_get0_group(key));
-    AssertIntEQ(EC_GROUP_cmp(group2, group, NULL), 0);
+    ExpectIntEQ(EC_KEY_set_group(key, group), WOLFSSL_SUCCESS);
+    ExpectNotNull(group2 = EC_KEY_get0_group(key));
+    ExpectIntEQ(EC_GROUP_cmp(group2, group, NULL), 0);
 
     EC_GROUP_free(group);
     EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_set_conv_form(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && defined(OPENSSL_EXTRA) && !defined(NO_BIO)
-    BIO* bio;
-    EC_KEY* key;
+    BIO* bio = NULL;
+    EC_KEY* key = NULL;
 
     /* Error condition: NULL key. */
-    AssertIntLT(EC_KEY_get_conv_form(NULL), 0);
+    ExpectIntLT(EC_KEY_get_conv_form(NULL), 0);
 
-    AssertNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb"));
-    AssertNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
+    ExpectNotNull(bio = BIO_new_file("./certs/ecc-keyPub.pem", "rb"));
+    ExpectNotNull(key = PEM_read_bio_EC_PUBKEY(bio, NULL, NULL, NULL));
     /* Conversion form defaults to uncompressed. */
-    AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+    ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
 #ifdef HAVE_COMP_KEY
     /* Explicitly set to compressed. */
     EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
-    AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED);
+    ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_COMPRESSED);
 #else
     /* Will still work just won't change anything. */
     EC_KEY_set_conv_form(key, POINT_CONVERSION_COMPRESSED);
-    AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+    ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
     EC_KEY_set_conv_form(key, POINT_CONVERSION_UNCOMPRESSED);
-    AssertIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
+    ExpectIntEQ(EC_KEY_get_conv_form(key), POINT_CONVERSION_UNCOMPRESSED);
 #endif
     EC_KEY_set_conv_form(NULL, POINT_CONVERSION_UNCOMPRESSED);
 
     BIO_free(bio);
     EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_private_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
-    WOLFSSL_EC_KEY* key;
+    WOLFSSL_EC_KEY* key = NULL;
     WOLFSSL_BIGNUM* priv = NULL;
     WOLFSSL_BIGNUM* priv2 = NULL;
     WOLFSSL_BIGNUM* bn;
 
-    AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertNotNull(priv = wolfSSL_BN_new());
-    AssertNotNull(priv2 = wolfSSL_BN_new());
-    AssertIntNE(BN_set_word(priv, 2), 0);
-    AssertIntNE(BN_set_word(priv2, 2), 0);
+    ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(priv = wolfSSL_BN_new());
+    ExpectNotNull(priv2 = wolfSSL_BN_new());
+    ExpectIntNE(BN_set_word(priv, 2), 0);
+    ExpectIntNE(BN_set_word(priv2, 2), 0);
 
-    AssertNull(wolfSSL_EC_KEY_get0_private_key(NULL));
+    ExpectNull(wolfSSL_EC_KEY_get0_private_key(NULL));
     /* No private key set. */
-    AssertNull(wolfSSL_EC_KEY_get0_private_key(key));
+    ExpectNull(wolfSSL_EC_KEY_get0_private_key(key));
 
-    AssertIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(NULL, priv), 0);
 
-    AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1);
-    AssertNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
-    AssertPtrNE(bn, priv);
-    AssertIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1);
-    AssertNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
-    AssertPtrNE(bn, priv2);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv), 1);
+    ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
+    ExpectPtrNE(bn, priv);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_private_key(key, priv2), 1);
+    ExpectNotNull(bn = wolfSSL_EC_KEY_get0_private_key(key));
+    ExpectPtrNE(bn, priv2);
 
     wolfSSL_BN_free(priv2);
     wolfSSL_BN_free(priv);
     wolfSSL_EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_public_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
-    WOLFSSL_EC_KEY* key;
-    WOLFSSL_EC_POINT* pub;
-    WOLFSSL_EC_POINT* point;
+    WOLFSSL_EC_KEY* key = NULL;
+    WOLFSSL_EC_POINT* pub = NULL;
+    WOLFSSL_EC_POINT* point = NULL;
 
-    AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
 
-    AssertNull(wolfSSL_EC_KEY_get0_public_key(NULL));
-    AssertNotNull(wolfSSL_EC_KEY_get0_public_key(key));
+    ExpectNull(wolfSSL_EC_KEY_get0_public_key(NULL));
+    ExpectNotNull(wolfSSL_EC_KEY_get0_public_key(key));
 
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), 1);
 
-    AssertNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key));
+    ExpectNotNull(pub = wolfSSL_EC_KEY_get0_public_key(key));
 
-    AssertIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0);
-    AssertIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, NULL), 0);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(NULL, pub), 0);
 
-    AssertIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1);
-    AssertNotNull(point = wolfSSL_EC_KEY_get0_public_key(key));
-    AssertPtrEq(point, pub);
+    ExpectIntEQ(wolfSSL_EC_KEY_set_public_key(key, pub), 1);
+    ExpectNotNull(point = wolfSSL_EC_KEY_get0_public_key(key));
+    ExpectPtrEq(point, pub);
 
     wolfSSL_EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_KEY_print_fp(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(HAVE_ECC) && ((defined(HAVE_ECC224) && defined(HAVE_ECC256)) || \
     defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224 && \
     defined(OPENSSL_EXTRA) && defined(XFPRINTF) && !defined(NO_FILESYSTEM) && \
@@ -60949,75 +60373,71 @@ static int test_wolfSSL_EC_KEY_print_fp(void)
     EC_KEY* key = NULL;
 
     /* Bad file pointer. */
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(NULL, key, 0), WOLFSSL_FAILURE);
     /* NULL key. */
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE);
-    AssertNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1)));
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, NULL, 0), WOLFSSL_FAILURE);
+    ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(NID_secp224r1)));
     /* Negative indent. */
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, -1), WOLFSSL_FAILURE);
 
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
     wolfSSL_EC_KEY_free(key);
 
-    AssertNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(
+    ExpectNotNull((key = wolfSSL_EC_KEY_new_by_curve_name(
         NID_X9_62_prime256v1)));
-    AssertIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_generate_key(key), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_EC_KEY_print_fp(stderr, key, 4), WOLFSSL_SUCCESS);
     wolfSSL_EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EC_get_builtin_curves(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
 #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
     EC_builtin_curve* curves = NULL;
     size_t crv_len = 0;
     size_t i = 0;
 
-    AssertIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
-    AssertNotNull(curves = (EC_builtin_curve*)XMALLOC(
+    ExpectIntGT((crv_len = EC_get_builtin_curves(NULL, 0)), 0);
+    ExpectNotNull(curves = (EC_builtin_curve*)XMALLOC(
         sizeof(EC_builtin_curve) * crv_len, NULL, DYNAMIC_TYPE_TMP_BUFFER));
 
-    AssertIntEQ((EC_get_builtin_curves(curves, 0)), crv_len);
-    AssertIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
+    ExpectIntEQ((EC_get_builtin_curves(curves, 0)), crv_len);
+    ExpectIntEQ(EC_get_builtin_curves(curves, crv_len), crv_len);
 
-    for (i = 0; i < crv_len; i++) {
+    for (i = 0; EXPECT_SUCCESS() && (i < crv_len); i++) {
         if (curves[i].comment != NULL) {
-            AssertStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
+            ExpectStrEQ(OBJ_nid2sn(curves[i].nid), curves[i].comment);
         }
     }
 
     if (crv_len > 1) {
-        AssertIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1);
+        ExpectIntEQ(EC_get_builtin_curves(curves, crv_len - 1), crv_len - 1);
     }
 
     XFREE(curves, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-
-    res = TEST_RES_CHECK(1);
 #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */
 #endif /* OPENSSL_EXTRA || OPENSSL_ALL */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ECDSA_SIG(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef OPENSSL_EXTRA
     WOLFSSL_ECDSA_SIG* sig = NULL;
     WOLFSSL_ECDSA_SIG* sig2 = NULL;
-    WOLFSSL_BIGNUM* r;
-    WOLFSSL_BIGNUM* s;
-    const WOLFSSL_BIGNUM* r2;
-    const WOLFSSL_BIGNUM* s2;
-    const unsigned char* cp;
-    unsigned char* p;
+    WOLFSSL_BIGNUM* r = NULL;
+    WOLFSSL_BIGNUM* s = NULL;
+    const WOLFSSL_BIGNUM* r2 = NULL;
+    const WOLFSSL_BIGNUM* s2 = NULL;
+    const unsigned char* cp = NULL;
+    unsigned char* p = NULL;
     unsigned char outSig[8];
     unsigned char sigData[8] =
                              { 0x30, 0x06, 0x02, 0x01, 0x01, 0x02, 0x01, 0x01 };
@@ -61026,76 +60446,79 @@ static int test_wolfSSL_ECDSA_SIG(void)
 
     wolfSSL_ECDSA_SIG_free(NULL);
 
-    AssertNotNull(sig = wolfSSL_ECDSA_SIG_new());
-    AssertNotNull(r = wolfSSL_BN_new());
-    AssertNotNull(s = wolfSSL_BN_new());
-    AssertIntEQ(wolfSSL_BN_set_word(r, 1), 1);
-    AssertIntEQ(wolfSSL_BN_set_word(s, 1), 1);
+    ExpectNotNull(sig = wolfSSL_ECDSA_SIG_new());
+    ExpectNotNull(r = wolfSSL_BN_new());
+    ExpectNotNull(s = wolfSSL_BN_new());
+    ExpectIntEQ(wolfSSL_BN_set_word(r, 1), 1);
+    ExpectIntEQ(wolfSSL_BN_set_word(s, 1), 1);
 
     wolfSSL_ECDSA_SIG_get0(NULL, NULL, NULL);
     wolfSSL_ECDSA_SIG_get0(NULL, &r2, NULL);
     wolfSSL_ECDSA_SIG_get0(NULL, NULL, &s2);
     wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, NULL), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, NULL, s), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(NULL, r, s), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, NULL, s), 0);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, NULL), 0);
 
     r2 = NULL;
     s2 = NULL;
     wolfSSL_ECDSA_SIG_get0(NULL, &r2, &s2);
-    AssertNull(r2);
-    AssertNull(s2);
-    AssertIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1);
+    ExpectNull(r2);
+    ExpectNull(s2);
+    ExpectIntEQ(wolfSSL_ECDSA_SIG_set0(sig, r, s), 1);
+    if (EXPECT_FAIL()) {
+        wolfSSL_BN_free(r);
+        wolfSSL_BN_free(s);
+    }
     wolfSSL_ECDSA_SIG_get0(sig, &r2, &s2);
-    AssertPtrEq(r2, r);
-    AssertPtrEq(s2, s);
+    ExpectPtrEq(r2, r);
+    ExpectPtrEq(s2, s);
     r2 = NULL;
     wolfSSL_ECDSA_SIG_get0(sig, &r2, NULL);
-    AssertPtrEq(r2, r);
+    ExpectPtrEq(r2, r);
     s2 = NULL;
     wolfSSL_ECDSA_SIG_get0(sig, NULL, &s2);
-    AssertPtrEq(s2, s);
+    ExpectPtrEq(s2, s);
 
     /* r and s are freed when sig is freed. */
     wolfSSL_ECDSA_SIG_free(sig);
+    sig = NULL;
 
-    AssertNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
+    ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, NULL, sizeof(sigData)));
     cp = sigDataBad;
-    AssertNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad)));
+    ExpectNull(wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigDataBad)));
     cp = sigData;
-    AssertNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
-    AssertIntEQ((cp == sigData + 8), 1);
+    ExpectNotNull((sig = wolfSSL_d2i_ECDSA_SIG(NULL, &cp, sizeof(sigData))));
+    ExpectIntEQ((cp == sigData + 8), 1);
     cp = sigData;
-    AssertNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData)));
-    AssertNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData))));
-    AssertIntEQ((sig == sig2), 1);
+    ExpectNull(wolfSSL_d2i_ECDSA_SIG(&sig, NULL, sizeof(sigData)));
+    ExpectNotNull((sig2 = wolfSSL_d2i_ECDSA_SIG(&sig, &cp, sizeof(sigData))));
+    ExpectIntEQ((sig == sig2), 1);
     cp = outSig;
 
     p = outSig;
-    AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0);
-    AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0);
-    AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8);
-    AssertIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData));
-    AssertIntEQ((p == outSig + 8), 1);
-    AssertIntEQ(XMEMCMP(sigData, outSig, 8), 0);
+    ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, &p), 0);
+    ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(NULL, NULL), 0);
+    ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, NULL), 8);
+    ExpectIntEQ(wolfSSL_i2d_ECDSA_SIG(sig, &p), sizeof(sigData));
+    ExpectIntEQ((p == outSig + 8), 1);
+    ExpectIntEQ(XMEMCMP(sigData, outSig, 8), 0);
 
     wolfSSL_ECDSA_SIG_free(sig);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_ECDSA_size_sign(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP)
-    EC_KEY* key;
-    ECDSA_SIG* ecdsaSig;
+    EC_KEY* key = NULL;
+    ECDSA_SIG* ecdsaSig = NULL;
     int id;
     byte hash[WC_MAX_DIGEST_SIZE];
     byte hash2[WC_MAX_DIGEST_SIZE];
@@ -61106,246 +60529,258 @@ static int test_ECDSA_size_sign(void)
     XMEMSET(hash2, 234, sizeof(hash2));
 
     id = wc_ecc_get_curve_id_from_name("SECP256R1");
-    AssertIntEQ(id, ECC_SECP256R1);
-
-    AssertNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertIntEQ(EC_KEY_generate_key(key), 1);
-
-    AssertIntGE(ECDSA_size(NULL), 0);
-
-    AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0);
-    AssertIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0);
-    AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0);
-    AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, NULL), 0);
-    AssertIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, sigSz, key), 0);
-    AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, sigSz, key), 0);
-
-    AssertIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1);
-    AssertIntGE(ECDSA_size(key), sigSz);
-    AssertIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, key), 1);
-    AssertIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, sigSz, key), 0);
-
-    AssertNull(ECDSA_do_sign(NULL, sizeof(hash), NULL));
-    AssertNull(ECDSA_do_sign(NULL, sizeof(hash), key));
-    AssertNull(ECDSA_do_sign(hash, sizeof(hash), NULL));
-    AssertNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key));
-    AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1);
-    AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1);
-    AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1);
-    AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1);
-    AssertIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1);
-    AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1);
-    AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1);
-    AssertIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1);
-    AssertIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0);
+    ExpectIntEQ(id, ECC_SECP256R1);
+
+    ExpectNotNull(key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectIntEQ(EC_KEY_generate_key(key), 1);
+
+    ExpectIntGE(ECDSA_size(NULL), 0);
+
+    ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, NULL), 0);
+    ExpectIntEQ(ECDSA_sign(0, NULL, sizeof(hash), sig, &sigSz, key), 0);
+    ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), NULL, &sigSz, key), 0);
+    ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, NULL), 0);
+    ExpectIntEQ(ECDSA_verify(0, NULL, sizeof(hash), sig, sigSz, key), 0);
+    ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), NULL, sigSz, key), 0);
+
+    ExpectIntEQ(ECDSA_sign(0, hash, sizeof(hash), sig, &sigSz, key), 1);
+    ExpectIntGE(ECDSA_size(key), sigSz);
+    ExpectIntEQ(ECDSA_verify(0, hash, sizeof(hash), sig, sigSz, key), 1);
+    ExpectIntEQ(ECDSA_verify(0, hash2, sizeof(hash2), sig, sigSz, key), 0);
+
+    ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), NULL));
+    ExpectNull(ECDSA_do_sign(NULL, sizeof(hash), key));
+    ExpectNull(ECDSA_do_sign(hash, sizeof(hash), NULL));
+    ExpectNotNull(ecdsaSig = ECDSA_do_sign(hash, sizeof(hash), key));
+    ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, NULL), -1);
+    ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, NULL), -1);
+    ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, NULL), -1);
+    ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), NULL, key), -1);
+    ExpectIntEQ(ECDSA_do_verify(NULL, sizeof(hash), ecdsaSig, key), -1);
+    ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), NULL, key), -1);
+    ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, NULL), -1);
+    ExpectIntEQ(ECDSA_do_verify(hash, sizeof(hash), ecdsaSig, key), 1);
+    ExpectIntEQ(ECDSA_do_verify(hash2, sizeof(hash2), ecdsaSig, key), 0);
     ECDSA_SIG_free(ecdsaSig);
 
     EC_KEY_free(key);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_ECDH_compute_key(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_ECC256) && !defined(NO_ECC_SECP) && \
     !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-    EC_KEY* key1;
-    EC_KEY* key2;
-    EC_POINT* pub1;
-    EC_POINT* pub2;
+    EC_KEY* key1 = NULL;
+    EC_KEY* key2 = NULL;
+    EC_POINT* pub1 = NULL;
+    EC_POINT* pub2 = NULL;
     byte secret1[32];
     byte secret2[32];
     int i;
 
-    AssertNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertIntEQ(EC_KEY_generate_key(key1), 1);
-    AssertNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1));
-    AssertNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
-    AssertIntEQ(EC_KEY_generate_key(key2), 1);
-    AssertNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2));
+    ExpectNotNull(key1 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectIntEQ(EC_KEY_generate_key(key1), 1);
+    ExpectNotNull(pub1 = wolfSSL_EC_KEY_get0_public_key(key1));
+    ExpectNotNull(key2 = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+    ExpectIntEQ(EC_KEY_generate_key(key2), 1);
+    ExpectNotNull(pub2 = wolfSSL_EC_KEY_get0_public_key(key2));
 
-    AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0);
-    AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL),
+    ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, NULL, NULL), 0);
+    ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, NULL, NULL),
         0);
-    AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0);
-    AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0);
-    AssertIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0);
-    AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL),
+    ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, NULL, NULL), 0);
+    ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), NULL, key1, NULL), 0);
+    ExpectIntEQ(ECDH_compute_key(NULL, sizeof(secret1), pub2, key1, NULL), 0);
+    ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), NULL, key1, NULL),
         0);
-    AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL),
+    ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, NULL, NULL),
         0);
 
-    AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1,
+    ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1) - 16, pub2, key1,
         NULL), 0);
 
-    AssertIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL),
+    ExpectIntEQ(ECDH_compute_key(secret1, sizeof(secret1), pub2, key1, NULL),
         sizeof(secret1));
-    AssertIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL),
+    ExpectIntEQ(ECDH_compute_key(secret2, sizeof(secret2), pub1, key2, NULL),
         sizeof(secret2));
 
     for (i = 0; i < (int)sizeof(secret1); i++) {
-        AssertIntEQ(secret1[i], secret2[i]);
+        ExpectIntEQ(secret1[i], secret2[i]);
     }
 
     EC_KEY_free(key2);
     EC_KEY_free(key1);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA && !NO_ECC256 && !NO_ECC_SECP &&
         * !WOLF_CRYPTO_CB_ONLY_ECC */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #endif /* HAVE_ECC && !OPENSSL_NO_PK */
 
 #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
-    defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
-static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey)
+    defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_REQ) && \
+    !defined(NO_ASN_TIME)
+static int test_openssl_make_self_signed_certificate(EVP_PKEY* pkey,
+        int expectedDerSz)
 {
+    EXPECT_DECLS;
     X509* x509 = NULL;
     BIGNUM* serial_number = NULL;
     X509_NAME* name = NULL;
     time_t epoch_off = 0;
     ASN1_INTEGER* asn1_serial_number;
     long not_before, not_after;
+    int derSz;
 
-    AssertNotNull(x509 = X509_new());
+    ExpectNotNull(x509 = X509_new());
 
-    AssertIntNE(X509_set_pubkey(x509, pkey), 0);
+    ExpectIntNE(X509_set_pubkey(x509, pkey), 0);
 
-    AssertNotNull(serial_number = BN_new());
-    AssertIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
-    AssertNotNull(asn1_serial_number = X509_get_serialNumber(x509));
-    AssertNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
+    ExpectNotNull(serial_number = BN_new());
+    ExpectIntNE(BN_pseudo_rand(serial_number, 64, 0, 0), 0);
+    ExpectNotNull(asn1_serial_number = X509_get_serialNumber(x509));
+    ExpectNotNull(BN_to_ASN1_INTEGER(serial_number, asn1_serial_number));
 
     /* version 3 */
-    AssertIntNE(X509_set_version(x509, 2L), 0);
+    ExpectIntNE(X509_set_version(x509, 2L), 0);
 
-    AssertNotNull(name = X509_NAME_new());
+    ExpectNotNull(name = X509_NAME_new());
 
-    AssertIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
+    ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_commonName, MBSTRING_UTF8,
         (unsigned char*)"www.wolfssl.com", -1, -1, 0), 0);
+    ExpectIntNE(X509_NAME_add_entry_by_NID(name, NID_pkcs9_contentType,
+                MBSTRING_UTF8,(unsigned char*)"Server", -1, -1, 0), 0);
 
-    AssertIntNE(X509_set_subject_name(x509, name), 0);
-    AssertIntNE(X509_set_issuer_name(x509, name), 0);
+    ExpectIntNE(X509_set_subject_name(x509, name), 0);
+    ExpectIntNE(X509_set_issuer_name(x509, name), 0);
 
     not_before = (long)wc_Time(NULL);
     not_after = not_before + (365 * 24 * 60 * 60);
-    AssertNotNull(X509_time_adj(X509_get_notBefore(x509), not_before, &epoch_off));
-    AssertNotNull(X509_time_adj(X509_get_notAfter(x509), not_after, &epoch_off));
+    ExpectNotNull(X509_time_adj(X509_get_notBefore(x509), not_before,
+        &epoch_off));
+    ExpectNotNull(X509_time_adj(X509_get_notAfter(x509), not_after,
+        &epoch_off));
+
+    ExpectIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
 
-    AssertIntNE(X509_sign(x509, pkey, EVP_sha256()), 0);
+    ExpectNotNull(wolfSSL_X509_get_der(x509, &derSz));
+    ExpectIntGE(derSz, expectedDerSz);
 
     BN_free(serial_number);
     X509_NAME_free(name);
     X509_free(x509);
 
-    return 0;
+    return EXPECT_RESULT();
 }
 #endif
 
 static int test_openssl_generate_key_and_cert(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
+    int expectedDerSz;
+    EVP_PKEY* pkey = NULL;
+#ifdef HAVE_ECC
+    EC_KEY* ec_key = NULL;
+#endif
 #if !defined(NO_RSA)
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        EVP_PKEY* pkey = EVP_PKEY_new();
-        int key_length = 2048;
-        BIGNUM* exponent = BN_new();
-        RSA* rsa = RSA_new();
-
-        AssertNotNull(pkey);
-        AssertNotNull(exponent);
-        AssertNotNull(rsa);
-
-        AssertIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
-    #ifndef WOLFSSL_KEY_GEN
-        AssertIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
-
-        #if defined(USE_CERT_BUFFERS_1024)
-        AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
-            sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
-        key_length = 1024;
-        #elif defined(USE_CERT_BUFFERS_2048)
-        AssertIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
-            sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
-        #else
-        RSA_free(rsa);
-        rsa = NULL;
-        #endif
-    #else
-        AssertIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0);
-        AssertIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0);
-        AssertIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0);
-        AssertIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
-    #endif
+    int key_length = 2048;
+    BIGNUM* exponent = NULL;
+    RSA* rsa = NULL;
 
-        if (rsa) {
-            AssertIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
+    ExpectNotNull(pkey = EVP_PKEY_new());
+    ExpectNotNull(exponent = BN_new());
+    ExpectNotNull(rsa = RSA_new());
 
-            BN_free(exponent);
+    ExpectIntNE(BN_set_word(exponent, WC_RSA_EXPONENT), 0);
+#ifndef WOLFSSL_KEY_GEN
+    ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
 
-        #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
-                defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
-            test_openssl_make_self_signed_certificate(pkey);
-        #endif
+    #if defined(USE_CERT_BUFFERS_1024)
+    ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_1024,
+        sizeof_server_key_der_1024, WOLFSSL_RSA_LOAD_PRIVATE), 0);
+    key_length = 1024;
+    #elif defined(USE_CERT_BUFFERS_2048)
+    ExpectIntNE(wolfSSL_RSA_LoadDer_ex(rsa, server_key_der_2048,
+        sizeof_server_key_der_2048, WOLFSSL_RSA_LOAD_PRIVATE), 0);
+    #else
+    RSA_free(rsa);
+    rsa = NULL;
+    #endif
+#else
+    ExpectIntEQ(RSA_generate_key_ex(NULL, key_length, exponent, NULL), 0);
+    ExpectIntEQ(RSA_generate_key_ex(rsa, 0, exponent, NULL), 0);
+    ExpectIntEQ(RSA_generate_key_ex(rsa, key_length, NULL, NULL), 0);
+    ExpectIntNE(RSA_generate_key_ex(rsa, key_length, exponent, NULL), 0);
+#endif
+
+    if (rsa) {
+        ExpectIntNE(EVP_PKEY_assign_RSA(pkey, rsa), 0);
+        if (EXPECT_FAIL()) {
+            RSA_free(rsa);
         }
 
-        EVP_PKEY_free(pkey);
-        res = TEST_RES_CHECK(1);
+    #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
+            defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
+        expectedDerSz = 743;
+        ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey,
+                    expectedDerSz), TEST_SUCCESS);
+    #endif
     }
+
+    EVP_PKEY_free(pkey);
+    pkey = NULL;
+    BN_free(exponent);
 #endif /* !NO_RSA */
 
 #ifdef HAVE_ECC
-    if (res == TEST_SKIPPED || res == TEST_SUCCESS) {
-        EVP_PKEY* pkey = EVP_PKEY_new();
-        EC_KEY* ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
+    ExpectNotNull(pkey = EVP_PKEY_new());
+    ExpectNotNull(ec_key = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
 
-        AssertNotNull(pkey);
-        AssertNotNull(ec_key);
-
-    #ifndef NO_WOLFSSL_STUB
-        EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
-    #endif
+#ifndef NO_WOLFSSL_STUB
+    EC_KEY_set_asn1_flag(ec_key, OPENSSL_EC_NAMED_CURVE);
+#endif
 
-        AssertIntNE(EC_KEY_generate_key(ec_key), 0);
-        AssertIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
+    ExpectIntNE(EC_KEY_generate_key(ec_key), 0);
+    ExpectIntNE(EVP_PKEY_assign_EC_KEY(pkey, ec_key), 0);
+    if (EXPECT_FAIL()) {
+        EC_KEY_free(ec_key);
+    }
 
-    #if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
-            defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
-        test_openssl_make_self_signed_certificate(pkey);
-    #endif
+#if !defined(NO_CERTS) && defined(WOLFSSL_CERT_GEN) && \
+        defined(WOLFSSL_CERT_REQ) && !defined(NO_ASN_TIME)
+    expectedDerSz = 344;
+    ExpectIntEQ(test_openssl_make_self_signed_certificate(pkey, expectedDerSz),
+                TEST_SUCCESS);
+#endif
 
-        EVP_PKEY_free(pkey);
-        res = TEST_RES_CHECK(1);
-    }
+    EVP_PKEY_free(pkey);
 #endif /* HAVE_ECC */
+    (void)pkey;
+    (void)expectedDerSz;
 #endif /* OPENSSL_EXTRA */
-    return res;
+
+    return EXPECT_RESULT();
 }
 
 static int test_stubs_are_stubs(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB)
+    EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && !defined(NO_WOLFSSL_STUB) && \
+    (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL_CTX* ctxN = NULL;
   #ifndef NO_WOLFSSL_CLIENT
-    ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
-    AssertNotNull(ctx);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
   #elif !defined(NO_WOLFSSL_SERVER)
-    ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
-    AssertNotNull(ctx);
-  #else
-    return res;
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
   #endif
 
-    #define CHECKZERO_RET(x, y, z) AssertIntEQ((int) x(y), 0); \
-                     AssertIntEQ((int) x(z), 0)
+    #define CHECKZERO_RET(x, y, z) ExpectIntEQ((int) x(y), 0); \
+                     ExpectIntEQ((int) x(z), 0)
     /* test logic, all stubs return same result regardless of ctx being NULL
      * as there are no sanity checks, it's just a stub! If at some
      * point a stub is not a stub it should begin to return BAD_FUNC_ARG
@@ -61363,12 +60798,12 @@ static int test_stubs_are_stubs(void)
     CHECKZERO_RET(wolfSSL_CTX_sess_cache_full, ctx, ctxN);
     CHECKZERO_RET(wolfSSL_CTX_sess_misses, ctx, ctxN);
     CHECKZERO_RET(wolfSSL_CTX_sess_timeouts, ctx, ctxN);
+
     wolfSSL_CTX_free(ctx);
     ctx = NULL;
-
-    res = TEST_RES_CHECK(1);
-#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB */
-    return res;
+#endif /* OPENSSL_EXTRA && !NO_WOLFSSL_STUB && (!NO_WOLFSSL_CLIENT ||
+        * !NO_WOLFSSL_SERVER) */
+    return EXPECT_RESULT();
 }
 
 static int test_CONF_modules_xxx(void)
@@ -61376,18 +60811,12 @@ static int test_CONF_modules_xxx(void)
     int res = TEST_SKIPPED;
 #if defined(OPENSSL_EXTRA)
     CONF_modules_free();
-    AssertTrue(1);   /* to confirm previous call gives no harm */
 
     CONF_modules_unload(0);
-    AssertTrue(1);
-
     CONF_modules_unload(1);
-    AssertTrue(1);
-
     CONF_modules_unload(-1);
-    AssertTrue(1);
 
-    res = TEST_RES_CHECK(1);
+    res = TEST_SUCCESS;
 #endif /* OPENSSL_EXTRA */
     return res;
 }
@@ -61413,40 +60842,36 @@ static int test_CRYPTO_set_dynlock_xxx(void)
     CRYPTO_set_dynlock_lock_callback(
         (void (*)(int, struct CRYPTO_dynlock_value *, const char*, int))1);
 
-    AssertTrue(1);   /* to confirm previous call gives no harm */
-
-    res = TEST_RES_CHECK(1);
+    res = TEST_SUCCESS;
 #endif /* OPENSSL_EXTRA */
     return res;
 }
 static int test_CRYPTO_THREADID_xxx(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
     CRYPTO_THREADID_current((CRYPTO_THREADID*)NULL);
     CRYPTO_THREADID_current((CRYPTO_THREADID*)1);
-    AssertIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0);
-
-    res = TEST_RES_CHECK(1);
+    ExpectIntEQ(CRYPTO_THREADID_hash((const CRYPTO_THREADID*)NULL), 0);
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_ENGINE_cleanup(void)
 {
     int res = TEST_SKIPPED;
 #if defined(OPENSSL_EXTRA)
     ENGINE_cleanup();
-    AssertTrue(1);   /* to confirm previous call gives no harm */
 
-    res = TEST_RES_CHECK(1);
+    res = TEST_SUCCESS;
 #endif /* OPENSSL_EXTRA */
     return res;
 }
 
 static int test_wolfSSL_CTX_LoadCRL(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM)
+    EXPECT_DECLS;
+#if defined(HAVE_CRL) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) && \
+    (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER))
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL* ssl = NULL;
     const char* badPath = "dummypath";
@@ -61455,22 +60880,37 @@ static int test_wolfSSL_CTX_LoadCRL(void)
     const char* issuerCert = "./certs/client-cert.pem";
     int derType = WOLFSSL_FILETYPE_ASN1;
     int pemType = WOLFSSL_FILETYPE_PEM;
+#ifdef HAVE_CRL_MONITOR
     int monitor = WOLFSSL_CRL_MONITOR;
+#else
+    int monitor = 0;
+#endif
     WOLFSSL_CERT_MANAGER* cm = NULL;
 
-    #define FAIL_T1(x, y, z, p, d) AssertIntEQ((int) x(y, z, p, d), \
+    #define FAIL_T1(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
                                                 BAD_FUNC_ARG)
-    #define SUCC_T(x, y, z, p, d) AssertIntEQ((int) x(y, z, p, d), \
+    #define FAIL_T2(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
+                                                NOT_COMPILED_IN)
+    #define SUCC_T(x, y, z, p, d) ExpectIntEQ((int) x(y, z, p, d), \
                                                 WOLFSSL_SUCCESS)
-
-    FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
-
 #ifndef NO_WOLFSSL_CLIENT
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    #define NEW_CTX(ctx) ExpectNotNull( \
+            (ctx) = wolfSSL_CTX_new(wolfSSLv23_client_method()))
 #elif !defined(NO_WOLFSSL_SERVER)
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    #define NEW_CTX(ctx) ExpectNotNull( \
+            (ctx) = wolfSSL_CTX_new(wolfSSLv23_server_method()))
 #else
-    return;
+    #define NEW_CTX(ctx) return
+#endif
+
+    FAIL_T1(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
+
+    NEW_CTX(ctx);
+
+#ifndef HAVE_CRL_MONITOR
+    FAIL_T2(wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, WOLFSSL_CRL_MONITOR);
+    wolfSSL_CTX_free(ctx);
+    NEW_CTX(ctx);
 #endif
 
     SUCC_T (wolfSSL_CTX_LoadCRL, ctx, validPath, pemType, monitor);
@@ -61478,49 +60918,81 @@ static int test_wolfSSL_CTX_LoadCRL(void)
     SUCC_T (wolfSSL_CTX_LoadCRL, ctx, badPath, derType, monitor);
 
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
-#ifndef NO_WOLFSSL_CLIENT
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-#elif !defined(NO_WOLFSSL_SERVER)
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
-#else
-    return;
-#endif
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
+    NEW_CTX(ctx);
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
             WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, validFilePath, pemType), WOLFSSL_SUCCESS);
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
-#ifndef NO_WOLFSSL_CLIENT
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
-#elif !defined(NO_WOLFSSL_SERVER)
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
-#else
-    return;
-#endif
-    AssertIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
+    NEW_CTX(ctx);
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx, issuerCert, NULL),
             WOLFSSL_SUCCESS);
-    AssertNotNull(ssl = wolfSSL_new(ctx));
-    AssertIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS);
+    ExpectNotNull(ssl = wolfSSL_new(ctx));
+    ExpectIntEQ(wolfSSL_LoadCRLFile(ssl, validFilePath, pemType), WOLFSSL_SUCCESS);
     wolfSSL_free(ssl);
+    ssl = NULL;
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
-    AssertNotNull(cm = wolfSSL_CertManagerNew());
-    AssertIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
-            WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType), WOLFSSL_SUCCESS);
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntEQ(wolfSSL_CertManagerLoadCA(cm, issuerCert, NULL),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CertManagerLoadCRLFile(cm, validFilePath, pemType),
+        WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
+#endif
+    return EXPECT_RESULT();
+}
 
-    res = TEST_RES_CHECK(1);
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+static int test_multiple_crls_same_issuer_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, NULL);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx, "./certs/crl/crl.pem",
+        WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
+}
 #endif
-    return res;
+
+static int test_multiple_crls_same_issuer(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && defined(HAVE_CRL)
+    test_ssl_cbf client_cbs, server_cbs;
+    struct {
+        const char* server_cert;
+        const char* server_key;
+    } test_params[] = {
+        { "./certs/server-cert.pem", "./certs/server-key.pem" },
+        { "./certs/server-revoked-cert.pem", "./certs/server-revoked-key.pem" }
+    };
+    size_t i;
+
+    for (i = 0; i < (sizeof(test_params)/sizeof(*test_params)); i++) {
+        XMEMSET(&client_cbs, 0, sizeof(client_cbs));
+        XMEMSET(&server_cbs, 0, sizeof(server_cbs));
+
+        server_cbs.certPemFile = test_params[i].server_cert;
+        server_cbs.keyPemFile = test_params[i].server_key;
+        client_cbs.crlPemFile = "./certs/crl/extra-crls/general-server-crl.pem";
+
+        client_cbs.ctx_ready = test_multiple_crls_same_issuer_ctx_ready;
+
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbs,
+            &server_cbs, NULL), TEST_FAIL);
+    }
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_SetTmpEC_DHE_Sz(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
     EXPECT_DECLS;
+#if defined(HAVE_ECC) && !defined(NO_WOLFSSL_CLIENT)
     WOLFSSL_CTX *ctx = NULL;
     WOLFSSL *ssl = NULL;
 
@@ -61531,18 +61003,15 @@ static int test_SetTmpEC_DHE_Sz(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_get0_privatekey(void)
 {
-    int res = TEST_SKIPPED;
-#ifdef OPENSSL_ALL
     EXPECT_DECLS;
+#ifdef OPENSSL_ALL
     WOLFSSL_CTX* ctx = NULL;
 
     (void)ctx;
@@ -61570,19 +61039,17 @@ static int test_wolfSSL_CTX_get0_privatekey(void)
     ExpectNotNull(SSL_CTX_get0_privatekey(ctx));
     wolfSSL_CTX_free(ctx);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_dtls_set_mtu(void)
 {
-    int res = TEST_SKIPPED;
-#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
-    !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS)
     EXPECT_DECLS;
+#if (defined(WOLFSSL_DTLS_MTU) || defined(WOLFSSL_SCTP)) && \
+    !defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_DTLS) && \
+    !defined(WOLFSSL_NO_TLS12)
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL*     ssl = NULL;
     const char* testCertFile;
@@ -61614,15 +61081,13 @@ static int test_wolfSSL_dtls_set_mtu(void)
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
-    defined(WOLFSSL_DTLS)
+    defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
 
 static WC_INLINE void generateDTLSMsg(byte* out, int outSz, word32 seq,
         enum HandShakeType hsType, word16 length)
@@ -61742,7 +61207,7 @@ static int test_wolfSSL_dtls_plaintext(void) {
 #endif
 
 #if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(SINGLE_THREADED) && \
-    defined(WOLFSSL_DTLS)
+    defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12)
 
 static void test_wolfSSL_dtls12_fragments_spammer(WOLFSSL* ssl)
 {
@@ -61854,6 +61319,7 @@ static void test_wolfSSL_dtls13_fragments_spammer(WOLFSSL* ssl)
 
 static int test_wolfSSL_dtls_fragments(void)
 {
+    EXPECT_DECLS;
     callback_functions func_cb_client;
     callback_functions func_cb_server;
     size_t i;
@@ -61862,8 +61328,10 @@ static int test_wolfSSL_dtls_fragments(void)
         method_provider server_meth;
         ssl_callback spammer;
     } params[] = {
+#if !defined(WOLFSSL_NO_TLS12)
         {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
                 test_wolfSSL_dtls12_fragments_spammer},
+#endif
 #ifdef WOLFSSL_DTLS13
         {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
                 test_wolfSSL_dtls13_fragments_spammer},
@@ -61874,7 +61342,6 @@ static int test_wolfSSL_dtls_fragments(void)
         XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
         XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
 
-
         func_cb_client.doUdp = func_cb_server.doUdp = 1;
         func_cb_server.method = params[i].server_meth;
         func_cb_client.method = params[i].client_meth;
@@ -61882,22 +61349,25 @@ static int test_wolfSSL_dtls_fragments(void)
 
         test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
 
-        AssertFalse(func_cb_client.return_code);
-        AssertFalse(func_cb_server.return_code);
+        ExpectFalse(func_cb_client.return_code);
+        ExpectFalse(func_cb_server.return_code);
 
         /* The socket should be closed by the server resulting in a
          * socket error, fatal error or reading a close notify alert */
         if (func_cb_client.last_err != SOCKET_ERROR_E &&
                 func_cb_client.last_err != WOLFSSL_ERROR_ZERO_RETURN &&
                 func_cb_client.last_err != FATAL_ERROR) {
-            AssertIntEQ(func_cb_client.last_err, SOCKET_ERROR_E);
+            ExpectIntEQ(func_cb_client.last_err, SOCKET_ERROR_E);
         }
         /* Check the server returned an error indicating the msg buffer
          * was full */
-        AssertIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E);
+        ExpectIntEQ(func_cb_server.last_err, DTLS_TOO_MANY_FRAGMENTS_E);
+
+        if (EXPECT_FAIL())
+            break;
     }
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 
 static void test_wolfSSL_dtls_send_alert(WOLFSSL* ssl)
@@ -61926,10 +61396,15 @@ static int _test_wolfSSL_ignore_alert_before_cookie(byte version12)
     XMEMSET(&server_cbs, 0, sizeof(server_cbs));
     client_cbs.doUdp = server_cbs.doUdp = 1;
     if (version12) {
+#if !defined(WOLFSSL_NO_TLS12)
         client_cbs.method = wolfDTLSv1_2_client_method;
         server_cbs.method = wolfDTLSv1_2_server_method;
+#else
+        return TEST_SKIPPED;
+#endif
     }
-    else {
+    else
+    {
 #ifdef WOLFSSL_DTLS13
         client_cbs.method = wolfDTLSv1_3_client_method;
         server_cbs.method = wolfDTLSv1_3_server_method;
@@ -62022,17 +61497,18 @@ static int _test_wolfSSL_dtls_bad_record(
 
 static int test_wolfSSL_dtls_bad_record(void)
 {
-    int ret;
+    int ret = TEST_SUCCESS;
+#if !defined(WOLFSSL_NO_TLS12)
     ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_2_client_method,
         wolfDTLSv1_2_server_method);
+#endif
 #ifdef WOLFSSL_DTLS13
-    if (ret != TEST_SUCCESS)
-        return ret;
-    return _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method,
+    if (ret == TEST_SUCCESS) {
+        ret = _test_wolfSSL_dtls_bad_record(wolfDTLSv1_3_client_method,
         wolfDTLSv1_3_server_method);
-#else
-    return ret;
+    }
 #endif /* WOLFSSL_DTLS13 */
+    return ret;
 
 }
 
@@ -62414,6 +61890,7 @@ static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(const WOLFSSL* ssl)
     sslCopy.buffers.outputBuffer.offset = 0;
     sslCopy.error = 0;
     sslCopy.curSize = 0;
+    sslCopy.curStartIdx = 0;
     sslCopy.keys.curSeq_lo = 0;
     XMEMSET(&sslCopy.curRL, 0, sizeof(sslCopy.curRL));
 #ifdef WOLFSSL_DTLS13
@@ -62517,8 +61994,10 @@ static int test_wolfSSL_dtls_stateless(void)
         ssl_callback client_ssl_ready;
         ssl_callback server_ssl_ready;
     } test_params[] = {
+#if !defined(WOLFSSL_NO_TLS12)
         {wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method,
                 test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_compare_stateless},
+#endif
 #if defined(WOLFSSL_DTLS13) && defined(WOLFSSL_SEND_HRR_COOKIE)
         {wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method,
                 test_wolfSSL_dtls_send_ch, test_wolfSSL_dtls_enable_hrrcookie},
@@ -62527,6 +62006,10 @@ static int test_wolfSSL_dtls_stateless(void)
 #endif
     };
 
+    if (0 == sizeof(test_params)){
+        return TEST_SKIPPED;
+    }
+
     for (i = 0; i < sizeof(test_params)/sizeof(*test_params); i++) {
         XMEMSET(&client_cbs, 0, sizeof(client_cbs));
         XMEMSET(&server_cbs, 0, sizeof(server_cbs));
@@ -62598,7 +62081,7 @@ static int verify_cert_with_cm(WOLFSSL_CERT_MANAGER* cm, char* certA)
 
 #define VERIFY_ONE_CERT(a, b, c, d)                     \
                     do {                                \
-                        (a) = verify_cert_with_cm(c, d); \
+                        (a) = verify_cert_with_cm(c, d);\
                         if ((a) != 0)                   \
                             return (b);                 \
                         else                            \
@@ -62637,8 +62120,8 @@ static int test_chainG(WOLFSSL_CERT_MANAGER* cm)
     VERIFY_ONE_CERT(ret, i, cm, chainGArr[7]); /* if failure, i = -15 here */
     VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -16 here */
 
-/* test validating the entity twice, should have no effect on pathLen since
- * entity/leaf cert */
+    /* test validating the entity twice, should have no effect on pathLen since
+     * entity/leaf cert */
     VERIFY_ONE_CERT(ret, i, cm, chainGArr[8]); /* if failure, i = -17 here */
 
     return ret;
@@ -62737,87 +62220,58 @@ static int test_chainJ(WOLFSSL_CERT_MANAGER* cm)
 
 static int test_various_pathlen_chains(void)
 {
-    int ret;
-    WOLFSSL_CERT_MANAGER* cm;
+    EXPECT_DECLS;
+    WOLFSSL_CERT_MANAGER* cm = NULL;
 
     /* Test chain G (large chain with varying pathLens) */
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
-    AssertIntEQ(test_chainG(cm), -1);
+    ExpectIntEQ(test_chainG(cm), -1);
 #else
-    AssertIntEQ(test_chainG(cm), 0);
+    ExpectIntEQ(test_chainG(cm), 0);
 #endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
-    ret = wolfSSL_CertManagerUnloadCAs(cm);
-    if (ret != WOLFSSL_SUCCESS)
-        return -1;
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
     /* end test chain G */
 
     /* Test chain H (5 chain with same pathLens) */
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
-    AssertIntLT(test_chainH(cm), 0);
-
-    wolfSSL_CertManagerUnloadCAs(cm);
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntLT(test_chainH(cm), 0);
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
 
-    ret = wolfSSL_CertManagerUnloadCAs(cm);
-    if (ret != WOLFSSL_SUCCESS)
-        return -1;
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
     /* end test chain H */
 
     /* Test chain I (only first ICA has pathLen set and it's set to 2,
      * followed by 2 ICA's, should pass) */
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
 #if defined(NO_WOLFSSL_CLIENT) && defined(NO_WOLFSSL_SERVER)
-    AssertIntEQ(test_chainI(cm), -1);
+    ExpectIntEQ(test_chainI(cm), -1);
 #else
-    AssertIntEQ(test_chainI(cm), 0);
+    ExpectIntEQ(test_chainI(cm), 0);
 #endif /* NO_WOLFSSL_CLIENT && NO_WOLFSSL_SERVER */
-    wolfSSL_CertManagerUnloadCAs(cm);
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
 
-    ret = wolfSSL_CertManagerUnloadCAs(cm);
-    if (ret != WOLFSSL_SUCCESS)
-        return -1;
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
 
     /* Test chain J (Again only first ICA has pathLen set and it's set to 2,
      * this time followed by 3 ICA's, should fail */
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
-    AssertIntLT(test_chainJ(cm), 0);
-
-    wolfSSL_CertManagerUnloadCAs(cm);
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntLT(test_chainJ(cm), 0);
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
-    if ((cm = wolfSSL_CertManagerNew()) == NULL) {
-        fprintf(stderr, "cert manager new failed\n");
-        return -1;
-    }
 
-    ret = wolfSSL_CertManagerUnloadCAs(cm);
+    ExpectNotNull(cm = wolfSSL_CertManagerNew());
+    ExpectIntEQ(wolfSSL_CertManagerUnloadCAs(cm), WOLFSSL_SUCCESS);
     wolfSSL_CertManagerFree(cm);
 
-    return TEST_RES_CHECK(ret == WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
 }
 #endif /* !NO_RSA && !NO_SHA && !NO_FILESYSTEM && !NO_CERTS */
 
@@ -62829,7 +62283,7 @@ static int test_export_keying_material_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
 
     (void)ctx;
 
-    /* Succes Cases */
+    /* Success Cases */
     ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
             "Test label", XSTR_SIZEOF("Test label"), NULL, 0, 0), 1);
     ExpectIntEQ(wolfSSL_export_keying_material(ssl, ekm, sizeof(ekm),
@@ -62878,9 +62332,8 @@ static int test_export_keying_material(void)
 
 static int test_wolfSSL_THREADID_hash(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     CRYPTO_THREADID id;
 
     CRYPTO_THREADID_current(NULL);
@@ -62888,32 +62341,28 @@ static int test_wolfSSL_THREADID_hash(void)
     ExpectTrue(CRYPTO_THREADID_hash(NULL) == 0UL);
     XMEMSET(&id, 0, sizeof(id));
     ExpectTrue(CRYPTO_THREADID_hash(&id) == 0UL);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_CTX_set_ecdh_auto(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA)
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA)
     WOLFSSL_CTX* ctx = NULL;
 
     ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,0), 1);
     ExpectIntEQ(SSL_CTX_set_ecdh_auto(NULL,1), 1);
     ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,0), 1);
     ExpectIntEQ(SSL_CTX_set_ecdh_auto(ctx,1), 1);
-
-    res = EXPECT_RESULT();
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
     defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
 static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
 {
+    EXPECT_DECLS;
     callback_functions* callbacks = NULL;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL*     ssl = NULL;
@@ -62923,10 +62372,11 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
     char msg[] = "I hear you fa shizzle!";
     int  len   = (int) XSTRLEN(msg);
     char input[1024];
-    int  ret, err;
+    int  ret;
+    int  err = 0;
 
     if (!args)
-        return 0;
+        WOLFSSL_RETURN_FROM_THREAD(0);
 
     ((func_args*)args)->return_code = TEST_FAIL;
 
@@ -62944,19 +62394,17 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
     fdOpenSession(Task_self());
 #endif
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
+        caCertFile, 0));
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
-                                        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
+        svrCertFile, WOLFSSL_FILETYPE_PEM));
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-        wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
-                                        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
+        svrKeyFile, WOLFSSL_FILETYPE_PEM));
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_DH)
-    AssertIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
+    ExpectIntEQ(wolfSSL_CTX_SetTmpDH_file(ctx, dhParamFile,
             WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
 #elif !defined(NO_DH)
     SetDHCtx(ctx);  /* will repick suites with DHE, higher priority than PSK */
@@ -62966,37 +62414,33 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
         callbacks->ctx_ready(ctx);
 
     ssl = wolfSSL_new(ctx);
-    AssertNotNull(ssl);
+    ExpectNotNull(ssl);
 
     /* listen and accept */
     tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0, 0, 0, 1, 0, 0);
     CloseSocket(sfd);
 
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, cfd));
 
     if (callbacks->ssl_ready)
         callbacks->ssl_ready(ssl);
 
-    do {
-        err = 0; /* Reset error */
-        ret = wolfSSL_accept(ssl);
-        if (ret != WOLFSSL_SUCCESS) {
-            err = wolfSSL_get_error(ssl, 0);
-        }
-    } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
-
-    if (ret != WOLFSSL_SUCCESS) {
-        wolfSSL_free(ssl);
-        wolfSSL_CTX_free(ctx);
-        CloseSocket(cfd);
-        ((func_args*)args)->return_code = TEST_FAIL;
-        return 0;
+    if (EXPECT_SUCCESS()) {
+        do {
+            err = 0; /* Reset error */
+            ret = wolfSSL_accept(ssl);
+            if (ret != WOLFSSL_SUCCESS) {
+                err = wolfSSL_get_error(ssl, 0);
+            }
+        } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
     }
 
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
+
     /* read and write data */
-    XMEMSET( input, 0, sizeof(input));
+    XMEMSET(input, 0, sizeof(input));
 
-    while (1) {
+    while (EXPECT_SUCCESS()) {
         ret = wolfSSL_read(ssl, input, sizeof(input));
         if (ret > 0) {
             break;
@@ -63010,7 +62454,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
         }
     }
 
-    if (err == WOLFSSL_ERROR_ZERO_RETURN) {
+    if (EXPECT_SUCCESS() && (err == WOLFSSL_ERROR_ZERO_RETURN)) {
         do {
             ret = wolfSSL_write(ssl, msg, len);
             if (ret > 0) {
@@ -63020,21 +62464,27 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
     }
 
     /* bidirectional shutdown */
-    while (wolfSSL_shutdown(ssl) != WOLFSSL_SUCCESS) {
-        continue;
+    while (EXPECT_SUCCESS()) {
+        ret = wolfSSL_shutdown(ssl);
+        ExpectIntNE(ret, WOLFSSL_FATAL_ERROR);
+        if (ret == WOLFSSL_SUCCESS) {
+            break;
+        }
     }
 
-    /* wait for the peer to disconnect the tcp connection */
-    do {
-        ret = wolfSSL_read(ssl, input, sizeof(input));
-        err = wolfSSL_get_error(ssl, ret);
-    } while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN);
+    if (EXPECT_SUCCESS()) {
+        /* wait for the peer to disconnect the tcp connection */
+        do {
+            ret = wolfSSL_read(ssl, input, sizeof(input));
+            err = wolfSSL_get_error(ssl, ret);
+        } while (ret > 0 || err != WOLFSSL_ERROR_ZERO_RETURN);
+    }
 
     /* detect TCP disconnect */
-    AssertIntLE(ret,WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN);
+    ExpectIntLE(ret,WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_get_error(ssl, ret), WOLFSSL_ERROR_ZERO_RETURN);
 
-    ((func_args*)args)->return_code = TEST_SUCCESS;
+    ((func_args*)args)->return_code = EXPECT_RESULT();
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
@@ -63042,10 +62492,11 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_server_thread(void* args)
 #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
-    return 0;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
 {
+    EXPECT_DECLS;
     callback_functions* callbacks = NULL;
     WOLFSSL_CTX* ctx = NULL;
     WOLFSSL*     ssl = NULL;
@@ -63057,7 +62508,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
     int  ret, err;
 
     if (!args)
-        return 0;
+        WOLFSSL_RETURN_FROM_THREAD(0);
 
     ((func_args*)args)->return_code = TEST_FAIL;
     callbacks   = ((func_args*)args)->callbacks;
@@ -63067,44 +62518,48 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
     fdOpenSession(Task_self());
 #endif
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-                wolfSSL_CTX_load_verify_locations(ctx, caCertFile, 0));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_load_verify_locations(ctx,
+        caCertFile, 0));
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-                wolfSSL_CTX_use_certificate_file(ctx, cliCertFile,
-                WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_certificate_file(ctx,
+        cliCertFile, WOLFSSL_FILETYPE_PEM));
 
-    AssertIntEQ(WOLFSSL_SUCCESS,
-                wolfSSL_CTX_use_PrivateKey_file(ctx, cliKeyFile,
-                WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_use_PrivateKey_file(ctx,
+        cliKeyFile, WOLFSSL_FILETYPE_PEM));
 
-    AssertNotNull((ssl = wolfSSL_new(ctx)));
+    ExpectNotNull((ssl = wolfSSL_new(ctx)));
 
     tcp_connect(&sfd, wolfSSLIP, ((func_args*)args)->signal->port, 0, 0, ssl);
 
-    AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
+    ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_set_fd(ssl, sfd));
 
-    do {
-        err = 0; /* Reset error */
-        ret = wolfSSL_connect(ssl);
-        if (ret != WOLFSSL_SUCCESS) {
-            err = wolfSSL_get_error(ssl, 0);
-        }
-    } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
+    if (EXPECT_SUCCESS()) {
+        do {
+            err = 0; /* Reset error */
+            ret = wolfSSL_connect(ssl);
+            if (ret != WOLFSSL_SUCCESS) {
+                err = wolfSSL_get_error(ssl, 0);
+            }
+        } while (ret != WOLFSSL_SUCCESS && err == WC_PENDING_E);
+    }
 
-    AssertIntGE(wolfSSL_write(ssl, msg, len), 0);
+    ExpectIntGE(wolfSSL_write(ssl, msg, len), 0);
 
-    if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
-        input[idx] = 0;
+    if (EXPECT_SUCCESS()) {
+        if (0 < (idx = wolfSSL_read(ssl, input, sizeof(input)-1))) {
+            input[idx] = 0;
+        }
     }
 
-    ret = wolfSSL_shutdown(ssl);
-    if ( ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
+    if (EXPECT_SUCCESS()) {
         ret = wolfSSL_shutdown(ssl);
+        if (ret == WOLFSSL_SHUTDOWN_NOT_DONE) {
+            ret = wolfSSL_shutdown(ssl);
+        }
     }
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
 
-    ((func_args*)args)->return_code = TEST_SUCCESS;
+    ((func_args*)args)->return_code = EXPECT_RESULT();
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx);
@@ -63112,7 +62567,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
 #if defined(HAVE_ECC) && defined(FP_ECC) && defined(HAVE_THREAD_LS)
     wc_ecc_fp_free();  /* free per thread cache */
 #endif
-    return 0;
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 #endif /* OPENSSL_EXTRA && WOLFSSL_ERROR_CODE_OPENSSL &&
           HAVE_IO_TESTS_DEPENDENCIES && !WOLFSSL_NO_TLS12 */
@@ -63122,7 +62577,7 @@ static THREAD_RETURN WOLFSSL_THREAD SSL_read_test_client_thread(void* args)
  */
 static int test_wolfSSL_read_detect_TCP_disconnect(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_ERROR_CODE_OPENSSL) && \
     defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
     tcp_ready ready;
@@ -63168,71 +62623,75 @@ static int test_wolfSSL_read_detect_TCP_disconnect(void)
     join_thread(clientThread);
     join_thread(serverThread);
 
-    AssertTrue(client_args.return_code);
-    AssertTrue(server_args.return_code);
+    ExpectTrue(client_args.return_code);
+    ExpectTrue(server_args.return_code);
 
     FreeTcpReady(&ready);
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_CTX_get_min_proto_version(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)
-    WOLFSSL_CTX *ctx;
-
-    (void)ctx;
+    WOLFSSL_CTX *ctx = NULL;
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
-    AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION), WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+    ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, SSL3_VERSION),
+        WOLFSSL_SUCCESS);
     #ifdef WOLFSSL_ALLOW_SSLV3
-        AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
+        ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
     #else
-        AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
+        ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), SSL3_VERSION);
     #endif
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
     #ifdef WOLFSSL_ALLOW_TLSV10
-        AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method()));
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_method()));
     #else
-        AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
     #endif
-    AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_VERSION),
+        WOLFSSL_SUCCESS);
     #ifdef WOLFSSL_ALLOW_TLSV10
-        AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
+        ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
     #else
-        AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
+        ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_VERSION);
     #endif
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
-    AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION), WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_method()));
+    ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_1_VERSION),
+        WOLFSSL_SUCCESS);
     #ifndef NO_OLD_TLS
-        AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
+        ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
     #else
-        AssertIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
+        ExpectIntGT(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_1_VERSION);
     #endif
     wolfSSL_CTX_free(ctx);
+    ctx = NULL;
 
     #ifndef WOLFSSL_NO_TLS12
-        AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method()));
-        AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION), WOLFSSL_SUCCESS);
-        AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_method()));
+        ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_2_VERSION),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION);
         wolfSSL_CTX_free(ctx);
+        ctx = NULL;
     #endif
 
     #ifdef WOLFSSL_TLS13
-        AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method()));
-        AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION), WOLFSSL_SUCCESS);
-        AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION);
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_method()));
+        ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx, TLS1_3_VERSION),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx), TLS1_3_VERSION);
         wolfSSL_CTX_free(ctx);
+        ctx = NULL;
     #endif
-
-    res = TEST_RES_CHECK(1);
 #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
@@ -63241,82 +62700,85 @@ static int test_wolfSSL_CTX_get_min_proto_version(void)
     defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
 static int test_wolfSSL_set_SSL_CTX(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL)) \
     && !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_TLS13) && \
     !defined(NO_RSA)
-    WOLFSSL_CTX *ctx1, *ctx2;
-    WOLFSSL *ssl;
+    WOLFSSL_CTX *ctx1 = NULL;
+    WOLFSSL_CTX *ctx2 = NULL;
+    WOLFSSL *ssl = NULL;
     const byte *session_id1 = (const byte *)"CTX1";
     const byte *session_id2 = (const byte *)"CTX2";
 
-    AssertNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method()));
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile,
-                                                WOLFSSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile,
-                                               WOLFSSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION);
-    AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION);
-    AssertIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4),
-                WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx1 = wolfSSL_CTX_new(wolfTLS_server_method()));
+    ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx1, svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx1, svrKeyFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx1, TLS1_2_VERSION),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx1), TLS1_2_VERSION);
+    ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx1), TLS1_3_VERSION);
+    ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx1, session_id1, 4),
+        WOLFSSL_SUCCESS);
 
-    AssertNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method()));
-    AssertTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile,
-                                                WOLFSSL_FILETYPE_PEM));
-    AssertTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile,
-                                               WOLFSSL_FILETYPE_PEM));
-    AssertIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION),
-                WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION);
-    AssertIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION);
-    AssertIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4),
-                WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx2 = wolfSSL_CTX_new(wolfTLS_server_method()));
+    ExpectTrue(wolfSSL_CTX_use_certificate_file(ctx2, svrCertFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectTrue(wolfSSL_CTX_use_PrivateKey_file(ctx2, svrKeyFile,
+        WOLFSSL_FILETYPE_PEM));
+    ExpectIntEQ(wolfSSL_CTX_set_min_proto_version(ctx2, TLS1_2_VERSION),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_set_max_proto_version(ctx2, TLS1_2_VERSION),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_get_min_proto_version(ctx2), TLS1_2_VERSION);
+    ExpectIntEQ(wolfSSL_CTX_get_max_proto_version(ctx2), TLS1_2_VERSION);
+    ExpectIntEQ(wolfSSL_CTX_set_session_id_context(ctx2, session_id2, 4),
+        WOLFSSL_SUCCESS);
 
 #ifdef HAVE_SESSION_TICKET
-    AssertIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0);
+    ExpectIntEQ((wolfSSL_CTX_get_options(ctx1) & SSL_OP_NO_TICKET), 0);
     wolfSSL_CTX_set_options(ctx2, SSL_OP_NO_TICKET);
-    AssertIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0);
+    ExpectIntNE((wolfSSL_CTX_get_options(ctx2) & SSL_OP_NO_TICKET), 0);
 #endif
 
-    AssertNotNull(ssl = wolfSSL_new(ctx2));
-    AssertIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
+    ExpectNotNull(ssl = wolfSSL_new(ctx2));
+    ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
 #ifdef WOLFSSL_INT_H
-    AssertIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
-    AssertTrue(ssl->buffers.certificate == ctx2->certificate);
-    AssertTrue(ssl->buffers.certChain == ctx2->certChain);
+#ifdef WOLFSSL_SESSION_ID_CTX
+    ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id2, 4), 0);
+#endif
+    ExpectTrue(ssl->buffers.certificate == ctx2->certificate);
+    ExpectTrue(ssl->buffers.certChain == ctx2->certChain);
 #endif
 
 #ifdef HAVE_SESSION_TICKET
-    AssertIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
+    ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
 #endif
 
     /* Set the ctx1 that has TLSv1.3 as max proto version */
-    AssertNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1));
+    ExpectNotNull(wolfSSL_set_SSL_CTX(ssl, ctx1));
 
     /* MUST not change proto versions of ssl */
-    AssertIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
+    ExpectIntNE((wolfSSL_get_options(ssl) & WOLFSSL_OP_NO_TLSv1_3), 0);
 #ifdef HAVE_SESSION_TICKET
     /* MUST not change */
-    AssertIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
+    ExpectIntNE((wolfSSL_get_options(ssl) & SSL_OP_NO_TICKET), 0);
 #endif
     /* MUST change */
 #ifdef WOLFSSL_INT_H
-    AssertTrue(ssl->buffers.certificate == ctx1->certificate);
-    AssertTrue(ssl->buffers.certChain == ctx1->certChain);
-    AssertIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
+    ExpectTrue(ssl->buffers.certificate == ctx1->certificate);
+    ExpectTrue(ssl->buffers.certChain == ctx1->certChain);
+#ifdef WOLFSSL_SESSION_ID_CTX
+    ExpectIntEQ(XMEMCMP(ssl->sessionCtx, session_id1, 4), 0);
+#endif
 #endif
 
     wolfSSL_free(ssl);
     wolfSSL_CTX_free(ctx1);
     wolfSSL_CTX_free(ctx2);
-
-    res = TEST_RES_CHECK(1);
 #endif /* defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) */
-    return res;
+    return EXPECT_RESULT();
 }
 #endif /* defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
     (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
@@ -63325,160 +62787,150 @@ static int test_wolfSSL_set_SSL_CTX(void)
 
 static int test_wolfSSL_security_level(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
-    SSL_CTX *ctx;
+    SSL_CTX *ctx = NULL;
 
     #ifdef WOLFSSL_TLS13
         #ifdef NO_WOLFSSL_SERVER
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+            ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
         #else
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+            ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
         #endif
+        SSL_CTX_set_security_level(NULL, 1);
         SSL_CTX_set_security_level(ctx, 1);
-        AssertTrue(1);
-
-        AssertIntEQ(SSL_CTX_get_security_level(ctx), 0);
+        ExpectIntEQ(SSL_CTX_get_security_level(NULL), 0);
+        /* Stub so nothing happens. */
+        ExpectIntEQ(SSL_CTX_get_security_level(ctx), 0);
 
         SSL_CTX_free(ctx);
     #else
         (void)ctx;
     #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_SSL_in_init(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_BIO)
-    SSL_CTX* ctx;
-    SSL*     ssl;
+    SSL_CTX* ctx = NULL;
+    SSL*     ssl = NULL;
     const char* testCertFile;
     const char* testKeyFile;
 
-    #ifdef WOLFSSL_TLS13
-        #ifdef NO_WOLFSSL_SERVER
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
-        #else
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
-        #endif
+#ifdef WOLFSSL_TLS13
+    #ifdef NO_WOLFSSL_SERVER
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+    #else
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+    #endif
+#else
+    #ifdef NO_WOLFSSL_SERVER
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    #else
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    #endif
+#endif
 #ifndef NO_RSA
-        testCertFile = svrCertFile;
-        testKeyFile = svrKeyFile;
+    testCertFile = svrCertFile;
+    testKeyFile = svrKeyFile;
 #elif defined(HAVE_ECC)
-        testCertFile = eccCertFile;
-        testKeyFile = eccKeyFile;
+    testCertFile = eccCertFile;
+    testKeyFile = eccKeyFile;
 #else
-        testCertFile = NULL;
-        testKeyFile = NULL;
+    testCertFile = NULL;
+    testKeyFile = NULL;
 #endif
-        if  (testCertFile != NULL && testKeyFile != NULL) {
-            AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
-                                                    SSL_FILETYPE_PEM));
-            AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
-                                                    SSL_FILETYPE_PEM));
-        }
-
-        ssl = SSL_new(ctx);
-        AssertNotNull(ssl);
-        AssertIntEQ(SSL_in_init(ssl), 1);
+    if ((testCertFile != NULL) && (testKeyFile != NULL)) {
+        ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
+            SSL_FILETYPE_PEM));
+        ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
+            SSL_FILETYPE_PEM));
+    }
 
-        SSL_CTX_free(ctx);
-        SSL_free(ssl);
-    #else
-        (void)ctx;
-        (void)ssl;
-        (void)testCertFile;
-        (void)testKeyFile;
-    #endif
+    ExpectNotNull(ssl = SSL_new(ctx));
+    ExpectIntEQ(SSL_in_init(ssl), 1);
 
-    res = TEST_RES_CHECK(1);
+    SSL_CTX_free(ctx);
+    SSL_free(ssl);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CTX_set_timeout(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_SESSION_CACHE)
     int timeout;
-
-    WOLFSSL_CTX* ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
+    WOLFSSL_CTX* ctx = NULL;
 
     (void)timeout;
 
-    AssertNotNull(ctx);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
 
 #if defined(WOLFSSL_ERROR_CODE_OPENSSL)
     /* in WOLFSSL_ERROR_CODE_OPENSSL macro guard,
      * wolfSSL_CTX_set_timeout returns previous timeout value on success.
      */
-    AssertIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
     /* giving 0 as timeout value sets default timeout */
     timeout = wolfSSL_CTX_set_timeout(ctx, 0);
-    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout);
-    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20);
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 20), timeout);
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 30), 20);
 
 #else
-
-    AssertIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
-    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1);
-    AssertIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1);
-
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(NULL, 0), BAD_FUNC_ARG);
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 100), 1);
+    ExpectIntEQ(wolfSSL_CTX_set_timeout(ctx, 0), 1);
 #endif
-    wolfSSL_CTX_free(ctx);
 
-    res = TEST_RES_CHECK(1);
+    wolfSSL_CTX_free(ctx);
 #endif /* !NO_WOLFSSL_SERVER && !NO_SESSION_CACHE*/
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_OpenSSL_version(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA)
     const char* ver;
 
-    #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-    AssertNotNull(ver = OpenSSL_version(0));
-    #else
-    AssertNotNull(ver = OpenSSL_version());
-    #endif
-    AssertIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING,
-            XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0);
-
-    res = TEST_RES_CHECK(1);
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
+    ExpectNotNull(ver = OpenSSL_version(0));
+#else
+    ExpectNotNull(ver = OpenSSL_version());
 #endif
-    return res;
+    ExpectIntEQ(XMEMCMP(ver, "wolfSSL " LIBWOLFSSL_VERSION_STRING,
+        XSTRLEN("wolfSSL " LIBWOLFSSL_VERSION_STRING)), 0);
+#endif
+    return EXPECT_RESULT();
 }
 
 static int test_CONF_CTX_CMDLINE(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL)
     SSL_CTX* ctx = NULL;
     SSL_CONF_CTX* cctx = NULL;
 
-    AssertNotNull(cctx = SSL_CONF_CTX_new());
+    ExpectNotNull(cctx = SSL_CONF_CTX_new());
 
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
     SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
-    AssertTrue(1);
 
     /* set flags */
-    AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE),
-                                            WOLFSSL_CONF_FLAG_CMDLINE);
-    AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
-                   WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE);
+    ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CMDLINE),
+        WOLFSSL_CONF_FLAG_CMDLINE);
+    ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
+        WOLFSSL_CONF_FLAG_CMDLINE | WOLFSSL_CONF_FLAG_CERTIFICATE);
     /* cmd invalid command */
-    AssertIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
-    AssertIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
-    AssertIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
-    AssertIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
 
     /* cmd Certificate and Private Key*/
     {
@@ -63486,12 +62938,11 @@ static int test_CONF_CTX_CMDLINE(void)
         const char*  ourCert = svrCertFile;
         const char*  ourKey  = svrKeyFile;
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert),
-                                                            WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-cert", ourCert), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-key", ourKey), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     #endif
     }
 
@@ -63500,9 +62951,9 @@ static int test_CONF_CTX_CMDLINE(void)
     #if defined(HAVE_ECC)
         const char* curve = "secp256r1";
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-curves", curve), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     #endif
     }
 
@@ -63510,9 +62961,9 @@ static int test_CONF_CTX_CMDLINE(void)
     {
         char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-cipher", cipher), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     }
 
     /* cmd DH parameter */
@@ -63520,45 +62971,41 @@ static int test_CONF_CTX_CMDLINE(void)
     #if !defined(NO_DH) && !defined(NO_BIO)
         const char* ourdhcert = "./certs/dh2048.pem";
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL),
-                                                        -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert),
-                                                        WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "-dhparam", ourdhcert), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
 
     #endif
     }
+
     SSL_CTX_free(ctx);
     SSL_CONF_CTX_free(cctx);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_CONF_CTX_FILE(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL)
     SSL_CTX* ctx = NULL;
     SSL_CONF_CTX* cctx = NULL;
 
-    AssertNotNull(cctx = SSL_CONF_CTX_new());
-    AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    ExpectNotNull(cctx = SSL_CONF_CTX_new());
+    ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
     SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
-    AssertTrue(1);
 
     /* set flags */
-    AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE),
-                                            WOLFSSL_CONF_FLAG_FILE);
-    AssertIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
-                    WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE);
+    ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_FILE),
+        WOLFSSL_CONF_FLAG_FILE);
+    ExpectIntEQ(SSL_CONF_CTX_set_flags(cctx, WOLFSSL_CONF_FLAG_CERTIFICATE),
+        WOLFSSL_CONF_FLAG_FILE | WOLFSSL_CONF_FLAG_CERTIFICATE);
     /* sanity check */
-    AssertIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
-    AssertIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
-    AssertIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
-    AssertIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
-    AssertIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", "foobar"), -2);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, "foo", NULL), -2);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(cctx, NULL, "foobar"), WOLFSSL_FAILURE);
+    ExpectIntEQ(SSL_CONF_cmd(NULL, "-curves", "foobar"), WOLFSSL_FAILURE);
 
     /* cmd Certificate and Private Key*/
     {
@@ -63566,13 +63013,13 @@ static int test_CONF_CTX_FILE(void)
         const char*  ourCert = svrCertFile;
         const char*  ourKey  = svrKeyFile;
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", NULL), -3);
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert),
-                                                            WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "Certificate", ourCert),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "PrivateKey", ourKey), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     #endif
     }
 
@@ -63581,9 +63028,9 @@ static int test_CONF_CTX_FILE(void)
     #if defined(HAVE_ECC)
         const char* curve = "secp256r1";
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "Curves", curve), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     #endif
     }
 
@@ -63591,9 +63038,10 @@ static int test_CONF_CTX_FILE(void)
     {
         char* cipher = wolfSSL_get_cipher_list(0/*top priority*/);
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher), WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "CipherString", cipher),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
     }
 
     /* cmd DH parameter */
@@ -63601,91 +63049,90 @@ static int test_CONF_CTX_FILE(void)
     #if !defined(NO_DH) && !defined(NO_BIO) && defined(HAVE_FFDHE_3072)
         const char* ourdhcert = "./certs/dh3072.pem";
 
-        AssertIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3);
-        AssertIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert),
-                                                        WOLFSSL_SUCCESS);
-        AssertIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", NULL), -3);
+        ExpectIntEQ(SSL_CONF_cmd(cctx, "DHParameters", ourdhcert),
+            WOLFSSL_SUCCESS);
+        ExpectIntEQ(SSL_CONF_CTX_finish(cctx), WOLFSSL_SUCCESS);
 
     #endif
     }
+
     SSL_CTX_free(ctx);
     SSL_CONF_CTX_free(cctx);
-
-    res = TEST_RES_CHECK(1);
 #endif /* OPENSSL_EXTRA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_CRYPTO_get_ex_new_index(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef HAVE_EX_DATA
     int idx1, idx2;
 
     /* test for unsupported class index */
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
-                                         0,NULL, NULL, NULL, NULL ), -1);
-    AssertIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20, 0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509_STORE,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(
+        WOLF_CRYPTO_EX_INDEX_X509_STORE_CTX,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DH,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DSA,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_EC_KEY,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_RSA,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_ENGINE,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_BIO,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_APP,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_UI_METHOD,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_DRBG,
+        0,NULL, NULL, NULL, NULL ), -1);
+    ExpectIntEQ(wolfSSL_CRYPTO_get_ex_new_index(20,
+        0,NULL, NULL, NULL, NULL ), -1);
 
     /* test for supported class index */
     idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
-                                         0,NULL, NULL, NULL, NULL );
+        0,NULL, NULL, NULL, NULL );
     idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL,
-                                         0,NULL, NULL, NULL, NULL );
-    AssertIntNE(idx1, -1);
-    AssertIntNE(idx2, -1);
-    AssertIntNE(idx1, idx2);
+        0,NULL, NULL, NULL, NULL );
+    ExpectIntNE(idx1, -1);
+    ExpectIntNE(idx2, -1);
+    ExpectIntNE(idx1, idx2);
 
     idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
-                                         0,NULL, NULL, NULL, NULL );
+        0,NULL, NULL, NULL, NULL );
     idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_CTX,
-                                         0,NULL, NULL, NULL, NULL );
-    AssertIntNE(idx1, -1);
-    AssertIntNE(idx2, -1);
-    AssertIntNE(idx1, idx2);
+        0,NULL, NULL, NULL, NULL );
+    ExpectIntNE(idx1, -1);
+    ExpectIntNE(idx2, -1);
+    ExpectIntNE(idx1, idx2);
 
     idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
-                                         0,NULL, NULL, NULL, NULL );
+        0,NULL, NULL, NULL, NULL );
     idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_X509,
-                                         0,NULL, NULL, NULL, NULL );
-    AssertIntNE(idx1, -1);
-    AssertIntNE(idx2, -1);
-    AssertIntNE(idx1, idx2);
+        0,NULL, NULL, NULL, NULL );
+    ExpectIntNE(idx1, -1);
+    ExpectIntNE(idx2, -1);
+    ExpectIntNE(idx1, idx2);
 
 
     idx1 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
-                                         0,NULL, NULL, NULL, NULL );
+        0,NULL, NULL, NULL, NULL );
     idx2 = wolfSSL_CRYPTO_get_ex_new_index(WOLF_CRYPTO_EX_INDEX_SSL_SESSION,
-                                         0,NULL, NULL, NULL, NULL );
-    AssertIntNE(idx1, -1);
-    AssertIntNE(idx2, -1);
-    AssertIntNE(idx1, idx2);
-
-    res = TEST_RES_CHECK(1);
+        0,NULL, NULL, NULL, NULL );
+    ExpectIntNE(idx1, -1);
+    ExpectIntNE(idx2, -1);
+    ExpectIntNE(idx1, idx2);
 #endif /* HAVE_EX_DATA */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(HAVE_EX_DATA) && defined(HAVE_EXT_CACHE) && \
@@ -63713,31 +63160,43 @@ static int test_wolfSSL_SESSION_get_ex_new_index_dup_cb(CRYPTO_EX_DATA* out,
         const CRYPTO_EX_DATA* in, void* inPtr, int idx, long argV,
         void* arg)
 {
-    AssertNotNull(out);
-    AssertNotNull(in);
-    AssertPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL);
-    AssertPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL);
-    AssertPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL);
-    AssertIntEQ(argV, SESSION_NEW_IDX_LONG);
-    AssertStrEQ(arg, SESSION_NEW_IDX_PTR);
+    EXPECT_DECLS;
+
+    ExpectNotNull(out);
+    ExpectNotNull(in);
+    ExpectPtrEq(*(void**)inPtr, SESSION_NEW_IDX_VAL);
+    ExpectPtrEq(CRYPTO_get_ex_data(in, idx), SESSION_NEW_IDX_VAL);
+    ExpectPtrEq(CRYPTO_get_ex_data(out, idx), SESSION_NEW_IDX_VAL);
+    ExpectIntEQ(argV, SESSION_NEW_IDX_LONG);
+    ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
     *(void**)inPtr = SESSION_DUP_IDX_VAL;
-    return SSL_SUCCESS;
+    if (EXPECT_SUCCESS()) {
+        return SSL_SUCCESS;
+    }
+    else {
+        return SSL_FAILURE;
+    }
 }
 
 static int test_wolfSSL_SESSION_get_ex_new_index_free_cb_called = 0;
 static void test_wolfSSL_SESSION_get_ex_new_index_free_cb(void* p, void* ptr,
         CRYPTO_EX_DATA* a, int idx, long argValue, void* arg)
 {
-    AssertNotNull(p);
-    AssertNull(ptr);
-    AssertPtrNE(CRYPTO_get_ex_data(a, idx), 0);
-    AssertIntEQ(argValue, SESSION_NEW_IDX_LONG);
-    AssertStrEQ(arg, SESSION_NEW_IDX_PTR);
-    test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++;
+    EXPECT_DECLS;
+
+    ExpectNotNull(p);
+    ExpectNull(ptr);
+    ExpectPtrNE(CRYPTO_get_ex_data(a, idx), 0);
+    ExpectIntEQ(argValue, SESSION_NEW_IDX_LONG);
+    ExpectStrEQ(arg, SESSION_NEW_IDX_PTR);
+    if (EXPECT_SUCCESS()) {
+        test_wolfSSL_SESSION_get_ex_new_index_free_cb_called++;
+    }
 }
 
 static int test_wolfSSL_SESSION_get_ex_new_index(void)
 {
+    EXPECT_DECLS;
     int idx = SSL_SESSION_get_ex_new_index(SESSION_NEW_IDX_LONG,
                 (void*)SESSION_NEW_IDX_PTR,
                 test_wolfSSL_SESSION_get_ex_new_index_new_cb,
@@ -63746,18 +63205,18 @@ static int test_wolfSSL_SESSION_get_ex_new_index(void)
     SSL_SESSION* s = SSL_SESSION_new();
     SSL_SESSION* d = NULL;
 
-    AssertNotNull(s);
-    AssertPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL);
-    AssertNotNull(d = SSL_SESSION_dup(s));
-    AssertPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL);
+    ExpectNotNull(s);
+    ExpectPtrEq(SSL_SESSION_get_ex_data(s, idx), SESSION_NEW_IDX_VAL);
+    ExpectNotNull(d = SSL_SESSION_dup(s));
+    ExpectPtrEq(SSL_SESSION_get_ex_data(d, idx), SESSION_DUP_IDX_VAL);
     SSL_SESSION_free(s);
-    AssertIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1);
+    ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 1);
     SSL_SESSION_free(d);
-    AssertIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2);
+    ExpectIntEQ(test_wolfSSL_SESSION_get_ex_new_index_free_cb_called, 2);
 
     crypto_ex_cb_free(crypto_ex_cb_ctx_session);
     crypto_ex_cb_ctx_session = NULL;
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #else
 static int test_wolfSSL_SESSION_get_ex_new_index(void)
@@ -63768,63 +63227,58 @@ static int test_wolfSSL_SESSION_get_ex_new_index(void)
 
 static int test_wolfSSL_set_psk_use_session_callback(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(NO_PSK)
-    SSL_CTX* ctx;
-    SSL*     ssl;
+    SSL_CTX* ctx = NULL;
+    SSL*     ssl = NULL;
     const char* testCertFile;
     const char* testKeyFile;
 
-    #ifdef WOLFSSL_TLS13
-        #ifdef NO_WOLFSSL_SERVER
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
-        #else
-            AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
-        #endif
+#ifdef WOLFSSL_TLS13
+    #ifdef NO_WOLFSSL_SERVER
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
+    #else
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_server_method()));
+    #endif
+#else
+    #ifdef NO_WOLFSSL_SERVER
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()));
+    #else
+        ExpectNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
+    #endif
+#endif
 #ifndef NO_RSA
-        testCertFile = svrCertFile;
-        testKeyFile = svrKeyFile;
+    testCertFile = svrCertFile;
+    testKeyFile = svrKeyFile;
 #elif defined(HAVE_ECC)
-        testCertFile = eccCertFile;
-        testKeyFile = eccKeyFile;
+    testCertFile = eccCertFile;
+    testKeyFile = eccKeyFile;
 #else
-        testCertFile = NULL;
-        testKeyFile = NULL;
+    testCertFile = NULL;
+    testKeyFile = NULL;
 #endif
-        if  (testCertFile != NULL && testKeyFile != NULL) {
-            AssertTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
-                                                    SSL_FILETYPE_PEM));
-            AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
-                                                    SSL_FILETYPE_PEM));
-        }
+    if ((testCertFile != NULL) && (testKeyFile != NULL)) {
+        ExpectTrue(SSL_CTX_use_certificate_file(ctx, testCertFile,
+            SSL_FILETYPE_PEM));
+        ExpectTrue(SSL_CTX_use_PrivateKey_file(ctx, testKeyFile,
+            SSL_FILETYPE_PEM));
+    }
 
-        ssl = SSL_new(ctx);
-        AssertNotNull(ssl);
+    ExpectNotNull(ssl = SSL_new(ctx));
 
-        SSL_set_psk_use_session_callback(ssl,
-                            my_psk_use_session_cb);
-        AssertTrue(1);
+    SSL_set_psk_use_session_callback(ssl, my_psk_use_session_cb);
 
-        SSL_CTX_free(ctx);
-        SSL_free(ssl);
-    #else
-        (void)ctx;
-        (void)ssl;
-        (void)testCertFile;
-        (void)testKeyFile;
-    #endif
-
-    res = TEST_RES_CHECK(1);
+    SSL_CTX_free(ctx);
+    SSL_free(ssl);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_ERR_strings(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 
 #if !defined(NO_ERROR_STRINGS)
-    EXPECT_DECLS;
     const char* err1 = "unsupported cipher suite";
     const char* err2 = "wolfSSL PEM routines";
     const char* err  = NULL;
@@ -63853,51 +63307,136 @@ static int test_wolfSSL_ERR_strings(void)
     ExpectNotNull(err = wolfSSL_ERR_lib_error_string(-MIN_CODE_E+2));
     ExpectIntEQ((*err == '\0'), 1);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 static int test_wolfSSL_EVP_shake128(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
                                             defined(WOLFSSL_SHAKE128)
-    EXPECT_DECLS;
     const EVP_MD* md = NULL;
 
     ExpectNotNull(md = EVP_shake128());
     ExpectIntEQ(XSTRNCMP(md, "SHAKE128", XSTRLEN("SHAKE128")), 0);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_EVP_shake256(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA3) && \
                                             defined(WOLFSSL_SHAKE256)
-    EXPECT_DECLS;
     const EVP_MD* md = NULL;
 
     ExpectNotNull(md = EVP_shake256());
     ExpectIntEQ(XSTRNCMP(md, "SHAKE256", XSTRLEN("SHAKE256")), 0);
+#endif
+
+    return EXPECT_RESULT();
+}
+
+/*
+ *  Testing EVP digest API with SM3
+ */
+static int test_wolfSSL_EVP_sm3(void)
+{
+    int res = TEST_SKIPPED;
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SM3)
+    EXPECT_DECLS;
+    const EVP_MD* md = NULL;
+    EVP_MD_CTX* mdCtx = NULL;
+    byte data[WC_SM3_BLOCK_SIZE * 4];
+    byte hash[WC_SM3_DIGEST_SIZE];
+    byte calcHash[WC_SM3_DIGEST_SIZE];
+    byte expHash[WC_SM3_DIGEST_SIZE] = {
+        0x38, 0x48, 0x15, 0xa7, 0x0e, 0xae, 0x0b, 0x27,
+        0x5c, 0xde, 0x9d, 0xa5, 0xd1, 0xa4, 0x30, 0xa1,
+        0xca, 0xd4, 0x54, 0x58, 0x44, 0xa2, 0x96, 0x1b,
+        0xd7, 0x14, 0x80, 0x3f, 0x80, 0x1a, 0x07, 0xb6
+    };
+    word32 chunk;
+    word32 i;
+    unsigned int sz;
+    int ret;
+
+    XMEMSET(data, 0, sizeof(data));
+
+    md = EVP_sm3();
+    ExpectTrue(md != NULL);
+    ExpectIntEQ(XSTRNCMP(md, "SM3", XSTRLEN("SM3")), 0);
+    mdCtx = EVP_MD_CTX_new();
+    ExpectTrue(mdCtx != NULL);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(EVP_DigestInit(NULL, md), BAD_FUNC_ARG);
+    /* Valid Parameters */
+    ExpectIntEQ(EVP_DigestInit(mdCtx, md), WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(EVP_DigestUpdate(NULL, NULL, 1), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 1), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestUpdate(NULL, data, 1), WOLFSSL_FAILURE);
+
+    /* Valid Parameters */
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE - 2),
+        WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_BLOCK_SIZE * 2),
+        WOLFSSL_SUCCESS);
+    /* Ensure too many bytes for lengths. */
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, WC_SM3_PAD_SIZE),
+        WOLFSSL_SUCCESS);
+
+    /* Invalid Parameters */
+    ExpectIntEQ(EVP_DigestFinal(NULL, NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestFinal(NULL, hash, NULL), WOLFSSL_FAILURE);
+    ExpectIntEQ(EVP_DigestFinal(mdCtx, NULL, NULL), WOLFSSL_FAILURE);
+
+    /* Valid Parameters */
+    ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
+    ExpectBufEQ(hash, expHash, WC_SM3_DIGEST_SIZE);
+
+    /* Chunk tests. */
+    ExpectIntEQ(EVP_DigestUpdate(mdCtx, data, sizeof(data)), WOLFSSL_SUCCESS);
+    ExpectIntEQ(EVP_DigestFinal(mdCtx, calcHash, &sz), WOLFSSL_SUCCESS);
+    ExpectIntEQ(sz, WC_SM3_DIGEST_SIZE);
+    for (chunk = 1; chunk <= WC_SM3_BLOCK_SIZE + 1; chunk++) {
+        for (i = 0; i + chunk <= (word32)sizeof(data); i += chunk) {
+            ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i, chunk),
+                WOLFSSL_SUCCESS);
+        }
+        if (i < (word32)sizeof(data)) {
+            ExpectIntEQ(EVP_DigestUpdate(mdCtx, data + i,
+                (word32)sizeof(data) - i), WOLFSSL_SUCCESS);
+        }
+        ExpectIntEQ(EVP_DigestFinal(mdCtx, hash, NULL), WOLFSSL_SUCCESS);
+        ExpectBufEQ(hash, calcHash, WC_SM3_DIGEST_SIZE);
+    }
+
+    /* Not testing when the low 32-bit length overflows. */
+
+    ret = EVP_MD_CTX_cleanup(mdCtx);
+    ExpectIntEQ(ret, WOLFSSL_SUCCESS);
+    wolfSSL_EVP_MD_CTX_free(mdCtx);
 
     res = EXPECT_RESULT();
 #endif
-
     return res;
-}
+}  /* END test_EVP_sm3 */
 
 static int test_EVP_blake2(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S))
     EXPECT_DECLS;
+#if defined(OPENSSL_EXTRA) && (defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S))
     const EVP_MD* md = NULL;
     (void)md;
 
@@ -63910,11 +63449,9 @@ static int test_EVP_blake2(void)
     ExpectNotNull(md = EVP_blake2s256());
     ExpectIntEQ(XSTRNCMP(md, "BLAKE2S256", XSTRLEN("BLAKE2S256")), 0);
 #endif
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(OPENSSL_EXTRA)
@@ -64014,10 +63551,9 @@ static int test_OBJ_NAME_do_all(void)
 
 static int test_SSL_CIPHER_get_xxx(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL) && !defined(NO_CERTS) && \
        !defined(NO_FILESYSTEM)
-    EXPECT_DECLS;
     const SSL_CIPHER* cipher = NULL;
     STACK_OF(SSL_CIPHER) *supportedCiphers = NULL;
     int i, numCiphers = 0;
@@ -64142,11 +63678,9 @@ static int test_SSL_CIPHER_get_xxx(void)
 
     SSL_CTX_free(ctx);
     SSL_free(ssl);
-
-    res = EXPECT_RESULT();
 #endif
 
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(WOLF_CRYPTO_CB) && defined(HAVE_IO_TESTS_DEPENDENCIES)
@@ -64362,12 +63896,13 @@ static int test_CryptoCb_Func(int thisDevId, wc_CryptoInfo* info, void* ctx)
 }
 
 /* tlsVer: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
-static void test_wc_CryptoCb_TLS(int tlsVer,
+static int test_wc_CryptoCb_TLS(int tlsVer,
     const char* cliCaPemFile, const char* cliCertPemFile,
     const char* cliPrivKeyPemFile, const char* cliPubKeyPemFile,
     const char* svrCaPemFile, const char* svrCertPemFile,
     const char* svrPrivKeyPemFile, const char* svrPubKeyPemFile)
 {
+    EXPECT_DECLS;
     callback_functions client_cbf;
     callback_functions server_cbf;
 
@@ -64420,7 +63955,7 @@ static void test_wc_CryptoCb_TLS(int tlsVer,
 
     if (server_cbf.method == NULL) {
         /* not enabled */
-        return;
+        return TEST_SUCCESS;
     }
 
     /* Setup the keys for the TLS test */
@@ -64444,28 +63979,32 @@ static void test_wc_CryptoCb_TLS(int tlsVer,
     /* First test is at WOLFSSL_CTX level */
     test_wolfSSL_client_server(&client_cbf, &server_cbf);
     /* Check for success */
-    AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
-    AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
 
-    /* Second test is a WOLFSSL object level */
-    client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
-    test_wolfSSL_client_server(&client_cbf, &server_cbf);
+    if (EXPECT_SUCCESS()) {
+        /* Second test is a WOLFSSL object level */
+        client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
+        test_wolfSSL_client_server(&client_cbf, &server_cbf);
+    }
 
     /* Check for success */
-    AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
-    AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
 
     /* Un register the devId's */
     wc_CryptoCb_UnRegisterDevice(client_cbf.devId);
     client_cbf.devId = INVALID_DEVID;
     wc_CryptoCb_UnRegisterDevice(server_cbf.devId);
     server_cbf.devId = INVALID_DEVID;
+
+    return EXPECT_RESULT();
 }
 #endif /* WOLF_CRYPTO_CB && HAVE_IO_TESTS_DEPENDENCIES */
 
 static int test_wc_CryptoCb(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #ifdef WOLF_CRYPTO_CB
     /* TODO: Add crypto callback API tests */
 
@@ -64476,43 +64015,45 @@ static int test_wc_CryptoCb(void)
 
     #ifndef NO_RSA
     for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
-        test_wc_CryptoCb_TLS(tlsVer,
+        ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
             svrCertFile, cliCertFile, cliKeyFile, cliKeyPubFile,
-            cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile);
+            cliCertFile, svrCertFile, svrKeyFile, svrKeyPubFile),
+            TEST_SUCCESS);
     }
     #endif
     #ifdef HAVE_ECC
     for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
-        test_wc_CryptoCb_TLS(tlsVer,
+        ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
             caEccCertFile,  cliEccCertFile, cliEccKeyFile, cliEccKeyPubFile,
-            cliEccCertFile, eccCertFile,    eccKeyFile,    eccKeyPubFile);
+            cliEccCertFile, eccCertFile,    eccKeyFile,    eccKeyPubFile),
+            TEST_SUCCESS);
     }
     #endif
     #ifdef HAVE_ED25519
     for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
         if (tlsVer == WOLFSSL_DTLSV1) continue;
-        test_wc_CryptoCb_TLS(tlsVer,
+        ExpectIntEQ(test_wc_CryptoCb_TLS(tlsVer,
             caEdCertFile,  cliEdCertFile, cliEdKeyFile, cliEdKeyPubFile,
-            cliEdCertFile, edCertFile,    edKeyFile,    edKeyPubFile);
+            cliEdCertFile, edCertFile,    edKeyFile,    edKeyPubFile),
+            TEST_SUCCESS);
     }
     #endif
 #endif /* HAVE_IO_TESTS_DEPENDENCIES */
-
-    res = TEST_RES_CHECK(1);
 #endif /* WOLF_CRYPTO_CB */
-    return res;
+    return EXPECT_RESULT();
 }
 
 #if defined(WOLFSSL_STATIC_MEMORY) && defined(HAVE_IO_TESTS_DEPENDENCIES)
 
 /* tlsVer: Example: WOLFSSL_TLSV1_2 or WOLFSSL_TLSV1_3 */
-static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
+static int test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
     const char* cliCaPemFile, const char* cliCertPemFile,
     const char* cliPrivKeyPemFile,
     const char* svrCaPemFile, const char* svrCertPemFile,
     const char* svrPrivKeyPemFile,
     byte* cliMem, word32 cliMemSz, byte* svrMem, word32 svrMemSz)
 {
+    EXPECT_DECLS;
     callback_functions client_cbf;
     callback_functions server_cbf;
 
@@ -64565,7 +64106,7 @@ static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
 
     if (server_cbf.method_ex == NULL) {
         /* not enabled */
-        return;
+        return TEST_SUCCESS;
     }
 
     /* Setup the keys for the TLS test */
@@ -64589,48 +64130,42 @@ static void test_wolfSSL_CTX_StaticMemory_TLS(int tlsVer,
     /* First test is at WOLFSSL_CTX level */
     test_wolfSSL_client_server(&client_cbf, &server_cbf);
     /* Check for success */
-    AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
-    AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
 
-    /* Second test is a WOLFSSL object level */
-    client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
-    test_wolfSSL_client_server(&client_cbf, &server_cbf);
+    if (EXPECT_SUCCESS()) {
+       /* Second test is a WOLFSSL object level */
+       client_cbf.loadToSSL = 1; server_cbf.loadToSSL = 1;
+       test_wolfSSL_client_server(&client_cbf, &server_cbf);
+    }
 
     /* Check for success */
-    AssertIntEQ(server_cbf.return_code, TEST_SUCCESS);
-    AssertIntEQ(client_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbf.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbf.return_code, TEST_SUCCESS);
+
+    return EXPECT_RESULT();
 }
 #endif /* WOLFSSL_STATIC_MEMORY && HAVE_IO_TESTS_DEPENDENCIES */
 
 #if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
-#if (defined(HAVE_ECC) && !defined(ALT_ECC_SIZE)) || \
-        defined(SESSION_CERTS)
-    #ifdef OPENSSL_EXTRA
-    #define TEST_TLS_STATIC_MEMSZ (400000)
-    #else
-    #define TEST_TLS_STATIC_MEMSZ (320000)
-    #endif
-#else
-    #define TEST_TLS_STATIC_MEMSZ (80000)
-#endif
-
 static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
 {
+    EXPECT_DECLS;
     WOLFSSL *ssl1 = NULL, *ssl2 = NULL, *ssl3 = NULL;
     WOLFSSL_MEM_STATS mem_stats;
     WOLFSSL_MEM_CONN_STATS ssl_stats;
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA)
-    AssertIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
+    ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx, svrCertFile,
         WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
+    ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx, svrKeyFile,
         WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
 #endif
 
-    AssertNotNull((ssl1 = wolfSSL_new(ctx)));
-    AssertNotNull((ssl2 = wolfSSL_new(ctx)));
+    ExpectNotNull((ssl1 = wolfSSL_new(ctx)));
+    ExpectNotNull((ssl2 = wolfSSL_new(ctx)));
     /* this should fail because kMaxCtxClients == 2 */
-    AssertNull((ssl3 = wolfSSL_new(ctx)));
+    ExpectNull((ssl3 = wolfSSL_new(ctx)));
 
     if (wolfSSL_is_static_memory(ssl1, &ssl_stats) == 1) {
     #ifdef DEBUG_WOLFSSL
@@ -64650,13 +64185,13 @@ static int test_wolfSSL_CTX_StaticMemory_SSL(WOLFSSL_CTX* ctx)
     wolfSSL_free(ssl1);
     wolfSSL_free(ssl2);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
 
 static int test_wolfSSL_CTX_StaticMemory(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFCRYPT_ONLY)
     wolfSSL_method_func method_func;
     WOLFSSL_CTX* ctx;
@@ -64685,60 +64220,59 @@ static int test_wolfSSL_CTX_StaticMemory(void)
 
     /* Test creating CTX directly from static memory pool */
     ctx = NULL;
-    AssertIntEQ(wolfSSL_CTX_load_static_memory(
-            &ctx, method_func, svrMem, sizeof(svrMem),
-            0, kMaxCtxClients), WOLFSSL_SUCCESS);
-    test_wolfSSL_CTX_StaticMemory_SSL(ctx);
+    ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, method_func, svrMem,
+        sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
+    ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
     wolfSSL_CTX_free(ctx);
     ctx = NULL;
 
     /* Test for heap allocated CTX, then assigning static pool to it */
-    AssertNotNull(ctx = wolfSSL_CTX_new(method_func(NULL)));
-    AssertIntEQ(wolfSSL_CTX_load_static_memory(&ctx,
-        NULL, svrMem, sizeof(svrMem),
-        0, kMaxCtxClients), WOLFSSL_SUCCESS);
-    test_wolfSSL_CTX_StaticMemory_SSL(ctx);
+    ExpectNotNull(ctx = wolfSSL_CTX_new(method_func(NULL)));
+    ExpectIntEQ(wolfSSL_CTX_load_static_memory(&ctx, NULL, svrMem,
+        sizeof(svrMem), 0, kMaxCtxClients), WOLFSSL_SUCCESS);
+    ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_SSL(ctx), TEST_SUCCESS);
     wolfSSL_CTX_free(ctx);
 
     /* TLS Level Tests using static memory */
 #ifdef HAVE_IO_TESTS_DEPENDENCIES
     #ifndef NO_RSA
     for (tlsVer = WOLFSSL_SSLV3; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
-        test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+        ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
             svrCertFile, cliCertFile, cliKeyFile,
             cliCertFile, svrCertFile, svrKeyFile,
-            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+            TEST_SUCCESS);
     }
     #endif
     #ifdef HAVE_ECC
     for (tlsVer = WOLFSSL_TLSV1; tlsVer <= WOLFSSL_DTLSV1; tlsVer++) {
-        test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+        ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
             caEccCertFile,  cliEccCertFile, cliEccKeyFile,
             cliEccCertFile, eccCertFile,    eccKeyFile,
-            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+            TEST_SUCCESS);
     }
     #endif
     #ifdef HAVE_ED25519
     for (tlsVer = WOLFSSL_TLSV1_2; tlsVer <= WOLFSSL_DTLSV1_2; tlsVer++) {
         if (tlsVer == WOLFSSL_DTLSV1) continue;
-        test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
+        ExpectIntEQ(test_wolfSSL_CTX_StaticMemory_TLS(tlsVer,
             caEdCertFile,  cliEdCertFile, cliEdKeyFile,
             cliEdCertFile, edCertFile,    edKeyFile,
-            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem));
+            cliMem, (word32)sizeof(cliMem), svrMem, (word32)sizeof(svrMem)),
+            TEST_SUCCESS);
     }
     #endif
 #endif /* HAVE_IO_TESTS_DEPENDENCIES */
-
-    res = TEST_RES_CHECK(1);
 #endif /* WOLFSSL_STATIC_MEMORY && !WOLFCRYPT_ONLY */
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_openssl_FIPS_drbg(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_EXTRA) && !defined(WC_NO_RNG) && defined(HAVE_HASHDRBG)
-    DRBG_CTX* dctx;
+    DRBG_CTX* dctx = NULL;
     byte data1[32], data2[32], zeroData[32];
     byte testSeed[16];
     size_t dlen = sizeof(data1);
@@ -64747,52 +64281,48 @@ static int test_openssl_FIPS_drbg(void)
     XMEMSET(data1, 0, dlen);
     XMEMSET(data2, 0, dlen);
     XMEMSET(zeroData, 0, sizeof(zeroData));
-    for (i=0; i<(int)sizeof(testSeed); i++) {
+    for (i = 0; i < (int)sizeof(testSeed); i++) {
         testSeed[i] = (byte)i;
     }
 
-    AssertNotNull(dctx = FIPS_get_default_drbg());
-    AssertIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS);
-    AssertIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL),
+    ExpectNotNull(dctx = FIPS_get_default_drbg());
+    ExpectIntEQ(FIPS_drbg_init(dctx, 0, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(FIPS_drbg_set_callbacks(dctx, NULL, NULL, 20, NULL, NULL),
         WOLFSSL_SUCCESS);
-    AssertIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS);
-    AssertIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0),
+    ExpectIntEQ(FIPS_drbg_instantiate(dctx, NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(FIPS_drbg_generate(dctx, data1, dlen, 0, NULL, 0),
         WOLFSSL_SUCCESS);
-    AssertIntNE(XMEMCMP(data1, zeroData, dlen), 0);
-    AssertIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)),
+    ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
+    ExpectIntEQ(FIPS_drbg_reseed(dctx, testSeed, sizeof(testSeed)),
         WOLFSSL_SUCCESS);
-    AssertIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0),
+    ExpectIntEQ(FIPS_drbg_generate(dctx, data2, dlen, 0, NULL, 0),
         WOLFSSL_SUCCESS);
-    AssertIntNE(XMEMCMP(data1, zeroData, dlen), 0);
-    AssertIntNE(XMEMCMP(data1, data2, dlen), 0);
-    AssertIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS);
+    ExpectIntNE(XMEMCMP(data1, zeroData, dlen), 0);
+    ExpectIntNE(XMEMCMP(data1, data2, dlen), 0);
+    ExpectIntEQ(FIPS_drbg_uninstantiate(dctx), WOLFSSL_SUCCESS);
 #ifndef HAVE_GLOBAL_RNG
     /* gets freed by wolfSSL_Cleanup() when HAVE_GLOBAL_RNG defined */
     wolfSSL_FIPS_drbg_free(dctx);
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_FIPS_mode(void)
 {
-    int res = TEST_SKIPPED;
+    EXPECT_DECLS;
 #if defined(OPENSSL_ALL)
 #ifdef HAVE_FIPS
-    AssertIntEQ(wolfSSL_FIPS_mode(), 1);
-    AssertIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE);
-    AssertIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_FIPS_mode(), 1);
+    ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_SUCCESS);
 #else
-    AssertIntEQ(wolfSSL_FIPS_mode(), 0);
-    AssertIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS);
-    AssertIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE);
+    ExpectIntEQ(wolfSSL_FIPS_mode(), 0);
+    ExpectIntEQ(wolfSSL_FIPS_mode_set(0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_FIPS_mode_set(1), WOLFSSL_FAILURE);
 #endif
-
-    res = TEST_RES_CHECK(1);
 #endif
-    return res;
+    return EXPECT_RESULT();
 }
 
 #ifdef WOLFSSL_DTLS
@@ -64832,16 +64362,17 @@ static void DUW_TEST_print_window_binary(word32 h, word32 l, word32* w) {
  * i - expected window[0]
  */
 #define DUW_TEST(a,b,c,d,e,f,g,h,i) do { \
-    wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)); \
+    ExpectIntEQ(wolfSSL_DtlsUpdateWindow((a), (b), &(c), &(d), (e)), 1); \
     DUW_TEST_print_window_binary((a), (b), (e)); \
-    AssertIntEQ((c), (f)); \
-    AssertIntEQ((d), (g)); \
-    AssertIntEQ((e)[1], (h)); \
-    AssertIntEQ((e)[0], (i)); \
+    ExpectIntEQ((c), (f)); \
+    ExpectIntEQ((d), (g)); \
+    ExpectIntEQ((e)[1], (h)); \
+    ExpectIntEQ((e)[0], (i)); \
 } while (0)
 
 static int test_wolfSSL_DtlsUpdateWindow(void)
 {
+    EXPECT_DECLS;
     word32 window[WOLFSSL_DTLS_WINDOW_WORDS];
     word32 next_lo = 0;
     word16 next_hi = 0;
@@ -64884,7 +64415,7 @@ static int test_wolfSSL_DtlsUpdateWindow(void)
     DUW_TEST(150, 0xFFFFFFFF, next_hi, next_lo, window, 151, 0, 0, 0x01);
     DUW_TEST(152, 0xFFFFFFFF, next_hi, next_lo, window, 153, 0, 0, 0x01);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #endif /* WOLFSSL_DTLS */
 
@@ -64940,80 +64471,76 @@ static int DFB_TEST(WOLFSSL* ssl, word32 seq, word32 len, word32 f_offset,
     return 0;
 }
 
-static void DFB_TEST_RESET(WOLFSSL* ssl)
-{
-    DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
-    ssl->dtls_rx_msg_list = NULL;
-    ssl->dtls_rx_msg_list_sz = 0;
-}
-
 static int test_wolfSSL_DTLS_fragment_buckets(void)
 {
+    EXPECT_DECLS;
     WOLFSSL ssl[1];
 
     XMEMSET(ssl, 0, sizeof(*ssl));
 
-    AssertIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /*  0-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 0, 100, 0, 100, 0, 1, 100), 0); /*  0-100 */
 
-    AssertIntEQ(DFB_TEST(ssl, 1, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
-    AssertIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0,  40), 0); /* 20-40  */
-    AssertIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0,  60), 0); /* 40-60  */
-    AssertIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0,  80), 0); /* 60-80  */
-    AssertIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 1, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
+    ExpectIntEQ(DFB_TEST(ssl, 1, 100, 20, 20, 1, 0,  40), 0); /* 20-40  */
+    ExpectIntEQ(DFB_TEST(ssl, 1, 100, 40, 20, 1, 0,  60), 0); /* 40-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 1, 100, 60, 20, 1, 0,  80), 0); /* 60-80  */
+    ExpectIntEQ(DFB_TEST(ssl, 1, 100, 80, 20, 0, 1, 100), 0); /* 80-100 */
 
     /* Test all permutations of 3 regions */
     /* 1 2 3 */
-    AssertIntEQ(DFB_TEST(ssl, 2, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
-    AssertIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0,  60), 0); /* 30-60  */
-    AssertIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 2, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 2, 100, 30, 30, 1, 0,  60), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 2, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
     /* 1 3 2 */
-    AssertIntEQ(DFB_TEST(ssl, 3, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
-    AssertIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0,  70), 0); /* 60-100 */
-    AssertIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 3, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 3, 100, 60, 40, 2, 0,  70), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 3, 100, 30, 30, 0, 1, 100), 0); /* 30-60  */
     /* 2 1 3 */
-    AssertIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0,  30), 0); /* 30-60  */
-    AssertIntEQ(DFB_TEST(ssl, 4, 100,  0, 30, 1, 0,  60), 0); /*  0-30  */
-    AssertIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 4, 100, 30, 30, 1, 0,  30), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 4, 100,  0, 30, 1, 0,  60), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 4, 100, 60, 40, 0, 1, 100), 0); /* 60-100 */
     /* 2 3 1 */
-    AssertIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0,  30), 0); /* 30-60  */
-    AssertIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0,  70), 0); /* 60-100 */
-    AssertIntEQ(DFB_TEST(ssl, 5, 100,  0, 30, 0, 1, 100), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 5, 100, 30, 30, 1, 0,  30), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 5, 100, 60, 40, 1, 0,  70), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 5, 100,  0, 30, 0, 1, 100), 0); /*  0-30  */
     /* 3 1 2 */
-    AssertIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0,  40), 0); /* 60-100 */
-    AssertIntEQ(DFB_TEST(ssl, 6, 100,  0, 30, 2, 0,  70), 0); /*  0-30  */
-    AssertIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 6, 100, 60, 40, 1, 0,  40), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 6, 100,  0, 30, 2, 0,  70), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 6, 100, 30, 30, 0, 1, 100), 0); /* 30-60  */
     /* 3 2 1 */
-    AssertIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0,  40), 0); /* 60-100 */
-    AssertIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0,  70), 0); /* 30-60  */
-    AssertIntEQ(DFB_TEST(ssl, 7, 100,  0, 30, 0, 1, 100), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 7, 100, 60, 40, 1, 0,  40), 0); /* 60-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 7, 100, 30, 30, 1, 0,  70), 0); /* 30-60  */
+    ExpectIntEQ(DFB_TEST(ssl, 7, 100,  0, 30, 0, 1, 100), 0); /*  0-30  */
 
     /* Test overlapping regions */
-    AssertIntEQ(DFB_TEST(ssl, 8, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
-    AssertIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0,  30), 0); /* 20-30  */
-    AssertIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0,  40), 0); /* 70-80  */
-    AssertIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0,  60), 0); /* 20-50  */
-    AssertIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 8, 100,  0, 30, 1, 0,  30), 0); /*  0-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 10, 1, 0,  30), 0); /* 20-30  */
+    ExpectIntEQ(DFB_TEST(ssl, 8, 100, 70, 10, 2, 0,  40), 0); /* 70-80  */
+    ExpectIntEQ(DFB_TEST(ssl, 8, 100, 20, 30, 2, 0,  60), 0); /* 20-50  */
+    ExpectIntEQ(DFB_TEST(ssl, 8, 100, 40, 60, 0, 1, 100), 0); /* 40-100 */
 
     /* Test overlapping multiple regions */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 30,  5, 2, 0,  25), 0); /* 30-35  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 40,  5, 3, 0,  30), 0); /* 40-45  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 50,  5, 4, 0,  35), 0); /* 50-55  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 60,  5, 5, 0,  40), 0); /* 60-65  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 70,  5, 6, 0,  45), 0); /* 70-75  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0,  55), 0); /* 30-55  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0,  65), 0); /* 55-70  */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0,  90), 0); /* 75-100 */
-    AssertIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */
-
-    AssertIntEQ(DFB_TEST(ssl, 10, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
-    AssertIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0,  40), 0); /* 30-50  */
-    AssertIntEQ(DFB_TEST(ssl, 10, 100,  0, 40, 1, 0,  50), 0); /*  0-40  */
-    AssertIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */
-
-    DFB_TEST_RESET(ssl);
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30,  5, 2, 0,  25), 0); /* 30-35  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 40,  5, 3, 0,  30), 0); /* 40-45  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 50,  5, 4, 0,  35), 0); /* 50-55  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 60,  5, 5, 0,  40), 0); /* 60-65  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 70,  5, 6, 0,  45), 0); /* 70-75  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 30, 25, 4, 0,  55), 0); /* 30-55  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 55, 15, 2, 0,  65), 0); /* 55-70  */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 75, 25, 2, 0,  90), 0); /* 75-100 */
+    ExpectIntEQ(DFB_TEST(ssl, 9, 100, 10, 25, 0, 1, 100), 0); /* 10-35 */
+
+    ExpectIntEQ(DFB_TEST(ssl, 10, 100,  0, 20, 1, 0,  20), 0); /*  0-20  */
+    ExpectIntEQ(DFB_TEST(ssl, 10, 100, 30, 20, 2, 0,  40), 0); /* 30-50  */
+    ExpectIntEQ(DFB_TEST(ssl, 10, 100,  0, 40, 1, 0,  50), 0); /*  0-40  */
+    ExpectIntEQ(DFB_TEST(ssl, 10, 100, 50, 50, 0, 1, 100), 0); /* 10-35 */
 
-    return TEST_RES_CHECK(1);
+    DtlsMsgListDelete(ssl->dtls_rx_msg_list, ssl->heap);
+    ssl->dtls_rx_msg_list = NULL;
+    ssl->dtls_rx_msg_list_sz = 0;
+
+    return EXPECT_RESULT();
 }
 
 #endif
@@ -65021,94 +64548,83 @@ static int test_wolfSSL_DTLS_fragment_buckets(void)
 
 #if !defined(NO_FILESYSTEM) && \
      defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
-    !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
-    !defined(NO_RSA)
+     defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
 
 static int test_wolfSSL_dtls_stateless2(void)
 {
-    WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_c2 = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    int ret;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
-    if (ret != 0)
-        return -1;
-    ssl_c2 = wolfSSL_new(ctx_c);
-    if (ssl_c2 == NULL)
-        return -2;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+    ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
     wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
     /* send CH */
-    ret = wolfSSL_connect(ssl_c2);
-    if (ret == 0 || ssl_c2->error != WANT_READ)
-        return -3;
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 || ssl_s->error != WANT_READ)
-        return -4;
-    if (test_ctx.c_len == 0)
-        return -5;
+    ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c2->error == WANT_READ));
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
+    ExpectIntNE(test_ctx.c_len, 0);
     /* consume HRR */
     test_ctx.c_len = 0;
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return -6;
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
     wolfSSL_free(ssl_c2);
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 
 #ifdef HAVE_MAX_FRAGMENT
 static int test_wolfSSL_dtls_stateless_maxfrag(void)
 {
-    WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_c2 = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    word16 max_fragment;
-    int ret;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    word16 max_fragment = 0;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
-    if (ret != 0)
-        return -1;
-    ssl_c2 = wolfSSL_new(ctx_c);
-    if (ssl_c2 == NULL)
-        return -2;
-    ret = wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8);
-    if (ret != WOLFSSL_SUCCESS)
-        return -3;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+    ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c));
+    ExpectIntEQ(wolfSSL_UseMaxFragment(ssl_c2, WOLFSSL_MFL_2_8),
+        WOLFSSL_SUCCESS);
     wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
-    max_fragment = ssl_s->max_fragment;
-   /* send CH */
-    ret = wolfSSL_connect(ssl_c2);
-    if (ret == 0 || ssl_c2->error != WANT_READ)
-        return -4;
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 || ssl_s->error != WANT_READ)
-        return -5;
+    if (ssl_s != NULL) {
+        max_fragment = ssl_s->max_fragment;
+    }
+    /* send CH */
+    ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c2->error == WANT_READ));
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
     /* CH without cookie shouldn't change state */
-    if (ssl_s->max_fragment != max_fragment)
-        return -6;
-    if (test_ctx.c_len == 0)
-        return -7;
+    ExpectIntEQ(ssl_s->max_fragment, max_fragment);
+    ExpectIntNE(test_ctx.c_len, 0);
     /* consume HRR from buffer */
     test_ctx.c_len = 0;
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return -8;
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
     wolfSSL_free(ssl_c2);
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #endif /* HAVE_MAX_FRAGMENT */
 
@@ -65125,146 +64641,122 @@ static int buf_is_hvr(const byte *data, int len)
 
 static int _test_wolfSSL_dtls_stateless_resume(byte useticket, byte bad)
 {
+    EXPECT_DECLS;
     struct test_memio_ctx test_ctx;
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
-    WOLFSSL_SESSION *sess;
-    int ret, round_trips;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    WOLFSSL_SESSION *sess = NULL;
+    int round_trips;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
-    if (ret != 0)
-        return -1;
+
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c,
+        &ssl_s, wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
 #ifdef HAVE_SESSION_TICKET
     if (useticket) {
-        ret = wolfSSL_UseSessionTicket(ssl_c);
-        if (ret != WOLFSSL_SUCCESS)
-            return -2;
+        ExpectIntEQ(wolfSSL_UseSessionTicket(ssl_c), WOLFSSL_SUCCESS);
     }
 #endif
     round_trips = ROUNDS_WITH_HVR;
-    ret = test_memio_do_handshake(ssl_c, ssl_s, round_trips, &round_trips);
-    if (ret != 0)
-        return -3;
-    if (round_trips != ROUNDS_WITH_HVR)
-        return -4;
-    sess = wolfSSL_get1_session(ssl_c);
-    if (sess == NULL)
-        return -5;
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, round_trips,
+        &round_trips), 0);
+    ExpectIntEQ(round_trips, ROUNDS_WITH_HVR);
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
     wolfSSL_shutdown(ssl_c);
     wolfSSL_shutdown(ssl_s);
     wolfSSL_free(ssl_c);
+    ssl_c = NULL;
     wolfSSL_free(ssl_s);
+    ssl_s = NULL;
+
     test_ctx.c_len = test_ctx.s_len = 0;
     /* make resumption invalid */
-    if (bad) {
+    if (bad && (sess != NULL)) {
         if (useticket) {
 #ifdef HAVE_SESSION_TICKET
-            sess->ticket[0] = !sess->ticket[0];
+            if (sess->ticket != NULL) {
+                sess->ticket[0] = !sess->ticket[0];
+            }
 #endif /* HAVE_SESSION_TICKET */
         }
         else {
             sess->sessionID[0] = !sess->sessionID[0];
         }
     }
-    ssl_c = wolfSSL_new(ctx_c);
-    ssl_s = wolfSSL_new(ctx_s);
+    ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
+    ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
     wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
     wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
-    ret = wolfSSL_set_session(ssl_c, sess);
-    if (ret != WOLFSSL_SUCCESS)
-        return -6;
-    ret = wolfSSL_connect(ssl_c);
-    if (ret == WOLFSSL_SUCCESS || ssl_c->error != WANT_READ)
-        return -7;
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == WOLFSSL_SUCCESS || ssl_s->error != WANT_READ)
-        return -8;
-    if (bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len))
-        return -9;
-    if (!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len))
-        return -10;
+    ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+    ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c->error == WANT_READ));
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
+    ExpectFalse(bad && !buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
+    ExpectFalse(!bad && buf_is_hvr(test_ctx.c_buff, test_ctx.c_len));
     if (!useticket) {
-        ret = test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips);
-        if (ret != 0)
-            return -11;
-        if (bad && round_trips != ROUNDS_WITH_HVR - 1)
-            return -12;
-        if (!bad && round_trips != ROUNDS_WITHOUT_HVR - 1)
-            return -13;
+        ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, &round_trips), 0);
+        ExpectFalse(bad && round_trips != ROUNDS_WITH_HVR - 1);
+        ExpectFalse(!bad && round_trips != ROUNDS_WITHOUT_HVR - 1);
     }
     wolfSSL_SESSION_free(sess);
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
-    return 0;
+    return EXPECT_RESULT();
 }
 
 static int test_wolfSSL_dtls_stateless_resume(void)
 {
-    int ret;
+    EXPECT_DECLS;
 #ifdef HAVE_SESSION_TICKET
-    ret = _test_wolfSSL_dtls_stateless_resume(1, 0);
-    if (ret != 0)
-        return TEST_RES_CHECK(ret);
-    ret = _test_wolfSSL_dtls_stateless_resume(1, 1);
-    if (ret != 0)
-        return TEST_RES_CHECK(ret - 100);
+    ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 0), TEST_SUCCESS);
+    ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(1, 1), TEST_SUCCESS);
 #endif /* HAVE_SESION_TICKET */
-    ret = _test_wolfSSL_dtls_stateless_resume(0, 0);
-    if (ret != 0)
-        return TEST_RES_CHECK(ret - 200);
-    ret = _test_wolfSSL_dtls_stateless_resume(0, 1);
-    if (ret != 0)
-        return TEST_RES_CHECK(ret - 300);
-    return TEST_RES_CHECK(TEST_SUCCESS);
+    ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 0), TEST_SUCCESS);
+    ExpectIntEQ(_test_wolfSSL_dtls_stateless_resume(0, 1), TEST_SUCCESS);
+    return EXPECT_RESULT();
 }
 #endif /* WOLFSSL_DTLS_NO_HVR_ON_RESUME */
 
 #if !defined(NO_OLD_TLS)
 static int test_wolfSSL_dtls_stateless_downgrade(void)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_c2 = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_c2 = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_c2 = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_c2 = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
-    int ret;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method);
-    if (ret != 0)
-        return -1;
-    ret = wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1);
-    if (ret != WOLFSSL_SUCCESS)
-        return -2;
-    ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method());
-    if (ctx_c2 == NULL)
-        return -3;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+    ExpectIntEQ(wolfSSL_CTX_SetMinVersion(ctx_s, WOLFSSL_DTLSV1),
+        WOLFSSL_SUCCESS);
+    ExpectNotNull(ctx_c2 = wolfSSL_CTX_new(wolfDTLSv1_client_method()));
     wolfSSL_SetIORecv(ctx_c2, test_memio_read_cb);
     wolfSSL_SetIOSend(ctx_c2, test_memio_write_cb);
-    ssl_c2 = wolfSSL_new(ctx_c2);
-    if (ssl_c2 == NULL)
-        return -4;
+    ExpectNotNull(ssl_c2 = wolfSSL_new(ctx_c2));
     wolfSSL_SetIOWriteCtx(ssl_c2, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_c2, &test_ctx);
-   /* send CH */
-    ret = wolfSSL_connect(ssl_c2);
-    if (ret == 0 || ssl_c2->error != WANT_READ)
-        return -5;
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 || ssl_s->error != WANT_READ)
-        return -6;
-    if (test_ctx.c_len == 0)
-        return -7;
+    /* send CH */
+    ExpectTrue((wolfSSL_connect(ssl_c2) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c2->error == WANT_READ));
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
+    ExpectIntNE(test_ctx.c_len, 0);
     /* consume HRR */
     test_ctx.c_len = 0;
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return -8;
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
     wolfSSL_free(ssl_c2);
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
@@ -65272,62 +64764,54 @@ static int test_wolfSSL_dtls_stateless_downgrade(void)
     wolfSSL_CTX_free(ctx_c2);
     wolfSSL_CTX_free(ctx_s);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #endif /* !defined(NO_OLD_TLS) */
 
 #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)*/
 
-#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) &&                     \
-    !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) &&              \
-    !defined(NO_OLD_TLS) && !defined(NO_RSA)
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+    !defined(NO_OLD_TLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
 static int test_WOLFSSL_dtls_version_alert(void)
 {
+    EXPECT_DECLS;
     struct test_memio_ctx test_ctx;
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
-    int ret;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
 
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_2_client_method, wolfDTLSv1_server_method);
-    if (ret != 0)
-        return -1;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_2_client_method, wolfDTLSv1_server_method), 0);
 
     /* client hello */
-    ret = wolfSSL_connect(ssl_c);
-    if (ret == 0 || ssl_c->error != WANT_READ )
-        return -2;
+    ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c->error == WANT_READ));
     /* hrr */
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 || ssl_s->error != WANT_READ )
-        return -3;
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
     /* client hello 1 */
-    ret = wolfSSL_connect(ssl_c);
-    if (ret == 0 || ssl_c->error != WANT_READ )
-        return -4;
+    ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c->error == WANT_READ));
     /* server hello */
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 || ssl_s->error != WANT_READ )
-        return -5;
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == WANT_READ));
     /* should fail */
-    ret = wolfSSL_connect(ssl_c);
-    if (ret == 0 || ssl_c->error != VERSION_ERROR)
-        return -6;
+    ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c->error == VERSION_ERROR));
     /* shuould fail */
-    ret = wolfSSL_accept(ssl_s);
-    if (ret == 0 ||
-        (ssl_s->error != VERSION_ERROR && ssl_s->error != FATAL_ERROR))
-        return -7;
+    ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_s->error == VERSION_ERROR || ssl_s->error == FATAL_ERROR));
 
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #else
 static int test_WOLFSSL_dtls_version_alert(void)
@@ -65342,7 +64826,8 @@ static int test_WOLFSSL_dtls_version_alert(void)
 
 #if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET)       \
     && defined(WOLFSSL_TLS13) &&                                               \
-    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
+    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
+    && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
 static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
 {
     struct test_memio_ctx *test_ctx;
@@ -65389,141 +64874,120 @@ static int send_new_session_ticket(WOLFSSL *ssl, byte nonceLength, byte filler)
 
 static int test_ticket_nonce_check(WOLFSSL_SESSION *sess, byte len)
 {
-    int i;
-
-    if (sess == NULL)
-        return -1;
-
-    if (sess->ticketNonce.len != len)
-        return -1;
+    int ret = 0;
 
-    for (i = 0; i < len; i++)
-        if (sess->ticketNonce.data[i] != len)
-            return -1;
+    if ((sess == NULL) || (sess->ticketNonce.len != len)) {
+        ret = -1;
+    }
+    else {
+        int i;
+        for (i = 0; i < len; i++) {
+            if (sess->ticketNonce.data[i] != len) {
+                ret = -1;
+                break;
+            }
+        }
+    }
 
-    return 0;
+    return ret;
 }
 
 static int test_ticket_nonce_malloc_do(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
 {
+    EXPECT_DECLS;
     char *buf[1024];
-    int ret;
 
-    ret = send_new_session_ticket(ssl_s, len, len);
-    if (ret != 0)
-        return -1;
+    ExpectIntEQ(send_new_session_ticket(ssl_s, len, len), 0);
+    ExpectTrue((wolfSSL_recv(ssl_c, buf, 1024, 0) == WOLFSSL_FATAL_ERROR) &&
+        (ssl_c->error == WANT_READ));
 
-    ret = wolfSSL_recv(ssl_c, buf, 1024, 0);
-    if (ret != WOLFSSL_SUCCESS && ssl_c->error != WANT_READ)
-        return -1;
+    ExpectIntEQ(test_ticket_nonce_check(ssl_c->session, len), 0);
 
-    return test_ticket_nonce_check(ssl_c->session, len);
+    return EXPECT_RESULT();
 }
 
 static int test_ticket_nonce_cache(WOLFSSL *ssl_s, WOLFSSL *ssl_c, byte len)
 {
-    WOLFSSL_SESSION *sess, *cached;
-    WOLFSSL_CTX *ctx;
-    int ret;
+    EXPECT_DECLS;
+    WOLFSSL_SESSION *sess = NULL;
+    WOLFSSL_SESSION *cached = NULL;
+    WOLFSSL_CTX *ctx = ssl_c->ctx;
 
-    ctx = ssl_c->ctx;
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, len), TEST_SUCCESS);
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
 
-    ret = test_ticket_nonce_malloc_do(ssl_s, ssl_c, len);
-    if (ret != 0)
-        return -1;
-    sess = wolfSSL_get1_session(ssl_c);
-    if (sess == NULL)
-        return -1;
+    ExpectIntEQ(AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz,
+        NULL, ssl_c->options.side, 1,NULL), 0);
 
-    ret = AddSessionToCache(ctx, sess, sess->sessionID, sess->sessionIDSz,
-         NULL, ssl_c->options.side, 1,NULL);
-    if (ret != 0)
-        return -1;
+    ExpectNotNull(cached = wolfSSL_SESSION_new());
 
-    cached = wolfSSL_SESSION_new();
-    if (cached == NULL)
-        return -1;
+    ExpectIntEQ(wolfSSL_GetSessionFromCache(ssl_c, cached), WOLFSSL_SUCCESS);
 
-    ret = wolfSSL_GetSessionFromCache(ssl_c, cached);
-    if (ret != WOLFSSL_SUCCESS)
-        return -1;
-
-    ret = test_ticket_nonce_check(cached, len);
-    if (ret != 0)
-        return -1;
+    ExpectIntEQ(test_ticket_nonce_check(cached, len), 0);
 
     wolfSSL_SESSION_free(cached);
     wolfSSL_SESSION_free(sess);
 
-    return 0;
+    return EXPECT_RESULT();
 }
 
 static int test_ticket_nonce_malloc(void)
 {
+    EXPECT_DECLS;
     struct test_memio_ctx test_ctx;
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
-    byte small, medium, big;
-    int ret;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    byte small;
+    byte medium;
+    byte big;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
 
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfTLSv1_3_client_method, wolfTLSv1_3_server_method);
-    if (ret != 0)
-        return -1;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
 
     /* will send ticket manually */
-    wolfSSL_no_ticket_TLSv13(ssl_s);
+    ExpectIntEQ(wolfSSL_no_ticket_TLSv13(ssl_s), 0);
 
     wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
     wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
 
-    while (!ssl_c->options.handShakeDone && !ssl_s->options.handShakeDone) {
-        ret = wolfSSL_connect(ssl_c);
-        if (ret != WOLFSSL_SUCCESS  && ssl_c->error != WANT_READ)
-            return -2;
+    while (EXPECT_SUCCESS() && (ssl_c->options.handShakeDone == 0) &&
+            (ssl_s->options.handShakeDone == 0)) {
+        ExpectTrue((wolfSSL_connect(ssl_c) == WOLFSSL_SUCCESS) ||
+            (ssl_c->error == WANT_READ));
 
-        ret = wolfSSL_accept(ssl_s);
-        if (ret != WOLFSSL_SUCCESS && ssl_s->error != WANT_READ)
-            return -3;
+        ExpectTrue((wolfSSL_accept(ssl_s) == WOLFSSL_SUCCESS) ||
+            (ssl_s->error == WANT_READ));
     }
 
     small = TLS13_TICKET_NONCE_STATIC_SZ;
     medium = small + 20 <= 255 ? small + 20 : 255;
     big = medium + 20 <= 255 ? small + 20 : 255;
 
-    if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, small))
-        return -1;
-    if (ssl_c->session->ticketNonce.data !=
-            ssl_c->session->ticketNonce.dataStatic)
-        return -1;
-    if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium))
-        return -1;
-    if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, big))
-        return -1;
-    if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium))
-        return -5;
-    if (test_ticket_nonce_malloc_do(ssl_s, ssl_c, small))
-        return -6;
-
-    if (test_ticket_nonce_cache(ssl_s, ssl_c, small))
-        return -1;
-    if (test_ticket_nonce_cache(ssl_s, ssl_c, medium))
-        return -1;
-    if (test_ticket_nonce_cache(ssl_s, ssl_c, big))
-        return -1;
-    if (test_ticket_nonce_cache(ssl_s, ssl_c, medium))
-        return -1;
-    if (test_ticket_nonce_cache(ssl_s, ssl_c, small))
-        return -1;
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
+    ExpectPtrEq(ssl_c->session->ticketNonce.data,
+         ssl_c->session->ticketNonce.dataStatic);
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
+        TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, big), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, medium),
+        TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_malloc_do(ssl_s, ssl_c, small), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, big), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, medium), TEST_SUCCESS);
+    ExpectIntEQ(test_ticket_nonce_cache(ssl_s, ssl_c, small), TEST_SUCCESS);
 
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
 
-    return 0;
+    return EXPECT_RESULT();
 }
 
 #endif /* WOLFSSL_TICKET_NONCE_MALLOC */
@@ -65532,60 +64996,52 @@ static int test_ticket_nonce_malloc(void)
     !defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) &&                 \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
     !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && !defined(NO_RSA) && \
-    defined(HAVE_ECC)
+    defined(HAVE_ECC) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
 
 static int test_ticket_ret_create(void)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
     byte ticket[SESSION_TICKET_LEN];
     struct test_memio_ctx test_ctx;
     WOLFSSL_SESSION *sess = NULL;
-    word16 ticketLen;
-    int ret;
+    word16 ticketLen = 0;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
     wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_NONE, 0);
     wolfSSL_set_verify(ssl_c, WOLFSSL_VERIFY_NONE, 0);
-    wolfSSL_CTX_UseSessionTicket(ctx_c);
+    ExpectIntEQ(wolfSSL_CTX_UseSessionTicket(ctx_c), WOLFSSL_SUCCESS);
 
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
 
-    sess = wolfSSL_get1_session(ssl_c);
-    if (sess->ticketLen > SESSION_TICKET_LEN)
-        return TEST_FAIL;
-    ticketLen = sess->ticketLen;
-    XMEMCPY(ticket, sess->ticket, sess->ticketLen);
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+    ExpectIntLE(sess->ticketLen, SESSION_TICKET_LEN);
+    if (sess != NULL) {
+        ticketLen = sess->ticketLen;
+        XMEMCPY(ticket, sess->ticket, sess->ticketLen);
+    }
     wolfSSL_free(ssl_c);
+    ssl_c = NULL;
     wolfSSL_free(ssl_s);
+    ssl_s = NULL;
 
-    ssl_s = wolfSSL_new(ctx_s);
-    if (ssl_s == NULL)
-        return TEST_FAIL;
+    ExpectNotNull(ssl_s = wolfSSL_new(ctx_s));
     wolfSSL_SetIOWriteCtx(ssl_s, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_s, &test_ctx);
-    ssl_c = wolfSSL_new(ctx_c);
-    if (ssl_c == NULL)
-        return TEST_FAIL;
+    ExpectNotNull(ssl_c = wolfSSL_new(ctx_c));
     wolfSSL_SetIOWriteCtx(ssl_c, &test_ctx);
     wolfSSL_SetIOReadCtx(ssl_c, &test_ctx);
 
-    wolfSSL_set_session(ssl_c, sess);
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return TEST_FAIL;
-    if (ssl_c->session->ticketLen > SESSION_TICKET_LEN)
-        return TEST_FAIL;
-    if (ssl_c->session->ticketLen != ticketLen)
-        return TEST_FAIL;
-    if (XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) == 0)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+    ExpectIntLE(ssl_c->session->ticketLen, SESSION_TICKET_LEN);
+    ExpectIntEQ(ssl_c->session->ticketLen, ticketLen);
+    ExpectTrue(XMEMCMP(ssl_c->session->ticket, ticket, ticketLen) != 0);
 
     wolfSSL_SESSION_free(sess);
     wolfSSL_free(ssl_c);
@@ -65593,7 +65049,7 @@ static int test_ticket_ret_create(void)
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_CTX_free(ctx_s);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #else
 static int test_ticket_ret_create(void)
@@ -65602,14 +65058,16 @@ static int test_ticket_ret_create(void)
 }
 #endif
 
-#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && defined(HAVE_SESSION_TICKET) \
-    && defined(OPENSSL_EXTRA) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
-    defined(HAVE_AESGCM) && !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
+#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) && \
+    defined(HAVE_SESSION_TICKET) && defined(OPENSSL_EXTRA) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_AESGCM) && \
+    !defined(NO_SHA256) && defined(WOLFSSL_AES_128) && \
     defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256)
 static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
 {
     int ret;
     WOLFSSL_SESSION* session = NULL;
+
     AssertIntEQ(wolfSSL_get_current_cipher_suite(ssl), 0x1301);
     if (!wolfSSL_is_server(ssl)) {
         session = wolfSSL_SESSION_dup(wolfSSL_get_session(ssl));
@@ -65639,7 +65097,7 @@ static void test_ticket_and_psk_mixing_on_result(WOLFSSL* ssl)
         /* Different ciphersuite so that the ticket will be invalidated based on
          * the ciphersuite */
         AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES256-GCM-SHA384"),
-                        WOLFSSL_SUCCESS);
+            WOLFSSL_SUCCESS);
         wolfSSL_set_psk_server_tls13_callback(ssl, my_psk_server_tls13_cb);
         AssertIntEQ(wolfSSL_accept(ssl), WOLFSSL_SUCCESS);
     }
@@ -65649,11 +65107,12 @@ static void test_ticket_and_psk_mixing_ssl_ready(WOLFSSL* ssl)
 {
     AssertIntEQ(wolfSSL_UseSessionTicket(ssl), WOLFSSL_SUCCESS);
     AssertIntEQ(wolfSSL_set_cipher_list(ssl, "TLS13-AES128-GCM-SHA256"),
-                    WOLFSSL_SUCCESS);
+        WOLFSSL_SUCCESS);
 }
 
 static int test_ticket_and_psk_mixing(void)
 {
+    EXPECT_DECLS;
     /* Test mixing tickets and regular PSK */
     callback_functions client_cbs, server_cbs;
 
@@ -65670,10 +65129,10 @@ static int test_ticket_and_psk_mixing(void)
 
     test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
 
-    AssertIntEQ(client_cbs.return_code, TEST_SUCCESS);
-    AssertIntEQ(server_cbs.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #else
 static int test_ticket_and_psk_mixing(void)
@@ -65753,6 +65212,7 @@ static void test_prioritize_psk_ssl_ready(WOLFSSL* ssl)
 
 static int test_prioritize_psk(void)
 {
+    EXPECT_DECLS;
     /* We always send the ticket first. With WOLFSSL_PRIORITIZE_PSK the order
      * of the PSK's will be followed instead of the ciphersuite. */
     callback_functions client_cbs, server_cbs;
@@ -65771,10 +65231,10 @@ static int test_prioritize_psk(void)
 
     test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
 
-    AssertIntEQ(client_cbs.return_code, TEST_SUCCESS);
-    AssertIntEQ(server_cbs.return_code, TEST_SUCCESS);
+    ExpectIntEQ(client_cbs.return_code, TEST_SUCCESS);
+    ExpectIntEQ(server_cbs.return_code, TEST_SUCCESS);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #else
 static int test_prioritize_psk(void)
@@ -65994,9 +65454,10 @@ static int test_TLS_13_ticket_different_ciphers(void)
 }
 #endif
 #if defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) &&             \
-    defined(HAVE_IO_TESTS_DEPENDENCIES)
+    defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)
 
-#define TEST_WRONG_CS_CLIENT "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
+#define TEST_WRONG_CS_CLIENT "DHE-RSA-AES128-SHA"
+/* AKA TLS_DHE_RSA_WITH_AES_128_CBC_SHA */
 
 byte test_extra_alerts_wrong_cs_sh[] = {
   0x16, 0x03, 0x03, 0x00, 0x56, 0x02, 0x00, 0x00, 0x52, 0x03, 0x03, 0xef,
@@ -66013,30 +65474,24 @@ byte test_extra_alerts_wrong_cs_sh[] = {
 
 static int test_extra_alerts_wrong_cs(void)
 {
+    EXPECT_DECLS;
+#ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA
     struct test_memio_ctx test_ctx;
     WOLFSSL_CTX *ctx_c = NULL;
     WOLFSSL_ALERT_HISTORY h;
     WOLFSSL *ssl_c = NULL;
-    int ret, err;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
-        wolfTLSv1_2_client_method, NULL);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+        wolfTLSv1_2_client_method, NULL), 0);
 
-    ret = wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT);
-    if (ret != WOLFSSL_SUCCESS) {
-        wolfSSL_free(ssl_c);
-        wolfSSL_CTX_free(ctx_c);
-        return TEST_SKIPPED;
-    }
+    ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, TEST_WRONG_CS_CLIENT),
+        WOLFSSL_SUCCESS);
 
     /* CH */
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
 
     /* consume CH */
     test_ctx.s_len = 0;
@@ -66045,22 +65500,17 @@ static int test_extra_alerts_wrong_cs(void)
         sizeof(test_extra_alerts_wrong_cs_sh));
     test_ctx.c_len = sizeof(test_extra_alerts_wrong_cs_sh);
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    if (ret == WOLFSSL_SUCCESS || err == WOLFSSL_ERROR_WANT_READ)
-        return TEST_FAIL;
-    ret = wolfSSL_get_alert_history(ssl_c, &h);
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
-    if (h.last_tx.code != illegal_parameter)
-        return TEST_FAIL;
-    if (h.last_tx.level != alert_fatal)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+    ExpectIntEQ(h.last_tx.code, illegal_parameter);
+    ExpectIntEQ(h.last_tx.level, alert_fatal);
 
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
-
-    return TEST_SUCCESS;
+#endif
+    return EXPECT_RESULT();
 }
 #else
 static int test_extra_alerts_wrong_cs(void)
@@ -66070,7 +65520,7 @@ static int test_extra_alerts_wrong_cs(void)
 #endif
 
 #if !defined(WOLFSSL_NO_TLS12) && defined(WOLFSSL_EXTRA_ALERTS) &&             \
-    defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
+    defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_SP_MATH)
 
 static void test_remove_msg(byte *msg, int tail_len, int *len, int msg_length)
 {
@@ -66149,42 +65599,38 @@ static int test_remove_hs_msg_from_buffer(byte *buf, int *len, byte type,
 static int test_remove_hs_message(byte hs_message_type,
     int extra_round, byte alert_type)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
     WOLFSSL_ALERT_HISTORY h;
-    int ret, err;
-    byte found;
+    byte found = 0;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    AssertIntNE(ret, WOLFSSL_SUCCESS);
-    AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
 
-    ret = wolfSSL_accept(ssl_s);
-    err = wolfSSL_get_error(ssl_s, ret);
-    AssertIntNE(ret, WOLFSSL_SUCCESS);
-    AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+    ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
 
     if (extra_round) {
-        ret = wolfSSL_connect(ssl_c);
-        err = wolfSSL_get_error(ssl_c, ret);
-        AssertIntNE(ret, WOLFSSL_SUCCESS);
-        AssertIntEQ(err, WOLFSSL_ERROR_WANT_READ);
+        ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+            WOLFSSL_ERROR_WANT_READ);
 
         /* this will complete handshake from server side */
-        ret = wolfSSL_accept(ssl_s);
-        AssertIntEQ(ret, WOLFSSL_SUCCESS);
+        ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
     }
 
-    ret = test_remove_hs_msg_from_buffer(test_ctx.c_buff,
-         &test_ctx.c_len, hs_message_type, &found);
-    AssertIntEQ(ret, 0);
+    ExpectIntEQ(test_remove_hs_msg_from_buffer(test_ctx.c_buff,
+         &test_ctx.c_len, hs_message_type, &found), 0);
 
     if (!found) {
         wolfSSL_free(ssl_c);
@@ -66194,44 +65640,37 @@ static int test_remove_hs_message(byte hs_message_type,
         return TEST_SKIPPED;
     }
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    AssertIntNE(ret, WOLFSSL_SUCCESS);
-    AssertIntNE(err, WOLFSSL_ERROR_WANT_READ);
-    ret = wolfSSL_get_alert_history(ssl_c, &h);
-    AssertIntEQ(ret, WOLFSSL_SUCCESS);
-    if (alert_type != 0xff && h.last_tx.code != alert_type)
-        return TEST_FAIL;
-    if (h.last_tx.level != alert_fatal)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+    ExpectTrue(alert_type == 0xff || h.last_tx.code == alert_type);
+    ExpectIntEQ(h.last_tx.level, alert_fatal);
 
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_s);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 
 static int test_extra_alerts_skip_hs(void)
 {
+    EXPECT_DECLS;
     const byte _server_key_exchange = 12;
     const byte _server_hello = 2;
     const byte _certificate = 11;
-    int ret;
 
     /* server_hello */
-    ret = test_remove_hs_message(_server_hello, 0,
-        unexpected_message);
-    AssertIntNE(ret, TEST_FAIL);
-    ret = test_remove_hs_message(_certificate, 0,
-        0xff);
-    AssertIntNE(ret, TEST_FAIL);
-    ret = test_remove_hs_message(_server_key_exchange, 0,
-        unexpected_message);
-    AssertIntNE(ret, TEST_FAIL);
+    ExpectIntNE(test_remove_hs_message(_server_hello, 0,
+        unexpected_message), TEST_FAIL);
+    ExpectIntNE(test_remove_hs_message(_certificate, 0,
+        0xff), TEST_FAIL);
+    ExpectIntNE(test_remove_hs_message(_server_key_exchange, 0,
+        unexpected_message), TEST_FAIL);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #else
 static int test_extra_alerts_skip_hs(void)
@@ -66240,8 +65679,8 @@ static int test_extra_alerts_skip_hs(void)
 }
 #endif
 
-#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_IO_TESTS_DEPENDENCIES) &&       \
-    defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
+#if !defined(WOLFSSL_NO_TLS12) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES)\
+    && defined(WOLFSSL_EXTRA_ALERTS) && !defined(NO_PSK) && !defined(NO_DH)
 
 static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
     unsigned char* key, unsigned int key_max_len)
@@ -66256,56 +65695,47 @@ static unsigned int test_server_psk_cb(WOLFSSL* ssl, const char* id,
 
 static int test_extra_alerts_bad_psk(void)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
     WOLFSSL_ALERT_HISTORY h;
-    int ret, err;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
 
-    ret = wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256");
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_set_cipher_list(ssl_c, "DHE-PSK-AES128-GCM-SHA256"),
+        WOLFSSL_SUCCESS);
 
-    ret = wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256");
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_set_cipher_list(ssl_s, "DHE-PSK-AES128-GCM-SHA256"),
+        WOLFSSL_SUCCESS);
 
     wolfSSL_set_psk_server_callback(ssl_s, test_server_psk_cb);
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
 
-    ret = wolfSSL_accept(ssl_s);
-    err = wolfSSL_get_error(ssl_s, ret);
-    if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+    ExpectIntEQ( wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    if (ret == WOLFSSL_SUCCESS || err == WOLFSSL_ERROR_WANT_READ)
-        return TEST_FAIL;
-    ret = wolfSSL_get_alert_history(ssl_c, &h);
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
-    if (h.last_tx.code != handshake_failure)
-        return TEST_FAIL;
-    if (h.last_tx.level != alert_fatal)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntNE(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    ExpectIntEQ(wolfSSL_get_alert_history(ssl_c, &h), WOLFSSL_SUCCESS);
+    ExpectIntEQ(h.last_tx.code, handshake_failure);
+    ExpectIntEQ(h.last_tx.level, alert_fatal);
 
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_s);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #else
 static int test_extra_alerts_bad_psk(void)
@@ -66357,6 +65787,7 @@ static void test_harden_no_secure_renegotiation_on_cleanup(WOLFSSL* ssl)
 
 static int test_harden_no_secure_renegotiation(void)
 {
+    EXPECT_DECLS;
     callback_functions client_cbs, server_cbs;
 
     XMEMSET(&client_cbs, 0, sizeof(client_cbs));
@@ -66369,12 +65800,13 @@ static int test_harden_no_secure_renegotiation(void)
     server_cbs.on_cleanup = test_harden_no_secure_renegotiation_on_cleanup;
     test_wolfSSL_client_server_nofail(&client_cbs, &server_cbs);
 
-    AssertIntEQ(client_cbs.return_code, TEST_FAIL);
-    AssertIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E);
-    AssertIntEQ(server_cbs.return_code, TEST_FAIL);
-    AssertIntEQ(server_cbs.last_err, SOCKET_ERROR_E);
+    ExpectIntEQ(client_cbs.return_code, TEST_FAIL);
+    ExpectIntEQ(client_cbs.last_err, SECURE_RENEGOTIATION_E);
+    ExpectIntEQ(server_cbs.return_code, TEST_FAIL);
+    ExpectTrue(server_cbs.last_err == SOCKET_ERROR_E ||
+               server_cbs.last_err == FATAL_ERROR);
 
-    return TEST_RES_CHECK(1);
+    return EXPECT_RESULT();
 }
 #else
 static int test_harden_no_secure_renegotiation(void)
@@ -66387,11 +65819,11 @@ static int test_harden_no_secure_renegotiation(void)
 static int test_override_alt_cert_chain_cert_cb(int preverify,
         WOLFSSL_X509_STORE_CTX* store)
 {
-    printf("preverify: %d\n", preverify);
-    printf("store->error: %d\n", store->error);
-    printf("error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error));
+    fprintf(stderr, "preverify: %d\n", preverify);
+    fprintf(stderr, "store->error: %d\n", store->error);
+    fprintf(stderr, "error reason: %s\n", wolfSSL_ERR_reason_error_string(store->error));
     if (store->error == OCSP_INVALID_STATUS) {
-        printf("Overriding OCSP error\n");
+        fprintf(stderr, "Overriding OCSP error\n");
         return 1;
     }
 #ifndef WOLFSSL_ALT_CERT_CHAINS
@@ -66402,7 +65834,7 @@ static int test_override_alt_cert_chain_cert_cb(int preverify,
             || store->error == WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
 #endif
             ) && store->error_depth == store->totalCerts - 1) {
-        printf("Overriding no signer error only for root cert\n");
+        fprintf(stderr, "Overriding no signer error only for root cert\n");
         return 1;
     }
 #endif
@@ -66478,7 +65910,7 @@ static int test_override_alt_cert_chain(void)
         XMEMSET(&client_cbs, 0, sizeof(client_cbs));
         XMEMSET(&server_cbs, 0, sizeof(server_cbs));
 
-        printf("test config: %d\n", (int)i);
+        fprintf(stderr, "test config: %d\n", (int)i);
 
         client_cbs.ctx_ready = params[i].client_ctx_cb;
         server_cbs.ctx_ready = params[i].server_ctx_cb;
@@ -66499,68 +65931,1070 @@ static int test_override_alt_cert_chain(void)
 }
 #endif
 
-#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+#if defined(HAVE_RPK)
 
+#define svrRpkCertFile     "./certs/rpk/server-cert-rpk.der"
+#define clntRpkCertFile    "./certs/rpk/client-cert-rpk.der"
 
-static int test_dtls13_bad_epoch_ch(void)
+#if defined(WOLFSSL_ALWAYS_VERIFY_CB)
+static int MyRpkVerifyCb(int mode, WOLFSSL_X509_STORE_CTX* strctx)
 {
+    int ret = WOLFSSL_SUCCESS;
+    (void)mode;
+    (void)strctx;
+    WOLFSSL_ENTER("MyRpkVerifyCb");
+    return ret;
+}
+#endif /* WOLFSSL_ALWAYS_VERIFY_CB */
+
+static WC_INLINE int test_rpk_memio_setup(
+    struct test_memio_ctx *ctx,
+    WOLFSSL_CTX **ctx_c,
+    WOLFSSL_CTX **ctx_s,
+    WOLFSSL **ssl_c,
+    WOLFSSL **ssl_s,
+    method_provider method_c,
+    method_provider method_s,
+    const char* certfile_c, int fmt_cc, /* client cert file path and format */
+    const char* certfile_s, int fmt_cs, /* server cert file path and format */
+    const char* pkey_c,     int fmt_kc, /* client private key and format */
+    const char* pkey_s,     int fmt_ks  /* server private key and format */
+    )
+{
+    int ret;
+    if (ctx_c != NULL && *ctx_c == NULL) {
+        *ctx_c = wolfSSL_CTX_new(method_c());
+        if (*ctx_c == NULL) {
+            return -1;
+        }
+        wolfSSL_CTX_set_verify(*ctx_c, WOLFSSL_VERIFY_PEER, NULL);
+
+        ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+        wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
+        wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
+
+        ret = wolfSSL_CTX_use_certificate_file(*ctx_c, certfile_c, fmt_cc);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+        ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_c, pkey_c, fmt_kc);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+    }
+
+    if (ctx_s != NULL && *ctx_s == NULL) {
+        *ctx_s = wolfSSL_CTX_new(method_s());
+        if (*ctx_s == NULL) {
+            return -1;
+        }
+        wolfSSL_CTX_set_verify(*ctx_s, WOLFSSL_VERIFY_PEER, NULL);
+
+        ret = wolfSSL_CTX_load_verify_locations(*ctx_s, cliCertFile, 0);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+
+        ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, pkey_s, fmt_ks);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+        ret = wolfSSL_CTX_use_certificate_file(*ctx_s, certfile_s, fmt_cs);
+        if (ret != WOLFSSL_SUCCESS) {
+            return -1;
+        }
+        wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
+        wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
+        if (ctx->s_ciphers != NULL) {
+            ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
+            if (ret != WOLFSSL_SUCCESS) {
+                return -1;
+            }
+        }
+    }
+
+    if (ctx_c != NULL && ssl_c != NULL) {
+        *ssl_c = wolfSSL_new(*ctx_c);
+        if (*ssl_c == NULL) {
+            return -1;
+        }
+        wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
+        wolfSSL_SetIOReadCtx(*ssl_c, ctx);
+    }
+    if (ctx_s != NULL && ssl_s != NULL) {
+        *ssl_s = wolfSSL_new(*ctx_s);
+        if (*ssl_s == NULL) {
+            return -1;
+        }
+        wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
+        wolfSSL_SetIOReadCtx(*ssl_s, ctx);
+#if !defined(NO_DH)
+        SetDH(*ssl_s);
+#endif
+    }
+
+    return 0;
+}
+#endif /* HAVE_RPK */
+
+static int test_rpk_set_xxx_cert_type(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_RPK)
+
+    char ctype[MAX_CLIENT_CERT_TYPE_CNT + 1];   /* prepare bigger buffer */
+    WOLFSSL_CTX* ctx = NULL;
+    WOLFSSL* ssl = NULL;
+    int tp;
+
+    ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
+    ExpectNotNull(ctx);
+
+    ssl = wolfSSL_new(ctx);
+    ExpectNotNull(ssl);
+
+    /*--------------------------------------------*/
+    /* tests for wolfSSL_CTX_set_client_cert_type */
+    /*--------------------------------------------*/
+
+    /* illegal parameter test caces */
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(NULL, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                sizeof(ctype)),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;  /* set an identical cert type */
+    ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_X509;
+    ctype[1] = 10;                      /* set unknown cert type */
+
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+    /* pass larger type count */
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+    ctype[1] = WOLFSSL_CERT_TYPE_X509;
+    ctype[2] = 1;                       /* pass unacceptable type count */
+
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT + 1),
+                                                BAD_FUNC_ARG);
+
+    /* should accept NULL for type buffer */
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, NULL,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /* should accept zero for type count */
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                0),
+                                                WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_CTX_set_client_cert_type(ctx, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /*--------------------------------------------*/
+    /* tests for wolfSSL_CTX_set_server_cert_type */
+    /*--------------------------------------------*/
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(NULL, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                sizeof(ctype)),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;  /* set an identical cert type */
+    ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_X509;
+    ctype[1] = 10;                      /* set unknown cert type */
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+    /* pass larger type count */
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+    ctype[1] = WOLFSSL_CERT_TYPE_X509;
+    ctype[2] = 1;                       /* pass unacceptable type count */
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT + 1),
+                                                BAD_FUNC_ARG);
+
+    /* should accept NULL for type buffer */
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, NULL,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /* should accept zero for type count */
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                0),
+                                                WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_CTX_set_server_cert_type(ctx, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /*--------------------------------------------*/
+    /* tests for wolfSSL_set_client_cert_type */
+    /*--------------------------------------------*/
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(NULL, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                sizeof(ctype)),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;  /* set an identical cert type */
+    ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_X509;
+    ctype[1] = 10;                      /* set unknown cert type */
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+    /* pass larger type count */
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+    ctype[1] = WOLFSSL_CERT_TYPE_X509;
+    ctype[2] = 1;                       /* pass unacceptable type count */
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT + 1),
+                                                BAD_FUNC_ARG);
+
+    /* should accept NULL for type buffer */
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, NULL,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /* should accept zero for type count */
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                0),
+                                                WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl, ctype,
+                                                MAX_CLIENT_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /*--------------------------------------------*/
+    /* tests for wolfSSL_CTX_set_server_cert_type */
+    /*--------------------------------------------*/
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(NULL, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                sizeof(ctype)),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;  /* set an identical cert type */
+    ctype[1] = WOLFSSL_CERT_TYPE_RPK;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+
+    ctype[0] = WOLFSSL_CERT_TYPE_X509;
+    ctype[1] = 10;                      /* set unknown cert type */
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                BAD_FUNC_ARG);
+    /* pass larger type count */
+    ctype[0] = WOLFSSL_CERT_TYPE_RPK;
+    ctype[1] = WOLFSSL_CERT_TYPE_X509;
+    ctype[2] = 1;                       /* pass unacceptable type count */
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT + 1),
+                                                BAD_FUNC_ARG);
+
+    /* should accept NULL for type buffer */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, NULL,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /* should accept zero for type count */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                0),
+                                                WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl, ctype,
+                                                MAX_SERVER_CERT_TYPE_CNT),
+                                                WOLFSSL_SUCCESS);
+
+    /*------------------------------------------------*/
+    /* tests for wolfSSL_get_negotiated_xxx_cert_type */
+    /*------------------------------------------------*/
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(NULL, &tp),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl, NULL),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(NULL, &tp),
+                                                BAD_FUNC_ARG);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl, NULL),
+                                                BAD_FUNC_ARG);
+
+
+    /* clean up */
+    wolfSSL_free(ssl);
+    wolfSSL_CTX_free(ctx);
+
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_tls13_rpk_handshake(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_RPK)
+    int ret = 0;
     WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
     WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
-    const int EPOCH_OFF = 3;
-    int ret, err;
+    int err;
+    char certType_c[MAX_CLIENT_CERT_TYPE_CNT];
+    char certType_s[MAX_CLIENT_CERT_TYPE_CNT];
+    int typeCnt_c;
+    int typeCnt_s;
+    int tp;
 
+    (void)err;
+    (void)typeCnt_c;
+    (void)typeCnt_s;
+    (void)certType_c;
+    (void)certType_s;
+
+    /*  TLS1.2
+     *  Both client and server load x509 cert and start handshaking.
+     *  Check no negotiation occurred.
+     */
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method);
-    if (ret != 0)
-        return TEST_FAIL;
 
-    /* disable hrr cookie so we can later check msgsReceived.got_client_hello
-     *  with just one message */
-    ret = wolfSSL_disable_hrr_cookie(ssl_s);
-    if (ret != WOLFSSL_SUCCESS)
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+            cliCertFile,     WOLFSSL_FILETYPE_PEM,
+            svrCertFile,     WOLFSSL_FILETYPE_PEM,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM)
+        , 0);
+
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    /*  both clien and server do not call client/server_cert_type APIs,
+     *  expecting default settings works and no negotiation performed.
+     */
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    ret = wolfSSL_connect(ssl_c);
-    err = wolfSSL_get_error(ssl_c, ret);
-    if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
+    /* confirm no negotiation occurred */
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                            WOLFSSL_SUCCESS);
+    ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                            WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                            WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                            WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+    /*  Both client and server load x509 cert and start handshaking.
+     *  Check no negotiation occurred.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            cliCertFile,     WOLFSSL_FILETYPE_PEM,
+            svrCertFile,     WOLFSSL_FILETYPE_PEM,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    /*  both clien and server do not call client/server_cert_type APIs,
+     *  expecting default settings works and no negotiation performed.
+     */
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    if (test_ctx.s_len < EPOCH_OFF + 2)
+    /* confirm no negotiation occurred */
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ((int)tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  Both client and server load RPK cert and start handshaking.
+     *  Confirm negotiated cert types match as expected.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+            svrRpkCertFile,  WOLFSSL_FILETYPE_ASN1,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in client end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set client certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    /* first CH should use epoch 0x0 */
-    if (test_ctx.s_buff[EPOCH_OFF] != 0x0 ||
-        test_ctx.s_buff[EPOCH_OFF + 1] != 0x0)
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  TLS1.2
+     *  Both client and server load RPK cert and start handshaking.
+     *  Confirm negotiated cert types match as expected.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+            clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+            svrRpkCertFile,  WOLFSSL_FILETYPE_ASN1,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in client end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set client certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    /* change epoch to 2 */
-    test_ctx.s_buff[EPOCH_OFF + 1] = 0x2;
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  Both client and server load x509 cert.
+     *  Have client call set_client_cert_type with both RPK and x509.
+     *  This doesn't makes client add client cert type extension to ClientHello,
+     *  since it does not load RPK cert actually.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            cliCertFile,     WOLFSSL_FILETYPE_PEM,
+            svrCertFile,     WOLFSSL_FILETYPE_PEM,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    /* client indicates both RPK and x509 certs are available but loaded RPK
+     * cert only. It does not have client add client-cert-type extension in CH.
+     */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* client indicates both RPK and x509 certs are acceptable */
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* server indicates both RPK and x509 certs are acceptable */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* server should indicate only RPK cert is available */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = -1;
+    typeCnt_s = 1;
 
-    ret = wolfSSL_accept(ssl_s);
-    err = wolfSSL_get_error(ssl_s, ret);
-    if (ret == WOLFSSL_SUCCESS || err != WOLFSSL_ERROR_WANT_READ)
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    if (ssl_s->msgsReceived.got_client_hello == 1)
+    /* Negotiation for client-cert-type should NOT happen. Therefore -1 should
+     * be returned as cert type.
+     */
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  Have client load RPK cert and have server load x509 cert.
+     *  Check the negotiation result from both ends.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+            svrCertFile,     WOLFSSL_FILETYPE_PEM,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* have client tell to use RPK cert */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = -1;
+    typeCnt_c = 1;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have client tell to accept both RPK and x509 cert */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have server accept to both RPK and x509 cert */
+    certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_c = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* does not call wolfSSL_set_server_cert_type intentionally in sesrver
+     * end, expecting the default setting works.
+     */
+
+
+    if (test_memio_do_handshake(ssl_c, ssl_s, 10, NULL) != 0)
         return TEST_FAIL;
 
-    /* resend the CH */
-    ret = wolfSSL_dtls_got_timeout(ssl_c);
-    if (ret != WOLFSSL_SUCCESS)
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  Have both client and server load RPK cert, however, have server
+     *  indicate its cert type x509.
+     *  Client is expected to detect the cert type mismatch then to send alert
+     *  with "unsupported_certificate".
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+            svrRpkCertFile,  WOLFSSL_FILETYPE_ASN1, /* server sends RPK cert */
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* have client tell to use RPK cert */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = -1;
+    typeCnt_c = 1;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have client tell to accept both RPK and x509 cert */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have server accept to both RPK and x509 cert */
+    certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_c = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have server tell to use x509 cert intentionally. This will bring
+     * certificate type mismatch in client side.
+     */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = -1;
+    typeCnt_s = 1;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* expect client detect cert type mismatch then send Alert */
+    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
+    if (ret != -1)
         return TEST_FAIL;
 
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, ret), UNSUPPORTED_CERTIFICATE);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+    /*  Have client load x509 cert and server load RPK cert,
+     *  however, have client indicate its cert type RPK.
+     *  Server is expected to detect the cert type mismatch then to send alert
+     *  with "unsupported_certificate".
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            cliCertFile,     WOLFSSL_FILETYPE_PEM,
+            svrRpkCertFile,  WOLFSSL_FILETYPE_ASN1,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* have client tell to use RPK cert intentionally */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = -1;
+    typeCnt_c = 1;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have client tell to accept both RPK and x509 cert */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have server accept to both RPK and x509 cert */
+    certType_c[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_c[1] = WOLFSSL_CERT_TYPE_RPK;
+    typeCnt_c = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* have server tell to use x509 cert intentionally. This will bring
+     * certificate type mismatch in client side.
+     */
+    certType_s[0] = WOLFSSL_CERT_TYPE_X509;
+    certType_s[1] = -1;
+    typeCnt_s = 1;
+
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
+
+    /* expect server detect cert type mismatch then send Alert */
+    ExpectIntNE(ret, 0);
+    err = wolfSSL_get_error(ssl_c, ret);
+    ExpectIntEQ(err, UNSUPPORTED_CERTIFICATE);
+
+    /* client did not load RPK cert actually, so negotiation did not happen */
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    /* client did not load RPK cert actually, so negotiation did not happen */
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_UNKNOWN);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_X509);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+
+
+#if defined(WOLFSSL_ALWAYS_VERIFY_CB)
+    /*  Both client and server load RPK cert and set certificate verify
+     *  callbacks then start handshaking.
+     *  Confirm both side can refer the peer's cert.
+     */
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(
+        test_rpk_memio_setup(
+            &test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            clntRpkCertFile, WOLFSSL_FILETYPE_ASN1,
+            svrRpkCertFile,  WOLFSSL_FILETYPE_ASN1,
+            cliKeyFile,      WOLFSSL_FILETYPE_PEM,
+            svrKeyFile,      WOLFSSL_FILETYPE_PEM )
+        , 0);
+
+    /* set client certificate type in client end */
+    certType_c[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_c[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_c = 2;
+
+    certType_s[0] = WOLFSSL_CERT_TYPE_RPK;
+    certType_s[1] = WOLFSSL_CERT_TYPE_X509;
+    typeCnt_s = 2;
+
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_c, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in client end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_c, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set client certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_client_cert_type(ssl_s, certType_c, typeCnt_c),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set server certificate type in server end */
+    ExpectIntEQ(wolfSSL_set_server_cert_type(ssl_s, certType_s, typeCnt_s),
+                                                        WOLFSSL_SUCCESS);
+
+    /* set certificate verify callback to both client and server */
+    int isServer = 0;
+    wolfSSL_SetCertCbCtx(ssl_c, &isServer);
+    wolfSSL_set_verify(ssl_c, SSL_VERIFY_PEER, MyRpkVerifyCb);
+
+    isServer = 1;
+    wolfSSL_SetCertCbCtx(ssl_c, &isServer);
+    wolfSSL_set_verify(ssl_s, SSL_VERIFY_PEER, MyRpkVerifyCb);
+
     ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
     if (ret != 0)
         return TEST_FAIL;
 
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_c, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_client_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
+    ExpectIntEQ(wolfSSL_get_negotiated_server_cert_type(ssl_s, &tp),
+                                                        WOLFSSL_SUCCESS);
+    ExpectIntEQ(tp, WOLFSSL_CERT_TYPE_RPK);
+
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+#endif /* WOLFSSL_ALWAYS_VERIFY_CB */
 
-    return TEST_SUCCESS;
+#endif /* HAVE_RPK */
+    return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+
+
+static int test_dtls13_bad_epoch_ch(void)
+{
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    const int EPOCH_OFF = 3;
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+    /* disable hrr cookie so we can later check msgsReceived.got_client_hello
+     *  with just one message */
+    ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
+
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+
+    ExpectIntGE(test_ctx.s_len, EPOCH_OFF + 2);
+
+    /* first CH should use epoch 0x0 */
+    ExpectTrue((test_ctx.s_buff[EPOCH_OFF] == 0x0) &&
+        (test_ctx.s_buff[EPOCH_OFF + 1] == 0x0));
+
+    /* change epoch to 2 */
+    test_ctx.s_buff[EPOCH_OFF + 1] = 0x2;
+
+    ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+
+    ExpectIntNE(ssl_s->msgsReceived.got_client_hello, 1);
+
+    /* resend the CH */
+    ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+
+    return EXPECT_RESULT();
 }
 #else
 static int test_dtls13_bad_epoch_ch(void)
@@ -66569,9 +67003,92 @@ static int test_dtls13_bad_epoch_ch(void)
 }
 #endif
 
+#if defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES) && !defined(NO_SESSION_CACHE)
+static int test_short_session_id_ssl_ready(WOLFSSL* ssl)
+{
+    EXPECT_DECLS;
+    WOLFSSL_SESSION *sess = NULL;
+    /* Setup the session to avoid errors */
+    ssl->session->timeout = -1;
+    ssl->session->side = WOLFSSL_CLIENT_END;
+#if defined(SESSION_CERTS) || (defined(WOLFSSL_TLS13) && \
+                               defined(HAVE_SESSION_TICKET))
+    ssl->session->version = ssl->version;
+#endif
+    /* Force a short session ID to be sent */
+    ssl->session->sessionIDSz = 4;
+#ifndef NO_SESSION_CACHE_REF
+    /* Allow the client cache to be used */
+    ssl->session->idLen = 4;
+#endif
+    ssl->session->isSetup = 1;
+    ExpectNotNull(sess = wolfSSL_get_session(ssl));
+    ExpectIntEQ(wolfSSL_set_session(ssl, sess), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
+}
+
+static int test_short_session_id(void)
+{
+    EXPECT_DECLS;
+    test_ssl_cbf client_cbf;
+    test_ssl_cbf server_cbf;
+    size_t i;
+    struct {
+        method_provider client_meth;
+        method_provider server_meth;
+        const char* tls_version;
+    } params[] = {
+#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
+    defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_TICKET_HAVE_ID) && \
+    !defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)
+/* With WOLFSSL_TLS13_MIDDLEBOX_COMPAT a short ID will result in an error */
+        { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method, "TLSv1_3" },
+#ifdef WOLFSSL_DTLS13
+        { wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method, "DTLSv1_3" },
+#endif
+#endif
+#ifndef WOLFSSL_NO_TLS12
+        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method, "TLSv1_2" },
+#ifdef WOLFSSL_DTLS
+        { wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method, "DTLSv1_2" },
+#endif
+#endif
+#if !defined(NO_OLD_TLS) && ((!defined(NO_AES) && !defined(NO_AES_CBC)) || \
+        !defined(NO_DES3))
+        { wolfTLSv1_1_client_method, wolfTLSv1_1_server_method, "TLSv1_1" },
+#ifdef WOLFSSL_DTLS
+        { wolfDTLSv1_client_method, wolfDTLSv1_server_method, "DTLSv1_0" },
+#endif
+#endif
+    };
+
+    fprintf(stderr, "\n");
+
+    for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
+        XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+        XMEMSET(&server_cbf, 0, sizeof(server_cbf));
 
-#if defined(HAVE_NULL_CIPHER) && defined(HAVE_IO_TESTS_DEPENDENCIES) && \
-    defined(WOLFSSL_DTLS13)
+        fprintf(stderr, "\tTesting short ID with %s\n", params[i].tls_version);
+
+        client_cbf.ssl_ready = test_short_session_id_ssl_ready;
+        client_cbf.method = params[i].client_meth;
+        server_cbf.method = params[i].server_meth;
+
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+            &server_cbf, NULL), TEST_SUCCESS);
+    }
+
+    return EXPECT_RESULT();
+}
+#else
+static int test_short_session_id(void)
+{
+    return TEST_SKIPPED;
+}
+#endif
+
+#if defined(HAVE_NULL_CIPHER) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) \
+    && defined(WOLFSSL_DTLS13)
 static byte* test_find_string(const char *string,
     byte *buf, int buf_size)
 {
@@ -66587,44 +67104,38 @@ static byte* test_find_string(const char *string,
 
 static int test_wolfSSL_dtls13_null_cipher(void)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
     struct test_memio_ctx test_ctx;
     const char *test_str = "test";
-    int ret, test_str_size;
-    byte buf[255], *ptr;
+    int test_str_size;
+    byte buf[255], *ptr = NULL;
 
     XMEMSET(&test_ctx, 0, sizeof(test_ctx));
     test_ctx.c_ciphers = test_ctx.s_ciphers = "TLS13-SHA256-SHA256";
-    ret = test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
-        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method);
-    if (ret != 0)
-        return TEST_FAIL;
-    ret = test_memio_do_handshake(ssl_c, ssl_s, 10, NULL);
-    if (ret != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
     test_str_size = XSTRLEN("test") + 1;
-    ret = wolfSSL_write(ssl_c, test_str, test_str_size);
-    if (ret != test_str_size)
-        return TEST_FAIL;
-    ret = wolfSSL_read(ssl_s, buf, sizeof(buf));
-    if (ret != test_str_size || XSTRCMP((char*)buf, test_str) != 0)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+    ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
+    ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
 
-    ret = wolfSSL_write(ssl_c, test_str, test_str_size);
-    if (ret != test_str_size)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
 
     /* check that the packet was sent cleartext */
-    ptr = test_find_string(test_str, test_ctx.s_buff, test_ctx.s_len);
-    if (ptr == NULL)
-        return TEST_FAIL;
-    /* modify the message */
-    *ptr = 'H';
-    /* bad messages should be ignored in DTLS */
-    ret = wolfSSL_read(ssl_s, buf, sizeof(buf));
-    if (ret != -1 || ssl_s->error != WANT_READ)
-        return TEST_FAIL;
+    ExpectNotNull(ptr = test_find_string(test_str, test_ctx.s_buff,
+        test_ctx.s_len));
+    if (ptr != NULL) {
+        /* modify the message */
+        *ptr = 'H';
+        /* bad messages should be ignored in DTLS */
+        ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), -1);
+        ExpectIntEQ(ssl_s->error, WANT_READ);
+    }
 
     wolfSSL_free(ssl_c);
     wolfSSL_free(ssl_s);
@@ -66710,6 +67221,7 @@ static int test_dtls_msg_from_other_peer_cb(WOLFSSL_CTX *ctx, WOLFSSL *ssl)
  * is done in test_dtls_msg_from_other_peer_cb */
 static int test_dtls_msg_from_other_peer(void)
 {
+    EXPECT_DECLS;
     callback_functions client_cbs;
     callback_functions server_cbs;
 
@@ -66724,11 +67236,10 @@ static int test_dtls_msg_from_other_peer(void)
     test_wolfSSL_client_server_nofail_ex(&client_cbs, &server_cbs,
         test_dtls_msg_from_other_peer_cb);
 
-    if (client_cbs.return_code != WOLFSSL_SUCCESS ||
-        server_cbs.return_code != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
+    ExpectIntEQ(client_cbs.return_code, WOLFSSL_SUCCESS);
+    ExpectIntEQ(server_cbs.return_code, WOLFSSL_SUCCESS);
 
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #else
 static int test_dtls_msg_from_other_peer(void)
@@ -66740,76 +67251,55 @@ static int test_dtls_msg_from_other_peer(void)
         *  !defined(SINGLE_THREADED) && !defined(NO_RSA) */
 #if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_IPV6) &&               \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) &&   \
-    defined(HAVE_IO_TESTS_DEPENDENCIES)
+    defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12)
 static int test_dtls_ipv6_check(void)
 {
-    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
-    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    EXPECT_DECLS;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
     SOCKADDR_IN fake_addr6;
-    int sockfd;
-    int ret;
+    int sockfd = -1;
 
-    ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method());
-    if (ctx_c == NULL)
-        return TEST_FAIL;
-    ssl_c  = wolfSSL_new(ctx_c);
-    if (ssl_c == NULL)
-        return TEST_FAIL;
-    ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method());
-    if (ctx_s == NULL)
-        return TEST_FAIL;
-    ret = wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile,
-                                          WOLFSSL_FILETYPE_PEM);
-    if (ret != WOLFSSL_SUCCESS)
-        return- -1;
-    ret = wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile,
-                                           WOLFSSL_FILETYPE_PEM);
-    if (ret != WOLFSSL_SUCCESS)
-        return -1;
-    ssl_s  = wolfSSL_new(ctx_s);
-    if (ssl_s == NULL)
-        return TEST_FAIL;
+    ExpectNotNull(ctx_c = wolfSSL_CTX_new(wolfDTLSv1_2_client_method()));
+    ExpectNotNull(ssl_c  = wolfSSL_new(ctx_c));
+    ExpectNotNull(ctx_s = wolfSSL_CTX_new(wolfDTLSv1_2_server_method()));
+    ExpectIntEQ(wolfSSL_CTX_use_PrivateKey_file(ctx_s, svrKeyFile,
+        WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_use_certificate_file(ctx_s, svrCertFile,
+        WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectNotNull(ssl_s  = wolfSSL_new(ctx_s));
     XMEMSET((byte*)&fake_addr6, 0, sizeof(fake_addr6));
     /* mimic a sockaddr_in6 struct, this way we can't test without
      *  WOLFSSL_IPV6 */
     fake_addr6.sin_family = WOLFSSL_IP6;
-    sockfd = socket(AF_INET, SOCK_DGRAM, 0);
-    if (sockfd == -1)
-        return TEST_FAIL;
-    ret = wolfSSL_set_fd(ssl_c, sockfd);
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
+    ExpectIntNE(sockfd = socket(AF_INET, SOCK_DGRAM, 0), -1);
+    ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
     /* can't return error here, as the peer is opaque for wolfssl library at
      * this point */
-    ret = wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6));
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
-    ret = fcntl(sockfd, F_SETFL, O_NONBLOCK);
-    if (ret == -1)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_c, &fake_addr6, sizeof(fake_addr6)),
+        WOLFSSL_SUCCESS);
+    ExpectIntNE(fcntl(sockfd, F_SETFL, O_NONBLOCK), -1);
     wolfSSL_dtls_set_using_nonblock(ssl_c, 1);
-    ret = wolfSSL_connect(ssl_c);
-    if (ret != WOLFSSL_FAILURE && ssl_c->error != SOCKET_ERROR_E)
-        return TEST_FAIL;
+    ExpectIntNE(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+    ExpectIntEQ(ssl_c->error, SOCKET_ERROR_E);
 
-    ret = wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6));
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
-    /* re-use the socket */
-    ret = wolfSSL_set_fd(ssl_c, sockfd);
-    if (ret != WOLFSSL_SUCCESS)
-        return TEST_FAIL;
+    ExpectIntEQ(wolfSSL_dtls_set_peer(ssl_s, &fake_addr6, sizeof(fake_addr6)),
+        WOLFSSL_SUCCESS);
+    /* reuse the socket */
+    ExpectIntEQ(wolfSSL_set_fd(ssl_c, sockfd), WOLFSSL_SUCCESS);
     wolfSSL_dtls_set_using_nonblock(ssl_s, 1);
-    ret = wolfSSL_accept(ssl_s);
-    if (ret != WOLFSSL_FAILURE && ssl_s->error != SOCKET_ERROR_E)
-        return TEST_FAIL;
-    close(sockfd);
+    ExpectIntNE(wolfSSL_accept(ssl_s), WOLFSSL_SUCCESS);
+    ExpectIntEQ(ssl_s->error, SOCKET_ERROR_E);
+    if (sockfd != -1)
+        close(sockfd);
 
     wolfSSL_free(ssl_c);
     wolfSSL_CTX_free(ctx_c);
     wolfSSL_free(ssl_s);
     wolfSSL_CTX_free(ctx_s);
-    return TEST_SUCCESS;
+    return EXPECT_RESULT();
 }
 #else
 static int test_dtls_ipv6_check(void)
@@ -66818,16 +67308,1582 @@ static int test_dtls_ipv6_check(void)
 }
 #endif
 
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) &&   \
+    defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+
+static WOLFSSL_SESSION* test_wolfSSL_SCR_after_resumption_session = NULL;
+
+static void test_wolfSSL_SCR_after_resumption_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_wolfSSL_SCR_after_resumption_on_result(WOLFSSL* ssl)
+{
+    if (test_wolfSSL_SCR_after_resumption_session == NULL) {
+        test_wolfSSL_SCR_after_resumption_session = wolfSSL_get1_session(ssl);
+        AssertNotNull(test_wolfSSL_SCR_after_resumption_session);
+    }
+    else {
+        char testMsg[] = "Message after SCR";
+        char msgBuf[sizeof(testMsg)];
+        int ret;
+        if (!wolfSSL_is_server(ssl)) {
+            AssertIntEQ(WOLFSSL_SUCCESS,
+                    wolfSSL_set_session(ssl,
+                       test_wolfSSL_SCR_after_resumption_session));
+        }
+        AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+        AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+                    sizeof(testMsg));
+        ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
+        if (ret != sizeof(msgBuf)) /* Possibly APP_DATA_READY error. Retry. */
+            ret = wolfSSL_read(ssl, msgBuf, sizeof(msgBuf));
+        AssertIntEQ(ret, sizeof(msgBuf));
+    }
+}
+
+static void test_wolfSSL_SCR_after_resumption_ssl_ready(WOLFSSL* ssl)
+{
+    AssertIntEQ(WOLFSSL_SUCCESS,
+           wolfSSL_set_session(ssl, test_wolfSSL_SCR_after_resumption_session));
+}
+
+static int test_wolfSSL_SCR_after_resumption(void)
+{
+    EXPECT_DECLS;
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+
+    func_cb_client.method = wolfTLSv1_2_client_method;
+    func_cb_client.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
+    func_cb_client.on_result = test_wolfSSL_SCR_after_resumption_on_result;
+    func_cb_server.method = wolfTLSv1_2_server_method;
+    func_cb_server.ctx_ready = test_wolfSSL_SCR_after_resumption_ctx_ready;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    func_cb_client.ssl_ready = test_wolfSSL_SCR_after_resumption_ssl_ready;
+    func_cb_server.on_result = test_wolfSSL_SCR_after_resumption_on_result;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    wolfSSL_SESSION_free(test_wolfSSL_SCR_after_resumption_session);
+
+    return EXPECT_RESULT();
+}
+
+#else
+static int test_wolfSSL_SCR_after_resumption(void)
+{
+    return TEST_SKIPPED;
+}
+#endif
+
 static int test_wolfSSL_configure_args(void)
 {
-    int res = TEST_SKIPPED;
-#if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION)
     EXPECT_DECLS;
+#if defined(LIBWOLFSSL_CONFIGURE_ARGS) && defined(HAVE_WC_INTROSPECTION)
     ExpectNotNull(wolfSSL_configure_args());
-    res = EXPECT_RESULT();
 #endif
-    return res;
+    return EXPECT_RESULT();
+}
+
+static int test_dtls_no_extensions(void)
+{
+    EXPECT_DECLS;
+#if defined(WOLFSSL_DTLS) && defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
+    !defined(WOLFSSL_NO_TLS12)
+    WOLFSSL *ssl_s = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    struct test_memio_ctx test_ctx;
+    const byte chNoExtensions[] = {
+        /* Handshake type */
+        0x16,
+        /* Version */
+        0xfe, 0xff,
+        /* Epoch */
+        0x00, 0x00,
+        /* Seq number */
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        /* Length */
+        0x00, 0x40,
+        /* CH type */
+        0x01,
+        /* Length */
+        0x00, 0x00, 0x34,
+        /* Msg Seq */
+        0x00, 0x00,
+        /* Frag offset */
+        0x00, 0x00, 0x00,
+        /* Frag length */
+        0x00, 0x00, 0x34,
+        /* Version */
+        0xfe, 0xff,
+        /* Random */
+        0x62, 0xfe, 0xbc, 0xfe, 0x2b, 0xfe, 0x3f, 0xeb, 0x03, 0xc4, 0xea, 0x37,
+        0xe7, 0x47, 0x7e, 0x8a, 0xd9, 0xbf, 0x77, 0x0f, 0x6c, 0xb6, 0x77, 0x0b,
+        0x03, 0x3f, 0x82, 0x2b, 0x21, 0x64, 0x57, 0x1d,
+        /* Session Length */
+        0x00,
+        /* Cookie Length */
+        0x00,
+        /* CS Length */
+        0x00, 0x0c,
+        /* CS */
+        0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x39, 0x00, 0x33,
+        /* Comp Meths Length */
+        0x01,
+        /* Comp Meths */
+        0x00
+        /* And finally... no extensions */
+    };
+    int i;
+#ifdef OPENSSL_EXTRA
+    int repeats = 2;
+#else
+    int repeats = 1;
+#endif
+
+    for (i = 0; i < repeats; i++) {
+        XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+        ssl_s = NULL;
+        ctx_s = NULL;
+
+        ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
+            NULL, wolfDTLS_server_method), 0);
+
+        XMEMCPY(test_ctx.s_buff, chNoExtensions, sizeof(chNoExtensions));
+        test_ctx.s_len = sizeof(chNoExtensions);
+
+#ifdef OPENSSL_EXTRA
+        if (i > 0) {
+            ExpectIntEQ(wolfSSL_set_max_proto_version(ssl_s, DTLS1_2_VERSION),
+                        WOLFSSL_SUCCESS);
+        }
+#endif
+
+        ExpectIntEQ(wolfSSL_accept(ssl_s), -1);
+        ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+
+        /* Expecting a handshake msg. Either HVR or SH. */
+        ExpectIntGT(test_ctx.c_len, 0);
+        ExpectIntEQ(test_ctx.c_buff[0], 0x16);
+
+        wolfSSL_free(ssl_s);
+        wolfSSL_CTX_free(ctx_s);
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_TLSX_CA_NAMES_bad_extension(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+    !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES) && \
+    defined(OPENSSL_EXTRA) && defined(WOLFSSL_SHA384) && \
+    defined(HAVE_NULL_CIPHER)
+    /* This test should only fail (with BUFFER_ERROR) when we actually try to
+     * parse the CA Names extension. Otherwise it will return other non-related
+     * errors. If CA Names will be parsed in more configurations, that should
+     * be reflected in the macro guard above. */
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL_CTX *ctx_c = NULL;
+    struct test_memio_ctx test_ctx;
+    /* HRR + SH using TLS_DHE_PSK_WITH_NULL_SHA384 */
+    const byte shBadCaNamesExt[] = {
+        0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
+        0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
+        0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
+        0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
+        0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
+        0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
+        0x5c, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x03, 0xcf, 0x21, 0xad, 0x74,
+        0x00, 0x00, 0x83, 0x3f, 0x3b, 0x80, 0x01, 0xac, 0x65, 0x8c, 0x19, 0x2a,
+        0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x02, 0x00, 0x9e, 0x09, 0x1c, 0xe8,
+        0xa8, 0x09, 0x9c, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
+        0x03, 0x3f, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x13, 0x05,
+        0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x00, 0x09, 0x00, 0x00,
+        0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x01, 0xff,
+        0xff, 0xff, 0xff, 0xfa, 0x0d, 0x00, 0x00, 0x00, 0xad, 0x02
+    };
+    const byte shBadCaNamesExt2[] = {
+        0x16, 0x03, 0x04, 0x00, 0x3f, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0xcf,
+        0x21, 0xad, 0x74, 0xe5, 0x9a, 0x61, 0x11, 0xbe, 0x1d, 0x8c, 0x02, 0x1e,
+        0x65, 0xb8, 0x91, 0xc2, 0xa2, 0x11, 0x16, 0x7a, 0xbb, 0x8c, 0x5e, 0x07,
+        0x9e, 0x09, 0xe2, 0xc8, 0xa8, 0x33, 0x9c, 0x00, 0x13, 0x03, 0x00, 0x00,
+        0x13, 0x94, 0x7e, 0x00, 0x03, 0x0b, 0xf7, 0x03, 0x00, 0x2b, 0x00, 0x02,
+        0x03, 0x04, 0x00, 0x33, 0x00, 0x02, 0x00, 0x19, 0x16, 0x03, 0x03, 0x00,
+        0x5e, 0x02, 0x00, 0x00, 0x3b, 0x03, 0x03, 0x7f, 0xd0, 0x2d, 0xea, 0x6e,
+        0x53, 0xa1, 0x6a, 0xc9, 0xc8, 0x54, 0xef, 0x75, 0xe4, 0xd9, 0xc6, 0x3e,
+        0x74, 0xcb, 0x30, 0x80, 0xcc, 0x83, 0x3a, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0xc0, 0x5a, 0x00, 0xc0, 0xb5, 0x00, 0x00, 0x11, 0x8f, 0x00, 0x00,
+        0x03, 0x03, 0x00, 0x0c, 0x00, 0x2b, 0x00, 0x02, 0x03, 0x04, 0x53, 0x25,
+        0x00, 0x00, 0x08, 0x00, 0x00, 0x06, 0x00, 0x04, 0x02, 0x05, 0x00, 0x00,
+        0x0d, 0x00, 0x00, 0x11, 0x00, 0x00, 0x0d, 0x00, 0x2f, 0x00, 0x06, 0x00,
+        0x04, 0x00, 0x03, 0x30, 0x00, 0x13, 0x94, 0x00, 0x06, 0x00, 0x04, 0x02
+    };
+    int i = 0;
+
+    for (i = 0; i < 2; i++) {
+        XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+        ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+            wolfTLSv1_3_client_method, NULL), 0);
+
+        switch (i) {
+            case 0:
+                XMEMCPY(test_ctx.c_buff, shBadCaNamesExt,
+                        sizeof(shBadCaNamesExt));
+                test_ctx.c_len = sizeof(shBadCaNamesExt);
+                break;
+            case 1:
+                XMEMCPY(test_ctx.c_buff, shBadCaNamesExt2,
+                        sizeof(shBadCaNamesExt2));
+                test_ctx.c_len = sizeof(shBadCaNamesExt2);
+                break;
+        }
+
+        ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+#ifndef WOLFSSL_DISABLE_EARLY_SANITY_CHECKS
+        ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), OUT_OF_ORDER_E);
+#else
+        ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), BUFFER_ERROR);
+#endif
+
+        wolfSSL_free(ssl_c);
+        ssl_c = NULL;
+        wolfSSL_CTX_free(ctx_c);
+        ctx_c = NULL;
+    }
+
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES)
+static void test_dtls_1_0_hvr_downgrade_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+                WOLFSSL_SUCCESS);
+}
+
+static int test_dtls_1_0_hvr_downgrade(void)
+{
+    EXPECT_DECLS;
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+    func_cb_client.doUdp = func_cb_server.doUdp = 1;
+    func_cb_client.method = wolfDTLS_client_method;
+    func_cb_server.method = wolfDTLSv1_2_server_method;
+    func_cb_client.ctx_ready = test_dtls_1_0_hvr_downgrade_ctx_ready;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    return EXPECT_RESULT();
+}
+#else
+static int test_dtls_1_0_hvr_downgrade(void)
+{
+    EXPECT_DECLS;
+    return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && !defined(WOLFSSL_NO_TLS12) && \
+        defined(HAVE_SESSION_TICKET)
+
+static WOLFSSL_SESSION* test_session_ticket_no_id_session = NULL;
+
+static void test_session_ticket_no_id_on_result(WOLFSSL* ssl)
+{
+    test_session_ticket_no_id_session = wolfSSL_get1_session(ssl);
+    AssertNotNull(test_session_ticket_no_id_session);
+}
+
+static void test_session_ticket_no_id_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_UseSessionTicket(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_session_ticket_no_id_ssl_ready(WOLFSSL* ssl)
+{
+    test_session_ticket_no_id_session->sessionIDSz = 0;
+    AssertIntEQ(WOLFSSL_SUCCESS,
+           wolfSSL_set_session(ssl, test_session_ticket_no_id_session));
+}
+
+static int test_session_ticket_no_id(void)
+{
+    /* We are testing an expired (invalid crypto context in out case since the
+     * ctx changes) session ticket being sent with the session ID being 0
+     * length. */
+    EXPECT_DECLS;
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+    func_cb_client.method = wolfTLSv1_2_client_method;
+    func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
+    func_cb_client.on_result = test_session_ticket_no_id_on_result;
+    func_cb_server.method = wolfTLSv1_2_server_method;
+    func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    XMEMSET(&func_cb_client, 0, sizeof(func_cb_client));
+    XMEMSET(&func_cb_server, 0, sizeof(func_cb_server));
+    func_cb_client.method = wolfTLSv1_2_client_method;
+    func_cb_client.ctx_ready = test_session_ticket_no_id_ctx_ready;
+    func_cb_client.ssl_ready = test_session_ticket_no_id_ssl_ready;
+    func_cb_server.method = wolfTLSv1_2_server_method;
+    func_cb_server.ctx_ready = test_session_ticket_no_id_ctx_ready;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    wolfSSL_SESSION_free(test_session_ticket_no_id_session);
+
+    return EXPECT_RESULT();
+}
+#else
+static int test_session_ticket_no_id(void)
+{
+    EXPECT_DECLS;
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_session_ticket_hs_update(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+    defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
+    struct test_memio_ctx test_ctx;
+    struct test_memio_ctx test_ctx2;
+    struct test_memio_ctx test_ctx3;
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_c2 = NULL;
+    WOLFSSL *ssl_c3 = NULL;
+    WOLFSSL *ssl_s = NULL;
+    WOLFSSL *ssl_s2 = NULL;
+    WOLFSSL *ssl_s3 = NULL;
+    WOLFSSL_SESSION *sess = NULL;
+    byte read_data[1];
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    XMEMSET(&test_ctx2, 0, sizeof(test_ctx2));
+    XMEMSET(&test_ctx3, 0, sizeof(test_ctx3));
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+
+    /* Generate tickets */
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+    wolfSSL_SetLoggingPrefix("client");
+    /* Read the ticket msg */
+    ExpectIntEQ(wolfSSL_read(ssl_c, read_data, sizeof(read_data)),
+            WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    wolfSSL_SetLoggingPrefix(NULL);
+
+    ExpectIntEQ(test_memio_setup(&test_ctx2, &ctx_c, &ctx_s, &ssl_c2, &ssl_s2,
+        wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+    ExpectIntEQ(test_memio_setup(&test_ctx3, &ctx_c, &ctx_s, &ssl_c3, &ssl_s3,
+        wolfTLSv1_3_client_method, wolfTLSv1_3_server_method), 0);
+
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+    ExpectIntEQ(wolfSSL_set_session(ssl_c2, sess), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_set_session(ssl_c3, sess), WOLFSSL_SUCCESS);
+
+    wolfSSL_SetLoggingPrefix("client");
+    /* Exchange initial flights for the second connection */
+    ExpectIntEQ(wolfSSL_connect(ssl_c2), WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c2, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    wolfSSL_SetLoggingPrefix(NULL);
+    wolfSSL_SetLoggingPrefix("server");
+    ExpectIntEQ(wolfSSL_accept(ssl_s2), WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s2, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    wolfSSL_SetLoggingPrefix(NULL);
+
+    /* Complete third connection so that new tickets are exchanged */
+    ExpectIntEQ(test_memio_do_handshake(ssl_c3, ssl_s3, 10, NULL), 0);
+    /* Read the ticket msg */
+    wolfSSL_SetLoggingPrefix("client");
+    ExpectIntEQ(wolfSSL_read(ssl_c3, read_data, sizeof(read_data)),
+            WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c3, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+    wolfSSL_SetLoggingPrefix(NULL);
+
+    /* Complete second connection */
+    ExpectIntEQ(test_memio_do_handshake(ssl_c2, ssl_s2, 10, NULL), 0);
+
+    ExpectIntEQ(wolfSSL_session_reused(ssl_c2), 1);
+    ExpectIntEQ(wolfSSL_session_reused(ssl_c3), 1);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_c2);
+    wolfSSL_free(ssl_c3);
+    wolfSSL_free(ssl_s);
+    wolfSSL_free(ssl_s2);
+    wolfSSL_free(ssl_s3);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+    wolfSSL_SESSION_free(sess);
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+static void test_dtls_downgrade_scr_server_ctx_ready_server(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+                WOLFSSL_SUCCESS);
+    AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_server_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_server_on_result(WOLFSSL* ssl)
+{
+    char testMsg[] = "Message after SCR";
+    char msgBuf[sizeof(testMsg)];
+    if (wolfSSL_is_server(ssl)) {
+        AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
+        AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
+        AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+        AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+        AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+                    sizeof(testMsg));
+    }
+    else {
+        AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+                    sizeof(testMsg));
+        AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+    }
+}
+
+static int test_dtls_downgrade_scr_server(void)
+{
+    EXPECT_DECLS;
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+    func_cb_client.doUdp = func_cb_server.doUdp = 1;
+    func_cb_client.method = wolfDTLSv1_2_client_method;
+    func_cb_server.method = wolfDTLS_server_method;
+    func_cb_client.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready;
+    func_cb_server.ctx_ready = test_dtls_downgrade_scr_server_ctx_ready_server;
+    func_cb_client.on_result = test_dtls_downgrade_scr_server_on_result;
+    func_cb_server.on_result = test_dtls_downgrade_scr_server_on_result;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    return EXPECT_RESULT();
+}
+#else
+static int test_dtls_downgrade_scr_server(void)
+{
+    EXPECT_DECLS;
+    return EXPECT_RESULT();
+}
+#endif
+
+#if defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(HAVE_SECURE_RENEGOTIATION)
+static void test_dtls_downgrade_scr_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    AssertIntEQ(wolfSSL_CTX_SetMinVersion(ctx, WOLFSSL_DTLSV1_2),
+                WOLFSSL_SUCCESS);
+    AssertIntEQ(wolfSSL_CTX_UseSecureRenegotiation(ctx), WOLFSSL_SUCCESS);
+}
+
+static void test_dtls_downgrade_scr_on_result(WOLFSSL* ssl)
+{
+    char testMsg[] = "Message after SCR";
+    char msgBuf[sizeof(testMsg)];
+    if (wolfSSL_is_server(ssl)) {
+        AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_FATAL_ERROR);
+        AssertIntEQ(wolfSSL_get_error(ssl, -1), APP_DATA_READY);
+        AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+        AssertIntEQ(wolfSSL_Rehandshake(ssl), WOLFSSL_SUCCESS);
+        AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+                    sizeof(testMsg));
+    }
+    else {
+        AssertIntEQ(wolfSSL_write(ssl, testMsg, sizeof(testMsg)),
+                    sizeof(testMsg));
+        AssertIntEQ(wolfSSL_read(ssl, msgBuf, sizeof(msgBuf)), sizeof(msgBuf));
+    }
+}
+
+static int test_dtls_downgrade_scr(void)
+{
+    EXPECT_DECLS;
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+    func_cb_client.doUdp = func_cb_server.doUdp = 1;
+    func_cb_client.method = wolfDTLS_client_method;
+    func_cb_server.method = wolfDTLSv1_2_server_method;
+    func_cb_client.ctx_ready = test_dtls_downgrade_scr_ctx_ready;
+    func_cb_client.on_result = test_dtls_downgrade_scr_on_result;
+    func_cb_server.on_result = test_dtls_downgrade_scr_on_result;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+
+    return EXPECT_RESULT();
+}
+#else
+static int test_dtls_downgrade_scr(void)
+{
+    EXPECT_DECLS;
+    return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+    && !defined(WOLFSSL_NO_TLS12)
+
+static int test_dtls_client_hello_timeout_downgrade_read_cb(WOLFSSL *ssl,
+        char *data, int sz, void *ctx)
+{
+    static int call_counter = 0;
+    call_counter++;
+    (void)ssl;
+    (void)data;
+    (void)sz;
+    (void)ctx;
+    switch (call_counter) {
+        case 1:
+        case 2:
+            return WOLFSSL_CBIO_ERR_TIMEOUT;
+        case 3:
+            return WOLFSSL_CBIO_ERR_WANT_READ;
+        default:
+            AssertIntLE(call_counter, 3);
+            return -1;
+    }
+}
+#endif
+
+/* Make sure we don't send acks before getting a server hello */
+static int test_dtls_client_hello_timeout_downgrade(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+    && !defined(WOLFSSL_NO_TLS12)
+
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    DtlsRecordLayerHeader* dtlsRH;
+    size_t len;
+    byte sequence_number[8];
+    int i;
+
+    for (i = 0; i < 2; i++) {
+        XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+        ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+            wolfDTLS_client_method, wolfDTLSv1_2_server_method), 0);
+
+        if (i == 0) {
+            /* First time simulate timeout in IO layer */
+            /* CH1 */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            /* HVR */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+            /* CH2 */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            /* SH flight */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+            /* Drop the SH */
+            dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
+            len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+            XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+                    sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+                   (sizeof(DtlsRecordLayerHeader) + len));
+            test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+            /* Read the remainder of the flight */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            wolfSSL_SSLSetIORecv(ssl_c,
+                    test_dtls_client_hello_timeout_downgrade_read_cb);
+            /* CH3 */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            wolfSSL_SSLSetIORecv(ssl_c, test_memio_read_cb);
+        }
+        else {
+            /* Second time call wolfSSL_dtls_got_timeout */
+            /* CH1 */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            /* HVR */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+            /* CH2 */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            /* SH flight */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+            /* Drop the SH */
+            dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.c_buff);
+            len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+            XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+                    sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+                   (sizeof(DtlsRecordLayerHeader) + len));
+            test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+            /* Read the remainder of the flight */
+            ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            /* Quick timeout should be set as we received at least one msg */
+            ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 1);
+            ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+            /* Quick timeout should be cleared after a quick timeout */
+            /* CH3 */
+            ExpectIntEQ(wolfSSL_dtls13_use_quick_timeout(ssl_c), 0);
+            ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+        }
+
+        /* Parse out to make sure we got exactly one ClientHello message */
+        XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+        /* Second ClientHello after HVR */
+        sequence_number[7] = 2;
+        dtlsRH = (DtlsRecordLayerHeader*)test_ctx.s_buff;
+        ExpectIntEQ(dtlsRH->type, handshake);
+        ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+        ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+        ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+                sizeof(sequence_number)), 0);
+        len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+        ExpectIntEQ(sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+
+        /* Connection should be able to continue */
+        ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+        wolfSSL_free(ssl_c);
+        wolfSSL_free(ssl_s);
+        wolfSSL_CTX_free(ctx_c);
+        wolfSSL_CTX_free(ctx_s);
+        ssl_c = NULL;
+        ssl_s = NULL;
+        ctx_c = NULL;
+        ctx_s = NULL;
+        if (!EXPECT_SUCCESS())
+            break;
+    }
+
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+static int test_dtls_client_hello_timeout_read_cb(WOLFSSL *ssl, char *data,
+        int sz, void *ctx)
+{
+    static int call_counter = 0;
+    call_counter++;
+    (void)ssl;
+    (void)data;
+    (void)sz;
+    (void)ctx;
+    switch (call_counter) {
+        case 1:
+            return WOLFSSL_CBIO_ERR_TIMEOUT;
+        case 2:
+            return WOLFSSL_CBIO_ERR_WANT_READ;
+        default:
+            AssertIntLE(call_counter, 2);
+            return -1;
+    }
 }
+#endif
+
+/* Make sure we don't send acks before getting a server hello */
+static int test_dtls_client_hello_timeout(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL_CTX *ctx_c = NULL;
+    struct test_memio_ctx test_ctx;
+    DtlsRecordLayerHeader* dtlsRH;
+    size_t idx;
+    size_t len;
+    byte sequence_number[8];
+    int i;
+
+    for (i = 0; i < 2; i++) {
+        XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+        ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, NULL, &ssl_c, NULL,
+            wolfDTLSv1_3_client_method, NULL), 0);
+
+        if (i == 0) {
+            /* First time simulate timeout in IO layer */
+            wolfSSL_SSLSetIORecv(ssl_c, test_dtls_client_hello_timeout_read_cb);
+            ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+        }
+        else {
+            /* Second time call wolfSSL_dtls_got_timeout */
+            ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+            ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+            ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+        }
+
+        /* Parse out to make sure we got exactly two ClientHello messages */
+        idx = 0;
+        XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+        /* First ClientHello */
+        dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
+        ExpectIntEQ(dtlsRH->type, handshake);
+        ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+        ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+        ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+                sizeof(sequence_number)), 0);
+        len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+        ExpectIntLT(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+        idx += sizeof(DtlsRecordLayerHeader) + len;
+        /* Second ClientHello */
+        sequence_number[7] = 1;
+        dtlsRH = (DtlsRecordLayerHeader*)(test_ctx.s_buff + idx);
+        ExpectIntEQ(dtlsRH->type, handshake);
+        ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+        ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+        ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+                sizeof(sequence_number)), 0);
+        len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+        ExpectIntEQ(idx + sizeof(DtlsRecordLayerHeader) + len, test_ctx.s_len);
+
+        wolfSSL_free(ssl_c);
+        wolfSSL_CTX_free(ctx_c);
+        ssl_c = NULL;
+        ctx_c = NULL;
+        if (!EXPECT_SUCCESS())
+            break;
+    }
+
+#endif
+    return EXPECT_RESULT();
+}
+
+/* DTLS test when dropping the changed cipher spec message */
+static int test_dtls_dropped_ccs(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
+    && !defined(WOLFSSL_NO_TLS12)
+
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    DtlsRecordLayerHeader* dtlsRH;
+    size_t len;
+    byte data[1];
+
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_2_client_method, wolfDTLSv1_2_server_method), 0);
+
+    /* CH1 */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* HVR */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+    /* CH2 */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Server first flight */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Client flight */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Server ccs + finished */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_s), 1);
+
+    /* Drop the ccs */
+    dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
+    len = (size_t)((dtlsRH->length[0] << 8) | dtlsRH->length[1]);
+    ExpectIntEQ(len, 1);
+    ExpectIntEQ(dtlsRH->type, change_cipher_spec);
+    if (EXPECT_SUCCESS()) {
+        XMEMMOVE(test_ctx.c_buff, test_ctx.c_buff +
+                sizeof(DtlsRecordLayerHeader) + len, test_ctx.c_len -
+               (sizeof(DtlsRecordLayerHeader) + len));
+    }
+    test_ctx.c_len -= sizeof(DtlsRecordLayerHeader) + len;
+
+    /* Client rtx flight */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    ExpectIntEQ(wolfSSL_dtls_got_timeout(ssl_c), WOLFSSL_SUCCESS);
+    /* Server ccs + finished rtx */
+    ExpectIntEQ(wolfSSL_read(ssl_s, data, sizeof(data)), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Client processes finished */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), 1);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+#endif
+    return EXPECT_RESULT();
+}
+/**
+ * Make sure we don't send RSA Signature Hash Algorithms in the
+ * CertificateRequest when we don't have any such ciphers set.
+ * @return EXPECT_RESULT()
+ */
+static int test_certreq_sighash_algos(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
+    !defined(WOLFSSL_MAX_STRENGTH) && defined(HAVE_ECC) && \
+    defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) && \
+    defined(HAVE_AES_CBC) && !defined(WOLFSSL_NO_TLS12)
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    int idx = 0;
+    int maxIdx = 0;
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    test_ctx.c_ciphers = test_ctx.s_ciphers =
+            "ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA384";
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfTLSv1_2_client_method, wolfTLSv1_2_server_method), 0);
+
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations(ctx_c,
+            "./certs/ca-ecc-cert.pem", NULL), WOLFSSL_SUCCESS);
+
+    wolfSSL_set_verify(ssl_s, WOLFSSL_VERIFY_PEER, NULL);
+    ExpectIntEQ(wolfSSL_use_PrivateKey_file(ssl_s, "./certs/ecc-key.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_use_certificate_file(ssl_s, "./certs/server-ecc.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+
+    ExpectIntEQ(wolfSSL_accept(ssl_s), WOLFSSL_FATAL_ERROR);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, WOLFSSL_FATAL_ERROR),
+        WOLFSSL_ERROR_WANT_READ);
+
+    /* Find the CertificateRequest message */
+    for (idx = 0; idx < test_ctx.c_len && EXPECT_SUCCESS();) {
+        word16 len;
+        ExpectIntEQ(test_ctx.c_buff[idx++], handshake);
+        ExpectIntEQ(test_ctx.c_buff[idx++], SSLv3_MAJOR);
+        ExpectIntEQ(test_ctx.c_buff[idx++], TLSv1_2_MINOR);
+        ato16(test_ctx.c_buff + idx, &len);
+        idx += OPAQUE16_LEN;
+        if (test_ctx.c_buff[idx] == certificate_request) {
+            idx++;
+            /* length */
+            idx += OPAQUE24_LEN;
+            /* cert types */
+            idx += 1 + test_ctx.c_buff[idx];
+            /* Sig algos */
+            ato16(test_ctx.c_buff + idx, &len);
+            idx += OPAQUE16_LEN;
+            maxIdx = idx + (int)len;
+            for (; idx < maxIdx && EXPECT_SUCCESS(); idx += OPAQUE16_LEN) {
+                if (test_ctx.c_buff[idx+1] == ED25519_SA_MINOR ||
+                        test_ctx.c_buff[idx+1] == ED448_SA_MINOR)
+                    ExpectIntEQ(test_ctx.c_buff[idx], NEW_SA_MAJOR);
+                else
+                    ExpectIntEQ(test_ctx.c_buff[idx+1], ecc_dsa_sa_algo);
+            }
+            break;
+        }
+        else {
+            idx += (int)len;
+        }
+    }
+    ExpectIntLT(idx, test_ctx.c_len);
+
+
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+static int test_revoked_loaded_int_cert_ctx_ready1(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
+    myVerifyAction = VERIFY_USE_PREVERFIY;
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+            "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+            "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
+            WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+            "./certs/crl/extra-crls/ca-int-cert-revoked.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+            "./certs/crl/ca-int.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
+}
+
+static int test_revoked_loaded_int_cert_ctx_ready2(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    wolfSSL_CTX_set_verify(ctx, WOLFSSL_VERIFY_PEER, myVerify);
+    myVerifyAction = VERIFY_USE_PREVERFIY;
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+            "./certs/ca-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+            "./certs/intermediate/ca-int-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_load_verify_locations_ex(ctx,
+            "./certs/intermediate/ca-int2-cert.pem", NULL, 0), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_EnableCRL(ctx, WOLFSSL_CRL_CHECKALL),
+            WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+            "./certs/crl/ca-int2.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+            "./certs/crl/extra-crls/ca-int-cert-revoked.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_CTX_LoadCRLFile(ctx,
+            "./certs/crl/ca-int.pem",
+            WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS);
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_revoked_loaded_int_cert(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_CRL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+    test_ssl_cbf client_cbf;
+    test_ssl_cbf server_cbf;
+    struct {
+        const char* certPemFile;
+        const char* keyPemFile;
+        ctx_cb      client_ctx_ready;
+    } test_params[] = {
+        {"./certs/intermediate/ca-int2-cert.pem",
+            "./certs/intermediate/ca-int2-key.pem",
+            test_revoked_loaded_int_cert_ctx_ready1},
+        {"./certs/intermediate/server-chain.pem",
+            "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
+        {"./certs/intermediate/server-chain-short.pem",
+            "./certs/server-key.pem", test_revoked_loaded_int_cert_ctx_ready2},
+    };
+    size_t i;
+
+    printf("\n");
+
+    for (i = 0; i < XELEM_CNT(test_params); i++) {
+        XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+        XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+        printf("\tTesting with %s...\n", test_params[i].certPemFile);
+
+        server_cbf.certPemFile = test_params[i].certPemFile;
+        server_cbf.keyPemFile  = test_params[i].keyPemFile;
+
+        client_cbf.ctx_ready = test_params[i].client_ctx_ready;
+
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+            &server_cbf, NULL), TEST_FAIL);
+#ifndef WOLFSSL_HAPROXY
+        ExpectIntEQ(client_cbf.last_err, CRL_CERT_REVOKED);
+#else
+        ExpectIntEQ(client_cbf.last_err, WOLFSSL_X509_V_ERR_CERT_REVOKED);
+#endif
+        ExpectIntEQ(server_cbf.last_err, FATAL_ERROR);
+
+        if (!EXPECT_SUCCESS())
+            break;
+        printf("\t%s passed\n", test_params[i].certPemFile);
+    }
+
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_dtls13_frag_ch_pq(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+    && defined(WOLFSSL_DTLS_CH_FRAG) && defined(HAVE_LIBOQS)
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    const char *test_str = "test";
+    int test_str_size;
+    byte buf[255];
+    int group = WOLFSSL_KYBER_LEVEL5;
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+    /* Add in a large post-quantum key share to make the CH long. */
+    ExpectIntEQ(wolfSSL_set_groups(ssl_c, &group, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, group), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+    ExpectStrEQ(wolfSSL_get_curve_name(ssl_c), "KYBER_LEVEL5");
+    ExpectStrEQ(wolfSSL_get_curve_name(ssl_s), "KYBER_LEVEL5");
+    test_str_size = XSTRLEN("test") + 1;
+    ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+    ExpectIntEQ(wolfSSL_read(ssl_s, buf, sizeof(buf)), test_str_size);
+    ExpectIntEQ(XSTRCMP((char*)buf, test_str), 0);
+    ExpectIntEQ(wolfSSL_write(ssl_c, test_str, test_str_size), test_str_size);
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS) \
+    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+static int test_dtls_frag_ch_count_records(byte* b, int len)
+{
+    DtlsRecordLayerHeader* dtlsRH;
+    int records = 0;
+    size_t recordLen;
+    while (len > 0) {
+        records++;
+        dtlsRH = (DtlsRecordLayerHeader*)b;
+        recordLen = (dtlsRH->length[0] << 8) | dtlsRH->length[1];
+        b += sizeof(DtlsRecordLayerHeader) + recordLen;
+        len -= sizeof(DtlsRecordLayerHeader) + recordLen;
+    }
+    return records;
+}
+#endif
+
+static int test_dtls_frag_ch(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) \
+    && defined(WOLFSSL_DTLS_MTU) && defined(WOLFSSL_DTLS_CH_FRAG)
+    WOLFSSL_CTX *ctx_c = NULL;
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    static unsigned int DUMMY_MTU = 256;
+    unsigned char four_frag_CH[] = {
+      0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0xce, 0xfe, 0xfd, 0xf3, 0x94, 0x01, 0x33, 0x2c, 0xcf, 0x2c, 0x47, 0xb1,
+      0xe5, 0xa1, 0x7b, 0x19, 0x3e, 0xac, 0x68, 0xdd, 0xe6, 0x17, 0x6b, 0x85,
+      0xad, 0x5f, 0xfc, 0x7f, 0x6e, 0xf0, 0xb9, 0xe0, 0x2e, 0xca, 0x47, 0x00,
+      0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
+      0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
+      0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
+      0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
+      0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x02,
+      0x7c, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x0d, 0x00, 0x20,
+      0x00, 0x1e, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02, 0x03, 0x08, 0x06,
+      0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06, 0x01,
+      0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00, 0x0c,
+      0x00, 0x0a, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01, 0x00,
+      0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x02, 0x39, 0x02, 0x37, 0x00, 0x17,
+      0x00, 0x41, 0x04, 0x94, 0xdf, 0x36, 0xd7, 0xb3, 0x90, 0x6d, 0x01, 0xa1,
+      0xe6, 0xed, 0x67, 0xf4, 0xd9, 0x9d, 0x2c, 0xac, 0x57, 0x74, 0xff, 0x19,
+      0xbe, 0x5a, 0xc9, 0x30, 0x11, 0xb7, 0x2b, 0x59, 0x47, 0x80, 0x7c, 0xa9,
+      0xb7, 0x31, 0x8c, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+      0x00, 0x01, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00, 0x00, 0x00, 0x00,
+      0xce, 0x00, 0x00, 0xce, 0x9e, 0x13, 0x74, 0x3b, 0x86, 0xba, 0x69, 0x1f,
+      0x12, 0xf7, 0xcd, 0x78, 0x53, 0xe8, 0x50, 0x4d, 0x71, 0x3f, 0x4b, 0x4e,
+      0xeb, 0x3e, 0xe5, 0x43, 0x54, 0x78, 0x17, 0x6d, 0x00, 0x18, 0x00, 0x61,
+      0x04, 0xd1, 0x99, 0x66, 0x4f, 0xda, 0xc7, 0x12, 0x3b, 0xff, 0xb2, 0xd6,
+      0x2f, 0x35, 0xb6, 0x17, 0x1f, 0xb3, 0xd0, 0xb6, 0x52, 0xff, 0x97, 0x8b,
+      0x01, 0xe8, 0xd9, 0x68, 0x71, 0x40, 0x02, 0xd5, 0x68, 0x3a, 0x58, 0xb2,
+      0x5d, 0xee, 0xa4, 0xe9, 0x5f, 0xf4, 0xaf, 0x3e, 0x30, 0x9c, 0x3e, 0x2b,
+      0xda, 0x61, 0x43, 0x99, 0x02, 0x35, 0x33, 0x9f, 0xcf, 0xb5, 0xd3, 0x28,
+      0x19, 0x9d, 0x1c, 0xbe, 0x69, 0x07, 0x9e, 0xfc, 0xe4, 0x8e, 0xcd, 0x86,
+      0x4a, 0x1b, 0xf0, 0xfc, 0x17, 0x94, 0x66, 0x53, 0xda, 0x24, 0x5e, 0xaf,
+      0xce, 0xec, 0x62, 0x4c, 0x06, 0xb4, 0x52, 0x94, 0xb1, 0x4a, 0x7a, 0x8c,
+      0x4f, 0x00, 0x19, 0x00, 0x85, 0x04, 0x00, 0x27, 0xeb, 0x99, 0x49, 0x7f,
+      0xcb, 0x2c, 0x46, 0x54, 0x2d, 0x93, 0x5d, 0x25, 0x92, 0x58, 0x5e, 0x06,
+      0xc3, 0x7c, 0xfb, 0x9a, 0xa7, 0xec, 0xcd, 0x9f, 0xe1, 0x6b, 0x2d, 0x78,
+      0xf5, 0x16, 0xa9, 0x20, 0x52, 0x48, 0x19, 0x0f, 0x1a, 0xd0, 0xce, 0xd8,
+      0x68, 0xb1, 0x4e, 0x7f, 0x33, 0x03, 0x7d, 0x0c, 0x39, 0xdb, 0x9c, 0x4b,
+      0xf4, 0xe7, 0xc2, 0xf5, 0xdd, 0x51, 0x9b, 0x03, 0xa8, 0x53, 0x2b, 0xe6,
+      0x00, 0x15, 0x4b, 0xff, 0xd2, 0xa0, 0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00,
+      0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0xda, 0x01, 0x00, 0x02, 0xdc, 0x00,
+      0x00, 0x00, 0x01, 0x9c, 0x00, 0x00, 0xce, 0x58, 0x30, 0x10, 0x3d, 0x46,
+      0xcc, 0xca, 0x1a, 0x44, 0xc8, 0x58, 0x9b, 0x27, 0x17, 0x67, 0x31, 0x96,
+      0x8a, 0x66, 0x39, 0xf4, 0xcc, 0xc1, 0x9f, 0x12, 0x1f, 0x01, 0x30, 0x50,
+      0x16, 0xd6, 0x89, 0x97, 0xa3, 0x66, 0xd7, 0x99, 0x50, 0x09, 0x6e, 0x80,
+      0x87, 0xe4, 0xa2, 0x88, 0xae, 0xb4, 0x23, 0x57, 0x2f, 0x12, 0x60, 0xe7,
+      0x7d, 0x44, 0x2d, 0xad, 0xbe, 0xe9, 0x0d, 0x01, 0x00, 0x01, 0x00, 0xd5,
+      0xdd, 0x62, 0xee, 0xf3, 0x0e, 0xd9, 0x30, 0x0e, 0x38, 0xf3, 0x48, 0xf4,
+      0xc9, 0x8f, 0x8c, 0x20, 0xf7, 0xd3, 0xa8, 0xb3, 0x87, 0x3c, 0x98, 0x5d,
+      0x70, 0xc5, 0x03, 0x76, 0xb7, 0xd5, 0x0b, 0x7b, 0x23, 0x97, 0x6b, 0xe3,
+      0xb5, 0x18, 0xeb, 0x64, 0x55, 0x18, 0xb2, 0x8a, 0x90, 0x1a, 0x8f, 0x0e,
+      0x15, 0xda, 0xb1, 0x8e, 0x7f, 0xee, 0x1f, 0xe0, 0x3b, 0xb9, 0xed, 0xfc,
+      0x4e, 0x3f, 0x78, 0x16, 0x39, 0x95, 0x5f, 0xb7, 0xcb, 0x65, 0x55, 0x72,
+      0x7b, 0x7d, 0x86, 0x2f, 0x8a, 0xe5, 0xee, 0xf7, 0x57, 0x40, 0xf3, 0xc4,
+      0x96, 0x4f, 0x11, 0x4d, 0x85, 0xf9, 0x56, 0xfa, 0x3d, 0xf0, 0xc9, 0xa4,
+      0xec, 0x1e, 0xaa, 0x47, 0x90, 0x53, 0xdf, 0xe1, 0xb7, 0x78, 0x18, 0xeb,
+      0xdd, 0x0d, 0x89, 0xb7, 0xf6, 0x15, 0x0e, 0x55, 0x12, 0xb3, 0x23, 0x17,
+      0x0b, 0x59, 0x6f, 0x83, 0x05, 0x6b, 0xa6, 0xf8, 0x6c, 0x3a, 0x9b, 0x1b,
+      0x50, 0x93, 0x51, 0xea, 0x95, 0x2d, 0x99, 0x96, 0x38, 0x16, 0xfe, 0xfd,
+      0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x7e, 0x01, 0x00,
+      0x02, 0xdc, 0x00, 0x00, 0x00, 0x02, 0x6a, 0x00, 0x00, 0x72, 0x2d, 0x66,
+      0x3e, 0xf2, 0x36, 0x5a, 0xf2, 0x23, 0x8f, 0x28, 0x09, 0xa9, 0x55, 0x8c,
+      0x8f, 0xc0, 0x0d, 0x61, 0x98, 0x33, 0x56, 0x87, 0x7a, 0xfd, 0xa7, 0x50,
+      0x71, 0x84, 0x2e, 0x41, 0x58, 0x00, 0x87, 0xd9, 0x27, 0xe5, 0x7b, 0xf4,
+      0x6d, 0x84, 0x4e, 0x2e, 0x0c, 0x80, 0x0c, 0xf3, 0x8a, 0x02, 0x4b, 0x99,
+      0x3a, 0x1f, 0x9f, 0x18, 0x7d, 0x1c, 0xec, 0xad, 0x60, 0x54, 0xa6, 0xa3,
+      0x2c, 0x82, 0x5e, 0xf8, 0x8f, 0xae, 0xe1, 0xc4, 0x82, 0x7e, 0x43, 0x43,
+      0xc5, 0x99, 0x49, 0x05, 0xd3, 0xf6, 0xdf, 0xa1, 0xb5, 0x2d, 0x0c, 0x13,
+      0x2f, 0x1e, 0xb6, 0x28, 0x7c, 0x5c, 0xa1, 0x02, 0x6b, 0x8d, 0xa3, 0xeb,
+      0xd4, 0x58, 0xe6, 0xa0, 0x7e, 0x6b, 0xaa, 0x09, 0x43, 0x67, 0x71, 0x87,
+      0xa5, 0xcb, 0x68, 0xf3
+    };
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+    /* Fragment msgs */
+    ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_c, DUMMY_MTU), WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_dtls_set_mtu(ssl_s, DUMMY_MTU), WOLFSSL_SUCCESS);
+
+    /* Add in some key shares to make the CH long */
+    ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP256R1),
+            WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP384R1),
+            WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_ECC_SECP521R1),
+            WOLFSSL_SUCCESS);
+    ExpectIntEQ(wolfSSL_UseKeyShare(ssl_c, WOLFSSL_FFDHE_2048),
+            WOLFSSL_SUCCESS);
+
+    ExpectIntEQ(wolfSSL_dtls13_allow_ch_frag(ssl_s, 1), WOLFSSL_SUCCESS);
+
+    /* Reject fragmented first CH */
+    ExpectIntEQ(test_dtls_frag_ch_count_records(four_frag_CH,
+            sizeof(four_frag_CH)), 4);
+    XMEMCPY(test_ctx.s_buff, four_frag_CH, sizeof(four_frag_CH));
+    test_ctx.s_len = sizeof(four_frag_CH);
+    while (test_ctx.s_len > 0 && EXPECT_SUCCESS()) {
+        int s_len = test_ctx.s_len;
+        ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+        ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+        /* Fail if we didn't advance the buffer to avoid infinite loops */
+        ExpectIntLT(test_ctx.s_len, s_len);
+    }
+    /* Expect all fragments read */
+    ExpectIntEQ(test_ctx.s_len, 0);
+    /* Expect quietly dropping fragmented first CH */
+    ExpectIntEQ(test_ctx.c_len, 0);
+
+    /* CH1 */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Count records. Expect 1 unfragmented CH */
+    ExpectIntEQ(test_dtls_frag_ch_count_records(test_ctx.s_buff,
+            test_ctx.s_len), 1);
+    /* HRR */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+    /* CH2 */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Count records. Expect fragmented CH */
+    ExpectIntGT(test_dtls_frag_ch_count_records(test_ctx.s_buff,
+            test_ctx.s_len), 1);
+
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+    ssl_c = ssl_s = NULL;
+    ctx_c = ctx_s = NULL;
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_dtls_empty_keyshare_with_cookie(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13)
+    WOLFSSL_CTX *ctx_s = NULL;
+    WOLFSSL *ssl_s = NULL;
+    struct test_memio_ctx test_ctx;
+    unsigned char ch_empty_keyshare_with_cookie[] = {
+        0x16, 0xfe, 0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x01,
+        0x12, 0x01, 0x00, 0x01, 0x06, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x01,
+        0x06, 0xfe, 0xfd, 0xfb, 0x8c, 0x9b, 0x28, 0xae, 0x50, 0x1c, 0x4d, 0xf3,
+        0xb8, 0xcf, 0x4d, 0xd8, 0x7e, 0x93, 0x13, 0x7b, 0x9e, 0xd9, 0xeb, 0xe9,
+        0x13, 0x4b, 0x0d, 0x7f, 0x2e, 0x43, 0x62, 0x8c, 0xe4, 0x57, 0x79, 0x00,
+        0x00, 0x00, 0x36, 0x13, 0x01, 0x13, 0x02, 0x13, 0x03, 0xc0, 0x2c, 0xc0,
+        0x2b, 0xc0, 0x30, 0xc0, 0x2f, 0x00, 0x9f, 0x00, 0x9e, 0xcc, 0xa9, 0xcc,
+        0xa8, 0xcc, 0xaa, 0xc0, 0x27, 0xc0, 0x23, 0xc0, 0x28, 0xc0, 0x24, 0xc0,
+        0x0a, 0xc0, 0x09, 0xc0, 0x14, 0xc0, 0x13, 0x00, 0x6b, 0x00, 0x67, 0x00,
+        0x39, 0x00, 0x33, 0xcc, 0x14, 0xcc, 0x13, 0xcc, 0x15, 0x01, 0x00, 0x00,
+        0xa6, 0x00, 0x2b, 0x00, 0x03, 0x02, 0xfe, 0xfc, 0x00, 0x2c, 0x00, 0x47,
+        0x00, 0x45, 0x20, 0xee, 0x4b, 0x17, 0x70, 0x63, 0xa0, 0x4c, 0x82, 0xbf,
+        0x43, 0x01, 0x7d, 0x8d, 0xc1, 0x1b, 0x4e, 0x9b, 0xa0, 0x3c, 0x53, 0x1f,
+        0xb7, 0xd1, 0x10, 0x81, 0xa8, 0xdf, 0xdf, 0x8c, 0x7f, 0xf3, 0x11, 0x13,
+        0x01, 0x02, 0x3d, 0x3b, 0x7d, 0x14, 0x2c, 0x31, 0xb3, 0x60, 0x72, 0x4d,
+        0xe5, 0x1a, 0xb2, 0xa3, 0x61, 0x77, 0x73, 0x03, 0x40, 0x0e, 0x5f, 0xc5,
+        0x61, 0x38, 0x43, 0x56, 0x21, 0x4a, 0x95, 0xd5, 0x35, 0xa8, 0x0d, 0x00,
+        0x0d, 0x00, 0x2a, 0x00, 0x28, 0x06, 0x03, 0x05, 0x03, 0x04, 0x03, 0x02,
+        0x03, 0xfe, 0x0b, 0xfe, 0x0e, 0xfe, 0xa0, 0xfe, 0xa3, 0xfe, 0xa5, 0x08,
+        0x06, 0x08, 0x0b, 0x08, 0x05, 0x08, 0x0a, 0x08, 0x04, 0x08, 0x09, 0x06,
+        0x01, 0x05, 0x01, 0x04, 0x01, 0x03, 0x01, 0x02, 0x01, 0x00, 0x0a, 0x00,
+        0x18, 0x00, 0x16, 0x00, 0x19, 0x00, 0x18, 0x00, 0x17, 0x00, 0x15, 0x01,
+        0x00, 0x02, 0x3a, 0x02, 0x3c, 0x02, 0x3d, 0x2f, 0x3a, 0x2f, 0x3c, 0x2f,
+        0x3d, 0x00, 0x16, 0x00, 0x00, 0x00, 0x33, 0x00, 0x02, 0x00, 0x00
+    };
+    DtlsRecordLayerHeader* dtlsRH;
+    byte sequence_number[8];
+
+    XMEMSET(&sequence_number, 0, sizeof(sequence_number));
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    XMEMCPY(test_ctx.s_buff, ch_empty_keyshare_with_cookie,
+            sizeof(ch_empty_keyshare_with_cookie));
+    test_ctx.s_len = sizeof(ch_empty_keyshare_with_cookie);
+    ExpectIntEQ(test_memio_setup(&test_ctx, NULL, &ctx_s, NULL, &ssl_s,
+        NULL, wolfDTLSv1_3_server_method), 0);
+
+    /* CH1 */
+    ExpectIntEQ(wolfSSL_negotiate(ssl_s), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Expect an alert. A plaintext alert should be exactly 15 bytes. */
+    ExpectIntEQ(test_ctx.c_len, 15);
+    dtlsRH = (DtlsRecordLayerHeader*)test_ctx.c_buff;
+    ExpectIntEQ(dtlsRH->type, alert);
+    ExpectIntEQ(dtlsRH->pvMajor, DTLS_MAJOR);
+    ExpectIntEQ(dtlsRH->pvMinor, DTLSv1_2_MINOR);
+    sequence_number[7] = 1;
+    ExpectIntEQ(XMEMCMP(sequence_number, dtlsRH->sequence_number,
+            sizeof(sequence_number)), 0);
+    ExpectIntEQ(dtlsRH->length[0], 0);
+    ExpectIntEQ(dtlsRH->length[1], 2);
+    ExpectIntEQ(test_ctx.c_buff[13], alert_fatal);
+    ExpectIntEQ(test_ctx.c_buff[14], illegal_parameter);
+
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_s);
+#endif
+    return EXPECT_RESULT();
+}
+
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+    defined(HAVE_LIBOQS)
+static void test_tls13_pq_groups_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    int group = WOLFSSL_KYBER_LEVEL5;
+    AssertIntEQ(wolfSSL_CTX_set_groups(ctx, &group, 1), WOLFSSL_SUCCESS);
+}
+
+static void test_tls13_pq_groups_on_result(WOLFSSL* ssl)
+{
+    AssertStrEQ(wolfSSL_get_curve_name(ssl), "KYBER_LEVEL5");
+}
+#endif
+
+static int test_tls13_pq_groups(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_IO_TESTS_DEPENDENCIES) && defined(WOLFSSL_TLS13) && \
+    defined(HAVE_LIBOQS)
+    callback_functions func_cb_client;
+    callback_functions func_cb_server;
+
+    XMEMSET(&func_cb_client, 0, sizeof(callback_functions));
+    XMEMSET(&func_cb_server, 0, sizeof(callback_functions));
+
+    func_cb_client.method = wolfTLSv1_3_client_method;
+    func_cb_server.method = wolfTLSv1_3_server_method;
+    func_cb_client.ctx_ready = test_tls13_pq_groups_ctx_ready;
+    func_cb_client.on_result = test_tls13_pq_groups_on_result;
+    func_cb_server.on_result = test_tls13_pq_groups_on_result;
+
+    test_wolfSSL_client_server_nofail(&func_cb_client, &func_cb_server);
+
+    ExpectIntEQ(func_cb_client.return_code, TEST_SUCCESS);
+    ExpectIntEQ(func_cb_server.return_code, TEST_SUCCESS);
+#endif
+    return EXPECT_RESULT();
+}
+
+static int test_dtls13_early_data(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && defined(WOLFSSL_DTLS13) && \
+    defined(WOLFSSL_EARLY_DATA) && defined(HAVE_SESSION_TICKET)
+    struct test_memio_ctx test_ctx;
+    WOLFSSL_CTX *ctx_c = NULL, *ctx_s = NULL;
+    WOLFSSL *ssl_c = NULL, *ssl_s = NULL;
+    WOLFSSL_SESSION *sess = NULL;
+    int written = 0;
+    int read = 0;
+    char msg[] = "This is early data";
+    char msg2[] = "This is client data";
+    char msg3[] = "This is server data";
+    char msg4[] = "This is server immediate data";
+    char msgBuf[50];
+
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+
+    /* Get a ticket so that we can do 0-RTT on the next connection */
+    ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
+    ExpectNotNull(sess = wolfSSL_get1_session(ssl_c));
+
+    wolfSSL_free(ssl_c);
+    ssl_c = NULL;
+    wolfSSL_free(ssl_s);
+    ssl_s = NULL;
+    XMEMSET(&test_ctx, 0, sizeof(test_ctx));
+    ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
+        wolfDTLSv1_3_client_method, wolfDTLSv1_3_server_method), 0);
+    ExpectIntEQ(wolfSSL_set_session(ssl_c, sess), WOLFSSL_SUCCESS);
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+    ExpectIntEQ(wolfSSL_dtls13_no_hrr_on_resume(ssl_s, 1), WOLFSSL_SUCCESS);
+#else
+    /* Let's test this but we generally don't recommend turning off the
+     * cookie exchange */
+    ExpectIntEQ(wolfSSL_disable_hrr_cookie(ssl_s), WOLFSSL_SUCCESS);
+#endif
+
+    /* Test 0-RTT data */
+    ExpectIntEQ(wolfSSL_write_early_data(ssl_c, msg, sizeof(msg),
+            &written), sizeof(msg));
+    ExpectIntEQ(written, sizeof(msg));
+
+    ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
+            &read), sizeof(msg));
+    ExpectIntEQ(read, sizeof(msg));
+    ExpectStrEQ(msg, msgBuf);
+
+    /* Test 0.5-RTT data */
+    ExpectIntEQ(wolfSSL_write(ssl_s, msg4, sizeof(msg4)), sizeof(msg4));
+
+    ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), APP_DATA_READY);
+
+    ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg4));
+    ExpectStrEQ(msg4, msgBuf);
+
+    /* Complete handshake */
+    ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
+    /* Use wolfSSL_is_init_finished to check if handshake is complete. Normally
+     * a user would loop until it is true but here we control both sides so we
+     * just assert the expected value. wolfSSL_read_early_data does not provide
+     * handshake status to us with non-blocking IO and we can't use
+     * wolfSSL_accept as TLS layer may return ZERO_RETURN due to early data
+     * parsing logic. */
+    ExpectFalse(wolfSSL_is_init_finished(ssl_s));
+    ExpectIntEQ(wolfSSL_read_early_data(ssl_s, msgBuf, sizeof(msgBuf),
+            &read), -1);
+    ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
+
+    ExpectIntEQ(wolfSSL_connect(ssl_c), WOLFSSL_SUCCESS);
+
+    ExpectTrue(wolfSSL_is_init_finished(ssl_s));
+
+
+    /* Test bi-directional write */
+    ExpectIntEQ(wolfSSL_write(ssl_c, msg2, sizeof(msg2)), sizeof(msg2));
+    ExpectIntEQ(wolfSSL_read(ssl_s, msgBuf, sizeof(msgBuf)), sizeof(msg2));
+    ExpectStrEQ(msg2, msgBuf);
+    ExpectIntEQ(wolfSSL_write(ssl_s, msg3, sizeof(msg3)), sizeof(msg3));
+    ExpectIntEQ(wolfSSL_read(ssl_c, msgBuf, sizeof(msgBuf)), sizeof(msg3));
+    ExpectStrEQ(msg3, msgBuf);
+
+    ExpectTrue(wolfSSL_session_reused(ssl_c));
+    ExpectTrue(wolfSSL_session_reused(ssl_s));
+
+    wolfSSL_SESSION_free(sess);
+    wolfSSL_free(ssl_c);
+    wolfSSL_free(ssl_s);
+    wolfSSL_CTX_free(ctx_c);
+    wolfSSL_CTX_free(ctx_s);
+#endif
+    return EXPECT_RESULT();
+}
+
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+static int test_self_signed_stapling_client_v1_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+    ExpectIntEQ(wolfSSL_CTX_UseOCSPStapling(ctx, WOLFSSL_CSR_OCSP,
+            WOLFSSL_CSR_OCSP_USE_NONCE), 1);
+    return EXPECT_RESULT();
+}
+#endif
+
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+static int test_self_signed_stapling_client_v2_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+    ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP,
+            WOLFSSL_CSR2_OCSP_USE_NONCE), 1);
+    return EXPECT_RESULT();
+}
+
+static int test_self_signed_stapling_client_v2_multi_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+    ExpectIntEQ(wolfSSL_CTX_UseOCSPStaplingV2(ctx, WOLFSSL_CSR2_OCSP_MULTI,
+            0), 1);
+    return EXPECT_RESULT();
+}
+#endif
+
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+static int test_self_signed_stapling_server_ctx_ready(WOLFSSL_CTX* ctx)
+{
+    EXPECT_DECLS;
+    ExpectIntEQ(wolfSSL_CTX_EnableOCSPStapling(ctx), 1);
+    return EXPECT_RESULT();
+}
+#endif
+
+static int test_self_signed_stapling(void)
+{
+    EXPECT_DECLS;
+#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \
+ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
+    test_ssl_cbf client_cbf;
+    test_ssl_cbf server_cbf;
+    size_t i;
+    struct {
+        method_provider client_meth;
+        method_provider server_meth;
+        ctx_cb client_ctx;
+        const char* tls_version;
+    } params[] = {
+#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
+        { wolfTLSv1_3_client_method, wolfTLSv1_3_server_method,
+            test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_3 v1" },
+#endif
+#ifndef WOLFSSL_NO_TLS12
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST
+        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+            test_self_signed_stapling_client_v1_ctx_ready, "TLSv1_2 v1" },
+#endif
+#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
+        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+            test_self_signed_stapling_client_v2_ctx_ready, "TLSv1_2 v2" },
+        { wolfTLSv1_2_client_method, wolfTLSv1_2_server_method,
+            test_self_signed_stapling_client_v2_multi_ctx_ready,
+            "TLSv1_2 v2 multi" },
+#endif
+#endif
+    };
+
+    for (i = 0; i < sizeof(params)/sizeof(*params) && !EXPECT_FAIL(); i++) {
+        XMEMSET(&client_cbf, 0, sizeof(client_cbf));
+        XMEMSET(&server_cbf, 0, sizeof(server_cbf));
+
+        printf("\nTesting self-signed cert with status request: %s\n",
+                params[i].tls_version);
+
+        client_cbf.method = params[i].client_meth;
+        client_cbf.ctx_ready = params[i].client_ctx;
+
+        server_cbf.method = params[i].server_meth;
+        server_cbf.certPemFile = "certs/ca-cert.pem";
+        server_cbf.keyPemFile  = "certs/ca-key.pem";
+        server_cbf.ctx_ready = test_self_signed_stapling_server_ctx_ready;
+
+        ExpectIntEQ(test_wolfSSL_client_server_nofail_memio(&client_cbf,
+            &server_cbf, NULL), TEST_SUCCESS);
+    }
+#endif
+    return EXPECT_RESULT();
+}
+
 /*----------------------------------------------------------------------------*
  | Main
  *----------------------------------------------------------------------------*/
@@ -66846,138 +68902,350 @@ int testAll = 1;
 
 TEST_CASE testCases[] = {
     TEST_DECL(test_fileAccess),
-    TEST_DECL(test_wolfSSL_Init),
-    TEST_DECL(test_wolfSSL_Method_Allocators),
-#ifndef NO_WOLFSSL_SERVER
-    TEST_DECL(test_wolfSSL_CTX_new),
-#endif
-    TEST_DECL(test_server_wolfSSL_new),
-    TEST_DECL(test_client_wolfSSL_new),
-#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
-    (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
-    TEST_DECL(test_for_double_Free),
-#endif
-#ifdef HAVE_IO_TESTS_DEPENDENCIES
-    TEST_DECL(test_wolfSSL_get_finished),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_CTX_add_session),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_CTX_add_session_ext),
-#endif
-    TEST_DECL(test_SSL_CIPHER_get_xxx),
-    TEST_DECL(test_wolfSSL_ERR_strings),
-    TEST_DECL(test_wolfSSL_EVP_shake128),
-    TEST_DECL(test_wolfSSL_EVP_shake256),
-    TEST_DECL(test_EVP_blake2),
-    TEST_DECL(test_EVP_MD_do_all),
-    TEST_DECL(test_OBJ_NAME_do_all),
-    TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes),
-    TEST_DECL(test_wolfSSL_CTX_use_certificate_file),
-    TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer),
-    TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
-    TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
-    /* Large number of memory allocations. */
-    TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs),
 
-    TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
-    TEST_DECL(test_wolfSSL_CheckOCSPResponse),
-    TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
-    TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex),
-    TEST_DECL(test_wolfSSL_CertManagerGetCerts),
-    TEST_DECL(test_wolfSSL_CertManagerSetVerify),
-    TEST_DECL(test_wolfSSL_CertManagerNameConstraint),
-    TEST_DECL(test_wolfSSL_CertManagerNameConstraint2),
-    TEST_DECL(test_wolfSSL_CertManagerNameConstraint3),
-    TEST_DECL(test_wolfSSL_CertManagerNameConstraint4),
-    TEST_DECL(test_wolfSSL_CertManagerNameConstraint5),
-    TEST_DECL(test_wolfSSL_FPKI),
-    TEST_DECL(test_wolfSSL_OtherName),
-    TEST_DECL(test_wolfSSL_CertRsaPss),
-    TEST_DECL(test_wolfSSL_CertManagerCRL),
-    TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex),
-    TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex),
-    TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format),
-    TEST_DECL(test_wolfSSL_CTX_add1_chain_cert),
-    TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format),
-    TEST_DECL(test_wolfSSL_CTX_trust_peer_cert),
-    TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file),
-    TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer),
-    TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz),
-    TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations),
-    TEST_DECL(test_wolfSSL_CTX_enable_disable),
-    TEST_DECL(test_wolfSSL_CTX_ticket_API),
-    TEST_DECL(test_wolfSSL_SetTmpDH_file),
-    TEST_DECL(test_wolfSSL_SetTmpDH_buffer),
-    TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz),
-    TEST_DECL(test_SetTmpEC_DHE_Sz),
-    TEST_DECL(test_wolfSSL_CTX_get0_privatekey),
-    TEST_DECL(test_wolfSSL_dtls_set_mtu),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_dtls_plaintext),
-#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
-    defined(HAVE_IO_TESTS_DEPENDENCIES)
-    TEST_DECL(test_wolfSSL_read_write),
-    /* Can't memory test as server hangs if client fails before second connect.
-     */
-    TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj),
-    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1),
-    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2),
-    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3),
-    TEST_DECL(test_wolfSSL_CTX_set_cipher_list),
-    /* Can't memory test as server hangs. */
-    TEST_DECL(test_wolfSSL_dtls_export),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_tls_export),
-#endif
-    TEST_DECL(test_wolfSSL_SetMinVersion),
-    TEST_DECL(test_wolfSSL_CTX_SetMinVersion),
+    /*********************************
+     * wolfcrypt
+     *********************************/
 
-    /* TLS extensions tests */
-#ifdef HAVE_IO_TESTS_DEPENDENCIES
-#ifdef HAVE_SNI
-    TEST_DECL(test_wolfSSL_UseSNI_params),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_UseSNI_connection),
-    TEST_DECL(test_wolfSSL_SNI_GetFromBuffer),
-#endif /* HAVE_SNI */
-#endif
-    TEST_DECL(test_wolfSSL_UseTrustedCA),
-    TEST_DECL(test_wolfSSL_UseMaxFragment),
-    TEST_DECL(test_wolfSSL_UseTruncatedHMAC),
-    TEST_DECL(test_wolfSSL_UseSupportedCurve),
-#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_UseALPN_connection),
-    TEST_DECL(test_wolfSSL_UseALPN_params),
+    TEST_DECL(test_ForceZero),
+
+    TEST_DECL(test_wolfCrypt_Init),
+
+    /* Locking with Compat Mutex */
+    TEST_DECL(test_wc_SetMutexCb),
+    TEST_DECL(test_wc_LockMutex_ex),
+
+    /* Digests */
+    TEST_DECL(test_wc_InitMd5),
+    TEST_DECL(test_wc_Md5Update),
+    TEST_DECL(test_wc_Md5Final),
+    TEST_DECL(test_wc_InitSha),
+    TEST_DECL(test_wc_ShaUpdate),
+    TEST_DECL(test_wc_ShaFinal),
+    TEST_DECL(test_wc_InitSha256),
+    TEST_DECL(test_wc_Sha256Update),
+    TEST_DECL(test_wc_Sha256Final),
+    TEST_DECL(test_wc_Sha256FinalRaw),
+    TEST_DECL(test_wc_Sha256GetFlags),
+    TEST_DECL(test_wc_Sha256Free),
+    TEST_DECL(test_wc_Sha256GetHash),
+    TEST_DECL(test_wc_Sha256Copy),
+
+    TEST_DECL(test_wc_InitSha224),
+    TEST_DECL(test_wc_Sha224Update),
+    TEST_DECL(test_wc_Sha224Final),
+    TEST_DECL(test_wc_Sha224SetFlags),
+    TEST_DECL(test_wc_Sha224GetFlags),
+    TEST_DECL(test_wc_Sha224Free),
+    TEST_DECL(test_wc_Sha224GetHash),
+    TEST_DECL(test_wc_Sha224Copy),
+
+    TEST_DECL(test_wc_InitSha512),
+    TEST_DECL(test_wc_Sha512Update),
+    TEST_DECL(test_wc_Sha512Final),
+    TEST_DECL(test_wc_Sha512GetFlags),
+    TEST_DECL(test_wc_Sha512FinalRaw),
+    TEST_DECL(test_wc_Sha512Free),
+    TEST_DECL(test_wc_Sha512GetHash),
+    TEST_DECL(test_wc_Sha512Copy),
+
+    TEST_DECL(test_wc_InitSha512_224),
+    TEST_DECL(test_wc_Sha512_224Update),
+    TEST_DECL(test_wc_Sha512_224Final),
+    TEST_DECL(test_wc_Sha512_224GetFlags),
+    TEST_DECL(test_wc_Sha512_224FinalRaw),
+    TEST_DECL(test_wc_Sha512_224Free),
+    TEST_DECL(test_wc_Sha512_224GetHash),
+    TEST_DECL(test_wc_Sha512_224Copy),
+    TEST_DECL(test_wc_InitSha512_256),
+    TEST_DECL(test_wc_Sha512_256Update),
+    TEST_DECL(test_wc_Sha512_256Final),
+    TEST_DECL(test_wc_Sha512_256GetFlags),
+    TEST_DECL(test_wc_Sha512_256FinalRaw),
+    TEST_DECL(test_wc_Sha512_256Free),
+    TEST_DECL(test_wc_Sha512_256GetHash),
+    TEST_DECL(test_wc_Sha512_256Copy),
+
+    TEST_DECL(test_wc_InitSha384),
+    TEST_DECL(test_wc_Sha384Update),
+    TEST_DECL(test_wc_Sha384Final),
+    TEST_DECL(test_wc_Sha384GetFlags),
+    TEST_DECL(test_wc_Sha384FinalRaw),
+    TEST_DECL(test_wc_Sha384Free),
+    TEST_DECL(test_wc_Sha384GetHash),
+    TEST_DECL(test_wc_Sha384Copy),
+
+    TEST_DECL(test_wc_InitBlake2b),
+    TEST_DECL(test_wc_InitBlake2b_WithKey),
+    TEST_DECL(test_wc_InitBlake2s_WithKey),
+    TEST_DECL(test_wc_InitRipeMd),
+    TEST_DECL(test_wc_RipeMdUpdate),
+    TEST_DECL(test_wc_RipeMdFinal),
+
+    TEST_DECL(test_wc_InitSha3),
+    TEST_DECL(testing_wc_Sha3_Update),
+    TEST_DECL(test_wc_Sha3_224_Final),
+    TEST_DECL(test_wc_Sha3_256_Final),
+    TEST_DECL(test_wc_Sha3_384_Final),
+    TEST_DECL(test_wc_Sha3_512_Final),
+    TEST_DECL(test_wc_Sha3_224_Copy),
+    TEST_DECL(test_wc_Sha3_256_Copy),
+    TEST_DECL(test_wc_Sha3_384_Copy),
+    TEST_DECL(test_wc_Sha3_512_Copy),
+    TEST_DECL(test_wc_Sha3_GetFlags),
+    TEST_DECL(test_wc_InitShake256),
+    TEST_DECL(testing_wc_Shake256_Update),
+    TEST_DECL(test_wc_Shake256_Final),
+    TEST_DECL(test_wc_Shake256_Copy),
+    TEST_DECL(test_wc_Shake256Hash),
+
+    /* SM3 Digest */
+    TEST_DECL(test_wc_InitSm3Free),
+    TEST_DECL(test_wc_Sm3UpdateFinal),
+    TEST_DECL(test_wc_Sm3GetHash),
+    TEST_DECL(test_wc_Sm3Copy),
+    TEST_DECL(test_wc_Sm3FinalRaw),
+    TEST_DECL(test_wc_Sm3GetSetFlags),
+    TEST_DECL(test_wc_Sm3Hash),
+
+    TEST_DECL(test_wc_HashInit),
+    TEST_DECL(test_wc_HashSetFlags),
+    TEST_DECL(test_wc_HashGetFlags),
+
+    /* HMAC */
+    TEST_DECL(test_wc_Md5HmacSetKey),
+    TEST_DECL(test_wc_Md5HmacUpdate),
+    TEST_DECL(test_wc_Md5HmacFinal),
+    TEST_DECL(test_wc_ShaHmacSetKey),
+    TEST_DECL(test_wc_ShaHmacUpdate),
+    TEST_DECL(test_wc_ShaHmacFinal),
+    TEST_DECL(test_wc_Sha224HmacSetKey),
+    TEST_DECL(test_wc_Sha224HmacUpdate),
+    TEST_DECL(test_wc_Sha224HmacFinal),
+    TEST_DECL(test_wc_Sha256HmacSetKey),
+    TEST_DECL(test_wc_Sha256HmacUpdate),
+    TEST_DECL(test_wc_Sha256HmacFinal),
+    TEST_DECL(test_wc_Sha384HmacSetKey),
+    TEST_DECL(test_wc_Sha384HmacUpdate),
+    TEST_DECL(test_wc_Sha384HmacFinal),
+
+    /* CMAC */
+    TEST_DECL(test_wc_InitCmac),
+    TEST_DECL(test_wc_CmacUpdate),
+    TEST_DECL(test_wc_CmacFinal),
+    TEST_DECL(test_wc_AesCmacGenerate),
+
+    /* Cipher */
+    TEST_DECL(test_wc_AesGcmStream),
+
+    TEST_DECL(test_wc_Des3_SetIV),
+    TEST_DECL(test_wc_Des3_SetKey),
+    TEST_DECL(test_wc_Des3_CbcEncryptDecrypt),
+    TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey),
+    TEST_DECL(test_wc_Des3_EcbEncrypt),
+
+    TEST_DECL(test_wc_Chacha_SetKey),
+    TEST_DECL(test_wc_Chacha_Process),
+    TEST_DECL(test_wc_ChaCha20Poly1305_aead),
+    TEST_DECL(test_wc_Poly1305SetKey),
+
+    TEST_DECL(test_wc_CamelliaSetKey),
+    TEST_DECL(test_wc_CamelliaSetIV),
+    TEST_DECL(test_wc_CamelliaEncryptDecryptDirect),
+    TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt),
+
+    TEST_DECL(test_wc_Arc4SetKey),
+    TEST_DECL(test_wc_Arc4Process),
+
+    TEST_DECL(test_wc_Rc2SetKey),
+    TEST_DECL(test_wc_Rc2SetIV),
+    TEST_DECL(test_wc_Rc2EcbEncryptDecrypt),
+    TEST_DECL(test_wc_Rc2CbcEncryptDecrypt),
+
+    /* AES cipher and GMAC. */
+    TEST_DECL(test_wc_AesSetKey),
+    TEST_DECL(test_wc_AesSetIV),
+    TEST_DECL(test_wc_AesCbcEncryptDecrypt),
+    TEST_DECL(test_wc_AesCtrEncryptDecrypt),
+    TEST_DECL(test_wc_AesGcmSetKey),
+    TEST_DECL(test_wc_AesGcmEncryptDecrypt),
+    TEST_DECL(test_wc_AesGcmMixedEncDecLongIV),
+    TEST_DECL(test_wc_GmacSetKey),
+    TEST_DECL(test_wc_GmacUpdate),
+    TEST_DECL(test_wc_AesCcmSetKey),
+    TEST_DECL(test_wc_AesCcmEncryptDecrypt),
+#if defined(WOLFSSL_AES_EAX) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    TEST_DECL(test_wc_AesEaxVectors),
+    TEST_DECL(test_wc_AesEaxEncryptAuth),
+    TEST_DECL(test_wc_AesEaxDecryptAuth),
+#endif /* WOLFSSL_AES_EAX */
+
+    /* SM4 cipher */
+    TEST_DECL(test_wc_Sm4),
+    TEST_DECL(test_wc_Sm4Ecb),
+    TEST_DECL(test_wc_Sm4Cbc),
+    TEST_DECL(test_wc_Sm4Ctr),
+    TEST_DECL(test_wc_Sm4Gcm),
+    TEST_DECL(test_wc_Sm4Ccm),
+
+    /* RNG tests */
+#ifdef HAVE_HASHDRBG
+#ifdef TEST_RESEED_INTERVAL
+    TEST_DECL(test_wc_RNG_GenerateBlock_Reseed),
 #endif
-#ifdef HAVE_ALPN_PROTOS_SUPPORT
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_set_alpn_protos),
+    TEST_DECL(test_wc_RNG_GenerateBlock),
 #endif
-    TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
-    TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
-    TEST_DECL(test_wolfSSL_SCR_Reconnect),
-    TEST_DECL(test_tls_ext_duplicate),
-#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
-    TEST_DECL(test_wolfSSL_Tls13_ECH_params),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_Tls13_ECH),
+    TEST_DECL(test_get_rand_digit),
+    TEST_DECL(test_wc_InitRngNonce),
+    TEST_DECL(test_wc_InitRngNonce_ex),
+
+    /* MP API tests */
+    TEST_DECL(test_get_digit_count),
+    TEST_DECL(test_mp_cond_copy),
+    TEST_DECL(test_mp_rand),
+    TEST_DECL(test_get_digit),
+    TEST_DECL(test_wc_export_int),
+
+    /* RSA */
+    TEST_DECL(test_wc_InitRsaKey),
+    TEST_DECL(test_wc_RsaPrivateKeyDecode),
+    TEST_DECL(test_wc_RsaPublicKeyDecode),
+    TEST_DECL(test_wc_RsaPublicKeyDecodeRaw),
+    TEST_DECL(test_wc_MakeRsaKey),
+    TEST_DECL(test_wc_CheckProbablePrime),
+    TEST_DECL(test_wc_RsaPSS_Verify),
+    TEST_DECL(test_wc_RsaPSS_VerifyCheck),
+    TEST_DECL(test_wc_RsaPSS_VerifyCheckInline),
+    TEST_DECL(test_wc_RsaKeyToDer),
+    TEST_DECL(test_wc_RsaKeyToPublicDer),
+    TEST_DECL(test_wc_RsaPublicEncryptDecrypt),
+    TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex),
+    TEST_DECL(test_wc_RsaEncryptSize),
+    TEST_DECL(test_wc_RsaSSL_SignVerify),
+    TEST_DECL(test_wc_RsaFlattenPublicKey),
+    TEST_DECL(test_RsaDecryptBoundsCheck),
+
+    /* DSA */
+    TEST_DECL(test_wc_InitDsaKey),
+    TEST_DECL(test_wc_DsaSignVerify),
+    TEST_DECL(test_wc_DsaPublicPrivateKeyDecode),
+    TEST_DECL(test_wc_MakeDsaKey),
+    TEST_DECL(test_wc_DsaKeyToDer),
+    TEST_DECL(test_wc_DsaKeyToPublicDer),
+    TEST_DECL(test_wc_DsaImportParamsRaw),
+    TEST_DECL(test_wc_DsaImportParamsRawCheck),
+    TEST_DECL(test_wc_DsaExportParamsRaw),
+    TEST_DECL(test_wc_DsaExportKeyRaw),
+
+    /* DH */
+    TEST_DECL(test_wc_DhPublicKeyDecode),
+
+    /* wolfCrypt ECC tests */
+    TEST_DECL(test_wc_ecc_get_curve_size_from_name),
+    TEST_DECL(test_wc_ecc_get_curve_id_from_name),
+    TEST_DECL(test_wc_ecc_get_curve_id_from_params),
+#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
+    !defined(HAVE_SELFTEST) && \
+    !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
+    TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params),
 #endif
+    TEST_DECL(test_wc_ecc_make_key),
+    TEST_DECL(test_wc_ecc_init),
+    TEST_DECL(test_wc_ecc_check_key),
+    TEST_DECL(test_wc_ecc_get_generator),
+    TEST_DECL(test_wc_ecc_size),
+    TEST_DECL(test_wc_ecc_params),
+    TEST_DECL(test_wc_ecc_signVerify_hash),
+    TEST_DECL(test_wc_ecc_shared_secret),
+    TEST_DECL(test_wc_ecc_export_x963),
+    TEST_DECL(test_wc_ecc_export_x963_ex),
+    TEST_DECL(test_wc_ecc_import_x963),
+    TEST_DECL(test_wc_ecc_import_private_key),
+    TEST_DECL(test_wc_ecc_export_private_only),
+    TEST_DECL(test_wc_ecc_rs_to_sig),
+    TEST_DECL(test_wc_ecc_import_raw),
+    TEST_DECL(test_wc_ecc_import_unsigned),
+    TEST_DECL(test_wc_ecc_sig_size),
+    TEST_DECL(test_wc_ecc_ctx_new),
+    TEST_DECL(test_wc_ecc_ctx_reset),
+    TEST_DECL(test_wc_ecc_ctx_set_peer_salt),
+    TEST_DECL(test_wc_ecc_ctx_set_info),
+    TEST_DECL(test_wc_ecc_encryptDecrypt),
+    TEST_DECL(test_wc_ecc_del_point),
+    TEST_DECL(test_wc_ecc_pointFns),
+    TEST_DECL(test_wc_ecc_shared_secret_ssh),
+    TEST_DECL(test_wc_ecc_verify_hash_ex),
+    TEST_DECL(test_wc_ecc_mulmod),
+    TEST_DECL(test_wc_ecc_is_valid_idx),
+    TEST_DECL(test_wc_ecc_get_curve_id_from_oid),
+    TEST_DECL(test_wc_ecc_sig_size_calc),
+    TEST_DECL(test_wc_EccPrivateKeyToDer),
 
-    /* X509 tests */
-    TEST_DECL(test_wolfSSL_X509_NAME_get_entry),
-    TEST_DECL(test_wolfSSL_PKCS12),
-    TEST_DECL(test_wolfSSL_no_password_cb),
-    TEST_DECL(test_wolfSSL_PKCS8),
-    TEST_DECL(test_wolfSSL_PKCS8_ED25519),
-    TEST_DECL(test_wolfSSL_PKCS8_ED448),
-    TEST_DECL(test_wolfSSL_PKCS5),
-    TEST_DECL(test_wolfSSL_URI),
-    TEST_DECL(test_wolfSSL_TBS),
-    TEST_DECL(test_wolfSSL_X509_verify),
-    TEST_DECL(test_wolfSSL_X509_TLS_version_test_1),
-    TEST_DECL(test_wolfSSL_X509_TLS_version_test_2),
+    /* SM2 elliptic curve */
+    TEST_DECL(test_wc_ecc_sm2_make_key),
+    TEST_DECL(test_wc_ecc_sm2_shared_secret),
+    TEST_DECL(test_wc_ecc_sm2_create_digest),
+    TEST_DECL(test_wc_ecc_sm2_verify_hash_ex),
+    TEST_DECL(test_wc_ecc_sm2_verify_hash),
+    TEST_DECL(test_wc_ecc_sm2_sign_hash_ex),
+    TEST_DECL(test_wc_ecc_sm2_sign_hash),
+
+    /* Curve25519 */
+    TEST_DECL(test_wc_curve25519_init),
+    TEST_DECL(test_wc_curve25519_size),
+    TEST_DECL(test_wc_curve25519_export_key_raw),
+    TEST_DECL(test_wc_curve25519_export_key_raw_ex),
+    TEST_DECL(test_wc_curve25519_make_key),
+    TEST_DECL(test_wc_curve25519_shared_secret_ex),
+    TEST_DECL(test_wc_curve25519_make_pub),
+    TEST_DECL(test_wc_curve25519_export_public_ex),
+    TEST_DECL(test_wc_curve25519_export_private_raw_ex),
+    TEST_DECL(test_wc_curve25519_import_private_raw_ex),
+    TEST_DECL(test_wc_curve25519_import_private),
+
+    /* ED25519 */
+    TEST_DECL(test_wc_ed25519_make_key),
+    TEST_DECL(test_wc_ed25519_init),
+    TEST_DECL(test_wc_ed25519_sign_msg),
+    TEST_DECL(test_wc_ed25519_import_public),
+    TEST_DECL(test_wc_ed25519_import_private_key),
+    TEST_DECL(test_wc_ed25519_export),
+    TEST_DECL(test_wc_ed25519_size),
+    TEST_DECL(test_wc_ed25519_exportKey),
+    TEST_DECL(test_wc_Ed25519PublicKeyToDer),
+    TEST_DECL(test_wc_Ed25519KeyToDer),
+    TEST_DECL(test_wc_Ed25519PrivateKeyToDer),
+
+    /* Curve448 */
+    TEST_DECL(test_wc_curve448_make_key),
+    TEST_DECL(test_wc_curve448_shared_secret_ex),
+    TEST_DECL(test_wc_curve448_export_public_ex),
+    TEST_DECL(test_wc_curve448_export_private_raw_ex),
+    TEST_DECL(test_wc_curve448_export_key_raw),
+    TEST_DECL(test_wc_curve448_import_private_raw_ex),
+    TEST_DECL(test_wc_curve448_import_private),
+    TEST_DECL(test_wc_curve448_init),
+    TEST_DECL(test_wc_curve448_size),
+
+    /* Ed448 */
+    TEST_DECL(test_wc_ed448_make_key),
+    TEST_DECL(test_wc_ed448_init),
+    TEST_DECL(test_wc_ed448_sign_msg),
+    TEST_DECL(test_wc_ed448_import_public),
+    TEST_DECL(test_wc_ed448_import_private_key),
+    TEST_DECL(test_wc_ed448_export),
+    TEST_DECL(test_wc_ed448_size),
+    TEST_DECL(test_wc_ed448_exportKey),
+    TEST_DECL(test_wc_Ed448PublicKeyToDer),
+    TEST_DECL(test_wc_Ed448KeyToDer),
+    TEST_DECL(test_wc_Ed448PrivateKeyToDer),
+
+    /* Signature API */
+    TEST_DECL(test_wc_SignatureGetSize_ecc),
+    TEST_DECL(test_wc_SignatureGetSize_rsa),
 
+    /* PEM and DER APIs. */
     TEST_DECL(test_wc_PemToDer),
     TEST_DECL(test_wc_AllocDer),
     TEST_DECL(test_wc_CertPemToDer),
@@ -66987,12 +69255,66 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wc_GetPubKeyDerFromCert),
     TEST_DECL(test_wc_CheckCertSigPubKey),
 
-    /* OCSP Stapling */
-    TEST_DECL(test_wolfSSL_UseOCSPStapling),
-    TEST_DECL(test_wolfSSL_UseOCSPStaplingV2),
+    /* wolfCrypt ASN tests */
+    TEST_DECL(test_ToTraditional),
+    TEST_DECL(test_wc_CreateEncryptedPKCS8Key),
+    TEST_DECL(test_wc_GetPkcs8TraditionalOffset),
 
-    /* Multicast */
-    TEST_DECL(test_wolfSSL_mcast),
+    /* Certificate */
+    TEST_DECL(test_wc_SetSubjectRaw),
+    TEST_DECL(test_wc_GetSubjectRaw),
+    TEST_DECL(test_wc_SetIssuerRaw),
+    TEST_DECL(test_wc_SetIssueBuffer),
+    TEST_DECL(test_wc_SetSubjectKeyId),
+    TEST_DECL(test_wc_SetSubject),
+    TEST_DECL(test_CheckCertSignature),
+    TEST_DECL(test_wc_ParseCert),
+    TEST_DECL(test_wc_ParseCert_Error),
+    TEST_DECL(test_MakeCertWithPathLen),
+    TEST_DECL(test_MakeCertWithCaFalse),
+    TEST_DECL(test_wc_SetKeyUsage),
+    TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex),
+    TEST_DECL(test_wc_SetSubjectBuffer),
+    TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex),
+
+    /* wolfcrypt PKCS#7 */
+    TEST_DECL(test_wc_PKCS7_New),
+    TEST_DECL(test_wc_PKCS7_Init),
+    TEST_DECL(test_wc_PKCS7_InitWithCert),
+    TEST_DECL(test_wc_PKCS7_EncodeData),
+    TEST_DECL(test_wc_PKCS7_EncodeSignedData),
+    TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex),
+    TEST_DECL(test_wc_PKCS7_VerifySignedData_RSA),
+    TEST_DECL(test_wc_PKCS7_VerifySignedData_ECC),
+    TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData),
+    TEST_DECL(test_wc_PKCS7_EncodeEncryptedData),
+    TEST_DECL(test_wc_PKCS7_Degenerate),
+    TEST_DECL(test_wc_PKCS7_BER),
+    TEST_DECL(test_wc_PKCS7_signed_enveloped),
+    TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs),
+    TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx),
+    TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx),
+    TEST_DECL(test_wc_PKCS7_DecodeCompressedData),
+
+    /* wolfCrypt PKCS#12 */
+    TEST_DECL(test_wc_i2d_PKCS12),
+
+    /*
+     * test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to
+     * avoid memory leaks.
+     */
+    TEST_DECL(test_wolfCrypt_Cleanup),
+
+    TEST_DECL(test_wolfSSL_Init),
+
+    /*********************************
+     * OpenSSL compatibility API tests
+     *********************************/
+
+    /* If at some point a stub get implemented this test should fail indicating
+     * a need to implement a new test case
+     */
+    TEST_DECL(test_stubs_are_stubs),
 
     /* ASN.1 compatibility API tests */
     TEST_DECL(test_wolfSSL_ASN1_BIT_STRING),
@@ -67028,22 +69350,9 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_ASN1_TYPE),
     TEST_DECL(test_wolfSSL_IMPLEMENT_ASN1_FUNCTIONS),
 
-    /* compatibility tests */
     TEST_DECL(test_wolfSSL_lhash),
-    TEST_DECL(test_wolfSSL_X509_NAME),
-    TEST_DECL(test_wolfSSL_X509_NAME_hash),
-    TEST_DECL(test_wolfSSL_X509_NAME_print_ex),
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_X509_INFO_multiple_info),
-    TEST_DECL(test_wolfSSL_X509_INFO),
-#endif
-    TEST_DECL(test_wolfSSL_X509_subject_name_hash),
-    TEST_DECL(test_wolfSSL_X509_issuer_name_hash),
-    TEST_DECL(test_wolfSSL_X509_check_host),
-    TEST_DECL(test_wolfSSL_X509_check_email),
-    TEST_DECL(test_wolfSSL_DES),
+
     TEST_DECL(test_wolfSSL_certs),
-    TEST_DECL(test_wolfSSL_X509_check_private_key),
 
     TEST_DECL(test_wolfSSL_private_keys),
     TEST_DECL(test_wolfSSL_PEM_read_PrivateKey),
@@ -67053,6 +69362,8 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_PEM_file_RSAKey),
     TEST_DECL(test_wolfSSL_PEM_file_RSAPrivateKey),
 #ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_BIO),
+    TEST_DECL(test_wolfSSL_PEM_read_bio),
     TEST_DECL(test_wolfSSL_PEM_bio_RSAKey),
     TEST_DECL(test_wolfSSL_PEM_bio_DSAKey),
     TEST_DECL(test_wolfSSL_PEM_bio_ECKey),
@@ -67060,28 +69371,134 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_PEM_PUBKEY),
 #endif
 
-    TEST_DECL(test_DSA_do_sign_verify),
-    TEST_DECL(test_wolfSSL_tmp_dh),
-    TEST_DECL(test_wolfSSL_ctrl),
+    /* EVP API testing */
+    TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new),
+    TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free),
+    TEST_DECL(test_wolfSSL_EVP_EncodeInit),
+    TEST_DECL(test_wolfSSL_EVP_EncodeUpdate),
+    TEST_DECL(test_wolfSSL_EVP_EncodeFinal),
+    TEST_DECL(test_wolfSSL_EVP_DecodeInit),
+    TEST_DECL(test_wolfSSL_EVP_DecodeUpdate),
+    TEST_DECL(test_wolfSSL_EVP_DecodeFinal),
 
+    TEST_DECL(test_wolfSSL_EVP_shake128),
+    TEST_DECL(test_wolfSSL_EVP_shake256),
+    TEST_DECL(test_wolfSSL_EVP_sm3),
+    TEST_DECL(test_EVP_blake2),
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_EVP_md4),
+    TEST_DECL(test_wolfSSL_EVP_ripemd160),
+    TEST_DECL(test_wolfSSL_EVP_get_digestbynid),
+    TEST_DECL(test_wolfSSL_EVP_MD_nid),
+
+    TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex),
+#endif
+
+    TEST_DECL(test_EVP_MD_do_all),
     TEST_DECL(test_wolfSSL_EVP_MD_size),
     TEST_DECL(test_wolfSSL_EVP_MD_pkey_type),
     TEST_DECL(test_wolfSSL_EVP_Digest),
     TEST_DECL(test_wolfSSL_EVP_Digest_all),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key),
     TEST_DECL(test_wolfSSL_EVP_MD_hmac_signing),
     TEST_DECL(test_wolfSSL_EVP_MD_rsa_signing),
     TEST_DECL(test_wolfSSL_EVP_MD_ecc_signing),
+
+    TEST_DECL(test_wolfssl_EVP_aes_gcm),
+    TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts),
+    TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen),
+    TEST_DECL(test_wolfssl_EVP_aes_ccm),
+    TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen),
+    TEST_DECL(test_wolfssl_EVP_chacha20),
+    TEST_DECL(test_wolfssl_EVP_chacha20_poly1305),
+    TEST_DECL(test_wolfssl_EVP_sm4_ecb),
+    TEST_DECL(test_wolfssl_EVP_sm4_cbc),
+    TEST_DECL(test_wolfssl_EVP_sm4_ctr),
+    TEST_DECL(test_wolfssl_EVP_sm4_gcm_zeroLen),
+    TEST_DECL(test_wolfssl_EVP_sm4_gcm),
+    TEST_DECL(test_wolfssl_EVP_sm4_ccm_zeroLen),
+    TEST_DECL(test_wolfssl_EVP_sm4_ccm),
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_EVP_aes_256_gcm),
+    TEST_DECL(test_wolfSSL_EVP_aes_192_gcm),
+    TEST_DECL(test_wolfSSL_EVP_aes_256_ccm),
+    TEST_DECL(test_wolfSSL_EVP_aes_192_ccm),
+    TEST_DECL(test_wolfSSL_EVP_aes_128_ccm),
+    TEST_DECL(test_wolfSSL_EVP_rc4),
+    TEST_DECL(test_wolfSSL_EVP_enc_null),
+    TEST_DECL(test_wolfSSL_EVP_rc2_cbc),
+    TEST_DECL(test_wolfSSL_EVP_mdc2),
+
+    TEST_DECL(test_evp_cipher_aes_gcm),
+#endif
+    TEST_DECL(test_wolfssl_EVP_aria_gcm),
+    TEST_DECL(test_wolfSSL_EVP_Cipher_extra),
+#ifdef OPENSSL_EXTRA
+    TEST_DECL(test_wolfSSL_EVP_get_cipherbynid),
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX),
+#endif
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length),
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length),
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv),
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size),
+    TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
+    TEST_DECL(test_wolfSSL_EVP_X_STATE),
+    TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
+    TEST_DECL(test_wolfSSL_EVP_BytesToKey),
+#endif
+
     TEST_DECL(test_wolfSSL_EVP_PKEY_print_public),
-    TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_new),
-    TEST_DECL(test_wolfSSL_EVP_ENCODE_CTX_free),
-    TEST_DECL(test_wolfSSL_EVP_EncodeInit),
-    TEST_DECL(test_wolfSSL_EVP_EncodeUpdate),
-    TEST_DECL(test_wolfSSL_EVP_EncodeFinal),
-    TEST_DECL(test_wolfSSL_EVP_DecodeInit),
-    TEST_DECL(test_wolfSSL_EVP_DecodeUpdate),
-    TEST_DECL(test_wolfSSL_EVP_DecodeFinal),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_new_mac_key),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_new_CMAC_key),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_up_ref),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_derive),
+    TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey),
+    TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc),
+#ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_d2i_PUBKEY),
+#endif
+    TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams),
+    TEST_DECL(test_wolfSSL_i2d_PrivateKey),
+#if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
+#ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio),
+#endif /* !NO_BIO */
+#endif
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_assign),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_base_id),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_id),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_keygen),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY),
+#endif
+
+    TEST_DECL(test_EVP_PKEY_rsa),
+    TEST_DECL(test_EVP_PKEY_ec),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_rsa),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_dsa),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify_ec),
+    TEST_DECL(test_EVP_PKEY_cmp),
+
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_EVP_SignInit_ex),
+    TEST_DECL(test_wolfSSL_EVP_PKEY_param_check),
+    TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free),
+#endif
+
+    TEST_DECL(test_wolfSSL_EVP_PBE_scrypt),
+
     TEST_DECL(test_wolfSSL_CTX_add_extra_chain_cert),
 #if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
     TEST_DECL(test_wolfSSL_ERR_peek_last_error_line),
@@ -67094,12 +69511,17 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wc_ERR_print_errors_fp),
 #endif
     TEST_DECL(test_wolfSSL_configure_args),
-    TEST_DECL(test_wolfSSL_set_options),
     TEST_DECL(test_wolfSSL_sk_SSL_CIPHER),
     TEST_DECL(test_wolfSSL_set1_curves_list),
     TEST_DECL(test_wolfSSL_set1_sigalgs_list),
 
+    TEST_DECL(test_wolfSSL_OtherName),
+    TEST_DECL(test_wolfSSL_FPKI),
+    TEST_DECL(test_wolfSSL_URI),
+    TEST_DECL(test_wolfSSL_TBS),
+
     TEST_DECL(test_wolfSSL_X509_STORE_CTX),
+    TEST_DECL(test_X509_STORE_untrusted),
     TEST_DECL(test_wolfSSL_X509_STORE_CTX_trusted_stack_cleanup),
     TEST_DECL(test_wolfSSL_X509_STORE_CTX_get0_current_issuer),
     TEST_DECL(test_wolfSSL_X509_STORE_set_flags),
@@ -67123,38 +69545,96 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_X509_cmp_time),
     TEST_DECL(test_wolfSSL_X509_time_adj),
 
+    /* X509 tests */
+    TEST_DECL(test_wolfSSL_X509_subject_name_hash),
+    TEST_DECL(test_wolfSSL_X509_issuer_name_hash),
+    TEST_DECL(test_wolfSSL_X509_check_host),
+    TEST_DECL(test_wolfSSL_X509_check_email),
+    TEST_DECL(test_wolfSSL_X509_check_private_key),
     TEST_DECL(test_wolfSSL_X509),
     TEST_DECL(test_wolfSSL_X509_VERIFY_PARAM),
     TEST_DECL(test_wolfSSL_X509_sign),
     TEST_DECL(test_wolfSSL_X509_sign2),
+    TEST_DECL(test_wolfSSL_X509_verify),
     TEST_DECL(test_wolfSSL_X509_get0_tbs_sigalg),
     TEST_DECL(test_wolfSSL_X509_ALGOR_get0),
     TEST_DECL(test_wolfSSL_X509_get_X509_PUBKEY),
     TEST_DECL(test_wolfSSL_X509_PUBKEY_RSA),
     TEST_DECL(test_wolfSSL_X509_PUBKEY_EC),
     TEST_DECL(test_wolfSSL_X509_PUBKEY_DSA),
+    TEST_DECL(test_wolfSSL_PEM_write_bio_X509),
+    TEST_DECL(test_wolfSSL_X509_NAME_get_entry),
+    TEST_DECL(test_wolfSSL_X509_NAME),
+    TEST_DECL(test_wolfSSL_X509_NAME_hash),
+    TEST_DECL(test_wolfSSL_X509_NAME_print_ex),
+    TEST_DECL(test_wolfSSL_X509_NAME_ENTRY),
+    TEST_DECL(test_wolfSSL_X509_set_name),
+    TEST_DECL(test_wolfSSL_X509_set_notAfter),
+    TEST_DECL(test_wolfSSL_X509_set_notBefore),
+    TEST_DECL(test_wolfSSL_X509_set_version),
+    TEST_DECL(test_wolfSSL_X509_get_serialNumber),
+    TEST_DECL(test_wolfSSL_X509_CRL),
+    TEST_DECL(test_wolfSSL_i2d_X509),
+    TEST_DECL(test_wolfSSL_d2i_X509_REQ),
+    TEST_DECL(test_wolfSSL_PEM_read_X509),
+    TEST_DECL(test_wolfSSL_X509_check_ca),
+    TEST_DECL(test_wolfSSL_X509_check_ip_asc),
+    TEST_DECL(test_wolfSSL_make_cert),
 
-    TEST_DECL(test_wolfSSL_msgCb),
-    TEST_DECL(test_wolfSSL_either_side),
-    TEST_DECL(test_wolfSSL_DTLS_either_side),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_dtls_fragments),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_dtls_AEAD_limit),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_ignore_alert_before_cookie),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_dtls_bad_record),
-    /* Uses Assert in handshake callback. */
-    TEST_DECL(test_wolfSSL_dtls_stateless),
-    TEST_DECL(test_generate_cookie),
+#ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_X509_INFO_multiple_info),
+    TEST_DECL(test_wolfSSL_X509_INFO),
+    TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio),
+#endif
 
-    /* RAND compatability API */
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_X509_PUBKEY_get),
+#endif
+
+    TEST_DECL(test_wolfSSL_X509_CA_num),
+    TEST_DECL(test_wolfSSL_X509_get_version),
+#ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_X509_print),
+    TEST_DECL(test_wolfSSL_X509_CRL_print),
+#endif
+    TEST_DECL(test_X509_get_signature_nid),
+    /* X509 extension testing. */
+    TEST_DECL(test_wolfSSL_X509_get_extension_flags),
+    TEST_DECL(test_wolfSSL_X509_get_ext),
+    TEST_DECL(test_wolfSSL_X509_get_ext_by_NID),
+    TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name),
+    TEST_DECL(test_wolfSSL_X509_get_ext_count),
+    TEST_DECL(test_wolfSSL_X509_EXTENSION_new),
+    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object),
+    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data),
+    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical),
+    TEST_DECL(test_wolfSSL_X509V3_EXT_get),
+    TEST_DECL(test_wolfSSL_X509V3_EXT_nconf),
+    TEST_DECL(test_wolfSSL_X509V3_EXT),
+    TEST_DECL(test_wolfSSL_X509V3_EXT_print),
+    TEST_DECL(test_wolfSSL_X509_cmp),
+
+    TEST_DECL(test_GENERAL_NAME_set0_othername),
+    TEST_DECL(test_othername_and_SID_ext),
+    TEST_DECL(test_wolfSSL_dup_CA_list),
+    /* OpenSSL sk_X509 API test */
+    TEST_DECL(test_sk_X509),
+    /* OpenSSL sk_X509_CRL API test */
+    TEST_DECL(test_sk_X509_CRL),
+
+    /* OpenSSL X509 REQ API test */
+    TEST_DECL(test_X509_REQ),
+
+    /* OpenSSL compatibility outside SSL context w/ CRL lookup directory */
+    TEST_DECL(test_X509_STORE_No_SSL_CTX),
+    TEST_DECL(test_X509_LOOKUP_add_dir),
+
+    /* RAND compatibility API */
     TEST_DECL(test_wolfSSL_RAND_set_rand_method),
     TEST_DECL(test_wolfSSL_RAND_bytes),
     TEST_DECL(test_wolfSSL_RAND),
 
-    /* BN compatability API */
+    /* BN compatibility API */
     TEST_DECL(test_wolfSSL_BN_CTX),
     TEST_DECL(test_wolfSSL_BN),
     TEST_DECL(test_wolfSSL_BN_init),
@@ -67168,31 +69648,29 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_BN_rand),
     TEST_DECL(test_wolfSSL_BN_prime),
 
-    TEST_DECL(test_wolfSSL_CTX_get0_set1_param),
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_PEM_read_bio),
-    TEST_DECL(test_wolfSSL_BIO),
-#endif
-    TEST_DECL(test_wolfSSL_a2i_IPADDRESS),
-    TEST_DECL(test_wolfSSL_BUF),
-    TEST_DECL(test_wolfSSL_set_tlsext_status_type),
-    /* Can't memory test as server hangs. */
-    TEST_DECL(test_wolfSSL_CTX_set_client_CA_list),
-    TEST_DECL(test_wolfSSL_CTX_add_client_CA),
-    TEST_DECL(test_wolfSSL_CTX_set_srp_username),
-    TEST_DECL(test_wolfSSL_CTX_set_srp_password),
-    TEST_DECL(test_wolfSSL_CTX_set_keylog_callback),
-    TEST_DECL(test_wolfSSL_CTX_get_keylog_callback),
-    TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test),
-    /* Can't memory test as server hangs. */
-    TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test),
-    TEST_DECL(test_wolfSSL_Tls13_postauth),
-    TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto),
-    TEST_DECL(test_wolfSSL_set_minmax_proto_version),
-    TEST_DECL(test_wolfSSL_CTX_set_max_proto_version),
-    TEST_DECL(test_wolfSSL_THREADID_hash),
+    /* OpenSSL PKCS5 API test */
+    TEST_DECL(test_wolfSSL_PKCS5),
+
+    /* OpenSSL PKCS8 API test */
     TEST_DECL(test_wolfSSL_PKCS8_Compat),
     TEST_DECL(test_wolfSSL_PKCS8_d2i),
+
+    /* OpenSSL PKCS7 API test */
+    TEST_DECL(test_wolfssl_PKCS7),
+    TEST_DECL(test_wolfSSL_PKCS7_certs),
+    TEST_DECL(test_wolfSSL_PKCS7_sign),
+    TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new),
+#ifndef NO_BIO
+    TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7),
+#ifdef HAVE_SMIME
+    TEST_DECL(test_wolfSSL_SMIME_read_PKCS7),
+    TEST_DECL(test_wolfSSL_SMIME_write_PKCS7),
+#endif /* HAVE_SMIME */
+#endif /* !NO_BIO */
+
+    /* OpenSSL PKCS12 API test */
+    TEST_DECL(test_wolfSSL_PKCS12),
+
     /* Can't memory test as callbacks use Assert. */
     TEST_DECL(test_error_queue_per_thread),
     TEST_DECL(test_wolfSSL_ERR_put_error),
@@ -67200,20 +69678,16 @@ TEST_CASE testCases[] = {
 #ifndef NO_BIO
     TEST_DECL(test_wolfSSL_ERR_print_errors),
 #endif
-    TEST_DECL(test_wolfSSL_HMAC),
-    TEST_DECL(test_wolfSSL_CMAC),
+
+    TEST_DECL(test_OBJ_NAME_do_all),
     TEST_DECL(test_wolfSSL_OBJ),
     TEST_DECL(test_wolfSSL_OBJ_cmp),
     TEST_DECL(test_wolfSSL_OBJ_txt2nid),
     TEST_DECL(test_wolfSSL_OBJ_txt2obj),
-    TEST_DECL(test_wolfSSL_PEM_write_bio_X509),
-    TEST_DECL(test_wolfSSL_X509_NAME_ENTRY),
-    TEST_DECL(test_GENERAL_NAME_set0_othername),
-    TEST_DECL(test_othername_and_SID_ext),
-    TEST_DECL(test_wolfSSL_X509_set_name),
-    TEST_DECL(test_wolfSSL_X509_set_notAfter),
-    TEST_DECL(test_wolfSSL_X509_set_notBefore),
-    TEST_DECL(test_wolfSSL_X509_set_version),
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_OBJ_ln),
+    TEST_DECL(test_wolfSSL_OBJ_sn),
+#endif
 
 #ifndef NO_BIO
     TEST_DECL(test_wolfSSL_BIO_gets),
@@ -67222,76 +69696,33 @@ TEST_CASE testCases[] = {
     /* Can't memory test as server hangs. */
     TEST_DECL(test_wolfSSL_BIO_should_retry),
     TEST_DECL(test_wolfSSL_BIO_write),
-    /* Can't memory test as server hangs. */
-    TEST_DECL(test_wolfSSL_BIO_connect),
-    /* Can't memory test as server Asserts in thread. */
-    TEST_DECL(test_wolfSSL_BIO_accept),
     TEST_DECL(test_wolfSSL_BIO_printf),
     TEST_DECL(test_wolfSSL_BIO_f_md),
     TEST_DECL(test_wolfSSL_BIO_up_ref),
     TEST_DECL(test_wolfSSL_BIO_reset),
-    TEST_DECL(test_wolfSSL_BIO_tls),
+    TEST_DECL(test_wolfSSL_BIO_get_len),
 #endif
 
-    /* Converted above to use Expect unless where stated. */
 #if defined(OPENSSL_EXTRA) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    /* Converted to use Expect. */
     TEST_DECL(test_wolfSSL_check_domain),
 #endif
-    /* Converted to use Expect. */
     TEST_DECL(test_wolfSSL_cert_cb),
+    TEST_DECL(test_wolfSSL_cert_cb_dyn_ciphers),
+    TEST_DECL(test_wolfSSL_ciphersuite_auth),
+    TEST_DECL(test_wolfSSL_sigalg_info),
+    /* Can't memory test as tcp_connect aborts. */
     TEST_DECL(test_wolfSSL_SESSION),
-    /* Converted to use Expect. */
+    TEST_DECL(test_wolfSSL_SESSION_expire_downgrade),
     TEST_DECL(test_wolfSSL_CTX_sess_set_remove_cb),
     TEST_DECL(test_wolfSSL_ticket_keys),
-    TEST_DECL(test_wolfSSL_DES_ecb_encrypt),
     TEST_DECL(test_wolfSSL_sk_GENERAL_NAME),
     TEST_DECL(test_wolfSSL_GENERAL_NAME_print),
     TEST_DECL(test_wolfSSL_sk_DIST_POINT),
-    TEST_DECL(test_wolfSSL_MD4),
     TEST_DECL(test_wolfSSL_verify_mode),
     TEST_DECL(test_wolfSSL_verify_depth),
-    TEST_DECL(test_wolfSSL_HMAC_CTX),
+    TEST_DECL(test_wolfSSL_verify_result),
     TEST_DECL(test_wolfSSL_msg_callback),
-    TEST_DECL(test_wolfSSL_SHA),
-    TEST_DECL(test_wolfSSL_AES_ecb_encrypt),
-    TEST_DECL(test_wolfSSL_MD5),
-    TEST_DECL(test_wolfSSL_MD5_Transform),
-    TEST_DECL(test_wolfSSL_SHA_Transform),
-    TEST_DECL(test_wolfSSL_SHA256),
-    TEST_DECL(test_wolfSSL_SHA256_Transform),
-    TEST_DECL(test_wolfSSL_SHA224),
-    TEST_DECL(test_wolfSSL_SHA512_Transform),
-    TEST_DECL(test_wolfSSL_X509_get_serialNumber),
-    TEST_DECL(test_wolfSSL_X509_CRL),
-    TEST_DECL(test_wolfSSL_d2i_X509_REQ),
-    TEST_DECL(test_wolfSSL_PEM_read_X509),
-    TEST_DECL(test_wolfSSL_PEM_read),
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_PEM_X509_INFO_read_bio),
-#endif
-    TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms),
-    TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf),
-    TEST_DECL(test_wolfSSL_X509_check_ca),
-    TEST_DECL(test_wolfSSL_X509_check_ip_asc),
-    TEST_DECL(test_wolfSSL_make_cert),
-    TEST_DECL(test_wolfSSL_DES_ncbc),
-    TEST_DECL(test_wolfSSL_AES_cbc_encrypt),
-    TEST_DECL(test_wolfSSL_CRYPTO_cts128),
-    TEST_DECL(test_wolfssl_EVP_aes_gcm_AAD_2_parts),
-    TEST_DECL(test_wolfssl_EVP_aes_gcm),
-    TEST_DECL(test_wolfssl_EVP_aes_gcm_zeroLen),
-    TEST_DECL(test_wolfssl_EVP_aes_ccm),
-    TEST_DECL(test_wolfssl_EVP_aes_ccm_zeroLen),
-    TEST_DECL(test_wolfssl_EVP_chacha20_poly1305),
-    TEST_DECL(test_wolfssl_EVP_chacha20),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_hkdf),
-    TEST_DECL(test_wolfSSL_PKEY_up_ref),
-    TEST_DECL(test_wolfSSL_EVP_Cipher_extra),
-    TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey),
-    TEST_DECL(test_wolfSSL_d2i_and_i2d_PublicKey_ecc),
-    TEST_DECL(test_wolfSSL_d2i_and_i2d_DSAparams),
-    TEST_DECL(test_wolfSSL_i2d_PrivateKey),
+
     TEST_DECL(test_wolfSSL_OCSP_id_get0_info),
     TEST_DECL(test_wolfSSL_i2d_OCSP_CERTID),
     TEST_DECL(test_wolfSSL_d2i_OCSP_CERTID),
@@ -67300,88 +69731,74 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_OCSP_single_get0_status),
     TEST_DECL(test_wolfSSL_OCSP_resp_count),
     TEST_DECL(test_wolfSSL_OCSP_resp_get0),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_derive),
-    TEST_DECL(test_wolfSSL_EVP_PBE_scrypt),
+
+    TEST_DECL(test_wolfSSL_PEM_read),
+
+    TEST_DECL(test_wolfSSL_OpenSSL_version),
+    TEST_DECL(test_wolfSSL_OpenSSL_add_all_algorithms),
+    TEST_DECL(test_wolfSSL_OPENSSL_hexstr2buf),
+
     TEST_DECL(test_CONF_modules_xxx),
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_TXT_DB),
+    TEST_DECL(test_wolfSSL_NCONF),
+#endif
+
+    TEST_DECL(test_wolfSSL_CRYPTO_memcmp),
+    TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index),
+    TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index),
     TEST_DECL(test_CRYPTO_set_dynlock_xxx),
     TEST_DECL(test_CRYPTO_THREADID_xxx),
     TEST_DECL(test_ENGINE_cleanup),
+    /* test the no op functions for compatibility */
+    TEST_DECL(test_no_op_functions),
+    /* OpenSSL error API tests */
+    TEST_DECL(test_ERR_load_crypto_strings),
+
 #ifdef OPENSSL_ALL
-    TEST_DECL(test_wolfSSL_X509_PUBKEY_get),
     TEST_DECL(test_wolfSSL_sk_CIPHER_description),
     TEST_DECL(test_wolfSSL_get_ciphers_compat),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DSA),
-    TEST_DECL(test_wolfSSL_DSA_SIG),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_set1_get1_DH),
+
     TEST_DECL(test_wolfSSL_CTX_ctrl),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_assign),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_base_id),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_id),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_paramgen),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_keygen),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_keygen_init),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_missing_parameters),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_copy_parameters),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_iv_length),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_key_length),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_key_length),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX_set_iv),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_CTX_new_id),
-    TEST_DECL(test_wolfSSL_EVP_rc4),
-    TEST_DECL(test_wolfSSL_EVP_enc_null),
-    TEST_DECL(test_wolfSSL_EVP_rc2_cbc),
-    TEST_DECL(test_wolfSSL_EVP_mdc2),
-    TEST_DECL(test_wolfSSL_EVP_md4),
-    TEST_DECL(test_wolfSSL_EVP_aes_256_gcm),
-    TEST_DECL(test_wolfSSL_EVP_aes_192_gcm),
-    TEST_DECL(test_wolfSSL_EVP_aes_256_ccm),
-    TEST_DECL(test_wolfSSL_EVP_aes_192_ccm),
-    TEST_DECL(test_wolfSSL_EVP_aes_128_ccm),
-    TEST_DECL(test_wolfSSL_EVP_ripemd160),
-    TEST_DECL(test_wolfSSL_EVP_get_digestbynid),
-    TEST_DECL(test_wolfSSL_EVP_MD_nid),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_get0_EC_KEY),
-    TEST_DECL(test_wolfSSL_EVP_X_STATE),
-    TEST_DECL(test_wolfSSL_EVP_X_STATE_LEN),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_block_size),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_iv_length),
-    TEST_DECL(test_wolfSSL_EVP_SignInit_ex),
-    TEST_DECL(test_wolfSSL_EVP_DigestFinal_ex),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_assign_DH),
-    TEST_DECL(test_wolfSSL_EVP_BytesToKey),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_param_check),
-    TEST_DECL(test_wolfSSL_QT_EVP_PKEY_CTX_free),
-    TEST_DECL(test_evp_cipher_aes_gcm),
-    TEST_DECL(test_wolfSSL_OBJ_ln),
-    TEST_DECL(test_wolfSSL_OBJ_sn),
-    TEST_DECL(test_wolfSSL_TXT_DB),
-    TEST_DECL(test_wolfSSL_NCONF),
 #endif /* OPENSSL_ALL */
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_d2i_PUBKEY),
-#endif
 #if (defined(OPENSSL_ALL) || defined(WOLFSSL_ASIO)) && !defined(NO_RSA)
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_d2i_PrivateKeys_bio),
-#endif /* !NO_BIO */
     TEST_DECL(test_wolfSSL_CTX_use_certificate_ASN1),
 #endif /* (OPENSSL_ALL || WOLFSSL_ASIO) && !NO_RSA */
-    TEST_DECL(test_wolfSSL_X509_CA_num),
-    TEST_DECL(test_wolfSSL_X509_get_version),
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_X509_print),
-    TEST_DECL(test_wolfSSL_X509_CRL_print),
-    TEST_DECL(test_wolfSSL_BIO_get_len),
-#endif
+
+    /*********************************
+     * Crypto API tests
+     *********************************/
+
+    TEST_DECL(test_wolfSSL_MD4),
+    TEST_DECL(test_wolfSSL_MD5),
+    TEST_DECL(test_wolfSSL_MD5_Transform),
+    TEST_DECL(test_wolfSSL_SHA),
+    TEST_DECL(test_wolfSSL_SHA_Transform),
+    TEST_DECL(test_wolfSSL_SHA224),
+    TEST_DECL(test_wolfSSL_SHA256),
+    TEST_DECL(test_wolfSSL_SHA256_Transform),
+    TEST_DECL(test_wolfSSL_SHA512_Transform),
+    TEST_DECL(test_wolfSSL_SHA512_224_Transform),
+    TEST_DECL(test_wolfSSL_SHA512_256_Transform),
+    TEST_DECL(test_wolfSSL_HMAC_CTX),
+    TEST_DECL(test_wolfSSL_HMAC),
+    TEST_DECL(test_wolfSSL_CMAC),
+
+    TEST_DECL(test_wolfSSL_DES),
+    TEST_DECL(test_wolfSSL_DES_ncbc),
+    TEST_DECL(test_wolfSSL_DES_ecb_encrypt),
+    TEST_DECL(test_wolfSSL_DES_ede3_cbc_encrypt),
+    TEST_DECL(test_wolfSSL_AES_encrypt),
+    TEST_DECL(test_wolfSSL_AES_ecb_encrypt),
+    TEST_DECL(test_wolfSSL_AES_cbc_encrypt),
+    TEST_DECL(test_wolfSSL_AES_cfb128_encrypt),
+    TEST_DECL(test_wolfSSL_CRYPTO_cts128),
+    TEST_DECL(test_wolfSSL_RC4),
 
     TEST_DECL(test_wolfSSL_RSA),
     TEST_DECL(test_wolfSSL_RSA_DER),
     TEST_DECL(test_wolfSSL_RSA_print),
-#ifndef NO_RSA
     TEST_DECL(test_wolfSSL_RSA_padding_add_PKCS1_PSS),
-#endif
     TEST_DECL(test_wolfSSL_RSA_sign_sha3),
     TEST_DECL(test_wolfSSL_RSA_get0_key),
     TEST_DECL(test_wolfSSL_RSA_meth),
@@ -67418,6 +69835,7 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_wolfSSL_EC_GROUP),
     TEST_DECL(test_wolfSSL_PEM_read_bio_ECPKParameters),
     TEST_DECL(test_wolfSSL_EC_POINT),
+    TEST_DECL(test_wolfSSL_SPAKE),
     TEST_DECL(test_wolfSSL_EC_KEY_generate),
     TEST_DECL(test_EC_i2d),
     TEST_DECL(test_wolfSSL_EC_curve),
@@ -67433,78 +69851,60 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_ECDH_compute_key),
 #endif
 
-    TEST_DECL(test_wolfSSL_X509V3_EXT_get),
-    TEST_DECL(test_wolfSSL_X509V3_EXT_nconf),
-    TEST_DECL(test_wolfSSL_X509V3_EXT),
-    TEST_DECL(test_wolfSSL_X509_get_extension_flags),
-    TEST_DECL(test_wolfSSL_X509_get_ext),
-    TEST_DECL(test_wolfSSL_X509_get_ext_by_NID),
-    TEST_DECL(test_wolfSSL_X509_get_ext_subj_alt_name),
-    TEST_DECL(test_wolfSSL_X509_get_ext_count),
-    TEST_DECL(test_wolfSSL_X509_EXTENSION_new),
-    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_object),
-    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_data),
-    TEST_DECL(test_wolfSSL_X509_EXTENSION_get_critical),
-    TEST_DECL(test_wolfSSL_X509V3_EXT_print),
-    TEST_DECL(test_wolfSSL_X509_cmp),
+#ifdef OPENSSL_EXTRA
+    TEST_DECL(test_ED25519),
+    TEST_DECL(test_ED448),
+#endif
+
+    TEST_DECL(test_DSA_do_sign_verify),
+#ifdef OPENSSL_ALL
+    TEST_DECL(test_wolfSSL_DSA_generate_parameters),
+    TEST_DECL(test_wolfSSL_DSA_SIG),
+#endif
+
     TEST_DECL(test_openssl_generate_key_and_cert),
-    TEST_DECL(test_wolfSSL_CRYPTO_memcmp),
-    TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect),
-    /* test the no op functions for compatibility */
-    TEST_DECL(test_no_op_functions),
 
-    /* OpenSSL EVP_PKEY API tests */
-    TEST_DECL(test_EVP_PKEY_rsa),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_encrypt),
-    TEST_DECL(test_wolfSSL_EVP_PKEY_sign_verify),
-    TEST_DECL(test_EVP_PKEY_ec),
-    TEST_DECL(test_EVP_PKEY_cmp),
-    /* OpenSSL error API tests */
-    TEST_DECL(test_ERR_load_crypto_strings),
-    /* OpenSSL sk_X509 API test */
-    TEST_DECL(test_sk_X509),
-    /* OpenSSL sk_X509_CRL API test */
-    TEST_DECL(test_sk_X509_CRL),
-    /* OpenSSL X509 API test */
-    TEST_DECL(test_X509_get_signature_nid),
-    /* OpenSSL X509 REQ API test */
-    TEST_DECL(test_X509_REQ),
-    /* OpenSSL PKCS7 API test */
-    TEST_DECL(test_wolfssl_PKCS7),
-    /* Converted to use Expect. */
-    TEST_DECL(test_wolfSSL_PKCS7_certs),
-    TEST_DECL(test_wolfSSL_PKCS7_sign),
-    TEST_DECL(test_wolfSSL_PKCS7_SIGNED_new),
-#ifndef NO_BIO
-    TEST_DECL(test_wolfSSL_PEM_write_bio_PKCS7),
-#ifdef HAVE_SMIME
-    TEST_DECL(test_wolfSSL_SMIME_read_PKCS7),
-    TEST_DECL(test_wolfSSL_SMIME_write_PKCS7),
-#endif /* HAVE_SMIME */
-#endif /* !NO_BIO */
+    TEST_DECL(test_wolfSSL_FIPS_mode),
+    TEST_DECL(test_openssl_FIPS_drbg),
 
-    /* OpenSSL compatibility outside SSL context w/ CRL lookup directory */
-    TEST_DECL(test_X509_STORE_No_SSL_CTX),
-    TEST_DECL(test_X509_LOOKUP_add_dir),
+    /*********************************
+     * CertManager API tests
+     *********************************/
 
-    /* wolfCrypt ASN tests */
-    TEST_DECL(test_wc_CreateEncryptedPKCS8Key),
-    TEST_DECL(test_wc_GetPkcs8TraditionalOffset),
-    TEST_DECL(test_wc_SetSubjectRaw),
-    TEST_DECL(test_wc_GetSubjectRaw),
-    TEST_DECL(test_wc_SetIssuerRaw),
-    TEST_DECL(test_wc_SetIssueBuffer),
-    TEST_DECL(test_wc_SetSubjectKeyId),
-    TEST_DECL(test_wc_SetSubject),
-    TEST_DECL(test_CheckCertSignature),
-    TEST_DECL(test_wc_ParseCert),
-    TEST_DECL(test_wc_ParseCert_Error),
-    TEST_DECL(test_MakeCertWithPathLen),
+    TEST_DECL(test_wolfSSL_CertManagerAPI),
+    TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer),
+    TEST_DECL(test_wolfSSL_CertManagerLoadCABuffer_ex),
+    TEST_DECL(test_wolfSSL_CertManagerGetCerts),
+    TEST_DECL(test_wolfSSL_CertManagerSetVerify),
+    TEST_DECL(test_wolfSSL_CertManagerNameConstraint),
+    TEST_DECL(test_wolfSSL_CertManagerNameConstraint2),
+    TEST_DECL(test_wolfSSL_CertManagerNameConstraint3),
+    TEST_DECL(test_wolfSSL_CertManagerNameConstraint4),
+    TEST_DECL(test_wolfSSL_CertManagerNameConstraint5),
+    TEST_DECL(test_wolfSSL_CertManagerCRL),
+    TEST_DECL(test_wolfSSL_CertManagerCheckOCSPResponse),
+    TEST_DECL(test_wolfSSL_CheckOCSPResponse),
+#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
+    !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+                           !defined(WOLFSSL_NO_CLIENT_AUTH))
+    TEST_DECL(test_various_pathlen_chains),
+#endif
 
-    /* wolfCrypt ECC tests */
-    TEST_DECL(test_wc_ecc_get_curve_size_from_name),
-    TEST_DECL(test_wc_ecc_get_curve_id_from_name),
-    TEST_DECL(test_wc_ecc_get_curve_id_from_params),
+    /*********************************
+     * SSL/TLS API tests
+     *********************************/
+
+    TEST_DECL(test_wolfSSL_Method_Allocators),
+#ifndef NO_WOLFSSL_SERVER
+    TEST_DECL(test_wolfSSL_CTX_new),
+#endif
+    TEST_DECL(test_server_wolfSSL_new),
+    TEST_DECL(test_client_wolfSSL_new),
+#if (!defined(NO_WOLFSSL_CLIENT) || !defined(NO_WOLFSSL_SERVER)) && \
+    (!defined(NO_RSA) || defined(HAVE_ECC)) && !defined(NO_FILESYSTEM)
+    TEST_DECL(test_for_double_Free),
+#endif
+    TEST_DECL(test_wolfSSL_set_options),
 
 #ifdef WOLFSSL_TLS13
     /* TLS v1.3 API tests */
@@ -67512,363 +69912,218 @@ TEST_CASE testCases[] = {
     TEST_DECL(test_tls13_cipher_suites),
 #endif
 
-#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
-    !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
-    /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
-    /* Bad certificate signature tests */
-    TEST_DECL(test_EccSigFailure_cm),
-    TEST_DECL(test_RsaSigFailure_cm),
-#endif /* NO_CERTS */
-
-#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
-    /* Converted to use Expect. */
-    TEST_DECL(test_DhCallbacks),
-#endif
-
-#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
-    /* Converted to use Expect. */
-    TEST_DECL(test_export_keying_material),
-#endif
+    TEST_DECL(test_wolfSSL_tmp_dh),
+    TEST_DECL(test_wolfSSL_ctrl),
 
-    TEST_DECL(test_wolfSSL_CTX_get_min_proto_version),
 #if defined(OPENSSL_ALL) || (defined(OPENSSL_EXTRA) && \
     (defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
     defined(HAVE_LIGHTY) || defined(WOLFSSL_HAPROXY) || \
     defined(WOLFSSL_OPENSSH) || defined(HAVE_SBLIM_SFCB)))
     TEST_DECL(test_wolfSSL_set_SSL_CTX),
 #endif
-
+    TEST_DECL(test_wolfSSL_CTX_get_min_proto_version),
     TEST_DECL(test_wolfSSL_security_level),
     TEST_DECL(test_wolfSSL_SSL_in_init),
     TEST_DECL(test_wolfSSL_CTX_set_timeout),
-    TEST_DECL(test_wolfSSL_OpenSSL_version),
     TEST_DECL(test_wolfSSL_set_psk_use_session_callback),
-    TEST_DECL(test_ticket_and_psk_mixing),
-    TEST_DECL(test_prioritize_psk),
 
     TEST_DECL(test_CONF_CTX_FILE),
     TEST_DECL(test_CONF_CTX_CMDLINE),
-    TEST_DECL(test_wolfSSL_CRYPTO_get_ex_new_index),
-    TEST_DECL(test_wolfSSL_SESSION_get_ex_new_index),
-
-    /* wolfcrypt */
-    TEST_DECL(test_wolfCrypt_Init),
-    TEST_DECL(test_wc_InitMd5),
-    TEST_DECL(test_wc_Md5Update),
-    TEST_DECL(test_wc_Md5Final),
-    TEST_DECL(test_wc_InitSha),
-    TEST_DECL(test_wc_ShaUpdate),
-    TEST_DECL(test_wc_ShaFinal),
-    TEST_DECL(test_wc_InitSha256),
-    TEST_DECL(test_wc_Sha256Update),
-    TEST_DECL(test_wc_Sha256Final),
-    TEST_DECL(test_wc_Sha256FinalRaw),
-    TEST_DECL(test_wc_Sha256GetFlags),
-    TEST_DECL(test_wc_Sha256Free),
-    TEST_DECL(test_wc_Sha256GetHash),
-    TEST_DECL(test_wc_Sha256Copy),
-    TEST_DECL(test_wc_InitSha512),
-    TEST_DECL(test_wc_Sha512Update),
-    TEST_DECL(test_wc_Sha512Final),
-    TEST_DECL(test_wc_Sha512GetFlags),
-    TEST_DECL(test_wc_Sha512FinalRaw),
-    TEST_DECL(test_wc_Sha512Free),
-    TEST_DECL(test_wc_Sha512GetHash),
-    TEST_DECL(test_wc_Sha512Copy),
-
-    TEST_DECL(test_wc_InitSha512_224),
-    TEST_DECL(test_wc_Sha512_224Update),
-    TEST_DECL(test_wc_Sha512_224Final),
-    TEST_DECL(test_wc_Sha512_224GetFlags),
-    TEST_DECL(test_wc_Sha512_224FinalRaw),
-    TEST_DECL(test_wc_Sha512_224Free),
-    TEST_DECL(test_wc_Sha512_224GetHash),
-    TEST_DECL(test_wc_Sha512_224Copy),
-    TEST_DECL(test_wc_InitSha512_256),
-    TEST_DECL(test_wc_Sha512_256Update),
-    TEST_DECL(test_wc_Sha512_256Final),
-    TEST_DECL(test_wc_Sha512_256GetFlags),
-    TEST_DECL(test_wc_Sha512_256FinalRaw),
-    TEST_DECL(test_wc_Sha512_256Free),
-    TEST_DECL(test_wc_Sha512_256GetHash),
-    TEST_DECL(test_wc_Sha512_256Copy),
-
-    TEST_DECL(test_wc_InitSha384),
-    TEST_DECL(test_wc_Sha384Update),
-    TEST_DECL(test_wc_Sha384Final),
-    TEST_DECL(test_wc_Sha384GetFlags),
-    TEST_DECL(test_wc_Sha384FinalRaw),
-    TEST_DECL(test_wc_Sha384Free),
-    TEST_DECL(test_wc_Sha384GetHash),
-    TEST_DECL(test_wc_Sha384Copy),
-    TEST_DECL(test_wc_InitSha224),
-    TEST_DECL(test_wc_Sha224Update),
-    TEST_DECL(test_wc_Sha224Final),
-    TEST_DECL(test_wc_Sha224SetFlags),
-    TEST_DECL(test_wc_Sha224GetFlags),
-    TEST_DECL(test_wc_Sha224Free),
-    TEST_DECL(test_wc_Sha224GetHash),
-    TEST_DECL(test_wc_Sha224Copy),
-    TEST_DECL(test_wc_InitBlake2b),
-    TEST_DECL(test_wc_InitBlake2b_WithKey),
-    TEST_DECL(test_wc_InitBlake2s_WithKey),
-    TEST_DECL(test_wc_InitRipeMd),
-    TEST_DECL(test_wc_RipeMdUpdate),
-    TEST_DECL(test_wc_RipeMdFinal),
 
-    TEST_DECL(test_wc_InitSha3),
-    TEST_DECL(testing_wc_Sha3_Update),
-    TEST_DECL(test_wc_Sha3_224_Final),
-    TEST_DECL(test_wc_Sha3_256_Final),
-    TEST_DECL(test_wc_Sha3_384_Final),
-    TEST_DECL(test_wc_Sha3_512_Final),
-    TEST_DECL(test_wc_Sha3_224_Copy),
-    TEST_DECL(test_wc_Sha3_256_Copy),
-    TEST_DECL(test_wc_Sha3_384_Copy),
-    TEST_DECL(test_wc_Sha3_512_Copy),
-    TEST_DECL(test_wc_Sha3_GetFlags),
-    TEST_DECL(test_wc_InitShake256),
-    TEST_DECL(testing_wc_Shake256_Update),
-    TEST_DECL(test_wc_Shake256_Final),
-    TEST_DECL(test_wc_Shake256_Copy),
-    TEST_DECL(test_wc_Shake256Hash),
-
-    TEST_DECL(test_wc_Md5HmacSetKey),
-    TEST_DECL(test_wc_Md5HmacUpdate),
-    TEST_DECL(test_wc_Md5HmacFinal),
-    TEST_DECL(test_wc_ShaHmacSetKey),
-    TEST_DECL(test_wc_ShaHmacUpdate),
-    TEST_DECL(test_wc_ShaHmacFinal),
-    TEST_DECL(test_wc_Sha224HmacSetKey),
-    TEST_DECL(test_wc_Sha224HmacUpdate),
-    TEST_DECL(test_wc_Sha224HmacFinal),
-    TEST_DECL(test_wc_Sha256HmacSetKey),
-    TEST_DECL(test_wc_Sha256HmacUpdate),
-    TEST_DECL(test_wc_Sha256HmacFinal),
-    TEST_DECL(test_wc_Sha384HmacSetKey),
-    TEST_DECL(test_wc_Sha384HmacUpdate),
-    TEST_DECL(test_wc_Sha384HmacFinal),
-
-    TEST_DECL(test_wc_HashInit),
-    TEST_DECL(test_wc_HashSetFlags),
-    TEST_DECL(test_wc_HashGetFlags),
+#if !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
+    !defined(WOLFSSL_NO_CLIENT_AUTH)) && !defined(NO_FILESYSTEM)
+    /* Use the Cert Manager(CM) API to generate the error ASN_SIG_CONFIRM_E */
+    /* Bad certificate signature tests */
+    TEST_DECL(test_EccSigFailure_cm),
+    TEST_DECL(test_RsaSigFailure_cm),
+#endif /* NO_CERTS */
 
-    TEST_DECL(test_wc_InitCmac),
-    TEST_DECL(test_wc_CmacUpdate),
-    TEST_DECL(test_wc_CmacFinal),
-    TEST_DECL(test_wc_AesCmacGenerate),
-    TEST_DECL(test_wc_AesGcmStream),
+    /* PKCS8 testing */
+    TEST_DECL(test_wolfSSL_no_password_cb),
+    TEST_DECL(test_wolfSSL_PKCS8),
+    TEST_DECL(test_wolfSSL_PKCS8_ED25519),
+    TEST_DECL(test_wolfSSL_PKCS8_ED448),
 
-    TEST_DECL(test_wc_Des3_SetIV),
-    TEST_DECL(test_wc_Des3_SetKey),
-    TEST_DECL(test_wc_Des3_CbcEncryptDecrypt),
-    TEST_DECL(test_wc_Des3_CbcEncryptDecryptWithKey),
-    TEST_DECL(test_wc_Des3_EcbEncrypt),
-    TEST_DECL(test_wc_Chacha_SetKey),
-    TEST_DECL(test_wc_Chacha_Process),
-    TEST_DECL(test_wc_ChaCha20Poly1305_aead),
-    TEST_DECL(test_wc_Poly1305SetKey),
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+    TEST_DECL(test_wolfSSL_get_finished),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_CTX_add_session),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls13),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls13),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls12),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls12),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_tls11),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_add_session_ext_dtls1),
+#endif
+    TEST_DECL(test_SSL_CIPHER_get_xxx),
+    TEST_DECL(test_wolfSSL_ERR_strings),
+    TEST_DECL(test_wolfSSL_CTX_set_cipher_list_bytes),
+    TEST_DECL(test_wolfSSL_CTX_use_certificate_file),
+    TEST_DECL(test_wolfSSL_CTX_use_certificate_buffer),
+    TEST_DECL(test_wolfSSL_CTX_use_PrivateKey_file),
+    TEST_DECL(test_wolfSSL_CTX_load_verify_locations),
+    /* Large number of memory allocations. */
+    TEST_DECL(test_wolfSSL_CTX_load_system_CA_certs),
 
-    TEST_DECL(test_wc_CamelliaSetKey),
-    TEST_DECL(test_wc_CamelliaSetIV),
-    TEST_DECL(test_wc_CamelliaEncryptDecryptDirect),
-    TEST_DECL(test_wc_CamelliaCbcEncryptDecrypt),
+    TEST_DECL(test_wolfSSL_CertRsaPss),
+    TEST_DECL(test_wolfSSL_CTX_load_verify_locations_ex),
+    TEST_DECL(test_wolfSSL_CTX_load_verify_buffer_ex),
+    TEST_DECL(test_wolfSSL_CTX_load_verify_chain_buffer_format),
+    TEST_DECL(test_wolfSSL_CTX_add1_chain_cert),
+    TEST_DECL(test_wolfSSL_CTX_use_certificate_chain_file_format),
+    TEST_DECL(test_wolfSSL_CTX_trust_peer_cert),
+    TEST_DECL(test_wolfSSL_CTX_LoadCRL),
+    TEST_DECL(test_multiple_crls_same_issuer),
+    TEST_DECL(test_wolfSSL_CTX_SetTmpDH_file),
+    TEST_DECL(test_wolfSSL_CTX_SetTmpDH_buffer),
+    TEST_DECL(test_wolfSSL_CTX_SetMinMaxDhKey_Sz),
+    TEST_DECL(test_wolfSSL_CTX_der_load_verify_locations),
+    TEST_DECL(test_wolfSSL_CTX_enable_disable),
+    TEST_DECL(test_wolfSSL_CTX_ticket_API),
+    TEST_DECL(test_wolfSSL_SetTmpDH_file),
+    TEST_DECL(test_wolfSSL_SetTmpDH_buffer),
+    TEST_DECL(test_wolfSSL_SetMinMaxDhKey_Sz),
+    TEST_DECL(test_SetTmpEC_DHE_Sz),
+    TEST_DECL(test_wolfSSL_CTX_get0_privatekey),
+#ifdef WOLFSSL_DTLS
+    TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
+    TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
+#endif
+    TEST_DECL(test_wolfSSL_dtls_set_mtu),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_dtls_plaintext),
+#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES)
+    TEST_DECL(test_wolfSSL_read_write),
+    /* Can't memory test as server hangs if client fails before second connect.
+     */
+    TEST_DECL(test_wolfSSL_reuse_WOLFSSLobj),
+    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_1),
+    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_2),
+    TEST_DECL(test_wolfSSL_CTX_verifyDepth_ServerClient_3),
+    TEST_DECL(test_wolfSSL_CTX_set_cipher_list),
+    /* Can't memory test as server hangs. */
+    TEST_DECL(test_wolfSSL_dtls_export),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_tls_export),
+#endif
+    TEST_DECL(test_wolfSSL_dtls_export_peers),
+    TEST_DECL(test_wolfSSL_SetMinVersion),
+    TEST_DECL(test_wolfSSL_CTX_SetMinVersion),
 
-    TEST_DECL(test_wc_Arc4SetKey),
-    TEST_DECL(test_wc_Arc4Process),
+    /* wolfSSL handshake APIs. */
+    TEST_DECL(test_wolfSSL_CTX_get0_set1_param),
+    TEST_DECL(test_wolfSSL_a2i_IPADDRESS),
+    TEST_DECL(test_wolfSSL_BUF),
+    TEST_DECL(test_wolfSSL_set_tlsext_status_type),
+    /* Can't memory test as server hangs. */
+    TEST_DECL(test_wolfSSL_CTX_set_client_CA_list),
+    TEST_DECL(test_wolfSSL_CTX_add_client_CA),
+    TEST_DECL(test_wolfSSL_CTX_set_srp_username),
+    TEST_DECL(test_wolfSSL_CTX_set_srp_password),
+    TEST_DECL(test_wolfSSL_CTX_set_keylog_callback),
+    TEST_DECL(test_wolfSSL_CTX_get_keylog_callback),
+    TEST_DECL(test_wolfSSL_Tls12_Key_Logging_test),
+    /* Can't memory test as server hangs. */
+    TEST_DECL(test_wolfSSL_Tls13_Key_Logging_test),
+    TEST_DECL(test_wolfSSL_Tls13_postauth),
+    TEST_DECL(test_wolfSSL_CTX_set_ecdh_auto),
+    TEST_DECL(test_wolfSSL_set_minmax_proto_version),
+    TEST_DECL(test_wolfSSL_CTX_set_max_proto_version),
+    TEST_DECL(test_wolfSSL_THREADID_hash),
 
-    TEST_DECL(test_wc_Rc2SetKey),
-    TEST_DECL(test_wc_Rc2SetIV),
-    TEST_DECL(test_wc_Rc2EcbEncryptDecrypt),
-    TEST_DECL(test_wc_Rc2CbcEncryptDecrypt),
+    /* TLS extensions tests */
+#ifdef HAVE_IO_TESTS_DEPENDENCIES
+#ifdef HAVE_SNI
+    TEST_DECL(test_wolfSSL_UseSNI_params),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_UseSNI_connection),
+    TEST_DECL(test_wolfSSL_SNI_GetFromBuffer),
+#endif /* HAVE_SNI */
+#endif
+    TEST_DECL(test_wolfSSL_UseTrustedCA),
+    TEST_DECL(test_wolfSSL_UseMaxFragment),
+    TEST_DECL(test_wolfSSL_UseTruncatedHMAC),
+    TEST_DECL(test_wolfSSL_UseSupportedCurve),
+#if defined(HAVE_ALPN) && defined(HAVE_IO_TESTS_DEPENDENCIES)
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_UseALPN_connection),
+    TEST_DECL(test_wolfSSL_UseALPN_params),
+#endif
+#ifdef HAVE_ALPN_PROTOS_SUPPORT
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_set_alpn_protos),
+#endif
+    TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
+    TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
+    TEST_DECL(test_wolfSSL_SCR_Reconnect),
+    TEST_DECL(test_tls_ext_duplicate),
+#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) && \
+    defined(HAVE_IO_TESTS_DEPENDENCIES)
+    TEST_DECL(test_wolfSSL_Tls13_ECH_params),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_Tls13_ECH),
+#endif
 
-    TEST_DECL(test_wc_AesSetKey),
-    TEST_DECL(test_wc_AesSetIV),
-    TEST_DECL(test_wc_AesCbcEncryptDecrypt),
-    TEST_DECL(test_wc_AesCtrEncryptDecrypt),
-    TEST_DECL(test_wc_AesGcmSetKey),
-    TEST_DECL(test_wc_AesGcmEncryptDecrypt),
-    TEST_DECL(test_wc_AesGcmMixedEncDecLongIV),
-    TEST_DECL(test_wc_GmacSetKey),
-    TEST_DECL(test_wc_GmacUpdate),
-    TEST_DECL(test_wc_InitRsaKey),
-    TEST_DECL(test_wc_RsaPrivateKeyDecode),
-    TEST_DECL(test_wc_RsaPublicKeyDecode),
-    TEST_DECL(test_wc_RsaPublicKeyDecodeRaw),
-    TEST_DECL(test_wc_MakeRsaKey),
-    TEST_DECL(test_wc_SetKeyUsage),
+    TEST_DECL(test_wolfSSL_X509_TLS_version_test_1),
+    TEST_DECL(test_wolfSSL_X509_TLS_version_test_2),
 
-    TEST_DECL(test_wc_CheckProbablePrime),
-    TEST_DECL(test_wc_RsaPSS_Verify),
-    TEST_DECL(test_wc_RsaPSS_VerifyCheck),
-    TEST_DECL(test_wc_RsaPSS_VerifyCheckInline),
+    /* OCSP Stapling */
+    TEST_DECL(test_wolfSSL_UseOCSPStapling),
+    TEST_DECL(test_wolfSSL_UseOCSPStaplingV2),
+    TEST_DECL(test_self_signed_stapling),
 
-    TEST_DECL(test_wc_SetMutexCb),
-    TEST_DECL(test_wc_LockMutex_ex),
+    /* Multicast */
+    TEST_DECL(test_wolfSSL_mcast),
 
-    TEST_DECL(test_wc_RsaKeyToDer),
-    TEST_DECL(test_wc_RsaKeyToPublicDer),
-    TEST_DECL(test_wc_RsaPublicEncryptDecrypt),
-    TEST_DECL(test_wc_RsaPublicEncryptDecrypt_ex),
-    TEST_DECL(test_wc_RsaEncryptSize),
-    TEST_DECL(test_wc_RsaSSL_SignVerify),
-    TEST_DECL(test_wc_RsaFlattenPublicKey),
-    TEST_DECL(test_RsaDecryptBoundsCheck),
-    TEST_DECL(test_wc_AesCcmSetKey),
-    TEST_DECL(test_wc_AesCcmEncryptDecrypt),
-    TEST_DECL(test_wc_InitDsaKey),
-    TEST_DECL(test_wc_DsaSignVerify),
-    TEST_DECL(test_wc_DsaPublicPrivateKeyDecode),
-    TEST_DECL(test_wc_MakeDsaKey),
-    TEST_DECL(test_wc_DsaKeyToDer),
-    TEST_DECL(test_wc_DsaKeyToPublicDer),
-    TEST_DECL(test_wc_DsaImportParamsRaw),
-    TEST_DECL(test_wc_DsaImportParamsRawCheck),
-    TEST_DECL(test_wc_DsaExportParamsRaw),
-    TEST_DECL(test_wc_DsaExportKeyRaw),
+    TEST_DECL(test_wolfSSL_read_detect_TCP_disconnect),
 
-    TEST_DECL(test_wc_SignatureGetSize_ecc),
-    TEST_DECL(test_wc_SignatureGetSize_rsa),
-    /*
-     * test_wolfCrypt_Cleanup needs to come after the above wolfCrypt tests to
-     * avoid memory leaks.
-     */
-    TEST_DECL(test_wolfCrypt_Cleanup),
+    TEST_DECL(test_wolfSSL_msgCb),
+    TEST_DECL(test_wolfSSL_either_side),
+    TEST_DECL(test_wolfSSL_DTLS_either_side),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_dtls_fragments),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_dtls_AEAD_limit),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_ignore_alert_before_cookie),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_dtls_bad_record),
+    /* Uses Assert in handshake callback. */
+    TEST_DECL(test_wolfSSL_dtls_stateless),
+    TEST_DECL(test_generate_cookie),
 
-#ifdef OPENSSL_EXTRA
-    TEST_DECL(test_wolfSSL_EVP_get_cipherbynid),
-    TEST_DECL(test_wolfSSL_EVP_CIPHER_CTX),
-    TEST_DECL(test_ED25519),
-    TEST_DECL(test_ED448),
-#endif
-#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && \
-    !defined(HAVE_SELFTEST) && \
-    !(defined(HAVE_FIPS) || defined(HAVE_FIPS_VERSION))
-    TEST_DECL(test_wc_ecc_get_curve_id_from_dp_params),
+#ifndef NO_BIO
+    /* Can't memory test as server hangs. */
+    TEST_DECL(test_wolfSSL_BIO_connect),
+    /* Can't memory test as server Asserts in thread. */
+    TEST_DECL(test_wolfSSL_BIO_accept),
+    TEST_DECL(test_wolfSSL_BIO_tls),
 #endif
 
-#ifdef HAVE_HASHDRBG
-#ifdef TEST_RESEED_INTERVAL
-    TEST_DECL(test_wc_RNG_GenerateBlock_Reseed),
-#endif
-    TEST_DECL(test_wc_RNG_GenerateBlock),
+#if defined(HAVE_PK_CALLBACKS) && !defined(WOLFSSL_NO_TLS12)
+    TEST_DECL(test_DhCallbacks),
 #endif
-    TEST_DECL(test_get_rand_digit),
-    TEST_DECL(test_get_digit_count),
-    TEST_DECL(test_mp_cond_copy),
-    TEST_DECL(test_mp_rand),
-    TEST_DECL(test_get_digit),
-    TEST_DECL(test_wc_export_int),
-    TEST_DECL(test_wc_InitRngNonce),
-    TEST_DECL(test_wc_InitRngNonce_ex),
 
-    TEST_DECL(test_wc_ed25519_make_key),
-    TEST_DECL(test_wc_ed25519_init),
-    TEST_DECL(test_wc_ed25519_sign_msg),
-    TEST_DECL(test_wc_ed25519_import_public),
-    TEST_DECL(test_wc_ed25519_import_private_key),
-    TEST_DECL(test_wc_ed25519_export),
-    TEST_DECL(test_wc_ed25519_size),
-    TEST_DECL(test_wc_ed25519_exportKey),
-    TEST_DECL(test_wc_Ed25519PublicKeyToDer),
-    TEST_DECL(test_wc_curve25519_init),
-    TEST_DECL(test_wc_curve25519_size),
-    TEST_DECL(test_wc_curve25519_export_key_raw),
-    TEST_DECL(test_wc_curve25519_export_key_raw_ex),
-    TEST_DECL(test_wc_curve25519_make_key),
-    TEST_DECL(test_wc_curve25519_shared_secret_ex),
-    TEST_DECL(test_wc_curve25519_make_pub),
-    TEST_DECL(test_wc_curve25519_export_public_ex),
-    TEST_DECL(test_wc_curve25519_export_private_raw_ex),
-    TEST_DECL(test_wc_curve25519_import_private_raw_ex),
-    TEST_DECL(test_wc_curve25519_import_private),
-
-    TEST_DECL(test_wc_ed448_make_key),
-    TEST_DECL(test_wc_ed448_init),
-    TEST_DECL(test_wc_ed448_sign_msg),
-    TEST_DECL(test_wc_ed448_import_public),
-    TEST_DECL(test_wc_ed448_import_private_key),
-    TEST_DECL(test_wc_ed448_export),
-    TEST_DECL(test_wc_ed448_size),
-    TEST_DECL(test_wc_ed448_exportKey),
-    TEST_DECL(test_wc_Ed448PublicKeyToDer),
-    TEST_DECL(test_wc_curve448_make_key),
-    TEST_DECL(test_wc_curve448_shared_secret_ex),
-    TEST_DECL(test_wc_curve448_export_public_ex),
-    TEST_DECL(test_wc_curve448_export_private_raw_ex),
-    TEST_DECL(test_wc_curve448_export_key_raw),
-    TEST_DECL(test_wc_curve448_import_private_raw_ex),
-    TEST_DECL(test_wc_curve448_import_private),
-    TEST_DECL(test_wc_curve448_init),
-    TEST_DECL(test_wc_curve448_size),
-    TEST_DECL(test_wc_ecc_make_key),
-    TEST_DECL(test_wc_ecc_init),
-    TEST_DECL(test_wc_ecc_check_key),
-    TEST_DECL(test_wc_ecc_get_generator),
-    TEST_DECL(test_wc_ecc_size),
-    TEST_DECL(test_wc_ecc_params),
-    TEST_DECL(test_wc_ecc_signVerify_hash),
-    TEST_DECL(test_wc_ecc_shared_secret),
-    TEST_DECL(test_wc_ecc_export_x963),
-    TEST_DECL(test_wc_ecc_export_x963_ex),
-    TEST_DECL(test_wc_ecc_import_x963),
-    TEST_DECL(ecc_import_private_key),
-    TEST_DECL(test_wc_ecc_export_private_only),
-    TEST_DECL(test_wc_ecc_rs_to_sig),
-    TEST_DECL(test_wc_ecc_import_raw),
-    TEST_DECL(test_wc_ecc_import_unsigned),
-    TEST_DECL(test_wc_ecc_sig_size),
-    TEST_DECL(test_wc_ecc_ctx_new),
-    TEST_DECL(test_wc_ecc_ctx_reset),
-    TEST_DECL(test_wc_ecc_ctx_set_peer_salt),
-    TEST_DECL(test_wc_ecc_ctx_set_info),
-    TEST_DECL(test_wc_ecc_encryptDecrypt),
-    TEST_DECL(test_wc_ecc_del_point),
-    TEST_DECL(test_wc_ecc_pointFns),
-    TEST_DECL(test_wc_ecc_shared_secret_ssh),
-    TEST_DECL(test_wc_ecc_verify_hash_ex),
-    TEST_DECL(test_wc_ecc_mulmod),
-    TEST_DECL(test_wc_ecc_is_valid_idx),
-    TEST_DECL(test_wc_ecc_get_curve_id_from_oid),
-    TEST_DECL(test_wc_ecc_sig_size_calc),
+#if defined(HAVE_KEYING_MATERIAL) && defined(HAVE_SSL_MEMIO_TESTS_DEPENDENCIES)
+    TEST_DECL(test_export_keying_material),
+#endif
 
-    TEST_DECL(test_ToTraditional),
-    TEST_DECL(test_wc_EccPrivateKeyToDer),
-    TEST_DECL(test_wc_DhPublicKeyDecode),
-    TEST_DECL(test_wc_Ed25519KeyToDer),
-    TEST_DECL(test_wc_Ed25519PrivateKeyToDer),
-    TEST_DECL(test_wc_Ed448KeyToDer),
-    TEST_DECL(test_wc_Ed448PrivateKeyToDer),
-    TEST_DECL(test_wc_SetAuthKeyIdFromPublicKey_ex),
-    TEST_DECL(test_wc_SetSubjectBuffer),
-    TEST_DECL(test_wc_SetSubjectKeyIdFromPublicKey_ex),
+    /* Can't memory test as client/server Asserts in thread. */
+    TEST_DECL(test_ticket_and_psk_mixing),
+    /* Can't memory test as client/server Asserts in thread. */
+    TEST_DECL(test_prioritize_psk),
 
-    TEST_DECL(test_wc_PKCS7_New),
-    TEST_DECL(test_wc_PKCS7_Init),
-    TEST_DECL(test_wc_PKCS7_InitWithCert),
-    TEST_DECL(test_wc_PKCS7_EncodeData),
-    TEST_DECL(test_wc_PKCS7_EncodeSignedData),
-    TEST_DECL(test_wc_PKCS7_EncodeSignedData_ex),
-    TEST_DECL(test_wc_PKCS7_VerifySignedData),
-    TEST_DECL(test_wc_PKCS7_EncodeDecodeEnvelopedData),
-    TEST_DECL(test_wc_PKCS7_EncodeEncryptedData),
-    TEST_DECL(test_wc_PKCS7_Degenerate),
-    TEST_DECL(test_wc_PKCS7_BER),
-    TEST_DECL(test_PKCS7_signed_enveloped),
-    TEST_DECL(test_wc_PKCS7_NoDefaultSignedAttribs),
-    TEST_DECL(test_wc_PKCS7_SetOriEncryptCtx),
-    TEST_DECL(test_wc_PKCS7_SetOriDecryptCtx),
-    TEST_DECL(test_wc_PKCS7_DecodeCompressedData),
-    TEST_DECL(test_wc_i2d_PKCS12),
-    TEST_DECL(test_wolfSSL_CTX_LoadCRL),
-    TEST_DECL(test_openssl_FIPS_drbg),
+    /* Can't memory test as client/server hangs. */
     TEST_DECL(test_wc_CryptoCb),
+    /* Can't memory test as client/server hangs. */
     TEST_DECL(test_wolfSSL_CTX_StaticMemory),
-    TEST_DECL(test_wolfSSL_FIPS_mode),
-#ifdef WOLFSSL_DTLS
-    TEST_DECL(test_wolfSSL_DtlsUpdateWindow),
-    TEST_DECL(test_wolfSSL_DTLS_fragment_buckets),
-#endif
 #if !defined(NO_FILESYSTEM) &&                                                 \
      defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) &&                    \
     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
@@ -67886,41 +70141,51 @@ TEST_CASE testCases[] = {
 #endif /* ! NO_RSA */
 #endif /* defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) &&     \
         *  !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) */
-    /* Converted to use Expect. */
     TEST_DECL(test_wolfSSL_CTX_set_ciphersuites),
-    /* Converted to use Expect. */
     TEST_DECL(test_wolfSSL_CRL_CERT_REVOKED_alert),
-    /* Converted to use Expect. */
     TEST_DECL(test_TLS_13_ticket_different_ciphers),
     TEST_DECL(test_WOLFSSL_dtls_version_alert),
-    TEST_DECL(test_ForceZero),
 
-    TEST_DECL(test_wolfSSL_Cleanup),
 #if defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET)       \
     && defined(WOLFSSL_TLS13) &&                                               \
     (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))
     TEST_DECL(test_ticket_nonce_malloc),
 #endif
-#if !defined(NO_RSA) && !defined(NO_SHA) && !defined(NO_FILESYSTEM) && \
-    !defined(NO_CERTS) && (!defined(NO_WOLFSSL_CLIENT) || \
-                           !defined(WOLFSSL_NO_CLIENT_AUTH))
-    TEST_DECL(test_various_pathlen_chains),
-#endif
     TEST_DECL(test_ticket_ret_create),
     TEST_DECL(test_extra_alerts_wrong_cs),
     TEST_DECL(test_extra_alerts_skip_hs),
     TEST_DECL(test_extra_alerts_bad_psk),
+    /* Can't memory test as client/server Asserts. */
     TEST_DECL(test_harden_no_secure_renegotiation),
-    /* Converted to use Expect. */
     TEST_DECL(test_override_alt_cert_chain),
+    TEST_DECL(test_rpk_set_xxx_cert_type),
+    TEST_DECL(test_tls13_rpk_handshake),
     TEST_DECL(test_dtls13_bad_epoch_ch),
+    TEST_DECL(test_short_session_id),
     TEST_DECL(test_wolfSSL_dtls13_null_cipher),
+    /* Can't memory test as client/server hangs. */
     TEST_DECL(test_dtls_msg_from_other_peer),
     TEST_DECL(test_dtls_ipv6_check),
-    /* If at some point a stub get implemented this test should fail indicating
-     * a need to implement a new test case
-     */
-    TEST_DECL(test_stubs_are_stubs)
+    TEST_DECL(test_wolfSSL_SCR_after_resumption),
+    TEST_DECL(test_dtls_no_extensions),
+    TEST_DECL(test_TLSX_CA_NAMES_bad_extension),
+    TEST_DECL(test_dtls_1_0_hvr_downgrade),
+    TEST_DECL(test_session_ticket_no_id),
+    TEST_DECL(test_session_ticket_hs_update),
+    TEST_DECL(test_dtls_downgrade_scr_server),
+    TEST_DECL(test_dtls_downgrade_scr),
+    TEST_DECL(test_dtls_client_hello_timeout_downgrade),
+    TEST_DECL(test_dtls_client_hello_timeout),
+    TEST_DECL(test_dtls_dropped_ccs),
+    TEST_DECL(test_certreq_sighash_algos),
+    TEST_DECL(test_revoked_loaded_int_cert),
+    TEST_DECL(test_dtls_frag_ch),
+    TEST_DECL(test_dtls13_frag_ch_pq),
+    TEST_DECL(test_dtls_empty_keyshare_with_cookie),
+    TEST_DECL(test_tls13_pq_groups),
+    TEST_DECL(test_dtls13_early_data),
+    /* This test needs to stay at the end to clean up any caches allocated. */
+    TEST_DECL(test_wolfSSL_Cleanup)
 };
 
 #define TEST_CASE_CNT (int)(sizeof(testCases) / sizeof(*testCases))
@@ -68018,12 +70283,28 @@ static const char* apitest_res_string(int res)
 
 #ifndef WOLFSSL_UNIT_TEST_NO_TIMING
 static double gettime_secs(void)
-{
-    struct timeval tv;
-    LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+    #if defined(_MSC_VER) && defined(_WIN32)
+    {
+        /* there's no gettimeofday for Windows, so we'll use system time */
+        #define EPOCH_DIFF 11644473600LL
+        FILETIME currentFileTime;
+        GetSystemTimePreciseAsFileTime(&currentFileTime);
 
-    return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
-}
+        ULARGE_INTEGER uli = { 0, 0 };
+        uli.LowPart = currentFileTime.dwLowDateTime;
+        uli.HighPart = currentFileTime.dwHighDateTime;
+
+        /* Convert to seconds since Unix epoch */
+        return (double)((uli.QuadPart - (EPOCH_DIFF * 10000000)) / 10000000.0);
+    }
+    #else
+    {
+        struct timeval tv;
+        LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+
+        return (double)tv.tv_sec + (double)tv.tv_usec / 1000000.0;
+    }
+    #endif
 #endif
 
 int ApiTest(void)
@@ -68034,7 +70315,6 @@ int ApiTest(void)
 #ifndef WOLFSSL_UNIT_TEST_NO_TIMING
     double timeDiff;
 #endif
-    EXPECT_DECLS;
 
     printf(" Begin API Tests\n");
     fflush(stdout);
@@ -68054,8 +70334,26 @@ int ApiTest(void)
     #endif
     }
 
+    #ifdef WOLFSSL_DUMP_MEMIO_STREAM
+    if (res == 0) {
+        if (create_tmp_dir(tmpDirName, sizeof(tmpDirName) - 1) == NULL) {
+            printf("failed to create tmp dir\n");
+            res = 1;
+        }
+        else {
+            tmpDirNameSet = 1;
+        }
+    }
+    #endif
+
     if (res == 0) {
         for (i = 0; i < TEST_CASE_CNT; ++i) {
+            EXPECT_DECLS;
+
+        #ifdef WOLFSSL_DUMP_MEMIO_STREAM
+            currentTestName = testCases[i].name;
+        #endif
+
             /* When not testing all cases then skip if not marked for running.
              */
             if (!testAll && !testCases[i].run) {
@@ -68120,6 +70418,18 @@ int ApiTest(void)
         fflush(stdout);
     }
 
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+    if (tmpDirNameSet) {
+        printf("\nBinary dumps of the memio streams can be found in the\n"
+                "%s directory. This can be imported into\n"
+                "Wireshark by transforming the file with\n"
+                "\tod -Ax -tx1 -v stream.dump > stream.dump.hex\n"
+                "And then loading test_output.dump.hex into Wireshark using\n"
+                "the \"Import from Hex Dump...\" option and selecting the\n"
+                "TCP encapsulation option.\n", tmpDirName);
+    }
+#endif
+
     printf(" End API Tests\n");
     fflush(stdout);
     return res;
diff --git a/extra/wolfssl/wolfssl/tests/include.am b/extra/wolfssl/wolfssl/tests/include.am
index 54c40f63..5ed4fe40 100644
--- a/extra/wolfssl/wolfssl/tests/include.am
+++ b/extra/wolfssl/wolfssl/tests/include.am
@@ -29,7 +29,9 @@ EXTRA_DIST += tests/unit.h \
               tests/test-tls13-pq.conf \
               tests/test-tls13-pq-2.conf \
               tests/test-dtls13-pq.conf \
+              tests/test-dtls13-pq-frag.conf \
               tests/test-dtls13-pq-2.conf \
+              tests/test-dtls13-pq-2-frag.conf \
               tests/test-psk.conf \
               tests/test-psk-no-id.conf \
               tests/test-psk-no-id-sha2.conf \
@@ -66,7 +68,9 @@ EXTRA_DIST += tests/unit.h \
               tests/test-dhprime.conf \
               tests/test-p521.conf \
               tests/test-ecc-cust-curves.conf \
+              tests/test-sm2.conf \
               tests/NCONF_test.cnf \
               tests/test-tls-downgrade.conf \
-              tests/TXT_DB.txt
+              tests/TXT_DB.txt \
+              tests/utils.h
 DISTCLEANFILES+= tests/.libs/unit.test
diff --git a/extra/wolfssl/wolfssl/tests/quic.c b/extra/wolfssl/wolfssl/tests/quic.c
index 0661fda7..a0443439 100644
--- a/extra/wolfssl/wolfssl/tests/quic.c
+++ b/extra/wolfssl/wolfssl/tests/quic.c
@@ -543,10 +543,11 @@ static int ctx_send_alert(WOLFSSL *ssl, WOLFSSL_ENCRYPTION_LEVEL level, uint8_t
 {
     QuicTestContext *ctx = (QuicTestContext*)wolfSSL_get_app_data(ssl);
 
+    AssertNotNull(ctx);
+
     if (ctx->verbose) {
         printf("[%s] send_alert: level=%d, err=%d\n", ctx->name, level, err);
     }
-    AssertNotNull(ctx);
     ctx->alert_level = level;
     ctx->alert = alert;
     return 1;
@@ -559,6 +560,8 @@ static int ctx_session_ticket_cb(WOLFSSL* ssl,
 {
     QuicTestContext *ctx = (QuicTestContext*)wolfSSL_get_app_data(ssl);
 
+    AssertNotNull(ctx);
+
     (void)cb_ctx;
     if (ticketSz < 0 || (size_t)ticketSz > sizeof(ctx->ticket)) {
         printf("SESSION TICKET callback: ticket given is too large: %d bytes\n", ticketSz);
@@ -1154,7 +1157,7 @@ static int test_quic_server_hello(int verbose) {
     /* we have the app secrets */
     check_secrets(&tclient, wolfssl_encryption_application, 32, 32);
     check_secrets(&tserver, wolfssl_encryption_application, 32, 32);
-    /* verify client and server have the same secrets establishd */
+    /* verify client and server have the same secrets established */
     assert_secrets_EQ(&tclient, &tserver, wolfssl_encryption_handshake);
     assert_secrets_EQ(&tclient, &tserver, wolfssl_encryption_application);
     /* AEAD cipher should be known */
@@ -1535,6 +1538,8 @@ static int new_session_cb(WOLFSSL *ssl, WOLFSSL_SESSION *session)
     int ret = 0;
     int sz;
 
+    AssertNotNull(ctx);
+
     sz = wolfSSL_i2d_SSL_SESSION(session, NULL);
     if (sz <= 0) {
         printf("[%s] session serialization error: %d <- ", ctx->name, sz);
diff --git a/extra/wolfssl/wolfssl/tests/srp.c b/extra/wolfssl/wolfssl/tests/srp.c
index fa91237f..ef6aaad6 100644
--- a/extra/wolfssl/wolfssl/tests/srp.c
+++ b/extra/wolfssl/wolfssl/tests/srp.c
@@ -208,6 +208,7 @@ static void test_SrpSetPassword(void)
     byte v[64];
     word32 vSz = 0;
 
+    XMEMSET(v, 0, sizeof(v));
     AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
     AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
 
@@ -262,6 +263,7 @@ static void test_SrpGetPublic(void)
     byte pub[64];
     word32 pubSz = 0;
 
+    XMEMSET(pub, 0, sizeof(pub));
     AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
     AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
     AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N,    sizeof(srp_N),
@@ -318,6 +320,8 @@ static void test_SrpComputeKey(void)
     word32 clientPubKeySz = 64;
     word32 serverPubKeySz = 64;
 
+    XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+    XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
     AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
     AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
 
@@ -388,6 +392,10 @@ static void test_SrpGetProofAndVerify(void)
     word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
     word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
 
+    XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+    XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
+    XMEMSET(clientProof, 0, sizeof(clientProof));
+    XMEMSET(serverProof, 0, sizeof(serverProof));
     AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
     AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
 
@@ -792,6 +800,10 @@ static void test_SrpKeyGenFunc_cb(void)
     };
 #endif
 
+    XMEMSET(clientPubKey, 0, sizeof(clientPubKey));
+    XMEMSET(serverPubKey, 0, sizeof(serverPubKey));
+    XMEMSET(clientProof, 0, sizeof(clientProof));
+    XMEMSET(serverProof, 0, sizeof(serverProof));
     AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA512, SRP_CLIENT_SIDE));
     AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA512, SRP_SERVER_SIDE));
 
diff --git a/extra/wolfssl/wolfssl/tests/suites.c b/extra/wolfssl/wolfssl/tests/suites.c
index f97d7edd..76aa4131 100644
--- a/extra/wolfssl/wolfssl/tests/suites.c
+++ b/extra/wolfssl/wolfssl/tests/suites.c
@@ -61,7 +61,8 @@
 #include "examples/client/client.h"
 #include "examples/server/server.h"
 
-#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+    !defined(SINGLE_THREADED)
 static WOLFSSL_CTX* cipherSuiteCtx = NULL;
 static char nonblockFlag[] = "-N";
 static char noVerifyFlag[] = "-d";
@@ -303,12 +304,8 @@ static int execute_test_case(int svr_argc, char** svr_argv,
                              int forceCliDefCipherList)
 {
 #if defined(WOLFSSL_TIRTOS) || defined(WOLFSSL_SRTP)
-    func_args cliArgs = {0};
-    func_args svrArgs = {0};
-    cliArgs.argc = cli_argc;
-    cliArgs.argv = cli_argv;
-    svrArgs.argc = svr_argc;
-    svrArgs.argv = svr_argv;
+    func_args cliArgs = {0, NULL, 0, NULL, NULL, NULL};
+    func_args svrArgs = {0, NULL, 0, NULL, NULL, NULL};
 #else
     func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL};
     func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL};
@@ -329,9 +326,17 @@ static int execute_test_case(int svr_argc, char** svr_argv,
     int         reqClientCert;
 #endif
 
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
     srtp_test_helper srtp_helper;
 #endif
+
+#if defined(WOLFSSL_TIRTOS) || defined(WOLFSSL_SRTP)
+    cliArgs.argc = cli_argc;
+    cliArgs.argv = cli_argv;
+    svrArgs.argc = svr_argc;
+    svrArgs.argv = svr_argv;
+#endif
+
     /* Is Valid Cipher and Version Checks */
     /* build command list for the Is checks below */
     commandLine[0] = '\0';
@@ -460,7 +465,7 @@ static int execute_test_case(int svr_argc, char** svr_argv,
 
     InitTcpReady(&ready);
 
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
     srtp_helper_init(&srtp_helper);
     cliArgs.srtp_helper = &srtp_helper;
     svrArgs.srtp_helper = &srtp_helper;
@@ -580,7 +585,7 @@ static int execute_test_case(int svr_argc, char** svr_argv,
 #endif
     FreeTcpReady(&ready);
 
-#if defined (WOLFSSL_SRTP) &&!defined(SINGLE_THREADED) &&  defined(_POSIX_THREADS)
+#if defined (WOLFSSL_SRTP) && defined(WOLFSSL_COND)
     srtp_helper_free(&srtp_helper);
 #endif
 
@@ -791,7 +796,8 @@ static void test_harness(void* vargs)
 int SuiteTest(int argc, char** argv)
 {
 #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
-    !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+    !defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
+    !defined(SINGLE_THREADED)
     func_args args;
     char argv0[3][80];
     char* myArgv[3];
@@ -964,10 +970,31 @@ int SuiteTest(int argc, char** argv)
         args.return_code = EXIT_FAILURE;
         goto exit;
     }
+    #ifdef WOLFSSL_DTLS_CH_FRAG
+    /* add DTLSv13 pq frag tests */
+    XSTRLCPY(argv0[1], "tests/test-dtls13-pq-frag.conf", sizeof(argv0[1]));
+    printf("starting DTLSv13 post-quantum groups tests with fragmentation\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+    #endif
     #ifdef HAVE_LIBOQS
-    /* add DTLSv13 pq tests */
+    /* add DTLSv13 pq 2 tests */
     XSTRLCPY(argv0[1], "tests/test-dtls13-pq-2.conf", sizeof(argv0[1]));
-    printf("starting DTLSv13 post-quantum groups tests\n");
+    printf("starting DTLSv13 post-quantum 2 groups tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+    #ifdef WOLFSSL_DTLS_CH_FRAG
+    /* add DTLSv13 pq 2 frag tests */
+    XSTRLCPY(argv0[1], "tests/test-dtls13-pq-2-frag.conf", sizeof(argv0[1]));
+    printf("starting DTLSv13 post-quantum 2 groups tests with fragmentation\n");
     test_harness(&args);
     if (args.return_code != 0) {
         printf("error from script %d\n", args.return_code);
@@ -976,6 +1003,7 @@ int SuiteTest(int argc, char** argv)
     }
     #endif
     #endif
+    #endif
 #endif
 #if defined(WC_RSA_PSS) && (!defined(HAVE_FIPS) || \
      (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) && \
@@ -1275,6 +1303,18 @@ int SuiteTest(int argc, char** argv)
     }
 #endif /* HAVE_RSA and HAVE_ECC */
 #endif /* !WC_STRICT_SIG */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3) && \
+    (defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM))
+    /* add SM2/SM3/SM4 test suites */
+    XSTRLCPY(argv0[1], "tests/test-sm2.conf", sizeof(argv0[1]));
+    printf("starting SM2/SM3/SM4 cipher suite tests\n");
+    test_harness(&args);
+    if (args.return_code != 0) {
+        printf("error from script %d\n", args.return_code);
+        args.return_code = EXIT_FAILURE;
+        goto exit;
+    }
+#endif
 #ifndef NO_PSK
     #ifndef WOLFSSL_NO_TLS12
         #if !defined(NO_RSA) || defined(HAVE_ECC)
diff --git a/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf
new file mode 100644
index 00000000..6ea8317d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-2-frag.conf
@@ -0,0 +1,23 @@
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P384_KYBER_LEVEL3
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P384_KYBER_LEVEL3
+
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P521_KYBER_LEVEL5
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc P521_KYBER_LEVEL5
diff --git a/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf
new file mode 100644
index 00000000..01aaf477
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-dtls13-pq-frag.conf
@@ -0,0 +1,24 @@
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL3
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL3
+
+# server DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL5
+
+# client DTLSv1.3 with post-quantum group
+-u
+-v 4
+-l TLS13-AES256-GCM-SHA384
+--pqc KYBER_LEVEL5
+
diff --git a/extra/wolfssl/wolfssl/tests/test-sm2.conf b/extra/wolfssl/wolfssl/tests/test-sm2.conf
new file mode 100644
index 00000000..d492e252
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/test-sm2.conf
@@ -0,0 +1,189 @@
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-GCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-GCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CCM-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# Enable when CRL for SM2 certificates available.
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# Enable when CRL for SM2 certificates available.
+# server TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/server-sm2.pem
+-k ./certs/sm2/server-sm2-priv.pem
+-A ./certs/sm2/client-sm2.pem
+-V
+# Remove -V when CRL for SM2 certificates available.
+
+# client TLSv1.3 TLS13-SM4-CCM-SM3
+-v 4
+-l TLS13-SM4-CCM-SM3
+-c ./certs/sm2/client-sm2.pem
+-k ./certs/sm2/client-sm2-priv.pem
+-A ./certs/sm2/root-sm2.pem
+-C
+
+# GmSSL certificates and keys
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-d
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-C
+
+# server TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-A ./certs/sm2/self-sm2-cert.pem
+-V
+
+# client TLSv1.2 ECDHE-ECDSA-SM4-CBC-SM3
+-v 3
+-l ECDHE-ECDSA-SM4-CBC-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-d
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-C
+
+# server TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-A ./certs/sm2/self-sm2-cert.pem
+-V
+
+# client TLSv1.3 TLS13-SM4-GCM-SM3
+-v 4
+-l TLS13-SM4-GCM-SM3
+-A ./certs/sm2/self-sm2-cert.pem
+-c ./certs/sm2/self-sm2-cert.pem
+-k ./certs/sm2/self-sm2-priv.pem
+-C
diff --git a/extra/wolfssl/wolfssl/tests/unit.c b/extra/wolfssl/wolfssl/tests/unit.c
index 0f54f7a7..00bac225 100644
--- a/extra/wolfssl/wolfssl/tests/unit.c
+++ b/extra/wolfssl/wolfssl/tests/unit.c
@@ -27,6 +27,7 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #include <stdio.h>
 #include <tests/unit.h>
@@ -270,75 +271,3 @@ exit:
 
     return ret;
 }
-
-
-
-void wait_tcp_ready(func_args* args)
-{
-#ifdef SINGLE_THREADED
-    (void)args;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&args->signal->mutex));
-
-    if (!args->signal->ready)
-        PTHREAD_CHECK_RET(pthread_cond_wait(&args->signal->cond,
-                                            &args->signal->mutex));
-    args->signal->ready = 0; /* reset */
-
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&args->signal->mutex));
-#else
-    (void)args;
-#endif
-}
-
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#ifdef SINGLE_THREADED
-    (void)fun;
-    (void)args;
-    (void)thread;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_create(thread, 0, fun, args));
-    return;
-#elif defined (WOLFSSL_TIRTOS)
-    /* Initialize the defaults and set the parameters. */
-    Task_Params taskParams;
-    Task_Params_init(&taskParams);
-    taskParams.arg0 = (UArg)args;
-    taskParams.stackSize = 65535;
-    *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
-    if (*thread == NULL) {
-        fprintf(stderr, "Failed to create new Task\n");
-    }
-    Task_yield();
-#else
-    *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
-#endif
-}
-
-
-void join_thread(THREAD_TYPE thread)
-{
-#ifdef SINGLE_THREADED
-    (void)thread;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_join(thread, 0));
-#elif defined (WOLFSSL_TIRTOS)
-    while(1) {
-        if (Task_getMode(thread) == Task_Mode_TERMINATED) {
-            Task_sleep(5);
-            break;
-        }
-        Task_yield();
-    }
-#else
-    int res = WaitForSingleObject((HANDLE)thread, INFINITE);
-    assert(res == WAIT_OBJECT_0);
-    res = CloseHandle((HANDLE)thread);
-    assert(res);
-    (void)res; /* Suppress un-used variable warning */
-#endif
-}
-
-
diff --git a/extra/wolfssl/wolfssl/tests/unit.h b/extra/wolfssl/wolfssl/tests/unit.h
index 53e25ab7..185fc22d 100644
--- a/extra/wolfssl/wolfssl/tests/unit.h
+++ b/extra/wolfssl/wolfssl/tests/unit.h
@@ -27,7 +27,7 @@
 #include <wolfssl/test.h>    /* thread and tcp stuff */
 
 #ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
-#define XABORT()
+#define XABORT() WC_DO_NOTHING
 #else
 #define XABORT() abort()
 #endif
@@ -99,17 +99,17 @@
 #else
 
 #define AssertPtr(x, y, op, er) do {                                           \
-    PRAGMA_GCC_DIAG_PUSH;                                                      \
+    PRAGMA_GCC_DIAG_PUSH                                                       \
       /* remarkably, without this inhibition, */                               \
       /* the _Pragma()s make the declarations warn. */                         \
-    PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\"");    \
+    PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\"")     \
       /* inhibit "ISO C forbids conversion of function pointer */              \
       /* to object pointer type [-Werror=pedantic]" */                         \
-    PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"");                       \
+    PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\"")                        \
     void* _x = (void*)(x);                                                     \
     void* _y = (void*)(y);                                                     \
     Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));    \
-    PRAGMA_GCC_DIAG_POP;                                                       \
+    PRAGMA_GCC_DIAG_POP                                                        \
 } while(0)
 
 #endif
@@ -123,38 +123,40 @@
 
 
 #define EXPECT_DECLS \
-    int _ret = 0
+    int _ret = TEST_SKIPPED
 #define EXPECT_RESULT() \
-    ((_ret == 0) ? TEST_SUCCESS : TEST_FAIL)
+    _ret
 #define EXPECT_SUCCESS() \
-    (_ret == 0)
+    (_ret == TEST_SUCCESS)
 #define EXPECT_FAIL() \
-    (_ret != 0)
+    (_ret == TEST_FAIL)
 
 #define ExpFail(description, result) do {                                      \
     printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__);           \
     fputs("\n    expected: ", stdout); printf description;                     \
     fputs("\n    result:   ", stdout); printf result; fputs("\n\n", stdout);   \
     fflush(stdout);                                                            \
-    _ret = -1;                                                                 \
+    _ret = TEST_FAIL;                                                          \
 } while (0)
 
-#define Expect(test, description, result)                                      \
-    if ((_ret == 0) && (!(test))) ExpFail(description, result)
+#define Expect(test, description, result) do {                                 \
+    if (_ret != TEST_FAIL) { if (!(test)) ExpFail(description, result);        \
+                             else _ret = TEST_SUCCESS; }                       \
+} while (0)
 
 #define ExpectTrue(x)    Expect( (x), ("%s is true",     #x), (#x " => FALSE"))
 #define ExpectFalse(x)   Expect(!(x), ("%s is false",    #x), (#x " => TRUE"))
 #define ExpectNotNull(x) Expect( (x), ("%s is not null", #x), (#x " => NULL"))
 
 #define ExpectNull(x) do {                                                     \
-    if (_ret == 0) {                                                           \
+    if (_ret != TEST_FAIL) {                                                   \
         PEDANTIC_EXTENSION void* _x = (void*)(x);                              \
         Expect(!_x, ("%s is null", #x), (#x " => %p", _x));                    \
     }                                                                          \
 } while(0)
 
 #define ExpectInt(x, y, op, er) do {                                           \
-    if (_ret == 0) {                                                           \
+    if (_ret != TEST_FAIL) {                                                   \
         int _x = (int)(x);                                                     \
         int _y = (int)(y);                                                     \
         Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));\
@@ -169,10 +171,10 @@
 #define ExpectIntLE(x, y) ExpectInt(x, y, <=,  >)
 
 #define ExpectStr(x, y, op, er) do {                                           \
-    if (_ret == 0) {                                                           \
+    if (_ret != TEST_FAIL) {                                                   \
         const char* _x = (const char*)(x);                                     \
         const char* _y = (const char*)(y);                                     \
-        int         _z = (_x && _y) ? strcmp(_x, _y) : -1;                     \
+        int         _z = (_x && _y) ? XSTRCMP(_x, _y) : -1;                    \
         Expect(_z op 0, ("%s " #op " %s", #x, #y),                             \
                                             ("\"%s\" " #er " \"%s\"", _x, _y));\
     }                                                                          \
@@ -186,18 +188,18 @@
 #define ExpectStrLE(x, y) ExpectStr(x, y, <=,  >)
 
 #define ExpectPtr(x, y, op, er) do {                                           \
-    if (_ret == 0) {                                                           \
-        PRAGMA_DIAG_PUSH;                                                      \
+    if (_ret != TEST_FAIL) {                                                   \
+        PRAGMA_DIAG_PUSH                                                       \
           /* remarkably, without this inhibition, */                           \
           /* the _Pragma()s make the declarations warn. */                     \
-        PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\"");    \
+        PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\"")     \
           /* inhibit "ISO C forbids conversion of function pointer */          \
           /* to object pointer type [-Werror=pedantic]" */                     \
-        PRAGMA("GCC diagnostic ignored \"-Wpedantic\"");                       \
+        PRAGMA("GCC diagnostic ignored \"-Wpedantic\"")                        \
         void* _x = (void*)(x);                                                 \
         void* _y = (void*)(y);                                                 \
         Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));\
-        PRAGMA_DIAG_POP;                                                       \
+        PRAGMA_DIAG_POP                                                        \
     }                                                                          \
 } while(0)
 
@@ -209,7 +211,7 @@
 #define ExpectPtrLE(x, y) ExpectPtr(x, y, <=,  >)
 
 #define ExpectBuf(x, y, z, op, er) do {                                        \
-    if (_ret == 0) {                                                           \
+    if (_ret != TEST_FAIL) {                                                   \
         const byte* _x = (const byte*)(x);                                     \
         const byte* _y = (const byte*)(y);                                     \
         int         _z = (int)(z);                                             \
@@ -222,6 +224,74 @@
 #define ExpectBufEQ(x, y, z) ExpectBuf(x, y, z, ==, !=)
 #define ExpectBufNE(x, y, z) ExpectBuf(x, y, z, !=, ==)
 
+#define ExpectFail() ExpectTrue(0)
+
+
+#define DoExpectNull(x) do {                                                   \
+    PEDANTIC_EXTENSION void* _x = (void*)(x);                                  \
+    Expect(!_x, ("%s is null", #x), (#x " => %p", _x));                        \
+} while(0)
+
+#define DoExpectInt(x, y, op, er) do {                                         \
+    int _x = (int)(x);                                                         \
+    int _y = (int)(y);                                                         \
+    Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y));    \
+} while(0)
+
+#define DoExpectIntEQ(x, y) DoExpectInt(x, y, ==, !=)
+#define DoExpectIntNE(x, y) DoExpectInt(x, y, !=, ==)
+#define DoExpectIntGT(x, y) DoExpectInt(x, y,  >, <=)
+#define DoExpectIntLT(x, y) DoExpectInt(x, y,  <, >=)
+#define DoExpectIntGE(x, y) DoExpectInt(x, y, >=,  <)
+#define DoExpectIntLE(x, y) DoExpectInt(x, y, <=,  >)
+
+#define DoExpectStr(x, y, op, er) do {                                         \
+    const char* _x = (const char*)(x);                                         \
+    const char* _y = (const char*)(y);                                         \
+    int         _z = (_x && _y) ? strcmp(_x, _y) : -1;                         \
+    Expect(_z op 0, ("%s " #op " %s", #x, #y),                                 \
+                                            ("\"%s\" " #er " \"%s\"", _x, _y));\
+} while(0)
+
+#define DoExpectStrEQ(x, y) DoExpectStr(x, y, ==, !=)
+#define DoExpectStrNE(x, y) DoExpectStr(x, y, !=, ==)
+#define DoExpectStrGT(x, y) DoExpectStr(x, y,  >, <=)
+#define DoExpectStrLT(x, y) DoExpectStr(x, y,  <, >=)
+#define DoExpectStrGE(x, y) DoExpectStr(x, y, >=,  <)
+#define DoExpectStrLE(x, y) DoExpectStr(x, y, <=,  >)
+
+#define DoExpectPtr(x, y, op, er) do {                                         \
+    PRAGMA_DIAG_PUSH                                                           \
+      /* remarkably, without this inhibition, */                               \
+      /* the _Pragma()s make the declarations warn. */                         \
+    PRAGMA("GCC diagnostic ignored \"-Wdeclaration-after-statement\"")         \
+      /* inhibit "ISO C forbids conversion of function pointer */              \
+      /* to object pointer type [-Werror=pedantic]" */                         \
+    PRAGMA("GCC diagnostic ignored \"-Wpedantic\"")                            \
+    void* _x = (void*)(x);                                                     \
+    void* _y = (void*)(y);                                                     \
+    Expect(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y));    \
+    PRAGMA_DIAG_POP                                                            \
+} while(0)
+
+#define DoExpectPtrEq(x, y) DoExpectPtr(x, y, ==, !=)
+#define DoExpectPtrNE(x, y) DoExpectPtr(x, y, !=, ==)
+#define DoExpectPtrGT(x, y) DoExpectPtr(x, y,  >, <=)
+#define DoExpectPtrLT(x, y) DoExpectPtr(x, y,  <, >=)
+#define DoExpectPtrGE(x, y) DoExpectPtr(x, y, >=,  <)
+#define DoExpectPtrLE(x, y) DoExpectPtr(x, y, <=,  >)
+
+#define DoExpectBuf(x, y, z, op, er) do {                                      \
+    const byte* _x = (const byte*)(x);                                         \
+    const byte* _y = (const byte*)(y);                                         \
+    int         _z = (int)(z);                                                 \
+    int         _w = ((_x) && (_y)) ? XMEMCMP(_x, _y, _z) : -1;                \
+    Expect(_w op 0, ("%s " #op " %s for %s", #x, #y, #z),                      \
+                             ("\"%p\" " #er " \"%p\" for \"%d\"", _x, _y, _z));\
+} while(0)
+
+#define DoExpectBufEQ(x, y, z) DoExpectBuf(x, y, z, ==, !=)
+#define DoExpectBufNE(x, y, z) DoExpectBuf(x, y, z, !=, ==)
 
 void ApiTest_PrintTestCases(void);
 int ApiTest_RunIdx(int idx);
diff --git a/extra/wolfssl/wolfssl/tests/utils.h b/extra/wolfssl/wolfssl/tests/utils.h
new file mode 100644
index 00000000..46b16e2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/tests/utils.h
@@ -0,0 +1,385 @@
+/* utils.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <tests/unit.h>
+
+#ifndef NO_FILESYSTEM
+
+#ifdef _MSC_VER
+#include <direct.h>
+#endif
+
+#define TMP_DIR_PREFIX "tmpDir-"
+/* len is length of tmpDir name, assuming
+ * len does not include null terminating character */
+char* create_tmp_dir(char *tmpDir, int len)
+{
+    if (len < (int)XSTR_SIZEOF(TMP_DIR_PREFIX))
+        return NULL;
+
+    XMEMCPY(tmpDir, TMP_DIR_PREFIX, XSTR_SIZEOF(TMP_DIR_PREFIX));
+
+    if (mymktemp(tmpDir, len, len - XSTR_SIZEOF(TMP_DIR_PREFIX)) == NULL)
+        return NULL;
+
+#ifdef _MSC_VER
+    if (_mkdir(tmpDir) != 0)
+        return NULL;
+#elif defined(__MINGW32__)
+    if (mkdir(tmpDir) != 0)
+        return NULL;
+#else
+    if (mkdir(tmpDir, 0700) != 0)
+        return NULL;
+#endif
+
+    return tmpDir;
+}
+
+int rem_dir(const char* dirName)
+{
+#ifdef _MSC_VER
+    if (_rmdir(dirName) != 0)
+        return -1;
+#else
+    if (rmdir(dirName) != 0)
+        return -1;
+#endif
+    return 0;
+}
+
+int rem_file(const char* fileName)
+{
+#ifdef _MSC_VER
+    if (_unlink(fileName) != 0)
+        return -1;
+#else
+    if (unlink(fileName) != 0)
+        return -1;
+#endif
+    return 0;
+}
+
+int copy_file(const char* in, const char* out)
+{
+    byte buf[100];
+    XFILE inFile = XBADFILE;
+    XFILE outFile = XBADFILE;
+    size_t sz;
+    int ret = -1;
+
+    inFile = XFOPEN(in, "rb");
+    if (inFile == XBADFILE)
+        goto cleanup;
+
+    outFile = XFOPEN(out, "wb");
+    if (outFile == XBADFILE)
+        goto cleanup;
+
+    while ((sz = XFREAD(buf, 1, sizeof(buf), inFile)) != 0) {
+        if (XFWRITE(buf, 1, sz, outFile) != sz)
+            goto cleanup;
+    }
+
+    ret = 0;
+cleanup:
+    if (inFile != XBADFILE)
+        XFCLOSE(inFile);
+    if (outFile != XBADFILE)
+        XFCLOSE(outFile);
+    return ret;
+}
+#endif /* !NO_FILESYSTEM */
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_RSA) && \
+    !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT)
+
+/* This set of memio functions allows for more fine tuned control of the TLS
+ * connection operations. For new tests, try to use ssl_memio first. */
+
+/* To dump the memory in gdb use
+ *   dump memory client.bin test_ctx.c_buff test_ctx.c_buff+test_ctx.c_len
+ *   dump memory server.bin test_ctx.s_buff test_ctx.s_buff+test_ctx.s_len
+ * This can be imported into Wireshark by transforming the file with
+ *   od -Ax -tx1 -v client.bin > client.bin.hex
+ *   od -Ax -tx1 -v server.bin > server.bin.hex
+ * And then loading test_output.dump.hex into Wireshark using the
+ * "Import from Hex Dump..." option ion and selecting the TCP
+ * encapsulation option.
+ */
+
+#define HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES
+
+#define TEST_MEMIO_BUF_SZ (64 * 1024)
+struct test_memio_ctx
+{
+    byte c_buff[TEST_MEMIO_BUF_SZ];
+    int c_len;
+    const char* c_ciphers;
+    byte s_buff[TEST_MEMIO_BUF_SZ];
+    int s_len;
+    const char* s_ciphers;
+};
+
+int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
+    int max_rounds, int *rounds);
+int test_memio_setup(struct test_memio_ctx *ctx,
+    WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
+    method_provider method_c, method_provider method_s);
+
+static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
+    void *ctx)
+{
+    struct test_memio_ctx *test_ctx;
+    byte *buf;
+    int *len;
+
+    test_ctx = (struct test_memio_ctx*)ctx;
+
+    if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
+        buf = test_ctx->c_buff;
+        len = &test_ctx->c_len;
+    }
+    else {
+        buf = test_ctx->s_buff;
+        len = &test_ctx->s_len;
+    }
+
+    if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
+        return WOLFSSL_CBIO_ERR_WANT_WRITE;
+
+#ifdef WOLFSSL_DUMP_MEMIO_STREAM
+    {
+        WOLFSSL_BIO *dump_file = wolfSSL_BIO_new_file("test_memio.dump", "a");
+        if (dump_file != NULL) {
+            (void)wolfSSL_BIO_write(dump_file, data, sz);
+            wolfSSL_BIO_free(dump_file);
+        }
+    }
+#endif
+    XMEMCPY(buf + *len, data, sz);
+    *len += sz;
+
+    return sz;
+}
+
+static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
+    void *ctx)
+{
+    struct test_memio_ctx *test_ctx;
+    int read_sz;
+    byte *buf;
+    int *len;
+
+    test_ctx = (struct test_memio_ctx*)ctx;
+
+    if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
+        buf = test_ctx->s_buff;
+        len = &test_ctx->s_len;
+    }
+    else {
+        buf = test_ctx->c_buff;
+        len = &test_ctx->c_len;
+    }
+
+    if (*len == 0)
+        return WOLFSSL_CBIO_ERR_WANT_READ;
+
+    read_sz = sz < *len ? sz : *len;
+
+    XMEMCPY(data, buf, read_sz);
+    XMEMMOVE(buf, buf + read_sz, *len - read_sz);
+
+    *len -= read_sz;
+
+    return read_sz;
+}
+
+int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
+    int max_rounds, int *rounds)
+{
+    byte handshake_complete = 0, hs_c = 0, hs_s = 0;
+    int ret, err;
+
+    if (rounds != NULL)
+        *rounds = 0;
+    while (!handshake_complete && max_rounds > 0) {
+        if (!hs_c) {
+            wolfSSL_SetLoggingPrefix("client");
+            ret = wolfSSL_connect(ssl_c);
+            wolfSSL_SetLoggingPrefix(NULL);
+            if (ret == WOLFSSL_SUCCESS) {
+                hs_c = 1;
+            }
+            else {
+                err = wolfSSL_get_error(ssl_c, ret);
+                if (err != WOLFSSL_ERROR_WANT_READ &&
+                    err != WOLFSSL_ERROR_WANT_WRITE)
+                    return -1;
+            }
+        }
+        if (!hs_s) {
+            wolfSSL_SetLoggingPrefix("server");
+            ret = wolfSSL_accept(ssl_s);
+            wolfSSL_SetLoggingPrefix(NULL);
+            if (ret == WOLFSSL_SUCCESS) {
+                hs_s = 1;
+            }
+            else {
+                err = wolfSSL_get_error(ssl_s, ret);
+                if (err != WOLFSSL_ERROR_WANT_READ &&
+                    err != WOLFSSL_ERROR_WANT_WRITE)
+                    return -1;
+            }
+        }
+        handshake_complete = hs_c && hs_s;
+        max_rounds--;
+        if (rounds != NULL)
+            *rounds = *rounds + 1;
+    }
+
+    if (!handshake_complete)
+        return -1;
+
+    return 0;
+}
+
+int test_memio_setup(struct test_memio_ctx *ctx,
+    WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
+    method_provider method_c, method_provider method_s)
+{
+    int ret;
+
+    if (ctx_c != NULL && *ctx_c == NULL) {
+        *ctx_c = wolfSSL_CTX_new(method_c());
+        if (*ctx_c == NULL)
+            return -1;
+#ifndef NO_CERTS
+        ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
+        if (ret != WOLFSSL_SUCCESS)
+            return -1;
+#endif /* NO_CERTS */
+        wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
+        wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
+        if (ctx->c_ciphers != NULL) {
+            ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
+            if (ret != WOLFSSL_SUCCESS)
+                return -1;
+        }
+    }
+
+    if (ctx_s != NULL && *ctx_s == NULL) {
+        *ctx_s = wolfSSL_CTX_new(method_s());
+        if (*ctx_s == NULL)
+            return -1;
+#ifndef NO_CERTS
+        ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
+            WOLFSSL_FILETYPE_PEM);
+        if (ret != WOLFSSL_SUCCESS)
+            return- -1;
+        ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
+                                               WOLFSSL_FILETYPE_PEM);
+        if (ret != WOLFSSL_SUCCESS)
+            return -1;
+#endif
+        wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
+        wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
+        if (ctx->s_ciphers != NULL) {
+            ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
+            if (ret != WOLFSSL_SUCCESS)
+                return -1;
+        }
+    }
+
+    if (ctx_c != NULL && ssl_c != NULL) {
+        *ssl_c = wolfSSL_new(*ctx_c);
+        if (*ssl_c == NULL)
+            return -1;
+        wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
+        wolfSSL_SetIOReadCtx(*ssl_c, ctx);
+    }
+    if (ctx_s != NULL && ssl_s != NULL) {
+        *ssl_s = wolfSSL_new(*ctx_s);
+        if (*ssl_s == NULL)
+            return -1;
+        wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
+        wolfSSL_SetIOReadCtx(*ssl_s, ctx);
+#if !defined(NO_DH)
+        SetDH(*ssl_s);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_COND)
+void signal_ready(tcp_ready* ready)
+{
+    THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+    ready->ready = 1;
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+}
+#endif
+
+void wait_tcp_ready(func_args* args)
+{
+#if !defined(SINGLE_THREADED) && defined(WOLFSSL_COND)
+    tcp_ready* ready = args->signal;
+    THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+    if (!ready->ready) {
+        THREAD_CHECK_RET(wolfSSL_CondWait(&ready->cond));
+    }
+    ready->ready = 0; /* reset */
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+#else
+    /* no threading wait or single threaded */
+    (void)args;
+#endif
+}
+
+#ifndef SINGLE_THREADED
+/* Start a thread.
+ *
+ * @param [in]  fun     Function to execute in thread.
+ * @param [in]  args    Object to send to function in thread.
+ * @param [out] thread  Handle to thread.
+ */
+void start_thread(THREAD_CB fun, func_args* args, THREAD_TYPE* thread)
+{
+    THREAD_CHECK_RET(wolfSSL_NewThread(thread, fun, args));
+}
+
+
+/* Join thread to wait for completion.
+ *
+ * @param [in] thread  Handle to thread.
+ */
+void join_thread(THREAD_TYPE thread)
+{
+    THREAD_CHECK_RET(wolfSSL_JoinThread(thread));
+}
+#endif /* SINGLE_THREADED */
diff --git a/extra/wolfssl/wolfssl/tests/w64wrapper.c b/extra/wolfssl/wolfssl/tests/w64wrapper.c
index ec8c63a1..926de49d 100644
--- a/extra/wolfssl/wolfssl/tests/w64wrapper.c
+++ b/extra/wolfssl/wolfssl/tests/w64wrapper.c
@@ -41,7 +41,7 @@ int w64wrapper_test(void)
 
     a = w64From32(0x01020304, 0x05060708);
 #if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_W64_WRAPPER_TEST)
-    if (a.n != 0x0102030405060708)
+    if (a.n != 0x0102030405060708LL)
         return -1;
 #else
     if (a.n[0] != 0x01020304 || a.n[1] != 0x05060708)
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.c b/extra/wolfssl/wolfssl/testsuite/testsuite.c
index 1b6df1b1..753077aa 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.c
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.c
@@ -25,6 +25,7 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #include <wolfssl/ssl.h>
 #include <wolfssl/test.h>
@@ -44,6 +45,7 @@
 #include <examples/server/server.h>
 #include <examples/client/client.h>
 
+#include "tests/utils.h"
 
 #ifndef NO_SHA256
 void file_test(const char* file, byte* check);
@@ -57,6 +59,10 @@ static THREAD_RETURN simple_test(func_args *args);
 static void simple_test(func_args *args);
 #endif
 static int test_tls(func_args* server_args);
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+    defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+static int test_crl_monitor(void);
+#endif
 static void show_ciphers(void);
 static void cleanup_output(void);
 static int validate_cleanup_output(void);
@@ -214,6 +220,16 @@ int testsuite_test(int argc, char** argv)
         cleanup_output();
         return server_args.return_code;
     }
+
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+    defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+    ret = test_crl_monitor();
+    if (ret != 0) {
+        cleanup_output();
+        return ret;
+    }
+#endif
+
 #endif /* !NETOS */
 
     show_ciphers();
@@ -247,6 +263,148 @@ int testsuite_test(int argc, char** argv)
 }
 
 #if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
+    defined(HAVE_CRL) && defined(HAVE_CRL_MONITOR)
+#define CRL_MONITOR_TEST_ROUNDS 6
+#define CRL_MONITOR_REM_FILE_ATTEMPTS 20
+
+static int test_crl_monitor(void)
+{
+    func_args server_args;
+    func_args client_args;
+    THREAD_TYPE serverThread;
+    tcp_ready ready;
+    char buf[128];
+    char tmpDir[16];
+    char rounds[4];
+    char portNum[8];
+    const char* serverArgv[] = {
+        "testsuite",
+        "-A", "certs/ca-cert.pem",
+        "--crl-dir", tmpDir,
+        "-C", rounds,
+        "--quieter",
+        "-x",
+        "-p", "0"
+    };
+    const char* clientArgv[] = {
+        "testsuite",
+        "-C",
+        "-c", "certs/server-cert.pem",
+        "-k", "certs/server-key.pem",
+        "--quieter",
+        "-H", "exitWithRet",
+        "-p", portNum
+    };
+    int ret = -1;
+    int i = -1, j;
+
+    printf("\nRunning CRL monitor test\n");
+
+    sprintf(rounds, "%d", CRL_MONITOR_TEST_ROUNDS);
+
+    XMEMSET(&server_args, 0, sizeof(func_args));
+    XMEMSET(&client_args, 0, sizeof(func_args));
+
+    /* Create temp dir */
+    if (create_tmp_dir(tmpDir, sizeof(tmpDir) - 1) == NULL) {
+        fprintf(stderr, "Failed to create tmp dir");
+        goto cleanup;
+    }
+
+    server_args.argv = (char**)serverArgv;
+    server_args.argc = sizeof(serverArgv) / sizeof(*serverArgv);
+    client_args.signal = server_args.signal = &ready;
+    client_args.argv = (char**)clientArgv;
+    client_args.argc = sizeof(clientArgv) / sizeof(*clientArgv);
+
+    InitTcpReady(&ready);
+    start_thread(server_test, &server_args, &serverThread);
+    wait_tcp_ready(&server_args);
+    sprintf(portNum, "%d", server_args.signal->port);
+
+    for (i = 0; i < CRL_MONITOR_TEST_ROUNDS; i++) {
+        int expectFail;
+        if (i % 2 == 0) {
+            /* succeed on even rounds */
+            sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+            if (copy_file("certs/crl/crl.pem", buf) != 0) {
+                fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
+                goto cleanup;
+            }
+            sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+            /* The monitor can be holding the file handle and this will cause
+             * the remove call to fail. Let's give the monitor a some time to
+             * finish up. */
+            for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
+                /* i == 0 since there is nothing to delete in the first round */
+                if (i == 0 || rem_file(buf) == 0)
+                    break;
+                XSLEEP_MS(100);
+            }
+            if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
+                fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
+                goto cleanup;
+            }
+            expectFail = 0;
+        }
+        else {
+            /* fail on odd rounds */
+            sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+            if (copy_file("certs/crl/crl.revoked", buf) != 0) {
+                fprintf(stderr, "[%d] Failed to copy file to %s\n", i, buf);
+                goto cleanup;
+            }
+            sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+            /* The monitor can be holding the file handle and this will cause
+             * the remove call to fail. Let's give the monitor a some time to
+             * finish up. */
+            for (j = 0; j < CRL_MONITOR_REM_FILE_ATTEMPTS; j++) {
+                if (rem_file(buf) == 0)
+                    break;
+                XSLEEP_MS(100);
+            }
+            if (j == CRL_MONITOR_REM_FILE_ATTEMPTS) {
+                fprintf(stderr, "[%d] Failed to remove file %s\n", i, buf);
+                goto cleanup;
+            }
+            expectFail = 1;
+        }
+        /* Give server a moment to register the file change */
+        XSLEEP_MS(100);
+
+        client_args.return_code = 0;
+        client_test(&client_args);
+
+        if (!expectFail) {
+            if (client_args.return_code != 0) {
+                fprintf(stderr, "[%d] Incorrect return %d\n", i,
+                        client_args.return_code);
+                goto cleanup;
+            }
+        }
+        else {
+            if (client_args.return_code == 0) {
+                fprintf(stderr, "[%d] Expected failure\n", i);
+                goto cleanup;
+            }
+        }
+    }
+
+    join_thread(serverThread);
+    ret = 0;
+cleanup:
+    if (ret != 0 && i >= 0)
+        fprintf(stderr, "test_crl_monitor failed on iteration %d\n", i);
+    sprintf(buf, "%s/%s", tmpDir, "crl.pem");
+    rem_file(buf);
+    sprintf(buf, "%s/%s", tmpDir, "crl.revoked");
+    rem_file(buf);
+    (void)rem_dir(tmpDir);
+    return ret;
+}
+#endif
+
+#if !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT) && \
    (!defined(WOLF_CRYPTO_CB_ONLY_RSA) && !defined(WOLF_CRYPTO_CB_ONLY_ECC))
 /* Perform a basic TLS handshake.
  *
@@ -263,6 +421,8 @@ static int test_tls(func_args* server_args)
     char* myArgv[NUMARGS];
     char arg[3][128];
 
+    printf("\nRunning TLS test\n");
+
     /* Set up command line arguments for echoclient to send input file
      * and write echoed data to temporary output file. */
     myArgv[0] = arg[0];
@@ -374,6 +534,8 @@ static void simple_test(func_args* args)
     char *cliArgv[NUMARGS];
     char argvc[3][32];
 
+    printf("\nRunning simple test\n");
+
     for (i = 0; i < 9; i++)
         svrArgv[i] = argvs[i];
     for (i = 0; i < 3; i++)
@@ -424,149 +586,11 @@ static void simple_test(func_args* args)
 }
 #endif /* !NO_WOLFSSL_SERVER && !NO_WOLFSSL_CLIENT */
 
-
-/* Wait for the server to be ready for a connection.
- *
- * @param [in] args  Object to send to thread.
- */
-void wait_tcp_ready(func_args* args)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&args->signal->mutex));
-
-    if (!args->signal->ready)
-        PTHREAD_CHECK_RET(pthread_cond_wait(&args->signal->cond,
-                                            &args->signal->mutex));
-    args->signal->ready = 0; /* reset */
-
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&args->signal->mutex));
-#elif defined(NETOS)
-    (void)tx_mutex_get(&args->signal->mutex, TX_WAIT_FOREVER);
-
-    /* TODO:
-     * if (!args->signal->ready)
-     *    pthread_cond_wait(&args->signal->cond, &args->signal->mutex);
-     * args->signal->ready = 0; */
-
-    (void)tx_mutex_put(&args->signal->mutex);
-#elif defined(USE_WINDOWS_API)
-    /* Give peer a moment to get running */
-    #if defined(__MINGW32__) || defined(__MINGW64__)
-        Sleep(500);
-    #else
-        _sleep(500);
-    #endif
-    (void)args;
-#else
-    (void)args;
-#endif
-}
-
-
-/* Start a thread.
- *
- * @param [in]  fun     Function to executre in thread.
- * @param [in]  args    Object to send to function in thread.
- * @param [out] thread  Handle to thread.
- */
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_create(thread, 0, fun, args));
-    return;
-#elif defined(WOLFSSL_TIRTOS)
-    /* Initialize the defaults and set the parameters. */
-    Task_Params taskParams;
-    Task_Params_init(&taskParams);
-    taskParams.arg0 = (UArg)args;
-    taskParams.stackSize = 65535;
-    *thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
-    if (*thread == NULL) {
-        printf("Failed to create new Task\n");
-    }
-    Task_yield();
-#elif defined(NETOS)
-    /* This can be adjusted by defining in user_settings.h, will default to 65k
-     * in the event it is undefined */
-    #ifndef TESTSUITE_THREAD_STACK_SZ
-        #define TESTSUITE_THREAD_STACK_SZ 65535
-    #endif
-    int result;
-    static void * TestSuiteThreadStack = NULL;
-
-    /* Assume only one additional thread is created concurrently. */
-    if (TestSuiteThreadStack == NULL)
-    {
-        TestSuiteThreadStack = (void *)malloc(TESTSUITE_THREAD_STACK_SZ);
-        if (TestSuiteThreadStack == NULL)
-        {
-            printf ("Stack allocation failure.\n");
-            return;
-        }
-    }
-
-    memset (thread, 0, sizeof *thread);
-
-    /* first create the idle thread:
-     * ARGS:
-     * Param1: pointer to thread
-     * Param2: name
-     * Param3 and 4: entry function and input
-     * Param5: pointer to thread stack
-     * Param6: stack size
-     * Param7 and 8: priority level and preempt threshold
-     * Param9 and 10: time slice and auto-start indicator */
-    result = tx_thread_create(thread,
-                       "WolfSSL TestSuiteThread",
-                       (entry_functionType)fun, (ULONG)args,
-                       TestSuiteThreadStack,
-                       TESTSUITE_THREAD_STACK_SZ,
-                       2, 2,
-                       1, TX_AUTO_START);
-    if (result != TX_SUCCESS)
-    {
-        printf("Ethernet Bypass Application: failed to create idle thread!\n");
-    }
-
-#else
-    *thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
-#endif
-}
-
-
-/* Join thread to wait for completion.
- *
- * @param [in] thread  Handle to thread.
- */
-void join_thread(THREAD_TYPE thread)
-{
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_join(thread, 0));
-#elif defined(WOLFSSL_TIRTOS)
-    while(1) {
-        if (Task_getMode(thread) == Task_Mode_TERMINATED) {
-            Task_sleep(5);
-            break;
-        }
-        Task_yield();
-    }
-#elif defined(NETOS)
-    /* TODO: */
-#else
-    int res = WaitForSingleObject((HANDLE)thread, INFINITE);
-    assert(res == WAIT_OBJECT_0);
-    res = CloseHandle((HANDLE)thread);
-    assert(res);
-    (void)res; /* Suppress un-used variable warning */
-#endif
-}
-
-
 #ifndef NO_SHA256
 /* Create SHA-256 hash of the file based on filename.
  *
  * @param [in]  file   Name of file.
- * @parma [out] check  Buffer to hold SHA-256 hash.
+ * @param [out] check  Buffer to hold SHA-256 hash.
  */
 void file_test(const char* file, byte* check)
 {
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj b/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
index 95301f96..e41601f1 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="../;../IDE/WIN"
-				PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -117,7 +117,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="../;../IDE/WIN"
-				PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj b/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
index 6198565e..958f937f 100644
--- a/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
+++ b/extra/wolfssl/wolfssl/testsuite/testsuite.vcxproj
@@ -159,7 +159,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -179,7 +179,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -200,7 +200,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -218,7 +218,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -237,7 +237,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -259,7 +259,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -281,7 +281,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -302,7 +302,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>../;../IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>NO_MAIN_DRIVER;WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;WOLFSSL_DLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
index 6609a2e2..49803d6d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.c
@@ -22,48 +22,254 @@
 
 /* wolfCrypt benchmark */
 
+/* Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ * make the binary always use CSV format:
+ * WOLFSSL_BENCHMARK_FIXED_CSV
+ *
+ * choose to use the same units, regardless of scale. pick 1:
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_GB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_MB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+ * WOLFSSL_BENCHMARK_FIXED_UNITS_B
+ *
+ * when the output should be in machine-parseable format:
+ * GENERATE_MACHINE_PARSEABLE_REPORT
+ *
+ * use microseconds as the unit of time:
+ * BENCH_MICROSECOND
+ *
+ * display mean, max, min and sd of operation durations:
+ * MULTI_VALUE_STATISTICS
+ *
+ * Enable tracking of the stats into an allocated linked list:
+ * (use -print to display results):
+ * WC_BENCH_TRACK_STATS
+ *
+ * set the default devId for cryptocb to the value instead of INVALID_DEVID
+ * WC_USE_DEVID=0x1234
+ *
+ * Turn on benchmark timing debugging (CPU Cycles, RTOS ticks, etc)
+ * DEBUG_WOLFSSL_BENCHMARK_TIMING
+ *
+ */
+
 
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
 
-/* Some common, optional user settings                           */
-/* these can also be set in wolfssl/options.h or user_settings.h */
-/* ------------------------------------------------------------- */
-/* make the binary always use CSV format:                        */
-/* #define WOLFSSL_BENCHMARK_FIXED_CSV                           */
-/*                                                               */
-/* choose to use the same units, regardless of scale. pick 1:    */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_GB                      */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_MB                      */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_KB                      */
-/* #define WOLFSSL_BENCHMARK_FIXED_UNITS_B                       */
-/*                                                               */
-/* when the output should be in machine-parseable format:        */
-/* #define GENERATE_MACHINE_PARSEABLE_REPORT                     */
-/*                                                               */
-
-/* define the max length for each string of metric reported */
-#define __BENCHMARK_MAXIMUM_LINE_LENGTH 150
-
-/* some internal helpers to get values of settings   */
-/* this first one gets the text name of the #define parameter */
-#define __BENCHMARK_VALUE_TO_STRING(x) #x
-
-/* this next one gets the text value of the assigned value of #define param */
-#define __BENCHMARK_VALUE(x) __BENCHMARK_VALUE_TO_STRING(x)
-
-#define WOLFSSL_FIXED_UNITS_PER_SEC "MB/s" /* may be re-set by fixed units */
-
 #ifndef WOLFSSL_USER_SETTINGS
     #include <wolfssl/options.h>
 #endif
 #include <wolfssl/wolfcrypt/settings.h> /* also picks up user_settings.h */
+
+/* Macro to disable benchmark */
+#ifndef NO_CRYPT_BENCHMARK
+
 #include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/version.h>
 #include <wolfssl/wolfcrypt/wc_port.h>
-#include <wolfssl/wolfcrypt/ecc.h>
 #include <wolfssl/wolfcrypt/wolfmath.h>
+#include <wolfssl/wolfcrypt/memory.h>
+#include <wolfssl/wolfcrypt/random.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/asn.h>
+#include <wolfssl/version.h>
+
+#ifdef HAVE_CHACHA
+    #include <wolfssl/wolfcrypt/chacha.h>
+#endif
+#ifdef HAVE_POLY1305
+    #include <wolfssl/wolfcrypt/poly1305.h>
+#endif
+#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
+    #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
+#endif
+#ifndef NO_AES
+    #include <wolfssl/wolfcrypt/aes.h>
+#endif
+#ifdef HAVE_CAMELLIA
+    #include <wolfssl/wolfcrypt/camellia.h>
+#endif
+#ifdef WOLFSSL_SM4
+    #include <wolfssl/wolfcrypt/sm4.h>
+#endif
+#ifndef NO_MD5
+    #include <wolfssl/wolfcrypt/md5.h>
+#endif
+#ifndef NO_SHA
+    #include <wolfssl/wolfcrypt/sha.h>
+#endif
+#ifndef NO_SHA256
+    #include <wolfssl/wolfcrypt/sha256.h>
+#endif
+#if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
+    #include <wolfssl/wolfcrypt/sha512.h>
+#endif
+#ifdef WOLFSSL_SHA3
+    #include <wolfssl/wolfcrypt/sha3.h>
+#endif
+#ifdef WOLFSSL_SM3
+     #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifndef NO_RSA
+    #include <wolfssl/wolfcrypt/rsa.h>
+#endif
+#ifdef WOLFSSL_RIPEMD
+    #include <wolfssl/wolfcrypt/ripemd.h>
+#endif
+#ifdef WOLFSSL_CMAC
+    #include <wolfssl/wolfcrypt/cmac.h>
+#endif
+#ifndef NO_DH
+    #include <wolfssl/wolfcrypt/dh.h>
+#endif
+#ifndef NO_DES3
+    #include <wolfssl/wolfcrypt/des3.h>
+#endif
+#ifndef NO_RC4
+    #include <wolfssl/wolfcrypt/arc4.h>
+#endif
+#ifndef NO_HMAC
+    #include <wolfssl/wolfcrypt/hmac.h>
+#endif
+#ifdef WOLFSSL_SIPHASH
+    #include <wolfssl/wolfcrypt/siphash.h>
+#endif
+  #include <wolfssl/wolfcrypt/kdf.h>
+#ifndef NO_PWDBASED
+    #include <wolfssl/wolfcrypt/pwdbased.h>
+#endif
+#ifdef HAVE_ECC
+    #include <wolfssl/wolfcrypt/ecc.h>
+#endif
+#ifdef WOLFSSL_SM2
+    #include <wolfssl/wolfcrypt/sm2.h>
+#endif
+#ifdef HAVE_CURVE25519
+    #include <wolfssl/wolfcrypt/curve25519.h>
+#endif
+#ifdef HAVE_ED25519
+    #include <wolfssl/wolfcrypt/ed25519.h>
+#endif
+#ifdef HAVE_CURVE448
+    #include <wolfssl/wolfcrypt/curve448.h>
+#endif
+#ifdef HAVE_ED448
+    #include <wolfssl/wolfcrypt/ed448.h>
+#endif
+#ifdef WOLFSSL_HAVE_KYBER
+    #include <wolfssl/wolfcrypt/kyber.h>
+    #ifdef WOLFSSL_WC_KYBER
+        #include <wolfssl/wolfcrypt/wc_kyber.h>
+    #endif
+    #if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
+        #include <wolfssl/wolfcrypt/ext_kyber.h>
+    #endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+    #include <wolfssl/wolfcrypt/lms.h>
+    #ifdef HAVE_LIBLMS
+        #include <wolfssl/wolfcrypt/ext_lms.h>
+    #endif
+#endif
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+    #include <wolfssl/wolfcrypt/xmss.h>
+    #ifdef HAVE_LIBXMSS
+        #include <wolfssl/wolfcrypt/ext_xmss.h>
+    #endif
+#endif
+#ifdef WOLFCRYPT_HAVE_ECCSI
+    #include <wolfssl/wolfcrypt/eccsi.h>
+#endif
+#ifdef WOLFCRYPT_HAVE_SAKKE
+    #include <wolfssl/wolfcrypt/sakke.h>
+#endif
+
+#if defined(HAVE_PQC)
+    #if defined(HAVE_FALCON)
+        #include <wolfssl/wolfcrypt/falcon.h>
+    #endif
+    #if defined(HAVE_DILITHIUM)
+        #include <wolfssl/wolfcrypt/dilithium.h>
+    #endif
+    #if defined(HAVE_SPHINCS)
+        #include <wolfssl/wolfcrypt/sphincs.h>
+    #endif
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
+    #ifdef HAVE_INTEL_QA_SYNC
+        #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
+    #endif
+    #ifdef HAVE_CAVIUM_OCTEON_SYNC
+        #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
+    #endif
+    #ifdef HAVE_RENESAS_SYNC
+        #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
+    #endif
+#endif
+
+#ifdef WOLFSSL_ASYNC_CRYPT
+    #include <wolfssl/wolfcrypt/async.h>
+#endif
+
+#ifdef USE_FLAT_BENCHMARK_H
+    #include "benchmark.h"
+#else
+    #include "wolfcrypt/benchmark/benchmark.h"
+#endif
+
+
+/* define the max length for each string of metric reported */
+#ifndef WC_BENCH_MAX_LINE_LEN
+#define WC_BENCH_MAX_LINE_LEN 150
+#endif
+
+/* default units per second. See WOLFSSL_BENCHMARK_FIXED_UNITS_* to change */
+#define WOLFSSL_FIXED_UNIT "MB" /* may be re-set by fixed units */
+#define MILLION_VALUE 1000000.0
+
+#ifdef BENCH_MICROSECOND
+    #define WOLFSSL_FIXED_TIME_UNIT "μs"
+    #define WOLFSSL_BENCHMARK_FIXED_UNITS_KB
+#else
+    #define WOLFSSL_FIXED_TIME_UNIT "s"
+#endif
+
+#ifdef MULTI_VALUE_STATISTICS
+    #define STATS_CLAUSE_SEPARATOR ""
+    #define DECLARE_MULTI_VALUE_STATS_VARS() double max = 0, min = 0, sum = 0,\
+                                         squareSum = 0, prev = 0, delta;\
+                                         int    runs = 0;
+    #define RECORD_MULTI_VALUE_STATS()  if (runs == 0) {\
+                                            delta = current_time(0) - start;\
+                                            min = delta;\
+                                            max = delta;\
+                                        }\
+                                        else {\
+                                            delta = current_time(0) - prev;\
+                                        }\
+                                        if (max < delta)\
+                                            max = delta;\
+                                        else if (min > delta)\
+                                            min = delta;\
+                                        sum += delta;\
+                                        squareSum += delta * delta;\
+                                        runs++;\
+                                        prev = current_time(0)
+    #define RESET_MULTI_VALUE_STATS_VARS()   prev = 0;\
+                                        runs = 0;\
+                                        sum  = 0;\
+                                        squareSum = 0
+#else
+    #define STATS_CLAUSE_SEPARATOR "\n"
+    #define DECLARE_MULTI_VALUE_STATS_VARS()
+    #define RECORD_MULTI_VALUE_STATS()  WC_DO_NOTHING
+    #define RESET_MULTI_VALUE_STATS_VARS()   WC_DO_NOTHING
+#endif
 
 #ifdef WOLFSSL_NO_FLOAT_FMT
     #define FLT_FMT "%0ld,%09lu"
@@ -92,30 +298,53 @@
     #define FLT_FMT_ARGS(x) x
     #define FLT_FMT_PREC_ARGS(p, x) p, x
     #define FLT_FMT_PREC2_ARGS(w, p, x) w, p, x
-#endif
+#endif /* WOLFSSL_NO_FLOAT_FMT */
 
 #ifdef WOLFSSL_ESPIDF
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+    #ifdef configTICK_RATE_HZ
+        /* Define CPU clock cycles per tick of FreeRTOS clock
+         *   CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ is typically a value like 240
+         *   configTICK_RATE_HZ is typically 100 or 1000.
+         **/
+        #define CPU_TICK_CYCLES (                               \
+              (CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE) \
+              / configTICK_RATE_HZ                              \
+            )
+    #endif
+    #if defined(CONFIG_IDF_TARGET_ESP32C2)
         #include "driver/gptimer.h"
         static gptimer_handle_t esp_gptimer = NULL;
         static gptimer_config_t esp_timer_config = {
                             .clk_src = GPTIMER_CLK_SRC_DEFAULT,
                             .direction = GPTIMER_COUNT_UP,
-                            .resolution_hz = CONFIG_XTAL_FREQ * 1000000,
+                            .resolution_hz = CONFIG_XTAL_FREQ * 100000,
                          };
+    #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+          defined(CONFIG_IDF_TARGET_ESP32C6)
+        #include <esp_cpu.h>
+        #include "driver/gptimer.h"
+        #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+            #define RESOLUTION_SCALE 100
+            static gptimer_handle_t esp_gptimer = NULL;
+            static gptimer_config_t esp_timer_config = {
+                                .clk_src = GPTIMER_CLK_SRC_DEFAULT,
+                                .direction = GPTIMER_COUNT_UP,
+                                .resolution_hz = CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * (MILLION_VALUE / RESOLUTION_SCALE), /* CONFIG_XTAL_FREQ = 40, CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = 160  */
+                             };
+        #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
     #elif defined(CONFIG_IDF_TARGET_ESP32) || \
           defined(CONFIG_IDF_TARGET_ESP32S2) || \
           defined(CONFIG_IDF_TARGET_ESP32S3)
         #include <xtensa/hal.h>
+    #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+
     #else
-        #error "CONFIG_IDF_TARGET not implemented"
+        /* Other platform */
     #endif
     #include <esp_log.h>
-#endif
+#endif /* WOLFSSL_ESPIDF */
 
-#ifdef HAVE_PTHREAD
-    #include <pthread.h>
-#endif
 #if defined(HAVE_PTHREAD) ||                                          \
     (!defined(NO_CRYPT_BENCHMARK) && !defined(NO_STDIO_FILESYSTEM) && \
      !defined(NO_ERROR_STRINGS) && !defined(NO_MAIN_DRIVER) &&        \
@@ -127,28 +356,21 @@
 #endif
 
 #if defined(WOLFSSL_ZEPHYR) || defined(NO_STDIO_FILESYSTEM) || !defined(XFFLUSH)
-/* fflush in Zephyr doesn't work on stdout and stderr. Use
- * CONFIG_LOG_MODE_IMMEDIATE compilation option instead. */
-#undef XFFLUSH
-#define XFFLUSH(...) do {} while (0)
+    /* fflush in Zephyr doesn't work on stdout and stderr. Use
+    * CONFIG_LOG_MODE_IMMEDIATE compilation option instead. */
+    #undef  XFFLUSH
+    #define XFFLUSH(...) WC_DO_NOTHING
 #endif
 
-/* Macro to disable benchmark */
-#ifndef NO_CRYPT_BENCHMARK
-
+/* only for stack size check */
 #include <wolfssl/wolfcrypt/mem_track.h>
 
-/* only for stack size check */
-#if defined(WOLFSSL_ASYNC_CRYPT)
-    #ifndef WC_NO_ASYNC_THREADING
-        #define WC_ENABLE_BENCH_THREADING
-    #endif
+#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+    #define WC_ENABLE_BENCH_THREADING
 #endif
-
-#ifdef USE_FLAT_BENCHMARK_H
-    #include "benchmark.h"
-#else
-    #include "wolfcrypt/benchmark/benchmark.h"
+/* enable tracking of stats for threaded benchmark */
+#if defined(WC_ENABLE_BENCH_THREADING) && !defined(WC_BENCH_TRACK_STATS)
+    #define WC_BENCH_TRACK_STATS
 #endif
 
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
@@ -189,7 +411,7 @@
     static int printfk(const char *fmt, ...)
     {
         int ret;
-        char line[__BENCHMARK_MAXIMUM_LINE_LENGTH];
+        char line[WC_BENCH_MAX_LINE_LEN];
         va_list ap;
 
         va_start(ap, fmt);
@@ -258,98 +480,6 @@
     #endif
 #endif
 
-#include <wolfssl/wolfcrypt/memory.h>
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/des3.h>
-#include <wolfssl/wolfcrypt/arc4.h>
-#include <wolfssl/wolfcrypt/chacha.h>
-#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/poly1305.h>
-#include <wolfssl/wolfcrypt/camellia.h>
-#include <wolfssl/wolfcrypt/md5.h>
-#include <wolfssl/wolfcrypt/sha.h>
-#include <wolfssl/wolfcrypt/sha256.h>
-#include <wolfssl/wolfcrypt/sha512.h>
-#include <wolfssl/wolfcrypt/sha3.h>
-#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/asn.h>
-#include <wolfssl/wolfcrypt/ripemd.h>
-#include <wolfssl/wolfcrypt/cmac.h>
-#ifndef NO_HMAC
-    #include <wolfssl/wolfcrypt/hmac.h>
-#endif
-#ifdef WOLFSSL_SIPHASH
-    #include <wolfssl/wolfcrypt/siphash.h>
-#endif
-#ifndef NO_PWDBASED
-    #include <wolfssl/wolfcrypt/pwdbased.h>
-#endif
-#ifdef HAVE_ECC
-    #include <wolfssl/wolfcrypt/ecc.h>
-#endif
-#ifdef HAVE_CURVE25519
-    #include <wolfssl/wolfcrypt/curve25519.h>
-#endif
-#ifdef HAVE_ED25519
-    #include <wolfssl/wolfcrypt/ed25519.h>
-#endif
-#ifdef HAVE_CURVE448
-    #include <wolfssl/wolfcrypt/curve448.h>
-#endif
-#ifdef HAVE_ED448
-    #include <wolfssl/wolfcrypt/ed448.h>
-#endif
-#ifdef WOLFSSL_HAVE_KYBER
-    #include <wolfssl/wolfcrypt/kyber.h>
-#ifdef WOLFSSL_WC_KYBER
-    #include <wolfssl/wolfcrypt/wc_kyber.h>
-#endif
-#if defined(HAVE_LIBOQS) || defined(HAVE_PQM4)
-    #include <wolfssl/wolfcrypt/ext_kyber.h>
-#endif
-#endif
-#ifdef WOLFCRYPT_HAVE_ECCSI
-    #include <wolfssl/wolfcrypt/eccsi.h>
-#endif
-#ifdef WOLFCRYPT_HAVE_SAKKE
-    #include <wolfssl/wolfcrypt/sakke.h>
-#endif
-
-#if defined(HAVE_PQC)
-    #if defined(HAVE_FALCON)
-        #include <wolfssl/wolfcrypt/falcon.h>
-    #endif
-    #if defined(HAVE_DILITHIUM)
-        #include <wolfssl/wolfcrypt/dilithium.h>
-    #endif
-    #if defined(HAVE_SPHINCS)
-        #include <wolfssl/wolfcrypt/sphincs.h>
-    #endif
-#endif
-
-#include <wolfssl/wolfcrypt/dh.h>
-#include <wolfssl/wolfcrypt/random.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/types.h>
-
-#ifdef WOLF_CRYPTO_CB
-    #include <wolfssl/wolfcrypt/cryptocb.h>
-    #ifdef HAVE_INTEL_QA_SYNC
-        #include <wolfssl/wolfcrypt/port/intel/quickassist_sync.h>
-    #endif
-    #ifdef HAVE_CAVIUM_OCTEON_SYNC
-        #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
-    #endif
-    #ifdef HAVE_RENESAS_SYNC
-        #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
-    #endif
-#endif
-
-#ifdef WOLFSSL_ASYNC_CRYPT
-    #include <wolfssl/wolfcrypt/async.h>
-#endif
-
 #ifdef HAVE_FIPS
     #include <wolfssl/wolfcrypt/fips_test.h>
 
@@ -397,14 +527,14 @@
     } while(0)
 #endif
 
-#undef PTHREAD_CHECK_RET
-#define PTHREAD_CHECK_RET(...) do {                                  \
-        int _pthread_ret = (__VA_ARGS__);                            \
-        if (_pthread_ret != 0) {                                     \
-            errno = _pthread_ret;                                    \
+#undef THREAD_CHECK_RET
+#define THREAD_CHECK_RET(...) do {                                   \
+        int _thread_ret = (__VA_ARGS__);                             \
+        if (_thread_ret != 0) {                                      \
+            errno = _thread_ret;                                     \
             printf("%s%s L%d error %d for \"%s\"\n",                 \
                    err_prefix, __FILE__, __LINE__,                   \
-                   _pthread_ret, #__VA_ARGS__);                      \
+                   _thread_ret, #__VA_ARGS__);                       \
             XFFLUSH(stdout);                                         \
             _exit(1);                                                \
         }                                                            \
@@ -413,7 +543,7 @@
 /* optional macro to add sleep between tests */
 #ifndef TEST_SLEEP
     /* stub the sleep macro */
-    #define TEST_SLEEP()
+    #define TEST_SLEEP() WC_DO_NOTHING
 #endif
 
 #define TEST_STRING    "Everyone gets Friday off."
@@ -439,6 +569,10 @@
 #define BENCH_AES_CFB            0x00010000
 #define BENCH_AES_OFB            0x00020000
 #define BENCH_AES_SIV            0x00040000
+#define BENCH_SM4_CBC            0x00080000
+#define BENCH_SM4_GCM            0x00100000
+#define BENCH_SM4_CCM            0x00200000
+#define BENCH_SM4                (BENCH_SM4_CBC | BENCH_SM4_GCM | BENCH_SM4_CCM)
 /* Digest algorithms. */
 #define BENCH_MD5                0x00000001
 #define BENCH_POLY1305           0x00000002
@@ -461,6 +595,7 @@
 #define BENCH_RIPEMD             0x00004000
 #define BENCH_BLAKE2B            0x00008000
 #define BENCH_BLAKE2S            0x00010000
+#define BENCH_SM3                0x00020000
 
 /* MAC algorithms. */
 #define BENCH_CMAC               0x00000001
@@ -476,6 +611,9 @@
 #define BENCH_PBKDF2             0x00000100
 #define BENCH_SIPHASH            0x00000200
 
+/* KDF algorithms */
+#define BENCH_SRTP_KDF           0x00000001
+
 /* Asymmetric algorithms. */
 #define BENCH_RSA_KEYGEN         0x00000001
 #define BENCH_RSA                0x00000002
@@ -497,6 +635,7 @@
 #define BENCH_ECC_P256           0x01000000
 #define BENCH_ECC_P384           0x02000000
 #define BENCH_ECC_P521           0x04000000
+#define BENCH_SM2                0x08000000
 #define BENCH_ECCSI_KEYGEN       0x00000020
 #define BENCH_ECCSI_PAIRGEN      0x00000040
 #define BENCH_ECCSI_VALIDATE     0x00000080
@@ -521,6 +660,10 @@
 #define BENCH_SPHINCS_SMALL_LEVEL3_SIGN 0x00000010
 #define BENCH_SPHINCS_SMALL_LEVEL5_SIGN 0x00000020
 
+/* Post-Quantum Stateful Hash-Based sig algorithms. */
+#define BENCH_LMS_HSS                   0x00000001
+#define BENCH_XMSS_XMSSMT               0x00000002
+
 /* Other */
 #define BENCH_RNG                0x00000001
 #define BENCH_SCRYPT             0x00000002
@@ -540,6 +683,11 @@
 #endif
 #endif
 
+#if (defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)) || \
+    (defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY))
+    #define BENCH_PQ_STATEFUL_HBS
+#endif
+
 /* Benchmark all compiled in algorithms.
  * When 1, ignore other benchmark algorithm values.
  *      0, only benchmark algorithm values set.
@@ -551,6 +699,8 @@ static word32 bench_cipher_algs = 0;
 static word32 bench_digest_algs = 0;
 /* MAC algorithms to benchmark. */
 static word32 bench_mac_algs = 0;
+/* KDF algorithms to benchmark. */
+static word32 bench_kdf_algs = 0;
 /* Asymmetric algorithms to benchmark. */
 static word32 bench_asym_algs = 0;
 /* Post-Quantum Asymmetric algorithms to benchmark. */
@@ -559,6 +709,8 @@ static word32 bench_pq_asym_algs = 0;
 static word32 bench_pq_asym_algs2 = 0;
 /* Other cryptographic algorithms to benchmark. */
 static word32 bench_other_algs = 0;
+/* Post-Quantum Stateful Hash-Based sig algorithms to benchmark. */
+static word32 bench_pq_hash_sig_algs = 0;
 
 #if !defined(WOLFSSL_BENCHMARK_ALL) && !defined(NO_MAIN_DRIVER)
 
@@ -613,6 +765,18 @@ static const bench_alg bench_cipher_opt[] = {
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
     { "-chacha20-poly1305",  BENCH_CHACHA20_POLY1305 },
 #endif
+#ifdef WOLFSSL_SM4_CBC
+    { "-sm4-cbc",            BENCH_SM4_CBC           },
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    { "-sm4-gcm",            BENCH_SM4_GCM           },
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    { "-sm4-ccm",            BENCH_SM4_CCM           },
+#endif
+#ifdef WOLFSSL_SM4
+    { "-sm4",                BENCH_SM4               },
+#endif
 #ifndef NO_DES3
     { "-des",                BENCH_DES               },
 #endif
@@ -671,6 +835,9 @@ static const bench_alg bench_digest_opt[] = {
     { "-shake256",           BENCH_SHAKE256          },
     #endif
 #endif
+#ifdef WOLFSSL_SM3
+    { "-sm3",                BENCH_SM3               },
+#endif
 #ifdef WOLFSSL_RIPEMD
     { "-ripemd",             BENCH_RIPEMD            },
 #endif
@@ -712,9 +879,18 @@ static const bench_alg bench_mac_opt[] = {
     #ifndef NO_PWDBASED
     { "-pbkdf2",             BENCH_PBKDF2            },
     #endif
+#endif
     #ifdef WOLFSSL_SIPHASH
     { "-siphash",            BENCH_SIPHASH           },
     #endif
+    { NULL, 0 }
+};
+
+/* All recognized KDF algorithm choosing command line options. */
+static const bench_alg bench_kdf_opt[] = {
+    { "-kdf",                0xffffffff              },
+#ifdef WC_SRTP_KDF
+    { "-srtp-kdf",           BENCH_SRTP_KDF          },
 #endif
     { NULL, 0 }
 };
@@ -743,6 +919,9 @@ static const bench_alg bench_asym_opt[] = {
     #endif
     { "-ecc-all",            BENCH_ECC_ALL           },
 #endif
+#ifdef WOLFSSL_SM2
+    { "-sm2",                BENCH_SM2               },
+#endif
 #ifdef HAVE_CURVE25519
     { "-curve25519-kg",      BENCH_CURVE25519_KEYGEN },
     #ifdef HAVE_CURVE25519_SHARED_SECRET
@@ -794,6 +973,26 @@ static const bench_alg bench_other_opt[] = {
 
 #endif /* !WOLFSSL_BENCHMARK_ALL && !NO_MAIN_DRIVER */
 
+#if defined(BENCH_PQ_STATEFUL_HBS)
+typedef struct bench_pq_hash_sig_alg {
+    /* Command line option string. */
+    const char* str;
+    /* Bit values to set. */
+    word32 val;
+} bench_pq_hash_sig_alg;
+
+static const bench_pq_hash_sig_alg bench_pq_hash_sig_opt[] = {
+    { "-pq_hash_sig", 0xffffffff},
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+    { "-lms_hss", BENCH_LMS_HSS},
+#endif
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+    { "-xmss_xmssmt", BENCH_XMSS_XMSSMT},
+#endif
+    { NULL, 0}
+};
+#endif /* BENCH_PQ_STATEFUL_HBS */
+
 #if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
 /* The post-quantum-specific mapping of command line option to bit values and
  * OQS name. */
@@ -824,26 +1023,26 @@ static const bench_pq_alg bench_pq_asym_opt[] = {
     { NULL, 0, NULL }
 };
 
-#ifdef HAVE_LIBOQS
+#if defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
 /* All recognized post-quantum asymmetric algorithm choosing command line
  * options. (Part 2) */
 static const bench_pq_alg bench_pq_asym_opt2[] = {
     { "-pq",                 0xffffffff, NULL},
     { "-sphincs_fast_level1", BENCH_SPHINCS_FAST_LEVEL1_SIGN,
-      OQS_SIG_alg_sphincs_shake256_128f_simple },
+      OQS_SIG_alg_sphincs_shake_128f_simple },
     { "-sphincs_fast_level3", BENCH_SPHINCS_FAST_LEVEL3_SIGN,
-      OQS_SIG_alg_sphincs_shake256_192f_simple },
+      OQS_SIG_alg_sphincs_shake_192f_simple },
     { "-sphincs_fast_level5", BENCH_SPHINCS_FAST_LEVEL5_SIGN,
-      OQS_SIG_alg_sphincs_shake256_256f_simple },
+      OQS_SIG_alg_sphincs_shake_256f_simple },
     { "-sphincs_small_level1", BENCH_SPHINCS_SMALL_LEVEL1_SIGN,
-      OQS_SIG_alg_sphincs_shake256_128s_simple },
+      OQS_SIG_alg_sphincs_shake_128s_simple },
     { "-sphincs_small_level3", BENCH_SPHINCS_SMALL_LEVEL3_SIGN,
-      OQS_SIG_alg_sphincs_shake256_192s_simple },
+      OQS_SIG_alg_sphincs_shake_192s_simple },
     { "-sphincs_small_level5", BENCH_SPHINCS_SMALL_LEVEL5_SIGN,
-      OQS_SIG_alg_sphincs_shake256_256s_simple },
+      OQS_SIG_alg_sphincs_shake_256s_simple },
     { NULL, 0, NULL }
 };
-#endif /* HAVE_LIBOQS */
+#endif /* HAVE_LIBOQS && HAVE_SPHINCS */
 #endif /* HAVE_PQC */
 
 #ifdef HAVE_WNR
@@ -859,9 +1058,10 @@ static int lng_index = 0;
 
 #ifndef NO_MAIN_DRIVER
 #ifndef MAIN_NO_ARGS
-static const char* bench_Usage_msg1[][21] = {
+static const char* bench_Usage_msg1[][25] = {
     /* 0 English  */
-    {   "-? <num>    Help, print this usage\n            0: English, 1: Japanese\n",
+    {   "-? <num>    Help, print this usage\n",
+        "            0: English, 1: Japanese\n",
         "-csv        Print terminal output in csv format\n",
         "-base10     Display bytes as power of 10 (eg 1 kB = 1000 Bytes)\n",
         "-no_aad     No additional authentication data passed.\n",
@@ -881,17 +1081,24 @@ static const char* bench_Usage_msg1[][21] = {
         "-p521       Measure ECC using P-521 curve.\n",
         "-ecc-all    Bench all enabled ECC curves.\n",
         "-<alg>      Algorithm to benchmark. Available algorithms include:\n",
-        "-lng <num>  Display benchmark result by specified language.\n            0: English, 1: Japanese\n",
+        ("-lng <num>  Display benchmark result by specified language.\n"
+         "            0: English, 1: Japanese\n"
+        ),
         "<num>       Size of block in bytes\n",
-       ("-blocks <num>  Number of blocks. Can be used together with the 'Size of block'\n"
+       ("-blocks <num>  Number of blocks. Can be used together with the "
+        "'Size of block'\n"
         "            option, but must be used after that one.\n"
        ),
         "-threads <num> Number of threads to run\n",
-        "-print      Show benchmark stats summary\n"
+        "-print      Show benchmark stats summary\n",
+        "-hash_input   <file>   Input data to use for hash benchmarking\n",
+        "-cipher_input <file>   Input data to use for cipher benchmarking\n",
+        "-min_runs     <num>    Specify minimum number of operation runs\n"
     },
 #ifndef NO_MULTIBYTE_PRINT
     /* 1 Japanese */
-    {   "-? <num>    ヘルプ, 使�方を表示���。\n            0: 英語� 1: 日本語\n",
+    {   "-? <num>    ヘルプ, 使�方を表示���。\n",
+        "            0: 英語� 1: 日本語\n",
         "-csv        csv 形��端末�出力���。\n",
         "-base10     �イトを10���乗�表示���。(例 1 kB = 1000 Bytes)\n",
         "-no_aad     追加��証データを使用���ん.\n",
@@ -906,12 +1113,20 @@ static const char* bench_Usage_msg1[][21] = {
         "-p384       Measure ECC using P-384 curve.\n",
         "-p521       Measure ECC using P-521 curve.\n",
         "-ecc-all    Bench all enabled ECC curves.\n",
-        "-<alg>      アルゴリズム�ベン�マークを実施���。\n            利用�能�アルゴリズム�下記を����:\n",
-        "-lng <num>  指定�れ�言語�ベン�マーク�果を表示���。\n            0: 英語� 1: 日本語\n",
+       ("-<alg>      アルゴリズム�ベン�マークを実施���。\n"
+        "            利用�能�アルゴリズム�下記を����:\n"
+       ),
+       ("-lng <num>  指定�れ�言語�ベン�マーク�果を表示���。\n"
+        "            0: 英語� 1: 日本語\n"
+       ),
         "<num>       ブロックサイズを�イト���指定���。\n",
         "-blocks <num>  TBD.\n",
         "-threads <num> 実行�るスレッド数\n",
-        "-print      ベン�マーク統計��約を表示�る\n"
+        "-print      ベン�マーク統計��約を表示�る\n",
+        /* TODO: translate below */
+        "-hash_input   <file>   Input data to use for hash benchmarking\n",
+        "-cipher_input <file>   Input data to use for cipher benchmarking\n",
+        "-min_runs     <num>    Specify minimum number of operation runs\n"
     },
 #endif
 };
@@ -919,7 +1134,13 @@ static const char* bench_Usage_msg1[][21] = {
 #endif
 
 static const char* bench_result_words1[][4] = {
-    { "took", "seconds" , "Cycles per byte", NULL },           /* 0 English  */
+    { "took",
+#ifdef BENCH_MICROSECOND
+      "microseconds"
+#else
+      "seconds"
+#endif
+    , "Cycles per byte", NULL }, /* 0 English */
 #ifndef NO_MULTIBYTE_PRINT
     { "を"   , "秒�処�", "1�イト��り�サイクル数", NULL },     /* 1 Japanese */
 #endif
@@ -942,6 +1163,15 @@ static const char* bench_desc_words[][15] = {
 
 #endif
 
+#ifdef MULTI_VALUE_STATISTICS
+static const char* bench_result_words3[][5] = {
+    /* 0 English  */
+    { "max duration", "min duration" , "mean duration", "sd", NULL },
+    /* TODO: Add japenese version */
+    { "max duration", "min duration" , "mean duration", "sd", NULL }
+};
+#endif
+
 #if defined(__GNUC__) && defined(__x86_64__) && !defined(NO_ASM) && !defined(WOLFSSL_SGX)
     #define HAVE_GET_CYCLES
     static WC_INLINE word64 get_intel_cycles(void);
@@ -950,15 +1180,15 @@ static const char* bench_desc_words[][15] = {
     #define BEGIN_INTEL_CYCLES total_cycles = get_intel_cycles();
     #define END_INTEL_CYCLES   total_cycles = get_intel_cycles() - total_cycles;
     /* s == size in bytes that 1 count represents, normally BENCH_SIZE */
-    #define SHOW_INTEL_CYCLES(b, n, s)                                          \
-        (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b),                     \
-            " %s = " FLT_FMT_PREC2 "\n",                                        \
-            bench_result_words1[lng_index][2],                                  \
-            FLT_FMT_PREC2_ARGS(6, 2, count == 0 ? 0 :                           \
+    #define SHOW_INTEL_CYCLES(b, n, s)                                         \
+        (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b),                    \
+            " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR,                     \
+            bench_result_words1[lng_index][2],                                 \
+            FLT_FMT_PREC2_ARGS(6, 2, count == 0 ? 0 :                          \
             (double)total_cycles / ((word64)count*(s))))
-    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                      \
-        (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), FLT_FMT_PREC ",\n", \
-            FLT_FMT_PREC_ARGS(6, count == 0 ? 0 :                               \
+    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                     \
+        (void)XSNPRINTF((b) + XSTRLEN(b), (n) - XSTRLEN(b), FLT_FMT_PREC ","   \
+            STATS_CLAUSE_SEPARATOR, FLT_FMT_PREC_ARGS(6, count == 0 ? 0 :      \
             (double)total_cycles / ((word64)count*(s))))
 #elif defined(LINUX_CYCLE_COUNT)
     #include <linux/perf_event.h>
@@ -983,14 +1213,16 @@ static const char* bench_desc_words[][15] = {
     } while (0);
 
     /* s == size in bytes that 1 count represents, normally BENCH_SIZE */
-    #define SHOW_INTEL_CYCLES(b, n, s)                                          \
-        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),                         \
-            " %s = " FLT_FMT_PREC2 "\n",                                        \
-        bench_result_words1[lng_index][2],                                      \
-                        FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)))
-    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                      \
-        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n",     \
-            FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
+    #define SHOW_INTEL_CYCLES(b, n, s)                                         \
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),                        \
+            " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR,                     \
+        bench_result_words1[lng_index][2],                                     \
+                        FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles /        \
+                            (count*s)))
+    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                     \
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ","       \
+            STATS_CLAUSE_SEPARATOR, FLT_FMT_PREC_ARGS(6, (double)total_cycles  \
+                / (count*s)))
 
 #elif defined(SYNERGY_CYCLE_COUNT)
     #include "hal_data.h"
@@ -1002,76 +1234,166 @@ static const char* bench_desc_words[][15] = {
     #define END_INTEL_CYCLES   total_cycles =  DWT->CYCCNT - begin_cycles;
 
     /* s == size in bytes that 1 count represents, normally BENCH_SIZE */
-    #define SHOW_INTEL_CYCLES(b, n, s)                                          \
-        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),                         \
-        " %s = " FLT_FMT_PREC2 "\n",                                            \
-        bench_result_words1[lng_index][2],                                      \
+    #define SHOW_INTEL_CYCLES(b, n, s)                                         \
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),                        \
+        " %s = " FLT_FMT_PREC2 STATS_CLAUSE_SEPARATOR,                         \
+        bench_result_words1[lng_index][2],                                     \
             FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)))
-    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                      \
-        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n",     \
+    #define SHOW_INTEL_CYCLES_CSV(b, n, s)                                     \
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n",    \
             FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
 #elif defined(WOLFSSL_ESPIDF)
-    static THREAD_LS_T word64 begin_cycles;
-    static THREAD_LS_T word64 total_cycles;
-
-    /* the return value */
-    static THREAD_LS_T word64 _xthal_get_ccount_ex = 0;
-
-    /* the last value seen, adjusted for an overflow */
-    static THREAD_LS_T word64 _xthal_get_ccount_last = 0;
-
     /* TAG for ESP_LOGx() */
     static const char* TAG = "wolfssl_benchmark";
 
-    #define HAVE_GET_CYCLES
-    #define INIT_CYCLE_COUNTER
-    static WC_INLINE word64 get_xtensa_cycles(void);
+    static THREAD_LS_T word64 begin_cycles;
+    static THREAD_LS_T word64 begin_cycles_ticks;
+    static THREAD_LS_T word64 end_cycles;
+    static THREAD_LS_T word64 total_cycles;
 
-    /* WARNING the hal UINT xthal_get_ccount() quietly rolls over. */
-    #define BEGIN_ESP_CYCLES begin_cycles = (get_xtensa_cycles());
+    /* the return value, as a global var */
+    static THREAD_LS_T word64 _esp_get_cycle_count_ex = 0;
+
+    /* the last value seen, adjusted for an overflow, as a global var */
+    static THREAD_LS_T word64 _esp_cpu_count_last = 0;
+
+    static THREAD_LS_T TickType_t last_tickCount = 0; /* last FreeRTOS value */
+
+    /* esp_get_cpu_benchmark_cycles(void):
+     *
+     *   Architecture-independant CPU clock counter.
+     *   WARNING: the hal UINT xthal_get_ccount() quietly rolls over. */
+    static WC_INLINE word64 esp_get_cpu_benchmark_cycles(void);
+
+    /* Some vars for debugging, compare ticks to cycles */
+    #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+        static THREAD_LS_T word64 _esp_cpu_timer_last = 0;
+        static THREAD_LS_T word64 _esp_cpu_timer_diff = 0;
+        static THREAD_LS_T word64 _xthal_get_ccount_exAlt = 0;
+        static THREAD_LS_T word64 _xthal_get_ccount_exDiff = 0;
+    #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+    /* The ESP32 (both Xtensa and RISC-V have raw CPU counters). */
+    #if ESP_IDF_VERSION_MAJOR >= 5
+        /* esp_cpu_set_cycle_count() introduced in ESP-IDF v5 */
+        #define HAVE_GET_CYCLES
+        #define INIT_CYCLE_COUNTER do {          \
+            ESP_LOGV(TAG, "INIT_CYCLE_COUNTER"); \
+            esp_cpu_set_cycle_count(0);          \
+        } while (0);
+    #else
+        #define HAVE_GET_CYCLES
+        #define INIT_CYCLE_COUNTER do {          \
+            ESP_LOGV(TAG, "INIT_CYCLE_COUNTER"); \
+        } while (0);
+    #endif
+
+    #define BEGIN_ESP_CYCLES do {                        \
+        ESP_LOGV(TAG, "BEGIN_ESP_CYCLES");               \
+        begin_cycles = esp_get_cpu_benchmark_cycles();   \
+        begin_cycles_ticks = xTaskGetTickCount();        \
+    } while (0);
 
     /* since it rolls over, we have something that will tolerate one */
-    #define END_ESP_CYCLES                                          \
-        ESP_LOGV(TAG,"%llu - %llu",                                 \
-                     get_xtensa_cycles(),                           \
-                     begin_cycles                                   \
-                );                                                  \
-                total_cycles = (get_xtensa_cycles() - begin_cycles);
+    #define END_ESP_CYCLES                                             \
+        end_cycles = esp_get_cpu_benchmark_cycles();                   \
+        ESP_LOGV(TAG,"END_ESP_CYCLES %llu - %llu",                     \
+                     end_cycles,                                       \
+                     begin_cycles                                      \
+                );                                                     \
+        total_cycles = (end_cycles - begin_cycles);
 
     #define SHOW_ESP_CYCLES(b, n, s) \
-        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),             \
-            " %s = " FLT_FMT_PREC2 "\n",                            \
-                        bench_result_words1[lng_index][2],          \
-                        FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)) \
-                       )
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b),                \
+            " %s = " FLT_FMT_PREC2 "\n",                               \
+            bench_result_words1[lng_index][2],                         \
+            FLT_FMT_PREC2_ARGS(6, 2, (double)total_cycles / (count*s)) \
+        )
 
     #define SHOW_ESP_CYCLES_CSV(b, n, s) \
-              (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
-              FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
+        (void)XSNPRINTF(b + XSTRLEN(b), n - XSTRLEN(b), FLT_FMT_PREC ",\n", \
+            FLT_FMT_PREC_ARGS(6, (double)total_cycles / (count*s)))
 
-    /* xthal_get_ccount_ex() is a single-overflow-tolerant extension to
-    ** the Espressif `unsigned xthal_get_ccount()` which is known to overflow
+    #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+        /* 64 bit, unisgned, absolute difference
+         * used in CPU cycle counter debug calcs. */
+        static uint64_t esp_cycle_abs_diff(uint64_t x, uint64_t y)
+        {
+            uint64_t ret;
+            ret =  (x > y) ? (x - y) : (y - x);
+            return ret;
+        }
+    #endif
+
+    /* esp_get_cycle_count_ex() is a single-overflow-tolerant extension to
+    ** the Espressif `unsigned xthal_get_ccount()` (Xtensa) or
+    ** `esp_cpu_get_cycle_count` (RISC-V) which are known to overflow
     ** at least once during full benchmark tests.
+    **
+    ** To test timing overflow, add a delay longer than max cycles:
+    **   vTaskDelay( (const TickType_t)(configTICK_RATE_HZ * 17 * 5) );
     */
-    uint64_t xthal_get_ccount_ex()
+    uint64_t esp_get_cycle_count_ex()
     {
-        /* reminder: unsigned long long max = 18,446,744,073,709,551,615 */
-
-        /* the currently observed clock counter value */
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-        uint64_t thisVal = 0;
-        ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisVal));
+        /* reminder: unsigned long long max = 18,446,744,073,709,551,615    */
+        /*           unsigned int max       =              4,294,967,295    */
+        uint64_t thisVal = 0; /* CPU counter, "this current value" as read. */
+        uint64_t thisIncrement = 0; /* The adjusted increment amount.       */
+        uint64_t expected_diff = 0; /* FreeRTOS esimated expected CPU diff. */
+    #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+        uint32_t tickCount = 0; /* Currrent rtos tick counter.              */
+        uint32_t tickDiff = 0;  /* Tick difference from last check.         */
+        uint32_t tickBeginDiff = 0; /* Tick difference from beginning.      */
+    #endif
+
+    #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+        defined(CONFIG_IDF_TARGET_ESP32C3) || \
+        defined(CONFIG_IDF_TARGET_ESP32C6)
+
+        #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+            uint64_t thisTimerVal = 0; /* Timer Value as alternate to compare */
+            uint64_t diffDiff = 0;     /* Difference between CPU & Timer differences:
+                                        * (current - last) */
+            ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer, &thisTimerVal));
+            thisTimerVal = thisTimerVal * RESOLUTION_SCALE;
+        #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+        thisVal = esp_cpu_get_cycle_count();
+
+    #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+        thisVal = esp_cpu_get_cycle_count();
     #else
-        /* reminder unsupported CONFIG_IDF_TARGET captured above */
-        uint64_t thisVal = xthal_get_ccount();
+        /* TODO: Why doesn't esp_cpu_get_cycle_count work for Xtensa?
+         * Calling current_time(1) to reset time causes thisVal overflow,
+         * on Xtensa, but not on RISC-V architecture. See also, below */
+        #ifndef __XTENSA__
+            thisVal = esp_cpu_get_cycle_count();
+        #else
+            thisVal = xthal_get_ccount(); /* or esp_cpu_get_cycle_count(); */
+        #endif
     #endif
-        /* if the current value is less than the previous value,
-        ** we likely overflowed at least once.
-        */
-        if (thisVal < _xthal_get_ccount_last)
+
+        #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+        {
+            tickCount = xTaskGetTickCount(); /* Our local FreeRTOS tick count */
+            tickDiff = tickCount - last_tickCount; /* ticks since bench start */
+            expected_diff = CPU_TICK_CYCLES * tickDiff; /* CPU expected count */
+            ESP_LOGV(TAG, "CPU_TICK_CYCLES = %d", (int)CPU_TICK_CYCLES);
+            ESP_LOGV(TAG, "tickCount           = %lu", tickCount);
+            ESP_LOGV(TAG, "last_tickCount      = %lu", last_tickCount);
+            ESP_LOGV(TAG, "tickDiff            = %lu", tickDiff);
+            ESP_LOGV(TAG, "expected_diff1      = %llu", expected_diff);
+        }
+        #endif
+
+        /* If either thisVal is smaller than last (overflow), and/or the
+         * expected value calculated from FreeRTOS tick difference that would
+         * have never fit into an unsigned 32 bit integer anyhow... then we
+         * need to adjust thisVal to save. */
+        if ( (thisVal < _esp_cpu_count_last) || (expected_diff > UINT_MAX) )
         {
-            /* Warning: we assume the return type of xthal_get_ccount()
-            ** will always be unsigned int to add UINT_MAX.
+            /* Warning: we assume the return type of esp_cpu_get_cycle_count()
+            ** will always be unsigned int (or uint32_t) to add UINT_MAX.
             **
             ** NOTE for long duration between calls with multiple overflows:
             **
@@ -1082,22 +1404,113 @@ static const char* bench_desc_words[][15] = {
             ** as well call xthal_get_ccount_ex() with no more than one
             ** overflow CPU tick count, all will be well.
             */
-            ESP_LOGV(TAG, "Alert: Detected xthal_get_ccount overflow, "
-                          "adding %ull", UINT_MAX);
-            thisVal += (word64)UINT_MAX;
+            #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+                ESP_LOGW(TAG,
+                    "Alert: Detected xthal_get_ccount overflow at %llu, "
+                              "adding UINT_MAX.",
+                    thisVal);
+            #endif
+
+            /* double check expected diff calc */
+            #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+              expected_diff = (CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ * MILLION_VALUE)
+                              * tickDiff / configTICK_RATE_HZ;
+              ESP_LOGI(TAG, "expected_diff2      = %llu", expected_diff);
+            #endif
+            if (expected_diff > UINT_MAX) {
+                /* The number of cycles expected from FreeRTOS ticks is
+                 * greater than the maximum size of an unsigned 32-bit
+                 * integer, meaning multiple overflows occured. */
+                #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+                    ESP_LOGW(TAG, "expected_diff > UINT_MAX (%u)", UINT_MAX);
+                #endif
+                thisVal += expected_diff; /* FreeRTOS calc to our 64 bit val */
+            }
+            else {
+                thisVal += (word64)UINT_MAX; /* add 32 bit max to our 64 bit */
+            }
+
+            #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+            {
+                tickBeginDiff = tickCount - begin_cycles_ticks;
+
+                ESP_LOGI(TAG, "begin_cycles_ticks  = %llu", begin_cycles_ticks);
+                ESP_LOGI(TAG, "tickDiff            = %lu", tickDiff);
+                ESP_LOGI(TAG, "expected_diff       = %llu", expected_diff);
+                ESP_LOGI(TAG, "tickBeginDiff       = %lu", tickBeginDiff);
+
+                ESP_LOGW(TAG, "");
+            }
+            #endif
         }
+        else {
+            #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+                ESP_LOGI(TAG, "thisVal, read CPU   = %llu", thisVal);
+            #endif
+        } /* if thisVal adjustment check */
+
+        #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+            if (thisTimerVal < _esp_cpu_timer_last)
+            {
+                ESP_LOGW(TAG, "Alert: Detected xthal_get_ccountAlt overflow, "
+                              "adding %ull", UINT_MAX);
+                thisTimerVal += (word64)UINT_MAX;
+            }
+            /* Check an alternate counter using a timer */
 
-        /* adjust our actual returned value that takes into account overflow */
-        _xthal_get_ccount_ex += (thisVal - _xthal_get_ccount_last);
+            _esp_cpu_timer_diff      = esp_cycle_abs_diff(_esp_cpu_count_last, _esp_cpu_timer_last);
+        #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
 
-        /* all of this took some time, so reset the "last seen" value */
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-        ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer,
-                                              &_xthal_get_ccount_last));
-    #else
-         _xthal_get_ccount_last = xthal_get_ccount();
-    #endif
-        return _xthal_get_ccount_ex;
+        /* Adjust our actual returned value that takes into account overflow,
+         * increment 64 bit extended total by this 32 bit differential: */
+        thisIncrement = (thisVal - _esp_cpu_count_last);
+
+        #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+            ESP_LOGI(TAG, "thisIncrement       = %llu", thisIncrement);
+        #endif
+
+        /* Add our adjustment, taking into account overflows (see above) */
+        _esp_get_cycle_count_ex += thisIncrement;
+
+        #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+            _xthal_get_ccount_exDiff = esp_cycle_abs_diff(_esp_get_cycle_count_ex, _xthal_get_ccount_exAlt);
+            _xthal_get_ccount_exAlt += (thisTimerVal - _esp_cpu_timer_last);
+            diffDiff                 = esp_cycle_abs_diff(_xthal_get_ccount_exDiff, _esp_cpu_timer_diff);
+        #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+
+        /* all of this took some time, so reset the "last seen" value
+         * for the next measurement. */
+        #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+            defined(CONFIG_IDF_TARGET_ESP32C3) || \
+            defined(CONFIG_IDF_TARGET_ESP32C6)
+        {
+            #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+                ESP_ERROR_CHECK(gptimer_get_raw_count(esp_gptimer,
+                                                      &_esp_cpu_timer_last));
+                ESP_LOGI(TAG, "thisVal                  = %llu", thisVal);
+                ESP_LOGI(TAG, "thisTimerVal             = %llu", thisTimerVal);
+                ESP_LOGI(TAG, "diffDiff                 = %llu", diffDiff);
+                ESP_LOGI(TAG, "_xthal_get_ccount_exDiff = %llu", _xthal_get_ccount_exDiff);
+            #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+            _esp_cpu_count_last = esp_cpu_get_cycle_count();
+            ESP_LOGV(TAG, "_xthal_get_ccount_last   = %llu", _esp_cpu_count_last);
+        }
+        #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+            _esp_cpu_count_last = esp_cpu_get_cycle_count();
+        #else
+            /* TODO: Why doesn't esp_cpu_get_cycle_count work for Xtensa
+             * when resetting CPU cycle counter? FreeRTOS tick collison?
+             *    thisVal = esp_cpu_get_cycle_count(); See also, above
+             * or thisVal = xthal_get_ccount(); */
+            #if ESP_IDF_VERSION_MAJOR < 5
+                _esp_cpu_count_last = xthal_get_ccount();
+            #else
+                _esp_cpu_count_last = esp_cpu_get_cycle_count();
+            #endif
+        #endif
+
+        /* Return the 64 bit extended total from 32 bit counter. */
+        return _esp_get_cycle_count_ex;
     }
 
 /* implement other architecture cycle counters here */
@@ -1109,8 +1522,13 @@ static const char* bench_desc_words[][15] = {
     #define INIT_CYCLE_COUNTER
     #define BEGIN_INTEL_CYCLES
     #define END_INTEL_CYCLES
-    #define SHOW_INTEL_CYCLES(b, n, s)     b[XSTRLEN(b)] = '\n'
-    #define SHOW_INTEL_CYCLES_CSV(b, n, s)     b[XSTRLEN(b)] = '\n'
+    #ifdef MULTI_VALUE_STATISTICS
+        #define SHOW_INTEL_CYCLES(b, n, s) WC_DO_NOTHING
+        #define SHOW_INTEL_CYCLES_CSV(b, n, s) WC_DO_NOTHING
+    #else
+        #define SHOW_INTEL_CYCLES(b, n, s)     b[XSTRLEN(b)] = '\n'
+        #define SHOW_INTEL_CYCLES_CSV(b, n, s)     b[XSTRLEN(b)] = '\n'
+    #endif
 #endif
 
 /* determine benchmark buffer to use (if NO_FILESYSTEM) */
@@ -1185,7 +1603,12 @@ static const char* bench_desc_words[][15] = {
     defined(HAVE_CURVE448) || defined(HAVE_ED448) || \
     defined(WOLFSSL_HAVE_KYBER)
 static const char* bench_result_words2[][5] = {
+#ifdef BENCH_MICROSECOND
+    { "ops took", "μsec"     , "avg" , "ops/μsec", NULL },   /* 0 English
+                                                                for μsec */
+#else
     { "ops took", "sec"     , "avg" , "ops/sec", NULL },   /* 0 English  */
+#endif
 #ifndef NO_MULTIBYTE_PRINT
     { "回処�を", "秒�実施", "平�", "処�/秒", NULL },     /* 1 Japanese */
 #endif
@@ -1203,7 +1626,11 @@ static const char* bench_result_words2[][5] = {
 
     static THREAD_LS_T int devId = WOLFSSL_CAAM_DEVID;
 #else
+  #ifdef WC_USE_DEVID
+    static THREAD_LS_T int devId = WC_USE_DEVID;
+  #else
     static THREAD_LS_T int devId = INVALID_DEVID;
+  #endif
 #endif
 
 /* Asynchronous helper macros */
@@ -1215,11 +1642,15 @@ static const char* bench_result_words2[][5] = {
     static volatile int g_threadCount;
 #endif
 
-#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_CAAM)
+#if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_CAAM) || defined(WC_USE_DEVID)
     #ifndef NO_HW_BENCH
         #define BENCH_DEVID
     #endif
-    #define BENCH_DEVID_GET_NAME(useDeviceID) (useDeviceID) ? "HW" : "SW"
+    #ifndef HAVE_RENESAS_SYNC
+        #define BENCH_DEVID_GET_NAME(useDeviceID) (useDeviceID) ? "HW" : "SW"
+    #else
+        #define BENCH_DEVID_GET_NAME(useDeviceID) ""
+    #endif
 #else
     #define BENCH_DEVID_GET_NAME(useDeviceID) ""
 #endif
@@ -1242,7 +1673,8 @@ static const char* bench_result_words2[][5] = {
         /* if algo doesn't require calling again then use this flow */
         if (state == WOLF_EVENT_STATE_DONE) {
             if (callAgain) {
-                /* needs called again, so allow it and handle completion in bench_async_handle */
+                /* needs called again, so allow it and handle completion in
+                * bench_async_handle */
                 allowNext = 1;
             }
             else {
@@ -1348,7 +1780,7 @@ static const char* bench_result_words2[][5] = {
         }
         return 0;
     }
-    #define bench_async_poll(p)
+    #define bench_async_poll(p) WC_DO_NOTHING
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
 
@@ -1369,7 +1801,9 @@ static const char* bench_result_words2[][5] = {
             #define AES_AAD_OPTIONS_DEFAULT 0x3U
         #endif
     #endif
-    #define AES_AAD_STRING(s)           (aesAuthAddSz == 0 ? (s "-no_AAD") : (aesAuthAddSz == AES_AUTH_ADD_SZ ? (s) : (s "-custom")))
+    #define AES_AAD_STRING(s) \
+        (aesAuthAddSz == 0 ? (s "-no_AAD") : \
+            (aesAuthAddSz == AES_AUTH_ADD_SZ ? (s) : (s "-custom")))
     enum en_aad_options {
         AAD_SIZE_DEFAULT = 0x1U,
         AAD_SIZE_ZERO = 0x2U,
@@ -1433,6 +1867,10 @@ static word32 bench_size = BENCH_SIZE;
 static int base2 = 1;
 static int digest_stream = 1;
 
+#ifdef MULTI_VALUE_STATISTICS
+static int minimum_runs = 0;
+#endif
+
 #ifndef NO_RSA
     /* Don't measure RSA sign/verify by default */
     static int rsa_sign_verify = 0;
@@ -1459,6 +1897,10 @@ static int csv_format = 0;
 /* globals for cipher tests */
 static THREAD_LS_T byte* bench_plain = NULL;
 static THREAD_LS_T byte* bench_cipher = NULL;
+#ifndef NO_FILESYSTEM
+static THREAD_LS_T char* hash_input = NULL;
+static THREAD_LS_T char* cipher_input = NULL;
+#endif
 
 static const XGEN_ALIGN byte bench_key_buf[] =
 {
@@ -1480,7 +1922,10 @@ static const XGEN_ALIGN byte bench_iv_buf[] =
 };
 static THREAD_LS_T byte* bench_key = NULL;
 static THREAD_LS_T byte* bench_iv = NULL;
-
+#ifdef HAVE_RENESAS_SYNC
+static THREAD_LS_T byte* bench_key1 = NULL;
+static THREAD_LS_T byte* bench_key2 = NULL;
+#endif
 #ifdef WOLFSSL_STATIC_MEMORY
     #ifdef WOLFSSL_STATIC_MEMORY_TEST_SZ
         static byte gBenchMemory[WOLFSSL_STATIC_MEMORY_TEST_SZ];
@@ -1510,14 +1955,19 @@ static void benchmark_static_init(int force)
     #endif
         base2 = 1;
         digest_stream = 1;
+    #ifdef MULTI_VALUE_STATISTICS
+        minimum_runs = 0;
+    #endif
 
         bench_all = 1;
         bench_cipher_algs = 0;
         bench_digest_algs = 0;
         bench_mac_algs = 0;
+        bench_kdf_algs = 0;
         bench_asym_algs = 0;
         bench_pq_asym_algs = 0;
         bench_other_algs = 0;
+        bench_pq_hash_sig_algs = 0;
         csv_format = 0;
     }
 }
@@ -1533,11 +1983,11 @@ typedef enum bench_stat_type {
     BENCH_STAT_IGNORE,
 } bench_stat_type_t;
 
-#ifdef WC_ENABLE_BENCH_THREADING
+#ifdef WC_BENCH_TRACK_STATS
     static int gPrintStats = 0;
-
-    static pthread_mutex_t bench_lock = PTHREAD_MUTEX_INITIALIZER;
-
+    #ifdef WC_ENABLE_BENCH_THREADING
+        static pthread_mutex_t bench_lock = PTHREAD_MUTEX_INITIALIZER;
+    #endif
     #ifndef BENCH_MAX_NAME_SZ
     #define BENCH_MAX_NAME_SZ 24
     #endif
@@ -1563,8 +2013,10 @@ typedef enum bench_stat_type {
     {
         bench_stats_t* bstat = NULL;
 
+    #ifdef WC_ENABLE_BENCH_THREADING
         /* protect bench_stats_head and bench_stats_tail access */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+        THREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+    #endif
 
         if (algo != NULL) {
             /* locate existing in list */
@@ -1611,99 +2063,56 @@ typedef enum bench_stat_type {
             if (bstat->lastRet > ret)
                 bstat->lastRet = ret; /* track last error */
         }
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
-
+    #ifdef WC_ENABLE_BENCH_THREADING
+        THREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
+    #endif
         return bstat;
     }
 
     void bench_stats_print(void)
     {
         bench_stats_t* bstat;
+        int digits;
 
+    #ifdef WC_ENABLE_BENCH_THREADING
         /* protect bench_stats_head and bench_stats_tail access */
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+        THREAD_CHECK_RET(pthread_mutex_lock(&bench_lock));
+    #endif
+
+    #ifdef BENCH_MICROSECOND
+        digits = 5;
+    #else
+        digits = 3;
+    #endif
 
         for (bstat = bench_stats_head; bstat != NULL; ) {
             if (bstat->type == BENCH_STAT_SYM) {
-                printf("%-16s%s " FLT_FMT_PREC2 " %s/s\n", bstat->desc,
+                printf("%-16s%s " FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT
+                    "\n", bstat->desc,
                     BENCH_DEVID_GET_NAME(bstat->useDeviceID),
-                    FLT_FMT_PREC2_ARGS(8, 3, bstat->perfsec),
+                    FLT_FMT_PREC2_ARGS(8, digits, bstat->perfsec),
                     base2 ? "MB" : "mB");
             }
             else {
-                printf("%-5s %4d %-9s %s " FLT_FMT_PREC " ops/sec\n",
+                printf("%-5s %4d %-9s %s " FLT_FMT_PREC " ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec\n",
                     bstat->algo, bstat->strength, bstat->desc,
                     BENCH_DEVID_GET_NAME(bstat->useDeviceID),
-                    FLT_FMT_PREC_ARGS(3, bstat->perfsec));
+                    FLT_FMT_PREC_ARGS(digits, bstat->perfsec));
             }
 
             bstat = bstat->next;
         }
 
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
-    }
-
-#else /* !WC_ENABLE_BENCH_THREADING */
-
-    typedef struct bench_stats {
-        const char* algo;
-        const char* desc;
-        double perfsec;
-        const char* perftype;
-        int strength;
-        bench_stat_type_t type;
-        int ret;
-    } bench_stats_t;
-    /* 16 threads and 8 different operations. */
-    #define MAX_BENCH_STATS (16 * 8)
-    static bench_stats_t gStats[MAX_BENCH_STATS];
-    static int gStatsCount;
-
-    static bench_stats_t* bench_stats_add(bench_stat_type_t type,
-            const char* algo, int strength, const char* desc, int useDeviceID,
-            double perfsec, const char* perftype, int ret)
-    {
-        bench_stats_t* bstat = NULL;
-        if (gStatsCount >= MAX_BENCH_STATS)
-            return bstat;
-
-        bstat = &gStats[gStatsCount++];
-        bstat->algo = algo;
-        bstat->desc = desc;
-        bstat->perfsec = perfsec;
-        bstat->perftype = perftype;
-        bstat->strength = strength;
-        bstat->type = type;
-        bstat->ret = ret;
-
-        (void)useDeviceID;
-
-        return bstat;
-    }
-
-    void bench_stats_print(void)
-    {
-        int i;
-
-        for (i=0; i<gStatsCount; i++) {
-            bench_stats_t* bstat = &gStats[i];
-            if (bstat->type == BENCH_STAT_SYM) {
-                printf("%-16s " FLT_FMT_PREC2 " %s/s\n", bstat->desc,
-                       FLT_FMT_PREC2_ARGS(8, 3, bstat->perfsec),
-                    base2 ? "MB" : "mB");
-            }
-            else if (bstat->type == BENCH_STAT_ASYM) {
-                printf("%-5s %4d %-9s " FLT_FMT_PREC " ops/sec\n",
-                    bstat->algo, bstat->strength, bstat->desc,
-                       FLT_FMT_PREC_ARGS(3, bstat->perfsec));
-            }
-        }
+    #ifdef WC_ENABLE_BENCH_THREADING
+        THREAD_CHECK_RET(pthread_mutex_unlock(&bench_lock));
+    #endif
     }
-#endif /* WC_ENABLE_BENCH_THREADING */
+#endif /* WC_BENCH_TRACK_STATS */
 
 static WC_INLINE void bench_stats_init(void)
 {
-#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+#ifdef WC_BENCH_TRACK_STATS
     bench_stats_head = NULL;
     bench_stats_tail = NULL;
 #endif
@@ -1716,9 +2125,10 @@ static WC_INLINE void bench_stats_start(int* count, double* start)
     *start = current_time(1);
 
 #ifdef WOLFSSL_ESPIDF
-    ESP_LOGV(TAG, "finish total_cycles = %llu, start=" FLT_FMT,
-                   total_cycles, FLT_FMT_ARGS(*start) );
-
+    #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+        ESP_LOGI(TAG, "bench_stats_start total_cycles = %llu, start=" FLT_FMT,
+                       total_cycles, FLT_FMT_ARGS(*start) );
+    #endif
     BEGIN_ESP_CYCLES
 #else
     BEGIN_INTEL_CYCLES
@@ -1726,16 +2136,33 @@ static WC_INLINE void bench_stats_start(int* count, double* start)
 }
 
 #ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
-    #define bench_stats_start(count, start) do {                                         \
-        SAVE_VECTOR_REGISTERS(pr_err("SAVE_VECTOR_REGISTERS failed for benchmark run."); \
-                              return; );                                                 \
-        bench_stats_start(count, start);                                                 \
+    #define bench_stats_start(count, start) do {                               \
+        SAVE_VECTOR_REGISTERS(pr_err(                                          \
+            "SAVE_VECTOR_REGISTERS failed for benchmark run.");                \
+                              return; );                                       \
+        bench_stats_start(count, start);                                       \
     } while (0)
 #endif
 
 static WC_INLINE int bench_stats_check(double start)
 {
-    return ((current_time(0) - start) < BENCH_MIN_RUNTIME_SEC);
+    int ret = 0;
+    double this_current_time;
+    this_current_time = current_time(0); /* get the timestamp, no reset */
+#if defined(DEBUG_WOLFSSL_BENCHMARK_TIMING)
+    #if (WOLFSSL_ESPIDF)
+        ESP_LOGI(TAG, "bench_stats_check Current time %f, start %f",
+                        this_current_time, start );
+    #endif
+#endif
+
+    ret = ((this_current_time - start) < BENCH_MIN_RUNTIME_SEC
+#ifdef BENCH_MICROSECOND
+            * 1000000
+#endif
+           );
+
+    return ret;
 }
 
 /* return text for units and scale the value of blocks as needed */
@@ -1745,25 +2172,25 @@ static const char* get_blocktype(double* blocks)
 
 #if (  defined(WOLFSSL_BENCHMARK_FIXED_UNITS_G) || \
        defined(WOLFSSL_BENCHMARK_FIXED_UNITS_GB))
-    #undef  WOLFSSL_FIXED_UNITS_PER_SEC
-    #define WOLFSSL_FIXED_UNITS_PER_SEC "GB/s"
+    #undef  WOLFSSL_FIXED_UNIT
+    #define WOLFSSL_FIXED_UNIT "GB"
     *blocks /= (1024UL * 1024UL * 1024UL);
     rt = "GiB";
 #elif (defined(WOLFSSL_BENCHMARK_FIXED_UNITS_M) || \
        defined(WOLFSSL_BENCHMARK_FIXED_UNITS_MB))
-    #undef  WOLFSSL_FIXED_UNITS_PER_SEC
-    #define WOLFSSL_FIXED_UNITS_PER_SEC "MB/s"
+    #undef  WOLFSSL_FIXED_UNIT
+    #define WOLFSSL_FIXED_UNIT "MB"
     *blocks /= (1024UL * 1024UL);
     rt = "MiB";
 #elif (defined(WOLFSSL_BENCHMARK_FIXED_UNITS_K) || \
        defined(WOLFSSL_BENCHMARK_FIXED_UNITS_KB))
-    #undef  WOLFSSL_FIXED_UNITS_PER_SEC
-    #define WOLFSSL_FIXED_UNITS_PER_SEC "KB/s"
+    #undef  WOLFSSL_FIXED_UNIT
+    #define WOLFSSL_FIXED_UNIT "KB"
     *blocks /= 1024;
     rt = "KiB";
 #elif  defined (WOLFSSL_BENCHMARK_FIXED_UNITS_B)
-    #undef  WOLFSSL_FIXED_UNITS_PER_SEC
-    #define WOLFSSL_FIXED_UNITS_PER_SEC "bytes/s"
+    #undef  WOLFSSL_FIXED_UNIT
+    #define WOLFSSL_FIXED_UNIT "bytes"
     (void)(*blocks); /* no adjustment, just appease compiler for not used */
     rt = "bytes";
 #else
@@ -1824,6 +2251,66 @@ static const char* get_blocktype_base10(double* blocks)
     return rt;
 }
 
+#ifdef MULTI_VALUE_STATISTICS
+static double wc_sqroot(double in)
+{
+    /* do 32 iterations for the sqroot */
+    int iter = 32;
+    double root = in/3.0;
+
+    if (in < 0.0)
+        return -1;
+
+    for (int i=0; i < iter; i++)
+        root = (root + in / root) / 2.0;
+
+    return root;
+}
+
+static void bench_multi_value_stats(double max, double min, double sum,
+        double squareSum, int runs)
+{
+    double mean = 0;
+    double sd   = 0;
+    char   msg[WC_BENCH_MAX_LINE_LEN];
+    const char** word = bench_result_words3[lng_index];
+
+    XMEMSET(msg, 0, sizeof(msg));
+
+    mean = sum / runs;
+
+    /* Calculating standard deviation */
+    sd = (squareSum / runs) - (mean * mean);
+    sd = wc_sqroot(sd);
+
+    if (csv_format == 1) {
+        (void)XSNPRINTF(msg, sizeof(msg), FLT_FMT_PREC2 ","
+                FLT_FMT_PREC2 "," FLT_FMT_PREC2 "," FLT_FMT_PREC2 ",\n",
+                FLT_FMT_PREC2_ARGS(3, 3, max),
+                FLT_FMT_PREC2_ARGS(3, 3, min),
+                FLT_FMT_PREC2_ARGS(3, 3, mean),
+                FLT_FMT_PREC2_ARGS(3, 3, sd));
+    }
+    else{
+        (void)XSNPRINTF(msg, sizeof(msg), ", %s " FLT_FMT_PREC2 " "
+                WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+                WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+                WOLFSSL_FIXED_TIME_UNIT ", %s " FLT_FMT_PREC2 " "
+                WOLFSSL_FIXED_TIME_UNIT "\n",
+                word[0], FLT_FMT_PREC2_ARGS(3, 3, max),
+                word[1], FLT_FMT_PREC2_ARGS(3, 3, min),
+                word[2], FLT_FMT_PREC2_ARGS(3, 3, mean),
+                word[3], FLT_FMT_PREC2_ARGS(3, 3, sd));
+    }
+    printf("%s", msg);
+
+#ifndef WOLFSSL_SGX
+    XFFLUSH(stdout);
+#endif
+
+}
+#endif
+
 /* countSz is number of bytes that 1 count represents. Normally bench_size,
  * except for AES direct that operates on AES_BLOCK_SIZE blocks */
 static void bench_stats_sym_finish(const char* desc, int useDeviceID,
@@ -1832,7 +2319,7 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
 {
     double total, persec = 0, blocks = (double)count;
     const char* blockType;
-    char msg[__BENCHMARK_MAXIMUM_LINE_LENGTH];
+    char msg[WC_BENCH_MAX_LINE_LEN];
     const char** word = bench_result_words1[lng_index];
     static int sym_header_printed = 0;
 
@@ -1846,8 +2333,8 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
 
     total = current_time(0) - start;
 
-#ifdef WOLFSSL_ESPIDF
-    ESP_LOGV(TAG, "%s total_cycles = %llu", desc, total_cycles);
+#if defined(WOLFSSL_ESPIDF) && defined(DEBUG_WOLFSSL_BENCHMARK_TIMING)
+    ESP_LOGI(TAG, "%s total_cycles = %llu", desc, total_cycles);
 #endif
 
 #ifdef LINUX_RUSAGE_UTIME
@@ -1863,11 +2350,15 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
     /* machine parseable CSV */
     #ifdef HAVE_GET_CYCLES
-            printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,seconds_total,"
-               WOLFSSL_FIXED_UNITS_PER_SEC ",cycles_total,Cycles per byte,\n");
+            printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,"
+                WOLFSSL_FIXED_TIME_UNIT "econds_total,"
+                WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+                ",cycles_total,Cycles per byte,");
     #else
-            printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,seconds_total,"
-               WOLFSSL_FIXED_UNITS_PER_SEC ",cycles_total,\n");
+            printf("%s", "\"sym\",Algorithm,HW/SW,bytes_total,"
+                WOLFSSL_FIXED_TIME_UNIT "econds_total,"
+                WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+                ",cycles_total,");
     #endif
 #else
     /* normal CSV */
@@ -1880,14 +2371,20 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
             printf("\n\nSymmetric Ciphers:\n\n");
             printf("Algorithm,"
                BENCH_DEVID_COLUMN_HEADER
-               WOLFSSL_FIXED_UNITS_PER_SEC ",Cycles per byte,\n");
+               WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT
+               ",Cycles per byte,");
     #else
             printf("\n\nSymmetric Ciphers:\n\n");
             printf("Algorithm,"
                BENCH_DEVID_COLUMN_HEADER
-               WOLFSSL_FIXED_UNITS_PER_SEC ", \n");
+               WOLFSSL_FIXED_UNIT "/" WOLFSSL_FIXED_TIME_UNIT ",");
     #endif
 #endif
+        #ifdef MULTI_VALUE_STATISTICS
+            printf("max duration,min duration,mean duration,sd,\n");
+        #else
+            printf("\n");
+        #endif
             sym_header_printed = 1;
         }
     }
@@ -1922,9 +2419,11 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
     /* note this codepath brings in all the fields from the non-CSV case. */
     #ifdef WOLFSSL_ESPIDF
         #ifdef HAVE_GET_CYCLES
-            (void)XSNPRINTF(msg, sizeof(msg), "sym,%s,%s,%lu," FLT_FMT "," FLT_FMT ",%lu,", desc,
+            (void)XSNPRINTF(msg, sizeof(msg),
+                            "sym,%s,%s,%lu," FLT_FMT "," FLT_FMT ",%lu,", desc,
                             BENCH_DEVID_GET_NAME(useDeviceID),
-                            bytes_processed, FLT_FMT_ARGS(total), FLT_FMT_ARGS(persec),
+                            bytes_processed, FLT_FMT_ARGS(total),
+                            FLT_FMT_ARGS(persec),
                             (long unsigned int) total_cycles);
         #else
             #warning "HAVE_GET_CYCLES should be defined for WOLFSSL_ESPIDF"
@@ -1949,16 +2448,23 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
     #endif
 #elif defined(BENCH_DEVID)
         (void)XSNPRINTF(msg, sizeof(msg), "%s,%s," FLT_FMT ",", desc,
-                            BENCH_DEVID_GET_NAME(useDeviceID), FLT_FMT_ARGS(persec));
+                       BENCH_DEVID_GET_NAME(useDeviceID), FLT_FMT_ARGS(persec));
 #else
-        (void)XSNPRINTF(msg, sizeof(msg), "%s," FLT_FMT ",", desc, FLT_FMT_ARGS(persec));
+        (void)XSNPRINTF(msg, sizeof(msg), "%s," FLT_FMT ",", desc,
+            FLT_FMT_ARGS(persec));
 #endif
 
     #ifdef WOLFSSL_ESPIDF
         SHOW_ESP_CYCLES_CSV(msg, sizeof(msg), countSz);
-        ESP_LOGV(TAG, "finish total_cycles = %llu", total_cycles);
-    /* implement other cycle counters here */
+        #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+            ESP_LOGI(TAG, "bench_stats_sym_finish total_cycles = %llu",
+                           total_cycles);
+        #endif
+
+        /* implement other cycle counters here */
+
     #else
+        /* the default cycle counter is Intel */
         SHOW_INTEL_CYCLES_CSV(msg, sizeof(msg), (unsigned)countSz);
     #endif
     } /* if (csv_format == 1) */
@@ -1967,30 +2473,30 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
     #ifdef HAVE_GET_CYCLES
         (void)XSNPRINTF(msg, sizeof(msg),
+            "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
+            FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT ", %lu cycles,",
+            desc, BENCH_DEVID_GET_NAME(useDeviceID),
+            FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
+            word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+            FLT_FMT_PREC2_ARGS(8, 3, persec), blockType,
+             (unsigned long) total_cycles);
+  #else
+        (void)XSNPRINTF(msg, sizeof(msg),
                 "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
-                FLT_FMT_PREC2 " %s/s, %lu cycles,",
+                FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT ",",
                 desc, BENCH_DEVID_GET_NAME(useDeviceID),
                 FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
                 word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
-                FLT_FMT_PREC2_ARGS(8, 3, persec), blockType,
-                (unsigned long) total_cycles);
-    #else
-        (void)XSNPRINTF(msg, sizeof(msg),
-                 "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
-                 FLT_FMT_PREC2 " %s/s,",
-                 desc, BENCH_DEVID_GET_NAME(useDeviceID),
-                 FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
-                 word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
-                 FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
-    #endif /* HAVE_GET_CYCLES */
+                FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
+  #endif /* HAVE_GET_CYCLES */
 #else
         (void)XSNPRINTF(msg, sizeof(msg),
-                 "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
-                 FLT_FMT_PREC2 " %s/s",
-                 desc, BENCH_DEVID_GET_NAME(useDeviceID),
-                 FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
-                 word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
-                 FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
+                "%-24s%s " FLT_FMT_PREC2 " %s %s " FLT_FMT_PREC2 " %s, "
+                FLT_FMT_PREC2 " %s/" WOLFSSL_FIXED_TIME_UNIT,
+                desc, BENCH_DEVID_GET_NAME(useDeviceID),
+                FLT_FMT_PREC2_ARGS(5, 0, blocks), blockType,
+                word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+                FLT_FMT_PREC2_ARGS(8, 3, persec), blockType);
 #endif
 
 #ifdef WOLFSSL_ESPIDF
@@ -2014,14 +2520,18 @@ static void bench_stats_sym_finish(const char* desc, int useDeviceID,
     XFFLUSH(stdout);
 #endif
 
+#ifdef WC_BENCH_TRACK_STATS
     /* Add to thread stats */
     bench_stats_add(BENCH_STAT_SYM, desc, 0, desc, useDeviceID, persec,
         blockType, ret);
+#endif
 
     (void)useDeviceID;
     (void)ret;
 
+#ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
     RESTORE_VECTOR_REGISTERS();
+#endif
 
     TEST_SLEEP();
 } /* bench_stats_sym_finish */
@@ -2037,9 +2547,16 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
 {
     double total, each = 0, opsSec, milliEach;
     const char **word = bench_result_words2[lng_index];
+#ifdef WC_BENCH_TRACK_STATS
     const char* kOpsSec = "Ops/Sec";
+#endif
     char msg[256];
     static int asym_header_printed = 0;
+#ifdef BENCH_MICROSECOND
+    const int digits = 5;
+#else
+    const int digits = 3;
+#endif
 
     XMEMSET(msg, 0, sizeof(msg));
 
@@ -2073,48 +2590,62 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
         opsSec = 0;
     }
 
+#ifdef BENCH_MICROSECOND
+    milliEach = each / 1000;   /* milliseconds */
+#else
     milliEach = each * 1000;   /* milliseconds */
+#endif
 
     SLEEP_ON_ERROR(ret);
+
+#ifdef MULTI_VALUE_STATISTICS  /* Print without avg ms */
+    (void)milliEach;
+
     /* format and print to terminal */
     if (csv_format == 1) {
         /* only print out header once */
         if (asym_header_printed == 0) {
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
     #ifdef HAVE_GET_CYCLES
-            printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/sec,"
-                   "ops,secs,cycles,cycles/op\n");
+            printf("%s", "\"asym\",Algorithm,key size,operation,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+                    "ecs,cycles,cycles/op,");
     #else
-            printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/sec,"
-                   "ops,secs\n");
+            printf("%s", "\"asym\",Algorithm,key size,operation,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+                    "ecs,");
     #endif
 #else
             printf("\n%sAsymmetric Ciphers:\n\n", info_prefix);
-            printf("%sAlgorithm,key size,operation,avg ms,ops/sec,\n",
-                   info_prefix);
+            printf("%sAlgorithm,key size,operation,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,", info_prefix);
 #endif
+            printf("max duration,min duration,mean duration,sd,\n");
             asym_header_printed = 1;
         }
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
     #ifdef HAVE_GET_CYCLES
         (void)XSNPRINTF(msg, sizeof(msg),
-                        "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d," FLT_FMT
-                        ",%lu," FLT_FMT_PREC "\n",
-                        algo, strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
-                        FLT_FMT_PREC_ARGS(3, opsSec),
-                        count, FLT_FMT_ARGS(total), (unsigned long) total_cycles,
-                        FLT_FMT_PREC_ARGS(6, (double)total_cycles / (double)count));
+                        "asym,%s,%d,%s%s," FLT_FMT_PREC ",%d,"
+                        FLT_FMT ",%lu," FLT_FMT_PREC STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(digits, opsSec),
+                        count, FLT_FMT_ARGS(total), (unsigned long)total_cycles,
+                        FLT_FMT_PREC_ARGS(6,
+                            (double)total_cycles / (double)count));
     #else
         (void)XSNPRINTF(msg, sizeof(msg),
-                        "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d," FLT_FMT "\n",
-                        algo, strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
-                        FLT_FMT_PREC_ARGS(3, opsSec),
+                        "asym,%s,%d,%s%s," FLT_FMT_PREC ",%d,"
+                        FLT_FMT STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(digits, opsSec),
                         count, FLT_FMT_ARGS(total));
     #endif
 #else
-        (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",\n", algo,
-                        strength, desc, desc_extra, FLT_FMT_PREC_ARGS(3, milliEach),
-                        FLT_FMT_PREC_ARGS(3, opsSec));
+        (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s,"
+                        FLT_FMT_PREC "," STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(digits, opsSec));
 #endif
     } /* if (csv_format == 1) */
 
@@ -2122,30 +2653,121 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
 #ifdef GENERATE_MACHINE_PARSEABLE_REPORT
     #ifdef HAVE_GET_CYCLES
         (void)XSNPRINTF(msg, sizeof(msg),
-                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
-                        " " FLT_FMT_PREC " %s, %lu cycles\n", algo, strength, desc,
-                        desc_extra, BENCH_DEVID_GET_NAME(useDeviceID),
-                        count, word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+                        FLT_FMT_PREC " %s, %lu cycles" STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+                        FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3],
+                        (unsigned long)total_cycles);
+    #else
+        (void)XSNPRINTF(msg, sizeof(msg),
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+                        FLT_FMT_PREC " %s" STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+                        FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
+    #endif /* HAVE_GET_CYCLES */
+#else
+        (void)XSNPRINTF(msg, sizeof(msg),
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, "
+                        FLT_FMT_PREC " %s" STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+                        FLT_FMT_PREC2_ARGS(5, 3, total), word[1],
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
+#endif
+    }
+#else /* MULTI_VALUE_STATISTICS. Print with avg ms */
+    /* format and print to terminal */
+    if (csv_format == 1) {
+        /* only print out header once */
+        if (asym_header_printed == 0) {
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+    #ifdef HAVE_GET_CYCLES
+            printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+                    "ecs,cycles,cycles/op,");
+    #else
+            printf("%s", "\"asym\",Algorithm,key size,operation,avg ms,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,ops," WOLFSSL_FIXED_TIME_UNIT
+                    "ecs,");
+    #endif
+#else
+            printf("\n%sAsymmetric Ciphers:\n\n", info_prefix);
+            printf("%sAlgorithm,key size,operation,avg ms,ops/"
+                    WOLFSSL_FIXED_TIME_UNIT "ec,", info_prefix);
+#endif
+            printf("\n");
+            asym_header_printed = 1;
+        }
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+    #ifdef HAVE_GET_CYCLES
+        (void)XSNPRINTF(msg, sizeof(msg),
+                        "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d,"
+                        FLT_FMT ",%lu," FLT_FMT_PREC STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(3, milliEach),
+                        FLT_FMT_PREC_ARGS(digits, opsSec),
+                        count, FLT_FMT_ARGS(total), (unsigned long)total_cycles,
+                        FLT_FMT_PREC_ARGS(6,
+                            (double)total_cycles / (double)count));
+    #else
+        (void)XSNPRINTF(msg, sizeof(msg),
+                        "asym,%s,%d,%s%s," FLT_FMT_PREC "," FLT_FMT_PREC ",%d,"
+                        FLT_FMT STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(3, milliEach),
+                        FLT_FMT_PREC_ARGS(digits, opsSec),
+                        count, FLT_FMT_ARGS(total));
+    #endif
+#else
+        (void)XSNPRINTF(msg, sizeof(msg), "%s,%d,%s%s," FLT_FMT_PREC ","
+                        FLT_FMT_PREC "," STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        FLT_FMT_PREC_ARGS(3, milliEach),
+                        FLT_FMT_PREC_ARGS(digits, opsSec));
+#endif
+    } /* if (csv_format == 1) */
+
+    else {
+#ifdef GENERATE_MACHINE_PARSEABLE_REPORT
+    #ifdef HAVE_GET_CYCLES
+        (void)XSNPRINTF(msg, sizeof(msg),
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+                        FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s, %lu cycles"
+                        STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+                        FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
                         FLT_FMT_PREC2_ARGS(5, 3, milliEach),
-                        FLT_FMT_PREC_ARGS(3, opsSec), word[3], (unsigned long) total_cycles);
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3],
+                        (unsigned long)total_cycles);
     #else
         (void)XSNPRINTF(msg, sizeof(msg),
-                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
-                        " " FLT_FMT_PREC " %s\n", algo, strength, desc,
-                        desc_extra, BENCH_DEVID_GET_NAME(useDeviceID),
-                        count, word[0], FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+                        FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s"
+                        STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
+                        BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
+                        FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
                         FLT_FMT_PREC2_ARGS(5, 3, milliEach),
-                        FLT_FMT_PREC_ARGS(3, opsSec), word[3]);
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
     #endif /* HAVE_GET_CYCLES */
 #else
         (void)XSNPRINTF(msg, sizeof(msg),
-                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s " FLT_FMT_PREC2 " ms,"
-                        " " FLT_FMT_PREC " %s\n", algo, strength, desc, desc_extra,
+                        "%-6s %5d %8s%-2s %s %6d %s " FLT_FMT_PREC2 " %s, %s "
+                        FLT_FMT_PREC2 " ms, " FLT_FMT_PREC " %s"
+                        STATS_CLAUSE_SEPARATOR,
+                        algo, strength, desc, desc_extra,
                         BENCH_DEVID_GET_NAME(useDeviceID), count, word[0],
                         FLT_FMT_PREC2_ARGS(5, 3, total), word[1], word[2],
-                        FLT_FMT_PREC2_ARGS(5, 3, milliEach), FLT_FMT_PREC_ARGS(3, opsSec), word[3]);
+                        FLT_FMT_PREC2_ARGS(5, 3, milliEach),
+                        FLT_FMT_PREC_ARGS(digits, opsSec), word[3]);
 #endif
     }
+#endif /* MULTI_VALUE_STATISTICS */
     printf("%s", msg);
 
     /* show errors */
@@ -2158,14 +2780,18 @@ static void bench_stats_asym_finish_ex(const char* algo, int strength,
     XFFLUSH(stdout);
 #endif
 
+#ifdef WC_BENCH_TRACK_STATS
     /* Add to thread stats */
     bench_stats_add(BENCH_STAT_ASYM, algo, strength, desc, useDeviceID, opsSec,
                     kOpsSec, ret);
+#endif
 
     (void)useDeviceID;
     (void)ret;
 
+#ifdef WOLFSSL_LINUXKM_USE_SAVE_VECTOR_REGISTERS
     RESTORE_VECTOR_REGISTERS();
+#endif
 
     TEST_SLEEP();
 } /* bench_stats_asym_finish_ex */
@@ -2181,7 +2807,7 @@ static void bench_stats_asym_finish(const char* algo, int strength,
 
 static WC_INLINE void bench_stats_free(void)
 {
-#if defined(WOLFSSL_ASYNC_CRYPT) && !defined(WC_NO_ASYNC_THREADING)
+#ifdef WC_BENCH_TRACK_STATS
     bench_stats_t* bstat;
     for (bstat = bench_stats_head; bstat != NULL; ) {
         bench_stats_t* next = bstat->next;
@@ -2200,7 +2826,7 @@ static WC_INLINE void bench_stats_free(void)
 
 static void* benchmarks_do(void* args)
 {
-    int bench_buf_size;
+    long bench_buf_size;
 
 #ifdef WOLFSSL_ASYNC_CRYPT
 #ifndef WC_NO_ASYNC_THREADING
@@ -2284,8 +2910,101 @@ static void* benchmarks_do(void* args)
         printf("%sBenchmark block buffer alloc failed!\n", err_prefix);
         goto exit;
     }
-    XMEMSET(bench_plain, 0, (size_t)bench_buf_size);
-    XMEMSET(bench_cipher, 0, (size_t)bench_buf_size);
+
+#ifndef NO_FILESYSTEM
+    if (hash_input) {
+        int    rawSz;
+        XFILE  file;
+        file = XFOPEN(hash_input, "rb");
+        if (file == XBADFILE)
+            goto exit;
+
+        if (XFSEEK(file, 0, XSEEK_END) != 0) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        bench_buf_size = XFTELL(file);
+        if(XFSEEK(file, 0, XSEEK_SET) != 0) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        XFREE(bench_plain, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+        rawSz = (int)bench_buf_size;
+        if (bench_buf_size % 16)
+            bench_buf_size += 16 - (bench_buf_size % 16);
+
+        bench_size = (word32)bench_buf_size;
+
+        bench_plain = (byte*)XMALLOC((size_t)bench_buf_size + 16*2,
+                                 HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+        if (bench_plain == NULL) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        if ((size_t)XFREAD(bench_plain, 1, rawSz, file)
+                != (size_t)rawSz) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        XFCLOSE(file);
+    }
+    else {
+        XMEMSET(bench_plain, 0, (size_t)bench_buf_size);
+    }
+
+    if (cipher_input) {
+        int    rawSz;
+        XFILE  file;
+        file = XFOPEN(cipher_input, "rb");
+        if (file == XBADFILE)
+            goto exit;
+
+        if (XFSEEK(file, 0, XSEEK_END) != 0) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        bench_buf_size = XFTELL(file);
+        if(XFSEEK(file, 0, XSEEK_SET) != 0) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        XFREE(bench_cipher, HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+        rawSz = (int)bench_buf_size;
+        if (bench_buf_size % 16)
+            bench_buf_size += 16 - (bench_buf_size % 16);
+
+        if (bench_size > (word32)bench_buf_size)
+            bench_size = (word32)bench_buf_size;
+
+        bench_cipher = (byte*)XMALLOC((size_t)bench_buf_size + 16*2,
+                                 HEAP_HINT, DYNAMIC_TYPE_WOLF_BIGINT);
+
+        if (bench_cipher == NULL) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        if ((size_t)XFREAD(bench_cipher, 1, rawSz, file)
+                != (size_t)rawSz) {
+            XFCLOSE(file);
+            goto exit;
+        }
+
+        XFCLOSE(file);
+    }
+    else {
+        XMEMSET(bench_cipher, 0, (size_t)bench_buf_size);
+    }
+#endif
 
 #if defined(WOLFSSL_ASYNC_CRYPT) || defined(HAVE_INTEL_QA_SYNC)
     bench_key = (byte*)XMALLOC(sizeof(bench_key_buf),
@@ -2303,6 +3022,11 @@ static void* benchmarks_do(void* args)
     }
     XMEMCPY(bench_key, bench_key_buf, sizeof(bench_key_buf));
     XMEMCPY(bench_iv, bench_iv_buf, sizeof(bench_iv_buf));
+#elif defined(HAVE_RENESAS_SYNC)
+    bench_key1 = (byte*)guser_PKCbInfo.wrapped_key_aes128;
+    bench_key2 = (byte*)guser_PKCbInfo.wrapped_key_aes256;
+    bench_key = (byte*)bench_key_buf;
+    bench_iv = (byte*)bench_iv_buf;
 #else
     bench_key = (byte*)bench_key_buf;
     bench_iv = (byte*)bench_iv_buf;
@@ -2318,7 +3042,7 @@ static void* benchmarks_do(void* args)
     #ifndef NO_SW_BENCH
         bench_aescbc(0);
     #endif
-    #if defined(BENCH_DEVID) || defined(HAVE_RENESAS_SYNC)
+    #if defined(BENCH_DEVID)
         bench_aescbc(1);
     #endif
     }
@@ -2334,8 +3058,12 @@ static void* benchmarks_do(void* args)
         !defined(NO_HW_BENCH)
         bench_aes_aad_options_wrap(bench_aesgcm, 1);
     #endif
-
-        bench_gmac();
+    #ifndef NO_SW_BENCH
+        bench_gmac(0);
+    #endif
+    #if defined(BENCH_DEVID)
+        bench_gmac(1);
+    #endif
     }
 #endif
 #ifdef HAVE_AES_ECB
@@ -2386,6 +3114,18 @@ static void* benchmarks_do(void* args)
     if (bench_all || (bench_cipher_algs & BENCH_CAMELLIA))
         bench_camellia();
 #endif
+#ifdef WOLFSSL_SM4_CBC
+    if (bench_all || (bench_cipher_algs & BENCH_SM4_CBC))
+        bench_sm4_cbc();
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    if (bench_all || (bench_cipher_algs & BENCH_SM4_GCM))
+        bench_sm4_gcm();
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    if (bench_all || (bench_cipher_algs & BENCH_SM4_CCM))
+        bench_sm4_ccm();
+#endif
 #ifndef NO_RC4
     if (bench_all || (bench_cipher_algs & BENCH_ARC4)) {
     #ifndef NO_SW_BENCH
@@ -2565,6 +3305,16 @@ static void* benchmarks_do(void* args)
     }
     #endif /* WOLFSSL_SHAKE256 */
 #endif
+#ifdef WOLFSSL_SM3
+    if (bench_all || (bench_digest_algs & BENCH_SM3)) {
+    #ifndef NO_SW_BENCH
+        bench_sm3(0);
+    #endif
+    #ifdef BENCH_DEVID
+        bench_sm3(1);
+    #endif
+    }
+#endif
 #ifdef WOLFSSL_RIPEMD
     if (bench_all || (bench_digest_algs & BENCH_RIPEMD))
         bench_ripemd();
@@ -2652,12 +3402,18 @@ static void* benchmarks_do(void* args)
             bench_pbkdf2();
         }
     #endif
-    #ifdef WOLFSSL_SIPHASH
-        if (bench_all || (bench_mac_algs & BENCH_SIPHASH)) {
-            bench_siphash();
-        }
-    #endif
 #endif /* NO_HMAC */
+#ifdef WOLFSSL_SIPHASH
+    if (bench_all || (bench_mac_algs & BENCH_SIPHASH)) {
+        bench_siphash();
+    }
+#endif
+
+#ifdef WC_SRTP_KDF
+    if (bench_all || (bench_kdf_algs & BENCH_SRTP_KDF)) {
+        bench_srtpkdf();
+    }
+#endif
 
 #ifdef HAVE_SCRYPT
     if (bench_all || (bench_other_algs & BENCH_SCRYPT))
@@ -2665,6 +3421,7 @@ static void* benchmarks_do(void* args)
 #endif
 
 #ifndef NO_RSA
+#ifndef HAVE_RENESAS_SYNC
     #ifdef WOLFSSL_KEY_GEN
         if (bench_all || (bench_asym_algs & BENCH_RSA_KEYGEN)) {
         #ifndef NO_SW_BENCH
@@ -2706,6 +3463,7 @@ static void* benchmarks_do(void* args)
     }
     #endif
 #endif
+#endif
 
 #ifndef NO_DH
     if (bench_all || (bench_asym_algs & BENCH_DH)) {
@@ -2732,6 +3490,18 @@ static void* benchmarks_do(void* args)
     }
 #endif
 
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+    if (bench_all || (bench_pq_hash_sig_algs & BENCH_LMS_HSS)) {
+        bench_lms();
+    }
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+    if (bench_all || (bench_pq_hash_sig_algs & BENCH_XMSS_XMSSMT)) {
+        bench_xmss();
+    }
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY) */
+
 #ifdef HAVE_ECC
     if (bench_all || (bench_asym_algs & BENCH_ECC_MAKEKEY) ||
             (bench_asym_algs & BENCH_ECC) ||
@@ -2754,7 +3524,7 @@ static void* benchmarks_do(void* args)
 
             do {
             #ifdef WOLFCRYPT_HAVE_SAKKE
-                /* SAKKE is not useable with ECDH/ECDSA. Run separate test. */
+                /* SAKKE is not usable with ECDH/ECDSA. Run separate test. */
                 if (curveId == ECC_SAKKE_1) {
                     curveId++;
                     continue;
@@ -2795,6 +3565,11 @@ static void* benchmarks_do(void* args)
         }
     }
 #endif
+#ifdef WOLFSSL_SM2
+    if (bench_all || (bench_asym_algs & BENCH_SM2)) {
+        bench_sm2(0);
+    }
+#endif
 
 #ifdef HAVE_CURVE25519
     if (bench_all || (bench_asym_algs & BENCH_CURVE25519_KEYGEN)) {
@@ -3004,7 +3779,7 @@ int benchmark_free(void)
 {
     int ret;
 
-#ifdef WC_ENABLE_BENCH_THREADING
+#ifdef WC_BENCH_TRACK_STATS
     if (gPrintStats || devId != INVALID_DEVID) {
         bench_stats_print();
     }
@@ -3075,12 +3850,12 @@ static int benchmark_test_threaded(void* args)
     }
 
     for (i = 0; i < g_threadCount; i++) {
-        PTHREAD_CHECK_RET(pthread_create(&g_threadData[i].thread_id,
+        THREAD_CHECK_RET(pthread_create(&g_threadData[i].thread_id,
                                          NULL, run_bench, args));
     }
 
     for (i = 0; i < g_threadCount; i++) {
-        PTHREAD_CHECK_RET(pthread_join(g_threadData[i].thread_id, 0));
+        THREAD_CHECK_RET(pthread_join(g_threadData[i].thread_id, 0));
     }
 
     printf("\n");
@@ -3181,6 +3956,7 @@ void bench_rng(void)
     double start;
     long   pos, len, remain;
     WC_RNG myrng;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
 #ifndef HAVE_FIPS
     ret = wc_InitRng_ex(&myrng, HEAP_HINT, devId);
@@ -3210,11 +3986,19 @@ void bench_rng(void)
                 remain -= len;
                 pos += len;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
 exit_rng:
     bench_stats_sym_finish("RNG", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeRng(&myrng);
 }
@@ -3232,6 +4016,7 @@ static void bench_aescbc_internal(int useDeviceID,
     int    ret = 0, i, count = 0, times, pending = 0;
     Aes    enc[BENCH_MAX_PENDING];
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* clear for done cleanup */
     XMEMSET(enc, 0, sizeof(enc));
@@ -3269,13 +4054,21 @@ static void bench_aescbc_internal(int useDeviceID,
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
 
 exit_aes_enc:
     bench_stats_sym_finish(encLabel, useDeviceID, count,
                            bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     if (ret < 0) {
         goto exit;
@@ -3291,6 +4084,8 @@ exit_aes_enc:
         }
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (times = 0; times < numBlocks || pending > 0; ) {
@@ -3309,12 +4104,21 @@ exit_aes_enc:
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
 exit_aes_dec:
     bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 #endif /* HAVE_AES_DECRYPT */
 
@@ -3329,17 +4133,27 @@ exit:
 void bench_aescbc(int useDeviceID)
 {
 #ifdef WOLFSSL_AES_128
+#ifdef HAVE_RENESAS_SYNC
+    bench_aescbc_internal(useDeviceID, bench_key1, 16, bench_iv,
+                 "AES-128-CBC-enc", "AES-128-CBC-dec");
+#else
     bench_aescbc_internal(useDeviceID, bench_key, 16, bench_iv,
                  "AES-128-CBC-enc", "AES-128-CBC-dec");
 #endif
+#endif
 #ifdef WOLFSSL_AES_192
     bench_aescbc_internal(useDeviceID, bench_key, 24, bench_iv,
                  "AES-192-CBC-enc", "AES-192-CBC-dec");
 #endif
 #ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+    bench_aescbc_internal(useDeviceID, bench_key2, 32, bench_iv,
+                 "AES-256-CBC-enc", "AES-256-CBC-dec");
+#else
     bench_aescbc_internal(useDeviceID, bench_key, 32, bench_iv,
                  "AES-256-CBC-enc", "AES-256-CBC-dec");
 #endif
+#endif
 }
 
 #endif /* HAVE_AES_CBC */
@@ -3356,6 +4170,7 @@ static void bench_aesgcm_internal(int useDeviceID,
     Aes    dec[BENCH_MAX_PENDING+1];
 #endif
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
     WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -3412,16 +4227,27 @@ static void bench_aesgcm_internal(int useDeviceID,
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
 exit_aes_gcm:
     bench_stats_sym_finish(encLabel, useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
     XMEMSET(dec, 0, sizeof(dec));
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     /* init keys */
     for (i = 0; i < BENCH_MAX_PENDING; i++) {
         if ((ret = wc_AesInit(&dec[i], HEAP_HINT,
@@ -3456,13 +4282,21 @@ exit_aes_gcm:
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
 
 exit_aes_gcm_dec:
     bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 #endif /* HAVE_AES_DECRYPT */
 
     (void)decLabel;
@@ -3496,6 +4330,7 @@ static void bench_aesgcm_stream_internal(int useDeviceID,
     Aes    dec[BENCH_MAX_PENDING];
 #endif
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
     WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -3561,12 +4396,21 @@ static void bench_aesgcm_stream_internal(int useDeviceID,
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
 exit_aes_gcm:
     bench_stats_sym_finish(encLabel, useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
     /* init keys */
@@ -3584,6 +4428,8 @@ exit_aes_gcm:
         }
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (times = 0; times < numBlocks || pending > 0; ) {
@@ -3609,13 +4455,21 @@ exit_aes_gcm:
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
 
 exit_aes_gcm_dec:
     bench_stats_sym_finish(decLabel, useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 #endif /* HAVE_AES_DECRYPT */
 
     (void)decLabel;
@@ -3645,18 +4499,28 @@ void bench_aesgcm(int useDeviceID)
 #if defined(WOLFSSL_AES_128) && !defined(WOLFSSL_AFALG_XILINX_AES) \
         && !defined(WOLFSSL_XILINX_CRYPT)                          \
         ||  defined(WOLFSSL_XILINX_CRYPT_VERSAL)
+#ifdef HAVE_RENESAS_SYNC
+    bench_aesgcm_internal(useDeviceID, bench_key1, 16, bench_iv, 12,
+                          AES_GCM_STRING(128, enc), AES_GCM_STRING(128, dec));
+#else
     bench_aesgcm_internal(useDeviceID, bench_key, 16, bench_iv, 12,
                           AES_GCM_STRING(128, enc), AES_GCM_STRING(128, dec));
 #endif
+#endif
 #if defined(WOLFSSL_AES_192) && !defined(WOLFSSL_AFALG_XILINX_AES) \
         && !defined(WOLFSSL_XILINX_CRYPT)
     bench_aesgcm_internal(useDeviceID, bench_key, 24, bench_iv, 12,
                           AES_GCM_STRING(192, enc), AES_GCM_STRING(192, dec));
 #endif
 #ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+    bench_aesgcm_internal(useDeviceID, bench_key2, 32, bench_iv, 12,
+                          AES_GCM_STRING(256, enc), AES_GCM_STRING(256, dec));
+#else
     bench_aesgcm_internal(useDeviceID, bench_key, 32, bench_iv, 12,
                           AES_GCM_STRING(256, enc), AES_GCM_STRING(256, dec));
 #endif
+#endif
 #ifdef WOLFSSL_AESGCM_STREAM
 #undef AES_GCM_STRING
 #define AES_GCM_STRING(n, dir)  AES_AAD_STRING("AES-" #n "-GCM-STREAM-" #dir)
@@ -3680,12 +4544,13 @@ void bench_aesgcm(int useDeviceID)
 }
 
 /* GMAC */
-void bench_gmac(void)
+void bench_gmac(int useDeviceID)
 {
     int ret, count = 0;
     Gmac gmac;
     double start;
     byte tag[AES_AUTH_TAG_SZ];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* determine GCM GHASH method */
 #ifdef GCM_SMALL
@@ -3704,19 +4569,33 @@ void bench_gmac(void)
     XMEMSET(bench_plain, 0, bench_size);
     XMEMSET(tag, 0, sizeof(tag));
     XMEMSET(&gmac, 0, sizeof(Gmac)); /* clear context */
-    (void)wc_AesInit((Aes*)&gmac, HEAP_HINT, INVALID_DEVID);
+    (void)wc_AesInit((Aes*)&gmac, HEAP_HINT,
+                useDeviceID ? devId: INVALID_DEVID);
+#ifdef HAVE_RENESAS_SYNC
+    wc_GmacSetKey(&gmac, bench_key1, 16);
+#else
     wc_GmacSetKey(&gmac, bench_key, 16);
-
+#endif
     bench_stats_start(&count, &start);
     do {
         ret = wc_GmacUpdate(&gmac, bench_iv, 12, bench_plain, bench_size,
             tag, sizeof(tag));
 
         count++;
-    } while (bench_stats_check(start));
+        RECORD_MULTI_VALUE_STATS();
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     wc_AesFree((Aes*)&gmac);
 
     bench_stats_sym_finish(gmacStr, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
 }
 
 #endif /* HAVE_AESGCM */
@@ -3730,10 +4609,11 @@ static void bench_aesecb_internal(int useDeviceID,
     int    ret = 0, i, count = 0, times, pending = 0;
     Aes    enc[BENCH_MAX_PENDING];
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #ifdef HAVE_FIPS
-    static const int benchSz = AES_BLOCK_SIZE;
+    const int benchSz = AES_BLOCK_SIZE;
 #else
-    static const int benchSz = BENCH_SIZE;
+    const int benchSz = (int)bench_size;
 #endif
 
     /* clear for done cleanup */
@@ -3779,12 +4659,21 @@ static void bench_aesecb_internal(int useDeviceID,
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
 exit_aes_enc:
     bench_stats_sym_finish(encLabel, useDeviceID, count, benchSz,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
     /* init keys */
@@ -3796,6 +4685,8 @@ exit_aes_enc:
         }
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         int outer_loop_limit = (10 * ((int)bench_size / benchSz)) + 1;
@@ -3819,12 +4710,21 @@ exit_aes_enc:
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
 exit_aes_dec:
     bench_stats_sym_finish(decLabel, useDeviceID, count, benchSz,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 #endif /* HAVE_AES_DECRYPT */
 
@@ -3860,6 +4760,13 @@ static void bench_aescfb_internal(const byte* key,
     Aes    enc;
     double start;
     int    i, ret, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    ret = wc_AesInit(&enc, HEAP_HINT, INVALID_DEVID);
+    if (ret != 0) {
+        printf("AesInit failed, ret = %d\n", ret);
+        return;
+    }
 
     ret = wc_AesSetKey(&enc, key, keySz, iv, AES_ENCRYPTION);
     if (ret != 0) {
@@ -3875,10 +4782,19 @@ static void bench_aescfb_internal(const byte* key,
                 printf("wc_AesCfbEncrypt failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(label, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_aescfb(void)
@@ -3904,6 +4820,7 @@ static void bench_aesofb_internal(const byte* key,
     Aes    enc;
     double start;
     int    i, ret, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_AesInit(&enc, NULL, INVALID_DEVID);
     if (ret != 0) {
@@ -3925,10 +4842,19 @@ static void bench_aesofb_internal(const byte* key,
                 printf("wc_AesCfbEncrypt failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(label, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_AesFree(&enc);
 }
@@ -3954,6 +4880,7 @@ void bench_aesxts(void)
     XtsAes aes;
     double start;
     int    i, count, ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     static unsigned char k1[] = {
         0xa1, 0xb9, 0x0c, 0xba, 0x3f, 0x06, 0xac, 0x35,
@@ -3982,10 +4909,19 @@ void bench_aesxts(void)
                 printf("wc_AesXtsEncrypt failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish("AES-XTS-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
     wc_AesXtsFree(&aes);
 
     /* decryption benchmark */
@@ -3996,6 +4932,8 @@ void bench_aesxts(void)
         return;
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < numBlocks; i++) {
@@ -4004,10 +4942,19 @@ void bench_aesxts(void)
                 printf("wc_AesXtsDecrypt failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish("AES-XTS-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
     wc_AesXtsFree(&aes);
 }
 #endif /* WOLFSSL_AES_XTS */
@@ -4021,6 +4968,7 @@ static void bench_aesctr_internal(const byte* key, word32 keySz,
     Aes    enc;
     double start;
     int    i, count, ret = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     if ((ret = wc_AesInit(&enc, HEAP_HINT,
         useDeviceID ? devId : INVALID_DEVID)) != 0) {
@@ -4040,10 +4988,19 @@ static void bench_aesctr_internal(const byte* key, word32 keySz,
                 printf("wc_AesCtrEncrypt failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(label, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_AesFree(&enc);
 }
@@ -4069,6 +5026,7 @@ void bench_aesccm(int useDeviceID)
     Aes    enc;
     double start;
     int    ret, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
     WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
@@ -4100,27 +5058,47 @@ void bench_aesccm(int useDeviceID)
             ret |= wc_AesCcmEncrypt(&enc, bench_cipher, bench_plain, bench_size,
                 bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
                 bench_additional, 0);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(AES_AAD_STRING("AES-CCM-enc"), useDeviceID, count,
         bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
     if (ret != 0) {
         printf("wc_AesCcmEncrypt failed, ret = %d\n", ret);
         goto exit;
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < numBlocks; i++) {
             ret |= wc_AesCcmDecrypt(&enc, bench_plain, bench_cipher, bench_size,
                 bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
                 bench_additional, 0);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(AES_AAD_STRING("AES-CCM-dec"), useDeviceID, count,
         bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
     if (ret != 0) {
         printf("wc_AesCcmEncrypt failed, ret = %d\n", ret);
         goto exit;
@@ -4145,6 +5123,7 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
     byte siv[AES_BLOCK_SIZE];
     int count = 0;
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     bench_stats_start(&count, &start);
     do {
@@ -4156,10 +5135,21 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
                 printf("wc_AesSivEncrypt failed (%d)\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(encLabel, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     bench_stats_start(&count, &start);
     do {
@@ -4171,10 +5161,19 @@ static void bench_aessiv_internal(const byte* key, word32 keySz, const char*
                 printf("wc_AesSivDecrypt failed (%d)\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+#endif
+           );
+
     bench_stats_sym_finish(decLabel, 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_aessiv(void)
@@ -4194,6 +5193,7 @@ void bench_poly1305(void)
     byte     mac[16];
     double   start;
     int      ret = 0, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     if (digest_stream) {
         ret = wc_Poly1305SetKey(&enc, bench_key, 32);
@@ -4210,11 +5210,15 @@ void bench_poly1305(void)
                     printf("Poly1305Update failed: %d\n", ret);
                     break;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             wc_Poly1305Final(&enc, mac);
             count += i;
-        } while (bench_stats_check(start));
-        bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4231,11 +5235,19 @@ void bench_poly1305(void)
                     break;
                 }
                 wc_Poly1305Final(&enc, mac);
+                RECORD_MULTI_VALUE_STATS();
             }
             count += i;
-        } while (bench_stats_check(start));
-        bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
+    bench_stats_sym_finish("POLY1305", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif /* HAVE_POLY1305 */
 
@@ -4246,6 +5258,7 @@ void bench_camellia(void)
     Camellia cam;
     double   start;
     int      ret, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_CamelliaSetKey(&cam, bench_key, 16, bench_iv);
     if (ret != 0) {
@@ -4262,20 +5275,257 @@ void bench_camellia(void)
                 printf("CamelliaCbcEncrypt failed: %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+   } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_sym_finish("Camellia", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+void bench_sm4_cbc(void)
+{
+    wc_Sm4 sm4;
+    double start;
+    int    ret;
+    int    i;
+    int    count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    ret = wc_Sm4SetKey(&sm4, bench_key, SM4_KEY_SIZE);
+    if (ret != 0) {
+        printf("Sm4SetKey failed, ret = %d\n", ret);
+        return;
+    }
+    ret = wc_Sm4SetIV(&sm4, bench_iv);
+    if (ret != 0) {
+        printf("Sm4SetIV failed, ret = %d\n", ret);
+        return;
+    }
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_Sm4CbcEncrypt(&sm4, bench_cipher, bench_plain, bench_size);
+            if (ret < 0) {
+                printf("Sm4CbcEncrypt failed: %d\n", ret);
+                return;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-CBC-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_Sm4CbcDecrypt(&sm4, bench_plain, bench_cipher, bench_size);
+            if (ret < 0) {
+                printf("Sm4CbcDecrypt failed: %d\n", ret);
+                return;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-CBC-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif
 
+#ifdef WOLFSSL_SM4_GCM
+void bench_sm4_gcm(void)
+{
+    wc_Sm4 sm4;
+    double start;
+    int    ret;
+    int    i;
+    int    count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
+    WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+    if (bench_additional == NULL || bench_tag == NULL) {
+        printf("bench_aesgcm_internal malloc failed\n");
+        return;
+    }
+#endif
+
+    ret = wc_Sm4GcmSetKey(&sm4, bench_key, SM4_KEY_SIZE);
+    if (ret != 0) {
+        printf("Sm4GcmSetKey failed, ret = %d\n", ret);
+        return;
+    }
 
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_Sm4GcmEncrypt(&sm4, bench_cipher, bench_plain, bench_size,
+                bench_iv, GCM_NONCE_MID_SZ, bench_tag, SM4_BLOCK_SIZE,
+                bench_additional, aesAuthAddSz);
+            if (ret < 0) {
+                printf("Sm4GcmEncrypt failed: %d\n", ret);
+                return;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-GCM-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_Sm4GcmDecrypt(&sm4, bench_plain, bench_cipher, bench_size,
+                bench_iv, GCM_NONCE_MID_SZ, bench_tag, SM4_BLOCK_SIZE,
+                bench_additional, aesAuthAddSz);
+            if (ret < 0) {
+                printf("Sm4GcmDecrypt failed: %d\n", ret);
+                return;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-GCM-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+void bench_sm4_ccm()
+{
+    wc_Sm4 enc;
+    double start;
+    int    ret, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    WC_DECLARE_VAR(bench_additional, byte, AES_AUTH_ADD_SZ, HEAP_HINT);
+    WC_DECLARE_VAR(bench_tag, byte, AES_AUTH_TAG_SZ, HEAP_HINT);
+
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+    if (bench_additional == NULL || bench_tag == NULL) {
+        printf("bench_aesccm malloc failed\n");
+        goto exit;
+    }
+#endif
+
+    XMEMSET(bench_tag, 0, AES_AUTH_TAG_SZ);
+    XMEMSET(bench_additional, 0, AES_AUTH_ADD_SZ);
+
+    if ((ret = wc_Sm4SetKey(&enc, bench_key, 16)) != 0) {
+        printf("wc_Sm4SetKey failed, ret = %d\n", ret);
+        goto exit;
+    }
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret |= wc_Sm4CcmEncrypt(&enc, bench_cipher, bench_plain, bench_size,
+                bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
+                bench_additional, 0);
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-CCM-enc", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+    if (ret != 0) {
+        printf("wc_Sm4Encrypt failed, ret = %d\n", ret);
+        goto exit;
+    }
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret |= wc_Sm4CcmDecrypt(&enc, bench_plain, bench_cipher, bench_size,
+                bench_iv, 12, bench_tag, AES_AUTH_TAG_SZ,
+                bench_additional, 0);
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_sym_finish("SM4-CCM-dec", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+    if (ret != 0) {
+        printf("wc_Sm4Decrypt failed, ret = %d\n", ret);
+        goto exit;
+    }
+
+  exit:
+
+    WC_FREE_VAR(bench_additional, HEAP_HINT);
+    WC_FREE_VAR(bench_tag, HEAP_HINT);
+}
+#endif /* HAVE_AESCCM */
 #ifndef NO_DES3
 void bench_des(int useDeviceID)
 {
     int    ret = 0, i, count = 0, times, pending = 0;
     Des3   enc[BENCH_MAX_PENDING];
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* clear for done cleanup */
     XMEMSET(enc, 0, sizeof(enc));
@@ -4313,11 +5563,20 @@ void bench_des(int useDeviceID)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_3des:
     bench_stats_sym_finish("3DES", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4334,6 +5593,7 @@ void bench_arc4(int useDeviceID)
     int    ret = 0, i, count = 0, times, pending = 0;
     Arc4   enc[BENCH_MAX_PENDING];
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* clear for done cleanup */
     XMEMSET(enc, 0, sizeof(enc));
@@ -4370,11 +5630,20 @@ void bench_arc4(int useDeviceID)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_arc4:
     bench_stats_sym_finish("ARC4", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4391,7 +5660,9 @@ void bench_chacha(void)
     ChaCha enc;
     double start;
     int    i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
+    XMEMSET(&enc, 0, sizeof(enc));
     wc_Chacha_SetKey(&enc, bench_key, 16);
 
     bench_stats_start(&count, &start);
@@ -4399,10 +5670,19 @@ void bench_chacha(void)
         for (i = 0; i < numBlocks; i++) {
             wc_Chacha_SetIV(&enc, bench_iv, 0);
             wc_Chacha_Process(&enc, bench_cipher, bench_plain, bench_size);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+#endif
+        );
+
     bench_stats_sym_finish("CHACHA", 0, count, bench_size, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif /* HAVE_CHACHA*/
 
@@ -4411,6 +5691,7 @@ void bench_chacha20_poly1305_aead(void)
 {
     double start;
     int    ret = 0, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     byte authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
     XMEMSET(authTag, 0, sizeof(authTag));
@@ -4424,10 +5705,19 @@ void bench_chacha20_poly1305_aead(void)
                 printf("wc_ChaCha20Poly1305_Encrypt error: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+#endif
+        );
+
     bench_stats_sym_finish("CHA-POLY", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif /* HAVE_CHACHA && HAVE_POLY1305 */
 
@@ -4438,6 +5728,8 @@ void bench_md5(int useDeviceID)
     wc_Md5 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_MD5_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4478,6 +5770,7 @@ void bench_md5(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4497,7 +5790,11 @@ void bench_md5(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4510,12 +5807,20 @@ void bench_md5(int useDeviceID)
                     ret = wc_Md5Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_md5;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
 exit_md5:
     bench_stats_sym_finish("MD5", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4536,6 +5841,7 @@ void bench_sha(int useDeviceID)
     wc_Sha hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4576,6 +5882,7 @@ void bench_sha(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4595,7 +5902,11 @@ void bench_sha(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4609,12 +5920,20 @@ void bench_sha(int useDeviceID)
                     ret = wc_ShaFinal(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
 exit_sha:
     bench_stats_sym_finish("SHA", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4633,6 +5952,7 @@ void bench_sha224(int useDeviceID)
     wc_Sha224 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA224_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4670,6 +5990,7 @@ void bench_sha224(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4688,7 +6009,11 @@ void bench_sha224(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4704,11 +6029,18 @@ void bench_sha224(int useDeviceID)
                     goto exit_sha224;
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+        || runs < minimum_runs
+    #endif
+        );
     }
 exit_sha224:
     bench_stats_sym_finish("SHA-224", useDeviceID, count,
                            bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4720,12 +6052,14 @@ exit:
 }
 #endif
 
+
 #ifndef NO_SHA256
 void bench_sha256(int useDeviceID)
 {
     wc_Sha256 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA256_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4766,6 +6100,7 @@ void bench_sha256(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4784,7 +6119,11 @@ void bench_sha256(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4798,16 +6137,22 @@ void bench_sha256(int useDeviceID)
                     ret = wc_Sha256Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha256;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha256:
     bench_stats_sym_finish("SHA-256", useDeviceID, count, bench_size,
                            start, ret);
-
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 exit:
-
     for (i = 0; i < BENCH_MAX_PENDING; i++) {
         wc_Sha256Free(&hash[i]);
     }
@@ -4822,6 +6167,7 @@ void bench_sha384(int useDeviceID)
     wc_Sha384 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA384_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4859,6 +6205,7 @@ void bench_sha384(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4877,7 +6224,11 @@ void bench_sha384(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4891,13 +6242,21 @@ void bench_sha384(int useDeviceID)
                     ret = wc_Sha384Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha384;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha384:
     bench_stats_sym_finish("SHA-384", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -4915,6 +6274,7 @@ void bench_sha512(int useDeviceID)
     wc_Sha512 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA512_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -4952,6 +6312,7 @@ void bench_sha512(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -4970,7 +6331,11 @@ void bench_sha512(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -4984,13 +6349,21 @@ void bench_sha512(int useDeviceID)
                     ret = wc_Sha512Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha512;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha512:
     bench_stats_sym_finish("SHA-512", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5008,7 +6381,8 @@ void bench_sha512_224(int useDeviceID)
     wc_Sha512_224 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
-    WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
+    DECLARE_MULTI_VALUE_STATS_VARS()
+   WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA512_224_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
                   WC_SHA512_224_DIGEST_SIZE, HEAP_HINT);
@@ -5045,6 +6419,7 @@ void bench_sha512_224(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5063,7 +6438,11 @@ void bench_sha512_224(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5077,13 +6456,21 @@ void bench_sha512_224(int useDeviceID)
                     ret = wc_Sha512_224Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha512_224;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha512_224:
     bench_stats_sym_finish("SHA-512/224", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5102,6 +6489,7 @@ void bench_sha512_256(int useDeviceID)
     wc_Sha512_256 hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA512_256_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5139,6 +6527,7 @@ void bench_sha512_256(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5157,7 +6546,11 @@ void bench_sha512_256(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5171,13 +6564,21 @@ void bench_sha512_256(int useDeviceID)
                     ret = wc_Sha512_256Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha512_256;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha512_256:
     bench_stats_sym_finish("SHA-512/256", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5199,6 +6600,7 @@ void bench_sha3_224(int useDeviceID)
     wc_Sha3   hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_224_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5236,6 +6638,7 @@ void bench_sha3_224(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5254,7 +6657,11 @@ void bench_sha3_224(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5268,13 +6675,21 @@ void bench_sha3_224(int useDeviceID)
                     ret = wc_Sha3_224_Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha3_224;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha3_224:
     bench_stats_sym_finish("SHA3-224", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5291,6 +6706,7 @@ void bench_sha3_256(int useDeviceID)
 {
     wc_Sha3   hash[BENCH_MAX_PENDING];
     double start;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     int    ret = 0, i, count = 0, times, pending = 0;
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_256_DIGEST_SIZE, HEAP_HINT);
@@ -5329,6 +6745,7 @@ void bench_sha3_256(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5347,7 +6764,11 @@ void bench_sha3_256(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5361,13 +6782,21 @@ void bench_sha3_256(int useDeviceID)
                     ret = wc_Sha3_256_Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha3_256;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha3_256:
     bench_stats_sym_finish("SHA3-256", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5385,6 +6814,7 @@ void bench_sha3_384(int useDeviceID)
     wc_Sha3   hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_384_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5422,6 +6852,7 @@ void bench_sha3_384(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5440,7 +6871,11 @@ void bench_sha3_384(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5454,13 +6889,21 @@ void bench_sha3_384(int useDeviceID)
                     ret = wc_Sha3_384_Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha3_384;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha3_384:
     bench_stats_sym_finish("SHA3-384", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5478,6 +6921,7 @@ void bench_sha3_512(int useDeviceID)
     wc_Sha3   hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_512_DIGEST_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5515,6 +6959,7 @@ void bench_sha3_512(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5533,7 +6978,11 @@ void bench_sha3_512(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5547,13 +6996,21 @@ void bench_sha3_512(int useDeviceID)
                     ret = wc_Sha3_512_Final(hash, digest[0]);
                 if (ret != 0)
                     goto exit_sha3_512;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_sha3_512:
     bench_stats_sym_finish("SHA3-512", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5571,6 +7028,7 @@ void bench_shake128(int useDeviceID)
     wc_Shake hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_128_BLOCK_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5608,6 +7066,7 @@ void bench_shake128(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5627,7 +7086,11 @@ void bench_shake128(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5642,13 +7105,21 @@ void bench_shake128(int useDeviceID)
                         WC_SHA3_128_BLOCK_SIZE);
                 if (ret != 0)
                     goto exit_shake128;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_shake128:
     bench_stats_sym_finish("SHAKE128", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5666,6 +7137,7 @@ void bench_shake256(int useDeviceID)
     wc_Shake hash[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_SHA3_256_BLOCK_SIZE, HEAP_HINT);
     WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING,
@@ -5703,6 +7175,7 @@ void bench_shake256(int useDeviceID)
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
 
@@ -5722,7 +7195,11 @@ void bench_shake256(int useDeviceID)
                     }
                 } /* for i */
             } while (pending > 0);
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5737,13 +7214,21 @@ void bench_shake256(int useDeviceID)
                         WC_SHA3_256_BLOCK_SIZE);
                 if (ret != 0)
                     goto exit_shake256;
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
 exit_shake256:
     bench_stats_sym_finish("SHAKE256", useDeviceID, count, bench_size,
                            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -5756,6 +7241,110 @@ exit:
 #endif /* WOLFSSL_SHAKE256 */
 #endif
 
+#ifdef WOLFSSL_SM3
+void bench_sm3(int useDeviceID)
+{
+    wc_Sm3 hash[BENCH_MAX_PENDING];
+    double start;
+    int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+    WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING, WC_SM3_DIGEST_SIZE,
+        HEAP_HINT);
+    WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING, WC_SM3_DIGEST_SIZE,
+        HEAP_HINT);
+
+    /* clear for done cleanup */
+    XMEMSET(hash, 0, sizeof(hash));
+
+    if (digest_stream) {
+        /* init keys */
+        for (i = 0; i < BENCH_MAX_PENDING; i++) {
+            ret = wc_InitSm3(&hash[i], HEAP_HINT,
+                useDeviceID ? devId: INVALID_DEVID);
+            if (ret != 0) {
+                printf("InitSm3 failed, ret = %d\n", ret);
+                goto exit;
+            }
+        }
+
+        bench_stats_start(&count, &start);
+        do {
+            for (times = 0; times < numBlocks || pending > 0; ) {
+                bench_async_poll(&pending);
+
+                /* while free pending slots in queue, submit ops */
+                for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                    if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&hash[i]),
+                                              0, &times, numBlocks, &pending)) {
+                        ret = wc_Sm3Update(&hash[i], bench_plain,
+                            bench_size);
+                        if (!bench_async_handle(&ret,
+                            BENCH_ASYNC_GET_DEV(&hash[i]), 0, &times, &pending)) {
+                            goto exit_sm3;
+                        }
+                    }
+                } /* for i */
+                RECORD_MULTI_VALUE_STATS();
+            } /* for times */
+            count += times;
+
+            times = 0;
+            do {
+                bench_async_poll(&pending);
+                for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                    if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&hash[i]),
+                                              0, &times, numBlocks, &pending)) {
+                        ret = wc_Sm3Final(&hash[i], digest[i]);
+                        if (!bench_async_handle(&ret,
+                            BENCH_ASYNC_GET_DEV(&hash[i]), 0, &times, &pending)) {
+                            goto exit_sm3;
+                        }
+                    }
+                } /* for i */
+            } while (pending > 0);
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
+    }
+    else {
+        bench_stats_start(&count, &start);
+        do {
+            for (times = 0; times < numBlocks; times++) {
+                ret = wc_InitSm3(hash, HEAP_HINT,
+                    useDeviceID ? devId: INVALID_DEVID);
+                if (ret == 0)
+                    ret = wc_Sm3Update(hash, bench_plain, bench_size);
+                if (ret == 0)
+                    ret = wc_Sm3Final(hash, digest[0]);
+                if (ret != 0)
+                    goto exit_sm3;
+                RECORD_MULTI_VALUE_STATS();
+            } /* for times */
+            count += times;
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
+    }
+exit_sm3:
+    bench_stats_sym_finish("SM3", useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+exit:
+
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        wc_Sm3Free(&hash[i]);
+    }
+
+    WC_FREE_ARRAY(digest, BENCH_MAX_PENDING, HEAP_HINT);
+}
+#endif
+
 
 #ifdef WOLFSSL_RIPEMD
 void bench_ripemd(void)
@@ -5764,6 +7353,7 @@ void bench_ripemd(void)
     byte   digest[RIPEMD_DIGEST_SIZE];
     double start;
     int    i, count, ret = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     if (digest_stream) {
         ret = wc_InitRipeMd(&hash);
@@ -5780,6 +7370,7 @@ void bench_ripemd(void)
                     printf("wc_RipeMdUpdate failed, retval %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             ret = wc_RipeMdFinal(&hash, digest);
             if (ret != 0) {
@@ -5788,7 +7379,11 @@ void bench_ripemd(void)
             }
 
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5809,11 +7404,19 @@ void bench_ripemd(void)
                     printf("wc_RipeMdFinal failed, retval %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     bench_stats_sym_finish("RIPEMD", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     return;
 }
@@ -5827,6 +7430,7 @@ void bench_blake2b(void)
     byte    digest[64];
     double  start;
     int     ret = 0, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     if (digest_stream) {
         ret = wc_InitBlake2b(&b2b, 64);
@@ -5843,6 +7447,7 @@ void bench_blake2b(void)
                     printf("Blake2bUpdate failed, ret = %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             ret = wc_Blake2bFinal(&b2b, digest, 64);
             if (ret != 0) {
@@ -5850,7 +7455,11 @@ void bench_blake2b(void)
                 return;
             }
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5871,11 +7480,19 @@ void bench_blake2b(void)
                     printf("Blake2bFinal failed, ret = %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     bench_stats_sym_finish("BLAKE2b", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif
 
@@ -5886,6 +7503,7 @@ void bench_blake2s(void)
     byte    digest[32];
     double  start;
     int     ret = 0, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     if (digest_stream) {
         ret = wc_InitBlake2s(&b2s, 32);
@@ -5902,6 +7520,7 @@ void bench_blake2s(void)
                     printf("Blake2sUpdate failed, ret = %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             ret = wc_Blake2sFinal(&b2s, digest, 32);
             if (ret != 0) {
@@ -5909,7 +7528,11 @@ void bench_blake2s(void)
                 return;
             }
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     else {
         bench_stats_start(&count, &start);
@@ -5930,11 +7553,19 @@ void bench_blake2s(void)
                     printf("Blake2sFinal failed, ret = %d\n", ret);
                     return;
                 }
+                RECORD_MULTI_VALUE_STATS();
             }
             count += i;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
     }
     bench_stats_sym_finish("BLAKE2s", 0, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif
 
@@ -5948,6 +7579,7 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
     word32  digestSz = sizeof(digest);
     double  start;
     int     ret, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #ifdef WOLFSSL_SECO_CAAM
     unsigned int keyID;
     int keyGroup = 1; /* group one was chosen arbitrarily */
@@ -5992,6 +7624,7 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
                 printf("CmacUpdate failed, ret = %d\n", ret);
                 return;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         /* Note: final force zero's the Cmac struct */
         ret = wc_CmacFinal(&cmac, digest, &digestSz);
@@ -6000,8 +7633,16 @@ static void bench_cmac_helper(word32 keySz, const char* outMsg, int useDeviceID)
             return;
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_sym_finish(outMsg, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_cmac(int useDeviceID)
@@ -6023,6 +7664,7 @@ void bench_scrypt(void)
     byte   derived[64];
     double start;
     int    ret, i, count;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     bench_stats_start(&count, &start);
     do {
@@ -6034,11 +7676,20 @@ void bench_scrypt(void)
                 printf("scrypt failed, ret = %d\n", ret);
                 goto exit;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit:
     bench_stats_asym_finish("scrypt", 17, "", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 #endif /* HAVE_SCRYPT */
@@ -6051,6 +7702,7 @@ static void bench_hmac(int useDeviceID, int type, int digestSz,
     Hmac   hmac[BENCH_MAX_PENDING];
     double start;
     int    ret = 0, i, count = 0, times, pending = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #ifdef WOLFSSL_ASYNC_CRYPT
     WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING,
                      WC_MAX_DIGEST_SIZE, HEAP_HINT);
@@ -6117,11 +7769,20 @@ static void bench_hmac(int useDeviceID, int type, int digestSz,
                         goto exit_hmac;
                     }
                 }
+                RECORD_MULTI_VALUE_STATS();
             } /* for i */
         } while (pending > 0);
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_hmac:
     bench_stats_sym_finish(label, useDeviceID, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -6246,14 +7907,24 @@ void bench_pbkdf2(void)
                             0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06,
                             0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
     byte derived[32];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     bench_stats_start(&count, &start);
     do {
         ret = wc_PBKDF2(derived, (const byte*)passwd32, (int)XSTRLEN(passwd32),
             salt32, (int)sizeof(salt32), 1000, 32, WC_SHA256);
         count++;
-    } while (bench_stats_check(start));
+        RECORD_MULTI_VALUE_STATS();
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_sym_finish("PBKDF2", 32, count, 32, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 #endif /* !NO_PWDBASED */
 
@@ -6267,26 +7938,149 @@ void bench_siphash(void)
     const char* passwd16 = "passwordpassword";
     byte out[16];
     int    i;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < numBlocks; i++) {
             ret = wc_SipHash((const byte*)passwd16, bench_plain, bench_size,
                 out, 8);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_sym_finish("SipHash-8", 1, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < numBlocks; i++) {
             ret = wc_SipHash((const byte*)passwd16, bench_plain, bench_size,
                 out, 16);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_sym_finish("SipHash-16", 1, count, bench_size, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+}
+#endif
+
+#ifdef WC_SRTP_KDF
+void bench_srtpkdf(void)
+{
+    double start;
+    int count;
+    int ret = 0;
+    byte keyE[32];
+    byte keyA[20];
+    byte keyS[14];
+    const byte *key = bench_key_buf;
+    const byte salt[14] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+                           0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e };
+    const byte index[6] = { 0x55, 0xAA, 0x55, 0xAA, 0x55, 0xAA };
+    int kdrIdx = 0;
+    int i;
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_SRTP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
+                kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
+                keyS, sizeof(keyS));
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+    bench_stats_asym_finish("KDF", 128, "SRTP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_SRTP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
+                kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
+                keyS, sizeof(keyS));
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+    bench_stats_asym_finish("KDF", 256, "SRTP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_SRTCP_KDF(key, AES_128_KEY_SIZE, salt, sizeof(salt),
+                kdrIdx, index, keyE, AES_128_KEY_SIZE, keyA, sizeof(keyA),
+                keyS, sizeof(keyS));
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+    bench_stats_asym_finish("KDF", 128, "SRTCP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    bench_stats_start(&count, &start);
+    do {
+        for (i = 0; i < numBlocks; i++) {
+            ret = wc_SRTCP_KDF(key, AES_256_KEY_SIZE, salt, sizeof(salt),
+                kdrIdx, index, keyE, AES_256_KEY_SIZE, keyA, sizeof(keyA),
+                keyS, sizeof(keyS));
+            RECORD_MULTI_VALUE_STATS();
+        }
+        count += i;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+    bench_stats_asym_finish("KDF", 256, "SRTCP", 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
 }
 #endif
 
@@ -6304,6 +8098,7 @@ static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
     int    ret = 0, i, count = 0, times, pending = 0;
     const long rsa_e_val = WC_RSA_EXPONENT;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
 #ifdef WOLFSSL_SMALL_STACK
     genKey = (RsaKey *)XMALLOC(sizeof(*genKey) * BENCH_MAX_PENDING,
@@ -6342,12 +8137,21 @@ static void bench_rsaKeyGen_helper(int useDeviceID, word32 keySz)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit:
     bench_stats_asym_finish("RSA", (int)keySz, desc[2], useDeviceID, count,
                             start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     /* cleanup */
     for (i = 0; i < BENCH_MAX_PENDING; i++) {
@@ -6498,6 +8302,7 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
 #endif
     double      start = 0.0F;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #ifndef WOLFSSL_RSA_VERIFY_ONLY
     WC_DECLARE_VAR(message, byte, TEST_STRING_SZ, HEAP_HINT);
 #endif
@@ -6563,12 +8368,21 @@ static void bench_rsa_helper(int useDeviceID, RsaKey rsaKey[BENCH_MAX_PENDING],
                         }
                     }
                 } /* for i */
+            RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
+
 exit_rsa_verify:
         bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[0],
                                 useDeviceID, count, start, ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
 #endif /* !WOLFSSL_RSA_VERIFY_ONLY */
 
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
@@ -6576,6 +8390,8 @@ exit_rsa_verify:
             goto exit;
         }
 
+        RESET_MULTI_VALUE_STATS_VARS();
+
         /* capture resulting encrypt length */
         idx = (word32)(rsaKeySz/8);
 
@@ -6599,12 +8415,21 @@ exit_rsa_verify:
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
+
 exit_rsa_pub:
         bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[1],
                                 useDeviceID, count, start, ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
 #endif /* !WOLFSSL_RSA_PUBLIC_ONLY */
     }
     else {
@@ -6629,16 +8454,27 @@ exit_rsa_pub:
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+           || runs < minimum_runs
+    #endif
+           );
+
 exit_rsa_sign:
         bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[4], useDeviceID,
                                 count, start, ret);
-
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
         if (ret < 0) {
             goto exit;
         }
+
+        RESET_MULTI_VALUE_STATS_VARS();
+
 #endif /* !WOLFSSL_RSA_PUBLIC_ONLY && !WOLFSSL_RSA_VERIFY_ONLY */
 
         /* capture resulting encrypt length */
@@ -6685,13 +8521,21 @@ exit_rsa_sign:
                         }
                     }
                 } /* for i */
+                RECORD_MULTI_VALUE_STATS();
             } /* for times */
             count += times;
-        } while (bench_stats_check(start));
+        } while (bench_stats_check(start)
+    #ifdef MULTI_VALUE_STATISTICS
+          || runs < minimum_runs
+    #endif
+           );
 
 exit_rsa_verifyinline:
         bench_stats_asym_finish("RSA", (int)rsaKeySz, desc[5],
                                  useDeviceID, count,  start, ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
 exit:
@@ -6947,6 +8791,7 @@ void bench_dh(int useDeviceID)
     int paramName = 0;
 #endif
 #endif
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     WC_DECLARE_ARRAY(pub, byte, BENCH_MAX_PENDING,
                      BENCH_DH_KEY_SIZE, HEAP_HINT);
@@ -7083,6 +8928,7 @@ void bench_dh(int useDeviceID)
         }
     }
 
+
     /* Key Gen */
     bench_stats_start(&count, &start);
     PRIVATE_KEY_UNLOCK();
@@ -7106,18 +8952,29 @@ void bench_dh(int useDeviceID)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     PRIVATE_KEY_LOCK();
 exit_dh_gen:
     bench_stats_asym_finish("DH", dhKeySz, desc[2],
                             useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     if (ret < 0) {
         goto exit;
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     /* Generate key to use as other public */
     PRIVATE_KEY_UNLOCK();
     ret = wc_DhGenerateKeyPair(&dhKey[0], &gRng,
@@ -7146,14 +9003,23 @@ exit_dh_gen:
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     PRIVATE_KEY_LOCK();
 
 exit:
     bench_stats_asym_finish("DH", dhKeySz, desc[3],
     useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     /* cleanup */
 #ifdef WOLFSSL_SMALL_STACK
@@ -7184,6 +9050,7 @@ static void bench_kyber_keygen(int type, const char* name, int keySize,
     int ret = 0, times, count, pending = 0;
     double start;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* KYBER Make Key */
     bench_stats_start(&count, &start);
@@ -7203,13 +9070,20 @@ static void bench_kyber_keygen(int type, const char* name, int keySize,
 #endif
             if (ret != 0)
                 goto exit;
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    }
-    while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit:
     bench_stats_asym_finish(name, keySize, desc[2], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
@@ -7220,6 +9094,7 @@ static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
     byte ct[KYBER_MAX_CIPHER_TEXT_SIZE];
     byte ss[KYBER_SS_SZ];
     word32 ctSz;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_KyberKey_CipherTextSize(key, &ctSz);
     if (ret != 0) {
@@ -7240,13 +9115,22 @@ static void bench_kyber_encap(const char* name, int keySize, KyberKey* key)
 #endif
             if (ret != 0)
                 goto exit_encap;
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    }
-    while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit_encap:
     bench_stats_asym_finish(name, keySize, desc[9], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     /* KYBER Decapsulate */
     bench_stats_start(&count, &start);
@@ -7256,13 +9140,20 @@ exit_encap:
             ret = wc_KyberKey_Decapsulate(key, ss, ct, ctSz);
             if (ret != 0)
                 goto exit_decap;
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    }
-    while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit_decap:
     bench_stats_asym_finish(name, keySize, desc[13], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_kyber(int type)
@@ -7299,9 +9190,635 @@ void bench_kyber(int type)
 }
 #endif
 
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+/* WC_LMS_PARM_L2_H10_W2
+ * signature length: 9300 */
+static const byte lms_priv_L2_H10_W2[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x62,0x62,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+    0xC7,0x74,0x25,0x5B,0x2C,0xE8,0xDA,0x53,
+    0xF0,0x7C,0x04,0x3F,0x64,0x2D,0x26,0x2C,
+    0x46,0x1D,0xC8,0x90,0x77,0x59,0xD6,0xC0,
+    0x56,0x46,0x7D,0x97,0x64,0xF2,0xA3,0xA1,
+    0xF8,0xD0,0x3B,0x5F,0xAC,0x40,0xB9,0x9E,
+    0x83,0x67,0xBF,0x92,0x8D,0xFE,0x45,0x79
+};
+
+static const byte lms_pub_L2_H10_W2[60] =
+{
+    0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x06,
+    0x00,0x00,0x00,0x02,0xF8,0xD0,0x3B,0x5F,
+    0xAC,0x40,0xB9,0x9E,0x83,0x67,0xBF,0x92,
+    0x8D,0xFE,0x45,0x79,0x41,0xBC,0x2A,0x3B,
+    0x9F,0xC0,0x11,0x12,0x93,0xF0,0x5A,0xA5,
+    0xC1,0x88,0x29,0x79,0x6C,0x3E,0x0A,0x0F,
+    0xEC,0x3B,0x3E,0xE4,0x38,0xD3,0xD2,0x34,
+    0x7F,0xC8,0x91,0xB0
+};
+
+/* WC_LMS_PARM_L2_H10_W4
+ * signature length: 5076 */
+static const byte lms_priv_L2_H10_W4[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x63,0x63,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+    0xAE,0x28,0x87,0x19,0x4F,0x4B,0x68,0x61,
+    0x93,0x9A,0xC7,0x0E,0x33,0xB8,0xCE,0x96,
+    0x66,0x0D,0xC7,0xB1,0xFA,0x94,0x80,0xA2,
+    0x28,0x9B,0xCF,0xE2,0x08,0xB5,0x25,0xAC,
+    0xFB,0xB8,0x65,0x5E,0xD1,0xCC,0x31,0xDA,
+    0x2E,0x49,0x3A,0xEE,0xAF,0x63,0x70,0x5E
+};
+
+static const byte lms_pub_L2_H10_W4[60] =
+{
+    0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x06,
+    0x00,0x00,0x00,0x03,0xFB,0xB8,0x65,0x5E,
+    0xD1,0xCC,0x31,0xDA,0x2E,0x49,0x3A,0xEE,
+    0xAF,0x63,0x70,0x5E,0xA2,0xD5,0xB6,0x15,
+    0x33,0x8C,0x9B,0xE9,0xE1,0x91,0x40,0x1A,
+    0x12,0xE0,0xD7,0xBD,0xE4,0xE0,0x76,0xF5,
+    0x04,0x90,0x76,0xA5,0x9A,0xA7,0x4E,0xFE,
+    0x6B,0x9A,0xD3,0x14
+};
+
+/* WC_LMS_PARM_L3_H5_W4
+ * signature length: 7160 */
+static const byte lms_priv_L3_H5_W4[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x53,0x53,0x53,0xFF,0xFF,0xFF,0xFF,0xFF,
+    0x38,0xD1,0xBE,0x68,0xD1,0x93,0xE1,0x14,
+    0x6C,0x8B,0xED,0xE2,0x25,0x88,0xED,0xAC,
+    0x57,0xBD,0x87,0x9F,0x54,0xF3,0x58,0xD9,
+    0x4D,0xF5,0x6A,0xBD,0x71,0x99,0x6A,0x28,
+    0x2F,0xE1,0xFC,0xD1,0xD1,0x0C,0x7C,0xF8,
+    0xB4,0xDC,0xDF,0x7F,0x14,0x1A,0x7B,0x50
+};
+
+static const byte lms_pub_L3_H5_W4[60] =
+{
+    0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x05,
+    0x00,0x00,0x00,0x03,0x2F,0xE1,0xFC,0xD1,
+    0xD1,0x0C,0x7C,0xF8,0xB4,0xDC,0xDF,0x7F,
+    0x14,0x1A,0x7B,0x50,0x8E,0x3A,0xD4,0x05,
+    0x0C,0x95,0x59,0xA0,0xCA,0x7A,0xD8,0xD6,
+    0x5D,0xBD,0x42,0xBB,0xD5,0x82,0xB8,0x9C,
+    0x52,0x37,0xB7,0x45,0x03,0xC2,0x06,0xCE,
+    0xAB,0x4B,0x51,0x39
+};
+
+/* WC_LMS_PARM_L3_H5_W8
+ * signature length: 3992 */
+static const byte lms_priv_L3_H5_W8[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x54,0x54,0x54,0xFF,0xFF,0xFF,0xFF,0xFF,
+    0xA5,0x46,0x97,0x0C,0xA1,0x3C,0xEA,0x17,
+    0x5C,0x9D,0x59,0xF4,0x0E,0x27,0x37,0xF3,
+    0x6A,0x1C,0xF7,0x29,0x4A,0xCC,0xCD,0x7B,
+    0x4F,0xE7,0x37,0x6E,0xEF,0xC1,0xBD,0xBD,
+    0x04,0x5D,0x8E,0xDD,0xAA,0x47,0xCC,0xE6,
+    0xCE,0x78,0x46,0x20,0x41,0x87,0xE0,0x85
+};
+
+static const byte lms_pub_L3_H5_W8[60] =
+{
+    0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x05,
+    0x00,0x00,0x00,0x04,0x04,0x5D,0x8E,0xDD,
+    0xAA,0x47,0xCC,0xE6,0xCE,0x78,0x46,0x20,
+    0x41,0x87,0xE0,0x85,0x0D,0x2C,0x46,0xB9,
+    0x39,0x8C,0xA3,0x92,0x4F,0xCE,0x50,0x96,
+    0x90,0x9C,0xF3,0x36,0x2E,0x09,0x15,0x3B,
+    0x4B,0x34,0x17,0xE7,0xE2,0x55,0xFC,0x5B,
+    0x83,0xAB,0x43,0xAF
+};
+
+/* WC_LMS_PARM_L3_H10_W4
+ * signature length: 7640 */
+static const byte lms_priv_L3_H10_W4[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x63,0x63,0x63,0xFF,0xFF,0xFF,0xFF,0xFF,
+    0xDF,0x98,0xAB,0xEC,0xFE,0x13,0x9F,0xF8,
+    0xD7,0x2B,0x4F,0x4C,0x79,0x34,0xB8,0x89,
+    0x24,0x6B,0x26,0x7D,0x7A,0x2E,0xA2,0xCB,
+    0x82,0x75,0x4E,0x96,0x54,0x49,0xED,0xA0,
+    0xAF,0xC7,0xA5,0xEE,0x8A,0xA2,0x83,0x99,
+    0x4B,0x18,0x59,0x2B,0x66,0xC0,0x32,0xDB
+};
+
+static const byte lms_pub_L3_H10_W4[60] =
+{
+    0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x06,
+    0x00,0x00,0x00,0x03,0xAF,0xC7,0xA5,0xEE,
+    0x8A,0xA2,0x83,0x99,0x4B,0x18,0x59,0x2B,
+    0x66,0xC0,0x32,0xDB,0xC4,0x18,0xEB,0x11,
+    0x17,0x7D,0xAA,0x93,0xFD,0xA0,0x70,0x4D,
+    0x68,0x4B,0x63,0x8F,0xC2,0xE7,0xCA,0x34,
+    0x14,0x31,0x0D,0xAA,0x18,0xBF,0x9B,0x32,
+    0x8D,0x78,0xD5,0xA8
+};
+
+/* WC_LMS_PARM_L4_H5_W8
+ * signature length: 5340 */
+static const byte lms_priv_L4_H5_W8[64] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    0x54,0x54,0x54,0x54,0xFF,0xFF,0xFF,0xFF,
+    0x46,0x8F,0x2A,0x4A,0x14,0x26,0xF0,0x89,
+    0xFE,0xED,0x66,0x0F,0x73,0x69,0xB1,0x4C,
+    0x47,0xA1,0x35,0x9F,0x7B,0xBA,0x08,0x03,
+    0xEE,0xA2,0xEB,0xAD,0xB4,0x82,0x52,0x1F,
+    0xFD,0x9B,0x22,0x82,0x42,0x1A,0x96,0x1E,
+    0xE4,0xA1,0x9C,0x33,0xED,0xE6,0x9F,0xAB
+};
+
+static const byte lms_pub_L4_H5_W8[60] =
+{
+    0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x05,
+    0x00,0x00,0x00,0x04,0xFD,0x9B,0x22,0x82,
+    0x42,0x1A,0x96,0x1E,0xE4,0xA1,0x9C,0x33,
+    0xED,0xE6,0x9F,0xAB,0x6B,0x47,0x05,0x5B,
+    0xA7,0xAD,0xF6,0x88,0xA5,0x4F,0xCD,0xF1,
+    0xDA,0x29,0x67,0xC3,0x7F,0x2C,0x11,0xFE,
+    0x85,0x1A,0x7A,0xD8,0xD5,0x46,0x74,0x3B,
+    0x74,0x24,0x12,0xC8
+};
+
+static int lms_write_key_mem(const byte * priv, word32 privSz, void *context)
+{
+   /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! Production applications should
+    * write only to non-volatile storage. */
+    XMEMCPY(context, priv, privSz);
+    return WC_LMS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static int lms_read_key_mem(byte * priv, word32 privSz, void *context)
+{
+   /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! */
+    XMEMCPY(priv, context, privSz);
+    return WC_LMS_RC_READ_TO_MEMORY;
+}
+
+static void bench_lms_sign_verify(enum wc_LmsParm parm)
+{
+    LmsKey       key;
+    int          ret = 0;
+    const char * msg = TEST_STRING;
+    word32       msgSz = TEST_STRING_SZ;
+    byte *       sig = NULL;
+    word32       sigSz = 0;
+    word32       privLen = 0;
+    int          loaded = 0;
+    int          times = 0;
+    int          count = 0;
+    double       start = 0.0F;
+    byte         priv[HSS_MAX_PRIVATE_KEY_LEN];
+    const char * str = wc_LmsKey_ParmToStr(parm);
+
+    ret = wc_LmsKey_Init(&key, NULL, INVALID_DEVID);
+    if (ret) {
+        printf("wc_LmsKey_Init failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    ret = wc_LmsKey_SetLmsParm(&key, parm);
+    if (ret) {
+        printf("wc_LmsKey_SetLmsParm failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    switch (parm) {
+    case WC_LMS_PARM_L2_H10_W2:
+        XMEMCPY(priv, lms_priv_L2_H10_W2, sizeof(lms_priv_L2_H10_W2));
+        XMEMCPY(key.pub, lms_pub_L2_H10_W2, sizeof(lms_pub_L2_H10_W2));
+        break;
+
+    case WC_LMS_PARM_L2_H10_W4:
+        XMEMCPY(priv, lms_priv_L2_H10_W4, sizeof(lms_priv_L2_H10_W4));
+        XMEMCPY(key.pub, lms_pub_L2_H10_W4, sizeof(lms_pub_L2_H10_W4));
+        break;
+
+    case WC_LMS_PARM_L3_H5_W4:
+        XMEMCPY(priv, lms_priv_L3_H5_W4, sizeof(lms_priv_L3_H5_W4));
+        XMEMCPY(key.pub, lms_pub_L3_H5_W4, sizeof(lms_pub_L3_H5_W4));
+        break;
+
+    case WC_LMS_PARM_L3_H5_W8:
+        XMEMCPY(priv, lms_priv_L3_H5_W8, sizeof(lms_priv_L3_H5_W8));
+        XMEMCPY(key.pub, lms_pub_L3_H5_W8, sizeof(lms_pub_L3_H5_W8));
+        break;
+
+    case WC_LMS_PARM_L3_H10_W4:
+        XMEMCPY(priv, lms_priv_L3_H10_W4, sizeof(lms_priv_L3_H10_W4));
+        XMEMCPY(key.pub, lms_pub_L3_H10_W4, sizeof(lms_pub_L3_H10_W4));
+        break;
+
+    case WC_LMS_PARM_L4_H5_W8:
+        XMEMCPY(priv, lms_priv_L4_H5_W8, sizeof(lms_priv_L4_H5_W8));
+        XMEMCPY(key.pub, lms_pub_L4_H5_W8, sizeof(lms_pub_L4_H5_W8));
+        break;
+
+    case WC_LMS_PARM_NONE:
+    case WC_LMS_PARM_L1_H15_W2:
+    case WC_LMS_PARM_L1_H15_W4:
+    case WC_LMS_PARM_L2_H10_W8:
+    case WC_LMS_PARM_L3_H5_W2:
+        printf("bench_lms_sign_verify: unsupported benchmark option: %d\n",
+               parm);
+        goto exit_lms_sign_verify;
+    }
+
+    ret = wc_LmsKey_SetWriteCb(&key, lms_write_key_mem);
+    if (ret) {
+        fprintf(stderr, "error: wc_LmsKey_SetWriteCb failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    ret = wc_LmsKey_SetReadCb(&key, lms_read_key_mem);
+    if (ret) {
+        fprintf(stderr, "error: wc_LmsKey_SetReadCb failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    ret = wc_LmsKey_SetContext(&key, (void *) priv);
+    if (ret) {
+        fprintf(stderr, "error: wc_LmsKey_SetContext failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    /* Even with saved priv/pub keys, we must still reload the private
+     * key before using it. Reloading the private key is the bottleneck
+     * for larger heights. Only print load time in debug builds. */
+#if defined(DEBUG_WOLFSSL)
+    bench_stats_start(&count, &start);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+    ret = wc_LmsKey_Reload(&key);
+    if (ret) {
+        printf("wc_LmsKey_Reload failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    count +=1;
+
+    ret = wc_LmsKey_GetSigLen(&key, &sigSz);
+    if (ret) {
+        printf("wc_LmsKey_GetSigLen failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+    ret = wc_LmsKey_GetPrivLen(&key, &privLen);
+    if (ret) {
+        printf("wc_LmsKey_GetPrivLen failed: %d\n", ret);
+        goto exit_lms_sign_verify;
+    }
+
+#if defined(DEBUG_WOLFSSL)
+    bench_stats_check(start);
+    bench_stats_asym_finish(str, (int)privLen, "load", 0,
+                            count, start, ret);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+    loaded = 1;
+
+    sig = XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sig == NULL) {
+        printf("bench_lms_sign_verify malloc failed\n");
+        goto exit_lms_sign_verify;
+    }
+
+    count = 0;
+    bench_stats_start(&count, &start);
+
+    do {
+        /* LMS is stateful. Async queuing not practical. */
+        for (times = 0; times < ntimes; ++times) {
+
+            ret = wc_LmsKey_Sign(&key, sig, &sigSz, (byte *) msg, msgSz);
+            if (ret) {
+                printf("wc_LmsKey_Sign failed: %d\n", ret);
+                goto exit_lms_sign_verify;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    bench_stats_asym_finish(str, (int)sigSz, "sign", 0,
+                            count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
+    count = 0;
+    bench_stats_start(&count, &start);
+
+    do {
+        /* LMS is stateful. Async queuing not practical. */
+        for (times = 0; times < ntimes; ++times) {
+            ret = wc_LmsKey_Verify(&key, sig, sigSz, (byte *) msg, msgSz);
+            if (ret) {
+                printf("wc_LmsKey_Verify failed: %d\n", ret);
+                goto exit_lms_sign_verify;
+            }
+            RECORD_MULTI_VALUE_STATS();
+        }
+
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+exit_lms_sign_verify:
+    bench_stats_asym_finish(str, (int)sigSz, "verify", 0,
+                            count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+
+    if (loaded) {
+        wc_LmsKey_Free(&key);
+        loaded = 0;
+    }
+
+    if (sig != NULL) {
+        XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        sig = NULL;
+    }
+
+    return;
+}
+
+void bench_lms(void)
+{
+    bench_lms_sign_verify(WC_LMS_PARM_L2_H10_W2);
+    bench_lms_sign_verify(WC_LMS_PARM_L2_H10_W4);
+    bench_lms_sign_verify(WC_LMS_PARM_L3_H5_W4);
+    bench_lms_sign_verify(WC_LMS_PARM_L3_H5_W8);
+    bench_lms_sign_verify(WC_LMS_PARM_L3_H10_W4);
+    bench_lms_sign_verify(WC_LMS_PARM_L4_H5_W8);
+    return;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+
+static enum wc_XmssRc xmss_write_key_mem(const byte * priv, word32 privSz,
+    void *context)
+{
+   /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! Production applications should
+    * write only to non-volatile storage. */
+    XMEMCPY(context, priv, privSz);
+    return WC_XMSS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static enum wc_XmssRc xmss_read_key_mem(byte * priv, word32 privSz,
+    void *context)
+{
+   /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! */
+    XMEMCPY(priv, context, privSz);
+    return WC_XMSS_RC_READ_TO_MEMORY;
+}
+
+static void bench_xmss_sign_verify(const char * params)
+{
+    WC_RNG          rng;
+    XmssKey         key;
+    word32          pkSz = 0;
+    word32          skSz = 0;
+    int             freeRng = 0;
+    int             freeKey = 0;
+    unsigned char * sk = NULL;
+    const char *    msg = "XMSS post quantum signature test";
+    word32          msgSz = (word32) XSTRLEN(msg);
+    int             ret = 0;
+    byte *          sig = NULL;
+    word32          sigSz = 0;
+    int             times = 0;
+    int             count = 0;
+    double          start = 0.0F;
+
+#ifndef HAVE_FIPS
+    ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+    ret = wc_InitRng(&rng);
+#endif
+    if (ret != 0) {
+        fprintf(stderr, "error: wc_InitRng failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    freeRng = 1;
+
+    ret = wc_XmssKey_Init(&key, NULL, INVALID_DEVID);
+    if (ret != 0) {
+        fprintf(stderr, "wc_XmssKey_Init failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_SetParamStr(&key, params);
+    if (ret != 0) {
+        fprintf(stderr, "wc_XmssKey_SetParamStr failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_GetPubLen(&key, &pkSz);
+    if (pkSz != XMSS_SHA256_PUBLEN) {
+        fprintf(stderr, "error: xmss pub len: got %d, expected %d\n", pkSz,
+                XMSS_SHA256_PUBLEN);
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_GetPrivLen(&key, &skSz);
+    if (ret != 0 || skSz <= 0) {
+        fprintf(stderr, "error: wc_XmssKey_GetPrivLen failed\n");
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_GetSigLen(&key, &sigSz);
+    if (ret != 0 || sigSz <= 0) {
+        fprintf(stderr, "error: wc_XmssKey_GetSigLen failed\n");
+        goto exit_xmss_sign_verify;
+    }
+
+    /* Allocate secret keys.*/
+    sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sk == NULL) {
+        fprintf(stderr, "error: allocate xmss sk failed\n");
+        goto exit_xmss_sign_verify;
+    }
+
+    /* Allocate signature array. */
+    sig = (byte *)XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sig == NULL) {
+        fprintf(stderr, "error: allocate xmss sig failed\n");
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_SetWriteCb(&key, xmss_write_key_mem);
+    if (ret != 0) {
+        fprintf(stderr, "error: wc_XmssKey_SetWriteCb failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_SetReadCb(&key, xmss_read_key_mem);
+    if (ret != 0) {
+        fprintf(stderr, "error: wc_XmssKey_SetReadCb failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    ret = wc_XmssKey_SetContext(&key, (void *) sk);
+    if (ret != 0) {
+        fprintf(stderr, "error: wc_XmssKey_SetContext failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+    fprintf(stderr, "params: %s\n", params);
+    fprintf(stderr, "pkSz:   %d\n", pkSz);
+    fprintf(stderr, "skSz:   %d\n", skSz);
+    fprintf(stderr, "sigSz:  %d\n", sigSz);
+#endif
+
+    /* Making the private key is the bottleneck
+     * for larger heights. Only print load time in debug builds. */
+#if defined(DEBUG_WOLFSSL)
+    bench_stats_start(&count, &start);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+    ret = wc_XmssKey_MakeKey(&key, &rng);
+    if (ret != 0) {
+        printf("wc_XmssKey_MakeKey failed: %d\n", ret);
+        goto exit_xmss_sign_verify;
+    }
+
+    count +=1;
+
+#if defined(DEBUG_WOLFSSL)
+    bench_stats_check(start);
+    bench_stats_asym_finish(params, (int)skSz, "load", 0,
+                            count, start, ret);
+#endif /* if defined DEBUG_WOLFSSL*/
+
+    freeKey = 1;
+
+    count = 0;
+    bench_stats_start(&count, &start);
+
+    do {
+        /* XMSS is stateful. Async queuing not practical. */
+        for (times = 0; times < ntimes; ++times) {
+
+            ret = wc_XmssKey_Sign(&key, sig, &sigSz, (byte *) msg, msgSz);
+            if (ret) {
+                printf("wc_XmssKey_Sign failed: %d\n", ret);
+                goto exit_xmss_sign_verify;
+            }
+        }
+
+        count += times;
+    } while (bench_stats_check(start));
+
+    bench_stats_asym_finish(params, (int)sigSz, "sign", 0,
+                            count, start, ret);
+
+    count = 0;
+    bench_stats_start(&count, &start);
+
+    do {
+        /* XMSS is stateful. Async queuing not practical. */
+        for (times = 0; times < ntimes; ++times) {
+            ret = wc_XmssKey_Verify(&key, sig, sigSz, (byte *) msg, msgSz);
+            if (ret) {
+                printf("wc_XmssKey_Verify failed: %d\n", ret);
+                goto exit_xmss_sign_verify;
+            }
+        }
+
+        count += times;
+    } while (bench_stats_check(start));
+
+exit_xmss_sign_verify:
+    bench_stats_asym_finish(params, (int)sigSz, "verify", 0,
+                            count, start, ret);
+
+    /* Cleanup everything. */
+    if (sig != NULL) {
+        XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        sig = NULL;
+    }
+
+    if (sk != NULL) {
+        XFREE(sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        sk = NULL;
+    }
+
+    if (freeRng) {
+        wc_FreeRng(&rng);
+        freeRng = 0;
+    }
+
+    if (freeKey) {
+        wc_XmssKey_Free(&key);
+        freeKey = 0;
+    }
+
+    return;
+}
+
+void bench_xmss(void)
+{
+    /* All NIST SP 800-208 approved SHA256 XMSS/XMSS^MT parameter
+     * sets.
+     *
+     * Note: not testing "XMSS-SHA2_16_256", "XMSS-SHA2_20_256",
+     * and "XMSSMT-SHA2_60/3_256", because their keygen can be
+     * very slow, their signatures and private keys quite large,
+     * and xmss private keys are not portable across different
+     * XMSS/XMSS^MT implementations.
+     *
+     * The bottleneck in key generation is the height of the first
+     * level tree (or h/d).
+     *
+     * h is the total height of the hyper tree, and d the number of
+     * trees.
+     * */
+                                                       /* h/d    h   d */
+    bench_xmss_sign_verify("XMSS-SHA2_10_256");        /*  10   10   1 */
+ /* bench_xmss_sign_verify("XMSS-SHA2_16_256"); */     /*  16   16   1 */
+ /* bench_xmss_sign_verify("XMSS-SHA2_20_256"); */     /*  20   20   1 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_20/2_256");    /*  10   20   2 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_20/4_256");    /*   5   20   4 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_40/4_256");    /*  10   40   4 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_40/8_256");    /*   5   40   8 */
+ /* bench_xmss_sign_verify("XMSSMT-SHA2_60/3_256"); */ /*  20   60   3 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_60/6_256");    /*  10   60   6 */
+    bench_xmss_sign_verify("XMSSMT-SHA2_60/12_256");   /*   5   60  12 */
+    return;
+}
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY) */
+
 #ifdef HAVE_ECC
 
-/* +8 for 'ECDSA [%s]' and null terminator */
+/* Maximum ECC name plus null terminator:
+ * "ECC   [%15s]" and "ECDHE [%15s]" and "ECDSA [%15s]" */
 #define BENCH_ECC_NAME_SZ (ECC_MAXNAME + 8)
 
 /* run all benchmarks on a curve */
@@ -7343,6 +9860,7 @@ void bench_eccMakeKey(int useDeviceID, int curveId)
     char name[BENCH_ECC_NAME_SZ];
     double start;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
 #ifdef WOLFSSL_SMALL_STACK
     genKey = (ecc_key *)XMALLOC(sizeof(*genKey) * BENCH_MAX_PENDING,
@@ -7386,15 +9904,23 @@ void bench_eccMakeKey(int useDeviceID, int curveId)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit:
     (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC   [%15s]",
             wc_ecc_get_name(curveId));
     bench_stats_asym_finish(name, keySize * 8, desc[2],
                             useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     /* cleanup */
     for (i = 0; i < BENCH_MAX_PENDING; i++) {
@@ -7435,6 +9961,7 @@ void bench_ecc(int useDeviceID, int curveId)
     word32 x[BENCH_MAX_PENDING];
     double start = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
 #ifdef HAVE_ECC_DHE
     WC_DECLARE_ARRAY(shared, byte,
@@ -7539,9 +10066,15 @@ void bench_ecc(int useDeviceID, int curveId)
                     }
                 }
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     PRIVATE_KEY_UNLOCK();
 exit_ecdhe:
     (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDHE [%15s]",
@@ -7549,10 +10082,16 @@ exit_ecdhe:
 
     bench_stats_asym_finish(name, keySize * 8, desc[3],
                             useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     if (ret < 0) {
         goto exit;
     }
+
 #endif /* HAVE_ECC_DHE */
 
 #if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
@@ -7589,9 +10128,14 @@ exit_ecdhe:
                     }
                 } /* bench_async_check */
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit_ecdsa_sign:
     (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
@@ -7599,6 +10143,11 @@ exit_ecdsa_sign:
 
     bench_stats_asym_finish(name, keySize * 8, desc[4],
                             useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     if (ret < 0) {
         goto exit;
@@ -7632,9 +10181,14 @@ exit_ecdsa_sign:
                     }
                 } /* if bench_async_check */
             } /* for i */
+            RECORD_MULTI_VALUE_STATS();
         } /* for times */
         count += times;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit_ecdsa_verify:
     (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
@@ -7642,6 +10196,9 @@ exit_ecdsa_verify:
 
     bench_stats_asym_finish(name, keySize * 8, desc[5],
                             useDeviceID, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 #endif /* HAVE_ECC_VERIFY */
 #endif /* !NO_ASN && HAVE_ECC_SIGN */
 
@@ -7693,18 +10250,18 @@ void bench_eccEncrypt(int curveId)
     ecc_key *userA = NULL, *userB = NULL;
     byte    *msg = NULL;
     byte    *out = NULL;
-    char    *name = NULL;
 #else
     ecc_key userA[1], userB[1];
     byte    msg[BENCH_ECCENCRYPT_MSG_SIZE];
     byte    out[BENCH_ECCENCRYPT_OUT_SIZE];
-    char name[BENCH_ECC_NAME_SZ];
 #endif
+    char    name[BENCH_ECC_NAME_SZ];
     int     keySize;
     word32  bench_plainSz = bench_size;
     int     ret, i, count;
     double start;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
 #ifdef WOLFSSL_SMALL_STACK
     userA = (ecc_key *)XMALLOC(sizeof(*userA),
@@ -7715,9 +10272,7 @@ void bench_eccEncrypt(int curveId)
                           HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     out = (byte *)XMALLOC(outSz,
                           HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    name = (char *)XMALLOC(BENCH_ECC_NAME_SZ,
-                           HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if ((! userA) || (! userB) || (! msg) || (! out) || (! name)) {
+    if ((! userA) || (! userB) || (! msg) || (! out)) {
         printf("bench_eccEncrypt malloc failed\n");
         goto exit;
     }
@@ -7776,14 +10331,24 @@ void bench_eccEncrypt(int curveId)
                 printf("wc_ecc_encrypt failed! %d\n", ret);
                 goto exit_enc;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
 exit_enc:
     (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC   [%15s]",
                     wc_ecc_get_name(curveId));
     bench_stats_asym_finish(name, keySize * 8, desc[6], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     bench_stats_start(&count, &start);
     do {
@@ -7795,11 +10360,20 @@ exit_enc:
                 printf("wc_ecc_decrypt failed! %d\n", ret);
                 goto exit_dec;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_dec:
     bench_stats_asym_finish(name, keySize * 8, desc[7], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
 exit:
 
@@ -7817,14 +10391,337 @@ exit:
         XFREE(msg, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     if (out)
         XFREE(out, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if (name)
-        XFREE(name, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #else
     wc_ecc_free(userB);
     wc_ecc_free(userA);
 #endif
 }
 #endif
+
+#ifdef WOLFSSL_SM2
+static void bench_sm2_MakeKey(int useDeviceID)
+{
+    int ret = 0, i, times, count, pending = 0;
+    int deviceID;
+    int keySize;
+    ecc_key genKey[BENCH_MAX_PENDING];
+    char name[BENCH_ECC_NAME_SZ];
+    double start;
+    const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+    deviceID = useDeviceID ? devId : INVALID_DEVID;
+    keySize = wc_ecc_get_curve_size_from_id(ECC_SM2P256V1);
+
+    /* clear for done cleanup */
+    XMEMSET(&genKey, 0, sizeof(genKey));
+
+    /* ECC Make Key */
+    bench_stats_start(&count, &start);
+    do {
+        /* while free pending slots in queue, submit ops */
+        for (times = 0; times < agreeTimes || pending > 0; ) {
+            bench_async_poll(&pending);
+
+            for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 0,
+                            &times, agreeTimes, &pending)) {
+
+                    wc_ecc_free(&genKey[i]);
+                    ret = wc_ecc_init_ex(&genKey[i], HEAP_HINT, deviceID);
+                    if (ret < 0) {
+                        goto exit;
+                    }
+
+                    ret = wc_ecc_sm2_make_key(&gRng, &genKey[i],
+                        WC_ECC_FLAG_NONE);
+                    if (!bench_async_handle(&ret,
+                                BENCH_ASYNC_GET_DEV(&genKey[i]), 0, &times,
+                                &pending)) {
+                        goto exit;
+                    }
+                }
+            } /* for i */
+            RECORD_MULTI_VALUE_STATS();
+        } /* for times */
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+exit:
+    (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECC   [%15s]",
+            wc_ecc_get_name(ECC_SM2P256V1));
+    bench_stats_asym_finish(name, keySize * 8, desc[2], useDeviceID, count,
+            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    /* cleanup */
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        wc_ecc_free(&genKey[i]);
+    }
+}
+
+
+void bench_sm2(int useDeviceID)
+{
+    int ret = 0, i, times, count, pending = 0;
+    int deviceID;
+    int  keySize;
+    char name[BENCH_ECC_NAME_SZ];
+    ecc_key genKey[BENCH_MAX_PENDING];
+#ifdef HAVE_ECC_DHE
+    ecc_key genKey2[BENCH_MAX_PENDING];
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+#ifdef HAVE_ECC_VERIFY
+    int    verify[BENCH_MAX_PENDING];
+#endif
+#endif
+    word32 x[BENCH_MAX_PENDING];
+    double start = 0;
+    const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
+
+#ifdef HAVE_ECC_DHE
+    WC_DECLARE_ARRAY(shared, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+    WC_DECLARE_ARRAY(sig, byte, BENCH_MAX_PENDING, ECC_MAX_SIG_SIZE, HEAP_HINT);
+    WC_DECLARE_ARRAY(digest, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+
+#ifdef HAVE_ECC_DHE
+    WC_INIT_ARRAY(shared, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+    WC_INIT_ARRAY(sig, byte, BENCH_MAX_PENDING, ECC_MAX_SIG_SIZE, HEAP_HINT);
+    WC_INIT_ARRAY(digest, byte, BENCH_MAX_PENDING, MAX_ECC_BYTES, HEAP_HINT);
+#endif
+    deviceID = useDeviceID ? devId : INVALID_DEVID;
+
+    bench_sm2_MakeKey(useDeviceID);
+
+    /* clear for done cleanup */
+    XMEMSET(&genKey, 0, sizeof(genKey));
+#ifdef HAVE_ECC_DHE
+    XMEMSET(&genKey2, 0, sizeof(genKey2));
+#endif
+
+    keySize = wc_ecc_get_curve_size_from_id(ECC_SM2P256V1);
+
+    /* init keys */
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        /* setup an context for each key */
+        if ((ret = wc_ecc_init_ex(&genKey[i], HEAP_HINT, deviceID)) < 0) {
+            goto exit;
+        }
+        ret = wc_ecc_sm2_make_key(&gRng, &genKey[i], WC_ECC_FLAG_NONE);
+    #ifdef WOLFSSL_ASYNC_CRYPT
+        ret = wc_AsyncWait(ret, &genKey[i].asyncDev, WC_ASYNC_FLAG_NONE);
+    #endif
+        if (ret < 0) {
+            goto exit;
+        }
+
+    #ifdef HAVE_ECC_DHE
+        if ((ret = wc_ecc_init_ex(&genKey2[i], HEAP_HINT, deviceID)) < 0) {
+            goto exit;
+        }
+        if ((ret = wc_ecc_sm2_make_key(&gRng, &genKey2[i],
+                WC_ECC_FLAG_NONE)) > 0) {
+            goto exit;
+        }
+    #endif
+    }
+
+#ifdef HAVE_ECC_DHE
+#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
+    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
+    !defined(HAVE_SELFTEST)
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        (void)wc_ecc_set_rng(&genKey[i], &gRng);
+    }
+#endif
+
+    /* ECC Shared Secret */
+    bench_stats_start(&count, &start);
+    PRIVATE_KEY_UNLOCK();
+    do {
+        for (times = 0; times < agreeTimes || pending > 0; ) {
+            bench_async_poll(&pending);
+
+            /* while free pending slots in queue, submit ops */
+            for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+                            &times, agreeTimes, &pending)) {
+                    x[i] = (word32)keySize;
+                    ret = wc_ecc_sm2_shared_secret(&genKey[i], &genKey2[i],
+                            shared[i], &x[i]);
+                    if (!bench_async_handle(&ret,
+                                BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+                                &pending)) {
+                        goto exit_ecdhe;
+                    }
+                }
+            } /* for i */
+            RECORD_MULTI_VALUE_STATS();
+        } /* for times */
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+    PRIVATE_KEY_UNLOCK();
+exit_ecdhe:
+    (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDHE [%15s]",
+            wc_ecc_get_name(ECC_SM2P256V1));
+
+    bench_stats_asym_finish(name, keySize * 8, desc[3], useDeviceID, count,
+            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    if (ret < 0) {
+        goto exit;
+    }
+#endif /* HAVE_ECC_DHE */
+
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+
+    /* Init digest to sign */
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        for (count = 0; count < keySize; count++) {
+            digest[i][count] = (byte)count;
+        }
+    }
+
+    RESET_MULTI_VALUE_STATS_VARS();
+
+    /* ECC Sign */
+    bench_stats_start(&count, &start);
+    do {
+        for (times = 0; times < agreeTimes || pending > 0; ) {
+            bench_async_poll(&pending);
+
+            /* while free pending slots in queue, submit ops */
+            for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+                            &times, agreeTimes, &pending)) {
+                    if (genKey[i].state == 0)
+                        x[i] = ECC_MAX_SIG_SIZE;
+                    ret = wc_ecc_sm2_sign_hash(digest[i], (word32)keySize,
+                            sig[i], &x[i], &gRng, &genKey[i]);
+                    if (!bench_async_handle(&ret,
+                                BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+                                &pending)) {
+                        goto exit_ecdsa_sign;
+                    }
+                }
+            } /* for i */
+            RECORD_MULTI_VALUE_STATS();
+        } /* for times */
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+exit_ecdsa_sign:
+    (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
+            wc_ecc_get_name(ECC_SM2P256V1));
+
+    bench_stats_asym_finish(name, keySize * 8, desc[4], useDeviceID, count,
+            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    if (ret < 0) {
+        goto exit;
+    }
+
+#ifdef HAVE_ECC_VERIFY
+
+    /* ECC Verify */
+    bench_stats_start(&count, &start);
+    do {
+        for (times = 0; times < agreeTimes || pending > 0; ) {
+            bench_async_poll(&pending);
+
+            /* while free pending slots in queue, submit ops */
+            for (i = 0; i < BENCH_MAX_PENDING; i++) {
+                if (bench_async_check(&ret, BENCH_ASYNC_GET_DEV(&genKey[i]), 1,
+                            &times, agreeTimes, &pending)) {
+                    if (genKey[i].state == 0)
+                        verify[i] = 0;
+                    ret = wc_ecc_sm2_verify_hash(sig[i], x[i], digest[i],
+                                       (word32)keySize, &verify[i], &genKey[i]);
+                    if (!bench_async_handle(&ret,
+                                BENCH_ASYNC_GET_DEV(&genKey[i]), 1, &times,
+                                &pending)) {
+                        goto exit_ecdsa_verify;
+                    }
+                }
+            } /* for i */
+            RECORD_MULTI_VALUE_STATS();
+        } /* for times */
+        count += times;
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
+exit_ecdsa_verify:
+    (void)XSNPRINTF(name, BENCH_ECC_NAME_SZ, "ECDSA [%15s]",
+            wc_ecc_get_name(ECC_SM2P256V1));
+
+    bench_stats_asym_finish(name, keySize * 8, desc[5], useDeviceID, count,
+            start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+#endif /* HAVE_ECC_VERIFY */
+#endif /* !NO_ASN && HAVE_ECC_SIGN */
+
+exit:
+
+    /* cleanup */
+    for (i = 0; i < BENCH_MAX_PENDING; i++) {
+        wc_ecc_free(&genKey[i]);
+    #ifdef HAVE_ECC_DHE
+        wc_ecc_free(&genKey2[i]);
+    #endif
+    }
+
+#ifdef HAVE_ECC_DHE
+    WC_FREE_ARRAY(shared, BENCH_MAX_PENDING, HEAP_HINT);
+#endif
+#if !defined(NO_ASN) && defined(HAVE_ECC_SIGN)
+    WC_FREE_ARRAY(sig, BENCH_MAX_PENDING, HEAP_HINT);
+    WC_FREE_ARRAY(digest, BENCH_MAX_PENDING, HEAP_HINT);
+#endif
+
+    (void)useDeviceID;
+    (void)pending;
+    (void)x;
+    (void)count;
+    (void)times;
+    (void)desc;
+    (void)start;
+    (void)name;
+}
+#endif /* WOLFSSL_SM2 */
 #endif /* HAVE_ECC */
 
 #ifdef HAVE_CURVE25519
@@ -7834,6 +10731,7 @@ void bench_curve25519KeyGen(int useDeviceID)
     double start;
     int    ret = 0, i, count;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -7852,11 +10750,20 @@ void bench_curve25519KeyGen(int useDeviceID)
                 printf("wc_curve25519_make_key failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("CURVE", 25519, desc[2], useDeviceID, count, start,
         ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 #ifdef HAVE_CURVE25519_SHARED_SECRET
@@ -7868,6 +10775,7 @@ void bench_curve25519KeyAgree(int useDeviceID)
     byte   shared[32];
     const char**desc = bench_desc_words[lng_index];
     word32 x = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     wc_curve25519_init_ex(&genKey,  HEAP_HINT,
         useDeviceID ? devId : INVALID_DEVID);
@@ -7896,12 +10804,21 @@ void bench_curve25519KeyAgree(int useDeviceID)
                 printf("curve25519_shared_secret failed: %d\n", ret);
                 goto exit;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit:
     bench_stats_asym_finish("CURVE", 25519, desc[3], useDeviceID, count, start,
         ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_curve25519_free(&genKey2);
     wc_curve25519_free(&genKey);
@@ -7912,10 +10829,12 @@ exit:
 #ifdef HAVE_ED25519
 void bench_ed25519KeyGen(void)
 {
+#ifdef HAVE_ED25519_MAKE_KEY
     ed25519_key genKey;
     double start;
     int    i, count;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -7924,16 +10843,28 @@ void bench_ed25519KeyGen(void)
             wc_ed25519_init(&genKey);
             (void)wc_ed25519_make_key(&gRng, 32, &genKey);
             wc_ed25519_free(&genKey);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ED", 25519, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+#endif /* HAVE_ED25519_MAKE_KEY */
 }
 
 
 void bench_ed25519KeySign(void)
 {
+#ifdef HAVE_ED25519_MAKE_KEY
     int    ret;
+#endif
     ed25519_key genKey;
 #ifdef HAVE_ED25519_SIGN
     double start;
@@ -7942,15 +10873,18 @@ void bench_ed25519KeySign(void)
     byte   msg[512];
     word32 x = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #endif
 
     wc_ed25519_init(&genKey);
 
+#ifdef HAVE_ED25519_MAKE_KEY
     ret = wc_ed25519_make_key(&gRng, ED25519_KEY_SIZE, &genKey);
     if (ret != 0) {
         printf("ed25519_make_key failed\n");
         return;
     }
+#endif
 
 #ifdef HAVE_ED25519_SIGN
     /* make dummy msg */
@@ -7966,11 +10900,22 @@ void bench_ed25519KeySign(void)
                 printf("ed25519_sign_msg failed\n");
                 goto exit_ed_sign;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_ed_sign:
     bench_stats_asym_finish("ED", 25519, desc[4], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
 #ifdef HAVE_ED25519_VERIFY
     bench_stats_start(&count, &start);
@@ -7983,11 +10928,20 @@ exit_ed_sign:
                 printf("ed25519_verify_msg failed\n");
                 goto exit_ed_verify;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_ed_verify:
     bench_stats_asym_finish("ED", 25519, desc[5], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 #endif /* HAVE_ED25519_VERIFY */
 #endif /* HAVE_ED25519_SIGN */
 
@@ -8002,6 +10956,7 @@ void bench_curve448KeyGen(void)
     double start;
     int    ret = 0, i, count;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -8013,10 +10968,19 @@ void bench_curve448KeyGen(void)
                 printf("wc_curve448_make_key failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("CURVE", 448, desc[2], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 #ifdef HAVE_CURVE448_SHARED_SECRET
@@ -8028,6 +10992,7 @@ void bench_curve448KeyAgree(void)
     byte   shared[56];
     const char**desc = bench_desc_words[lng_index];
     word32 x = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     wc_curve448_init(&genKey);
     wc_curve448_init(&genKey2);
@@ -8054,11 +11019,20 @@ void bench_curve448KeyAgree(void)
                 printf("curve448_shared_secret failed: %d\n", ret);
                 goto exit;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit:
     bench_stats_asym_finish("CURVE", 448, desc[3], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_curve448_free(&genKey2);
     wc_curve448_free(&genKey);
@@ -8073,6 +11047,7 @@ void bench_ed448KeyGen(void)
     double start;
     int    i, count;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -8081,10 +11056,19 @@ void bench_ed448KeyGen(void)
             wc_ed448_init(&genKey);
             (void)wc_ed448_make_key(&gRng, ED448_KEY_SIZE, &genKey);
             wc_ed448_free(&genKey);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ED", 448, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 
@@ -8099,6 +11083,7 @@ void bench_ed448KeySign(void)
     byte   msg[512];
     word32 x = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 #endif
 
     wc_ed448_init(&genKey);
@@ -8124,11 +11109,22 @@ void bench_ed448KeySign(void)
                 printf("ed448_sign_msg failed\n");
                 goto exit_ed_sign;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_ed_sign:
     bench_stats_asym_finish("ED", 448, desc[4], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
 #ifdef HAVE_ED448_VERIFY
     bench_stats_start(&count, &start);
@@ -8141,11 +11137,20 @@ exit_ed_sign:
                 printf("ed448_verify_msg failed\n");
                 goto exit_ed_verify;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
 exit_ed_verify:
     bench_stats_asym_finish("ED", 448, desc[5], 0, count, start, ret);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 #endif /* HAVE_ED448_VERIFY */
 #endif /* HAVE_ED448_SIGN */
 
@@ -8162,6 +11167,7 @@ void bench_eccsiKeyGen(void)
     int    i, count;
     const char**desc = bench_desc_words[lng_index];
     int    ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -8174,10 +11180,19 @@ void bench_eccsiKeyGen(void)
                 break;
             }
             wc_FreeEccsiKey(&genKey);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ECCSI", 256, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_eccsiPairGen(void)
@@ -8190,6 +11205,7 @@ void bench_eccsiPairGen(void)
     ecc_point* pvt;
     static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
     int ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     (void)mp_init(&ssk);
     pvt = wc_ecc_new_point();
@@ -8206,10 +11222,19 @@ void bench_eccsiPairGen(void)
                 printf("wc_MakeEccsiPair failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ECCSI", 256, desc[12], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeEccsiKey(&genKey);
     wc_ecc_del_point(pvt);
@@ -8229,6 +11254,7 @@ void bench_eccsiValidate(void)
     static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
     int valid;
     int ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     (void)mp_init(&ssk);
     pvt = wc_ecc_new_point();
@@ -8248,10 +11274,19 @@ void bench_eccsiValidate(void)
                        valid);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ECCSI", 256, desc[11], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeEccsiKey(&genKey);
     wc_ecc_del_point(pvt);
@@ -8274,6 +11309,7 @@ void bench_eccsi(void)
     word32 sigSz = sizeof(sig);
     int ret;
     int verified;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     (void)mp_init(&ssk);
     pvt = wc_ecc_new_point();
@@ -8296,10 +11332,21 @@ void bench_eccsi(void)
                 printf("wc_SignEccsiHash failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ECCSI", 256, desc[4], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     /* Derive */
     bench_stats_start(&count, &start);
@@ -8313,10 +11360,19 @@ void bench_eccsi(void)
                        verified);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("ECCSI", 256, desc[5], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeEccsiKey(&genKey);
     wc_ecc_del_point(pvt);
@@ -8333,6 +11389,7 @@ void bench_sakkeKeyGen(void)
     int    i, count;
     const char**desc = bench_desc_words[lng_index];
     int    ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     /* Key Gen */
     bench_stats_start(&count, &start);
@@ -8345,10 +11402,19 @@ void bench_sakkeKeyGen(void)
                 break;
             }
             wc_FreeSakkeKey(&genKey);
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("SAKKE", 1024, desc[2], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 }
 
 void bench_sakkeRskGen(void)
@@ -8360,6 +11426,7 @@ void bench_sakkeRskGen(void)
     ecc_point* rsk;
     static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
     int ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     rsk = wc_ecc_new_point();
     wc_InitSakkeKey_ex(&genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID);
@@ -8374,10 +11441,19 @@ void bench_sakkeRskGen(void)
                 printf("wc_MakeSakkeRsk failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("SAKKE", 1024, desc[8], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeSakkeKey(&genKey);
     wc_ecc_del_point(rsk);
@@ -8395,6 +11471,7 @@ void bench_sakkeValidate(void)
     static const byte id[] = { 0x01, 0x23, 0x34, 0x45 };
     int valid;
     int ret;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     rsk = wc_ecc_new_point();
     (void)wc_InitSakkeKey_ex(&genKey, 128, ECC_SAKKE_1, NULL, INVALID_DEVID);
@@ -8412,10 +11489,19 @@ void bench_sakkeValidate(void)
                        valid);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish("SAKKE", 1024, desc[11], 0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeSakkeKey(&genKey);
     wc_ecc_del_point(rsk);
@@ -8439,6 +11525,7 @@ void bench_sakke(void)
     word32 len = 0;
     byte* iTable = NULL;
     word32 iTableLen = 0;
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     XMEMCPY(ssv, ssv_init, sizeof ssv);
 
@@ -8460,12 +11547,22 @@ void bench_sakke(void)
                 printf("wc_MakeSakkeEncapsulatedSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         } /* for */
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[9], "-1",
                                0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     /* Derive */
     bench_stats_start(&count, &start);
@@ -8478,12 +11575,21 @@ void bench_sakke(void)
                 printf("wc_DeriveSakkeSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         if (ret != 0) break;
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-1",
                                0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     /* Calculate Point I and generate table. */
     (void)wc_MakeSakkePointI(&genKey, id, sizeof(id));
@@ -8505,12 +11611,22 @@ void bench_sakke(void)
                 printf("wc_MakeSakkeEncapsulatedSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[9], "-2", 0,
                                count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     (void)wc_SetSakkeRsk(&genKey, rsk, table, len);
 
@@ -8525,13 +11641,23 @@ void bench_sakke(void)
                 printf("wc_DeriveSakkeSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         if (ret != 0) break;
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-2", 0,
                                count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     len = 0;
     (void)wc_GenerateSakkeRskTable(&genKey, rsk, NULL, &len);
@@ -8552,12 +11678,23 @@ void bench_sakke(void)
                 printf("wc_DeriveSakkeSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         if (ret != 0) break;
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-3",
                                0, count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
+
+    RESET_MULTI_VALUE_STATS_VARS();
 
     wc_ClearSakkePointITable(&genKey);
     /* Derive with RSK table */
@@ -8571,12 +11708,21 @@ void bench_sakke(void)
                 printf("wc_DeriveSakkeSSV failed: %d\n", ret);
                 break;
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         if (ret != 0) break;
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
+
     bench_stats_asym_finish_ex("SAKKE", 1024, desc[10], "-4", 0,
                                count, start, 0);
+#ifdef MULTI_VALUE_STATISTICS
+    bench_multi_value_stats(max, min, sum, squareSum, runs);
+#endif
 
     wc_FreeSakkeKey(&genKey);
     wc_ecc_del_point(rsk);
@@ -8596,6 +11742,7 @@ void bench_falconKeySign(byte level)
     byte   msg[512];
     word32 x = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_falcon_init(&key);
     if (ret != 0) {
@@ -8646,15 +11793,25 @@ void bench_falconKeySign(byte level)
                     printf("wc_falcon_sign_msg failed\n");
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         bench_stats_asym_finish("FALCON", level, desc[4], 0,
                                 count, start, ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < agreeTimes; i++) {
@@ -8668,13 +11825,21 @@ void bench_falconKeySign(byte level)
                     ret = -1;
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         bench_stats_asym_finish("FALCON", level, desc[5],
                                 0, count, start, ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
     wc_falcon_free(&key);
@@ -8692,6 +11857,7 @@ void bench_dilithiumKeySign(byte level)
     byte   msg[512];
     word32 x = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_dilithium_init(&key);
     if (ret != 0) {
@@ -8748,15 +11914,25 @@ void bench_dilithiumKeySign(byte level)
                     printf("wc_dilithium_sign_msg failed\n");
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         bench_stats_asym_finish("DILITHIUM", level, desc[4], 0, count, start,
                                 ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < agreeTimes; i++) {
@@ -8771,13 +11947,21 @@ void bench_dilithiumKeySign(byte level)
                     ret = -1;
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         bench_stats_asym_finish("DILITHIUM", level, desc[5], 0, count, start,
                                 ret);
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
     wc_dilithium_free(&key);
@@ -8795,6 +11979,7 @@ void bench_sphincsKeySign(byte level, byte optim)
     byte   msg[512];
     word32 x = 0;
     const char**desc = bench_desc_words[lng_index];
+    DECLARE_MULTI_VALUE_STATS_VARS()
 
     ret = wc_sphincs_init(&key);
     if (ret != 0) {
@@ -8875,9 +12060,14 @@ void bench_sphincsKeySign(byte level, byte optim)
                     printf("wc_sphincs_sign_msg failed\n");
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         if (optim == FAST_VARIANT) {
@@ -8888,8 +12078,13 @@ void bench_sphincsKeySign(byte level, byte optim)
             bench_stats_asym_finish("SPHINCS-SMALL", level, desc[4], 0, count,
                                     start, ret);
         }
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
+    RESET_MULTI_VALUE_STATS_VARS();
+
     bench_stats_start(&count, &start);
     do {
         for (i = 0; i < agreeTimes; i++) {
@@ -8904,9 +12099,14 @@ void bench_sphincsKeySign(byte level, byte optim)
                     ret = -1;
                 }
             }
+            RECORD_MULTI_VALUE_STATS();
         }
         count += i;
-    } while (bench_stats_check(start));
+    } while (bench_stats_check(start)
+#ifdef MULTI_VALUE_STATISTICS
+       || runs < minimum_runs
+#endif
+       );
 
     if (ret == 0) {
         if (optim == FAST_VARIANT) {
@@ -8917,6 +12117,9 @@ void bench_sphincsKeySign(byte level, byte optim)
             bench_stats_asym_finish("SPHINCS-SMALL", level, desc[5], 0, count,
                                     start, ret);
         }
+    #ifdef MULTI_VALUE_STATISTICS
+        bench_multi_value_stats(max, min, sum, squareSum, runs);
+    #endif
     }
 
     wc_sphincs_free(&key);
@@ -8945,7 +12148,11 @@ void bench_sphincsKeySign(byte level, byte optim)
 
         QueryPerformanceCounter(&count);
 
+#ifdef BENCH_MICROSECOND
+        return ((double)count.QuadPart * 1000000) / freq.QuadPart;
+#else
         return (double)count.QuadPart / freq.QuadPart;
+#endif
     }
 
 #elif defined MICROCHIP_PIC32
@@ -8983,21 +12190,110 @@ void bench_sphincsKeySign(byte level, byte optim)
     /* prototype definition */
     int construct_argv();
     extern char* __argv[22];
-#endif
+
+    /* current_time(reset)
+     *
+     * Benchmark passage of time, in fractional seconds.
+     *   [reset] is non zero to adjust timer or counter to zero
+     *
+     * Use care when repeatedly calling calling. See implementation. */
     double current_time(int reset)
     {
+        double ret;
     #if ESP_IDF_VERSION_MAJOR >= 4
-        TickType_t tickCount;
+        TickType_t tickCount; /* typically 32 bit, local FreeRTOS ticks */
     #else
         portTickType tickCount;
     #endif
 
-        (void) reset;
+    #if defined(__XTENSA__)
+        (void)reset;
 
+        if (reset) {
+            /* TODO: Determine a mechanism for reset that does not interfere
+             * with freeRTOS tick. Using this code for Xtensa appears to cause
+             * RTOS tick timer to stick. See "last_tickCount unchanged".
+            ESP_LOGW(TAG, "Current_time() reset!");
+            portTICK_TYPE_ENTER_CRITICAL();
+            {
+                esp_cpu_set_cycle_count((esp_cpu_cycle_count_t)0);
+                _esp_cpu_count_last = xthal_get_ccount();
+                _esp_cpu_count_last = esp_cpu_get_cycle_count();
+            }
+            portTICK_TYPE_EXIT_CRITICAL();
+            */
+        }
+    #else
+        /* Only reset the CPU counter for RISC-V */
+        if (reset) {
+            ESP_LOGV(TAG, "current_time() reset!");
+            /* TODO: why does Espressif esp_cpu_get_cycle_count() cause
+             * unexpected rollovers in return values for Xtensa but not RISC-V?
+             * See also esp_get_cycle_count_ex() */
+            #ifdef __XTENSA__
+                _esp_cpu_count_last = xthal_get_ccount();
+            #else
+                esp_cpu_set_cycle_count((esp_cpu_cycle_count_t)0);
+                _esp_cpu_count_last = esp_cpu_get_cycle_count();
+            #endif
+       }
+    #endif
+
+    /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
+    tickCount = xTaskGetTickCount(); /* RTOS ticks, not CPU cycles!
+      The count of ticks since vTaskStartScheduler was called,
+      typiclly in app_startup.c */
+
+    #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+        ESP_LOGV(TAG, "tickCount = %lu", tickCount);
+        if (tickCount == last_tickCount) {
+            ESP_LOGW(TAG, "last_tickCount unchanged? %lu", tickCount);
+
+        }
+        if (tickCount < last_tickCount) {
+            ESP_LOGW(TAG, "last_tickCount overflow?");
+        }
+    #endif
+
+    if (reset) {
+        #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+            ESP_LOGW(TAG, "Assign last_tickCount = %lu", tickCount);
+        #endif
+        last_tickCount = tickCount;
+    }
+    else {
+        #ifdef DEBUG_WOLFSSL_BENCHMARK_TIMING
+            ESP_LOGW(TAG, "No Reset last_tickCount = %lu", tickCount);
+        #endif
+    }
+
+    #if defined(configTICK_RATE_HZ) && defined(CONFIG_FREERTOS_HZ)
+        ret = (double)tickCount / configTICK_RATE_HZ;
+    #else
+        ESP_LOGW(TAG, "Warning: configTICK_RATE_HZ not defined,"
+                        "assuming 1000 Hz.");
+        ret = (double)(tickCount / 1000.0);
+    #endif /* configTICK_RATE_HZ */
+
+        return ret;
+
+    } /* current_time */
+#else
+    /* current_time(reset)
+    *
+    * Benchmark passage of time, in fractional seconds.
+    *   [reset] is non zero to adjust timer or counter to zero
+    *
+    * Use care when repeatedly calling calling. See implementation. */
+    double current_time(int reset)
+    {
+        portTickType tickCount;
         /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */
         tickCount = xTaskGetTickCount();
         return (double)tickCount / 1000;
     }
+#endif
+
 
 #elif defined (WOLFSSL_TIRTOS)
 
@@ -9020,6 +12316,14 @@ void bench_sphincsKeySign(byte level, byte optim)
         return (double)OSA_TimeGetMsec() / 1000;
     }
 
+#elif defined(WOLFSSL_CMSIS_RTOS) || defined(WOLFSSL_CMSIS_RTOSv2)
+
+    double current_time(int reset)
+    {
+        (void)reset;
+        return (double)osKernelGetTickCount() / 1000.0;
+    }
+
 #elif defined(WOLFSSL_EMBOS)
 
     #include "RTOS.h"
@@ -9028,7 +12332,7 @@ void bench_sphincsKeySign(byte level, byte optim)
     {
         double time_now;
         double current_s = OS_GetTime() / 1000.0;
-        double current_us = OS_GetTime_us() / 1000000.0;
+        double current_us = OS_GetTime_us() / MILLION_VALUE;
         time_now = (double)( current_s + current_us);
 
         (void) reset;
@@ -9155,20 +12459,20 @@ void bench_sphincsKeySign(byte level, byte optim)
          * outside wolfcrypt.
          */
         return (double)rusage.ru_utime.tv_sec +
-            (double)rusage.ru_utime.tv_usec / 1000000.0;
+            (double)rusage.ru_utime.tv_usec / MILLION_VALUE;
     }
 
     static void check_for_excessive_stime(const char *desc,
                                           const char *desc_extra)
     {
         double start_utime = (double)base_rusage.ru_utime.tv_sec +
-            (double)base_rusage.ru_utime.tv_usec / 1000000.0;
+            (double)base_rusage.ru_utime.tv_usec / MILLION_VALUE;
         double start_stime = (double)base_rusage.ru_stime.tv_sec +
-            (double)base_rusage.ru_stime.tv_usec / 1000000.0;
+            (double)base_rusage.ru_stime.tv_usec / MILLION_VALUE;
         double cur_utime = (double)cur_rusage.ru_utime.tv_sec +
-            (double)cur_rusage.ru_utime.tv_usec / 1000000.0;
+            (double)cur_rusage.ru_utime.tv_usec / MILLION_VALUE;
         double cur_stime = (double)cur_rusage.ru_stime.tv_sec +
-            (double)cur_rusage.ru_stime.tv_usec / 1000000.0;
+            (double)cur_rusage.ru_stime.tv_usec / MILLION_VALUE;
         double stime_utime_ratio =
             (cur_stime - start_stime) / (cur_utime - start_utime);
         if (stime_utime_ratio > .1)
@@ -9193,13 +12497,17 @@ void bench_sphincsKeySign(byte level, byte optim)
 
     double current_time(int reset)
     {
-        struct timeval tv;
+        struct timespec tv;
 
         (void)reset;
 
-        LIBCALL_CHECK_RET(gettimeofday(&tv, 0));
+        LIBCALL_CHECK_RET(clock_gettime(CLOCK_REALTIME, &tv));
 
-        return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
+    #ifdef BENCH_MICROSECOND
+        return (double)tv.tv_sec * 1000000 + (double)tv.tv_nsec / 1000;
+    #else
+        return (double)tv.tv_sec + (double)tv.tv_nsec / 1000000000;
+    #endif
     }
 
 #endif /* _WIN32 */
@@ -9207,9 +12515,12 @@ void bench_sphincsKeySign(byte level, byte optim)
 #if defined(HAVE_GET_CYCLES)
 
     #if defined(WOLFSSL_ESPIDF)
-        static WC_INLINE word64 get_xtensa_cycles(void)
+        /* Generic CPU cycle counter for either Xtensa or RISC-V */
+        static WC_INLINE word64 esp_get_cpu_benchmark_cycles(void)
         {
-            return xthal_get_ccount_ex();
+            /* Reminder for long duration between calls with
+             * multiple overflows will not be detected. */
+            return esp_get_cycle_count_ex();
         }
 
     /* implement other architectures here */
@@ -9279,6 +12590,7 @@ static void Usage(void)
 
     printf("benchmark\n");
     printf("%s", bench_Usage_msg1[lng_index][e++]);    /* option -? */
+    printf("%s", bench_Usage_msg1[lng_index][e++]);    /* English / Japanese */
     printf("%s", bench_Usage_msg1[lng_index][e++]);    /* option -csv */
     printf("%s", bench_Usage_msg1[lng_index][e++]);    /* option -base10 */
 #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
@@ -9331,6 +12643,8 @@ static void Usage(void)
         print_alg(bench_digest_opt[i].str, &line);
     for (i=0; bench_mac_opt[i].str != NULL; i++)
         print_alg(bench_mac_opt[i].str, &line);
+    for (i=0; bench_kdf_opt[i].str != NULL; i++)
+        print_alg(bench_kdf_opt[i].str, &line);
     for (i=0; bench_asym_opt[i].str != NULL; i++)
         print_alg(bench_asym_opt[i].str, &line);
     for (i=0; bench_other_opt[i].str != NULL; i++)
@@ -9338,11 +12652,15 @@ static void Usage(void)
 #if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
     for (i=0; bench_pq_asym_opt[i].str != NULL; i++)
         print_alg(bench_pq_asym_opt[i].str, &line);
-#if defined(HAVE_LIBOQS)
+#if defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
     for (i=0; bench_pq_asym_opt2[i].str != NULL; i++)
         print_alg(bench_pq_asym_opt2[i].str, &line);
-#endif /* HAVE_LIBOQS */
+#endif /* HAVE_LIBOQS && HAVE_SPHINCS */
 #endif /* HAVE_PQC */
+#if defined(BENCH_PQ_STATEFUL_HBS)
+    for (i=0; bench_pq_hash_sig_opt[i].str != NULL; i++)
+        print_alg(bench_pq_hash_sig_opt[i].str, &line);
+#endif /* BENCH_PQ_STATEFUL_HBS */
     printf("\n");
 #endif /* !WOLFSSL_BENCHMARK_ALL */
     e++;
@@ -9353,7 +12671,21 @@ static void Usage(void)
     printf("%s", bench_Usage_msg1[lng_index][e]);   /* option -threads <num> */
 #endif
     e++;
+#ifdef WC_BENCH_TRACK_STATS
     printf("%s", bench_Usage_msg1[lng_index][e]);   /* option -print */
+#endif
+    e++;
+#ifndef NO_FILESYSTEM
+    printf("%s", bench_Usage_msg1[lng_index][e]);   /* option -hash_input */
+#endif
+    e++;
+#ifndef NO_FILESYSTEM
+    printf("%s", bench_Usage_msg1[lng_index][e]);   /* option -cipher_input */
+#endif
+#ifdef MULTI_VALUE_STATISTICS
+    e++;
+    printf("%s", bench_Usage_msg1[lng_index][e]);   /* option -min_runs */
+#endif
 }
 
 /* Match the command line argument with the string.
@@ -9391,25 +12723,18 @@ static int string_matches(const char* arg, const char* str)
 
     #endif
 {
+    /* Code for main() or wolf_benchmark_task() */
     #ifdef WOLFSSL_ESPIDF
         int argc = construct_argv();
         char** argv = (char**)__argv;
-
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-        ESP_ERROR_CHECK(gptimer_new_timer(&esp_timer_config, &esp_gptimer));
-        ESP_LOGI(TAG, "Enable ESP32-C3 timer ");
-        ESP_ERROR_CHECK(gptimer_enable(esp_gptimer));
-        ESP_ERROR_CHECK(gptimer_start(esp_gptimer));
-    #endif
     #elif defined(MAIN_NO_ARGS)
         int argc = 0;
         char** argv = NULL;
-
     #endif
 
     return wolfcrypt_benchmark_main(argc, argv);
 }
-#endif /* NO_MAIN_DRIVER && NO_MAIN_FUNCTION */
+#endif /* !NO_MAIN_DRIVER && !NO_MAIN_FUNCTION */
 
 int wolfcrypt_benchmark_main(int argc, char** argv)
 {
@@ -9519,6 +12844,8 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                 }
             }
         }
+#endif
+#ifdef WC_BENCH_TRACK_STATS
         else if (string_matches(argv[1], "-print")) {
             gPrintStats = 1;
         }
@@ -9529,6 +12856,29 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
             if (argc > 1)
                 numBlocks = XATOI(argv[1]);
         }
+#ifndef NO_FILESYSTEM
+        else if (string_matches(argv[1], "-hash_input")) {
+            argc--;
+            argv++;
+            if (argc > 1)
+                hash_input = argv[1];
+        }
+        else if (string_matches(argv[1], "-cipher_input")) {
+            argc--;
+            argv++;
+            if (argc > 1)
+                cipher_input = argv[1];
+        }
+#endif
+#ifdef MULTI_VALUE_STATISTICS
+        else if (string_matches(argv[1], "-min_runs")) {
+            argc--;
+            argv++;
+            if (argc > 1) {
+                minimum_runs = XATOI(argv[1]);
+            }
+        }
+#endif
         else if (argv[1][0] == '-') {
             optMatched = 0;
 #ifndef WOLFSSL_BENCHMARK_ALL
@@ -9557,6 +12907,14 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                     optMatched = 1;
                 }
             }
+            /* Known KDF algorithms */
+            for (i=0; !optMatched && bench_kdf_opt[i].str != NULL; i++) {
+                if (string_matches(argv[1], bench_kdf_opt[i].str)) {
+                    bench_kdf_algs |= bench_kdf_opt[i].val;
+                    bench_all = 0;
+                    optMatched = 1;
+                }
+            }
             /* Known asymmetric algorithms */
             for (i=0; !optMatched && bench_asym_opt[i].str != NULL; i++) {
                 if (string_matches(argv[1], bench_asym_opt[i].str)) {
@@ -9574,6 +12932,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                     optMatched = 1;
                 }
             }
+        #ifdef HAVE_SPHINCS
             /* Both bench_pq_asym_opt and bench_pq_asym_opt2 are looking for
              * -pq, so we need to do a special case for -pq since optMatched
              * was set to 1 just above. */
@@ -9589,6 +12948,7 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                     optMatched = 1;
                 }
             }
+        #endif
         #endif /* HAVE_PQC */
             /* Other known cryptographic algorithms */
             for (i=0; !optMatched && bench_other_opt[i].str != NULL; i++) {
@@ -9598,6 +12958,17 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
                     optMatched = 1;
                 }
             }
+
+        #if defined(BENCH_PQ_STATEFUL_HBS)
+            /* post-quantum stateful hash-based signatures */
+            for (i=0; !optMatched && bench_pq_hash_sig_opt[i].str != NULL; i++) {
+                if (string_matches(argv[1], bench_pq_hash_sig_opt[i].str)) {
+                    bench_pq_hash_sig_algs |= bench_pq_hash_sig_opt[i].val;
+                    bench_all = 0;
+                    optMatched = 1;
+                }
+            }
+        #endif /* BENCH_PQ_STATEFUL_HBS */
 #endif
             if (!optMatched) {
                 printf("Option not recognized: %s\n", argv[1]);
@@ -9628,6 +12999,22 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
     else
 #endif
     {
+    #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+        defined(CONFIG_IDF_TARGET_ESP32C3) || \
+        defined(CONFIG_IDF_TARGET_ESP32C6)
+        {
+        #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+            if (esp_gptimer == NULL) {
+                ESP_ERROR_CHECK(gptimer_new_timer(&esp_timer_config,
+                                                  &esp_gptimer)     );
+            }
+            ESP_ERROR_CHECK(gptimer_enable(esp_gptimer));
+            ESP_ERROR_CHECK(gptimer_start(esp_gptimer));
+            ESP_LOGI(TAG, "Enable %s timer", CONFIG_IDF_TARGET);
+        #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+        }
+    #endif
+
     #ifdef HAVE_STACK_SIZE
         ret = StackSizeCheck(NULL, benchmark_test);
     #else
@@ -9635,6 +13022,17 @@ int wolfcrypt_benchmark_main(int argc, char** argv)
     #endif
     }
 
+    #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+        defined(CONFIG_IDF_TARGET_ESP32C3) || \
+        defined(CONFIG_IDF_TARGET_ESP32C6)
+        {
+            #ifdef WOLFSSL_BENCHMARK_TIMER_DEBUG
+                ESP_ERROR_CHECK(gptimer_stop(esp_gptimer));
+                ESP_ERROR_CHECK(gptimer_disable(esp_gptimer));
+            #endif /* WOLFSSL_BENCHMARK_TIMER_DEBUG */
+        }
+    #endif
+
     return ret;
 }
 #endif /* !NO_MAIN_DRIVER */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
index f119fc96..cefef7ca 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.h
@@ -51,7 +51,7 @@ void bench_chacha(void);
 void bench_chacha20_poly1305_aead(void);
 void bench_aescbc(int useDeviceID);
 void bench_aesgcm(int useDeviceID);
-void bench_gmac(void);
+void bench_gmac(int useDeviceID);
 void bench_aesccm(int useDeviceID);
 void bench_aesecb(int useDeviceID);
 void bench_aesxts(void);
@@ -61,6 +61,9 @@ void bench_aesofb(void);
 void bench_aessiv(void);
 void bench_poly1305(void);
 void bench_camellia(void);
+void bench_sm4_cbc(void);
+void bench_sm4_gcm(void);
+void bench_sm4_ccm(void);
 void bench_md5(int useDeviceID);
 void bench_sha(int useDeviceID);
 void bench_sha224(int useDeviceID);
@@ -81,6 +84,7 @@ void bench_sha3_384(int useDeviceID);
 void bench_sha3_512(int useDeviceID);
 void bench_shake128(int useDeviceID);
 void bench_shake256(int useDeviceID);
+void bench_sm3(int useDeviceID);
 void bench_ripemd(void);
 void bench_cmac(int useDeviceID);
 void bench_scrypt(void);
@@ -91,16 +95,20 @@ void bench_hmac_sha256(int useDeviceID);
 void bench_hmac_sha384(int useDeviceID);
 void bench_hmac_sha512(int useDeviceID);
 void bench_siphash(void);
+void bench_srtpkdf(void);
 void bench_rsaKeyGen(int useDeviceID);
 void bench_rsaKeyGen_size(int useDeviceID, word32 keySz);
 void bench_rsa(int useDeviceID);
 void bench_rsa_key(int useDeviceID, word32 keySz);
 void bench_dh(int useDeviceID);
 void bench_kyber(int type);
+void bench_lms(void);
+void bench_xmss(void);
 void bench_ecc_curve(int curveId);
 void bench_eccMakeKey(int useDeviceID, int curveId);
 void bench_ecc(int useDeviceID, int curveId);
 void bench_eccEncrypt(int curveId);
+void bench_sm2(int useDeviceID);
 void bench_curve25519KeyGen(int useDeviceID);
 void bench_curve25519KeyAgree(int useDeviceID);
 void bench_ed25519KeyGen(void);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
index 3d65da23..a194b71c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
+++ b/extra/wolfssl/wolfssl/wolfcrypt/benchmark/benchmark.vcxproj
@@ -146,7 +146,7 @@
       <SubSystem>Console</SubSystem>
       <OptimizeReferences>true</OptimizeReferences>
       <EnableCOMDATFolding>true</EnableCOMDATFolding>
-      <TargetMachine>MachineX86</TargetMachine>
+      <TargetMachine>MachineX64</TargetMachine>
     </Link>
   </ItemDefinitionGroup>
   <ItemGroup>
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
index 7815efa3..d4e44d73 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes.c
@@ -76,223 +76,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     #include <wolfssl/wolfcrypt/port/nxp/se050_port.h>
 #endif
 
-#ifdef WOLFSSL_AES_SIV
+#if defined(WOLFSSL_AES_SIV)
     #include <wolfssl/wolfcrypt/cmac.h>
-#endif
+#endif /* WOLFSSL_AES_SIV */
 
 #if defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
     #include <wolfssl/wolfcrypt/port/psa/psa.h>
 #endif
 
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    int wc_AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv,
-                              int dir)
-    {
-        if (aes == NULL ||  !( (len == 16) || (len == 24) || (len == 32)) ) {
-            return BAD_FUNC_ARG;
-        }
-
-        return AesSetKey_fips(aes, key, len, iv, dir);
-    }
-    int wc_AesSetIV(Aes* aes, const byte* iv)
-    {
-        if (aes == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        return AesSetIV_fips(aes, iv);
-    }
-    #ifdef HAVE_AES_CBC
-        int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-        {
-            if (aes == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            return AesCbcEncrypt_fips(aes, out, in, sz);
-        }
-        #ifdef HAVE_AES_DECRYPT
-            int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-            {
-                if (aes == NULL || out == NULL || in == NULL
-                                            || sz % AES_BLOCK_SIZE != 0) {
-                    return BAD_FUNC_ARG;
-                }
-
-                return AesCbcDecrypt_fips(aes, out, in, sz);
-            }
-        #endif /* HAVE_AES_DECRYPT */
-    #endif /* HAVE_AES_CBC */
-
-    /* AES-CTR */
-    #ifdef WOLFSSL_AES_COUNTER
-        int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-        {
-            if (aes == NULL || out == NULL || in == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            return AesCtrEncrypt(aes, out, in, sz);
-        }
-    #endif
-
-    /* AES-DIRECT */
-    #if defined(WOLFSSL_AES_DIRECT)
-        void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
-        {
-            AesEncryptDirect(aes, out, in);
-        }
-
-        #ifdef HAVE_AES_DECRYPT
-            void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
-            {
-                AesDecryptDirect(aes, out, in);
-            }
-        #endif /* HAVE_AES_DECRYPT */
-
-        int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
-                                        const byte* iv, int dir)
-        {
-            return AesSetKeyDirect(aes, key, len, iv, dir);
-        }
-    #endif /* WOLFSSL_AES_DIRECT */
-
-    /* AES-GCM */
-    #ifdef HAVE_AESGCM
-        int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
-        {
-            if (aes == NULL || !( (len == 16) || (len == 24) || (len == 32)) ) {
-                return BAD_FUNC_ARG;
-            }
-
-            return AesGcmSetKey_fips(aes, key, len);
-        }
-        int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                                      const byte* iv, word32 ivSz,
-                                      byte* authTag, word32 authTagSz,
-                                      const byte* authIn, word32 authInSz)
-        {
-            if (aes == NULL || authTagSz > AES_BLOCK_SIZE ||
-                        authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
-                        ivSz == 0 || ivSz > AES_BLOCK_SIZE) {
-                return BAD_FUNC_ARG;
-            }
-
-            return AesGcmEncrypt_fips(aes, out, in, sz, iv, ivSz, authTag,
-                authTagSz, authIn, authInSz);
-        }
-
-        #ifdef HAVE_AES_DECRYPT
-            int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                                          const byte* iv, word32 ivSz,
-                                          const byte* authTag, word32 authTagSz,
-                                          const byte* authIn, word32 authInSz)
-            {
-                if (aes == NULL || out == NULL || in == NULL || iv == NULL
-                        || authTag == NULL || authTagSz > AES_BLOCK_SIZE ||
-                        ivSz == 0 || ivSz > AES_BLOCK_SIZE) {
-                    return BAD_FUNC_ARG;
-                }
-
-                return AesGcmDecrypt_fips(aes, out, in, sz, iv, ivSz, authTag,
-                    authTagSz, authIn, authInSz);
-            }
-        #endif /* HAVE_AES_DECRYPT */
-
-        int wc_GmacSetKey(Gmac* gmac, const byte* key, word32 len)
-        {
-            if (gmac == NULL || key == NULL || !((len == 16) ||
-                                (len == 24) || (len == 32)) ) {
-                return BAD_FUNC_ARG;
-            }
-
-            return GmacSetKey(gmac, key, len);
-        }
-        int wc_GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz,
-                                      const byte* authIn, word32 authInSz,
-                                      byte* authTag, word32 authTagSz)
-        {
-            if (gmac == NULL || authTagSz > AES_BLOCK_SIZE ||
-                               authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
-                return BAD_FUNC_ARG;
-            }
-
-            return GmacUpdate(gmac, iv, ivSz, authIn, authInSz,
-                              authTag, authTagSz);
-        }
-    #endif /* HAVE_AESGCM */
-
-    /* AES-CCM */
-    #if defined(HAVE_AESCCM) && \
-        defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
-        int wc_AesCcmSetKey(Aes* aes, const byte* key, word32 keySz)
-        {
-            return AesCcmSetKey(aes, key, keySz);
-        }
-        int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
-                                      const byte* nonce, word32 nonceSz,
-                                      byte* authTag, word32 authTagSz,
-                                      const byte* authIn, word32 authInSz)
-        {
-            /* sanity check on arguments */
-            if (aes == NULL || out == NULL || in == NULL || nonce == NULL
-                    || authTag == NULL || nonceSz < 7 || nonceSz > 13)
-                return BAD_FUNC_ARG;
-
-            AesCcmEncrypt(aes, out, in, inSz, nonce, nonceSz, authTag,
-                authTagSz, authIn, authInSz);
-            return 0;
-        }
-
-        #ifdef HAVE_AES_DECRYPT
-            int  wc_AesCcmDecrypt(Aes* aes, byte* out,
-                const byte* in, word32 inSz,
-                const byte* nonce, word32 nonceSz,
-                const byte* authTag, word32 authTagSz,
-                const byte* authIn, word32 authInSz)
-            {
-
-                if (aes == NULL || out == NULL || in == NULL || nonce == NULL
-                    || authTag == NULL || nonceSz < 7 || nonceSz > 13) {
-                        return BAD_FUNC_ARG;
-                }
-
-                return AesCcmDecrypt(aes, out, in, inSz, nonce, nonceSz,
-                    authTag, authTagSz, authIn, authInSz);
-            }
-        #endif /* HAVE_AES_DECRYPT */
-    #endif /* HAVE_AESCCM && HAVE_FIPS_VERSION 2 */
-
-    int wc_AesInit(Aes* aes, void* h, int i)
-    {
-        if (aes == NULL)
-            return BAD_FUNC_ARG;
-
-        (void)h;
-        (void)i;
-
-        /* FIPS doesn't support */
-    #ifdef WOLFSSL_KCAPI_AES
-        return AesInit(aes, h, i);
-    #else
-        return 0;
-    #endif
-    }
-    void wc_AesFree(Aes* aes)
-    {
-        (void)aes;
-        /* FIPS doesn't support */
-    #ifdef WOLFSSL_KCAPI_AES
-        AesFree(aes);
-    #endif
-    }
-
-#else /* else build without fips, or for FIPS v2+ */
-
-
 #if defined(WOLFSSL_TI_CRYPT)
     #include <wolfcrypt/src/port/ti/ti-aes.c>
 #else
@@ -323,7 +114,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     #pragma warning(disable: 4127)
 #endif
 
-
 /* Define AES implementation includes and functions */
 #if defined(STM32_CRYPTO)
      /* STM32F2/F4/F7/L4/L5/H7/WB55 hardware AES support for ECB, CBC, CTR and GCM modes */
@@ -341,6 +131,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         CRYP_KeyInitTypeDef keyInit;
     #endif
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
     #ifdef WOLFSSL_STM32_CUBEMX
         ret = wc_Stm32_Aes_Init(aes, &hcryp);
         if (ret != 0)
@@ -417,6 +213,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         CRYP_Cmd(DISABLE);
     #endif /* WOLFSSL_STM32_CUBEMX */
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -435,6 +232,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         CRYP_KeyInitTypeDef keyInit;
     #endif
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
     #ifdef WOLFSSL_STM32_CUBEMX
         ret = wc_Stm32_Aes_Init(aes, &hcryp);
         if (ret != 0)
@@ -520,6 +323,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         CRYP_Cmd(DISABLE);
     #endif /* WOLFSSL_STM32_CUBEMX */
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -550,6 +354,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
             if (ret != 0)
                 return ret;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+            ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+#endif
+
             if (wolfSSL_CryptHwMutexLock() == 0) {
                 LTC_AES_EncryptEcb(LTC_BASE, inBlock, outBlock, AES_BLOCK_SIZE,
                     key, keySize);
@@ -567,6 +377,12 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
             if (ret != 0)
                 return ret;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+            ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+#endif
+
             if (wolfSSL_CryptHwMutexLock() == 0) {
                 LTC_AES_DecryptEcb(LTC_BASE, inBlock, outBlock, AES_BLOCK_SIZE,
                     key, keySize, kLTC_EncryptKey);
@@ -591,6 +407,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesEncrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
         if (wolfSSL_CryptHwMutexLock() == 0) {
         #ifdef FREESCALE_MMCAU_CLASSIC
             if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
@@ -610,6 +434,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesDecrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
         if (wolfSSL_CryptHwMutexLock() == 0) {
         #ifdef FREESCALE_MMCAU_CLASSIC
             if ((wc_ptr_t)outBlock % WOLFSSL_MMCAU_ALIGNMENT) {
@@ -635,6 +466,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesEncrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
         /* Thread mutex protection handled in Pic32Crypto */
         return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
             outBlock, inBlock, AES_BLOCK_SIZE,
@@ -646,6 +484,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesDecrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
         /* Thread mutex protection handled in Pic32Crypto */
         return wc_Pic32AesCrypt(aes->key, aes->keylen, NULL, 0,
             outBlock, inBlock, AES_BLOCK_SIZE,
@@ -661,6 +506,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
         int ret;
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
         ret = wolfSSL_CryptHwMutexLock();
         if (ret == 0) {
             ret = nrf51_aes_encrypt(inBlock, (byte*)aes->key, aes->rounds,
@@ -674,26 +526,71 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         #error nRF51 AES Hardware does not support decrypt
     #endif /* HAVE_AES_DECRYPT */
 
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+#elif defined(WOLFSSL_ESP32_CRYPT) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+    #include <esp_log.h>
+    #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+    const char* TAG = "aes";
 
-    #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
-
-    #if defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT)
-    static WARN_UNUSED_RESULT int wc_AesEncrypt(
+    /* We'll use SW for fallback:
+     *   unsupported key lengths. (e.g. ESP32-S3)
+     *   chipsets not implemented.
+     *   hardware busy. */
+    #define NEED_AES_TABLES
+    #define NEED_AES_HW_FALLBACK
+    #define NEED_SOFTWARE_AES_SETKEY
+    #undef  WOLFSSL_AES_DIRECT
+    #define WOLFSSL_AES_DIRECT
+
+    /* Encrypt: If we choose to never have a fallback to SW: */
+    #if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT))
+    static WARN_UNUSED_RESULT int wc_AesEncrypt( /* calling this one when NO_AES_192 is defined */
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+        int ret;
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
         /* Thread mutex protection handled in esp_aes_hw_InUse */
-        return wc_esp32AesEncrypt(aes, inBlock, outBlock);
+    #ifdef NEED_AES_HW_FALLBACK
+        if (wc_esp32AesSupportedKeyLen(aes)) {
+            ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
+        }
+    #else
+        ret = wc_esp32AesEncrypt(aes, inBlock, outBlock);
+    #endif
+        return ret;
     }
     #endif
 
-    #if defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT)
+    /* Decrypt: If we choose to never have a fallback to SW: */
+    #if !defined(NEED_AES_HW_FALLBACK) && (defined(HAVE_AES_DECRYPT) && defined(WOLFSSL_AES_DIRECT))
     static WARN_UNUSED_RESULT int wc_AesDecrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+        int ret = 0;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
         /* Thread mutex protection handled in esp_aes_hw_InUse */
-       return wc_esp32AesDecrypt(aes, inBlock, outBlock);
+    #ifdef NEED_AES_HW_FALLBACK
+        if (wc_esp32AesSupportedKeyLen(aes)) {
+            ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
+        }
+        else {
+            ret = wc_AesDecrypt_SW(aes, inBlock, outBlock);
+        }
+    #else
+        /* if we don't need fallback, always use HW */
+        ret = wc_esp32AesDecrypt(aes, inBlock, outBlock);
+    #endif
+        return ret;
     }
     #endif
 
@@ -709,7 +606,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         #define AESNI_ALIGN 16
     #endif
 
-    static int checkAESNI = 0;
+    static int checkedAESNI = 0;
     static int haveAESNI  = 0;
     static word32 intel_flags = 0;
 
@@ -724,71 +621,73 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     /* tell C compiler these are asm functions in case any mix up of ABI underscore
        prefix between clang/gcc/llvm etc */
     #ifdef HAVE_AES_CBC
-        void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
+        void AES_CBC_encrypt_AESNI(const unsigned char* in, unsigned char* out,
                              unsigned char* ivec, unsigned long length,
                              const unsigned char* KS, int nr)
-                             XASM_LINK("AES_CBC_encrypt");
+                             XASM_LINK("AES_CBC_encrypt_AESNI");
 
         #ifdef HAVE_AES_DECRYPT
             #if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
-                void AES_CBC_decrypt_by4(const unsigned char* in, unsigned char* out,
+                void AES_CBC_decrypt_AESNI_by4(const unsigned char* in, unsigned char* out,
                                          unsigned char* ivec, unsigned long length,
                                          const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_by4");
+                                         XASM_LINK("AES_CBC_decrypt_AESNI_by4");
             #elif defined(WOLFSSL_AESNI_BY6)
-                void AES_CBC_decrypt_by6(const unsigned char* in, unsigned char* out,
+                void AES_CBC_decrypt_AESNI_by6(const unsigned char* in, unsigned char* out,
                                          unsigned char* ivec, unsigned long length,
                                          const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_by6");
+                                         XASM_LINK("AES_CBC_decrypt_AESNI_by6");
             #else /* WOLFSSL_AESNI_BYx */
-                void AES_CBC_decrypt_by8(const unsigned char* in, unsigned char* out,
+                void AES_CBC_decrypt_AESNI_by8(const unsigned char* in, unsigned char* out,
                                          unsigned char* ivec, unsigned long length,
                                          const unsigned char* KS, int nr)
-                                         XASM_LINK("AES_CBC_decrypt_by8");
+                                         XASM_LINK("AES_CBC_decrypt_AESNI_by8");
             #endif /* WOLFSSL_AESNI_BYx */
         #endif /* HAVE_AES_DECRYPT */
     #endif /* HAVE_AES_CBC */
 
-    void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
+    void AES_ECB_encrypt_AESNI(const unsigned char* in, unsigned char* out,
                          unsigned long length, const unsigned char* KS, int nr)
-                         XASM_LINK("AES_ECB_encrypt");
+                         XASM_LINK("AES_ECB_encrypt_AESNI");
 
     #ifdef HAVE_AES_DECRYPT
-        void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
+        void AES_ECB_decrypt_AESNI(const unsigned char* in, unsigned char* out,
                              unsigned long length, const unsigned char* KS, int nr)
-                             XASM_LINK("AES_ECB_decrypt");
+                             XASM_LINK("AES_ECB_decrypt_AESNI");
     #endif
 
-    void AES_128_Key_Expansion(const unsigned char* userkey,
+    void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
                                unsigned char* key_schedule)
-                               XASM_LINK("AES_128_Key_Expansion");
+                               XASM_LINK("AES_128_Key_Expansion_AESNI");
 
-    void AES_192_Key_Expansion(const unsigned char* userkey,
+    void AES_192_Key_Expansion_AESNI(const unsigned char* userkey,
                                unsigned char* key_schedule)
-                               XASM_LINK("AES_192_Key_Expansion");
+                               XASM_LINK("AES_192_Key_Expansion_AESNI");
 
-    void AES_256_Key_Expansion(const unsigned char* userkey,
+    void AES_256_Key_Expansion_AESNI(const unsigned char* userkey,
                                unsigned char* key_schedule)
-                               XASM_LINK("AES_256_Key_Expansion");
+                               XASM_LINK("AES_256_Key_Expansion_AESNI");
 
 
-    static WARN_UNUSED_RESULT int AES_set_encrypt_key(
+    static WARN_UNUSED_RESULT int AES_set_encrypt_key_AESNI(
         const unsigned char *userKey, const int bits, Aes* aes)
     {
         int ret;
 
+        ASSERT_SAVED_VECTOR_REGISTERS();
+
         if (!userKey || !aes)
             return BAD_FUNC_ARG;
 
         switch (bits) {
             case 128:
-               AES_128_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 10;
+               AES_128_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 10;
                return 0;
             case 192:
-               AES_192_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 12;
+               AES_192_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 12;
                return 0;
             case 256:
-               AES_256_Key_Expansion (userKey,(byte*)aes->key); aes->rounds = 14;
+               AES_256_Key_Expansion_AESNI (userKey,(byte*)aes->key); aes->rounds = 14;
                return 0;
             default:
                 ret = BAD_FUNC_ARG;
@@ -798,7 +697,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     }
 
     #ifdef HAVE_AES_DECRYPT
-        static WARN_UNUSED_RESULT int AES_set_decrypt_key(
+        static WARN_UNUSED_RESULT int AES_set_decrypt_key_AESNI(
             const unsigned char* userKey, const int bits, Aes* aes)
         {
             word32 nr;
@@ -810,6 +709,8 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
             __m128i *Key_Schedule;
             __m128i *Temp_Key_Schedule;
 
+            ASSERT_SAVED_VECTOR_REGISTERS();
+
             if (!userKey || !aes)
                 return BAD_FUNC_ARG;
 
@@ -819,7 +720,7 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
                 return MEMORY_E;
 #endif
 
-            if (AES_set_encrypt_key(userKey,bits,temp_key) == BAD_FUNC_ARG) {
+            if (AES_set_encrypt_key_AESNI(userKey,bits,temp_key) == BAD_FUNC_ARG) {
 #ifdef WOLFSSL_SMALL_STACK
                 XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES);
 #endif
@@ -832,12 +733,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
             nr = temp_key->rounds;
             aes->rounds = nr;
 
-#ifdef WOLFSSL_SMALL_STACK
-            SAVE_VECTOR_REGISTERS(XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES); return _svr_ret;);
-#else
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-#endif
-
             Key_Schedule[nr] = Temp_Key_Schedule[0];
             Key_Schedule[nr-1] = _mm_aesimc_si128(Temp_Key_Schedule[1]);
             Key_Schedule[nr-2] = _mm_aesimc_si128(Temp_Key_Schedule[2]);
@@ -861,8 +756,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
 
             Key_Schedule[0] = Temp_Key_Schedule[nr];
 
-            RESTORE_VECTOR_REGISTERS();
-
 #ifdef WOLFSSL_SMALL_STACK
             XFREE(temp_key, aes->heap, DYNAMIC_TYPE_AES);
 #endif
@@ -878,6 +771,14 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
         static WARN_UNUSED_RESULT int wc_AesEncrypt(
             Aes* aes, const byte* inBlock, byte* outBlock)
         {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+            {
+                int ret =
+                    wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+                if (ret < 0)
+                    return ret;
+            }
+#endif
             return wc_AesEncryptDirect(aes, outBlock, inBlock);
         }
 
@@ -1020,6 +921,13 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesEncrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
         return AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
     }
     #endif
@@ -1028,22 +936,30 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     static WARN_UNUSED_RESULT int wc_AesDecrypt(
         Aes* aes, const byte* inBlock, byte* outBlock)
     {
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
         return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
     }
     #endif
 
 #elif defined(WOLFSSL_KCAPI_AES)
-    /* Only CBC and GCM that are in wolfcrypt/src/port/kcapi/kcapi_aes.c */
+    /* Only CBC and GCM are in wolfcrypt/src/port/kcapi/kcapi_aes.c */
     #if defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AESCCM) || \
         defined(WOLFSSL_CMAC) || defined(WOLFSSL_AES_OFB) || \
         defined(WOLFSSL_AES_CFB) || defined(HAVE_AES_ECB) || \
-        defined(WOLFSSL_AES_DIRECT) || \
+        defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_XTS) || \
         (defined(HAVE_AES_CBC) && defined(WOLFSSL_NO_KCAPI_AES_CBC))
 
         #define NEED_AES_TABLES
     #endif
 #elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
 /* implemented in wolfcrypt/src/port/psa/psa_aes.c */
+
 #else
 
     /* using wolfCrypt software implementation */
@@ -1054,12 +970,17 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
 
 #ifdef NEED_AES_TABLES
 
+#ifndef WC_AES_BITSLICED
+#if !defined(WOLFSSL_SILABS_SE_ACCEL) ||  \
+     defined(NO_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES) || \
+     defined(NEED_AES_HW_FALLBACK)
 static const FLASH_QUALIFIER word32 rcon[] = {
     0x01000000, 0x02000000, 0x04000000, 0x08000000,
     0x10000000, 0x20000000, 0x40000000, 0x80000000,
     0x1B000000, 0x36000000,
     /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
 };
+#endif
 
 #ifndef WOLFSSL_AES_SMALL_TABLES
 static const FLASH_QUALIFIER word32 Te[4][256] = {
@@ -1329,7 +1250,7 @@ static const FLASH_QUALIFIER word32 Te[4][256] = {
 }
 };
 
-#ifdef HAVE_AES_DECRYPT
+#if defined(HAVE_AES_DECRYPT) && !defined(WOLFSSL_SILABS_SE_ACCEL)
 static const FLASH_QUALIFIER word32 Td[4][256] = {
 {
     0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
@@ -1601,8 +1522,9 @@ static const FLASH_QUALIFIER word32 Td[4][256] = {
 #endif /* WOLFSSL_AES_SMALL_TABLES */
 
 #ifdef HAVE_AES_DECRYPT
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) \
-            || defined(WOLFSSL_AES_DIRECT)
+#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC) && \
+                              !defined(WOLFSSL_SILABS_SE_ACCEL)) || \
+    defined(WOLFSSL_AES_DIRECT)
 static const FLASH_QUALIFIER byte Td4[256] =
 {
     0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
@@ -1701,12 +1623,15 @@ static WARN_UNUSED_RESULT word32 inv_col_mul(
     byte t0 = t9 ^ tb ^ td;
     return t0 ^ AES_XTIME(AES_XTIME(AES_XTIME(t0 ^ te) ^ td ^ te) ^ tb ^ te);
 }
-#endif
+#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
+#endif /* WOLFSSL_AES_SMALL_TABLES */
 #endif
 
 #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT) || \
                                     defined(HAVE_AESCCM) || defined(HAVE_AESGCM)
 
+#ifndef WC_AES_BITSLICED
+
 #ifndef WC_CACHE_LINE_SZ
     #if defined(__x86_64__) || defined(_M_X64) || \
        (defined(__ILP32__) && (__ILP32__ >= 1))
@@ -1763,25 +1688,25 @@ static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchSBox(void)
 
 #ifdef WOLFSSL_AES_TOUCH_LINES
 #if WC_CACHE_LINE_SZ == 128
-    #define WC_CACHE_LINE_BITS 5
-    #define WC_CACHE_LINE_MASK_HI 0xe0
-    #define WC_CACHE_LINE_MASK_LO 0x1f
-    #define WC_CACHE_LINE_ADD     0x20
+    #define WC_CACHE_LINE_BITS      5
+    #define WC_CACHE_LINE_MASK_HI   0xe0
+    #define WC_CACHE_LINE_MASK_LO   0x1f
+    #define WC_CACHE_LINE_ADD       0x20
 #elif WC_CACHE_LINE_SZ == 64
-    #define WC_CACHE_LINE_BITS 4
-    #define WC_CACHE_LINE_MASK_HI 0xf0
-    #define WC_CACHE_LINE_MASK_LO 0x0f
-    #define WC_CACHE_LINE_ADD     0x10
+    #define WC_CACHE_LINE_BITS      4
+    #define WC_CACHE_LINE_MASK_HI   0xf0
+    #define WC_CACHE_LINE_MASK_LO   0x0f
+    #define WC_CACHE_LINE_ADD       0x10
 #elif WC_CACHE_LINE_SZ == 32
-    #define WC_CACHE_LINE_BITS 3
-    #define WC_CACHE_LINE_MASK_HI 0xf8
-    #define WC_CACHE_LINE_MASK_LO 0x07
-    #define WC_CACHE_LINE_ADD     0x08
-#elif WC_CACHE_LINE_SZ = 16
-    #define WC_CACHE_LINE_BITS 2
-    #define WC_CACHE_LINE_MASK_HI 0xfc
-    #define WC_CACHE_LINE_MASK_LO 0x03
-    #define WC_CACHE_LINE_ADD     0x04
+    #define WC_CACHE_LINE_BITS      3
+    #define WC_CACHE_LINE_MASK_HI   0xf8
+    #define WC_CACHE_LINE_MASK_LO   0x07
+    #define WC_CACHE_LINE_ADD       0x08
+#elif WC_CACHE_LINE_SZ == 16
+    #define WC_CACHE_LINE_BITS      2
+    #define WC_CACHE_LINE_MASK_HI   0xfc
+    #define WC_CACHE_LINE_MASK_LO   0x03
+    #define WC_CACHE_LINE_ADD       0x04
 #else
     #error Cache line size not supported
 #endif
@@ -1967,6 +1892,7 @@ static word32 GetTable8_4(const byte* t, byte o0, byte o1, byte o2, byte o3)
 }
 #endif
 #else
+
 #define GetTable(t, o)  t[o]
 #define GetTable8(t, o) t[o]
 #define GetTable_Multi(t, t0, o0, t1, o1, t2, o2, t3, o3)  \
@@ -1978,83 +1904,24 @@ static word32 GetTable8_4(const byte* t, byte o0, byte o1, byte o2, byte o3)
      ((word32)(t)[o2] <<  8) | ((word32)(t)[o3] <<  0))
 #endif
 
-/* Software AES - ECB Encrypt */
-static WARN_UNUSED_RESULT int wc_AesEncrypt(
-    Aes* aes, const byte* inBlock, byte* outBlock)
+/* Encrypt a block using AES.
+ *
+ * @param [in]  aes       AES object.
+ * @param [in]  inBlock   Block to encrypt.
+ * @param [out] outBlock  Encrypted block.
+ * @param [in]  r         Rounds divided by 2.
+ */
+static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+        word32 r)
 {
     word32 s0, s1, s2, s3;
     word32 t0, t1, t2, t3;
-    word32 r = aes->rounds >> 1;
-    const word32* rk = aes->key;
-
-    if (r > 7 || r == 0) {
-        WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
-        return KEYUSAGE_E;
-    }
-
-#ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
-        #ifdef DEBUG_AESNI
-            printf("about to aes encrypt\n");
-            printf("in  = %p\n", inBlock);
-            printf("out = %p\n", outBlock);
-            printf("aes->key = %p\n", aes->key);
-            printf("aes->rounds = %d\n", aes->rounds);
-            printf("sz = %d\n", AES_BLOCK_SIZE);
-        #endif
-
-        /* check alignment, decrypt doesn't need alignment */
-        if ((wc_ptr_t)inBlock % AESNI_ALIGN) {
-        #ifndef NO_WOLFSSL_ALLOC_ALIGN
-            byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE + AESNI_ALIGN, aes->heap,
-                                                      DYNAMIC_TYPE_TMP_BUFFER);
-            byte* tmp_align;
-            if (tmp == NULL)
-                return MEMORY_E;
-
-            tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+    const word32* rk;
 
-            XMEMCPY(tmp_align, inBlock, AES_BLOCK_SIZE);
-            AES_ECB_encrypt(tmp_align, tmp_align, AES_BLOCK_SIZE,
-                    (byte*)aes->key, (int)aes->rounds);
-            XMEMCPY(outBlock, tmp_align, AES_BLOCK_SIZE);
-            XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            return 0;
-        #else
-            WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
-            WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
-            return BAD_ALIGN_E;
-        #endif
-        }
-
-        AES_ECB_encrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
-                        (int)aes->rounds);
-
-        return 0;
-    }
-    else {
-        #ifdef DEBUG_AESNI
-            printf("Skipping AES-NI\n");
-        #endif
-    }
-#endif
-#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-    AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
-    return 0;
-#endif
-
-#if defined(WOLFSSL_IMXRT_DCP)
-    if (aes->keylen == 16) {
-        DCPAesEcbEncrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
-        return 0;
-    }
-#endif
-
-#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
-    if (aes->useSWCrypt == 0) {
-        return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
-                               AES_ENCRYPTION, kAlgorithm_SSS_AES_ECB);
-    }
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+    rk = aes->key_C_fallback;
+#else
+    rk = aes->key;
 #endif
 
     /*
@@ -2315,58 +2182,597 @@ static WARN_UNUSED_RESULT int wc_AesEncrypt(
     XMEMCPY(outBlock +     sizeof(s0), &s1, sizeof(s1));
     XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
     XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
+}
 
-    return 0;
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Encrypt a number of blocks using AES.
+ *
+ * @param [in]  aes  AES object.
+ * @param [in]  in   Block to encrypt.
+ * @param [out] out  Encrypted block.
+ * @param [in]  sz   Number of blocks to encrypt.
+ */
+static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+    word32 i;
+
+    for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+        AesEncrypt_C(aes, in, out, aes->rounds >> 1);
+        in += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+    }
 }
-#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT || HAVE_AESGCM */
+#endif
 
-#if defined(HAVE_AES_DECRYPT)
-#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC)) || \
-     defined(WOLFSSL_AES_DIRECT)
+#else
 
-#ifndef WC_NO_CACHE_RESISTANT
-#ifndef WOLFSSL_AES_SMALL_TABLES
-/* load 4 Td Tables into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd(void)
+/* Bit-sliced implementation based on work by "circuit minimization team" (CMT):
+ *   http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/CMT.html
+ */
+/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/SLP_AES_113.txt */
+static void bs_sub_bytes(bs_word u[8])
+{
+    bs_word y1, y2, y3, y4, y5, y6, y7, y8, y9;
+    bs_word y10, y11, y12, y13, y14, y15, y16, y17, y18, y19;
+    bs_word y20, y21;
+    bs_word t0, t1, t2, t3, t4, t5, t6, t7, t8, t9;
+    bs_word t10, t11, t12, t13, t14, t15, t16, t17, t18, t19;
+    bs_word t20, t21, t22, t23, t24, t25, t26, t27, t28, t29;
+    bs_word t30, t31, t32, t33, t34, t35, t36, t37, t38, t39;
+    bs_word t40, t41, t42, t43, t44, t45;
+    bs_word z0, z1, z2, z3, z4, z5, z6, z7, z8, z9;
+    bs_word z10, z11, z12, z13, z14, z15, z16, z17;
+    bs_word tc1, tc2, tc3, tc4, tc5, tc6, tc7, tc8, tc9;
+    bs_word tc10, tc11, tc12, tc13, tc14, tc16, tc17, tc18;
+    bs_word tc20, tc21, tc26;
+    bs_word U0, U1, U2, U3, U4, U5, U6, U7;
+    bs_word S0, S1, S2, S3, S4, S5, S6, S7;
+
+    U0 = u[7];
+    U1 = u[6];
+    U2 = u[5];
+    U3 = u[4];
+    U4 = u[3];
+    U5 = u[2];
+    U6 = u[1];
+    U7 = u[0];
+
+    y14 = U3 ^ U5;
+    y13 = U0 ^ U6;
+    y9 = U0 ^ U3;
+    y8 = U0 ^ U5;
+    t0 = U1 ^ U2;
+    y1 = t0 ^ U7;
+    y4 = y1 ^ U3;
+    y12 = y13 ^ y14;
+    y2 = y1 ^ U0;
+    y5 = y1 ^ U6;
+    y3 = y5 ^ y8;
+    t1 = U4 ^ y12;
+    y15 = t1 ^ U5;
+    y20 = t1 ^ U1;
+    y6 = y15 ^ U7;
+    y10 = y15 ^ t0;
+    y11 = y20 ^ y9;
+    y7 = U7 ^ y11;
+    y17 = y10 ^ y11;
+    y19 = y10 ^ y8;
+    y16 = t0 ^ y11;
+    y21 = y13 ^ y16;
+    y18 = U0 ^ y16;
+    t2 = y12 & y15;
+    t3 = y3 & y6;
+    t4 = t3 ^ t2;
+    t5 = y4 & U7;
+    t6 = t5 ^ t2;
+    t7 = y13 & y16;
+    t8 = y5 & y1;
+    t9 = t8 ^ t7;
+    t10 = y2 & y7;
+    t11 = t10 ^ t7;
+    t12 = y9 & y11;
+    t13 = y14 & y17;
+    t14 = t13 ^ t12;
+    t15 = y8 & y10;
+    t16 = t15 ^ t12;
+    t17 = t4 ^ y20;
+    t18 = t6 ^ t16;
+    t19 = t9 ^ t14;
+    t20 = t11 ^ t16;
+    t21 = t17 ^ t14;
+    t22 = t18 ^ y19;
+    t23 = t19 ^ y21;
+    t24 = t20 ^ y18;
+    t25 = t21 ^ t22;
+    t26 = t21 & t23;
+    t27 = t24 ^ t26;
+    t28 = t25 & t27;
+    t29 = t28 ^ t22;
+    t30 = t23 ^ t24;
+    t31 = t22 ^ t26;
+    t32 = t31 & t30;
+    t33 = t32 ^ t24;
+    t34 = t23 ^ t33;
+    t35 = t27 ^ t33;
+    t36 = t24 & t35;
+    t37 = t36 ^ t34;
+    t38 = t27 ^ t36;
+    t39 = t29 & t38;
+    t40 = t25 ^ t39;
+    t41 = t40 ^ t37;
+    t42 = t29 ^ t33;
+    t43 = t29 ^ t40;
+    t44 = t33 ^ t37;
+    t45 = t42 ^ t41;
+    z0 = t44 & y15;
+    z1 = t37 & y6;
+    z2 = t33 & U7;
+    z3 = t43 & y16;
+    z4 = t40 & y1;
+    z5 = t29 & y7;
+    z6 = t42 & y11;
+    z7 = t45 & y17;
+    z8 = t41 & y10;
+    z9 = t44 & y12;
+    z10 = t37 & y3;
+    z11 = t33 & y4;
+    z12 = t43 & y13;
+    z13 = t40 & y5;
+    z14 = t29 & y2;
+    z15 = t42 & y9;
+    z16 = t45 & y14;
+    z17 = t41 & y8;
+    tc1 = z15 ^ z16;
+    tc2 = z10 ^ tc1;
+    tc3 = z9 ^ tc2;
+    tc4 = z0 ^ z2;
+    tc5 = z1 ^ z0;
+    tc6 = z3 ^ z4;
+    tc7 = z12 ^ tc4;
+    tc8 = z7 ^ tc6;
+    tc9 = z8 ^ tc7;
+    tc10 = tc8 ^ tc9;
+    tc11 = tc6 ^ tc5;
+    tc12 = z3 ^ z5;
+    tc13 = z13 ^ tc1;
+    tc14 = tc4 ^ tc12;
+    S3 = tc3 ^ tc11;
+    tc16 = z6 ^ tc8;
+    tc17 = z14 ^ tc10;
+    tc18 = tc13 ^ tc14;
+    S7 = ~(z12 ^ tc18);
+    tc20 = z15 ^ tc16;
+    tc21 = tc2 ^ z11;
+    S0 = tc3 ^ tc16;
+    S6 = ~(tc10 ^ tc18);
+    S4 = tc14 ^ S3;
+    S1 = ~(S3 ^ tc16);
+    tc26 = tc17 ^ tc20;
+    S2 = ~(tc26 ^ z17);
+    S5 = tc21 ^ tc17;
+
+    u[0] = S7;
+    u[1] = S6;
+    u[2] = S5;
+    u[3] = S4;
+    u[4] = S3;
+    u[5] = S2;
+    u[6] = S1;
+    u[7] = S0;
+}
+
+#define BS_MASK_BIT_SET(w, j, bmask) \
+    (((bs_word)0 - (((w) >> (j)) & (bs_word)1)) & (bmask))
+
+#define BS_TRANS_8(t, o, w, bmask, s)                   \
+    t[o + s + 0] |= BS_MASK_BIT_SET(w, s + 0, bmask);   \
+    t[o + s + 1] |= BS_MASK_BIT_SET(w, s + 1, bmask);   \
+    t[o + s + 2] |= BS_MASK_BIT_SET(w, s + 2, bmask);   \
+    t[o + s + 3] |= BS_MASK_BIT_SET(w, s + 3, bmask);   \
+    t[o + s + 4] |= BS_MASK_BIT_SET(w, s + 4, bmask);   \
+    t[o + s + 5] |= BS_MASK_BIT_SET(w, s + 5, bmask);   \
+    t[o + s + 6] |= BS_MASK_BIT_SET(w, s + 6, bmask);   \
+    t[o + s + 7] |= BS_MASK_BIT_SET(w, s + 7, bmask)
+
+static void bs_transpose(bs_word* t, bs_word* blocks)
+{
+    bs_word bmask = 1;
+    int i;
+
+    XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
+
+    for (i = 0; i < BS_WORD_SIZE; i++) {
+        int j;
+        int o = 0;
+        for (j = 0; j < BS_BLOCK_WORDS; j++) {
+        #ifdef LITTLE_ENDIAN_ORDER
+            bs_word w = blocks[i * BS_BLOCK_WORDS + j];
+        #else
+            bs_word w = bs_bswap(blocks[i * BS_BLOCK_WORDS + j]);
+        #endif
+    #ifdef WOLFSSL_AES_NO_UNROLL
+            int k;
+            for (k = 0; k < BS_WORD_SIZE; k++) {
+                t[o + k] |= BS_MASK_BIT_SET(w, k, bmask);
+            }
+    #else
+            BS_TRANS_8(t, o, w, bmask,  0);
+        #if BS_WORD_SIZE >= 16
+            BS_TRANS_8(t, o, w, bmask,  8);
+        #endif
+        #if BS_WORD_SIZE >= 32
+            BS_TRANS_8(t, o, w, bmask, 16);
+            BS_TRANS_8(t, o, w, bmask, 24);
+        #endif
+        #if BS_WORD_SIZE >= 64
+            BS_TRANS_8(t, o, w, bmask, 32);
+            BS_TRANS_8(t, o, w, bmask, 40);
+            BS_TRANS_8(t, o, w, bmask, 48);
+            BS_TRANS_8(t, o, w, bmask, 56);
+        #endif
+    #endif
+            o += BS_WORD_SIZE;
+        }
+        bmask <<= 1;
+    }
+}
+
+#define BS_INV_TRANS_8(t, o, w, bmask, s)                                   \
+    t[o + (s + 0) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 0, bmask);    \
+    t[o + (s + 1) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 1, bmask);    \
+    t[o + (s + 2) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 2, bmask);    \
+    t[o + (s + 3) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 3, bmask);    \
+    t[o + (s + 4) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 4, bmask);    \
+    t[o + (s + 5) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 5, bmask);    \
+    t[o + (s + 6) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 6, bmask);    \
+    t[o + (s + 7) * BS_BLOCK_WORDS] |= BS_MASK_BIT_SET(w, s + 7, bmask)
+
+static void bs_inv_transpose(bs_word* t, bs_word* blocks)
 {
-    word32 x = 0;
-    int i,j;
+    int o;
 
-    for (i = 0; i < 4; i++) {
-        /* 256 elements, each one is 4 bytes */
-        for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
-            x &= Td[i][j];
+    XMEMSET(t, 0, sizeof(bs_word) * AES_BLOCK_BITS);
+
+    for (o = 0; o < BS_BLOCK_WORDS; o++) {
+        int i;
+        for (i = 0; i < BS_WORD_SIZE; i++) {
+        #ifdef LITTLE_ENDIAN_ORDER
+            bs_word bmask = (bs_word)1 << i;
+        #else
+            bs_word bmask = bs_bswap((bs_word)1 << i);
+        #endif
+            bs_word w = blocks[(o << BS_WORD_SHIFT) + i];
+    #ifdef WOLFSSL_AES_NO_UNROLL
+            int j;
+            for (j = 0; j < BS_WORD_SIZE; j++) {
+                t[j * BS_BLOCK_WORDS + o] |= BS_MASK_BIT_SET(w, j, bmask);
+            }
+    #else
+            BS_INV_TRANS_8(t, o, w, bmask, 0);
+        #if BS_WORD_SIZE >= 16
+            BS_INV_TRANS_8(t, o, w, bmask, 8);
+        #endif
+        #if BS_WORD_SIZE >= 32
+            BS_INV_TRANS_8(t, o, w, bmask, 16);
+            BS_INV_TRANS_8(t, o, w, bmask, 24);
+        #endif
+        #if BS_WORD_SIZE >= 64
+            BS_INV_TRANS_8(t, o, w, bmask, 32);
+            BS_INV_TRANS_8(t, o, w, bmask, 40);
+            BS_INV_TRANS_8(t, o, w, bmask, 48);
+            BS_INV_TRANS_8(t, o, w, bmask, 56);
+        #endif
+    #endif
         }
     }
-    return x;
 }
-#endif
 
-/* load Td Table4 into cache by cache line stride */
-static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd4(void)
+#define BS_ROW_OFF_0    0
+#define BS_ROW_OFF_1    32
+#define BS_ROW_OFF_2    64
+#define BS_ROW_OFF_3    96
+
+#define BS_ROW_ADD      (AES_BLOCK_BITS / 16 + AES_BLOCK_BITS / 4)
+#define BS_IDX_MASK     0x7f
+
+#define BS_ASSIGN_8(d, od, s, os)   \
+    d[(od) + 0] = s[(os) + 0];      \
+    d[(od) + 1] = s[(os) + 1];      \
+    d[(od) + 2] = s[(os) + 2];      \
+    d[(od) + 3] = s[(os) + 3];      \
+    d[(od) + 4] = s[(os) + 4];      \
+    d[(od) + 5] = s[(os) + 5];      \
+    d[(od) + 6] = s[(os) + 6];      \
+    d[(od) + 7] = s[(os) + 7]
+
+static void bs_shift_rows(bs_word* t, bs_word* b)
 {
-#ifndef WOLFSSL_AES_TOUCH_LINES
-    word32 x = 0;
     int i;
 
-    for (i = 0; i < 256; i += WC_CACHE_LINE_SZ) {
-        x &= (word32)Td4[i];
+    for (i = 0; i < 128; i += 32) {
+        BS_ASSIGN_8(t, i +  0, b, (  0 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i +  8, b, ( 40 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i + 24, b, (120 + i) & BS_IDX_MASK);
     }
-    return x;
+}
+
+#define BS_SHIFT_OFF_0  0
+#define BS_SHIFT_OFF_1  8
+#define BS_SHIFT_OFF_2  16
+#define BS_SHIFT_OFF_3  24
+
+/* Shift rows and mix columns.
+ * See: See https://eprint.iacr.org/2009/129.pdf - Appendix A
+ */
+
+#define BS_SHIFT_MIX_8(t, o, br0, br1, br2, br3, of)                \
+        of      = br0[7] ^ br1[7];                                  \
+        t[o+0] =                   br1[0] ^ br2[0] ^ br3[0] ^ of;   \
+        t[o+1] = br0[0] ^ br1[0] ^ br1[1] ^ br2[1] ^ br3[1] ^ of;   \
+        t[o+2] = br0[1] ^ br1[1] ^ br1[2] ^ br2[2] ^ br3[2];        \
+        t[o+3] = br0[2] ^ br1[2] ^ br1[3] ^ br2[3] ^ br3[3] ^ of;   \
+        t[o+4] = br0[3] ^ br1[3] ^ br1[4] ^ br2[4] ^ br3[4] ^ of;   \
+        t[o+5] = br0[4] ^ br1[4] ^ br1[5] ^ br2[5] ^ br3[5];        \
+        t[o+6] = br0[5] ^ br1[5] ^ br1[6] ^ br2[6] ^ br3[6];        \
+        t[o+7] = br0[6] ^ br1[6] ^ br1[7] ^ br2[7] ^ br3[7]
+
+static void bs_shift_mix(bs_word* t, bs_word* b)
+{
+    int i;
+    word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
+    word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
+    word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
+    word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
+
+    for (i = 0; i < AES_BLOCK_BITS; i += AES_BLOCK_BITS / 4) {
+        bs_word* br0 = b + or0;
+        bs_word* br1 = b + or1;
+        bs_word* br2 = b + or2;
+        bs_word* br3 = b + or3;
+        bs_word of;
+
+        BS_SHIFT_MIX_8(t, i +  0, br0, br1, br2, br3, of);
+        BS_SHIFT_MIX_8(t, i +  8, br1, br2, br3, br0, of);
+        BS_SHIFT_MIX_8(t, i + 16, br2, br3, br0, br1, of);
+        BS_SHIFT_MIX_8(t, i + 24, br3, br0, br1, br2, of);
+
+        or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+    }
+}
+
+static void bs_add_round_key(bs_word* out, bs_word* b, bs_word* rk)
+{
+    xorbufout((byte*)out, (byte*)b, (byte*)rk, BS_BLOCK_SIZE);
+}
+
+static void bs_sub_bytes_blocks(bs_word* b)
+{
+    int i;
+
+    for (i = 0; i < AES_BLOCK_BITS; i += 8) {
+        bs_sub_bytes(b + i);
+    }
+}
+
+static const FLASH_QUALIFIER byte bs_rcon[] = {
+    0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1B, 0x36,
+    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
+};
+
+static void bs_ke_sub_bytes(unsigned char* out, unsigned char *in) {
+    bs_word block[AES_BLOCK_BITS];
+    bs_word trans[AES_BLOCK_BITS];
+
+    XMEMSET(block, 0, sizeof(block));
+    XMEMCPY(block, in, 4);
+
+    bs_transpose(trans, block);
+    bs_sub_bytes_blocks(trans);
+    bs_inv_transpose(block, trans);
+
+    XMEMCPY(out, block, 4);
+}
+
+static void bs_ke_transform(unsigned char* out, unsigned char *in, word8 i) {
+    /* Rotate the input 8 bits to the left */
+#ifdef LITTLE_ENDIAN_ORDER
+    *(word32*)out = rotrFixed(*(word32*)in, 8);
 #else
-    return 0;
-#endif
+    *(word32*)out = rotlFixed(*(word32*)in, 8);
+#endif
+    bs_ke_sub_bytes(out, out);
+    /* On just the first byte, add 2^i to the byte */
+    out[0] ^= bs_rcon[i];
+}
+
+static void bs_expand_key(unsigned char *in, word32 sz) {
+    unsigned char t[4];
+    word32 o;
+    word8 i = 0;
+
+    if (sz == 176) {
+        /* Total of 11 rounds - AES-128. */
+        for (o = 16; o < sz; o += 16) {
+            bs_ke_transform(t, in + o - 4, i);
+            i++;
+            *(word32*)(in + o +  0) = *(word32*)(in + o - 16) ^
+                                      *(word32*) t;
+            *(word32*)(in + o +  4) = *(word32*)(in + o - 12) ^
+                                      *(word32*)(in + o +  0);
+            *(word32*)(in + o +  8) = *(word32*)(in + o -  8) ^
+                                      *(word32*)(in + o +  4);
+            *(word32*)(in + o + 12) = *(word32*)(in + o -  4) ^
+                                      *(word32*)(in + o +  8);
+        }
+    }
+    else if (sz == 208) {
+        /* Total of 13 rounds - AES-192. */
+        for (o = 24; o < sz; o += 24) {
+            bs_ke_transform(t, in + o - 4, i);
+            i++;
+            *(word32*)(in + o +  0) = *(word32*)(in + o - 24) ^
+                                      *(word32*) t;
+            *(word32*)(in + o +  4) = *(word32*)(in + o - 20) ^
+                                      *(word32*)(in + o +  0);
+            *(word32*)(in + o +  8) = *(word32*)(in + o - 16) ^
+                                      *(word32*)(in + o +  4);
+            *(word32*)(in + o + 12) = *(word32*)(in + o - 12) ^
+                                      *(word32*)(in + o +  8);
+            *(word32*)(in + o + 16) = *(word32*)(in + o -  8) ^
+                                      *(word32*)(in + o + 12);
+            *(word32*)(in + o + 20) = *(word32*)(in + o -  4) ^
+                                      *(word32*)(in + o + 16);
+        }
+    }
+    else if (sz == 240) {
+        /* Total of 15 rounds - AES-256. */
+        for (o = 32; o < sz; o += 16) {
+            if ((o & 0x1f) == 0) {
+                bs_ke_transform(t, in + o - 4, i);
+                i++;
+            }
+            else {
+                bs_ke_sub_bytes(t, in + o - 4);
+            }
+            *(word32*)(in + o +  0) = *(word32*)(in + o - 32) ^
+                                      *(word32*) t;
+            *(word32*)(in + o +  4) = *(word32*)(in + o - 28) ^
+                                      *(word32*)(in + o +  0);
+            *(word32*)(in + o +  8) = *(word32*)(in + o - 24) ^
+                                      *(word32*)(in + o +  4);
+            *(word32*)(in + o + 12) = *(word32*)(in + o - 20) ^
+                                      *(word32*)(in + o +  8);
+        }
+    }
+}
+
+static void bs_set_key(bs_word* rk, const byte* key, word32 keyLen,
+    word32 rounds)
+{
+    int i;
+    byte bs_key[15 * AES_BLOCK_SIZE];
+    int ksSz = (rounds + 1) * AES_BLOCK_SIZE;
+    bs_word block[AES_BLOCK_BITS];
+
+    /* Fist round. */
+    XMEMCPY(bs_key, key, keyLen);
+    bs_expand_key(bs_key, ksSz);
+
+    for (i = 0; i < ksSz; i += AES_BLOCK_SIZE) {
+        int k;
+
+        XMEMCPY(block, bs_key + i, AES_BLOCK_SIZE);
+        for (k = BS_BLOCK_WORDS; k < AES_BLOCK_BITS; k += BS_BLOCK_WORDS) {
+            int l;
+            for (l = 0; l < BS_BLOCK_WORDS; l++) {
+                block[k + l] = block[l];
+            }
+        }
+        bs_transpose(rk, block);
+        rk += AES_BLOCK_BITS;
+    }
+}
+
+static void bs_encrypt(bs_word* state, bs_word* rk, word32 r)
+{
+    word32 i;
+    bs_word trans[AES_BLOCK_BITS];
+
+    bs_transpose(trans, state);
+
+    bs_add_round_key(trans, trans, rk);
+    for (i = 1; i < r; i++) {
+        bs_sub_bytes_blocks(trans);
+        bs_shift_mix(state, trans);
+        rk += AES_BLOCK_BITS;
+        bs_add_round_key(trans, state, rk);
+    }
+    bs_sub_bytes_blocks(trans);
+    bs_shift_rows(state, trans);
+    rk += AES_BLOCK_BITS;
+    bs_add_round_key(trans, state, rk);
+    bs_inv_transpose(state, trans);
+}
+
+/* Encrypt a block using AES.
+ *
+ * @param [in]  aes       AES object.
+ * @param [in]  inBlock   Block to encrypt.
+ * @param [out] outBlock  Encrypted block.
+ * @param [in]  r         Rounds divided by 2.
+ */
+static void AesEncrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+        word32 r)
+{
+    bs_word state[AES_BLOCK_BITS];
+
+    (void)r;
+
+    XMEMCPY(state, inBlock, AES_BLOCK_SIZE);
+    XMEMSET(((byte*)state) + AES_BLOCK_SIZE, 0, sizeof(state) - AES_BLOCK_SIZE);
+
+    bs_encrypt(state, aes->bs_key, aes->rounds);
+
+    XMEMCPY(outBlock, state, AES_BLOCK_SIZE);
+}
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Encrypt a number of blocks using AES.
+ *
+ * @param [in]  aes  AES object.
+ * @param [in]  in   Block to encrypt.
+ * @param [out] out  Encrypted block.
+ * @param [in]  sz   Number of blocks to encrypt.
+ */
+static void AesEncryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+    bs_word state[AES_BLOCK_BITS];
+
+    while (sz >= BS_BLOCK_SIZE) {
+        XMEMCPY(state, in, BS_BLOCK_SIZE);
+        bs_encrypt(state, aes->bs_key, aes->rounds);
+        XMEMCPY(out, state, BS_BLOCK_SIZE);
+        sz  -= BS_BLOCK_SIZE;
+        in  += BS_BLOCK_SIZE;
+        out += BS_BLOCK_SIZE;
+    }
+    if (sz > 0) {
+        XMEMCPY(state, in, sz);
+        XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
+        bs_encrypt(state, aes->bs_key, aes->rounds);
+        XMEMCPY(out, state, sz);
+    }
 }
 #endif
 
-/* Software AES - ECB Decrypt */
-static WARN_UNUSED_RESULT int wc_AesDecrypt(
+#endif /* !WC_AES_BITSLICED */
+
+/* this section disabled with NO_AES_192 */
+/* calling this one when missing NO_AES_192  */
+static WARN_UNUSED_RESULT int wc_AesEncrypt(
     Aes* aes, const byte* inBlock, byte* outBlock)
 {
-    word32 s0, s1, s2, s3;
-    word32 t0, t1, t2, t3;
-    word32 r = aes->rounds >> 1;
-    const word32* rk = aes->key;
+    word32 r;
+
+    if (aes == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    {
+        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+    }
+#endif
+
+    r = aes->rounds >> 1;
 
     if (r > 7 || r == 0) {
         WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
@@ -2374,9 +2780,11 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     }
 
 #ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
+    if (aes->use_aesni) {
+        ASSERT_SAVED_VECTOR_REGISTERS();
+
         #ifdef DEBUG_AESNI
-            printf("about to aes decrypt\n");
+            printf("about to aes encrypt\n");
             printf("in  = %p\n", inBlock);
             printf("out = %p\n", outBlock);
             printf("aes->key = %p\n", aes->key);
@@ -2384,11 +2792,33 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             printf("sz = %d\n", AES_BLOCK_SIZE);
         #endif
 
-        /* if input and output same will overwrite input iv */
-        if ((const byte*)aes->tmp != inBlock)
-            XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE);
-        AES_ECB_decrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+        /* check alignment, decrypt doesn't need alignment */
+        if ((wc_ptr_t)inBlock % AESNI_ALIGN) {
+        #ifndef NO_WOLFSSL_ALLOC_ALIGN
+            byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE + AESNI_ALIGN, aes->heap,
+                                                      DYNAMIC_TYPE_TMP_BUFFER);
+            byte* tmp_align;
+            if (tmp == NULL)
+                return MEMORY_E;
+
+            tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+
+            XMEMCPY(tmp_align, inBlock, AES_BLOCK_SIZE);
+            AES_ECB_encrypt_AESNI(tmp_align, tmp_align, AES_BLOCK_SIZE,
+                    (byte*)aes->key, (int)aes->rounds);
+            XMEMCPY(outBlock, tmp_align, AES_BLOCK_SIZE);
+            XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            return 0;
+        #else
+            WOLFSSL_MSG("AES-ECB encrypt with bad alignment");
+            WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
+            return BAD_ALIGN_E;
+        #endif
+        }
+
+        AES_ECB_encrypt_AESNI(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
                         (int)aes->rounds);
+
         return 0;
     }
     else {
@@ -2398,21 +2828,106 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     }
 #endif /* WOLFSSL_AESNI */
 #if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
-    return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+    AES_ECB_encrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+    return 0;
 #endif
+
 #if defined(WOLFSSL_IMXRT_DCP)
     if (aes->keylen == 16) {
-        DCPAesEcbDecrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
+        DCPAesEcbEncrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
         return 0;
     }
 #endif
+
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
     if (aes->useSWCrypt == 0) {
         return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
-                               AES_DECRYPTION, kAlgorithm_SSS_AES_ECB);
+                               AES_ENCRYPTION, kAlgorithm_SSS_AES_ECB);
     }
 #endif
 
+#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+    ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
+    if (wc_esp32AesSupportedKeyLen(aes)) {
+        return wc_esp32AesEncrypt(aes, inBlock, outBlock);
+    }
+    else {
+        /* For example, the ESP32-S3 does not support HW for len = 24,
+         * so fall back to SW */
+    #ifdef DEBUG_WOLFSSL
+        ESP_LOGW(TAG, "wc_AesEncrypt HW Falling back, unsupported keylen = %d",
+                      aes->keylen);
+    #endif
+    }
+#endif
+
+    AesEncrypt_C(aes, inBlock, outBlock, r);
+
+    return 0;
+} /* wc_AesEncrypt */
+#endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT || HAVE_AESGCM */
+
+#if defined(HAVE_AES_DECRYPT)
+#if (defined(HAVE_AES_CBC) && !defined(WOLFSSL_DEVCRYPTO_CBC) && \
+                              !defined(WOLFSSL_SILABS_SE_ACCEL)) || \
+    defined(WOLFSSL_AES_DIRECT)
+
+#ifndef WC_AES_BITSLICED
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_AES_SMALL_TABLES
+/* load 4 Td Tables into cache by cache line stride */
+static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd(void)
+{
+    word32 x = 0;
+    int i,j;
+
+    for (i = 0; i < 4; i++) {
+        /* 256 elements, each one is 4 bytes */
+        for (j = 0; j < 256; j += WC_CACHE_LINE_SZ/4) {
+            x &= Td[i][j];
+        }
+    }
+    return x;
+}
+#endif
+
+/* load Td Table4 into cache by cache line stride */
+static WARN_UNUSED_RESULT WC_INLINE word32 PreFetchTd4(void)
+{
+#ifndef WOLFSSL_AES_TOUCH_LINES
+    word32 x = 0;
+    int i;
+
+    for (i = 0; i < 256; i += WC_CACHE_LINE_SZ) {
+        x &= (word32)Td4[i];
+    }
+    return x;
+#else
+    return 0;
+#endif
+}
+#endif
+
+/* Decrypt a block using AES.
+ *
+ * @param [in]  aes       AES object.
+ * @param [in]  inBlock   Block to encrypt.
+ * @param [out] outBlock  Encrypted block.
+ * @param [in]  r         Rounds divided by 2.
+ */
+static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+    word32 r)
+{
+    word32 s0, s1, s2, s3;
+    word32 t0, t1, t2, t3;
+    const word32* rk;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+    rk = aes->key_C_fallback;
+#else
+    rk = aes->key;
+#endif
+
     /*
      * map byte array block to cipher state
      * and add initial round key:
@@ -2623,8 +3138,457 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     XMEMCPY(outBlock + 2 * sizeof(s0), &s2, sizeof(s2));
     XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3));
 
-    return 0;
 }
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Decrypt a number of blocks using AES.
+ *
+ * @param [in]  aes  AES object.
+ * @param [in]  in   Block to encrypt.
+ * @param [out] out  Encrypted block.
+ * @param [in]  sz   Number of blocks to encrypt.
+ */
+static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+    word32 i;
+
+    for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+        AesDecrypt_C(aes, in, out, aes->rounds >> 1);
+        in += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+    }
+}
+#endif
+
+#else
+
+/* http://cs-www.cs.yale.edu/homes/peralta/CircuitStuff/Sinv.txt */
+static void bs_inv_sub_bytes(bs_word u[8])
+{
+    bs_word U0, U1, U2, U3, U4, U5, U6, U7;
+    bs_word Y0, Y1, Y2, Y3, Y4, Y5, Y6, Y7;
+    bs_word RTL0, RTL1, RTL2;
+    bs_word sa0, sa1;
+    bs_word sb0, sb1;
+    bs_word ab0, ab1, ab2, ab3;
+    bs_word ab20, ab21, ab22, ab23;
+    bs_word al, ah, aa, bl, bh, bb;
+    bs_word abcd1, abcd2, abcd3, abcd4, abcd5, abcd6;
+    bs_word ph11, ph12, ph13, ph01, ph02, ph03;
+    bs_word pl01, pl02, pl03, pl11, pl12, pl13;
+    bs_word r1, r2, r3, r4, r5, r6, r7, r8, r9;
+    bs_word rr1, rr2;
+    bs_word r10, r11;
+    bs_word cp1, cp2, cp3, cp4;
+    bs_word vr1, vr2, vr3;
+    bs_word pr1, pr2, pr3;
+    bs_word wr1, wr2, wr3;
+    bs_word qr1, qr2, qr3;
+    bs_word tinv1, tinv2, tinv3, tinv4, tinv5, tinv6, tinv7, tinv8, tinv9;
+    bs_word tinv10, tinv11, tinv12, tinv13;
+    bs_word t01, t02;
+    bs_word d0, d1, d2, d3;
+    bs_word dl, dd, dh;
+    bs_word sd0, sd1;
+    bs_word p0, p1, p2, p3, p4, p6, p7;
+    bs_word X11, X13, X14, X16, X18, X19;
+    bs_word S0, S1, S2, S3, S4, S5, S6, S7;
+
+    U0 = u[7];
+    U1 = u[6];
+    U2 = u[5];
+    U3 = u[4];
+    U4 = u[3];
+    U5 = u[2];
+    U6 = u[1];
+    U7 = u[0];
+
+    Y0 = U0 ^ U3;
+    Y2 = ~(U1 ^ U3);
+    Y4 = U0 ^ Y2;
+    RTL0 = U6 ^ U7;
+    Y1 = Y2 ^ RTL0;
+    Y7 = ~(U2 ^ Y1);
+    RTL1 = U3 ^ U4;
+    Y6 = ~(U7 ^ RTL1);
+    Y3 = Y1 ^ RTL1;
+    RTL2 = ~(U0 ^ U2);
+    Y5 = U5 ^ RTL2;
+    sa1 = Y0 ^ Y2;
+    sa0 = Y1 ^ Y3;
+    sb1 = Y4 ^ Y6;
+    sb0 = Y5 ^ Y7;
+    ah = Y0 ^ Y1;
+    al = Y2 ^ Y3;
+    aa = sa0 ^ sa1;
+    bh = Y4 ^ Y5;
+    bl = Y6 ^ Y7;
+    bb = sb0 ^ sb1;
+    ab20 = sa0 ^ sb0;
+    ab22 = al ^ bl;
+    ab23 = Y3 ^ Y7;
+    ab21 = sa1 ^ sb1;
+    abcd1 = ah & bh;
+    rr1 = Y0 & Y4;
+    ph11 = ab20 ^ abcd1;
+    t01 = Y1 & Y5;
+    ph01 = t01 ^ abcd1;
+    abcd2 = al & bl;
+    r1 = Y2 & Y6;
+    pl11 = ab22 ^ abcd2;
+    r2 = Y3 & Y7;
+    pl01 = r2 ^ abcd2;
+    r3 = sa0 & sb0;
+    vr1 = aa & bb;
+    pr1 = vr1 ^ r3;
+    wr1 = sa1 & sb1;
+    qr1 = wr1 ^ r3;
+    ab0 = ph11 ^ rr1;
+    ab1 = ph01 ^ ab21;
+    ab2 = pl11 ^ r1;
+    ab3 = pl01 ^ qr1;
+    cp1 = ab0 ^ pr1;
+    cp2 = ab1 ^ qr1;
+    cp3 = ab2 ^ pr1;
+    cp4 = ab3 ^ ab23;
+    tinv1 = cp3 ^ cp4;
+    tinv2 = cp3 & cp1;
+    tinv3 = cp2 ^ tinv2;
+    tinv4 = cp1 ^ cp2;
+    tinv5 = cp4 ^ tinv2;
+    tinv6 = tinv5 & tinv4;
+    tinv7 = tinv3 & tinv1;
+    d2 = cp4 ^ tinv7;
+    d0 = cp2 ^ tinv6;
+    tinv8 = cp1 & cp4;
+    tinv9 = tinv4 & tinv8;
+    tinv10 = tinv4 ^ tinv2;
+    d1 = tinv9 ^ tinv10;
+    tinv11 = cp2 & cp3;
+    tinv12 = tinv1 & tinv11;
+    tinv13 = tinv1 ^ tinv2;
+    d3 = tinv12 ^ tinv13;
+    sd1 = d1 ^ d3;
+    sd0 = d0 ^ d2;
+    dl = d0 ^ d1;
+    dh = d2 ^ d3;
+    dd = sd0 ^ sd1;
+    abcd3 = dh & bh;
+    rr2 = d3 & Y4;
+    t02 = d2 & Y5;
+    abcd4 = dl & bl;
+    r4 = d1 & Y6;
+    r5 = d0 & Y7;
+    r6 = sd0 & sb0;
+    vr2 = dd & bb;
+    wr2 = sd1 & sb1;
+    abcd5 = dh & ah;
+    r7 = d3 & Y0;
+    r8 = d2 & Y1;
+    abcd6 = dl & al;
+    r9 = d1 & Y2;
+    r10 = d0 & Y3;
+    r11 = sd0 & sa0;
+    vr3 = dd & aa;
+    wr3 = sd1 & sa1;
+    ph12 = rr2 ^ abcd3;
+    ph02 = t02 ^ abcd3;
+    pl12 = r4 ^ abcd4;
+    pl02 = r5 ^ abcd4;
+    pr2 = vr2 ^ r6;
+    qr2 = wr2 ^ r6;
+    p0 = ph12 ^ pr2;
+    p1 = ph02 ^ qr2;
+    p2 = pl12 ^ pr2;
+    p3 = pl02 ^ qr2;
+    ph13 = r7 ^ abcd5;
+    ph03 = r8 ^ abcd5;
+    pl13 = r9 ^ abcd6;
+    pl03 = r10 ^ abcd6;
+    pr3 = vr3 ^ r11;
+    qr3 = wr3 ^ r11;
+    p4 = ph13 ^ pr3;
+    S7 = ph03 ^ qr3;
+    p6 = pl13 ^ pr3;
+    p7 = pl03 ^ qr3;
+    S3 = p1 ^ p6;
+    S6 = p2 ^ p6;
+    S0 = p3 ^ p6;
+    X11 = p0 ^ p2;
+    S5 = S0 ^ X11;
+    X13 = p4 ^ p7;
+    X14 = X11 ^ X13;
+    S1 = S3 ^ X14;
+    X16 = p1 ^ S7;
+    S2 = X14 ^ X16;
+    X18 = p0 ^ p4;
+    X19 = S5 ^ X16;
+    S4 = X18 ^ X19;
+
+    u[0] = S7;
+    u[1] = S6;
+    u[2] = S5;
+    u[3] = S4;
+    u[4] = S3;
+    u[5] = S2;
+    u[6] = S1;
+    u[7] = S0;
+}
+
+static void bs_inv_shift_rows(bs_word* b)
+{
+    bs_word t[AES_BLOCK_BITS];
+    int i;
+
+    for (i = 0; i < 128; i += 32) {
+        BS_ASSIGN_8(t, i +  0, b, (  0 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i +  8, b, (104 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i + 16, b, ( 80 + i) & BS_IDX_MASK);
+        BS_ASSIGN_8(t, i + 24, b, ( 56 + i) & BS_IDX_MASK);
+    }
+
+    XMEMCPY(b, t, sizeof(t));
+}
+
+#define O0  0
+#define O1  8
+#define O2  16
+#define O3  24
+
+#define BS_INV_MIX_SHIFT_8(br, b, O0, O1, O2, O3, of0, of1, of2)            \
+    of0 = b[O0+7] ^ b[O0+6] ^ b[O0+5] ^ b[O1 + 7] ^ b[O1+5] ^               \
+          b[O2+6] ^ b[O2+5] ^ b[O3+5];                                      \
+    of1 =           b[O0+7] ^ b[O0+6] ^             b[O1+6] ^               \
+          b[O2+7] ^ b[O2+6] ^ b[O3+6];                                      \
+    of2 =                     b[O0+7] ^             b[O1+7] ^               \
+                    b[O2+7] ^ b[O3+7];                                      \
+                                                                            \
+    br[0] =                                                   b[O1+0] ^     \
+            b[O2+0]                     ^ b[O3+0]           ^ of0;          \
+    br[1] = b[O0+0]                               ^ b[O1+0] ^ b[O1+1] ^     \
+            b[O2+1]                     ^ b[O3+1]           ^ of0 ^ of1;    \
+    br[2] = b[O0+1] ^ b[O0+0]                     ^ b[O1+1] ^ b[O1+2] ^     \
+            b[O2+2] ^ b[O2+0]           ^ b[O3+2]           ^ of1 ^ of2;    \
+    br[3] = b[O0+2] ^ b[O0+1] ^ b[O0+0] ^ b[O1+0] ^ b[O1+2] ^ b[O1+3] ^     \
+            b[O2+3] ^ b[O2+1] ^ b[O2+0] ^ b[O3+3] ^ b[O3+0] ^ of0 ^ of2;    \
+    br[4] = b[O0+3] ^ b[O0+2] ^ b[O0+1] ^ b[O1+1] ^ b[O1+3] ^ b[O1+4] ^     \
+            b[O2+4] ^ b[O2+2] ^ b[O2+1] ^ b[O3+4] ^ b[O3+1] ^ of0 ^ of1;    \
+    br[5] = b[O0+4] ^ b[O0+3] ^ b[O0+2] ^ b[O1+2] ^ b[O1+4] ^ b[O1+5] ^     \
+            b[O2+5] ^ b[O2+3] ^ b[O2+2] ^ b[O3+5] ^ b[O3+2] ^ of1 ^ of2;    \
+    br[6] = b[O0+5] ^ b[O0+4] ^ b[O0+3] ^ b[O1+3] ^ b[O1+5] ^ b[O1+6] ^     \
+            b[O2+6] ^ b[O2+4] ^ b[O2+3] ^ b[O3+6] ^ b[O3+3] ^ of2;          \
+    br[7] = b[O0+6] ^ b[O0+5] ^ b[O0+4] ^ b[O1+4] ^ b[O1+6] ^ b[O1+7] ^     \
+            b[O2+7] ^ b[O2+5] ^ b[O2+4] ^ b[O3+7] ^ b[O3+4]
+
+/* Inverse mix columns and shift rows. */
+static void bs_inv_mix_shift(bs_word* t, bs_word* b)
+{
+    bs_word* bp = b;
+    word8 or0 = BS_ROW_OFF_0 + BS_SHIFT_OFF_0;
+    word8 or1 = BS_ROW_OFF_1 + BS_SHIFT_OFF_1;
+    word8 or2 = BS_ROW_OFF_2 + BS_SHIFT_OFF_2;
+    word8 or3 = BS_ROW_OFF_3 + BS_SHIFT_OFF_3;
+    int i;
+
+    for (i = 0; i < AES_BLOCK_BITS / 4; i += AES_BLOCK_BITS / 16) {
+        bs_word* br;
+        bs_word of0;
+        bs_word of1;
+        bs_word of2;
+
+        br = t + or0;
+        BS_INV_MIX_SHIFT_8(br, bp, O0, O1, O2, O3, of0, of1, of2);
+        br = t + or1;
+        BS_INV_MIX_SHIFT_8(br, bp, O1, O2, O3, O0, of0, of1, of2);
+        br = t + or2;
+        BS_INV_MIX_SHIFT_8(br, bp, O2, O3, O0, O1, of0, of1, of2);
+        br = t + or3;
+        BS_INV_MIX_SHIFT_8(br, bp, O3, O0, O1, O2, of0, of1, of2);
+
+        or0 = (or0 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or1 = (or1 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or2 = (or2 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+        or3 = (or3 + AES_BLOCK_BITS / 4) & BS_IDX_MASK;
+
+        bp += AES_BLOCK_BITS / 4;
+    }
+}
+
+static void bs_inv_sub_bytes_blocks(bs_word* b)
+{
+    int i;
+
+    for (i = 0; i < AES_BLOCK_BITS; i += 8) {
+        bs_inv_sub_bytes(b + i);
+    }
+}
+
+static void bs_decrypt(bs_word* state, bs_word* rk, word32 r)
+{
+    int i;
+    bs_word trans[AES_BLOCK_BITS];
+
+    bs_transpose(trans, state);
+
+    rk += r * AES_BLOCK_BITS;
+    bs_add_round_key(trans, trans, rk);
+    bs_inv_shift_rows(trans);
+    bs_inv_sub_bytes_blocks(trans);
+    rk -= AES_BLOCK_BITS;
+    bs_add_round_key(trans, trans, rk);
+    for (i = (int)r - 2; i >= 0; i--) {
+        bs_inv_mix_shift(state, trans);
+        bs_inv_sub_bytes_blocks(state);
+        rk -= AES_BLOCK_BITS;
+        bs_add_round_key(trans, state, rk);
+    }
+
+    bs_inv_transpose(state, trans);
+}
+
+#ifdef WOLFSSL_AES_DIRECT
+/* Decrypt a block using AES.
+ *
+ * @param [in]  aes       AES object.
+ * @param [in]  inBlock   Block to encrypt.
+ * @param [out] outBlock  Encrypted block.
+ * @param [in]  r         Rounds divided by 2.
+ */
+static void AesDecrypt_C(Aes* aes, const byte* inBlock, byte* outBlock,
+    word32 r)
+{
+    bs_word state[AES_BLOCK_BITS];
+
+    (void)r;
+
+    XMEMCPY(state, inBlock, AES_BLOCK_SIZE);
+    XMEMSET(((byte*)state) + AES_BLOCK_SIZE, 0, sizeof(state) - AES_BLOCK_SIZE);
+
+    bs_decrypt(state, aes->bs_key, aes->rounds);
+
+    XMEMCPY(outBlock, state, AES_BLOCK_SIZE);
+}
+#endif
+
+#if defined(HAVE_AES_ECB) && !(defined(WOLFSSL_IMX6_CAAM) && \
+    !defined(NO_IMX6_CAAM_AES) && !defined(WOLFSSL_QNX_CAAM))
+/* Decrypt a number of blocks using AES.
+ *
+ * @param [in]  aes  AES object.
+ * @param [in]  in   Block to encrypt.
+ * @param [out] out  Encrypted block.
+ * @param [in]  sz   Number of blocks to encrypt.
+ */
+static void AesDecryptBlocks_C(Aes* aes, const byte* in, byte* out, word32 sz)
+{
+    bs_word state[AES_BLOCK_BITS];
+
+    while (sz >= BS_BLOCK_SIZE) {
+        XMEMCPY(state, in, BS_BLOCK_SIZE);
+        bs_decrypt(state, aes->bs_key, aes->rounds);
+        XMEMCPY(out, state, BS_BLOCK_SIZE);
+        sz  -= BS_BLOCK_SIZE;
+        in  += BS_BLOCK_SIZE;
+        out += BS_BLOCK_SIZE;
+    }
+    if (sz > 0) {
+        XMEMCPY(state, in, sz);
+        XMEMSET(((byte*)state) + sz, 0, sizeof(state) - sz);
+        bs_decrypt(state, aes->bs_key, aes->rounds);
+        XMEMCPY(out, state, sz);
+    }
+}
+#endif
+
+#endif
+
+#if !defined(WC_AES_BITSLICED) || defined(WOLFSSL_AES_DIRECT)
+/* Software AES - ECB Decrypt */
+static WARN_UNUSED_RESULT int wc_AesDecrypt(
+    Aes* aes, const byte* inBlock, byte* outBlock)
+{
+    word32 r;
+
+    if (aes == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    {
+        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+    }
+#endif
+
+    r = aes->rounds >> 1;
+
+    if (r > 7 || r == 0) {
+        WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
+        return KEYUSAGE_E;
+    }
+
+#ifdef WOLFSSL_AESNI
+    if (aes->use_aesni) {
+        ASSERT_SAVED_VECTOR_REGISTERS();
+
+        #ifdef DEBUG_AESNI
+            printf("about to aes decrypt\n");
+            printf("in  = %p\n", inBlock);
+            printf("out = %p\n", outBlock);
+            printf("aes->key = %p\n", aes->key);
+            printf("aes->rounds = %d\n", aes->rounds);
+            printf("sz = %d\n", AES_BLOCK_SIZE);
+        #endif
+
+        /* if input and output same will overwrite input iv */
+        if ((const byte*)aes->tmp != inBlock)
+            XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE);
+        AES_ECB_decrypt_AESNI(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key,
+                        (int)aes->rounds);
+        return 0;
+    }
+    else {
+        #ifdef DEBUG_AESNI
+            printf("Skipping AES-NI\n");
+        #endif
+    }
+#endif /* WOLFSSL_AESNI */
+#if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
+    return AES_ECB_decrypt(aes, inBlock, outBlock, AES_BLOCK_SIZE);
+#endif
+#if defined(WOLFSSL_IMXRT_DCP)
+    if (aes->keylen == 16) {
+        DCPAesEcbDecrypt(aes, outBlock, inBlock, AES_BLOCK_SIZE);
+        return 0;
+    }
+#endif
+#if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
+    if (aes->useSWCrypt == 0) {
+        return se050_aes_crypt(aes, inBlock, outBlock, AES_BLOCK_SIZE,
+                               AES_DECRYPTION, kAlgorithm_SSS_AES_ECB);
+    }
+#endif
+#if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+    if (wc_esp32AesSupportedKeyLen(aes)) {
+        return wc_esp32AesDecrypt(aes, inBlock, outBlock);
+    }
+    else {
+        /* For example, the ESP32-S3 does not support HW for len = 24,
+         * so fall back to SW */
+    #ifdef DEBUG_WOLFSSL
+        ESP_LOGW(TAG, "wc_AesDecrypt HW Falling back, "
+                        "unsupported keylen = %d", aes->keylen);
+    #endif
+    } /* else !wc_esp32AesSupportedKeyLen for ESP32 */
+#endif
+
+    AesDecrypt_C(aes, inBlock, outBlock, r);
+
+    return 0;
+} /* wc_AesDecrypt[_SW]() */
+#endif /* !WC_AES_BITSLICED || WOLFSSL_AES_DIRECT */
 #endif /* HAVE_AES_CBC || WOLFSSL_AES_DIRECT */
 #endif /* HAVE_AES_DECRYPT */
 
@@ -2650,6 +3614,14 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             return BAD_FUNC_ARG;
         }
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
         rk = aes->key;
         aes->keylen = keylen;
         aes->rounds = keylen/4 + 6;
@@ -2723,6 +3695,14 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         if (aes == NULL)
             return BAD_FUNC_ARG;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
         aes->keylen = keylen;
         aes->rounds = keylen/4 + 6;
         XMEMCPY(aes->key, userKey, keylen);
@@ -2738,12 +3718,26 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         return 0;
     }
 #elif defined(FREESCALE_LTC)
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
-                  int dir)
+    int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
+        const byte* iv, int dir, int checkKeyLen)
     {
-        if (aes == NULL || !((keylen == 16) || (keylen == 24) || (keylen == 32)))
+        if (aes == NULL)
             return BAD_FUNC_ARG;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
+        if (checkKeyLen) {
+            if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+                return BAD_FUNC_ARG;
+        }
+        (void)dir;
+
         aes->rounds = keylen/4 + 6;
         XMEMCPY(aes->key, userKey, keylen);
 
@@ -2755,14 +3749,21 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         return wc_AesSetIV(aes, iv);
     }
 
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+        const byte* iv, int dir)
+    {
+        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
+    }
+
+
     int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
                         const byte* iv, int dir)
     {
         return wc_AesSetKey(aes, userKey, keylen, iv, dir);
     }
 #elif defined(FREESCALE_MMCAU)
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
+    int wc_AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen,
+        const byte* iv, int dir, int checkKeyLen)
     {
         int ret;
         byte* rk;
@@ -2772,11 +3773,22 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
 
         (void)dir;
 
-        if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
-            return BAD_FUNC_ARG;
         if (aes == NULL)
             return BAD_FUNC_ARG;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
+        if (checkKeyLen) {
+            if (!((keylen == 16) || (keylen == 24) || (keylen == 32)))
+                return BAD_FUNC_ARG;
+        }
+
         rk = (byte*)aes->key;
         if (rk == NULL)
             return BAD_FUNC_ARG;
@@ -2827,6 +3839,12 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         return ret;
     }
 
+    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+        const byte* iv, int dir)
+    {
+        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
+    }
+
     int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
                         const byte* iv, int dir)
     {
@@ -2845,6 +3863,12 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         if (aes == NULL || keylen != 16)
             return BAD_FUNC_ARG;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
         aes->keylen = keylen;
         aes->rounds = keylen/4 + 6;
         XMEMCPY(aes->key, userKey, keylen);
@@ -2863,19 +3887,28 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     {
         return wc_AesSetKey(aes, userKey, keylen, iv, dir);
     }
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
-
-    int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+#elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+    /* This is the only definition for HW only.
+     * but needs to be renamed when fallback needed.
+     * See call in wc_AesSetKey() */
+    int wc_AesSetKey_for_ESP32(Aes* aes, const byte* userKey, word32 keylen,
         const byte* iv, int dir)
     {
         (void)dir;
         (void)iv;
-
+        ESP_LOGV(TAG, "wc_AesSetKey_for_ESP32");
         if (aes == NULL || (keylen != 16 && keylen != 24 && keylen != 32)) {
             return BAD_FUNC_ARG;
         }
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret < 0)
+                return ret;
+        }
+#endif
+
     #if !defined(WOLFSSL_AES_128)
         if (keylen == 16) {
             return BAD_FUNC_ARG;
@@ -2902,13 +3935,9 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             aes->left = 0;
         #endif
         return wc_AesSetIV(aes, iv);
-    }
+    } /* wc_AesSetKey */
 
-    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                        const byte* iv, int dir)
-    {
-        return wc_AesSetKey(aes, userKey, keylen, iv, dir);
-    }
+    /* end #elif ESP32 */
 #elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
 
     int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv,
@@ -2923,6 +3952,16 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             keylen != AES_256_KEY_SIZE)) {
             return BAD_FUNC_ARG;
         }
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        {
+            int ret2 =
+                wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+            if (ret2 < 0)
+                return ret2;
+        }
+#endif
+
     #if defined(AES_MAX_KEY_SIZE)
         if (keylen > (AES_MAX_KEY_SIZE/8)) {
             return BAD_FUNC_ARG;
@@ -2996,9 +4035,264 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     /* implemented in wolfcrypt/src/port/devcrypto/devcrypto_aes.c */
 
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
+    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
+
+#elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+    /* implemented in wolfcrypt/src/port/renesas/renesas_fspsm_aes.c */
+
+#else
+    #define NEED_SOFTWARE_AES_SETKEY
+#endif
 
+/* Either we fell though with no HW support at all,
+ * or perhaps there's HW support for *some* keylengths
+ * and we need both HW and SW. */
+#ifdef NEED_SOFTWARE_AES_SETKEY
+
+#ifdef NEED_AES_TABLES
+
+#ifndef WC_AES_BITSLICED
+/* Set the AES key and expand.
+ *
+ * @param [in]  aes    AES object.
+ * @param [in]  key    Block to encrypt.
+ * @param [in]  keySz  Number of bytes in key.
+ * @param [in]  dir    Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
+ */
+static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
+{
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+    word32* rk = aes->key_C_fallback;
 #else
+    word32* rk = aes->key;
+#endif
+    word32 temp;
+    unsigned int i = 0;
+
+    XMEMCPY(rk, key, keySz);
+#if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
+    (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_AES))
+    /* Always reverse words when using only SW */
+    {
+        ByteReverseWords(rk, rk, keySz);
+    }
+#else
+    /* Sometimes reverse words when using supported HW */
+    #if defined(WOLFSSL_ESPIDF)
+        /* Some platforms may need SW fallback (e.g. AES192) */
+        #if defined(NEED_AES_HW_FALLBACK)
+        {
+            ESP_LOGV(TAG, "wc_AesEncrypt fallback check");
+            if (wc_esp32AesSupportedKeyLen(aes)) {
+                /* don't reverse for HW supported key lengths */
+            }
+            else {
+                ByteReverseWords(rk, rk, keySz);
+            }
+        }
+        #else
+            /* If we don't need SW fallback, don't need to reverse words. */
+        #endif /* NEED_AES_HW_FALLBACK */
+    #endif /* WOLFSSL_ESPIDF */
+#endif /* LITTLE_ENDIAN_ORDER, etc */
+
+    switch (keySz) {
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
+        defined(WOLFSSL_AES_128)
+    case 16:
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        temp = (word32)-1;
+        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+    #endif
+        while (1)
+        {
+            temp  = rk[3];
+            rk[4] = rk[0] ^
+        #ifndef WOLFSSL_AES_SMALL_TABLES
+                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+        #else
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+        #endif
+                rcon[i];
+            rk[5] = rk[1] ^ rk[4];
+            rk[6] = rk[2] ^ rk[5];
+            rk[7] = rk[3] ^ rk[6];
+            if (++i == 10)
+                break;
+            rk += 4;
+        }
+        break;
+#endif /* 128 */
+
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
+        defined(WOLFSSL_AES_192)
+    case 24:
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        temp = (word32)-1;
+        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+    #endif
+        /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
+        while (1)
+        {
+            temp = rk[ 5];
+            rk[ 6] = rk[ 0] ^
+        #ifndef WOLFSSL_AES_SMALL_TABLES
+                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+        #else
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+        #endif
+                rcon[i];
+            rk[ 7] = rk[ 1] ^ rk[ 6];
+            rk[ 8] = rk[ 2] ^ rk[ 7];
+            rk[ 9] = rk[ 3] ^ rk[ 8];
+            if (++i == 8)
+                break;
+            rk[10] = rk[ 4] ^ rk[ 9];
+            rk[11] = rk[ 5] ^ rk[10];
+            rk += 6;
+        }
+        break;
+#endif /* 192 */
+
+#if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
+        defined(WOLFSSL_AES_256)
+    case 32:
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        temp = (word32)-1;
+        wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+    #endif
+        while (1)
+        {
+            temp = rk[ 7];
+            rk[ 8] = rk[ 0] ^
+        #ifndef WOLFSSL_AES_SMALL_TABLES
+                (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
+                (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
+                (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
+                (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
+        #else
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
+        #endif
+                rcon[i];
+            rk[ 9] = rk[ 1] ^ rk[ 8];
+            rk[10] = rk[ 2] ^ rk[ 9];
+            rk[11] = rk[ 3] ^ rk[10];
+            if (++i == 7)
+                break;
+            temp = rk[11];
+            rk[12] = rk[ 4] ^
+        #ifndef WOLFSSL_AES_SMALL_TABLES
+                (GetTable(Te[2], GETBYTE(temp, 3)) & 0xff000000) ^
+                (GetTable(Te[3], GETBYTE(temp, 2)) & 0x00ff0000) ^
+                (GetTable(Te[0], GETBYTE(temp, 1)) & 0x0000ff00) ^
+                (GetTable(Te[1], GETBYTE(temp, 0)) & 0x000000ff);
+        #else
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 3)) << 24) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 16) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) <<  8) ^
+                ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)));
+        #endif
+            rk[13] = rk[ 5] ^ rk[12];
+            rk[14] = rk[ 6] ^ rk[13];
+            rk[15] = rk[ 7] ^ rk[14];
+
+            rk += 8;
+        }
+        break;
+#endif /* 256 */
+    } /* switch */
+    ForceZero(&temp, sizeof(temp));
+
+#if defined(HAVE_AES_DECRYPT)
+    if (dir == AES_DECRYPTION) {
+        unsigned int j;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+        rk = aes->key_C_fallback;
+#else
+        rk = aes->key;
+#endif
+
+        /* invert the order of the round keys: */
+        for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
+            temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
+            temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
+            temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
+            temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
+        }
+        ForceZero(&temp, sizeof(temp));
+    #if !defined(WOLFSSL_AES_SMALL_TABLES)
+        /* apply the inverse MixColumn transform to all round keys but the
+           first and the last: */
+        for (i = 1; i < aes->rounds; i++) {
+            rk += 4;
+            rk[0] =
+                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[0], 3)) & 0xff) ^
+                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[0], 2)) & 0xff) ^
+                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[0], 1)) & 0xff) ^
+                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[0], 0)) & 0xff);
+            rk[1] =
+                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[1], 3)) & 0xff) ^
+                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[1], 2)) & 0xff) ^
+                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[1], 1)) & 0xff) ^
+                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[1], 0)) & 0xff);
+            rk[2] =
+                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[2], 3)) & 0xff) ^
+                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[2], 2)) & 0xff) ^
+                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[2], 1)) & 0xff) ^
+                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[2], 0)) & 0xff);
+            rk[3] =
+                GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[3], 3)) & 0xff) ^
+                GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[3], 2)) & 0xff) ^
+                GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[3], 1)) & 0xff) ^
+                GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[3], 0)) & 0xff);
+        }
+    #endif
+    }
+#else
+    (void)dir;
+#endif /* HAVE_AES_DECRYPT */
+
+#ifdef WOLFSSL_CHECK_MEM_ZERO
+    wc_MemZero_Check(&temp, sizeof(temp));
+#else
+    (void)temp;
+#endif
+}
+#else /* WC_AES_BITSLICED */
+/* Set the AES key and expand.
+ *
+ * @param [in]  aes    AES object.
+ * @param [in]  key    Block to encrypt.
+ * @param [in]  keySz  Number of bytes in key.
+ * @param [in]  dir    Direction of crypt: AES_ENCRYPTION or AES_DECRYPTION.
+ */
+static void AesSetKey_C(Aes* aes, const byte* key, word32 keySz, int dir)
+{
+    /* No need to invert when decrypting. */
+    (void)dir;
+
+    bs_set_key(aes->bs_key, key, keySz, aes->rounds);
+}
+#endif /* WC_AES_BITSLICED */
+
+#endif /* NEED_AES_TABLES */
 
     /* Software AES - SetKey */
     static WARN_UNUSED_RESULT int wc_AesSetKeyLocal(
@@ -3006,16 +4300,37 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         int checkKeyLen)
     {
         int ret;
-        word32 *rk;
-    #ifdef NEED_AES_TABLES
-        word32 temp;
-        unsigned int i = 0;
-    #endif
     #ifdef WOLFSSL_IMX6_CAAM_BLOB
         byte   local[32];
         word32 localSz = 32;
     #endif
 
+        if (aes == NULL)
+            return BAD_FUNC_ARG;
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+        ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+#endif
+
+        switch (keylen) {
+    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 &&     \
+        defined(WOLFSSL_AES_128)
+        case 16:
+    #endif
+    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 &&     \
+        defined(WOLFSSL_AES_192)
+        case 24:
+    #endif
+    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 &&     \
+        defined(WOLFSSL_AES_256)
+        case 32:
+    #endif
+            break;
+        default:
+            return BAD_FUNC_ARG;
+        }
+
     #ifdef WOLFSSL_MAXQ10XX_CRYPTO
         if (wc_MAXQ10XX_AesSetKey(aes, userKey, keylen) != 0) {
             return WC_HW_E;
@@ -3113,12 +4428,21 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
 
         aes->keylen = (int)keylen;
         aes->rounds = (keylen/4) + 6;
+        ret = wc_AesSetIV(aes, iv);
+        if (ret != 0)
+            return ret;
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+#ifdef NEED_AES_TABLES
+        AesSetKey_C(aes, userKey, keylen, dir);
+#endif /* NEED_AES_TABLES */
+#endif /* WC_AES_C_DYNAMIC_FALLBACK */
 
     #ifdef WOLFSSL_AESNI
         aes->use_aesni = 0;
-        if (checkAESNI == 0) {
+        if (checkedAESNI == 0) {
             haveAESNI  = Check_CPU_support_AES();
-            checkAESNI = 1;
+            checkedAESNI = 1;
         }
         if (haveAESNI) {
             #ifdef WOLFSSL_LINUXKM
@@ -3126,18 +4450,33 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             if ((wc_ptr_t)&aes->key & (wc_ptr_t)0xf) {
                 return BAD_ALIGN_E;
             }
-            #endif
-            aes->use_aesni = 1;
-            if (iv)
-                XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
-            else
-                XMEMSET(aes->reg, 0, AES_BLOCK_SIZE);
-            if (dir == AES_ENCRYPTION)
-                return AES_set_encrypt_key(userKey, (int)keylen * 8, aes);
-        #ifdef HAVE_AES_DECRYPT
-            else
-                return AES_set_decrypt_key(userKey, (int)keylen * 8, aes);
-        #endif
+            #endif /* WOLFSSL_LINUXKM */
+            ret = SAVE_VECTOR_REGISTERS2();
+            if (ret == 0) {
+                if (dir == AES_ENCRYPTION)
+                    ret = AES_set_encrypt_key_AESNI(userKey, (int)keylen * 8, aes);
+#ifdef HAVE_AES_DECRYPT
+                else
+                    ret = AES_set_decrypt_key_AESNI(userKey, (int)keylen * 8, aes);
+#endif
+
+                RESTORE_VECTOR_REGISTERS();
+
+                if (ret == 0)
+                    aes->use_aesni = 1;
+                else {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+                    ret = 0;
+#endif
+                }
+                return ret;
+            } else {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+                return 0;
+#else
+                return ret;
+#endif
+            }
         }
     #endif /* WOLFSSL_AESNI */
 
@@ -3171,194 +4510,49 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
         }
 #endif
 
-        rk = aes->key;
-        XMEMCPY(rk, userKey, keylen);
+        XMEMCPY(aes->key, userKey, keylen);
+
+#ifndef WC_AES_BITSLICED
     #if defined(LITTLE_ENDIAN_ORDER) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
-        (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-          defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES))
-        ByteReverseWords(rk, rk, keylen);
-    #endif
+        (!defined(WOLFSSL_ESP32_CRYPT) || \
+          defined(NO_WOLFSSL_ESP32_CRYPT_AES))
 
-    #ifdef WOLFSSL_IMXRT_DCP
-        /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
-        temp = 0;
-        if (keylen == 16)
-            temp = DCPAesSetKey(aes, userKey, keylen, iv, dir);
-        if (temp != 0)
-            return WC_HW_E;
-    #endif
+        /* software */
+        ByteReverseWords(aes->key, aes->key, keylen);
 
-#ifdef NEED_AES_TABLES
-        switch (keylen) {
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 128 && \
-            defined(WOLFSSL_AES_128)
-        case 16:
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            temp = (word32)-1;
-            wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
-        #endif
-            while (1)
-            {
-                temp  = rk[3];
-                rk[4] = rk[0] ^
-            #ifndef WOLFSSL_AES_SMALL_TABLES
-                    (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                    (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                    (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                    (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-            #else
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-            #endif
-                    rcon[i];
-                rk[5] = rk[1] ^ rk[4];
-                rk[6] = rk[2] ^ rk[5];
-                rk[7] = rk[3] ^ rk[6];
-                if (++i == 10)
-                    break;
-                rk += 4;
-            }
-            break;
-    #endif /* 128 */
-
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 192 && \
-            defined(WOLFSSL_AES_192)
-        case 24:
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            temp = (word32)-1;
-            wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
-        #endif
-            /* for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack */
-            while (1)
-            {
-                temp = rk[ 5];
-                rk[ 6] = rk[ 0] ^
-            #ifndef WOLFSSL_AES_SMALL_TABLES
-                    (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                    (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                    (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                    (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-            #else
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-            #endif
-                    rcon[i];
-                rk[ 7] = rk[ 1] ^ rk[ 6];
-                rk[ 8] = rk[ 2] ^ rk[ 7];
-                rk[ 9] = rk[ 3] ^ rk[ 8];
-                if (++i == 8)
-                    break;
-                rk[10] = rk[ 4] ^ rk[ 9];
-                rk[11] = rk[ 5] ^ rk[10];
-                rk += 6;
-            }
-            break;
-    #endif /* 192 */
+    #elif defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+        if (wc_esp32AesSupportedKeyLen(aes)) {
+            /* supported lengths don't get reversed */
+            ESP_LOGV(TAG, "wc_AesSetKeyLocal (no ByteReverseWords)");
+        }
+        else {
+            word32* rk = aes->key;
 
-    #if defined(AES_MAX_KEY_SIZE) && AES_MAX_KEY_SIZE >= 256 && \
-            defined(WOLFSSL_AES_256)
-        case 32:
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            temp = (word32)-1;
-            wc_MemZero_Add("wc_AesSetKeyLocal temp", &temp, sizeof(temp));
+            /* For example, the ESP32-S3 does not support HW for len = 24,
+             * so fall back to SW */
+        #ifdef DEBUG_WOLFSSL
+            ESP_LOGW(TAG, "wc_AesSetKeyLocal ByteReverseWords");
         #endif
-            while (1)
-            {
-                temp = rk[ 7];
-                rk[ 8] = rk[ 0] ^
-            #ifndef WOLFSSL_AES_SMALL_TABLES
-                    (GetTable(Te[2], GETBYTE(temp, 2)) & 0xff000000) ^
-                    (GetTable(Te[3], GETBYTE(temp, 1)) & 0x00ff0000) ^
-                    (GetTable(Te[0], GETBYTE(temp, 0)) & 0x0000ff00) ^
-                    (GetTable(Te[1], GETBYTE(temp, 3)) & 0x000000ff) ^
-            #else
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 24) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) << 16) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)) <<  8) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 3))) ^
-            #endif
-                    rcon[i];
-                rk[ 9] = rk[ 1] ^ rk[ 8];
-                rk[10] = rk[ 2] ^ rk[ 9];
-                rk[11] = rk[ 3] ^ rk[10];
-                if (++i == 7)
-                    break;
-                temp = rk[11];
-                rk[12] = rk[ 4] ^
-            #ifndef WOLFSSL_AES_SMALL_TABLES
-                    (GetTable(Te[2], GETBYTE(temp, 3)) & 0xff000000) ^
-                    (GetTable(Te[3], GETBYTE(temp, 2)) & 0x00ff0000) ^
-                    (GetTable(Te[0], GETBYTE(temp, 1)) & 0x0000ff00) ^
-                    (GetTable(Te[1], GETBYTE(temp, 0)) & 0x000000ff);
-            #else
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 3)) << 24) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 2)) << 16) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 1)) <<  8) ^
-                    ((word32)GetTable8(Tsbox, GETBYTE(temp, 0)));
-            #endif
-                rk[13] = rk[ 5] ^ rk[12];
-                rk[14] = rk[ 6] ^ rk[13];
-                rk[15] = rk[ 7] ^ rk[14];
-
-                rk += 8;
-            }
-            break;
-    #endif /* 256 */
-
-        default:
-            return BAD_FUNC_ARG;
-        } /* switch */
-        ForceZero(&temp, sizeof(temp));
+            XMEMCPY(rk, userKey, keylen);
+            /* When not ESP32 HW, we need to reverse endianness */
+            ByteReverseWords(rk, rk, keylen);
+        }
+    #endif
 
-    #if defined(HAVE_AES_DECRYPT)
-        if (dir == AES_DECRYPTION) {
-            unsigned int j;
-            rk = aes->key;
-
-            /* invert the order of the round keys: */
-            for (i = 0, j = 4* aes->rounds; i < j; i += 4, j -= 4) {
-                temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-                temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-                temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-                temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-            }
-            ForceZero(&temp, sizeof(temp));
-        #if !defined(WOLFSSL_AES_SMALL_TABLES)
-            /* apply the inverse MixColumn transform to all round keys but the
-               first and the last: */
-            for (i = 1; i < aes->rounds; i++) {
-                rk += 4;
-                rk[0] =
-                    GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[0], 3)) & 0xff) ^
-                    GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[0], 2)) & 0xff) ^
-                    GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[0], 1)) & 0xff) ^
-                    GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[0], 0)) & 0xff);
-                rk[1] =
-                    GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[1], 3)) & 0xff) ^
-                    GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[1], 2)) & 0xff) ^
-                    GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[1], 1)) & 0xff) ^
-                    GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[1], 0)) & 0xff);
-                rk[2] =
-                    GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[2], 3)) & 0xff) ^
-                    GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[2], 2)) & 0xff) ^
-                    GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[2], 1)) & 0xff) ^
-                    GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[2], 0)) & 0xff);
-                rk[3] =
-                    GetTable(Td[0], GetTable(Te[1], GETBYTE(rk[3], 3)) & 0xff) ^
-                    GetTable(Td[1], GetTable(Te[1], GETBYTE(rk[3], 2)) & 0xff) ^
-                    GetTable(Td[2], GetTable(Te[1], GETBYTE(rk[3], 1)) & 0xff) ^
-                    GetTable(Td[3], GetTable(Te[1], GETBYTE(rk[3], 0)) & 0xff);
-            }
-        #endif
+    #ifdef WOLFSSL_IMXRT_DCP
+        {
+            /* Implemented in wolfcrypt/src/port/nxp/dcp_port.c */
+            word32 temp = 0;
+            if (keylen == 16)
+                temp = DCPAesSetKey(aes, userKey, keylen, iv, dir);
+            if (temp != 0)
+                return WC_HW_E;
         }
-    #else
-        (void)dir;
-    #endif /* HAVE_AES_DECRYPT */
-        (void)temp;
+    #endif
+#endif /* !WC_AES_BITSLICED */
+
+#ifdef NEED_AES_TABLES
+        AesSetKey_C(aes, userKey, keylen, dir);
 #endif /* NEED_AES_TABLES */
 
 #if defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_AES)
@@ -3377,14 +4571,11 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
     #ifdef WOLFSSL_IMX6_CAAM_BLOB
         ForceZero(local, sizeof(local));
     #endif
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(&temp, sizeof(temp));
-    #endif
         return ret;
-    }
+    } /* wc_AesSetKeyLocal */
 
     int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
-        const byte* iv, int dir)
+            const byte* iv, int dir)
     {
         if (aes == NULL) {
             return BAD_FUNC_ARG;
@@ -3393,24 +4584,45 @@ static WARN_UNUSED_RESULT int wc_AesDecrypt(
             return BAD_FUNC_ARG;
         }
 
+    /* sometimes hardware may not support all keylengths (e.g. ESP32-S3) */
+    #if defined(WOLFSSL_ESPIDF) && defined(NEED_AES_HW_FALLBACK)
+        ESP_LOGV(TAG, "wc_AesSetKey fallback check %d", keylen);
+        if (wc_esp32AesSupportedKeyLenValue(keylen)) {
+            ESP_LOGV(TAG, "wc_AesSetKey calling wc_AesSetKey_for_ESP32");
+            return wc_AesSetKey_for_ESP32(aes, userKey, keylen, iv, dir);
+        }
+        else {
+        #if  defined(WOLFSSL_HW_METRICS)
+            /* It is interesting to know how many times we could not complete
+             * AES in hardware due to unsupported lengths. */
+            wc_esp32AesUnupportedLengthCountAdd();
+        #endif
+        #ifdef DEBUG_WOLFSSL
+            ESP_LOGW(TAG, "wc_AesSetKey HW Fallback, unsupported keylen = %d",
+                           keylen);
+        #endif
+        }
+    #endif /* WOLFSSL_ESPIDF && NEED_AES_HW_FALLBACK */
+
         return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 1);
-    }
+
+    } /* wc_AesSetKey() */
 
     #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
         /* AES-CTR and AES-DIRECT need to use this for key setup */
         /* This function allows key sizes that are not 128/192/256 bits */
-        int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
-                            const byte* iv, int dir)
-        {
-            if (aes == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            if (keylen > sizeof(aes->key)) {
-                return BAD_FUNC_ARG;
-            }
-
-            return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 0);
+    int wc_AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen,
+                           const byte* iv, int dir)
+    {
+        if (aes == NULL) {
+            return BAD_FUNC_ARG;
         }
+        if (keylen > sizeof(aes->key)) {
+            return BAD_FUNC_ARG;
+        }
+
+        return wc_AesSetKeyLocal(aes, userKey, keylen, iv, dir, 0);
+    }
     #endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
 #endif /* wc_AesSetKey block */
 
@@ -3421,6 +4633,14 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     if (aes == NULL)
         return BAD_FUNC_ARG;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    {
+        int ret = wc_debug_CipherLifecycleCheck(aes->CipherLifecycleTag, 0);
+        if (ret < 0)
+            return ret;
+    }
+#endif
+
     if (iv)
         XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE);
     else
@@ -3435,6 +4655,50 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     return 0;
 }
 
+#ifdef WOLFSSL_AESNI
+
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+
+#define VECTOR_REGISTERS_PUSH { \
+        int orig_use_aesni = aes->use_aesni;                         \
+        if (aes->use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) {     \
+            aes->use_aesni = 0;                                      \
+        }                                                            \
+        WC_DO_NOTHING
+
+#define VECTOR_REGISTERS_POP                                         \
+        if (aes->use_aesni)                                          \
+            RESTORE_VECTOR_REGISTERS();                              \
+        else                                                         \
+            aes->use_aesni = orig_use_aesni;                         \
+    }                                                                \
+    WC_DO_NOTHING
+
+#else
+
+#define VECTOR_REGISTERS_PUSH { \
+        if (aes->use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) { \
+            return ret;                                                  \
+        }                                                                \
+        WC_DO_NOTHING
+
+#define VECTOR_REGISTERS_POP \
+        if (aes->use_aesni) {                                            \
+            RESTORE_VECTOR_REGISTERS();                                  \
+        }                                                                \
+    }                                                                    \
+    WC_DO_NOTHING
+
+#endif
+
+#else /* !WOLFSSL_AESNI */
+
+#define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
+#define VECTOR_REGISTERS_POP } WC_DO_NOTHING
+
+#endif /* !WOLFSSL_AESNI */
+
+
 /* AES-DIRECT */
 #if defined(WOLFSSL_AES_DIRECT)
     #if defined(HAVE_COLDFIRE_SEC)
@@ -3450,53 +4714,43 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     #elif defined(WOLFSSL_DEVCRYPTO_AES)
         /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
 
-    #elif defined(WOLFSSL_LINUXKM) && defined(WOLFSSL_AESNI)
+    #else
 
-        WARN_UNUSED_RESULT int wc_AesEncryptDirect(
-            Aes* aes, byte* out, const byte* in)
+        /* Allow direct access to one block encrypt */
+        int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
         {
             int ret;
-            if (haveAESNI && aes->use_aesni)
-                SAVE_VECTOR_REGISTERS(return _svr_ret;);
+
+            if (aes == NULL)
+                return BAD_FUNC_ARG;
+            VECTOR_REGISTERS_PUSH;
             ret = wc_AesEncrypt(aes, in, out);
-            if (haveAESNI && aes->use_aesni)
-                RESTORE_VECTOR_REGISTERS();
+            VECTOR_REGISTERS_POP;
             return ret;
         }
+
         /* vector reg save/restore is explicit in all below calls to
          * wc_Aes{En,De}cryptDirect(), so bypass the public version with a
          * macro.
          */
         #define wc_AesEncryptDirect(aes, out, in) wc_AesEncrypt(aes, in, out)
+
         #ifdef HAVE_AES_DECRYPT
         /* Allow direct access to one block decrypt */
-        WARN_UNUSED_RESULT int wc_AesDecryptDirect(
-            Aes* aes, byte* out, const byte* in)
+        int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
         {
             int ret;
-            if (haveAESNI && aes->use_aesni)
-                SAVE_VECTOR_REGISTERS(return _svr_ret;);
+
+            if (aes == NULL)
+                return BAD_FUNC_ARG;
+            VECTOR_REGISTERS_PUSH;
             ret = wc_AesDecrypt(aes, in, out);
-            if (haveAESNI && aes->use_aesni)
-                RESTORE_VECTOR_REGISTERS();
+            VECTOR_REGISTERS_POP;
             return ret;
         }
-        #define wc_AesDecryptDirect(aes, out, in) wc_AesDecrypt(aes, in, out)
-        #endif /* HAVE_AES_DECRYPT */
 
-    #else
+        #define wc_AesDecryptDirect(aes, out, in) wc_AesDecrypt(aes, in, out)
 
-        /* Allow direct access to one block encrypt */
-        int wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in)
-        {
-            return wc_AesEncrypt(aes, in, out);
-        }
-        #ifdef HAVE_AES_DECRYPT
-        /* Allow direct access to one block decrypt */
-        int wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in)
-        {
-            return wc_AesDecrypt(aes, in, out);
-        }
         #endif /* HAVE_AES_DECRYPT */
     #endif /* AES direct block */
 #endif /* WOLFSSL_AES_DIRECT */
@@ -3562,6 +4816,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         HAL_CRYP_DeInit(&hcryp);
 
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -3624,6 +4879,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
 
         HAL_CRYP_DeInit(&hcryp);
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -3708,6 +4964,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         /* disable crypto processor */
         CRYP_Cmd(DISABLE);
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -3802,6 +5059,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         /* disable crypto processor */
         CRYP_Cmd(DISABLE);
         wolfSSL_CryptHwMutexUnLock();
+        wc_Stm32_Aes_Cleanup();
 
         return ret;
     }
@@ -4051,6 +5309,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     #ifdef HAVE_AES_DECRYPT
     int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     {
+        int ret;
         int offset = 0;
         byte* iv;
         byte temp_block[AES_BLOCK_SIZE];
@@ -4069,7 +5328,9 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         while (blocks--) {
             XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
 
-            wc_AesDecrypt(aes, in + offset, out + offset);
+            ret = wc_AesDecrypt(aes, in + offset, out + offset);
+            if (ret != 0)
+                return ret;
 
             /* XOR block with IV for CBC */
             xorbuf(out + offset, iv, AES_BLOCK_SIZE);
@@ -4146,17 +5407,15 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         return ret;
     }
     #endif /* HAVE_AES_DECRYPT */
-#elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+#elif defined(WOLFSSL_ESP32_CRYPT) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+
+    /* We'll use SW for fall back:
+     *   unsupported key lengths
+     *   hardware busy */
+    #define NEED_SW_AESCBC
+    #define NEED_AESCBC_HW_FALLBACK
 
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        return wc_esp32AesCbcEncrypt(aes, out, in, sz);
-    }
-    int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
-    {
-        return wc_esp32AesCbcDecrypt(aes, out, in, sz);
-    }
 #elif defined(WOLFSSL_CRYPTOCELL) && defined(WOLFSSL_CRYPTOCELL_AES)
     int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     {
@@ -4180,17 +5439,24 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
 
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    /* implemented in wolfcrypt/src/port/silabs/silabs_hash.c */
+    /* implemented in wolfcrypt/src/port/silabs/silabs_aes.c */
 
 #elif defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)
     /* implemented in wolfcrypt/src/port/psa/psa_aes.c */
 
 #else
+    /* Reminder: Some HW implementations may also define this as needed.
+     * (e.g. for unsupported key length fallback)  */
+    #define NEED_SW_AESCBC
+#endif
 
+#ifdef NEED_SW_AESCBC
     /* Software AES - CBC Encrypt */
-    int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
+
+int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     {
         word32 blocks;
+        int ret;
 
         if (aes == NULL || out == NULL || in == NULL) {
             return BAD_FUNC_ARG;
@@ -4235,7 +5501,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return IntelQaSymAesCbcEncrypt(&aes->asyncDev, out, in, sz,
                 (const byte*)aes->devKey, aes->keylen,
                 (byte*)aes->reg, AES_BLOCK_SIZE);
-        #else /* WOLFSSL_ASYNC_CRYPT_SW */
+        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
             if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_ENCRYPT)) {
                 WC_ASYNC_SW* sw = &aes->asyncDev.sw;
                 sw->aes.aes = aes;
@@ -4254,10 +5520,23 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return se050_aes_crypt(aes, in, out, sz, AES_ENCRYPTION,
                                    kAlgorithm_SSS_AES_CBC);
         }
-    #endif
-
-    #ifdef WOLFSSL_AESNI
-        if (haveAESNI) {
+        else
+    #elif defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
+        if (wc_esp32AesSupportedKeyLen(aes)) {
+            ESP_LOGV(TAG, "wc_AesCbcEncrypt calling wc_esp32AesCbcEncrypt");
+            return wc_esp32AesCbcEncrypt(aes, out, in, sz);
+        }
+        else {
+            /* For example, the ESP32-S3 does not support HW for len = 24,
+             * so fall back to SW */
+        #ifdef DEBUG_WOLFSSL
+            ESP_LOGW(TAG, "wc_AesCbcEncrypt HW Falling back, "
+                          "unsupported keylen = %d", aes->keylen);
+        #endif
+        }
+    #elif defined(WOLFSSL_AESNI)
+        VECTOR_REGISTERS_PUSH;
+        if (aes->use_aesni) {
             #ifdef DEBUG_AESNI
                 printf("about to aes cbc encrypt\n");
                 printf("in  = %p\n", in);
@@ -4274,58 +5553,63 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
                 byte* tmp = (byte*)XMALLOC(sz + AES_BLOCK_SIZE + AESNI_ALIGN,
                                             aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
                 byte* tmp_align;
-                if (tmp == NULL) return MEMORY_E;
-
-                tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
-                XMEMCPY(tmp_align, in, sz);
-                SAVE_VECTOR_REGISTERS(XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER); return _svr_ret;);
-                AES_CBC_encrypt(tmp_align, tmp_align, (byte*)aes->reg, sz,
-                                             (byte*)aes->key, (int)aes->rounds);
-                RESTORE_VECTOR_REGISTERS();
-                /* store iv for next call */
-                XMEMCPY(aes->reg, tmp_align + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
-
-                XMEMCPY(out, tmp_align, sz);
-                XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
-                return 0;
+                if (tmp == NULL)
+                    ret = MEMORY_E;
+                else {
+                    tmp_align = tmp + (AESNI_ALIGN - ((wc_ptr_t)tmp % AESNI_ALIGN));
+                    XMEMCPY(tmp_align, in, sz);
+                    AES_CBC_encrypt_AESNI(tmp_align, tmp_align, (byte*)aes->reg, sz,
+                                          (byte*)aes->key, (int)aes->rounds);
+                    /* store iv for next call */
+                    XMEMCPY(aes->reg, tmp_align + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+
+                    XMEMCPY(out, tmp_align, sz);
+                    XFREE(tmp, aes->heap, DYNAMIC_TYPE_TMP_BUFFER);
+                    ret = 0;
+                }
             #else
                 WOLFSSL_MSG("AES-CBC encrypt with bad alignment");
                 WOLFSSL_ERROR_VERBOSE(BAD_ALIGN_E);
-                return BAD_ALIGN_E;
+                ret = BAD_ALIGN_E;
             #endif
-            }
-
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
-            AES_CBC_encrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
-                            (int)aes->rounds);
-            RESTORE_VECTOR_REGISTERS();
-            /* store iv for next call */
-            XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+            } else {
+                AES_CBC_encrypt_AESNI(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+                                      (int)aes->rounds);
+                /* store iv for next call */
+                XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
 
-            return 0;
+                ret = 0;
+            }
         }
+        else
     #endif
+        {
+            ret = 0;
+            while (blocks--) {
+                xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE);
+                ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
+                if (ret != 0)
+                    break;
+                XMEMCPY(out, aes->reg, AES_BLOCK_SIZE);
 
-        while (blocks--) {
-            int ret;
-            xorbuf((byte*)aes->reg, in, AES_BLOCK_SIZE);
-            ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->reg);
-            if (ret != 0)
-                return ret;
-            XMEMCPY(out, aes->reg, AES_BLOCK_SIZE);
-
-            out += AES_BLOCK_SIZE;
-            in  += AES_BLOCK_SIZE;
+                out += AES_BLOCK_SIZE;
+                in  += AES_BLOCK_SIZE;
+            }
         }
 
-        return 0;
-    }
+    #ifdef WOLFSSL_AESNI
+        VECTOR_REGISTERS_POP;
+    #endif
 
-    #ifdef HAVE_AES_DECRYPT
+        return ret;
+    } /* wc_AesCbcEncrypt */
+
+#ifdef HAVE_AES_DECRYPT
     /* Software AES - CBC Decrypt */
     int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     {
         word32 blocks;
+        int ret;
 
         if (aes == NULL || out == NULL || in == NULL) {
             return BAD_FUNC_ARG;
@@ -4335,6 +5619,21 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return 0;
         }
 
+    #if defined(WOLFSSL_ESPIDF) && defined(NEED_AESCBC_HW_FALLBACK)
+        if (wc_esp32AesSupportedKeyLen(aes)) {
+            ESP_LOGV(TAG, "wc_AesCbcDecrypt calling wc_esp32AesCbcDecrypt");
+            return wc_esp32AesCbcDecrypt(aes, out, in, sz);
+        }
+        else {
+            /* For example, the ESP32-S3 does not support HW for len = 24,
+             * so fall back to SW */
+        #ifdef DEBUG_WOLFSSL
+            ESP_LOGW(TAG, "wc_AesCbcDecrypt HW Falling back, "
+                          "unsupported keylen = %d", aes->keylen);
+        #endif
+        }
+    #endif
+
         blocks = sz / AES_BLOCK_SIZE;
         if (sz % AES_BLOCK_SIZE) {
 #ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
@@ -4371,7 +5670,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             return IntelQaSymAesCbcDecrypt(&aes->asyncDev, out, in, sz,
                 (const byte*)aes->devKey, aes->keylen,
                 (byte*)aes->reg, AES_BLOCK_SIZE);
-        #else /* WOLFSSL_ASYNC_CRYPT_SW */
+        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
             if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_CBC_DECRYPT)) {
                 WC_ASYNC_SW* sw = &aes->asyncDev.sw;
                 sw->aes.aes = aes;
@@ -4392,8 +5691,10 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         }
     #endif
 
+        VECTOR_REGISTERS_PUSH;
+
     #ifdef WOLFSSL_AESNI
-        if (haveAESNI) {
+        if (aes->use_aesni) {
             #ifdef DEBUG_AESNI
                 printf("about to aes cbc decrypt\n");
                 printf("in  = %p\n", in);
@@ -4406,41 +5707,105 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
 
             /* if input and output same will overwrite input iv */
             XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
-            SAVE_VECTOR_REGISTERS(return _svr_ret;);
             #if defined(WOLFSSL_AESNI_BY4) || defined(WOLFSSL_X86_BUILD)
-            AES_CBC_decrypt_by4(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+            AES_CBC_decrypt_AESNI_by4(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
                             aes->rounds);
             #elif defined(WOLFSSL_AESNI_BY6)
-            AES_CBC_decrypt_by6(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+            AES_CBC_decrypt_AESNI_by6(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
                             aes->rounds);
             #else /* WOLFSSL_AESNI_BYx */
-            AES_CBC_decrypt_by8(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
+            AES_CBC_decrypt_AESNI_by8(in, out, (byte*)aes->reg, sz, (byte*)aes->key,
                             (int)aes->rounds);
             #endif /* WOLFSSL_AESNI_BYx */
             /* store iv for next call */
-            RESTORE_VECTOR_REGISTERS();
             XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
-            return 0;
+            ret = 0;
         }
+        else
     #endif
+        {
+            ret = 0;
+#ifdef WC_AES_BITSLICED
+            if (in != out) {
+                unsigned char dec[AES_BLOCK_SIZE * BS_WORD_SIZE];
+
+                while (blocks > BS_WORD_SIZE) {
+                    AesDecryptBlocks_C(aes, in, dec, AES_BLOCK_SIZE * BS_WORD_SIZE);
+                    xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+                    xorbufout(out + AES_BLOCK_SIZE, dec + AES_BLOCK_SIZE, in,
+                              AES_BLOCK_SIZE * (BS_WORD_SIZE - 1));
+                    XMEMCPY(aes->reg, in + (AES_BLOCK_SIZE * (BS_WORD_SIZE - 1)),
+                            AES_BLOCK_SIZE);
+                    in += AES_BLOCK_SIZE * BS_WORD_SIZE;
+                    out += AES_BLOCK_SIZE * BS_WORD_SIZE;
+                    blocks -= BS_WORD_SIZE;
+                }
+                if (blocks > 0) {
+                    AesDecryptBlocks_C(aes, in, dec, blocks * AES_BLOCK_SIZE);
+                    xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+                    xorbufout(out + AES_BLOCK_SIZE, dec + AES_BLOCK_SIZE, in,
+                              AES_BLOCK_SIZE * (blocks - 1));
+                    XMEMCPY(aes->reg, in + (AES_BLOCK_SIZE * (blocks - 1)),
+                            AES_BLOCK_SIZE);
+                    blocks = 0;
+                }
+            }
+            else {
+                unsigned char dec[AES_BLOCK_SIZE * BS_WORD_SIZE];
+                int i;
+
+                while (blocks > BS_WORD_SIZE) {
+                    AesDecryptBlocks_C(aes, in, dec, AES_BLOCK_SIZE * BS_WORD_SIZE);
+                    XMEMCPY(aes->tmp, in + (BS_WORD_SIZE - 1) * AES_BLOCK_SIZE,
+                            AES_BLOCK_SIZE);
+                    for (i = BS_WORD_SIZE-1; i >= 1; i--) {
+                        xorbufout(out + i * AES_BLOCK_SIZE,
+                                  dec + i * AES_BLOCK_SIZE, in + (i - 1) * AES_BLOCK_SIZE,
+                                  AES_BLOCK_SIZE);
+                    }
+                    xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+                    XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
 
-        while (blocks--) {
-            int ret;
-            XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
-            ret = wc_AesDecrypt(aes, (byte*)aes->tmp, out);
-            if (ret != 0)
-                return ret;
-            xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
-            /* store iv for next call */
-            XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+                    in += AES_BLOCK_SIZE * BS_WORD_SIZE;
+                    out += AES_BLOCK_SIZE * BS_WORD_SIZE;
+                    blocks -= BS_WORD_SIZE;
+                }
+                if (blocks > 0) {
+                    AesDecryptBlocks_C(aes, in, dec, blocks * AES_BLOCK_SIZE);
+                    XMEMCPY(aes->tmp, in + (blocks - 1) * AES_BLOCK_SIZE,
+                            AES_BLOCK_SIZE);
+                    for (i = blocks-1; i >= 1; i--) {
+                        xorbufout(out + i * AES_BLOCK_SIZE,
+                                  dec + i * AES_BLOCK_SIZE, in + (i - 1) * AES_BLOCK_SIZE,
+                                  AES_BLOCK_SIZE);
+                    }
+                    xorbufout(out, dec, aes->reg, AES_BLOCK_SIZE);
+                    XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
 
-            out += AES_BLOCK_SIZE;
-            in  += AES_BLOCK_SIZE;
+                    blocks = 0;
+                }
+            }
+#else
+            while (blocks--) {
+                XMEMCPY(aes->tmp, in, AES_BLOCK_SIZE);
+                ret = wc_AesDecrypt(aes, in, out);
+                if (ret != 0)
+                    return ret;
+                xorbuf(out, (byte*)aes->reg, AES_BLOCK_SIZE);
+                /* store iv for next call */
+                XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE);
+
+                out += AES_BLOCK_SIZE;
+                in  += AES_BLOCK_SIZE;
+            }
+#endif
         }
 
-        return 0;
+        VECTOR_REGISTERS_POP;
+
+        return ret;
     }
-    #endif /* HAVE_AES_DECRYPT */
+#endif /* HAVE_AES_DECRYPT */
 
 #endif /* AES-CBC block */
 #endif /* HAVE_AES_CBC */
@@ -4562,6 +5927,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         #endif /* WOLFSSL_STM32_CUBEMX */
 
             wolfSSL_CryptHwMutexUnLock();
+            wc_Stm32_Aes_Cleanup();
             return ret;
         }
 
@@ -4634,8 +6000,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
     #elif defined(WOLFSSL_DEVCRYPTO_AES)
         /* implemented in wolfcrypt/src/port/devcrypt/devcrypto_aes.c */
 
-    #elif defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-        !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+    #elif defined(WOLFSSL_ESP32_CRYPT) && \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
         /* esp32 doesn't support CRT mode by hw.     */
         /* use aes ecnryption plus sw implementation */
         #define NEED_AES_CTR_SOFT
@@ -4664,7 +6030,7 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
         int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
         {
             byte scratch[AES_BLOCK_SIZE];
-            int ret;
+            int ret = 0;
             word32 processed;
 
             if (aes == NULL || out == NULL || in == NULL) {
@@ -4692,6 +6058,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             aes->left -= processed;
             sz -= processed;
 
+            VECTOR_REGISTERS_PUSH;
+
         #if defined(HAVE_AES_ECB) && !defined(WOLFSSL_PIC32MZ_CRYPT) && \
             !defined(XTRANSFORM_AESCTRBLOCK)
             if (in != out && sz >= AES_BLOCK_SIZE) {
@@ -4725,13 +6093,8 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
                     XTRANSFORM_AESCTRBLOCK(aes, out, in);
                 #else
                     ret = wc_AesEncrypt(aes, (byte*)aes->reg, scratch);
-                    if (ret != 0) {
-                        ForceZero(scratch, AES_BLOCK_SIZE);
-                    #ifdef WOLFSSL_CHECK_MEM_ZERO
-                        wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
-                    #endif
-                        return ret;
-                    }
+                    if (ret != 0)
+                        break;
                     xorbuf(scratch, in, AES_BLOCK_SIZE);
                     XMEMCPY(out, scratch, AES_BLOCK_SIZE);
                 #endif
@@ -4746,25 +6109,38 @@ int wc_AesSetIV(Aes* aes, const byte* iv)
             }
 
             /* handle non block size remaining and store unused byte count in left */
-            if (sz) {
+            if ((ret == 0) && sz) {
                 ret = wc_AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp);
-                if (ret != 0) {
-                    ForceZero(scratch, AES_BLOCK_SIZE);
-                #ifdef WOLFSSL_CHECK_MEM_ZERO
-                    wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
-                #endif
-                    return ret;
+                if (ret == 0) {
+                    IncrementAesCounter((byte*)aes->reg);
+                    aes->left = AES_BLOCK_SIZE - sz;
+                    xorbufout(out, in, aes->tmp, sz);
                 }
-                IncrementAesCounter((byte*)aes->reg);
-
-                aes->left = AES_BLOCK_SIZE - sz;
-                xorbufout(out, in, aes->tmp, sz);
             }
 
+            if (ret < 0)
+                ForceZero(scratch, AES_BLOCK_SIZE);
+
         #ifdef WOLFSSL_CHECK_MEM_ZERO
             wc_MemZero_Check(scratch, AES_BLOCK_SIZE);
         #endif
-            return 0;
+
+            VECTOR_REGISTERS_POP;
+
+            return ret;
+        }
+
+        int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+                                        const byte* iv, int dir)
+        {
+            if (aes == NULL) {
+                return BAD_FUNC_ARG;
+            }
+            if (len > sizeof(aes->key)) {
+                return BAD_FUNC_ARG;
+            }
+
+            return wc_AesSetKeyLocal(aes, key, len, iv, dir, 0);
         }
 
     #endif /* NEED_AES_CTR_SOFT */
@@ -4883,12 +6259,12 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
 
 #ifdef GCM_TABLE
 
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
 {
     int i, j;
-    byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+    byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
 
-    XMEMCPY(m[128], aes->H, AES_BLOCK_SIZE);
+    XMEMCPY(m[128], gcm->H, AES_BLOCK_SIZE);
 
     for (i = 64; i > 0; i /= 2) {
         XMEMCPY(m[i], m[i*2], AES_BLOCK_SIZE);
@@ -4917,17 +6293,17 @@ static WC_INLINE void Shift4_M0(byte *r8, byte *z8)
 }
 #endif
 
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
 {
 #if !defined(BIG_ENDIAN_ORDER) && !defined(WC_16BIT_CPU)
     int i;
 #endif
-    byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+    byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
 
     /* 0 times -> 0x0 */
     XMEMSET(m[0x0], 0, AES_BLOCK_SIZE);
     /* 1 times -> 0x8 */
-    XMEMCPY(m[0x8], aes->H, AES_BLOCK_SIZE);
+    XMEMCPY(m[0x8], gcm->H, AES_BLOCK_SIZE);
     /* 2 times -> 0x4 */
     XMEMCPY(m[0x4], m[0x8], AES_BLOCK_SIZE);
     RIGHTSHIFTX(m[0x4]);
@@ -5000,6 +6376,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
 
     if (!((len == 16) || (len == 24) || (len == 32)))
         return BAD_FUNC_ARG;
+
     if (aes == NULL) {
 #ifdef WOLFSSL_IMX6_CAAM_BLOB
         ForceZero(local, sizeof(local));
@@ -5008,32 +6385,37 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
     }
 
 #ifdef OPENSSL_EXTRA
-    XMEMSET(aes->aadH, 0, sizeof(aes->aadH));
-    aes->aadLen = 0;
+    XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH));
+    aes->gcm.aadLen = 0;
 #endif
     XMEMSET(iv, 0, AES_BLOCK_SIZE);
     ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
 #ifdef WOLFSSL_AESGCM_STREAM
     aes->gcmKeySet = 1;
 #endif
-
-    #ifdef WOLFSSL_AESNI
-        /* AES-NI code generates its own H value. */
-        if (haveAESNI)
-            return ret;
-    #endif /* WOLFSSL_AESNI */
     #if defined(WOLFSSL_SECO_CAAM)
         if (aes->devId == WOLFSSL_SECO_DEVID) {
             return ret;
         }
     #endif /* WOLFSSL_SECO_CAAM */
 
+    #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+        !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+        return ret;
+    #endif /* WOLFSSL_RENESAS_RSIP && WOLFSSL_RENESAS_FSPSM_CRYPTONLY*/
+
 #if !defined(FREESCALE_LTC_AES_GCM)
-    if (ret == 0)
-        ret = wc_AesEncrypt(aes, iv, aes->H);
+    if (ret == 0) {
+        VECTOR_REGISTERS_PUSH;
+        /* AES-NI code generates its own H value, but generate it here too, to
+         * assure pure-C fallback is always usable.
+         */
+        ret = wc_AesEncrypt(aes, iv, aes->gcm.H);
+        VECTOR_REGISTERS_POP;
+    }
     if (ret == 0) {
     #if defined(GCM_TABLE) || defined(GCM_TABLE_4BIT)
-        GenerateM0(aes);
+        GenerateM0(&aes->gcm);
     #endif /* GCM_TABLE */
     }
 #endif /* FREESCALE_LTC_AES_GCM */
@@ -5062,12 +6444,12 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
     #define HAVE_INTEL_AVX2
 #endif /* USE_INTEL_SPEEDUP */
 
-void AES_GCM_encrypt(const unsigned char *in, unsigned char *out,
+void AES_GCM_encrypt_aesni(const unsigned char *in, unsigned char *out,
                      const unsigned char* addt, const unsigned char* ivec,
                      unsigned char *tag, word32 nbytes,
                      word32 abytes, word32 ibytes,
                      word32 tbytes, const unsigned char* key, int nr)
-                     XASM_LINK("AES_GCM_encrypt");
+                     XASM_LINK("AES_GCM_encrypt_aesni");
 #ifdef HAVE_INTEL_AVX1
 void AES_GCM_encrypt_avx1(const unsigned char *in, unsigned char *out,
                           const unsigned char* addt, const unsigned char* ivec,
@@ -5088,12 +6470,12 @@ void AES_GCM_encrypt_avx2(const unsigned char *in, unsigned char *out,
 #endif /* HAVE_INTEL_AVX1 */
 
 #ifdef HAVE_AES_DECRYPT
-void AES_GCM_decrypt(const unsigned char *in, unsigned char *out,
+void AES_GCM_decrypt_aesni(const unsigned char *in, unsigned char *out,
                      const unsigned char* addt, const unsigned char* ivec,
                      const unsigned char *tag, word32 nbytes, word32 abytes,
                      word32 ibytes, word32 tbytes, const unsigned char* key,
                      int nr, int* res)
-                     XASM_LINK("AES_GCM_decrypt");
+                     XASM_LINK("AES_GCM_decrypt_aesni");
 #ifdef HAVE_INTEL_AVX1
 void AES_GCM_decrypt_avx1(const unsigned char *in, unsigned char *out,
                           const unsigned char* addt, const unsigned char* ivec,
@@ -5140,7 +6522,7 @@ static void GMULT(byte* X, byte* Y)
 }
 
 
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
     word32 cSz, byte* s, word32 sSz)
 {
     byte x[AES_BLOCK_SIZE];
@@ -5148,11 +6530,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
     word32 blocks, partial;
     byte* h;
 
-    if (aes == NULL) {
+    if (gcm == NULL) {
         return;
     }
 
-    h = aes->H;
+    h = gcm->H;
     XMEMSET(x, 0, AES_BLOCK_SIZE);
 
     /* Hash in A, the Additional Authentication Data */
@@ -5204,7 +6586,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  *
  * @param [in] aes  AES GCM object.
  */
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
 
 /* GHASH one block of data..
  *
@@ -5216,14 +6598,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                     \
     do {                                                \
         xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE);    \
-        GMULT(AES_TAG(aes), aes->H);                    \
+        GMULT(AES_TAG(aes), aes->gcm.H);                \
     }                                                   \
     while (0)
 #endif /* WOLFSSL_AESGCM_STREAM */
 /* end GCM_SMALL */
 #elif defined(GCM_TABLE)
 
-static const byte R[256][2] = {
+ALIGN16 static const byte R[256][2] = {
     {0x00, 0x00}, {0x01, 0xc2}, {0x03, 0x84}, {0x02, 0x46},
     {0x07, 0x08}, {0x06, 0xca}, {0x04, 0x8c}, {0x05, 0x4e},
     {0x0e, 0x10}, {0x0f, 0xd2}, {0x0d, 0x94}, {0x0c, 0x56},
@@ -5313,6 +6695,38 @@ static void GMULT(byte *x, byte m[256][AES_BLOCK_SIZE])
     xorbuf(Z, m[x[0]], AES_BLOCK_SIZE);
 
     XMEMCPY(x, Z, AES_BLOCK_SIZE);
+#elif defined(WC_32BIT_CPU)
+    byte Z[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
+    byte a;
+    word32* pZ;
+    word32* pm;
+    word32* px = (word32*)(x);
+    int i;
+
+    pZ = (word32*)(Z + 15 + 1);
+    pm = (word32*)(m[x[15]]);
+    pZ[0] = pm[0];
+    pZ[1] = pm[1];
+    pZ[2] = pm[2];
+    pZ[3] = pm[3];
+    a = Z[16 + 15];
+    Z[15]  = R[a][0];
+    Z[16] ^= R[a][1];
+    for (i = 14; i > 0; i--) {
+        pZ = (word32*)(Z + i + 1);
+        pm = (word32*)(m[x[i]]);
+        pZ[0] ^= pm[0];
+        pZ[1] ^= pm[1];
+        pZ[2] ^= pm[2];
+        pZ[3] ^= pm[3];
+        a = Z[16 + i];
+        Z[i]    = R[a][0];
+        Z[i+1] ^= R[a][1];
+    }
+    pZ = (word32*)(Z + 1);
+    pm = (word32*)(m[x[0]]);
+    px[0] = pZ[0] ^ pm[0]; px[1] = pZ[1] ^ pm[1];
+    px[2] = pZ[2] ^ pm[2]; px[3] = pZ[3] ^ pm[3];
 #else
     byte Z[AES_BLOCK_SIZE + AES_BLOCK_SIZE];
     byte a;
@@ -5343,14 +6757,14 @@ static void GMULT(byte *x, byte m[256][AES_BLOCK_SIZE])
 #endif
 }
 
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
     word32 cSz, byte* s, word32 sSz)
 {
     byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
     word32 blocks, partial;
 
-    if (aes == NULL) {
+    if (gcm == NULL) {
         return;
     }
 
@@ -5362,14 +6776,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         partial = aSz % AES_BLOCK_SIZE;
         while (blocks--) {
             xorbuf(x, a, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
             a += AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, a, partial);
             xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
         }
     }
 
@@ -5379,14 +6793,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         partial = cSz % AES_BLOCK_SIZE;
         while (blocks--) {
             xorbuf(x, c, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
             c += AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, c, partial);
             xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
         }
     }
 
@@ -5394,7 +6808,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
     FlattenSzInBits(&scratch[0], aSz);
     FlattenSzInBits(&scratch[8], cSz);
     xorbuf(x, scratch, AES_BLOCK_SIZE);
-    GMULT(x, aes->M0);
+    GMULT(x, gcm->M0);
 
     /* Copy the result into s. */
     XMEMCPY(s, x, sSz);
@@ -5405,7 +6819,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  *
  * @param [in] aes  AES GCM object.
  */
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
 
 /* GHASH one block of data..
  *
@@ -5417,7 +6831,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                     \
     do {                                                \
         xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE);    \
-        GMULT(AES_TAG(aes), aes->M0);                   \
+        GMULT(AES_TAG(aes), aes->gcm.M0);               \
     }                                                   \
     while (0)
 #endif /* WOLFSSL_AESGCM_STREAM */
@@ -5464,7 +6878,7 @@ static const word16 R[32] = {
  * H: hash key = encrypt(key, 0)
  * x = x * H in field
  *
- * x: cumlative result
+ * x: cumulative result
  * m: 4-bit table
  *    [0..15] * H
  */
@@ -5643,14 +7057,14 @@ static WC_INLINE void GMULT(byte *x, byte m[32][AES_BLOCK_SIZE])
 }
 #endif
 
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
     word32 cSz, byte* s, word32 sSz)
 {
     byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
     word32 blocks, partial;
 
-    if (aes == NULL) {
+    if (gcm == NULL) {
         return;
     }
 
@@ -5662,14 +7076,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         partial = aSz % AES_BLOCK_SIZE;
         while (blocks--) {
             xorbuf(x, a, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
             a += AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, a, partial);
             xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
         }
     }
 
@@ -5679,14 +7093,14 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         partial = cSz % AES_BLOCK_SIZE;
         while (blocks--) {
             xorbuf(x, c, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
             c += AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, c, partial);
             xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->M0);
+            GMULT(x, gcm->M0);
         }
     }
 
@@ -5694,7 +7108,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
     FlattenSzInBits(&scratch[0], aSz);
     FlattenSzInBits(&scratch[8], cSz);
     xorbuf(x, scratch, AES_BLOCK_SIZE);
-    GMULT(x, aes->M0);
+    GMULT(x, gcm->M0);
 
     /* Copy the result into s. */
     XMEMCPY(s, x, sSz);
@@ -5705,7 +7119,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  *
  * @param [in] aes  AES GCM object.
  */
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
 
 /* GHASH one block of data..
  *
@@ -5717,7 +7131,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                     \
     do {                                                \
         xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE);    \
-        GMULT(AES_TAG(aes), (aes)->M0);                 \
+        GMULT(AES_TAG(aes), (aes)->gcm.M0);             \
     }                                                   \
     while (0)
 #endif /* WOLFSSL_AESGCM_STREAM */
@@ -5761,18 +7175,18 @@ static void GMULT(word64* X, word64* Y)
 }
 
 
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
     word32 cSz, byte* s, word32 sSz)
 {
     word64 x[2] = {0,0};
     word32 blocks, partial;
     word64 bigH[2];
 
-    if (aes == NULL) {
+    if (gcm == NULL) {
         return;
     }
 
-    XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+    XMEMCPY(bigH, gcm->H, AES_BLOCK_SIZE);
     #ifdef LITTLE_ENDIAN_ORDER
         ByteReverseWords64(bigH, bigH, AES_BLOCK_SIZE);
     #endif
@@ -5804,10 +7218,10 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         }
 #ifdef OPENSSL_EXTRA
         /* store AAD partial tag for next call */
-        aes->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000ULL) >> 32);
-        aes->aadH[1] = (word32)(x[0] & 0xFFFFFFFF);
-        aes->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000ULL) >> 32);
-        aes->aadH[3] = (word32)(x[1] & 0xFFFFFFFF);
+        gcm->aadH[0] = (word32)((x[0] & 0xFFFFFFFF00000000ULL) >> 32);
+        gcm->aadH[1] = (word32)(x[0] & 0xFFFFFFFF);
+        gcm->aadH[2] = (word32)((x[1] & 0xFFFFFFFF00000000ULL) >> 32);
+        gcm->aadH[3] = (word32)(x[1] & 0xFFFFFFFF);
 #endif
     }
 
@@ -5818,9 +7232,9 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         partial = cSz % AES_BLOCK_SIZE;
 #ifdef OPENSSL_EXTRA
         /* Start from last AAD partial tag */
-        if(aes->aadLen) {
-            x[0] = ((word64)aes->aadH[0]) << 32 | aes->aadH[1];
-            x[1] = ((word64)aes->aadH[2]) << 32 | aes->aadH[3];
+        if(gcm->aadLen) {
+            x[0] = ((word64)gcm->aadH[0]) << 32 | gcm->aadH[1];
+            x[1] = ((word64)gcm->aadH[2]) << 32 | gcm->aadH[3];
          }
 #endif
         while (blocks--) {
@@ -5850,8 +7264,8 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
         word64 len[2];
         len[0] = aSz; len[1] = cSz;
 #ifdef OPENSSL_EXTRA
-        if (aes->aadLen)
-            len[0] = (word64)aes->aadLen;
+        if (gcm->aadLen)
+            len[0] = (word64)gcm->aadLen;
 #endif
         /* Lengths are in bytes. Convert to bits. */
         len[0] *= 8;
@@ -5877,7 +7291,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  * @param [in] aes  AES GCM object.
  */
 #define GHASH_INIT_EXTRA(aes)                                               \
-    ByteReverseWords64((word64*)aes->H, (word64*)aes->H, AES_BLOCK_SIZE)
+    ByteReverseWords64((word64*)aes->gcm.H, (word64*)aes->gcm.H, AES_BLOCK_SIZE)
 
 /* GHASH one block of data..
  *
@@ -5889,7 +7303,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                             \
     do {                                                        \
         word64* x = (word64*)AES_TAG(aes);                      \
-        word64* h = (word64*)aes->H;                            \
+        word64* h = (word64*)aes->gcm.H;                        \
         word64 block64[2];                                      \
         XMEMCPY(block64, block, AES_BLOCK_SIZE);                \
         ByteReverseWords64(block64, block64, AES_BLOCK_SIZE);   \
@@ -5909,11 +7323,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_LEN_BLOCK(aes)                            \
     do {                                                \
         word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->H;                    \
+        word64* h = (word64*)aes->gcm.H;                \
         word64 len[2];                                  \
         len[0] = aes->aSz; len[1] = aes->cSz;           \
-        if (aes->aadLen)                                \
-            len[0] = (word64)aes->aadLen;               \
+        if (aes->gcm.aadLen)                            \
+            len[0] = (word64)aes->gcm.aadLen;           \
         /* Lengths are in bytes. Convert to bits. */    \
         len[0] *= 8;                                    \
         len[1] *= 8;                                    \
@@ -5934,7 +7348,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_LEN_BLOCK(aes)                            \
     do {                                                \
         word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->H;                    \
+        word64* h = (word64*)aes->gcm.H;                \
         word64 len[2];                                  \
         len[0] = aes->aSz; len[1] = aes->cSz;           \
         /* Lengths are in bytes. Convert to bits. */    \
@@ -5955,7 +7369,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  *
  * @param [in] aes  AES GCM object.
  */
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
 
 /* GHASH one block of data..
  *
@@ -5967,7 +7381,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                     \
     do {                                                \
         word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->H;                    \
+        word64* h = (word64*)aes->gcm.H;                \
         word64 block64[2];                              \
         XMEMCPY(block64, block, AES_BLOCK_SIZE);        \
         x[0] ^= block64[0];                             \
@@ -5986,11 +7400,11 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_LEN_BLOCK(aes)                            \
     do {                                                \
         word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->H;                    \
+        word64* h = (word64*)aes->gcm.H;                \
         word64 len[2];                                  \
         len[0] = aes->aSz; len[1] = aes->cSz;           \
-        if (aes->aadLen)                                \
-            len[0] = (word64)aes->aadLen;               \
+        if (aes->gcm.aadLen)                            \
+            len[0] = (word64)aes->gcm.aadLen;           \
         /* Lengths are in bytes. Convert to bits. */    \
         len[0] *= 8;                                    \
         len[1] *= 8;                                    \
@@ -6010,7 +7424,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_LEN_BLOCK(aes)                            \
     do {                                                \
         word64* x = (word64*)AES_TAG(aes);              \
-        word64* h = (word64*)aes->H;                    \
+        word64* h = (word64*)aes->gcm.H;                \
         word64 len[2];                                  \
         len[0] = aes->aSz; len[1] = aes->cSz;           \
         /* Lengths are in bytes. Convert to bits. */    \
@@ -6078,18 +7492,18 @@ static void GMULT(word32* X, word32* Y)
 }
 
 
-void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
     word32 cSz, byte* s, word32 sSz)
 {
     word32 x[4] = {0,0,0,0};
     word32 blocks, partial;
     word32 bigH[4];
 
-    if (aes == NULL) {
+    if (gcm == NULL) {
         return;
     }
 
-    XMEMCPY(bigH, aes->H, AES_BLOCK_SIZE);
+    XMEMCPY(bigH, gcm->H, AES_BLOCK_SIZE);
     #ifdef LITTLE_ENDIAN_ORDER
         ByteReverseWords(bigH, bigH, AES_BLOCK_SIZE);
     #endif
@@ -6187,7 +7601,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  * @param [in, out] aes  AES GCM object.
  */
 #define GHASH_INIT_EXTRA(aes) \
-    ByteReverseWords((word32*)aes->H, (word32*)aes->H, AES_BLOCK_SIZE)
+    ByteReverseWords((word32*)aes->gcm.H, (word32*)aes->gcm.H, AES_BLOCK_SIZE)
 
 /* GHASH one block of data..
  *
@@ -6199,7 +7613,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                         \
     do {                                                    \
         word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->H;                        \
+        word32* h = (word32*)aes->gcm.H;                    \
         word32 bigEnd[4];                                   \
         XMEMCPY(bigEnd, block, AES_BLOCK_SIZE);             \
         ByteReverseWords(bigEnd, bigEnd, AES_BLOCK_SIZE);   \
@@ -6221,7 +7635,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
     do {                                                    \
         word32 len[4];                                      \
         word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->H;                        \
+        word32* h = (word32*)aes->gcm.H;                    \
         len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3));    \
         len[1] = aes->aSz << 3;                             \
         len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3));    \
@@ -6239,7 +7653,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
  *
  * @param [in] aes  AES GCM object.
  */
-#define GHASH_INIT_EXTRA(aes)
+#define GHASH_INIT_EXTRA(aes) WC_DO_NOTHING
 
 /* GHASH one block of data..
  *
@@ -6251,7 +7665,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
 #define GHASH_ONE_BLOCK(aes, block)                         \
     do {                                                    \
         word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->H;                        \
+        word32* h = (word32*)aes->gcm.H;                    \
         word32 block32[4];                                  \
         XMEMCPY(block32, block, AES_BLOCK_SIZE);            \
         x[0] ^= block32[0];                                 \
@@ -6270,7 +7684,7 @@ void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
     do {                                                    \
         word32 len[4];                                      \
         word32* x = (word32*)AES_TAG(aes);                  \
-        word32* h = (word32*)aes->H;                        \
+        word32* h = (word32*)aes->gcm.H;                    \
         len[0] = (aes->aSz >> (8*sizeof(aes->aSz) - 3));    \
         len[1] = aes->aSz << 3;                             \
         len[2] = (aes->cSz >> (8*sizeof(aes->cSz) - 3));    \
@@ -6315,7 +7729,7 @@ static void GHASH_INIT(Aes* aes) {
     /* Reset counts of AAD and cipher text. */
     aes->aOver = 0;
     aes->cOver = 0;
-    /* Extra initialization baed on implementation. */
+    /* Extra initialization based on implementation. */
     GHASH_INIT_EXTRA(aes);
 }
 
@@ -6394,7 +7808,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
                 sz = (byte)cSz;
             }
             XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
-            /* Update count of unsed encrypted counter. */
+            /* Update count of unused encrypted counter. */
             aes->cOver += sz;
             if (aes->cOver == AES_BLOCK_SIZE) {
                 /* We have filled up the block and can process. */
@@ -6540,7 +7954,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
         pCtr[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
     }
     XMEMCPY(ctrInit, ctr, sizeof(ctr)); /* save off initial counter for GMAC */
 
@@ -6571,7 +7985,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
     /* if IV is not 12 calculate GHASH using software */
     if (ivSz != GCM_NONCE_MID_SZ
     #ifndef CRYP_HEADERWIDTHUNIT_BYTE
-        /* or harware that does not support partial block */
+        /* or hardware that does not support partial block */
         || sz == 0 || partial != 0
     #endif
     #if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
@@ -6708,12 +8122,13 @@ static WARN_UNUSED_RESULT int wc_AesGcmEncrypt_STM32(
         ret = AES_GCM_AUTH_E;
 #endif /* WOLFSSL_STM32_CUBEMX */
     wolfSSL_CryptHwMutexUnLock();
+    wc_Stm32_Aes_Cleanup();
 
     if (ret == 0) {
         /* return authTag */
         if (authTag) {
             if (useSwGhash) {
-                GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+                GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
                 ret = wc_AesEncrypt(aes, (byte*)ctrInit, (byte*)tag);
                 if (ret == 0) {
                     xorbuf(authTag, tag, authTagSz);
@@ -6771,12 +8186,12 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
     else {
         /* Counter is GHASH of IV. */
 #ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->aadLen;
-        aes->aadLen = 0;
+        word32 aadTemp = aes->gcm.aadLen;
+        aes->gcm.aadLen = 0;
 #endif
-        GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
 #ifdef OPENSSL_EXTRA
-        aes->aadLen = aadTemp;
+        aes->gcm.aadLen = aadTemp;
 #endif
     }
     XMEMCPY(initialCounter, counter, AES_BLOCK_SIZE);
@@ -6836,7 +8251,7 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
         xorbufout(c, scratch, p, partial);
     }
     if (authTag) {
-        GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+        GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
         ret = wc_AesEncrypt(aes, initialCounter, scratch);
         if (ret != 0)
             return ret;
@@ -6844,7 +8259,7 @@ WARN_UNUSED_RESULT int AES_GCM_encrypt_C(
 #ifdef OPENSSL_EXTRA
         if (!in && !sz)
             /* store AAD size for next call */
-            aes->aadLen = authInSz;
+            aes->gcm.aadLen = authInSz;
 #endif
     }
 
@@ -6857,6 +8272,8 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
                    byte* authTag, word32 authTagSz,
                    const byte* authIn, word32 authInSz)
 {
+    int ret;
+
     /* argument checks */
     if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0) {
         return BAD_FUNC_ARG;
@@ -6898,7 +8315,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return IntelQaSymAesGcmEncrypt(&aes->asyncDev, out, in, sz,
             (const byte*)aes->devKey, aes->keylen, iv, ivSz,
             authTag, authTagSz, authIn, authInSz);
-    #else /* WOLFSSL_ASYNC_CRYPT_SW */
+    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
         if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_ENCRYPT)) {
             WC_ASYNC_SW* sw = &aes->asyncDev.sw;
             sw->aes.aes = aes;
@@ -6931,38 +8348,41 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         authTag, authTagSz, authIn, authInSz);
 #endif /* STM32_CRYPTO_AES_GCM */
 
+    VECTOR_REGISTERS_PUSH;
+
 #ifdef WOLFSSL_AESNI
-    #ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_AVX2(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_encrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (const byte*)aes->key, (int)aes->rounds);
-        RESTORE_VECTOR_REGISTERS();
-        return 0;
-    }
-    else
-    #endif
-    #if defined(HAVE_INTEL_AVX1)
-    if (IS_INTEL_AVX1(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_encrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (const byte*)aes->key, (int)aes->rounds);
-        RESTORE_VECTOR_REGISTERS();
-        return 0;
-    }
-    else
-    #endif
-    if (haveAESNI) {
-        AES_GCM_encrypt(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+    if (aes->use_aesni) {
+#ifdef HAVE_INTEL_AVX2
+        if (IS_INTEL_AVX2(intel_flags)) {
+            AES_GCM_encrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+                                 authTagSz, (const byte*)aes->key, (int)aes->rounds);
+            ret = 0;
+        }
+        else
+#endif
+#if defined(HAVE_INTEL_AVX1)
+        if (IS_INTEL_AVX1(intel_flags)) {
+            AES_GCM_encrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+                                 authTagSz, (const byte*)aes->key, (int)aes->rounds);
+            ret = 0;
+        } else
+#endif
+        {
+            AES_GCM_encrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
                             authTagSz, (const byte*)aes->key, (int)aes->rounds);
-        return 0;
+            ret = 0;
+        }
     }
     else
-#endif
+#endif /* WOLFSSL_AESNI */
     {
-        return AES_GCM_encrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
-                                                              authIn, authInSz);
+        ret = AES_GCM_encrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+                                authIn, authInSz);
     }
+
+    VECTOR_REGISTERS_POP;
+
+    return ret;
 }
 #endif
 
@@ -7052,7 +8472,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
         pCtr[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, (byte*)ctr, AES_BLOCK_SIZE);
     }
 
     /* Make copy of expected authTag, which could get corrupted in some
@@ -7073,7 +8493,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
     /* if IV is not 12 calculate GHASH using software */
     if (ivSz != GCM_NONCE_MID_SZ
     #ifndef CRYP_HEADERWIDTHUNIT_BYTE
-        /* or harware that does not support partial block */
+        /* or hardware that does not support partial block */
         || sz == 0 || partial != 0
     #endif
     #if !defined(CRYP_HEADERWIDTHUNIT_BYTE) && !defined(STM32_AESGCM_PARTIAL)
@@ -7081,7 +8501,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
         || authPadSz != authInSz
     #endif
     ) {
-        GHASH(aes, authIn, authInSz, in, sz, (byte*)tag, sizeof(tag));
+        GHASH(&aes->gcm, authIn, authInSz, in, sz, (byte*)tag, sizeof(tag));
         ret = wc_AesEncrypt(aes, (byte*)ctr, (byte*)partialBlock);
         if (ret != 0)
             return ret;
@@ -7242,6 +8662,7 @@ static WARN_UNUSED_RESULT int wc_AesGcmDecrypt_STM32(
         XMEMCPY(tag, partialBlock, authTagSz);
 #endif /* WOLFSSL_STM32_CUBEMX */
     wolfSSL_CryptHwMutexUnLock();
+    wc_Stm32_Aes_Cleanup();
 
     /* Check authentication tag */
     if (ConstantCompare((const byte*)tagExpected, (byte*)tag, authTagSz) != 0) {
@@ -7295,17 +8716,17 @@ int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
     else {
         /* Counter is GHASH of IV. */
 #ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->aadLen;
-        aes->aadLen = 0;
+        word32 aadTemp = aes->gcm.aadLen;
+        aes->gcm.aadLen = 0;
 #endif
-        GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
 #ifdef OPENSSL_EXTRA
-        aes->aadLen = aadTemp;
+        aes->gcm.aadLen = aadTemp;
 #endif
     }
 
     /* Calc the authTag again using received auth data and the cipher text */
-    GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
+    GHASH(&aes->gcm, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
     ret = wc_AesEncrypt(aes, counter, EKY0);
     if (ret != 0)
         return ret;
@@ -7328,7 +8749,7 @@ int WARN_UNUSED_RESULT AES_GCM_decrypt_C(
     if (!out) {
         /* authenticated, non-confidential data */
         /* store AAD size for next call */
-        aes->aadLen = authInSz;
+        aes->gcm.aadLen = authInSz;
     }
 #endif
 
@@ -7412,6 +8833,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
                      const byte* authTag, word32 authTagSz,
                      const byte* authIn, word32 authInSz)
 {
+    int ret;
 #ifdef WOLFSSL_AESNI
     int res = AES_GCM_AUTH_E;
 #endif
@@ -7457,7 +8879,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         return IntelQaSymAesGcmDecrypt(&aes->asyncDev, out, in, sz,
             (const byte*)aes->devKey, aes->keylen, iv, ivSz,
             authTag, authTagSz, authIn, authInSz);
-    #else /* WOLFSSL_ASYNC_CRYPT_SW */
+    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
         if (wc_AsyncSwInit(&aes->asyncDev, ASYNC_SW_AES_GCM_DECRYPT)) {
             WC_ASYNC_SW* sw = &aes->asyncDev.sw;
             sw->aes.aes = aes;
@@ -7490,49 +8912,61 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         authTag, authTagSz, authIn, authInSz);
 #endif /* STM32_CRYPTO_AES_GCM */
 
+    VECTOR_REGISTERS_PUSH;
+
 #ifdef WOLFSSL_AESNI
-    #ifdef HAVE_INTEL_AVX2
-    if (IS_INTEL_AVX2(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_decrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-        RESTORE_VECTOR_REGISTERS();
-        if (res == 0)
-            return AES_GCM_AUTH_E;
-        return 0;
-    }
-    else
-    #endif
-    #if defined(HAVE_INTEL_AVX1)
-    if (IS_INTEL_AVX1(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_decrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
-                            authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-        RESTORE_VECTOR_REGISTERS();
-        if (res == 0)
-            return AES_GCM_AUTH_E;
-        return 0;
-    }
-    else
-    #endif
-    if (haveAESNI) {
-        AES_GCM_decrypt(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+    if (aes->use_aesni) {
+#ifdef HAVE_INTEL_AVX2
+        if (IS_INTEL_AVX2(intel_flags)) {
+            AES_GCM_decrypt_avx2(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+                                 authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
+            if (res == 0)
+                ret = AES_GCM_AUTH_E;
+            else
+                ret = 0;
+        }
+        else
+#endif
+#if defined(HAVE_INTEL_AVX1)
+        if (IS_INTEL_AVX1(intel_flags)) {
+            AES_GCM_decrypt_avx1(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
+                                 authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
+            if (res == 0)
+                ret = AES_GCM_AUTH_E;
+            else
+                ret = 0;
+        }
+        else
+#endif
+        {
+            AES_GCM_decrypt_aesni(in, out, authIn, iv, authTag, sz, authInSz, ivSz,
                             authTagSz, (byte*)aes->key, (int)aes->rounds, &res);
-        if (res == 0)
-            return AES_GCM_AUTH_E;
-        return 0;
+            if (res == 0)
+                ret = AES_GCM_AUTH_E;
+            else
+                ret = 0;
+        }
     }
     else
-#endif
+#endif /* WOLFSSL_AESNI */
     {
-        return AES_GCM_decrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
-                                                              authIn, authInSz);
+        ret = AES_GCM_decrypt_C(aes, out, in, sz, iv, ivSz, authTag, authTagSz,
+                                                             authIn, authInSz);
     }
+
+    VECTOR_REGISTERS_POP;
+
+    return ret;
 }
 #endif
 #endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
 
 #ifdef WOLFSSL_AESGCM_STREAM
+
+#if defined(WC_AES_C_DYNAMIC_FALLBACK) && defined(WOLFSSL_AESNI)
+    #error "AES-GCM streaming with AESNI is incompatible with WC_AES_C_DYNAMIC_FALLBACK."
+#endif
+
 /* Initialize the AES GCM cipher with an IV. C implementation.
  *
  * @param [in, out] aes   AES object.
@@ -7544,6 +8978,10 @@ static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz
     ALIGN32 byte counter[AES_BLOCK_SIZE];
     int ret;
 
+#ifdef WOLFSSL_AESNI
+    aes->use_aesni = 0;
+#endif
+
     if (ivSz == GCM_NONCE_MID_SZ) {
         /* Counter is IV with bottom 4 bytes set to: 0x00,0x00,0x00,0x01. */
         XMEMCPY(counter, iv, ivSz);
@@ -7554,12 +8992,12 @@ static WARN_UNUSED_RESULT int AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz
     else {
         /* Counter is GHASH of IV. */
     #ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->aadLen;
-        aes->aadLen = 0;
+        word32 aadTemp = aes->gcm.aadLen;
+        aes->gcm.aadLen = 0;
     #endif
-        GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
     #ifdef OPENSSL_EXTRA
-        aes->aadLen = aadTemp;
+        aes->gcm.aadLen = aadTemp;
     #endif
     }
 
@@ -7686,7 +9124,7 @@ static WARN_UNUSED_RESULT int AesGcmFinal_C(
     xorbuf(authTag, AES_INITCTR(aes), authTagSz);
 #ifdef OPENSSL_EXTRA
     /* store AAD size for next call */
-    aes->aadLen = aes->aSz;
+    aes->gcm.aadLen = aes->aSz;
 #endif
     /* Zeroize last block to protect sensitive data. */
     ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
@@ -7767,6 +9205,8 @@ extern void AES_GCM_encrypt_final_aesni(unsigned char* tag,
 static WARN_UNUSED_RESULT int AesGcmInit_aesni(
     Aes* aes, const byte* iv, word32 ivSz)
 {
+    ASSERT_SAVED_VECTOR_REGISTERS();
+
     /* Reset state fields. */
     aes->aSz = 0;
     aes->cSz = 0;
@@ -7778,28 +9218,25 @@ static WARN_UNUSED_RESULT int AesGcmInit_aesni(
 
 #ifdef HAVE_INTEL_AVX2
     if (IS_INTEL_AVX2(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_init_avx2((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
-                          AES_COUNTER(aes), AES_INITCTR(aes));
-        RESTORE_VECTOR_REGISTERS();
+        AES_GCM_init_avx2((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
     }
     else
 #endif
 #ifdef HAVE_INTEL_AVX1
     if (IS_INTEL_AVX1(intel_flags)) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_init_avx1((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
-                          AES_COUNTER(aes), AES_INITCTR(aes));
-        RESTORE_VECTOR_REGISTERS();
+        AES_GCM_init_avx1((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
     }
     else
 #endif
     {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_GCM_init_aesni((byte*)aes->key, (int)aes->rounds, iv, ivSz, aes->H,
-                           AES_COUNTER(aes), AES_INITCTR(aes));
-        RESTORE_VECTOR_REGISTERS();
+        AES_GCM_init_aesni((byte*)aes->key, (int)aes->rounds, iv, ivSz,
+            aes->gcm.H, AES_COUNTER(aes), AES_INITCTR(aes));
     }
+
+    aes->use_aesni = 1;
+
     return 0;
 }
 
@@ -7838,20 +9275,20 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
             #ifdef HAVE_INTEL_AVX2
                 if (IS_INTEL_AVX2(intel_flags)) {
                     AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
             #ifdef HAVE_INTEL_AVX1
                 if (IS_INTEL_AVX1(intel_flags)) {
                     AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
                 {
                     AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                              aes->H);
+                                              aes->gcm.H);
                 }
                 /* Reset count. */
                 aes->aOver = 0;
@@ -7869,20 +9306,20 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
         #ifdef HAVE_INTEL_AVX2
             if (IS_INTEL_AVX2(intel_flags)) {
                 AES_GCM_aad_update_avx2(a, blocks * AES_BLOCK_SIZE,
-                                        AES_TAG(aes), aes->H);
+                                        AES_TAG(aes), aes->gcm.H);
             }
             else
         #endif
         #ifdef HAVE_INTEL_AVX1
             if (IS_INTEL_AVX1(intel_flags)) {
                 AES_GCM_aad_update_avx1(a, blocks * AES_BLOCK_SIZE,
-                                        AES_TAG(aes), aes->H);
+                                        AES_TAG(aes), aes->gcm.H);
             }
             else
         #endif
             {
                 AES_GCM_aad_update_aesni(a, blocks * AES_BLOCK_SIZE,
-                                         AES_TAG(aes), aes->H);
+                                         AES_TAG(aes), aes->gcm.H);
             }
             /* Skip over to end of AAD blocks. */
             a += blocks * AES_BLOCK_SIZE;
@@ -7901,19 +9338,21 @@ static WARN_UNUSED_RESULT int AesGcmAadUpdate_aesni(
         /* GHASH last AAD block. */
     #ifdef HAVE_INTEL_AVX2
         if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
+                                     aes->gcm.H);
         }
         else
     #endif
     #ifdef HAVE_INTEL_AVX1
         if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
+                                     aes->gcm.H);
         }
         else
     #endif
         {
             AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                      aes->H);
+                                      aes->gcm.H);
         }
         /* Clear partial count for next time through. */
         aes->aOver = 0;
@@ -7940,7 +9379,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
     int partial;
     int ret;
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    ASSERT_SAVED_VECTOR_REGISTERS();
+
     /* Hash in A, the Authentication Data */
     ret = AesGcmAadUpdate_aesni(aes, a, aSz, (cSz > 0) && (c != NULL));
     if (ret != 0)
@@ -7959,27 +9399,27 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
             /* Encrypt some of the plaintext. */
             xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, p, sz);
             XMEMCPY(c, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unsed encrypted counter. */
+            /* Update count of unused encrypted counter. */
             aes->cOver += sz;
             if (aes->cOver == AES_BLOCK_SIZE) {
                 /* We have filled up the block and can process. */
             #ifdef HAVE_INTEL_AVX2
                 if (IS_INTEL_AVX2(intel_flags)) {
                     AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
             #ifdef HAVE_INTEL_AVX1
                 if (IS_INTEL_AVX1(intel_flags)) {
                     AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
                 {
                     AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                              aes->H);
+                                              aes->gcm.H);
                 }
                 /* Reset count. */
                 aes->cOver = 0;
@@ -7998,7 +9438,7 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
         #ifdef HAVE_INTEL_AVX2
             if (IS_INTEL_AVX2(intel_flags)) {
                 AES_GCM_encrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             else
@@ -8006,14 +9446,14 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
         #ifdef HAVE_INTEL_AVX1
             if (IS_INTEL_AVX1(intel_flags)) {
                 AES_GCM_encrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             else
         #endif
             {
                 AES_GCM_encrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
-                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    c, p, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             /* Skip over to end of blocks. */
@@ -8050,7 +9490,6 @@ static WARN_UNUSED_RESULT int AesGcmEncryptUpdate_aesni(
             aes->cOver = (byte)partial;
         }
     }
-    RESTORE_VECTOR_REGISTERS();
     return 0;
 }
 
@@ -8069,7 +9508,8 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
     /* AAD block incomplete when > 0 */
     byte over = aes->aOver;
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    ASSERT_SAVED_VECTOR_REGISTERS();
+
     if (aes->cOver > 0) {
         /* Cipher text block incomplete. */
         over = aes->cOver;
@@ -8080,41 +9520,43 @@ static WARN_UNUSED_RESULT int AesGcmEncryptFinal_aesni(
         /* GHASH last cipher block. */
     #ifdef HAVE_INTEL_AVX2
         if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx2(AES_LASTGBLOCK(aes), AES_TAG(aes),
+                                     aes->gcm.H);
         }
         else
     #endif
     #ifdef HAVE_INTEL_AVX1
         if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx1(AES_LASTGBLOCK(aes), AES_TAG(aes),
+                                     aes->gcm.H);
         }
         else
     #endif
         {
             AES_GCM_ghash_block_aesni(AES_LASTGBLOCK(aes), AES_TAG(aes),
-                                      aes->H);
+                                      aes->gcm.H);
         }
     }
     /* Calculate the authentication tag. */
 #ifdef HAVE_INTEL_AVX2
     if (IS_INTEL_AVX2(intel_flags)) {
         AES_GCM_encrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes));
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
     }
     else
 #endif
 #ifdef HAVE_INTEL_AVX1
     if (IS_INTEL_AVX1(intel_flags)) {
         AES_GCM_encrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes));
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
     }
     else
 #endif
     {
         AES_GCM_encrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes));
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes));
     }
-    RESTORE_VECTOR_REGISTERS();
+
     return 0;
 }
 
@@ -8156,7 +9598,7 @@ extern void AES_GCM_decrypt_final_aesni(unsigned char* tag,
  *
  * @param [in, out] aes  AES object.
  * @param [out]     p    Buffer to hold plaintext.
- * @param [in]      c    Buffer holding ciper text.
+ * @param [in]      c    Buffer holding cipher text.
  * @param [in]      cSz  Length of cipher text/plaintext in bytes.
  * @param [in]      a    Buffer holding authentication data.
  * @param [in]      aSz  Length of authentication data in bytes.
@@ -8168,7 +9610,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
     int partial;
     int ret;
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    ASSERT_SAVED_VECTOR_REGISTERS();
+
     /* Hash in A, the Authentication Data */
     ret = AesGcmAadUpdate_aesni(aes, a, aSz, (cSz > 0) && (c != NULL));
     if (ret != 0)
@@ -8189,27 +9632,27 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
             /* Decrypt some of the cipher text. */
             xorbuf(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
             XMEMCPY(p, AES_LASTGBLOCK(aes) + aes->cOver, sz);
-            /* Update count of unsed encrypted counter. */
+            /* Update count of unused encrypted counter. */
             aes->cOver += sz;
             if (aes->cOver == AES_BLOCK_SIZE) {
                 /* We have filled up the block and can process. */
             #ifdef HAVE_INTEL_AVX2
                 if (IS_INTEL_AVX2(intel_flags)) {
                     AES_GCM_ghash_block_avx2(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
             #ifdef HAVE_INTEL_AVX1
                 if (IS_INTEL_AVX1(intel_flags)) {
                     AES_GCM_ghash_block_avx1(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                             aes->H);
+                                             aes->gcm.H);
                 }
                 else
             #endif
                 {
                     AES_GCM_ghash_block_aesni(AES_LASTBLOCK(aes), AES_TAG(aes),
-                                              aes->H);
+                                              aes->gcm.H);
                 }
                 /* Reset count. */
                 aes->cOver = 0;
@@ -8228,7 +9671,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
         #ifdef HAVE_INTEL_AVX2
             if (IS_INTEL_AVX2(intel_flags)) {
                 AES_GCM_decrypt_update_avx2((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             else
@@ -8236,14 +9679,14 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
         #ifdef HAVE_INTEL_AVX1
             if (IS_INTEL_AVX1(intel_flags)) {
                 AES_GCM_decrypt_update_avx1((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             else
         #endif
             {
                 AES_GCM_decrypt_update_aesni((byte*)aes->key, (int)aes->rounds,
-                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->H,
+                    p, c, blocks * AES_BLOCK_SIZE, AES_TAG(aes), aes->gcm.H,
                     AES_COUNTER(aes));
             }
             /* Skip over to end of blocks. */
@@ -8280,7 +9723,7 @@ static WARN_UNUSED_RESULT int AesGcmDecryptUpdate_aesni(
             aes->cOver = (byte)partial;
         }
     }
-    RESTORE_VECTOR_REGISTERS();
+
     return 0;
 }
 
@@ -8304,7 +9747,8 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
     byte over = aes->aOver;
     byte *lastBlock = AES_LASTGBLOCK(aes);
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    ASSERT_SAVED_VECTOR_REGISTERS();
+
     if (aes->cOver > 0) {
         /* Cipher text block incomplete. */
         over = aes->cOver;
@@ -8316,40 +9760,40 @@ static WARN_UNUSED_RESULT int AesGcmDecryptFinal_aesni(
         /* Hash the last block of cipher text. */
     #ifdef HAVE_INTEL_AVX2
         if (IS_INTEL_AVX2(intel_flags)) {
-            AES_GCM_ghash_block_avx2(lastBlock, AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx2(lastBlock, AES_TAG(aes), aes->gcm.H);
         }
         else
     #endif
     #ifdef HAVE_INTEL_AVX1
         if (IS_INTEL_AVX1(intel_flags)) {
-            AES_GCM_ghash_block_avx1(lastBlock, AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_avx1(lastBlock, AES_TAG(aes), aes->gcm.H);
         }
         else
     #endif
         {
-            AES_GCM_ghash_block_aesni(lastBlock, AES_TAG(aes), aes->H);
+            AES_GCM_ghash_block_aesni(lastBlock, AES_TAG(aes), aes->gcm.H);
         }
     }
     /* Calculate and compare the authentication tag. */
 #ifdef HAVE_INTEL_AVX2
     if (IS_INTEL_AVX2(intel_flags)) {
         AES_GCM_decrypt_final_avx2(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes), &res);
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
     }
     else
 #endif
 #ifdef HAVE_INTEL_AVX1
     if (IS_INTEL_AVX1(intel_flags)) {
         AES_GCM_decrypt_final_avx1(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes), &res);
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
     }
     else
 #endif
     {
         AES_GCM_decrypt_final_aesni(AES_TAG(aes), authTag, authTagSz, aes->cSz,
-            aes->aSz, aes->H, AES_INITCTR(aes), &res);
+            aes->aSz, aes->gcm.H, AES_INITCTR(aes), &res);
     }
-    RESTORE_VECTOR_REGISTERS();
+
     /* Return error code when calculated doesn't match input. */
     if (res == 0) {
         ret = AES_GCM_AUTH_E;
@@ -8418,15 +9862,10 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
 
         if (iv != NULL) {
             /* Initialize with the IV. */
+            VECTOR_REGISTERS_PUSH;
+
         #ifdef WOLFSSL_AESNI
-            if (haveAESNI
-            #ifdef HAVE_INTEL_AVX2
-                || IS_INTEL_AVX2(intel_flags)
-            #endif
-            #ifdef HAVE_INTEL_AVX1
-                || IS_INTEL_AVX1(intel_flags)
-            #endif
-                ) {
+            if (aes->use_aesni) {
                 ret = AesGcmInit_aesni(aes, iv, ivSz);
             }
             else
@@ -8435,7 +9874,10 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
                 ret = AesGcmInit_C(aes, iv, ivSz);
             }
 
-            aes->nonceSet = 1;
+            VECTOR_REGISTERS_POP;
+
+            if (ret == 0)
+                aes->nonceSet = 1;
         }
     }
 
@@ -8547,15 +9989,10 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
 
     if (ret == 0) {
         /* Encrypt with AAD and/or plaintext. */
-    #if defined(WOLFSSL_AESNI)
-        if (haveAESNI
-        #ifdef HAVE_INTEL_AVX2
-            || IS_INTEL_AVX2(intel_flags)
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            || IS_INTEL_AVX1(intel_flags)
-        #endif
-            ) {
+        VECTOR_REGISTERS_PUSH;
+
+    #ifdef WOLFSSL_AESNI
+        if (aes->use_aesni) {
             ret = AesGcmEncryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
         }
         else
@@ -8563,12 +10000,14 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
         {
             /* Encrypt the plaintext. */
             ret = AesGcmCryptUpdate_C(aes, out, in, sz);
-            if (ret != 0)
-                return ret;
-            /* Update the authenication tag with any authentication data and the
-             * new cipher text. */
-            GHASH_UPDATE(aes, authIn, authInSz, out, sz);
+            if (ret == 0) {
+                /* Update the authentication tag with any authentication data and the
+                 * new cipher text. */
+                GHASH_UPDATE(aes, authIn, authInSz, out, sz);
+            }
         }
+
+        VECTOR_REGISTERS_POP;
     }
 
     return ret;
@@ -8605,15 +10044,9 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
 
     if (ret == 0) {
         /* Calculate authentication tag. */
+        VECTOR_REGISTERS_PUSH;
     #ifdef WOLFSSL_AESNI
-        if (haveAESNI
-        #ifdef HAVE_INTEL_AVX2
-            || IS_INTEL_AVX2(intel_flags)
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            || IS_INTEL_AVX1(intel_flags)
-        #endif
-            ) {
+        if (aes->use_aesni) {
             ret = AesGcmEncryptFinal_aesni(aes, authTag, authTagSz);
         }
         else
@@ -8621,6 +10054,7 @@ int wc_AesGcmEncryptFinal(Aes* aes, byte* authTag, word32 authTagSz)
         {
             ret = AesGcmFinal_C(aes, authTag, authTagSz);
         }
+        VECTOR_REGISTERS_POP;
     }
 
     if ((ret == 0) && aes->ctrSet) {
@@ -8693,26 +10127,21 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
 
     if (ret == 0) {
         /* Decrypt with AAD and/or cipher text. */
-    #if defined(WOLFSSL_AESNI)
-        if (haveAESNI
-        #ifdef HAVE_INTEL_AVX2
-            || IS_INTEL_AVX2(intel_flags)
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            || IS_INTEL_AVX1(intel_flags)
-        #endif
-            ) {
+        VECTOR_REGISTERS_PUSH;
+    #ifdef WOLFSSL_AESNI
+        if (aes->use_aesni) {
             ret = AesGcmDecryptUpdate_aesni(aes, out, in, sz, authIn, authInSz);
         }
         else
     #endif
         {
-            /* Update the authenication tag with any authentication data and
+            /* Update the authentication tag with any authentication data and
              * cipher text. */
             GHASH_UPDATE(aes, authIn, authInSz, in, sz);
             /* Decrypt the cipher text. */
             ret = AesGcmCryptUpdate_C(aes, out, in, sz);
         }
+        VECTOR_REGISTERS_POP;
     }
 
     return ret;
@@ -8749,15 +10178,9 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
 
     if (ret == 0) {
         /* Calculate authentication tag and compare with one passed in.. */
+        VECTOR_REGISTERS_PUSH;
     #ifdef WOLFSSL_AESNI
-        if (haveAESNI
-        #ifdef HAVE_INTEL_AVX2
-            || IS_INTEL_AVX2(intel_flags)
-        #endif
-        #ifdef HAVE_INTEL_AVX1
-            || IS_INTEL_AVX1(intel_flags)
-        #endif
-            ) {
+        if (aes->use_aesni) {
             ret = AesGcmDecryptFinal_aesni(aes, authTag, authTagSz);
         }
         else
@@ -8773,12 +10196,9 @@ int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag, word32 authTagSz)
                 }
             }
         }
+        VECTOR_REGISTERS_POP;
     }
 
-    /* reset the state */
-    if (ret == 0)
-        wc_AesFree(aes);
-
     return ret;
 }
 #endif /* HAVE_AES_DECRYPT || HAVE_AESGCM_DECRYPT */
@@ -9297,12 +10717,12 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
                    byte* authTag, word32 authTagSz,
                    const byte* authIn, word32 authInSz)
 {
-#ifndef WOLFSSL_AESNI
-    byte A[AES_BLOCK_SIZE];
-    byte B[AES_BLOCK_SIZE];
-#else
+#ifdef WOLFSSL_AESNI
     ALIGN128 byte A[AES_BLOCK_SIZE * 4];
     ALIGN128 byte B[AES_BLOCK_SIZE * 4];
+#else
+    byte A[AES_BLOCK_SIZE];
+    byte B[AES_BLOCK_SIZE];
 #endif
     byte lenSz;
     word32 i;
@@ -9351,67 +10771,38 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
 #endif
 
+    VECTOR_REGISTERS_PUSH;
     ret = wc_AesEncrypt(aes, B, A);
-    if (ret != 0) {
-        ForceZero(B, sizeof(B));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(B, sizeof(B));
-    #endif
-        return ret;
-    }
 #ifdef WOLFSSL_CHECK_MEM_ZERO
-    wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
+    if (ret == 0)
+        wc_MemZero_Add("wc_AesCcmEncrypt A", A, sizeof(A));
 #endif
 
-    if (authInSz > 0) {
+    if ((ret == 0) && (authInSz > 0))
         ret = roll_auth(aes, authIn, authInSz, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
-    }
-    if (inSz > 0) {
+
+    if ((ret == 0) && (inSz > 0))
         ret = roll_x(aes, in, inSz, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
-    }
-    XMEMCPY(authTag, A, authTagSz);
 
-    B[0] = lenSz - 1;
-    for (i = 0; i < lenSz; i++)
-        B[AES_BLOCK_SIZE - 1 - i] = 0;
-    ret = wc_AesEncrypt(aes, B, A);
-    if (ret != 0) {
-        ForceZero(A, sizeof(A));
-        ForceZero(B, sizeof(B));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(A, sizeof(A));
-        wc_MemZero_Check(B, sizeof(B));
-    #endif
-        return ret;
+    if (ret == 0) {
+        XMEMCPY(authTag, A, authTagSz);
+
+        B[0] = lenSz - 1;
+        for (i = 0; i < lenSz; i++)
+            B[AES_BLOCK_SIZE - 1 - i] = 0;
+        ret = wc_AesEncrypt(aes, B, A);
     }
-    xorbuf(authTag, A, authTagSz);
 
-    B[15] = 1;
+    if (ret == 0) {
+        xorbuf(authTag, A, authTagSz);
+        B[15] = 1;
+    }
 #ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    if ((ret == 0) && aes->use_aesni) {
         while (inSz >= AES_BLOCK_SIZE * 4) {
             AesCcmCtrIncSet4(B, lenSz);
 
-            AES_ECB_encrypt(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
+            AES_ECB_encrypt_AESNI(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
                             (int)aes->rounds);
 
             xorbuf(A, in, AES_BLOCK_SIZE * 4);
@@ -9423,39 +10814,26 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
 
             AesCcmCtrInc4(B, lenSz);
         }
-        RESTORE_VECTOR_REGISTERS();
     }
 #endif
-    while (inSz >= AES_BLOCK_SIZE) {
-        ret = wc_AesEncrypt(aes, B, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
-        xorbuf(A, in, AES_BLOCK_SIZE);
-        XMEMCPY(out, A, AES_BLOCK_SIZE);
+    if (ret == 0) {
+        while (inSz >= AES_BLOCK_SIZE) {
+            ret = wc_AesEncrypt(aes, B, A);
+            if (ret != 0)
+                break;
+            xorbuf(A, in, AES_BLOCK_SIZE);
+            XMEMCPY(out, A, AES_BLOCK_SIZE);
 
-        AesCcmCtrInc(B, lenSz);
-        inSz -= AES_BLOCK_SIZE;
-        in += AES_BLOCK_SIZE;
-        out += AES_BLOCK_SIZE;
+            AesCcmCtrInc(B, lenSz);
+            inSz -= AES_BLOCK_SIZE;
+            in += AES_BLOCK_SIZE;
+            out += AES_BLOCK_SIZE;
+        }
     }
-    if (inSz > 0) {
+    if ((ret == 0) && (inSz > 0)) {
         ret = wc_AesEncrypt(aes, B, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
+    }
+    if ((ret == 0) && (inSz > 0)) {
         xorbuf(A, in, inSz);
         XMEMCPY(out, A, inSz);
     }
@@ -9468,7 +10846,9 @@ int wc_AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     wc_MemZero_Check(B, sizeof(B));
 #endif
 
-    return 0;
+    VECTOR_REGISTERS_POP;
+
+    return ret;
 }
 
 #ifdef HAVE_AES_DECRYPT
@@ -9478,19 +10858,19 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
                    const byte* authTag, word32 authTagSz,
                    const byte* authIn, word32 authInSz)
 {
-#ifndef WOLFSSL_AESNI
-    byte A[AES_BLOCK_SIZE];
-    byte B[AES_BLOCK_SIZE];
-#else
+#ifdef WOLFSSL_AESNI
     ALIGN128 byte B[AES_BLOCK_SIZE * 4];
     ALIGN128 byte A[AES_BLOCK_SIZE * 4];
+#else
+    byte A[AES_BLOCK_SIZE];
+    byte B[AES_BLOCK_SIZE];
 #endif
     byte* o;
     byte lenSz;
     word32 i, oSz;
     byte mask = 0xFF;
     const word32 wordSz = (word32)sizeof(word32);
-    int ret;
+    int ret = 0;
 
     /* sanity check on arguments */
     if (aes == NULL || (inSz != 0 && (in == NULL || out == NULL)) ||
@@ -9533,13 +10913,14 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     wc_MemZero_Add("wc_AesCcmEncrypt B", B, sizeof(B));
 #endif
 
+    VECTOR_REGISTERS_PUSH;
+
 #ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    if (aes->use_aesni) {
         while (oSz >= AES_BLOCK_SIZE * 4) {
             AesCcmCtrIncSet4(B, lenSz);
 
-            AES_ECB_encrypt(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
+            AES_ECB_encrypt_AESNI(B, A, AES_BLOCK_SIZE * 4, (byte*)aes->key,
                             (int)aes->rounds);
 
             xorbuf(A, in, AES_BLOCK_SIZE * 4);
@@ -9551,131 +10932,79 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
 
             AesCcmCtrInc4(B, lenSz);
         }
-        RESTORE_VECTOR_REGISTERS();
     }
 #endif
+
     while (oSz >= AES_BLOCK_SIZE) {
         ret = wc_AesEncrypt(aes, B, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
+        if (ret != 0)
+            break;
         xorbuf(A, in, AES_BLOCK_SIZE);
         XMEMCPY(o, A, AES_BLOCK_SIZE);
-
         AesCcmCtrInc(B, lenSz);
         oSz -= AES_BLOCK_SIZE;
         in += AES_BLOCK_SIZE;
         o += AES_BLOCK_SIZE;
     }
-    if (inSz > 0) {
+
+    if ((ret == 0) && (inSz > 0))
         ret = wc_AesEncrypt(aes, B, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
+
+    if ((ret == 0) && (inSz > 0)) {
         xorbuf(A, in, oSz);
         XMEMCPY(o, A, oSz);
+        for (i = 0; i < lenSz; i++)
+            B[AES_BLOCK_SIZE - 1 - i] = 0;
+        ret = wc_AesEncrypt(aes, B, A);
     }
 
-    for (i = 0; i < lenSz; i++)
-        B[AES_BLOCK_SIZE - 1 - i] = 0;
-    ret = wc_AesEncrypt(aes, B, A);
-    if (ret != 0) {
-        ForceZero(A, sizeof(A));
-        ForceZero(B, sizeof(B));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(A, sizeof(A));
-        wc_MemZero_Check(B, sizeof(B));
-    #endif
-        return ret;
-    }
-
-    o = out;
-    oSz = inSz;
+    if (ret == 0) {
+        o = out;
+        oSz = inSz;
 
-    B[0] = (byte)((authInSz > 0 ? 64 : 0)
-                  + (8 * (((byte)authTagSz - 2) / 2))
-                  + (lenSz - 1));
-    for (i = 0; i < lenSz; i++) {
-        if (mask && i >= wordSz)
-            mask = 0x00;
-        B[AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
-    }
+        B[0] = (byte)((authInSz > 0 ? 64 : 0)
+                      + (8 * (((byte)authTagSz - 2) / 2))
+                      + (lenSz - 1));
+        for (i = 0; i < lenSz; i++) {
+            if (mask && i >= wordSz)
+                mask = 0x00;
+            B[AES_BLOCK_SIZE - 1 - i] = (byte)((inSz >> ((8 * i) & mask)) & mask);
+        }
 
-    ret = wc_AesEncrypt(aes, B, A);
-    if (ret != 0) {
-        ForceZero(A, sizeof(A));
-        ForceZero(B, sizeof(B));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(A, sizeof(A));
-        wc_MemZero_Check(B, sizeof(B));
-    #endif
-        return ret;
+        ret = wc_AesEncrypt(aes, B, A);
     }
 
-    if (authInSz > 0) {
-        ret = roll_auth(aes, authIn, authInSz, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
+    if (ret == 0) {
+        if (authInSz > 0)
+            ret = roll_auth(aes, authIn, authInSz, A);
     }
-    if (inSz > 0) {
+    if ((ret == 0) && (inSz > 0))
         ret = roll_x(aes, o, oSz, A);
-        if (ret != 0) {
-            ForceZero(A, sizeof(A));
-            ForceZero(B, sizeof(B));
-        #ifdef WOLFSSL_CHECK_MEM_ZERO
-            wc_MemZero_Check(A, sizeof(A));
-            wc_MemZero_Check(B, sizeof(B));
-        #endif
-            return ret;
-        }
-    }
 
-    B[0] = lenSz - 1;
-    for (i = 0; i < lenSz; i++)
-        B[AES_BLOCK_SIZE - 1 - i] = 0;
-    ret = wc_AesEncrypt(aes, B, B);
-    if (ret != 0) {
-        ForceZero(A, sizeof(A));
-        ForceZero(B, sizeof(B));
-    #ifdef WOLFSSL_CHECK_MEM_ZERO
-        wc_MemZero_Check(A, sizeof(A));
-        wc_MemZero_Check(B, sizeof(B));
-    #endif
-        return ret;
+    if (ret == 0) {
+        B[0] = lenSz - 1;
+        for (i = 0; i < lenSz; i++)
+            B[AES_BLOCK_SIZE - 1 - i] = 0;
+        ret = wc_AesEncrypt(aes, B, B);
     }
-    xorbuf(A, B, authTagSz);
 
-    if (ConstantCompare(A, authTag, (int)authTagSz) != 0) {
-        /* If the authTag check fails, don't keep the decrypted data.
-         * Unfortunately, you need the decrypted data to calculate the
-         * check value. */
-        #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) && \
-            defined(ACVP_VECTOR_TESTING)
+    if (ret == 0)
+        xorbuf(A, B, authTagSz);
+
+    if (ret == 0) {
+        if (ConstantCompare(A, authTag, (int)authTagSz) != 0) {
+            /* If the authTag check fails, don't keep the decrypted data.
+             * Unfortunately, you need the decrypted data to calculate the
+             * check value. */
+            #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2) &&   \
+                        defined(ACVP_VECTOR_TESTING)
             WOLFSSL_MSG("Preserve output for vector responses");
-        #else
+            #else
             if (inSz > 0)
                 XMEMSET(out, 0, inSz);
-        #endif
-        ret = AES_CCM_AUTH_E;
+            #endif
+            ret = AES_CCM_AUTH_E;
+        }
     }
 
     ForceZero(A, sizeof(A));
@@ -9687,6 +11016,8 @@ int  wc_AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz,
     wc_MemZero_Check(B, sizeof(B));
 #endif
 
+    VECTOR_REGISTERS_POP;
+
     return ret;
 }
 
@@ -9784,7 +11115,7 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
                                                         aes->heap, devId);
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
-#ifdef WOLFSSL_AFALG
+#if defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES)
     aes->alFd = WC_SOCK_NOTSET;
     aes->rdFd = WC_SOCK_NOTSET;
 #endif
@@ -9809,8 +11140,8 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
 
 #ifdef HAVE_AESGCM
 #ifdef OPENSSL_EXTRA
-    XMEMSET(aes->aadH, 0, sizeof(aes->aadH));
-    aes->aadLen = 0;
+    XMEMSET(aes->gcm.aadH, 0, sizeof(aes->gcm.aadH));
+    aes->gcm.aadLen = 0;
 #endif
 #endif
 
@@ -9829,6 +11160,15 @@ int wc_AesInit(Aes* aes, void* heap, int devId)
     ret = wc_psa_aes_init(aes);
 #endif
 
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    XMEMSET(&aes->ctx, 0, sizeof(aes->ctx));
+#endif
+
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    if (ret == 0)
+        ret = wc_debug_CipherLifecycleInit(&aes->CipherLifecycleTag, aes->heap);
+#endif
+
     return ret;
 }
 
@@ -9884,6 +11224,10 @@ void wc_AesFree(Aes* aes)
     if (aes == NULL)
         return;
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    (void)wc_debug_CipherLifecycleFree(&aes->CipherLifecycleTag, aes->heap, 1);
+#endif
+
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)
     wolfAsync_DevCtxFree(&aes->asyncDev, WOLFSSL_ASYNC_MARKER_AES);
 #endif /* WOLFSSL_ASYNC_CRYPT */
@@ -9939,12 +11283,17 @@ void wc_AesFree(Aes* aes)
     wc_MAXQ10XX_AesFree(aes);
 #endif
 
+#if ((defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_AES))
+    wc_fspsm_Aesfree(aes);
+#endif
+
 #ifdef WOLFSSL_CHECK_MEM_ZERO
     wc_MemZero_Check(aes, sizeof(Aes));
 #endif
 }
 
-
 int wc_AesGetKeySize(Aes* aes, word32* keySize)
 {
     int ret = 0;
@@ -9986,6 +11335,16 @@ int wc_AesGetKeySize(Aes* aes, word32* keySize)
 
 #endif /* !WOLFSSL_TI_CRYPT */
 
+/* the earlier do-nothing default definitions for VECTOR_REGISTERS_{PUSH,POP}
+ * are missed when WOLFSSL_TI_CRYPT or WOLFSSL_ARMASM.
+ */
+#ifndef VECTOR_REGISTERS_PUSH
+    #define VECTOR_REGISTERS_PUSH { WC_DO_NOTHING
+#endif
+#ifndef VECTOR_REGISTERS_POP
+    #define VECTOR_REGISTERS_POP } WC_DO_NOTHING
+#endif
+
 #ifdef HAVE_AES_ECB
 #if defined(WOLFSSL_IMX6_CAAM) && !defined(NO_IMX6_CAAM_AES) && \
         !defined(WOLFSSL_QNX_CAAM)
@@ -10023,16 +11382,17 @@ int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 static WARN_UNUSED_RESULT int _AesEcbEncrypt(
     Aes* aes, byte* out, const byte* in, word32 sz)
 {
-    word32 blocks = sz / AES_BLOCK_SIZE;
+    int ret = 0;
 
 #ifdef WOLF_CRYPTO_CB
     #ifndef WOLF_CRYPTO_CB_FIND
     if (aes->devId != INVALID_DEVID)
     #endif
     {
-        int ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
+        ret = wc_CryptoCb_AesEcbEncrypt(aes, out, in, sz);
         if (ret != CRYPTOCB_UNAVAILABLE)
             return ret;
+        ret = 0;
         /* fall-through when unavailable */
     }
 #endif
@@ -10040,38 +11400,50 @@ static WARN_UNUSED_RESULT int _AesEcbEncrypt(
     if (aes->keylen == 16)
         return DCPAesEcbEncrypt(aes, out, in, sz);
 #endif
+
+    VECTOR_REGISTERS_PUSH;
+
 #ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_ECB_encrypt(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-        RESTORE_VECTOR_REGISTERS();
-        blocks = 0;
+    if (aes->use_aesni) {
+        AES_ECB_encrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
     }
+    else
+#endif
+    {
+#ifndef WOLFSSL_ARMASM
+        AesEncryptBlocks_C(aes, in, out, sz);
+#else
+        word32 i;
+
+        for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+            ret = wc_AesEncryptDirect(aes, out, in);
+            if (ret != 0)
+                break;
+            in += AES_BLOCK_SIZE;
+            out += AES_BLOCK_SIZE;
+        }
 #endif
-    while (blocks > 0) {
-      int ret = wc_AesEncryptDirect(aes, out, in);
-      if (ret != 0)
-        return ret;
-      out += AES_BLOCK_SIZE;
-      in  += AES_BLOCK_SIZE;
-      blocks--;
     }
-    return 0;
+
+    VECTOR_REGISTERS_POP;
+
+    return ret;
 }
 
 static WARN_UNUSED_RESULT int _AesEcbDecrypt(
     Aes* aes, byte* out, const byte* in, word32 sz)
 {
-    word32 blocks = sz / AES_BLOCK_SIZE;
+    int ret = 0;
 
 #ifdef WOLF_CRYPTO_CB
     #ifndef WOLF_CRYPTO_CB_FIND
     if (aes->devId != INVALID_DEVID)
     #endif
     {
-        int ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
+        ret = wc_CryptoCb_AesEcbDecrypt(aes, out, in, sz);
         if (ret != CRYPTOCB_UNAVAILABLE)
             return ret;
+        ret = 0;
         /* fall-through when unavailable */
     }
 #endif
@@ -10079,51 +11451,56 @@ static WARN_UNUSED_RESULT int _AesEcbDecrypt(
     if (aes->keylen == 16)
         return DCPAesEcbDecrypt(aes, out, in, sz);
 #endif
+
+    VECTOR_REGISTERS_PUSH;
+
 #ifdef WOLFSSL_AESNI
-    if (haveAESNI && aes->use_aesni) {
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
-        AES_ECB_decrypt(in, out, sz, (byte*)aes->key, (int)aes->rounds);
-        RESTORE_VECTOR_REGISTERS();
-        blocks = 0;
+    if (aes->use_aesni) {
+        AES_ECB_decrypt_AESNI(in, out, sz, (byte*)aes->key, (int)aes->rounds);
     }
+    else
+#endif
+    {
+#ifndef WOLFSSL_ARMASM
+        AesDecryptBlocks_C(aes, in, out, sz);
+#else
+        word32 i;
+
+        for (i = 0; i < sz; i += AES_BLOCK_SIZE) {
+            ret = wc_AesDecryptDirect(aes, out, in);
+            if (ret != 0)
+                break;
+            in += AES_BLOCK_SIZE;
+            out += AES_BLOCK_SIZE;
+        }
 #endif
-    while (blocks > 0) {
-      int ret = wc_AesDecryptDirect(aes, out, in);
-      if (ret != 0)
-        return ret;
-      out += AES_BLOCK_SIZE;
-      in  += AES_BLOCK_SIZE;
-      blocks--;
     }
-    return 0;
+
+    VECTOR_REGISTERS_POP;
+
+    return ret;
 }
 
 int wc_AesEcbEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 {
-    int ret;
-
     if ((in == NULL) || (out == NULL) || (aes == NULL))
       return BAD_FUNC_ARG;
+    if ((sz % AES_BLOCK_SIZE) != 0) {
+        return BAD_LENGTH_E;
+    }
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = _AesEcbEncrypt(aes, out, in, sz);
-    RESTORE_VECTOR_REGISTERS();
-
-    return ret;
+    return _AesEcbEncrypt(aes, out, in, sz);
 }
 
 int wc_AesEcbDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 {
-    int ret;
-
     if ((in == NULL) || (out == NULL) || (aes == NULL))
       return BAD_FUNC_ARG;
+    if ((sz % AES_BLOCK_SIZE) != 0) {
+        return BAD_LENGTH_E;
+    }
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
-    ret = _AesEcbDecrypt(aes, out, in, sz);
-    RESTORE_VECTOR_REGISTERS();
-
-    return ret;
+    return _AesEcbDecrypt(aes, out, in, sz);
 }
 #endif
 #endif /* HAVE_AES_ECB */
@@ -10165,7 +11542,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackEncrypt(
     in += processed;
     sz -= processed;
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     while (sz >= AES_BLOCK_SIZE) {
         /* Using aes->tmp here for inline case i.e. in=out */
@@ -10211,7 +11588,8 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackEncrypt(
     #endif
         aes->left -= sz;
     }
-    RESTORE_VECTOR_REGISTERS();
+
+    VECTOR_REGISTERS_POP;
 
     return ret;
 }
@@ -10255,7 +11633,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackDecrypt(
     in += processed;
     sz -= processed;
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     while (sz > AES_BLOCK_SIZE) {
         /* Using aes->tmp here for inline case i.e. in=out */
@@ -10299,7 +11677,8 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackDecrypt(
         aes->left = AES_BLOCK_SIZE - sz;
         xorbufout(out, in, aes->tmp, sz);
     }
-    RESTORE_VECTOR_REGISTERS();
+
+    VECTOR_REGISTERS_POP;
 
     return ret;
 }
@@ -10382,7 +11761,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB8(
         return 0;
     }
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     while (sz > 0) {
         ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
@@ -10414,7 +11793,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB8(
         sz  -= 1;
     }
 
-    RESTORE_VECTOR_REGISTERS();
+    VECTOR_REGISTERS_POP;
 
     return ret;
 }
@@ -10438,7 +11817,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
         return 0;
     }
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     while (sz > 0) {
         ret = wc_AesEncryptDirect(aes, (byte*)aes->tmp, (byte*)aes->reg);
@@ -10491,7 +11870,7 @@ static WARN_UNUSED_RESULT int wc_AesFeedbackCFB1(
         }
     }
 
-    RESTORE_VECTOR_REGISTERS();
+    VECTOR_REGISTERS_POP;
 
     return ret;
 }
@@ -10669,7 +12048,7 @@ int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
         XMEMCPY(tmp, iv, KEYWRAP_BLOCK_SIZE);
     }
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     for (j = 0; j <= 5; j++) {
         for (i = 1; i <= inSz / KEYWRAP_BLOCK_SIZE; i++) {
@@ -10692,7 +12071,8 @@ int wc_AesKeyWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
             break;
         r = out + KEYWRAP_BLOCK_SIZE;
     }
-    RESTORE_VECTOR_REGISTERS();
+
+    VECTOR_REGISTERS_POP;
 
     if (ret != 0)
         return ret;
@@ -10781,7 +12161,7 @@ int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
     XMEMCPY(out, in + KEYWRAP_BLOCK_SIZE, inSz - KEYWRAP_BLOCK_SIZE);
     XMEMSET(t, 0, sizeof(t));
 
-    SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    VECTOR_REGISTERS_PUSH;
 
     /* initialize counter to 6n */
     n = (inSz - 1) / KEYWRAP_BLOCK_SIZE;
@@ -10807,7 +12187,8 @@ int wc_AesKeyUnWrap_ex(Aes *aes, const byte* in, word32 inSz, byte* out,
         if (ret != 0)
             break;
     }
-    RESTORE_VECTOR_REGISTERS();
+
+    VECTOR_REGISTERS_POP;
 
     if (ret != 0)
         return ret;
@@ -10871,6 +12252,24 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
 /* Galios Field to use */
 #define GF_XTS 0x87
 
+int wc_AesXtsInit(XtsAes* aes, void* heap, int devId)
+{
+    int    ret = 0;
+
+    if (aes == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
+        return ret;
+    }
+    if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
+        return ret;
+    }
+
+    return 0;
+}
+
 /* This is to help with setting keys to correct encrypt or decrypt type.
  *
  * tweak AES key for tweak in XTS
@@ -10882,12 +12281,9 @@ int wc_AesKeyUnWrap(const byte* key, word32 keySz, const byte* in, word32 inSz,
  * heap  heap hint to use for memory. Can be NULL
  * devId id to use with async crypto. Can be 0
  *
- * Note: is up to user to call wc_AesFree on tweak and aes key when done.
- *
  * return 0 on success
  */
-int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
-        void* heap, int devId)
+int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key, word32 len, int dir)
 {
     word32 keySz;
     int    ret = 0;
@@ -10896,13 +12292,6 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
         return BAD_FUNC_ARG;
     }
 
-    if ((ret = wc_AesInit(&aes->tweak, heap, devId)) != 0) {
-        return ret;
-    }
-    if ((ret = wc_AesInit(&aes->aes, heap, devId)) != 0) {
-        return ret;
-    }
-
     keySz = len/2;
     if (keySz != 16 && keySz != 32) {
         WOLFSSL_MSG("Unsupported key size");
@@ -10915,11 +12304,46 @@ int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
         if (ret != 0) {
             wc_AesFree(&aes->aes);
         }
+#ifdef WOLFSSL_AESNI
+        if (aes->aes.use_aesni != aes->tweak.use_aesni) {
+            if (aes->aes.use_aesni)
+                aes->aes.use_aesni = 0;
+            else
+                aes->tweak.use_aesni = 0;
+        }
+#endif
     }
 
     return ret;
 }
 
+/* Combined call to wc_AesXtsInit() and wc_AesXtsSetKeyNoInit().
+ *
+ * Note: is up to user to call wc_AesXtsFree when done.
+ *
+ * return 0 on success
+ */
+int wc_AesXtsSetKey(XtsAes* aes, const byte* key, word32 len, int dir,
+        void* heap, int devId)
+{
+    int    ret = 0;
+
+    if (aes == NULL || key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_AesXtsInit(aes, heap, devId);
+    if (ret != 0)
+        return ret;
+
+    ret = wc_AesXtsSetKeyNoInit(aes, key, len, dir);
+
+    if (ret != 0)
+        wc_AesXtsFree(aes);
+
+    return ret;
+}
+
 
 /* This is used to free up resources used by Aes structs
  *
@@ -10994,6 +12418,42 @@ int wc_AesXtsDecryptSector(XtsAes* aes, byte* out, const byte* in, word32 sz,
     return wc_AesXtsDecrypt(aes, out, in, sz, (const byte*)i, AES_BLOCK_SIZE);
 }
 
+#ifdef WOLFSSL_AESNI
+
+#if defined(USE_INTEL_SPEEDUP)
+    #define HAVE_INTEL_AVX1
+    #define HAVE_INTEL_AVX2
+#endif /* USE_INTEL_SPEEDUP */
+
+void AES_XTS_encrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
+                     const unsigned char* i, const unsigned char* key,
+                     const unsigned char* key2, int nr)
+                     XASM_LINK("AES_XTS_encrypt_aesni");
+#ifdef HAVE_INTEL_AVX1
+void AES_XTS_encrypt_avx1(const unsigned char *in, unsigned char *out,
+                          word32 sz, const unsigned char* i,
+                          const unsigned char* key, const unsigned char* key2,
+                          int nr)
+                          XASM_LINK("AES_XTS_encrypt_avx1");
+#endif /* HAVE_INTEL_AVX1 */
+
+#ifdef HAVE_AES_DECRYPT
+void AES_XTS_decrypt_aesni(const unsigned char *in, unsigned char *out, word32 sz,
+                     const unsigned char* i, const unsigned char* key,
+                     const unsigned char* key2, int nr)
+                     XASM_LINK("AES_XTS_decrypt_aesni");
+#ifdef HAVE_INTEL_AVX1
+void AES_XTS_decrypt_avx1(const unsigned char *in, unsigned char *out,
+                          word32 sz, const unsigned char* i,
+                          const unsigned char* key, const unsigned char* key2,
+                          int nr)
+                          XASM_LINK("AES_XTS_decrypt_avx1");
+#endif /* HAVE_INTEL_AVX1 */
+#endif /* HAVE_AES_DECRYPT */
+
+#endif /* WOLFSSL_AESNI */
+
+#if !defined(WOLFSSL_ARMASM) || defined(WOLFSSL_ARMASM_NO_HW_CRYPTO)
 #ifdef HAVE_AES_ECB
 /* helper function for encrypting / decrypting full buffer at once */
 static WARN_UNUSED_RESULT int _AesXtsHelper(
@@ -11042,131 +12502,308 @@ static WARN_UNUSED_RESULT int _AesXtsHelper(
  * in    input plain text buffer to encrypt
  * sz    size of both out and in buffers
  * i     value to use for tweak
+ *
+ * returns 0 on success
+ */
+/* Software AES - XTS Encrypt  */
+static int AesXtsEncrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    Aes *aes = &xaes->aes;
+    Aes *tweak = &xaes->tweak;
+    byte tmp[AES_BLOCK_SIZE];
+
+    XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
+                                      * key setup passed to encrypt direct*/
+
+    ret = wc_AesEncryptDirect(tweak, tmp, i);
+
+    if (ret != 0)
+        return ret;
+
+#ifdef HAVE_AES_ECB
+    /* encrypt all of buffer at once when possible */
+    if (in != out) { /* can not handle inline */
+        XMEMCPY(out, tmp, AES_BLOCK_SIZE);
+        if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0)
+            return ret;
+    }
+#endif
+
+    while (blocks > 0) {
+        word32 j;
+        byte carry = 0;
+
+#ifdef HAVE_AES_ECB
+        if (in == out)
+#endif
+        { /* check for if inline */
+            byte buf[AES_BLOCK_SIZE];
+
+            XMEMCPY(buf, in, AES_BLOCK_SIZE);
+            xorbuf(buf, tmp, AES_BLOCK_SIZE);
+            ret = wc_AesEncryptDirect(aes, out, buf);
+            if (ret != 0)
+                return ret;
+        }
+        xorbuf(out, tmp, AES_BLOCK_SIZE);
+
+        /* multiply by shift left and propagate carry */
+        for (j = 0; j < AES_BLOCK_SIZE; j++) {
+            byte tmpC;
+
+            tmpC   = (tmp[j] >> 7) & 0x01;
+            tmp[j] = (byte)((tmp[j] << 1) + carry);
+            carry  = tmpC;
+        }
+        if (carry) {
+            tmp[0] ^= GF_XTS;
+        }
+
+        in  += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+        sz  -= AES_BLOCK_SIZE;
+        blocks--;
+    }
+
+    /* stealing operation of XTS to handle left overs */
+    if (sz > 0) {
+        byte buf[AES_BLOCK_SIZE];
+
+        XMEMCPY(buf, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
+        if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
+            return BUFFER_E;
+        }
+        if (in != out) {
+            XMEMCPY(out, buf, sz);
+            XMEMCPY(buf, in, sz);
+        }
+        else {
+            byte buf2[AES_BLOCK_SIZE];
+
+            XMEMCPY(buf2, buf, sz);
+            XMEMCPY(buf, in, sz);
+            XMEMCPY(out, buf2, sz);
+        }
+
+        xorbuf(buf, tmp, AES_BLOCK_SIZE);
+        ret = wc_AesEncryptDirect(aes, out - AES_BLOCK_SIZE, buf);
+        if (ret == 0)
+            xorbuf(out - AES_BLOCK_SIZE, tmp, AES_BLOCK_SIZE);
+    }
+
+    return ret;
+}
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold cipher text
+ * in    input plain text buffer to encrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
  * iSz   size of i buffer, should always be AES_BLOCK_SIZE but having this input
  *       adds a sanity check on how the user calls the function.
  *
  * returns 0 on success
  */
-/* Software AES - XTS Encrypt  */
 int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
         const byte* i, word32 iSz)
 {
-    int ret = 0;
-    word32 blocks = (sz / AES_BLOCK_SIZE);
-    Aes *aes, *tweak;
+    int ret;
 
     if (xaes == NULL || out == NULL || in == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    aes   = &xaes->aes;
-    tweak = &xaes->tweak;
-
     if (iSz < AES_BLOCK_SIZE) {
         return BAD_FUNC_ARG;
     }
 
-    if (blocks > 0) {
-        byte tmp[AES_BLOCK_SIZE];
+    if (sz < AES_BLOCK_SIZE) {
+        WOLFSSL_MSG("Plain text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
+
+    {
+#ifdef WOLFSSL_AESNI
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+        int orig_use_aesni = xaes->aes.use_aesni;
+#endif
+        if (xaes->aes.use_aesni && ((ret = SAVE_VECTOR_REGISTERS2()) != 0)) {
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+            xaes->aes.use_aesni = 0;
+            xaes->tweak.use_aesni = 0;
+#else
+            return ret;
+#endif
+        }
+        if (xaes->aes.use_aesni) {
+#if defined(HAVE_INTEL_AVX1)
+            if (IS_INTEL_AVX1(intel_flags)) {
+                AES_XTS_encrypt_avx1(in, out, sz, i, (const byte*)xaes->aes.key,
+                                     (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+                ret = 0;
+            }
+            else
+#endif
+            {
+                AES_XTS_encrypt_aesni(in, out, sz, i, (const byte*)xaes->aes.key,
+                                      (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+                ret = 0;
+            }
+        }
+        else
+#endif
+        {
+            ret = AesXtsEncrypt_sw(xaes, out, in, sz, i);
+        }
+
+#ifdef WOLFSSL_AESNI
+        if (xaes->aes.use_aesni)
+            RESTORE_VECTOR_REGISTERS();
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+        else if (orig_use_aesni) {
+            xaes->aes.use_aesni = orig_use_aesni;
+            xaes->tweak.use_aesni = orig_use_aesni;
+        }
+#endif
+#endif
+    }
+
+    return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold plain text
+ * in    input cipher text buffer to decrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
+ *
+ * returns 0 on success
+ */
+/* Software AES - XTS Decrypt */
+static int AesXtsDecrypt_sw(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    Aes *aes = &xaes->aes;
+    Aes *tweak = &xaes->tweak;
+    word32 j;
+    byte carry = 0;
+    byte tmp[AES_BLOCK_SIZE];
+    byte stl = (sz % AES_BLOCK_SIZE);
 
-        XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
-                                          * key setup passed to encrypt direct*/
+    XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
+                                      * key setup passed to decrypt direct*/
 
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    ret = wc_AesEncryptDirect(tweak, tmp, i);
+    if (ret != 0)
+        return ret;
 
-        ret = wc_AesEncryptDirect(tweak, tmp, i);
+    /* if Stealing then break out of loop one block early to handle special
+     * case */
+    if (stl > 0) {
+        blocks--;
+    }
 
-        if (ret != 0) {
-            RESTORE_VECTOR_REGISTERS();
+#ifdef HAVE_AES_ECB
+    /* decrypt all of buffer at once when possible */
+    if (in != out) { /* can not handle inline */
+        XMEMCPY(out, tmp, AES_BLOCK_SIZE);
+        if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0)
             return ret;
-        }
+    }
+#endif
 
-    #ifdef HAVE_AES_ECB
-        /* encrypt all of buffer at once when possible */
-        if (in != out) { /* can not handle inline */
-            XMEMCPY(out, tmp, AES_BLOCK_SIZE);
-            if ((ret = _AesXtsHelper(aes, out, in, sz, AES_ENCRYPTION)) != 0) {
-                RESTORE_VECTOR_REGISTERS();
+    while (blocks > 0) {
+#ifdef HAVE_AES_ECB
+        if (in == out)
+#endif
+        { /* check for if inline */
+            byte buf[AES_BLOCK_SIZE];
+
+            XMEMCPY(buf, in, AES_BLOCK_SIZE);
+            xorbuf(buf, tmp, AES_BLOCK_SIZE);
+            ret = wc_AesDecryptDirect(aes, out, buf);
+            if (ret != 0)
                 return ret;
-            }
         }
-    #endif
+        xorbuf(out, tmp, AES_BLOCK_SIZE);
 
-        while (blocks > 0) {
-            word32 j;
-            byte carry = 0;
+        /* multiply by shift left and propagate carry */
+        for (j = 0; j < AES_BLOCK_SIZE; j++) {
+            byte tmpC;
 
-    #ifdef HAVE_AES_ECB
-            if (in == out)
-    #endif
-            { /* check for if inline */
-                byte buf[AES_BLOCK_SIZE];
-
-                XMEMCPY(buf, in, AES_BLOCK_SIZE);
-                xorbuf(buf, tmp, AES_BLOCK_SIZE);
-                ret = wc_AesEncryptDirect(aes, out, buf);
-                if (ret != 0) {
-                    RESTORE_VECTOR_REGISTERS();
-                    return ret;
-                }
-            }
-            xorbuf(out, tmp, AES_BLOCK_SIZE);
+            tmpC   = (tmp[j] >> 7) & 0x01;
+            tmp[j] = (byte)((tmp[j] << 1) + carry);
+            carry  = tmpC;
+        }
+        if (carry) {
+            tmp[0] ^= GF_XTS;
+        }
+        carry = 0;
 
-            /* multiply by shift left and propagate carry */
-            for (j = 0; j < AES_BLOCK_SIZE; j++) {
-                byte tmpC;
+        in  += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+        sz  -= AES_BLOCK_SIZE;
+        blocks--;
+    }
 
-                tmpC   = (tmp[j] >> 7) & 0x01;
-                tmp[j] = (byte)((tmp[j] << 1) + carry);
-                carry  = tmpC;
-            }
-            if (carry) {
-                tmp[0] ^= GF_XTS;
-            }
+    /* stealing operation of XTS to handle left overs */
+    if (sz >= AES_BLOCK_SIZE) {
+        byte buf[AES_BLOCK_SIZE];
+        byte tmp2[AES_BLOCK_SIZE];
 
-            in  += AES_BLOCK_SIZE;
-            out += AES_BLOCK_SIZE;
-            sz  -= AES_BLOCK_SIZE;
-            blocks--;
-        }
+        /* multiply by shift left and propagate carry */
+        for (j = 0; j < AES_BLOCK_SIZE; j++) {
+            byte tmpC;
 
-        /* stealing operation of XTS to handle left overs */
-        if (sz > 0) {
-            byte buf[AES_BLOCK_SIZE];
+            tmpC   = (tmp[j] >> 7) & 0x01;
+            tmp2[j] = (byte)((tmp[j] << 1) + carry);
+            carry  = tmpC;
+        }
+        if (carry) {
+            tmp2[0] ^= GF_XTS;
+        }
 
-            XMEMCPY(buf, out - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
-            if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
-                RESTORE_VECTOR_REGISTERS();
-                return BUFFER_E;
-            }
-            if (in != out) {
-                XMEMCPY(out, buf, sz);
-                XMEMCPY(buf, in, sz);
-            }
-            else {
-                byte buf2[AES_BLOCK_SIZE];
+        XMEMCPY(buf, in, AES_BLOCK_SIZE);
+        xorbuf(buf, tmp2, AES_BLOCK_SIZE);
+        ret = wc_AesDecryptDirect(aes, out, buf);
+        if (ret != 0)
+            return ret;
+        xorbuf(out, tmp2, AES_BLOCK_SIZE);
 
-                XMEMCPY(buf2, buf, sz);
-                XMEMCPY(buf, in, sz);
-                XMEMCPY(out, buf2, sz);
-            }
+        /* tmp2 holds partial | last */
+        XMEMCPY(tmp2, out, AES_BLOCK_SIZE);
+        in  += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+        sz  -= AES_BLOCK_SIZE;
 
-            xorbuf(buf, tmp, AES_BLOCK_SIZE);
-            ret = wc_AesEncryptDirect(aes, out - AES_BLOCK_SIZE, buf);
-            if (ret == 0)
-                xorbuf(out - AES_BLOCK_SIZE, tmp, AES_BLOCK_SIZE);
+        /* Make buffer with end of cipher text | last */
+        XMEMCPY(buf, tmp2, AES_BLOCK_SIZE);
+        if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
+            return BUFFER_E;
         }
-        RESTORE_VECTOR_REGISTERS();
-    }
-    else {
-        WOLFSSL_MSG("Plain text input too small for encryption");
-        return BAD_FUNC_ARG;
+        XMEMCPY(buf, in,   sz);
+        XMEMCPY(out, tmp2, sz);
+
+        xorbuf(buf, tmp, AES_BLOCK_SIZE);
+        ret = wc_AesDecryptDirect(aes, tmp2, buf);
+        if (ret != 0)
+            return ret;
+        xorbuf(tmp2, tmp, AES_BLOCK_SIZE);
+        XMEMCPY(out - AES_BLOCK_SIZE, tmp2, AES_BLOCK_SIZE);
     }
 
     return ret;
 }
 
-
 /* Same process as encryption but Aes key is AES_DECRYPTION type.
  *
  * xaes  AES keys to use for block encrypt/decrypt
@@ -11179,155 +12816,169 @@ int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
  *
  * returns 0 on success
  */
-/* Software AES - XTS Decrypt */
 int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
         const byte* i, word32 iSz)
 {
-    int ret = 0;
-    word32 blocks = (sz / AES_BLOCK_SIZE);
-    Aes *aes, *tweak;
+    int ret;
 
     if (xaes == NULL || out == NULL || in == NULL) {
         return BAD_FUNC_ARG;
     }
 
-    aes   = &xaes->aes;
-    tweak = &xaes->tweak;
-
     if (iSz < AES_BLOCK_SIZE) {
         return BAD_FUNC_ARG;
     }
 
-    if (blocks > 0) {
-        word32 j;
-        byte carry = 0;
-        byte tmp[AES_BLOCK_SIZE];
-        byte stl = (sz % AES_BLOCK_SIZE);
-
-        XMEMSET(tmp, 0, AES_BLOCK_SIZE); /* set to 0's in case of improper AES
-                                          * key setup passed to decrypt direct*/
+    if (sz < AES_BLOCK_SIZE) {
+        WOLFSSL_MSG("Cipher text input too small for decryption");
+        return BAD_FUNC_ARG;
+    }
 
-        SAVE_VECTOR_REGISTERS(return _svr_ret;);
+    {
+#ifdef WOLFSSL_AESNI
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+        int orig_use_aesni = xaes->aes.use_aesni;
+#endif
 
-        ret = wc_AesEncryptDirect(tweak, tmp, i);
-        if (ret != 0) {
-            RESTORE_VECTOR_REGISTERS();
-            return ret;
+        if (xaes->aes.use_aesni && (SAVE_VECTOR_REGISTERS2() != 0)) {
+            xaes->aes.use_aesni = 0;
+            xaes->tweak.use_aesni = 0;
         }
-
-        /* if Stealing then break out of loop one block early to handle special
-         * case */
-        if (stl > 0) {
-            blocks--;
+        if (xaes->aes.use_aesni) {
+#if defined(HAVE_INTEL_AVX1)
+            if (IS_INTEL_AVX1(intel_flags)) {
+                AES_XTS_decrypt_avx1(in, out, sz, i, (const byte*)xaes->aes.key,
+                                     (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+                ret = 0;
+            }
+            else
+#endif
+            {
+                AES_XTS_decrypt_aesni(in, out, sz, i, (const byte*)xaes->aes.key,
+                                      (const byte*)xaes->tweak.key, (int)xaes->aes.rounds);
+                ret = 0;
+            }
+        }
+        else
+#endif
+        {
+            ret = AesXtsDecrypt_sw(xaes, out, in, sz, i);
         }
 
-    #ifdef HAVE_AES_ECB
-        /* decrypt all of buffer at once when possible */
-        if (in != out) { /* can not handle inline */
-            XMEMCPY(out, tmp, AES_BLOCK_SIZE);
-            if ((ret = _AesXtsHelper(aes, out, in, sz, AES_DECRYPTION)) != 0) {
-                RESTORE_VECTOR_REGISTERS();
-                return ret;
-            }
+#ifdef WOLFSSL_AESNI
+        if (xaes->aes.use_aesni)
+            RESTORE_VECTOR_REGISTERS();
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+        else if (orig_use_aesni) {
+            xaes->aes.use_aesni = orig_use_aesni;
+            xaes->tweak.use_aesni = orig_use_aesni;
         }
-    #endif
+#endif
+#endif
 
-        while (blocks > 0) {
-    #ifdef HAVE_AES_ECB
-            if (in == out)
-    #endif
-            { /* check for if inline */
-                byte buf[AES_BLOCK_SIZE];
-
-                XMEMCPY(buf, in, AES_BLOCK_SIZE);
-                xorbuf(buf, tmp, AES_BLOCK_SIZE);
-                ret = wc_AesDecryptDirect(aes, out, buf);
-                if (ret != 0) {
-                    RESTORE_VECTOR_REGISTERS();
-                    return ret;
-                }
-            }
-            xorbuf(out, tmp, AES_BLOCK_SIZE);
+        return ret;
+    }
+}
+#endif /* !WOLFSSL_ARMASM || WOLFSSL_ARMASM_NO_HW_CRYPTO */
 
-            /* multiply by shift left and propagate carry */
-            for (j = 0; j < AES_BLOCK_SIZE; j++) {
-                byte tmpC;
+/* Same as wc_AesXtsEncryptSector but the sector gets incremented by one every
+ * sectorSz bytes
+ *
+ * xaes     AES keys to use for block encrypt
+ * out      output buffer to hold cipher text
+ * in       input plain text buffer to encrypt
+ * sz       size of both out and in buffers
+ * sector   value to use for tweak
+ * sectorSz size of the sector
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
+        word32 sz, word64 sector, word32 sectorSz)
+{
+    int ret  = 0;
+    word32 iter = 0;
+    word32 sectorCount;
+    word32 remainder;
 
-                tmpC   = (tmp[j] >> 7) & 0x01;
-                tmp[j] = (byte)((tmp[j] << 1) + carry);
-                carry  = tmpC;
-            }
-            if (carry) {
-                tmp[0] ^= GF_XTS;
-            }
-            carry = 0;
+    if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
+        return BAD_FUNC_ARG;
+    }
 
-            in  += AES_BLOCK_SIZE;
-            out += AES_BLOCK_SIZE;
-            sz  -= AES_BLOCK_SIZE;
-            blocks--;
-        }
+    if (sz < AES_BLOCK_SIZE) {
+        WOLFSSL_MSG("Cipher text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
 
-        /* stealing operation of XTS to handle left overs */
-        if (sz >= AES_BLOCK_SIZE) {
-            byte buf[AES_BLOCK_SIZE];
-            byte tmp2[AES_BLOCK_SIZE];
+    sectorCount  = sz / sectorSz;
+    remainder = sz % sectorSz;
 
-            /* multiply by shift left and propagate carry */
-            for (j = 0; j < AES_BLOCK_SIZE; j++) {
-                byte tmpC;
+    while (sectorCount) {
+        ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
+                in + (iter * sectorSz), sectorSz, sector);
+        if (ret != 0)
+            break;
 
-                tmpC   = (tmp[j] >> 7) & 0x01;
-                tmp2[j] = (byte)((tmp[j] << 1) + carry);
-                carry  = tmpC;
-            }
-            if (carry) {
-                tmp2[0] ^= GF_XTS;
-            }
+        sectorCount--;
+        iter++;
+        sector++;
+    }
 
-            XMEMCPY(buf, in, AES_BLOCK_SIZE);
-            xorbuf(buf, tmp2, AES_BLOCK_SIZE);
-            ret = wc_AesDecryptDirect(aes, out, buf);
-            if (ret != 0) {
-                RESTORE_VECTOR_REGISTERS();
-                return ret;
-            }
-            xorbuf(out, tmp2, AES_BLOCK_SIZE);
+    if (remainder && ret == 0)
+        ret = wc_AesXtsEncryptSector(aes, out + (iter * sectorSz),
+                in + (iter * sectorSz), remainder, sector);
 
-            /* tmp2 holds partial | last */
-            XMEMCPY(tmp2, out, AES_BLOCK_SIZE);
-            in  += AES_BLOCK_SIZE;
-            out += AES_BLOCK_SIZE;
-            sz  -= AES_BLOCK_SIZE;
+    return ret;
+}
 
-            /* Make buffer with end of cipher text | last */
-            XMEMCPY(buf, tmp2, AES_BLOCK_SIZE);
-            if (sz >= AES_BLOCK_SIZE) { /* extra sanity check before copy */
-                RESTORE_VECTOR_REGISTERS();
-                return BUFFER_E;
-            }
-            XMEMCPY(buf, in,   sz);
-            XMEMCPY(out, tmp2, sz);
+/* Same as wc_AesXtsEncryptConsecutiveSectors but Aes key is AES_DECRYPTION type
+ *
+ * xaes     AES keys to use for block decrypt
+ * out      output buffer to hold cipher text
+ * in       input plain text buffer to encrypt
+ * sz       size of both out and in buffers
+ * sector   value to use for tweak
+ * sectorSz size of the sector
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes, byte* out, const byte* in,
+        word32 sz, word64 sector, word32 sectorSz)
+{
+    int ret  = 0;
+    word32 iter = 0;
+    word32 sectorCount;
+    word32 remainder;
 
-            xorbuf(buf, tmp, AES_BLOCK_SIZE);
-            ret = wc_AesDecryptDirect(aes, tmp2, buf);
-            if (ret != 0) {
-                RESTORE_VECTOR_REGISTERS();
-                return ret;
-            }
-            xorbuf(tmp2, tmp, AES_BLOCK_SIZE);
-            XMEMCPY(out - AES_BLOCK_SIZE, tmp2, AES_BLOCK_SIZE);
-        }
-        RESTORE_VECTOR_REGISTERS();
+    if (aes == NULL || out == NULL || in == NULL || sectorSz == 0) {
+        return BAD_FUNC_ARG;
     }
-    else {
-        WOLFSSL_MSG("Plain text input too small for encryption");
+
+    if (sz < AES_BLOCK_SIZE) {
+        WOLFSSL_MSG("Cipher text input too small for decryption");
         return BAD_FUNC_ARG;
     }
 
+    sectorCount  = sz / sectorSz;
+    remainder = sz % sectorSz;
+
+    while (sectorCount) {
+        ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
+                in + (iter * sectorSz), sectorSz, sector);
+        if (ret != 0)
+            break;
+
+        sectorCount--;
+        iter++;
+        sector++;
+    }
+
+    if (remainder && ret == 0)
+        ret = wc_AesXtsDecryptSector(aes, out + (iter * sectorSz),
+                in + (iter * sectorSz), remainder, sector);
+
     return ret;
 }
-
 #endif /* WOLFSSL_AES_XTS */
 
 #ifdef WOLFSSL_AES_SIV
@@ -11572,5 +13223,518 @@ int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
 
 #endif /* WOLFSSL_AES_SIV */
 
-#endif /* HAVE_FIPS */
+#if defined(WOLFSSL_AES_EAX)
+
+/*
+ * AES EAX one-shot API
+ * Encrypts input data and computes an auth tag over the input
+ * auth data and ciphertext
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+                          const byte* in, word32 inSz,
+                          const byte* nonce, word32 nonceSz,
+                          /* output computed auth tag */
+                          byte* authTag, word32 authTagSz,
+                          /* input data to authenticate */
+                          const byte* authIn, word32 authInSz)
+{
+#if defined(WOLFSSL_SMALL_STACK)
+    AesEax *eax;
+#else
+    AesEax eax_mem;
+    AesEax *eax = &eax_mem;
+#endif
+    int ret;
+    int eaxInited = 0;
+
+    if (key == NULL || out == NULL || in == NULL || nonce == NULL
+                              || authTag == NULL || authIn == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#if defined(WOLFSSL_SMALL_STACK)
+    if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
+                                 NULL,
+                                 DYNAMIC_TYPE_AES_EAX)) == NULL) {
+        return MEMORY_E;
+    }
+#endif
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+        goto cleanup;
+    }
+    eaxInited = 1;
+
+    if ((ret = wc_AesEaxEncryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxEncryptFinal(eax, authTag, authTagSz)) != 0) {
+        goto cleanup;
+    }
+
+cleanup:
+    if (eaxInited)
+        wc_AesEaxFree(eax);
+#if defined(WOLFSSL_SMALL_STACK)
+    XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
+#endif
+    return ret;
+}
+
+
+/*
+ * AES EAX one-shot API
+ * Decrypts and authenticates data against a supplied auth tag
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+                          const byte* in, word32 inSz,
+                          const byte* nonce, word32 nonceSz,
+                          /* auth tag to verify against */
+                          const byte* authTag, word32 authTagSz,
+                          /* input data to authenticate */
+                          const byte* authIn, word32 authInSz)
+{
+#if defined(WOLFSSL_SMALL_STACK)
+    AesEax *eax;
+#else
+    AesEax eax_mem;
+    AesEax *eax = &eax_mem;
+#endif
+    int ret;
+    int eaxInited = 0;
+
+    if (key == NULL || out == NULL || in == NULL || nonce == NULL
+                              || authTag == NULL || authIn == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#if defined(WOLFSSL_SMALL_STACK)
+    if ((eax = (AesEax *)XMALLOC(sizeof(AesEax),
+                                 NULL,
+                                 DYNAMIC_TYPE_AES_EAX)) == NULL) {
+        return MEMORY_E;
+    }
+#endif
+
+    if ((ret = wc_AesEaxInit(eax,
+                             key, keySz,
+                             nonce, nonceSz,
+                             authIn, authInSz)) != 0) {
+
+        goto cleanup;
+    }
+    eaxInited = 1;
+
+    if ((ret = wc_AesEaxDecryptUpdate(eax, out, in, inSz, NULL, 0)) != 0) {
+        goto cleanup;
+    }
+
+    if ((ret = wc_AesEaxDecryptFinal(eax, authTag, authTagSz)) != 0) {
+        goto cleanup;
+    }
+
+cleanup:
+    if (eaxInited)
+        wc_AesEaxFree(eax);
+#if defined(WOLFSSL_SMALL_STACK)
+    XFREE(eax, NULL, DYNAMIC_TYPE_AES_EAX);
+#endif
+    return ret;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Initializes an AES EAX encryption or decryption operation. This must be
+ * called before any other EAX APIs are used on the AesEax struct
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxInit(AesEax* eax,
+                   const byte* key, word32 keySz,
+                   const byte* nonce, word32 nonceSz,
+                   const byte* authIn, word32 authInSz)
+{
+    int ret = 0;
+    word32 cmacSize;
+    int aesInited = 0;
+    int nonceCmacInited = 0;
+    int aadCmacInited = 0;
+
+    if (eax == NULL || key == NULL ||  nonce == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    XMEMSET(eax->prefixBuf, 0, sizeof(eax->prefixBuf));
+
+    if ((ret = wc_AesInit(&eax->aes, NULL, INVALID_DEVID)) != 0) {
+        goto out;
+    }
+    aesInited = 1;
+
+    if ((ret = wc_AesSetKey(&eax->aes,
+                            key,
+                            keySz,
+                            NULL,
+                            AES_ENCRYPTION)) != 0) {
+        goto out;
+    }
+
+    /*
+    * OMAC the nonce to use as the IV for CTR encryption and auth tag chunk
+    *   N' = OMAC^0_K(N)
+    */
+    if ((ret = wc_InitCmac(&eax->nonceCmac,
+                           key,
+                           keySz,
+                           WC_CMAC_AES,
+                           NULL)) != 0) {
+        return ret;
+    }
+    nonceCmacInited = 1;
+
+    if ((ret = wc_CmacUpdate(&eax->nonceCmac,
+                             eax->prefixBuf,
+                             sizeof(eax->prefixBuf))) != 0) {
+        goto out;
+    }
+
+    if ((ret = wc_CmacUpdate(&eax->nonceCmac, nonce, nonceSz)) != 0) {
+        goto out;
+    }
+
+    cmacSize = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinal(&eax->nonceCmac,
+                            eax->nonceCmacFinal,
+                            &cmacSize)) != 0) {
+        goto out;
+    }
+
+    if ((ret = wc_AesSetIV(&eax->aes, eax->nonceCmacFinal)) != 0) {
+        goto out;
+    }
+
+    /*
+     * start the OMAC used to build the auth tag chunk for the AD .
+     * This CMAC is continued in subsequent update calls when more auth data is
+     * provided
+     *   H' = OMAC^1_K(H)
+     */
+    eax->prefixBuf[AES_BLOCK_SIZE-1] = 1;
+    if ((ret = wc_InitCmac(&eax->aadCmac,
+                           key,
+                           keySz,
+                           WC_CMAC_AES,
+                           NULL)) != 0) {
+        goto out;
+    }
+    aadCmacInited = 1;
+
+    if ((ret = wc_CmacUpdate(&eax->aadCmac,
+                             eax->prefixBuf,
+                             sizeof(eax->prefixBuf))) != 0) {
+        goto out;
+    }
+
+    if (authIn != NULL) {
+        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+            goto out;
+        }
+    }
+
+    /*
+     * start the OMAC to create auth tag chunk for ciphertext. This MAC will be
+     * updated in subsequent calls to encrypt/decrypt
+     *  C' = OMAC^2_K(C)
+     */
+    eax->prefixBuf[AES_BLOCK_SIZE-1] = 2;
+    if ((ret = wc_InitCmac(&eax->ciphertextCmac,
+                           key,
+                           keySz,
+                           WC_CMAC_AES,
+                           NULL)) != 0) {
+        goto out;
+    }
+
+    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac,
+                             eax->prefixBuf,
+                             sizeof(eax->prefixBuf))) != 0) {
+        goto out;
+    }
+
+out:
+
+    if (ret != 0) {
+        if (aesInited)
+            wc_AesFree(&eax->aes);
+        if (nonceCmacInited)
+            wc_CmacFree(&eax->nonceCmac);
+        if (aadCmacInited)
+            wc_CmacFree(&eax->aadCmac);
+    }
+
+    return ret;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Encrypts input plaintext using AES EAX mode, adding optional auth data to
+ * the authentication stream
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+                            const byte* in, word32 inSz,
+                            const byte* authIn, word32 authInSz)
+{
+    int ret;
+
+    if (eax == NULL || out == NULL ||  in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /*
+     * Encrypt the plaintext using AES CTR
+     *  C = CTR(M)
+     */
+    if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
+        return ret;
+    }
+
+    /*
+     * update OMAC with new ciphertext
+     *  C' = OMAC^2_K(C)
+     */
+    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, out, inSz)) != 0) {
+        return ret;
+    }
+
+    /* If there exists new auth data, update the OMAC for that as well */
+    if (authIn != NULL) {
+        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Decrypts input ciphertext using AES EAX mode, adding optional auth data to
+ * the authentication stream
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+                            const byte* in, word32 inSz,
+                            const byte* authIn, word32 authInSz)
+{
+    int ret;
+
+    if (eax == NULL || out == NULL ||  in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /*
+     * Decrypt the plaintext using AES CTR
+     *  C = CTR(M)
+     */
+    if ((ret = wc_AesCtrEncrypt(&eax->aes, out, in, inSz)) != 0) {
+        return ret;
+    }
+
+    /*
+     * update OMAC with new ciphertext
+     *  C' = OMAC^2_K(C)
+     */
+    if ((ret = wc_CmacUpdate(&eax->ciphertextCmac, in, inSz)) != 0) {
+        return ret;
+    }
+
+    /* If there exists new auth data, update the OMAC for that as well */
+    if (authIn != NULL) {
+        if ((ret = wc_CmacUpdate(&eax->aadCmac, authIn, authInSz)) != 0) {
+            return ret;
+        }
+    }
+
+    return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Provides additional auth data information to the authentication
+ * stream for an authenticated encryption or decryption operation
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int  wc_AesEaxAuthDataUpdate(AesEax* eax, const byte* authIn, word32 authInSz)
+{
+    return wc_CmacUpdate(&eax->aadCmac, authIn, authInSz);
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Finalizes the authenticated encryption operation, computing the auth tag
+ * over previously supplied auth data and computed ciphertext
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxEncryptFinal(AesEax* eax, byte* authTag, word32 authTagSz)
+{
+    word32 cmacSize;
+    int ret;
+    word32 i;
+
+    if (eax == NULL || authTag == NULL || authTagSz > AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Complete the OMAC for the ciphertext */
+    cmacSize = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
+                                  eax->ciphertextCmacFinal,
+                                  &cmacSize)) != 0) {
+        return ret;
+    }
+
+    /* Complete the OMAC for auth data */
+    cmacSize = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
+                                  eax->aadCmacFinal,
+                                  &cmacSize)) != 0) {
+        return ret;
+    }
+
+    /*
+     * Concatenate all three auth tag chunks into the final tag, truncating
+     * at the specified tag length
+     *   T = Tag [first authTagSz bytes]
+     */
+    for (i = 0; i < authTagSz; i++) {
+        authTag[i] = eax->nonceCmacFinal[i]
+                    ^ eax->aadCmacFinal[i]
+                    ^ eax->ciphertextCmacFinal[i];
+    }
+
+    return 0;
+}
+
+
+/*
+ * AES EAX Incremental API:
+ * Finalizes the authenticated decryption operation, computing the auth tag
+ * for the previously supplied auth data and cipher text and validating it
+ * against a provided auth tag
+ *
+ * Returns 0 on success
+ * Return error code for failure
+ */
+int wc_AesEaxDecryptFinal(AesEax* eax,
+                          const byte* authIn, word32 authInSz)
+{
+    int ret;
+    word32 i;
+    word32 cmacSize;
+
+#if defined(WOLFSSL_SMALL_STACK)
+    byte *authTag;
+#else
+    byte authTag[AES_BLOCK_SIZE];
+#endif
+
+    if (eax == NULL || authIn == NULL || authInSz > AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Complete the OMAC for the ciphertext */
+    cmacSize = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinalNoFree(&eax->ciphertextCmac,
+                                  eax->ciphertextCmacFinal,
+                                  &cmacSize)) != 0) {
+        return ret;
+    }
+
+    /* Complete the OMAC for auth data */
+    cmacSize = AES_BLOCK_SIZE;
+    if ((ret = wc_CmacFinalNoFree(&eax->aadCmac,
+                                  eax->aadCmacFinal,
+                                  &cmacSize)) != 0) {
+        return ret;
+    }
+
+#if defined(WOLFSSL_SMALL_STACK)
+    authTag = (byte*)XMALLOC(AES_BLOCK_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    if (authTag == NULL) {
+        return MEMORY_E;
+    }
+#endif
+
+    /*
+     * Concatenate all three auth tag chunks into the final tag, truncating
+     * at the specified tag length
+     *   T = Tag [first authInSz bytes]
+     */
+    for (i = 0; i < authInSz; i++) {
+        authTag[i] = eax->nonceCmacFinal[i]
+                    ^ eax->aadCmacFinal[i]
+                    ^ eax->ciphertextCmacFinal[i];
+    }
+
+    if (ConstantCompare((const byte*)authTag, authIn, (int)authInSz) != 0) {
+        ret = AES_EAX_AUTH_E;
+    }
+    else {
+        ret = 0;
+    }
+
+#if defined(WOLFSSL_SMALL_STACK)
+    XFREE(authTag, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+#endif
+
+    return ret;
+}
+
+/*
+ * Frees the underlying CMAC and AES contexts. Must be called when done using
+ * the AES EAX context structure.
+ *
+ * Returns 0 on success
+ * Returns error code on failure
+ */
+int wc_AesEaxFree(AesEax* eax)
+{
+    if (eax == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    (void)wc_CmacFree(&eax->ciphertextCmac);
+    (void)wc_CmacFree(&eax->aadCmac);
+    wc_AesFree(&eax->aes);
+
+    return 0;
+}
+
+#endif /* WOLFSSL_AES_EAX */
+
 #endif /* !NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
index 89ebc7be..afaa0d40 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.S
@@ -30,7 +30,7 @@
 #ifdef WOLFSSL_X86_64_BUILD
 
 /*
-AES_CBC_encrypt (const unsigned char *in,
+AES_CBC_encrypt_AESNI (const unsigned char *in,
 	unsigned char *out,
 	unsigned char ivec[16],
 	unsigned long length,
@@ -38,11 +38,11 @@ AES_CBC_encrypt (const unsigned char *in,
 	int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_encrypt
-AES_CBC_encrypt:
+.globl AES_CBC_encrypt_AESNI
+AES_CBC_encrypt_AESNI:
 #else
-.globl _AES_CBC_encrypt
-_AES_CBC_encrypt:
+.globl _AES_CBC_encrypt_AESNI
+_AES_CBC_encrypt_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -95,7 +95,7 @@ ret
 #if defined(WOLFSSL_AESNI_BY4)
 
 /*
-AES_CBC_decrypt_by4 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by4 (const unsigned char *in,
   unsigned char *out,
   unsigned char ivec[16],
   unsigned long length,
@@ -103,11 +103,11 @@ AES_CBC_decrypt_by4 (const unsigned char *in,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_decrypt_by4
-AES_CBC_decrypt_by4:
+.globl AES_CBC_decrypt_AESNI_by4
+AES_CBC_decrypt_AESNI_by4:
 #else
-.globl _AES_CBC_decrypt_by4
-_AES_CBC_decrypt_by4:
+.globl _AES_CBC_decrypt_AESNI_by4
+_AES_CBC_decrypt_AESNI_by4:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -276,7 +276,7 @@ DEND_4:
 #elif defined(WOLFSSL_AESNI_BY6)
 
 /*
-AES_CBC_decrypt_by6 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by6 (const unsigned char *in,
   unsigned char *out,
   unsigned char ivec[16],
   unsigned long length,
@@ -284,11 +284,11 @@ AES_CBC_decrypt_by6 (const unsigned char *in,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_decrypt_by6
-AES_CBC_decrypt_by6:
+.globl AES_CBC_decrypt_AESNI_by6
+AES_CBC_decrypt_AESNI_by6:
 #else
-.globl _AES_CBC_decrypt_by6
-_AES_CBC_decrypt_by6:
+.globl _AES_CBC_decrypt_AESNI_by6
+_AES_CBC_decrypt_AESNI_by6:
 #endif
 # parameter 1: %rdi - in
 # parameter 2: %rsi - out
@@ -504,7 +504,7 @@ DEND_6:
 #else /* WOLFSSL_AESNI_BYx */
 
 /*
-AES_CBC_decrypt_by8 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by8 (const unsigned char *in,
   unsigned char *out,
   unsigned char ivec[16],
   unsigned long length,
@@ -512,11 +512,11 @@ AES_CBC_decrypt_by8 (const unsigned char *in,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_decrypt_by8
-AES_CBC_decrypt_by8:
+.globl AES_CBC_decrypt_AESNI_by8
+AES_CBC_decrypt_AESNI_by8:
 #else
-.globl _AES_CBC_decrypt_by8
-_AES_CBC_decrypt_by8:
+.globl _AES_CBC_decrypt_AESNI_by8
+_AES_CBC_decrypt_AESNI_by8:
 #endif
 # parameter 1: %rdi - in
 # parameter 2: %rsi - out
@@ -761,18 +761,18 @@ DEND_8:
 
 
 /*
-AES_ECB_encrypt (const unsigned char *in,
+AES_ECB_encrypt_AESNI (const unsigned char *in,
 	unsigned char *out,
 	unsigned long length,
 	const unsigned char *KS,
 	int nr)
 */
 #ifndef __APPLE__
-.globl AES_ECB_encrypt
-AES_ECB_encrypt:
+.globl AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI:
 #else
-.globl _AES_ECB_encrypt
-_AES_ECB_encrypt:
+.globl _AES_ECB_encrypt_AESNI
+_AES_ECB_encrypt_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -925,18 +925,18 @@ EECB_END_4:
 
 
 /*
-AES_ECB_decrypt (const unsigned char *in,
+AES_ECB_decrypt_AESNI (const unsigned char *in,
   unsigned char *out,
   unsigned long length,
   const unsigned char *KS,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_ECB_decrypt
-AES_ECB_decrypt:
+.globl AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI:
 #else
-.globl _AES_ECB_decrypt
-_AES_ECB_decrypt:
+.globl _AES_ECB_decrypt_AESNI
+_AES_ECB_decrypt_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -1092,20 +1092,19 @@ DECB_END_4:
 
 
 /*
-void AES_128_Key_Expansion(const unsigned char* userkey,
+void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
    unsigned char* key_schedule);
 */
 .align  16,0x90
 #ifndef __APPLE__
-.globl AES_128_Key_Expansion
-AES_128_Key_Expansion:
+.globl AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI:
 #else
-.globl _AES_128_Key_Expansion
-_AES_128_Key_Expansion:
+.globl _AES_128_Key_Expansion_AESNI
+_AES_128_Key_Expansion_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
-movl    $10, 240(%rsi)
 
 movdqu  (%rdi), %xmm1
 movdqa    %xmm1, (%rsi)
@@ -1158,15 +1157,15 @@ ret
 
 
 /*
-void AES_192_Key_Expansion (const unsigned char *userkey,
+void AES_192_Key_Expansion_AESNI (const unsigned char *userkey,
   unsigned char *key)
 */
 #ifndef __APPLE__
-.globl AES_192_Key_Expansion
-AES_192_Key_Expansion:
+.globl AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI:
 #else
-.globl _AES_192_Key_Expansion
-_AES_192_Key_Expansion:
+.globl _AES_192_Key_Expansion_AESNI
+_AES_192_Key_Expansion_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -1249,15 +1248,15 @@ ret
 
 
 /*
-void AES_256_Key_Expansion (const unsigned char *userkey,
+void AES_256_Key_Expansion_AESNI (const unsigned char *userkey,
   unsigned char *key)
 */
 #ifndef __APPLE__
-.globl AES_256_Key_Expansion
-AES_256_Key_Expansion:
+.globl AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI:
 #else
-.globl _AES_256_Key_Expansion
-_AES_256_Key_Expansion:
+.globl _AES_256_Key_Expansion_AESNI
+_AES_256_Key_Expansion_AESNI:
 #endif
 # parameter 1: %rdi
 # parameter 2: %rsi
@@ -1337,7 +1336,7 @@ ret
 #elif defined WOLFSSL_X86_BUILD
 
 /*
-AES_CBC_encrypt (const unsigned char *in,
+AES_CBC_encrypt_AESNI (const unsigned char *in,
 	unsigned char *out,
 	unsigned char ivec[16],
 	unsigned long length,
@@ -1345,11 +1344,11 @@ AES_CBC_encrypt (const unsigned char *in,
 	int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_encrypt
-AES_CBC_encrypt:
+.globl AES_CBC_encrypt_AESNI
+AES_CBC_encrypt_AESNI:
 #else
-.globl _AES_CBC_encrypt
-_AES_CBC_encrypt:
+.globl _AES_CBC_encrypt_AESNI
+_AES_CBC_encrypt_AESNI:
 #endif
         # parameter 1: stack[4] => %edi
         # parameter 2: stack[8] => %esi
@@ -1416,7 +1415,7 @@ _AES_CBC_encrypt:
 
 
 /*
-AES_CBC_decrypt_by4 (const unsigned char *in,
+AES_CBC_decrypt_AESNI_by4 (const unsigned char *in,
   unsigned char *out,
   unsigned char ivec[16],
   unsigned long length,
@@ -1424,11 +1423,11 @@ AES_CBC_decrypt_by4 (const unsigned char *in,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_CBC_decrypt_by4
-AES_CBC_decrypt_by4:
+.globl AES_CBC_decrypt_AESNI_by4
+AES_CBC_decrypt_AESNI_by4:
 #else
-.globl _AES_CBC_decrypt_by4
-_AES_CBC_decrypt_by4:
+.globl _AES_CBC_decrypt_AESNI_by4
+_AES_CBC_decrypt_AESNI_by4:
 #endif
 # parameter 1: stack[4] => %edi
 # parameter 2: stack[8] => %esi
@@ -1614,18 +1613,18 @@ DEND_4:
         ret
 
 /*
-AES_ECB_encrypt (const unsigned char *in,
+AES_ECB_encrypt_AESNI (const unsigned char *in,
 	unsigned char *out,
 	unsigned long length,
 	const unsigned char *KS,
 	int nr)
 */
 #ifndef __APPLE__
-.globl AES_ECB_encrypt
-AES_ECB_encrypt:
+.globl AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI:
 #else
-.globl _AES_ECB_encrypt
-_AES_ECB_encrypt:
+.globl _AES_ECB_encrypt_AESNI
+_AES_ECB_encrypt_AESNI:
 #endif
 # parameter 1: stack[4] => %edi
 # parameter 2: stack[8] => %esi
@@ -1791,18 +1790,18 @@ EECB_END_4:
 
 
 /*
-AES_ECB_decrypt (const unsigned char *in,
+AES_ECB_decrypt_AESNI (const unsigned char *in,
   unsigned char *out,
   unsigned long length,
   const unsigned char *KS,
   int nr)
 */
 #ifndef __APPLE__
-.globl AES_ECB_decrypt
-AES_ECB_decrypt:
+.globl AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI:
 #else
-.globl _AES_ECB_decrypt
-_AES_ECB_decrypt:
+.globl _AES_ECB_decrypt_AESNI
+_AES_ECB_decrypt_AESNI:
 #endif
 # parameter 1: stack[4] => %edi
 # parameter 2: stack[8] => %esi
@@ -1969,16 +1968,16 @@ DECB_END_4:
 
 
 /*
-void AES_128_Key_Expansion(const unsigned char* userkey,
+void AES_128_Key_Expansion_AESNI(const unsigned char* userkey,
    unsigned char* key_schedule);
 */
 .align  16,0x90
 #ifndef __APPLE__
-.globl AES_128_Key_Expansion
-AES_128_Key_Expansion:
+.globl AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI:
 #else
-.globl _AES_128_Key_Expansion
-_AES_128_Key_Expansion:
+.globl _AES_128_Key_Expansion_AESNI
+_AES_128_Key_Expansion_AESNI:
 #endif
         # parameter 1: stack[4] => %eax
         # parameter 2: stack[8] => %edx
@@ -2038,15 +2037,15 @@ PREPARE_ROUNDKEY_128:
 
 
 /*
-void AES_192_Key_Expansion (const unsigned char *userkey,
+void AES_192_Key_Expansion_AESNI (const unsigned char *userkey,
   unsigned char *key)
 */
 #ifndef __APPLE__
-.globl AES_192_Key_Expansion
-AES_192_Key_Expansion:
+.globl AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI:
 #else
-.globl _AES_192_Key_Expansion
-_AES_192_Key_Expansion:
+.globl _AES_192_Key_Expansion_AESNI
+_AES_192_Key_Expansion_AESNI:
 #endif
         # parameter 1: stack[4] => %eax
         # parameter 2: stack[8] => %edx
@@ -2131,15 +2130,15 @@ PREPARE_ROUNDKEY_192:
 
 
 /*
-void AES_256_Key_Expansion (const unsigned char *userkey,
+void AES_256_Key_Expansion_AESNI (const unsigned char *userkey,
   unsigned char *key)
 */
 #ifndef __APPLE__
-.globl AES_256_Key_Expansion
-AES_256_Key_Expansion:
+.globl AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI:
 #else
-.globl _AES_256_Key_Expansion
-_AES_256_Key_Expansion:
+.globl _AES_256_Key_Expansion_AESNI
+_AES_256_Key_Expansion_AESNI:
 #endif
         # parameter 1: stack[4] => %eax
         # parameter 2: stack[8] => %edx
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
index f57876f6..72fe237b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_asm.asm
@@ -47,14 +47,14 @@ ENDIF
 
 
 ;	/*
-;	AES_CBC_encrypt[const	,unsigned	char*in
+;	AES_CBC_encrypt_AESNI[const	,unsigned	char*in
 ;	unsigned	,char*out
 ;	unsigned	,char	ivec+16
 ;	unsigned	,long	length
 ;	const	,unsigned	char*KS
 ;	int	nr]
 ;	*/
-AES_CBC_encrypt PROC
+AES_CBC_encrypt_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 ;#	parameter	3:	rdx
@@ -117,16 +117,16 @@ LAST:
 	mov rdi,rax
 	mov rsi,r11
 	ret
-AES_CBC_encrypt ENDP
+AES_CBC_encrypt_AESNI ENDP
 
 
-; void AES_CBC_decrypt_by4(const unsigned char* in,
+; void AES_CBC_decrypt_AESNI_by4(const unsigned char* in,
 ;                          unsigned char* out,
 ;                          unsigned char ivec[16],
 ;                          unsigned long length,
 ;                          const unsigned char* KS,
 ;                          int nr)
-AES_CBC_decrypt_by4 PROC
+AES_CBC_decrypt_AESNI_by4 PROC
 ; parameter 1: rdi
 ; parameter 2: rsi
 ; parameter 3: rdx
@@ -325,16 +325,16 @@ DEND_4:
         movdqa      xmm15, [rsp+112]
         add         rsp, 8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each
         ret
-AES_CBC_decrypt_by4 ENDP
+AES_CBC_decrypt_AESNI_by4 ENDP
 
 
-; void AES_CBC_decrypt_by6(const unsigned char *in,
+; void AES_CBC_decrypt_AESNI_by6(const unsigned char *in,
 ;                          unsigned char *out,
 ;                          unsigned char ivec[16],
 ;                          unsigned long length,
 ;                          const unsigned char *KS,
 ;                          int nr)
-AES_CBC_decrypt_by6 PROC
+AES_CBC_decrypt_AESNI_by6 PROC
 ; parameter 1: rdi - in
 ; parameter 2: rsi - out
 ; parameter 3: rdx - ivec
@@ -582,16 +582,16 @@ DEND_6:
         movdqa      xmm14, [rsp+128]
         add         rsp, 8+9*16 ; 8 = align stack , 9 xmm6-14 16 bytes each
         ret
-AES_CBC_decrypt_by6 ENDP
+AES_CBC_decrypt_AESNI_by6 ENDP
 
 
-; void AES_CBC_decrypt_by8(const unsigned char *in,
+; void AES_CBC_decrypt_AESNI_by8(const unsigned char *in,
 ;                          unsigned char *out,
 ;                          unsigned char ivec[16],
 ;                          unsigned long length,
 ;                          const unsigned char *KS,
 ;                          int nr)
-AES_CBC_decrypt_by8 PROC
+AES_CBC_decrypt_AESNI_by8 PROC
 ; parameter 1: rdi - in
 ; parameter 2: rsi - out
 ; parameter 3: rdx - ivec
@@ -865,18 +865,18 @@ DEND_8:
         movdqa      xmm13, [rsp+112]
         add         rsp, 8+8*16 ; 8 = align stack , 8 xmm6-13 16 bytes each
         ret
-AES_CBC_decrypt_by8 ENDP
+AES_CBC_decrypt_AESNI_by8 ENDP
 
 
 ;	/*
-;	AES_ECB_encrypt[const	,unsigned	char*in
+;	AES_ECB_encrypt_AESNI[const	,unsigned	char*in
 ;	unsigned	,char*out
 ;	unsigned	,long	length
 ;	const	,unsigned	char*KS
 ;	int	nr]
 ;	*/
-;	.	globl	AES_ECB_encrypt
-AES_ECB_encrypt PROC
+;	.	globl	AES_ECB_encrypt_AESNI
+AES_ECB_encrypt_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 ;#	parameter	3:	rdx
@@ -1054,17 +1054,17 @@ EECB_END_4:
 	movdqa xmm12, [rsp+48]
 	add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
 	ret
-AES_ECB_encrypt ENDP
+AES_ECB_encrypt_AESNI ENDP
 
 ;	/*
-;	AES_ECB_decrypt[const	,unsigned	char*in
+;	AES_ECB_decrypt_AESNI[const	,unsigned	char*in
 ;	unsigned	,char*out
 ;	unsigned	,long	length
 ;	const	,unsigned	char*KS
 ;	int	nr]
 ;	*/
-;	.	globl	AES_ECB_decrypt
-AES_ECB_decrypt PROC
+;	.	globl	AES_ECB_decrypt_AESNI
+AES_ECB_decrypt_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 ;#	parameter	3:	rdx
@@ -1241,17 +1241,17 @@ DECB_END_4:
 	movdqa xmm12, [rsp+48]
 	add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each
 	ret
-AES_ECB_decrypt ENDP
+AES_ECB_decrypt_AESNI ENDP
 
 
 
 ;	/*
-;	void	,AES_128_Key_Expansion[const	unsigned	char*userkey
+;	void	,AES_128_Key_Expansion_AESNI[const	unsigned	char*userkey
 ;	unsigned	char*key_schedule]/
 ;	*/
 ;	.	align	16,0x90
-;	.	globl	AES_128_Key_Expansion
-AES_128_Key_Expansion PROC
+;	.	globl	AES_128_Key_Expansion_AESNI
+AES_128_Key_Expansion_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 
@@ -1322,14 +1322,14 @@ PREPARE_ROUNDKEY_128:
 	pxor	xmm1,xmm3
 	pxor	xmm1,xmm2
 	ret
-AES_128_Key_Expansion ENDP
+AES_128_Key_Expansion_AESNI ENDP
 
 ;	/*
-;	void	,AES_192_Key_Expansion[const	unsigned	char*userkey
+;	void	,AES_192_Key_Expansion_AESNI[const	unsigned	char*userkey
 ;	unsigned	char*key]
 ;	*/
-;	.	globl	AES_192_Key_Expansion
-AES_192_Key_Expansion PROC
+;	.	globl	AES_192_Key_Expansion_AESNI
+AES_192_Key_Expansion_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 
@@ -1426,14 +1426,14 @@ PREPARE_ROUNDKEY_192:
 	pxor	xmm3,xmm4
 	pxor	xmm3,xmm2
 	ret
-AES_192_Key_Expansion ENDP
+AES_192_Key_Expansion_AESNI ENDP
 
 ;	/*
-;	void	,AES_256_Key_Expansion[const	unsigned	char*userkey
+;	void	,AES_256_Key_Expansion_AESNI[const	unsigned	char*userkey
 ;	unsigned	char*key]
 ;	*/
-;	.	globl	AES_256_Key_Expansion
-AES_256_Key_Expansion PROC
+;	.	globl	AES_256_Key_Expansion_AESNI
+AES_256_Key_Expansion_AESNI PROC
 ;#	parameter	1:	rdi
 ;#	parameter	2:	rsi
 
@@ -1495,7 +1495,7 @@ AES_256_Key_Expansion PROC
 	mov rdi,rax
 	mov rsi,r11
 	ret
-AES_256_Key_Expansion ENDP
+AES_256_Key_Expansion_AESNI ENDP
 
 MAKE_RK256_a:
 	pshufd	xmm2,xmm2,0ffh
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
index 82db934a..4175888f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.S
@@ -1,5 +1,5 @@
-/* aes_gcm_asm
- *
+/* aes_gcm_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
@@ -180,15 +180,15 @@ L_aes_gcm_mod2_128:
 .quad	0x1, 0xc200000000000000
 #ifndef __APPLE__
 .text
-.globl	AES_GCM_encrypt
-.type	AES_GCM_encrypt,@function
+.globl	AES_GCM_encrypt_aesni
+.type	AES_GCM_encrypt_aesni,@function
 .align	16
-AES_GCM_encrypt:
+AES_GCM_encrypt_aesni:
 #else
 .section	__TEXT,__text
-.globl	_AES_GCM_encrypt
+.globl	_AES_GCM_encrypt_aesni
 .p2align	4
-_AES_GCM_encrypt:
+_AES_GCM_encrypt_aesni:
 #endif /* __APPLE__ */
         pushq	%r13
         pushq	%r12
@@ -207,7 +207,7 @@ _AES_GCM_encrypt:
         pxor	%xmm6, %xmm6
         cmpl	$12, %ebx
         movl	%ebx, %edx
-        jne	L_AES_GCM_encrypt_iv_not_12
+        jne	L_AES_GCM_encrypt_aesni_iv_not_12
         # # Calculate values when IV is 12 bytes
         # Set counter based on IV
         movl	$0x1000000, %ecx
@@ -247,7 +247,7 @@ _AES_GCM_encrypt:
         aesenc	%xmm7, %xmm1
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_calc_iv_12_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_12_last
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	176(%r15), %xmm7
@@ -255,20 +255,20 @@ _AES_GCM_encrypt:
         aesenc	%xmm7, %xmm1
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_calc_iv_12_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_12_last
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	208(%r15), %xmm7
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	224(%r15), %xmm7
-L_AES_GCM_encrypt_calc_iv_12_last:
+L_AES_GCM_encrypt_aesni_calc_iv_12_last:
         aesenclast	%xmm7, %xmm5
         aesenclast	%xmm7, %xmm1
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         movdqu	%xmm1, 144(%rsp)
-        jmp	L_AES_GCM_encrypt_iv_done
-L_AES_GCM_encrypt_iv_not_12:
+        jmp	L_AES_GCM_encrypt_aesni_iv_done
+L_AES_GCM_encrypt_aesni_iv_not_12:
         # Calculate values when IV is not 12 bytes
         # H = Encrypt X(=0)
         movdqa	(%r15), %xmm5
@@ -283,27 +283,27 @@ L_AES_GCM_encrypt_iv_not_12:
         aesenc	144(%r15), %xmm5
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	%xmm9, %xmm5
         aesenc	176(%r15), %xmm5
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	%xmm9, %xmm5
         aesenc	208(%r15), %xmm5
         movdqa	224(%r15), %xmm9
-L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last:
         aesenclast	%xmm9, %xmm5
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         # Calc counter
         # Initialization vector
         cmpl	$0x00, %edx
         movq	$0x00, %rcx
-        je	L_AES_GCM_encrypt_calc_iv_done
+        je	L_AES_GCM_encrypt_aesni_calc_iv_done
         cmpl	$16, %edx
-        jl	L_AES_GCM_encrypt_calc_iv_lt16
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_lt16
         andl	$0xfffffff0, %edx
-L_AES_GCM_encrypt_calc_iv_16_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_16_loop:
         movdqu	(%rax,%rcx,1), %xmm8
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
         pxor	%xmm8, %xmm4
@@ -363,22 +363,22 @@ L_AES_GCM_encrypt_calc_iv_16_loop:
         pxor	%xmm2, %xmm4
         addl	$16, %ecx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_encrypt_calc_iv_16_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_16_loop
         movl	%ebx, %edx
         cmpl	%edx, %ecx
-        je	L_AES_GCM_encrypt_calc_iv_done
-L_AES_GCM_encrypt_calc_iv_lt16:
+        je	L_AES_GCM_encrypt_aesni_calc_iv_done
+L_AES_GCM_encrypt_aesni_calc_iv_lt16:
         subq	$16, %rsp
         pxor	%xmm8, %xmm8
         xorl	%ebx, %ebx
         movdqu	%xmm8, (%rsp)
-L_AES_GCM_encrypt_calc_iv_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_loop:
         movzbl	(%rax,%rcx,1), %r13d
         movb	%r13b, (%rsp,%rbx,1)
         incl	%ecx
         incl	%ebx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_encrypt_calc_iv_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_loop
         movdqu	(%rsp), %xmm8
         addq	$16, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -437,7 +437,7 @@ L_AES_GCM_encrypt_calc_iv_loop:
         pxor	%xmm1, %xmm2
         pxor	%xmm7, %xmm2
         pxor	%xmm2, %xmm4
-L_AES_GCM_encrypt_calc_iv_done:
+L_AES_GCM_encrypt_aesni_calc_iv_done:
         # T = Encrypt counter
         pxor	%xmm0, %xmm0
         shll	$3, %edx
@@ -512,28 +512,28 @@ L_AES_GCM_encrypt_calc_iv_done:
         aesenc	144(%r15), %xmm8
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	176(%r15), %xmm8
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	208(%r15), %xmm8
         movdqa	224(%r15), %xmm9
-L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last:
         aesenclast	%xmm9, %xmm8
         movdqu	%xmm8, 144(%rsp)
-L_AES_GCM_encrypt_iv_done:
+L_AES_GCM_encrypt_aesni_iv_done:
         # Additional authentication data
         movl	%r11d, %edx
         cmpl	$0x00, %edx
-        je	L_AES_GCM_encrypt_calc_aad_done
+        je	L_AES_GCM_encrypt_aesni_calc_aad_done
         xorl	%ecx, %ecx
         cmpl	$16, %edx
-        jl	L_AES_GCM_encrypt_calc_aad_lt16
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_lt16
         andl	$0xfffffff0, %edx
-L_AES_GCM_encrypt_calc_aad_16_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_16_loop:
         movdqu	(%r12,%rcx,1), %xmm8
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
         pxor	%xmm8, %xmm6
@@ -593,22 +593,22 @@ L_AES_GCM_encrypt_calc_aad_16_loop:
         pxor	%xmm2, %xmm6
         addl	$16, %ecx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_encrypt_calc_aad_16_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_16_loop
         movl	%r11d, %edx
         cmpl	%edx, %ecx
-        je	L_AES_GCM_encrypt_calc_aad_done
-L_AES_GCM_encrypt_calc_aad_lt16:
+        je	L_AES_GCM_encrypt_aesni_calc_aad_done
+L_AES_GCM_encrypt_aesni_calc_aad_lt16:
         subq	$16, %rsp
         pxor	%xmm8, %xmm8
         xorl	%ebx, %ebx
         movdqu	%xmm8, (%rsp)
-L_AES_GCM_encrypt_calc_aad_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_loop:
         movzbl	(%r12,%rcx,1), %r13d
         movb	%r13b, (%rsp,%rbx,1)
         incl	%ecx
         incl	%ebx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_encrypt_calc_aad_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_loop
         movdqu	(%rsp), %xmm8
         addq	$16, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -667,7 +667,7 @@ L_AES_GCM_encrypt_calc_aad_loop:
         pxor	%xmm1, %xmm2
         pxor	%xmm7, %xmm2
         pxor	%xmm2, %xmm6
-L_AES_GCM_encrypt_calc_aad_done:
+L_AES_GCM_encrypt_aesni_calc_aad_done:
         # Calculate counter and H
         pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm4
         movdqa	%xmm5, %xmm9
@@ -685,7 +685,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         xorq	%rbx, %rbx
         cmpl	$0x80, %r9d
         movl	%r9d, %r13d
-        jl	L_AES_GCM_encrypt_done_128
+        jl	L_AES_GCM_encrypt_aesni_done_128
         andl	$0xffffff80, %r13d
         movdqa	%xmm6, %xmm2
         # H ^ 1
@@ -1104,7 +1104,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	%xmm7, %xmm15
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_enc_done
+        jl	L_AES_GCM_encrypt_aesni_enc_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -1124,7 +1124,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	%xmm7, %xmm15
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_enc_done
+        jl	L_AES_GCM_encrypt_aesni_enc_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -1143,7 +1143,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	%xmm7, %xmm14
         aesenc	%xmm7, %xmm15
         movdqa	224(%r15), %xmm7
-L_AES_GCM_encrypt_enc_done:
+L_AES_GCM_encrypt_aesni_enc_done:
         aesenclast	%xmm7, %xmm8
         aesenclast	%xmm7, %xmm9
         movdqu	(%rdi), %xmm0
@@ -1178,9 +1178,9 @@ L_AES_GCM_encrypt_enc_done:
         movdqu	%xmm15, 112(%rsi)
         cmpl	$0x80, %r13d
         movl	$0x80, %ebx
-        jle	L_AES_GCM_encrypt_end_128
+        jle	L_AES_GCM_encrypt_aesni_end_128
         # More 128 bytes of input
-L_AES_GCM_encrypt_ghash_128:
+L_AES_GCM_encrypt_aesni_ghash_128:
         leaq	(%rdi,%rbx,1), %rcx
         leaq	(%rsi,%rbx,1), %rdx
         movdqu	128(%rsp), %xmm8
@@ -1448,7 +1448,7 @@ L_AES_GCM_encrypt_ghash_128:
         pxor	%xmm3, %xmm2
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -1468,7 +1468,7 @@ L_AES_GCM_encrypt_ghash_128:
         aesenc	%xmm7, %xmm15
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm7
-        jl	L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -1487,7 +1487,7 @@ L_AES_GCM_encrypt_ghash_128:
         aesenc	%xmm7, %xmm14
         aesenc	%xmm7, %xmm15
         movdqa	224(%r15), %xmm7
-L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done:
         aesenclast	%xmm7, %xmm8
         aesenclast	%xmm7, %xmm9
         movdqu	(%rcx), %xmm0
@@ -1522,8 +1522,8 @@ L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
         movdqu	%xmm15, 112(%rdx)
         addl	$0x80, %ebx
         cmpl	%r13d, %ebx
-        jl	L_AES_GCM_encrypt_ghash_128
-L_AES_GCM_encrypt_end_128:
+        jl	L_AES_GCM_encrypt_aesni_ghash_128
+L_AES_GCM_encrypt_aesni_end_128:
         movdqa	L_aes_gcm_bswap_mask(%rip), %xmm4
         pshufb	%xmm4, %xmm8
         pshufb	%xmm4, %xmm9
@@ -1710,14 +1710,14 @@ L_AES_GCM_encrypt_end_128:
         pxor	%xmm4, %xmm2
         pxor	%xmm2, %xmm6
         movdqu	(%rsp), %xmm5
-L_AES_GCM_encrypt_done_128:
+L_AES_GCM_encrypt_aesni_done_128:
         movl	%r9d, %edx
         cmpl	%edx, %ebx
-        jge	L_AES_GCM_encrypt_done_enc
+        jge	L_AES_GCM_encrypt_aesni_done_enc
         movl	%r9d, %r13d
         andl	$0xfffffff0, %r13d
         cmpl	%r13d, %ebx
-        jge	L_AES_GCM_encrypt_last_block_done
+        jge	L_AES_GCM_encrypt_aesni_last_block_done
         leaq	(%rdi,%rbx,1), %rcx
         leaq	(%rsi,%rbx,1), %rdx
         movdqu	128(%rsp), %xmm8
@@ -1737,16 +1737,16 @@ L_AES_GCM_encrypt_done_128:
         aesenc	144(%r15), %xmm8
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	176(%r15), %xmm8
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	208(%r15), %xmm8
         movdqa	224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last:
         aesenclast	%xmm9, %xmm8
         movdqu	(%rcx), %xmm9
         pxor	%xmm9, %xmm8
@@ -1755,8 +1755,8 @@ L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
         pxor	%xmm8, %xmm6
         addl	$16, %ebx
         cmpl	%r13d, %ebx
-        jge	L_AES_GCM_encrypt_last_block_ghash
-L_AES_GCM_encrypt_last_block_start:
+        jge	L_AES_GCM_encrypt_aesni_last_block_ghash
+L_AES_GCM_encrypt_aesni_last_block_start:
         leaq	(%rdi,%rbx,1), %rcx
         leaq	(%rsi,%rbx,1), %rdx
         movdqu	128(%rsp), %xmm8
@@ -1801,16 +1801,16 @@ L_AES_GCM_encrypt_last_block_start:
         pxor	%xmm3, %xmm6
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
         aesenc	%xmm9, %xmm8
         aesenc	176(%r15), %xmm8
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
         aesenc	%xmm9, %xmm8
         aesenc	208(%r15), %xmm8
         movdqa	224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_gfmul_last:
+L_AES_GCM_encrypt_aesni_aesenc_gfmul_last:
         aesenclast	%xmm9, %xmm8
         movdqu	(%rcx), %xmm9
         pxor	%xmm9, %xmm8
@@ -1819,8 +1819,8 @@ L_AES_GCM_encrypt_aesenc_gfmul_last:
         pxor	%xmm8, %xmm6
         addl	$16, %ebx
         cmpl	%r13d, %ebx
-        jl	L_AES_GCM_encrypt_last_block_start
-L_AES_GCM_encrypt_last_block_ghash:
+        jl	L_AES_GCM_encrypt_aesni_last_block_start
+L_AES_GCM_encrypt_aesni_last_block_ghash:
         pshufd	$0x4e, %xmm5, %xmm9
         pshufd	$0x4e, %xmm6, %xmm10
         movdqa	%xmm6, %xmm11
@@ -1861,11 +1861,11 @@ L_AES_GCM_encrypt_last_block_ghash:
         pxor	%xmm13, %xmm14
         pxor	%xmm8, %xmm14
         pxor	%xmm14, %xmm6
-L_AES_GCM_encrypt_last_block_done:
+L_AES_GCM_encrypt_aesni_last_block_done:
         movl	%r9d, %ecx
         movl	%ecx, %edx
         andl	$15, %ecx
-        jz	L_AES_GCM_encrypt_aesenc_last15_enc_avx_done
+        jz	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done
         movdqu	128(%rsp), %xmm4
         pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm4
         pxor	(%r15), %xmm4
@@ -1880,21 +1880,21 @@ L_AES_GCM_encrypt_last_block_done:
         aesenc	144(%r15), %xmm4
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
         aesenc	%xmm9, %xmm4
         aesenc	176(%r15), %xmm4
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
         aesenc	%xmm9, %xmm4
         aesenc	208(%r15), %xmm4
         movdqa	224(%r15), %xmm9
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last:
         aesenclast	%xmm9, %xmm4
         subq	$16, %rsp
         xorl	%ecx, %ecx
         movdqu	%xmm4, (%rsp)
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop:
         movzbl	(%rdi,%rbx,1), %r13d
         xorb	(%rsp,%rcx,1), %r13b
         movb	%r13b, (%rsi,%rbx,1)
@@ -1902,16 +1902,16 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
         incl	%ebx
         incl	%ecx
         cmpl	%edx, %ebx
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop
         xorq	%r13, %r13
         cmpl	$16, %ecx
-        je	L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop:
+        je	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop:
         movb	%r13b, (%rsp,%rcx,1)
         incl	%ecx
         cmpl	$16, %ecx
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc:
         movdqu	(%rsp), %xmm4
         addq	$16, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm4
@@ -1956,8 +1956,8 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
         pxor	%xmm13, %xmm14
         pxor	%xmm8, %xmm14
         pxor	%xmm14, %xmm6
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_done:
-L_AES_GCM_encrypt_done_enc:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done:
+L_AES_GCM_encrypt_aesni_done_enc:
         movl	%r9d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -2009,19 +2009,19 @@ L_AES_GCM_encrypt_done_enc:
         movdqu	144(%rsp), %xmm0
         pxor	%xmm6, %xmm0
         cmpl	$16, %r14d
-        je	L_AES_GCM_encrypt_store_tag_16
+        je	L_AES_GCM_encrypt_aesni_store_tag_16
         xorq	%rcx, %rcx
         movdqu	%xmm0, (%rsp)
-L_AES_GCM_encrypt_store_tag_loop:
+L_AES_GCM_encrypt_aesni_store_tag_loop:
         movzbl	(%rsp,%rcx,1), %r13d
         movb	%r13b, (%r8,%rcx,1)
         incl	%ecx
         cmpl	%r14d, %ecx
-        jne	L_AES_GCM_encrypt_store_tag_loop
-        jmp	L_AES_GCM_encrypt_store_tag_done
-L_AES_GCM_encrypt_store_tag_16:
+        jne	L_AES_GCM_encrypt_aesni_store_tag_loop
+        jmp	L_AES_GCM_encrypt_aesni_store_tag_done
+L_AES_GCM_encrypt_aesni_store_tag_16:
         movdqu	%xmm0, (%r8)
-L_AES_GCM_encrypt_store_tag_done:
+L_AES_GCM_encrypt_aesni_store_tag_done:
         addq	$0xa0, %rsp
         popq	%r15
         popq	%r14
@@ -2030,19 +2030,19 @@ L_AES_GCM_encrypt_store_tag_done:
         popq	%r13
         repz retq
 #ifndef __APPLE__
-.size	AES_GCM_encrypt,.-AES_GCM_encrypt
+.size	AES_GCM_encrypt_aesni,.-AES_GCM_encrypt_aesni
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	AES_GCM_decrypt
-.type	AES_GCM_decrypt,@function
+.globl	AES_GCM_decrypt_aesni
+.type	AES_GCM_decrypt_aesni,@function
 .align	16
-AES_GCM_decrypt:
+AES_GCM_decrypt_aesni:
 #else
 .section	__TEXT,__text
-.globl	_AES_GCM_decrypt
+.globl	_AES_GCM_decrypt_aesni
 .p2align	4
-_AES_GCM_decrypt:
+_AES_GCM_decrypt_aesni:
 #endif /* __APPLE__ */
         pushq	%r13
         pushq	%r12
@@ -2063,7 +2063,7 @@ _AES_GCM_decrypt:
         pxor	%xmm6, %xmm6
         cmpl	$12, %ebx
         movl	%ebx, %edx
-        jne	L_AES_GCM_decrypt_iv_not_12
+        jne	L_AES_GCM_decrypt_aesni_iv_not_12
         # # Calculate values when IV is 12 bytes
         # Set counter based on IV
         movl	$0x1000000, %ecx
@@ -2103,7 +2103,7 @@ _AES_GCM_decrypt:
         aesenc	%xmm7, %xmm1
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm7
-        jl	L_AES_GCM_decrypt_calc_iv_12_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_12_last
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	176(%r15), %xmm7
@@ -2111,20 +2111,20 @@ _AES_GCM_decrypt:
         aesenc	%xmm7, %xmm1
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm7
-        jl	L_AES_GCM_decrypt_calc_iv_12_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_12_last
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	208(%r15), %xmm7
         aesenc	%xmm7, %xmm5
         aesenc	%xmm7, %xmm1
         movdqa	224(%r15), %xmm7
-L_AES_GCM_decrypt_calc_iv_12_last:
+L_AES_GCM_decrypt_aesni_calc_iv_12_last:
         aesenclast	%xmm7, %xmm5
         aesenclast	%xmm7, %xmm1
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         movdqu	%xmm1, 144(%rsp)
-        jmp	L_AES_GCM_decrypt_iv_done
-L_AES_GCM_decrypt_iv_not_12:
+        jmp	L_AES_GCM_decrypt_aesni_iv_done
+L_AES_GCM_decrypt_aesni_iv_not_12:
         # Calculate values when IV is not 12 bytes
         # H = Encrypt X(=0)
         movdqa	(%r15), %xmm5
@@ -2139,27 +2139,27 @@ L_AES_GCM_decrypt_iv_not_12:
         aesenc	144(%r15), %xmm5
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	%xmm9, %xmm5
         aesenc	176(%r15), %xmm5
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	%xmm9, %xmm5
         aesenc	208(%r15), %xmm5
         movdqa	224(%r15), %xmm9
-L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last:
         aesenclast	%xmm9, %xmm5
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         # Calc counter
         # Initialization vector
         cmpl	$0x00, %edx
         movq	$0x00, %rcx
-        je	L_AES_GCM_decrypt_calc_iv_done
+        je	L_AES_GCM_decrypt_aesni_calc_iv_done
         cmpl	$16, %edx
-        jl	L_AES_GCM_decrypt_calc_iv_lt16
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_lt16
         andl	$0xfffffff0, %edx
-L_AES_GCM_decrypt_calc_iv_16_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_16_loop:
         movdqu	(%rax,%rcx,1), %xmm8
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
         pxor	%xmm8, %xmm4
@@ -2219,22 +2219,22 @@ L_AES_GCM_decrypt_calc_iv_16_loop:
         pxor	%xmm2, %xmm4
         addl	$16, %ecx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_decrypt_calc_iv_16_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_16_loop
         movl	%ebx, %edx
         cmpl	%edx, %ecx
-        je	L_AES_GCM_decrypt_calc_iv_done
-L_AES_GCM_decrypt_calc_iv_lt16:
+        je	L_AES_GCM_decrypt_aesni_calc_iv_done
+L_AES_GCM_decrypt_aesni_calc_iv_lt16:
         subq	$16, %rsp
         pxor	%xmm8, %xmm8
         xorl	%ebx, %ebx
         movdqu	%xmm8, (%rsp)
-L_AES_GCM_decrypt_calc_iv_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_loop:
         movzbl	(%rax,%rcx,1), %r13d
         movb	%r13b, (%rsp,%rbx,1)
         incl	%ecx
         incl	%ebx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_decrypt_calc_iv_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_loop
         movdqu	(%rsp), %xmm8
         addq	$16, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -2293,7 +2293,7 @@ L_AES_GCM_decrypt_calc_iv_loop:
         pxor	%xmm1, %xmm2
         pxor	%xmm7, %xmm2
         pxor	%xmm2, %xmm4
-L_AES_GCM_decrypt_calc_iv_done:
+L_AES_GCM_decrypt_aesni_calc_iv_done:
         # T = Encrypt counter
         pxor	%xmm0, %xmm0
         shll	$3, %edx
@@ -2368,28 +2368,28 @@ L_AES_GCM_decrypt_calc_iv_done:
         aesenc	144(%r15), %xmm8
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	176(%r15), %xmm8
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	%xmm9, %xmm8
         aesenc	208(%r15), %xmm8
         movdqa	224(%r15), %xmm9
-L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last:
         aesenclast	%xmm9, %xmm8
         movdqu	%xmm8, 144(%rsp)
-L_AES_GCM_decrypt_iv_done:
+L_AES_GCM_decrypt_aesni_iv_done:
         # Additional authentication data
         movl	%r11d, %edx
         cmpl	$0x00, %edx
-        je	L_AES_GCM_decrypt_calc_aad_done
+        je	L_AES_GCM_decrypt_aesni_calc_aad_done
         xorl	%ecx, %ecx
         cmpl	$16, %edx
-        jl	L_AES_GCM_decrypt_calc_aad_lt16
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_lt16
         andl	$0xfffffff0, %edx
-L_AES_GCM_decrypt_calc_aad_16_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_16_loop:
         movdqu	(%r12,%rcx,1), %xmm8
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
         pxor	%xmm8, %xmm6
@@ -2449,22 +2449,22 @@ L_AES_GCM_decrypt_calc_aad_16_loop:
         pxor	%xmm2, %xmm6
         addl	$16, %ecx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_decrypt_calc_aad_16_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_16_loop
         movl	%r11d, %edx
         cmpl	%edx, %ecx
-        je	L_AES_GCM_decrypt_calc_aad_done
-L_AES_GCM_decrypt_calc_aad_lt16:
+        je	L_AES_GCM_decrypt_aesni_calc_aad_done
+L_AES_GCM_decrypt_aesni_calc_aad_lt16:
         subq	$16, %rsp
         pxor	%xmm8, %xmm8
         xorl	%ebx, %ebx
         movdqu	%xmm8, (%rsp)
-L_AES_GCM_decrypt_calc_aad_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_loop:
         movzbl	(%r12,%rcx,1), %r13d
         movb	%r13b, (%rsp,%rbx,1)
         incl	%ecx
         incl	%ebx
         cmpl	%edx, %ecx
-        jl	L_AES_GCM_decrypt_calc_aad_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_loop
         movdqu	(%rsp), %xmm8
         addq	$16, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
@@ -2523,7 +2523,7 @@ L_AES_GCM_decrypt_calc_aad_loop:
         pxor	%xmm1, %xmm2
         pxor	%xmm7, %xmm2
         pxor	%xmm2, %xmm6
-L_AES_GCM_decrypt_calc_aad_done:
+L_AES_GCM_decrypt_aesni_calc_aad_done:
         # Calculate counter and H
         pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm4
         movdqa	%xmm5, %xmm9
@@ -2541,7 +2541,7 @@ L_AES_GCM_decrypt_calc_aad_done:
         xorl	%ebx, %ebx
         cmpl	$0x80, %r9d
         movl	%r9d, %r13d
-        jl	L_AES_GCM_decrypt_done_128
+        jl	L_AES_GCM_decrypt_aesni_done_128
         andl	$0xffffff80, %r13d
         movdqa	%xmm6, %xmm2
         # H ^ 1
@@ -2840,7 +2840,7 @@ L_AES_GCM_decrypt_calc_aad_done:
         pxor	%xmm8, %xmm14
         pxor	%xmm14, %xmm7
         movdqu	%xmm7, 112(%rsp)
-L_AES_GCM_decrypt_ghash_128:
+L_AES_GCM_decrypt_aesni_ghash_128:
         leaq	(%rdi,%rbx,1), %rcx
         leaq	(%rsi,%rbx,1), %rdx
         movdqu	128(%rsp), %xmm8
@@ -3108,7 +3108,7 @@ L_AES_GCM_decrypt_ghash_128:
         pxor	%xmm3, %xmm2
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm7
-        jl	L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -3128,7 +3128,7 @@ L_AES_GCM_decrypt_ghash_128:
         aesenc	%xmm7, %xmm15
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm7
-        jl	L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	%xmm7, %xmm8
         aesenc	%xmm7, %xmm9
         aesenc	%xmm7, %xmm10
@@ -3147,7 +3147,7 @@ L_AES_GCM_decrypt_ghash_128:
         aesenc	%xmm7, %xmm14
         aesenc	%xmm7, %xmm15
         movdqa	224(%r15), %xmm7
-L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done:
         aesenclast	%xmm7, %xmm8
         aesenclast	%xmm7, %xmm9
         movdqu	(%rcx), %xmm0
@@ -3182,18 +3182,18 @@ L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
         movdqu	%xmm15, 112(%rdx)
         addl	$0x80, %ebx
         cmpl	%r13d, %ebx
-        jl	L_AES_GCM_decrypt_ghash_128
+        jl	L_AES_GCM_decrypt_aesni_ghash_128
         movdqa	%xmm2, %xmm6
         movdqu	(%rsp), %xmm5
-L_AES_GCM_decrypt_done_128:
+L_AES_GCM_decrypt_aesni_done_128:
         movl	%r9d, %edx
         cmpl	%edx, %ebx
-        jge	L_AES_GCM_decrypt_done_dec
+        jge	L_AES_GCM_decrypt_aesni_done_dec
         movl	%r9d, %r13d
         andl	$0xfffffff0, %r13d
         cmpl	%r13d, %ebx
-        jge	L_AES_GCM_decrypt_last_block_done
-L_AES_GCM_decrypt_last_block_start:
+        jge	L_AES_GCM_decrypt_aesni_last_block_done
+L_AES_GCM_decrypt_aesni_last_block_start:
         leaq	(%rdi,%rbx,1), %rcx
         leaq	(%rsi,%rbx,1), %rdx
         movdqu	(%rcx), %xmm1
@@ -3242,28 +3242,28 @@ L_AES_GCM_decrypt_last_block_start:
         pxor	%xmm3, %xmm6
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
         aesenc	%xmm9, %xmm8
         aesenc	176(%r15), %xmm8
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
         aesenc	%xmm9, %xmm8
         aesenc	208(%r15), %xmm8
         movdqa	224(%r15), %xmm9
-L_AES_GCM_decrypt_aesenc_gfmul_last:
+L_AES_GCM_decrypt_aesni_aesenc_gfmul_last:
         aesenclast	%xmm9, %xmm8
         movdqu	(%rcx), %xmm9
         pxor	%xmm9, %xmm8
         movdqu	%xmm8, (%rdx)
         addl	$16, %ebx
         cmpl	%r13d, %ebx
-        jl	L_AES_GCM_decrypt_last_block_start
-L_AES_GCM_decrypt_last_block_done:
+        jl	L_AES_GCM_decrypt_aesni_last_block_start
+L_AES_GCM_decrypt_aesni_last_block_done:
         movl	%r9d, %ecx
         movl	%ecx, %edx
         andl	$15, %ecx
-        jz	L_AES_GCM_decrypt_aesenc_last15_dec_avx_done
+        jz	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done
         movdqu	128(%rsp), %xmm4
         pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm4
         pxor	(%r15), %xmm4
@@ -3278,23 +3278,23 @@ L_AES_GCM_decrypt_last_block_done:
         aesenc	144(%r15), %xmm4
         cmpl	$11, %r10d
         movdqa	160(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
         aesenc	%xmm9, %xmm4
         aesenc	176(%r15), %xmm4
         cmpl	$13, %r10d
         movdqa	192(%r15), %xmm9
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
         aesenc	%xmm9, %xmm4
         aesenc	208(%r15), %xmm4
         movdqa	224(%r15), %xmm9
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last:
         aesenclast	%xmm9, %xmm4
         subq	$32, %rsp
         xorl	%ecx, %ecx
         movdqu	%xmm4, (%rsp)
         pxor	%xmm0, %xmm0
         movdqu	%xmm0, 16(%rsp)
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop:
         movzbl	(%rdi,%rbx,1), %r13d
         movb	%r13b, 16(%rsp,%rcx,1)
         xorb	(%rsp,%rcx,1), %r13b
@@ -3302,7 +3302,7 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
         incl	%ebx
         incl	%ecx
         cmpl	%edx, %ebx
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop
         movdqu	16(%rsp), %xmm4
         addq	$32, %rsp
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm4
@@ -3347,8 +3347,8 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
         pxor	%xmm13, %xmm14
         pxor	%xmm8, %xmm14
         pxor	%xmm14, %xmm6
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_done:
-L_AES_GCM_decrypt_done_dec:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done:
+L_AES_GCM_decrypt_aesni_done_dec:
         movl	%r9d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -3400,24 +3400,24 @@ L_AES_GCM_decrypt_done_dec:
         movdqu	144(%rsp), %xmm0
         pxor	%xmm6, %xmm0
         cmpl	$16, %r14d
-        je	L_AES_GCM_decrypt_cmp_tag_16
+        je	L_AES_GCM_decrypt_aesni_cmp_tag_16
         subq	$16, %rsp
         xorq	%rcx, %rcx
         xorq	%rbx, %rbx
         movdqu	%xmm0, (%rsp)
-L_AES_GCM_decrypt_cmp_tag_loop:
+L_AES_GCM_decrypt_aesni_cmp_tag_loop:
         movzbl	(%rsp,%rcx,1), %r13d
         xorb	(%r8,%rcx,1), %r13b
         orb	%r13b, %bl
         incl	%ecx
         cmpl	%r14d, %ecx
-        jne	L_AES_GCM_decrypt_cmp_tag_loop
+        jne	L_AES_GCM_decrypt_aesni_cmp_tag_loop
         cmpb	$0x00, %bl
         sete	%bl
         addq	$16, %rsp
         xorq	%rcx, %rcx
-        jmp	L_AES_GCM_decrypt_cmp_tag_done
-L_AES_GCM_decrypt_cmp_tag_16:
+        jmp	L_AES_GCM_decrypt_aesni_cmp_tag_done
+L_AES_GCM_decrypt_aesni_cmp_tag_16:
         movdqu	(%r8), %xmm1
         pcmpeqb	%xmm1, %xmm0
         pmovmskb	%xmm0, %rdx
@@ -3425,7 +3425,7 @@ L_AES_GCM_decrypt_cmp_tag_16:
         xorl	%ebx, %ebx
         cmpl	$0xffff, %edx
         sete	%bl
-L_AES_GCM_decrypt_cmp_tag_done:
+L_AES_GCM_decrypt_aesni_cmp_tag_done:
         movl	%ebx, (%rbp)
         addq	$0xa8, %rsp
         popq	%rbp
@@ -3436,7 +3436,7 @@ L_AES_GCM_decrypt_cmp_tag_done:
         popq	%r13
         repz retq
 #ifndef __APPLE__
-.size	AES_GCM_decrypt,.-AES_GCM_decrypt
+.size	AES_GCM_decrypt_aesni,.-AES_GCM_decrypt_aesni
 #endif /* __APPLE__ */
 #ifdef WOLFSSL_AESGCM_STREAM
 #ifndef __APPLE__
@@ -3472,53 +3472,53 @@ _AES_GCM_init_aesni:
         movdqa	%xmm4, %xmm1
         movdqa	(%rdi), %xmm5
         pxor	%xmm5, %xmm1
-        movdqa	16(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	32(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	48(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	64(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	80(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	96(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	112(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	128(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	144(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
+        movdqa	16(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	32(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	48(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	64(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	80(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	96(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	112(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	128(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	144(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
         cmpl	$11, %esi
-        movdqa	160(%rdi), %xmm7
+        movdqa	160(%rdi), %xmm6
         jl	L_AES_GCM_init_aesni_calc_iv_12_last
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	176(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	176(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
         cmpl	$13, %esi
-        movdqa	192(%rdi), %xmm7
+        movdqa	192(%rdi), %xmm6
         jl	L_AES_GCM_init_aesni_calc_iv_12_last
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	208(%rdi), %xmm7
-        aesenc	%xmm7, %xmm5
-        aesenc	%xmm7, %xmm1
-        movdqa	224(%rdi), %xmm7
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	208(%rdi), %xmm6
+        aesenc	%xmm6, %xmm5
+        aesenc	%xmm6, %xmm1
+        movdqa	224(%rdi), %xmm6
 L_AES_GCM_init_aesni_calc_iv_12_last:
-        aesenclast	%xmm7, %xmm5
-        aesenclast	%xmm7, %xmm1
+        aesenclast	%xmm6, %xmm5
+        aesenclast	%xmm6, %xmm1
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         movdqu	%xmm1, %xmm15
         jmp	L_AES_GCM_init_aesni_iv_done
@@ -3536,18 +3536,18 @@ L_AES_GCM_init_aesni_iv_not_12:
         aesenc	128(%rdi), %xmm5
         aesenc	144(%rdi), %xmm5
         cmpl	$11, %esi
-        movdqa	160(%rdi), %xmm9
+        movdqa	160(%rdi), %xmm8
         jl	L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
-        aesenc	%xmm9, %xmm5
+        aesenc	%xmm8, %xmm5
         aesenc	176(%rdi), %xmm5
         cmpl	$13, %esi
-        movdqa	192(%rdi), %xmm9
+        movdqa	192(%rdi), %xmm8
         jl	L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
-        aesenc	%xmm9, %xmm5
+        aesenc	%xmm8, %xmm5
         aesenc	208(%rdi), %xmm5
-        movdqa	224(%rdi), %xmm9
+        movdqa	224(%rdi), %xmm8
 L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
-        aesenclast	%xmm9, %xmm5
+        aesenclast	%xmm8, %xmm5
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm5
         # Calc counter
         # Initialization vector
@@ -3558,9 +3558,9 @@ L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
         jl	L_AES_GCM_init_aesni_calc_iv_lt16
         andl	$0xfffffff0, %edx
 L_AES_GCM_init_aesni_calc_iv_16_loop:
-        movdqu	(%r10,%rcx,1), %xmm8
-        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
-        pxor	%xmm8, %xmm4
+        movdqu	(%r10,%rcx,1), %xmm7
+        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm7
+        pxor	%xmm7, %xmm4
         pshufd	$0x4e, %xmm4, %xmm1
         pshufd	$0x4e, %xmm5, %xmm2
         movdqa	%xmm5, %xmm3
@@ -3573,28 +3573,28 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         pxor	%xmm0, %xmm1
         pxor	%xmm3, %xmm1
         movdqa	%xmm1, %xmm2
-        movdqa	%xmm0, %xmm7
+        movdqa	%xmm0, %xmm6
         movdqa	%xmm3, %xmm4
         pslldq	$8, %xmm2
         psrldq	$8, %xmm1
-        pxor	%xmm2, %xmm7
+        pxor	%xmm2, %xmm6
         pxor	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
+        movdqa	%xmm6, %xmm0
         movdqa	%xmm4, %xmm1
         psrld	$31, %xmm0
         psrld	$31, %xmm1
-        pslld	$0x01, %xmm7
+        pslld	$0x01, %xmm6
         pslld	$0x01, %xmm4
         movdqa	%xmm0, %xmm2
         pslldq	$4, %xmm0
         psrldq	$12, %xmm2
         pslldq	$4, %xmm1
         por	%xmm2, %xmm4
-        por	%xmm0, %xmm7
+        por	%xmm0, %xmm6
         por	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
-        movdqa	%xmm7, %xmm1
-        movdqa	%xmm7, %xmm2
+        movdqa	%xmm6, %xmm0
+        movdqa	%xmm6, %xmm1
+        movdqa	%xmm6, %xmm2
         pslld	$31, %xmm0
         pslld	$30, %xmm1
         pslld	$25, %xmm2
@@ -3603,17 +3603,17 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         movdqa	%xmm0, %xmm1
         psrldq	$4, %xmm1
         pslldq	$12, %xmm0
-        pxor	%xmm0, %xmm7
-        movdqa	%xmm7, %xmm2
-        movdqa	%xmm7, %xmm3
-        movdqa	%xmm7, %xmm0
+        pxor	%xmm0, %xmm6
+        movdqa	%xmm6, %xmm2
+        movdqa	%xmm6, %xmm3
+        movdqa	%xmm6, %xmm0
         psrld	$0x01, %xmm2
         psrld	$2, %xmm3
         psrld	$7, %xmm0
         pxor	%xmm3, %xmm2
         pxor	%xmm0, %xmm2
         pxor	%xmm1, %xmm2
-        pxor	%xmm7, %xmm2
+        pxor	%xmm6, %xmm2
         pxor	%xmm2, %xmm4
         addl	$16, %ecx
         cmpl	%edx, %ecx
@@ -3623,9 +3623,9 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         je	L_AES_GCM_init_aesni_calc_iv_done
 L_AES_GCM_init_aesni_calc_iv_lt16:
         subq	$16, %rsp
-        pxor	%xmm8, %xmm8
+        pxor	%xmm7, %xmm7
         xorl	%r13d, %r13d
-        movdqu	%xmm8, (%rsp)
+        movdqu	%xmm7, (%rsp)
 L_AES_GCM_init_aesni_calc_iv_loop:
         movzbl	(%r10,%rcx,1), %r12d
         movb	%r12b, (%rsp,%r13,1)
@@ -3633,10 +3633,10 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         incl	%r13d
         cmpl	%edx, %ecx
         jl	L_AES_GCM_init_aesni_calc_iv_loop
-        movdqu	(%rsp), %xmm8
+        movdqu	(%rsp), %xmm7
         addq	$16, %rsp
-        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
-        pxor	%xmm8, %xmm4
+        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm7
+        pxor	%xmm7, %xmm4
         pshufd	$0x4e, %xmm4, %xmm1
         pshufd	$0x4e, %xmm5, %xmm2
         movdqa	%xmm5, %xmm3
@@ -3649,28 +3649,28 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         pxor	%xmm0, %xmm1
         pxor	%xmm3, %xmm1
         movdqa	%xmm1, %xmm2
-        movdqa	%xmm0, %xmm7
+        movdqa	%xmm0, %xmm6
         movdqa	%xmm3, %xmm4
         pslldq	$8, %xmm2
         psrldq	$8, %xmm1
-        pxor	%xmm2, %xmm7
+        pxor	%xmm2, %xmm6
         pxor	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
+        movdqa	%xmm6, %xmm0
         movdqa	%xmm4, %xmm1
         psrld	$31, %xmm0
         psrld	$31, %xmm1
-        pslld	$0x01, %xmm7
+        pslld	$0x01, %xmm6
         pslld	$0x01, %xmm4
         movdqa	%xmm0, %xmm2
         pslldq	$4, %xmm0
         psrldq	$12, %xmm2
         pslldq	$4, %xmm1
         por	%xmm2, %xmm4
-        por	%xmm0, %xmm7
+        por	%xmm0, %xmm6
         por	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
-        movdqa	%xmm7, %xmm1
-        movdqa	%xmm7, %xmm2
+        movdqa	%xmm6, %xmm0
+        movdqa	%xmm6, %xmm1
+        movdqa	%xmm6, %xmm2
         pslld	$31, %xmm0
         pslld	$30, %xmm1
         pslld	$25, %xmm2
@@ -3679,17 +3679,17 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         movdqa	%xmm0, %xmm1
         psrldq	$4, %xmm1
         pslldq	$12, %xmm0
-        pxor	%xmm0, %xmm7
-        movdqa	%xmm7, %xmm2
-        movdqa	%xmm7, %xmm3
-        movdqa	%xmm7, %xmm0
+        pxor	%xmm0, %xmm6
+        movdqa	%xmm6, %xmm2
+        movdqa	%xmm6, %xmm3
+        movdqa	%xmm6, %xmm0
         psrld	$0x01, %xmm2
         psrld	$2, %xmm3
         psrld	$7, %xmm0
         pxor	%xmm3, %xmm2
         pxor	%xmm0, %xmm2
         pxor	%xmm1, %xmm2
-        pxor	%xmm7, %xmm2
+        pxor	%xmm6, %xmm2
         pxor	%xmm2, %xmm4
 L_AES_GCM_init_aesni_calc_iv_done:
         # T = Encrypt counter
@@ -3709,28 +3709,28 @@ L_AES_GCM_init_aesni_calc_iv_done:
         pxor	%xmm0, %xmm1
         pxor	%xmm3, %xmm1
         movdqa	%xmm1, %xmm2
-        movdqa	%xmm0, %xmm7
+        movdqa	%xmm0, %xmm6
         movdqa	%xmm3, %xmm4
         pslldq	$8, %xmm2
         psrldq	$8, %xmm1
-        pxor	%xmm2, %xmm7
+        pxor	%xmm2, %xmm6
         pxor	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
+        movdqa	%xmm6, %xmm0
         movdqa	%xmm4, %xmm1
         psrld	$31, %xmm0
         psrld	$31, %xmm1
-        pslld	$0x01, %xmm7
+        pslld	$0x01, %xmm6
         pslld	$0x01, %xmm4
         movdqa	%xmm0, %xmm2
         pslldq	$4, %xmm0
         psrldq	$12, %xmm2
         pslldq	$4, %xmm1
         por	%xmm2, %xmm4
-        por	%xmm0, %xmm7
+        por	%xmm0, %xmm6
         por	%xmm1, %xmm4
-        movdqa	%xmm7, %xmm0
-        movdqa	%xmm7, %xmm1
-        movdqa	%xmm7, %xmm2
+        movdqa	%xmm6, %xmm0
+        movdqa	%xmm6, %xmm1
+        movdqa	%xmm6, %xmm2
         pslld	$31, %xmm0
         pslld	$30, %xmm1
         pslld	$25, %xmm2
@@ -3739,45 +3739,45 @@ L_AES_GCM_init_aesni_calc_iv_done:
         movdqa	%xmm0, %xmm1
         psrldq	$4, %xmm1
         pslldq	$12, %xmm0
-        pxor	%xmm0, %xmm7
-        movdqa	%xmm7, %xmm2
-        movdqa	%xmm7, %xmm3
-        movdqa	%xmm7, %xmm0
+        pxor	%xmm0, %xmm6
+        movdqa	%xmm6, %xmm2
+        movdqa	%xmm6, %xmm3
+        movdqa	%xmm6, %xmm0
         psrld	$0x01, %xmm2
         psrld	$2, %xmm3
         psrld	$7, %xmm0
         pxor	%xmm3, %xmm2
         pxor	%xmm0, %xmm2
         pxor	%xmm1, %xmm2
-        pxor	%xmm7, %xmm2
+        pxor	%xmm6, %xmm2
         pxor	%xmm2, %xmm4
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm4
         #   Encrypt counter
-        movdqa	(%rdi), %xmm8
-        pxor	%xmm4, %xmm8
-        aesenc	16(%rdi), %xmm8
-        aesenc	32(%rdi), %xmm8
-        aesenc	48(%rdi), %xmm8
-        aesenc	64(%rdi), %xmm8
-        aesenc	80(%rdi), %xmm8
-        aesenc	96(%rdi), %xmm8
-        aesenc	112(%rdi), %xmm8
-        aesenc	128(%rdi), %xmm8
-        aesenc	144(%rdi), %xmm8
+        movdqa	(%rdi), %xmm7
+        pxor	%xmm4, %xmm7
+        aesenc	16(%rdi), %xmm7
+        aesenc	32(%rdi), %xmm7
+        aesenc	48(%rdi), %xmm7
+        aesenc	64(%rdi), %xmm7
+        aesenc	80(%rdi), %xmm7
+        aesenc	96(%rdi), %xmm7
+        aesenc	112(%rdi), %xmm7
+        aesenc	128(%rdi), %xmm7
+        aesenc	144(%rdi), %xmm7
         cmpl	$11, %esi
-        movdqa	160(%rdi), %xmm9
+        movdqa	160(%rdi), %xmm8
         jl	L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
-        aesenc	%xmm9, %xmm8
-        aesenc	176(%rdi), %xmm8
+        aesenc	%xmm8, %xmm7
+        aesenc	176(%rdi), %xmm7
         cmpl	$13, %esi
-        movdqa	192(%rdi), %xmm9
+        movdqa	192(%rdi), %xmm8
         jl	L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
-        aesenc	%xmm9, %xmm8
-        aesenc	208(%rdi), %xmm8
-        movdqa	224(%rdi), %xmm9
+        aesenc	%xmm8, %xmm7
+        aesenc	208(%rdi), %xmm7
+        movdqa	224(%rdi), %xmm8
 L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last:
-        aesenclast	%xmm9, %xmm8
-        movdqu	%xmm8, %xmm15
+        aesenclast	%xmm8, %xmm7
+        movdqu	%xmm7, %xmm15
 L_AES_GCM_init_aesni_iv_done:
         movdqa	%xmm15, (%rax)
         pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm4
@@ -3809,9 +3809,9 @@ _AES_GCM_aad_update_aesni:
         movdqa	(%rax), %xmm6
         xorl	%ecx, %ecx
 L_AES_GCM_aad_update_aesni_16_loop:
-        movdqu	(%rdi,%rcx,1), %xmm8
-        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
-        pxor	%xmm8, %xmm5
+        movdqu	(%rdi,%rcx,1), %xmm7
+        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm7
+        pxor	%xmm7, %xmm5
         pshufd	$0x4e, %xmm5, %xmm1
         pshufd	$0x4e, %xmm6, %xmm2
         movdqa	%xmm6, %xmm3
@@ -3888,38 +3888,38 @@ _AES_GCM_encrypt_block_aesni:
 #endif /* __APPLE__ */
         movq	%rdx, %r10
         movq	%rcx, %r11
-        movdqu	(%r8), %xmm8
-        movdqa	%xmm8, %xmm9
-        pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm8
-        paddd	L_aes_gcm_one(%rip), %xmm9
-        pxor	(%rdi), %xmm8
-        movdqu	%xmm9, (%r8)
-        aesenc	16(%rdi), %xmm8
-        aesenc	32(%rdi), %xmm8
-        aesenc	48(%rdi), %xmm8
-        aesenc	64(%rdi), %xmm8
-        aesenc	80(%rdi), %xmm8
-        aesenc	96(%rdi), %xmm8
-        aesenc	112(%rdi), %xmm8
-        aesenc	128(%rdi), %xmm8
-        aesenc	144(%rdi), %xmm8
+        movdqu	(%r8), %xmm0
+        movdqa	%xmm0, %xmm1
+        pshufb	L_aes_gcm_bswap_epi64(%rip), %xmm0
+        paddd	L_aes_gcm_one(%rip), %xmm1
+        pxor	(%rdi), %xmm0
+        movdqu	%xmm1, (%r8)
+        aesenc	16(%rdi), %xmm0
+        aesenc	32(%rdi), %xmm0
+        aesenc	48(%rdi), %xmm0
+        aesenc	64(%rdi), %xmm0
+        aesenc	80(%rdi), %xmm0
+        aesenc	96(%rdi), %xmm0
+        aesenc	112(%rdi), %xmm0
+        aesenc	128(%rdi), %xmm0
+        aesenc	144(%rdi), %xmm0
         cmpl	$11, %esi
-        movdqa	160(%rdi), %xmm9
+        movdqa	160(%rdi), %xmm1
         jl	L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
-        aesenc	%xmm9, %xmm8
-        aesenc	176(%rdi), %xmm8
+        aesenc	%xmm1, %xmm0
+        aesenc	176(%rdi), %xmm0
         cmpl	$13, %esi
-        movdqa	192(%rdi), %xmm9
+        movdqa	192(%rdi), %xmm1
         jl	L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
-        aesenc	%xmm9, %xmm8
-        aesenc	208(%rdi), %xmm8
-        movdqa	224(%rdi), %xmm9
+        aesenc	%xmm1, %xmm0
+        aesenc	208(%rdi), %xmm0
+        movdqa	224(%rdi), %xmm1
 L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last:
-        aesenclast	%xmm9, %xmm8
-        movdqu	(%r11), %xmm9
-        pxor	%xmm9, %xmm8
-        movdqu	%xmm8, (%r10)
-        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
+        aesenclast	%xmm1, %xmm0
+        movdqu	(%r11), %xmm1
+        pxor	%xmm1, %xmm0
+        movdqu	%xmm0, (%r10)
+        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm0
         repz retq
 #ifndef __APPLE__
 .size	AES_GCM_encrypt_block_aesni,.-AES_GCM_encrypt_block_aesni
@@ -3938,9 +3938,9 @@ _AES_GCM_ghash_block_aesni:
 #endif /* __APPLE__ */
         movdqa	(%rsi), %xmm4
         movdqa	(%rdx), %xmm5
-        movdqu	(%rdi), %xmm8
-        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm8
-        pxor	%xmm8, %xmm4
+        movdqu	(%rdi), %xmm7
+        pshufb	L_aes_gcm_bswap_mask(%rip), %xmm7
+        pxor	%xmm7, %xmm4
         pshufd	$0x4e, %xmm4, %xmm1
         pshufd	$0x4e, %xmm5, %xmm2
         movdqa	%xmm5, %xmm3
@@ -5243,16 +5243,16 @@ _AES_GCM_encrypt_final_aesni:
         movdqa	(%rdi), %xmm4
         movdqa	(%r9), %xmm5
         movdqa	(%r8), %xmm6
-        movdqa	%xmm5, %xmm9
         movdqa	%xmm5, %xmm8
-        psrlq	$63, %xmm9
-        psllq	$0x01, %xmm8
-        pslldq	$8, %xmm9
-        por	%xmm9, %xmm8
+        movdqa	%xmm5, %xmm7
+        psrlq	$63, %xmm8
+        psllq	$0x01, %xmm7
+        pslldq	$8, %xmm8
+        por	%xmm8, %xmm7
         pshufd	$0xff, %xmm5, %xmm5
         psrad	$31, %xmm5
         pand	L_aes_gcm_mod2_128(%rip), %xmm5
-        pxor	%xmm8, %xmm5
+        pxor	%xmm7, %xmm5
         movl	%r10d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -5260,46 +5260,46 @@ _AES_GCM_encrypt_final_aesni:
         pinsrq	$0x00, %rdx, %xmm0
         pinsrq	$0x01, %rcx, %xmm0
         pxor	%xmm0, %xmm4
-        pshufd	$0x4e, %xmm5, %xmm9
-        pshufd	$0x4e, %xmm4, %xmm10
-        movdqa	%xmm4, %xmm11
-        movdqa	%xmm4, %xmm8
-        pclmulqdq	$0x11, %xmm5, %xmm11
-        pclmulqdq	$0x00, %xmm5, %xmm8
-        pxor	%xmm5, %xmm9
-        pxor	%xmm4, %xmm10
-        pclmulqdq	$0x00, %xmm10, %xmm9
-        pxor	%xmm8, %xmm9
-        pxor	%xmm11, %xmm9
-        movdqa	%xmm9, %xmm10
-        movdqa	%xmm11, %xmm4
-        pslldq	$8, %xmm10
-        psrldq	$8, %xmm9
+        pshufd	$0x4e, %xmm5, %xmm8
+        pshufd	$0x4e, %xmm4, %xmm9
+        movdqa	%xmm4, %xmm10
+        movdqa	%xmm4, %xmm7
+        pclmulqdq	$0x11, %xmm5, %xmm10
+        pclmulqdq	$0x00, %xmm5, %xmm7
+        pxor	%xmm5, %xmm8
+        pxor	%xmm4, %xmm9
+        pclmulqdq	$0x00, %xmm9, %xmm8
+        pxor	%xmm7, %xmm8
         pxor	%xmm10, %xmm8
-        pxor	%xmm9, %xmm4
-        movdqa	%xmm8, %xmm12
-        movdqa	%xmm8, %xmm13
-        movdqa	%xmm8, %xmm14
-        pslld	$31, %xmm12
-        pslld	$30, %xmm13
-        pslld	$25, %xmm14
-        pxor	%xmm13, %xmm12
-        pxor	%xmm14, %xmm12
-        movdqa	%xmm12, %xmm13
-        psrldq	$4, %xmm13
-        pslldq	$12, %xmm12
-        pxor	%xmm12, %xmm8
-        movdqa	%xmm8, %xmm14
-        movdqa	%xmm8, %xmm10
         movdqa	%xmm8, %xmm9
-        psrld	$0x01, %xmm14
-        psrld	$2, %xmm10
-        psrld	$7, %xmm9
-        pxor	%xmm10, %xmm14
-        pxor	%xmm9, %xmm14
-        pxor	%xmm13, %xmm14
-        pxor	%xmm8, %xmm14
-        pxor	%xmm14, %xmm4
+        movdqa	%xmm10, %xmm4
+        pslldq	$8, %xmm9
+        psrldq	$8, %xmm8
+        pxor	%xmm9, %xmm7
+        pxor	%xmm8, %xmm4
+        movdqa	%xmm7, %xmm11
+        movdqa	%xmm7, %xmm12
+        movdqa	%xmm7, %xmm13
+        pslld	$31, %xmm11
+        pslld	$30, %xmm12
+        pslld	$25, %xmm13
+        pxor	%xmm12, %xmm11
+        pxor	%xmm13, %xmm11
+        movdqa	%xmm11, %xmm12
+        psrldq	$4, %xmm12
+        pslldq	$12, %xmm11
+        pxor	%xmm11, %xmm7
+        movdqa	%xmm7, %xmm13
+        movdqa	%xmm7, %xmm9
+        movdqa	%xmm7, %xmm8
+        psrld	$0x01, %xmm13
+        psrld	$2, %xmm9
+        psrld	$7, %xmm8
+        pxor	%xmm9, %xmm13
+        pxor	%xmm8, %xmm13
+        pxor	%xmm12, %xmm13
+        pxor	%xmm7, %xmm13
+        pxor	%xmm13, %xmm4
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm4
         movdqu	%xmm6, %xmm0
         pxor	%xmm4, %xmm0
@@ -6113,16 +6113,16 @@ _AES_GCM_decrypt_final_aesni:
         movdqa	(%rdi), %xmm6
         movdqa	(%r9), %xmm5
         movdqa	(%r8), %xmm15
-        movdqa	%xmm5, %xmm9
         movdqa	%xmm5, %xmm8
-        psrlq	$63, %xmm9
-        psllq	$0x01, %xmm8
-        pslldq	$8, %xmm9
-        por	%xmm9, %xmm8
+        movdqa	%xmm5, %xmm7
+        psrlq	$63, %xmm8
+        psllq	$0x01, %xmm7
+        pslldq	$8, %xmm8
+        por	%xmm8, %xmm7
         pshufd	$0xff, %xmm5, %xmm5
         psrad	$31, %xmm5
         pand	L_aes_gcm_mod2_128(%rip), %xmm5
-        pxor	%xmm8, %xmm5
+        pxor	%xmm7, %xmm5
         movl	%r10d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -6130,46 +6130,46 @@ _AES_GCM_decrypt_final_aesni:
         pinsrq	$0x00, %rdx, %xmm0
         pinsrq	$0x01, %rcx, %xmm0
         pxor	%xmm0, %xmm6
-        pshufd	$0x4e, %xmm5, %xmm9
-        pshufd	$0x4e, %xmm6, %xmm10
-        movdqa	%xmm6, %xmm11
-        movdqa	%xmm6, %xmm8
-        pclmulqdq	$0x11, %xmm5, %xmm11
-        pclmulqdq	$0x00, %xmm5, %xmm8
-        pxor	%xmm5, %xmm9
-        pxor	%xmm6, %xmm10
-        pclmulqdq	$0x00, %xmm10, %xmm9
-        pxor	%xmm8, %xmm9
-        pxor	%xmm11, %xmm9
-        movdqa	%xmm9, %xmm10
-        movdqa	%xmm11, %xmm6
-        pslldq	$8, %xmm10
-        psrldq	$8, %xmm9
+        pshufd	$0x4e, %xmm5, %xmm8
+        pshufd	$0x4e, %xmm6, %xmm9
+        movdqa	%xmm6, %xmm10
+        movdqa	%xmm6, %xmm7
+        pclmulqdq	$0x11, %xmm5, %xmm10
+        pclmulqdq	$0x00, %xmm5, %xmm7
+        pxor	%xmm5, %xmm8
+        pxor	%xmm6, %xmm9
+        pclmulqdq	$0x00, %xmm9, %xmm8
+        pxor	%xmm7, %xmm8
         pxor	%xmm10, %xmm8
-        pxor	%xmm9, %xmm6
-        movdqa	%xmm8, %xmm12
-        movdqa	%xmm8, %xmm13
-        movdqa	%xmm8, %xmm14
-        pslld	$31, %xmm12
-        pslld	$30, %xmm13
-        pslld	$25, %xmm14
-        pxor	%xmm13, %xmm12
-        pxor	%xmm14, %xmm12
-        movdqa	%xmm12, %xmm13
-        psrldq	$4, %xmm13
-        pslldq	$12, %xmm12
-        pxor	%xmm12, %xmm8
-        movdqa	%xmm8, %xmm14
-        movdqa	%xmm8, %xmm10
         movdqa	%xmm8, %xmm9
-        psrld	$0x01, %xmm14
-        psrld	$2, %xmm10
-        psrld	$7, %xmm9
-        pxor	%xmm10, %xmm14
-        pxor	%xmm9, %xmm14
-        pxor	%xmm13, %xmm14
-        pxor	%xmm8, %xmm14
-        pxor	%xmm14, %xmm6
+        movdqa	%xmm10, %xmm6
+        pslldq	$8, %xmm9
+        psrldq	$8, %xmm8
+        pxor	%xmm9, %xmm7
+        pxor	%xmm8, %xmm6
+        movdqa	%xmm7, %xmm11
+        movdqa	%xmm7, %xmm12
+        movdqa	%xmm7, %xmm13
+        pslld	$31, %xmm11
+        pslld	$30, %xmm12
+        pslld	$25, %xmm13
+        pxor	%xmm12, %xmm11
+        pxor	%xmm13, %xmm11
+        movdqa	%xmm11, %xmm12
+        psrldq	$4, %xmm12
+        pslldq	$12, %xmm11
+        pxor	%xmm11, %xmm7
+        movdqa	%xmm7, %xmm13
+        movdqa	%xmm7, %xmm9
+        movdqa	%xmm7, %xmm8
+        psrld	$0x01, %xmm13
+        psrld	$2, %xmm9
+        psrld	$7, %xmm8
+        pxor	%xmm9, %xmm13
+        pxor	%xmm8, %xmm13
+        pxor	%xmm12, %xmm13
+        pxor	%xmm7, %xmm13
+        pxor	%xmm13, %xmm6
         pshufb	L_aes_gcm_bswap_mask(%rip), %xmm6
         movdqu	%xmm15, %xmm0
         pxor	%xmm6, %xmm0
@@ -9133,53 +9133,53 @@ _AES_GCM_init_avx1:
         # H = Encrypt X(=0) and T = Encrypt counter
         vmovdqa	(%rdi), %xmm5
         vpxor	%xmm5, %xmm4, %xmm1
-        vmovdqa	16(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	32(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	48(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	64(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	80(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	96(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	112(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	128(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	144(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
+        vmovdqa	16(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	32(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	48(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	64(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	80(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	96(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	112(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	128(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	144(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
         cmpl	$11, %esi
-        vmovdqa	160(%rdi), %xmm7
+        vmovdqa	160(%rdi), %xmm6
         jl	L_AES_GCM_init_avx1_calc_iv_12_last
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	176(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	176(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
         cmpl	$13, %esi
-        vmovdqa	192(%rdi), %xmm7
+        vmovdqa	192(%rdi), %xmm6
         jl	L_AES_GCM_init_avx1_calc_iv_12_last
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	208(%rdi), %xmm7
-        vaesenc	%xmm7, %xmm5, %xmm5
-        vaesenc	%xmm7, %xmm1, %xmm1
-        vmovdqa	224(%rdi), %xmm7
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	208(%rdi), %xmm6
+        vaesenc	%xmm6, %xmm5, %xmm5
+        vaesenc	%xmm6, %xmm1, %xmm1
+        vmovdqa	224(%rdi), %xmm6
 L_AES_GCM_init_avx1_calc_iv_12_last:
-        vaesenclast	%xmm7, %xmm5, %xmm5
-        vaesenclast	%xmm7, %xmm1, %xmm1
+        vaesenclast	%xmm6, %xmm5, %xmm5
+        vaesenclast	%xmm6, %xmm1, %xmm1
         vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm5, %xmm5
         vmovdqu	%xmm1, %xmm15
         jmp	L_AES_GCM_init_avx1_iv_done
@@ -9197,18 +9197,18 @@ L_AES_GCM_init_avx1_iv_not_12:
         vaesenc	128(%rdi), %xmm5, %xmm5
         vaesenc	144(%rdi), %xmm5, %xmm5
         cmpl	$11, %esi
-        vmovdqa	160(%rdi), %xmm9
+        vmovdqa	160(%rdi), %xmm8
         jl	L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
-        vaesenc	%xmm9, %xmm5, %xmm5
+        vaesenc	%xmm8, %xmm5, %xmm5
         vaesenc	176(%rdi), %xmm5, %xmm5
         cmpl	$13, %esi
-        vmovdqa	192(%rdi), %xmm9
+        vmovdqa	192(%rdi), %xmm8
         jl	L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
-        vaesenc	%xmm9, %xmm5, %xmm5
+        vaesenc	%xmm8, %xmm5, %xmm5
         vaesenc	208(%rdi), %xmm5, %xmm5
-        vmovdqa	224(%rdi), %xmm9
+        vmovdqa	224(%rdi), %xmm8
 L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
-        vaesenclast	%xmm9, %xmm5, %xmm5
+        vaesenclast	%xmm8, %xmm5, %xmm5
         vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm5, %xmm5
         # Calc counter
         # Initialization vector
@@ -9219,9 +9219,9 @@ L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
         jl	L_AES_GCM_init_avx1_calc_iv_lt16
         andl	$0xfffffff0, %edx
 L_AES_GCM_init_avx1_calc_iv_16_loop:
-        vmovdqu	(%r10,%rcx,1), %xmm8
-        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
-        vpxor	%xmm8, %xmm4, %xmm4
+        vmovdqu	(%r10,%rcx,1), %xmm7
+        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+        vpxor	%xmm7, %xmm4, %xmm4
         # ghash_gfmul_avx
         vpshufd	$0x4e, %xmm4, %xmm1
         vpshufd	$0x4e, %xmm5, %xmm2
@@ -9232,38 +9232,38 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
         vpclmulqdq	$0x00, %xmm2, %xmm1, %xmm1
         vpxor	%xmm0, %xmm1, %xmm1
         vpxor	%xmm3, %xmm1, %xmm1
-        vmovdqa	%xmm0, %xmm7
+        vmovdqa	%xmm0, %xmm6
         vmovdqa	%xmm3, %xmm4
         vpslldq	$8, %xmm1, %xmm2
         vpsrldq	$8, %xmm1, %xmm1
-        vpxor	%xmm2, %xmm7, %xmm7
+        vpxor	%xmm2, %xmm6, %xmm6
         vpxor	%xmm1, %xmm4, %xmm4
-        vpsrld	$31, %xmm7, %xmm0
+        vpsrld	$31, %xmm6, %xmm0
         vpsrld	$31, %xmm4, %xmm1
-        vpslld	$0x01, %xmm7, %xmm7
+        vpslld	$0x01, %xmm6, %xmm6
         vpslld	$0x01, %xmm4, %xmm4
         vpsrldq	$12, %xmm0, %xmm2
         vpslldq	$4, %xmm0, %xmm0
         vpslldq	$4, %xmm1, %xmm1
         vpor	%xmm2, %xmm4, %xmm4
-        vpor	%xmm0, %xmm7, %xmm7
+        vpor	%xmm0, %xmm6, %xmm6
         vpor	%xmm1, %xmm4, %xmm4
-        vpslld	$31, %xmm7, %xmm0
-        vpslld	$30, %xmm7, %xmm1
-        vpslld	$25, %xmm7, %xmm2
+        vpslld	$31, %xmm6, %xmm0
+        vpslld	$30, %xmm6, %xmm1
+        vpslld	$25, %xmm6, %xmm2
         vpxor	%xmm1, %xmm0, %xmm0
         vpxor	%xmm2, %xmm0, %xmm0
         vmovdqa	%xmm0, %xmm1
         vpsrldq	$4, %xmm1, %xmm1
         vpslldq	$12, %xmm0, %xmm0
-        vpxor	%xmm0, %xmm7, %xmm7
-        vpsrld	$0x01, %xmm7, %xmm2
-        vpsrld	$2, %xmm7, %xmm3
-        vpsrld	$7, %xmm7, %xmm0
+        vpxor	%xmm0, %xmm6, %xmm6
+        vpsrld	$0x01, %xmm6, %xmm2
+        vpsrld	$2, %xmm6, %xmm3
+        vpsrld	$7, %xmm6, %xmm0
         vpxor	%xmm3, %xmm2, %xmm2
         vpxor	%xmm0, %xmm2, %xmm2
         vpxor	%xmm1, %xmm2, %xmm2
-        vpxor	%xmm7, %xmm2, %xmm2
+        vpxor	%xmm6, %xmm2, %xmm2
         vpxor	%xmm2, %xmm4, %xmm4
         addl	$16, %ecx
         cmpl	%edx, %ecx
@@ -9273,9 +9273,9 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
         je	L_AES_GCM_init_avx1_calc_iv_done
 L_AES_GCM_init_avx1_calc_iv_lt16:
         subq	$16, %rsp
-        vpxor	%xmm8, %xmm8, %xmm8
+        vpxor	%xmm7, %xmm7, %xmm7
         xorl	%r13d, %r13d
-        vmovdqu	%xmm8, (%rsp)
+        vmovdqu	%xmm7, (%rsp)
 L_AES_GCM_init_avx1_calc_iv_loop:
         movzbl	(%r10,%rcx,1), %r12d
         movb	%r12b, (%rsp,%r13,1)
@@ -9283,10 +9283,10 @@ L_AES_GCM_init_avx1_calc_iv_loop:
         incl	%r13d
         cmpl	%edx, %ecx
         jl	L_AES_GCM_init_avx1_calc_iv_loop
-        vmovdqu	(%rsp), %xmm8
+        vmovdqu	(%rsp), %xmm7
         addq	$16, %rsp
-        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
-        vpxor	%xmm8, %xmm4, %xmm4
+        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+        vpxor	%xmm7, %xmm4, %xmm4
         # ghash_gfmul_avx
         vpshufd	$0x4e, %xmm4, %xmm1
         vpshufd	$0x4e, %xmm5, %xmm2
@@ -9297,38 +9297,38 @@ L_AES_GCM_init_avx1_calc_iv_loop:
         vpclmulqdq	$0x00, %xmm2, %xmm1, %xmm1
         vpxor	%xmm0, %xmm1, %xmm1
         vpxor	%xmm3, %xmm1, %xmm1
-        vmovdqa	%xmm0, %xmm7
+        vmovdqa	%xmm0, %xmm6
         vmovdqa	%xmm3, %xmm4
         vpslldq	$8, %xmm1, %xmm2
         vpsrldq	$8, %xmm1, %xmm1
-        vpxor	%xmm2, %xmm7, %xmm7
+        vpxor	%xmm2, %xmm6, %xmm6
         vpxor	%xmm1, %xmm4, %xmm4
-        vpsrld	$31, %xmm7, %xmm0
+        vpsrld	$31, %xmm6, %xmm0
         vpsrld	$31, %xmm4, %xmm1
-        vpslld	$0x01, %xmm7, %xmm7
+        vpslld	$0x01, %xmm6, %xmm6
         vpslld	$0x01, %xmm4, %xmm4
         vpsrldq	$12, %xmm0, %xmm2
         vpslldq	$4, %xmm0, %xmm0
         vpslldq	$4, %xmm1, %xmm1
         vpor	%xmm2, %xmm4, %xmm4
-        vpor	%xmm0, %xmm7, %xmm7
+        vpor	%xmm0, %xmm6, %xmm6
         vpor	%xmm1, %xmm4, %xmm4
-        vpslld	$31, %xmm7, %xmm0
-        vpslld	$30, %xmm7, %xmm1
-        vpslld	$25, %xmm7, %xmm2
+        vpslld	$31, %xmm6, %xmm0
+        vpslld	$30, %xmm6, %xmm1
+        vpslld	$25, %xmm6, %xmm2
         vpxor	%xmm1, %xmm0, %xmm0
         vpxor	%xmm2, %xmm0, %xmm0
         vmovdqa	%xmm0, %xmm1
         vpsrldq	$4, %xmm1, %xmm1
         vpslldq	$12, %xmm0, %xmm0
-        vpxor	%xmm0, %xmm7, %xmm7
-        vpsrld	$0x01, %xmm7, %xmm2
-        vpsrld	$2, %xmm7, %xmm3
-        vpsrld	$7, %xmm7, %xmm0
+        vpxor	%xmm0, %xmm6, %xmm6
+        vpsrld	$0x01, %xmm6, %xmm2
+        vpsrld	$2, %xmm6, %xmm3
+        vpsrld	$7, %xmm6, %xmm0
         vpxor	%xmm3, %xmm2, %xmm2
         vpxor	%xmm0, %xmm2, %xmm2
         vpxor	%xmm1, %xmm2, %xmm2
-        vpxor	%xmm7, %xmm2, %xmm2
+        vpxor	%xmm6, %xmm2, %xmm2
         vpxor	%xmm2, %xmm4, %xmm4
 L_AES_GCM_init_avx1_calc_iv_done:
         # T = Encrypt counter
@@ -9346,66 +9346,66 @@ L_AES_GCM_init_avx1_calc_iv_done:
         vpclmulqdq	$0x00, %xmm2, %xmm1, %xmm1
         vpxor	%xmm0, %xmm1, %xmm1
         vpxor	%xmm3, %xmm1, %xmm1
-        vmovdqa	%xmm0, %xmm7
+        vmovdqa	%xmm0, %xmm6
         vmovdqa	%xmm3, %xmm4
         vpslldq	$8, %xmm1, %xmm2
         vpsrldq	$8, %xmm1, %xmm1
-        vpxor	%xmm2, %xmm7, %xmm7
+        vpxor	%xmm2, %xmm6, %xmm6
         vpxor	%xmm1, %xmm4, %xmm4
-        vpsrld	$31, %xmm7, %xmm0
+        vpsrld	$31, %xmm6, %xmm0
         vpsrld	$31, %xmm4, %xmm1
-        vpslld	$0x01, %xmm7, %xmm7
+        vpslld	$0x01, %xmm6, %xmm6
         vpslld	$0x01, %xmm4, %xmm4
         vpsrldq	$12, %xmm0, %xmm2
         vpslldq	$4, %xmm0, %xmm0
         vpslldq	$4, %xmm1, %xmm1
         vpor	%xmm2, %xmm4, %xmm4
-        vpor	%xmm0, %xmm7, %xmm7
+        vpor	%xmm0, %xmm6, %xmm6
         vpor	%xmm1, %xmm4, %xmm4
-        vpslld	$31, %xmm7, %xmm0
-        vpslld	$30, %xmm7, %xmm1
-        vpslld	$25, %xmm7, %xmm2
+        vpslld	$31, %xmm6, %xmm0
+        vpslld	$30, %xmm6, %xmm1
+        vpslld	$25, %xmm6, %xmm2
         vpxor	%xmm1, %xmm0, %xmm0
         vpxor	%xmm2, %xmm0, %xmm0
         vmovdqa	%xmm0, %xmm1
         vpsrldq	$4, %xmm1, %xmm1
         vpslldq	$12, %xmm0, %xmm0
-        vpxor	%xmm0, %xmm7, %xmm7
-        vpsrld	$0x01, %xmm7, %xmm2
-        vpsrld	$2, %xmm7, %xmm3
-        vpsrld	$7, %xmm7, %xmm0
+        vpxor	%xmm0, %xmm6, %xmm6
+        vpsrld	$0x01, %xmm6, %xmm2
+        vpsrld	$2, %xmm6, %xmm3
+        vpsrld	$7, %xmm6, %xmm0
         vpxor	%xmm3, %xmm2, %xmm2
         vpxor	%xmm0, %xmm2, %xmm2
         vpxor	%xmm1, %xmm2, %xmm2
-        vpxor	%xmm7, %xmm2, %xmm2
+        vpxor	%xmm6, %xmm2, %xmm2
         vpxor	%xmm2, %xmm4, %xmm4
         vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm4, %xmm4
         #   Encrypt counter
-        vmovdqa	(%rdi), %xmm8
-        vpxor	%xmm4, %xmm8, %xmm8
-        vaesenc	16(%rdi), %xmm8, %xmm8
-        vaesenc	32(%rdi), %xmm8, %xmm8
-        vaesenc	48(%rdi), %xmm8, %xmm8
-        vaesenc	64(%rdi), %xmm8, %xmm8
-        vaesenc	80(%rdi), %xmm8, %xmm8
-        vaesenc	96(%rdi), %xmm8, %xmm8
-        vaesenc	112(%rdi), %xmm8, %xmm8
-        vaesenc	128(%rdi), %xmm8, %xmm8
-        vaesenc	144(%rdi), %xmm8, %xmm8
+        vmovdqa	(%rdi), %xmm7
+        vpxor	%xmm4, %xmm7, %xmm7
+        vaesenc	16(%rdi), %xmm7, %xmm7
+        vaesenc	32(%rdi), %xmm7, %xmm7
+        vaesenc	48(%rdi), %xmm7, %xmm7
+        vaesenc	64(%rdi), %xmm7, %xmm7
+        vaesenc	80(%rdi), %xmm7, %xmm7
+        vaesenc	96(%rdi), %xmm7, %xmm7
+        vaesenc	112(%rdi), %xmm7, %xmm7
+        vaesenc	128(%rdi), %xmm7, %xmm7
+        vaesenc	144(%rdi), %xmm7, %xmm7
         cmpl	$11, %esi
-        vmovdqa	160(%rdi), %xmm9
+        vmovdqa	160(%rdi), %xmm8
         jl	L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
-        vaesenc	%xmm9, %xmm8, %xmm8
-        vaesenc	176(%rdi), %xmm8, %xmm8
+        vaesenc	%xmm8, %xmm7, %xmm7
+        vaesenc	176(%rdi), %xmm7, %xmm7
         cmpl	$13, %esi
-        vmovdqa	192(%rdi), %xmm9
+        vmovdqa	192(%rdi), %xmm8
         jl	L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
-        vaesenc	%xmm9, %xmm8, %xmm8
-        vaesenc	208(%rdi), %xmm8, %xmm8
-        vmovdqa	224(%rdi), %xmm9
+        vaesenc	%xmm8, %xmm7, %xmm7
+        vaesenc	208(%rdi), %xmm7, %xmm7
+        vmovdqa	224(%rdi), %xmm8
 L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last:
-        vaesenclast	%xmm9, %xmm8, %xmm8
-        vmovdqu	%xmm8, %xmm15
+        vaesenclast	%xmm8, %xmm7, %xmm7
+        vmovdqu	%xmm7, %xmm15
 L_AES_GCM_init_avx1_iv_done:
         vmovdqa	%xmm15, (%rax)
         vpshufb	L_avx1_aes_gcm_bswap_epi64(%rip), %xmm4, %xmm4
@@ -9437,9 +9437,9 @@ _AES_GCM_aad_update_avx1:
         vmovdqa	(%rax), %xmm6
         xorl	%ecx, %ecx
 L_AES_GCM_aad_update_avx1_16_loop:
-        vmovdqu	(%rdi,%rcx,1), %xmm8
-        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
-        vpxor	%xmm8, %xmm5, %xmm5
+        vmovdqu	(%rdi,%rcx,1), %xmm7
+        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+        vpxor	%xmm7, %xmm5, %xmm5
         # ghash_gfmul_avx
         vpshufd	$0x4e, %xmm5, %xmm1
         vpshufd	$0x4e, %xmm6, %xmm2
@@ -9506,37 +9506,37 @@ _AES_GCM_encrypt_block_avx1:
 #endif /* __APPLE__ */
         movq	%rdx, %r10
         movq	%rcx, %r11
-        vmovdqu	(%r8), %xmm9
-        vpshufb	L_avx1_aes_gcm_bswap_epi64(%rip), %xmm9, %xmm8
-        vpaddd	L_avx1_aes_gcm_one(%rip), %xmm9, %xmm9
-        vmovdqu	%xmm9, (%r8)
-        vpxor	(%rdi), %xmm8, %xmm8
-        vaesenc	16(%rdi), %xmm8, %xmm8
-        vaesenc	32(%rdi), %xmm8, %xmm8
-        vaesenc	48(%rdi), %xmm8, %xmm8
-        vaesenc	64(%rdi), %xmm8, %xmm8
-        vaesenc	80(%rdi), %xmm8, %xmm8
-        vaesenc	96(%rdi), %xmm8, %xmm8
-        vaesenc	112(%rdi), %xmm8, %xmm8
-        vaesenc	128(%rdi), %xmm8, %xmm8
-        vaesenc	144(%rdi), %xmm8, %xmm8
+        vmovdqu	(%r8), %xmm1
+        vpshufb	L_avx1_aes_gcm_bswap_epi64(%rip), %xmm1, %xmm0
+        vpaddd	L_avx1_aes_gcm_one(%rip), %xmm1, %xmm1
+        vmovdqu	%xmm1, (%r8)
+        vpxor	(%rdi), %xmm0, %xmm0
+        vaesenc	16(%rdi), %xmm0, %xmm0
+        vaesenc	32(%rdi), %xmm0, %xmm0
+        vaesenc	48(%rdi), %xmm0, %xmm0
+        vaesenc	64(%rdi), %xmm0, %xmm0
+        vaesenc	80(%rdi), %xmm0, %xmm0
+        vaesenc	96(%rdi), %xmm0, %xmm0
+        vaesenc	112(%rdi), %xmm0, %xmm0
+        vaesenc	128(%rdi), %xmm0, %xmm0
+        vaesenc	144(%rdi), %xmm0, %xmm0
         cmpl	$11, %esi
-        vmovdqa	160(%rdi), %xmm9
+        vmovdqa	160(%rdi), %xmm1
         jl	L_AES_GCM_encrypt_block_avx1_aesenc_block_last
-        vaesenc	%xmm9, %xmm8, %xmm8
-        vaesenc	176(%rdi), %xmm8, %xmm8
+        vaesenc	%xmm1, %xmm0, %xmm0
+        vaesenc	176(%rdi), %xmm0, %xmm0
         cmpl	$13, %esi
-        vmovdqa	192(%rdi), %xmm9
+        vmovdqa	192(%rdi), %xmm1
         jl	L_AES_GCM_encrypt_block_avx1_aesenc_block_last
-        vaesenc	%xmm9, %xmm8, %xmm8
-        vaesenc	208(%rdi), %xmm8, %xmm8
-        vmovdqa	224(%rdi), %xmm9
+        vaesenc	%xmm1, %xmm0, %xmm0
+        vaesenc	208(%rdi), %xmm0, %xmm0
+        vmovdqa	224(%rdi), %xmm1
 L_AES_GCM_encrypt_block_avx1_aesenc_block_last:
-        vaesenclast	%xmm9, %xmm8, %xmm8
-        vmovdqu	(%r11), %xmm9
-        vpxor	%xmm9, %xmm8, %xmm8
-        vmovdqu	%xmm8, (%r10)
-        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
+        vaesenclast	%xmm1, %xmm0, %xmm0
+        vmovdqu	(%r11), %xmm1
+        vpxor	%xmm1, %xmm0, %xmm0
+        vmovdqu	%xmm0, (%r10)
+        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm0, %xmm0
         vzeroupper
         repz retq
 #ifndef __APPLE__
@@ -9556,9 +9556,9 @@ _AES_GCM_ghash_block_avx1:
 #endif /* __APPLE__ */
         vmovdqa	(%rsi), %xmm4
         vmovdqa	(%rdx), %xmm5
-        vmovdqu	(%rdi), %xmm8
-        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm8, %xmm8
-        vpxor	%xmm8, %xmm4, %xmm4
+        vmovdqu	(%rdi), %xmm7
+        vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm7, %xmm7
+        vpxor	%xmm7, %xmm4, %xmm4
         # ghash_gfmul_avx
         vpshufd	$0x4e, %xmm4, %xmm1
         vpshufd	$0x4e, %xmm5, %xmm2
@@ -10654,14 +10654,14 @@ _AES_GCM_encrypt_final_avx1:
         vmovdqa	(%rdi), %xmm4
         vmovdqa	(%r9), %xmm5
         vmovdqa	(%r8), %xmm6
-        vpsrlq	$63, %xmm5, %xmm9
-        vpsllq	$0x01, %xmm5, %xmm8
-        vpslldq	$8, %xmm9, %xmm9
-        vpor	%xmm9, %xmm8, %xmm8
+        vpsrlq	$63, %xmm5, %xmm8
+        vpsllq	$0x01, %xmm5, %xmm7
+        vpslldq	$8, %xmm8, %xmm8
+        vpor	%xmm8, %xmm7, %xmm7
         vpshufd	$0xff, %xmm5, %xmm5
         vpsrad	$31, %xmm5, %xmm5
         vpand	L_avx1_aes_gcm_mod2_128(%rip), %xmm5, %xmm5
-        vpxor	%xmm8, %xmm5, %xmm5
+        vpxor	%xmm7, %xmm5, %xmm5
         movl	%r10d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -10671,35 +10671,35 @@ _AES_GCM_encrypt_final_avx1:
         vpunpcklqdq	%xmm1, %xmm0, %xmm0
         vpxor	%xmm0, %xmm4, %xmm4
         # ghash_gfmul_red_avx
-        vpshufd	$0x4e, %xmm5, %xmm9
-        vpshufd	$0x4e, %xmm4, %xmm10
-        vpclmulqdq	$0x11, %xmm5, %xmm4, %xmm11
-        vpclmulqdq	$0x00, %xmm5, %xmm4, %xmm8
-        vpxor	%xmm5, %xmm9, %xmm9
-        vpxor	%xmm4, %xmm10, %xmm10
-        vpclmulqdq	$0x00, %xmm10, %xmm9, %xmm9
-        vpxor	%xmm8, %xmm9, %xmm9
-        vpxor	%xmm11, %xmm9, %xmm9
-        vpslldq	$8, %xmm9, %xmm10
-        vpsrldq	$8, %xmm9, %xmm9
+        vpshufd	$0x4e, %xmm5, %xmm8
+        vpshufd	$0x4e, %xmm4, %xmm9
+        vpclmulqdq	$0x11, %xmm5, %xmm4, %xmm10
+        vpclmulqdq	$0x00, %xmm5, %xmm4, %xmm7
+        vpxor	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm4, %xmm9, %xmm9
+        vpclmulqdq	$0x00, %xmm9, %xmm8, %xmm8
+        vpxor	%xmm7, %xmm8, %xmm8
         vpxor	%xmm10, %xmm8, %xmm8
-        vpxor	%xmm9, %xmm11, %xmm4
-        vpslld	$31, %xmm8, %xmm12
-        vpslld	$30, %xmm8, %xmm13
-        vpslld	$25, %xmm8, %xmm14
-        vpxor	%xmm13, %xmm12, %xmm12
-        vpxor	%xmm14, %xmm12, %xmm12
-        vpsrldq	$4, %xmm12, %xmm13
-        vpslldq	$12, %xmm12, %xmm12
-        vpxor	%xmm12, %xmm8, %xmm8
-        vpsrld	$0x01, %xmm8, %xmm14
-        vpsrld	$2, %xmm8, %xmm10
-        vpsrld	$7, %xmm8, %xmm9
-        vpxor	%xmm10, %xmm14, %xmm14
-        vpxor	%xmm9, %xmm14, %xmm14
-        vpxor	%xmm13, %xmm14, %xmm14
-        vpxor	%xmm8, %xmm14, %xmm14
-        vpxor	%xmm14, %xmm4, %xmm4
+        vpslldq	$8, %xmm8, %xmm9
+        vpsrldq	$8, %xmm8, %xmm8
+        vpxor	%xmm9, %xmm7, %xmm7
+        vpxor	%xmm8, %xmm10, %xmm4
+        vpslld	$31, %xmm7, %xmm11
+        vpslld	$30, %xmm7, %xmm12
+        vpslld	$25, %xmm7, %xmm13
+        vpxor	%xmm12, %xmm11, %xmm11
+        vpxor	%xmm13, %xmm11, %xmm11
+        vpsrldq	$4, %xmm11, %xmm12
+        vpslldq	$12, %xmm11, %xmm11
+        vpxor	%xmm11, %xmm7, %xmm7
+        vpsrld	$0x01, %xmm7, %xmm13
+        vpsrld	$2, %xmm7, %xmm9
+        vpsrld	$7, %xmm7, %xmm8
+        vpxor	%xmm9, %xmm13, %xmm13
+        vpxor	%xmm8, %xmm13, %xmm13
+        vpxor	%xmm12, %xmm13, %xmm13
+        vpxor	%xmm7, %xmm13, %xmm13
+        vpxor	%xmm13, %xmm4, %xmm4
         vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm4, %xmm4
         vpxor	%xmm6, %xmm4, %xmm0
         cmpl	$16, %eax
@@ -11356,14 +11356,14 @@ _AES_GCM_decrypt_final_avx1:
         vmovdqa	(%rdi), %xmm6
         vmovdqa	(%r9), %xmm5
         vmovdqa	(%r8), %xmm15
-        vpsrlq	$63, %xmm5, %xmm9
-        vpsllq	$0x01, %xmm5, %xmm8
-        vpslldq	$8, %xmm9, %xmm9
-        vpor	%xmm9, %xmm8, %xmm8
+        vpsrlq	$63, %xmm5, %xmm8
+        vpsllq	$0x01, %xmm5, %xmm7
+        vpslldq	$8, %xmm8, %xmm8
+        vpor	%xmm8, %xmm7, %xmm7
         vpshufd	$0xff, %xmm5, %xmm5
         vpsrad	$31, %xmm5, %xmm5
         vpand	L_avx1_aes_gcm_mod2_128(%rip), %xmm5, %xmm5
-        vpxor	%xmm8, %xmm5, %xmm5
+        vpxor	%xmm7, %xmm5, %xmm5
         movl	%r10d, %edx
         movl	%r11d, %ecx
         shlq	$3, %rdx
@@ -11373,35 +11373,35 @@ _AES_GCM_decrypt_final_avx1:
         vpunpcklqdq	%xmm1, %xmm0, %xmm0
         vpxor	%xmm0, %xmm6, %xmm6
         # ghash_gfmul_red_avx
-        vpshufd	$0x4e, %xmm5, %xmm9
-        vpshufd	$0x4e, %xmm6, %xmm10
-        vpclmulqdq	$0x11, %xmm5, %xmm6, %xmm11
-        vpclmulqdq	$0x00, %xmm5, %xmm6, %xmm8
-        vpxor	%xmm5, %xmm9, %xmm9
-        vpxor	%xmm6, %xmm10, %xmm10
-        vpclmulqdq	$0x00, %xmm10, %xmm9, %xmm9
-        vpxor	%xmm8, %xmm9, %xmm9
-        vpxor	%xmm11, %xmm9, %xmm9
-        vpslldq	$8, %xmm9, %xmm10
-        vpsrldq	$8, %xmm9, %xmm9
+        vpshufd	$0x4e, %xmm5, %xmm8
+        vpshufd	$0x4e, %xmm6, %xmm9
+        vpclmulqdq	$0x11, %xmm5, %xmm6, %xmm10
+        vpclmulqdq	$0x00, %xmm5, %xmm6, %xmm7
+        vpxor	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm6, %xmm9, %xmm9
+        vpclmulqdq	$0x00, %xmm9, %xmm8, %xmm8
+        vpxor	%xmm7, %xmm8, %xmm8
         vpxor	%xmm10, %xmm8, %xmm8
-        vpxor	%xmm9, %xmm11, %xmm6
-        vpslld	$31, %xmm8, %xmm12
-        vpslld	$30, %xmm8, %xmm13
-        vpslld	$25, %xmm8, %xmm14
-        vpxor	%xmm13, %xmm12, %xmm12
-        vpxor	%xmm14, %xmm12, %xmm12
-        vpsrldq	$4, %xmm12, %xmm13
-        vpslldq	$12, %xmm12, %xmm12
-        vpxor	%xmm12, %xmm8, %xmm8
-        vpsrld	$0x01, %xmm8, %xmm14
-        vpsrld	$2, %xmm8, %xmm10
-        vpsrld	$7, %xmm8, %xmm9
-        vpxor	%xmm10, %xmm14, %xmm14
-        vpxor	%xmm9, %xmm14, %xmm14
-        vpxor	%xmm13, %xmm14, %xmm14
-        vpxor	%xmm8, %xmm14, %xmm14
-        vpxor	%xmm14, %xmm6, %xmm6
+        vpslldq	$8, %xmm8, %xmm9
+        vpsrldq	$8, %xmm8, %xmm8
+        vpxor	%xmm9, %xmm7, %xmm7
+        vpxor	%xmm8, %xmm10, %xmm6
+        vpslld	$31, %xmm7, %xmm11
+        vpslld	$30, %xmm7, %xmm12
+        vpslld	$25, %xmm7, %xmm13
+        vpxor	%xmm12, %xmm11, %xmm11
+        vpxor	%xmm13, %xmm11, %xmm11
+        vpsrldq	$4, %xmm11, %xmm12
+        vpslldq	$12, %xmm11, %xmm11
+        vpxor	%xmm11, %xmm7, %xmm7
+        vpsrld	$0x01, %xmm7, %xmm13
+        vpsrld	$2, %xmm7, %xmm9
+        vpsrld	$7, %xmm7, %xmm8
+        vpxor	%xmm9, %xmm13, %xmm13
+        vpxor	%xmm8, %xmm13, %xmm13
+        vpxor	%xmm12, %xmm13, %xmm13
+        vpxor	%xmm7, %xmm13, %xmm13
+        vpxor	%xmm13, %xmm6, %xmm6
         vpshufb	L_avx1_aes_gcm_bswap_mask(%rip), %xmm6, %xmm6
         vpxor	%xmm15, %xmm6, %xmm0
         cmpl	$16, %eax
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
index 031a0961..c0e3682f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_gcm_asm.asm
@@ -1,5 +1,5 @@
-; /* aes_gcm_asm
-;  *
+; /* aes_gcm_asm.asm */
+; /*
 ;  * Copyright (C) 2006-2023 wolfSSL Inc.
 ;  *
 ;  * This file is part of wolfSSL.
@@ -96,7 +96,7 @@ L_aes_gcm_mod2_128 QWORD 1, 13979173243358019584
 ptr_L_aes_gcm_mod2_128 QWORD L_aes_gcm_mod2_128
 _DATA ENDS
 _text SEGMENT READONLY PARA
-AES_GCM_encrypt PROC
+AES_GCM_encrypt_aesni PROC
         push	r13
         push	rdi
         push	rsi
@@ -115,12 +115,22 @@ AES_GCM_encrypt PROC
         mov	r14d, DWORD PTR [rsp+128]
         mov	r15, QWORD PTR [rsp+136]
         mov	r10d, DWORD PTR [rsp+144]
-        sub	rsp, 160
+        sub	rsp, 320
+        movdqu	[rsp+160], xmm6
+        movdqu	[rsp+176], xmm7
+        movdqu	[rsp+192], xmm8
+        movdqu	[rsp+208], xmm9
+        movdqu	[rsp+224], xmm10
+        movdqu	[rsp+240], xmm11
+        movdqu	[rsp+256], xmm12
+        movdqu	[rsp+272], xmm13
+        movdqu	[rsp+288], xmm14
+        movdqu	[rsp+304], xmm15
         pxor	xmm4, xmm4
         pxor	xmm6, xmm6
         cmp	ebx, 12
         mov	edx, ebx
-        jne	L_AES_GCM_encrypt_iv_not_12
+        jne	L_AES_GCM_encrypt_aesni_iv_not_12
         ; # Calculate values when IV is 12 bytes
         ; Set counter based on IV
         mov	ecx, 16777216
@@ -160,7 +170,7 @@ AES_GCM_encrypt PROC
         aesenc	xmm1, xmm7
         cmp	r10d, 11
         movdqa	xmm7, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_calc_iv_12_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_12_last
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+176]
@@ -168,20 +178,20 @@ AES_GCM_encrypt PROC
         aesenc	xmm1, xmm7
         cmp	r10d, 13
         movdqa	xmm7, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_calc_iv_12_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_12_last
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+208]
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_12_last:
+L_AES_GCM_encrypt_aesni_calc_iv_12_last:
         aesenclast	xmm5, xmm7
         aesenclast	xmm1, xmm7
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         movdqu	[rsp+144], xmm1
-        jmp	L_AES_GCM_encrypt_iv_done
-L_AES_GCM_encrypt_iv_not_12:
+        jmp	L_AES_GCM_encrypt_aesni_iv_done
+L_AES_GCM_encrypt_aesni_iv_not_12:
         ; Calculate values when IV is not 12 bytes
         ; H = Encrypt X(=0)
         movdqa	xmm5, OWORD PTR [r15]
@@ -196,27 +206,27 @@ L_AES_GCM_encrypt_iv_not_12:
         aesenc	xmm5, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	xmm5, xmm9
         aesenc	xmm5, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	xmm5, xmm9
         aesenc	xmm5, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_1_aesenc_avx_last:
         aesenclast	xmm5, xmm9
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         ; Calc counter
         ; Initialization vector
         cmp	edx, 0
         mov	rcx, 0
-        je	L_AES_GCM_encrypt_calc_iv_done
+        je	L_AES_GCM_encrypt_aesni_calc_iv_done
         cmp	edx, 16
-        jl	L_AES_GCM_encrypt_calc_iv_lt16
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_lt16
         and	edx, 4294967280
-L_AES_GCM_encrypt_calc_iv_16_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_16_loop:
         movdqu	xmm8, [rax+rcx]
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
         pxor	xmm4, xmm8
@@ -276,22 +286,22 @@ L_AES_GCM_encrypt_calc_iv_16_loop:
         pxor	xmm4, xmm2
         add	ecx, 16
         cmp	ecx, edx
-        jl	L_AES_GCM_encrypt_calc_iv_16_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_16_loop
         mov	edx, ebx
         cmp	ecx, edx
-        je	L_AES_GCM_encrypt_calc_iv_done
-L_AES_GCM_encrypt_calc_iv_lt16:
+        je	L_AES_GCM_encrypt_aesni_calc_iv_done
+L_AES_GCM_encrypt_aesni_calc_iv_lt16:
         sub	rsp, 16
         pxor	xmm8, xmm8
         xor	ebx, ebx
         movdqu	[rsp], xmm8
-L_AES_GCM_encrypt_calc_iv_loop:
+L_AES_GCM_encrypt_aesni_calc_iv_loop:
         movzx	r13d, BYTE PTR [rax+rcx]
         mov	BYTE PTR [rsp+rbx], r13b
         inc	ecx
         inc	ebx
         cmp	ecx, edx
-        jl	L_AES_GCM_encrypt_calc_iv_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_loop
         movdqu	xmm8, [rsp]
         add	rsp, 16
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -350,7 +360,7 @@ L_AES_GCM_encrypt_calc_iv_loop:
         pxor	xmm2, xmm1
         pxor	xmm2, xmm7
         pxor	xmm4, xmm2
-L_AES_GCM_encrypt_calc_iv_done:
+L_AES_GCM_encrypt_aesni_calc_iv_done:
         ; T = Encrypt counter
         pxor	xmm0, xmm0
         shl	edx, 3
@@ -425,28 +435,28 @@ L_AES_GCM_encrypt_calc_iv_done:
         aesenc	xmm8, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_calc_iv_2_aesenc_avx_last:
         aesenclast	xmm8, xmm9
         movdqu	[rsp+144], xmm8
-L_AES_GCM_encrypt_iv_done:
+L_AES_GCM_encrypt_aesni_iv_done:
         ; Additional authentication data
         mov	edx, r11d
         cmp	edx, 0
-        je	L_AES_GCM_encrypt_calc_aad_done
+        je	L_AES_GCM_encrypt_aesni_calc_aad_done
         xor	ecx, ecx
         cmp	edx, 16
-        jl	L_AES_GCM_encrypt_calc_aad_lt16
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_lt16
         and	edx, 4294967280
-L_AES_GCM_encrypt_calc_aad_16_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_16_loop:
         movdqu	xmm8, [r12+rcx]
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
         pxor	xmm6, xmm8
@@ -506,22 +516,22 @@ L_AES_GCM_encrypt_calc_aad_16_loop:
         pxor	xmm6, xmm2
         add	ecx, 16
         cmp	ecx, edx
-        jl	L_AES_GCM_encrypt_calc_aad_16_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_16_loop
         mov	edx, r11d
         cmp	ecx, edx
-        je	L_AES_GCM_encrypt_calc_aad_done
-L_AES_GCM_encrypt_calc_aad_lt16:
+        je	L_AES_GCM_encrypt_aesni_calc_aad_done
+L_AES_GCM_encrypt_aesni_calc_aad_lt16:
         sub	rsp, 16
         pxor	xmm8, xmm8
         xor	ebx, ebx
         movdqu	[rsp], xmm8
-L_AES_GCM_encrypt_calc_aad_loop:
+L_AES_GCM_encrypt_aesni_calc_aad_loop:
         movzx	r13d, BYTE PTR [r12+rcx]
         mov	BYTE PTR [rsp+rbx], r13b
         inc	ecx
         inc	ebx
         cmp	ecx, edx
-        jl	L_AES_GCM_encrypt_calc_aad_loop
+        jl	L_AES_GCM_encrypt_aesni_calc_aad_loop
         movdqu	xmm8, [rsp]
         add	rsp, 16
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -580,7 +590,7 @@ L_AES_GCM_encrypt_calc_aad_loop:
         pxor	xmm2, xmm1
         pxor	xmm2, xmm7
         pxor	xmm6, xmm2
-L_AES_GCM_encrypt_calc_aad_done:
+L_AES_GCM_encrypt_aesni_calc_aad_done:
         ; Calculate counter and H
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_epi64
         movdqa	xmm9, xmm5
@@ -598,7 +608,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         xor	rbx, rbx
         cmp	r9d, 128
         mov	r13d, r9d
-        jl	L_AES_GCM_encrypt_done_128
+        jl	L_AES_GCM_encrypt_aesni_done_128
         and	r13d, 4294967168
         movdqa	xmm2, xmm6
         ; H ^ 1
@@ -1017,7 +1027,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	xmm15, xmm7
         cmp	r10d, 11
         movdqa	xmm7, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_enc_done
+        jl	L_AES_GCM_encrypt_aesni_enc_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -1037,7 +1047,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	xmm15, xmm7
         cmp	r10d, 13
         movdqa	xmm7, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_enc_done
+        jl	L_AES_GCM_encrypt_aesni_enc_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -1056,7 +1066,7 @@ L_AES_GCM_encrypt_calc_aad_done:
         aesenc	xmm14, xmm7
         aesenc	xmm15, xmm7
         movdqa	xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_enc_done:
+L_AES_GCM_encrypt_aesni_enc_done:
         aesenclast	xmm8, xmm7
         aesenclast	xmm9, xmm7
         movdqu	xmm0, [rdi]
@@ -1091,9 +1101,9 @@ L_AES_GCM_encrypt_enc_done:
         movdqu	[rsi+112], xmm15
         cmp	r13d, 128
         mov	ebx, 128
-        jle	L_AES_GCM_encrypt_end_128
+        jle	L_AES_GCM_encrypt_aesni_end_128
         ; More 128 bytes of input
-L_AES_GCM_encrypt_ghash_128:
+L_AES_GCM_encrypt_aesni_ghash_128:
         lea	rcx, QWORD PTR [rdi+rbx]
         lea	rdx, QWORD PTR [rsi+rbx]
         movdqu	xmm8, [rsp+128]
@@ -1361,7 +1371,7 @@ L_AES_GCM_encrypt_ghash_128:
         pxor	xmm2, xmm3
         cmp	r10d, 11
         movdqa	xmm7, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -1381,7 +1391,7 @@ L_AES_GCM_encrypt_ghash_128:
         aesenc	xmm15, xmm7
         cmp	r10d, 13
         movdqa	xmm7, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -1400,7 +1410,7 @@ L_AES_GCM_encrypt_ghash_128:
         aesenc	xmm14, xmm7
         aesenc	xmm15, xmm7
         movdqa	xmm7, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_encrypt_aesni_aesenc_128_ghash_avx_done:
         aesenclast	xmm8, xmm7
         aesenclast	xmm9, xmm7
         movdqu	xmm0, [rcx]
@@ -1435,8 +1445,8 @@ L_AES_GCM_encrypt_aesenc_128_ghash_avx_done:
         movdqu	[rdx+112], xmm15
         add	ebx, 128
         cmp	ebx, r13d
-        jl	L_AES_GCM_encrypt_ghash_128
-L_AES_GCM_encrypt_end_128:
+        jl	L_AES_GCM_encrypt_aesni_ghash_128
+L_AES_GCM_encrypt_aesni_end_128:
         movdqa	xmm4, OWORD PTR L_aes_gcm_bswap_mask
         pshufb	xmm8, xmm4
         pshufb	xmm9, xmm4
@@ -1623,14 +1633,14 @@ L_AES_GCM_encrypt_end_128:
         pxor	xmm2, xmm4
         pxor	xmm6, xmm2
         movdqu	xmm5, [rsp]
-L_AES_GCM_encrypt_done_128:
+L_AES_GCM_encrypt_aesni_done_128:
         mov	edx, r9d
         cmp	ebx, edx
-        jge	L_AES_GCM_encrypt_done_enc
+        jge	L_AES_GCM_encrypt_aesni_done_enc
         mov	r13d, r9d
         and	r13d, 4294967280
         cmp	ebx, r13d
-        jge	L_AES_GCM_encrypt_last_block_done
+        jge	L_AES_GCM_encrypt_aesni_last_block_done
         lea	rcx, QWORD PTR [rdi+rbx]
         lea	rdx, QWORD PTR [rsi+rbx]
         movdqu	xmm8, [rsp+128]
@@ -1650,16 +1660,16 @@ L_AES_GCM_encrypt_done_128:
         aesenc	xmm8, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_block_aesenc_avx_last:
         aesenclast	xmm8, xmm9
         movdqu	xmm9, [rcx]
         pxor	xmm8, xmm9
@@ -1668,8 +1678,8 @@ L_AES_GCM_encrypt_aesenc_block_aesenc_avx_last:
         pxor	xmm6, xmm8
         add	ebx, 16
         cmp	ebx, r13d
-        jge	L_AES_GCM_encrypt_last_block_ghash
-L_AES_GCM_encrypt_last_block_start:
+        jge	L_AES_GCM_encrypt_aesni_last_block_ghash
+L_AES_GCM_encrypt_aesni_last_block_start:
         lea	rcx, QWORD PTR [rdi+rbx]
         lea	rdx, QWORD PTR [rsi+rbx]
         movdqu	xmm8, [rsp+128]
@@ -1714,16 +1724,16 @@ L_AES_GCM_encrypt_last_block_start:
         pxor	xmm6, xmm3
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_gfmul_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_gfmul_last:
+L_AES_GCM_encrypt_aesni_aesenc_gfmul_last:
         aesenclast	xmm8, xmm9
         movdqu	xmm9, [rcx]
         pxor	xmm8, xmm9
@@ -1732,8 +1742,8 @@ L_AES_GCM_encrypt_aesenc_gfmul_last:
         pxor	xmm6, xmm8
         add	ebx, 16
         cmp	ebx, r13d
-        jl	L_AES_GCM_encrypt_last_block_start
-L_AES_GCM_encrypt_last_block_ghash:
+        jl	L_AES_GCM_encrypt_aesni_last_block_start
+L_AES_GCM_encrypt_aesni_last_block_ghash:
         pshufd	xmm9, xmm5, 78
         pshufd	xmm10, xmm6, 78
         movdqa	xmm11, xmm6
@@ -1774,11 +1784,11 @@ L_AES_GCM_encrypt_last_block_ghash:
         pxor	xmm14, xmm13
         pxor	xmm14, xmm8
         pxor	xmm6, xmm14
-L_AES_GCM_encrypt_last_block_done:
+L_AES_GCM_encrypt_aesni_last_block_done:
         mov	ecx, r9d
         mov	edx, ecx
         and	ecx, 15
-        jz	L_AES_GCM_encrypt_aesenc_last15_enc_avx_done
+        jz	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done
         movdqu	xmm4, [rsp+128]
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_epi64
         pxor	xmm4, [r15]
@@ -1793,21 +1803,21 @@ L_AES_GCM_encrypt_last_block_done:
         aesenc	xmm4, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
         aesenc	xmm4, xmm9
         aesenc	xmm4, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last
         aesenc	xmm4, xmm9
         aesenc	xmm4, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_aesenc_avx_last:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_aesenc_avx_last:
         aesenclast	xmm4, xmm9
         sub	rsp, 16
         xor	ecx, ecx
         movdqu	[rsp], xmm4
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop:
         movzx	r13d, BYTE PTR [rdi+rbx]
         xor	r13b, BYTE PTR [rsp+rcx]
         mov	BYTE PTR [rsi+rbx], r13b
@@ -1815,16 +1825,16 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop:
         inc	ebx
         inc	ecx
         cmp	ebx, edx
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_loop
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_loop
         xor	r13, r13
         cmp	ecx, 16
-        je	L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop:
+        je	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop:
         mov	BYTE PTR [rsp+rcx], r13b
         inc	ecx
         cmp	ecx, 16
-        jl	L_AES_GCM_encrypt_aesenc_last15_enc_avx_byte_loop
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
+        jl	L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_byte_loop
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_finish_enc:
         movdqu	xmm4, [rsp]
         add	rsp, 16
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_mask
@@ -1869,8 +1879,8 @@ L_AES_GCM_encrypt_aesenc_last15_enc_avx_finish_enc:
         pxor	xmm14, xmm13
         pxor	xmm14, xmm8
         pxor	xmm6, xmm14
-L_AES_GCM_encrypt_aesenc_last15_enc_avx_done:
-L_AES_GCM_encrypt_done_enc:
+L_AES_GCM_encrypt_aesni_aesenc_last15_enc_avx_done:
+L_AES_GCM_encrypt_aesni_done_enc:
         mov	edx, r9d
         mov	ecx, r11d
         shl	rdx, 3
@@ -1922,20 +1932,30 @@ L_AES_GCM_encrypt_done_enc:
         movdqu	xmm0, [rsp+144]
         pxor	xmm0, xmm6
         cmp	r14d, 16
-        je	L_AES_GCM_encrypt_store_tag_16
+        je	L_AES_GCM_encrypt_aesni_store_tag_16
         xor	rcx, rcx
         movdqu	[rsp], xmm0
-L_AES_GCM_encrypt_store_tag_loop:
+L_AES_GCM_encrypt_aesni_store_tag_loop:
         movzx	r13d, BYTE PTR [rsp+rcx]
         mov	BYTE PTR [r8+rcx], r13b
         inc	ecx
         cmp	ecx, r14d
-        jne	L_AES_GCM_encrypt_store_tag_loop
-        jmp	L_AES_GCM_encrypt_store_tag_done
-L_AES_GCM_encrypt_store_tag_16:
+        jne	L_AES_GCM_encrypt_aesni_store_tag_loop
+        jmp	L_AES_GCM_encrypt_aesni_store_tag_done
+L_AES_GCM_encrypt_aesni_store_tag_16:
         movdqu	[r8], xmm0
-L_AES_GCM_encrypt_store_tag_done:
-        add	rsp, 160
+L_AES_GCM_encrypt_aesni_store_tag_done:
+        movdqu	xmm6, [rsp+160]
+        movdqu	xmm7, [rsp+176]
+        movdqu	xmm8, [rsp+192]
+        movdqu	xmm9, [rsp+208]
+        movdqu	xmm10, [rsp+224]
+        movdqu	xmm11, [rsp+240]
+        movdqu	xmm12, [rsp+256]
+        movdqu	xmm13, [rsp+272]
+        movdqu	xmm14, [rsp+288]
+        movdqu	xmm15, [rsp+304]
+        add	rsp, 320
         pop	r15
         pop	r14
         pop	rbx
@@ -1944,10 +1964,10 @@ L_AES_GCM_encrypt_store_tag_done:
         pop	rdi
         pop	r13
         ret
-AES_GCM_encrypt ENDP
+AES_GCM_encrypt_aesni ENDP
 _text ENDS
 _text SEGMENT READONLY PARA
-AES_GCM_decrypt PROC
+AES_GCM_decrypt_aesni PROC
         push	r13
         push	rdi
         push	rsi
@@ -1968,12 +1988,22 @@ AES_GCM_decrypt PROC
         mov	r15, QWORD PTR [rsp+144]
         mov	r10d, DWORD PTR [rsp+152]
         mov	rbp, QWORD PTR [rsp+160]
-        sub	rsp, 168
+        sub	rsp, 328
+        movdqu	[rsp+168], xmm6
+        movdqu	[rsp+184], xmm7
+        movdqu	[rsp+200], xmm8
+        movdqu	[rsp+216], xmm9
+        movdqu	[rsp+232], xmm10
+        movdqu	[rsp+248], xmm11
+        movdqu	[rsp+264], xmm12
+        movdqu	[rsp+280], xmm13
+        movdqu	[rsp+296], xmm14
+        movdqu	[rsp+312], xmm15
         pxor	xmm4, xmm4
         pxor	xmm6, xmm6
         cmp	ebx, 12
         mov	edx, ebx
-        jne	L_AES_GCM_decrypt_iv_not_12
+        jne	L_AES_GCM_decrypt_aesni_iv_not_12
         ; # Calculate values when IV is 12 bytes
         ; Set counter based on IV
         mov	ecx, 16777216
@@ -2013,7 +2043,7 @@ AES_GCM_decrypt PROC
         aesenc	xmm1, xmm7
         cmp	r10d, 11
         movdqa	xmm7, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_calc_iv_12_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_12_last
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+176]
@@ -2021,20 +2051,20 @@ AES_GCM_decrypt PROC
         aesenc	xmm1, xmm7
         cmp	r10d, 13
         movdqa	xmm7, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_calc_iv_12_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_12_last
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+208]
         aesenc	xmm5, xmm7
         aesenc	xmm1, xmm7
         movdqa	xmm7, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_12_last:
+L_AES_GCM_decrypt_aesni_calc_iv_12_last:
         aesenclast	xmm5, xmm7
         aesenclast	xmm1, xmm7
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         movdqu	[rsp+144], xmm1
-        jmp	L_AES_GCM_decrypt_iv_done
-L_AES_GCM_decrypt_iv_not_12:
+        jmp	L_AES_GCM_decrypt_aesni_iv_done
+L_AES_GCM_decrypt_aesni_iv_not_12:
         ; Calculate values when IV is not 12 bytes
         ; H = Encrypt X(=0)
         movdqa	xmm5, OWORD PTR [r15]
@@ -2049,27 +2079,27 @@ L_AES_GCM_decrypt_iv_not_12:
         aesenc	xmm5, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	xmm5, xmm9
         aesenc	xmm5, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last
         aesenc	xmm5, xmm9
         aesenc	xmm5, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_1_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_1_aesenc_avx_last:
         aesenclast	xmm5, xmm9
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         ; Calc counter
         ; Initialization vector
         cmp	edx, 0
         mov	rcx, 0
-        je	L_AES_GCM_decrypt_calc_iv_done
+        je	L_AES_GCM_decrypt_aesni_calc_iv_done
         cmp	edx, 16
-        jl	L_AES_GCM_decrypt_calc_iv_lt16
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_lt16
         and	edx, 4294967280
-L_AES_GCM_decrypt_calc_iv_16_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_16_loop:
         movdqu	xmm8, [rax+rcx]
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
         pxor	xmm4, xmm8
@@ -2129,22 +2159,22 @@ L_AES_GCM_decrypt_calc_iv_16_loop:
         pxor	xmm4, xmm2
         add	ecx, 16
         cmp	ecx, edx
-        jl	L_AES_GCM_decrypt_calc_iv_16_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_16_loop
         mov	edx, ebx
         cmp	ecx, edx
-        je	L_AES_GCM_decrypt_calc_iv_done
-L_AES_GCM_decrypt_calc_iv_lt16:
+        je	L_AES_GCM_decrypt_aesni_calc_iv_done
+L_AES_GCM_decrypt_aesni_calc_iv_lt16:
         sub	rsp, 16
         pxor	xmm8, xmm8
         xor	ebx, ebx
         movdqu	[rsp], xmm8
-L_AES_GCM_decrypt_calc_iv_loop:
+L_AES_GCM_decrypt_aesni_calc_iv_loop:
         movzx	r13d, BYTE PTR [rax+rcx]
         mov	BYTE PTR [rsp+rbx], r13b
         inc	ecx
         inc	ebx
         cmp	ecx, edx
-        jl	L_AES_GCM_decrypt_calc_iv_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_loop
         movdqu	xmm8, [rsp]
         add	rsp, 16
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -2203,7 +2233,7 @@ L_AES_GCM_decrypt_calc_iv_loop:
         pxor	xmm2, xmm1
         pxor	xmm2, xmm7
         pxor	xmm4, xmm2
-L_AES_GCM_decrypt_calc_iv_done:
+L_AES_GCM_decrypt_aesni_calc_iv_done:
         ; T = Encrypt counter
         pxor	xmm0, xmm0
         shl	edx, 3
@@ -2278,28 +2308,28 @@ L_AES_GCM_decrypt_calc_iv_done:
         aesenc	xmm8, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_calc_iv_2_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_calc_iv_2_aesenc_avx_last:
         aesenclast	xmm8, xmm9
         movdqu	[rsp+144], xmm8
-L_AES_GCM_decrypt_iv_done:
+L_AES_GCM_decrypt_aesni_iv_done:
         ; Additional authentication data
         mov	edx, r11d
         cmp	edx, 0
-        je	L_AES_GCM_decrypt_calc_aad_done
+        je	L_AES_GCM_decrypt_aesni_calc_aad_done
         xor	ecx, ecx
         cmp	edx, 16
-        jl	L_AES_GCM_decrypt_calc_aad_lt16
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_lt16
         and	edx, 4294967280
-L_AES_GCM_decrypt_calc_aad_16_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_16_loop:
         movdqu	xmm8, [r12+rcx]
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
         pxor	xmm6, xmm8
@@ -2359,22 +2389,22 @@ L_AES_GCM_decrypt_calc_aad_16_loop:
         pxor	xmm6, xmm2
         add	ecx, 16
         cmp	ecx, edx
-        jl	L_AES_GCM_decrypt_calc_aad_16_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_16_loop
         mov	edx, r11d
         cmp	ecx, edx
-        je	L_AES_GCM_decrypt_calc_aad_done
-L_AES_GCM_decrypt_calc_aad_lt16:
+        je	L_AES_GCM_decrypt_aesni_calc_aad_done
+L_AES_GCM_decrypt_aesni_calc_aad_lt16:
         sub	rsp, 16
         pxor	xmm8, xmm8
         xor	ebx, ebx
         movdqu	[rsp], xmm8
-L_AES_GCM_decrypt_calc_aad_loop:
+L_AES_GCM_decrypt_aesni_calc_aad_loop:
         movzx	r13d, BYTE PTR [r12+rcx]
         mov	BYTE PTR [rsp+rbx], r13b
         inc	ecx
         inc	ebx
         cmp	ecx, edx
-        jl	L_AES_GCM_decrypt_calc_aad_loop
+        jl	L_AES_GCM_decrypt_aesni_calc_aad_loop
         movdqu	xmm8, [rsp]
         add	rsp, 16
         pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
@@ -2433,7 +2463,7 @@ L_AES_GCM_decrypt_calc_aad_loop:
         pxor	xmm2, xmm1
         pxor	xmm2, xmm7
         pxor	xmm6, xmm2
-L_AES_GCM_decrypt_calc_aad_done:
+L_AES_GCM_decrypt_aesni_calc_aad_done:
         ; Calculate counter and H
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_epi64
         movdqa	xmm9, xmm5
@@ -2451,7 +2481,7 @@ L_AES_GCM_decrypt_calc_aad_done:
         xor	ebx, ebx
         cmp	r9d, 128
         mov	r13d, r9d
-        jl	L_AES_GCM_decrypt_done_128
+        jl	L_AES_GCM_decrypt_aesni_done_128
         and	r13d, 4294967168
         movdqa	xmm2, xmm6
         ; H ^ 1
@@ -2750,7 +2780,7 @@ L_AES_GCM_decrypt_calc_aad_done:
         pxor	xmm14, xmm8
         pxor	xmm7, xmm14
         movdqu	[rsp+112], xmm7
-L_AES_GCM_decrypt_ghash_128:
+L_AES_GCM_decrypt_aesni_ghash_128:
         lea	rcx, QWORD PTR [rdi+rbx]
         lea	rdx, QWORD PTR [rsi+rbx]
         movdqu	xmm8, [rsp+128]
@@ -3018,7 +3048,7 @@ L_AES_GCM_decrypt_ghash_128:
         pxor	xmm2, xmm3
         cmp	r10d, 11
         movdqa	xmm7, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -3038,7 +3068,7 @@ L_AES_GCM_decrypt_ghash_128:
         aesenc	xmm15, xmm7
         cmp	r10d, 13
         movdqa	xmm7, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_aesenc_128_ghash_avx_done
+        jl	L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done
         aesenc	xmm8, xmm7
         aesenc	xmm9, xmm7
         aesenc	xmm10, xmm7
@@ -3057,7 +3087,7 @@ L_AES_GCM_decrypt_ghash_128:
         aesenc	xmm14, xmm7
         aesenc	xmm15, xmm7
         movdqa	xmm7, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
+L_AES_GCM_decrypt_aesni_aesenc_128_ghash_avx_done:
         aesenclast	xmm8, xmm7
         aesenclast	xmm9, xmm7
         movdqu	xmm0, [rcx]
@@ -3092,18 +3122,18 @@ L_AES_GCM_decrypt_aesenc_128_ghash_avx_done:
         movdqu	[rdx+112], xmm15
         add	ebx, 128
         cmp	ebx, r13d
-        jl	L_AES_GCM_decrypt_ghash_128
+        jl	L_AES_GCM_decrypt_aesni_ghash_128
         movdqa	xmm6, xmm2
         movdqu	xmm5, [rsp]
-L_AES_GCM_decrypt_done_128:
+L_AES_GCM_decrypt_aesni_done_128:
         mov	edx, r9d
         cmp	ebx, edx
-        jge	L_AES_GCM_decrypt_done_dec
+        jge	L_AES_GCM_decrypt_aesni_done_dec
         mov	r13d, r9d
         and	r13d, 4294967280
         cmp	ebx, r13d
-        jge	L_AES_GCM_decrypt_last_block_done
-L_AES_GCM_decrypt_last_block_start:
+        jge	L_AES_GCM_decrypt_aesni_last_block_done
+L_AES_GCM_decrypt_aesni_last_block_start:
         lea	rcx, QWORD PTR [rdi+rbx]
         lea	rdx, QWORD PTR [rsi+rbx]
         movdqu	xmm1, [rcx]
@@ -3152,28 +3182,28 @@ L_AES_GCM_decrypt_last_block_start:
         pxor	xmm6, xmm3
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_aesenc_gfmul_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_gfmul_last
         aesenc	xmm8, xmm9
         aesenc	xmm8, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_gfmul_last:
+L_AES_GCM_decrypt_aesni_aesenc_gfmul_last:
         aesenclast	xmm8, xmm9
         movdqu	xmm9, [rcx]
         pxor	xmm8, xmm9
         movdqu	[rdx], xmm8
         add	ebx, 16
         cmp	ebx, r13d
-        jl	L_AES_GCM_decrypt_last_block_start
-L_AES_GCM_decrypt_last_block_done:
+        jl	L_AES_GCM_decrypt_aesni_last_block_start
+L_AES_GCM_decrypt_aesni_last_block_done:
         mov	ecx, r9d
         mov	edx, ecx
         and	ecx, 15
-        jz	L_AES_GCM_decrypt_aesenc_last15_dec_avx_done
+        jz	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done
         movdqu	xmm4, [rsp+128]
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_epi64
         pxor	xmm4, [r15]
@@ -3188,23 +3218,23 @@ L_AES_GCM_decrypt_last_block_done:
         aesenc	xmm4, [r15+144]
         cmp	r10d, 11
         movdqa	xmm9, OWORD PTR [r15+160]
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
         aesenc	xmm4, xmm9
         aesenc	xmm4, [r15+176]
         cmp	r10d, 13
         movdqa	xmm9, OWORD PTR [r15+192]
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last
         aesenc	xmm4, xmm9
         aesenc	xmm4, [r15+208]
         movdqa	xmm9, OWORD PTR [r15+224]
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_aesenc_avx_last:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_aesenc_avx_last:
         aesenclast	xmm4, xmm9
         sub	rsp, 32
         xor	ecx, ecx
         movdqu	[rsp], xmm4
         pxor	xmm0, xmm0
         movdqu	[rsp+16], xmm0
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop:
         movzx	r13d, BYTE PTR [rdi+rbx]
         mov	BYTE PTR [rsp+rcx+16], r13b
         xor	r13b, BYTE PTR [rsp+rcx]
@@ -3212,7 +3242,7 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
         inc	ebx
         inc	ecx
         cmp	ebx, edx
-        jl	L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop
+        jl	L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_loop
         movdqu	xmm4, [rsp+16]
         add	rsp, 32
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_mask
@@ -3257,8 +3287,8 @@ L_AES_GCM_decrypt_aesenc_last15_dec_avx_loop:
         pxor	xmm14, xmm13
         pxor	xmm14, xmm8
         pxor	xmm6, xmm14
-L_AES_GCM_decrypt_aesenc_last15_dec_avx_done:
-L_AES_GCM_decrypt_done_dec:
+L_AES_GCM_decrypt_aesni_aesenc_last15_dec_avx_done:
+L_AES_GCM_decrypt_aesni_done_dec:
         mov	edx, r9d
         mov	ecx, r11d
         shl	rdx, 3
@@ -3310,24 +3340,24 @@ L_AES_GCM_decrypt_done_dec:
         movdqu	xmm0, [rsp+144]
         pxor	xmm0, xmm6
         cmp	r14d, 16
-        je	L_AES_GCM_decrypt_cmp_tag_16
+        je	L_AES_GCM_decrypt_aesni_cmp_tag_16
         sub	rsp, 16
         xor	rcx, rcx
         xor	rbx, rbx
         movdqu	[rsp], xmm0
-L_AES_GCM_decrypt_cmp_tag_loop:
+L_AES_GCM_decrypt_aesni_cmp_tag_loop:
         movzx	r13d, BYTE PTR [rsp+rcx]
         xor	r13b, BYTE PTR [r8+rcx]
         or	bl, r13b
         inc	ecx
         cmp	ecx, r14d
-        jne	L_AES_GCM_decrypt_cmp_tag_loop
+        jne	L_AES_GCM_decrypt_aesni_cmp_tag_loop
         cmp	rbx, 0
         sete	bl
         add	rsp, 16
         xor	rcx, rcx
-        jmp	L_AES_GCM_decrypt_cmp_tag_done
-L_AES_GCM_decrypt_cmp_tag_16:
+        jmp	L_AES_GCM_decrypt_aesni_cmp_tag_done
+L_AES_GCM_decrypt_aesni_cmp_tag_16:
         movdqu	xmm1, [r8]
         pcmpeqb	xmm0, xmm1
         pmovmskb	rdx, xmm0
@@ -3335,9 +3365,19 @@ L_AES_GCM_decrypt_cmp_tag_16:
         xor	ebx, ebx
         cmp	edx, 65535
         sete	bl
-L_AES_GCM_decrypt_cmp_tag_done:
+L_AES_GCM_decrypt_aesni_cmp_tag_done:
         mov	DWORD PTR [rbp], ebx
-        add	rsp, 168
+        movdqu	xmm6, [rsp+168]
+        movdqu	xmm7, [rsp+184]
+        movdqu	xmm8, [rsp+200]
+        movdqu	xmm9, [rsp+216]
+        movdqu	xmm10, [rsp+232]
+        movdqu	xmm11, [rsp+248]
+        movdqu	xmm12, [rsp+264]
+        movdqu	xmm13, [rsp+280]
+        movdqu	xmm14, [rsp+296]
+        movdqu	xmm15, [rsp+312]
+        add	rsp, 328
         pop	rbp
         pop	r15
         pop	r14
@@ -3347,7 +3387,7 @@ L_AES_GCM_decrypt_cmp_tag_done:
         pop	rdi
         pop	r13
         ret
-AES_GCM_decrypt ENDP
+AES_GCM_decrypt_aesni ENDP
 _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_init_aesni PROC
@@ -3363,7 +3403,11 @@ AES_GCM_init_aesni PROC
         mov	rax, QWORD PTR [rsp+80]
         mov	r8, QWORD PTR [rsp+88]
         mov	r9, QWORD PTR [rsp+96]
-        sub	rsp, 16
+        sub	rsp, 80
+        movdqu	[rsp+16], xmm6
+        movdqu	[rsp+32], xmm7
+        movdqu	[rsp+48], xmm8
+        movdqu	[rsp+64], xmm15
         pxor	xmm4, xmm4
         mov	edx, r11d
         cmp	edx, 12
@@ -3378,53 +3422,53 @@ AES_GCM_init_aesni PROC
         movdqa	xmm1, xmm4
         movdqa	xmm5, OWORD PTR [rdi]
         pxor	xmm1, xmm5
-        movdqa	xmm7, OWORD PTR [rdi+16]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+32]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+48]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+64]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+80]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+96]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+112]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+128]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+144]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
+        movdqa	xmm6, OWORD PTR [rdi+16]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+32]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+48]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+64]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+80]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+96]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+112]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+128]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+144]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
         cmp	esi, 11
-        movdqa	xmm7, OWORD PTR [rdi+160]
+        movdqa	xmm6, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_aesni_calc_iv_12_last
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+176]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+176]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
         cmp	esi, 13
-        movdqa	xmm7, OWORD PTR [rdi+192]
+        movdqa	xmm6, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_aesni_calc_iv_12_last
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+208]
-        aesenc	xmm5, xmm7
-        aesenc	xmm1, xmm7
-        movdqa	xmm7, OWORD PTR [rdi+224]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+208]
+        aesenc	xmm5, xmm6
+        aesenc	xmm1, xmm6
+        movdqa	xmm6, OWORD PTR [rdi+224]
 L_AES_GCM_init_aesni_calc_iv_12_last:
-        aesenclast	xmm5, xmm7
-        aesenclast	xmm1, xmm7
+        aesenclast	xmm5, xmm6
+        aesenclast	xmm1, xmm6
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         movdqu	xmm15, xmm1
         jmp	L_AES_GCM_init_aesni_iv_done
@@ -3442,18 +3486,18 @@ L_AES_GCM_init_aesni_iv_not_12:
         aesenc	xmm5, [rdi+128]
         aesenc	xmm5, [rdi+144]
         cmp	esi, 11
-        movdqa	xmm9, OWORD PTR [rdi+160]
+        movdqa	xmm8, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
-        aesenc	xmm5, xmm9
+        aesenc	xmm5, xmm8
         aesenc	xmm5, [rdi+176]
         cmp	esi, 13
-        movdqa	xmm9, OWORD PTR [rdi+192]
+        movdqa	xmm8, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last
-        aesenc	xmm5, xmm9
+        aesenc	xmm5, xmm8
         aesenc	xmm5, [rdi+208]
-        movdqa	xmm9, OWORD PTR [rdi+224]
+        movdqa	xmm8, OWORD PTR [rdi+224]
 L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
-        aesenclast	xmm5, xmm9
+        aesenclast	xmm5, xmm8
         pshufb	xmm5, OWORD PTR L_aes_gcm_bswap_mask
         ; Calc counter
         ; Initialization vector
@@ -3464,9 +3508,9 @@ L_AES_GCM_init_aesni_calc_iv_1_aesenc_avx_last:
         jl	L_AES_GCM_init_aesni_calc_iv_lt16
         and	edx, 4294967280
 L_AES_GCM_init_aesni_calc_iv_16_loop:
-        movdqu	xmm8, [r10+rcx]
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
-        pxor	xmm4, xmm8
+        movdqu	xmm7, [r10+rcx]
+        pshufb	xmm7, OWORD PTR L_aes_gcm_bswap_mask
+        pxor	xmm4, xmm7
         pshufd	xmm1, xmm4, 78
         pshufd	xmm2, xmm5, 78
         movdqa	xmm3, xmm5
@@ -3479,28 +3523,28 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         pxor	xmm1, xmm0
         pxor	xmm1, xmm3
         movdqa	xmm2, xmm1
-        movdqa	xmm7, xmm0
+        movdqa	xmm6, xmm0
         movdqa	xmm4, xmm3
         pslldq	xmm2, 8
         psrldq	xmm1, 8
-        pxor	xmm7, xmm2
+        pxor	xmm6, xmm2
         pxor	xmm4, xmm1
-        movdqa	xmm0, xmm7
+        movdqa	xmm0, xmm6
         movdqa	xmm1, xmm4
         psrld	xmm0, 31
         psrld	xmm1, 31
-        pslld	xmm7, 1
+        pslld	xmm6, 1
         pslld	xmm4, 1
         movdqa	xmm2, xmm0
         pslldq	xmm0, 4
         psrldq	xmm2, 12
         pslldq	xmm1, 4
         por	xmm4, xmm2
-        por	xmm7, xmm0
+        por	xmm6, xmm0
         por	xmm4, xmm1
-        movdqa	xmm0, xmm7
-        movdqa	xmm1, xmm7
-        movdqa	xmm2, xmm7
+        movdqa	xmm0, xmm6
+        movdqa	xmm1, xmm6
+        movdqa	xmm2, xmm6
         pslld	xmm0, 31
         pslld	xmm1, 30
         pslld	xmm2, 25
@@ -3509,17 +3553,17 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         movdqa	xmm1, xmm0
         psrldq	xmm1, 4
         pslldq	xmm0, 12
-        pxor	xmm7, xmm0
-        movdqa	xmm2, xmm7
-        movdqa	xmm3, xmm7
-        movdqa	xmm0, xmm7
+        pxor	xmm6, xmm0
+        movdqa	xmm2, xmm6
+        movdqa	xmm3, xmm6
+        movdqa	xmm0, xmm6
         psrld	xmm2, 1
         psrld	xmm3, 2
         psrld	xmm0, 7
         pxor	xmm2, xmm3
         pxor	xmm2, xmm0
         pxor	xmm2, xmm1
-        pxor	xmm2, xmm7
+        pxor	xmm2, xmm6
         pxor	xmm4, xmm2
         add	ecx, 16
         cmp	ecx, edx
@@ -3529,9 +3573,9 @@ L_AES_GCM_init_aesni_calc_iv_16_loop:
         je	L_AES_GCM_init_aesni_calc_iv_done
 L_AES_GCM_init_aesni_calc_iv_lt16:
         sub	rsp, 16
-        pxor	xmm8, xmm8
+        pxor	xmm7, xmm7
         xor	r13d, r13d
-        movdqu	[rsp], xmm8
+        movdqu	[rsp], xmm7
 L_AES_GCM_init_aesni_calc_iv_loop:
         movzx	r12d, BYTE PTR [r10+rcx]
         mov	BYTE PTR [rsp+r13], r12b
@@ -3539,10 +3583,10 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         inc	r13d
         cmp	ecx, edx
         jl	L_AES_GCM_init_aesni_calc_iv_loop
-        movdqu	xmm8, [rsp]
+        movdqu	xmm7, [rsp]
         add	rsp, 16
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
-        pxor	xmm4, xmm8
+        pshufb	xmm7, OWORD PTR L_aes_gcm_bswap_mask
+        pxor	xmm4, xmm7
         pshufd	xmm1, xmm4, 78
         pshufd	xmm2, xmm5, 78
         movdqa	xmm3, xmm5
@@ -3555,28 +3599,28 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         pxor	xmm1, xmm0
         pxor	xmm1, xmm3
         movdqa	xmm2, xmm1
-        movdqa	xmm7, xmm0
+        movdqa	xmm6, xmm0
         movdqa	xmm4, xmm3
         pslldq	xmm2, 8
         psrldq	xmm1, 8
-        pxor	xmm7, xmm2
+        pxor	xmm6, xmm2
         pxor	xmm4, xmm1
-        movdqa	xmm0, xmm7
+        movdqa	xmm0, xmm6
         movdqa	xmm1, xmm4
         psrld	xmm0, 31
         psrld	xmm1, 31
-        pslld	xmm7, 1
+        pslld	xmm6, 1
         pslld	xmm4, 1
         movdqa	xmm2, xmm0
         pslldq	xmm0, 4
         psrldq	xmm2, 12
         pslldq	xmm1, 4
         por	xmm4, xmm2
-        por	xmm7, xmm0
+        por	xmm6, xmm0
         por	xmm4, xmm1
-        movdqa	xmm0, xmm7
-        movdqa	xmm1, xmm7
-        movdqa	xmm2, xmm7
+        movdqa	xmm0, xmm6
+        movdqa	xmm1, xmm6
+        movdqa	xmm2, xmm6
         pslld	xmm0, 31
         pslld	xmm1, 30
         pslld	xmm2, 25
@@ -3585,17 +3629,17 @@ L_AES_GCM_init_aesni_calc_iv_loop:
         movdqa	xmm1, xmm0
         psrldq	xmm1, 4
         pslldq	xmm0, 12
-        pxor	xmm7, xmm0
-        movdqa	xmm2, xmm7
-        movdqa	xmm3, xmm7
-        movdqa	xmm0, xmm7
+        pxor	xmm6, xmm0
+        movdqa	xmm2, xmm6
+        movdqa	xmm3, xmm6
+        movdqa	xmm0, xmm6
         psrld	xmm2, 1
         psrld	xmm3, 2
         psrld	xmm0, 7
         pxor	xmm2, xmm3
         pxor	xmm2, xmm0
         pxor	xmm2, xmm1
-        pxor	xmm2, xmm7
+        pxor	xmm2, xmm6
         pxor	xmm4, xmm2
 L_AES_GCM_init_aesni_calc_iv_done:
         ; T = Encrypt counter
@@ -3615,28 +3659,28 @@ L_AES_GCM_init_aesni_calc_iv_done:
         pxor	xmm1, xmm0
         pxor	xmm1, xmm3
         movdqa	xmm2, xmm1
-        movdqa	xmm7, xmm0
+        movdqa	xmm6, xmm0
         movdqa	xmm4, xmm3
         pslldq	xmm2, 8
         psrldq	xmm1, 8
-        pxor	xmm7, xmm2
+        pxor	xmm6, xmm2
         pxor	xmm4, xmm1
-        movdqa	xmm0, xmm7
+        movdqa	xmm0, xmm6
         movdqa	xmm1, xmm4
         psrld	xmm0, 31
         psrld	xmm1, 31
-        pslld	xmm7, 1
+        pslld	xmm6, 1
         pslld	xmm4, 1
         movdqa	xmm2, xmm0
         pslldq	xmm0, 4
         psrldq	xmm2, 12
         pslldq	xmm1, 4
         por	xmm4, xmm2
-        por	xmm7, xmm0
+        por	xmm6, xmm0
         por	xmm4, xmm1
-        movdqa	xmm0, xmm7
-        movdqa	xmm1, xmm7
-        movdqa	xmm2, xmm7
+        movdqa	xmm0, xmm6
+        movdqa	xmm1, xmm6
+        movdqa	xmm2, xmm6
         pslld	xmm0, 31
         pslld	xmm1, 30
         pslld	xmm2, 25
@@ -3645,52 +3689,56 @@ L_AES_GCM_init_aesni_calc_iv_done:
         movdqa	xmm1, xmm0
         psrldq	xmm1, 4
         pslldq	xmm0, 12
-        pxor	xmm7, xmm0
-        movdqa	xmm2, xmm7
-        movdqa	xmm3, xmm7
-        movdqa	xmm0, xmm7
+        pxor	xmm6, xmm0
+        movdqa	xmm2, xmm6
+        movdqa	xmm3, xmm6
+        movdqa	xmm0, xmm6
         psrld	xmm2, 1
         psrld	xmm3, 2
         psrld	xmm0, 7
         pxor	xmm2, xmm3
         pxor	xmm2, xmm0
         pxor	xmm2, xmm1
-        pxor	xmm2, xmm7
+        pxor	xmm2, xmm6
         pxor	xmm4, xmm2
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_mask
         ;   Encrypt counter
-        movdqa	xmm8, OWORD PTR [rdi]
-        pxor	xmm8, xmm4
-        aesenc	xmm8, [rdi+16]
-        aesenc	xmm8, [rdi+32]
-        aesenc	xmm8, [rdi+48]
-        aesenc	xmm8, [rdi+64]
-        aesenc	xmm8, [rdi+80]
-        aesenc	xmm8, [rdi+96]
-        aesenc	xmm8, [rdi+112]
-        aesenc	xmm8, [rdi+128]
-        aesenc	xmm8, [rdi+144]
+        movdqa	xmm7, OWORD PTR [rdi]
+        pxor	xmm7, xmm4
+        aesenc	xmm7, [rdi+16]
+        aesenc	xmm7, [rdi+32]
+        aesenc	xmm7, [rdi+48]
+        aesenc	xmm7, [rdi+64]
+        aesenc	xmm7, [rdi+80]
+        aesenc	xmm7, [rdi+96]
+        aesenc	xmm7, [rdi+112]
+        aesenc	xmm7, [rdi+128]
+        aesenc	xmm7, [rdi+144]
         cmp	esi, 11
-        movdqa	xmm9, OWORD PTR [rdi+160]
+        movdqa	xmm8, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
-        aesenc	xmm8, xmm9
-        aesenc	xmm8, [rdi+176]
+        aesenc	xmm7, xmm8
+        aesenc	xmm7, [rdi+176]
         cmp	esi, 13
-        movdqa	xmm9, OWORD PTR [rdi+192]
+        movdqa	xmm8, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last
-        aesenc	xmm8, xmm9
-        aesenc	xmm8, [rdi+208]
-        movdqa	xmm9, OWORD PTR [rdi+224]
+        aesenc	xmm7, xmm8
+        aesenc	xmm7, [rdi+208]
+        movdqa	xmm8, OWORD PTR [rdi+224]
 L_AES_GCM_init_aesni_calc_iv_2_aesenc_avx_last:
-        aesenclast	xmm8, xmm9
-        movdqu	xmm15, xmm8
+        aesenclast	xmm7, xmm8
+        movdqu	xmm15, xmm7
 L_AES_GCM_init_aesni_iv_done:
         movdqa	OWORD PTR [r9], xmm15
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_epi64
         paddd	xmm4, OWORD PTR L_aes_gcm_one
         movdqa	OWORD PTR [rax], xmm5
         movdqa	OWORD PTR [r8], xmm4
-        add	rsp, 16
+        movdqu	xmm6, [rsp+16]
+        movdqu	xmm7, [rsp+32]
+        movdqu	xmm8, [rsp+48]
+        movdqu	xmm15, [rsp+64]
+        add	rsp, 80
         pop	r14
         pop	r13
         pop	r12
@@ -3702,13 +3750,16 @@ _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_aad_update_aesni PROC
         mov	rax, rcx
+        sub	rsp, 32
+        movdqu	[rsp], xmm6
+        movdqu	[rsp+16], xmm7
         movdqa	xmm5, OWORD PTR [r8]
         movdqa	xmm6, OWORD PTR [r9]
         xor	ecx, ecx
 L_AES_GCM_aad_update_aesni_16_loop:
-        movdqu	xmm8, [rax+rcx]
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
-        pxor	xmm5, xmm8
+        movdqu	xmm7, [rax+rcx]
+        pshufb	xmm7, OWORD PTR L_aes_gcm_bswap_mask
+        pxor	xmm5, xmm7
         pshufd	xmm1, xmm5, 78
         pshufd	xmm2, xmm6, 78
         movdqa	xmm3, xmm6
@@ -3767,6 +3818,9 @@ L_AES_GCM_aad_update_aesni_16_loop:
         cmp	ecx, edx
         jl	L_AES_GCM_aad_update_aesni_16_loop
         movdqa	OWORD PTR [r8], xmm5
+        movdqu	xmm6, [rsp]
+        movdqu	xmm7, [rsp+16]
+        add	rsp, 32
         ret
 AES_GCM_aad_update_aesni ENDP
 _text ENDS
@@ -3775,48 +3829,51 @@ AES_GCM_encrypt_block_aesni PROC
         mov	r10, r8
         mov	r11, r9
         mov	rax, QWORD PTR [rsp+40]
-        movdqu	xmm8, [rax]
-        movdqa	xmm9, xmm8
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_epi64
-        paddd	xmm9, OWORD PTR L_aes_gcm_one
-        pxor	xmm8, [rcx]
-        movdqu	[rax], xmm9
-        aesenc	xmm8, [rcx+16]
-        aesenc	xmm8, [rcx+32]
-        aesenc	xmm8, [rcx+48]
-        aesenc	xmm8, [rcx+64]
-        aesenc	xmm8, [rcx+80]
-        aesenc	xmm8, [rcx+96]
-        aesenc	xmm8, [rcx+112]
-        aesenc	xmm8, [rcx+128]
-        aesenc	xmm8, [rcx+144]
+        movdqu	xmm0, [rax]
+        movdqa	xmm1, xmm0
+        pshufb	xmm0, OWORD PTR L_aes_gcm_bswap_epi64
+        paddd	xmm1, OWORD PTR L_aes_gcm_one
+        pxor	xmm0, [rcx]
+        movdqu	[rax], xmm1
+        aesenc	xmm0, [rcx+16]
+        aesenc	xmm0, [rcx+32]
+        aesenc	xmm0, [rcx+48]
+        aesenc	xmm0, [rcx+64]
+        aesenc	xmm0, [rcx+80]
+        aesenc	xmm0, [rcx+96]
+        aesenc	xmm0, [rcx+112]
+        aesenc	xmm0, [rcx+128]
+        aesenc	xmm0, [rcx+144]
         cmp	edx, 11
-        movdqa	xmm9, OWORD PTR [rcx+160]
+        movdqa	xmm1, OWORD PTR [rcx+160]
         jl	L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
-        aesenc	xmm8, xmm9
-        aesenc	xmm8, [rcx+176]
+        aesenc	xmm0, xmm1
+        aesenc	xmm0, [rcx+176]
         cmp	edx, 13
-        movdqa	xmm9, OWORD PTR [rcx+192]
+        movdqa	xmm1, OWORD PTR [rcx+192]
         jl	L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last
-        aesenc	xmm8, xmm9
-        aesenc	xmm8, [rcx+208]
-        movdqa	xmm9, OWORD PTR [rcx+224]
+        aesenc	xmm0, xmm1
+        aesenc	xmm0, [rcx+208]
+        movdqa	xmm1, OWORD PTR [rcx+224]
 L_AES_GCM_encrypt_block_aesni_aesenc_block_aesenc_avx_last:
-        aesenclast	xmm8, xmm9
-        movdqu	xmm9, [r11]
-        pxor	xmm8, xmm9
-        movdqu	[r10], xmm8
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
+        aesenclast	xmm0, xmm1
+        movdqu	xmm1, [r11]
+        pxor	xmm0, xmm1
+        movdqu	[r10], xmm0
+        pshufb	xmm0, OWORD PTR L_aes_gcm_bswap_mask
         ret
 AES_GCM_encrypt_block_aesni ENDP
 _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_ghash_block_aesni PROC
+        sub	rsp, 32
+        movdqu	[rsp], xmm6
+        movdqu	[rsp+16], xmm7
         movdqa	xmm4, OWORD PTR [rdx]
         movdqa	xmm5, OWORD PTR [r8]
-        movdqu	xmm8, [rcx]
-        pshufb	xmm8, OWORD PTR L_aes_gcm_bswap_mask
-        pxor	xmm4, xmm8
+        movdqu	xmm7, [rcx]
+        pshufb	xmm7, OWORD PTR L_aes_gcm_bswap_mask
+        pxor	xmm4, xmm7
         pshufd	xmm1, xmm4, 78
         pshufd	xmm2, xmm5, 78
         movdqa	xmm3, xmm5
@@ -3872,6 +3929,9 @@ AES_GCM_ghash_block_aesni PROC
         pxor	xmm2, xmm6
         pxor	xmm4, xmm2
         movdqa	OWORD PTR [rdx], xmm4
+        movdqu	xmm6, [rsp]
+        movdqu	xmm7, [rsp+16]
+        add	rsp, 32
         ret
 AES_GCM_ghash_block_aesni ENDP
 _text ENDS
@@ -3890,7 +3950,17 @@ AES_GCM_encrypt_update_aesni PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	r15, QWORD PTR [rsp+104]
-        sub	rsp, 160
+        sub	rsp, 320
+        movdqu	[rsp+160], xmm6
+        movdqu	[rsp+176], xmm7
+        movdqu	[rsp+192], xmm8
+        movdqu	[rsp+208], xmm9
+        movdqu	[rsp+224], xmm10
+        movdqu	[rsp+240], xmm11
+        movdqu	[rsp+256], xmm12
+        movdqu	[rsp+272], xmm13
+        movdqu	[rsp+288], xmm14
+        movdqu	[rsp+304], xmm15
         movdqa	xmm6, OWORD PTR [r12]
         movdqa	xmm5, OWORD PTR [r14]
         movdqa	xmm9, xmm5
@@ -5085,7 +5155,17 @@ L_AES_GCM_encrypt_update_aesni_last_block_ghash:
 L_AES_GCM_encrypt_update_aesni_last_block_done:
 L_AES_GCM_encrypt_update_aesni_done_enc:
         movdqa	OWORD PTR [r12], xmm6
-        add	rsp, 160
+        movdqu	xmm6, [rsp+160]
+        movdqu	xmm7, [rsp+176]
+        movdqu	xmm8, [rsp+192]
+        movdqu	xmm9, [rsp+208]
+        movdqu	xmm10, [rsp+224]
+        movdqu	xmm11, [rsp+240]
+        movdqu	xmm12, [rsp+256]
+        movdqu	xmm13, [rsp+272]
+        movdqu	xmm14, [rsp+288]
+        movdqu	xmm15, [rsp+304]
+        add	rsp, 320
         pop	rdi
         pop	r15
         pop	r14
@@ -5105,20 +5185,28 @@ AES_GCM_encrypt_final_aesni PROC
         mov	r11d, DWORD PTR [rsp+64]
         mov	r12, QWORD PTR [rsp+72]
         mov	r14, QWORD PTR [rsp+80]
-        sub	rsp, 16
+        sub	rsp, 144
+        movdqu	[rsp+16], xmm6
+        movdqu	[rsp+32], xmm7
+        movdqu	[rsp+48], xmm8
+        movdqu	[rsp+64], xmm9
+        movdqu	[rsp+80], xmm10
+        movdqu	[rsp+96], xmm11
+        movdqu	[rsp+112], xmm12
+        movdqu	[rsp+128], xmm13
         movdqa	xmm4, OWORD PTR [rax]
         movdqa	xmm5, OWORD PTR [r12]
         movdqa	xmm6, OWORD PTR [r14]
-        movdqa	xmm9, xmm5
         movdqa	xmm8, xmm5
-        psrlq	xmm9, 63
-        psllq	xmm8, 1
-        pslldq	xmm9, 8
-        por	xmm8, xmm9
+        movdqa	xmm7, xmm5
+        psrlq	xmm8, 63
+        psllq	xmm7, 1
+        pslldq	xmm8, 8
+        por	xmm7, xmm8
         pshufd	xmm5, xmm5, 255
         psrad	xmm5, 31
         pand	xmm5, OWORD PTR L_aes_gcm_mod2_128
-        pxor	xmm5, xmm8
+        pxor	xmm5, xmm7
         mov	edx, r10d
         mov	ecx, r11d
         shl	rdx, 3
@@ -5126,46 +5214,46 @@ AES_GCM_encrypt_final_aesni PROC
         pinsrq	xmm0, rdx, 0
         pinsrq	xmm0, rcx, 1
         pxor	xmm4, xmm0
-        pshufd	xmm9, xmm5, 78
-        pshufd	xmm10, xmm4, 78
-        movdqa	xmm11, xmm4
-        movdqa	xmm8, xmm4
-        pclmulqdq	xmm11, xmm5, 17
-        pclmulqdq	xmm8, xmm5, 0
-        pxor	xmm9, xmm5
-        pxor	xmm10, xmm4
-        pclmulqdq	xmm9, xmm10, 0
-        pxor	xmm9, xmm8
-        pxor	xmm9, xmm11
-        movdqa	xmm10, xmm9
-        movdqa	xmm4, xmm11
-        pslldq	xmm10, 8
-        psrldq	xmm9, 8
+        pshufd	xmm8, xmm5, 78
+        pshufd	xmm9, xmm4, 78
+        movdqa	xmm10, xmm4
+        movdqa	xmm7, xmm4
+        pclmulqdq	xmm10, xmm5, 17
+        pclmulqdq	xmm7, xmm5, 0
+        pxor	xmm8, xmm5
+        pxor	xmm9, xmm4
+        pclmulqdq	xmm8, xmm9, 0
+        pxor	xmm8, xmm7
         pxor	xmm8, xmm10
-        pxor	xmm4, xmm9
-        movdqa	xmm12, xmm8
-        movdqa	xmm13, xmm8
-        movdqa	xmm14, xmm8
-        pslld	xmm12, 31
-        pslld	xmm13, 30
-        pslld	xmm14, 25
-        pxor	xmm12, xmm13
-        pxor	xmm12, xmm14
-        movdqa	xmm13, xmm12
-        psrldq	xmm13, 4
-        pslldq	xmm12, 12
-        pxor	xmm8, xmm12
-        movdqa	xmm14, xmm8
-        movdqa	xmm10, xmm8
         movdqa	xmm9, xmm8
-        psrld	xmm14, 1
-        psrld	xmm10, 2
-        psrld	xmm9, 7
-        pxor	xmm14, xmm10
-        pxor	xmm14, xmm9
-        pxor	xmm14, xmm13
-        pxor	xmm14, xmm8
-        pxor	xmm4, xmm14
+        movdqa	xmm4, xmm10
+        pslldq	xmm9, 8
+        psrldq	xmm8, 8
+        pxor	xmm7, xmm9
+        pxor	xmm4, xmm8
+        movdqa	xmm11, xmm7
+        movdqa	xmm12, xmm7
+        movdqa	xmm13, xmm7
+        pslld	xmm11, 31
+        pslld	xmm12, 30
+        pslld	xmm13, 25
+        pxor	xmm11, xmm12
+        pxor	xmm11, xmm13
+        movdqa	xmm12, xmm11
+        psrldq	xmm12, 4
+        pslldq	xmm11, 12
+        pxor	xmm7, xmm11
+        movdqa	xmm13, xmm7
+        movdqa	xmm9, xmm7
+        movdqa	xmm8, xmm7
+        psrld	xmm13, 1
+        psrld	xmm9, 2
+        psrld	xmm8, 7
+        pxor	xmm13, xmm9
+        pxor	xmm13, xmm8
+        pxor	xmm13, xmm12
+        pxor	xmm13, xmm7
+        pxor	xmm4, xmm13
         pshufb	xmm4, OWORD PTR L_aes_gcm_bswap_mask
         movdqu	xmm0, xmm6
         pxor	xmm0, xmm4
@@ -5183,7 +5271,15 @@ L_AES_GCM_encrypt_final_aesni_store_tag_loop:
 L_AES_GCM_encrypt_final_aesni_store_tag_16:
         movdqu	[r9], xmm0
 L_AES_GCM_encrypt_final_aesni_store_tag_done:
-        add	rsp, 16
+        movdqu	xmm6, [rsp+16]
+        movdqu	xmm7, [rsp+32]
+        movdqu	xmm8, [rsp+48]
+        movdqu	xmm9, [rsp+64]
+        movdqu	xmm10, [rsp+80]
+        movdqu	xmm11, [rsp+96]
+        movdqu	xmm12, [rsp+112]
+        movdqu	xmm13, [rsp+128]
+        add	rsp, 144
         pop	r14
         pop	r12
         pop	r13
@@ -5206,7 +5302,17 @@ AES_GCM_decrypt_update_aesni PROC
         mov	r12, QWORD PTR [rsp+96]
         mov	r14, QWORD PTR [rsp+104]
         mov	r15, QWORD PTR [rsp+112]
-        sub	rsp, 168
+        sub	rsp, 328
+        movdqu	[rsp+168], xmm6
+        movdqu	[rsp+184], xmm7
+        movdqu	[rsp+200], xmm8
+        movdqu	[rsp+216], xmm9
+        movdqu	[rsp+232], xmm10
+        movdqu	[rsp+248], xmm11
+        movdqu	[rsp+264], xmm12
+        movdqu	[rsp+280], xmm13
+        movdqu	[rsp+296], xmm14
+        movdqu	[rsp+312], xmm15
         movdqa	xmm6, OWORD PTR [r12]
         movdqa	xmm5, OWORD PTR [r14]
         movdqa	xmm9, xmm5
@@ -5943,7 +6049,17 @@ L_AES_GCM_decrypt_update_aesni_aesenc_gfmul_last:
 L_AES_GCM_decrypt_update_aesni_last_block_done:
 L_AES_GCM_decrypt_update_aesni_done_dec:
         movdqa	OWORD PTR [r12], xmm6
-        add	rsp, 168
+        movdqu	xmm6, [rsp+168]
+        movdqu	xmm7, [rsp+184]
+        movdqu	xmm8, [rsp+200]
+        movdqu	xmm9, [rsp+216]
+        movdqu	xmm10, [rsp+232]
+        movdqu	xmm11, [rsp+248]
+        movdqu	xmm12, [rsp+264]
+        movdqu	xmm13, [rsp+280]
+        movdqu	xmm14, [rsp+296]
+        movdqu	xmm15, [rsp+312]
+        add	rsp, 328
         pop	rsi
         pop	rdi
         pop	r15
@@ -5967,20 +6083,29 @@ AES_GCM_decrypt_final_aesni PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	rbp, QWORD PTR [rsp+104]
-        sub	rsp, 16
+        sub	rsp, 160
+        movdqu	[rsp+16], xmm6
+        movdqu	[rsp+32], xmm7
+        movdqu	[rsp+48], xmm8
+        movdqu	[rsp+64], xmm9
+        movdqu	[rsp+80], xmm10
+        movdqu	[rsp+96], xmm11
+        movdqu	[rsp+112], xmm12
+        movdqu	[rsp+128], xmm13
+        movdqu	[rsp+144], xmm15
         movdqa	xmm6, OWORD PTR [rax]
         movdqa	xmm5, OWORD PTR [r12]
         movdqa	xmm15, OWORD PTR [r14]
-        movdqa	xmm9, xmm5
         movdqa	xmm8, xmm5
-        psrlq	xmm9, 63
-        psllq	xmm8, 1
-        pslldq	xmm9, 8
-        por	xmm8, xmm9
+        movdqa	xmm7, xmm5
+        psrlq	xmm8, 63
+        psllq	xmm7, 1
+        pslldq	xmm8, 8
+        por	xmm7, xmm8
         pshufd	xmm5, xmm5, 255
         psrad	xmm5, 31
         pand	xmm5, OWORD PTR L_aes_gcm_mod2_128
-        pxor	xmm5, xmm8
+        pxor	xmm5, xmm7
         mov	edx, r10d
         mov	ecx, r11d
         shl	rdx, 3
@@ -5988,46 +6113,46 @@ AES_GCM_decrypt_final_aesni PROC
         pinsrq	xmm0, rdx, 0
         pinsrq	xmm0, rcx, 1
         pxor	xmm6, xmm0
-        pshufd	xmm9, xmm5, 78
-        pshufd	xmm10, xmm6, 78
-        movdqa	xmm11, xmm6
-        movdqa	xmm8, xmm6
-        pclmulqdq	xmm11, xmm5, 17
-        pclmulqdq	xmm8, xmm5, 0
-        pxor	xmm9, xmm5
-        pxor	xmm10, xmm6
-        pclmulqdq	xmm9, xmm10, 0
-        pxor	xmm9, xmm8
-        pxor	xmm9, xmm11
-        movdqa	xmm10, xmm9
-        movdqa	xmm6, xmm11
-        pslldq	xmm10, 8
-        psrldq	xmm9, 8
+        pshufd	xmm8, xmm5, 78
+        pshufd	xmm9, xmm6, 78
+        movdqa	xmm10, xmm6
+        movdqa	xmm7, xmm6
+        pclmulqdq	xmm10, xmm5, 17
+        pclmulqdq	xmm7, xmm5, 0
+        pxor	xmm8, xmm5
+        pxor	xmm9, xmm6
+        pclmulqdq	xmm8, xmm9, 0
+        pxor	xmm8, xmm7
         pxor	xmm8, xmm10
-        pxor	xmm6, xmm9
-        movdqa	xmm12, xmm8
-        movdqa	xmm13, xmm8
-        movdqa	xmm14, xmm8
-        pslld	xmm12, 31
-        pslld	xmm13, 30
-        pslld	xmm14, 25
-        pxor	xmm12, xmm13
-        pxor	xmm12, xmm14
-        movdqa	xmm13, xmm12
-        psrldq	xmm13, 4
-        pslldq	xmm12, 12
-        pxor	xmm8, xmm12
-        movdqa	xmm14, xmm8
-        movdqa	xmm10, xmm8
         movdqa	xmm9, xmm8
-        psrld	xmm14, 1
-        psrld	xmm10, 2
-        psrld	xmm9, 7
-        pxor	xmm14, xmm10
-        pxor	xmm14, xmm9
-        pxor	xmm14, xmm13
-        pxor	xmm14, xmm8
-        pxor	xmm6, xmm14
+        movdqa	xmm6, xmm10
+        pslldq	xmm9, 8
+        psrldq	xmm8, 8
+        pxor	xmm7, xmm9
+        pxor	xmm6, xmm8
+        movdqa	xmm11, xmm7
+        movdqa	xmm12, xmm7
+        movdqa	xmm13, xmm7
+        pslld	xmm11, 31
+        pslld	xmm12, 30
+        pslld	xmm13, 25
+        pxor	xmm11, xmm12
+        pxor	xmm11, xmm13
+        movdqa	xmm12, xmm11
+        psrldq	xmm12, 4
+        pslldq	xmm11, 12
+        pxor	xmm7, xmm11
+        movdqa	xmm13, xmm7
+        movdqa	xmm9, xmm7
+        movdqa	xmm8, xmm7
+        psrld	xmm13, 1
+        psrld	xmm9, 2
+        psrld	xmm8, 7
+        pxor	xmm13, xmm9
+        pxor	xmm13, xmm8
+        pxor	xmm13, xmm12
+        pxor	xmm13, xmm7
+        pxor	xmm6, xmm13
         pshufb	xmm6, OWORD PTR L_aes_gcm_bswap_mask
         movdqu	xmm0, xmm15
         pxor	xmm0, xmm6
@@ -6059,7 +6184,16 @@ L_AES_GCM_decrypt_final_aesni_cmp_tag_16:
         sete	r15b
 L_AES_GCM_decrypt_final_aesni_cmp_tag_done:
         mov	DWORD PTR [rbp], r15d
-        add	rsp, 16
+        movdqu	xmm6, [rsp+16]
+        movdqu	xmm7, [rsp+32]
+        movdqu	xmm8, [rsp+48]
+        movdqu	xmm9, [rsp+64]
+        movdqu	xmm10, [rsp+80]
+        movdqu	xmm11, [rsp+96]
+        movdqu	xmm12, [rsp+112]
+        movdqu	xmm13, [rsp+128]
+        movdqu	xmm15, [rsp+144]
+        add	rsp, 160
         pop	r15
         pop	rbp
         pop	r14
@@ -6144,7 +6278,17 @@ AES_GCM_encrypt_avx1 PROC
         mov	r14d, DWORD PTR [rsp+128]
         mov	r15, QWORD PTR [rsp+136]
         mov	r10d, DWORD PTR [rsp+144]
-        sub	rsp, 160
+        sub	rsp, 320
+        vmovdqu	OWORD PTR [rsp+160], xmm6
+        vmovdqu	OWORD PTR [rsp+176], xmm7
+        vmovdqu	OWORD PTR [rsp+192], xmm8
+        vmovdqu	OWORD PTR [rsp+208], xmm9
+        vmovdqu	OWORD PTR [rsp+224], xmm10
+        vmovdqu	OWORD PTR [rsp+240], xmm11
+        vmovdqu	OWORD PTR [rsp+256], xmm12
+        vmovdqu	OWORD PTR [rsp+272], xmm13
+        vmovdqu	OWORD PTR [rsp+288], xmm14
+        vmovdqu	OWORD PTR [rsp+304], xmm15
         vpxor	xmm4, xmm4, xmm4
         vpxor	xmm6, xmm6, xmm6
         mov	edx, ebx
@@ -7692,7 +7836,17 @@ L_AES_GCM_encrypt_avx1_store_tag_16:
         vmovdqu	OWORD PTR [r8], xmm0
 L_AES_GCM_encrypt_avx1_store_tag_done:
         vzeroupper
-        add	rsp, 160
+        vmovdqu	xmm6, OWORD PTR [rsp+160]
+        vmovdqu	xmm7, OWORD PTR [rsp+176]
+        vmovdqu	xmm8, OWORD PTR [rsp+192]
+        vmovdqu	xmm9, OWORD PTR [rsp+208]
+        vmovdqu	xmm10, OWORD PTR [rsp+224]
+        vmovdqu	xmm11, OWORD PTR [rsp+240]
+        vmovdqu	xmm12, OWORD PTR [rsp+256]
+        vmovdqu	xmm13, OWORD PTR [rsp+272]
+        vmovdqu	xmm14, OWORD PTR [rsp+288]
+        vmovdqu	xmm15, OWORD PTR [rsp+304]
+        add	rsp, 320
         pop	r15
         pop	r14
         pop	rbx
@@ -7725,7 +7879,17 @@ AES_GCM_decrypt_avx1 PROC
         mov	r15, QWORD PTR [rsp+144]
         mov	r10d, DWORD PTR [rsp+152]
         mov	rbp, QWORD PTR [rsp+160]
-        sub	rsp, 168
+        sub	rsp, 328
+        vmovdqu	OWORD PTR [rsp+168], xmm6
+        vmovdqu	OWORD PTR [rsp+184], xmm7
+        vmovdqu	OWORD PTR [rsp+200], xmm8
+        vmovdqu	OWORD PTR [rsp+216], xmm9
+        vmovdqu	OWORD PTR [rsp+232], xmm10
+        vmovdqu	OWORD PTR [rsp+248], xmm11
+        vmovdqu	OWORD PTR [rsp+264], xmm12
+        vmovdqu	OWORD PTR [rsp+280], xmm13
+        vmovdqu	OWORD PTR [rsp+296], xmm14
+        vmovdqu	OWORD PTR [rsp+312], xmm15
         vpxor	xmm4, xmm4, xmm4
         vpxor	xmm6, xmm6, xmm6
         cmp	ebx, 12
@@ -8864,7 +9028,17 @@ L_AES_GCM_decrypt_avx1_cmp_tag_16:
 L_AES_GCM_decrypt_avx1_cmp_tag_done:
         mov	DWORD PTR [rbp], ebx
         vzeroupper
-        add	rsp, 168
+        vmovdqu	xmm6, OWORD PTR [rsp+168]
+        vmovdqu	xmm7, OWORD PTR [rsp+184]
+        vmovdqu	xmm8, OWORD PTR [rsp+200]
+        vmovdqu	xmm9, OWORD PTR [rsp+216]
+        vmovdqu	xmm10, OWORD PTR [rsp+232]
+        vmovdqu	xmm11, OWORD PTR [rsp+248]
+        vmovdqu	xmm12, OWORD PTR [rsp+264]
+        vmovdqu	xmm13, OWORD PTR [rsp+280]
+        vmovdqu	xmm14, OWORD PTR [rsp+296]
+        vmovdqu	xmm15, OWORD PTR [rsp+312]
+        add	rsp, 328
         pop	rbp
         pop	r15
         pop	r14
@@ -8889,7 +9063,11 @@ AES_GCM_init_avx1 PROC
         mov	rax, QWORD PTR [rsp+72]
         mov	r8, QWORD PTR [rsp+80]
         mov	r9, QWORD PTR [rsp+88]
-        sub	rsp, 16
+        sub	rsp, 80
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
+        vmovdqu	OWORD PTR [rsp+48], xmm8
+        vmovdqu	OWORD PTR [rsp+64], xmm15
         vpxor	xmm4, xmm4, xmm4
         mov	edx, r11d
         cmp	edx, 12
@@ -8903,53 +9081,53 @@ AES_GCM_init_avx1 PROC
         ; H = Encrypt X(=0) and T = Encrypt counter
         vmovdqa	xmm5, OWORD PTR [rdi]
         vpxor	xmm1, xmm4, xmm5
-        vmovdqa	xmm7, OWORD PTR [rdi+16]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+32]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+48]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+64]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+80]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+96]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+112]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+128]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+144]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
+        vmovdqa	xmm6, OWORD PTR [rdi+16]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+32]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+48]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+64]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+80]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+96]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+112]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+128]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+144]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
         cmp	esi, 11
-        vmovdqa	xmm7, OWORD PTR [rdi+160]
+        vmovdqa	xmm6, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_avx1_calc_iv_12_last
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+176]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+176]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
         cmp	esi, 13
-        vmovdqa	xmm7, OWORD PTR [rdi+192]
+        vmovdqa	xmm6, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_avx1_calc_iv_12_last
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+208]
-        vaesenc	xmm5, xmm5, xmm7
-        vaesenc	xmm1, xmm1, xmm7
-        vmovdqa	xmm7, OWORD PTR [rdi+224]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+208]
+        vaesenc	xmm5, xmm5, xmm6
+        vaesenc	xmm1, xmm1, xmm6
+        vmovdqa	xmm6, OWORD PTR [rdi+224]
 L_AES_GCM_init_avx1_calc_iv_12_last:
-        vaesenclast	xmm5, xmm5, xmm7
-        vaesenclast	xmm1, xmm1, xmm7
+        vaesenclast	xmm5, xmm5, xmm6
+        vaesenclast	xmm1, xmm1, xmm6
         vpshufb	xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_bswap_mask
         vmovdqu	xmm15, xmm1
         jmp	L_AES_GCM_init_avx1_iv_done
@@ -8967,18 +9145,18 @@ L_AES_GCM_init_avx1_iv_not_12:
         vaesenc	xmm5, xmm5, [rdi+128]
         vaesenc	xmm5, xmm5, [rdi+144]
         cmp	esi, 11
-        vmovdqa	xmm9, OWORD PTR [rdi+160]
+        vmovdqa	xmm8, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
-        vaesenc	xmm5, xmm5, xmm9
+        vaesenc	xmm5, xmm5, xmm8
         vaesenc	xmm5, xmm5, [rdi+176]
         cmp	esi, 13
-        vmovdqa	xmm9, OWORD PTR [rdi+192]
+        vmovdqa	xmm8, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last
-        vaesenc	xmm5, xmm5, xmm9
+        vaesenc	xmm5, xmm5, xmm8
         vaesenc	xmm5, xmm5, [rdi+208]
-        vmovdqa	xmm9, OWORD PTR [rdi+224]
+        vmovdqa	xmm8, OWORD PTR [rdi+224]
 L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
-        vaesenclast	xmm5, xmm5, xmm9
+        vaesenclast	xmm5, xmm5, xmm8
         vpshufb	xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_bswap_mask
         ; Calc counter
         ; Initialization vector
@@ -8989,9 +9167,9 @@ L_AES_GCM_init_avx1_calc_iv_1_aesenc_avx_last:
         jl	L_AES_GCM_init_avx1_calc_iv_lt16
         and	edx, 4294967280
 L_AES_GCM_init_avx1_calc_iv_16_loop:
-        vmovdqu	xmm8, OWORD PTR [r10+rcx]
-        vpshufb	xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
-        vpxor	xmm4, xmm4, xmm8
+        vmovdqu	xmm7, OWORD PTR [r10+rcx]
+        vpshufb	xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+        vpxor	xmm4, xmm4, xmm7
         ; ghash_gfmul_avx
         vpshufd	xmm1, xmm4, 78
         vpshufd	xmm2, xmm5, 78
@@ -9002,38 +9180,38 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
         vpclmulqdq	xmm1, xmm1, xmm2, 0
         vpxor	xmm1, xmm1, xmm0
         vpxor	xmm1, xmm1, xmm3
-        vmovdqa	xmm7, xmm0
+        vmovdqa	xmm6, xmm0
         vmovdqa	xmm4, xmm3
         vpslldq	xmm2, xmm1, 8
         vpsrldq	xmm1, xmm1, 8
-        vpxor	xmm7, xmm7, xmm2
+        vpxor	xmm6, xmm6, xmm2
         vpxor	xmm4, xmm4, xmm1
-        vpsrld	xmm0, xmm7, 31
+        vpsrld	xmm0, xmm6, 31
         vpsrld	xmm1, xmm4, 31
-        vpslld	xmm7, xmm7, 1
+        vpslld	xmm6, xmm6, 1
         vpslld	xmm4, xmm4, 1
         vpsrldq	xmm2, xmm0, 12
         vpslldq	xmm0, xmm0, 4
         vpslldq	xmm1, xmm1, 4
         vpor	xmm4, xmm4, xmm2
-        vpor	xmm7, xmm7, xmm0
+        vpor	xmm6, xmm6, xmm0
         vpor	xmm4, xmm4, xmm1
-        vpslld	xmm0, xmm7, 31
-        vpslld	xmm1, xmm7, 30
-        vpslld	xmm2, xmm7, 25
+        vpslld	xmm0, xmm6, 31
+        vpslld	xmm1, xmm6, 30
+        vpslld	xmm2, xmm6, 25
         vpxor	xmm0, xmm0, xmm1
         vpxor	xmm0, xmm0, xmm2
         vmovdqa	xmm1, xmm0
         vpsrldq	xmm1, xmm1, 4
         vpslldq	xmm0, xmm0, 12
-        vpxor	xmm7, xmm7, xmm0
-        vpsrld	xmm2, xmm7, 1
-        vpsrld	xmm3, xmm7, 2
-        vpsrld	xmm0, xmm7, 7
+        vpxor	xmm6, xmm6, xmm0
+        vpsrld	xmm2, xmm6, 1
+        vpsrld	xmm3, xmm6, 2
+        vpsrld	xmm0, xmm6, 7
         vpxor	xmm2, xmm2, xmm3
         vpxor	xmm2, xmm2, xmm0
         vpxor	xmm2, xmm2, xmm1
-        vpxor	xmm2, xmm2, xmm7
+        vpxor	xmm2, xmm2, xmm6
         vpxor	xmm4, xmm4, xmm2
         add	ecx, 16
         cmp	ecx, edx
@@ -9043,9 +9221,9 @@ L_AES_GCM_init_avx1_calc_iv_16_loop:
         je	L_AES_GCM_init_avx1_calc_iv_done
 L_AES_GCM_init_avx1_calc_iv_lt16:
         sub	rsp, 16
-        vpxor	xmm8, xmm8, xmm8
+        vpxor	xmm7, xmm7, xmm7
         xor	r13d, r13d
-        vmovdqu	OWORD PTR [rsp], xmm8
+        vmovdqu	OWORD PTR [rsp], xmm7
 L_AES_GCM_init_avx1_calc_iv_loop:
         movzx	r12d, BYTE PTR [r10+rcx]
         mov	BYTE PTR [rsp+r13], r12b
@@ -9053,10 +9231,10 @@ L_AES_GCM_init_avx1_calc_iv_loop:
         inc	r13d
         cmp	ecx, edx
         jl	L_AES_GCM_init_avx1_calc_iv_loop
-        vmovdqu	xmm8, OWORD PTR [rsp]
+        vmovdqu	xmm7, OWORD PTR [rsp]
         add	rsp, 16
-        vpshufb	xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
-        vpxor	xmm4, xmm4, xmm8
+        vpshufb	xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+        vpxor	xmm4, xmm4, xmm7
         ; ghash_gfmul_avx
         vpshufd	xmm1, xmm4, 78
         vpshufd	xmm2, xmm5, 78
@@ -9067,38 +9245,38 @@ L_AES_GCM_init_avx1_calc_iv_loop:
         vpclmulqdq	xmm1, xmm1, xmm2, 0
         vpxor	xmm1, xmm1, xmm0
         vpxor	xmm1, xmm1, xmm3
-        vmovdqa	xmm7, xmm0
+        vmovdqa	xmm6, xmm0
         vmovdqa	xmm4, xmm3
         vpslldq	xmm2, xmm1, 8
         vpsrldq	xmm1, xmm1, 8
-        vpxor	xmm7, xmm7, xmm2
+        vpxor	xmm6, xmm6, xmm2
         vpxor	xmm4, xmm4, xmm1
-        vpsrld	xmm0, xmm7, 31
+        vpsrld	xmm0, xmm6, 31
         vpsrld	xmm1, xmm4, 31
-        vpslld	xmm7, xmm7, 1
+        vpslld	xmm6, xmm6, 1
         vpslld	xmm4, xmm4, 1
         vpsrldq	xmm2, xmm0, 12
         vpslldq	xmm0, xmm0, 4
         vpslldq	xmm1, xmm1, 4
         vpor	xmm4, xmm4, xmm2
-        vpor	xmm7, xmm7, xmm0
+        vpor	xmm6, xmm6, xmm0
         vpor	xmm4, xmm4, xmm1
-        vpslld	xmm0, xmm7, 31
-        vpslld	xmm1, xmm7, 30
-        vpslld	xmm2, xmm7, 25
+        vpslld	xmm0, xmm6, 31
+        vpslld	xmm1, xmm6, 30
+        vpslld	xmm2, xmm6, 25
         vpxor	xmm0, xmm0, xmm1
         vpxor	xmm0, xmm0, xmm2
         vmovdqa	xmm1, xmm0
         vpsrldq	xmm1, xmm1, 4
         vpslldq	xmm0, xmm0, 12
-        vpxor	xmm7, xmm7, xmm0
-        vpsrld	xmm2, xmm7, 1
-        vpsrld	xmm3, xmm7, 2
-        vpsrld	xmm0, xmm7, 7
+        vpxor	xmm6, xmm6, xmm0
+        vpsrld	xmm2, xmm6, 1
+        vpsrld	xmm3, xmm6, 2
+        vpsrld	xmm0, xmm6, 7
         vpxor	xmm2, xmm2, xmm3
         vpxor	xmm2, xmm2, xmm0
         vpxor	xmm2, xmm2, xmm1
-        vpxor	xmm2, xmm2, xmm7
+        vpxor	xmm2, xmm2, xmm6
         vpxor	xmm4, xmm4, xmm2
 L_AES_GCM_init_avx1_calc_iv_done:
         ; T = Encrypt counter
@@ -9116,66 +9294,66 @@ L_AES_GCM_init_avx1_calc_iv_done:
         vpclmulqdq	xmm1, xmm1, xmm2, 0
         vpxor	xmm1, xmm1, xmm0
         vpxor	xmm1, xmm1, xmm3
-        vmovdqa	xmm7, xmm0
+        vmovdqa	xmm6, xmm0
         vmovdqa	xmm4, xmm3
         vpslldq	xmm2, xmm1, 8
         vpsrldq	xmm1, xmm1, 8
-        vpxor	xmm7, xmm7, xmm2
+        vpxor	xmm6, xmm6, xmm2
         vpxor	xmm4, xmm4, xmm1
-        vpsrld	xmm0, xmm7, 31
+        vpsrld	xmm0, xmm6, 31
         vpsrld	xmm1, xmm4, 31
-        vpslld	xmm7, xmm7, 1
+        vpslld	xmm6, xmm6, 1
         vpslld	xmm4, xmm4, 1
         vpsrldq	xmm2, xmm0, 12
         vpslldq	xmm0, xmm0, 4
         vpslldq	xmm1, xmm1, 4
         vpor	xmm4, xmm4, xmm2
-        vpor	xmm7, xmm7, xmm0
+        vpor	xmm6, xmm6, xmm0
         vpor	xmm4, xmm4, xmm1
-        vpslld	xmm0, xmm7, 31
-        vpslld	xmm1, xmm7, 30
-        vpslld	xmm2, xmm7, 25
+        vpslld	xmm0, xmm6, 31
+        vpslld	xmm1, xmm6, 30
+        vpslld	xmm2, xmm6, 25
         vpxor	xmm0, xmm0, xmm1
         vpxor	xmm0, xmm0, xmm2
         vmovdqa	xmm1, xmm0
         vpsrldq	xmm1, xmm1, 4
         vpslldq	xmm0, xmm0, 12
-        vpxor	xmm7, xmm7, xmm0
-        vpsrld	xmm2, xmm7, 1
-        vpsrld	xmm3, xmm7, 2
-        vpsrld	xmm0, xmm7, 7
+        vpxor	xmm6, xmm6, xmm0
+        vpsrld	xmm2, xmm6, 1
+        vpsrld	xmm3, xmm6, 2
+        vpsrld	xmm0, xmm6, 7
         vpxor	xmm2, xmm2, xmm3
         vpxor	xmm2, xmm2, xmm0
         vpxor	xmm2, xmm2, xmm1
-        vpxor	xmm2, xmm2, xmm7
+        vpxor	xmm2, xmm2, xmm6
         vpxor	xmm4, xmm4, xmm2
         vpshufb	xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_mask
         ;   Encrypt counter
-        vmovdqa	xmm8, OWORD PTR [rdi]
-        vpxor	xmm8, xmm8, xmm4
-        vaesenc	xmm8, xmm8, [rdi+16]
-        vaesenc	xmm8, xmm8, [rdi+32]
-        vaesenc	xmm8, xmm8, [rdi+48]
-        vaesenc	xmm8, xmm8, [rdi+64]
-        vaesenc	xmm8, xmm8, [rdi+80]
-        vaesenc	xmm8, xmm8, [rdi+96]
-        vaesenc	xmm8, xmm8, [rdi+112]
-        vaesenc	xmm8, xmm8, [rdi+128]
-        vaesenc	xmm8, xmm8, [rdi+144]
+        vmovdqa	xmm7, OWORD PTR [rdi]
+        vpxor	xmm7, xmm7, xmm4
+        vaesenc	xmm7, xmm7, [rdi+16]
+        vaesenc	xmm7, xmm7, [rdi+32]
+        vaesenc	xmm7, xmm7, [rdi+48]
+        vaesenc	xmm7, xmm7, [rdi+64]
+        vaesenc	xmm7, xmm7, [rdi+80]
+        vaesenc	xmm7, xmm7, [rdi+96]
+        vaesenc	xmm7, xmm7, [rdi+112]
+        vaesenc	xmm7, xmm7, [rdi+128]
+        vaesenc	xmm7, xmm7, [rdi+144]
         cmp	esi, 11
-        vmovdqa	xmm9, OWORD PTR [rdi+160]
+        vmovdqa	xmm8, OWORD PTR [rdi+160]
         jl	L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
-        vaesenc	xmm8, xmm8, xmm9
-        vaesenc	xmm8, xmm8, [rdi+176]
+        vaesenc	xmm7, xmm7, xmm8
+        vaesenc	xmm7, xmm7, [rdi+176]
         cmp	esi, 13
-        vmovdqa	xmm9, OWORD PTR [rdi+192]
+        vmovdqa	xmm8, OWORD PTR [rdi+192]
         jl	L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last
-        vaesenc	xmm8, xmm8, xmm9
-        vaesenc	xmm8, xmm8, [rdi+208]
-        vmovdqa	xmm9, OWORD PTR [rdi+224]
+        vaesenc	xmm7, xmm7, xmm8
+        vaesenc	xmm7, xmm7, [rdi+208]
+        vmovdqa	xmm8, OWORD PTR [rdi+224]
 L_AES_GCM_init_avx1_calc_iv_2_aesenc_avx_last:
-        vaesenclast	xmm8, xmm8, xmm9
-        vmovdqu	xmm15, xmm8
+        vaesenclast	xmm7, xmm7, xmm8
+        vmovdqu	xmm15, xmm7
 L_AES_GCM_init_avx1_iv_done:
         vmovdqa	OWORD PTR [r9], xmm15
         vpshufb	xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_epi64
@@ -9183,7 +9361,11 @@ L_AES_GCM_init_avx1_iv_done:
         vmovdqa	OWORD PTR [rax], xmm5
         vmovdqa	OWORD PTR [r8], xmm4
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        vmovdqu	xmm8, OWORD PTR [rsp+48]
+        vmovdqu	xmm15, OWORD PTR [rsp+64]
+        add	rsp, 80
         pop	r13
         pop	r12
         pop	rsi
@@ -9194,13 +9376,16 @@ _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_aad_update_avx1 PROC
         mov	rax, rcx
+        sub	rsp, 32
+        vmovdqu	OWORD PTR [rsp], xmm6
+        vmovdqu	OWORD PTR [rsp+16], xmm7
         vmovdqa	xmm5, OWORD PTR [r8]
         vmovdqa	xmm6, OWORD PTR [r9]
         xor	ecx, ecx
 L_AES_GCM_aad_update_avx1_16_loop:
-        vmovdqu	xmm8, OWORD PTR [rax+rcx]
-        vpshufb	xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
-        vpxor	xmm5, xmm5, xmm8
+        vmovdqu	xmm7, OWORD PTR [rax+rcx]
+        vpshufb	xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+        vpxor	xmm5, xmm5, xmm7
         ; ghash_gfmul_avx
         vpshufd	xmm1, xmm5, 78
         vpshufd	xmm2, xmm6, 78
@@ -9249,6 +9434,9 @@ L_AES_GCM_aad_update_avx1_16_loop:
         jl	L_AES_GCM_aad_update_avx1_16_loop
         vmovdqa	OWORD PTR [r8], xmm5
         vzeroupper
+        vmovdqu	xmm6, OWORD PTR [rsp]
+        vmovdqu	xmm7, OWORD PTR [rsp+16]
+        add	rsp, 32
         ret
 AES_GCM_aad_update_avx1 ENDP
 _text ENDS
@@ -9257,48 +9445,51 @@ AES_GCM_encrypt_block_avx1 PROC
         mov	r10, r8
         mov	r11, r9
         mov	rax, QWORD PTR [rsp+40]
-        vmovdqu	xmm9, OWORD PTR [rax]
-        vpshufb	xmm8, xmm9, OWORD PTR L_avx1_aes_gcm_bswap_epi64
-        vpaddd	xmm9, xmm9, OWORD PTR L_avx1_aes_gcm_one
-        vmovdqu	OWORD PTR [rax], xmm9
-        vpxor	xmm8, xmm8, [rcx]
-        vaesenc	xmm8, xmm8, [rcx+16]
-        vaesenc	xmm8, xmm8, [rcx+32]
-        vaesenc	xmm8, xmm8, [rcx+48]
-        vaesenc	xmm8, xmm8, [rcx+64]
-        vaesenc	xmm8, xmm8, [rcx+80]
-        vaesenc	xmm8, xmm8, [rcx+96]
-        vaesenc	xmm8, xmm8, [rcx+112]
-        vaesenc	xmm8, xmm8, [rcx+128]
-        vaesenc	xmm8, xmm8, [rcx+144]
+        vmovdqu	xmm1, OWORD PTR [rax]
+        vpshufb	xmm0, xmm1, OWORD PTR L_avx1_aes_gcm_bswap_epi64
+        vpaddd	xmm1, xmm1, OWORD PTR L_avx1_aes_gcm_one
+        vmovdqu	OWORD PTR [rax], xmm1
+        vpxor	xmm0, xmm0, [rcx]
+        vaesenc	xmm0, xmm0, [rcx+16]
+        vaesenc	xmm0, xmm0, [rcx+32]
+        vaesenc	xmm0, xmm0, [rcx+48]
+        vaesenc	xmm0, xmm0, [rcx+64]
+        vaesenc	xmm0, xmm0, [rcx+80]
+        vaesenc	xmm0, xmm0, [rcx+96]
+        vaesenc	xmm0, xmm0, [rcx+112]
+        vaesenc	xmm0, xmm0, [rcx+128]
+        vaesenc	xmm0, xmm0, [rcx+144]
         cmp	edx, 11
-        vmovdqa	xmm9, OWORD PTR [rcx+160]
+        vmovdqa	xmm1, OWORD PTR [rcx+160]
         jl	L_AES_GCM_encrypt_block_avx1_aesenc_block_last
-        vaesenc	xmm8, xmm8, xmm9
-        vaesenc	xmm8, xmm8, [rcx+176]
+        vaesenc	xmm0, xmm0, xmm1
+        vaesenc	xmm0, xmm0, [rcx+176]
         cmp	edx, 13
-        vmovdqa	xmm9, OWORD PTR [rcx+192]
+        vmovdqa	xmm1, OWORD PTR [rcx+192]
         jl	L_AES_GCM_encrypt_block_avx1_aesenc_block_last
-        vaesenc	xmm8, xmm8, xmm9
-        vaesenc	xmm8, xmm8, [rcx+208]
-        vmovdqa	xmm9, OWORD PTR [rcx+224]
+        vaesenc	xmm0, xmm0, xmm1
+        vaesenc	xmm0, xmm0, [rcx+208]
+        vmovdqa	xmm1, OWORD PTR [rcx+224]
 L_AES_GCM_encrypt_block_avx1_aesenc_block_last:
-        vaesenclast	xmm8, xmm8, xmm9
-        vmovdqu	xmm9, OWORD PTR [r11]
-        vpxor	xmm8, xmm8, xmm9
-        vmovdqu	OWORD PTR [r10], xmm8
-        vpshufb	xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
+        vaesenclast	xmm0, xmm0, xmm1
+        vmovdqu	xmm1, OWORD PTR [r11]
+        vpxor	xmm0, xmm0, xmm1
+        vmovdqu	OWORD PTR [r10], xmm0
+        vpshufb	xmm0, xmm0, OWORD PTR L_avx1_aes_gcm_bswap_mask
         vzeroupper
         ret
 AES_GCM_encrypt_block_avx1 ENDP
 _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_ghash_block_avx1 PROC
+        sub	rsp, 32
+        vmovdqu	OWORD PTR [rsp], xmm6
+        vmovdqu	OWORD PTR [rsp+16], xmm7
         vmovdqa	xmm4, OWORD PTR [rdx]
         vmovdqa	xmm5, OWORD PTR [r8]
-        vmovdqu	xmm8, OWORD PTR [rcx]
-        vpshufb	xmm8, xmm8, OWORD PTR L_avx1_aes_gcm_bswap_mask
-        vpxor	xmm4, xmm4, xmm8
+        vmovdqu	xmm7, OWORD PTR [rcx]
+        vpshufb	xmm7, xmm7, OWORD PTR L_avx1_aes_gcm_bswap_mask
+        vpxor	xmm4, xmm4, xmm7
         ; ghash_gfmul_avx
         vpshufd	xmm1, xmm4, 78
         vpshufd	xmm2, xmm5, 78
@@ -9344,6 +9535,9 @@ AES_GCM_ghash_block_avx1 PROC
         vpxor	xmm4, xmm4, xmm2
         vmovdqa	OWORD PTR [rdx], xmm4
         vzeroupper
+        vmovdqu	xmm6, OWORD PTR [rsp]
+        vmovdqu	xmm7, OWORD PTR [rsp+16]
+        add	rsp, 32
         ret
 AES_GCM_ghash_block_avx1 ENDP
 _text ENDS
@@ -9362,7 +9556,17 @@ AES_GCM_encrypt_update_avx1 PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	r15, QWORD PTR [rsp+104]
-        sub	rsp, 160
+        sub	rsp, 320
+        vmovdqu	OWORD PTR [rsp+160], xmm6
+        vmovdqu	OWORD PTR [rsp+176], xmm7
+        vmovdqu	OWORD PTR [rsp+192], xmm8
+        vmovdqu	OWORD PTR [rsp+208], xmm9
+        vmovdqu	OWORD PTR [rsp+224], xmm10
+        vmovdqu	OWORD PTR [rsp+240], xmm11
+        vmovdqu	OWORD PTR [rsp+256], xmm12
+        vmovdqu	OWORD PTR [rsp+272], xmm13
+        vmovdqu	OWORD PTR [rsp+288], xmm14
+        vmovdqu	OWORD PTR [rsp+304], xmm15
         vmovdqa	xmm6, OWORD PTR [r12]
         vmovdqa	xmm5, OWORD PTR [r14]
         vpsrlq	xmm9, xmm5, 63
@@ -10360,7 +10564,17 @@ L_AES_GCM_encrypt_update_avx1_last_block_done:
 L_AES_GCM_encrypt_update_avx1_done_enc:
         vmovdqa	OWORD PTR [r12], xmm6
         vzeroupper
-        add	rsp, 160
+        vmovdqu	xmm6, OWORD PTR [rsp+160]
+        vmovdqu	xmm7, OWORD PTR [rsp+176]
+        vmovdqu	xmm8, OWORD PTR [rsp+192]
+        vmovdqu	xmm9, OWORD PTR [rsp+208]
+        vmovdqu	xmm10, OWORD PTR [rsp+224]
+        vmovdqu	xmm11, OWORD PTR [rsp+240]
+        vmovdqu	xmm12, OWORD PTR [rsp+256]
+        vmovdqu	xmm13, OWORD PTR [rsp+272]
+        vmovdqu	xmm14, OWORD PTR [rsp+288]
+        vmovdqu	xmm15, OWORD PTR [rsp+304]
+        add	rsp, 320
         pop	rdi
         pop	r15
         pop	r14
@@ -10380,18 +10594,26 @@ AES_GCM_encrypt_final_avx1 PROC
         mov	r11d, DWORD PTR [rsp+64]
         mov	r12, QWORD PTR [rsp+72]
         mov	r14, QWORD PTR [rsp+80]
-        sub	rsp, 16
+        sub	rsp, 144
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
+        vmovdqu	OWORD PTR [rsp+48], xmm8
+        vmovdqu	OWORD PTR [rsp+64], xmm9
+        vmovdqu	OWORD PTR [rsp+80], xmm10
+        vmovdqu	OWORD PTR [rsp+96], xmm11
+        vmovdqu	OWORD PTR [rsp+112], xmm12
+        vmovdqu	OWORD PTR [rsp+128], xmm13
         vmovdqa	xmm4, OWORD PTR [rax]
         vmovdqa	xmm5, OWORD PTR [r12]
         vmovdqa	xmm6, OWORD PTR [r14]
-        vpsrlq	xmm9, xmm5, 63
-        vpsllq	xmm8, xmm5, 1
-        vpslldq	xmm9, xmm9, 8
-        vpor	xmm8, xmm8, xmm9
+        vpsrlq	xmm8, xmm5, 63
+        vpsllq	xmm7, xmm5, 1
+        vpslldq	xmm8, xmm8, 8
+        vpor	xmm7, xmm7, xmm8
         vpshufd	xmm5, xmm5, 255
         vpsrad	xmm5, xmm5, 31
         vpand	xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_mod2_128
-        vpxor	xmm5, xmm5, xmm8
+        vpxor	xmm5, xmm5, xmm7
         mov	edx, r10d
         mov	ecx, r11d
         shl	rdx, 3
@@ -10401,35 +10623,35 @@ AES_GCM_encrypt_final_avx1 PROC
         vpunpcklqdq	xmm0, xmm0, xmm1
         vpxor	xmm4, xmm4, xmm0
         ; ghash_gfmul_red_avx
-        vpshufd	xmm9, xmm5, 78
-        vpshufd	xmm10, xmm4, 78
-        vpclmulqdq	xmm11, xmm4, xmm5, 17
-        vpclmulqdq	xmm8, xmm4, xmm5, 0
-        vpxor	xmm9, xmm9, xmm5
-        vpxor	xmm10, xmm10, xmm4
-        vpclmulqdq	xmm9, xmm9, xmm10, 0
-        vpxor	xmm9, xmm9, xmm8
-        vpxor	xmm9, xmm9, xmm11
-        vpslldq	xmm10, xmm9, 8
-        vpsrldq	xmm9, xmm9, 8
+        vpshufd	xmm8, xmm5, 78
+        vpshufd	xmm9, xmm4, 78
+        vpclmulqdq	xmm10, xmm4, xmm5, 17
+        vpclmulqdq	xmm7, xmm4, xmm5, 0
+        vpxor	xmm8, xmm8, xmm5
+        vpxor	xmm9, xmm9, xmm4
+        vpclmulqdq	xmm8, xmm8, xmm9, 0
+        vpxor	xmm8, xmm8, xmm7
         vpxor	xmm8, xmm8, xmm10
-        vpxor	xmm4, xmm11, xmm9
-        vpslld	xmm12, xmm8, 31
-        vpslld	xmm13, xmm8, 30
-        vpslld	xmm14, xmm8, 25
-        vpxor	xmm12, xmm12, xmm13
-        vpxor	xmm12, xmm12, xmm14
-        vpsrldq	xmm13, xmm12, 4
-        vpslldq	xmm12, xmm12, 12
-        vpxor	xmm8, xmm8, xmm12
-        vpsrld	xmm14, xmm8, 1
-        vpsrld	xmm10, xmm8, 2
-        vpsrld	xmm9, xmm8, 7
-        vpxor	xmm14, xmm14, xmm10
-        vpxor	xmm14, xmm14, xmm9
-        vpxor	xmm14, xmm14, xmm13
-        vpxor	xmm14, xmm14, xmm8
-        vpxor	xmm4, xmm4, xmm14
+        vpslldq	xmm9, xmm8, 8
+        vpsrldq	xmm8, xmm8, 8
+        vpxor	xmm7, xmm7, xmm9
+        vpxor	xmm4, xmm10, xmm8
+        vpslld	xmm11, xmm7, 31
+        vpslld	xmm12, xmm7, 30
+        vpslld	xmm13, xmm7, 25
+        vpxor	xmm11, xmm11, xmm12
+        vpxor	xmm11, xmm11, xmm13
+        vpsrldq	xmm12, xmm11, 4
+        vpslldq	xmm11, xmm11, 12
+        vpxor	xmm7, xmm7, xmm11
+        vpsrld	xmm13, xmm7, 1
+        vpsrld	xmm9, xmm7, 2
+        vpsrld	xmm8, xmm7, 7
+        vpxor	xmm13, xmm13, xmm9
+        vpxor	xmm13, xmm13, xmm8
+        vpxor	xmm13, xmm13, xmm12
+        vpxor	xmm13, xmm13, xmm7
+        vpxor	xmm4, xmm4, xmm13
         vpshufb	xmm4, xmm4, OWORD PTR L_avx1_aes_gcm_bswap_mask
         vpxor	xmm0, xmm4, xmm6
         cmp	r8d, 16
@@ -10447,7 +10669,15 @@ L_AES_GCM_encrypt_final_avx1_store_tag_16:
         vmovdqu	OWORD PTR [r9], xmm0
 L_AES_GCM_encrypt_final_avx1_store_tag_done:
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        vmovdqu	xmm8, OWORD PTR [rsp+48]
+        vmovdqu	xmm9, OWORD PTR [rsp+64]
+        vmovdqu	xmm10, OWORD PTR [rsp+80]
+        vmovdqu	xmm11, OWORD PTR [rsp+96]
+        vmovdqu	xmm12, OWORD PTR [rsp+112]
+        vmovdqu	xmm13, OWORD PTR [rsp+128]
+        add	rsp, 144
         pop	r14
         pop	r12
         pop	r13
@@ -10469,7 +10699,17 @@ AES_GCM_decrypt_update_avx1 PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	r15, QWORD PTR [rsp+104]
-        sub	rsp, 168
+        sub	rsp, 328
+        vmovdqu	OWORD PTR [rsp+168], xmm6
+        vmovdqu	OWORD PTR [rsp+184], xmm7
+        vmovdqu	OWORD PTR [rsp+200], xmm8
+        vmovdqu	OWORD PTR [rsp+216], xmm9
+        vmovdqu	OWORD PTR [rsp+232], xmm10
+        vmovdqu	OWORD PTR [rsp+248], xmm11
+        vmovdqu	OWORD PTR [rsp+264], xmm12
+        vmovdqu	OWORD PTR [rsp+280], xmm13
+        vmovdqu	OWORD PTR [rsp+296], xmm14
+        vmovdqu	OWORD PTR [rsp+312], xmm15
         vmovdqa	xmm6, OWORD PTR [r12]
         vmovdqa	xmm5, OWORD PTR [r14]
         vpsrlq	xmm9, xmm5, 63
@@ -11051,7 +11291,17 @@ L_AES_GCM_decrypt_update_avx1_last_block_done:
 L_AES_GCM_decrypt_update_avx1_done_dec:
         vmovdqa	OWORD PTR [r12], xmm6
         vzeroupper
-        add	rsp, 168
+        vmovdqu	xmm6, OWORD PTR [rsp+168]
+        vmovdqu	xmm7, OWORD PTR [rsp+184]
+        vmovdqu	xmm8, OWORD PTR [rsp+200]
+        vmovdqu	xmm9, OWORD PTR [rsp+216]
+        vmovdqu	xmm10, OWORD PTR [rsp+232]
+        vmovdqu	xmm11, OWORD PTR [rsp+248]
+        vmovdqu	xmm12, OWORD PTR [rsp+264]
+        vmovdqu	xmm13, OWORD PTR [rsp+280]
+        vmovdqu	xmm14, OWORD PTR [rsp+296]
+        vmovdqu	xmm15, OWORD PTR [rsp+312]
+        add	rsp, 328
         pop	rdi
         pop	r15
         pop	r14
@@ -11074,18 +11324,27 @@ AES_GCM_decrypt_final_avx1 PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	rbp, QWORD PTR [rsp+104]
-        sub	rsp, 16
+        sub	rsp, 160
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
+        vmovdqu	OWORD PTR [rsp+48], xmm8
+        vmovdqu	OWORD PTR [rsp+64], xmm9
+        vmovdqu	OWORD PTR [rsp+80], xmm10
+        vmovdqu	OWORD PTR [rsp+96], xmm11
+        vmovdqu	OWORD PTR [rsp+112], xmm12
+        vmovdqu	OWORD PTR [rsp+128], xmm13
+        vmovdqu	OWORD PTR [rsp+144], xmm15
         vmovdqa	xmm6, OWORD PTR [rax]
         vmovdqa	xmm5, OWORD PTR [r12]
         vmovdqa	xmm15, OWORD PTR [r14]
-        vpsrlq	xmm9, xmm5, 63
-        vpsllq	xmm8, xmm5, 1
-        vpslldq	xmm9, xmm9, 8
-        vpor	xmm8, xmm8, xmm9
+        vpsrlq	xmm8, xmm5, 63
+        vpsllq	xmm7, xmm5, 1
+        vpslldq	xmm8, xmm8, 8
+        vpor	xmm7, xmm7, xmm8
         vpshufd	xmm5, xmm5, 255
         vpsrad	xmm5, xmm5, 31
         vpand	xmm5, xmm5, OWORD PTR L_avx1_aes_gcm_mod2_128
-        vpxor	xmm5, xmm5, xmm8
+        vpxor	xmm5, xmm5, xmm7
         mov	edx, r10d
         mov	ecx, r11d
         shl	rdx, 3
@@ -11095,35 +11354,35 @@ AES_GCM_decrypt_final_avx1 PROC
         vpunpcklqdq	xmm0, xmm0, xmm1
         vpxor	xmm6, xmm6, xmm0
         ; ghash_gfmul_red_avx
-        vpshufd	xmm9, xmm5, 78
-        vpshufd	xmm10, xmm6, 78
-        vpclmulqdq	xmm11, xmm6, xmm5, 17
-        vpclmulqdq	xmm8, xmm6, xmm5, 0
-        vpxor	xmm9, xmm9, xmm5
-        vpxor	xmm10, xmm10, xmm6
-        vpclmulqdq	xmm9, xmm9, xmm10, 0
-        vpxor	xmm9, xmm9, xmm8
-        vpxor	xmm9, xmm9, xmm11
-        vpslldq	xmm10, xmm9, 8
-        vpsrldq	xmm9, xmm9, 8
+        vpshufd	xmm8, xmm5, 78
+        vpshufd	xmm9, xmm6, 78
+        vpclmulqdq	xmm10, xmm6, xmm5, 17
+        vpclmulqdq	xmm7, xmm6, xmm5, 0
+        vpxor	xmm8, xmm8, xmm5
+        vpxor	xmm9, xmm9, xmm6
+        vpclmulqdq	xmm8, xmm8, xmm9, 0
+        vpxor	xmm8, xmm8, xmm7
         vpxor	xmm8, xmm8, xmm10
-        vpxor	xmm6, xmm11, xmm9
-        vpslld	xmm12, xmm8, 31
-        vpslld	xmm13, xmm8, 30
-        vpslld	xmm14, xmm8, 25
-        vpxor	xmm12, xmm12, xmm13
-        vpxor	xmm12, xmm12, xmm14
-        vpsrldq	xmm13, xmm12, 4
-        vpslldq	xmm12, xmm12, 12
-        vpxor	xmm8, xmm8, xmm12
-        vpsrld	xmm14, xmm8, 1
-        vpsrld	xmm10, xmm8, 2
-        vpsrld	xmm9, xmm8, 7
-        vpxor	xmm14, xmm14, xmm10
-        vpxor	xmm14, xmm14, xmm9
-        vpxor	xmm14, xmm14, xmm13
-        vpxor	xmm14, xmm14, xmm8
-        vpxor	xmm6, xmm6, xmm14
+        vpslldq	xmm9, xmm8, 8
+        vpsrldq	xmm8, xmm8, 8
+        vpxor	xmm7, xmm7, xmm9
+        vpxor	xmm6, xmm10, xmm8
+        vpslld	xmm11, xmm7, 31
+        vpslld	xmm12, xmm7, 30
+        vpslld	xmm13, xmm7, 25
+        vpxor	xmm11, xmm11, xmm12
+        vpxor	xmm11, xmm11, xmm13
+        vpsrldq	xmm12, xmm11, 4
+        vpslldq	xmm11, xmm11, 12
+        vpxor	xmm7, xmm7, xmm11
+        vpsrld	xmm13, xmm7, 1
+        vpsrld	xmm9, xmm7, 2
+        vpsrld	xmm8, xmm7, 7
+        vpxor	xmm13, xmm13, xmm9
+        vpxor	xmm13, xmm13, xmm8
+        vpxor	xmm13, xmm13, xmm12
+        vpxor	xmm13, xmm13, xmm7
+        vpxor	xmm6, xmm6, xmm13
         vpshufb	xmm6, xmm6, OWORD PTR L_avx1_aes_gcm_bswap_mask
         vpxor	xmm0, xmm6, xmm15
         cmp	r8d, 16
@@ -11155,7 +11414,16 @@ L_AES_GCM_decrypt_final_avx1_cmp_tag_16:
 L_AES_GCM_decrypt_final_avx1_cmp_tag_done:
         mov	DWORD PTR [rbp], r15d
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        vmovdqu	xmm8, OWORD PTR [rsp+48]
+        vmovdqu	xmm9, OWORD PTR [rsp+64]
+        vmovdqu	xmm10, OWORD PTR [rsp+80]
+        vmovdqu	xmm11, OWORD PTR [rsp+96]
+        vmovdqu	xmm12, OWORD PTR [rsp+112]
+        vmovdqu	xmm13, OWORD PTR [rsp+128]
+        vmovdqu	xmm15, OWORD PTR [rsp+144]
+        add	rsp, 160
         pop	r15
         pop	rbp
         pop	r14
@@ -11246,7 +11514,17 @@ AES_GCM_encrypt_avx2 PROC
         mov	r14d, DWORD PTR [rsp+128]
         mov	rsi, QWORD PTR [rsp+136]
         mov	r9d, DWORD PTR [rsp+144]
-        sub	rsp, 160
+        sub	rsp, 320
+        vmovdqu	OWORD PTR [rsp+160], xmm6
+        vmovdqu	OWORD PTR [rsp+176], xmm7
+        vmovdqu	OWORD PTR [rsp+192], xmm8
+        vmovdqu	OWORD PTR [rsp+208], xmm9
+        vmovdqu	OWORD PTR [rsp+224], xmm10
+        vmovdqu	OWORD PTR [rsp+240], xmm11
+        vmovdqu	OWORD PTR [rsp+256], xmm12
+        vmovdqu	OWORD PTR [rsp+272], xmm13
+        vmovdqu	OWORD PTR [rsp+288], xmm14
+        vmovdqu	OWORD PTR [rsp+304], xmm15
         vpxor	xmm4, xmm4, xmm4
         vpxor	xmm6, xmm6, xmm6
         mov	edx, ebx
@@ -12517,7 +12795,17 @@ L_AES_GCM_encrypt_avx2_store_tag_16:
         vmovdqu	OWORD PTR [r15], xmm0
 L_AES_GCM_encrypt_avx2_store_tag_done:
         vzeroupper
-        add	rsp, 160
+        vmovdqu	xmm6, OWORD PTR [rsp+160]
+        vmovdqu	xmm7, OWORD PTR [rsp+176]
+        vmovdqu	xmm8, OWORD PTR [rsp+192]
+        vmovdqu	xmm9, OWORD PTR [rsp+208]
+        vmovdqu	xmm10, OWORD PTR [rsp+224]
+        vmovdqu	xmm11, OWORD PTR [rsp+240]
+        vmovdqu	xmm12, OWORD PTR [rsp+256]
+        vmovdqu	xmm13, OWORD PTR [rsp+272]
+        vmovdqu	xmm14, OWORD PTR [rsp+288]
+        vmovdqu	xmm15, OWORD PTR [rsp+304]
+        add	rsp, 320
         pop	rsi
         pop	r14
         pop	rbx
@@ -12550,7 +12838,17 @@ AES_GCM_decrypt_avx2 PROC
         mov	rsi, QWORD PTR [rsp+144]
         mov	r9d, DWORD PTR [rsp+152]
         mov	rbp, QWORD PTR [rsp+160]
-        sub	rsp, 168
+        sub	rsp, 328
+        vmovdqu	OWORD PTR [rsp+168], xmm6
+        vmovdqu	OWORD PTR [rsp+184], xmm7
+        vmovdqu	OWORD PTR [rsp+200], xmm8
+        vmovdqu	OWORD PTR [rsp+216], xmm9
+        vmovdqu	OWORD PTR [rsp+232], xmm10
+        vmovdqu	OWORD PTR [rsp+248], xmm11
+        vmovdqu	OWORD PTR [rsp+264], xmm12
+        vmovdqu	OWORD PTR [rsp+280], xmm13
+        vmovdqu	OWORD PTR [rsp+296], xmm14
+        vmovdqu	OWORD PTR [rsp+312], xmm15
         vpxor	xmm4, xmm4, xmm4
         vpxor	xmm6, xmm6, xmm6
         mov	edx, ebx
@@ -13481,7 +13779,17 @@ L_AES_GCM_decrypt_avx2_cmp_tag_16:
 L_AES_GCM_decrypt_avx2_cmp_tag_done:
         mov	DWORD PTR [rbp], eax
         vzeroupper
-        add	rsp, 168
+        vmovdqu	xmm6, OWORD PTR [rsp+168]
+        vmovdqu	xmm7, OWORD PTR [rsp+184]
+        vmovdqu	xmm8, OWORD PTR [rsp+200]
+        vmovdqu	xmm9, OWORD PTR [rsp+216]
+        vmovdqu	xmm10, OWORD PTR [rsp+232]
+        vmovdqu	xmm11, OWORD PTR [rsp+248]
+        vmovdqu	xmm12, OWORD PTR [rsp+264]
+        vmovdqu	xmm13, OWORD PTR [rsp+280]
+        vmovdqu	xmm14, OWORD PTR [rsp+296]
+        vmovdqu	xmm15, OWORD PTR [rsp+312]
+        add	rsp, 328
         pop	rbp
         pop	rsi
         pop	r15
@@ -13506,7 +13814,9 @@ AES_GCM_init_avx2 PROC
         mov	rax, QWORD PTR [rsp+72]
         mov	r8, QWORD PTR [rsp+80]
         mov	r9, QWORD PTR [rsp+88]
-        sub	rsp, 16
+        sub	rsp, 48
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
         vpxor	xmm4, xmm4, xmm4
         mov	edx, r11d
         cmp	edx, 12
@@ -13755,7 +14065,9 @@ L_AES_GCM_init_avx2_iv_done:
         vmovdqu	OWORD PTR [rax], xmm5
         vmovdqu	OWORD PTR [r8], xmm4
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        add	rsp, 48
         pop	r12
         pop	rsi
         pop	rdi
@@ -13766,6 +14078,8 @@ _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_aad_update_avx2 PROC
         mov	rax, rcx
+        sub	rsp, 16
+        vmovdqu	OWORD PTR [rsp], xmm6
         vmovdqu	xmm4, OWORD PTR [r8]
         vmovdqu	xmm5, OWORD PTR [r9]
         xor	ecx, ecx
@@ -13808,6 +14122,8 @@ L_AES_GCM_aad_update_avx2_16_loop:
         jl	L_AES_GCM_aad_update_avx2_16_loop
         vmovdqu	OWORD PTR [r8], xmm4
         vzeroupper
+        vmovdqu	xmm6, OWORD PTR [rsp]
+        add	rsp, 16
         ret
 AES_GCM_aad_update_avx2 ENDP
 _text ENDS
@@ -13868,6 +14184,8 @@ AES_GCM_encrypt_block_avx2 ENDP
 _text ENDS
 _text SEGMENT READONLY PARA
 AES_GCM_ghash_block_avx2 PROC
+        sub	rsp, 16
+        vmovdqu	OWORD PTR [rsp], xmm6
         vmovdqu	xmm4, OWORD PTR [rdx]
         vmovdqu	xmm5, OWORD PTR [r8]
         vmovdqu	xmm0, OWORD PTR [rcx]
@@ -13905,6 +14223,8 @@ AES_GCM_ghash_block_avx2 PROC
         vpxor	xmm4, xmm4, xmm1
         vmovdqu	OWORD PTR [rdx], xmm4
         vzeroupper
+        vmovdqu	xmm6, OWORD PTR [rsp]
+        add	rsp, 16
         ret
 AES_GCM_ghash_block_avx2 ENDP
 _text ENDS
@@ -13923,7 +14243,17 @@ AES_GCM_encrypt_update_avx2 PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r13, QWORD PTR [rsp+96]
         mov	r14, QWORD PTR [rsp+104]
-        sub	rsp, 152
+        sub	rsp, 312
+        vmovdqu	OWORD PTR [rsp+152], xmm6
+        vmovdqu	OWORD PTR [rsp+168], xmm7
+        vmovdqu	OWORD PTR [rsp+184], xmm8
+        vmovdqu	OWORD PTR [rsp+200], xmm9
+        vmovdqu	OWORD PTR [rsp+216], xmm10
+        vmovdqu	OWORD PTR [rsp+232], xmm11
+        vmovdqu	OWORD PTR [rsp+248], xmm12
+        vmovdqu	OWORD PTR [rsp+264], xmm13
+        vmovdqu	OWORD PTR [rsp+280], xmm14
+        vmovdqu	OWORD PTR [rsp+296], xmm15
         vmovdqu	xmm6, OWORD PTR [r12]
         vmovdqu	xmm5, OWORD PTR [r13]
         vmovdqu	xmm4, OWORD PTR [r14]
@@ -14754,7 +15084,17 @@ L_AES_GCM_encrypt_update_avx2_done_enc:
         vmovdqu	OWORD PTR [r12], xmm6
         vmovdqu	OWORD PTR [r14], xmm4
         vzeroupper
-        add	rsp, 152
+        vmovdqu	xmm6, OWORD PTR [rsp+152]
+        vmovdqu	xmm7, OWORD PTR [rsp+168]
+        vmovdqu	xmm8, OWORD PTR [rsp+184]
+        vmovdqu	xmm9, OWORD PTR [rsp+200]
+        vmovdqu	xmm10, OWORD PTR [rsp+216]
+        vmovdqu	xmm11, OWORD PTR [rsp+232]
+        vmovdqu	xmm12, OWORD PTR [rsp+248]
+        vmovdqu	xmm13, OWORD PTR [rsp+264]
+        vmovdqu	xmm14, OWORD PTR [rsp+280]
+        vmovdqu	xmm15, OWORD PTR [rsp+296]
+        add	rsp, 312
         pop	rdi
         pop	r15
         pop	r14
@@ -14770,7 +15110,9 @@ AES_GCM_encrypt_final_avx2 PROC
         mov	eax, DWORD PTR [rsp+56]
         mov	r10, QWORD PTR [rsp+64]
         mov	r11, QWORD PTR [rsp+72]
-        sub	rsp, 16
+        sub	rsp, 48
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
         vmovdqu	xmm4, OWORD PTR [rcx]
         vmovdqu	xmm5, OWORD PTR [r10]
         vmovdqu	xmm6, OWORD PTR [r11]
@@ -14824,7 +15166,9 @@ L_AES_GCM_encrypt_final_avx2_store_tag_16:
         vmovdqu	OWORD PTR [rdx], xmm0
 L_AES_GCM_encrypt_final_avx2_store_tag_done:
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        add	rsp, 48
         pop	r13
         pop	r12
         ret
@@ -14845,7 +15189,17 @@ AES_GCM_decrypt_update_avx2 PROC
         mov	r12, QWORD PTR [rsp+88]
         mov	r14, QWORD PTR [rsp+96]
         mov	r15, QWORD PTR [rsp+104]
-        sub	rsp, 168
+        sub	rsp, 328
+        vmovdqu	OWORD PTR [rsp+168], xmm6
+        vmovdqu	OWORD PTR [rsp+184], xmm7
+        vmovdqu	OWORD PTR [rsp+200], xmm8
+        vmovdqu	OWORD PTR [rsp+216], xmm9
+        vmovdqu	OWORD PTR [rsp+232], xmm10
+        vmovdqu	OWORD PTR [rsp+248], xmm11
+        vmovdqu	OWORD PTR [rsp+264], xmm12
+        vmovdqu	OWORD PTR [rsp+280], xmm13
+        vmovdqu	OWORD PTR [rsp+296], xmm14
+        vmovdqu	OWORD PTR [rsp+312], xmm15
         vmovdqu	xmm6, OWORD PTR [r12]
         vmovdqu	xmm5, OWORD PTR [r14]
         vmovdqu	xmm4, OWORD PTR [r15]
@@ -15329,7 +15683,17 @@ L_AES_GCM_decrypt_update_avx2_done_dec:
         vmovdqu	OWORD PTR [r12], xmm6
         vmovdqu	OWORD PTR [r15], xmm4
         vzeroupper
-        add	rsp, 168
+        vmovdqu	xmm6, OWORD PTR [rsp+168]
+        vmovdqu	xmm7, OWORD PTR [rsp+184]
+        vmovdqu	xmm8, OWORD PTR [rsp+200]
+        vmovdqu	xmm9, OWORD PTR [rsp+216]
+        vmovdqu	xmm10, OWORD PTR [rsp+232]
+        vmovdqu	xmm11, OWORD PTR [rsp+248]
+        vmovdqu	xmm12, OWORD PTR [rsp+264]
+        vmovdqu	xmm13, OWORD PTR [rsp+280]
+        vmovdqu	xmm14, OWORD PTR [rsp+296]
+        vmovdqu	xmm15, OWORD PTR [rsp+312]
+        add	rsp, 328
         pop	rdi
         pop	r15
         pop	r14
@@ -15347,7 +15711,9 @@ AES_GCM_decrypt_final_avx2 PROC
         mov	r10, QWORD PTR [rsp+72]
         mov	r11, QWORD PTR [rsp+80]
         mov	r12, QWORD PTR [rsp+88]
-        sub	rsp, 16
+        sub	rsp, 48
+        vmovdqu	OWORD PTR [rsp+16], xmm6
+        vmovdqu	OWORD PTR [rsp+32], xmm7
         vmovdqu	xmm4, OWORD PTR [rcx]
         vmovdqu	xmm5, OWORD PTR [r10]
         vmovdqu	xmm6, OWORD PTR [r11]
@@ -15412,7 +15778,9 @@ L_AES_GCM_decrypt_final_avx2_cmp_tag_16:
 L_AES_GCM_decrypt_final_avx2_cmp_tag_done:
         mov	DWORD PTR [r12], r10d
         vzeroupper
-        add	rsp, 16
+        vmovdqu	xmm6, OWORD PTR [rsp+16]
+        vmovdqu	xmm7, OWORD PTR [rsp+32]
+        add	rsp, 48
         pop	r14
         pop	r13
         pop	r12
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S
new file mode 100644
index 00000000..fedead84
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/aes_xts_asm.S
@@ -0,0 +1,1449 @@
+/* aes_xts_asm.S */
+/*
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef WOLFSSL_USER_SETTINGS
+#ifdef WOLFSSL_USER_SETTINGS_ASM
+/*
+ * user_settings_asm.h is a file generated by the script user_settings_asm.sh.
+ * The script takes in a user_settings.h and produces user_settings_asm.h, which
+ * is a stripped down version of user_settings.h containing only preprocessor
+ * directives. This makes the header safe to include in assembly (.S) files.
+ */
+#include "user_settings_asm.h"
+#else
+/*
+ * Note: if user_settings.h contains any C code (e.g. a typedef or function
+ * prototype), including it here in an assembly (.S) file will cause an
+ * assembler failure. See user_settings_asm.h above.
+ */
+#include "user_settings.h"
+#endif /* WOLFSSL_USER_SETTINGS_ASM */
+#endif /* WOLFSSL_USER_SETTINGS */
+
+#ifndef HAVE_INTEL_AVX1
+#define HAVE_INTEL_AVX1
+#endif /* HAVE_INTEL_AVX1 */
+#ifndef NO_AVX2_SUPPORT
+#define HAVE_INTEL_AVX2
+#endif /* NO_AVX2_SUPPORT */
+
+#ifdef WOLFSSL_AES_XTS
+#ifdef WOLFSSL_X86_64_BUILD
+#ifndef __APPLE__
+.data
+#else
+.section	__DATA,__data
+#endif /* __APPLE__ */
+L_aes_xts_gc_xts:
+.long	0x87,0x1,0x1,0x1
+#ifndef __APPLE__
+.text
+.globl	AES_XTS_encrypt_aesni
+.type	AES_XTS_encrypt_aesni,@function
+.align	16
+AES_XTS_encrypt_aesni:
+#else
+.section	__TEXT,__text
+.globl	_AES_XTS_encrypt_aesni
+.p2align	4
+_AES_XTS_encrypt_aesni:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        movq	%rdx, %rax
+        movq	%rcx, %r12
+        movl	24(%rsp), %r10d
+        subq	$0x40, %rsp
+        movdqu	L_aes_xts_gc_xts(%rip), %xmm12
+        movdqu	(%r12), %xmm0
+        # aes_enc_block
+        pxor	(%r9), %xmm0
+        movdqu	16(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	32(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	48(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	64(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	80(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	96(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	112(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	128(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	144(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        cmpl	$11, %r10d
+        movdqu	160(%r9), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last
+        aesenc	%xmm5, %xmm0
+        movdqu	176(%r9), %xmm6
+        aesenc	%xmm6, %xmm0
+        cmpl	$13, %r10d
+        movdqu	192(%r9), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last
+        aesenc	%xmm5, %xmm0
+        movdqu	208(%r9), %xmm6
+        aesenc	%xmm6, %xmm0
+        movdqu	224(%r9), %xmm5
+L_AES_XTS_encrypt_aesni_tweak_aes_enc_block_last:
+        aesenclast	%xmm5, %xmm0
+        xorl	%r13d, %r13d
+        cmpl	$0x40, %eax
+        movl	%eax, %r11d
+        jl	L_AES_XTS_encrypt_aesni_done_64
+        andl	$0xffffffc0, %r11d
+L_AES_XTS_encrypt_aesni_enc_64:
+        # 64 bytes of input
+        # aes_enc_64
+        leaq	(%rdi,%r13,1), %rcx
+        leaq	(%rsi,%r13,1), %rdx
+        movdqu	(%rcx), %xmm8
+        movdqu	16(%rcx), %xmm9
+        movdqu	32(%rcx), %xmm10
+        movdqu	48(%rcx), %xmm11
+        movdqa	%xmm0, %xmm4
+        movdqa	%xmm0, %xmm1
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm1
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm1
+        movdqa	%xmm1, %xmm4
+        movdqa	%xmm1, %xmm2
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm2
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm2
+        movdqa	%xmm2, %xmm4
+        movdqa	%xmm2, %xmm3
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm3
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm3
+        pxor	%xmm0, %xmm8
+        pxor	%xmm1, %xmm9
+        pxor	%xmm2, %xmm10
+        pxor	%xmm3, %xmm11
+        # aes_enc_block
+        movdqu	(%r8), %xmm4
+        pxor	%xmm4, %xmm8
+        pxor	%xmm4, %xmm9
+        pxor	%xmm4, %xmm10
+        pxor	%xmm4, %xmm11
+        movdqu	16(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	32(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	48(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	64(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	80(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	96(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	112(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	128(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	144(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm4
+        jl	L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	176(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm4
+        jl	L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	208(%r8), %xmm4
+        aesenc	%xmm4, %xmm8
+        aesenc	%xmm4, %xmm9
+        aesenc	%xmm4, %xmm10
+        aesenc	%xmm4, %xmm11
+        movdqu	224(%r8), %xmm4
+L_AES_XTS_encrypt_aesni_aes_enc_64_aes_enc_block_last:
+        aesenclast	%xmm4, %xmm8
+        aesenclast	%xmm4, %xmm9
+        aesenclast	%xmm4, %xmm10
+        aesenclast	%xmm4, %xmm11
+        pxor	%xmm0, %xmm8
+        pxor	%xmm1, %xmm9
+        pxor	%xmm2, %xmm10
+        pxor	%xmm3, %xmm11
+        movdqu	%xmm8, (%rdx)
+        movdqu	%xmm9, 16(%rdx)
+        movdqu	%xmm10, 32(%rdx)
+        movdqu	%xmm11, 48(%rdx)
+        movdqa	%xmm3, %xmm4
+        movdqa	%xmm3, %xmm0
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm0
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm0
+        addl	$0x40, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_encrypt_aesni_enc_64
+L_AES_XTS_encrypt_aesni_done_64:
+        cmpl	%eax, %r13d
+        movl	%eax, %r11d
+        je	L_AES_XTS_encrypt_aesni_done_enc
+        subl	%r13d, %r11d
+        cmpl	$16, %r11d
+        movl	%eax, %r11d
+        jl	L_AES_XTS_encrypt_aesni_last_15
+        andl	$0xfffffff0, %r11d
+        # 16 bytes of input
+L_AES_XTS_encrypt_aesni_enc_16:
+        leaq	(%rdi,%r13,1), %rcx
+        movdqu	(%rcx), %xmm8
+        pxor	%xmm0, %xmm8
+        # aes_enc_block
+        pxor	(%r8), %xmm8
+        movdqu	16(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	32(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	48(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	64(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	80(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	96(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	112(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	128(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	144(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_aes_enc_block_last
+        aesenc	%xmm5, %xmm8
+        movdqu	176(%r8), %xmm6
+        aesenc	%xmm6, %xmm8
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_aes_enc_block_last
+        aesenc	%xmm5, %xmm8
+        movdqu	208(%r8), %xmm6
+        aesenc	%xmm6, %xmm8
+        movdqu	224(%r8), %xmm5
+L_AES_XTS_encrypt_aesni_aes_enc_block_last:
+        aesenclast	%xmm5, %xmm8
+        pxor	%xmm0, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        movdqu	%xmm8, (%rcx)
+        movdqa	%xmm0, %xmm4
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm0
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm0
+        addl	$16, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_encrypt_aesni_enc_16
+        cmpl	%eax, %r13d
+        je	L_AES_XTS_encrypt_aesni_done_enc
+L_AES_XTS_encrypt_aesni_last_15:
+        subq	$16, %r13
+        leaq	(%rsi,%r13,1), %rcx
+        movdqu	(%rcx), %xmm8
+        addq	$16, %r13
+        movdqu	%xmm8, (%rsp)
+        xorq	%rdx, %rdx
+L_AES_XTS_encrypt_aesni_last_15_byte_loop:
+        movb	(%rsp,%rdx,1), %r11b
+        movb	(%rdi,%r13,1), %cl
+        movb	%r11b, (%rsi,%r13,1)
+        movb	%cl, (%rsp,%rdx,1)
+        incl	%r13d
+        incl	%edx
+        cmpl	%eax, %r13d
+        jl	L_AES_XTS_encrypt_aesni_last_15_byte_loop
+        subq	%rdx, %r13
+        movdqu	(%rsp), %xmm8
+        subq	$16, %r13
+        pxor	%xmm0, %xmm8
+        # aes_enc_block
+        pxor	(%r8), %xmm8
+        movdqu	16(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	32(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	48(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	64(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	80(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	96(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	112(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	128(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        movdqu	144(%r8), %xmm5
+        aesenc	%xmm5, %xmm8
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last
+        aesenc	%xmm5, %xmm8
+        movdqu	176(%r8), %xmm6
+        aesenc	%xmm6, %xmm8
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last
+        aesenc	%xmm5, %xmm8
+        movdqu	208(%r8), %xmm6
+        aesenc	%xmm6, %xmm8
+        movdqu	224(%r8), %xmm5
+L_AES_XTS_encrypt_aesni_last_15_aes_enc_block_last:
+        aesenclast	%xmm5, %xmm8
+        pxor	%xmm0, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        movdqu	%xmm8, (%rcx)
+L_AES_XTS_encrypt_aesni_done_enc:
+        addq	$0x40, %rsp
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	AES_XTS_encrypt_aesni,.-AES_XTS_encrypt_aesni
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	AES_XTS_decrypt_aesni
+.type	AES_XTS_decrypt_aesni,@function
+.align	16
+AES_XTS_decrypt_aesni:
+#else
+.section	__TEXT,__text
+.globl	_AES_XTS_decrypt_aesni
+.p2align	4
+_AES_XTS_decrypt_aesni:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        movq	%rdx, %rax
+        movq	%rcx, %r12
+        movl	24(%rsp), %r10d
+        subq	$16, %rsp
+        movdqu	L_aes_xts_gc_xts(%rip), %xmm12
+        movdqu	(%r12), %xmm0
+        # aes_enc_block
+        pxor	(%r9), %xmm0
+        movdqu	16(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	32(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	48(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	64(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	80(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	96(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	112(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	128(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        movdqu	144(%r9), %xmm5
+        aesenc	%xmm5, %xmm0
+        cmpl	$11, %r10d
+        movdqu	160(%r9), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last
+        aesenc	%xmm5, %xmm0
+        movdqu	176(%r9), %xmm6
+        aesenc	%xmm6, %xmm0
+        cmpl	$13, %r10d
+        movdqu	192(%r9), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last
+        aesenc	%xmm5, %xmm0
+        movdqu	208(%r9), %xmm6
+        aesenc	%xmm6, %xmm0
+        movdqu	224(%r9), %xmm5
+L_AES_XTS_decrypt_aesni_tweak_aes_enc_block_last:
+        aesenclast	%xmm5, %xmm0
+        xorl	%r13d, %r13d
+        movl	%eax, %r11d
+        andl	$0xfffffff0, %r11d
+        cmpl	%eax, %r11d
+        je	L_AES_XTS_decrypt_aesni_mul16_64
+        subl	$16, %r11d
+        cmpl	$16, %r11d
+        jl	L_AES_XTS_decrypt_aesni_last_31_start
+L_AES_XTS_decrypt_aesni_mul16_64:
+        cmpl	$0x40, %r11d
+        jl	L_AES_XTS_decrypt_aesni_done_64
+        andl	$0xffffffc0, %r11d
+L_AES_XTS_decrypt_aesni_dec_64:
+        # 64 bytes of input
+        # aes_dec_64
+        leaq	(%rdi,%r13,1), %rcx
+        leaq	(%rsi,%r13,1), %rdx
+        movdqu	(%rcx), %xmm8
+        movdqu	16(%rcx), %xmm9
+        movdqu	32(%rcx), %xmm10
+        movdqu	48(%rcx), %xmm11
+        movdqa	%xmm0, %xmm4
+        movdqa	%xmm0, %xmm1
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm1
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm1
+        movdqa	%xmm1, %xmm4
+        movdqa	%xmm1, %xmm2
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm2
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm2
+        movdqa	%xmm2, %xmm4
+        movdqa	%xmm2, %xmm3
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm3
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm3
+        pxor	%xmm0, %xmm8
+        pxor	%xmm1, %xmm9
+        pxor	%xmm2, %xmm10
+        pxor	%xmm3, %xmm11
+        # aes_dec_block
+        movdqu	(%r8), %xmm4
+        pxor	%xmm4, %xmm8
+        pxor	%xmm4, %xmm9
+        pxor	%xmm4, %xmm10
+        pxor	%xmm4, %xmm11
+        movdqu	16(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	32(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	48(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	64(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	80(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	96(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	112(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	128(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	144(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm4
+        jl	L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	176(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm4
+        jl	L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	208(%r8), %xmm4
+        aesdec	%xmm4, %xmm8
+        aesdec	%xmm4, %xmm9
+        aesdec	%xmm4, %xmm10
+        aesdec	%xmm4, %xmm11
+        movdqu	224(%r8), %xmm4
+L_AES_XTS_decrypt_aesni_aes_dec_64_aes_dec_block_last:
+        aesdeclast	%xmm4, %xmm8
+        aesdeclast	%xmm4, %xmm9
+        aesdeclast	%xmm4, %xmm10
+        aesdeclast	%xmm4, %xmm11
+        pxor	%xmm0, %xmm8
+        pxor	%xmm1, %xmm9
+        pxor	%xmm2, %xmm10
+        pxor	%xmm3, %xmm11
+        movdqu	%xmm8, (%rdx)
+        movdqu	%xmm9, 16(%rdx)
+        movdqu	%xmm10, 32(%rdx)
+        movdqu	%xmm11, 48(%rdx)
+        movdqa	%xmm3, %xmm4
+        movdqa	%xmm3, %xmm0
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm0
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm0
+        addl	$0x40, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_decrypt_aesni_dec_64
+L_AES_XTS_decrypt_aesni_done_64:
+        cmpl	%eax, %r13d
+        movl	%eax, %r11d
+        je	L_AES_XTS_decrypt_aesni_done_dec
+        andl	$0xfffffff0, %r11d
+        cmpl	%eax, %r11d
+        je	L_AES_XTS_decrypt_aesni_mul16
+        subl	$16, %r11d
+        subl	%r13d, %r11d
+        cmpl	$16, %r11d
+        jl	L_AES_XTS_decrypt_aesni_last_31_start
+        addl	%r13d, %r11d
+L_AES_XTS_decrypt_aesni_mul16:
+L_AES_XTS_decrypt_aesni_dec_16:
+        # 16 bytes of input
+        leaq	(%rdi,%r13,1), %rcx
+        movdqu	(%rcx), %xmm8
+        pxor	%xmm0, %xmm8
+        # aes_dec_block
+        pxor	(%r8), %xmm8
+        movdqu	16(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	32(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	48(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	64(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	80(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	96(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	112(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	128(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	144(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	176(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	208(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        movdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_aes_dec_block_last:
+        aesdeclast	%xmm5, %xmm8
+        pxor	%xmm0, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        movdqu	%xmm8, (%rcx)
+        movdqa	%xmm0, %xmm4
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm0
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm0
+        addl	$16, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_decrypt_aesni_dec_16
+        cmpl	%eax, %r13d
+        je	L_AES_XTS_decrypt_aesni_done_dec
+L_AES_XTS_decrypt_aesni_last_31_start:
+        movdqa	%xmm0, %xmm4
+        movdqa	%xmm0, %xmm7
+        psrad	$31, %xmm4
+        pslld	$0x01, %xmm7
+        pshufd	$0x93, %xmm4, %xmm4
+        pand	%xmm12, %xmm4
+        pxor	%xmm4, %xmm7
+        leaq	(%rdi,%r13,1), %rcx
+        movdqu	(%rcx), %xmm8
+        pxor	%xmm7, %xmm8
+        # aes_dec_block
+        pxor	(%r8), %xmm8
+        movdqu	16(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	32(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	48(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	64(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	80(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	96(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	112(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	128(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	144(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	176(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	208(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        movdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_last_31_aes_dec_block_last:
+        aesdeclast	%xmm5, %xmm8
+        pxor	%xmm7, %xmm8
+        movdqu	%xmm8, (%rsp)
+        addq	$16, %r13
+        xorq	%rdx, %rdx
+L_AES_XTS_decrypt_aesni_last_31_byte_loop:
+        movb	(%rsp,%rdx,1), %r11b
+        movb	(%rdi,%r13,1), %cl
+        movb	%r11b, (%rsi,%r13,1)
+        movb	%cl, (%rsp,%rdx,1)
+        incl	%r13d
+        incl	%edx
+        cmpl	%eax, %r13d
+        jl	L_AES_XTS_decrypt_aesni_last_31_byte_loop
+        subq	%rdx, %r13
+        movdqu	(%rsp), %xmm8
+        pxor	%xmm0, %xmm8
+        # aes_dec_block
+        pxor	(%r8), %xmm8
+        movdqu	16(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	32(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	48(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	64(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	80(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	96(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	112(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	128(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        movdqu	144(%r8), %xmm5
+        aesdec	%xmm5, %xmm8
+        cmpl	$11, %r10d
+        movdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	176(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        cmpl	$13, %r10d
+        movdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last
+        aesdec	%xmm5, %xmm8
+        movdqu	208(%r8), %xmm6
+        aesdec	%xmm6, %xmm8
+        movdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_aesni_last_31_2_aes_dec_block_last:
+        aesdeclast	%xmm5, %xmm8
+        pxor	%xmm0, %xmm8
+        subq	$16, %r13
+        leaq	(%rsi,%r13,1), %rcx
+        movdqu	%xmm8, (%rcx)
+L_AES_XTS_decrypt_aesni_done_dec:
+        addq	$16, %rsp
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	AES_XTS_decrypt_aesni,.-AES_XTS_decrypt_aesni
+#endif /* __APPLE__ */
+#ifdef HAVE_INTEL_AVX1
+#ifndef __APPLE__
+.data
+#else
+.section	__DATA,__data
+#endif /* __APPLE__ */
+L_avx1_aes_xts_gc_xts:
+.long	0x87,0x1,0x1,0x1
+#ifndef __APPLE__
+.text
+.globl	AES_XTS_encrypt_avx1
+.type	AES_XTS_encrypt_avx1,@function
+.align	16
+AES_XTS_encrypt_avx1:
+#else
+.section	__TEXT,__text
+.globl	_AES_XTS_encrypt_avx1
+.p2align	4
+_AES_XTS_encrypt_avx1:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        movq	%rdx, %rax
+        movq	%rcx, %r12
+        movl	24(%rsp), %r10d
+        subq	$0x40, %rsp
+        vmovdqu	L_avx1_aes_xts_gc_xts(%rip), %xmm12
+        vmovdqu	(%r12), %xmm0
+        # aes_enc_block
+        vpxor	(%r9), %xmm0, %xmm0
+        vmovdqu	16(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	32(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	48(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	64(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	80(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	96(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	112(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	128(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	144(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        cmpl	$11, %r10d
+        vmovdqu	160(%r9), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	176(%r9), %xmm6
+        vaesenc	%xmm6, %xmm0, %xmm0
+        cmpl	$13, %r10d
+        vmovdqu	192(%r9), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	208(%r9), %xmm6
+        vaesenc	%xmm6, %xmm0, %xmm0
+        vmovdqu	224(%r9), %xmm5
+L_AES_XTS_encrypt_avx1_tweak_aes_enc_block_last:
+        vaesenclast	%xmm5, %xmm0, %xmm0
+        xorl	%r13d, %r13d
+        cmpl	$0x40, %eax
+        movl	%eax, %r11d
+        jl	L_AES_XTS_encrypt_avx1_done_64
+        andl	$0xffffffc0, %r11d
+L_AES_XTS_encrypt_avx1_enc_64:
+        # 64 bytes of input
+        # aes_enc_64
+        leaq	(%rdi,%r13,1), %rcx
+        leaq	(%rsi,%r13,1), %rdx
+        vmovdqu	(%rcx), %xmm8
+        vmovdqu	16(%rcx), %xmm9
+        vmovdqu	32(%rcx), %xmm10
+        vmovdqu	48(%rcx), %xmm11
+        vpsrad	$31, %xmm0, %xmm4
+        vpslld	$0x01, %xmm0, %xmm1
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm1, %xmm1
+        vpsrad	$31, %xmm1, %xmm4
+        vpslld	$0x01, %xmm1, %xmm2
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm2, %xmm2
+        vpsrad	$31, %xmm2, %xmm4
+        vpslld	$0x01, %xmm2, %xmm3
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm3, %xmm3
+        vpxor	%xmm0, %xmm8, %xmm8
+        vpxor	%xmm1, %xmm9, %xmm9
+        vpxor	%xmm2, %xmm10, %xmm10
+        vpxor	%xmm3, %xmm11, %xmm11
+        # aes_enc_block
+        vmovdqu	(%r8), %xmm4
+        vpxor	%xmm4, %xmm8, %xmm8
+        vpxor	%xmm4, %xmm9, %xmm9
+        vpxor	%xmm4, %xmm10, %xmm10
+        vpxor	%xmm4, %xmm11, %xmm11
+        vmovdqu	16(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	32(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	48(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	64(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	80(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	96(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	112(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	128(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	144(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm4
+        jl	L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	176(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm4
+        jl	L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	208(%r8), %xmm4
+        vaesenc	%xmm4, %xmm8, %xmm8
+        vaesenc	%xmm4, %xmm9, %xmm9
+        vaesenc	%xmm4, %xmm10, %xmm10
+        vaesenc	%xmm4, %xmm11, %xmm11
+        vmovdqu	224(%r8), %xmm4
+L_AES_XTS_encrypt_avx1_aes_enc_64_aes_enc_block_last:
+        vaesenclast	%xmm4, %xmm8, %xmm8
+        vaesenclast	%xmm4, %xmm9, %xmm9
+        vaesenclast	%xmm4, %xmm10, %xmm10
+        vaesenclast	%xmm4, %xmm11, %xmm11
+        vpxor	%xmm0, %xmm8, %xmm8
+        vpxor	%xmm1, %xmm9, %xmm9
+        vpxor	%xmm2, %xmm10, %xmm10
+        vpxor	%xmm3, %xmm11, %xmm11
+        vmovdqu	%xmm8, (%rdx)
+        vmovdqu	%xmm9, 16(%rdx)
+        vmovdqu	%xmm10, 32(%rdx)
+        vmovdqu	%xmm11, 48(%rdx)
+        vpsrad	$31, %xmm3, %xmm4
+        vpslld	$0x01, %xmm3, %xmm0
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm0, %xmm0
+        addl	$0x40, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_encrypt_avx1_enc_64
+L_AES_XTS_encrypt_avx1_done_64:
+        cmpl	%eax, %r13d
+        movl	%eax, %r11d
+        je	L_AES_XTS_encrypt_avx1_done_enc
+        subl	%r13d, %r11d
+        cmpl	$16, %r11d
+        movl	%eax, %r11d
+        jl	L_AES_XTS_encrypt_avx1_last_15
+        andl	$0xfffffff0, %r11d
+        # 16 bytes of input
+L_AES_XTS_encrypt_avx1_enc_16:
+        leaq	(%rdi,%r13,1), %rcx
+        vmovdqu	(%rcx), %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        # aes_enc_block
+        vpxor	(%r8), %xmm8, %xmm8
+        vmovdqu	16(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	32(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	48(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	64(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	80(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	96(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	112(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	128(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	144(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_aes_enc_block_last
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	176(%r8), %xmm6
+        vaesenc	%xmm6, %xmm8, %xmm8
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_aes_enc_block_last
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	208(%r8), %xmm6
+        vaesenc	%xmm6, %xmm8, %xmm8
+        vmovdqu	224(%r8), %xmm5
+L_AES_XTS_encrypt_avx1_aes_enc_block_last:
+        vaesenclast	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        vmovdqu	%xmm8, (%rcx)
+        vpsrad	$31, %xmm0, %xmm4
+        vpslld	$0x01, %xmm0, %xmm0
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm0, %xmm0
+        addl	$16, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_encrypt_avx1_enc_16
+        cmpl	%eax, %r13d
+        je	L_AES_XTS_encrypt_avx1_done_enc
+L_AES_XTS_encrypt_avx1_last_15:
+        subq	$16, %r13
+        leaq	(%rsi,%r13,1), %rcx
+        vmovdqu	(%rcx), %xmm8
+        addq	$16, %r13
+        vmovdqu	%xmm8, (%rsp)
+        xorq	%rdx, %rdx
+L_AES_XTS_encrypt_avx1_last_15_byte_loop:
+        movb	(%rsp,%rdx,1), %r11b
+        movb	(%rdi,%r13,1), %cl
+        movb	%r11b, (%rsi,%r13,1)
+        movb	%cl, (%rsp,%rdx,1)
+        incl	%r13d
+        incl	%edx
+        cmpl	%eax, %r13d
+        jl	L_AES_XTS_encrypt_avx1_last_15_byte_loop
+        subq	%rdx, %r13
+        vmovdqu	(%rsp), %xmm8
+        subq	$16, %r13
+        vpxor	%xmm0, %xmm8, %xmm8
+        # aes_enc_block
+        vpxor	(%r8), %xmm8, %xmm8
+        vmovdqu	16(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	32(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	48(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	64(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	80(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	96(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	112(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	128(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	144(%r8), %xmm5
+        vaesenc	%xmm5, %xmm8, %xmm8
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	176(%r8), %xmm6
+        vaesenc	%xmm6, %xmm8, %xmm8
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last
+        vaesenc	%xmm5, %xmm8, %xmm8
+        vmovdqu	208(%r8), %xmm6
+        vaesenc	%xmm6, %xmm8, %xmm8
+        vmovdqu	224(%r8), %xmm5
+L_AES_XTS_encrypt_avx1_last_15_aes_enc_block_last:
+        vaesenclast	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        vmovdqu	%xmm8, (%rcx)
+L_AES_XTS_encrypt_avx1_done_enc:
+        vzeroupper
+        addq	$0x40, %rsp
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	AES_XTS_encrypt_avx1,.-AES_XTS_encrypt_avx1
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	AES_XTS_decrypt_avx1
+.type	AES_XTS_decrypt_avx1,@function
+.align	16
+AES_XTS_decrypt_avx1:
+#else
+.section	__TEXT,__text
+.globl	_AES_XTS_decrypt_avx1
+.p2align	4
+_AES_XTS_decrypt_avx1:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        movq	%rdx, %rax
+        movq	%rcx, %r12
+        movl	24(%rsp), %r10d
+        subq	$16, %rsp
+        vmovdqu	L_avx1_aes_xts_gc_xts(%rip), %xmm12
+        vmovdqu	(%r12), %xmm0
+        # aes_enc_block
+        vpxor	(%r9), %xmm0, %xmm0
+        vmovdqu	16(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	32(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	48(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	64(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	80(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	96(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	112(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	128(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	144(%r9), %xmm5
+        vaesenc	%xmm5, %xmm0, %xmm0
+        cmpl	$11, %r10d
+        vmovdqu	160(%r9), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	176(%r9), %xmm6
+        vaesenc	%xmm6, %xmm0, %xmm0
+        cmpl	$13, %r10d
+        vmovdqu	192(%r9), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last
+        vaesenc	%xmm5, %xmm0, %xmm0
+        vmovdqu	208(%r9), %xmm6
+        vaesenc	%xmm6, %xmm0, %xmm0
+        vmovdqu	224(%r9), %xmm5
+L_AES_XTS_decrypt_avx1_tweak_aes_enc_block_last:
+        vaesenclast	%xmm5, %xmm0, %xmm0
+        xorl	%r13d, %r13d
+        movl	%eax, %r11d
+        andl	$0xfffffff0, %r11d
+        cmpl	%eax, %r11d
+        je	L_AES_XTS_decrypt_avx1_mul16_64
+        subl	$16, %r11d
+        cmpl	$16, %r11d
+        jl	L_AES_XTS_decrypt_avx1_last_31_start
+L_AES_XTS_decrypt_avx1_mul16_64:
+        cmpl	$0x40, %r11d
+        jl	L_AES_XTS_decrypt_avx1_done_64
+        andl	$0xffffffc0, %r11d
+L_AES_XTS_decrypt_avx1_dec_64:
+        # 64 bytes of input
+        # aes_dec_64
+        leaq	(%rdi,%r13,1), %rcx
+        leaq	(%rsi,%r13,1), %rdx
+        vmovdqu	(%rcx), %xmm8
+        vmovdqu	16(%rcx), %xmm9
+        vmovdqu	32(%rcx), %xmm10
+        vmovdqu	48(%rcx), %xmm11
+        vpsrad	$31, %xmm0, %xmm4
+        vpslld	$0x01, %xmm0, %xmm1
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm1, %xmm1
+        vpsrad	$31, %xmm1, %xmm4
+        vpslld	$0x01, %xmm1, %xmm2
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm2, %xmm2
+        vpsrad	$31, %xmm2, %xmm4
+        vpslld	$0x01, %xmm2, %xmm3
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm3, %xmm3
+        vpxor	%xmm0, %xmm8, %xmm8
+        vpxor	%xmm1, %xmm9, %xmm9
+        vpxor	%xmm2, %xmm10, %xmm10
+        vpxor	%xmm3, %xmm11, %xmm11
+        # aes_dec_block
+        vmovdqu	(%r8), %xmm4
+        vpxor	%xmm4, %xmm8, %xmm8
+        vpxor	%xmm4, %xmm9, %xmm9
+        vpxor	%xmm4, %xmm10, %xmm10
+        vpxor	%xmm4, %xmm11, %xmm11
+        vmovdqu	16(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	32(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	48(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	64(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	80(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	96(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	112(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	128(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	144(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm4
+        jl	L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	176(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm4
+        jl	L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	208(%r8), %xmm4
+        vaesdec	%xmm4, %xmm8, %xmm8
+        vaesdec	%xmm4, %xmm9, %xmm9
+        vaesdec	%xmm4, %xmm10, %xmm10
+        vaesdec	%xmm4, %xmm11, %xmm11
+        vmovdqu	224(%r8), %xmm4
+L_AES_XTS_decrypt_avx1_aes_dec_64_aes_dec_block_last:
+        vaesdeclast	%xmm4, %xmm8, %xmm8
+        vaesdeclast	%xmm4, %xmm9, %xmm9
+        vaesdeclast	%xmm4, %xmm10, %xmm10
+        vaesdeclast	%xmm4, %xmm11, %xmm11
+        vpxor	%xmm0, %xmm8, %xmm8
+        vpxor	%xmm1, %xmm9, %xmm9
+        vpxor	%xmm2, %xmm10, %xmm10
+        vpxor	%xmm3, %xmm11, %xmm11
+        vmovdqu	%xmm8, (%rdx)
+        vmovdqu	%xmm9, 16(%rdx)
+        vmovdqu	%xmm10, 32(%rdx)
+        vmovdqu	%xmm11, 48(%rdx)
+        vpsrad	$31, %xmm3, %xmm4
+        vpslld	$0x01, %xmm3, %xmm0
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm0, %xmm0
+        addl	$0x40, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_decrypt_avx1_dec_64
+L_AES_XTS_decrypt_avx1_done_64:
+        cmpl	%eax, %r13d
+        movl	%eax, %r11d
+        je	L_AES_XTS_decrypt_avx1_done_dec
+        andl	$0xfffffff0, %r11d
+        cmpl	%eax, %r11d
+        je	L_AES_XTS_decrypt_avx1_mul16
+        subl	$16, %r11d
+        subl	%r13d, %r11d
+        cmpl	$16, %r11d
+        jl	L_AES_XTS_decrypt_avx1_last_31_start
+        addl	%r13d, %r11d
+L_AES_XTS_decrypt_avx1_mul16:
+L_AES_XTS_decrypt_avx1_dec_16:
+        # 16 bytes of input
+        leaq	(%rdi,%r13,1), %rcx
+        vmovdqu	(%rcx), %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        # aes_dec_block
+        vpxor	(%r8), %xmm8, %xmm8
+        vmovdqu	16(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	32(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	48(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	64(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	80(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	96(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	112(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	128(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	144(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	176(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	208(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        vmovdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_aes_dec_block_last:
+        vaesdeclast	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        leaq	(%rsi,%r13,1), %rcx
+        vmovdqu	%xmm8, (%rcx)
+        vpsrad	$31, %xmm0, %xmm4
+        vpslld	$0x01, %xmm0, %xmm0
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm0, %xmm0
+        addl	$16, %r13d
+        cmpl	%r11d, %r13d
+        jl	L_AES_XTS_decrypt_avx1_dec_16
+        cmpl	%eax, %r13d
+        je	L_AES_XTS_decrypt_avx1_done_dec
+L_AES_XTS_decrypt_avx1_last_31_start:
+        vpsrad	$31, %xmm0, %xmm4
+        vpslld	$0x01, %xmm0, %xmm7
+        vpshufd	$0x93, %xmm4, %xmm4
+        vpand	%xmm12, %xmm4, %xmm4
+        vpxor	%xmm4, %xmm7, %xmm7
+        leaq	(%rdi,%r13,1), %rcx
+        vmovdqu	(%rcx), %xmm8
+        vpxor	%xmm7, %xmm8, %xmm8
+        # aes_dec_block
+        vpxor	(%r8), %xmm8, %xmm8
+        vmovdqu	16(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	32(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	48(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	64(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	80(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	96(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	112(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	128(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	144(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	176(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	208(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        vmovdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_last_31_aes_dec_block_last:
+        vaesdeclast	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm7, %xmm8, %xmm8
+        vmovdqu	%xmm8, (%rsp)
+        addq	$16, %r13
+        xorq	%rdx, %rdx
+L_AES_XTS_decrypt_avx1_last_31_byte_loop:
+        movb	(%rsp,%rdx,1), %r11b
+        movb	(%rdi,%r13,1), %cl
+        movb	%r11b, (%rsi,%r13,1)
+        movb	%cl, (%rsp,%rdx,1)
+        incl	%r13d
+        incl	%edx
+        cmpl	%eax, %r13d
+        jl	L_AES_XTS_decrypt_avx1_last_31_byte_loop
+        subq	%rdx, %r13
+        vmovdqu	(%rsp), %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        # aes_dec_block
+        vpxor	(%r8), %xmm8, %xmm8
+        vmovdqu	16(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	32(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	48(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	64(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	80(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	96(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	112(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	128(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	144(%r8), %xmm5
+        vaesdec	%xmm5, %xmm8, %xmm8
+        cmpl	$11, %r10d
+        vmovdqu	160(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	176(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        cmpl	$13, %r10d
+        vmovdqu	192(%r8), %xmm5
+        jl	L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last
+        vaesdec	%xmm5, %xmm8, %xmm8
+        vmovdqu	208(%r8), %xmm6
+        vaesdec	%xmm6, %xmm8, %xmm8
+        vmovdqu	224(%r8), %xmm5
+L_AES_XTS_decrypt_avx1_last_31_2_aes_dec_block_last:
+        vaesdeclast	%xmm5, %xmm8, %xmm8
+        vpxor	%xmm0, %xmm8, %xmm8
+        subq	$16, %r13
+        leaq	(%rsi,%r13,1), %rcx
+        vmovdqu	%xmm8, (%rcx)
+L_AES_XTS_decrypt_avx1_done_dec:
+        vzeroupper
+        addq	$16, %rsp
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	AES_XTS_decrypt_avx1,.-AES_XTS_decrypt_avx1
+#endif /* __APPLE__ */
+#endif /* HAVE_INTEL_AVX1 */
+#endif /* WOLFSSL_X86_64_BUILD */
+#endif /* WOLFSSL_AES_XTS */
+
+#if defined(__linux__) && defined(__ELF__)
+.section	.note.GNU-stack,"",%progbits
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
index ea2b4e6d..c735ebfe 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/asm.c
@@ -118,7 +118,7 @@ WC_INLINE static int set_cpuid_flags(void) {
    if(IS_INTEL_BMI2 && IS_INTEL_ADX){  func;  ret ;  }
 
 #else
-    #define IF_HAVE_INTEL_MULX(func, ret)
+    #define IF_HAVE_INTEL_MULX(func, ret) WC_DO_NOTHING
 #endif
 
 #if defined(TFM_X86) && !defined(TFM_SSE2)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c b/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
index 3e00b133..6147dea8 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/asn.c
@@ -63,13 +63,15 @@ ASN Options:
     does not perform a PKI validation, so it is not a secure solution.
     Only enabled for OCSP.
  * WOLFSSL_NO_OCSP_ISSUER_CHECK: Can be defined for backwards compatibility to
-    disable checking of OCSP subject hash with issuer hash.
+    disable checking of https://www.rfc-editor.org/rfc/rfc6960#section-4.2.2.2.
  * WOLFSSL_SMALL_CERT_VERIFY: Verify the certificate signature without using
     DecodedCert. Doubles up on some code but allows smaller dynamic memory
     usage.
  * WOLFSSL_NO_OCSP_DATE_CHECK: Disable date checks for OCSP responses. This
     may be required when the system's real-time clock is not very accurate.
     It is recommended to enforce the nonce check instead if possible.
+ * WOLFSSL_NO_CRL_DATE_CHECK: Disable date checks for CRL's.
+ * WOLFSSL_NO_CRL_NEXT_DATE: Do not fail if CRL next date is missing
  * WOLFSSL_FORCE_OCSP_NONCE_CHECK: Require nonces to be available in OCSP
     responses. The nonces are optional and may not be supported by all
     responders. If it can be ensured that the used responder sends nonces this
@@ -94,6 +96,9 @@ ASN Options:
     cost of taking up more memory. Adds initials, givenname, dnQualifer for
     example.
  * WC_ASN_HASH_SHA256: Force use of SHA2-256 for the internal hash ID calcs.
+ * WOLFSSL_ALLOW_ENCODING_CA_FALSE: Allow encoding BasicConstraints CA:FALSE
+ *  which is discouraged by X.690 specification - default values shall not
+ *  be encoded.
 */
 
 #include <wolfssl/wolfcrypt/error-crypt.h>
@@ -142,6 +147,10 @@ ASN Options:
     #include <wolfssl/wolfcrypt/ecc.h>
 #endif
 
+#ifdef WOLFSSL_SM2
+    #include <wolfssl/wolfcrypt/sm2.h>
+#endif
+
 #ifdef HAVE_ED25519
     #include <wolfssl/wolfcrypt/ed25519.h>
 #endif
@@ -172,7 +181,7 @@ ASN Options:
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #endif
 
@@ -186,8 +195,11 @@ ASN Options:
     #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#ifndef WOLFCRYPT_ONLY
     #include <wolfssl/internal.h>
+#endif
+
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
     #include <wolfssl/openssl/objects.h>
 #endif
 
@@ -304,15 +316,13 @@ static const char* TagString(byte tag)
 
 /* Calculates the minimum number of bytes required to encode the value.
  *
- * Only support up to 2^24-1.
- *
  * @param [in] value  Value to be encoded.
  * @return  Number of bytes to encode value.
  */
 static word32 BytePrecision(word32 value)
 {
     word32 i;
-    for (i = (word32)sizeof(value) - 1; i; --i)
+    for (i = (word32)sizeof(value); i; --i)
         if (value >> ((i - 1) * WOLFSSL_BIT_SIZE))
             break;
 
@@ -502,7 +512,7 @@ static word32 SizeASNLength(word32 length)
      * @param [in, out] err   Error variable.
      * @param [in]      heap  Dynamic memory allocation hint.
      */
-    #define ALLOC_ASNGETDATA(name, cnt, err, heap)
+    #define ALLOC_ASNGETDATA(name, cnt, err, heap) WC_DO_NOTHING
 
     /* Clears the memory of the dynamic BER encoding data.
      *
@@ -519,7 +529,7 @@ static word32 SizeASNLength(word32 length)
      * @param [in]      name  Variable name to declare.
      * @param [in]      heap  Dynamic memory allocation hint.
      */
-    #define FREE_ASNGETDATA(name, heap)
+    #define FREE_ASNGETDATA(name, heap) WC_DO_NOTHING
 
     /* Declare the variable that is the dynamic data for encoding DER data.
      *
@@ -536,7 +546,7 @@ static word32 SizeASNLength(word32 length)
      * @param [in, out] err   Error variable.
      * @param [in]      heap  Dynamic memory allocation hint.
      */
-    #define ALLOC_ASNSETDATA(name, cnt, err, heap)
+    #define ALLOC_ASNSETDATA(name, cnt, err, heap) WC_DO_NOTHING
 
     /* Clears the memory of the dynamic BER encoding data.
      *
@@ -553,7 +563,7 @@ static word32 SizeASNLength(word32 length)
      * @param [in]      name  Variable name to declare.
      * @param [in]      heap  Dynamic memory allocation hint.
      */
-    #define FREE_ASNSETDATA(name, heap)
+    #define FREE_ASNSETDATA(name, heap) WC_DO_NOTHING
 #endif
 
 
@@ -588,7 +598,7 @@ static word32 SizeASNLength(word32 length)
  * @param [in] data_a  Data to place in each item. Lengths set were not known.
  * @param [in] i       Index of item to check.
  * @return  1 when ASN.1 item is an integer and MSB is 1.
- * @erturn  0 otherwise.
+ * @return  0 otherwise.
  */
 #define ASNIntMSBSet(asn, data_a, i)                  \
     (((asn)[i].tag == ASN_INTEGER) &&                 \
@@ -632,13 +642,13 @@ static word32 SizeASN_Num(word32 n, int bits, byte tag)
  * @param [in]      idx    Index of item working on.
  */
 static void SizeASN_CalcDataLength(const ASNItem* asn, ASNSetData *data,
-                                   int idx, int max)
+                                   int idx, int maxIdx)
 {
     int j;
 
     data[idx].data.buffer.length = 0;
     /* Sum the item length of all items underneath. */
-    for (j = idx + 1; j < max; j++) {
+    for (j = idx + 1; j < maxIdx; j++) {
         /* Stop looking if the next ASN.1 is same level or higher. */
         if (asn[j].depth <= asn[idx].depth)
             break;
@@ -1771,7 +1781,7 @@ static int GetASN_ItemsDebug(const char* name, const ASNItem* asn,
  * @param [in, out]  inOutIdx  On in, index to start decoding from.
  *                             On out, index of next encoded byte.
  * @param [out]      len       Length of data under SEQUENCE.
- * @param [in]       maxIdx    Maximim index of data. Index of byte after SEQ.
+ * @param [in]       maxIdx    Maximum index of data. Index of byte after SEQ.
  * @param [in]       complete  All data used with SEQUENCE and data under.
  * @return  0 on success.
  * @return  BUFFER_E when not enough data to complete decode.
@@ -2541,7 +2551,6 @@ int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
     return GetASNHeader(input, ASN_OCTET_STRING, inOutIdx, len, maxIdx);
 }
 
-#ifndef WOLFSSL_ASN_TEMPLATE
 /* Get the DER/BER encoding of an ASN.1 INTEGER header.
  *
  * Removes the leading zero byte when found.
@@ -2555,7 +2564,7 @@ int GetOctetString(const byte* input, word32* inOutIdx, int* len, word32 maxIdx)
  *         or invalid use of or missing leading zero.
  *         Otherwise, 0 to indicate success.
  */
-static int GetASNInt(const byte* input, word32* inOutIdx, int* len,
+int GetASNInt(const byte* input, word32* inOutIdx, int* len,
                      word32 maxIdx)
 {
     int    ret;
@@ -2591,6 +2600,7 @@ static int GetASNInt(const byte* input, word32* inOutIdx, int* len,
     return 0;
 }
 
+#ifndef WOLFSSL_ASN_TEMPLATE
 #ifndef NO_CERTS
 /* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than
  * 7 bits.
@@ -2621,6 +2631,7 @@ static int GetInteger7Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
     *inOutIdx = idx;
     return b;
 }
+#endif /* !NO_CERTS */
 
 #if defined(WC_RSA_PSS) && !defined(NO_RSA)
 /* Get the DER/BER encoding of an ASN.1 INTEGER that has a value of no more than
@@ -2668,7 +2679,6 @@ static int GetInteger16Bit(const byte* input, word32* inOutIdx, word32 maxIdx)
     return n;
 }
 #endif /* WC_RSA_PSS && !NO_RSA */
-#endif /* !NO_CERTS */
 #endif /* !WOLFSSL_ASN_TEMPLATE */
 
 #if !defined(NO_DSA) && !defined(NO_SHA)
@@ -2893,7 +2903,7 @@ int SetASNInt(int len, byte firstByte, byte* output)
     }
     /* Encode length - passing NULL for output will not encode. */
     idx += (int)SetLength((word32)len, output ? output + idx : NULL);
-    /* Put out pre-pended 0 as well. */
+    /* Put out prepended 0 as well. */
     if (firstByte & 0x80) {
         if (output) {
             /* Write out 0 byte. */
@@ -3127,51 +3137,40 @@ int GetShortInt(const byte* input, word32* inOutIdx, int* number, word32 maxIdx)
      defined(HAVE_PKCS12)
 /* Set small integer, 32 bits or less. DER encoding with no leading 0s
  * returns total amount written including ASN tag and length byte on success */
-int SetShortInt(byte* input, word32* inOutIdx, word32 number, word32 maxIdx)
+int SetShortInt(byte* output, word32* inOutIdx, word32 number, word32 maxIdx)
 {
     word32 idx = *inOutIdx;
-    int    len = 0;
+    word32 len;
     int    i;
-    byte ar[MAX_LENGTH_SZ];
 
-    /* check for room for type and length bytes */
-    if ((idx + 2) > maxIdx)
+    if (number == 0)
+        len = 1;
+    else
+        len = BytePrecision(number);
+
+    /* check for room for type and length bytes. */
+    if ((idx + 2 + len) > maxIdx)
         return BUFFER_E;
 
-    input[idx++] = ASN_INTEGER;
-    idx++; /* place holder for length byte */
-    if (MAX_LENGTH_SZ + idx > maxIdx)
+    /* check that MAX_SHORT_SZ allows this size of ShortInt. */
+    if (2 + len > MAX_SHORT_SZ)
         return ASN_PARSE_E;
 
-    /* find first non zero byte */
-    XMEMSET(ar, 0, MAX_LENGTH_SZ);
-    c32toa(number, ar);
-    for (i = 0; i < MAX_LENGTH_SZ; i++) {
-        if (ar[i] != 0) {
-            break;
-        }
-    }
+    output[idx++] = ASN_INTEGER;
+    output[idx++] = (byte)len;
 
-    /* handle case of 0 */
-    if (i == MAX_LENGTH_SZ) {
-        input[idx++] = 0; len++;
-    }
+    for (i = (int)len - 1; i >= 0; --i)
+        output[idx++] = (byte)(number >> (i * WOLFSSL_BIT_SIZE));
 
-    for (; i < MAX_LENGTH_SZ && idx < maxIdx; i++) {
-        input[idx++] = ar[i]; len++;
-    }
-
-    /* jump back to beginning of input buffer using unaltered inOutIdx value
-     * and set number of bytes for integer, then update the index value */
-    input[*inOutIdx + 1] = (byte)len;
+    len = idx - *inOutIdx;
     *inOutIdx = idx;
 
-    return len + 2; /* size of integer bytes plus ASN TAG and length byte */
+    return (int)len;
 }
 #endif /* !WOLFSSL_ASN_TEMPLATE || HAVE_PKCS8 || HAVE_PKCS12 */
 #endif /* !NO_PWDBASED */
 
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(WOLFSSL_ASN_TEMPLATE) && !defined(NO_CERTS)
 /* May not have one, not an error */
 static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version,
                               word32 maxIdx)
@@ -3276,8 +3275,21 @@ static int GetIntPositive(mp_int* mpi, const byte* input, word32* inOutIdx,
     if (ret != 0)
         return ret;
 
-    if (((input[idx] & 0x80) == 0x80) && (input[idx - 1] != 0x00))
+    /* should not be hit but adding in an additional sanity check */
+    if (idx + length > maxIdx) {
         return MP_INIT_E;
+    }
+
+    if ((input[idx] & 0x80) == 0x80) {
+        if (idx < 1) {
+            /* needs at least one byte for length value */
+            return MP_INIT_E;
+        }
+
+        if (input[idx - 1] != 0x00) {
+            return MP_INIT_E;
+        }
+    }
 
     if (initNum) {
         if (mp_init(mpi) != MP_OKAY)
@@ -4028,6 +4040,10 @@ static word32 SetBitString16Bit(word16 val, byte* output)
     static const byte sigSha3_512wEcdsaOid[] = {96, 134, 72, 1, 101, 3, 4, 3, 12};
     #endif
     #endif
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    /* 0x2A, 0x81, 0x1C, 0xCF, 0x55, 0x01, 0x83, 0x75 */
+    static const byte sigSm3wSm2Oid[] = {42, 129, 28, 207, 85, 1, 131, 117};
+    #endif
 #endif /* HAVE_ECC */
 #ifdef HAVE_ED25519
     static const byte sigEd25519Oid[] = {43, 101, 112};
@@ -4362,6 +4378,9 @@ static const byte pbeSha1RC4128[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 1};
 #if !defined(NO_DES3) && !defined(NO_SHA)
 static const byte pbeSha1Des3[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 3};
 #endif
+#if defined(WC_RC2) && !defined(NO_SHA)
+static const byte pbe40Rc2Cbc[] = {42, 134, 72, 134, 247, 13, 1, 12, 1, 6};
+#endif
 
 #ifdef HAVE_LIBZ
 /* zlib compression */
@@ -4643,6 +4662,12 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
                     break;
                 #endif
                 #endif
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                case CTC_SM3wSM2:
+                    oid = sigSm3wSm2Oid;
+                    *oidSz = sizeof(sigSm3wSm2Oid);
+                    break;
+                #endif
                 #endif /* HAVE_ECC */
                 #ifdef HAVE_ED25519
                 case CTC_ED25519:
@@ -5169,6 +5194,13 @@ const byte* OidFromId(word32 id, word32 type, word32* oidSz)
                     *oidSz = sizeof(pbeSha1Des3);
                     break;
         #endif
+        #if !defined(NO_SHA) && defined(WC_RC2)
+                case PBE_SHA1_40RC2_CBC_SUM:
+                case PBE_SHA1_40RC2_CBC:
+                    oid = pbe40Rc2Cbc;
+                    *oidSz = sizeof(pbe40Rc2Cbc);
+                    break;
+        #endif
                 case PBES2_SUM:
                 case PBES2:
                     oid = pbes2;
@@ -5438,13 +5470,18 @@ static int CheckCurve(word32 oid)
  * @return  BAD_FUNC_ARG when in or outSz is NULL.
  * @return  BUFFER_E when buffer too small.
  */
+int wc_EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
+{
+    return EncodeObjectId(in, inSz, out, outSz);
+}
+
 int EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
 {
     int i, x, len;
     word32 d, t;
 
     /* check args */
-    if (in == NULL || outSz == NULL) {
+    if (in == NULL || outSz == NULL || inSz <= 0) {
         return BAD_FUNC_ARG;
     }
 
@@ -5513,7 +5550,8 @@ int EncodeObjectId(const word16* in, word32 inSz, byte* out, word32* outSz)
 }
 #endif /* HAVE_OID_ENCODING */
 
-#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT)
+#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT) || \
+    defined(OPENSSL_ALL)
 /* Encode dotted form of OID into byte array version.
  *
  * @param [in]      in     Byte array containing OID.
@@ -5560,7 +5598,7 @@ int DecodeObjectId(const byte* in, word32 inSz, word16* out, word32* outSz)
 
     return 0;
 }
-#endif /* HAVE_OID_DECODING */
+#endif /* HAVE_OID_DECODING || WOLFSSL_ASN_PRINT || OPENSSL_ALL */
 
 /* Decode the header of a BER/DER encoded OBJECT ID.
  *
@@ -5700,7 +5738,7 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
     actualOidSz = (word32)length;
 #endif /* NO_VERIFY_OID */
 
-#if defined(HAVE_PQC) && defined(HAVE_LIBOQS)
+#if defined(HAVE_PQC) && defined(HAVE_LIBOQS) && defined(HAVE_SPHINCS)
     /* Since we are summing it up, there could be collisions...and indeed there
      * are: SPHINCS_FAST_LEVEL1 and SPHINCS_FAST_LEVEL3.
      *
@@ -5709,7 +5747,8 @@ static int GetOID(const byte* input, word32* inOutIdx, word32* oid,
      *
      * These hacks will hopefully disappear when new standardized OIDs appear.
      */
-    if (memcmp(&input[idx], sigSphincsFast_Level3Oid,
+    if (idx + (word32)sizeof(sigSphincsFast_Level3Oid) < (word32)length &&
+            XMEMCMP(&input[idx], sigSphincsFast_Level3Oid,
                sizeof(sigSphincsFast_Level3Oid)) == 0) {
         found_collision = SPHINCS_FAST_LEVEL3k;
     }
@@ -6032,6 +6071,7 @@ static int RsaPssHashOidToMgf1(word32 oid, int* mgf)
     return ret;
 }
 
+#ifndef NO_CERTS
 /* Convert a hash OID to a fake signature OID.
  *
  * @param  [in]   oid     Hash OID.
@@ -6079,6 +6119,7 @@ static int RsaPssHashOidToSigOid(word32 oid, word32* sigOid)
 
     return ret;
 }
+#endif
 
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* ASN tag for hashAlgorigthm. */
@@ -6934,7 +6975,7 @@ int ToTraditional(byte* input, word32 sz)
 
 #endif /* HAVE_PKCS8 || HAVE_PKCS12 */
 
-#if defined(HAVE_PKCS8) && !defined(NO_CERTS)
+#if defined(HAVE_PKCS8)
 
 int wc_GetPkcs8TraditionalOffset(byte* input, word32* inOutIdx, word32 sz)
 {
@@ -7067,10 +7108,11 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
         SetASN_Int8Bit(&dataASN[PKCS8KEYASN_IDX_VER], PKCS8v0);
         /* Set key OID that corresponds to key data. */
         SetASN_OID(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_KEY], (word32)algoID,
-                   oidKeyType);
+            oidKeyType);
         if (curveOID != NULL && oidSz > 0) {
             /* ECC key and curveOID set to write. */
-            SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE], curveOID, oidSz);
+            SetASN_Buffer(&dataASN[PKCS8KEYASN_IDX_PKEY_ALGO_OID_CURVE],
+                curveOID, oidSz);
         }
         else {
             /* EC curve OID to encode. */
@@ -7107,7 +7149,7 @@ int wc_CreatePKCS8Key(byte* out, word32* outSz, byte* key, word32 keySz,
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
 
-#endif /* HAVE_PKCS8 && !NO_CERTS */
+#endif /* HAVE_PKCS8 */
 
 #if defined(HAVE_PKCS12) || !defined(NO_CHECK_PRIVATE_KEY)
 /* check that the private key is a pair for the public key
@@ -8159,6 +8201,14 @@ static int GetAlgoV2(int encAlgId, const byte** oid, int *len, int* id,
         *blkSz = 8;
         break;
 #endif
+#if defined(WOLFSSL_AES_128) && defined(HAVE_AES_CBC)
+    case AES128CBCb:
+        *len = sizeof(blkAes128CbcOid);
+        *oid = blkAes128CbcOid;
+        *id = PBE_AES128_CBC;
+        *blkSz = 16;
+        break;
+#endif
 #if defined(WOLFSSL_AES_256) && defined(HAVE_AES_CBC)
     case AES256CBCb:
         *len = sizeof(blkAes256CbcOid);
@@ -8228,7 +8278,7 @@ int wc_EncryptPKCS8Key(byte* key, word32 keySz, byte* out, word32* outSz,
         padSz = (word32)((blockSz - ((int)keySz & (blockSz - 1))) &
             (blockSz - 1));
         /* inner = OCT salt INT itt */
-        innerLen = 2 + saltSz + 2 + (itt < 256 ? 1 : 2);
+        innerLen = 2 + saltSz + 2 + ((itt < 256) ? 1 : ((itt < 65536) ? 2 : 3));
 
         if (version != PKCS5v2) {
             pbeOidBuf = OidFromId((word32)pbeId, oidPBEType, &pbeOidBufSz);
@@ -9078,7 +9128,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
     DECL_ASNSETDATA(dataASN, p8EncPbes1ASN_Length);
     int ret = 0;
     int sz = 0;
-    int version;
+    int version = 0;
     int id = -1;
     int blockSz = 0;
     word32 pkcs8Sz = 0;
@@ -9181,7 +9231,7 @@ int EncryptContent(byte* input, word32 inputSz, byte* out, word32* outSz,
 #ifndef NO_RSA
 
 #ifndef HAVE_USER_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
 /* This function is to retrieve key position information in a cert.*
  * The information will be used to call TSIP TLS-linked API for    *
  * certificate verification.                                       */
@@ -9870,7 +9920,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
 
     /* determine size */
     if (exportPriv) {
-        /* octect string: priv */
+        /* octet string: priv */
         privSz = SetASNIntMP(&key->priv, -1, NULL);
         if (privSz < 0)
             return privSz;
@@ -9938,7 +9988,7 @@ int wc_DhKeyToDer(DhKey* key, byte* output, word32* outSz, int exportPriv)
         return ret;
     idx += total;
 
-    /* octect string: priv */
+    /* octet string: priv */
     if (exportPriv) {
         idx += (word32)SetOctetString((word32)privSz, output + idx);
         idx += (word32)SetASNIntMP(&key->priv, -1, output + idx);
@@ -11072,6 +11122,7 @@ int wc_DsaKeyToParamsDer_ex(DsaKey* key, byte* output, word32* inLen)
 
 #endif /* NO_DSA */
 
+#ifndef NO_CERTS
 /* Initialize decoded certificate object with buffer of DER encoding.
  *
  * @param [in, out] cert    Decoded certificate object.
@@ -11130,9 +11181,7 @@ void InitDecodedCert_ex(DecodedCert* cert,
     #endif /* WOLFSSL_HAVE_ISSUER_NAMES */
     #endif /* WOLFSSL_CERT_GEN || WOLFSSL_CERT_EXT */
 
-    #ifndef NO_CERTS
         InitSignatureCtx(&cert->sigCtx, heap, devId);
-    #endif
     }
 }
 
@@ -11160,6 +11209,9 @@ void FreeAltNames(DNS_entry* altNames, void* heap)
     #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
         XFREE(altNames->ipString, heap, DYNAMIC_TYPE_ALTNAME);
     #endif
+    #if defined(OPENSSL_ALL)
+        XFREE(altNames->ridString, heap, DYNAMIC_TYPE_ALTNAME);
+    #endif
         XFREE(altNames,       heap, DYNAMIC_TYPE_ALTNAME);
         altNames = tmp;
     }
@@ -11239,13 +11291,11 @@ void FreeDecodedCert(DecodedCert* cert)
     if (cert->subjectName != NULL)
         wolfSSL_X509_NAME_free((WOLFSSL_X509_NAME*)cert->subjectName);
 #endif /* WOLFSSL_X509_NAME_AVAILABLE */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (cert->sce_tsip_encRsaKeyIdx != NULL)
         XFREE(cert->sce_tsip_encRsaKeyIdx, cert->heap, DYNAMIC_TYPE_RSA);
 #endif
-#ifndef NO_CERTS
     FreeSignatureCtx(&cert->sigCtx);
-#endif
 }
 
 void wc_FreeDecodedCert(DecodedCert* cert)
@@ -11286,7 +11336,7 @@ static int GetCertHeader(DecodedCert* cert)
 
 #if defined(HAVE_ED25519) || defined(HAVE_ED448) || (defined(HAVE_PQC) && \
     defined(HAVE_LIBOQS))
-/* Store the key data under the BIT_STRING in dynamicly allocated data.
+/* Store the key data under the BIT_STRING in dynamically allocated data.
  *
  * @param [in, out] cert    Certificate object.
  * @param [in]      source  Buffer containing encoded key.
@@ -11304,8 +11354,8 @@ static int StoreKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL);
     if (ret == 0) {
     #ifdef HAVE_OCSP
-        ret = CalcHashId(source + *srcIdx, (word32)length,
-                         cert->subjectKeyHash);
+        ret = CalcHashId_ex(source + *srcIdx, (word32)length,
+            cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
     }
     if (ret == 0) {
     #endif
@@ -11327,8 +11377,530 @@ static int StoreKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     return ret;
 }
 #endif /* HAVE_ED25519 || HAVE_ED448 */
+#endif
+
+#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
+
+static int SetCurve(ecc_key* key, byte* output, size_t outSz)
+{
+#ifdef HAVE_OID_ENCODING
+    int ret;
+#endif
+    int idx;
+    word32 oidSz = 0;
+
+    /* validate key */
+    if (key == NULL || key->dp == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef HAVE_OID_ENCODING
+    ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, NULL, &oidSz);
+    if (ret != 0) {
+        return ret;
+    }
+#else
+    oidSz = key->dp->oidSz;
+#endif
+
+    idx = SetObjectId((int)oidSz, output);
+
+    /* length only */
+    if (output == NULL) {
+        return idx + (int)oidSz;
+    }
+
+    /* verify output buffer has room */
+    if (oidSz > outSz)
+        return BUFFER_E;
+
+#ifdef HAVE_OID_ENCODING
+    ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, output+idx, &oidSz);
+    if (ret != 0) {
+        return ret;
+    }
+#else
+    XMEMCPY(output+idx, key->dp->oid, oidSz);
+#endif
+    idx += (int)oidSz;
+
+    return idx;
+}
+
+#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
+
+#ifdef HAVE_ECC
+#ifdef WOLFSSL_ASN_TEMPLATE
+/* ASN.1 template for ECC public key (SubjectPublicKeyInfo).
+ * RFC 5480, 2 - Subject Public Key Information Fields
+ *           2.1.1 - Unrestricted Algorithm Identifier and Parameters
+ * X9.62 ECC point format.
+ * See ASN.1 template 'eccSpecifiedASN' for specifiedCurve.
+ */
+static const ASNItem eccPublicKeyASN[] = {
+/* SEQ            */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+                                             /* AlgorithmIdentifier */
+/* ALGOID_SEQ     */     { 1, ASN_SEQUENCE, 1, 1, 0 },
+                                                 /* algorithm */
+/* ALGOID_OID     */         { 2, ASN_OBJECT_ID, 0, 0, 0 },
+                                                 /* namedCurve */
+/* ALGOID_CURVEID */         { 2, ASN_OBJECT_ID, 0, 0, 2 },
+                                                 /* specifiedCurve - explicit parameters */
+/* ALGOID_PARAMS  */         { 2, ASN_SEQUENCE, 1, 0, 2 },
+                                             /* Public Key */
+/* PUBKEY         */     { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+enum {
+    ECCPUBLICKEYASN_IDX_SEQ = 0,
+    ECCPUBLICKEYASN_IDX_ALGOID_SEQ,
+    ECCPUBLICKEYASN_IDX_ALGOID_OID,
+    ECCPUBLICKEYASN_IDX_ALGOID_CURVEID,
+    ECCPUBLICKEYASN_IDX_ALGOID_PARAMS,
+    ECCPUBLICKEYASN_IDX_PUBKEY
+};
+
+/* Number of items in ASN.1 template for ECC public key. */
+#define eccPublicKeyASN_Length (sizeof(eccPublicKeyASN) / sizeof(ASNItem))
+#endif /* WOLFSSL_ASN_TEMPLATE */
+#endif /* HAVE_ECC */
+
+#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
+
+/* Encode public ECC key in DER format.
+ *
+ * RFC 5480, 2 - Subject Public Key Information Fields
+ *           2.1.1 - Unrestricted Algorithm Identifier and Parameters
+ * X9.62 ECC point format.
+ * SEC 1 Ver. 2.0, C.2 - Syntax for Elliptic Curve Domain Parameters
+ *
+ * @param [out] output       Buffer to put encoded data in.
+ * @param [in]  key          ECC key object.
+ * @param [in]  outLen       Size of buffer in bytes.
+ * @param [in]  with_header  Whether to use SubjectPublicKeyInfo format.
+ * @return  Size of encoded data in bytes on success.
+ * @return  BAD_FUNC_ARG when key or key's parameters is NULL.
+ * @return  MEMORY_E when dynamic memory allocation failed.
+ */
+static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
+                           int with_header, int comp)
+{
+#ifndef WOLFSSL_ASN_TEMPLATE
+    int ret;
+    word32 idx = 0, curveSz, algoSz, pubSz, bitStringSz;
+    byte bitString[1 + MAX_LENGTH_SZ + 1]; /* 6 */
+    byte algo[MAX_ALGO_SZ];  /* 20 */
+
+    /* public size */
+    pubSz = key->dp ? (word32)key->dp->size : MAX_ECC_BYTES;
+    if (comp)
+        pubSz = 1 + pubSz;
+    else
+        pubSz = 1 + 2 * pubSz;
+
+    /* check for buffer overflow */
+    if (output != NULL && pubSz > (word32)outLen) {
+        return BUFFER_E;
+    }
+
+    /* headers */
+    if (with_header) {
+        ret = SetCurve(key, NULL, 0);
+        if (ret <= 0) {
+            return ret;
+        }
+        curveSz = (word32)ret;
+        ret = 0;
+
+        /* calculate size */
+        algoSz  = SetAlgoID(ECDSAk, algo, oidKeyType, (int)curveSz);
+        bitStringSz = SetBitString(pubSz, 0, bitString);
+        idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, NULL);
+
+        /* check for buffer overflow */
+        if (output != NULL &&
+                curveSz + algoSz + bitStringSz + idx + pubSz > (word32)outLen) {
+            return BUFFER_E;
+        }
+
+        idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz,
+            output);
+        /* algo */
+        if (output)
+            XMEMCPY(output + idx, algo, algoSz);
+        idx += algoSz;
+        /* curve */
+        if (output)
+            (void)SetCurve(key, output + idx, curveSz);
+        idx += curveSz;
+        /* bit string */
+        if (output)
+            XMEMCPY(output + idx, bitString, bitStringSz);
+        idx += bitStringSz;
+    }
+
+    /* pub */
+    if (output) {
+        PRIVATE_KEY_UNLOCK();
+        ret = wc_ecc_export_x963_ex(key, output + idx, &pubSz, comp);
+        PRIVATE_KEY_LOCK();
+        if (ret != 0) {
+            return ret;
+        }
+    }
+    idx += pubSz;
+
+    return (int)idx;
+#else
+    word32 pubSz = 0;
+    int sz = 0;
+    int ret = 0;
+    int curveIdSz = 0;
+    byte* curveOid = NULL;
+
+    /* Check key validity. */
+    if ((key == NULL) || (key->dp == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == 0) {
+        /* Calculate the size of the encoded public point. */
+        PRIVATE_KEY_UNLOCK();
+    #if defined(HAVE_COMP_KEY) && defined(HAVE_FIPS) && \
+            defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
+        /* in earlier versions of FIPS the get length functionality is not
+         * available with compressed keys */
+        pubSz = key->dp ? key->dp->size : MAX_ECC_BYTES;
+        if (comp)
+            pubSz = 1 + pubSz;
+        else
+            pubSz = 1 + 2 * pubSz;
+        ret = LENGTH_ONLY_E;
+    #else
+        ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
+    #endif
+        PRIVATE_KEY_LOCK();
+        /* LENGTH_ONLY_E on success. */
+        if (ret == LENGTH_ONLY_E) {
+            ret = 0;
+        }
+    }
+    if ((ret == 0) && with_header) {
+        /* Including SubjectPublicKeyInfo header. */
+        DECL_ASNSETDATA(dataASN, eccPublicKeyASN_Length);
+
+        CALLOC_ASNSETDATA(dataASN, eccPublicKeyASN_Length, ret, key->heap);
+
+        /* Get the length of the named curve OID to put into the encoding. */
+        curveIdSz = SetCurve(key, NULL, 0);
+        if (curveIdSz < 0) {
+            ret = curveIdSz;
+        }
+
+        if (ret == 0) {
+            /* Set the key type OID. */
+            SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
+                    oidKeyType);
+            /* Set the curve OID. */
+            SetASN_ReplaceBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
+                NULL, (word32)curveIdSz);
+            /* Don't try to write out explicit parameters. */
+            dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
+            /* Set size of public point to ensure space is made for it. */
+            SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
+            /* Calculate size of ECC public key. */
+            ret = SizeASN_Items(eccPublicKeyASN, dataASN,
+                                eccPublicKeyASN_Length, &sz);
+        }
+
+        /* Check buffer, if passed in, is big enough for encoded data. */
+        if ((ret == 0) && (output != NULL) && (sz > outLen)) {
+            ret = BUFFER_E;
+        }
+        if ((ret == 0) && (output != NULL)) {
+            /* Encode ECC public key. */
+            SetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length,
+                         output);
+            /* Skip to where public point is to be encoded. */
+            output += sz - (int)pubSz;
+            /* Cache the location to place the name curve OID. */
+            curveOid = (byte*)
+                dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID].data.buffer.data;
+        }
+
+        FREE_ASNSETDATA(dataASN, key->heap);
+    }
+    else if ((ret == 0) && (output != NULL) && (pubSz > (word32)outLen)) {
+        ret = BUFFER_E;
+    }
+    else {
+        /* Total size is the public point size. */
+        sz = (int)pubSz;
+    }
+
+    if ((ret == 0) && (output != NULL)) {
+        /* Put named curve OID data into encoding. */
+        curveIdSz = SetCurve(key, curveOid, (size_t)curveIdSz);
+        if (curveIdSz < 0) {
+            ret = curveIdSz;
+        }
+    }
+    if ((ret == 0) && (output != NULL)) {
+        /* Encode public point. */
+        PRIVATE_KEY_UNLOCK();
+        ret = wc_ecc_export_x963_ex(key, output, &pubSz, comp);
+        PRIVATE_KEY_LOCK();
+    }
+    if (ret == 0) {
+        /* Return the size of the encoding. */
+        ret = sz;
+    }
+
+    return ret;
+#endif
+}
+
+
+/* Encode the public part of an ECC key in a DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in]  key            ECC key object.
+ * @param [out] output         Buffer to hold DER encoding.
+ * @param [in]  inLen          Size of buffer in bytes.
+ * @param [in]  with_AlgCurve  Whether to use SubjectPublicKeyInfo format.
+ * @return  Size of encoded data in bytes on success.
+ * @return  BAD_FUNC_ARG when key or key's parameters is NULL.
+ * @return  MEMORY_E when dynamic memory allocation failed.
+ */
+WOLFSSL_ABI
+int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
+                                                              int with_AlgCurve)
+{
+    return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, 0);
+}
+
+int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output, word32 inLen,
+                                                    int with_AlgCurve, int comp)
+{
+    return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, comp);
+}
+
+int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
+{
+    return SetEccPublicKey(NULL, key, 0, with_AlgCurve, 0);
+}
+
+#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
+
+#ifdef WOLFSSL_ASN_TEMPLATE
+#if defined(WC_ENABLE_ASYM_KEY_EXPORT) || defined(WC_ENABLE_ASYM_KEY_IMPORT)
+/* ASN.1 template for Ed25519 and Ed448 public key (SubkectPublicKeyInfo).
+ * RFC 8410, 4 - Subject Public Key Fields
+ */
+static const ASNItem edPubKeyASN[] = {
+            /* SubjectPublicKeyInfo */
+/* SEQ        */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+                                     /* AlgorithmIdentifier */
+/* ALGOID_SEQ */     { 1, ASN_SEQUENCE, 1, 1, 0 },
+                                         /* Ed25519/Ed448 OID */
+/* ALGOID_OID */         { 2, ASN_OBJECT_ID, 0, 0, 1 },
+                                     /* Public key stream */
+/* PUBKEY     */     { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+enum {
+    EDPUBKEYASN_IDX_SEQ = 0,
+    EDPUBKEYASN_IDX_ALGOID_SEQ,
+    EDPUBKEYASN_IDX_ALGOID_OID,
+    EDPUBKEYASN_IDX_PUBKEY
+};
+
+/* Number of items in ASN.1 template for Ed25519 and Ed448 public key. */
+#define edPubKeyASN_Length (sizeof(edPubKeyASN) / sizeof(ASNItem))
+#endif /* WC_ENABLE_ASYM_KEY_EXPORT || WC_ENABLE_ASYM_KEY_IMPORT */
+#endif /* WOLFSSL_ASN_TEMPLATE */
+
+#ifdef WC_ENABLE_ASYM_KEY_EXPORT
+
+/* Build ASN.1 formatted public key based on RFC 8410
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in]  pubKey       public key buffer
+ * @param [in]  pubKeyLen    public key buffer length
+ * @param [out] output       Buffer to put encoded data in (optional)
+ * @param [in]  outLen       Size of buffer in bytes
+ * @param [in]  keyType      is "enum Key_Sum" like ED25519k
+ * @param [in]  withHeader   Whether to include SubjectPublicKeyInfo around key.
+ * @return  Size of encoded data in bytes on success
+ * @return  BAD_FUNC_ARG when key is NULL.
+ * @return  MEMORY_E when dynamic memory allocation failed.
+ */
+int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
+    byte* output, word32 outLen, int keyType, int withHeader)
+{
+    int ret = 0;
+#ifndef WOLFSSL_ASN_TEMPLATE
+    word32 idx = 0;
+    word32 seqDataSz = 0;
+    word32 sz;
+#else
+    int sz = 0;
+    DECL_ASNSETDATA(dataASN, edPubKeyASN_Length);
+#endif
+
+    if (pubKey == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifndef WOLFSSL_ASN_TEMPLATE
+    /* calculate size */
+    if (withHeader) {
+        word32 algoSz      = SetAlgoID(keyType, NULL, oidKeyType, 0);
+        word32 bitStringSz = SetBitString(pubKeyLen, 0, NULL);
+
+        seqDataSz = algoSz + bitStringSz + pubKeyLen;
+        sz = SetSequence(seqDataSz, NULL) + seqDataSz;
+    }
+    else {
+        sz = pubKeyLen;
+    }
+
+    /* checkout output size */
+    if (output != NULL && sz > outLen) {
+        ret = BUFFER_E;
+    }
+
+    /* headers */
+    if (ret == 0 && output != NULL && withHeader) {
+        /* sequence */
+        idx = SetSequence(seqDataSz, output);
+        /* algo */
+        idx += SetAlgoID(keyType, output + idx, oidKeyType, 0);
+        /* bit string */
+        idx += SetBitString(pubKeyLen, 0, output + idx);
+    }
+
+    if (ret == 0 && output != NULL) {
+        /* pub */
+        XMEMCPY(output + idx, pubKey, pubKeyLen);
+        idx += pubKeyLen;
 
-#if !defined(NO_RSA)
+        sz = idx;
+    }
+
+    if (ret == 0) {
+        ret = (int)sz;
+    }
+#else
+    if (withHeader) {
+        CALLOC_ASNSETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
+
+        if (ret == 0) {
+            /* Set the OID. */
+            SetASN_OID(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], (word32)keyType,
+                    oidKeyType);
+            /* Leave space for public point. */
+            SetASN_Buffer(&dataASN[EDPUBKEYASN_IDX_PUBKEY], NULL, pubKeyLen);
+            /* Calculate size of public key encoding. */
+            ret = SizeASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, &sz);
+        }
+        if ((ret == 0) && (output != NULL) && (sz > (int)outLen)) {
+            ret = BUFFER_E;
+        }
+        if ((ret == 0) && (output != NULL)) {
+            /* Encode public key. */
+            SetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, output);
+            /* Set location to encode public point. */
+            output = (byte*)dataASN[EDPUBKEYASN_IDX_PUBKEY].data.buffer.data;
+        }
+
+        FREE_ASNSETDATA(dataASN, NULL);
+    }
+    else if ((output != NULL) && (pubKeyLen > outLen)) {
+        ret = BUFFER_E;
+    }
+    else if (ret == 0) {
+        sz = (int)pubKeyLen;
+    }
+
+    if ((ret == 0) && (output != NULL)) {
+        /* Put public key into space provided. */
+        XMEMCPY(output, pubKey, pubKeyLen);
+    }
+    if (ret == 0) {
+        ret = sz;
+    }
+#endif /* WOLFSSL_ASN_TEMPLATE */
+    return ret;
+}
+#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
+
+#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
+/* Encode the public part of an Ed25519 key in DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in]  key       Ed25519 key object.
+ * @param [out] output    Buffer to put encoded data in.
+ * @param [in]  outLen    Size of buffer in bytes.
+ * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
+ * @return  Size of encoded data in bytes on success.
+ * @return  BAD_FUNC_ARG when key is NULL.
+ * @return  MEMORY_E when dynamic memory allocation failed.
+ */
+int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
+                             int withAlg)
+{
+    int    ret;
+    byte   pubKey[ED25519_PUB_KEY_SIZE];
+    word32 pubKeyLen = (word32)sizeof(pubKey);
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_ed25519_export_public(key, pubKey, &pubKeyLen);
+    if (ret == 0) {
+        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
+            ED25519k, withAlg);
+    }
+    return ret;
+}
+#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT */
+
+#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
+/* Encode the public part of an Ed448 key in DER.
+ *
+ * Pass NULL for output to get the size of the encoding.
+ *
+ * @param [in]  key       Ed448 key object.
+ * @param [out] output    Buffer to put encoded data in.
+ * @param [in]  outLen    Size of buffer in bytes.
+ * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
+ * @return  Size of encoded data in bytes on success.
+ * @return  BAD_FUNC_ARG when key is NULL.
+ * @return  MEMORY_E when dynamic memory allocation failed.
+ */
+int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
+                           int withAlg)
+{
+    int    ret;
+    byte   pubKey[ED448_PUB_KEY_SIZE];
+    word32 pubKeyLen = (word32)sizeof(pubKey);
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_ed448_export_public(key, pubKey, &pubKeyLen);
+    if (ret == 0) {
+        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
+            ED448k, withAlg);
+    }
+    return ret;
+}
+#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
+#if !defined(NO_RSA) && !defined(NO_CERTS)
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* ASN.1 template for header before RSA key in certificate. */
 static const ASNItem rsaCertKeyASN[] = {
@@ -11374,7 +11946,7 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     if (GetSequence(source, srcIdx, &length, pubIdx + (word32)pubLen) < 0)
         return ASN_PARSE_E;
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     cert->sigCtx.CertAtt.pubkey_n_start =
             cert->sigCtx.CertAtt.pubkey_e_start = pubIdx;
 #endif
@@ -11386,7 +11958,8 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     *srcIdx += (word32)length;
 
 #ifdef HAVE_OCSP
-    return CalcHashId(cert->publicKey, cert->pubKeySize, cert->subjectKeyHash);
+    return CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+        cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
 #else
     return 0;
 #endif
@@ -11409,24 +11982,24 @@ static int StoreRsaKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     cert->publicKeyIndex = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
 #endif
 
-    #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+    #if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
         /* Start of SEQUENCE. */
         cert->sigCtx.CertAtt.pubkey_n_start =
             cert->sigCtx.CertAtt.pubkey_e_start = dataASN[RSACERTKEYASN_IDX_SEQ].offset;
     #endif
     #ifdef HAVE_OCSP
         /* Calculate the hash of the public key for OCSP. */
-        ret = CalcHashId(cert->publicKey, cert->pubKeySize,
-                         cert->subjectKeyHash);
+        ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+                         cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
     #endif
     }
 
     return ret;
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
-#endif /* !NO_RSA */
+#endif /* !NO_RSA && !NO_CERTS */
 
-#ifdef HAVE_ECC
+#if defined(HAVE_ECC) && !defined(NO_CERTS)
 
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* ASN.1 template for header before ECC key in certificate. */
@@ -11445,6 +12018,11 @@ enum {
 
 /* Number of items in ASN.1 template for header before ECC key in cert. */
 #define eccCertKeyASN_Length (sizeof(eccCertKeyASN) / sizeof(ASNItem))
+
+#ifdef WOLFSSL_CUSTOM_CURVES
+static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
+                                      ecc_key* key, void* heap, int* curveSz);
+#endif /* WOLFSSL_CUSTOM_CURVES */
 #endif /* WOLFSSL_ASN_TEMPLATE */
 
 /* Store public ECC key in certificate object.
@@ -11495,7 +12073,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
         if ((ret = CheckCurve(cert->pkCurveOID)) < 0)
             return ECC_CURVE_OID_E;
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
         cert->sigCtx.CertAtt.curve_id = ret;
     #else
         (void)ret;
@@ -11504,7 +12082,7 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
         ret = CheckBitString(source, srcIdx, &length, maxIdx, 1, NULL);
         if (ret != 0)
             return ret;
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
         cert->sigCtx.CertAtt.pubkey_n_start =
                 cert->sigCtx.CertAtt.pubkey_e_start = (*srcIdx + 1);
         cert->sigCtx.CertAtt.pubkey_n_len = ((length - 1) >> 1);
@@ -11518,8 +12096,8 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     #endif
 
     #ifdef HAVE_OCSP
-        ret = CalcHashId(source + *srcIdx, (word32)length,
-                         cert->subjectKeyHash);
+        ret = CalcHashId_ex(source + *srcIdx, (word32)length,
+            cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
         if (ret != 0)
             return ret;
     #endif
@@ -11558,7 +12136,18 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
             /* Store curve OID. */
             cert->pkCurveOID = dataASN[ECCCERTKEYASN_IDX_OID].data.oid.sum;
         }
-        /* Ignore explicit parameters. */
+        else {
+    #ifdef WOLFSSL_CUSTOM_CURVES
+            /* Parse explicit parameters. */
+            ret = EccSpecifiedECDomainDecode(
+                    dataASN[ECCCERTKEYASN_IDX_PARAMS].data.ref.data,
+                    dataASN[ECCCERTKEYASN_IDX_PARAMS].data.ref.length, NULL,
+                    NULL, &cert->pkCurveSize);
+    #else
+            /* Explicit parameters not supported in build configuration. */
+            ret = ASN_PARSE_E;
+    #endif
+        }
 
     #ifdef WOLFSSL_MAXQ10XX_TLS
         cert->publicKeyIndex =
@@ -11567,10 +12156,13 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     #endif
 
     #ifdef HAVE_OCSP
-        /* Calculate the hash of the subject public key for OCSP. */
-        ret = CalcHashId(dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data,
-                         dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length,
-                         cert->subjectKeyHash);
+        if (ret == 0) {
+            /* Calculate the hash of the subject public key for OCSP. */
+            ret = CalcHashId_ex(
+                    dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.data,
+                    dataASN[ECCCERTKEYASN_IDX_SUBJPUBKEY].data.ref.length,
+                    cert->subjectKeyHash, HashIdAlg(cert->signatureOID));
+        }
     }
     if (ret == 0) {
     #endif
@@ -11596,8 +12188,9 @@ static int StoreEccKey(DecodedCert* cert, const byte* source, word32* srcIdx,
     return ret;
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
-#endif /* HAVE_ECC */
+#endif /* HAVE_ECC && !NO_CERTS */
 
+#ifndef NO_CERTS
 #if !defined(NO_DSA)
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* ASN.1 template for DSA key in certificate.
@@ -11690,7 +12283,7 @@ static int ParseDsaKey(const byte* source, word32* srcIdx, word32 maxIdx,
  * Stores the public key in fields of the certificate object.
  * Validates the BER/DER items and does not store in a key object.
  *
- * @param [in, out] cert      Decoded certificate oject.
+ * @param [in, out] cert      Decoded certificate object.
  * @param [in]      source    BER/DER encoded SubjectPublicKeyInfo block.
  * @param [in, out] inOutIdx  On in, start of public key.
  *                            On out, start of ASN.1 item after public key.
@@ -11713,7 +12306,7 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
     int ret = 0;
     int length;
 
-    /* Validate paramaters. */
+    /* Validate parameters. */
     if (source == NULL) {
         return ASN_PARSE_E;
     }
@@ -11795,6 +12388,9 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
             break;
 #endif /* NO_RSA */
     #ifdef HAVE_ECC
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        case SM2k:
+    #endif
         case ECDSAk:
             ret = StoreEccKey(cert, source, &srcIdx, maxIdx, source + pubIdx,
                               (word32)pubLen);
@@ -11883,6 +12479,31 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
     /* Return error code. */
     return ret;
 }
+#endif
+
+/* Return the hash algorithm to use with the signature algorithm.
+ *
+ * @param [in] oidSum  Signature id.
+ * @return  Hash algorithm id.
+ */
+int HashIdAlg(word32 oidSum)
+{
+    (void)oidSum;
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if (oidSum == CTC_SM3wSM2) {
+        return WC_SM3;
+    }
+    if (oidSum == SM2k) {
+        return WC_SM3;
+    }
+#endif
+#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+    return WC_SHA256;
+#else
+    return WC_SHA;
+#endif
+}
 
 /* Calculate hash of the id using the SHA-1 or SHA-256.
  *
@@ -11894,18 +12515,55 @@ static int GetCertKey(DecodedCert* cert, const byte* source, word32* inOutIdx,
  */
 int CalcHashId(const byte* data, word32 len, byte* hash)
 {
+    /* Use default hash algorithm. */
+    return CalcHashId_ex(data, len, hash,
+#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+        WC_SHA256
+#else
+        WC_SHA
+#endif
+        );
+}
+
+/* Calculate hash of the id using the SHA-1 or SHA-256.
+ *
+ * @param [in]  data  Data to hash.
+ * @param [in]  len   Length of data to hash.
+ * @param [out] hash  Buffer to hold hash.
+ * @return  0 on success.
+ * @return  MEMORY_E when dynamic memory allocation fails.
+ */
+int CalcHashId_ex(const byte* data, word32 len, byte* hash, int hashAlg)
+{
     int ret;
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if (hashAlg == WC_SM3) {
+        ret = wc_Sm3Hash(data, len, hash);
+    }
+    else
+#endif
 #if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
-    ret = wc_Sha256Hash(data, len, hash);
+    if (hashAlg == WC_SHA256) {
+        ret = wc_Sha256Hash(data, len, hash);
+    }
+    else
 #elif !defined(NO_SHA)
-    ret = wc_ShaHash(data, len, hash);
+    if (hashAlg == WC_SHA) {
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        XMEMSET(hash + WC_SHA_DIGEST_SIZE, 0, KEYID_SIZE - WC_SHA_DIGEST_SIZE);
+    #endif
+        ret = wc_ShaHash(data, len, hash);
+    }
+    else
 #else
-    ret = NOT_COMPILED_IN;
     (void)data;
     (void)len;
     (void)hash;
 #endif
+    {
+        ret = NOT_COMPILED_IN;
+    }
 
     return ret;
 }
@@ -11921,16 +12579,24 @@ int CalcHashId(const byte* data, word32 len, byte* hash)
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
-static int GetHashId(const byte* id, int length, byte* hash)
+static int GetHashId(const byte* id, int length, byte* hash, int hashAlg)
 {
     int ret;
 
-    if (length == KEYID_SIZE) {
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if (length == wc_HashGetDigestSize(wc_HashTypeConvert(hashAlg)))
+#else
+    if (length == KEYID_SIZE)
+#endif
+    {
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        XMEMSET(hash + length, 0, KEYID_SIZE - length);
+    #endif
         XMEMCPY(hash, id, (size_t)length);
         ret = 0;
     }
     else {
-        ret = CalcHashId(id, (word32)length, hash);
+        ret = CalcHashId_ex(id, (word32)length, hash, hashAlg);
     }
 
     return ret;
@@ -12280,9 +12946,9 @@ static const byte rdnChoice[] = {
 static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
 {
     int ret = 0;
-    int nameSz;
+    size_t nameSz;
     char tmpName[WOLFSSL_MAX_IPSTR] = {0};
-    char* ip;
+    unsigned char* ip;
 
     if (entry == NULL || entry->type != ASN_IP_TYPE) {
         return BAD_FUNC_ARG;
@@ -12293,7 +12959,7 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
         WOLFSSL_MSG("Unexpected IP size");
         return BAD_FUNC_ARG;
     }
-    ip = entry->name;
+    ip = (unsigned char*)entry->name;
 
     /* store IP addresses as a string */
     if (entry->len == WOLFSSL_IP4_ADDR_LEN) {
@@ -12307,7 +12973,7 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
     }
 
     if (entry->len == WOLFSSL_IP6_ADDR_LEN) {
-        int i;
+        size_t i;
         for (i = 0; i < 8; i++) {
             if (XSNPRINTF(tmpName + i * 5, sizeof(tmpName) - i * 5,
                     "%02X%02X%s", 0xFF & ip[2 * i], 0xFF & ip[2 * i + 1],
@@ -12320,8 +12986,9 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
         }
     }
 
-    nameSz = (int)XSTRLEN(tmpName);
-    entry->ipString = (char*)XMALLOC(nameSz + 1, heap, DYNAMIC_TYPE_ALTNAME);
+    nameSz = XSTRLEN(tmpName);
+    entry->ipString = (char*)XMALLOC(nameSz + 1, heap,
+        DYNAMIC_TYPE_ALTNAME);
     if (entry->ipString == NULL) {
         ret = MEMORY_E;
     }
@@ -12337,6 +13004,91 @@ static int GenerateDNSEntryIPString(DNS_entry* entry, void* heap)
 }
 #endif /* OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
 
+#if defined(OPENSSL_ALL)
+/* used to set the human readable string for the registeredID with an
+ * ASN_RID_TYPE DNS entry
+ * return 0 on success
+ */
+static int GenerateDNSEntryRIDString(DNS_entry* entry, void* heap)
+{
+    int i, j, ret   = 0;
+    int nameSz      = 0;
+    int nid         = 0;
+    int tmpSize     = MAX_OID_SZ;
+    word32 oid      = 0;
+    word32 idx      = 0;
+    word16 tmpName[MAX_OID_SZ];
+    char   oidName[MAX_OID_SZ];
+    char*  finalName;
+
+    if (entry == NULL || entry->type != ASN_RID_TYPE) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (entry->len <= 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    XMEMSET(&oidName, 0, MAX_OID_SZ);
+
+    ret = GetOID((const byte*)entry->name, &idx, &oid, oidIgnoreType,
+                 entry->len);
+
+    if (ret == 0 && (nid = oid2nid(oid, oidCsrAttrType)) > 0) {
+        /* OID has known string value */
+        finalName = (char*)wolfSSL_OBJ_nid2ln(nid);
+    }
+    else {
+        /* Decode OBJECT_ID into dotted form array. */
+        ret = DecodeObjectId((const byte*)(entry->name),(word32)entry->len,
+                tmpName, (word32*)&tmpSize);
+
+        if (ret == 0) {
+            j = 0;
+            /* Append each number of dotted form. */
+            for (i = 0; i < tmpSize; i++) {
+                if (j >= MAX_OID_SZ) {
+                    return BUFFER_E;
+                }
+
+                if (i < tmpSize - 1) {
+                    ret = XSNPRINTF(oidName + j, MAX_OID_SZ - j, "%d.", tmpName[i]);
+                }
+                else {
+                    ret = XSNPRINTF(oidName + j, MAX_OID_SZ - j, "%d", tmpName[i]);
+                }
+
+                if (ret >= 0) {
+                    j += ret;
+                }
+                else {
+                    return BUFFER_E;
+                }
+            }
+            ret = 0;
+            finalName = oidName;
+        }
+    }
+
+    if (ret == 0) {
+        nameSz = (int)XSTRLEN((const char*)finalName);
+
+        entry->ridString = (char*)XMALLOC(nameSz + 1, heap,
+                DYNAMIC_TYPE_ALTNAME);
+
+        if (entry->ridString == NULL) {
+            ret = MEMORY_E;
+        }
+
+        if (ret == 0) {
+            XMEMCPY(entry->ridString, finalName, nameSz + 1);
+        }
+    }
+
+    return ret;
+}
+#endif /* OPENSSL_ALL && WOLFSSL_ASN_TEMPLATE */
+
 #ifdef WOLFSSL_ASN_TEMPLATE
 
 #if defined(WOLFSSL_CERT_GEN) || !defined(NO_CERTS)
@@ -12415,6 +13167,15 @@ static int SetDNSEntry(DecodedCert* cert, const char* str, int strLen,
         XMEMCPY(dnsEntry->name, str, (size_t)strLen);
         dnsEntry->name[strLen] = '\0';
 
+#if defined(OPENSSL_ALL)
+        /* store registeredID as a string */
+        if (type == ASN_RID_TYPE) {
+            if ((ret = GenerateDNSEntryRIDString(dnsEntry, cert->heap)) != 0) {
+                XFREE(dnsEntry->name, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME);
+            }
+        }
+#endif
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
         /* store IP addresses as a string */
         if (type == ASN_IP_TYPE) {
@@ -12561,6 +13322,18 @@ static int GetRDN(DecodedCert* cert, char* full, word32* idx, int* nid,
         *nid = NID_favouriteDrink;
     #endif
     }
+#ifdef WOLFSSL_CERT_REQ
+    else if (oidSz == sizeof(attrPkcs9ContentTypeOid) &&
+             XMEMCMP(oid, attrPkcs9ContentTypeOid, oidSz) == 0) {
+        /* Set the pkcs9_contentType, type string, length and NID. */
+        id = ASN_CONTENT_TYPE;
+        typeStr = WOLFSSL_CONTENT_TYPE;
+        typeStrLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+    #ifdef WOLFSSL_X509_NAME_AVAILABLE
+        *nid = NID_pkcs9_contentType;
+    #endif
+    }
+#endif
     /* Other OIDs that start with the same values. */
     else if (oidSz == sizeof(dcOid) && XMEMCMP(oid, dcOid, oidSz-1) == 0) {
         WOLFSSL_MSG("Unknown pilot attribute type");
@@ -12663,12 +13436,14 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
     /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
      * calculated over the entire DER encoding of the Name field, including
      * the tag and length. */
-    if (CalcHashId(input + *inOutIdx, maxIdx - *inOutIdx, hash) != 0)
+    if (CalcHashId_ex(input + *inOutIdx, maxIdx - *inOutIdx, hash,
+            HashIdAlg(cert->signatureOID)) != 0) {
         return ASN_PARSE_E;
+    }
 
 #if (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)) && \
     !defined(WOLFCRYPT_ONLY)
-    dName = wolfSSL_X509_NAME_new();
+    dName = wolfSSL_X509_NAME_new_ex(cert->heap);
     if (dName == NULL) {
         return MEMORY_E;
     }
@@ -13210,7 +13985,6 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                         nid = NID_userId;
                     #endif /* OPENSSL_EXTRA */
                         break;
-
                     case ASN_DOMAIN_COMPONENT:
                         copy = WOLFSSL_DOMAIN_COMPONENT;
                         copyLen = sizeof(WOLFSSL_DOMAIN_COMPONENT) - 1;
@@ -13229,7 +14003,15 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                         nid = NID_favouriteDrink;
                     #endif /* OPENSSL_EXTRA */
                         break;
-
+                    case ASN_CONTENT_TYPE:
+                        copy = WOLFSSL_CONTENT_TYPE;
+                        copyLen = sizeof(WOLFSSL_CONTENT_TYPE) - 1;
+                    #if (defined(OPENSSL_EXTRA) || \
+                        defined(OPENSSL_EXTRA_X509_SMALL)) \
+                        && !defined(WOLFCRYPT_ONLY)
+                        nid = NID_pkcs9_contentType;
+                    #endif /* OPENSSL_EXTRA */
+                        break;
                     default:
                         WOLFSSL_MSG("Unknown pilot attribute type");
                     #if (defined(OPENSSL_EXTRA) || \
@@ -13316,7 +14098,8 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
     /* For OCSP, RFC2560 section 4.1.1 states the issuer hash should be
      * calculated over the entire DER encoding of the Name field, including
      * the tag and length. */
-    if (CalcHashId(input + srcIdx, maxIdx - srcIdx, hash) != 0) {
+    if (CalcHashId_ex(input + srcIdx, maxIdx - srcIdx, hash,
+            HashIdAlg(cert->signatureOID)) != 0) {
         ret = ASN_PARSE_E;
     }
 
@@ -13324,8 +14107,8 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
 
 #ifdef WOLFSSL_X509_NAME_AVAILABLE
     if (ret == 0) {
-        /* Create an X509_NAME to hold data for OpenSSL compatability APIs. */
-        dName = wolfSSL_X509_NAME_new();
+        /* Create an X509_NAME to hold data for OpenSSL compatibility APIs. */
+        dName = wolfSSL_X509_NAME_new_ex(cert->heap);
         if (dName == NULL) {
             ret = MEMORY_E;
         }
@@ -13395,7 +14178,7 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
                 if (nid != 0) {
                     /* Add an entry to the X509_NAME. */
                     if (wolfSSL_X509_NAME_add_entry_by_NID(dName, nid, enc, str,
-                            strLen, -1, -1) != WOLFSSL_SUCCESS) {
+                            (int)strLen, -1, -1) != WOLFSSL_SUCCESS) {
                         ret = ASN_PARSE_E;
                     }
                 }
@@ -13415,15 +14198,17 @@ static int GetCertName(DecodedCert* cert, char* full, byte* hash, int nameType,
         #if (defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
              defined(HAVE_LIGHTY)) && \
             (defined(HAVE_PKCS7) || defined(WOLFSSL_CERT_EXT))
-            dName->rawLen = min(cert->issuerRawLen, WC_ASN_NAME_MAX);
-            XMEMCPY(dName->raw, cert->issuerRaw, dName->rawLen);
+            dName->rawLen = (int)min((word32)cert->issuerRawLen,
+                WC_ASN_NAME_MAX);
+            XMEMCPY(dName->raw, cert->issuerRaw, (size_t)dName->rawLen);
         #endif
             cert->issuerName = dName;
         }
         else {
         #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX)
-            dName->rawLen = min(cert->subjectRawLen, WC_ASN_NAME_MAX);
-            XMEMCPY(dName->raw, cert->subjectRaw, dName->rawLen);
+            dName->rawLen = (int)min((word32)cert->subjectRawLen,
+                WC_ASN_NAME_MAX);
+            XMEMCPY(dName->raw, cert->subjectRaw, (size_t)dName->rawLen);
         #endif
             cert->subjectName = dName;
         }
@@ -13701,7 +14486,7 @@ int GetTimeString(byte* date, int format, char* buf, int len)
     }
     idx = 4; /* use idx now for char buffer */
 
-    if (XSNPRINTF(buf + idx, len - idx, "%2d %02d:%02d:%02d %d GMT",
+    if (XSNPRINTF(buf + idx, (size_t)(len - idx), "%2d %02d:%02d:%02d %d GMT",
               t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec, (int)t.tm_year + 1900)
         >= len - idx)
     {
@@ -13713,6 +14498,23 @@ int GetTimeString(byte* date, int format, char* buf, int len)
 }
 #endif /* OPENSSL_ALL || WOLFSSL_MYSQL_COMPATIBLE || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
 
+/* Check time struct for valid values. Returns 0 for success */
+static int ValidateGmtime(struct tm* inTime)
+{
+    int ret = 1;
+    if ((inTime != NULL) &&
+        (inTime->tm_sec >= 0) && (inTime->tm_sec <= 61) &&
+        (inTime->tm_min >= 0) && (inTime->tm_min <= 59) &&
+        (inTime->tm_hour >= 0) && (inTime->tm_hour <= 23) &&
+        (inTime->tm_mday >= 1) && (inTime->tm_mday <= 31) &&
+        (inTime->tm_mon >= 0) && (inTime->tm_mon <= 11) &&
+        (inTime->tm_wday >= 0) && (inTime->tm_wday <= 6) &&
+        (inTime->tm_yday >= 0) && (inTime->tm_yday <= 365)) {
+        ret = 0;
+    }
+
+    return ret;
+}
 
 #if !defined(NO_ASN_TIME) && !defined(USER_TIME) && \
     !defined(TIME_OVERRIDES) && (defined(OPENSSL_EXTRA) || defined(HAVE_PKCS7))
@@ -13789,7 +14591,7 @@ int GetFormattedTime(void* currTime, byte* buf, word32 len)
         return BAD_FUNC_ARG;
 
     ts = (struct tm *)XGMTIME((time_t*)currTime, tmpTime);
-    if (ts == NULL) {
+    if (ValidateGmtime(ts)) {
         WOLFSSL_MSG("failed to get time data.");
         return ASN_TIME_E;
     }
@@ -13893,6 +14695,9 @@ static WC_INLINE int DateLessThan(const struct tm* a, const struct tm* b)
 
 /* like atoi but only use first byte */
 /* Make sure before and after dates are valid */
+/* date = ASN.1 raw */
+/* format = ASN_UTC_TIME or ASN_GENERALIZED_TIME */
+/* dateType = AFTER or BEFORE */
 int wc_ValidateDate(const byte* date, byte format, int dateType)
 {
     time_t ltime;
@@ -13953,10 +14758,10 @@ int wc_ValidateDate(const byte* date, byte format, int dateType)
         return 0;
     }
 
-    ltime -= (time_t)timeDiff ;
+    ltime -= (time_t)timeDiff;
     localTime = XGMTIME(&ltime, tmpTime);
 
-    if (localTime == NULL) {
+    if (ValidateGmtime(localTime)) {
         WOLFSSL_MSG("XGMTIME failed");
         return 0;
     }
@@ -14124,7 +14929,7 @@ static int GetDateInfo(const byte* source, word32* idx, const byte** pDate,
 #endif
 }
 
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(NO_CERTS) && !defined(WOLFSSL_ASN_TEMPLATE)
 static int GetDate(DecodedCert* cert, int dateType, int verify, int maxIdx)
 {
     int    ret, length;
@@ -14192,7 +14997,7 @@ static int GetValidity(DecodedCert* cert, int verify, int maxIdx)
 
     return 0;
 }
-#endif /* !WOLFSSL_ASN_TEMPLATE */
+#endif /* !NO_CERTS && !WOLFSSL_ASN_TEMPLATE */
 
 
 int wc_GetDateInfo(const byte* certDate, int certDateSz, const byte** date,
@@ -14246,7 +15051,7 @@ int wc_GetCertDates(Cert* cert, struct tm* before, struct tm* after)
 #endif /* WOLFSSL_CERT_GEN && WOLFSSL_ALT_NAMES */
 #endif /* !NO_ASN_TIME */
 
-#ifndef WOLFSSL_ASN_TEMPLATE
+#if !defined(WOLFSSL_ASN_TEMPLATE) && !defined(NO_CERTS)
 static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx)
 {
     int length;
@@ -14287,6 +15092,7 @@ static int GetSigAlg(DecodedCert* cert, word32* sigOid, word32 maxIdx)
 }
 #endif
 
+#ifndef NO_CERTS
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* TODO: move code around to not require this. */
 static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
@@ -14294,6 +15100,54 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
                               int stopAfterPubKey);
 #endif
 
+/* Assumes the target is a Raw-Public-Key certificate and parsed up to the
+ * public key. Returns CRYPTOCB_UNAVAILABLE if it determines that the cert is
+ * different from the Paw-Public-Key cert. In that case, cert->srcIdx is not
+ * consumed so as succeeding parse function can take over.
+ * In case that the target is Raw-Public-Key cert and contains a public key,
+ * returns 0  and consumes cert->srcIdx so as a public key retrieval function
+ * can follow.
+ */
+#if defined(HAVE_RPK)
+int TryDecodeRPKToKey(DecodedCert* cert)
+{
+    int ret = 0, len;
+    word32 tmpIdx;
+    word32 oid;
+
+    WOLFSSL_ENTER("TryDecodeRPKToKey");
+
+    if (cert == NULL)
+        return BAD_FUNC_ARG;
+
+    tmpIdx = cert->srcIdx;
+
+    /* both X509 cert and RPK cert should start with a Sequence tag */
+    if (ret == 0) {
+        if (GetSequence(cert->source, &tmpIdx, &len, cert->maxIdx) < 0)
+            ret = ASN_PARSE_E;
+    }
+    /* TBSCertificate of X509 or AlgorithmIdentifier of RPK cert */
+    if (ret == 0) {
+        if (GetSequence(cert->source, &tmpIdx, &len, cert->maxIdx) < 0)
+            ret = ASN_PARSE_E;
+    }
+    /* OBJ ID should be next in RPK cert */
+    if (ret == 0) {
+        if (GetObjectId(cert->source, &tmpIdx, &oid, oidKeyType, cert->maxIdx)
+                                                                            < 0)
+            ret = CRYPTOCB_UNAVAILABLE;
+    }
+    /* consume cert->srcIdx */
+    if (ret == 0) {
+        WOLFSSL_MSG("Looks like RPK certificate");
+        cert->srcIdx = tmpIdx;
+    }
+    WOLFSSL_LEAVE("TryDecodeRPKToKey", ret);
+    return ret;
+}
+#endif /* HAVE_RPK */
+
 /* Parse the certificate up to the X.509 public key.
  *
  * If cert data is invalid then badDate get set to error value.
@@ -14386,6 +15240,20 @@ int DecodeToKey(DecodedCert* cert, int verify)
     int badDate = 0;
     int ret;
 
+#if defined(HAVE_RPK)
+
+    /* Raw Public Key certificate has only a SubjectPublicKeyInfo structure
+     * as its contents. So try to call GetCertKey to get public key from it.
+     * If it fails, the cert should be a X509 cert and proceed to process as
+     * x509 cert. */
+    ret = GetCertKey(cert, cert->source, &cert->srcIdx, cert->maxIdx);
+    if (ret == 0) {
+        WOLFSSL_MSG("Raw Public Key certificate found and parsed");
+        cert->isRPK = 1;
+        return ret;
+    }
+#endif /* HAVE_RPK */
+
     if ( (ret = wc_GetPubX509(cert, verify, &badDate)) < 0)
         return ret;
 
@@ -14396,9 +15264,8 @@ int DecodeToKey(DecodedCert* cert, int verify)
     else
 #endif
     {
-        cert->selfSigned = XMEMCMP(cert->issuerHash,
-                                   cert->subjectHash,
-                                   KEYID_SIZE) == 0 ? 1 : 0;
+        cert->selfSigned = XMEMCMP(cert->issuerHash, cert->subjectHash,
+            KEYID_SIZE) == 0 ? 1 : 0;
     }
 
     ret = GetCertKey(cert, cert->source, &cert->srcIdx, cert->maxIdx);
@@ -14425,7 +15292,7 @@ int DecodeToKey(DecodedCert* cert, int verify)
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
 
-#if !defined(NO_CERTS) && !defined(WOLFSSL_ASN_TEMPLATE)
+#if !defined(WOLFSSL_ASN_TEMPLATE)
 static int GetSignature(DecodedCert* cert)
 {
     int length;
@@ -14445,7 +15312,8 @@ static int GetSignature(DecodedCert* cert)
 
     return 0;
 }
-#endif /* !NO_CERTS && !WOLFSSL_ASN_TEMPLATE */
+#endif /* !WOLFSSL_ASN_TEMPLATE */
+#endif /* !NO_CERTS */
 
 #ifndef WOLFSSL_ASN_TEMPLATE
 static word32 SetOctetString8Bit(word32 len, byte* output)
@@ -14603,7 +15471,7 @@ word32 SetOthername(void *name, byte *output)
 {
     WOLFSSL_ASN1_OTHERNAME *nm = (WOLFSSL_ASN1_OTHERNAME *)name;
     char *nameStr = NULL;
-    int nameSz = 0;
+    word32 nameSz = 0;
     word32 len = 0;
 
     if ((nm == NULL) || (nm->value == NULL)) {
@@ -14612,7 +15480,7 @@ word32 SetOthername(void *name, byte *output)
     }
 
     nameStr = nm->value->value.utf8string->data;
-    nameSz = nm->value->value.utf8string->length;
+    nameSz = (word32)nm->value->value.utf8string->length;
 
     len = nm->type_id->objSz +
           SetHeader(ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC, nameSz + 2, NULL) +
@@ -14635,56 +15503,6 @@ word32 SetOthername(void *name, byte *output)
 }
 #endif /* OPENSSL_EXTRA */
 
-#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
-
-static int SetCurve(ecc_key* key, byte* output, size_t outSz)
-{
-#ifdef HAVE_OID_ENCODING
-    int ret;
-#endif
-    int idx;
-    word32 oidSz = 0;
-
-    /* validate key */
-    if (key == NULL || key->dp == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifdef HAVE_OID_ENCODING
-    ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, NULL, &oidSz);
-    if (ret != 0) {
-        return ret;
-    }
-#else
-    oidSz = key->dp->oidSz;
-#endif
-
-    idx = SetObjectId((int)oidSz, output);
-
-    /* length only */
-    if (output == NULL) {
-        return idx + (int)oidSz;
-    }
-
-    /* verify output buffer has room */
-    if (oidSz > outSz)
-        return BUFFER_E;
-
-#ifdef HAVE_OID_ENCODING
-    ret = EncodeObjectId(key->dp->oid, key->dp->oidSz, output+idx, &oidSz);
-    if (ret != 0) {
-        return ret;
-    }
-#else
-    XMEMCPY(output+idx, key->dp->oid, oidSz);
-#endif
-    idx += (int)oidSz;
-
-    return idx;
-}
-
-#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
-
 
 #ifdef HAVE_ECC
 /* Determines whether the signature algorithm is using ECDSA.
@@ -14720,6 +15538,9 @@ static WC_INLINE int IsSigAlgoECC(word32 algoOID)
         #ifdef HAVE_ECC
               || IsSigAlgoECDSA(algoOID)
         #endif
+        #ifdef WOLFSSL_SM2
+              || (algoOID == SM2k)
+        #endif
         #ifdef HAVE_ED25519
               || (algoOID == ED25519k)
         #endif
@@ -15038,6 +15859,9 @@ void FreeSignatureCtx(SignatureCtx* sigCtx)
         #endif
         #ifdef HAVE_ECC
             case ECDSAk:
+        #ifdef WOLFSSL_SM2
+            case SM2k:
+        #endif
             #if defined(WC_ECC_NONBLOCK) && defined(WOLFSSL_ASYNC_CRYPT_SW) && \
                 defined(WC_ASYNC_ENABLE_ECC)
                 if (sigCtx->key.ecc->nb_ctx != NULL) {
@@ -15222,6 +16046,14 @@ static int HashForSignature(const byte* buf, word32 bufSz, word32 sigOID,
             break;
     #endif
     #endif
+    #if defined(WOLFSSL_SM2) & defined(WOLFSSL_SM3)
+        case CTC_SM3wSM2:
+            if ((ret = wc_Sm3Hash(buf, bufSz, digest)) == 0) {
+                *typeH    = SM3h;
+                *digestSz = WC_SM3_DIGEST_SIZE;
+            }
+            break;
+    #endif
     #ifdef HAVE_ED25519
         case CTC_ED25519:
             /* Hashes done in signing operation.
@@ -15288,7 +16120,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
     byte* rsaKeyIdx)
 {
     int ret = 0;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     CertAttribute* certatt = NULL;
 #endif
 
@@ -15306,7 +16138,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
 
     WOLFSSL_ENTER("ConfirmSignature");
 
-#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if !defined(WOLFSSL_RENESAS_TSIP_TLS) && !defined(WOLFSSL_RENESAS_FSPSM_TLS)
     (void)rsaKeyIdx;
 #else
     #if !defined(NO_RSA) || defined(HAVE_ECC)
@@ -15365,6 +16197,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
             }
             else
         #endif
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+            if (sigOID == CTC_SM3wSM2) {
+                ; /* SM2 hash requires public key. Done later. */
+            }
+            else
+        #endif
             {
                 ret = HashForSignature(buf, bufSz, sigOID, sigCtx->digest,
                                        &sigCtx->typeH, &sigCtx->digestSz, 1);
@@ -15432,15 +16270,18 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                     }
                     sigCtx->key.dsa = (DsaKey*)XMALLOC(sizeof(DsaKey),
                                                 sigCtx->heap, DYNAMIC_TYPE_DSA);
-                    sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
-                                         sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
-                    if (sigCtx->key.dsa == NULL || sigCtx->sigCpy == NULL) {
+                    if (sigCtx->key.dsa == NULL) {
                         ERROR_OUT(MEMORY_E, exit_cs);
                     }
                     if ((ret = wc_InitDsaKey_h(sigCtx->key.dsa, sigCtx->heap)) != 0) {
                         WOLFSSL_MSG("wc_InitDsaKey_h error");
                         goto exit_cs;
                     }
+                    sigCtx->sigCpy = (byte*)XMALLOC(sigSz,
+                                         sigCtx->heap, DYNAMIC_TYPE_SIGNATURE);
+                    if (sigCtx->sigCpy == NULL) {
+                        ERROR_OUT(MEMORY_E, exit_cs);
+                    }
                     if ((ret = wc_DsaPublicKeyDecode(key, &idx, sigCtx->key.dsa,
                                                                  keySz)) != 0) {
                         WOLFSSL_MSG("ASN Key decode error DSA");
@@ -15530,6 +16371,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                 }
             #endif /* !NO_DSA && !HAVE_SELFTEST */
             #ifdef HAVE_ECC
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                case SM2k:
+            #endif
                 case ECDSAk:
                 {
                     word32 idx = 0;
@@ -15959,12 +16803,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                                 key, keySz,
                                 sigCtx->pkCtxRsa);
                     }
-                #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+                #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                     !defined(WOLFSSL_RENESAS_TSIP_TLS)
                     else
                 #else
                     if (!sigCtx->pkCbRsa || ret == CRYPTOCB_UNAVAILABLE)
-                #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+                #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
                 #endif /* HAVE_PK_CALLBACKS */
                     {
                         ret = wc_RsaSSL_VerifyInline(sigCtx->sigCpy, sigSz,
@@ -15981,9 +16825,50 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                     break;
                 }
             #endif /* !NO_DSA && !HAVE_SELFTEST */
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                case SM2k:
+                {
+                    /* OpenSSL creates signature without CERT_SIG_ID. */
+                    ret = wc_ecc_sm2_create_digest(CERT_SIG_ID, 0, buf, bufSz,
+                        WC_HASH_TYPE_SM3, sigCtx->digest, WC_SM3_DIGEST_SIZE,
+                        sigCtx->key.ecc);
+                    if (ret == 0) {
+                        sigCtx->typeH    = SM3h;
+                        sigCtx->digestSz = WC_SM3_DIGEST_SIZE;
+                    }
+                    else {
+                        WOLFSSL_MSG("SM2wSM3 create digest failed");
+                        WOLFSSL_ERROR_VERBOSE(ret);
+                        goto exit_cs;
+                    }
+                    ret = wc_ecc_sm2_verify_hash(sig, sigSz, sigCtx->digest,
+                        sigCtx->digestSz, &sigCtx->verify, sigCtx->key.ecc);
+                    break;
+                }
+            #endif
             #if defined(HAVE_ECC) && defined(HAVE_ECC_VERIFY)
                 case ECDSAk:
                 {
+                #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                    if (sigOID == CTC_SM3wSM2) {
+                        ret = wc_ecc_sm2_create_digest(CERT_SIG_ID,
+                            CERT_SIG_ID_SZ, buf, bufSz, WC_HASH_TYPE_SM3,
+                            sigCtx->digest, WC_SM3_DIGEST_SIZE,
+                            sigCtx->key.ecc);
+                        if (ret == 0) {
+                            sigCtx->typeH    = SM3h;
+                            sigCtx->digestSz = WC_SM3_DIGEST_SIZE;
+                        }
+                        else {
+                            WOLFSSL_MSG("SM2wSM3 create digest failed");
+                            WOLFSSL_ERROR_VERBOSE(ret);
+                            goto exit_cs;
+                        }
+                        ret = wc_ecc_sm2_verify_hash(sig, sigSz, sigCtx->digest,
+                            sigCtx->digestSz, &sigCtx->verify, sigCtx->key.ecc);
+                    }
+                    else
+                #endif
                 #if defined(HAVE_PK_CALLBACKS)
                     if (sigCtx->pkCbEcc) {
                         ret = sigCtx->pkCbEcc(
@@ -15992,12 +16877,12 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                                 key, keySz, &sigCtx->verify,
                                 sigCtx->pkCtxEcc);
                     }
-                #if !defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+                #if !defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
                     !defined(WOLFSSL_RENESAS_TSIP_TLS)
                     else
                 #else
                     if (!sigCtx->pkCbEcc || ret == CRYPTOCB_UNAVAILABLE)
-                #endif /* WOLFSSL_RENESAS_SCEPROTECT */
+                #endif /* WOLFSSL_RENESAS_FSPSM_TLS */
                 #endif /* HAVE_PK_CALLBACKS */
                     {
                         ret = wc_ecc_verify_hash(sig, sigSz, sigCtx->digest,
@@ -16118,7 +17003,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                 {
                     int encodedSigSz, verifySz;
                 #if defined(WOLFSSL_RENESAS_TSIP_TLS) || \
-                                            defined(WOLFSSL_RENESAS_SCEPROTECT)
+                                            defined(WOLFSSL_RENESAS_FSPSM_TLS)
                     if (sigCtx->CertAtt.verifyByTSIP_SCE == 1) break;
                 #endif
                 #ifdef WOLFSSL_SMALL_STACK
@@ -16169,6 +17054,9 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
                 }
             #endif /* !NO_DSA && !HAVE_SELFTEST */
             #ifdef HAVE_ECC
+            #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+                case SM2k:
+            #endif
                 case ECDSAk:
                 {
                     if (sigCtx->verify == 1) {
@@ -16437,9 +17325,11 @@ static int MatchBaseName(int type, const char* name, int nameSz,
     }
 
     while (nameSz > 0) {
-        if (XTOLOWER((unsigned char)*name++) !=
-                                               XTOLOWER((unsigned char)*base++))
+        if (XTOLOWER((unsigned char)*name) !=
+                                               XTOLOWER((unsigned char)*base))
             return 0;
+        name++;
+        base++;
         nameSz--;
     }
 
@@ -16533,7 +17423,7 @@ static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert)
                 name = cert->altNames;
                 break;
             case ASN_RFC822_TYPE:
-                /* Shouldn't it validade E= in subject as well? */
+                /* Shouldn't it validate E= in subject as well? */
                 name = cert->altEmailNames;
 
                 /* Add subject email for checking. */
@@ -16917,10 +17807,19 @@ static int DecodeGeneralName(const byte* input, word32* inOutIdx, byte tag,
         ret = SetDNSEntry(cert, (const char*)(input + idx), len, ASN_IP_TYPE,
                 &cert->altNames);
         if (ret == 0) {
-            idx += len;
+            idx += (word32)len;
         }
     }
     #endif /* WOLFSSL_QT || OPENSSL_ALL */
+
+    /* GeneralName choice: registeredID */
+    else if (tag == (ASN_CONTEXT_SPECIFIC | ASN_RID_TYPE)) {
+        ret = SetDNSEntry(cert, (const char*)(input + idx), len,
+                ASN_RID_TYPE, &cert->altNames);
+        if (ret == 0) {
+            idx += (word32)len;
+        }
+    }
 #endif /* IGNORE_NAME_CONSTRAINTS */
 #if defined(WOLFSSL_SEP) || defined(WOLFSSL_FPKI)
     /* GeneralName choice: otherName */
@@ -16929,8 +17828,7 @@ static int DecodeGeneralName(const byte* input, word32* inOutIdx, byte tag,
         ret = DecodeOtherName(cert, input, &idx, idx + (word32)len);
     }
 #endif
-    /* GeneralName choice: dNSName, x400Address, ediPartyName,
-     *                     registeredID */
+    /* GeneralName choice: dNSName, x400Address, ediPartyName */
     else {
         WOLFSSL_MSG("\tUnsupported name type, skipping");
         idx += (word32)len;
@@ -17440,7 +18338,55 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
             length -= strLen;
             idx    += (word32)strLen;
         }
-#endif /* WOLFSSL_QT || OPENSSL_ALL */
+#endif /* WOLFSSL_QT || OPENSSL_ALL || WOLFSSL_IP_ALT_NAME */
+#if defined(OPENSSL_ALL)
+        else if (current_byte == (ASN_CONTEXT_SPECIFIC | ASN_RID_TYPE)) {
+            DNS_entry* rid;
+            int strLen;
+            word32 lenStartIdx = idx;
+            WOLFSSL_MSG("Decoding Subject Alt. Name: Registered Id");
+
+            if (GetLength(input, &idx, &strLen, sz) < 0) {
+                WOLFSSL_MSG("\tfail: str length");
+                return ASN_PARSE_E;
+            }
+            length -= (idx - lenStartIdx);
+            /* check that strLen at index is not past input buffer */
+            if (strLen + idx > sz) {
+                return BUFFER_E;
+            }
+
+            rid = AltNameNew(cert->heap);
+            if (rid == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                return MEMORY_E;
+            }
+
+            rid->type = ASN_RID_TYPE;
+            rid->name = (char*)XMALLOC((size_t)strLen + 1, cert->heap,
+                                         DYNAMIC_TYPE_ALTNAME);
+            if (rid->name == NULL) {
+                WOLFSSL_MSG("\tOut of Memory");
+                XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                return MEMORY_E;
+            }
+            rid->len = strLen;
+            XMEMCPY(rid->name, &input[idx], strLen);
+            rid->name[strLen] = '\0';
+
+            if (GenerateDNSEntryRIDString(rid, cert->heap) != 0) {
+                WOLFSSL_MSG("\tOut of Memory for registered Id string");
+                XFREE(rid->name, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                XFREE(rid, cert->heap, DYNAMIC_TYPE_ALTNAME);
+                return MEMORY_E;
+            }
+
+            AddAltName(cert, rid);
+
+            length -= strLen;
+            idx    += (word32)strLen;
+        }
+#endif /* OPENSSL_ALL */
 #endif /* IGNORE_NAME_CONSTRAINTS */
         else if (current_byte ==
                 (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE)) {
@@ -17566,7 +18512,7 @@ static int DecodeAltNames(const byte* input, word32 sz, DecodedCert* cert)
 }
 
 #ifdef WOLFSSL_ASN_TEMPLATE
-/* ASN.1 template for BasicContraints.
+/* ASN.1 template for BasicConstraints.
  * X.509: RFC 5280, 4.2.1.9 - BasicConstraints.
  */
 static const ASNItem basicConsASN[] = {
@@ -17653,7 +18599,7 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert)
     word32 idx = 0;
     byte isCA = 0;
 
-    WOLFSSL_ENTER("DecodeBasicCaConstraints");
+    WOLFSSL_ENTER("DecodeBasicCaConstraint");
 
     CALLOC_ASNGETDATA(dataASN, basicConsASN_Length, ret, cert->heap);
 
@@ -17670,15 +18616,22 @@ static int DecodeBasicCaConstraint(const byte* input, int sz, DecodedCert* cert)
     if ((ret == 0) && (dataASN[BASICCONSASN_IDX_SEQ].length != 0)) {
         /* Bad encoding when CA Boolean is false
          * (default when not present). */
+#if !defined(ASN_TEMPLATE_SKIP_ISCA_CHECK) && \
+    !defined(WOLFSSL_ALLOW_ENCODING_CA_FALSE)
         if ((dataASN[BASICCONSASN_IDX_CA].length != 0) && (!isCA)) {
             WOLFSSL_ERROR_VERBOSE(ASN_PARSE_E);
             ret = ASN_PARSE_E;
         }
+#endif
         /* Path length must be a 7-bit value. */
         if ((ret == 0) && (cert->pathLength >= (1 << 7))) {
             WOLFSSL_ERROR_VERBOSE(ASN_PARSE_E);
             ret = ASN_PARSE_E;
         }
+        if ((ret == 0) && cert->pathLength > WOLFSSL_MAX_PATH_LEN) {
+            WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_SIZE_E);
+            ret = ASN_PATHLEN_SIZE_E;
+        }
         /* Store CA boolean and whether a path length was seen. */
         if (ret == 0) {
             /* isCA in certificate is a 1 bit of a byte. */
@@ -17918,7 +18871,7 @@ static int DecodeCrlDist(const byte* input, word32 sz, DecodedCert* cert)
     if  (ret == 0) {
         /* Get the GeneralName choice */
         GetASN_Choice(&dataASN[CRLDISTASN_IDX_DP_DISTPOINT_FN_GN], generalNameChoice);
-        /* Parse CRL distribtion point. */
+        /* Parse CRL distribution point. */
         ret = GetASN_Items(crlDistASN, dataASN, crlDistASN_Length, 0, input,
                            &idx, sz);
     }
@@ -17999,7 +18952,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
 #ifndef WOLFSSL_ASN_TEMPLATE
     word32 idx = 0;
     int length = 0;
-    int count  = 0;
     byte b = 0;
     word32 oid;
 
@@ -18009,7 +18961,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
     if (GetSequence(input, &idx, &length, sz) < 0)
         return ASN_PARSE_E;
 
-    while ((idx < (word32)sz) && (count < MAX_AIA_SZ)) {
+    while ((idx < (word32)sz)) {
         /* Unwrap a single AIA */
         if (GetSequence(input, &idx, &length, sz) < 0)
             return ASN_PARSE_E;
@@ -18027,23 +18979,22 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
             return ASN_PARSE_E;
 
         /* Set ocsp entry */
-        if (b == GENERALNAME_URI && oid == AIA_OCSP_OID)
+        if (b == GENERALNAME_URI && oid == AIA_OCSP_OID &&
+                cert->extAuthInfo == NULL)
         {
             cert->extAuthInfoSz = length;
             cert->extAuthInfo = input + idx;
-        #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
-            count++;
-        #else
+        #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
             break;
         #endif
         }
         #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
         /* Set CaIssuers entry */
-        else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID)
+        else if ((b == GENERALNAME_URI) && oid == AIA_CA_ISSUER_OID &&
+                cert->extAuthInfoCaIssuer == NULL)
         {
             cert->extAuthInfoCaIssuerSz = length;
             cert->extAuthInfoCaIssuer = input + idx;
-            count++;
         }
         #endif
         idx += (word32)length;
@@ -18053,7 +19004,6 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
 #else
     word32 idx = 0;
     int length = 0;
-    int count  = 0;
     int ret    = 0;
 
     WOLFSSL_ENTER("DecodeAuthInfo");
@@ -18063,7 +19013,7 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
         ret = ASN_PARSE_E;
     }
 
-    while ((ret == 0) && (idx < (word32)sz) && (count < MAX_AIA_SZ)) {
+    while ((ret == 0) && (idx < (word32)sz)) {
         ASNGetData dataASN[accessDescASN_Length];
 
         /* Clear dynamic data and retrieve OID and name. */
@@ -18078,14 +19028,13 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
 
             /* Check we have OCSP and URI. */
             if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum == AIA_OCSP_OID) &&
-                    (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
+                    (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
+                    (cert->extAuthInfo == NULL)) {
                 /* Store URI for OCSP lookup. */
                 GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
                         &cert->extAuthInfo, &sz32);
                 cert->extAuthInfoSz = (int)sz32;
-            #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
-                count++;
-            #else
+            #if !defined(OPENSSL_ALL) && !defined(WOLFSSL_QT)
                 break;
             #endif
             }
@@ -18093,12 +19042,12 @@ static int DecodeAuthInfo(const byte* input, word32 sz, DecodedCert* cert)
             /* Check we have CA Issuer and URI. */
             else if ((dataASN[ACCESSDESCASN_IDX_METH].data.oid.sum ==
                         AIA_CA_ISSUER_OID) &&
-                    (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI)) {
+                    (dataASN[ACCESSDESCASN_IDX_LOC].tag == GENERALNAME_URI) &&
+                    (cert->extAuthInfoCaIssuer == NULL)) {
                 /* Set CaIssuers entry */
                 GetASN_GetConstRef(&dataASN[ACCESSDESCASN_IDX_LOC],
                         &cert->extAuthInfoCaIssuer, &sz32);
-                cert->extAuthInfoCaIssuerSz = sz32;
-                count++;
+                cert->extAuthInfoCaIssuerSz = (int)sz32;
             }
             #endif
             /* Otherwise skip. */
@@ -18134,9 +19083,9 @@ enum {
 #define authKeyIdASN_Length (sizeof(authKeyIdASN) / sizeof(ASNItem))
 #endif
 
-/* Decode authority information access extension in a certificate.
+/* Decode authority key identifier extension in a certificate.
  *
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.1 - Authority Key Identifier.
  *
  * @param [in]      input  Buffer holding data.
  * @param [in]      sz     Size of data in buffer.
@@ -18185,11 +19134,11 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
     cert->extAuthKeyIdSz = length;
 #endif /* OPENSSL_EXTRA */
 
-    return GetHashId(input + idx, length, cert->extAuthKeyId);
+    return GetHashId(input + idx, length, cert->extAuthKeyId,
+        HashIdAlg(cert->signatureOID));
 #else
     DECL_ASNGETDATA(dataASN, authKeyIdASN_Length);
     int ret = 0;
-    word32 idx = 0;
 
     WOLFSSL_ENTER("DecodeAuthKeyId");
 
@@ -18197,31 +19146,59 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
 
     if (ret == 0) {
         /* Parse an authority key identifier. */
+        word32 idx = 0;
         ret = GetASN_Items(authKeyIdASN, dataASN, authKeyIdASN_Length, 1, input,
                            &idx, sz);
     }
-    if (ret == 0) {
-        /* Key id is optional. */
-        if (dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data == NULL) {
-            WOLFSSL_MSG("\tinfo: OPTIONAL item 0, not available");
-        }
-        else {
+    /* Each field is optional */
+    if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data != NULL) {
 #ifdef OPENSSL_EXTRA
-            /* Store the authority key id. */
-#ifdef WOLFSSL_AKID_NAME
-            cert->extRawAuthKeyIdSrc = input;
-            cert->extRawAuthKeyIdSz = sz;
-#endif
-            GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_KEYID], &cert->extAuthKeyIdSrc,
-                               &cert->extAuthKeyIdSz);
+        GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_KEYID],
+                &cert->extAuthKeyIdSrc, &cert->extAuthKeyIdSz);
 #endif /* OPENSSL_EXTRA */
+        /* Get the hash or hash of the hash if wrong size. */
+        ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
+                    (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+                    cert->extAuthKeyId, HashIdAlg(cert->signatureOID));
+    }
+#ifdef WOLFSSL_AKID_NAME
+    if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.data != NULL) {
+        /* We only support using one (first) name. Parse the name to perform
+         * a sanity check. */
+        word32 idx = 0;
+        ASNGetData nameASN[altNameASN_Length];
+        XMEMSET(nameASN, 0, sizeof(nameASN));
+        /* Parse GeneralName with the choices supported. */
+        GetASN_Choice(&nameASN[ALTNAMEASN_IDX_GN], generalNameChoice);
+        /* Decode a GeneralName choice. */
+        ret = GetASN_Items(altNameASN, nameASN, altNameASN_Length, 0,
+                dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.data, &idx,
+                dataASN[AUTHKEYIDASN_IDX_ISSUER].data.ref.length);
 
-            /* Get the hash or hash of the hash if wrong size. */
-            ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
-                        (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
-                        cert->extAuthKeyId);
+        if (ret == 0) {
+            GetASN_GetConstRef(&nameASN[ALTNAMEASN_IDX_GN],
+                    &cert->extAuthKeyIdIssuer, &cert->extAuthKeyIdIssuerSz);
         }
     }
+    if (ret == 0 && dataASN[AUTHKEYIDASN_IDX_SERIAL].data.ref.data != NULL) {
+        GetASN_GetConstRef(&dataASN[AUTHKEYIDASN_IDX_SERIAL],
+                &cert->extAuthKeyIdIssuerSN, &cert->extAuthKeyIdIssuerSNSz);
+    }
+    if (ret == 0) {
+        if ((cert->extAuthKeyIdIssuerSz > 0) ^
+                (cert->extAuthKeyIdIssuerSNSz > 0)) {
+            WOLFSSL_MSG("authorityCertIssuer and authorityCertSerialNumber MUST"
+                       " both be present or both be absent");
+        }
+    }
+#endif /* WOLFSSL_AKID_NAME */
+    if (ret == 0) {
+#if defined(OPENSSL_EXTRA) && defined(WOLFSSL_AKID_NAME)
+        /* Store the raw authority key id. */
+        cert->extRawAuthKeyIdSrc = input;
+        cert->extRawAuthKeyIdSz = sz;
+#endif /* OPENSSL_EXTRA */
+    }
 
     FREE_ASNGETDATA(dataASN, cert->heap);
     return ret;
@@ -18230,7 +19207,7 @@ static int DecodeAuthKeyId(const byte* input, word32 sz, DecodedCert* cert)
 
 /* Decode subject key id extension in a certificate.
  *
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.2 - Subject Key Identifier.
  *
  * @param [in]      input  Buffer holding data.
  * @param [in]      sz     Size of data in buffer.
@@ -18252,11 +19229,12 @@ static int DecodeSubjKeyId(const byte* input, word32 sz, DecodedCert* cert)
     if (ret > 0) {
     #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
         cert->extSubjKeyIdSrc = &input[idx];
-        cert->extSubjKeyIdSz = length;
+        cert->extSubjKeyIdSz = (word32)length;
     #endif /* OPENSSL_EXTRA */
 
         /* Get the hash or hash of the hash if wrong size. */
-        ret = GetHashId(input + idx, length, cert->extSubjKeyId);
+        ret = GetHashId(input + idx, length, cert->extSubjKeyId,
+            HashIdAlg(cert->signatureOID));
     }
 
     return ret;
@@ -18279,7 +19257,7 @@ enum {
 
 /* Decode key usage extension in a certificate.
  *
- * X.509: RFC 5280, 4.2.2.1 - Authority Information Access.
+ * X.509: RFC 5280, 4.2.1.3 - Key Usage.
  *
  * @param [in]      input  Buffer holding data.
  * @param [in]      sz     Size of data in buffer.
@@ -18313,14 +19291,24 @@ static int DecodeKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
 #else
     ASNGetData dataASN[keyUsageASN_Length];
     word32 idx = 0;
+    byte keyUsage[2];
+    word32 keyUsageSz = sizeof(keyUsage);
+    int ret;
     WOLFSSL_ENTER("DecodeKeyUsage");
 
     /* Clear dynamic data and set where to store extended key usage. */
     XMEMSET(dataASN, 0, sizeof(dataASN));
-    GetASN_Int16Bit(&dataASN[KEYUSAGEASN_IDX_STR], &cert->extKeyUsage);
+    GetASN_Buffer(&dataASN[KEYUSAGEASN_IDX_STR], keyUsage, &keyUsageSz);
     /* Parse key usage. */
-    return GetASN_Items(keyUsageASN, dataASN, keyUsageASN_Length, 0, input,
+    ret = GetASN_Items(keyUsageASN, dataASN, keyUsageASN_Length, 0, input,
                         &idx, sz);
+    if (ret == 0) {
+        /* Decode the bit string number as LE */
+        cert->extKeyUsage = (word16)(keyUsage[0]);
+        if (keyUsageSz == 2)
+            cert->extKeyUsage |= (word16)(keyUsage[1] << 8);
+    }
+    return ret;
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
 
@@ -18437,7 +19425,7 @@ static int DecodeExtKeyUsage(const byte* input, word32 sz, DecodedCert* cert)
     #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
         /* Keep reference for WOLFSSL_X509. */
         cert->extExtKeyUsageSrc = input + idx;
-        cert->extExtKeyUsageSz = length;
+        cert->extExtKeyUsageSz = (word32)length;
     #endif
     }
 
@@ -18610,7 +19598,7 @@ static int DecodeSubtreeGeneralName(const byte* input, word32 sz, byte tag,
 
 /* Decode a subtree of a name constraints in a certificate.
  *
- * X.509: RFC 5280, 4.2.1.10 - Name Contraints.
+ * X.509: RFC 5280, 4.2.1.10 - Name Constraints.
  *
  * @param [in]      input  Buffer holding data.
  * @param [in]      sz     Size of data in buffer.
@@ -18742,7 +19730,7 @@ static int DecodeSubtree(const byte* input, word32 sz, Base_entry** head,
 
 #ifdef WOLFSSL_ASN_TEMPLATE
 /* ASN.1 template for NameConstraints.
- * X.509: RFC 5280, 4.2.1.10 - Name Contraints.
+ * X.509: RFC 5280, 4.2.1.10 - Name Constraints.
  */
 static const ASNItem nameConstraintsASN[] = {
 /* SEQ     */ { 0, ASN_SEQUENCE, 1, 1, 0 },
@@ -18874,7 +19862,7 @@ int DecodePolicyOID(char *out, word32 outSz, const byte *in, word32 inSz)
         w = BUFFER_E;
         goto exit;
     }
-    outIdx += w;
+    outIdx += (word32)w;
     val = 0;
 
     while (inIdx < inSz && outIdx < outSz) {
@@ -18892,7 +19880,7 @@ int DecodePolicyOID(char *out, word32 outSz, const byte *in, word32 inSz)
                 w = BUFFER_E;
                 goto exit;
             }
-            outIdx += w;
+            outIdx += (word32)w;
             val = 0;
         }
         inIdx++;
@@ -19011,7 +19999,7 @@ exit:
                     return ASN_PARSE_E;
                 }
             #ifndef WOLFSSL_DUP_CERTPOL
-                /* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
+                /* From RFC 5280 section 4.2.1.4 "A certificate policy OID MUST
                  * NOT appear more than once in a certificate policies
                  * extension". This is a sanity check for duplicates.
                  * extCertPolicies should only have OID values, additional
@@ -19120,11 +20108,11 @@ exit:
                 }
             }
             #ifndef WOLFSSL_DUP_CERTPOL
-            /* From RFC 5280 section 4.2.1.3 "A certificate policy OID MUST
+            /* From RFC 5280 section 4.2.1.4 "A certificate policy OID MUST
              * NOT appear more than once in a certificate policies
              * extension". This is a sanity check for duplicates.
              * extCertPolicies should only have OID values, additional
-             * qualifiers need to be stored in a seperate array. */
+             * qualifiers need to be stored in a separate array. */
             for (i = 0; (ret == 0) && (i < cert->extCertPoliciesNb); i++) {
                 if (XMEMCMP(cert->extCertPolicies[i],
                             cert->extCertPolicies[cert->extCertPoliciesNb],
@@ -19169,7 +20157,7 @@ enum {
     SUBJDIRATTRASN_IDX_SET,
 };
 
-/* Number of items in ASN.1 template for BasicContraints. */
+/* Number of items in ASN.1 template for BasicConstraints. */
 #define subjDirAttrASN_Length (sizeof(subjDirAttrASN) / sizeof(ASNItem))
 #endif
 /* Decode subject directory attributes extension in a certificate.
@@ -19183,7 +20171,7 @@ enum {
  * @return  ASN_PARSE_E when BER encoded data does not match ASN.1 items or
  *          is invalid.
  */
-static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
+static int DecodeSubjDirAttr(const byte* input, word32 sz, DecodedCert* cert)
 {
 #ifndef WOLFSSL_ASN_TEMPLATE
     word32 idx = 0;
@@ -19280,7 +20268,8 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
                 ret = ASN_PARSE_E;
             }
             if (ret == 0) {
-                XMEMCPY(cert->countryOfCitizenship, setData + setIdx, cuLen);
+                XMEMCPY(cert->countryOfCitizenship, setData + setIdx,
+                    (size_t)cuLen);
                 cert->countryOfCitizenship[COUNTRY_CODE_LEN] = 0;
             }
         }
@@ -19292,7 +20281,7 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
 #endif /* WOLFSSL_SUBJ_DIR_ATTR */
 
 #ifdef WOLFSSL_SUBJ_INFO_ACC
-/* Decode subject infomation access extension in a certificate.
+/* Decode subject information access extension in a certificate.
  *
  * X.509: RFC 5280, 4.2.2.2 - Subject Information Access.
  *
@@ -19305,7 +20294,7 @@ static int DecodeSubjDirAttr(const byte* input, int sz, DecodedCert* cert)
  *          is invalid.
  * @return  MEMORY_E on dynamic memory allocation failure.
  */
-static int DecodeSubjInfoAcc(const byte* input, int sz, DecodedCert* cert)
+static int DecodeSubjInfoAcc(const byte* input, word32 sz, DecodedCert* cert)
 {
     word32 idx = 0;
     int length = 0;
@@ -19358,11 +20347,11 @@ static int DecodeSubjInfoAcc(const byte* input, int sz, DecodedCert* cert)
 
         /* Set caRepo entry */
         if (b == GENERALNAME_URI && oid == AIA_CA_REPO_OID) {
-            cert->extSubjInfoAccCaRepoSz = length;
+            cert->extSubjInfoAccCaRepoSz = (word32)length;
             cert->extSubjInfoAccCaRepo = input + idx;
             break;
         }
-        idx += length;
+        idx += (word32)length;
     }
 
     if (cert->extSubjInfoAccCaRepo == NULL ||
@@ -19457,7 +20446,19 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
         case AUTH_INFO_OID:
             VERIFY_AND_SET_OID(cert->extAuthInfoSet);
             cert->extAuthInfoCrit = critical ? 1 : 0;
-            if (DecodeAuthInfo(input, length, cert) < 0) {
+        #ifndef WOLFSSL_ALLOW_CRIT_AIA
+            /* This check is added due to RFC 5280 section 4.2.2.1
+            * stating that conforming CA's must mark this extension
+            * as non-critical. When parsing extensions check that
+            * certificate was made in compliance with this. */
+            if (critical) {
+                WOLFSSL_MSG("Critical Authority Information Access is not"
+                            "allowed");
+                WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_AIA if wanted");
+                ret = ASN_CRIT_EXT_E;
+            }
+        #endif
+            if ((ret == 0) && (DecodeAuthInfo(input, length, cert) < 0)) {
                 ret = ASN_PARSE_E;
             }
             break;
@@ -19473,17 +20474,17 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
         case AUTH_KEY_OID:
             VERIFY_AND_SET_OID(cert->extAuthKeyIdSet);
             cert->extAuthKeyIdCrit = critical ? 1 : 0;
-            #ifndef WOLFSSL_ALLOW_CRIT_SKID
-                /* This check is added due to RFC 5280 section 4.2.1.1
-                 * stating that conforming CA's must mark this extension
-                 * as non-critical. When parsing extensions check that
-                 * certificate was made in compliance with this. */
-                if (critical) {
-                    WOLFSSL_MSG("Critical Auth Key ID is not allowed");
-                    WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
-                    ret = ASN_CRIT_EXT_E;
-                }
-            #endif
+        #ifndef WOLFSSL_ALLOW_CRIT_AKID
+            /* This check is added due to RFC 5280 section 4.2.1.1
+             * stating that conforming CA's must mark this extension
+             * as non-critical. When parsing extensions check that
+             * certificate was made in compliance with this. */
+            if (critical) {
+                WOLFSSL_MSG("Critical Auth Key ID is not allowed");
+                WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_AKID if wanted");
+                ret = ASN_CRIT_EXT_E;
+            }
+        #endif
             if ((ret == 0) && (DecodeAuthKeyId(input, length, cert) < 0)) {
                 ret = ASN_PARSE_E;
             }
@@ -19493,17 +20494,17 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
         case SUBJ_KEY_OID:
             VERIFY_AND_SET_OID(cert->extSubjKeyIdSet);
             cert->extSubjKeyIdCrit = critical ? 1 : 0;
-            #ifndef WOLFSSL_ALLOW_CRIT_SKID
-                /* This check is added due to RFC 5280 section 4.2.1.2
-                 * stating that conforming CA's must mark this extension
-                 * as non-critical. When parsing extensions check that
-                 * certificate was made in compliance with this. */
-                if (critical) {
-                    WOLFSSL_MSG("Critical Subject Key ID is not allowed");
-                    WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
-                    ret = ASN_CRIT_EXT_E;
-                }
-            #endif
+        #ifndef WOLFSSL_ALLOW_CRIT_SKID
+            /* This check is added due to RFC 5280 section 4.2.1.2
+             * stating that conforming CA's must mark this extension
+             * as non-critical. When parsing extensions check that
+             * certificate was made in compliance with this. */
+            if (critical) {
+                WOLFSSL_MSG("Critical Subject Key ID is not allowed");
+                WOLFSSL_MSG("Use macro WOLFSSL_ALLOW_CRIT_SKID if wanted");
+                ret = ASN_CRIT_EXT_E;
+            }
+        #endif
 
             if ((ret == 0) && (DecodeSubjKeyId(input, length, cert) < 0)) {
                 ret = ASN_PARSE_E;
@@ -19512,21 +20513,21 @@ static int DecodeExtensionType(const byte* input, word32 length, word32 oid,
 
         /* Certificate policies. */
         case CERT_POLICY_OID:
-            #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
-                VERIFY_AND_SET_OID(cert->extCertPolicySet);
-                #if defined(OPENSSL_EXTRA) || \
-                    defined(OPENSSL_EXTRA_X509_SMALL)
-                    cert->extCertPolicyCrit = critical ? 1 : 0;
-                #endif
-            #endif
-            #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || \
-                defined(WOLFSSL_QT)
-                if (DecodeCertPolicy(input, length, cert) < 0) {
-                    ret = ASN_PARSE_E;
-                }
-            #else
-                WOLFSSL_MSG("Certificate Policy extension not supported yet.");
+        #if defined(WOLFSSL_SEP) || defined(WOLFSSL_QT)
+            VERIFY_AND_SET_OID(cert->extCertPolicySet);
+            #if defined(OPENSSL_EXTRA) || \
+                defined(OPENSSL_EXTRA_X509_SMALL)
+                cert->extCertPolicyCrit = critical ? 1 : 0;
             #endif
+        #endif
+        #if defined(WOLFSSL_SEP) || defined(WOLFSSL_CERT_EXT) || \
+            defined(WOLFSSL_QT)
+            if (DecodeCertPolicy(input, length, cert) < 0) {
+                ret = ASN_PARSE_E;
+            }
+        #else
+            WOLFSSL_MSG("Certificate Policy extension not supported yet.");
+        #endif
             break;
 
         /* Key usage. */
@@ -19643,7 +20644,7 @@ enum {
     CERTEXTHDRASN_IDX_EXTSEQ
 };
 
-/* Number of itesm in ASN.1 template for extensions. */
+/* Number of items in ASN.1 template for extensions. */
 #define certExtHdrASN_Length (sizeof(certExtHdrASN) / sizeof(ASNItem))
 
 /* ASN.1 template for Extension.
@@ -19820,7 +20821,7 @@ end:
 
         /* Clear dynamic data. */
         XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length);
-        /* Ensure OID is an extention type. */
+        /* Ensure OID is an extension type. */
         GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType);
         /* Set criticality variable. */
         GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical);
@@ -19878,6 +20879,41 @@ end:
 }
 
 #ifdef WOLFSSL_ASN_TEMPLATE
+
+#if defined(HAVE_RPK)
+/* ASN template for a Raw Public Key certificate defined RFC7250. */
+static const ASNItem RPKCertASN[] = {
+/* SubjectPublicKeyInfo ::= SEQUENCE */ { 0, ASN_SEQUENCE, 1, 1, 0 },
+    /* algorithm    AlgorithmIdentifier */
+    /* AlgorithmIdentifier ::= SEQUENCE */   { 1, ASN_SEQUENCE, 1, 1, 0 },
+        /* Algorithm  OBJECT IDENTIFIER */
+        /* TBS_SPUBKEYINFO_ALGO_OID     */       { 2, ASN_OBJECT_ID, 0, 0, 0 },
+        /* parameters   ANY defined by algorithm OPTIONAL */
+        /* TBS_SPUBKEYINFO_ALGO_NULL     */      { 2, ASN_TAG_NULL, 0, 0, 2 },
+        /* TBS_SPUBKEYINFO_ALGO_CURVEID  */      { 2, ASN_OBJECT_ID, 0, 0, 2 },
+#ifdef WC_RSA_PSS
+        /* TBS_SPUBKEYINFO_ALGO_P_SEQ    */      { 2, ASN_SEQUENCE, 1, 0, 2 },
+#endif
+        /* subjectPublicKey   BIT STRING */
+        /* TBS_SPUBKEYINFO_PUBKEY        */   { 1, ASN_BIT_STRING, 0, 0, 0 },
+};
+/* Number of items in ASN template for a RawPublicKey certificate. */
+#define RPKCertASN_Length (sizeof(RPKCertASN) / sizeof(ASNItem))
+
+enum {
+    RPKCERTASN_IDX_SPUBKEYINFO_SEQ = 0,
+    RPKCERTASN_IDX_SPUBKEYINFO_ALGO_SEQ,
+    RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID,
+    RPKCERTASN_IDX_SPUBKEYINFO_ALGO_NULL,
+    RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID,
+#ifdef WC_RSA_PSS
+    RPKCERTASN_IDX_SPUBKEYINFO_ALGO_P_SEQ,
+#endif
+    RPKCERTASN_IDX_SPUBKEYINFO_PUBKEY,
+};
+
+#endif /* HAVE_RPK */
+
 /* ASN template for an X509 certificate.
  * X.509: RFC 5280, 4.1 - Basic Certificate Fields.
  */
@@ -19887,12 +20923,12 @@ static const ASNItem x509CertASN[] = {
                                                    /* tbsCertificate       TBSCertificate */
                                                    /* TBSCertificate ::= SEQUENCE */
 /* TBS_SEQ                       */        { 1, ASN_SEQUENCE, 1, 1, 0 },
-                                                   /* version         [0]  EXPLICT Version DEFAULT v1 */
+                                                   /* version         [0]  EXPLICIT Version DEFAULT v1 */
 /* TBS_VER                       */            { 2, ASN_CONTEXT_SPECIFIC | ASN_X509_CERT_VERSION, 1, 1, 1 },
                                                    /* Version ::= INTEGER { v1(0), v2(1), v3(2) */
 /* TBS_VER_INT                   */                { 3, ASN_INTEGER, 0, 0, 0 },
                                                    /* serialNumber         CertificateSerialNumber */
-                                                   /* CetificateSerialNumber ::= INTEGER */
+                                                   /* CertificateSerialNumber ::= INTEGER */
 /* TBS_SERIAL                    */            { 2, ASN_INTEGER, 0, 0, 0 },
                                                    /* signature            AlgorithmIdentifier */
                                                    /* AlgorithmIdentifier ::= SEQUENCE */
@@ -20082,6 +21118,40 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
     word32 pubKeyEnd = 0;
     int done = 0;
 
+#if defined(HAVE_RPK)
+    /* try to parse the cert as Raw Public Key cert */
+    DECL_ASNGETDATA(RPKdataASN, RPKCertASN_Length);
+    CALLOC_ASNGETDATA(RPKdataASN, RPKCertASN_Length, ret, cert->heap);
+    GetASN_OID(&RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID],
+                                                                oidKeyType);
+    GetASN_OID(&RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_CURVEID],
+                                                                oidCurveType);
+    ret = GetASN_Items(RPKCertASN, RPKdataASN, RPKCertASN_Length, 1,
+                           cert->source, &cert->srcIdx, cert->maxIdx);
+    if (ret == 0) {
+        cert->keyOID =
+                RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_ALGO_OID].data.oid.sum;
+
+        /* Parse the public key. */
+        pubKeyOffset = RPKdataASN[RPKCERTASN_IDX_SPUBKEYINFO_SEQ].offset;
+        pubKeyEnd = cert->maxIdx;
+        ret = GetCertKey(cert, cert->source, &pubKeyOffset, pubKeyEnd);
+        if (ret == 0) {
+            WOLFSSL_MSG("Raw Public Key certificate found and parsed");
+            cert->isRPK = 1;
+        }
+    }
+    /* Dispose of memory before allocating for extension decoding. */
+    FREE_ASNGETDATA(RPKdataASN, cert->heap);
+
+    if (ret == 0) {
+        return ret;
+    }
+    else {
+        ret = 0;    /* proceed to the original x509 parsing */
+    }
+#endif /* HAVE_RPK */
+
     CALLOC_ASNGETDATA(dataASN, x509CertASN_Length, ret, cert->heap);
 
     if (ret == 0) {
@@ -20132,7 +21202,8 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
         i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC].tag != 0)
                 ? X509CERTASN_IDX_TBS_VALIDITY_NOTB_UTC
                 : X509CERTASN_IDX_TBS_VALIDITY_NOTB_GT;
-        if ((CheckDate(&dataASN[i], BEFORE) < 0) && verify) {
+        if ((CheckDate(&dataASN[i], BEFORE) < 0) && (verify != NO_VERIFY) &&
+                (verify != VERIFY_SKIP_DATE)) {
             badDate = ASN_BEFORE_DATE_E;
         }
         /* Store reference to BEFOREdate. */
@@ -20143,7 +21214,8 @@ static int DecodeCertInternal(DecodedCert* cert, int verify, int* criticalExt,
         i = (dataASN[X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC].tag != 0)
                 ? X509CERTASN_IDX_TBS_VALIDITY_NOTA_UTC
                 : X509CERTASN_IDX_TBS_VALIDITY_NOTA_GT;
-        if ((CheckDate(&dataASN[i], AFTER) < 0) && verify) {
+        if ((CheckDate(&dataASN[i], AFTER) < 0) && (verify != NO_VERIFY) &&
+                (verify != VERIFY_SKIP_DATE)) {
             badDate = ASN_AFTER_DATE_E;
         }
         /* Store reference to AFTER date. */
@@ -20401,7 +21473,7 @@ static const byte strAttrChoice[] = {
  *
  * @param [in]  cert         Certificate request object.
  * @param [out] criticalExt  Critical extension return code.
- * @param [in]  oid          OID decribing which attribute was found.
+ * @param [in]  oid          OID describing which attribute was found.
  * @param [in]  aIdx         Index into certificate source to start parsing.
  * @param [in]  input        Attribute value data.
  * @param [in]  maxIdx       Maximum index to parse to.
@@ -20477,6 +21549,22 @@ static int DecodeCertReqAttrValue(DecodedCert* cert, int* criticalExt,
             }
             break;
 
+        case UNSTRUCTURED_NAME_OID:
+            /* Clear dynamic data and specify choices acceptable. */
+            XMEMSET(strDataASN, 0, sizeof(strDataASN));
+            GetASN_Choice(&strDataASN[STRATTRASN_IDX_STR], strAttrChoice);
+            /* Parse a string. */
+            ret = GetASN_Items(strAttrASN, strDataASN, strAttrASN_Length,
+                               1, input, &idx, maxIdx);
+            if (ret == 0) {
+                /* Store references to unstructured name. */
+                cert->unstructuredName =
+                        (char*)strDataASN[STRATTRASN_IDX_STR].data.ref.data;
+                cert->unstructuredNameLen = (int)strDataASN[STRATTRASN_IDX_STR].
+                    data.ref.length;
+            }
+            break;
+
         /* Certificate extensions to be included in generated certificate.
          * PKCS#9: RFC 2985, 5.4.2 - Extension request
          */
@@ -20721,7 +21809,7 @@ int ParseCert(DecodedCert* cert, int type, int verify, void* cm)
 
 #if (!defined(WOLFSSL_NO_MALLOC) && !defined(NO_WOLFSSL_CM_VERIFY)) || \
     defined(WOLFSSL_DYN_CERT)
-    /* cert->subjectCN not stored as copy of WOLFSSL_NO_MALLOC defind */
+    /* cert->subjectCN not stored as copy of WOLFSSL_NO_MALLOC defined */
     if (cert->subjectCNLen > 0) {
         ptr = (char*)XMALLOC((size_t)cert->subjectCNLen + 1, cert->heap,
                               DYNAMIC_TYPE_SUBJECT_CN);
@@ -20760,29 +21848,10 @@ int wc_ParseCert(DecodedCert* cert, int type, int verify, void* cm)
     return ParseCert(cert, type, verify, cm);
 }
 
-#if !defined(OPENSSL_EXTRA) && !defined(OPENSSL_EXTRA_X509_SMALL) && \
-    !defined(GetCA)
-/* from SSL proper, for locking can't do find here anymore.
- * brought in from internal.h if built with compat layer.
- * if defined(GetCA), it's a predefined macro and these prototypes
- * would conflict.
- */
-#ifdef __cplusplus
-    extern "C" {
-#endif
-    Signer* GetCA(void* signers, byte* hash);
-    #ifndef NO_SKID
-        Signer* GetCAByName(void* signers, byte* hash);
-    #endif
-#ifdef __cplusplus
-    }
-#endif
-
-#endif /* !OPENSSL_EXTRA && !OPENSSL_EXTRA_X509_SMALL && !GetCA */
-
-#if defined(WOLFCRYPT_ONLY)
+#ifdef WOLFCRYPT_ONLY
 
 /* dummy functions, not using wolfSSL so don't need actual ones */
+Signer* GetCA(void* signers, byte* hash);
 Signer* GetCA(void* signers, byte* hash)
 {
     (void)hash;
@@ -20791,6 +21860,7 @@ Signer* GetCA(void* signers, byte* hash)
 }
 
 #ifndef NO_SKID
+Signer* GetCAByName(void* signers, byte* hash);
 Signer* GetCAByName(void* signers, byte* hash)
 {
     (void)hash;
@@ -20799,6 +21869,21 @@ Signer* GetCAByName(void* signers, byte* hash)
 }
 #endif /* NO_SKID */
 
+#ifdef WOLFSSL_AKID_NAME
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+        const byte* serial, word32 serialSz);
+Signer* GetCAByAKID(void* vp, const byte* issuer, word32 issuerSz,
+        const byte* serial, word32 serialSz)
+{
+    (void)issuer;
+    (void)issuerSz;
+    (void)serial;
+    (void)serialSz;
+
+    return (Signer*)vp;
+}
+#endif
+
 #endif /* WOLFCRYPT_ONLY */
 
 #if defined(WOLFSSL_NO_TRUSTED_CERTS_VERIFY) && !defined(NO_SKID)
@@ -20825,6 +21910,7 @@ static Signer* GetCABySubjectAndPubKey(DecodedCert* cert, void* cm)
  *
  * @param [in]  input   Input data.
  * @param [in]  maxIdx  Maximum index for data.
+ * @param [in]  sigOID  Signature OID for determining hash algorithm.
  * @param [out] hash    Hash of AKI.
  * @param [out] set     Whether the hash buffer was set.
  * @param [in]  heap    Dynamic memory allocation hint.
@@ -20833,10 +21919,10 @@ static Signer* GetCABySubjectAndPubKey(DecodedCert* cert, void* cm)
  *          is invalid.
  * @return  MEMORY_E on dynamic memory allocation failure.
  */
-static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set,
-                      void* heap)
+static int GetAKIHash(const byte* input, word32 maxIdx, word32 sigOID,
+                      byte* hash, int* set, void* heap)
 {
-    /* AKI and Certificate Extenion ASN.1 templates are the same length. */
+    /* AKI and Certificate Extension ASN.1 templates are the same length. */
     DECL_ASNGETDATA(dataASN, certExtASN_Length);
     int ret = 0;
     word32 idx = 0;
@@ -20882,9 +21968,9 @@ static int GetAKIHash(const byte* input, word32 maxIdx, byte* hash, int* set,
                     *set = 1;
                     /* Get the hash or hash of the hash if wrong size. */
                     ret = GetHashId(
-                            dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
-                            dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
-                            hash);
+                        dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
+                        (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+                        hash, HashIdAlg(sigOID));
                 }
                 break;
             }
@@ -21149,7 +22235,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
                                     /* Get the hash or hash of the hash if wrong
                                      * size. */
                                     ret = GetHashId(cert + extIdx, extLen,
-                                                    hash);
+                                        hash, HashIdAlg(signatureOID));
                                 }
                             }
                             break;
@@ -21171,14 +22257,16 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
         if (extAuthKeyIdSet)
             ca = GetCA(cm, hash);
         if (ca == NULL) {
-            ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
+            ret = CalcHashId_ex(cert + issuerIdx, issuerSz, hash,
+                HashIdAlg(signatureOID));
             if (ret == 0)
                 ca = GetCAByName(cm, hash);
         }
     }
 #else
     if (ret == 0 && pubKey == NULL) {
-        ret = CalcHashId(cert + issuerIdx, issuerSz, hash);
+        ret = CalcHashId_ex(cert + issuerIdx, issuerSz, hash,
+            HashIdAlg(signatureOID));
         if (ret == 0)
             ca = GetCA(cm, hash);
     }
@@ -21407,7 +22495,8 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
         /* Find the AKI extension in list of extensions and get hash. */
         if ((!req) && (akiData != NULL)) {
             /* TODO: test case */
-            ret = GetAKIHash(akiData, akiLen, hash, &extAuthKeyIdSet, heap);
+            ret = GetAKIHash(akiData, akiLen, sigOID, hash, &extAuthKeyIdSet,
+                heap);
         }
 
         /* Get the CA by hash one was found. */
@@ -21418,7 +22507,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
 #endif
         {
             /* Try hash of issuer name. */
-            ret = CalcHashId(caName, caNameLen, hash);
+            ret = CalcHashId_ex(caName, caNameLen, hash, HashIdAlg(sigOID));
             if (ret == 0) {
                 ca = GetCAByName(cm, hash);
             }
@@ -21428,7 +22517,7 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
             /* Extract public key information. */
             pubKey = ca->publicKey;
             pubKeySz = ca->pubKeySize;
-            pubKeyOID = ca->keyOID;
+            pubKeyOID = (int)ca->keyOID;
         }
         else {
             /* No public key to verify with. */
@@ -21450,7 +22539,8 @@ static int CheckCertSignature_ex(const byte* cert, word32 certSz, void* heap,
 
             /* Check signature. */
             ret = ConfirmSignature(sigCtx, tbs, tbsSz, pubKey, pubKeySz,
-                pubKeyOID, sig, sigSz, sigOID, sigParams, sigParamsSz, NULL);
+                (word32)pubKeyOID, sig, sigSz, sigOID, sigParams, sigParamsSz,
+                NULL);
             if (ret != 0) {
                 WOLFSSL_MSG("Confirm signature failed");
             }
@@ -21589,7 +22679,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
             }
             /* Skip data if required. */
             else if (op.op == DECODE_INSTR_OVER) {
-                o += l;
+                o += (word32)l;
             }
         }
     }
@@ -21598,7 +22688,7 @@ int wc_CertGetPubKey(const byte* cert, word32 certSz,
         /* Return the public key data and length.
          * Skip first byte of BIT_STRING data: unused bits. */
         *pubKey = cert + o + 1;
-        *pubKeySz = l - 1;
+        *pubKeySz = (word32)(l - 1);
     }
 
     return ret;
@@ -21614,7 +22704,7 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
     int    len = 0;
 #endif
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     int    idx = 0;
 #endif
     byte*  sce_tsip_encRsaKeyIdx;
@@ -21643,7 +22733,11 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
         }
 
         WOLFSSL_MSG("Parsed Past Key");
-
+#if defined(HAVE_RPK)
+        if (cert->isRPK) {
+            return ret;
+        }
+#endif /* HAVE_RPK */
 
 #ifdef WOLFSSL_CERT_REQ
         /* Read attributes */
@@ -21888,14 +22982,38 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
                 WOLFSSL_ERROR_VERBOSE(ret);
                 return ret;
             }
+#if defined(HAVE_RPK)
+            if (cert->isRPK) {
+                return ret;
+            }
+#endif /* HAVE_RPK */
         }
 #endif
 
+    #ifndef ALLOW_INVALID_CERTSIGN
+        /* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.9
+         *   If the cA boolean is not asserted, then the keyCertSign bit in the
+         *   key usage extension MUST NOT be asserted. */
+        if (!cert->isCA && cert->extKeyUsageSet &&
+                (cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) {
+            WOLFSSL_ERROR_VERBOSE(KEYUSAGE_E);
+            return KEYUSAGE_E;
+        }
+    #endif
+
     #ifndef NO_SKID
         if (cert->extSubjKeyIdSet == 0 && cert->publicKey != NULL &&
                                                          cert->pubKeySize > 0) {
-            ret = CalcHashId(cert->publicKey, cert->pubKeySize,
-                                                            cert->extSubjKeyId);
+            if (cert->signatureOID == CTC_SM3wSM2) {
+                /* TODO: GmSSL creates IDs this way but whole public key info
+                 * block should be hashed. */
+                ret = CalcHashId_ex(cert->publicKey + cert->pubKeySize - 65, 65,
+                    cert->extSubjKeyId, HashIdAlg(cert->signatureOID));
+            }
+            else {
+                ret = CalcHashId_ex(cert->publicKey, cert->pubKeySize,
+                    cert->extSubjKeyId, HashIdAlg(cert->signatureOID));
+            }
             if (ret != 0) {
                 WOLFSSL_ERROR_VERBOSE(ret);
                 return ret;
@@ -21909,13 +23027,20 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
     #ifndef NO_SKID
             if (cert->extAuthKeyIdSet) {
                 cert->ca = GetCA(cm, cert->extAuthKeyId);
+        #ifdef WOLFSSL_AKID_NAME
+                if (cert->ca == NULL) {
+                    cert->ca = GetCAByAKID(cm, cert->extAuthKeyIdIssuer,
+                        cert->extAuthKeyIdIssuerSz, cert->extAuthKeyIdIssuerSN,
+                        cert->extAuthKeyIdIssuerSNSz);
+                }
+        #endif
             }
             if (cert->ca == NULL && cert->extSubjKeyIdSet
                                  && verify != VERIFY_OCSP) {
                 cert->ca = GetCA(cm, cert->extSubjKeyId);
             }
             if (cert->ca != NULL && XMEMCMP(cert->issuerHash,
-                                  cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
+                    cert->ca->subjectNameHash, KEYID_SIZE) != 0) {
                 cert->ca = NULL;
             }
             if (cert->ca == NULL) {
@@ -21947,93 +23072,31 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
             }
         }
 
-        if (cert->selfSigned) {
-            cert->maxPathLen = WOLFSSL_MAX_PATH_LEN;
-        } else {
-            /* RFC 5280 Section 4.2.1.9:
-             *
-             * load/receive check
-             *
-             * 1) Is CA boolean set?
-             *      No  - SKIP CHECK
-             *      Yes - Check key usage
-             * 2) Is Key usage extension present?
-             *      No  - goto 3
-             *      Yes - check keyCertSign assertion
-             *     2.a) Is keyCertSign asserted?
-             *          No  - goto 4
-             *          Yes - goto 3
-             * 3) Is pathLen set?
-             *      No  - goto 4
-             *      Yes - check pathLen against maxPathLen.
-             *      3.a) Is pathLen less than maxPathLen?
-             *           No - goto 4
-             *           Yes - set maxPathLen to pathLen and EXIT
-             * 4) Is maxPathLen > 0?
-             *      Yes - Reduce by 1
-             *      No  - ERROR
-             */
+        /* Set to WOLFSSL_MAX_PATH_LEN by default in InitDecodedCert_ex */
+        if (cert->pathLengthSet)
+            cert->maxPathLen = cert->pathLength;
 
-            if (cert->ca && cert->pathLengthSet) {
-                int checkPathLen = 0;
-                int decrementMaxPathLen = 0;
-                cert->maxPathLen = cert->pathLength;
-                if (cert->isCA) {
-                    WOLFSSL_MSG("\tCA boolean set");
-                    if (cert->extKeyUsageSet) {
-                        WOLFSSL_MSG("\tExtension Key Usage Set");
-                        if ((cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0) {
-                            checkPathLen = 1;
-                        }
-                        else {
-                            decrementMaxPathLen = 1;
-                        }
-                    }
-                    else {
-                        checkPathLen = 1;
-                    } /* !cert->ca check */
-                } /* cert is not a CA (assuming entity cert) */
-
-                if (checkPathLen && cert->pathLengthSet) {
-                    if (cert->pathLength < cert->ca->maxPathLen) {
-                        WOLFSSL_MSG("\tmaxPathLen status: set to pathLength");
-                        cert->maxPathLen = cert->pathLength;
-                    }
-                    else {
-                        decrementMaxPathLen = 1;
-                    }
-                }
-
-                if (decrementMaxPathLen && cert->ca->maxPathLen > 0) {
-                    WOLFSSL_MSG("\tmaxPathLen status: reduce by 1");
-                    cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
-                    if (verify != NO_VERIFY && type != CA_TYPE &&
-                                                    type != TRUSTED_PEER_TYPE) {
-                        WOLFSSL_MSG("\tmaxPathLen status: OK");
-                    }
-                } else if (decrementMaxPathLen && cert->ca->maxPathLen == 0) {
+        if (!cert->selfSigned) {
+            /* Need to perform a pathlen check on anything that will be used
+             * to sign certificates later on. Otherwise, pathLen doesn't
+             * mean anything.
+             * Nothing to check if we don't have the issuer of this cert. */
+            if (type != CERT_TYPE && cert->isCA && cert->extKeyUsageSet &&
+                (cert->extKeyUsage & KEYUSE_KEY_CERT_SIGN) != 0 && cert->ca) {
+                if (cert->ca->maxPathLen == 0) {
+                    /* This cert CAN NOT be used as an intermediate cert. The
+                     * issuer does not allow it. */
                     cert->maxPathLen = 0;
-                    if (verify != NO_VERIFY && type != CA_TYPE &&
-                                                    type != TRUSTED_PEER_TYPE) {
+                    if (verify != NO_VERIFY) {
                         WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
                         WOLFSSL_MSG("\tmaxPathLen status: ERROR");
                         WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_INV_E);
                         return ASN_PATHLEN_INV_E;
                     }
                 }
-            } else if (cert->ca && cert->isCA) {
-                /* case where cert->pathLength extension is not set */
-                if (cert->ca->maxPathLen > 0) {
-                    cert->maxPathLen = (byte)(cert->ca->maxPathLen - 1);
-                } else {
-                    cert->maxPathLen = 0;
-                    if (verify != NO_VERIFY && type != CA_TYPE &&
-                                                    type != TRUSTED_PEER_TYPE) {
-                        WOLFSSL_MSG("\tNon-entity cert, maxPathLen is 0");
-                        WOLFSSL_MSG("\tmaxPathLen status: ERROR");
-                        WOLFSSL_ERROR_VERBOSE(ASN_PATHLEN_INV_E);
-                        return ASN_PATHLEN_INV_E;
-                    }
+                else {
+                    cert->maxPathLen = (byte)min(cert->ca->maxPathLen - 1,
+                                           cert->maxPathLen);
                 }
             }
         }
@@ -22044,12 +23107,12 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
             if (cert->ca) {
                 /* Need the CA's public key hash for OCSP */
                 XMEMCPY(cert->issuerKeyHash, cert->ca->subjectKeyHash,
-                                                                KEYID_SIZE);
+                    KEYID_SIZE);
             }
         }
         #endif /* HAVE_OCSP */
     }
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     /* prepare for TSIP TLS cert verification API use */
     if (cert->keyOID == RSAk) {
         /* to call TSIP API, it needs keys position info in bytes */
@@ -22063,7 +23126,8 @@ int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm)
             return ret;
         }
         cert->sigCtx.CertAtt.certBegin = cert->certBegin;
-    } else if (cert->keyOID == ECDSAk) {
+    }
+    else if (cert->keyOID == ECDSAk) {
         cert->sigCtx.CertAtt.certBegin = cert->certBegin;
     }
     /* check if we can use TSIP for cert verification */
@@ -22317,24 +23381,6 @@ void FreeTrustedPeerTable(TrustedPeerCert** table, int rows, void* heap)
 }
 #endif /* WOLFSSL_TRUST_PEER_CERT */
 
-int SetMyVersion(word32 version, byte* output, int header)
-{
-    int i = 0;
-
-    if (output == NULL)
-        return BAD_FUNC_ARG;
-
-    if (header) {
-        output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
-        output[i++] = 3;
-    }
-    output[i++] = ASN_INTEGER;
-    output[i++] = 0x01;
-    output[i++] = (byte)version;
-
-    return i;
-}
-
 #if !defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS7)
 int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
     word32 outputSz, int maxSnSz)
@@ -22385,6 +23431,27 @@ int SetSerialNumber(const byte* sn, word32 snSz, byte* output,
 
 #endif /* !NO_CERTS */
 
+#if defined(WOLFSSL_ASN_TEMPLATE) || defined(HAVE_PKCS12) || \
+    (defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT))
+int SetMyVersion(word32 version, byte* output, int header)
+{
+    int i = 0;
+
+    if (output == NULL)
+        return BAD_FUNC_ARG;
+
+    if (header) {
+        output[i++] = ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED;
+        output[i++] = 3;
+    }
+    output[i++] = ASN_INTEGER;
+    output[i++] = 0x01;
+    output[i++] = (byte)version;
+
+    return i;
+}
+#endif
+
 #ifndef WOLFSSL_ASN_TEMPLATE
 int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
     byte* serial, int* serialSz, word32 maxIdx)
@@ -22436,6 +23503,7 @@ int AllocDer(DerBuffer** pDer, word32 length, int type, void* heap)
         /* Determine dynamic type */
         switch (type) {
             case CA_TYPE:   dynType = DYNAMIC_TYPE_CA;   break;
+            case CHAIN_CERT_TYPE:
             case CERT_TYPE: dynType = DYNAMIC_TYPE_CERT; break;
             case CRL_TYPE:  dynType = DYNAMIC_TYPE_CRL;  break;
             case DSA_TYPE:  dynType = DYNAMIC_TYPE_DSA;  break;
@@ -22600,6 +23668,7 @@ int wc_PemGetHeaderFooter(int type, const char** header, const char** footer)
     switch (type) {
         case CA_TYPE:       /* same as below */
         case TRUSTED_PEER_TYPE:
+        case CHAIN_CERT_TYPE:
         case CERT_TYPE:
             if (header) *header = BEGIN_CERT;
             if (footer) *footer = END_CERT;
@@ -23145,7 +24214,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
     const char* bufferEnd   = (const char*)(buff + longSz);
     long        neededSz;
     int         ret         = 0;
-    int         sz          = (int)longSz;
+    word32      sz          = (word32)longSz;
     int         encrypted_key = 0;
     DerBuffer*  der;
     word32      algId = 0;
@@ -23164,7 +24233,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
 
     /* map header if not found for type */
     for (;;) {
-        headerEnd = XSTRNSTR((char*)buff, header, (word32)sz);
+        headerEnd = XSTRNSTR((char*)buff, header, sz);
         if (headerEnd) {
             break;
         }
@@ -23247,7 +24316,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
             headerEnd = XSTRNSTR((char*)buff, PRIV_KEY_SUFFIX, sz);
             if (headerEnd) {
                 const char* beginEnd;
-                int endLen;
+                unsigned int endLen;
 
                 beginEnd = headerEnd + XSTR_SIZEOF(PRIV_KEY_SUFFIX);
                 if (beginEnd >= (char*)buff + sz) {
@@ -23271,7 +24340,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
                 }
 
                 /* headerEnd now points to beginning of header */
-                XMEMCPY(beginBuf, headerEnd, beginEnd - headerEnd);
+                XMEMCPY(beginBuf, headerEnd, (size_t)(beginEnd - headerEnd));
                 beginBuf[beginEnd - headerEnd] = '\0';
                 /* look for matching footer */
                 footer = XSTRNSTR(beginEnd,
@@ -23291,10 +24360,10 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
                     return BUFFER_E;
                 }
 
-                endLen = (unsigned int)(beginEnd - headerEnd -
+                endLen = (unsigned int)((size_t)(beginEnd - headerEnd) -
                             (XSTR_SIZEOF(BEGIN_PRIV_KEY_PREFIX) -
                                     XSTR_SIZEOF(END_PRIV_KEY_PREFIX)));
-                XMEMCPY(endBuf, footer, endLen);
+                XMEMCPY(endBuf, footer, (size_t)endLen);
                 endBuf[endLen] = '\0';
 
                 header = beginBuf;
@@ -23380,7 +24449,7 @@ int PemToDer(const unsigned char* buff, long longSz, int type,
 
     /* set up der buffer */
     neededSz = (long)(footerEnd - headerEnd);
-    if (neededSz > sz || neededSz <= 0)
+    if (neededSz > (long)sz || neededSz <= 0)
         return BUFFER_E;
 
     ret = AllocDer(pDer, (word32)neededSz, type, heap);
@@ -23659,7 +24728,8 @@ int wc_CertPemToDer(const unsigned char* pem, int pemSz,
         return BAD_FUNC_ARG;
     }
 
-    if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) {
+    if (type != CERT_TYPE && type != CHAIN_CERT_TYPE && type != CA_TYPE &&
+            type != CERTREQ_TYPE) {
         WOLFSSL_MSG("Bad cert type");
         return BAD_FUNC_ARG;
     }
@@ -24016,7 +25086,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
             }
 
             if (uuid == NULL) {
-                *uuidSz = id->len;
+                *uuidSz = (word32)id->len;
                 return LENGTH_ONLY_E;
             }
 
@@ -24024,7 +25094,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
                 return BUFFER_E;
             }
 
-            XMEMCPY(uuid, id->name, id->len);
+            XMEMCPY(uuid, id->name, (size_t)id->len);
             ret = 0; /* success */
             break;
         }
@@ -24034,7 +25104,7 @@ int wc_GetUUIDFromCert(struct DecodedCert* cert, byte* uuid, word32* uuidSz)
 }
 
 
-/* reutrns 0 on success */
+/* returns 0 on success */
 int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
 {
     int ret = ALT_NAME_E;
@@ -24044,7 +25114,7 @@ int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
         id = FindAltName(cert, ASN_OTHER_TYPE, id);
         if (id != NULL && id->oidSum == FASCN_OID) {
             if (fascn == NULL) {
-                *fascnSz = id->len;
+                *fascnSz = (word32)id->len;
                 return LENGTH_ONLY_E;
             }
 
@@ -24052,7 +25122,7 @@ int wc_GetFASCNFromCert(struct DecodedCert* cert, byte* fascn, word32* fascnSz)
                 return BUFFER_E;
             }
 
-            XMEMCPY(fascn, id->name, id->len);
+            XMEMCPY(fascn, id->name, (size_t)id->len);
             ret = 0; /* success */
         }
     } while (id != NULL);
@@ -24590,7 +25660,7 @@ typedef struct DerCert {
     int  keyUsageSz;                   /* encoded KeyUsage extension length */
     int  extKeyUsageSz;                /* encoded ExtendedKeyUsage extension length */
 #ifndef IGNORE_NETSCAPE_CERT_TYPE
-    int  nsCertTypeSz;                 /* encoded Netscape Certifcate Type
+    int  nsCertTypeSz;                 /* encoded Netscape Certificate Type
                                         * extension length */
 #endif
     int  certPoliciesSz;               /* encoded CertPolicies extension length*/
@@ -24685,477 +25755,6 @@ static int wc_SetCert_LoadDer(Cert* cert, const byte* der, word32 derSz,
 
 #endif /* WOLFSSL_CERT_GEN */
 
-#ifdef HAVE_ECC
-#ifdef WOLFSSL_ASN_TEMPLATE
-/* ASN.1 template for ECC public key (SubjectPublicKeyInfo).
- * RFC 5480, 2 - Subject Public Key Information Fields
- *           2.1.1 - Unrestricted Algorithm Identifier and Parameters
- * X9.62 ECC point format.
- * See ASN.1 template 'eccSpecifiedASN' for specifiedCurve.
- */
-static const ASNItem eccPublicKeyASN[] = {
-/* SEQ            */ { 0, ASN_SEQUENCE, 1, 1, 0 },
-                                             /* AlgorithmIdentifier */
-/* ALGOID_SEQ     */     { 1, ASN_SEQUENCE, 1, 1, 0 },
-                                                 /* algorithm */
-/* ALGOID_OID     */         { 2, ASN_OBJECT_ID, 0, 0, 0 },
-                                                 /* namedCurve */
-/* ALGOID_CURVEID */         { 2, ASN_OBJECT_ID, 0, 0, 2 },
-                                                 /* specifiedCurve - explicit parameters */
-/* ALGOID_PARAMS  */         { 2, ASN_SEQUENCE, 1, 0, 2 },
-                                             /* Public Key */
-/* PUBKEY         */     { 1, ASN_BIT_STRING, 0, 0, 0 },
-};
-enum {
-    ECCPUBLICKEYASN_IDX_SEQ = 0,
-    ECCPUBLICKEYASN_IDX_ALGOID_SEQ,
-    ECCPUBLICKEYASN_IDX_ALGOID_OID,
-    ECCPUBLICKEYASN_IDX_ALGOID_CURVEID,
-    ECCPUBLICKEYASN_IDX_ALGOID_PARAMS,
-    ECCPUBLICKEYASN_IDX_PUBKEY
-};
-
-/* Number of items in ASN.1 template for ECC public key. */
-#define eccPublicKeyASN_Length (sizeof(eccPublicKeyASN) / sizeof(ASNItem))
-#endif /* WOLFSSL_ASN_TEMPLATE */
-#endif /* HAVE_ECC */
-
-#if defined(HAVE_ECC) && defined(HAVE_ECC_KEY_EXPORT)
-
-/* Encode public ECC key in DER format.
- *
- * RFC 5480, 2 - Subject Public Key Information Fields
- *           2.1.1 - Unrestricted Algorithm Identifier and Parameters
- * X9.62 ECC point format.
- * SEC 1 Ver. 2.0, C.2 - Syntax for Elliptic Curve Domain Parameters
- *
- * @param [out] output       Buffer to put encoded data in.
- * @param [in]  key          ECC key object.
- * @param [in]  outLen       Size of buffer in bytes.
- * @param [in]  with_header  Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key or key's parameters is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-static int SetEccPublicKey(byte* output, ecc_key* key, int outLen,
-                           int with_header, int comp)
-{
-#ifndef WOLFSSL_ASN_TEMPLATE
-    int ret;
-    word32 idx = 0, curveSz, algoSz, pubSz, bitStringSz;
-    byte bitString[1 + MAX_LENGTH_SZ + 1]; /* 6 */
-    byte algo[MAX_ALGO_SZ];  /* 20 */
-
-    /* public size */
-    pubSz = key->dp ? (word32)key->dp->size : MAX_ECC_BYTES;
-    if (comp)
-        pubSz = 1 + pubSz;
-    else
-        pubSz = 1 + 2 * pubSz;
-
-    /* check for buffer overflow */
-    if (output != NULL && pubSz > (word32)outLen) {
-        return BUFFER_E;
-    }
-
-    /* headers */
-    if (with_header) {
-        ret = SetCurve(key, NULL, 0);
-        if (ret <= 0) {
-            return ret;
-        }
-        curveSz = (word32)ret;
-        ret = 0;
-
-        /* calculate size */
-        algoSz  = SetAlgoID(ECDSAk, algo, oidKeyType, (int)curveSz);
-        bitStringSz = SetBitString(pubSz, 0, bitString);
-        idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz, NULL);
-
-        /* check for buffer overflow */
-        if (output != NULL &&
-                curveSz + algoSz + bitStringSz + idx + pubSz > (word32)outLen) {
-            return BUFFER_E;
-        }
-
-        idx = SetSequence(pubSz + curveSz + bitStringSz + algoSz,
-            output);
-        /* algo */
-        if (output)
-            XMEMCPY(output + idx, algo, algoSz);
-        idx += algoSz;
-        /* curve */
-        if (output)
-            (void)SetCurve(key, output + idx, curveSz);
-        idx += curveSz;
-        /* bit string */
-        if (output)
-            XMEMCPY(output + idx, bitString, bitStringSz);
-        idx += bitStringSz;
-    }
-
-    /* pub */
-    if (output) {
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_export_x963_ex(key, output + idx, &pubSz, comp);
-        PRIVATE_KEY_LOCK();
-        if (ret != 0) {
-            return ret;
-        }
-    }
-    idx += pubSz;
-
-    return (int)idx;
-#else
-    word32 pubSz = 0;
-    int sz = 0;
-    int ret = 0;
-    int curveIdSz = 0;
-    byte* curveOid = NULL;
-
-    /* Check key validity. */
-    if ((key == NULL) || (key->dp == NULL)) {
-        ret = BAD_FUNC_ARG;
-    }
-
-    if (ret == 0) {
-        /* Calculate the size of the encoded public point. */
-        PRIVATE_KEY_UNLOCK();
-    #if defined(HAVE_COMP_KEY) && defined(HAVE_FIPS) && \
-            defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 2)
-        /* in earlier versions of FIPS the get length functionality is not
-         * available with compressed keys */
-        pubSz = key->dp ? key->dp->size : MAX_ECC_BYTES;
-        if (comp)
-            pubSz = 1 + pubSz;
-        else
-            pubSz = 1 + 2 * pubSz;
-        ret = LENGTH_ONLY_E;
-    #else
-        ret = wc_ecc_export_x963_ex(key, NULL, &pubSz, comp);
-    #endif
-        PRIVATE_KEY_LOCK();
-        /* LENGTH_ONLY_E on success. */
-        if (ret == LENGTH_ONLY_E) {
-            ret = 0;
-        }
-    }
-    if ((ret == 0) && with_header) {
-        /* Including SubjectPublicKeyInfo header. */
-        DECL_ASNSETDATA(dataASN, eccPublicKeyASN_Length);
-
-        CALLOC_ASNSETDATA(dataASN, eccPublicKeyASN_Length, ret, key->heap);
-
-        /* Get the length of the named curve OID to put into the encoding. */
-        curveIdSz = SetCurve(key, NULL, 0);
-        if (curveIdSz < 0) {
-            ret = curveIdSz;
-        }
-
-        if (ret == 0) {
-            /* Set the key type OID. */
-            SetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], ECDSAk,
-                    oidKeyType);
-            /* Set the curve OID. */
-            SetASN_ReplaceBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID],
-                NULL, (word32)curveIdSz);
-            /* Don't try to write out explicit parameters. */
-            dataASN[ECCPUBLICKEYASN_IDX_ALGOID_PARAMS].noOut = 1;
-            /* Set size of public point to ensure space is made for it. */
-            SetASN_Buffer(&dataASN[ECCPUBLICKEYASN_IDX_PUBKEY], NULL, pubSz);
-            /* Calculate size of ECC public key. */
-            ret = SizeASN_Items(eccPublicKeyASN, dataASN,
-                                eccPublicKeyASN_Length, &sz);
-        }
-
-        /* Check buffer, if passed in, is big enough for encoded data. */
-        if ((ret == 0) && (output != NULL) && (sz > outLen)) {
-            ret = BUFFER_E;
-        }
-        if ((ret == 0) && (output != NULL)) {
-            /* Encode ECC public key. */
-            SetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length,
-                         output);
-            /* Skip to where public point is to be encoded. */
-            output += sz - (int)pubSz;
-            /* Cache the location to place the name curve OID. */
-            curveOid = (byte*)
-                dataASN[ECCPUBLICKEYASN_IDX_ALGOID_CURVEID].data.buffer.data;
-        }
-
-        FREE_ASNSETDATA(dataASN, key->heap);
-    }
-    else if ((ret == 0) && (output != NULL) && (pubSz > (word32)outLen)) {
-        ret = BUFFER_E;
-    }
-    else {
-        /* Total size is the public point size. */
-        sz = (int)pubSz;
-    }
-
-    if ((ret == 0) && (output != NULL)) {
-        /* Put named curve OID data into encoding. */
-        curveIdSz = SetCurve(key, curveOid, (size_t)curveIdSz);
-        if (curveIdSz < 0) {
-            ret = curveIdSz;
-        }
-    }
-    if ((ret == 0) && (output != NULL)) {
-        /* Encode public point. */
-        PRIVATE_KEY_UNLOCK();
-        ret = wc_ecc_export_x963_ex(key, output, &pubSz, comp);
-        PRIVATE_KEY_LOCK();
-    }
-    if (ret == 0) {
-        /* Return the size of the encoding. */
-        ret = sz;
-    }
-
-    return ret;
-#endif
-}
-
-
-/* Encode the public part of an ECC key in a DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key            ECC key object.
- * @param [out] output         Buffer to hold DER encoding.
- * @param [in]  inLen          Size of buffer in bytes.
- * @param [in]  with_AlgCurve  Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key or key's parameters is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-WOLFSSL_ABI
-int wc_EccPublicKeyToDer(ecc_key* key, byte* output, word32 inLen,
-                                                              int with_AlgCurve)
-{
-    return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, 0);
-}
-
-int wc_EccPublicKeyToDer_ex(ecc_key* key, byte* output, word32 inLen,
-                                                    int with_AlgCurve, int comp)
-{
-    return SetEccPublicKey(output, key, (int)inLen, with_AlgCurve, comp);
-}
-
-int wc_EccPublicKeyDerSize(ecc_key* key, int with_AlgCurve)
-{
-    return SetEccPublicKey(NULL, key, 0, with_AlgCurve, 0);
-}
-
-#endif /* HAVE_ECC && HAVE_ECC_KEY_EXPORT */
-
-#ifdef WOLFSSL_ASN_TEMPLATE
-#if defined(WC_ENABLE_ASYM_KEY_EXPORT) || defined(WC_ENABLE_ASYM_KEY_IMPORT)
-/* ASN.1 template for Ed25519 and Ed448 public key (SubkectPublicKeyInfo).
- * RFC 8410, 4 - Subject Public Key Fields
- */
-static const ASNItem edPubKeyASN[] = {
-            /* SubjectPublicKeyInfo */
-/* SEQ        */ { 0, ASN_SEQUENCE, 1, 1, 0 },
-                                     /* AlgorithmIdentifier */
-/* ALGOID_SEQ */     { 1, ASN_SEQUENCE, 1, 1, 0 },
-                                         /* Ed25519/Ed448 OID */
-/* ALGOID_OID */         { 2, ASN_OBJECT_ID, 0, 0, 1 },
-                                     /* Public key stream */
-/* PUBKEY     */     { 1, ASN_BIT_STRING, 0, 0, 0 },
-};
-enum {
-    EDPUBKEYASN_IDX_SEQ = 0,
-    EDPUBKEYASN_IDX_ALGOID_SEQ,
-    EDPUBKEYASN_IDX_ALGOID_OID,
-    EDPUBKEYASN_IDX_PUBKEY
-};
-
-/* Number of items in ASN.1 template for Ed25519 and Ed448 public key. */
-#define edPubKeyASN_Length (sizeof(edPubKeyASN) / sizeof(ASNItem))
-#endif /* WC_ENABLE_ASYM_KEY_EXPORT || WC_ENABLE_ASYM_KEY_IMPORT */
-#endif /* WOLFSSL_ASN_TEMPLATE */
-
-#ifdef WC_ENABLE_ASYM_KEY_EXPORT
-
-/* Build ASN.1 formatted public key based on RFC 8410
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  pubKey       public key buffer
- * @param [in]  pubKeyLen    public ket buffer length
- * @param [out] output       Buffer to put encoded data in (optional)
- * @param [in]  outLen       Size of buffer in bytes
- * @param [in]  keyType      is "enum Key_Sum" like ED25519k
- * @param [in]  withHeader   Whether to include SubjectPublicKeyInfo around key.
- * @return  Size of encoded data in bytes on success
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int SetAsymKeyDerPublic(const byte* pubKey, word32 pubKeyLen,
-    byte* output, word32 outLen, int keyType, int withHeader)
-{
-    int ret = 0;
-#ifndef WOLFSSL_ASN_TEMPLATE
-    word32 idx = 0;
-    word32 seqDataSz = 0;
-    word32 sz;
-#else
-    int sz = 0;
-    DECL_ASNSETDATA(dataASN, edPubKeyASN_Length);
-#endif
-
-    if (pubKey == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-#ifndef WOLFSSL_ASN_TEMPLATE
-    /* calculate size */
-    if (withHeader) {
-        word32 algoSz      = SetAlgoID(keyType, NULL, oidKeyType, 0);
-        word32 bitStringSz = SetBitString(pubKeyLen, 0, NULL);
-
-        seqDataSz = algoSz + bitStringSz + pubKeyLen;
-        sz = SetSequence(seqDataSz, NULL) + seqDataSz;
-    }
-    else {
-        sz = pubKeyLen;
-    }
-
-    /* checkout output size */
-    if (output != NULL && sz > outLen) {
-        ret = BUFFER_E;
-    }
-
-    /* headers */
-    if (ret == 0 && output != NULL && withHeader) {
-        /* sequence */
-        idx = SetSequence(seqDataSz, output);
-        /* algo */
-        idx += SetAlgoID(keyType, output + idx, oidKeyType, 0);
-        /* bit string */
-        idx += SetBitString(pubKeyLen, 0, output + idx);
-    }
-
-    if (ret == 0 && output != NULL) {
-        /* pub */
-        XMEMCPY(output + idx, pubKey, pubKeyLen);
-        idx += pubKeyLen;
-
-        sz = idx;
-    }
-
-    if (ret == 0) {
-        ret = (int)sz;
-    }
-#else
-    if (withHeader) {
-        CALLOC_ASNSETDATA(dataASN, edPubKeyASN_Length, ret, NULL);
-
-        if (ret == 0) {
-            /* Set the OID. */
-            SetASN_OID(&dataASN[EDPUBKEYASN_IDX_ALGOID_OID], (word32)keyType,
-                    oidKeyType);
-            /* Leave space for public point. */
-            SetASN_Buffer(&dataASN[EDPUBKEYASN_IDX_PUBKEY], NULL, pubKeyLen);
-            /* Calculate size of public key encoding. */
-            ret = SizeASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, &sz);
-        }
-        if ((ret == 0) && (output != NULL) && (sz > (int)outLen)) {
-            ret = BUFFER_E;
-        }
-        if ((ret == 0) && (output != NULL)) {
-            /* Encode public key. */
-            SetASN_Items(edPubKeyASN, dataASN, edPubKeyASN_Length, output);
-            /* Set location to encode public point. */
-            output = (byte*)dataASN[EDPUBKEYASN_IDX_PUBKEY].data.buffer.data;
-        }
-
-        FREE_ASNSETDATA(dataASN, NULL);
-    }
-    else if ((output != NULL) && (pubKeyLen > outLen)) {
-        ret = BUFFER_E;
-    }
-    else if (ret == 0) {
-        sz = (int)pubKeyLen;
-    }
-
-    if ((ret == 0) && (output != NULL)) {
-        /* Put public key into space provided. */
-        XMEMCPY(output, pubKey, pubKeyLen);
-    }
-    if (ret == 0) {
-        ret = sz;
-    }
-#endif /* WOLFSSL_ASN_TEMPLATE */
-    return ret;
-}
-#endif /* WC_ENABLE_ASYM_KEY_EXPORT */
-
-#if defined(HAVE_ED25519) && defined(HAVE_ED25519_KEY_EXPORT)
-/* Encode the public part of an Ed25519 key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key       Ed25519 key object.
- * @param [out] output    Buffer to put encoded data in.
- * @param [in]  outLen    Size of buffer in bytes.
- * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Ed25519PublicKeyToDer(ed25519_key* key, byte* output, word32 inLen,
-                             int withAlg)
-{
-    int    ret;
-    byte   pubKey[ED25519_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_ed25519_export_public(key, pubKey, &pubKeyLen);
-    if (ret == 0) {
-        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
-            ED25519k, withAlg);
-    }
-    return ret;
-}
-#endif /* HAVE_ED25519 && HAVE_ED25519_KEY_EXPORT */
-
-#if defined(HAVE_ED448) && defined(HAVE_ED448_KEY_EXPORT)
-/* Encode the public part of an Ed448 key in DER.
- *
- * Pass NULL for output to get the size of the encoding.
- *
- * @param [in]  key       Ed448 key object.
- * @param [out] output    Buffer to put encoded data in.
- * @param [in]  outLen    Size of buffer in bytes.
- * @param [in]  withAlg   Whether to use SubjectPublicKeyInfo format.
- * @return  Size of encoded data in bytes on success.
- * @return  BAD_FUNC_ARG when key is NULL.
- * @return  MEMORY_E when dynamic memory allocation failed.
- */
-int wc_Ed448PublicKeyToDer(ed448_key* key, byte* output, word32 inLen,
-                           int withAlg)
-{
-    int    ret;
-    byte   pubKey[ED448_PUB_KEY_SIZE];
-    word32 pubKeyLen = (word32)sizeof(pubKey);
-
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    ret = wc_ed448_export_public(key, pubKey, &pubKeyLen);
-    if (ret == 0) {
-        ret = SetAsymKeyDerPublic(pubKey, pubKeyLen, output, inLen,
-            ED448k, withAlg);
-    }
-    return ret;
-}
-#endif /* HAVE_ED448 && HAVE_ED448_KEY_EXPORT */
 #ifdef WOLFSSL_CERT_GEN
 
 #ifndef NO_ASN_TIME
@@ -25447,10 +26046,9 @@ static int SetCaWithPathLen(byte* out, word32 outSz, byte pathLen)
     return (int)sizeof(caPathLenBasicConstASN1);
 }
 
-
-/* encode CA basic constraints true
+/* encode CA basic constraints
  * return total bytes written */
-static int SetCa(byte* out, word32 outSz)
+static int SetCaEx(byte* out, word32 outSz, byte isCa)
 {
     /* ASN1->DER sequence for Basic Constraints True */
     const byte caBasicConstASN1[] = {
@@ -25466,9 +26064,20 @@ static int SetCa(byte* out, word32 outSz)
 
     XMEMCPY(out, caBasicConstASN1, sizeof(caBasicConstASN1));
 
+    if (!isCa) {
+        out[sizeof(caBasicConstASN1)-1] = isCa;
+    }
+
     return (int)sizeof(caBasicConstASN1);
 }
 
+/* encode CA basic constraints true
+ * return total bytes written */
+static int SetCa(byte* out, word32 outSz)
+{
+    return SetCaEx(out, outSz, 1);
+}
+
 /* encode basic constraints without CA Boolean
  * return total bytes written */
 static int SetBC(byte* out, word32 outSz)
@@ -26261,6 +26870,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
             firstSz = cname->custom.oidSz;
             break;
     #endif
+    #ifdef WOLFSSL_CERT_REQ
+        case ASN_CONTENT_TYPE:
+            thisLen += (int)sizeof(attrPkcs9ContentTypeOid);
+            firstSz  = (int)sizeof(attrPkcs9ContentTypeOid);
+            break;
+    #endif
         default:
             thisLen += DN_OID_SZ;
             firstSz  = DN_OID_SZ;
@@ -26325,6 +26940,15 @@ static int EncodeName(EncodedName* name, const char* nameStr,
             name->encoded[idx++] = nameTag;
             break;
     #endif
+    #ifdef WOLFSSL_CERT_REQ
+        case ASN_CONTENT_TYPE:
+            XMEMCPY(name->encoded + idx, attrPkcs9ContentTypeOid,
+                    sizeof(attrPkcs9ContentTypeOid));
+            idx += (int)sizeof(attrPkcs9ContentTypeOid);
+            /* str type */
+            name->encoded[idx++] = nameTag;
+            break;
+    #endif
         default:
             name->encoded[idx++] = 0x55;
             name->encoded[idx++] = 0x04;
@@ -26397,6 +27021,12 @@ static int EncodeName(EncodedName* name, const char* nameStr,
                 oidSz = cname->custom.oidSz;
                 break;
         #endif
+        #ifdef WOLFSSL_CERT_REQ
+            case ASN_CONTENT_TYPE:
+                oid = attrPkcs9ContentTypeOid;
+                oidSz = sizeof(attrPkcs9ContentTypeOid);
+                break;
+        #endif
             default:
                 /* Construct OID using type. */
                 dnOid[2] = type;
@@ -26455,6 +27085,132 @@ int wc_EncodeNameCanonical(EncodedName* name, const char* nameStr,
 }
 #endif /* WOLFSSL_CERT_GEN || OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
 
+#if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) || \
+    (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
+
+/* Convert key usage string (comma delimited, null terminated) to word16
+ * Returns 0 on success, negative on error */
+int ParseKeyUsageStr(const char* value, word16* keyUsage, void* heap)
+{
+    int ret = 0;
+    char *token, *str, *ptr;
+    word32 len = 0;
+    word16 usage = 0;
+
+    if (value == NULL || keyUsage == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* duplicate string (including terminator) */
+    len = (word32)XSTRLEN(value);
+    str = (char*)XMALLOC(len + 1, heap, DYNAMIC_TYPE_TMP_BUFFER);
+    if (str == NULL) {
+        return MEMORY_E;
+    }
+    XMEMCPY(str, value, len + 1);
+
+    /* parse value, and set corresponding Key Usage value */
+    if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
+        XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+        return KEYUSAGE_E;
+    }
+    while (token != NULL) {
+        if (!XSTRCASECMP(token, "digitalSignature"))
+            usage |= KEYUSE_DIGITAL_SIG;
+        else if (!XSTRCASECMP(token, "nonRepudiation") ||
+                 !XSTRCASECMP(token, "contentCommitment"))
+            usage |= KEYUSE_CONTENT_COMMIT;
+        else if (!XSTRCASECMP(token, "keyEncipherment"))
+            usage |= KEYUSE_KEY_ENCIPHER;
+        else if (!XSTRCASECMP(token, "dataEncipherment"))
+            usage |= KEYUSE_DATA_ENCIPHER;
+        else if (!XSTRCASECMP(token, "keyAgreement"))
+            usage |= KEYUSE_KEY_AGREE;
+        else if (!XSTRCASECMP(token, "keyCertSign"))
+            usage |= KEYUSE_KEY_CERT_SIGN;
+        else if (!XSTRCASECMP(token, "cRLSign"))
+            usage |= KEYUSE_CRL_SIGN;
+        else if (!XSTRCASECMP(token, "encipherOnly"))
+            usage |= KEYUSE_ENCIPHER_ONLY;
+        else if (!XSTRCASECMP(token, "decipherOnly"))
+            usage |= KEYUSE_DECIPHER_ONLY;
+        else {
+            ret = KEYUSAGE_E;
+            break;
+        }
+
+        token = XSTRTOK(NULL, ",", &ptr);
+    }
+
+    XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (ret == 0) {
+        *keyUsage = usage;
+    }
+
+    return ret;
+}
+
+/* Convert extended key usage string (comma delimited, null terminated) to byte
+ * Returns 0 on success, negative on error */
+int ParseExtKeyUsageStr(const char* value, byte* extKeyUsage, void* heap)
+{
+    int ret = 0;
+    char *token, *str, *ptr;
+    word32 len = 0;
+    byte usage = 0;
+
+    if (value == NULL || extKeyUsage == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* duplicate string (including terminator) */
+    len = (word32)XSTRLEN(value);
+    str = (char*)XMALLOC(len + 1, heap, DYNAMIC_TYPE_TMP_BUFFER);
+    if (str == NULL) {
+        return MEMORY_E;
+    }
+    XMEMCPY(str, value, len + 1);
+
+    /* parse value, and set corresponding Key Usage value */
+    if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
+        XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+        return EXTKEYUSAGE_E;
+    }
+    while (token != NULL) {
+        if (!XSTRCASECMP(token, "any"))
+            usage |= EXTKEYUSE_ANY;
+        else if (!XSTRCASECMP(token, "serverAuth"))
+            usage |= EXTKEYUSE_SERVER_AUTH;
+        else if (!XSTRCASECMP(token, "clientAuth"))
+            usage |= EXTKEYUSE_CLIENT_AUTH;
+        else if (!XSTRCASECMP(token, "codeSigning"))
+            usage |= EXTKEYUSE_CODESIGN;
+        else if (!XSTRCASECMP(token, "emailProtection"))
+            usage |= EXTKEYUSE_EMAILPROT;
+        else if (!XSTRCASECMP(token, "timeStamping"))
+            usage |= EXTKEYUSE_TIMESTAMP;
+        else if (!XSTRCASECMP(token, "OCSPSigning"))
+            usage |= EXTKEYUSE_OCSP_SIGN;
+        else {
+            ret = EXTKEYUSAGE_E;
+            break;
+        }
+
+        token = XSTRTOK(NULL, ",", &ptr);
+    }
+
+    XFREE(str, heap, DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (ret == 0) {
+        *extKeyUsage = usage;
+    }
+
+    return ret;
+}
+
+#endif /* (CERT_GEN && CERT_EXT) || (OPENSSL_ALL || OPENSSL_EXTRA) */
+
 #ifdef WOLFSSL_CERT_GEN
 /* Encodes one attribute of the name (issuer/subject)
  * call we_EncodeName_ex with 0x16, IA5String for email type
@@ -27072,6 +27828,13 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz,
                 dataASN[CERTEXTSASN_IDX_BC_PATHLEN].noOut = 1;
             }
         }
+    #ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
+        else if (cert->isCaSet) {
+            SetASN_Boolean(&dataASN[CERTEXTSASN_IDX_BC_CA], 0);
+            SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_BC_OID], bcOID, sizeof(bcOID));
+            dataASN[CERTEXTSASN_IDX_BC_PATHLEN].noOut = 1;
+        }
+    #endif
         else if (cert->basicConstSet) {
             /* Set Basic Constraints to be a non Certificate Authority. */
             SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_BC_OID], bcOID, sizeof(bcOID));
@@ -27127,7 +27890,7 @@ static int EncodeExtensions(Cert* cert, byte* output, word32 maxSz,
         #ifdef WOLFSSL_AKID_NAME
             if (cert->rawAkid) {
                 SetASN_Buffer(&dataASN[CERTEXTSASN_IDX_AKID_STR],
-                        cert->akid, cert->akidSz);
+                        cert->akid, (word32)cert->akidSz);
                 /* cert->akid contains the internal ext structure */
                 SetASNItem_NoOutBelow(dataASN, certExtsASN,
                         CERTEXTSASN_IDX_AKID_STR, certExtsASN_Length);
@@ -27383,7 +28146,7 @@ static int SetValidity(byte* output, int daysValid)
     /* subtract 1 day of seconds for more compliance */
     then = now - 86400;
     expandedTime = XGMTIME(&then, tmpTime);
-    if (expandedTime == NULL) {
+    if (ValidateGmtime(expandedTime)) {
         WOLFSSL_MSG("XGMTIME failed");
         return 0;   /* error */
     }
@@ -27402,7 +28165,7 @@ static int SetValidity(byte* output, int daysValid)
     /* add daysValid of seconds */
     then = now + (daysValid * (time_t)86400);
     expandedTime = XGMTIME(&then, tmpTime);
-    if (expandedTime == NULL) {
+    if (ValidateGmtime(expandedTime)) {
         WOLFSSL_MSG("XGMTIME failed");
         return 0;   /* error */
     }
@@ -27451,7 +28214,7 @@ static int SetValidity(byte* before, byte* after, int daysValid)
     /* subtract 1 day of seconds for more compliance */
     then = now - 86400;
     expandedTime = XGMTIME(&then, tmpTime);
-    if (expandedTime == NULL) {
+    if (ValidateGmtime(expandedTime)) {
         WOLFSSL_MSG("XGMTIME failed");
         ret = DATE_E;
     }
@@ -27467,7 +28230,7 @@ static int SetValidity(byte* before, byte* after, int daysValid)
         /* add daysValid of seconds */
         then = now + (daysValid * (time_t)86400);
         expandedTime = XGMTIME(&then, tmpTime);
-        if (expandedTime == NULL) {
+        if (ValidateGmtime(expandedTime)) {
             WOLFSSL_MSG("XGMTIME failed");
             ret = DATE_E;
         }
@@ -27720,7 +28483,17 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey,
 
         der->extensionsSz += der->caSz;
     }
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
     /* Set CA */
+    else if (cert->isCaSet) {
+        der->caSz = SetCaEx(der->ca, sizeof(der->ca), cert->isCA);
+        if (der->caSz <= 0)
+            return EXTENSIONS_E;
+
+        der->extensionsSz += der->caSz;
+    }
+#endif
+    /* Set CA true */
     else if (cert->isCA) {
         der->caSz = SetCa(der->ca, sizeof(der->ca));
         if (der->caSz <= 0)
@@ -28287,9 +29060,15 @@ int AddSignature(byte* buf, int bodySz, const byte* sig, int sigSz,
 
     /* In place, put body between SEQUENCE and signature. */
     if (ret == 0) {
-        /* Set sigature OID and signature data. */
+        /* Set signature OID and signature data. */
         SetASN_OID(&dataASN[SIGASN_IDX_SIGALGO_OID], (word32)sigAlgoType,
                    oidSigType);
+        if (dataASN[SIGASN_IDX_SIGALGO_OID].data.buffer.data == NULL) {
+            /* The OID was not found or compiled in! */
+            ret = ASN_UNKNOWN_OID_E;
+        }
+    }
+    if (ret == 0) {
         if (IsSigAlgoECC((word32)sigAlgoType)) {
             /* ECDSA and EdDSA doesn't have NULL tagged item. */
             dataASN[SIGASN_IDX_SIGALGO_NULL].noOut = 1;
@@ -28720,7 +29499,7 @@ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz,
                 dataASN[X509CERTASN_IDX_TBS_EXT_SEQ].data.buffer.length, 0);
     }
     if (ret >= 0) {
-        /* Store encoded certifcate body size. */
+        /* Store encoded certificate body size. */
         cert->bodySz = sz;
         /* Return the encoding size. */
         ret = sz;
@@ -29112,7 +29891,17 @@ static int EncodeCertReq(Cert* cert, DerCert* der, RsaKey* rsaKey,
 
         der->extensionsSz += der->caSz;
     }
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
     /* Set CA */
+    else if (cert->isCaSet) {
+        der->caSz = SetCaEx(der->ca, sizeof(der->ca), cert->isCA);
+        if (der->caSz <= 0)
+            return EXTENSIONS_E;
+
+        der->extensionsSz += der->caSz;
+    }
+#endif
+    /* Set CA true */
     else if (cert->isCA) {
         der->caSz = SetCa(der->ca, sizeof(der->ca));
         if (der->caSz <= 0)
@@ -29343,6 +30132,11 @@ static const ASNItem certReqBodyASN[] = {
 /* ATTRS_CPW_SET   */             { 3, ASN_SET, 1, 1, 0 },
 /* ATTRS_CPW_PS    */                 { 4, ASN_PRINTABLE_STRING, 0, 0, 0 },
 /* ATTRS_CPW_UTF   */                 { 4, ASN_UTF8STRING, 0, 0, 0 },
+/* ATTRS_USN_SEQ   */         { 2, ASN_SEQUENCE, 1, 1, 1 },
+/* ATTRS_USN_OID   */             { 3, ASN_OBJECT_ID, 0, 0, 0 },
+/* ATTRS_USN_SET   */             { 3, ASN_SET, 1, 1, 0 },
+/* ATTRS_USN_PS    */                 { 4, ASN_PRINTABLE_STRING, 0, 0, 0 },
+/* ATTRS_USN_UTF   */                 { 4, ASN_UTF8STRING, 0, 0, 0 },
                                                  /* Extensions Attribute */
 /* EXT_SEQ         */         { 2, ASN_SEQUENCE, 1, 1, 1 },
 /* EXT_OID         */             { 3, ASN_OBJECT_ID, 0, 0, 0 },
@@ -29360,6 +30154,11 @@ enum {
     CERTREQBODYASN_IDX_ATTRS_CPW_SET,
     CERTREQBODYASN_IDX_ATTRS_CPW_PS,
     CERTREQBODYASN_IDX_ATTRS_CPW_UTF,
+    CERTREQBODYASN_IDX_ATTRS_USN_SEQ,
+    CERTREQBODYASN_IDX_ATTRS_USN_OID,
+    CERTREQBODYASN_IDX_ATTRS_USN_SET,
+    CERTREQBODYASN_IDX_ATTRS_USN_PS,
+    CERTREQBODYASN_IDX_ATTRS_USN_UTF,
     CERTREQBODYASN_IDX_EXT_SEQ,
     CERTREQBODYASN_IDX_EXT_OID,
     CERTREQBODYASN_IDX_EXT_SET,
@@ -29613,6 +30412,23 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
             SetASNItem_NoOutNode(dataASN, certReqBodyASN,
                     CERTREQBODYASN_IDX_ATTRS_CPW_SEQ, certReqBodyASN_Length);
         }
+        if (cert->unstructuredName[0] != '\0') {
+            /* Add unstructured name attribute. */
+            /* Set unstructured name OID. */
+            SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_USN_OID],
+                attrUnstructuredNameOid, sizeof(attrUnstructuredNameOid));
+                /* PRINTABLE_STRING - set buffer */
+                SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_ATTRS_USN_PS],
+                        (byte*)cert->unstructuredName,
+                        (word32)XSTRLEN(cert->unstructuredName));
+                /* UTF8STRING - don't encode */
+                dataASN[CERTREQBODYASN_IDX_ATTRS_USN_UTF].noOut = 1;
+        }
+        else {
+            /* Leave out unstructured name attribute item. */
+            SetASNItem_NoOutNode(dataASN, certReqBodyASN,
+                    CERTREQBODYASN_IDX_ATTRS_USN_SEQ, certReqBodyASN_Length);
+        }
         if (extSz > 0) {
             /* Set extension attribute OID. */
             SetASN_Buffer(&dataASN[CERTREQBODYASN_IDX_EXT_OID], attrExtensionRequestOid,
@@ -29665,7 +30481,7 @@ static int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz,
                 dataASN[CERTREQBODYASN_IDX_EXT_BODY].data.buffer.length, 1);
     }
     if (ret >= 0) {
-        /* Store encoded certifcate request body size. */
+        /* Store encoded certificate request body size. */
         cert->bodySz = sz;
         /* Return the encoding size. */
         ret = sz;
@@ -29963,12 +30779,22 @@ static int SetKeyIdFromPublicKey(Cert *cert, RsaKey *rsakey, ecc_key *eckey,
 
     /* Compute SKID by hashing public key */
     if (kid_type == SKID_TYPE) {
-        ret = CalcHashId(buf, (word32)bufferSz, cert->skid);
+        int hashId = HashIdAlg((word32)cert->sigType);
+        ret = CalcHashId_ex(buf, (word32)bufferSz, cert->skid, hashId);
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        cert->skidSz = wc_HashGetDigestSize(wc_HashTypeConvert(hashId));
+    #else
         cert->skidSz = KEYID_SIZE;
+    #endif
     }
     else if (kid_type == AKID_TYPE) {
-        ret = CalcHashId(buf, (word32)bufferSz, cert->akid);
+        int hashId = HashIdAlg((word32)cert->sigType);
+        ret = CalcHashId_ex(buf, (word32)bufferSz, cert->akid, hashId);
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        cert->akidSz = wc_HashGetDigestSize(wc_HashTypeConvert(hashId));
+    #else
         cert->akidSz = KEYID_SIZE;
+    #endif
     }
     else
         ret = BAD_FUNC_ARG;
@@ -30182,6 +31008,9 @@ int wc_SetSubjectKeyId(Cert *cert, const char* file)
     wc_ecc_free(eckey);
     XFREE(eckey, cert->heap, DYNAMIC_TYPE_ECC);
 #endif
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    (void)idx;
+#endif
     return ret;
 }
 
@@ -30202,9 +31031,14 @@ static int SetAuthKeyIdFromDcert(Cert* cert, DecodedCert* decoded)
     }
 
     else {
-        /* Put the SKID of CA to AKID of certificate */
-        XMEMCPY(cert->akid, decoded->extSubjKeyId, KEYID_SIZE);
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        cert->akidSz = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+            cert->sigType)));
+    #else
         cert->akidSz = KEYID_SIZE;
+    #endif
+        /* Put the SKID of CA to AKID of certificate */
+        XMEMCPY(cert->akid, decoded->extSubjKeyId, (size_t)cert->akidSz);
     }
 
     return ret;
@@ -30264,56 +31098,14 @@ int wc_SetAuthKeyId(Cert *cert, const char* file)
 int wc_SetKeyUsage(Cert *cert, const char *value)
 {
     int ret = 0;
-    char *token, *str, *ptr;
-    word32 len;
 
     if (cert == NULL || value == NULL)
         return BAD_FUNC_ARG;
 
     cert->keyUsage = 0;
 
-    /* duplicate string (including terminator) */
-    len = (word32)XSTRLEN(value);
-    str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (str == NULL)
-        return MEMORY_E;
-    XMEMCPY(str, value, len+1);
-
-    /* parse value, and set corresponding Key Usage value */
-    if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
-        XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return KEYUSAGE_E;
-    }
-    while (token != NULL)
-    {
-        if (!XSTRCASECMP(token, "digitalSignature"))
-            cert->keyUsage |= KEYUSE_DIGITAL_SIG;
-        else if (!XSTRCASECMP(token, "nonRepudiation") ||
-                 !XSTRCASECMP(token, "contentCommitment"))
-            cert->keyUsage |= KEYUSE_CONTENT_COMMIT;
-        else if (!XSTRCASECMP(token, "keyEncipherment"))
-            cert->keyUsage |= KEYUSE_KEY_ENCIPHER;
-        else if (!XSTRCASECMP(token, "dataEncipherment"))
-            cert->keyUsage |= KEYUSE_DATA_ENCIPHER;
-        else if (!XSTRCASECMP(token, "keyAgreement"))
-            cert->keyUsage |= KEYUSE_KEY_AGREE;
-        else if (!XSTRCASECMP(token, "keyCertSign"))
-            cert->keyUsage |= KEYUSE_KEY_CERT_SIGN;
-        else if (!XSTRCASECMP(token, "cRLSign"))
-            cert->keyUsage |= KEYUSE_CRL_SIGN;
-        else if (!XSTRCASECMP(token, "encipherOnly"))
-            cert->keyUsage |= KEYUSE_ENCIPHER_ONLY;
-        else if (!XSTRCASECMP(token, "decipherOnly"))
-            cert->keyUsage |= KEYUSE_DECIPHER_ONLY;
-        else {
-            ret = KEYUSAGE_E;
-            break;
-        }
-
-        token = XSTRTOK(NULL, ",", &ptr);
-    }
+    ret = ParseKeyUsageStr(value, &cert->keyUsage, cert->heap);
 
-    XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }
 
@@ -30321,52 +31113,14 @@ int wc_SetKeyUsage(Cert *cert, const char *value)
 int wc_SetExtKeyUsage(Cert *cert, const char *value)
 {
     int ret = 0;
-    char *token, *str, *ptr;
-    word32 len;
 
     if (cert == NULL || value == NULL)
         return BAD_FUNC_ARG;
 
     cert->extKeyUsage = 0;
 
-    /* duplicate string (including terminator) */
-    len = (word32)XSTRLEN(value);
-    str = (char*)XMALLOC(len+1, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (str == NULL)
-        return MEMORY_E;
-    XMEMCPY(str, value, len+1);
-
-    /* parse value, and set corresponding Key Usage value */
-    if ((token = XSTRTOK(str, ",", &ptr)) == NULL) {
-        XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        return EXTKEYUSAGE_E;
-    }
-
-    while (token != NULL)
-    {
-        if (!XSTRCASECMP(token, "any"))
-            cert->extKeyUsage |= EXTKEYUSE_ANY;
-        else if (!XSTRCASECMP(token, "serverAuth"))
-            cert->extKeyUsage |= EXTKEYUSE_SERVER_AUTH;
-        else if (!XSTRCASECMP(token, "clientAuth"))
-            cert->extKeyUsage |= EXTKEYUSE_CLIENT_AUTH;
-        else if (!XSTRCASECMP(token, "codeSigning"))
-            cert->extKeyUsage |= EXTKEYUSE_CODESIGN;
-        else if (!XSTRCASECMP(token, "emailProtection"))
-            cert->extKeyUsage |= EXTKEYUSE_EMAILPROT;
-        else if (!XSTRCASECMP(token, "timeStamping"))
-            cert->extKeyUsage |= EXTKEYUSE_TIMESTAMP;
-        else if (!XSTRCASECMP(token, "OCSPSigning"))
-            cert->extKeyUsage |= EXTKEYUSE_OCSP_SIGN;
-        else {
-            ret = EXTKEYUSAGE_E;
-            break;
-        }
+    ret = ParseExtKeyUsageStr(value, &cert->extKeyUsage, cert->heap);
 
-        token = XSTRTOK(NULL, ",", &ptr);
-    }
-
-    XFREE(str, cert->heap, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }
 
@@ -30428,9 +31182,9 @@ int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
 
     ext = &cert->customCertExt[cert->customCertExtCount];
 
-    ext->oid = oid;
+    ext->oid = (char*)oid;
     ext->crit = (critical == 0) ? 0 : 1;
-    ext->val = der;
+    ext->val = (byte*)der;
     ext->valSz = derSz;
 
     cert->customCertExtCount++;
@@ -31111,7 +31865,7 @@ int StoreDHparams(byte* out, word32* outLen, mp_int* p, mp_int* g)
         /* Encode the DH parameters into buffer. */
         SetASN_Items(dhParamASN, dataASN, dhParamASN_Length, out);
         /* Set the actual encoding size. */
-        *outLen = sz;
+        *outLen = (word32)sz;
     }
 
     return ret;
@@ -31196,9 +31950,16 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s)
     }
     if (ret == 0) {
         /* Encode DSA signature into buffer. */
-        SetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, out);
-        /* Set the actual encoding size. */
-        *outLen = (word32)sz;
+        ret = SetASN_Items(dsaSigASN, dataASN, dsaSigASN_Length, out);
+        if (ret >= 0) {
+            if (ret == sz) {
+                /* Set the actual encoding size. */
+                *outLen = (word32)sz;
+                ret = 0;
+            } else {
+                ret = BAD_STATE_E;
+            }
+        }
     }
 
     return ret;
@@ -31288,6 +32049,14 @@ int StoreECC_DSA_Sig_Bin(byte* out, word32* outLen, const byte* r, word32 rLen,
 
     /* Clear dynamic data and set buffers for r and s */
     XMEMSET(dataASN, 0, sizeof(dataASN));
+    while ((rLen > 1) && (r[0] == 0)) {
+        rLen--;
+        r++;
+    }
+    while ((sLen > 1) && (s[0] == 0)) {
+        sLen--;
+        s++;
+    }
     SetASN_Buffer(&dataASN[DSASIGASN_IDX_R], r, rLen);
     SetASN_Buffer(&dataASN[DSASIGASN_IDX_S], s, sLen);
 
@@ -31461,7 +32230,7 @@ int DecodeECC_DSA_Sig_Ex(const byte* sig, word32 sigLen, mp_int* r, mp_int* s,
 
 
 #ifdef WOLFSSL_ASN_TEMPLATE
-#ifdef WOLFSSL_CUSTOM_CURVES
+#if defined(HAVE_ECC) && defined(WOLFSSL_CUSTOM_CURVES)
 /* Convert data to hex string.
  *
  * Big-endian byte array is converted to big-endian hexadecimal string.
@@ -31495,7 +32264,7 @@ static void DataToHexString(const byte* input, word32 inSz, char* out)
  * @param [out] out       Allocated buffer holding hex string.
  * @param [in]  heap      Dynamic memory allocation hint.
  * @param [in]  heapType  Type of heap to use.
- * @return  0 on succcess.
+ * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
 static int DataToHexStringAlloc(const byte* input, word32 inSz, char** out,
@@ -31569,7 +32338,7 @@ enum {
 /* Number of items in ASN.1 template for SpecifiedECDomain. */
 #define eccSpecifiedASN_Length (sizeof(eccSpecifiedASN) / sizeof(ASNItem))
 
-/* OID indicating the prime field is explicity defined. */
+/* OID indicating the prime field is explicitly defined. */
 static const byte primeFieldOID[] = {
     0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01
 };
@@ -31577,7 +32346,7 @@ static const char ecSetCustomName[] = "Custom";
 
 /* Explicit EC parameter values. */
 static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
-                                      ecc_key* key)
+                                      ecc_key* key, void* heap, int* curveSz)
 {
     DECL_ASNGETDATA(dataASN, eccSpecifiedASN_Length);
     int ret = 0;
@@ -31589,8 +32358,8 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
     word32 baseLen;
 
     /* Allocate a new parameter set. */
-    curve = (ecc_set_type*)XMALLOC(sizeof(*curve), key->heap,
-                                                       DYNAMIC_TYPE_ECC_BUFFER);
+    curve = (ecc_set_type*)XMALLOC(sizeof(*curve), heap,
+                DYNAMIC_TYPE_ECC_BUFFER);
     if (curve == NULL) {
         ret = MEMORY_E;
     }
@@ -31599,7 +32368,7 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
         XMEMSET(curve, 0, sizeof(*curve));
     }
 
-    CALLOC_ASNGETDATA(dataASN, eccSpecifiedASN_Length, ret, key->heap);
+    CALLOC_ASNGETDATA(dataASN, eccSpecifiedASN_Length, ret, heap);
 
     if (ret == 0) {
         /* Set name to be: "Custom" */
@@ -31625,15 +32394,19 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
     }
 #ifndef WOLFSSL_NO_ASN_STRICT
     /* Only version 2 and above can have a seed. */
-    if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_PARAM_SEED].tag != 0) &&
+    if (ret == 0) {
+        if ((dataASN[ECCSPECIFIEDASN_IDX_PARAM_SEED].tag != 0) &&
             (version < 2)) {
-        ret = ASN_PARSE_E;
+            ret = ASN_PARSE_E;
+        }
     }
 #endif
     /* Only version 2 and above can have a hash algorithm. */
-    if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_HASH_SEQ].tag != 0) &&
+    if (ret == 0) {
+        if ((dataASN[ECCSPECIFIEDASN_IDX_HASH_SEQ].tag != 0) &&
             (version < 2)) {
-        ret = ASN_PARSE_E;
+            ret = ASN_PARSE_E;
+        }
     }
     if ((ret == 0) && (dataASN[ECCSPECIFIEDASN_IDX_COFACTOR].tag != 0)) {
         /* Store optional co-factor. */
@@ -31658,13 +32431,13 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
     if (ret == 0) {
         /* Base X-ordinate */
         ret = DataToHexStringAlloc(base + 1, (word32)curve->size,
-                                   (char**)&curve->Gx, key->heap,
+                                   (char**)&curve->Gx, heap,
                                    DYNAMIC_TYPE_ECC_BUFFER);
     }
     if (ret == 0) {
         /* Base Y-ordinate */
         ret = DataToHexStringAlloc(base + 1 + curve->size, (word32)curve->size,
-                                   (char**)&curve->Gy, key->heap,
+                                   (char**)&curve->Gy, heap,
                                    DYNAMIC_TYPE_ECC_BUFFER);
     }
     if (ret == 0) {
@@ -31672,28 +32445,28 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
         ret = DataToHexStringAlloc(
                 dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.data,
                 dataASN[ECCSPECIFIEDASN_IDX_PRIME_P].data.ref.length,
-                (char**)&curve->prime, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+                (char**)&curve->prime, heap, DYNAMIC_TYPE_ECC_BUFFER);
     }
     if (ret == 0) {
         /* Parameter A */
         ret = DataToHexStringAlloc(
                 dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.data,
                 dataASN[ECCSPECIFIEDASN_IDX_PARAM_A].data.ref.length,
-                (char**)&curve->Af, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+                (char**)&curve->Af, heap, DYNAMIC_TYPE_ECC_BUFFER);
     }
     if (ret == 0) {
         /* Parameter B */
         ret = DataToHexStringAlloc(
                 dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.data,
                 dataASN[ECCSPECIFIEDASN_IDX_PARAM_B].data.ref.length,
-                (char**)&curve->Bf, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+                (char**)&curve->Bf, heap, DYNAMIC_TYPE_ECC_BUFFER);
     }
     if (ret == 0) {
         /* Order of curve */
         ret = DataToHexStringAlloc(
                 dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.data,
                 dataASN[ECCSPECIFIEDASN_IDX_ORDER].data.ref.length,
-                (char**)&curve->order, key->heap, DYNAMIC_TYPE_ECC_BUFFER);
+                (char**)&curve->order, heap, DYNAMIC_TYPE_ECC_BUFFER);
     }
     #else
     if (ret == 0) {
@@ -31720,26 +32493,31 @@ static int EccSpecifiedECDomainDecode(const byte* input, word32 inSz,
     }
     #endif /* WOLFSSL_ECC_CURVE_STATIC */
 
-    /* Store parameter set in key. */
-    if ((ret == 0) && (wc_ecc_set_custom_curve(key, curve) < 0)) {
-        ret = ASN_PARSE_E;
+    if (key) {
+        /* Store parameter set in key. */
+        if ((ret == 0) && (wc_ecc_set_custom_curve(key, curve) < 0)) {
+            ret = ASN_PARSE_E;
+        }
+        if (ret == 0) {
+            /* The parameter set was allocated.. */
+            key->deallocSet = 1;
+        }
     }
-    if (ret == 0) {
-        /* The parameter set was allocated.. */
-        key->deallocSet = 1;
+
+    if ((ret == 0) && (curveSz)) {
+        *curveSz = curve->size;
     }
 
     if ((ret != 0) && (curve != NULL)) {
-        /* Failed to set parameters so free paramter set. */
-        wc_ecc_free_curve(curve, key->heap);
+        /* Failed to set parameters so free parameter set. */
+        wc_ecc_free_curve(curve, heap);
     }
 
-    FREE_ASNGETDATA(dataASN, key->heap);
+    FREE_ASNGETDATA(dataASN, heap);
     return ret;
 }
 #endif /* WOLFSSL_CUSTOM_CURVES */
 #endif /* WOLFSSL_ASN_TEMPLATE */
-
 #ifdef HAVE_ECC
 
 #ifdef WOLFSSL_ASN_TEMPLATE
@@ -31806,6 +32584,9 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
     if (ToTraditionalInline_ex(input, inOutIdx, inSz, &algId) < 0) {
         /* ignore error, did not have pkcs8 header */
     }
+    else {
+        curve_id = wc_ecc_get_oid(algId, NULL, NULL);
+    }
 
     if (GetSequence(input, inOutIdx, &length, inSz) < 0)
         return ASN_PARSE_E;
@@ -31915,7 +32696,7 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
     byte version;
     int ret = 0;
     int curve_id = ECC_CURVE_DEF;
-#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
+#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12) || defined(SM2)
     word32 algId = 0;
 #endif
 
@@ -31924,11 +32705,14 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
         ret = BAD_FUNC_ARG;
     }
 
-#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12)
+#if defined(HAVE_PKCS8) || defined(HAVE_PKCS12) || defined(SM2)
     /* if has pkcs8 header skip it */
     if (ToTraditionalInline_ex(input, inOutIdx, inSz, &algId) < 0) {
         /* ignore error, did not have pkcs8 header */
     }
+    else {
+        curve_id = wc_ecc_get_oid(algId, NULL, NULL);
+    }
 #endif
 
     CALLOC_ASNGETDATA(dataASN, eccKeyASN_Length, ret, key->heap);
@@ -31942,8 +32726,10 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
                            inOutIdx, inSz);
     }
     /* Only version 1 supported. */
-    if ((ret == 0) && (version != 1)) {
-        ret = ASN_PARSE_E;
+    if (ret == 0) {
+        if (version != 1) {
+            ret = ASN_PARSE_E;
+        }
     }
     /* Curve Parameters are optional. */
     if ((ret == 0) && (dataASN[ECCKEYASN_IDX_PARAMS].tag != 0)) {
@@ -31959,7 +32745,8 @@ int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key,
             /* Parse explicit parameters. */
             ret = EccSpecifiedECDomainDecode(
                     dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.data,
-                    dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.length, key);
+                    dataASN[ECCKEYASN_IDX_CURVEPARAMS].data.ref.length, key,
+                    key->heap, NULL);
     #else
             /* Explicit parameters not supported in build configuration. */
             ret = ASN_PARSE_E;
@@ -32343,10 +33130,14 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
     if (ret == 0) {
         /* Clear dynamic data for ECC public key. */
         XMEMSET(dataASN, 0, sizeof(*dataASN) * eccPublicKeyASN_Length);
+#if !defined(WOLFSSL_SM2) || !defined(WOLFSSL_SM3)
         /* Set required ECDSA OID and ignore the curve OID type. */
         GetASN_ExpBuffer(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], keyEcdsaOid,
                 sizeof(keyEcdsaOid));
-        GetASN_OID(&dataASN[oidIdx], oidIgnoreType);
+#else
+        GetASN_OID(&dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID], oidKeyType);
+#endif
+        GetASN_OID(&dataASN[oidIdx], oidCurveType);
         /* Decode the public ECC key. */
         ret = GetASN_Items(eccPublicKeyASN, dataASN, eccPublicKeyASN_Length, 1,
                            input, inOutIdx, inSz);
@@ -32360,7 +33151,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
             /* Clear dynamic data for ECC private key. */
             XMEMSET(dataASN, 0, sizeof(*dataASN) * eccKeyASN_Length);
             /* Check named curve OID type. */
-            GetASN_OID(&dataASN[oidIdx], oidIgnoreType);
+            GetASN_OID(&dataASN[oidIdx], oidCurveType);
             /* Try private key format .*/
             ret = GetASN_Items(eccKeyASN, dataASN, eccKeyASN_Length, 1, input,
                                inOutIdx, inSz);
@@ -32370,6 +33161,14 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         }
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    if ((ret == 0) && (oidIdx == ECCPUBLICKEYASN_IDX_ALGOID_CURVEID)) {
+        int oidSum = dataASN[ECCPUBLICKEYASN_IDX_ALGOID_OID].data.oid.sum;
+        if ((oidSum != ECDSAk) && (oidSum != SM2k)) {
+            ret = ASN_PARSE_E;
+        }
+    }
+#endif
     if (ret == 0) {
         if (dataASN[oidIdx].tag != 0) {
             /* Named curve - check and get id. */
@@ -32382,7 +33181,8 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
         #ifdef WOLFSSL_CUSTOM_CURVES
             /* Parse explicit parameters. */
             ret = EccSpecifiedECDomainDecode(dataASN[specIdx].data.ref.data,
-                                         dataASN[specIdx].data.ref.length, key);
+                                         dataASN[specIdx].data.ref.length, key,
+                                         key->heap, NULL);
         #else
             /* Explicit parameters not supported in build configuration. */
             ret = ASN_PARSE_E;
@@ -32406,7 +33206,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
 #if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT)
 /* build DER formatted ECC key, include optional public key if requested,
  * return length on success, negative on error */
-static int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
+int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
                              int pubIn, int curveIn)
 {
 #ifndef WOLFSSL_ASN_TEMPLATE
@@ -32722,8 +33522,6 @@ int wc_EccPrivateKeyToDer(ecc_key* key, byte* output, word32 inLen)
     return wc_BuildEccKeyDer(key, output, &inLen, 0, 1);
 }
 
-
-
 #ifdef HAVE_PKCS8
 
 /* Write only private ecc key or both private and public parts to unencrypted
@@ -32899,6 +33697,9 @@ int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
 
     if (input == NULL || inOutIdx == NULL || inSz == 0 ||
         privKey == NULL || privKeyLen == NULL) {
+    #ifdef WOLFSSL_ASN_TEMPLATE
+        FREE_ASNGETDATA(dataASN, NULL);
+    #endif
         return BAD_FUNC_ARG;
     }
 
@@ -33116,7 +33917,7 @@ int wc_Ed25519PrivateKeyDecode(const byte* input, word32* inOutIdx,
                                ed25519_key* key, word32 inSz)
 {
     int ret;
-    byte privKey[ED25519_KEY_SIZE], pubKey[ED25519_PUB_KEY_SIZE];
+    byte privKey[ED25519_KEY_SIZE], pubKey[2*ED25519_PUB_KEY_SIZE+1];
     word32 privKeyLen = (word32)sizeof(privKey);
     word32 pubKeyLen = (word32)sizeof(pubKey);
 
@@ -33142,7 +33943,7 @@ int wc_Ed25519PublicKeyDecode(const byte* input, word32* inOutIdx,
                               ed25519_key* key, word32 inSz)
 {
     int ret;
-    byte pubKey[ED25519_PUB_KEY_SIZE];
+    byte pubKey[2*ED25519_PUB_KEY_SIZE+1];
     word32 pubKeyLen = (word32)sizeof(pubKey);
 
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
@@ -33206,9 +34007,9 @@ int wc_Curve25519PublicKeyDecode(const byte* input, word32* inOutIdx,
  * Pass NULL for output to get the size of the encoding.
  *
  * @param [in]  privKey      private key buffer
- * @param [in]  privKeyLen   private ket buffer length
+ * @param [in]  privKeyLen   private key buffer length
  * @param [in]  pubKey       public key buffer (optional)
- * @param [in]  pubKeyLen    public ket buffer length
+ * @param [in]  pubKeyLen    public key buffer length
  * @param [out] output       Buffer to put encoded data in (optional)
  * @param [in]  outLen       Size of buffer in bytes
  * @param [in]  keyType      is "enum Key_Sum" like ED25519k
@@ -33433,7 +34234,7 @@ int wc_Ed448PublicKeyDecode(const byte* input, word32* inOutIdx,
                               ed448_key* key, word32 inSz)
 {
     int ret;
-    byte pubKey[ED448_PUB_KEY_SIZE];
+    byte pubKey[2 * ED448_PUB_KEY_SIZE + 1];
     word32 pubKeyLen = (word32)sizeof(pubKey);
 
     if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) {
@@ -33843,6 +34644,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
 #else
     DECL_ASNGETDATA(dataASN, singleResponseASN_Length);
     int ret = 0;
+    word32 ocspDigestSize = OCSP_DIGEST_SIZE;
     CertStatus* cs = NULL;
     word32 serialSz;
     word32 issuerHashLen;
@@ -33889,17 +34691,28 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
         ret = GetASN_Items(singleResponseASN, dataASN, singleResponseASN_Length,
                 1, source, ioIndex, size);
     }
+    if (ret == 0) {
+        single->hashAlgoOID =
+            dataASN[SINGLERESPONSEASN_IDX_CID_HASHALGO_OID].data.oid.sum;
+        ocspDigestSize = (word32)wc_HashGetDigestSize(
+            wc_OidGetHash((int)single->hashAlgoOID));
+    }
     /* Validate the issuer hash length is the size required. */
-    if ((ret == 0) && (issuerHashLen != OCSP_DIGEST_SIZE)) {
+    if ((ret == 0) && (issuerHashLen != ocspDigestSize)) {
         ret = ASN_PARSE_E;
     }
     /* Validate the issuer key hash length is the size required. */
-    if ((ret == 0) && (issuerKeyHashLen != OCSP_DIGEST_SIZE)) {
-        ret = ASN_PARSE_E;
+    if (ret == 0) {
+        if (issuerKeyHashLen != ocspDigestSize) {
+            ret = ASN_PARSE_E;
+        }
     }
     if (ret == 0) {
         /* Store serial size. */
-        cs->serialSz = serialSz;
+        cs->serialSz = (int)serialSz;
+        /* Set the hash algorithm OID */
+        single->hashAlgoOID =
+                dataASN[SINGLERESPONSEASN_IDX_CID_HASHALGO_OID].data.oid.sum;
 
         /* Determine status by which item was found. */
         if (dataASN[SINGLERESPONSEASN_IDX_CS_GOOD].tag != 0) {
@@ -33930,7 +34743,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
         at = &cs->thisDateParsed;
         at->type = ASN_GENERALIZED_TIME;
         XMEMCPY(at->data, cs->thisDate, thisDateLen);
-        at->length = thisDateLen;
+        at->length = (int)thisDateLen;
     #endif
     }
     if ((ret == 0) &&
@@ -33954,7 +34767,7 @@ static int DecodeSingleResponse(byte* source, word32* ioIndex, word32 size,
         at = &cs->nextDateParsed;
         at->type = ASN_GENERALIZED_TIME;
         XMEMCPY(at->data, cs->nextDate, nextDateLen);
-        at->length = nextDateLen;
+        at->length = (int)nextDateLen;
     #endif
     }
     if (ret == 0) {
@@ -34095,7 +34908,7 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex,
                            source, &idx, sz);
         if (ret == 0) {
             word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum;
-            int length = dataASN[CERTEXTASN_IDX_VAL].length;
+            int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
 
             if (oid == OCSP_NONCE_OID) {
                 /* Extract nonce data. */
@@ -34110,7 +34923,7 @@ static int DecodeOcspRespExtensions(byte* source, word32* ioIndex,
             /* Ignore all other extension types. */
 
             /* Skip over rest of extension. */
-            idx += length;
+            idx += (word32)length;
         }
     }
 
@@ -34279,12 +35092,16 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
                 1, source, ioIndex, size);
     }
     /* Only support v1 == 0 */
-    if ((ret == 0) && (version != 0)) {
-        ret = ASN_PARSE_E;
+    if (ret == 0) {
+        if (version != 0) {
+            ret = ASN_PARSE_E;
+        }
     }
     /* Ensure date is a minimal size. */
-    if ((ret == 0) && (dateSz < MIN_DATE_SIZE)) {
-        ret = ASN_PARSE_E;
+    if (ret == 0) {
+        if  (dateSz < MIN_DATE_SIZE) {
+            ret = ASN_PARSE_E;
+        }
     }
     if (ret == 0) {
         /* TODO: use byName/byKey fields. */
@@ -34330,8 +35147,8 @@ static int DecodeResponseData(byte* source, word32* ioIndex,
         if (ret == 0) {
             /* Decode SingleResponse into OcspEntry. */
             ret = DecodeSingleResponse(source, &idx,
-                    dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset,
-                    dataASN[OCSPRESPDATAASN_IDX_RESP].length, single);
+                dataASN[OCSPRESPDATAASN_IDX_RESPEXT].offset,
+                (int)dataASN[OCSPRESPDATAASN_IDX_RESP].length, single);
             /* single->used set on successful decode. */
         }
     }
@@ -34669,7 +35486,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
     if ((ret == 0) &&
             (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) {
     #endif
-        /* Initialize the crtificate object. */
+        /* Initialize the certificate object. */
         InitDecodedCert(cert, resp->cert, resp->certSz, heap);
         certInit = 1;
         /* Parse the certificate and don't verify if we don't have access to
@@ -34680,6 +35497,13 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
             WOLFSSL_MSG("\tOCSP Responder certificate parsing failed");
         }
     }
+#ifndef WOLFSSL_NO_OCSP_ISSUER_CHECK
+    if ((ret == 0) &&
+            (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL) &&
+            !noVerify) {
+        ret = CheckOcspResponder(resp, cert, cm);
+    }
+#endif /* WOLFSSL_NO_OCSP_ISSUER_CHECK */
     if ((ret == 0) &&
             (dataASN[OCSPBASICRESPASN_IDX_CERTS_SEQ].data.ref.data != NULL)) {
         /* TODO: ConfirmSignature is blocking here */
@@ -34701,7 +35525,7 @@ static int DecodeBasicOcspResponse(byte* source, word32* ioIndex,
         Signer* ca;
         int sigValid = -1;
 
-        /* Resonse didn't have a certificate - lookup CA. */
+        /* Response didn't have a certificate - lookup CA. */
     #ifndef NO_SKID
         ca = GetCA(cm, resp->single->issuerKeyHash);
     #else
@@ -34951,7 +35775,7 @@ static const ASNItem ocspNonceExtASN[] = {
 /* EXT       */     { 1, ASN_SEQUENCE, 1, 1, 0 },
                                         /* extnId */
 /* EXT_OID   */        {2, ASN_OBJECT_ID, 0, 0, 0 },
-                                        /* critcal not encoded. */
+                                        /* critical not encoded. */
                                         /* extnValue */
 /* EXT_VAL   */        {2, ASN_OCTET_STRING, 0, 1, 0 },
                                                /* nonce */
@@ -35032,7 +35856,7 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
         SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_OID], NonceObjId,
                 sizeof(NonceObjId));
         SetASN_Buffer(&dataASN[OCSPNONCEEXTASN_IDX_EXT_NONCE], req->nonce,
-                req->nonceSz);
+                (word32)req->nonceSz);
         /* Calculate size of nonce extension. */
         ret = SizeASN_Items(ocspNonceExtASN, dataASN, ocspNonceExtASN_Length,
                             &sz);
@@ -35053,7 +35877,7 @@ word32 EncodeOcspRequestExtensions(OcspRequest* req, byte* output, word32 size)
         FREE_ASNSETDATA(dataASN, req->heap);
     }
 
-    return ret;
+    return (word32)ret;
 #endif /* WOLFSSL_ASN_TEMPLATE */
 }
 
@@ -35118,17 +35942,20 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
     byte extArray[MAX_OCSP_EXT_SZ];
     word32 seqSz[5], algoSz, issuerSz, issuerKeySz, extSz, totalSz;
     int i, snSz;
+    int keyIdSz;
 
     WOLFSSL_ENTER("EncodeOcspRequest");
 
 #ifdef NO_SHA
     algoSz = SetAlgoID(SHA256h, algoArray, oidHashType, 0);
+    keyIdSz = WC_SHA256_DIGEST_SIZE;
 #else
     algoSz = SetAlgoID(SHAh, algoArray, oidHashType, 0);
+    keyIdSz = WC_SHA_DIGEST_SIZE;
 #endif
 
-    issuerSz    = SetDigest(req->issuerHash,    KEYID_SIZE,    issuerArray);
-    issuerKeySz = SetDigest(req->issuerKeyHash, KEYID_SIZE,    issuerKeyArray);
+    issuerSz    = SetDigest(req->issuerHash,    keyIdSz,    issuerArray);
+    issuerKeySz = SetDigest(req->issuerKeyHash, keyIdSz,    issuerKeyArray);
     snSz        = SetSerialNumber(req->serial,  req->serialSz, snArray,
                                                           MAX_SN_SZ, MAX_SN_SZ);
     extSz       = 0;
@@ -35186,6 +36013,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
     word32 extSz = 0;
     int sz = 0;
     int ret = 0;
+    word32 keyIdSz;
 
     WOLFSSL_ENTER("EncodeOcspRequest");
 
@@ -35196,22 +36024,24 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
     #ifdef NO_SHA
         SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHA256h,
                 oidHashType);
+        keyIdSz = WC_SHA256_DIGEST_SIZE;
     #else
         SetASN_OID(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_HASH_OID], SHAh,
                 oidHashType);
+        keyIdSz = WC_SHA_DIGEST_SIZE;
     #endif
         /* Set issuer, issuer key hash and serial number of certificate being
          * checked. */
         SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUER],
-                req->issuerHash, KEYID_SIZE);
+                req->issuerHash, keyIdSz);
         SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_ISSUERKEY],
-                req->issuerKeyHash, KEYID_SIZE);
+                req->issuerKeyHash, keyIdSz);
         SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQ_SERIAL],
-                req->serial, req->serialSz);
+                req->serial, (word32)req->serialSz);
         /* Only extension to write is nonce - check if one to encode. */
         if (req->nonceSz) {
             /* Get size of extensions and leave space for them in encoding. */
-            ret = extSz = EncodeOcspRequestExtensions(req, NULL, 0);
+            ret = (int)(extSz = EncodeOcspRequestExtensions(req, NULL, 0));
             SetASN_Buffer(&dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT], NULL, extSz);
             if (ret > 0) {
                 ret = 0;
@@ -35236,7 +36066,7 @@ int EncodeOcspRequest(OcspRequest* req, byte* output, word32 size)
         SetASN_Items(ocspRequestASN, dataASN, ocspRequestASN_Length, output);
         if (req->nonceSz) {
             /* Encode extensions into space provided. */
-            ret = EncodeOcspRequestExtensions(req,
+            ret = (int)EncodeOcspRequestExtensions(req,
                 (byte*)dataASN[OCSPREQUESTASN_IDX_TBS_REQEXT].data.buffer.data,
                 extSz);
             if (ret > 0) {
@@ -35273,24 +36103,24 @@ int InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce,
         XMEMCPY(req->issuerHash,    cert->issuerHash,    KEYID_SIZE);
         XMEMCPY(req->issuerKeyHash, cert->issuerKeyHash, KEYID_SIZE);
 
-        req->serial = (byte*)XMALLOC(cert->serialSz, req->heap,
+        req->serial = (byte*)XMALLOC((size_t)cert->serialSz, req->heap,
                                                      DYNAMIC_TYPE_OCSP_REQUEST);
         if (req->serial == NULL)
             return MEMORY_E;
 
-        XMEMCPY(req->serial, cert->serial, cert->serialSz);
+        XMEMCPY(req->serial, cert->serial, (size_t)cert->serialSz);
         req->serialSz = cert->serialSz;
 
         if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) {
-            req->url = (byte*)XMALLOC(cert->extAuthInfoSz + 1, req->heap,
-                                                     DYNAMIC_TYPE_OCSP_REQUEST);
+            req->url = (byte*)XMALLOC((size_t)cert->extAuthInfoSz + 1,
+                                          req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
             if (req->url == NULL) {
                 XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP);
                 req->serial = NULL;
                 return MEMORY_E;
             }
 
-            XMEMCPY(req->url, cert->extAuthInfo, cert->extAuthInfoSz);
+            XMEMCPY(req->url, cert->extAuthInfo, (size_t)cert->extAuthInfoSz);
             req->urlSz = cert->extAuthInfoSz;
             req->url[req->urlSz] = 0;
         }
@@ -35341,6 +36171,14 @@ void FreeOcspRequest(OcspRequest* req)
         if (req->url)
             XFREE(req->url, req->heap, DYNAMIC_TYPE_OCSP_REQUEST);
         req->url = NULL;
+
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+    defined(HAVE_LIGHTY)
+        if (req->cid != NULL)
+            wolfSSL_OCSP_CERTID_free((WOLFSSL_OCSP_CERTID*)req->cid);
+        req->cid = NULL;
+#endif
     }
 }
 
@@ -35348,6 +36186,7 @@ void FreeOcspRequest(OcspRequest* req)
 int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
 {
     int cmp = -1; /* default as not matching, cmp gets set on each check */
+    int ocspDigestSize;
     OcspEntry *single, *next, *prev = NULL, *top;
 
     WOLFSSL_ENTER("CompareOcspReqResp");
@@ -35374,7 +36213,7 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
             return cmp;
         }
 
-        cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz);
+        cmp = XMEMCMP(req->nonce, resp->nonce, (size_t)req->nonceSz);
         if (cmp != 0) {
             WOLFSSL_MSG("\tnonce mismatch");
             return cmp;
@@ -35383,11 +36222,20 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp)
 
     /* match based on found status and return */
     for (single = resp->single; single; single = next) {
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        ocspDigestSize = wc_HashGetDigestSize(
+            wc_OidGetHash(single->hashAlgoOID));
+    #else
+        ocspDigestSize = OCSP_DIGEST_SIZE;
+    #endif
         cmp = req->serialSz - single->status->serialSz;
         if (cmp == 0) {
-            cmp = XMEMCMP(req->serial, single->status->serial, req->serialSz)
-               || XMEMCMP(req->issuerHash, single->issuerHash, OCSP_DIGEST_SIZE)
-               || XMEMCMP(req->issuerKeyHash, single->issuerKeyHash, OCSP_DIGEST_SIZE);
+            cmp = XMEMCMP(req->serial, single->status->serial,
+                                                          (size_t)req->serialSz)
+               || XMEMCMP(req->issuerHash, single->issuerHash,
+                                                         (size_t)ocspDigestSize)
+               || XMEMCMP(req->issuerKeyHash, single->issuerKeyHash,
+                                                        (size_t)ocspDigestSize);
             if (cmp == 0) {
                 /* match found */
                 if (resp->single != single && prev) {
@@ -35433,6 +36281,14 @@ enum {
 /* store WC_SHA hash of NAME */
 int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
 {
+    /* Use summy signature OID. */
+    return GetNameHash_ex(source, idx, hash, maxIdx, 0);
+}
+
+/* store WC_SHA hash of NAME */
+int GetNameHash_ex(const byte* source, word32* idx, byte* hash, int maxIdx,
+    word32 sigOID)
+{
 #ifndef WOLFSSL_ASN_TEMPLATE
     int    length;  /* length of all distinguished names */
     int    ret;
@@ -35460,7 +36316,8 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
     if (GetSequence(source, idx, &length, (word32)maxIdx) < 0)
         return ASN_PARSE_E;
 
-    ret = CalcHashId(source + dummy, (word32)length + *idx - dummy, hash);
+    ret = CalcHashId_ex(source + dummy, (word32)length + *idx - dummy, hash,
+        HashIdAlg(sigOID));
 
     *idx += (word32)length;
 
@@ -35480,10 +36337,10 @@ int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx)
          * calculated over the entire DER encoding of the Name field, including
          * the tag and length. */
         /* Calculate hash of complete name including SEQUENCE. */
-        ret = CalcHashId(
+        ret = CalcHashId_ex(
                 GetASNItem_Addr(dataASN[NAMEHASHASN_IDX_NAME], source),
                 GetASNItem_Length(dataASN[NAMEHASHASN_IDX_NAME], source),
-                hash);
+                hash, HashIdAlg(sigOID));
     }
 
     return ret;
@@ -35497,13 +36354,13 @@ static char* GetNameFromDer(const byte* source, int sz)
 {
     char* out;
 
-    out = (char*)XMALLOC(sz, NULL, DYNAMIC_TYPE_OPENSSL);
+    out = (char*)XMALLOC((size_t)sz, NULL, DYNAMIC_TYPE_OPENSSL);
     if (out == NULL) {
         WOLFSSL_MSG("Name malloc failed");
         return NULL;
     }
 
-    XMEMCPY(out, source, sz);
+    XMEMCPY(out, source, (size_t)sz);
 
     return out;
 }
@@ -35569,7 +36426,7 @@ enum {
 
 /* Get Revoked Cert list, 0 on success */
 static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
-                      DecodedCRL* dcrl, int maxIdx)
+                      DecodedCRL* dcrl, word32 maxIdx)
 {
 #ifndef WOLFSSL_ASN_TEMPLATE
     int ret;
@@ -35673,7 +36530,7 @@ static int GetRevoked(RevokedCert* rcert, const byte* buff, word32* idx,
     }
     if (ret == 0) {
         /* Store size of serial number. */
-        rc->serialSz = serialSz;
+        rc->serialSz = (int)serialSz;
         rc->revDateFormat = (dataASN[REVOKEDASN_IDX_TIME_UTC].tag != 0)
                 ? dataASN[REVOKEDASN_IDX_TIME_UTC].tag
                 : dataASN[REVOKEDASN_IDX_TIME_GT].tag;
@@ -35713,7 +36570,7 @@ static int ParseCRL_RevokedCerts(RevokedCert* rcert, DecodedCRL* dcrl,
 {
     int ret = 0;
 
-    /* Parse each revoked cerificate. */
+    /* Parse each revoked certificate. */
     while ((ret == 0) && (idx < maxIdx)) {
         /* Parse a revoked certificate. */
         if (GetRevoked(rcert, buff, &idx, dcrl, maxIdx) < 0) {
@@ -35798,7 +36655,7 @@ static int PaseCRL_CheckSignature(DecodedCRL* dcrl, const byte* buff, void* cm)
     }
     /* Check issuerHash matched CA's subjectNameHash. */
     if ((ca != NULL) && (XMEMCMP(dcrl->issuerHash, ca->subjectNameHash,
-                                 KEYID_SIZE) != 0)) {
+            KEYID_SIZE) != 0)) {
         ca = NULL;
     }
     if (ca == NULL) {
@@ -35870,7 +36727,7 @@ static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl,
     dcrl->issuer   = (byte*)GetNameFromDer(buf + idx, (int)dcrl->issuerSz);
 #endif
 
-    if (GetNameHash(buf, &idx, dcrl->issuerHash, sz) < 0)
+    if (GetNameHash_ex(buf, &idx, dcrl->issuerHash, sz, oid) < 0)
         return ASN_PARSE_E;
 
     if (GetBasicDate(buf, &idx, dcrl->lastDate, &dcrl->lastDateFormat, sz) < 0)
@@ -35894,7 +36751,7 @@ static int ParseCRL_CertList(RevokedCert* rcert, DecodedCRL* dcrl,
     if (doNextDate)
 #endif
     {
-#ifndef NO_ASN_TIME
+#if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
         if (verify != NO_VERIFY &&
                 !XVALIDATE_DATE(dcrl->nextDate, dcrl->nextDateFormat, AFTER)) {
             WOLFSSL_MSG("CRL after date is no longer valid");
@@ -35960,7 +36817,8 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
 
     dcrl->extAuthKeyIdSet = 1;
     /* Get the hash or hash of the hash if wrong size. */
-    ret = GetHashId(input + idx, length, dcrl->extAuthKeyId);
+    ret = GetHashId(input + idx, length, dcrl->extAuthKeyId,
+        HashIdAlg(dcrl->signatureOID));
 
     return ret;
 #else
@@ -35975,7 +36833,7 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
     if (ret == 0) {
         /* Parse an authority key identifier. */
         ret = GetASN_Items(authKeyIdASN, dataASN, authKeyIdASN_Length, 1, input,
-                           &idx, sz);
+                           &idx, (word32)sz);
     }
     if (ret == 0) {
         /* Key id is optional. */
@@ -35985,8 +36843,8 @@ static int ParseCRL_AuthKeyIdExt(const byte* input, int sz, DecodedCRL* dcrl)
         else {
             /* Get the hash or hash of the hash if wrong size. */
             ret = GetHashId(dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.data,
-                dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
-                dcrl->extAuthKeyId);
+                (int)dataASN[AUTHKEYIDASN_IDX_KEYID].data.ref.length,
+                dcrl->extAuthKeyId, HashIdAlg(dcrl->signatureOID));
         }
     }
 
@@ -36165,7 +37023,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
 
         /* Clear dynamic data. */
         XMEMSET(dataASN, 0, sizeof(*dataASN) * certExtASN_Length);
-        /* Ensure OID is an extention type. */
+        /* Ensure OID is an extension type. */
         GetASN_OID(&dataASN[CERTEXTASN_IDX_OID], oidCertExtType);
         /* Set criticality variable. */
         GetASN_Int8Bit(&dataASN[CERTEXTASN_IDX_CRIT], &critical);
@@ -36176,11 +37034,11 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
             /* OID in extension. */
             word32 oid = dataASN[CERTEXTASN_IDX_OID].data.oid.sum;
             /* Length of extension data. */
-            int length = dataASN[CERTEXTASN_IDX_VAL].length;
+            int length = (int)dataASN[CERTEXTASN_IDX_VAL].length;
 
             if (oid == AUTH_KEY_OID) {
             #ifndef NO_SKID
-                /* Parse Authority Key Id extesion.
+                /* Parse Authority Key Id extension.
                  * idx is at start of OCTET_STRING data. */
                 ret = ParseCRL_AuthKeyIdExt(buf + idx, length, dcrl);
                 if (ret != 0) {
@@ -36191,7 +37049,7 @@ static int ParseCRL_Extensions(DecodedCRL* dcrl, const byte* buf, word32 idx,
             /* TODO: Parse CRL Number extension */
             /* TODO: check criticality */
             /* Move index on to next extension. */
-            idx += length;
+            idx += (word32)length;
         }
     }
 
@@ -36319,7 +37177,7 @@ int ParseCRL(RevokedCert* rcert, DecodedCRL* dcrl, const byte* buff, word32 sz,
         ca = GetCA(cm, dcrl->extAuthKeyId); /* more unique than issuerHash */
     }
     if (ca != NULL && XMEMCMP(dcrl->issuerHash, ca->subjectNameHash,
-                KEYID_SIZE) != 0) {
+            KEYID_SIZE) != 0) {
         ca = NULL;
     }
     if (ca == NULL) {
@@ -36423,7 +37281,7 @@ end:
         dcrl->nextDateFormat = (dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag != 0)
                 ? dataASN[CRLASN_IDX_TBS_NEXTUPDATE_UTC].tag
                 : dataASN[CRLASN_IDX_TBS_NEXTUPDATE_GT].tag;
-    #ifndef NO_ASN_TIME
+    #if !defined(NO_ASN_TIME) && !defined(WOLFSSL_NO_CRL_DATE_CHECK)
         if (dcrl->nextDateFormat != 0) {
             /* Next date was set, so validate it. */
             if (verify != NO_VERIFY &&
@@ -36434,8 +37292,8 @@ end:
             }
         }
     }
-    if (ret == 0) {
-    #endif
+    if (ret == 0) { /* in "no time" cases above "ret" is not set */
+    #endif /* !NO_ASN_TIME && !WOLFSSL_NO_CRL_DATE_CHECK */
     #ifdef OPENSSL_EXTRA
         /* Parse and store the issuer name. */
         dcrl->issuerSz = GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER],
@@ -36445,16 +37303,17 @@ end:
                             (int)dcrl->issuerSz);
     #endif
         /* Calculate the Hash id from the issuer name. */
-        ret = CalcHashId(GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
+        ret = CalcHashId_ex(
+                GetASNItem_Addr(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
                 GetASNItem_Length(dataASN[CRLASN_IDX_TBS_ISSUER], buff),
-                dcrl->issuerHash);
+                dcrl->issuerHash, HashIdAlg(dcrl->signatureOID));
         if (ret < 0) {
             ret = ASN_PARSE_E;
         }
     }
 
     if ((ret == 0) && (dataASN[CRLASN_IDX_TBS_REVOKEDCERTS].tag != 0)) {
-        /* Parse revoked cerificates - starting after SEQUENCE OF. */
+        /* Parse revoked certificates - starting after SEQUENCE OF. */
         ret = ParseCRL_RevokedCerts(rcert, dcrl, buff,
             GetASNItem_DataIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff),
             GetASNItem_EndIdx(dataASN[CRLASN_IDX_TBS_REVOKEDCERTS], buff));
@@ -36635,7 +37494,7 @@ int wc_ParseCertPIV(wc_CertPIV* piv, const byte* buf, word32 totalSz)
         GetASN_Int8Bit(&dataASN[PIVCERTASN_IDX_INFO], &info);
         /* Start parsing from start of buffer. */
         idx = 0;
-        /* Parse PIV cetificate data. */
+        /* Parse PIV certificate data. */
         ret = GetASN_Items(pivCertASN, dataASN, pivCertASN_Length, 1, buf, &idx,
                 totalSz);
         if (ret == 0) {
@@ -36696,13 +37555,17 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
         goto error;
     }
     nextHdr = (MimeHdr*)XMALLOC(sizeof(MimeHdr), NULL, DYNAMIC_TYPE_PKCS7);
+    if (nextHdr == NULL) {
+        ret = MEMORY_E;
+        goto error;
+    }
+    XMEMSET(nextHdr, 0, sizeof(MimeHdr));
     nextParam = (MimeParam*)XMALLOC(sizeof(MimeParam), NULL,
                                     DYNAMIC_TYPE_PKCS7);
-    if (nextHdr == NULL || nextParam == NULL) {
+    if (nextParam == NULL) {
         ret = MEMORY_E;
         goto error;
     }
-    XMEMSET(nextHdr, 0, sizeof(MimeHdr));
     XMEMSET(nextParam, 0, sizeof(MimeParam));
 
     curLine = XSTRTOK(in, "\r\n", &ptr);
@@ -36744,8 +37607,10 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
             }
             else if (mimeStatus == MIME_BODYVAL && cur == ';' && pos >= 1) {
                 end = pos-1;
-                if (bodyVal != NULL)
+                if (bodyVal != NULL) {
                     XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
+                    bodyVal = NULL;
+                }
                 ret = wc_MIME_header_strip(curLine, &bodyVal, start, end);
                 if (ret) {
                     goto error;
@@ -36842,7 +37707,8 @@ error:
         XFREE(nameAttr, NULL, DYNAMIC_TYPE_PKCS7);
     if (bodyVal != NULL)
         XFREE(bodyVal, NULL, DYNAMIC_TYPE_PKCS7);
-    XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
+    if (nextParam != NULL)
+        XFREE(nextParam, NULL, DYNAMIC_TYPE_PKCS7);
 
     return ret;
 }
@@ -37006,7 +37872,7 @@ int wc_MIME_free_hdrs(MimeHdr* head)
 #ifdef WOLFSSL_ASN_PRINT
 
 /*******************************************************************************
- * ASN.1 Parsing and Printing Implemenation
+ * ASN.1 Parsing and Printing Implementation
  ******************************************************************************/
 
 /* Initialize ASN.1 print options.
@@ -37147,9 +38013,6 @@ int wc_Asn1_SetFile(Asn1* asn1, XFILE file)
     return ret;
 }
 
-/* Maximum OID dotted form size. */
-#define ASN1_OID_DOTTED_MAX_SZ         16
-
 /* Print OID in dotted form or as hex bytes.
  *
  * @param [in]  file        File pointer to write to.
@@ -37167,7 +38030,7 @@ static void PrintObjectIdNum(XFILE file, unsigned char* oid, word32 len)
         /* Print out each number of dotted form. */
         for (i = 0; i < num; i++) {
             XFPRINTF(file, "%d", dotted_nums[i]);
-            /* Add separetor. */
+            /* Add separator. */
             if (i < num - 1) {
                 XFPRINTF(file, ".");
             }
@@ -37177,7 +38040,7 @@ static void PrintObjectIdNum(XFILE file, unsigned char* oid, word32 len)
         /* Print out bytes as we couldn't decode. */
         for (i = 0; i < len; i++) {
             XFPRINTF(file, "%02x", oid[i]);
-            /* Add separetor. */
+            /* Add separator. */
             if (i < len - 1) {
                 XFPRINTF(file, ":");
             }
@@ -37577,7 +38440,7 @@ static void DumpHeader(Asn1* asn1, Asn1PrintOptions* opts)
     }
 }
 
-/* Print ASN.1 item info based on header and indeces.
+/* Print ASN.1 item info based on header and indices.
  *
  * @param [in] asn1  ASN.1 parse object.
  * @param [in] opts  ASN.1 options for printing.
@@ -37678,7 +38541,7 @@ static int wc_Asn1_Print(Asn1* asn1, Asn1PrintOptions* opts)
                 /* Done with this ASN.1 item. */
                 asn1->part = ASN_PART_TAG;
             }
-            /* Check end indeces are valid. */
+            /* Check end indices are valid. */
             ret = CheckDepth(asn1);
         }
     }
@@ -37700,7 +38563,7 @@ static int wc_Asn1_Print(Asn1* asn1, Asn1PrintOptions* opts)
         }
         /* Step past data to next ASN.1 item. */
         asn1->curr += asn1->item.len;
-        /* Update the depth based on end indeces. */
+        /* Update the depth based on end indices. */
         UpdateDepth(asn1);
         /* Done with this ASN.1 item. */
         asn1->part = ASN_PART_TAG;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c b/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
index 76912b1e..9f2897f2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/camellia.c
@@ -1464,7 +1464,7 @@ static void camellia_decrypt256(const u32 *subkey, u32 *io)
  * API for compatibility
  */
 
-static void Camellia_EncryptBlock(const int keyBitLength,
+static void Camellia_EncryptBlock(const word32 keyBitLength,
                            const unsigned char *plaintext,
                            const KEY_TABLE_TYPE keyTable,
                            unsigned char *ciphertext)
@@ -1495,7 +1495,7 @@ static void Camellia_EncryptBlock(const int keyBitLength,
     PUTU32(ciphertext + 12, tmp[3]);
 }
 
-static void Camellia_DecryptBlock(const int keyBitLength,
+static void Camellia_DecryptBlock(const word32 keyBitLength,
                            const unsigned char *ciphertext,
                            const KEY_TABLE_TYPE keyTable,
                            unsigned char *plaintext)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
index 91e6bf0e..d3a982ed 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha.c
@@ -28,17 +28,18 @@ D. J. Bernstein
 Public domain.
 
 */
-#ifdef WOLFSSL_ARMASM
-    /* implementation is located in wolfcrypt/src/port/arm/armv8-chacha.c */
 
-#else
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(HAVE_CHACHA) && !defined(WOLFSSL_ARMASM)
+#if defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)
+    /* implementation is located in wolfcrypt/src/port/arm/armv8-chacha.c */
+
+#else
+#if defined(HAVE_CHACHA)
 
 #include <wolfssl/wolfcrypt/chacha.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
@@ -436,6 +437,6 @@ void wc_Chacha_purge_current_block(ChaCha* ctx) {
     }
 }
 
-#endif /* HAVE_CHACHA*/
+#endif /* HAVE_CHACHA */
 
-#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM && !WOLFSSL_ARMASM_NO_NEON */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
index e4ebd101..0c37de74 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha20_poly1305.c
@@ -355,9 +355,9 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
     int isEncrypt)
 {
     int ret;
-    ssize_t dst_len = isEncrypt ?
-        (ssize_t)src_len + POLY1305_DIGEST_SIZE :
-        (ssize_t)src_len - POLY1305_DIGEST_SIZE;
+    long int dst_len = isEncrypt ?
+        (long int)src_len + POLY1305_DIGEST_SIZE :
+        (long int)src_len - POLY1305_DIGEST_SIZE;
     const byte *src_i;
     byte *dst_i;
     size_t src_len_rem;
@@ -375,7 +375,7 @@ static WC_INLINE int wc_XChaCha20Poly1305_crypt_oneshot(
         goto out;
     }
 
-    if ((ssize_t)dst_space < dst_len) {
+    if ((long int)dst_space < dst_len) {
         ret = BUFFER_E;
         goto out;
     }
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
index 6fafafab..9ca854cb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/chacha_asm.S
@@ -1,5 +1,5 @@
-/* chacha_asm
- *
+/* chacha_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
index e3b9f39e..7cade190 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/cmac.c
@@ -115,11 +115,12 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
     XMEMSET(cmac, 0, sizeof(Cmac));
 
 #ifdef WOLF_CRYPTO_CB
+    /* Set devId regardless of value (invalid or not) */
+    cmac->devId = devId;
     #ifndef WOLF_CRYPTO_CB_FIND
     if (devId != INVALID_DEVID)
     #endif
     {
-        cmac->devId = devId;
         cmac->devCtx = NULL;
 
         ret = wc_CryptoCb_Cmac(cmac, key, keySz, NULL, 0, NULL, NULL,
@@ -136,6 +137,8 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
         return BAD_FUNC_ARG;
     }
 
+    ret = wc_AesInit(&cmac->aes, heap, devId);
+
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)
     cmac->useSWCrypt = useSW;
     if (cmac->useSWCrypt == 1) {
@@ -143,7 +146,10 @@ int wc_InitCmac_ex(Cmac* cmac, const byte* key, word32 keySz,
     }
 #endif
 
-    ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
+    if (ret == 0) {
+        ret = wc_AesSetKey(&cmac->aes, key, keySz, NULL, AES_ENCRYPTION);
+    }
+
     if (ret == 0) {
         byte l[AES_BLOCK_SIZE];
 
@@ -217,8 +223,24 @@ int wc_CmacUpdate(Cmac* cmac, const byte* in, word32 inSz)
     return ret;
 }
 
+int wc_CmacFree(Cmac* cmac)
+{
+    if (cmac == NULL)
+        return BAD_FUNC_ARG;
+#if defined(WOLFSSL_HASH_KEEP)
+    /* TODO: msg is leaked if wc_CmacFinal() is not called
+     * e.g. when multiple calls to wc_CmacUpdate() and one fails but
+     * wc_CmacFinal() not called. */
+    if (cmac->msg != NULL) {
+        XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+#endif
+    wc_AesFree(&cmac->aes);
+    ForceZero(cmac, sizeof(Cmac));
+    return 0;
+}
 
-int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
+int wc_CmacFinalNoFree(Cmac* cmac, byte* out, word32* outSz)
 {
     int ret;
     const byte* subKey;
@@ -270,22 +292,19 @@ int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz)
         XMEMCPY(out, cmac->digest, *outSz);
     }
 
-#if defined(WOLFSSL_HASH_KEEP)
-    /* TODO: msg is leaked if wc_CmacFinal() is not called
-     * e.g. when multiple calls to wc_CmacUpdate() and one fails but
-     * wc_CmacFinal() not called. */
-    if (cmac->msg != NULL) {
-        XFREE(cmac->msg, cmac->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        cmac->msg = NULL;
-    }
-#endif
-    wc_AesFree(&cmac->aes);
-    ForceZero(cmac, sizeof(Cmac));
+    return 0;
+}
 
+int wc_CmacFinal(Cmac* cmac, byte* out, word32* outSz) {
+    int ret;
+
+    if (cmac == NULL)
+        return BAD_FUNC_ARG;
+    ret = wc_CmacFinalNoFree(cmac, out, outSz);
+    (void)wc_CmacFree(cmac);
     return ret;
 }
 
-
 int wc_AesCmacGenerate(byte* out, word32* outSz,
                        const byte* in, word32 inSz,
                        const byte* key, word32 keySz)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c b/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
index 766e0c91..58c154c5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/compress.c
@@ -245,6 +245,7 @@ int wc_DeCompressDynamic(byte** out, int maxSz, int memoryType,
     stream.opaque = (voidpf)0;
 
     if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS | windowBits) != Z_OK) {
+        XFREE(tmp, heap, memoryType);
         return DECOMPRESS_INIT_E;
     }
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
index 13edcc49..cc09ec04 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/cryptocb.c
@@ -22,6 +22,20 @@
 /* This framework provides a central place for crypto hardware integration
    using the devId scheme. If not supported return `CRYPTOCB_UNAVAILABLE`. */
 
+/* Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ * enable the find device callback functions
+ * WOLF_CRYPTO_CB_FIND
+ *
+ * enable the command callback functions to invoke the callback during
+ * register and unregister
+ * WOLF_CRYPTO_CB_CMD
+ *
+ * enable debug InfoString functions
+ * DEBUG_CRYPTOCB
+ */
+
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
@@ -34,6 +48,10 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
+#ifdef HAVE_ARIA
+    #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
+
 #ifdef WOLFSSL_CAAM
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
@@ -58,6 +76,9 @@ static CryptoDevCallbackFind CryptoCb_FindCb = NULL;
 static const char* GetAlgoTypeStr(int algo)
 {
     switch (algo) { /* enum wc_AlgoType */
+#ifdef WOLF_CRYPTO_CB_CMD
+        case WC_ALGO_TYPE_NONE:   return "None-Command";
+#endif
         case WC_ALGO_TYPE_HASH:   return "Hash";
         case WC_ALGO_TYPE_CIPHER: return "Cipher";
         case WC_ALGO_TYPE_PK:     return "PK";
@@ -133,6 +154,17 @@ static const char* GetRsaType(int type)
 }
 #endif
 
+#ifdef WOLF_CRYPTO_CB_CMD
+static const char* GetCryptoCbCmdTypeStr(int type)
+{
+    switch (type) {
+        case WC_CRYPTOCB_CMD_TYPE_REGISTER:   return "Register";
+        case WC_CRYPTOCB_CMD_TYPE_UNREGISTER: return "UnRegister";
+    }
+    return NULL;
+}
+#endif
+
 WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
 {
     if (info == NULL)
@@ -165,6 +197,12 @@ WOLFSSL_API void wc_CryptoCb_InfoString(wc_CryptoInfo* info)
         printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type),
             GetHashTypeStr(info->hmac.macType), info->hmac.macType);
     }
+#ifdef WOLF_CRYPTO_CB_CMD
+    else if (info->algo_type == WC_ALGO_TYPE_NONE) {
+        printf("Crypto CB: %s %s (%d)\n", GetAlgoTypeStr(info->algo_type),
+            GetCryptoCbCmdTypeStr(info->cmd.type), info->cmd.type);
+    }
+#endif
     else {
         printf("CryptoCb: %s \n", GetAlgoTypeStr(info->algo_type));
     }
@@ -219,11 +257,28 @@ static WC_INLINE int wc_CryptoCb_TranslateErrorCode(int ret)
     return ret;
 }
 
+/* Helper function to reset a device entry to invalid */
+static WC_INLINE void wc_CryptoCb_ClearDev(CryptoCb *dev)
+{
+    XMEMSET(dev, 0, sizeof(*dev));
+    dev->devId = INVALID_DEVID;
+}
+
 void wc_CryptoCb_Init(void)
 {
     int i;
-    for (i=0; i<MAX_CRYPTO_DEVID_CALLBACKS; i++) {
-        gCryptoDev[i].devId = INVALID_DEVID;
+    for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) {
+        wc_CryptoCb_ClearDev(&gCryptoDev[i]);
+    }
+}
+
+void wc_CryptoCb_Cleanup(void)
+{
+    int i;
+    for (i = 0; i < MAX_CRYPTO_DEVID_CALLBACKS; i++) {
+        if(gCryptoDev[i].devId != INVALID_DEVID) {
+            wc_CryptoCb_UnRegisterDevice(gCryptoDev[i].devId);
+        }
     }
 }
 
@@ -251,6 +306,8 @@ void wc_CryptoCb_SetDeviceFindCb(CryptoDevCallbackFind cb)
 
 int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
 {
+    int rc = 0;
+
     /* find existing or new */
     CryptoCb* dev = wc_CryptoCb_GetDevice(devId);
     if (dev == NULL)
@@ -260,19 +317,64 @@ int wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx)
         return BUFFER_E; /* out of devices */
 
     dev->devId = devId;
-    dev->cb = cb;
-    dev->ctx = ctx;
-
-    return 0;
+    dev->cb    = cb;
+    dev->ctx   = ctx;
+
+#ifdef WOLF_CRYPTO_CB_CMD
+    if (cb != NULL) {
+        /* Invoke callback with register command */
+        wc_CryptoInfo info;
+        XMEMSET(&info, 0, sizeof(info));
+        info.algo_type = WC_ALGO_TYPE_NONE;
+        info.cmd.type  = WC_CRYPTOCB_CMD_TYPE_REGISTER;
+        info.cmd.ctx   = ctx;  /* cb may update on success */
+
+        rc = cb(devId, &info, ctx);
+        if (rc == 0) {
+            /* Success.  Update dev->ctx */
+            dev->ctx = info.cmd.ctx;
+        }
+        else if ((rc == CRYPTOCB_UNAVAILABLE) ||
+                 (rc == NOT_COMPILED_IN)) {
+            /* Not implemented.  Return success*/
+            rc = 0;
+        }
+        else {
+            /* Error in callback register cmd. Don't register */
+            wc_CryptoCb_ClearDev(dev);
+        }
+    }
+#endif
+    return rc;
 }
 
 void wc_CryptoCb_UnRegisterDevice(int devId)
 {
-    CryptoCb* dev = wc_CryptoCb_GetDevice(devId);
-    if (dev) {
-        XMEMSET(dev, 0, sizeof(*dev));
-        dev->devId = INVALID_DEVID;
+    CryptoCb* dev = NULL;
+
+    /* Can't unregister the invalid device */
+    if (devId == INVALID_DEVID)
+        return;
+
+    /* Find the matching dev */
+    dev = wc_CryptoCb_GetDevice(devId);
+    if (dev == NULL)
+        return;
+
+#ifdef WOLF_CRYPTO_CB_CMD
+    if (dev->cb != NULL) {
+        /* Invoke callback with unregister command.*/
+        wc_CryptoInfo info;
+        XMEMSET(&info, 0, sizeof(info));
+        info.algo_type = WC_ALGO_TYPE_NONE;
+        info.cmd.type  = WC_CRYPTOCB_CMD_TYPE_UNREGISTER;
+        info.cmd.ctx   = NULL;  /* Not used */
+
+        /* Ignore errors here */
+        dev->cb(devId, &info, dev->ctx);
     }
+#endif
+    wc_CryptoCb_ClearDev(dev);
 }
 
 #ifndef NO_RSA
@@ -1337,6 +1439,10 @@ int wc_CryptoCb_DefaultDevID(void)
     /* conditional macro selection based on build */
 #ifdef WOLFSSL_CAAM_DEVID
     ret = WOLFSSL_CAAM_DEVID;
+#elif defined(HAVE_ARIA)
+    ret = WOLFSSL_ARIA_DEVID;
+#elif defined(WC_USE_DEVID)
+    ret = WC_USE_DEVID;
 #else
     ret = INVALID_DEVID;
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c b/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
index d97a1868..e5c3593b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/curve25519.c
@@ -58,7 +58,13 @@ const curve25519_set_type curve25519_sets[] = {
     }
 };
 
-static const unsigned char kCurve25519BasePoint[CURVE25519_KEYSIZE] = {9};
+static const word32 kCurve25519BasePoint[CURVE25519_KEYSIZE/sizeof(word32)] = {
+#ifdef BIG_ENDIAN_ORDER
+    0x09000000
+#else
+    9
+#endif
+};
 
 /* Curve25519 private key must be less than order */
 /* These functions clamp private k and check it */
@@ -133,7 +139,7 @@ int wc_curve25519_make_pub(int public_size, byte* pub, int private_size,
 
     SAVE_VECTOR_REGISTERS(return _svr_ret;);
 
-    ret = curve25519(pub, priv, kCurve25519BasePoint);
+    ret = curve25519(pub, priv, (byte*)kCurve25519BasePoint);
 
     RESTORE_VECTOR_REGISTERS();
 #endif
@@ -325,14 +331,11 @@ int wc_curve25519_shared_secret_ex(curve25519_key* private_key,
         }
     }
 #endif
-    if (ret != 0) {
-        ForceZero(&o, sizeof(o));
-        return ret;
+    if (ret == 0) {
+        curve25519_copy_point(out, o.point, endian);
+        *outlen = CURVE25519_KEYSIZE;
     }
 
-    curve25519_copy_point(out, o.point, endian);
-    *outlen = CURVE25519_KEYSIZE;
-
     ForceZero(&o, sizeof(o));
 
     return ret;
@@ -372,7 +375,7 @@ int wc_curve25519_export_public_ex(curve25519_key* key, byte* out,
                                      (int)sizeof(key->k), key->k);
         key->pubSet = (ret == 0);
     }
-    /* export public point with endianess */
+    /* export public point with endianness */
     curve25519_copy_point(out, key->p.point, endian);
     *outLen = CURVE25519_KEYSIZE;
 
@@ -410,7 +413,7 @@ int wc_curve25519_import_public_ex(const byte* in, word32 inLen,
        return ECC_BAD_ARG_E;
     }
 
-    /* import public point with endianess */
+    /* import public point with endianness */
     curve25519_copy_point(key->p.point, in, endian);
     key->pubSet = 1;
 
@@ -535,7 +538,7 @@ int wc_curve25519_export_private_raw_ex(curve25519_key* key, byte* out,
         return ECC_BAD_ARG_E;
     }
 
-    /* export private scalar with endianess */
+    /* export private scalar with endianness */
     curve25519_copy_point(out, key->k, endian);
     *outLen = CURVE25519_KEYSIZE;
 
@@ -632,7 +635,7 @@ int wc_curve25519_import_private_ex(const byte* priv, word32 privSz,
     se050_curve25519_free_key(key);
 #endif
 
-    /* import private scalar with endianess */
+    /* import private scalar with endianness */
     curve25519_copy_point(key->k, priv, endian);
     key->privSet = 1;
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
index d932a4a2..650c33a3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/des3.c
@@ -49,85 +49,6 @@
     #include <wolfssl/wolfcrypt/cryptocb.h>
 #endif
 
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir)
-    {
-        return Des_SetKey(des, key, iv, dir);
-    }
-    int wc_Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir)
-    {
-        if (des == NULL || key == NULL || dir < 0) {
-            return BAD_FUNC_ARG;
-        }
-
-        return Des3_SetKey_fips(des, key, iv, dir);
-    }
-    int wc_Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        return Des_CbcEncrypt(des, out, in, sz);
-    }
-    int wc_Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz)
-    {
-        return Des_CbcDecrypt(des, out, in, sz);
-    }
-    int wc_Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return Des3_CbcEncrypt_fips(des, out, in, sz);
-    }
-    int wc_Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz)
-    {
-        if (des == NULL || out == NULL || in == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return Des3_CbcDecrypt_fips(des, out, in, sz);
-    }
-
-    #ifdef WOLFSSL_DES_ECB
-        /* One block, compatibility only */
-        int wc_Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz)
-        {
-            return Des_EcbEncrypt(des, out, in, sz);
-        }
-        int wc_Des3_EcbEncrypt(Des3* des, byte* out, const byte* in, word32 sz)
-        {
-            return Des3_EcbEncrypt(des, out, in, sz);
-        }
-    #endif /* WOLFSSL_DES_ECB */
-
-    void wc_Des_SetIV(Des* des, const byte* iv)
-    {
-        Des_SetIV(des, iv);
-    }
-    int wc_Des3_SetIV(Des3* des, const byte* iv)
-    {
-        return Des3_SetIV_fips(des, iv);
-    }
-
-    int wc_Des3Init(Des3* des3, void* heap, int devId)
-    {
-        (void)des3;
-        (void)heap;
-        (void)devId;
-        /* FIPS doesn't support:
-            return Des3Init(des3, heap, devId); */
-        return 0;
-    }
-    void wc_Des3Free(Des3* des3)
-    {
-        (void)des3;
-        /* FIPS doesn't support:
-            Des3Free(des3); */
-    }
-
-#else /* else build without fips, or for FIPS v2 */
-
-
 #if defined(WOLFSSL_TI_CRYPT)
     #include <wolfcrypt/src/port/ti/ti-des3.c>
 #else
@@ -517,7 +438,7 @@
 
 #elif defined(HAVE_COLDFIRE_SEC)
 
-    #include <wolfssl/ctaocrypt/types.h>
+    #include <wolfssl/wolfcrypt/types.h>
 
     #include "sec.h"
     #include "mcf5475_sec.h"
@@ -1695,7 +1616,7 @@
         #elif defined(HAVE_INTEL_QA)
             return IntelQaSymDes3CbcEncrypt(&des->asyncDev, out, in, sz,
                 (const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
-        #else /* WOLFSSL_ASYNC_CRYPT_SW */
+        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
             if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_ENCRYPT)) {
                 WC_ASYNC_SW* sw = &des->asyncDev.sw;
                 sw->des.des = des;
@@ -1746,7 +1667,7 @@
         #elif defined(HAVE_INTEL_QA)
             return IntelQaSymDes3CbcDecrypt(&des->asyncDev, out, in, sz,
                 (const byte*)des->devKey, DES3_KEYLEN, (byte*)des->reg, DES3_IVLEN);
-        #else /* WOLFSSL_ASYNC_CRYPT_SW */
+        #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
             if (wc_AsyncSwInit(&des->asyncDev, ASYNC_SW_DES3_CBC_DECRYPT)) {
                 WC_ASYNC_SW* sw = &des->asyncDev.sw;
                 sw->des.des = des;
@@ -1889,5 +1810,4 @@ void wc_Des3Free(Des3* des3)
 }
 
 #endif /* WOLFSSL_TI_CRYPT */
-#endif /* HAVE_FIPS */
 #endif /* NO_DES3 */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c b/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
index f89b5525..e638a51c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/dh.c
@@ -1021,7 +1021,7 @@ static int _ffc_pairwise_consistency_test(DhKey* key,
 /* if not using fixed points use DiscreteLogWorkFactor function for unusual size
    otherwise round up on size needed */
 #ifndef WOLFSSL_DH_CONST
-    #define WOLFSSL_DH_ROUND(x)
+    #define WOLFSSL_DH_ROUND(x) WC_DO_NOTHING
 #else
     #define WOLFSSL_DH_ROUND(x) \
         do {                    \
@@ -1352,7 +1352,7 @@ static int GeneratePublicDh(DhKey* key, byte* priv, word32 privSz,
         *pubSz = (word32)mp_unsigned_bin_size(y);
 
     mp_clear(y);
-    mp_clear(x);
+    mp_forcezero(x);
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     XFREE(y, key->heap, DYNAMIC_TYPE_DH);
     XFREE(x, key->heap, DYNAMIC_TYPE_DH);
@@ -1433,7 +1433,7 @@ static int wc_DhGenerateKeyPair_Async(DhKey* key, WC_RNG* rng,
 #elif defined(HAVE_CAVIUM)
     /* TODO: Not implemented - use software for now */
 
-#else /* WOLFSSL_ASYNC_CRYPT_SW */
+#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
     if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_GEN)) {
         WC_ASYNC_SW* sw = &key->asyncDev.sw;
         sw->dhGen.key = key;
@@ -2207,7 +2207,7 @@ static int wc_DhAgree_Async(DhKey* key, byte* agree, word32* agreeSz,
 #elif defined(HAVE_CAVIUM)
     /* TODO: Not implemented - use software for now */
 
-#else /* WOLFSSL_ASYNC_CRYPT_SW */
+#elif defined(WOLFSSL_ASYNC_CRYPT_SW)
     if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_DH_AGREE)) {
         WC_ASYNC_SW* sw = &key->asyncDev.sw;
         sw->dhAgree.key = key;
@@ -2886,6 +2886,11 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
             ret = 0;
     unsigned char *buf = NULL;
 
+#if !defined(WOLFSSL_SMALL_STACK) || defined(WOLFSSL_NO_MALLOC)
+    XMEMSET(tmp, 0, sizeof(tmp));
+    XMEMSET(tmp2, 0, sizeof(tmp2));
+#endif
+
     if (rng == NULL || dh == NULL)
         ret = BAD_FUNC_ARG;
 
@@ -2934,9 +2939,22 @@ int wc_DhGenerateParams(WC_RNG *rng, int modSz, DhKey *dh)
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if (ret == 0) {
-        if (((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) ||
-            ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL, DYNAMIC_TYPE_WOLF_BIGINT)) == NULL))
+        if ((tmp = (mp_int *)XMALLOC(sizeof(*tmp), NULL,
+                DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
+            ret = MEMORY_E;
+        }
+        else {
+            XMEMSET(tmp, 0, sizeof(*tmp));
+        }
+    }
+    if (ret == 0) {
+        if ((tmp2 = (mp_int *)XMALLOC(sizeof(*tmp2), NULL,
+                DYNAMIC_TYPE_WOLF_BIGINT)) == NULL) {
             ret = MEMORY_E;
+        }
+        else {
+            XMEMSET(tmp2, 0, sizeof(*tmp2));
+        }
     }
 #endif
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
index 1e4f59a3..3cdcffe3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/dsa.c
@@ -260,7 +260,7 @@ int wc_MakeDsaParameters(WC_RNG *rng, int modulus_size, DsaKey *dsa)
      */
     switch (modulus_size) {
 #ifdef WOLFSSL_DSA_768_MODULUS
-    /* This key length is unsecure and only included for bind 9 testing */
+    /* This key length is insecure and only included for bind 9 testing */
         case 768:
 #endif
         case 1024:
@@ -641,7 +641,7 @@ int wc_DsaExportKeyRaw(DsaKey* dsa, byte* x, word32* xSz, byte* y, word32* ySz)
 
 int wc_DsaSign(const byte* digest, byte* out, DsaKey* key, WC_RNG* rng)
 {
-    /* use sha1 by default for backwards compatability */
+    /* use sha1 by default for backwards compatibility */
     return wc_DsaSign_ex(digest, WC_SHA_DIGEST_SIZE, out, key, rng);
 }
 
@@ -756,7 +756,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
                 break;
             }
 
-            /* k is a random numnber and it should be less than q-1
+            /* k is a random number and it should be less than q-1
              * if k greater than repeat
              */
             /* Step 6 */
@@ -976,7 +976,7 @@ int wc_DsaSign_ex(const byte* digest, word32 digestSz, byte* out, DsaKey* key,
 
 int wc_DsaVerify(const byte* digest, const byte* sig, DsaKey* key, int* answer)
 {
-    /* use sha1 by default for backwards compatability */
+    /* use sha1 by default for backwards compatibility */
     return wc_DsaVerify_ex(digest, WC_SHA_DIGEST_SIZE, sig, key, answer);
 }
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
index 7bee4b16..c4ad9e8a 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ecc.c
@@ -92,6 +92,12 @@ Possible ECC enable options:
  *                      Enables implementations that protect data that is in
  *                      encrypted memory.
  *                                                              default: off
+ * WOLFSSL_ECC_GEN_REJECT_SAMPLING
+ *                      Enables generation of scalar (private key and ECDSA
+ *                      nonce) to be performed using reject sampling algorithm.
+ *                      Use this when CPU state can be closely observed by
+ *                      attacker.
+ *                                                              default: off
  */
 
 /*
@@ -101,6 +107,7 @@ ECC Curve Types:
  * HAVE_ECC_SECPR3      Enables SECP R3 curves                  default: off
  * HAVE_ECC_BRAINPOOL   Enables Brainpool curves                default: off
  * HAVE_ECC_KOBLITZ     Enables Koblitz curves                  default: off
+ * WOLFSSL_SM2          Enables SM2 curves                      default: off
  */
 
 /*
@@ -215,13 +222,30 @@ ECC Curve Sizes:
 #endif
 
 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
-    !defined(WOLFSSL_SILABS_SE_ACCEL) && !defined(WOLFSSL_KCAPI_ECC) && \
-    !defined(WOLFSSL_CRYPTOCELL) && !defined(NO_ECC_MAKE_PUB) && \
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+    !defined(WOLFSSL_KCAPI_ECC) && !defined(WOLFSSL_SE050) && \
+    !defined(WOLFSSL_XILINX_CRYPT_VERSAL) && !defined(WOLFSSL_STM32_PKA)
+    #undef  HAVE_ECC_VERIFY_HELPER
+    #define HAVE_ECC_VERIFY_HELPER
+#endif
+
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+    !defined(WOLFSSL_KCAPI_ECC) && !defined(NO_ECC_MAKE_PUB) && \
     !defined(WOLF_CRYPTO_CB_ONLY_ECC)
     #undef  HAVE_ECC_MAKE_PUB
     #define HAVE_ECC_MAKE_PUB
 #endif
 
+#if !defined(WOLFSSL_SP_MATH) && \
+    !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
+    !defined(WOLFSSL_SE050) && !defined(WOLFSSL_STM32_PKA) && \
+    !defined(WOLF_CRYPTO_CB_ONLY_ECC)
+    #undef  HAVE_ECC_CHECK_PUBKEY_ORDER
+    #define HAVE_ECC_CHECK_PUBKEY_ORDER
+#endif
+
 #if defined(WOLFSSL_SP_MATH_ALL) && SP_INT_BITS < MAX_ECC_BITS_NEEDED
 #define MAX_ECC_BITS_USE    SP_INT_BITS
 #else
@@ -319,7 +343,7 @@ enum {
         #endif
         #define ecc_oid_secp112r1_sz CODED_SECP112R1_SZ
     #endif /* !NO_ECC_SECP */
-    #ifdef HAVE_ECC_SECPR2
+    #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
         #ifdef HAVE_OID_ENCODING
             #define CODED_SECP112R2    {1,3,132,0,7}
             #define CODED_SECP112R2_SZ 5
@@ -333,7 +357,7 @@ enum {
             #define ecc_oid_secp112r2 CODED_SECP112R2
         #endif
         #define ecc_oid_secp112r2_sz CODED_SECP112R2_SZ
-    #endif /* HAVE_ECC_SECPR2 */
+    #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
 #endif /* ECC112 */
 #ifdef ECC128
     #ifndef NO_ECC_SECP
@@ -351,7 +375,7 @@ enum {
         #endif
         #define ecc_oid_secp128r1_sz CODED_SECP128R1_SZ
     #endif /* !NO_ECC_SECP */
-    #ifdef HAVE_ECC_SECPR2
+    #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
         #ifdef HAVE_OID_ENCODING
             #define CODED_SECP128R2    {1,3,132,0,29}
             #define CODED_SECP128R2_SZ 5
@@ -365,7 +389,7 @@ enum {
             #define ecc_oid_secp128r2 CODED_SECP128R2
         #endif
         #define ecc_oid_secp128r2_sz CODED_SECP128R2_SZ
-    #endif /* HAVE_ECC_SECPR2 */
+    #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
 #endif /* ECC128 */
 #ifdef ECC160
 #ifndef FP_ECC
@@ -649,6 +673,21 @@ enum {
         #define ecc_oid_brainpoolp256r1_sz CODED_BRAINPOOLP256R1_SZ
     #endif /* HAVE_ECC_BRAINPOOL */
 #endif /* ECC256 */
+    #if defined(WOLFSSL_SM2)
+        #ifdef HAVE_OID_ENCODING
+            #define CODED_SM2P256V1    {1,2,156,10197,1,301}
+            #define CODED_SM2P256V1_SZ 6
+        #else
+            #define CODED_SM2P256V1 {0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2d}
+            #define CODED_SM2P256V1_SZ 8
+        #endif
+        #ifndef WOLFSSL_ECC_CURVE_STATIC
+            static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1;
+        #else
+            #define ecc_oid_sm2p256v1 CODED_SM2P256V1
+        #endif
+        #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ
+    #endif /* WOLFSSL_SM2 */
 #ifdef ECC320
     #ifdef HAVE_ECC_BRAINPOOL
         #ifdef HAVE_OID_ENCODING
@@ -757,7 +796,7 @@ const ecc_set_type ecc_sets[] = {
         1,                              /* cofactor   */
     },
     #endif /* !NO_ECC_SECP */
-    #ifdef HAVE_ECC_SECPR2
+    #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
     {
         14,                             /* size/bytes */
         ECC_SECP112R2,                  /* ID         */
@@ -773,7 +812,7 @@ const ecc_set_type ecc_sets[] = {
         ECC_SECP112R2_OID,              /* oid sum    */
         4,                              /* cofactor   */
     },
-    #endif /* HAVE_ECC_SECPR2 */
+    #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
 #endif /* ECC112 */
 #ifdef ECC128
     #ifndef NO_ECC_SECP
@@ -793,7 +832,7 @@ const ecc_set_type ecc_sets[] = {
         1,                                  /* cofactor   */
     },
     #endif /* !NO_ECC_SECP */
-    #ifdef HAVE_ECC_SECPR2
+    #if defined(HAVE_ECC_SECPR2) && defined(HAVE_ECC_KOBLITZ)
     {
         16,                                 /* size/bytes */
         ECC_SECP128R2,                      /* ID         */
@@ -809,7 +848,7 @@ const ecc_set_type ecc_sets[] = {
         ECC_SECP128R2_OID,                  /* oid sum    */
         4,                                  /* cofactor   */
     },
-    #endif /* HAVE_ECC_SECPR2 */
+    #endif /* HAVE_ECC_SECPR2 && HAVE_ECC_KOBLITZ */
 #endif /* ECC128 */
 #ifdef ECC160
 #ifndef FP_ECC
@@ -1129,6 +1168,25 @@ const ecc_set_type ecc_sets[] = {
     },
     #endif /* HAVE_ECC_BRAINPOOL */
 #endif /* ECC256 */
+    #if defined(WOLFSSL_SM2)
+    {
+        32,                                                     /* size/bytes */
+        ECC_SM2P256V1,                                          /* ID         */
+        "SM2P256V1",                                            /* curve name */
+
+        /* bottom of draft-shen-sm2-ecdsa-02, recommended values */
+        "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", /* prime */
+        "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", /* A */
+        "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", /* B */
+        "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", /* order */
+        "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", /* Gx */
+        "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", /* Gy */
+        ecc_oid_sm2p256v1,                                      /* oid/oidSz  */
+        ecc_oid_sm2p256v1_sz,
+        ECC_SM2P256V1_OID,                                      /* oid sum    */
+        1,                                                      /* cofactor   */
+    },
+    #endif /* WOLFSSL_SM2 */
 #ifdef ECC320
     #ifdef HAVE_ECC_BRAINPOOL
     {
@@ -1274,18 +1332,11 @@ const size_t ecc_sets_count = ECC_SET_COUNT - 1;
     static oid_cache_t ecc_oid_cache[ECC_SET_COUNT];
 #endif
 
-
+/* Forward declarations */
 #if defined(HAVE_COMP_KEY) && defined(HAVE_ECC_KEY_EXPORT)
 static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen);
 #endif
-
-
-
-#if !defined(WOLFSSL_SP_MATH) && \
-    !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
-    !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
-    !defined(WOLFSSL_SE050) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
-    !defined(WOLFSSL_STM32_PKA)
+#ifdef HAVE_ECC_CHECK_PUBKEY_ORDER
 static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
     mp_int* prime, mp_int* order);
 #endif
@@ -1296,8 +1347,18 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng);
 #endif
 
 
-int mp_jacobi(mp_int* a, mp_int* n, int* c);
-int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret);
+#ifdef HAVE_COMP_KEY
+#if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
+    !defined(WOLFSSL_CRYPTOCELL)
+
+#ifndef WOLFSSL_SP_MATH
+#if !defined(SQRTMOD_USE_MOD_EXP)
+static int mp_jacobi(mp_int* a, mp_int* n, int* c);
+#endif
+static int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret);
+#endif
+#endif
+#endif
 
 
 /* Curve Specs */
@@ -1335,25 +1396,22 @@ typedef struct ecc_curve_spec {
     byte load_mask;
 } ecc_curve_spec;
 
-enum ecc_curve_load_mask {
-    ECC_CURVE_FIELD_NONE    = 0x00,
-    ECC_CURVE_FIELD_PRIME   = 0x01,
-    ECC_CURVE_FIELD_AF      = 0x02,
+    #define ECC_CURVE_FIELD_NONE    0x00
+    #define ECC_CURVE_FIELD_PRIME   0x01
+    #define ECC_CURVE_FIELD_AF      0x02
 #ifdef USE_ECC_B_PARAM
-    ECC_CURVE_FIELD_BF      = 0x04,
+    #define ECC_CURVE_FIELD_BF      0x04
 #endif
-    ECC_CURVE_FIELD_ORDER   = 0x08,
-    ECC_CURVE_FIELD_GX      = 0x10,
-    ECC_CURVE_FIELD_GY      = 0x20,
+    #define ECC_CURVE_FIELD_ORDER   0x08
+    #define ECC_CURVE_FIELD_GX      0x10
+    #define ECC_CURVE_FIELD_GY      0x20
 #ifdef USE_ECC_B_PARAM
-    ECC_CURVE_FIELD_ALL     = 0x3F,
-    ECC_CURVE_FIELD_COUNT   = 6,
+    #define ECC_CURVE_FIELD_ALL     0x3F
+    #define ECC_CURVE_FIELD_COUNT   6
 #else
-    ECC_CURVE_FIELD_ALL     = 0x3B,
-    ECC_CURVE_FIELD_COUNT   = 5,
+    #define ECC_CURVE_FIELD_ALL     0x3B
+    #define ECC_CURVE_FIELD_COUNT   5
 #endif
-    WOLF_ENUM_DUMMY_LAST_ELEMENT(ecc_curve_load_mask)
-};
 
 #if defined(WOLFSSL_XILINX_CRYPT_VERSAL)
 static const u32 xil_curve_type[ECC_CURVE_MAX] = {
@@ -1409,8 +1467,8 @@ static int xil_mpi_import(mp_int *mpi,
     #endif
 
     #define DECLARE_CURVE_SPECS(intcount) ecc_curve_spec* curve = NULL
-    #define ALLOC_CURVE_SPECS(intcount, err)
-    #define FREE_CURVE_SPECS()
+    #define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
+    #define FREE_CURVE_SPECS() WC_DO_NOTHING
 #elif defined(WOLFSSL_SMALL_STACK)
 #ifdef WOLFSSL_SP_MATH_ALL
     #define DECLARE_CURVE_SPECS(intcount)                               \
@@ -1465,8 +1523,8 @@ static int xil_mpi_import(mp_int *mpi,
         curve->spec_ints = spec_ints;                                   \
         curve->spec_count = (intcount)
 #endif
-    #define ALLOC_CURVE_SPECS(intcount, err)
-    #define FREE_CURVE_SPECS()
+    #define ALLOC_CURVE_SPECS(intcount, err) WC_DO_NOTHING
+    #define FREE_CURVE_SPECS() WC_DO_NOTHING
 #endif /* ECC_CACHE_CURVE */
 
 static void wc_ecc_curve_cache_free_spec_item(ecc_curve_spec* curve, mp_int* item,
@@ -2107,6 +2165,12 @@ done:
     (void)a;
     (void)mp;
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if ((modBits == 256) && (!mp_is_bit_set(modulus, 224))) {
+       return sp_ecc_proj_add_point_sm2_256(P->x, P->y, P->z, Q->x, Q->y, Q->z,
+                                            R->x, R->y, R->z);
+    }
+#endif
 #ifndef WOLFSSL_SP_NO_256
     if (modBits == 256) {
         return sp_ecc_proj_add_point_256(P->x, P->y, P->z, Q->x, Q->y, Q->z,
@@ -2471,6 +2535,11 @@ static int _ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* a,
     (void)a;
     (void)mp;
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if ((modBits == 256) && (!mp_is_bit_set(modulus, 224))) {
+       return sp_ecc_proj_dbl_point_sm2_256(P->x, P->y, P->z, R->x, R->y, R->z);
+    }
+#endif
 #ifndef WOLFSSL_SP_NO_256
     if (modBits == 256) {
         return sp_ecc_proj_dbl_point_256(P->x, P->y, P->z, R->x, R->y, R->z);
@@ -2723,6 +2792,11 @@ done:
    (void)mp;
    (void)ct;
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+   if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+       return sp_ecc_map_sm2_256(P->x, P->y, P->z);
+   }
+#endif
 #ifndef WOLFSSL_SP_NO_256
    if (mp_count_bits(modulus) == 256) {
        return sp_ecc_map_256(P->x, P->y, P->z);
@@ -2906,21 +2980,11 @@ static int ecc_mulmod(const mp_int* k, ecc_point* tG, ecc_point* R,
 #else
 
 static int wc_ecc_gen_z(WC_RNG* rng, int size, ecc_point* p, mp_int* modulus,
-    mp_digit mp, mp_int* tx, mp_int* ty)
+    mp_digit mp, mp_int* tx, mp_int* ty, mp_int* mu)
 {
     int err = MP_OKAY;
-    DECL_MP_INT_SIZE_DYN(mu, mp_bitsused(modulus), MAX_ECC_BITS_USE);
 
-    NEW_MP_INT_SIZE(mu, mp_bitsused(modulus), NULL, DYNAMIC_TYPE_ECC);
-#ifdef MP_INT_SIZE_CHECK_NULL
-    if (mu == NULL)
-        err = MEMORY_E;
-#endif
-
-    if (err == MP_OKAY)
-        err = INIT_MP_INT_SIZE(mu, mp_bitsused(modulus));
-    if (err == MP_OKAY)
-        err = mp_montgomery_calc_normalization(mu, modulus);
+    err = mp_montgomery_calc_normalization(mu, modulus);
     /* Generate random value to multiply into p->z. */
     if (err == MP_OKAY)
         err = wc_ecc_gen_k(rng, size, ty, modulus);
@@ -2953,9 +3017,6 @@ static int wc_ecc_gen_z(WC_RNG* rng, int size, ecc_point* p, mp_int* modulus,
     if (err == MP_OKAY)
         err = mp_montgomery_reduce(p->y, modulus, mp);
 
-    mp_clear(mu);
-    FREE_MP_INT_SIZE(mu, NULL, DYNAMIC_TYPE_ECC);
-
     return err;
 }
 
@@ -2993,9 +3054,25 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
 #ifndef WC_NO_CACHE_RESISTANT
     /* First bit always 1 (fix at end) and swap equals first bit */
     int      swap = 1;
+#ifdef WOLFSSL_SMALL_STACK
+    mp_int*  tmp = NULL;
+#else
+    mp_int   tmp[1];
+#endif
 #endif
     int      infinity;
 
+#ifndef WC_NO_CACHE_RESISTANT
+#ifdef WOLFSSL_SMALL_STACK
+    tmp = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_ECC);
+    if (tmp == NULL) {
+        err = MEMORY_E;
+    }
+#endif
+    if (err == MP_OKAY)
+        err = mp_init(tmp);
+#endif
+
     /* Step 1: R[0] = P; R[1] = P */
     /* R[0] = P */
     if (err == MP_OKAY)
@@ -3015,9 +3092,9 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
 
     /* Randomize z ordinates to obfuscate timing. */
     if ((err == MP_OKAY) && (rng != NULL))
-        err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[2]->x, R[2]->y);
+        err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[2]->x, R[2]->y, kt);
     if ((err == MP_OKAY) && (rng != NULL))
-        err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[2]->x, R[2]->y);
+        err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[2]->x, R[2]->y, kt);
 
     if (err == MP_OKAY) {
         /* Order could be one greater than the size of the modulus. */
@@ -3050,12 +3127,18 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
 #else
         /* Swap R[0] and R[1] if other index is needed. */
         swap ^= (int)b;
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, swap);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, swap);
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, swap,
+                tmp);
+        }
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used, swap,
+                tmp);
+        }
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used, swap,
+                tmp);
+        }
         swap = (int)b;
 
         if (err == MP_OKAY)
@@ -3070,12 +3153,18 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
 #ifndef WC_NO_CACHE_RESISTANT
     /* Swap back if last bit is 0. */
     swap ^= 1;
-    if (err == MP_OKAY)
-        err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, swap);
-    if (err == MP_OKAY)
-        err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, swap);
-    if (err == MP_OKAY)
-        err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, swap);
+    if (err == MP_OKAY) {
+        err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, swap,
+            tmp);
+    }
+    if (err == MP_OKAY) {
+        err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used, swap,
+            tmp);
+    }
+    if (err == MP_OKAY) {
+        err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used, swap,
+            tmp);
+    }
 #endif
 
     /* Step 5: b = k[0]; R[b] = R[b] - P */
@@ -3094,21 +3183,32 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
                                                                      &infinity);
 #else
         /* Swap R[0] and R[1], if necessary, to operate on the one we want. */
-        err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, (int)b);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, (int)b);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, (int)b);
+        err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used, (int)b,
+            tmp);
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used,
+                (int)b, tmp);
+        }
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used,
+                (int)b, tmp);
+        }
         if (err == MP_OKAY)
             err = ecc_projective_add_point_safe(R[0], R[2], R[0], a, modulus,
                                                                  mp, &infinity);
         /* Swap back if necessary. */
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->x, R[1]->x, (int)modulus->used, (int)b);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->y, R[1]->y, (int)modulus->used, (int)b);
-        if (err == MP_OKAY)
-            err = mp_cond_swap_ct(R[0]->z, R[1]->z, (int)modulus->used, (int)b);
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->x, R[1]->x, (int)modulus->used,
+                (int)b, tmp);
+        }
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->y, R[1]->y, (int)modulus->used,
+                (int)b, tmp);
+        }
+        if (err == MP_OKAY) {
+            err = mp_cond_swap_ct_ex(R[0]->z, R[1]->z, (int)modulus->used,
+                (int)b, tmp);
+        }
 #endif
     }
 
@@ -3120,6 +3220,10 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
     if (err == MP_OKAY)
         err = mp_copy(R[0]->z, Q->z);
 
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WC_NO_CACHE_RESISTANT)
+    XFREE(tmp, NULL, DYNAMIC_TYPE_ECC);
+#endif
+
     return err;
 }
 
@@ -3211,10 +3315,10 @@ static int ecc_mulmod(const mp_int* k, ecc_point* P, ecc_point* Q,
     /* Randomize z ordinates to obfuscate timing. */
     if ((err == MP_OKAY) && (rng != NULL))
         err = wc_ecc_gen_z(rng, bytes, R[0], modulus, mp, R[TMP_IDX]->x,
-                           R[TMP_IDX]->y);
+                           R[TMP_IDX]->y, kt);
     if ((err == MP_OKAY) && (rng != NULL))
         err = wc_ecc_gen_z(rng, bytes, R[1], modulus, mp, R[TMP_IDX]->x,
-                           R[TMP_IDX]->y);
+                           R[TMP_IDX]->y, kt);
 
     if (err == MP_OKAY) {
         /* Order could be one greater than the size of the modulus. */
@@ -3595,6 +3699,11 @@ exit:
    }
 
 #ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+   if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+       return sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+   }
+#endif
 #ifndef WOLFSSL_SP_NO_256
    if (mp_count_bits(modulus) == 256) {
        return sp_ecc_mulmod_256(k, G, R, map, heap);
@@ -3795,6 +3904,11 @@ exit:
    (void)rng;
 
 #ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+   if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+       return sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+   }
+#endif
 #ifndef WOLFSSL_SP_NO_256
    if (mp_count_bits(modulus) == 256) {
        return sp_ecc_mulmod_256(k, G, R, map, heap);
@@ -4586,6 +4700,14 @@ int wc_ecc_shared_secret_gen_sync(ecc_key* private_key, ecc_point* point,
     }
     else
 #endif /* ! WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if (private_key->idx != ECC_CUSTOM_IDX &&
+                               ecc_sets[private_key->idx].id == ECC_SM2P256V1) {
+        err = sp_ecc_secret_gen_sm2_256(k, point, out, outlen,
+                                                             private_key->heap);
+    }
+    else
+#endif
 #ifdef WOLFSSL_SP_384
     if (private_key->idx != ECC_CUSTOM_IDX &&
         ecc_sets[private_key->idx].id == ECC_SECP384R1) {
@@ -4886,11 +5008,6 @@ int wc_ecc_shared_secret_ex(ecc_key* private_key, ecc_point* point,
             if (private_key->asyncDev.marker == WOLFSSL_ASYNC_MARKER_ECC) {
                 err = wc_ecc_shared_secret_gen_async(private_key, point,
                     out, outlen);
-                if (err == 0) {
-                    /* exit early */
-                    RESTORE_VECTOR_REGISTERS();
-                    return err;
-                }
             }
             else
         #endif
@@ -5024,6 +5141,7 @@ int wc_ecc_point_is_at_infinity(ecc_point* p)
 int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
 {
 #ifndef WC_NO_RNG
+#ifndef WOLFSSL_ECC_GEN_REJECT_SAMPLING
     int err;
     byte buf[ECC_MAXSIZE_GEN];
 
@@ -5066,6 +5184,54 @@ int wc_ecc_gen_k(WC_RNG* rng, int size, mp_int* k, mp_int* order)
 
     return err;
 #else
+    int err;
+    byte buf[ECC_MAXSIZE_GEN];
+    int bits;
+
+    if ((rng == NULL) || (size < 0) || (size + 8 > ECC_MAXSIZE_GEN) ||
+            (k == NULL) || (order == NULL)) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Get actual bit count of order. */
+    bits = mp_count_bits(order);
+    size = (bits + 7) >> 3;
+
+    /* generate number in range of order through rejection sampling. */
+    /* see section A.2.2 and A.4.2 in FIPS 186-5 */
+    do {
+        /* A.2.2 step 3: make up random string */
+        err = wc_RNG_GenerateBlock(rng, buf, (word32)size);
+    #ifdef WOLFSSL_CHECK_MEM_ZERO
+        wc_MemZero_Add("wc_ecc_gen_k buf", buf, size);
+    #endif
+        /* Generated multiple of 8 bits but now make it size of order. */
+        if ((bits & 0x7) > 0) {
+            buf[0] &= (1 << (bits & 0x7)) - 1;
+        }
+
+        /* A.2.2 step 4: convert to integer. */
+        /* A.4.2 step 3: Convert the bit string to integer x. */
+        if (err == 0) {
+            err = mp_read_unsigned_bin(k, buf, (word32)size);
+        }
+
+        /* A.4.2 step 4, 5: x must be in range [1, n-1] */
+        if ((err == MP_OKAY) && !mp_iszero(k) &&
+                (mp_cmp_ct(k, order, order->used) == MP_LT)) {
+            break;
+        }
+    }
+    while (err == MP_OKAY);
+
+    ForceZero(buf, ECC_MAXSIZE_GEN);
+#ifdef WOLFSSL_CHECK_MEM_ZERO
+    wc_MemZero_Check(buf, ECC_MAXSIZE_GEN);
+#endif
+
+    return err;
+#endif
+#else
     (void)rng;
     (void)size;
     (void)k;
@@ -5169,6 +5335,12 @@ static int ecc_make_pub_ex(ecc_key* key, ecc_curve_spec* curve,
         err = sp_ecc_mulmod_base_256(key->k, pub, 1, key->heap);
     }
     else
+#endif /* WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+        err = sp_ecc_mulmod_base_sm2_256(key->k, pub, 1, key->heap);
+    }
+    else
 #endif
 #ifdef WOLFSSL_SP_384
     if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
@@ -5367,7 +5539,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
         /* TODO: Not implemented */
     #elif defined(HAVE_INTEL_QA)
         /* Implemented in ecc_make_pub_ex for the pub calc */
-    #else
+    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
         if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_ECC_MAKE)) {
             WC_ASYNC_SW* sw = &key->asyncDev.sw;
             sw->eccMake.rng = rng;
@@ -5475,7 +5647,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
 
     WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->privKey), key->dp->size);
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(key->keyRaw),
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->keyRaw),
                                         2 * key->dp->size);
 
     err = XSecure_EllipticGenerateKey(&(key->xSec.cinst),
@@ -5487,7 +5659,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
         err = WC_HW_E;
     }
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(key->keyRaw),
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->keyRaw),
                                         2 * key->dp->size);
 
 #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
@@ -5546,6 +5718,15 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
     }
     else
 #endif /* !WOLFSSL_SP_NO_256 */
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+        err = sp_ecc_make_key_sm2_256(rng, key->k, &key->pubkey, key->heap);
+        if (err == MP_OKAY) {
+            key->type = ECC_PRIVATEKEY;
+        }
+    }
+    else
+#endif
 #ifdef WOLFSSL_SP_384
     if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
     #ifndef WC_ECC_NONBLOCK
@@ -5612,6 +5793,7 @@ static int _ecc_make_key_ex(WC_RNG* rng, int keysize, ecc_key* key,
 #ifndef ALT_ECC_SIZE
         err = mp_init(key->k);
 #else
+        err = 0;
         key->k = (mp_int*)key->ka;
         alt_fp_init(key->k);
 #endif
@@ -6186,7 +6368,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
         WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(key->privKey), keysize);
         WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(K), keysize);
 
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(out), keysize * 2);
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(out), keysize * 2);
 
         err = XSecure_EllipticGenerateSign(&(key->xSec.cinst),
                                            xil_curve_type[key->dp->id],
@@ -6199,7 +6381,7 @@ static int wc_ecc_sign_hash_hw(const byte* in, word32 inlen,
             err = WC_HW_E;
         }
 
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(XIL_CAST_U64(out), keysize * 2);
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE(XIL_CAST_U64(out), keysize * 2);
         mp_reverse(&out[0], keysize);
         mp_reverse(&out[keysize], keysize);
 
@@ -6753,6 +6935,16 @@ static int ecc_sign_hash_sp(const byte* in, word32 inlen, WC_RNG* rng,
         #endif
         }
     #endif
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+        if (ecc_sets[key->idx].id == ECC_SM2P256V1) {
+            int ret;
+            SAVE_VECTOR_REGISTERS(return _svr_ret;);
+            ret = sp_ecc_sign_sm2_256(in, inlen, rng, key->k, r, s, sign_k,
+                key->heap);
+            RESTORE_VECTOR_REGISTERS();
+            return ret;
+        }
+    #endif
     #ifdef WOLFSSL_SP_384
         if (ecc_sets[key->idx].id == ECC_SECP384R1) {
         #ifdef WC_ECC_NONBLOCK
@@ -6870,6 +7062,9 @@ int wc_ecc_sign_hash_ex(const byte* in, word32 inlen, WC_RNG* rng,
     #ifndef WOLFSSL_SP_NO_256
          && ecc_sets[key->idx].id != ECC_SECP256R1
     #endif
+    #ifdef WOLFSSL_SP_SM2
+         && ecc_sets[key->idx].id != ECC_SM2P256V1
+    #endif
     #ifdef WOLFSSL_SP_384
          && ecc_sets[key->idx].id != ECC_SECP384R1
     #endif
@@ -7539,7 +7734,10 @@ int wc_ecc_free(ecc_key* key)
     mp_clear(key->pubkey.y);
     mp_clear(key->pubkey.z);
 
-    mp_forcezero(key->k);
+#ifdef ALT_ECC_SIZE
+    if (key->k)
+#endif
+        mp_forcezero(key->k);
 
 #ifdef WOLFSSL_CUSTOM_CURVES
     if (key->deallocSet && key->dp != NULL)
@@ -7658,6 +7856,13 @@ int ecc_projective_dbl_point_safe(ecc_point *P, ecc_point *R, mp_int* a,
     }
     else {
         err = _ecc_projective_dbl_point(P, R, a, modulus, mp);
+        if ((err == MP_OKAY) && mp_iszero(R->z)) {
+           err = mp_set(R->x, 0);
+           if (err == MP_OKAY)
+               err = mp_set(R->y, 0);
+           if (err == MP_OKAY)
+               err = mp_set(R->z, 1);
+        }
     }
 
     return err;
@@ -8244,6 +8449,7 @@ static int wc_ecc_check_r_s_range(ecc_key* key, mp_int* r, mp_int* s)
 }
 #endif /* !WOLFSSL_STM32_PKA && !WOLFSSL_PSOC6_CRYPTO */
 
+#ifdef HAVE_ECC_VERIFY_HELPER
 static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
     word32 hashlen, int* res, ecc_key* key)
 {
@@ -8270,6 +8476,9 @@ static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
     #ifndef WOLFSSL_SP_NO_256
          && ecc_sets[key->idx].id != ECC_SECP256R1
     #endif
+    #ifdef WOLFSSL_SP_SM2
+         && ecc_sets[key->idx].id != ECC_SM2P256V1
+    #endif
     #ifdef WOLFSSL_SP_384
          && ecc_sets[key->idx].id != ECC_SECP384R1
     #endif
@@ -8319,6 +8528,21 @@ static int ecc_verify_hash_sp(mp_int *r, mp_int *s, const byte* hash,
         #endif
         }
     #endif
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+        if (ecc_sets[key->idx].id == ECC_SM2P256V1) {
+            #if defined(FP_ECC_CONTROL) && !defined(WOLFSSL_DSP_BUILD)
+            return sp_ecc_cache_verify_sm2_256(hash, hashlen, key->pubkey.x,
+                key->pubkey.y, key->pubkey.z, r, s, res,
+                sp_ecc_get_cache_entry_256(&(key->pubkey), ECC_SM2P256V1,
+                                          key->fpIdx, key->fpBuild, key->heap),
+                key->heap);
+            #endif
+            #if !defined(FP_ECC_CONTROL)
+            return sp_ecc_verify_sm2_256(hash, hashlen, key->pubkey.x,
+                key->pubkey.y, key->pubkey.z, r, s, res, key->heap);
+            #endif
+        }
+    #endif
     #ifdef WOLFSSL_SP_384
         if (ecc_sets[key->idx].id == ECC_SECP384R1) {
         #ifdef WC_ECC_NONBLOCK
@@ -8616,6 +8840,7 @@ static int ecc_verify_hash(mp_int *r, mp_int *s, const byte* hash,
    return err;
 }
 #endif /* !WOLFSSL_SP_MATH || FREESCALE_LTC_ECC */
+#endif /* HAVE_ECC_VERIFY_HELPER */
 
 /**
    Verify an ECC signature
@@ -8692,10 +8917,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
     }
 #endif
 
-#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
-    defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
-    defined(WOLFSSL_KCAPI_ECC) || defined(WOLFSSL_SE050) || \
-    defined(WOLFSSL_XILINX_CRYPT_VERSAL)
+#ifndef HAVE_ECC_VERIFY_HELPER
 
 #ifndef WOLFSSL_SE050
     /* Extract R and S with front zero padding (if required),
@@ -8842,7 +9064,7 @@ int wc_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
    (void)curveLoaded;
    wc_ecc_curve_free(curve);
    FREE_CURVE_SPECS();
-#endif /* WOLFSSL_ATECC508A */
+#endif /* HAVE_ECC_VERIFY_HELPER */
 
    (void)keySz;
    (void)hashlen;
@@ -8942,6 +9164,13 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
         }
         else
         #endif
+        #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+        if (curve_idx != ECC_CUSTOM_IDX &&
+                                      ecc_sets[curve_idx].id == ECC_SM2P256V1) {
+            sp_ecc_uncompress_sm2_256(point->x, pointType, point->y);
+        }
+        else
+        #endif
         #ifdef WOLFSSL_SP_384
         if (curve_idx != ECC_CUSTOM_IDX &&
                                       ecc_sets[curve_idx].id == ECC_SECP384R1) {
@@ -9089,7 +9318,7 @@ int wc_ecc_import_point_der_ex(const byte* in, word32 inLen,
     return err;
 }
 
-/* function for backwards compatiblity with previous implementations */
+/* function for backwards compatibility with previous implementations */
 int wc_ecc_import_point_der(const byte* in, word32 inLen, const int curve_idx,
                             ecc_point* point)
 {
@@ -9487,6 +9716,11 @@ static int _ecc_is_point(ecc_point* ecp, mp_int* a, mp_int* b, mp_int* prime)
    (void)b;
 
 #ifdef WOLFSSL_HAVE_SP_ECC
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+   if ((mp_count_bits(prime) == 256) && (!mp_is_bit_set(prime, 224))) {
+       return sp_ecc_is_point_sm2_256(ecp->x, ecp->y);
+   }
+#endif
 #ifndef WOLFSSL_SP_NO_256
    if (mp_count_bits(prime) == 256) {
        return sp_ecc_is_point_256(ecp->x, ecp->y);
@@ -9582,6 +9816,14 @@ static int ecc_check_privkey_gen(ecc_key* key, mp_int* a, mp_int* prime)
     }
     else
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+        if (err == MP_OKAY) {
+            err = sp_ecc_mulmod_base_sm2_256(key->k, res, 1, key->heap);
+        }
+    }
+    else
+#endif
 #ifdef WOLFSSL_SP_384
     if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
         if (err == MP_OKAY) {
@@ -9783,7 +10025,7 @@ static int _ecc_pairwise_consistency_test(ecc_key* key, WC_RNG* rng)
 }
 #endif /* (FIPS v5 or later || WOLFSSL_VALIDATE_ECC_KEYGEN) &&!WOLFSSL_KCAPI_ECC */
 
-#ifndef WOLFSSL_SP_MATH
+#ifdef HAVE_ECC_CHECK_PUBKEY_ORDER
 /* validate order * pubkey = point at infinity, 0 on success */
 static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
         mp_int* prime, mp_int* order)
@@ -9815,6 +10057,13 @@ static int ecc_check_pubkey_order(ecc_key* key, ecc_point* pubkey, mp_int* a,
         }
         else
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+        if (key->idx != ECC_CUSTOM_IDX &&
+                                       ecc_sets[key->idx].id == ECC_SM2P256V1) {
+            err = sp_ecc_mulmod_sm2_256(order, pubkey, inf, 1, key->heap);
+        }
+        else
+#endif
 #ifdef WOLFSSL_SP_384
         if (key->idx != ECC_CUSTOM_IDX &&
                                        ecc_sets[key->idx].id == ECC_SECP384R1) {
@@ -9920,6 +10169,12 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
             key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
     }
 #endif
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SM2P256V1) {
+        return sp_ecc_check_key_sm2_256(key->pubkey.x, key->pubkey.y,
+            key->type == ECC_PRIVATEKEY ? key->k : NULL, key->heap);
+    }
+#endif
 #ifdef WOLFSSL_SP_384
     if (key->idx != ECC_CUSTOM_IDX && ecc_sets[key->idx].id == ECC_SECP384R1) {
         return sp_ecc_check_key_384(key->pubkey.x, key->pubkey.y,
@@ -9941,11 +10196,7 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
 #endif
 
 #ifndef WOLFSSL_SP_MATH
-#if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
-    defined(WOLFSSL_CRYPTOCELL) || defined(WOLFSSL_SILABS_SE_ACCEL) || \
-    defined(WOLFSSL_SE050) || defined(WOLF_CRYPTO_CB_ONLY_ECC) || \
-    defined(WOLFSSL_XILINX_CRYPT_VERSAL) || defined(WOLFSSL_STM32_PKA)
-
+#ifndef HAVE_ECC_CHECK_PUBKEY_ORDER
     /* consider key check success on HW crypto
      * ex: ATECC508/608A, CryptoCell and Silabs
      *
@@ -10077,7 +10328,8 @@ static int _ecc_validate_public_key(ecc_key* key, int partial, int priv)
 #endif
 
     FREE_CURVE_SPECS();
-#endif /* HW Based Crypto */
+#endif /* HAVE_ECC_CHECK_PUBKEY_ORDER */
+
 #else
     err = WC_KEY_SIZE_E;
 #endif /* !WOLFSSL_SP_MATH */
@@ -10300,6 +10552,12 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
         }
         else
     #endif
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+        if (key->dp->id == ECC_SM2P256V1) {
+            sp_ecc_uncompress_sm2_256(key->pubkey.x, pointType, key->pubkey.y);
+        }
+        else
+    #endif
     #ifdef WOLFSSL_SP_384
         if (key->dp->id == ECC_SECP384R1) {
             err = sp_ecc_uncompress_384(key->pubkey.x, pointType,
@@ -10350,7 +10608,7 @@ int wc_ecc_import_x963_ex(const byte* in, word32 inLen, ecc_key* key,
     }
 #elif defined(WOLFSSL_SILABS_SE_ACCEL)
     if (err == MP_OKAY)
-        err = silabs_ecc_import(key, keysize);
+        err = silabs_ecc_import(key, keysize, 1, 0);
 #elif defined(WOLFSSL_SE050)
     if (err == MP_OKAY) {
         /* reset key ID, in case used before */
@@ -10597,18 +10855,6 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
 
         ret = mp_read_unsigned_bin(key->k, priv, privSz);
     }
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    if (ret == MP_OKAY)
-        ret = mp_read_unsigned_bin(key->k, priv, privSz);
-
-    if (ret == MP_OKAY) {
-        if (pub) {
-            ret = silabs_ecc_import(key, key->dp->size);
-        }
-        else {
-            ret = silabs_ecc_import_private(key, key->dp->size);
-        }
-    }
 #elif defined(WOLFSSL_QNX_CAAM) || defined(WOLFSSL_IMXRT1170_CAAM)
     if ((wc_ecc_size(key) + WC_CAAM_MAC_SZ) == (int)privSz) {
     #ifdef WOLFSSL_CAAM_BLACK_KEY_SM
@@ -10699,6 +10945,13 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
         if (ret == 0) {
             ret = mp_read_radix(order, key->dp->order, MP_RADIX_HEX);
         }
+    #ifdef WOLFSSL_SM2
+        /* SM2 curve: private key must be less than order-1. */
+        if ((ret == 0) && (key->idx != ECC_CUSTOM_IDX) &&
+                (ecc_sets[key->idx].id == ECC_SM2P256V1)) {
+            ret = mp_sub_d(order, 1, order);
+        }
+    #endif
         if ((ret == 0) && (mp_cmp(key->k, order) != MP_LT)) {
             ret = ECC_PRIV_KEY_E;
         }
@@ -10726,6 +10979,10 @@ int wc_ecc_import_private_key_ex(const byte* priv, word32 privSz,
     if (ret == 0) {
         ret = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
     }
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+    if (ret == 0) {
+        ret = silabs_ecc_import(key, key->dp->size, (pub != NULL), 1);
+    }
 #endif
 
     return ret;
@@ -10866,7 +11123,7 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
 #endif
 
 #if defined(WOLFSSL_ATECC508A) || defined(WOLFSSL_ATECC608A) || \
-    defined(WOLFSSL_SILABS_SE_ACCEL) || defined(WOLFSSL_CRYPTOCELL)
+    defined(WOLFSSL_CRYPTOCELL)
     word32 keySz = 0;
 #endif
 
@@ -10955,11 +11212,6 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
             err = wc_export_int(key->pubkey.y, &key->pubkey_raw[keySz],
                 &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
     }
-#elif defined(WOLFSSL_SILABS_SE_ACCEL)
-    keySz = key->dp->size;
-    if (err == MP_OKAY) {
-        err = silabs_ecc_sig_to_rs(key, keySz);
-    }
 #elif defined(WOLFSSL_CRYPTOCELL)
     if (err == MP_OKAY) {
         keyRaw[0] = ECC_POINT_UNCOMP;
@@ -11039,9 +11291,6 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
             /* Hardware doesn't support loading private key */
             err = NOT_COMPILED_IN;
 
-        #elif defined(WOLFSSL_SILABS_SE_ACCEL)
-            err = silabs_ecc_import_private_raw(key, keySz, d, encType);
-
         #elif defined(WOLFSSL_CRYPTOCELL)
             key->type = ECC_PRIVATEKEY;
 
@@ -11123,6 +11372,10 @@ static int wc_ecc_import_raw_private(ecc_key* key, const char* qx,
     if (err == MP_OKAY) {
         err = wc_MAXQ10XX_EccSetKey(key, key->dp->size);
     }
+#elif defined(WOLFSSL_SILABS_SE_ACCEL)
+    if (err == MP_OKAY) {
+        err = silabs_ecc_import(key, key->dp->size, 1, (d != NULL));
+    }
 #endif
 
     if (err != MP_OKAY) {
@@ -12856,10 +13109,19 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
         return IS_POINT_E;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+        int ret;
+        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        ret = sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+        RESTORE_VECTOR_REGISTERS();
+        return ret;
+    }
+#endif
 #ifndef WOLFSSL_SP_NO_256
     if (mp_count_bits(modulus) == 256) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_256(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -12868,7 +13130,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
 #ifdef WOLFSSL_SP_384
     if (mp_count_bits(modulus) == 384) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_384(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -12877,7 +13139,7 @@ int wc_ecc_mulmod_ex(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
 #ifdef WOLFSSL_SP_521
     if (mp_count_bits(modulus) == 521) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_521(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -13025,10 +13287,19 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
         return IS_POINT_E;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SP_SM2)
+    if ((mp_count_bits(modulus) == 256) && (!mp_is_bit_set(modulus, 224))) {
+        int ret;
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
+        ret = sp_ecc_mulmod_sm2_256(k, G, R, map, heap);
+        RESTORE_VECTOR_REGISTERS();
+        return ret;
+    }
+#endif
 #ifndef WOLFSSL_SP_NO_256
     if (mp_count_bits(modulus) == 256) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_256(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -13037,7 +13308,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
 #ifdef WOLFSSL_SP_384
     if (mp_count_bits(modulus) == 384) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_384(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -13046,7 +13317,7 @@ int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
 #ifdef WOLFSSL_SP_521
     if (mp_count_bits(modulus) == 521) {
         int ret;
-        SAVE_VECTOR_REGISTERS(return _svr_ret);
+        SAVE_VECTOR_REGISTERS(return _svr_ret;);
         ret = sp_ecc_mulmod_521(k, G, R, map, heap);
         RESTORE_VECTOR_REGISTERS();
         return ret;
@@ -13620,7 +13891,9 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
         ret = wc_ecc_shared_secret(privKey, pubKey, sharedSecret + pubKeySz,
                                                                      &sharedSz);
     #endif
-    } while (ret == WC_PENDING_E);
+    }
+    while (ret == WC_PENDING_E);
+
     if (ret == 0) {
     #ifdef WOLFSSL_ECIES_ISO18033
         /* KDF data is encoded public key and secret. */
@@ -13632,6 +13905,30 @@ int wc_ecc_encrypt_ex(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
                            ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
                            keys, (word32)keysLen);
                 break;
+            case ecHKDF_SHA1 :
+                ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt,
+                           ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+                           keys, (word32)keysLen);
+                break;
+#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER)
+            case ecKDF_X963_SHA1 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+                           ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+                break;
+            case ecKDF_X963_SHA256 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+                           ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+                break;
+            case ecKDF_SHA1 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+                           NULL, 0, keys, (word32)keysLen);
+                break;
+            case ecKDF_SHA256 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+                           NULL, 0, keys, (word32)keysLen);
+                break;
+#endif
+
 
             default:
                 ret = BAD_FUNC_ARG;
@@ -14027,6 +14324,29 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
                            ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
                            keys, (word32)keysLen);
                 break;
+            case ecHKDF_SHA1 :
+                ret = wc_HKDF(WC_SHA, sharedSecret, sharedSz, ctx->kdfSalt,
+                           ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz,
+                           keys, (word32)keysLen);
+                break;
+#if defined(HAVE_X963_KDF) && !defined(NO_HASH_WRAPPER)
+            case ecKDF_X963_SHA1 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+                           ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+                break;
+            case ecKDF_X963_SHA256 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+                           ctx->kdfInfo, ctx->kdfInfoSz, keys, (word32)keysLen);
+                break;
+            case ecKDF_SHA1 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA, sharedSecret, sharedSz,
+                           NULL, 0, keys, (word32)keysLen);
+                break;
+            case ecKDF_SHA256 :
+                ret = wc_X963_KDF(WC_HASH_TYPE_SHA256, sharedSecret, sharedSz,
+                           NULL, 0, keys, (word32)keysLen);
+                break;
+#endif
 
             default:
                 ret = BAD_FUNC_ARG;
@@ -14213,9 +14533,10 @@ int wc_ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg,
     !defined(WOLFSSL_CRYPTOCELL)
 
 #ifndef WOLFSSL_SP_MATH
+#if !defined(SQRTMOD_USE_MOD_EXP)
 /* computes the jacobi c = (a | n) (or Legendre if n is prime)
  */
-int mp_jacobi(mp_int* a, mp_int* n, int* c)
+static int mp_jacobi(mp_int* a, mp_int* n, int* c)
 {
 #ifdef WOLFSSL_SMALL_STACK
     mp_int*  a1 = NULL;
@@ -14332,6 +14653,7 @@ done:
 
   return res;
 }
+#endif /* !SQRTMOD_USE_MOD_EXP */
 
 
 /* Solves the modular equation x^2 = n (mod p)
@@ -14339,20 +14661,46 @@ done:
  * The result is returned in the third argument x
  * the function returns MP_OKAY on success, MP_VAL or another error on failure
  */
-int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
+static int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
 {
-#ifdef SQRTMOD_USE_MOD_EXP
+#if defined(SQRTMOD_USE_MOD_EXP)
   int res;
-
+  mp_digit i;
   mp_int e;
 
+  /* first handle the simple cases n = 0 or n = 1 */
+  if (mp_cmp_d(n, 0) == MP_EQ) {
+      mp_zero(ret);
+      return MP_OKAY;
+  }
+  if (mp_cmp_d(n, 1) == MP_EQ) {
+      return mp_set(ret, 1);
+  }
+
+  if (mp_iseven(prime)) {
+      return MP_VAL;
+  }
+
   SAVE_VECTOR_REGISTERS(return _svr_ret;);
 
   res = mp_init(&e);
   if (res == MP_OKAY)
+      res = mp_mod_d(prime, 8, &i);
+  if (res == MP_OKAY && i == 1) {
+      return MP_VAL;
+  }
+  /* prime mod 8 = 5 */
+  else if (res == MP_OKAY && i == 5) {
+      res = mp_sub_d(prime, 1, &e);
+      if (res == MP_OKAY)
+          res = mp_div_2d(&e, 2, &e, NULL);
+  }
+  /* prime mod 4 = 3 */
+  else if (res == MP_OKAY && ((i == 3) || (i == 7))) {
       res = mp_add_d(prime, 1, &e);
-  if (res == MP_OKAY)
-      res = mp_div_2d(&e, 2, &e, NULL);
+      if (res == MP_OKAY)
+          res = mp_div_2d(&e, 2, &e, NULL);
+  }
   if (res == MP_OKAY)
       res = mp_exptmod(n, &e, prime, ret);
 
@@ -14491,9 +14839,24 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
       if (res == MP_OKAY && legendre == -1)
         break;
 
+#if defined(WOLFSSL_CUSTOM_CURVES)
+      /* P224R1 succeeds with a value of 11. */
+      if (mp_cmp_d(Z, 22) == MP_EQ) {
+        /* This is to clamp the loop in case 'prime' is not really prime */
+        res = MP_VAL;
+        break;
+      }
+#endif
+
       /* Z = Z + 1 */
       if (res == MP_OKAY)
         res = mp_add_d(Z, 1, Z);
+
+      if ((res == MP_OKAY) && (mp_cmp(Z,prime) == MP_EQ)) {
+        /* This is to clamp the loop in case 'prime' is not really prime */
+        res = MP_VAL;
+        break;
+      }
     }
 
     /* C = Z ^ Q mod prime */
@@ -14530,6 +14893,11 @@ int mp_sqrtmod_prime(mp_int* n, mp_int* prime, mp_int* ret)
         if (mp_cmp_d(t1, 1) == MP_EQ)
             break;
         res = mp_exptmod(t1, two, prime, t1);
+        if ((res == MP_OKAY) && (mp_cmp_d(M,i) == MP_EQ)) {
+          /* This is to clamp the loop in case 'prime' is not really prime */
+          res = MP_VAL;
+          break;
+        }
         if (res == MP_OKAY)
           i++;
       }
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c b/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
index ed2e2b8b..836243be 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/eccsi.c
@@ -1350,15 +1350,13 @@ static int eccsi_mulmod_base_add(EccsiKey* key, const mp_int* n,
 {
     int err = 0;
 
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
     if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
             (ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
         err = sp_ecc_mulmod_base_add_256(n, a, 1, res, map, key->heap);
     }
     else
 #endif
-#endif
 #ifndef WOLFSSL_SP_MATH
     {
         EccsiKeyParams* params = &key->params;
@@ -1377,7 +1375,12 @@ static int eccsi_mulmod_base_add(EccsiKey* key, const mp_int* n,
     {
         err = NOT_COMPILED_IN;
     }
+    (void)key;
+    (void)n;
+    (void)a;
+    (void)res;
     (void)mp;
+    (void)map;
 #endif
 
     return err;
@@ -1401,15 +1404,13 @@ static int eccsi_mulmod_point(EccsiKey* key, const mp_int* n, ecc_point* point,
 {
     int err;
 
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
     if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
             (ecc_sets[key->ecc.idx].id == ECC_SECP256R1)) {
         err = sp_ecc_mulmod_256(n, point, res, map, key->heap);
     }
     else
 #endif
-#endif
     {
         EccsiKeyParams* params = &key->params;
 
@@ -1437,8 +1438,7 @@ static int eccsi_mulmod_point(EccsiKey* key, const mp_int* n, ecc_point* point,
 static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
         ecc_point* point, ecc_point* a, ecc_point* res, mp_digit mp, int map)
 {
-#ifdef WOLFSSL_HAVE_SP_ECC
-#ifndef WOLFSSL_SP_NO_256
+#if defined(WOLFSSL_HAVE_SP_ECC) && !defined(WOLFSSL_SP_NO_256)
     int err = NOT_COMPILED_IN;
 
     if ((key->ecc.idx != ECC_CUSTOM_IDX) &&
@@ -1449,7 +1449,6 @@ static int eccsi_mulmod_point_add(EccsiKey* key, const mp_int* n,
     (void)mp;
 
     return err;
-#endif
 #else
     int err;
     EccsiKeyParams* params = &key->params;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
index 3b9988bc..6dfb7a0f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ed25519.c
@@ -182,11 +182,12 @@ static int ed25519_hash(ed25519_key* key, const byte* in, word32 inLen,
     return ret;
 }
 
+#ifdef HAVE_ED25519_MAKE_KEY
 int wc_ed25519_make_public(ed25519_key* key, unsigned char* pubKey,
                            word32 pubKeySz)
 {
     int   ret = 0;
-    byte  az[ED25519_PRV_KEY_SIZE];
+    ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
 #if !defined(FREESCALE_LTC_ECC)
     ge_p3 A;
 #endif
@@ -267,6 +268,7 @@ int wc_ed25519_make_key(WC_RNG* rng, int keySz, ed25519_key* key)
 
     return ret;
 }
+#endif /* HAVE_ED25519_MAKE_KEY */
 
 
 #ifdef HAVE_ED25519_SIGN
@@ -294,14 +296,14 @@ int wc_ed25519_sign_msg_ex(const byte* in, word32 inLen, byte* out,
     ret = se050_ed25519_sign_msg(in, inLen, out, outLen, key);
 #else
 #ifdef FREESCALE_LTC_ECC
-    byte   tempBuf[ED25519_PRV_KEY_SIZE];
+    ALIGN16 byte tempBuf[ED25519_PRV_KEY_SIZE];
     ltc_pkha_ecc_point_t ltcPoint = {0};
 #else
     ge_p3  R;
 #endif
-    byte   nonce[WC_SHA512_DIGEST_SIZE];
-    byte   hram[WC_SHA512_DIGEST_SIZE];
-    byte   az[ED25519_PRV_KEY_SIZE];
+    ALIGN16 byte nonce[WC_SHA512_DIGEST_SIZE];
+    ALIGN16 byte hram[WC_SHA512_DIGEST_SIZE];
+    ALIGN16 byte az[ED25519_PRV_KEY_SIZE];
 
     /* sanity check on arguments */
     if (in == NULL || out == NULL || outLen == NULL || key == NULL ||
@@ -615,8 +617,8 @@ static int ed25519_verify_msg_final_with_sha(const byte* sig, word32 sigLen,
                                              int* res, ed25519_key* key,
                                              wc_Sha512 *sha)
 {
-    byte   rcheck[ED25519_KEY_SIZE];
-    byte   h[WC_SHA512_DIGEST_SIZE];
+    ALIGN16 byte rcheck[ED25519_KEY_SIZE];
+    ALIGN16 byte h[WC_SHA512_DIGEST_SIZE];
 #ifndef FREESCALE_LTC_ECC
     ge_p3  A;
     ge_p2  R;
@@ -1236,7 +1238,8 @@ int wc_ed25519_export_key(ed25519_key* key,
 int wc_ed25519_check_key(ed25519_key* key)
 {
     int ret = 0;
-    unsigned char pubKey[ED25519_PUB_KEY_SIZE];
+#ifdef HAVE_ED25519_MAKE_KEY
+    ALIGN16 unsigned char pubKey[ED25519_PUB_KEY_SIZE];
 
     if (!key->pubKeySet)
         ret = PUBLIC_KEY_E;
@@ -1244,6 +1247,9 @@ int wc_ed25519_check_key(ed25519_key* key)
         ret = wc_ed25519_make_public(key, pubKey, sizeof(pubKey));
     if (ret == 0 && XMEMCMP(pubKey, key->p, ED25519_PUB_KEY_SIZE) != 0)
         ret = PUBLIC_KEY_E;
+#else
+     (void)key;
+#endif /* HAVE_ED25519_MAKE_KEY */
 
     return ret;
 }
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
index 3bd9972e..8eb83372 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ed448.c
@@ -168,7 +168,7 @@ static int ed448_hash(ed448_key* key, const byte* in, word32 inLen,
 /* Derive the public key for the private key.
  *
  * key       [in]  Ed448 key object.
- * pubKey    [in]  Byte array to hold te public key.
+ * pubKey    [in]  Byte array to hold the public key.
  * pubKeySz  [in]  Size of the array in bytes.
  * returns BAD_FUNC_ARG when key is NULL or pubKeySz is not equal to
  *         ED448_PUB_KEY_SIZE,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/error.c b/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
index 27bf6538..929e0bfd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/error.c
@@ -63,7 +63,7 @@ const char* wc_GetErrorString(int error)
     case WC_PENDING_E:
         return "wolfCrypt Operation Pending (would block / eagain) error";
 
-    case WC_NOT_PENDING_E:
+    case WC_NO_PENDING_E:
         return "wolfCrypt operation not pending error";
 
     case MP_INIT_E :
@@ -589,6 +589,18 @@ const char* wc_GetErrorString(int error)
     case ASN_LEN_E:
         return "ASN.1 length invalid";
 
+    case SM4_GCM_AUTH_E:
+        return "SM4-GCM Authentication check fail";
+
+    case SM4_CCM_AUTH_E:
+        return "SM4-CCM Authentication check fail";
+
+    case FIPS_DEGRADED_E:
+        return "FIPS module in DEGRADED mode";
+
+    case AES_EAX_AUTH_E:
+        return "AES-EAX Authentication check fail";
+
     default:
         return "unknown error number";
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
index 0316b34f..cdda3947 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/evp.c
@@ -47,7 +47,6 @@
 #include <wolfssl/openssl/kdf.h>
 #include <wolfssl/wolfcrypt/wolfmath.h>
 
-
 static const struct s_ent {
     const enum wc_HashType macType;
     const int nid;
@@ -101,6 +100,9 @@ static const struct s_ent {
 #ifndef WOLFSSL_NOSHA3_512
     {WC_HASH_TYPE_SHA3_512, NID_sha3_512, "SHA3_512"},
 #endif
+#ifdef WOLFSSL_SM3
+    {WC_HASH_TYPE_SM3, NID_sm3, "SM3"},
+#endif /* WOLFSSL_SHA512 */
 #ifdef HAVE_BLAKE2
     {WC_HASH_TYPE_BLAKE2B, NID_blake2b512, "BLAKE2B512"},
 #endif
@@ -144,14 +146,16 @@ static const struct s_ent {
     #endif
     #endif /* WOLFSSL_AES_OFB */
 
-    #ifdef WOLFSSL_AES_XTS
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
         static const char EVP_AES_128_XTS[] = "AES-128-XTS";
     #endif
     #ifdef WOLFSSL_AES_256
         static const char EVP_AES_256_XTS[] = "AES-256-XTS";
     #endif
-    #endif /* WOLFSSL_AES_XTS */
+    #endif /* WOLFSSL_AES_XTS &&
+              (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
 
     #ifdef WOLFSSL_AES_CFB
     #ifdef WOLFSSL_AES_128
@@ -234,6 +238,13 @@ static const struct s_ent {
     #endif
 #endif
 
+#ifdef HAVE_ARIA
+    #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+    static const char EVP_ARIA_128_GCM[] = "ARIA-128-GCM";
+    static const char EVP_ARIA_192_GCM[] = "ARIA-192-GCM";
+    static const char EVP_ARIA_256_GCM[] = "ARIA-256-GCM";
+#endif
+
 #ifndef NO_DES3
     static const char EVP_DES_CBC[] = "DES-CBC";
     static const char EVP_DES_ECB[] = "DES-ECB";
@@ -254,6 +265,22 @@ static const struct s_ent {
     static const char EVP_CHACHA20[] = "CHACHA20";
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+    static const char EVP_SM4_ECB[] = "SM4-ECB";
+#endif /* WOLFSSL_SM4_ECB */
+#ifdef WOLFSSL_SM4_CBC
+    static const char EVP_SM4_CBC[] = "SM4-CBC";
+#endif /* WOLFSSL_SM4_CBC */
+#ifdef WOLFSSL_SM4_CTR
+    static const char EVP_SM4_CTR[] = "SM4-CTR";
+#endif /* WOLFSSL_SM4_CTR */
+#ifdef WOLFSSL_SM4_GCM
+    static const char EVP_SM4_GCM[] = "SM4-GCM";
+#endif /* WOLFSSL_SM4_GCM */
+#ifdef WOLFSSL_SM4_CCM
+    static const char EVP_SM4_CCM[] = "SM4-CCM";
+#endif /* WOLFSSL_SM4_CCM */
+
 static const char EVP_NULL[] = "NULL";
 
 #define EVP_CIPHER_TYPE_MATCHES(x, y) (XSTRCMP(x,y) == 0)
@@ -305,7 +332,7 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
       case AES_192_OFB_TYPE: return 24;
       case AES_256_OFB_TYPE: return 32;
   #endif
-  #if defined(WOLFSSL_AES_XTS)
+  #if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
       /* Two keys for XTS. */
       case AES_128_XTS_TYPE: return 16 * 2;
       case AES_256_XTS_TYPE: return 32 * 2;
@@ -343,6 +370,21 @@ int wolfSSL_EVP_Cipher_key_length(const WOLFSSL_EVP_CIPHER* c)
   #ifdef HAVE_CHACHA
       case CHACHA20_TYPE: return CHACHA_MAX_KEY_SZ;
   #endif
+  #ifdef WOLFSSL_SM4_ECB
+      case SM4_ECB_TYPE:      return 16;
+  #endif
+  #ifdef WOLFSSL_SM4_CBC
+      case SM4_CBC_TYPE:      return 16;
+  #endif
+  #ifdef WOLFSSL_SM4_CTR
+      case SM4_CTR_TYPE:      return 16;
+  #endif
+  #ifdef WOLFSSL_SM4_GCM
+      case SM4_GCM_TYPE:      return 16;
+  #endif
+  #ifdef WOLFSSL_SM4_CCM
+      case SM4_CCM_TYPE:      return 16;
+  #endif
       default:
           return 0;
       }
@@ -390,7 +432,7 @@ int  wolfSSL_EVP_DecryptInit_ex(WOLFSSL_EVP_CIPHER_CTX* ctx,
 
 WOLFSSL_EVP_CIPHER_CTX *wolfSSL_EVP_CIPHER_CTX_new(void)
 {
-    WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof *ctx,
+    WOLFSSL_EVP_CIPHER_CTX *ctx = (WOLFSSL_EVP_CIPHER_CTX*)XMALLOC(sizeof(*ctx),
                                                  NULL, DYNAMIC_TYPE_TMP_BUFFER);
     if (ctx) {
         WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_new");
@@ -495,7 +537,7 @@ int  wolfSSL_EVP_DecryptFinal_ex(WOLFSSL_EVP_CIPHER_CTX *ctx,
 #define PRINT_BUF(b, sz) { int _i; for(_i=0; _i<(sz); _i++) { \
   printf("%02x(%c),", (b)[_i], (b)[_i]); if ((_i+1)%8==0)printf("\n");}}
 #else
-#define PRINT_BUF(b, sz)
+#define PRINT_BUF(b, sz) WC_DO_NOTHING
 #endif
 
 static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz)
@@ -508,7 +550,7 @@ static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz
         } else {
             fill = sz;
         }
-        XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, fill);
+        XMEMCPY(&(ctx->buf[ctx->bufUsed]), in, (size_t)fill);
         ctx->bufUsed += fill;
         return fill;
     } else return 0;
@@ -516,9 +558,10 @@ static int fillBuff(WOLFSSL_EVP_CIPHER_CTX *ctx, const unsigned char *in, int sz
 
 static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
                                    unsigned char *out,
-                                   const unsigned char *in, int inl)
+                                   const unsigned char *in, int inLen)
 {
     int ret = 0;
+    word32 inl = (word32)inLen;
 
     switch (ctx->cipherType) {
 #if !defined(NO_AES)
@@ -591,15 +634,15 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
                 ret = wc_AesCfbDecrypt(&ctx->cipher.aes, out, in, inl);
             break;
     #endif
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     case AES_128_XTS_TYPE:
     case AES_256_XTS_TYPE:
         if (ctx->enc)
             ret = wc_AesXtsEncrypt(&ctx->cipher.xts, out, in, inl,
-                    ctx->iv, ctx->ivSz);
+                    ctx->iv, (word32)ctx->ivSz);
         else
             ret = wc_AesXtsDecrypt(&ctx->cipher.xts, out, in, inl,
-                    ctx->iv, ctx->ivSz);
+                    ctx->iv, (word32)ctx->ivSz);
         break;
 #endif
 #endif /* !NO_AES */
@@ -628,8 +671,30 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
     #ifndef NO_RC4
         case ARC4_TYPE:
             wc_Arc4Process(&ctx->cipher.arc4, out, in, inl);
-        break;
+            break;
     #endif
+#if defined(WOLFSSL_SM4_ECB)
+        case SM4_ECB_TYPE:
+            if (ctx->enc)
+                wc_Sm4EcbEncrypt(&ctx->cipher.sm4, out, in, inl);
+            else
+                wc_Sm4EcbDecrypt(&ctx->cipher.sm4, out, in, inl);
+            break;
+#endif
+#if defined(WOLFSSL_SM4_CBC)
+        case SM4_CBC_TYPE:
+            if (ctx->enc)
+                wc_Sm4CbcEncrypt(&ctx->cipher.sm4, out, in, inl);
+            else
+                wc_Sm4CbcDecrypt(&ctx->cipher.sm4, out, in, inl);
+            break;
+#endif
+#if defined(WOLFSSL_SM4_CTR)
+        case SM4_CTR_TYPE:
+            wc_Sm4CtrEncrypt(&ctx->cipher.sm4, out, in, inl);
+            break;
+#endif
+
         default:
             ret = WOLFSSL_FAILURE;
     }
@@ -641,16 +706,16 @@ static int evpCipherBlock(WOLFSSL_EVP_CIPHER_CTX *ctx,
     return (ret == 0) ? WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
 }
 
-#if defined(HAVE_AESGCM)
-#ifndef WOLFSSL_AESGCM_STREAM
+#if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)
+#if defined(WOLFSSL_SM4_GCM) || !defined(WOLFSSL_AESGCM_STREAM)
 static int wolfSSL_EVP_CipherUpdate_GCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
         const unsigned char *in, int inl) {
     if (in && inl > 0) {
         byte* tmp = (byte*)XREALLOC(ctx->authIn,
-                ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
+                (size_t)(ctx->authInSz + inl), NULL, DYNAMIC_TYPE_OPENSSL);
         if (tmp) {
             ctx->authIn = tmp;
-            XMEMCPY(ctx->authIn + ctx->authInSz, in, inl);
+            XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
             ctx->authInSz += inl;
         }
         else {
@@ -664,9 +729,113 @@ static int wolfSSL_EVP_CipherUpdate_GCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
 
 static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
                                    unsigned char *out, int *outl,
+                                   const unsigned char *in, int inLen)
+{
+    word32 inl = (word32)inLen;
+
+#if defined(WOLFSSL_SM4_GCM) || !defined(WOLFSSL_AESGCM_STREAM)
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_AESGCM_STREAM)
+    if (ctx->cipherType == SM4_GCM_TYPE)
+#endif
+    {
+        int ret = 0;
+
+        *outl = inl;
+        if (out) {
+            /* Buffer input for one-shot API */
+            if (inl > 0) {
+                byte* tmp;
+                tmp = (byte*)XREALLOC(ctx->authBuffer,
+                        (size_t)(ctx->authBufferLen + inl), NULL,
+                        DYNAMIC_TYPE_OPENSSL);
+                if (tmp) {
+                    XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
+                    ctx->authBufferLen += inl;
+                    ctx->authBuffer = tmp;
+                    *outl = 0;
+                }
+                else {
+                    ret = MEMORY_E;
+                }
+            }
+        }
+        else {
+            ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, in, inl);
+        }
+
+        if (ret != 0) {
+            *outl = 0;
+            return WOLFSSL_FAILURE;
+        }
+
+        return WOLFSSL_SUCCESS;
+    }
+#endif
+#if defined(WOLFSSL_SM4_GCM) && defined(WOLFSSL_AESGCM_STREAM)
+    else
+#endif
+#if defined(WOLFSSL_AESGCM_STREAM)
+    {
+        int ret;
+
+        /* When out is NULL then this is AAD. */
+        if (out == NULL) {
+            if (ctx->enc) {
+                ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, NULL, NULL, 0,
+                    in, inl);
+            }
+            else {
+                ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, NULL, NULL, 0,
+                    in, inl);
+            }
+        }
+        /* When out is not NULL then this is plaintext/cipher text. */
+        else {
+            if (ctx->enc) {
+                ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, out, in, inl,
+                    NULL, 0);
+            }
+            else {
+                ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, out, in, inl,
+                    NULL, 0);
+            }
+        }
+        *outl = (int)inl;
+        if (ret == 0) {
+            ret = WOLFSSL_SUCCESS;
+        }
+        else {
+            ret = WOLFSSL_FAILURE;
+        }
+        return ret;
+    }
+#endif /* WOLFSSL_AESGCM_STREAM */
+}
+#endif /* HAVE_AESGCM || WOLFSSL_SM4_GCM */
+
+#if defined(HAVE_AESCCM) || defined(WOLFSSL_SM4_CCM)
+static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
+        const unsigned char *in, int inl) {
+    if (in && inl > 0) {
+        byte* tmp = (byte*)XREALLOC(ctx->authIn,
+                (size_t)(ctx->authInSz + inl), NULL, DYNAMIC_TYPE_OPENSSL);
+        if (tmp) {
+            ctx->authIn = tmp;
+            XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
+            ctx->authInSz += inl;
+        }
+        else {
+            WOLFSSL_MSG("realloc error");
+            return MEMORY_E;
+        }
+    }
+    return 0;
+}
+
+static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
+                                   unsigned char *out, int *outl,
                                    const unsigned char *in, int inl)
 {
-#ifndef WOLFSSL_AESGCM_STREAM
     int ret = 0;
 
     *outl = inl;
@@ -675,10 +844,10 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
         if (inl > 0) {
             byte* tmp;
             tmp = (byte*)XREALLOC(ctx->authBuffer,
-                    ctx->authBufferLen + inl, NULL,
+                    (size_t)(ctx->authBufferLen + inl), NULL,
                     DYNAMIC_TYPE_OPENSSL);
             if (tmp) {
-                XMEMCPY(tmp + ctx->authBufferLen, in, inl);
+                XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
                 ctx->authBufferLen += inl;
                 ctx->authBuffer = tmp;
                 *outl = 0;
@@ -689,7 +858,7 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
         }
     }
     else {
-        ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, in, inl);
+        ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, in, inl);
     }
 
     if (ret != 0) {
@@ -698,52 +867,19 @@ static int wolfSSL_EVP_CipherUpdate_GCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
     }
 
     return WOLFSSL_SUCCESS;
-#else
-    int ret;
-
-    /* When out is NULL then this is AAD. */
-    if (out == NULL) {
-        if (ctx->enc) {
-            ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, NULL, NULL, 0, in,
-                inl);
-        }
-        else {
-            ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, NULL, NULL, 0, in,
-                inl);
-        }
-    }
-    /* When out is not NULL then this is plaintext/cipher text. */
-    else {
-        if (ctx->enc) {
-            ret = wc_AesGcmEncryptUpdate(&ctx->cipher.aes, out, in, inl, NULL,
-                0);
-        }
-        else {
-            ret = wc_AesGcmDecryptUpdate(&ctx->cipher.aes, out, in, inl, NULL,
-                0);
-        }
-    }
-    *outl = inl;
-    if (ret == 0) {
-        ret = WOLFSSL_SUCCESS;
-    }
-    else {
-        ret = WOLFSSL_FAILURE;
-    }
-    return ret;
-#endif /* WOLFSSL_AESGCM_STREAM */
 }
-#endif /* HAVE_AESGCM */
+#endif /* HAVE_AESCCM || WOLFSSL_SM4_CCM */
 
-#if defined(HAVE_AESCCM)
-static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
-        const unsigned char *in, int inl) {
+#if defined(HAVE_ARIA)
+static int wolfSSL_EVP_CipherUpdate_AriaGCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
+        const unsigned char *in, int inl)
+{
     if (in && inl > 0) {
         byte* tmp = (byte*)XREALLOC(ctx->authIn,
-                ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
+                (size_t)ctx->authInSz + inl, NULL, DYNAMIC_TYPE_OPENSSL);
         if (tmp) {
             ctx->authIn = tmp;
-            XMEMCPY(ctx->authIn + ctx->authInSz, in, inl);
+            XMEMCPY(ctx->authIn + ctx->authInSz, in, (size_t)inl);
             ctx->authInSz += inl;
         }
         else {
@@ -754,7 +890,7 @@ static int wolfSSL_EVP_CipherUpdate_CCM_AAD(WOLFSSL_EVP_CIPHER_CTX *ctx,
     return 0;
 }
 
-static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
+static int wolfSSL_EVP_CipherUpdate_AriaGCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
                                    unsigned char *out, int *outl,
                                    const unsigned char *in, int inl)
 {
@@ -765,11 +901,15 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
         /* Buffer input for one-shot API */
         if (inl > 0) {
             byte* tmp;
+            int size = ctx->authBufferLen + inl;
+            if (ctx->enc == 0) { /* Append extra space for the tag */
+                size = WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(size);
+            }
             tmp = (byte*)XREALLOC(ctx->authBuffer,
-                    ctx->authBufferLen + inl, NULL,
+                    (size_t)size, NULL,
                     DYNAMIC_TYPE_OPENSSL);
             if (tmp) {
-                XMEMCPY(tmp + ctx->authBufferLen, in, inl);
+                XMEMCPY(tmp + ctx->authBufferLen, in, (size_t)inl);
                 ctx->authBufferLen += inl;
                 ctx->authBuffer = tmp;
                 *outl = 0;
@@ -780,7 +920,7 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
         }
     }
     else {
-        ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, in, inl);
+        ret = wolfSSL_EVP_CipherUpdate_AriaGCM_AAD(ctx, in, inl);
     }
 
     if (ret != 0) {
@@ -790,7 +930,8 @@ static int wolfSSL_EVP_CipherUpdate_CCM(WOLFSSL_EVP_CIPHER_CTX *ctx,
 
     return WOLFSSL_SUCCESS;
 }
-#endif /* HAVE_AESCCM */
+#endif /* HAVE_ARIA */
+
 
 /* returns WOLFSSL_SUCCESS on success and WOLFSSL_FAILURE on failure */
 int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
@@ -833,11 +974,18 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
              * additional auth data */
             return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl);
 #endif /* !defined(NO_AES) && defined(HAVE_AESCCM) */
+#if defined(HAVE_ARIA)
+        case ARIA_128_GCM_TYPE:
+        case ARIA_192_GCM_TYPE:
+        case ARIA_256_GCM_TYPE:
+            /* if out == NULL, in/inl contains the additional auth data */
+            return wolfSSL_EVP_CipherUpdate_AriaGCM(ctx, out, outl, in, inl);
+#endif /* defined(HAVE_ARIA) */
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
         case CHACHA20_POLY1305_TYPE:
             if (out == NULL) {
                 if (wc_ChaCha20Poly1305_UpdateAad(&ctx->cipher.chachaPoly, in,
-                                                  inl) != 0) {
+                                                  (word32)inl) != 0) {
                     WOLFSSL_MSG("wc_ChaCha20Poly1305_UpdateAad failed");
                     return WOLFSSL_FAILURE;
                 }
@@ -848,7 +996,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
             }
             else {
                 if (wc_ChaCha20Poly1305_UpdateData(&ctx->cipher.chachaPoly, in,
-                                                   out, inl) != 0) {
+                                                   out, (word32)inl) != 0) {
                     WOLFSSL_MSG("wc_ChaCha20Poly1305_UpdateData failed");
                     return WOLFSSL_FAILURE;
                 }
@@ -860,13 +1008,25 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
 #endif
 #ifdef HAVE_CHACHA
         case CHACHA20_TYPE:
-            if (wc_Chacha_Process(&ctx->cipher.chacha, out, in, inl) != 0) {
+            if (wc_Chacha_Process(&ctx->cipher.chacha, out, in, (word32)inl) !=
+                    0) {
                 WOLFSSL_MSG("wc_ChaCha_Process failed");
                 return WOLFSSL_FAILURE;
             }
             *outl = inl;
             return WOLFSSL_SUCCESS;
 #endif
+#ifdef WOLFSSL_SM4_GCM
+        case SM4_GCM_TYPE:
+            /* if out == NULL, in/inl contains the additional auth data */
+            return wolfSSL_EVP_CipherUpdate_GCM(ctx, out, outl, in, inl);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        case SM4_CCM_TYPE:
+            /* if out == NULL, in/inl contains the
+             * additional auth data */
+            return wolfSSL_EVP_CipherUpdate_CCM(ctx, out, outl, in, inl);
+#endif
         default:
             /* fall-through */
             break;
@@ -894,7 +1054,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
          * Update the last block stored if one has already been stored */
         if (ctx->enc == 0) {
             if (ctx->lastUsed == 1) {
-                XMEMCPY(out, ctx->lastBlock, ctx->block_size);
+                XMEMCPY(out, ctx->lastBlock, (size_t)ctx->block_size);
                 *outl+= ctx->block_size;
                 out  += ctx->block_size;
             }
@@ -923,7 +1083,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
          * Update the last block stored if one has already been stored */
         if ((ctx->enc == 0) && (ctx->lastUsed == 1)) {
             PRINT_BUF(ctx->lastBlock, ctx->block_size);
-            XMEMCPY(out, ctx->lastBlock, ctx->block_size);
+            XMEMCPY(out, ctx->lastBlock, (size_t)ctx->block_size);
             *outl += ctx->block_size;
             out += ctx->block_size;
             ctx->lastUsed = 0;
@@ -950,7 +1110,7 @@ int wolfSSL_EVP_CipherUpdate(WOLFSSL_EVP_CIPHER_CTX *ctx,
                     blocks = blocks - 1; /* save last block to check padding in
                                           * EVP_CipherFinal call */
                     XMEMCPY(ctx->lastBlock, &out[ctx->block_size * blocks],
-                            ctx->block_size);
+                            (size_t)ctx->block_size);
                 }
                 *outl += ctx->block_size * blocks;
             }
@@ -990,19 +1150,18 @@ static int checkPad(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *buff)
     return ctx->block_size - n;
 }
 
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
-        ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
-            || FIPS_VERSION_GE(2,0))
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+     defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+    ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || FIPS_VERSION_GE(2,0))
 static WC_INLINE void IncCtr(byte* ctr, word32 ctrSz)
 {
     int i;
-    for (i = ctrSz-1; i >= 0; i--) {
+    for (i = (int)ctrSz-1; i >= 0; i--) {
         if (++ctr[i])
             break;
     }
 }
-#endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
-        * HAVE_FIPS_VERSION >= 2 */
+#endif
 
 int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
                             int *outl)
@@ -1047,8 +1206,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
                 ctx->authBufferLen = 0;
 
                 if (ctx->authIncIv) {
-                    IncCtr((byte*)ctx->cipher.aes.reg,
-                           ctx->cipher.aes.nonceSz);
+                    IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
                     ctx->authIncIv = 0;
                 }
             }
@@ -1060,28 +1218,27 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
             *outl = 0;
             if (ctx->enc) {
                 ret = wc_AesGcmEncryptFinal(&ctx->cipher.aes, ctx->authTag,
-                    ctx->authTagSz);
+                    (word32)ctx->authTagSz);
             }
             else {
                 ret = wc_AesGcmDecryptFinal(&ctx->cipher.aes, ctx->authTag,
-                    ctx->authTagSz);
+                    (word32)ctx->authTagSz);
                 if (ctx->authIncIv) {
                     IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
                 }
             }
-            if (ret == 0) {
-                /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
-                if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
-                                  (byte*)ctx->cipher.aes.reg,
-                                  ctx->ivSz) != 0) {
-                    WOLFSSL_MSG("wc_AesGcmInit failed");
-                    ret = WOLFSSL_FAILURE;
-                }
-                else {
-                    ret = WOLFSSL_SUCCESS;
-                }
-            }
-            else {
+
+            if (ret == 0)
+                ret = WOLFSSL_SUCCESS;
+            else
+                ret = WOLFSSL_FAILURE;
+
+            /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
+            if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
+                              (byte*)ctx->cipher.aes.reg,
+                              (word32)ctx->ivSz) != 0)
+            {
+                WOLFSSL_MSG("wc_AesGcmInit failed");
                 ret = WOLFSSL_FAILURE;
             }
 #endif /* WOLFSSL_AESGCM_STREAM */
@@ -1107,16 +1264,20 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
         case AES_256_CCM_TYPE:
             if ((ctx->authBuffer && ctx->authBufferLen > 0)
              || (ctx->authBufferLen == 0)) {
-                if (ctx->enc)
+                if (ctx->enc) {
                     ret = wc_AesCcmEncrypt(&ctx->cipher.aes, out,
-                            ctx->authBuffer, ctx->authBufferLen,
-                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
-                            ctx->authIn, ctx->authInSz);
-                else
+                        ctx->authBuffer, (word32)ctx->authBufferLen,
+                        ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+                        (word32)ctx->authTagSz, ctx->authIn,
+                        (word32)ctx->authInSz);
+                }
+                else {
                     ret = wc_AesCcmDecrypt(&ctx->cipher.aes, out,
-                            ctx->authBuffer, ctx->authBufferLen,
-                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
-                            ctx->authIn, ctx->authInSz);
+                        ctx->authBuffer, (word32)ctx->authBufferLen,
+                        ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+                        (word32)ctx->authTagSz, ctx->authIn,
+                        (word32)ctx->authInSz);
+                }
 
                 if (ret == 0) {
                     ret = WOLFSSL_SUCCESS;
@@ -1132,8 +1293,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
                 ctx->authBufferLen = 0;
 
                 if (ctx->authIncIv) {
-                    IncCtr((byte*)ctx->cipher.aes.reg,
-                           ctx->cipher.aes.nonceSz);
+                    IncCtr((byte*)ctx->cipher.aes.reg, ctx->cipher.aes.nonceSz);
                     ctx->authIncIv = 0;
                 }
             }
@@ -1156,6 +1316,61 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
             break;
 #endif /* HAVE_AESCCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
         * HAVE_FIPS_VERSION >= 2 */
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+    || FIPS_VERSION_GE(2,0))
+        case ARIA_128_GCM_TYPE:
+        case ARIA_192_GCM_TYPE:
+        case ARIA_256_GCM_TYPE:
+            if ((ctx->authBuffer && ctx->authBufferLen > 0)
+             || (ctx->authBufferLen == 0)) {
+                if (ctx->enc)
+                    ret = wc_AriaEncrypt(&ctx->cipher.aria, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authIn, ctx->authInSz,
+                            ctx->authTag, ctx->authTagSz);
+                else
+                    ret = wc_AriaDecrypt(&ctx->cipher.aria, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authIn, ctx->authInSz,
+                            ctx->authTag, ctx->authTagSz);
+
+                if (ret == 0) {
+                    ret = WOLFSSL_SUCCESS;
+                    *outl = ctx->authBufferLen;
+                }
+                else {
+                    ret = WOLFSSL_FAILURE;
+                    *outl = 0;
+                }
+
+                XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+                ctx->authBuffer = NULL;
+                ctx->authBufferLen = 0;
+
+                if (ctx->authIncIv) {
+                    IncCtr((byte*)ctx->cipher.aria.nonce,
+                           ctx->cipher.aria.nonceSz);
+                    ctx->authIncIv = 0;
+                }
+            }
+            else {
+                *outl = 0;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                if (ctx->authIncIv) {
+                    ctx->authIncIv = 0;
+                }
+                else {
+                    /* Clear IV, since IV reuse is not recommended for AES GCM. */
+                    XMEMSET(ctx->iv, 0, ARIA_BLOCK_SIZE);
+                }
+                if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+                    ret = WOLFSSL_FAILURE;
+                }
+            }
+            break;
+#endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+        * HAVE_FIPS_VERSION >= 2 */
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
         case CHACHA20_POLY1305_TYPE:
             if (wc_ChaCha20Poly1305_Final(&ctx->cipher.chachaPoly,
@@ -1167,6 +1382,109 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
                 *outl = 0;
                 return WOLFSSL_SUCCESS;
             }
+            break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+        case SM4_GCM_TYPE:
+            if ((ctx->authBuffer && ctx->authBufferLen > 0) ||
+                     (ctx->authBufferLen == 0)) {
+                if (ctx->enc)
+                    ret = wc_Sm4GcmEncrypt(&ctx->cipher.sm4, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+                            ctx->authIn, ctx->authInSz);
+                else
+                    ret = wc_Sm4GcmDecrypt(&ctx->cipher.sm4, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+                            ctx->authIn, ctx->authInSz);
+
+                if (ret == 0) {
+                    ret = WOLFSSL_SUCCESS;
+                    *outl = ctx->authBufferLen;
+                }
+                else {
+                    ret = WOLFSSL_FAILURE;
+                    *outl = 0;
+                }
+
+                XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+                ctx->authBuffer = NULL;
+                ctx->authBufferLen = 0;
+
+                if (ctx->authIncIv) {
+                    IncCtr((byte*)ctx->cipher.sm4.iv, ctx->cipher.sm4.nonceSz);
+                    ctx->authIncIv = 0;
+                }
+            }
+            else {
+                *outl = 0;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                if (ctx->authIncIv) {
+                    ctx->authIncIv = 0;
+                }
+                else {
+                    /* Clear IV, since IV reuse is not recommended for SM4 GCM.
+                     */
+                    XMEMSET(ctx->iv, 0, SM4_BLOCK_SIZE);
+                }
+                if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+                    ret = WOLFSSL_FAILURE;
+                }
+            }
+            break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        case SM4_CCM_TYPE:
+            if ((ctx->authBuffer && ctx->authBufferLen > 0) ||
+                    (ctx->authBufferLen == 0)) {
+                if (ctx->enc)
+                    ret = wc_Sm4CcmEncrypt(&ctx->cipher.sm4, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+                            ctx->authIn, ctx->authInSz);
+                else
+                    ret = wc_Sm4CcmDecrypt(&ctx->cipher.sm4, out,
+                            ctx->authBuffer, ctx->authBufferLen,
+                            ctx->iv, ctx->ivSz, ctx->authTag, ctx->authTagSz,
+                            ctx->authIn, ctx->authInSz);
+
+                if (ret == 0) {
+                    ret = WOLFSSL_SUCCESS;
+                    *outl = ctx->authBufferLen;
+                }
+                else {
+                    ret = WOLFSSL_FAILURE;
+                    *outl = 0;
+                }
+
+                XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
+                ctx->authBuffer = NULL;
+                ctx->authBufferLen = 0;
+
+                if (ctx->authIncIv) {
+                    IncCtr((byte*)ctx->cipher.sm4.iv, ctx->cipher.sm4.nonceSz);
+                    ctx->authIncIv = 0;
+                }
+            }
+            else {
+                *outl = 0;
+            }
+            if (ret == WOLFSSL_SUCCESS) {
+                if (ctx->authIncIv) {
+                    ctx->authIncIv = 0;
+                }
+                else {
+                    /* Clear IV, since IV reuse is not recommended
+                     * for SM4 CCM. */
+                    XMEMSET(ctx->iv, 0, SM4_BLOCK_SIZE);
+                }
+                if (wolfSSL_StoreExternalIV(ctx) != WOLFSSL_SUCCESS) {
+                    ret = WOLFSSL_FAILURE;
+                }
+            }
+            break;
 #endif
         default:
             if (!out)
@@ -1207,7 +1525,7 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
                     int fl;
                     PRINT_BUF(ctx->lastBlock, ctx->block_size);
                     if ((fl = checkPad(ctx, ctx->lastBlock)) >= 0) {
-                        XMEMCPY(out, ctx->lastBlock, fl);
+                        XMEMCPY(out, ctx->lastBlock, (size_t)fl);
                         *outl = fl;
                         if (ctx->lastUsed == 0 && ctx->bufUsed == 0) {
                             /* return error in cases where the block length is
@@ -1230,7 +1548,8 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
     }
 
     if (ret == WOLFSSL_SUCCESS) {
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+     defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
         ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
             || FIPS_VERSION_GE(2,0))
         byte tmp = 0;
@@ -1251,6 +1570,12 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
             ctx->cipherType == AES_192_CCM_TYPE ||
             ctx->cipherType == AES_256_CCM_TYPE
         #endif
+        #ifdef WOLFSSL_SM4_GCM
+            || ctx->cipherType == SM4_GCM_TYPE
+        #endif
+        #ifdef WOLFSSL_SM4_CCM
+            || ctx->cipherType == SM4_CCM_TYPE
+        #endif
             ) {
             tmp = ctx->authIvGenEnable;
         }
@@ -1259,9 +1584,9 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
         /* reset cipher state after final */
         ret = wolfSSL_EVP_CipherInit(ctx, NULL, NULL, NULL, -1);
 
-#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM)) && \
-        ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
-            || FIPS_VERSION_GE(2,0))
+#if (defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+     defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)) && \
+    ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || FIPS_VERSION_GE(2,0))
         if (FALSE
         #ifdef HAVE_AESGCM
             || ctx->cipherType == AES_128_GCM_TYPE ||
@@ -1273,8 +1598,14 @@ int wolfSSL_EVP_CipherFinal(WOLFSSL_EVP_CIPHER_CTX *ctx, unsigned char *out,
             ctx->cipherType == AES_192_CCM_TYPE ||
             ctx->cipherType == AES_256_CCM_TYPE
         #endif
+        #ifdef WOLFSSL_SM4_GCM
+            || ctx->cipherType == SM4_GCM_TYPE
+        #endif
+        #ifdef WOLFSSL_SM4_CCM
+            || ctx->cipherType == SM4_CCM_TYPE
+        #endif
             ) {
-            ctx->authIvGenEnable = tmp;
+            ctx->authIvGenEnable = (tmp == 1);
         }
 #endif
     }
@@ -1319,7 +1650,7 @@ int  wolfSSL_EVP_DecryptFinal_legacy(WOLFSSL_EVP_CIPHER_CTX *ctx,
             fl = ctx->block_size;
         }
         else {
-            XMEMCPY(out, ctx->lastBlock, fl);
+            XMEMCPY(out, ctx->lastBlock, (size_t)fl);
         }
         *outl = fl;
     }
@@ -1336,7 +1667,7 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
 {
     if (ctx == NULL) return BAD_FUNC_ARG;
     switch (ctx->cipherType) {
-#if !defined(NO_AES) || !defined(NO_DES3)
+#if !defined(NO_AES) || !defined(NO_DES3) || defined(WOLFSSL_SM4)
 #if !defined(NO_AES)
 #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
     case AES_128_CBC_TYPE:
@@ -1374,10 +1705,15 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
     case AES_192_OFB_TYPE:
     case AES_256_OFB_TYPE:
 #endif
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     case AES_128_XTS_TYPE:
     case AES_256_XTS_TYPE:
 #endif
+#if defined(HAVE_ARIA)
+    case ARIA_128_GCM_TYPE:
+    case ARIA_192_GCM_TYPE:
+    case ARIA_256_GCM_TYPE:
+#endif
 
     case AES_128_ECB_TYPE:
     case AES_192_ECB_TYPE:
@@ -1389,8 +1725,23 @@ int wolfSSL_EVP_CIPHER_CTX_block_size(const WOLFSSL_EVP_CIPHER_CTX *ctx)
     case DES_EDE3_CBC_TYPE:
     case DES_EDE3_ECB_TYPE:
 #endif
+#ifdef WOLFSSL_SM4_ECB
+    case SM4_ECB_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    case SM4_CBC_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    case SM4_CTR_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    case SM4_GCM_TYPE:
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    case SM4_CCM_TYPE:
+#endif
         return ctx->block_size;
-#endif /* !NO_AES || !NO_DES3 */
+#endif /* !NO_AES || !NO_DES3 || WOLFSSL_SM4 */
     default:
         return 0;
     }
@@ -1482,7 +1833,7 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
         return AES_256_ECB_TYPE;
     #endif
 #endif /*HAVE_AES_CBC */
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
     else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_AES_128_XTS))
         return AES_128_XTS_TYPE;
@@ -1545,6 +1896,14 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
     #endif
 #endif
 #endif /* !NO_AES */
+#if defined(HAVE_ARIA)
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_128_GCM))
+        return ARIA_128_GCM_TYPE;
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_192_GCM))
+        return ARIA_192_GCM_TYPE;
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARIA_256_GCM))
+        return ARIA_256_GCM_TYPE;
+#endif /* HAVE_ARIA */
 
 #ifndef NO_RC4
     else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_ARC4))
@@ -1561,94 +1920,145 @@ static unsigned int cipherType(const WOLFSSL_EVP_CIPHER *cipher)
         return CHACHA20_TYPE;
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_ECB))
+        return SM4_ECB_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CBC))
+        return SM4_CBC_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CTR))
+        return SM4_CTR_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_GCM))
+        return SM4_GCM_TYPE;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    else if (EVP_CIPHER_TYPE_MATCHES(cipher, EVP_SM4_CCM))
+        return SM4_CCM_TYPE;
+#endif
+
       else return 0;
 }
 
 int wolfSSL_EVP_CIPHER_block_size(const WOLFSSL_EVP_CIPHER *cipher)
 {
-  if (cipher == NULL) return BAD_FUNC_ARG;
-  switch (cipherType(cipher)) {
+    if (cipher == NULL)
+        return BAD_FUNC_ARG;
+
+    switch (cipherType(cipher)) {
 #if !defined(NO_AES)
-  #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
-      case AES_128_CBC_TYPE:
-      case AES_192_CBC_TYPE:
-      case AES_256_CBC_TYPE:
-          return AES_BLOCK_SIZE;
-  #endif
-  #if defined(HAVE_AESGCM)
-      case AES_128_GCM_TYPE:
-      case AES_192_GCM_TYPE:
-      case AES_256_GCM_TYPE:
-          return 1;
-  #endif
-  #if defined(HAVE_AESCCM)
-      case AES_128_CCM_TYPE:
-      case AES_192_CCM_TYPE:
-      case AES_256_CCM_TYPE:
-          return 1;
-  #endif
-  #if defined(WOLFSSL_AES_COUNTER)
-      case AES_128_CTR_TYPE:
-      case AES_192_CTR_TYPE:
-      case AES_256_CTR_TYPE:
-          return 1;
-  #endif
-  #if defined(HAVE_AES_ECB)
-      case AES_128_ECB_TYPE:
-      case AES_192_ECB_TYPE:
-      case AES_256_ECB_TYPE:
-          return AES_BLOCK_SIZE;
-  #endif
-  #if defined(WOLFSSL_AES_CFB)
-      case AES_128_CFB1_TYPE:
-      case AES_192_CFB1_TYPE:
-      case AES_256_CFB1_TYPE:
-      case AES_128_CFB8_TYPE:
-      case AES_192_CFB8_TYPE:
-      case AES_256_CFB8_TYPE:
-      case AES_128_CFB128_TYPE:
-      case AES_192_CFB128_TYPE:
-      case AES_256_CFB128_TYPE:
-          return 1;
-  #endif
-  #if defined(WOLFSSL_AES_OFB)
-      case AES_128_OFB_TYPE:
-      case AES_192_OFB_TYPE:
-      case AES_256_OFB_TYPE:
-          return 1;
-  #endif
-  #if defined(WOLFSSL_AES_XTS)
-      case AES_128_XTS_TYPE:
-      case AES_256_XTS_TYPE:
-          return 1;
-  #endif
-#endif /* NO_AES */
+    #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
+        case AES_128_CBC_TYPE:
+        case AES_192_CBC_TYPE:
+        case AES_256_CBC_TYPE:
+            return AES_BLOCK_SIZE;
+    #endif
+    #if defined(HAVE_AESGCM)
+        case AES_128_GCM_TYPE:
+        case AES_192_GCM_TYPE:
+        case AES_256_GCM_TYPE:
+            return 1;
+    #endif
+    #if defined(HAVE_AESCCM)
+        case AES_128_CCM_TYPE:
+        case AES_192_CCM_TYPE:
+        case AES_256_CCM_TYPE:
+            return 1;
+    #endif
+    #if defined(WOLFSSL_AES_COUNTER)
+        case AES_128_CTR_TYPE:
+        case AES_192_CTR_TYPE:
+        case AES_256_CTR_TYPE:
+            return 1;
+    #endif
+    #if defined(HAVE_AES_ECB)
+        case AES_128_ECB_TYPE:
+        case AES_192_ECB_TYPE:
+        case AES_256_ECB_TYPE:
+            return AES_BLOCK_SIZE;
+    #endif
+    #if defined(WOLFSSL_AES_CFB)
+        case AES_128_CFB1_TYPE:
+        case AES_192_CFB1_TYPE:
+        case AES_256_CFB1_TYPE:
+        case AES_128_CFB8_TYPE:
+        case AES_192_CFB8_TYPE:
+        case AES_256_CFB8_TYPE:
+        case AES_128_CFB128_TYPE:
+        case AES_192_CFB128_TYPE:
+        case AES_256_CFB128_TYPE:
+            return 1;
+    #endif
+    #if defined(WOLFSSL_AES_OFB)
+        case AES_128_OFB_TYPE:
+        case AES_192_OFB_TYPE:
+        case AES_256_OFB_TYPE:
+            return 1;
+    #endif
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
+        case AES_128_XTS_TYPE:
+        case AES_256_XTS_TYPE:
+            return 1;
+    #endif
+  #endif /* NO_AES */
 
-#ifndef NO_RC4
-      case ARC4_TYPE:
-          return 1;
+  #ifndef NO_RC4
+        case ARC4_TYPE:
+            return 1;
+  #endif
+#if defined(HAVE_ARIA)
+    case ARIA_128_GCM_TYPE:
+    case ARIA_192_GCM_TYPE:
+    case ARIA_256_GCM_TYPE:
+        return 1;
 #endif
 
 #ifndef NO_DES3
-      case DES_CBC_TYPE: return 8;
-      case DES_EDE3_CBC_TYPE: return 8;
-      case DES_ECB_TYPE: return 8;
-      case DES_EDE3_ECB_TYPE: return 8;
+        case DES_CBC_TYPE: return 8;
+        case DES_EDE3_CBC_TYPE: return 8;
+        case DES_ECB_TYPE: return 8;
+        case DES_EDE3_ECB_TYPE: return 8;
 #endif
 
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-      case CHACHA20_POLY1305_TYPE:
-          return 1;
+        case CHACHA20_POLY1305_TYPE:
+            return 1;
 #endif
 
 #ifdef HAVE_CHACHA
-      case CHACHA20_TYPE:
-          return 1;
+        case CHACHA20_TYPE:
+            return 1;
 #endif
 
-      default:
-          return 0;
-      }
+#ifdef WOLFSSL_SM4_ECB
+       case SM4_ECB_TYPE:
+            return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+       case SM4_CBC_TYPE:
+            return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+       case SM4_CTR_TYPE:
+            return 1;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+       case SM4_GCM_TYPE:
+            return 1;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+       case SM4_CCM_TYPE:
+            return 1;
+#endif
+
+        default:
+            return 0;
+    }
 }
 
 unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
@@ -1699,7 +2109,8 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
         case AES_256_OFB_TYPE:
             return WOLFSSL_EVP_CIPH_OFB_MODE;
     #endif
-    #if defined(WOLFSSL_AES_XTS)
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
         case AES_128_XTS_TYPE:
         case AES_256_XTS_TYPE:
             return WOLFSSL_EVP_CIPH_XTS_MODE;
@@ -1709,6 +2120,13 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
         case AES_256_ECB_TYPE:
             return WOLFSSL_EVP_CIPH_ECB_MODE;
 #endif /* !NO_AES */
+    #if defined(HAVE_ARIA)
+        case ARIA_128_GCM_TYPE:
+        case ARIA_192_GCM_TYPE:
+        case ARIA_256_GCM_TYPE:
+            return WOLFSSL_EVP_CIPH_GCM_MODE |
+                    WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+    #endif
     #ifndef NO_DES3
         case DES_CBC_TYPE:
         case DES_EDE3_CBC_TYPE:
@@ -1730,47 +2148,73 @@ unsigned long WOLFSSL_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
         case CHACHA20_TYPE:
             return WOLFSSL_EVP_CIPH_STREAM_CIPHER;
     #endif
+    #ifdef WOLFSSL_SM4_ECB
+        case SM4_ECB_TYPE:
+            return WOLFSSL_EVP_CIPH_ECB_MODE;
+    #endif
+    #ifdef WOLFSSL_SM4_CBC
+        case SM4_CBC_TYPE:
+            return WOLFSSL_EVP_CIPH_CBC_MODE;
+    #endif
+    #ifdef WOLFSSL_SM4_CTR
+        case SM4_CTR_TYPE:
+            return WOLFSSL_EVP_CIPH_CTR_MODE;
+    #endif
+    #ifdef WOLFSSL_SM4_GCM
+        case SM4_GCM_TYPE:
+            return WOLFSSL_EVP_CIPH_GCM_MODE |
+                    WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+    #endif
+    #ifdef WOLFSSL_SM4_CCM
+        case SM4_CCM_TYPE:
+            return WOLFSSL_EVP_CIPH_CCM_MODE |
+                    WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+    #endif
         default:
             return 0;
-        }
+    }
 }
 
 unsigned long WOLFSSL_EVP_CIPHER_mode(const WOLFSSL_EVP_CIPHER *cipher)
 {
-  if (cipher == NULL) return 0;
-  return WOLFSSL_CIPHER_mode(cipher) & WOLFSSL_EVP_CIPH_MODE;
+    if (cipher == NULL)
+        return 0;
+    return WOLFSSL_CIPHER_mode(cipher) & WOLFSSL_EVP_CIPH_MODE;
 }
 
 void wolfSSL_EVP_CIPHER_CTX_set_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
 {
     if (ctx != NULL) {
-        ctx->flags |= flags;
+        ctx->flags |= (unsigned long)flags;
     }
 }
 
 void wolfSSL_EVP_CIPHER_CTX_clear_flags(WOLFSSL_EVP_CIPHER_CTX *ctx, int flags)
 {
     if (ctx != NULL) {
-        ctx->flags &= ~flags;
+        ctx->flags &= (unsigned long)~flags;
     }
 }
 
 unsigned long wolfSSL_EVP_CIPHER_flags(const WOLFSSL_EVP_CIPHER *cipher)
 {
-  if (cipher == NULL) return 0;
-  return WOLFSSL_CIPHER_mode(cipher);
+    if (cipher == NULL)
+        return 0;
+    return WOLFSSL_CIPHER_mode(cipher);
 }
 
-int  wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx, int padding)
+int  wolfSSL_EVP_CIPHER_CTX_set_padding(WOLFSSL_EVP_CIPHER_CTX *ctx,
+    int padding)
 {
-  if (ctx == NULL) return BAD_FUNC_ARG;
-  if (padding) {
-      ctx->flags &= ~WOLFSSL_EVP_CIPH_NO_PADDING;
-  }
-  else {
-      ctx->flags |=  WOLFSSL_EVP_CIPH_NO_PADDING;
-  }
-  return 1;
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+    if (padding) {
+        ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_NO_PADDING;
+    }
+    else {
+        ctx->flags |=  WOLFSSL_EVP_CIPH_NO_PADDING;
+    }
+    return 1;
 }
 
 int wolfSSL_EVP_add_digest(const WOLFSSL_EVP_MD *digest)
@@ -1793,9 +2237,9 @@ int wolfSSL_EVP_PKEY_CTX_free(WOLFSSL_EVP_PKEY_CTX *ctx)
 {
     if (ctx == NULL)
 #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
-     return;
+        return;
 #else
-     return 0;
+        return 0;
 #endif
     WOLFSSL_ENTER("wolfSSL_EVP_PKEY_CTX_free");
     if (ctx->pkey != NULL)
@@ -2108,7 +2552,7 @@ int wolfSSL_EVP_PKEY_derive(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *key, size_
                     return WOLFSSL_FAILURE;
                 }
                 /* Length of extract only is always the length of the hash. */
-                *keylen = hkdfHashSz;
+                *keylen = (size_t)hkdfHashSz;
             }
         }
         else if (ctx->pkey->hkdfMode == EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) {
@@ -2176,14 +2620,15 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_salt(WOLFSSL_EVP_PKEY_CTX* ctx,
         if (ctx->pkey->hkdfSalt != NULL) {
             XFREE(ctx->pkey->hkdfSalt, NULL, DYNAMIC_TYPE_SALT);
         }
-        ctx->pkey->hkdfSalt = (byte*)XMALLOC(saltSz, NULL, DYNAMIC_TYPE_SALT);
+        ctx->pkey->hkdfSalt = (byte*)XMALLOC((size_t)saltSz, NULL,
+            DYNAMIC_TYPE_SALT);
         if (ctx->pkey->hkdfSalt == NULL) {
             WOLFSSL_MSG("Failed to allocate HKDF salt buffer.");
             ret = WOLFSSL_FAILURE;
         }
         else {
-            XMEMCPY(ctx->pkey->hkdfSalt, salt, saltSz);
-            ctx->pkey->hkdfSaltSz = saltSz;
+            XMEMCPY(ctx->pkey->hkdfSalt, salt, (size_t)saltSz);
+            ctx->pkey->hkdfSaltSz = (word32)saltSz;
         }
     }
 
@@ -2212,14 +2657,15 @@ int wolfSSL_EVP_PKEY_CTX_set1_hkdf_key(WOLFSSL_EVP_PKEY_CTX* ctx,
         if (ctx->pkey->hkdfKey != NULL) {
             XFREE(ctx->pkey->hkdfKey, NULL, DYNAMIC_TYPE_KEY);
         }
-        ctx->pkey->hkdfKey = (byte*)XMALLOC(keySz, NULL, DYNAMIC_TYPE_KEY);
+        ctx->pkey->hkdfKey = (byte*)XMALLOC((size_t)keySz, NULL,
+            DYNAMIC_TYPE_KEY);
         if (ctx->pkey->hkdfKey == NULL) {
             WOLFSSL_MSG("Failed to allocate HKDF key buffer.");
             ret = WOLFSSL_FAILURE;
         }
         else {
-            XMEMCPY(ctx->pkey->hkdfKey, key, keySz);
-            ctx->pkey->hkdfKeySz = keySz;
+            XMEMCPY(ctx->pkey->hkdfKey, key, (size_t)keySz);
+            ctx->pkey->hkdfKeySz = (word32)keySz;
         }
     }
 
@@ -2245,17 +2691,20 @@ int wolfSSL_EVP_PKEY_CTX_add1_hkdf_info(WOLFSSL_EVP_PKEY_CTX* ctx,
     }
 
     if (ret == WOLFSSL_SUCCESS && info != NULL && infoSz > 0) {
+        unsigned char* p;
         /* If there's already info in the buffer, append. */
-        ctx->pkey->hkdfInfo = (byte*)XREALLOC(ctx->pkey->hkdfInfo,
-            ctx->pkey->hkdfInfoSz + infoSz, NULL, DYNAMIC_TYPE_INFO);
-        if (ctx->pkey->hkdfInfo == NULL) {
+        p = (byte*)XREALLOC(ctx->pkey->hkdfInfo,
+            (size_t)(ctx->pkey->hkdfInfoSz + (word32)infoSz), NULL,
+            DYNAMIC_TYPE_INFO);
+        if (p == NULL) {
             WOLFSSL_MSG("Failed to reallocate larger HKDF info buffer.");
             ret = WOLFSSL_FAILURE;
         }
         else {
+            ctx->pkey->hkdfInfo = p;
             XMEMCPY(ctx->pkey->hkdfInfo + ctx->pkey->hkdfInfoSz, info,
-                    infoSz);
-            ctx->pkey->hkdfInfoSz += infoSz;
+                    (size_t)infoSz);
+            ctx->pkey->hkdfInfoSz += (word32)infoSz;
         }
     }
 
@@ -2342,7 +2791,7 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
                 return WOLFSSL_FAILURE;
             }
 
-            *outLen = len;
+            *outLen = (size_t)len;
             return WOLFSSL_SUCCESS;
         }
 
@@ -2350,7 +2799,7 @@ int wolfSSL_EVP_PKEY_decrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
               ctx->pkey->rsa, ctx->padding);
         if (len < 0) break;
         else {
-            *outLen = len;
+            *outLen = (size_t)len;
             return WOLFSSL_SUCCESS;
         }
 #endif /* NO_RSA */
@@ -2445,7 +2894,7 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
                 return WOLFSSL_FAILURE;
             }
 
-            *outLen = len;
+            *outLen = (size_t)len;
             return WOLFSSL_SUCCESS;
         }
 
@@ -2454,7 +2903,7 @@ int wolfSSL_EVP_PKEY_encrypt(WOLFSSL_EVP_PKEY_CTX *ctx,
         if (len < 0)
             break;
         else {
-            *outLen = len;
+            *outLen = (size_t)len;
             return WOLFSSL_SUCCESS;
         }
 #endif /* NO_RSA */
@@ -2593,7 +3042,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
             return WOLFSSL_FAILURE;
         bytes *= 2;
         if (!sig) {
-            *siglen = bytes;
+            *siglen = (size_t)bytes;
             return WOLFSSL_SUCCESS;
         }
         if ((int)*siglen < bytes)
@@ -2604,7 +3053,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
             return ret;
         if (bytes == WOLFSSL_FAILURE)
             return WOLFSSL_FAILURE;
-        *siglen = bytes;
+        *siglen = (size_t)bytes;
         return WOLFSSL_SUCCESS;
     }
 #endif /* NO_DSA */
@@ -2627,7 +3076,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
             ret = wc_ecc_sig_size(eckey);
             if (ret == 0)
                 return WOLFSSL_FAILURE;
-            *siglen = ret;
+            *siglen = (size_t)ret;
             return WOLFSSL_SUCCESS;
         }
         ecdsaSig = wolfSSL_ECDSA_do_sign(tbs, (int)tbslen, ctx->pkey->ecc);
@@ -2642,7 +3091,7 @@ int wolfSSL_EVP_PKEY_sign(WOLFSSL_EVP_PKEY_CTX *ctx, unsigned char *sig,
         wolfSSL_ECDSA_SIG_free(ecdsaSig);
         if (ret == 0)
             return WOLFSSL_FAILURE;
-        *siglen = ret;
+        *siglen = (size_t)ret;
         return WOLFSSL_SUCCESS;
     }
 #endif /* HAVE_ECC */
@@ -3215,7 +3664,7 @@ int wolfSSL_EVP_PKEY_cmp(const WOLFSSL_EVP_PKEY *a, const WOLFSSL_EVP_PKEY *b)
 
     /* check public key */
     if (a->pkey.ptr && b->pkey.ptr) {
-        if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, a->pkey_sz) != 0) {
+        if (XMEMCMP(a->pkey.ptr, b->pkey.ptr, (size_t)a->pkey_sz) != 0) {
             return WS_RETURN_CODE(ret, WOLFSSL_FAILURE);
         }
     }
@@ -3469,7 +3918,7 @@ int wolfSSL_EVP_SignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sigret,
         bytes = wolfSSL_BN_num_bytes(pkey->dsa->q);
         if (bytes == WOLFSSL_FAILURE || (int)*siglen < bytes * 2)
             return WOLFSSL_FAILURE;
-        *siglen = bytes * 2;
+        *siglen = (unsigned int)(bytes * 2);
         return WOLFSSL_SUCCESS;
     }
 #endif
@@ -3581,14 +4030,15 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_mac_key(int type, WOLFSSL_ENGINE* e,
 
     pkey = wolfSSL_EVP_PKEY_new();
     if (pkey != NULL) {
-        pkey->pkey.ptr = (char*)XMALLOC(keylen, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+        pkey->pkey.ptr = (char*)XMALLOC((size_t)keylen, NULL,
+            DYNAMIC_TYPE_PUBLIC_KEY);
         if (pkey->pkey.ptr == NULL && keylen > 0) {
             wolfSSL_EVP_PKEY_free(pkey);
             pkey = NULL;
         }
         else {
             if (keylen) {
-                XMEMCPY(pkey->pkey.ptr, key, keylen);
+                XMEMCPY(pkey->pkey.ptr, key, (size_t)keylen);
             }
             pkey->pkey_sz = keylen;
             pkey->type = pkey->save_type = type;
@@ -3629,7 +4079,8 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
 
     pkey = wolfSSL_EVP_PKEY_new();
     if (pkey != NULL) {
-        pkey->pkey.ptr = (char*)XMALLOC(len, NULL, DYNAMIC_TYPE_PUBLIC_KEY);
+        pkey->pkey.ptr = (char*)XMALLOC((size_t)len, NULL,
+            DYNAMIC_TYPE_PUBLIC_KEY);
         if (pkey->pkey.ptr == NULL && len > 0) {
             wolfSSL_EVP_PKEY_free(pkey);
             pkey = NULL;
@@ -3637,7 +4088,7 @@ WOLFSSL_EVP_PKEY* wolfSSL_EVP_PKEY_new_CMAC_key(WOLFSSL_ENGINE* e,
         }
         else {
             if (len) {
-                XMEMCPY(pkey->pkey.ptr, priv, len);
+                XMEMCPY(pkey->pkey.ptr, priv, (size_t)len);
             }
             pkey->pkey_sz = (int)len;
             pkey->type = pkey->save_type = EVP_PKEY_CMAC;
@@ -3664,6 +4115,86 @@ const unsigned char* wolfSSL_EVP_PKEY_get0_hmac(const WOLFSSL_EVP_PKEY* pkey,
     return (const unsigned char*)pkey->pkey.ptr;
 }
 
+static int wolfssl_evp_md_to_hash_type(const WOLFSSL_EVP_MD *type,
+    int* hashType)
+{
+    int ret = 0;
+
+#ifndef NO_SHA256
+    if (XSTRCMP(type, "SHA256") == 0) {
+        *hashType = WC_SHA256;
+    }
+    else
+#endif
+#ifndef NO_SHA
+    if ((XSTRCMP(type, "SHA") == 0) || (XSTRCMP(type, "SHA1") == 0)) {
+        *hashType = WC_SHA;
+    }
+    else
+#endif /* NO_SHA */
+#ifdef WOLFSSL_SHA224
+    if (XSTRCMP(type, "SHA224") == 0) {
+        *hashType = WC_SHA224;
+    }
+    else
+#endif
+#ifdef WOLFSSL_SHA384
+    if (XSTRCMP(type, "SHA384") == 0) {
+        *hashType = WC_SHA384;
+    }
+    else
+#endif
+#ifdef WOLFSSL_SHA512
+    if (XSTRCMP(type, "SHA512") == 0) {
+        *hashType = WC_SHA512;
+    }
+    else
+#endif
+#ifdef WOLFSSL_SHA3
+    #ifndef WOLFSSL_NOSHA3_224
+        if (XSTRCMP(type, "SHA3_224") == 0) {
+            *hashType = WC_SHA3_224;
+        }
+        else
+    #endif
+    #ifndef WOLFSSL_NOSHA3_256
+        if (XSTRCMP(type, "SHA3_256") == 0) {
+            *hashType = WC_SHA3_256;
+        }
+        else
+    #endif
+    #ifndef WOLFSSL_NOSHA3_384
+        if (XSTRCMP(type, "SHA3_384") == 0) {
+            *hashType = WC_SHA3_384;
+        }
+        else
+    #endif
+    #ifndef WOLFSSL_NOSHA3_512
+        if (XSTRCMP(type, "SHA3_512") == 0) {
+            *hashType = WC_SHA3_512;
+        }
+        else
+    #endif
+#endif
+#ifdef WOLFSSL_SM3
+    if (XSTRCMP(type, "SM3") == 0) {
+        *hashType = WC_SM3;
+    }
+    else
+#endif
+#ifndef NO_MD5
+    if (XSTRCMP(type, "MD5") == 0) {
+        *hashType = WC_MD5;
+    }
+    else
+#endif
+    {
+        ret = BAD_FUNC_ARG;
+    }
+
+    return ret;
+}
+
 /* Initialize an EVP_DigestSign/Verify operation.
  * Initialize a digest for RSA and ECC keys, or HMAC for HMAC key.
  */
@@ -3681,80 +4212,28 @@ static int wolfSSL_evp_digest_pk_init(WOLFSSL_EVP_MD_CTX *ctx,
             return WOLFSSL_FAILURE;
         }
         type = wolfSSL_EVP_get_digestbynid(default_digest);
-        if (!type) {
+        if (type == NULL) {
             return BAD_FUNC_ARG;
         }
     }
 
     if (pkey->type == EVP_PKEY_HMAC) {
-        int                  hashType;
-
-    #ifndef NO_SHA256
-        if (XSTRCMP(type, "SHA256") == 0) {
-            hashType = WC_SHA256;
-        } else
-    #endif
-    #ifndef NO_SHA
-        if ((XSTRCMP(type, "SHA") == 0) || (XSTRCMP(type, "SHA1") == 0)) {
-            hashType = WC_SHA;
-        } else
-    #endif /* NO_SHA */
-    #ifdef WOLFSSL_SHA224
-        if (XSTRCMP(type, "SHA224") == 0) {
-            hashType = WC_SHA224;
-        } else
-    #endif
-    #ifdef WOLFSSL_SHA384
-        if (XSTRCMP(type, "SHA384") == 0) {
-            hashType = WC_SHA384;
-        } else
-    #endif
-    #ifdef WOLFSSL_SHA512
-        if (XSTRCMP(type, "SHA512") == 0) {
-            hashType = WC_SHA512;
-        } else
-    #endif
-#ifdef WOLFSSL_SHA3
-    #ifndef WOLFSSL_NOSHA3_224
-        if (XSTRCMP(type, "SHA3_224") == 0) {
-            hashType = WC_SHA3_224;
-        } else
-    #endif
-    #ifndef WOLFSSL_NOSHA3_256
-        if (XSTRCMP(type, "SHA3_256") == 0) {
-            hashType = WC_SHA3_256;
-        } else
-    #endif
-    #ifndef WOLFSSL_NOSHA3_384
-        if (XSTRCMP(type, "SHA3_384") == 0) {
-            hashType = WC_SHA3_384;
-        } else
-    #endif
-    #ifndef WOLFSSL_NOSHA3_512
-        if (XSTRCMP(type, "SHA3_512") == 0) {
-            hashType = WC_SHA3_512;
-        } else
-    #endif
-#endif
-    #ifndef NO_MD5
-        if (XSTRCMP(type, "MD5") == 0) {
-            hashType = WC_MD5;
-        } else
-    #endif
-             return BAD_FUNC_ARG;
-
-        {
-            size_t keySz = 0;
-            const unsigned char* key;
+        int hashType;
+        int ret;
+        size_t keySz = 0;
+        const unsigned char* key;
 
-            key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
+        ret = wolfssl_evp_md_to_hash_type(type, &hashType);
+        if (ret != 0) {
+             return ret;
+        }
 
-            if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
-                return WOLFSSL_FAILURE;
+        key = wolfSSL_EVP_PKEY_get0_hmac(pkey, &keySz);
+        if (wc_HmacInit(&ctx->hash.hmac, NULL, INVALID_DEVID) != 0)
+            return WOLFSSL_FAILURE;
 
-            if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
-                return WOLFSSL_FAILURE;
-        }
+        if (wc_HmacSetKey(&ctx->hash.hmac, hashType, key, (word32)keySz) != 0)
+            return WOLFSSL_FAILURE;
 
         ctx->isHMAC = 1;
     }
@@ -3819,9 +4298,9 @@ static int wolfssl_evp_digest_pk_final(WOLFSSL_EVP_MD_CTX *ctx,
 }
 
 /* Get the length of the mac based on the digest algorithm. */
-static int wolfssl_mac_len(unsigned char macType)
+static unsigned int wolfssl_mac_len(unsigned char macType)
 {
-    int hashLen;
+    unsigned int hashLen;
 
     switch (macType) {
     #ifndef NO_MD5
@@ -3888,6 +4367,12 @@ static int wolfssl_mac_len(unsigned char macType)
         #endif
     #endif
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            hashLen = WC_SM3_DIGEST_SIZE;
+            break;
+    #endif /* WOLFSSL_SM3 */
+
         default:
             hashLen = 0;
     }
@@ -3945,7 +4430,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
 #ifndef NO_RSA
     else if (ctx->pctx->pkey->type == EVP_PKEY_RSA) {
         if (sig == NULL) {
-            *siglen = wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
+            *siglen = (size_t)wolfSSL_RSA_size(ctx->pctx->pkey->rsa);
             return WOLFSSL_SUCCESS;
         }
     }
@@ -3954,8 +4439,8 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
     else if (ctx->pctx->pkey->type == EVP_PKEY_EC) {
         if (sig == NULL) {
             /* SEQ + INT + INT */
-            *siglen = ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].size * 2
-                    + 8;
+            *siglen = (size_t)ecc_sets[ctx->pctx->pkey->ecc->group->curve_idx].
+                size * 2 + 8;
             return WOLFSSL_SUCCESS;
         }
     }
@@ -3970,7 +4455,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
             *siglen = hashLen;
         /* May be a truncated signature. */
 
-        XMEMCPY(sig, digest, *siglen);
+        XMEMCPY(sig, digest, (size_t)*siglen);
         ret = WOLFSSL_SUCCESS;
     }
     else {
@@ -3998,7 +4483,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
         case EVP_PKEY_EC: {
             int len;
             WOLFSSL_ECDSA_SIG *ecdsaSig;
-            ecdsaSig = wolfSSL_ECDSA_do_sign(digest, hashLen,
+            ecdsaSig = wolfSSL_ECDSA_do_sign(digest, (int)hashLen,
                                              ctx->pctx->pkey->ecc);
             if (ecdsaSig == NULL)
                 break;
@@ -4006,7 +4491,7 @@ int wolfSSL_EVP_DigestSignFinal(WOLFSSL_EVP_MD_CTX *ctx, unsigned char *sig,
             wolfSSL_ECDSA_SIG_free(ecdsaSig);
             if (len == 0)
                 break;
-            *siglen = len;
+            *siglen = (size_t)len;
             ret = WOLFSSL_SUCCESS;
             break;
         }
@@ -4072,7 +4557,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
 
     if (ctx->isHMAC) {
         /* Check HMAC result matches the signature. */
-        if (XMEMCMP(sig, digest, siglen) == 0)
+        if (XMEMCMP(sig, digest, (size_t)siglen) == 0)
             return WOLFSSL_SUCCESS;
         return WOLFSSL_FAILURE;
     }
@@ -4101,7 +4586,7 @@ int wolfSSL_EVP_DigestVerifyFinal(WOLFSSL_EVP_MD_CTX *ctx,
             ecdsaSig = wolfSSL_d2i_ECDSA_SIG(NULL, &sig, (long)siglen);
             if (ecdsaSig == NULL)
                 return WOLFSSL_FAILURE;
-            ret = wolfSSL_ECDSA_do_verify(digest, hashLen, ecdsaSig,
+            ret = wolfSSL_ECDSA_do_verify(digest, (int)hashLen, ecdsaSig,
                                           ctx->pctx->pkey->ecc);
             wolfSSL_ECDSA_SIG_free(ecdsaSig);
             return ret;
@@ -4190,7 +4675,7 @@ int wolfSSL_EVP_read_pw_string(char* buf, int bufSz, const char* banner, int v)
 }
 #endif /* WOLFSSL_APACHE_HTTPD */
 
-#if !defined(NO_PWDBASED) && !defined(NO_SHA)
+#if !defined(NO_PWDBASED) && !defined(NO_SHA) && !defined(NO_HMAC)
 int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
                                                const unsigned char *salt,
                                                int saltlen, int iter,
@@ -4216,7 +4701,7 @@ int wolfSSL_PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,
 }
 #endif /* !NO_PWDBASED !NO_SHA*/
 
-#if !defined(NO_PWDBASED)
+#if !defined(NO_PWDBASED) && !defined(NO_HMAC)
 int wolfSSL_PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
                                            const unsigned char *salt,
                                            int saltlen, int iter,
@@ -4359,7 +4844,7 @@ static const struct cipher{
     #endif
     #endif
 
-    #ifdef HAVE_AES_OFB
+    #ifdef WOLFSSL_AES_OFB
     #ifdef WOLFSSL_AES_128
     {AES_128_OFB_TYPE, EVP_AES_128_OFB, NID_aes_128_ofb},
     #endif
@@ -4371,7 +4856,8 @@ static const struct cipher{
     #endif
     #endif
 
-    #ifdef HAVE_AES_XTS
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
     {AES_128_XTS_TYPE, EVP_AES_128_XTS, NID_aes_128_xts},
     #endif
@@ -4429,6 +4915,12 @@ static const struct cipher{
     #endif
 #endif
 
+#ifdef HAVE_ARIA
+    {ARIA_128_GCM_TYPE, EVP_ARIA_128_GCM, NID_aria_128_gcm},
+    {ARIA_192_GCM_TYPE, EVP_ARIA_192_GCM, NID_aria_192_gcm},
+    {ARIA_256_GCM_TYPE, EVP_ARIA_256_GCM, NID_aria_256_gcm},
+#endif
+
 #ifndef NO_DES3
     {DES_CBC_TYPE, EVP_DES_CBC, NID_des_cbc},
     {DES_ECB_TYPE, EVP_DES_ECB, NID_des_ecb},
@@ -4449,6 +4941,22 @@ static const struct cipher{
     {CHACHA20_TYPE, EVP_CHACHA20, NID_chacha20},
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+    {SM4_ECB_TYPE, EVP_SM4_ECB, NID_sm4_ecb},
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    {SM4_CBC_TYPE, EVP_SM4_CBC, NID_sm4_cbc},
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    {SM4_CTR_TYPE, EVP_SM4_CTR, NID_sm4_ctr},
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    {SM4_GCM_TYPE, EVP_SM4_GCM, NID_sm4_gcm},
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    {SM4_CCM_TYPE, EVP_SM4_CCM, NID_sm4_ccm},
+#endif
+
     { 0, NULL, 0}
 };
 
@@ -4557,6 +5065,30 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbyname(const char *name)
         #endif
     #endif
 #endif
+#ifdef HAVE_ARIA
+        {EVP_ARIA_128_GCM, "aria-128-gcm"},
+        {EVP_ARIA_128_GCM, "id-aria128-GCM"},
+        {EVP_ARIA_192_GCM, "aria-192-gcm"},
+        {EVP_ARIA_192_GCM, "id-aria192-GCM"},
+        {EVP_ARIA_256_GCM, "aria-256-gcm"},
+        {EVP_ARIA_256_GCM, "id-aria256-GCM"},
+#endif
+#ifdef WOLFSSL_SM4_EBC
+        {EVP_SM4_ECB, "sm4-ecb"},
+#endif
+#ifdef WOLFSSL_SM4_CBC
+        {EVP_SM4_CBC, "sm4"},
+        {EVP_SM4_CBC, "sm4-cbc"},
+#endif
+#ifdef WOLFSSL_SM4_CTR
+        {EVP_SM4_CTR, "sm4-ctr"},
+#endif
+#ifdef WOLFSSL_SM4_GCM
+        {EVP_SM4_GCM, "sm4-gcm"},
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        {EVP_SM4_CCM, "sm4-ccm"},
+#endif
 #ifndef NO_RC4
         {EVP_ARC4, "RC4"},
 #endif
@@ -4678,6 +5210,15 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
     #endif
 #endif
 
+#ifdef HAVE_ARIA
+    case NID_aria_128_gcm:
+        return wolfSSL_EVP_aria_128_gcm();
+    case NID_aria_192_gcm:
+        return wolfSSL_EVP_aria_192_gcm();
+    case NID_aria_256_gcm:
+        return wolfSSL_EVP_aria_256_gcm();
+#endif
+
 #ifndef NO_DES3
         case NID_des_cbc:
             return wolfSSL_EVP_des_cbc();
@@ -4703,6 +5244,27 @@ const WOLFSSL_EVP_CIPHER *wolfSSL_EVP_get_cipherbynid(int id)
             return wolfSSL_EVP_chacha20();
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+        case NID_sm4_ecb:
+            return wolfSSL_EVP_sm4_ecb();
+#endif
+#ifdef WOLFSSL_SM4_CBC
+        case NID_sm4_cbc:
+            return wolfSSL_EVP_sm4_cbc();
+#endif
+#ifdef WOLFSSL_SM4_CTR
+        case NID_sm4_ctr:
+            return wolfSSL_EVP_sm4_ctr();
+#endif
+#ifdef WOLFSSL_SM4_GCM
+        case NID_sm4_gcm:
+            return wolfSSL_EVP_sm4_gcm();
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        case NID_sm4_ccm:
+            return wolfSSL_EVP_sm4_ccm();
+#endif
+
         default:
             WOLFSSL_MSG("Bad cipher id value");
     }
@@ -4834,6 +5396,12 @@ void wolfSSL_EVP_init(void)
                     ret = NOT_COMPILED_IN;
             #endif
                     break;
+            #ifdef WOLFSSL_SM3
+                case WC_HASH_TYPE_SM3:
+                    ret = wc_Sm3Copy(&src->hash.digest.sm3,
+                        &des->hash.digest.sm3);
+                    break;
+            #endif
                 case WC_HASH_TYPE_NONE:
                 case WC_HASH_TYPE_MD2:
                 case WC_HASH_TYPE_MD4:
@@ -5002,7 +5570,8 @@ void wolfSSL_EVP_init(void)
     #endif /* WOLFSSL_AES_256 */
     #endif /* WOLFSSL_AES_OFB */
 
-    #ifdef WOLFSSL_AES_XTS
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
     const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_xts(void)
     {
@@ -5018,7 +5587,8 @@ void wolfSSL_EVP_init(void)
         return EVP_AES_256_XTS;
     }
     #endif /* WOLFSSL_AES_256 */
-    #endif /* WOLFSSL_AES_XTS */
+    #endif /* WOLFSSL_AES_XTS &&
+              (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
 
     #ifdef HAVE_AESGCM
     #ifdef WOLFSSL_AES_128
@@ -5081,7 +5651,6 @@ void wolfSSL_EVP_init(void)
     }
     #endif /* WOLFSSL_AES_2128 */
 
-
     #ifdef WOLFSSL_AES_192
     const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void)
     {
@@ -5129,6 +5698,24 @@ void wolfSSL_EVP_init(void)
     #endif /* HAVE_AES_ECB */
     #endif /* NO_AES */
 
+#ifdef HAVE_ARIA
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_128_gcm(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_aria_128_gcm");
+        return EVP_ARIA_128_GCM;
+    }
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_192_gcm(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_aria_192_gcm");
+        return EVP_ARIA_192_GCM;
+    }
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_256_gcm(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_aria_256_gcm");
+        return EVP_ARIA_256_GCM;
+    }
+#endif /* HAVE_ARIA */
+
 #ifndef NO_DES3
     const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void)
     {
@@ -5180,6 +5767,42 @@ void wolfSSL_EVP_init(void)
     }
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ecb(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_sm4_ecb");
+        return EVP_SM4_ECB;
+    }
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_cbc(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_sm4_cbc");
+        return EVP_SM4_CBC;
+    }
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ctr(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_sm4_ctr");
+        return EVP_SM4_CTR;
+    }
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_gcm(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_sm4_gcm");
+        return EVP_SM4_GCM;
+    }
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ccm(void)
+    {
+        WOLFSSL_ENTER("wolfSSL_EVP_sm4_ccm");
+        return EVP_SM4_CCM;
+    }
+#endif
+
     const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_enc_null(void)
     {
         WOLFSSL_ENTER("wolfSSL_EVP_enc_null");
@@ -5224,7 +5847,8 @@ void wolfSSL_EVP_init(void)
             case EVP_CTRL_SET_KEY_LENGTH:
                 ret = wolfSSL_EVP_CIPHER_CTX_set_key_length(ctx, arg);
                 break;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+        defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
         (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
             case EVP_CTRL_AEAD_SET_IVLEN:
                 if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
@@ -5237,6 +5861,22 @@ void wolfSSL_EVP_init(void)
                 }
                 else
             #endif /* HAVE_CHACHA && HAVE_POLY1305 */
+            #if defined(WOLFSSL_SM4_GCM)
+                if (ctx->cipherType == SM4_GCM_TYPE) {
+                    if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+                        break;
+                    }
+                }
+                else
+            #endif
+            #if defined(WOLFSSL_SM4_CCM)
+                if (ctx->cipherType == SM4_CCM_TYPE) {
+                    if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+                        break;
+                    }
+                }
+                else
+            #endif
                 {
                     if (arg <= 0 || arg > AES_BLOCK_SIZE)
                         break;
@@ -5244,7 +5884,8 @@ void wolfSSL_EVP_init(void)
                 ret = wolfSSL_EVP_CIPHER_CTX_set_iv_length(ctx, arg);
                 break;
 
-#if defined(HAVE_AESGCM) || (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+#if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM) || \
+    (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
             case EVP_CTRL_AEAD_SET_IV_FIXED:
                 if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
                     break;
@@ -5263,13 +5904,13 @@ void wolfSSL_EVP_init(void)
                         break;
                     }
                     /* arg is 4...(ctx->ivSz - 8) */
-                    XMEMCPY(ctx->iv, ptr, arg);
+                    XMEMCPY(ctx->iv, ptr, (size_t)arg);
                     if (wc_InitRng(&rng) != 0) {
                         WOLFSSL_MSG("wc_InitRng failed");
                         break;
                     }
-                    if (wc_RNG_GenerateBlock(&rng, ctx->iv   + arg,
-                                                   ctx->ivSz - arg) == 0) {
+                    if (wc_RNG_GenerateBlock(&rng, ctx->iv + arg,
+                            (word32)(ctx->ivSz - arg)) == 0) {
                         ret = WOLFSSL_SUCCESS;
                     } else {
                         /* rng is freed immediately after if block so no need
@@ -5283,7 +5924,7 @@ void wolfSSL_EVP_init(void)
                         break;
                     }
                 }
-            #ifdef HAVE_AESGCM
+            #if defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)
                 if (ret == WOLFSSL_SUCCESS) {
                     /*
                      * OpenSSL requires that a EVP_CTRL_AEAD_SET_IV_FIXED
@@ -5295,9 +5936,9 @@ void wolfSSL_EVP_init(void)
             #endif
 #endif /* !WC_NO_RNG */
                 break;
-#endif /* HAVE_AESGCM || (HAVE_CHACHA && HAVE_POLY1305) */
-#if defined(HAVE_AESGCM) && !defined(_WIN32) && !defined(HAVE_SELFTEST) && \
-    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(2,0))
+#endif /* HAVE_AESGCM || WOLFSSL_SM4_GCM || (HAVE_CHACHA && HAVE_POLY1305) */
+#if (defined(HAVE_AESGCM) || defined(WOLFSSL_SM4_GCM)) && !defined(_WIN32) && \
+    !defined(HAVE_SELFTEST) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(2,0))
             /*
              * Using EVP_CTRL_GCM_IV_GEN is a way to do AES-GCM encrypt/decrypt
              * multiple times with EVP_Cipher without having to call
@@ -5321,14 +5962,14 @@ void wolfSSL_EVP_init(void)
                     break;
                 }
                 if (arg <= 0 || arg > ctx->ivSz) {
-                    XMEMCPY(ptr, ctx->iv, ctx->ivSz);
+                    XMEMCPY(ptr, ctx->iv, (size_t)ctx->ivSz);
                 }
                 else {
                     /*
                      * Copy the last "arg" bytes of ctx->iv into the buffer at
                      * "ptr." Not sure why OpenSSL does this, but it does.
                      */
-                    XMEMCPY(ptr, ctx->iv + ctx->ivSz - arg, arg);
+                    XMEMCPY(ptr, ctx->iv + ctx->ivSz - arg, (size_t)arg);
                 }
 
                 /*
@@ -5338,8 +5979,8 @@ void wolfSSL_EVP_init(void)
                 ctx->authIncIv = 1;
                 ret = WOLFSSL_SUCCESS;
                 break;
-#endif /* HAVE_AESGCM && !_WIN32 && !HAVE_SELFTEST && (!HAVE_FIPS ||
-        * FIPS_VERSION >= 2)*/
+#endif /* (HAVE_AESGCM || WOLFSSL_SM4_GCM) && !_WIN32 && !HAVE_SELFTEST &&
+        * !HAVE_FIPS || FIPS_VERSION >= 2)*/
             case EVP_CTRL_AEAD_SET_TAG:
                 if ((ctx->flags & WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER) == 0)
                     break;
@@ -5351,17 +5992,43 @@ void wolfSSL_EVP_init(void)
                     ctx->authTagSz = arg;
                     ret = WOLFSSL_SUCCESS;
                     if (ptr != NULL) {
-                        XMEMCPY(ctx->authTag, ptr, arg);
+                        XMEMCPY(ctx->authTag, ptr, (size_t)arg);
                     }
                     break;
                 }
                 else
 #endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#if defined(WOLFSSL_SM4_GCM)
+                if (ctx->cipherType == SM4_GCM_TYPE) {
+                    if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) {
+                        break;
+                    }
+
+                    XMEMCPY(ctx->authTag, ptr, (size_t)arg);
+                    ctx->authTagSz = arg;
+                    ret = WOLFSSL_SUCCESS;
+                    break;
+                }
+                else
+#endif
+#if defined(WOLFSSL_SM4_CCM)
+                if (ctx->cipherType == SM4_CCM_TYPE) {
+                    if ((arg <= 0) || (arg > SM4_BLOCK_SIZE) || (ptr == NULL)) {
+                        break;
+                    }
+
+                    XMEMCPY(ctx->authTag, ptr, (size_t)arg);
+                    ctx->authTagSz = arg;
+                    ret = WOLFSSL_SUCCESS;
+                    break;
+                }
+                else
+#endif
                 {
                     if(arg <= 0 || arg > 16 || (ptr == NULL))
                         break;
 
-                    XMEMCPY(ctx->authTag, ptr, arg);
+                    XMEMCPY(ctx->authTag, ptr, (size_t)arg);
                     ctx->authTagSz = arg;
                     ret = WOLFSSL_SUCCESS;
                     break;
@@ -5378,17 +6045,34 @@ void wolfSSL_EVP_init(void)
                 }
                 else
 #endif /* HAVE_CHACHA && HAVE_POLY1305 */
+#if defined(WOLFSSL_SM4_GCM)
+                if (ctx->cipherType == SM4_GCM_TYPE) {
+                    if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+                        break;
+                    }
+                }
+                else
+#endif
+#if defined(WOLFSSL_SM4_CCM)
+                if (ctx->cipherType == SM4_CCM_TYPE) {
+                    if (arg <= 0 || arg > SM4_BLOCK_SIZE) {
+                        break;
+                    }
+                }
+                else
+#endif
                 {
                     if (arg <= 0 || arg > AES_BLOCK_SIZE)
                         break;
                 }
 
                 if (ptr != NULL) {
-                    XMEMCPY(ptr, ctx->authTag, arg);
+                    XMEMCPY(ptr, ctx->authTag, (size_t)arg);
                     ret = WOLFSSL_SUCCESS;
                 }
                 break;
-#endif /* HAVE_AESGCM || HAVE_AESCCM || (HAVE_CHACHA && HAVE_POLY1305) */
+#endif /* HAVE_AESGCM || HAVE_AESCCM || WOLFSSL_SM4_GCM || WOLFSSL_SM4_CCM ||
+        * HAVE_ARIA || (HAVE_CHACHA && HAVE_POLY1305) */
             default:
                 WOLFSSL_MSG("EVP_CIPHER_CTX_ctrl operation not yet handled");
                 break;
@@ -5397,33 +6081,34 @@ void wolfSSL_EVP_init(void)
     }
 
     /* WOLFSSL_SUCCESS on ok */
-    int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    static int wolfSSL_EVP_CIPHER_CTX_cleanup_cipher(
+        WOLFSSL_EVP_CIPHER_CTX* ctx)
     {
-        WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_cleanup");
+        int ret = WOLFSSL_SUCCESS;
         if (ctx) {
 #if (!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) || \
     (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))
+            switch (ctx->cipherType) {
 #if (defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)) || \
     defined(HAVE_AESCCM) || \
-    defined(HAVE_AESCBC) || \
+    defined(HAVE_AES_CBC) || \
     defined(WOLFSSL_AES_COUNTER) || \
     defined(HAVE_AES_ECB) || \
-    defined(HAVE_AES_CFB) || \
-    defined(HAVE_AES_OFB) || \
+    defined(WOLFSSL_AES_CFB) || \
+    defined(WOLFSSL_AES_OFB) || \
     defined(WOLFSSL_AES_XTS)
 
-            switch (ctx->cipherType) {
-    #if defined(HAVE_AESGCM) && defined(WOLFSSL_AESGCM_STREAM)
+    #if defined(HAVE_AESGCM)
                 case AES_128_GCM_TYPE:
                 case AES_192_GCM_TYPE:
                 case AES_256_GCM_TYPE:
-    #endif /* HAVE_AESGCM && WOLFSSL_AESGCM_STREAM */
+    #endif /* HAVE_AESGCM */
     #if defined(HAVE_AESCCM)
                 case AES_128_CCM_TYPE:
                 case AES_192_CCM_TYPE:
                 case AES_256_CCM_TYPE:
     #endif /* HAVE_AESCCM */
-    #ifdef HAVE_AESCBC
+    #ifdef HAVE_AES_CBC
                 case AES_128_CBC_TYPE:
                 case AES_192_CBC_TYPE:
                 case AES_256_CBC_TYPE:
@@ -5438,7 +6123,7 @@ void wolfSSL_EVP_init(void)
                 case AES_192_ECB_TYPE:
                 case AES_256_ECB_TYPE:
     #endif
-    #ifdef HAVE_AES_CFB
+    #ifdef WOLFSSL_AES_CFB
                 case AES_128_CFB1_TYPE:
                 case AES_192_CFB1_TYPE:
                 case AES_256_CFB1_TYPE:
@@ -5449,31 +6134,81 @@ void wolfSSL_EVP_init(void)
                 case AES_192_CFB128_TYPE:
                 case AES_256_CFB128_TYPE:
     #endif
-    #ifdef HAVE_AES_OFB
+    #ifdef WOLFSSL_AES_OFB
                 case AES_128_OFB_TYPE:
                 case AES_192_OFB_TYPE:
                 case AES_256_OFB_TYPE:
     #endif
-    #ifdef WOLFSSL_AES_XTS
+                    wc_AesFree(&ctx->cipher.aes);
+                    ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+                    break;
+    #if defined(WOLFSSL_AES_XTS) && \
+        (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
                 case AES_128_XTS_TYPE:
                 case AES_256_XTS_TYPE:
+                    wc_AesXtsFree(&ctx->cipher.xts);
+                    ctx->flags &= ~WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+                    break;
+    #endif
+#endif /* AES */
+    #ifdef HAVE_ARIA
+                case ARIA_128_GCM_TYPE:
+                case ARIA_192_GCM_TYPE:
+                case ARIA_256_GCM_TYPE:
+                    {
+                        int result = wc_AriaFreeCrypt(&ctx->cipher.aria);
+                        if (result != 0) {
+                            WOLFSSL_MSG("wc_AriaFreeCrypt failure");
+                            ret = result;
+                        }
+                    }
+                    break;
     #endif
-                    wc_AesFree(&ctx->cipher.aes);
             }
 
-#endif /* AES */
 #endif /* not FIPS or FIPS v2+ */
 
+#ifdef WOLFSSL_SM4
+            switch (ctx->cipherType) {
+    #ifdef WOLFSSL_SM4_ECB
+                case SM4_ECB_TYPE:
+    #endif
+    #ifdef WOLFSSL_SM4_CBC
+                case SM4_CBC_TYPE:
+    #endif
+    #ifdef WOLFSSL_SM4_CTR
+                case SM4_CTR_TYPE:
+    #endif
+    #ifdef WOLFSSL_SM4_GCM
+                case SM4_GCM_TYPE:
+    #endif
+    #ifdef WOLFSSL_SM4_CCM
+                case SM4_CCM_TYPE:
+    #endif
+                    wc_Sm4Free(&ctx->cipher.sm4);
+            }
+#endif
+        }
+        return ret;
+    }
+
+    int wolfSSL_EVP_CIPHER_CTX_cleanup(WOLFSSL_EVP_CIPHER_CTX* ctx)
+    {
+        int ret = WOLFSSL_SUCCESS;
+        WOLFSSL_ENTER("wolfSSL_EVP_CIPHER_CTX_cleanup");
+        if (ctx) {
+            wolfSSL_EVP_CIPHER_CTX_cleanup_cipher(ctx);
             ctx->cipherType = WOLFSSL_EVP_CIPH_TYPE_INIT;  /* not yet initialized  */
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
             if (ctx->key) {
-                ForceZero(ctx->key, ctx->keyLen);
+                ForceZero(ctx->key, (word32)ctx->keyLen);
                 XFREE(ctx->key, NULL, DYNAMIC_TYPE_OPENSSL);
                 ctx->key = NULL;
             }
 #endif
             ctx->keyLen     = 0;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
             if (ctx->authBuffer) {
                 XFREE(ctx->authBuffer, NULL, DYNAMIC_TYPE_OPENSSL);
                 ctx->authBuffer = NULL;
@@ -5489,7 +6224,7 @@ void wolfSSL_EVP_init(void)
 #endif
         }
 
-        return WOLFSSL_SUCCESS;
+        return ret;
     }
 
     /* Permanent stub for Qt compilation. */
@@ -5532,7 +6267,7 @@ void wolfSSL_EVP_init(void)
             goto end;
 
         if (data == NULL) {
-            ret = info->keySz;
+            ret = (int)info->keySz;
             goto end;
         }
 
@@ -5540,10 +6275,10 @@ void wolfSSL_EVP_init(void)
         if (ret == WOLFSSL_FAILURE)
             goto end;
 
-        ret = wc_PBKDF1_ex(key, info->keySz, iv, info->ivSz, data, sz, salt,
-                           EVP_SALT_SIZE, count, hashType, NULL);
+        ret = wc_PBKDF1_ex(key, (int)info->keySz, iv, (int)info->ivSz, data, sz,
+                           salt, EVP_SALT_SIZE, count, hashType, NULL);
         if (ret == 0)
-            ret = info->keySz;
+            ret = (int)info->keySz;
 
     end:
     #ifdef WOLFSSL_SMALL_STACK
@@ -5615,7 +6350,7 @@ void wolfSSL_EVP_init(void)
         if (ctx->ivSz == 0) {
             ctx->ivSz = GCM_NONCE_MID_SZ;
         }
-        ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+        ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
         ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
                       WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
         if (enc == 0 || enc == 1) {
@@ -5647,6 +6382,13 @@ void wolfSSL_EVP_init(void)
         }
     #endif
 
+        if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+            if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                ret = WOLFSSL_FAILURE;
+            else
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+        }
+
     #ifndef WOLFSSL_AESGCM_STREAM
         if (ret == WOLFSSL_SUCCESS && key &&
             wc_AesGcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
@@ -5655,7 +6397,7 @@ void wolfSSL_EVP_init(void)
         }
     #endif /* !WOLFSSL_AESGCM_STREAM */
         if (ret == WOLFSSL_SUCCESS && iv &&
-            wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, ctx->ivSz)) {
+            wc_AesGcmSetExtIV(&ctx->cipher.aes, iv, (word32)ctx->ivSz)) {
             WOLFSSL_MSG("wc_AesGcmSetExtIV() failed");
             ret = WOLFSSL_FAILURE;
         }
@@ -5667,8 +6409,8 @@ void wolfSSL_EVP_init(void)
         if (ret == WOLFSSL_SUCCESS &&
             (key || (iv && ctx->cipher.aes.gcmKeySet)) &&
             wc_AesGcmInit(&ctx->cipher.aes, key,
-                          (key == NULL) ? 0 : ctx->keyLen, iv,
-                          (iv == NULL) ? 0 : ctx->ivSz) != 0) {
+                          (key == NULL) ? 0 : (word32)ctx->keyLen, iv,
+                          (iv == NULL) ? 0 : (word32)ctx->ivSz) != 0) {
             WOLFSSL_MSG("wc_AesGcmInit() failed");
             ret = WOLFSSL_FAILURE;
         }
@@ -5751,7 +6493,7 @@ void wolfSSL_EVP_init(void)
             if (ctx->enc) {
                 /* Calculate authentication tag. */
                 ret = wc_AesGcmEncryptFinal(&ctx->cipher.aes,
-                    ctx->authTag, ctx->authTagSz);
+                    ctx->authTag, (word32)ctx->authTagSz);
                 /*
                  * wc_AesGcmEncryptFinal increments the IV in
                  * ctx->cipher.aes.reg, so we don't call IncCtr here.
@@ -5760,7 +6502,7 @@ void wolfSSL_EVP_init(void)
             else {
                 /* Calculate authentication tag and compare. */
                 ret = wc_AesGcmDecryptFinal(&ctx->cipher.aes,
-                    ctx->authTag, ctx->authTagSz);
+                    ctx->authTag, (word32)ctx->authTagSz);
                 if (ctx->authIncIv) {
                     IncCtr((byte*)ctx->cipher.aes.reg,
                            ctx->cipher.aes.nonceSz);
@@ -5769,9 +6511,9 @@ void wolfSSL_EVP_init(void)
             /* Reinitialize for subsequent wolfSSL_EVP_Cipher calls. */
             if (wc_AesGcmInit(&ctx->cipher.aes, NULL, 0,
                               (byte*)ctx->cipher.aes.reg,
-                              ctx->ivSz) != 0) {
+                              (word32)ctx->ivSz) != 0) {
                 WOLFSSL_MSG("wc_AesGcmInit failed");
-                return WOLFSSL_FATAL_ERROR;
+                return WOLFSSL_FAILURE;
             }
             ctx->authIncIv = 0;
         }
@@ -5782,12 +6524,12 @@ void wolfSSL_EVP_init(void)
              * NULL).
              */
             if (ctx->authIn != NULL) {
-                XMEMSET(ctx->authIn, 0, ctx->authInSz);
+                XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
             }
             ctx->authInSz = 0;
         }
         if (ret == 0) {
-            ret = len;
+            ret = (int)len;
         }
 
         return ret;
@@ -5815,7 +6557,7 @@ void wolfSSL_EVP_init(void)
         if (ctx->ivSz == 0) {
             ctx->ivSz = GCM_NONCE_MID_SZ;
         }
-        ctx->flags &= ~WOLFSSL_EVP_CIPH_MODE;
+        ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
         ctx->flags |= WOLFSSL_EVP_CIPH_CCM_MODE |
                       WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
         if (enc == 0 || enc == 1) {
@@ -5847,13 +6589,23 @@ void wolfSSL_EVP_init(void)
         }
     #endif
 
+        if (ret == WOLFSSL_SUCCESS) {
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0) {
+                    WOLFSSL_MSG("wc_AesInit() failed");
+                    ret = WOLFSSL_FAILURE;
+                } else
+                    ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
+        }
+
         if (ret == WOLFSSL_SUCCESS && key &&
-            wc_AesCcmSetKey(&ctx->cipher.aes, key, ctx->keyLen)) {
+            wc_AesCcmSetKey(&ctx->cipher.aes, key, (word32)ctx->keyLen)) {
             WOLFSSL_MSG("wc_AesCcmSetKey() failed");
             ret = WOLFSSL_FAILURE;
         }
         if (ret == WOLFSSL_SUCCESS && iv &&
-            wc_AesCcmSetNonce(&ctx->cipher.aes, iv, ctx->ivSz)) {
+            wc_AesCcmSetNonce(&ctx->cipher.aes, iv, (word32)ctx->ivSz)) {
             WOLFSSL_MSG("wc_AesCcmSetNonce() failed");
             ret = WOLFSSL_FAILURE;
         }
@@ -5877,20 +6629,20 @@ void wolfSSL_EVP_init(void)
 
         /* No destination means only AAD. */
         if (src != NULL && dst == NULL) {
-            ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, len);
+            ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, (int)len);
         }
         else if (src != NULL && dst != NULL) {
             if (ctx->enc) {
                 ret = wc_AesCcmEncrypt(&ctx->cipher.aes, dst, src,
-                        len, ctx->iv, ctx->ivSz, ctx->authTag,
-                        ctx->authTagSz, ctx->authIn,
-                        ctx->authInSz);
+                        len, ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+                        (word32)ctx->authTagSz, ctx->authIn,
+                        (word32)ctx->authInSz);
             }
             else {
                 ret = wc_AesCcmDecrypt(&ctx->cipher.aes, dst, src,
-                        len, ctx->iv, ctx->ivSz, ctx->authTag,
-                        ctx->authTagSz, ctx->authIn,
-                        ctx->authInSz);
+                        len, ctx->iv, (word32)ctx->ivSz, ctx->authTag,
+                        (word32)ctx->authTagSz, ctx->authIn,
+                        (word32)ctx->authInSz);
             }
             if (ctx->authIncIv) {
                 IncCtr((byte*)ctx->cipher.aes.reg,
@@ -5904,12 +6656,12 @@ void wolfSSL_EVP_init(void)
              * NULL).
              */
             if (ctx->authIn != NULL) {
-                XMEMSET(ctx->authIn, 0, ctx->authInSz);
+                XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
             }
             ctx->authInSz = 0;
         }
         if (ret == 0) {
-            ret = len;
+            ret = (int)len;
         }
 
         return ret;
@@ -5917,6 +6669,86 @@ void wolfSSL_EVP_init(void)
 #endif /* HAVE_AESCCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
         * HAVE_FIPS_VERSION >= 2 */
 
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+    || FIPS_VERSION_GE(2,0))
+    static int EvpCipherInitAriaGCM(WOLFSSL_EVP_CIPHER_CTX* ctx,
+                                    const WOLFSSL_EVP_CIPHER* type,
+                                    const byte* key, const byte* iv, int enc)
+    {
+        int ret = WOLFSSL_SUCCESS;
+
+        if (ctx->cipherType == ARIA_128_GCM_TYPE ||
+            (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM))) {
+            WOLFSSL_MSG("EVP_ARIA_128_GCM");
+            ctx->cipherType = ARIA_128_GCM_TYPE;
+            ctx->keyLen = ARIA_128_KEY_SIZE;
+        } else if (ctx->cipherType == ARIA_192_GCM_TYPE ||
+                   (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM))) {
+            WOLFSSL_MSG("EVP_ARIA_192_GCM");
+            ctx->cipherType = ARIA_192_GCM_TYPE;
+            ctx->keyLen = ARIA_192_KEY_SIZE;
+        } else if (ctx->cipherType == ARIA_256_GCM_TYPE ||
+                   (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM))) {
+            WOLFSSL_MSG("EVP_ARIA_256_GCM");
+            ctx->cipherType = ARIA_256_GCM_TYPE;
+            ctx->keyLen = ARIA_256_KEY_SIZE;
+        } else {
+            WOLFSSL_MSG("Unrecognized cipher type");
+            return WOLFSSL_FAILURE;
+        }
+
+        if (ctx->authIn) {
+            XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+            ctx->authIn = NULL;
+        }
+        ctx->authInSz = 0;
+
+        ctx->block_size = AES_BLOCK_SIZE;
+        ctx->authTagSz = AES_BLOCK_SIZE;
+        if (ctx->ivSz == 0) {
+            ctx->ivSz = GCM_NONCE_MID_SZ;
+        }
+        ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+        ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
+                      WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+        if (enc == 0 || enc == 1) {
+            ctx->enc = enc ? 1 : 0;
+        }
+
+        switch(ctx->cipherType) {
+            case ARIA_128_GCM_TYPE:
+                ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_128BITKEY);
+                break;
+            case ARIA_192_GCM_TYPE:
+                ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_192BITKEY);
+                break;
+            case ARIA_256_GCM_TYPE:
+                ret = wc_AriaInitCrypt(&ctx->cipher.aria, MC_ALGID_ARIA_256BITKEY);
+                break;
+            default:
+                WOLFSSL_MSG("Not implemented cipherType");
+                return WOLFSSL_NOT_IMPLEMENTED; /* This should never happen */
+        }
+        if (ret != 0) {
+            WOLFSSL_MSG(MC_GetErrorString(ret));
+            WOLFSSL_MSG(MC_GetError(ctx->cipher.aria.hSession));
+            return WOLFSSL_FAILURE;
+        }
+
+        if (key && wc_AriaSetKey(&ctx->cipher.aria, (byte *)key)) {
+            WOLFSSL_MSG("wc_AriaSetKey() failed");
+            return WOLFSSL_FAILURE;
+        }
+        if (iv && wc_AriaGcmSetExtIV(&ctx->cipher.aria, iv, ctx->ivSz)) {
+            WOLFSSL_MSG("wc_AriaGcmSetIV() failed");
+            return WOLFSSL_FAILURE;
+        }
+
+        return WOLFSSL_SUCCESS;
+    }
+#endif /* HAVE_ARIA && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+        * HAVE_FIPS_VERSION >= 2 */
+
     /* return WOLFSSL_SUCCESS on ok, 0 on failure to match API compatibility */
     int wolfSSL_EVP_CipherInit(WOLFSSL_EVP_CIPHER_CTX* ctx,
                                const WOLFSSL_EVP_CIPHER* type, const byte* key,
@@ -5942,6 +6774,7 @@ void wolfSSL_EVP_init(void)
             XMEMSET(&ctx->cipher, 0, sizeof(ctx->cipher));
             ctx->flags   = 0;
         }
+
         /* always clear buffer state */
         ctx->bufUsed = 0;
         ctx->lastUsed = 0;
@@ -5959,16 +6792,21 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CBC))) {
             WOLFSSL_MSG("EVP_AES_128_CBC");
             ctx->cipherType = AES_128_CBC_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = AES_BLOCK_SIZE;
             ctx->ivSz       = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                            iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -5984,16 +6822,21 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CBC))) {
             WOLFSSL_MSG("EVP_AES_192_CBC");
             ctx->cipherType = AES_192_CBC_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = AES_BLOCK_SIZE;
             ctx->ivSz       = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                            iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6009,16 +6852,21 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CBC))) {
             WOLFSSL_MSG("EVP_AES_256_CBC");
             ctx->cipherType = AES_256_CBC_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = AES_BLOCK_SIZE;
             ctx->ivSz       = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                                ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                            iv, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 0);
                 if (ret != 0){
                     WOLFSSL_MSG("AesSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6073,7 +6921,8 @@ void wolfSSL_EVP_init(void)
             || ctx->cipherType == AES_256_CCM_TYPE ||
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CCM))
         #endif
-          ) {
+          )
+        {
             if (EvpCipherInitAesCCM(ctx, type, key, iv, enc)
                 != WOLFSSL_SUCCESS) {
                 return WOLFSSL_FAILURE;
@@ -6086,7 +6935,7 @@ void wolfSSL_EVP_init(void)
         if (ctx->cipherType == AES_128_CTR_TYPE ||
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CTR))) {
             WOLFSSL_MSG("EVP_AES_128_CTR");
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->cipherType = AES_128_CTR_TYPE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CTR_MODE;
             ctx->keyLen     = 16;
@@ -6097,9 +6946,14 @@ void wolfSSL_EVP_init(void)
 #endif
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret =  AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                    AES_ENCRYPTION, 1);
+                ret =  AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 1);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6115,7 +6969,7 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CTR))) {
             WOLFSSL_MSG("EVP_AES_192_CTR");
             ctx->cipherType = AES_192_CTR_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CTR_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = NO_PADDING_BLOCK_SIZE;
@@ -6125,9 +6979,14 @@ void wolfSSL_EVP_init(void)
 #endif
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                      AES_ENCRYPTION, 1);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 1);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6143,7 +7002,7 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CTR))) {
             WOLFSSL_MSG("EVP_AES_256_CTR");
             ctx->cipherType = AES_256_CTR_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CTR_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = NO_PADDING_BLOCK_SIZE;
@@ -6153,9 +7012,14 @@ void wolfSSL_EVP_init(void)
 #endif
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                      AES_ENCRYPTION, 1);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 1);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6173,15 +7037,20 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_ECB))) {
             WOLFSSL_MSG("EVP_AES_128_ECB");
             ctx->cipherType = AES_128_ECB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
-                      ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
             }
             if (ret != 0)
                 return WOLFSSL_FAILURE;
@@ -6192,15 +7061,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_ECB))) {
             WOLFSSL_MSG("EVP_AES_192_ECB");
             ctx->cipherType = AES_192_ECB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret =  AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
-                      ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
             }
             if (ret != 0)
                 return WOLFSSL_FAILURE;
@@ -6211,15 +7085,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_ECB))) {
             WOLFSSL_MSG("EVP_AES_256_ECB");
             ctx->cipherType = AES_256_ECB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = AES_BLOCK_SIZE;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret =  AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, NULL,
-                    ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    NULL, ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, 1);
             }
             if (ret != 0)
                 return WOLFSSL_FAILURE;
@@ -6232,15 +7111,20 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB1))) {
             WOLFSSL_MSG("EVP_AES_128_CFB1");
             ctx->cipherType = AES_128_CFB1_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                        AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6256,15 +7140,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB1))) {
             WOLFSSL_MSG("EVP_AES_192_CFB1");
             ctx->cipherType = AES_192_CFB1_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6280,15 +7169,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB1))) {
             WOLFSSL_MSG("EVP_AES_256_CFB1");
             ctx->cipherType = AES_256_CFB1_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0){
                     WOLFSSL_MSG("AesSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6308,15 +7202,20 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB8))) {
             WOLFSSL_MSG("EVP_AES_128_CFB8");
             ctx->cipherType = AES_128_CFB8_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                        AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6332,15 +7231,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB8))) {
             WOLFSSL_MSG("EVP_AES_192_CFB8");
             ctx->cipherType = AES_192_CFB8_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6356,15 +7260,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB8))) {
             WOLFSSL_MSG("EVP_AES_256_CFB8");
             ctx->cipherType = AES_256_CFB8_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0){
                     WOLFSSL_MSG("AesSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6384,15 +7293,20 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_CFB128))) {
             WOLFSSL_MSG("EVP_AES_128_CFB128");
             ctx->cipherType = AES_128_CFB128_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                        AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6408,15 +7322,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_CFB128))) {
             WOLFSSL_MSG("EVP_AES_192_CFB128");
             ctx->cipherType = AES_192_CFB128_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6432,15 +7351,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_CFB128))) {
             WOLFSSL_MSG("EVP_AES_256_CFB128");
             ctx->cipherType = AES_256_CFB128_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CFB_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0){
                     WOLFSSL_MSG("AesSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6462,15 +7386,20 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_OFB))) {
             WOLFSSL_MSG("EVP_AES_128_OFB");
             ctx->cipherType = AES_128_OFB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_OFB_MODE;
             ctx->keyLen     = 16;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                        AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6486,15 +7415,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_192_OFB))) {
             WOLFSSL_MSG("EVP_AES_192_OFB");
             ctx->cipherType = AES_192_OFB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_OFB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0)
                     return WOLFSSL_FAILURE;
             }
@@ -6510,15 +7444,20 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_OFB))) {
             WOLFSSL_MSG("EVP_AES_256_OFB");
             ctx->cipherType = AES_256_OFB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_OFB_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = 1;
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                if (wc_AesInit(&ctx->cipher.aes, NULL, INVALID_DEVID) != 0)
+                    return WOLFSSL_FAILURE;
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
             if (key) {
-                ret = AesSetKey_ex(&ctx->cipher.aes, key, ctx->keyLen, iv,
-                            AES_ENCRYPTION, 0);
+                ret = AesSetKey_ex(&ctx->cipher.aes, key, (word32)ctx->keyLen,
+                    iv, AES_ENCRYPTION, 0);
                 if (ret != 0){
                     WOLFSSL_MSG("AesSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6533,14 +7472,15 @@ void wolfSSL_EVP_init(void)
             }
         }
         #endif /* WOLFSSL_AES_256 */
-    #endif /* HAVE_AES_OFB */
-    #ifdef WOLFSSL_AES_XTS
+    #endif /* WOLFSSL_AES_OFB */
+        #if defined(WOLFSSL_AES_XTS) && \
+            (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
         #ifdef WOLFSSL_AES_128
         if (ctx->cipherType == AES_128_XTS_TYPE ||
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_128_XTS))) {
             WOLFSSL_MSG("EVP_AES_128_XTS");
             ctx->cipherType = AES_128_XTS_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_XTS_MODE;
             ctx->keyLen     = 32;
             ctx->block_size = 1;
@@ -6548,16 +7488,27 @@ void wolfSSL_EVP_init(void)
 
             if (iv != NULL) {
                 if (iv != ctx->iv) /* Valgrind error when src == dst */
-                    XMEMCPY(ctx->iv, iv, ctx->ivSz);
+                    XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
             }
             else
                 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
 
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                ret = wc_AesXtsInit(&ctx->cipher.xts, NULL, 0);
+                if (ret != 0) {
+                    WOLFSSL_MSG("wc_AesXtsInit() failed");
+                    return WOLFSSL_FAILURE;
+                }
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
+
             if (key) {
-                ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
-                    ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
+                ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
+                    (word32)ctx->keyLen,
+                    ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
                 if (ret != 0) {
                     WOLFSSL_MSG("wc_AesXtsSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6570,7 +7521,7 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_AES_256_XTS))) {
             WOLFSSL_MSG("EVP_AES_256_XTS");
             ctx->cipherType = AES_256_XTS_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_XTS_MODE;
             ctx->keyLen     = 64;
             ctx->block_size = 1;
@@ -6578,16 +7529,27 @@ void wolfSSL_EVP_init(void)
 
             if (iv != NULL) {
                 if (iv != ctx->iv) /* Valgrind error when src == dst */
-                    XMEMCPY(ctx->iv, iv, ctx->ivSz);
+                    XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
             }
             else
                 XMEMSET(ctx->iv, 0, AES_BLOCK_SIZE);
 
             if (enc == 0 || enc == 1)
                 ctx->enc = enc ? 1 : 0;
+
+            if (! (ctx->flags & WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED)) {
+                ret = wc_AesXtsInit(&ctx->cipher.xts, NULL, 0);
+                if (ret != 0) {
+                    WOLFSSL_MSG("wc_AesXtsInit() failed");
+                    return WOLFSSL_FAILURE;
+                }
+                ctx->flags |= WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED;
+            }
+
             if (key) {
-                ret = wc_AesXtsSetKey(&ctx->cipher.xts, key, ctx->keyLen,
-                        ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION, NULL, 0);
+                ret = wc_AesXtsSetKeyNoInit(&ctx->cipher.xts, key,
+                    (word32)ctx->keyLen,
+                    ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION);
                 if (ret != 0) {
                     WOLFSSL_MSG("wc_AesXtsSetKey() failed");
                     return WOLFSSL_FAILURE;
@@ -6595,14 +7557,32 @@ void wolfSSL_EVP_init(void)
             }
         }
         #endif /* WOLFSSL_AES_256 */
-    #endif /* HAVE_AES_XTS */
+    #endif /* WOLFSSL_AES_XTS &&
+              (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
 #endif /* NO_AES */
+    #if defined(HAVE_ARIA)
+        if (ctx->cipherType == ARIA_128_GCM_TYPE ||
+            (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_128_GCM))
+            || ctx->cipherType == ARIA_192_GCM_TYPE ||
+            (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_192_GCM))
+            || ctx->cipherType == ARIA_256_GCM_TYPE ||
+            (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARIA_256_GCM))
+          ) {
+            if (EvpCipherInitAriaGCM(ctx, type, key, iv, enc)
+                != WOLFSSL_SUCCESS) {
+                return WOLFSSL_FAILURE;
+            }
+        }
+    #endif /* HAVE_AESGCM && ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+            * HAVE_FIPS_VERSION >= 2 */
+
+
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
         if (ctx->cipherType == CHACHA20_POLY1305_TYPE ||
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20_POLY1305))) {
             WOLFSSL_MSG("EVP_CHACHA20_POLY1305");
             ctx->cipherType = CHACHA20_POLY1305_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
             ctx->keyLen     = CHACHA20_POLY1305_AEAD_KEYSIZE;
             ctx->block_size = CHACHA_CHUNK_BYTES;
@@ -6619,13 +7599,13 @@ void wolfSSL_EVP_init(void)
              * since wc_ChaCha20Poly1305_Init() does not. */
             if (key != NULL) {
                 if (!ctx->key) {
-                    ctx->key = (byte*)XMALLOC(ctx->keyLen, NULL,
+                    ctx->key = (byte*)XMALLOC((size_t)ctx->keyLen, NULL,
                                               DYNAMIC_TYPE_OPENSSL);
                     if (!ctx->key) {
                         return MEMORY_E;
                     }
                 }
-                XMEMCPY(ctx->key, key, ctx->keyLen);
+                XMEMCPY(ctx->key, key, (size_t)ctx->keyLen);
             }
             if ((ctx->key != NULL && iv != NULL) && wc_ChaCha20Poly1305_Init(
                     &ctx->cipher.chachaPoly, ctx->key, iv, ctx->enc) != 0) {
@@ -6639,15 +7619,15 @@ void wolfSSL_EVP_init(void)
             (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_CHACHA20))) {
             WOLFSSL_MSG("EVP_CHACHA20");
             ctx->cipherType = CHACHA20_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->keyLen     = CHACHA_MAX_KEY_SZ;
             ctx->block_size = 1;
             ctx->ivSz       = WOLFSSL_EVP_CHACHA_IV_BYTES;
             if (enc == 0 || enc == 1) {
                 ctx->enc    = (byte) enc;
             }
-            if (key != NULL && wc_Chacha_SetKey(&ctx->cipher.chacha,
-                                                key, ctx->keyLen) != 0) {
+            if (key != NULL && wc_Chacha_SetKey(&ctx->cipher.chacha, key,
+                    (word32)ctx->keyLen) != 0) {
                 WOLFSSL_MSG("wc_Chacha_SetKey() failed");
                 return WOLFSSL_FAILURE;
             }
@@ -6667,12 +7647,147 @@ void wolfSSL_EVP_init(void)
             }
         }
 #endif
+#ifdef WOLFSSL_SM4_ECB
+        if (ctx->cipherType == SM4_ECB_TYPE ||
+                (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_ECB))) {
+            WOLFSSL_MSG("EVP_SM4_ECB");
+            ctx->cipherType = SM4_ECB_TYPE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
+            ctx->keyLen     = SM4_KEY_SIZE;
+            ctx->block_size = SM4_BLOCK_SIZE;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key) {
+                ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+            }
+            if (ret != 0) {
+                return WOLFSSL_FAILURE;
+            }
+        }
+#endif
+#ifdef WOLFSSL_SM4_CBC
+        if (ctx->cipherType == SM4_CBC_TYPE ||
+                (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CBC))) {
+            WOLFSSL_MSG("EVP_SM4_CBC");
+            ctx->cipherType = SM4_CBC_TYPE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
+            ctx->keyLen     = SM4_KEY_SIZE;
+            ctx->block_size = SM4_BLOCK_SIZE;
+            ctx->ivSz       = SM4_BLOCK_SIZE;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key != NULL) {
+                ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+            if (iv != NULL) {
+                ret = wc_Sm4SetIV(&ctx->cipher.sm4, iv);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+        }
+#endif
+#ifdef WOLFSSL_SM4_CTR
+        if (ctx->cipherType == SM4_CTR_TYPE ||
+                (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CTR))) {
+            WOLFSSL_MSG("EVP_SM4_CTR");
+            ctx->cipherType = SM4_CTR_TYPE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     |= WOLFSSL_EVP_CIPH_CTR_MODE;
+            ctx->keyLen     = SM4_KEY_SIZE;
+            ctx->block_size = NO_PADDING_BLOCK_SIZE;
+            ctx->ivSz       = SM4_BLOCK_SIZE;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key != NULL) {
+                ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+            if (iv != NULL) {
+                ret = wc_Sm4SetIV(&ctx->cipher.sm4, iv);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+        }
+#endif
+#ifdef WOLFSSL_SM4_GCM
+        if (ctx->cipherType == SM4_GCM_TYPE ||
+                (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_GCM))) {
+            WOLFSSL_MSG("EVP_SM4_GCM");
+            ctx->cipherType = SM4_GCM_TYPE;
+            ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags |= WOLFSSL_EVP_CIPH_GCM_MODE |
+                          WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+            ctx->block_size = NO_PADDING_BLOCK_SIZE;
+            ctx->keyLen     = SM4_KEY_SIZE;
+            if (ctx->ivSz == 0) {
+                ctx->ivSz = GCM_NONCE_MID_SZ;
+            }
+            ctx->authTagSz  = SM4_BLOCK_SIZE;
+            if (ctx->authIn) {
+                XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+                ctx->authIn = NULL;
+            }
+            ctx->authInSz = 0;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key != NULL) {
+                ret = wc_Sm4GcmSetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+            if (iv != NULL) {
+                XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
+            }
+        }
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        if (ctx->cipherType == SM4_CCM_TYPE ||
+                (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_SM4_CCM))) {
+            WOLFSSL_MSG("EVP_SM4_CCM");
+            ctx->cipherType = SM4_CCM_TYPE;
+            ctx->flags &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags |= WOLFSSL_EVP_CIPH_CCM_MODE |
+                          WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER;
+            ctx->block_size = NO_PADDING_BLOCK_SIZE;
+            ctx->keyLen     = SM4_KEY_SIZE;
+            if (ctx->ivSz == 0) {
+                ctx->ivSz = GCM_NONCE_MID_SZ;
+            }
+            ctx->authTagSz  = SM4_BLOCK_SIZE;
+            if (ctx->authIn) {
+                XFREE(ctx->authIn, NULL, DYNAMIC_TYPE_OPENSSL);
+                ctx->authIn = NULL;
+            }
+            ctx->authInSz = 0;
+            if (enc == 0 || enc == 1)
+                ctx->enc = enc ? 1 : 0;
+            if (key != NULL) {
+                ret = wc_Sm4SetKey(&ctx->cipher.sm4, key, ctx->keyLen);
+                if (ret != 0) {
+                    return WOLFSSL_FAILURE;
+                }
+            }
+            if (iv != NULL) {
+                XMEMCPY(ctx->iv, iv, (size_t)ctx->ivSz);
+            }
+        }
+#endif
 #ifndef NO_DES3
         if (ctx->cipherType == DES_CBC_TYPE ||
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_CBC))) {
             WOLFSSL_MSG("EVP_DES_CBC");
             ctx->cipherType = DES_CBC_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
             ctx->keyLen     = 8;
             ctx->block_size = DES_BLOCK_SIZE;
@@ -6694,7 +7809,7 @@ void wolfSSL_EVP_init(void)
                  (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_ECB))) {
             WOLFSSL_MSG("EVP_DES_ECB");
             ctx->cipherType = DES_ECB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
             ctx->keyLen     = 8;
             ctx->block_size = DES_BLOCK_SIZE;
@@ -6714,7 +7829,7 @@ void wolfSSL_EVP_init(void)
                   EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_CBC))) {
             WOLFSSL_MSG("EVP_DES_EDE3_CBC");
             ctx->cipherType = DES_EDE3_CBC_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_CBC_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = DES_BLOCK_SIZE;
@@ -6739,7 +7854,7 @@ void wolfSSL_EVP_init(void)
                   EVP_CIPHER_TYPE_MATCHES(type, EVP_DES_EDE3_ECB))) {
             WOLFSSL_MSG("EVP_DES_EDE3_ECB");
             ctx->cipherType = DES_EDE3_ECB_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_ECB_MODE;
             ctx->keyLen     = 24;
             ctx->block_size = DES_BLOCK_SIZE;
@@ -6758,13 +7873,13 @@ void wolfSSL_EVP_init(void)
                 (type && EVP_CIPHER_TYPE_MATCHES(type, EVP_ARC4))) {
             WOLFSSL_MSG("ARC4");
             ctx->cipherType = ARC4_TYPE;
-            ctx->flags     &= ~WOLFSSL_EVP_CIPH_MODE;
+            ctx->flags     &= (unsigned long)~WOLFSSL_EVP_CIPH_MODE;
             ctx->flags     |= WOLFSSL_EVP_CIPH_STREAM_CIPHER;
             ctx->block_size = 1;
             if (ctx->keyLen == 0)  /* user may have already set */
                 ctx->keyLen = 16;  /* default to 128 */
             if (key)
-                wc_Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen);
+                wc_Arc4SetKey(&ctx->cipher.arc4, key, (word32)ctx->keyLen);
         }
 #endif /* NO_RC4 */
         if (ctx->cipherType == NULL_CIPHER_TYPE ||
@@ -6839,6 +7954,15 @@ void wolfSSL_EVP_init(void)
 
 #endif /* NO_AES */
 
+#ifdef HAVE_ARIA
+            case ARIA_128_GCM_TYPE :
+                return NID_aria_128_gcm;
+            case ARIA_192_GCM_TYPE :
+                return NID_aria_192_gcm;
+            case ARIA_256_GCM_TYPE :
+                return NID_aria_256_gcm;
+#endif
+
 #ifndef NO_DES3
             case DES_CBC_TYPE :
                 return NID_des_cbc;
@@ -6866,6 +7990,31 @@ void wolfSSL_EVP_init(void)
                 return NID_chacha20;
 #endif
 
+#ifdef WOLFSSL_SM4_ECB
+            case SM4_ECB_TYPE:
+                return NID_sm4_ecb;
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+            case SM4_CBC_TYPE:
+                return NID_sm4_cbc;
+#endif
+
+#ifdef WOLFSSL_SM4_CTR
+            case SM4_CTR_TYPE:
+                return NID_sm4_ctr;
+#endif
+
+#ifdef WOLFSSL_SM4_GCM
+            case SM4_GCM_TYPE:
+                return NID_sm4_gcm;
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+            case SM4_CCM_TYPE:
+                return NID_sm4_ccm;
+#endif
+
             case NULL_CIPHER_TYPE :
                 WOLFSSL_ERROR_MSG("Null cipher has no NID");
                 FALL_THROUGH;
@@ -6956,7 +8105,7 @@ void wolfSSL_EVP_init(void)
             return WOLFSSL_FAILURE;
         }
 
-        XMEMCPY(iv, ctx->iv, ivLen);
+        XMEMCPY(iv, ctx->iv, (size_t)ivLen);
 
         return WOLFSSL_SUCCESS;
     }
@@ -6982,6 +8131,17 @@ void wolfSSL_EVP_init(void)
              ctx->cipherType != AES_192_CCM_TYPE &&
              ctx->cipherType != AES_256_CCM_TYPE
         #endif
+        #ifdef HAVE_ARIA
+            && ctx->cipherType != ARIA_128_GCM_TYPE &&
+             ctx->cipherType != ARIA_192_GCM_TYPE &&
+             ctx->cipherType != ARIA_256_GCM_TYPE
+        #endif
+        #ifdef WOLFSSL_SM4_GCM
+            && ctx->cipherType != SM4_GCM_TYPE
+        #endif
+        #ifdef WOLFSSL_SM4_CCM
+            && ctx->cipherType != SM4_CCM_TYPE
+        #endif
             ))) {
             WOLFSSL_MSG("Bad argument.");
             return WOLFSSL_FATAL_ERROR;
@@ -7006,7 +8166,7 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesCbcDecrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
+                    ret = (int)((len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE);
                 break;
 #endif /* HAVE_AES_CBC */
 
@@ -7021,7 +8181,7 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesCfb1Decrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
             case AES_128_CFB8_TYPE:
             case AES_192_CFB8_TYPE:
@@ -7032,7 +8192,7 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesCfb8Decrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
 #endif /* !HAVE_SELFTEST && !HAVE_FIPS */
             case AES_128_CFB128_TYPE:
@@ -7044,7 +8204,7 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesCfbDecrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
 #endif /* WOLFSSL_AES_CFB */
 #if defined(WOLFSSL_AES_OFB)
@@ -7057,23 +8217,23 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesOfbDecrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
 #endif /* WOLFSSL_AES_OFB */
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
             case AES_128_XTS_TYPE:
             case AES_256_XTS_TYPE:
                 WOLFSSL_MSG("AES XTS");
                 if (ctx->enc)
                     ret = wc_AesXtsEncrypt(&ctx->cipher.xts, dst, src, len,
-                            ctx->iv, ctx->ivSz);
+                            ctx->iv, (word32)ctx->ivSz);
                 else
                     ret = wc_AesXtsDecrypt(&ctx->cipher.xts, dst, src, len,
-                            ctx->iv, ctx->ivSz);
+                            ctx->iv, (word32)ctx->ivSz);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
 
 #if defined(HAVE_AESGCM) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
     || FIPS_VERSION_GE(2,0))
@@ -7105,7 +8265,7 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_AesEcbDecrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = (len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
+                    ret = (int)((len / AES_BLOCK_SIZE) * AES_BLOCK_SIZE);
                 break;
 #endif
 #ifdef WOLFSSL_AES_COUNTER
@@ -7115,11 +8275,31 @@ void wolfSSL_EVP_init(void)
                 WOLFSSL_MSG("AES CTR");
                 ret = wc_AesCtrEncrypt(&ctx->cipher.aes, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
                 break;
 #endif /* WOLFSSL_AES_COUNTER */
 #endif /* NO_AES */
 
+#if defined(HAVE_ARIA) && ((!defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)) \
+    || FIPS_VERSION_GE(2,0))
+            case ARIA_128_GCM_TYPE :
+            case ARIA_192_GCM_TYPE :
+            case ARIA_256_GCM_TYPE :
+                WOLFSSL_MSG("ARIA GCM");
+                if (ctx->enc) {
+                    ret = wc_AriaEncrypt(&ctx->cipher.aria, dst, src, len,
+                                         ctx->iv, ctx->ivSz, NULL, 0,
+                                         ctx->authTag, ctx->authTagSz);
+                }
+                else {
+                    ret = wc_AriaDecrypt(&ctx->cipher.aria, dst, src, len,
+                                         ctx->iv, ctx->ivSz, NULL, 0,
+                                         ctx->authTag, ctx->authTagSz);
+                }
+                break;
+#endif /* HAVE_ARIA&& ((!HAVE_FIPS && !HAVE_SELFTEST) ||
+        * HAVE_FIPS_VERSION >= 2 */
+
 #ifndef NO_DES3
             case DES_CBC_TYPE :
                 WOLFSSL_MSG("DES CBC");
@@ -7128,7 +8308,7 @@ void wolfSSL_EVP_init(void)
                 else
                     wc_Des_CbcDecrypt(&ctx->cipher.des, dst, src, len);
                 if (ret == 0)
-                    ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+                    ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
                 break;
             case DES_EDE3_CBC_TYPE :
                 WOLFSSL_MSG("DES3 CBC");
@@ -7137,20 +8317,20 @@ void wolfSSL_EVP_init(void)
                 else
                     ret = wc_Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len);
                 if (ret == 0)
-                    ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+                    ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
                 break;
 #ifdef WOLFSSL_DES_ECB
             case DES_ECB_TYPE :
                 WOLFSSL_MSG("DES ECB");
                 ret = wc_Des_EcbEncrypt(&ctx->cipher.des, dst, src, len);
                 if (ret == 0)
-                    ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+                    ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
                 break;
             case DES_EDE3_ECB_TYPE :
                 WOLFSSL_MSG("DES3 ECB");
                 ret = wc_Des3_EcbEncrypt(&ctx->cipher.des3, dst, src, len);
                 if (ret == 0)
-                    ret = (len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE;
+                    ret = (int)((len / DES_BLOCK_SIZE) * DES_BLOCK_SIZE);
                 break;
 #endif
 #endif /* !NO_DES3 */
@@ -7160,14 +8340,116 @@ void wolfSSL_EVP_init(void)
                 WOLFSSL_MSG("ARC4");
                 wc_Arc4Process(&ctx->cipher.arc4, dst, src, len);
                 if (ret == 0)
-                    ret = len;
+                    ret = (int)len;
+                break;
+#endif
+
+            /* TODO: Chacha??? */
+
+#ifdef WOLFSSL_SM4_ECB
+            case SM4_ECB_TYPE :
+                WOLFSSL_MSG("Sm4 ECB");
+                if (ctx->enc)
+                    ret = wc_Sm4EcbEncrypt(&ctx->cipher.sm4, dst, src, len);
+                else
+                    ret = wc_Sm4EcbDecrypt(&ctx->cipher.sm4, dst, src, len);
+                if (ret == 0)
+                    ret = (int)((len / SM4_BLOCK_SIZE) * SM4_BLOCK_SIZE);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+            case SM4_CBC_TYPE :
+                WOLFSSL_MSG("Sm4 CBC");
+                if (ctx->enc)
+                    ret = wc_Sm4CbcEncrypt(&ctx->cipher.sm4, dst, src, len);
+                else
+                    ret = wc_Sm4CbcDecrypt(&ctx->cipher.sm4, dst, src, len);
+                if (ret == 0)
+                    ret = (int)((len / SM4_BLOCK_SIZE) * SM4_BLOCK_SIZE);
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+            case SM4_CTR_TYPE :
+                WOLFSSL_MSG("AES CTR");
+                ret = wc_Sm4CtrEncrypt(&ctx->cipher.sm4, dst, src, len);
+                if (ret == 0)
+                    ret = (int)len;
+                break;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+            case SM4_GCM_TYPE :
+                WOLFSSL_MSG("SM4 GCM");
+                /* No destination means only AAD. */
+                if (src != NULL && dst == NULL) {
+                    ret = wolfSSL_EVP_CipherUpdate_GCM_AAD(ctx, src, len);
+                }
+                else if (src != NULL && dst != NULL) {
+                    if (ctx->enc) {
+                        ret = wc_Sm4GcmEncrypt(&ctx->cipher.sm4, dst, src,
+                                len, ctx->iv, ctx->ivSz, ctx->authTag,
+                                ctx->authTagSz, ctx->authIn,
+                                ctx->authInSz);
+                    }
+                    else {
+                        ret = wc_Sm4GcmDecrypt(&ctx->cipher.sm4, dst, src,
+                                len, ctx->iv, ctx->ivSz, ctx->authTag,
+                                ctx->authTagSz, ctx->authIn,
+                                ctx->authInSz);
+                    }
+                    if (ctx->authIncIv) {
+                        IncCtr((byte*)ctx->cipher.sm4.iv,
+                               ctx->cipher.sm4.nonceSz);
+                        ctx->authIncIv = 0;
+                    }
+                }
+                break;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+            case SM4_CCM_TYPE :
+                WOLFSSL_MSG("SM4 CCM");
+                /* No destination means only AAD. */
+                if (src != NULL && dst == NULL) {
+                    ret = wolfSSL_EVP_CipherUpdate_CCM_AAD(ctx, src, len);
+                }
+                else if (src != NULL && dst != NULL) {
+                    if (ctx->enc) {
+                        ret = wc_Sm4CcmEncrypt(&ctx->cipher.sm4, dst, src,
+                                len, ctx->iv, ctx->ivSz, ctx->authTag,
+                                ctx->authTagSz, ctx->authIn,
+                                ctx->authInSz);
+                    }
+                    else {
+                        ret = wc_Sm4CcmDecrypt(&ctx->cipher.sm4, dst, src,
+                                len, ctx->iv, ctx->ivSz, ctx->authTag,
+                                ctx->authTagSz, ctx->authIn,
+                                ctx->authInSz);
+                    }
+                    if (ctx->authIncIv) {
+                        IncCtr((byte*)ctx->cipher.sm4.iv,
+                               ctx->cipher.sm4.nonceSz);
+                        ctx->authIncIv = 0;
+                    }
+                }
+                if (src == NULL) {
+                    /*
+                     * Clear any leftover AAD on final (final is when src is
+                     * NULL).
+                     */
+                    if (ctx->authIn != NULL) {
+                        XMEMSET(ctx->authIn, 0, (size_t)ctx->authInSz);
+                    }
+                    ctx->authInSz = 0;
+                }
+                if (ret == 0) {
+                    ret = (int)len;
+                }
                 break;
 #endif
 
             case NULL_CIPHER_TYPE :
                 WOLFSSL_MSG("NULL CIPHER");
-                XMEMCPY(dst, src, len);
-                ret = len;
+                XMEMCPY(dst, src, (size_t)len);
+                ret = (int)len;
                 break;
 
             default: {
@@ -7253,7 +8535,7 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
             derSz = ret;
         #ifdef HAVE_PKCS8
             if (key->pkcs8HeaderSz) {
-                ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, NULL, derSz,
+                ret = wc_CreatePKCS8Key(NULL, &pkcs8Sz, NULL, (word32)derSz,
                     RSAk, NULL, 0);
                 if (ret == LENGTH_ONLY_E)
                     ret = 0;
@@ -7273,14 +8555,14 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
     }
 
 #ifdef WOLFSSL_NO_REALLOC
-    derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
+    derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap, DYNAMIC_TYPE_DER);
     if (derBuf != NULL) {
-        XMEMCPY(derBuf, pkey->pkey.ptr, pkey->pkey_sz);
+        XMEMCPY(derBuf, pkey->pkey.ptr, (size_t)pkey->pkey_sz);
         XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_DER);
         pkey->pkey.ptr = NULL;
     }
 #else
-    derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz,
+    derBuf = (byte*)XREALLOC(pkey->pkey.ptr, (size_t)derSz,
             pkey->heap, DYNAMIC_TYPE_DER);
 #endif
     if (derBuf == NULL) {
@@ -7292,33 +8574,35 @@ static int PopulateRSAEvpPkeyDer(WOLFSSL_EVP_PKEY *pkey)
     pkey->pkey.ptr = (char*)derBuf;
 
     if (rsa->type == RSA_PRIVATE) {
-        ret = wc_RsaKeyToDer(rsa, derBuf, derSz);
+        ret = wc_RsaKeyToDer(rsa, derBuf, (word32)derSz);
         if (ret > 0) {
             derSz = ret;
         #ifdef HAVE_PKCS8
             if (key->pkcs8HeaderSz) {
                 byte* keyBuf = derBuf;
                 int keySz = derSz;
-                derSz = pkcs8Sz;
+                word32 sz = pkcs8Sz;
                 /* Need new buffer for PKCS8 since we can't
                  * do this in-place */
-                derBuf = (byte*)XMALLOC(pkcs8Sz, pkey->heap,
+                derBuf = (byte*)XMALLOC((size_t)pkcs8Sz, pkey->heap,
                     DYNAMIC_TYPE_DER);
                 if (derBuf != NULL) {
-                    ret = wc_CreatePKCS8Key(derBuf, (word32*)&derSz, keyBuf,
-                        keySz, RSAk, NULL, 0);
+                    ret = wc_CreatePKCS8Key(derBuf, &sz, keyBuf, (word32)keySz,
+                        RSAk, NULL, 0);
                     XFREE(keyBuf, pkey->heap, DYNAMIC_TYPE_DER);
                     pkey->pkey.ptr = (char*)derBuf;
                 }
-                else
+                else {
                     ret = MEMORY_E;
+                }
+                derSz = (int)sz;
             }
         #endif
         }
     }
     else {
         /* Public key to DER */
-        ret = wc_RsaKeyToPublicDer(rsa, derBuf, derSz);
+        ret = wc_RsaKeyToPublicDer(rsa, derBuf, (word32)derSz);
         if (ret > 0)
             derSz = ret;
     }
@@ -7433,7 +8717,8 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
     /* 4 > size of pub, priv, p, q, g + ASN.1 additional information */
     derMax = 4 * wolfSSL_BN_num_bytes(key->g) + AES_BLOCK_SIZE;
 
-    derBuf = (byte*)XMALLOC(derMax, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    derBuf = (byte*)XMALLOC((size_t)derMax, pkey->heap,
+        DYNAMIC_TYPE_TMP_BUFFER);
     if (derBuf == NULL) {
         WOLFSSL_MSG("malloc failed");
         return WOLFSSL_FAILURE;
@@ -7441,11 +8726,11 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
 
     if (dsa->type == DSA_PRIVATE) {
         /* Private key to DER */
-        derSz = wc_DsaKeyToDer(dsa, derBuf, derMax);
+        derSz = wc_DsaKeyToDer(dsa, derBuf, (word32)derMax);
     }
     else {
         /* Public key to DER */
-        derSz = wc_DsaKeyToPublicDer(dsa, derBuf, derMax);
+        derSz = wc_DsaKeyToPublicDer(dsa, derBuf, (word32)derMax);
     }
 
     if (derSz < 0) {
@@ -7459,14 +8744,15 @@ int wolfSSL_EVP_PKEY_set1_DSA(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DSA *key)
         return WOLFSSL_FAILURE;
     }
 
-    pkey->pkey.ptr = (char*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_DER);
+    pkey->pkey.ptr = (char*)XMALLOC((size_t)derSz, pkey->heap,
+        DYNAMIC_TYPE_DER);
     if (pkey->pkey.ptr == NULL) {
         WOLFSSL_MSG("key malloc failed");
         XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
         return WOLFSSL_FAILURE;
     }
     pkey->pkey_sz = derSz;
-    XMEMCPY(pkey->pkey.ptr, derBuf, derSz);
+    XMEMCPY(pkey->pkey.ptr, derBuf, (size_t)derSz);
     XFREE(derBuf, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
 
     return WOLFSSL_SUCCESS;
@@ -7630,7 +8916,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
        return WOLFSSL_FAILURE;
     }
 
-    derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
+    derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap, DYNAMIC_TYPE_TMP_BUFFER);
     if (derBuf == NULL) {
         WOLFSSL_MSG("malloc failed");
         return WOLFSSL_FAILURE;
@@ -7653,7 +8939,7 @@ int wolfSSL_EVP_PKEY_set1_DH(WOLFSSL_EVP_PKEY *pkey, WOLFSSL_DH *key)
 
     /* Store DH key into pkey (DER format) */
     pkey->pkey.ptr = (char*)derBuf;
-    pkey->pkey_sz = derSz;
+    pkey->pkey_sz = (int)derSz;
 
     return WOLFSSL_SUCCESS;
 }
@@ -7769,7 +9055,8 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
         if (key->pkcs8HeaderSz) {
             /* when key has pkcs8 header the pkey should too */
             if (wc_EccKeyToPKCS8(ecc, NULL, (word32*)&derSz) == LENGTH_ONLY_E) {
-                derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
+                derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap,
+                    DYNAMIC_TYPE_OPENSSL);
                 if (derBuf) {
                     if (wc_EccKeyToPKCS8(ecc, derBuf, (word32*)&derSz) >= 0) {
                         if (pkey->pkey.ptr) {
@@ -7798,9 +9085,10 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
 
             /* if not, the pkey will be traditional ecc key */
             if ((derSz = wc_EccKeyDerSize(ecc, 1)) > 0) {
-                derBuf = (byte*)XMALLOC(derSz, pkey->heap, DYNAMIC_TYPE_OPENSSL);
+                derBuf = (byte*)XMALLOC((size_t)derSz, pkey->heap,
+                    DYNAMIC_TYPE_OPENSSL);
                 if (derBuf) {
-                    if (wc_EccKeyToDer(ecc, derBuf, derSz) >= 0) {
+                    if (wc_EccKeyToDer(ecc, derBuf, (word32)derSz) >= 0) {
                         if (pkey->pkey.ptr) {
                             XFREE(pkey->pkey.ptr, pkey->heap, DYNAMIC_TYPE_OPENSSL);
                         }
@@ -7817,12 +9105,13 @@ static int ECC_populate_EVP_PKEY(EVP_PKEY* pkey, WOLFSSL_EC_KEY *key)
         }
     }
     else if (ecc->type == ECC_PUBLICKEY) {
-        if ((derSz = (word32)wc_EccPublicKeyDerSize(ecc, 1)) > 0) {
-            derBuf = (byte*)XREALLOC(pkey->pkey.ptr, derSz, NULL,
+        if ((derSz = wc_EccPublicKeyDerSize(ecc, 1)) > 0) {
+            derBuf = (byte*)XREALLOC(pkey->pkey.ptr, (size_t)derSz, NULL,
                     DYNAMIC_TYPE_OPENSSL);
             if (derBuf != NULL) {
                 pkey->pkey.ptr = (char*)derBuf;
-                if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, derSz, 1)) < 0) {
+                if ((derSz = wc_EccPublicKeyToDer(ecc, derBuf, (word32)derSz,
+                        1)) < 0) {
                     XFREE(derBuf, NULL, DYNAMIC_TYPE_OPENSSL);
                     derBuf = NULL;
                 }
@@ -7946,6 +9235,11 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
 {
     WOLFSSL_MSG("wolfSSL_EVP_CIPHER_CTX_iv_length");
 
+    if (ctx == NULL) {
+        WOLFSSL_MSG("No context");
+        return 0;
+    }
+
     switch (ctx->cipherType) {
 
 #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_DIRECT)
@@ -8025,12 +9319,22 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
             WOLFSSL_MSG("AES OFB");
             return AES_BLOCK_SIZE;
 #endif /* WOLFSSL_AES_OFB */
-#ifdef WOLFSSL_AES_XTS
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
         case AES_128_XTS_TYPE:
         case AES_256_XTS_TYPE:
             WOLFSSL_MSG("AES XTS");
             return AES_BLOCK_SIZE;
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
+#ifdef HAVE_ARIA
+        case ARIA_128_GCM_TYPE :
+        case ARIA_192_GCM_TYPE :
+        case ARIA_256_GCM_TYPE :
+            WOLFSSL_MSG("ARIA GCM");
+            if (ctx->ivSz != 0) {
+                return ctx->ivSz;
+            }
+            return GCM_NONCE_MID_SZ;
+#endif
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
         case CHACHA20_POLY1305_TYPE:
             WOLFSSL_MSG("CHACHA20 POLY1305");
@@ -8041,6 +9345,32 @@ int wolfSSL_EVP_CIPHER_CTX_iv_length(const WOLFSSL_EVP_CIPHER_CTX* ctx)
             WOLFSSL_MSG("CHACHA20");
             return WOLFSSL_EVP_CHACHA_IV_BYTES;
 #endif /* HAVE_CHACHA */
+#ifdef WOLFSSL_SM4_CBC
+        case SM4_CBC_TYPE :
+            WOLFSSL_MSG("SM4 CBC");
+            return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+        case SM4_CTR_TYPE :
+            WOLFSSL_MSG("SM4 CTR");
+            return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+        case SM4_GCM_TYPE :
+            WOLFSSL_MSG("SM4 GCM");
+            if (ctx->ivSz != 0) {
+                return ctx->ivSz;
+            }
+            return GCM_NONCE_MID_SZ;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+        case SM4_CCM_TYPE :
+            WOLFSSL_MSG("SM4 CCM");
+            if (ctx->ivSz != 0) {
+                return ctx->ivSz;
+            }
+            return CCM_NONCE_MIN_SZ;
+#endif
 
         case NULL_CIPHER_TYPE :
             WOLFSSL_MSG("NULL");
@@ -8118,7 +9448,7 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
         return AES_BLOCK_SIZE;
     #endif
 #endif
-#ifdef WOLFSSL_AES_XTS
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
     if (XSTRCMP(name, EVP_AES_128_XTS) == 0)
         return AES_BLOCK_SIZE;
@@ -8128,9 +9458,17 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
     if (XSTRCMP(name, EVP_AES_256_XTS) == 0)
         return AES_BLOCK_SIZE;
     #endif /* WOLFSSL_AES_256 */
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)) */
 
 #endif
+#ifdef HAVE_ARIA
+    if (XSTRCMP(name, EVP_ARIA_128_GCM) == 0)
+        return GCM_NONCE_MID_SZ;
+    if (XSTRCMP(name, EVP_ARIA_192_GCM) == 0)
+        return GCM_NONCE_MID_SZ;
+    if (XSTRCMP(name, EVP_ARIA_256_GCM) == 0)
+        return GCM_NONCE_MID_SZ;
+#endif /* HAVE_ARIA */
 
 #ifndef NO_DES3
     if ((XSTRCMP(name, EVP_DES_CBC) == 0) ||
@@ -8149,6 +9487,23 @@ int wolfSSL_EVP_CIPHER_iv_length(const WOLFSSL_EVP_CIPHER* cipher)
         return WOLFSSL_EVP_CHACHA_IV_BYTES;
 #endif
 
+#ifdef WOLFSSL_SM4_CBC
+    if (XSTRCMP(name, EVP_SM4_CBC) == 0)
+        return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    if (XSTRCMP(name, EVP_SM4_CTR) == 0)
+        return SM4_BLOCK_SIZE;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    if (XSTRCMP(name, EVP_SM4_GCM) == 0)
+        return GCM_NONCE_MID_SZ;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    if (XSTRCMP(name, EVP_SM4_CCM) == 0)
+        return CCM_NONCE_MIN_SZ;
+#endif
+
     (void)name;
 
     return 0;
@@ -8297,9 +9652,10 @@ int wolfSSL_EVP_PKEY_assign_RSA(EVP_PKEY* pkey, WOLFSSL_RSA* key)
         RsaKey* rsa = (RsaKey*)key->internal;
         int ret = wc_RsaKeyToDer(rsa, NULL, 0);
         if (ret > 0) {
-            int derSz = ret;
-            byte* derBuf = (byte*)XMALLOC(derSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
-            if (derBuf) {
+            word32 derSz = (word32)ret;
+            byte* derBuf = (byte*)XMALLOC((size_t)derSz, NULL,
+                DYNAMIC_TYPE_TMP_BUFFER);
+            if (derBuf != NULL) {
                 ret = wc_RsaKeyToDer(rsa, derBuf, derSz);
                 if (ret >= 0) {
                     pkey->pkey_sz = ret;
@@ -8392,12 +9748,13 @@ int wolfSSL_EVP_Digest(const unsigned char* in, int inSz, unsigned char* out,
     if (err != WOLFSSL_SUCCESS)
         return err;
 
-    if (wc_Hash((enum wc_HashType)hashType, in, inSz, out, hashSz) != 0) {
+    if (wc_Hash((enum wc_HashType)hashType, in, (word32)inSz, out,
+            (word32)hashSz) != 0) {
         return WOLFSSL_FAILURE;
     }
 
     if (outSz != NULL)
-        *outSz = hashSz;
+        *outSz = (unsigned int)hashSz;
 
     (void)eng;
     return WOLFSSL_SUCCESS;
@@ -8650,13 +10007,20 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
 
 #endif /* WOLFSSL_SHA3 */
 
+#ifdef WOLFSSL_SM3
+    const WOLFSSL_EVP_MD* wolfSSL_EVP_sm3(void)
+    {
+        WOLFSSL_ENTER("EVP_sm3");
+        return EVP_get_digestbyname("SM3");
+    }
+#endif /* WOLFSSL_SM3 */
 
 
     WOLFSSL_EVP_MD_CTX *wolfSSL_EVP_MD_CTX_new(void)
     {
         WOLFSSL_EVP_MD_CTX* ctx;
         WOLFSSL_ENTER("EVP_MD_CTX_new");
-        ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof *ctx, NULL,
+        ctx = (WOLFSSL_EVP_MD_CTX*)XMALLOC(sizeof(*ctx), NULL,
                                                        DYNAMIC_TYPE_OPENSSL);
         if (ctx){
             wolfSSL_EVP_MD_CTX_init(ctx);
@@ -8913,6 +10277,11 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
                     wc_Sha3_512_Free((wc_Sha3*)&ctx->hash.digest);
             #endif
                     break;
+            #ifdef WOLFSSL_SM3
+                case WC_HASH_TYPE_SM3:
+                    wc_Sm3Free(&ctx->hash.digest.sm3);
+                    break;
+            #endif
                 case WC_HASH_TYPE_NONE:
                     /* Not an error since an unused struct could be free'd or
                      * reset. */
@@ -9032,6 +10401,17 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
         } else
     #endif
 #endif
+    #ifdef WOLFSSL_SM3
+        if (XSTRCMP(md, "SM3") == 0) {
+             ret = wc_InitSm3(&ctx->hash.digest.sm3, NULL, INVALID_DEVID);
+             if (ret == 0) {
+                ret = WOLFSSL_SUCCESS;
+             }
+             else {
+                ret = WOLFSSL_FAILURE;
+             }
+        } else
+    #endif
         {
              ctx->macType = WC_HASH_TYPE_NONE;
              return BAD_FUNC_ARG;
@@ -9139,6 +10519,17 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
                                      (unsigned long)sz);
         #endif
                 break;
+        #ifdef WOLFSSL_SM3
+            case WC_HASH_TYPE_SM3:
+                ret = wc_Sm3Update(&ctx->hash.digest.sm3, data, (word32)sz);
+                if (ret == 0) {
+                    ret = WOLFSSL_SUCCESS;
+                }
+                else {
+                    ret = WOLFSSL_FAILURE;
+                }
+                break;
+        #endif
             case WC_HASH_TYPE_NONE:
             case WC_HASH_TYPE_MD2:
             case WC_HASH_TYPE_MD5_SHA:
@@ -9252,6 +10643,18 @@ int wolfSSL_EVP_MD_type(const WOLFSSL_EVP_MD* type)
                 if (s) *s = WC_SHA3_512_DIGEST_SIZE;
         #endif
                 break;
+        #ifdef WOLFSSL_SM3
+            case WC_HASH_TYPE_SM3:
+                ret = wc_Sm3Final(&ctx->hash.digest.sm3, md);
+                if (ret == 0) {
+                    ret = WOLFSSL_SUCCESS;
+                }
+                else {
+                    ret = WOLFSSL_FAILURE;
+                }
+                if (s) *s = WC_SM3_DIGEST_SIZE;
+                break;
+        #endif
             case WC_HASH_TYPE_NONE:
             case WC_HASH_TYPE_MD2:
             case WC_HASH_TYPE_MD5_SHA:
@@ -9312,6 +10715,10 @@ const WOLFSSL_EVP_MD* wolfSSL_EVP_get_digestbynid(int id)
         case NID_sha512:
             return wolfSSL_EVP_sha512();
 #endif
+#ifdef WOLFSSL_SM3
+        case NID_sm3:
+            return wolfSSL_EVP_sm3();
+#endif
         default:
             WOLFSSL_MSG("Bad digest id value");
     }
@@ -9384,6 +10791,11 @@ int wolfSSL_EVP_MD_block_size(const WOLFSSL_EVP_MD* type)
     }
 #endif
 #endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+    if (XSTRCMP(type, "SM3") == 0) {
+        return WC_SM3_BLOCK_SIZE;
+    } else
+#endif
 
     return BAD_FUNC_ARG;
 }
@@ -9461,9 +10873,14 @@ int wolfSSL_EVP_MD_size(const WOLFSSL_EVP_MD* type)
 #ifndef WOLFSSL_NOSHA3_512
     if (XSTRCMP(type, "SHA3_512") == 0) {
         return WC_SHA3_512_DIGEST_SIZE;
-    }
+    } else
 #endif
 #endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+    if (XSTRCMP(type, "SM3") == 0) {
+        return WC_SM3_DIGEST_SIZE;
+    }
+#endif
 
     return BAD_FUNC_ARG;
 }
@@ -9796,7 +11213,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         int wsz;
 
         /* parse key to get modulus and exponent */
-        if (wc_RsaPublicKeyDecode_ex(pkey, &inOutIdx, pkeySz,
+        if (wc_RsaPublicKeyDecode_ex(pkey, &inOutIdx, (word32)pkeySz,
                                                 &n, &nSz, &e, &eSz) != 0) {
             break;
         }
@@ -9809,7 +11226,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
             break;
         }
-        if (mp_set_int(a, bitlen) != 0) {
+        if (mp_set_int(a, (unsigned long)bitlen) != 0) {
             break;
         }
         if (mp_todecimal(a, (char*)buff) != 0) {
@@ -9837,7 +11254,7 @@ static int PrintPubKeyRSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
             nSz++;
         }
 
-        if (PrintHexWithColon(out, n, nSz,
+        if (PrintHexWithColon(out, n, (int)nSz,
                     indent + 4, 1/* lower case */) != WOLFSSL_SUCCESS) {
             break;
         }
@@ -9972,7 +11389,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
     }
 
     if (res == WOLFSSL_SUCCESS) {
-        res = wc_EccPublicKeyDecode(pkey, &inOutIdx, key, pkeySz) == 0;
+        res = wc_EccPublicKeyDecode(pkey, &inOutIdx, key, (word32)pkeySz) == 0;
     }
 
     if (res == WOLFSSL_SUCCESS) {
@@ -10016,7 +11433,7 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         res = wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) > 0;
     }
     if (res == WOLFSSL_SUCCESS) {
-        res = mp_set_int(a, bitlen) == 0;
+        res = mp_set_int(a, (unsigned long)bitlen) == 0;
     }
     if (res == WOLFSSL_SUCCESS) {
         res = mp_todecimal(a, (char*)buff) == 0;
@@ -10040,7 +11457,8 @@ static int PrintPubKeyEC(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         res = wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) > 0;
     }
     if (res == WOLFSSL_SUCCESS) {
-        res = PrintHexWithColon(out, pub, pubSz, indent + 4, 0/* upper case */);
+        /* upper case */
+        res = PrintHexWithColon(out, pub, (int)pubSz, indent + 4, 0);
     }
     if (res == WOLFSSL_SUCCESS) {
         res = Indent(out, indent) >= 0;
@@ -10148,26 +11566,27 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         int idx;
         int wsz;
 
-        if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
             break;
         }
-        if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
             break;
         }
-        if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, pkeySz) != 0) {
+        if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, (word32)pkeySz) !=
+                0) {
             break;
         }
-        if (GetSequence(pkey, &inOutIdx, &length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, &length, (word32)pkeySz) < 0) {
             break;
         }
         /* find P */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
             break;
         }
         p   = (byte*)(pkey + inOutIdx);
@@ -10182,53 +11601,53 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
             }
         }
 
-        inOutIdx += length;
+        inOutIdx += (word32)length;
         /* find Q */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
             break;
         }
         q = (byte*)(pkey + inOutIdx);
         qSz = length;
-        inOutIdx += length;
+        inOutIdx += (word32)length;
 
         /* find G */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
             break;
         }
         g = (byte*)(pkey + inOutIdx);
         gSz = length;
-        inOutIdx += length;
+        inOutIdx += (word32)length;
         /* find Y */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_BIT_STRING) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
             break;
         }
         inOutIdx++;     /* skip the first byte( unused byte number)*/
 
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, &length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, &length, (word32)pkeySz) <= 0) {
             break;
         }
         y = (byte*)(pkey + inOutIdx);
@@ -10241,7 +11660,7 @@ static int PrintPubKeyDSA(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
             break;
         }
-        if (mp_set_int(a, bitlen) != 0) {
+        if (mp_set_int(a, (unsigned long)bitlen) != 0) {
             break;
         }
         if (mp_todecimal(a, (char*)buff) != 0) {
@@ -10371,40 +11790,41 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         int idx;
         int wsz;
 
-        if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
             break;
         }
-        if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
             break;
         }
-        if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, pkeySz) < 0) {
+        if (GetObjectId(pkey, &inOutIdx, &oid, oidIgnoreType, (word32)pkeySz) <
+                0) {
             break;
         }
-        if (GetSequence(pkey, &inOutIdx, (int*)&length, pkeySz) < 0) {
+        if (GetSequence(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) < 0) {
             break;
         }
         /* get prime element */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
             break;
         }
         prime     = (byte*)(pkey + inOutIdx);
-        primeSz   = length;
+        primeSz   = (int)length;
         inOutIdx += length;
 
         /* get generator element */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
             break;
         }
         if (length != 1) {
@@ -10414,26 +11834,26 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         inOutIdx += length;
 
         /* get public-key element */
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_BIT_STRING) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
             break;
         }
         inOutIdx ++;
-        if (GetASNTag(pkey, &inOutIdx, &tagFound, pkeySz) != 0) {
+        if (GetASNTag(pkey, &inOutIdx, &tagFound, (word32)pkeySz) != 0) {
             break;
         }
         if (tagFound != ASN_INTEGER) {
             break;
         }
-        if (GetLength(pkey, &inOutIdx, (int*)&length, pkeySz) <= 0) {
+        if (GetLength(pkey, &inOutIdx, (int*)&length, (word32)pkeySz) <= 0) {
             break;
         }
-        publicKeySz = length;
+        publicKeySz = (int)length;
         publicKey = (byte*)(pkey + inOutIdx);
 
         if (bitlen == 0) {
@@ -10452,7 +11872,7 @@ static int PrintPubKeyDH(WOLFSSL_BIO* out, const byte* pkey, int pkeySz,
         if (wolfSSL_BIO_write(out, line, (int)XSTRLEN(line)) <= 0) {
             break;
         }
-        if (mp_set_int(a, bitlen) != 0) {
+        if (mp_set_int(a, (unsigned long)bitlen) != 0) {
             break;
         }
         if (mp_todecimal(a, (char*)buff) != 0) {
@@ -10714,6 +12134,11 @@ int wolfSSL_EVP_get_hashinfo(const WOLFSSL_EVP_MD* evp,
     } else
 #endif
 #endif /* WOLFSSL_SHA3 */
+#ifdef WOLFSSL_SM3
+    if (XSTRCMP("SM3", evp) == 0) {
+        hash = WC_HASH_TYPE_SM3;
+    } else
+#endif
 #ifdef WOLFSSL_MD2
     if (XSTRCMP("MD2", evp) == 0) {
         hash = WC_HASH_TYPE_MD2;
@@ -10760,7 +12185,7 @@ struct WOLFSSL_EVP_ENCODE_CTX* wolfSSL_EVP_ENCODE_CTX_new(void)
 {
     WOLFSSL_EVP_ENCODE_CTX* ctx = NULL;
     WOLFSSL_ENTER("wolfSSL_EVP_ENCODE_CTX_new");
-    ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC( sizeof(WOLFSSL_EVP_ENCODE_CTX),
+    ctx = (WOLFSSL_EVP_ENCODE_CTX*)XMALLOC(sizeof(WOLFSSL_EVP_ENCODE_CTX),
              NULL, DYNAMIC_TYPE_OPENSSL );
 
     if (ctx != NULL) {
@@ -10792,7 +12217,7 @@ int wolfSSL_EVP_EncodeBlock(unsigned char *out, const unsigned char *in,
     if (out == NULL || in == NULL)
         return WOLFSSL_FATAL_ERROR;
 
-    if (Base64_Encode(in, inLen, out, &ret) == 0)
+    if (Base64_Encode_NoNl(in, (word32)inLen, out, &ret) == 0)
         return (int)ret;
     else
         return WOLFSSL_FATAL_ERROR;
@@ -10808,7 +12233,7 @@ int wolfSSL_EVP_DecodeBlock(unsigned char *out, const unsigned char *in,
     if (out == NULL || in == NULL)
         return WOLFSSL_FATAL_ERROR;
 
-    if (Base64_Decode(in, inLen, out, &ret) == 0)
+    if (Base64_Decode(in, (word32)inLen, out, &ret) == 0)
         return (int)ret;
     else
         return WOLFSSL_FATAL_ERROR;
@@ -10851,8 +12276,9 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
      * to create a block(48bytes) for encoding
      */
     if (ctx->remaining > 0 && inl > 0) {
-        int cpysz = min((BASE64_ENCODE_BLOCK_SIZE - ctx->remaining), inl);
-        XMEMCPY(ctx->data + ctx->remaining, in, cpysz);
+        int cpysz = (int)min(
+            (word32)(BASE64_ENCODE_BLOCK_SIZE - ctx->remaining), (word32)inl);
+        XMEMCPY(ctx->data + ctx->remaining, in, (size_t)cpysz);
         ctx->remaining += cpysz;
         in             += cpysz;
         inl            -= cpysz;
@@ -10862,10 +12288,10 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
             /* Base64_Encode asks the out buff size via the 4th param*/
             outsz = BASE64_ENCODE_RESULT_BLOCK_SIZE + 1;
             res = Base64_Encode(ctx->data, BASE64_ENCODE_BLOCK_SIZE, out,
-            &outsz);
+                &outsz);
             if (res == 0) {
                 ctx->remaining = 0;
-                *outl = outsz;
+                *outl = (int)outsz;
             }
             else
                 return 0;   /* return with error */
@@ -10887,7 +12313,7 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
             in    += BASE64_ENCODE_BLOCK_SIZE;
             inl   -= BASE64_ENCODE_BLOCK_SIZE;
             out   += outsz;
-            *outl += outsz;
+            *outl += (int)outsz;
         }
         else {
             *outl = 0;
@@ -10898,7 +12324,7 @@ int  wolfSSL_EVP_EncodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
     /* if remaining data exists, copy them into ctx for the next call*/
     if (inl > 0) {
         XMEMSET(ctx->data, 0, sizeof(ctx->data));
-        XMEMCPY(ctx->data, in, inl);
+        XMEMCPY(ctx->data, in, (size_t)inl);
         ctx->remaining = inl;
     }
 
@@ -10927,9 +12353,9 @@ void wolfSSL_EVP_EncodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
     }
     /* process remaining data in ctx */
     outsz = BASE64_ENCODE_RESULT_BLOCK_SIZE + 1; /* 64 byte and one for LF*/
-    res = Base64_Encode(ctx->data, ctx->remaining ,out, &outsz);
+    res = Base64_Encode(ctx->data, (word32)ctx->remaining, out, &outsz);
     if (res == 0)
-        *outl = outsz;
+        *outl = (int)outsz;
     else
         *outl = 0;
 
@@ -10989,14 +12415,15 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
         return 1;
     }
 
-    inLen = inl;
+    inLen = (word32)inl;
     *outl = 0;
 
     /* if the remaining data exist in the ctx, add input data to them to create
     a block(4bytes) for decoding*/
-    if ( ctx->remaining > 0 && inl > 0) {
+    if (ctx->remaining > 0 && inl > 0) {
 
-        int cpySz = min((BASE64_DECODE_BLOCK_SIZE - ctx->remaining), inl);
+        int cpySz = (int)min(
+            (word32)(BASE64_DECODE_BLOCK_SIZE - ctx->remaining), (word32)inl);
 
         for ( i = 0; cpySz > 0 && inLen > 0; i++) {
             if (Base64_SkipNewline(in, &inLen, &j) == ASN_INPUT_E) {
@@ -11015,7 +12442,7 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
         outsz = sizeof(ctx->data);
         res = Base64_Decode( ctx->data, BASE64_DECODE_BLOCK_SIZE, out, &outsz);
         if (res == 0) {
-            *outl += outsz;
+            *outl += (int)outsz;
             out   += outsz;
 
             ctx->remaining = 0;
@@ -11111,7 +12538,7 @@ int  wolfSSL_EVP_DecodeUpdate(WOLFSSL_EVP_ENCODE_CTX* ctx,
             return -1;
         }
 
-        *outl += outsz;
+        *outl += (int)outsz;
         out   += outsz;
     }
     /* copy left data to ctx */
@@ -11179,7 +12606,7 @@ int  wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
     if (ctx->remaining > 0) {
         int res;
 
-        inLen = ctx->remaining;
+        inLen = (word32)ctx->remaining;
         if ((res = Base64_SkipNewline(ctx->data, &inLen, &j)) != 0) {
             *outl = 0;
             if (res == BUFFER_E) /* means no valid data to decode in buffer */
@@ -11189,10 +12616,10 @@ int  wolfSSL_EVP_DecodeFinal(WOLFSSL_EVP_ENCODE_CTX* ctx,
         }
 
 
-        outsz = ctx->remaining;
-        res = Base64_Decode(ctx->data, ctx->remaining, out, &outsz);
+        outsz = (word32)ctx->remaining;
+        res = Base64_Decode(ctx->data, (word32)ctx->remaining, out, &outsz);
         if (res == 0) {
-            *outl = outsz;
+            *outl = (int)outsz;
             return 1;
         }
         else {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
index 3246de0f..834d9890 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_kyber.c
@@ -548,7 +548,7 @@ int wc_KyberKey_Decapsulate(KyberKey* key, unsigned char* ss,
  * @param  [in]       in   Buffer holding encoded key.
  * @param  [in]       len  Length of data in buffer.
  * @return  0 on success.
- * @return  BAD_FUNC_ARG when key ot in is NULL.
+ * @return  BAD_FUNC_ARG when key or in is NULL.
  * @return  NOT_COMPILED_IN when key type is not supported.
  * @return  BUFFER_E when len is not the correct size.
  */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c
new file mode 100644
index 00000000..a5155076
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_lms.c
@@ -0,0 +1,972 @@
+/* ext_lms.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+#include <wolfssl/wolfcrypt/ext_lms.h>
+
+#ifdef NO_INLINE
+    #include <wolfssl/wolfcrypt/misc.h>
+#else
+    #define WOLFSSL_MISC_INCLUDED
+    #include <wolfcrypt/src/misc.c>
+#endif
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+/* If built against hss_lib_thread.a, the hash-sigs lib will spawn
+ * worker threads to parallelize cpu intensive tasks. This will mainly
+ * speedup key generation and signing, and to a lesser extent
+ * verifying for larger levels values.
+ *
+ * Their default max is 16 worker threads, but can be capped with
+ * hss_extra_info_set_threads(). To be safe we are capping at 4 here.
+ * */
+#define EXT_LMS_MAX_THREADS (4)
+
+/* The hash-sigs hss_generate_private_key API requires a generate_random
+ * callback that only has output and length args. The RNG struct must be global
+ * to the function. Maybe there should be a wc_LmsKey_SetRngCb. */
+static THREAD_LS_T WC_RNG * LmsRng = NULL;
+
+static bool LmsGenerateRand(void * output, size_t length)
+{
+    int ret = 0;
+
+    if (output == NULL || LmsRng == NULL) {
+        return false;
+    }
+
+    if (length == 0) {
+        return true;
+    }
+
+    ret = wc_RNG_GenerateBlock(LmsRng, output, (word32) length);
+
+    if (ret) {
+        WOLFSSL_MSG("error: LmsGenerateRand failed");
+        return false;
+    }
+
+    return true;
+}
+
+/* Write callback passed into hash-sigs hss lib.
+ *
+ * Returns true on success. */
+static bool LmsWritePrivKey(unsigned char *private_key,
+                            size_t len_private_key, void *lmsKey)
+{
+    LmsKey *      key = (LmsKey *) lmsKey;
+    enum wc_LmsRc ret = WC_LMS_RC_NONE;
+
+    if (private_key == NULL || key == NULL || len_private_key <= 0) {
+        WOLFSSL_MSG("error: LmsWritePrivKey: invalid args");
+        return false;
+    }
+
+    if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
+       /* The LmsKey is not ready for writing. */
+        WOLFSSL_MSG("error: LmsWritePrivKey: LMS key not in writeable state");
+        return false;
+    }
+
+    if (key->write_private_key == NULL) {
+        WOLFSSL_MSG("error: LmsWritePrivKey: LMS key write callback not set");
+        key->state = WC_LMS_STATE_BAD;
+        return false;
+    }
+
+    /* Use write callback that saves private key to non-volatile storage. */
+    ret = key->write_private_key(private_key, (word32)len_private_key,
+                                 key->context);
+
+    if (ret != WC_LMS_RC_SAVED_TO_NV_MEMORY) {
+        WOLFSSL_MSG("error: LmsKey write_private_key failed");
+        WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
+        key->state = WC_LMS_STATE_BAD;
+        return false;
+    }
+
+    return true;
+}
+
+/* Read callback passed into hash-sigs hss lib.
+ *
+ * Returns true on success. */
+static bool LmsReadPrivKey(unsigned char *private_key,
+                           size_t len_private_key, void *lmsKey)
+{
+    LmsKey *      key = (LmsKey *) lmsKey;
+    enum wc_LmsRc ret = WC_LMS_RC_NONE;
+
+    if (private_key == NULL || key == NULL || len_private_key <= 0) {
+        WOLFSSL_MSG("error: LmsReadPrivKey: invalid args");
+        return false;
+    }
+
+    if (key->state != WC_LMS_STATE_PARMSET && key->state != WC_LMS_STATE_OK) {
+       /* The LmsKey is not ready for reading. */
+        WOLFSSL_MSG("error: LmsReadPrivKey: LMS key not in readable state");
+        return false;
+    }
+
+    if (key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: LmsReadPrivKey: LMS key read callback not set");
+        key->state = WC_LMS_STATE_BAD;
+        return false;
+    }
+
+    /* Use read callback that reads private key from non-volatile storage. */
+    ret = key->read_private_key(private_key, (word32)len_private_key,
+                                key->context);
+
+    if (ret != WC_LMS_RC_READ_TO_MEMORY) {
+        WOLFSSL_MSG("error: LmsKey read_private_key failed");
+        WOLFSSL_MSG(wc_LmsKey_RcToStr(ret));
+        key->state = WC_LMS_STATE_BAD;
+        return false;
+    }
+
+    return true;
+}
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+
+const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm)
+{
+    switch (lmsParm) {
+    case WC_LMS_PARM_NONE:
+        return "LMS_NONE";
+
+    case WC_LMS_PARM_L1_H15_W2:
+        return "LMS/HSS L1_H15_W2";
+
+    case WC_LMS_PARM_L1_H15_W4:
+        return "LMS/HSS L1_H15_W4";
+
+    case WC_LMS_PARM_L2_H10_W2:
+        return "LMS/HSS L2_H10_W2";
+
+    case WC_LMS_PARM_L2_H10_W4:
+        return "LMS/HSS L2_H10_W4";
+
+    case WC_LMS_PARM_L2_H10_W8:
+        return "LMS/HSS L2_H10_W8";
+
+    case WC_LMS_PARM_L3_H5_W2:
+        return "LMS/HSS L3_H5_W2";
+
+    case WC_LMS_PARM_L3_H5_W4:
+        return "LMS/HSS L3_H5_W4";
+
+    case WC_LMS_PARM_L3_H5_W8:
+        return "LMS/HSS L3_H5_W8";
+
+    case WC_LMS_PARM_L3_H10_W4:
+        return "LMS/HSS L3_H10_W4";
+
+    case WC_LMS_PARM_L4_H5_W8:
+        return "LMS/HSS L4_H5_W8";
+
+    default:
+        WOLFSSL_MSG("error: invalid LMS parameter");
+        break;
+    }
+
+    return "LMS_INVALID";
+}
+
+const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsEc)
+{
+    switch (lmsEc) {
+    case WC_LMS_RC_NONE:
+        return "LMS_RC_NONE";
+
+    case WC_LMS_RC_BAD_ARG:
+        return "LMS_RC_BAD_ARG";
+
+    case WC_LMS_RC_WRITE_FAIL:
+        return "LMS_RC_WRITE_FAIL";
+
+    case WC_LMS_RC_READ_FAIL:
+        return "LMS_RC_READ_FAIL";
+
+    case WC_LMS_RC_SAVED_TO_NV_MEMORY:
+        return "LMS_RC_SAVED_TO_NV_MEMORY";
+
+    case WC_LMS_RC_READ_TO_MEMORY:
+        return "LMS_RC_READ_TO_MEMORY";
+
+    default:
+        WOLFSSL_MSG("error: invalid LMS error code");
+        break;
+    }
+
+    return "LMS_RC_INVALID";
+}
+
+/* Init an LMS key.
+ *
+ * Call this before setting the params of an LMS key.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_Init(LmsKey * key, void * heap, int devId)
+{
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    (void) heap;
+    (void) devId;
+
+    ForceZero(key, sizeof(LmsKey));
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+    hss_init_extra_info(&key->info);
+    /* Set the max number of worker threads that hash-sigs can spawn. */
+    hss_extra_info_set_threads(&key->info, EXT_LMS_MAX_THREADS);
+
+    key->working_key = NULL;
+    key->write_private_key = NULL;
+    key->read_private_key = NULL;
+    key->context = NULL;
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+    key->state = WC_LMS_STATE_INITED;
+
+    return 0;
+}
+
+/* Set the wc_LmsParm of an LMS key.
+ *
+ * Use this if you wish to set a key with a predefined parameter set,
+ * such as WC_LMS_PARM_L2_H10_W8.
+ *
+ * Key must be inited before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm)
+{
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* If NONE is passed, default to the lowest predefined set. */
+    switch (lmsParm) {
+    case WC_LMS_PARM_NONE:
+    case WC_LMS_PARM_L1_H15_W2:
+        return wc_LmsKey_SetParameters(key, 1, 15, 2);
+
+    case WC_LMS_PARM_L1_H15_W4:
+        return wc_LmsKey_SetParameters(key, 1, 15, 4);
+
+    case WC_LMS_PARM_L2_H10_W2:
+        return wc_LmsKey_SetParameters(key, 2, 10, 2);
+
+    case WC_LMS_PARM_L2_H10_W4:
+        return wc_LmsKey_SetParameters(key, 2, 10, 4);
+
+    case WC_LMS_PARM_L2_H10_W8:
+        return wc_LmsKey_SetParameters(key, 2, 10, 8);
+
+    case WC_LMS_PARM_L3_H5_W2:
+        return wc_LmsKey_SetParameters(key, 3, 5, 2);
+
+    case WC_LMS_PARM_L3_H5_W4:
+        return wc_LmsKey_SetParameters(key, 3, 5, 4);
+
+    case WC_LMS_PARM_L3_H5_W8:
+        return wc_LmsKey_SetParameters(key, 3, 5, 8);
+
+    case WC_LMS_PARM_L3_H10_W4:
+        return wc_LmsKey_SetParameters(key, 3, 10, 4);
+
+    case WC_LMS_PARM_L4_H5_W8:
+        return wc_LmsKey_SetParameters(key, 4, 5, 8);
+
+    default:
+        WOLFSSL_MSG("error: invalid LMS parameter set");
+        break;
+    }
+
+    return BAD_FUNC_ARG;
+}
+
+/* Set the parameters of an LMS key.
+ *
+ * Use this if you wish to set specific parameters not found in the
+ * wc_LmsParm predefined sets. See comments in lms.h for allowed
+ * parameters.
+ *
+ * Key must be inited before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetParameters(LmsKey * key, int levels, int height,
+    int winternitz)
+{
+    int         i = 0;
+    param_set_t lm = LMS_SHA256_N32_H5;
+    param_set_t ots = LMOTS_SHA256_N32_W1;
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_LMS_STATE_INITED) {
+        WOLFSSL_MSG("error: LmsKey needs init");
+        return -1;
+    }
+
+    /* Verify inputs make sense.
+     *
+     * Note: there does not seem to be a define for min or
+     * max Winternitz integer in hash-sigs lib or RFC8554. */
+
+    if (levels < MIN_HSS_LEVELS || levels > MAX_HSS_LEVELS) {
+        WOLFSSL_MSG("error: invalid level parameter");
+        return BAD_FUNC_ARG;
+    }
+
+    if (height < MIN_MERKLE_HEIGHT || height > MAX_MERKLE_HEIGHT) {
+        WOLFSSL_MSG("error: invalid height parameter");
+        return BAD_FUNC_ARG;
+    }
+
+    switch (height) {
+    case 5:
+        lm = LMS_SHA256_N32_H5;
+        break;
+    case 10:
+        lm = LMS_SHA256_N32_H10;
+        break;
+    case 15:
+        lm = LMS_SHA256_N32_H15;
+        break;
+    case 20:
+        lm = LMS_SHA256_N32_H20;
+        break;
+    case 25:
+        lm = LMS_SHA256_N32_H25;
+        break;
+    default:
+        WOLFSSL_MSG("error: invalid height parameter");
+        return BAD_FUNC_ARG;
+    }
+
+    switch (winternitz) {
+    case 1:
+        ots = LMOTS_SHA256_N32_W1;
+        break;
+    case 2:
+        ots = LMOTS_SHA256_N32_W2;
+        break;
+    case 4:
+        ots = LMOTS_SHA256_N32_W4;
+        break;
+    case 8:
+        ots = LMOTS_SHA256_N32_W8;
+        break;
+    default:
+        WOLFSSL_MSG("error: invalid winternitz parameter");
+        return BAD_FUNC_ARG;
+    }
+
+    key->levels = levels;
+
+    for (i = 0; i < levels; ++i) {
+        key->lm_type[i] = lm;
+        key->lm_ots_type[i] = ots;
+    }
+
+    /* Move the state to params set.
+     * Key is ready for MakeKey or Reload. */
+    key->state = WC_LMS_STATE_PARMSET;
+
+    return 0;
+}
+
+/* Get the parameters of an LMS key.
+ *
+ * Key must be inited and parameters set before calling this.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_GetParameters(const LmsKey * key, int * levels, int * height,
+    int * winternitz)
+{
+    if (key == NULL || levels == NULL || height == NULL || winternitz == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* This shouldn't happen, but check the LmsKey parameters aren't invalid. */
+
+    if (key->levels < MIN_HSS_LEVELS || key->levels > MAX_HSS_LEVELS) {
+        WOLFSSL_MSG("error: LmsKey invalid level parameter");
+        return -1;
+    }
+
+    *levels = key->levels;
+
+    switch (key->lm_type[0]) {
+    case LMS_SHA256_N32_H5:
+        *height = 5;
+        break;
+    case LMS_SHA256_N32_H10:
+        *height = 10;
+        break;
+    case LMS_SHA256_N32_H15:
+        *height = 15;
+        break;
+    case LMS_SHA256_N32_H20:
+        *height = 20;
+        break;
+    case LMS_SHA256_N32_H25:
+        *height = 25;
+        break;
+    default:
+        WOLFSSL_MSG("error: LmsKey invalid height parameter");
+        return -1;
+    }
+
+    switch (key->lm_ots_type[0]) {
+    case LMOTS_SHA256_N32_W1:
+        *winternitz = 1;
+        break;
+    case LMOTS_SHA256_N32_W2:
+        *winternitz = 2;
+        break;
+    case LMOTS_SHA256_N32_W4:
+        *winternitz = 4;
+        break;
+    case LMOTS_SHA256_N32_W8:
+        *winternitz = 8;
+        break;
+    default:
+        WOLFSSL_MSG("error: LmsKey invalid winternitz parameter");
+        return -1;
+    }
+
+    return 0;
+}
+
+/* Frees the LMS key from memory.
+ *
+ * This does not affect the private key saved to non-volatile storage.
+ * */
+void wc_LmsKey_Free(LmsKey* key)
+{
+    if (key == NULL) {
+        return;
+    }
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+    if (key->working_key != NULL) {
+        hss_free_working_key(key->working_key);
+        key->working_key = NULL;
+    }
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+
+    ForceZero(key, sizeof(LmsKey));
+
+    key->state = WC_LMS_STATE_FREED;
+
+    return;
+}
+
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+/* Set the write private key callback to the LMS key structure.
+ *
+ * The callback must be able to write/update the private key to
+ * non-volatile storage.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetWriteCb(LmsKey * key, write_private_key_cb write_cb)
+{
+    if (key == NULL || write_cb == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Changing the write callback of an already working key is forbidden. */
+    if (key->state == WC_LMS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_LmsKey_SetWriteCb: key in use");
+        return -1;
+    }
+
+    key->write_private_key = write_cb;
+
+    return 0;
+}
+
+/* Set the read private key callback to the LMS key structure.
+ *
+ * The callback must be able to read the private key from
+ * non-volatile storage.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetReadCb(LmsKey * key, read_private_key_cb read_cb)
+{
+    if (key == NULL || read_cb == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Changing the read callback of an already working key is forbidden. */
+    if (key->state == WC_LMS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_LmsKey_SetReadCb: key in use");
+        return -1;
+    }
+
+    key->read_private_key = read_cb;
+
+    return 0;
+}
+
+/* Sets the context to be used by write and read callbacks.
+ *
+ * E.g. this could be a filename if the callbacks write/read to file.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_SetContext(LmsKey * key, void * context)
+{
+    if (key == NULL || context == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Setting context of an already working key is forbidden. */
+    if (key->state == WC_LMS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_LmsKey_SetContext: key in use");
+        return -1;
+    }
+
+    key->context = context;
+
+    return 0;
+}
+
+/* Make the LMS private/public key pair. The key must have its parameters
+ * set before calling this.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success.
+ * */
+int wc_LmsKey_MakeKey(LmsKey* key, WC_RNG * rng)
+{
+    bool result = true;
+
+    if (key == NULL || rng == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_LMS_STATE_PARMSET) {
+        WOLFSSL_MSG("error: LmsKey not ready for generation");
+        return -1;
+    }
+
+    if (key->write_private_key == NULL || key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
+        return -1;
+    }
+
+    if (key->context == NULL) {
+        WOLFSSL_MSG("error: LmsKey context is not set");
+        return -1;
+    }
+
+    LmsRng = rng;
+
+   /* TODO: The hash-sigs lib allows you to save variable length auxiliary
+    * data, which can be used to speed up key reloading when signing. The
+    * aux data can be 300B - 1KB in size.
+    *
+    * Not implemented at the moment.
+    *
+    * key->aux_data_len = hss_get_aux_data_len(AUX_DATA_MAX_LEN, key->levels,
+    *                                          key->lm_type,
+    *                                          key->lm_ots_type);
+    *
+    * key->aux_data = XMALLOC(key->aux_data_len, NULL,
+    *                         DYNAMIC_TYPE_TMP_BUFFER);
+    */
+
+    /* First generate the private key using the parameters and callbacks.
+     * If successful, private key will be saved to non-volatile storage,
+     * and the public key will be in memory. */
+    result = hss_generate_private_key(LmsGenerateRand, key->levels,
+                                      key->lm_type, key->lm_ots_type,
+                                      LmsWritePrivKey, key,
+                                      key->pub, sizeof(key->pub),
+                                      NULL, 0, &key->info);
+
+    if (!result) {
+        WOLFSSL_MSG("error: hss_generate_private_key failed");
+        key->state = WC_LMS_STATE_BAD;
+        return -1;
+    }
+
+    /* Once generated, now we must load the private key so we have
+     * an hss working key for signing operations. */
+    key->working_key = hss_load_private_key(LmsReadPrivKey, key,
+                                            0, NULL, 0, &key->info);
+
+    if (key->working_key == NULL) {
+        WOLFSSL_MSG("error: hss_load_private_key failed");
+        key->state = WC_LMS_STATE_BAD;
+        return -1;
+    }
+
+    /* This should not happen, but check just in case. */
+    if (wc_LmsKey_SigsLeft(key) == 0) {
+        WOLFSSL_MSG("error: generated LMS key signatures exhausted");
+        key->state = WC_LMS_STATE_NOSIGS;
+        return -1;
+    }
+
+    key->state = WC_LMS_STATE_OK;
+
+    return 0;
+}
+
+/* Reload a key that has been prepared with the appropriate params and
+ * data. Use this if you wish to resume signing with an existing key.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success. */
+int wc_LmsKey_Reload(LmsKey * key)
+{
+    bool result = true;
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_LMS_STATE_PARMSET) {
+        WOLFSSL_MSG("error: LmsKey not ready for reload");
+        return -1;
+    }
+
+    if (key->write_private_key == NULL || key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: LmsKey write/read callbacks are not set");
+        return -1;
+    }
+
+    if (key->context == NULL) {
+        WOLFSSL_MSG("error: LmsKey context is not set");
+        return -1;
+    }
+
+    key->working_key = hss_load_private_key(LmsReadPrivKey, key,
+                                            0, NULL, 0, &key->info);
+
+    if (key->working_key == NULL) {
+        WOLFSSL_MSG("error: hss_load_private_key failed");
+        key->state = WC_LMS_STATE_BAD;
+        return -1;
+    }
+
+    result = hss_get_parameter_set(&key->levels, key->lm_type,
+                                   key->lm_ots_type, LmsReadPrivKey, key);
+
+    if (!result) {
+        WOLFSSL_MSG("error: hss_get_parameter_set failed");
+        key->state = WC_LMS_STATE_BAD;
+        hss_free_working_key(key->working_key);
+        key->working_key = NULL;
+        return -1;
+    }
+
+    /* Double check the key actually has signatures left. */
+    if (wc_LmsKey_SigsLeft(key) == 0) {
+        WOLFSSL_MSG("error: reloaded LMS key signatures exhausted");
+        key->state = WC_LMS_STATE_NOSIGS;
+        return -1;
+    }
+
+    key->state = WC_LMS_STATE_OK;
+
+    return 0;
+}
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the private key length */
+int wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    *len = (word32) hss_get_private_key_len(key->levels, key->lm_type,
+                                            key->lm_ots_type);
+
+    return 0;
+}
+
+int wc_LmsKey_Sign(LmsKey* key, byte * sig, word32 * sigSz, const byte * msg,
+    int msgSz)
+{
+    bool   result = true;
+    size_t len = 0;
+
+    if (key == NULL || sig == NULL || sigSz == NULL || msg == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (msgSz <= 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state == WC_LMS_STATE_NOSIGS) {
+        WOLFSSL_MSG("error: LMS signatures exhausted");
+        return -1;
+    }
+    else if (key->state != WC_LMS_STATE_OK) {
+       /* The key had an error the last time it was used, and we
+        * can't guarantee its state. */
+        WOLFSSL_MSG("error: can't sign, LMS key not in good state");
+        return -1;
+    }
+
+    len = hss_get_signature_len(key->levels, key->lm_type, key->lm_ots_type);
+
+    if (len == 0) {
+        /* Key parameters are invalid. */
+        WOLFSSL_MSG("error: hss_get_signature_len failed");
+        key->state = WC_LMS_STATE_BAD;
+        return -1;
+    }
+
+    result = hss_generate_signature(key->working_key, LmsWritePrivKey,
+                                    key, (const void *) msg, msgSz,
+                                    sig, len, &key->info);
+
+    if (!result) {
+        if (wc_LmsKey_SigsLeft(key) == 0) {
+            WOLFSSL_MSG("error: LMS signatures exhausted");
+            key->state = WC_LMS_STATE_NOSIGS;
+            return -1;
+        }
+
+        WOLFSSL_MSG("error: hss_generate_signature failed");
+        key->state = WC_LMS_STATE_BAD;
+        return -1;
+    }
+
+    *sigSz = (word32) len;
+
+    return 0;
+}
+
+/* Returns 1 if there are signatures remaining.
+ * Returns 0 if available signatures are exhausted.
+ *
+ * Note: the number of remaining signatures is hidden behind an opaque
+ * pointer in the hash-sigs lib. We could add a counter here that is
+ * decremented on every signature. The number of available signatures
+ * grows as
+ *   N = 2 ** (levels * height)
+ * so it would need to be a big integer. */
+int wc_LmsKey_SigsLeft(LmsKey * key)
+{
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (hss_extra_info_test_last_signature(&key->info)) {
+        return 0;
+    }
+
+    return 1;
+}
+
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY*/
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the public key length */
+int wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    *len = (word32) hss_get_public_key_len(key->levels, key->lm_type,
+                                           key->lm_ots_type);
+
+    return 0;
+}
+
+/* Export a generated public key and parameter set from one LmsKey
+ * to another. Use this to prepare a signature verification LmsKey
+ * that is pub only.
+ *
+ * Though the public key is all that is used to verify signatures,
+ * the parameter set is needed to calculate the signature length
+ * before hand. */
+int wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc)
+{
+    if (keyDst == NULL || keySrc == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ForceZero(keyDst, sizeof(LmsKey));
+
+    XMEMCPY(keyDst->pub, keySrc->pub, sizeof(keySrc->pub));
+    XMEMCPY(keyDst->lm_type, keySrc->lm_type, sizeof(keySrc->lm_type));
+    XMEMCPY(keyDst->lm_ots_type, keySrc->lm_ots_type,
+            sizeof(keySrc->lm_ots_type));
+
+    keyDst->levels = keySrc->levels;
+
+    /* Mark this key as verify only, to prevent misuse. */
+    keyDst->state = WC_LMS_STATE_VERIFYONLY;
+
+    return 0;
+}
+
+/* Exports the raw LMS public key buffer from key to out buffer.
+ * The out buffer should be large enough to hold the public key, and
+ * outLen should indicate the size of the buffer.
+ *
+ * - Returns 0 on success, and sets outLen to LMS pubLen.
+ * - Returns BUFFER_E if outLen < LMS pubLen.
+ *
+ * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
+ * */
+int wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out, word32 * outLen)
+{
+    int    ret = 0;
+    word32 pubLen = 0;
+
+    if (key == NULL || out == NULL || outLen == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_LmsKey_GetPubLen(key, &pubLen);
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
+        return -1;
+    }
+
+    if (*outLen < pubLen) {
+        return BUFFER_E;
+    }
+
+    XMEMCPY(out, key->pub, pubLen);
+    *outLen = pubLen;
+
+    return 0;
+}
+
+/* Imports a raw public key buffer from in array to LmsKey key.
+ *
+ * The LMS parameters must be set first with wc_LmsKey_SetLmsParm or
+ * wc_LmsKey_SetParameters, and inLen must match the length returned
+ * by wc_LmsKey_GetPubLen.
+ *
+ * - Returns 0 on success.
+ * - Returns BUFFER_E if inlen != LMS pubLen.
+ *
+ * Call wc_LmsKey_GetPubLen beforehand to determine pubLen.
+ * */
+int wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in, word32 inLen)
+{
+    int    ret = 0;
+    word32 pubLen = 0;
+
+    if (key == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_LmsKey_GetPubLen(key, &pubLen);
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: wc_LmsKey_GetPubLen failed");
+        return -1;
+    }
+
+    if (inLen != pubLen) {
+        /* Something inconsistent. Parameters weren't set, or input
+         * pub key is wrong.*/
+        return BUFFER_E;
+    }
+
+    XMEMCPY(key->pub, in, pubLen);
+
+    return 0;
+}
+
+/* Given a levels, height, winternitz parameter set, determine
+ * the signature length.
+ *
+ * Call this before wc_LmsKey_Sign so you know the length of
+ * the required signature buffer. */
+int wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    *len = (word32) hss_get_signature_len(key->levels, key->lm_type,
+                                          key->lm_ots_type);
+
+    return 0;
+}
+
+int wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
+    const byte * msg, int msgSz)
+{
+    bool result = true;
+
+    if (key == NULL || sig == NULL || msg == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_LMS_VERIFY_ONLY
+    result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
+                                    sigSz, NULL);
+#else
+    result = hss_validate_signature(key->pub, (const void *) msg, msgSz, sig,
+                                    sigSz, &key->info);
+#endif
+
+
+    if (!result) {
+        WOLFSSL_MSG("error: hss_validate_signature failed");
+        return -1;
+    }
+
+    return 0;
+}
+
+#endif /* WOLFSSL_HAVE_LMS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c
new file mode 100644
index 00000000..b1e5e46d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ext_xmss.c
@@ -0,0 +1,981 @@
+/* ext_xmss.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/sha256.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+#include <wolfssl/wolfcrypt/ext_xmss.h>
+
+#ifdef NO_INLINE
+    #include <wolfssl/wolfcrypt/misc.h>
+#else
+    #define WOLFSSL_MISC_INCLUDED
+    #include <wolfcrypt/src/misc.c>
+#endif
+
+#include <xmss_callbacks.h>
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+static THREAD_LS_T WC_RNG * xmssRng = NULL;
+
+/* RNG callback used by xmss.
+ * */
+static int rng_cb(void * output, size_t length)
+{
+    int ret = 0;
+
+    if (output == NULL || xmssRng == NULL) {
+        return -1;
+    }
+
+    if (length == 0) {
+        return 0;
+    }
+
+    ret = wc_RNG_GenerateBlock(xmssRng, (byte *)output, (word32)length);
+
+    if (ret) {
+        WOLFSSL_MSG("error: XMSS rng_cb failed");
+        return -1;
+    }
+
+    return 0;
+}
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+
+/* SHA256 callback used by XMSS.
+ * */
+static int sha256_cb(const unsigned char *in, unsigned long long inlen,
+                     unsigned char *out)
+{
+    wc_Sha256 sha;
+
+    if (wc_InitSha256_ex(&sha, NULL, INVALID_DEVID) != 0) {
+        WOLFSSL_MSG("SHA256 Init failed");
+        return -1;
+    }
+
+    if (wc_Sha256Update(&sha, in, (word32) inlen) != 0) {
+        WOLFSSL_MSG("SHA256 Update failed");
+        return -1;
+    }
+
+    if (wc_Sha256Final(&sha, out) != 0) {
+        WOLFSSL_MSG("SHA256 Final failed");
+        wc_Sha256Free(&sha);
+        return -1;
+    }
+    wc_Sha256Free(&sha);
+
+    return 0;
+}
+
+/* Init an XMSS key.
+ *
+ * Call this before setting the params of an XMSS key.
+ *
+ *  key         [in]  The XMSS key to init.
+ *  heap        [in]  Unused.
+ *  devId       [in]  Unused.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ * */
+int wc_XmssKey_Init(XmssKey * key, void * heap, int devId)
+{
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    (void) heap;
+    (void) devId;
+
+    ForceZero(key, sizeof(XmssKey));
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+    key->sk = NULL;
+    key->sk_len = 0;
+    key->write_private_key = NULL;
+    key->read_private_key = NULL;
+    key->context = NULL;
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+    key->state = WC_XMSS_STATE_INITED;
+
+    return 0;
+}
+
+/* Sets the XMSS key parameters, given an OID.
+ *
+ * Note: XMSS and XMSS^MT parameter sets do have overlapping
+ * OIDs, therefore is_xmssmt is necessary to toggle.
+ *
+ *  key         [in]  The XMSS key to set.
+ *  OID         [in]  The XMSS parameter set OID.
+ *  is_xmssmt   [in]  1 The OID is assumed to be XMSS^MT.
+ *                    0 The OID is assumed to be XMSS.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on parse failure.
+ * */
+static int wc_XmssKey_SetOid(XmssKey * key, uint32_t oid, int is_xmssmt)
+{
+    int ret = 0;
+
+    if (key == NULL || oid == 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Parse the OID and load the XMSS params structure. */
+    if (is_xmssmt) {
+        ret = xmssmt_parse_oid(&key->params, oid);
+    }
+    else {
+        ret = xmss_parse_oid(&key->params, oid);
+    }
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: XMSS parse oid failed");
+        return -1;
+    }
+
+    /* Finally, sanity check that this is a supported parameter set.
+     *
+     * We are only supporting XMSS/XMSS^MT with SHA256 parameter sets
+     * that NIST SP 800-208 has standardized. See patched xmss-reference
+     * params.h for the defines. */
+    if (key->params.func != XMSS_SHA2 ||
+        key->params.n != XMSS_SHA256_N ||
+        key->params.padding_len != XMSS_SHA256_PADDING_LEN ||
+        key->params.wots_w != 16 ||
+        key->params.wots_len != XMSS_SHA256_WOTS_LEN) {
+        WOLFSSL_MSG("error: unsupported XMSS/XMSS^MT parameter set");
+        return -1;
+    }
+
+    ret = xmss_set_sha_cb(sha256_cb);
+    if (ret != 0) {
+        WOLFSSL_MSG("error: xmss_set_sha_cb failed");
+        return -1;
+    }
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+    ret = xmss_set_rng_cb(rng_cb);
+    if (ret != 0) {
+        WOLFSSL_MSG("error: xmss_set_rng_cb failed");
+        return -1;
+    }
+#endif
+
+    key->oid = oid;
+    key->is_xmssmt = is_xmssmt;
+    key->state = WC_XMSS_STATE_PARMSET;
+
+    return 0;
+}
+
+/* Set the XMSS key parameter string.
+ *
+ * The input string must be one of the supported param set names in
+ * the "Name" section from the table in wolfssl/wolfcrypt/xmss.h,
+ * e.g. "XMSS-SHA2_10_256" or "XMSSMT-SHA2_20/4_256".
+ *
+ *  key         [in]  The XMSS key to set.
+ *  str         [in]  The XMSS/XMSS^MT parameter string.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on failure.
+ * */
+int wc_XmssKey_SetParamStr(XmssKey * key, const char * str)
+{
+    int      ret = 0;
+    uint32_t oid = 0;
+    int      is_xmssmt = 0;
+
+    if (key == NULL || str == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_INITED) {
+        WOLFSSL_MSG("error: XMSS key needs init");
+        return BAD_FUNC_ARG;
+    }
+
+    switch(XSTRLEN(str)) {
+    case XMSS_NAME_LEN:
+        is_xmssmt = 0;
+        break;
+    case XMSSMT_NAME_MIN_LEN:
+    case XMSSMT_NAME_MAX_LEN:
+        is_xmssmt = 1;
+        break;
+    default:
+        WOLFSSL_MSG("error: XMSS param str invalid length");
+        return BAD_FUNC_ARG;
+    }
+
+    /* Convert XMSS param string to OID. */
+    if (is_xmssmt) {
+        ret = xmssmt_str_to_oid(&oid, str);
+    }
+    else {
+        ret = xmss_str_to_oid(&oid, str);
+    }
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: xmssmt_str_to_oid failed");
+        return -1;
+    }
+
+    return wc_XmssKey_SetOid(key, oid, is_xmssmt);
+}
+
+/* Force zeros and frees the XMSS key from memory.
+ *
+ * This does not touch the private key saved to non-volatile storage.
+ *
+ * This is the only function that frees the key->sk array.
+ *
+ *  key         [in]  The XMSS key.
+ *
+ *  returns     void
+ * */
+void wc_XmssKey_Free(XmssKey* key)
+{
+    if (key == NULL) {
+        return;
+    }
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+    if (key->sk != NULL) {
+        ForceZero(key->sk, key->sk_len);
+        XFREE(key->sk, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        key->sk = NULL;
+        key->sk_len = 0;
+    }
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+
+    ForceZero(key, sizeof(XmssKey));
+
+    key->state = WC_XMSS_STATE_FREED;
+
+    return;
+}
+
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+/* Sets the XMSS write private key callback.
+ *
+ * The callback must be able to write/update the private key to
+ * non-volatile storage.
+ *
+ *  key         [in]  The XMSS key.
+ *  write_cb    [in]  The write private key callback.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on failure.
+ * */
+int wc_XmssKey_SetWriteCb(XmssKey * key, write_private_key_cb write_cb)
+{
+    if (key == NULL || write_cb == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Changing the write callback of an already working key is forbidden. */
+    if (key->state == WC_XMSS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_XmssKey_SetWriteCb: key in use");
+        return -1;
+    }
+
+    key->write_private_key = write_cb;
+
+    return 0;
+}
+
+/* Sets the XMSS read private key callback.
+ *
+ * The callback must be able to read the private key from
+ * non-volatile storage.
+ *
+ *  key         [in]  The XMSS key.
+ *  read_cb     [in]  The read private key callback.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on failure.
+ * */
+int wc_XmssKey_SetReadCb(XmssKey * key, read_private_key_cb read_cb)
+{
+    if (key == NULL || read_cb == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Changing the read callback of an already working key is forbidden. */
+    if (key->state == WC_XMSS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_XmssKey_SetReadCb: key in use");
+        return -1;
+    }
+
+    key->read_private_key = read_cb;
+
+    return 0;
+}
+
+/* Sets the XMSS context to be used by write and read callbacks.
+ *
+ * E.g. this could be a filename if the callbacks write/read to file.
+ *
+ *  key         [in]  The XMSS key.
+ *  context     [in]  The context pointer.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on failure.
+ * */
+int wc_XmssKey_SetContext(XmssKey * key, void * context)
+{
+    if (key == NULL || context == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Setting context of an already working key is forbidden. */
+    if (key->state == WC_XMSS_STATE_OK) {
+        WOLFSSL_MSG("error: wc_XmssKey_SetContext: key in use");
+        return -1;
+    }
+
+    key->context = context;
+
+    return 0;
+}
+
+
+/* Allocates the XMSS secret key (sk) array.
+ *
+ * The XMSS/XMSS^MT secret key length is a function of the
+ * parameters, and can't be allocated until the param string
+ * has been set with SetParamStr.
+ *
+ * This is only called by MakeKey() and Reload().
+ *
+ * Note: the XMSS sk array is force zeroed after every use.
+ *
+ *  key         [in]  The XMSS key.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on failure.
+ * */
+static int wc_XmssKey_AllocSk(XmssKey* key)
+{
+    int ret = 0;
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->sk != NULL) {
+        WOLFSSL_MSG("error: XMSS secret key already exists");
+        return -1;
+    }
+
+    /* The XMSS/XMSS^MT secret key length is a function of the
+     * parameters. Therefore can't allocate this until param
+     * string has been set. */
+    ret = wc_XmssKey_GetPrivLen(key, &key->sk_len);
+
+    if (ret != 0 || key->sk_len <= 0) {
+        WOLFSSL_MSG("error: wc_XmssKey_GetPrivLen failed");
+        return -1;
+    }
+
+    key->sk = (unsigned char *)XMALLOC(key->sk_len, NULL,
+                                       DYNAMIC_TYPE_TMP_BUFFER);
+
+    if (key->sk == NULL) {
+        WOLFSSL_MSG("error: malloc XMSS key->sk failed");
+        return -1;
+    }
+
+    ForceZero(key->sk, key->sk_len);
+
+    return 0;
+}
+
+/* Make the XMSS/XMSS^MT private/public key pair. The key must have its parameters
+ * set before calling this.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * This function and Reload() are the only functions that allocate
+ * key->sk array. wc_XmssKey_FreeKey is the only function that
+ * deallocates key->sk.
+ *
+ *  key         [in]  The XMSS key to make.
+ *  rng         [in]  Initialized WC_RNG pointer.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on verify fail.
+ * */
+int wc_XmssKey_MakeKey(XmssKey* key, WC_RNG * rng)
+{
+    int            ret = 0;
+    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
+
+    if (key == NULL || rng == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_PARMSET) {
+        WOLFSSL_MSG("error: XmssKey not ready for generation");
+        return -1;
+    }
+
+    if (key->write_private_key == NULL || key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+        return -1;
+    }
+
+    if (key->context == NULL) {
+        WOLFSSL_MSG("error: XmssKey context is not set");
+        return -1;
+    }
+
+    /* Allocate sk array. */
+    ret = wc_XmssKey_AllocSk(key);
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    xmssRng = rng;
+
+    /* Finally make the secret public key pair. Immediately write it to NV
+     * storage and then clear from memory. */
+    if (key->is_xmssmt) {
+        ret = xmssmt_keypair(key->pk, key->sk, key->oid);
+    }
+    else {
+        ret = xmss_keypair(key->pk, key->sk, key->oid);
+    }
+
+    if (ret == 0) {
+        cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
+    }
+
+    ForceZero(key->sk, key->sk_len);
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: XMSS keypair failed");
+        key->state = WC_XMSS_STATE_BAD;
+        return -1;
+    }
+
+    if (cb_rc != WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
+        WOLFSSL_MSG("error: XMSS write to NV storage failed");
+        key->state = WC_XMSS_STATE_BAD;
+        return -1;
+    }
+
+    key->state = WC_XMSS_STATE_OK;
+
+    return 0;
+}
+
+/* This function allocates the secret key buffer, and does a
+ * quick sanity check to verify the secret key is readable
+ * from NV storage, and then force zeros the key from memory.
+ *
+ * On success it sets the key state to OK.
+ *
+ * Use this function to resume signing with an already existing
+ * XMSS key pair.
+ *
+ * Write/read callbacks, and context data, must be set prior.
+ * Key must have parameters set.
+ *
+ * Returns 0 on success.
+ *
+ * This function and MakeKey are the only functions that allocate
+ * key->sk array. wc_XmssKey_FreeKey is the only function that
+ * deallocates key->sk.
+ *
+ *  key         [in]      XMSS key to load.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on load fail.
+ * */
+int wc_XmssKey_Reload(XmssKey * key)
+{
+    int            ret = 0;
+    enum wc_XmssRc cb_rc = WC_XMSS_RC_NONE;
+
+    if (key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_PARMSET) {
+        WOLFSSL_MSG("error: XmssKey not ready for reload");
+        return -1;
+    }
+
+    if (key->write_private_key == NULL || key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+        return -1;
+    }
+
+    if (key->context == NULL) {
+        WOLFSSL_MSG("error: XmssKey context is not set");
+        return -1;
+    }
+
+    /* Allocate sk array. */
+    ret = wc_XmssKey_AllocSk(key);
+
+    if (ret != 0) {
+        return ret;
+    }
+
+    /* Read the current secret key from NV storage. Force clear it
+     * immediately. This is just to sanity check the secret key
+     * is readable from permanent storage. */
+    cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
+    ForceZero(key->sk, key->sk_len);
+
+    if (cb_rc != WC_XMSS_RC_READ_TO_MEMORY) {
+        WOLFSSL_MSG("error: XMSS read from NV storage failed");
+        key->state = WC_XMSS_STATE_BAD;
+        return -1;
+    }
+
+    key->state = WC_XMSS_STATE_OK;
+
+    return 0;
+}
+
+/* Gets the XMSS/XMSS^MT private key length.
+ *
+ * Parameters must be set before calling this, as the key size (sk_bytes)
+ * is a function of the parameters.
+ *
+ * Note: the XMSS/XMSS^MT private key format is implementation specific,
+ * and not standardized. Interoperability of XMSS private keys should
+ * not be expected.
+ *
+ *  key         [in]      The XMSS key.
+ *  len         [out]     The length of the private key in bytes.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on sign fail.
+ * */
+int wc_XmssKey_GetPrivLen(const XmssKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
+        /* params.sk_bytes not set yet. */
+        return -1;
+    }
+
+    *len = XMSS_OID_LEN + (word32) key->params.sk_bytes;
+
+    return 0;
+}
+
+/* Signs the message using the XMSS secret key, and
+ * updates the secret key on NV storage.
+ *
+ * Both operations must succeed to be considered
+ * successful.
+ *
+ * On success:  sets key state to WC_XMSS_STATE_OK.
+ * On failure:  sets key state to WC_XMSS_STATE_BAD
+ *
+ * If no signatures are left, sets state to WC_XMSS_STATE_NOSIGS.
+ */
+static void wc_XmssKey_SignUpdate(XmssKey* key, byte * sig, word32 * sigLen,
+    const byte * msg, int msgLen)
+{
+    int                ret = -1;
+    unsigned long long len = *sigLen;
+    enum wc_XmssRc     cb_rc = WC_XMSS_RC_NONE;
+
+    /* Set the key state to bad by default. State is presumed bad
+     * unless a correct sign and update operation happen together. */
+    key->state = WC_XMSS_STATE_BAD;
+    *sigLen = 0;
+
+    /* Read the current secret key from NV storage.*/
+    cb_rc = key->read_private_key(key->sk, key->sk_len, key->context);
+
+    if (cb_rc == WC_XMSS_RC_READ_TO_MEMORY) {
+        /* Read was good. Now sign and update the secret key in memory. */
+        if (key->is_xmssmt) {
+            ret = xmssmt_sign(key->sk, sig, &len, msg, msgLen);
+        }
+        else {
+            ret = xmss_sign(key->sk, sig, &len, msg, msgLen);
+        }
+
+        if (ret == 0 && len == key->params.sig_bytes) {
+            /* The signature succeeded. key->sk is now updated and must be
+             * committed to NV storage. */
+            cb_rc = key->write_private_key(key->sk, key->sk_len, key->context);
+
+            if (cb_rc == WC_XMSS_RC_SAVED_TO_NV_MEMORY) {
+                /* key->sk was successfully committed to NV storage. Set the
+                 * key state to OK, and set the sigLen. */
+                key->state = WC_XMSS_STATE_OK;
+                *sigLen = (word32) len;
+            }
+            else {
+                /* Write to NV storage failed. Erase the signature from
+                 * memory. */
+                ForceZero(sig, key->params.sig_bytes);
+                WOLFSSL_MSG("error: XMSS write_private_key failed");
+            }
+        }
+        else if (ret == -2) {
+            /* Signature space exhausted. */
+            key->state = WC_XMSS_STATE_NOSIGS;
+            WOLFSSL_MSG("error: no XMSS signatures remaining");
+        }
+        else {
+            /* Something failed or inconsistent in signature. Erase the
+             * signature just to be safe. */
+            ForceZero(sig, key->params.sig_bytes);
+            WOLFSSL_MSG("error: XMSS sign failed");
+        }
+    }
+    else {
+        /* Read from NV storage failed. */
+        WOLFSSL_MSG("error: XMSS read_private_key failed");
+    }
+
+    /* Force zero the secret key from memory always. */
+    ForceZero(key->sk, key->sk_len);
+
+    return;
+}
+
+/* Sign the message using the XMSS secret key.
+ *
+ *  key         [in]      XMSS key to use to sign.
+ *  sig         [in]      Buffer to write signature into.
+ *  sigLen      [in/out]  On in, size of buffer.
+ *                        On out, the length of the signature in bytes.
+ *  msg         [in]      Message to sign.
+ *  msgLen      [in]      Length of the message in bytes.
+ *
+ *  returns     0 on success.
+ *  returns     -1 on sign fail.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     BUFFER_E when sigLen is too small.
+ */
+int wc_XmssKey_Sign(XmssKey* key, byte * sig, word32 * sigLen, const byte * msg,
+    int msgLen)
+{
+    if (key == NULL || sig == NULL || sigLen == NULL || msg == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (msgLen <= 0) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (*sigLen < key->params.sig_bytes) {
+        /* Signature buffer too small. */
+        WOLFSSL_MSG("error: XMSS sig buffer too small");
+        return BUFFER_E;
+    }
+
+    if (key->state == WC_XMSS_STATE_NOSIGS) {
+        WOLFSSL_MSG("error: XMSS signatures exhausted");
+        return -1;
+    }
+    else if (key->state != WC_XMSS_STATE_OK) {
+       /* The key had an error the last time it was used, and we
+        * can't guarantee its state. */
+        WOLFSSL_MSG("error: can't sign, XMSS key not in good state");
+        return -1;
+    }
+
+    if (key->write_private_key == NULL || key->read_private_key == NULL) {
+        WOLFSSL_MSG("error: XmssKey write/read callbacks are not set");
+        return -1;
+    }
+
+    if (key->context == NULL) {
+        WOLFSSL_MSG("error: XmssKey context is not set");
+        return -1;
+    }
+
+    /* Finally, sign and update the secret key. */
+    wc_XmssKey_SignUpdate(key, sig, sigLen, msg, msgLen);
+
+    return (key->state == WC_XMSS_STATE_OK) ? 0 : -1;
+}
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY*/
+
+/* Get the XMSS/XMSS^MT public key length. The public key
+ * is static in size and does not depend on parameters,
+ * other than the choice of SHA256 as hashing function.
+ *
+ *  key         [in]      The XMSS key.
+ *  len         [out]     The length of the public key.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ */
+int wc_XmssKey_GetPubLen(const XmssKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    *len = XMSS_SHA256_PUBLEN;
+
+    return 0;
+}
+
+/* Export a generated public key and parameter set from one XmssKey
+ * to another. Use this to prepare a signature verification XmssKey
+ * that is pub only.
+ *
+ *  keyDst      [out]    Destination key for copy.
+ *  keySrc      [in]     Source key for copy.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ * */
+int wc_XmssKey_ExportPub(XmssKey * keyDst, const XmssKey * keySrc)
+{
+    if (keyDst == NULL || keySrc == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ForceZero(keyDst, sizeof(XmssKey));
+
+    XMEMCPY(keyDst->pk, keySrc->pk, sizeof(keySrc->pk));
+
+    keyDst->oid = keySrc->oid;
+    keyDst->is_xmssmt = keySrc->is_xmssmt;
+
+    /* Mark keyDst as verify only, to prevent misuse. */
+    keyDst->state = WC_XMSS_STATE_VERIFYONLY;
+
+    return 0;
+}
+
+/* Exports the raw XMSS public key buffer from key to out buffer.
+ * The out buffer should be large enough to hold the public key, and
+ * outLen should indicate the size of the buffer.
+ *
+ *  key         [in]      XMSS key.
+ *  out         [out]     Array holding public key.
+ *  outLen      [in/out]  On in, size of buffer.
+ *                        On out, the length of the public key.
+ *
+ *  returns     0 on success.
+ *  returns     -1 on failure.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     BUFFER_E if array is too small.
+ * */
+int wc_XmssKey_ExportPubRaw(const XmssKey * key, byte * out, word32 * outLen)
+{
+    int    ret = 0;
+    word32 pubLen = 0;
+
+    if (key == NULL || out == NULL || outLen == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    ret = wc_XmssKey_GetPubLen(key, &pubLen);
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
+        return -1;
+    }
+
+    if (*outLen < pubLen) {
+        return BUFFER_E;
+    }
+
+    XMEMCPY(out, key->pk, pubLen);
+    *outLen = pubLen;
+
+    return 0;
+}
+
+/* Imports a raw public key buffer from in array to XmssKey key.
+ *
+ * The XMSS parameters must be set first with wc_XmssKey_SetParamStr,
+ * and inLen must match the length returned by wc_XmssKey_GetPubLen.
+ *
+ *  key         [in]      XMSS key.
+ *  in          [in]      Array holding public key.
+ *  inLen       [in]      Length of array in bytes.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     BUFFER_E if array is incorrect size.
+ *  returns     -1 on failure.
+ * */
+int wc_XmssKey_ImportPubRaw(XmssKey * key, const byte * in, word32 inLen)
+{
+    int    ret = 0;
+    word32 pubLen = 0;
+
+    if (key == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_PARMSET) {
+        /* XMSS key not ready for import. Param str must be set first. */
+        WOLFSSL_MSG("error: XMSS key not ready for import");
+        return -1;
+    }
+
+    ret = wc_XmssKey_GetPubLen(key, &pubLen);
+
+    if (ret != 0) {
+        WOLFSSL_MSG("error: wc_XmssKey_GetPubLen failed");
+        return -1;
+    }
+
+    if (inLen != pubLen) {
+        /* Something inconsistent. Parameters weren't set, or input
+         * pub key is wrong.*/
+        return BUFFER_E;
+    }
+
+    XMEMCPY(key->pk, in, pubLen);
+
+    key->state = WC_XMSS_STATE_VERIFYONLY;
+
+    return 0;
+}
+
+/* Gets the XMSS/XMSS^MT signature length.
+ *
+ * Parameters must be set before calling this, as the signature size
+ * is a function of the parameters.
+ *
+ * Note: call this before wc_XmssKey_Sign or Verify so you know the
+ * length of the required signature buffer.
+ *
+ *  key         [in]      XMSS key to use to sign.
+ *  len         [out]     The length of the signature in bytes.
+ *
+ *  returns     0 on success.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     -1 on sign fail.
+ * */
+int wc_XmssKey_GetSigLen(const XmssKey * key, word32 * len)
+{
+    if (key == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (key->state != WC_XMSS_STATE_OK && key->state != WC_XMSS_STATE_PARMSET) {
+        return -1;
+    }
+
+    *len = key->params.sig_bytes;
+
+    return 0;
+}
+
+/* Verify the signature using the XMSS public key.
+ *
+ * Requires that XMSS parameters have been set with
+ * wc_XmssKey_SetParamStr, and that a public key is available
+ * from importing or MakeKey().
+ *
+ * Call wc_XmssKey_GetSigLen() before this function to determine
+ * length of the signature buffer.
+ *
+ *  key         [in]  XMSS key to use to verify.
+ *  sig         [in]  Signature to verify.
+ *  sigLen      [in]  Size of signature in bytes.
+ *  msg         [in]  Message to verify.
+ *  msgLen      [in]  Length of the message in bytes.
+ *
+ *  returns     0 on success.
+ *  returns     -1 on verify fail.
+ *  returns     BAD_FUNC_ARG when a parameter is NULL.
+ *  returns     BUFFER_E when sigLen is too small.
+ */
+int wc_XmssKey_Verify(XmssKey * key, const byte * sig, word32 sigLen,
+    const byte * msg, int msgLen)
+{
+    int                ret = 0;
+    unsigned long long msg_len = 0;
+
+    msg_len = msgLen;
+
+    if (key == NULL || sig == NULL || msg == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (sigLen < key->params.sig_bytes) {
+        /* Signature buffer too small. */
+        return BUFFER_E;
+    }
+
+    if (key->state != WC_XMSS_STATE_OK &&
+        key->state != WC_XMSS_STATE_VERIFYONLY) {
+        /* XMSS key not ready for verification. Param str must be
+         * set first, and Reload() called. */
+        WOLFSSL_MSG("error: XMSS key not ready for verification");
+        return -1;
+    }
+
+    if (key->is_xmssmt) {
+        ret = xmssmt_sign_open(msg, &msg_len, sig, sigLen, key->pk);
+    }
+    else {
+        ret = xmss_sign_open(msg, &msg_len, sig, sigLen, key->pk);
+    }
+
+    if (ret != 0 || (int) msg_len != msgLen) {
+        WOLFSSL_MSG("error: XMSS verify failed");
+        return -1;
+    }
+
+    return ret;
+}
+
+#endif /* WOLFSSL_HAVE_XMSS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
index cbc305d2..73853b79 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_448.c
@@ -167,7 +167,7 @@ void fe448_sub(word8* r, const word8* a, const word8* b)
     }
 }
 
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -192,7 +192,7 @@ void fe448_mul39081(word8* r, const word8* a)
     }
 }
 
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -448,7 +448,7 @@ void fe448_neg(word8* r, const word8* a)
 }
 
 /* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to exponentiate.
@@ -609,62 +609,62 @@ void fe448_to_bytes(unsigned char* b, const sword64* a)
                       in4  += o; t = o << 56; in7  -= (sword64)t;
 
     /* Output as bytes */
-    b[ 0] = (in0  >>  0);
-    b[ 1] = (in0  >>  8);
-    b[ 2] = (in0  >> 16);
-    b[ 3] = (in0  >> 24);
-    b[ 4] = (in0  >> 32);
-    b[ 5] = (in0  >> 40);
-    b[ 6] = (in0  >> 48);
-    b[ 7] = (in1  >>  0);
-    b[ 8] = (in1  >>  8);
-    b[ 9] = (in1  >> 16);
-    b[10] = (in1  >> 24);
-    b[11] = (in1  >> 32);
-    b[12] = (in1  >> 40);
-    b[13] = (in1  >> 48);
-    b[14] = (in2  >>  0);
-    b[15] = (in2  >>  8);
-    b[16] = (in2  >> 16);
-    b[17] = (in2  >> 24);
-    b[18] = (in2  >> 32);
-    b[19] = (in2  >> 40);
-    b[20] = (in2  >> 48);
-    b[21] = (in3  >>  0);
-    b[22] = (in3  >>  8);
-    b[23] = (in3  >> 16);
-    b[24] = (in3  >> 24);
-    b[25] = (in3  >> 32);
-    b[26] = (in3  >> 40);
-    b[27] = (in3  >> 48);
-    b[28] = (in4  >>  0);
-    b[29] = (in4  >>  8);
-    b[30] = (in4  >> 16);
-    b[31] = (in4  >> 24);
-    b[32] = (in4  >> 32);
-    b[33] = (in4  >> 40);
-    b[34] = (in4  >> 48);
-    b[35] = (in5  >>  0);
-    b[36] = (in5  >>  8);
-    b[37] = (in5  >> 16);
-    b[38] = (in5  >> 24);
-    b[39] = (in5  >> 32);
-    b[40] = (in5  >> 40);
-    b[41] = (in5  >> 48);
-    b[42] = (in6  >>  0);
-    b[43] = (in6  >>  8);
-    b[44] = (in6  >> 16);
-    b[45] = (in6  >> 24);
-    b[46] = (in6  >> 32);
-    b[47] = (in6  >> 40);
-    b[48] = (in6  >> 48);
-    b[49] = (in7  >>  0);
-    b[50] = (in7  >>  8);
-    b[51] = (in7  >> 16);
-    b[52] = (in7  >> 24);
-    b[53] = (in7  >> 32);
-    b[54] = (in7  >> 40);
-    b[55] = (in7  >> 48);
+    b[ 0] = (byte)(in0  >>  0);
+    b[ 1] = (byte)(in0  >>  8);
+    b[ 2] = (byte)(in0  >> 16);
+    b[ 3] = (byte)(in0  >> 24);
+    b[ 4] = (byte)(in0  >> 32);
+    b[ 5] = (byte)(in0  >> 40);
+    b[ 6] = (byte)(in0  >> 48);
+    b[ 7] = (byte)(in1  >>  0);
+    b[ 8] = (byte)(in1  >>  8);
+    b[ 9] = (byte)(in1  >> 16);
+    b[10] = (byte)(in1  >> 24);
+    b[11] = (byte)(in1  >> 32);
+    b[12] = (byte)(in1  >> 40);
+    b[13] = (byte)(in1  >> 48);
+    b[14] = (byte)(in2  >>  0);
+    b[15] = (byte)(in2  >>  8);
+    b[16] = (byte)(in2  >> 16);
+    b[17] = (byte)(in2  >> 24);
+    b[18] = (byte)(in2  >> 32);
+    b[19] = (byte)(in2  >> 40);
+    b[20] = (byte)(in2  >> 48);
+    b[21] = (byte)(in3  >>  0);
+    b[22] = (byte)(in3  >>  8);
+    b[23] = (byte)(in3  >> 16);
+    b[24] = (byte)(in3  >> 24);
+    b[25] = (byte)(in3  >> 32);
+    b[26] = (byte)(in3  >> 40);
+    b[27] = (byte)(in3  >> 48);
+    b[28] = (byte)(in4  >>  0);
+    b[29] = (byte)(in4  >>  8);
+    b[30] = (byte)(in4  >> 16);
+    b[31] = (byte)(in4  >> 24);
+    b[32] = (byte)(in4  >> 32);
+    b[33] = (byte)(in4  >> 40);
+    b[34] = (byte)(in4  >> 48);
+    b[35] = (byte)(in5  >>  0);
+    b[36] = (byte)(in5  >>  8);
+    b[37] = (byte)(in5  >> 16);
+    b[38] = (byte)(in5  >> 24);
+    b[39] = (byte)(in5  >> 32);
+    b[40] = (byte)(in5  >> 40);
+    b[41] = (byte)(in5  >> 48);
+    b[42] = (byte)(in6  >>  0);
+    b[43] = (byte)(in6  >>  8);
+    b[44] = (byte)(in6  >> 16);
+    b[45] = (byte)(in6  >> 24);
+    b[46] = (byte)(in6  >> 32);
+    b[47] = (byte)(in6  >> 40);
+    b[48] = (byte)(in6  >> 48);
+    b[49] = (byte)(in7  >>  0);
+    b[50] = (byte)(in7  >>  8);
+    b[51] = (byte)(in7  >> 16);
+    b[52] = (byte)(in7  >> 24);
+    b[53] = (byte)(in7  >> 32);
+    b[54] = (byte)(in7  >> 40);
+    b[55] = (byte)(in7  >> 48);
 }
 
 /* Set the field element to 0.
@@ -788,7 +788,7 @@ void fe448_sub(sword64* r, const sword64* a, const sword64* b)
     r[7] = a[7] - b[7];
 }
 
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -826,7 +826,7 @@ void fe448_mul39081(sword64* r, const sword64* a)
     r[7] = (sword64)t7;
 }
 
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -1087,8 +1087,8 @@ int curve448(byte* r, const byte* n, const byte* a)
     for (i = 447; i >= 0; --i) {
         unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
         swap ^= b;
-        fe448_cswap(x2, x3, swap);
-        fe448_cswap(z2, z3, swap);
+        fe448_cswap(x2, x3, (int)swap);
+        fe448_cswap(z2, z3, (int)swap);
         swap = b;
 
         /* Montgomery Ladder - double and add */
@@ -1172,7 +1172,7 @@ void fe448_neg(sword64* r, const sword64* a)
 }
 
 /* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to exponentiate.
@@ -1434,62 +1434,62 @@ void fe448_to_bytes(unsigned char* b, const sword32* a)
                       in8  += o; t = o << 28; in15 -= (sword32)t;
 
     /* Output as bytes */
-    b[ 0] = (in0  >>  0);
-    b[ 1] = (in0  >>  8);
-    b[ 2] = (in0  >> 16);
-    b[ 3] = (in0  >> 24) + ((in1  >>  0) <<  4);
-    b[ 4] = (in1  >>  4);
-    b[ 5] = (in1  >> 12);
-    b[ 6] = (in1  >> 20);
-    b[ 7] = (in2  >>  0);
-    b[ 8] = (in2  >>  8);
-    b[ 9] = (in2  >> 16);
-    b[10] = (in2  >> 24) + ((in3  >>  0) <<  4);
-    b[11] = (in3  >>  4);
-    b[12] = (in3  >> 12);
-    b[13] = (in3  >> 20);
-    b[14] = (in4  >>  0);
-    b[15] = (in4  >>  8);
-    b[16] = (in4  >> 16);
-    b[17] = (in4  >> 24) + ((in5  >>  0) <<  4);
-    b[18] = (in5  >>  4);
-    b[19] = (in5  >> 12);
-    b[20] = (in5  >> 20);
-    b[21] = (in6  >>  0);
-    b[22] = (in6  >>  8);
-    b[23] = (in6  >> 16);
-    b[24] = (in6  >> 24) + ((in7  >>  0) <<  4);
-    b[25] = (in7  >>  4);
-    b[26] = (in7  >> 12);
-    b[27] = (in7  >> 20);
-    b[28] = (in8  >>  0);
-    b[29] = (in8  >>  8);
-    b[30] = (in8  >> 16);
-    b[31] = (in8  >> 24) + ((in9  >>  0) <<  4);
-    b[32] = (in9  >>  4);
-    b[33] = (in9  >> 12);
-    b[34] = (in9  >> 20);
-    b[35] = (in10 >>  0);
-    b[36] = (in10 >>  8);
-    b[37] = (in10 >> 16);
-    b[38] = (in10 >> 24) + ((in11 >>  0) <<  4);
-    b[39] = (in11 >>  4);
-    b[40] = (in11 >> 12);
-    b[41] = (in11 >> 20);
-    b[42] = (in12 >>  0);
-    b[43] = (in12 >>  8);
-    b[44] = (in12 >> 16);
-    b[45] = (in12 >> 24) + ((in13 >>  0) <<  4);
-    b[46] = (in13 >>  4);
-    b[47] = (in13 >> 12);
-    b[48] = (in13 >> 20);
-    b[49] = (in14 >>  0);
-    b[50] = (in14 >>  8);
-    b[51] = (in14 >> 16);
-    b[52] = (in14 >> 24) + ((in15 >>  0) <<  4);
-    b[53] = (in15 >>  4);
-    b[54] = (in15 >> 12);
-    b[55] = (in15 >> 20);
+    b[ 0] = (byte)(in0  >>  0);
+    b[ 1] = (byte)(in0  >>  8);
+    b[ 2] = (byte)(in0  >> 16);
+    b[ 3] = (byte)(in0  >> 24) + ((in1  >>  0) <<  4);
+    b[ 4] = (byte)(in1  >>  4);
+    b[ 5] = (byte)(in1  >> 12);
+    b[ 6] = (byte)(in1  >> 20);
+    b[ 7] = (byte)(in2  >>  0);
+    b[ 8] = (byte)(in2  >>  8);
+    b[ 9] = (byte)(in2  >> 16);
+    b[10] = (byte)(in2  >> 24) + ((in3  >>  0) <<  4);
+    b[11] = (byte)(in3  >>  4);
+    b[12] = (byte)(in3  >> 12);
+    b[13] = (byte)(in3  >> 20);
+    b[14] = (byte)(in4  >>  0);
+    b[15] = (byte)(in4  >>  8);
+    b[16] = (byte)(in4  >> 16);
+    b[17] = (byte)(in4  >> 24) + ((in5  >>  0) <<  4);
+    b[18] = (byte)(in5  >>  4);
+    b[19] = (byte)(in5  >> 12);
+    b[20] = (byte)(in5  >> 20);
+    b[21] = (byte)(in6  >>  0);
+    b[22] = (byte)(in6  >>  8);
+    b[23] = (byte)(in6  >> 16);
+    b[24] = (byte)(in6  >> 24) + ((in7  >>  0) <<  4);
+    b[25] = (byte)(in7  >>  4);
+    b[26] = (byte)(in7  >> 12);
+    b[27] = (byte)(in7  >> 20);
+    b[28] = (byte)(in8  >>  0);
+    b[29] = (byte)(in8  >>  8);
+    b[30] = (byte)(in8  >> 16);
+    b[31] = (byte)(in8  >> 24) + ((in9  >>  0) <<  4);
+    b[32] = (byte)(in9  >>  4);
+    b[33] = (byte)(in9  >> 12);
+    b[34] = (byte)(in9  >> 20);
+    b[35] = (byte)(in10 >>  0);
+    b[36] = (byte)(in10 >>  8);
+    b[37] = (byte)(in10 >> 16);
+    b[38] = (byte)(in10 >> 24) + ((in11 >>  0) <<  4);
+    b[39] = (byte)(in11 >>  4);
+    b[40] = (byte)(in11 >> 12);
+    b[41] = (byte)(in11 >> 20);
+    b[42] = (byte)(in12 >>  0);
+    b[43] = (byte)(in12 >>  8);
+    b[44] = (byte)(in12 >> 16);
+    b[45] = (byte)(in12 >> 24) + ((in13 >>  0) <<  4);
+    b[46] = (byte)(in13 >>  4);
+    b[47] = (byte)(in13 >> 12);
+    b[48] = (byte)(in13 >> 20);
+    b[49] = (byte)(in14 >>  0);
+    b[50] = (byte)(in14 >>  8);
+    b[51] = (byte)(in14 >> 16);
+    b[52] = (byte)(in14 >> 24) + ((in15 >>  0) <<  4);
+    b[53] = (byte)(in15 >>  4);
+    b[54] = (byte)(in15 >> 12);
+    b[55] = (byte)(in15 >> 20);
 }
 
 /* Set the field element to 0.
@@ -1699,7 +1699,7 @@ void fe448_reduce(sword32* a)
     o = a[15] >> 28; a[0]  += (sword32)o;
                      a[8]  += (sword32)o; a[15] -= (sword32)(o << 28);
 }
-/* Mulitply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
+/* Multiply a field element by 39081. r = (39081 * a) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -1761,7 +1761,7 @@ void fe448_mul39081(sword32* r, const sword32* a)
     r[15] = (sword32)t15;
 }
 
-/* Mulitply two field elements. r = a * b
+/* Multiply two field elements. r = a * b
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -1891,7 +1891,7 @@ static WC_INLINE void fe448_mul_8(sword32* r, const sword32* a, const sword32* b
     r[15] = (sword32)t15;
 }
 
-/* Mulitply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
+/* Multiply two field elements. r = (a * b) mod (2^448 - 2^224 - 1)
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to multiply.
@@ -2178,8 +2178,8 @@ int curve448(byte* r, const byte* n, const byte* a)
     for (i = 447; i >= 0; --i) {
         unsigned int b = (n[i >> 3] >> (i & 7)) & 1;
         swap ^= b;
-        fe448_cswap(x2, x3, swap);
-        fe448_cswap(z2, z3, swap);
+        fe448_cswap(x2, x3, (int)swap);
+        fe448_cswap(z2, z3, (int)swap);
         swap = b;
 
         /* Montgomery Ladder - double and add */
@@ -2271,7 +2271,7 @@ void fe448_neg(sword32* r, const sword32* a)
 }
 
 /* Raise field element to (p-3) / 4: 2^446 - 2^222 - 1
- * Used for calcualting y-ordinate from x-ordinate for Ed448.
+ * Used for calculating y-ordinate from x-ordinate for Ed448.
  *
  * r  [in]  Field element to hold result.
  * a  [in]  Field element to exponentiate.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
index 2cc2c5fd..7f6192ac 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/fe_x25519_asm.S
@@ -1,5 +1,5 @@
-/* fe_x25519_asm
- *
+/* fe_x25519_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
@@ -116,17 +116,6 @@ L_fe_init_get_flags:
         movq	%rax, _fe_mul121666_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_sq2_avx2@GOTPCREL(%rip), %rax
-#else
-        leaq	_fe_sq2_avx2(%rip), %rax
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-        movq	fe_sq2_p@GOTPCREL(%rip), %rdx
-        movq	%rax, (%rdx)
-#else
-        movq	%rax, _fe_sq2_p(%rip)
-#endif /* __APPLE__ */
-#ifndef __APPLE__
         movq	fe_invert_avx2@GOTPCREL(%rip), %rax
 #else
         leaq	_fe_invert_avx2(%rip), %rax
@@ -148,6 +137,18 @@ L_fe_init_get_flags:
 #else
         movq	%rax, _curve25519_p(%rip)
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+        movq	fe_sq2_avx2@GOTPCREL(%rip), %rax
+#else
+        leaq	_fe_sq2_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        movq	fe_sq2_p@GOTPCREL(%rip), %rdx
+        movq	%rax, (%rdx)
+#else
+        movq	%rax, _fe_sq2_p(%rip)
+#endif /* __APPLE__ */
 #ifndef __APPLE__
         movq	fe_pow22523_avx2@GOTPCREL(%rip), %rax
 #else
@@ -160,82 +161,105 @@ L_fe_init_get_flags:
         movq	%rax, _fe_pow22523_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_to_p2_avx2@GOTPCREL(%rip), %rax
+        movq	ge_p1p1_to_p2_avx2@GOTPCREL(%rip), %rax
+#else
+        leaq	_ge_p1p1_to_p2_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        movq	ge_p1p1_to_p2_p@GOTPCREL(%rip), %rdx
+        movq	%rax, (%rdx)
+#else
+        movq	%rax, _ge_p1p1_to_p2_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        movq	ge_p1p1_to_p3_avx2@GOTPCREL(%rip), %rax
+#else
+        leaq	_ge_p1p1_to_p3_avx2(%rip), %rax
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        movq	ge_p1p1_to_p3_p@GOTPCREL(%rip), %rdx
+        movq	%rax, (%rdx)
+#else
+        movq	%rax, _ge_p1p1_to_p3_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        movq	ge_p2_dbl_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_to_p2_avx2(%rip), %rax
+        leaq	_ge_p2_dbl_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_to_p2_p@GOTPCREL(%rip), %rdx
+        movq	ge_p2_dbl_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_to_p2_p(%rip)
+        movq	%rax, _ge_p2_dbl_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_to_p3_avx2@GOTPCREL(%rip), %rax
+        movq	ge_madd_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_to_p3_avx2(%rip), %rax
+        leaq	_ge_madd_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_to_p3_p@GOTPCREL(%rip), %rdx
+        movq	ge_madd_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_to_p3_p(%rip)
+        movq	%rax, _ge_madd_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_dbl_avx2@GOTPCREL(%rip), %rax
+        movq	ge_msub_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_dbl_avx2(%rip), %rax
+        leaq	_ge_msub_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_dbl_p@GOTPCREL(%rip), %rdx
+        movq	ge_msub_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_dbl_p(%rip)
+        movq	%rax, _ge_msub_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_madd_avx2@GOTPCREL(%rip), %rax
+        movq	ge_add_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_madd_avx2(%rip), %rax
+        leaq	_ge_add_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_madd_p@GOTPCREL(%rip), %rdx
+        movq	ge_add_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_madd_p(%rip)
+        movq	%rax, _ge_add_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_msub_avx2@GOTPCREL(%rip), %rax
+        movq	ge_sub_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_msub_avx2(%rip), %rax
+        leaq	_ge_sub_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_msub_p@GOTPCREL(%rip), %rdx
+        movq	ge_sub_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_msub_p(%rip)
+        movq	%rax, _ge_sub_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_add_avx2@GOTPCREL(%rip), %rax
+        movq	sc_reduce_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_add_avx2(%rip), %rax
+        leaq	_sc_reduce_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_add_p@GOTPCREL(%rip), %rdx
+        movq	sc_reduce_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_add_p(%rip)
+        movq	%rax, _sc_reduce_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_sub_avx2@GOTPCREL(%rip), %rax
+        movq	sc_muladd_avx2@GOTPCREL(%rip), %rax
 #else
-        leaq	_fe_ge_sub_avx2(%rip), %rax
+        leaq	_sc_muladd_avx2(%rip), %rax
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        movq	fe_ge_sub_p@GOTPCREL(%rip), %rdx
+        movq	sc_muladd_p@GOTPCREL(%rip), %rdx
         movq	%rax, (%rdx)
 #else
-        movq	%rax, _fe_ge_sub_p(%rip)
+        movq	%rax, _sc_muladd_p(%rip)
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
 L_fe_init_flags_done:
 #ifndef __APPLE__
         movq	cpuFlagsSet@GOTPCREL(%rip), %rdx
@@ -400,21 +424,19 @@ _fe_sub:
         movq	16(%rsi), %r8
         movq	24(%rsi), %r9
         subq	(%rdx), %rax
-        movq	$0x00, %r10
         sbbq	8(%rdx), %rcx
-        movq	$-19, %r11
         sbbq	16(%rdx), %r8
-        movq	$0x7fffffffffffffff, %r12
         sbbq	24(%rdx), %r9
-        sbbq	$0x00, %r10
-        #   Mask the modulus
-        andq	%r10, %r11
-        andq	%r10, %r12
+        sbbq	%r11, %r11
+        shldq	$0x01, %r9, %r11
+        movq	$0x7fffffffffffffff, %r12
+        imulq	$-19, %r11
+        andq	%r12, %r9
         #   Add modulus (if underflow)
-        addq	%r11, %rax
-        adcq	%r10, %rcx
-        adcq	%r10, %r8
-        adcq	%r12, %r9
+        subq	%r11, %rax
+        sbbq	$0x00, %rcx
+        sbbq	$0x00, %r8
+        sbbq	$0x00, %r9
         movq	%rax, (%rdi)
         movq	%rcx, 8(%rdi)
         movq	%r8, 16(%rdi)
@@ -443,21 +465,20 @@ _fe_add:
         addq	(%rdx), %rax
         movq	16(%rsi), %r8
         adcq	8(%rdx), %rcx
-        movq	24(%rsi), %r10
+        movq	24(%rsi), %r9
         adcq	16(%rdx), %r8
-        movq	$-19, %r11
-        adcq	24(%rdx), %r10
+        adcq	24(%rdx), %r9
+        movq	$0x00, %r11
+        adcq	$0x00, %r11
+        shldq	$0x01, %r9, %r11
         movq	$0x7fffffffffffffff, %r12
-        movq	%r10, %r9
-        sarq	$63, %r10
-        #   Mask the modulus
-        andq	%r10, %r11
-        andq	%r10, %r12
+        imulq	$19, %r11
+        andq	%r12, %r9
         #   Sub modulus (if overflow)
-        subq	%r11, %rax
-        sbbq	%r10, %rcx
-        sbbq	%r10, %r8
-        sbbq	%r12, %r9
+        addq	%r11, %rax
+        adcq	$0x00, %rcx
+        adcq	$0x00, %r8
+        adcq	$0x00, %r9
         movq	%rax, (%rdi)
         movq	%rcx, 8(%rdi)
         movq	%r8, 16(%rdi)
@@ -943,26 +964,6 @@ _fe_mul121666:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_sq2
-.type	fe_sq2,@function
-.align	16
-fe_sq2:
-#else
-.section	__TEXT,__text
-.globl	_fe_sq2
-.p2align	4
-_fe_sq2:
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-        jmpq	*fe_sq2_p(%rip)
-#else
-        jmpq	*_fe_sq2_p(%rip)
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.size	fe_sq2,.-fe_sq2
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
 .globl	fe_invert
 .type	fe_invert,@function
 .align	16
@@ -1001,6 +1002,30 @@ _curve25519:
 #ifndef __APPLE__
 .size	curve25519,.-curve25519
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl	fe_sq2
+.type	fe_sq2,@function
+.align	16
+fe_sq2:
+#else
+.section	__TEXT,__text
+.globl	_fe_sq2
+.p2align	4
+_fe_sq2:
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        jmpq	*fe_sq2_p(%rip)
+#else
+        jmpq	*_fe_sq2_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size	fe_sq2,.-fe_sq2
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
 .globl	fe_pow22523
@@ -1021,147 +1046,207 @@ _fe_pow22523:
 #ifndef __APPLE__
 .size	fe_pow22523,.-fe_pow22523
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p2
-.type	fe_ge_to_p2,@function
+.globl	ge_p1p1_to_p2
+.type	ge_p1p1_to_p2,@function
 .align	16
-fe_ge_to_p2:
+ge_p1p1_to_p2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p2
+.globl	_ge_p1p1_to_p2
 .p2align	4
-_fe_ge_to_p2:
+_ge_p1p1_to_p2:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_to_p2_p(%rip)
+        jmpq	*ge_p1p1_to_p2_p(%rip)
 #else
-        jmpq	*_fe_ge_to_p2_p(%rip)
+        jmpq	*_ge_p1p1_to_p2_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_to_p2,.-fe_ge_to_p2
+.size	ge_p1p1_to_p2,.-ge_p1p1_to_p2
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p3
-.type	fe_ge_to_p3,@function
+.globl	ge_p1p1_to_p3
+.type	ge_p1p1_to_p3,@function
 .align	16
-fe_ge_to_p3:
+ge_p1p1_to_p3:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p3
+.globl	_ge_p1p1_to_p3
 .p2align	4
-_fe_ge_to_p3:
+_ge_p1p1_to_p3:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_to_p3_p(%rip)
+        jmpq	*ge_p1p1_to_p3_p(%rip)
 #else
-        jmpq	*_fe_ge_to_p3_p(%rip)
+        jmpq	*_ge_p1p1_to_p3_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_to_p3,.-fe_ge_to_p3
+.size	ge_p1p1_to_p3,.-ge_p1p1_to_p3
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_dbl
-.type	fe_ge_dbl,@function
+.globl	ge_p2_dbl
+.type	ge_p2_dbl,@function
 .align	16
-fe_ge_dbl:
+ge_p2_dbl:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_dbl
+.globl	_ge_p2_dbl
 .p2align	4
-_fe_ge_dbl:
+_ge_p2_dbl:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_dbl_p(%rip)
+        jmpq	*ge_p2_dbl_p(%rip)
 #else
-        jmpq	*_fe_ge_dbl_p(%rip)
+        jmpq	*_ge_p2_dbl_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_dbl,.-fe_ge_dbl
+.size	ge_p2_dbl,.-ge_p2_dbl
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_madd
-.type	fe_ge_madd,@function
+.globl	ge_madd
+.type	ge_madd,@function
 .align	16
-fe_ge_madd:
+ge_madd:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_madd
+.globl	_ge_madd
 .p2align	4
-_fe_ge_madd:
+_ge_madd:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_madd_p(%rip)
+        jmpq	*ge_madd_p(%rip)
 #else
-        jmpq	*_fe_ge_madd_p(%rip)
+        jmpq	*_ge_madd_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_madd,.-fe_ge_madd
+.size	ge_madd,.-ge_madd
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_msub
-.type	fe_ge_msub,@function
+.globl	ge_msub
+.type	ge_msub,@function
 .align	16
-fe_ge_msub:
+ge_msub:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_msub
+.globl	_ge_msub
 .p2align	4
-_fe_ge_msub:
+_ge_msub:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_msub_p(%rip)
+        jmpq	*ge_msub_p(%rip)
 #else
-        jmpq	*_fe_ge_msub_p(%rip)
+        jmpq	*_ge_msub_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_msub,.-fe_ge_msub
+.size	ge_msub,.-ge_msub
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_add
-.type	fe_ge_add,@function
+.globl	ge_add
+.type	ge_add,@function
 .align	16
-fe_ge_add:
+ge_add:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_add
+.globl	_ge_add
 .p2align	4
-_fe_ge_add:
+_ge_add:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_add_p(%rip)
+        jmpq	*ge_add_p(%rip)
 #else
-        jmpq	*_fe_ge_add_p(%rip)
+        jmpq	*_ge_add_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_add,.-fe_ge_add
+.size	ge_add,.-ge_add
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
-.globl	fe_ge_sub
-.type	fe_ge_sub,@function
+.globl	ge_sub
+.type	ge_sub,@function
 .align	16
-fe_ge_sub:
+ge_sub:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_sub
+.globl	_ge_sub
 .p2align	4
-_fe_ge_sub:
+_ge_sub:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-        jmpq	*fe_ge_sub_p(%rip)
+        jmpq	*ge_sub_p(%rip)
 #else
-        jmpq	*_fe_ge_sub_p(%rip)
+        jmpq	*_ge_sub_p(%rip)
 #endif /* __APPLE__ */
 #ifndef __APPLE__
-.size	fe_ge_sub,.-fe_ge_sub
+.size	ge_sub,.-ge_sub
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl	sc_reduce
+.type	sc_reduce,@function
+.align	16
+sc_reduce:
+#else
+.section	__TEXT,__text
+.globl	_sc_reduce
+.p2align	4
+_sc_reduce:
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+        jmpq	*sc_reduce_p(%rip)
+#else
+        jmpq	*_sc_reduce_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size	sc_reduce,.-sc_reduce
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl	sc_muladd
+.type	sc_muladd,@function
+.align	16
+sc_muladd:
+#else
+.section	__TEXT,__text
+.globl	_sc_muladd
+.p2align	4
+_sc_muladd:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
+        jmpq	*sc_muladd_p(%rip)
+#else
+        jmpq	*_sc_muladd_p(%rip)
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.size	sc_muladd,.-sc_muladd
+#endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
+#endif /* HAVE_ED25519 */
+#ifndef __APPLE__
 .data
 .type	cpuFlagsSet, @object
 .size	cpuFlagsSet,4
@@ -1223,18 +1308,6 @@ _fe_mul121666_p:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_sq2_p, @object
-.size	fe_sq2_p,8
-fe_sq2_p:
-	.quad	fe_sq2_x64
-#else
-.section	__DATA,__data
-.p2align	2
-_fe_sq2_p:
-	.quad	_fe_sq2_x64
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.data
 .type	fe_invert_p, @object
 .size	fe_invert_p,8
 fe_invert_p:
@@ -1257,6 +1330,19 @@ curve25519_p:
 _curve25519_p:
 	.quad	_curve25519_x64
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.data
+.type	fe_sq2_p, @object
+.size	fe_sq2_p,8
+fe_sq2_p:
+	.quad	fe_sq2_x64
+#else
+.section	__DATA,__data
+.p2align	2
+_fe_sq2_p:
+	.quad	_fe_sq2_x64
+#endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
 .type	fe_pow22523_p, @object
@@ -1271,88 +1357,113 @@ _fe_pow22523_p:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_to_p2_p, @object
-.size	fe_ge_to_p2_p,8
-fe_ge_to_p2_p:
-	.quad	fe_ge_to_p2_x64
+.type	ge_p1p1_to_p2_p, @object
+.size	ge_p1p1_to_p2_p,8
+ge_p1p1_to_p2_p:
+	.quad	ge_p1p1_to_p2_x64
+#else
+.section	__DATA,__data
+.p2align	2
+_ge_p1p1_to_p2_p:
+	.quad	_ge_p1p1_to_p2_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.data
+.type	ge_p1p1_to_p3_p, @object
+.size	ge_p1p1_to_p3_p,8
+ge_p1p1_to_p3_p:
+	.quad	ge_p1p1_to_p3_x64
+#else
+.section	__DATA,__data
+.p2align	2
+_ge_p1p1_to_p3_p:
+	.quad	_ge_p1p1_to_p3_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.data
+.type	ge_p2_dbl_p, @object
+.size	ge_p2_dbl_p,8
+ge_p2_dbl_p:
+	.quad	ge_p2_dbl_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_to_p2_p:
-	.quad	_fe_ge_to_p2_x64
+_ge_p2_dbl_p:
+	.quad	_ge_p2_dbl_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_to_p3_p, @object
-.size	fe_ge_to_p3_p,8
-fe_ge_to_p3_p:
-	.quad	fe_ge_to_p3_x64
+.type	ge_madd_p, @object
+.size	ge_madd_p,8
+ge_madd_p:
+	.quad	ge_madd_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_to_p3_p:
-	.quad	_fe_ge_to_p3_x64
+_ge_madd_p:
+	.quad	_ge_madd_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_dbl_p, @object
-.size	fe_ge_dbl_p,8
-fe_ge_dbl_p:
-	.quad	fe_ge_dbl_x64
+.type	ge_msub_p, @object
+.size	ge_msub_p,8
+ge_msub_p:
+	.quad	ge_msub_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_dbl_p:
-	.quad	_fe_ge_dbl_x64
+_ge_msub_p:
+	.quad	_ge_msub_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_madd_p, @object
-.size	fe_ge_madd_p,8
-fe_ge_madd_p:
-	.quad	fe_ge_madd_x64
+.type	ge_add_p, @object
+.size	ge_add_p,8
+ge_add_p:
+	.quad	ge_add_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_madd_p:
-	.quad	_fe_ge_madd_x64
+_ge_add_p:
+	.quad	_ge_add_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_msub_p, @object
-.size	fe_ge_msub_p,8
-fe_ge_msub_p:
-	.quad	fe_ge_msub_x64
+.type	ge_sub_p, @object
+.size	ge_sub_p,8
+ge_sub_p:
+	.quad	ge_sub_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_msub_p:
-	.quad	_fe_ge_msub_x64
+_ge_sub_p:
+	.quad	_ge_sub_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_add_p, @object
-.size	fe_ge_add_p,8
-fe_ge_add_p:
-	.quad	fe_ge_add_x64
+.type	sc_reduce_p, @object
+.size	sc_reduce_p,8
+sc_reduce_p:
+	.quad	sc_reduce_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_add_p:
-	.quad	_fe_ge_add_x64
+_sc_reduce_p:
+	.quad	_sc_reduce_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .data
-.type	fe_ge_sub_p, @object
-.size	fe_ge_sub_p,8
-fe_ge_sub_p:
-	.quad	fe_ge_sub_x64
+.type	sc_muladd_p, @object
+.size	sc_muladd_p,8
+sc_muladd_p:
+	.quad	sc_muladd_x64
 #else
 .section	__DATA,__data
 .p2align	2
-_fe_ge_sub_p:
-	.quad	_fe_ge_sub_x64
+_sc_muladd_p:
+	.quad	_sc_muladd_x64
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
 #ifndef __APPLE__
 .text
 .globl	fe_mul_x64
@@ -1470,55 +1581,43 @@ _fe_mul_x64:
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbx
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %r8
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbx, %r8
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
+        movq	$0x7fffffffffffffff, %rbx
+        movq	%r11, %rax
+        sarq	$63, %rax
+        andq	$19, %rax
         andq	%rbx, %r11
         addq	%rax, %r8
         adcq	$0x00, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
@@ -1621,55 +1720,43 @@ _fe_sq_x64:
         addq	%r15, %r12
         adcq	$0x00, %r13
         adcq	$0x00, %r14
-        # Reduce
+        movq	$38, %rax
+        mulq	%r14
+        addq	%rax, %r10
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %r15
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        shldq	$0x01, %r10, %r11
+        shldq	$0x01, %r10, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%r15, %r10
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %r15
+        movq	$38, %rax
         mulq	%r11
         xorq	%r11, %r11
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r11
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %r8
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
         adcq	%rdx, %r13
-        mulq	%r14
-        #  Add remaining product results in
-        addq	%r11, %r8
+        addq	%r15, %rcx
+        adcq	%r11, %r8
         adcq	%r12, %r9
         adcq	%r13, %r10
-        adcq	%rax, %r10
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r10, %rdx
-        imulq	$19, %rdx, %rax
+        movq	$0x7fffffffffffffff, %r15
+        movq	%r10, %rax
+        sarq	$63, %rax
+        andq	$19, %rax
         andq	%r15, %r10
         addq	%rax, %rcx
         adcq	$0x00, %r8
         adcq	$0x00, %r9
         adcq	$0x00, %r10
-        # Reduce if top bit set
-        movq	%r10, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%r15, %r10
-        addq	%rdx, %rcx
-        adcq	$0x00, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
         # Store
         movq	%rcx, (%rdi)
         movq	%r8, 8(%rdi)
@@ -1774,55 +1861,34 @@ L_fe_sq_n_x64:
         addq	%rbx, %r13
         adcq	$0x00, %r14
         adcq	$0x00, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbx
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %r8
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbx, %r8
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
@@ -1892,169 +1958,6 @@ _fe_mul121666_x64:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_sq2_x64
-.type	fe_sq2_x64,@function
-.align	16
-fe_sq2_x64:
-#else
-.section	__TEXT,__text
-.globl	_fe_sq2_x64
-.p2align	4
-_fe_sq2_x64:
-#endif /* __APPLE__ */
-        pushq	%r12
-        pushq	%r13
-        pushq	%r14
-        pushq	%r15
-        pushq	%rbx
-        # Square * 2
-        #  A[0] * A[1]
-        movq	(%rsi), %rax
-        mulq	8(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
-        #  A[0] * A[2]
-        movq	(%rsi), %rax
-        mulq	16(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[0] * A[3]
-        movq	(%rsi), %rax
-        mulq	24(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * A[2]
-        movq	8(%rsi), %rax
-        mulq	16(%rsi)
-        xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[1] * A[3]
-        movq	8(%rsi), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        #  A[2] * A[3]
-        movq	16(%rsi), %rax
-        mulq	24(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r12
-        adcq	%rdx, %r13
-        # Double
-        xorq	%r14, %r14
-        addq	%r8, %r8
-        adcq	%r9, %r9
-        adcq	%r10, %r10
-        adcq	%r11, %r11
-        adcq	%r12, %r12
-        adcq	%r13, %r13
-        adcq	$0x00, %r14
-        #  A[0] * A[0]
-        movq	(%rsi), %rax
-        mulq	%rax
-        movq	%rax, %rcx
-        movq	%rdx, %r15
-        #  A[1] * A[1]
-        movq	8(%rsi), %rax
-        mulq	%rax
-        addq	%r15, %r8
-        adcq	%rax, %r9
-        adcq	$0x00, %rdx
-        movq	%rdx, %r15
-        #  A[2] * A[2]
-        movq	16(%rsi), %rax
-        mulq	%rax
-        addq	%r15, %r10
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        movq	%rdx, %r15
-        #  A[3] * A[3]
-        movq	24(%rsi), %rax
-        mulq	%rax
-        addq	%rax, %r13
-        adcq	%rdx, %r14
-        addq	%r15, %r12
-        adcq	$0x00, %r13
-        adcq	$0x00, %r14
-        # Reduce
-        movq	$0x7fffffffffffffff, %rbx
-        xorq	%rax, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$3, %r14, %rax
-        shldq	$2, %r13, %r14
-        shldq	$2, %r12, %r13
-        shldq	$2, %r11, %r12
-        shldq	$2, %r10, %r11
-        shldq	$0x01, %r9, %r10
-        shldq	$0x01, %r8, %r9
-        shldq	$0x01, %rcx, %r8
-        shlq	$0x01, %rcx
-        andq	%rbx, %r10
-        #  Two out left, one in right
-        andq	%rbx, %r14
-        #  Multiply top bits by 19*19
-        imulq	$0x169, %rax, %r15
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r11
-        xorq	%r11, %r11
-        addq	%rax, %rcx
-        movq	$19, %rax
-        adcq	%rdx, %r11
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
-        mulq	%r14
-        #  Add remaining produce results in
-        addq	%r15, %rcx
-        adcq	%r11, %r8
-        adcq	%r12, %r9
-        adcq	%r13, %r10
-        adcq	%rax, %r10
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r10, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbx, %r10
-        addq	%rax, %rcx
-        adcq	$0x00, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        # Reduce if top bit set
-        movq	%r10, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r10
-        addq	%rdx, %rcx
-        adcq	$0x00, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        # Store
-        movq	%rcx, (%rdi)
-        movq	%r8, 8(%rdi)
-        movq	%r9, 16(%rdi)
-        movq	%r10, 24(%rdi)
-        popq	%rbx
-        popq	%r15
-        popq	%r14
-        popq	%r13
-        popq	%r12
-        repz retq
-#ifndef __APPLE__
-.size	fe_sq2_x64,.-fe_sq2_x64
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
 .globl	fe_invert_x64
 .type	fe_invert_x64,@function
 .align	16
@@ -2328,9 +2231,9 @@ _curve25519_x64:
         pushq	%rbx
         pushq	%rbp
         movq	%rdx, %r8
-        subq	$0xb8, %rsp
+        subq	$0xb0, %rsp
         xorq	%rbx, %rbx
-        movq	%rdi, 176(%rsp)
+        movq	%rdi, 168(%rsp)
         # Set one
         movq	$0x01, (%rdi)
         movq	$0x00, 8(%rdi)
@@ -2355,12 +2258,12 @@ _curve25519_x64:
         movq	%r9, 72(%rsp)
         movq	%r10, 80(%rsp)
         movq	%r11, 88(%rsp)
-        movb	$62, 168(%rsp)
-        movq	$3, 160(%rsp)
-L_curve25519_x64_words:
+        movq	$0xfe, %r9
 L_curve25519_x64_bits:
-        movq	160(%rsp), %r9
-        movb	168(%rsp), %cl
+        movq	%r9, 160(%rsp)
+        movq	%r9, %rcx
+        andq	$63, %rcx
+        shrq	$6, %r9
         movq	(%rsi,%r9,8), %rbp
         shrq	%cl, %rbp
         andq	$0x01, %rbp
@@ -2409,48 +2312,45 @@ L_curve25519_x64_bits:
         xorq	%r10, 48(%rsp)
         xorq	%r11, 56(%rsp)
         movq	%rbp, %rbx
+        # Add-Sub
         # Add
         movq	(%rdi), %rcx
         movq	8(%rdi), %r9
         movq	16(%rdi), %r10
-        movq	24(%rdi), %rbp
+        movq	24(%rdi), %r11
         movq	%rcx, %r12
         addq	(%rsp), %rcx
         movq	%r9, %r13
         adcq	8(%rsp), %r9
         movq	%r10, %r14
         adcq	16(%rsp), %r10
-        movq	%rbp, %r15
-        adcq	24(%rsp), %rbp
-        movq	$-19, %rax
-        movq	%rbp, %r11
+        movq	%r11, %r15
+        adcq	24(%rsp), %r11
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r11, %rax
         movq	$0x7fffffffffffffff, %rdx
-        sarq	$63, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r11
         #   Sub modulus (if overflow)
-        subq	%rax, %rcx
-        sbbq	%rbp, %r9
-        sbbq	%rbp, %r10
-        sbbq	%rdx, %r11
+        addq	%rax, %rcx
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
         # Sub
         subq	(%rsp), %r12
-        movq	$0x00, %rbp
         sbbq	8(%rsp), %r13
-        movq	$-19, %rax
         sbbq	16(%rsp), %r14
-        movq	$0x7fffffffffffffff, %rdx
         sbbq	24(%rsp), %r15
-        sbbq	$0x00, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        sbbq	%rax, %rax
+        shldq	$0x01, %r15, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %r15
         #   Add modulus (if underflow)
-        addq	%rax, %r12
-        adcq	%rbp, %r13
-        adcq	%rbp, %r14
-        adcq	%rdx, %r15
+        subq	%rax, %r12
+        sbbq	$0x00, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
         movq	%rcx, (%rdi)
         movq	%r9, 8(%rdi)
         movq	%r10, 16(%rdi)
@@ -2459,204 +2359,180 @@ L_curve25519_x64_bits:
         movq	%r13, 136(%rsp)
         movq	%r14, 144(%rsp)
         movq	%r15, 152(%rsp)
+        # Add-Sub
         # Add
         movq	64(%rsp), %rcx
         movq	72(%rsp), %r9
         movq	80(%rsp), %r10
-        movq	88(%rsp), %rbp
+        movq	88(%rsp), %r11
         movq	%rcx, %r12
         addq	32(%rsp), %rcx
         movq	%r9, %r13
         adcq	40(%rsp), %r9
         movq	%r10, %r14
         adcq	48(%rsp), %r10
-        movq	%rbp, %r15
-        adcq	56(%rsp), %rbp
-        movq	$-19, %rax
-        movq	%rbp, %r11
+        movq	%r11, %r15
+        adcq	56(%rsp), %r11
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r11, %rax
         movq	$0x7fffffffffffffff, %rdx
-        sarq	$63, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r11
         #   Sub modulus (if overflow)
-        subq	%rax, %rcx
-        sbbq	%rbp, %r9
-        sbbq	%rbp, %r10
-        sbbq	%rdx, %r11
+        addq	%rax, %rcx
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
         # Sub
         subq	32(%rsp), %r12
-        movq	$0x00, %rbp
         sbbq	40(%rsp), %r13
-        movq	$-19, %rax
         sbbq	48(%rsp), %r14
-        movq	$0x7fffffffffffffff, %rdx
         sbbq	56(%rsp), %r15
-        sbbq	$0x00, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        sbbq	%rax, %rax
+        shldq	$0x01, %r15, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %r15
         #   Add modulus (if underflow)
-        addq	%rax, %r12
-        adcq	%rbp, %r13
-        adcq	%rbp, %r14
-        adcq	%rdx, %r15
-        movq	%rcx, (%rsp)
-        movq	%r9, 8(%rsp)
-        movq	%r10, 16(%rsp)
-        movq	%r11, 24(%rsp)
+        subq	%rax, %r12
+        sbbq	$0x00, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
+        movq	%rcx, 32(%rsp)
+        movq	%r9, 40(%rsp)
+        movq	%r10, 48(%rsp)
+        movq	%r11, 56(%rsp)
         movq	%r12, 96(%rsp)
         movq	%r13, 104(%rsp)
         movq	%r14, 112(%rsp)
         movq	%r15, 120(%rsp)
         # Multiply
         #  A[0] * B[0]
-        movq	(%rdi), %rax
-        mulq	96(%rsp)
+        movq	128(%rsp), %rax
+        mulq	32(%rsp)
         movq	%rax, %rcx
         movq	%rdx, %r9
         #  A[0] * B[1]
-        movq	8(%rdi), %rax
-        mulq	96(%rsp)
+        movq	136(%rsp), %rax
+        mulq	32(%rsp)
         xorq	%r10, %r10
         addq	%rax, %r9
         adcq	%rdx, %r10
         #  A[1] * B[0]
-        movq	(%rdi), %rax
-        mulq	104(%rsp)
+        movq	128(%rsp), %rax
+        mulq	40(%rsp)
         xorq	%r11, %r11
         addq	%rax, %r9
         adcq	%rdx, %r10
         adcq	$0x00, %r11
         #  A[0] * B[2]
-        movq	16(%rdi), %rax
-        mulq	96(%rsp)
+        movq	144(%rsp), %rax
+        mulq	32(%rsp)
         addq	%rax, %r10
         adcq	%rdx, %r11
         #  A[1] * B[1]
-        movq	8(%rdi), %rax
-        mulq	104(%rsp)
+        movq	136(%rsp), %rax
+        mulq	40(%rsp)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[2] * B[0]
-        movq	(%rdi), %rax
-        mulq	112(%rsp)
+        movq	128(%rsp), %rax
+        mulq	48(%rsp)
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[0] * B[3]
-        movq	24(%rdi), %rax
-        mulq	96(%rsp)
+        movq	152(%rsp), %rax
+        mulq	32(%rsp)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[2]
-        movq	16(%rdi), %rax
-        mulq	104(%rsp)
+        movq	144(%rsp), %rax
+        mulq	40(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[2] * B[1]
-        movq	8(%rdi), %rax
-        mulq	112(%rsp)
+        movq	136(%rsp), %rax
+        mulq	48(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[3] * B[0]
-        movq	(%rdi), %rax
-        mulq	120(%rsp)
+        movq	128(%rsp), %rax
+        mulq	56(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[3]
-        movq	24(%rdi), %rax
-        mulq	104(%rsp)
+        movq	152(%rsp), %rax
+        mulq	40(%rsp)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[2]
-        movq	16(%rdi), %rax
-        mulq	112(%rsp)
+        movq	144(%rsp), %rax
+        mulq	48(%rsp)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[3] * B[1]
-        movq	8(%rdi), %rax
-        mulq	120(%rsp)
+        movq	136(%rsp), %rax
+        mulq	56(%rsp)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[3]
-        movq	24(%rdi), %rax
-        mulq	112(%rsp)
+        movq	152(%rsp), %rax
+        mulq	48(%rsp)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[2]
-        movq	16(%rdi), %rax
-        mulq	120(%rsp)
+        movq	144(%rsp), %rax
+        mulq	56(%rsp)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[3]
-        movq	24(%rdi), %rax
-        mulq	120(%rsp)
+        movq	152(%rsp), %rax
+        mulq	56(%rsp)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, 32(%rsp)
         movq	%r9, 40(%rsp)
@@ -2664,152 +2540,131 @@ L_curve25519_x64_bits:
         movq	%r11, 56(%rsp)
         # Multiply
         #  A[0] * B[0]
-        movq	128(%rsp), %rax
-        mulq	(%rsp)
+        movq	(%rdi), %rax
+        mulq	96(%rsp)
         movq	%rax, %rcx
         movq	%rdx, %r9
         #  A[0] * B[1]
-        movq	136(%rsp), %rax
-        mulq	(%rsp)
+        movq	8(%rdi), %rax
+        mulq	96(%rsp)
         xorq	%r10, %r10
         addq	%rax, %r9
         adcq	%rdx, %r10
         #  A[1] * B[0]
-        movq	128(%rsp), %rax
-        mulq	8(%rsp)
+        movq	(%rdi), %rax
+        mulq	104(%rsp)
         xorq	%r11, %r11
         addq	%rax, %r9
         adcq	%rdx, %r10
         adcq	$0x00, %r11
         #  A[0] * B[2]
-        movq	144(%rsp), %rax
-        mulq	(%rsp)
+        movq	16(%rdi), %rax
+        mulq	96(%rsp)
         addq	%rax, %r10
         adcq	%rdx, %r11
         #  A[1] * B[1]
-        movq	136(%rsp), %rax
-        mulq	8(%rsp)
+        movq	8(%rdi), %rax
+        mulq	104(%rsp)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[2] * B[0]
-        movq	128(%rsp), %rax
-        mulq	16(%rsp)
+        movq	(%rdi), %rax
+        mulq	112(%rsp)
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[0] * B[3]
-        movq	152(%rsp), %rax
-        mulq	(%rsp)
+        movq	24(%rdi), %rax
+        mulq	96(%rsp)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[2]
-        movq	144(%rsp), %rax
-        mulq	8(%rsp)
+        movq	16(%rdi), %rax
+        mulq	104(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[2] * B[1]
-        movq	136(%rsp), %rax
-        mulq	16(%rsp)
+        movq	8(%rdi), %rax
+        mulq	112(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[3] * B[0]
-        movq	128(%rsp), %rax
-        mulq	24(%rsp)
+        movq	(%rdi), %rax
+        mulq	120(%rsp)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[3]
-        movq	152(%rsp), %rax
-        mulq	8(%rsp)
+        movq	24(%rdi), %rax
+        mulq	104(%rsp)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[2]
-        movq	144(%rsp), %rax
-        mulq	16(%rsp)
+        movq	16(%rdi), %rax
+        mulq	112(%rsp)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[3] * B[1]
-        movq	136(%rsp), %rax
-        mulq	24(%rsp)
+        movq	8(%rdi), %rax
+        mulq	120(%rsp)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[3]
-        movq	152(%rsp), %rax
-        mulq	16(%rsp)
+        movq	24(%rdi), %rax
+        mulq	112(%rsp)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[2]
-        movq	144(%rsp), %rax
-        mulq	24(%rsp)
+        movq	16(%rdi), %rax
+        mulq	120(%rsp)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[3]
-        movq	152(%rsp), %rax
-        mulq	24(%rsp)
+        movq	24(%rdi), %rax
+        mulq	120(%rsp)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, (%rsp)
         movq	%r9, 8(%rsp)
@@ -2887,55 +2742,34 @@ L_curve25519_x64_bits:
         addq	%rbp, %r13
         adcq	$0x00, %r14
         adcq	$0x00, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, 96(%rsp)
         movq	%r9, 104(%rsp)
@@ -3013,110 +2847,86 @@ L_curve25519_x64_bits:
         addq	%rbp, %r13
         adcq	$0x00, %r14
         adcq	$0x00, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, 128(%rsp)
         movq	%r9, 136(%rsp)
         movq	%r10, 144(%rsp)
         movq	%r11, 152(%rsp)
+        # Add-Sub
         # Add
-        movq	32(%rsp), %rcx
-        movq	40(%rsp), %r9
-        movq	48(%rsp), %r10
-        movq	56(%rsp), %rbp
+        movq	(%rsp), %rcx
+        movq	8(%rsp), %r9
+        movq	16(%rsp), %r10
+        movq	24(%rsp), %r11
         movq	%rcx, %r12
-        addq	(%rsp), %rcx
+        addq	32(%rsp), %rcx
         movq	%r9, %r13
-        adcq	8(%rsp), %r9
+        adcq	40(%rsp), %r9
         movq	%r10, %r14
-        adcq	16(%rsp), %r10
-        movq	%rbp, %r15
-        adcq	24(%rsp), %rbp
-        movq	$-19, %rax
-        movq	%rbp, %r11
+        adcq	48(%rsp), %r10
+        movq	%r11, %r15
+        adcq	56(%rsp), %r11
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r11, %rax
         movq	$0x7fffffffffffffff, %rdx
-        sarq	$63, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r11
         #   Sub modulus (if overflow)
-        subq	%rax, %rcx
-        sbbq	%rbp, %r9
-        sbbq	%rbp, %r10
-        sbbq	%rdx, %r11
+        addq	%rax, %rcx
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
         # Sub
-        subq	(%rsp), %r12
-        movq	$0x00, %rbp
-        sbbq	8(%rsp), %r13
-        movq	$-19, %rax
-        sbbq	16(%rsp), %r14
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rsp), %r15
-        sbbq	$0x00, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        subq	32(%rsp), %r12
+        sbbq	40(%rsp), %r13
+        sbbq	48(%rsp), %r14
+        sbbq	56(%rsp), %r15
+        sbbq	%rax, %rax
+        shldq	$0x01, %r15, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %r15
         #   Add modulus (if underflow)
-        addq	%rax, %r12
-        adcq	%rbp, %r13
-        adcq	%rbp, %r14
-        adcq	%rdx, %r15
+        subq	%rax, %r12
+        sbbq	$0x00, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
         movq	%rcx, 64(%rsp)
         movq	%r9, 72(%rsp)
         movq	%r10, 80(%rsp)
         movq	%r11, 88(%rsp)
-        movq	%r12, (%rsp)
-        movq	%r13, 8(%rsp)
-        movq	%r14, 16(%rsp)
-        movq	%r15, 24(%rsp)
+        movq	%r12, 32(%rsp)
+        movq	%r13, 40(%rsp)
+        movq	%r14, 48(%rsp)
+        movq	%r15, 56(%rsp)
         # Multiply
         #  A[0] * B[0]
         movq	96(%rsp), %rax
@@ -3216,55 +3026,34 @@ L_curve25519_x64_bits:
         mulq	152(%rsp)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, (%rdi)
         movq	%r9, 8(%rdi)
@@ -3276,58 +3065,56 @@ L_curve25519_x64_bits:
         movq	144(%rsp), %r10
         movq	152(%rsp), %r11
         subq	96(%rsp), %rcx
-        movq	$0x00, %rbp
         sbbq	104(%rsp), %r9
-        movq	$-19, %rax
         sbbq	112(%rsp), %r10
-        movq	$0x7fffffffffffffff, %rdx
         sbbq	120(%rsp), %r11
-        sbbq	$0x00, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        sbbq	%rax, %rax
+        shldq	$0x01, %r11, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$-19, %rax
+        andq	%rdx, %r11
         #   Add modulus (if underflow)
-        addq	%rax, %rcx
-        adcq	%rbp, %r9
-        adcq	%rbp, %r10
-        adcq	%rdx, %r11
+        subq	%rax, %rcx
+        sbbq	$0x00, %r9
+        sbbq	$0x00, %r10
+        sbbq	$0x00, %r11
         movq	%rcx, 128(%rsp)
         movq	%r9, 136(%rsp)
         movq	%r10, 144(%rsp)
         movq	%r11, 152(%rsp)
         # Square
         #  A[0] * A[1]
-        movq	(%rsp), %rax
-        mulq	8(%rsp)
+        movq	32(%rsp), %rax
+        mulq	40(%rsp)
         movq	%rax, %r9
         movq	%rdx, %r10
         #  A[0] * A[2]
-        movq	(%rsp), %rax
-        mulq	16(%rsp)
+        movq	32(%rsp), %rax
+        mulq	48(%rsp)
         xorq	%r11, %r11
         addq	%rax, %r10
         adcq	%rdx, %r11
         #  A[0] * A[3]
-        movq	(%rsp), %rax
-        mulq	24(%rsp)
+        movq	32(%rsp), %rax
+        mulq	56(%rsp)
         xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
         #  A[1] * A[2]
-        movq	8(%rsp), %rax
-        mulq	16(%rsp)
+        movq	40(%rsp), %rax
+        mulq	48(%rsp)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * A[3]
-        movq	8(%rsp), %rax
-        mulq	24(%rsp)
+        movq	40(%rsp), %rax
+        mulq	56(%rsp)
         addq	%rax, %r12
         adcq	%rdx, %r13
         #  A[2] * A[3]
-        movq	16(%rsp), %rax
-        mulq	24(%rsp)
+        movq	48(%rsp), %rax
+        mulq	56(%rsp)
         xorq	%r14, %r14
         addq	%rax, %r13
         adcq	%rdx, %r14
@@ -3341,86 +3128,65 @@ L_curve25519_x64_bits:
         adcq	%r14, %r14
         adcq	$0x00, %r15
         #  A[0] * A[0]
-        movq	(%rsp), %rax
+        movq	32(%rsp), %rax
         mulq	%rax
         movq	%rax, %rcx
         movq	%rdx, %rbp
         #  A[1] * A[1]
-        movq	8(%rsp), %rax
+        movq	40(%rsp), %rax
         mulq	%rax
         addq	%rbp, %r9
         adcq	%rax, %r10
         adcq	$0x00, %rdx
         movq	%rdx, %rbp
         #  A[2] * A[2]
-        movq	16(%rsp), %rax
+        movq	48(%rsp), %rax
         mulq	%rax
         addq	%rbp, %r11
         adcq	%rax, %r12
         adcq	$0x00, %rdx
         movq	%rdx, %rbp
         #  A[3] * A[3]
-        movq	24(%rsp), %rax
+        movq	56(%rsp), %rax
         mulq	%rax
         addq	%rax, %r14
         adcq	%rdx, %r15
         addq	%rbp, %r13
         adcq	$0x00, %r14
         adcq	$0x00, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
-        movq	%rcx, (%rsp)
-        movq	%r9, 8(%rsp)
-        movq	%r10, 16(%rsp)
-        movq	%r11, 24(%rsp)
+        movq	%rcx, 32(%rsp)
+        movq	%r9, 40(%rsp)
+        movq	%r10, 48(%rsp)
+        movq	%r11, 56(%rsp)
         # Multiply by 121666
         movq	$0x1db42, %rax
         mulq	128(%rsp)
@@ -3450,10 +3216,10 @@ L_curve25519_x64_bits:
         adcq	$0x00, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        movq	%rcx, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	%r10, 48(%rsp)
-        movq	%r11, 56(%rsp)
+        movq	%rcx, (%rsp)
+        movq	%r9, 8(%rsp)
+        movq	%r10, 16(%rsp)
+        movq	%r11, 24(%rsp)
         # Square
         #  A[0] * A[1]
         movq	64(%rsp), %rax
@@ -3526,55 +3292,34 @@ L_curve25519_x64_bits:
         addq	%rbp, %r13
         adcq	$0x00, %r14
         adcq	$0x00, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, 64(%rsp)
         movq	%r9, 72(%rsp)
@@ -3583,176 +3328,154 @@ L_curve25519_x64_bits:
         # Add
         movq	96(%rsp), %rcx
         movq	104(%rsp), %r9
-        addq	32(%rsp), %rcx
+        addq	(%rsp), %rcx
         movq	112(%rsp), %r10
-        adcq	40(%rsp), %r9
-        movq	120(%rsp), %rbp
-        adcq	48(%rsp), %r10
-        movq	$-19, %rax
-        adcq	56(%rsp), %rbp
+        adcq	8(%rsp), %r9
+        movq	120(%rsp), %r11
+        adcq	16(%rsp), %r10
+        adcq	24(%rsp), %r11
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r11, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rbp, %r11
-        sarq	$63, %rbp
-        #   Mask the modulus
-        andq	%rbp, %rax
-        andq	%rbp, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r11
         #   Sub modulus (if overflow)
-        subq	%rax, %rcx
-        sbbq	%rbp, %r9
-        sbbq	%rbp, %r10
-        sbbq	%rdx, %r11
+        addq	%rax, %rcx
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
         movq	%rcx, 96(%rsp)
         movq	%r9, 104(%rsp)
         movq	%r10, 112(%rsp)
         movq	%r11, 120(%rsp)
         # Multiply
         #  A[0] * B[0]
-        movq	(%rsp), %rax
+        movq	32(%rsp), %rax
         mulq	(%r8)
         movq	%rax, %rcx
         movq	%rdx, %r9
         #  A[0] * B[1]
-        movq	8(%rsp), %rax
+        movq	40(%rsp), %rax
         mulq	(%r8)
         xorq	%r10, %r10
         addq	%rax, %r9
         adcq	%rdx, %r10
         #  A[1] * B[0]
-        movq	(%rsp), %rax
+        movq	32(%rsp), %rax
         mulq	8(%r8)
         xorq	%r11, %r11
         addq	%rax, %r9
         adcq	%rdx, %r10
         adcq	$0x00, %r11
         #  A[0] * B[2]
-        movq	16(%rsp), %rax
+        movq	48(%rsp), %rax
         mulq	(%r8)
         addq	%rax, %r10
         adcq	%rdx, %r11
         #  A[1] * B[1]
-        movq	8(%rsp), %rax
+        movq	40(%rsp), %rax
         mulq	8(%r8)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[2] * B[0]
-        movq	(%rsp), %rax
+        movq	32(%rsp), %rax
         mulq	16(%r8)
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[0] * B[3]
-        movq	24(%rsp), %rax
+        movq	56(%rsp), %rax
         mulq	(%r8)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[2]
-        movq	16(%rsp), %rax
+        movq	48(%rsp), %rax
         mulq	8(%r8)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[2] * B[1]
-        movq	8(%rsp), %rax
+        movq	40(%rsp), %rax
         mulq	16(%r8)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[3] * B[0]
-        movq	(%rsp), %rax
+        movq	32(%rsp), %rax
         mulq	24(%r8)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[3]
-        movq	24(%rsp), %rax
+        movq	56(%rsp), %rax
         mulq	8(%r8)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[2]
-        movq	16(%rsp), %rax
+        movq	48(%rsp), %rax
         mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[3] * B[1]
-        movq	8(%rsp), %rax
+        movq	40(%rsp), %rax
         mulq	24(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[3]
-        movq	24(%rsp), %rax
+        movq	56(%rsp), %rax
         mulq	16(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[2]
-        movq	16(%rsp), %rax
+        movq	48(%rsp), %rax
         mulq	24(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[3]
-        movq	24(%rsp), %rax
+        movq	56(%rsp), %rax
         mulq	24(%r8)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, 32(%rsp)
         movq	%r9, 40(%rsp)
@@ -3857,65 +3580,42 @@ L_curve25519_x64_bits:
         mulq	152(%rsp)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbp, %r11
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbp, %r11
-        addq	%rdx, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
         # Store
         movq	%rcx, (%rsp)
         movq	%r9, 8(%rsp)
         movq	%r10, 16(%rsp)
         movq	%r11, 24(%rsp)
-        decb	168(%rsp)
+        movq	160(%rsp), %r9
+        decq	%r9
         jge	L_curve25519_x64_bits
-        movq	$63, 168(%rsp)
-        decb	160(%rsp)
-        jge	L_curve25519_x64_words
         # Invert
         leaq	32(%rsp), %rdi
         movq	%rsp, %rsi
@@ -4153,7 +3853,7 @@ L_curve25519_x64_bits:
 #else
         callq	_fe_mul_x64
 #endif /* __APPLE__ */
-        movq	176(%rsp), %rdi
+        movq	168(%rsp), %rdi
         # Multiply
         #  A[0] * B[0]
         movq	(%rsp), %rax
@@ -4253,77 +3953,66 @@ L_curve25519_x64_bits:
         mulq	24(%rdi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
+        movq	$38, %rax
+        mulq	%r15
+        addq	%rax, %r11
+        adcq	$0x00, %rdx
         movq	$0x7fffffffffffffff, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rdx
+        imulq	$19, %rdx, %rdx
         andq	%rbp, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
+        movq	%rdx, %rbp
+        movq	$38, %rax
         mulq	%r12
         xorq	%r12, %r12
         addq	%rax, %rcx
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r12
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
         adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        addq	%rbp, %rcx
+        adcq	%r12, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
+        movq	$0x7fffffffffffffff, %rbp
+        movq	%r11, %rax
+        sarq	$63, %rax
+        andq	$19, %rax
         andq	%rbp, %r11
         addq	%rax, %rcx
         adcq	$0x00, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        # Reduce if top bit set
+        movq	$0x7fffffffffffffff, %rax
+        movq	%rcx, %rdx
+        addq	$19, %rdx
+        movq	%r9, %rdx
+        adcq	$0x00, %rdx
+        movq	%r10, %rdx
+        adcq	$0x00, %rdx
         movq	%r11, %rdx
+        adcq	$0x00, %rdx
         sarq	$63, %rdx
         andq	$19, %rdx
-        andq	%rbp, %r11
+        andq	%rax, %r11
         addq	%rdx, %rcx
         adcq	$0x00, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        movq	%rcx, %rax
-        addq	$19, %rax
-        movq	%r9, %rax
-        adcq	$0x00, %rax
-        movq	%r10, %rax
-        adcq	$0x00, %rax
-        movq	%r11, %rax
-        adcq	$0x00, %rax
-        sarq	$63, %rax
-        andq	$19, %rax
-        addq	%rax, %rcx
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        andq	%rbp, %r11
         # Store
         movq	%rcx, (%rdi)
         movq	%r9, 8(%rdi)
         movq	%r10, 16(%rdi)
         movq	%r11, 24(%rdi)
         xorq	%rax, %rax
-        addq	$0xb8, %rsp
+        addq	$0xb0, %rsp
         popq	%rbp
         popq	%rbx
         popq	%r15
@@ -4334,6 +4023,149 @@ L_curve25519_x64_bits:
 #ifndef __APPLE__
 .size	curve25519_x64,.-curve25519_x64
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl	fe_sq2_x64
+.type	fe_sq2_x64,@function
+.align	16
+fe_sq2_x64:
+#else
+.section	__TEXT,__text
+.globl	_fe_sq2_x64
+.p2align	4
+_fe_sq2_x64:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        # Square * 2
+        #  A[0] * A[1]
+        movq	(%rsi), %rax
+        mulq	8(%rsi)
+        movq	%rax, %r8
+        movq	%rdx, %r9
+        #  A[0] * A[2]
+        movq	(%rsi), %rax
+        mulq	16(%rsi)
+        xorq	%r10, %r10
+        addq	%rax, %r9
+        adcq	%rdx, %r10
+        #  A[0] * A[3]
+        movq	(%rsi), %rax
+        mulq	24(%rsi)
+        xorq	%r11, %r11
+        addq	%rax, %r10
+        adcq	%rdx, %r11
+        #  A[1] * A[2]
+        movq	8(%rsi), %rax
+        mulq	16(%rsi)
+        xorq	%r12, %r12
+        addq	%rax, %r10
+        adcq	%rdx, %r11
+        adcq	$0x00, %r12
+        #  A[1] * A[3]
+        movq	8(%rsi), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r11
+        adcq	%rdx, %r12
+        #  A[2] * A[3]
+        movq	16(%rsi), %rax
+        mulq	24(%rsi)
+        xorq	%r13, %r13
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        # Double
+        xorq	%r14, %r14
+        addq	%r8, %r8
+        adcq	%r9, %r9
+        adcq	%r10, %r10
+        adcq	%r11, %r11
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        adcq	$0x00, %r14
+        #  A[0] * A[0]
+        movq	(%rsi), %rax
+        mulq	%rax
+        movq	%rax, %rcx
+        movq	%rdx, %r15
+        #  A[1] * A[1]
+        movq	8(%rsi), %rax
+        mulq	%rax
+        addq	%r15, %r8
+        adcq	%rax, %r9
+        adcq	$0x00, %rdx
+        movq	%rdx, %r15
+        #  A[2] * A[2]
+        movq	16(%rsi), %rax
+        mulq	%rax
+        addq	%r15, %r10
+        adcq	%rax, %r11
+        adcq	$0x00, %rdx
+        movq	%rdx, %r15
+        #  A[3] * A[3]
+        movq	24(%rsi), %rax
+        mulq	%rax
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        addq	%r15, %r12
+        adcq	$0x00, %r13
+        adcq	$0x00, %r14
+        movq	$38, %rax
+        mulq	%r14
+        addq	%rax, %r10
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r15
+        shldq	$0x01, %r10, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r15, %r10
+        movq	%rdx, %r15
+        movq	$38, %rax
+        mulq	%r11
+        xorq	%r11, %r11
+        addq	%rax, %rcx
+        movq	$38, %rax
+        adcq	%rdx, %r11
+        mulq	%r12
+        xorq	%r12, %r12
+        addq	%rax, %r8
+        movq	$38, %rax
+        adcq	%rdx, %r12
+        mulq	%r13
+        xorq	%r13, %r13
+        addq	%rax, %r9
+        adcq	%rdx, %r13
+        addq	%r15, %rcx
+        adcq	%r11, %r8
+        adcq	%r12, %r9
+        adcq	%r13, %r10
+        mov	%r10, %rax
+        shldq	$0x01, %r9, %r10
+        shldq	$0x01, %r8, %r9
+        shldq	$0x01, %rcx, %r8
+        shlq	$0x01, %rcx
+        movq	$0x7fffffffffffffff, %r15
+        shrq	$62, %rax
+        andq	%r15, %r10
+        imulq	$19, %rax, %rax
+        addq	%rax, %rcx
+        adcq	$0x00, %r8
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        # Store
+        movq	%rcx, (%rdi)
+        movq	%r8, 8(%rdi)
+        movq	%r9, 16(%rdi)
+        movq	%r10, 24(%rdi)
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	fe_sq2_x64,.-fe_sq2_x64
+#endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
 .globl	fe_pow22523_x64
@@ -4591,4961 +4423,4678 @@ _fe_pow22523_x64:
         repz retq
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p2_x64
-.type	fe_ge_to_p2_x64,@function
+.globl	ge_p1p1_to_p2_x64
+.type	ge_p1p1_to_p2_x64,@function
 .align	16
-fe_ge_to_p2_x64:
+ge_p1p1_to_p2_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p2_x64
+.globl	_ge_p1p1_to_p2_x64
 .p2align	4
-_fe_ge_to_p2_x64:
+_ge_p1p1_to_p2_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$40, %rsp
-        movq	%rsi, (%rsp)
-        movq	%rdx, 8(%rsp)
-        movq	%rcx, 16(%rsp)
-        movq	%r8, 24(%rsp)
-        movq	%r9, 32(%rsp)
-        movq	16(%rsp), %rsi
-        movq	88(%rsp), %rbx
+        pushq	%rbx
+        subq	$16, %rsp
+        movq	%rdi, (%rsp)
+        movq	%rsi, 8(%rsp)
+        movq	%rsi, %rcx
+        addq	$0x60, %rcx
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	24(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$0x40, %rsi
+        addq	$0x40, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	32(%rsp), %rsi
-        movq	88(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        movq	%rsi, %rcx
+        subq	$32, %rcx
+        subq	$32, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$40, %rsp
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_to_p2_x64,.-fe_ge_to_p2_x64
+.size	ge_p1p1_to_p2_x64,.-ge_p1p1_to_p2_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p3_x64
-.type	fe_ge_to_p3_x64,@function
+.globl	ge_p1p1_to_p3_x64
+.type	ge_p1p1_to_p3_x64,@function
 .align	16
-fe_ge_to_p3_x64:
+ge_p1p1_to_p3_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p3_x64
+.globl	_ge_p1p1_to_p3_x64
 .p2align	4
-_fe_ge_to_p3_x64:
+_ge_p1p1_to_p3_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$40, %rsp
-        movq	%rsi, (%rsp)
-        movq	%rdx, 8(%rsp)
-        movq	%rcx, 16(%rsp)
-        movq	%r8, 24(%rsp)
-        movq	%r9, 32(%rsp)
-        movq	24(%rsp), %rsi
-        movq	96(%rsp), %rbx
+        pushq	%rbx
+        subq	$16, %rsp
+        movq	%rdi, (%rsp)
+        movq	%rsi, 8(%rsp)
+        movq	%rsi, %rcx
+        addq	$0x60, %rcx
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	32(%rsp), %rsi
-        movq	88(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        addq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	88(%rsp), %rsi
-        movq	96(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$0x40, %rsi
+        subq	$0x40, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	24(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        addq	$32, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r9
+        movq	%rdx, %r10
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
         xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rsi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rsi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rsi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rsi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$40, %rsp
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_to_p3_x64,.-fe_ge_to_p3_x64
+.size	ge_p1p1_to_p3_x64,.-ge_p1p1_to_p3_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_dbl_x64
-.type	fe_ge_dbl_x64,@function
+.globl	ge_p2_dbl_x64
+.type	ge_p2_dbl_x64,@function
 .align	16
-fe_ge_dbl_x64:
+ge_p2_dbl_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_dbl_x64
+.globl	_ge_p2_dbl_x64
 .p2align	4
-_fe_ge_dbl_x64:
+_ge_p2_dbl_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        subq	$16, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	(%rsp), %rdi
-        movq	32(%rsp), %rsi
+        addq	$0x40, %rdi
         # Square
         #  A[0] * A[1]
         movq	(%rsi), %rax
         mulq	8(%rsi)
-        movq	%rax, %r9
-        movq	%rdx, %r10
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * A[2]
         movq	(%rsi), %rax
         mulq	16(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[0] * A[3]
-        movq	(%rsi), %rax
-        mulq	24(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
+        #  A[0] * A[3]
+        movq	(%rsi), %rax
+        mulq	24(%rsi)
+        xorq	%r13, %r13
+        addq	%rax, %r12
+        adcq	%rdx, %r13
         #  A[1] * A[2]
         movq	8(%rsi), %rax
         mulq	16(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
         #  A[1] * A[3]
         movq	8(%rsi), %rax
         mulq	24(%rsi)
-        addq	%rax, %r12
-        adcq	%rdx, %r13
+        addq	%rax, %r13
+        adcq	%rdx, %r14
         #  A[2] * A[3]
         movq	16(%rsi), %rax
         mulq	24(%rsi)
-        xorq	%r14, %r14
-        addq	%rax, %r13
-        adcq	%rdx, %r14
-        # Double
         xorq	%r15, %r15
-        addq	%r9, %r9
-        adcq	%r10, %r10
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        # Double
+        xorq	%rbx, %rbx
+        addq	%r10, %r10
         adcq	%r11, %r11
         adcq	%r12, %r12
         adcq	%r13, %r13
         adcq	%r14, %r14
-        adcq	$0x00, %r15
+        adcq	%r15, %r15
+        adcq	$0x00, %rbx
         #  A[0] * A[0]
         movq	(%rsi), %rax
         mulq	%rax
-        movq	%rax, %r8
-        movq	%rdx, %rcx
+        movq	%rax, %r9
+        movq	%rdx, %r8
         #  A[1] * A[1]
         movq	8(%rsi), %rax
         mulq	%rax
-        addq	%rcx, %r9
-        adcq	%rax, %r10
+        addq	%r8, %r10
+        adcq	%rax, %r11
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[2] * A[2]
         movq	16(%rsi), %rax
         mulq	%rax
-        addq	%rcx, %r11
-        adcq	%rax, %r12
+        addq	%r8, %r12
+        adcq	%rax, %r13
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[3] * A[3]
         movq	24(%rsi), %rax
         mulq	%rax
-        addq	%rax, %r14
-        adcq	%rdx, %r15
-        addq	%rcx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        addq	%r8, %r14
         adcq	$0x00, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	40(%rsp), %rsi
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$32, %rsi
         # Square
         #  A[0] * A[1]
         movq	(%rsi), %rax
         mulq	8(%rsi)
-        movq	%rax, %r9
-        movq	%rdx, %r10
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * A[2]
         movq	(%rsi), %rax
         mulq	16(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[0] * A[3]
-        movq	(%rsi), %rax
-        mulq	24(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
+        #  A[0] * A[3]
+        movq	(%rsi), %rax
+        mulq	24(%rsi)
+        xorq	%r13, %r13
+        addq	%rax, %r12
+        adcq	%rdx, %r13
         #  A[1] * A[2]
         movq	8(%rsi), %rax
         mulq	16(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
         #  A[1] * A[3]
         movq	8(%rsi), %rax
         mulq	24(%rsi)
-        addq	%rax, %r12
-        adcq	%rdx, %r13
+        addq	%rax, %r13
+        adcq	%rdx, %r14
         #  A[2] * A[3]
         movq	16(%rsi), %rax
         mulq	24(%rsi)
-        xorq	%r14, %r14
-        addq	%rax, %r13
-        adcq	%rdx, %r14
-        # Double
         xorq	%r15, %r15
-        addq	%r9, %r9
-        adcq	%r10, %r10
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        # Double
+        xorq	%rbx, %rbx
+        addq	%r10, %r10
         adcq	%r11, %r11
         adcq	%r12, %r12
         adcq	%r13, %r13
         adcq	%r14, %r14
-        adcq	$0x00, %r15
+        adcq	%r15, %r15
+        adcq	$0x00, %rbx
         #  A[0] * A[0]
         movq	(%rsi), %rax
         mulq	%rax
-        movq	%rax, %r8
-        movq	%rdx, %rcx
+        movq	%rax, %r9
+        movq	%rdx, %r8
         #  A[1] * A[1]
         movq	8(%rsi), %rax
         mulq	%rax
-        addq	%rcx, %r9
-        adcq	%rax, %r10
+        addq	%r8, %r10
+        adcq	%rax, %r11
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[2] * A[2]
         movq	16(%rsi), %rax
         mulq	%rax
-        addq	%rcx, %r11
-        adcq	%rax, %r12
+        addq	%r8, %r12
+        adcq	%rax, %r13
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[3] * A[3]
         movq	24(%rsi), %rax
         mulq	%rax
-        addq	%rax, %r14
-        adcq	%rdx, %r15
-        addq	%rcx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        addq	%r8, %r14
         adcq	$0x00, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
+        adcq	%r15, %r12
+        # Store
+        movq	%rdi, %rsi
+        subq	$32, %rdi
+        # Add-Sub
+        # Add
+        movq	%r9, %r13
+        addq	(%rsi), %r9
+        movq	%r10, %r14
+        adcq	8(%rsi), %r10
+        movq	%r11, %r15
+        adcq	16(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	24(%rsi), %r12
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r12, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r12
+        #   Sub modulus (if overflow)
+        addq	%rax, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
+        adcq	$0x00, %r12
+        # Sub
+        subq	(%rsi), %r13
+        sbbq	8(%rsi), %r14
+        sbbq	16(%rsi), %r15
+        sbbq	24(%rsi), %rbx
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbx, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbx
+        #   Add modulus (if underflow)
+        subq	%rax, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        movq	%r13, (%rsi)
+        movq	%r14, 8(%rsi)
+        movq	%r15, 16(%rsi)
+        movq	%rbx, 24(%rsi)
+        movq	8(%rsp), %rcx
+        movq	%rcx, %rsi
+        addq	$32, %rsi
+        subq	$32, %rdi
+        # Add
+        movq	(%rsi), %r9
+        movq	8(%rsi), %r10
+        addq	(%rcx), %r9
+        movq	16(%rsi), %r11
+        adcq	8(%rcx), %r10
+        movq	24(%rsi), %r12
+        adcq	16(%rcx), %r11
+        adcq	24(%rcx), %r12
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r12, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r12
+        #   Sub modulus (if overflow)
+        addq	%rax, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
-        # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	128(%rsp), %rsi
-        # Square * 2
+        adcq	$0x00, %r12
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        # Square
         #  A[0] * A[1]
-        movq	(%rsi), %rax
-        mulq	8(%rsi)
-        movq	%rax, %r9
-        movq	%rdx, %r10
+        movq	(%rdi), %rax
+        mulq	8(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * A[2]
-        movq	(%rsi), %rax
-        mulq	16(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[0] * A[3]
-        movq	(%rsi), %rax
-        mulq	24(%rsi)
+        movq	(%rdi), %rax
+        mulq	16(%rdi)
         xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
-        #  A[1] * A[2]
-        movq	8(%rsi), %rax
-        mulq	16(%rsi)
+        #  A[0] * A[3]
+        movq	(%rdi), %rax
+        mulq	24(%rdi)
         xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * A[3]
-        movq	8(%rsi), %rax
-        mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        #  A[2] * A[3]
-        movq	16(%rsi), %rax
-        mulq	24(%rsi)
+        #  A[1] * A[2]
+        movq	8(%rdi), %rax
+        mulq	16(%rdi)
         xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[1] * A[3]
+        movq	8(%rdi), %rax
+        mulq	24(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
-        # Double
+        #  A[2] * A[3]
+        movq	16(%rdi), %rax
+        mulq	24(%rdi)
         xorq	%r15, %r15
-        addq	%r9, %r9
-        adcq	%r10, %r10
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        # Double
+        xorq	%rbx, %rbx
+        addq	%r10, %r10
         adcq	%r11, %r11
         adcq	%r12, %r12
         adcq	%r13, %r13
         adcq	%r14, %r14
-        adcq	$0x00, %r15
+        adcq	%r15, %r15
+        adcq	$0x00, %rbx
         #  A[0] * A[0]
-        movq	(%rsi), %rax
+        movq	(%rdi), %rax
         mulq	%rax
-        movq	%rax, %r8
-        movq	%rdx, %rcx
+        movq	%rax, %r9
+        movq	%rdx, %r8
         #  A[1] * A[1]
-        movq	8(%rsi), %rax
+        movq	8(%rdi), %rax
         mulq	%rax
-        addq	%rcx, %r9
-        adcq	%rax, %r10
+        addq	%r8, %r10
+        adcq	%rax, %r11
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[2] * A[2]
-        movq	16(%rsi), %rax
+        movq	16(%rdi), %rax
         mulq	%rax
-        addq	%rcx, %r11
-        adcq	%rax, %r12
+        addq	%r8, %r12
+        adcq	%rax, %r13
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[3] * A[3]
-        movq	24(%rsi), %rax
+        movq	24(%rdi), %rax
         mulq	%rax
-        addq	%rax, %r14
-        adcq	%rdx, %r15
-        addq	%rcx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        addq	%r8, %r14
         adcq	$0x00, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rbx
-        xorq	%rax, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$3, %r15, %rax
-        shldq	$2, %r14, %r15
-        shldq	$2, %r13, %r14
-        shldq	$2, %r12, %r13
-        shldq	$2, %r11, %r12
-        shldq	$0x01, %r10, %r11
-        shldq	$0x01, %r9, %r10
-        shldq	$0x01, %r8, %r9
-        shlq	$0x01, %r8
-        andq	%rbx, %r11
-        #  Two out left, one in right
-        andq	%rbx, %r15
-        #  Multiply top bits by 19*19
-        imulq	$0x169, %rax, %rcx
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining produce results in
-        addq	%rcx, %r8
-        adcq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rbx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	32(%rsp), %rsi
-        movq	40(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Sub
+        subq	(%rsi), %r9
+        sbbq	8(%rsi), %r10
+        sbbq	16(%rsi), %r11
+        sbbq	24(%rsi), %r12
+        sbbq	%rax, %rax
+        shldq	$0x01, %r12, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rdi
-        movq	8(%rsp), %rsi
-        # Square
+        imulq	$-19, %rax
+        andq	%rdx, %r12
+        #   Add modulus (if underflow)
+        subq	%rax, %r9
+        sbbq	$0x00, %r10
+        sbbq	$0x00, %r11
+        sbbq	$0x00, %r12
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$0x40, %rcx
+        # Square * 2
         #  A[0] * A[1]
-        movq	(%rsi), %rax
-        mulq	8(%rsi)
-        movq	%rax, %r9
-        movq	%rdx, %r10
+        movq	(%rcx), %rax
+        mulq	8(%rcx)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * A[2]
-        movq	(%rsi), %rax
-        mulq	16(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[0] * A[3]
-        movq	(%rsi), %rax
-        mulq	24(%rsi)
+        movq	(%rcx), %rax
+        mulq	16(%rcx)
         xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
-        #  A[1] * A[2]
-        movq	8(%rsi), %rax
-        mulq	16(%rsi)
+        #  A[0] * A[3]
+        movq	(%rcx), %rax
+        mulq	24(%rcx)
         xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * A[3]
-        movq	8(%rsi), %rax
-        mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        #  A[2] * A[3]
-        movq	16(%rsi), %rax
-        mulq	24(%rsi)
+        #  A[1] * A[2]
+        movq	8(%rcx), %rax
+        mulq	16(%rcx)
         xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[1] * A[3]
+        movq	8(%rcx), %rax
+        mulq	24(%rcx)
         addq	%rax, %r13
         adcq	%rdx, %r14
-        # Double
+        #  A[2] * A[3]
+        movq	16(%rcx), %rax
+        mulq	24(%rcx)
         xorq	%r15, %r15
-        addq	%r9, %r9
-        adcq	%r10, %r10
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        # Double
+        xorq	%rbx, %rbx
+        addq	%r10, %r10
         adcq	%r11, %r11
         adcq	%r12, %r12
         adcq	%r13, %r13
         adcq	%r14, %r14
-        adcq	$0x00, %r15
+        adcq	%r15, %r15
+        adcq	$0x00, %rbx
         #  A[0] * A[0]
-        movq	(%rsi), %rax
+        movq	(%rcx), %rax
         mulq	%rax
-        movq	%rax, %r8
-        movq	%rdx, %rcx
+        movq	%rax, %r9
+        movq	%rdx, %r8
         #  A[1] * A[1]
-        movq	8(%rsi), %rax
+        movq	8(%rcx), %rax
         mulq	%rax
-        addq	%rcx, %r9
-        adcq	%rax, %r10
+        addq	%r8, %r10
+        adcq	%rax, %r11
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[2] * A[2]
-        movq	16(%rsi), %rax
+        movq	16(%rcx), %rax
         mulq	%rax
-        addq	%rcx, %r11
-        adcq	%rax, %r12
+        addq	%r8, %r12
+        adcq	%rax, %r13
         adcq	$0x00, %rdx
-        movq	%rdx, %rcx
+        movq	%rdx, %r8
         #  A[3] * A[3]
-        movq	24(%rsi), %rax
+        movq	24(%rcx), %rax
         mulq	%rax
-        addq	%rax, %r14
-        adcq	%rdx, %r15
-        addq	%rcx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        addq	%r8, %r14
         adcq	$0x00, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
+        adcq	$0x00, %rbx
+        movq	$38, %rax
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r8, %r12
+        movq	%rdx, %r8
+        movq	$38, %rax
         mulq	%r13
         xorq	%r13, %r13
         addq	%rax, %r9
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r13
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        adcq	%rdx, %r15
+        addq	%r8, %r9
         adcq	%r13, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
+        adcq	%r15, %r12
+        mov	%r12, %rax
+        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r10, %r11
+        shldq	$0x01, %r9, %r10
+        shlq	$0x01, %r9
+        movq	$0x7fffffffffffffff, %r8
+        shrq	$62, %rax
+        andq	%r8, %r12
+        imulq	$19, %rax, %rax
+        addq	%rax, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
+        adcq	$0x00, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
-        movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	24(%rsp), %rsi
-        movq	16(%rsp), %rbx
+        movq	%rdi, %rsi
+        addq	$0x40, %rsi
+        addq	$0x60, %rdi
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
+        subq	(%rsi), %r9
+        sbbq	8(%rsi), %r10
+        sbbq	16(%rsi), %r11
+        sbbq	24(%rsi), %r12
+        sbbq	%rax, %rax
+        shldq	$0x01, %r12, %rax
         movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$-19, %rax
+        andq	%rdx, %r12
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$0x50, %rsp
+        subq	%rax, %r9
+        sbbq	$0x00, %r10
+        sbbq	$0x00, %r11
+        sbbq	$0x00, %r12
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_dbl_x64,.-fe_ge_dbl_x64
+.size	ge_p2_dbl_x64,.-ge_p2_dbl_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_madd_x64
-.type	fe_ge_madd_x64,@function
+.globl	ge_madd_x64
+.type	ge_madd_x64,@function
 .align	16
-fe_ge_madd_x64:
+ge_madd_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_madd_x64
+.globl	_ge_madd_x64
 .p2align	4
-_fe_ge_madd_x64:
+_ge_madd_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rcx
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%rcx, 16(%rsp)
+        movq	%rsi, %r8
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        movq	16(%rcx), %r12
+        movq	24(%rcx), %r13
+        movq	%r10, %r14
+        addq	(%r8), %r10
+        movq	%r11, %r15
+        adcq	8(%r8), %r11
+        movq	%r12, %rbx
+        adcq	16(%r8), %r12
+        movq	%r13, %rbp
+        adcq	24(%r8), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%r8), %r14
+        sbbq	8(%r8), %r15
+        sbbq	16(%r8), %rbx
+        sbbq	24(%r8), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	152(%rsp), %rbx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rcx
+        addq	$32, %rcx
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
+        xorq	%r12, %r12
+        addq	%rax, %r11
+        adcq	%rdx, %r12
         #  A[1] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
+        xorq	%r13, %r13
+        addq	%rax, %r11
+        adcq	%rdx, %r12
+        adcq	$0x00, %r13
         #  A[0] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rcx), %rax
         mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
+        addq	%rax, %r12
+        adcq	%rdx, %r13
         #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	8(%rsi)
-        xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
+        xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
         #  A[2] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
         #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rcx), %rax
         mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        xorq	%r15, %r15
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
         #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rcx), %rax
         mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
         #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
         #  A[3] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rcx), %rax
         mulq	24(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
         #  A[1] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rcx), %rax
         mulq	8(%rsi)
-        xorq	%r14, %r14
-        addq	%rax, %r12
-        adcq	%rdx, %r13
-        adcq	$0x00, %r14
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
         #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rcx), %rax
         mulq	16(%rsi)
-        addq	%rax, %r12
-        adcq	%rdx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
         #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rcx), %rax
         mulq	24(%rsi)
-        addq	%rax, %r12
-        adcq	%rdx, %r13
-        adcq	$0x00, %r14
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
         #  A[2] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rcx), %rax
         mulq	16(%rsi)
-        xorq	%r15, %r15
-        addq	%rax, %r13
-        adcq	%rdx, %r14
-        adcq	$0x00, %r15
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
         #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rcx), %rax
         mulq	24(%rsi)
-        addq	%rax, %r13
-        adcq	%rdx, %r14
-        adcq	$0x00, %r15
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
         #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rcx), %rax
         mulq	24(%rsi)
-        addq	%rax, %r14
-        adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	8(%rsp), %rsi
-        movq	160(%rsp), %rbx
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        addq	$0x60, %r8
+        addq	$32, %rcx
+        addq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%r8)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	144(%rsp), %rsi
-        movq	136(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        subq	$0x40, %rcx
+        subq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rdi
-        movq	128(%rsp), %rsi
-        movq	128(%rsp), %rbx
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        subq	$32, %r8
+        # Double
+        movq	(%r8), %r10
+        movq	8(%r8), %r11
+        addq	%r10, %r10
+        movq	16(%r8), %r12
+        adcq	%r11, %r11
+        movq	24(%r8), %r13
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%rdi, %rsi
+        addq	$0x60, %rsi
+        addq	$0x40, %rdi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$0x50, %rsp
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_madd_x64,.-fe_ge_madd_x64
+.size	ge_madd_x64,.-ge_madd_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_msub_x64
-.type	fe_ge_msub_x64,@function
+.globl	ge_msub_x64
+.type	ge_msub_x64,@function
 .align	16
-fe_ge_msub_x64:
+ge_msub_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_msub_x64
+.globl	_ge_msub_x64
 .p2align	4
-_fe_ge_msub_x64:
+_ge_msub_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rcx
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%rcx, 16(%rsp)
+        movq	%rsi, %r8
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        movq	16(%rcx), %r12
+        movq	24(%rcx), %r13
+        movq	%r10, %r14
+        addq	(%r8), %r10
+        movq	%r11, %r15
+        adcq	8(%r8), %r11
+        movq	%r12, %rbx
+        adcq	16(%r8), %r12
+        movq	%r13, %rbp
+        adcq	24(%r8), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%r8), %r14
+        sbbq	8(%r8), %r15
+        sbbq	16(%r8), %rbx
+        sbbq	24(%r8), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	160(%rsp), %rbx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rcx
+        addq	$32, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	8(%rsp), %rsi
-        movq	152(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        addq	$0x60, %r8
+        addq	$0x40, %rcx
+        addq	$0x40, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%r8)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	144(%rsp), %rsi
-        movq	136(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        subq	$32, %rcx
+        subq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rdi
-        movq	128(%rsp), %rsi
-        movq	128(%rsp), %rbx
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        subq	$32, %r8
+        addq	$0x40, %rdi
+        # Double
+        movq	(%r8), %r10
+        movq	8(%r8), %r11
+        addq	%r10, %r10
+        movq	16(%r8), %r12
+        adcq	%r11, %r11
+        movq	24(%r8), %r13
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$0x50, %rsp
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
+        #   Add modulus (if underflow)
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_msub_x64,.-fe_ge_msub_x64
+.size	ge_msub_x64,.-ge_msub_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_add_x64
-.type	fe_ge_add_x64,@function
+.globl	ge_add_x64
+.type	ge_add_x64,@function
 .align	16
-fe_ge_add_x64:
+ge_add_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_add_x64
+.globl	_ge_add_x64
 .p2align	4
-_fe_ge_add_x64:
+_ge_add_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rcx
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%rcx, 16(%rsp)
+        movq	%rsi, %r8
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        movq	16(%rcx), %r12
+        movq	24(%rcx), %r13
+        movq	%r10, %r14
+        addq	(%r8), %r10
+        movq	%r11, %r15
+        adcq	8(%r8), %r11
+        movq	%r12, %rbx
+        adcq	16(%r8), %r12
+        movq	%r13, %rbp
+        adcq	24(%r8), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%r8), %r14
+        sbbq	8(%r8), %r15
+        sbbq	16(%r8), %rbx
+        sbbq	24(%r8), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	160(%rsp), %rbx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rcx
+        addq	$32, %rcx
+        addq	$32, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	8(%rsp), %rsi
-        movq	168(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        addq	$0x60, %r8
+        addq	$0x40, %rcx
+        addq	$0x40, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%r8)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	152(%rsp), %rsi
-        movq	136(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        subq	$0x60, %rcx
+        subq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	128(%rsp), %rsi
-        movq	144(%rsp), %rbx
+        # Add-Sub
+        # Add
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
+        #   Sub modulus (if overflow)
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
+        #   Add modulus (if underflow)
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        subq	$32, %r8
+        addq	$0x40, %rcx
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%r8)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
-        movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        addq	$0x40, %rdi
+        # Double
+        addq	%r10, %r10
+        adcq	%r11, %r11
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$0x50, %rsp
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_add_x64,.-fe_ge_add_x64
+.size	ge_add_x64,.-ge_add_x64
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_sub_x64
-.type	fe_ge_sub_x64,@function
+.globl	ge_sub_x64
+.type	ge_sub_x64,@function
 .align	16
-fe_ge_sub_x64:
+ge_sub_x64:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_sub_x64
+.globl	_ge_sub_x64
 .p2align	4
-_fe_ge_sub_x64:
+_ge_sub_x64:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rcx
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%rcx, 16(%rsp)
+        movq	%rsi, %r8
+        movq	%rsi, %rcx
+        addq	$32, %rcx
+        movq	%rdi, %rsi
+        addq	$32, %rsi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        movq	16(%rcx), %r12
+        movq	24(%rcx), %r13
+        movq	%r10, %r14
+        addq	(%r8), %r10
+        movq	%r11, %r15
+        adcq	8(%r8), %r11
+        movq	%r12, %rbx
+        adcq	16(%r8), %r12
+        movq	%r13, %rbp
+        adcq	24(%r8), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
         movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
         #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	40(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
+        subq	(%r8), %r14
+        sbbq	8(%r8), %r15
+        sbbq	16(%r8), %rbx
+        sbbq	24(%r8), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
         #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	168(%rsp), %rbx
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rcx
+        addq	$32, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	8(%rsp), %rsi
-        movq	160(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        addq	$0x60, %r8
+        addq	$0x60, %rcx
+        addq	$0x40, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%r8)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r13, %r13
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
-        addq	%rax, %r11
-        adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
-        adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        movq	152(%rsp), %rsi
-        movq	136(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        subq	$0x40, %rcx
+        subq	$0x60, %rdi
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
-        mulq	(%rsi)
-        movq	%rax, %r8
-        movq	%rdx, %r9
+        movq	(%rcx), %rax
+        mulq	(%rdi)
+        movq	%rax, %r10
+        movq	%rdx, %r11
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
-        mulq	(%rsi)
-        xorq	%r10, %r10
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        #  A[1] * B[0]
-        movq	(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r11, %r11
-        addq	%rax, %r9
-        adcq	%rdx, %r10
-        adcq	$0x00, %r11
-        #  A[0] * B[2]
-        movq	16(%rbx), %rax
-        mulq	(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        #  A[1] * B[1]
-        movq	8(%rbx), %rax
-        mulq	8(%rsi)
+        movq	8(%rcx), %rax
+        mulq	(%rdi)
         xorq	%r12, %r12
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[2] * B[0]
-        movq	(%rbx), %rax
-        mulq	16(%rsi)
-        addq	%rax, %r10
-        adcq	%rdx, %r11
-        adcq	$0x00, %r12
-        #  A[0] * B[3]
-        movq	24(%rbx), %rax
-        mulq	(%rsi)
+        addq	%rax, %r11
+        adcq	%rdx, %r12
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%rdi)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%rdi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%r14, %r14
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	$0x00, %r14
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%rdi)
+        xorq	%r15, %r15
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
         #  A[1] * B[2]
-        movq	16(%rbx), %rax
-        mulq	8(%rsi)
+        movq	16(%rcx), %rax
+        mulq	8(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%rdi)
+        xorq	%rbx, %rbx
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%rdi)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%rdi)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
+        mulq	%r14
+        xorq	%r14, %r14
+        addq	%rax, %r10
+        movq	$38, %rax
+        adcq	%rdx, %r14
+        mulq	%r15
+        xorq	%r15, %r15
         addq	%rax, %r11
-        adcq	%rdx, %r12
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
+        adcq	%r14, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
+        # Store
+        # Add-Sub
+        # Add
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
+        #   Sub modulus (if overflow)
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
         adcq	$0x00, %r13
-        #  A[2] * B[1]
-        movq	8(%rbx), %rax
-        mulq	16(%rsi)
+        # Sub
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
+        #   Add modulus (if underflow)
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        subq	$32, %r8
+        addq	$32, %rcx
+        # Multiply
+        #  A[0] * B[0]
+        movq	(%rcx), %rax
+        mulq	(%r8)
+        movq	%rax, %r10
+        movq	%rdx, %r11
+        #  A[0] * B[1]
+        movq	8(%rcx), %rax
+        mulq	(%r8)
+        xorq	%r12, %r12
         addq	%rax, %r11
         adcq	%rdx, %r12
-        adcq	$0x00, %r13
-        #  A[3] * B[0]
-        movq	(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[0]
+        movq	(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
-        #  A[1] * B[3]
-        movq	24(%rbx), %rax
-        mulq	8(%rsi)
-        xorq	%r14, %r14
+        #  A[0] * B[2]
+        movq	16(%rcx), %rax
+        mulq	(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
-        adcq	$0x00, %r14
-        #  A[2] * B[2]
-        movq	16(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[1] * B[1]
+        movq	8(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[3] * B[1]
-        movq	8(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[0]
+        movq	(%rcx), %rax
+        mulq	16(%r8)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
-        #  A[2] * B[3]
-        movq	24(%rbx), %rax
-        mulq	16(%rsi)
+        #  A[0] * B[3]
+        movq	24(%rcx), %rax
+        mulq	(%r8)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[2]
-        movq	16(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[1] * B[2]
+        movq	16(%rcx), %rax
+        mulq	8(%r8)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
-        #  A[3] * B[3]
-        movq	24(%rbx), %rax
-        mulq	24(%rsi)
+        #  A[2] * B[1]
+        movq	8(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[3] * B[0]
+        movq	(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r13
+        adcq	%rdx, %r14
+        adcq	$0x00, %r15
+        #  A[1] * B[3]
+        movq	24(%rcx), %rax
+        mulq	8(%r8)
+        xorq	%rbx, %rbx
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
-        addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
-        addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
+        adcq	$0x00, %rbx
+        #  A[2] * B[2]
+        movq	16(%rcx), %rax
+        mulq	16(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[3] * B[1]
+        movq	8(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r14
+        adcq	%rdx, %r15
+        adcq	$0x00, %rbx
+        #  A[2] * B[3]
+        movq	24(%rcx), %rax
+        mulq	16(%r8)
+        xorq	%rbp, %rbp
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[2]
+        movq	16(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %r15
+        adcq	%rdx, %rbx
+        adcq	$0x00, %rbp
+        #  A[3] * B[3]
+        movq	24(%rcx), %rax
+        mulq	24(%r8)
+        addq	%rax, %rbx
+        adcq	%rdx, %rbp
+        movq	$38, %rax
+        mulq	%rbp
+        addq	%rax, %r13
+        adcq	$0x00, %rdx
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %rdx
+        imulq	$19, %rdx, %rdx
+        andq	%r9, %r13
+        movq	%rdx, %r9
+        movq	$38, %rax
         mulq	%r14
         xorq	%r14, %r14
         addq	%rax, %r10
-        movq	$19, %rax
+        movq	$38, %rax
         adcq	%rdx, %r14
         mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
+        xorq	%r15, %r15
+        addq	%rax, %r11
+        movq	$38, %rax
+        adcq	%rdx, %r15
+        mulq	%rbx
+        xorq	%rbx, %rbx
+        addq	%rax, %r12
+        adcq	%rdx, %rbx
+        addq	%r9, %r10
         adcq	%r14, %r11
+        adcq	%r15, %r12
+        adcq	%rbx, %r13
+        # Store
+        # Double
+        addq	%r10, %r10
+        adcq	%r11, %r11
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
+        #   Sub modulus (if overflow)
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%rdi, %rsi
+        addq	$0x40, %rsi
+        addq	$0x60, %rdi
+        # Add-Sub
+        # Add
+        movq	%r10, %r14
+        addq	(%rdi), %r10
+        movq	%r11, %r15
+        adcq	8(%rdi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rdi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rdi), %r13
+        movq	$0x00, %rax
+        adcq	$0x00, %rax
+        shldq	$0x01, %r13, %rax
+        movq	$0x7fffffffffffffff, %rdx
+        imulq	$19, %rax
+        andq	%rdx, %r13
+        #   Sub modulus (if overflow)
+        addq	%rax, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rdi), %r14
+        sbbq	8(%rdi), %r15
+        sbbq	16(%rdi), %rbx
+        sbbq	24(%rdi), %rbp
+        sbbq	%rax, %rax
+        shldq	$0x01, %rbp, %rax
+        imulq	$-19, %rax
+        andq	%rdx, %rbp
+        #   Add modulus (if underflow)
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	ge_sub_x64,.-ge_sub_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_reduce_x64
+.type	sc_reduce_x64,@function
+.align	16
+sc_reduce_x64:
+#else
+.section	__TEXT,__text
+.globl	_sc_reduce_x64
+.p2align	4
+_sc_reduce_x64:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        pushq	%rbx
+        pushq	%rbp
+        movq	(%rdi), %r8
+        movq	8(%rdi), %r9
+        movq	16(%rdi), %r10
+        movq	24(%rdi), %r11
+        movq	32(%rdi), %r12
+        movq	40(%rdi), %r13
+        movq	48(%rdi), %r14
+        movq	56(%rdi), %r15
+        movq	%r15, %rcx
+        movq	$0xfffffffffffffff, %rsi
+        shrq	$56, %rcx
+        shldq	$4, %r14, %r15
+        shldq	$4, %r13, %r14
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
+        andq	%rsi, %r11
+        andq	%rsi, %r15
+        # Add order times bits 504..511
+        subq	%rcx, %r14
+        sbbq	$0x00, %r15
+        movq	$0xeb2106215d086329, %rax
+        mulq	%rcx
+        movq	$0x00, %rsi
+        addq	%rax, %r13
+        movq	$0xa7ed9ce5a30a2c13, %rax
+        adcq	%rdx, %rsi
+        mulq	%rcx
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	%rsi, %r14
+        adcq	$0x00, %r15
+        # Sub product of top 4 words and order
+        movq	$0xa7ed9ce5a30a2c13, %rcx
+        movq	%r12, %rax
+        mulq	%rcx
+        mov	$0x00, %rbp
+        addq	%rax, %r8
+        adcq	%rdx, %rbp
+        movq	%r13, %rax
+        mulq	%rcx
+        movq	$0x00, %rsi
+        addq	%rax, %r9
+        adcq	%rdx, %rsi
+        movq	%r14, %rax
+        mulq	%rcx
+        addq	%rbp, %r9
+        adcq	%rax, %r10
+        adcq	%rdx, %r11
+        mov	$0x00, %rbx
+        adcq	$0x00, %rbx
+        movq	%r15, %rax
+        mulq	%rcx
+        addq	%rsi, %r10
         adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
+        adcq	%rdx, %rbx
+        movq	$0xeb2106215d086329, %rcx
+        movq	%r12, %rax
+        mulq	%rcx
+        mov	$0x00, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %rbp
+        movq	%r13, %rax
+        mulq	%rcx
+        movq	$0x00, %rsi
+        addq	%rax, %r10
+        adcq	%rdx, %rsi
+        movq	%r14, %rax
+        mulq	%rcx
+        addq	%rbp, %r10
+        adcq	%rax, %r11
+        adcq	%rdx, %rbx
+        mov	$0x00, %rbp
+        adcq	$0x00, %rbp
+        movq	%r15, %rax
+        mulq	%rcx
+        addq	%rsi, %r11
+        adcq	%rax, %rbx
+        adcq	%rdx, %rbp
+        subq	%r12, %r10
+        movq	%rbx, %r12
+        sbbq	%r13, %r11
+        movq	%rbp, %r13
+        sbbq	%r14, %r12
+        sbbq	%r15, %r13
+        movq	%r13, %rcx
+        sarq	$57, %rcx
+        #   Conditionally subtract order starting at bit 125
+        movq	$0xa000000000000000, %rax
+        movq	$0xcb024c634b9eba7d, %rdx
+        movq	$0x29bdf3bd45ef39a, %rbx
+        movq	$0x200000000000000, %rbp
+        andq	%rcx, %rax
+        andq	%rcx, %rdx
+        andq	%rcx, %rbx
+        andq	%rcx, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %r10
+        adcq	%rbx, %r11
+        adcq	$0x00, %r12
+        adcq	%rbp, %r13
+        #   Move bits 252-376 to own registers
+        movq	$0xfffffffffffffff, %rcx
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
         andq	%rcx, %r11
+        # Sub product of top 2 words and order
+        #   * -5812631a5cf5d3ed
+        movq	$0xa7ed9ce5a30a2c13, %rcx
+        movq	%r12, %rax
+        mulq	%rcx
+        movq	$0x00, %rbx
         addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
+        adcq	%rdx, %r9
+        adcq	$0x00, %rbx
+        movq	%r13, %rax
+        mulq	%rcx
+        addq	%rax, %r9
+        adcq	%rdx, %rbx
+        #   * -14def9dea2f79cd7
+        movq	$0xeb2106215d086329, %rcx
+        movq	%r12, %rax
+        mulq	%rcx
+        movq	$0x00, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %r10
+        adcq	$0x00, %rbp
+        movq	%r13, %rax
+        mulq	%rcx
+        addq	%rax, %r10
+        adcq	%rdx, %rbp
+        #   Add overflows at 2 * 64
+        movq	$0xfffffffffffffff, %rsi
+        andq	%rsi, %r11
+        addq	%rbx, %r10
+        adcq	%rbp, %r11
+        #   Subtract top at 2 * 64
+        subq	%r12, %r10
+        sbbq	%r13, %r11
+        sbbq	%rsi, %rsi
+        #   Conditional sub order
+        movq	$0x5812631a5cf5d3ed, %rax
+        movq	$0x14def9dea2f79cd6, %rdx
+        movq	$0x1000000000000000, %rbx
+        andq	%rsi, %rax
+        andq	%rsi, %rdx
+        andq	%rsi, %rbx
+        addq	%rax, %r8
+        movq	$0xfffffffffffffff, %rax
+        adcq	%rdx, %r9
         adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Store
+        adcq	%rbx, %r11
+        andq	%rax, %r11
+        # Store result
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
         movq	%r10, 16(%rdi)
         movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	128(%rsp), %rsi
-        movq	144(%rsp), %rbx
+        popq	%rbp
+        popq	%rbx
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	sc_reduce_x64,.-sc_reduce_x64
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_muladd_x64
+.type	sc_muladd_x64,@function
+.align	16
+sc_muladd_x64:
+#else
+.section	__TEXT,__text
+.globl	_sc_muladd_x64
+.p2align	4
+_sc_muladd_x64:
+#endif /* __APPLE__ */
+        pushq	%rbp
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        pushq	%rbx
+        movq	%rdx, %rbp
         # Multiply
         #  A[0] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rbp), %rax
         mulq	(%rsi)
         movq	%rax, %r8
         movq	%rdx, %r9
         #  A[0] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rbp), %rax
         mulq	(%rsi)
         xorq	%r10, %r10
         addq	%rax, %r9
         adcq	%rdx, %r10
         #  A[1] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rbp), %rax
         mulq	8(%rsi)
         xorq	%r11, %r11
         addq	%rax, %r9
         adcq	%rdx, %r10
         adcq	$0x00, %r11
         #  A[0] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rbp), %rax
         mulq	(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
         #  A[1] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rbp), %rax
         mulq	8(%rsi)
         xorq	%r12, %r12
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[2] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rbp), %rax
         mulq	16(%rsi)
         addq	%rax, %r10
         adcq	%rdx, %r11
         adcq	$0x00, %r12
         #  A[0] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rbp), %rax
         mulq	(%rsi)
         xorq	%r13, %r13
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rbp), %rax
         mulq	8(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[2] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rbp), %rax
         mulq	16(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[3] * B[0]
-        movq	(%rbx), %rax
+        movq	(%rbp), %rax
         mulq	24(%rsi)
         addq	%rax, %r11
         adcq	%rdx, %r12
         adcq	$0x00, %r13
         #  A[1] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rbp), %rax
         mulq	8(%rsi)
         xorq	%r14, %r14
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rbp), %rax
         mulq	16(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[3] * B[1]
-        movq	8(%rbx), %rax
+        movq	8(%rbp), %rax
         mulq	24(%rsi)
         addq	%rax, %r12
         adcq	%rdx, %r13
         adcq	$0x00, %r14
         #  A[2] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rbp), %rax
         mulq	16(%rsi)
         xorq	%r15, %r15
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[2]
-        movq	16(%rbx), %rax
+        movq	16(%rbp), %rax
         mulq	24(%rsi)
         addq	%rax, %r13
         adcq	%rdx, %r14
         adcq	$0x00, %r15
         #  A[3] * B[3]
-        movq	24(%rbx), %rax
+        movq	24(%rbp), %rax
         mulq	24(%rsi)
         addq	%rax, %r14
         adcq	%rdx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        # Add c to a * b
+        addq	(%rcx), %r8
+        adcq	8(%rcx), %r9
+        adcq	16(%rcx), %r10
+        adcq	24(%rcx), %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        adcq	$0x00, %r14
+        adcq	$0x00, %r15
+        movq	%r15, %rbx
+        movq	$0xfffffffffffffff, %rcx
+        shrq	$56, %rbx
+        shldq	$4, %r14, %r15
+        shldq	$4, %r13, %r14
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
         andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rax
-        mulq	%r12
-        xorq	%r12, %r12
+        andq	%rcx, %r15
+        # Add order times bits 504..507
+        subq	%rbx, %r14
+        sbbq	$0x00, %r15
+        movq	$0xeb2106215d086329, %rax
+        mulq	%rbx
+        movq	$0x00, %rcx
+        addq	%rax, %r13
+        movq	$0xa7ed9ce5a30a2c13, %rax
+        adcq	%rdx, %rcx
+        mulq	%rbx
+        addq	%rax, %r12
+        adcq	%rdx, %r13
+        adcq	%rcx, %r14
+        adcq	$0x00, %r15
+        # Sub product of top 4 words and order
+        movq	$0xa7ed9ce5a30a2c13, %rbx
+        movq	%r12, %rax
+        mulq	%rbx
+        mov	$0x00, %rbp
         addq	%rax, %r8
-        movq	$19, %rax
-        adcq	%rdx, %r12
-        mulq	%r13
-        xorq	%r13, %r13
+        adcq	%rdx, %rbp
+        movq	%r13, %rax
+        mulq	%rbx
+        movq	$0x00, %rcx
         addq	%rax, %r9
-        movq	$19, %rax
-        adcq	%rdx, %r13
-        mulq	%r14
-        xorq	%r14, %r14
+        adcq	%rdx, %rcx
+        movq	%r14, %rax
+        mulq	%rbx
+        addq	%rbp, %r9
+        adcq	%rax, %r10
+        adcq	%rdx, %r11
+        mov	$0x00, %rsi
+        adcq	$0x00, %rsi
+        movq	%r15, %rax
+        mulq	%rbx
+        addq	%rcx, %r10
+        adcq	%rax, %r11
+        adcq	%rdx, %rsi
+        movq	$0xeb2106215d086329, %rbx
+        movq	%r12, %rax
+        mulq	%rbx
+        mov	$0x00, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %rbp
+        movq	%r13, %rax
+        mulq	%rbx
+        movq	$0x00, %rcx
         addq	%rax, %r10
-        movq	$19, %rax
-        adcq	%rdx, %r14
-        mulq	%r15
-        #  Add remaining product results in
-        addq	%r12, %r9
-        adcq	%r13, %r10
-        adcq	%r14, %r11
+        adcq	%rdx, %rcx
+        movq	%r14, %rax
+        mulq	%rbx
+        addq	%rbp, %r10
         adcq	%rax, %r11
-        adcq	$0x00, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
+        adcq	%rdx, %rsi
+        mov	$0x00, %rbp
+        adcq	$0x00, %rbp
+        movq	%r15, %rax
+        mulq	%rbx
+        addq	%rcx, %r11
+        adcq	%rax, %rsi
+        adcq	%rdx, %rbp
+        subq	%r12, %r10
+        movq	%rsi, %r12
+        sbbq	%r13, %r11
+        movq	%rbp, %r13
+        sbbq	%r14, %r12
+        sbbq	%r15, %r13
+        movq	%r13, %rbx
+        sarq	$57, %rbx
+        #   Conditionally subtract order starting at bit 125
+        movq	$0xa000000000000000, %rax
+        movq	$0xcb024c634b9eba7d, %rdx
+        movq	$0x29bdf3bd45ef39a, %rsi
+        movq	$0x200000000000000, %rbp
+        andq	%rbx, %rax
+        andq	%rbx, %rdx
+        andq	%rbx, %rsi
+        andq	%rbx, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %r10
+        adcq	%rsi, %r11
+        adcq	$0x00, %r12
+        adcq	%rbp, %r13
+        #   Move bits 252-376 to own registers
+        movq	$0xfffffffffffffff, %rbx
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
+        andq	%rbx, %r11
+        # Sub product of top 2 words and order
+        #   * -5812631a5cf5d3ed
+        movq	$0xa7ed9ce5a30a2c13, %rbx
+        movq	%r12, %rax
+        mulq	%rbx
+        movq	$0x00, %rsi
         addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
+        adcq	%rdx, %r9
+        adcq	$0x00, %rsi
+        movq	%r13, %rax
+        mulq	%rbx
+        addq	%rax, %r9
+        adcq	%rdx, %rsi
+        #   * -14def9dea2f79cd7
+        movq	$0xeb2106215d086329, %rbx
+        movq	%r12, %rax
+        mulq	%rbx
+        movq	$0x00, %rbp
+        addq	%rax, %r9
+        adcq	%rdx, %r10
+        adcq	$0x00, %rbp
+        movq	%r13, %rax
+        mulq	%rbx
+        addq	%rax, %r10
+        adcq	%rdx, %rbp
+        #   Add overflows at 2 * 64
+        movq	$0xfffffffffffffff, %rcx
         andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rdi
-        movq	(%rsp), %rsi
-        movq	(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
-        movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
-        addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	16(%rsp), %rsi
-        movq	8(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
-        movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
+        addq	%rsi, %r10
+        adcq	%rbp, %r11
+        #   Subtract top at 2 * 64
+        subq	%r12, %r10
+        sbbq	%r13, %r11
+        sbbq	%rcx, %rcx
+        #   Conditional sub order
+        movq	$0x5812631a5cf5d3ed, %rax
+        movq	$0x14def9dea2f79cd6, %rdx
+        movq	$0x1000000000000000, %rsi
         andq	%rcx, %rax
         andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rbx), %r8
-        movq	$0x00, %rcx
-        sbbq	8(%rbx), %r9
-        movq	$-19, %rax
-        sbbq	16(%rbx), %r10
-        movq	$0x7fffffffffffffff, %rdx
-        sbbq	24(%rbx), %r11
-        sbbq	$0x00, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Add modulus (if underflow)
+        andq	%rcx, %rsi
         addq	%rax, %r8
-        adcq	%rcx, %r9
-        adcq	%rcx, %r10
-        adcq	%rdx, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rdi
-        leaq	48(%rsp), %rsi
-        movq	24(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rcx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rax
-        adcq	24(%rbx), %rcx
-        movq	$0x7fffffffffffffff, %rdx
-        movq	%rcx, %r11
-        sarq	$63, %rcx
-        #   Mask the modulus
-        andq	%rcx, %rax
-        andq	%rcx, %rdx
-        #   Sub modulus (if overflow)
-        subq	%rax, %r8
-        sbbq	%rcx, %r9
-        sbbq	%rcx, %r10
-        sbbq	%rdx, %r11
+        movq	$0xfffffffffffffff, %rax
+        adcq	%rdx, %r9
+        adcq	$0x00, %r10
+        adcq	%rsi, %r11
+        andq	%rax, %r11
+        # Store result
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
         movq	%r10, 16(%rdi)
         movq	%r11, 24(%rdi)
-        addq	$0x50, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
+        popq	%rbp
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_sub_x64,.-fe_ge_sub_x64
+.size	sc_muladd_x64,.-sc_muladd_x64
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
 #ifdef HAVE_INTEL_AVX2
 #ifndef __APPLE__
 .text
@@ -9575,12 +9124,11 @@ _fe_mul_avx2:
         mulxq	8(%rsi), %rax, %rcx
         xorq	%r15, %r15
         adcxq	%rax, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
+        # A[3] * B[1]
+        movq	8(%rbx), %rdx
+        mulxq	24(%rsi), %r12, %r13
         adcxq	%rcx, %r10
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
         mulxq	(%rsi), %rax, %rcx
         adoxq	%rax, %r9
         # A[2] * B[1]
@@ -9604,10 +9152,10 @@ _fe_mul_avx2:
         mulxq	8(%rsi), %rdx, %rax
         adcxq	%rcx, %r11
         adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
+        # A[1] * B[3]
+        movq	24(%rbx), %rdx
         adoxq	%rax, %r11
-        mulxq	24(%rsi), %rax, %rcx
+        mulxq	8(%rsi), %rax, %rcx
         adcxq	%rax, %r12
         # A[2] * B[2]
         movq	16(%rbx), %rdx
@@ -9626,34 +9174,33 @@ _fe_mul_avx2:
         xorq	%rcx, %rcx
         adcxq	%rdx, %r11
         # A[3] * B[0]
-        movq	(%rbx), %rdx
+        movq	24(%rsi), %rdx
         adcxq	%rax, %r12
-        mulxq	24(%rsi), %rdx, %rax
+        mulxq	(%rbx), %rdx, %rax
         adoxq	%rdx, %r11
         adoxq	%rax, %r12
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rbx), %rdx, %rax
+        adcxq	%rdx, %r13
         # A[2] * B[3]
         movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rax
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
         adcxq	%rax, %r14
-        mulxq	24(%rsi), %rax, %rdx
+        mulxq	16(%rsi), %rax, %rdx
         adcxq	%rcx, %r15
         adoxq	%rax, %r13
         adoxq	%rdx, %r14
         adoxq	%rcx, %r15
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%r15, %r15, %rax
+        addq	%r15, %r11
+        adcq	$0x00, %rax
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rax
+        imulq	$19, %rax, %rax
         andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
+        adoxq	%rax, %r8
         mulxq	%r12, %rax, %r12
         adcxq	%rax, %r8
         adoxq	%r12, %r9
@@ -9663,20 +9210,8 @@ _fe_mul_avx2:
         mulxq	%r14, %rax, %r14
         adcxq	%rax, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
+        adcxq	%rcx, %r11
         movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
         movq	%r11, %rdx
         sarq	$63, %rdx
         andq	$19, %rdx
@@ -9717,93 +9252,81 @@ _fe_sq_avx2:
         pushq	%r14
         pushq	%r15
         # Square
-        # A[0] * A[1]
         movq	(%rsi), %rdx
-        mulxq	8(%rsi), %r9, %r10
+        movq	8(%rsi), %rax
+        # A[0] * A[1]
+        movq	%rdx, %r15
+        mulxq	%rax, %r9, %r10
         # A[0] * A[3]
         mulxq	24(%rsi), %r11, %r12
         # A[2] * A[1]
         movq	16(%rsi), %rdx
-        mulxq	8(%rsi), %rcx, %rbx
-        xorq	%r15, %r15
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r8, %r8
         adoxq	%rcx, %r11
         # A[2] * A[3]
         mulxq	24(%rsi), %r13, %r14
         adoxq	%rbx, %r12
         # A[2] * A[0]
-        mulxq	(%rsi), %rcx, %rbx
-        adoxq	%r15, %r13
+        mulxq	%r15, %rcx, %rbx
+        adoxq	%r8, %r13
         adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        adoxq	%r8, %r14
         # A[1] * A[3]
-        movq	8(%rsi), %rdx
-        mulxq	24(%rsi), %rax, %r8
+        movq	%rax, %rdx
+        mulxq	24(%rsi), %rcx, %rdx
         adcxq	%rbx, %r11
-        adcxq	%rax, %r12
-        adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r12
+        adcxq	%rdx, %r13
+        adcxq	%r8, %r14
         # A[0] * A[0]
-        movq	(%rsi), %rdx
-        mulxq	%rdx, %r8, %rax
+        movq	%r15, %rdx
+        mulxq	%rdx, %r8, %rcx
+        xorq	%r15, %r15
         adcxq	%r9, %r9
         # A[1] * A[1]
-        movq	8(%rsi), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r9
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r10, %r10
-        adoxq	%rax, %r9
-        adcxq	%r11, %r11
         adoxq	%rcx, %r10
+        adcxq	%r11, %r11
         # A[2] * A[2]
         movq	16(%rsi), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r12, %r12
         adoxq	%rbx, %r11
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r12, %r12
+        adoxq	%rbx, %r12
         adcxq	%r13, %r13
-        adoxq	%rax, %r12
         # A[3] * A[3]
         movq	24(%rsi), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r14, %r14
         adoxq	%rcx, %r13
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r14, %r14
+        adoxq	%rcx, %r14
         adcxq	%r15, %r15
-        adoxq	%rax, %r14
         adoxq	%rbx, %r15
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%r15, %r15, %rbx
+        addq	%r15, %r11
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r12, %rax, %r12
-        adcxq	%rax, %r8
+        adoxq	%rbx, %r8
+        mulxq	%r12, %rbx, %r12
+        adcxq	%rbx, %r8
         adoxq	%r12, %r9
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
+        adcxq	%rcx, %r11
         movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
         movq	%r11, %rdx
         sarq	$63, %rdx
         andq	$19, %rdx
@@ -9847,101 +9370,80 @@ _fe_sq_n_avx2:
         movq	%rdx, %rbp
 L_fe_sq_n_avx2:
         # Square
-        # A[0] * A[1]
         movq	(%rsi), %rdx
-        mulxq	8(%rsi), %r9, %r10
+        movq	8(%rsi), %rax
+        # A[0] * A[1]
+        movq	%rdx, %r15
+        mulxq	%rax, %r9, %r10
         # A[0] * A[3]
         mulxq	24(%rsi), %r11, %r12
         # A[2] * A[1]
         movq	16(%rsi), %rdx
-        mulxq	8(%rsi), %rcx, %rbx
-        xorq	%r15, %r15
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r8, %r8
         adoxq	%rcx, %r11
         # A[2] * A[3]
         mulxq	24(%rsi), %r13, %r14
         adoxq	%rbx, %r12
         # A[2] * A[0]
-        mulxq	(%rsi), %rcx, %rbx
-        adoxq	%r15, %r13
+        mulxq	%r15, %rcx, %rbx
+        adoxq	%r8, %r13
         adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        adoxq	%r8, %r14
         # A[1] * A[3]
-        movq	8(%rsi), %rdx
-        mulxq	24(%rsi), %rax, %r8
+        movq	%rax, %rdx
+        mulxq	24(%rsi), %rcx, %rdx
         adcxq	%rbx, %r11
-        adcxq	%rax, %r12
-        adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r12
+        adcxq	%rdx, %r13
+        adcxq	%r8, %r14
         # A[0] * A[0]
-        movq	(%rsi), %rdx
-        mulxq	%rdx, %r8, %rax
+        movq	%r15, %rdx
+        mulxq	%rdx, %r8, %rcx
+        xorq	%r15, %r15
         adcxq	%r9, %r9
         # A[1] * A[1]
-        movq	8(%rsi), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r9
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r10, %r10
-        adoxq	%rax, %r9
-        adcxq	%r11, %r11
         adoxq	%rcx, %r10
+        adcxq	%r11, %r11
         # A[2] * A[2]
         movq	16(%rsi), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r12, %r12
         adoxq	%rbx, %r11
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r12, %r12
+        adoxq	%rbx, %r12
         adcxq	%r13, %r13
-        adoxq	%rax, %r12
         # A[3] * A[3]
         movq	24(%rsi), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r14, %r14
         adoxq	%rcx, %r13
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r14, %r14
+        adoxq	%rcx, %r14
         adcxq	%r15, %r15
-        adoxq	%rax, %r14
         adoxq	%rbx, %r15
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%r15, %r15, %rbx
+        addq	%r15, %r11
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r11, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r12, %rax, %r12
-        adcxq	%rax, %r8
+        adoxq	%rbx, %r8
+        mulxq	%r12, %rbx, %r12
+        adcxq	%rbx, %r8
         adoxq	%r12, %r9
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        adcxq	%rcx, %r11
         # Store
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
@@ -10002,144 +9504,6 @@ _fe_mul121666_avx2:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_sq2_avx2
-.type	fe_sq2_avx2,@function
-.align	16
-fe_sq2_avx2:
-#else
-.section	__TEXT,__text
-.globl	_fe_sq2_avx2
-.p2align	4
-_fe_sq2_avx2:
-#endif /* __APPLE__ */
-        pushq	%rbx
-        pushq	%r12
-        pushq	%r13
-        pushq	%r14
-        pushq	%r15
-        # Square * 2
-        # A[0] * A[1]
-        movq	(%rsi), %rdx
-        mulxq	8(%rsi), %r9, %r10
-        # A[0] * A[3]
-        mulxq	24(%rsi), %r11, %r12
-        # A[2] * A[1]
-        movq	16(%rsi), %rdx
-        mulxq	8(%rsi), %rcx, %rbx
-        xorq	%r15, %r15
-        adoxq	%rcx, %r11
-        # A[2] * A[3]
-        mulxq	24(%rsi), %r13, %r14
-        adoxq	%rbx, %r12
-        # A[2] * A[0]
-        mulxq	(%rsi), %rcx, %rbx
-        adoxq	%r15, %r13
-        adcxq	%rcx, %r10
-        adoxq	%r15, %r14
-        # A[1] * A[3]
-        movq	8(%rsi), %rdx
-        mulxq	24(%rsi), %rax, %r8
-        adcxq	%rbx, %r11
-        adcxq	%rax, %r12
-        adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
-        # A[0] * A[0]
-        movq	(%rsi), %rdx
-        mulxq	%rdx, %r8, %rax
-        adcxq	%r9, %r9
-        # A[1] * A[1]
-        movq	8(%rsi), %rdx
-        mulxq	%rdx, %rcx, %rbx
-        adcxq	%r10, %r10
-        adoxq	%rax, %r9
-        adcxq	%r11, %r11
-        adoxq	%rcx, %r10
-        # A[2] * A[2]
-        movq	16(%rsi), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r12, %r12
-        adoxq	%rbx, %r11
-        adcxq	%r13, %r13
-        adoxq	%rax, %r12
-        # A[3] * A[3]
-        movq	24(%rsi), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r14, %r14
-        adoxq	%rcx, %r13
-        adcxq	%r15, %r15
-        adoxq	%rax, %r14
-        adoxq	%rbx, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rbx
-        xorq	%rax, %rax
-        #  Move top half into t4-t7 and remove top bit from t3 and double
-        shldq	$3, %r15, %rax
-        shldq	$2, %r14, %r15
-        shldq	$2, %r13, %r14
-        shldq	$2, %r12, %r13
-        shldq	$2, %r11, %r12
-        shldq	$0x01, %r10, %r11
-        shldq	$0x01, %r9, %r10
-        shldq	$0x01, %r8, %r9
-        shlq	$0x01, %r8
-        andq	%rbx, %r11
-        #  Two out left, one in right
-        andq	%rbx, %r15
-        #  Multiply top bits by 19*19
-        imulq	$0x169, %rax, %rcx
-        xorq	%rbx, %rbx
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        adoxq	%rcx, %r8
-        mulxq	%r12, %rax, %r12
-        adcxq	%rax, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
-        adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rax
-        andq	%rbx, %r11
-        addq	%rax, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        popq	%r15
-        popq	%r14
-        popq	%r13
-        popq	%r12
-        popq	%rbx
-        repz retq
-#ifndef __APPLE__
-.size	fe_sq2_avx2,.-fe_sq2_avx2
-#endif /* __APPLE__ */
-#ifndef __APPLE__
-.text
 .globl	fe_invert_avx2
 .type	fe_invert_avx2,@function
 .align	16
@@ -10413,9 +9777,9 @@ _curve25519_avx2:
         pushq	%r15
         pushq	%rbp
         movq	%rdx, %r8
-        subq	$0xc0, %rsp
-        movq	$0x00, 184(%rsp)
-        movq	%rdi, 176(%rsp)
+        subq	$0xb8, %rsp
+        movq	$0x00, 176(%rsp)
+        movq	%rdi, 168(%rsp)
         # Set one
         movq	$0x01, (%rdi)
         movq	$0x00, 8(%rdi)
@@ -10440,18 +9804,18 @@ _curve25519_avx2:
         movq	%r10, 72(%rsp)
         movq	%r11, 80(%rsp)
         movq	%r12, 88(%rsp)
-        movb	$62, 168(%rsp)
-        movq	$3, 160(%rsp)
-L_curve25519_avx2_words:
+        movq	$0xfe, %rbx
 L_curve25519_avx2_bits:
-        movq	184(%rsp), %rbx
-        movq	160(%rsp), %r9
-        movb	168(%rsp), %cl
-        movq	(%rsi,%r9,8), %rax
-        shrq	%cl, %rax
-        andq	$0x01, %rax
-        xorq	%rax, %rbx
-        negq	%rbx
+        movq	176(%rsp), %rax
+        movq	%rbx, 160(%rsp)
+        movq	%rbx, %rcx
+        andq	$63, %rcx
+        shrq	$6, %rbx
+        movq	(%rsi,%rbx,8), %rbx
+        shrq	%cl, %rbx
+        andq	$0x01, %rbx
+        xorq	%rbx, %rax
+        negq	%rax
         # Conditional Swap
         movq	(%rdi), %r9
         movq	8(%rdi), %r10
@@ -10461,10 +9825,10 @@ L_curve25519_avx2_bits:
         xorq	72(%rsp), %r10
         xorq	80(%rsp), %r11
         xorq	88(%rsp), %r12
-        andq	%rbx, %r9
-        andq	%rbx, %r10
-        andq	%rbx, %r11
-        andq	%rbx, %r12
+        andq	%rax, %r9
+        andq	%rax, %r10
+        andq	%rax, %r11
+        andq	%rax, %r12
         xorq	%r9, (%rdi)
         xorq	%r10, 8(%rdi)
         xorq	%r11, 16(%rdi)
@@ -10482,10 +9846,10 @@ L_curve25519_avx2_bits:
         xorq	40(%rsp), %r10
         xorq	48(%rsp), %r11
         xorq	56(%rsp), %r12
-        andq	%rbx, %r9
-        andq	%rbx, %r10
-        andq	%rbx, %r11
-        andq	%rbx, %r12
+        andq	%rax, %r9
+        andq	%rax, %r10
+        andq	%rax, %r11
+        andq	%rax, %r12
         xorq	%r9, (%rsp)
         xorq	%r10, 8(%rsp)
         xorq	%r11, 16(%rsp)
@@ -10494,49 +9858,46 @@ L_curve25519_avx2_bits:
         xorq	%r10, 40(%rsp)
         xorq	%r11, 48(%rsp)
         xorq	%r12, 56(%rsp)
-        movq	%rax, 184(%rsp)
+        movq	%rbx, 176(%rsp)
+        # Add-Sub
         # Add
         movq	(%rdi), %r9
         movq	8(%rdi), %r10
         movq	16(%rdi), %r11
-        movq	24(%rdi), %rax
+        movq	24(%rdi), %r12
         movq	%r9, %r13
         addq	(%rsp), %r9
         movq	%r10, %r14
         adcq	8(%rsp), %r10
         movq	%r11, %r15
         adcq	16(%rsp), %r11
-        movq	%rax, %rbp
-        adcq	24(%rsp), %rax
-        movq	$-19, %rcx
-        movq	%rax, %r12
+        movq	%r12, %rbp
+        adcq	24(%rsp), %r12
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r12, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        sarq	$63, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        imulq	$19, %rcx
+        andq	%rbx, %r12
         #   Sub modulus (if overflow)
-        subq	%rcx, %r9
-        sbbq	%rax, %r10
-        sbbq	%rax, %r11
-        sbbq	%rbx, %r12
+        addq	%rcx, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
         # Sub
         subq	(%rsp), %r13
-        movq	$0x00, %rax
         sbbq	8(%rsp), %r14
-        movq	$-19, %rcx
         sbbq	16(%rsp), %r15
-        movq	$0x7fffffffffffffff, %rbx
         sbbq	24(%rsp), %rbp
-        sbbq	$0x00, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %rbp, %rcx
+        imulq	$-19, %rcx
+        andq	%rbx, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r13
-        adcq	%rax, %r14
-        adcq	%rax, %r15
-        adcq	%rbx, %rbp
+        subq	%rcx, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbp
         movq	%r9, (%rdi)
         movq	%r10, 8(%rdi)
         movq	%r11, 16(%rdi)
@@ -10545,145 +9906,140 @@ L_curve25519_avx2_bits:
         movq	%r14, 136(%rsp)
         movq	%r15, 144(%rsp)
         movq	%rbp, 152(%rsp)
+        # Add-Sub
         # Add
         movq	64(%rsp), %r9
         movq	72(%rsp), %r10
         movq	80(%rsp), %r11
-        movq	88(%rsp), %rax
+        movq	88(%rsp), %r12
         movq	%r9, %r13
         addq	32(%rsp), %r9
         movq	%r10, %r14
         adcq	40(%rsp), %r10
         movq	%r11, %r15
         adcq	48(%rsp), %r11
-        movq	%rax, %rbp
-        adcq	56(%rsp), %rax
-        movq	$-19, %rcx
-        movq	%rax, %r12
+        movq	%r12, %rbp
+        adcq	56(%rsp), %r12
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r12, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        sarq	$63, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        imulq	$19, %rcx
+        andq	%rbx, %r12
         #   Sub modulus (if overflow)
-        subq	%rcx, %r9
-        sbbq	%rax, %r10
-        sbbq	%rax, %r11
-        sbbq	%rbx, %r12
+        addq	%rcx, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
         # Sub
         subq	32(%rsp), %r13
-        movq	$0x00, %rax
         sbbq	40(%rsp), %r14
-        movq	$-19, %rcx
         sbbq	48(%rsp), %r15
-        movq	$0x7fffffffffffffff, %rbx
         sbbq	56(%rsp), %rbp
-        sbbq	$0x00, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %rbp, %rcx
+        imulq	$-19, %rcx
+        andq	%rbx, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r13
-        adcq	%rax, %r14
-        adcq	%rax, %r15
-        adcq	%rbx, %rbp
-        movq	%r9, (%rsp)
-        movq	%r10, 8(%rsp)
-        movq	%r11, 16(%rsp)
-        movq	%r12, 24(%rsp)
+        subq	%rcx, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbp
+        movq	%r9, 32(%rsp)
+        movq	%r10, 40(%rsp)
+        movq	%r11, 48(%rsp)
+        movq	%r12, 56(%rsp)
         movq	%r13, 96(%rsp)
         movq	%r14, 104(%rsp)
         movq	%r15, 112(%rsp)
         movq	%rbp, 120(%rsp)
         # Multiply
         # A[0] * B[0]
-        movq	(%rdi), %rdx
-        mulxq	96(%rsp), %r9, %r10
+        movq	128(%rsp), %rdx
+        mulxq	32(%rsp), %r9, %r10
         # A[2] * B[0]
-        mulxq	112(%rsp), %r11, %r12
+        mulxq	48(%rsp), %r11, %r12
         # A[1] * B[0]
-        mulxq	104(%rsp), %rcx, %rbx
+        mulxq	40(%rsp), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	24(%rdi), %rdx
-        mulxq	104(%rsp), %r13, %r14
+        # A[3] * B[1]
+        movq	136(%rsp), %rdx
+        mulxq	56(%rsp), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	96(%rsp), %rcx, %rbx
+        mulxq	32(%rsp), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	112(%rsp), %rcx, %r15
+        mulxq	48(%rsp), %rcx, %r15
         adoxq	%rbx, %r11
         adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	104(%rsp), %rcx, %rbx
+        movq	144(%rsp), %rdx
+        mulxq	40(%rsp), %rcx, %rbx
         adcxq	%r15, %r13
         adoxq	%rcx, %r12
         adcxq	%rbp, %r14
         adoxq	%rbx, %r13
         # A[0] * B[2]
-        mulxq	96(%rsp), %rcx, %rbx
+        mulxq	32(%rsp), %rcx, %rbx
         adoxq	%rbp, %r14
         xorq	%r15, %r15
         adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	104(%rsp), %rdx, %rcx
+        movq	136(%rsp), %rdx
+        mulxq	40(%rsp), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	8(%rdi), %rdx
+        # A[1] * B[3]
+        movq	152(%rsp), %rdx
         adoxq	%rcx, %r12
-        mulxq	120(%rsp), %rcx, %rbx
+        mulxq	40(%rsp), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	112(%rsp), %rdx, %rcx
+        movq	144(%rsp), %rdx
+        mulxq	48(%rsp), %rdx, %rcx
         adcxq	%rbx, %r14
         adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rdi), %rdx
+        movq	152(%rsp), %rdx
         adoxq	%rcx, %r14
-        mulxq	120(%rsp), %rcx, %rbx
+        mulxq	56(%rsp), %rcx, %rbx
         adoxq	%rbp, %r15
         adcxq	%rcx, %r15
         # A[0] * B[3]
-        mulxq	96(%rsp), %rdx, %rcx
+        mulxq	32(%rsp), %rdx, %rcx
         adcxq	%rbx, %rbp
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rdi), %rdx
+        movq	56(%rsp), %rdx
         adcxq	%rcx, %r13
-        mulxq	120(%rsp), %rdx, %rcx
+        mulxq	128(%rsp), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        # A[2] * B[3]
-        movq	24(%rdi), %rdx
-        mulxq	112(%rsp), %rdx, %rcx
-        adcxq	%rdx, %r14
         # A[3] * B[2]
-        movq	16(%rdi), %rdx
+        movq	56(%rsp), %rdx
+        mulxq	144(%rsp), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	152(%rsp), %rdx
         adcxq	%rcx, %r15
-        mulxq	120(%rsp), %rcx, %rdx
+        mulxq	48(%rsp), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -10693,28 +10049,7 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rbx, %r12
         # Store
         movq	%r9, 32(%rsp)
         movq	%r10, 40(%rsp)
@@ -10722,93 +10057,91 @@ L_curve25519_avx2_bits:
         movq	%r12, 56(%rsp)
         # Multiply
         # A[0] * B[0]
-        movq	128(%rsp), %rdx
-        mulxq	(%rsp), %r9, %r10
+        movq	(%rdi), %rdx
+        mulxq	96(%rsp), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsp), %r11, %r12
+        mulxq	112(%rsp), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsp), %rcx, %rbx
+        mulxq	104(%rsp), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	152(%rsp), %rdx
-        mulxq	8(%rsp), %r13, %r14
+        # A[3] * B[1]
+        movq	8(%rdi), %rdx
+        mulxq	120(%rsp), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	136(%rsp), %rdx
-        mulxq	(%rsp), %rcx, %rbx
+        mulxq	96(%rsp), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsp), %rcx, %r15
+        mulxq	112(%rsp), %rcx, %r15
         adoxq	%rbx, %r11
         adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	144(%rsp), %rdx
-        mulxq	8(%rsp), %rcx, %rbx
+        movq	16(%rdi), %rdx
+        mulxq	104(%rsp), %rcx, %rbx
         adcxq	%r15, %r13
         adoxq	%rcx, %r12
         adcxq	%rbp, %r14
         adoxq	%rbx, %r13
         # A[0] * B[2]
-        mulxq	(%rsp), %rcx, %rbx
+        mulxq	96(%rsp), %rcx, %rbx
         adoxq	%rbp, %r14
         xorq	%r15, %r15
         adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	136(%rsp), %rdx
-        mulxq	8(%rsp), %rdx, %rcx
+        movq	8(%rdi), %rdx
+        mulxq	104(%rsp), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	136(%rsp), %rdx
+        # A[1] * B[3]
+        movq	24(%rdi), %rdx
         adoxq	%rcx, %r12
-        mulxq	24(%rsp), %rcx, %rbx
+        mulxq	104(%rsp), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	144(%rsp), %rdx
-        mulxq	16(%rsp), %rdx, %rcx
+        movq	16(%rdi), %rdx
+        mulxq	112(%rsp), %rdx, %rcx
         adcxq	%rbx, %r14
         adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	152(%rsp), %rdx
+        movq	24(%rdi), %rdx
         adoxq	%rcx, %r14
-        mulxq	24(%rsp), %rcx, %rbx
+        mulxq	120(%rsp), %rcx, %rbx
         adoxq	%rbp, %r15
         adcxq	%rcx, %r15
         # A[0] * B[3]
-        mulxq	(%rsp), %rdx, %rcx
+        mulxq	96(%rsp), %rdx, %rcx
         adcxq	%rbx, %rbp
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	128(%rsp), %rdx
+        movq	120(%rsp), %rdx
         adcxq	%rcx, %r13
-        mulxq	24(%rsp), %rdx, %rcx
+        mulxq	(%rdi), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        # A[2] * B[3]
-        movq	152(%rsp), %rdx
-        mulxq	16(%rsp), %rdx, %rcx
-        adcxq	%rdx, %r14
         # A[3] * B[2]
-        movq	144(%rsp), %rdx
+        movq	120(%rsp), %rdx
+        mulxq	16(%rdi), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rdi), %rdx
         adcxq	%rcx, %r15
-        mulxq	24(%rsp), %rcx, %rdx
+        mulxq	112(%rsp), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -10818,285 +10151,219 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rbx, %r12
         # Store
         movq	%r9, (%rsp)
         movq	%r10, 8(%rsp)
         movq	%r11, 16(%rsp)
         movq	%r12, 24(%rsp)
         # Square
-        # A[0] * A[1]
         movq	128(%rsp), %rdx
-        mulxq	136(%rsp), %r10, %r11
+        movq	136(%rsp), %rax
+        # A[0] * A[1]
+        movq	%rdx, %rbp
+        mulxq	%rax, %r10, %r11
         # A[0] * A[3]
         mulxq	152(%rsp), %r12, %r13
         # A[2] * A[1]
         movq	144(%rsp), %rdx
-        mulxq	136(%rsp), %rcx, %rbx
-        xorq	%rbp, %rbp
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r9, %r9
         adoxq	%rcx, %r12
         # A[2] * A[3]
         mulxq	152(%rsp), %r14, %r15
         adoxq	%rbx, %r13
         # A[2] * A[0]
-        mulxq	128(%rsp), %rcx, %rbx
-        adoxq	%rbp, %r14
+        mulxq	%rbp, %rcx, %rbx
+        adoxq	%r9, %r14
         adcxq	%rcx, %r11
-        adoxq	%rbp, %r15
+        adoxq	%r9, %r15
         # A[1] * A[3]
-        movq	136(%rsp), %rdx
-        mulxq	152(%rsp), %rax, %r9
+        movq	%rax, %rdx
+        mulxq	152(%rsp), %rcx, %rdx
         adcxq	%rbx, %r12
-        adcxq	%rax, %r13
-        adcxq	%r9, %r14
-        adcxq	%rbp, %r15
-        # Double with Carry Flag
-        xorq	%rbp, %rbp
+        adcxq	%rcx, %r13
+        adcxq	%rdx, %r14
+        adcxq	%r9, %r15
         # A[0] * A[0]
-        movq	128(%rsp), %rdx
-        mulxq	%rdx, %r9, %rax
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r9, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r10, %r10
         # A[1] * A[1]
-        movq	136(%rsp), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r10
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r11, %r11
-        adoxq	%rax, %r10
-        adcxq	%r12, %r12
         adoxq	%rcx, %r11
+        adcxq	%r12, %r12
         # A[2] * A[2]
         movq	144(%rsp), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r13, %r13
         adoxq	%rbx, %r12
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r13, %r13
+        adoxq	%rbx, %r13
         adcxq	%r14, %r14
-        adoxq	%rax, %r13
         # A[3] * A[3]
         movq	152(%rsp), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r15, %r15
         adoxq	%rcx, %r14
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r15, %r15
+        adoxq	%rcx, %r15
         adcxq	%rbp, %rbp
-        adoxq	%rax, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rbx
+        addq	%rbp, %r12
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        adoxq	%rbx, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %rax, %r15
-        adcxq	%rax, %r11
+        mulxq	%r15, %rbx, %r15
+        adcxq	%rbx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r12
-        addq	%rax, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rcx, %r12
         # Store
         movq	%r9, 96(%rsp)
         movq	%r10, 104(%rsp)
         movq	%r11, 112(%rsp)
         movq	%r12, 120(%rsp)
         # Square
-        # A[0] * A[1]
         movq	(%rdi), %rdx
-        mulxq	8(%rdi), %r10, %r11
+        movq	8(%rdi), %rax
+        # A[0] * A[1]
+        movq	%rdx, %rbp
+        mulxq	%rax, %r10, %r11
         # A[0] * A[3]
         mulxq	24(%rdi), %r12, %r13
         # A[2] * A[1]
         movq	16(%rdi), %rdx
-        mulxq	8(%rdi), %rcx, %rbx
-        xorq	%rbp, %rbp
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r9, %r9
         adoxq	%rcx, %r12
         # A[2] * A[3]
         mulxq	24(%rdi), %r14, %r15
         adoxq	%rbx, %r13
         # A[2] * A[0]
-        mulxq	(%rdi), %rcx, %rbx
-        adoxq	%rbp, %r14
+        mulxq	%rbp, %rcx, %rbx
+        adoxq	%r9, %r14
         adcxq	%rcx, %r11
-        adoxq	%rbp, %r15
+        adoxq	%r9, %r15
         # A[1] * A[3]
-        movq	8(%rdi), %rdx
-        mulxq	24(%rdi), %rax, %r9
+        movq	%rax, %rdx
+        mulxq	24(%rdi), %rcx, %rdx
         adcxq	%rbx, %r12
-        adcxq	%rax, %r13
-        adcxq	%r9, %r14
-        adcxq	%rbp, %r15
-        # Double with Carry Flag
-        xorq	%rbp, %rbp
+        adcxq	%rcx, %r13
+        adcxq	%rdx, %r14
+        adcxq	%r9, %r15
         # A[0] * A[0]
-        movq	(%rdi), %rdx
-        mulxq	%rdx, %r9, %rax
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r9, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r10, %r10
         # A[1] * A[1]
-        movq	8(%rdi), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r10
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r11, %r11
-        adoxq	%rax, %r10
-        adcxq	%r12, %r12
         adoxq	%rcx, %r11
+        adcxq	%r12, %r12
         # A[2] * A[2]
         movq	16(%rdi), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r13, %r13
         adoxq	%rbx, %r12
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r13, %r13
+        adoxq	%rbx, %r13
         adcxq	%r14, %r14
-        adoxq	%rax, %r13
         # A[3] * A[3]
         movq	24(%rdi), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r15, %r15
         adoxq	%rcx, %r14
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r15, %r15
+        adoxq	%rcx, %r15
         adcxq	%rbp, %rbp
-        adoxq	%rax, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rbx
+        addq	%rbp, %r12
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        adoxq	%rbx, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %rax, %r15
-        adcxq	%rax, %r11
+        mulxq	%r15, %rbx, %r15
+        adcxq	%rbx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r12
-        addq	%rax, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rcx, %r12
         # Store
         movq	%r9, 128(%rsp)
         movq	%r10, 136(%rsp)
         movq	%r11, 144(%rsp)
         movq	%r12, 152(%rsp)
+        # Add-Sub
         # Add
-        movq	32(%rsp), %r9
-        movq	40(%rsp), %r10
-        movq	48(%rsp), %r11
-        movq	56(%rsp), %rax
+        movq	(%rsp), %r9
+        movq	8(%rsp), %r10
+        movq	16(%rsp), %r11
+        movq	24(%rsp), %r12
         movq	%r9, %r13
-        addq	(%rsp), %r9
+        addq	32(%rsp), %r9
         movq	%r10, %r14
-        adcq	8(%rsp), %r10
+        adcq	40(%rsp), %r10
         movq	%r11, %r15
-        adcq	16(%rsp), %r11
-        movq	%rax, %rbp
-        adcq	24(%rsp), %rax
-        movq	$-19, %rcx
-        movq	%rax, %r12
+        adcq	48(%rsp), %r11
+        movq	%r12, %rbp
+        adcq	56(%rsp), %r12
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r12, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        sarq	$63, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        imulq	$19, %rcx
+        andq	%rbx, %r12
         #   Sub modulus (if overflow)
-        subq	%rcx, %r9
-        sbbq	%rax, %r10
-        sbbq	%rax, %r11
-        sbbq	%rbx, %r12
+        addq	%rcx, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
         # Sub
-        subq	(%rsp), %r13
-        movq	$0x00, %rax
-        sbbq	8(%rsp), %r14
-        movq	$-19, %rcx
-        sbbq	16(%rsp), %r15
-        movq	$0x7fffffffffffffff, %rbx
-        sbbq	24(%rsp), %rbp
-        sbbq	$0x00, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        subq	32(%rsp), %r13
+        sbbq	40(%rsp), %r14
+        sbbq	48(%rsp), %r15
+        sbbq	56(%rsp), %rbp
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %rbp, %rcx
+        imulq	$-19, %rcx
+        andq	%rbx, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r13
-        adcq	%rax, %r14
-        adcq	%rax, %r15
-        adcq	%rbx, %rbp
+        subq	%rcx, %r13
+        sbbq	$0x00, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbp
         movq	%r9, 64(%rsp)
         movq	%r10, 72(%rsp)
         movq	%r11, 80(%rsp)
         movq	%r12, 88(%rsp)
-        movq	%r13, (%rsp)
-        movq	%r14, 8(%rsp)
-        movq	%r15, 16(%rsp)
-        movq	%rbp, 24(%rsp)
+        movq	%r13, 32(%rsp)
+        movq	%r14, 40(%rsp)
+        movq	%r15, 48(%rsp)
+        movq	%rbp, 56(%rsp)
         # Multiply
         # A[0] * B[0]
         movq	96(%rsp), %rdx
@@ -11107,12 +10374,11 @@ L_curve25519_avx2_bits:
         mulxq	136(%rsp), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	120(%rsp), %rdx
-        mulxq	136(%rsp), %r13, %r14
+        # A[3] * B[1]
+        movq	104(%rsp), %rdx
+        mulxq	152(%rsp), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	104(%rsp), %rdx
         mulxq	128(%rsp), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
@@ -11136,10 +10402,10 @@ L_curve25519_avx2_bits:
         mulxq	136(%rsp), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	104(%rsp), %rdx
+        # A[1] * B[3]
+        movq	120(%rsp), %rdx
         adoxq	%rcx, %r12
-        mulxq	152(%rsp), %rcx, %rbx
+        mulxq	136(%rsp), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
         movq	112(%rsp), %rdx
@@ -11158,34 +10424,33 @@ L_curve25519_avx2_bits:
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	96(%rsp), %rdx
+        movq	152(%rsp), %rdx
         adcxq	%rcx, %r13
-        mulxq	152(%rsp), %rdx, %rcx
+        mulxq	96(%rsp), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
+        # A[3] * B[2]
+        movq	152(%rsp), %rdx
+        mulxq	112(%rsp), %rdx, %rcx
+        adcxq	%rdx, %r14
         # A[2] * B[3]
         movq	120(%rsp), %rdx
-        mulxq	144(%rsp), %rdx, %rcx
-        adcxq	%rdx, %r14
-        # A[3] * B[2]
-        movq	112(%rsp), %rdx
         adcxq	%rcx, %r15
-        mulxq	152(%rsp), %rcx, %rdx
+        mulxq	144(%rsp), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -11195,28 +10460,7 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rbx, %r12
         # Store
         movq	%r9, (%rdi)
         movq	%r10, 8(%rdi)
@@ -11228,126 +10472,103 @@ L_curve25519_avx2_bits:
         movq	144(%rsp), %r11
         movq	152(%rsp), %r12
         subq	96(%rsp), %r9
-        movq	$0x00, %rax
         sbbq	104(%rsp), %r10
-        movq	$-19, %rcx
         sbbq	112(%rsp), %r11
-        movq	$0x7fffffffffffffff, %rbx
         sbbq	120(%rsp), %r12
-        sbbq	$0x00, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %r12, %rcx
+        movq	$0x7fffffffffffffff, %rbx
+        imulq	$-19, %rcx
+        andq	%rbx, %r12
         #   Add modulus (if underflow)
-        addq	%rcx, %r9
-        adcq	%rax, %r10
-        adcq	%rax, %r11
-        adcq	%rbx, %r12
+        subq	%rcx, %r9
+        sbbq	$0x00, %r10
+        sbbq	$0x00, %r11
+        sbbq	$0x00, %r12
         movq	%r9, 128(%rsp)
         movq	%r10, 136(%rsp)
         movq	%r11, 144(%rsp)
         movq	%r12, 152(%rsp)
         # Square
+        movq	32(%rsp), %rdx
+        movq	40(%rsp), %rax
         # A[0] * A[1]
-        movq	(%rsp), %rdx
-        mulxq	8(%rsp), %r10, %r11
+        movq	%rdx, %rbp
+        mulxq	%rax, %r10, %r11
         # A[0] * A[3]
-        mulxq	24(%rsp), %r12, %r13
+        mulxq	56(%rsp), %r12, %r13
         # A[2] * A[1]
-        movq	16(%rsp), %rdx
-        mulxq	8(%rsp), %rcx, %rbx
-        xorq	%rbp, %rbp
+        movq	48(%rsp), %rdx
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r9, %r9
         adoxq	%rcx, %r12
         # A[2] * A[3]
-        mulxq	24(%rsp), %r14, %r15
+        mulxq	56(%rsp), %r14, %r15
         adoxq	%rbx, %r13
         # A[2] * A[0]
-        mulxq	(%rsp), %rcx, %rbx
-        adoxq	%rbp, %r14
+        mulxq	%rbp, %rcx, %rbx
+        adoxq	%r9, %r14
         adcxq	%rcx, %r11
-        adoxq	%rbp, %r15
+        adoxq	%r9, %r15
         # A[1] * A[3]
-        movq	8(%rsp), %rdx
-        mulxq	24(%rsp), %rax, %r9
+        movq	%rax, %rdx
+        mulxq	56(%rsp), %rcx, %rdx
         adcxq	%rbx, %r12
-        adcxq	%rax, %r13
-        adcxq	%r9, %r14
-        adcxq	%rbp, %r15
-        # Double with Carry Flag
-        xorq	%rbp, %rbp
+        adcxq	%rcx, %r13
+        adcxq	%rdx, %r14
+        adcxq	%r9, %r15
         # A[0] * A[0]
-        movq	(%rsp), %rdx
-        mulxq	%rdx, %r9, %rax
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r9, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r10, %r10
         # A[1] * A[1]
-        movq	8(%rsp), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r10
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r11, %r11
-        adoxq	%rax, %r10
-        adcxq	%r12, %r12
         adoxq	%rcx, %r11
+        adcxq	%r12, %r12
         # A[2] * A[2]
-        movq	16(%rsp), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r13, %r13
+        movq	48(%rsp), %rdx
         adoxq	%rbx, %r12
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r13, %r13
+        adoxq	%rbx, %r13
         adcxq	%r14, %r14
-        adoxq	%rax, %r13
         # A[3] * A[3]
-        movq	24(%rsp), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r15, %r15
+        movq	56(%rsp), %rdx
         adoxq	%rcx, %r14
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r15, %r15
+        adoxq	%rcx, %r15
         adcxq	%rbp, %rbp
-        adoxq	%rax, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rbx
+        addq	%rbp, %r12
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        adoxq	%rbx, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %rax, %r15
-        adcxq	%rax, %r11
+        mulxq	%r15, %rbx, %r15
+        adcxq	%rbx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r12
-        addq	%rax, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rcx, %r12
         # Store
-        movq	%r9, (%rsp)
-        movq	%r10, 8(%rsp)
-        movq	%r11, 16(%rsp)
-        movq	%r12, 24(%rsp)
+        movq	%r9, 32(%rsp)
+        movq	%r10, 40(%rsp)
+        movq	%r11, 48(%rsp)
+        movq	%r12, 56(%rsp)
         movq	$0x1db42, %rdx
         mulxq	128(%rsp), %r9, %rbp
         mulxq	136(%rsp), %r10, %r15
@@ -11365,106 +10586,85 @@ L_curve25519_avx2_bits:
         adcq	$0x00, %r10
         adcq	$0x00, %r11
         adcq	$0x00, %r12
-        movq	%r9, 32(%rsp)
-        movq	%r10, 40(%rsp)
-        movq	%r11, 48(%rsp)
-        movq	%r12, 56(%rsp)
+        movq	%r9, (%rsp)
+        movq	%r10, 8(%rsp)
+        movq	%r11, 16(%rsp)
+        movq	%r12, 24(%rsp)
         # Square
-        # A[0] * A[1]
         movq	64(%rsp), %rdx
-        mulxq	72(%rsp), %r10, %r11
+        movq	72(%rsp), %rax
+        # A[0] * A[1]
+        movq	%rdx, %rbp
+        mulxq	%rax, %r10, %r11
         # A[0] * A[3]
         mulxq	88(%rsp), %r12, %r13
         # A[2] * A[1]
         movq	80(%rsp), %rdx
-        mulxq	72(%rsp), %rcx, %rbx
-        xorq	%rbp, %rbp
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r9, %r9
         adoxq	%rcx, %r12
         # A[2] * A[3]
         mulxq	88(%rsp), %r14, %r15
         adoxq	%rbx, %r13
         # A[2] * A[0]
-        mulxq	64(%rsp), %rcx, %rbx
-        adoxq	%rbp, %r14
+        mulxq	%rbp, %rcx, %rbx
+        adoxq	%r9, %r14
         adcxq	%rcx, %r11
-        adoxq	%rbp, %r15
+        adoxq	%r9, %r15
         # A[1] * A[3]
-        movq	72(%rsp), %rdx
-        mulxq	88(%rsp), %rax, %r9
+        movq	%rax, %rdx
+        mulxq	88(%rsp), %rcx, %rdx
         adcxq	%rbx, %r12
-        adcxq	%rax, %r13
-        adcxq	%r9, %r14
-        adcxq	%rbp, %r15
-        # Double with Carry Flag
-        xorq	%rbp, %rbp
+        adcxq	%rcx, %r13
+        adcxq	%rdx, %r14
+        adcxq	%r9, %r15
         # A[0] * A[0]
-        movq	64(%rsp), %rdx
-        mulxq	%rdx, %r9, %rax
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r9, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r10, %r10
         # A[1] * A[1]
-        movq	72(%rsp), %rdx
+        movq	%rax, %rdx
+        adoxq	%rcx, %r10
         mulxq	%rdx, %rcx, %rbx
         adcxq	%r11, %r11
-        adoxq	%rax, %r10
-        adcxq	%r12, %r12
         adoxq	%rcx, %r11
+        adcxq	%r12, %r12
         # A[2] * A[2]
         movq	80(%rsp), %rdx
-        mulxq	%rdx, %rax, %rcx
-        adcxq	%r13, %r13
         adoxq	%rbx, %r12
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r13, %r13
+        adoxq	%rbx, %r13
         adcxq	%r14, %r14
-        adoxq	%rax, %r13
         # A[3] * A[3]
         movq	88(%rsp), %rdx
-        mulxq	%rdx, %rax, %rbx
-        adcxq	%r15, %r15
         adoxq	%rcx, %r14
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r15, %r15
+        adoxq	%rcx, %r15
         adcxq	%rbp, %rbp
-        adoxq	%rax, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rbx
+        addq	%rbp, %r12
+        adcq	$0x00, %rbx
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rbx
+        imulq	$19, %rbx, %rbx
         andq	%rcx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rcx, %rcx
-        mulxq	%r13, %rax, %r13
-        adcxq	%rax, %r9
+        adoxq	%rbx, %r9
+        mulxq	%r13, %rbx, %r13
+        adcxq	%rbx, %r9
         adoxq	%r13, %r10
-        mulxq	%r14, %rax, %r14
-        adcxq	%rax, %r10
+        mulxq	%r14, %rbx, %r14
+        adcxq	%rbx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %rax, %r15
-        adcxq	%rax, %r11
+        mulxq	%r15, %rbx, %r15
+        adcxq	%rbx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rax
-        andq	%rcx, %r12
-        addq	%rax, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rcx, %r12
         # Store
         movq	%r9, 64(%rsp)
         movq	%r10, 72(%rsp)
@@ -11473,31 +10673,30 @@ L_curve25519_avx2_bits:
         # Add
         movq	96(%rsp), %r9
         movq	104(%rsp), %r10
-        addq	32(%rsp), %r9
+        addq	(%rsp), %r9
         movq	112(%rsp), %r11
-        adcq	40(%rsp), %r10
-        movq	120(%rsp), %rax
-        adcq	48(%rsp), %r11
-        movq	$-19, %rcx
-        adcq	56(%rsp), %rax
+        adcq	8(%rsp), %r10
+        movq	120(%rsp), %r12
+        adcq	16(%rsp), %r11
+        adcq	24(%rsp), %r12
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r12, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        movq	%rax, %r12
-        sarq	$63, %rax
-        #   Mask the modulus
-        andq	%rax, %rcx
-        andq	%rax, %rbx
+        imulq	$19, %rcx
+        andq	%rbx, %r12
         #   Sub modulus (if overflow)
-        subq	%rcx, %r9
-        sbbq	%rax, %r10
-        sbbq	%rax, %r11
-        sbbq	%rbx, %r12
+        addq	%rcx, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
         movq	%r9, 96(%rsp)
         movq	%r10, 104(%rsp)
         movq	%r11, 112(%rsp)
         movq	%r12, 120(%rsp)
         # Multiply
         # A[0] * B[0]
-        movq	(%rsp), %rdx
+        movq	32(%rsp), %rdx
         mulxq	(%r8), %r9, %r10
         # A[2] * B[0]
         mulxq	16(%r8), %r11, %r12
@@ -11505,12 +10704,11 @@ L_curve25519_avx2_bits:
         mulxq	8(%r8), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	24(%rsp), %rdx
-        mulxq	8(%r8), %r13, %r14
+        # A[3] * B[1]
+        movq	40(%rsp), %rdx
+        mulxq	24(%r8), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	8(%rsp), %rdx
         mulxq	(%r8), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
@@ -11518,7 +10716,7 @@ L_curve25519_avx2_bits:
         adoxq	%rbx, %r11
         adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rsp), %rdx
+        movq	48(%rsp), %rdx
         mulxq	8(%r8), %rcx, %rbx
         adcxq	%r15, %r13
         adoxq	%rcx, %r12
@@ -11530,22 +10728,22 @@ L_curve25519_avx2_bits:
         xorq	%r15, %r15
         adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rsp), %rdx
+        movq	40(%rsp), %rdx
         mulxq	8(%r8), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	8(%rsp), %rdx
+        # A[1] * B[3]
+        movq	56(%rsp), %rdx
         adoxq	%rcx, %r12
-        mulxq	24(%r8), %rcx, %rbx
+        mulxq	8(%r8), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rsp), %rdx
+        movq	48(%rsp), %rdx
         mulxq	16(%r8), %rdx, %rcx
         adcxq	%rbx, %r14
         adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rsp), %rdx
+        movq	56(%rsp), %rdx
         adoxq	%rcx, %r14
         mulxq	24(%r8), %rcx, %rbx
         adoxq	%rbp, %r15
@@ -11556,34 +10754,33 @@ L_curve25519_avx2_bits:
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rsp), %rdx
+        movq	24(%r8), %rdx
         adcxq	%rcx, %r13
-        mulxq	24(%r8), %rdx, %rcx
+        mulxq	32(%rsp), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        # A[2] * B[3]
-        movq	24(%rsp), %rdx
-        mulxq	16(%r8), %rdx, %rcx
-        adcxq	%rdx, %r14
         # A[3] * B[2]
-        movq	16(%rsp), %rdx
+        movq	24(%r8), %rdx
+        mulxq	48(%rsp), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	56(%rsp), %rdx
         adcxq	%rcx, %r15
-        mulxq	24(%r8), %rcx, %rdx
+        mulxq	16(%r8), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -11593,28 +10790,7 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rbx, %r12
         # Store
         movq	%r9, 32(%rsp)
         movq	%r10, 40(%rsp)
@@ -11630,12 +10806,11 @@ L_curve25519_avx2_bits:
         mulxq	136(%rsp), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	120(%rsp), %rdx
-        mulxq	136(%rsp), %r13, %r14
+        # A[3] * B[1]
+        movq	104(%rsp), %rdx
+        mulxq	152(%rsp), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	104(%rsp), %rdx
         mulxq	128(%rsp), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
@@ -11659,10 +10834,10 @@ L_curve25519_avx2_bits:
         mulxq	136(%rsp), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	104(%rsp), %rdx
+        # A[1] * B[3]
+        movq	120(%rsp), %rdx
         adoxq	%rcx, %r12
-        mulxq	152(%rsp), %rcx, %rbx
+        mulxq	136(%rsp), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
         movq	112(%rsp), %rdx
@@ -11681,34 +10856,33 @@ L_curve25519_avx2_bits:
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	96(%rsp), %rdx
+        movq	152(%rsp), %rdx
         adcxq	%rcx, %r13
-        mulxq	152(%rsp), %rdx, %rcx
+        mulxq	96(%rsp), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
+        # A[3] * B[2]
+        movq	152(%rsp), %rdx
+        mulxq	112(%rsp), %rdx, %rcx
+        adcxq	%rdx, %r14
         # A[2] * B[3]
         movq	120(%rsp), %rdx
-        mulxq	144(%rsp), %rdx, %rcx
-        adcxq	%rdx, %r14
-        # A[3] * B[2]
-        movq	112(%rsp), %rdx
         adcxq	%rcx, %r15
-        mulxq	152(%rsp), %rcx, %rdx
+        mulxq	144(%rsp), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -11718,38 +10892,15 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
-        movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
-        movq	%r12, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rbx, %r12
-        addq	%rdx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
+        adcxq	%rbx, %r12
         # Store
         movq	%r9, (%rsp)
         movq	%r10, 8(%rsp)
         movq	%r11, 16(%rsp)
         movq	%r12, 24(%rsp)
-        decb	168(%rsp)
+        movq	160(%rsp), %rbx
+        decq	%rbx
         jge	L_curve25519_avx2_bits
-        movq	$63, 168(%rsp)
-        decb	160(%rsp)
-        jge	L_curve25519_avx2_words
         # Invert
         leaq	32(%rsp), %rdi
         movq	%rsp, %rsi
@@ -11987,7 +11138,7 @@ L_curve25519_avx2_bits:
 #else
         callq	_fe_mul_avx2
 #endif /* __APPLE__ */
-        movq	176(%rsp), %rdi
+        movq	168(%rsp), %rdi
         # Multiply
         # A[0] * B[0]
         movq	(%rsp), %rdx
@@ -11998,12 +11149,11 @@ L_curve25519_avx2_bits:
         mulxq	8(%rdi), %rcx, %rbx
         xorq	%rbp, %rbp
         adcxq	%rcx, %r10
-        # A[1] * B[3]
-        movq	24(%rsp), %rdx
-        mulxq	8(%rdi), %r13, %r14
+        # A[3] * B[1]
+        movq	8(%rsp), %rdx
+        mulxq	24(%rdi), %r13, %r14
         adcxq	%rbx, %r11
         # A[0] * B[1]
-        movq	8(%rsp), %rdx
         mulxq	(%rdi), %rcx, %rbx
         adoxq	%rcx, %r10
         # A[2] * B[1]
@@ -12027,10 +11177,10 @@ L_curve25519_avx2_bits:
         mulxq	8(%rdi), %rdx, %rcx
         adcxq	%rbx, %r12
         adoxq	%rdx, %r11
-        # A[3] * B[1]
-        movq	8(%rsp), %rdx
+        # A[1] * B[3]
+        movq	24(%rsp), %rdx
         adoxq	%rcx, %r12
-        mulxq	24(%rdi), %rcx, %rbx
+        mulxq	8(%rdi), %rcx, %rbx
         adcxq	%rcx, %r13
         # A[2] * B[2]
         movq	16(%rsp), %rdx
@@ -12049,34 +11199,33 @@ L_curve25519_avx2_bits:
         xorq	%rbx, %rbx
         adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rsp), %rdx
+        movq	24(%rdi), %rdx
         adcxq	%rcx, %r13
-        mulxq	24(%rdi), %rdx, %rcx
+        mulxq	(%rsp), %rdx, %rcx
         adoxq	%rdx, %r12
         adoxq	%rcx, %r13
+        # A[3] * B[2]
+        movq	24(%rdi), %rdx
+        mulxq	16(%rsp), %rdx, %rcx
+        adcxq	%rdx, %r14
         # A[2] * B[3]
         movq	24(%rsp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
-        adcxq	%rdx, %r14
-        # A[3] * B[2]
-        movq	16(%rsp), %rdx
         adcxq	%rcx, %r15
-        mulxq	24(%rdi), %rcx, %rdx
+        mulxq	16(%rdi), %rcx, %rdx
         adcxq	%rbx, %rbp
         adoxq	%rcx, %r14
         adoxq	%rdx, %r15
         adoxq	%rbx, %rbp
-        # Reduce
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %rcx
+        addq	%rbp, %r12
+        adcq	$0x00, %rcx
         movq	$0x7fffffffffffffff, %rbx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r15, %rbp
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
         andq	%rbx, %r12
-        #  Multiply top half by 19
-        movq	$19, %rdx
         xorq	%rbx, %rbx
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
@@ -12086,20 +11235,8 @@ L_curve25519_avx2_bits:
         mulxq	%r15, %rcx, %r15
         adcxq	%rcx, %r11
         adoxq	%r15, %r12
-        mulxq	%rbp, %rbp, %rdx
-        adcxq	%rbp, %r12
-        adoxq	%rbx, %rdx
-        adcxq	%rbx, %rdx
-        #  Overflow
-        shldq	$0x01, %r12, %rdx
+        adcxq	%rbx, %r12
         movq	$0x7fffffffffffffff, %rbx
-        imulq	$19, %rdx, %rcx
-        andq	%rbx, %r12
-        addq	%rcx, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        adcq	$0x00, %r12
-        # Reduce if top bit set
         movq	%r12, %rdx
         sarq	$63, %rdx
         andq	$19, %rdx
@@ -12108,7 +11245,7 @@ L_curve25519_avx2_bits:
         adcq	$0x00, %r10
         adcq	$0x00, %r11
         adcq	$0x00, %r12
-        movq	$0x7fffffffffffffff, %rbx
+        movq	$0x7fffffffffffffff, %rcx
         movq	%r9, %rdx
         addq	$19, %rdx
         movq	%r10, %rdx
@@ -12119,18 +11256,18 @@ L_curve25519_avx2_bits:
         adcq	$0x00, %rdx
         sarq	$63, %rdx
         andq	$19, %rdx
+        andq	%rcx, %r12
         addq	%rdx, %r9
         adcq	$0x00, %r10
         adcq	$0x00, %r11
         adcq	$0x00, %r12
-        andq	%rbx, %r12
         # Store
         movq	%r9, (%rdi)
         movq	%r10, 8(%rdi)
         movq	%r11, 16(%rdi)
         movq	%r12, 24(%rdi)
         xorq	%rax, %rax
-        addq	$0xc0, %rsp
+        addq	$0xb8, %rsp
         popq	%rbp
         popq	%r15
         popq	%r14
@@ -12141,6 +11278,126 @@ L_curve25519_avx2_bits:
 #ifndef __APPLE__
 .size	curve25519_avx2,.-curve25519_avx2
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
+#ifndef __APPLE__
+.text
+.globl	fe_sq2_avx2
+.type	fe_sq2_avx2,@function
+.align	16
+fe_sq2_avx2:
+#else
+.section	__TEXT,__text
+.globl	_fe_sq2_avx2
+.p2align	4
+_fe_sq2_avx2:
+#endif /* __APPLE__ */
+        pushq	%rbx
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        # Square * 2
+        movq	(%rsi), %rdx
+        movq	8(%rsi), %rax
+        # A[0] * A[1]
+        movq	%rdx, %r15
+        mulxq	%rax, %r9, %r10
+        # A[0] * A[3]
+        mulxq	24(%rsi), %r11, %r12
+        # A[2] * A[1]
+        movq	16(%rsi), %rdx
+        mulxq	%rax, %rcx, %rbx
+        xorq	%r8, %r8
+        adoxq	%rcx, %r11
+        # A[2] * A[3]
+        mulxq	24(%rsi), %r13, %r14
+        adoxq	%rbx, %r12
+        # A[2] * A[0]
+        mulxq	%r15, %rcx, %rbx
+        adoxq	%r8, %r13
+        adcxq	%rcx, %r10
+        adoxq	%r8, %r14
+        # A[1] * A[3]
+        movq	%rax, %rdx
+        mulxq	24(%rsi), %rcx, %rdx
+        adcxq	%rbx, %r11
+        adcxq	%rcx, %r12
+        adcxq	%rdx, %r13
+        adcxq	%r8, %r14
+        # A[0] * A[0]
+        movq	%r15, %rdx
+        mulxq	%rdx, %r8, %rcx
+        xorq	%r15, %r15
+        adcxq	%r9, %r9
+        # A[1] * A[1]
+        movq	%rax, %rdx
+        adoxq	%rcx, %r9
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r10, %r10
+        adoxq	%rcx, %r10
+        adcxq	%r11, %r11
+        # A[2] * A[2]
+        movq	16(%rsi), %rdx
+        adoxq	%rbx, %r11
+        mulxq	%rdx, %rbx, %rcx
+        adcxq	%r12, %r12
+        adoxq	%rbx, %r12
+        adcxq	%r13, %r13
+        # A[3] * A[3]
+        movq	24(%rsi), %rdx
+        adoxq	%rcx, %r13
+        mulxq	%rdx, %rcx, %rbx
+        adcxq	%r14, %r14
+        adoxq	%rcx, %r14
+        adcxq	%r15, %r15
+        adoxq	%rbx, %r15
+        movq	$38, %rdx
+        mulxq	%r15, %r15, %rax
+        addq	%r15, %r11
+        adcq	$0x00, %rax
+        movq	$0x7fffffffffffffff, %rcx
+        shldq	$0x01, %r11, %rax
+        imulq	$19, %rax, %rax
+        andq	%rcx, %r11
+        xorq	%rcx, %rcx
+        adoxq	%rax, %r8
+        mulxq	%r12, %rax, %r12
+        adcxq	%rax, %r8
+        adoxq	%r12, %r9
+        mulxq	%r13, %rax, %r13
+        adcxq	%rax, %r9
+        adoxq	%r13, %r10
+        mulxq	%r14, %rax, %r14
+        adcxq	%rax, %r10
+        adoxq	%r14, %r11
+        adcxq	%rcx, %r11
+        mov	%r11, %rax
+        shldq	$0x01, %r10, %r11
+        shldq	$0x01, %r9, %r10
+        shldq	$0x01, %r8, %r9
+        shlq	$0x01, %r8
+        movq	$0x7fffffffffffffff, %rcx
+        shrq	$62, %rax
+        andq	%rcx, %r11
+        imulq	$19, %rax, %rax
+        addq	%rax, %r8
+        adcq	$0x00, %r9
+        adcq	$0x00, %r10
+        adcq	$0x00, %r11
+        # Store
+        movq	%r8, (%rdi)
+        movq	%r9, 8(%rdi)
+        movq	%r10, 16(%rdi)
+        movq	%r11, 24(%rdi)
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
+        popq	%rbx
+        repz retq
+#ifndef __APPLE__
+.size	fe_sq2_avx2,.-fe_sq2_avx2
+#endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
 .globl	fe_pow22523_avx2
@@ -12218,7 +11475,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	32(%rsp), %rdi
         leaq	32(%rsp), %rsi
-        movb	$4, %dl
+        movq	$4, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12241,7 +11498,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	32(%rsp), %rdi
         leaq	32(%rsp), %rsi
-        movb	$9, %dl
+        movq	$9, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12264,7 +11521,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	64(%rsp), %rdi
         leaq	64(%rsp), %rsi
-        movb	$19, %dl
+        movq	$19, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12287,7 +11544,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	32(%rsp), %rdi
         leaq	32(%rsp), %rsi
-        movb	$9, %dl
+        movq	$9, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12310,7 +11567,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	32(%rsp), %rdi
         leaq	32(%rsp), %rsi
-        movb	$49, %dl
+        movq	$49, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12333,7 +11590,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	64(%rsp), %rdi
         leaq	64(%rsp), %rsi
-        movb	$0x63, %dl
+        movq	$0x63, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12356,7 +11613,7 @@ _fe_pow22523_avx2:
 #endif /* __APPLE__ */
         leaq	32(%rsp), %rdi
         leaq	32(%rsp), %rsi
-        movb	$49, %dl
+        movq	$49, %rdx
 #ifndef __APPLE__
         callq	fe_sq_n_avx2@plt
 #else
@@ -12398,4197 +11655,3916 @@ _fe_pow22523_avx2:
         repz retq
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p2_avx2
-.type	fe_ge_to_p2_avx2,@function
+.globl	ge_p1p1_to_p2_avx2
+.type	ge_p1p1_to_p2_avx2,@function
 .align	16
-fe_ge_to_p2_avx2:
+ge_p1p1_to_p2_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p2_avx2
+.globl	_ge_p1p1_to_p2_avx2
 .p2align	4
-_fe_ge_to_p2_avx2:
+_ge_p1p1_to_p2_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$40, %rsp
-        movq	%rsi, (%rsp)
-        movq	%rdx, 8(%rsp)
-        movq	%rcx, 16(%rsp)
-        movq	%r8, 24(%rsp)
-        movq	%r9, 32(%rsp)
-        movq	16(%rsp), %rsi
-        movq	88(%rsp), %rbx
+        pushq	%rbx
+        subq	$16, %rsp
+        movq	%rdi, (%rsp)
+        movq	%rsi, 8(%rsp)
+        leaq	96(%rsi), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
+        movq	8(%rax), %rdx
         mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rbx), %rdx
+        movq	16(%rax), %rdx
         mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
         mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
+        movq	24(%rsi), %rdx
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	24(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        leaq	64(%rsi), %rsi
+        leaq	64(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
+        movq	8(%rax), %rdx
         mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rbx), %rdx
+        movq	16(%rax), %rdx
         mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
         mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
+        movq	24(%rsi), %rdx
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	88(%rsp), %rsi
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        leaq	-32(%rsi), %rax
+        leaq	-32(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rsi), %rdx
-        mulxq	(%rbx), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rbx), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rbx), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rsi), %rdx
-        mulxq	8(%rbx), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rsi), %rdx
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rbx), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rsi), %rdx
-        mulxq	8(%rbx), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rsi), %rdx
-        mulxq	8(%rbx), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rsi), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rbx), %rcx, %rax
-        adcxq	%rcx, %r12
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %rcx
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rsi), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %rcx
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rsi), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rbx), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
-        mulxq	(%rbx), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        mulxq	(%rsi), %rdx, %rcx
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rsi), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rbx), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
         movq	24(%rsi), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rsi), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rbx), %rcx, %rdx
-        adcxq	%rax, %r15
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$40, %rsp
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_to_p2_avx2,.-fe_ge_to_p2_avx2
+.size	ge_p1p1_to_p2_avx2,.-ge_p1p1_to_p2_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p3_avx2
-.type	fe_ge_to_p3_avx2,@function
+.globl	ge_p1p1_to_p3_avx2
+.type	ge_p1p1_to_p3_avx2,@function
 .align	16
-fe_ge_to_p3_avx2:
+ge_p1p1_to_p3_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p3_avx2
+.globl	_ge_p1p1_to_p3_avx2
 .p2align	4
-_fe_ge_to_p3_avx2:
+_ge_p1p1_to_p3_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$40, %rsp
-        movq	%rsi, (%rsp)
-        movq	%rdx, 8(%rsp)
-        movq	%rcx, 16(%rsp)
-        movq	%r8, 24(%rsp)
-        movq	%r9, 32(%rsp)
-        movq	24(%rsp), %rsi
-        movq	96(%rsp), %rbx
+        pushq	%rbx
+        subq	$16, %rsp
+        movq	%rdi, (%rsp)
+        movq	%rsi, 8(%rsp)
+        leaq	96(%rsi), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
+        movq	8(%rax), %rdx
         mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rbx), %rdx
+        movq	16(%rax), %rdx
         mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
         mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
+        movq	24(%rsi), %rdx
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	(%rsp), %rdi
-        movq	32(%rsp), %rsi
-        movq	88(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        leaq	32(%rsi), %rax
+        leaq	96(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
+        movq	8(%rax), %rdx
         mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rbx), %rdx
+        movq	16(%rax), %rdx
         mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
         mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
+        movq	24(%rsi), %rdx
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	96(%rsp), %rsi
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        leaq	64(%rsi), %rsi
+        leaq	-64(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rsi), %rdx
-        mulxq	(%rbx), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rbx), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rbx), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rsi), %rdx
-        mulxq	8(%rbx), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rsi), %rdx
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rbx), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rsi), %rdx
-        mulxq	8(%rbx), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rsi), %rdx
-        mulxq	8(%rbx), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rsi), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rbx), %rcx, %rax
-        adcxq	%rcx, %r12
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %rcx
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rsi), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %rcx
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rsi), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rbx), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
-        mulxq	(%rbx), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        mulxq	(%rsi), %rdx, %rcx
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rsi), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rbx), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
         movq	24(%rsi), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rsi), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rbx), %rcx, %rdx
-        adcxq	%rax, %r15
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	24(%rsp), %rsi
-        movq	32(%rsp), %rbx
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        leaq	32(%rsi), %rax
+        leaq	32(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r9, %r10
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r11, %r12
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %rcx, %r8
+        xorq	%rbx, %rbx
+        adcxq	%rcx, %r10
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r13, %r14
+        adcxq	%r8, %r11
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rcx, %r10
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %rcx, %r15
+        adoxq	%r8, %r11
+        adcxq	%rcx, %r12
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %rcx, %r8
         adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        adoxq	%rcx, %r12
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %rcx, %r8
+        adoxq	%rbx, %r14
+        xorq	%r15, %r15
+        adcxq	%rcx, %r11
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
+        movq	8(%rax), %rdx
         mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
+        adcxq	%r8, %r12
+        adoxq	%rdx, %r11
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r12
+        mulxq	8(%rsi), %rcx, %r8
+        adcxq	%rcx, %r13
         # A[2] * B[2]
-        movq	16(%rbx), %rdx
+        movq	16(%rax), %rdx
         mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
-        adoxq	%rdx, %r12
+        adcxq	%r8, %r14
+        adoxq	%rdx, %r13
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r14
+        mulxq	24(%rsi), %rcx, %r8
+        adoxq	%rbx, %r15
+        adcxq	%rcx, %r15
         # A[0] * B[3]
         mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        adcxq	%r8, %rbx
+        xorq	%r8, %r8
+        adcxq	%rdx, %r12
         # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
-        # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
+        movq	24(%rsi), %rdx
+        adcxq	%rcx, %r13
+        mulxq	(%rax), %rdx, %rcx
+        adoxq	%rdx, %r12
         adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %rcx
+        adcxq	%rdx, %r14
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%rcx, %r15
+        mulxq	16(%rsi), %rcx, %rdx
+        adcxq	%r8, %rbx
+        adoxq	%rcx, %r14
+        adoxq	%rdx, %r15
+        adoxq	%r8, %rbx
+        movq	$38, %rdx
+        mulxq	%rbx, %rbx, %rcx
+        addq	%rbx, %r12
+        adcq	$0x00, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        shldq	$0x01, %r12, %rcx
+        imulq	$19, %rcx, %rcx
+        andq	%r8, %r12
+        xorq	%r8, %r8
+        adoxq	%rcx, %r9
         mulxq	%r13, %rcx, %r13
         adcxq	%rcx, %r9
         adoxq	%r13, %r10
         mulxq	%r14, %rcx, %r14
         adcxq	%rcx, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %rcx, %r15
+        adcxq	%rcx, %r11
+        adoxq	%r15, %r12
+        adcxq	%r8, %r12
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        addq	$40, %rsp
+        movq	%r9, (%rdi)
+        movq	%r10, 8(%rdi)
+        movq	%r11, 16(%rdi)
+        movq	%r12, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_to_p3_avx2,.-fe_ge_to_p3_avx2
+.size	ge_p1p1_to_p3_avx2,.-ge_p1p1_to_p3_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_dbl_avx2
-.type	fe_ge_dbl_avx2,@function
+.globl	ge_p2_dbl_avx2
+.type	ge_p2_dbl_avx2,@function
 .align	16
-fe_ge_dbl_avx2:
+ge_p2_dbl_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_dbl_avx2
+.globl	_ge_p2_dbl_avx2
 .p2align	4
-_fe_ge_dbl_avx2:
+_ge_p2_dbl_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbp
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$48, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        subq	$16, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	32(%rsp), %rsi
+        leaq	64(%rdi), %rdi
         # Square
-        # A[0] * A[1]
         movq	(%rsi), %rdx
-        mulxq	8(%rsi), %r9, %r10
+        movq	8(%rsi), %r9
+        # A[0] * A[1]
+        movq	%rdx, %rbp
+        mulxq	%r9, %r11, %r12
         # A[0] * A[3]
-        mulxq	24(%rsi), %r11, %r12
+        mulxq	24(%rsi), %r13, %r14
         # A[2] * A[1]
         movq	16(%rsi), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adoxq	%rcx, %r11
+        mulxq	%r9, %rcx, %r8
+        xorq	%r10, %r10
+        adoxq	%rcx, %r13
         # A[2] * A[3]
-        mulxq	24(%rsi), %r13, %r14
-        adoxq	%rax, %r12
+        mulxq	24(%rsi), %r15, %rbx
+        adoxq	%r8, %r14
         # A[2] * A[0]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        mulxq	%rbp, %rcx, %r8
+        adoxq	%r10, %r15
+        adcxq	%rcx, %r12
+        adoxq	%r10, %rbx
         # A[1] * A[3]
-        movq	8(%rsi), %rdx
-        mulxq	24(%rsi), %rbp, %r8
-        adcxq	%rax, %r11
-        adcxq	%rbp, %r12
+        movq	%r9, %rdx
+        mulxq	24(%rsi), %rcx, %rdx
         adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r14
+        adcxq	%rdx, %r15
+        adcxq	%r10, %rbx
         # A[0] * A[0]
-        movq	(%rsi), %rdx
-        mulxq	%rdx, %r8, %rbp
-        adcxq	%r9, %r9
-        # A[1] * A[1]
-        movq	8(%rsi), %rdx
-        mulxq	%rdx, %rcx, %rax
-        adcxq	%r10, %r10
-        adoxq	%rbp, %r9
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r10, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r11, %r11
-        adoxq	%rcx, %r10
-        # A[2] * A[2]
-        movq	16(%rsi), %rdx
-        mulxq	%rdx, %rbp, %rcx
+        # A[1] * A[1]
+        movq	%r9, %rdx
+        adoxq	%rcx, %r11
+        mulxq	%rdx, %rcx, %r8
         adcxq	%r12, %r12
-        adoxq	%rax, %r11
+        adoxq	%rcx, %r12
         adcxq	%r13, %r13
-        adoxq	%rbp, %r12
-        # A[3] * A[3]
-        movq	24(%rsi), %rdx
-        mulxq	%rdx, %rbp, %rax
+        # A[2] * A[2]
+        movq	16(%rsi), %rdx
+        adoxq	%r8, %r13
+        mulxq	%rdx, %r8, %rcx
         adcxq	%r14, %r14
-        adoxq	%rcx, %r13
+        adoxq	%r8, %r14
         adcxq	%r15, %r15
-        adoxq	%rbp, %r14
-        adoxq	%rax, %r15
-        # Reduce
+        # A[3] * A[3]
+        movq	24(%rsi), %rdx
+        adoxq	%rcx, %r15
+        mulxq	%rdx, %rcx, %r8
+        adcxq	%rbx, %rbx
+        adoxq	%rcx, %rbx
+        adcxq	%rbp, %rbp
+        adoxq	%r8, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%rcx, %r13
         xorq	%rcx, %rcx
-        mulxq	%r12, %rbp, %r12
-        adcxq	%rbp, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rbp, %r13
-        adcxq	%rbp, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rbp, %r14
-        adcxq	%rbp, %r10
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rbp
-        andq	%rcx, %r11
-        addq	%rbp, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%rcx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	16(%rsp), %rdi
-        movq	40(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	32(%rsi), %rsi
         # Square
+        movq	(%rsi), %rdx
+        movq	8(%rsi), %r9
         # A[0] * A[1]
-        movq	(%rbx), %rdx
-        mulxq	8(%rbx), %r9, %r10
+        movq	%rdx, %rbp
+        mulxq	%r9, %r11, %r12
         # A[0] * A[3]
-        mulxq	24(%rbx), %r11, %r12
+        mulxq	24(%rsi), %r13, %r14
         # A[2] * A[1]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rbx), %rcx, %rax
-        xorq	%r15, %r15
-        adoxq	%rcx, %r11
+        movq	16(%rsi), %rdx
+        mulxq	%r9, %rcx, %r8
+        xorq	%r10, %r10
+        adoxq	%rcx, %r13
         # A[2] * A[3]
-        mulxq	24(%rbx), %r13, %r14
-        adoxq	%rax, %r12
+        mulxq	24(%rsi), %r15, %rbx
+        adoxq	%r8, %r14
         # A[2] * A[0]
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%r15, %r13
-        adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        mulxq	%rbp, %rcx, %r8
+        adoxq	%r10, %r15
+        adcxq	%rcx, %r12
+        adoxq	%r10, %rbx
         # A[1] * A[3]
-        movq	8(%rbx), %rdx
-        mulxq	24(%rbx), %rbp, %r8
-        adcxq	%rax, %r11
-        adcxq	%rbp, %r12
+        movq	%r9, %rdx
+        mulxq	24(%rsi), %rcx, %rdx
         adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r14
+        adcxq	%rdx, %r15
+        adcxq	%r10, %rbx
         # A[0] * A[0]
-        movq	(%rbx), %rdx
-        mulxq	%rdx, %r8, %rbp
-        adcxq	%r9, %r9
-        # A[1] * A[1]
-        movq	8(%rbx), %rdx
-        mulxq	%rdx, %rcx, %rax
-        adcxq	%r10, %r10
-        adoxq	%rbp, %r9
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r10, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r11, %r11
-        adoxq	%rcx, %r10
-        # A[2] * A[2]
-        movq	16(%rbx), %rdx
-        mulxq	%rdx, %rbp, %rcx
+        # A[1] * A[1]
+        movq	%r9, %rdx
+        adoxq	%rcx, %r11
+        mulxq	%rdx, %rcx, %r8
         adcxq	%r12, %r12
-        adoxq	%rax, %r11
+        adoxq	%rcx, %r12
         adcxq	%r13, %r13
-        adoxq	%rbp, %r12
-        # A[3] * A[3]
-        movq	24(%rbx), %rdx
-        mulxq	%rdx, %rbp, %rax
+        # A[2] * A[2]
+        movq	16(%rsi), %rdx
+        adoxq	%r8, %r13
+        mulxq	%rdx, %r8, %rcx
         adcxq	%r14, %r14
-        adoxq	%rcx, %r13
+        adoxq	%r8, %r14
         adcxq	%r15, %r15
-        adoxq	%rbp, %r14
-        adoxq	%rax, %r15
-        # Reduce
+        # A[3] * A[3]
+        movq	24(%rsi), %rdx
+        adoxq	%rcx, %r15
+        mulxq	%rdx, %rcx, %r8
+        adcxq	%rbx, %rbx
+        adoxq	%rcx, %rbx
+        adcxq	%rbp, %rbp
+        adoxq	%r8, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%rcx, %r13
         xorq	%rcx, %rcx
-        mulxq	%r12, %rbp, %r12
-        adcxq	%rbp, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rbp, %r13
-        adcxq	%rbp, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rbp, %r14
-        adcxq	%rbp, %r10
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rbp
-        andq	%rcx, %r11
-        addq	%rbp, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%rcx, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
+        movq	%rdi, %rsi
+        leaq	-32(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	(%rbx), %r8
-        movq	16(%rsi), %r10
-        adcq	8(%rbx), %r9
-        movq	24(%rsi), %rdx
-        adcq	16(%rbx), %r10
-        movq	$-19, %rcx
-        adcq	24(%rbx), %rdx
-        movq	$0x7fffffffffffffff, %rax
-        movq	%rdx, %r11
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        movq	%r10, %r14
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r13, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        imulq	$19, %rcx
+        andq	%r8, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	24(%rsp), %rsi
+        addq	%rcx, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %rbp, %rcx
+        imulq	$-19, %rcx
+        andq	%r8, %rbp
+        #   Add modulus (if underflow)
+        subq	%rcx, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	8(%rsp), %rax
+        leaq	32(%rax), %rsi
+        leaq	-32(%rdi), %rdi
+        # Add
+        movq	(%rsi), %r10
+        movq	8(%rsi), %r11
+        addq	(%rax), %r10
+        movq	16(%rsi), %r12
+        adcq	8(%rax), %r11
+        movq	24(%rsi), %r13
+        adcq	16(%rax), %r12
+        adcq	24(%rax), %r13
+        movq	$0x00, %rcx
+        adcq	$0x00, %rcx
+        shldq	$0x01, %r13, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        imulq	$19, %rcx
+        andq	%r8, %r13
+        #   Sub modulus (if overflow)
+        addq	%rcx, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
         # Square
-        # A[0] * A[1]
         movq	(%rdi), %rdx
-        mulxq	8(%rdi), %r9, %r10
+        movq	8(%rdi), %r9
+        # A[0] * A[1]
+        movq	%rdx, %rbp
+        mulxq	%r9, %r11, %r12
         # A[0] * A[3]
-        mulxq	24(%rdi), %r11, %r12
+        mulxq	24(%rdi), %r13, %r14
         # A[2] * A[1]
         movq	16(%rdi), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adoxq	%rcx, %r11
+        mulxq	%r9, %rcx, %r8
+        xorq	%r10, %r10
+        adoxq	%rcx, %r13
         # A[2] * A[3]
-        mulxq	24(%rdi), %r13, %r14
-        adoxq	%rax, %r12
+        mulxq	24(%rdi), %r15, %rbx
+        adoxq	%r8, %r14
         # A[2] * A[0]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        mulxq	%rbp, %rcx, %r8
+        adoxq	%r10, %r15
+        adcxq	%rcx, %r12
+        adoxq	%r10, %rbx
         # A[1] * A[3]
-        movq	8(%rdi), %rdx
-        mulxq	24(%rdi), %rbp, %r8
-        adcxq	%rax, %r11
-        adcxq	%rbp, %r12
+        movq	%r9, %rdx
+        mulxq	24(%rdi), %rcx, %rdx
         adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r14
+        adcxq	%rdx, %r15
+        adcxq	%r10, %rbx
         # A[0] * A[0]
-        movq	(%rdi), %rdx
-        mulxq	%rdx, %r8, %rbp
-        adcxq	%r9, %r9
-        # A[1] * A[1]
-        movq	8(%rdi), %rdx
-        mulxq	%rdx, %rcx, %rax
-        adcxq	%r10, %r10
-        adoxq	%rbp, %r9
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r10, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r11, %r11
-        adoxq	%rcx, %r10
-        # A[2] * A[2]
-        movq	16(%rdi), %rdx
-        mulxq	%rdx, %rbp, %rcx
+        # A[1] * A[1]
+        movq	%r9, %rdx
+        adoxq	%rcx, %r11
+        mulxq	%rdx, %rcx, %r8
         adcxq	%r12, %r12
-        adoxq	%rax, %r11
+        adoxq	%rcx, %r12
         adcxq	%r13, %r13
-        adoxq	%rbp, %r12
-        # A[3] * A[3]
-        movq	24(%rdi), %rdx
-        mulxq	%rdx, %rbp, %rax
+        # A[2] * A[2]
+        movq	16(%rdi), %rdx
+        adoxq	%r8, %r13
+        mulxq	%rdx, %r8, %rcx
         adcxq	%r14, %r14
-        adoxq	%rcx, %r13
+        adoxq	%r8, %r14
         adcxq	%r15, %r15
-        adoxq	%rbp, %r14
-        adoxq	%rax, %r15
-        # Reduce
+        # A[3] * A[3]
+        movq	24(%rdi), %rdx
+        adoxq	%rcx, %r15
+        mulxq	%rdx, %rcx, %r8
+        adcxq	%rbx, %rbx
+        adoxq	%rcx, %rbx
+        adcxq	%rbp, %rbp
+        adoxq	%r8, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
         movq	$0x7fffffffffffffff, %rcx
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rcx, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%rcx, %r13
         xorq	%rcx, %rcx
-        mulxq	%r12, %rbp, %r12
-        adcxq	%rbp, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rbp, %r13
-        adcxq	%rbp, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rbp, %r14
-        adcxq	%rbp, %r10
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rcx, %rdx
-        adcxq	%rcx, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rcx
-        imulq	$19, %rdx, %rbp
-        andq	%rcx, %r11
-        addq	%rbp, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rcx, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%rcx, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	16(%rsp), %rsi
-        movq	(%rsp), %rbx
-        # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %rdx
-        movq	%r8, %r12
-        addq	(%rbx), %r8
-        movq	%r9, %r13
-        adcq	8(%rbx), %r9
-        movq	%r10, %r14
-        adcq	16(%rbx), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbx), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        leaq	32(%rdi), %rsi
         # Sub
-        subq	(%rbx), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbx), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbx), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbx), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	24(%rsp), %rsi
-        # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rdi), %r8
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r9
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r10
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r11
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r10
+        sbbq	8(%rsi), %r11
+        sbbq	16(%rsi), %r12
+        sbbq	24(%rsi), %r13
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %r13, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        imulq	$-19, %rcx
+        andq	%r8, %r13
         #   Add modulus (if underflow)
-        addq	%rcx, %r8
-        adcq	%rdx, %r9
-        adcq	%rdx, %r10
-        adcq	%rax, %r11
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	104(%rsp), %rdi
+        subq	%rcx, %r10
+        sbbq	$0x00, %r11
+        sbbq	$0x00, %r12
+        sbbq	$0x00, %r13
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	64(%rax), %rax
         # Square * 2
+        movq	(%rax), %rdx
+        movq	8(%rax), %r9
         # A[0] * A[1]
-        movq	(%rdi), %rdx
-        mulxq	8(%rdi), %r9, %r10
+        movq	%rdx, %rbp
+        mulxq	%r9, %r11, %r12
         # A[0] * A[3]
-        mulxq	24(%rdi), %r11, %r12
+        mulxq	24(%rax), %r13, %r14
         # A[2] * A[1]
-        movq	16(%rdi), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adoxq	%rcx, %r11
+        movq	16(%rax), %rdx
+        mulxq	%r9, %rcx, %r8
+        xorq	%r10, %r10
+        adoxq	%rcx, %r13
         # A[2] * A[3]
-        mulxq	24(%rdi), %r13, %r14
-        adoxq	%rax, %r12
+        mulxq	24(%rax), %r15, %rbx
+        adoxq	%r8, %r14
         # A[2] * A[0]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        adcxq	%rcx, %r10
-        adoxq	%r15, %r14
+        mulxq	%rbp, %rcx, %r8
+        adoxq	%r10, %r15
+        adcxq	%rcx, %r12
+        adoxq	%r10, %rbx
         # A[1] * A[3]
-        movq	8(%rdi), %rdx
-        mulxq	24(%rdi), %rbp, %r8
-        adcxq	%rax, %r11
-        adcxq	%rbp, %r12
+        movq	%r9, %rdx
+        mulxq	24(%rax), %rcx, %rdx
         adcxq	%r8, %r13
-        adcxq	%r15, %r14
-        # Double with Carry Flag
-        xorq	%r15, %r15
+        adcxq	%rcx, %r14
+        adcxq	%rdx, %r15
+        adcxq	%r10, %rbx
         # A[0] * A[0]
-        movq	(%rdi), %rdx
-        mulxq	%rdx, %r8, %rbp
-        adcxq	%r9, %r9
-        # A[1] * A[1]
-        movq	8(%rdi), %rdx
-        mulxq	%rdx, %rcx, %rax
-        adcxq	%r10, %r10
-        adoxq	%rbp, %r9
+        movq	%rbp, %rdx
+        mulxq	%rdx, %r10, %rcx
+        xorq	%rbp, %rbp
         adcxq	%r11, %r11
-        adoxq	%rcx, %r10
-        # A[2] * A[2]
-        movq	16(%rdi), %rdx
-        mulxq	%rdx, %rbp, %rcx
+        # A[1] * A[1]
+        movq	%r9, %rdx
+        adoxq	%rcx, %r11
+        mulxq	%rdx, %rcx, %r8
         adcxq	%r12, %r12
-        adoxq	%rax, %r11
+        adoxq	%rcx, %r12
         adcxq	%r13, %r13
-        adoxq	%rbp, %r12
-        # A[3] * A[3]
-        movq	24(%rdi), %rdx
-        mulxq	%rdx, %rbp, %rax
+        # A[2] * A[2]
+        movq	16(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	%rdx, %r8, %rcx
         adcxq	%r14, %r14
-        adoxq	%rcx, %r13
+        adoxq	%r8, %r14
         adcxq	%r15, %r15
-        adoxq	%rbp, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        xorq	%rbp, %rbp
-        #  Move top half into t4-t7 and remove top bit from t3 and double
-        shldq	$3, %r15, %rbp
-        shldq	$2, %r14, %r15
-        shldq	$2, %r13, %r14
-        shldq	$2, %r12, %r13
-        shldq	$2, %r11, %r12
-        shldq	$0x01, %r10, %r11
-        shldq	$0x01, %r9, %r10
-        shldq	$0x01, %r8, %r9
-        shlq	$0x01, %r8
-        andq	%rax, %r11
-        #  Two out left, one in right
-        andq	%rax, %r15
-        #  Multiply top bits by 19*19
-        imulq	$0x169, %rbp, %rcx
-        xorq	%rax, %rax
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        adoxq	%rcx, %r8
-        mulxq	%r12, %rbp, %r12
-        adcxq	%rbp, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rbp, %r13
-        adcxq	%rbp, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rbp, %r14
-        adcxq	%rbp, %r10
-        adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rbp
-        andq	%rax, %r11
-        addq	%rbp, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
+        # A[3] * A[3]
+        movq	24(%rax), %rdx
+        adoxq	%rcx, %r15
+        mulxq	%rdx, %rcx, %r8
+        adcxq	%rbx, %rbx
+        adoxq	%rcx, %rbx
+        adcxq	%rbp, %rbp
+        adoxq	%r8, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r9
+        addq	%rbp, %r13
         adcq	$0x00, %r9
-        adcq	$0x00, %r10
+        movq	$0x7fffffffffffffff, %rcx
+        shldq	$0x01, %r13, %r9
+        imulq	$19, %r9, %r9
+        andq	%rcx, %r13
+        xorq	%rcx, %rcx
+        adoxq	%r9, %r10
+        mulxq	%r14, %r9, %r14
+        adcxq	%r9, %r10
+        adoxq	%r14, %r11
+        mulxq	%r15, %r9, %r15
+        adcxq	%r9, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r9, %rbx
+        adcxq	%r9, %r12
+        adoxq	%rbx, %r13
+        adcxq	%rcx, %r13
+        mov	%r13, %r9
+        shldq	$0x01, %r12, %r13
+        shldq	$0x01, %r11, %r12
+        shldq	$0x01, %r10, %r11
+        shlq	$0x01, %r10
+        movq	$0x7fffffffffffffff, %rcx
+        shrq	$62, %r9
+        andq	%rcx, %r13
+        imulq	$19, %r9, %r9
+        addq	%r9, %r10
         adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	16(%rsp), %rdi
+        leaq	64(%rdi), %rsi
+        leaq	96(%rdi), %rdi
         # Sub
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %r11
-        subq	(%rdi), %r8
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r9
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r10
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r11
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r10
+        sbbq	8(%rsi), %r11
+        sbbq	16(%rsi), %r12
+        sbbq	24(%rsi), %r13
+        sbbq	%rcx, %rcx
+        shldq	$0x01, %r13, %rcx
+        movq	$0x7fffffffffffffff, %r8
+        imulq	$-19, %rcx
+        andq	%r8, %r13
         #   Add modulus (if underflow)
-        addq	%rcx, %r8
-        adcq	%rdx, %r9
-        adcq	%rdx, %r10
-        adcq	%rax, %r11
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        addq	$48, %rsp
+        subq	%rcx, %r10
+        sbbq	$0x00, %r11
+        sbbq	$0x00, %r12
+        sbbq	$0x00, %r13
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        addq	$16, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
-        popq	%rbp
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_dbl_avx2,.-fe_ge_dbl_avx2
+.size	ge_p2_dbl_avx2,.-ge_p2_dbl_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_madd_avx2
-.type	fe_ge_madd_avx2,@function
+.globl	ge_madd_avx2
+.type	ge_madd_avx2,@function
 .align	16
-fe_ge_madd_avx2:
+ge_madd_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_madd_avx2
+.globl	_ge_madd_avx2
 .p2align	4
-_fe_ge_madd_avx2:
+_ge_madd_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbp
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$48, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rax
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	8(%rsp), %rsi
-        movq	40(%rsp), %rbx
-        movq	32(%rsp), %rbp
-        # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rbp), %r8
-        movq	%r9, %r13
-        adcq	8(%rbp), %r9
-        movq	%r10, %r14
-        adcq	16(%rbp), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbp), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        # Sub
-        subq	(%rbp), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbp), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbp), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbp), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	16(%rsp), %rbx
-        movq	128(%rsp), %rbp
+        movq	%rax, 16(%rsp)
+        leaq	96(%rsi), %rcx
+        leaq	64(%rax), %rax
+        leaq	96(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rdi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rdi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rdi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rdi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rdi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rdi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rdi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rdi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rdi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rdi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	136(%rsp), %rdi
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%rsi, %rcx
+        leaq	32(%rsi), %rax
+        leaq	-64(%rdi), %rsi
+        leaq	-96(%rdi), %rdi
+        # Add-Sub
+        # Add
+        movq	(%rax), %r10
+        movq	8(%rax), %r11
+        movq	16(%rax), %r12
+        movq	24(%rax), %r13
+        movq	%r10, %r14
+        addq	(%rcx), %r10
+        movq	%r11, %r15
+        adcq	8(%rcx), %r11
+        movq	%r12, %rbx
+        adcq	16(%rcx), %r12
+        movq	%r13, %rbp
+        adcq	24(%rcx), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
+        #   Sub modulus (if overflow)
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rcx), %r14
+        sbbq	8(%rcx), %r15
+        sbbq	16(%rcx), %rbx
+        sbbq	24(%rcx), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
+        #   Add modulus (if underflow)
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rdi), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rdi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rdi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rdi), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rdi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rdi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rdi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rdi), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rdi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rdi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rdi), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rdi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        mulxq	(%rdi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
+        adcxq	%rdx, %r13
         # A[3] * B[0]
-        movq	(%rdi), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
         movq	24(%rdi), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rdi), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rdi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rdi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	24(%rsp), %rdi
-        movq	120(%rsp), %rsi
-        movq	112(%rsp), %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rsi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rsi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rsi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rsi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rdi
-        movq	(%rsp), %rsi
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        # Add-Sub
         # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rdi), %r8
-        movq	%r9, %r13
-        adcq	8(%rdi), %r9
+        movq	(%rdi), %r10
+        movq	8(%rdi), %r11
+        movq	16(%rdi), %r12
+        movq	24(%rdi), %r13
         movq	%r10, %r14
-        adcq	16(%rdi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rdi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rdi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	104(%rsp), %rdi
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        leaq	64(%rcx), %rcx
         # Double
-        movq	(%rdi), %r8
-        movq	8(%rdi), %r9
-        addq	%r8, %r8
-        movq	16(%rdi), %r10
-        adcq	%r9, %r9
-        movq	24(%rdi), %rdx
-        adcq	%r10, %r10
-        movq	$-19, %rcx
-        adcq	%rdx, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        movq	%rdx, %r11
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        addq	%r10, %r10
+        movq	16(%rcx), %r12
+        adcq	%r11, %r11
+        movq	24(%rcx), %r13
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	24(%rsp), %rdi
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        leaq	96(%rdi), %rsi
+        leaq	64(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rdi), %r8
-        movq	%r9, %r13
-        adcq	8(%rdi), %r9
         movq	%r10, %r14
-        adcq	16(%rdi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rdi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rdi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	%r12, (%rdi)
-        movq	%r13, 8(%rdi)
-        movq	%r14, 16(%rdi)
-        movq	%r15, 24(%rdi)
-        addq	$48, %rsp
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
-        popq	%rbp
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_madd_avx2,.-fe_ge_madd_avx2
+.size	ge_madd_avx2,.-ge_madd_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_msub_avx2
-.type	fe_ge_msub_avx2,@function
+.globl	ge_msub_avx2
+.type	ge_msub_avx2,@function
 .align	16
-fe_ge_msub_avx2:
+ge_msub_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_msub_avx2
+.globl	_ge_msub_avx2
 .p2align	4
-_fe_ge_msub_avx2:
+_ge_msub_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbp
-        pushq	%rbx
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$48, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rax
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	8(%rsp), %rsi
-        movq	40(%rsp), %rbx
-        movq	32(%rsp), %rbp
-        # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rbp), %r8
-        movq	%r9, %r13
-        adcq	8(%rbp), %r9
-        movq	%r10, %r14
-        adcq	16(%rbp), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbp), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        # Sub
-        subq	(%rbp), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbp), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbp), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbp), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	16(%rsp), %rbx
-        movq	136(%rsp), %rbp
+        movq	%rax, 16(%rsp)
+        leaq	96(%rsi), %rcx
+        leaq	64(%rax), %rax
+        leaq	96(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rdi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rdi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rdi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rdi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rdi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rdi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rdi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rdi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rdi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rdi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	128(%rsp), %rdi
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%rsi, %rcx
+        leaq	32(%rsi), %rax
+        leaq	-64(%rdi), %rsi
+        leaq	-96(%rdi), %rdi
+        # Add-Sub
+        # Add
+        movq	(%rax), %r10
+        movq	8(%rax), %r11
+        movq	16(%rax), %r12
+        movq	24(%rax), %r13
+        movq	%r10, %r14
+        addq	(%rcx), %r10
+        movq	%r11, %r15
+        adcq	8(%rcx), %r11
+        movq	%r12, %rbx
+        adcq	16(%rcx), %r12
+        movq	%r13, %rbp
+        adcq	24(%rcx), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
+        #   Sub modulus (if overflow)
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rcx), %r14
+        sbbq	8(%rcx), %r15
+        sbbq	16(%rcx), %rbx
+        sbbq	24(%rcx), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
+        #   Add modulus (if underflow)
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rax
+        leaq	32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rdi), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rdi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rdi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rdi), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rdi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rdi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rdi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rdi), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rdi), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rdi), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rdi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rdi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rdi), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rdi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
+        mulxq	(%rdi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
+        adcxq	%rdx, %r13
         # A[3] * B[0]
-        movq	(%rdi), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
         movq	24(%rdi), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rdx, %r13
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rdi), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rdi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rdi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	24(%rsp), %rdi
-        movq	120(%rsp), %rsi
-        movq	112(%rsp), %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	-32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rsi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rsi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rsi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rsi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rsi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	8(%rsp), %rsi
-        movq	(%rsp), %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        # Add-Sub
         # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rsi), %r8
-        movq	%r9, %r13
-        adcq	8(%rsi), %r9
+        movq	(%rdi), %r10
+        movq	8(%rdi), %r11
+        movq	16(%rdi), %r12
+        movq	24(%rdi), %r13
         movq	%r10, %r14
-        adcq	16(%rsi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rsi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rsi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rsi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rsi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rsi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	%r12, (%rbp)
-        movq	%r13, 8(%rbp)
-        movq	%r14, 16(%rbp)
-        movq	%r15, 24(%rbp)
-        movq	104(%rsp), %rsi
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        leaq	64(%rcx), %rcx
         # Double
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        addq	%r8, %r8
-        movq	16(%rsi), %r10
-        adcq	%r9, %r9
-        movq	24(%rsi), %rdx
-        adcq	%r10, %r10
-        movq	$-19, %rcx
-        adcq	%rdx, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        movq	%rdx, %r11
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        movq	(%rcx), %r10
+        movq	8(%rcx), %r11
+        addq	%r10, %r10
+        movq	16(%rcx), %r12
+        adcq	%r11, %r11
+        movq	24(%rcx), %r13
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        leaq	96(%rdi), %rsi
+        leaq	64(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rdi), %r8
-        movq	%r9, %r13
-        adcq	8(%rdi), %r9
         movq	%r10, %r14
-        adcq	16(%rdi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rdi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rdi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rbx)
-        movq	%r13, 8(%rbx)
-        movq	%r14, 16(%rbx)
-        movq	%r15, 24(%rbx)
-        addq	$48, %rsp
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbx
-        popq	%rbp
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_msub_avx2,.-fe_ge_msub_avx2
+.size	ge_msub_avx2,.-ge_msub_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_add_avx2
-.type	fe_ge_add_avx2,@function
+.globl	ge_add_avx2
+.type	ge_add_avx2,@function
 .align	16
-fe_ge_add_avx2:
+ge_add_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_add_avx2
+.globl	_ge_add_avx2
 .p2align	4
-_fe_ge_add_avx2:
+_ge_add_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbx
-        pushq	%rbp
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rax
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	8(%rsp), %rsi
-        movq	40(%rsp), %rbx
-        movq	32(%rsp), %rbp
-        # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rbp), %r8
-        movq	%r9, %r13
-        adcq	8(%rbp), %r9
-        movq	%r10, %r14
-        adcq	16(%rbp), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbp), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        # Sub
-        subq	(%rbp), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbp), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbp), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbp), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	16(%rsp), %rbx
-        movq	168(%rsp), %rbp
+        movq	%rax, 16(%rsp)
+        leaq	96(%rsi), %rcx
+        leaq	96(%rax), %rax
+        leaq	96(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rdi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rdi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rdi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rdi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rdi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rdi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rdi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rdi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rdi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rdi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	176(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%rsi, %rcx
+        leaq	32(%rsi), %rax
+        leaq	-64(%rdi), %rsi
+        leaq	-96(%rdi), %rdi
+        # Add-Sub
+        # Add
+        movq	(%rax), %r10
+        movq	8(%rax), %r11
+        movq	16(%rax), %r12
+        movq	24(%rax), %r13
+        movq	%r10, %r14
+        addq	(%rcx), %r10
+        movq	%r11, %r15
+        adcq	8(%rcx), %r11
+        movq	%r12, %rbx
+        adcq	16(%rcx), %r12
+        movq	%r13, %rbp
+        adcq	24(%rcx), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
+        #   Sub modulus (if overflow)
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rcx), %r14
+        sbbq	8(%rcx), %r15
+        sbbq	16(%rcx), %rbx
+        sbbq	24(%rcx), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
+        #   Add modulus (if underflow)
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rdi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rdi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rdi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rdi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rdi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rdi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rdi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rdi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rdi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rdi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rdi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rdi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	24(%rsp), %rsi
-        movq	160(%rsp), %rbx
-        movq	144(%rsp), %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rbx), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rbx), %r10, %r11
+        mulxq	16(%rsi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rbx), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rbx), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rbx), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rbx), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rbx), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rbx), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rbx), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rsi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rbx), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rbx), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
+        mulxq	(%rsi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rsi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rbx), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rsi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	136(%rsp), %rsi
-        movq	152(%rsp), %rbx
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        leaq	64(%rcx), %rcx
+        leaq	32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rsi
+        leaq	64(%rdi), %rdi
         # Double
-        movq	(%rdi), %r8
-        movq	8(%rdi), %r9
-        addq	%r8, %r8
-        movq	16(%rdi), %r10
-        adcq	%r9, %r9
-        movq	24(%rdi), %rdx
-        adcq	%r10, %r10
-        movq	$-19, %rcx
-        adcq	%rdx, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        movq	%rdx, %r11
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	%r10, %r10
+        adcq	%r11, %r11
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	8(%rsp), %rbx
-        movq	16(%rsp), %rbp
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	-64(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rbp), %r8
-        movq	8(%rbp), %r9
-        movq	16(%rbp), %r10
-        movq	24(%rbp), %rdx
-        movq	%r8, %r12
-        addq	(%rbx), %r8
-        movq	%r9, %r13
-        adcq	8(%rbx), %r9
+        movq	(%rdi), %r10
+        movq	8(%rdi), %r11
+        movq	16(%rdi), %r12
+        movq	24(%rdi), %r13
         movq	%r10, %r14
-        adcq	16(%rbx), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbx), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rbx), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbx), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbx), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbx), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	%r12, (%rdi)
-        movq	%r13, 8(%rdi)
-        movq	%r14, 16(%rdi)
-        movq	%r15, 24(%rdi)
-        movq	24(%rsp), %rdi
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        leaq	96(%rdi), %rsi
+        leaq	64(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %rdx
-        movq	%r8, %r12
-        addq	(%rdi), %r8
-        movq	%r9, %r13
-        adcq	8(%rdi), %r9
+        movq	(%rdi), %r10
+        movq	8(%rdi), %r11
+        movq	16(%rdi), %r12
+        movq	24(%rdi), %r13
         movq	%r10, %r14
-        adcq	16(%rdi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rdi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rdi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rbp)
-        movq	%r9, 8(%rbp)
-        movq	%r10, 16(%rbp)
-        movq	%r11, 24(%rbp)
-        movq	%r12, (%rdi)
-        movq	%r13, 8(%rdi)
-        movq	%r14, 16(%rdi)
-        movq	%r15, 24(%rdi)
-        addq	$0x50, %rsp
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
-        popq	%rbp
-        popq	%rbx
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_add_avx2,.-fe_ge_add_avx2
+.size	ge_add_avx2,.-ge_add_avx2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_sub_avx2
-.type	fe_ge_sub_avx2,@function
+.globl	ge_sub_avx2
+.type	ge_sub_avx2,@function
 .align	16
-fe_ge_sub_avx2:
+ge_sub_avx2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_sub_avx2
+.globl	_ge_sub_avx2
 .p2align	4
-_fe_ge_sub_avx2:
+_ge_sub_avx2:
 #endif /* __APPLE__ */
-        pushq	%rbx
-        pushq	%rbp
         pushq	%r12
         pushq	%r13
         pushq	%r14
         pushq	%r15
-        subq	$0x50, %rsp
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %rax
+        subq	$24, %rsp
         movq	%rdi, (%rsp)
         movq	%rsi, 8(%rsp)
-        movq	%rdx, 16(%rsp)
-        movq	%rcx, 24(%rsp)
-        movq	%r8, 32(%rsp)
-        movq	%r9, 40(%rsp)
-        movq	8(%rsp), %rsi
-        movq	40(%rsp), %rbx
-        movq	32(%rsp), %rbp
-        # Add
-        movq	(%rbx), %r8
-        movq	8(%rbx), %r9
-        movq	16(%rbx), %r10
-        movq	24(%rbx), %rdx
-        movq	%r8, %r12
-        addq	(%rbp), %r8
-        movq	%r9, %r13
-        adcq	8(%rbp), %r9
-        movq	%r10, %r14
-        adcq	16(%rbp), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbp), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        # Sub
-        subq	(%rbp), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbp), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbp), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbp), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
-        #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        movq	%r12, (%rsi)
-        movq	%r13, 8(%rsi)
-        movq	%r14, 16(%rsi)
-        movq	%r15, 24(%rsi)
-        movq	16(%rsp), %rbx
-        movq	176(%rsp), %rbp
+        movq	%rax, 16(%rsp)
+        leaq	96(%rsi), %rcx
+        leaq	96(%rax), %rax
+        leaq	96(%rdi), %rdi
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rdi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rdi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rdi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rdi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rdi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rdi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rdi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rdi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rdi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rdi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rdi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rdi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rdi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rdi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	168(%rsp), %rbx
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%rsi, %rcx
+        leaq	32(%rsi), %rax
+        leaq	-64(%rdi), %rsi
+        leaq	-96(%rdi), %rdi
+        # Add-Sub
+        # Add
+        movq	(%rax), %r10
+        movq	8(%rax), %r11
+        movq	16(%rax), %r12
+        movq	24(%rax), %r13
+        movq	%r10, %r14
+        addq	(%rcx), %r10
+        movq	%r11, %r15
+        adcq	8(%rcx), %r11
+        movq	%r12, %rbx
+        adcq	16(%rcx), %r12
+        movq	%r13, %rbp
+        adcq	24(%rcx), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
+        #   Sub modulus (if overflow)
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        # Sub
+        subq	(%rcx), %r14
+        sbbq	8(%rcx), %r15
+        sbbq	16(%rcx), %rbx
+        sbbq	24(%rcx), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
+        #   Add modulus (if underflow)
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        movq	16(%rsp), %rax
+        leaq	32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rdi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rdi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rdi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rdi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rdi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rdi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rdi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rdi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rdi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rdi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rdi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rdi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rdi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rdi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	24(%rsp), %rsi
-        movq	160(%rsp), %rbx
-        movq	144(%rsp), %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	-32(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbp), %rdx
-        mulxq	(%rbx), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rsi), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rbx), %r10, %r11
+        mulxq	16(%rsi), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rbx), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	8(%rbx), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rsi), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rsi), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rbx), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rsi), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	8(%rbx), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rbx), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rsi), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbp), %rdx
-        mulxq	8(%rbx), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbp), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rbx), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbp), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rsi), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rsi), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rsi), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbp), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rbx), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rsi), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rbx), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbp), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rbx), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbp), %rdx
-        mulxq	16(%rbx), %rdx, %rcx
+        mulxq	(%rsi), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rsi), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbp), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rbx), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rsi), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rsi), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	136(%rsp), %rsi
-        movq	152(%rsp), %rbx
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        leaq	64(%rcx), %rcx
+        leaq	64(%rax), %rax
         # Multiply
         # A[0] * B[0]
-        movq	(%rbx), %rdx
-        mulxq	(%rsi), %r8, %r9
+        movq	(%rax), %rdx
+        mulxq	(%rcx), %r10, %r11
         # A[2] * B[0]
-        mulxq	16(%rsi), %r10, %r11
+        mulxq	16(%rcx), %r12, %r13
         # A[1] * B[0]
-        mulxq	8(%rsi), %rcx, %rax
-        xorq	%r15, %r15
-        adcxq	%rcx, %r9
-        # A[1] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	8(%rsi), %r12, %r13
-        adcxq	%rax, %r10
+        mulxq	8(%rcx), %r8, %r9
+        xorq	%rbp, %rbp
+        adcxq	%r8, %r11
+        # A[3] * B[1]
+        movq	8(%rax), %rdx
+        mulxq	24(%rcx), %r14, %r15
+        adcxq	%r9, %r12
         # A[0] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%rcx, %r9
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%r8, %r11
         # A[2] * B[1]
-        mulxq	16(%rsi), %rcx, %r14
-        adoxq	%rax, %r10
-        adcxq	%rcx, %r11
+        mulxq	16(%rcx), %r8, %rbx
+        adoxq	%r9, %r12
+        adcxq	%r8, %r13
         # A[1] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	8(%rsi), %rcx, %rax
-        adcxq	%r14, %r12
-        adoxq	%rcx, %r11
-        adcxq	%r15, %r13
-        adoxq	%rax, %r12
+        movq	16(%rax), %rdx
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%rbx, %r14
+        adoxq	%r8, %r13
+        adcxq	%rbp, %r15
+        adoxq	%r9, %r14
         # A[0] * B[2]
-        mulxq	(%rsi), %rcx, %rax
-        adoxq	%r15, %r13
-        xorq	%r14, %r14
-        adcxq	%rcx, %r10
+        mulxq	(%rcx), %r8, %r9
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%r8, %r12
         # A[1] * B[1]
-        movq	8(%rbx), %rdx
-        mulxq	8(%rsi), %rdx, %rcx
-        adcxq	%rax, %r11
-        adoxq	%rdx, %r10
-        # A[3] * B[1]
-        movq	8(%rbx), %rdx
-        adoxq	%rcx, %r11
-        mulxq	24(%rsi), %rcx, %rax
-        adcxq	%rcx, %r12
-        # A[2] * B[2]
-        movq	16(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
-        adcxq	%rax, %r13
+        movq	8(%rax), %rdx
+        mulxq	8(%rcx), %rdx, %r8
+        adcxq	%r9, %r13
         adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r13
+        mulxq	8(%rcx), %r8, %r9
+        adcxq	%r8, %r14
+        # A[2] * B[2]
+        movq	16(%rax), %rdx
+        mulxq	16(%rcx), %rdx, %r8
+        adcxq	%r9, %r15
+        adoxq	%rdx, %r14
         # A[3] * B[3]
-        movq	24(%rbx), %rdx
-        adoxq	%rcx, %r13
-        mulxq	24(%rsi), %rcx, %rax
-        adoxq	%r15, %r14
-        adcxq	%rcx, %r14
+        movq	24(%rax), %rdx
+        adoxq	%r8, %r15
+        mulxq	24(%rcx), %r8, %r9
+        adoxq	%rbp, %rbx
+        adcxq	%r8, %rbx
         # A[0] * B[3]
-        mulxq	(%rsi), %rdx, %rcx
-        adcxq	%rax, %r15
-        xorq	%rax, %rax
-        adcxq	%rdx, %r11
-        # A[3] * B[0]
-        movq	(%rbx), %rdx
-        adcxq	%rcx, %r12
-        mulxq	24(%rsi), %rdx, %rcx
-        adoxq	%rdx, %r11
-        adoxq	%rcx, %r12
-        # A[2] * B[3]
-        movq	24(%rbx), %rdx
-        mulxq	16(%rsi), %rdx, %rcx
+        mulxq	(%rcx), %rdx, %r8
+        adcxq	%r9, %rbp
+        xorq	%r9, %r9
         adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rcx), %rdx
+        adcxq	%r8, %r14
+        mulxq	(%rax), %rdx, %r8
+        adoxq	%rdx, %r13
+        adoxq	%r8, %r14
         # A[3] * B[2]
-        movq	16(%rbx), %rdx
-        adcxq	%rcx, %r14
-        mulxq	24(%rsi), %rcx, %rdx
-        adcxq	%rax, %r15
-        adoxq	%rcx, %r13
-        adoxq	%rdx, %r14
-        adoxq	%rax, %r15
-        # Reduce
-        movq	$0x7fffffffffffffff, %rax
-        #  Move top half into t4-t7 and remove top bit from t3
-        shldq	$0x01, %r14, %r15
-        shldq	$0x01, %r13, %r14
-        shldq	$0x01, %r12, %r13
-        shldq	$0x01, %r11, %r12
-        andq	%rax, %r11
-        #  Multiply top half by 19
-        movq	$19, %rdx
-        xorq	%rax, %rax
-        mulxq	%r12, %rcx, %r12
-        adcxq	%rcx, %r8
-        adoxq	%r12, %r9
-        mulxq	%r13, %rcx, %r13
-        adcxq	%rcx, %r9
-        adoxq	%r13, %r10
-        mulxq	%r14, %rcx, %r14
-        adcxq	%rcx, %r10
+        movq	24(%rcx), %rdx
+        mulxq	16(%rax), %rdx, %r8
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%rax), %rdx
+        adcxq	%r8, %rbx
+        mulxq	16(%rcx), %r8, %rdx
+        adcxq	%r9, %rbp
+        adoxq	%r8, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%r9, %rbp
+        movq	$38, %rdx
+        mulxq	%rbp, %rbp, %r8
+        addq	%rbp, %r13
+        adcq	$0x00, %r8
+        movq	$0x7fffffffffffffff, %r9
+        shldq	$0x01, %r13, %r8
+        imulq	$19, %r8, %r8
+        andq	%r9, %r13
+        xorq	%r9, %r9
+        adoxq	%r8, %r10
+        mulxq	%r14, %r8, %r14
+        adcxq	%r8, %r10
         adoxq	%r14, %r11
-        mulxq	%r15, %r15, %rdx
-        adcxq	%r15, %r11
-        adoxq	%rax, %rdx
-        adcxq	%rax, %rdx
-        #  Overflow
-        shldq	$0x01, %r11, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        imulq	$19, %rdx, %rcx
-        andq	%rax, %r11
-        addq	%rcx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
-        # Reduce if top bit set
-        movq	%r11, %rdx
-        sarq	$63, %rdx
-        andq	$19, %rdx
-        andq	%rax, %r11
-        addq	%rdx, %r8
-        adcq	$0x00, %r9
-        adcq	$0x00, %r10
-        adcq	$0x00, %r11
+        mulxq	%r15, %r8, %r15
+        adcxq	%r8, %r11
+        adoxq	%r15, %r12
+        mulxq	%rbx, %r8, %rbx
+        adcxq	%r8, %r12
+        adoxq	%rbx, %r13
+        adcxq	%r9, %r13
         # Store
-        movq	%r8, (%rdi)
-        movq	%r9, 8(%rdi)
-        movq	%r10, 16(%rdi)
-        movq	%r11, 24(%rdi)
-        leaq	48(%rsp), %rsi
+        leaq	64(%rdi), %rdi
         # Double
-        movq	(%rdi), %r8
-        movq	8(%rdi), %r9
-        addq	%r8, %r8
-        movq	16(%rdi), %r10
-        adcq	%r9, %r9
-        movq	24(%rdi), %rdx
-        adcq	%r10, %r10
-        movq	$-19, %rcx
-        adcq	%rdx, %rdx
-        movq	$0x7fffffffffffffff, %rax
-        movq	%rdx, %r11
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	%r10, %r10
+        adcq	%r11, %r11
+        adcq	%r12, %r12
+        adcq	%r13, %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
-        movq	%r8, (%rsi)
-        movq	%r9, 8(%rsi)
-        movq	%r10, 16(%rsi)
-        movq	%r11, 24(%rsi)
-        movq	8(%rsp), %rbx
-        movq	16(%rsp), %rbp
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        leaq	-64(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rbp), %r8
-        movq	8(%rbp), %r9
-        movq	16(%rbp), %r10
-        movq	24(%rbp), %rdx
-        movq	%r8, %r12
-        addq	(%rbx), %r8
-        movq	%r9, %r13
-        adcq	8(%rbx), %r9
+        movq	(%rdi), %r10
+        movq	8(%rdi), %r11
+        movq	16(%rdi), %r12
+        movq	24(%rdi), %r13
         movq	%r10, %r14
-        adcq	16(%rbx), %r10
-        movq	%rdx, %r15
-        adcq	24(%rbx), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rsi), %r10
+        movq	%r11, %r15
+        adcq	8(%rsi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rsi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rsi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rbx), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rbx), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rbx), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rbx), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rsi), %r14
+        sbbq	8(%rsi), %r15
+        sbbq	16(%rsi), %rbx
+        sbbq	24(%rsi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
-        movq	%r8, (%rbx)
-        movq	%r9, 8(%rbx)
-        movq	%r10, 16(%rbx)
-        movq	%r11, 24(%rbx)
-        movq	%r12, (%rdi)
-        movq	%r13, 8(%rdi)
-        movq	%r14, 16(%rdi)
-        movq	%r15, 24(%rdi)
-        movq	24(%rsp), %rdi
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rsi)
+        movq	%r11, 8(%rsi)
+        movq	%r12, 16(%rsi)
+        movq	%r13, 24(%rsi)
+        movq	%r14, (%rdi)
+        movq	%r15, 8(%rdi)
+        movq	%rbx, 16(%rdi)
+        movq	%rbp, 24(%rdi)
+        leaq	64(%rdi), %rsi
+        leaq	96(%rdi), %rdi
+        # Add-Sub
         # Add
-        movq	(%rsi), %r8
-        movq	8(%rsi), %r9
-        movq	16(%rsi), %r10
-        movq	24(%rsi), %rdx
-        movq	%r8, %r12
-        addq	(%rdi), %r8
-        movq	%r9, %r13
-        adcq	8(%rdi), %r9
+        movq	(%rsi), %r10
+        movq	8(%rsi), %r11
+        movq	16(%rsi), %r12
+        movq	24(%rsi), %r13
         movq	%r10, %r14
-        adcq	16(%rdi), %r10
-        movq	%rdx, %r15
-        adcq	24(%rdi), %rdx
-        movq	$-19, %rcx
-        movq	%rdx, %r11
-        movq	$0x7fffffffffffffff, %rax
-        sarq	$63, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        addq	(%rdi), %r10
+        movq	%r11, %r15
+        adcq	8(%rdi), %r11
+        movq	%r12, %rbx
+        adcq	16(%rdi), %r12
+        movq	%r13, %rbp
+        adcq	24(%rdi), %r13
+        movq	$0x00, %r8
+        adcq	$0x00, %r8
+        shldq	$0x01, %r13, %r8
+        movq	$0x7fffffffffffffff, %r9
+        imulq	$19, %r8
+        andq	%r9, %r13
         #   Sub modulus (if overflow)
-        subq	%rcx, %r8
-        sbbq	%rdx, %r9
-        sbbq	%rdx, %r10
-        sbbq	%rax, %r11
+        addq	%r8, %r10
+        adcq	$0x00, %r11
+        adcq	$0x00, %r12
+        adcq	$0x00, %r13
         # Sub
-        subq	(%rdi), %r12
-        movq	$0x00, %rdx
-        sbbq	8(%rdi), %r13
-        movq	$-19, %rcx
-        sbbq	16(%rdi), %r14
-        movq	$0x7fffffffffffffff, %rax
-        sbbq	24(%rdi), %r15
-        sbbq	$0x00, %rdx
-        #   Mask the modulus
-        andq	%rdx, %rcx
-        andq	%rdx, %rax
+        subq	(%rdi), %r14
+        sbbq	8(%rdi), %r15
+        sbbq	16(%rdi), %rbx
+        sbbq	24(%rdi), %rbp
+        sbbq	%r8, %r8
+        shldq	$0x01, %rbp, %r8
+        imulq	$-19, %r8
+        andq	%r9, %rbp
         #   Add modulus (if underflow)
-        addq	%rcx, %r12
-        adcq	%rdx, %r13
-        adcq	%rdx, %r14
-        adcq	%rax, %r15
+        subq	%r8, %r14
+        sbbq	$0x00, %r15
+        sbbq	$0x00, %rbx
+        sbbq	$0x00, %rbp
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
+        movq	%r14, (%rsi)
+        movq	%r15, 8(%rsi)
+        movq	%rbx, 16(%rsi)
+        movq	%rbp, 24(%rsi)
+        addq	$24, %rsp
+        popq	%rbp
+        popq	%rbx
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	ge_sub_avx2,.-ge_sub_avx2
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_reduce_avx2
+.type	sc_reduce_avx2,@function
+.align	16
+sc_reduce_avx2:
+#else
+.section	__TEXT,__text
+.globl	_sc_reduce_avx2
+.p2align	4
+_sc_reduce_avx2:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        pushq	%rbx
+        pushq	%rbp
+        movq	(%rdi), %r8
+        movq	8(%rdi), %r9
+        movq	16(%rdi), %r10
+        movq	24(%rdi), %r11
+        movq	32(%rdi), %r12
+        movq	40(%rdi), %r13
+        movq	48(%rdi), %r14
+        movq	56(%rdi), %r15
+        movq	%r15, %rax
+        movq	$0xfffffffffffffff, %rcx
+        shrq	$56, %rax
+        shldq	$4, %r14, %r15
+        shldq	$4, %r13, %r14
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
+        andq	%rcx, %r11
+        andq	%rcx, %r15
+        # Add order times bits 504..511
+        subq	%rax, %r14
+        sbbq	$0x00, %r15
+        movq	$0xeb2106215d086329, %rdx
+        mulxq	%rax, %rsi, %rcx
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        addq	%rsi, %r13
+        mulxq	%rax, %rsi, %rbx
+        adcq	$0x00, %rcx
+        addq	%rsi, %r12
+        adcq	%rbx, %r13
+        adcq	%rcx, %r14
+        adcq	$0x00, %r15
+        # Sub product of top 4 words and order
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        mulx	%r12, %rcx, %rax
+        addq	%rcx, %r8
+        adcq	%rax, %r9
+        mulx	%r14, %rcx, %rax
+        adcq	%rcx, %r10
+        adcq	%rax, %r11
+        mov	$0x00, %rsi
+        adcq	$0x00, %rsi
+        mulx	%r13, %rcx, %rax
+        addq	%rcx, %r9
+        adcq	%rax, %r10
+        mulx	%r15, %rcx, %rax
+        adcq	%rcx, %r11
+        adcq	%rax, %rsi
+        movq	$0xeb2106215d086329, %rdx
+        mulx	%r12, %rcx, %rax
+        addq	%rcx, %r9
+        adcq	%rax, %r10
+        mulx	%r14, %rcx, %rax
+        adcq	%rcx, %r11
+        adcq	%rax, %rsi
+        mov	$0x00, %rbx
+        adcq	$0x00, %rbx
+        mulx	%r13, %rcx, %rax
+        addq	%rcx, %r10
+        adcq	%rax, %r11
+        mulx	%r15, %rcx, %rax
+        adcq	%rcx, %rsi
+        adcq	%rax, %rbx
+        subq	%r12, %r10
+        movq	%rsi, %r12
+        sbbq	%r13, %r11
+        movq	%rbx, %r13
+        sbbq	%r14, %r12
+        sbbq	%r15, %r13
+        movq	%r13, %rax
+        sarq	$57, %rax
+        #   Conditionally subtract order starting at bit 125
+        movq	$0xa000000000000000, %rsi
+        movq	$0xcb024c634b9eba7d, %rbx
+        movq	$0x29bdf3bd45ef39a, %rbp
+        movq	$0x200000000000000, %rcx
+        andq	%rax, %rsi
+        andq	%rax, %rbx
+        andq	%rax, %rbp
+        andq	%rax, %rcx
+        addq	%rsi, %r9
+        adcq	%rbx, %r10
+        adcq	%rbp, %r11
+        adcq	$0x00, %r12
+        adcq	%rcx, %r13
+        #   Move bits 252-376 to own registers
+        movq	$0xfffffffffffffff, %rax
+        shldq	$4, %r12, %r13
+        shldq	$4, %r11, %r12
+        andq	%rax, %r11
+        # Sub product of top 2 words and order
+        #   * -5812631a5cf5d3ed
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        mulx	%r12, %rbp, %rax
+        movq	$0x00, %rsi
+        addq	%rbp, %r8
+        adcq	%rax, %r9
+        mulx	%r13, %rbp, %rax
+        adcq	$0x00, %rsi
+        addq	%rbp, %r9
+        adcq	%rax, %rsi
+        #   * -14def9dea2f79cd7
+        movq	$0xeb2106215d086329, %rdx
+        mulx	%r12, %rbp, %rax
+        movq	$0x00, %rbx
+        addq	%rbp, %r9
+        adcq	%rax, %r10
+        mulx	%r13, %rbp, %rax
+        adcq	$0x00, %rbx
+        addq	%rbp, %r10
+        adcq	%rax, %rbx
+        #   Add overflows at 2 * 64
+        movq	$0xfffffffffffffff, %rcx
+        andq	%rcx, %r11
+        addq	%rsi, %r10
+        adcq	%rbx, %r11
+        #   Subtract top at 2 * 64
+        subq	%r12, %r10
+        sbbq	%r13, %r11
+        sbbq	%rcx, %rcx
+        #   Conditional sub order
+        movq	$0x5812631a5cf5d3ed, %rsi
+        movq	$0x14def9dea2f79cd6, %rbx
+        movq	$0x1000000000000000, %rbp
+        andq	%rcx, %rsi
+        andq	%rcx, %rbx
+        andq	%rcx, %rbp
+        addq	%rsi, %r8
+        movq	$0xfffffffffffffff, %rsi
+        adcq	%rbx, %r9
+        adcq	$0x00, %r10
+        adcq	%rbp, %r11
+        andq	%rsi, %r11
+        # Store result
         movq	%r8, (%rdi)
         movq	%r9, 8(%rdi)
         movq	%r10, 16(%rdi)
         movq	%r11, 24(%rdi)
-        movq	%r12, (%rbp)
-        movq	%r13, 8(%rbp)
-        movq	%r14, 16(%rbp)
-        movq	%r15, 24(%rbp)
-        addq	$0x50, %rsp
+        popq	%rbp
+        popq	%rbx
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
+        repz retq
+#ifndef __APPLE__
+.size	sc_reduce_avx2,.-sc_reduce_avx2
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_muladd_avx2
+.type	sc_muladd_avx2,@function
+.align	16
+sc_muladd_avx2:
+#else
+.section	__TEXT,__text
+.globl	_sc_muladd_avx2
+.p2align	4
+_sc_muladd_avx2:
+#endif /* __APPLE__ */
+        pushq	%r12
+        pushq	%r13
+        pushq	%r14
+        pushq	%r15
+        pushq	%rbx
+        pushq	%rbp
+        movq	%rdx, %r8
+        movq	%rcx, %r9
+        # Multiply
+        # A[0] * B[0]
+        movq	(%r8), %rdx
+        mulxq	(%rsi), %r10, %r11
+        # A[2] * B[0]
+        mulxq	16(%rsi), %r12, %r13
+        # A[1] * B[0]
+        mulxq	8(%rsi), %rax, %rcx
+        xorq	%rbp, %rbp
+        adcxq	%rax, %r11
+        # A[3] * B[1]
+        movq	8(%r8), %rdx
+        mulxq	24(%rsi), %r14, %r15
+        adcxq	%rcx, %r12
+        # A[0] * B[1]
+        mulxq	(%rsi), %rax, %rcx
+        adoxq	%rax, %r11
+        # A[2] * B[1]
+        mulxq	16(%rsi), %rax, %rbx
+        adoxq	%rcx, %r12
+        adcxq	%rax, %r13
+        # A[1] * B[2]
+        movq	16(%r8), %rdx
+        mulxq	8(%rsi), %rax, %rcx
+        adcxq	%rbx, %r14
+        adoxq	%rax, %r13
+        adcxq	%rbp, %r15
+        adoxq	%rcx, %r14
+        # A[0] * B[2]
+        mulxq	(%rsi), %rax, %rcx
+        adoxq	%rbp, %r15
+        xorq	%rbx, %rbx
+        adcxq	%rax, %r12
+        # A[1] * B[1]
+        movq	8(%r8), %rdx
+        mulxq	8(%rsi), %rdx, %rax
+        adcxq	%rcx, %r13
+        adoxq	%rdx, %r12
+        # A[1] * B[3]
+        movq	24(%r8), %rdx
+        adoxq	%rax, %r13
+        mulxq	8(%rsi), %rax, %rcx
+        adcxq	%rax, %r14
+        # A[2] * B[2]
+        movq	16(%r8), %rdx
+        mulxq	16(%rsi), %rdx, %rax
+        adcxq	%rcx, %r15
+        adoxq	%rdx, %r14
+        # A[3] * B[3]
+        movq	24(%r8), %rdx
+        adoxq	%rax, %r15
+        mulxq	24(%rsi), %rax, %rcx
+        adoxq	%rbp, %rbx
+        adcxq	%rax, %rbx
+        # A[0] * B[3]
+        mulxq	(%rsi), %rdx, %rax
+        adcxq	%rcx, %rbp
+        xorq	%rcx, %rcx
+        adcxq	%rdx, %r13
+        # A[3] * B[0]
+        movq	24(%rsi), %rdx
+        adcxq	%rax, %r14
+        mulxq	(%r8), %rdx, %rax
+        adoxq	%rdx, %r13
+        adoxq	%rax, %r14
+        # A[3] * B[2]
+        movq	24(%rsi), %rdx
+        mulxq	16(%r8), %rdx, %rax
+        adcxq	%rdx, %r15
+        # A[2] * B[3]
+        movq	24(%r8), %rdx
+        adcxq	%rax, %rbx
+        mulxq	16(%rsi), %rax, %rdx
+        adcxq	%rcx, %rbp
+        adoxq	%rax, %r15
+        adoxq	%rdx, %rbx
+        adoxq	%rcx, %rbp
+        # Add c to a * b
+        addq	(%r9), %r10
+        adcq	8(%r9), %r11
+        adcq	16(%r9), %r12
+        adcq	24(%r9), %r13
+        adcq	$0x00, %r14
+        adcq	$0x00, %r15
+        adcq	$0x00, %rbx
+        adcq	$0x00, %rbp
+        movq	%rbp, %rax
+        movq	$0xfffffffffffffff, %rcx
+        shrq	$56, %rax
+        shldq	$4, %rbx, %rbp
+        shldq	$4, %r15, %rbx
+        shldq	$4, %r14, %r15
+        shldq	$4, %r13, %r14
+        andq	%rcx, %r13
+        andq	%rcx, %rbp
+        # Add order times bits 504..507
+        subq	%rax, %rbx
+        sbbq	$0x00, %rbp
+        movq	$0xeb2106215d086329, %rdx
+        mulxq	%rax, %rsi, %rcx
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        addq	%rsi, %r15
+        mulxq	%rax, %rsi, %r8
+        adcq	$0x00, %rcx
+        addq	%rsi, %r14
+        adcq	%r8, %r15
+        adcq	%rcx, %rbx
+        adcq	$0x00, %rbp
+        # Sub product of top 4 words and order
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        mulx	%r14, %rcx, %rax
+        addq	%rcx, %r10
+        adcq	%rax, %r11
+        mulx	%rbx, %rcx, %rax
+        adcq	%rcx, %r12
+        adcq	%rax, %r13
+        mov	$0x00, %rsi
+        adcq	$0x00, %rsi
+        mulx	%r15, %rcx, %rax
+        addq	%rcx, %r11
+        adcq	%rax, %r12
+        mulx	%rbp, %rcx, %rax
+        adcq	%rcx, %r13
+        adcq	%rax, %rsi
+        movq	$0xeb2106215d086329, %rdx
+        mulx	%r14, %rcx, %rax
+        addq	%rcx, %r11
+        adcq	%rax, %r12
+        mulx	%rbx, %rcx, %rax
+        adcq	%rcx, %r13
+        adcq	%rax, %rsi
+        mov	$0x00, %r8
+        adcq	$0x00, %r8
+        mulx	%r15, %rcx, %rax
+        addq	%rcx, %r12
+        adcq	%rax, %r13
+        mulx	%rbp, %rcx, %rax
+        adcq	%rcx, %rsi
+        adcq	%rax, %r8
+        subq	%r14, %r12
+        movq	%rsi, %r14
+        sbbq	%r15, %r13
+        movq	%r8, %r15
+        sbbq	%rbx, %r14
+        sbbq	%rbp, %r15
+        movq	%r15, %rax
+        sarq	$57, %rax
+        #   Conditionally subtract order starting at bit 125
+        movq	$0xa000000000000000, %rsi
+        movq	$0xcb024c634b9eba7d, %r8
+        movq	$0x29bdf3bd45ef39a, %r9
+        movq	$0x200000000000000, %rcx
+        andq	%rax, %rsi
+        andq	%rax, %r8
+        andq	%rax, %r9
+        andq	%rax, %rcx
+        addq	%rsi, %r11
+        adcq	%r8, %r12
+        adcq	%r9, %r13
+        adcq	$0x00, %r14
+        adcq	%rcx, %r15
+        #   Move bits 252-376 to own registers
+        movq	$0xfffffffffffffff, %rax
+        shldq	$4, %r14, %r15
+        shldq	$4, %r13, %r14
+        andq	%rax, %r13
+        # Sub product of top 2 words and order
+        #   * -5812631a5cf5d3ed
+        movq	$0xa7ed9ce5a30a2c13, %rdx
+        mulx	%r14, %r9, %rax
+        movq	$0x00, %rsi
+        addq	%r9, %r10
+        adcq	%rax, %r11
+        mulx	%r15, %r9, %rax
+        adcq	$0x00, %rsi
+        addq	%r9, %r11
+        adcq	%rax, %rsi
+        #   * -14def9dea2f79cd7
+        movq	$0xeb2106215d086329, %rdx
+        mulx	%r14, %r9, %rax
+        movq	$0x00, %r8
+        addq	%r9, %r11
+        adcq	%rax, %r12
+        mulx	%r15, %r9, %rax
+        adcq	$0x00, %r8
+        addq	%r9, %r12
+        adcq	%rax, %r8
+        #   Add overflows at 2 * 64
+        movq	$0xfffffffffffffff, %rcx
+        andq	%rcx, %r13
+        addq	%rsi, %r12
+        adcq	%r8, %r13
+        #   Subtract top at 2 * 64
+        subq	%r14, %r12
+        sbbq	%r15, %r13
+        sbbq	%rcx, %rcx
+        #   Conditional sub order
+        movq	$0x5812631a5cf5d3ed, %rsi
+        movq	$0x14def9dea2f79cd6, %r8
+        movq	$0x1000000000000000, %r9
+        andq	%rcx, %rsi
+        andq	%rcx, %r8
+        andq	%rcx, %r9
+        addq	%rsi, %r10
+        movq	$0xfffffffffffffff, %rsi
+        adcq	%r8, %r11
+        adcq	$0x00, %r12
+        adcq	%r9, %r13
+        andq	%rsi, %r13
+        # Store result
+        movq	%r10, (%rdi)
+        movq	%r11, 8(%rdi)
+        movq	%r12, 16(%rdi)
+        movq	%r13, 24(%rdi)
         popq	%rbp
         popq	%rbx
+        popq	%r15
+        popq	%r14
+        popq	%r13
+        popq	%r12
         repz retq
 #ifndef __APPLE__
-.size	fe_ge_sub_avx2,.-fe_ge_sub_avx2
+.size	sc_muladd_avx2,.-sc_muladd_avx2
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
 #endif /* HAVE_INTEL_AVX2 */
 
 #if defined(__linux__) && defined(__ELF__)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
index fbc1c1f3..7065b9af 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_448.c
@@ -648,62 +648,62 @@ void sc448_reduce(byte* b)
     o = d[ 6] >> 56; d[ 7] += o; d[ 6] = d[ 6] & 0xffffffffffffff;
 
     /* Convert to bytes */
-    b[ 0] = (d[0 ] >>  0);
-    b[ 1] = (d[0 ] >>  8);
-    b[ 2] = (d[0 ] >> 16);
-    b[ 3] = (d[0 ] >> 24);
-    b[ 4] = (d[0 ] >> 32);
-    b[ 5] = (d[0 ] >> 40);
-    b[ 6] = (d[0 ] >> 48);
-    b[ 7] = (d[1 ] >>  0);
-    b[ 8] = (d[1 ] >>  8);
-    b[ 9] = (d[1 ] >> 16);
-    b[10] = (d[1 ] >> 24);
-    b[11] = (d[1 ] >> 32);
-    b[12] = (d[1 ] >> 40);
-    b[13] = (d[1 ] >> 48);
-    b[14] = (d[2 ] >>  0);
-    b[15] = (d[2 ] >>  8);
-    b[16] = (d[2 ] >> 16);
-    b[17] = (d[2 ] >> 24);
-    b[18] = (d[2 ] >> 32);
-    b[19] = (d[2 ] >> 40);
-    b[20] = (d[2 ] >> 48);
-    b[21] = (d[3 ] >>  0);
-    b[22] = (d[3 ] >>  8);
-    b[23] = (d[3 ] >> 16);
-    b[24] = (d[3 ] >> 24);
-    b[25] = (d[3 ] >> 32);
-    b[26] = (d[3 ] >> 40);
-    b[27] = (d[3 ] >> 48);
-    b[28] = (d[4 ] >>  0);
-    b[29] = (d[4 ] >>  8);
-    b[30] = (d[4 ] >> 16);
-    b[31] = (d[4 ] >> 24);
-    b[32] = (d[4 ] >> 32);
-    b[33] = (d[4 ] >> 40);
-    b[34] = (d[4 ] >> 48);
-    b[35] = (d[5 ] >>  0);
-    b[36] = (d[5 ] >>  8);
-    b[37] = (d[5 ] >> 16);
-    b[38] = (d[5 ] >> 24);
-    b[39] = (d[5 ] >> 32);
-    b[40] = (d[5 ] >> 40);
-    b[41] = (d[5 ] >> 48);
-    b[42] = (d[6 ] >>  0);
-    b[43] = (d[6 ] >>  8);
-    b[44] = (d[6 ] >> 16);
-    b[45] = (d[6 ] >> 24);
-    b[46] = (d[6 ] >> 32);
-    b[47] = (d[6 ] >> 40);
-    b[48] = (d[6 ] >> 48);
-    b[49] = (d[7 ] >>  0);
-    b[50] = (d[7 ] >>  8);
-    b[51] = (d[7 ] >> 16);
-    b[52] = (d[7 ] >> 24);
-    b[53] = (d[7 ] >> 32);
-    b[54] = (d[7 ] >> 40);
-    b[55] = (d[7 ] >> 48);
+    b[ 0] = (byte)(d[0 ] >>  0);
+    b[ 1] = (byte)(d[0 ] >>  8);
+    b[ 2] = (byte)(d[0 ] >> 16);
+    b[ 3] = (byte)(d[0 ] >> 24);
+    b[ 4] = (byte)(d[0 ] >> 32);
+    b[ 5] = (byte)(d[0 ] >> 40);
+    b[ 6] = (byte)(d[0 ] >> 48);
+    b[ 7] = (byte)(d[1 ] >>  0);
+    b[ 8] = (byte)(d[1 ] >>  8);
+    b[ 9] = (byte)(d[1 ] >> 16);
+    b[10] = (byte)(d[1 ] >> 24);
+    b[11] = (byte)(d[1 ] >> 32);
+    b[12] = (byte)(d[1 ] >> 40);
+    b[13] = (byte)(d[1 ] >> 48);
+    b[14] = (byte)(d[2 ] >>  0);
+    b[15] = (byte)(d[2 ] >>  8);
+    b[16] = (byte)(d[2 ] >> 16);
+    b[17] = (byte)(d[2 ] >> 24);
+    b[18] = (byte)(d[2 ] >> 32);
+    b[19] = (byte)(d[2 ] >> 40);
+    b[20] = (byte)(d[2 ] >> 48);
+    b[21] = (byte)(d[3 ] >>  0);
+    b[22] = (byte)(d[3 ] >>  8);
+    b[23] = (byte)(d[3 ] >> 16);
+    b[24] = (byte)(d[3 ] >> 24);
+    b[25] = (byte)(d[3 ] >> 32);
+    b[26] = (byte)(d[3 ] >> 40);
+    b[27] = (byte)(d[3 ] >> 48);
+    b[28] = (byte)(d[4 ] >>  0);
+    b[29] = (byte)(d[4 ] >>  8);
+    b[30] = (byte)(d[4 ] >> 16);
+    b[31] = (byte)(d[4 ] >> 24);
+    b[32] = (byte)(d[4 ] >> 32);
+    b[33] = (byte)(d[4 ] >> 40);
+    b[34] = (byte)(d[4 ] >> 48);
+    b[35] = (byte)(d[5 ] >>  0);
+    b[36] = (byte)(d[5 ] >>  8);
+    b[37] = (byte)(d[5 ] >> 16);
+    b[38] = (byte)(d[5 ] >> 24);
+    b[39] = (byte)(d[5 ] >> 32);
+    b[40] = (byte)(d[5 ] >> 40);
+    b[41] = (byte)(d[5 ] >> 48);
+    b[42] = (byte)(d[6 ] >>  0);
+    b[43] = (byte)(d[6 ] >>  8);
+    b[44] = (byte)(d[6 ] >> 16);
+    b[45] = (byte)(d[6 ] >> 24);
+    b[46] = (byte)(d[6 ] >> 32);
+    b[47] = (byte)(d[6 ] >> 40);
+    b[48] = (byte)(d[6 ] >> 48);
+    b[49] = (byte)(d[7 ] >>  0);
+    b[50] = (byte)(d[7 ] >>  8);
+    b[51] = (byte)(d[7 ] >> 16);
+    b[52] = (byte)(d[7 ] >> 24);
+    b[53] = (byte)(d[7 ] >> 32);
+    b[54] = (byte)(d[7 ] >> 40);
+    b[55] = (byte)(d[7 ] >> 48);
     b[56] = 0;
 }
 
@@ -894,70 +894,70 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
            |  ((sword64) (d[55]) << 48);
 
     /* a * b + d */
-    t[ 0] =  dd[ 0] + (sword128)ad[ 0] * bd[ 0];
-    t[ 1] =  dd[ 1] + (sword128)ad[ 0] * bd[ 1]
-                    + (sword128)ad[ 1] * bd[ 0];
-    t[ 2] =  dd[ 2] + (sword128)ad[ 0] * bd[ 2]
-                    + (sword128)ad[ 1] * bd[ 1]
-                    + (sword128)ad[ 2] * bd[ 0];
-    t[ 3] =  dd[ 3] + (sword128)ad[ 0] * bd[ 3]
-                    + (sword128)ad[ 1] * bd[ 2]
-                    + (sword128)ad[ 2] * bd[ 1]
-                    + (sword128)ad[ 3] * bd[ 0];
-    t[ 4] =  dd[ 4] + (sword128)ad[ 0] * bd[ 4]
-                    + (sword128)ad[ 1] * bd[ 3]
-                    + (sword128)ad[ 2] * bd[ 2]
-                    + (sword128)ad[ 3] * bd[ 1]
-                    + (sword128)ad[ 4] * bd[ 0];
-    t[ 5] =  dd[ 5] + (sword128)ad[ 0] * bd[ 5]
-                    + (sword128)ad[ 1] * bd[ 4]
-                    + (sword128)ad[ 2] * bd[ 3]
-                    + (sword128)ad[ 3] * bd[ 2]
-                    + (sword128)ad[ 4] * bd[ 1]
-                    + (sword128)ad[ 5] * bd[ 0];
-    t[ 6] =  dd[ 6] + (sword128)ad[ 0] * bd[ 6]
-                    + (sword128)ad[ 1] * bd[ 5]
-                    + (sword128)ad[ 2] * bd[ 4]
-                    + (sword128)ad[ 3] * bd[ 3]
-                    + (sword128)ad[ 4] * bd[ 2]
-                    + (sword128)ad[ 5] * bd[ 1]
-                    + (sword128)ad[ 6] * bd[ 0];
-    t[ 7] =  dd[ 7] + (sword128)ad[ 0] * bd[ 7]
-                    + (sword128)ad[ 1] * bd[ 6]
-                    + (sword128)ad[ 2] * bd[ 5]
-                    + (sword128)ad[ 3] * bd[ 4]
-                    + (sword128)ad[ 4] * bd[ 3]
-                    + (sword128)ad[ 5] * bd[ 2]
-                    + (sword128)ad[ 6] * bd[ 1]
-                    + (sword128)ad[ 7] * bd[ 0];
-    t[ 8] =           (sword128)ad[ 1] * bd[ 7]
-                    + (sword128)ad[ 2] * bd[ 6]
-                    + (sword128)ad[ 3] * bd[ 5]
-                    + (sword128)ad[ 4] * bd[ 4]
-                    + (sword128)ad[ 5] * bd[ 3]
-                    + (sword128)ad[ 6] * bd[ 2]
-                    + (sword128)ad[ 7] * bd[ 1];
-    t[ 9] =           (sword128)ad[ 2] * bd[ 7]
-                    + (sword128)ad[ 3] * bd[ 6]
-                    + (sword128)ad[ 4] * bd[ 5]
-                    + (sword128)ad[ 5] * bd[ 4]
-                    + (sword128)ad[ 6] * bd[ 3]
-                    + (sword128)ad[ 7] * bd[ 2];
-    t[10] =           (sword128)ad[ 3] * bd[ 7]
-                    + (sword128)ad[ 4] * bd[ 6]
-                    + (sword128)ad[ 5] * bd[ 5]
-                    + (sword128)ad[ 6] * bd[ 4]
-                    + (sword128)ad[ 7] * bd[ 3];
-    t[11] =           (sword128)ad[ 4] * bd[ 7]
-                    + (sword128)ad[ 5] * bd[ 6]
-                    + (sword128)ad[ 6] * bd[ 5]
-                    + (sword128)ad[ 7] * bd[ 4];
-    t[12] =           (sword128)ad[ 5] * bd[ 7]
-                    + (sword128)ad[ 6] * bd[ 6]
-                    + (sword128)ad[ 7] * bd[ 5];
-    t[13] =           (sword128)ad[ 6] * bd[ 7]
-                    + (sword128)ad[ 7] * bd[ 6];
-    t[14] =           (sword128)ad[ 7] * bd[ 7];
+    t[ 0] = (word128)dd[ 0] + (sword128)ad[ 0] * bd[ 0];
+    t[ 1] = (word128)dd[ 1] + (sword128)ad[ 0] * bd[ 1]
+                            + (sword128)ad[ 1] * bd[ 0];
+    t[ 2] = (word128)dd[ 2] + (sword128)ad[ 0] * bd[ 2]
+                            + (sword128)ad[ 1] * bd[ 1]
+                            + (sword128)ad[ 2] * bd[ 0];
+    t[ 3] = (word128)dd[ 3] + (sword128)ad[ 0] * bd[ 3]
+                            + (sword128)ad[ 1] * bd[ 2]
+                            + (sword128)ad[ 2] * bd[ 1]
+                            + (sword128)ad[ 3] * bd[ 0];
+    t[ 4] = (word128)dd[ 4] + (sword128)ad[ 0] * bd[ 4]
+                            + (sword128)ad[ 1] * bd[ 3]
+                            + (sword128)ad[ 2] * bd[ 2]
+                            + (sword128)ad[ 3] * bd[ 1]
+                            + (sword128)ad[ 4] * bd[ 0];
+    t[ 5] = (word128)dd[ 5] + (sword128)ad[ 0] * bd[ 5]
+                            + (sword128)ad[ 1] * bd[ 4]
+                            + (sword128)ad[ 2] * bd[ 3]
+                            + (sword128)ad[ 3] * bd[ 2]
+                            + (sword128)ad[ 4] * bd[ 1]
+                            + (sword128)ad[ 5] * bd[ 0];
+    t[ 6] = (word128)dd[ 6] + (sword128)ad[ 0] * bd[ 6]
+                            + (sword128)ad[ 1] * bd[ 5]
+                            + (sword128)ad[ 2] * bd[ 4]
+                            + (sword128)ad[ 3] * bd[ 3]
+                            + (sword128)ad[ 4] * bd[ 2]
+                            + (sword128)ad[ 5] * bd[ 1]
+                            + (sword128)ad[ 6] * bd[ 0];
+    t[ 7] = (word128)dd[ 7] + (sword128)ad[ 0] * bd[ 7]
+                            + (sword128)ad[ 1] * bd[ 6]
+                            + (sword128)ad[ 2] * bd[ 5]
+                            + (sword128)ad[ 3] * bd[ 4]
+                            + (sword128)ad[ 4] * bd[ 3]
+                            + (sword128)ad[ 5] * bd[ 2]
+                            + (sword128)ad[ 6] * bd[ 1]
+                            + (sword128)ad[ 7] * bd[ 0];
+    t[ 8] = (word128)          (sword128)ad[ 1] * bd[ 7]
+                            + (sword128)ad[ 2] * bd[ 6]
+                            + (sword128)ad[ 3] * bd[ 5]
+                            + (sword128)ad[ 4] * bd[ 4]
+                            + (sword128)ad[ 5] * bd[ 3]
+                            + (sword128)ad[ 6] * bd[ 2]
+                            + (sword128)ad[ 7] * bd[ 1];
+    t[ 9] = (word128)          (sword128)ad[ 2] * bd[ 7]
+                            + (sword128)ad[ 3] * bd[ 6]
+                            + (sword128)ad[ 4] * bd[ 5]
+                            + (sword128)ad[ 5] * bd[ 4]
+                            + (sword128)ad[ 6] * bd[ 3]
+                            + (sword128)ad[ 7] * bd[ 2];
+    t[10] = (word128)          (sword128)ad[ 3] * bd[ 7]
+                            + (sword128)ad[ 4] * bd[ 6]
+                            + (sword128)ad[ 5] * bd[ 5]
+                            + (sword128)ad[ 6] * bd[ 4]
+                            + (sword128)ad[ 7] * bd[ 3];
+    t[11] = (word128)          (sword128)ad[ 4] * bd[ 7]
+                            + (sword128)ad[ 5] * bd[ 6]
+                            + (sword128)ad[ 6] * bd[ 5]
+                            + (sword128)ad[ 7] * bd[ 4];
+    t[12] = (word128)          (sword128)ad[ 5] * bd[ 7]
+                            + (sword128)ad[ 6] * bd[ 6]
+                            + (sword128)ad[ 7] * bd[ 5];
+    t[13] = (word128)          (sword128)ad[ 6] * bd[ 7]
+                            + (sword128)ad[ 7] * bd[ 6];
+    t[14] = (word128)          (sword128)ad[ 7] * bd[ 7];
     t[15] = 0;
 
     /* Mod curve order */
@@ -1045,62 +1045,62 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
     o = rd[ 6] >> 56; rd[ 7] += o; rd[ 6] = rd[ 6] & 0xffffffffffffff;
 
     /* Convert to bytes */
-    r[ 0] = (rd[0 ] >>  0);
-    r[ 1] = (rd[0 ] >>  8);
-    r[ 2] = (rd[0 ] >> 16);
-    r[ 3] = (rd[0 ] >> 24);
-    r[ 4] = (rd[0 ] >> 32);
-    r[ 5] = (rd[0 ] >> 40);
-    r[ 6] = (rd[0 ] >> 48);
-    r[ 7] = (rd[1 ] >>  0);
-    r[ 8] = (rd[1 ] >>  8);
-    r[ 9] = (rd[1 ] >> 16);
-    r[10] = (rd[1 ] >> 24);
-    r[11] = (rd[1 ] >> 32);
-    r[12] = (rd[1 ] >> 40);
-    r[13] = (rd[1 ] >> 48);
-    r[14] = (rd[2 ] >>  0);
-    r[15] = (rd[2 ] >>  8);
-    r[16] = (rd[2 ] >> 16);
-    r[17] = (rd[2 ] >> 24);
-    r[18] = (rd[2 ] >> 32);
-    r[19] = (rd[2 ] >> 40);
-    r[20] = (rd[2 ] >> 48);
-    r[21] = (rd[3 ] >>  0);
-    r[22] = (rd[3 ] >>  8);
-    r[23] = (rd[3 ] >> 16);
-    r[24] = (rd[3 ] >> 24);
-    r[25] = (rd[3 ] >> 32);
-    r[26] = (rd[3 ] >> 40);
-    r[27] = (rd[3 ] >> 48);
-    r[28] = (rd[4 ] >>  0);
-    r[29] = (rd[4 ] >>  8);
-    r[30] = (rd[4 ] >> 16);
-    r[31] = (rd[4 ] >> 24);
-    r[32] = (rd[4 ] >> 32);
-    r[33] = (rd[4 ] >> 40);
-    r[34] = (rd[4 ] >> 48);
-    r[35] = (rd[5 ] >>  0);
-    r[36] = (rd[5 ] >>  8);
-    r[37] = (rd[5 ] >> 16);
-    r[38] = (rd[5 ] >> 24);
-    r[39] = (rd[5 ] >> 32);
-    r[40] = (rd[5 ] >> 40);
-    r[41] = (rd[5 ] >> 48);
-    r[42] = (rd[6 ] >>  0);
-    r[43] = (rd[6 ] >>  8);
-    r[44] = (rd[6 ] >> 16);
-    r[45] = (rd[6 ] >> 24);
-    r[46] = (rd[6 ] >> 32);
-    r[47] = (rd[6 ] >> 40);
-    r[48] = (rd[6 ] >> 48);
-    r[49] = (rd[7 ] >>  0);
-    r[50] = (rd[7 ] >>  8);
-    r[51] = (rd[7 ] >> 16);
-    r[52] = (rd[7 ] >> 24);
-    r[53] = (rd[7 ] >> 32);
-    r[54] = (rd[7 ] >> 40);
-    r[55] = (rd[7 ] >> 48);
+    r[ 0] = (byte)(rd[0 ] >>  0);
+    r[ 1] = (byte)(rd[0 ] >>  8);
+    r[ 2] = (byte)(rd[0 ] >> 16);
+    r[ 3] = (byte)(rd[0 ] >> 24);
+    r[ 4] = (byte)(rd[0 ] >> 32);
+    r[ 5] = (byte)(rd[0 ] >> 40);
+    r[ 6] = (byte)(rd[0 ] >> 48);
+    r[ 7] = (byte)(rd[1 ] >>  0);
+    r[ 8] = (byte)(rd[1 ] >>  8);
+    r[ 9] = (byte)(rd[1 ] >> 16);
+    r[10] = (byte)(rd[1 ] >> 24);
+    r[11] = (byte)(rd[1 ] >> 32);
+    r[12] = (byte)(rd[1 ] >> 40);
+    r[13] = (byte)(rd[1 ] >> 48);
+    r[14] = (byte)(rd[2 ] >>  0);
+    r[15] = (byte)(rd[2 ] >>  8);
+    r[16] = (byte)(rd[2 ] >> 16);
+    r[17] = (byte)(rd[2 ] >> 24);
+    r[18] = (byte)(rd[2 ] >> 32);
+    r[19] = (byte)(rd[2 ] >> 40);
+    r[20] = (byte)(rd[2 ] >> 48);
+    r[21] = (byte)(rd[3 ] >>  0);
+    r[22] = (byte)(rd[3 ] >>  8);
+    r[23] = (byte)(rd[3 ] >> 16);
+    r[24] = (byte)(rd[3 ] >> 24);
+    r[25] = (byte)(rd[3 ] >> 32);
+    r[26] = (byte)(rd[3 ] >> 40);
+    r[27] = (byte)(rd[3 ] >> 48);
+    r[28] = (byte)(rd[4 ] >>  0);
+    r[29] = (byte)(rd[4 ] >>  8);
+    r[30] = (byte)(rd[4 ] >> 16);
+    r[31] = (byte)(rd[4 ] >> 24);
+    r[32] = (byte)(rd[4 ] >> 32);
+    r[33] = (byte)(rd[4 ] >> 40);
+    r[34] = (byte)(rd[4 ] >> 48);
+    r[35] = (byte)(rd[5 ] >>  0);
+    r[36] = (byte)(rd[5 ] >>  8);
+    r[37] = (byte)(rd[5 ] >> 16);
+    r[38] = (byte)(rd[5 ] >> 24);
+    r[39] = (byte)(rd[5 ] >> 32);
+    r[40] = (byte)(rd[5 ] >> 40);
+    r[41] = (byte)(rd[5 ] >> 48);
+    r[42] = (byte)(rd[6 ] >>  0);
+    r[43] = (byte)(rd[6 ] >>  8);
+    r[44] = (byte)(rd[6 ] >> 16);
+    r[45] = (byte)(rd[6 ] >> 24);
+    r[46] = (byte)(rd[6 ] >> 32);
+    r[47] = (byte)(rd[6 ] >> 40);
+    r[48] = (byte)(rd[6 ] >> 48);
+    r[49] = (byte)(rd[7 ] >>  0);
+    r[50] = (byte)(rd[7 ] >>  8);
+    r[51] = (byte)(rd[7 ] >> 16);
+    r[52] = (byte)(rd[7 ] >> 24);
+    r[53] = (byte)(rd[7 ] >> 32);
+    r[54] = (byte)(rd[7 ] >> 40);
+    r[55] = (byte)(rd[7 ] >> 48);
     r[56] = 0;
 }
 
@@ -5449,62 +5449,62 @@ void sc448_reduce(byte* b)
     o = d[14] >> 28; d[15] += o; d[14] = d[14] & 0xfffffff;
 
     /* Convert to bytes */
-    b[ 0] = (d[0 ] >>  0);
-    b[ 1] = (d[0 ] >>  8);
-    b[ 2] = (d[0 ] >> 16);
-    b[ 3] = (d[0 ] >> 24) + ((d[1 ] >>  0) <<  4);
-    b[ 4] = (d[1 ] >>  4);
-    b[ 5] = (d[1 ] >> 12);
-    b[ 6] = (d[1 ] >> 20);
-    b[ 7] = (d[2 ] >>  0);
-    b[ 8] = (d[2 ] >>  8);
-    b[ 9] = (d[2 ] >> 16);
-    b[10] = (d[2 ] >> 24) + ((d[3 ] >>  0) <<  4);
-    b[11] = (d[3 ] >>  4);
-    b[12] = (d[3 ] >> 12);
-    b[13] = (d[3 ] >> 20);
-    b[14] = (d[4 ] >>  0);
-    b[15] = (d[4 ] >>  8);
-    b[16] = (d[4 ] >> 16);
-    b[17] = (d[4 ] >> 24) + ((d[5 ] >>  0) <<  4);
-    b[18] = (d[5 ] >>  4);
-    b[19] = (d[5 ] >> 12);
-    b[20] = (d[5 ] >> 20);
-    b[21] = (d[6 ] >>  0);
-    b[22] = (d[6 ] >>  8);
-    b[23] = (d[6 ] >> 16);
-    b[24] = (d[6 ] >> 24) + ((d[7 ] >>  0) <<  4);
-    b[25] = (d[7 ] >>  4);
-    b[26] = (d[7 ] >> 12);
-    b[27] = (d[7 ] >> 20);
-    b[28] = (d[8 ] >>  0);
-    b[29] = (d[8 ] >>  8);
-    b[30] = (d[8 ] >> 16);
-    b[31] = (d[8 ] >> 24) + ((d[9 ] >>  0) <<  4);
-    b[32] = (d[9 ] >>  4);
-    b[33] = (d[9 ] >> 12);
-    b[34] = (d[9 ] >> 20);
-    b[35] = (d[10] >>  0);
-    b[36] = (d[10] >>  8);
-    b[37] = (d[10] >> 16);
-    b[38] = (d[10] >> 24) + ((d[11] >>  0) <<  4);
-    b[39] = (d[11] >>  4);
-    b[40] = (d[11] >> 12);
-    b[41] = (d[11] >> 20);
-    b[42] = (d[12] >>  0);
-    b[43] = (d[12] >>  8);
-    b[44] = (d[12] >> 16);
-    b[45] = (d[12] >> 24) + ((d[13] >>  0) <<  4);
-    b[46] = (d[13] >>  4);
-    b[47] = (d[13] >> 12);
-    b[48] = (d[13] >> 20);
-    b[49] = (d[14] >>  0);
-    b[50] = (d[14] >>  8);
-    b[51] = (d[14] >> 16);
-    b[52] = (d[14] >> 24) + ((d[15] >>  0) <<  4);
-    b[53] = (d[15] >>  4);
-    b[54] = (d[15] >> 12);
-    b[55] = (d[15] >> 20);
+    b[ 0] = (byte)(d[0 ] >>  0);
+    b[ 1] = (byte)(d[0 ] >>  8);
+    b[ 2] = (byte)(d[0 ] >> 16);
+    b[ 3] = (byte)(d[0 ] >> 24) + ((d[1 ] >>  0) <<  4);
+    b[ 4] = (byte)(d[1 ] >>  4);
+    b[ 5] = (byte)(d[1 ] >> 12);
+    b[ 6] = (byte)(d[1 ] >> 20);
+    b[ 7] = (byte)(d[2 ] >>  0);
+    b[ 8] = (byte)(d[2 ] >>  8);
+    b[ 9] = (byte)(d[2 ] >> 16);
+    b[10] = (byte)(d[2 ] >> 24) + ((d[3 ] >>  0) <<  4);
+    b[11] = (byte)(d[3 ] >>  4);
+    b[12] = (byte)(d[3 ] >> 12);
+    b[13] = (byte)(d[3 ] >> 20);
+    b[14] = (byte)(d[4 ] >>  0);
+    b[15] = (byte)(d[4 ] >>  8);
+    b[16] = (byte)(d[4 ] >> 16);
+    b[17] = (byte)(d[4 ] >> 24) + ((d[5 ] >>  0) <<  4);
+    b[18] = (byte)(d[5 ] >>  4);
+    b[19] = (byte)(d[5 ] >> 12);
+    b[20] = (byte)(d[5 ] >> 20);
+    b[21] = (byte)(d[6 ] >>  0);
+    b[22] = (byte)(d[6 ] >>  8);
+    b[23] = (byte)(d[6 ] >> 16);
+    b[24] = (byte)(d[6 ] >> 24) + ((d[7 ] >>  0) <<  4);
+    b[25] = (byte)(d[7 ] >>  4);
+    b[26] = (byte)(d[7 ] >> 12);
+    b[27] = (byte)(d[7 ] >> 20);
+    b[28] = (byte)(d[8 ] >>  0);
+    b[29] = (byte)(d[8 ] >>  8);
+    b[30] = (byte)(d[8 ] >> 16);
+    b[31] = (byte)(d[8 ] >> 24) + ((d[9 ] >>  0) <<  4);
+    b[32] = (byte)(d[9 ] >>  4);
+    b[33] = (byte)(d[9 ] >> 12);
+    b[34] = (byte)(d[9 ] >> 20);
+    b[35] = (byte)(d[10] >>  0);
+    b[36] = (byte)(d[10] >>  8);
+    b[37] = (byte)(d[10] >> 16);
+    b[38] = (byte)(d[10] >> 24) + ((d[11] >>  0) <<  4);
+    b[39] = (byte)(d[11] >>  4);
+    b[40] = (byte)(d[11] >> 12);
+    b[41] = (byte)(d[11] >> 20);
+    b[42] = (byte)(d[12] >>  0);
+    b[43] = (byte)(d[12] >>  8);
+    b[44] = (byte)(d[12] >> 16);
+    b[45] = (byte)(d[12] >> 24) + ((d[13] >>  0) <<  4);
+    b[46] = (byte)(d[13] >>  4);
+    b[47] = (byte)(d[13] >> 12);
+    b[48] = (byte)(d[13] >> 20);
+    b[49] = (byte)(d[14] >>  0);
+    b[50] = (byte)(d[14] >>  8);
+    b[51] = (byte)(d[14] >> 16);
+    b[52] = (byte)(d[14] >> 24) + ((d[15] >>  0) <<  4);
+    b[53] = (byte)(d[15] >>  4);
+    b[54] = (byte)(d[15] >> 12);
+    b[55] = (byte)(d[15] >> 20);
     b[56] = 0;
 }
 
@@ -5719,262 +5719,262 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
            |  (((sword32)((d[55]        ) >>  0)) << 20);
 
     /* a * b + d */
-    t[ 0] =  dd[ 0] + (sword64)ad[ 0] * bd[ 0];
-    t[ 1] =  dd[ 1] + (sword64)ad[ 0] * bd[ 1]
-                    + (sword64)ad[ 1] * bd[ 0];
-    t[ 2] =  dd[ 2] + (sword64)ad[ 0] * bd[ 2]
-                    + (sword64)ad[ 1] * bd[ 1]
-                    + (sword64)ad[ 2] * bd[ 0];
-    t[ 3] =  dd[ 3] + (sword64)ad[ 0] * bd[ 3]
-                    + (sword64)ad[ 1] * bd[ 2]
-                    + (sword64)ad[ 2] * bd[ 1]
-                    + (sword64)ad[ 3] * bd[ 0];
-    t[ 4] =  dd[ 4] + (sword64)ad[ 0] * bd[ 4]
-                    + (sword64)ad[ 1] * bd[ 3]
-                    + (sword64)ad[ 2] * bd[ 2]
-                    + (sword64)ad[ 3] * bd[ 1]
-                    + (sword64)ad[ 4] * bd[ 0];
-    t[ 5] =  dd[ 5] + (sword64)ad[ 0] * bd[ 5]
-                    + (sword64)ad[ 1] * bd[ 4]
-                    + (sword64)ad[ 2] * bd[ 3]
-                    + (sword64)ad[ 3] * bd[ 2]
-                    + (sword64)ad[ 4] * bd[ 1]
-                    + (sword64)ad[ 5] * bd[ 0];
-    t[ 6] =  dd[ 6] + (sword64)ad[ 0] * bd[ 6]
-                    + (sword64)ad[ 1] * bd[ 5]
-                    + (sword64)ad[ 2] * bd[ 4]
-                    + (sword64)ad[ 3] * bd[ 3]
-                    + (sword64)ad[ 4] * bd[ 2]
-                    + (sword64)ad[ 5] * bd[ 1]
-                    + (sword64)ad[ 6] * bd[ 0];
-    t[ 7] =  dd[ 7] + (sword64)ad[ 0] * bd[ 7]
-                    + (sword64)ad[ 1] * bd[ 6]
-                    + (sword64)ad[ 2] * bd[ 5]
-                    + (sword64)ad[ 3] * bd[ 4]
-                    + (sword64)ad[ 4] * bd[ 3]
-                    + (sword64)ad[ 5] * bd[ 2]
-                    + (sword64)ad[ 6] * bd[ 1]
-                    + (sword64)ad[ 7] * bd[ 0];
-    t[ 8] =  dd[ 8] + (sword64)ad[ 0] * bd[ 8]
-                    + (sword64)ad[ 1] * bd[ 7]
-                    + (sword64)ad[ 2] * bd[ 6]
-                    + (sword64)ad[ 3] * bd[ 5]
-                    + (sword64)ad[ 4] * bd[ 4]
-                    + (sword64)ad[ 5] * bd[ 3]
-                    + (sword64)ad[ 6] * bd[ 2]
-                    + (sword64)ad[ 7] * bd[ 1]
-                    + (sword64)ad[ 8] * bd[ 0];
-    t[ 9] =  dd[ 9] + (sword64)ad[ 0] * bd[ 9]
-                    + (sword64)ad[ 1] * bd[ 8]
-                    + (sword64)ad[ 2] * bd[ 7]
-                    + (sword64)ad[ 3] * bd[ 6]
-                    + (sword64)ad[ 4] * bd[ 5]
-                    + (sword64)ad[ 5] * bd[ 4]
-                    + (sword64)ad[ 6] * bd[ 3]
-                    + (sword64)ad[ 7] * bd[ 2]
-                    + (sword64)ad[ 8] * bd[ 1]
-                    + (sword64)ad[ 9] * bd[ 0];
-    t[10] =  dd[10] + (sword64)ad[ 0] * bd[10]
-                    + (sword64)ad[ 1] * bd[ 9]
-                    + (sword64)ad[ 2] * bd[ 8]
-                    + (sword64)ad[ 3] * bd[ 7]
-                    + (sword64)ad[ 4] * bd[ 6]
-                    + (sword64)ad[ 5] * bd[ 5]
-                    + (sword64)ad[ 6] * bd[ 4]
-                    + (sword64)ad[ 7] * bd[ 3]
-                    + (sword64)ad[ 8] * bd[ 2]
-                    + (sword64)ad[ 9] * bd[ 1]
-                    + (sword64)ad[10] * bd[ 0];
-    t[11] =  dd[11] + (sword64)ad[ 0] * bd[11]
-                    + (sword64)ad[ 1] * bd[10]
-                    + (sword64)ad[ 2] * bd[ 9]
-                    + (sword64)ad[ 3] * bd[ 8]
-                    + (sword64)ad[ 4] * bd[ 7]
-                    + (sword64)ad[ 5] * bd[ 6]
-                    + (sword64)ad[ 6] * bd[ 5]
-                    + (sword64)ad[ 7] * bd[ 4]
-                    + (sword64)ad[ 8] * bd[ 3]
-                    + (sword64)ad[ 9] * bd[ 2]
-                    + (sword64)ad[10] * bd[ 1]
-                    + (sword64)ad[11] * bd[ 0];
-    t[12] =  dd[12] + (sword64)ad[ 0] * bd[12]
-                    + (sword64)ad[ 1] * bd[11]
-                    + (sword64)ad[ 2] * bd[10]
-                    + (sword64)ad[ 3] * bd[ 9]
-                    + (sword64)ad[ 4] * bd[ 8]
-                    + (sword64)ad[ 5] * bd[ 7]
-                    + (sword64)ad[ 6] * bd[ 6]
-                    + (sword64)ad[ 7] * bd[ 5]
-                    + (sword64)ad[ 8] * bd[ 4]
-                    + (sword64)ad[ 9] * bd[ 3]
-                    + (sword64)ad[10] * bd[ 2]
-                    + (sword64)ad[11] * bd[ 1]
-                    + (sword64)ad[12] * bd[ 0];
-    t[13] =  dd[13] + (sword64)ad[ 0] * bd[13]
-                    + (sword64)ad[ 1] * bd[12]
-                    + (sword64)ad[ 2] * bd[11]
-                    + (sword64)ad[ 3] * bd[10]
-                    + (sword64)ad[ 4] * bd[ 9]
-                    + (sword64)ad[ 5] * bd[ 8]
-                    + (sword64)ad[ 6] * bd[ 7]
-                    + (sword64)ad[ 7] * bd[ 6]
-                    + (sword64)ad[ 8] * bd[ 5]
-                    + (sword64)ad[ 9] * bd[ 4]
-                    + (sword64)ad[10] * bd[ 3]
-                    + (sword64)ad[11] * bd[ 2]
-                    + (sword64)ad[12] * bd[ 1]
-                    + (sword64)ad[13] * bd[ 0];
-    t[14] =  dd[14] + (sword64)ad[ 0] * bd[14]
-                    + (sword64)ad[ 1] * bd[13]
-                    + (sword64)ad[ 2] * bd[12]
-                    + (sword64)ad[ 3] * bd[11]
-                    + (sword64)ad[ 4] * bd[10]
-                    + (sword64)ad[ 5] * bd[ 9]
-                    + (sword64)ad[ 6] * bd[ 8]
-                    + (sword64)ad[ 7] * bd[ 7]
-                    + (sword64)ad[ 8] * bd[ 6]
-                    + (sword64)ad[ 9] * bd[ 5]
-                    + (sword64)ad[10] * bd[ 4]
-                    + (sword64)ad[11] * bd[ 3]
-                    + (sword64)ad[12] * bd[ 2]
-                    + (sword64)ad[13] * bd[ 1]
-                    + (sword64)ad[14] * bd[ 0];
-    t[15] =  dd[15] + (sword64)ad[ 0] * bd[15]
-                    + (sword64)ad[ 1] * bd[14]
-                    + (sword64)ad[ 2] * bd[13]
-                    + (sword64)ad[ 3] * bd[12]
-                    + (sword64)ad[ 4] * bd[11]
-                    + (sword64)ad[ 5] * bd[10]
-                    + (sword64)ad[ 6] * bd[ 9]
-                    + (sword64)ad[ 7] * bd[ 8]
-                    + (sword64)ad[ 8] * bd[ 7]
-                    + (sword64)ad[ 9] * bd[ 6]
-                    + (sword64)ad[10] * bd[ 5]
-                    + (sword64)ad[11] * bd[ 4]
-                    + (sword64)ad[12] * bd[ 3]
-                    + (sword64)ad[13] * bd[ 2]
-                    + (sword64)ad[14] * bd[ 1]
-                    + (sword64)ad[15] * bd[ 0];
-    t[16] =           (sword64)ad[ 1] * bd[15]
-                    + (sword64)ad[ 2] * bd[14]
-                    + (sword64)ad[ 3] * bd[13]
-                    + (sword64)ad[ 4] * bd[12]
-                    + (sword64)ad[ 5] * bd[11]
-                    + (sword64)ad[ 6] * bd[10]
-                    + (sword64)ad[ 7] * bd[ 9]
-                    + (sword64)ad[ 8] * bd[ 8]
-                    + (sword64)ad[ 9] * bd[ 7]
-                    + (sword64)ad[10] * bd[ 6]
-                    + (sword64)ad[11] * bd[ 5]
-                    + (sword64)ad[12] * bd[ 4]
-                    + (sword64)ad[13] * bd[ 3]
-                    + (sword64)ad[14] * bd[ 2]
-                    + (sword64)ad[15] * bd[ 1];
-    t[17] =           (sword64)ad[ 2] * bd[15]
-                    + (sword64)ad[ 3] * bd[14]
-                    + (sword64)ad[ 4] * bd[13]
-                    + (sword64)ad[ 5] * bd[12]
-                    + (sword64)ad[ 6] * bd[11]
-                    + (sword64)ad[ 7] * bd[10]
-                    + (sword64)ad[ 8] * bd[ 9]
-                    + (sword64)ad[ 9] * bd[ 8]
-                    + (sword64)ad[10] * bd[ 7]
-                    + (sword64)ad[11] * bd[ 6]
-                    + (sword64)ad[12] * bd[ 5]
-                    + (sword64)ad[13] * bd[ 4]
-                    + (sword64)ad[14] * bd[ 3]
-                    + (sword64)ad[15] * bd[ 2];
-    t[18] =           (sword64)ad[ 3] * bd[15]
-                    + (sword64)ad[ 4] * bd[14]
-                    + (sword64)ad[ 5] * bd[13]
-                    + (sword64)ad[ 6] * bd[12]
-                    + (sword64)ad[ 7] * bd[11]
-                    + (sword64)ad[ 8] * bd[10]
-                    + (sword64)ad[ 9] * bd[ 9]
-                    + (sword64)ad[10] * bd[ 8]
-                    + (sword64)ad[11] * bd[ 7]
-                    + (sword64)ad[12] * bd[ 6]
-                    + (sword64)ad[13] * bd[ 5]
-                    + (sword64)ad[14] * bd[ 4]
-                    + (sword64)ad[15] * bd[ 3];
-    t[19] =           (sword64)ad[ 4] * bd[15]
-                    + (sword64)ad[ 5] * bd[14]
-                    + (sword64)ad[ 6] * bd[13]
-                    + (sword64)ad[ 7] * bd[12]
-                    + (sword64)ad[ 8] * bd[11]
-                    + (sword64)ad[ 9] * bd[10]
-                    + (sword64)ad[10] * bd[ 9]
-                    + (sword64)ad[11] * bd[ 8]
-                    + (sword64)ad[12] * bd[ 7]
-                    + (sword64)ad[13] * bd[ 6]
-                    + (sword64)ad[14] * bd[ 5]
-                    + (sword64)ad[15] * bd[ 4];
-    t[20] =           (sword64)ad[ 5] * bd[15]
-                    + (sword64)ad[ 6] * bd[14]
-                    + (sword64)ad[ 7] * bd[13]
-                    + (sword64)ad[ 8] * bd[12]
-                    + (sword64)ad[ 9] * bd[11]
-                    + (sword64)ad[10] * bd[10]
-                    + (sword64)ad[11] * bd[ 9]
-                    + (sword64)ad[12] * bd[ 8]
-                    + (sword64)ad[13] * bd[ 7]
-                    + (sword64)ad[14] * bd[ 6]
-                    + (sword64)ad[15] * bd[ 5];
-    t[21] =           (sword64)ad[ 6] * bd[15]
-                    + (sword64)ad[ 7] * bd[14]
-                    + (sword64)ad[ 8] * bd[13]
-                    + (sword64)ad[ 9] * bd[12]
-                    + (sword64)ad[10] * bd[11]
-                    + (sword64)ad[11] * bd[10]
-                    + (sword64)ad[12] * bd[ 9]
-                    + (sword64)ad[13] * bd[ 8]
-                    + (sword64)ad[14] * bd[ 7]
-                    + (sword64)ad[15] * bd[ 6];
-    t[22] =           (sword64)ad[ 7] * bd[15]
-                    + (sword64)ad[ 8] * bd[14]
-                    + (sword64)ad[ 9] * bd[13]
-                    + (sword64)ad[10] * bd[12]
-                    + (sword64)ad[11] * bd[11]
-                    + (sword64)ad[12] * bd[10]
-                    + (sword64)ad[13] * bd[ 9]
-                    + (sword64)ad[14] * bd[ 8]
-                    + (sword64)ad[15] * bd[ 7];
-    t[23] =           (sword64)ad[ 8] * bd[15]
-                    + (sword64)ad[ 9] * bd[14]
-                    + (sword64)ad[10] * bd[13]
-                    + (sword64)ad[11] * bd[12]
-                    + (sword64)ad[12] * bd[11]
-                    + (sword64)ad[13] * bd[10]
-                    + (sword64)ad[14] * bd[ 9]
-                    + (sword64)ad[15] * bd[ 8];
-    t[24] =           (sword64)ad[ 9] * bd[15]
-                    + (sword64)ad[10] * bd[14]
-                    + (sword64)ad[11] * bd[13]
-                    + (sword64)ad[12] * bd[12]
-                    + (sword64)ad[13] * bd[11]
-                    + (sword64)ad[14] * bd[10]
-                    + (sword64)ad[15] * bd[ 9];
-    t[25] =           (sword64)ad[10] * bd[15]
-                    + (sword64)ad[11] * bd[14]
-                    + (sword64)ad[12] * bd[13]
-                    + (sword64)ad[13] * bd[12]
-                    + (sword64)ad[14] * bd[11]
-                    + (sword64)ad[15] * bd[10];
-    t[26] =           (sword64)ad[11] * bd[15]
-                    + (sword64)ad[12] * bd[14]
-                    + (sword64)ad[13] * bd[13]
-                    + (sword64)ad[14] * bd[12]
-                    + (sword64)ad[15] * bd[11];
-    t[27] =           (sword64)ad[12] * bd[15]
-                    + (sword64)ad[13] * bd[14]
-                    + (sword64)ad[14] * bd[13]
-                    + (sword64)ad[15] * bd[12];
-    t[28] =           (sword64)ad[13] * bd[15]
-                    + (sword64)ad[14] * bd[14]
-                    + (sword64)ad[15] * bd[13];
-    t[29] =           (sword64)ad[14] * bd[15]
-                    + (sword64)ad[15] * bd[14];
-    t[30] =           (sword64)ad[15] * bd[15];
+    t[ 0] = (word64)dd[ 0] + (sword64)ad[ 0] * bd[ 0];
+    t[ 1] = (word64)dd[ 1] + (sword64)ad[ 0] * bd[ 1]
+                           + (sword64)ad[ 1] * bd[ 0];
+    t[ 2] = (word64)dd[ 2] + (sword64)ad[ 0] * bd[ 2]
+                           + (sword64)ad[ 1] * bd[ 1]
+                           + (sword64)ad[ 2] * bd[ 0];
+    t[ 3] = (word64)dd[ 3] + (sword64)ad[ 0] * bd[ 3]
+                           + (sword64)ad[ 1] * bd[ 2]
+                           + (sword64)ad[ 2] * bd[ 1]
+                           + (sword64)ad[ 3] * bd[ 0];
+    t[ 4] = (word64)dd[ 4] + (sword64)ad[ 0] * bd[ 4]
+                           + (sword64)ad[ 1] * bd[ 3]
+                           + (sword64)ad[ 2] * bd[ 2]
+                           + (sword64)ad[ 3] * bd[ 1]
+                           + (sword64)ad[ 4] * bd[ 0];
+    t[ 5] = (word64)dd[ 5] + (sword64)ad[ 0] * bd[ 5]
+                           + (sword64)ad[ 1] * bd[ 4]
+                           + (sword64)ad[ 2] * bd[ 3]
+                           + (sword64)ad[ 3] * bd[ 2]
+                           + (sword64)ad[ 4] * bd[ 1]
+                           + (sword64)ad[ 5] * bd[ 0];
+    t[ 6] = (word64)dd[ 6] + (sword64)ad[ 0] * bd[ 6]
+                           + (sword64)ad[ 1] * bd[ 5]
+                           + (sword64)ad[ 2] * bd[ 4]
+                           + (sword64)ad[ 3] * bd[ 3]
+                           + (sword64)ad[ 4] * bd[ 2]
+                           + (sword64)ad[ 5] * bd[ 1]
+                           + (sword64)ad[ 6] * bd[ 0];
+    t[ 7] = (word64)dd[ 7] + (sword64)ad[ 0] * bd[ 7]
+                           + (sword64)ad[ 1] * bd[ 6]
+                           + (sword64)ad[ 2] * bd[ 5]
+                           + (sword64)ad[ 3] * bd[ 4]
+                           + (sword64)ad[ 4] * bd[ 3]
+                           + (sword64)ad[ 5] * bd[ 2]
+                           + (sword64)ad[ 6] * bd[ 1]
+                           + (sword64)ad[ 7] * bd[ 0];
+    t[ 8] = (word64)dd[ 8] + (sword64)ad[ 0] * bd[ 8]
+                           + (sword64)ad[ 1] * bd[ 7]
+                           + (sword64)ad[ 2] * bd[ 6]
+                           + (sword64)ad[ 3] * bd[ 5]
+                           + (sword64)ad[ 4] * bd[ 4]
+                           + (sword64)ad[ 5] * bd[ 3]
+                           + (sword64)ad[ 6] * bd[ 2]
+                           + (sword64)ad[ 7] * bd[ 1]
+                           + (sword64)ad[ 8] * bd[ 0];
+    t[ 9] = (word64)dd[ 9] + (sword64)ad[ 0] * bd[ 9]
+                           + (sword64)ad[ 1] * bd[ 8]
+                           + (sword64)ad[ 2] * bd[ 7]
+                           + (sword64)ad[ 3] * bd[ 6]
+                           + (sword64)ad[ 4] * bd[ 5]
+                           + (sword64)ad[ 5] * bd[ 4]
+                           + (sword64)ad[ 6] * bd[ 3]
+                           + (sword64)ad[ 7] * bd[ 2]
+                           + (sword64)ad[ 8] * bd[ 1]
+                           + (sword64)ad[ 9] * bd[ 0];
+    t[10] = (word64)dd[10] + (sword64)ad[ 0] * bd[10]
+                           + (sword64)ad[ 1] * bd[ 9]
+                           + (sword64)ad[ 2] * bd[ 8]
+                           + (sword64)ad[ 3] * bd[ 7]
+                           + (sword64)ad[ 4] * bd[ 6]
+                           + (sword64)ad[ 5] * bd[ 5]
+                           + (sword64)ad[ 6] * bd[ 4]
+                           + (sword64)ad[ 7] * bd[ 3]
+                           + (sword64)ad[ 8] * bd[ 2]
+                           + (sword64)ad[ 9] * bd[ 1]
+                           + (sword64)ad[10] * bd[ 0];
+    t[11] = (word64)dd[11] + (sword64)ad[ 0] * bd[11]
+                           + (sword64)ad[ 1] * bd[10]
+                           + (sword64)ad[ 2] * bd[ 9]
+                           + (sword64)ad[ 3] * bd[ 8]
+                           + (sword64)ad[ 4] * bd[ 7]
+                           + (sword64)ad[ 5] * bd[ 6]
+                           + (sword64)ad[ 6] * bd[ 5]
+                           + (sword64)ad[ 7] * bd[ 4]
+                           + (sword64)ad[ 8] * bd[ 3]
+                           + (sword64)ad[ 9] * bd[ 2]
+                           + (sword64)ad[10] * bd[ 1]
+                           + (sword64)ad[11] * bd[ 0];
+    t[12] = (word64)dd[12] + (sword64)ad[ 0] * bd[12]
+                           + (sword64)ad[ 1] * bd[11]
+                           + (sword64)ad[ 2] * bd[10]
+                           + (sword64)ad[ 3] * bd[ 9]
+                           + (sword64)ad[ 4] * bd[ 8]
+                           + (sword64)ad[ 5] * bd[ 7]
+                           + (sword64)ad[ 6] * bd[ 6]
+                           + (sword64)ad[ 7] * bd[ 5]
+                           + (sword64)ad[ 8] * bd[ 4]
+                           + (sword64)ad[ 9] * bd[ 3]
+                           + (sword64)ad[10] * bd[ 2]
+                           + (sword64)ad[11] * bd[ 1]
+                           + (sword64)ad[12] * bd[ 0];
+    t[13] = (word64)dd[13] + (sword64)ad[ 0] * bd[13]
+                           + (sword64)ad[ 1] * bd[12]
+                           + (sword64)ad[ 2] * bd[11]
+                           + (sword64)ad[ 3] * bd[10]
+                           + (sword64)ad[ 4] * bd[ 9]
+                           + (sword64)ad[ 5] * bd[ 8]
+                           + (sword64)ad[ 6] * bd[ 7]
+                           + (sword64)ad[ 7] * bd[ 6]
+                           + (sword64)ad[ 8] * bd[ 5]
+                           + (sword64)ad[ 9] * bd[ 4]
+                           + (sword64)ad[10] * bd[ 3]
+                           + (sword64)ad[11] * bd[ 2]
+                           + (sword64)ad[12] * bd[ 1]
+                           + (sword64)ad[13] * bd[ 0];
+    t[14] = (word64)dd[14] + (sword64)ad[ 0] * bd[14]
+                           + (sword64)ad[ 1] * bd[13]
+                           + (sword64)ad[ 2] * bd[12]
+                           + (sword64)ad[ 3] * bd[11]
+                           + (sword64)ad[ 4] * bd[10]
+                           + (sword64)ad[ 5] * bd[ 9]
+                           + (sword64)ad[ 6] * bd[ 8]
+                           + (sword64)ad[ 7] * bd[ 7]
+                           + (sword64)ad[ 8] * bd[ 6]
+                           + (sword64)ad[ 9] * bd[ 5]
+                           + (sword64)ad[10] * bd[ 4]
+                           + (sword64)ad[11] * bd[ 3]
+                           + (sword64)ad[12] * bd[ 2]
+                           + (sword64)ad[13] * bd[ 1]
+                           + (sword64)ad[14] * bd[ 0];
+    t[15] = (word64)dd[15] + (sword64)ad[ 0] * bd[15]
+                           + (sword64)ad[ 1] * bd[14]
+                           + (sword64)ad[ 2] * bd[13]
+                           + (sword64)ad[ 3] * bd[12]
+                           + (sword64)ad[ 4] * bd[11]
+                           + (sword64)ad[ 5] * bd[10]
+                           + (sword64)ad[ 6] * bd[ 9]
+                           + (sword64)ad[ 7] * bd[ 8]
+                           + (sword64)ad[ 8] * bd[ 7]
+                           + (sword64)ad[ 9] * bd[ 6]
+                           + (sword64)ad[10] * bd[ 5]
+                           + (sword64)ad[11] * bd[ 4]
+                           + (sword64)ad[12] * bd[ 3]
+                           + (sword64)ad[13] * bd[ 2]
+                           + (sword64)ad[14] * bd[ 1]
+                           + (sword64)ad[15] * bd[ 0];
+    t[16] = (word64)          (sword64)ad[ 1] * bd[15]
+                           + (sword64)ad[ 2] * bd[14]
+                           + (sword64)ad[ 3] * bd[13]
+                           + (sword64)ad[ 4] * bd[12]
+                           + (sword64)ad[ 5] * bd[11]
+                           + (sword64)ad[ 6] * bd[10]
+                           + (sword64)ad[ 7] * bd[ 9]
+                           + (sword64)ad[ 8] * bd[ 8]
+                           + (sword64)ad[ 9] * bd[ 7]
+                           + (sword64)ad[10] * bd[ 6]
+                           + (sword64)ad[11] * bd[ 5]
+                           + (sword64)ad[12] * bd[ 4]
+                           + (sword64)ad[13] * bd[ 3]
+                           + (sword64)ad[14] * bd[ 2]
+                           + (sword64)ad[15] * bd[ 1];
+    t[17] = (word64)          (sword64)ad[ 2] * bd[15]
+                           + (sword64)ad[ 3] * bd[14]
+                           + (sword64)ad[ 4] * bd[13]
+                           + (sword64)ad[ 5] * bd[12]
+                           + (sword64)ad[ 6] * bd[11]
+                           + (sword64)ad[ 7] * bd[10]
+                           + (sword64)ad[ 8] * bd[ 9]
+                           + (sword64)ad[ 9] * bd[ 8]
+                           + (sword64)ad[10] * bd[ 7]
+                           + (sword64)ad[11] * bd[ 6]
+                           + (sword64)ad[12] * bd[ 5]
+                           + (sword64)ad[13] * bd[ 4]
+                           + (sword64)ad[14] * bd[ 3]
+                           + (sword64)ad[15] * bd[ 2];
+    t[18] = (word64)          (sword64)ad[ 3] * bd[15]
+                           + (sword64)ad[ 4] * bd[14]
+                           + (sword64)ad[ 5] * bd[13]
+                           + (sword64)ad[ 6] * bd[12]
+                           + (sword64)ad[ 7] * bd[11]
+                           + (sword64)ad[ 8] * bd[10]
+                           + (sword64)ad[ 9] * bd[ 9]
+                           + (sword64)ad[10] * bd[ 8]
+                           + (sword64)ad[11] * bd[ 7]
+                           + (sword64)ad[12] * bd[ 6]
+                           + (sword64)ad[13] * bd[ 5]
+                           + (sword64)ad[14] * bd[ 4]
+                           + (sword64)ad[15] * bd[ 3];
+    t[19] = (word64)          (sword64)ad[ 4] * bd[15]
+                           + (sword64)ad[ 5] * bd[14]
+                           + (sword64)ad[ 6] * bd[13]
+                           + (sword64)ad[ 7] * bd[12]
+                           + (sword64)ad[ 8] * bd[11]
+                           + (sword64)ad[ 9] * bd[10]
+                           + (sword64)ad[10] * bd[ 9]
+                           + (sword64)ad[11] * bd[ 8]
+                           + (sword64)ad[12] * bd[ 7]
+                           + (sword64)ad[13] * bd[ 6]
+                           + (sword64)ad[14] * bd[ 5]
+                           + (sword64)ad[15] * bd[ 4];
+    t[20] = (word64)          (sword64)ad[ 5] * bd[15]
+                           + (sword64)ad[ 6] * bd[14]
+                           + (sword64)ad[ 7] * bd[13]
+                           + (sword64)ad[ 8] * bd[12]
+                           + (sword64)ad[ 9] * bd[11]
+                           + (sword64)ad[10] * bd[10]
+                           + (sword64)ad[11] * bd[ 9]
+                           + (sword64)ad[12] * bd[ 8]
+                           + (sword64)ad[13] * bd[ 7]
+                           + (sword64)ad[14] * bd[ 6]
+                           + (sword64)ad[15] * bd[ 5];
+    t[21] = (word64)          (sword64)ad[ 6] * bd[15]
+                           + (sword64)ad[ 7] * bd[14]
+                           + (sword64)ad[ 8] * bd[13]
+                           + (sword64)ad[ 9] * bd[12]
+                           + (sword64)ad[10] * bd[11]
+                           + (sword64)ad[11] * bd[10]
+                           + (sword64)ad[12] * bd[ 9]
+                           + (sword64)ad[13] * bd[ 8]
+                           + (sword64)ad[14] * bd[ 7]
+                           + (sword64)ad[15] * bd[ 6];
+    t[22] = (word64)          (sword64)ad[ 7] * bd[15]
+                           + (sword64)ad[ 8] * bd[14]
+                           + (sword64)ad[ 9] * bd[13]
+                           + (sword64)ad[10] * bd[12]
+                           + (sword64)ad[11] * bd[11]
+                           + (sword64)ad[12] * bd[10]
+                           + (sword64)ad[13] * bd[ 9]
+                           + (sword64)ad[14] * bd[ 8]
+                           + (sword64)ad[15] * bd[ 7];
+    t[23] = (word64)          (sword64)ad[ 8] * bd[15]
+                           + (sword64)ad[ 9] * bd[14]
+                           + (sword64)ad[10] * bd[13]
+                           + (sword64)ad[11] * bd[12]
+                           + (sword64)ad[12] * bd[11]
+                           + (sword64)ad[13] * bd[10]
+                           + (sword64)ad[14] * bd[ 9]
+                           + (sword64)ad[15] * bd[ 8];
+    t[24] = (word64)          (sword64)ad[ 9] * bd[15]
+                           + (sword64)ad[10] * bd[14]
+                           + (sword64)ad[11] * bd[13]
+                           + (sword64)ad[12] * bd[12]
+                           + (sword64)ad[13] * bd[11]
+                           + (sword64)ad[14] * bd[10]
+                           + (sword64)ad[15] * bd[ 9];
+    t[25] = (word64)          (sword64)ad[10] * bd[15]
+                           + (sword64)ad[11] * bd[14]
+                           + (sword64)ad[12] * bd[13]
+                           + (sword64)ad[13] * bd[12]
+                           + (sword64)ad[14] * bd[11]
+                           + (sword64)ad[15] * bd[10];
+    t[26] = (word64)          (sword64)ad[11] * bd[15]
+                           + (sword64)ad[12] * bd[14]
+                           + (sword64)ad[13] * bd[13]
+                           + (sword64)ad[14] * bd[12]
+                           + (sword64)ad[15] * bd[11];
+    t[27] = (word64)          (sword64)ad[12] * bd[15]
+                           + (sword64)ad[13] * bd[14]
+                           + (sword64)ad[14] * bd[13]
+                           + (sword64)ad[15] * bd[12];
+    t[28] = (word64)          (sword64)ad[13] * bd[15]
+                           + (sword64)ad[14] * bd[14]
+                           + (sword64)ad[15] * bd[13];
+    t[29] = (word64)          (sword64)ad[14] * bd[15]
+                           + (sword64)ad[15] * bd[14];
+    t[30] = (word64)          (sword64)ad[15] * bd[15];
     t[31] = 0;
 
     /* Mod curve order */
@@ -6202,62 +6202,62 @@ void sc448_muladd(byte* r, const byte* a, const byte* b, const byte* d)
     o = rd[14] >> 28; rd[15] += o; rd[14] = rd[14] & 0xfffffff;
 
     /* Convert to bytes */
-    r[ 0] = (rd[0 ] >>  0);
-    r[ 1] = (rd[0 ] >>  8);
-    r[ 2] = (rd[0 ] >> 16);
-    r[ 3] = (rd[0 ] >> 24) + ((rd[1 ] >>  0) <<  4);
-    r[ 4] = (rd[1 ] >>  4);
-    r[ 5] = (rd[1 ] >> 12);
-    r[ 6] = (rd[1 ] >> 20);
-    r[ 7] = (rd[2 ] >>  0);
-    r[ 8] = (rd[2 ] >>  8);
-    r[ 9] = (rd[2 ] >> 16);
-    r[10] = (rd[2 ] >> 24) + ((rd[3 ] >>  0) <<  4);
-    r[11] = (rd[3 ] >>  4);
-    r[12] = (rd[3 ] >> 12);
-    r[13] = (rd[3 ] >> 20);
-    r[14] = (rd[4 ] >>  0);
-    r[15] = (rd[4 ] >>  8);
-    r[16] = (rd[4 ] >> 16);
-    r[17] = (rd[4 ] >> 24) + ((rd[5 ] >>  0) <<  4);
-    r[18] = (rd[5 ] >>  4);
-    r[19] = (rd[5 ] >> 12);
-    r[20] = (rd[5 ] >> 20);
-    r[21] = (rd[6 ] >>  0);
-    r[22] = (rd[6 ] >>  8);
-    r[23] = (rd[6 ] >> 16);
-    r[24] = (rd[6 ] >> 24) + ((rd[7 ] >>  0) <<  4);
-    r[25] = (rd[7 ] >>  4);
-    r[26] = (rd[7 ] >> 12);
-    r[27] = (rd[7 ] >> 20);
-    r[28] = (rd[8 ] >>  0);
-    r[29] = (rd[8 ] >>  8);
-    r[30] = (rd[8 ] >> 16);
-    r[31] = (rd[8 ] >> 24) + ((rd[9 ] >>  0) <<  4);
-    r[32] = (rd[9 ] >>  4);
-    r[33] = (rd[9 ] >> 12);
-    r[34] = (rd[9 ] >> 20);
-    r[35] = (rd[10] >>  0);
-    r[36] = (rd[10] >>  8);
-    r[37] = (rd[10] >> 16);
-    r[38] = (rd[10] >> 24) + ((rd[11] >>  0) <<  4);
-    r[39] = (rd[11] >>  4);
-    r[40] = (rd[11] >> 12);
-    r[41] = (rd[11] >> 20);
-    r[42] = (rd[12] >>  0);
-    r[43] = (rd[12] >>  8);
-    r[44] = (rd[12] >> 16);
-    r[45] = (rd[12] >> 24) + ((rd[13] >>  0) <<  4);
-    r[46] = (rd[13] >>  4);
-    r[47] = (rd[13] >> 12);
-    r[48] = (rd[13] >> 20);
-    r[49] = (rd[14] >>  0);
-    r[50] = (rd[14] >>  8);
-    r[51] = (rd[14] >> 16);
-    r[52] = (rd[14] >> 24) + ((rd[15] >>  0) <<  4);
-    r[53] = (rd[15] >>  4);
-    r[54] = (rd[15] >> 12);
-    r[55] = (rd[15] >> 20);
+    r[ 0] = (byte)(rd[0 ] >>  0);
+    r[ 1] = (byte)(rd[0 ] >>  8);
+    r[ 2] = (byte)(rd[0 ] >> 16);
+    r[ 3] = (byte)(rd[0 ] >> 24) + ((rd[1 ] >>  0) <<  4);
+    r[ 4] = (byte)(rd[1 ] >>  4);
+    r[ 5] = (byte)(rd[1 ] >> 12);
+    r[ 6] = (byte)(rd[1 ] >> 20);
+    r[ 7] = (byte)(rd[2 ] >>  0);
+    r[ 8] = (byte)(rd[2 ] >>  8);
+    r[ 9] = (byte)(rd[2 ] >> 16);
+    r[10] = (byte)(rd[2 ] >> 24) + ((rd[3 ] >>  0) <<  4);
+    r[11] = (byte)(rd[3 ] >>  4);
+    r[12] = (byte)(rd[3 ] >> 12);
+    r[13] = (byte)(rd[3 ] >> 20);
+    r[14] = (byte)(rd[4 ] >>  0);
+    r[15] = (byte)(rd[4 ] >>  8);
+    r[16] = (byte)(rd[4 ] >> 16);
+    r[17] = (byte)(rd[4 ] >> 24) + ((rd[5 ] >>  0) <<  4);
+    r[18] = (byte)(rd[5 ] >>  4);
+    r[19] = (byte)(rd[5 ] >> 12);
+    r[20] = (byte)(rd[5 ] >> 20);
+    r[21] = (byte)(rd[6 ] >>  0);
+    r[22] = (byte)(rd[6 ] >>  8);
+    r[23] = (byte)(rd[6 ] >> 16);
+    r[24] = (byte)(rd[6 ] >> 24) + ((rd[7 ] >>  0) <<  4);
+    r[25] = (byte)(rd[7 ] >>  4);
+    r[26] = (byte)(rd[7 ] >> 12);
+    r[27] = (byte)(rd[7 ] >> 20);
+    r[28] = (byte)(rd[8 ] >>  0);
+    r[29] = (byte)(rd[8 ] >>  8);
+    r[30] = (byte)(rd[8 ] >> 16);
+    r[31] = (byte)(rd[8 ] >> 24) + ((rd[9 ] >>  0) <<  4);
+    r[32] = (byte)(rd[9 ] >>  4);
+    r[33] = (byte)(rd[9 ] >> 12);
+    r[34] = (byte)(rd[9 ] >> 20);
+    r[35] = (byte)(rd[10] >>  0);
+    r[36] = (byte)(rd[10] >>  8);
+    r[37] = (byte)(rd[10] >> 16);
+    r[38] = (byte)(rd[10] >> 24) + ((rd[11] >>  0) <<  4);
+    r[39] = (byte)(rd[11] >>  4);
+    r[40] = (byte)(rd[11] >> 12);
+    r[41] = (byte)(rd[11] >> 20);
+    r[42] = (byte)(rd[12] >>  0);
+    r[43] = (byte)(rd[12] >>  8);
+    r[44] = (byte)(rd[12] >> 16);
+    r[45] = (byte)(rd[12] >> 24) + ((rd[13] >>  0) <<  4);
+    r[46] = (byte)(rd[13] >>  4);
+    r[47] = (byte)(rd[13] >> 12);
+    r[48] = (byte)(rd[13] >> 20);
+    r[49] = (byte)(rd[14] >>  0);
+    r[50] = (byte)(rd[14] >>  8);
+    r[51] = (byte)(rd[14] >> 16);
+    r[52] = (byte)(rd[14] >> 24) + ((rd[15] >>  0) <<  4);
+    r[53] = (byte)(rd[15] >>  4);
+    r[54] = (byte)(rd[15] >> 12);
+    r[55] = (byte)(rd[15] >> 20);
     r[56] = 0;
 }
 
@@ -10455,7 +10455,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
     fe448_mul(x, p->X, recip);
     fe448_mul(y, p->Y, recip);
     fe448_to_bytes(b, y);
-    b[56] = fe448_isnegative(x) << 7;
+    b[56] = (byte)fe448_isnegative(x) << 7;
 }
 
 /* Convert point to byte array assuming z is 1.
@@ -10466,7 +10466,7 @@ void ge448_to_bytes(byte *b, const ge448_p2 *p)
 static void ge448_p2z1_to_bytes(byte *b, const ge448_p2 *p)
 {
     fe448_to_bytes(b, p->Y);
-    b[56] = fe448_isnegative(p->X) << 7;
+    b[56] = (byte)fe448_isnegative(p->X) << 7;
 }
 
 /* Compress the point to y-ordinate and negative bit.
@@ -10543,7 +10543,7 @@ static void ge448_select(ge448_precomp* r, int pos, byte b)
 {
     ge448 minusx[16];
     byte bnegative = negative(b);
-    byte babs = b - (((-bnegative) & b) << 1);
+    byte babs = (byte)(b - (((-bnegative) & b) << 1));
 
     ge448_precomp_0(r);
     cmov(r, &base[pos][0], babs, 1);
@@ -10575,12 +10575,12 @@ void ge448_scalarmult_base(ge448_p2* r, const byte* a)
         e[2 * i + 0] = ((a[i] >> 0) & 0xf) + carry;
         carry = e[2 * i + 0] + 8;
         carry >>= 4;
-        e[2 * i + 0] -= carry << 4;
+        e[2 * i + 0] -= (byte)(carry << 4);
 
         e[2 * i + 1] = ((a[i] >> 4) & 0xf) + carry;
         carry = e[2 * i + 1] + 8;
         carry >>= 4;
-        e[2 * i + 1] -= carry << 4;
+        e[2 * i + 1] -= (byte)(carry << 4);
     }
     e[112] = carry;
     /* each e[i] is between -8 and 8 */
@@ -10633,10 +10633,11 @@ static void slide(sword8 *r, const byte *a)
             }
 
             if (r[i] + (r[i + b] << b) <= 31) {
-                r[i] += r[i + b] << b; r[i + b] = 0;
+                r[i] += (sword8)(r[i + b] << b);
+                r[i + b] = 0;
             }
             else if (r[i] - (r[i + b] << b) >= -31) {
-                r[i] -= r[i + b] << b;
+                r[i] -= (sword8)(r[i + b] << b);
                 for (k = i + b; k < 448; ++k) {
                     if (!r[k]) {
                         r[k] = 1;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
index c4fa510c..abe6ea69 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_low_mem.c
@@ -442,28 +442,6 @@ void ge_scalarmult_base(ge_p3 *R,const unsigned char *nonce)
 
 
 /* pack the point h into array s */
-void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
-{
-    byte x[F25519_SIZE];
-    byte y[F25519_SIZE];
-    byte z1[F25519_SIZE];
-    byte parity;
-
-    fe_inv__distinct(z1, h->Z);
-    fe_mul__distinct(x, h->X, z1);
-    fe_mul__distinct(y, h->Y, z1);
-
-    fe_normalize(x);
-    fe_normalize(y);
-
-    parity = (x[0] & 1) << 7;
-    lm_copy(s, y);
-    fe_normalize(s);
-    s[31] |= parity;
-}
-
-
-/* pack the point h into array s */
 void ge_tobytes(unsigned char *s,const ge_p2 *h)
 {
     byte x[F25519_SIZE];
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
index 95f4f308..57a838cd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/ge_operations.c
@@ -58,19 +58,23 @@
 
 static void ge_p2_0(ge_p2 *h);
 #ifndef CURVED25519_ASM
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
 static void ge_precomp_0(ge_precomp *h);
+#endif
 static void ge_p3_to_p2(ge_p2 *r,const ge_p3 *p);
 #endif
 static WC_INLINE void ge_p3_to_cached(ge_cached *r,const ge_p3 *p);
+
+#ifndef CURVED25519_ASM
 static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p);
 static WC_INLINE void ge_p1p1_to_p3(ge_p3 *r,const ge_p1p1 *p);
 static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p);
 static void ge_p3_dbl(ge_p1p1 *r,const ge_p3 *p);
-
 static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q);
 static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q);
 static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q);
 static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q);
+#endif
 
 /*
 ge means group element.
@@ -95,28 +99,6 @@ Representations:
 #define ORDER_4     0x1dea2f
 #define ORDER_5     0xa6f7c
 
-#ifdef CURVED25519_ASM_32BIT
-word64 load_3(const unsigned char *in)
-{
-  word64 result;
-  result = (word64) in[0];
-  result |= ((word64) in[1]) << 8;
-  result |= ((word64) in[2]) << 16;
-  return result;
-}
-
-
-word64 load_4(const unsigned char *in)
-{
-  word64 result;
-  result = (word64) in[0];
-  result |= ((word64) in[1]) << 8;
-  result |= ((word64) in[2]) << 16;
-  result |= ((word64) in[3]) << 24;
-  return result;
-}
-#endif
-
 /*
 Input:
   s[0]+256*s[1]+...+256^63*s[63] = s
@@ -126,6 +108,7 @@ Output:
   where l = 2^252 + 27742317777372353535851937790883648493.
   Overwrites s in place.
 */
+#ifndef CURVED25519_ASM
 void sc_reduce(byte* s)
 {
     sword64 t[24];
@@ -638,7 +621,9 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
     s[30] = (byte)(t[11] >>  9);
     s[31] = (byte)(t[11] >> 17);
 }
+#endif
 #else
+#ifndef CURVED25519_ASM
 static word64 load_6(const byte* a)
 {
     word64 n;
@@ -744,38 +729,38 @@ void sc_reduce(byte* s)
     carry = t[ 3] >> 42; t[ 4] += carry; t[ 3] &= MASK_42;
     carry = t[ 4] >> 42; t[ 5] += carry; t[ 4] &= MASK_42;
 
-    s[ 0] = (t[ 0] >>  0);
-    s[ 1] = (t[ 0] >>  8);
-    s[ 2] = (t[ 0] >> 16);
-    s[ 3] = (t[ 0] >> 24);
-    s[ 4] = (t[ 0] >> 32);
-    s[ 5] = (t[ 0] >> 40) | (t[ 1] <<  2);
-    s[ 6] = (t[ 1] >>  6);
-    s[ 7] = (t[ 1] >> 14);
-    s[ 8] = (t[ 1] >> 22);
-    s[ 9] = (t[ 1] >> 30);
-    s[10] = (t[ 1] >> 38) | (t[ 2] <<  4);
-    s[11] = (t[ 2] >>  4);
-    s[12] = (t[ 2] >> 12);
-    s[13] = (t[ 2] >> 20);
-    s[14] = (t[ 2] >> 28);
-    s[15] = (t[ 2] >> 36) | (t[ 3] <<  6);
-    s[16] = (t[ 3] >>  2);
-    s[17] = (t[ 3] >> 10);
-    s[18] = (t[ 3] >> 18);
-    s[19] = (t[ 3] >> 26);
-    s[20] = (t[ 3] >> 34);
-    s[21] = (t[ 4] >>  0);
-    s[22] = (t[ 4] >>  8);
-    s[23] = (t[ 4] >> 16);
-    s[24] = (t[ 4] >> 24);
-    s[25] = (t[ 4] >> 32);
-    s[26] = (t[ 4] >> 40) | (t[ 5] <<  2);
-    s[27] = (t[ 5] >>  6);
-    s[28] = (t[ 5] >> 14);
-    s[29] = (t[ 5] >> 22);
-    s[30] = (t[ 5] >> 30);
-    s[31] = (t[ 5] >> 38);
+    s[ 0] = (byte)(t[ 0] >>  0);
+    s[ 1] = (byte)(t[ 0] >>  8);
+    s[ 2] = (byte)(t[ 0] >> 16);
+    s[ 3] = (byte)(t[ 0] >> 24);
+    s[ 4] = (byte)(t[ 0] >> 32);
+    s[ 5] = (byte)(t[ 0] >> 40) | (byte)(t[ 1] <<  2);
+    s[ 6] = (byte)(t[ 1] >>  6);
+    s[ 7] = (byte)(t[ 1] >> 14);
+    s[ 8] = (byte)(t[ 1] >> 22);
+    s[ 9] = (byte)(t[ 1] >> 30);
+    s[10] = (byte)(t[ 1] >> 38) | (byte)(t[ 2] <<  4);
+    s[11] = (byte)(t[ 2] >>  4);
+    s[12] = (byte)(t[ 2] >> 12);
+    s[13] = (byte)(t[ 2] >> 20);
+    s[14] = (byte)(t[ 2] >> 28);
+    s[15] = (byte)(t[ 2] >> 36) | (byte)(t[ 3] <<  6);
+    s[16] = (byte)(t[ 3] >>  2);
+    s[17] = (byte)(t[ 3] >> 10);
+    s[18] = (byte)(t[ 3] >> 18);
+    s[19] = (byte)(t[ 3] >> 26);
+    s[20] = (byte)(t[ 3] >> 34);
+    s[21] = (byte)(t[ 4] >>  0);
+    s[22] = (byte)(t[ 4] >>  8);
+    s[23] = (byte)(t[ 4] >> 16);
+    s[24] = (byte)(t[ 4] >> 24);
+    s[25] = (byte)(t[ 4] >> 32);
+    s[26] = (byte)(t[ 4] >> 40) | (byte)(t[ 5] <<  2);
+    s[27] = (byte)(t[ 5] >>  6);
+    s[28] = (byte)(t[ 5] >> 14);
+    s[29] = (byte)(t[ 5] >> 22);
+    s[30] = (byte)(t[ 5] >> 30);
+    s[31] = (byte)(t[ 5] >> 38);
 }
 
 /*
@@ -896,59 +881,57 @@ void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
     carry = t[ 3] >> 42; t[ 4] += carry; t[ 3] &= MASK_42;
     carry = t[ 4] >> 42; t[ 5] += carry; t[ 4] &= MASK_42;
 
-    s[ 0] = (t[ 0] >>  0);
-    s[ 1] = (t[ 0] >>  8);
-    s[ 2] = (t[ 0] >> 16);
-    s[ 3] = (t[ 0] >> 24);
-    s[ 4] = (t[ 0] >> 32);
-    s[ 5] = (t[ 0] >> 40) | (t[ 1] <<  2);
-    s[ 6] = (t[ 1] >>  6);
-    s[ 7] = (t[ 1] >> 14);
-    s[ 8] = (t[ 1] >> 22);
-    s[ 9] = (t[ 1] >> 30);
-    s[10] = (t[ 1] >> 38) | (t[ 2] <<  4);
-    s[11] = (t[ 2] >>  4);
-    s[12] = (t[ 2] >> 12);
-    s[13] = (t[ 2] >> 20);
-    s[14] = (t[ 2] >> 28);
-    s[15] = (t[ 2] >> 36) | (t[ 3] <<  6);
-    s[16] = (t[ 3] >>  2);
-    s[17] = (t[ 3] >> 10);
-    s[18] = (t[ 3] >> 18);
-    s[19] = (t[ 3] >> 26);
-    s[20] = (t[ 3] >> 34);
-    s[21] = (t[ 4] >>  0);
-    s[22] = (t[ 4] >>  8);
-    s[23] = (t[ 4] >> 16);
-    s[24] = (t[ 4] >> 24);
-    s[25] = (t[ 4] >> 32);
-    s[26] = (t[ 4] >> 40) | (t[ 5] <<  2);
-    s[27] = (t[ 5] >>  6);
-    s[28] = (t[ 5] >> 14);
-    s[29] = (t[ 5] >> 22);
-    s[30] = (t[ 5] >> 30);
-    s[31] = (t[ 5] >> 38);
+    s[ 0] = (byte)(t[ 0] >>  0);
+    s[ 1] = (byte)(t[ 0] >>  8);
+    s[ 2] = (byte)(t[ 0] >> 16);
+    s[ 3] = (byte)(t[ 0] >> 24);
+    s[ 4] = (byte)(t[ 0] >> 32);
+    s[ 5] = (byte)(t[ 0] >> 40) | (byte)(t[ 1] <<  2);
+    s[ 6] = (byte)(t[ 1] >>  6);
+    s[ 7] = (byte)(t[ 1] >> 14);
+    s[ 8] = (byte)(t[ 1] >> 22);
+    s[ 9] = (byte)(t[ 1] >> 30);
+    s[10] = (byte)(t[ 1] >> 38) | (byte)(t[ 2] <<  4);
+    s[11] = (byte)(t[ 2] >>  4);
+    s[12] = (byte)(t[ 2] >> 12);
+    s[13] = (byte)(t[ 2] >> 20);
+    s[14] = (byte)(t[ 2] >> 28);
+    s[15] = (byte)(t[ 2] >> 36) | (byte)(t[ 3] <<  6);
+    s[16] = (byte)(t[ 3] >>  2);
+    s[17] = (byte)(t[ 3] >> 10);
+    s[18] = (byte)(t[ 3] >> 18);
+    s[19] = (byte)(t[ 3] >> 26);
+    s[20] = (byte)(t[ 3] >> 34);
+    s[21] = (byte)(t[ 4] >>  0);
+    s[22] = (byte)(t[ 4] >>  8);
+    s[23] = (byte)(t[ 4] >> 16);
+    s[24] = (byte)(t[ 4] >> 24);
+    s[25] = (byte)(t[ 4] >> 32);
+    s[26] = (byte)(t[ 4] >> 40) | (byte)(t[ 5] <<  2);
+    s[27] = (byte)(t[ 5] >>  6);
+    s[28] = (byte)(t[ 5] >> 14);
+    s[29] = (byte)(t[ 5] >> 22);
+    s[30] = (byte)(t[ 5] >> 30);
+    s[31] = (byte)(t[ 5] >> 38);
 }
+#endif /* !CURVED25519_ASM */
 #endif /* !HAVE___UINT128_T || NO_CURVED25519_128BIT */
 
 int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz)
 {
-    ge     x,y,z;
-    ge_p3  g;
-    byte   bArray[ED25519_KEY_SIZE];
+    ge_p2  g;
+    ALIGN16 byte bArray[ED25519_KEY_SIZE];
+    ALIGN16 byte x[ED25519_PUB_KEY_SIZE];
+    ALIGN16 byte y[ED25519_PUB_KEY_SIZE];
     word32 i;
 
-    fe_0(x);
-    fe_0(y);
-    fe_1(z);
-    fe_frombytes(x, xIn);
-    fe_frombytes(y, yIn);
-
-    fe_copy(g.X, x);
-    fe_copy(g.Y, y);
-    fe_copy(g.Z, z);
+    XMEMCPY(x, xIn, ED25519_PUB_KEY_SIZE);
+    XMEMCPY(y, yIn, ED25519_PUB_KEY_SIZE);
+    fe_frombytes(g.X, x);
+    fe_frombytes(g.Y, y);
+    fe_1(g.Z);
 
-    ge_p3_tobytes(bArray, &g);
+    ge_tobytes(bArray, &g);
 
     for (i = 0; i < keySz; i++) {
         out[keySz - 1 - i] = bArray[i];
@@ -961,9 +944,9 @@ int ge_compress_key(byte* out, const byte* xIn, const byte* yIn, word32 keySz)
 /*
 r = p + q
 */
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
 {
-#ifndef CURVED25519_ASM
     ge t0;
     fe_add(r->X,p->Y,p->X);
     fe_sub(r->Y,p->Y,p->X);
@@ -976,31 +959,27 @@ static WC_INLINE void ge_add(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
     fe_add(r->Y,r->Z,r->Y);
     fe_add(r->Z,t0,r->T);
     fe_sub(r->T,t0,r->T);
-#else
-    fe_ge_add(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->Z, q->T2d,
-              q->YplusX, q->YminusX);
-#endif
 }
+#endif
 
 
 #ifndef CURVED25519_ASM
 /* ge_scalar mult base */
-static unsigned char equal(signed char b,signed char c)
+static unsigned char equal(unsigned char b,unsigned char c)
 {
-  unsigned char ub = b;
-  unsigned char uc = c;
-  unsigned char x = ub ^ uc; /* 0: yes; 1..255: no */
+  unsigned char x = b ^ c; /* 0: yes; 1..255: no */
   word32 y = x; /* 0: yes; 1..255: no */
   y -= 1; /* 4294967295: yes; 0..254: no */
   y >>= 31; /* 1: yes; 0: no */
   return (unsigned char)y;
 }
 
-
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
 static unsigned char negative(signed char b)
 {
   return ((unsigned char)b) >> 7;
 }
+#endif
 
 
 static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
@@ -1013,6 +992,7 @@ static WC_INLINE void cmov(ge_precomp *t,const ge_precomp *u,unsigned char b,
 }
 #endif
 
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
 #ifdef CURVED25519_ASM_64BIT
 static const ge_precomp base[64][8] = {
 {
@@ -9098,7 +9078,7 @@ static void ge_select(ge_precomp *t,int pos,signed char b)
 #ifndef CURVED25519_ASM
   ge_precomp minust;
   unsigned char bnegative = negative(b);
-  unsigned char babs = b - (((-bnegative) & b) << 1);
+  unsigned char babs = (unsigned char)(b - (((-bnegative) & b) << 1));
 
   ge_precomp_0(t);
   cmov(t,&base[pos][0],babs,1);
@@ -9148,7 +9128,7 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a)
     e[i] += carry;
     carry = e[i] + 8;
     carry >>= 4;
-    e[i] -= carry << 4;
+    e[i] -= (signed char)(carry << 4);
   }
   e[63] += carry;
   /* each e[i] is between -8 and 8 */
@@ -9190,6 +9170,7 @@ void ge_scalarmult_base(ge_p3 *h,const unsigned char *a)
   }
 #endif
 }
+#endif /* HAVE_ED25519_SIGN || HAVE_ED25519_MAKE_KEY */
 
 
 #define SLIDE_SIZE 256
@@ -9209,9 +9190,9 @@ static void slide(signed char *r,const unsigned char *a)
       for (b = 1;b <= 6 && i + b < SLIDE_SIZE;++b) {
         if (r[i + b]) {
           if (r[i] + (r[i + b] << b) <= 15) {
-            r[i] += r[i + b] << b; r[i + b] = 0;
+            r[i] += (signed char)(r[i + b] << b); r[i + b] = 0;
           } else if (r[i] - (r[i + b] << b) >= -15) {
-            r[i] -= r[i + b] << b;
+            r[i] -= (signed char)(r[i + b] << b);
             for (k = i + b;k < SLIDE_SIZE;++k) {
               if (!r[k]) {
                 r[k] = 1;
@@ -9598,9 +9579,9 @@ int ge_frombytes_negate_vartime(ge_p3 *h,const unsigned char *s)
 r = p + q
 */
 
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
 {
-#ifndef CURVED25519_ASM
     ge t0;
     fe_add(r->X,p->Y,p->X);
     fe_sub(r->Y,p->Y,p->X);
@@ -9612,11 +9593,8 @@ static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
     fe_add(r->Y,r->Z,r->Y);
     fe_add(r->Z,t0,r->T);
     fe_sub(r->T,t0,r->T);
-#else
-    fe_ge_madd(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->xy2d,
-              q->yplusx, q->yminusx);
-#endif
 }
+#endif
 
 
 /* ge msub */
@@ -9625,9 +9603,9 @@ static WC_INLINE void ge_madd(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
 r = p - q
 */
 
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
 {
-#ifndef CURVED25519_ASM
     ge t0;
     fe_add(r->X,p->Y,p->X);
     fe_sub(r->Y,p->Y,p->X);
@@ -9639,11 +9617,8 @@ static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
     fe_add(r->Y,r->Z,r->Y);
     fe_sub(r->Z,t0,r->T);
     fe_add(r->T,t0,r->T);
-#else
-    fe_ge_msub(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->xy2d,
-              q->yplusx, q->yminusx);
-#endif
 }
+#endif
 
 
 /* ge p1p1 to p2 */
@@ -9651,16 +9626,14 @@ static WC_INLINE void ge_msub(ge_p1p1 *r,const ge_p3 *p,const ge_precomp *q)
 r = p
 */
 
+#ifndef CURVED25519_ASM
 static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p)
 {
-#ifndef CURVED25519_ASM
   fe_mul(r->X,p->X,p->T);
   fe_mul(r->Y,p->Y,p->Z);
   fe_mul(r->Z,p->Z,p->T);
-#else
-  fe_ge_to_p2(r->X, r->Y, r->Z, p->X, p->Y, p->Z, p->T);
-#endif
 }
+#endif
 
 
 /* ge p1p1 to p3 */
@@ -9669,17 +9642,15 @@ static void ge_p1p1_to_p2(ge_p2 *r,const ge_p1p1 *p)
 r = p
 */
 
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_p1p1_to_p3(ge_p3 *r,const ge_p1p1 *p)
 {
-#ifndef CURVED25519_ASM
   fe_mul(r->X,p->X,p->T);
   fe_mul(r->Y,p->Y,p->Z);
   fe_mul(r->Z,p->Z,p->T);
   fe_mul(r->T,p->X,p->Y);
-#else
-  fe_ge_to_p3(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T);
-#endif
 }
+#endif
 
 
 /* ge p2 0 */
@@ -9698,9 +9669,9 @@ static void ge_p2_0(ge_p2 *h)
 r = 2 * p
 */
 
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
 {
-#ifndef CURVED25519_ASM
     ge t0;
     fe_sq(r->X,p->X);
     fe_sq(r->Z,p->Y);
@@ -9711,10 +9682,8 @@ static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
     fe_sub(r->Z,r->Z,r->X);
     fe_sub(r->X,t0,r->Y);
     fe_sub(r->T,r->T,r->Z);
-#else
-    fe_ge_dbl(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z);
-#endif
 }
+#endif
 
 
 /* ge p3 dble */
@@ -9723,16 +9692,14 @@ static WC_INLINE void ge_p2_dbl(ge_p1p1 *r,const ge_p2 *p)
 r = 2 * p
 */
 
+#ifndef CURVED25519_ASM
 static void ge_p3_dbl(ge_p1p1 *r,const ge_p3 *p)
 {
-#ifndef CURVED25519_ASM
     ge_p2 q;
     ge_p3_to_p2(&q,p);
     ge_p2_dbl(r,&q);
-#else
-    fe_ge_dbl(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z);
-#endif
 }
+#endif
 
 
 /* ge p3 to cached */
@@ -9786,6 +9753,7 @@ static void ge_p3_to_p2(ge_p2 *r,const ge_p3 *p)
 #endif
 
 
+#ifdef GE_P3_TOBYTES_IMPL
 /* ge p3 tobytes */
 void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
 {
@@ -9797,11 +9765,13 @@ void ge_p3_tobytes(unsigned char *s,const ge_p3 *h)
   fe_mul(x,h->X,recip);
   fe_mul(y,h->Y,recip);
   fe_tobytes(s,y);
-  s[31] ^= fe_isnegative(x) << 7;
+  s[31] ^= (unsigned char)(fe_isnegative(x) << 7);
 }
+#endif
 
 
 #ifndef CURVED25519_ASM
+#if defined(HAVE_ED25519_SIGN) || defined(HAVE_ED25519_MAKE_KEY)
 /* ge_precomp_0 */
 static void ge_precomp_0(ge_precomp *h)
 {
@@ -9810,6 +9780,7 @@ static void ge_precomp_0(ge_precomp *h)
   fe_0(h->xy2d);
 }
 #endif
+#endif
 
 
 /* ge_sub */
@@ -9817,9 +9788,9 @@ static void ge_precomp_0(ge_precomp *h)
 r = p - q
 */
 
+#ifndef CURVED25519_ASM
 static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
 {
-#ifndef CURVED25519_ASM
     ge t0;
     fe_add(r->X,p->Y,p->X);
     fe_sub(r->Y,p->Y,p->X);
@@ -9832,12 +9803,8 @@ static WC_INLINE void ge_sub(ge_p1p1 *r,const ge_p3 *p,const ge_cached *q)
     fe_add(r->Y,r->Z,r->Y);
     fe_sub(r->Z,t0,r->T);
     fe_add(r->T,t0,r->T);
-#else
-    fe_ge_sub(r->X, r->Y, r->Z, r->T, p->X, p->Y, p->Z, p->T, q->Z, q->T2d,
-              q->YplusX, q->YminusX);
-#endif
 }
-
+#endif
 
 /* ge tobytes */
 void ge_tobytes(unsigned char *s,const ge_p2 *h)
@@ -9850,7 +9817,7 @@ void ge_tobytes(unsigned char *s,const ge_p2 *h)
   fe_mul(x,h->X,recip);
   fe_mul(y,h->Y,recip);
   fe_tobytes(s,y);
-  s[31] ^= fe_isnegative(x) << 7;
+  s[31] ^= (unsigned char)(fe_isnegative(x) << 7);
 }
 
 #endif /* !ED25519_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
index 7a146359..7f614803 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hash.c
@@ -59,7 +59,8 @@ enum Hash_Sum  {
     SHA3_384h = 422,
     SHA3_512h = 423,
     SHAKE128h = 424,
-    SHAKE256h = 425
+    SHAKE256h = 425,
+    SM3h      = 640     /* 0x2A,0x81,0x1C,0xCF,0x55,0x01,0x83,0x11 */
 };
 #endif /* !NO_ASN */
 
@@ -121,6 +122,11 @@ enum wc_HashType wc_HashTypeConvert(int hashType)
             eHashType = WC_HASH_TYPE_SHA3_512;
             break;
     #endif /* WOLFSSL_SHA3 */
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            eHashType = WC_HASH_TYPE_SM3;
+            break;
+    #endif
         default:
             eHashType = WC_HASH_TYPE_NONE;
             break;
@@ -222,6 +228,11 @@ int wc_HashGetOID(enum wc_HashType hash_type)
             oid = SHAKE256h;
             break;
     #endif
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            oid = SM3h;
+            break;
+    #endif
 
         /* Not Supported */
         case WC_HASH_TYPE_MD4:
@@ -289,6 +300,11 @@ enum wc_HashType wc_OidGetHash(int oid)
             hash_type = WC_HASH_TYPE_SHA3_512;
             break;
     #endif /* WOLFSSL_SHA3 */
+    #ifdef WOLFSSL_SM3
+        case SM3h:
+            hash_type = WC_HASH_TYPE_SM3;
+            break;
+    #endif
         default:
             break;
     }
@@ -395,6 +411,12 @@ int wc_HashGetDigestSize(enum wc_HashType hash_type)
         #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            dig_size = WC_SM3_DIGEST_SIZE;
+            break;
+    #endif
+
         /* Not Supported */
     #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
         case WC_HASH_TYPE_SHAKE128:
@@ -508,6 +530,12 @@ int wc_HashGetBlockSize(enum wc_HashType hash_type)
         #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            block_size = WC_SM3_BLOCK_SIZE;
+            break;
+    #endif
+
         /* Not Supported */
     #if defined(WOLFSSL_SHA3) && defined(WOLFSSL_SHAKE128)
         case WC_HASH_TYPE_SHAKE128:
@@ -626,6 +654,12 @@ int wc_Hash(enum wc_HashType hash_type, const byte* data,
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_Sm3Hash(data, data_len, hash);
+            break;
+    #endif
+
         /* Not Supported */
         case WC_HASH_TYPE_MD2:
         case WC_HASH_TYPE_MD4:
@@ -723,6 +757,12 @@ int wc_HashInit_ex(wc_HashAlg* hash, enum wc_HashType type, void* heap,
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_InitSm3(&hash->sm3, heap, devId);
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -829,6 +869,12 @@ int wc_HashUpdate(wc_HashAlg* hash, enum wc_HashType type, const byte* data,
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_Sm3Update(&hash->sm3, data, dataSz);
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -926,6 +972,12 @@ int wc_HashFinal(wc_HashAlg* hash, enum wc_HashType type, byte* out)
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_Sm3Final(&hash->sm3, out);
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -1035,6 +1087,13 @@ int wc_HashFree(wc_HashAlg* hash, enum wc_HashType type)
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            wc_Sm3Free(&hash->sm3);
+            ret = 0;
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -1110,6 +1169,12 @@ int wc_HashSetFlags(wc_HashAlg* hash, enum wc_HashType type, word32 flags)
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_Sm3SetFlags(&hash->sm3, flags);
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -1183,6 +1248,12 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
 #endif
             break;
 
+    #ifdef WOLFSSL_SM3
+        case WC_HASH_TYPE_SM3:
+            ret = wc_Sm3GetFlags(&hash->sm3, flags);
+            break;
+    #endif
+
         /* not supported */
         case WC_HASH_TYPE_MD5_SHA:
         case WC_HASH_TYPE_MD2:
@@ -1763,6 +1834,43 @@ int wc_HashGetFlags(wc_HashAlg* hash, enum wc_HashType type, word32* flags)
 #endif /* WOLFSSL_SHAKE_256 */
 #endif /* WOLFSSL_SHA3 */
 
+#ifdef WOLFSSL_SM3
+    int wc_Sm3Hash(const byte* data, word32 len, byte* hash)
+    {
+        int ret = 0;
+    #ifdef WOLFSSL_SMALL_STACK
+        wc_Sm3* sm3;
+    #else
+        wc_Sm3 sm3[1];
+    #endif
+
+    #ifdef WOLFSSL_SMALL_STACK
+        sm3 = (wc_Sm3*)XMALLOC(sizeof(wc_Sm3), NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        if (sm3 == NULL)
+            return MEMORY_E;
+    #endif
+
+        if ((ret = wc_InitSm3(sm3, NULL, INVALID_DEVID)) != 0) {
+            WOLFSSL_MSG("InitSm3 failed");
+        }
+        else {
+            if ((ret = wc_Sm3Update(sm3, data, len)) != 0) {
+                WOLFSSL_MSG("Sm3Update failed");
+            }
+            else if ((ret = wc_Sm3Final(sm3, hash)) != 0) {
+                WOLFSSL_MSG("Sm3Final failed");
+            }
+            wc_Sm3Free(sm3);
+        }
+
+    #ifdef WOLFSSL_SMALL_STACK
+        XFREE(sm3, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+
+        return ret;
+    }
+#endif /* !WOLFSSL_NOSHA3_224 */
+
 #endif /* !NO_HASH_WRAPPER */
 
 #ifdef WOLFSSL_HASH_KEEP
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
index 05886875..83e693b2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hmac.c
@@ -65,82 +65,14 @@
 #endif
 
 
-/* fips wrapper calls, user can call direct */
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    /* does init */
-    int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 keySz)
-    {
-        if (hmac == NULL || (key == NULL && keySz != 0) ||
-           !(type == WC_MD5 || type == WC_SHA || type == WC_SHA256 ||
-                type == WC_SHA384 || type == WC_SHA512)) {
-            return BAD_FUNC_ARG;
-        }
-
-        return HmacSetKey_fips(hmac, type, key, keySz);
-    }
-    int wc_HmacUpdate(Hmac* hmac, const byte* in, word32 sz)
-    {
-        if (hmac == NULL || (in == NULL && sz > 0)) {
-            return BAD_FUNC_ARG;
-        }
-
-        return HmacUpdate_fips(hmac, in, sz);
-    }
-    int wc_HmacFinal(Hmac* hmac, byte* out)
-    {
-        if (hmac == NULL) {
-            return BAD_FUNC_ARG;
-        }
-
-        return HmacFinal_fips(hmac, out);
-    }
-    int wolfSSL_GetHmacMaxSize(void)
-    {
-        return CyaSSL_GetHmacMaxSize();
-    }
-
-    int wc_HmacInit(Hmac* hmac, void* heap, int devId)
-    {
-    #ifndef WOLFSSL_KCAPI_HMAC
-        (void)hmac;
-        (void)heap;
-        (void)devId;
-        return 0;
-    #else
-        return HmacInit(hmac, heap, devId);
-    #endif
-    }
-    void wc_HmacFree(Hmac* hmac)
-    {
-    #ifndef WOLFSSL_KCAPI_HMAC
-        (void)hmac;
-    #else
-        HmacFree(hmac);
-    #endif
-    }
-
-    #ifdef HAVE_HKDF
-        int wc_HKDF(int type, const byte* inKey, word32 inKeySz,
-                    const byte* salt, word32 saltSz,
-                    const byte* info, word32 infoSz,
-                    byte* out, word32 outSz)
-        {
-            return HKDF(type, inKey, inKeySz, salt, saltSz,
-                info, infoSz, out, outSz);
-        }
-    #endif /* HAVE_HKDF */
-
-#else /* else build without fips, or for new fips */
-
-
 int wc_HmacSizeByType(int type)
 {
     int ret;
 
     if (!(type == WC_MD5 || type == WC_SHA ||
+    #ifdef WOLFSSL_SM3
+            type == WC_SM3 ||
+    #endif
             type == WC_SHA224 || type == WC_SHA256 ||
             type == WC_SHA384 || type == WC_SHA512 ||
             type == WC_SHA3_224 || type == WC_SHA3_256 ||
@@ -200,7 +132,12 @@ int wc_HmacSizeByType(int type)
         case WC_SHA3_512:
             ret = WC_SHA3_512_DIGEST_SIZE;
             break;
+    #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = WC_SM3_DIGEST_SIZE;
+            break;
     #endif
 
         default:
@@ -278,6 +215,12 @@ int _InitHmac(Hmac* hmac, int type, void* heap)
     #endif
     #endif
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_InitSm3(&hmac->hash.sm3, heap, devId);
+            break;
+    #endif
+
         default:
             ret = BAD_FUNC_ARG;
             break;
@@ -306,6 +249,9 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
 
     if (hmac == NULL || (key == NULL && length != 0) ||
        !(type == WC_MD5 || type == WC_SHA ||
+    #ifdef WOLFSSL_SM3
+            type == WC_SM3 ||
+    #endif
             type == WC_SHA224 || type == WC_SHA256 ||
             type == WC_SHA384 || type == WC_SHA512 ||
             type == WC_SHA3_224 || type == WC_SHA3_256 ||
@@ -558,6 +504,27 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
     #endif
     #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            hmac_block_size = WC_SM3_BLOCK_SIZE;
+            if (length <= WC_SM3_BLOCK_SIZE) {
+                if (key != NULL) {
+                    XMEMCPY(ip, key, length);
+                }
+            }
+            else {
+                ret = wc_Sm3Update(&hmac->hash.sm3, key, length);
+                if (ret != 0)
+                    break;
+                ret = wc_Sm3Final(&hmac->hash.sm3, ip);
+                if (ret != 0)
+                    break;
+
+                length = WC_SM3_DIGEST_SIZE;
+            }
+            break;
+    #endif
+
         default:
             return BAD_FUNC_ARG;
     }
@@ -670,6 +637,13 @@ static int HmacKeyInnerHash(Hmac* hmac)
     #endif
     #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->ipad,
+                                                             WC_SM3_BLOCK_SIZE);
+            break;
+    #endif
+
         default:
             break;
     }
@@ -776,6 +750,12 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
     #endif
     #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_Sm3Update(&hmac->hash.sm3, msg, length);
+            break;
+    #endif
+
         default:
             break;
     }
@@ -993,6 +973,23 @@ int wc_HmacFinal(Hmac* hmac, byte* hash)
     #endif
     #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            ret = wc_Sm3Final(&hmac->hash.sm3, (byte*)hmac->innerHash);
+            if (ret != 0)
+                break;
+            ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->opad,
+                                                             WC_SM3_BLOCK_SIZE);
+            if (ret != 0)
+                break;
+            ret = wc_Sm3Update(&hmac->hash.sm3, (byte*)hmac->innerHash,
+                                                            WC_SM3_DIGEST_SIZE);
+            if (ret != 0)
+                break;
+            ret = wc_Sm3Final(&hmac->hash.sm3, hash);
+            break;
+    #endif
+
         default:
             ret = BAD_FUNC_ARG;
             break;
@@ -1167,9 +1164,17 @@ void wc_HmacFree(Hmac* hmac)
     #endif
     #endif /* WOLFSSL_SHA3 */
 
+    #ifdef WOLFSSL_SM3
+        case WC_SM3:
+            wc_Sm3Free(&hmac->hash.sm3);
+            break;
+    #endif
+
         default:
             break;
     }
+
+    ForceZero(hmac, sizeof(*hmac));
 }
 #endif /* WOLFSSL_KCAPI_HMAC */
 
@@ -1366,5 +1371,4 @@ int wolfSSL_GetHmacMaxSize(void)
 
 #endif /* HAVE_HKDF */
 
-#endif /* HAVE_FIPS */
 #endif /* NO_HMAC */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c b/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
index b0d7dc44..15e8d856 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/hpke.c
@@ -117,7 +117,7 @@ static int I2OSP(int n, int w, byte* out)
     }
 
     /* make sure the byte string is cleared */
-    XMEMSET( out, 0, w );
+    XMEMSET(out, 0, (size_t)w);
 
     for (i = 0; i < w && n > 0; i++) {
         out[w-(i + 1)] = (byte)n;
@@ -138,9 +138,9 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
     }
 
     XMEMSET(hpke, 0, sizeof(*hpke));
-    hpke->kem = kem;
-    hpke->kdf = kdf;
-    hpke->aead = aead;
+    hpke->kem = (word32)kem;
+    hpke->kdf = (word32)kdf;
+    hpke->aead = (word32)aead;
     hpke->heap = heap;
 
     /* set kem_suite_id */
@@ -177,7 +177,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
             hpke->curve_id = ECC_SECP256R1;
             hpke->Nsecret = WC_SHA256_DIGEST_SIZE;
             hpke->Nh = WC_SHA256_DIGEST_SIZE;
-            hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
             hpke->Npk = 1 + hpke->Ndh * 2;
             break;
 #endif
@@ -187,7 +187,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
             hpke->curve_id = ECC_SECP384R1;
             hpke->Nsecret = WC_SHA384_DIGEST_SIZE;
             hpke->Nh = WC_SHA384_DIGEST_SIZE;
-            hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
             hpke->Npk = 1 + hpke->Ndh * 2;
             break;
 #endif
@@ -197,7 +197,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
             hpke->curve_id = ECC_SECP521R1;
             hpke->Nsecret = WC_SHA512_DIGEST_SIZE;
             hpke->Nh = WC_SHA512_DIGEST_SIZE;
-            hpke->Ndh = wc_ecc_get_curve_size_from_id(hpke->curve_id);
+            hpke->Ndh = (word32)wc_ecc_get_curve_size_from_id(hpke->curve_id);
             hpke->Npk = 1 + hpke->Ndh * 2;
             break;
 #endif
@@ -272,7 +272,7 @@ int wc_HpkeInit(Hpke* hpke, int kem, int kdf, int aead, void* heap)
     }
 
     if ((int)hpke->Ndh < 0) {
-        return hpke->Ndh;
+        return (int)hpke->Ndh;
     }
 
     return ret;
@@ -332,7 +332,7 @@ int wc_HpkeGenerateKeyPair(Hpke* hpke, void** keypair, WC_RNG* rng)
         ret = MEMORY_E;
 
     if (ret != 0 && *keypair != NULL) {
-        wc_HpkeFreeKey(hpke, hpke->kem, *keypair, hpke->heap);
+        wc_HpkeFreeKey(hpke, (word16)hpke->kem, *keypair, hpke->heap);
         *keypair = NULL;
     }
 
@@ -373,7 +373,7 @@ int wc_HpkeSerializePublicKey(Hpke* hpke, void* key, byte* out, word16* outSz)
             break;
     }
 
-    *outSz = tmpOutSz;
+    *outSz = (word16)tmpOutSz;
 
     return ret;
 }
@@ -430,7 +430,7 @@ int wc_HpkeDeserializePublicKey(Hpke* hpke, void** key, const byte* in,
         ret = MEMORY_E;
 
     if (ret != 0 && *key != NULL) {
-        wc_HpkeFreeKey(hpke, hpke->kem, *key, hpke->heap);
+        wc_HpkeFreeKey(hpke, (word16)hpke->kem, *key, hpke->heap);
         *key = NULL;
     }
 
@@ -547,7 +547,7 @@ static int wc_HpkeLabeledExpand(Hpke* hpke, byte* suite_id, word32 suite_id_len,
 #endif
 
     /* copy length */
-    ret = I2OSP(L, 2, labeled_info);
+    ret = I2OSP((int)L, 2, labeled_info);
     labeled_info_p = labeled_info + 2;
 
     if (ret == 0) {
@@ -593,7 +593,7 @@ static int wc_HpkeContextComputeNonce(Hpke* hpke, HpkeBaseContext* context,
 
     /* convert the sequence into a byte string with the same length as the
      * nonce */
-    ret = I2OSP(context->seq, hpke->Nn, seq_bytes);
+    ret = I2OSP(context->seq, (int)hpke->Nn, seq_bytes);
     if (ret == 0) {
         xorbufout(out, context->base_nonce, seq_bytes, hpke->Nn);
     }
@@ -759,8 +759,8 @@ static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey,
         return BAD_FUNC_ARG;
     }
 
-    receiverPubKeySz = hpke->Npk;
-    ephemeralPubKeySz = hpke->Npk;
+    receiverPubKeySz = (word16)hpke->Npk;
+    ephemeralPubKeySz = (word16)hpke->Npk;
 
 #ifdef WOLFSSL_SMALL_STACK
     dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -785,8 +785,10 @@ static int wc_HpkeEncap(Hpke* hpke, void* ephemeralKey, void* receiverKey,
 #ifdef ECC_TIMING_RESISTANT
             rng = wc_rng_new(NULL, 0, hpke->heap);
 
-            if (rng == NULL)
-                return RNG_FAILURE_E;
+            if (rng == NULL) {
+                ret = RNG_FAILURE_E;
+                break;
+            }
 
             wc_ecc_set_rng((ecc_key*)ephemeralKey, rng);
 #endif
@@ -990,7 +992,7 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
         return BAD_FUNC_ARG;
     }
 
-    receiverPubKeySz = hpke->Npk;
+    receiverPubKeySz = (word16)hpke->Npk;
 
 #ifdef WOLFSSL_SMALL_STACK
     dh = (byte*)XMALLOC(hpke->Ndh, hpke->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -1048,7 +1050,7 @@ static int wc_HpkeDecap(Hpke* hpke, void* receiverKey, const byte* pubKey,
         }
 
     if (ephemeralKey != NULL)
-        wc_HpkeFreeKey(hpke, hpke->kem, ephemeralKey, hpke->heap);
+        wc_HpkeFreeKey(hpke, (word16)hpke->kem, ephemeralKey, hpke->heap);
 
     if (ret == 0) {
         /* copy pubKey into kemContext */
@@ -1125,6 +1127,7 @@ static int wc_HpkeContextOpenBase(Hpke* hpke, HpkeBaseContext* context,
         return BAD_FUNC_ARG;
     }
 
+    XMEMSET(nonce, 0, sizeof(nonce));
 #ifdef WOLFSSL_SMALL_STACK
     aes_key = (Aes*)XMALLOC(sizeof(Aes), hpke->heap, DYNAMIC_TYPE_AES);
     if (aes_key == NULL) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/include.am b/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
index 608b9356..2a501411 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/include.am
@@ -63,6 +63,8 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/arm/armv8-aes.c \
               wolfcrypt/src/port/arm/armv8-sha256.c \
               wolfcrypt/src/port/arm/armv8-chacha.c \
+              wolfcrypt/src/port/aria/aria-crypt.c \
+              wolfcrypt/src/port/aria/aria-cryptocb.c \
               wolfcrypt/src/port/nxp/ksdk_port.c \
               wolfcrypt/src/port/nxp/dcp_port.c \
               wolfcrypt/src/port/nxp/se050_port.c \
@@ -120,11 +122,12 @@ EXTRA_DIST += wolfcrypt/src/port/ti/ti-aes.c \
               wolfcrypt/src/port/arm/cryptoCellHash.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_aes.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_sha.c \
+              wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c \
               wolfcrypt/src/port/Renesas/renesas_tsip_util.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_util.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_aes.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_sha.c \
-              wolfcrypt/src/port/Renesas/renesas_sce_rsa.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_util.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c \
+              wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c \
               wolfcrypt/src/port/Renesas/renesas_common.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c \
               wolfcrypt/src/port/Renesas/renesas_rx64_hw_util.c \
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c b/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
index 5ea1cb5a..21ae2353 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/integer.c
@@ -553,6 +553,15 @@ int mp_exch (mp_int * a, mp_int * b)
   return MP_OKAY;
 }
 
+int mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m, mp_int * t)
+{
+    (void)c;
+    (void)t;
+    if (m == 1)
+        mp_exch(a, b);
+    return MP_OKAY;
+}
+
 int mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
 {
     (void)c;
@@ -946,7 +955,7 @@ int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
   }
 
 #ifdef BN_MP_EXPTMOD_BASE_2
-  if (G->used == 1 && G->dp[0] == 2) {
+  if (G->used == 1 && G->dp[0] == 2 && mp_isodd(P) == MP_YES) {
     return mp_exptmod_base_2(X, P, Y);
   }
 #endif
@@ -976,7 +985,7 @@ int wolfcrypt_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y)
   }
 #endif
 
-  /* if the modulus is odd or dr != 0 use the montgomery method */
+  /* if the modulus is odd use the montgomery method, or use other known */
 #ifdef BN_MP_EXPTMOD_FAST_C
   if (mp_isodd (P) == MP_YES || dr !=  0) {
     return mp_exptmod_fast (G, X, P, Y, dr);
@@ -1976,7 +1985,6 @@ int mp_dr_is_modulus(mp_int *a)
    return 1;
 }
 
-
 /* computes Y == G**X mod P, HAC pp.616, Algorithm 14.85
  *
  * Uses a left-to-right k-ary sliding window to compute the modular
@@ -2104,7 +2112,10 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y,
      if ((err = mp_reduce_2k_setup(P, &mp)) != MP_OKAY) {
         goto LBL_M;
      }
-     redux = mp_reduce_2k;
+     /* mp of zero is not usable */
+     if (mp != 0) {
+         redux = mp_reduce_2k;
+     }
 #endif
   }
 
@@ -3057,47 +3068,83 @@ int mp_submod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
 /* d = a + b (mod c) */
 int mp_addmod(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
 {
-   int     res;
-   mp_int  t;
+  int     res;
+  mp_int  t;
 
-   if ((res = mp_init (&t)) != MP_OKAY) {
-     return res;
-   }
+  if ((res = mp_init (&t)) != MP_OKAY) {
+    return res;
+  }
 
-   res = mp_add (a, b, &t);
-   if (res == MP_OKAY) {
-       res = mp_mod (&t, c, d);
-   }
+  res = mp_add (a, b, &t);
+  if (res == MP_OKAY) {
+    res = mp_mod (&t, c, d);
+  }
 
-   mp_clear (&t);
+  mp_clear (&t);
 
-   return res;
+  return res;
 }
 
 /* d = a - b (mod c) - a < c and b < c and positive */
 int mp_submod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
 {
-    int res;
+  int     res;
+  mp_int  t;
+  mp_int* r = d;
+
+  if (c == d) {
+    r = &t;
+
+    if ((res = mp_init (r)) != MP_OKAY) {
+      return res;
+    }
+  }
 
-    res = mp_sub(a, b, d);
-    if (res == MP_OKAY && mp_isneg(d)) {
-        res = mp_add(d, c, d);
+  res = mp_sub (a, b, r);
+  if (res == MP_OKAY) {
+    if (mp_isneg (r)) {
+      res = mp_add (r, c, d);
+    } else if (c == d) {
+      res = mp_copy (r, d);
     }
+  }
 
-    return res;
+  if (c == d) {
+    mp_clear (r);
+  }
+
+  return res;
 }
 
 /* d = a + b (mod c) - a < c and b < c and positive */
 int mp_addmod_ct(mp_int* a, mp_int* b, mp_int* c, mp_int* d)
 {
-    int res;
+  int     res;
+  mp_int  t;
+  mp_int* r = d;
+
+  if (c == d) {
+    r = &t;
+
+    if ((res = mp_init (r)) != MP_OKAY) {
+      return res;
+    }
+  }
 
-    res = mp_add(a, b, d);
-    if (res == MP_OKAY && mp_cmp(d, c) != MP_LT) {
-        res = mp_sub(d, c, d);
+  res = mp_add (a, b, r);
+  if (res == MP_OKAY) {
+    if (mp_cmp (r, c) != MP_LT) {
+      res = mp_sub (r, c, d);
+    } else if (c == d) {
+      res = mp_copy (r, d);
     }
+  }
 
-    return res;
+  if (c == d) {
+    mp_clear (r);
+  }
+
+  return res;
 }
 
 /* computes b = a*a */
@@ -3314,7 +3361,7 @@ int mp_init_size (mp_int * a, int size)
 }
 
 
-/* the jist of squaring...
+/* the list of squaring...
  * you do like mult except the offset of the tmpx [one that
  * starts closer to zero] can't equal the offset of tmpy.
  * So basically you set up iy like before then you min it with
@@ -4378,9 +4425,6 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) /* //NOLINT(misc-no-recursion) *
   /* old number of used digits in c */
   oldused = c->used;
 
-  /* sign always positive */
-  c->sign = MP_ZPOS;
-
   /* source alias */
   tmpa    = a->dp;
 
@@ -4431,6 +4475,9 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) /* //NOLINT(misc-no-recursion) *
      ix       = 1;
   }
 
+  /* sign always positive */
+  c->sign = MP_ZPOS;
+
   /* now zero to oldused */
   while (ix++ < oldused) {
      *tmpc++ = 0;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c b/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
index 948caf69..4921e5bb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/kdf.c
@@ -52,6 +52,9 @@
 
 #include <wolfssl/wolfcrypt/hmac.h>
 #include <wolfssl/wolfcrypt/kdf.h>
+#ifdef WC_SRTP_KDF
+#include <wolfssl/wolfcrypt/aes.h>
+#endif
 
 
 #if defined(WOLFSSL_HAVE_PRF) && !defined(NO_HMAC)
@@ -113,6 +116,13 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret,
         break;
     #endif
 
+    #ifdef WOLFSSL_SM3
+        case sm3_mac:
+            hash = WC_SM3;
+            len  = WC_SM3_DIGEST_SIZE;
+        break;
+    #endif
+
     #ifndef NO_SHA
         case sha_mac:
             hash = WC_SHA;
@@ -129,7 +139,7 @@ int wc_PRF(byte* result, word32 resLen, const byte* secret,
     if (lastLen)
         times += 1;
 
-    /* times == 0 iif resLen == 0, but times == 0 abides clang static analyzer
+    /* times == 0 if resLen == 0, but times == 0 abides clang static analyzer
        while resLen == 0 doesn't */
     if (times == 0)
         return BAD_FUNC_ARG;
@@ -376,6 +386,13 @@ int wc_PRF_TLS(byte* digest, word32 digLen, const byte* secret, word32 secLen,
                 len = WC_SHA512_DIGEST_SIZE;
                 break;
             #endif
+
+            #ifdef WOLFSSL_SM3
+            case WC_SM3:
+                len = WC_SM3_DIGEST_SIZE;
+                break;
+            #endif
+
             default:
                 return BAD_FUNC_ARG;
         }
@@ -856,4 +873,478 @@ int wc_SSH_KDF(byte hashId, byte keyId, byte* key, word32 keySz,
 
 #endif /* WOLFSSL_WOLFSSH */
 
+#ifdef WC_SRTP_KDF
+/* Calculate first block to encrypt.
+ *
+ * @param [in]  salt     Random value to XOR in.
+ * @param [in]  saltSz   Size of random value in bytes.
+ * @param [in]  kdrIdx   Key derivation rate. kdr = 0 when -1, otherwise
+ *                       kdr = 2^kdrIdx.
+ * @param [in]  index    Index value to XOR in.
+ * @param [in]  indexSz  Size of index value in bytes.
+ * @param [out] block    First block to encrypt.
+ */
+static void wc_srtp_kdf_first_block(const byte* salt, word32 saltSz, int kdrIdx,
+        const byte* index, byte indexSz, unsigned char* block)
+{
+    word32 i;
+
+    /* XOR salt into zeroized buffer. */
+    for (i = 0; i < WC_SRTP_MAX_SALT - saltSz; i++) {
+        block[i] = 0;
+    }
+    XMEMCPY(block + WC_SRTP_MAX_SALT - saltSz, salt, saltSz);
+    block[WC_SRTP_MAX_SALT] = 0;
+    /* block[15] is counter. */
+
+    /* When kdrIdx is -1, don't XOR in index. */
+    if (kdrIdx >= 0) {
+        /* Get the number of bits to shift index by. */
+        word32 bits = kdrIdx & 0x7;
+        /* Reduce index size by number of bytes to remove. */
+        indexSz -= kdrIdx >> 3;
+
+        if ((kdrIdx & 0x7) == 0) {
+            /* Just XOR in as no bit shifting. */
+            for (i = 0; i < indexSz; i++) {
+                block[i + WC_SRTP_MAX_SALT - indexSz] ^= index[i];
+            }
+        }
+        else {
+            /* XOR in as bit shifted index. */
+            block[WC_SRTP_MAX_SALT - indexSz] ^= index[0] >> bits;
+            for (i = 1; i < indexSz; i++) {
+                block[i + WC_SRTP_MAX_SALT - indexSz] ^=
+                    (index[i-1] << (8 - bits)) |
+                    (index[i+0] >>      bits );
+            }
+        }
+    }
+}
+
+/* Derive a key given the first block.
+ *
+ * @param [in, out] block    First block to encrypt. Need label XORed in.
+ * @param [in]      indexSz  Size of index in bytes to calculate where label is
+ *                           XORed into.
+ * @param [in]      label    Label byte that differs for each key.
+ * @param [out]     key      Derived key.
+ * @param [in]      keySz    Size of key to derive in bytes.
+ * @param [in]      aes      AES object to encrypt with.
+ * @return  0 on success.
+ */
+static int wc_srtp_kdf_derive_key(byte* block, byte indexSz, byte label,
+        byte* key, word32 keySz, Aes* aes)
+{
+    int i;
+    int ret = 0;
+    /* Calculate the number of full blocks needed for derived key. */
+    int blocks = keySz / AES_BLOCK_SIZE;
+
+    /* XOR in label. */
+    block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label;
+    for (i = 0; (ret == 0) && (i < blocks); i++) {
+        /* Set counter. */
+        block[15] = i;
+        /* Encrypt block into key buffer. */
+        ret = wc_AesEcbEncrypt(aes, key, block, AES_BLOCK_SIZE);
+        /* Reposition for more derived key. */
+        key += AES_BLOCK_SIZE;
+        /* Reduce the count of key bytes required. */
+        keySz -= AES_BLOCK_SIZE;
+    }
+    /* Do any partial blocks. */
+    if ((ret == 0) && (keySz > 0)) {
+        byte enc[AES_BLOCK_SIZE];
+        /* Set counter. */
+        block[15] = i;
+        /* Encrypt block into temporary. */
+        ret = wc_AesEcbEncrypt(aes, enc, block, AES_BLOCK_SIZE);
+        if (ret == 0) {
+            /* Copy into key required amount. */
+            XMEMCPY(key, enc, keySz);
+        }
+    }
+    /* XOR out label. */
+    block[WC_SRTP_MAX_SALT - indexSz - 1] ^= label;
+
+    return ret;
+}
+
+/* Derive keys using SRTP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in]  key      Key to use with encryption.
+ * @param [in]  keySz    Size of key in bytes.
+ * @param [in]  salt     Random non-secret value.
+ * @param [in]  saltSz   Size of random in bytes.
+ * @param [in]  kdrIdx   Key derivation rate. kdr = 0 when -1, otherwise
+ *                       kdr = 2^kdrIdx.
+ * @param [in]  index    Index value to XOR in.
+ * @param [out] key1     First key. Label value of 0x00.
+ * @param [in]  key1Sz   Size of first key in bytes.
+ * @param [out] key2     Second key. Label value of 0x01.
+ * @param [in]  key2Sz   Size of second key in bytes.
+ * @param [out] key3     Third key. Label value of 0x02.
+ * @param [in]  key3Sz   Size of third key in bytes.
+ * @return  BAD_FUNC_ARG when key or salt is NULL.
+ * @return  BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return  BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return  BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return  MEMORY_E on dynamic memory allocation failure.
+ * @return  0 on success.
+ */
+int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+        int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+        word32 key2Sz, byte* key3, word32 key3Sz)
+{
+    int ret = 0;
+    byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    Aes* aes = NULL;
+#else
+    Aes aes[1];
+#endif
+    int aes_inited = 0;
+
+    /* Validate parameters. */
+    if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+            (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    if (ret == 0) {
+        aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+        if (aes == NULL) {
+            ret = MEMORY_E;
+        }
+    }
+    if (aes != NULL)
+#endif
+    {
+        XMEMSET(aes, 0, sizeof(Aes));
+    }
+
+    /* Setup AES object. */
+    if (ret == 0) {
+        ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    }
+    if (ret == 0) {
+        aes_inited = 1;
+        ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+    }
+
+    /* Calculate first block that can be used in each derivation. */
+    if (ret == 0) {
+        wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTP_INDEX_LEN,
+            block);
+    }
+
+    /* Calculate first key if required. */
+    if ((ret == 0) && (key1 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+            WC_SRTP_LABEL_ENCRYPTION, key1, key1Sz, aes);
+    }
+    /* Calculate second key if required. */
+    if ((ret == 0) && (key2 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+            WC_SRTP_LABEL_MSG_AUTH, key2, key2Sz, aes);
+    }
+    /* Calculate third key if required. */
+    if ((ret == 0) && (key3 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN,
+            WC_SRTP_LABEL_SALT, key3, key3Sz, aes);
+    }
+
+    if (aes_inited)
+        wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+    return ret;
+}
+
+/* Derive keys using SRTCP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in]  key      Key to use with encryption.
+ * @param [in]  keySz    Size of key in bytes.
+ * @param [in]  salt     Random non-secret value.
+ * @param [in]  saltSz   Size of random in bytes.
+ * @param [in]  kdrIdx   Key derivation rate index. kdr = 0 when -1, otherwise
+ *                       kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in]  index    Index value to XOR in.
+ * @param [out] key1     First key. Label value of 0x03.
+ * @param [in]  key1Sz   Size of first key in bytes.
+ * @param [out] key2     Second key. Label value of 0x04.
+ * @param [in]  key2Sz   Size of second key in bytes.
+ * @param [out] key3     Third key. Label value of 0x05.
+ * @param [in]  key3Sz   Size of third key in bytes.
+ * @return  BAD_FUNC_ARG when key or salt is NULL.
+ * @return  BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return  BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return  BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return  MEMORY_E on dynamic memory allocation failure.
+ * @return  0 on success.
+ */
+int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt, word32 saltSz,
+        int kdrIdx, const byte* index, byte* key1, word32 key1Sz, byte* key2,
+        word32 key2Sz, byte* key3, word32 key3Sz)
+{
+    int ret = 0;
+    byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    Aes* aes = NULL;
+#else
+    Aes aes[1];
+#endif
+    int aes_inited = 0;
+
+    /* Validate parameters. */
+    if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+            (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    if (ret == 0) {
+        aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+        if (aes == NULL) {
+            ret = MEMORY_E;
+        }
+    }
+    if (aes != NULL)
+#endif
+    {
+        XMEMSET(aes, 0, sizeof(Aes));
+    }
+
+    /* Setup AES object. */
+    if (ret == 0) {
+        ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    }
+    if (ret == 0) {
+        aes_inited = 1;
+        ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+    }
+
+    /* Calculate first block that can be used in each derivation. */
+    if (ret == 0) {
+        wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTCP_INDEX_LEN,
+            block);
+    }
+
+    /* Calculate first key if required. */
+    if ((ret == 0) && (key1 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+            WC_SRTCP_LABEL_ENCRYPTION, key1, key1Sz, aes);
+    }
+    /* Calculate second key if required. */
+    if ((ret == 0) && (key2 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+            WC_SRTCP_LABEL_MSG_AUTH, key2, key2Sz, aes);
+    }
+    /* Calculate third key if required. */
+    if ((ret == 0) && (key3 != NULL)) {
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN,
+            WC_SRTCP_LABEL_SALT, key3, key3Sz, aes);
+    }
+
+    if (aes_inited)
+        wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+    return ret;
+}
+
+/* Derive key with label using SRTP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in]  key       Key to use with encryption.
+ * @param [in]  keySz     Size of key in bytes.
+ * @param [in]  salt      Random non-secret value.
+ * @param [in]  saltSz    Size of random in bytes.
+ * @param [in]  kdrIdx    Key derivation rate index. kdr = 0 when -1, otherwise
+ *                        kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in]  index     Index value to XOR in.
+ * @param [in]  label     Label to use when deriving key.
+ * @param [out] outKey    Derived key.
+ * @param [in]  outKeySz  Size of derived key in bytes.
+ * @return  BAD_FUNC_ARG when key, salt or outKey is NULL.
+ * @return  BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return  BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return  BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return  MEMORY_E on dynamic memory allocation failure.
+ * @return  0 on success.
+ */
+int wc_SRTP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+        word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+        word32 outKeySz)
+{
+    int ret = 0;
+    byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    Aes* aes = NULL;
+#else
+    Aes aes[1];
+#endif
+    int aes_inited = 0;
+
+    /* Validate parameters. */
+    if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+            (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
+            (outKey == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    if (ret == 0) {
+        aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+        if (aes == NULL) {
+            ret = MEMORY_E;
+        }
+    }
+    if (aes != NULL)
+#endif
+    {
+        XMEMSET(aes, 0, sizeof(Aes));
+    }
+
+    /* Setup AES object. */
+    if (ret == 0) {
+        ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    }
+    if (ret == 0) {
+        aes_inited = 1;
+        ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+    }
+
+    /* Calculate first block that can be used in each derivation. */
+    if (ret == 0) {
+        wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTP_INDEX_LEN,
+            block);
+    }
+    if (ret == 0) {
+        /* Calculate key. */
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTP_INDEX_LEN, label, outKey,
+            outKeySz, aes);
+    }
+
+    if (aes_inited)
+        wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+    return ret;
+
+}
+
+/* Derive key with label using SRTCP KDF algorithm.
+ *
+ * SP 800-135 (RFC 3711).
+ *
+ * @param [in]  key       Key to use with encryption.
+ * @param [in]  keySz     Size of key in bytes.
+ * @param [in]  salt      Random non-secret value.
+ * @param [in]  saltSz    Size of random in bytes.
+ * @param [in]  kdrIdx    Key derivation rate index. kdr = 0 when -1, otherwise
+ *                        kdr = 2^kdrIdx. See wc_SRTP_KDF_kdr_to_idx()
+ * @param [in]  index     Index value to XOR in.
+ * @param [in]  label     Label to use when deriving key.
+ * @param [out] outKey    Derived key.
+ * @param [in]  outKeySz  Size of derived key in bytes.
+ * @return  BAD_FUNC_ARG when key, salt or outKey is NULL.
+ * @return  BAD_FUNC_ARG when key length is not 16, 24 or 32.
+ * @return  BAD_FUNC_ARG when saltSz is larger than 14.
+ * @return  BAD_FUNC_ARG when kdrIdx is less than -1 or larger than 24.
+ * @return  MEMORY_E on dynamic memory allocation failure.
+ * @return  0 on success.
+ */
+int wc_SRTCP_KDF_label(const byte* key, word32 keySz, const byte* salt,
+        word32 saltSz, int kdrIdx, const byte* index, byte label, byte* outKey,
+        word32 outKeySz)
+{
+    int ret = 0;
+    byte block[AES_BLOCK_SIZE];
+#ifdef WOLFSSL_SMALL_STACK
+    Aes* aes = NULL;
+#else
+    Aes aes[1];
+#endif
+    int aes_inited = 0;
+
+    /* Validate parameters. */
+    if ((key == NULL) || (keySz > AES_256_KEY_SIZE) || (salt == NULL) ||
+            (saltSz > WC_SRTP_MAX_SALT) || (kdrIdx < -1) || (kdrIdx > 24) ||
+            (outKey == NULL)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_SMALL_STACK
+    if (ret == 0) {
+        aes = (Aes*)XMALLOC(sizeof(Aes), NULL, DYNAMIC_TYPE_CIPHER);
+        if (aes == NULL) {
+            ret = MEMORY_E;
+        }
+    }
+    if (aes != NULL)
+#endif
+    {
+        XMEMSET(aes, 0, sizeof(Aes));
+    }
+
+    /* Setup AES object. */
+    if (ret == 0) {
+        ret = wc_AesInit(aes, NULL, INVALID_DEVID);
+    }
+    if (ret == 0) {
+        aes_inited = 1;
+        ret = wc_AesSetKey(aes, key, keySz, NULL, AES_ENCRYPTION);
+    }
+
+    /* Calculate first block that can be used in each derivation. */
+    if (ret == 0) {
+        wc_srtp_kdf_first_block(salt, saltSz, kdrIdx, index, WC_SRTCP_INDEX_LEN,
+            block);
+    }
+    if (ret == 0) {
+        /* Calculate key. */
+        ret = wc_srtp_kdf_derive_key(block, WC_SRTCP_INDEX_LEN, label, outKey,
+            outKeySz, aes);
+    }
+
+    if (aes_inited)
+        wc_AesFree(aes);
+#ifdef WOLFSSL_SMALL_STACK
+    XFREE(aes, NULL, DYNAMIC_TYPE_CIPHER);
+#endif
+    return ret;
+
+}
+
+/* Converts a kdr value to an index to use in SRTP/SRTCP KDF API.
+ *
+ * @param [in] kdr  Key derivation rate to convert.
+ * @return  Key derivation rate as an index.
+ */
+int wc_SRTP_KDF_kdr_to_idx(word32 kdr)
+{
+    int idx = -1;
+
+    /* Keep shifting value down and incrementing index until top bit is gone. */
+    while (kdr != 0) {
+        kdr >>= 1;
+        idx++;
+    }
+
+    /* Index of top bit set. */
+    return idx;
+}
+#endif /* WC_SRTP_KDF */
+
 #endif /* NO_KDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c b/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
index 04d218d1..afa0c6f0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/logging.c
@@ -127,6 +127,7 @@ THREAD_LS_T void *StackSizeCheck_stackOffsetPointer = 0;
 /* Set these to default values initially. */
 static wolfSSL_Logging_cb log_function = NULL;
 static int loggingEnabled = 0;
+THREAD_LS_T const char* log_prefix = NULL;
 
 #if defined(WOLFSSL_APACHE_MYNEWT)
 #include "log/log.h"
@@ -135,13 +136,6 @@ static struct log mynewt_log;
 
 #endif /* DEBUG_WOLFSSL */
 
-#ifdef DEBUG_VECTOR_REGISTER_ACCESS
-THREAD_LS_T int wc_svr_count = 0;
-THREAD_LS_T const char *wc_svr_last_file = NULL;
-THREAD_LS_T int wc_svr_last_line = -1;
-#endif
-
-
 /* allow this to be set to NULL, so logs can be redirected to default output */
 int wolfSSL_SetLoggingCb(wolfSSL_Logging_cb f)
 {
@@ -186,6 +180,15 @@ void wolfSSL_Debugging_OFF(void)
 #endif
 }
 
+WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix)
+{
+#ifdef DEBUG_WOLFSSL
+    log_prefix = prefix;
+#else
+    (void)prefix;
+#endif
+}
+
 #ifdef WOLFSSL_FUNC_TIME
 /* WARNING: This code is only to be used for debugging performance.
  *          The code is not thread-safe.
@@ -316,14 +319,17 @@ static void wolfssl_log(const int logLevel, const char *const logMessage)
       defined(HAVE_STACK_SIZE_VERBOSE) && defined(HAVE_STACK_SIZE_VERBOSE_LOG)
         STACK_SIZE_CHECKPOINT_MSG(logMessage);
 #else
-        fprintf(stderr, "%s\n", logMessage);
+        if (log_prefix != NULL)
+            fprintf(stderr, "[%s]: %s\n", log_prefix, logMessage);
+        else
+            fprintf(stderr, "%s\n", logMessage);
 #endif
     }
 }
 
 #ifndef WOLFSSL_DEBUG_ERRORS_ONLY
 
-#if !defined(_WIN32) && defined(XVSNPRINTF) && !defined(NO_WOLFSSL_MSG_EX)
+#if defined(XVSNPRINTF) && !defined(NO_WOLFSSL_MSG_EX)
 #include <stdarg.h> /* for var args */
 #ifndef WOLFSSL_MSG_EX_BUF_SZ
 #define WOLFSSL_MSG_EX_BUF_SZ 100
@@ -430,7 +436,7 @@ WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void)
 #endif /* !WOLFSSL_DEBUG_ERRORS_ONLY */
 #endif /* DEBUG_WOLFSSL */
 
-#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
 
 #ifdef WOLFSSL_HAVE_ERROR_QUEUE
 
@@ -477,7 +483,7 @@ static int get_abs_idx(int relative_idx)
         return (int)((wc_errors.head_idx + wc_errors.count - 1)
                       % ERROR_QUEUE_MAX);
     }
-    return (int)((wc_errors.head_idx + relative_idx) % ERROR_QUEUE_MAX);
+    return (int)((wc_errors.head_idx + (size_t)relative_idx) % ERROR_QUEUE_MAX);
 }
 
 /**
@@ -526,13 +532,13 @@ static int pass_entry(struct wc_error_entry *entry,
 static void set_entry(struct wc_error_entry *entry, int error,
                       const char *file, const char *reason, int line)
 {
-    int sz;
+    size_t sz;
 
     XMEMSET(entry, 0, sizeof(struct wc_error_entry));
     entry->err = error;
 
     entry->line  = line;
-    sz = (int)XSTRLEN(reason);
+    sz = XSTRLEN(reason);
     if (sz > WOLFSSL_MAX_ERROR_SZ - 1) {
         sz = WOLFSSL_MAX_ERROR_SZ - 1;
     }
@@ -541,7 +547,7 @@ static void set_entry(struct wc_error_entry *entry, int error,
         entry->reason[WOLFSSL_MAX_ERROR_SZ - 1] = '\0';
     }
 
-    sz = (int)XSTRLEN(file);
+    sz = XSTRLEN(file);
     if (sz > WOLFSSL_MAX_ERROR_SZ - 1) {
         sz = WOLFSSL_MAX_ERROR_SZ - 1;
     }
@@ -628,7 +634,7 @@ void wc_RemoveErrorNode(int relative_idx)
         if (abs_idx >= (int)wc_errors.head_idx) {
             /* removed entry sits "above" head (or is head),
              * move entries below it "up" */
-            move_count = (abs_idx - (int)wc_errors.head_idx);
+            move_count = (size_t)abs_idx - wc_errors.head_idx;
             if (move_count > 0) {
                 XMEMMOVE(&wc_errors.entries[wc_errors.head_idx + 1],
                          &wc_errors.entries[wc_errors.head_idx],
@@ -642,7 +648,7 @@ void wc_RemoveErrorNode(int relative_idx)
              * move entries above it "down" */
             int last_idx = get_abs_idx(-1);
             if (last_idx >= abs_idx) {  /* this SHOULD always be true */
-                move_count = (last_idx - abs_idx);
+                move_count = (size_t)(last_idx - abs_idx);
                 if (move_count > 0) {
                     XMEMMOVE(&wc_errors.entries[abs_idx],
                              &wc_errors.entries[abs_idx + 1],
@@ -725,7 +731,7 @@ unsigned long wc_PeekErrorNodeLineData(const char **file, int *line,
 
 /**
  * Get the error value at the HEAD of the ERR queue or 0 if the queue
- * is emtpy. The HEAD entry is removed by this call.
+ * is empty. The HEAD entry is removed by this call.
  */
 unsigned long wc_GetErrorNodeErr(void)
 {
@@ -746,7 +752,7 @@ unsigned long wc_GetErrorNodeErr(void)
             wc_ClearErrorNodes();
         }
     }
-    return ret;
+    return (unsigned long)ret;
 }
 
 #if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM)
@@ -1450,7 +1456,8 @@ void wc_ERR_print_errors_fp(XFILE fp)
 
 #endif /* !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) */
 
-#endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) */
+#endif /* defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+          || defined(HAVE_MEMCACHED) */
 
 /*
  * When using OPENSSL_EXTRA or DEBUG_WOLFSSL_VERBOSE macro then WOLFSSL_ERROR is
@@ -1495,7 +1502,7 @@ void WOLFSSL_ERROR(int error)
                     "wolfSSL error occurred, error = %d line:%u file:%s",
                     error, line, file);
 
-            if (wc_AddErrorNode(error, line, buffer, (char*)file) != 0) {
+            if (wc_AddErrorNode(error, (int)line, buffer, (char*)file) != 0) {
                 WOLFSSL_MSG("Error creating logging node");
                 /* with void function there is no return here, continue on
                  * to unlock mutex and log what buffer was created. */
@@ -1533,4 +1540,3 @@ void WOLFSSL_ERROR_MSG(const char* msg)
 }
 
 #endif  /* DEBUG_WOLFSSL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
-
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c b/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
index 480d6937..789704e6 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/md2.c
@@ -107,7 +107,7 @@ void wc_Md2Update(Md2* md2, const byte* data, word32 len)
                     t = md2->X[j+6] ^= S[t];
                     t = md2->X[j+7] ^= S[t];
                 }
-                t = (t + i) & 0xFF;
+                t = (byte)((t + i) & 0xFF);
             }
         }
     }
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c b/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
index f70206ba..565d9107 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/memory.c
@@ -31,16 +31,7 @@
     #define WOLFSSL_NEED_LINUX_CURRENT
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
-
-/* check old macros @wc_fips */
-#if defined(USE_CYASSL_MEMORY) && !defined(USE_WOLFSSL_MEMORY)
-    #define USE_WOLFSSL_MEMORY
-#endif
-#if defined(CYASSL_MALLOC_CHECK) && !defined(WOLFSSL_MALLOC_CHECK)
-    #define WOLFSSL_MALLOC_CHECK
-#endif
-
+#include <wolfssl/wolfcrypt/types.h>
 
 /*
 Possible memory options:
@@ -128,6 +119,51 @@ int wolfSSL_GetAllocators(wolfSSL_Malloc_cb*  mf,
     return 0;
 }
 
+#ifdef WOLFSSL_MEM_FAIL_COUNT
+static wolfSSL_Mutex memFailMutex;
+int mem_fail_allocs = 0;
+int mem_fail_frees = 0;
+int mem_fail_cnt = 0;
+
+void wc_MemFailCount_Init()
+{
+    char* cnt;
+    wc_InitMutex(&memFailMutex);
+    cnt = getenv("MEM_FAIL_CNT");
+    if (cnt != NULL) {
+        fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
+        mem_fail_cnt = atoi(cnt);
+    }
+}
+static int wc_MemFailCount_AllocMem(void)
+{
+    int ret = 1;
+
+    wc_LockMutex(&memFailMutex);
+    if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
+        ret = 0;
+    }
+    else {
+        mem_fail_allocs++;
+    }
+    wc_UnLockMutex(&memFailMutex);
+
+    return ret;
+}
+static void wc_MemFailCount_FreeMem(void)
+{
+    wc_LockMutex(&memFailMutex);
+    mem_fail_frees++;
+    wc_UnLockMutex(&memFailMutex);
+}
+void wc_MemFailCount_Free()
+{
+    wc_FreeMutex(&memFailMutex);
+    fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
+    fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
+}
+#endif
+
 #ifndef WOLFSSL_STATIC_MEMORY
 #ifdef WOLFSSL_CHECK_MEM_ZERO
 
@@ -269,50 +305,6 @@ void wc_MemZero_Check(void* addr, size_t len)
 }
 #endif /* WOLFSSL_CHECK_MEM_ZERO */
 
-#ifdef WOLFSSL_MEM_FAIL_COUNT
-static wolfSSL_Mutex memFailMutex;
-int mem_fail_allocs = 0;
-int mem_fail_frees = 0;
-int mem_fail_cnt = 0;
-
-void wc_MemFailCount_Init()
-{
-    wc_InitMutex(&memFailMutex);
-    char* cnt = getenv("MEM_FAIL_CNT");
-    if (cnt != NULL) {
-        fprintf(stderr, "MemFailCount At: %d\n", mem_fail_cnt);
-        mem_fail_cnt = atoi(cnt);
-    }
-}
-static int wc_MemFailCount_AllocMem(void)
-{
-    int ret = 1;
-
-    wc_LockMutex(&memFailMutex);
-    if ((mem_fail_cnt > 0) && (mem_fail_cnt <= mem_fail_allocs + 1)) {
-        ret = 0;
-    }
-    else {
-        mem_fail_allocs++;
-    }
-    wc_UnLockMutex(&memFailMutex);
-
-    return ret;
-}
-static void wc_MemFailCount_FreeMem(void)
-{
-    wc_LockMutex(&memFailMutex);
-    mem_fail_frees++;
-    wc_UnLockMutex(&memFailMutex);
-}
-void wc_MemFailCount_Free()
-{
-    wc_FreeMutex(&memFailMutex);
-    fprintf(stderr, "MemFailCount Total: %d\n", mem_fail_allocs);
-    fprintf(stderr, "MemFailCount Frees: %d\n", mem_fail_frees);
-}
-#endif
-
 #ifdef WOLFSSL_DEBUG_MEMORY
 void* wolfSSL_Malloc(size_t size, const char* func, unsigned int line)
 #else
@@ -1239,7 +1231,6 @@ void* wolfSSL_Realloc(void *ptr, size_t size, void* heap, int type)
 
 /* Example for user io pool, shared build may need definitions in lib proper */
 
-#include <wolfssl/wolfcrypt/types.h>
 #include <stdlib.h>
 
 #ifndef HAVE_THREAD_LS
@@ -1324,8 +1315,13 @@ void *xmalloc(size_t n, void* heap, int type, const char* func,
     }
 #endif
 
-    if (malloc_function)
+    if (malloc_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
         p32 = malloc_function(n + sizeof(word32) * 4);
+#else
+        p32 = malloc_function(n + sizeof(word32) * 4, heap, type);
+#endif
+    }
     else
         p32 = malloc(n + sizeof(word32) * 4);
 
@@ -1362,8 +1358,13 @@ void *xrealloc(void *p, size_t n, void* heap, int type, const char* func,
         oldLen = oldp32[0];
     }
 
-    if (realloc_function)
+    if (realloc_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
         p32 = realloc_function(oldp32, n + sizeof(word32) * 4);
+#else
+        p32 = realloc_function(oldp32, n + sizeof(word32) * 4, heap, type);
+#endif
+    }
     else
         p32 = realloc(oldp32, n + sizeof(word32) * 4);
 
@@ -1403,8 +1404,13 @@ void xfree(void *p, void* heap, int type, const char* func, const char* file,
         fprintf(stderr, "Free: %p -> %u (%d) at %s:%s:%u\n", p, p32[0], type,
                                                               func, file, line);
 
-        if (free_function)
+        if (free_function) {
+#ifndef WOLFSSL_STATIC_MEMORY
             free_function(p32);
+#else
+            free_function(p32, heap, type);
+#endif
+        }
         else
             free(p32);
     }
@@ -1432,6 +1438,106 @@ void __attribute__((no_instrument_function))
 }
 #endif
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+static const byte wc_debug_cipher_lifecycle_tag_value[] =
+    { 'W', 'o', 'l', 'f' };
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(
+    void **CipherLifecycleTag,
+    void *heap)
+{
+    if (CipherLifecycleTag == NULL)
+        return BAD_FUNC_ARG;
+    *CipherLifecycleTag = (void *)XMALLOC(
+        sizeof(wc_debug_cipher_lifecycle_tag_value),
+        heap,
+        DYNAMIC_TYPE_DEBUG_TAG);
+    if (*CipherLifecycleTag == NULL)
+        return MEMORY_E;
+    XMEMCPY(*CipherLifecycleTag,
+            wc_debug_cipher_lifecycle_tag_value,
+            sizeof(wc_debug_cipher_lifecycle_tag_value));
+    return 0;
+}
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleCheck(
+    void *CipherLifecycleTag,
+    int abort_p)
+{
+    int ret;
+    if (CipherLifecycleTag == NULL) {
+        ret = BAD_STATE_E;
+        goto out;
+    }
+    if (XMEMCMP(CipherLifecycleTag,
+                wc_debug_cipher_lifecycle_tag_value,
+                sizeof(wc_debug_cipher_lifecycle_tag_value)) != 0)
+    {
+        ret = BAD_STATE_E;
+        goto out;
+    }
+    ret = 0;
+
+out:
+    if ((ret < 0) && abort_p)
+        abort();
+
+    return ret;
+}
+
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(
+    void **CipherLifecycleTag,
+    void *heap,
+    int abort_p)
+{
+    int ret;
+    if (CipherLifecycleTag == NULL)
+        return BAD_FUNC_ARG;
+    ret = wc_debug_CipherLifecycleCheck(*CipherLifecycleTag, abort_p);
+    if (ret != 0)
+        return ret;
+    XFREE(*CipherLifecycleTag, heap, DYNAMIC_TYPE_DEBUG_TAG);
+    *CipherLifecycleTag = NULL;
+    return 0;
+}
+#endif /* WC_DEBUG_CIPHER_LIFECYCLE */
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS
+THREAD_LS_T int wc_svr_count = 0;
+THREAD_LS_T const char *wc_svr_last_file = NULL;
+THREAD_LS_T int wc_svr_last_line = -1;
+THREAD_LS_T int wc_debug_vector_registers_retval =
+    WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL;
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
+
+WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void) {
+    static THREAD_LS_T struct drand48_data wc_svr_fuzzing_state;
+    static THREAD_LS_T int wc_svr_fuzzing_seeded = 0;
+    long result;
+
+    if (wc_debug_vector_registers_retval)
+        return wc_debug_vector_registers_retval;
+
+    if (wc_svr_fuzzing_seeded == 0) {
+        long seed = WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED;
+        char *seed_envstr = getenv("WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED");
+        if (seed_envstr)
+            seed = strtol(seed_envstr, NULL, 0);
+        (void)srand48_r(seed, &wc_svr_fuzzing_state);
+        wc_svr_fuzzing_seeded = 1;
+    }
+    (void)lrand48_r(&wc_svr_fuzzing_state, &result);
+    if (result & 1)
+        return IO_FAILED_E;
+    else
+        return 0;
+}
+
+#endif
+
+#endif
+
 #ifdef WOLFSSL_LINUXKM
     #include "../../linuxkm/linuxkm_memory.c"
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
index f80c9c64..62cd9b40 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/misc.c
@@ -104,13 +104,13 @@ masking and clearing memory logic.
 
     WC_MISC_STATIC WC_INLINE word32 rotlFixed(word32 x, word32 y)
     {
-        return (x << y) | (x >> (sizeof(y) * 8 - y));
+        return (x << y) | (x >> (sizeof(x) * 8 - y));
     }
 
 /* This routine performs a right circular arithmetic shift of <x> by <y> value. */
     WC_MISC_STATIC WC_INLINE word32 rotrFixed(word32 x, word32 y)
     {
-        return (x >> y) | (x << (sizeof(y) * 8 - y));
+        return (x >> y) | (x << (sizeof(x) * 8 - y));
     }
 
 #endif
@@ -120,14 +120,14 @@ masking and clearing memory logic.
 /* This routine performs a left circular arithmetic shift of <x> by <y> value */
 WC_MISC_STATIC WC_INLINE word16 rotlFixed16(word16 x, word16 y)
 {
-    return (x << y) | (x >> (sizeof(y) * 8 - y));
+    return (x << y) | (x >> (sizeof(x) * 8 - y));
 }
 
 
 /* This routine performs a right circular arithmetic shift of <x> by <y> value */
 WC_MISC_STATIC WC_INLINE word16 rotrFixed16(word16 x, word16 y)
 {
-    return (x >> y) | (x << (sizeof(y) * 8 - y));
+    return (x >> y) | (x << (sizeof(x) * 8 - y));
 }
 
 #endif /* WC_RC2 */
@@ -273,11 +273,11 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
 {
     word32      i;
     byte*       o;
-    byte*       b;
+    const byte* b;
     const byte* m;
 
     o = (byte*)out;
-    b = (byte*)buf;
+    b = (const byte*)buf;
     m = (const byte*)mask;
 
 
@@ -285,6 +285,15 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
             ((wc_ptr_t)b) % WOLFSSL_WORD_SIZE &&
             ((wc_ptr_t)b) % WOLFSSL_WORD_SIZE ==
                         ((wc_ptr_t)m) % WOLFSSL_WORD_SIZE) {
+        /* type-punning helpers */
+        union {
+            byte* bp;
+            wolfssl_word* wp;
+        } tpo;
+        union {
+            const byte* bp;
+            const wolfssl_word* wp;
+        } tpb, tpm;
         /* Alignment checks out. Possible to XOR words. */
         /* Move alignment so that it lines up with a
          * WOLFSSL_WORD_SIZE boundary */
@@ -292,8 +301,13 @@ WC_MISC_STATIC WC_INLINE void xorbufout(void* out, const void* buf,
             *(o++) = (byte)(*(b++) ^ *(m++));
             count--;
         }
-        XorWordsOut( (wolfssl_word**)&o, (const wolfssl_word**)&b,
-                     (const wolfssl_word**)&m, count / WOLFSSL_WORD_SIZE);
+        tpo.bp = o;
+        tpb.bp = b;
+        tpm.bp = m;
+        XorWordsOut( &tpo.wp, &tpb.wp, &tpm.wp, count / WOLFSSL_WORD_SIZE);
+        o = tpo.bp;
+        b = tpb.bp;
+        m = tpm.bp;
         count %= WOLFSSL_WORD_SIZE;
     }
 
@@ -326,6 +340,15 @@ WC_MISC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
 
     if (((wc_ptr_t)b) % WOLFSSL_WORD_SIZE ==
             ((wc_ptr_t)m) % WOLFSSL_WORD_SIZE) {
+        /* type-punning helpers */
+        union {
+            byte* bp;
+            wolfssl_word* wp;
+        } tpb;
+        union {
+            const byte* bp;
+            const wolfssl_word* wp;
+        } tpm;
         /* Alignment checks out. Possible to XOR words. */
         /* Move alignment so that it lines up with a
          * WOLFSSL_WORD_SIZE boundary */
@@ -333,8 +356,11 @@ WC_MISC_STATIC WC_INLINE void xorbuf(void* buf, const void* mask, word32 count)
             *(b++) ^= *(m++);
             count--;
         }
-        XorWords( (wolfssl_word**)&b,
-                  (const wolfssl_word**)&m, count / WOLFSSL_WORD_SIZE);
+        tpb.bp = b;
+        tpm.bp = m;
+        XorWords( &tpb.wp, &tpm.wp, count / WOLFSSL_WORD_SIZE);
+        b = tpb.bp;
+        m = tpm.bp;
         count %= WOLFSSL_WORD_SIZE;
     }
 
@@ -472,6 +498,15 @@ WC_MISC_STATIC WC_INLINE void ato32(const byte* c, word32* wc_u32)
                (word32)c[3];
 }
 
+/* convert opaque to 32 bit integer. Interpret as little endian. */
+WC_MISC_STATIC WC_INLINE void ato32le(const byte* c, word32* wc_u32)
+{
+    *wc_u32 =  (word32)c[0] |
+              ((word32)c[1] << 8) |
+              ((word32)c[2] << 16) |
+              ((word32)c[3] << 24);
+}
+
 
 WC_MISC_STATIC WC_INLINE word32 btoi(byte b)
 {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
index 47a58346..22e64150 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs12.c
@@ -28,7 +28,8 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #if defined(HAVE_PKCS12) && \
-    !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC)
+    !defined(NO_ASN) && !defined(NO_PWDBASED) && !defined(NO_HMAC) && \
+    !defined(NO_CERTS)
 
 #include <wolfssl/wolfcrypt/asn.h>
 #include <wolfssl/wolfcrypt/asn_public.h>
@@ -1229,7 +1230,7 @@ static int PKCS12_CheckConstructedZero(byte* data, word32 dataSz, word32* idx)
 static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
         word32 dataSz, word32* idx, int* curIdx)
 {
-    byte*  mergedData = NULL; /* buffer for concatonated strings */
+    byte*  mergedData = NULL; /* buffer for concatenated strings */
     word32 mergedSz = 0;      /* total size of merged strings */
     int    encryptedContentSz = 0;
     int    originalEncSz = 0;
@@ -1243,7 +1244,7 @@ static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
         ret = ASN_PARSE_E;
     }
 
-    /* Loop through octet strings and concatonate them without
+    /* Loop through octet strings and concatenate them without
      * the tags and length */
     while ((int)*idx < originalEncSz + *curIdx) {
         if (GetASNTag(data, idx, &tag, dataSz) < 0) {
@@ -1281,7 +1282,7 @@ static int PKCS12_CoalesceOctetStrings(WC_PKCS12* pkcs12, byte* data,
     *idx += SetLength(mergedSz, &data[*idx]);
 
     if (mergedSz > 0) {
-        /* Copy over concatonated octet strings into data buffer */
+        /* Copy over concatenated octet strings into data buffer */
         XMEMCPY(&data[*idx], mergedData, mergedSz);
 
         XFREE(mergedData, pkcs12->heap, DYNAMIC_TYPE_PKCS);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
index ce7d77c9..507d9eee 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pkcs7.c
@@ -2374,6 +2374,7 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
     word32 totalSz, total2Sz;
     int idx = 0, ret = 0;
     int digEncAlgoId, digEncAlgoType;
+    int keyIdSize;
     byte* flatSignedAttribs = NULL;
     word32 flatSignedAttribsSz = 0;
 
@@ -2392,6 +2393,13 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           pkcs7->publicKeyOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
 #ifdef WOLFSSL_SMALL_STACK
     signedDataOid = (byte *)XMALLOC(MAX_OID_SZ, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
     if (signedDataOid == NULL) {
@@ -2485,11 +2493,10 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
 
     } else if (pkcs7->sidType == CMS_SKID) {
         /* SubjectKeyIdentifier */
-        esd->issuerSKIDSz = SetOctetString(KEYID_SIZE, esd->issuerSKID);
-        esd->issuerSKIDSeqSz = SetExplicit(0, esd->issuerSKIDSz + KEYID_SIZE,
+        esd->issuerSKIDSz = SetOctetString(keyIdSize, esd->issuerSKID);
+        esd->issuerSKIDSeqSz = SetExplicit(0, esd->issuerSKIDSz + keyIdSize,
                                            esd->issuerSKIDSeq);
-        signerInfoSz += (esd->issuerSKIDSz + esd->issuerSKIDSeqSz +
-                         KEYID_SIZE);
+        signerInfoSz += (esd->issuerSKIDSz + esd->issuerSKIDSeqSz + keyIdSize);
 
         /* version MUST be 3 */
         esd->signerVersionSz = SetMyVersion(3, esd->signerVersion, 0);
@@ -2723,8 +2730,8 @@ static int PKCS7_EncodeSigned(PKCS7* pkcs7, ESD* esd,
         idx += esd->issuerSKIDSeqSz;
         XMEMCPY(output2 + idx, esd->issuerSKID, esd->issuerSKIDSz);
         idx += esd->issuerSKIDSz;
-        XMEMCPY(output2 + idx, pkcs7->issuerSubjKeyId, KEYID_SIZE);
-        idx += KEYID_SIZE;
+        XMEMCPY(output2 + idx, pkcs7->issuerSubjKeyId, keyIdSize);
+        idx += keyIdSize;
     } else if (pkcs7->sidType == DEGENERATE_SID) {
         /* no signer infos in degenerate case */
     } else {
@@ -3779,7 +3786,10 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
                                                word32 hashSz)
 {
     int ret = 0, digestSz = 0, innerAttribSz = 0;
+    int contentLen = 0;
     word32 idx = 0;
+    word32 contentIdx = 0;
+    byte* content = NULL;
     byte* digestBuf = NULL;
 #ifdef WOLFSSL_SMALL_STACK
     byte* digest = NULL;
@@ -3838,7 +3848,29 @@ static int wc_PKCS7_VerifyContentMessageDigest(PKCS7* pkcs7,
 #endif
         XMEMSET(digest, 0, MAX_PKCS7_DIGEST_SZ);
 
-        ret = wc_Hash(hashType, pkcs7->content, pkcs7->contentSz, digest,
+        content = pkcs7->content;
+        contentLen = pkcs7->contentSz;
+
+        if (pkcs7->contentIsPkcs7Type == 1) {
+            /* Content follows PKCS#7 RFC, which defines type as ANY. CMS
+             * mandates OCTET_STRING which has already been stripped off.
+             * For PKCS#7 message digest calculation, digest is calculated
+             * only on the "value" of the DER encoding. As such, advance past
+             * the tag and length */
+            if (contentLen > 1) {
+                contentIdx++;
+            }
+
+            if (GetLength_ex(content, &contentIdx, &contentLen,
+                    contentLen, 1) < 0) {
+                #ifdef WOLFSSL_SMALL_STACK
+                    XFREE(digest, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
+                #endif
+                return ASN_PARSE_E;
+            }
+        }
+
+        ret = wc_Hash(hashType, content + contentIdx, contentLen, digest,
                       MAX_PKCS7_DIGEST_SZ);
         if (ret < 0) {
             WOLFSSL_MSG("Error hashing PKCS7 content for verification");
@@ -4428,11 +4460,13 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
     byte* cert = NULL;
     byte* signedAttrib = NULL;
     byte* contentType = NULL;
+    int encapContentInfoLen = 0;
     int contentSz = 0, sigSz = 0, certSz = 0, signedAttribSz = 0;
     word32 localIdx, start;
     byte degenerate = 0;
     byte detached = 0;
     byte tag = 0;
+    word16 contentIsPkcs7Type = 0;
 #ifdef ASN_BER_TO_DER
     byte* der;
 #endif
@@ -4593,7 +4627,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                 WOLFSSL_MSG("PKCS#7 signedData needs to be version 1 or 3");
                 ret = ASN_VERSION_E;
             }
-            pkcs7->version = version;
+            pkcs7->version = (byte)version;
 
             /* Get the set of DigestAlgorithmIdentifiers */
             if (ret == 0 && GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
@@ -4642,7 +4676,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
 
         #endif
             /* Get the inner ContentInfo sequence */
-            if (GetSequence_ex(pkiMsg, &idx, &length, pkiMsgSz,
+            if (GetSequence_ex(pkiMsg, &idx, &encapContentInfoLen, pkiMsgSz,
                         NO_USER_CHECK) < 0)
                 ret = ASN_PARSE_E;
 
@@ -4650,7 +4684,8 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
             if (ret == 0) {
                 int isIndef = 0;
                 word32 tmpIdx = idx;
-                if (length == 0 && pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
+                if (encapContentInfoLen == 0 &&
+                    pkiMsg[idx-1] == ASN_INDEF_LENGTH) {
                     isIndef = 1;
                 }
                 if (GetASNObjectId(pkiMsg, &idx, &length, pkiMsgSz) == 0) {
@@ -4675,7 +4710,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
             if (ret != 0)
                 break;
 
-            /* Check for content info, it could be omitted when degenerate */
+            /* Check for content, it could be omitted when degenerate */
             localIdx = idx;
             ret = 0;
             if (localIdx + 1 > pkiMsgSz) {
@@ -4683,75 +4718,114 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                 break;
             }
 
+            /* Set error state if no more data left in ContentInfo, meaning
+             * no content - may be detached. Will recover from error below */
+            if ((encapContentInfoLen != 0) &&
+                (encapContentInfoLen - contentTypeSz == 0)) {
+                ret = ASN_PARSE_E;
+            }
+
+            /* PKCS#7 spec:
+             *     content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
+             * CMS spec:
+             *     eContent [0] EXPLICIT OCTET STRING OPTIONAL
+             */
             if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) != 0)
                 ret = ASN_PARSE_E;
 
             if (ret == 0 && tag != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
                 ret = ASN_PARSE_E;
 
+            /* Get length of inner eContent payload. For CMS, spec defines
+             * OCTET_STRING will be next. If so, we use the length retrieved
+             * there. PKCS#7 spec defines ANY as eContent type. In this case
+             * we fall back and save this content length for use later */
             if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length, pkiMsgSz,
-                        NO_USER_CHECK) <= 0)
+                        NO_USER_CHECK) <= 0) {
                 ret = ASN_PARSE_E;
+            }
 
             if (localIdx >= pkiMsgSz) {
                 ret = BUFFER_E;
             }
 
+            /* Save idx to back up in case of PKCS#7 eContent */
+            start = localIdx;
+
             /* get length of content in the case that there is multiple parts */
             if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz) < 0)
                 ret = ASN_PARSE_E;
 
-            if (ret == 0 && tag == (ASN_OCTET_STRING | ASN_CONSTRUCTED)) {
-                multiPart = 1;
+            if (ret == 0 &&
+                (tag != (ASN_OCTET_STRING | ASN_CONSTRUCTED) &&
+                (tag != ASN_OCTET_STRING))) {
 
-                /* Get length of all OCTET_STRINGs. */
-                if (GetLength_ex(pkiMsg, &localIdx, &contentLen, pkiMsgSz,
-                            NO_USER_CHECK) < 0)
+                /* If reached end of ContentInfo, or we see the next element
+                 * ([0] IMPLICIT CertificateSet), set error state. Either
+                 * true error or detached */
+                if (tag == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) {
                     ret = ASN_PARSE_E;
-
-                /* Check whether there is one OCTET_STRING inside. */
-                start = localIdx;
-                if (localIdx >= pkiMsgSz) {
-                    ret = BUFFER_E;
                 }
 
-                if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz)
-                        != 0)
-                    ret = ASN_PARSE_E;
+                /* Back up before getting tag, process as PKCS#7 ANY and use
+                 * this as start of content. */
+                localIdx = start;
+                pkcs7->contentIsPkcs7Type = 1;
+            }
+            else {
+                /* CMS eContent OCTET_STRING */
+                if (ret == 0 && tag == (ASN_OCTET_STRING | ASN_CONSTRUCTED)) {
+                    multiPart = 1;
 
-                if (ret == 0 && tag != ASN_OCTET_STRING)
-                    ret = ASN_PARSE_E;
+                    /* Get length of all OCTET_STRINGs. */
+                    if (GetLength_ex(pkiMsg, &localIdx, &contentLen, pkiMsgSz,
+                                NO_USER_CHECK) < 0)
+                        ret = ASN_PARSE_E;
 
-                if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
-                            pkiMsgSz, NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
+                    /* Check whether there is one OCTET_STRING inside. */
+                    start = localIdx;
+                    if (localIdx >= pkiMsgSz) {
+                        ret = BUFFER_E;
+                    }
 
-                if (ret == 0) {
-                    /* Use single OCTET_STRING directly, or reset length. */
-                    if (localIdx - start + length == (word32)contentLen) {
-                        multiPart = 0;
-                    } else {
-                        /* reset length to outer OCTET_STRING for bundle size
-                         * check below */
-                        length = contentLen;
+                    if (ret == 0 && GetASNTag(pkiMsg, &localIdx, &tag, pkiMsgSz)
+                            != 0)
+                        ret = ASN_PARSE_E;
+
+                    if (ret == 0 && tag != ASN_OCTET_STRING)
+                        ret = ASN_PARSE_E;
+
+                    if (ret == 0 && GetLength_ex(pkiMsg, &localIdx, &length,
+                                pkiMsgSz, NO_USER_CHECK) < 0)
+                        ret = ASN_PARSE_E;
+
+                    if (ret == 0) {
+                        /* Use single OCTET_STRING directly, or reset length. */
+                        if (localIdx - start + length == (word32)contentLen) {
+                            multiPart = 0;
+                        } else {
+                            /* reset length to outer OCTET_STRING for bundle
+                             * size check below */
+                            length = contentLen;
+                        }
+                        localIdx = start;
                     }
-                    localIdx = start;
-                }
 
-                if (ret != 0) {
-                    /* failed ASN1 parsing during OCTET_STRING checks */
-                    break;
+                    if (ret != 0) {
+                        /* failed ASN1 parsing during OCTET_STRING checks */
+                        break;
+                    }
                 }
-            }
 
-            /* get length of content in case of single part */
-            if (ret == 0 && !multiPart) {
-                if (tag != ASN_OCTET_STRING)
-                    ret = ASN_PARSE_E;
+                /* get length of content in case of single part */
+                if (ret == 0 && !multiPart) {
+                    if (tag != ASN_OCTET_STRING)
+                        ret = ASN_PARSE_E;
 
-                if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
-                            &length, pkiMsgSz, NO_USER_CHECK) < 0)
-                    ret = ASN_PARSE_E;
+                    if (ret == 0 && GetLength_ex(pkiMsg, &localIdx,
+                                &length, pkiMsgSz, NO_USER_CHECK) < 0)
+                        ret = ASN_PARSE_E;
+                }
             }
 
             /* update idx if successful */
@@ -4839,7 +4913,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
             if (multiPart) {
                 pkcs7->stream->expected = contentLen + ASN_TAG_SZ;
             }
-            pkcs7->stream->multi = multiPart;
+            pkcs7->stream->multi = (byte)multiPart;
 
         #endif
             wc_PKCS7_ChangeState(pkcs7, WC_PKCS7_VERIFY_STAGE3);
@@ -5104,6 +5178,7 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                     pkcs7->der = NULL;
         #endif
                     version = pkcs7->version;
+                    contentIsPkcs7Type = pkcs7->contentIsPkcs7Type;
 
                     if (ret == 0) {
                         byte isDynamic = (byte)pkcs7->isDynamic;
@@ -5139,11 +5214,14 @@ static int PKCS7_VerifySignedData(PKCS7* pkcs7, const byte* hashBuf,
                             contentDynamic = NULL;
                         }
 
+                        /* Restore content is PKCS#7 flag */
+                        pkcs7->contentIsPkcs7Type = contentIsPkcs7Type;
+
                     #ifndef NO_PKCS7_STREAM
                         pkcs7->stream = stream;
                     #endif
                     }
-                    pkcs7->version = version;
+                    pkcs7->version = (byte)version;
         #ifdef ASN_BER_TO_DER
                     pkcs7->der = der;
         #endif
@@ -5661,6 +5739,7 @@ static WC_PKCS7_KARI* wc_PKCS7_KariNew(PKCS7* pkcs7, byte direction)
         XFREE(kari, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
         return NULL;
     }
+    XMEMSET(kari->decoded, 0, sizeof(DecodedCert));
 
     kari->recipKey = (ecc_key*)XMALLOC(sizeof(ecc_key), pkcs7->heap,
                                        DYNAMIC_TYPE_PKCS7);
@@ -5764,29 +5843,30 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
     int ret;
     word32 idx;
 
-    if (kari == NULL || kari->decoded == NULL ||
-        cert == NULL || certSz == 0)
+    if (kari == NULL || kari->decoded == NULL) {
         return BAD_FUNC_ARG;
+    }
 
     /* decode certificate */
-    InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
-    kari->decodedInit = 1;
-    ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
-    if (ret < 0)
-        return ret;
+    if (cert != NULL) {
+        InitDecodedCert(kari->decoded, (byte*)cert, certSz, kari->heap);
+        kari->decodedInit = 1;
+        ret = ParseCert(kari->decoded, CA_TYPE, NO_VERIFY, 0);
+        if (ret < 0)
+            return ret;
 
-    /* only supports ECDSA for now */
-    if (kari->decoded->keyOID != ECDSAk) {
-        WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
-        return BAD_FUNC_ARG;
-    }
+        /* only supports ECDSA for now */
+        if (kari->decoded->keyOID != ECDSAk) {
+            WOLFSSL_MSG("CMS KARI only supports ECDSA key types");
+            return BAD_FUNC_ARG;
+        }
 
-    /* make sure subject key id was read from cert */
-    if (kari->decoded->extSubjKeyIdSet == 0) {
-        WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
-        return BAD_FUNC_ARG;
+        /* make sure subject key id was read from cert */
+        if (kari->decoded->extSubjKeyIdSet == 0) {
+            WOLFSSL_MSG("Failed to read subject key ID from recipient cert");
+            return BAD_FUNC_ARG;
+        }
     }
-
     ret = wc_ecc_init_ex(kari->recipKey, kari->heap, kari->devId);
     if (ret != 0)
         return ret;
@@ -5795,6 +5875,10 @@ static int wc_PKCS7_KariParseRecipCert(WC_PKCS7_KARI* kari, const byte* cert,
 
     /* get recip public key */
     if (kari->direction == WC_PKCS7_ENCODE) {
+        if (cert == NULL) {
+            WOLFSSL_MSG("Error recipient cert can not be null with encode");
+            return BAD_FUNC_ARG;
+        }
 
         idx = 0;
         ret = wc_EccPublicKeyDecode(kari->decoded->publicKey, &idx,
@@ -6023,11 +6107,15 @@ static int wc_PKCS7_KariGenerateKEK(WC_PKCS7_KARI* kari, WC_RNG* rng,
     (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
     !defined(HAVE_SELFTEST)
     ret = wc_ecc_set_rng(kari->senderKey, rng);
-    if (ret != 0)
+    if (ret != 0) {
+        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
         return ret;
+    }
     ret = wc_ecc_set_rng(kari->recipKey, rng);
-    if (ret != 0)
+    if (ret != 0) {
+        XFREE(secret, kari->heap, DYNAMIC_TYPE_PKCS7);
         return ret;
+    }
 #else
     (void)rng;
 #endif
@@ -6118,6 +6206,7 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
     int ret = 0;
     int keySz, direction = 0;
     int blockKeySz = 0;
+    int keyIdSize;
 
     /* ASN.1 layout */
     int totalSz = 0;
@@ -6169,6 +6258,13 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
     byte encryptedKey[MAX_ENCRYPTED_KEY_SZ];
 #endif
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           pkcs7->publicKeyOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
     /* allocate and init memory for recipient */
     recip = (Pkcs7EncodedRecip*)XMALLOC(sizeof(Pkcs7EncodedRecip), pkcs7->heap,
                                  DYNAMIC_TYPE_PKCS7);
@@ -6294,12 +6390,12 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
     totalSz += (encryptedKeyOctetSz + encryptedKeySz);
 
     /* SubjectKeyIdentifier */
-    subjKeyIdOctetSz = SetOctetString(KEYID_SIZE, subjKeyIdOctet);
-    totalSz += (subjKeyIdOctetSz + KEYID_SIZE);
+    subjKeyIdOctetSz = SetOctetString(keyIdSize, subjKeyIdOctet);
+    totalSz += (subjKeyIdOctetSz + keyIdSize);
 
     /* RecipientKeyIdentifier IMPLICIT [0] */
     recipKeyIdSeqSz = SetImplicit(ASN_SEQUENCE, 0, subjKeyIdOctetSz +
-                                  KEYID_SIZE, recipKeyIdSeq);
+                                  keyIdSize, recipKeyIdSeq);
     totalSz += recipKeyIdSeqSz;
 
     /* RecipientEncryptedKey */
@@ -6423,8 +6519,8 @@ int wc_PKCS7_AddRecipient_KARI(PKCS7* pkcs7, const byte* cert, word32 certSz,
     XMEMCPY(recip->recip + idx, subjKeyIdOctet, subjKeyIdOctetSz);
     idx += subjKeyIdOctetSz;
     /* subject key id */
-    XMEMCPY(recip->recip + idx, kari->decoded->extSubjKeyId, KEYID_SIZE);
-    idx += KEYID_SIZE;
+    XMEMCPY(recip->recip + idx, kari->decoded->extSubjKeyId, keyIdSize);
+    idx += keyIdSize;
     XMEMCPY(recip->recip + idx, encryptedKeyOctet, encryptedKeyOctetSz);
     idx += encryptedKeyOctetSz;
     /* encrypted CEK */
@@ -6473,6 +6569,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
     WC_RNG rng;
     word32 idx = 0;
     word32 encryptedKeySz = 0;
+    int keyIdSize;
 
     int ret = 0, blockKeySz;
     int verSz = 0, issuerSz = 0, snSz = 0, keyEncAlgSz = 0;
@@ -6599,6 +6696,13 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
         return ret;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           decoded->signatureOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
     if (sidType == CMS_ISSUER_AND_SERIAL_NUMBER) {
 
         /* version, must be 0 for IssuerAndSerialNumber */
@@ -6655,7 +6759,7 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
         verSz = SetMyVersion(2, ver, 0);
         recip->recipVersion = 2;
 
-        issuerSKIDSz = SetLength(KEYID_SIZE, issuerSKID);
+        issuerSKIDSz = SetLength(keyIdSize, issuerSKID);
     } else {
         FreeDecodedCert(decoded);
 #ifdef WOLFSSL_SMALL_STACK
@@ -6815,10 +6919,10 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
 
     } else {
         recipSeqSz = SetSequence(verSz + ASN_TAG_SZ + issuerSKIDSz +
-                                 KEYID_SIZE + keyEncAlgSz + encKeyOctetStrSz +
+                                 keyIdSize + keyEncAlgSz + encKeyOctetStrSz +
                                  encryptedKeySz, recipSeq);
 
-        if (recipSeqSz + verSz + ASN_TAG_SZ + issuerSKIDSz + KEYID_SIZE +
+        if (recipSeqSz + verSz + ASN_TAG_SZ + issuerSKIDSz + keyIdSize +
             keyEncAlgSz + encKeyOctetStrSz + encryptedKeySz > MAX_RECIP_SZ) {
             WOLFSSL_MSG("RecipientInfo output buffer too small");
             FreeDecodedCert(decoded);
@@ -6852,8 +6956,8 @@ int wc_PKCS7_AddRecipient_KTRI(PKCS7* pkcs7, const byte* cert, word32 certSz,
         idx += ASN_TAG_SZ;
         XMEMCPY(recip->recip + idx, issuerSKID, issuerSKIDSz);
         idx += issuerSKIDSz;
-        XMEMCPY(recip->recip + idx, pkcs7->issuerSubjKeyId, KEYID_SIZE);
-        idx += KEYID_SIZE;
+        XMEMCPY(recip->recip + idx, pkcs7->issuerSubjKeyId, keyIdSize);
+        idx += keyIdSize;
     }
     XMEMCPY(recip->recip + idx, keyAlgArray, keyEncAlgSz);
     idx += keyEncAlgSz;
@@ -7588,7 +7692,7 @@ static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz,
     if (*outSz < (word32)outLen)
         return BUFFER_E;
 
-    out[0] = cekSz;
+    out[0] = (byte)cekSz;
     out[1] = ~cek[0];
     out[2] = ~cek[1];
     out[3] = ~cek[2];
@@ -8567,6 +8671,7 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
 {
     int length, encryptedKeySz = 0, ret = 0;
     int keySz, version, sidType = 0;
+    int keyIdSize;
     word32 encOID = 0;
     word32 keyIdx;
     byte   issuerHash[KEYID_SIZE];
@@ -8592,6 +8697,14 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
     mp_int serialNum[1];
     RsaKey privKey[1];
 #endif
+    XMEMSET(issuerHash, 0, sizeof(issuerHash));
+
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           pkcs7->publicKeyOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
 
     switch (pkcs7->state) {
         case WC_PKCS7_DECRYPT_KTRI:
@@ -8680,11 +8793,12 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
                 if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
                     return ASN_PARSE_E;
 
-                if (GetNameHash(pkiMsg, idx, issuerHash, pkiMsgSz) < 0)
+                if (GetNameHash_ex(pkiMsg, idx, issuerHash, pkiMsgSz,
+                                   pkcs7->publicKeyOID) < 0)
                     return ASN_PARSE_E;
 
                 /* if we found correct recipient, issuer hashes will match */
-                if (XMEMCMP(issuerHash, pkcs7->issuerHash, KEYID_SIZE) == 0) {
+                if (XMEMCMP(issuerHash, pkcs7->issuerHash, keyIdSize) == 0) {
                     *recipFound = 1;
                 }
 
@@ -8732,15 +8846,15 @@ static int wc_PKCS7_DecryptKtri(PKCS7* pkcs7, byte* in, word32 inSz,
                 if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
                     return ASN_PARSE_E;
 
-                if (KEYID_SIZE > pkiMsgSz - (*idx))
+                if ((word32)keyIdSize > pkiMsgSz - (*idx))
                     return BUFFER_E;
 
                 /* if we found correct recipient, SKID will match */
                 if (XMEMCMP(pkiMsg + (*idx), pkcs7->issuerSubjKeyId,
-                            KEYID_SIZE) == 0) {
+                            keyIdSize) == 0) {
                     *recipFound = 1;
                 }
-                (*idx) += KEYID_SIZE;
+                (*idx) += keyIdSize;
             }
 
             if (GetAlgoId(pkiMsg, idx, &encOID, oidKeyType, pkiMsgSz) < 0)
@@ -9149,11 +9263,19 @@ static int wc_PKCS7_KariGetSubjectKeyIdentifier(WC_PKCS7_KARI* kari,
 {
     int length;
     byte tag;
+    int keyIdSize;
 
     if (kari == NULL || pkiMsg == NULL || idx == NULL || recipFound == NULL ||
             rid == NULL)
         return BAD_FUNC_ARG;
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           kari->decoded->signatureOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
     /* remove RecipientKeyIdentifier IMPLICIT [0] */
     if (GetASNTag(pkiMsg, idx, &tag, pkiMsgSz) < 0) {
         return ASN_PARSE_E;
@@ -9178,14 +9300,14 @@ static int wc_PKCS7_KariGetSubjectKeyIdentifier(WC_PKCS7_KARI* kari,
     if (GetLength(pkiMsg, idx, &length, pkiMsgSz) < 0)
         return ASN_PARSE_E;
 
-    if (length != KEYID_SIZE)
+    if (length != keyIdSize)
         return ASN_PARSE_E;
 
-    XMEMCPY(rid, pkiMsg + (*idx), KEYID_SIZE);
+    XMEMCPY(rid, pkiMsg + (*idx), keyIdSize);
     (*idx) += length;
 
     /* subject key id should match if recipient found */
-    if (XMEMCMP(rid, kari->decoded->extSubjKeyId, KEYID_SIZE) == 0) {
+    if (XMEMCMP(rid, kari->decoded->extSubjKeyId, keyIdSize) == 0) {
         *recipFound = 1;
     }
 
@@ -9200,6 +9322,7 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
                         int* recipFound, byte* rid)
 {
     int length, ret;
+    int keyIdSize;
 #ifdef WOLFSSL_SMALL_STACK
     mp_int* serial;
     mp_int* recipSerial;
@@ -9212,15 +9335,31 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           kari->decoded->signatureOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
     /* remove IssuerAndSerialNumber */
     if (GetSequence(pkiMsg, idx, &length, pkiMsgSz) < 0)
         return ASN_PARSE_E;
 
-    if (GetNameHash(pkiMsg, idx, rid, pkiMsgSz) < 0)
+    if (GetNameHash_ex(pkiMsg, idx, rid, pkiMsgSz,
+                       kari->decoded->signatureOID) < 0) {
         return ASN_PARSE_E;
+    }
 
     /* if we found correct recipient, issuer hashes will match */
-    if (XMEMCMP(rid, kari->decoded->issuerHash, KEYID_SIZE) == 0) {
+    if (kari->decodedInit == 1) {
+        if (XMEMCMP(rid, kari->decoded->issuerHash, keyIdSize) == 0) {
+            *recipFound = 1;
+        }
+    }
+    else {
+        /* can not confirm recipient serial number with no cert provided */
+        WOLFSSL_MSG("No recipient cert loaded to match with CMS serial number");
         *recipFound = 1;
     }
 
@@ -9246,7 +9385,9 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
         return ASN_PARSE_E;
     }
 
-    ret = mp_read_unsigned_bin(recipSerial, kari->decoded->serial,
+    ret = mp_init(recipSerial);
+    if (ret == MP_OKAY)
+        ret = mp_read_unsigned_bin(recipSerial, kari->decoded->serial,
                              kari->decoded->serialSz);
     if (ret != MP_OKAY) {
         mp_clear(serial);
@@ -9258,7 +9399,8 @@ static int wc_PKCS7_KariGetIssuerAndSerialNumber(WC_PKCS7_KARI* kari,
         return ret;
     }
 
-    if (mp_cmp(recipSerial, serial) != MP_EQ) {
+    if (kari->decodedInit == 1 &&
+            mp_cmp(recipSerial, serial) != MP_EQ) {
         mp_clear(serial);
         mp_clear(recipSerial);
         WOLFSSL_MSG("CMS serial number does not match recipient");
@@ -9876,6 +10018,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
     int ret, keySz;
     int encryptedKeySz;
     int direction = 0;
+    int keyIdSize;
     word32 keyAgreeOID, keyWrapOID;
     byte rid[KEYID_SIZE];
 
@@ -9893,12 +10036,17 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
 
     WOLFSSL_ENTER("wc_PKCS7_DecryptKari");
     if (pkcs7 == NULL || pkiMsg == NULL ||
-            ((pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0) &&
-              pkcs7->wrapCEKCb == NULL) ||
         idx == NULL || decryptedKey == NULL || decryptedKeySz == NULL) {
         return BAD_FUNC_ARG;
     }
 
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    keyIdSize = wc_HashGetDigestSize(wc_HashTypeConvert(HashIdAlg(
+           pkcs7->publicKeyOID)));
+#else
+    keyIdSize = KEYID_SIZE;
+#endif
+
     switch (pkcs7->state) {
         case WC_PKCS7_DECRYPT_KARI: {
             WC_PKCS7_KARI* kari;
@@ -9928,17 +10076,15 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
             encryptedKeySz = MAX_ENCRYPTED_KEY_SZ;
 
             /* parse cert and key */
-            if (pkcs7->singleCert != NULL) {
-                ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
-                                              pkcs7->singleCertSz, pkcs7->privateKey,
-                                              pkcs7->privateKeySz);
-                if (ret != 0) {
-                    wc_PKCS7_KariFree(kari);
-                #ifdef WOLFSSL_SMALL_STACK
-                    XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
-                #endif
-                    return ret;
-                }
+            ret = wc_PKCS7_KariParseRecipCert(kari, (byte*)pkcs7->singleCert,
+                                          pkcs7->singleCertSz, pkcs7->privateKey,
+                                          pkcs7->privateKeySz);
+            if (ret != 0) {
+                wc_PKCS7_KariFree(kari);
+            #ifdef WOLFSSL_SMALL_STACK
+                XFREE(encryptedKey, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
+            #endif
+                return ret;
             }
 
             /* remove OriginatorIdentifierOrKey */
@@ -10054,7 +10200,7 @@ static int wc_PKCS7_DecryptKari(PKCS7* pkcs7, byte* in, word32 inSz,
                 tmpKeySz = (word32)ret;
 
                 keySz = pkcs7->wrapCEKCb(pkcs7, encryptedKey, encryptedKeySz,
-                        rid, KEYID_SIZE, tmpKeyDer, tmpKeySz,
+                        rid, keyIdSize, tmpKeyDer, tmpKeySz,
                         decryptedKey, *decryptedKeySz,
                         keyWrapOID, (int)PKCS7_KARI, direction);
                 XFREE(tmpKeyDer, pkcs7->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -10699,7 +10845,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* in,
     byte* encryptedContent = NULL;
     int explicitOctet = 0;
     word32 localIdx;
-    byte   tag;
+    byte   tag = 0;
 
     if (pkcs7 == NULL)
         return BAD_FUNC_ARG;
@@ -11679,6 +11825,10 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
     }
 #endif
 
+#ifndef WOLFSSL_SMALL_STACK
+    XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
+#endif
+
     switch (pkcs7->state) {
         case WC_PKCS7_START:
         case WC_PKCS7_INFOSET_START:
@@ -11710,6 +11860,9 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
                 ret = MEMORY_E;
                 break;
             }
+            else {
+                XMEMSET(decryptedKey, 0, MAX_ENCRYPTED_KEY_SZ);
+            }
         #ifndef NO_PKCS7_STREAM
             pkcs7->stream->key = decryptedKey;
         #endif
@@ -11982,7 +12135,7 @@ WOLFSSL_API int wc_PKCS7_DecodeAuthEnvelopedData(PKCS7* pkcs7, byte* in,
                 encodedAttribs = pkiMsg + idx;
                 idx++;
 
-                if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
+                if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) <= 0)
                     ret = ASN_PARSE_E;
             #ifndef NO_PKCS7_STREAM
                 pkcs7->stream->expected = length;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
index efe7be5f..ba1d2944 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/poly1305_asm.S
@@ -1,5 +1,5 @@
-/* poly1305_asm
- *
+/* poly1305_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
@@ -324,7 +324,7 @@ L_poly1305_avx_final_no_more:
         movq	%rcx, %r8
         andq	$3, %rcx
         shrq	$2, %r8
-        #   Multily by 5
+        #   Multiply by 5
         leaq	0(%r8,%r8,4), %r8
         addq	%r8, %rax
         adcq	$0x00, %rdx
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
index fe98e3be..5d2fa27e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/README.md
@@ -1,35 +1,74 @@
 # ESP32 Port
 
-Support for the ESP32-WROOM-32 on-board crypto hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
+Support for the ESP32 on-board cryptographic hardware acceleration for symmetric AES, SHA1/SHA256/SHA384/SHA512 and RSA primitive including mul, mulmod and exptmod.
+
+* ESP32 - Supported
+* ESP32S2 - Supported
+* ESP32S3 - Supported
+* ESP32C2 - Software only (contact support to request hardware acceleration)
+* ESP32C3 - Supported
+* ESP32C6 - Supported
+* ESP32H2 - Software only (contact support to request hardware acceleration)
 
 ## ESP32 Acceleration
 
-For detail about ESP32 HW Acceleration, you can find in [Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
+More details about ESP32 HW Accelerationcan be found in:
+
+* [ESP32 Technical Reference Manual](https://espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf)
+* [ESP32-S2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s2_technical_reference_manual_en.pdf)
+* [ESP32-S3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf)
+* [ESP32-C2 (aka ESP8684 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp8684_technical_reference_manual_en.pdf)
+* [ESP32-C3 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf)
+* [ESP32-C6 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-c6_technical_reference_manual_en.pdf)
+* [ESP32-H2 Technical Reference Manual](https://www.espressif.com/sites/default/files/documentation/esp32-h2_technical_reference_manual_en.pdf)
 
 ### Building
 
-To enable hw acceleration :
+Simply run `ESP-IDF.py` in any of the [Espressif/ESP-IDF/Examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples).
+See the respective project README files. Examples are also available using wolfssl as a [Managed Component](https://components.espressif.com/components/wolfssl/wolfssl).
+
+Hardware acceleration is enabled by default. All settings should be adjusted in the respective project component
+`user_settings.h` file. See the example in [template example](https://github.com/wolfSSL/wolfssl/blob/master/IDE/Espressif/ESP-IDF/examples/template/components/wolfssl/include/user_settings.h).
+In particular, comment out the `NO_[feature_name]` macros to enable hardware encryption:
 
-* Uncomment out `#define WOLFSSL_ESPIDF` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
-* Uncomment out `#define WOLFSSL_ESPWROOM32` in `/path/to/wolfssl/wolfssl/wolfcrypt/settings.h`
+    /* #define NO_ESP32_CRYPT                 */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH    */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_AES     */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
 
-To disable portions of the hardware acceleration you can optionally define:
+To disable specific portions of the hardware acceleration you can optionally define:
 
 ```c
-/* Disabled SHA, AES and RSA acceleration */
-#define NO_ESP32WROOM32_CRYPT
-/* Disabled AES acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
-/* Disabled SHA acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
-/* Disabled RSA Primitive acceleration */
-#define NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+/* Disable all SHA, AES and RSA acceleration */
+#define NO_ESP32_CRYPT
+
+/* Disable only AES acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_AES
+
+/* Disabled only SHA acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_HASH
+
+/* Disabled only RSA Primitive acceleration */
+#define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
 ```
 
+See the [wolfcrypt/port/Espressif/esp32-crypt.h](https://github.com/wolfSSL/wolfssl/blob/master/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h)
+for more details on fine tuning and debugging options.
+
 ### Coding
 
-In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers. If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` and adding your own `user_settings.h` file. You can find a good reference for this in `IDE/GCC-ARM/Header/user_settings.h`.
+In your application you must include `<wolfssl/wolfcrypt/settings.h>` before any other wolfSSL headers.
+If building the sources directly we recommend defining `WOLFSSL_USER_SETTINGS` (typically defined in the `CMakeLists.txt`)
+and adding your own `user_settings.h` file. You can find a good reference in the [Espressif examples](https://github.com/wolfSSL/wolfssl/tree/master/IDE/Espressif/ESP-IDF/examples)
+as well as other examples such as [IDE/GCC-ARM/Header/user_settings.h](https://github.com/wolfSSL/wolfssl/blob/master/IDE/GCC-ARM/Header/user_settings.h).
+
+To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:
+
+To view disassembly, add `__attribute__((section(".iram1")))` decorator. Foe example:
 
+```
+static int __attribute__((section(".iram1"))) memblock_peek(volatile u_int32_t mem_address)
+```
 
 ### Benchmarks
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
index 09105a51..84211ee2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_aes.c
@@ -23,21 +23,23 @@
  * WOLFSSL_SUCCESS and WOLFSSL_FAILURE values should only
  * be used in the ssl layer, not in wolfCrypt
  **/
-#include <string.h>
-#include <stdio.h>
 
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
 #include <wolfssl/wolfcrypt/settings.h>
 
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
 #ifndef NO_AES
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
-#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
 #include <wolfssl/wolfcrypt/aes.h>
-#include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* breadcrumb tag text for ESP_LOG() */
@@ -49,21 +51,25 @@ static wolfSSL_Mutex aes_mutex;
 /* keep track as to whether esp aes is initialized */
 static int espaes_CryptHwMutexInit = 0;
 
+#if defined(WOLFSSL_HW_METRICS)
+    static unsigned long esp_aes_unsupported_length_usage_ct = 0;
+#endif
+
 /*
 * lock hw engine.
 * this should be called before using engine.
 *
 * returns 0 if the hw lock was initialized and mutex lock
 */
-static int esp_aes_hw_InUse()
+static int esp_aes_hw_InUse(void)
 {
-    int ret = 0;
+    int ret = ESP_OK;
 
     ESP_LOGV(TAG, "enter esp_aes_hw_InUse");
 
     if (espaes_CryptHwMutexInit == 0) {
         ret = esp_CryptHwMutexInit(&aes_mutex);
-        if (ret == 0) {
+        if (ret == ESP_OK) {
             /* flag esp aes as initialized */
             espaes_CryptHwMutexInit = 1;
         }
@@ -75,8 +81,11 @@ static int esp_aes_hw_InUse()
         /* esp aes has already been initialized */
     }
 
-    if (ret == 0) {
-        /* lock hardware */
+    if (ret == ESP_OK) {
+        /* lock hardware; there should be exactly one instance
+         * of esp_CryptHwMutexLock(&aes_mutex ...) in code  */
+        /* TODO - do we really want to wait?
+         *    probably not */
         ret = esp_CryptHwMutexLock(&aes_mutex, portMAX_DELAY);
     }
     else {
@@ -84,15 +93,26 @@ static int esp_aes_hw_InUse()
     }
 
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         /* Enable AES hardware */
         periph_module_enable(PERIPH_AES_MODULE);
 
-        #if CONFIG_IDF_TARGET_ESP32S3
-        /* Select working mode. Can be typical or DMA.
-         * 0 => typical
-         * 1 => DMA */
-        DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+        #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+            defined(CONFIG_IDF_TARGET_ESP32S3)
+        {
+            /* Select working mode. Can be typical or DMA.
+             * 0 => typical
+             * 1 => DMA */
+            DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+        }
+        #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+              defined(CONFIG_IDF_TARGET_ESP32C6)
+        {
+            /* Select working mode. Can be typical or DMA.
+             * 0 => typical
+             * 1 => DMA */
+            DPORT_REG_WRITE(AES_DMA_ENABLE_REG, 0);
+        }
         #endif
     }
 
@@ -117,15 +137,15 @@ static void esp_aes_hw_Leave( void )
 
 /*
  * set key to hardware key registers.
- * return 0 on success; -1 if mode isn't supported.
+ * return ESP_OK = 0 on success; BAD_FUNC_ARG if mode isn't supported.
  */
 static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
 {
-    int ret = 0;
+    int ret = ESP_OK;
     word32 i;
     word32 mode_ = 0;
 
-    ESP_LOGV(TAG, "  enter esp_aes_hw_Set_KeyMode");
+    ESP_LOGV(TAG, "  enter esp_aes_hw_Set_KeyMode %d", mode);
 
     /* check mode */
     if (mode == ESP32_AES_UPDATEKEY_ENCRYPT) {
@@ -141,38 +161,74 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
         }
     } /* if mode */
 
-    if (ret == 0) {
+    /*
+    ** ESP32:    see table 22-1 in ESP32 Technical Reference
+    ** ESP32-S3: see table 19-2 in ESP32-S3 Technical Reference
+    ** ESP32-C3:
+    ** ESP32-C6: see table 18-2 in ESP32-C6 Technical Reference
+    **
+    ** Mode     Algorithm             ESP32   ESP32S3  ESP32C3 ESP32C6
+    **   0       AES-128 Encryption     y        y        y       y
+    **   1       AES-192 Encryption     y        n        n       n
+    **   2       AES-256 Encryption     y        y        y       y
+    **   3       reserved               n        n        n       n
+    **   4       AES-128 Decryption     y        y        y       y
+    **   5       AES-192 Decryption     y        n        n       n
+    **   6       AES-256 Decryption     y        y        y       y
+    **   7       reserved               n        n        n       n
+    */
+    switch(ctx->keylen){
+        case 24: mode_ += 1; break;
+        case 32: mode_ += 2; break;
+        default: break;
+    }
 
-        /* update key */
-        for (i = 0; i < (ctx->keylen) / sizeof(word32); i++) {
-            DPORT_REG_WRITE(AES_KEY_BASE + (i * 4), *(((word32*)ctx->key) + i));
-        }
+    /* Some specific modes are not supported on some targets. */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    #define TARGET_AES_KEY_BASE AES_KEY_BASE
+    if (mode_ == 3 || mode_ > 6) {
+        /* this should have been detected in aes.c and fall back to SW */
+        ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+        ret = BAD_FUNC_ARG;
+    }
 
-        /*
-        ** ESP32: see table 22-1 in ESP32 Technical Reference
-        ** ESP32S3: see table 19-2 in ESP32S3 Technical Reference
-        ** mode     Algorithm             ESP32   ESP32S3
-        **   0       AES-128 Encryption     y        y
-        **   1       AES-192 Encryption     y        n
-        **   2       AES-256 Encryption     y        y
-        **   4       AES-128 Decryption     y        y
-        **   5       AES-192 Decryption     y        n
-        **   6       AES-256 Decryption     y        y
-        */
-        switch(ctx->keylen){
-            case 24: mode_ += 1; break;
-            case 32: mode_ += 2; break;
-            default: break;
-        }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    #define TARGET_AES_KEY_BASE AES_KEY_BASE
+    if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
+        /* this should have been detected in aes.c and fall back to SW */
+        ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+        ret = BAD_FUNC_ARG;
+    }
 
-    #if CONFIG_IDF_TARGET_ESP32S3
-        if (mode_ == 1 || mode_ == 5 || mode_ == 7) {
-            ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
-            ret = BAD_FUNC_ARG;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    #define TARGET_AES_KEY_BASE AES_KEY_BASE
+    if (mode_ == 1 || mode_ == 3|| mode_ == 5 || mode_ > 6) {
+        /* this should have been detected in aes.c and fall back to SW */
+        ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+        ret = BAD_FUNC_ARG;
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    #define TARGET_AES_KEY_BASE AES_KEY_0_REG
+    if (mode_ == 1 || mode_ == 3 || mode_ == 5 || mode_ > 6) {
+        /* this should have been detected in aes.c and fall back to SW */
+        ESP_LOGE(TAG, "esp_aes_hw_Set_KeyMode unsupported mode: %i", mode_);
+        ret = BAD_FUNC_ARG;
+    }
+#else
+    /* assume all modes supported, use AES_KEY_BASE */
+    #define TARGET_AES_KEY_BASE AES_KEY_BASE
+#endif
+
+    /* */
+    if (ret == ESP_OK) {
+        /* update key */
+        for (i = 0; i < (ctx->keylen) / sizeof(word32); i++) {
+            DPORT_REG_WRITE((volatile word32*)(TARGET_AES_KEY_BASE + (i * 4)),
+                            *(((word32*)ctx->key) + i)
+                           );
         }
-    #endif
 
-        if (ret == 0) {
+        if (ret == ESP_OK) {
             DPORT_REG_WRITE(AES_MODE_REG, mode_);
         }
         ESP_LOGV(TAG, "  leave esp_aes_hw_Setkey");
@@ -189,19 +245,38 @@ static int esp_aes_hw_Set_KeyMode(Aes *ctx, ESP32_AESPROCESS mode)
  */
 static void esp_aes_bk(const byte* in, byte* out)
 {
-    const word32 *inwords = (const word32 *)in;
+    const word32* inwords;
+    uint32_t* outwords;
 
-#if ESP_IDF_VERSION_MAJOR >= 4
-    uint32_t *outwords    = (uint32_t *)out;
-#else
-    word32 *outwords      = (word32 *)out;
-#endif
+    inwords = (const word32*)in;
+    outwords = (uint32_t*)out;
 
     ESP_LOGV(TAG, "enter esp_aes_bk");
-#if CONFIG_IDF_TARGET_ESP32S3
-    /* See esp32 - s3 technical reference manual:
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* copy text for encrypting/decrypting blocks */
+    DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
+    DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
+    DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
+    DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
+
+    /* start engine */
+    DPORT_REG_WRITE(AES_START_REG, 1);
+
+    /* wait until finishing the process */
+    while (1) {
+        if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
+            break;
+        }
+    }
+
+    /* read-out blocks */
+    esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* See ESP32-C3 technical reference manual:
     ** 19.4.3 Operation process using CPU working mode.
-    ** The ESP32-S3 also supports a DMA mode.
+    ** The ESP32-C3 also supports a DMA mode. (not ywt implemented)
     **
     ** Copy text for encrypting/decrypting blocks: */
     DPORT_REG_WRITE(AES_TEXT_IN_BASE, inwords[0]);
@@ -214,61 +289,158 @@ static void esp_aes_bk(const byte* in, byte* out)
 
     /* wait until finishing the process */
     while (DPORT_REG_READ(AES_STATE_REG) != 0) {
-        /* wating for the hardware accelerator to complete operation. */
+        /* waiting for the hardware accelerator to complete operation. */
     }
 
     /* read-out blocks */
-    esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_BASE, 4);
-#else
-    /* copy text for encrypting/decrypting blocks */
-    DPORT_REG_WRITE(AES_TEXT_BASE, inwords[0]);
-    DPORT_REG_WRITE(AES_TEXT_BASE + 4, inwords[1]);
-    DPORT_REG_WRITE(AES_TEXT_BASE + 8, inwords[2]);
-    DPORT_REG_WRITE(AES_TEXT_BASE + 12, inwords[3]);
+    esp_dport_access_read_buffer((uint32_t*)outwords, AES_TEXT_OUT_BASE, 4);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* See ESP32-C6 technical reference manual:
+    ** 18.4.3 Operation process using CPU working mode.
+    ** The ESP32-C6 also supports a DMA mode. (not ywt implemented)
+    **
+    ** Copy text for encrypting/decrypting blocks: */
+    DPORT_REG_WRITE(AES_TEXT_IN_0_REG, inwords[0]);
+    DPORT_REG_WRITE(AES_TEXT_IN_1_REG, inwords[1]);
+    DPORT_REG_WRITE(AES_TEXT_IN_2_REG, inwords[2]);
+    DPORT_REG_WRITE(AES_TEXT_IN_3_REG, inwords[3]);
 
     /* start engine */
-    DPORT_REG_WRITE(AES_START_REG, 1);
+    DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
 
     /* wait until finishing the process */
-    while (1) {
-        if (DPORT_REG_READ(AES_IDLE_REG) == 1) {
-            break;
-        }
+    while (DPORT_REG_READ(AES_STATE_REG) != 0) {
+        /* waiting for the hardware accelerator to complete operation. */
     }
 
     /* read-out blocks */
-    esp_dport_access_read_buffer(outwords, AES_TEXT_BASE, 4);
+    esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_0_REG, 4);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* See esp32 - s3 technical reference manual:
+    ** 19.4.3 Operation process using CPU working mode.
+    ** The ESP32-S3 also supports a DMA mode.
+    **
+    ** Copy text for encrypting/decrypting blocks: */
+    DPORT_REG_WRITE(AES_TEXT_IN_BASE, inwords[0]);
+    DPORT_REG_WRITE(AES_TEXT_IN_BASE + 4, inwords[1]);
+    DPORT_REG_WRITE(AES_TEXT_IN_BASE + 8, inwords[2]);
+    DPORT_REG_WRITE(AES_TEXT_IN_BASE + 12, inwords[3]);
+
+    /* start engine */
+    DPORT_REG_WRITE(AES_TRIGGER_REG, 1);
+
+    /* wait until finishing the process */
+    while (DPORT_REG_READ(AES_STATE_REG) != 0) {
+        /* waiting for the hardware accelerator to complete operation. */
+    }
+
+    /* read-out blocks */
+    esp_dport_access_read_buffer(outwords, AES_TEXT_OUT_BASE, 4);
+
+#else
+    ESP_LOGW(TAG, "Warning: esp_aes_bk called for unsupported target: %s",
+                   CONFIG_IDF_TARGET)
+
 #endif
 
     ESP_LOGV(TAG, "leave esp_aes_bk");
 } /* esp_aes_bk */
 
 /*
+* wc_esp32AesSupportedKeyLen
+* @brief: returns 1 if AES key length supported in HW, 0 if not
+* @param aes:a value of a ley length */
+int wc_esp32AesSupportedKeyLenValue(int keylen)
+{
+    int ret = ESP_OK;
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    if (keylen == 16 || keylen == 24 || keylen == 32) {
+        ret = 1;
+    }
+    else {
+        ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+    }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    if (keylen == 16 || keylen == 32) {
+        ret = 1;
+    }
+    else {
+        ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+    }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    if (keylen == 16 || keylen == 32) {
+        ret = 1;
+    }
+    else {
+        ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+    }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32H2)
+    ret = ESP_OK; /* not yet implemented */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    if (keylen == 16 || keylen == 32) {
+        ret = 1;
+    }
+    else {
+        ret = ESP_OK; /* keylen 24 (192 bit) not supported */
+    }
+
+#else
+    ret = ESP_OK; /* if we don't know, then it is not supported */
+
+#endif
+    return ret;
+}
+
+/*
+* wc_esp32AesSupportedKeyLen
+* @brief: returns 1 if AES key length supported in HW, 0 if not
+* @param aes: a pointer of the AES object used to encrypt data */
+int wc_esp32AesSupportedKeyLen(struct Aes* aes)
+{
+    int ret;
+    if (aes == NULL) {
+        ret = ESP_OK; /* we need a valid aes object to get its keylength */
+    }
+    else {
+        ret = wc_esp32AesSupportedKeyLenValue(aes->keylen);
+    }
+    return ret;
+}
+
+/*
 * wc_esp32AesEncrypt
 * @brief: a one block encrypt of the input block, into the output block
 * @param aes: a pointer of the AES object used to encrypt data
-* @param in : a pointer of the input buffer containing plain text to be encrypted
-* @param out: a pointer of the output buffer in which to store the cipher text of
-*             the encrypted message
+* @param in : a pointer of the input buffer containing
+*             plain text to be encrypted
+* @param out: a pointer of the output buffer in which to store the
+*             cipher text of the encrypted message
 * @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
 */
 int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
 {
-    int ret = 0;
+    int ret = ESP_OK;
 
     ESP_LOGV(TAG, "enter wc_esp32AesEncrypt");
     /* lock the hw engine */
     ret = esp_aes_hw_InUse();
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
-        if (ret != 0) {
-            ESP_LOGE(TAG, "wc_esp32AesEncrypt failed during esp_aes_hw_Set_KeyMode");
+        if (ret != ESP_OK) {
+            ESP_LOGE(TAG, "wc_esp32AesEncrypt failed "
+                          "during esp_aes_hw_Set_KeyMode");
         }
     }
 
     /* load the key into the register */
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         /* process a one block of AES */
         esp_aes_bk(in, out);
     }
@@ -282,9 +454,10 @@ int wc_esp32AesEncrypt(Aes *aes, const byte* in, byte* out)
 * wc_esp32AesDecrypt
 * @brief: a one block decrypt of the input block, into the output block
 * @param aes: a pointer of the AES object used to decrypt data
-* @param in : a pointer of the input buffer containing plain text to be decrypted
-* @param out: a pointer of the output buffer in which to store the cipher text of
-*             the decrypted message
+* @param in : a pointer of the input buffer containing
+*             plain text to be decrypted
+* @param out: a pointer of the output buffer in which to store the
+*             cipher text of the decrypted message
 * @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
 */
 int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
@@ -296,14 +469,15 @@ int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
     esp_aes_hw_InUse();
     /* load the key into the register */
     ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
-    if (ret != 0) {
-        ESP_LOGE(TAG, "wc_esp32AesDecrypt failed during esp_aes_hw_Set_KeyMode");
+    if (ret != ESP_OK) {
+        ESP_LOGE(TAG, "wc_esp32AesDecrypt failed "
+                      "during esp_aes_hw_Set_KeyMode");
         /* release hw */
         esp_aes_hw_Leave();
         ret = BAD_FUNC_ARG;
     }
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         /* process a one block of AES */
         esp_aes_bk(in, out);
         /* release hw engine */
@@ -316,12 +490,13 @@ int wc_esp32AesDecrypt(Aes *aes, const byte* in, byte* out)
 /*
 * wc_esp32AesCbcEncrypt
 * @brief: Encrypts a plain text message from the input buffer, and places the
-*         resulting cipher text into the output buffer using cipher block chaining
-*         with AES.
+*         resulting cipher text into the output buffer using cipher block
+*         chaining with AES.
 * @param aes: a pointer of the AES object used to encrypt data
-* @param out: a pointer of the output buffer in which to store the cipher text of
-*             the encrypted message
-* @param in : a pointer of the input buffer containing plain text to be encrypted
+* @param out: a pointer of the output buffer in which to store the
+              cipher text of the encrypted message
+* @param in : a pointer of the input buffer containing
+*             plain text to be encrypted
 * @param sz : size of input message
 * @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
 */
@@ -340,14 +515,14 @@ int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 
     ret = esp_aes_hw_InUse();
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_ENCRYPT);
-        if (ret != 0) {
-            ESP_LOGE(TAG, "wc_esp32AesCbcEncrypt failed HW Set KeyMode");
+        if (ret != ESP_OK) {
+            ESP_LOGW(TAG, "wc_esp32AesCbcEncrypt failed HW Set KeyMode");
         }
     } /* if set esp_aes_hw_InUse successful */
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         while (blocks--) {
             XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
 
@@ -363,22 +538,23 @@ int wc_esp32AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
             /* store IV for next block */
             XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE);
         } /* while (blocks--) */
-    } /* if Set Mode successful (ret == 0) */
+    } /* if Set Mode successful (ret == ESP_OK) */
 
     esp_aes_hw_Leave();
     ESP_LOGV(TAG, "leave wc_esp32AesCbcEncrypt");
-    return 0;
+    return ret;
 } /* wc_esp32AesCbcEncrypt */
 
 /*
 * wc_esp32AesCbcDecrypt
 * @brief: Encrypts a plain text message from the input buffer, and places the
-*         resulting cipher text into the output buffer using cipher block chaining
-*         with AES.
+*         resulting cipher text into the output buffer using cipher block
+*         chaining with AES.
 * @param aes: a pointer of the AES object used to decrypt data
-* @param out: a pointer of the output buffer in which to store the cipher text of
-*             the decrypted message
-* @param in : a pointer of the input buffer containing plain text to be decrypted
+* @param out: a pointer of the output buffer in which to store the
+*             cipher text of the decrypted message
+* @param in : a pointer of the input buffer containing
+*             plain text to be decrypted
 * @param sz : size of input message
 * @return: 0 on success, BAD_FUNC_ARG if the AES algorithm isn't supported.
 */
@@ -398,14 +574,14 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 
     ret = esp_aes_hw_InUse();
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         ret = esp_aes_hw_Set_KeyMode(aes, ESP32_AES_UPDATEKEY_DECRYPT);
-        if (ret != 0) {
-            ESP_LOGE(TAG, "wc_esp32AesCbcDecrypt failed HW Set KeyMode");
+        if (ret != ESP_OK) {
+            ESP_LOGW(TAG, "wc_esp32AesCbcDecrypt failed HW Set KeyMode");
         }
     }
 
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         while (blocks--) {
             XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE);
 
@@ -421,12 +597,49 @@ int wc_esp32AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
 
             offset += AES_BLOCK_SIZE;
         } /* while (blocks--) */
-    } /* if Set Mode was successful (ret == 0) */
+    } /* if Set Mode was successful (ret == ESP_OK) */
 
     esp_aes_hw_Leave();
     ESP_LOGV(TAG, "leave wc_esp32AesCbcDecrypt");
-    return 0;
+    return ret;
 } /* wc_esp32AesCbcDecrypt */
 
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* WOLFSSL_ESP32_CRYPT */
 #endif /* NO_AES */
+
+/* Metrics */
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+
+#if defined(WOLFSSL_HW_METRICS)
+
+/* increment esp_aes_unsupported_length_usage_ct and return current value */
+int wc_esp32AesUnupportedLengthCountAdd(void) {
+    esp_aes_unsupported_length_usage_ct++;
+    return esp_aes_unsupported_length_usage_ct;
+}
+
+#endif /* WOLFSSL_HW_METRICS */
+
+/* Show AES Metrics when enabled, otherwise callable but no action. */
+int esp_hw_show_aes_metrics(void)
+{
+    int ret = ESP_OK;
+
+#if defined(WOLFSSL_HW_METRICS)
+
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "------------- wolfSSL ESP HW AES Metrics----------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+
+    ESP_LOGI(TAG, "esp_aes_unsupported_length_usage_ct = %lu",
+                   esp_aes_unsupported_length_usage_ct);
+#else
+    /* no HW math, no HW math metrics */
+
+#endif /* WOLFSSL_HW_METRICS */
+
+    return ret;
+}
+#endif /* WOLFSSL_ESP32_CRYPT && !NO_WOLFSSL_ESP32_CRYPT_AES */
+
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
index 982991ac..20fb4ee9 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_mp.c
@@ -18,20 +18,43 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#include <string.h>
-#include <stdio.h>
+
+/*
+ * See ESP32 Technical Reference Manual - RSA Accelerator Chapter
+ *
+ * esp_mp_exptmod()  Large Number Modular Exponentiation Z = X^Y mod M
+ * esp_mp_mulmod()   Large Number Modular Multiplication Z = X × Y mod M
+ * esp_mp_mul()      Large Number Multiplication         Z = X × Y
+ *
+ * The ESP32 RSA Accelerator supports operand lengths of:
+ * N ∈ {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096} bits. The bit length
+ * of arguments Z, X, Y , M, and r can be any one from the N set, but all
+ * numbers in a calculation must be of the same length.
+ *
+ * The bit length of M′ is always 32.
+ *
+ * Also, beware: "we have uint32_t == unsigned long for both Xtensa and RISC-V"
+ * see https://github.com/espressif/esp-idf/issues/9511#issuecomment-1207342464
+ * https://docs.espressif.com/projects/esp-idf/en/latest/esp32/migration-guides/release-5.x/5.0/gcc.html
+ */
 
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
 #include <wolfssl/wolfcrypt/settings.h>
 
-#include "wolfssl/wolfcrypt/logging.h"
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#include <wolfssl/wolfcrypt/logging.h>
 
 #if !defined(NO_RSA) || defined(HAVE_ECC)
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
 
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
@@ -41,25 +64,138 @@
 #endif
 #include <wolfssl/wolfcrypt/wolfmath.h>
 
-static const char* const TAG = "wolfssl_mp";
+#ifndef SINGLE_THREADED
+    /* Espressif freeRTOS */
+    #include <freertos/semphr.h>
+#endif
 
 #define ESP_HW_RSAMAX_BIT           4096
 #define ESP_HW_MULTI_RSAMAX_BITS    2048
 #define ESP_HW_RSAMIN_BIT           512
-#define BYTE_TO_WORDS(s)            (((s+3)>>2))           /* (s+(4-1))/ 4    */
-#define BITS_TO_WORDS(s)            (((s+31)>>3)>>2)       /* (s+(32-1))/ 8/ 4*/
+
+/* (s+(4-1))/ 4    */
+#define BYTE_TO_WORDS(s)            (((s+3)>>2))
+
+/* (s+(32-1))/ 8/ 4*/
+#define BITS_TO_WORDS(s)            (((s+31)>>3)>>2)
+
 #define BITS_IN_ONE_WORD            32
 
-#define MP_NG   -1
+#ifndef ESP_RSA_MULM_BITS
+    #define ESP_RSA_MULM_BITS 16
+#endif
+
+#ifndef ESP_RSA_EXPT_XBITS
+    #define ESP_RSA_EXPT_XBITS 8
+#endif
+
+#ifndef ESP_RSA_EXPT_YBITS
+    #define ESP_RSA_EXPT_YBITS 8
+#endif
 
 #define ESP_TIMEOUT(cnt)         (cnt >= ESP_RSA_TIMEOUT_CNT)
 
+#if defined(CONFIG_IDF_TARGET_ESP32C3)
+    #include <soc/system_reg.h>
+    #include <soc/hwcrypto_reg.h>
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    #include <soc/pcr_reg.h>
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    #include <soc/system_reg.h>
+    #include <soc/hwcrypto_reg.h>
+#endif
+
+static const char* const TAG = "wolfssl_esp32_mp";
+
+#ifdef DEBUG_WOLFSSL
+    static int hw_validation = 0; /* validating HW and SW? (prevent HW call) */
+    #define SET_HW_VALIDATION {hw_validation = 1;}
+    #define CLR_HW_VALIDATION {hw_validation = 0;}
+    #define IS_HW_VALIDATION (hw_validation == 1)
+    #undef WOLFSSL_HW_METRICS
+
+    /* usage metrics always on during debug */
+    #define WOLFSSL_HW_METRICS
+#endif
+
+/* For esp_mp_exptmod and esp_mp_mulmod we need a variety of calculated helper
+** values to properly setup the hardware. See esp_mp_montgomery_init() */
+struct esp_mp_helper
+{
+    MATH_INT_T r_inv; /* result of calculated Montgomery helper */
+    word32 exp;
+    word32 Xs;  /* how many bits in X operand  */
+    word32 Ys;  /* how many bits in Y operand  */
+    word32 Ms;  /* how many bits in M operand  */
+    word32 Rs;  /* how many bits in R_inv calc */
+    word32 maxWords_sz; /* maximum words expected */
+    word32 hwWords_sz;
+    mp_digit mp; /* result of calculated Montgomery M' helper */
+#ifdef DEBUG_WOLFSSL
+    mp_digit mp2; /* optional compare to alternate Montgomery calc */
+#endif
+};
+
+static portMUX_TYPE wc_rsa_reg_lock = portMUX_INITIALIZER_UNLOCKED;
+
+/* usage metrics can be turned on independently of debugging */
+#ifdef WOLFSSL_HW_METRICS
+        static unsigned long esp_mp_max_used = 0;
+
+        static unsigned long esp_mp_mulmod_small_x_ct = 0;
+        static unsigned long esp_mp_mulmod_small_y_ct = 0;
+
+        static unsigned long esp_mp_max_timeout = 0;
+
+    #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+        static unsigned long esp_mp_mul_usage_ct = 0;
+        static unsigned long esp_mp_mul_error_ct = 0;
+    #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+    #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+        static unsigned long esp_mp_mulmod_usage_ct = 0;
+        static unsigned long esp_mp_mulmod_fallback_ct = 0;
+        static unsigned long esp_mp_mulmod_even_mod_ct = 0;
+        static unsigned long esp_mp_mulmod_error_ct = 0;
+    #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+    #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+        static unsigned long esp_mp_exptmod_usage_ct = 0;
+        static unsigned long esp_mp_exptmod_error_ct = 0;
+        static unsigned long esp_mp_exptmod_fallback_ct = 0;
+    #endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+#endif
+
 /* mutex */
-static wolfSSL_Mutex mp_mutex;
-static int espmp_CryptHwMutexInit = 0;
+#ifdef SINGLE_THREADED
+    int single_thread_locked = 0;
+#else
+    static wolfSSL_Mutex mp_mutex;
+    static int espmp_CryptHwMutexInit = 0;
+#endif
+
+#ifdef DEBUG_WOLFSSL
+    /* when debugging, we'll double-check the mutex with call depth */
+    #ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+        static int esp_mp_exptmod_depth_counter = 0;
+    #endif /* NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+#endif /* DEBUG_WOLFSSL */
+
 /*
 * check if the HW is ready before accessing it
 *
+* See 24.3.1 Initialization of ESP32 Technical Reference Manual
+* https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
+*
+* The RSA Accelerator is activated by enabling the corresponding peripheral
+* clock, and by clearing the DPORT_RSA_PD bit in the DPORT_RSA_PD_CTRL_REG
+* register. This releases the RSA Accelerator from reset.
+*
+* See esp_mp_hw_lock().
+*
+* Note we'll also keep track locally if the lock was called at all.
+* For instance, fallback to SW for very small operand and we won't lock HW.
+*
 * When the RSA Accelerator is released from reset, the register RSA_CLEAN_REG
 * reads 0 and an initialization process begins. Hardware initializes the four
 * memory blocks by setting them to 0. After initialization is complete,
@@ -69,27 +205,82 @@ static int espmp_CryptHwMutexInit = 0;
 */
 static int esp_mp_hw_wait_clean(void)
 {
-	int ret = MP_OKAY;
+    int ret = MP_OKAY;
     word32 timeout = 0;
 
-#if CONFIG_IDF_TARGET_ESP32S3
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* RSA_CLEAN_REG is now called RSA_QUERY_CLEAN_REG.
+    ** hwcrypto_reg.h maintains RSA_CLEAN_REG for backwards compatibility:
+    ** so this block _might_ not be needed in some circumstances. */
+    ESP_EM__PRE_MP_HW_WAIT_CLEAN
 
-    while (!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1)
-    {
-      /*  wait. expected delay 1 to 2 uS  */
+    /* wait until ready,
+    ** or timeout counter exceeds ESP_RSA_TIMEOUT_CNT in user_settings */
+    while(!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_CLEAN_REG) == 0) {
+        /*  wait. expected delay 1 to 2 uS  */
+        ESP_EM__MP_HW_WAIT_CLEAN
     }
-#else
-  /* RSA_CLEAN_REG is now called RSA_QUERY_CLEAN_REG. hwcrypto_reg.h maintains
-   * RSA_CLEAN_REG for backwards compatibility so this block _might_ be not needed. */
-    while(!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(RSA_CLEAN_REG) != 1) {
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+    ESP_EM__PRE_MP_HW_WAIT_CLEAN
+    while (!ESP_TIMEOUT(++timeout) &&
+        DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1) {
         /*  wait. expected delay 1 to 2 uS  */
+        ESP_EM__MP_HW_WAIT_CLEAN
     }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    ESP_EM__PRE_MP_HW_WAIT_CLEAN
+    while (!ESP_TIMEOUT(++timeout) &&
+            DPORT_REG_READ(RSA_QUERY_CLEAN_REG) != 1) {
+        /*  wait. expected delay 1 to 2 uS  */
+        ESP_EM__MP_HW_WAIT_CLEAN
+    }
+#else
+    /* no HW timeout if we don't know the platform. assumes no HW */
 #endif
 
+    #if defined(WOLFSSL_HW_METRICS)
+    {
+        esp_mp_max_timeout = (timeout > esp_mp_max_timeout) ? timeout :
+                                                        esp_mp_max_timeout;
+    }
+    #endif
+
     if (ESP_TIMEOUT(timeout)) {
         ESP_LOGE(TAG, "esp_mp_hw_wait_clean waiting HW ready timed out.");
-        ret = MP_NG;
+        ret = WC_HW_WAIT_E; /* hardware is busy, MP_HW_BUSY; */
+    }
+    return ret;
+}
+
+/*
+** esp_mp_hw_islocked() - detect if we've locked the HW for use.
+**
+** WARNING: this does *not* detect separate calls to the
+**          periph_module_disable() and periph_module_enable().
+*/
+static int esp_mp_hw_islocked(void)
+{
+    int ret = FALSE;
+#ifdef SINGLE_THREADED
+    if (single_thread_locked == FALSE) {
+        /* not in use */
+        ESP_LOGV(TAG, "SINGLE_THREADED esp_mp_hw_islocked = false");
+    }
+    else {
+        ESP_LOGV(TAG, "SINGLE_THREADED esp_mp_hw_islocked = true");
+        ret = TRUE;
     }
+#else
+    TaskHandle_t mutexHolder = xSemaphoreGetMutexHolder(mp_mutex);
+    if (mutexHolder == NULL) {
+        /* Mutex is not in use */
+        ESP_LOGV(TAG, "multi-threaded esp_mp_hw_islocked = false");
+    }
+    else {
+        ESP_LOGV(TAG, "multi-threaded esp_mp_hw_islocked = true");
+        ret = TRUE;
+    }
+#endif
     return ret;
 }
 
@@ -99,7 +290,7 @@ static int esp_mp_hw_wait_clean(void)
 * Lock HW engine.
 * This should be called before using engine.
 *
-* Returns 0 if the HW lock was initialized and mutex lock.
+* Returns 0 (ESP_OK) if the HW lock was initialized and mutex lock.
 *
 * See Chapter 24:
 *  https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
@@ -115,98 +306,294 @@ static int esp_mp_hw_wait_clean(void)
 * after being released from reset, and before writing to any RSA Accelerator
 * memory blocks or registers for the first time.
 */
-static int esp_mp_hw_lock()
+static int esp_mp_hw_lock(void)
 {
-    int ret = 0;
+    int ret = ESP_OK;
 
     ESP_LOGV(TAG, "enter esp_mp_hw_lock");
-
-    if (espmp_CryptHwMutexInit == 0) {
+#ifdef SINGLE_THREADED
+    single_thread_locked = TRUE;
+#else
+    if (espmp_CryptHwMutexInit == ESP_OK) {
         ret = esp_CryptHwMutexInit(&mp_mutex);
-        if (ret == 0) {
+        if (ret == ESP_OK) {
             /* flag esp mp as initialized */
-            espmp_CryptHwMutexInit = 1;
+            espmp_CryptHwMutexInit = TRUE;
         }
         else {
             ESP_LOGE(TAG, "mp mutex initialization failed.");
         }
     }
     else {
-        /* ESP AES has already been initialized */
+        /* mp_mutex has already been initialized */
     }
 
-    if (ret == 0) {
-        /* lock hardware */
-        ret = esp_CryptHwMutexLock(&mp_mutex, portMAX_DELAY);
-        if (ret != 0) {
+    /* Set our mutex to indicate the HW is in use */
+    if (ret == ESP_OK) {
+        /* lock hardware; there should be exactly one instance
+         * of esp_CryptHwMutexLock(&mp_mutex ...) in code  */
+        /* TODO - do we really want to wait?
+         *    probably not */
+        ret = esp_CryptHwMutexLock(&mp_mutex, ESP_MP_HW_LOCK_MAX_DELAY);
+        if (ret != ESP_OK) {
             ESP_LOGE(TAG, "mp engine lock failed.");
-            ret = MP_NG;
+            ret = WC_HW_WAIT_E; /* caller is expected to fall back to SW */
         }
    }
+#endif /* not SINGLE_THREADED */
 
-#if CONFIG_IDF_TARGET_ESP32S3
-    /* Activate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* Enable RSA hardware */
+    if (ret == ESP_OK) {
+        periph_module_enable(PERIPH_RSA_MODULE);
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            /* clear bit to enable hardware operation; (set to disable) */
+            DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+            ESP_EM__POST_SP_MP_HW_LOCK
+
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* Activate the RSA accelerator. See 20.3 of ESP32-C3 technical manual.
+     * periph_module_enable doesn't seem to be documented and in private folder
+     * with v5 release. Maybe it will be deprecated?
+     *
+     * The ESP32-C3 RSA Accelerator is activated by:
+     * setting the SYSTEM_CRYPTO_RSA_CLK_EN bit in the SYSTEM_PERIP_CLK_EN1_REG
+     * register and:
+     * clearing the SYSTEM_RSA_MEM_PD bit in the SYSTEM_RSA_PD_CTRL_REG reg.
+     * This releases the RSA Accelerator from reset.*/
+    if (ret == ESP_OK) {
+        periph_module_enable(PERIPH_RSA_MODULE);
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            DPORT_REG_SET_BIT((volatile void *)(SYSTEM_PERIP_CLK_EN1_REG),
+                                                SYSTEM_CRYPTO_RSA_CLK_EN );
+            DPORT_REG_CLR_BIT((volatile void *)(SYSTEM_RSA_PD_CTRL_REG),
+                                                SYSTEM_RSA_MEM_PD );
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* See: 21.3 Functional Description
+     *
+     * The RSA accelerator is activated on the ESP32-C6 by:
+     *   setting  the PCR_RSA_CLK_EN bit
+     *      and
+     *   clearing the PCR_RSA_RST_EN bit
+     * in the PCR_RSA_CONF_REG register.
+     *
+     * Additionally, users also need to clear PCR_DS_RST_EN bit to
+     * reset Digital Signature (DS).*/
+    if (ret == ESP_OK) {
+        periph_module_enable(PERIPH_RSA_MODULE);
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            /* TODO: When implementing DS (Digital Signature HW), need to
+             * check if it is in use before disabling: */
+            DPORT_REG_CLR_BIT((volatile void *)(PCR_DS_CONF_REG),
+                                                PCR_DS_RST_EN );
+
+            DPORT_REG_SET_BIT((volatile void *)(PCR_RSA_CONF_REG),
+                                                PCR_RSA_CLK_EN );
+            DPORT_REG_CLR_BIT((volatile void *)(PCR_RSA_CONF_REG),
+                                                PCR_RSA_RST_EN );
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* Activate the RSA accelerator. See 18.3 of ESP32-S2 technical manual.
      * periph_module_enable doesn't seem to be documented and in private folder
      * with v5 release. Maybe it will be deprecated? */
-    if (ret == 0) {
+    if (ret == ESP_OK) {
         periph_module_enable(PERIPH_RSA_MODULE);
-
-        /* clear bit to enable hardware operation; (set to disable) */
-        DPORT_REG_CLR_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            /* Note these names are different from those in the documentation!
+             *
+             * Documenation lists the same names as the ESP32-C3:
+             *
+             * DPORT_REG_SET_BIT((volatile void *)(SYSTEM_PERIP_CLK_EN1_REG),
+             *                   SYSTEM_CRYPTO_RSA_CLK_EN );
+             * DPORT_REG_CLR_BIT((volatile void *)(SYSTEM_RSA_PD_CTRL_REG),
+             *                   SYSTEM_RSA_MEM_PD );
+             *
+             * However, in the sytem_reg.h, the names below were found:
+             */
+            DPORT_REG_SET_BIT((volatile void *)(DPORT_CPU_PERIP_CLK_EN1_REG),
+                                                DPORT_CRYPTO_RSA_CLK_EN );
+            DPORT_REG_CLR_BIT((volatile void *)(DPORT_RSA_PD_CTRL_REG),
+                                                DPORT_RSA_MEM_PD );
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
     }
-#else
-    /* Enable RSA hardware */
-    if (ret == 0) {
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* Activate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
+     * periph_module_enable doesn't seem to be documented and in private folder
+     * with v5 release. Maybe it will be deprecated? */
+    if (ret == ESP_OK) {
         periph_module_enable(PERIPH_RSA_MODULE);
-
-        /* clear bit to enable hardware operation; (set to disable) */
-        DPORT_REG_CLR_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            /* clear bit to enable hardware operation; (set to disable) */
+            DPORT_REG_CLR_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
     }
+#else
+    /* when unknown or not implemented, assume there's no HW to lock */
 #endif
 
     /* reminder: wait until RSA_CLEAN_REG reads 1
-     *  see esp_mp_hw_wait_clean()
-     */
-
+    **   see esp_mp_hw_wait_clean() */
     ESP_LOGV(TAG, "leave esp_mp_hw_lock");
     return ret;
 }
 
 /*
-*   Release HW engine
+**  Release RSA HW engine
 */
-static void esp_mp_hw_unlock( void )
+static int esp_mp_hw_unlock(void)
 {
-#if CONFIG_IDF_TARGET_ESP32S3
-    /* Deactivate the RSA accelerator. See 20.3 of ESP32-S3 technical manual.
-     * periph_module_enable doesn't seem to be documented and in private folder
-     * with v5 release. Maybe it will be deprecated? */
-    DPORT_REG_SET_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
-    periph_module_disable(PERIPH_RSA_MODULE);
+    int ret = MP_OKAY;
+    if (esp_mp_hw_islocked()) {
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+        /* set bit to disabled hardware operation; (clear to enable) */
+        DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+
+        /* Disable RSA hardware */
+        periph_module_disable(PERIPH_RSA_MODULE);
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+        /* Deactivate the RSA accelerator.
+         * See 20.3 of ESP32-C3 technical manual.
+         * periph_module_enable doesn't seem to be documented and in private
+         * folder with v5 release. Maybe it will be deprecated?
+         * The ESP32-C3 RSA Accelerator is activated by:
+         * setting the SYSTEM_CRYPTO_RSA_CLK_EN bit
+         *      in the SYSTEM_PERIP_CLK_EN1_REG register and:
+         * clearing the SYSTEM_RSA_MEM_PD bit
+         *      in the SYSTEM_RSA_PD_CTRL_REG reg.
+         * This releases the RSA Accelerator from reset.*/
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            DPORT_REG_CLR_BIT(
+                 (volatile void *)(DR_REG_RSA_BASE + SYSTEM_CRYPTO_RSA_CLK_EN),
+                                   SYSTEM_PERIP_CLK_EN1_REG);
+            DPORT_REG_SET_BIT(
+                (volatile void *)(DR_REG_RSA_BASE + SYSTEM_RSA_MEM_PD),
+                                  SYSTEM_RSA_PD_CTRL_REG);
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+        /* TODO: When implementing DS (Digital Signature HW), need to
+         * notify RSA HW is available. */
+
+        portENTER_CRITICAL_SAFE(&wc_rsa_reg_lock);
+        {
+            DPORT_REG_SET_BIT((volatile void *)(PCR_RSA_CONF_REG),
+                                                PCR_RSA_RST_EN);
+            DPORT_REG_CLR_BIT((volatile void *)(PCR_RSA_CONF_REG),
+                                                PCR_RSA_CLK_EN);
+        }
+        portEXIT_CRITICAL_SAFE(&wc_rsa_reg_lock);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+        /* Deactivate the RSA accelerator.
+         * See 20.3 of ESP32-S3 technical manual.
+         * periph_module_enable doesn't seem to be documented and is
+         * in private folder with v5 release. Maybe it will be deprecated? */
+        DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_MEM_PD);
+        periph_module_disable(PERIPH_RSA_MODULE);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+        /* Deactivate the RSA accelerator.
+         * See 20.3 of ESP32-S3 technical manual.
+         * periph_module_enable doesn't seem to be documented and is
+         * in private folder with v5 release. Maybe it will be deprecated? */
+        DPORT_REG_SET_BIT(SYSTEM_RSA_PD_CTRL_REG, SYSTEM_RSA_MEM_PD);
+        periph_module_disable(PERIPH_RSA_MODULE);
+#else
+        /* unknown platform, assume no HW to unlock  */
+        ESP_LOGW(TAG, "Warning: esp_mp_hw_unlock called for unknown target");
+#endif  /* per-SoC unlock */
 
+#if defined(SINGLE_THREADED)
+        single_thread_locked = FALSE;
 #else
-    /* set bit to disabled hardware operation; (clear to enable)
-     */
-    DPORT_REG_SET_BIT(DPORT_RSA_PD_CTRL_REG, DPORT_RSA_PD);
+        esp_CryptHwMutexUnLock(&mp_mutex);
+#endif /* SINGLE_THREADED */
 
-    /* Disable RSA hardware */
-    periph_module_disable(PERIPH_RSA_MODULE);
-#endif
+        ESP_LOGV(TAG, "exit esp_mp_hw_unlock");
+    }
+    else {
+        ESP_LOGW(TAG, "Warning: esp_mp_hw_unlock called when not locked.");
+    }
 
-    /* unlock */
-    esp_CryptHwMutexUnLock(&mp_mutex);
+    return ret;
 }
 
-/* this is based on an article by Cetin Kaya Koc,
- * A New Algorithm for Inversion: mod p^k, June 28 2017 */
+/* Only mulmod and mulexp_mod HW accelerator need Montgomery math prep: M' */
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+      || \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+
 static int esp_calc_Mdash(MATH_INT_T *M, word32 k, mp_digit* md)
 {
+    int ret = MP_OKAY;
+    ESP_LOGV(TAG, "\nBegin esp_calc_Mdash \n");
+
+#ifdef USE_ALT_MPRIME
+    /* M' = M^(-1) mod b; b = 2^32 */
+
+    /* Call Large Number Modular Exponentiation
+     *
+     *    Z = X^Y mod M
+     *
+     *    mp_exptmod notation: Y = (G ^ X) mod P
+     *
+     *    G is our parameter: M
+     */
+    MATH_INT_T X[1] = { };
+    MATH_INT_T P[1] = { };
+    MATH_INT_T Y[1] = { };
+    word32 Xs;
+
+    ESP_LOGV(TAG, "\nBegin esp_calc_Mdash USE_ALT_MPRIME\n");
+
+    mp_init(X);
+    mp_init(P);
+    mp_init(Y);
+
+    /* MATH_INT_T value of (-1) */
+    X->dp[0] = 1;
+    X->sign = MP_NEG;
+    X->used = 1;
+
+    Xs = mp_count_bits(X);
+
+    /* MATH_INT_T value of 2^32 */
+    P->dp[1] = 1;
+    P->used = 2;
+
+    /* this fails due to even P number; ((b & 1) == 0) in fp_montgomery_setup()
+     * called from _fp_exptmod_ct, called from fp_exptmod */
+    ret = mp_exptmod(M, X, P, Y);
+
+    *md = Y->dp[0];
+    ESP_LOGI(TAG, "esp_calc_Mdash %u", *md);
+#else
+    /* this is based on an article by Cetin Kaya Koc,
+     * A New Algorithm for Inversion: mod p^k, June 28 2017 */
     int i;
     int xi;
     int b0 = 1;
     int bi;
     word32  N = 0;
     word32  x;
+    ESP_LOGV(TAG, "\nBegin esp_calc_Mdash\n");
 
     N = M->dp[0];
     bi = b0;
@@ -222,74 +609,276 @@ static int esp_calc_Mdash(MATH_INT_T *M, word32 k, mp_digit* md)
     }
     /* 2's complement */
     *md = ~x + 1;
-    return MP_OKAY;
+#endif
+
+    ESP_LOGV(TAG, "\nEnd esp_calc_Mdash \n");
+    return ret;
 }
+#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_[MULMOD/EXPTMOD] for M' */
 
-/* start HW process */
-static void process_start(word32 reg)
+/* the result may need to have extra bytes zeroed or used length adjusted */
+static int esp_clean_result(MATH_INT_T* Z, int used_padding)
 {
-     /* clear interrupt */
-    DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
-    /* start process  */
-    DPORT_REG_WRITE(reg, 1);
+    int ret = MP_OKAY;
+    uint16_t this_extra;
+
+/* TODO remove this section if MP_SIZE accepted into sp_int.h
+** See https://github.com/wolfSSL/wolfssl/pull/6565 */
+    uint16_t dp_length = 0; (void) dp_length;
+#ifdef USE_FAST_MATH
+    #undef MP_SIZE
+    #define MP_SIZE FP_SIZE
+    dp_length = FP_SIZE;
+#else
+    #undef MP_SIZE
+    #define MP_SIZE 128
+    dp_length = SP_INT_DIGITS;
+#endif
+/* TODO end */
+
+    this_extra = Z->used;
+    if (this_extra > MP_SIZE) {
+        ESP_LOGW(TAG, "Warning (Z->used: %d) > (MP_SIZE: %d); adjusting...",
+                                Z->used,        MP_SIZE);
+        this_extra = MP_SIZE;
+    }
+
+    while (Z->dp[this_extra] > 0 && (this_extra < MP_SIZE)) {
+        ESP_LOGV(TAG, "Adjust! %d", this_extra);
+        Z->dp[this_extra] = 0;
+        this_extra++;
+    }
+
+    /* trim any trailing zeros and adjust z.used size */
+    if (Z->used > 0) {
+        ESP_LOGV(TAG, "ZTrim: Z->used = %d", Z->used);
+        for (size_t i = Z->used; i > 0; i--) {
+            if (Z->dp[i - 1] == 0) {
+                /* last element in zero based array */
+                Z->used = i - 1;
+            }
+            else {
+                break; /* if not zero, nothing else to do */
+            }
+        }
+        ESP_LOGV(TAG, "New Z->used = %d", Z->used);
+    }
+    else {
+        ESP_LOGV(TAG, "no z-trim needed");
+    }
+
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+    if (Z->sign != 0) {
+        mp_setneg(Z); /* any value other than zero is assumed negative */
+    }
+#endif
+
+    /* a result of 1 is interesting */
+    if ((Z->dp[0] == 1) && (Z->used == 1)) {
+        /*
+         * When the exponent is 0: In this case, the result of the modular
+         * exponentiation operation will always be 1, regardless of the value
+         * of the base.
+         *
+         * When the base is 1: If the base is equal to 1, then the result of
+         * the modular exponentiation operation will always be 1, regardless
+         * of the value of the exponent.
+         *
+         * When the exponent is equal to the totient of the modulus: If the
+         * exponent is equal to the totient of the modulus, and the base is
+         * relatively prime to the modulus, then the result of the modular
+         * exponentiation operation will be 1.
+         */
+        ESP_LOGV(TAG, "Z->dp[0] == 1");
+    }
+
+    return ret;
 }
 
-/* wait until done */
+/* Start HW process. Reg is SoC-specific register. */
+static int process_start(u_int32_t reg)
+{
+    int ret = MP_OKAY;
+    /* see 3.16 "software needs to always use the "volatile"
+    ** attribute when accessing registers in these two address spaces. */
+    DPORT_REG_WRITE((volatile word32*)reg, 1);
+    ESP_EM__POST_PROCESS_START;
+
+    return ret;
+}
+
+/* wait until RSA math register indicates operation completed */
 static int wait_until_done(word32 reg)
 {
+    int ret = MP_OKAY;
     word32 timeout = 0;
+
     /* wait until done && not timeout */
-    while (!ESP_TIMEOUT(++timeout) &&
-                DPORT_REG_READ(reg) != 1) {
-        /* wait */
+    ESP_EM__MP_HW_WAIT_DONE;
+    while (!ESP_TIMEOUT(++timeout) && DPORT_REG_READ(reg) != 1) {
+        asm volatile("nop"); /* wait */
     }
+    ESP_EM__DPORT_FIFO_READ;
+
+#if defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* Write 1 or 0 to the RSA_INT_ENA_REG register to
+     * enable or disable the interrupt function. */
+    DPORT_REG_WRITE(RSA_INT_CLR_REG, 1); /* write 1 to clear */
+    DPORT_REG_WRITE(RSA_INT_ENA_REG, 0); /* disable */
 
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* not currently clearing / disable on C3 */
+    DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
+
+#else
     /* clear interrupt */
     DPORT_REG_WRITE(RSA_INTERRUPT_REG, 1);
 
+#endif
+
     if (ESP_TIMEOUT(timeout)) {
-        ESP_LOGE(TAG, "rsa operation is timed out.");
-        return MP_NG;
+        ESP_LOGE(TAG, "rsa operation timed out.");
+        ret = WC_HW_E; /* MP_HW_ERROR; */
     }
 
-    return MP_OKAY;
+    return ret;
 }
 
 /* read data from memory into mp_init          */
-static void esp_memblock_to_mpint(word32 mem_address,
-                                  MATH_INT_T* mp,
-                                  word32 numwords)
+static int esp_memblock_to_mpint(const word32 mem_address,
+                                 MATH_INT_T* mp,
+                                 word32 numwords)
 {
-    esp_dport_access_read_buffer((uint32_t*)mp->dp, mem_address, numwords);
+    int ret = MP_OKAY;
+#ifdef USE_ESP_DPORT_ACCESS_READ_BUFFER
+    esp_dport_access_read_buffer((word32*)mp->dp, mem_address, numwords);
+#else
+    ESP_EM__PRE_DPORT_READ;
+    DPORT_INTERRUPT_DISABLE();
+    ESP_EM__READ_NON_FIFO_REG;
+    for (volatile word32 i = 0;  i < numwords; ++i) {
+        ESP_EM__3_16;
+        mp->dp[i] = DPORT_SEQUENCE_REG_READ(
+                        (volatile word32)(mem_address + i * 4));
+    }
+    DPORT_INTERRUPT_RESTORE();
+#endif
     mp->used = numwords;
+
+#if defined(ESP_VERIFY_MEMBLOCK)
+    ret = XMEMCMP((const word32 *)mem_address, /* HW reg memory */
+                  (const word32 *)&mp->dp,     /* our dp value  */
+                  numwords * sizeof(word32));
+
+    if (ret != ESP_OK) {
+        ESP_LOGW(TAG, "Validation Failure esp_memblock_to_mpint.\n"
+                      "Reading %u Words at Address =  0x%08x",
+                       (int)(numwords * sizeof(word32)),
+                       (unsigned int)mem_address);
+        ESP_LOGI(TAG, "Trying again... ");
+        esp_dport_access_read_buffer((word32*)mp->dp, mem_address, numwords);
+        mp->used = numwords;
+        if (0 != XMEMCMP((const void *)mem_address,
+                         (const void *)&mp->dp,
+                         numwords * sizeof(word32))) {
+            ESP_LOGE(TAG, "Validation Failure esp_memblock_to_mpint "
+                           "a second time. Giving up.");
+            ret = MP_VAL;
+        }
+        else {
+            ESP_LOGI(TAG, "Successfully re-read after Validation Failure.");
+            ret = MP_VAL;
+        }
+    }
+#endif
+    return ret;
 }
 
-/* write mp_init into memory block
- */
-static void esp_mpint_to_memblock(word32 mem_address, const MATH_INT_T* mp,
-                                                      const word32 bits,
-                                                      const word32 hwords)
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+/* Write 0x00 to [wordSz] words of register memory starting at mem_address */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+/* only the classic has memblock clear due to slightly different data layout */
+static int esp_zero_memblock(u_int32_t mem_address, int wordSz)
 {
+    int ret = MP_OKAY;
+
+    ESP_EM__PRE_DPORT_WRITE;
+    DPORT_INTERRUPT_DISABLE();
+    for (int i=0; i < wordSz; i++) {
+        DPORT_REG_WRITE(
+            (volatile u_int32_t *)(mem_address + (i * sizeof(word32))),
+            (u_int32_t)(0) /* zero memory blocks [wordSz] words long */
+        );
+    }
+    DPORT_INTERRUPT_RESTORE();
+    return ret;
+}
+#endif /* CONFIG_IDF_TARGET_ESP32 */
+#endif /* not NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+/* write MATH_INT_T mp value (dp[]) into memory block */
+static int esp_mpint_to_memblock(u_int32_t mem_address,
+                                 const MATH_INT_T* mp,
+                                 const word32 bits,
+                                 const word32 hwords)
+{
+    int ret = MP_OKAY;
+
     /* init */
-    word32 i;
-    word32 len = (bits / 8 + ((bits & 7) != 0 ? 1 : 0));
+    word32 i; /* memory offset counter */
+    word32 len; /* actual number of words to write to register */
 
+    len = (bits / 8 + ((bits & 7) != 0 ? 1 : 0));
     len = (len + sizeof(word32)-1) / sizeof(word32);
 
+    /* write */
+    ESP_EM__PRE_DPORT_WRITE;
+    DPORT_INTERRUPT_DISABLE();
     for (i=0; i < hwords; i++) {
         if (i < len) {
-            DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), mp->dp[i]);
+            /* write our data */
+            ESP_LOGV(TAG, "Write i = %d value.", i);
+            DPORT_REG_WRITE(
+                (volatile u_int32_t*)(mem_address + (i * sizeof(word32))),
+                mp->dp[i]
+            ); /* DPORT_REG_WRITE */
         }
         else {
-            DPORT_REG_WRITE(mem_address + (i * sizeof(word32)), 0);
+            /* write zeros */
+            /* TODO we may be able to skip zero in certain circumstances */
+            if (i == 0) {
+                ESP_LOGV(TAG, "esp_mpint_to_memblock zero?");
+            }
+            ESP_LOGV(TAG, "Write i = %d value = zero.", i);
+            DPORT_REG_WRITE(
+                (volatile u_int32_t*)(mem_address + (i * sizeof(word32))),
+                (u_int32_t)0 /* writing 4 bytes of zero */
+            ); /* DPORT_REG_WRITE */
         }
     }
+    DPORT_INTERRUPT_RESTORE();
+
+    /* optional re-read verify */
+#if defined(ESP_VERIFY_MEMBLOCK)
+    len = XMEMCMP((const void *)mem_address, /* HW reg memory */
+                  (const void *)&mp->dp,     /* our dp value  */
+                  hwords * sizeof(word32)
+                 );
+    if (len != 0) {
+        ESP_LOGE(TAG, "esp_mpint_to_memblock compare fails at %d", len);
+    #ifdef DEBUG_WOLFSSL
+        esp_show_mp("mp", (MATH_INT_T*)mp);
+    #endif
+        ret = MP_VAL;
+    }
+#endif
+    return ret;
 }
 
 /* return needed HW words.
  * supported words length
- *  words : {16 ,  32,  48,    64,   80,   96, 112,   128}
- *  bits  : {512,1024, 1536, 2048, 2560, 3072, 3584, 4096}
+ *  words    : { 16,   32,  48,    64,   80,   96,  112,  128}
+ *  bits     : {512, 1024, 1536, 2048, 2560, 3072, 3584, 4096}
  */
 static word32 words2hwords(word32 wd)
 {
@@ -307,143 +896,426 @@ static word32 bits2words(word32 bits)
     return ((bits + (d - 1)) / d);
 }
 
+/* exptmod and mulmod helpers as needed */
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+      ||  \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+/* rinv and M' only used for mulmod and mulexp_mod */
+
 /* get rinv */
 static int esp_get_rinv(MATH_INT_T *rinv, MATH_INT_T *M, word32 exp)
 {
-    int ret = 0;
+#ifdef DEBUG_WOLFSSL
+    MATH_INT_T rinv2[1];
+    MATH_INT_T M2[1];
+    int reti = MP_OKAY;
+#endif
+    int ret = MP_OKAY;
+
+    ESP_LOGV(TAG, "\nBegin esp_get_rinv \n");
+#ifdef DEBUG_WOLFSSL
+    mp_copy(M, M2); /* copy (src = M) to (dst = M2) */
+    mp_copy(rinv, rinv2); /* copy (src = M) to (dst = M2) */
+#endif
 
-    /* 2^(exp)*/
-    if ((ret = mp_2expt(rinv, exp)) != MP_OKAY) {
+    /* 2^(exp)
+     *
+     * rinv will have all zeros with a 1 in last word.
+     * e.g. exp=2048 will have a 1 in dp[0x40] = dp[64]
+     * this is the 65'th element (zero based)
+     * Value for used = 0x41 = 65
+     **/
+    ret = mp_2expt(rinv, exp);
+    if (ret == MP_OKAY) {
+        ret = mp_mod(rinv, M, rinv);
+    }
+    else {
         ESP_LOGE(TAG, "failed to calculate mp_2expt()");
-        return ret;
     }
 
     /* r_inv = R^2 mod M(=P) */
-    if (ret == 0 && (ret = mp_mod(rinv, M, rinv)) != MP_OKAY) {
+    if (ret == MP_OKAY) {
+        ESP_LOGV(TAG, "esp_get_rinv compute success");
+    }
+    else {
         ESP_LOGE(TAG, "failed to calculate mp_mod()");
-        return ret;
     }
 
+#ifdef DEBUG_WOLFSSL
+    if (ret == MP_OKAY) {
+
+        /* computes a = B**n mod b without division or multiplication useful for
+        * normalizing numbers in a Montgomery system. */
+        reti = mp_montgomery_calc_normalization(rinv2, M2);
+        if (reti == MP_OKAY) {
+            ESP_LOGV(TAG, "mp_montgomery_calc_normalization = %d", reti);
+        }
+        else {
+            ESP_LOGW(TAG, "Error Montgomery calc M2 result = %d", reti);
+        }
+    }
+#endif
+
+    ESP_LOGV(TAG, "\nEnd esp_get_rinv \n");
     return ret;
 }
+#endif /* ! xEXPTMOD || ! xMULMOD for rinv */
 
-/* Z = X * Y;  */
-int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
+/* during debug, we'll compare HW to SW results */
+int esp_hw_validation_active(void)
 {
-    int ret;
+#ifdef DEBUG_WOLFSSL
+    return IS_HW_VALIDATION;
+#else
+    return 0; /* we're never validating when not debugging */
+#endif
+}
 
-#ifdef WOLFSSL_SP_INT_NEGATIVE
-    /* neg check: X*Y becomes negative */
-    int neg;
+/* useful during debugging and error display,
+ * we can show all the mp helper calc values */
+int esp_show_mph(struct esp_mp_helper* mph)
+{
+    int ret = MP_OKAY;
 
-    /* aka (X->sign == Y->sign) ? MP_ZPOS : MP_NEG; , but with mp_isneg(): */
-    neg = (mp_isneg(X) == mp_isneg(Y)) ? MP_ZPOS : MP_NEG;
-    if (neg) {
-        /* Negative numbers are relatively infrequent.
-         * May be interesting during verbose debugging: */
-        ESP_LOGV(TAG, "mp_isneg(X) = %d; mp_isneg(Y) = %d; neg = %d ",
-                       mp_isneg(X),      mp_isneg(Y),           neg);
+    if (mph == NULL) {
+        /* if a bad mp helper passed, we cannot use HW */
+        ESP_LOGE(TAG, "ERROR: Bad esp_mp_helper for esp_show_mph");
+        return MP_VAL;
     }
+
+    if (mph->Xs != 0)
+        ESP_LOGI(TAG, "Xs %d", mph->Xs);
+    if (mph->Ys != 0)
+        ESP_LOGI(TAG, "Ys %d", mph->Ys);
+    if (mph->Ms != 0)
+        ESP_LOGI(TAG, "Ms %d", mph->Ms);
+    if (mph->Rs != 0)
+        ESP_LOGI(TAG, "Rs %d", mph->Rs);
+    if (mph->maxWords_sz != 0)
+        ESP_LOGI(TAG, "maxWords_sz %d", mph->maxWords_sz);
+    if (mph->hwWords_sz != 0)
+        ESP_LOGI(TAG, "hwWords_sz %d", mph->hwWords_sz);
+    if (mph->mp != 0)
+        ESP_LOGI(TAG, "mp %d", mph->mp);
+#ifdef DEBUG_WOLFSSL
+    if (mph->mp2 != 0)
+        ESP_LOGI(TAG, "mp2 %d", mph->mp2);
 #endif
-    ret = MP_OKAY; /* assume success until proven wrong */
+    if (mph->r_inv.used != 0)
+        esp_show_mp("r_inv", &(mph->r_inv));
+    return ret;
+}
 
-#if CONFIG_IDF_TARGET_ESP32S3
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD) \
+      ||  \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+/* only when using exptmod or mulmod, we have some helper functions. */
 
-    int BitsInX = mp_count_bits(X);
-    int BitsInY = mp_count_bits(Y);
+/* given X, Y, M - setup mp hardware and other helper values.*/
+int esp_mp_montgomery_init(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M,
+                           struct esp_mp_helper* mph)
+{
+    int ret = MP_OKAY;
+    int exp;
 
-    /* X & Y must be represented by the same number of bits. Must be
-     * enough to represent the larger one. */
-    int MinXYBits = max(BitsInX, BitsInY);
+    if (mph == NULL) {
+        /* if a bad mp helper passed, we cannot use HW */
+        ESP_LOGE(TAG, "ERROR: Bad esp_mp_helper, falling back to SW");
+        return MP_HW_FALLBACK;
+    }
+    if ((X == NULL) || (Y == NULL) || (M == NULL) ) {
+        /* if a bad operand passed, we cannot use HW */
+        ESP_LOGE(TAG, "ERROR: Bad Montgomery operand, falling back to SW");
+        return MP_HW_FALLBACK;
+    }
+    XMEMSET(mph, 0, sizeof(struct esp_mp_helper));
+    mph->Xs = mp_count_bits(X); /* X's = the number of bits needed */
+
+#if (ESP_PROHIBIT_SMALL_X == TRUE)
+    /* optionally prohibit small X.
+    ** note this is very common in ECC: [1] * [Y] mod [M] */
+    if ((X->used == 1) && (X->dp[1] < (1 << 8))) {
+    #ifdef WOLFSSL_HW_METRICS
+        esp_mp_mulmod_small_x_ct++;
+    #endif
+        ESP_LOGW(TAG, "esp_mp_montgomery_init MP_HW_FALLBACK Xs = %d",
+                       mph->Xs);
+        ret = MP_HW_FALLBACK;
+    }
+#endif
 
-    /* Figure out how many words we need to represent each operand & the result. */
-    int WordsForOperand = bits2words(MinXYBits);
-    int WordsForResult = bits2words(BitsInX + BitsInY);
+    /* prohibit small Y */
+    if (ret == MP_OKAY) {
+        mph->Ys = mp_count_bits(Y); /* init Y's to pass to Montgomery init */
+
+        if (mph->Xs <= ESP_RSA_EXPT_XBITS) {
+            /* hard floor 8 bits, problematic in some older ESP32 chips */
+            #ifdef WOLFSSL_HW_METRICS
+            {
+                /* track how many times we fall back */
+                esp_mp_mulmod_small_x_ct++;
+            }
+            #endif
+            ESP_LOGV(TAG,
+                "esp_mp_montgomery_init MP_HW_FALLBACK Xs = %d",
+                mph->Xs);
+            ret = MP_HW_FALLBACK; /* fall back to software calc at exit */
+        } /* mph->Xs <= ESP_RSA_EXPT_XBITS */
+        else {
+            if (mph->Ys <= ESP_RSA_EXPT_YBITS) {
+            /* hard floor 8 bits, problematic in some older ESP32 chips */
+            #ifdef WOLFSSL_HW_METRICS
+            {
+                /* track how many times we fall back */
+                esp_mp_mulmod_small_y_ct++;
+            }
+            #endif
+            ESP_LOGV(TAG,
+                "esp_mp_montgomery_init MP_HW_FALLBACK Ys = %d",
+                mph->Ys);
+            ret = MP_HW_FALLBACK; /* fall back to software calc at exit */
+            } /* Ys <= ESP_RSA_EXPT_YBITS */
+            else {
+                /* X and Y size ok, continue... */
+                mph->Ms = mp_count_bits(M);
+                /* maximum bits and words for writing to HW */
+                mph->maxWords_sz = bits2words(max(mph->Xs,
+                                                  max(mph->Ys, mph->Ms)));
+                mph->hwWords_sz  = words2hwords(mph->maxWords_sz);
+
+                if ((mph->hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
+                    ESP_LOGW(TAG, "Warning: hwWords_sz = %d (%d bits)"
+                                  " exceeds HW maximum bits (%d), "
+                                  " falling back to SW.",
+                        mph->hwWords_sz,
+                        mph->hwWords_sz << 5,
+                        ESP_HW_RSAMAX_BIT);
+                    ret = MP_HW_FALLBACK;
+                } /* hwWords_sz check  */
+            } /* X and Y size ok */
+        } /* X size check */
+    } /* Prior operation ok */
+
+    ESP_LOGV(TAG, "hwWords_sz = %d", mph->hwWords_sz);
 
-    /* Make sure we are within capabilities of hardware. */
-    if ( (WordsForOperand * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS ) {
-        ESP_LOGW(TAG, "exceeds max bit length(2048)");
-        return MP_VAL; /*  Error: value is not able to be used. */
+    /* calculate r_inv = R^2 mode M
+    *    where: R = b^n, and b = 2^32
+    *    accordingly R^2 = 2^(n*32*2)
+    */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    exp = mph->hwWords_sz << 6;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+    exp = mph->maxWords_sz * BITS_IN_ONE_WORD * 2;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    exp = mph->maxWords_sz * BITS_IN_ONE_WORD * 2;
+#else
+    exp = 0; /* no HW, no Montgomery HW init */
+#endif
+
+    if (ret == MP_OKAY && (M != NULL)) {
+        ret = mp_init((mp_int*)&(mph->r_inv));
+        if (ret == MP_OKAY) {
+            ret = esp_get_rinv( (mp_int*)&(mph->r_inv), M, exp);
+            if (ret == MP_OKAY) {
+                mph->Rs = mp_count_bits((mp_int*)&(mph->r_inv));
+            }
+            else {
+                ESP_LOGE(TAG, "calculate r_inv failed.");
+                ret = MP_VAL;
+            } /* esp_get_rinv check */
+        } /* mp_init success */
+        else {
+            ESP_LOGE(TAG, "calculate r_inv failed mp_init.");
+            ret = MP_MEM;
+        } /* mp_init check */
+    } /* calculate r_inv */
+
+    /* if we were successful in r_inv, next get M' */
+    if (ret == MP_OKAY) {
+#ifdef DEBUG_WOLFSSL
+        ret = mp_montgomery_setup(M, &(mph->mp2) );
+#endif
+        /* calc M' */
+        /* if Pm is odd, uses mp_montgomery_setup() */
+        ret = esp_calc_Mdash(M, 32/* bits */, &(mph->mp));
+        if (ret != MP_OKAY) {
+            ESP_LOGE(TAG, "failed esp_calc_Mdash()");
+        }
     }
 
-    /* Steps to perform large number multiplication. Calculates Z = X x Y. The number of
-     * bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
-     * maximum number of bits in the X and Y is 2048.
-     * See 20.3.3 of ESP32-S3 technical manual
-     *  1. Lock the hardware so no-one else uses it and wait until it is ready.
-     *  2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
-     *  3. Write number of words required for result to the RSA_MODE_REG (now called RSA_LENGTH_REG).
-     *     Number of words required for the result is 2 * words for operand - 1
-     *  4. Load X, Y operands to memory blocks. Note the Y value must be written to
-     *     right aligned.
-     *  5. Start the operation by writing 1 to RSA_MULT_START_REG, then wait for it
-     *     to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
-     *  6. Read the result out.
-     *  7. Release the hardware lock so others can use it.
-     *  x. Clear the interrupt flag, if you used it (we don't). */
+#ifdef DEBUG_WOLFSSL
+    if (ret == MP_OKAY) {
+        if (mph->mp == mph->mp2) {
+            ESP_LOGV(TAG, "M' match esp_calc_Mdash vs mp_montgomery_setup "
+                          "= %ul  !", mph->mp);
+        }
+        else {
+            ESP_LOGW(TAG,
+                     "\n\n"
+                     "M' MISMATCH esp_calc_Mdash = 0x%08x = %d \n"
+                     "vs mp_montgomery_setup     = 0x%08x = %d \n\n",
+                     mph->mp,
+                     mph->mp,
+                     mph->mp2,
+                     mph->mp2);
+            mph->mp = mph->mp2;
+        }
+    }
+    else {
+    #if 0
+        esp_show_mp("X", X);
+        esp_show_mp("Y", Y);
+        esp_show_mp("M", M);
+        esp_show_mph(mph);
+    #endif
 
-    /* 1. lock HW for use & wait until it is ready. */
-    if ( ((ret = esp_mp_hw_lock()) != MP_OKAY) ||
-         ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) ) {
-        return ret;
+        if (ret == MP_HW_FALLBACK) {
+            ESP_LOGV(TAG, "esp_mp_montgomery_init exit falling back.");
+
+        }
+        else {
+            ESP_LOGE(TAG, "esp_mp_montgomery_init failed: return code = %d",
+                           ret);
+        }
     }
+#endif
+
+    return ret;
+} /* esp_mp_montgomery_init */
+
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_[EXPTMOD|MULMOD] */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+/* Large Number Multiplication
+ *
+ * See 24.3.3 of the ESP32 Technical Reference Manual
+ *
+ * Z = X * Y;  */
+int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
+{
+/* During debug, we may be validating against SW result. */
+#ifdef DEBUG_WOLFSSL
+    /* create a place to store copies to perform duplicate operations.
+    ** copies needed as some operations overwrite operands: e.g. X = X * Y */
+    MATH_INT_T X2[1];
+    MATH_INT_T Y2[1];
+    MATH_INT_T Z2[1];
+    MATH_INT_T PEEK[1];
+#endif
+
+    int ret = MP_OKAY; /* assume success until proven wrong */
+    int mp_mul_lock_called = FALSE; /* May fall back to SW; track if locked */
 
-    /* 2. Disable completion interrupt signal; we don't use.
-    **    0 => no interrupt; 1 => interrupt on completion. */
-    DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+    /* we don't use the mph helper for mp_mul, so we'll calculate locally: */
+    word32 Xs;
+    word32 Ys;
+    word32 Zs;
+    word32 maxWords_sz = 0;
+    word32 hwWords_sz = 0;
+    word32 resultWords_sz = 0;
 
-    /* 3. Write number of words required for result. */
-    if ( (WordsForOperand * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
-        ESP_LOGW(TAG, "result exceeds max bit length");
-        return MP_VAL; /*  Error: value is not able to be used. */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    word32 left_pad_offset = 0;
+#endif
+
+/* if we are supporting negative numbers, check that first since operands
+ * may be later modified (e.g. Z = Z * X) */
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+    /* neg check: X*Y becomes negative */
+    int res_sign;
+
+    /* aka (X->sign == Y->sign) ? MP_ZPOS : MP_NEG; , but with mp_isneg(): */
+    res_sign = (mp_isneg(X) == mp_isneg(Y)) ? MP_ZPOS : MP_NEG;
+    if (res_sign) {
+        /* Negative numbers are relatively infrequent.
+         * May be interesting during verbose debugging: */
+        ESP_LOGV(TAG, "mp_isneg(X) = %d; mp_isneg(Y) = %d; neg = %d ",
+                       mp_isneg(X),      mp_isneg(Y),           res_sign);
     }
-    DPORT_REG_WRITE(RSA_LENGTH_REG, (WordsForOperand * 2 - 1) );
+#endif
 
-    /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
-                          X, BitsInX, WordsForOperand);
-    esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + WordsForOperand * 4,
-                          Y, BitsInY, WordsForOperand);
+#ifdef WOLFSSL_HW_METRICS
+    esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used : esp_mp_max_used;
+    esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used : esp_mp_max_used;
+#endif
 
+    /* if either operand is zero, there's nothing to do.
+     * Y checked first, as it was observed to be zero during
+     * wolfcrypt tests more often than X */
+    if (mp_iszero(Y) || mp_iszero(X)) {
+        mp_forcezero(Z);
+        return MP_OKAY;
+    }
 
-    /* 5. Start operation and wait until it completes. */
-    process_start(RSA_MULT_START_REG);
-    ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
-    if (MP_OKAY != ret) {
-        return ret;
+#ifdef DEBUG_WOLFSSL
+    /* The caller should have checked if the call was for a SW validation.
+     * During debug, we'll return an error. */
+    if (esp_hw_validation_active()) {
+        return MP_HW_VALIDATION_ACTIVE;
     }
 
-    /* 6. read the result form MEM_Z              */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, WordsForResult);
+    /* these occur many times during RSA calcs */
+    if (X == Z) {
+        ESP_LOGV(TAG, "mp_mul X == Z");
+    }
+    if (Y == Z) {
+        ESP_LOGV(TAG, "mp_mul Y == Z");
+    }
 
-    /* 7. clear and release HW                    */
-    esp_mp_hw_unlock();
+    mp_init(X2);
+    mp_init(Y2);
+    mp_init(Z2);
 
-    /* end if CONFIG_IDF_TARGET_ESP32S3 */
+    mp_copy(X, X2); /* copy (src = X) to (dst = X2) */
+    mp_copy(Y, Y2); /* copy (src = Y) to (dst = Y2) */
+    mp_copy(Z, Z2); /* copy (src = Z) to (dst = Z2) */
 
-#else /* not CONFIG_IDF_TARGET_ESP32S3 */
-    /* assumed to be regular Xtensa here */
-    word32 Xs;
-    word32 Ys;
-    word32 Zs;
-    word32 maxWords_sz;
-    word32 hwWords_sz;
+    if (IS_HW_VALIDATION) {
+        ESP_LOGE(TAG, "Caller must not try HW when validation active.");
+    }
+    else {
+        SET_HW_VALIDATION; /* force next mp_mul to SW for compare */
+        mp_mul(X2, Y2, Z2);
+        CLR_HW_VALIDATION;
+    }
+#endif /* DEBUG_WOLFSSL */
 
-    /* ask bits number */
     Xs = mp_count_bits(X);
     Ys = mp_count_bits(Y);
     Zs = Xs + Ys;
 
-    /* maximum bits and words for writing to HW */
-    maxWords_sz = bits2words(max(Xs, Ys));
-    hwWords_sz  = words2hwords(maxWords_sz);
+    /* RSA Accelerator only supports Large Number Multiplication
+     * with operand length N = 32 × x,
+     * where x ∈ {1, 2, 3, . . . , 64} */
+    if (Xs > 64 || Ys > 64) {
+        return MP_HW_FALLBACK; /* TODO add count metric on size fallback */
+    }
 
-    /* sanity check */
-    if((hwWords_sz<<5) > ESP_HW_MULTI_RSAMAX_BITS) {
-        ESP_LOGW(TAG, "exceeds max bit length(2048)");
-        return MP_VAL; /*  Error: value is not able to be used. */
+    if (Zs <= sizeof(mp_digit)*8) {
+        Z->dp[0] = X->dp[0] * Y->dp[0];
+        Z->used = 1;
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+        Z->sign = res_sign; /* See above mp_isneg() for negative detection */
+#endif
+        return MP_OKAY;
     }
 
+    if (ret == MP_OKAY) {
+        /* maximum bits and words for writing to HW */
+        maxWords_sz = bits2words(max(Xs, Ys));
+        hwWords_sz  = words2hwords(maxWords_sz);
+
+        resultWords_sz = bits2words(Xs + Ys);
+        /* sanity check */
+        if ( (hwWords_sz << 5) > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "exceeds max bit length(2048) (a)");
+            ret = MP_HW_FALLBACK; /*  Error: value is not able to be used. */
+        }
+    }
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* assumed to be regular ESP32 Xtensa here */
+
     /*Steps to use HW in the following order:
     * 1. wait until clean HW engine
     * 2. Write(2*N/512bits - 1 + 8) to MULT_MODE_REG
@@ -451,464 +1323,1762 @@ int esp_mp_mul(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* Z)
     *    need to write data to each memory block only according to the length
     *    of the number.
     * 4. Write 1  to MUL_START_REG
-    * 5. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
-    *    (Or until the INTER interrupt is generated.)
+    * 5. Wait for the first operation to be done.
+    *      Poll INTERRUPT_REG until it reads 1.
+    *      (Or until the INTER interrupt is generated.)
     * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
     * 7. Read the Z from RSA_Z_MEM
     * 8. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
     * 9. Release the HW engine
     */
-    /* lock HW for use */
-    if ((ret = esp_mp_hw_lock()) != MP_OKAY) {
-        return ret;
+
+    /* Y (left-extend)
+     * Accelerator supports large-number multiplication with only
+     * four operand lengths of N ∈ {512, 1024, 1536, 2048} */
+    left_pad_offset = maxWords_sz << 2;
+    if (left_pad_offset <= 512 >> 3) {
+        left_pad_offset = 512 >> 3; /* 64 bytes (16 words) */
+    }
+    else {
+        if (left_pad_offset <= 1024 >> 3) {
+            left_pad_offset = 1024 >> 3; /* 128 bytes = 32 words */
+        }
+        else {
+            if (left_pad_offset <= 1536 >> 3) {
+                left_pad_offset = 1536 >> 3; /* 192 bytes = 48 words */
+            }
+            else {
+                if (left_pad_offset <= 2048 >> 3) {
+                    left_pad_offset = 2048 >> 3; /* 256 bytes = 64 words */
+                }
+                else {
+                    ret = MP_VAL;
+                    ESP_LOGE(TAG, "Unsupported operand length: %d",
+                                   hwWords_sz);
+                }
+            }
+        }
     }
 
-    if((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
-        return ret;
+    /* lock HW for use, enable peripheral clock */
+    if (ret == MP_OKAY) {
+        mp_mul_lock_called = TRUE; /* we'll not try to unlock
+                                    * unless we locked it here. */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
     }
 
-    /* step.1  (2*N/512) => N/256. 512 bits => 16 words */
-    DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 3) - 1 + 8);
-    /* step.2 write X, M and r_inv into memory */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
-                          X,
-                          Xs,
-                          hwWords_sz);
-    /* Y(let-extend)                          */
-    esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + (hwWords_sz<<2),
-                          Y,
-                          Ys,
-                          hwWords_sz);
-    /* step.3 start process                           */
-    process_start(RSA_MULT_START_REG);
-
-    /* step.4,5 wait until done                       */
-    ret = wait_until_done(RSA_INTERRUPT_REG);
-    if (ret != MP_OKAY) {
-        ESP_LOGE(TAG, "wait_until_done failed.");
-        return ret;
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
     }
-    /* step.6 read the result form MEM_Z              */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Zs));
 
-    /* step.7 clear and release HW                    */
-    esp_mp_hw_unlock();
+    if (ret == MP_OKAY) {
+        /* step.1  (2*N/512) => N/256. 512 bits => 16 words */
+        /* Write 2*N/512 - 1 + 8  */
+
+        DPORT_REG_WRITE(RSA_MULT_MODE_REG,
+                        (2 * left_pad_offset * 8 / 512) - 1 + 8);
+
+        /* step.2 write X into memory */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              Xs,
+                              hwWords_sz);
+
+        /* write zeros from RSA_MEM_Z_BLOCK_BASE to left_pad_offset - 1 */
+        esp_zero_memblock(RSA_MEM_Z_BLOCK_BASE,
+                          (left_pad_offset - 1) / sizeof(int));
+
+        /* write the left-padded Y value into Z */
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + (left_pad_offset),
+                              Y,
+                              Ys,
+                              hwWords_sz);
+
+    #ifdef DEBUG_WOLFSSL
+        /* save value to peek at the result stored in RSA_MEM_Z_BLOCK_BASE */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE,
+                              PEEK,
+                              128);
+    #endif
+
+        /* step.3 start process                           */
+        process_start(RSA_MULT_START_REG);
+
+        /* step.4,5 wait until done                       */
+        ret = wait_until_done(RSA_INTERRUPT_REG);
+
+        /* step.6 read the result form MEM_Z              */
+        if (ret == MP_OKAY) {
+            esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+        }
+#ifndef DEBUG_WOLFSSL
+        else {
+            ESP_LOGE(TAG, "ERROR: wait_until_done failed in esp32_mp");
+        }
+#endif
+    } /* end of processing */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* Unlike the ESP32 that is limited to only four operand lengths,
+     * the ESP32-C3 The RSA Accelerator supports large-number modular
+     * multiplication with operands of 128 different lengths.
+     *
+     * X & Y must be represented by the same number of bits. Must be
+     * enough to represent the larger one. */
+
+    /* Figure out how many words we need to
+     * represent each operand & the result. */
+
+    /* Make sure we are within capabilities of hardware. */
+    if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+        ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
+    if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+        ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
+
+    /* Steps to perform large number multiplication. Calculates Z = X * Y.
+     *  The number of bits in the operands (X, Y) is N. N can be 32x, where
+     *  x = {1,2,3,...64}, so the maximum number of bits in X and Y is 2048.
+     * See 20.3.3 of ESP32-S3 technical manual
+     *  1. Lock the hardware so no-one else uses it and wait until it is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *       -- we don't use the interrupt.
+     *  3. Write number of words required for result to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
+     *     Number of words required for the result is 2 * words for operand - 1
+     *  4. Load X, Y operands to memory blocks.
+     *     Note the Y value must be written to as right aligned.
+     *  5. Start the operation by writing 1 to RSA_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  6. Read the result out.
+     *  7. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
+
+    /* 1. lock HW for use & wait until it is ready. */
+    /* lock HW for use, enable peripheral clock */
+    if (ret == MP_OKAY) {
+        mp_mul_lock_called = TRUE; /* Do not try to unlock unless we locked */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
+    }  /* the only thing we expect is success or busy */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    /* HW multiply */
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+        /* 3. Write number of words required for result. */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, (hwWords_sz * 2 - 1));
+
+        /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              Xs,
+                              hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + hwWords_sz * 4,
+                              Y,
+                              Ys,
+                              hwWords_sz);
+
+        /* 5. Start operation and wait until it completes. */
+        process_start(RSA_MULT_START_REG);
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
+    if (ret == MP_OKAY) {
+        /* 6. read the result form MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* Unlike the ESP32 that is limited to only four operand lengths,
+     * the ESP32-C6 The RSA Accelerator supports large-number modular
+     * multiplication with operands of 128 different lengths.
+     *
+     * X & Y must be represented by the same number of bits. Must be
+     * enough to represent the larger one. */
+
+    /* Figure out how many words we need to
+     * represent each operand & the result. */
+
+    /* Make sure we are within capabilities of hardware. */
+    if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+        ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
+    if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+        ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
 
-#endif /* CONFIG_IDF_TARGET_ESP32S3 or not */
+    /* Steps to perform large number multiplication. Calculates Z = X * Y.
+     * The number of bits in the operands (X, Y) is N.
+     * N can be 32x, where x = {1,2,3,...64},
+     * so the maximum number of bits in the X and Y is 2048.
+     * See 20.3.3 of ESP32-S3 technical manual
+     *  1. Lock the hardware so no-one else uses it and wait until it is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write number of words required for result to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
+     *     Number of words required for the result is 2 * words for operand - 1
+     *  4. Load X, Y operands to memory blocks.
+     *     Note the Y value must be written to right aligned.
+     *  5. Start the operation by writing 1 to RSA_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  6. Read the result out.
+     *  7. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
+
+    /* 1. lock HW for use & wait until it is ready. */
+    /* lock HW for use, enable peripheral clock */
+    if (ret == MP_OKAY) {
+        mp_mul_lock_called = TRUE; /* Do not try to unlock unless we locked */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
+    } /* the only thing we expect is success or busy */
+
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    /* HW multiply */
+    if (ret == MP_OKAY) {
+        /* 1. Disable completion interrupt signal; we don't use.
+         * Write 1 (enable) or 0 (disable) to the RSA_INT_ENA_REG register.
+         *    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+        /* 2. Write number of words required for result. */
+        /* see 21.3.3 Write (/N16 − 1) to the RSA_MODE_REG register */
+        DPORT_REG_WRITE(RSA_MODE_REG, (hwWords_sz * 2 - 1));
+
+        /* 3. Write Xi and Yi for ∈ {0, 1, . . . , n − 1} to memory blocks
+         * RSA_X_MEM and RSA_Z_MEM
+         * Maximum is 64 words (64*8*4 = 2048 bits) */
+        esp_mpint_to_memblock(RSA_X_MEM,
+                              X,
+                              Xs,
+                              hwWords_sz);
+        esp_mpint_to_memblock(RSA_Z_MEM + hwWords_sz * 4,
+                              Y,
+                              Ys,
+                              hwWords_sz);
+
+        /* 4. Write 1 to the RSA_SET_START_MULT register */
+        ret = process_start(RSA_SET_START_MULT_REG);
+
+    }
+    /* 5. Wait for the completion of computation, which happens when the
+        * content of RSA_QUERY_IDLE becomes 1 or the RSA interrupt occurs. */
+    if (ret == MP_OKAY) {
+        ret = wait_until_done(RSA_QUERY_IDLE_REG);
+    }
+
+    if (ret == MP_OKAY) {
+        /* 6. read the result from MEM_Z */
+        esp_memblock_to_mpint(RSA_Z_MEM, Z, resultWords_sz);
+    }
+    /* end ESP32-C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* Unlike the ESP32 that is limited to only four operand lengths,
+     * the ESP32-S3 The RSA Accelerator supports large-number modular
+     * multiplication with operands of 128 different lengths.
+     *
+     * X & Y must be represented by the same number of bits. Must be
+     * enough to represent the larger one. */
+
+    /* Figure out how many words we need to
+     * represent each operand & the result. */
+
+    /* Make sure we are within capabilities of hardware. */
+    if ((hwWords_sz * BITS_IN_ONE_WORD) > ESP_HW_MULTI_RSAMAX_BITS) {
+        ESP_LOGW(TAG, "exceeds max bit length(%d)", ESP_HW_MULTI_RSAMAX_BITS);
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
+    if ((hwWords_sz * BITS_IN_ONE_WORD * 2) > ESP_HW_RSAMAX_BIT) {
+        ESP_LOGW(TAG, "result exceeds max bit length(%d)", ESP_HW_RSAMAX_BIT );
+        ret = MP_HW_FALLBACK; /* let SW figure out how to deal with it */
+    }
+
+    /* Steps to perform large number multiplication. Calculates Z = X * Y.
+     * The number of bits in the operands (X, Y) is N.
+     * N can be 32x, where x = {1,2,3,...64},
+     * so the maximum number of bits in the X and Y is 2048.
+     * See 20.3.3 of ESP32-S3 technical manual
+     *  1. Lock the hardware so no-one else uses it and wait until it is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write number of words required for result to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
+     *     Number of words required for the result is 2 * words for operand - 1
+     *  4. Load X, Y operands to memory blocks.
+     *     Note the Y value must be written to right aligned.
+     *  5. Start the operation by writing 1 to RSA_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  6. Read the result out.
+     *  7. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
+
+    /* 1. lock HW for use & wait until it is ready. */
+    if (ret == MP_OKAY) {
+        mp_mul_lock_called = TRUE; /* Don't try to unlock unless we locked. */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
+    } /* the only thing we expect is success or busy */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    /* HW multiply */
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+        /* 3. Write number of words required for result. */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, (hwWords_sz * 2 - 1));
+
+        /* 4. Load X, Y operands. Maximum is 64 words (64*8*4 = 2048 bits) */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              Xs,
+                              hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE + hwWords_sz * 4,
+                              Y,
+                              Ys,
+                              hwWords_sz);
+
+        /* 5. Start operation and wait until it completes. */
+        process_start(RSA_MULT_START_REG);
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
+    if (ret == MP_OKAY) {
+        /* 6. read the result form MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, resultWords_sz);
+    }
+
+    /*
+    ** end if CONFIG_IDF_TARGET_ESP32S3
+    */
+#else
+    ret = MP_HW_FALLBACK;
+#endif /* target HW calcs*/
 
     /* common exit for all chipset types */
-#ifdef WOLFSSL_SP_INT_NEGATIVE
-    if (!mp_iszero(Z) && neg) {
-        /* for non-zero negative numbers, set negative flag for our result:
-         *   Z->sign = FP_NEG */
-        mp_setneg(Z);
+
+    /* step.7 clear and release HW                    */
+    if (mp_mul_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
+
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+    if (ret == MP_OKAY) {
+        if (!mp_iszero(Z) && res_sign) {
+            /* for non-zero negative numbers, set negative flag for our result:
+             *   Z->sign = FP_NEG */
+            ESP_LOGV(TAG, "Setting Z to negative result!");
+            mp_setneg(Z);
+        }
+        else {
+            Z->sign = MP_ZPOS;
+        }
+    }
+#endif
+
+    if (ret == MP_OKAY) {
+        /* never clean the result for anything other than success, as we may
+         * fall back to SW and we don't want to muck up operand values. */
+        esp_clean_result(Z, 0);
+    }
+
+#ifdef DEBUG_WOLFSSL
+    if (mp_cmp(X, X2) != 0) {
+        /* this may be interesting when operands change (e.g. z=x*z mode m) */
+        /* ESP_LOGE(TAG, "mp_mul X vs X2 mismatch!"); */
+    }
+    if (mp_cmp(Y, Y2) != 0) {
+        /* this may be interesting when operands change (e.g. z=y*z mode m) */
+        /* ESP_LOGE(TAG, "mp_mul Y vs Y2 mismatch!"); */
+    }
+    if (mp_cmp(Z, Z2) != 0) {
+        int found_z_used = Z->used;
+
+        ESP_LOGE(TAG, "mp_mul Z vs Z2 mismatch!");
+        ESP_LOGI(TAG, "Xs            = %d", Xs);
+        ESP_LOGI(TAG, "Ys            = %d", Ys);
+        ESP_LOGI(TAG, "Zs            = %d", Zs);
+        ESP_LOGI(TAG, "found_z_used  = %d", found_z_used);
+        ESP_LOGI(TAG, "z.used        = %d", Z->used);
+        ESP_LOGI(TAG, "hwWords_sz    = %d", hwWords_sz);
+        ESP_LOGI(TAG, "maxWords_sz   = %d", maxWords_sz);
+#if defined(CONFIG_IDF_TARGET_ESP32)
+        ESP_LOGI(TAG, "left_pad_offset = %d", left_pad_offset);
+#endif
+        ESP_LOGI(TAG, "hwWords_sz<<2   = %d", hwWords_sz << 2);
+        esp_show_mp("X", X2);  /* show X2 copy, as X may have been clobbered */
+        esp_show_mp("Y", Y2);  /* show Y2 copy, as Y may have been clobbered */
+        esp_show_mp("Peek Z", PEEK); /* this is the Z before start */
+        esp_show_mp("Z", Z);   /* this is the HW result */
+        esp_show_mp("Z2", Z2); /* this is the SW result */
+    #ifndef NO_RECOVER_SOFTWARE_CALC
+        ESP_LOGW(TAG, "Recovering mp_mul error with software result");
+        mp_copy(Z2, Z); /* copy (src = Z2) to (dst = Z) */
+    #else
+        ret = MP_VAL;
+    #endif
     }
 #endif
 
+#ifdef WOLFSSL_HW_METRICS
+    esp_mp_mul_usage_ct++;
+    esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
+    if (ret != MP_OKAY) {
+        esp_mp_mul_error_ct++; /* includes fallback */
+    }
+#endif
+
+    ESP_LOGV(TAG, "\nEnd esp_mp_mul \n");
+
     return ret;
-}
+} /* esp_mp_mul() */
+#endif /* Use HW mp_mul: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL*/
 
-/* Z = X * Y (mod M)                                  */
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+/* Large Number Modular Multiplication
+ *
+ * See 24.3.3 of the ESP32 Technical Reference Manual
+ *
+ * Z = X × Y mod M */
 int esp_mp_mulmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
 {
-    int ret = 0;
-    int negcheck;
-    word32 Xs;
-    word32 Ys;
-    word32 Ms;
-    word32 maxWords_sz;
-    word32 hwWords_sz;
-    word32 zwords;
+    struct esp_mp_helper mph[1]; /* we'll save some values in this mp helper */
+    MATH_INT_T tmpZ[1] = { };
+#ifdef DEBUG_WOLFSSL
+    MATH_INT_T X2[1] = { };
+    MATH_INT_T Y2[1] = { };
+    MATH_INT_T M2[1] = { };
+    MATH_INT_T Z2[1] = { };
+    MATH_INT_T PEEK[1] = { };
+    (void) PEEK;
+#endif
 
-    MATH_INT_T r_inv;
-    MATH_INT_T tmpZ;
-    mp_digit mp;
+    int ret = MP_OKAY;
+    int mulmod_lock_called = FALSE;
+    word32 zwords = 0;
 
-    uint32_t Exponent;
-#if CONFIG_IDF_TARGET_ESP32S3
-    uint32_t OperandBits;
-    int WordsForOperand;
-# endif
-
-    /* neg check - X*Y becomes negative */
-    negcheck = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+    int negcheck = 0;
+#endif
 
-    /* ask bits number */
-    Xs = mp_count_bits(X);
-    Ys = mp_count_bits(Y);
-    Ms = mp_count_bits(M);
+#ifdef DEBUG_WOLFSSL
+    int reti = 0; /* interim return value used only during HW==SW validation */
+#endif
 
-    /* maximum bits and words for writing to HW */
-    maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
-    zwords      = bits2words(min(Ms, Xs + Ys));
-    hwWords_sz  = words2hwords(maxWords_sz);
+#if defined(CONFIG_IDF_TARGET_ESP32)
 
-    if ((hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
-        ESP_LOGE(TAG, "exceeds HW maximum bits");
-        return MP_VAL; /*  Error: value is not able to be used. */
-    }
-    /* calculate r_inv = R^2 mode M
-    *    where: R = b^n, and b = 2^32
-    *    accordingly R^2 = 2^(n*32*2)
-    */
-#if CONFIG_IDF_TARGET_ESP32S3
-    Exponent = maxWords_sz * BITS_IN_ONE_WORD * 2;
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+    word32 OperandBits;
+    int WordsForOperand;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    word32 OperandBits;
+    int WordsForOperand;
 #else
-    Exponent = hwWords_sz << 6;
+    ret = MP_HW_FALLBACK;
 #endif
-    ret = mp_init_multi(&tmpZ, &r_inv, NULL, NULL, NULL, NULL);
-    if (ret == 0 && (ret = esp_get_rinv(&r_inv, M, Exponent)) != MP_OKAY) {
-        ESP_LOGE(TAG, "calculate r_inv failed.");
-        mp_clear(&tmpZ);
-        mp_clear(&r_inv);
+
+    ESP_LOGV(TAG, "\nBegin esp_mp_mulmod \n");
+
+    /* do we have an even moduli? */
+    if ((M->dp[0] & 1) == 0) {
+#ifndef NO_ESP_MP_MUL_EVEN_ALT_CALC
+        /*  Z = X × Y mod M in mixed HW & SW*/
+        ret = esp_mp_mul(X, Y, tmpZ); /* HW X * Y */
+        if (ret == MP_OKAY) {
+            /* z = tmpZ mod M, 0 <= Z < M */
+            ret = mp_mod(tmpZ, M, Z); /* SW mod M */
+        }
+        ESP_LOGV(TAG, "alternate mp_mul calc!");
+        return ret;
+#else
+    #ifdef WOLFSSL_HW_METRICS
+        esp_mp_mulmod_even_mod_ct++;
+    #endif
+        ESP_LOGV(TAG, "esp_mp_mulmod does not support even numbers");
+        ret = MP_HW_FALLBACK; /* let the software figure out what to do */
         return ret;
+#endif /* NO_ESP_MP_MUL_EVEN_ALTERNATE */
+    } /* even moduli check */
+
+#ifdef DEBUG_WOLFSSL
+    /* we're only validating HW when in debug mode */
+    if (esp_hw_validation_active()) {
+        ESP_LOGV(TAG, "MP_HW_VALIDATION_ACTIVE");
+        return MP_HW_VALIDATION_ACTIVE;
     }
+#endif
 
-    /* lock HW for use */
-    if ((ret = esp_mp_hw_lock()) != MP_OKAY) {
-        mp_clear(&tmpZ);
-        mp_clear(&r_inv);
-        return ret;
+#ifdef DEBUG_WOLFSSL
+    if (IS_HW_VALIDATION) {
+        ESP_LOGE(TAG, "Caller must not try HW when validation active.");
     }
-    /* Calculate M' */
-    if ((ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY) {
-        ESP_LOGE(TAG, "failed to calculate M dash");
-        mp_clear(&tmpZ);
-        mp_clear(&r_inv);
-        return ret;
+    else {
+        /* when validating, save SW in [V]2 for later comparison to HW */
+        mp_init(X2);
+        mp_init(Y2);
+        mp_init(M2);
+        mp_init(Z2);
+
+        mp_copy(X, X2); /* copy (src = X) to (dst = X2) */
+        mp_copy(Y, Y2); /* copy (src = Y) to (dst = Y2) */
+        mp_copy(M, M2); /* copy (src = M) to (dst = M2) */
+        mp_copy(Z, Z2); /* copy (src = Z) to (dst = Z2) */
+
+        SET_HW_VALIDATION; /* for the next mulmod to be SW for HW validation */
+        reti = mp_mulmod(X2, Y2, M2, Z2);
+        if (reti == 0) {
+            ESP_LOGV(TAG, "wolfSSL mp_mulmod during validation success");
+        }
+        else {
+            ESP_LOGE(TAG, "wolfSSL mp_mulmod during validation failed");
+        }
+        CLR_HW_VALIDATION;
+    }
+#endif /* DEBUG_WOLFSSL */
+
+    if (ret == MP_OKAY) {
+
+        /* neg check: X*Y becomes negative, we'll need adjustment  */
+    #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+        negcheck = mp_isneg(X) != mp_isneg(Y) ? 1 : 0;
+    #endif
+
+        /* calculate r_inv = R^2 mod M
+        *    where: R = b^n, and b = 2^32
+        *    accordingly R^2 = 2^(n*32*2)
+        */
+        ret = esp_mp_montgomery_init(X, Y, M, mph);
+        if (ret == MP_OKAY) {
+            ESP_LOGV(TAG, "esp_mp_exptmod esp_mp_montgomery_init success.");
+        }
+        else {
+            #ifdef WOLFSSL_HW_METRICS
+            if (ret == MP_HW_FALLBACK) {
+                esp_mp_mulmod_fallback_ct++;
+            }
+            else {
+                esp_mp_mulmod_error_ct++;
+            }
+            #endif
+            return ret;
+        }
+        zwords = bits2words(min(mph->Ms, mph->Xs + mph->Ys));
     }
 
-#if CONFIG_IDF_TARGET_ESP32S3
-    /* Steps to perform large number modular multiplication. Calculates Z = (X x Y) modulo M.
-     * The number of bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
-     * maximum number of bits in the X and Y is 2048. We must use the same number of words to represent
-     * the bits in X, Y and M.
-     * See 20.3.3 of ESP32-S3 technical manual
+    /* we'll use hardware only for a minimum number of bits */
+    if (mph->Xs <= ESP_RSA_MULM_BITS || mph->Ys <= ESP_RSA_MULM_BITS) {
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            esp_mp_mulmod_small_y_ct++; /* track how many times we fall back */
+        }
+        #endif
+        ret = MP_HW_FALLBACK;
+        /* TODO add debug metrics */
+        #ifdef WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+        {
+            ESP_LOGV(TAG, "esp_mp_mulmod falling back for ESP_RSA_MULM_BITS!");
+        }
+        #endif
+    }
+
+    /* lock HW for use, enable peripheral clock */
+    if (ret == MP_OKAY) {
+        mulmod_lock_called = TRUE; /* Don't try to unlock unless we locked */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (M->used > esp_mp_max_used) ? M->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
+    }
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* Classic ESP32, non-S3 Xtensa */
+
+    /*Steps to use HW in the following order:
+    * prep:  wait until clean HW engine
+    *
+    * 1. Write (N/512bits - 1) to MULT_MODE_REG
+    * 2. Write X,M(=G, X, P) to memory blocks
+    *    need to write data to each memory block only according to the length
+    *    of the number.
+    * 3. Write M' to M_PRIME_REG
+    * 4. Write 1  to MODEXP_START_REG
+    * 5. Wait for the first round of the operation to be completed.
+    *    Poll RSA_INTERRUPT_REG until it reads 1,
+    *    or until the RSA_INTR interrupt is generated.
+    *    (Or until the INTER interrupt is generated.)
+    * 6. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
+    * 7. Write Yi (i ∈ [0, n) ∩ N) to RSA_X_MEM
+    *    Users need to write to the memory block only according to the length
+    *    of the number. Data beyond this length is ignored.
+    * 8. Write 1 to RSA_MULT_START_REG
+    * 9. Wait for the second operation to be completed.
+    *    Poll INTERRUPT_REG until it reads 1.
+    * 10. Read the Zi (i ∈ [0, n) ∩ N) from RSA_Z_MEM
+    * 11. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
+    *
+    * post: Release the HW engine
+    *
+    * After the operation, the RSA_MULT_MODE_REG register, and memory blocks
+    * RSA_M_MEM and RSA_M_PRIME_REG remain unchanged. Users do not need to
+    * refresh these registers or memory blocks if the values remain the same.
+    */
+
+    if (ret == MP_OKAY) {
+        /* Prep wait for the engine */
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    if (ret == MP_OKAY) {
+        /* step.1
+         *  Write (N/512bits - 1) to MULT_MODE_REG
+         *  512 bits => 16 words */
+        DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1);
+#if defined(DEBUG_WOLFSSL)
+        ESP_LOGV(TAG, "RSA_MULT_MODE_REG = %d", (mph->hwWords_sz >> 4) - 1);
+#endif /* WOLFSSL_DEBUG */
+
+        /* step.2 write X, M, and r_inv into memory.
+         * The capacity of each memory block is 128 words.
+         * The memory blocks use the little endian format for storage, i.e.
+         * the least significant digit of each number is in lowest address.*/
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X, mph->Xs, mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M, mph->Ms, mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+                              &(mph->r_inv), mph->Rs, mph->hwWords_sz);
+
+        /* step.3 write M' into memory                   */
+        /* confirmed that mp2 does not support even modulus.
+         * indeed we see a failure, but we can predict when modules is odd
+         * or when mp != mp2[0] */
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+        ESP_EM__3_16;
+
+        /* step.4 start process                           */
+        process_start(RSA_MULT_START_REG);
+
+        /* step.5,6 wait until done                       */
+        wait_until_done(RSA_INTERRUPT_REG);
+
+        /* step.7 Y to MEM_X                              */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              Y, mph->Ys,
+                              mph->hwWords_sz);
+
+#ifdef DEBUG_WOLFSSL
+        /* save value to peek at the result stored in RSA_MEM_Z_BLOCK_BASE */
+        esp_memblock_to_mpint(RSA_MEM_X_BLOCK_BASE,
+                              PEEK,
+                              128);
+        esp_clean_result(PEEK, 0);
+#endif /* DEBUG_WOLFSSL */
+
+        /* step.8 start process                           */
+        process_start(RSA_MULT_START_REG);
+
+        /* step.9,11 wait until done                      */
+        wait_until_done(RSA_INTERRUPT_REG);
+
+        /* step.12 read the result from MEM_Z             */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+    } /* step 1 .. 12 */
+
+    /* step.13 clear and release HW                   */
+    if (mulmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
+    /* end of ESP32 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* Steps to perform large number modular multiplication.
+     * Calculates Z = (X * Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x, where
+     * x = {1,2,3,...64}, so the maximum number of bits in the X and Y is 2048.
+     * We must use the same number of words to represent bits in X, Y and M.
+     * See 20.3.3 of ESP32-C3 technical manual
      *  1. Wait until the hardware is ready.
-     *  2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
      *  3. Write the number of words required to represent the operands to the
      *     RSA_MODE_REG (now called RSA_LENGTH_REG).
      *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
      *  5. Load X, Y, M, r' operands to memory blocks.
-     *  6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG, then wait for it
-     *     to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
      *  7. Read the result out.
      *  8. Release the hardware lock so others can use it.
      *  x. Clear the interrupt flag, if you used it (we don't). */
 
     /* 1. Wait until hardware is ready. */
-    if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
-        return ret;
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
     }
 
-    /* 2. Disable completion interrupt signal; we don't use.
-    **    0 => no interrupt; 1 => interrupt on completion. */
-    DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
 
-    /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
-    OperandBits = max(max(Xs, Ys), Ms);
-    if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
-        ESP_LOGW(TAG, "result exceeds max bit length");
-        return MP_VAL; /*  Error: value is not able to be used. */
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            return MP_VAL; /*  Error: value is not able to be used. */
+        }
+        WordsForOperand = bits2words(OperandBits);
+        /* alt inline calc:
+         * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG
+         *    (now called RSA_M_DASH_REG) */
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+        /* Select acceleration options. */
+        DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+
+        /* 5. Load X, Y, M, r' operands.
+         * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        process_start(RSA_MOD_MULT_START_REG); /* esp_mp_mulmod */
     }
-    WordsForOperand = bits2words(OperandBits);
-    DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
 
-    /* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG) */
-    DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+    if (ret == MP_OKAY) {
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
 
-    /* Select acceleration options. */
-    DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+    if (ret == MP_OKAY) {
+        /* 7. read the result from MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+    }
 
-    /* 5. Load X, Y, M, r' operands.
-     * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE, &r_inv, mp_count_bits(&r_inv), hwWords_sz);
+    /* 8. clear and release HW                    */
+    if (mulmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called, esp_mp_hw_unlock skipped");
+    }
+    /* end if CONFIG_IDF_TARGET_ESP32C3 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* Steps to perform large number modular multiplication.
+     * Calculates Z = (X * Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x,where
+     * x = {1,2,3,...64}, so the maximum number of bits in  X and Y is 2048.
+     * We must use the same number of words to represent the bits X, Y and M.
+     * See 20.3.3 of ESP32-S3 technical manual
+     *  1. Wait until the hardware is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write the number of words required to represent the operands to the
+     *     RSA_MODE_REG (now called RSA_LENGTH_REG).
+     *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+     *  5. Load X, Y, M, r' operands to memory blocks.
+     *  6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  7. Read the result out.
+     *  8. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
 
-    /* 6. Start operation and wait until it completes. */
-    process_start(RSA_MOD_MULT_START_REG);
-    ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
-    if (MP_OKAY != ret) {
-        return ret;
+    /* 1. Wait until hardware is ready for esp_mp_mulmod. */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            return MP_VAL; /*  Error: value is not able to be used. */
+        }
+        WordsForOperand = bits2words(OperandBits);
+        /* alt inline calc:
+         * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+        DPORT_REG_WRITE(RSA_MODE_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG
+         *    (now called RSA_M_DASH_REG) */
+        DPORT_REG_WRITE(RSA_M_PRIME_REG, mph->mp);
+
+        /* Select acceleration options. */
+        DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+        DPORT_REG_WRITE(RSA_SEARCH_POS_REG, 0); /* or RSA_SEARCH_ENABLE */
+
+        /* 5. Load X, Y, M, r' operands.
+         * Note RSA_MEM_RB_BLOCK_BASE == RSA_M_MEM on ESP32-C6*/
+        esp_mpint_to_memblock(RSA_X_MEM,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_Y_MEM,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_M_MEM,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_Z_MEM,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        process_start(RSA_SET_START_MODMULT_REG); /* reminder: esp_mp_mulmod */
     }
 
-    /* 7. read the result form MEM_Z              */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
+    /* 5. Wait for the completion of computation, which happens when the
+     * content of RSA_QUERY_IDLE becomes 1 or the RSA interrupt occurs. */
+    if (ret == MP_OKAY) {
+        ret = wait_until_done(RSA_QUERY_IDLE_REG);
+    }
+    if (ret == MP_OKAY) {
+        /* 7. read the result from MEM_Z              */
+        esp_memblock_to_mpint(RSA_Z_MEM, tmpZ, zwords);
+    }
 
     /* 8. clear and release HW                    */
-    esp_mp_hw_unlock();
-
-    if (negcheck) {
-        mp_sub(M, &tmpZ, &tmpZ);
+    if (mulmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called, esp_mp_hw_unlock skipped");
     }
 
-    mp_copy(&tmpZ, Z);
-    mp_clear(&tmpZ);
-    mp_clear(&r_inv);
+    /* end if CONFIG_IDF_TARGET_ESP32C3 or CONFIG_IDF_TARGET_ESP32C6 */
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* Steps to perform large number modular multiplication.
+     * Calculates Z = (X * Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x, where
+     * x = {1,2,3,...64}, so the maximum number of bits in the X and Y is 2048.
+     * We must use the same number of words to represent bits in X, Y and M.
+     * See 20.3.3 of ESP32-S3 technical manual.
+     *  1. Wait until the hardware is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write the number of words required to represent the operands to the
+     *     RSA_MODE_REG (now called RSA_LENGTH_REG).
+     *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+     *  5. Load X, Y, M, r' operands to memory blocks.
+     *  6. Start the operation by writing 1 to RSA_MOD_MULT_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  7. Read the result out.
+     *  8. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
 
-    return ret;
-    /* end if CONFIG_IDF_TARGET_ESP32S3 */
-#else
-    /* non-S3 Xtensa */
+    /* 1. Wait until hardware is ready. */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
 
-    /*Steps to use HW in the following order:
-    * 1. wait until clean HW engine
-    * 2. Write(N/512bits - 1) to MULT_MODE_REG
-    * 3. Write X,M(=G, X, P) to memory blocks
-    *    need to write data to each memory block only according to the length
-    *    of the number.
-    * 4. Write M' to M_PRIME_REG
-    * 5. Write 1  to MODEXP_START_REG
-    * 6. Wait for the first operation to be done. Poll INTERRUPT_REG until it reads 1.
-    *    (Or until the INTER interrupt is generated.)
-    * 7. Write 1 to RSA_INTERRUPT_REG to clear the interrupt.
-    * 8. Write Y to RSA_X_MEM
-    * 9. Write 1 to RSA_MULT_START_REG
-    * 10. Wait for the second operation to be completed. Poll INTERRUPT_REG until it reads 1.
-    * 11. Read the Z from RSA_Z_MEM
-    * 12. Write 1 to RSA_INTERUPT_REG to clear the interrupt.
-    * 13. Release the HW engine
-    */
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
 
-    if ( (ret = esp_mp_hw_wait_clean()) != MP_OKAY ) {
-        return ret;
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            return MP_VAL; /*  Error: value is not able to be used. */
+        }
+        WordsForOperand = bits2words(OperandBits);
+        /* alt inline calc:
+         * DPORT_REG_WRITE(RSA_MULT_MODE_REG, (mph->hwWords_sz >> 4) - 1); */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG
+         * (now called RSA_M_DASH_REG) */
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+        /* Select acceleration options. */
+        DPORT_REG_WRITE(RSA_CONSTANT_TIME_REG, 0);
+
+        /* 5. Load X, Y, M, r' operands.
+         * Note RSA_MEM_RB_BLOCK_BASE == RSA_MEM_Z_BLOC_BASE on ESP32s3*/
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_RB_BLOCK_BASE,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        process_start(RSA_MOD_MULT_START_REG); /* Reminder: esp_mp_mulmod() */
+        asm volatile("memw");
+        asm volatile("nop");
+        asm volatile("nop");
+        asm volatile("nop");
+        asm volatile("nop");
+        asm volatile("nop");
+        asm volatile("nop");
     }
-    /* step.1                     512 bits => 16 words */
-    DPORT_REG_WRITE(RSA_MULT_MODE_REG, (hwWords_sz >> 4) - 1);
-
-    /* step.2 write X, M and r_inv into memory */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
-                          &r_inv,
-                          mp_count_bits(&r_inv),
-                          hwWords_sz);
 
-    /* step.3 write M' into memory                   */
-    DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+    if (ret == MP_OKAY) {
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
 
-    /* step.4 start process                           */
-    process_start(RSA_MULT_START_REG);
+    if (ret == MP_OKAY) {
+        /* 7. read the result from MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, tmpZ, zwords);
+    }
 
-    /* step.5,6 wait until done                       */
-    wait_until_done(RSA_INTERRUPT_REG);
-    /* step.7 Y to MEM_X                              */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, Y, Ys, hwWords_sz);
+    /* 8. clear and release HW                    */
+    if (mulmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        if (ret == MP_HW_FALLBACK) {
+            ESP_LOGV(TAG, "Lock not called due to no-lock MP_HW_FALLBACK");
+        }
+        else {
+            ESP_LOGW(TAG, "Lock unexpectedly not called");
+        }
+    }
 
-    /* step.8 start process                           */
-    process_start(RSA_MULT_START_REG);
+    /* end if CONFIG_IDF_TARGET_ESP32S3 */
+#else
+    /* for all non-supported chipsets, fall back to SW calcs */
+    ret = MP_HW_FALLBACK;
+#endif
 
-    /* step.9,11 wait until done                      */
-    wait_until_done(RSA_INTERRUPT_REG);
+    if (ret == MP_OKAY) {
+        /* additional steps                               */
+        /* this is needed for known issue when Z is greater than M */
+        if (mp_cmp(tmpZ, M) == MP_GT) {
+            /*  Z -= M  */
+            mp_sub(tmpZ, M, tmpZ);
+            ESP_LOGV(TAG, "Z is greater than M");
+        }
+    #if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+        if (negcheck) {
+            mp_sub(M, tmpZ, tmpZ);
+            ESP_LOGV(TAG, "neg check adjustment");
+        }
+    #endif
+        mp_copy(tmpZ, Z); /* copy tmpZ to result Z */
 
-    /* step.12 read the result from MEM_Z             */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, &tmpZ, zwords);
+        esp_clean_result(Z, 0);
+    }
 
-    /* step.13 clear and release HW                   */
-    esp_mp_hw_unlock();
+#ifdef WOLFSSL_HW_METRICS
+    esp_mp_mulmod_usage_ct++;
+    if (ret == MP_HW_FALLBACK) {
+        ESP_LOGV(TAG, "esp_mp_mulmod HW Fallback tick");
+        esp_mp_mulmod_fallback_ct++;
+    }
+#endif
 
-    /* additional steps                               */
-    /* this needs for known issue when Z is greater than M */
-    if (mp_cmp(&tmpZ, M) == MP_GT) {
-        /*  Z -= M  */
-        mp_sub(&tmpZ, M, &tmpZ);
+#ifdef DEBUG_WOLFSSL
+    if (ret == MP_HW_FALLBACK) {
+        ESP_LOGI(TAG, "HW Fallback");
     }
-    if (negcheck) {
-        mp_sub(M, &tmpZ, &tmpZ);
+    else {
+        if (mp_cmp(X, X2) != 0) {
+            ESP_LOGV(TAG, "mp_mul X vs X2 mismatch!");
+        }
+        if (mp_cmp(Y, Y2) != 0) {
+            ESP_LOGV(TAG, "mp_mul Y vs Y2 mismatch!");
+        }
+
+        if (mp_cmp(Z, Z2) != 0) {
+            ESP_LOGE(TAG, "esp_mp_mulmod Z vs Z2 mismatch!");
+
+            esp_mp_mulmod_error_ct++;
+            int found_z_used = Z->used;
+
+            ESP_LOGI(TAG, "Xs            = %d", mph->Xs);
+            ESP_LOGI(TAG, "Ys            = %d", mph->Ys);
+            ESP_LOGI(TAG, "found_z_used  = %d", found_z_used);
+            ESP_LOGI(TAG, "z.used        = %d", Z->used);
+            ESP_LOGI(TAG, "hwWords_sz    = %d", mph->hwWords_sz);
+            ESP_LOGI(TAG, "maxWords_sz   = %d", mph->maxWords_sz);
+            ESP_LOGI(TAG, "hwWords_sz<<2   = %d", mph->hwWords_sz << 2);
+
+            /* parameters may have been collbered; Show cpied values */
+            esp_show_mp("X", X2);
+            esp_show_mp("Y", Y2);
+            esp_show_mp("M", M2);
+
+            ESP_LOGI(TAG, "Xs            = %d", mph->Xs);
+            ESP_LOGI(TAG, "Ys            = %d", mph->Ys);
+            ESP_LOGI(TAG, "found_z_used  = %d", found_z_used);
+            ESP_LOGI(TAG, "z.used        = %d", Z->used);
+            ESP_LOGI(TAG, "hwWords_sz    = %d", mph->hwWords_sz);
+            ESP_LOGI(TAG, "maxWords_sz   = %d", mph->maxWords_sz);
+            ESP_LOGI(TAG, "hwWords_sz<<2   = %d", mph->hwWords_sz << 2);
+            esp_show_mp("X", X2); /* X2 copy, as X may have been clobbered */
+            esp_show_mp("Y", Y2); /* Y2 copy, as Y may have been clobbered */
+            esp_show_mp("M", M2); /* M2 copy, as M may have been clobbered */
+            esp_show_mp("r_inv", &(mph->r_inv)); /*show r_inv  */
+            ESP_LOGI(TAG, "mp            = 0x%08x = %u", mph->mp, mph->mp);
+
+            if (mph->mp == mph->mp2) {
+                ESP_LOGI(TAG, "M' match esp_calc_Mdash vs mp_montgomery_setup"
+                              " = %d  !", mph->mp);
+            }
+            else {
+                ESP_LOGW(TAG,
+                         "\n\n"
+                         "M' MISMATCH esp_calc_Mdash = 0x%08x = %d \n"
+                         "vs mp_montgomery_setup     = 0x%08x = %d \n\n",
+                         mph->mp,
+                         mph->mp,
+                         mph->mp2,
+                         mph->mp2);
+                mph->mp = mph->mp2;
+            }
+
+
+            esp_show_mp("HW Z", Z); /* this is the HW result */
+            esp_show_mp("SW Z2", Z2); /* this is the SW result */
+            ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
+                           esp_mp_mulmod_usage_ct);
+            ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
+                           esp_mp_mulmod_error_ct);
+            ESP_LOGI(TAG, "");
+            esp_show_mp("HW Z", Z); /* this is the HW result */
+            esp_show_mp("SW Z2", Z2); /* this is the SW result */
+            ESP_LOGI(TAG, "esp_mp_mulmod_usage_ct = %lu tries",
+                           esp_mp_mulmod_usage_ct);
+            ESP_LOGI(TAG, "esp_mp_mulmod_error_ct = %lu failures",
+                           esp_mp_mulmod_error_ct);
+            ESP_LOGI(TAG, "");
+
+
+            #ifndef NO_RECOVER_SOFTWARE_CALC
+            {
+                ESP_LOGW(TAG, "Recovering mp_mul error with software result");
+                mp_copy(Z2, Z); /* copy (src = Z2) to (dst = Z) */
+            }
+            #else
+            {
+                /* If we are not recovering, then we have an error. */
+                ret = MP_VAL;
+            }
+            #endif
+        }
+        else {
+            ESP_LOGV(TAG, "esp_mp_mulmod success!");
+        }
     }
 
-    mp_copy(&tmpZ, Z);
+#endif /* DEBUG_WOLFSSL */
 
-    mp_clear(&tmpZ);
-    mp_clear(&r_inv);
+    /* cleanup and exit */
+    mp_clear(tmpZ);
+    mp_clear(&(mph->r_inv));
 
-    return ret;
+    ESP_LOGV(TAG, "\nEnd esp_mp_mulmod \n");
+    if (ret == MP_OKAY || ret == MP_HW_FALLBACK) {
+        ESP_LOGV(TAG, "esp_mp_mulmod exit success ");
+    }
+    else {
+        ESP_LOGW(TAG, "esp_mp_mulmod exit failed = %d", ret);
+    }
+
+#ifdef WOLFSSL_HW_METRICS
+    /* calculate max used after any cleanup */
+    esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
 #endif
-}
+    return ret;
+} /* esp_mp_mulmod */
+#endif /* Use HW mulmod: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
 /* Large Number Modular Exponentiation
  *
  *    Z = X^Y mod M
  *
- * See:
- *  ESP32, Chapter 24, https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
- *  ESP32s3, section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf
+ *  ESP32, Section 24.3.2  https://www.espressif.com/sites/default/files/documentation/esp32_technical_reference_manual_en.pdf
+ *  ESP32S3, Section 20.3.1, https://www.espressif.com/sites/default/files/documentation/esp32-s3_technical_reference_manual_en.pdf
+ *
  * The operation is based on Montgomery multiplication. Aside from the
  * arguments X, Y , and M, two additional ones are needed —r and M′
 .* These arguments are calculated in advance by software.
 .*
 .* The RSA Accelerator supports operand lengths of N ∈ {512, 1024, 1536, 2048,
-.* 2560, 3072, 3584, 4096} bits on the ESP32 and N ∈ [32, 4096] bits on the ESP32s3.
-.* The bit length of arguments Z, X, Y , M, and r can be any one from the N set,
-.* but all numbers in a calculation must be of the same length.
+.* 2560, 3072, 3584, 4096} bits on the ESP32 and N ∈ [32, 4096] bits
+ * on the ESP32s3.
+.* The bit length of arguments Z, X, Y , M, and r can be any one from
+ * the N set, but all numbers in a calculation must be of the same length.
 .* The bit length of M′ is always 32.
 .*
-.* Note some DH references may use: Y = (G ^ X) mod P
- */
-int esp_mp_exptmod(MATH_INT_T* X, MATH_INT_T* Y, word32 Ys, MATH_INT_T* M, MATH_INT_T* Z)
+ * Z = (X ^ Y) mod M   : Espressif generic notation
+ * Y = (G ^ X) mod P   : wolfSSL DH reference notation */
+int esp_mp_exptmod(MATH_INT_T* X, MATH_INT_T* Y, MATH_INT_T* M, MATH_INT_T* Z)
 {
-    int ret = 0;
+    /* Danger! Do not initialize any function parameters, not even the result Z.
+     * Some operations such as (rnd = rnd^e) will wipe out the rnd operand
+     * value upon initialization.
+     * (e.g. the address of X and Z could be the same when called) */
+    struct esp_mp_helper mph[1]; /* we'll save some mp helper data here */
+    int ret = MP_OKAY;
+    int exptmod_lock_called = FALSE;
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* different calc */
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
+    word32 OperandBits;
+    word32 WordsForOperand;
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    word32 OperandBits;
+    word32 WordsForOperand;
+#else
+    /* no HW */
+#endif
 
-    word32 Xs;
-    word32 Ms;
-    word32 maxWords_sz;
-    word32 hwWords_sz;
+    ESP_LOGV(TAG, "\nBegin esp_mp_exptmod \n");
+#ifdef WOLFSSL_HW_METRICS
+    esp_mp_exptmod_usage_ct++;
+    esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used : esp_mp_max_used;
+    esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used : esp_mp_max_used;
+    esp_mp_max_used = (M->used > esp_mp_max_used) ? M->used : esp_mp_max_used;
+#endif
 
-    MATH_INT_T r_inv;
-    mp_digit mp;
+    if (mp_iszero(M)) {
+#ifdef DEBUG_WOLFSSL
+        ESP_LOGI(TAG, "esp_mp_exptmod M is zero!");
+#endif
+#ifdef WOLFSSL_HW_METRICS
+        esp_mp_exptmod_fallback_ct++;
+#endif
+        return MP_HW_FALLBACK; /* fall back and let SW decide how to handle */
+    }
 
-#if CONFIG_IDF_TARGET_ESP32S3
-    uint32_t OperandBits;
-    uint32_t WordsForOperand;
+    if (mp_isone(M)) {
+#ifdef DEBUG_WOLFSSL
+        ESP_LOGI(TAG, "esp_mp_exptmod M is one!");
 #endif
+        mp_clear(Z);
+        return MP_OKAY; /* mod zero is zero */
+    }
 
-    /* ask bits number */
-    Xs = mp_count_bits(X);
-    Ms = mp_count_bits(M);
-    /* maximum bits and words for writing to HW */
-    maxWords_sz = bits2words(max(Xs, max(Ys, Ms)));
-    hwWords_sz  = words2hwords(maxWords_sz);
+    ret = esp_mp_montgomery_init(X, Y, M, mph);
 
-    if ((hwWords_sz << 5) > ESP_HW_RSAMAX_BIT) {
-        ESP_LOGE(TAG, "exceeds HW maximum bits");
-        return MP_VAL; /*  Error: value is not able to be used. */
+    if (ret == MP_OKAY) {
+        ESP_LOGV(TAG, "esp_mp_exptmod esp_mp_montgomery_init success.");
     }
-    /* calculate r_inv = R^2 mode M
-    *    where: R = b^n, and b = 2^32
-    *    accordingly R^2 = 2^(n*32*2)
-    */
-    ret = mp_init(&r_inv);
-    if ( (ret == 0) &&
-         ((ret = esp_get_rinv(&r_inv, M, (hwWords_sz << 6))) != MP_OKAY) ) {
-        ESP_LOGE(TAG, "calculate r_inv failed.");
-        mp_clear(&r_inv);
+    else {
+#ifdef WOLFSSL_HW_METRICS
+        if (ret == MP_HW_FALLBACK) {
+            esp_mp_exptmod_fallback_ct++;
+        }
+        else {
+            esp_mp_exptmod_error_ct++;
+        }
+#endif
         return ret;
     }
+
+#ifdef DEBUG_WOLFSSL
+    if (esp_hw_validation_active()) {
+        /* recall there's only one HW for all math accelerations */
+        return MP_HW_VALIDATION_ACTIVE;
+    }
+
+    if (esp_mp_exptmod_depth_counter != 0) {
+        ESP_LOGE(TAG, "esp_mp_exptmod Depth Counter Error!");
+    }
+    esp_mp_exptmod_depth_counter++;
+#endif
+
+ /*
+ max bits = 0x400 = 1024 bits
+1024 / 8 = 128 bytes
+ 128 / 4 = 32 words (0x20)
+ */
+
     /* lock and init the HW                           */
-    if ( (ret = esp_mp_hw_lock()) != MP_OKAY ) {
-        mp_clear(&r_inv);
-        return ret;
+    if (ret == MP_OKAY) {
+        exptmod_lock_called = TRUE; /* Don't try to unlock unless we locked */
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            /* Only track max values when using HW */
+            esp_mp_max_used = (X->used > esp_mp_max_used) ? X->used :
+                                                            esp_mp_max_used;
+            esp_mp_max_used = (Y->used > esp_mp_max_used) ? Y->used :
+                                                            esp_mp_max_used;
+        }
+        #endif
+
+        ret = esp_mp_hw_lock();
+        if (ret != MP_OKAY) {
+            ESP_LOGE(TAG, "esp_mp_hw_lock failed");
+            #ifdef DEBUG_WOLFSSL
+                esp_mp_exptmod_depth_counter--;
+            #endif
+        }
+    } /* the only thing we expect is success or busy */
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* non-ESP32S3 Xtensa (regular ESP32) */
+
+    /* Steps to use HW in the following order:
+    * 1. Write(N/512bits - 1) to MODEXP_MODE_REG
+    * 2. Write X, Y, M and r_inv to memory blocks
+    *    need to write data to each memory block only according to the length
+    *    of the number.
+    * 3. Write M' to M_PRIME_REG
+    * 4. Write 1  to MODEXP_START_REG
+    * 5. Wait for the operation to be done. Poll INTERRUPT_REG until it reads 1.
+    *    (Or until the INTER interrupt is generated.)
+    * 6. Read the result Z(=Y) from Z_MEM
+    * 7. Write 1 to INTERRUPT_REG to clear the interrupt.
+    */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    #ifdef WOLFSSL_HW_METRICS
+        if (ret != MP_OKAY) {
+            esp_mp_exptmod_error_ct++;
+        }
+    #endif
     }
-    /* calc M' */
-    /* if Pm is odd, uses mp_montgomery_setup() */
-    if ( (ret = esp_calc_Mdash(M, 32/* bits */, &mp)) != MP_OKAY ) {
-        ESP_LOGE(TAG, "failed to calculate M dash");
-        mp_clear(&r_inv);
-        return ret;
+
+    if (ret == MP_OKAY) {
+        /* step.1                                         */
+        ESP_LOGV(TAG,
+                 "hwWords_sz = %d, num = %d",
+                 mph->hwWords_sz,
+                 (mph->hwWords_sz >> 4) - 1
+                );
+
+        DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (mph->hwWords_sz >> 4) - 1);
+        /* step.2 write G, X, P, r_inv and M' into memory */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+                              Y, mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* step.3 write M' into memory                    */
+        ESP_LOGV(TAG, "M' = %d", mph->mp);
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+        ESP_EM__3_16;
+
+        /* step.4 start process                           */
+        process_start(RSA_MODEXP_START_REG); /* was RSA_START_MODEXP_REG;
+                                             * RSA_MODEXP_START_REG in docs? */
+
+        /* step.5 wait until done                         */
+        wait_until_done(RSA_INTERRUPT_REG);
+        /* step.6 read a result form memory               */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
     }
 
-#if CONFIG_IDF_TARGET_ESP32S3
-    /* Steps to perform large number modular exponentiation. Calculates Z = (X ^ Y) modulo M.
-     * The number of bits in the operands (X, Y) is N. N can be 32x, where x = {1,2,3,...64}, so the
-     * maximum number of bits in the X and Y is 2048.
+    /* step.7 clear and release expt_mod HW               */
+    if (exptmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    /* Steps to perform large number modular exponentiation.
+     * Calculates Z = (X ^ Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x,
+     * where x = {1,2,3,...64}; maximum number of bits in the X and Y is 2048.
      * See 20.3.3 of ESP32-S3 technical manual
      *  1. Wait until the hardware is ready.
-     *  2. Enable/disable interrupt that signals completion -- we don't use the interrupt.
-     *  3. Write (N_bits/32 - 1) to the RSA_MODE_REG (now called RSA_LENGTH_REG).
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
      *     Here N_bits is the maximum number of bits in X, Y and M.
      *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
      *  5. Load X, Y, M, r' operands to memory blocks.
-     *  6. Start the operation by writing 1 to RSA_MODEXP_START_REG, then wait for it
-     *     to complete by monitoring RSA_IDLE_REG (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
      *  7. Read the result out.
      *  8. Release the hardware lock so others can use it.
      *  x. Clear the interrupt flag, if you used it (we don't). */
 
     /* 1. Wait until hardware is ready. */
-    if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
-        return ret;
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    if (ret == MP_OKAY) {
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            ret = MP_VAL; /*  Error: value is not able to be used. */
+        }
+        else {
+            WordsForOperand = bits2words(OperandBits);
+        }
     }
 
-    /* 2. Disable completion interrupt signal; we don't use.
-    **    0 => no interrupt; 1 => interrupt on completion. */
-    DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG
+         * (now called RSA_M_DASH_REG) */
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+        /* 5. Load X, Y, M, r' operands. */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        process_start(RSA_MODEXP_START_REG);
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
 
-    /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
-    OperandBits = max(max(Xs, Ys), Ms);
-    if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
-        ESP_LOGW(TAG, "result exceeds max bit length");
-        return MP_VAL; /*  Error: value is not able to be used. */
+    if (MP_OKAY == ret) {
+        /* 7. read the result form MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
     }
-    WordsForOperand = bits2words(OperandBits);
-    DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
 
-    /* 4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG) */
-    DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
+    /* 8. clear and release HW                    */
+    if (exptmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
+    /* end if CONFIG_IDF_TARGET_ESP32C3 */
 
-    /* 5. Load X, Y, M, r' operands. */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE, &r_inv,
-                          mp_count_bits(&r_inv), hwWords_sz);
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* Steps to perform large number modular exponentiation.
+     * Calculates Z = (X ^ Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x,
+     * where x = {1,2,3,...64}; maximum number of bits in the X and Y is 2048.
+     * See 20.3.3 of ESP32-S3 technical manual
+     *  1. Wait until the hardware is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
+     *     Here N_bits is the maximum number of bits in X, Y and M.
+     *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+     *  5. Load X, Y, M, r' operands to memory blocks.
+     *  6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  7. Read the result out.
+     *  8. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
 
-    /* 6. Start operation and wait until it completes. */
-    process_start(RSA_MODEXP_START_REG);
-    ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
-    if (MP_OKAY != ret) {
-        return ret;
+    /* 1. Wait until hardware is ready. */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
     }
 
-    /* 7. read the result form MEM_Z              */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
+    if (ret == MP_OKAY) {
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            ret = MP_VAL; /*  Error: value is not able to be used. */
+        }
+        else {
+            WordsForOperand = bits2words(OperandBits);
+        }
+    }
+
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INT_ENA_REG, 0);
+
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        DPORT_REG_WRITE(RSA_MODE_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG  */
+        DPORT_REG_WRITE(RSA_M_PRIME_REG, mph->mp);
+
+        /* 5. Load X, Y, M, r' operands. */
+        esp_mpint_to_memblock(RSA_X_MEM,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_Y_MEM,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_M_MEM,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_Z_MEM,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        /* Write 1 to the RSA_SET_START_MODEXP field of the
+         * RSA_SET_START_MODEXP_REG register to start computation.*/
+        process_start(RSA_SET_START_MODEXP_REG);
+        ret = wait_until_done(RSA_QUERY_IDLE_REG);
+    }
+
+    if (MP_OKAY == ret) {
+        /* 7. read the result form MEM_Z              */
+        esp_memblock_to_mpint(RSA_Z_MEM, Z, BITS_TO_WORDS(mph->Ms));
+    }
 
     /* 8. clear and release HW                    */
-    esp_mp_hw_unlock();
+    if (exptmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
+    /* end if CONFIG_IDF_TARGET_ESP32C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    /* Steps to perform large number modular exponentiation.
+     * Calculates Z = (X ^ Y) modulo M.
+     * The number of bits in the operands (X, Y) is N. N can be 32x,
+     * where x = {1,2,3,...64}; the maximum number of bits in X and Y is 2048.
+     * See 20.3.3 of ESP32-S3 technical manual:
+     *  1. Wait until the hardware is ready.
+     *  2. Enable/disable interrupt that signals completion
+     *     -- we don't use the interrupt.
+     *  3. Write (N_bits/32 - 1) to the RSA_MODE_REG
+     *     (now called RSA_LENGTH_REG).
+     *     Here N_bits is the maximum number of bits in X, Y and M.
+     *  4. Write M' value into RSA_M_PRIME_REG (now called RSA_M_DASH_REG).
+     *  5. Load X, Y, M, r' operands to memory blocks.
+     *  6. Start the operation by writing 1 to RSA_MODEXP_START_REG,
+     *     then wait for it to complete by monitoring RSA_IDLE_REG
+     *     (which is now called RSA_QUERY_INTERRUPT_REG).
+     *  7. Read the result out.
+     *  8. Release the hardware lock so others can use it.
+     *  x. Clear the interrupt flag, if you used it (we don't). */
 
-    mp_clear(&r_inv);
+    /* 1. Wait until hardware is ready. */
+    if (ret == MP_OKAY) {
+        ret = esp_mp_hw_wait_clean();
+    }
+
+    if (ret == MP_OKAY) {
+        OperandBits = max(max(mph->Xs, mph->Ys), mph->Ms);
+        if (OperandBits > ESP_HW_MULTI_RSAMAX_BITS) {
+            ESP_LOGW(TAG, "result exceeds max bit length");
+            ret = MP_VAL; /*  Error: value is not able to be used. */
+        }
+        else {
+            WordsForOperand = bits2words(OperandBits);
+        }
+    }
+
+    if (ret == MP_OKAY) {
+        /* 2. Disable completion interrupt signal; we don't use.
+        **    0 => no interrupt; 1 => interrupt on completion. */
+        DPORT_REG_WRITE(RSA_INTERRUPT_REG, 0);
+
+        /* 3. Write (N_result_bits/32 - 1) to the RSA_MODE_REG. */
+        DPORT_REG_WRITE(RSA_LENGTH_REG, WordsForOperand - 1);
+
+        /* 4. Write M' value into RSA_M_PRIME_REG
+         * (now called RSA_M_DASH_REG) */
+        DPORT_REG_WRITE(RSA_M_DASH_REG, mph->mp);
+
+        /* 5. Load X, Y, M, r' operands. */
+        esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE,
+                              X,
+                              mph->Xs,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE,
+                              Y,
+                              mph->Ys,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE,
+                              M,
+                              mph->Ms,
+                              mph->hwWords_sz);
+        esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
+                              &(mph->r_inv),
+                              mph->Rs,
+                              mph->hwWords_sz);
+
+        /* 6. Start operation and wait until it completes. */
+        process_start(RSA_MODEXP_START_REG);
+        ret = wait_until_done(RSA_QUERY_INTERRUPT_REG);
+    }
+
+    if (MP_OKAY == ret) {
+        /* 7. read the result form MEM_Z              */
+        esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(mph->Ms));
+    }
+
+    /* 8. clear and release HW                    */
+    if (exptmod_lock_called) {
+        ret = esp_mp_hw_unlock();
+    }
+    else {
+        ESP_LOGV(TAG, "Lock not called");
+    }
 
-    return ret;
     /* end if CONFIG_IDF_TARGET_ESP32S3 */
 #else
-    /* non-ESP32S3 Xtensa (regular ESP32) */
+    /* unknown or unsupported targets fall back to SW */
+    ret = MP_HW_FALLBACK;
+#endif
 
-    /* Steps to use HW in the following order:
-    * 1. Write(N/512bits - 1) to MODEXP_MODE_REG
-    * 2. Write X, Y, M and r_inv to memory blocks
-    *    need to write data to each memory block only according to the length
-    *    of the number.
-    * 3. Write M' to M_PRIME_REG
-    * 4. Write 1  to MODEXP_START_REG
-    * 5. Wait for the operation to be done. Poll INTERRUPT_REG until it reads 1.
-    *    (Or until the INTER interrupt is generated.)
-    * 6. Read the result Z(=Y) from Z_MEM
-    * 7. Write 1 to INTERRUPT_REG to clear the interrupt.
-    */
-    if ((ret = esp_mp_hw_wait_clean()) != MP_OKAY) {
-        return ret;
+#ifdef DEBUG_WOLFSSL
+    if (esp_mp_exptmod_depth_counter != 1) {
+        ESP_LOGE(TAG, "esp_mp_exptmod exit Depth Counter Error!");
     }
+    esp_mp_exptmod_depth_counter--;
+#endif
 
-    /* step.1                                         */
-    DPORT_REG_WRITE(RSA_MODEXP_MODE_REG, (hwWords_sz >> 4) - 1);
-    /* step.2 write G, X, P, r_inv and M' into memory */
-    esp_mpint_to_memblock(RSA_MEM_X_BLOCK_BASE, X, Xs, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Y_BLOCK_BASE, Y, Ys, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_M_BLOCK_BASE, M, Ms, hwWords_sz);
-    esp_mpint_to_memblock(RSA_MEM_Z_BLOCK_BASE,
-                          &r_inv,
-                          mp_count_bits(&r_inv),
-                          hwWords_sz);
-    /* step.3 write M' into memory                    */
-    DPORT_REG_WRITE(RSA_M_DASH_REG, mp);
-    /* step.4 start process                           */
-    process_start(RSA_START_MODEXP_REG);
-
-    /* step.5 wait until done                         */
-    wait_until_done(RSA_INTERRUPT_REG);
-    /* step.6 read a result form memory               */
-    esp_memblock_to_mpint(RSA_MEM_Z_BLOCK_BASE, Z, BITS_TO_WORDS(Ms));
-    /* step.7 clear and release HW                    */
-    esp_mp_hw_unlock();
-
-    mp_clear(&r_inv);
+    /* never modify the result if we are falling back as the result
+     * may be the same as one of the operands! */
+    if (ret == MP_OKAY) {
+        esp_clean_result(Z, 0);
+    }
+#ifdef WOLFSSL_HW_METRICS
+    esp_mp_max_used = (Z->used > esp_mp_max_used) ? Z->used : esp_mp_max_used;
+#endif
 
     return ret;
-#endif
-}
+} /* esp_mp_exptmod */
+#endif /* Use HW expmod: ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
 
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) &&
-        * !NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI) &&
+        * !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
 
 #endif /* !NO_RSA || HAVE_ECC */
+
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI) && defined(WOLFSSL_HW_METRICS)
+int esp_hw_show_mp_metrics(void)
+{
+    int ret;
+#if !defined(NO_ESP32_CRYPT)  &&  defined(HW_MATH_ENABLED)
+    ret = MP_OKAY;
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+    ESP_LOGI(TAG, "esp_mp_mul HW disabled with "
+                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL");
+#else
+    /* Metrics: esp_mp_mul() */
+    ESP_LOGI(TAG, ""); /* mul follows */
+    ESP_LOGI(TAG, "esp_mp_mul HW acceleration enabled.");
+    ESP_LOGI(TAG, "Number of calls to esp_mp_mul: %lu",
+                   esp_mp_mul_usage_ct);
+    if (esp_mp_mul_error_ct == 0) {
+        ESP_LOGI(TAG, "Success: no esp_mp_mul() errors.");
+    }
+    else {
+        ESP_LOGW(TAG, "Number of esp_mp_mul failures: %lu",
+                       esp_mp_mul_error_ct);
+        ret = MP_VAL;
+    }
+#endif
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+    ESP_LOGI(TAG, "esp_mp_mulmod HW disabled with "
+                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD");
+#else
+    /* Metrics: esp_mp_mulmod() */
+    ESP_LOGI(TAG, ""); /* mulmod follows */
+
+    ESP_LOGI(TAG, "esp_mp_mulmod HW acceleration enabled.");
+    /* Metrics: esp_mp_mulmod() */
+    ESP_LOGI(TAG, "Number of calls to esp_mp_mulmod: %lu",
+                   esp_mp_mulmod_usage_ct);
+    ESP_LOGI(TAG, "Number of fallback to SW mp_mulmod: %lu",
+                   esp_mp_mulmod_fallback_ct);
+
+    if (esp_mp_mulmod_error_ct == 0) {
+        ESP_LOGI(TAG, "Success: no esp_mp_mulmod errors.");
+    }
+    else {
+        ESP_LOGW(TAG, "Number of esp_mp_mulmod failures: %lu",
+                       esp_mp_mulmod_error_ct);
+        ret = MP_VAL;
+    }
+
+    if (esp_mp_mulmod_even_mod_ct == 0) {
+        ESP_LOGI(TAG, "Success: no esp_mp_mulmod even mod.");
+    }
+    else {
+        ESP_LOGW(TAG, "Number of esp_mp_mulmod even mod: %lu",
+                       esp_mp_mulmod_even_mod_ct);
+    }
+
+    if (esp_mp_mulmod_error_ct == 0) {
+        ESP_LOGI(TAG, "Success: no esp_mp_mulmod small x or y.");
+    }
+    else {
+        ESP_LOGW(TAG, "Number of esp_mp_mulmod small x: %lu",
+                       esp_mp_mulmod_small_x_ct);
+        ESP_LOGW(TAG, "Number of esp_mp_mulmod small y: %lu",
+                       esp_mp_mulmod_small_y_ct);
+    }
+#endif /* MULMOD disabled: !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+
+#if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+    ESP_LOGI(TAG, "esp_mp_exptmod HW disabled with "
+                  "NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD");
+#else
+    /* Metrics: sp_mp_exptmod() */
+    ESP_LOGI(TAG, ""); /* exptmod follows */
+
+    ESP_LOGI(TAG, "Number of calls to esp_mp_exptmod: %lu",
+                   esp_mp_exptmod_usage_ct);
+    ESP_LOGI(TAG, "Number of fallback to SW mp_exptmod: %lu",
+                   esp_mp_exptmod_fallback_ct);
+    if (esp_mp_exptmod_error_ct == 0) {
+        ESP_LOGI(TAG, "Success: no esp_mp_exptmod errors.");
+    }
+    else {
+        ESP_LOGW(TAG, "Number of esp_mp_exptmod errors: %lu",
+                       esp_mp_exptmod_error_ct);
+        ret = MP_VAL;
+    }
+#endif /* EXPTMOD not disabled !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
+
+    ESP_LOGI(TAG, "Max N->used: esp_mp_max_used = %lu", esp_mp_max_used);
+    ESP_LOGI(TAG, "Max timeout: esp_mp_max_timeout = %lu", esp_mp_max_timeout);
+
+#else
+    /* no HW math, no HW math metrics */
+    ret = ESP_OK;
+#endif /* HW_MATH_ENABLED */
+
+
+    return ret;
+}
+#endif /* WOLFSSL_HW_METRICS */
+
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
index 39f4ad8a..30ba0e7b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_sha.c
@@ -18,11 +18,24 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
+/*
+ * ESP32-C3: https://www.espressif.com/sites/default/files/documentation/esp32-c3_technical_reference_manual_en.pdf
+ *  see page 335: no SHA-512
+ *
+ */
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
 
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
 #include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
 /*****************************************************************************/
 /* this entire file content is excluded when NO_SHA, NO_SHA256
  * or when using WC_SHA384 or WC_SHA512
@@ -34,12 +47,20 @@
 
 
 /* this entire file content is excluded if not using HW hash acceleration */
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
 
-/* TODO this may be chip type dependent: add support for others */
-#include <hal/clk_gate_ll.h> /* ESP32-WROOM */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    #include <hal/sha_hal.h>
 
+    #include <hal/sha_ll.h>
+    #include <hal/clk_gate_ll.h>
+#else
+    #include <hal/clk_gate_ll.h> /* ESP32-WROOM */
+#endif
 #include <wolfssl/wolfcrypt/sha.h>
 #include <wolfssl/wolfcrypt/sha256.h>
 #include <wolfssl/wolfcrypt/sha512.h>
@@ -56,22 +77,138 @@
 
 static const char* TAG = "wolf_hw_sha";
 
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* keep track of the currently active SHA hash object for interleaving */
+    const static word32 ** _active_digest_address = 0;
+#endif
+
 #ifdef NO_SHA
     #define WC_SHA_DIGEST_SIZE 20
 #endif
 
+#if defined(DEBUG_WOLFSSL)
+    /* Only when debugging, we'll keep tracking of block numbers. */
+    static int this_block_num = 0;
+#endif
+
 /* RTOS mutex or just InUse variable  */
 #if defined(SINGLE_THREADED)
     static int InUse = 0;
 #else
     static wolfSSL_Mutex sha_mutex = NULL;
+#endif
 
-    #if defined(DEBUG_WOLFSSL)
-        /* Only when debugging, we'll keep tracking of block numbers. */
-        static int this_block_num = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+    #ifndef WOLFSSL_TEST_STRAY
+        /* unless turned on, we won't be testing for strays */
+        #define WOLFSSL_TEST_STRAY 0
+    #endif
+#endif
+
+/* usage metrics can be turned on independently of debugging */
+#ifdef WOLFSSL_HW_METRICS
+    static unsigned long esp_sha_hw_copy_ct = 0;
+    static unsigned long esp_sha1_hw_usage_ct = 0;
+    static unsigned long esp_sha1_sw_fallback_usage_ct = 0;
+    static unsigned long esp_sha_reverse_words_ct = 0;
+    static unsigned long esp_sha1_hw_hash_usage_ct = 0;
+    static unsigned long esp_sha2_224_hw_hash_usage_ct = 0;
+    static unsigned long esp_sha2_256_hw_hash_usage_ct = 0;
+    static unsigned long esp_sha256_sw_fallback_usage_ct = 0;
+    static unsigned long esp_byte_reversal_checks_ct = 0;
+    static unsigned long esp_byte_reversal_needed_ct = 0;
+#endif
+
+#if defined(ESP_MONITOR_HW_TASK_LOCK)
+    static void * mutex_ctx_owner = 0;
+    static TaskHandle_t mutex_ctx_task = 0;
+    #ifdef WOLFSSL_DEBUG_MUTEX
+        static portMUX_TYPE sha_crit_sect = portMUX_INITIALIZER_UNLOCKED;
+        WC_ESP32SHA* stray_ctx;
+        /* each ctx keeps track of the intializer for HW. when debugging
+         * we'll have a global variable to indicate which has the lock. */
+        static int _sha_lock_count = 0;
+        static int _sha_call_count = 0;
+
+        int esp_sha_call_count(void)
+        {
+            return _sha_call_count;
+        }
+
+        int esp_sha_lock_count(void)
+        {
+            return _sha_lock_count;
+        }
+
+        void* esp_sha_mutex_ctx_owner(void)
+        {
+            void* ret = 0;
+            taskENTER_CRITICAL(&sha_crit_sect);
+            {
+                ret = mutex_ctx_owner;
+            }
+            taskEXIT_CRITICAL(&sha_crit_sect);
+            return ret;
+        };
+    #else
+        int esp_sha_mutex_ctx_owner(void)
+        {
+            return (int)sha_mutex;
+        }
     #endif
 #endif
 
+/*
+** The wolfCrypt functions for LITTLE_ENDIAN_ORDER typically
+** reverse the byte order. Except when the hardware doesn't expect it.
+**
+** Returns 0 (FALSE) or 1 (TRUE); see wolfSSL types.h
+*/
+int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx)
+{
+    int ret = TRUE; /* assume we'll need reversal, look for exceptions */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    if (ctx == NULL) {
+        ESP_LOGE(TAG, " ctx is null");
+        /* return true for bad params */
+    }
+    else {
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            esp_byte_reversal_checks_ct++;
+        }
+        #endif
+        if (ctx->mode == ESP32_SHA_HW) {
+            ESP_LOGV(TAG, " No reversal, ESP32_SHA_HW");
+            ret = FALSE;
+        }
+        else {
+            ret = TRUE;
+            ESP_LOGV(TAG, " Need byte reversal, %d", ctx->mode);
+            /* return true for SW; only HW C3 skips reversal at this time. */
+            #ifdef WOLFSSL_HW_METRICS
+            {
+                esp_byte_reversal_needed_ct++;
+            }
+            #endif
+            if (ctx->mode == ESP32_SHA_INIT) {
+                ESP_LOGW(TAG, "esp_sha_need_byte_reversal during init?");
+                ESP_LOGW(TAG, "forgot to try HW lock first?");
+            }
+        }
+    }
+#else
+    /* other platforms always return true */
+#endif
+    return ret;
+}
+
 /* esp_sha_init
 **
 **   ctx: any wolfSSL ctx from any hash algo
@@ -87,21 +224,33 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
 {
     int ret = 0;
 
-#if defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32) || \
+    defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
         case WC_HASH_TYPE_SHA:
             ctx->sha_type = SHA1; /* assign Espressif SHA HW type */
             ret = esp_sha_init_ctx(ctx);
             break;
 
+        case WC_HASH_TYPE_SHA224:
+        #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+            defined(CONFIG_IDF_TARGET_ESP32S3)
+            ctx->sha_type = SHA2_224; /* assign Espressif SHA HW type */
+            ret = esp_sha_init_ctx(ctx);
+        #else
+            /* Don't call init, always SW as there's no HW. */
+            ctx->mode = ESP32_SHA_SW;
+        #endif
+            break;
+
         case WC_HASH_TYPE_SHA256:
             ctx->sha_type = SHA2_256; /* assign Espressif SHA HW type */
             ret = esp_sha_init_ctx(ctx);
             break;
 
-    #ifdef CONFIG_IDF_TARGET_ESP32S3
+    #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+        defined(CONFIG_IDF_TARGET_ESP32S3)
         case  WC_HASH_TYPE_SHA384:
-            /* TODO is SHA384 really not supported on -S3? */
             ctx->mode = ESP32_SHA_SW;
             ctx->sha_type = SHA2_384; /* Espressif type, but we won't use HW */
             break;
@@ -138,13 +287,53 @@ int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type)
            ESP_LOGW(TAG, "Unexpected hash_type in esp_sha_init");
            break;
     }
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684) || \
+      defined(CONFIG_IDF_TARGET_ESP32C3) || \
+      defined(CONFIG_IDF_TARGET_ESP32C6)
+    switch (hash_type) { /* check each wolfSSL hash type WC_[n] */
+    #ifndef NO_SHA
+        case WC_HASH_TYPE_SHA:
+            ctx->sha_type = SHA1; /* assign Espressif SHA HW type */
+            ret = esp_sha_init_ctx(ctx);
+            break;
+    #endif
+
+        case WC_HASH_TYPE_SHA224:
+            ctx->sha_type = SHA2_224; /* assign Espressif SHA HW type */
+            ret = esp_sha_init_ctx(ctx);
+            break;
+
+        case WC_HASH_TYPE_SHA256:
+            ctx->sha_type = SHA2_256; /* assign Espressif SHA HW type */
+            ret = esp_sha_init_ctx(ctx);
+            break;
+
+        default:
+            /* We fall through to SW when there's no enabled HW, above. */
+            ctx->mode = ESP32_SHA_SW;
+            ret = 0;
+            /* If there's no HW, the ctx reference should cause build error.
+            ** The type should be gated away when there's no HW at all! */
+            ctx->isfirstblock = true;
+            ctx->sha_type = hash_type;
+            ESP_LOGW(TAG, "Unsupported hash_type = %d in esp_sha_init, "
+                          "falling back to SW", hash_type);
+            break;
+    }
+
 #else
     /* other chipsets will be implemented here */
-#endif /* defined(CONFIG_IDF_TARGET_ESP32) || defined(CONFIG_IDF_TARGET_ESP32S3) */
+    ESP_LOGW(TAG, "SW Fallback; CONFIG_IDF_TARGET = %s", CONFIG_IDF_TARGET);
+    ctx->mode = ESP32_SHA_SW;
+#endif /* CONFIG_IDF_TARGET_ESP32   ||
+        * CONFIG_IDF_TARGET_ESP32S2 ||
+        * CONFIG_IDF_TARGET_ESP32S3 */
 
     return ret;
 }
 
+#ifndef NO_SHAx /* TODO cannot currently turn off SHA */
 /* we'll call a separate init as there's only 1 HW acceleration */
 int esp_sha_init_ctx(WC_ESP32SHA* ctx)
 {
@@ -153,6 +342,12 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
 
         /* we'll keep track of who initialized this */
         ctx->initializer = ctx; /* save our address in the initializer */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* Keep track of which freeRTOS task actually locks HW */
+            ctx->task_owner = xTaskGetCurrentTaskHandle();
+        }
+        #endif
         ctx->mode = ESP32_SHA_INIT;
     }
     else {
@@ -167,6 +362,22 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
 
             /* we should never have an unexpected mode in a known ctx */
             switch (ctx->mode) {
+                case ESP32_SHA_FREED:
+                    ESP_LOGW(TAG, "Warning: ESP32_SHA_FREED status");
+
+                #ifdef ESP_MONITOR_HW_TASK_LOCK
+                    if (ctx->task_owner == xTaskGetCurrentTaskHandle()) {
+                        esp_sha_hw_unlock(ctx);
+                    }
+                    else {
+                        ESP_LOGW(TAG, "Warning: unable to unlock ctx mutex ");
+                    }
+                #else
+                    esp_sha_hw_unlock(ctx);
+                #endif
+                    ctx->mode = ESP32_SHA_INIT;
+                    /* fall through to init */
+
                 case ESP32_SHA_INIT:
                 case ESP32_SHA_SW:
                     /* nothing interesting here */
@@ -182,7 +393,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
                     break;
 
                 default:
-                    /* This should almost occur. We'd need to have an
+                    /* This should almost never occur. We'd need to have an
                     ** uninitialized ctx that just happens to include the
                     ** breadcrumb initializer with the same address. */
                     ESP_LOGW(TAG, "ALERT: unexpected WC_ESP32SHA ctx mode: "
@@ -202,9 +413,20 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
             **
             ** In either case, initialize: */
             ctx->initializer = ctx; /* set a new address */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* not HW mode, so we are not interested in task owner */
+            ctx->task_owner = 0;
+        }
+        #endif
 
             /* Always set to ESP32_SHA_INIT, but give debug info as to why: */
             switch (ctx->mode) {
+                case ESP32_SHA_FREED:
+                    ESP_LOGE(TAG, "ERROR: unexpected ESP32_SHA_FREED");
+                    ctx->mode = ESP32_SHA_INIT;
+                    break;
+
                 case ESP32_SHA_INIT:
                     /* if we are already in init mode, nothing to do. */
                     break;
@@ -226,7 +448,8 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
                 case ESP32_SHA_HW_COPY:
                     /* This is an interesting but acceptable situation:
                     ** an anticipated active HW copy that will demote to SW. */
-                    ESP_LOGV(TAG, "HW WC_ESP32SHA ctx mode = ESP32_SHA_HW_COPY.");
+                    ESP_LOGV(TAG, "HW WC_ESP32SHA ctx mode = "
+                                  "ESP32_SHA_HW_COPY.");
                     break;
 
                 default:
@@ -257,6 +480,7 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
             ** If there's a problem, likely some undesired operation
             ** outside of wolfSSL.
             */
+            /* TODO debug check if HW actually locked;  */
             esp_sha_hw_unlock(ctx);
             ctx->mode = ESP32_SHA_INIT;
             break;
@@ -294,7 +518,8 @@ int esp_sha_init_ctx(WC_ESP32SHA* ctx)
     ctx->isfirstblock = true;
     ctx->lockDepth = 0; /* new objects will always start with lock depth = 0 */
 
-    return 0; /* Always return success. We assume all issues handled, above. */
+    return ESP_OK; /* Always return success.
+                    * We assume all issues handled, above. */
 } /* esp_sha_init_ctx */
 
 /*
@@ -306,24 +531,43 @@ int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst)
     if (src->ctx.mode == ESP32_SHA_HW) {
         /* this is an interesting situation to copy HW digest to SW */
         ESP_LOGV(TAG, "esp_sha_ctx_copy esp_sha_digest_process");
-
+        #ifdef WOLFSSL_HW_METRICS
+        {
+            esp_sha_hw_copy_ct++;
+        }
+        #endif
         /* Get a copy of the HW digest, but don't process it. */
         ret = esp_sha_digest_process(dst, 0);
         if (ret == 0) {
-            /* note we arrived here only because the src is already in HW mode */
-            dst->ctx.mode = ESP32_SHA_HW_COPY; /* provide init hint to SW revert */
+            /* Note we arrived here only because
+             * the src is already in HW mode.
+             * provide init hint to SW revert: */
+            dst->ctx.mode = ESP32_SHA_HW_COPY;
 
             /* initializer will be set during init */
             ret = esp_sha_init(&(dst->ctx), WC_HASH_TYPE_SHA);
             if (ret != 0) {
-                ESP_LOGE(TAG, "Error during esp_sha_ctx_copy in esp_sha_init.");
+                ESP_LOGE(TAG, "Error during esp_sha_ctx_copy "
+                              "in esp_sha_init.");
             }
         }
         else {
-            ESP_LOGE(TAG, "Error during esp_sha_ctx_copy in esp_sha_digest_process.");
+            ESP_LOGE(TAG, "Error during esp_sha_ctx_copy "
+                          "in esp_sha_digest_process.");
         }
 
         if (dst->ctx.mode == ESP32_SHA_SW) {
+        #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+            defined(CONFIG_IDF_TARGET_ESP8684) || \
+            defined(CONFIG_IDF_TARGET_ESP32C3) || \
+            defined(CONFIG_IDF_TARGET_ESP32C6)
+            /* Reverse digest for C2/C3/C6 RISC-V platform
+             * only when HW enabled but fallback to SW. */
+            ByteReverseWords(dst->digest, dst->digest, WC_SHA_DIGEST_SIZE);
+            #ifdef WOLFSSL_HW_METRICS
+                esp_sha_reverse_words_ct++;
+            #endif
+        #endif
             /* The normal revert to SW in copy is expected */
             ESP_LOGV(TAG, "Confirmed SHA Copy set to SW");
         }
@@ -339,27 +583,42 @@ int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst)
         ** No special HW init needed in SW mode.
         ** but we need to set our initializer breadcrumb: */
         dst->ctx.initializer = &(dst->ctx); /* assign new breadcrumb to dst */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* not HW mode for copy, so we are not interested in task owner */
+            dst->ctx.task_owner = 0;
+        }
+        #endif
+
         ret = 0;
     }
 
     return ret;
 } /* esp_sha_ctx_copy */
+#endif
+
 
 /*
 ** internal sha224 ctx copy (no ESP HW)
 */
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
 int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
 {
     /* There's no 224 hardware on ESP32 */
     dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+    #ifdef ESP_MONITOR_HW_TASK_LOCK
+    {
+        /* not HW mode for copy, so we are not interested in task owner */
+        dst->ctx.task_owner = 0;
+    }
+    #endif
 
-    /* always set to SW, as there's no ESP32 HW for SHA224.
-    ** TODO: add support for ESP32-S2. ESP32-S3, ESP32-C3 here.
-    */
     dst->ctx.mode = ESP32_SHA_SW;
-    return 0;
+    return ESP_OK;
 } /* esp_sha224_ctx_copy */
+#endif
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
 /*
 ** internal sha256 ctx copy for ESP HW
 */
@@ -368,8 +627,12 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
     int ret;
     if (src->ctx.mode == ESP32_SHA_HW) {
         /* Get a copy of the HW digest, but don't process it. */
-        ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
-        ret = esp_sha256_digest_process(dst, 0);
+        #ifdef WOLFSSL_DEBUG_MUTEX
+        {
+            ESP_LOGI(TAG, "esp_sha256_ctx_copy esp_sha512_digest_process");
+        }
+        #endif
+        ret = esp_sha256_digest_process(dst, 0); /* TODO Use FALSE*/
 
         if (ret == 0) {
             /* provide init hint to possibly SW revert */
@@ -380,6 +643,17 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
         }
 
         if (dst->ctx.mode == ESP32_SHA_SW) {
+            #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+                defined(CONFIG_IDF_TARGET_ESP8684) || \
+                defined(CONFIG_IDF_TARGET_ESP32C3) || \
+                defined(CONFIG_IDF_TARGET_ESP32C6)
+            {
+                /* Reverse digest byte order for C3 fallback to SW. */
+                ByteReverseWords(dst->digest,
+                                 dst->digest,
+                                 WC_SHA256_DIGEST_SIZE);
+            }
+            #endif
             ESP_LOGV(TAG, "Confirmed wc_Sha256 Copy set to SW");
         }
         else {
@@ -393,17 +667,36 @@ int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst)
         ** No special HW init needed in SW mode.
         ** but we need to set our initializer: */
         dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* not HW mode, so we are not interested in task owner */
+            dst->ctx.task_owner = 0;
+        }
+        #endif
     } /* not (src->ctx.mode == ESP32_SHA_HW) */
 
     return ret;
 } /* esp_sha256_ctx_copy */
+#endif
 
+#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
 /*
 ** internal sha384 ctx copy for ESP HW
 */
 int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
 {
-    int ret;
+    int ret = 0;
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    {
+        /* We should ever be calling the HW sHA384 copy for this target. */
+        ESP_LOGW(TAG, "Warning: esp_sha384_ctx_copy() called for %s!",
+                       CONFIG_IDF_TARGET);
+        ESP_LOGW(TAG, "There's no SHA384 HW for this CONFIG_IDF_TARGET");
+    }
+#else
     if (src->ctx.mode == ESP32_SHA_HW) {
         /* Get a copy of the HW digest, but don't process it. */
         ESP_LOGI(TAG, "esp_sha384_ctx_copy esp_sha512_digest_process");
@@ -415,11 +708,13 @@ int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
             /* initializer will be set during init */
             ret = esp_sha_init(&(dst->ctx), WC_HASH_TYPE_SHA384);
             if (ret != 0) {
-                ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy in esp_sha_init.");
+                ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy "
+                              "in esp_sha_init.");
             }
         }
         else {
-            ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy in esp_sha512_digest_process.");
+            ESP_LOGE(TAG, "Error during esp_sha384_ctx_copy "
+                          "in esp_sha512_digest_process.");
         }
 
         /* just some diagnostic runtime info */
@@ -437,18 +732,35 @@ int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
         ** No special HW init needed in SW mode.
         ** but we need to set our initializer: */
         dst->ctx.initializer = &dst->ctx; /* assign the initializer to dst */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* not HW mode for copy, so we are not interested in task owner */
+            dst->ctx.task_owner = 0;
+        }
+        #endif
     } /* not (src->ctx.mode == ESP32_SHA_HW) */
-
+#endif
     return ret;
 } /* esp_sha384_ctx_copy */
+#endif
 
+#if defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)
 /*
 ** Internal sha512 ctx copy for ESP HW.
 ** If HW already active, fall back to SW for this ctx.
 */
 int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
 {
-    int ret;
+    int ret = ESP_OK; /* Assume success (zero) */
+
+#if defined(CONFIG_IDF_TARGET_ESP32C2)   || \
+    defined(CONFIG_IDF_TARGET_ESP8684)   || \
+    defined(CONFIG_IDF_TARGET_ESP32C3)   || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* there's no SHA512 HW on the RISC-V SoC so there's nothing to do. */
+#elif defined(CONFIG_IDF_TARGET_ESP32)   || \
+      defined(CONFIG_IDF_TARGET_ESP32S2) || \
+      defined(CONFIG_IDF_TARGET_ESP32S3)
     if (src->ctx.mode == ESP32_SHA_HW) {
         /* Get a copy of the HW digest, but don't process it. */
         ESP_LOGI(TAG, "esp_sha512_ctx_copy esp_sha512_digest_process");
@@ -476,18 +788,31 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
         /* reminder this happened in XMEMCOPY, above: dst->ctx = src->ctx;
         ** No special HW init needed when not in active HW mode.
         ** but we need to set our initializer breadcrumb: */
+    /* TODO: instead of what is NOT supported, gate on what IS known to be supported */
+    #if !defined(CONFIG_IDF_TARGET_ESP32C2) && \
+        !defined(CONFIG_IDF_TARGET_ESP32C3) && \
+        !defined(CONFIG_IDF_TARGET_ESP32C6)
         dst->ctx.initializer = &dst->ctx; /*breadcrumb is this ctx address */
+    #endif
+    #ifdef ESP_MONITOR_HW_TASK_LOCK
+        {
+            /* not HW mode for copy, so we are not interested in task owner */
+            dst->ctx.task_owner = 0;
+        }
+        #endif
     }
+#endif
 
     return ret;
 } /* esp_sha512_ctx_copy */
+#endif
 
 /*
-** determine the digest size, depending on SHA type.
+** Determine the digest size, depending on SHA type.
 **
 ** See FIPS PUB 180-4, Instruction Section 1.
 **
-** see ESP32 shah.h for values:
+** See ESP32 shah.h for values:
 **
 **  enum SHA_TYPE {
 **      SHA1 = 0,
@@ -502,45 +827,77 @@ int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst)
 ** Returns zero for bad digest size type request.
 **
 */
-static word32 wc_esp_sha_digest_size(enum SHA_TYPE type)
+static word32 wc_esp_sha_digest_size(WC_ESP_SHA_TYPE type)
 {
     int ret = 0;
     ESP_LOGV(TAG, "  esp_sha_digest_size");
 
+#if CONFIG_IDF_TARGET_ARCH_RISCV
+/*
+ *   SHA1 = 0,
+ *   SHA2_224,
+ *   SHA2_256,
+ */
     switch (type) {
     #ifndef NO_SHA
         case SHA1: /* typically 20 bytes */
             ret = WC_SHA_DIGEST_SIZE;
             break;
-#endif
+    #endif
     #ifdef WOLFSSL_SHA224
-    /*
-        no SHA224 HW at this time.
         case SHA2_224:
             ret = WC_SHA224_DIGEST_SIZE;
             break;
-    */
     #endif
     #ifndef NO_SHA256
         case SHA2_256: /* typically 32 bytes */
             ret = WC_SHA256_DIGEST_SIZE;
             break;
-#endif
+    #endif
+        default:
+            ESP_LOGE(TAG, "Bad SHA type in wc_esp_sha_digest_size");
+            ret = 0;
+            break;
+    }
+#else
+    /* Xtensa */
+    switch (type) {
+    #ifndef NO_SHA
+        case SHA1: /* typically 20 bytes */
+            ret = WC_SHA_DIGEST_SIZE;
+            break;
+    #endif
+
+    #ifdef WOLFSSL_SHA224
+        #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+            defined(CONFIG_IDF_TARGET_ESP32S3)
+        case SHA2_224:
+            ret = WC_SHA224_DIGEST_SIZE;
+            break;
+        #endif
+    #endif
+
+    #ifndef NO_SHA256
+        case SHA2_256: /* typically 32 bytes */
+            ret = WC_SHA256_DIGEST_SIZE;
+            break;
+    #endif
     #ifdef WOLFSSL_SHA384
         case SHA2_384:
             ret =  WC_SHA384_DIGEST_SIZE;
             break;
-#endif
+    #endif
     #ifdef WOLFSSL_SHA512
         case SHA2_512: /* typically 64 bytes */
             ret = WC_SHA512_DIGEST_SIZE;
             break;
-#endif
+    #endif
         default:
             ESP_LOGE(TAG, "Bad SHA type in wc_esp_sha_digest_size");
             ret = 0;
             break;
     }
+#endif
 
     return ret; /* Return value is a size, not an error code. */
 } /* wc_esp_sha_digest_size */
@@ -551,10 +908,18 @@ static word32 wc_esp_sha_digest_size(enum SHA_TYPE type)
 static int wc_esp_wait_until_idle(void)
 {
     int ret = 0; /* assume success */
-
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-    /* ESP32-C3 RISC-V TODO */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    int loop_ct = 10000;
+
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* ESP32-C3 and ESP32-C6 RISC-V */
+    while ((sha_ll_busy() == true) && (loop_ct > 0)) {
+        loop_ct--;
+        /* do nothing while waiting. */
+    }
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     while (REG_READ(SHA_BUSY_REG)) {
       /* do nothing while waiting. */
     }
@@ -566,7 +931,10 @@ static int wc_esp_wait_until_idle(void)
         /* do nothing while waiting. */
     }
 #endif
-
+    if (loop_ct <= 0)
+    {
+        ESP_LOGI(TAG, "too long to exit wc_esp_wait_until_idle");
+    }
     return ret;
 } /* wc_esp_wait_until_idle */
 
@@ -581,8 +949,6 @@ static int wc_esp_wait_until_idle(void)
 **
 ** Note that enable / disable only occurs when ref_counts[periph] == 0
 **
-** TODO: check if this works with other ESP32 platforms ESP32-C3,
-** ESP32-S3, etc.  (A: generally, no. RISC-V has different HW accelerator.)
 */
 int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
 {
@@ -593,7 +959,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
     int max_unroll_count = 1000; /* never get stuck in a hardware wait loop */
 
 #if defined(CONFIG_IDF_TARGET_ESP32)
-    uint32_t this_sha_mask; /* this is the bit-mask for our SHA CLK_EN_REG */
+    word32 this_sha_mask; /* this is the bit-mask for our SHA CLK_EN_REG */
 #endif
 
     if (ctx == NULL) {
@@ -601,17 +967,24 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
         return BAD_FUNC_ARG;
     }
 
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-    /*  RISC-V Architecture: TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /*************  RISC-V Architecture *************/
+    (void)max_unroll_count;
+    (void)_active_digest_address;
+    ets_sha_disable();
+    /* We don't check for unroll as done below, for Xtensa*/
 #else
-    /* Xtensa Architecture */
+    /************* Xtensa Architecture *************/
 
-    /* unwind prior calls to THIS ctx. decrement ref_counts[periph] */
-    /* only when ref_counts[periph] == 0 does something actually happen */
+    /* unwind prior calls to THIS ctx. decrement ref_counts[periph]
+    ** only when ref_counts[periph] == 0 does something actually happen. */
 
     /* once the value we read is a 0 in the DPORT_PERI_CLK_EN_REG bit
      * then we have fully unrolled the enables via ref_counts[periph]==0 */
-#if CONFIG_IDF_TARGET_ESP32S3
+#if  defined(CONFIG_IDF_TARGET_ESP32S2) ||defined(CONFIG_IDF_TARGET_ESP32S3)
     /* once the value we read is a 0 in the DPORT_PERI_CLK_EN_REG bit
      * then we have fully unrolled the enables via ref_counts[periph]==0 */
     while (periph_ll_periph_enabled(PERIPH_SHA_MODULE)) {
@@ -630,7 +1003,7 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
         /* we'll only try this some unreasonable number of times
          * before giving up */
         if (actual_unroll_count > max_unroll_count) {
-            ret = -1; /* failed to unroll */
+            ret = ESP_FAIL; /* failed to unroll */
             break;
         }
     }
@@ -660,6 +1033,116 @@ int esp_unroll_sha_module_enable(WC_ESP32SHA* ctx)
     return ret;
 } /* esp_unroll_sha_module_enable */
 
+int esp_sha_set_stray(WC_ESP32SHA* ctx)
+{
+    int ret = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+    stray_ctx = ctx;
+    ret= (int)stray_ctx;
+#endif
+    return ret;
+}
+
+/*
+** return HW lock owner, otherwise zero if not locked.
+**
+** When WOLFSSL_DEBUG_MUTEX is defined, additional
+** debugging capabilities are available.
+*/
+int esp_sha_hw_islocked(WC_ESP32SHA* ctx)
+{
+    int ret = 0;
+#ifdef WOLFSSL_DEBUG_MUTEX
+    taskENTER_CRITICAL(&sha_crit_sect);
+    {
+        ret = (int)mutex_ctx_owner;
+        if (ctx == 0) {
+            /* we are not checking if a given ctx has the lock */
+        }
+        else {
+            if (ret == (int)ctx->initializer) {
+                /* confirmed this object is the owner */
+            }
+            else {
+                /* this object is not the lock owner */
+            }
+        }
+    }
+    taskEXIT_CRITICAL(&sha_crit_sect);
+#else
+    #ifdef SINGLE_THREADED
+    {
+        ret = InUse;
+    }
+    #else
+    {
+        ret = (int)sha_mutex;
+    }
+    #endif
+    return ret;
+#endif
+
+
+#ifdef WOLFSSL_DEBUG_MUTEX
+    if (ret == 0) {
+        ESP_LOGV(TAG, ">> NOT LOCKED esp_sha_hw_islocked");
+    }
+    else {
+        ESP_LOGV(TAG, ">> LOCKED esp_sha_hw_islocked for %x",
+                      (int)esp_sha_mutex_ctx_owner());
+    }
+#endif
+    return ret;
+}
+
+/*
+ * The HW is typically unlocked when the SHA hash wc_Sha[nn]Final() is called.
+ * However, in the case of TS connections, the in progress hash may at times be
+ * abandoned. Thus this function should be called at free time. See internal.c
+ */
+int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx)
+{
+    int ret = 0;
+    ret = esp_sha_hw_islocked(ctx); /* get the owner of the current lock */
+    if (ret == 0) {
+        /* no lock */
+    }
+    else {
+        if (ret == (int)ctx) {
+            /* found a match for this object */
+            if (ret == (int)(ctx->initializer)) {
+                /* confirmed match*/
+            }
+            else {
+                /* the only mismatch expected may be in a mullti-thread RTOS */
+                ESP_LOGE(TAG, "ERROR: esp_sha_release_unfinished_lock for %x"
+                              " but found %x", ret, (int)(ctx->initializer));
+            }
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            ESP_LOGE(TAG, "\n>>>> esp_sha_release_unfinished_lock %x\n", ret);
+        #endif
+            /* unlock only if this ctx is the intializer of the lock */
+        #ifdef SINGLE_THREADED
+        {
+            ret = esp_sha_hw_unlock(ctx);
+        }
+        #else
+        {
+            if (ctx->task_owner == xTaskGetCurrentTaskHandle()) {
+                ret = esp_sha_hw_unlock(ctx);
+            }
+            else {
+                /* We cannot free a SHA onbject locks from a different task.
+                 * So give the ctx a hint for the other task to clean it up. */
+                ctx->mode = ESP32_SHA_FREED;
+            }
+        }
+        #endif
+
+        }
+    }
+    return ret;
+}
 /*
 ** lock HW engine.
 ** this should be called before using engine.
@@ -668,7 +1151,18 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
 {
     int ret = 0;
 
-    ESP_LOGV(TAG, "enter esp_sha_hw_lock %x", (int)ctx->initializer);
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+    ESP_LOGI(TAG, "enter esp_sha_hw_lock for %x", (int)ctx->initializer);
+#endif
+
+    #ifdef WOLFSSL_DEBUG_MUTEX
+        taskENTER_CRITICAL(&sha_crit_sect);
+        {
+            /* let's keep track of how many times we call this */
+            _sha_call_count++;
+        }
+        taskEXIT_CRITICAL(&sha_crit_sect);
+    #endif
 
     if (ctx == NULL) {
         ESP_LOGE(TAG, " esp_sha_try_hw_lock called with NULL ctx");
@@ -694,9 +1188,9 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
     else {
          /* this should not happens */
         ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
-        return -1;
+        return ESP_FAIL;
     }
-#else /* not defined(SINGLE_THREADED) */
+#else /* not ESP_FAILfined(SINGLE_THREADED) */
     /*
     ** there's only one SHA engine for all the hash types
     ** so when any hash is in use, no others can use it.
@@ -720,60 +1214,185 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
         /* created, but not yet locked */
         ret = esp_CryptHwMutexInit(&sha_mutex);
         if (ret == 0) {
-            ESP_LOGV(TAG, "esp_CryptHwMutexInit sha_mutex init success.");
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            ESP_LOGI(TAG, "esp_CryptHwMutexInit sha_mutex init success.");
+            mutex_ctx_owner = 0;
+        #endif
         }
         else {
             ESP_LOGE(TAG, "esp_CryptHwMutexInit sha_mutex failed.");
             sha_mutex = 0;
 
             ESP_LOGI(TAG, "Revert to ctx->mode = ESP32_SHA_SW.");
+
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            ESP_LOGI(TAG, "Current mutext owner = %x",
+                          (int)esp_sha_mutex_ctx_owner());
+        #endif
+
             ctx->mode = ESP32_SHA_SW;
-            return 0; /* success, just not using HW */
+            return ESP_OK; /* success, just not using HW */
         }
     }
 
+#ifdef ESP_MONITOR_HW_TASK_LOCK
+    if (mutex_ctx_task == 0 || mutex_ctx_owner == 0) {
+        /* no known stray mutex task owner */
+    }
+    else {
+        if (mutex_ctx_task ==  xTaskGetCurrentTaskHandle()) {
+            ESP_LOGI(TAG, "Found mutex_ctx_task");
+            if (((WC_ESP32SHA*)mutex_ctx_owner)->mode == ESP32_SHA_FREED) {
+                ESP_LOGW(TAG, "ESP32_SHA_FREED unlocking mutex_ctx_task = %x"
+                              " for mutex_ctx_owner = %x",
+                              (int)mutex_ctx_task, (int)mutex_ctx_owner );
+                esp_CryptHwMutexUnLock(&sha_mutex);
+                ((WC_ESP32SHA*)mutex_ctx_owner)->mode = ESP32_SHA_INIT;
+                mutex_ctx_task = 0;
+                mutex_ctx_owner = 0;
+            }
+            else {
+                if (ctx->mode == ESP32_SHA_FREED) {
+                    ESP_LOGW(TAG, "ESP32_SHA_FREED unlocking ctx = %x"
+                              " for ctx.initializer = %x",
+                              (int)ctx, (int)ctx->initializer );
+                    esp_CryptHwMutexUnLock(&sha_mutex);
+                    ctx->mode = ESP32_SHA_INIT;
+                    mutex_ctx_task = 0;
+                    mutex_ctx_owner = 0;
+                }
+            }
+        }
+    }
+#endif /* ESP_MONITOR_HW_TASK_LOCK */
+
     /* check if this SHA has been operated as SW or HW, or not yet init */
     if (ctx->mode == ESP32_SHA_INIT) {
         /* try to lock the HW engine */
-        ESP_LOGV(TAG, "ESP32_SHA_INIT\n");
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+        ESP_LOGI(TAG, "ESP32_SHA_INIT for %x\n", (int)ctx->initializer);
+#endif
+        /* lock hardware; there should be exactly one instance
+         * of esp_CryptHwMutexLock(&sha_mutex ...) in code.
+         *
+         * we don't wait:
+         * either the engine is free, or we fall back to SW.
+         *
+         * TODO: allow for SHA interleave on chips that support it.
+         */
 
-        /* we don't wait:
-        ** either the engine is free, or we fall back to SW
-        **/
         if (esp_CryptHwMutexLock(&sha_mutex, (TickType_t)0) == 0) {
+            /* we've successfully locked */
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+            mutex_ctx_task = xTaskGetCurrentTaskHandle();
+        #endif
+
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            if (esp_sha_call_count() == 8 && WOLFSSL_TEST_STRAY) {
+                /* Once we've locked 10 times here,
+                * we'll force a fallback to SW until other thread unlocks. */
+                taskENTER_CRITICAL(&sha_crit_sect);
+                {
+                    (void)stray_ctx;
+                    if (stray_ctx == NULL) {
+                        /* no peek task */
+                    }
+                    else {
+                        stray_ctx->initializer = stray_ctx;
+                        mutex_ctx_owner = (void*)stray_ctx->initializer;
+                    }
+                }
+                taskEXIT_CRITICAL(&sha_crit_sect);
+                if (stray_ctx == NULL) {
+                    ESP_LOGW(TAG, "WOLFSSL_DEBUG_MUTEX on, but stray_ctx "
+                                  "is NULL; are you running the peek task to "
+                                  "set the stay test?");
+                }
+                else {
+                    ESP_LOGI(TAG, "%x", (int)stray_ctx->initializer);
+                    ESP_LOGI(TAG, "%x", (int)&stray_ctx);
+                    ESP_LOGW(TAG,
+                             "\n\nLocking with stray\n\n"
+                             "WOLFSSL_DEBUG_MUTEX call count 8, "
+                             "ctx->mode = ESP32_SHA_SW %x\n\n",
+                             (int)mutex_ctx_owner);
+                    ctx->task_owner = xTaskGetCurrentTaskHandle();
+                    ctx->mode = ESP32_SHA_SW;
+                    return ESP_OK; /* success, but revert to SW */
+                }
+            }
+        #endif
+
             /* check to see if we had a prior fail and need to unroll enables */
+        #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+            ESP_LOGW(TAG, "Locking for ctx %x, current mutex_ctx_owner = %x",
+                           (int)&ctx, (int)esp_sha_mutex_ctx_owner());
+        #endif
             ret = esp_unroll_sha_module_enable(ctx);
-            ESP_LOGV(TAG, "Hardware Mode, lock depth = %d,  %x",
+        #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+            ESP_LOGI(TAG, "Hardware Mode Active, lock depth = %d, for %x",
                           ctx->lockDepth, (int)ctx->initializer);
+        #endif
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            taskENTER_CRITICAL(&sha_crit_sect);
+            {
+                mutex_ctx_owner = (void*)ctx->initializer;
+                /* let's keep track of how many times we lock this */
+                _sha_lock_count++;
+            }
+            taskEXIT_CRITICAL(&sha_crit_sect);
+        #endif
 
             if (ctx->lockDepth > 0) {
                 /* it is unlikely that this would ever occur,
                 ** as the mutex should be gate keeping */
                 ESP_LOGW(TAG, "WARNING: Hardware Mode "
-                              "interesting lock depth = %d,  %x",
+                              "interesting lock depth = %d, for this %x",
                               ctx->lockDepth, (int)ctx->initializer);
             }
         }
         else {
             /* We should have otherwise anticipated this; how did we get here?
             ** This code should rarely, ideally never be reached. */
-            ESP_LOGI(TAG, "\nHardware in use; Mode REVERT to ESP32_SHA_SW\n");
+        #ifdef WOLFSSL_DEBUG_MUTEX
+            ESP_LOGI(TAG, "\nHardware in use by %x; "
+                           "Mode REVERT to ESP32_SHA_SW for %x\n",
+                           (int)esp_sha_mutex_ctx_owner(),
+                           (int)ctx->initializer);
+            ESP_LOGI(TAG, "Software Mode, lock depth = %d, for this %x",
+                          ctx->lockDepth, (int)ctx->initializer);
+            ESP_LOGI(TAG, "Current mutext owner = %x",
+                           (int)esp_sha_mutex_ctx_owner());
+        #endif
             ctx->mode = ESP32_SHA_SW;
-            return 0; /* success, but revert to SW */
+            return ESP_OK; /* success, but revert to SW */
         }
     } /* (ctx->mode == ESP32_SHA_INIT) */
     else {
         /* this should not happen: called during mode != ESP32_SHA_INIT  */
         ESP_LOGE(TAG, "unexpected error in esp_sha_try_hw_lock.");
-        return -1;
+        return ESP_FAIL;
     }
 #endif /* not defined(SINGLE_THREADED) */
 
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-    /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    {
+        ESP_LOGV(TAG, "ets_sha_enable for RISC-V");
+        ets_sha_enable();
+        ctx->mode = ESP32_SHA_HW;
+    }
 #else
     if (ret == 0) {
         ctx->lockDepth++; /* depth for THIS ctx (there could be others!) */
+        #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+        {
+            printf("1) Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+                   __LINE__, ctx->lockDepth, (unsigned)ctx);
+        }
+        #endif
         periph_module_enable(PERIPH_SHA_MODULE);
         ctx->mode = ESP32_SHA_HW;
     }
@@ -788,14 +1407,22 @@ int esp_sha_try_hw_lock(WC_ESP32SHA* ctx)
 } /* esp_sha_try_hw_lock */
 
 /*
-** release HW engine. when we don't have it locked, SHA module is DISABLED
+** Release HW engine. when we don't have it locked, SHA module is DISABLED.
+** Note this is not the semaphore tracking who has the HW.
 */
 int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
 {
+    int ret = ESP_OK; /* assume success (zero) */
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
     ESP_LOGV(TAG, "enter esp_sha_hw_unlock");
+#endif
 
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-    /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    ets_sha_disable(); /* disable also resets active, ongoing hash */
+    ESP_LOGV(TAG, "ets_sha_disable in esp_sha_hw_unlock()");
 #else
     /* Disable AES hardware */
     periph_module_disable(PERIPH_SHA_MODULE);
@@ -805,6 +1432,10 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
      * and periph_module_disable() need to be unwound.
      *
      * see ref_counts[periph] in file: periph_ctrl.c */
+#ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+    printf("2) esp_sha_hw_unlock Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+           __LINE__, ctx->lockDepth, (unsigned)ctx);
+#endif
     if (ctx->lockDepth > 0) {
         ctx->lockDepth--;
     }
@@ -812,14 +1443,51 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
         ctx->lockDepth = 0;
     }
 
-#if defined(SINGLE_THREADED)
-    InUse = 0;
-#else
-    /* unlock HW engine for next use */
-    esp_CryptHwMutexUnLock(&sha_mutex);
+#if defined(ESP_MONITOR_HW_TASK_LOCK) && defined(WOLFSSL_ESP32_HW_LOCK_DEBUG)
+    printf("3) esp_sha_hw_unlock Lock depth @ %d = %d for WC_ESP32SHA @ %0x\n",
+           __LINE__, ctx->lockDepth, (unsigned)ctx);
 #endif
-    ESP_LOGV(TAG, "leave esp_sha_hw_unlock, %x", (int)ctx->initializer);
-    return 0;
+    if (0 == ctx->lockDepth)
+    {
+    #if defined(SINGLE_THREADED)
+        InUse = 0;
+    #else
+        /* unlock HW engine for next use */
+        #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+        {
+            ESP_LOGW(TAG, "Unlocking for %x, from ctx %x, & = %x, "
+                          "mutex_ctx_owner = %x",
+                           (int)esp_sha_mutex_ctx_owner(),
+                           (int)ctx,
+                           (int)&ctx,
+                           (int)esp_sha_mutex_ctx_owner());
+            ESP_LOGW(TAG, "&sha_mutex = %x", (int)&sha_mutex);
+        }
+        #endif /* WOLFSSL_ESP32_HW_LOCK_DEBUG */
+        esp_CryptHwMutexUnLock(&sha_mutex);
+        #ifdef ESP_MONITOR_HW_TASK_LOCK
+            mutex_ctx_task = 0;
+        #endif
+    #endif
+
+    #ifdef WOLFSSL_DEBUG_MUTEX
+        taskENTER_CRITICAL(&sha_crit_sect);
+        {
+            mutex_ctx_owner = 0;
+        }
+        taskEXIT_CRITICAL(&sha_crit_sect);
+    #endif
+    }
+    else
+    {
+        ESP_LOGE(TAG, "ERROR unlock lockDepth not zero");
+        ret = ESP_FAIL;
+    }
+    #ifdef WOLFSSL_ESP32_HW_LOCK_DEBUG
+        ESP_LOGI(TAG, "leave esp_sha_hw_unlock, %x", (int)ctx->initializer);
+    #endif
+
+    return ret;
 } /* esp_sha_hw_unlock */
 
 /*
@@ -827,10 +1495,17 @@ int esp_sha_hw_unlock(WC_ESP32SHA* ctx)
 * Assumes register already loaded.
 * Returns a negative value error code upon failure.
 */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* ESP32-C3 HAL has built-in process start, nothing to declare here. */
+#else
+    /* Everything else uses esp_sha_start_process() */
 static int esp_sha_start_process(WC_ESP32SHA* sha)
 {
     int ret = 0;
-#if defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     uint8_t HardwareAlgorithm;
 #endif
 
@@ -840,16 +1515,43 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
 
     ESP_LOGV(TAG, "    enter esp_sha_start_process");
 
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-        /* ESP32-C3 RISC-V TODO */
-	#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    ESP_LOGV(TAG, "SHA1 SHA_START_REG");
+    if (sha->isfirstblock) {
+        sha_ll_start_block(SHA2_256);
+        sha->isfirstblock = false;
+
+        ESP_LOGV(TAG, "      set sha->isfirstblock = 0");
+
+    #if defined(DEBUG_WOLFSSL)
+        this_block_num = 1; /* one-based counter, just for debug info */
+    #endif
+    } /* first block */
+    else {
+        sha_ll_continue_block(SHA2_256);
+
+    #if defined(DEBUG_WOLFSSL)
+        this_block_num++; /* one-based counter */
+        ESP_LOGV(TAG, "      continue block #%d", this_block_num);
+    #endif
+    } /* not first block */
+    /***** END CONFIG_IDF_TARGET_ESP32C2 aka ESP8684 or
+     *         CONFIG_IDF_TARGET_ESP32C3 or
+     *         CONFIG_IDF_TARGET_ESP32C6 *****/
 
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     /* Translate from Wolf SHA type to hardware algorithm. */
     HardwareAlgorithm = 0;
     switch (sha->sha_type) {
         case SHA1:
             HardwareAlgorithm = 0;
             break;
+        case SHA2_224:
+            HardwareAlgorithm = 1;
+            break;
         case SHA2_256:
             HardwareAlgorithm = 2;
             break;
@@ -866,7 +1568,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
         default:
             /* Unsupported SHA mode. */
             sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
-            return -1;
+            return ESP_FAIL;
     }
 
     REG_WRITE(SHA_MODE_REG, HardwareAlgorithm);
@@ -890,7 +1592,9 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
     #endif
     } /* not first block */
 
-#else /* not ESP32S3 */
+    /* end ESP32S3 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32)
     if (sha->isfirstblock) {
         /* start registers for first message block
          * we don't make any relational memory position assumptions.
@@ -918,7 +1622,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
 
             default:
                 sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
-                ret = -1;
+                ret = ESP_FAIL;
                 break;
         }
 
@@ -960,10 +1664,13 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
             default:
                 /* error for unsupported other values */
                 sha->mode = ESP32_SHA_FAIL_NEED_UNROLL;
-                ret = -1;
+                ret = ESP_FAIL;
                 break;
         }
     }
+    /* end standard ESP32 */
+    #else
+        ESP_LOGE(TAG, "Unsupported hardware");
     #endif
 
         #if defined(DEBUG_WOLFSSL)
@@ -975,6 +1682,7 @@ static int esp_sha_start_process(WC_ESP32SHA* sha)
 
    return ret;
 }
+#endif /* esp_sha_start_process !CONFIG_IDF_TARGET_ESP32C3/C6  */
 
 /*
 ** process message block
@@ -983,13 +1691,15 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
                                  const word32* data,
                                  word32 len)
 {
-    int ret = 0; /* assume success */
+    int ret = ESP_OK; /* assume success */
     word32 word32_to_save = (len) / (sizeof(word32));
-#ifdef CONFIG_IDF_TARGET_ESP32S3
-    uint32_t* MessageSource;
-    uint32_t* AcceleratorMessage;
-#else
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    word32* MessageSource;
+    word32* AcceleratorMessage;
+#elif CONFIG_IDF_TARGET_ESP32
     int i;
+#else
+    /* not used */
 #endif
     ESP_LOGV(TAG, "  enter esp_process_block");
     if (word32_to_save > 0x31) {
@@ -1000,43 +1710,124 @@ static int wc_esp_process_block(WC_ESP32SHA* ctx, /* see ctx->sha_type */
     /* wait until the engine is available */
     ret = wc_esp_wait_until_idle();
 
-#if CONFIG_IDF_TARGET_ESP32S3
-    MessageSource = (uint32_t*)data;
-    AcceleratorMessage = (uint32_t*)(SHA_TEXT_BASE);
-    while (word32_to_save--) {
-      /* Must swap endianness of data loaded into hardware accelerator to produce
-       * correct result. Using DPORT_REG_WRITE doesn't avoid this for ESP32s3.
-       * Note: data sheet claims we also need to swap endianness across 64 byte words
-       * when doing SHA-512, but the SHA-512 result is not correct if you do that. */
-      DPORT_REG_WRITE(AcceleratorMessage, __builtin_bswap32(*MessageSource));
-      ++AcceleratorMessage;
-      ++MessageSource;
-    } /*  (word32_to_save--) */
-
-#else
+#if defined(CONFIG_IDF_TARGET_ESP32)
     /* load [len] words of message data into HW */
     for (i = 0; i < word32_to_save; i++) {
         /* by using DPORT_REG_WRITE, we avoid the need
          * to call __builtin_bswap32 to address endianness.
          *
          * a useful watch array cast to watch at runtime:
-         *   ((uint32_t[32])  (*(volatile uint32_t *)(SHA_TEXT_BASE)))
+         *   ((word32[32])  (*(volatile word32 *)(SHA_TEXT_BASE)))
          *
          * Write value to DPORT register (does not require protecting)
          */
-    #if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-        /* ESP32-C3 RISC-V TODO */
-    #else
         DPORT_REG_WRITE(SHA_TEXT_BASE + (i*sizeof(word32)), *(data + i));
-    #endif
         /* memw confirmed auto inserted by compiler here */
     }
-#endif
-
     /* notify HW to start process
      * see ctx->sha_type
      * reg data does not change until we are ready to read */
     ret = esp_sha_start_process(ctx);
+    /***** END CONFIG_IDF_TARGET_ESP32 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684) || \
+      defined(CONFIG_IDF_TARGET_ESP32C3) || \
+      defined(CONFIG_IDF_TARGET_ESP32C6)
+   /************* RISC-V Architecture *************
+    *
+    *  SHA_M_1_REG is not a macro:
+    *  DPORT_REG_WRITE(SHA_M_1_REG + (i*sizeof(word32)), *(data + i));
+    *
+    * but we have this HAL: sha_ll_fill_text_block
+    *
+    * Note that unlike the plain ESP32 that has only 1 register, we can write
+    * the entire block.
+    * SHA_TEXT_BASE = 0x6003b080
+    * SHA_H_BASE    = 0x6003b040
+    * see hash: (word32[08])  (*(volatile uint32_t *)(SHA_H_BASE))
+    *  message: (word32[16])  (*(volatile uint32_t *)(SHA_TEXT_BASE))
+    *  ((word32[16])  (*(volatile uint32_t *)(SHA_TEXT_BASE)))
+    */
+    if (&data != _active_digest_address) {
+        ESP_LOGV(TAG, "TODO Moving alternate ctx->for_digest");
+        /* move last known digest into HW reg during interleave */
+        /* sha_ll_write_digest(ctx->sha_type, ctx->for_digest,
+                               WC_SHA256_BLOCK_SIZE); */
+        _active_digest_address = &data;
+    }
+    if (ctx->isfirstblock) {
+        ets_sha_enable(); /* will clear initial digest     */
+        #if defined(DEBUG_WOLFSSL)
+        {
+            this_block_num = 1; /* one-based counter, just for debug info */
+        }
+        #endif
+    }
+    else {
+        #if defined(DEBUG_WOLFSSL)
+        {
+            this_block_num++;
+        }
+        #endif
+    }
+    /* call Espressif HAL for this hash*/
+    sha_hal_hash_block(ctx->sha_type,
+                       (void *)(data),
+                       word32_to_save,
+                       ctx->isfirstblock);
+    ctx->isfirstblock = 0; /* once we hash a block,
+                            * we're no longer at the first */
+    /***** END CONFIG_IDF_TARGET_ESP32C2 or
+     *         CONFIG_IDF_TARGET_ESP8684 or
+     *         CONFIG_IDF_TARGET_ESP32C3 or
+     *         CONFIG_IDF_TARGET_ESP32C6 */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
+    MessageSource = (word32*)data;
+    AcceleratorMessage = (word32*)(SHA_TEXT_BASE);
+    while (word32_to_save--) {
+      /* Must swap endianness of data loaded into hardware accelerator
+       * to produce correct result. Using DPORT_REG_WRITE doesn't avoid this
+       * for ESP32s3.
+       * Note: data sheet claims we also need to swap endianness across
+       * 64 byte words when doing SHA-512, but the SHA-512 result is not
+       * correct if you do that. */
+      DPORT_REG_WRITE(AcceleratorMessage, __builtin_bswap32(*MessageSource));
+      ++AcceleratorMessage;
+      ++MessageSource;
+    } /*  (word32_to_save--) */
+    /* notify HW to start process
+     * see ctx->sha_type
+     * reg data does not change until we are ready to read */
+    ret = esp_sha_start_process(ctx);
+    /***** END CONFIG_IDF_TARGET_ESP32S2 or CONFIG_IDF_TARGET_ESP32S3 */
+
+#else
+    ret = ESP_FAIL;
+    ESP_LOGE(TAG, "ERROR: (CONFIG_IDF_TARGET not supported");
+#endif
+
+#ifdef WOLFSSL_HW_METRICS
+    switch (ctx->sha_type) {
+        case SHA1:
+            esp_sha1_hw_hash_usage_ct++;
+        break;
+
+    #ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+        case SHA2_224:
+            esp_sha2_224_hw_hash_usage_ct++;
+        break;
+    #endif
+
+        case SHA2_256:
+            esp_sha2_256_hw_hash_usage_ct++;
+        break;
+
+    default:
+        break;
+    }
+#endif
 
     ESP_LOGV(TAG, "  leave esp_process_block");
     return ret;
@@ -1049,12 +1840,12 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
 {
     word32 digestSz;
 
-#if CONFIG_IDF_TARGET_ESP32S3
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     uint64_t* pHash64Buffer;
     uint32_t* pHashDestination;
     size_t szHashWords;
     size_t szHash64Words;
-# endif
+#endif
 
     ESP_LOGV(TAG, "enter esp_digest_state");
 
@@ -1063,16 +1854,35 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
     }
 
     /* sanity check */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    if (ctx->sha_type == SHA_INVALID) {
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684) || \
+      defined(CONFIG_IDF_TARGET_ESP32C3) || \
+      defined(CONFIG_IDF_TARGET_ESP32S2) || \
+      defined(CONFIG_IDF_TARGET_ESP32S3) || \
+      defined(CONFIG_IDF_TARGET_ESP32C6)
+    if (ctx->sha_type == SHA_TYPE_MAX) {
+#else
+    ESP_LOGE(TAG, "unexpected target for wc_esp_digest_state");
+    {
+#endif /* conditional sanity check on she_type */
+        ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
+        ESP_LOGE(TAG, "error. sha_type %d is invalid.", ctx->sha_type);
+        return ESP_FAIL;
+    }
+
     digestSz = wc_esp_sha_digest_size(ctx->sha_type);
     if (digestSz == 0) {
         ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
         ESP_LOGE(TAG, "unexpected error. sha_type is invalid.");
-        return -1;
+        return ESP_FAIL;
     }
-#if CONFIG_IDF_TARGET_ESP32S3
+
+#if defined(CONFIG_IDF_TARGET_ESP32S2) || defined(CONFIG_IDF_TARGET_ESP32S3)
     if (ctx->isfirstblock == true) {
         /* no hardware use yet. Nothing to do yet */
-        return 0;
+        return ESP_OK;
     }
 
     /* wait until idle */
@@ -1080,7 +1890,7 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
 
     /* read hash result into buffer & flip endianness */
     pHashDestination = (uint32_t*)hash;
-    szHashWords = wc_esp_sha_digest_size(ctx->sha_type) / sizeof(uint32_t);
+    szHashWords = wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32);
     esp_dport_access_read_buffer(pHashDestination, SHA_H_BASE, szHashWords);
 
     if (ctx->sha_type == SHA2_512) {
@@ -1101,14 +1911,34 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
     } /* not (ctx->sha_type == SHA2_512) */
 
     /* end if CONFIG_IDF_TARGET_ESP32S3 */
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    wc_esp_wait_until_idle();
+    sha_ll_read_digest(
+        ctx->sha_type,
+        (void *)hash,
+        wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
+    );
+#elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+      defined(CONFIG_IDF_TARGET_ESP32C6)
+    wc_esp_wait_until_idle();
+    sha_ll_read_digest(
+        ctx->sha_type,
+        (void *)hash,
+        wc_esp_sha_digest_size(ctx->sha_type) / sizeof(word32)
+    );
 #else
     /* not CONFIG_IDF_TARGET_ESP32S3 */
     /* wait until idle */
     wc_esp_wait_until_idle();
 
     /* each sha_type register is at a different location  */
-#if defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)
-    /* ESP32-C3 RISC-V TODO */
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+#elif  defined(CONFIG_IDF_TARGET_ESP32S2)
+    /* nothing here for S2 */
 #else
     switch (ctx->sha_type) {
         case SHA1:
@@ -1133,12 +1963,12 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
 
         default:
             ctx->mode = ESP32_SHA_FAIL_NEED_UNROLL;
-            return -1;
+            return ESP_FAIL;
     }
 
     if (ctx->isfirstblock == true) {
         /* no hardware use yet. Nothing to do yet */
-        return 0;
+        return ESP_OK;
     }
 
     /* LOAD final digest */
@@ -1162,11 +1992,11 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
      */
 
     esp_dport_access_read_buffer(
-#if ESP_IDF_VERSION_MAJOR >= 4
+    #if ESP_IDF_VERSION_MAJOR >= 4
         (uint32_t*)(hash), /* the result will be found in hash upon exit */
-#else
+    #else
         (word32*)(hash), /* the result will be found in hash upon exit */
-#endif
+    #endif
         SHA_TEXT_BASE,   /* there's a fixed reg addr for all SHA */
         digestSz / sizeof(word32) /* # 4-byte */
     );
@@ -1184,10 +2014,10 @@ int wc_esp_digest_state(WC_ESP32SHA* ctx, byte* hash)
         }
     }
 #endif
-#endif /* not CONFIG_IDF_TARGET_ESP32S3 */
+#endif /* not CONFIG_IDF_TARGET_ESP32S3, C3, else... */
 
     ESP_LOGV(TAG, "leave esp_digest_state");
-    return 0;
+    return ESP_OK;
 } /* wc_esp_digest_state */
 
 #ifndef NO_SHA
@@ -1229,7 +2059,7 @@ int esp_sha_digest_process(struct wc_Sha* sha, byte blockprocess)
 #endif /* NO_SHA */
 
 
-#ifndef NO_SHA256
+#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
 /*
 ** sha256 process
 **
@@ -1241,17 +2071,33 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
 
     ESP_LOGV(TAG, "  enter esp_sha256_process");
 
-    if ((&sha->ctx)->sha_type == SHA2_256) {
+    switch ((&sha->ctx)->sha_type) {
+    case SHA2_256:
 #if defined(DEBUG_WOLFSSL_VERBOSE)
-        ESP_LOGV(TAG, "    confirmed SHA type call match");
+        ESP_LOGV(TAG, "    confirmed SHA256 type call match");
 #endif
-    }
-    else {
-        ret = -1;
+        wc_esp_process_block(&sha->ctx,
+                             (const word32*)data,
+                             WC_SHA256_BLOCK_SIZE);
+        break;
+
+#if defined(WOLFSSL_SHA224) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
+    case SHA2_224:
+    #if defined(DEBUG_WOLFSSL_VERBOSE)
+        ESP_LOGV(TAG, "    confirmed SHA224 type call match");
+    #endif
+        wc_esp_process_block(&sha->ctx,
+                             (const word32*)data,
+                             WC_SHA224_BLOCK_SIZE);
+        break;
+#endif
+
+    default:
+        ret = ESP_FAIL;
         ESP_LOGE(TAG, "    ERROR SHA type call mismatch");
+        break;
     }
 
-    wc_esp_process_block(&sha->ctx, (const word32*)data, WC_SHA256_BLOCK_SIZE);
 
     ESP_LOGV(TAG, "  leave esp_sha256_process");
 
@@ -1266,16 +2112,17 @@ int esp_sha256_process(struct wc_Sha256* sha, const byte* data)
 */
 int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockprocess)
 {
-    int ret = 0;
+    int ret = ESP_OK;
 
     ESP_LOGV(TAG, "enter esp_sha256_digest_process");
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
     if (blockprocess) {
         wc_esp_process_block(&sha->ctx, sha->buffer, WC_SHA256_BLOCK_SIZE);
     }
 
     wc_esp_digest_state(&sha->ctx, (byte*)sha->digest);
-
+#endif
     ESP_LOGV(TAG, "leave esp_sha256_digest_process");
     return ret;
 } /* esp_sha256_digest_process */
@@ -1293,6 +2140,12 @@ int esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
     ESP_LOGV(TAG, "enter esp_sha512_block");
     /* start register offset */
 
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    /* No SHA-512 HW on RISC-V SoC, so nothing to do. */
+#else
     /* note that in SW mode, wolfSSL uses 64 bit words */
     if (sha->ctx.mode == ESP32_SHA_SW) {
         ByteReverseWords64(sha->buffer,
@@ -1321,6 +2174,7 @@ int esp_sha512_block(struct wc_Sha512* sha, const word32* data, byte isfinal)
         ret = wc_esp_process_block(&sha->ctx, data, WC_SHA512_BLOCK_SIZE);
     }
     ESP_LOGV(TAG, "leave esp_sha512_block");
+#endif
     return ret;
 } /* esp_sha512_block */
 
@@ -1347,7 +2201,15 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
 {
     int ret = 0;
     ESP_LOGV(TAG, "enter esp_sha512_digest_process");
-
+#if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+    defined(CONFIG_IDF_TARGET_ESP8684) || \
+    defined(CONFIG_IDF_TARGET_ESP32C3) || \
+    defined(CONFIG_IDF_TARGET_ESP32C6)
+    {
+        ESP_LOGW(TAG, "Warning: no SHA512 HW to digest on %s",
+                      CONFIG_IDF_TARGET);
+    }
+#else
     if (blockproc) {
         word32* data = (word32*)sha->buffer;
 
@@ -1361,8 +2223,54 @@ int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc)
     }
 
     ESP_LOGV(TAG, "leave esp_sha512_digest_process");
+#endif
     return ret;
 } /* esp_sha512_digest_process */
 #endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT */
+#endif /* WOLFSSL_ESP32_CRYPT */
 #endif /* !defined(NO_SHA) ||... */
+
+#if defined(WOLFSSL_ESP32_CRYPT) && defined(WOLFSSL_HW_METRICS)
+int esp_sw_sha256_count_add(void) {
+    esp_sha256_sw_fallback_usage_ct++;
+    return esp_sha256_sw_fallback_usage_ct;
+}
+
+int esp_hw_show_sha_metrics(void)
+{
+    int ret = 0;
+#ifdef WOLFSSL_ESP32_CRYPT
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+    ESP_LOGI(TAG, "------------- wolfSSL ESP HW SHA Metrics----------------");
+    ESP_LOGI(TAG, "--------------------------------------------------------");
+
+    ESP_LOGI(TAG, "esp_sha_hw_copy_ct            = %lu",
+                   esp_sha_hw_copy_ct);
+    ESP_LOGI(TAG, "esp_sha1_hw_usage_ct          = %lu",
+                   esp_sha1_hw_usage_ct);
+    ESP_LOGI(TAG, "esp_sha1_sw_fallback_usage_ct = %lu",
+                   esp_sha1_sw_fallback_usage_ct);
+    ESP_LOGI(TAG, "esp_sha_reverse_words_ct      = %lu",
+                   esp_sha_reverse_words_ct);
+    ESP_LOGI(TAG, "esp_sha1_hw_hash_usage_ct     = %lu",
+                   esp_sha1_hw_hash_usage_ct);
+    ESP_LOGI(TAG, "esp_sha2_224_hw_hash_usage_ct = %lu",
+                   esp_sha2_224_hw_hash_usage_ct);
+    ESP_LOGI(TAG, "esp_sha2_256_hw_hash_usage_ct = %lu",
+                   esp_sha2_256_hw_hash_usage_ct);
+    ESP_LOGI(TAG, "esp_byte_reversal_checks_ct   = %lu",
+                   esp_byte_reversal_checks_ct);
+    ESP_LOGI(TAG, "esp_byte_reversal_needed_ct   = %lu",
+                   esp_byte_reversal_needed_ct);
+
+#else
+    /* no HW math, no HW math metrics */
+    ret = 0;
+#endif /* HW_MATH_ENABLED */
+
+
+    return ret;
+}
+#endif /* WOLFSSL_ESP32_CRYPT and WOLFSSL_HW_METRICS */
+
+#endif /* WOLFSSL_ESPIDF (exclude entire contents for non-Espressif projects */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
index 172e661a..162b38fd 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Espressif/esp32_util.c
@@ -18,10 +18,57 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+/* Reminder: user_settings.h is needed and included from settings.h
+ * Be sure to define WOLFSSL_USER_SETTINGS, typically in CMakeLists.txt */
 #include <wolfssl/wolfcrypt/settings.h>
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+#include "sdkconfig.h" /* programmatically generated from sdkconfig */
+#include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+
+/* Espressif */
+#include <esp_log.h>
+#include <esp_err.h>
+#if ESP_IDF_VERSION_MAJOR > 4
+    #include <hal/efuse_hal.h>
+#endif
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/wolfmath.h> /* needed to print MATH_INT_T value */
+#include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/version.h>
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
+/*
+** Version / Platform info.
+**
+** This could evolve into a wolfSSL-wide feature. For now, here only. See:
+** https://github.com/wolfSSL/wolfssl/pull/6149
+*/
+
+#define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
+/*
+ * If used in other platforms:
+ *   #include <stdio.h>
+ *   #define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
+ */
+
+static const char* TAG = "esp32_util";
+
+/* Variable holding number of times ESP32 restarted since first boot.
+ * It is placed into RTC memory using RTC_DATA_ATTR and
+ * maintains its value when ESP32 wakes from deep sleep.
+ */
+RTC_DATA_ATTR static int _boot_count = 0;
+static int esp_ShowMacroStatus_need_header = 0;
+/* Some helpers for macro display */
+#define STRING_OF(macro) #macro
+#define STR_IFNDEF(macro) STRING_OF(macro)
+
+#if defined(WOLFSSL_ESP32_CRYPT) && \
   (!defined(NO_AES)        || !defined(NO_SHA) || !defined(NO_SHA256) ||\
    defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512))
 
@@ -29,6 +76,8 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
+/* big nums can be very long, perhaps unitialized, so limit displayed words */
+#define MAX_WORDS_ESP_SHOW_MP 32
 
 /*
  * initialize our mutex used to lock hardware access
@@ -49,9 +98,10 @@ int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex) {
 
 /*
  * call the ESP-IDF mutex lock; xSemaphoreTake
- *
+ * this is a general mutex locker, used for different mutex objects for
+ * different HW acclerators or other single-use HW features.
  */
-int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBlockTime) {
+int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t block_time) {
     if (mutex == NULL) {
         WOLFSSL_ERROR_MSG("esp_CryptHwMutexLock called with null mutex");
         return BAD_MUTEX_E;
@@ -60,7 +110,7 @@ int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBlockTime) {
 #ifdef SINGLE_THREADED
     return wc_LockMutex(mutex); /* xSemaphoreTake take with portMAX_DELAY */
 #else
-    return ((xSemaphoreTake( *mutex, xBlockTime ) == pdTRUE) ? 0 : BAD_MUTEX_E);
+    return ((xSemaphoreTake(*mutex, block_time) == pdTRUE) ? 0 : BAD_MUTEX_E);
 #endif
 }
 
@@ -78,25 +128,16 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
     return wc_UnLockMutex(mutex);
 #else
     xSemaphoreGive(*mutex);
-    return 0;
+    return ESP_OK;
 #endif
 }
+#endif /* WOLFSSL_ESP32_CRYPT, etc. */
 
-/*
-** Version / Platform info.
+
+/* esp_ShowExtendedSystemInfo and supporting info.
 **
-** This could evolve into a wolfSSL-wide feature. For now, here only. See:
-** https://github.com/wolfSSL/wolfssl/pull/6149
+** available regardless if HW acceleration is turned on or not.
 */
-#if defined(WOLFSSL_ESPIDF)
-    #include <esp_log.h>
-    #include "sdkconfig.h"
-    const char* TAG = "Version Info";
-    #define WOLFSSL_VERSION_PRINTF(...) ESP_LOGI(TAG, __VA_ARGS__)
-#else
-    #include <stdio.h>
-    #define WOLFSSL_VERSION_PRINTF(...) { printf(__VA_ARGS__); printf("\n"); }
-#endif
 
 /*
 *******************************************************************************
@@ -108,7 +149,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex) {
 ** Specific platforms: Espressif
 */
 #if defined(WOLFSSL_ESPIDF)
-static int ShowExtendedSystemInfo_platform_espressif()
+static int ShowExtendedSystemInfo_platform_espressif(void)
 {
 #if defined(CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ)
     WOLFSSL_VERSION_PRINTF("CONFIG_ESP32_DEFAULT_CPU_FREQ_MHZ: %u MHz",
@@ -147,15 +188,24 @@ static int ShowExtendedSystemInfo_platform_espressif()
     char thisHWM = 0;
     WOLFSSL_VERSION_PRINTF("Stack HWM: %x", (size_t) &thisHWM);
 #else
-    WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
-                           uxTaskGetStackHighWaterMark(NULL));
+    #ifdef INCLUDE_uxTaskGetStackHighWaterMark
+    {
+        WOLFSSL_VERSION_PRINTF("Stack HWM: %d",
+                               uxTaskGetStackHighWaterMark(NULL));
+    }
+    #endif /* INCLUDE_uxTaskGetStackHighWaterMark */
+
 #endif
 
 #elif CONFIG_IDF_TARGET_ESP32S2
     WOLFSSL_VERSION_PRINTF("Xthal_have_ccount = %u",
                            Xthal_have_ccount);
 #elif CONFIG_IDF_TARGET_ESP32C6
-    /* not supported at this time */
+  /* TODO find Xthal for C6 */
+#elif CONFIG_IDF_TARGET_ESP32C2
+  /* TODO find Xthal for C6 */
+#elif defined(CONFIG_IDF_TARGET_ESP8684)
+  /* TODO find Xthal for C6 */
 #elif CONFIG_IDF_TARGET_ESP32C3
     /* not supported at this time */
 #elif CONFIG_IDF_TARGET_ESP32S3
@@ -170,40 +220,71 @@ static int ShowExtendedSystemInfo_platform_espressif()
 #endif
 
     /* check to see if we are using hardware encryption */
-#if defined(NO_ESP32WROOM32_CRYPT)
-    WOLFSSL_VERSION_PRINTF("NO_ESP32WROOM32_CRYPT defined! "
+#if defined(NO_ESP32_CRYPT)
+    WOLFSSL_VERSION_PRINTF("NO_ESP32_CRYPT defined! "
                            "HW acceleration DISABLED.");
 #else
     /* first show what platform hardware acceleration is enabled
     ** (some new platforms may not be supported yet) */
-#if defined(CONFIG_IDF_TARGET_ESP32)
-    WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32.");
-#elif defined(CONFIG_IDF_TARGET_ESP32S2)
-    WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32-S2.");
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
-    WOLFSSL_VERSION_PRINTF("ESP32WROOM32_CRYPT is enabled for ESP32-S3.");
-#else
-#error "ESP32WROOM32_CRYPT not yet supported on this IDF TARGET"
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32S2)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S2.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-S3.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+          defined(CONFIG_IDF_TARGET_ESP8684)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C2.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32C3)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C3.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32C6)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-C6.");
+    #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+        WOLFSSL_VERSION_PRINTF("ESP32_CRYPT is enabled for ESP32-H2.");
+    #else
+        /* This should have been detected & disabled in user_settins.h */
+        #error "ESP32_CRYPT not yet supported on this IDF TARGET"
+    #endif
+
+        /* Even though enabled, some specifics may be disabled */
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+        WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_HASH is defined!"
+                               "(disabled HW SHA).");
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+        WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_AES is defined! "
+                               "(disabled HW AES).");
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+        WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32_CRYPT_RSA_PRI defined! "
+                               "(disabled HW RSA)");
+    #endif
 #endif
 
-    /* Even though enabled, some specifics may be disabled */
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
-    WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH is defined!"
-                           "(disabled HW SHA).");
+#if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+    WOLFSSL_VERSION_PRINTF("SM Ciphers enabled");
+    #if defined(WOLFSSL_SM2)
+        WOLFSSL_VERSION_PRINTF("  WOLFSSL_SM2 enabled");
+    #else
+        WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM2 NOT enabled");
+    #endif
+
+    #if defined(WOLFSSL_SM3)
+        WOLFSSL_VERSION_PRINTF("  WOLFSSL_SM3 enabled");
+    #else
+        WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM3 NOT enabled");
+    #endif
+
+    #if defined(WOLFSSL_SM4)
+        WOLFSSL_VERSION_PRINTF("  WOLFSSL_SM4 enabled");
+    #else
+        WOLFSSL_VERSION_PRINTF(" WOLFSSL_SM4 NOT enabled");
+    #endif
 #endif
 
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
-    WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_AES is defined!"
-                           "(disabled HW AES).");
-#endif
-
-#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-    WOLFSSL_VERSION_PRINTF("NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI defined!"
-                           "(disabled HW RSA)");
-#endif
-#endif
-
-    return 0;
+    return ESP_OK;
 }
 #endif
 
@@ -216,22 +297,21 @@ static int ShowExtendedSystemInfo_platform_espressif()
 /*
 ** All platforms: git details
 */
-static int ShowExtendedSystemInfo_git()
+static int ShowExtendedSystemInfo_git(void)
 {
-#if defined(HAVE_WC_INTROSPECTION) && !defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
-#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
-                "HAVE_WC_INTROSPECTION are enabled. Some extended " \
-                "information details will not be available.")
-
-    WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
-                           "Some extended system details not available.");
-#else
     /* Display some interesting git values that may change,
     ** but not desired for introspection which requires object code to be
     ** maximally bitwise-invariant.
     */
+
+#if defined(LIBWOLFSSL_VERSION_GIT_TAG)
+    /* git config describe --tags --abbrev=0 */
+    WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_TAG = %s",
+                           LIBWOLFSSL_VERSION_GIT_TAG);
+#endif
+
 #if defined(LIBWOLFSSL_VERSION_GIT_ORIGIN)
-        /* git config --get remote.origin.url */
+    /* git config --get remote.origin.url */
     WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_ORIGIN = %s",
                            LIBWOLFSSL_VERSION_GIT_ORIGIN);
 #endif
@@ -243,28 +323,30 @@ static int ShowExtendedSystemInfo_git()
 #endif
 
 #if defined(LIBWOLFSSL_VERSION_GIT_HASH)
+    /* git rev-parse HEAD */
     WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_HASH = %s",
                            LIBWOLFSSL_VERSION_GIT_HASH);
 #endif
 
 #if defined(LIBWOLFSSL_VERSION_GIT_SHORT_HASH )
+    /* git rev-parse --short HEAD */
     WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_SHORT_HASH = %s",
                            LIBWOLFSSL_VERSION_GIT_SHORT_HASH);
 #endif
 
 #if defined(LIBWOLFSSL_VERSION_GIT_HASH_DATE)
+    /* git show --no-patch --no-notes --pretty=\'\%cd\' */
     WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_GIT_HASH_DATE = %s",
                            LIBWOLFSSL_VERSION_GIT_HASH_DATE);
 #endif
 
-#endif /* else not HAVE_WC_INTROSPECTION */
-    return 0;
+    return ESP_OK;
 }
 
 /*
 ** All platforms: thread details
 */
-static int ShowExtendedSystemInfo_thread()
+static int ShowExtendedSystemInfo_thread(void)
 {
     /* all platforms: stack high water mark check */
 #if defined(SINGLE_THREADED)
@@ -272,13 +354,13 @@ static int ShowExtendedSystemInfo_thread()
 #else
     WOLFSSL_VERSION_PRINTF("NOT SINGLE_THREADED");
 #endif
-    return 0;
+    return ESP_OK;
 }
 
 /*
 ** All Platforms: platform details
 */
-static int ShowExtendedSystemInfo_platform()
+static int ShowExtendedSystemInfo_platform(void)
 {
 #if defined(WOLFSSL_ESPIDF)
 #if defined(CONFIG_IDF_TARGET)
@@ -287,49 +369,442 @@ static int ShowExtendedSystemInfo_platform()
     ShowExtendedSystemInfo_platform_espressif();
 #endif
 #endif
-    return 0;
+    return ESP_OK;
+}
+
+int esp_increment_boot_count(void)
+{
+    return ++_boot_count;
+}
+
+int esp_current_boot_count(void)
+{
+    return _boot_count;
+}
+
+/* See macro helpers above; not_defined is macro name when *not* defined */
+static int show_macro(char* s, char* not_defined)
+{
+    char hd1[] = "Macro Name                 Defined   Not Defined";
+    char hd2[] = "------------------------- --------- -------------";
+    char msg[] = ".........................                        ";
+        /*        012345678901234567890123456789012345678901234567890    */
+        /*                  1         2         3         4         5    */
+    size_t i = 0;
+    #define MAX_STATUS_NAME_LENGTH 25
+    #define ESP_SMS_ENA_POS 30
+    #define ESP_SMS_DIS_POS 42
+
+    /* save our string (s) into the space-padded message (msg) */
+    while (s[i] != '\0' && msg[i] != '\0' && (i < MAX_STATUS_NAME_LENGTH)) {
+        msg[i] = s[i];
+        i++;
+    }
+
+    /* Depending on if defined, put an "x" in the appropriate column */
+    if (not_defined == NULL || not_defined[0] == '\0') {
+        msg[ESP_SMS_ENA_POS] = 'X';
+        msg[ESP_SMS_ENA_POS+1] = 0; /* end of line to eliminate space pad */
+    }
+    else {
+        msg[ESP_SMS_DIS_POS] = 'X';
+        msg[ESP_SMS_DIS_POS+1] = 0; /* end of line to eliminate space pad */
+    }
+
+    /* do we need a header? */
+    if (esp_ShowMacroStatus_need_header) {
+        ESP_LOGI(TAG, "%s", hd1);
+        ESP_LOGI(TAG, "%s", hd2);
+        esp_ShowMacroStatus_need_header = 0;
+    }
+
+    /* show the macro name with the "x" in the defined/not defined column */
+    ESP_LOGI(TAG, "%s", msg);
+    return ESP_OK;
 }
 
+/* Show some interesting settings */
+int ShowExtendedSystemInfo_config(void)
+{
+    esp_ShowMacroStatus_need_header = 1;
+
+    show_macro("NO_ESPIDF_DEFAULT",         STR_IFNDEF(NO_ESPIDF_DEFAULT));
+
+    show_macro("HW_MATH_ENABLED",           STR_IFNDEF(HW_MATH_ENABLED));
+
+    /* Features */
+    show_macro("WOLFSSL_SHA224",            STR_IFNDEF(WOLFSSL_SHA224));
+    show_macro("WOLFSSL_SHA384",            STR_IFNDEF(WOLFSSL_SHA384));
+    show_macro("WOLFSSL_SHA512",            STR_IFNDEF(WOLFSSL_SHA512));
+    show_macro("WOLFSSL_SHA3",              STR_IFNDEF(WOLFSSL_SHA3));
+    show_macro("HAVE_ED25519",              STR_IFNDEF(HAVE_ED25519));
+    show_macro("HAVE_AES_ECB",              STR_IFNDEF(HAVE_AES_ECB));
+    show_macro("HAVE_AES_DIRECT",           STR_IFNDEF(HAVE_AES_DIRECT));
+
+    /* Math Library Selection */
+    show_macro("USE_FAST_MATH",             STR_IFNDEF(USE_FAST_MATH));
+    show_macro("WOLFSSL_SP_MATH_ALL",       STR_IFNDEF(WOLFSSL_SP_MATH_ALL));
+#ifdef WOLFSSL_SP_RISCV32
+    show_macro("WOLFSSL_SP_RISCV32",        STR_IFNDEF(WOLFSSL_SP_RISCV32));
+#endif
+    show_macro("SP_MATH",                   STR_IFNDEF(SP_MATH));
+
+    /* Diagnostics */
+    show_macro("WOLFSSL_HW_METRICS",        STR_IFNDEF(WOLFSSL_HW_METRICS));
+
+    /* Optimizations */
+    show_macro("RSA_LOW_MEM",               STR_IFNDEF(RSA_LOW_MEM));
+
+    /* Security Hardening */
+    show_macro("WC_NO_HARDEN",              STR_IFNDEF(WC_NO_HARDEN));
+    show_macro("TFM_TIMING_RESISTANT",      STR_IFNDEF(TFM_TIMING_RESISTANT));
+    show_macro("ECC_TIMING_RESISTANT",      STR_IFNDEF(ECC_TIMING_RESISTANT));
+
+    /* WC_NO_CACHE_RESISTANT is only important if another process can be
+     * run on the device. With embedded it is less likely to be exploitable.
+     * Timing attacks are usually by probe. So typically turn this on: */
+    show_macro("WC_NO_CACHE_RESISTANT",     STR_IFNDEF(WC_NO_CACHE_RESISTANT));
+
+    /* Side channel bit slicing */
+    show_macro("WC_AES_BITSLICED",          STR_IFNDEF(WC_AES_BITSLICED));
+
+    /* Unrolling will normally improve performance,
+     * so make sure WOLFSSL_AES_NO_UNROLL isn't defined unless you want it. */
+    show_macro("WOLFSSL_AES_NO_UNROLL",     STR_IFNDEF(WOLFSSL_AES_NO_UNROLL));
+    show_macro("TFM_TIMING_RESISTANT",      STR_IFNDEF(TFM_TIMING_RESISTANT));
+    show_macro("ECC_TIMING_RESISTANT",      STR_IFNDEF(ECC_TIMING_RESISTANT));
+    show_macro("WC_RSA_BLINDING",           STR_IFNDEF(WC_RSA_BLINDING));
+    show_macro("NO_WRITEV",                 STR_IFNDEF(NO_WRITEV));
+
+    /* Environment */
+    show_macro("FREERTOS",                  STR_IFNDEF(FREERTOS));
+    show_macro("NO_WOLFSSL_DIR",            STR_IFNDEF(NO_WOLFSSL_DIR));
+    show_macro("WOLFSSL_NO_CURRDIR",        STR_IFNDEF(WOLFSSL_NO_CURRDIR));
+    show_macro("WOLFSSL_LWIP",              STR_IFNDEF(WOLFSSL_LWIP));
+
+    ESP_LOGI(TAG, "");
+#if defined(CONFIG_COMPILER_OPTIMIZATION_DEFAULT)
+    ESP_LOGI(TAG, "Compiler Optimization: Default");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_SIZE)
+    ESP_LOGI(TAG, "Compiler Optimization: Size");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_PERF)
+    ESP_LOGI(TAG, "Compiler Optimization: Performance");
+#elif defined(CONFIG_COMPILER_OPTIMIZATION_NONE)
+    ESP_LOGI(TAG, "Compiler Optimization: None");
+#else
+    ESP_LOGI(TAG, "Compiler Optimization: Unknown");
+#endif
+    ESP_LOGI(TAG, "");
+
+    return ESP_OK;
+}
 /*
 *******************************************************************************
-** The public ShowExtendedSystemInfo()
+** The internal, portable, but currently private ShowExtendedSystemInfo()
 *******************************************************************************
 */
-
 int ShowExtendedSystemInfo(void)
+{
+#if ESP_IDF_VERSION_MAJOR > 4
+    unsigned chip_rev = -1;
+#endif
+
+#ifdef HAVE_ESP_CLK
+    /* esp_clk.h is private */
+    int cpu_freq = 0;
+#endif
+
+    WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
+
+#if defined(HAVE_WC_INTROSPECTION) && \
+   !defined(ALLOW_BINARY_MISMATCH_INTROSPECTION)
+#pragma message("WARNING: both HAVE_VERSION_EXTENDED_INFO and " \
+                "HAVE_WC_INTROSPECTION are enabled. Some extended " \
+                "information details will not be available.")
+
+    WOLFSSL_VERSION_PRINTF("HAVE_WC_INTROSPECTION enabled. "
+                           "Some extended system details not available.");
+#endif /* else not HAVE_WC_INTROSPECTION */
+
+#if ESP_IDF_VERSION_MAJOR > 4
+    chip_rev = efuse_hal_chip_revision();
+    ESP_LOGI(TAG, "Chip revision: v%d.%d", chip_rev / 100, chip_rev % 100);
+#endif
+
+#ifdef HAVE_ESP_CLK
+    cpu_freq = esp_clk_cpu_freq();
+    ESP_EARLY_LOGI(TAG, "cpu freq: %d Hz", cpu_freq);
+#endif
+
+#if defined(SHOW_SSID_AND_PASSWORD)
+    ESP_LOGW(TAG, "WARNING: SSID and plain text WiFi "
+                  "password displayed in startup logs. ");
+    ESP_LOGW(TAG, "Remove SHOW_SSID_AND_PASSWORD from user_settings.h "
+                  "to disable.");
+#else
+    ESP_LOGI(TAG, "SSID and plain text WiFi "
+                  "password not displayed in startup logs.");
+    ESP_LOGI(TAG, "  Define SHOW_SSID_AND_PASSWORD to enable display.");
+#endif
+
+#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
+    /* CMake may have detected undesired multiple installs, so give warning. */
+    WOLFSSL_VERSION_PRINTF("");
+    WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
+    WOLFSSL_VERSION_PRINTF("Check ESP-IDF components and "
+                           "local project [components] directory.");
+    WOLFSSL_VERSION_PRINTF("");
+#else
+    #ifdef WOLFSSL_USER_SETTINGS_DIR
+    {
+        ESP_LOGI(TAG, "Using wolfSSL user_settings.h in %s",
+                       WOLFSSL_USER_SETTINGS_DIR);
+    }
+    #else
     {
-        WOLFSSL_VERSION_PRINTF("Extended Version and Platform Information.");
+        ESP_LOGW(TAG, "Warning: old cmake, user_settings.h location unknown.");
+    }
+    #endif
+#endif
 
 #if defined(LIBWOLFSSL_VERSION_STRING)
-        WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
-                               LIBWOLFSSL_VERSION_STRING);
+    WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_STRING = %s",
+                            LIBWOLFSSL_VERSION_STRING);
 #endif
 
 #if defined(LIBWOLFSSL_VERSION_HEX)
-        WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
-                               LIBWOLFSSL_VERSION_HEX);
+    WOLFSSL_VERSION_PRINTF("LIBWOLFSSL_VERSION_HEX = %x",
+                            LIBWOLFSSL_VERSION_HEX);
 #endif
 
-#if defined(WOLFSSL_MULTI_INSTALL_WARNING)
-        /* CMake may have detected undesired multiple installs, so give warning. */
-        WOLFSSL_VERSION_PRINTF("");
-        WOLFSSL_VERSION_PRINTF("WARNING: Multiple wolfSSL installs found.");
-        WOLFSSL_VERSION_PRINTF("Check ESP-IDF and local project [components] directory.");
-        WOLFSSL_VERSION_PRINTF("");
+    /* some interesting settings are target specific (ESP32, -C3, -S3, etc */
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* ESP_RSA_MULM_BITS should be set to at least 16 for ESP32 */
+    #if defined(ESP_RSA_MULM_BITS)
+        #if (ESP_RSA_MULM_BITS < 16)
+            ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS < 16 for ESP32");
+        #endif
+    #else
+        ESP_LOGW(TAG, "Warning: ESP_RSA_MULM_BITS not defined for ESP32");
+    #endif
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || defined(CONFIG_IDF_TARGET_ESP8684)
+    ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+            );
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+            );
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    ESP_LOGI(TAG, "CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                   CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ
+            );
+/*  ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount); */
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    #if defined(CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ)
+        ESP_LOGI(TAG, "CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                       CONFIG_ESP32S2_DEFAULT_CPU_FREQ_MHZ
+                    );
+    #endif
+
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    #if defined(CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ)
+        ESP_LOGI(TAG, "CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ = %u MHz",
+                       CONFIG_ESP32S3_DEFAULT_CPU_FREQ_MHZ
+                    );
+    #endif
+
+    ESP_LOGI(TAG, "Xthal_have_ccount = %u", Xthal_have_ccount);
+#else
+
 #endif
 
-        ShowExtendedSystemInfo_git(); /* may be limited during active introspection */
-        ShowExtendedSystemInfo_platform();
-        ShowExtendedSystemInfo_thread();
-        return 0;
-    }
+    /* all platforms: stack high water mark check */
+#ifdef INCLUDE_uxTaskGetStackHighWaterMark
+    ESP_LOGI(TAG, "Stack HWM: %d", uxTaskGetStackHighWaterMark(NULL));
+#endif
+    ESP_LOGI(TAG, "");
+
+    ShowExtendedSystemInfo_config();
+    ShowExtendedSystemInfo_git();
+    ShowExtendedSystemInfo_platform();
+    ShowExtendedSystemInfo_thread();
 
+    /* show number of RTC sleep boots */
+    esp_increment_boot_count();
+    ESP_LOGI(TAG, "Boot count: %d", esp_current_boot_count());
 
+    return ESP_OK;
+}
 
-int esp_ShowExtendedSystemInfo()
+int esp_ShowExtendedSystemInfo(void)
 {
+    /* Someday the ShowExtendedSystemInfo may be global.
+     * See https://github.com/wolfSSL/wolfssl/pull/6149 */
     return ShowExtendedSystemInfo();
 }
 
+/* Print a MATH_INT_T attribute list.
+ *
+ * Note with the right string parameters, the result can be pasted as
+ * initialization code.
+ */
+int esp_show_mp_attributes(char* c, MATH_INT_T* X)
+{
+    static const char* MP_TAG = "MATH_INT_T";
+    int ret = ESP_OK;
+
+    if (X == NULL) {
+        ret = ESP_FAIL;
+        ESP_LOGV(MP_TAG, "esp_show_mp_attributes called with X == NULL");
+    }
+    else {
+        ESP_LOGI(MP_TAG, "");
+        ESP_LOGI(MP_TAG, "%s.used = %d;", c, X->used);
+#if defined(WOLFSSL_SP_INT_NEGATIVE) || defined(USE_FAST_MATH)
+        ESP_LOGI(MP_TAG, "%s.sign = %d;", c, X->sign);
+#endif
+    }
+    return ret;
+}
+
+/* Print a MATH_INT_T value.
+ *
+ * Note with the right string parameters, the result can be pasted as
+ * initialization code.
+ */
+int esp_show_mp(char* c, MATH_INT_T* X)
+{
+    static const char* MP_TAG = "MATH_INT_T";
+    int ret = MP_OKAY;
+    int words_to_show = 0;
+
+    if (X == NULL) {
+        ret = ESP_FAIL;
+        ESP_LOGV(MP_TAG, "esp_show_mp called with X == NULL");
+    }
+    else {
+        words_to_show = X->used;
+        /* if too small, we'll show just 1 word */
+        if (words_to_show < 1) {
+            ESP_LOGI(MP_TAG, "Bad word count. Adjusting from %d to %d",
+                             words_to_show,
+                             1);
+            words_to_show = 1;
+        }
+    #ifdef MAX_WORDS_ESP_SHOW_MP
+        /* if too big, we'll show MAX_WORDS_ESP_SHOW_MP words */
+        if (words_to_show > MAX_WORDS_ESP_SHOW_MP) {
+            ESP_LOGI(MP_TAG, "Limiting word count from %d to %d",
+                             words_to_show,
+                             MAX_WORDS_ESP_SHOW_MP);
+            words_to_show = MAX_WORDS_ESP_SHOW_MP;
+        }
+    #endif
+        ESP_LOGI(MP_TAG, "%s:",c);
+        esp_show_mp_attributes(c, X);
+        for (size_t i = 0; i < words_to_show; i++) {
+            ESP_LOGI(MP_TAG, "%s.dp[%2d] = 0x%08x;  /* %2d */ ",
+                                   c, /* the supplied variable name      */
+                                   i, /* the index, i for dp[%d]         */
+                                   (unsigned int)X->dp[i], /* the value  */
+                                   i  /* the index, again, for comment   */
+                     );
+        }
+        ESP_LOGI(MP_TAG, "");
+    }
+    return ret;
+}
+
+/* Perform a full mp_cmp and binary compare.
+ * (typically only used during debugging) */
+int esp_mp_cmp(char* name_A, MATH_INT_T* A, char* name_B, MATH_INT_T* B)
+{
+    int ret = MP_OKAY;
+    int e = memcmp(A, B, sizeof(mp_int));
+    if (mp_cmp(A, B) == MP_EQ) {
+        if (e == 0) {
+            /* we always want to be here: both esp_show_mp and binary equal! */
+            ESP_LOGV(TAG, "fp_cmp and memcmp match for %s and %s!",
+                           name_A, name_B);
+        }
+        else {
+            ret = MP_VAL;
+            ESP_LOGE(TAG, "fp_cmp match, memcmp mismatch for %s and %s!",
+                           name_A, name_B);
+            if (A->dp[0] == 1) {
+                ESP_LOGE(TAG, "Both memcmp and fp_cmp fail for %s and %s!",
+                               name_A, name_B);
+            }
+        }
+    }
+    else {
+        ret = MP_VAL;
+        if (e == 0) {
+            /* if mp_cmp says different,
+             * but memcmp says equal, that's a problem */
+            ESP_LOGE(TAG, "memcmp error for %s and %s!",
+                          name_A, name_B);
+        }
+        else {
+            /* in the normal case where mp_cmp and memcmp say the
+             * values are different, we'll optionally show details. */
+            ESP_LOGI(TAG, "e = %d", e);
+            ESP_LOGE(TAG, "fp_cmp mismatch! memcmp "
+                          "offset 0x%02x for %s vs %s!",
+                           e, name_A, name_B);
+            if (A->dp[0] == 1) {
+                ESP_LOGE(TAG, "Both memcmp and fp_cmp fail for %s and %s!",
+                               name_A, name_B);
+            }
+        }
+        ESP_LOGV(TAG, "Mismatch for %s and %s!",
+                       name_A, name_B);
+    }
+
+    if (ret == MP_OKAY) {
+        ESP_LOGV(TAG, "esp_mp_cmp equal for %s and %s!",
+                       name_A, name_B);
+    }
+    else {
+      /*  esp_show_mp(name_A, A); */
+      /*  esp_show_mp(name_B, B); */
+    }
+    return ret;
+}
+
+int esp_hw_show_metrics(void)
+{
+#if  defined(WOLFSSL_HW_METRICS)
+    #if defined(WOLFSSL_ESP32_CRYPT)
+        esp_hw_show_sha_metrics();
+    #else
+        ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT not defined, "
+                      "HW SHA hash not enabled");
+    #endif
+
+    #if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
+        esp_hw_show_mp_metrics();
+    #else
+        ESP_LOGI(TAG, "WOLFSSL_ESP32_CRYPT_RSA_PRI not defined, "
+                      "HW math not enabled");
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_AES)
+        ESP_LOGI(TAG, "NO_WOLFSSL_ESP32_CRYPT_AES is defined, "
+                      "HW AES not enabled");
+    #else
+        esp_hw_show_aes_metrics();
+    #endif
+#else
+    ESP_LOGV(TAG, "WOLFSSL_HW_METRICS is not enabled");
 #endif
+    return ESP_OK;
+}
 
+#endif /* WOLFSSL_ESPIDF */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
index 92401bd0..00deff3d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_common.c
@@ -21,19 +21,24 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) \
-    || defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) \
-    || defined(WOLFSSL_RENESAS_TSIP_TLS)
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-  #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-  #define cmn_hw_lock    wc_sce_hw_lock
-  #define cmn_hw_unlock  wc_sce_hw_unlock
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) \
+    || defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) \
+    || defined(WOLFSSL_RENESAS_TSIP_TLS) \
+    || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+  #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+  #define cmn_hw_lock    wc_fspsm_hw_lock
+  #define cmn_hw_unlock  wc_fspsm_hw_unlock
+#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
   #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
   #define cmn_hw_lock    tsip_hw_lock
   #define cmn_hw_unlock  tsip_hw_unlock
+
+  #define FSPSM_ST       TsipUserCtx;
+  #define MAX_FSPSM_CBINDEX 5
 #endif
 
 #include <wolfssl/wolfcrypt/wc_port.h>
@@ -43,26 +48,41 @@
 #include <wolfssl/error-ssl.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/port/renesas/renesas_cmn.h>
 
 uint32_t   g_CAscm_Idx = (uint32_t)-1; /* index of CM table    */
 static int gdevId = 7890;           /* initial dev Id for Crypt Callback */
 
 #ifdef WOLF_CRYPTO_CB
+/* store callback ctx by devId */
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+FSPSM_ST    *gCbCtx[MAX_FSPSM_CBINDEX];
+#elif defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+	    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+#define FSPSM_ST       TsipUserCtx;
+#define MAX_FSPSM_CBINDEX 5
+TsipUserCtx *gCbCtx[MAX_FSPSM_CBINDEX];
+#endif
 
 #include <wolfssl/wolfcrypt/cryptocb.h>
 
+
 WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl)
 {
     int ret = 0;
     WOLFSSL_ENTER("Renesas_cmn_Cleanup");
+    (void) ssl;
 
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     ret = tsip_TlsCleanup(ssl);
 #endif
-    
+
     WOLFSSL_LEAVE("Renesas_cmn_Cleanup", ret);
     return ret;
 }
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
 WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
                                 const unsigned char* in, unsigned int inSz,
                                 unsigned char* out, word32* outSz,
@@ -79,7 +99,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCb(WOLFSSL* ssl,
 }
 /* This function is a callback passed to wolfSSL_CTX_SetRsaSignCheckCb.
  * It tries to verify the signature passed to it by decrypting with a public
- * key.  
+ * key.
  * returns 0 on success, CRYPTOCB_UNAVAILABLE when public key is not set.
  */
 WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
@@ -92,9 +112,9 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaSignCheckCb(WOLFSSL* ssl,
     WOLFSSL_ENTER("Renesas_cmn_RsaSignCheckCb");
 
     #if defined(WOLFSSL_RENESAS_TSIP)
-    
+
     return tsip_VerifyRsaPkcsCb(ssl, sig, sigSz, out, keyDer, keySz, ctx);
-    
+
     #endif /* WOLFSSL_RENESAS_TSIP */
 
     WOLFSSL_LEAVE("Renesas_cmn_RsaSignCheckCb", ret);
@@ -111,10 +131,12 @@ WOLFSSL_LOCAL int Renesas_cmn_EccSignCb(WOLFSSL* ssl,
     WOLFSSL_ENTER("Renesas_cmn_EccSignCb");
 
     /* This is just a stub function that provides no logic */
-    
+
     WOLFSSL_LEAVE("Renesas_cmn_EccSignCb", ret);
     return ret;
 }
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+
 /* Renesas Security Library Common Callback
  * For Crypto Callbacks
  *
@@ -129,11 +151,12 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
 
     WOLFSSL_ENTER("Renesas_cmn_CryptoDevCb");
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) \
+    || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TsipUserCtx*      cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+        defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 #endif
 
     if (info == NULL || ctx == NULL)
@@ -144,15 +167,19 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                                     info->algo_type, cbInfo->session_key_set);
 #endif
 
-#if defined(WOLFSSL_RENESAS_TSIP)
+#if defined(WOLFSSL_RENESAS_TSIP) \
+    || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     ret = CRYPTOCB_UNAVAILABLE;
 
     if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
 
     #if !defined(NO_AES) || !defined(NO_DES3)
     #ifdef HAVE_AESGCM
-        if (info->cipher.type == WC_CIPHER_AES_GCM &&
-            cbInfo->session_key_set == 1) {
+        if (info->cipher.type == WC_CIPHER_AES_GCM
+        #ifdef WOLFSSL_RENESAS_TSIP_TLS
+            && cbInfo->session_key_set == 1
+        #endif
+         ) {
 
             if (info->cipher.enc) {
                 ret = wc_tsip_AesGcmEncrypt(
@@ -186,8 +213,11 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
         }
     #endif /* HAVE_AESGCM */
     #ifdef HAVE_AES_CBC
-        if (info->cipher.type == WC_CIPHER_AES_CBC &&
-            cbInfo->session_key_set == 1) {
+        if (info->cipher.type == WC_CIPHER_AES_CBC
+        #ifdef WOLFSSL_RENESAS_TSIP_TLS
+            && cbInfo->session_key_set == 1
+        #endif
+            ) {
 
             if (info->cipher.enc) {
                 ret = wc_tsip_AesCbcEncrypt(
@@ -208,7 +238,15 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     #endif /* HAVE_AES_CBC */
     #endif /* !NO_AES || !NO_DES3 */
     }
-    /* Is called for signing 
+    #if defined(WOLFSSL_KEY_GEN)
+    if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
+            (info->pk.rsakg.size == 1024 ||
+            info->pk.rsakg.size == 2048)) {
+        ret = wc_tsip_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
+    }
+  #endif
+
+    /* Is called for signing
      * Can handle only RSA PkCS#1v1.5 padding scheme here.
     */
     if (info->algo_type == WC_ALGO_TYPE_PK) {
@@ -217,16 +255,21 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
             if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT) {
                 ret = tsip_SignRsaPkcs(info, ctx);
             }
+            #if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+            else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
+                    ret = wc_tsip_RsaVerifyPkcs(info, ctx);
+            }
+            #endif
         }
         #endif /* NO_RSA */
-        #if defined(HAVE_ECC)
+        #if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
         else if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
             ret = tsip_SignEcdsa(info, ctx);
         }
         #endif /* HAVE_ECC */
     }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+        defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
 
     if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
 
@@ -241,26 +284,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                  (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
                   info->cipher.aesgcm_enc.aes->keylen == 16))) {
 
-                if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
-                  info->cipher.aesgcm_enc.aes->keylen == 32) {
-
-                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
-                        &cbInfo->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
-                    info->cipher.aesgcm_enc.aes->ctx.keySize = 32;
-
-                }
-                else if (
-                    cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
-                    info->cipher.aesgcm_enc.aes->keylen == 16) {
-
-                    XMEMCPY(&info->cipher.aesgcm_enc.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes128,
-                            sizeof(sce_aes_wrapped_key_t));
-                    info->cipher.aesgcm_enc.aes->ctx.keySize = 16;
-                }
-
-                ret = wc_sce_AesGcmEncrypt(
+                ret = wc_fspsm_AesGcmEncrypt(
                         info->cipher.aesgcm_enc.aes,
                         (byte*)info->cipher.aesgcm_enc.out,
                         (byte*)info->cipher.aesgcm_enc.in,
@@ -280,26 +304,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
                        info->cipher.aesgcm_dec.aes->keylen == 16)) {
 
-                if (cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
-                  info->cipher.aesgcm_dec.aes->keylen == 32) {
-
-                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes256,
-                            sizeof(sce_aes_wrapped_key_t));
-                    info->cipher.aesgcm_dec.aes->ctx.keySize = 32;
-
-                }
-                else if (
-                    cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
-                    info->cipher.aesgcm_dec.aes->keylen == 16) {
-
-                    XMEMCPY(&info->cipher.aesgcm_dec.aes->ctx.sce_wrapped_key,
-                            &cbInfo->sce_wrapped_key_aes128,
-                            sizeof(sce_aes_wrapped_key_t));
-                    info->cipher.aesgcm_dec.aes->ctx.keySize = 16;
-                }
-
-                ret = wc_sce_AesGcmDecrypt(
+                ret = wc_fspsm_AesGcmDecrypt(
                         info->cipher.aesgcm_dec.aes,
                         (byte*)info->cipher.aesgcm_dec.out,
                         (byte*)info->cipher.aesgcm_dec.in,
@@ -321,50 +326,15 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                 info->cipher.aescbc.aes->keylen == 32) ||
             (cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 &&
                 info->cipher.aescbc.aes->keylen == 16))) {
-
                 if (info->cipher.enc) {
-                    if (
-                    cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
-                    info->cipher.aescbc.aes->keylen == 32) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes256,
-                                sizeof(sce_aes_wrapped_key_t));
-                        info->cipher.aescbc.aes->ctx.keySize = 32;
-
-                    }
-                    else if (
-                        cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1 
-                        && info->cipher.aescbc.aes->keylen == 16) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes128,
-                                sizeof(sce_aes_wrapped_key_t));
-                        info->cipher.aescbc.aes->ctx.keySize = 16;
-                    }
-
-                    ret = wc_sce_AesCbcEncrypt(
+                    ret = wc_fspsm_AesCbcEncrypt(
                         info->cipher.aescbc.aes,
                         (byte*)info->cipher.aescbc.out,
                         (byte*)info->cipher.aescbc.in,
                         info->cipher.aescbc.sz);
                 }
                 else {
-                    if (
-                    cbInfo->keyflgs_crypt.bits.aes256_installedkey_set == 1 &&
-                    info->cipher.aescbc.aes->keylen == 32) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes256,
-                                sizeof(sce_aes_wrapped_key_t));
-                        info->cipher.aescbc.aes->ctx.keySize = 32;
-                    }  else if (
-                        cbInfo->keyflgs_crypt.bits.aes128_installedkey_set == 1
-                        && info->cipher.aescbc.aes->keylen == 16) {
-                        XMEMCPY(&info->cipher.aescbc.aes->ctx.sce_wrapped_key,
-                                &cbInfo->sce_wrapped_key_aes128,
-                                sizeof(sce_aes_wrapped_key_t));
-                        info->cipher.aescbc.aes->ctx.keySize = 16;
-                    }
-
-                    ret = wc_sce_AesCbcDecrypt(
+                    ret = wc_fspsm_AesCbcDecrypt(
                         info->cipher.aescbc.aes,
                         (byte*)info->cipher.aescbc.out,
                         (byte*)info->cipher.aescbc.in,
@@ -374,45 +344,39 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
     #endif /* HAVE_AES_CBC */
     #endif /* !NO_AES || !NO_DES3 */
     }
-    #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    #if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     else if (info->algo_type == WC_ALGO_TYPE_PK) {
-        
+
        #if !defined(NO_RSA)
        #if defined(WOLFSSL_KEY_GEN)
         if (info->pk.type == WC_PK_TYPE_RSA_KEYGEN &&
             (info->pk.rsakg.size == 1024 ||
              info->pk.rsakg.size == 2048)) {
-            ret = wc_sce_MakeRsaKey(info->pk.rsakg.size, (void*)ctx);
+            ret = wc_fspsm_MakeRsaKey(info->pk.rsakg.key,
+                    info->pk.rsakg.size, (void*)ctx);
         }
        #endif
         if (info->pk.type == WC_PK_TYPE_RSA) {
-            /* to perform RSA on SCE, wrapped keys should be installed 
+            /* to perform RSA on SCE, wrapped keys should be installed
              * in advance. SCE supports 1024 or 2048 bits key size.
              * otherwise, falls-through happens.
              */
-            if (cbInfo->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1
-                 ||
-                 cbInfo->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1
-                || 
-                cbInfo->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 
-                 ||
-                 cbInfo->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 
-                ) {
-                
+            if (info->pk.rsa.key->ctx.keySz == 1024 ||
+                info->pk.rsa.key->ctx.keySz == 2048) {
+
                 if (info->pk.rsa.type == RSA_PRIVATE_DECRYPT ||
                     info->pk.rsa.type == RSA_PUBLIC_ENCRYPT  )
                     {
-                        ret = wc_sce_RsaFunction(info->pk.rsa.in,
+                        ret = wc_fspsm_RsaFunction(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
-                                        info->pk.rsa.outLen,
+                                        &info->pk.rsa.outLen,
                                         info->pk.rsa.type,
                                         info->pk.rsa.key,
-                                        info->pk.rsa.rng,
-                                        (void*)ctx);
+                                        info->pk.rsa.rng);
                 }
                 else if (info->pk.rsa.type == RSA_PRIVATE_ENCRYPT /* sign */){
-                   ret = wc_sce_RsaSign(info->pk.rsa.in,
+                   ret = wc_fspsm_RsaSign(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
                                         info->pk.rsa.outLen,
@@ -420,7 +384,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                                         (void*)ctx);
                 }
                 else if (info->pk.rsa.type == RSA_PUBLIC_DECRYPT /* verify */) {
-                    ret = wc_sce_RsaVerify(info->pk.rsa.in,
+                    ret = wc_fspsm_RsaVerify(info->pk.rsa.in,
                                         info->pk.rsa.inLen,
                                         info->pk.rsa.out,
                                         info->pk.rsa.outLen,
@@ -436,7 +400,7 @@ static int Renesas_cmn_CryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
                     "RSA operation falls through to SW operation.");
             }
         }
-       #endif /* NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+       #endif /* NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
     }
     #endif /* NO_RSA */
 #endif /* TSIP or SCE */
@@ -460,21 +424,36 @@ int Renesas_cmn_usable(const WOLFSSL* ssl, byte session_key_generated)
 
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = tsip_usable(ssl, session_key_generated);
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        ret = wc_sce_usable(ssl, session_key_generated);
+    #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
+            defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+        ret = wc_fspsm_usable(ssl, session_key_generated);
     #endif
 
     return ret;
 }
 
 /* Renesas Security Library Common Method
+ * Get Callback ctx by devId
+ *
+ * devId   : devId to get its CTX
+ * return  asocciated CTX when the method is successfully called.
+ *         otherwise, NULL
+ */
+WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId)
+{
+    if (devId >= 7890 && devId <= (MAX_FSPSM_CBINDEX + 7890))
+        return gCbCtx[devId - 7890];
+    else
+        return NULL;
+}
+
+/* Renesas Security Library Common Method
  * Crypt Callback initialization
  *
  * ssl     : a pointer to WOLFSSL object
  * ctx     : callback context
  * return  valid device Id on success, otherwise INVALID_DEVIID
- *         device Id starts from 7890, and increases + 1 its number 
+ *         device Id starts from 7890, and increases + 1 its number
  *         when the method is successfully called.
  */
 int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
@@ -482,15 +461,17 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
     (void)ssl;
     (void)ctx;
 
- #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+ #if defined(WOLFSSL_RENESAS_TSIP_TLS) \
+    || defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-       defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+       defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
  #endif
 
     if (cbInfo == NULL
-   #if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
+   #if (!defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) &&\
+        !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
        !defined(HAVE_RENESAS_SYNC)
         || ssl == NULL) {
    #else
@@ -508,15 +489,16 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
         WOLFSSL_MSG("Failed to lock tsip hw");
         return INVALID_DEVID;
     }
-    
-    if (wc_CryptoCb_RegisterDevice(cbInfo->devId, 
+
+    if (wc_CryptoCb_RegisterDevice(cbInfo->devId,
                             Renesas_cmn_CryptoDevCb, cbInfo) < 0) {
         /* undo devId number */
         gdevId--;
         return INVALID_DEVID;
     }
 
-   #if !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY) && \
+   #if !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
+       !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) && \
        !defined(HAVE_RENESAS_SYNC)
     if (ssl)
         wolfSSL_SetDevId(ssl, cbInfo->devId);
@@ -525,7 +507,9 @@ int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx)
     if (gdevId < 0) {
         gdevId = 7890;
     }
-    
+
+    gCbCtx[cbInfo->devId - 7890] = (void*)cbInfo;
+
     return cbInfo->devId;
 }
 
@@ -542,10 +526,10 @@ void wc_CryptoCb_CleanupRenesasCmn(int* id)
 }
 
 #endif /* WOLF_CRYPTO_CB */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
-	   /* WOLFSSL_RENESAS_TSIP_TLS*/
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS|| WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+          WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_TSIP_TLS)
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || defined(WOLFSSL_RENESAS_TSIP_TLS)
 
 /* Renesas Security Library Common Method
  * Check CA index if CA can be used for SCE/TSIP because
@@ -563,9 +547,9 @@ WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx)
 /* check if the root CA has been verified by TSIP/SCE,
  * and it exists in the CM table.
  */
-static byte sce_tsip_rootCAverified(void)
+static byte fspsm_tsip_rootCAverified(void)
 {
-    WOLFSSL_ENTER("sce_tsip_rootCAverified");
+    WOLFSSL_ENTER("fspsm_tsip_rootCAverified");
     return (g_CAscm_Idx != (uint32_t)-1 ? 1:0);
 }
 /* Renesas Security Library Common Callback
@@ -601,16 +585,16 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl, unsigned char* sig,
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    ret = wc_SCE_RsaVerify(ssl, sig, sigSz, out,key, keySz, ctx);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    ret = wc_fspsm_RsaVerifyTLS(ssl, sig, sigSz, out,key, keySz, ctx);
 
     if (ret == 0) {
         /* Set Callback for SharedSecret when successful */
-        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
         wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
     }
     else {
-        WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+        WOLFSSL_MSG("failed R_XXX_TLS_ServerKeyExchangeVerify");
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
@@ -652,16 +636,16 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    ret = wc_SCE_EccVerify(ssl, sig, sigSz, hash, hashSz, key, keySz,
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    ret = wc_fspsm_EccVerifyTLS(ssl, sig, sigSz, hash, hashSz, key, keySz,
                                                         result, ctx);
     if (ret == 0 && *result == 1) {
         /* Set callback for SharedSecret when being successful */
-        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, SCE_EccSharedSecret);
+        wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, fspsm_EccSharedSecret);
         wolfSSL_SetEccSharedSecretCtx(ssl, ctx);
     }
     else {
-        WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+        WOLFSSL_MSG("failed R_XXXX_TLS_ServerKeyExchangeVerify");
         wolfSSL_CTX_SetEccSharedSecretCb(ssl->ctx, NULL);
         wolfSSL_SetEccSharedSecretCtx(ssl, NULL);
     }
@@ -681,15 +665,15 @@ WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
  * cm_row      CA index
  * return FSP_SUCCESS(0) on success, otherwise WOLFSSL_FATAL_ERROR
  */
-int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, 
-        word32 key_n_start, word32 key_n_len, word32 key_e_start, 
+int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
+        word32 key_n_start, word32 key_n_len, word32 key_e_start,
         word32 key_e_len, word32 cm_row)
 {
     int ret;
 
     WOLFSSL_ENTER("wc_Renesas_cmn_RootCertVerify");
 
-    if (sce_tsip_rootCAverified() == 0) {
+    if (fspsm_tsip_rootCAverified() == 0) {
 
     #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_tls_RootCertVerify(cert, cert_len, key_n_start,
@@ -697,9 +681,9 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
         if (ret != TSIP_SUCCESS) {
             ret = WOLFSSL_FATAL_ERROR;
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+    #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
 
-        ret = wc_sce_tls_RootCertVerify(cert, cert_len, key_n_start,
+        ret = wc_fspsm_tls_RootCertVerify(cert, cert_len, key_n_start,
                 key_n_len, key_e_start, key_e_len, cm_row);
         if (ret != FSP_SUCCESS) {
             ret = WOLFSSL_FATAL_ERROR;
@@ -739,8 +723,8 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
  #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_generateVerifyData(ssl->arrays->tsip_masterSecret,
                             side, handshake_hash, hashes);
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-         ret = wc_sce_generateVerifyData(ssl->arrays->sce_masterSecret,
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+         ret = wc_fspsm_generateVerifyData(ssl->arrays->fspsm_masterSecret,
                    side, handshake_hash, hashes);
  #endif
     }
@@ -752,7 +736,7 @@ WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
 
 /* Renesas Security Library Common Callback
  * Callback for setting Encrypt Keys.
- * Register callback for setting Encrypt Keys when keys are generated 
+ * Register callback for setting Encrypt Keys when keys are generated
  * by SCE/TSIP
  *
  * ssl      the WOLFSSL object
@@ -771,10 +755,10 @@ static int Renesas_cmn_EncryptKeys(WOLFSSL* ssl, void* ctx)
 
  #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     TsipUserCtx* cbInfo = (TsipUserCtx*)ctx;
-    
+
     if (cbInfo->session_key_set == 1) {
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 
 
     if (cbInfo->keyflgs_tls.bits.session_key_set == 1) {
@@ -807,23 +791,23 @@ WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx)
     int ret = -1;
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
     TsipUserCtx*      cbInfo = (TsipUserCtx*)ctx;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 #endif
     (void)ctx;
- 
+
     WOLFSSL_ENTER("Renesas_cmn_generateSessionKey");
     if (Renesas_cmn_usable(ssl, 0)) {
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         ret = wc_tsip_generateSessionKey(ssl, (TsipUserCtx*)ctx, cbInfo->devId);
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-        ret = wc_sce_generateSessionKey(ssl, ctx, cbInfo->devId);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+        ret = wc_fspsm_generateSessionKey(ssl, ctx, cbInfo->devId);
 #endif
-    } 
+    }
     else {
          ret = PROTOCOLCB_UNAVAILABLE;
     }
-    
+
     if (ret == 0) {
         wolfSSL_CTX_SetEncryptKeysCb(ssl->ctx, Renesas_cmn_EncryptKeys);
         wolfSSL_SetEncryptKeysCtx(ssl, ctx);
@@ -867,9 +851,9 @@ WOLFSSL_LOCAL int Renesas_cmn_generatePremasterSecret(WOLFSSL* ssl,
     else
         ret = PROTOCOLCB_UNAVAILABLE;
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 0)) {
-        ret = wc_sce_generatePremasterSecret(premaster, preSz);
+        ret = wc_fspsm_generatePremasterSecret(premaster, preSz);
         ssl->arrays->preMasterSz = preSz;
     }
     else
@@ -933,17 +917,17 @@ WOLFSSL_LOCAL int Renesas_cmn_genMasterSecret(struct WOLFSSL* ssl, void* ctx)
     else
         ret = PROTOCOLCB_UNAVAILABLE;
 
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 0)) {
-        ret = wc_sce_generateMasterSecret(
+        ret = wc_fspsm_generateMasterSecret(
                             ssl->options.cipherSuite0,
                             ssl->options.cipherSuite,
                             ssl->arrays->preMasterSecret,
                             ssl->arrays->clientRandom,
                             ssl->arrays->serverRandom,
-                            ssl->arrays->sce_masterSecret);
+                            ssl->arrays->fspsm_masterSecret);
         if (ret == 0) {
-            wc_sce_storeKeyCtx(ssl, ctx);
+            wc_fspsm_storeKeyCtx(ssl, ctx);
             /* set Session Key generation Callback for use */
             wolfSSL_CTX_SetGenSessionKeyCb(ssl->ctx,
                                                 Renesas_cmn_generateSessionKey);
@@ -1016,9 +1000,10 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
         ret = CRYPTOCB_UNAVAILABLE;
     }
 
- #elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    if (wc_sce_usable(ssl, 0) && EncSz == 256) {
-        ret = wc_sce_generateEncryptPreMasterSecret(ssl, out, outSz);
+ #elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    if (wc_fspsm_usable(ssl, 0) && EncSz == 256) {
+        ret = wc_fspsm_generateEncryptPreMasterSecret(ssl, out,
+                                                            (uint32_t*)outSz);
     }
     else {
         if (EncSz != 256)
@@ -1058,9 +1043,10 @@ WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message,
     }
     else
         ret = PROTOCOLCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
-    if (wc_sce_usable(ssl, 1)) {
-        ret = wc_sce_Sha256VerifyHmac(ssl, message, messageSz, macSz, content);
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    if (wc_fspsm_usable(ssl, 1)) {
+        ret = wc_fspsm_Sha256VerifyHmac(ssl, message,
+                                                messageSz, macSz, content);
     }
     else
         ret = PROTOCOLCB_UNAVAILABLE;
@@ -1114,11 +1100,11 @@ WOLFSSL_LOCAL int Renesas_cmn_TLS_hmac(WOLFSSL* ssl, byte* digest,
 
     }
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (Renesas_cmn_usable(ssl, 1)) {
         if (ssl->specs.hash_size == WC_SHA256_DIGEST_SIZE) {
             wolfSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify);
-            ret = wc_sce_Sha256GenerateHmac(ssl, myInner, 
+            ret = wc_fspsm_Sha256GenerateHmac(ssl, myInner,
                                     WOLFSSL_TLS_HMAC_INNER_SZ, in, sz, digest);
         }
         else
@@ -1189,9 +1175,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbRsaVerify(unsigned char* sig,
     else
         ret = CRYPTOCB_UNAVAILABLE;
 
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (CertAtt->keyIndex != NULL) {
-        ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+        ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+                                 sig, sigSz,
                                  CertAtt->pubkey_n_start - CertAtt->certBegin,
                                  CertAtt->pubkey_n_len - 1,
                                  CertAtt->pubkey_e_start - CertAtt->certBegin,
@@ -1273,9 +1260,10 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig,
     }
     else
         ret = CRYPTOCB_UNAVAILABLE;
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT)
+#elif defined(WOLFSSL_RENESAS_FSPSM_TLS)
     if (CertAtt->keyIndex != NULL) {
-        ret = wc_sce_tls_CertVerify(CertAtt->cert, CertAtt->certSz, sig, sigSz,
+        ret = wc_fspsm_tls_CertVerify(CertAtt->cert, CertAtt->certSz,
+                                 sig, sigSz,
                                  CertAtt->pubkey_n_start - CertAtt->certBegin,
                                  CertAtt->pubkey_n_len - 1,
                                  CertAtt->pubkey_e_start - CertAtt->certBegin,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
new file mode 100644
index 00000000..cb053573
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_aes.c
@@ -0,0 +1,816 @@
+/* renesas_fspsm_aes.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifndef NO_AES
+
+#if (defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+     defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)
+
+#include <wolfssl/wolfcrypt/wc_port.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/internal.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#ifdef WOLF_CRYPTO_CB
+    #include <wolfssl/wolfcrypt/cryptocb.h>
+#endif
+#include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
+
+#ifdef NO_INLINE
+    #include <wolfssl/wolfcrypt/misc.h>
+#else
+    #define WOLFSSL_MISC_INCLUDED
+    #include <wolfcrypt/src/misc.c>
+#endif
+
+struct Aes;
+
+WOLFSSL_LOCAL void *Renesas_cmn_GetCbCtxBydevId(int devId);
+
+#define SCE_AES_GCM_AUTH_TAG_SIZE  16
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+#endif
+
+typedef fsp_err_t (*aesGcmEncInitFn)
+        (FSPSM_AESGCM_HANDLE*, FSPSM_AES_PWKEY, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmEncUpdateFn)
+        (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmEncFinalFn)
+        (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*);
+
+typedef fsp_err_t (*aesGcmDecInitFn)
+        (FSPSM_AESGCM_HANDLE*, FSPSM_AES_PWKEY, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmDecUpdateFn)
+        (FSPSM_AESGCM_HANDLE*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
+typedef fsp_err_t (*aesGcmDecFinalFn)
+        (FSPSM_AESGCM_HANDLE*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+/* wrapper for Gcm encrypt init */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptInit(FSPSM_AESGCM_HANDLE* h, 
+                                        FSPSM_AES_PWKEY k, uint8_t* iv,
+                                        uint32_t iv_l)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_EncryptInit(&gFSPSM_ctrl, (FSPSM_AES_PWKEY const)k,
+                                            (uint8_t* const)iv, iv_l);
+}
+/* wrapper for Gcm encrypt update */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptUpdate(FSPSM_AESGCM_HANDLE* h, 
+        uint8_t* p_plain, uint8_t* p_cipher, uint32_t plain_length, 
+        uint8_t* p_add, uint32_t add_len)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_EncryptUpdate(&gFSPSM_ctrl, (uint8_t* const) p_plain,
+                                      (uint8_t* const) p_cipher,
+                                      (uint32_t const) plain_length,
+                                      (uint8_t* const) p_add,
+                                      (uint32_t const) add_len);
+}
+/* wrapper for Gcm encrypt final */
+static fsp_err_t _R_RSIP_AES_GCM_EncryptFinal(FSPSM_AESGCM_HANDLE* h, 
+                                        uint8_t* p_cipher, uint32_t* c_len, 
+                                        uint8_t* p_atag)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_EncryptFinal(&gFSPSM_ctrl, (uint8_t* const) p_cipher,
+                                      (uint32_t* const) c_len,
+                                      (uint8_t* const) p_atag);
+}
+/* wrapper for Gcm decrypt init */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptInit(FSPSM_AESGCM_HANDLE* h, 
+                                FSPSM_AES_PWKEY k, uint8_t* iv, uint32_t iv_l)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_DecryptInit(&gFSPSM_ctrl, (FSPSM_AES_PWKEY const)k,
+                                                    (uint8_t* const)iv, iv_l);
+}
+/* wrapper for Gcm decrypt update */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptUpdate(FSPSM_AESGCM_HANDLE* h, 
+        uint8_t* p_cipher, uint8_t* p_plain, uint32_t c_length, 
+        uint8_t* p_add, uint32_t add_len)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_DecryptUpdate(&gFSPSM_ctrl, (uint8_t* const) p_cipher,
+                                      (uint8_t* const) p_plain,
+                                      (uint32_t const) c_length,
+                                      (uint8_t* const) p_add,
+                                      (uint32_t const) add_len);
+}
+/* wrapper for Gcm decrypt final */
+static fsp_err_t _R_RSIP_AES_GCM_DecryptFinal(FSPSM_AESGCM_HANDLE* h, 
+                                        uint8_t* p_plain, uint32_t* plain_len, 
+                                        uint8_t* p_atag, uint32_t atag_len)
+{
+    (void) h;
+    return R_RSIP_AES_GCM_DecryptFinal(&gFSPSM_ctrl, (uint8_t* const) p_plain,
+                                      (uint32_t* const) plain_len,
+                                      (uint8_t* const) p_atag,
+                                      (uint32_t const) atag_len);
+}
+/* wrapper for aes cbc encrypt init */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptInit(FSPSM_AES_HANDLE* h,
+                                      FSPSM_AES_PWKEY k,
+                                      uint8_t* iv)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_EncryptInit(&gFSPSM_ctrl,
+                                        RSIP_AES_MODE_CBC,
+                                        k, iv);
+}
+/* wrapper for aes cbc encrypt update */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptUpdate(FSPSM_AES_HANDLE* h,
+                                      uint8_t* p_plain,
+                                      uint8_t* p_cipher,
+                                      uint32_t plain_length)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_EncryptUpdate(&gFSPSM_ctrl,
+                                        (const uint8_t* const)p_plain,
+                                        (uint8_t* const)p_cipher,
+                                        (const uint32_t)plain_length);
+}
+/* wrapper for aes cbc encrypt final */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_EncryptFinal(FSPSM_AES_HANDLE* h,
+                                      uint8_t* p_cipher,
+                                      uint32_t* cipher_lengh)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_EncryptFinal(&gFSPSM_ctrl,
+                                        (uint8_t* const)p_cipher,
+                                        (uint32_t* const)cipher_lengh);
+}
+/* wrapper for aes cbc decrypt init */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptInit(FSPSM_AES_HANDLE* h,
+                                      FSPSM_AES_PWKEY k,
+                                      uint8_t* iv)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_DecryptInit(&gFSPSM_ctrl,
+                                        RSIP_AES_MODE_CBC,
+                                        k, iv);
+}
+/* wrapper for aes cbc decrypt update */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptUpdate(FSPSM_AES_HANDLE* h,
+                                      uint8_t* p_cipher,
+                                      uint8_t* p_plain,
+                                      uint32_t cipher_lengh)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_DecryptUpdate(&gFSPSM_ctrl,
+                                        (const uint8_t* const)p_cipher,
+                                        (uint8_t* const)p_plain,
+                                        (const uint32_t)cipher_lengh);
+}
+/* wrapper for aes cbc encrypt final */
+static fsp_err_t _R_RSIP_AESCBC_Cipher_DecryptFinal(FSPSM_AES_HANDLE* h,
+                                      uint8_t* p_plain,
+                                      uint32_t* plain_lengh)
+{
+    (void) h;
+    return R_RSIP_AES_Cipher_DecryptFinal(&gFSPSM_ctrl,
+                                        (uint8_t* const)p_plain,
+                                        (uint32_t* const)plain_lengh);
+}
+#endif
+/* Perform Aes Gcm encryption by FSP SM
+ *
+ * aes    The AES object.
+ * out    Buffer to hold cipher text
+ * in     Buffer to hold plaintext
+ * sz     Length of cipher text/plaintext in bytes
+ * iv     Buffer holding IV/nonce
+ * ivSz   Length of IV/nonce in bytes
+ * authTag Buffer to hold authentication data
+ * authTagSz Length of authentication data in bytes
+ * ctx    The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
+                              const byte* in, word32 sz,
+                              byte* iv, word32 ivSz,
+                              byte* authTag, word32 authTagSz,
+                              const byte* authIn, word32 authInSz,
+                              void* ctx)
+{
+    int ret;
+    FSPSM_AESGCM_HANDLE _handle;
+    uint32_t            dataLen = sz;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
+
+    aesGcmEncInitFn     initFn;
+    aesGcmEncUpdateFn   updateFn;
+    aesGcmEncFinalFn    finalFn;
+
+    uint8_t* plainBuf  = NULL;
+    uint8_t* cipherBuf = NULL;
+    uint8_t* aTagBuf   = NULL;
+    uint8_t  delta;
+    const uint8_t* iv_l = NULL;
+    uint32_t ivSz_l = 0;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+#endif
+    FSPSM_AES_PWKEY      key_client_aes = NULL;
+    FSPSM_AES_PWKEY      key_server_aes = NULL;
+    (void) key_server_aes;
+    
+    /* sanity check */
+    if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
+        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
+        return BAD_FUNC_ARG;
+    }
+
+    if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
+        WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
+        return BAD_FUNC_ARG;
+    }
+
+    if (aes->ctx.keySize == 16) {
+        initFn   = FSPSM_AES128GCMEnc_Init;
+        updateFn = FSPSM_AES128GCMEnc_Up;
+        finalFn  = FSPSM_AES128GCMEnc_Final;
+    }
+    else {
+        initFn   = FSPSM_AES256GCMEnc_Init;
+        updateFn = FSPSM_AES256GCMEnc_Up;
+        finalFn  = FSPSM_AES256GCMEnc_Final;
+    }
+
+
+    /* check if AES GCM can be used by FSP SM */
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+
+        /* allocate buffers for plain text, cipher text and authTag to make sure
+         * those buffers 32bit aligned as SCE requests.
+         */
+         delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
+                             (byte)(AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE));
+        plainBuf  = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
+        cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
+        aTagBuf   = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
+                                                        DYNAMIC_TYPE_AES);
+
+        if ((sz > 0 && plainBuf == NULL) || 
+            ((sz + delta) > 0 && cipherBuf == NULL) || aTagBuf == NULL) {
+            WOLFSSL_MSG("wc_fspsm_AesGcmEncrypt: buffer allocation failed");
+            ret = -1;
+        }
+
+        if (ret == 0) {
+            XMEMCPY(plainBuf, in, sz);
+            XMEMSET((void*)cipherBuf, 0, sz + delta);
+            XMEMSET((void*)authTag,   0, authTagSz);
+        }
+        
+      #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+       if (ret == 0 &&
+           info->keyflgs_tls.bits.session_key_set == 1) {
+            /* generate AES-GCM session key. The key stored in
+             * Aes.ctx.tsip_keyIdx is not used here.
+             */
+            key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            if (key_client_aes == NULL || key_server_aes == NULL) {
+                XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
+                XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+                XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
+                return MEMORY_E;
+            }
+            
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
+                    info->cipher,
+                    (uint32_t*)info->masterSecret,
+                    (uint8_t*) info->clientRandom,
+                    (uint8_t*) info->serverRandom,
+                    &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
+                    &key_client_mac,
+                    &key_server_mac,
+                    key_client_aes,
+                    key_server_aes,
+                    NULL, NULL);
+            if (ret != FSP_SUCCESS) {
+                WOLFSSL_MSG("R_XXX_TLS_SessionKeyGenerate failed");
+                ret = -1;
+            }
+
+        }
+        else {
+       #else
+        if (ret == 0) {
+       #endif
+            if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
+                info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
+                key_client_aes = aes->ctx.wrapped_key;
+                iv_l = iv;
+                ivSz_l = ivSz;
+            }
+            else {
+                WOLFSSL_MSG("AES key for FSP SM is not set.");
+                ret = -1;
+            }
+        }
+
+        if (ret == 0) {
+
+            /* since generated session key is coupled to iv, no need to pass
+             * them init func.
+             */
+            ret = initFn(&_handle, key_client_aes, (uint8_t*)iv_l, ivSz_l);
+
+            if (ret == FSP_SUCCESS) {
+                ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
+                                                                    authInSz);
+            }
+            if (ret == FSP_SUCCESS) {
+                ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL);
+            }
+            if (ret != FSP_SUCCESS) {
+                WOLFSSL_MSG("R_XXXX_AesXXXGcmEncryptUpdate2: failed");
+                ret = -1;
+            }
+
+            if (ret == FSP_SUCCESS) {
+                /* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is
+                * called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of
+                * the result of the previous call. Otherwise, SCE can not come out
+                * from its error state and all the trailing APIs will fail.
+                */
+                dataLen = 0;
+                ret = finalFn(&_handle,
+                           cipherBuf + (sz + delta - AES_BLOCK_SIZE),
+                              &dataLen,
+                              aTagBuf);
+
+                if (ret == FSP_SUCCESS) {
+                   /* copy encrypted data to out */
+                    if (sz != dataLen) {
+                        WOLFSSL_MSG("sz is not equal to dataLen!!!!");
+                        ret = -1;
+                    } else {
+                        XMEMCPY(out, cipherBuf, dataLen);
+                        /* copy auth tag to caller's buffer */
+                        XMEMCPY((void*)authTag, (void*)aTagBuf,
+                                    min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE ));
+                    }
+                }
+                else {
+                    WOLFSSL_MSG("R_SCE_AesxxxGcmEncryptFinal: failed");
+                    ret = -1;
+                }
+            }
+        }
+
+        XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
+        XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+        XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
+        if (info->keyflgs_tls.bits.session_key_set == 1 &&
+            key_client_aes != NULL)
+            XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+        if (info->keyflgs_tls.bits.session_key_set == 1 &&
+            key_server_aes != NULL)
+            XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+        wc_fspsm_hw_unlock();
+    }
+
+    return ret;
+}
+/* Perform Aes Gcm decryption by FSP SM
+ *
+ * aes    The AES object.
+ * out    Buffer to hold plaintext
+ * in     Buffer to hold cipher text
+ * sz     Length of cipher text/plaintext in bytes
+ * iv     Buffer holding IV/nonce
+ * ivSz   Length of IV/nonce in bytes
+ * authTag Buffer to hold authentication data
+ * authTagSz Length of authentication data in bytes
+ * ctx    The Callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
+                          const byte* in, word32 sz,
+                          const byte* iv, word32 ivSz,
+                          const byte* authTag, word32 authTagSz,
+                          const byte* authIn, word32 authInSz,
+                          void* ctx)
+{
+    int ret;
+    FSPSM_AESGCM_HANDLE _handle;
+    uint32_t            dataLen = sz;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
+
+    aesGcmDecInitFn     initFn;
+    aesGcmDecUpdateFn   updateFn;
+    aesGcmDecFinalFn    finalFn;
+
+    uint8_t* cipherBuf = NULL;
+    uint8_t* plainBuf  = NULL;
+    uint8_t* aTagBuf = NULL;
+    uint8_t  delta;
+    const uint8_t* iv_l = NULL;
+    uint32_t ivSz_l = 0;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+#endif
+    FSPSM_AES_PWKEY      key_client_aes = NULL;
+    FSPSM_AES_PWKEY      key_server_aes = NULL;
+    (void) key_client_aes;
+    /* sanity check */
+    if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
+        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
+        return BAD_FUNC_ARG;
+    }
+
+    if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
+        WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
+        return BAD_FUNC_ARG;
+    }
+
+    if (aes->ctx.keySize == 16) {
+        initFn   = FSPSM_AES128GCMDec_Init;
+        updateFn = FSPSM_AES128GCMDec_Up;
+        finalFn  = FSPSM_AES128GCMDec_Final;
+    }
+    else {
+        initFn   = FSPSM_AES256GCMDec_Init;
+        updateFn = FSPSM_AES256GCMDec_Up;
+        finalFn  = FSPSM_AES256GCMDec_Final;
+    }
+
+
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+       /* allocate buffers for plain-text, cipher-text, authTag and AAD.
+         * TSIP requests those buffers 32bit aligned.
+         */
+         delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
+                            (byte)(AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE));
+        cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
+        plainBuf  = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
+        aTagBuf   = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
+                                                        DYNAMIC_TYPE_AES);
+
+        if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
+            ret = -1;
+        }
+
+        if (ret == 0) {
+            XMEMSET((void*)plainBuf,  0, sz);
+            XMEMCPY(cipherBuf, in, sz);
+            XMEMCPY(aTagBuf, authTag, authTagSz);
+        }
+       #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+        if (ret == 0 &&
+            info->keyflgs_tls.bits.session_key_set == 1) {
+            /* generate AES-GCM session key. The key stored in
+             * Aes.ctx.tsip_keyIdx is not used here.
+             */
+            key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            if (key_client_aes == NULL || key_server_aes == NULL) {
+                XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
+                XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+                XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
+                return MEMORY_E;
+            }
+            
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
+                    info->cipher,
+                    (uint32_t*)info->masterSecret,
+                    (uint8_t*) info->clientRandom,
+                    (uint8_t*) info->serverRandom,
+                    (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
+                    &key_client_mac,
+                    &key_server_mac,
+                    key_client_aes,
+                    key_server_aes,
+                    NULL, NULL);
+            if (ret != FSP_SUCCESS) {
+                WOLFSSL_MSG("R_XXXX_TLS_SessionKeyGenerate failed");
+                ret = -1;
+            }
+        }
+        else {
+       #else
+        if (ret == 0) {
+       #endif
+            if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
+                info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
+
+                key_server_aes = aes->ctx.wrapped_key;
+                iv_l = iv;
+                ivSz_l = ivSz;
+            }
+            else {
+                WOLFSSL_MSG("AES key for FSP SM is not set.");
+                ret = -1;
+            }
+        }
+        
+        if (ret == 0) {
+            /* since key_index has iv and ivSz in it, no need to pass them init
+             * func. Pass NULL and 0 as 3rd and 4th parameter respectively.
+             */
+             ret = initFn(&_handle, key_server_aes, (uint8_t*)iv_l, ivSz_l);
+
+
+            if (ret == FSP_SUCCESS) {
+                /* pass only AAD and it's size before passing cipher text */
+                ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
+                                                                    authInSz);
+            }
+            if (ret == FSP_SUCCESS) {
+                ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL);
+            }
+            if (ret != FSP_SUCCESS) {
+                WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptUpdate: failed in decrypt");
+                ret = -1;
+            }
+
+            if (ret == FSP_SUCCESS) {
+                dataLen = 0;
+                ret = finalFn(&_handle,
+                                  plainBuf + (sz + delta - AES_BLOCK_SIZE),
+                            &dataLen,
+                            aTagBuf,
+                            min(16, authTagSz));
+
+                if (ret == FSP_SUCCESS) {
+                    /* copy plain data to out */
+                    if (sz != dataLen) {
+                        WOLFSSL_MSG("sz is not equal to dataLen!!!!");
+                        ret = -1;
+                    }
+                    else {
+                        XMEMCPY(out, plainBuf, dataLen);
+                    }
+                }
+                else {
+                    WOLFSSL_MSG("R_XXXX_AesXXXGcmDecryptFinal: failed");
+                    ret = -1;
+                }
+            }
+        }
+
+        XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
+        XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
+        XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
+        if (info->keyflgs_tls.bits.session_key_set == 1 &&
+            key_client_aes != NULL)
+            XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+        if (info->keyflgs_tls.bits.session_key_set == 1 &&
+            key_server_aes != NULL)
+            XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+        wc_fspsm_hw_unlock();
+    }
+
+    return ret;
+}
+/* Perform Aes Cbc encryption by FSP SM
+ *
+ * aes    The AES object.
+ * out    Buffer to hold cipher text
+ * in     Buffer to hold plain text
+ * sz     Length of cipher text/plaintext in bytes
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
+                                                const byte* in, word32 sz)
+{
+    FSPSM_AES_HANDLE _handle;
+    int ret;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    uint32_t dataLength;
+    byte *iv;
+
+    if ((in == NULL) || (out == NULL) || (aes == NULL))
+      return BAD_FUNC_ARG;
+
+    /* while doing TLS handshake, SCE driver keeps true-key and iv *
+     * on the device. iv is dummy                                   */
+    iv = (uint8_t*)aes->reg;
+
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
+        WOLFSSL_MSG("Failed to lock");
+        return ret;
+    }
+
+    if (aes->ctx.keySize == 16) {
+        ret = FSPSM_AES128CBCEnc_Init(&_handle,
+            aes->ctx.wrapped_key,
+            iv);
+    }
+    else if (aes->ctx.keySize == 32) {
+        ret = FSPSM_AES256CBCEnc_Init(&_handle,
+            aes->ctx.wrapped_key,
+            iv);
+    }
+    else {
+        WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32.");
+        wc_fspsm_hw_unlock();
+        return -1;
+    }
+
+    while (ret == FSP_SUCCESS && blocks--) {
+
+        if (aes->ctx.keySize == 16)
+            ret = FSPSM_AES128CBCEnc_Up(&_handle, (uint8_t*)in,
+                                    (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+        else
+            ret = FSPSM_AES256CBCEnc_Up(&_handle, (uint8_t*)in,
+                                    (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+
+        in  += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+    }
+
+    if (ret == FSP_SUCCESS) {
+        if (aes->ctx.keySize == 16) {
+            ret = FSPSM_AES128CBCEnc_Final(&_handle, out, &dataLength);
+        }
+        else {
+            ret = FSPSM_AES256CBCEnc_Final(&_handle, out, &dataLength);
+        }
+    }
+    else {
+        WOLFSSL_MSG("SCE AES CBC encryption failed");
+        ret = -1;
+    }
+
+    wc_fspsm_hw_unlock();
+    return ret;
+}
+/* Perform Aes Cbc decryption by SCE
+ *
+ * aes    The AES object.
+ * out    Buffer to hold plain text
+ * in     Buffer to hold cipher text
+ * sz     Length of cipher text/plaintext in bytes
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+                                                    const byte* in, word32 sz)
+{
+    FSPSM_AES_HANDLE _handle;
+    int ret;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    uint32_t dataLength;
+    byte *iv;
+
+    if ((in == NULL) || (out == NULL) || (aes == NULL))
+      return BAD_FUNC_ARG;
+
+    iv = (uint8_t*)aes->reg;
+
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
+        WOLFSSL_MSG("Failed to lock");
+        return ret;
+    }
+
+    if (aes->ctx.keySize == 16) {
+        ret = FSPSM_AES128CBCDec_Init(&_handle,
+            aes->ctx.wrapped_key,
+            iv);
+    }
+    else if (aes->ctx.keySize == 32) {
+        ret = FSPSM_AES256CBCDec_Init(&_handle,
+            aes->ctx.wrapped_key,
+            iv);
+    }
+    else {
+        wc_fspsm_hw_unlock();
+        return -1;
+    }
+
+    while (ret == FSP_SUCCESS && blocks--) {
+
+        if (aes->ctx.keySize == 16)
+            ret = FSPSM_AES128CBCDec_Up(&_handle, (uint8_t*)in,
+                                        (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+        else
+            ret = FSPSM_AES256CBCDec_Up(&_handle, (uint8_t*)in,
+                                        (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
+
+        in  += AES_BLOCK_SIZE;
+        out += AES_BLOCK_SIZE;
+    }
+
+    if (ret == FSP_SUCCESS) {
+        if (aes->ctx.keySize == 16)
+            ret = FSPSM_AES128CBCDec_Final(&_handle, out, &dataLength);
+        else
+            ret = FSPSM_AES256CBCDec_Final(&_handle, out, &dataLength);
+    }
+    else {
+        WOLFSSL_MSG("SCE AES CBC decryption failed");
+        ret = -1;
+    }
+
+    wc_fspsm_hw_unlock();
+    return ret;
+}
+
+
+/* free contentx related to FSP SM
+ *
+ * aes    The AES object.
+ * return none
+ */
+WOLFSSL_LOCAL void wc_fspsm_Aesfree(Aes* aes)
+{
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    /* In the case of session key, memory is allocated
+     * therefore, it should be freed here
+     */
+    if (aes->ctx.setup == 1 && aes->ctx.wrapped_key) {
+        XFREE(aes->ctx.wrapped_key, aes->heap, DYNAMIC_TYPE_AES);
+        aes->ctx.setup = 0;
+    }
+#else
+    if (aes->ctx.wrapped_key) {
+        /* aes ctx just points user created wrapped key 
+         * in the case of CryptOnly Mode
+         * therefore, it just sets pointing to NULL.
+         * user key should be freed by owner(user)
+         */
+        aes->ctx.wrapped_key = NULL;
+    }
+#endif
+}
+
+#if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+int wc_AesSetKey(Aes* aes, const byte* userKey, word32 keylen,
+    const byte* iv, int dir)
+{
+    (void) userKey;
+    (void) dir;
+    
+    if (aes == NULL || userKey == NULL || 
+            !((keylen == 16) || (keylen == 32))) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (aes->devId == INVALID_DEVID) {
+        return BAD_FUNC_ARG;
+    }
+
+#ifdef WOLFSSL_AES_COUNTER
+    aes->left = 0;
+#endif
+
+    /* if there is previous key, free */
+    if(aes->ctx.wrapped_key)
+        wc_fspsm_Aesfree(aes);
+    /* Generate aes key based on length */
+    aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)userKey;
+    aes->keylen = (int)keylen;
+    aes->ctx.keySize = keylen;
+    
+    return wc_AesSetIV(aes, iv);
+}
+#endif
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS
+          WOLFSSL_RENESAS_FSPSM_CRYPTONLY
+          NO_WOLFSSL_RENESAS_FSPSM_AES */
+#endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c
new file mode 100644
index 00000000..5db4435d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_rsa.c
@@ -0,0 +1,322 @@
+/* renesas_fspsm_rsa.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_RSA) && \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+#endif
+
+/* Set Ctx pointer to NULL. 
+ * A created wrapped key should be freed by user
+ *
+ * key    RsaKey object
+ * return none
+ */
+WOLFSSL_LOCAL void wc_fspsm_RsaKeyFree(RsaKey *key)
+{
+    if (key == NULL)
+        return;
+
+    if(key->ctx.wrapped_pri1024_key)
+        key->ctx.wrapped_pri1024_key = NULL;
+
+    if(key->ctx.wrapped_pub1024_key)
+        key->ctx.wrapped_pub1024_key = NULL;
+
+    if(key->ctx.wrapped_pri2048_key)
+        key->ctx.wrapped_pri2048_key = NULL;
+
+    if(key->ctx.wrapped_pub2048_key)
+        key->ctx.wrapped_pub2048_key = NULL;
+}
+
+/* Set Rsa key by pre-created wrapped user key
+ *
+ * key    RsaKey object
+ * size   desired keylenth, in bits. supports 1024 or 2048 bits
+ * ctx    Callback context including pointer to hold generated key
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_MakeRsaKey(RsaKey *key, int size, void* ctx)
+{
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
+
+    /* sanity check */
+    if (key == NULL || size < 0 || ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    if (size == 1024) {
+        if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set != 1 ||
+           info->keyflgs_crypt.bits.rsapub1024_installedkey_set != 1) {
+            WOLFSSL_MSG("Caller should create user key in advance.");
+            WOLFSSL_MSG("Caller also need to installedkey to 1.");
+            return BAD_FUNC_ARG;
+        }
+        key->ctx.wrapped_pri1024_key = info->wrapped_key_rsapri1024;
+        key->ctx.wrapped_pub1024_key = info->wrapped_key_rsapub1024;
+        key->ctx.keySz = 1024;
+    } else if (size == 2048) {
+        if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set != 1 ||
+            info->keyflgs_crypt.bits.rsapub2048_installedkey_set != 1) {
+                WOLFSSL_MSG("Caller should create user key in advance.");
+                WOLFSSL_MSG("Caller also need to installedkey to 1.");
+                return BAD_FUNC_ARG;
+        }
+        key->ctx.wrapped_pri2048_key = info->wrapped_key_rsapri2048;
+        key->ctx.wrapped_pub2048_key = info->wrapped_key_rsapub2048;
+        key->ctx.keySz = 2048;
+    } else
+        return CRYPTOCB_UNAVAILABLE;
+
+    return 0;
+}
+
+/* Perform rsa encryption/decryption by FSP SM
+ * Assumes to be called by Crypt Callback
+ *
+ * in     Buffer to hold plain text
+ * inLen  Length of plain text in bytes
+ * out    Buffer to hold cipher text
+ * outLen Length of cipher in bytes
+ * key    Rsa key object
+ * rng    rng object
+ * ctx    Callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
+                    word32 *outLen, int type, struct RsaKey* key,
+                    struct WC_RNG* rng)
+{
+    int ret;
+    
+    FSPSM_RSA_DATA plain;
+    FSPSM_RSA_DATA cipher;
+    
+    int keySize;
+    
+    (void) key;
+    (void) rng;
+    
+    /* sanity check */
+    if (in == NULL || out == NULL ||
+      ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+        return BAD_FUNC_ARG;
+    }
+    
+    keySize = (int)key->ctx.keySz;
+    
+    if (keySize == 0) {
+        WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
+                                                        "1024 or 2048 bits.");
+        return BAD_FUNC_ARG;
+    }
+
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        if (type == RSA_PUBLIC_ENCRYPT) {
+            
+            plain.pdata = (byte*)in;
+            plain.data_length = inLen;
+            cipher.pdata = out;
+            cipher.data_length = *outLen;
+
+            if (keySize == 1024) {
+               ret = FSPSM_RSA1024_PKCSENC_FUNC(&plain, &cipher,
+                            (FSPSM_RSA1024_WPB_KEY*)
+                                     key->ctx.wrapped_pub1024_key);
+            }
+            else {
+               ret = FSPSM_RSA2048_PKCSENC_FUNC(&plain, &cipher,
+                            (FSPSM_RSA2048_WPB_KEY*)
+                                    key->ctx.wrapped_pub2048_key);
+            }
+        }
+        else if (type == RSA_PRIVATE_DECRYPT) {
+            plain.pdata = out;
+            plain.data_length = *outLen;
+            cipher.pdata = (byte*)in;
+            cipher.data_length = inLen;
+            
+            if (keySize == 1024) {
+                ret = FSPSM_RSA1024_PKCSDEC_FUNC(&cipher, &plain,
+                            (FSPSM_RSA1024_WPI_KEY*)
+                                key->ctx.wrapped_pri1024_key, &outLen);
+            }
+            else {
+                ret = FSPSM_RSA2048_PKCSDEC_FUNC(&cipher, &plain,
+                            (FSPSM_RSA2048_WPI_KEY*)
+                                key->ctx.wrapped_pri2048_key, &outLen);
+            }
+        }
+        
+        wc_fspsm_hw_unlock();
+    }
+    return ret;
+}
+
+/* Perform Rsa sign by FSP SM
+ * Assumes to be called by Crypt Callback
+ * 
+ * in     Buffer to hold plaintext
+ * inLen  Length of plaintext in bytes
+ * out    Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key    rsa key object
+ * ctx    The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+ 
+WOLFSSL_LOCAL int wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
+                    word32* outLen, struct RsaKey* key, void* ctx)
+{
+    int ret;
+    
+    FSPSM_RSA_DATA message_hash;
+    FSPSM_RSA_DATA signature;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
+    int keySize;
+    
+    /* sanity check */
+    if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
+      ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+        return BAD_FUNC_ARG;
+    }
+    
+    keySize = (int)key->ctx.keySz;
+    
+    message_hash.pdata = (byte *)in;
+    message_hash.data_length = inLen;
+    message_hash.data_type = 
+            info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+    signature.pdata = out;
+    signature.data_length = (word32*)outLen;
+    
+    #if defined(WOLFSSL_RENESAS_RSIP)
+    message_hash.hash_type = signature.hash_type = 
+                info->hash_type;   /* hash type */
+    #endif
+    
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        if (keySize == 1024) {
+            
+            ret = FSPSM_RSA1024_SIGN_FUNC(&message_hash,
+                        &signature,
+                        (FSPSM_RSA1024_WPI_KEY *)
+                                    key->ctx.wrapped_pri1024_key,
+                        HW_SCE_RSA_HASH_SHA256);
+        }
+        else {
+            
+            ret = FSPSM_RSA2048_SIGN_FUNC(&message_hash,
+                        &signature,
+                        (FSPSM_RSA2048_WPI_KEY *)
+                                    key->ctx.wrapped_pri2048_key,
+                        HW_SCE_RSA_HASH_SHA256);
+        }
+        
+        wc_fspsm_hw_unlock();
+    }
+    
+    return ret;
+}
+
+/* Perform Rsa verify by FSP SM
+ * Assumes to be called by Crypt Callback
+ * 
+ * in     Buffer to hold plaintext
+ * inLen  Length of plaintext in bytes
+ * out    Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key    rsa key object
+ * ctx    The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+ 
+WOLFSSL_LOCAL int wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
+                    word32* outLen,struct RsaKey* key, void* ctx)
+{
+    int ret;
+    
+    FSPSM_RSA_DATA message_hash;
+    FSPSM_RSA_DATA signature;
+    FSPSM_ST    *info = (FSPSM_ST*)ctx;
+    int keySize;
+    
+    (void) key;
+    
+    /* sanity check */
+    if (in == NULL || out == NULL || (word32*)outLen <= 0 || info == NULL ||
+      ((key == NULL) && (key->ctx.keySz != 1024 && key->ctx.keySz != 2048))){
+        return BAD_FUNC_ARG;
+    }
+    
+    keySize = (int)key->ctx.keySz;
+    
+    
+    message_hash.pdata =(byte*)in;
+    message_hash.data_length = inLen;
+    message_hash.data_type = 
+            info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+    
+    signature.pdata = out;
+    signature.data_length = (word32*)outLen;
+    #if defined(WOLFSSL_RENESAS_RSIP)
+    message_hash.hash_type = signature.hash_type = 
+                info->hash_type;   /* hash type */
+    #endif
+    
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        if (keySize == 1024) {
+            ret = FSPSM_RSA1024_VRY_FUNC(&signature,
+                  &message_hash,
+                  (FSPSM_RSA1024_WPB_KEY *)
+                        key->ctx.wrapped_pub1024_key,
+                  HW_SCE_RSA_HASH_SHA256);
+        }
+        else {
+                ret = FSPSM_RSA2048_VRY_FUNC(&signature, 
+                    &message_hash,
+                    (FSPSM_RSA2048_WPB_KEY *)
+                         key->ctx.wrapped_pub2048_key,
+                    HW_SCE_RSA_HASH_SHA256 );
+        }
+        wc_fspsm_hw_unlock();
+    }
+    
+    return ret;
+}
+
+#endif /* !NO_RSA && WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c
new file mode 100644
index 00000000..52df6da3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c
@@ -0,0 +1,686 @@
+/* renesas_fspsm_sha.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_SHA256)
+
+#include <wolfssl/wolfcrypt/logging.h>
+
+#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+     defined(WOLFSSL_RENESAS_RSIP)) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+
+#if defined(WOLFSSL_RENESAS_RSIP)
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+
+/* wrapper for RSIP SHA1 Init */
+static fsp_err_t _R_RSIP_SHA1_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA1 );
+}
+/* wrapper for RSIP SHA224 Init */
+static fsp_err_t _R_RSIP_SHA224_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA224 );
+}
+/* wrapper for RSIP SHA256 Init */
+static fsp_err_t _R_RSIP_SHA256_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA256 );
+}
+/* wrapper for RSIP SHA384 Init */
+static fsp_err_t _R_RSIP_SHA384_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA384 );
+}
+/* wrapper for RSIP SHA512 Init */
+static fsp_err_t _R_RSIP_SHA512_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512 );
+}
+/* wrapper for RSIP SHA512_224 Init */
+static fsp_err_t _R_RSIP_SHA512_224_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512_224 );
+}
+/* wrapper for RSIP SHA512_256 Init */
+static fsp_err_t _R_RSIP_SHA512_256_GenerateInit(FSPSM_SHA_HANDLE* h)
+{
+    return R_RSIP_SHA_GenerateInit(&gFSPSM_ctrl, h, RSIP_HASH_TYPE_SHA512_256 );
+}
+/* wrapper for RSIP SHA Update */
+static fsp_err_t _R_RSIP_SHA_GenerateUpdate(FSPSM_SHA_HANDLE* h,
+                                            uint8_t* m, uint32_t len)
+{
+    return R_RSIP_SHA_GenerateUpdate(&gFSPSM_ctrl, h, m, len );
+}
+/* wrapper for RSIP SHA Final */
+static fsp_err_t _R_RSIP_SHA_GenerateFinal(FSPSM_SHA_HANDLE* h,
+                                                uint8_t* d, uint32_t *sz)
+{
+    (void) sz;
+    return R_RSIP_SHA_GenerateFinal(&gFSPSM_ctrl, h, d);
+}
+#endif /* WOLFSSL_RENESAS_RSIP */
+/* Free up allocation for msg
+ *
+ * hash    The FSPSM Hash object.
+ * no return value
+ */
+static void FSPSM_HashFree(wolfssl_FSPSM_Hash* hash)
+{
+    if (hash == NULL)
+        return;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    if (hash->msg != NULL) {
+        XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        hash->msg = NULL;
+    }
+#endif
+
+}
+/* copy hash result from src to dst */
+static int FSPSM_HashCopy(wolfssl_FSPSM_Hash* src, wolfssl_FSPSM_Hash* dst)
+{
+    if (src == NULL || dst == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    XMEMCPY(dst, src, sizeof(wolfssl_FSPSM_Hash));
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    if (src->len > 0 && src->msg != NULL) {
+        dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
+        if (dst->msg == NULL) {
+            return MEMORY_E;
+        }
+        XMEMCPY(dst->msg, src->msg, src->len);
+    }
+#endif
+    return 0;
+}
+/* Initialize Hash object
+ *
+ * hash    The FSPSM Hash object.
+ * heap    Buffer to hold heap if available
+ * devId   device Id
+ * return  0 on success, BAD_FUNC_ARG when has is NULL
+ */
+static int FSPSM_HashInit(wolfssl_FSPSM_Hash* hash, void* heap, int devId,
+    word32 sha_type)
+{
+#if defined(WOLFSSL_RENESAS_RSIP)
+    int ret;
+    fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+#endif
+    if (hash == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    (void)devId;
+    XMEMSET(hash, 0, sizeof(wolfssl_FSPSM_Hash));
+    hash->sha_type = sha_type;
+    hash->heap = heap;
+    
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    hash->len  = 0;
+    hash->used = 0;
+    hash->msg  = NULL;
+    
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    
+    switch(hash->sha_type) {
+    case FSPSM_SHA1:
+        Init = FSPSM_SHA1_Init;
+        break;
+    case FSPSM_SHA256:
+        Init = FSPSM_SHA256_Init;
+        break;
+    case FSPSM_SHA224:
+        Init = FSPSM_SHA224_Init;
+        break;
+    case FSPSM_SHA384:
+        Init = FSPSM_SHA384_Init;
+        break;
+    case FSPSM_SHA512:
+        Init = FSPSM_SHA512_Init;
+        break;
+    case FSPSM_SHA512_224:
+        Init = FSPSM_SHA512_224_Init;
+        break;
+    case FSPSM_SHA512_256:
+        Init = FSPSM_SHA512_256_Init;
+        break;
+    default:
+        return BAD_FUNC_ARG;
+    }
+    wc_fspsm_hw_lock();
+    ret = Init(&hash->handle);
+    wc_fspsm_hw_unlock();
+    return ret;
+#endif
+
+    return 0;
+}
+
+/* Add data to msg(work buffer) for final hash operation
+ *
+ * hash    The FSPSM Hash object.
+ * data    Buffer to hold plain text for hash
+ * sz      Length of data
+ * return  0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure
+ */
+static int FSPSM_HashUpdate(wolfssl_FSPSM_Hash* hash,
+                                                const byte* data, word32 sz)
+{
+#if defined(WOLFSSL_RENESAS_RSIP)
+    int ret;
+    fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+#endif
+
+    if (hash == NULL || (sz > 0 && data == NULL)) {
+        return BAD_FUNC_ARG;
+    }
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    if (hash->len < hash->used + sz) {
+        if (hash->msg == NULL) {
+            hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
+                    DYNAMIC_TYPE_TMP_BUFFER);
+        }
+        else {
+#ifdef FREERTOS
+            byte* pt = (byte*)XMALLOC(hash->used + sz, hash->heap,
+                    DYNAMIC_TYPE_TMP_BUFFER);
+            if (pt == NULL) {
+                return MEMORY_E;
+            }
+            XMEMCPY(pt, hash->msg, hash->used);
+            XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            hash->msg = NULL;
+            hash->msg = pt;
+#else
+            byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap,
+                    DYNAMIC_TYPE_TMP_BUFFER);
+            if (pt == NULL) {
+                return MEMORY_E;
+            }
+            hash->msg = pt;
+#endif
+        }
+        if (hash->msg == NULL) {
+            return MEMORY_E;
+        }
+        hash->len = hash->used + sz;
+    }
+    XMEMCPY(hash->msg + hash->used, data , sz);
+    hash->used += sz;
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    
+    switch(hash->sha_type) {
+    case FSPSM_SHA1:
+        Update = FSPSM_SHA1_Up;
+        break;
+    case FSPSM_SHA256:
+        Update = FSPSM_SHA256_Up;
+        break;
+    case FSPSM_SHA224:
+        Update = FSPSM_SHA224_Up;
+        break;
+    case FSPSM_SHA384:
+        Update = FSPSM_SHA384_Up;
+        break;
+    case FSPSM_SHA512:
+        Update = FSPSM_SHA512_Up;
+        break;
+    case FSPSM_SHA512_224:
+        Update = FSPSM_SHA512_224_Up;
+        break;
+    case FSPSM_SHA512_256:
+        Update = FSPSM_SHA512_256_Up;
+        break;
+    default:
+        return BAD_FUNC_ARG;
+    }
+    wc_fspsm_hw_lock();
+    ret = Update(&hash->handle, data, sz);
+    wc_fspsm_hw_unlock();
+    return ret;
+#endif
+    return 0;
+}
+
+/* Perform hash operation using accumulated msg
+ *
+ * hash    The FSPSM Hash object.
+ * out     Buffer to hold hashed text
+ * outSz   Length of out
+ * return  FSP_SUCCESS(0) on success,
+ *         otherwise BAD_FUNC_ARG or FSP Error code on failure
+ */
+static int FSPSM_HashFinal(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
+{
+    int ret = FSP_SUCCESS;
+    fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
+    uint32_t sz;
+    void* heap;
+    (void) outSz;
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    FSPSM_SHA_HANDLE handle;
+    fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+    fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+
+    if (hash == NULL || out == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (hash->sha_type == FSPSM_SHA256) {
+        Init = FSPSM_SHA256_Init;
+        Update = FSPSM_SHA256_Up;
+        Final = FSPSM_SHA256_Final;
+    } else
+        return BAD_FUNC_ARG;
+    
+    wc_fspsm_hw_lock();
+
+    if (Init(&handle) == FSP_SUCCESS) {
+        ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
+        if (ret == FSP_SUCCESS) {
+            ret = Final(&handle, out, (uint32_t*)&sz);
+            if (ret != FSP_SUCCESS
+            #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+             || sz != outSz
+            #endif
+            ) {
+                WOLFSSL_MSG("Sha operation failed");
+                WOLFSSL_ERROR(WC_HW_E);
+                ret = WC_HW_E;
+            }
+        }
+    }
+    wc_fspsm_hw_unlock();
+    
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    switch(hash->sha_type) {
+    case FSPSM_SHA1:
+        Final = FSPSM_SHA1_Final;
+        break;
+    case FSPSM_SHA256:
+        Final = FSPSM_SHA256_Final;
+        break;
+    case FSPSM_SHA224:
+        Final = FSPSM_SHA224_Final;
+        break;
+    case FSPSM_SHA384:
+        Final = FSPSM_SHA384_Final;
+        break;
+    case FSPSM_SHA512:
+        Final = FSPSM_SHA512_Final;
+        break;
+    case FSPSM_SHA512_224:
+        Final = FSPSM_SHA512_224_Final;
+        break;
+    case FSPSM_SHA512_256:
+        Final = FSPSM_SHA512_256_Final;
+        break;
+    default:
+        return BAD_FUNC_ARG;
+    }
+    
+    wc_fspsm_hw_lock();
+    ret = Final(&hash->handle, out, (uint32_t*)&sz);
+    if (ret != FSP_SUCCESS) {
+        WOLFSSL_MSG("Sha operation failed");
+        WOLFSSL_ERROR(WC_HW_E);
+        ret = WC_HW_E;
+    }
+    wc_fspsm_hw_unlock();
+#endif
+
+    heap = hash->heap;
+
+    FSPSM_HashFree(hash);
+    FSPSM_HashInit(hash, heap, 0, hash->sha_type);
+
+    return ret;
+}
+/* Hash operation to message and return a result */
+static int FSPSM_HashGet(wolfssl_FSPSM_Hash* hash, byte* out, word32 outSz)
+{
+    int ret = FSP_SUCCESS;
+    fsp_err_t (*Final )(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t*);
+    uint32_t sz = 0;
+    (void) outSz;
+    
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    FSPSM_SHA_HANDLE handle;
+    fsp_err_t (*Init)(FSPSM_SHA_HANDLE*);
+    fsp_err_t (*Update)(FSPSM_SHA_HANDLE*, uint8_t*, uint32_t);
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    wolfssl_FSPSM_Hash hashCopy;
+#endif
+
+
+    if (hash == NULL || out == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    if (hash->sha_type == FSPSM_SHA256) {
+        Init = FSPSM_SHA256_Init;
+        Update = FSPSM_SHA256_Up;
+        Final = FSPSM_SHA256_Final;
+    } else
+        return BAD_FUNC_ARG;
+    
+    wc_fspsm_hw_lock();
+    if (Init(&handle) == FSP_SUCCESS) {
+        ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
+        if (ret == FSP_SUCCESS) {
+            ret = Final(&handle, out, &sz);
+            if (ret != FSP_SUCCESS
+            #if defined(WOLFSSL_RENESAS_SCEPROTECT)
+             || sz != outSz
+            #endif
+            ) {
+                WOLFSSL_MSG("Sha operation failed");
+                WOLFSSL_ERROR(WC_HW_E);
+                ret = WC_HW_E;
+            }
+        }
+    }
+    wc_fspsm_hw_unlock();
+    
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    switch(hash->sha_type) {
+    case FSPSM_SHA1:
+        Final = FSPSM_SHA1_Final;
+        break;
+    case FSPSM_SHA256:
+        Final = FSPSM_SHA256_Final;
+        break;
+    case FSPSM_SHA224:
+        Final = FSPSM_SHA224_Final;
+        break;
+    case FSPSM_SHA384:
+        Final = FSPSM_SHA384_Final;
+        break;
+    case FSPSM_SHA512:
+        Final = FSPSM_SHA512_Final;
+        break;
+    case FSPSM_SHA512_224:
+        Final = FSPSM_SHA512_224_Final;
+        break;
+    case FSPSM_SHA512_256:
+        Final = FSPSM_SHA512_256_Final;
+        break;
+    default:
+        return BAD_FUNC_ARG;
+    }
+    
+    
+    if(FSPSM_HashCopy(hash, &hashCopy) != 0) {
+        WOLFSSL_MSG("ShaCopy operation failed");
+        WOLFSSL_ERROR(WC_HW_E);
+        ret = WC_HW_E;
+    }
+    wc_fspsm_hw_lock();
+    ret = Final(&hashCopy.handle, out, (uint32_t*)&sz);
+    if (ret != FSP_SUCCESS) {
+        WOLFSSL_MSG("Sha operation failed");
+        WOLFSSL_ERROR(WC_HW_E);
+        ret = WC_HW_E;
+    }
+    wc_fspsm_hw_unlock();
+    
+#endif
+
+    return ret;
+}
+
+
+
+#if !defined(NO_SHA) && defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha.h>
+
+int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
+{
+    return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA1);
+}
+
+int wc_ShaUpdate(wc_Sha* sha, const byte* in, word32 sz)
+{
+    return FSPSM_HashUpdate(sha, in, sz);
+}
+
+int wc_ShaFinal(wc_Sha* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA_DIGEST_SIZE);
+}
+
+int wc_ShaGetHash(wc_Sha* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA_DIGEST_SIZE);
+}
+
+int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* !NO_SHA && WOLFSSL_RENESAS_RSIP*/
+
+#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha256.h>
+
+/* WolfCrypt wrapper function for RX64 SHA224 Init */
+int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
+{
+    return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA224);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Update */
+int wc_Sha224Update(wc_Sha224* sha, const byte* in, word32 sz)
+{
+    return FSPSM_HashUpdate(sha, in, sz);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Final */
+int wc_Sha224Final(wc_Sha224* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA224_DIGEST_SIZE);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Get */
+int wc_Sha224GetHash(wc_Sha224* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA224_DIGEST_SIZE);
+}
+/* WolfCrypt wrapper function for RX64 SHA224 Copy */
+int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* WOLFSSL_SHA224 */
+
+#if !defined(NO_SHA256)
+#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
+    defined(WOLFSSL_RENESAS_RSIP)) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha256.h>
+
+/*  wrapper for wc_InitSha256_ex */
+int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
+{
+    return FSPSM_HashInit(sha, heap, devId, FSPSM_SHA256);
+}
+/*  wrapper for wc_Sha256Update */
+int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
+{
+    return FSPSM_HashUpdate(sha, in, sz);
+}
+/*  wrapper for wc_Sha256Final */
+int wc_Sha256Final(wc_Sha256* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha256GetHash */
+int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha256Copy */
+int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* !NO_SHA256 */
+#endif /* WOLFSSL_RENESAS_SCEPROTECT) || \
+        * WOLFSSL_RENESAS_RSIP */
+
+#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha512.h>
+/*  wrapper for wc_InitSha384_ex */
+int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devid)
+{
+    return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA384);
+}
+/*  wrapper for wc_InitSha384_ex */
+int wc_Sha384Update(wc_Sha384* sha, const byte* in, word32 sz)
+{
+    return FSPSM_HashUpdate(sha, in, sz);
+}
+/*  wrapper for wc_Sha384Final */
+int wc_Sha384Final(wc_Sha384* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA384_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha384GetHash */
+int wc_Sha384GetHash(wc_Sha384* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA384_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha384Copy */
+int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* WOLFSSL_SHA384 */
+
+#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha512.h>
+
+/*  wrapper for wc_InitSha512_ex */
+int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devid)
+{
+    return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512);
+}
+
+/*  wrapper for wc_Sha512Update */
+int wc_Sha512Update(wc_Sha512* sha, const byte* in, word32 sz)
+{
+    return FSPSM_HashUpdate(sha, in, sz);
+}
+
+/*  wrapper for wc_Sha512Final */
+int wc_Sha512Final(wc_Sha512* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA512_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha512GetHash */
+int wc_Sha512GetHash(wc_Sha512* sha, byte* hash)
+{
+   return FSPSM_HashGet(sha, hash, WC_SHA512_DIGEST_SIZE);
+}
+/*  wrapper for wc_Sha512Copy */
+int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+
+#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
+#if !defined(WOLFSSL_NOSHA512_224) && \
+    (defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
+
+/* create KCAPI handle for SHA512 operation */
+int wc_InitSha512_224_ex(wc_Sha512* sha, void* heap, int devid)
+{
+    return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512_224);
+}
+
+int wc_Sha512_224Final(wc_Sha512* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+int wc_Sha512_224GetHash(wc_Sha512* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+
+int wc_Sha512_224Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* !WOLFSSL_NOSHA512_224 */
+
+#if !defined(WOLFSSL_NOSHA512_256) && \
+    (defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH))
+
+/* create KCAPI handle for SHA512 operation */
+int wc_InitSha512_256_ex(wc_Sha512* sha, void* heap, int devid)
+{
+    return FSPSM_HashInit(sha, heap, devid, FSPSM_SHA512_256);
+}
+
+int wc_Sha512_256Final(wc_Sha512* sha, byte* hash)
+{
+    return FSPSM_HashFinal(sha, hash, WC_SHA512_256_DIGEST_SIZE);
+}
+int wc_Sha512_256GetHash(wc_Sha512* sha, byte* hash)
+{
+    return FSPSM_HashGet(sha, hash, WC_SHA512_224_DIGEST_SIZE);
+}
+
+int wc_Sha512_256Copy(wc_Sha512* src, wc_Sha512* dst)
+{
+    return FSPSM_HashCopy(src, dst);
+}
+#endif /* !WOLFSSL_NOSHA512_256 */
+#endif /* !HAVE_FIPS && !HAVE_SELFTEST */
+
+#endif /* WOLFSSL_SHA512 */
+
+
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS */
+#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
index 6d791700..1ecf750e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c
@@ -1,4 +1,4 @@
-/* renesas_sce_util.c
+/* renesas_fspsm_util.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -18,15 +18,24 @@
  * along with this program; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+
+#if defined(WOLFSSL_RENESAS_RSIP) || \
+    defined(WOLFSSL_RENESAS_SCEPROTECT)
+
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h>
+
+/* expect to have these variables defined at user application */
+extern FSPSM_INSTANCE   gFSPSM_ctrl;
+extern FSPSM_CONFIG     gFSPSM_cfg;
+
+#if defined(WOLFSSL_RENESAS_FSPSM)
 
 #include <wolfssl/wolfcrypt/wc_port.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #include <wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h>
 #include <wolfssl/wolfcrypt/memory.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
@@ -39,38 +48,41 @@
 #if defined(DEBUG_PK_CB)
     #define WOLFSSL_PKMSG(_f_, ...) printf(_f_, ##__VA_ARGS__)
 #else
-    #define WOLFSSL_PKMSG(_f_, ...)
+    #define WOLFSSL_PKMSG(_f_, ...) WC_DO_NOTHING
 #endif
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
-WOLFSSL_GLOBAL SCE_PKCbInfo gSCE_PKCbInfo;
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
+WOLFSSL_GLOBAL FSPSM_ST_PKC gPKCbInfo;
 #endif
 
-/* expect to have these variables defined at user application */
-extern sce_instance_ctrl_t sce_ctrl;
-extern sce_cfg_t sce_cfg;
 
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
 static const byte*  ca_cert_sig;
-static sce_key_data g_user_key_info;
+static fspsm_key_data g_user_key_info;
 
 static uint32_t     g_encrypted_publicCA_key[HW_SCE_SINST_WORD_SIZE];
 extern uint32_t     g_CAscm_Idx;          /* index of CM table    */
-wolfSSL_Mutex       sce_mutex;
-static int          sce_CryptHwMutexInit_ = 0;
-static uint32_t     sce_sess_idx = 0;
+static uint32_t     fspsm_sess_idx = 0;
+#endif
+
+#endif /* WOLFSSL_RENESAS_FSPSM*/
+
+wolfSSL_Mutex       fspsm_mutex;
+static int          fspsm_CryptHwMutexInit_ = 0;
+
 
 /* Mutex Init */
-static int sce_CryptHwMutexInit(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexInit(wolfSSL_Mutex* mutex)
 {
     return wc_InitMutex(mutex);
 }
 /* Mutex Lock */
-static int sce_CryptHwMutexLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexLock(wolfSSL_Mutex* mutex)
 {
     return wc_LockMutex(mutex);
 }
 /* Mutex Unlock */
-static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
+static int fspsm_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
 {
     return wc_UnLockMutex(mutex);
 }
@@ -79,23 +91,23 @@ static int sce_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
 * lock hw engine
 * this should be called before using engine.
 */
-WOLFSSL_LOCAL int wc_sce_hw_lock()
+WOLFSSL_LOCAL int wc_fspsm_hw_lock()
 {
     int ret = 0;
 
-    if (sce_CryptHwMutexInit_ == 0) {
+    if (fspsm_CryptHwMutexInit_ == 0) {
 
-        ret = sce_CryptHwMutexInit(&sce_mutex);
+        ret = fspsm_CryptHwMutexInit(&fspsm_mutex);
 
         if (ret == 0) {
-            sce_CryptHwMutexInit_ = 1;
+            fspsm_CryptHwMutexInit_ = 1;
         }
         else {
             WOLFSSL_MSG(" mutex initialization failed.");
             return -1;
         }
     }
-    if (sce_CryptHwMutexLock(&sce_mutex) != 0) {
+    if (fspsm_CryptHwMutexLock(&fspsm_mutex) != 0) {
         /* this should not happens */
         return -1;
     }
@@ -106,26 +118,28 @@ WOLFSSL_LOCAL int wc_sce_hw_lock()
 /*
 * release hw engine
 */
-WOLFSSL_LOCAL void wc_sce_hw_unlock(void)
+WOLFSSL_LOCAL void wc_fspsm_hw_unlock(void)
 {
-    sce_CryptHwMutexUnLock(&sce_mutex);
+    fspsm_CryptHwMutexUnLock(&fspsm_mutex);
 }
 
 /* Open sce driver for use */
-WOLFSSL_LOCAL int wc_sce_Open()
+WOLFSSL_LOCAL int wc_fspsm_Open()
 {
-    WOLFSSL_ENTER("wc_sce_Open");
+    WOLFSSL_ENTER("wc_fspsm_Open");
     int ret;
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
 
-        ret = R_SCE_Open(&sce_ctrl, &sce_cfg);
+        ret = FSPSM_OPEN(&gFSPSM_ctrl, &gFSPSM_cfg);
 
         if (ret != FSP_SUCCESS) {
             WOLFSSL_MSG("RENESAS SCE Open failed");
         }
+        
+    #if defined(WOLFSSL_RENESAS_FSPSM_TLS)
         if (ret == FSP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
 
-            ret = R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall(
+            ret = FSPSM_ROOTCA_RSA2048(
                     g_user_key_info.encrypted_provisioning_key,
                     g_user_key_info.iv,
                     g_user_key_info.encrypted_user_tls_key,
@@ -138,28 +152,28 @@ WOLFSSL_LOCAL int wc_sce_Open()
         else {
             WOLFSSL_MSG("Failed to lock sce hw ");
         }
-
+    #endif
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
-    WOLFSSL_LEAVE("wc_sce_Open", ret);
+    WOLFSSL_LEAVE("wc_fspsm_Open", ret);
     return ret;
 }
 
 /* close SCE driver */
-WOLFSSL_LOCAL void wc_sce_Close()
+WOLFSSL_LOCAL void wc_fspsm_Close()
 {
     WOLFSSL_ENTER("sce Close");
     int ret;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         /* close SCE */
-        ret = R_SCE_Close(&sce_ctrl);
+        ret = FSPSM_CLOSE(&gFSPSM_ctrl);
 
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
         if (ret != FSP_SUCCESS) {
             WOLFSSL_MSG("RENESAS SCE Close failed");
         }
@@ -169,15 +183,44 @@ WOLFSSL_LOCAL void wc_sce_Close()
     }
 }
 
-#ifndef WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY
+#define RANDGEN_WORDS  4
+WOLFSSL_LOCAL int wc_fspsm_GenerateRandBlock(byte* output, word32 sz) 
+{
+    /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */
+    int ret = 0;
+    word32 buffer[RANDGEN_WORDS];
+
+    while (sz > 0) {
+        word32 len = sizeof(buffer);
+
+        if (sz < len) {
+            len = sz;
+        }
+        /* return 4 words random number*/
+        ret = R_RANDOM_GEN(buffer);
+        if(ret == FSP_SUCCESS) {
+            XMEMCPY(output, &buffer, len);
+            output += len;
+            sz -= len;
+         } else {
+            WOLFSSL_MSG_EX("FSP SM Rnd Generate() Returned 0x%08x", ret);
+            return WC_HW_E;
+        }
+    }
+    return ret;
+}
+
+#if defined(WOLFSSL_RENESAS_FSPSM) && \
+    defined(WOLFSSL_RENESAS_FSPSM_TLS)
 
-#if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+#if defined(WOLFSSL_RENESAS_FSPSM_ECC)
 /* Verify Server Key Exchange while doing ECDH key exchange */
-static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig,
-                                                      uint32_t sigSz, void* ctx)
+static int fspsm_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl,
+                                   const uint8_t* sig,
+                                   uint32_t sigSz, void* ctx)
 {
     int ret = WOLFSSL_FAILURE;
-    User_SCEPKCbInfo* cbInfo;
+    FSPSM_ST* cbInfo;
     byte qx[MAX_ECC_BYTES], qy[MAX_ECC_BYTES];
     byte *peerkey = NULL;
 
@@ -188,7 +231,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     if (ssl == NULL || sig == NULL || ctx == NULL)
         return ret;
 
-    cbInfo = (User_SCEPKCbInfo*)ctx;
+    cbInfo = (FSPSM_ST*)ctx;
 
     /* export public peer public key */
     ret = wc_ecc_export_public_raw(ssl->peerEccKey, qx, &qxLen, qy, &qyLen);
@@ -210,9 +253,9 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     XMEMCPY(&peerkey[4], qx, qxLen);
     XMEMCPY(&peerkey[4+qxLen], qy, qyLen);
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         /* 0 : RSA 2048bit, 1 : Reserved, 2 : ECDSA P-256 */
-        ret = R_SCE_TLS_ServerKeyExchangeVerify(
+        ret = FSPSM_TLS_SVRKEYExVfy(
             type,
             (uint8_t*) ssl->arrays->clientRandom,
             (uint8_t*) ssl->arrays->serverRandom,
@@ -222,7 +265,7 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
             (uint32_t*)cbInfo->encrypted_ephemeral_ecdh_public_key);
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("failed R_SCE_TLS_ServerKeyExchangeVerify");
+            WOLFSSL_MSG("failed R_fspsm_TLS_ServerKeyExchangeVerify");
             cbInfo->keyflgs_tls.bits.pk_key_set = 0;
         }
         else {
@@ -235,13 +278,13 @@ static int SCE_ServerKeyExVerify(uint32_t type, WOLFSSL* ssl, const uint8_t* sig
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
+    wc_fspsm_hw_unlock();
 
     XFREE(peerkey, 0, DYNAMIC_TYPE_TMP_BUFFER);
     return ret;
 }
 /* Callback for Rsa Verify */
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
         uint8_t** out, const byte* key, uint32_t keySz, void* ctx)
 {
     int ret = WOLFSSL_FAILURE;
@@ -251,8 +294,8 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
 
     WOLFSSL_PKMSG("SCE RSA Verify: sigSz %d, keySz %d\n", sigSz, keySz);
 
-    if (wc_sce_usable(ssl, 0))
-      ret = SCE_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
+    if (wc_fspsm_usable(ssl, 0))
+      ret = fspsm_ServerKeyExVerify(0, ssl, sig, sigSz, ctx);
     else
       ret = CRYPTOCB_UNAVAILABLE;
 
@@ -264,7 +307,7 @@ WOLFSSL_LOCAL int wc_SCE_RsaVerify(WOLFSSL* ssl, byte* sig, uint32_t sigSz,
     return ret;
 }
 /* Callback for Ecc Verify */
-WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(WOLFSSL* ssl, const uint8_t* sig,
         uint32_t sigSz,  const uint8_t* hash, uint32_t hashSz,
         const uint8_t* key, uint32_t keySz, int* result, void* ctx)
 {
@@ -283,7 +326,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
     WOLFSSL_PKMSG("SCE ECC Verify: ssl->options.serverState = %d sigSz %d, hashSz %d, keySz %d\n",
                     ssl->options.serverState, sigSz, hashSz, keySz);
 
-    if (!wc_sce_usable(ssl, 0)) {
+    if (!wc_fspsm_usable(ssl, 0)) {
       WOLFSSL_PKMSG("Cannot handle cipher suite by SCE");
       return CRYPTOCB_UNAVAILABLE;
     }
@@ -322,7 +365,7 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
         }
     }
 
-    ret = SCE_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
+    ret = fspsm_ServerKeyExVerify(2, ssl, sigforSCE, 64, ctx);
 
     if (sigforSCE)
         XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
@@ -339,8 +382,11 @@ WOLFSSL_LOCAL int wc_SCE_EccVerify(WOLFSSL* ssl, const uint8_t* sig,
     return ret;
 }
 
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) || \
+    defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    
 /* Callback for ECC shared secret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         uint8_t* pubKeyDer, unsigned int* pubKeySz,
         uint8_t* out, unsigned int* outlen, int side, void* ctx)
 {
@@ -348,7 +394,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
     (void) otherKey;
     (void) side;
 
-    User_SCEPKCbInfo* cbInfo = (User_SCEPKCbInfo*)ctx;
+    FSPSM_ST* cbInfo = (FSPSM_ST*)ctx;
 
     (void)ssl;
     (void)cbInfo;
@@ -362,9 +408,9 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         side == WOLFSSL_CLIENT_END ? "client" : "server", otherKey->dp->id);
 
     if (cbInfo->keyflgs_tls.bits.pk_key_set == 1) {
-        if ((ret = wc_sce_hw_lock()) == 0) {
+        if ((ret = wc_fspsm_hw_lock()) == 0) {
             /* Generate ECC PUblic key pair */
-            ret = R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate(
+            ret = FSPSM_TLS_ECCS256R1_KPG(
                 &cbInfo->ecc_p256_wrapped_key,
                 (uint8_t*)&cbInfo->ecc_ecdh_public_key/* Qx 32 bytes and Qy 32 bytes*/ );
             if (ret != FSP_SUCCESS) {
@@ -372,14 +418,14 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
                 return ret;
             }
 
-            /* copy generated ecdh public key inot buffer */
+            /* copy generated ecdh public key into buffer */
             pubKeyDer[0] = ECC_POINT_UNCOMP;
             *pubKeySz = 1 + sizeof(cbInfo->ecc_ecdh_public_key);
             XMEMCPY(&pubKeyDer[1], &cbInfo->ecc_ecdh_public_key,
                         sizeof(cbInfo->ecc_ecdh_public_key));
 
             /* Generate Premaster Secret */
-            ret = R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1(
+            ret = FSPSM_TLS_PREMASTERGEN(
                         (uint32_t*)&cbInfo->encrypted_ephemeral_ecdh_public_key,
                         &cbInfo->ecc_p256_wrapped_key,
                         (uint32_t*)out/* pre-master secret 64 bytes */);
@@ -398,7 +444,7 @@ WOLFSSL_LOCAL int SCE_EccSharedSecret(WOLFSSL* ssl, ecc_key* otherKey,
         }
 
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
 
         *outlen = 64;
         WOLFSSL_PKMSG("PK ECC PMS: ret %d, PubKeySz %d, OutLen %d\n", ret, *pubKeySz, *outlen);
@@ -428,7 +474,7 @@ static uint32_t GetSceCipherSuite(
                 break;
 
             default:
-                sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+                sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
                 break;
         }
         WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -436,7 +482,7 @@ static uint32_t GetSceCipherSuite(
     }
     else if (cipherSuiteFirst == ECC_BYTE)
     {
-        sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+        sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
         /* comment out until implementation completes */
         switch(cipherSuite) {
 
@@ -457,12 +503,12 @@ static uint32_t GetSceCipherSuite(
                 break;
 
             default:
-                sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+                sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
                 break;
         }
     }
     else{
-        sceCipher = (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE;
+        sceCipher = (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE;
     }
 
     WOLFSSL_MSG("<< GetSceCipherSuite");
@@ -474,10 +520,10 @@ static uint32_t GetSceCipherSuite(
 /* ssl     : a pointer to WOLFSSL object                       */
 /* session_key_generated : if session key has been generated   */
 /* return  1 for usable, 0 for unusable                        */
-WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_usable(const WOLFSSL *ssl,
                                                 uint8_t session_key_generated)
 {
-    WOLFSSL_ENTER("sce_usable");
+    WOLFSSL_ENTER("fspsm_usable");
     uint32_t sceCipher;
     byte side;
     const Ciphers *enc;
@@ -518,7 +564,7 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
                                      ssl->options.cipherSuite);
     side = ssl->options.side;
 
-    if (sceCipher != (uint32_t)WOLFSSL_SCE_ILLEGAL_CIPHERSUITE 
+    if (sceCipher != (uint32_t)WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE
                                    && side == WOLFSSL_CLIENT_END)
         return 1;
     else
@@ -526,44 +572,45 @@ WOLFSSL_LOCAL int wc_sce_usable(const WOLFSSL *ssl,
 }
 
 /* Generate Hmac by sha256*/
-WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* myInner,
-        uint32_t innerSz,const uint8_t* in, uint32_t sz, byte* digest)
+WOLFSSL_LOCAL int wc_fspsm_Sha256GenerateHmac(const WOLFSSL *ssl,
+                const uint8_t* myInner, uint32_t innerSz,const uint8_t* in,
+                uint32_t sz, byte* digest)
 {
-    WOLFSSL_ENTER("sce_Sha256HmacGenerate");
+    WOLFSSL_ENTER("fspsm_Sha256HmacGenerate");
 
-    sce_hmac_sha_handle_t _handle;
-    sce_hmac_sha_wrapped_key_t wrapped_key;
+    FSPSM_HMAC_HANDLE _handle;
+    FSPSM_HMAC_WKEY wrapped_key;
     int ret;
 
     if ((ssl == NULL) || (myInner == NULL) || (in == NULL) ||
         (digest == NULL))
       return BAD_FUNC_ARG;
 
-    wrapped_key = ssl->keys.sce_client_write_MAC_secret;
+    wrapped_key = ssl->keys.fspsm_client_write_MAC_secret;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("hw lock failed");
         return ret;
     }
 
-    ret = R_SCE_SHA256HMAC_GenerateInit(
+    ret = FSPSM_S256HMAC_GInt(
                 &_handle,
                 &wrapped_key);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateUpdate(
+        ret = FSPSM_S256HMAC_GUp(
                 &_handle,
                 (uint8_t*)myInner,
                 innerSz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateUpdate(
+        ret = FSPSM_S256HMAC_GUp(
                 &_handle,
                 (uint8_t*)in,
                 sz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_GenerateFinal(
+        ret = FSPSM_S256HMAC_GFnl(
                 &_handle,
                 digest);
 
@@ -571,29 +618,29 @@ WOLFSSL_LOCAL int wc_sce_Sha256GenerateHmac(const WOLFSSL *ssl,const uint8_t* my
         ret = WOLFSSL_FAILURE;
 
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_Sha256HmacGenerate", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_Sha256HmacGenerate", ret);
     return ret;
 }
 
 /* Verify hmac */
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(const WOLFSSL *ssl,
         const uint8_t* message, uint32_t messageSz,
         uint32_t macSz, uint32_t content)
 {
-    WOLFSSL_ENTER("sce_Sha256HmacVerify");
+    WOLFSSL_ENTER("fspsm_Sha256HmacVerify");
 
-    sce_hmac_sha_handle_t _handle;
-    sce_hmac_sha_wrapped_key_t wrapped_key;
+    FSPSM_HMAC_HANDLE _handle;
+    FSPSM_HMAC_WKEY wrapped_key;
     byte   myInner[WOLFSSL_TLS_HMAC_INNER_SZ];
     int ret;
 
     if ((ssl == NULL) || (message == NULL))
         return BAD_FUNC_ARG;
 
-    wrapped_key = ssl->keys.sce_server_write_MAC_secret;
+    wrapped_key = ssl->keys.fspsm_server_write_MAC_secret;
 
-    if ((ret = wc_sce_hw_lock()) != 0) {
+    if ((ret = wc_fspsm_hw_lock()) != 0) {
         WOLFSSL_MSG("hw lock failed");
         return ret;
     }
@@ -601,44 +648,45 @@ WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(const WOLFSSL *ssl,
     wolfSSL_SetTlsHmacInner((WOLFSSL*)ssl, myInner,
                                                         (word32)messageSz, (int)content, 1);
 
-    ret = R_SCE_SHA256HMAC_VerifyInit(
+    ret = FSPSM_S256HMAC_VInt(
                 &_handle,
                 &wrapped_key);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyUpdate(
+        ret = FSPSM_S256HMAC_VUp(
                 &_handle,
                 (uint8_t*)myInner,
                 WOLFSSL_TLS_HMAC_INNER_SZ);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyUpdate(
+        ret = FSPSM_S256HMAC_VUp(
                 &_handle,
                 (uint8_t*)message,
                 (uint32_t)messageSz);
 
     if (ret == FSP_SUCCESS)
-        ret = R_SCE_SHA256HMAC_VerifyFinal(
+        ret = FSPSM_S256HMAC_VFnl(
                 &_handle,
                 (uint8_t*)(message+messageSz),
                 (uint32_t)macSz);
 
     if (ret != FSP_SUCCESS) {
-        WOLFSSL_MSG("SCE Mac verification failed");
+        WOLFSSL_MSG("FSP SM Mac verification failed");
     }
 
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_Sha256HmacVerify", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_Sha256HmacVerify", ret);
     return ret;
 }
 
 /* generate Verify Data based on master secret */
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret */
-                           const uint8_t *side, const uint8_t *handshake_hash,
-                           uint8_t *hashes /* out */)
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
+                            const uint8_t *ms, /* master secret */
+                            const uint8_t *side, const uint8_t *handshake_hash,
+                            uint8_t *hashes /* out */)
 {
-    WOLFSSL_ENTER("sce_generateVerifyData");
+    WOLFSSL_ENTER("fspsm_generateVerifyData");
     int ret ;
     uint32_t l_side = SCE_TLS_GENERATE_CLIENT_VERIFY;
 
@@ -652,31 +700,33 @@ WOLFSSL_LOCAL int wc_sce_generateVerifyData(const uint8_t *ms, /* master secret
         l_side = SCE_TLS_GENERATE_SERVER_VERIFY;
     }
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_VerifyDataGenerate(l_side, (uint32_t*)ms,
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_VERIFY_DATA_FUNC(l_side, (uint32_t*)ms,
                        (uint8_t*)handshake_hash, hashes/* out */);
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_VerifyDataGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_VerifyDataGenerate failed");
         }
     }
     /* unlock hw */
-    wc_sce_hw_unlock();
-    WOLFSSL_LEAVE("sce_generateVerifyData", ret);
+    wc_fspsm_hw_unlock();
+    WOLFSSL_LEAVE("fspsm_generateVerifyData", ret);
     return ret;
 }
 
 /* generate keys for TLS communication */
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
-                User_SCEPKCbInfo* cbInfo, int devId)
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(WOLFSSL *ssl,
+                FSPSM_ST* cbInfo, int devId)
 {
-    WOLFSSL_MSG("sce_generateSessionKey()");
+    WOLFSSL_MSG("fspsm_generateSessionKey()");
     int ret;
     Ciphers *enc;
     Ciphers *dec;
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t key_client_aes;
-    sce_aes_wrapped_key_t key_server_aes;
+    FSPSM_HMAC_WKEY key_client_mac;
+    FSPSM_HMAC_WKEY key_server_mac;
+    
+    FSPSM_AES_PWKEY key_client_aes = NULL;
+    FSPSM_AES_PWKEY key_server_aes = NULL;
+
     uint32_t sceCS = GetSceCipherSuite(ssl->options.cipherSuite0,
                                          ssl->options.cipherSuite);
 
@@ -684,7 +734,7 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
       return BAD_FUNC_ARG;
 
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (sceCS == TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ||
                 sceCS == TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256)
         {
@@ -695,23 +745,31 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
 
         }
         else {
-            ret = R_SCE_TLS_SessionKeyGenerate(
+            key_client_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            key_server_aes = (FSPSM_AES_PWKEY)XMALLOC(sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+            if (key_client_aes == NULL || key_server_aes == NULL) {
+                return MEMORY_E;
+            }
+            
+            ret = FSPSM_SESSIONKEY_GEN_FUNC(
                     GetSceCipherSuite(
                         ssl->options.cipherSuite0,
                         ssl->options.cipherSuite),
-                    (uint32_t*)ssl->arrays->sce_masterSecret,
+                    (uint32_t*)ssl->arrays->fspsm_masterSecret,
                     (uint8_t*) ssl->arrays->clientRandom,
                     (uint8_t*) ssl->arrays->serverRandom,
                     NULL,
                     &key_client_mac,
                     &key_server_mac,
-                    &key_client_aes,
-                    &key_server_aes,
+                    key_client_aes,
+                    key_server_aes,
                     NULL, NULL);
         }
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_SessionKeyGenerate failed");
         }
         else {
             /* succeeded creating session keys */
@@ -726,8 +784,12 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
                     if (enc->aes == NULL)
                         return MEMORY_E;
                 }
-
                 XMEMSET(enc->aes, 0, sizeof(Aes));
+                enc->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
+                                            (sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+                if (enc->aes->ctx.wrapped_key == NULL)
+                    return MEMORY_E;
             }
             if (dec) {
                 if (dec->aes == NULL) {
@@ -739,26 +801,31 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
                         }
                         return MEMORY_E;
                     }
-                }
-
-                XMEMSET(dec->aes, 0, sizeof(Aes));
+                    XMEMSET(dec->aes, 0, sizeof(Aes));
+                    
+                    dec->aes->ctx.wrapped_key = (FSPSM_AES_PWKEY)XMALLOC
+                                            (sizeof(FSPSM_AES_WKEY),
+                                            aes->heap, DYNAMIC_TYPE_AE);
+                    if (dec->aes->ctx.wrapped_key == NULL)
+                        return MEMORY_E;
+                    }
             }
             /* copy key index into aes */
             if (ssl->options.side == PROVISION_CLIENT) {
-                XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_client_aes,
-                                                    sizeof(key_client_aes));
-                XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_server_aes,
-                                                    sizeof(key_server_aes));
+                XMEMCPY(enc->aes->ctx.wrapped_key, key_client_aes,
+                                                    sizeof(FSPSM_AES_WKEY));
+                XMEMCPY(dec->aes->ctx.wrapped_key, key_server_aes,
+                                                    sizeof(FSPSM_AES_WKEY));
             }
             else {
-                XMEMCPY(&enc->aes->ctx.sce_wrapped_key, &key_server_aes,
-                                                    sizeof(key_server_aes));
-                XMEMCPY(&dec->aes->ctx.sce_wrapped_key, &key_client_aes,
-                                                    sizeof(key_client_aes));
+                XMEMCPY(enc->aes->ctx.wrapped_key, key_server_aes,
+                                                    sizeof(FSPSM_AES_WKEY));
+                XMEMCPY(dec->aes->ctx.wrapped_key, key_client_aes,
+                                                    sizeof(FSPSM_AES_WKEY));
             }
             /* copy mac key index into keys */
-            ssl->keys.sce_client_write_MAC_secret = key_client_mac;
-            ssl->keys.sce_server_write_MAC_secret = key_server_mac;
+            ssl->keys.fspsm_client_write_MAC_secret = key_client_mac;
+            ssl->keys.fspsm_server_write_MAC_secret = key_server_mac;
 
             /* set up key size and marked ready */
             if (enc) {
@@ -775,8 +842,8 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
                 dec->setup = 1;
             }
 
-            if (cbInfo->sce_cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
-               cbInfo->sce_cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
+            if (cbInfo->cipher == SCE_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ||
+               cbInfo->cipher == SCE_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) {
                 enc->aes->nonceSz = AEAD_MAX_IMP_SZ;
                 dec->aes->nonceSz = AEAD_MAX_IMP_SZ;
              }
@@ -786,19 +853,26 @@ WOLFSSL_LOCAL int wc_sce_generateSessionKey(WOLFSSL *ssl,
             /* marked as session key is set */
             cbInfo->keyflgs_tls.bits.session_key_set = 1;
         }
+        
+        if (key_client_aes)
+            XFREE(key_client_aes, aes->heap, DYNAMIC_TYPE_AES);
+        if (key_server_aes)
+            XFREE(key_server_aes, aes->heap, DYNAMIC_TYPE_AES);
+        
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
+        
     }
     else {
         WOLFSSL_LEAVE("hw lock failed", ret);
     }
 
-    WOLFSSL_LEAVE("sce_generateSessionKey", ret);
+    WOLFSSL_LEAVE("fspsm_generateSessionKey", ret);
     return ret;
 }
 
 /* generate master secret based on pre-master which is generated by SCE */
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
         uint8_t        cipherSuiteFirst,
         uint8_t        cipherSuite,
         const uint8_t *pr, /* pre-master    */
@@ -806,7 +880,7 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
         const uint8_t *sr, /* server random */
         uint8_t *ms)
 {
-    WOLFSSL_ENTER("sce_generateMasterSecretEx");
+    WOLFSSL_ENTER("fspsm_generateMasterSecretEx");
     int ret;
 
     if ((pr == NULL) || (cr == NULL) || (sr == NULL) ||
@@ -817,49 +891,49 @@ WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
     if (sceCS == 0xffffffff)
         return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_MasterSecretGenerate(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_MASTERSECRET_GEN_FUNC(
             sceCS,
             (uint32_t*)pr,
             (uint8_t*)cr, (uint8_t*)sr, (uint32_t*)ms);
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_MasterSecretGenerate failed");
+            WOLFSSL_MSG("R_fspsm_TLS_MasterSecretGenerate failed");
         }
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_generateMasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generateMasterSecret", ret);
     return ret;
 }
 
 /* generate pre-Master secrete by SCE */
-WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
+WOLFSSL_LOCAL int wc_fspsm_generatePremasterSecret(uint8_t *premaster,
                                                         uint32_t preSz)
 {
-    WOLFSSL_ENTER("sce_generatePremasterSecret");
+    WOLFSSL_ENTER("fspsm_generatePremasterSecret");
     int ret;
 
     if (premaster == NULL)
       return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0 && preSz >=
+    if ((ret = wc_fspsm_hw_lock()) == 0 && preSz >=
                                     (SCE_TLS_MASTER_SECRET_WORD_SIZE*4)) {
             /* generate pre-master, 80 bytes */
-            ret = R_SCE_TLS_PreMasterSecretGenerateForRSA2048((uint32_t*)premaster);
+            ret = FSPSM_PREGEN_FUNC((uint32_t*)premaster);
             if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG(" R_SCE_TLS_GeneratePreMasterSecret failed");
+                WOLFSSL_MSG(" R_fspsm_TLS_GeneratePreMasterSecret failed");
             }
         /* unlock hw */
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed or preSz is smaller than 80");
     }
 
-    WOLFSSL_LEAVE("sce_generatePremasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generatePremasterSecret", ret);
     return ret;
 }
 
@@ -867,20 +941,20 @@ WOLFSSL_LOCAL int wc_sce_generatePremasterSecret(uint8_t *premaster,
 /*
 * generate encrypted pre-Master secrete by SCE
 */
-WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
+WOLFSSL_LOCAL int wc_fspsm_generateEncryptPreMasterSecret(
         WOLFSSL*    ssl,
         uint8_t*       out,
         uint32_t*     outSz)
 {
-    WOLFSSL_MSG("sce_generateEncryptPreMasterSecret");
+    WOLFSSL_MSG("fspsm_generateEncryptPreMasterSecret");
     int ret;
 
     if ((ssl == NULL) || (out == NULL) || (outSz == NULL))
       return BAD_FUNC_ARG;
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
         if (*outSz >= 256)
-            ret = R_SCE_TLS_PreMasterSecretEncryptWithRSA2048(
+            ret = FSPSM_PREGENENC_FUNC(
                         (uint32_t*)ssl->peerSceTsipEncRsaKeyIndex,
                         (uint32_t*)ssl->arrays->preMasterSecret,
                         (uint8_t*)out);
@@ -888,7 +962,7 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
             ret = -1;
 
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG("R_SCE_TLS_PreMasterSecretEncryptWithRSA2048 failed");
+            WOLFSSL_MSG("R_fspsm_TLS_PreMasterSecretEncryptWithRSA2048 failed");
         }
         else {
             *outSz = 256; /* SCE can only handles 2048 RSA */
@@ -898,26 +972,26 @@ WOLFSSL_LOCAL int wc_sce_generateEncryptPreMasterSecret(
                                                 Renesas_cmn_genMasterSecret);
             wolfSSL_SetGenMasterSecretCtx(ssl, ctx);
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
 
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_generateEncryptPreMasterSecret", ret);
+    WOLFSSL_LEAVE("fspsm_generateEncryptPreMasterSecret", ret);
     return ret;
 }
 
 
 /* Certificate verification by SCE */
-WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
         const uint8_t* cert,       uint32_t certSz,
         const uint8_t* signature,  uint32_t sigSz,
         uint32_t      key_n_start,uint32_t key_n_len,
         uint32_t      key_e_start,uint32_t key_e_len,
-        uint8_t*      sce_encPublickey)
+        uint8_t*      fspsm_encPublickey)
 {
-    WOLFSSL_ENTER("sce_tls_CertVerify");
+    WOLFSSL_ENTER("fspsm_tls_CertVerify");
     int ret;
     uint8_t *sigforSCE;
     uint8_t *pSig;
@@ -935,8 +1009,8 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
         WOLFSSL_MSG(" signature for ca verification is not set");
         return -1;
     }
-    if (!sce_encPublickey) {
-        WOLFSSL_MSG(" sce_encPublickey is NULL.");
+    if (!fspsm_encPublickey) {
+        WOLFSSL_MSG(" fspsm_encPublickey is NULL.");
         return -1;
     }
 
@@ -980,36 +1054,36 @@ WOLFSSL_LOCAL int wc_sce_tls_CertVerify(
     }
 
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_CertificateVerify(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_TLSCERT_VRY(
                 g_user_key_info.encrypted_user_tls_key_type,
                 (uint32_t*)g_encrypted_publicCA_key,/* encrypted public key  */
-                (uint8_t*)cert,                    /* certificate der        */
-                certSz,                            /* length of der          */
+                (uint8_t*)cert,                 /* certificate der        */
+                certSz,                         /* length of der          */
                 (uint8_t*)pSig,                 /* sign data by RSA PSS   */
                 key_n_start,  /* start position of public key n in bytes     */
                 (key_n_start + key_n_len),     /* length of the public key n */
                 key_e_start,                   /* start pos, key e in bytes  */
                 (key_e_start + key_e_len),     /* length of the public key e */
-                (uint32_t*)sce_encPublickey    /* returned encrypted key     */
+                (uint32_t*)fspsm_encPublickey  /* returned encrypted key     */
                 );
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG(" R_TSIP_TlsCertificateVerification() failed");
+            WOLFSSL_MSG(" R_XXX_TlsCertificateVerification() failed");
         }
         if (sigforSCE) {
           XFREE(sigforSCE, NULL, DYNAMIC_TYPE_TEMP);
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("sce_tls_CertVerify", ret);
+    WOLFSSL_LEAVE("fspsm_tls_CertVerify", ret);
     return ret;
 }
 
 /* Root Certificate verification */
-WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
+WOLFSSL_LOCAL int wc_fspsm_tls_RootCertVerify(
         const uint8_t* cert,        uint32_t cert_len,
         uint32_t      key_n_start,    uint32_t key_n_len,
         uint32_t      key_e_start,    uint32_t key_e_len,
@@ -1019,7 +1093,7 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
     /* call to generate encrypted public key for certificate verification */
     uint8_t *signature = (uint8_t*)ca_cert_sig;
 
-    WOLFSSL_ENTER("wc_sce_tls_RootCertVerify");
+    WOLFSSL_ENTER("wc_fspsm_tls_RootCertVerify");
 
     if (cert == NULL)
       return BAD_FUNC_ARG;
@@ -1029,8 +1103,8 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
         return -1;
     }
 
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        ret = R_SCE_TLS_RootCertificateVerify(
+    if ((ret = wc_fspsm_hw_lock()) == 0) {
+        ret = FSPSM_TLSROOTCERT_VRY(
                 g_user_key_info.encrypted_user_tls_key_type,
                 (uint8_t*)cert,             /* CA cert */
                 (uint32_t)cert_len,         /* length of CA cert */
@@ -1042,55 +1116,63 @@ WOLFSSL_LOCAL int wc_sce_tls_RootCertVerify(
                 g_encrypted_publicCA_key);  /* RSA-2048 public key 560 bytes */
                                             /* ECDSA 96 bytes */
         if (ret != FSP_SUCCESS) {
-            WOLFSSL_MSG(" R_SCE_TLS_RootCertificateVerify() failed");
+            WOLFSSL_MSG(" R_fspsm_TLS_RootCertificateVerify() failed");
         }
         else {
             g_CAscm_Idx = cm_row;
         }
-        wc_sce_hw_unlock();
+        wc_fspsm_hw_unlock();
     }
     else {
         WOLFSSL_MSG(" hw lock failed ");
     }
-    WOLFSSL_LEAVE("wc_sce_tls_RootCertVerify", ret);
+    WOLFSSL_LEAVE("wc_fspsm_tls_RootCertVerify", ret);
     return ret;
 }
 
 /*  store elements for session key generation into ssl->keys.
  *  return 0 on success, negative value on failure
  */
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(WOLFSSL* ssl, User_SCEPKCbInfo* info)
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(WOLFSSL* ssl, FSPSM_ST* info)
 {
     int ret = 0;
 
-    WOLFSSL_ENTER("sce_storeKeyCtx");
+    WOLFSSL_ENTER("fspsm_storeKeyCtx");
 
     if (ssl == NULL || info == NULL)
         ret = BAD_FUNC_ARG;
 
     if (ret == 0) {
-        XMEMCPY(info->sce_masterSecret, ssl->arrays->sce_masterSecret,
-                                                SCE_TLS_MASTERSECRET_SIZE);
-        XMEMCPY(info->sce_clientRandom, ssl->arrays->clientRandom, 32);
-        XMEMCPY(info->sce_serverRandom, ssl->arrays->serverRandom, 32);
+        XMEMCPY(info->masterSecret, ssl->arrays->fspsm_masterSecret,
+                                                FSPSM_TLS_MASTERSECRET_SIZE);
+        XMEMCPY(info->clientRandom, ssl->arrays->clientRandom, 32);
+        XMEMCPY(info->serverRandom, ssl->arrays->serverRandom, 32);
 
-        info->sce_cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
+        info->cipher = (uint8_t)GetSceCipherSuite(ssl->options.cipherSuite0,
                                ssl->options.cipherSuite);
     }
-    WOLFSSL_LEAVE("sce_storeKeyCtx", ret);
+    WOLFSSL_LEAVE("fspsm_storeKeyCtx", ret);
     return ret;
 }
 
 /* to inform ca certificate sign */
 /* signature format expects RSA 2048 PSS with SHA256 */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign)
+#else
+WOLFSSL_API void wc_fspsm_inform_cert_sign(const uint8_t *sign)
+#endif
 {
     if (sign)
         ca_cert_sig = sign;
 }
 
 /* let wolfSSL know user key information using TLS operation by SCE */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_inform_user_keys(
+#else
+WOLFSSL_API void wc_fspsm_inform_user_keys(
+#endif
     uint8_t* encrypted_provisioning_key,
     uint8_t* iv,
     uint8_t* encrypted_user_tls_key,
@@ -1119,7 +1201,11 @@ WOLFSSL_API void wc_sce_inform_user_keys(
 
 
 /* Set callbacks needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
+#else
+WOLFSSL_API void wc_fspsm_set_callbacks(WOLFSSL_CTX* ctx)
+#endif
 {
     wolfSSL_CTX_SetEccVerifyCb(ctx, Renesas_cmn_EccVerify);
     wolfSSL_CTX_SetRsaVerifyCb(ctx, Renesas_cmn_RsaVerify);
@@ -1131,15 +1217,20 @@ WOLFSSL_API void wc_sce_set_callbacks(WOLFSSL_CTX* ctx)
     wolfSSL_CTX_SetEccSharedSecretCb(ctx, NULL);
 }
 /* Set callback contexts needed for sce TLS api handling */
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
 WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#else
+WOLFSSL_API int wc_fspsm_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
+#endif
 {
-    if (sce_sess_idx > MAX_SCE_CBINDEX) {
+    if (fspsm_sess_idx > MAX_FSPSM_CBINDEX) {
         WOLFSSL_MSG("exceeds maximum session index");
         return -1;
     }
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx] = (User_SCEPKCbInfo*)user_ctx;
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
-    gSCE_PKCbInfo.user_PKCbInfo[sce_sess_idx]->keyflgs_tls.bits.session_key_set = 0;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx] = (FSPSM_ST*)user_ctx;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.pk_key_set = 0;
+    gPKCbInfo.user_PKCbInfo[fspsm_sess_idx]->keyflgs_tls.bits.session_key_set
+                                                                            = 0;
 
     wolfSSL_SetEccVerifyCtx(ssl, user_ctx);
     wolfSSL_SetRsaEncCtx(ssl, user_ctx);
@@ -1151,10 +1242,11 @@ WOLFSSL_API int wc_sce_set_callback_ctx(WOLFSSL* ssl, void* user_ctx)
     /* set up crypt callback */
     wc_CryptoCb_CryptInitRenesasCmn(ssl, user_ctx);
 
-    gSCE_PKCbInfo.num_session = ++sce_sess_idx;
+    gPKCbInfo.num_session = ++fspsm_sess_idx;
 
     return 0;
 }
-#endif /*  !WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /*  !WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
 
-#endif /* WOLFSSL_RENESAS_SCEPROTECT || WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_FSPSM_TLS || WOLFSSL_RENESAS_FSPSM_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_FSPSM) &&  WOLFSSL_RENESAS_FSPSM_TLS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c
deleted file mode 100644
index adad4d5d..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_aes.c
+++ /dev/null
@@ -1,589 +0,0 @@
-/* renesas_sce_aes.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-
-#ifdef HAVE_CONFIG_H
-    #include <config.h>
-#endif
-#include <wolfssl/wolfcrypt/settings.h>
-
-#ifndef NO_AES
-
-#if (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-     defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_AES)
-
-#include <wolfssl/wolfcrypt/wc_port.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/internal.h>
-#include <wolfssl/wolfcrypt/aes.h>
-#include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
-
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
-#endif
-
-struct Aes;
-
-#define SCE_AES_GCM_AUTH_TAG_SIZE  16
-
-typedef fsp_err_t (*aesGcmEncInitFn)
-        (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmEncUpdateFn)
-        (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmEncFinalFn)
-        (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*);
-
-typedef fsp_err_t (*aesGcmDecInitFn)
-        (sce_gcm_handle_t*, sce_aes_wrapped_key_t*, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmDecUpdateFn)
-        (sce_gcm_handle_t*,uint8_t*, uint8_t*, uint32_t, uint8_t*, uint32_t);
-typedef fsp_err_t (*aesGcmDecFinalFn)
-        (sce_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
-
-/* Perform Aes Gcm encryption by SCE
- *
- * aes    The AES object.
- * out    Buffer to hold cipher text
- * in     Buffer to hold plaintext
- * sz     Length of cipher text/plaintext in bytes
- * iv     Buffer holding IV/nonce
- * ivSz   Length of IV/nonce in bytes
- * authTag Buffer to hold authentication data
- * authTagSz Length of authentication data in bytes
- * ctx    The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
-                              const byte* in, word32 sz,
-                              byte* iv, word32 ivSz,
-                              byte* authTag, word32 authTagSz,
-                              const byte* authIn, word32 authInSz,
-                              void* ctx)
-{
-    int ret;
-    sce_gcm_handle_t    _handle;
-    uint32_t            dataLen = sz;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
-
-    aesGcmEncInitFn     initFn;
-    aesGcmEncUpdateFn   updateFn;
-    aesGcmEncFinalFn    finalFn;
-
-    uint8_t* plainBuf  = NULL;
-    uint8_t* cipherBuf = NULL;
-    uint8_t* aTagBuf   = NULL;
-    uint8_t  delta;
-    const uint8_t* iv_l = NULL;
-    uint32_t ivSz_l = 0;
-
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t      key_client_aes;
-    sce_aes_wrapped_key_t      key_server_aes;
-
-    /* sanity check */
-    if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
-        return BAD_FUNC_ARG;
-    }
-
-    if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
-        WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
-        return BAD_FUNC_ARG;
-    }
-
-    if (aes->ctx.keySize == 16) {
-        initFn   = R_SCE_AES128GCM_EncryptInit;
-        updateFn = R_SCE_AES128GCM_EncryptUpdate;
-        finalFn  = R_SCE_AES128GCM_EncryptFinal;
-    }
-    else {
-        initFn   = R_SCE_AES256GCM_EncryptInit;
-        updateFn = R_SCE_AES256GCM_EncryptUpdate;
-        finalFn  = R_SCE_AES256GCM_EncryptFinal;
-    }
-
-
-    /* check if AES GCM can be used by SCE */
-    if ((ret = wc_sce_hw_lock()) == 0) {
-
-        /* allocate buffers for plaintext, ciphertext and authTag to make sure
-         * those buffers 32bit aligned as SCE requests.
-         */
-         delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
-                             AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE);
-        plainBuf  = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
-        cipherBuf = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
-        aTagBuf   = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
-                                                        DYNAMIC_TYPE_AES);
-
-        if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
-            WOLFSSL_MSG("wc_sce_AesGcmEncrypt: buffer allocation failed");
-            ret = -1;
-        }
-
-        if (ret == 0) {
-            XMEMCPY(plainBuf, in, sz);
-            XMEMSET((void*)cipherBuf, 0, sz + delta);
-            XMEMSET((void*)authTag,   0, authTagSz);
-        }
-        
-      #if defined(WOLFSSL_RENESAS_SCEPROTECT)
-       if (ret == 0 &&
-           info->keyflgs_tls.bits.session_key_set == 1) {
-            /* generate AES-GCM session key. The key stored in
-             * Aes.ctx.tsip_keyIdx is not used here.
-             */
-            ret = R_SCE_TLS_SessionKeyGenerate(
-                    info->sce_cipher,
-                    (uint32_t*)info->sce_masterSecret,
-                    (uint8_t*) info->sce_clientRandom,
-                    (uint8_t*) info->sce_serverRandom,
-                    &iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
-                    &key_client_mac,
-                    &key_server_mac,
-                    &key_client_aes,
-                    &key_server_aes,
-                    NULL, NULL);
-            if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
-                ret = -1;
-            }
-
-        }
-        else {
-       #else
-        if (ret == 0) {
-       #endif
-            if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
-                info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
-                if (aes->ctx.keySize == 32) {
-                    XMEMCPY(&key_client_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
-                }
-                else {
-                    XMEMCPY(&key_client_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
-                        sizeof(sce_aes_wrapped_key_t));
-                }
-                iv_l = iv;
-                ivSz_l = ivSz;
-            }
-            else {
-                WOLFSSL_MSG("AES key for SCE is not set.");
-                ret = -1;
-            }
-        }
-
-        if (ret == 0) {
-
-            /* since generated session key is coupled to iv, no need to pass
-             * them init func.
-             */
-            ret = initFn(&_handle, &key_client_aes, (uint8_t*)iv_l, ivSz_l);
-
-            if (ret == FSP_SUCCESS) {
-                ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
-                                                                    authInSz);
-            }
-            if (ret == FSP_SUCCESS) {
-                ret = updateFn(&_handle, plainBuf, cipherBuf, sz, NULL, 0UL);
-            }
-            if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_AesXXXGcmEncryptUpdate2: failed");
-                ret = -1;
-            }
-
-            if (ret == FSP_SUCCESS) {
-                /* Once R_SCE_AesxxxGcmEncryptInit or R_SCE_AesxxxEncryptUpdate is
-                * called, R_SCE_AesxxxGcmEncryptFinal must be called regardless of
-                * the result of the previous call. Otherwise, SCE can not come out
-                * from its error state and all the trailing APIs will fail.
-                */
-                dataLen = 0;
-                ret = finalFn(&_handle,
-                           cipherBuf + (sz + delta - AES_BLOCK_SIZE),
-                              &dataLen,
-                              aTagBuf);
-
-                if (ret == FSP_SUCCESS) {
-                   /* copy encrypted data to out */
-                    if (sz != dataLen) {
-                        WOLFSSL_MSG("sz is not equal to dataLen!!!!");
-                        ret = -1;
-                    } else {
-                        XMEMCPY(out, cipherBuf, dataLen);
-                        /* copy auth tag to caller's buffer */
-                        XMEMCPY((void*)authTag, (void*)aTagBuf,
-                                    min(authTagSz, SCE_AES_GCM_AUTH_TAG_SIZE ));
-                    }
-                }
-                else {
-                    WOLFSSL_MSG("R_SCE_AesxxxGcmEncryptFinal: failed");
-                    ret = -1;
-                }
-            }
-        }
-
-        XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
-        XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
-        XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
-
-        wc_sce_hw_unlock();
-
-    }
-
-    return ret;
-}
-/* Perform Aes Gcm decryption by SCE
- *
- * aes    The AES object.
- * out    Buffer to hold plaintext
- * in     Buffer to hold cipher text
- * sz     Length of cipher text/plaintext in bytes
- * iv     Buffer holding IV/nonce
- * ivSz   Length of IV/nonce in bytes
- * authTag Buffer to hold authentication data
- * authTagSz Length of authentication data in bytes
- * ctx    The Callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
-                          const byte* in, word32 sz,
-                          const byte* iv, word32 ivSz,
-                          const byte* authTag, word32 authTagSz,
-                          const byte* authIn, word32 authInSz,
-                          void* ctx)
-{
-    int ret;
-    sce_gcm_handle_t _handle;
-    uint32_t            dataLen = sz;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
-
-    aesGcmDecInitFn     initFn;
-    aesGcmDecUpdateFn   updateFn;
-    aesGcmDecFinalFn    finalFn;
-
-    uint8_t* cipherBuf = NULL;
-    uint8_t* plainBuf  = NULL;
-    uint8_t* aTagBuf = NULL;
-    uint8_t  delta;
-    const uint8_t* iv_l = NULL;
-    uint32_t ivSz_l = 0;
-
-    sce_hmac_sha_wrapped_key_t key_client_mac;
-    sce_hmac_sha_wrapped_key_t key_server_mac;
-    sce_aes_wrapped_key_t      key_client_aes;
-    sce_aes_wrapped_key_t      key_server_aes;
-
-    /* sanity check */
-    if (aes == NULL || authTagSz > AES_BLOCK_SIZE || ivSz == 0 || ctx == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) {
-        WOLFSSL_MSG("GcmEncrypt authTagSz too small error");
-        return BAD_FUNC_ARG;
-    }
-
-    if (aes->ctx.keySize != 16 && aes->ctx.keySize != 32) {
-        WOLFSSL_MSG("keySize is invalid, neither 16 or 32.");
-        return BAD_FUNC_ARG;
-    }
-
-    if (aes->ctx.keySize == 16) {
-        initFn   = R_SCE_AES128GCM_DecryptInit;
-        updateFn = R_SCE_AES128GCM_DecryptUpdate;
-        finalFn  = R_SCE_AES128GCM_DecryptFinal;
-    }
-    else {
-        initFn   = R_SCE_AES256GCM_DecryptInit;
-        updateFn = R_SCE_AES256GCM_DecryptUpdate;
-        finalFn  = R_SCE_AES256GCM_DecryptFinal;
-    }
-
-
-    if ((ret = wc_sce_hw_lock()) == 0) {
-       /* allocate buffers for plain-text, cipher-text, authTag and AAD.
-         * TSIP requests those buffers 32bit aligned.
-         */
-         delta = ((sz % AES_BLOCK_SIZE) == 0) ? 0 :
-                                      AES_BLOCK_SIZE - (sz % AES_BLOCK_SIZE);
-        cipherBuf = XMALLOC(sz, aes->heap, DYNAMIC_TYPE_AES);
-        plainBuf  = XMALLOC(sz + delta, aes->heap, DYNAMIC_TYPE_AES);
-        aTagBuf   = XMALLOC(SCE_AES_GCM_AUTH_TAG_SIZE, aes->heap,
-                                                        DYNAMIC_TYPE_AES);
-
-        if (plainBuf == NULL || cipherBuf == NULL || aTagBuf == NULL) {
-            ret = -1;
-        }
-
-        if (ret == 0) {
-            XMEMSET((void*)plainBuf,  0, sz);
-            XMEMCPY(cipherBuf, in, sz);
-            XMEMCPY(aTagBuf, authTag, authTagSz);
-        }
-       #if defined(WOLFSSL_RENESAS_SCEPROTECT)
-        if (ret == 0 &&
-            info->keyflgs_tls.bits.session_key_set == 1) {
-            /* generate AES-GCM session key. The key stored in
-             * Aes.ctx.tsip_keyIdx is not used here.
-             */
-            ret = R_SCE_TLS_SessionKeyGenerate(
-                    info->sce_cipher,
-                    (uint32_t*)info->sce_masterSecret,
-                    (uint8_t*) info->sce_clientRandom,
-                    (uint8_t*) info->sce_serverRandom,
-                    (uint8_t*)&iv[AESGCM_IMP_IV_SZ], /* use exp_IV */
-                    &key_client_mac,
-                    &key_server_mac,
-                    &key_client_aes,
-                    &key_server_aes,
-                    NULL, NULL);
-            if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_TLS_SessionKeyGenerate failed");
-                ret = -1;
-            }
-        }
-        else {
-       #else
-        if (ret == 0) {
-       #endif
-            if (info->keyflgs_crypt.bits.aes256_installedkey_set == 1 ||
-                info->keyflgs_crypt.bits.aes128_installedkey_set == 1) {
-                if (aes->ctx.keySize == 32) {
-                    XMEMCPY(&key_server_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes256,
-                        sizeof(sce_aes_wrapped_key_t));
-                }
-                else {
-                    XMEMCPY(&key_server_aes, 
-                        (sce_aes_wrapped_key_t*)info->sce_wrapped_key_aes128,
-                        sizeof(sce_aes_wrapped_key_t));
-                }
-                iv_l = iv;
-                ivSz_l = ivSz;
-            }
-            else {
-                WOLFSSL_MSG("AES key for SCE is not set.");
-                ret = -1;
-            }
-        }
-        
-        if (ret == 0) {
-            /* since key_index has iv and ivSz in it, no need to pass them init
-             * func. Pass NULL and 0 as 3rd and 4th parameter respectively.
-             */
-             ret = initFn(&_handle, &key_server_aes, (uint8_t*)iv_l, ivSz_l);
-
-
-            if (ret == FSP_SUCCESS) {
-                /* pass only AAD and it's size before passing cipher text */
-                ret = updateFn(&_handle, NULL, NULL, 0UL, (uint8_t*)authIn,
-                                                                    authInSz);
-            }
-            if (ret == FSP_SUCCESS) {
-                ret = updateFn(&_handle, cipherBuf, plainBuf, sz, NULL, 0UL);
-            }
-            if (ret != FSP_SUCCESS) {
-                WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptUpdate: failed in decrypt");
-                ret = -1;
-            }
-
-            if (ret == FSP_SUCCESS) {
-                dataLen = 0;
-                ret = finalFn(&_handle,
-                                  plainBuf + (sz + delta - AES_BLOCK_SIZE),
-                            &dataLen,
-                            aTagBuf,
-                            min(16, authTagSz));
-
-                if (ret == FSP_SUCCESS) {
-                    /* copy plain data to out */
-                    if (sz != dataLen) {
-                        WOLFSSL_MSG("sz is not equal to dataLen!!!!");
-                        ret = -1;
-                    }
-                    else {
-                        XMEMCPY(out, plainBuf, dataLen);
-                    }
-                }
-                else {
-                    WOLFSSL_MSG("R_SCE_AesXXXGcmDecryptFinal: failed");
-                    ret = -1;
-                }
-            }
-        }
-
-        XFREE(aTagBuf,   aes->heap, DYNAMIC_TYPE_AES);
-        XFREE(plainBuf,  aes->heap, DYNAMIC_TYPE_AES);
-        XFREE(cipherBuf, aes->heap, DYNAMIC_TYPE_AES);
-
-        wc_sce_hw_unlock();
-    }
-
-    return ret;
-}
-/* Perform Aes Cbc encryption by SCE
- *
- * aes    The AES object.
- * out    Buffer to hold cipher text
- * in     Buffer to hold plain text
- * sz     Length of cipher text/plaintext in bytes
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out,
-                                                const byte* in, word32 sz)
-{
-    sce_aes_handle_t _handle;
-    word32 ret;
-    word32 blocks = (sz / AES_BLOCK_SIZE);
-    uint32_t dataLength;
-    byte *iv;
-
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-      return BAD_FUNC_ARG;
-
-    /* while doing TLS handshake, SCE driver keeps true-key and iv *
-     * on the device. iv is dummy                                   */
-    iv = (uint8_t*)aes->reg;
-
-    if ((ret = wc_sce_hw_lock()) != 0) {
-        WOLFSSL_MSG("Failed to lock");
-        return ret;
-    }
-
-    if (aes->ctx.keySize == 16) {
-        ret = R_SCE_AES128CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
-    }
-    else if (aes->ctx.keySize == 32) {
-        ret = R_SCE_AES256CBC_EncryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
-    }
-    else {
-        WOLFSSL_MSG("invalid key Size for SCE. Key size is neither 16 or 32.");
-        wc_sce_hw_unlock();
-        return -1;
-    }
-
-    while (ret == FSP_SUCCESS && blocks--) {
-
-        if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_EncryptUpdate(&_handle, (uint8_t*)in,
-                                    (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-        else
-            ret = R_SCE_AES256CBC_EncryptUpdate(&_handle, (uint8_t*)in,
-                                    (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-
-        in  += AES_BLOCK_SIZE;
-        out += AES_BLOCK_SIZE;
-    }
-
-    if (ret == FSP_SUCCESS) {
-        if (aes->ctx.keySize == 16) {
-            ret = R_SCE_AES128CBC_EncryptFinal(&_handle, out, &dataLength);
-        }
-        else {
-            ret = R_SCE_AES256CBC_EncryptFinal(&_handle, out, &dataLength);
-        }
-    }
-    else {
-        WOLFSSL_MSG("SCE AES CBC encryption failed");
-        ret = -1;
-    }
-
-    wc_sce_hw_unlock();
-    return ret;
-}
-/* Perform Aes Cbc decryption by SCE
- *
- * aes    The AES object.
- * out    Buffer to hold plain text
- * in     Buffer to hold cipher text
- * sz     Length of cipher text/plaintext in bytes
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz)
-{
-    sce_aes_handle_t _handle;
-    word32 ret;
-    word32 blocks = (sz / AES_BLOCK_SIZE);
-    uint32_t dataLength;
-    byte *iv;
-
-    if ((in == NULL) || (out == NULL) || (aes == NULL))
-      return BAD_FUNC_ARG;
-
-    iv = (uint8_t*)aes->reg;
-
-    if ((ret = wc_sce_hw_lock()) != 0) {
-        WOLFSSL_MSG("Failed to lock");
-        return ret;
-    }
-
-    if (aes->ctx.keySize == 16) {
-        ret = R_SCE_AES128CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
-    }
-    else if (aes->ctx.keySize == 32) {
-        ret = R_SCE_AES256CBC_DecryptInit(&_handle, &aes->ctx.sce_wrapped_key, iv);
-    }
-    else {
-        wc_sce_hw_unlock();
-        return -1;
-    }
-
-    while (ret == FSP_SUCCESS && blocks--) {
-
-        if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_DecryptUpdate(&_handle, (uint8_t*)in,
-                                        (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-        else
-            ret = R_SCE_AES256CBC_DecryptUpdate(&_handle, (uint8_t*)in,
-                                        (uint8_t*)out, (uint32_t)AES_BLOCK_SIZE);
-
-        in  += AES_BLOCK_SIZE;
-        out += AES_BLOCK_SIZE;
-    }
-
-    if (ret == FSP_SUCCESS) {
-        if (aes->ctx.keySize == 16)
-            ret = R_SCE_AES128CBC_DecryptFinal(&_handle, out, &dataLength);
-        else
-            ret = R_SCE_AES256CBC_DecryptFinal(&_handle, out, &dataLength);
-    }
-    else {
-        WOLFSSL_MSG("SCE AES CBC decryption failed");
-        ret = -1;
-    }
-
-    wc_sce_hw_unlock();
-    return ret;
-}
-
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
-#endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c
deleted file mode 100644
index e866556a..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_rsa.c
+++ /dev/null
@@ -1,437 +0,0 @@
-/* renesas_sce_rsa.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
- 
-#if !defined(NO_RSA) && \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_CONFIG_H
-    #include <config.h>
-#endif
-
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/rsa.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-
-/* Make Rsa key for SCE and set it to callback ctx
- * Assumes to be called by Crypt Callback
- *
- * size   desired keylenth, in bits. supports 1024 or 2048 bits
- * ctx    Callback context including pointer to hold generated key
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_MakeRsaKey(int size, void* ctx)
-{
-    fsp_err_t        ret;
-    User_SCEPKCbInfo *info = (User_SCEPKCbInfo*)ctx;
-
-    sce_rsa1024_wrapped_pair_key_t *wrapped_pair1024_key = NULL;
-    sce_rsa2048_wrapped_pair_key_t *wrapped_pair2048_key = NULL;
-
-    /* sanity check */
-    if (ctx == NULL)
-        return BAD_FUNC_ARG;
-    
-
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        if (size == 1024) {
-            wrapped_pair1024_key = 
-            (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
-                sizeof(sce_rsa1024_wrapped_pair_key_t), NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-            if (wrapped_pair1024_key == NULL)
-                return MEMORY_E;
-                
-            ret = R_SCE_RSA1024_WrappedKeyPairGenerate(wrapped_pair1024_key);
-        }
-        else if (size == 2048) {
-            wrapped_pair2048_key = 
-            (sce_rsa1024_wrapped_pair_key_t*)XMALLOC(
-                sizeof(sce_rsa2048_wrapped_pair_key_t), NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-            if (wrapped_pair2048_key == NULL)
-                return MEMORY_E;
-                
-            ret = R_SCE_RSA2048_WrappedKeyPairGenerate(wrapped_pair2048_key);
-        }
-        else
-            return CRYPTOCB_UNAVAILABLE;
-            
-        if (ret == FSP_SUCCESS) {
-            if (size == 1024) {
-                if (info->sce_wrapped_key_rsapri1024 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapri1024, NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-                }
-                if (info->sce_wrapped_key_rsapub1024 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapub1024, NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-                }
-                info->sce_wrapped_key_rsapri1024 = 
-                (sce_rsa1024_private_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa1024_private_wrapped_key_t), NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-                    
-                if (info->sce_wrapped_key_rsapri1024 == NULL) {
-                    XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    return MEMORY_E;
-                }
-                
-                info->sce_wrapped_key_rsapub1024 =
-                (sce_rsa1024_public_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa1024_public_wrapped_key_t), NULL, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-                    
-                if (info->sce_wrapped_key_rsapub1024 == NULL) {
-                    XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->sce_wrapped_key_rsapub1024, 0, 
-                                                DYNAMIC_TYPE_RSA_BUFFER);
-                    return MEMORY_E;
-                }
-                /* copy generated key pair and free malloced key */
-                XMEMCPY(info->sce_wrapped_key_rsapri1024, 
-                                    &wrapped_pair1024_key->priv_key,
-                                    sizeof(sce_rsa1024_private_wrapped_key_t));
-                XMEMCPY(info->sce_wrapped_key_rsapub1024, 
-                                    &wrapped_pair1024_key->pub_key,
-                                    sizeof(sce_rsa1024_public_wrapped_key_t));
-                XFREE(wrapped_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                
-                info->keyflgs_crypt.bits.rsapri1024_installedkey_set = 1;
-                info->keyflgs_crypt.bits.rsapub1024_installedkey_set = 1;
-            }
-            else if (size == 2048) {
-                if (info->sce_wrapped_key_rsapri2048 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapri2048, NULL, 
-                                    DYNAMIC_TYPE_RSA_BUFFER);
-                }
-                if (info->sce_wrapped_key_rsapub2048 != NULL) {
-                    XFREE(info->sce_wrapped_key_rsapub2048, NULL, 
-                                    DYNAMIC_TYPE_RSA_BUFFER);
-                }
-                info->sce_wrapped_key_rsapri2048 = 
-                (sce_rsa2048_private_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa2048_private_wrapped_key_t), NULL, 
-                                    DYNAMIC_TYPE_RSA_BUFFER);
-                    
-                if (info->sce_wrapped_key_rsapri2048 == NULL) {
-                    XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    return MEMORY_E;
-                }
-                
-                info->sce_wrapped_key_rsapub2048 =
-                (sce_rsa2048_public_wrapped_key_t*)XMALLOC(
-                    sizeof(sce_rsa2048_public_wrapped_key_t), NULL, 
-                                    DYNAMIC_TYPE_RSA_BUFFER);
-                    
-                if (info->sce_wrapped_key_rsapub2048 == NULL) {
-                    XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                    XFREE(info->sce_wrapped_key_rsapub1024, 0, 
-                                    DYNAMIC_TYPE_RSA_BUFFER);
-                    return MEMORY_E;
-                }
-                /* copy generated key pair and free malloced key */
-                XMEMCPY(info->sce_wrapped_key_rsapri2048, 
-                            &wrapped_pair2048_key->priv_key,
-                            sizeof(sce_rsa2048_private_wrapped_key_t));
-                XMEMCPY(info->sce_wrapped_key_rsapub2048, 
-                            &wrapped_pair2048_key->pub_key,
-                            sizeof(sce_rsa2048_public_wrapped_key_t));
-                XFREE(wrapped_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
-                
-                info->keyflgs_crypt.bits.rsapri2048_installedkey_set = 1;
-                info->keyflgs_crypt.bits.rsapub2048_installedkey_set = 1;
-                
-            }
-        }
-        else {
-            WOLFSSL_MSG("Failed to generate key pair by SCE");
-            return CRYPTOCB_UNAVAILABLE;
-        }
-        
-        wc_sce_hw_unlock();
-    }
-}
-
-/* Perform rsa encryption/decryption by SCE
- * Assumes to be called by Crypt Callback
- *
- * in     Buffer to hold plain text
- * inLen  Length of plain text in bytes
- * out    Buffer to hold cipher text
- * outLen Length of cipher in bytes
- * key    Rsa key object
- * rng    rng object
- * ctx    Callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
-WOLFSSL_LOCAL int wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
-                    word32 outLen, int type, struct RsaKey* key, 
-                    struct WC_RNG* rng, void* ctx)
-{
-    int ret;
-    
-    sce_rsa_byte_data_t plain;
-    sce_rsa_byte_data_t cipher;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
-    
-    int keySize;
-    
-    (void) key;
-    (void) rng;
-    
-    /* sanity check */
-    if (in == NULL || out == NULL || outLen == NULL ||
-                                            ctx == NULL){
-        return BAD_FUNC_ARG;
-    }
-    
-    keySize = 0;
-    if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
-        info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
-        keySize = 2048;
-    else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
-             info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
-        keySize = 1024;
-    
-    if (keySize == 0) {
-        WOLFSSL_MSG("keySize is invalid, neither 128 or 256 bytes, "
-                                                        "1024 or 2048 bits.");
-        return BAD_FUNC_ARG;
-    }
-    
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        if (type == RSA_PUBLIC_ENCRYPT) {
-            
-            plain.pdata = (byte*)in;
-            plain.data_length = inLen;
-            cipher.pdata = out;
-            cipher.data_length = outLen;
-
-            if (keySize == 1024) {
-                if(info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS1024_Encrypt(&plain, &cipher,
-                        (sce_rsa1024_public_wrapped_key_t*)
-                            info->sce_wrapped_key_rsapub1024);
-                else {
-                    WOLFSSL_MSG("wrapped public 1024 bits key is not set.");
-                    return BAD_FUNC_ARG;
-                }
-            }
-            else {
-                if(info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS2048_Encrypt(&plain, &cipher,
-                            (sce_rsa2048_public_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapub2048);
-                else {
-                    WOLFSSL_MSG("wrapped public 2048 bits key is not set.");
-                    return BAD_FUNC_ARG;
-                }
-            }
-        }
-        else if (type == RSA_PRIVATE_DECRYPT) {
-            plain.pdata = out;
-            plain.data_length = outLen;
-            cipher.pdata = (byte*)in;
-            cipher.data_length = inLen;
-            
-            if (keySize == 1024) {
-                if(info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS1024_Decrypt(&cipher, &plain,
-                            (sce_rsa1024_private_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapri1024);
-                else {
-                    WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
-                    return BAD_FUNC_ARG;
-                }
-            }
-            else {
-                if(info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1)
-                    ret = R_SCE_RSAES_PKCS2048_Decrypt(&cipher, &plain,
-                            (sce_rsa2048_private_wrapped_key_t*)
-                                info->sce_wrapped_key_rsapri2048);
-                else {
-                    WOLFSSL_MSG("wrapped private 2048 bits key is not set.");
-                    return BAD_FUNC_ARG;
-                }
-            }
-        }
-        
-        wc_sce_hw_unlock();
-    }
-    return ret;
-}
-
-/* Perform Rsa sign by SCE
- * Assumes to be called by Crypt Callback
- * 
- * in     Buffer to hold plaintext
- * inLen  Length of plaintext in bytes
- * out    Buffer to hold generated signature
- * outLen Length of signature in bytes
- * key    rsa key object
- * ctx    The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
- 
-WOLFSSL_LOCAL int wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
-                    word32* outLen, struct RsaKey* key, void* ctx)
-{
-    int ret;
-    
-    sce_rsa_byte_data_t message_hash;
-    sce_rsa_byte_data_t signature;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
-    int keySize;
-    
-    (void) key;
-    
-    /* sanity check */
-    if (in == NULL || out == NULL || outLen == NULL ||
-                                key == NULL || ctx == NULL){
-        return BAD_FUNC_ARG;
-    }
-    
-    keySize = 0;
-    if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
-        info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
-        keySize = 2048;
-    else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
-             info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
-        keySize = 1024;
-        
-    if (keySize == 0) {
-        WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
-        return BAD_FUNC_ARG;
-    }
-    
-    message_hash.pdata = in;
-    message_hash.data_length = inLen;
-    message_hash.data_type = 
-            info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
-    signature.pdata = out;
-    signature.data_length = outLen;
-    
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        if (keySize == 1024) {
-            
-            ret = R_SCE_RSASSA_PKCS1024_SignatureGenerate(&message_hash, 
-                        &signature,
-                        (sce_rsa1024_private_wrapped_key_t *)
-                                    info->sce_wrapped_key_rsapri1024,
-                        HW_SCE_RSA_HASH_SHA256);
-        }
-        else {
-            
-            ret = R_SCE_RSASSA_PKCS2048_SignatureGenerate(&message_hash, 
-                        &signature,
-                        (sce_rsa2048_private_wrapped_key_t *)
-                                    info->sce_wrapped_key_rsapri2048,
-                        HW_SCE_RSA_HASH_SHA256);
-        }
-        
-        wc_sce_hw_unlock();
-    }
-    
-    return ret;
-}
-
-/* Perform Rsa verify by SCE
- * Assumes to be called by Crypt Callback
- * 
- * in     Buffer to hold plaintext
- * inLen  Length of plaintext in bytes
- * out    Buffer to hold generated signature
- * outLen Length of signature in bytes
- * key    rsa key object
- * ctx    The callback context
- * return FSP_SUCCESS(0) on Success, otherwise negative value
- */
- 
-WOLFSSL_LOCAL int wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
-                    word32* outLen,struct RsaKey* key, void* ctx)
-{
-    int ret;
-    
-    sce_rsa_byte_data_t message_hash;
-    sce_rsa_byte_data_t signature;
-    User_SCEPKCbInfo    *info = (User_SCEPKCbInfo*)ctx;
-    int keySize;
-    
-    (void) key;
-    
-    /* sanity check */
-    if (in == NULL || out == NULL || outLen == NULL ||
-                                key == NULL || ctx == NULL){
-        return BAD_FUNC_ARG;
-    }
-    
-    keySize = 0;
-    if (info->keyflgs_crypt.bits.rsapri2048_installedkey_set == 1 ||
-        info->keyflgs_crypt.bits.rsapub2048_installedkey_set == 1 )
-        keySize = 2048;
-    else if (info->keyflgs_crypt.bits.rsapri1024_installedkey_set == 1 ||
-             info->keyflgs_crypt.bits.rsapub1024_installedkey_set == 1 )
-        keySize = 1024;
-        
-    if (keySize == 0) {
-        WOLFSSL_MSG("keySize is invalid, neither 1024 or 2048 bits.");
-        return BAD_FUNC_ARG;
-    }
-    
-    
-    message_hash.pdata = in;
-    message_hash.data_length = inLen;
-    message_hash.data_type = 
-            info->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
-    
-    signature.pdata = out;
-    signature.data_length = outLen;
-    
-    if ((ret = wc_sce_hw_lock()) == 0) {
-        if (keySize == 1024) {
-            
-            ret = R_SCE_RSASSA_PKCS1024_SignatureVerify(&signature,
-                  &message_hash,
-                  (sce_rsa1024_public_wrapped_key_t *)
-                        info->sce_wrapped_key_rsapub1024,
-                  HW_SCE_RSA_HASH_SHA256);
-        }
-        else {
-            
-                ret = R_SCE_RSASSA_PKCS2048_SignatureVerify(&signature, 
-                    &message_hash,
-                    (sce_rsa2048_public_wrapped_key_t *)
-                         info->sce_wrapped_key_rsapub2048,
-                    HW_SCE_RSA_HASH_SHA256 );
-        }
-        
-        wc_sce_hw_unlock();
-    }
-    
-    return ret;
-}
-
-#endif /* !NO_RSA && WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c
deleted file mode 100644
index 959ea956..00000000
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_sce_sha.c
+++ /dev/null
@@ -1,267 +0,0 @@
-/* renesas_sce_sha.c
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_CONFIG_H
-    #include <config.h>
-#endif
-#include <wolfssl/wolfcrypt/settings.h>
-
-#if !defined(NO_SHA256)
-
-#include <wolfssl/wolfcrypt/logging.h>
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-
-#include <wolfssl/wolfcrypt/error-crypt.h>
-#include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
-
-/* Free up allocation for msg
- *
- * hash    The SCE Hash object.
- * no return value
- */
-static void SCEHashFree(wolfssl_SCE_Hash* hash)
-{
-    if (hash == NULL)
-        return;
-
-    if (hash->msg != NULL) {
-        XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        hash->msg = NULL;
-    }
-}
-/* Initialize Hash object
- *
- * hash    The SCE Hash object.
- * heap    Buffer to hold heap if available
- * devId   device Id
- * return  0 on success, BAD_FUNC_ARG when has is NULL
- */
-static int SCEHashInit(wolfssl_SCE_Hash* hash, void* heap, int devId,
-    word32 sha_type)
-{
-    if (hash == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    (void)devId;
-    XMEMSET(hash, 0, sizeof(wolfssl_SCE_Hash));
-
-    hash->heap = heap;
-    hash->len  = 0;
-    hash->used = 0;
-    hash->msg  = NULL;
-    hash->sha_type = sha_type;
-
-    return 0;
-}
-
-/* Add data to msg(work buffer) for final hash operation
- *
- * hash    The SCE Hash object.
- * data    Buffer to hold plain text for hash
- * sz      Length of data
- * return  0 on success, otherwise MEMORY_E or BAD_FUNC_ARG on failure
- */
-static int SCEHashUpdate(wolfssl_SCE_Hash* hash, const byte* data, word32 sz)
-{
-    if (hash == NULL || (sz > 0 && data == NULL)) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (hash->len < hash->used + sz) {
-        if (hash->msg == NULL) {
-            hash->msg = (byte*)XMALLOC(hash->used + sz, hash->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-        }
-        else {
-#ifdef FREERTOS
-            byte* pt = (byte*)XMALLOC(hash->used + sz, hash->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-            if (pt == NULL) {
-                return MEMORY_E;
-            }
-            XMEMCPY(pt, hash->msg, hash->used);
-            XFREE(hash->msg, hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
-            hash->msg = NULL;
-            hash->msg = pt;
-#else
-            byte* pt = (byte*)XREALLOC(hash->msg, hash->used + sz, hash->heap,
-                    DYNAMIC_TYPE_TMP_BUFFER);
-            if (pt == NULL) {
-                return MEMORY_E;
-            }
-            hash->msg = pt;
-#endif
-        }
-        if (hash->msg == NULL) {
-            return MEMORY_E;
-        }
-        hash->len = hash->used + sz;
-    }
-    XMEMCPY(hash->msg + hash->used, data , sz);
-    hash->used += sz;
-
-    return 0;
-}
-
-/* Perform hash operation using accumulated msg
- *
- * hash    The SCE Hash object.
- * out     Buffer to hold hashed text
- * outSz   Length of out
- * return  FSP_SUCCESS(0) on success,
- *         otherwise BAD_FUNC_ARG or FSP Error code on failure
- */
-static int SCEHashFinal(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
-{
-    int ret;
-    void* heap;
-    sce_sha_md5_handle_t handle;
-    uint32_t sz;
-
-    fsp_err_t (*Init)(sce_sha_md5_handle_t*);
-    fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
-    fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
-
-    if (hash == NULL || out == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (hash->sha_type == SCE_SHA256) {
-        Init = R_SCE_SHA256_Init;
-        Update = R_SCE_SHA256_Update;
-        Final = R_SCE_SHA256_Final;
-    }
-    else
-        return BAD_FUNC_ARG;
-
-    heap = hash->heap;
-
-    wc_sce_hw_lock();
-
-    if (Init(&handle) == FSP_SUCCESS) {
-        ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
-        if (ret == FSP_SUCCESS) {
-            ret = Final(&handle, out, (uint32_t*)&sz);
-            if (ret != FSP_SUCCESS || sz != outSz) {
-                return ret;
-            }
-        }
-    }
-    wc_sce_hw_unlock();
-
-    SCEHashFree(hash);
-    return SCEHashInit(hash, heap, 0, hash->sha_type);
-}
-/* Hash operation to message and return a result */
-static int SCEHashGet(wolfssl_SCE_Hash* hash, byte* out, word32 outSz)
-{
-    int ret;
-    sce_sha_md5_handle_t handle;
-    uint32_t sz;
-
-    fsp_err_t (*Init)(sce_sha_md5_handle_t*);
-    fsp_err_t (*Update)(sce_sha_md5_handle_t*, uint8_t*, uint32_t);
-    fsp_err_t (*Final )(sce_sha_md5_handle_t*, uint8_t*, uint32_t*);
-
-    if (hash == NULL || out == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    if (hash->sha_type == SCE_SHA256) {
-        Init = R_SCE_SHA256_Init;
-        Update = R_SCE_SHA256_Update;
-        Final = R_SCE_SHA256_Final;
-    }
-    else
-        return BAD_FUNC_ARG;
-
-    wc_sce_hw_lock();
-
-    if (Init(&handle) == FSP_SUCCESS) {
-        ret = Update(&handle, (uint8_t*)hash->msg, hash->used);
-        if (ret == FSP_SUCCESS) {
-            ret = Final(&handle, out, &sz);
-            if (ret != FSP_SUCCESS || sz != outSz) {
-                return ret;
-            }
-        }
-    }
-
-    wc_sce_hw_unlock();
-
-    return 0;
-}
-/* copy hash result from src to dst */
-static int SCEHashCopy(wolfssl_SCE_Hash* src, wolfssl_SCE_Hash* dst)
-{
-    if (src == NULL || dst == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    XMEMCPY(dst, src, sizeof(wolfssl_SCE_Hash));
-
-    if (src->len > 0 && src->msg != NULL) {
-        dst->msg = (byte*)XMALLOC(src->len, dst->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        if (dst->msg == NULL) {
-            return MEMORY_E;
-        }
-        XMEMCPY(dst->msg, src->msg, src->len);
-    }
-
-    return 0;
-}
-
-#if !defined(NO_SHA256)
-#include <wolfssl/wolfcrypt/sha256.h>
-
-/*  wrapper for wc_InitSha256_ex */
-int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
-{
-    return SCEHashInit(sha, heap, devId, SCE_SHA256);
-}
-/*  wrapper for wc_Sha256Update */
-int wc_Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
-{
-    return SCEHashUpdate(sha, in, sz);
-}
-/*  wrapper for wc_Sha256Final */
-int wc_Sha256Final(wc_Sha256* sha, byte* hash)
-{
-    return SCEHashFinal(sha, hash, WC_SHA256_DIGEST_SIZE);
-}
-/*  wrapper for wc_Sha256GetHash */
-int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
-{
-    return SCEHashGet(sha, hash, WC_SHA256_DIGEST_SIZE);
-}
-/*  wrapper for wc_Sha256Copy */
-int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
-{
-    return SCEHashCopy(src, dst);
-}
-#endif /* !NO_SHA256 */
-#endif /* WOLFSSL_RENESAS_SCEPROTECT */
-#endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
index 334d0433..d4f47419 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_aes.c
@@ -30,7 +30,8 @@
 
 #ifndef NO_AES
 
-#if defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES)
 
 #include <wolfssl/wolfcrypt/wc_port.h>
@@ -60,7 +61,7 @@ typedef e_tsip_err_t (*aesGcmDecUpdateFn)
 typedef e_tsip_err_t (*aesGcmDecFinalFn)
         (tsip_gcm_handle_t*, uint8_t*, uint32_t*, uint8_t*, uint32_t);
 
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
 
 /* function pointer type defs for TLSv13 handshake AES-GCM/CCM encryption */
 typedef e_tsip_err_t (*Tls13AesEncInitFn)
@@ -109,17 +110,17 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
     tsip_aes_key_index_t* key = NULL;
 
     WOLFSSL_ENTER("tsip_Tls13AesEncrypt");
-    
+
     if ((ssl == NULL) || (input == NULL) || (output == NULL) || (sz == 0)) {
         return BAD_FUNC_ARG;
-    } 
+    }
 
     if (ssl->options.side != WOLFSSL_CLIENT_END) {
         return CRYPTOCB_UNAVAILABLE;   /* expecting to fallback to S/W */
     }
 
     /* get user context for TSIP */
-    tuc = ssl->RenesasUserCtx;    
+    tuc = ssl->RenesasUserCtx;
     if (tuc == NULL) {
         WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
         return CRYPTOCB_UNAVAILABLE;
@@ -165,7 +166,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
                                     cs,
                                     key,
                                     sz);
-        
+ 
         if (err != TSIP_SUCCESS) {
             WOLFSSL_MSG("R_TSIP_Tls13DecryptUpdate error");
             ret = WC_HW_E;
@@ -179,7 +180,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
             dataSz = min(remain, AES_BLOCK_SIZE);
             ForceZero(plain, sizeof(plain));
             ForceZero(cipher, sizeof(cipher));
-            XMEMCPY(plain, input + idxIn, dataSz); 
+            XMEMCPY(plain, input + idxIn, dataSz);
 
 
             err = R_TSIP_Tls13EncryptUpdate(
@@ -187,13 +188,13 @@ WOLFSSL_LOCAL int tsip_Tls13AesEncrypt(
                                     (uint8_t*)plain,
                                     (uint8_t*)cipher,
                                     dataSz);
-            
+
             if (err == TSIP_SUCCESS) {
                 if (dataSz >= AES_BLOCK_SIZE) {
                     XMEMCPY(output + idxOut, cipher, dataSz);
                     idxOut += dataSz;
                 }
-                idxIn  += dataSz;   
+                idxIn  += dataSz;
                 remain -= dataSz;
             }
             else {
@@ -259,14 +260,14 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
 
     if ((ssl == NULL) || (input == NULL) || (output == NULL) || (sz == 0)) {
         return BAD_FUNC_ARG;
-    } 
+    }
 
     if (ssl->options.side != WOLFSSL_CLIENT_END) {
         return CRYPTOCB_UNAVAILABLE;   /* expecting to fallback to S/W */
     }
 
     /* get user context for TSIP */
-    tuc = ssl->RenesasUserCtx;    
+    tuc = ssl->RenesasUserCtx;
     if (tuc == NULL) {
         WOLFSSL_MSG("TsipUserCtx hasn't been set to ssl.");
         return CRYPTOCB_UNAVAILABLE;
@@ -304,7 +305,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
     blocks    = sz / AES_BLOCK_SIZE;
     remain    = sz;
     conRemain = sz - TSIP_AES_GCM_AUTH_TAG_SIZE;
-    
+
     if ((ret = tsip_hw_lock()) == 0) {
 
         err = R_TSIP_Tls13DecryptInit(
@@ -314,7 +315,7 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
                                     cs,
                                     key,
                                     sz);
-        
+
         if (err != TSIP_SUCCESS) {
             WOLFSSL_MSG("R_TSIP_Tls13DecryptInit error");
             ret = WC_HW_E;
@@ -334,14 +335,14 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
                                     (uint8_t*)cipher,
                                     (uint8_t*)plain,
                                     dataSz);
-            
+
             if (err == TSIP_SUCCESS) {
                 if (dataSz >= AES_BLOCK_SIZE && conRemain >= AES_BLOCK_SIZE) {
                     XMEMCPY(output + idxOut, plain, dataSz);
                     idxOut += dataSz;
                     conRemain -= min(conRemain, dataSz);
                 }
-                idxIn  += dataSz;   
+                idxIn  += dataSz;
                 remain -= dataSz;
             }
             else {
@@ -374,13 +375,13 @@ WOLFSSL_LOCAL int tsip_Tls13AesDecrypt(
     WOLFSSL_LEAVE("tsip_Tls13AesDecrypt", ret);
     return ret;
 }
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
 
 #if (WOLFSSL_RENESAS_TSIP_VER >= 109)
 #ifdef WOLF_CRYPTO_CB
 
-WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info, 
+WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
                                                                     void* ctx)
 {
     int ret = NOT_COMPILED_IN;
@@ -390,13 +391,16 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
 
     if (info == NULL || ctx == NULL)
         return BAD_FUNC_ARG;
-    
+
     if (info->algo_type == WC_ALGO_TYPE_CIPHER) {
 
 #if !defined(NO_AES) || !defined(NO_DES3)
 #ifdef HAVE_AESGCM
-        if (info->cipher.type == WC_CIPHER_AES_GCM &&
-            cbInfo->session_key_set == 1) {
+        if (info->cipher.type == WC_CIPHER_AES_GCM
+        #ifdef WOLFSSL_RENESAS_TSIP_TLS
+            && cbInfo->session_key_set == 1
+        #endif
+            ) {
 
             if (info->cipher.enc) {
                 ret = wc_tsip_AesGcmEncrypt(
@@ -430,8 +434,11 @@ WOLFSSL_LOCAL int wc_tsip_AesCipher(int devIdArg, wc_CryptoInfo* info,
         }
     #endif /* HAVE_AESGCM */
     #ifdef HAVE_AES_CBC
-        if (info->cipher.type == WC_CIPHER_AES_CBC &&
-            cbInfo->session_key_set == 1) {
+        if (info->cipher.type == WC_CIPHER_AES_CBC
+        #ifdef WOLFSSL_RENESAS_TSIP_TLS
+            && cbInfo->session_key_set == 1
+        #endif
+            ) {
 
             if (info->cipher.enc) {
                 ret = wc_tsip_AesCbcEncrypt(
@@ -680,7 +687,8 @@ int wc_tsip_AesGcmEncrypt(
             XMEMCPY(aadBuf, authIn, authInSz);
         }
 
-        if (ret == 0 && 
+    #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+        if (ret == 0 &&
             userCtx->session_key_set == 1) {
             /* generate AES-GCM session key. The key stored in
              * Aes.ctx.tsip_keyIdx is not used here.
@@ -701,8 +709,11 @@ int wc_tsip_AesGcmEncrypt(
                 WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
                 ret = -1;
             }
-        } else if (userCtx->user_aes128_key_set == 1 || 
-                   userCtx->user_aes256_key_set == 1) {
+        } else
+    #endif
+        if (ret == 0 &&
+            (userCtx->user_aes128_key_set == 1 ||
+             userCtx->user_aes256_key_set == 1)) {
             if (aes->ctx.keySize == 32) {
                 XMEMCPY(&key_client_aes, &userCtx->user_aes256_key_index,
                         sizeof(tsip_aes_key_index_t));
@@ -726,7 +737,7 @@ int wc_tsip_AesGcmEncrypt(
             err = initFn(&hdl, &key_client_aes, (uint8_t*)iv_l, ivSz_l);
 
             if (err == TSIP_SUCCESS) {
-            	err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf, authInSz);
+                err = updateFn(&hdl, NULL, NULL, 0UL, (uint8_t*)aadBuf, authInSz);
             }
             if (err == TSIP_SUCCESS) {
                 err = updateFn(&hdl, plainBuf, cipherBuf, sz, NULL, 0UL);
@@ -814,14 +825,14 @@ int wc_tsip_AesGcmDecrypt(
     uint8_t* aadBuf    = NULL;
     const uint8_t* iv_l = NULL;
     uint32_t ivSz_l = 0;
-    
+
     tsip_aes_key_index_t key_server_aes;
     TsipUserCtx *userCtx;
 
     WOLFSSL_ENTER("wc_tsip_AesGcmDecrypt");
 
     if (aes == NULL || in == NULL || out == NULL || sz == 0 || ctx == NULL ||
-        iv == 0 || 
+        iv == 0 ||
         (authInSz != 0 && authIn == NULL) ||
         (authInSz == 0 && authIn != NULL) ||
         (authTagSz != 0 && authTag == NULL) ||
@@ -875,7 +886,8 @@ int wc_tsip_AesGcmDecrypt(
             XMEMCPY(aadBuf, authIn, authInSz);
         }
 
-        if (ret == 0 && 
+    #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+        if (ret == 0 &&
             userCtx->session_key_set == 1) {
             /* generate AES-GCM session key. The key stored in
              * Aes.ctx.tsip_keyIdx is not used here.
@@ -895,8 +907,12 @@ int wc_tsip_AesGcmDecrypt(
                 WOLFSSL_MSG("R_TSIP_TlsGenerateSessionKey failed");
                 ret = -1;
             }
-        } else if (userCtx->user_aes128_key_set == 1 || 
-                   userCtx->user_aes256_key_set == 1) {
+        } else
+
+    #endif
+        if (ret == 0 &&
+            (userCtx->user_aes128_key_set == 1 ||
+             userCtx->user_aes256_key_set == 1)) {
             if (aes->ctx.keySize == 32) {
                 XMEMCPY(&key_server_aes, &userCtx->user_aes256_key_index,
                         sizeof(tsip_aes_key_index_t));
@@ -905,10 +921,10 @@ int wc_tsip_AesGcmDecrypt(
                  XMEMCPY(&key_server_aes, &userCtx->user_aes128_key_index,
                         sizeof(tsip_aes_key_index_t));
             }
-            
+
             iv_l = iv;
             ivSz_l = ivSz;
-            
+
         }
 
         if (ret == 0) {
@@ -959,5 +975,6 @@ int wc_tsip_AesGcmDecrypt(
     WOLFSSL_LEAVE("wc_tsip_AesGcmDecrypt", ret);
     return ret;
 }
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS) || WOLFSSL_RENESAS_TSIP_CRYPTONLY
+         && NO_WOLFSSL_RENESAS_TSIP_CRYPT_AES */
 #endif /* NO_AES */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
new file mode 100644
index 00000000..1a77b402
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_rsa.c
@@ -0,0 +1,302 @@
+/* renesas_sce_rsa.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+ 
+#include <wolfssl/wolfcrypt/settings.h>
+
+#if !defined(NO_RSA) && \
+    (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
+
+#include <string.h>
+#include <stdio.h>
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/error-ssl.h>
+#include <wolfssl/wolfcrypt/rsa.h>
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
+
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+/* Make Rsa key for TSIP and set it to callback ctx
+ * Assumes to be called by Crypt Callback
+ *
+ * size   desired keylenth, in bits. supports 1024 or 2048 bits
+ * ctx    Callback context including pointer to hold generated key
+ * return TSIP_SUCCESS(0) on Success, otherwise negative value
+ */
+WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx)
+{
+    e_tsip_err_t     ret;
+    TsipUserCtx     *info = (TsipUserCtx*)ctx;
+
+    tsip_rsa1024_key_pair_index_t *tsip_pair1024_key = NULL;
+    tsip_rsa2048_key_pair_index_t *tsip_pair2048_key = NULL;
+
+    /* sanity check */
+    if (ctx == NULL)
+        return BAD_FUNC_ARG;
+
+    if ((ret = tsip_hw_lock()) == 0) {
+        if (size == 1024) {
+            tsip_pair1024_key =
+            (tsip_rsa1024_key_pair_index_t*)XMALLOC(
+                sizeof(tsip_rsa1024_key_pair_index_t), NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+            if (tsip_pair1024_key == NULL)
+                return MEMORY_E;
+                
+            ret = R_TSIP_GenerateRsa1024RandomKeyIndex(tsip_pair1024_key);
+        }
+        else if (size == 2048) {
+            tsip_pair2048_key =
+            (tsip_rsa2048_key_pair_index_t*)XMALLOC(
+                sizeof(tsip_rsa2048_key_pair_index_t), NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+            if (tsip_pair2048_key == NULL)
+                return MEMORY_E;
+                
+            ret = R_TSIP_GenerateRsa2048RandomKeyIndex(tsip_pair2048_key);
+        }
+        else
+            return CRYPTOCB_UNAVAILABLE;
+            
+        if (ret == TSIP_SUCCESS) {
+            if (size == 1024) {
+                if (info->rsa1024pri_keyIdx != NULL) {
+                    XFREE(info->rsa1024pri_keyIdx, NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+                }
+                if (info->rsa1024pub_keyIdx != NULL) {
+                    XFREE(info->rsa1024pub_keyIdx, NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+                }
+                info->rsa1024pri_keyIdx = 
+                (tsip_rsa1024_private_key_index_t*)XMALLOC(
+                    sizeof(tsip_rsa1024_private_key_index_t), NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+                    
+                if (info->rsa1024pri_keyIdx == NULL) {
+                    XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                    return MEMORY_E;
+                }
+                
+                info->rsa1024pub_keyIdx =
+                (tsip_rsa1024_public_key_index_t*)XMALLOC(
+                    sizeof(tsip_rsa1024_public_key_index_t), NULL, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+                    
+                if (info->rsa1024pub_keyIdx == NULL) {
+                    XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                    XFREE(info->rsa1024pri_keyIdx, 0, 
+                                                DYNAMIC_TYPE_RSA_BUFFER);
+                    return MEMORY_E;
+                }
+                /* copy generated key pair and free malloced key */
+                XMEMCPY(info->rsa1024pri_keyIdx,
+                                    &tsip_pair1024_key->private,
+                                    sizeof(tsip_rsa1024_private_key_index_t));
+                XMEMCPY(info->rsa1024pub_keyIdx, 
+                                    &tsip_pair1024_key->public,
+                                    sizeof(tsip_rsa1024_public_key_index_t));
+                XFREE(tsip_pair1024_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                
+                info->keyflgs_crypt.bits.rsapri1024_key_set = 1;
+                info->keyflgs_crypt.bits.rsapub1024_key_set = 1;
+            }
+            else if (size == 2048) {
+                if (info->rsa2048pri_keyIdx != NULL) {
+                    XFREE(info->rsa2048pri_keyIdx, NULL, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                }
+                if (info->rsa2048pub_keyIdx != NULL) {
+                    XFREE(info->rsa2048pub_keyIdx, NULL, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                }
+                info->rsa2048pri_keyIdx = 
+                (tsip_rsa2048_private_key_index_t*)XMALLOC(
+                    sizeof(tsip_rsa2048_private_key_index_t), NULL, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                    
+                if (info->rsa2048pri_keyIdx == NULL) {
+                    XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                    return MEMORY_E;
+                }
+                
+                info->rsa2048pub_keyIdx =
+                (tsip_rsa2048_public_key_index_t*)XMALLOC(
+                    sizeof(tsip_rsa2048_public_key_index_t), NULL, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                    
+                if (info->rsa2048pub_keyIdx == NULL) {
+                    XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                    XFREE(info->rsa2048pri_keyIdx, 0, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                    return MEMORY_E;
+                }
+                /* copy generated key pair and free malloced key */
+                XMEMCPY(info->rsa2048pri_keyIdx, 
+                            &tsip_pair2048_key->private,
+                            sizeof(tsip_rsa2048_private_key_index_t));
+                XMEMCPY(info->rsa2048pub_keyIdx, 
+                            &tsip_pair2048_key->public,
+                            sizeof(tsip_rsa2048_public_key_index_t));
+                XFREE(tsip_pair2048_key, 0, DYNAMIC_TYPE_RSA_BUFFER);
+                
+                info->keyflgs_crypt.bits.rsapri2048_key_set = 1;
+                info->keyflgs_crypt.bits.rsapub2048_key_set = 1;
+                
+            }
+        }
+        else {
+            WOLFSSL_MSG("Failed to generate key pair by TSIP");
+            return CRYPTOCB_UNAVAILABLE;
+        }
+        
+        tsip_hw_unlock();
+    }
+
+    return 0;
+}
+
+
+/* Perform Rsa verify by TSIP
+ * Assumes to be called by Crypt Callback
+ * 
+ * in     Buffer to hold plaintext
+ * inLen  Length of plaintext in bytes
+ * out    Buffer to hold generated signature
+ * outLen Length of signature in bytes
+ * key    rsa key object
+ * ctx    The callback context
+ * return FSP_SUCCESS(0) on Success, otherwise negative value
+ */
+ 
+WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
+{
+    int ret = 0;
+    e_tsip_err_t    err = TSIP_SUCCESS;
+    tsip_rsa_byte_data_t hashData, sigData;
+
+    uint8_t  tsip_hash_type;
+    
+    
+    /* sanity check */
+    if (info == NULL || tuc == NULL){
+        return BAD_FUNC_ARG;
+    }
+    
+    if (ret == 0) {
+       if (tuc->sing_hash_type == md5_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_MD5;
+       else if (tuc->sing_hash_type == sha_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
+       else if (tuc->sing_hash_type == sha256_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
+       else
+           ret = CRYPTOCB_UNAVAILABLE;
+    }
+    
+    switch (tuc->wrappedKeyType) {
+        case TSIP_KEY_TYPE_RSA1024:
+            if (tuc->keyflgs_crypt.bits.rsapub1024_key_set != 1)
+            {
+                ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
+
+                WOLFSSL_MSG("tsip rsa private key 1024 not set");
+                if (ret != 0) 
+                    ret = CRYPTOCB_UNAVAILABLE;
+
+            }
+            break;
+        case TSIP_KEY_TYPE_RSA2048:
+            if (tuc->keyflgs_crypt.bits.rsapub2048_key_set != 1)
+            {
+                ret = tsipImportPublicKey(tuc, tuc->wrappedKeyType);
+
+                WOLFSSL_MSG("tsip rsa private key 1024 not set");
+                if (ret != 0) 
+                    ret = CRYPTOCB_UNAVAILABLE;
+            }
+            break;
+        default:
+            WOLFSSL_MSG("wrapped private key is not supported");
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+
+    if (ret == 0) {
+        hashData.pdata = (uint8_t*)info->pk.rsa.in;
+        hashData.data_length = info->pk.rsa.inLen;
+        hashData.data_type =
+            tuc->keyflgs_crypt.bits.message_type;/* message 0, hash 1 */
+
+        sigData.pdata = (uint8_t*)info->pk.rsa.out;
+        sigData.data_length = info->pk.rsa.outLen;
+
+        if ((ret = tsip_hw_lock()) == 0) {
+            switch (tuc->wrappedKeyType) {
+                case TSIP_KEY_TYPE_RSA1024:
+                    err = R_TSIP_RsassaPkcs1024SignatureVerification(&sigData,
+                            &hashData,
+                            (tsip_rsa1024_public_key_index_t *)
+                            tuc->rsa1024pub_keyIdx,
+                            tsip_hash_type);
+                    if (err == TSIP_ERR_AUTHENTICATION) {
+                        ret = SIG_VERIFY_E;
+                    }
+                    else if (err == TSIP_SUCCESS) {
+                        ret = 0;
+                    }
+                    else {
+                        ret = WC_HW_E;
+                    }
+                    break;
+                case TSIP_KEY_TYPE_RSA2048:
+                    err = R_TSIP_RsassaPkcs2048SignatureVerification(&sigData,
+                            &hashData,
+                            (tsip_rsa2048_public_key_index_t *)
+                            tuc->rsa2048pub_keyIdx,
+                            tsip_hash_type);
+                    if (err == TSIP_ERR_AUTHENTICATION) {
+                            ret = SIG_VERIFY_E;
+                    }
+                    else if (err == TSIP_SUCCESS) {
+                        ret = 0;
+                    }
+                    else {
+                        ret = WC_HW_E;
+                    }
+                    break;
+            }
+            tsip_hw_unlock();
+        }
+    }
+    
+    return ret;
+}
+#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS || \
+          WOLFSSL_RENESAS_TSIP_CRYPTONLY */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
index 66d2d586..a1a02f3b 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_sha.c
@@ -36,18 +36,16 @@
 
 #include <wolfssl/wolfcrypt/logging.h>
 
-#if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
 
 #include <wolfssl/wolfcrypt/memory.h>
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 
-#if !defined(NO_SHA) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
-#include <wolfssl/wolfcrypt/sha.h>
-
 extern struct WOLFSSL_HEAP_HINT* tsip_heap_hint;
 
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
 /*  get hmac from handshake messages exchanged with server.
  *
  */
@@ -278,7 +276,7 @@ WOLFSSL_LOCAL int tsip_GetMessageSha256(struct WOLFSSL* ssl, byte* hash,
     WOLFSSL_LEAVE("tsip_GetMessageSha256", ret);
     return ret;
 }
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
 
 
@@ -471,7 +469,9 @@ static int TSIPHashCopy(wolfssl_TSIP_Hash* src, wolfssl_TSIP_Hash* dst)
 
     return 0;
 }
- /*  */
+#if !defined(NO_SHA) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#include <wolfssl/wolfcrypt/sha.h>
+
 int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
 {
     return TSIPHashInit(sha, heap, devId, TSIP_SHA1);
@@ -496,7 +496,7 @@ int wc_ShaCopy(wc_Sha256* src, wc_Sha256* dst)
 {
     return TSIPHashCopy(src, dst);
 }
-#endif /* !NO_SHA */
+#endif /* !NO_SHA && !NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH*/
 
 #if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
 #include <wolfssl/wolfcrypt/sha256.h>
@@ -527,5 +527,5 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
     return TSIPHashCopy(src, dst);
 }
 #endif /* !NO_SHA256 */
-#endif /* WOLFSSL_RENESAS_TSIP_CRYPT */
+#endif /* WOLFSSL_RENESAS_TSIP_TLS || WOLFSSL_RENESAS_TSIP_CRYPTONLY */
 #endif /* #if !defined(NO_SHA) || !defined(NO_SHA256) */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
index 0ebc718c..8c98ffb7 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/Renesas/renesas_tsip_util.c
@@ -56,22 +56,21 @@ typedef e_tsip_err_t (*shaHmacFinalFn)
 
 /* ./ca-cert.der.sign,  */
 /* expect to have these variables defined at user application */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
+#if defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=109)
 extern uint32_t     s_inst2[R_TSIP_SINST2_WORD_SIZE];
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
+#elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
 extern uint32_t     s_flash[];
 extern uint32_t     s_inst1[R_TSIP_SINST_WORD_SIZE];
 #endif
 
 wolfSSL_Mutex       tsip_mutex;
 static int          tsip_CryptHwMutexInit_ = 0;
-static const byte*  ca_cert_sig = NULL;
 static tsip_key_data g_user_key_info;
-
 struct WOLFSSL_HEAP_HINT*  tsip_heap_hint = NULL;
 
 /* tsip only keep one encrypted ca public key */
 #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+static const byte*  ca_cert_sig = NULL;
 static uint32_t     g_encrypted_publicCA_key[R_TSIP_SINST_WORD_SIZE];
 
 /* index of CM table. must be global since renesas_common access it. */
@@ -103,7 +102,38 @@ static int tsip_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
 {
     return wc_UnLockMutex(mutex);
 }
-#ifdef WOLF_PRIVATE_KEY_ID
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+/* Set client encrypted public key data.
+ * parameters:
+ * ssl      WOLFSSL object
+ * keyBuf  buffer holding wrapped key which Renesas key tool generated.
+ * keyBufLen buffer length
+ * keyType  0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
+ * return   0 on success, others on failure.
+ */
+WOLFSSL_API int tsip_use_PublicKey_buffer_TLS(WOLFSSL* ssl,
+                                const char* keyBuf, int keyBufLen, int keyType)
+{
+    int ret = 0;
+    TsipUserCtx* tuc = NULL;
+
+    WOLFSSL_ENTER("tsip_use_PublicKey_buffer_TLS");
+
+    if (ssl == NULL
+    || keyBuf == NULL || keyBufLen == 0) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == 0){
+        tuc = ssl->RenesasUserCtx;
+        tuc->wrappedPublicKey  = (uint8_t*)keyBuf;
+        tuc->wrappedKeyType    = keyType;
+    }
+
+    WOLFSSL_LEAVE("tsip_use_PublicKey_buffer", ret);
+    return ret;
+}
 /* Set client encrypted private key data.
  * parameters:
  * ssl      WOLFSSL object
@@ -112,13 +142,13 @@ static int tsip_CryptHwMutexUnLock(wolfSSL_Mutex* mutex)
  * keyType  0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
  * return   0 on success, others on failure.
  */
-WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
                                 const char* keyBuf, int keyBufLen, int keyType)
 {
     int ret = 0;
     TsipUserCtx* tuc = NULL;
-    
-    WOLFSSL_ENTER("tsip_use_PrivateKey_buffer");
+
+    WOLFSSL_ENTER("tsip_use_PrivateKey_buffer_TLS");
 
     if (ssl == NULL || keyBuf == NULL || keyBufLen == 0 ) {
         ret = BAD_FUNC_ARG;
@@ -130,47 +160,81 @@ WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
         tuc->wrappedKeyType    = keyType;
 
         /* store keyType as Id since Id capacity is 32 bytes */
-        ret = wolfSSL_use_PrivateKey_Id(ssl, 
+        ret = wolfSSL_use_PrivateKey_Id(ssl,
                                 (const unsigned char*)keyBuf, 32, tuc->devId);
         if (ret == WOLFSSL_SUCCESS) {
-            ret = 0;                        
-        }    
+            ret = 0;
+        }
     }
 
-    WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer", ret);
+    WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer_TLS", ret);
     return ret;
 }
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 
 /* Set client encrypted public key data.
  * parameters:
- * ssl      WOLFSSL object
+ * uc      Tsip user context
  * keyBuf  buffer holding wrapped key which Renesas key tool generated.
  * keyBufLen buffer length
  * keyType  0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
  * return   0 on success, others on failure.
  */
-WOLFSSL_API int tsip_use_PublicKey_buffer(WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PublicKey_buffer_crypt(TsipUserCtx *uc,
                                 const char* keyBuf, int keyBufLen, int keyType)
 {
     int ret = 0;
     TsipUserCtx* tuc = NULL;
 
-    WOLFSSL_ENTER("tsip_use_PublicKey_buffer");
+    WOLFSSL_ENTER("tsip_use_PublicKey_buffer_crypt");
 
-    if (ssl == NULL || keyBuf == NULL || keyBufLen == 0) {
+    if (uc == NULL
+    || keyBuf == NULL || keyBufLen == 0) {
         ret = BAD_FUNC_ARG;
     }
 
     if (ret == 0){
-        tuc = ssl->RenesasUserCtx;
+        tuc = uc;
         tuc->wrappedPublicKey  = (uint8_t*)keyBuf;
         tuc->wrappedKeyType    = keyType;
     }
 
-    WOLFSSL_LEAVE("tsip_use_PublicKey_buffer", ret);
+    WOLFSSL_LEAVE("tsip_use_PublicKey_buffer_crypt", ret);
     return ret;
 }
-#endif /* WOLF_PRIVATE_KEY_ID */
+/* Set client encrypted private key data.
+ * parameters:
+ * uc      Tsip user context
+ * keyBuf  buffer holding wrapped key which Renesas key tool generated.
+ * keyBufLen buffer length
+ * keyType  0: RSA 2048bit, 1: RSA 4096bit, 2 ECC P256
+ * return   0 on success, others on failure.
+ */
+WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
+                                const char* keyBuf, int keyBufLen, int keyType)
+{
+    int ret = 0;
+    TsipUserCtx* tuc = NULL;
+
+    WOLFSSL_ENTER("tsip_use_PrivateKey_buffer_crypt");
+
+    if (uc == NULL || keyBuf == NULL || keyBufLen == 0 ) {
+        ret = BAD_FUNC_ARG;
+    }
+    if (ret == 0){
+        tuc = uc;
+
+        tuc->wrappedPrivateKey = (uint8_t*)keyBuf;
+        tuc->wrappedKeyType    = keyType;
+    }
+
+    WOLFSSL_LEAVE("tsip_use_PrivateKey_buffer_crypt", ret);
+    return ret;
+}
+#endif /* WOLFSSL_RENESAS_TSIP_CRYPTONLY */
+
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
 
 /* Obsolete function. Use tsip_use_PrivateKey_buffer instead.
  * Set client encrypted private key data.
@@ -332,7 +396,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenEccKeyPair(WOLFSSL* ssl, KeyShareEntry* kse)
                             &(tuc->handle13),
                             TSIP_TLS13_MODE_FULL_HANDSHAKE,
                             &(tuc->EcdhPrivKey13Idx),    /* private key index */
-                            &(kse->pubKey[1]));       /* genereted public key */
+                            &(kse->pubKey[1]));       /* generated public key */
 
             if (err != TSIP_SUCCESS){ret = WC_HW_E;}
 
@@ -422,7 +486,7 @@ WOLFSSL_LOCAL int tsip_Tls13GenSharedSecret(struct WOLFSSL* ssl,
         if ((ret = tsip_hw_lock()) == 0) {
 
             tuc->SharedSecret_set = 0;
-            pubkeyraw = kse->ke + 1;        /* peer's raw publick key data */
+            pubkeyraw = kse->ke + 1;        /* peer's raw public key data */
 
             /* derive shared secret */
             err = R_TSIP_Tls13GenerateEcdheSharedSecret(
@@ -1582,192 +1646,14 @@ WOLFSSL_LOCAL int tsip_Tls13CertificateVerify(struct WOLFSSL* ssl,
 }
 #endif /* WOLFSSL_TLS13 */
 
-/*
- * Import wrapped private key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PrivateKey_buffer in advance.
- * Acceptable key types are:
- *   TSIP_KEY_TYPE_RSA2048     rsa 2048 bit key
- *   TSIP_KEY_TYPE_RSA4096     rsa 4096 bit key(Not supported as of now)
- *   TSIP_KEY_TYPE_ECDSAP256   ecdsa p256r1 key
- */
-static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
-{
-    int          ret = 0;
-    e_tsip_err_t err = TSIP_SUCCESS;
-    uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
-    uint8_t* iv               = g_user_key_info.iv;
-    uint8_t* encPrivKey;
-
-    WOLFSSL_ENTER("tsipImportPrivateKey");
-
-    if (tuc == NULL)
-        return BAD_FUNC_ARG;
-
-    encPrivKey = tuc->wrappedPrivateKey;
-
-    if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
-        WOLFSSL_MSG("Missing some key materials used for import" );
-        return CRYPTOCB_UNAVAILABLE;
-    } 
-
-    if (ret == 0) {
-        if (keyType != tuc->wrappedKeyType) {
-            WOLFSSL_MSG("No public key of specified type is set" );
-            return CRYPTOCB_UNAVAILABLE;
-        }
-    }
-
-    if ((ret = tsip_hw_lock()) == 0) {
-        switch (keyType) {
-
-            #if !defined(NO_RSA)
-            case TSIP_KEY_TYPE_RSA2048:
-                
-                tuc->ClientRsa2048PrivKey_set = 0;
-                err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
-                                    provisioning_key, iv, (uint8_t*)encPrivKey,
-                                    &(tuc->Rsa2048PrivateKeyIdx));
-                if (err == TSIP_SUCCESS) {
-                    tuc->ClientRsa2048PrivKey_set = 1;
-                }
-                else {
-                    ret = WC_HW_E;
-                }
-                break;
-            #endif
-
-            case TSIP_KEY_TYPE_RSA4096:
-                /* not supported as of TSIPv1.15 */ 
-                ret = CRYPTOCB_UNAVAILABLE;
-                break;
-
-            #if defined(HAVE_ECC)
-            case TSIP_KEY_TYPE_ECDSAP256:
-
-                tuc->ClientEccP256PrivKey_set = 0;
-                err = R_TSIP_GenerateEccP256PrivateKeyIndex(
-                                    provisioning_key, iv, (uint8_t*)encPrivKey,
-                                    &(tuc->EcdsaP256PrivateKeyIdx));
-                if (err == TSIP_SUCCESS) {
-                    tuc->ClientEccP256PrivKey_set = 1;
-                }
-                else {
-                    ret = WC_HW_E;
-                }
-                break;
-            #endif
-
-            default:
-                ret = BAD_FUNC_ARG;
-                break;
-        }
-        tsip_hw_unlock();
-    }
-    else {
-        WOLFSSL_MSG("mutex locking error");
-    }
-    WOLFSSL_LEAVE("tsipImportPrivateKey", ret);
-    return ret;
-}
-/*
- * Import wrapped public key then convert it into TSIP key_index format.
- * The target key should be set with tsip_use_PublicKey_buffer in advance.
- * Acceptable key types are:
- *   TSIP_KEY_TYPE_RSA2048     rsa 2048 bit key
- *   TSIP_KEY_TYPE_RSA4096     rsa 4096 bit key(Not supported as of now)
- *   TSIP_KEY_TYPE_ECDSAP256   ecdsa p256r1 key
- */
-static int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
-{
-    int          ret = 0;
-    e_tsip_err_t err = TSIP_SUCCESS;
-    uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
-    uint8_t* iv               = g_user_key_info.iv;
-    uint8_t* encPubKey;
-
-    WOLFSSL_ENTER("tsipImportPublicKey");
-
-    if (tuc == NULL ) {
-        return BAD_FUNC_ARG;
-    }
-
-    encPubKey = tuc->wrappedPublicKey;
-
-    if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
-        WOLFSSL_MSG("Missing some key materials used for import" );
-        return CRYPTOCB_UNAVAILABLE;
-    } 
-
-    if (ret == 0) {
-        if (keyType != tuc->wrappedKeyType) {
-            WOLFSSL_MSG("No public key of specified type is set" );
-            return CRYPTOCB_UNAVAILABLE;
-        }
-    }
-
-    if ((ret = tsip_hw_lock()) == 0) {
-        switch(keyType) {
-            
-            #if !defined(NO_RSA)
-            case TSIP_KEY_TYPE_RSA2048:
-                
-                tuc->ClientRsa2048PubKey_set = 0;
-                err = R_TSIP_GenerateRsa2048PublicKeyIndex(
-                                    provisioning_key, iv, (uint8_t*)encPubKey,
-                                    &(tuc->Rsa2048PublicKeyIdx));
-                if (err == TSIP_SUCCESS) {
-                    tuc->ClientRsa2048PubKey_set = 1;
-                }
-                else {
-                    ret = WC_HW_E;
-                }
-                break;
-            #endif
-            
-            #if !defined(NO_RSA)
-            case TSIP_KEY_TYPE_RSA4096:
-                /* not supported as of TSIPv1.15 */ 
-                ret = CRYPTOCB_UNAVAILABLE;
-                break;
-            #endif
-            
-            #if defined(HAVE_ECC)
-            case TSIP_KEY_TYPE_ECDSAP256:
-
-                tuc->ClientEccP256PubKey_set = 0;
-                err = R_TSIP_GenerateEccP256PublicKeyIndex(
-                                    provisioning_key, iv, (uint8_t*)encPubKey,
-                                    &(tuc->EcdsaP256PublicKeyIdx));
-                if (err == TSIP_SUCCESS) {
-                    tuc->ClientEccP256PubKey_set = 1;
-                }
-                else {
-                    ret = WC_HW_E;
-                }
-                break;
-            #endif
-
-            default:
-                ret = BAD_FUNC_ARG;
-                break;
-        }
-        tsip_hw_unlock();
-    }
-    else {
-        WOLFSSL_MSG("mutex locking error");
-    }
-    WOLFSSL_LEAVE("tsipImportPublicKey", ret);
-    return ret;
-}
-
-
 #if defined(WOLFSSL_TLS13)
 /* Send the TLS v1.3 CertificateVerify message. A part of the message is
  * processed by TSIP for acceleration.
  *
  * Prior to this function call, the appropriate key-pair should be set via 
- * tsip_use_PrivateKey_buffer and tsip_use_PublicKey_buffer APIs. Those key pair 
- * can be generated by the tool named "Renesas secure flash programmer".
+ * tsip_use_PrivateKey_buffer_TLS and tsip_use_PublicKey_buffer_TLS APIs. 
+ * Those key pair can be generated by the tool named 
+ * "Renesas secure flash programmer".
  * When RSA certificate is used, both public and private keys should be set.
  * The public key is used for self-verify the generated certificateVerify
  * message. When ECC certificate is used, the self-verify will be performed only
@@ -2039,7 +1925,7 @@ WOLFSSL_LOCAL int tsip_Tls13SendCertVerify(WOLFSSL* ssl)
     return ret;
 }
 #endif /* WOLFSSL_TLS13 */
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
 #if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER >=109)
 
@@ -2113,7 +1999,7 @@ static uint32_t GetTsipCipherSuite(
     return tsipCipher;
 }
 
-/*  Attempt to get a public key exchaged with the peer in ECDHE.
+/*  Attempt to get a public key exchanged with the peer in ECDHE.
  *  the public key is verified by given signature then stored into ctx.
  *
  *  return WOLFSSL_SUCCESS on success, WOLFSSL_FAILURE on failure.
@@ -2453,6 +2339,212 @@ static byte _tls2tsipdef(byte cipher)
     return def;
 }
 #endif
+
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
+/*
+ * Import wrapped private key then convert it into TSIP key_index format.
+ * The target key should be set with tsip_use_PrivateKey_buffer in advance.
+ * Acceptable key types are:
+ *   TSIP_KEY_TYPE_RSA2048     rsa 2048 bit key
+ *   TSIP_KEY_TYPE_RSA4096     rsa 4096 bit key(Not supported as of now)
+ *   TSIP_KEY_TYPE_ECDSAP256   ecdsa p256r1 key
+ */
+static int tsipImportPrivateKey(TsipUserCtx* tuc, int keyType)
+{
+    int          ret = 0;
+    e_tsip_err_t err = TSIP_SUCCESS;
+    uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
+    uint8_t* iv               = g_user_key_info.iv;
+    uint8_t* encPrivKey;
+
+    WOLFSSL_ENTER("tsipImportPrivateKey");
+
+    if (tuc == NULL)
+        return BAD_FUNC_ARG;
+
+    encPrivKey = tuc->wrappedPrivateKey;
+
+    if (encPrivKey == NULL || provisioning_key == NULL || iv == NULL) {
+        WOLFSSL_MSG("Missing some key materials used for import" );
+        return CRYPTOCB_UNAVAILABLE;
+    } 
+
+    if (ret == 0) {
+        if (keyType != tuc->wrappedKeyType) {
+            WOLFSSL_MSG("No public key of specified type is set" );
+            return CRYPTOCB_UNAVAILABLE;
+        }
+    }
+
+    if ((ret = tsip_hw_lock()) == 0) {
+        switch (keyType) {
+
+            #if !defined(NO_RSA)
+            case TSIP_KEY_TYPE_RSA2048:
+                
+                tuc->ClientRsa2048PrivKey_set = 0;
+                err = R_TSIP_GenerateRsa2048PrivateKeyIndex(
+                                    provisioning_key, iv, (uint8_t*)encPrivKey,
+                                    &(tuc->Rsa2048PrivateKeyIdx));
+                if (err == TSIP_SUCCESS) {
+                    tuc->ClientRsa2048PrivKey_set = 1;
+                }
+                else {
+                    ret = WC_HW_E;
+                }
+                break;
+            #endif
+
+            case TSIP_KEY_TYPE_RSA4096:
+                /* not supported as of TSIPv1.15 */ 
+                ret = CRYPTOCB_UNAVAILABLE;
+                break;
+
+            #if defined(HAVE_ECC)
+            case TSIP_KEY_TYPE_ECDSAP256:
+
+                tuc->ClientEccP256PrivKey_set = 0;
+                err = R_TSIP_GenerateEccP256PrivateKeyIndex(
+                                    provisioning_key, iv, (uint8_t*)encPrivKey,
+                                    &(tuc->EcdsaP256PrivateKeyIdx));
+                if (err == TSIP_SUCCESS) {
+                    tuc->ClientEccP256PrivKey_set = 1;
+                }
+                else {
+                    ret = WC_HW_E;
+                }
+                break;
+            #endif
+
+            default:
+                ret = BAD_FUNC_ARG;
+                break;
+        }
+        tsip_hw_unlock();
+    }
+    else {
+        WOLFSSL_MSG("mutex locking error");
+    }
+    WOLFSSL_LEAVE("tsipImportPrivateKey", ret);
+    return ret;
+}
+
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+
+/*
+ * Import wrapped public key then convert it into TSIP key_index format.
+ * The target key should be set with tsip_use_PublicKey_buffer in advance.
+ * Acceptable key types are:
+ *   TSIP_KEY_TYPE_RSA2048     rsa 2048 bit key
+ *   TSIP_KEY_TYPE_RSA4096     rsa 4096 bit key(Not supported as of now)
+ *   TSIP_KEY_TYPE_ECDSAP256   ecdsa p256r1 key
+ */
+WOLFSSL_LOCAL int tsipImportPublicKey(TsipUserCtx* tuc, int keyType)
+{
+    int          ret = 0;
+    e_tsip_err_t err = TSIP_SUCCESS;
+    uint8_t* provisioning_key = g_user_key_info.encrypted_provisioning_key;
+    uint8_t* iv               = g_user_key_info.iv;
+    uint8_t* encPubKey;
+
+    WOLFSSL_ENTER("tsipImportPublicKey");
+
+    if (tuc == NULL ) {
+        return BAD_FUNC_ARG;
+    }
+
+    encPubKey = tuc->wrappedPublicKey;
+
+    if (encPubKey == NULL || provisioning_key == NULL || iv == NULL) {
+        WOLFSSL_MSG("Missing some key materials used for import" );
+        return CRYPTOCB_UNAVAILABLE;
+    } 
+
+    if (ret == 0) {
+        if (keyType != tuc->wrappedKeyType) {
+            WOLFSSL_MSG("No public key of specified type is set" );
+            return CRYPTOCB_UNAVAILABLE;
+        }
+    }
+
+    if ((ret = tsip_hw_lock()) == 0) {
+        switch(keyType) {
+            
+        #if !defined(NO_RSA)
+            case TSIP_KEY_TYPE_RSA2048:
+            #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+                tuc->ClientRsa2048PubKey_set = 0;
+            #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+                if (tuc->rsa2048pub_keyIdx != NULL) {
+                    XFREE(tuc->rsa2048pub_keyIdx, NULL,
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                }
+                
+                tuc->rsa2048pub_keyIdx =
+                (tsip_rsa2048_public_key_index_t*)XMALLOC(
+                    sizeof(tsip_rsa2048_public_key_index_t), NULL, 
+                                    DYNAMIC_TYPE_RSA_BUFFER);
+                if (tuc->rsa2048pub_keyIdx == NULL) {
+                    return MEMORY_E;
+                }
+            #endif
+                err = R_TSIP_GenerateRsa2048PublicKeyIndex(
+                                    provisioning_key, iv, (uint8_t*)encPubKey,
+                                #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+                                     &(tuc->Rsa2048PublicKeyIdx)
+                                #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+                                     tuc->rsa2048pub_keyIdx
+                                #endif
+                                    );
+                if (err == TSIP_SUCCESS) {
+                #if defined(WOLFSSL_RENESAS_TSIP_TLS)
+                    tuc->ClientRsa2048PubKey_set = 1;
+                #elif defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+                    tuc->keyflgs_crypt.bits.rsapub2048_key_set = 1;
+                #endif
+                }
+                else {
+                    ret = WC_HW_E;
+                }
+                break;
+        #endif
+            
+        #if !defined(NO_RSA)
+            case TSIP_KEY_TYPE_RSA4096:
+                /* not supported as of TSIPv1.15 */ 
+                ret = CRYPTOCB_UNAVAILABLE;
+                break;
+        #endif
+            
+        #if defined(HAVE_ECC) && \
+            defined(WOLFSSL_RENESAS_TSIP_TLS)
+            case TSIP_KEY_TYPE_ECDSAP256:
+
+                tuc->ClientEccP256PubKey_set = 0;
+                err = R_TSIP_GenerateEccP256PublicKeyIndex(
+                                    provisioning_key, iv, (uint8_t*)encPubKey,
+                                    &(tuc->EcdsaP256PublicKeyIdx));
+                if (err == TSIP_SUCCESS) {
+                    tuc->ClientEccP256PubKey_set = 1;
+                }
+                else {
+                    ret = WC_HW_E;
+                }
+                break;
+        #endif
+
+            default:
+                ret = BAD_FUNC_ARG;
+                break;
+        }
+        tsip_hw_unlock();
+    }
+    else {
+        WOLFSSL_MSG("mutex locking error");
+    }
+    WOLFSSL_LEAVE("tsipImportPublicKey", ret);
+    return ret;
+}
 /*
 * lock hw engine.
 * this should be called before using engine.
@@ -2488,7 +2580,7 @@ WOLFSSL_LOCAL void tsip_hw_unlock(void)
 {
     tsip_CryptHwMutexUnLock(&tsip_mutex);
 }
-
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
 /* check if tsip tls functions can be used for the cipher      */
 /* return  :1 when tsip can be used , 0 not be used.           */
 int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
@@ -2584,7 +2676,7 @@ int tsip_usable(const WOLFSSL *ssl, uint8_t session_key_generated)
     WOLFSSL_LEAVE("tsip_usable", ret);
     return ret;
 }
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
 
 /* open TSIP driver
@@ -2598,13 +2690,13 @@ WOLFSSL_LOCAL int tsip_Open(void)
 
     if ((ret = tsip_hw_lock()) == 0) {
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=109)
+#if defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=109)
 
         ret = R_TSIP_Open(NULL,NULL);
         if (ret != TSIP_SUCCESS) {
             WOLFSSL_MSG("RENESAS TSIP Open failed");
         }
-
+    #if defined(WOLFSSL_RENESAS_TSIP_TLS)
         if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
 
             ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
@@ -2634,14 +2726,14 @@ WOLFSSL_LOCAL int tsip_Open(void)
                 g_CAscm_Idx = (uint32_t)-1;
             }
         }
-
-#elif defined(WOLFSSL_RENESAS_TSIP_TLS) && (WOLFSSL_RENESAS_TSIP_VER>=106)
+    #endif
+#elif defined(WOLFSSL_RENESAS_TSIP) && (WOLFSSL_RENESAS_TSIP_VER>=106)
 
         ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
         if (ret != TSIP_SUCCESS) {
             WOLFSSL_MSG("RENESAS TSIP Open failed");
         }
-
+       #if defined(WOLFSSL_RENESAS_TLS)
         /* generate TLS Rsa public key for Certificate verification */
         if (ret == TSIP_SUCCESS && g_user_key_info.encrypted_user_tls_key) {
             ret = R_TSIP_GenerateTlsRsaPublicKeyIndex(
@@ -2668,6 +2760,7 @@ WOLFSSL_LOCAL int tsip_Open(void)
                 g_CAscm_Idx = (uint32_t)-1;
             }
         }
+    #endif
 #else
         ret = R_TSIP_Open((uint32_t*)s_flash, s_inst1, s_inst2);
         if (ret != TSIP_SUCCESS) {
@@ -2707,16 +2800,30 @@ WOLFSSL_LOCAL void tsip_Close(void)
     WOLFSSL_LEAVE("tsip_Close", 0);
 }
 
-/* Support functions for TSIP TLS Capability */
-#if defined(WOLFSSL_RENESAS_TSIP_TLS)
-
-/* to inform ca certificate sign */
-/* signature format expects RSA 2048 PSS with SHA256 */
-void tsip_inform_cert_sign(const byte *sign)
+int wc_tsip_GenerateRandBlock(byte* output, word32 sz)
 {
-    if (sign)
-        ca_cert_sig = sign;
+    /* Generate PRNG based on NIST SP800-90A AES CTR-DRBG */
+    int ret = 0;
+    word32 buffer[4];
+
+    while (sz > 0) {
+        word32 len = sizeof(buffer);
+
+        if (sz < len) {
+            len = sz;
+        }
+        /* return 4 words random number*/
+        ret = R_TSIP_GenerateRandomNumber((uint32_t*)buffer);
+        if(ret == TSIP_SUCCESS) {
+            XMEMCPY(output, &buffer, len);
+            output += len;
+            sz -= len;
+         } else
+            return ret;
+    }
+    return ret;
 }
+
 #if (WOLFSSL_RENESAS_TSIP_VER>=109)
 void tsip_inform_user_keys_ex(
     byte*     encrypted_provisioning_key,
@@ -2767,8 +2874,16 @@ void tsip_inform_user_keys(
 }
 #endif
 
+/* Support functions for TSIP TLS Capability */
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
 
-
+/* to inform ca certificate sign */
+/* signature format expects RSA 2048 PSS with SHA256 */
+void tsip_inform_cert_sign(const byte *sign)
+{
+    if (sign)
+        ca_cert_sig = sign;
+}
 /* Sha1Hmac */
 int wc_tsip_Sha1HmacGenerate(
         const WOLFSSL *ssl,
@@ -3552,15 +3667,20 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
 
     WOLFSSL_ENTER("tsip_SignRsaPkcs");
 
-    if (info == NULL || tuc == NULL || tuc->ssl == NULL) {
+    if (info == NULL || tuc == NULL 
+    #ifndef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+    || tuc->ssl == NULL
+    #endif
+    ) {
             ret = BAD_FUNC_ARG;
     }
-
+    
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
     if (ret == 0) {
         ssl = tuc->ssl;
 
         if (ssl->version.major == SSLv3_MAJOR &&
-            ssl->version.minor == TLSv1_3_MINOR) {       
+            ssl->version.minor == TLSv1_3_MINOR) {
             ret = CRYPTOCB_UNAVAILABLE;
         }
     }
@@ -3570,6 +3690,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
         ret = tsipImportPrivateKey(tuc, tuc->wrappedKeyType);
     }
 
+    
     if (ret == 0) {
         if (ssl->options.hashAlgo == md5_mac)
             tsip_hash_type = R_TSIP_RSA_HASH_MD5;
@@ -3578,23 +3699,83 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
         else if (ssl->options.hashAlgo == sha256_mac)
             tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
         else
-            ret = CRYPTOCB_UNAVAILABLE; 
+            ret = CRYPTOCB_UNAVAILABLE;
     }
-
+#else
+    (void)ssl;
+    
     if (ret == 0) {
+       if (tuc->sing_hash_type == md5_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_MD5;
+       else if (tuc->sing_hash_type == sha_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_SHA1;
+       else if (tuc->sing_hash_type == sha256_mac)
+           tsip_hash_type = R_TSIP_RSA_HASH_SHA256;
+       else
+           ret = CRYPTOCB_UNAVAILABLE;
+    }
+    
+    switch (tuc->wrappedKeyType) {
+        case TSIP_KEY_TYPE_RSA1024:
+            if (tuc->keyflgs_crypt.bits.rsapri1024_key_set != 1)
+            {
+                WOLFSSL_MSG("tsip rsa private key 2048 not set");
+                    ret = CRYPTOCB_UNAVAILABLE;
+            }
+            break;
+        case TSIP_KEY_TYPE_RSA2048:
+            if (tuc->keyflgs_crypt.bits.rsapri2048_key_set != 1)
+            {
+                WOLFSSL_MSG("tsip rsa private key 2048 not set");
+                    ret = CRYPTOCB_UNAVAILABLE;
+            }
+            break;
+        default:
+            WOLFSSL_MSG("wrapped private key is not supported");
+            ret = CRYPTOCB_UNAVAILABLE;
+            break;
+    }
+    
+#endif
+    
+    if (ret == 0) {
+       #ifdef WOLFSSL_RENESAS_TSIP_TLS
         hashData.pdata      = (uint8_t*)ssl->buffers.digest.buffer;
         hashData.data_type  = 1;
         sigData.pdata       = (uint8_t*)info->pk.rsa.in;
         sigData.data_length = 0; /* signature size will be returned here */
-
+       #else
+        hashData.pdata      = (uint8_t*)info->pk.rsa.in;
+        hashData.data_length= info->pk.rsa.inLen;
+        hashData.data_type  = tuc->keyflgs_crypt.bits.message_type;
+        sigData.pdata       = (uint8_t*)info->pk.rsa.out;
+        sigData.data_length = 0;
+       #endif
         if ((ret = tsip_hw_lock()) == 0) {
             switch (tuc->wrappedKeyType) {
-                
+            #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+                case TSIP_KEY_TYPE_RSA1024:
+                    err = R_TSIP_RsassaPkcs1024SignatureGenerate(
+                                                &hashData, &sigData,
+                                       (tsip_rsa1024_private_key_index_t*)
+                                                tuc->rsa1024pri_keyIdx,
+                                                tsip_hash_type);
+
+                    if (err != TSIP_SUCCESS) {
+                        ret = WC_HW_E; 
+                    }
+                    break;
+            #endif
                 case TSIP_KEY_TYPE_RSA2048:
 
                     err = R_TSIP_RsassaPkcs2048SignatureGenerate(
                                                 &hashData, &sigData,
+                                   #ifdef WOLFSSL_RENESAS_TSIP_TLS
                                                 &tuc->Rsa2048PrivateKeyIdx,
+                                   #else
+                                       (tsip_rsa2048_private_key_index_t*)
+                                                tuc->rsa2048pri_keyIdx,
+                                   #endif
                                                 tsip_hash_type);
 
                     if (err != TSIP_SUCCESS) {
@@ -3624,7 +3805,7 @@ WOLFSSL_LOCAL int tsip_SignRsaPkcs(wc_CryptoInfo* info, TsipUserCtx* tuc)
 }
 #endif /* !NO_RSA */
 
-#if !defined(NO_RSA)
+#if !defined(NO_RSA) && defined(WOLFSSL_RENESAS_TSIP_TLS)
 WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
                         WOLFSSL* ssl, 
                         unsigned char* sig, unsigned int sigSz,
@@ -3647,7 +3828,7 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
     }
 
     if (ssl->version.major == SSLv3_MAJOR &&
-        ssl->version.minor == TLSv1_3_MINOR) {        
+        ssl->version.minor == TLSv1_3_MINOR) {
         ret = CRYPTOCB_UNAVAILABLE;
     }
 
@@ -3719,9 +3900,9 @@ WOLFSSL_LOCAL int tsip_VerifyRsaPkcsCb(
     WOLFSSL_LEAVE("tsip_VerifyRsaPkcsCb", ret);
     return ret;
 }
-#endif /* !NO_RSA */
+#endif /* !NO_RSA && TSIP_TLS */
 
-#if defined(HAVE_ECC)
+#if defined(HAVE_ECC) && defined(WOLFSSL_RENESAS_TSIP_TLS)
 /*   Perform signing with the client's ECC private key on hash value of messages
  *   exchanged with server. 
  *
@@ -3761,7 +3942,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
         ssl = tuc->ssl;
 
         if (ssl->version.major == SSLv3_MAJOR &&
-            ssl->version.minor == TLSv1_3_MINOR) {        
+            ssl->version.minor == TLSv1_3_MINOR) {
             ret = CRYPTOCB_UNAVAILABLE;
         }
     }
@@ -3861,7 +4042,7 @@ WOLFSSL_LOCAL int tsip_SignEcdsa(wc_CryptoInfo* info, TsipUserCtx* tuc)
     WOLFSSL_LEAVE("tsip_SignEcdsa", ret);
     return ret;
 }
-#endif /* HAVE_ECC */
+#endif /* HAVE_ECC && TSIP_TLS */
 
 
 #ifdef WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
index 66bbf9c0..27ee88f6 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/af_alg/afalg_aes.c
@@ -58,6 +58,14 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
     byte* key = (byte*)aes->key;
 #endif
 
+    if (aes->alFd <= 0) {
+        aes->alFd = wc_Afalg_Socket();
+        if (aes->alFd < 0) {
+            WOLFSSL_MSG("Unable to open an AF_ALG socket");
+            return WC_AFALG_SOCK_E;
+        }
+    }
+
     aes->rdFd = wc_Afalg_CreateRead(aes->alFd, type, name);
     if (aes->rdFd < 0) {
         WOLFSSL_MSG("Unable to accept and get AF_ALG read socket");
@@ -71,7 +79,11 @@ static int wc_AesSetup(Aes* aes, const char* type, const char* name, int ivSz, i
         aes->rdFd = WC_SOCK_NOTSET;
         return WC_AFALG_SOCK_E;
     }
+#ifdef WOLFSSL_AFALG_XILINX_AES
+    ForceZero(key, sizeof(aes->msgBuf));
+#else
     ForceZero(key, sizeof(aes->key));
+#endif
 
     /* set up CMSG headers */
     XMEMSET((byte*)&(aes->msg), 0, sizeof(struct msghdr));
@@ -669,7 +681,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
         XMEMCPY(initalCounter, iv, ivSz);
         initalCounter[AES_BLOCK_SIZE - 1] = 1;
-        GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+        GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0) {
             return ret;
@@ -822,7 +834,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         XMEMCPY(initalCounter, iv, ivSz);
         initalCounter[AES_BLOCK_SIZE - 1] = 1;
         tag = buf;
-        GHASH(aes, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_BLOCK_SIZE);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0)
             return ret;
@@ -874,7 +886,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 
     /* check on tag */
     if (authIn != NULL && authInSz > 0) {
-        GHASH(aes, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_BLOCK_SIZE);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0)
             return ret;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c
new file mode 100644
index 00000000..202ae8b3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-crypt.c
@@ -0,0 +1,298 @@
+/* aria-crypt.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher, an encryption algorithm
+developed by the Korean Agency for Technology (KATS). It uses a 128-bit block
+size and a key size of 128, 192, or 256 bits.
+
+*/
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/aes.h>
+#include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#include <wolfssl/error-ssl.h>
+#include <wolfssl/ssl.h>
+
+/* return 0 on success or WC_INIT_E on failure */
+int wc_AriaInitCrypt(wc_Aria* aria, MC_ALGID algo)
+{
+    MC_RV rv = MC_OK;
+
+    MC_APIMODE gApimode = MC_MODE_KCMV;
+    MC_ALGMODE algMode = MC_ALGMODE_GCM;
+    MC_PADTYPE algPad = MC_PADTYPE_NONE;
+
+    if (aria == NULL)
+        return BAD_FUNC_ARG;
+
+    if (rv == MC_OK)
+        rv = MC_Initialize(NULL);
+
+    if (rv == MC_OK)
+        rv = wc_AriaFreeCrypt(aria);
+
+    if (rv == MC_OK)
+        rv = MC_OpenSession(&(aria->hSession));
+
+    if (rv == MC_OK)
+        rv = MC_SetApiMode(aria->hSession, gApimode);
+
+    if (rv == MC_OK)
+        rv = MC_SetOption(aria->hSession, algMode, algPad);
+
+    if (rv == MC_OK) {
+        aria->algo = algo;
+        XMEMSET(aria->nonce,0,sizeof(aria->nonce));
+        aria->nonceSz = 0;
+    }
+
+    if (rv != MC_OK) {
+        if (aria->hSession != NULL) {
+            MC_CloseSession(aria->hSession);
+            aria->hSession = NULL;
+        }
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return WC_INIT_E;
+    }
+    return 0;
+}
+
+/* return 0 on success or BAD_STATE_E on failure */
+int wc_AriaFreeCrypt(wc_Aria* aria)
+{
+    MC_RV rv = MC_OK;
+
+    if (aria == NULL)
+        return 0;
+
+    if (aria->hKey != NULL) {
+        if (rv == MC_OK) rv = MC_DestroyObject(aria->hSession, aria->hKey);
+        if (rv == MC_OK) aria->hKey = NULL;
+    }
+    if (aria->hSession != NULL) {
+        if (rv == MC_OK) rv = MC_CloseSession(aria->hSession);
+        if (rv == MC_OK) aria->hSession = NULL;
+    }
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_STATE_E;
+    }
+    return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG/PUBLIC_KEY_E on failure */
+int wc_AriaSetKey(wc_Aria* aria, byte* key)
+{
+    MC_RV rv = MC_OK;
+    MC_UINT keylen;
+    if (aria->algo == MC_ALGID_ARIA_128BITKEY) {
+        keylen = ARIA_128_KEY_SIZE;
+    } else if (aria->algo == MC_ALGID_ARIA_192BITKEY) {
+        keylen = ARIA_192_KEY_SIZE;
+    } else if (aria->algo == MC_ALGID_ARIA_256BITKEY) {
+        keylen = ARIA_256_KEY_SIZE;
+    } else {
+        WOLFSSL_MSG_EX("Unsupported algorithm: %d", aria->algo);
+        return PUBLIC_KEY_E;
+    }
+
+    if (aria->hKey != NULL) {
+        if (rv == MC_OK)
+            rv = MC_DestroyObject(aria->hSession, aria->hKey);
+        if (rv == MC_OK)
+            aria->hKey = NULL;
+    }
+    if (rv == MC_OK)
+        rv = MC_CreateObject(aria->hSession, (MC_UCHAR*)key, keylen, &(aria->hKey));
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_FUNC_ARG;
+    }
+    return 0;
+}
+
+static WARN_UNUSED_RESULT WC_INLINE int CheckAriaGcmIvSize(int ivSz) {
+    return (ivSz == GCM_NONCE_MIN_SZ ||
+            ivSz == GCM_NONCE_MID_SZ ||
+            ivSz == GCM_NONCE_MAX_SZ);
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaGcmSetExtIV(wc_Aria* aria, const byte* iv, word32 ivSz)
+{
+    int ret = 0;
+
+    if (aria == NULL || iv == NULL || !CheckAriaGcmIvSize((int)ivSz)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == 0) {
+        XMEMCPY((byte*)aria->nonce, iv, ivSz);
+        aria->nonceSz = ivSz;
+    }
+
+    return ret;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaGcmSetIV(wc_Aria* aria, word32 ivSz,
+                const byte* ivFixed, word32 ivFixedSz,
+                WC_RNG* rng)
+{
+    int ret = 0;
+
+    if (aria == NULL || rng == NULL || !CheckAriaGcmIvSize((int)ivSz) ||
+        (ivFixed == NULL && ivFixedSz != 0) ||
+        (ivFixed != NULL && ivFixedSz != AES_IV_FIXED_SZ)) {
+        ret = BAD_FUNC_ARG;
+    }
+
+    if (ret == 0) {
+        byte* iv = (byte*)aria->nonce;
+
+        if (ivFixedSz)
+            XMEMCPY(iv, ivFixed, ivFixedSz);
+
+        ret = wc_RNG_GenerateBlock(rng, iv + ivFixedSz, ivSz - ivFixedSz);
+    }
+
+    if (ret == 0) {
+        aria->nonceSz = ivSz;
+    }
+
+    return ret;
+}
+
+/* 'out' buffer is expected to be 'inSz + authTagSz'
+    * return 0 on success or BAD_FUNC_ARG/ENCRYPT_ERROR on failure */
+int wc_AriaEncrypt(wc_Aria* aria, byte* out, byte* in, word32 inSz,
+                        byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+                        byte* authTag, word32 authTagSz)
+{
+    MC_RV rv = MC_OK;
+
+    MC_ALGPARAM param;
+    MC_UINT outSz = inSz + authTagSz;
+    MC_ALGORITHM mcAlg;
+    XMEMSET(&param,0,sizeof(MC_ALGPARAM));
+    param.pNonce = iv;
+    param.pAData = aad;
+    param.nNonce = ivSz;
+    param.nAData = aadSz;
+    param.nTLen = authTagSz;
+    param.nDataLen = inSz;
+    XMEMSET(&mcAlg,0,sizeof(MC_ALGORITHM));
+    mcAlg.mcAlgId = aria->algo;
+    mcAlg.pParam = (MC_UCHAR*)&param;
+    mcAlg.nParam = sizeof(param);
+
+    if (authTag == NULL || iv == NULL || authTagSz > ARIA_BLOCK_SIZE ||
+                authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
+                ivSz == 0 || ivSz > ARIA_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+    if (out == NULL || in == NULL || inSz == 0) {
+        return BAD_FUNC_ARG;
+    }
+    if (out <= in + inSz && in <= out + inSz) { /* check for overlapping range */
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_EncryptInit(aria->hSession, &mcAlg, aria->hKey);
+
+    if (rv == MC_OK)
+        rv = MC_Encrypt(aria->hSession, in, inSz, out, &outSz);
+
+    if (rv == MC_OK)
+        XMEMCPY(authTag, out + inSz, authTagSz);
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return ENCRYPT_ERROR;
+    }
+    return 0;
+}
+
+/* 'in' buffer is expected to be 'inSz + authTagSz'
+    * return 0 on success or BAD_FUNC_ARG/ENCRYPT_ERROR on failure */
+int wc_AriaDecrypt(wc_Aria* aria, byte* out, byte* in, word32 inSz,
+                        byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+                        byte* authTag, word32 authTagSz)
+{
+    MC_RV rv = MC_OK;
+
+    MC_ALGPARAM param;
+    MC_UINT outSz = inSz;
+    MC_ALGORITHM mcAlg;
+    XMEMSET(&param,0,sizeof(MC_ALGPARAM));
+    param.pNonce = iv;
+    param.pAData = aad;
+    param.nNonce = ivSz;
+    param.nAData = aadSz;
+    param.nTLen = authTagSz;
+    param.nDataLen = inSz;
+    XMEMSET(&mcAlg,0,sizeof(MC_ALGORITHM));
+    mcAlg.mcAlgId = aria->algo;
+    mcAlg.pParam = (MC_UCHAR*)&param;
+    mcAlg.nParam = sizeof(param);
+
+    if (authTag == NULL || iv == NULL || authTagSz > ARIA_BLOCK_SIZE ||
+                authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ ||
+                ivSz == 0 || ivSz > ARIA_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+    if (out == NULL || in == NULL || inSz == 0) {
+        return BAD_FUNC_ARG;
+    }
+    if (out <= in + inSz && in <= out + inSz) { /* check for overlapping range */
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_DecryptInit(aria->hSession, &mcAlg, aria->hKey);
+
+    if (rv == MC_OK) {
+        XMEMCPY((byte*)in + inSz, authTag, authTagSz);
+        inSz += authTagSz;
+    }
+    if (rv == MC_OK)
+        rv = MC_Decrypt(aria->hSession, in, inSz, out, &outSz);
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return DECRYPT_ERROR;
+    }
+    return 0;
+}
+#endif /* HAVE_ARIA */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c
new file mode 100644
index 00000000..e52509a5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/aria/aria-cryptocb.c
@@ -0,0 +1,599 @@
+/* aria-cryptocb.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher, an encryption algorithm
+developed by the Korean Agency for Technology (KATS). It uses a 128-bit block
+size and a key size of 128, 192, or 256 bits.
+
+*/
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef HAVE_ARIA
+
+#include <wolfssl/ssl.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/ecc.h>
+#include <wolfssl/wolfcrypt/asn_public.h>
+#include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+
+int wc_AriaInit(void)
+{
+    MC_RV rv = MC_OK;
+    static char isInit = 0;
+
+    if (isInit == 0) {
+        if (rv == MC_OK)
+            rv = MC_Initialize(NULL);
+        if (rv == MC_OK)
+            isInit = 1;
+
+        #ifdef WOLF_CRYPTO_CB
+        if (rv == MC_OK) {
+            rv = wc_CryptoDev_RegisterDevice(WOLFSSL_ARIA_DEVID, wc_AriaCryptoCb, NULL);
+        }
+        #endif
+    }
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return WC_INIT_E;
+    }
+    return 0;
+}
+
+/* return 0 on success or WC_INIT_E on failure */
+int wc_AriaInitSha(MC_HSESSION* hSession, MC_ALGID algo)
+{
+    MC_RV rv = MC_OK;
+
+    MC_APIMODE gApimode = MC_MODE_KCMV;
+    MC_ALGORITHM mcAlg = {algo, NULL, 0};
+
+    WOLFSSL_MSG_EX("AriaInitSha(0x%X)",algo);
+
+    if (hSession == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = wc_AriaInit();
+
+    if (rv == MC_OK)
+        rv = MC_OpenSession(hSession);
+
+    if (rv == MC_OK)
+        rv = MC_SetApiMode(*hSession, gApimode);
+
+    if (rv == MC_OK)
+        rv = MC_DigestInit(*hSession, &mcAlg);
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return WC_INIT_E;
+    }
+    return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaShaUpdate(MC_HSESSION hSession, byte* data, word32 len)
+{
+    MC_RV rv = MC_OK;
+    WOLFSSL_ENTER("AriaShaUpdate");
+
+    if (data == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_DigestUpdate(hSession, data, len);
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_FUNC_ARG;
+    }
+    return 0;
+}
+
+/* return 0 on success or BAD_FUNC_ARG on failure */
+int wc_AriaShaFinal(MC_HSESSION hSession, byte* out, word32* len)
+{
+    MC_RV rv = MC_OK;
+    WOLFSSL_ENTER("AriaShaFinal");
+
+    if (out == NULL || len == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    /* Do an extra DigestUpdate noop just in case it is never explicitly called. */
+    if (rv == MC_OK)
+        rv = MC_DigestUpdate(hSession, NULL, 0);
+
+    if (rv == MC_OK)
+        rv = MC_DigestFinal(hSession, out, len);
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_FUNC_ARG;
+    }
+    /* WOLFSSL_MSG_EX("Digest len: %d", *len); */
+    return 0;
+}
+
+/* return 0 on success or BAD_STATE_E on failure */
+int wc_AriaFree(MC_HSESSION* hSession, MC_HOBJECT *obj1)
+{
+    MC_RV rv = MC_OK;
+    WOLFSSL_ENTER("AriaFree");
+
+    if (hSession == NULL && obj1 != NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (obj1 != NULL) {
+        if (rv == MC_OK)
+            rv = MC_DestroyObject(*hSession, *obj1);
+        if (rv == MC_OK)
+            *obj1 = NULL;
+    }
+
+    if (hSession != NULL) {
+        if (rv == MC_OK)
+            rv = MC_CloseSession(*hSession);
+        if (rv == MC_OK)
+            *hSession = NULL;
+    }
+
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_STATE_E;
+    }
+    return 0;
+}
+
+int wc_AriaSign(byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key)
+{
+    MC_HOBJECT hPrikey = 0;
+    MC_HSESSION hSession = 0;
+
+    const ecc_set_type* dp;
+    MC_RV rv = MC_OK;
+
+    MC_APIMODE gApimode = MC_MODE_KCMV;
+    MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+    byte keyAsn1[ARIA_KEYASN1_MAXSZ];
+    word32 keyAsn1Sz=(word32)sizeof(keyAsn1);
+
+    WOLFSSL_ENTER("AriaSign");
+
+    if (in == NULL || out == NULL || outSz == NULL || key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = wc_AriaInit();
+
+    if (rv == MC_OK)
+        rv = MC_OpenSession(&hSession);
+
+    if (rv == MC_OK)
+        rv = MC_SetApiMode(hSession, gApimode);
+
+    if (rv == MC_OK) {
+        int ret = wc_BuildEccKeyDer(key,keyAsn1,&keyAsn1Sz,0,0);
+        if (ret < 0) { rv = ret; }
+        else { keyAsn1Sz = ret; }
+    }
+
+    WOLFSSL_MSG_EX("AriaSign key(%d):",keyAsn1Sz);
+    WOLFSSL_BUFFER(keyAsn1,keyAsn1Sz);
+
+    WOLFSSL_MSG_EX("AriaSign rv=%d",rv);
+
+    if (key->dp != NULL) {
+        dp = key->dp;
+    }
+    else {
+        dp = wc_ecc_get_curve_params(key->idx);
+    }
+
+    if (dp->id == ECC_SECP256R1) {
+        mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P256_r1;
+    } else if (dp->id == ECC_SECP224R1) {
+        mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P224_12;
+    } else {
+        rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_CreateObject(hSession, keyAsn1, keyAsn1Sz, &hPrikey);
+    WOLFSSL_MSG_EX("AriaSign CreateObject rv=%d",rv);
+
+    if (rv == MC_OK)
+        rv = MC_SignInit(hSession, &mcAlg, hPrikey);
+    WOLFSSL_MSG_EX("AriaSign SignInit rv=%d",rv);
+
+    if (rv == MC_OK)
+        rv = MC_Sign(hSession, in, inSz, out, outSz);
+    WOLFSSL_MSG_EX("AriaSign Sign rv=%d",rv);
+
+    wc_AriaFree(&hSession, &hPrikey);
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_STATE_E;
+    }
+    return 0;
+}
+
+int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz,
+        int* res, ecc_key* key)
+{
+    MC_HOBJECT hPubkey = 0;
+    MC_HSESSION hSession = 0;
+
+    const ecc_set_type* dp;
+    MC_RV rv = MC_OK;
+
+    MC_APIMODE gApimode = MC_MODE_KCMV;
+    MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+    byte keyarr[ARIA_KEYASN1_MAXSZ];
+    word32 keySz=sizeof(keyarr);
+
+    WOLFSSL_ENTER("AriaVerify");
+
+    if (sig == NULL || hash == NULL || res == NULL || key == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    *res = 0; /* Default to invalid signature */
+
+    if (rv == MC_OK)
+        rv = wc_AriaInit();
+
+    if (rv == MC_OK)
+        rv = MC_OpenSession(&hSession);
+
+    if (rv == MC_OK)
+        rv = MC_SetApiMode(hSession, gApimode);
+
+    if (rv == MC_OK) {
+        int ret = wc_EccPublicKeyToDer(key,keyarr,keySz,0);
+        if (ret < 0) { rv = ret; }
+        else { keySz = ret; }
+    }
+
+    WOLFSSL_MSG_EX("AriaVerify key(%d):",keySz);
+    WOLFSSL_BUFFER(keyarr,keySz);
+
+    WOLFSSL_MSG_EX("AriaVerify rv=%d",rv);
+
+    if (key->dp != NULL) {
+        dp = key->dp;
+    }
+    else {
+        dp = wc_ecc_get_curve_params(key->idx);
+    }
+
+    if (dp->id == ECC_SECP256R1) {
+        mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P256_r1;
+    } else if (dp->id == ECC_SECP224R1) {
+        mcAlg.mcAlgId = MC_ALGID_SHA256WithECDSA_P224_12;
+    } else {
+        rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_CreateObject(hSession, keyarr, keySz, &hPubkey);
+    WOLFSSL_MSG_EX("AriaVerify CreateObject rv=%d",rv);
+
+    if (rv == MC_OK)
+        rv = MC_VerifyInit(hSession, &mcAlg, hPubkey);
+    WOLFSSL_MSG_EX("AriaVerify VerifyInit rv=%d",rv);
+
+    if (rv == MC_OK)
+        rv = MC_Verify(hSession, hash, hashSz, sig, sigSz);
+    WOLFSSL_MSG_EX("AriaVerify Verify rv=%d",rv);
+
+    wc_AriaFree(&hSession, &hPubkey);
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_STATE_E;
+    }
+    *res = 1; /* Valid signature */
+    return 0;
+}
+
+int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key,
+        byte* out, word32* outSz)
+{
+    MC_HOBJECT hPrikey = 0;
+    MC_HSESSION hSession = 0;
+
+    const ecc_set_type* dp;
+    MC_RV rv = MC_OK;
+
+    MC_APIMODE gApimode = MC_MODE_KCMV;
+    MC_ALGORITHM mcAlg = {MC_ALGID_NONE, NULL, 0};
+    byte pubAsn1[ARIA_KEYASN1_MAXSZ];
+    word32 pubAsn1Sz=sizeof(pubAsn1);
+    byte privAsn1[ARIA_KEYASN1_MAXSZ];
+    word32 privAsn1Sz=sizeof(privAsn1);
+
+    WOLFSSL_ENTER("AriaDerive");
+
+    if (private_key == NULL || public_key == NULL ||
+            out == NULL || outSz == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (rv == MC_OK)
+        rv = wc_AriaInit();
+
+    if (rv == MC_OK)
+        rv = MC_OpenSession(&hSession);
+
+    if (rv == MC_OK)
+        rv = MC_SetApiMode(hSession, gApimode);
+
+    if (rv == MC_OK) {
+        int ret = wc_EccPublicKeyToDer(public_key,pubAsn1,pubAsn1Sz,0);
+        if (ret < 0) {
+            rv = ret;
+        } else {
+            pubAsn1Sz = ret;
+        }
+        WOLFSSL_MSG_EX("AriaDerive PublicKeyToDer ret=%d",ret);
+    }
+    WOLFSSL_MSG_EX("AriaVerify pubAsn1(%d):",pubAsn1Sz);
+    WOLFSSL_BUFFER(pubAsn1,pubAsn1Sz);
+    mcAlg.pParam=pubAsn1;
+    mcAlg.nParam=pubAsn1Sz;
+
+    if (rv == MC_OK) {
+        int ret = wc_BuildEccKeyDer(private_key,privAsn1,&privAsn1Sz,0,0);
+        if (ret < 0) {
+            rv = ret;
+        } else {
+            privAsn1Sz = ret;
+        }
+        WOLFSSL_MSG_EX("AriaDerive PrivateKeyToDer ret=%d",ret);
+    }
+    WOLFSSL_MSG_EX("AriaVerify privAsn1(%d):",privAsn1Sz);
+    WOLFSSL_BUFFER(privAsn1,privAsn1Sz);
+
+    if (private_key->dp != NULL) {
+        dp = private_key->dp;
+    }
+    else {
+        dp = wc_ecc_get_curve_params(private_key->idx);
+    }
+
+    if (dp->id == ECC_SECP256R1) {
+        mcAlg.mcAlgId = MC_ALGID_ECDH_P256_r1;
+    } else if (dp->id == ECC_SECP224R1) {
+        mcAlg.mcAlgId = MC_ALGID_ECDH_P224_12;
+    } else {
+        rv = MC_ERR_UNSUPPORTED_ALGORITHM;
+    }
+
+    if (rv == MC_OK)
+        rv = MC_CreateObject(hSession, privAsn1, privAsn1Sz, &hPrikey);
+    WOLFSSL_MSG_EX("AriaDerive CreateObject rv=%d",rv);
+
+    if (rv == MC_OK)
+        rv = MC_DeriveKey(hSession, &mcAlg, hPrikey, out, outSz);
+    WOLFSSL_MSG_EX("AriaDerive DeriveKey rv=%d",rv);
+
+    wc_AriaFree(&hSession, &hPrikey);
+    if (rv != MC_OK) {
+        WOLFSSL_MSG(MC_GetErrorString(rv));
+        return BAD_STATE_E;
+    }
+    return 0;
+}
+
+#ifdef WOLF_CRYPTO_CB
+    static void printOutput(const char* strName, unsigned char* data,
+            unsigned int dataSz)
+    {
+        #ifdef DEBUG_WOLFSSL
+        WOLFSSL_MSG_EX("%s (%d):", strName,dataSz);
+        WOLFSSL_BUFFER(data,dataSz);
+        #else
+        #if 0
+            unsigned int i;
+            int line = 1;
+
+            printf("%s:\n",strName);
+            printf("    ");
+            for(i=1; i<=dataSz; i++)
+            {
+                printf(",0x%02X", data[i-1]);
+                if(!(i%16) && i!= dataSz) printf("\n    ");
+                else if(!(i%4)) printf(" ");
+            }
+            printf("\n");
+        #else
+            (void)strName;
+            (void)data;
+            (void)dataSz;
+        #endif
+        #endif
+    }
+
+    int wc_AriaCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
+    {
+        int ret = CRYPTOCB_UNAVAILABLE; /* return this to bypass HW and use SW */
+        (void)ctx;
+
+        if (info == NULL)
+            return BAD_FUNC_ARG;
+
+    #ifdef DEBUG_CRYPTOCB
+        wc_CryptoCb_InfoString(info);
+    #endif
+
+        if (info->algo_type == WC_ALGO_TYPE_PK) {
+            if (info->pk.type == WC_PK_TYPE_ECDSA_SIGN) {
+                /* set devId to invalid, so software is used */
+                info->pk.eccsign.key->devId = INVALID_DEVID;
+
+                printOutput((char *)"eccsign.in (before)",
+                            (byte *)info->pk.eccsign.in,info->pk.eccsign.inlen);
+                printOutput((char *)"eccsign.out(before)",
+                            (byte *)info->pk.eccsign.out,*(info->pk.eccsign.outlen));
+                printOutput((char *)"eccsign.key(before)",
+                            (byte *)info->pk.eccsign.key,sizeof(info->pk.eccsign.key));
+
+                byte buf[ARIA_KEYASN1_MAXSZ];
+                word32 bufSz = sizeof(buf);
+                ret = wc_AriaSign((byte *)info->pk.eccsign.in,info->pk.eccsign.inlen,
+                            buf,&bufSz,
+                            info->pk.eccsign.key);
+                if (ret != 0) {
+                    ret = CRYPTOCB_UNAVAILABLE;
+                } else {
+                    memcpy(info->pk.eccsign.out, buf, bufSz);
+                    *(info->pk.eccsign.outlen) = bufSz;
+                }
+
+                printOutput((char *)"eccsign.in (after)",
+                            (byte *)info->pk.eccsign.in,info->pk.eccsign.inlen);
+                printOutput((char *)"eccsign.out(after)",
+                            (byte *)info->pk.eccsign.out,*(info->pk.eccsign.outlen));
+                printOutput((char *)"eccsign.key(after)",
+                            (byte *)info->pk.eccsign.key,sizeof(info->pk.eccsign.key));
+
+                /* reset devId */
+                info->pk.eccsign.key->devId = devIdArg;
+            }
+            else if (info->pk.type == WC_PK_TYPE_ECDSA_VERIFY) {
+                /* set devId to invalid, so software is used */
+                info->pk.eccverify.key->devId = INVALID_DEVID;
+
+                printOutput((char *)"eccverify.sig (before)",
+                            (byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen);
+                printOutput((char *)"eccverify.hash(before)",
+                            (byte *)info->pk.eccverify.hash,info->pk.eccverify.hashlen);
+                printOutput((char *)"eccverify.key (before)",
+                            (byte *)info->pk.eccverify.key,sizeof(info->pk.eccverify.key));
+
+                ret = wc_AriaVerify((byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen,
+                                (byte *)info->pk.eccverify.hash, info->pk.eccverify.hashlen,
+                                info->pk.eccverify.res, info->pk.eccverify.key);
+
+                printOutput((char *)"eccverify.sig (after)",
+                            (byte *)info->pk.eccverify.sig,info->pk.eccverify.siglen);
+                printOutput((char *)"eccverify.hash(after)",
+                            (byte *)info->pk.eccverify.hash,info->pk.eccverify.hashlen);
+                printOutput((char *)"eccverify.key (after)",
+                            (byte *)info->pk.eccverify.key,sizeof(info->pk.eccverify.key));
+
+                if (ret != 0)
+                    ret = CRYPTOCB_UNAVAILABLE;
+                /* reset devId */
+                info->pk.eccverify.key->devId = devIdArg;
+            }
+            else if (info->pk.type == WC_PK_TYPE_ECDH) {
+                /* set devId to invalid, so software is used */
+                info->pk.ecdh.private_key->devId = INVALID_DEVID;
+
+                ret = wc_AriaDerive(
+                    info->pk.ecdh.private_key, info->pk.ecdh.public_key,
+                    info->pk.ecdh.out, info->pk.ecdh.outlen);
+
+                if (ret != 0)
+                    ret = CRYPTOCB_UNAVAILABLE;
+                /* reset devId */
+                info->pk.ecdh.private_key->devId = devIdArg;
+            }
+        }
+        else if (info->algo_type == WC_ALGO_TYPE_HASH) {
+            if (info->hash.type == WC_HASH_TYPE_SHA256) {
+                if (info->hash.sha256 == NULL)
+                    return CRYPTOCB_UNAVAILABLE;
+
+                /* set devId to invalid, so software is used */
+                info->hash.sha256->devId = INVALID_DEVID;
+
+                if (info->hash.sha256->hSession == NULL) {
+                    ret = wc_AriaInitSha(&(info->hash.sha256->hSession), MC_ALGID_SHA256);
+                }
+
+                if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                    && (info->hash.in != NULL)) {
+                    ret = wc_AriaShaUpdate(info->hash.sha256->hSession,
+                                        (byte *) info->hash.in, info->hash.inSz);
+                }
+                if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                    && (info->hash.digest != NULL)) {
+                    MC_UINT digestSz = 32;
+                    ret = wc_AriaShaFinal(info->hash.sha256->hSession,
+                                        info->hash.digest, &digestSz);
+                    if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                        ret = wc_AriaFree(&(info->hash.sha256->hSession),NULL);
+                }
+                if (ret != 0)
+                    ret = CRYPTOCB_UNAVAILABLE;
+                /* reset devId */
+                info->hash.sha256->devId = devIdArg;
+            }
+            else if (info->hash.type == WC_HASH_TYPE_SHA384) {
+                if (info->hash.sha384 == NULL)
+                    return CRYPTOCB_UNAVAILABLE;
+
+                /* set devId to invalid, so software is used */
+                info->hash.sha384->devId = INVALID_DEVID;
+
+                if (info->hash.sha384->hSession == NULL) {
+                    ret = wc_AriaInitSha(&(info->hash.sha384->hSession), MC_ALGID_SHA384);
+                }
+
+                if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                    && (info->hash.in != NULL)) {
+                    ret = wc_AriaShaUpdate(info->hash.sha384->hSession,
+                                        (byte *) info->hash.in, info->hash.inSz);
+                }
+                if (((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                    && (info->hash.digest != NULL)) {
+                    MC_UINT digestSz = 48;
+                    ret = wc_AriaShaFinal(info->hash.sha384->hSession,
+                                        info->hash.digest, &digestSz);
+                    if ((ret == 0) || (ret == CRYPTOCB_UNAVAILABLE))
+                        ret = wc_AriaFree(&(info->hash.sha384->hSession),NULL);
+                }
+                if (ret != 0) ret = CRYPTOCB_UNAVAILABLE;
+                /* reset devId */
+                info->hash.sha384->devId = devIdArg;
+            }
+        }
+
+        return ret;
+    }
+#endif /* WOLF_CRYPTO_CB */
+
+#endif /* HAVE_ARIA */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
index b6d71723..12578411 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.S
@@ -30,12 +30,278 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
+#ifndef NO_AES
+#ifdef HAVE_AES_DECRYPT
 	.text
-	.type	L_AES_ARM32_te, %object
-	.size	L_AES_ARM32_te, 1024
+	.type	L_AES_ARM32_td_data, %object
+	.size	L_AES_ARM32_td_data, 1024
 	.align	4
-L_AES_ARM32_te:
+L_AES_ARM32_td_data:
+	.word	0x5051f4a7
+	.word	0x537e4165
+	.word	0xc31a17a4
+	.word	0x963a275e
+	.word	0xcb3bab6b
+	.word	0xf11f9d45
+	.word	0xabacfa58
+	.word	0x934be303
+	.word	0x552030fa
+	.word	0xf6ad766d
+	.word	0x9188cc76
+	.word	0x25f5024c
+	.word	0xfc4fe5d7
+	.word	0xd7c52acb
+	.word	0x80263544
+	.word	0x8fb562a3
+	.word	0x49deb15a
+	.word	0x6725ba1b
+	.word	0x9845ea0e
+	.word	0xe15dfec0
+	.word	0x2c32f75
+	.word	0x12814cf0
+	.word	0xa38d4697
+	.word	0xc66bd3f9
+	.word	0xe7038f5f
+	.word	0x9515929c
+	.word	0xebbf6d7a
+	.word	0xda955259
+	.word	0x2dd4be83
+	.word	0xd3587421
+	.word	0x2949e069
+	.word	0x448ec9c8
+	.word	0x6a75c289
+	.word	0x78f48e79
+	.word	0x6b99583e
+	.word	0xdd27b971
+	.word	0xb6bee14f
+	.word	0x17f088ad
+	.word	0x66c920ac
+	.word	0xb47dce3a
+	.word	0x1863df4a
+	.word	0x82e51a31
+	.word	0x60975133
+	.word	0x4562537f
+	.word	0xe0b16477
+	.word	0x84bb6bae
+	.word	0x1cfe81a0
+	.word	0x94f9082b
+	.word	0x58704868
+	.word	0x198f45fd
+	.word	0x8794de6c
+	.word	0xb7527bf8
+	.word	0x23ab73d3
+	.word	0xe2724b02
+	.word	0x57e31f8f
+	.word	0x2a6655ab
+	.word	0x7b2eb28
+	.word	0x32fb5c2
+	.word	0x9a86c57b
+	.word	0xa5d33708
+	.word	0xf2302887
+	.word	0xb223bfa5
+	.word	0xba02036a
+	.word	0x5ced1682
+	.word	0x2b8acf1c
+	.word	0x92a779b4
+	.word	0xf0f307f2
+	.word	0xa14e69e2
+	.word	0xcd65daf4
+	.word	0xd50605be
+	.word	0x1fd13462
+	.word	0x8ac4a6fe
+	.word	0x9d342e53
+	.word	0xa0a2f355
+	.word	0x32058ae1
+	.word	0x75a4f6eb
+	.word	0x390b83ec
+	.word	0xaa4060ef
+	.word	0x65e719f
+	.word	0x51bd6e10
+	.word	0xf93e218a
+	.word	0x3d96dd06
+	.word	0xaedd3e05
+	.word	0x464de6bd
+	.word	0xb591548d
+	.word	0x571c45d
+	.word	0x6f0406d4
+	.word	0xff605015
+	.word	0x241998fb
+	.word	0x97d6bde9
+	.word	0xcc894043
+	.word	0x7767d99e
+	.word	0xbdb0e842
+	.word	0x8807898b
+	.word	0x38e7195b
+	.word	0xdb79c8ee
+	.word	0x47a17c0a
+	.word	0xe97c420f
+	.word	0xc9f8841e
+	.word	0x0
+	.word	0x83098086
+	.word	0x48322bed
+	.word	0xac1e1170
+	.word	0x4e6c5a72
+	.word	0xfbfd0eff
+	.word	0x560f8538
+	.word	0x1e3daed5
+	.word	0x27362d39
+	.word	0x640a0fd9
+	.word	0x21685ca6
+	.word	0xd19b5b54
+	.word	0x3a24362e
+	.word	0xb10c0a67
+	.word	0xf9357e7
+	.word	0xd2b4ee96
+	.word	0x9e1b9b91
+	.word	0x4f80c0c5
+	.word	0xa261dc20
+	.word	0x695a774b
+	.word	0x161c121a
+	.word	0xae293ba
+	.word	0xe5c0a02a
+	.word	0x433c22e0
+	.word	0x1d121b17
+	.word	0xb0e090d
+	.word	0xadf28bc7
+	.word	0xb92db6a8
+	.word	0xc8141ea9
+	.word	0x8557f119
+	.word	0x4caf7507
+	.word	0xbbee99dd
+	.word	0xfda37f60
+	.word	0x9ff70126
+	.word	0xbc5c72f5
+	.word	0xc544663b
+	.word	0x345bfb7e
+	.word	0x768b4329
+	.word	0xdccb23c6
+	.word	0x68b6edfc
+	.word	0x63b8e4f1
+	.word	0xcad731dc
+	.word	0x10426385
+	.word	0x40139722
+	.word	0x2084c611
+	.word	0x7d854a24
+	.word	0xf8d2bb3d
+	.word	0x11aef932
+	.word	0x6dc729a1
+	.word	0x4b1d9e2f
+	.word	0xf3dcb230
+	.word	0xec0d8652
+	.word	0xd077c1e3
+	.word	0x6c2bb316
+	.word	0x99a970b9
+	.word	0xfa119448
+	.word	0x2247e964
+	.word	0xc4a8fc8c
+	.word	0x1aa0f03f
+	.word	0xd8567d2c
+	.word	0xef223390
+	.word	0xc787494e
+	.word	0xc1d938d1
+	.word	0xfe8ccaa2
+	.word	0x3698d40b
+	.word	0xcfa6f581
+	.word	0x28a57ade
+	.word	0x26dab78e
+	.word	0xa43fadbf
+	.word	0xe42c3a9d
+	.word	0xd507892
+	.word	0x9b6a5fcc
+	.word	0x62547e46
+	.word	0xc2f68d13
+	.word	0xe890d8b8
+	.word	0x5e2e39f7
+	.word	0xf582c3af
+	.word	0xbe9f5d80
+	.word	0x7c69d093
+	.word	0xa96fd52d
+	.word	0xb3cf2512
+	.word	0x3bc8ac99
+	.word	0xa710187d
+	.word	0x6ee89c63
+	.word	0x7bdb3bbb
+	.word	0x9cd2678
+	.word	0xf46e5918
+	.word	0x1ec9ab7
+	.word	0xa8834f9a
+	.word	0x65e6956e
+	.word	0x7eaaffe6
+	.word	0x821bccf
+	.word	0xe6ef15e8
+	.word	0xd9bae79b
+	.word	0xce4a6f36
+	.word	0xd4ea9f09
+	.word	0xd629b07c
+	.word	0xaf31a4b2
+	.word	0x312a3f23
+	.word	0x30c6a594
+	.word	0xc035a266
+	.word	0x37744ebc
+	.word	0xa6fc82ca
+	.word	0xb0e090d0
+	.word	0x1533a7d8
+	.word	0x4af10498
+	.word	0xf741ecda
+	.word	0xe7fcd50
+	.word	0x2f1791f6
+	.word	0x8d764dd6
+	.word	0x4d43efb0
+	.word	0x54ccaa4d
+	.word	0xdfe49604
+	.word	0xe39ed1b5
+	.word	0x1b4c6a88
+	.word	0xb8c12c1f
+	.word	0x7f466551
+	.word	0x49d5eea
+	.word	0x5d018c35
+	.word	0x73fa8774
+	.word	0x2efb0b41
+	.word	0x5ab3671d
+	.word	0x5292dbd2
+	.word	0x33e91056
+	.word	0x136dd647
+	.word	0x8c9ad761
+	.word	0x7a37a10c
+	.word	0x8e59f814
+	.word	0x89eb133c
+	.word	0xeecea927
+	.word	0x35b761c9
+	.word	0xede11ce5
+	.word	0x3c7a47b1
+	.word	0x599cd2df
+	.word	0x3f55f273
+	.word	0x791814ce
+	.word	0xbf73c737
+	.word	0xea53f7cd
+	.word	0x5b5ffdaa
+	.word	0x14df3d6f
+	.word	0x867844db
+	.word	0x81caaff3
+	.word	0x3eb968c4
+	.word	0x2c382434
+	.word	0x5fc2a340
+	.word	0x72161dc3
+	.word	0xcbce225
+	.word	0x8b283c49
+	.word	0x41ff0d95
+	.word	0x7139a801
+	.word	0xde080cb3
+	.word	0x9cd8b4e4
+	.word	0x906456c1
+	.word	0x617bcb84
+	.word	0x70d532b6
+	.word	0x74486c5c
+	.word	0x42d0b857
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.type	L_AES_ARM32_te_data, %object
+	.size	L_AES_ARM32_te_data, 1024
+	.align	4
+L_AES_ARM32_te_data:
 	.word	0xa5c66363
 	.word	0x84f87c7c
 	.word	0x99ee7777
@@ -292,273 +558,231 @@ L_AES_ARM32_te:
 	.word	0xfca85454
 	.word	0xd66dbbbb
 	.word	0x3a2c1616
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
 	.text
 	.type	L_AES_ARM32_td, %object
-	.size	L_AES_ARM32_td, 1024
+	.size	L_AES_ARM32_td, 12
 	.align	4
 L_AES_ARM32_td:
-	.word	0x5051f4a7
-	.word	0x537e4165
-	.word	0xc31a17a4
-	.word	0x963a275e
-	.word	0xcb3bab6b
-	.word	0xf11f9d45
-	.word	0xabacfa58
-	.word	0x934be303
-	.word	0x552030fa
-	.word	0xf6ad766d
-	.word	0x9188cc76
-	.word	0x25f5024c
-	.word	0xfc4fe5d7
-	.word	0xd7c52acb
-	.word	0x80263544
-	.word	0x8fb562a3
-	.word	0x49deb15a
-	.word	0x6725ba1b
-	.word	0x9845ea0e
-	.word	0xe15dfec0
-	.word	0x2c32f75
-	.word	0x12814cf0
-	.word	0xa38d4697
-	.word	0xc66bd3f9
-	.word	0xe7038f5f
-	.word	0x9515929c
-	.word	0xebbf6d7a
-	.word	0xda955259
-	.word	0x2dd4be83
-	.word	0xd3587421
-	.word	0x2949e069
-	.word	0x448ec9c8
-	.word	0x6a75c289
-	.word	0x78f48e79
-	.word	0x6b99583e
-	.word	0xdd27b971
-	.word	0xb6bee14f
-	.word	0x17f088ad
-	.word	0x66c920ac
-	.word	0xb47dce3a
-	.word	0x1863df4a
-	.word	0x82e51a31
-	.word	0x60975133
-	.word	0x4562537f
-	.word	0xe0b16477
-	.word	0x84bb6bae
-	.word	0x1cfe81a0
-	.word	0x94f9082b
-	.word	0x58704868
-	.word	0x198f45fd
-	.word	0x8794de6c
-	.word	0xb7527bf8
-	.word	0x23ab73d3
-	.word	0xe2724b02
-	.word	0x57e31f8f
-	.word	0x2a6655ab
-	.word	0x7b2eb28
-	.word	0x32fb5c2
-	.word	0x9a86c57b
-	.word	0xa5d33708
-	.word	0xf2302887
-	.word	0xb223bfa5
-	.word	0xba02036a
-	.word	0x5ced1682
-	.word	0x2b8acf1c
-	.word	0x92a779b4
-	.word	0xf0f307f2
-	.word	0xa14e69e2
-	.word	0xcd65daf4
-	.word	0xd50605be
-	.word	0x1fd13462
-	.word	0x8ac4a6fe
-	.word	0x9d342e53
-	.word	0xa0a2f355
-	.word	0x32058ae1
-	.word	0x75a4f6eb
-	.word	0x390b83ec
-	.word	0xaa4060ef
-	.word	0x65e719f
-	.word	0x51bd6e10
-	.word	0xf93e218a
-	.word	0x3d96dd06
-	.word	0xaedd3e05
-	.word	0x464de6bd
-	.word	0xb591548d
-	.word	0x571c45d
-	.word	0x6f0406d4
-	.word	0xff605015
-	.word	0x241998fb
-	.word	0x97d6bde9
-	.word	0xcc894043
-	.word	0x7767d99e
-	.word	0xbdb0e842
-	.word	0x8807898b
-	.word	0x38e7195b
-	.word	0xdb79c8ee
-	.word	0x47a17c0a
-	.word	0xe97c420f
-	.word	0xc9f8841e
-	.word	0x0
-	.word	0x83098086
-	.word	0x48322bed
-	.word	0xac1e1170
-	.word	0x4e6c5a72
-	.word	0xfbfd0eff
-	.word	0x560f8538
-	.word	0x1e3daed5
-	.word	0x27362d39
-	.word	0x640a0fd9
-	.word	0x21685ca6
-	.word	0xd19b5b54
-	.word	0x3a24362e
-	.word	0xb10c0a67
-	.word	0xf9357e7
-	.word	0xd2b4ee96
-	.word	0x9e1b9b91
-	.word	0x4f80c0c5
-	.word	0xa261dc20
-	.word	0x695a774b
-	.word	0x161c121a
-	.word	0xae293ba
-	.word	0xe5c0a02a
-	.word	0x433c22e0
-	.word	0x1d121b17
-	.word	0xb0e090d
-	.word	0xadf28bc7
-	.word	0xb92db6a8
-	.word	0xc8141ea9
-	.word	0x8557f119
-	.word	0x4caf7507
-	.word	0xbbee99dd
-	.word	0xfda37f60
-	.word	0x9ff70126
-	.word	0xbc5c72f5
-	.word	0xc544663b
-	.word	0x345bfb7e
-	.word	0x768b4329
-	.word	0xdccb23c6
-	.word	0x68b6edfc
-	.word	0x63b8e4f1
-	.word	0xcad731dc
-	.word	0x10426385
-	.word	0x40139722
-	.word	0x2084c611
-	.word	0x7d854a24
-	.word	0xf8d2bb3d
-	.word	0x11aef932
-	.word	0x6dc729a1
-	.word	0x4b1d9e2f
-	.word	0xf3dcb230
-	.word	0xec0d8652
-	.word	0xd077c1e3
-	.word	0x6c2bb316
-	.word	0x99a970b9
-	.word	0xfa119448
-	.word	0x2247e964
-	.word	0xc4a8fc8c
-	.word	0x1aa0f03f
-	.word	0xd8567d2c
-	.word	0xef223390
-	.word	0xc787494e
-	.word	0xc1d938d1
-	.word	0xfe8ccaa2
-	.word	0x3698d40b
-	.word	0xcfa6f581
-	.word	0x28a57ade
-	.word	0x26dab78e
-	.word	0xa43fadbf
-	.word	0xe42c3a9d
-	.word	0xd507892
-	.word	0x9b6a5fcc
-	.word	0x62547e46
-	.word	0xc2f68d13
-	.word	0xe890d8b8
-	.word	0x5e2e39f7
-	.word	0xf582c3af
-	.word	0xbe9f5d80
-	.word	0x7c69d093
-	.word	0xa96fd52d
-	.word	0xb3cf2512
-	.word	0x3bc8ac99
-	.word	0xa710187d
-	.word	0x6ee89c63
-	.word	0x7bdb3bbb
-	.word	0x9cd2678
-	.word	0xf46e5918
-	.word	0x1ec9ab7
-	.word	0xa8834f9a
-	.word	0x65e6956e
-	.word	0x7eaaffe6
-	.word	0x821bccf
-	.word	0xe6ef15e8
-	.word	0xd9bae79b
-	.word	0xce4a6f36
-	.word	0xd4ea9f09
-	.word	0xd629b07c
-	.word	0xaf31a4b2
-	.word	0x312a3f23
-	.word	0x30c6a594
-	.word	0xc035a266
-	.word	0x37744ebc
-	.word	0xa6fc82ca
-	.word	0xb0e090d0
-	.word	0x1533a7d8
-	.word	0x4af10498
-	.word	0xf741ecda
-	.word	0xe7fcd50
-	.word	0x2f1791f6
-	.word	0x8d764dd6
-	.word	0x4d43efb0
-	.word	0x54ccaa4d
-	.word	0xdfe49604
-	.word	0xe39ed1b5
-	.word	0x1b4c6a88
-	.word	0xb8c12c1f
-	.word	0x7f466551
-	.word	0x49d5eea
-	.word	0x5d018c35
-	.word	0x73fa8774
-	.word	0x2efb0b41
-	.word	0x5ab3671d
-	.word	0x5292dbd2
-	.word	0x33e91056
-	.word	0x136dd647
-	.word	0x8c9ad761
-	.word	0x7a37a10c
-	.word	0x8e59f814
-	.word	0x89eb133c
-	.word	0xeecea927
-	.word	0x35b761c9
-	.word	0xede11ce5
-	.word	0x3c7a47b1
-	.word	0x599cd2df
-	.word	0x3f55f273
-	.word	0x791814ce
-	.word	0xbf73c737
-	.word	0xea53f7cd
-	.word	0x5b5ffdaa
-	.word	0x14df3d6f
-	.word	0x867844db
-	.word	0x81caaff3
-	.word	0x3eb968c4
-	.word	0x2c382434
-	.word	0x5fc2a340
-	.word	0x72161dc3
-	.word	0xcbce225
-	.word	0x8b283c49
-	.word	0x41ff0d95
-	.word	0x7139a801
-	.word	0xde080cb3
-	.word	0x9cd8b4e4
-	.word	0x906456c1
-	.word	0x617bcb84
-	.word	0x70d532b6
-	.word	0x74486c5c
-	.word	0x42d0b857
-#ifndef NO_AES
+	.word	L_AES_ARM32_td_data
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.type	L_AES_ARM32_te, %object
+	.size	L_AES_ARM32_te, 12
+	.align	4
+L_AES_ARM32_te:
+	.word	L_AES_ARM32_te_data
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+	.text
+	.align	4
+	.globl	AES_invert_key
+	.type	AES_invert_key, %function
+AES_invert_key:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	adr	r12, L_AES_ARM32_te
+	ldr	r12, [r12]
+	adr	lr, L_AES_ARM32_td
+	ldr	lr, [lr]
+	add	r10, r0, r1, lsl #4
+	mov	r11, r1
+L_AES_invert_key_loop:
+	ldm	r0, {r2, r3, r4, r5}
+	ldm	r10, {r6, r7, r8, r9}
+	stm	r10, {r2, r3, r4, r5}
+	stm	r0!, {r6, r7, r8, r9}
+	subs	r11, r11, #2
+	sub	r10, r10, #16
+	bne	L_AES_invert_key_loop
+	sub	r0, r0, r1, lsl #3
+	add	r0, r0, #16
+	sub	r11, r1, #1
+L_AES_invert_key_mix_loop:
+	ldm	r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r2, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r2
+#endif
+#else
+	ubfx	r6, r2, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r2, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r2, ror #8
+#endif
+#else
+	ubfx	r7, r2, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r2, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r2, ror #16
+#endif
+#else
+	ubfx	r8, r2, #16, #8
+#endif
+	lsr	r9, r2, #24
+	ldrb	r6, [r12, r6, lsl #2]
+	ldrb	r7, [r12, r7, lsl #2]
+	ldrb	r8, [r12, r8, lsl #2]
+	ldrb	r9, [r12, r9, lsl #2]
+	ldr	r6, [lr, r6, lsl #2]
+	ldr	r7, [lr, r7, lsl #2]
+	ldr	r8, [lr, r8, lsl #2]
+	ldr	r9, [lr, r9, lsl #2]
+	eor	r8, r8, r6, ror #16
+	eor	r8, r8, r7, ror #8
+	eor	r8, r8, r9, ror #24
+	str	r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r3, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r3
+#endif
+#else
+	ubfx	r6, r3, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r3, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r3, ror #8
+#endif
+#else
+	ubfx	r7, r3, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r3, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r3, ror #16
+#endif
+#else
+	ubfx	r8, r3, #16, #8
+#endif
+	lsr	r9, r3, #24
+	ldrb	r6, [r12, r6, lsl #2]
+	ldrb	r7, [r12, r7, lsl #2]
+	ldrb	r8, [r12, r8, lsl #2]
+	ldrb	r9, [r12, r9, lsl #2]
+	ldr	r6, [lr, r6, lsl #2]
+	ldr	r7, [lr, r7, lsl #2]
+	ldr	r8, [lr, r8, lsl #2]
+	ldr	r9, [lr, r9, lsl #2]
+	eor	r8, r8, r6, ror #16
+	eor	r8, r8, r7, ror #8
+	eor	r8, r8, r9, ror #24
+	str	r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r4, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r4
+#endif
+#else
+	ubfx	r6, r4, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r4, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r4, ror #8
+#endif
+#else
+	ubfx	r7, r4, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r4, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r4, ror #16
+#endif
+#else
+	ubfx	r8, r4, #16, #8
+#endif
+	lsr	r9, r4, #24
+	ldrb	r6, [r12, r6, lsl #2]
+	ldrb	r7, [r12, r7, lsl #2]
+	ldrb	r8, [r12, r8, lsl #2]
+	ldrb	r9, [r12, r9, lsl #2]
+	ldr	r6, [lr, r6, lsl #2]
+	ldr	r7, [lr, r7, lsl #2]
+	ldr	r8, [lr, r8, lsl #2]
+	ldr	r9, [lr, r9, lsl #2]
+	eor	r8, r8, r6, ror #16
+	eor	r8, r8, r7, ror #8
+	eor	r8, r8, r9, ror #24
+	str	r8, [r0], #4
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r5, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r5
+#endif
+#else
+	ubfx	r6, r5, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r5, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r5, ror #8
+#endif
+#else
+	ubfx	r7, r5, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r5, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r5, ror #16
+#endif
+#else
+	ubfx	r8, r5, #16, #8
+#endif
+	lsr	r9, r5, #24
+	ldrb	r6, [r12, r6, lsl #2]
+	ldrb	r7, [r12, r7, lsl #2]
+	ldrb	r8, [r12, r8, lsl #2]
+	ldrb	r9, [r12, r9, lsl #2]
+	ldr	r6, [lr, r6, lsl #2]
+	ldr	r7, [lr, r7, lsl #2]
+	ldr	r8, [lr, r8, lsl #2]
+	ldr	r9, [lr, r9, lsl #2]
+	eor	r8, r8, r6, ror #16
+	eor	r8, r8, r7, ror #8
+	eor	r8, r8, r9, ror #24
+	str	r8, [r0], #4
+	subs	r11, r11, #1
+	bne	L_AES_invert_key_mix_loop
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	AES_invert_key,.-AES_invert_key
+#endif /* HAVE_AES_DECRYPT */
 	.text
-	.type	L_AES_SEK_ARM32_rcon, %object
-	.size	L_AES_SEK_ARM32_rcon, 40
+	.type	L_AES_ARM32_rcon, %object
+	.size	L_AES_ARM32_rcon, 40
 	.align	4
-L_AES_SEK_ARM32_rcon:
+L_AES_ARM32_rcon:
 	.word	0x1000000
 	.word	0x2000000
 	.word	0x4000000
@@ -575,62 +799,132 @@ L_AES_SEK_ARM32_rcon:
 	.type	AES_set_encrypt_key, %function
 AES_set_encrypt_key:
 	push	{r4, r5, r6, r7, r8, lr}
-	adr	r4, AES_set_encrypt_key
-	mov	r8, #AES_set_encrypt_key-L_AES_ARM32_te
-	sub	r8, r4, r8
-	adr	lr, L_AES_SEK_ARM32_rcon
+	adr	r8, L_AES_ARM32_te
+	ldr	r8, [r8]
+	adr	lr, L_AES_ARM32_rcon
 	cmp	r1, #0x80
 	beq	L_AES_set_encrypt_key_start_128
 	cmp	r1, #0xc0
 	beq	L_AES_set_encrypt_key_start_192
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	# REV r4, r4
+	eor	r3, r4, r4, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r4, r4, #8
+	eor	r4, r4, r3, lsr #8
+	# REV r5, r5
+	eor	r3, r5, r5, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r5, r5, #8
+	eor	r5, r5, r3, lsr #8
+	# REV r6, r6
+	eor	r3, r6, r6, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r6, r6, #8
+	eor	r6, r6, r3, lsr #8
+	# REV r7, r7
+	eor	r3, r7, r7, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r7, r7, #8
+	eor	r7, r7, r3, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	stm	r2!, {r4, r5, r6, r7}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	# REV r4, r4
+	eor	r3, r4, r4, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r4, r4, #8
+	eor	r4, r4, r3, lsr #8
+	# REV r5, r5
+	eor	r3, r5, r5, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r5, r5, #8
+	eor	r5, r5, r3, lsr #8
+	# REV r6, r6
+	eor	r3, r6, r6, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r6, r6, #8
+	eor	r6, r6, r3, lsr #8
+	# REV r7, r7
+	eor	r3, r7, r7, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r7, r7, #8
+	eor	r7, r7, r3, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	stm	r2, {r4, r5, r6, r7}
 	sub	r2, r2, #16
 	mov	r12, #6
 L_AES_set_encrypt_key_loop_256:
-	mov	r3, r7
-	mov	r7, #0xff
-	and	r5, r7, r3, lsr #8
-	and	r4, r7, r3
-	and	r6, r7, r3, lsr #16
-	lsr	r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r7, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r7
+#endif
+#else
+	ubfx	r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r7, #16
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r7, ror #8
+#endif
+#else
+	ubfx	r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r7, #8
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r7, ror #16
+#endif
+#else
+	ubfx	r6, r7, #16, #8
+#endif
+	lsr	r7, r7, #24
 	ldrb	r4, [r8, r4, lsl #2]
-	ldrb	r6, [r8, r6, lsl #2]
 	ldrb	r5, [r8, r5, lsl #2]
-	ldrb	r3, [r8, r3, lsl #2]
-	eor	r3, r3, r4, lsl #8
+	ldrb	r6, [r8, r6, lsl #2]
+	ldrb	r7, [r8, r7, lsl #2]
+	eor	r3, r7, r4, lsl #8
 	eor	r3, r3, r5, lsl #16
 	eor	r3, r3, r6, lsl #24
 	ldm	r2!, {r4, r5, r6, r7}
@@ -644,11 +938,37 @@ L_AES_set_encrypt_key_loop_256:
 	stm	r2, {r4, r5, r6, r7}
 	sub	r2, r2, #16
 	mov	r3, r7
-	mov	r7, #0xff
-	and	r4, r7, r3, lsr #8
-	and	r5, r7, r3, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r3, #16
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r3, ror #8
+#endif
+#else
+	ubfx	r4, r3, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r3, #8
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r3, ror #16
+#endif
+#else
+	ubfx	r5, r3, #16, #8
+#endif
 	lsr	r6, r3, #24
-	and	r3, r7, r3
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r3, r3, #24
+	lsr	r3, r3, #24
+#else
+	uxtb	r3, r3
+#endif
+#else
+	ubfx	r3, r3, #0, #8
+#endif
 	ldrb	r4, [r8, r4, lsl #2]
 	ldrb	r6, [r8, r6, lsl #2]
 	ldrb	r5, [r8, r5, lsl #2]
@@ -666,17 +986,42 @@ L_AES_set_encrypt_key_loop_256:
 	sub	r2, r2, #16
 	subs	r12, r12, #1
 	bne	L_AES_set_encrypt_key_loop_256
-	mov	r3, r7
-	mov	r7, #0xff
-	and	r5, r7, r3, lsr #8
-	and	r4, r7, r3
-	and	r6, r7, r3, lsr #16
-	lsr	r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r7, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r7
+#endif
+#else
+	ubfx	r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r7, #16
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r7, ror #8
+#endif
+#else
+	ubfx	r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r7, #8
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r7, ror #16
+#endif
+#else
+	ubfx	r6, r7, #16, #8
+#endif
+	lsr	r7, r7, #24
 	ldrb	r4, [r8, r4, lsl #2]
-	ldrb	r6, [r8, r6, lsl #2]
 	ldrb	r5, [r8, r5, lsl #2]
-	ldrb	r3, [r8, r3, lsl #2]
-	eor	r3, r3, r4, lsl #8
+	ldrb	r6, [r8, r6, lsl #2]
+	ldrb	r7, [r8, r7, lsl #2]
+	eor	r3, r7, r4, lsl #8
 	eor	r3, r3, r5, lsl #16
 	eor	r3, r3, r6, lsl #24
 	ldm	r2!, {r4, r5, r6, r7}
@@ -691,32 +1036,65 @@ L_AES_set_encrypt_key_loop_256:
 	sub	r2, r2, #16
 	b	L_AES_set_encrypt_key_end
 L_AES_set_encrypt_key_start_192:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r1, [r0, #20]
 	ldr	r0, [r0, #16]
 #else
 	ldrd	r0, r1, [r0, #16]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	# REV r4, r4
+	eor	r3, r4, r4, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r4, r4, #8
+	eor	r4, r4, r3, lsr #8
+	# REV r5, r5
+	eor	r3, r5, r5, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r5, r5, #8
+	eor	r5, r5, r3, lsr #8
+	# REV r6, r6
+	eor	r3, r6, r6, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r6, r6, #8
+	eor	r6, r6, r3, lsr #8
+	# REV r7, r7
+	eor	r3, r7, r7, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r7, r7, #8
+	eor	r7, r7, r3, lsr #8
+	# REV r0, r0
+	eor	r3, r0, r0, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r0, r0, #8
+	eor	r0, r0, r3, lsr #8
+	# REV r1, r1
+	eor	r3, r1, r1, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r1, r1, #8
+	eor	r1, r1, r3, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
 	rev	r0, r0
 	rev	r1, r1
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	stm	r2, {r4, r5, r6, r7}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r0, [r2, #16]
 	str	r1, [r2, #20]
 #else
@@ -725,17 +1103,42 @@ L_AES_set_encrypt_key_start_192:
 	mov	r7, r1
 	mov	r12, #7
 L_AES_set_encrypt_key_loop_192:
-	mov	r3, r7
-	mov	r5, #0xff
-	and	r1, r5, r3, lsr #8
-	and	r0, r5, r3
-	and	r4, r5, r3, lsr #16
-	lsr	r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r0, r7, #24
+	lsr	r0, r0, #24
+#else
+	uxtb	r0, r7
+#endif
+#else
+	ubfx	r0, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r1, r7, #16
+	lsr	r1, r1, #24
+#else
+	uxtb	r1, r7, ror #8
+#endif
+#else
+	ubfx	r1, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r7, #8
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r7, ror #16
+#endif
+#else
+	ubfx	r4, r7, #16, #8
+#endif
+	lsr	r7, r7, #24
 	ldrb	r0, [r8, r0, lsl #2]
-	ldrb	r4, [r8, r4, lsl #2]
 	ldrb	r1, [r8, r1, lsl #2]
-	ldrb	r3, [r8, r3, lsl #2]
-	eor	r3, r3, r0, lsl #8
+	ldrb	r4, [r8, r4, lsl #2]
+	ldrb	r7, [r8, r7, lsl #2]
+	eor	r3, r7, r0, lsl #8
 	eor	r3, r3, r1, lsl #16
 	eor	r3, r3, r4, lsl #24
 	ldm	r2!, {r0, r1, r4, r5, r6, r7}
@@ -750,17 +1153,42 @@ L_AES_set_encrypt_key_loop_192:
 	stm	r2, {r0, r1, r4, r5, r6, r7}
 	subs	r12, r12, #1
 	bne	L_AES_set_encrypt_key_loop_192
-	mov	r3, r7
-	mov	r5, #0xff
-	and	r1, r5, r3, lsr #8
-	and	r0, r5, r3
-	and	r4, r5, r3, lsr #16
-	lsr	r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r0, r7, #24
+	lsr	r0, r0, #24
+#else
+	uxtb	r0, r7
+#endif
+#else
+	ubfx	r0, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r1, r7, #16
+	lsr	r1, r1, #24
+#else
+	uxtb	r1, r7, ror #8
+#endif
+#else
+	ubfx	r1, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r7, #8
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r7, ror #16
+#endif
+#else
+	ubfx	r4, r7, #16, #8
+#endif
+	lsr	r7, r7, #24
 	ldrb	r0, [r8, r0, lsl #2]
-	ldrb	r4, [r8, r4, lsl #2]
 	ldrb	r1, [r8, r1, lsl #2]
-	ldrb	r3, [r8, r3, lsl #2]
-	eor	r3, r3, r0, lsl #8
+	ldrb	r4, [r8, r4, lsl #2]
+	ldrb	r7, [r8, r7, lsl #2]
+	eor	r3, r7, r0, lsl #8
 	eor	r3, r3, r1, lsl #16
 	eor	r3, r3, r4, lsl #24
 	ldm	r2!, {r0, r1, r4, r5, r6, r7}
@@ -773,36 +1201,84 @@ L_AES_set_encrypt_key_loop_192:
 	stm	r2, {r0, r1, r4, r5}
 	b	L_AES_set_encrypt_key_end
 L_AES_set_encrypt_key_start_128:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	# REV r4, r4
+	eor	r3, r4, r4, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r4, r4, #8
+	eor	r4, r4, r3, lsr #8
+	# REV r5, r5
+	eor	r3, r5, r5, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r5, r5, #8
+	eor	r5, r5, r3, lsr #8
+	# REV r6, r6
+	eor	r3, r6, r6, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r6, r6, #8
+	eor	r6, r6, r3, lsr #8
+	# REV r7, r7
+	eor	r3, r7, r7, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r7, r7, #8
+	eor	r7, r7, r3, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	stm	r2, {r4, r5, r6, r7}
 	mov	r12, #10
 L_AES_set_encrypt_key_loop_128:
-	mov	r3, r7
-	mov	r7, #0xff
-	and	r5, r7, r3, lsr #8
-	and	r4, r7, r3
-	and	r6, r7, r3, lsr #16
-	lsr	r3, r3, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r7, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r7
+#endif
+#else
+	ubfx	r4, r7, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r7, #16
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r7, ror #8
+#endif
+#else
+	ubfx	r5, r7, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r7, #8
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r7, ror #16
+#endif
+#else
+	ubfx	r6, r7, #16, #8
+#endif
+	lsr	r7, r7, #24
 	ldrb	r4, [r8, r4, lsl #2]
-	ldrb	r6, [r8, r6, lsl #2]
 	ldrb	r5, [r8, r5, lsl #2]
-	ldrb	r3, [r8, r3, lsl #2]
-	eor	r3, r3, r4, lsl #8
+	ldrb	r6, [r8, r6, lsl #2]
+	ldrb	r7, [r8, r7, lsl #2]
+	eor	r3, r7, r4, lsl #8
 	eor	r3, r3, r5, lsl #16
 	eor	r3, r3, r6, lsl #24
 	ldm	r2!, {r4, r5, r6, r7}
@@ -818,756 +1294,2056 @@ L_AES_set_encrypt_key_loop_128:
 L_AES_set_encrypt_key_end:
 	pop	{r4, r5, r6, r7, r8, pc}
 	.size	AES_set_encrypt_key,.-AES_set_encrypt_key
-#ifdef HAVE_AES_DECRYPT
-	.text
-	.align	4
-	.globl	AES_invert_key
-	.type	AES_invert_key, %function
-AES_invert_key:
-	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	adr	r4, AES_invert_key
-	mov	r9, #AES_invert_key-L_AES_ARM32_te
-	mov	r10, #AES_invert_key-L_AES_ARM32_td
-	sub	r9, r4, r9
-	sub	r10, r4, r10
-	add	r8, r0, r1, lsl #4
-	mov	r11, r1
-L_AES_invert_key_loop:
-	ldm	r0, {r2, r3, r12, lr}
-	ldm	r8, {r4, r5, r6, r7}
-	stm	r8, {r2, r3, r12, lr}
-	stm	r0!, {r4, r5, r6, r7}
-	subs	r11, r11, #2
-	sub	r8, r8, #16
-	bne	L_AES_invert_key_loop
-	sub	r0, r0, r1, lsl #3
-	add	r0, r0, #16
-	sub	r11, r1, #1
-	mov	r1, #0xff
-L_AES_invert_key_mix_loop:
-	ldm	r0, {r2, r3, r12, lr}
-	lsr	r4, r2, #24
-	and	r7, r1, r2
-	and	r8, r1, r2, lsr #16
-	and	r6, r1, r2, lsr #8
-	ldrb	r4, [r9, r4, lsl #2]
-	ldrb	r7, [r9, r7, lsl #2]
-	ldrb	r8, [r9, r8, lsl #2]
-	ldrb	r6, [r9, r6, lsl #2]
-	ldr	r4, [r10, r4, lsl #2]
-	ldr	r7, [r10, r7, lsl #2]
-	ldr	r8, [r10, r8, lsl #2]
-	ldr	r6, [r10, r6, lsl #2]
-	eor	r8, r8, r4, ror #24
-	eor	r8, r8, r7, ror #16
-	eor	r8, r8, r6, ror #8
-	str	r8, [r0], #4
-	lsr	r4, r3, #24
-	and	r7, r1, r3
-	and	r8, r1, r3, lsr #16
-	and	r6, r1, r3, lsr #8
-	ldrb	r4, [r9, r4, lsl #2]
-	ldrb	r7, [r9, r7, lsl #2]
-	ldrb	r8, [r9, r8, lsl #2]
-	ldrb	r6, [r9, r6, lsl #2]
-	ldr	r4, [r10, r4, lsl #2]
-	ldr	r7, [r10, r7, lsl #2]
-	ldr	r8, [r10, r8, lsl #2]
-	ldr	r6, [r10, r6, lsl #2]
-	eor	r8, r8, r4, ror #24
-	eor	r8, r8, r7, ror #16
-	eor	r8, r8, r6, ror #8
-	str	r8, [r0], #4
-	lsr	r4, r12, #24
-	and	r7, r1, r12
-	and	r8, r1, r12, lsr #16
-	and	r6, r1, r12, lsr #8
-	ldrb	r4, [r9, r4, lsl #2]
-	ldrb	r7, [r9, r7, lsl #2]
-	ldrb	r8, [r9, r8, lsl #2]
-	ldrb	r6, [r9, r6, lsl #2]
-	ldr	r4, [r10, r4, lsl #2]
-	ldr	r7, [r10, r7, lsl #2]
-	ldr	r8, [r10, r8, lsl #2]
-	ldr	r6, [r10, r6, lsl #2]
-	eor	r8, r8, r4, ror #24
-	eor	r8, r8, r7, ror #16
-	eor	r8, r8, r6, ror #8
-	str	r8, [r0], #4
-	lsr	r4, lr, #24
-	and	r7, r1, lr
-	and	r8, r1, lr, lsr #16
-	and	r6, r1, lr, lsr #8
-	ldrb	r4, [r9, r4, lsl #2]
-	ldrb	r7, [r9, r7, lsl #2]
-	ldrb	r8, [r9, r8, lsl #2]
-	ldrb	r6, [r9, r6, lsl #2]
-	ldr	r4, [r10, r4, lsl #2]
-	ldr	r7, [r10, r7, lsl #2]
-	ldr	r8, [r10, r8, lsl #2]
-	ldr	r6, [r10, r6, lsl #2]
-	eor	r8, r8, r4, ror #24
-	eor	r8, r8, r7, ror #16
-	eor	r8, r8, r6, ror #8
-	str	r8, [r0], #4
-	subs	r11, r11, #1
-	bne	L_AES_invert_key_mix_loop
-	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	AES_invert_key,.-AES_invert_key
-#endif /* HAVE_AES_DECRYPT */
-#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
 	.text
 	.align	4
 	.globl	AES_encrypt_block
 	.type	AES_encrypt_block, %function
 AES_encrypt_block:
-L_AES_encrypt_block_14:
-	push	{r2, lr}
-	ldr	lr, [sp, #12]
-	mov	r2, #6
-	b	L_AES_encrypt_block_nr
-L_AES_encrypt_block_12:
-	push	{r2, lr}
-	ldr	lr, [sp, #12]
-	mov	r2, #5
-	b	L_AES_encrypt_block_nr
-L_AES_encrypt_block_10:
-	push	{r2, lr}
-	ldr	lr, [sp, #12]
-	mov	r2, #4
+	push	{lr}
 L_AES_encrypt_block_nr:
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r5, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r5, ror #16
+#endif
+#else
+	ubfx	r8, r5, #16, #8
+#endif
 	lsr	r11, r4, #24
-	and	r1, r12, r7
-	and	r8, r12, r5, lsr #16
-	and	r0, r12, r6, lsr #8
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r8, [lr, r8, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r9, r12, r6, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r6, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r6, ror #8
+#endif
+#else
+	ubfx	lr, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r7, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r7
+#endif
+#else
+	ubfx	r2, r7, #0, #8
+#endif
+	ldr	r8, [r0, r8, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r9, r6, #8
+	lsr	r9, r9, #24
+#else
+	uxtb	r9, r6, ror #16
+#endif
+#else
+	ubfx	r9, r6, #16, #8
+#endif
 	eor	r8, r8, r11, ror #24
 	lsr	r11, r5, #24
-	eor	r8, r8, r0, ror #8
-	and	r0, r12, r7, lsr #8
-	eor	r8, r8, r1, ror #16
-	and	r1, r12, r4
-	ldr	r9, [lr, r9, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r10, r12, r7, lsr #16
+	eor	r8, r8, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r7, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r7, ror #8
+#endif
+#else
+	ubfx	lr, r7, #8, #8
+#endif
+	eor	r8, r8, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r4, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r4
+#endif
+#else
+	ubfx	r2, r4, #0, #8
+#endif
+	ldr	r9, [r0, r9, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r10, r7, #8
+	lsr	r10, r10, #24
+#else
+	uxtb	r10, r7, ror #16
+#endif
+#else
+	ubfx	r10, r7, #16, #8
+#endif
 	eor	r9, r9, r11, ror #24
 	lsr	r11, r6, #24
-	eor	r9, r9, r0, ror #8
-	and	r0, r12, r4, lsr #8
-	eor	r9, r9, r1, ror #16
-	and	r1, r12, r5
-	ldr	r10, [lr, r10, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r6, r12, r6
+	eor	r9, r9, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r4, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r4, ror #8
+#endif
+#else
+	ubfx	lr, r4, #8, #8
+#endif
+	eor	r9, r9, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r5, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r5
+#endif
+#else
+	ubfx	r2, r5, #0, #8
+#endif
+	ldr	r10, [r0, r10, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r6, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r6
+#endif
+#else
+	ubfx	r6, r6, #0, #8
+#endif
 	eor	r10, r10, r11, ror #24
-	and	r11, r12, r4, lsr #16
-	eor	r10, r10, r0, ror #8
-	lsr	r0, r7, #24
-	eor	r10, r10, r1, ror #16
-	and	r1, r12, r5, lsr #8
-	ldr	r6, [lr, r6, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r6, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r11, r4, #8
+	lsr	r11, r11, #24
+#else
+	uxtb	r11, r4, ror #16
+#endif
+#else
+	ubfx	r11, r4, #16, #8
+#endif
+	eor	r10, r10, lr, ror #8
+	lsr	lr, r7, #24
+	eor	r10, r10, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r5, #16
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r5, ror #8
+#endif
+#else
+	ubfx	r2, r5, #8, #8
+#endif
+	ldr	r6, [r0, r6, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+	eor	lr, lr, r6, ror #24
 	ldm	r3!, {r4, r5, r6, r7}
-	eor	r11, r11, r0, ror #24
-	eor	r11, r11, r1, ror #8
+	eor	r11, r11, lr, ror #24
+	eor	r11, r11, r2, ror #8
 	#   XOR in Key Schedule
 	eor	r8, r8, r4
 	eor	r9, r9, r5
 	eor	r10, r10, r6
 	eor	r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r9, #8
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r9, ror #16
+#endif
+#else
+	ubfx	r4, r9, #16, #8
+#endif
 	lsr	r7, r8, #24
-	and	r1, r12, r11
-	and	r4, r12, r9, lsr #16
-	and	r0, r12, r10, lsr #8
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r4, [lr, r4, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r5, r12, r10, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r10, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r10, ror #8
+#endif
+#else
+	ubfx	lr, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r11, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r11
+#endif
+#else
+	ubfx	r2, r11, #0, #8
+#endif
+	ldr	r4, [r0, r4, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r10, #8
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r10, ror #16
+#endif
+#else
+	ubfx	r5, r10, #16, #8
+#endif
 	eor	r4, r4, r7, ror #24
 	lsr	r7, r9, #24
-	eor	r4, r4, r0, ror #8
-	and	r0, r12, r11, lsr #8
-	eor	r4, r4, r1, ror #16
-	and	r1, r12, r8
-	ldr	r5, [lr, r5, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r6, r12, r11, lsr #16
+	eor	r4, r4, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r11, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r11, ror #8
+#endif
+#else
+	ubfx	lr, r11, #8, #8
+#endif
+	eor	r4, r4, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r8, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r8
+#endif
+#else
+	ubfx	r2, r8, #0, #8
+#endif
+	ldr	r5, [r0, r5, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r11, #8
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r11, ror #16
+#endif
+#else
+	ubfx	r6, r11, #16, #8
+#endif
 	eor	r5, r5, r7, ror #24
 	lsr	r7, r10, #24
-	eor	r5, r5, r0, ror #8
-	and	r0, r12, r8, lsr #8
-	eor	r5, r5, r1, ror #16
-	and	r1, r12, r9
-	ldr	r6, [lr, r6, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r10, r12, r10
+	eor	r5, r5, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r8, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r8, ror #8
+#endif
+#else
+	ubfx	lr, r8, #8, #8
+#endif
+	eor	r5, r5, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r9, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r9
+#endif
+#else
+	ubfx	r2, r9, #0, #8
+#endif
+	ldr	r6, [r0, r6, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r10, r10, #24
+	lsr	r10, r10, #24
+#else
+	uxtb	r10, r10
+#endif
+#else
+	ubfx	r10, r10, #0, #8
+#endif
 	eor	r6, r6, r7, ror #24
-	and	r7, r12, r8, lsr #16
-	eor	r6, r6, r0, ror #8
-	lsr	r0, r11, #24
-	eor	r6, r6, r1, ror #16
-	and	r1, r12, r9, lsr #8
-	ldr	r10, [lr, r10, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r10, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r8, #8
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r8, ror #16
+#endif
+#else
+	ubfx	r7, r8, #16, #8
+#endif
+	eor	r6, r6, lr, ror #8
+	lsr	lr, r11, #24
+	eor	r6, r6, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r9, #16
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r9, ror #8
+#endif
+#else
+	ubfx	r2, r9, #8, #8
+#endif
+	ldr	r10, [r0, r10, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+	eor	lr, lr, r10, ror #24
 	ldm	r3!, {r8, r9, r10, r11}
-	eor	r7, r7, r0, ror #24
-	eor	r7, r7, r1, ror #8
+	eor	r7, r7, lr, ror #24
+	eor	r7, r7, r2, ror #8
 	#   XOR in Key Schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	subs	r2, r2, #1
+	subs	r1, r1, #1
 	bne	L_AES_encrypt_block_nr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r5, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r5, ror #16
+#endif
+#else
+	ubfx	r8, r5, #16, #8
+#endif
 	lsr	r11, r4, #24
-	and	r1, r12, r7
-	and	r8, r12, r5, lsr #16
-	and	r0, r12, r6, lsr #8
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r8, [lr, r8, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r9, r12, r6, lsr #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r6, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r6, ror #8
+#endif
+#else
+	ubfx	lr, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r7, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r7
+#endif
+#else
+	ubfx	r2, r7, #0, #8
+#endif
+	ldr	r8, [r0, r8, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r9, r6, #8
+	lsr	r9, r9, #24
+#else
+	uxtb	r9, r6, ror #16
+#endif
+#else
+	ubfx	r9, r6, #16, #8
+#endif
 	eor	r8, r8, r11, ror #24
 	lsr	r11, r5, #24
-	eor	r8, r8, r0, ror #8
-	and	r0, r12, r7, lsr #8
-	eor	r8, r8, r1, ror #16
-	and	r1, r12, r4
-	ldr	r9, [lr, r9, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r10, r12, r7, lsr #16
+	eor	r8, r8, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r7, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r7, ror #8
+#endif
+#else
+	ubfx	lr, r7, #8, #8
+#endif
+	eor	r8, r8, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r4, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r4
+#endif
+#else
+	ubfx	r2, r4, #0, #8
+#endif
+	ldr	r9, [r0, r9, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r10, r7, #8
+	lsr	r10, r10, #24
+#else
+	uxtb	r10, r7, ror #16
+#endif
+#else
+	ubfx	r10, r7, #16, #8
+#endif
 	eor	r9, r9, r11, ror #24
 	lsr	r11, r6, #24
-	eor	r9, r9, r0, ror #8
-	and	r0, r12, r4, lsr #8
-	eor	r9, r9, r1, ror #16
-	and	r1, r12, r5
-	ldr	r10, [lr, r10, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r6, r12, r6
+	eor	r9, r9, lr, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r4, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r4, ror #8
+#endif
+#else
+	ubfx	lr, r4, #8, #8
+#endif
+	eor	r9, r9, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r5, #24
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r5
+#endif
+#else
+	ubfx	r2, r5, #0, #8
+#endif
+	ldr	r10, [r0, r10, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r6, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r6
+#endif
+#else
+	ubfx	r6, r6, #0, #8
+#endif
 	eor	r10, r10, r11, ror #24
-	and	r11, r12, r4, lsr #16
-	eor	r10, r10, r0, ror #8
-	lsr	r0, r7, #24
-	eor	r10, r10, r1, ror #16
-	and	r1, r12, r5, lsr #8
-	ldr	r6, [lr, r6, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r6, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r11, r4, #8
+	lsr	r11, r11, #24
+#else
+	uxtb	r11, r4, ror #16
+#endif
+#else
+	ubfx	r11, r4, #16, #8
+#endif
+	eor	r10, r10, lr, ror #8
+	lsr	lr, r7, #24
+	eor	r10, r10, r2, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r5, #16
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r5, ror #8
+#endif
+#else
+	ubfx	r2, r5, #8, #8
+#endif
+	ldr	r6, [r0, r6, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r2, [r0, r2, lsl #2]
+	eor	lr, lr, r6, ror #24
 	ldm	r3!, {r4, r5, r6, r7}
-	eor	r11, r11, r0, ror #24
-	eor	r11, r11, r1, ror #8
+	eor	r11, r11, lr, ror #24
+	eor	r11, r11, r2, ror #8
 	#   XOR in Key Schedule
 	eor	r8, r8, r4
 	eor	r9, r9, r5
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-	and	r7, r12, r10, lsr #8
-	lsr	r1, r8, #24
-	and	r4, r12, r11
-	and	r0, r12, r9, lsr #16
-	ldrb	r7, [lr, r7, lsl #2]
-	ldrb	r1, [lr, r1, lsl #2]
-	ldrb	r4, [lr, r4, lsl #2]
-	ldrb	r0, [lr, r0, lsl #2]
-	and	r5, r12, r8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r11, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r11
+#endif
+#else
+	ubfx	r4, r11, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r10, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r10, ror #8
+#endif
+#else
+	ubfx	r7, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r9, #8
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r9, ror #16
+#endif
+#else
+	ubfx	lr, r9, #16, #8
+#endif
+	lsr	r2, r8, #24
+	ldrb	r4, [r0, r4, lsl #2]
+	ldrb	r7, [r0, r7, lsl #2]
+	ldrb	lr, [r0, lr, lsl #2]
+	ldrb	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r8, #24
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r8
+#endif
+#else
+	ubfx	r5, r8, #0, #8
+#endif
 	eor	r4, r4, r7, lsl #8
-	and	r7, r12, r11, lsr #8
-	eor	r4, r4, r0, lsl #16
-	and	r0, r12, r10, lsr #16
-	eor	r4, r4, r1, lsl #24
-	lsr	r1, r9, #24
-	ldrb	r7, [lr, r7, lsl #2]
-	ldrb	r1, [lr, r1, lsl #2]
-	ldrb	r5, [lr, r5, lsl #2]
-	ldrb	r0, [lr, r0, lsl #2]
-	and	r6, r12, r9
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r11, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r11, ror #8
+#endif
+#else
+	ubfx	r7, r11, #8, #8
+#endif
+	eor	r4, r4, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r10, #8
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r10, ror #16
+#endif
+#else
+	ubfx	lr, r10, #16, #8
+#endif
+	eor	r4, r4, r2, lsl #24
+	lsr	r2, r9, #24
+	ldrb	r5, [r0, r5, lsl #2]
+	ldrb	r7, [r0, r7, lsl #2]
+	ldrb	lr, [r0, lr, lsl #2]
+	ldrb	r2, [r0, r2, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r9, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r9
+#endif
+#else
+	ubfx	r6, r9, #0, #8
+#endif
 	eor	r5, r5, r7, lsl #8
-	and	r7, r12, r8, lsr #8
-	eor	r5, r5, r0, lsl #16
-	and	r0, r12, r11, lsr #16
-	eor	r5, r5, r1, lsl #24
-	lsr	r1, r10, #24
-	ldrb	r7, [lr, r7, lsl #2]
-	ldrb	r1, [lr, r1, lsl #2]
-	ldrb	r6, [lr, r6, lsl #2]
-	ldrb	r0, [lr, r0, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r8, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r8, ror #8
+#endif
+#else
+	ubfx	r7, r8, #8, #8
+#endif
+	eor	r5, r5, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r11, #8
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r11, ror #16
+#endif
+#else
+	ubfx	lr, r11, #16, #8
+#endif
+	eor	r5, r5, r2, lsl #24
+	lsr	r2, r10, #24
+	ldrb	r6, [r0, r6, lsl #2]
+	ldrb	r7, [r0, r7, lsl #2]
+	ldrb	lr, [r0, lr, lsl #2]
+	ldrb	r2, [r0, r2, lsl #2]
 	lsr	r11, r11, #24
 	eor	r6, r6, r7, lsl #8
-	and	r7, r12, r10
-	eor	r6, r6, r0, lsl #16
-	and	r0, r12, r9, lsr #8
-	eor	r6, r6, r1, lsl #24
-	and	r1, r12, r8, lsr #16
-	ldrb	r11, [lr, r11, lsl #2]
-	ldrb	r0, [lr, r0, lsl #2]
-	ldrb	r7, [lr, r7, lsl #2]
-	ldrb	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r11, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r10, #24
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r10
+#endif
+#else
+	ubfx	r7, r10, #0, #8
+#endif
+	eor	r6, r6, lr, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r9, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r9, ror #8
+#endif
+#else
+	ubfx	lr, r9, #8, #8
+#endif
+	eor	r6, r6, r2, lsl #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r8, #8
+	lsr	r2, r2, #24
+#else
+	uxtb	r2, r8, ror #16
+#endif
+#else
+	ubfx	r2, r8, #16, #8
+#endif
+	ldrb	r11, [r0, r11, lsl #2]
+	ldrb	r7, [r0, r7, lsl #2]
+	ldrb	lr, [r0, lr, lsl #2]
+	ldrb	r2, [r0, r2, lsl #2]
+	eor	lr, lr, r11, lsl #16
 	ldm	r3, {r8, r9, r10, r11}
-	eor	r7, r7, r0, lsl #8
-	eor	r7, r7, r1, lsl #16
+	eor	r7, r7, lr, lsl #8
+	eor	r7, r7, r2, lsl #16
 	#   XOR in Key Schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	str	lr, [sp, #12]
-	pop	{r2, lr}
-	bx	lr
-	bx	lr
+	pop	{pc}
 	.size	AES_encrypt_block,.-AES_encrypt_block
 #if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
 	.text
+	.type	L_AES_ARM32_te_ecb, %object
+	.size	L_AES_ARM32_te_ecb, 12
+	.align	4
+L_AES_ARM32_te_ecb:
+	.word	L_AES_ARM32_te_data
+	.text
 	.align	4
 	.globl	AES_ECB_encrypt
 	.type	AES_ECB_encrypt, %function
 AES_ECB_encrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	adr	r4, AES_ECB_encrypt
-	mov	lr, #AES_ECB_encrypt-L_AES_ARM32_te
-	sub	lr, r4, lr
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_te_ecb
+	ldr	r0, [r0]
 	ldr	r12, [sp, #36]
+	push	{r3}
 	cmp	r12, #10
 	beq	L_AES_ECB_encrypt_start_block_128
 	cmp	r12, #12
 	beq	L_AES_ECB_encrypt_start_block_192
-	mov	r12, #0xff
 L_AES_ECB_encrypt_loop_block_256:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1}
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r2, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_14
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #6
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_encrypt_loop_block_256
 	b	L_AES_ECB_encrypt_end
 L_AES_ECB_encrypt_start_block_192:
-	mov	r12, #0xff
 L_AES_ECB_encrypt_loop_block_192:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1}
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r2, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_12
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #5
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_encrypt_loop_block_192
 	b	L_AES_ECB_encrypt_end
 L_AES_ECB_encrypt_start_block_128:
-	mov	r12, #0xff
 L_AES_ECB_encrypt_loop_block_128:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1}
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r2, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_10
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #4
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_encrypt_loop_block_128
 L_AES_ECB_encrypt_end:
+	pop	{r3}
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	AES_ECB_encrypt,.-AES_ECB_encrypt
 #endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
 #ifdef HAVE_AES_CBC
 	.text
+	.type	L_AES_ARM32_te_cbc, %object
+	.size	L_AES_ARM32_te_cbc, 12
+	.align	4
+L_AES_ARM32_te_cbc:
+	.word	L_AES_ARM32_te_data
+	.text
 	.align	4
 	.globl	AES_CBC_encrypt
 	.type	AES_CBC_encrypt, %function
 AES_CBC_encrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	ldr	r12, [sp, #36]
-	ldr	lr, [sp, #40]
-	ldm	lr, {r4, r5, r6, r7}
-	push	{lr}
-	adr	r8, AES_CBC_encrypt
-	mov	lr, #AES_CBC_encrypt-L_AES_ARM32_te
-	sub	lr, r8, lr
-	cmp	r12, #10
+	ldr	r8, [sp, #36]
+	ldr	r9, [sp, #40]
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_te_cbc
+	ldr	r0, [r0]
+	ldm	r9, {r4, r5, r6, r7}
+	push	{r3, r9}
+	cmp	r8, #10
 	beq	L_AES_CBC_encrypt_start_block_128
-	cmp	r12, #12
+	cmp	r8, #12
 	beq	L_AES_CBC_encrypt_start_block_192
-	mov	r12, #0xff
 L_AES_CBC_encrypt_loop_block_256:
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	push	{r0, r1}
-	push	{r3, lr}
-	ldm	r3!, {r8, r9, r10, r11}
+	push	{r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_14
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #6
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_encrypt_loop_block_256
 	b	L_AES_CBC_encrypt_end
 L_AES_CBC_encrypt_start_block_192:
-	mov	r12, #0xff
 L_AES_CBC_encrypt_loop_block_192:
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	push	{r0, r1}
-	push	{r3, lr}
-	ldm	r3!, {r8, r9, r10, r11}
+	push	{r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_12
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #5
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_encrypt_loop_block_192
 	b	L_AES_CBC_encrypt_end
 L_AES_CBC_encrypt_start_block_128:
-	mov	r12, #0xff
 L_AES_CBC_encrypt_loop_block_128:
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	push	{r0, r1}
-	push	{r3, lr}
-	ldm	r3!, {r8, r9, r10, r11}
+	push	{r1, r2, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_10
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #4
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_encrypt_loop_block_128
 L_AES_CBC_encrypt_end:
-	pop	{lr}
-	stm	lr, {r4, r5, r6, r7}
+	pop	{r3, r9}
+	stm	r9, {r4, r5, r6, r7}
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	AES_CBC_encrypt,.-AES_CBC_encrypt
 #endif /* HAVE_AES_CBC */
 #ifdef WOLFSSL_AES_COUNTER
 	.text
+	.type	L_AES_ARM32_te_ctr, %object
+	.size	L_AES_ARM32_te_ctr, 12
+	.align	4
+L_AES_ARM32_te_ctr:
+	.word	L_AES_ARM32_te_data
+	.text
 	.align	4
 	.globl	AES_CTR_encrypt
 	.type	AES_CTR_encrypt, %function
 AES_CTR_encrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
 	ldr	r12, [sp, #36]
-	ldr	lr, [sp, #40]
-	ldm	lr, {r4, r5, r6, r7}
+	ldr	r8, [sp, #40]
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_te_ctr
+	ldr	r0, [r0]
+	ldm	r8, {r4, r5, r6, r7}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r10, r4, r4, ror #16
+	eor	r11, r5, r5, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	eor	r4, r4, r10, lsr #8
+	eor	r5, r5, r11, lsr #8
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	stm	lr, {r4, r5, r6, r7}
-	push	{lr}
-	adr	r8, AES_CTR_encrypt
-	mov	lr, #AES_CTR_encrypt-L_AES_ARM32_te
-	sub	lr, r8, lr
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	stm	r8, {r4, r5, r6, r7}
+	push	{r3, r8}
 	cmp	r12, #10
 	beq	L_AES_CTR_encrypt_start_block_128
 	cmp	r12, #12
 	beq	L_AES_CTR_encrypt_start_block_192
-	mov	r12, #0xff
 L_AES_CTR_encrypt_loop_block_256:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	adds	r11, r7, #1
 	adcs	r10, r6, #0
 	adcs	r9, r5, #0
 	adc	r8, r4, #0
-	stm	r0, {r8, r9, r10, r11}
-	push	{r3, lr}
+	stm	lr, {r8, r9, r10, r11}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_14
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #6
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CTR_encrypt_loop_block_256
 	b	L_AES_CTR_encrypt_end
 L_AES_CTR_encrypt_start_block_192:
-	mov	r12, #0xff
 L_AES_CTR_encrypt_loop_block_192:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	adds	r11, r7, #1
 	adcs	r10, r6, #0
 	adcs	r9, r5, #0
 	adc	r8, r4, #0
-	stm	r0, {r8, r9, r10, r11}
-	push	{r3, lr}
+	stm	lr, {r8, r9, r10, r11}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_12
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #5
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CTR_encrypt_loop_block_192
 	b	L_AES_CTR_encrypt_end
 L_AES_CTR_encrypt_start_block_128:
-	mov	r12, #0xff
 L_AES_CTR_encrypt_loop_block_128:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	adds	r11, r7, #1
 	adcs	r10, r6, #0
 	adcs	r9, r5, #0
 	adc	r8, r4, #0
-	stm	r0, {r8, r9, r10, r11}
-	push	{r3, lr}
+	stm	lr, {r8, r9, r10, r11}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_10
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #4
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CTR_encrypt_loop_block_128
 L_AES_CTR_encrypt_end:
-	pop	{lr}
+	pop	{r3, r8}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r10, r4, r4, ror #16
+	eor	r11, r5, r5, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	eor	r4, r4, r10, lsr #8
+	eor	r5, r5, r11, lsr #8
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	stm	lr, {r4, r5, r6, r7}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	stm	r8, {r4, r5, r6, r7}
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	AES_CTR_encrypt,.-AES_CTR_encrypt
 #endif /* WOLFSSL_AES_COUNTER */
-#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
 #ifdef HAVE_AES_DECRYPT
 #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
 	.text
+	.align	4
+	.globl	AES_decrypt_block
+	.type	AES_decrypt_block, %function
+AES_decrypt_block:
+	push	{lr}
+L_AES_decrypt_block_nr:
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r7, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r7, ror #16
+#endif
+#else
+	ubfx	r8, r7, #16, #8
+#endif
+	lsr	r11, r4, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r6, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r6, ror #8
+#endif
+#else
+	ubfx	r12, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r5, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r5
+#endif
+#else
+	ubfx	lr, r5, #0, #8
+#endif
+	ldr	r8, [r0, r8, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r9, r4, #8
+	lsr	r9, r9, #24
+#else
+	uxtb	r9, r4, ror #16
+#endif
+#else
+	ubfx	r9, r4, #16, #8
+#endif
+	eor	r8, r8, r11, ror #24
+	lsr	r11, r5, #24
+	eor	r8, r8, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r7, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r7, ror #8
+#endif
+#else
+	ubfx	r12, r7, #8, #8
+#endif
+	eor	r8, r8, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r6, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r6
+#endif
+#else
+	ubfx	lr, r6, #0, #8
+#endif
+	ldr	r9, [r0, r9, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r10, r5, #8
+	lsr	r10, r10, #24
+#else
+	uxtb	r10, r5, ror #16
+#endif
+#else
+	ubfx	r10, r5, #16, #8
+#endif
+	eor	r9, r9, r11, ror #24
+	lsr	r11, r6, #24
+	eor	r9, r9, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r4, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r4, ror #8
+#endif
+#else
+	ubfx	r12, r4, #8, #8
+#endif
+	eor	r9, r9, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r7, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r7
+#endif
+#else
+	ubfx	lr, r7, #0, #8
+#endif
+	ldr	r10, [r0, r10, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r4, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r4
+#endif
+#else
+	ubfx	r4, r4, #0, #8
+#endif
+	eor	r10, r10, r11, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r11, r6, #8
+	lsr	r11, r11, #24
+#else
+	uxtb	r11, r6, ror #16
+#endif
+#else
+	ubfx	r11, r6, #16, #8
+#endif
+	eor	r10, r10, r12, ror #8
+	lsr	r12, r7, #24
+	eor	r10, r10, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r5, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r5, ror #8
+#endif
+#else
+	ubfx	lr, r5, #8, #8
+#endif
+	ldr	r4, [r0, r4, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	eor	r12, r12, r4, ror #24
+	ldm	r3!, {r4, r5, r6, r7}
+	eor	r11, r11, lr, ror #8
+	eor	r11, r11, r12, ror #24
+	#   XOR in Key Schedule
+	eor	r8, r8, r4
+	eor	r9, r9, r5
+	eor	r10, r10, r6
+	eor	r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r11, #8
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r11, ror #16
+#endif
+#else
+	ubfx	r4, r11, #16, #8
+#endif
+	lsr	r7, r8, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r10, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r10, ror #8
+#endif
+#else
+	ubfx	r12, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r9, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r9
+#endif
+#else
+	ubfx	lr, r9, #0, #8
+#endif
+	ldr	r4, [r0, r4, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r8, #8
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r8, ror #16
+#endif
+#else
+	ubfx	r5, r8, #16, #8
+#endif
+	eor	r4, r4, r7, ror #24
+	lsr	r7, r9, #24
+	eor	r4, r4, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r11, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r11, ror #8
+#endif
+#else
+	ubfx	r12, r11, #8, #8
+#endif
+	eor	r4, r4, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r10, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r10
+#endif
+#else
+	ubfx	lr, r10, #0, #8
+#endif
+	ldr	r5, [r0, r5, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r9, #8
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r9, ror #16
+#endif
+#else
+	ubfx	r6, r9, #16, #8
+#endif
+	eor	r5, r5, r7, ror #24
+	lsr	r7, r10, #24
+	eor	r5, r5, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r8, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r8, ror #8
+#endif
+#else
+	ubfx	r12, r8, #8, #8
+#endif
+	eor	r5, r5, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r11, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r11
+#endif
+#else
+	ubfx	lr, r11, #0, #8
+#endif
+	ldr	r6, [r0, r6, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r8, #24
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r8
+#endif
+#else
+	ubfx	r8, r8, #0, #8
+#endif
+	eor	r6, r6, r7, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r10, #8
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r10, ror #16
+#endif
+#else
+	ubfx	r7, r10, #16, #8
+#endif
+	eor	r6, r6, r12, ror #8
+	lsr	r12, r11, #24
+	eor	r6, r6, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r9, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r9, ror #8
+#endif
+#else
+	ubfx	lr, r9, #8, #8
+#endif
+	ldr	r8, [r0, r8, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	r7, [r0, r7, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	eor	r12, r12, r8, ror #24
+	ldm	r3!, {r8, r9, r10, r11}
+	eor	r7, r7, lr, ror #8
+	eor	r7, r7, r12, ror #24
+	#   XOR in Key Schedule
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	subs	r1, r1, #1
+	bne	L_AES_decrypt_block_nr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r8, r7, #8
+	lsr	r8, r8, #24
+#else
+	uxtb	r8, r7, ror #16
+#endif
+#else
+	ubfx	r8, r7, #16, #8
+#endif
+	lsr	r11, r4, #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r6, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r6, ror #8
+#endif
+#else
+	ubfx	r12, r6, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r5, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r5
+#endif
+#else
+	ubfx	lr, r5, #0, #8
+#endif
+	ldr	r8, [r0, r8, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r9, r4, #8
+	lsr	r9, r9, #24
+#else
+	uxtb	r9, r4, ror #16
+#endif
+#else
+	ubfx	r9, r4, #16, #8
+#endif
+	eor	r8, r8, r11, ror #24
+	lsr	r11, r5, #24
+	eor	r8, r8, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r7, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r7, ror #8
+#endif
+#else
+	ubfx	r12, r7, #8, #8
+#endif
+	eor	r8, r8, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r6, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r6
+#endif
+#else
+	ubfx	lr, r6, #0, #8
+#endif
+	ldr	r9, [r0, r9, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r10, r5, #8
+	lsr	r10, r10, #24
+#else
+	uxtb	r10, r5, ror #16
+#endif
+#else
+	ubfx	r10, r5, #16, #8
+#endif
+	eor	r9, r9, r11, ror #24
+	lsr	r11, r6, #24
+	eor	r9, r9, r12, ror #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r4, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r4, ror #8
+#endif
+#else
+	ubfx	r12, r4, #8, #8
+#endif
+	eor	r9, r9, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r7, #24
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r7
+#endif
+#else
+	ubfx	lr, r7, #0, #8
+#endif
+	ldr	r10, [r0, r10, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r4, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r4
+#endif
+#else
+	ubfx	r4, r4, #0, #8
+#endif
+	eor	r10, r10, r11, ror #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r11, r6, #8
+	lsr	r11, r11, #24
+#else
+	uxtb	r11, r6, ror #16
+#endif
+#else
+	ubfx	r11, r6, #16, #8
+#endif
+	eor	r10, r10, r12, ror #8
+	lsr	r12, r7, #24
+	eor	r10, r10, lr, ror #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r5, #16
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r5, ror #8
+#endif
+#else
+	ubfx	lr, r5, #8, #8
+#endif
+	ldr	r4, [r0, r4, lsl #2]
+	ldr	r12, [r0, r12, lsl #2]
+	ldr	r11, [r0, r11, lsl #2]
+	ldr	lr, [r0, lr, lsl #2]
+	eor	r12, r12, r4, ror #24
+	ldm	r3!, {r4, r5, r6, r7}
+	eor	r11, r11, lr, ror #8
+	eor	r11, r11, r12, ror #24
+	#   XOR in Key Schedule
+	eor	r8, r8, r4
+	eor	r9, r9, r5
+	eor	r10, r10, r6
+	eor	r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r4, r9, #24
+	lsr	r4, r4, #24
+#else
+	uxtb	r4, r9
+#endif
+#else
+	ubfx	r4, r9, #0, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r10, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r10, ror #8
+#endif
+#else
+	ubfx	r7, r10, #8, #8
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r11, #8
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r11, ror #16
+#endif
+#else
+	ubfx	r12, r11, #16, #8
+#endif
+	lsr	lr, r8, #24
+	ldrb	r4, [r2, r4]
+	ldrb	r7, [r2, r7]
+	ldrb	r12, [r2, r12]
+	ldrb	lr, [r2, lr]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r5, r10, #24
+	lsr	r5, r5, #24
+#else
+	uxtb	r5, r10
+#endif
+#else
+	ubfx	r5, r10, #0, #8
+#endif
+	eor	r4, r4, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r11, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r11, ror #8
+#endif
+#else
+	ubfx	r7, r11, #8, #8
+#endif
+	eor	r4, r4, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r8, #8
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r8, ror #16
+#endif
+#else
+	ubfx	r12, r8, #16, #8
+#endif
+	eor	r4, r4, lr, lsl #24
+	lsr	lr, r9, #24
+	ldrb	r7, [r2, r7]
+	ldrb	lr, [r2, lr]
+	ldrb	r5, [r2, r5]
+	ldrb	r12, [r2, r12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r6, r11, #24
+	lsr	r6, r6, #24
+#else
+	uxtb	r6, r11
+#endif
+#else
+	ubfx	r6, r11, #0, #8
+#endif
+	eor	r5, r5, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r8, #16
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r8, ror #8
+#endif
+#else
+	ubfx	r7, r8, #8, #8
+#endif
+	eor	r5, r5, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r9, #8
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r9, ror #16
+#endif
+#else
+	ubfx	r12, r9, #16, #8
+#endif
+	eor	r5, r5, lr, lsl #24
+	lsr	lr, r10, #24
+	ldrb	r7, [r2, r7]
+	ldrb	lr, [r2, lr]
+	ldrb	r6, [r2, r6]
+	ldrb	r12, [r2, r12]
+	lsr	r11, r11, #24
+	eor	r6, r6, r7, lsl #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r7, r8, #24
+	lsr	r7, r7, #24
+#else
+	uxtb	r7, r8
+#endif
+#else
+	ubfx	r7, r8, #0, #8
+#endif
+	eor	r6, r6, r12, lsl #16
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r12, r9, #16
+	lsr	r12, r12, #24
+#else
+	uxtb	r12, r9, ror #8
+#endif
+#else
+	ubfx	r12, r9, #8, #8
+#endif
+	eor	r6, r6, lr, lsl #24
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	lr, r10, #8
+	lsr	lr, lr, #24
+#else
+	uxtb	lr, r10, ror #16
+#endif
+#else
+	ubfx	lr, r10, #16, #8
+#endif
+	ldrb	r11, [r2, r11]
+	ldrb	r12, [r2, r12]
+	ldrb	r7, [r2, r7]
+	ldrb	lr, [r2, lr]
+	eor	r12, r12, r11, lsl #16
+	ldm	r3, {r8, r9, r10, r11}
+	eor	r7, r7, r12, lsl #8
+	eor	r7, r7, lr, lsl #16
+	#   XOR in Key Schedule
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	pop	{pc}
+	.size	AES_decrypt_block,.-AES_decrypt_block
+	.text
+	.type	L_AES_ARM32_td_ecb, %object
+	.size	L_AES_ARM32_td_ecb, 12
+	.align	4
+L_AES_ARM32_td_ecb:
+	.word	L_AES_ARM32_td_data
+	.text
 	.type	L_AES_ARM32_td4, %object
 	.size	L_AES_ARM32_td4, 256
 	.align	4
@@ -1828,234 +3604,6 @@ L_AES_ARM32_td4:
 	.byte	0x21
 	.byte	0xc
 	.byte	0x7d
-	.text
-	.align	4
-	.globl	AES_decrypt_block
-	.type	AES_decrypt_block, %function
-AES_decrypt_block:
-L_AES_decrypt_block_14:
-	push	{lr}
-	ldr	lr, [sp, #8]
-	mov	r12, #6
-	b	L_AES_decrypt_block_nr
-L_AES_decrypt_block_12:
-	push	{lr}
-	ldr	lr, [sp, #8]
-	mov	r12, #5
-	b	L_AES_decrypt_block_nr
-L_AES_decrypt_block_10:
-	push	{lr}
-	ldr	lr, [sp, #8]
-	mov	r12, #4
-L_AES_decrypt_block_nr:
-	lsr	r11, r4, #24
-	and	r1, r2, r5
-	and	r8, r2, r7, lsr #16
-	and	r0, r2, r6, lsr #8
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r8, [lr, r8, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r9, r2, r4, lsr #16
-	eor	r8, r8, r11, ror #24
-	lsr	r11, r5, #24
-	eor	r8, r8, r0, ror #8
-	and	r0, r2, r7, lsr #8
-	eor	r8, r8, r1, ror #16
-	and	r1, r2, r6
-	ldr	r9, [lr, r9, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r10, r2, r5, lsr #16
-	eor	r9, r9, r11, ror #24
-	lsr	r11, r6, #24
-	eor	r9, r9, r0, ror #8
-	and	r0, r2, r4, lsr #8
-	eor	r9, r9, r1, ror #16
-	and	r1, r2, r7
-	ldr	r10, [lr, r10, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r4, r2, r4
-	eor	r10, r10, r11, ror #24
-	and	r11, r2, r6, lsr #16
-	eor	r10, r10, r0, ror #8
-	lsr	r0, r7, #24
-	eor	r10, r10, r1, ror #16
-	and	r1, r2, r5, lsr #8
-	ldr	r4, [lr, r4, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r4, ror #24
-	ldm	r3!, {r4, r5, r6, r7}
-	eor	r11, r11, r1, ror #8
-	eor	r11, r11, r0, ror #24
-	#   XOR in Key Schedule
-	eor	r8, r8, r4
-	eor	r9, r9, r5
-	eor	r10, r10, r6
-	eor	r11, r11, r7
-	lsr	r7, r8, #24
-	and	r1, r2, r9
-	and	r4, r2, r11, lsr #16
-	and	r0, r2, r10, lsr #8
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r4, [lr, r4, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r5, r2, r8, lsr #16
-	eor	r4, r4, r7, ror #24
-	lsr	r7, r9, #24
-	eor	r4, r4, r0, ror #8
-	and	r0, r2, r11, lsr #8
-	eor	r4, r4, r1, ror #16
-	and	r1, r2, r10
-	ldr	r5, [lr, r5, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r6, r2, r9, lsr #16
-	eor	r5, r5, r7, ror #24
-	lsr	r7, r10, #24
-	eor	r5, r5, r0, ror #8
-	and	r0, r2, r8, lsr #8
-	eor	r5, r5, r1, ror #16
-	and	r1, r2, r11
-	ldr	r6, [lr, r6, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r8, r2, r8
-	eor	r6, r6, r7, ror #24
-	and	r7, r2, r10, lsr #16
-	eor	r6, r6, r0, ror #8
-	lsr	r0, r11, #24
-	eor	r6, r6, r1, ror #16
-	and	r1, r2, r9, lsr #8
-	ldr	r8, [lr, r8, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r7, [lr, r7, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r8, ror #24
-	ldm	r3!, {r8, r9, r10, r11}
-	eor	r7, r7, r1, ror #8
-	eor	r7, r7, r0, ror #24
-	#   XOR in Key Schedule
-	eor	r4, r4, r8
-	eor	r5, r5, r9
-	eor	r6, r6, r10
-	eor	r7, r7, r11
-	subs	r12, r12, #1
-	bne	L_AES_decrypt_block_nr
-	lsr	r11, r4, #24
-	and	r1, r2, r5
-	and	r8, r2, r7, lsr #16
-	and	r0, r2, r6, lsr #8
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	ldr	r8, [lr, r8, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	and	r9, r2, r4, lsr #16
-	eor	r8, r8, r11, ror #24
-	lsr	r11, r5, #24
-	eor	r8, r8, r0, ror #8
-	and	r0, r2, r7, lsr #8
-	eor	r8, r8, r1, ror #16
-	and	r1, r2, r6
-	ldr	r9, [lr, r9, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r10, r2, r5, lsr #16
-	eor	r9, r9, r11, ror #24
-	lsr	r11, r6, #24
-	eor	r9, r9, r0, ror #8
-	and	r0, r2, r4, lsr #8
-	eor	r9, r9, r1, ror #16
-	and	r1, r2, r7
-	ldr	r10, [lr, r10, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	and	r4, r2, r4
-	eor	r10, r10, r11, ror #24
-	and	r11, r2, r6, lsr #16
-	eor	r10, r10, r0, ror #8
-	lsr	r0, r7, #24
-	eor	r10, r10, r1, ror #16
-	and	r1, r2, r5, lsr #8
-	ldr	r4, [lr, r4, lsl #2]
-	ldr	r0, [lr, r0, lsl #2]
-	ldr	r11, [lr, r11, lsl #2]
-	ldr	r1, [lr, r1, lsl #2]
-	eor	r0, r0, r4, ror #24
-	ldm	r3!, {r4, r5, r6, r7}
-	eor	r11, r11, r1, ror #8
-	eor	r11, r11, r0, ror #24
-	#   XOR in Key Schedule
-	eor	r8, r8, r4
-	eor	r9, r9, r5
-	eor	r10, r10, r6
-	eor	r11, r11, r7
-	adr	r12, L_AES_ARM32_td4
-	and	r7, r2, r10, lsr #8
-	lsr	r1, r8, #24
-	and	r4, r2, r9
-	and	r0, r2, r11, lsr #16
-	ldrb	r7, [r12, r7]
-	ldrb	r1, [r12, r1]
-	ldrb	r4, [r12, r4]
-	ldrb	r0, [r12, r0]
-	and	r5, r2, r10
-	eor	r4, r4, r7, lsl #8
-	and	r7, r2, r11, lsr #8
-	eor	r4, r4, r0, lsl #16
-	and	r0, r2, r8, lsr #16
-	eor	r4, r4, r1, lsl #24
-	lsr	r1, r9, #24
-	ldrb	r7, [r12, r7]
-	ldrb	r1, [r12, r1]
-	ldrb	r5, [r12, r5]
-	ldrb	r0, [r12, r0]
-	and	r6, r2, r11
-	eor	r5, r5, r7, lsl #8
-	and	r7, r2, r8, lsr #8
-	eor	r5, r5, r0, lsl #16
-	and	r0, r2, r9, lsr #16
-	eor	r5, r5, r1, lsl #24
-	lsr	r1, r10, #24
-	ldrb	r7, [r12, r7]
-	ldrb	r1, [r12, r1]
-	ldrb	r6, [r12, r6]
-	ldrb	r0, [r12, r0]
-	lsr	r11, r11, #24
-	eor	r6, r6, r7, lsl #8
-	and	r7, r2, r8
-	eor	r6, r6, r0, lsl #16
-	and	r0, r2, r9, lsr #8
-	eor	r6, r6, r1, lsl #24
-	and	r1, r2, r10, lsr #16
-	ldrb	r11, [r12, r11]
-	ldrb	r0, [r12, r0]
-	ldrb	r7, [r12, r7]
-	ldrb	r1, [r12, r1]
-	eor	r0, r0, r11, lsl #16
-	ldm	r3, {r8, r9, r10, r11}
-	eor	r7, r7, r0, lsl #8
-	eor	r7, r7, r1, lsl #16
-	#   XOR in Key Schedule
-	eor	r4, r4, r8
-	eor	r5, r5, r9
-	eor	r6, r6, r10
-	eor	r7, r7, r11
-	str	lr, [sp, #8]
-	pop	{lr}
-	bx	lr
-	bx	lr
-	.size	AES_decrypt_block,.-AES_decrypt_block
 #if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
 	.text
 	.align	4
@@ -2063,116 +3611,225 @@ L_AES_decrypt_block_nr:
 	.type	AES_ECB_decrypt, %function
 AES_ECB_decrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	ldr	r12, [sp, #36]
-	mov	r8, r12
-	adr	r4, AES_ECB_decrypt
-	mov	lr, #AES_ECB_decrypt-L_AES_ARM32_td
-	sub	lr, r4, lr
+	ldr	r8, [sp, #36]
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_td_ecb
+	ldr	r0, [r0]
+	mov	r12, r2
+	adr	r2, L_AES_ARM32_td4
 	cmp	r8, #10
 	beq	L_AES_ECB_decrypt_start_block_128
 	cmp	r8, #12
 	beq	L_AES_ECB_decrypt_start_block_192
 L_AES_ECB_decrypt_loop_block_256:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1, r2}
-	mov	r2, #0xff
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r3, r12, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_14
-	pop	{r3, lr}
-	pop	{r0, r1, r2}
+	mov	r1, #6
+	bl	AES_decrypt_block
+	pop	{r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_decrypt_loop_block_256
 	b	L_AES_ECB_decrypt_end
 L_AES_ECB_decrypt_start_block_192:
 L_AES_ECB_decrypt_loop_block_192:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1, r2}
-	mov	r2, #0xff
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r3, r12, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_12
-	pop	{r3, lr}
-	pop	{r0, r1, r2}
+	mov	r1, #5
+	bl	AES_decrypt_block
+	pop	{r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_decrypt_loop_block_192
 	b	L_AES_ECB_decrypt_end
 L_AES_ECB_decrypt_start_block_128:
 L_AES_ECB_decrypt_loop_block_128:
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	push	{r0, r1, r2}
-	mov	r2, #0xff
-	push	{r3, lr}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	push	{r1, r3, r12, lr}
 	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_10
-	pop	{r3, lr}
-	pop	{r0, r1, r2}
+	mov	r1, #4
+	bl	AES_decrypt_block
+	pop	{r1, r3, r12, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_ECB_decrypt_loop_block_128
 L_AES_ECB_decrypt_end:
@@ -2186,71 +3843,95 @@ L_AES_ECB_decrypt_end:
 	.type	AES_CBC_decrypt, %function
 AES_CBC_decrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #24
-	ldr	r12, [sp, #60]
-	ldr	lr, [sp, #64]
-	str	lr, [sp, #20]
-	str	r3, [sp]
-	adr	r8, AES_CBC_decrypt
-	mov	lr, #AES_CBC_decrypt-L_AES_ARM32_td
-	sub	lr, r8, lr
-	mov	r8, r12
-	str	lr, [sp, #4]
+	ldr	r8, [sp, #36]
+	ldr	r4, [sp, #40]
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_td_ecb
+	ldr	r0, [r0]
+	mov	r12, r2
+	adr	r2, L_AES_ARM32_td4
+	push	{r3, r4}
 	cmp	r8, #10
 	beq	L_AES_CBC_decrypt_loop_block_128
 	cmp	r8, #12
 	beq	L_AES_CBC_decrypt_loop_block_192
 L_AES_CBC_decrypt_loop_block_256:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr, #16]
+	str	r5, [lr, #20]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr, #16]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #24]
+	str	r7, [lr, #28]
 #else
-	strd	r4, r5, [r0, #16]
+	strd	r6, r7, [lr, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #24]
-	str	r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #24]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_14
+	mov	r1, #6
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-	ldm	r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	lr, {r8, r9, r10, r11}
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2259,71 +3940,97 @@ L_AES_CBC_decrypt_loop_block_256:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	beq	L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr]
+	str	r5, [lr, #4]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #8]
+	str	r7, [lr, #12]
 #else
-	strd	r4, r5, [r0]
+	strd	r6, r7, [lr, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #8]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_14
+	mov	r1, #6
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r0, #16]
-	ldr	r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r8, [lr, #16]
+	ldr	r9, [lr, #20]
 #else
-	ldrd	r8, r9, [r0, #16]
+	ldrd	r8, r9, [lr, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r0, #24]
-	ldr	r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r10, [lr, #24]
+	ldr	r11, [lr, #28]
 #else
-	ldrd	r10, r11, [r0, #24]
+	ldrd	r10, r11, [lr, #24]
 #endif
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2332,62 +4039,88 @@ L_AES_CBC_decrypt_loop_block_256:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_decrypt_loop_block_256
 	b	L_AES_CBC_decrypt_end
 L_AES_CBC_decrypt_loop_block_192:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr, #16]
+	str	r5, [lr, #20]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr, #16]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #24]
+	str	r7, [lr, #28]
 #else
-	strd	r4, r5, [r0, #16]
+	strd	r6, r7, [lr, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #24]
-	str	r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #24]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_12
+	mov	r1, #5
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-	ldm	r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	lr, {r8, r9, r10, r11}
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2396,71 +4129,97 @@ L_AES_CBC_decrypt_loop_block_192:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	beq	L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr]
+	str	r5, [lr, #4]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #8]
+	str	r7, [lr, #12]
 #else
-	strd	r4, r5, [r0]
+	strd	r6, r7, [lr, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #8]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_12
+	mov	r1, #5
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r0, #16]
-	ldr	r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r8, [lr, #16]
+	ldr	r9, [lr, #20]
 #else
-	ldrd	r8, r9, [r0, #16]
+	ldrd	r8, r9, [lr, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r0, #24]
-	ldr	r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r10, [lr, #24]
+	ldr	r11, [lr, #28]
 #else
-	ldrd	r10, r11, [r0, #24]
+	ldrd	r10, r11, [lr, #24]
 #endif
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2469,62 +4228,88 @@ L_AES_CBC_decrypt_loop_block_192:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_decrypt_loop_block_192
 	b	L_AES_CBC_decrypt_end
 L_AES_CBC_decrypt_loop_block_128:
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr, #16]
+	str	r5, [lr, #20]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr, #16]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #24]
+	str	r7, [lr, #28]
 #else
-	strd	r4, r5, [r0, #16]
+	strd	r6, r7, [lr, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #24]
-	str	r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #24]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_10
+	mov	r1, #4
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-	ldm	r0, {r8, r9, r10, r11}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	lr, {r8, r9, r10, r11}
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2533,71 +4318,97 @@ L_AES_CBC_decrypt_loop_block_128:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	beq	L_AES_CBC_decrypt_end_odd
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r0, [sp, #8]
-	str	r1, [sp, #12]
+	push	{r1, r12, lr}
+	ldr	r4, [lr]
+	ldr	r5, [lr, #4]
+	ldr	r6, [lr, #8]
+	ldr	r7, [lr, #12]
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [lr]
+	str	r5, [lr, #4]
 #else
-	strd	r0, r1, [sp, #8]
+	strd	r4, r5, [lr]
 #endif
-	str	r2, [sp, #16]
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [lr, #8]
+	str	r7, [lr, #12]
 #else
-	strd	r4, r5, [r0]
+	strd	r6, r7, [lr, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
 #else
-	strd	r6, r7, [r0, #8]
-#endif
-	mov	r2, #0xff
-	ldm	r3!, {r8, r9, r10, r11}
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldm	r3!, {r8, r9, r10, r11}
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_decrypt_block_10
+	mov	r1, #4
+	bl	AES_decrypt_block
+	ldr	lr, [sp, #16]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r0, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r0, #16]
-	ldr	r9, [r0, #20]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r8, [lr, #16]
+	ldr	r9, [lr, #20]
 #else
-	ldrd	r8, r9, [r0, #16]
+	ldrd	r8, r9, [lr, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r0, #24]
-	ldr	r11, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r10, [lr, #24]
+	ldr	r11, [lr, #28]
 #else
-	ldrd	r10, r11, [r0, #24]
+	ldrd	r10, r11, [lr, #24]
 #endif
+	pop	{r1, r12, lr}
 	ldr	r3, [sp]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-#else
-	ldrd	r0, r1, [sp, #8]
-#endif
-	ldr	r2, [sp, #16]
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
@@ -2606,40 +4417,39 @@ L_AES_CBC_decrypt_loop_block_128:
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	subs	r2, r2, #16
-	add	r0, r0, #16
+	subs	r12, r12, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_CBC_decrypt_loop_block_128
 	b	L_AES_CBC_decrypt_end
 L_AES_CBC_decrypt_end_odd:
-	ldr	lr, [sp, #20]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [lr, #16]
-	ldr	r9, [lr, #20]
+	ldr	r4, [sp, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r8, [r4, #16]
+	ldr	r9, [r4, #20]
 #else
-	ldrd	r8, r9, [lr, #16]
+	ldrd	r8, r9, [r4, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [lr, #24]
-	ldr	r11, [lr, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r10, [r4, #24]
+	ldr	r11, [r4, #28]
 #else
-	ldrd	r10, r11, [lr, #24]
+	ldrd	r10, r11, [r4, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [lr]
-	str	r9, [lr, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [r4]
+	str	r9, [r4, #4]
 #else
-	strd	r8, r9, [lr]
+	strd	r8, r9, [r4]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [lr, #8]
-	str	r11, [lr, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r10, [r4, #8]
+	str	r11, [r4, #12]
 #else
-	strd	r10, r11, [lr, #8]
+	strd	r10, r11, [r4, #8]
 #endif
 L_AES_CBC_decrypt_end:
-	ldr	lr, [sp, #4]
-	add	sp, sp, #24
+	pop	{r3, r4}
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	AES_CBC_decrypt,.-AES_CBC_decrypt
 #endif /* HAVE_AES_CBC */
@@ -3211,10 +5021,33 @@ L_GCM_gmult_len_start_block:
 	eor	r9, r9, r5
 	eor	r10, r10, r6
 	eor	r11, r11, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	# REV r8, r8
+	eor	r3, r8, r8, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r8, r8, #8
+	eor	r8, r8, r3, lsr #8
+	# REV r9, r9
+	eor	r3, r9, r9, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r9, r9, #8
+	eor	r9, r9, r3, lsr #8
+	# REV r10, r10
+	eor	r3, r10, r10, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r10, r10, #8
+	eor	r10, r10, r3, lsr #8
+	# REV r11, r11
+	eor	r3, r11, r11, ror #16
+	bic	r3, r3, #0xff0000
+	ror	r11, r11, #8
+	eor	r11, r11, r3, lsr #8
+#else
 	rev	r8, r8
 	rev	r9, r9
 	rev	r10, r10
 	rev	r11, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	stm	r0, {r8, r9, r10, r11}
 	pop	{r3}
 	subs	r3, r3, #16
@@ -3223,159 +5056,258 @@ L_GCM_gmult_len_start_block:
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	GCM_gmult_len,.-GCM_gmult_len
 	.text
+	.type	L_AES_ARM32_te_gcm, %object
+	.size	L_AES_ARM32_te_gcm, 12
+	.align	4
+L_AES_ARM32_te_gcm:
+	.word	L_AES_ARM32_te_data
+	.text
 	.align	4
 	.globl	AES_GCM_encrypt
 	.type	AES_GCM_encrypt, %function
 AES_GCM_encrypt:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
 	ldr	r12, [sp, #36]
-	ldr	lr, [sp, #40]
-	ldm	lr, {r4, r5, r6, r7}
+	ldr	r8, [sp, #40]
+	mov	lr, r0
+	adr	r0, L_AES_ARM32_te_gcm
+	ldr	r0, [r0]
+	ldm	r8, {r4, r5, r6, r7}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r10, r4, r4, ror #16
+	eor	r11, r5, r5, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	eor	r4, r4, r10, lsr #8
+	eor	r5, r5, r11, lsr #8
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	stm	lr, {r4, r5, r6, r7}
-	push	{lr}
-	adr	r8, AES_GCM_encrypt
-	mov	lr, #AES_GCM_encrypt-L_AES_ARM32_te
-	sub	lr, r8, lr
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	stm	r8, {r4, r5, r6, r7}
+	push	{r3, r8}
 	cmp	r12, #10
 	beq	L_AES_GCM_encrypt_start_block_128
 	cmp	r12, #12
 	beq	L_AES_GCM_encrypt_start_block_192
-	mov	r12, #0xff
 L_AES_GCM_encrypt_loop_block_256:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	add	r7, r7, #1
-	str	r7, [r0, #12]
-	push	{r3, lr}
 	ldm	r3!, {r8, r9, r10, r11}
+	str	r7, [lr, #12]
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_14
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #6
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_GCM_encrypt_loop_block_256
 	b	L_AES_GCM_encrypt_end
 L_AES_GCM_encrypt_start_block_192:
-	mov	r12, #0xff
 L_AES_GCM_encrypt_loop_block_192:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	add	r7, r7, #1
-	str	r7, [r0, #12]
-	push	{r3, lr}
 	ldm	r3!, {r8, r9, r10, r11}
+	str	r7, [lr, #12]
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_12
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #5
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_GCM_encrypt_loop_block_192
 	b	L_AES_GCM_encrypt_end
 L_AES_GCM_encrypt_start_block_128:
-	mov	r12, #0xff
 L_AES_GCM_encrypt_loop_block_128:
-	push	{r0, r1}
-	ldr	r0, [sp, #8]
+	push	{r1, r2, lr}
+	ldr	lr, [sp, #16]
 	add	r7, r7, #1
-	str	r7, [r0, #12]
-	push	{r3, lr}
 	ldm	r3!, {r8, r9, r10, r11}
+	str	r7, [lr, #12]
 	# Round: 0 - XOR in key schedule
 	eor	r4, r4, r8
 	eor	r5, r5, r9
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-	bl	L_AES_encrypt_block_10
-	pop	{r3, lr}
-	pop	{r0, r1}
+	mov	r1, #4
+	bl	AES_encrypt_block
+	pop	{r1, r2, lr}
+	ldr	r3, [sp]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	ldr	r8, [r0]
-	ldr	r9, [r0, #4]
-	ldr	r10, [r0, #8]
-	ldr	r11, [r0, #12]
-	eor	r4, r8
-	eor	r5, r9
-	eor	r6, r10
-	eor	r7, r11
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	ldr	r8, [lr]
+	ldr	r9, [lr, #4]
+	ldr	r10, [lr, #8]
+	ldr	r11, [lr, #12]
+	eor	r4, r4, r8
+	eor	r5, r5, r9
+	eor	r6, r6, r10
+	eor	r7, r7, r11
+	ldr	r8, [sp, #4]
 	str	r4, [r1]
 	str	r5, [r1, #4]
 	str	r6, [r1, #8]
 	str	r7, [r1, #12]
-	ldr	r8, [sp]
 	ldm	r8, {r4, r5, r6, r7}
 	subs	r2, r2, #16
-	add	r0, r0, #16
+	add	lr, lr, #16
 	add	r1, r1, #16
 	bne	L_AES_GCM_encrypt_loop_block_128
 L_AES_GCM_encrypt_end:
-	pop	{lr}
+	pop	{r3, r8}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	eor	r10, r4, r4, ror #16
+	eor	r11, r5, r5, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	eor	r4, r4, r10, lsr #8
+	eor	r5, r5, r11, lsr #8
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#else
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
 	rev	r7, r7
-	stm	lr, {r4, r5, r6, r7}
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	stm	r8, {r4, r5, r6, r7}
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	AES_GCM_encrypt,.-AES_GCM_encrypt
 #endif /* HAVE_AESGCM */
 #endif /* !NO_AES */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
 
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
new file mode 100644
index 00000000..fbc60fbd
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm_c.c
@@ -0,0 +1,4794 @@
+/* armv8-32-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./aes/aes.rb arm32 ../wolfssl/wolfcrypt/src/port/arm/armv8-32-aes-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+#ifndef NO_AES
+#include <wolfssl/wolfcrypt/aes.h>
+
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t L_AES_ARM32_td_data[] = {
+    0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
+    0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
+    0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+    0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
+    0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
+    0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+    0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
+    0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
+    0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+    0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
+    0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
+    0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+    0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
+    0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
+    0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
+    0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
+    0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
+    0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+    0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
+    0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10,
+    0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+    0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015,
+    0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
+    0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+    0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000,
+    0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
+    0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+    0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
+    0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91,
+    0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+    0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
+    0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
+    0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+    0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
+    0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
+    0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+    0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
+    0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
+    0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+    0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
+    0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
+    0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+    0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46,
+    0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
+    0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+    0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
+    0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a,
+    0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
+    0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
+    0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
+    0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+    0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6,
+    0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
+    0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+    0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
+    0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
+    0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+    0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
+    0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
+    0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+    0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
+    0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95,
+    0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+    0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857,
+};
+
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t L_AES_ARM32_te_data[] = {
+    0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
+    0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
+    0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
+    0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
+    0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
+    0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
+    0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
+    0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
+    0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+    0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc,
+    0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1,
+    0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+    0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
+    0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a,
+    0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+    0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
+    0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
+    0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+    0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
+    0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
+    0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
+    0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
+    0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
+    0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+    0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
+    0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
+    0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
+    0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
+    0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
+    0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
+    0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
+    0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2,
+    0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+    0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
+    0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
+    0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+    0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
+    0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
+    0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+    0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
+    0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
+    0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
+    0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
+    0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
+    0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+    0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
+    0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea,
+    0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+    0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
+    0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
+    0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+    0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
+    0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
+    0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
+    0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
+    0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
+    0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+    0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
+    0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
+    0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+    0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
+    0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
+    0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+    0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
+};
+
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t* L_AES_ARM32_td = L_AES_ARM32_td_data;
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_ARM32_te = L_AES_ARM32_te_data;
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+void AES_invert_key(unsigned char* ks, word32 rounds);
+void AES_invert_key(unsigned char* ks_p, word32 rounds_p)
+{
+    register unsigned char* ks asm ("r0") = (unsigned char*)ks_p;
+    register word32 rounds asm ("r1") = (word32)rounds_p;
+    register uint32_t* L_AES_ARM32_te_c asm ("r2") = (uint32_t*)L_AES_ARM32_te;
+    register uint32_t* L_AES_ARM32_td_c asm ("r3") = (uint32_t*)L_AES_ARM32_td;
+
+    __asm__ __volatile__ (
+        "mov	r12, %[L_AES_ARM32_te]\n\t"
+        "mov	lr, %[L_AES_ARM32_td]\n\t"
+        "add	r10, %[ks], %[rounds], lsl #4\n\t"
+        "mov	r11, %[rounds]\n\t"
+        "\n"
+    "L_AES_invert_key_loop_%=: \n\t"
+        "ldm	%[ks], {r2, r3, r4, r5}\n\t"
+        "ldm	r10, {r6, r7, r8, r9}\n\t"
+        "stm	r10, {r2, r3, r4, r5}\n\t"
+        "stm	%[ks]!, {r6, r7, r8, r9}\n\t"
+        "subs	r11, r11, #2\n\t"
+        "sub	r10, r10, #16\n\t"
+        "bne	L_AES_invert_key_loop_%=\n\t"
+        "sub	%[ks], %[ks], %[rounds], lsl #3\n\t"
+        "add	%[ks], %[ks], #16\n\t"
+        "sub	r11, %[rounds], #1\n\t"
+        "\n"
+    "L_AES_invert_key_mix_loop_%=: \n\t"
+        "ldm	%[ks], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r2, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r2\n\t"
+#endif
+#else
+        "ubfx	r6, r2, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r2, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r2, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r2, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r2, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r2, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r2, #16, #8\n\t"
+#endif
+        "lsr	r9, r2, #24\n\t"
+        "ldrb	r6, [r12, r6, lsl #2]\n\t"
+        "ldrb	r7, [r12, r7, lsl #2]\n\t"
+        "ldrb	r8, [r12, r8, lsl #2]\n\t"
+        "ldrb	r9, [r12, r9, lsl #2]\n\t"
+        "ldr	r6, [lr, r6, lsl #2]\n\t"
+        "ldr	r7, [lr, r7, lsl #2]\n\t"
+        "ldr	r8, [lr, r8, lsl #2]\n\t"
+        "ldr	r9, [lr, r9, lsl #2]\n\t"
+        "eor	r8, r8, r6, ror #16\n\t"
+        "eor	r8, r8, r7, ror #8\n\t"
+        "eor	r8, r8, r9, ror #24\n\t"
+        "str	r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r3, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r3\n\t"
+#endif
+#else
+        "ubfx	r6, r3, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r3, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r3, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r3, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r3, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r3, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r3, #16, #8\n\t"
+#endif
+        "lsr	r9, r3, #24\n\t"
+        "ldrb	r6, [r12, r6, lsl #2]\n\t"
+        "ldrb	r7, [r12, r7, lsl #2]\n\t"
+        "ldrb	r8, [r12, r8, lsl #2]\n\t"
+        "ldrb	r9, [r12, r9, lsl #2]\n\t"
+        "ldr	r6, [lr, r6, lsl #2]\n\t"
+        "ldr	r7, [lr, r7, lsl #2]\n\t"
+        "ldr	r8, [lr, r8, lsl #2]\n\t"
+        "ldr	r9, [lr, r9, lsl #2]\n\t"
+        "eor	r8, r8, r6, ror #16\n\t"
+        "eor	r8, r8, r7, ror #8\n\t"
+        "eor	r8, r8, r9, ror #24\n\t"
+        "str	r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r4, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r4\n\t"
+#endif
+#else
+        "ubfx	r6, r4, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r4, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r4, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r4, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r4, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r4, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r4, #16, #8\n\t"
+#endif
+        "lsr	r9, r4, #24\n\t"
+        "ldrb	r6, [r12, r6, lsl #2]\n\t"
+        "ldrb	r7, [r12, r7, lsl #2]\n\t"
+        "ldrb	r8, [r12, r8, lsl #2]\n\t"
+        "ldrb	r9, [r12, r9, lsl #2]\n\t"
+        "ldr	r6, [lr, r6, lsl #2]\n\t"
+        "ldr	r7, [lr, r7, lsl #2]\n\t"
+        "ldr	r8, [lr, r8, lsl #2]\n\t"
+        "ldr	r9, [lr, r9, lsl #2]\n\t"
+        "eor	r8, r8, r6, ror #16\n\t"
+        "eor	r8, r8, r7, ror #8\n\t"
+        "eor	r8, r8, r9, ror #24\n\t"
+        "str	r8, [%[ks]], #4\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r5, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r5\n\t"
+#endif
+#else
+        "ubfx	r6, r5, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r5, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r5, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r5, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r5, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r5, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r5, #16, #8\n\t"
+#endif
+        "lsr	r9, r5, #24\n\t"
+        "ldrb	r6, [r12, r6, lsl #2]\n\t"
+        "ldrb	r7, [r12, r7, lsl #2]\n\t"
+        "ldrb	r8, [r12, r8, lsl #2]\n\t"
+        "ldrb	r9, [r12, r9, lsl #2]\n\t"
+        "ldr	r6, [lr, r6, lsl #2]\n\t"
+        "ldr	r7, [lr, r7, lsl #2]\n\t"
+        "ldr	r8, [lr, r8, lsl #2]\n\t"
+        "ldr	r9, [lr, r9, lsl #2]\n\t"
+        "eor	r8, r8, r6, ror #16\n\t"
+        "eor	r8, r8, r7, ror #8\n\t"
+        "eor	r8, r8, r9, ror #24\n\t"
+        "str	r8, [%[ks]], #4\n\t"
+        "subs	r11, r11, #1\n\t"
+        "bne	L_AES_invert_key_mix_loop_%=\n\t"
+        : [ks] "+r" (ks), [rounds] "+r" (rounds), [L_AES_ARM32_te] "+r" (L_AES_ARM32_te_c), [L_AES_ARM32_td] "+r" (L_AES_ARM32_td_c)
+        :
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_DECRYPT */
+static const uint32_t L_AES_ARM32_rcon[] = {
+    0x01000000, 0x02000000, 0x04000000, 0x08000000,
+    0x10000000, 0x20000000, 0x40000000, 0x80000000,
+    0x1b000000, 0x36000000, 
+};
+
+void AES_set_encrypt_key(const unsigned char* key, word32 len, unsigned char* ks);
+void AES_set_encrypt_key(const unsigned char* key_p, word32 len_p, unsigned char* ks_p)
+{
+    register const unsigned char* key asm ("r0") = (const unsigned char*)key_p;
+    register word32 len asm ("r1") = (word32)len_p;
+    register unsigned char* ks asm ("r2") = (unsigned char*)ks_p;
+    register uint32_t* L_AES_ARM32_te_c asm ("r3") = (uint32_t*)L_AES_ARM32_te;
+    register uint32_t* L_AES_ARM32_rcon_c asm ("r4") = (uint32_t*)&L_AES_ARM32_rcon;
+
+    __asm__ __volatile__ (
+        "mov	r8, %[L_AES_ARM32_te]\n\t"
+        "mov	lr, %[L_AES_ARM32_rcon]\n\t"
+        "cmp	%[len], #0x80\n\t"
+        "beq	L_AES_set_encrypt_key_start_128_%=\n\t"
+        "cmp	%[len], #0xc0\n\t"
+        "beq	L_AES_set_encrypt_key_start_192_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [%[key]]\n\t"
+        "ldr	r5, [%[key], #4]\n\t"
+#else
+        "ldrd	r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [%[key], #8]\n\t"
+        "ldr	r7, [%[key], #12]\n\t"
+#else
+        "ldrd	r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        /* REV r4, r4 */
+        "eor	r3, r4, r4, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "eor	r4, r4, r3, lsr #8\n\t"
+        /* REV r5, r5 */
+        "eor	r3, r5, r5, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r5, r5, r3, lsr #8\n\t"
+        /* REV r6, r6 */
+        "eor	r3, r6, r6, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "eor	r6, r6, r3, lsr #8\n\t"
+        /* REV r7, r7 */
+        "eor	r3, r7, r7, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r7, r7, r3, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	%[ks]!, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [%[key], #16]\n\t"
+        "ldr	r5, [%[key], #20]\n\t"
+#else
+        "ldrd	r4, r5, [%[key], #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [%[key], #24]\n\t"
+        "ldr	r7, [%[key], #28]\n\t"
+#else
+        "ldrd	r6, r7, [%[key], #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        /* REV r4, r4 */
+        "eor	r3, r4, r4, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "eor	r4, r4, r3, lsr #8\n\t"
+        /* REV r5, r5 */
+        "eor	r3, r5, r5, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r5, r5, r3, lsr #8\n\t"
+        /* REV r6, r6 */
+        "eor	r3, r6, r6, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "eor	r6, r6, r3, lsr #8\n\t"
+        /* REV r7, r7 */
+        "eor	r3, r7, r7, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r7, r7, r3, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "sub	%[ks], %[ks], #16\n\t"
+        "mov	r12, #6\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_256_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r7, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r7\n\t"
+#endif
+#else
+        "ubfx	r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r7, #16\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r7, #8\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r6, r7, #16, #8\n\t"
+#endif
+        "lsr	r7, r7, #24\n\t"
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r5, [r8, r5, lsl #2]\n\t"
+        "ldrb	r6, [r8, r6, lsl #2]\n\t"
+        "ldrb	r7, [r8, r7, lsl #2]\n\t"
+        "eor	r3, r7, r4, lsl #8\n\t"
+        "eor	r3, r3, r5, lsl #16\n\t"
+        "eor	r3, r3, r6, lsl #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "ldm	lr!, {r3}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "eor	r5, r5, r4\n\t"
+        "eor	r6, r6, r5\n\t"
+        "eor	r7, r7, r6\n\t"
+        "add	%[ks], %[ks], #16\n\t"
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "sub	%[ks], %[ks], #16\n\t"
+        "mov	r3, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r3, #16\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r3, ror #8\n\t"
+#endif
+#else
+        "ubfx	r4, r3, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r3, #8\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r3, ror #16\n\t"
+#endif
+#else
+        "ubfx	r5, r3, #16, #8\n\t"
+#endif
+        "lsr	r6, r3, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r3, r3, #24\n\t"
+        "lsr	r3, r3, #24\n\t"
+#else
+        "uxtb	r3, r3\n\t"
+#endif
+#else
+        "ubfx	r3, r3, #0, #8\n\t"
+#endif
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r6, [r8, r6, lsl #2]\n\t"
+        "ldrb	r5, [r8, r5, lsl #2]\n\t"
+        "ldrb	r3, [r8, r3, lsl #2]\n\t"
+        "eor	r3, r3, r4, lsl #8\n\t"
+        "eor	r3, r3, r5, lsl #16\n\t"
+        "eor	r3, r3, r6, lsl #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "eor	r5, r5, r4\n\t"
+        "eor	r6, r6, r5\n\t"
+        "eor	r7, r7, r6\n\t"
+        "add	%[ks], %[ks], #16\n\t"
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "sub	%[ks], %[ks], #16\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_AES_set_encrypt_key_loop_256_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r7, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r7\n\t"
+#endif
+#else
+        "ubfx	r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r7, #16\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r7, #8\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r6, r7, #16, #8\n\t"
+#endif
+        "lsr	r7, r7, #24\n\t"
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r5, [r8, r5, lsl #2]\n\t"
+        "ldrb	r6, [r8, r6, lsl #2]\n\t"
+        "ldrb	r7, [r8, r7, lsl #2]\n\t"
+        "eor	r3, r7, r4, lsl #8\n\t"
+        "eor	r3, r3, r5, lsl #16\n\t"
+        "eor	r3, r3, r6, lsl #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "ldm	lr!, {r3}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "eor	r5, r5, r4\n\t"
+        "eor	r6, r6, r5\n\t"
+        "eor	r7, r7, r6\n\t"
+        "add	%[ks], %[ks], #16\n\t"
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "sub	%[ks], %[ks], #16\n\t"
+        "b	L_AES_set_encrypt_key_end_%=\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_start_192_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [%[key]]\n\t"
+        "ldr	r5, [%[key], #4]\n\t"
+#else
+        "ldrd	r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [%[key], #8]\n\t"
+        "ldr	r7, [%[key], #12]\n\t"
+#else
+        "ldrd	r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	%[len], [%[key], #20]\n\t"
+        "ldr	%[key], [%[key], #16]\n\t"
+#else
+        "ldrd	%[key], %[len], [%[key], #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        /* REV r4, r4 */
+        "eor	r3, r4, r4, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "eor	r4, r4, r3, lsr #8\n\t"
+        /* REV r5, r5 */
+        "eor	r3, r5, r5, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r5, r5, r3, lsr #8\n\t"
+        /* REV r6, r6 */
+        "eor	r3, r6, r6, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "eor	r6, r6, r3, lsr #8\n\t"
+        /* REV r7, r7 */
+        "eor	r3, r7, r7, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r7, r7, r3, lsr #8\n\t"
+        /* REV r0, r0 */
+        "eor	r3, %[key], %[key], ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	%[key], %[key], #8\n\t"
+        "eor	%[key], %[key], r3, lsr #8\n\t"
+        /* REV r1, r1 */
+        "eor	r3, %[len], %[len], ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	%[len], %[len], #8\n\t"
+        "eor	%[len], %[len], r3, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+        "rev	%[key], %[key]\n\t"
+        "rev	%[len], %[len]\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	%[key], [%[ks], #16]\n\t"
+        "str	%[len], [%[ks], #20]\n\t"
+#else
+        "strd	%[key], %[len], [%[ks], #16]\n\t"
+#endif
+        "mov	r7, %[len]\n\t"
+        "mov	r12, #7\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_192_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r0, r7, #24\n\t"
+        "lsr	r0, r0, #24\n\t"
+#else
+        "uxtb	r0, r7\n\t"
+#endif
+#else
+        "ubfx	r0, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r1, r7, #16\n\t"
+        "lsr	r1, r1, #24\n\t"
+#else
+        "uxtb	r1, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r1, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r7, #8\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r4, r7, #16, #8\n\t"
+#endif
+        "lsr	r7, r7, #24\n\t"
+        "ldrb	r0, [r8, r0, lsl #2]\n\t"
+        "ldrb	r1, [r8, r1, lsl #2]\n\t"
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r7, [r8, r7, lsl #2]\n\t"
+        "eor	r3, r7, r0, lsl #8\n\t"
+        "eor	r3, r3, r1, lsl #16\n\t"
+        "eor	r3, r3, r4, lsl #24\n\t"
+        "ldm	%[ks]!, {r0, r1, r4, r5, r6, r7}\n\t"
+        "eor	r0, r0, r3\n\t"
+        "ldm	lr!, {r3}\n\t"
+        "eor	r0, r0, r3\n\t"
+        "eor	r1, r1, r0\n\t"
+        "eor	r4, r4, r1\n\t"
+        "eor	r5, r5, r4\n\t"
+        "eor	r6, r6, r5\n\t"
+        "eor	r7, r7, r6\n\t"
+        "stm	%[ks], {r0, r1, r4, r5, r6, r7}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_AES_set_encrypt_key_loop_192_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r0, r7, #24\n\t"
+        "lsr	r0, r0, #24\n\t"
+#else
+        "uxtb	r0, r7\n\t"
+#endif
+#else
+        "ubfx	r0, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r1, r7, #16\n\t"
+        "lsr	r1, r1, #24\n\t"
+#else
+        "uxtb	r1, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r1, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r7, #8\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r4, r7, #16, #8\n\t"
+#endif
+        "lsr	r7, r7, #24\n\t"
+        "ldrb	r0, [r8, r0, lsl #2]\n\t"
+        "ldrb	r1, [r8, r1, lsl #2]\n\t"
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r7, [r8, r7, lsl #2]\n\t"
+        "eor	r3, r7, r0, lsl #8\n\t"
+        "eor	r3, r3, r1, lsl #16\n\t"
+        "eor	r3, r3, r4, lsl #24\n\t"
+        "ldm	%[ks]!, {r0, r1, r4, r5, r6, r7}\n\t"
+        "eor	r0, r0, r3\n\t"
+        "ldm	lr!, {r3}\n\t"
+        "eor	r0, r0, r3\n\t"
+        "eor	r1, r1, r0\n\t"
+        "eor	r4, r4, r1\n\t"
+        "eor	r5, r5, r4\n\t"
+        "stm	%[ks], {r0, r1, r4, r5}\n\t"
+        "b	L_AES_set_encrypt_key_end_%=\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_start_128_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [%[key]]\n\t"
+        "ldr	r5, [%[key], #4]\n\t"
+#else
+        "ldrd	r4, r5, [%[key]]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [%[key], #8]\n\t"
+        "ldr	r7, [%[key], #12]\n\t"
+#else
+        "ldrd	r6, r7, [%[key], #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        /* REV r4, r4 */
+        "eor	r3, r4, r4, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "eor	r4, r4, r3, lsr #8\n\t"
+        /* REV r5, r5 */
+        "eor	r3, r5, r5, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r5, r5, r3, lsr #8\n\t"
+        /* REV r6, r6 */
+        "eor	r3, r6, r6, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "eor	r6, r6, r3, lsr #8\n\t"
+        /* REV r7, r7 */
+        "eor	r3, r7, r7, ror #16\n\t"
+        "bic	r3, r3, #0xff0000\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r7, r7, r3, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "mov	r12, #10\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_128_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r7, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r7\n\t"
+#endif
+#else
+        "ubfx	r4, r7, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r7, #16\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r5, r7, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r7, #8\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r6, r7, #16, #8\n\t"
+#endif
+        "lsr	r7, r7, #24\n\t"
+        "ldrb	r4, [r8, r4, lsl #2]\n\t"
+        "ldrb	r5, [r8, r5, lsl #2]\n\t"
+        "ldrb	r6, [r8, r6, lsl #2]\n\t"
+        "ldrb	r7, [r8, r7, lsl #2]\n\t"
+        "eor	r3, r7, r4, lsl #8\n\t"
+        "eor	r3, r3, r5, lsl #16\n\t"
+        "eor	r3, r3, r6, lsl #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "ldm	lr!, {r3}\n\t"
+        "eor	r4, r4, r3\n\t"
+        "eor	r5, r5, r4\n\t"
+        "eor	r6, r6, r5\n\t"
+        "eor	r7, r7, r6\n\t"
+        "stm	%[ks], {r4, r5, r6, r7}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_AES_set_encrypt_key_loop_128_%=\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_end_%=: \n\t"
+        : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks), [L_AES_ARM32_te] "+r" (L_AES_ARM32_te_c), [L_AES_ARM32_rcon] "+r" (L_AES_ARM32_rcon_c)
+        :
+        : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks);
+void AES_encrypt_block(const uint32_t* te_p, int nr_p, int len_p, const uint32_t* ks_p)
+{
+    register const uint32_t* te asm ("r0") = (const uint32_t*)te_p;
+    register int nr asm ("r1") = (int)nr_p;
+    register int len asm ("r2") = (int)len_p;
+    register const uint32_t* ks asm ("r3") = (const uint32_t*)ks_p;
+
+    __asm__ __volatile__ (
+        "\n"
+    "L_AES_encrypt_block_nr_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r5, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r5, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r5, #16, #8\n\t"
+#endif
+        "lsr	r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r6, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r6, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r7, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r7\n\t"
+#endif
+#else
+        "ubfx	r2, r7, #0, #8\n\t"
+#endif
+        "ldr	r8, [%[te], r8, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r9, r6, #8\n\t"
+        "lsr	r9, r9, #24\n\t"
+#else
+        "uxtb	r9, r6, ror #16\n\t"
+#endif
+#else
+        "ubfx	r9, r6, #16, #8\n\t"
+#endif
+        "eor	r8, r8, r11, ror #24\n\t"
+        "lsr	r11, r5, #24\n\t"
+        "eor	r8, r8, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r7, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r7, #8, #8\n\t"
+#endif
+        "eor	r8, r8, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r4, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r4\n\t"
+#endif
+#else
+        "ubfx	r2, r4, #0, #8\n\t"
+#endif
+        "ldr	r9, [%[te], r9, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r10, r7, #8\n\t"
+        "lsr	r10, r10, #24\n\t"
+#else
+        "uxtb	r10, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r10, r7, #16, #8\n\t"
+#endif
+        "eor	r9, r9, r11, ror #24\n\t"
+        "lsr	r11, r6, #24\n\t"
+        "eor	r9, r9, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r4, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r4, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r4, #8, #8\n\t"
+#endif
+        "eor	r9, r9, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r5, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r5\n\t"
+#endif
+#else
+        "ubfx	r2, r5, #0, #8\n\t"
+#endif
+        "ldr	r10, [%[te], r10, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r6, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r6\n\t"
+#endif
+#else
+        "ubfx	r6, r6, #0, #8\n\t"
+#endif
+        "eor	r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r11, r4, #8\n\t"
+        "lsr	r11, r11, #24\n\t"
+#else
+        "uxtb	r11, r4, ror #16\n\t"
+#endif
+#else
+        "ubfx	r11, r4, #16, #8\n\t"
+#endif
+        "eor	r10, r10, lr, ror #8\n\t"
+        "lsr	lr, r7, #24\n\t"
+        "eor	r10, r10, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r5, #16\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r5, ror #8\n\t"
+#endif
+#else
+        "ubfx	r2, r5, #8, #8\n\t"
+#endif
+        "ldr	r6, [%[te], r6, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+        "eor	lr, lr, r6, ror #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r11, r11, lr, ror #24\n\t"
+        "eor	r11, r11, r2, ror #8\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r9, #8\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r9, ror #16\n\t"
+#endif
+#else
+        "ubfx	r4, r9, #16, #8\n\t"
+#endif
+        "lsr	r7, r8, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r10, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r10, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r11, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r11\n\t"
+#endif
+#else
+        "ubfx	r2, r11, #0, #8\n\t"
+#endif
+        "ldr	r4, [%[te], r4, lsl #2]\n\t"
+        "ldr	r7, [%[te], r7, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r10, #8\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r10, ror #16\n\t"
+#endif
+#else
+        "ubfx	r5, r10, #16, #8\n\t"
+#endif
+        "eor	r4, r4, r7, ror #24\n\t"
+        "lsr	r7, r9, #24\n\t"
+        "eor	r4, r4, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r11, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r11, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r11, #8, #8\n\t"
+#endif
+        "eor	r4, r4, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r8, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r8\n\t"
+#endif
+#else
+        "ubfx	r2, r8, #0, #8\n\t"
+#endif
+        "ldr	r5, [%[te], r5, lsl #2]\n\t"
+        "ldr	r7, [%[te], r7, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r11, #8\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r11, ror #16\n\t"
+#endif
+#else
+        "ubfx	r6, r11, #16, #8\n\t"
+#endif
+        "eor	r5, r5, r7, ror #24\n\t"
+        "lsr	r7, r10, #24\n\t"
+        "eor	r5, r5, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r8, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r8, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r8, #8, #8\n\t"
+#endif
+        "eor	r5, r5, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r9, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r9\n\t"
+#endif
+#else
+        "ubfx	r2, r9, #0, #8\n\t"
+#endif
+        "ldr	r6, [%[te], r6, lsl #2]\n\t"
+        "ldr	r7, [%[te], r7, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r10, r10, #24\n\t"
+        "lsr	r10, r10, #24\n\t"
+#else
+        "uxtb	r10, r10\n\t"
+#endif
+#else
+        "ubfx	r10, r10, #0, #8\n\t"
+#endif
+        "eor	r6, r6, r7, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r8, #8\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r8, ror #16\n\t"
+#endif
+#else
+        "ubfx	r7, r8, #16, #8\n\t"
+#endif
+        "eor	r6, r6, lr, ror #8\n\t"
+        "lsr	lr, r11, #24\n\t"
+        "eor	r6, r6, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r9, #16\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r9, ror #8\n\t"
+#endif
+#else
+        "ubfx	r2, r9, #8, #8\n\t"
+#endif
+        "ldr	r10, [%[te], r10, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r7, [%[te], r7, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+        "eor	lr, lr, r10, ror #24\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "eor	r7, r7, lr, ror #24\n\t"
+        "eor	r7, r7, r2, ror #8\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "subs	%[nr], %[nr], #1\n\t"
+        "bne	L_AES_encrypt_block_nr_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r5, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r5, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r5, #16, #8\n\t"
+#endif
+        "lsr	r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r6, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r6, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r7, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r7\n\t"
+#endif
+#else
+        "ubfx	r2, r7, #0, #8\n\t"
+#endif
+        "ldr	r8, [%[te], r8, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r9, r6, #8\n\t"
+        "lsr	r9, r9, #24\n\t"
+#else
+        "uxtb	r9, r6, ror #16\n\t"
+#endif
+#else
+        "ubfx	r9, r6, #16, #8\n\t"
+#endif
+        "eor	r8, r8, r11, ror #24\n\t"
+        "lsr	r11, r5, #24\n\t"
+        "eor	r8, r8, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r7, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r7, #8, #8\n\t"
+#endif
+        "eor	r8, r8, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r4, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r4\n\t"
+#endif
+#else
+        "ubfx	r2, r4, #0, #8\n\t"
+#endif
+        "ldr	r9, [%[te], r9, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r10, r7, #8\n\t"
+        "lsr	r10, r10, #24\n\t"
+#else
+        "uxtb	r10, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r10, r7, #16, #8\n\t"
+#endif
+        "eor	r9, r9, r11, ror #24\n\t"
+        "lsr	r11, r6, #24\n\t"
+        "eor	r9, r9, lr, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r4, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r4, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r4, #8, #8\n\t"
+#endif
+        "eor	r9, r9, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r5, #24\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r5\n\t"
+#endif
+#else
+        "ubfx	r2, r5, #0, #8\n\t"
+#endif
+        "ldr	r10, [%[te], r10, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r6, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r6\n\t"
+#endif
+#else
+        "ubfx	r6, r6, #0, #8\n\t"
+#endif
+        "eor	r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r11, r4, #8\n\t"
+        "lsr	r11, r11, #24\n\t"
+#else
+        "uxtb	r11, r4, ror #16\n\t"
+#endif
+#else
+        "ubfx	r11, r4, #16, #8\n\t"
+#endif
+        "eor	r10, r10, lr, ror #8\n\t"
+        "lsr	lr, r7, #24\n\t"
+        "eor	r10, r10, r2, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r5, #16\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r5, ror #8\n\t"
+#endif
+#else
+        "ubfx	r2, r5, #8, #8\n\t"
+#endif
+        "ldr	r6, [%[te], r6, lsl #2]\n\t"
+        "ldr	lr, [%[te], lr, lsl #2]\n\t"
+        "ldr	r11, [%[te], r11, lsl #2]\n\t"
+        "ldr	r2, [%[te], r2, lsl #2]\n\t"
+        "eor	lr, lr, r6, ror #24\n\t"
+        "ldm	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "eor	r11, r11, lr, ror #24\n\t"
+        "eor	r11, r11, r2, ror #8\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r11, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r11\n\t"
+#endif
+#else
+        "ubfx	r4, r11, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r10, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r10, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r9, #8\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r9, ror #16\n\t"
+#endif
+#else
+        "ubfx	lr, r9, #16, #8\n\t"
+#endif
+        "lsr	r2, r8, #24\n\t"
+        "ldrb	r4, [%[te], r4, lsl #2]\n\t"
+        "ldrb	r7, [%[te], r7, lsl #2]\n\t"
+        "ldrb	lr, [%[te], lr, lsl #2]\n\t"
+        "ldrb	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r8, #24\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r8\n\t"
+#endif
+#else
+        "ubfx	r5, r8, #0, #8\n\t"
+#endif
+        "eor	r4, r4, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r11, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r11, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r11, #8, #8\n\t"
+#endif
+        "eor	r4, r4, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r10, #8\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r10, ror #16\n\t"
+#endif
+#else
+        "ubfx	lr, r10, #16, #8\n\t"
+#endif
+        "eor	r4, r4, r2, lsl #24\n\t"
+        "lsr	r2, r9, #24\n\t"
+        "ldrb	r5, [%[te], r5, lsl #2]\n\t"
+        "ldrb	r7, [%[te], r7, lsl #2]\n\t"
+        "ldrb	lr, [%[te], lr, lsl #2]\n\t"
+        "ldrb	r2, [%[te], r2, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r9, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r9\n\t"
+#endif
+#else
+        "ubfx	r6, r9, #0, #8\n\t"
+#endif
+        "eor	r5, r5, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r8, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r8, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r8, #8, #8\n\t"
+#endif
+        "eor	r5, r5, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r11, #8\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r11, ror #16\n\t"
+#endif
+#else
+        "ubfx	lr, r11, #16, #8\n\t"
+#endif
+        "eor	r5, r5, r2, lsl #24\n\t"
+        "lsr	r2, r10, #24\n\t"
+        "ldrb	r6, [%[te], r6, lsl #2]\n\t"
+        "ldrb	r7, [%[te], r7, lsl #2]\n\t"
+        "ldrb	lr, [%[te], lr, lsl #2]\n\t"
+        "ldrb	r2, [%[te], r2, lsl #2]\n\t"
+        "lsr	r11, r11, #24\n\t"
+        "eor	r6, r6, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r10, #24\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r10\n\t"
+#endif
+#else
+        "ubfx	r7, r10, #0, #8\n\t"
+#endif
+        "eor	r6, r6, lr, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r9, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r9, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r9, #8, #8\n\t"
+#endif
+        "eor	r6, r6, r2, lsl #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r2, r8, #8\n\t"
+        "lsr	r2, r2, #24\n\t"
+#else
+        "uxtb	r2, r8, ror #16\n\t"
+#endif
+#else
+        "ubfx	r2, r8, #16, #8\n\t"
+#endif
+        "ldrb	r11, [%[te], r11, lsl #2]\n\t"
+        "ldrb	r7, [%[te], r7, lsl #2]\n\t"
+        "ldrb	lr, [%[te], lr, lsl #2]\n\t"
+        "ldrb	r2, [%[te], r2, lsl #2]\n\t"
+        "eor	lr, lr, r11, lsl #16\n\t"
+        "ldm	%[ks], {r8, r9, r10, r11}\n\t"
+        "eor	r7, r7, lr, lsl #8\n\t"
+        "eor	r7, r7, r2, lsl #16\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        : [te] "+r" (te), [nr] "+r" (nr), [len] "+r" (len), [ks] "+r" (ks)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_ARM32_te_ecb = L_AES_ARM32_te_data;
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr);
+void AES_ECB_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register uint32_t* L_AES_ARM32_te_ecb_c asm ("r5") = (uint32_t*)L_AES_ARM32_te_ecb;
+
+    __asm__ __volatile__ (
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_te_ecb]\n\t"
+        "mov	r12, r4\n\t"
+        "push	{%[ks]}\n\t"
+        "cmp	r12, #10\n\t"
+        "beq	L_AES_ECB_encrypt_start_block_128_%=\n\t"
+        "cmp	r12, #12\n\t"
+        "beq	L_AES_ECB_encrypt_start_block_192_%=\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_256_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[len], lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_encrypt_loop_block_256_%=\n\t"
+        "b	L_AES_ECB_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_start_block_192_%=: \n\t"
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_192_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[len], lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_encrypt_loop_block_192_%=\n\t"
+        "b	L_AES_ECB_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_start_block_128_%=: \n\t"
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_128_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[len], lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_encrypt_loop_block_128_%=\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_end_%=: \n\t"
+        "pop	{%[ks]}\n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [L_AES_ARM32_te_ecb] "+r" (L_AES_ARM32_te_ecb_c)
+        :
+        : "memory", "r12", "lr", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+static const uint32_t* L_AES_ARM32_te_cbc = L_AES_ARM32_te_data;
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+void AES_CBC_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register unsigned char* iv asm ("r5") = (unsigned char*)iv_p;
+    register uint32_t* L_AES_ARM32_te_cbc_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_cbc;
+
+    __asm__ __volatile__ (
+        "mov	r8, r4\n\t"
+        "mov	r9, r5\n\t"
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_te_cbc]\n\t"
+        "ldm	r9, {r4, r5, r6, r7}\n\t"
+        "push	{%[ks], r9}\n\t"
+        "cmp	r8, #10\n\t"
+        "beq	L_AES_CBC_encrypt_start_block_128_%=\n\t"
+        "cmp	r8, #12\n\t"
+        "beq	L_AES_CBC_encrypt_start_block_192_%=\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_256_%=: \n\t"
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "push	{r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_encrypt_loop_block_256_%=\n\t"
+        "b	L_AES_CBC_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_start_block_192_%=: \n\t"
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_192_%=: \n\t"
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "push	{r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_encrypt_loop_block_192_%=\n\t"
+        "b	L_AES_CBC_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_start_block_128_%=: \n\t"
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_128_%=: \n\t"
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "push	{r1, %[len], lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_encrypt_loop_block_128_%=\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_end_%=: \n\t"
+        "pop	{%[ks], r9}\n\t"
+        "stm	r9, {r4, r5, r6, r7}\n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv), [L_AES_ARM32_te_cbc] "+r" (L_AES_ARM32_te_cbc_c)
+        :
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+static const uint32_t* L_AES_ARM32_te_ctr = L_AES_ARM32_te_data;
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register unsigned char* ctr asm ("r5") = (unsigned char*)ctr_p;
+    register uint32_t* L_AES_ARM32_te_ctr_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_ctr;
+
+    __asm__ __volatile__ (
+        "mov	r12, r4\n\t"
+        "mov	r8, r5\n\t"
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_te_ctr]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r10, r4, r4, ror #16\n\t"
+        "eor	r11, r5, r5, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r4, r4, r10, lsr #8\n\t"
+        "eor	r5, r5, r11, lsr #8\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	r8, {r4, r5, r6, r7}\n\t"
+        "push	{%[ks], r8}\n\t"
+        "cmp	r12, #10\n\t"
+        "beq	L_AES_CTR_encrypt_start_block_128_%=\n\t"
+        "cmp	r12, #12\n\t"
+        "beq	L_AES_CTR_encrypt_start_block_192_%=\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_256_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "adds	r11, r7, #1\n\t"
+        "adcs	r10, r6, #0\n\t"
+        "adcs	r9, r5, #0\n\t"
+        "adc	r8, r4, #0\n\t"
+        "stm	lr, {r8, r9, r10, r11}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CTR_encrypt_loop_block_256_%=\n\t"
+        "b	L_AES_CTR_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_start_block_192_%=: \n\t"
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_192_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "adds	r11, r7, #1\n\t"
+        "adcs	r10, r6, #0\n\t"
+        "adcs	r9, r5, #0\n\t"
+        "adc	r8, r4, #0\n\t"
+        "stm	lr, {r8, r9, r10, r11}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CTR_encrypt_loop_block_192_%=\n\t"
+        "b	L_AES_CTR_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_start_block_128_%=: \n\t"
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_128_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "adds	r11, r7, #1\n\t"
+        "adcs	r10, r6, #0\n\t"
+        "adcs	r9, r5, #0\n\t"
+        "adc	r8, r4, #0\n\t"
+        "stm	lr, {r8, r9, r10, r11}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CTR_encrypt_loop_block_128_%=\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_end_%=: \n\t"
+        "pop	{%[ks], r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r10, r4, r4, ror #16\n\t"
+        "eor	r11, r5, r5, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r4, r4, r10, lsr #8\n\t"
+        "eor	r5, r5, r11, lsr #8\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	r8, {r4, r5, r6, r7}\n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr), [L_AES_ARM32_te_ctr] "+r" (L_AES_ARM32_te_ctr_c)
+        :
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4);
+void AES_decrypt_block(const uint32_t* td_p, int nr_p, const uint8_t* td4_p)
+{
+    register const uint32_t* td asm ("r0") = (const uint32_t*)td_p;
+    register int nr asm ("r1") = (int)nr_p;
+    register const uint8_t* td4 asm ("r2") = (const uint8_t*)td4_p;
+
+    __asm__ __volatile__ (
+        "\n"
+    "L_AES_decrypt_block_nr_%=: \n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r7, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r7, #16, #8\n\t"
+#endif
+        "lsr	r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r6, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r6, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r5, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r5\n\t"
+#endif
+#else
+        "ubfx	lr, r5, #0, #8\n\t"
+#endif
+        "ldr	r8, [%[td], r8, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r9, r4, #8\n\t"
+        "lsr	r9, r9, #24\n\t"
+#else
+        "uxtb	r9, r4, ror #16\n\t"
+#endif
+#else
+        "ubfx	r9, r4, #16, #8\n\t"
+#endif
+        "eor	r8, r8, r11, ror #24\n\t"
+        "lsr	r11, r5, #24\n\t"
+        "eor	r8, r8, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r7, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r7, #8, #8\n\t"
+#endif
+        "eor	r8, r8, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r6, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r6\n\t"
+#endif
+#else
+        "ubfx	lr, r6, #0, #8\n\t"
+#endif
+        "ldr	r9, [%[td], r9, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r10, r5, #8\n\t"
+        "lsr	r10, r10, #24\n\t"
+#else
+        "uxtb	r10, r5, ror #16\n\t"
+#endif
+#else
+        "ubfx	r10, r5, #16, #8\n\t"
+#endif
+        "eor	r9, r9, r11, ror #24\n\t"
+        "lsr	r11, r6, #24\n\t"
+        "eor	r9, r9, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r4, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r4, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r4, #8, #8\n\t"
+#endif
+        "eor	r9, r9, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r7, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r7\n\t"
+#endif
+#else
+        "ubfx	lr, r7, #0, #8\n\t"
+#endif
+        "ldr	r10, [%[td], r10, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r4, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r4\n\t"
+#endif
+#else
+        "ubfx	r4, r4, #0, #8\n\t"
+#endif
+        "eor	r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r11, r6, #8\n\t"
+        "lsr	r11, r11, #24\n\t"
+#else
+        "uxtb	r11, r6, ror #16\n\t"
+#endif
+#else
+        "ubfx	r11, r6, #16, #8\n\t"
+#endif
+        "eor	r10, r10, r12, ror #8\n\t"
+        "lsr	r12, r7, #24\n\t"
+        "eor	r10, r10, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r5, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r5, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r5, #8, #8\n\t"
+#endif
+        "ldr	r4, [%[td], r4, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+        "eor	r12, r12, r4, ror #24\n\t"
+        "ldm	r3!, {r4, r5, r6, r7}\n\t"
+        "eor	r11, r11, lr, ror #8\n\t"
+        "eor	r11, r11, r12, ror #24\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r11, #8\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r11, ror #16\n\t"
+#endif
+#else
+        "ubfx	r4, r11, #16, #8\n\t"
+#endif
+        "lsr	r7, r8, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r10, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r10, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r9, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r9\n\t"
+#endif
+#else
+        "ubfx	lr, r9, #0, #8\n\t"
+#endif
+        "ldr	r4, [%[td], r4, lsl #2]\n\t"
+        "ldr	r7, [%[td], r7, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r8, #8\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r8, ror #16\n\t"
+#endif
+#else
+        "ubfx	r5, r8, #16, #8\n\t"
+#endif
+        "eor	r4, r4, r7, ror #24\n\t"
+        "lsr	r7, r9, #24\n\t"
+        "eor	r4, r4, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r11, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r11, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r11, #8, #8\n\t"
+#endif
+        "eor	r4, r4, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r10, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r10\n\t"
+#endif
+#else
+        "ubfx	lr, r10, #0, #8\n\t"
+#endif
+        "ldr	r5, [%[td], r5, lsl #2]\n\t"
+        "ldr	r7, [%[td], r7, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r9, #8\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r9, ror #16\n\t"
+#endif
+#else
+        "ubfx	r6, r9, #16, #8\n\t"
+#endif
+        "eor	r5, r5, r7, ror #24\n\t"
+        "lsr	r7, r10, #24\n\t"
+        "eor	r5, r5, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r8, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r8, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r8, #8, #8\n\t"
+#endif
+        "eor	r5, r5, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r11, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r11\n\t"
+#endif
+#else
+        "ubfx	lr, r11, #0, #8\n\t"
+#endif
+        "ldr	r6, [%[td], r6, lsl #2]\n\t"
+        "ldr	r7, [%[td], r7, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r8, #24\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r8\n\t"
+#endif
+#else
+        "ubfx	r8, r8, #0, #8\n\t"
+#endif
+        "eor	r6, r6, r7, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r10, #8\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r10, ror #16\n\t"
+#endif
+#else
+        "ubfx	r7, r10, #16, #8\n\t"
+#endif
+        "eor	r6, r6, r12, ror #8\n\t"
+        "lsr	r12, r11, #24\n\t"
+        "eor	r6, r6, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r9, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r9, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r9, #8, #8\n\t"
+#endif
+        "ldr	r8, [%[td], r8, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	r7, [%[td], r7, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+        "eor	r12, r12, r8, ror #24\n\t"
+        "ldm	r3!, {r8, r9, r10, r11}\n\t"
+        "eor	r7, r7, lr, ror #8\n\t"
+        "eor	r7, r7, r12, ror #24\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "subs	%[nr], %[nr], #1\n\t"
+        "bne	L_AES_decrypt_block_nr_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r8, r7, #8\n\t"
+        "lsr	r8, r8, #24\n\t"
+#else
+        "uxtb	r8, r7, ror #16\n\t"
+#endif
+#else
+        "ubfx	r8, r7, #16, #8\n\t"
+#endif
+        "lsr	r11, r4, #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r6, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r6, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r6, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r5, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r5\n\t"
+#endif
+#else
+        "ubfx	lr, r5, #0, #8\n\t"
+#endif
+        "ldr	r8, [%[td], r8, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r9, r4, #8\n\t"
+        "lsr	r9, r9, #24\n\t"
+#else
+        "uxtb	r9, r4, ror #16\n\t"
+#endif
+#else
+        "ubfx	r9, r4, #16, #8\n\t"
+#endif
+        "eor	r8, r8, r11, ror #24\n\t"
+        "lsr	r11, r5, #24\n\t"
+        "eor	r8, r8, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r7, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r7, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r7, #8, #8\n\t"
+#endif
+        "eor	r8, r8, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r6, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r6\n\t"
+#endif
+#else
+        "ubfx	lr, r6, #0, #8\n\t"
+#endif
+        "ldr	r9, [%[td], r9, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r10, r5, #8\n\t"
+        "lsr	r10, r10, #24\n\t"
+#else
+        "uxtb	r10, r5, ror #16\n\t"
+#endif
+#else
+        "ubfx	r10, r5, #16, #8\n\t"
+#endif
+        "eor	r9, r9, r11, ror #24\n\t"
+        "lsr	r11, r6, #24\n\t"
+        "eor	r9, r9, r12, ror #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r4, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r4, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r4, #8, #8\n\t"
+#endif
+        "eor	r9, r9, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r7, #24\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r7\n\t"
+#endif
+#else
+        "ubfx	lr, r7, #0, #8\n\t"
+#endif
+        "ldr	r10, [%[td], r10, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r4, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r4\n\t"
+#endif
+#else
+        "ubfx	r4, r4, #0, #8\n\t"
+#endif
+        "eor	r10, r10, r11, ror #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r11, r6, #8\n\t"
+        "lsr	r11, r11, #24\n\t"
+#else
+        "uxtb	r11, r6, ror #16\n\t"
+#endif
+#else
+        "ubfx	r11, r6, #16, #8\n\t"
+#endif
+        "eor	r10, r10, r12, ror #8\n\t"
+        "lsr	r12, r7, #24\n\t"
+        "eor	r10, r10, lr, ror #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r5, #16\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r5, ror #8\n\t"
+#endif
+#else
+        "ubfx	lr, r5, #8, #8\n\t"
+#endif
+        "ldr	r4, [%[td], r4, lsl #2]\n\t"
+        "ldr	r12, [%[td], r12, lsl #2]\n\t"
+        "ldr	r11, [%[td], r11, lsl #2]\n\t"
+        "ldr	lr, [%[td], lr, lsl #2]\n\t"
+        "eor	r12, r12, r4, ror #24\n\t"
+        "ldm	r3!, {r4, r5, r6, r7}\n\t"
+        "eor	r11, r11, lr, ror #8\n\t"
+        "eor	r11, r11, r12, ror #24\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r4, r9, #24\n\t"
+        "lsr	r4, r4, #24\n\t"
+#else
+        "uxtb	r4, r9\n\t"
+#endif
+#else
+        "ubfx	r4, r9, #0, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r10, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r10, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r10, #8, #8\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r11, #8\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r11, ror #16\n\t"
+#endif
+#else
+        "ubfx	r12, r11, #16, #8\n\t"
+#endif
+        "lsr	lr, r8, #24\n\t"
+        "ldrb	r4, [%[td4], r4]\n\t"
+        "ldrb	r7, [%[td4], r7]\n\t"
+        "ldrb	r12, [%[td4], r12]\n\t"
+        "ldrb	lr, [%[td4], lr]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r5, r10, #24\n\t"
+        "lsr	r5, r5, #24\n\t"
+#else
+        "uxtb	r5, r10\n\t"
+#endif
+#else
+        "ubfx	r5, r10, #0, #8\n\t"
+#endif
+        "eor	r4, r4, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r11, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r11, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r11, #8, #8\n\t"
+#endif
+        "eor	r4, r4, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r8, #8\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r8, ror #16\n\t"
+#endif
+#else
+        "ubfx	r12, r8, #16, #8\n\t"
+#endif
+        "eor	r4, r4, lr, lsl #24\n\t"
+        "lsr	lr, r9, #24\n\t"
+        "ldrb	r7, [%[td4], r7]\n\t"
+        "ldrb	lr, [%[td4], lr]\n\t"
+        "ldrb	r5, [%[td4], r5]\n\t"
+        "ldrb	r12, [%[td4], r12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r6, r11, #24\n\t"
+        "lsr	r6, r6, #24\n\t"
+#else
+        "uxtb	r6, r11\n\t"
+#endif
+#else
+        "ubfx	r6, r11, #0, #8\n\t"
+#endif
+        "eor	r5, r5, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r8, #16\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r8, ror #8\n\t"
+#endif
+#else
+        "ubfx	r7, r8, #8, #8\n\t"
+#endif
+        "eor	r5, r5, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r9, #8\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r9, ror #16\n\t"
+#endif
+#else
+        "ubfx	r12, r9, #16, #8\n\t"
+#endif
+        "eor	r5, r5, lr, lsl #24\n\t"
+        "lsr	lr, r10, #24\n\t"
+        "ldrb	r7, [%[td4], r7]\n\t"
+        "ldrb	lr, [%[td4], lr]\n\t"
+        "ldrb	r6, [%[td4], r6]\n\t"
+        "ldrb	r12, [%[td4], r12]\n\t"
+        "lsr	r11, r11, #24\n\t"
+        "eor	r6, r6, r7, lsl #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r7, r8, #24\n\t"
+        "lsr	r7, r7, #24\n\t"
+#else
+        "uxtb	r7, r8\n\t"
+#endif
+#else
+        "ubfx	r7, r8, #0, #8\n\t"
+#endif
+        "eor	r6, r6, r12, lsl #16\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	r12, r9, #16\n\t"
+        "lsr	r12, r12, #24\n\t"
+#else
+        "uxtb	r12, r9, ror #8\n\t"
+#endif
+#else
+        "ubfx	r12, r9, #8, #8\n\t"
+#endif
+        "eor	r6, r6, lr, lsl #24\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	lr, r10, #8\n\t"
+        "lsr	lr, lr, #24\n\t"
+#else
+        "uxtb	lr, r10, ror #16\n\t"
+#endif
+#else
+        "ubfx	lr, r10, #16, #8\n\t"
+#endif
+        "ldrb	r11, [%[td4], r11]\n\t"
+        "ldrb	r12, [%[td4], r12]\n\t"
+        "ldrb	r7, [%[td4], r7]\n\t"
+        "ldrb	lr, [%[td4], lr]\n\t"
+        "eor	r12, r12, r11, lsl #16\n\t"
+        "ldm	r3, {r8, r9, r10, r11}\n\t"
+        "eor	r7, r7, r12, lsl #8\n\t"
+        "eor	r7, r7, lr, lsl #16\n\t"
+        /*   XOR in Key Schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        : [td] "+r" (td), [nr] "+r" (nr), [td4] "+r" (td4)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+static const uint32_t* L_AES_ARM32_td_ecb = L_AES_ARM32_td_data;
+static const unsigned char L_AES_ARM32_td4[] = {
+    0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+    0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+    0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+    0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+    0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+    0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+    0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+    0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+    0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+    0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+    0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+    0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+    0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+    0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+    0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+    0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+    0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+    0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+    0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+    0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+    0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+    0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+    0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+    0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+    0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+    0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+    0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+    0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+    0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+    0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+    0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+    0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d,
+};
+
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr);
+void AES_ECB_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register uint32_t* L_AES_ARM32_td_ecb_c asm ("r5") = (uint32_t*)L_AES_ARM32_td_ecb;
+    register unsigned char* L_AES_ARM32_td4_c asm ("r6") = (unsigned char*)&L_AES_ARM32_td4;
+
+    __asm__ __volatile__ (
+        "mov	r8, r4\n\t"
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_td_ecb]\n\t"
+        "mov	r12, %[len]\n\t"
+        "mov	r2, %[L_AES_ARM32_td4]\n\t"
+        "cmp	r8, #10\n\t"
+        "beq	L_AES_ECB_decrypt_start_block_128_%=\n\t"
+        "cmp	r8, #12\n\t"
+        "beq	L_AES_ECB_decrypt_start_block_192_%=\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_256_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[ks], r12, lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "pop	{r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_decrypt_loop_block_256_%=\n\t"
+        "b	L_AES_ECB_decrypt_end_%=\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_start_block_192_%=: \n\t"
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_192_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[ks], r12, lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "pop	{r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_decrypt_loop_block_192_%=\n\t"
+        "b	L_AES_ECB_decrypt_end_%=\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_start_block_128_%=: \n\t"
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_128_%=: \n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "push	{r1, %[ks], r12, lr}\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "pop	{r1, %[ks], r12, lr}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_ECB_decrypt_loop_block_128_%=\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_end_%=: \n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [L_AES_ARM32_td_ecb] "+r" (L_AES_ARM32_td_ecb_c), [L_AES_ARM32_td4] "+r" (L_AES_ARM32_td4_c)
+        :
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+void AES_CBC_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register unsigned char* iv asm ("r5") = (unsigned char*)iv_p;
+    register uint32_t* L_AES_ARM32_td_ecb_c asm ("r6") = (uint32_t*)L_AES_ARM32_td_ecb;
+    register unsigned char* L_AES_ARM32_td4_c asm ("r7") = (unsigned char*)&L_AES_ARM32_td4;
+
+    __asm__ __volatile__ (
+        "mov	r8, r4\n\t"
+        "mov	r4, r5\n\t"
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_td_ecb]\n\t"
+        "mov	r12, %[len]\n\t"
+        "mov	r2, %[L_AES_ARM32_td4]\n\t"
+        "push	{%[ks]-r4}\n\t"
+        "cmp	r8, #10\n\t"
+        "beq	L_AES_CBC_decrypt_loop_block_128_%=\n\t"
+        "cmp	r8, #12\n\t"
+        "beq	L_AES_CBC_decrypt_loop_block_192_%=\n\t"
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_256_%=: \n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr, #16]\n\t"
+        "str	r5, [lr, #20]\n\t"
+#else
+        "strd	r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #24]\n\t"
+        "str	r7, [lr, #28]\n\t"
+#else
+        "strd	r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	lr, {r8, r9, r10, r11}\n\t"
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "beq	L_AES_CBC_decrypt_end_odd_%=\n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr]\n\t"
+        "str	r5, [lr, #4]\n\t"
+#else
+        "strd	r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #8]\n\t"
+        "str	r7, [lr, #12]\n\t"
+#else
+        "strd	r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r8, [lr, #16]\n\t"
+        "ldr	r9, [lr, #20]\n\t"
+#else
+        "ldrd	r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r10, [lr, #24]\n\t"
+        "ldr	r11, [lr, #28]\n\t"
+#else
+        "ldrd	r10, r11, [lr, #24]\n\t"
+#endif
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_decrypt_loop_block_256_%=\n\t"
+        "b	L_AES_CBC_decrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_192_%=: \n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr, #16]\n\t"
+        "str	r5, [lr, #20]\n\t"
+#else
+        "strd	r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #24]\n\t"
+        "str	r7, [lr, #28]\n\t"
+#else
+        "strd	r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	lr, {r8, r9, r10, r11}\n\t"
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "beq	L_AES_CBC_decrypt_end_odd_%=\n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr]\n\t"
+        "str	r5, [lr, #4]\n\t"
+#else
+        "strd	r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #8]\n\t"
+        "str	r7, [lr, #12]\n\t"
+#else
+        "strd	r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r8, [lr, #16]\n\t"
+        "ldr	r9, [lr, #20]\n\t"
+#else
+        "ldrd	r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r10, [lr, #24]\n\t"
+        "ldr	r11, [lr, #28]\n\t"
+#else
+        "ldrd	r10, r11, [lr, #24]\n\t"
+#endif
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_decrypt_loop_block_192_%=\n\t"
+        "b	L_AES_CBC_decrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_128_%=: \n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr, #16]\n\t"
+        "str	r5, [lr, #20]\n\t"
+#else
+        "strd	r4, r5, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #24]\n\t"
+        "str	r7, [lr, #28]\n\t"
+#else
+        "strd	r6, r7, [lr, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	lr, {r8, r9, r10, r11}\n\t"
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "beq	L_AES_CBC_decrypt_end_odd_%=\n\t"
+        "push	{r1, r12, lr}\n\t"
+        "ldr	r4, [lr]\n\t"
+        "ldr	r5, [lr, #4]\n\t"
+        "ldr	r6, [lr, #8]\n\t"
+        "ldr	r7, [lr, #12]\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [lr]\n\t"
+        "str	r5, [lr, #4]\n\t"
+#else
+        "strd	r4, r5, [lr]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [lr, #8]\n\t"
+        "str	r7, [lr, #12]\n\t"
+#else
+        "strd	r6, r7, [lr, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_decrypt_block\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r8, [lr, #16]\n\t"
+        "ldr	r9, [lr, #20]\n\t"
+#else
+        "ldrd	r8, r9, [lr, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r10, [lr, #24]\n\t"
+        "ldr	r11, [lr, #28]\n\t"
+#else
+        "ldrd	r10, r11, [lr, #24]\n\t"
+#endif
+        "pop	{r1, r12, lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "subs	r12, r12, #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_CBC_decrypt_loop_block_128_%=\n\t"
+        "b	L_AES_CBC_decrypt_end_%=\n\t"
+        "\n"
+    "L_AES_CBC_decrypt_end_odd_%=: \n\t"
+        "ldr	r4, [sp, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r8, [r4, #16]\n\t"
+        "ldr	r9, [r4, #20]\n\t"
+#else
+        "ldrd	r8, r9, [r4, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r10, [r4, #24]\n\t"
+        "ldr	r11, [r4, #28]\n\t"
+#else
+        "ldrd	r10, r11, [r4, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [r4]\n\t"
+        "str	r9, [r4, #4]\n\t"
+#else
+        "strd	r8, r9, [r4]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r10, [r4, #8]\n\t"
+        "str	r11, [r4, #12]\n\t"
+#else
+        "strd	r10, r11, [r4, #8]\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_decrypt_end_%=: \n\t"
+        "pop	{%[ks]-r4}\n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv), [L_AES_ARM32_td_ecb] "+r" (L_AES_ARM32_td_ecb_c), [L_AES_ARM32_td4] "+r" (L_AES_ARM32_td4_c)
+        :
+        : "memory", "r12", "lr", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+static const uint32_t L_GCM_gmult_len_r[] = {
+    0x00000000, 0x1c200000, 0x38400000, 0x24600000,
+    0x70800000, 0x6ca00000, 0x48c00000, 0x54e00000,
+    0xe1000000, 0xfd200000, 0xd9400000, 0xc5600000,
+    0x91800000, 0x8da00000, 0xa9c00000, 0xb5e00000,
+};
+
+void GCM_gmult_len(unsigned char* x, const unsigned char** m, const unsigned char* data, unsigned long len);
+void GCM_gmult_len(unsigned char* x_p, const unsigned char** m_p, const unsigned char* data_p, unsigned long len_p)
+{
+    register unsigned char* x asm ("r0") = (unsigned char*)x_p;
+    register const unsigned char** m asm ("r1") = (const unsigned char**)m_p;
+    register const unsigned char* data asm ("r2") = (const unsigned char*)data_p;
+    register unsigned long len asm ("r3") = (unsigned long)len_p;
+    register uint32_t* L_GCM_gmult_len_r_c asm ("r4") = (uint32_t*)&L_GCM_gmult_len_r;
+
+    __asm__ __volatile__ (
+        "mov	lr, %[L_GCM_gmult_len_r]\n\t"
+        "\n"
+    "L_GCM_gmult_len_start_block_%=: \n\t"
+        "push	{r3}\n\t"
+        "ldr	r12, [r0, #12]\n\t"
+        "ldr	%[len], [r2, #12]\n\t"
+        "eor	r12, r12, %[len]\n\t"
+        "lsr	%[len], r12, #24\n\t"
+        "and	%[len], %[len], #15\n\t"
+        "add	%[len], %[m], %[len], lsl #4\n\t"
+        "ldm	%[len], {r8, r9, r10, r11}\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #28\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #16\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #20\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #8\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #12\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "and	r4, r12, #15\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "ldr	r12, [r0, #8]\n\t"
+        "ldr	%[len], [r2, #8]\n\t"
+        "eor	r12, r12, %[len]\n\t"
+        "lsr	%[len], r12, #24\n\t"
+        "and	%[len], %[len], #15\n\t"
+        "add	%[len], %[m], %[len], lsl #4\n\t"
+        "ldm	%[len], {r4, r5, r6, r7}\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #28\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #16\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #20\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #8\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #12\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "and	r4, r12, #15\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "ldr	r12, [r0, #4]\n\t"
+        "ldr	%[len], [r2, #4]\n\t"
+        "eor	r12, r12, %[len]\n\t"
+        "lsr	%[len], r12, #24\n\t"
+        "and	%[len], %[len], #15\n\t"
+        "add	%[len], %[m], %[len], lsl #4\n\t"
+        "ldm	%[len], {r4, r5, r6, r7}\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #28\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #16\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #20\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #8\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #12\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "and	r4, r12, #15\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "ldr	r12, [r0]\n\t"
+        "ldr	%[len], [r2]\n\t"
+        "eor	r12, r12, %[len]\n\t"
+        "lsr	%[len], r12, #24\n\t"
+        "and	%[len], %[len], #15\n\t"
+        "add	%[len], %[m], %[len], lsl #4\n\t"
+        "ldm	%[len], {r4, r5, r6, r7}\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #28\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #16\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #20\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #8\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #12\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "and	r4, r12, #15\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+        "lsr	r6, r10, #4\n\t"
+        "and	%[len], r11, #15\n\t"
+        "lsr	r11, r11, #4\n\t"
+        "lsr	r4, r12, #4\n\t"
+        "eor	r11, r11, r10, lsl #28\n\t"
+        "and	r4, r4, #15\n\t"
+        "ldr	%[len], [lr, r3, lsl #2]\n\t"
+        "add	r4, %[m], r4, lsl #4\n\t"
+        "eor	r10, r6, r9, lsl #28\n\t"
+        "lsr	r9, r9, #4\n\t"
+        "ldm	r4, {r4, r5, r6, r7}\n\t"
+        "eor	r9, r9, r8, lsl #28\n\t"
+        "eor	r8, %[len], r8, lsr #4\n\t"
+        "eor	r8, r8, r4\n\t"
+        "eor	r9, r9, r5\n\t"
+        "eor	r10, r10, r6\n\t"
+        "eor	r11, r11, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        /* REV r8, r8 */
+        "eor	%[len], r8, r8, ror #16\n\t"
+        "bic	%[len], %[len], #0xff0000\n\t"
+        "ror	r8, r8, #8\n\t"
+        "eor	r8, r8, %[len], lsr #8\n\t"
+        /* REV r9, r9 */
+        "eor	%[len], r9, r9, ror #16\n\t"
+        "bic	%[len], %[len], #0xff0000\n\t"
+        "ror	r9, r9, #8\n\t"
+        "eor	r9, r9, %[len], lsr #8\n\t"
+        /* REV r10, r10 */
+        "eor	%[len], r10, r10, ror #16\n\t"
+        "bic	%[len], %[len], #0xff0000\n\t"
+        "ror	r10, r10, #8\n\t"
+        "eor	r10, r10, %[len], lsr #8\n\t"
+        /* REV r11, r11 */
+        "eor	%[len], r11, r11, ror #16\n\t"
+        "bic	%[len], %[len], #0xff0000\n\t"
+        "ror	r11, r11, #8\n\t"
+        "eor	r11, r11, %[len], lsr #8\n\t"
+#else
+        "rev	r8, r8\n\t"
+        "rev	r9, r9\n\t"
+        "rev	r10, r10\n\t"
+        "rev	r11, r11\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	%[x], {r8, r9, r10, r11}\n\t"
+        "pop	{r3}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	%[data], %[data], #16\n\t"
+        "bne	L_GCM_gmult_len_start_block_%=\n\t"
+        : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len), [L_GCM_gmult_len_r] "+r" (L_GCM_gmult_len_r_c)
+        :
+        : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+static const uint32_t* L_AES_ARM32_te_gcm = L_AES_ARM32_te_data;
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+{
+    register const unsigned char* in asm ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out asm ("r1") = (unsigned char*)out_p;
+    register unsigned long len asm ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks asm ("r3") = (const unsigned char*)ks_p;
+    register int nr asm ("r4") = (int)nr_p;
+    register unsigned char* ctr asm ("r5") = (unsigned char*)ctr_p;
+    register uint32_t* L_AES_ARM32_te_gcm_c asm ("r6") = (uint32_t*)L_AES_ARM32_te_gcm;
+
+    __asm__ __volatile__ (
+        "mov	r12, r4\n\t"
+        "mov	r8, r5\n\t"
+        "mov	lr, %[in]\n\t"
+        "mov	r0, %[L_AES_ARM32_te_gcm]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r10, r4, r4, ror #16\n\t"
+        "eor	r11, r5, r5, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r4, r4, r10, lsr #8\n\t"
+        "eor	r5, r5, r11, lsr #8\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	r8, {r4, r5, r6, r7}\n\t"
+        "push	{%[ks], r8}\n\t"
+        "cmp	r12, #10\n\t"
+        "beq	L_AES_GCM_encrypt_start_block_128_%=\n\t"
+        "cmp	r12, #12\n\t"
+        "beq	L_AES_GCM_encrypt_start_block_192_%=\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_256_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "add	r7, r7, #1\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "str	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #6\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_GCM_encrypt_loop_block_256_%=\n\t"
+        "b	L_AES_GCM_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_start_block_192_%=: \n\t"
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_192_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "add	r7, r7, #1\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "str	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #5\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_GCM_encrypt_loop_block_192_%=\n\t"
+        "b	L_AES_GCM_encrypt_end_%=\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_start_block_128_%=: \n\t"
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_128_%=: \n\t"
+        "push	{r1, %[len], lr}\n\t"
+        "ldr	lr, [sp, #16]\n\t"
+        "add	r7, r7, #1\n\t"
+        "ldm	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "str	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "mov	r1, #4\n\t"
+        "bl	AES_encrypt_block\n\t"
+        "pop	{r1, %[len], lr}\n\t"
+        "ldr	%[ks], [sp]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "ldr	r8, [lr]\n\t"
+        "ldr	r9, [lr, #4]\n\t"
+        "ldr	r10, [lr, #8]\n\t"
+        "ldr	r11, [lr, #12]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r9\n\t"
+        "eor	r6, r6, r10\n\t"
+        "eor	r7, r7, r11\n\t"
+        "ldr	r8, [sp, #4]\n\t"
+        "str	r4, [%[out]]\n\t"
+        "str	r5, [%[out], #4]\n\t"
+        "str	r6, [%[out], #8]\n\t"
+        "str	r7, [%[out], #12]\n\t"
+        "ldm	r8, {r4, r5, r6, r7}\n\t"
+        "subs	%[len], %[len], #16\n\t"
+        "add	lr, lr, #16\n\t"
+        "add	%[out], %[out], #16\n\t"
+        "bne	L_AES_GCM_encrypt_loop_block_128_%=\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_end_%=: \n\t"
+        "pop	{%[ks], r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "eor	r10, r4, r4, ror #16\n\t"
+        "eor	r11, r5, r5, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "eor	r4, r4, r10, lsr #8\n\t"
+        "eor	r5, r5, r11, lsr #8\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#else
+        "rev	r4, r4\n\t"
+        "rev	r5, r5\n\t"
+        "rev	r6, r6\n\t"
+        "rev	r7, r7\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+        "stm	r8, {r4, r5, r6, r7}\n\t"
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr), [L_AES_ARM32_te_gcm] "+r" (L_AES_ARM32_te_gcm_c)
+        :
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && !__thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
index 24072bd6..52cdcf41 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519.S
@@ -30,8 +30,10 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
-#ifdef HAVE_CURVE25519
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
 
 	.text
 	.align	4
@@ -42,6 +44,318 @@ fe_init:
 	.size	fe_init,.-fe_init
 	.text
 	.align	4
+	.globl	fe_add_sub_op
+	.type	fe_add_sub_op, %function
+fe_add_sub_op:
+	push	{lr}
+	# Add-Sub
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r2]
+	ldr	r5, [r2, #4]
+#else
+	ldrd	r4, r5, [r2]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r6, [r3]
+	ldr	r7, [r3, #4]
+#else
+	ldrd	r6, r7, [r3]
+#endif
+	#  Add
+	adds	r8, r4, r6
+	mov	r12, #0
+	adcs	r9, r5, r7
+	adc	r12, r12, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [r0]
+	str	r9, [r0, #4]
+#else
+	strd	r8, r9, [r0]
+#endif
+	#  Sub
+	subs	r10, r4, r6
+	sbcs	r11, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r10, [r1]
+	str	r11, [r1, #4]
+#else
+	strd	r10, r11, [r1]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r2, #8]
+	ldr	r5, [r2, #12]
+#else
+	ldrd	r4, r5, [r2, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r6, [r3, #8]
+	ldr	r7, [r3, #12]
+#else
+	ldrd	r6, r7, [r3, #8]
+#endif
+	#  Sub
+	sbcs	r10, r4, r6
+	mov	lr, #0
+	sbcs	r11, r5, r7
+	adc	lr, lr, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r10, [r1, #8]
+	str	r11, [r1, #12]
+#else
+	strd	r10, r11, [r1, #8]
+#endif
+	#  Add
+	subs	r12, r12, #1
+	adcs	r8, r4, r6
+	adcs	r9, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [r0, #8]
+	str	r9, [r0, #12]
+#else
+	strd	r8, r9, [r0, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r2, #16]
+	ldr	r5, [r2, #20]
+#else
+	ldrd	r4, r5, [r2, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r6, [r3, #16]
+	ldr	r7, [r3, #20]
+#else
+	ldrd	r6, r7, [r3, #16]
+#endif
+	#  Add
+	adcs	r8, r4, r6
+	mov	r12, #0
+	adcs	r9, r5, r7
+	adc	r12, r12, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [r0, #16]
+	str	r9, [r0, #20]
+#else
+	strd	r8, r9, [r0, #16]
+#endif
+	#  Sub
+	subs	lr, lr, #1
+	sbcs	r10, r4, r6
+	sbcs	r11, r5, r7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r10, [r1, #16]
+	str	r11, [r1, #20]
+#else
+	strd	r10, r11, [r1, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r2, #24]
+	ldr	r5, [r2, #28]
+#else
+	ldrd	r4, r5, [r2, #24]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r6, [r3, #24]
+	ldr	r7, [r3, #28]
+#else
+	ldrd	r6, r7, [r3, #24]
+#endif
+	#  Sub
+	sbcs	r10, r4, r6
+	sbcs	r11, r5, r7
+	sbc	lr, lr, lr
+	#  Add
+	subs	r12, r12, #1
+	adcs	r8, r4, r6
+	mov	r12, #0
+	adcs	r9, r5, r7
+	adc	r12, r12, #0
+	#   Multiply -modulus by overflow
+	lsl	r3, r12, #1
+	mov	r12, #19
+	orr	r3, r3, r9, lsr #31
+	mul	r12, r3, r12
+	#   Add -x*modulus (if overflow)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r0]
+	ldr	r5, [r0, #4]
+#else
+	ldrd	r4, r5, [r0]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r6, [r0, #8]
+	ldr	r7, [r0, #12]
+#else
+	ldrd	r6, r7, [r0, #8]
+#endif
+	adds	r4, r4, r12
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [r0]
+	str	r5, [r0, #4]
+#else
+	strd	r4, r5, [r0]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [r0, #8]
+	str	r7, [r0, #12]
+#else
+	strd	r6, r7, [r0, #8]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	ldr	r4, [r0, #16]
+	ldr	r5, [r0, #20]
+#else
+	ldrd	r4, r5, [r0, #16]
+#endif
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [r0, #16]
+	str	r5, [r0, #20]
+#else
+	strd	r4, r5, [r0, #16]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
+#else
+	bfc	r9, #31, #1
+#endif
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [r0, #24]
+	str	r9, [r0, #28]
+#else
+	strd	r8, r9, [r0, #24]
+#endif
+	#   Multiply -modulus by underflow
+	lsl	r3, lr, #1
+	mvn	lr, #18
+	orr	r3, r3, r11, lsr #31
+	mul	lr, r3, lr
+	#   Sub -x*modulus (if overflow)
+	ldm	r1, {r4, r5, r6, r7, r8, r9}
+	subs	r4, r4, lr
+	sbcs	r5, r5, #0
+	sbcs	r6, r6, #0
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
+#else
+	bfc	r11, #31, #1
+#endif
+	sbcs	r10, r10, #0
+	sbc	r11, r11, #0
+	stm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Done Add-Sub
+	pop	{pc}
+	.size	fe_add_sub_op,.-fe_add_sub_op
+	.text
+	.align	4
+	.globl	fe_sub_op
+	.type	fe_sub_op, %function
+fe_sub_op:
+	push	{lr}
+	# Sub
+	ldm	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+	ldm	r1!, {r2, r3, r4, r5}
+	subs	r6, r2, r6
+	sbcs	r7, r3, r7
+	sbcs	r8, r4, r8
+	sbcs	r9, r5, r9
+	ldm	r1!, {r2, r3, r4, r5}
+	sbcs	r10, r2, r10
+	sbcs	r11, r3, r11
+	sbcs	r12, r4, r12
+	sbcs	lr, r5, lr
+	sbc	r3, r3, r3
+	mvn	r2, #18
+	lsl	r3, r3, #1
+	orr	r3, r3, lr, lsr #31
+	mul	r2, r3, r2
+	subs	r6, r6, r2
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbcs	r9, r9, #0
+	sbcs	r10, r10, #0
+	sbcs	r11, r11, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	lr, lr, #0x80000000
+#else
+	bfc	lr, #31, #1
+#endif
+	sbcs	r12, r12, #0
+	sbc	lr, lr, #0
+	stm	r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+	# Done Sub
+	pop	{pc}
+	.size	fe_sub_op,.-fe_sub_op
+	.text
+	.align	4
+	.globl	fe_sub
+	.type	fe_sub, %function
+fe_sub:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	bl	fe_sub_op
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	fe_sub,.-fe_sub
+	.text
+	.align	4
+	.globl	fe_add_op
+	.type	fe_add_op, %function
+fe_add_op:
+	push	{lr}
+	# Add
+	ldm	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+	ldm	r1!, {r2, r3, r4, r5}
+	adds	r6, r2, r6
+	adcs	r7, r3, r7
+	adcs	r8, r4, r8
+	adcs	r9, r5, r9
+	ldm	r1!, {r2, r3, r4, r5}
+	adcs	r10, r2, r10
+	adcs	r11, r3, r11
+	adcs	r12, r4, r12
+	mov	r3, #0
+	adcs	lr, r5, lr
+	adc	r3, r3, #0
+	mov	r2, #19
+	lsl	r3, r3, #1
+	orr	r3, r3, lr, lsr #31
+	mul	r2, r3, r2
+	adds	r6, r6, r2
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+	adcs	r10, r10, #0
+	adcs	r11, r11, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	lr, lr, #0x80000000
+#else
+	bfc	lr, #31, #1
+#endif
+	adcs	r12, r12, #0
+	adc	lr, lr, #0
+	stm	r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+	# Done Add
+	pop	{pc}
+	.size	fe_add_op,.-fe_add_op
+	.text
+	.align	4
+	.globl	fe_add
+	.type	fe_add, %function
+fe_add:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	bl	fe_add_op
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	fe_add,.-fe_add
+#ifdef HAVE_ED25519
+	.text
+	.align	4
 	.globl	fe_frombytes
 	.type	fe_frombytes, %function
 fe_frombytes:
@@ -54,31 +368,19 @@ fe_frombytes:
 	ldr	r7, [r1, #20]
 	ldr	r8, [r1, #24]
 	ldr	r9, [r1, #28]
-	and	r9, r9, #0x7fffffff
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
 #else
-	strd	r2, r3, [r0]
+	bfc	r9, #31, #1
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	str	r2, [r0]
+	str	r3, [r0, #4]
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
-#else
-	strd	r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
 	pop	{r4, r5, r6, r7, r8, r9, pc}
 	.size	fe_frombytes,.-fe_frombytes
 	.text
@@ -87,30 +389,7 @@ fe_frombytes:
 	.type	fe_tobytes, %function
 fe_tobytes:
 	push	{r4, r5, r6, r7, r8, r9, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r1]
-	ldr	r3, [r1, #4]
-#else
-	ldrd	r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #16]
-	ldr	r7, [r1, #20]
-#else
-	ldrd	r6, r7, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #24]
-	ldr	r9, [r1, #28]
-#else
-	ldrd	r8, r9, [r1, #24]
-#endif
+	ldm	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
 	adds	r12, r2, #19
 	adcs	r12, r3, #0
 	adcs	r12, r4, #0
@@ -129,31 +408,19 @@ fe_tobytes:
 	adcs	r7, r7, #0
 	adcs	r8, r8, #0
 	adc	r9, r9, #0
-	and	r9, r9, #0x7fffffff
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
 #else
-	strd	r2, r3, [r0]
+	bfc	r9, #31, #1
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	str	r2, [r0]
+	str	r3, [r0, #4]
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
-#else
-	strd	r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
 	pop	{r4, r5, r6, r7, r8, r9, pc}
 	.size	fe_tobytes,.-fe_tobytes
 	.text
@@ -161,69 +428,36 @@ fe_tobytes:
 	.globl	fe_1
 	.type	fe_1, %function
 fe_1:
+	push	{r4, r5, r6, r7, r8, r9, lr}
 	# Set one
 	mov	r2, #1
 	mov	r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
-#else
-	strd	r2, r3, [r0]
-#endif
-	mov	r2, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #8]
-	str	r3, [r0, #12]
-#else
-	strd	r2, r3, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #16]
-	str	r3, [r0, #20]
-#else
-	strd	r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #24]
-	str	r3, [r0, #28]
-#else
-	strd	r2, r3, [r0, #24]
-#endif
-	bx	lr
+	mov	r4, #0
+	mov	r5, #0
+	mov	r6, #0
+	mov	r7, #0
+	mov	r8, #0
+	mov	r9, #0
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	pop	{r4, r5, r6, r7, r8, r9, pc}
 	.size	fe_1,.-fe_1
 	.text
 	.align	4
 	.globl	fe_0
 	.type	fe_0, %function
 fe_0:
+	push	{r4, r5, r6, r7, r8, r9, lr}
 	# Set zero
 	mov	r2, #0
 	mov	r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
-#else
-	strd	r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #8]
-	str	r3, [r0, #12]
-#else
-	strd	r2, r3, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #16]
-	str	r3, [r0, #20]
-#else
-	strd	r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #24]
-	str	r3, [r0, #28]
-#else
-	strd	r2, r3, [r0, #24]
-#endif
-	bx	lr
+	mov	r4, #0
+	mov	r5, #0
+	mov	r6, #0
+	mov	r7, #0
+	mov	r8, #0
+	mov	r9, #0
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	pop	{r4, r5, r6, r7, r8, r9, pc}
 	.size	fe_0,.-fe_0
 	.text
 	.align	4
@@ -232,49 +466,49 @@ fe_0:
 fe_copy:
 	push	{r4, r5, lr}
 	# Copy
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r2, [r1]
 	ldr	r3, [r1, #4]
 #else
 	ldrd	r2, r3, [r1]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r1, #8]
 	ldr	r5, [r1, #12]
 #else
 	ldrd	r4, r5, [r1, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r2, [r0]
 	str	r3, [r0, #4]
 #else
 	strd	r2, r3, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r2, [r1, #16]
 	ldr	r3, [r1, #20]
 #else
 	ldrd	r2, r3, [r1, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r1, #24]
 	ldr	r5, [r1, #28]
 #else
 	ldrd	r4, r5, [r1, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r2, [r0, #16]
 	str	r3, [r0, #20]
 #else
 	strd	r2, r3, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -284,329 +518,25 @@ fe_copy:
 	.size	fe_copy,.-fe_copy
 	.text
 	.align	4
-	.globl	fe_sub
-	.type	fe_sub, %function
-fe_sub:
-	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_sub,.-fe_sub
-	.text
-	.align	4
-	.globl	fe_add
-	.type	fe_add, %function
-fe_add:
-	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_add,.-fe_add
-	.text
-	.align	4
 	.globl	fe_neg
 	.type	fe_neg, %function
 fe_neg:
 	push	{r4, r5, lr}
-	mov	lr, #-1
-	mov	r12, #-19
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r1]
-	ldr	r3, [r1, #4]
-#else
-	ldrd	r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
+	mvn	lr, #0
+	mvn	r12, #18
+	ldm	r1!, {r2, r3, r4, r5}
 	subs	r2, r12, r2
 	sbcs	r3, lr, r3
 	sbcs	r4, lr, r4
 	sbcs	r5, lr, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
-#else
-	strd	r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	mov	r12, #0x7fffff
-	lsl	r12, r12, #8
-	add	r12, r12, #0xff
-#else
-	mov	r12, #0x7fffffff
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r1, #16]
-	ldr	r3, [r1, #20]
-#else
-	ldrd	r2, r3, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #24]
-	ldr	r5, [r1, #28]
-#else
-	ldrd	r4, r5, [r1, #24]
-#endif
+	stm	r0!, {r2, r3, r4, r5}
+	mvn	r12, #0x80000000
+	ldm	r1!, {r2, r3, r4, r5}
 	sbcs	r2, lr, r2
 	sbcs	r3, lr, r3
 	sbcs	r4, lr, r4
 	sbc	r5, r12, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0, #16]
-	str	r3, [r0, #20]
-#else
-	strd	r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #24]
-	str	r5, [r0, #28]
-#else
-	strd	r4, r5, [r0, #24]
-#endif
+	stm	r0!, {r2, r3, r4, r5}
 	pop	{r4, r5, pc}
 	.size	fe_neg,.-fe_neg
 	.text
@@ -615,30 +545,7 @@ fe_neg:
 	.type	fe_isnonzero, %function
 fe_isnonzero:
 	push	{r4, r5, r6, r7, r8, r9, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r0]
-	ldr	r3, [r0, #4]
-#else
-	ldrd	r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r0, #24]
-	ldr	r9, [r0, #28]
-#else
-	ldrd	r8, r9, [r0, #24]
-#endif
+	ldm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
 	adds	r1, r2, #19
 	adcs	r1, r3, #0
 	adcs	r1, r4, #0
@@ -657,7 +564,11 @@ fe_isnonzero:
 	adcs	r7, r7, #0
 	adcs	r8, r8, #0
 	adc	r9, r9, #0
-	and	r9, r9, #0x7fffffff
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
+#else
+	bfc	r9, #31, #1
+#endif
 	orr	r2, r2, r3
 	orr	r4, r4, r5
 	orr	r6, r6, r7
@@ -673,52 +584,42 @@ fe_isnonzero:
 	.type	fe_isnegative, %function
 fe_isnegative:
 	push	{r4, r5, lr}
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r0]
-	ldr	r3, [r0, #4]
-#else
-	ldrd	r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
+	ldm	r0!, {r2, r3, r4, r5}
 	adds	r1, r2, #19
 	adcs	r1, r3, #0
 	adcs	r1, r4, #0
 	adcs	r1, r5, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r0, #16]
-	ldr	r3, [r0, #20]
-#else
-	ldrd	r2, r3, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #24]
-	ldr	r5, [r0, #28]
-#else
-	ldrd	r4, r5, [r0, #24]
-#endif
+	ldm	r0, {r2, r3, r4, r5}
 	adcs	r1, r2, #0
 	adcs	r1, r3, #0
 	adcs	r1, r4, #0
-	ldr	r2, [r0]
+	ldr	r2, [r0, #-16]
 	adc	r1, r5, #0
 	and	r0, r2, #1
 	lsr	r1, r1, #31
 	eor	r0, r0, r1
 	pop	{r4, r5, pc}
 	.size	fe_isnegative,.-fe_isnegative
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
 	.text
 	.align	4
 	.globl	fe_cmov_table
 	.type	fe_cmov_table, %function
 fe_cmov_table:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r2, #24
+	asr	r2, r2, #24
+#else
 	sxtb	r2, r2
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	lsl	r3, r2, #24
+	asr	r3, r2, #31
+#else
 	sbfx	r3, r2, #7, #1
+#endif
 	eor	r12, r2, r3
 	sub	r12, r12, r3
 	mov	r4, #1
@@ -727,7 +628,7 @@ fe_cmov_table:
 	mov	r7, #0
 	mov	r8, #0
 	mov	r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -737,7 +638,7 @@ fe_cmov_table:
 	ror	r3, r3, #31
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -749,7 +650,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -761,7 +662,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -774,7 +675,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -784,7 +685,7 @@ fe_cmov_table:
 	ror	r3, r3, #30
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -796,7 +697,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -808,7 +709,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -821,7 +722,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -831,7 +732,7 @@ fe_cmov_table:
 	ror	r3, r3, #29
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -843,7 +744,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -855,7 +756,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -868,7 +769,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -878,7 +779,7 @@ fe_cmov_table:
 	ror	r3, r3, #28
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -890,7 +791,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -902,7 +803,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -915,7 +816,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -925,7 +826,7 @@ fe_cmov_table:
 	ror	r3, r3, #27
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -937,7 +838,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -949,7 +850,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -962,7 +863,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -972,7 +873,7 @@ fe_cmov_table:
 	ror	r3, r3, #26
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -984,7 +885,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -996,7 +897,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -1009,7 +910,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1019,7 +920,7 @@ fe_cmov_table:
 	ror	r3, r3, #25
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -1031,7 +932,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -1043,7 +944,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -1056,7 +957,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1066,7 +967,7 @@ fe_cmov_table:
 	ror	r3, r3, #24
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1]
 	ldr	r11, [r1, #4]
 #else
@@ -1078,7 +979,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #32]
 	ldr	r11, [r1, #36]
 #else
@@ -1090,7 +991,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #64]
 	ldr	r11, [r1, #68]
 #else
@@ -1103,8 +1004,8 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	sub	r1, r1, #0x2a0
-	mov	r10, #-19
-	mov	r11, #-1
+	mvn	r10, #18
+	mvn	r11, #0
 	subs	r10, r10, r8
 	sbcs	r11, r11, r9
 	sbc	lr, lr, lr
@@ -1123,25 +1024,30 @@ fe_cmov_table:
 	eor	r11, r11, r9
 	and	r11, r11, r12
 	eor	r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #32]
 	str	r7, [r0, #36]
 #else
 	strd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #64]
 	str	r9, [r0, #68]
 #else
 	strd	r8, r9, [r0, #64]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	lsl	r3, r2, #24
+	asr	r3, r2, #31
+#else
 	sbfx	r3, r2, #7, #1
+#endif
 	eor	r12, r2, r3
 	sub	r12, r12, r3
 	mov	r4, #0
@@ -1150,7 +1056,7 @@ fe_cmov_table:
 	mov	r7, #0
 	mov	r8, #0
 	mov	r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1160,7 +1066,7 @@ fe_cmov_table:
 	ror	r3, r3, #31
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1172,7 +1078,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1184,7 +1090,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1197,7 +1103,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1207,7 +1113,7 @@ fe_cmov_table:
 	ror	r3, r3, #30
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1219,7 +1125,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1231,7 +1137,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1244,7 +1150,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1254,7 +1160,7 @@ fe_cmov_table:
 	ror	r3, r3, #29
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1266,7 +1172,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1278,7 +1184,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1291,7 +1197,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1301,7 +1207,7 @@ fe_cmov_table:
 	ror	r3, r3, #28
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1313,7 +1219,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1325,7 +1231,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1338,7 +1244,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1348,7 +1254,7 @@ fe_cmov_table:
 	ror	r3, r3, #27
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1360,7 +1266,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1372,7 +1278,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1385,7 +1291,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1395,7 +1301,7 @@ fe_cmov_table:
 	ror	r3, r3, #26
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1407,7 +1313,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1419,7 +1325,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1432,7 +1338,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1442,7 +1348,7 @@ fe_cmov_table:
 	ror	r3, r3, #25
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1454,7 +1360,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1466,7 +1372,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1479,7 +1385,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1489,7 +1395,7 @@ fe_cmov_table:
 	ror	r3, r3, #24
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #8]
 	ldr	r11, [r1, #12]
 #else
@@ -1501,7 +1407,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #40]
 	ldr	r11, [r1, #44]
 #else
@@ -1513,7 +1419,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #72]
 	ldr	r11, [r1, #76]
 #else
@@ -1526,8 +1432,8 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	sub	r1, r1, #0x2a0
-	mov	r10, #-1
-	mov	r11, #-1
+	mvn	r10, #0
+	mvn	r11, #0
 	rsbs	lr, lr, #0
 	sbcs	r10, r10, r8
 	sbcs	r11, r11, r9
@@ -1547,25 +1453,30 @@ fe_cmov_table:
 	eor	r11, r11, r9
 	and	r11, r11, r12
 	eor	r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
 	strd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #72]
 	str	r9, [r0, #76]
 #else
 	strd	r8, r9, [r0, #72]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	lsl	r3, r2, #24
+	asr	r3, r2, #31
+#else
 	sbfx	r3, r2, #7, #1
+#endif
 	eor	r12, r2, r3
 	sub	r12, r12, r3
 	mov	r4, #0
@@ -1574,7 +1485,7 @@ fe_cmov_table:
 	mov	r7, #0
 	mov	r8, #0
 	mov	r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1584,7 +1495,7 @@ fe_cmov_table:
 	ror	r3, r3, #31
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1596,7 +1507,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1608,7 +1519,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1621,7 +1532,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1631,7 +1542,7 @@ fe_cmov_table:
 	ror	r3, r3, #30
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1643,7 +1554,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1655,7 +1566,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1668,7 +1579,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1678,7 +1589,7 @@ fe_cmov_table:
 	ror	r3, r3, #29
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1690,7 +1601,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1702,7 +1613,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1715,7 +1626,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1725,7 +1636,7 @@ fe_cmov_table:
 	ror	r3, r3, #28
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1737,7 +1648,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1749,7 +1660,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1762,7 +1673,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1772,7 +1683,7 @@ fe_cmov_table:
 	ror	r3, r3, #27
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1784,7 +1695,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1796,7 +1707,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1809,7 +1720,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1819,7 +1730,7 @@ fe_cmov_table:
 	ror	r3, r3, #26
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1831,7 +1742,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1843,7 +1754,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1856,7 +1767,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1866,7 +1777,7 @@ fe_cmov_table:
 	ror	r3, r3, #25
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1878,7 +1789,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1890,7 +1801,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1903,7 +1814,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -1913,7 +1824,7 @@ fe_cmov_table:
 	ror	r3, r3, #24
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #16]
 	ldr	r11, [r1, #20]
 #else
@@ -1925,7 +1836,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #48]
 	ldr	r11, [r1, #52]
 #else
@@ -1937,7 +1848,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #80]
 	ldr	r11, [r1, #84]
 #else
@@ -1950,8 +1861,8 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	sub	r1, r1, #0x2a0
-	mov	r10, #-1
-	mov	r11, #-1
+	mvn	r10, #0
+	mvn	r11, #0
 	rsbs	lr, lr, #0
 	sbcs	r10, r10, r8
 	sbcs	r11, r11, r9
@@ -1971,25 +1882,30 @@ fe_cmov_table:
 	eor	r11, r11, r9
 	and	r11, r11, r12
 	eor	r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #48]
 	str	r7, [r0, #52]
 #else
 	strd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #80]
 	str	r9, [r0, #84]
 #else
 	strd	r8, r9, [r0, #80]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	lsl	r3, r2, #24
+	asr	r3, r2, #31
+#else
 	sbfx	r3, r2, #7, #1
+#endif
 	eor	r12, r2, r3
 	sub	r12, r12, r3
 	mov	r4, #0
@@ -1998,7 +1914,7 @@ fe_cmov_table:
 	mov	r7, #0
 	mov	r8, #0
 	mov	r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2008,7 +1924,7 @@ fe_cmov_table:
 	ror	r3, r3, #31
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2020,7 +1936,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2032,7 +1948,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2045,7 +1961,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2055,7 +1971,7 @@ fe_cmov_table:
 	ror	r3, r3, #30
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2067,7 +1983,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2079,7 +1995,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2092,7 +2008,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2102,7 +2018,7 @@ fe_cmov_table:
 	ror	r3, r3, #29
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2114,7 +2030,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2126,7 +2042,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2139,7 +2055,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2149,7 +2065,7 @@ fe_cmov_table:
 	ror	r3, r3, #28
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2161,7 +2077,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2173,7 +2089,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2186,7 +2102,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2196,7 +2112,7 @@ fe_cmov_table:
 	ror	r3, r3, #27
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2208,7 +2124,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2220,7 +2136,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2233,7 +2149,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2243,7 +2159,7 @@ fe_cmov_table:
 	ror	r3, r3, #26
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2255,7 +2171,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2267,7 +2183,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2280,7 +2196,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2290,7 +2206,7 @@ fe_cmov_table:
 	ror	r3, r3, #25
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2302,7 +2218,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2314,7 +2230,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2327,7 +2243,7 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	add	r1, r1, #0x60
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	mov	r3, #0x800000
 	lsl	r3, r3, #8
 	add	r3, r3, #0x0
@@ -2337,7 +2253,7 @@ fe_cmov_table:
 	ror	r3, r3, #24
 	ror	r3, r3, r12
 	asr	r3, r3, #31
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
 #else
@@ -2349,7 +2265,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r4, r4, r10
 	eor	r5, r5, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
 #else
@@ -2361,7 +2277,7 @@ fe_cmov_table:
 	and	r11, r11, r3
 	eor	r6, r6, r10
 	eor	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
 #else
@@ -2374,14 +2290,8 @@ fe_cmov_table:
 	eor	r8, r8, r10
 	eor	r9, r9, r11
 	sub	r1, r1, #0x2a0
-	mov	r10, #-1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	mov	r11, #0x7fffff
-	lsl	r11, r11, #8
-	add	r11, r11, #0xff
-#else
-	mov	r11, #0x7fffffff
-#endif
+	mvn	r10, #0
+	mvn	r11, #0x80000000
 	rsbs	lr, lr, #0
 	sbcs	r10, r10, r8
 	sbc	r11, r11, r9
@@ -2400,19 +2310,19 @@ fe_cmov_table:
 	eor	r11, r11, r9
 	and	r11, r11, r12
 	eor	r9, r9, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
 	strd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
 	strd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #88]
 	str	r9, [r0, #92]
 #else
@@ -2420,1036 +2330,1071 @@ fe_cmov_table:
 #endif
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	fe_cmov_table,.-fe_cmov_table
+#else
 	.text
 	.align	4
-	.globl	fe_mul
-	.type	fe_mul, %function
-fe_mul:
+	.globl	fe_cmov_table
+	.type	fe_cmov_table, %function
+fe_cmov_table:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #0x40
-	# Multiply
-	ldr	r7, [r1]
-	ldr	r8, [r1, #4]
-	ldr	r9, [r2]
-	ldr	lr, [r2, #4]
-	#  A[0] * B[0] = 0
-	umull	r4, r5, r7, r9
-	str	r4, [sp]
-	#  A[0] * B[1] = 1
-	umull	r3, r6, r7, lr
-	adds	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[1] * B[0] = 1
-	umull	r3, r12, r8, r9
-	adds	r5, r5, r3
-	mov	r4, #0
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	str	r5, [sp, #4]
-	#  A[2] * B[0] = 2
-	ldr	r10, [r1, #8]
-	umull	r3, r12, r10, r9
-	adds	r6, r6, r3
-	adc	r4, r4, r12
-	#  A[1] * B[1] = 2
-	umull	r3, r12, r8, lr
-	adds	r6, r6, r3
-	mov	r5, #0
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[0] * B[2] = 2
-	ldr	r11, [r2, #8]
-	umull	r3, r12, r7, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	str	r6, [sp, #8]
-	#  A[0] * B[3] = 3
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r7, r11
-	adds	r4, r4, r3
-	mov	r6, #0
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[1] * B[2] = 3
-	ldr	r11, [r2, #8]
-	umull	r3, r12, r8, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[2] * B[1] = 3
-	umull	r3, r12, r10, lr
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[3] * B[0] = 3
-	ldr	r10, [r1, #12]
-	umull	r3, r12, r10, r9
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	str	r4, [sp, #12]
-	#  A[4] * B[0] = 4
-	ldr	r10, [r1, #16]
-	umull	r3, r12, r10, r9
-	adds	r5, r5, r3
-	mov	r4, #0
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[3] * B[1] = 4
-	ldr	r10, [r1, #12]
-	umull	r3, r12, r10, lr
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[2] * B[2] = 4
-	ldr	r10, [r1, #8]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[1] * B[3] = 4
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r8, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[0] * B[4] = 4
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r7, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	str	r5, [sp, #16]
-	#  A[0] * B[5] = 5
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r7, r11
-	adds	r6, r6, r3
-	mov	r5, #0
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[1] * B[4] = 5
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r8, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[2] * B[3] = 5
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r10, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[3] * B[2] = 5
-	ldr	r10, [r1, #12]
-	ldr	r11, [r2, #8]
-	umull	r3, r12, r10, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[4] * B[1] = 5
-	ldr	r10, [r1, #16]
-	umull	r3, r12, r10, lr
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[5] * B[0] = 5
-	ldr	r10, [r1, #20]
-	umull	r3, r12, r10, r9
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	str	r6, [sp, #20]
-	#  A[6] * B[0] = 6
-	ldr	r10, [r1, #24]
-	umull	r3, r12, r10, r9
-	adds	r4, r4, r3
-	mov	r6, #0
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[5] * B[1] = 6
-	ldr	r10, [r1, #20]
-	umull	r3, r12, r10, lr
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[4] * B[2] = 6
-	ldr	r10, [r1, #16]
-	umull	r3, r12, r10, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[3] * B[3] = 6
-	ldr	r10, [r1, #12]
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r10, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[2] * B[4] = 6
-	ldr	r10, [r1, #8]
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r10, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[1] * B[5] = 6
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r8, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[0] * B[6] = 6
-	ldr	r11, [r2, #24]
-	umull	r3, r12, r7, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	str	r4, [sp, #24]
-	#  A[0] * B[7] = 7
-	ldr	r11, [r2, #28]
-	umull	r3, r12, r7, r11
-	adds	r5, r5, r3
-	mov	r4, #0
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[1] * B[6] = 7
-	ldr	r11, [r2, #24]
-	umull	r3, r12, r8, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[2] * B[5] = 7
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[3] * B[4] = 7
-	ldr	r10, [r1, #12]
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[4] * B[3] = 7
-	ldr	r10, [r1, #16]
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[5] * B[2] = 7
-	ldr	r10, [r1, #20]
-	ldr	r11, [r2, #8]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[6] * B[1] = 7
-	ldr	r10, [r1, #24]
-	umull	r3, r12, r10, lr
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[7] * B[0] = 7
-	ldr	r10, [r1, #28]
-	umull	r3, r12, r10, r9
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	str	r5, [sp, #28]
-	ldr	r7, [r1, #24]
-	ldr	r9, [r2, #24]
-	#  A[7] * B[1] = 8
-	umull	r3, r12, r10, lr
-	adds	r6, r6, r3
-	mov	r5, #0
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[6] * B[2] = 8
-	umull	r3, r12, r7, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[5] * B[3] = 8
-	ldr	r10, [r1, #20]
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r10, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[4] * B[4] = 8
-	ldr	r10, [r1, #16]
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r10, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[3] * B[5] = 8
-	ldr	r10, [r1, #12]
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r10, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[2] * B[6] = 8
-	ldr	r10, [r1, #8]
-	umull	r3, r12, r10, r9
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[1] * B[7] = 8
-	ldr	r11, [r2, #28]
-	umull	r3, r12, r8, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	str	r6, [sp, #32]
-	ldr	r8, [r1, #28]
-	mov	lr, r11
-	#  A[2] * B[7] = 9
-	umull	r3, r12, r10, lr
-	adds	r4, r4, r3
-	mov	r6, #0
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[3] * B[6] = 9
-	ldr	r10, [r1, #12]
-	umull	r3, r12, r10, r9
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[4] * B[5] = 9
-	ldr	r10, [r1, #16]
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r10, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[5] * B[4] = 9
-	ldr	r10, [r1, #20]
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r10, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[6] * B[3] = 9
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r7, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[7] * B[2] = 9
-	ldr	r11, [r2, #8]
-	umull	r3, r12, r8, r11
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	str	r4, [sp, #36]
-	#  A[7] * B[3] = 10
-	ldr	r11, [r2, #12]
-	umull	r3, r12, r8, r11
-	adds	r5, r5, r3
-	mov	r4, #0
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[6] * B[4] = 10
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r7, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[5] * B[5] = 10
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r10, r11
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[4] * B[6] = 10
-	ldr	r10, [r1, #16]
-	umull	r3, r12, r10, r9
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[3] * B[7] = 10
-	ldr	r10, [r1, #12]
-	umull	r3, r12, r10, lr
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	str	r5, [sp, #40]
-	#  A[4] * B[7] = 11
-	ldr	r10, [r1, #16]
-	umull	r3, r12, r10, lr
-	adds	r6, r6, r3
-	mov	r5, #0
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[5] * B[6] = 11
-	ldr	r10, [r1, #20]
-	umull	r3, r12, r10, r9
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[6] * B[5] = 11
-	umull	r3, r12, r7, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	#  A[7] * B[4] = 11
-	ldr	r11, [r2, #16]
-	umull	r3, r12, r8, r11
-	adds	r6, r6, r3
-	adcs	r4, r4, r12
-	adc	r5, r5, #0
-	str	r6, [sp, #44]
-	#  A[7] * B[5] = 12
-	ldr	r11, [r2, #20]
-	umull	r3, r12, r8, r11
-	adds	r4, r4, r3
-	mov	r6, #0
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[6] * B[6] = 12
-	umull	r3, r12, r7, r9
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	#  A[5] * B[7] = 12
-	umull	r3, r12, r10, lr
-	adds	r4, r4, r3
-	adcs	r5, r5, r12
-	adc	r6, r6, #0
-	str	r4, [sp, #48]
-	#  A[6] * B[7] = 13
-	umull	r3, r12, r7, lr
-	adds	r5, r5, r3
-	mov	r4, #0
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	#  A[7] * B[6] = 13
-	umull	r3, r12, r8, r9
-	adds	r5, r5, r3
-	adcs	r6, r6, r12
-	adc	r4, r4, #0
-	str	r5, [sp, #52]
-	#  A[7] * B[7] = 14
-	umull	r3, r12, r8, lr
-	adds	r6, r6, r3
-	adc	r4, r4, r12
-	str	r6, [sp, #56]
-	str	r4, [sp, #60]
-	# Reduce
-	#  Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	lsl	r2, r2, #24
+	asr	r2, r2, #24
 #else
-	ldrd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #8]
-	ldr	r7, [sp, #12]
-#else
-	ldrd	r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #16]
-	ldr	r9, [sp, #20]
-#else
-	ldrd	r8, r9, [sp, #16]
+	sxtb	r2, r2
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #24]
-	ldr	r11, [sp, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	lsl	r3, r2, #24
+	asr	r3, r2, #31
 #else
-	ldrd	r10, r11, [sp, #24]
+	sbfx	r3, r2, #7, #1
 #endif
-	lsr	r3, r11, #31
-	and	r11, r11, #0x7fffffff
-	mov	lr, #19
-	ldr	r1, [sp, #32]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	adds	r4, r4, r3
-	mov	r2, #0
-	adcs	r5, r5, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #36]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r5, r5, r3
-	mov	r2, #0
-	adcs	r6, r6, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #40]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r6, r6, r3
-	mov	r2, #0
-	adcs	r7, r7, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #44]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r7, r7, r3
-	mov	r2, #0
-	adcs	r8, r8, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #48]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r8, r8, r3
-	mov	r2, #0
-	adcs	r9, r9, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #52]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r9, r9, r3
-	mov	r2, #0
-	adcs	r10, r10, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #56]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	add	r12, r12, r2
-	adds	r10, r10, r3
-	mov	r2, #0
-	adcs	r11, r11, r12
-	adc	r2, r2, #0
-	lsr	r3, r1, #31
-	ldr	r1, [sp, #60]
-	orr	r3, r3, r1, lsl #1
-	umull	r3, r12, lr, r3
-	adds	r11, r11, r3
-	adc	r3, r12, r2
-	#  Overflow
-	lsl	r3, r3, #1
-	orr	r3, r3, r11, lsr #31
-	mul	r3, r3, lr
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r3
-	adcs	r5, r5, #0
-	adcs	r6, r6, #0
-	adcs	r7, r7, #0
-	adcs	r8, r8, #0
-	adcs	r9, r9, #0
-	adcs	r10, r10, #0
-	adc	r11, r11, #0
-	# Reduce if top bit set
-	asr	r3, r11, #31
-	and	r3, r3, lr
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r3
-	adcs	r5, r5, #0
+	eor	r2, r2, r3
+	sub	r2, r2, r3
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	sub	lr, r2, #1
+#else
+	clz	lr, r2
+	lsl	lr, lr, #26
+#endif /* defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6) */
+	asr	lr, lr, #31
+	mvn	lr, lr
+	add	r2, r2, lr
+	mov	r12, #0x60
+	mul	r2, r2, r12
+	add	r1, r1, r2
+	ldm	r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r6, r6, lr
+	and	r7, r7, lr
+	and	r8, r8, lr
+	and	r9, r9, lr
+	and	r10, r10, lr
+	and	r11, r11, lr
+	mvn	r12, lr
+	sub	r4, r4, r12
+	mov	r12, #32
+	and	r12, r12, r3
+	add	r0, r0, r12
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	sub	r0, r0, r12
+	ldm	r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r6, r6, lr
+	and	r7, r7, lr
+	and	r8, r8, lr
+	and	r9, r9, lr
+	and	r10, r10, lr
+	and	r11, r11, lr
+	mvn	r12, lr
+	sub	r4, r4, r12
+	mov	r12, #32
+	bic	r12, r12, r3
+	add	r0, r0, r12
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	sub	r0, r0, r12
+	add	r0, r0, #0x40
+	ldm	r1!, {r4, r5, r6, r7}
+	mvn	r12, #18
+	subs	r8, r12, r4
+	sbcs	r9, r3, r5
+	sbcs	r10, r3, r6
+	sbcs	r11, r3, r7
+	bic	r4, r4, r3
+	bic	r5, r5, r3
+	bic	r6, r6, r3
+	bic	r7, r7, r3
+	and	r8, r8, r3
+	and	r9, r9, r3
+	and	r10, r10, r3
+	and	r11, r11, r3
+	orr	r4, r4, r8
+	orr	r5, r5, r9
+	orr	r6, r6, r10
+	orr	r7, r7, r11
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r6, r6, lr
+	and	r7, r7, lr
+	stm	r0!, {r4, r5, r6, r7}
+	ldm	r1!, {r4, r5, r6, r7}
+	mvn	r12, #0x80000000
+	sbcs	r8, r3, r4
+	sbcs	r9, r3, r5
+	sbcs	r10, r3, r6
+	sbc	r11, r12, r7
+	bic	r4, r4, r3
+	bic	r5, r5, r3
+	bic	r6, r6, r3
+	bic	r7, r7, r3
+	and	r8, r8, r3
+	and	r9, r9, r3
+	and	r10, r10, r3
+	and	r11, r11, r3
+	orr	r4, r4, r8
+	orr	r5, r5, r9
+	orr	r6, r6, r10
+	orr	r7, r7, r11
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r6, r6, lr
+	and	r7, r7, lr
+	stm	r0!, {r4, r5, r6, r7}
+	sub	r1, r1, r2
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	fe_cmov_table,.-fe_cmov_table
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	.text
+	.align	4
+	.globl	fe_mul_op
+	.type	fe_mul_op, %function
+fe_mul_op:
+	push	{lr}
+	sub	sp, sp, #40
+	str	r0, [sp, #36]
+	mov	r0, #0
+	ldr	r12, [r1]
+	# A[0] * B[0]
+	ldr	lr, [r2]
+	umull	r3, r4, r12, lr
+	# A[0] * B[2]
+	ldr	lr, [r2, #8]
+	umull	r5, r6, r12, lr
+	# A[0] * B[4]
+	ldr	lr, [r2, #16]
+	umull	r7, r8, r12, lr
+	# A[0] * B[6]
+	ldr	lr, [r2, #24]
+	umull	r9, r10, r12, lr
+	str	r3, [sp]
+	# A[0] * B[1]
+	ldr	lr, [r2, #4]
+	mov	r11, r0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[0] * B[3]
+	ldr	lr, [r2, #12]
 	adcs	r6, r6, #0
-	adcs	r7, r7, #0
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[0] * B[5]
+	ldr	lr, [r2, #20]
 	adcs	r8, r8, #0
-	adcs	r9, r9, #0
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[0] * B[7]
+	ldr	lr, [r2, #28]
 	adcs	r10, r10, #0
+	adc	r3, r0, #0
+	umlal	r10, r3, r12, lr
+	# A[1] * B[0]
+	ldr	r12, [r1, #4]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r4, r11, r12, lr
+	str	r4, [sp, #4]
+	adds	r5, r5, r11
+	# A[1] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[1] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[1] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[1] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[1] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[1] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[1] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r4, r0, #0
+	umlal	r3, r4, r12, lr
+	# A[2] * B[0]
+	ldr	r12, [r1, #8]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r5, r11, r12, lr
+	str	r5, [sp, #8]
+	adds	r6, r6, r11
+	# A[2] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[2] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[2] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[2] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[2] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[2] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[2] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r5, r0, #0
+	umlal	r4, r5, r12, lr
+	# A[3] * B[0]
+	ldr	r12, [r1, #12]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	str	r6, [sp, #12]
+	adds	r7, r7, r11
+	# A[3] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[3] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[3] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[3] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[3] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[3] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[3] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r6, r0, #0
+	umlal	r5, r6, r12, lr
+	# A[4] * B[0]
+	ldr	r12, [r1, #16]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r7, r11, r12, lr
+	str	r7, [sp, #16]
+	adds	r8, r8, r11
+	# A[4] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[4] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[4] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[4] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[4] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[4] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[4] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r7, r0, #0
+	umlal	r6, r7, r12, lr
+	# A[5] * B[0]
+	ldr	r12, [r1, #20]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r8, r11, r12, lr
+	str	r8, [sp, #20]
+	adds	r9, r9, r11
+	# A[5] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[5] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[5] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[5] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[5] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[5] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[5] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r8, r0, #0
+	umlal	r7, r8, r12, lr
+	# A[6] * B[0]
+	ldr	r12, [r1, #24]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r9, r11, r12, lr
+	str	r9, [sp, #24]
+	adds	r10, r10, r11
+	# A[6] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[6] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[6] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[6] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[6] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[6] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[6] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r9, r0, #0
+	umlal	r8, r9, r12, lr
+	# A[7] * B[0]
+	ldr	r12, [r1, #28]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r10, r11, r12, lr
+	str	r10, [sp, #28]
+	adds	r3, r3, r11
+	# A[7] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[7] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[7] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[7] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[7] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[7] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[7] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r10, r0, #0
+	umlal	r9, r10, r12, lr
+	# Reduce
+	ldr	r2, [sp, #28]
+	mov	lr, sp
+	mov	r12, #38
+	umull	r10, r11, r12, r10
+	adds	r10, r10, r2
 	adc	r11, r11, #0
+	mov	r12, #19
+	lsl	r11, r11, #1
+	orr	r11, r11, r10, LSR #31
+	mul	r11, r12, r11
+	ldm	lr!, {r1, r2}
+	mov	r12, #38
+	adds	r1, r1, r11
+	adc	r11, r0, #0
+	umlal	r1, r11, r3, r12
+	adds	r2, r2, r11
+	adc	r11, r0, #0
+	umlal	r2, r11, r4, r12
+	ldm	lr!, {r3, r4}
+	adds	r3, r3, r11
+	adc	r11, r0, #0
+	umlal	r3, r11, r5, r12
+	adds	r4, r4, r11
+	adc	r11, r0, #0
+	umlal	r4, r11, r6, r12
+	ldm	lr!, {r5, r6}
+	adds	r5, r5, r11
+	adc	r11, r0, #0
+	umlal	r5, r11, r7, r12
+	adds	r6, r6, r11
+	adc	r11, r0, #0
+	umlal	r6, r11, r8, r12
+	ldm	lr!, {r7, r8}
+	adds	r7, r7, r11
+	adc	r11, r0, #0
+	umlal	r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r10, r10, #0x80000000
+#else
+	bfc	r10, #31, #1
+#endif
+	adds	r8, r10, r11
 	# Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	ldr	r0, [sp, #36]
+	stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	add	sp, sp, #40
+	pop	{pc}
+	.size	fe_mul_op,.-fe_mul_op
 #else
-	strd	r10, r11, [r0, #24]
-#endif
-	add	sp, sp, #0x40
-	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_mul,.-fe_mul
 	.text
 	.align	4
-	.globl	fe_sq
-	.type	fe_sq, %function
-fe_sq:
-	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #0x40
-	# Square
-	ldr	r7, [r1]
-	ldr	r8, [r1, #4]
-	ldr	r9, [r1, #8]
-	ldr	r10, [r1, #12]
-	ldr	r12, [r1, #16]
-	#  A[0] * A[0] = 0
-	umull	r4, r5, r7, r7
-	str	r4, [sp]
-	#  A[0] * A[1] = 1
-	umull	r2, r3, r7, r8
-	mov	r6, #0
-	adds	r5, r5, r2
-	adc	r6, r6, r3
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #4]
-	#  A[1] * A[1] = 2
-	umull	r2, r3, r8, r8
-	adds	r6, r6, r2
-	adc	r4, r4, r3
-	#  A[0] * A[2] = 2
-	umull	r2, r3, r7, r9
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #8]
-	#  A[0] * A[3] = 3
-	umull	r2, r3, r7, r10
-	adds	r4, r4, r2
-	adc	r5, r5, r3
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[1] * A[2] = 3
-	umull	r2, r3, r8, r9
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #12]
-	#  A[2] * A[2] = 4
-	umull	r2, r3, r9, r9
-	adds	r5, r5, r2
+	.globl	fe_mul_op
+	.type	fe_mul_op, %function
+fe_mul_op:
+	push	{lr}
+	sub	sp, sp, #44
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r0, [sp, #36]
+	str	r1, [sp, #40]
+#else
+	strd	r0, r1, [sp, #36]
+#endif
+	mov	lr, r2
+	ldm	r1, {r0, r1, r2, r3}
+	ldm	lr!, {r4, r5, r6}
+	umull	r10, r11, r0, r4
+	umull	r12, r7, r1, r4
+	umaal	r11, r12, r0, r5
+	umull	r8, r9, r2, r4
+	umaal	r12, r8, r1, r5
+	umaal	r12, r7, r0, r6
+	umaal	r8, r9, r3, r4
+	stm	sp, {r10, r11, r12}
+	umaal	r7, r8, r2, r5
+	ldm	lr!, {r4}
+	umull	r10, r11, r1, r6
+	umaal	r8, r9, r2, r6
+	umaal	r7, r10, r0, r4
+	umaal	r8, r11, r3, r5
+	str	r7, [sp, #12]
+	umaal	r8, r10, r1, r4
+	umaal	r9, r11, r3, r6
+	umaal	r9, r10, r2, r4
+	umaal	r10, r11, r3, r4
+	ldm	lr, {r4, r5, r6, r7}
+	mov	r12, #0
+	umlal	r8, r12, r0, r4
+	umaal	r9, r12, r1, r4
+	umaal	r10, r12, r2, r4
+	umaal	r11, r12, r3, r4
 	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[1] * A[3] = 4
-	umull	r2, r3, r8, r10
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[0] * A[4] = 4
-	umull	r2, r3, r7, r12
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #16]
-	#  A[0] * A[5] = 5
-	ldr	r11, [r1, #20]
-	umull	r2, r3, r7, r11
-	adds	r6, r6, r2
+	umlal	r9, r4, r0, r5
+	umaal	r10, r4, r1, r5
+	umaal	r11, r4, r2, r5
+	umaal	r12, r4, r3, r5
 	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[1] * A[4] = 5
-	umull	r2, r3, r8, r12
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[2] * A[3] = 5
-	umull	r2, r3, r9, r10
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #20]
-	#  A[3] * A[3] = 6
-	umull	r2, r3, r10, r10
-	adds	r4, r4, r2
+	umlal	r10, r5, r0, r6
+	umaal	r11, r5, r1, r6
+	umaal	r12, r5, r2, r6
+	umaal	r4, r5, r3, r6
 	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[2] * A[4] = 6
-	umull	r2, r3, r9, r12
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[1] * A[5] = 6
-	umull	r2, r3, r8, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[0] * A[6] = 6
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r7, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #24]
-	#  A[0] * A[7] = 7
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r7, r11
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[1] * A[6] = 7
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r8, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[2] * A[5] = 7
-	ldr	r11, [r1, #20]
-	umull	r2, r3, r9, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[3] * A[4] = 7
-	umull	r2, r3, r10, r12
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #28]
-	#  A[4] * A[4] = 8
-	umull	r2, r3, r12, r12
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[3] * A[5] = 8
-	umull	r2, r3, r10, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[2] * A[6] = 8
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r9, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[1] * A[7] = 8
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r8, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
+	umlal	r11, r6, r0, r7
+	ldr	r0, [sp, #40]
+	umaal	r12, r6, r1, r7
+	add	r0, r0, #16
+	umaal	r4, r6, r2, r7
+	sub	lr, lr, #16
+	umaal	r5, r6, r3, r7
+	ldm	r0, {r0, r1, r2, r3}
 	str	r6, [sp, #32]
-	ldr	r7, [r1, #20]
-	#  A[2] * A[7] = 9
-	umull	r2, r3, r9, r11
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[3] * A[6] = 9
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r10, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[4] * A[5] = 9
-	umull	r2, r3, r12, r7
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #36]
-	mov	r8, r11
-	#  A[5] * A[5] = 10
-	umull	r2, r3, r7, r7
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[4] * A[6] = 10
-	umull	r2, r3, r12, r8
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[3] * A[7] = 10
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r10, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #40]
-	mov	r9, r11
-	#  A[4] * A[7] = 11
-	umull	r2, r3, r12, r9
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[5] * A[6] = 11
-	umull	r2, r3, r7, r8
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #44]
-	#  A[6] * A[6] = 12
-	umull	r2, r3, r8, r8
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[5] * A[7] = 12
-	umull	r2, r3, r7, r9
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #48]
-	#  A[6] * A[7] = 13
-	umull	r2, r3, r8, r9
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #52]
-	#  A[7] * A[7] = 14
-	umull	r2, r3, r9, r9
-	adds	r6, r6, r2
-	adc	r4, r4, r3
-	str	r6, [sp, #56]
-	str	r4, [sp, #60]
+	ldm	lr!, {r6}
+	mov	r7, #0
+	umlal	r8, r7, r0, r6
+	umaal	r9, r7, r1, r6
+	str	r8, [sp, #16]
+	umaal	r10, r7, r2, r6
+	umaal	r11, r7, r3, r6
+	ldm	lr!, {r6}
+	mov	r8, #0
+	umlal	r9, r8, r0, r6
+	umaal	r10, r8, r1, r6
+	str	r9, [sp, #20]
+	umaal	r11, r8, r2, r6
+	umaal	r12, r8, r3, r6
+	ldm	lr!, {r6}
+	mov	r9, #0
+	umlal	r10, r9, r0, r6
+	umaal	r11, r9, r1, r6
+	str	r10, [sp, #24]
+	umaal	r12, r9, r2, r6
+	umaal	r4, r9, r3, r6
+	ldm	lr!, {r6}
+	mov	r10, #0
+	umlal	r11, r10, r0, r6
+	umaal	r12, r10, r1, r6
+	str	r11, [sp, #28]
+	umaal	r4, r10, r2, r6
+	umaal	r5, r10, r3, r6
+	ldm	lr!, {r11}
+	umaal	r12, r7, r0, r11
+	umaal	r4, r7, r1, r11
+	ldr	r6, [sp, #32]
+	umaal	r5, r7, r2, r11
+	umaal	r6, r7, r3, r11
+	ldm	lr!, {r11}
+	umaal	r4, r8, r0, r11
+	umaal	r5, r8, r1, r11
+	umaal	r6, r8, r2, r11
+	umaal	r7, r8, r3, r11
+	ldm	lr, {r11, lr}
+	umaal	r5, r9, r0, r11
+	umaal	r6, r10, r0, lr
+	umaal	r6, r9, r1, r11
+	umaal	r7, r10, r1, lr
+	umaal	r7, r9, r2, r11
+	umaal	r8, r10, r2, lr
+	umaal	r8, r9, r3, r11
+	umaal	r9, r10, r3, lr
 	# Reduce
-	#  Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
-#else
-	ldrd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #8]
-	ldr	r7, [sp, #12]
-#else
-	ldrd	r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #16]
-	ldr	r9, [sp, #20]
-#else
-	ldrd	r8, r9, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #24]
-	ldr	r11, [sp, #28]
-#else
-	ldrd	r10, r11, [sp, #24]
-#endif
-	lsr	r2, r11, #31
-	and	r11, r11, #0x7fffffff
-	mov	r12, #19
-	ldr	r1, [sp, #32]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	adds	r4, r4, r2
-	mov	lr, #0
-	adcs	r5, r5, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #36]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r5, r5, r2
-	mov	lr, #0
-	adcs	r6, r6, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #40]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r6, r6, r2
-	mov	lr, #0
-	adcs	r7, r7, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #44]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r7, r7, r2
-	mov	lr, #0
-	adcs	r8, r8, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #48]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r8, r8, r2
-	mov	lr, #0
-	adcs	r9, r9, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #52]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r9, r9, r2
-	mov	lr, #0
-	adcs	r10, r10, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #56]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r10, r10, r2
-	mov	lr, #0
-	adcs	r11, r11, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #31
-	ldr	r1, [sp, #60]
-	orr	r2, r2, r1, lsl #1
-	umull	r2, r3, r12, r2
-	adds	r11, r11, r2
-	adc	r2, r3, lr
-	#  Overflow
-	lsl	r2, r2, #1
-	orr	r2, r2, r11, lsr #31
-	mul	r2, r2, r12
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r2
+	ldr	r0, [sp, #28]
+	mov	lr, #37
+	umaal	r10, r0, r10, lr
+	mov	lr, #19
+	lsl	r0, r0, #1
+	orr	r0, r0, r10, lsr #31
+	mul	r11, r0, lr
+	pop	{r0, r1, r2}
+	mov	lr, #38
+	umaal	r0, r11, r12, lr
+	umaal	r1, r11, r4, lr
+	umaal	r2, r11, r5, lr
+	pop	{r3, r4, r5}
+	umaal	r3, r11, r6, lr
+	umaal	r4, r11, r7, lr
+	umaal	r5, r11, r8, lr
+	pop	{r6}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r10, r10, #0x80000000
+#else
+	bfc	r10, #31, #1
+#endif
+	umaal	r6, r11, r9, lr
+	add	r7, r10, r11
+	ldr	lr, [sp, #8]
+	# Store
+	stm	lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+	add	sp, sp, #16
+	pop	{pc}
+	.size	fe_mul_op,.-fe_mul_op
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	.text
+	.align	4
+	.globl	fe_mul
+	.type	fe_mul, %function
+fe_mul:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	bl	fe_mul_op
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	fe_mul,.-fe_mul
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	.text
+	.align	4
+	.globl	fe_sq_op
+	.type	fe_sq_op, %function
+fe_sq_op:
+	push	{lr}
+	sub	sp, sp, #0x44
+	str	r0, [sp, #64]
+	# Square
+	mov	r0, #0
+	ldr	r12, [r1]
+	# A[0] * A[1]
+	ldr	lr, [r1, #4]
+	umull	r4, r5, r12, lr
+	# A[0] * A[3]
+	ldr	lr, [r1, #12]
+	umull	r6, r7, r12, lr
+	# A[0] * A[5]
+	ldr	lr, [r1, #20]
+	umull	r8, r9, r12, lr
+	# A[0] * A[7]
+	ldr	lr, [r1, #28]
+	umull	r10, r3, r12, lr
+	# A[0] * A[2]
+	ldr	lr, [r1, #8]
+	mov	r11, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[0] * A[4]
+	ldr	lr, [r1, #16]
+	adcs	r7, r7, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[0] * A[6]
+	ldr	lr, [r1, #24]
+	adcs	r9, r9, #0
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	adcs	r3, r3, #0
+	str	r4, [sp, #4]
+	str	r5, [sp, #8]
+	# A[1] * A[2]
+	ldr	r12, [r1, #4]
+	ldr	lr, [r1, #8]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	str	r6, [sp, #12]
+	adds	r7, r7, r11
+	# A[1] * A[3]
+	ldr	lr, [r1, #12]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	str	r7, [sp, #16]
+	adds	r8, r8, r11
+	# A[1] * A[4]
+	ldr	lr, [r1, #16]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[1] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[1] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[1] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r4, r0, #0
+	umlal	r3, r4, r12, lr
+	# A[2] * A[3]
+	ldr	r12, [r1, #8]
+	ldr	lr, [r1, #12]
+	mov	r11, #0
+	umlal	r8, r11, r12, lr
+	str	r8, [sp, #20]
+	adds	r9, r9, r11
+	# A[2] * A[4]
+	ldr	lr, [r1, #16]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	str	r9, [sp, #24]
+	adds	r10, r10, r11
+	# A[2] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[2] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[2] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r5, r0, #0
+	umlal	r4, r5, r12, lr
+	# A[3] * A[4]
+	ldr	r12, [r1, #12]
+	ldr	lr, [r1, #16]
+	mov	r11, #0
+	umlal	r10, r11, r12, lr
+	str	r10, [sp, #28]
+	adds	r3, r3, r11
+	# A[3] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[3] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[3] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r6, r0, #0
+	umlal	r5, r6, r12, lr
+	# A[4] * A[5]
+	ldr	r12, [r1, #16]
+	ldr	lr, [r1, #20]
+	mov	r11, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[4] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[4] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r7, r0, #0
+	umlal	r6, r7, r12, lr
+	# A[5] * A[6]
+	ldr	r12, [r1, #20]
+	ldr	lr, [r1, #24]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[5] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r8, r0, #0
+	umlal	r7, r8, r12, lr
+	# A[6] * A[7]
+	ldr	r12, [r1, #24]
+	ldr	lr, [r1, #28]
+	mov	r9, #0
+	umlal	r8, r9, r12, lr
+	add	lr, sp, #32
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9}
+	add	lr, sp, #4
+	ldm	lr, {r4, r5, r6, r7, r8, r9, r10}
+	adds	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adcs	r10, r10, r10
+	stm	lr!, {r4, r5, r6, r7, r8, r9, r10}
+	ldm	lr, {r3, r4, r5, r6, r7, r8, r9}
+	adcs	r3, r3, r3
+	adcs	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adc	r10, r0, #0
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	add	lr, sp, #4
+	ldm	lr, {r4, r5, r6, r7, r8, r9, r10}
+	mov	lr, sp
+	# A[0] * A[0]
+	ldr	r12, [r1]
+	umull	r3, r11, r12, r12
+	adds	r4, r4, r11
+	# A[1] * A[1]
+	ldr	r12, [r1, #4]
 	adcs	r5, r5, #0
-	adcs	r6, r6, #0
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, r12
+	adds	r6, r6, r11
+	# A[2] * A[2]
+	ldr	r12, [r1, #8]
 	adcs	r7, r7, #0
-	adcs	r8, r8, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, r12
+	adds	r8, r8, r11
+	# A[3] * A[3]
+	ldr	r12, [r1, #12]
 	adcs	r9, r9, #0
-	adcs	r10, r10, #0
-	adc	r11, r11, #0
-	# Reduce if top bit set
-	asr	r2, r11, #31
-	and	r2, r2, r12
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r2
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, r12
+	adds	r10, r10, r11
+	stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+	ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	# A[4] * A[4]
+	ldr	r12, [r1, #16]
+	adcs	r3, r3, #0
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, r12
+	adds	r4, r4, r11
+	# A[5] * A[5]
+	ldr	r12, [r1, #20]
 	adcs	r5, r5, #0
-	adcs	r6, r6, #0
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, r12
+	adds	r6, r6, r11
+	# A[6] * A[6]
+	ldr	r12, [r1, #24]
 	adcs	r7, r7, #0
-	adcs	r8, r8, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, r12
+	adds	r8, r8, r11
+	# A[7] * A[7]
+	ldr	r12, [r1, #28]
 	adcs	r9, r9, #0
-	adcs	r10, r10, #0
+	adc	r10, r10, #0
+	umlal	r9, r10, r12, r12
+	# Reduce
+	ldr	r2, [sp, #28]
+	mov	lr, sp
+	mov	r12, #38
+	umull	r10, r11, r12, r10
+	adds	r10, r10, r2
 	adc	r11, r11, #0
+	mov	r12, #19
+	lsl	r11, r11, #1
+	orr	r11, r11, r10, LSR #31
+	mul	r11, r12, r11
+	ldm	lr!, {r1, r2}
+	mov	r12, #38
+	adds	r1, r1, r11
+	adc	r11, r0, #0
+	umlal	r1, r11, r3, r12
+	adds	r2, r2, r11
+	adc	r11, r0, #0
+	umlal	r2, r11, r4, r12
+	ldm	lr!, {r3, r4}
+	adds	r3, r3, r11
+	adc	r11, r0, #0
+	umlal	r3, r11, r5, r12
+	adds	r4, r4, r11
+	adc	r11, r0, #0
+	umlal	r4, r11, r6, r12
+	ldm	lr!, {r5, r6}
+	adds	r5, r5, r11
+	adc	r11, r0, #0
+	umlal	r5, r11, r7, r12
+	adds	r6, r6, r11
+	adc	r11, r0, #0
+	umlal	r6, r11, r8, r12
+	ldm	lr!, {r7, r8}
+	adds	r7, r7, r11
+	adc	r11, r0, #0
+	umlal	r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r10, r10, #0x80000000
+#else
+	bfc	r10, #31, #1
+#endif
+	adds	r8, r10, r11
 	# Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+	ldr	r0, [sp, #64]
+	stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	add	sp, sp, #0x44
+	pop	{pc}
+	.size	fe_sq_op,.-fe_sq_op
 #else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	.text
+	.align	4
+	.globl	fe_sq_op
+	.type	fe_sq_op, %function
+fe_sq_op:
+	push	{lr}
+	sub	sp, sp, #32
+	str	r0, [sp, #28]
+	ldm	r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+	# Square
+	umull	r9, r10, r0, r0
+	umull	r11, r12, r0, r1
+	adds	r11, r11, r11
+	mov	lr, #0
+	umaal	r10, r11, lr, lr
+	stm	sp, {r9, r10}
+	mov	r8, lr
+	umaal	r8, r12, r0, r2
+	adcs	r8, r8, r8
+	umaal	r8, r11, r1, r1
+	umull	r9, r10, r0, r3
+	umaal	r9, r12, r1, r2
+	adcs	r9, r9, r9
+	umaal	r9, r11, lr, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [sp, #8]
+	str	r9, [sp, #12]
 #else
-	strd	r10, r11, [r0, #24]
+	strd	r8, r9, [sp, #8]
 #endif
-	add	sp, sp, #0x40
+	mov	r9, lr
+	umaal	r9, r10, r0, r4
+	umaal	r9, r12, r1, r3
+	adcs	r9, r9, r9
+	umaal	r9, r11, r2, r2
+	str	r9, [sp, #16]
+	umull	r9, r8, r0, r5
+	umaal	r9, r12, r1, r4
+	umaal	r9, r10, r2, r3
+	adcs	r9, r9, r9
+	umaal	r9, r11, lr, lr
+	str	r9, [sp, #20]
+	mov	r9, lr
+	umaal	r9, r8, r0, r6
+	umaal	r9, r12, r1, r5
+	umaal	r9, r10, r2, r4
+	adcs	r9, r9, r9
+	umaal	r9, r11, r3, r3
+	str	r9, [sp, #24]
+	umull	r0, r9, r0, r7
+	umaal	r0, r8, r1, r6
+	umaal	r0, r12, r2, r5
+	umaal	r0, r10, r3, r4
+	adcs	r0, r0, r0
+	umaal	r0, r11, lr, lr
+	# R[7] = r0
+	umaal	r9, r8, r1, r7
+	umaal	r9, r10, r2, r6
+	umaal	r12, r9, r3, r5
+	adcs	r12, r12, r12
+	umaal	r12, r11, r4, r4
+	# R[8] = r12
+	umaal	r9, r8, r2, r7
+	umaal	r10, r9, r3, r6
+	mov	r2, lr
+	umaal	r10, r2, r4, r5
+	adcs	r10, r10, r10
+	umaal	r11, r10, lr, lr
+	# R[9] = r11
+	umaal	r2, r8, r3, r7
+	umaal	r2, r9, r4, r6
+	adcs	r3, r2, r2
+	umaal	r10, r3, r5, r5
+	# R[10] = r10
+	mov	r1, lr
+	umaal	r1, r8, r4, r7
+	umaal	r1, r9, r5, r6
+	adcs	r4, r1, r1
+	umaal	r3, r4, lr, lr
+	# R[11] = r3
+	umaal	r8, r9, r5, r7
+	adcs	r8, r8, r8
+	umaal	r4, r8, r6, r6
+	# R[12] = r4
+	mov	r5, lr
+	umaal	r5, r9, r6, r7
+	adcs	r5, r5, r5
+	umaal	r8, r5, lr, lr
+	# R[13] = r8
+	adcs	r9, r9, r9
+	umaal	r9, r5, r7, r7
+	adcs	r7, r5, lr
+	# R[14] = r9
+	# R[15] = r7
+	# Reduce
+	mov	r6, #37
+	umaal	r7, r0, r7, r6
+	mov	r6, #19
+	lsl	r0, r0, #1
+	orr	r0, r0, r7, lsr #31
+	mul	lr, r0, r6
+	pop	{r0, r1}
+	mov	r6, #38
+	umaal	r0, lr, r12, r6
+	umaal	r1, lr, r11, r6
+	mov	r12, r3
+	mov	r11, r4
+	pop	{r2, r3, r4}
+	umaal	r2, lr, r10, r6
+	umaal	r3, lr, r12, r6
+	umaal	r4, lr, r11, r6
+	mov	r12, r6
+	pop	{r5, r6}
+	umaal	r5, lr, r8, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r7, r7, #0x80000000
+#else
+	bfc	r7, #31, #1
+#endif
+	umaal	r6, lr, r9, r12
+	add	r7, r7, lr
+	pop	{lr}
+	# Store
+	stm	lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+	pop	{pc}
+	.size	fe_sq_op,.-fe_sq_op
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+	.text
+	.align	4
+	.globl	fe_sq
+	.type	fe_sq, %function
+fe_sq:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	bl	fe_sq_op
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	fe_sq,.-fe_sq
+#ifdef HAVE_CURVE25519
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
 	.text
 	.align	4
 	.globl	fe_mul121666
@@ -3457,719 +3402,121 @@ fe_sq:
 fe_mul121666:
 	push	{r4, r5, r6, r7, r8, r9, r10, lr}
 	# Multiply by 121666
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r2, [r1]
-	ldr	r3, [r1, #4]
+	ldm	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #1
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xdb
+	lsl	r10, r10, #8
+	orr	r10, r10, #0x42
 #else
-	ldrd	r2, r3, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xdb
+	lsl	r10, r10, #8
+	add	r10, r10, #0x42
 #else
-	ldrd	r4, r5, [r1, #8]
+	mov	r10, #0xdb42
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #16]
-	ldr	r7, [r1, #20]
-#else
-	ldrd	r6, r7, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #24]
-	ldr	r9, [r1, #28]
-#else
-	ldrd	r8, r9, [r1, #24]
+	movt	r10, #1
 #endif
-	movw	lr, #0xdb42
-	movt	lr, #1
-	umull	r2, r10, r2, lr
-	umull	r3, r12, r3, lr
-	adds	r3, r3, r10
-	adc	r10, r12, #0
-	umull	r4, r12, r4, lr
-	adds	r4, r4, r10
-	adc	r10, r12, #0
-	umull	r5, r12, r5, lr
-	adds	r5, r5, r10
-	adc	r10, r12, #0
-	umull	r6, r12, r6, lr
-	adds	r6, r6, r10
-	adc	r10, r12, #0
-	umull	r7, r12, r7, lr
-	adds	r7, r7, r10
-	adc	r10, r12, #0
-	umull	r8, r12, r8, lr
-	adds	r8, r8, r10
-	adc	r10, r12, #0
-	umull	r9, r12, r9, lr
-	adds	r9, r9, r10
-	adc	r10, r12, #0
-	mov	lr, #19
-	lsl	r10, r10, #1
-	orr	r10, r10, r9, lsr #31
-	mul	r10, r10, lr
-	and	r9, r9, #0x7fffffff
-	adds	r2, r2, r10
+	umull	r2, r12, r10, r2
+	umull	r3, lr, r10, r3
+	adds	r3, r3, r12
+	adc	lr, lr, #0
+	umull	r4, r12, r10, r4
+	adds	r4, r4, lr
+	adc	r12, r12, #0
+	umull	r5, lr, r10, r5
+	adds	r5, r5, r12
+	adc	lr, lr, #0
+	umull	r6, r12, r10, r6
+	adds	r6, r6, lr
+	adc	r12, r12, #0
+	umull	r7, lr, r10, r7
+	adds	r7, r7, r12
+	adc	lr, lr, #0
+	umull	r8, r12, r10, r8
+	adds	r8, r8, lr
+	adc	r12, r12, #0
+	umull	r9, lr, r10, r9
+	adds	r9, r9, r12
+	mov	r10, #19
+	adc	lr, lr, #0
+	lsl	lr, lr, #1
+	orr	lr, lr, r9, LSR #31
+	mul	lr, r10, lr
+	adds	r2, r2, lr
 	adcs	r3, r3, #0
 	adcs	r4, r4, #0
 	adcs	r5, r5, #0
 	adcs	r6, r6, #0
 	adcs	r7, r7, #0
-	adcs	r8, r8, #0
-	adc	r9, r9, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r2, [r0]
-	str	r3, [r0, #4]
-#else
-	strd	r2, r3, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #16]
-	str	r7, [r0, #20]
-#else
-	strd	r6, r7, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
 #else
-	strd	r8, r9, [r0, #24]
+	bfc	r9, #31, #1
 #endif
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
 	pop	{r4, r5, r6, r7, r8, r9, r10, pc}
 	.size	fe_mul121666,.-fe_mul121666
+#else
 	.text
 	.align	4
-	.globl	fe_sq2
-	.type	fe_sq2, %function
-fe_sq2:
-	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #0x40
-	# Square * 2
-	ldr	r7, [r1]
-	ldr	r8, [r1, #4]
-	ldr	r9, [r1, #8]
-	ldr	r10, [r1, #12]
-	ldr	r12, [r1, #16]
-	#  A[0] * A[0] = 0
-	umull	r4, r5, r7, r7
-	str	r4, [sp]
-	#  A[0] * A[1] = 1
-	umull	r2, r3, r7, r8
-	mov	r6, #0
-	adds	r5, r5, r2
-	adc	r6, r6, r3
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #4]
-	#  A[1] * A[1] = 2
-	umull	r2, r3, r8, r8
-	adds	r6, r6, r2
-	adc	r4, r4, r3
-	#  A[0] * A[2] = 2
-	umull	r2, r3, r7, r9
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #8]
-	#  A[0] * A[3] = 3
-	umull	r2, r3, r7, r10
-	adds	r4, r4, r2
-	adc	r5, r5, r3
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[1] * A[2] = 3
-	umull	r2, r3, r8, r9
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #12]
-	#  A[2] * A[2] = 4
-	umull	r2, r3, r9, r9
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[1] * A[3] = 4
-	umull	r2, r3, r8, r10
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[0] * A[4] = 4
-	umull	r2, r3, r7, r12
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #16]
-	#  A[0] * A[5] = 5
-	ldr	r11, [r1, #20]
-	umull	r2, r3, r7, r11
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[1] * A[4] = 5
-	umull	r2, r3, r8, r12
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[2] * A[3] = 5
-	umull	r2, r3, r9, r10
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #20]
-	#  A[3] * A[3] = 6
-	umull	r2, r3, r10, r10
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[2] * A[4] = 6
-	umull	r2, r3, r9, r12
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[1] * A[5] = 6
-	umull	r2, r3, r8, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[0] * A[6] = 6
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r7, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #24]
-	#  A[0] * A[7] = 7
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r7, r11
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[1] * A[6] = 7
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r8, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[2] * A[5] = 7
-	ldr	r11, [r1, #20]
-	umull	r2, r3, r9, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[3] * A[4] = 7
-	umull	r2, r3, r10, r12
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #28]
-	#  A[4] * A[4] = 8
-	umull	r2, r3, r12, r12
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[3] * A[5] = 8
-	umull	r2, r3, r10, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[2] * A[6] = 8
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r9, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[1] * A[7] = 8
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r8, r11
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #32]
-	ldr	r7, [r1, #20]
-	#  A[2] * A[7] = 9
-	umull	r2, r3, r9, r11
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[3] * A[6] = 9
-	ldr	r11, [r1, #24]
-	umull	r2, r3, r10, r11
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[4] * A[5] = 9
-	umull	r2, r3, r12, r7
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #36]
-	mov	r8, r11
-	#  A[5] * A[5] = 10
-	umull	r2, r3, r7, r7
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[4] * A[6] = 10
-	umull	r2, r3, r12, r8
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	#  A[3] * A[7] = 10
-	ldr	r11, [r1, #28]
-	umull	r2, r3, r10, r11
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #40]
-	mov	r9, r11
-	#  A[4] * A[7] = 11
-	umull	r2, r3, r12, r9
-	adds	r6, r6, r2
-	mov	r5, #0
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	#  A[5] * A[6] = 11
-	umull	r2, r3, r7, r8
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	adds	r6, r6, r2
-	adcs	r4, r4, r3
-	adc	r5, r5, #0
-	str	r6, [sp, #44]
-	#  A[6] * A[6] = 12
-	umull	r2, r3, r8, r8
-	adds	r4, r4, r2
-	mov	r6, #0
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	#  A[5] * A[7] = 12
-	umull	r2, r3, r7, r9
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	adds	r4, r4, r2
-	adcs	r5, r5, r3
-	adc	r6, r6, #0
-	str	r4, [sp, #48]
-	#  A[6] * A[7] = 13
-	umull	r2, r3, r8, r9
-	adds	r5, r5, r2
-	mov	r4, #0
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	adds	r5, r5, r2
-	adcs	r6, r6, r3
-	adc	r4, r4, #0
-	str	r5, [sp, #52]
-	#  A[7] * A[7] = 14
-	umull	r2, r3, r9, r9
-	adds	r6, r6, r2
-	adc	r4, r4, r3
-	str	r6, [sp, #56]
-	str	r4, [sp, #60]
-	# Double and Reduce
-	#  Load bottom half
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
-#else
-	ldrd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #8]
-	ldr	r7, [sp, #12]
+	.globl	fe_mul121666
+	.type	fe_mul121666, %function
+fe_mul121666:
+	push	{r4, r5, r6, r7, r8, r9, r10, lr}
+	# Multiply by 121666
+	ldm	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #1
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xdb
+	lsl	lr, lr, #8
+	orr	lr, lr, #0x42
 #else
-	ldrd	r6, r7, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #16]
-	ldr	r9, [sp, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #0xdb
+	lsl	lr, lr, #8
+	add	lr, lr, #0x42
 #else
-	ldrd	r8, r9, [sp, #16]
+	mov	lr, #0xdb42
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #24]
-	ldr	r11, [sp, #28]
-#else
-	ldrd	r10, r11, [sp, #24]
+	movt	lr, #1
 #endif
-	lsr	r2, r11, #30
-	lsl	r11, r11, #1
-	orr	r11, r11, r10, lsr #31
+	umull	r2, r10, lr, r2
+	sub	r12, lr, #1
+	umaal	r3, r10, r12, r3
+	umaal	r4, r10, r12, r4
+	umaal	r5, r10, r12, r5
+	umaal	r6, r10, r12, r6
+	umaal	r7, r10, r12, r7
+	umaal	r8, r10, r12, r8
+	mov	lr, #19
+	umaal	r9, r10, r12, r9
 	lsl	r10, r10, #1
 	orr	r10, r10, r9, lsr #31
-	lsl	r9, r9, #1
-	orr	r9, r9, r8, lsr #31
-	lsl	r8, r8, #1
-	orr	r8, r8, r7, lsr #31
-	lsl	r7, r7, #1
-	orr	r7, r7, r6, lsr #31
-	lsl	r6, r6, #1
-	orr	r6, r6, r5, lsr #31
-	lsl	r5, r5, #1
-	orr	r5, r5, r4, lsr #31
-	lsl	r4, r4, #1
-	and	r11, r11, #0x7fffffff
-	mov	r12, #19
-	ldr	r1, [sp, #32]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	adds	r4, r4, r2
-	mov	lr, #0
-	adcs	r5, r5, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #36]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r5, r5, r2
-	mov	lr, #0
-	adcs	r6, r6, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #40]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r6, r6, r2
-	mov	lr, #0
-	adcs	r7, r7, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #44]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r7, r7, r2
-	mov	lr, #0
-	adcs	r8, r8, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #48]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r8, r8, r2
-	mov	lr, #0
-	adcs	r9, r9, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #52]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r9, r9, r2
-	mov	lr, #0
-	adcs	r10, r10, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #56]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	add	r3, r3, lr
-	adds	r10, r10, r2
-	mov	lr, #0
-	adcs	r11, r11, r3
-	adc	lr, lr, #0
-	lsr	r2, r1, #30
-	ldr	r1, [sp, #60]
-	orr	r2, r2, r1, lsl #2
-	umull	r2, r3, r12, r2
-	adds	r11, r11, r2
-	adc	r2, r3, lr
-	#  Overflow
-	lsl	r2, r2, #1
-	orr	r2, r2, r11, lsr #31
-	mul	r2, r2, r12
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r2
-	adcs	r5, r5, #0
-	adcs	r6, r6, #0
-	adcs	r7, r7, #0
-	adcs	r8, r8, #0
-	adcs	r9, r9, #0
-	adcs	r10, r10, #0
-	adc	r11, r11, #0
-	# Reduce if top bit set
-	asr	r2, r11, #31
-	and	r2, r2, r12
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r2
+	mul	r10, lr, r10
+	adds	r2, r2, r10
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
 	adcs	r5, r5, #0
 	adcs	r6, r6, #0
 	adcs	r7, r7, #0
-	adcs	r8, r8, #0
-	adcs	r9, r9, #0
-	adcs	r10, r10, #0
-	adc	r11, r11, #0
-	# Store
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0x80000000
 #else
-	strd	r8, r9, [r0, #16]
+	bfc	r9, #31, #1
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	add	sp, sp, #0x40
-	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_sq2,.-fe_sq2
-	.text
-	.align	4
-	.globl	fe_invert
-	.type	fe_invert, %function
-fe_invert:
-	push	{r4, lr}
-	sub	sp, sp, #0x88
-	# Invert
-	str	r0, [sp, #128]
-	str	r1, [sp, #132]
-	mov	r0, sp
-	ldr	r1, [sp, #132]
-	bl	fe_sq
-	add	r0, sp, #32
-	mov	r1, sp
-	bl	fe_sq
-	add	r0, sp, #32
-	add	r1, sp, #32
-	bl	fe_sq
-	add	r0, sp, #32
-	ldr	r1, [sp, #132]
-	add	r2, sp, #32
-	bl	fe_mul
-	mov	r0, sp
-	mov	r1, sp
-	add	r2, sp, #32
-	bl	fe_mul
-	add	r0, sp, #0x40
-	mov	r1, sp
-	bl	fe_sq
-	add	r0, sp, #32
-	add	r1, sp, #32
-	add	r2, sp, #0x40
-	bl	fe_mul
-	add	r0, sp, #0x40
-	add	r1, sp, #32
-	bl	fe_sq
-	mov	r4, #4
-L_fe_invert1:
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert1
-	add	r0, sp, #32
-	add	r1, sp, #0x40
-	add	r2, sp, #32
-	bl	fe_mul
-	add	r0, sp, #0x40
-	add	r1, sp, #32
-	bl	fe_sq
-	mov	r4, #9
-L_fe_invert2:
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert2
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	add	r2, sp, #32
-	bl	fe_mul
-	add	r0, sp, #0x60
-	add	r1, sp, #0x40
-	bl	fe_sq
-	mov	r4, #19
-L_fe_invert3:
-	add	r0, sp, #0x60
-	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert3
-	add	r0, sp, #0x40
-	add	r1, sp, #0x60
-	add	r2, sp, #0x40
-	bl	fe_mul
-	mov	r4, #10
-L_fe_invert4:
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert4
-	add	r0, sp, #32
-	add	r1, sp, #0x40
-	add	r2, sp, #32
-	bl	fe_mul
-	add	r0, sp, #0x40
-	add	r1, sp, #32
-	bl	fe_sq
-	mov	r4, #49
-L_fe_invert5:
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert5
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	add	r2, sp, #32
-	bl	fe_mul
-	add	r0, sp, #0x60
-	add	r1, sp, #0x40
-	bl	fe_sq
-	mov	r4, #0x63
-L_fe_invert6:
-	add	r0, sp, #0x60
-	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert6
-	add	r0, sp, #0x40
-	add	r1, sp, #0x60
-	add	r2, sp, #0x40
-	bl	fe_mul
-	mov	r4, #50
-L_fe_invert7:
-	add	r0, sp, #0x40
-	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert7
-	add	r0, sp, #32
-	add	r1, sp, #0x40
-	add	r2, sp, #32
-	bl	fe_mul
-	mov	r4, #5
-L_fe_invert8:
-	add	r0, sp, #32
-	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_fe_invert8
-	ldr	r0, [sp, #128]
-	add	r1, sp, #32
-	mov	r2, sp
-	bl	fe_mul
-	ldr	r1, [sp, #132]
-	ldr	r0, [sp, #128]
-	add	sp, sp, #0x88
-	pop	{r4, pc}
-	.size	fe_invert,.-fe_invert
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	pop	{r4, r5, r6, r7, r8, r9, r10, pc}
+	.size	fe_mul121666,.-fe_mul121666
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifndef WC_NO_CACHE_RESISTANT
 	.text
 	.align	4
 	.globl	curve25519
@@ -4182,138 +3529,24 @@ curve25519:
 	str	r2, [sp, #168]
 	mov	r1, #0
 	str	r1, [sp, #172]
-	# Set one
-	mov	r10, #1
-	mov	r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0]
-	str	r11, [r0, #4]
-#else
-	strd	r10, r11, [r0]
-#endif
-	mov	r10, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #16]
-	str	r11, [r0, #20]
-#else
-	strd	r10, r11, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	# Set zero
+	mov	r4, #1
+	mov	r5, #0
+	mov	r6, #0
+	mov	r7, #0
+	mov	r8, #0
+	mov	r9, #0
 	mov	r10, #0
 	mov	r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp]
-	str	r11, [sp, #4]
-#else
-	strd	r10, r11, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #8]
-	str	r11, [sp, #12]
-#else
-	strd	r10, r11, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #16]
-	str	r11, [sp, #20]
-#else
-	strd	r10, r11, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #24]
-	str	r11, [sp, #28]
-#else
-	strd	r10, r11, [sp, #24]
-#endif
-	# Set one
-	mov	r10, #1
-	mov	r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #32]
-	str	r11, [sp, #36]
-#else
-	strd	r10, r11, [sp, #32]
-#endif
-	mov	r10, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #40]
-	str	r11, [sp, #44]
-#else
-	strd	r10, r11, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #48]
-	str	r11, [sp, #52]
-#else
-	strd	r10, r11, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #56]
-	str	r11, [sp, #60]
-#else
-	strd	r10, r11, [sp, #56]
-#endif
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	add	r3, sp, #32
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	mov	r4, #0
+	mov	r3, sp
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	add	r3, sp, #0x40
 	# Copy
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
-#else
-	ldrd	r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2, #8]
-	ldr	r7, [r2, #12]
-#else
-	ldrd	r6, r7, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #64]
-	str	r5, [sp, #68]
-#else
-	strd	r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #72]
-	str	r7, [sp, #76]
-#else
-	strd	r6, r7, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
-#else
-	ldrd	r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2, #24]
-	ldr	r7, [r2, #28]
-#else
-	ldrd	r6, r7, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #80]
-	str	r5, [sp, #84]
-#else
-	strd	r4, r5, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #88]
-	str	r7, [sp, #92]
-#else
-	strd	r6, r7, [sp, #88]
-#endif
+	ldm	r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
 	mov	r1, #30
 	str	r1, [sp, #180]
 	mov	r2, #28
@@ -4331,19 +3564,11 @@ L_curve25519_bits:
 	str	r1, [sp, #172]
 	ldr	r0, [sp, #160]
 	# Conditional Swap
-	neg	r1, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #64]
-	ldr	r7, [sp, #68]
-#else
-	ldrd	r6, r7, [sp, #64]
-#endif
+	rsb	r1, r1, #0
+	mov	r3, r0
+	add	r12, sp, #0x40
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4352,30 +3577,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #64]
-	str	r7, [sp, #68]
-#else
-	strd	r6, r7, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #72]
-	ldr	r7, [sp, #76]
-#else
-	ldrd	r6, r7, [sp, #72]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4384,30 +3589,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #72]
-	str	r7, [sp, #76]
-#else
-	strd	r6, r7, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #80]
-	ldr	r7, [sp, #84]
-#else
-	ldrd	r6, r7, [sp, #80]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4416,30 +3601,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #80]
-	str	r7, [sp, #84]
-#else
-	strd	r6, r7, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #24]
-	ldr	r5, [r0, #28]
-#else
-	ldrd	r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #88]
-	ldr	r7, [sp, #92]
-#else
-	ldrd	r6, r7, [sp, #88]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4448,33 +3613,15 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #24]
-	str	r5, [r0, #28]
-#else
-	strd	r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #88]
-	str	r7, [sp, #92]
-#else
-	strd	r6, r7, [sp, #88]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
 	ldr	r1, [sp, #172]
 	# Conditional Swap
-	neg	r1, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
-#else
-	ldrd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #32]
-	ldr	r7, [sp, #36]
-#else
-	ldrd	r6, r7, [sp, #32]
-#endif
+	rsb	r1, r1, #0
+	mov	r3, sp
+	add	r12, sp, #32
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4483,30 +3630,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp]
-	str	r5, [sp, #4]
-#else
-	strd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #32]
-	str	r7, [sp, #36]
-#else
-	strd	r6, r7, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #8]
-	ldr	r5, [sp, #12]
-#else
-	ldrd	r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #40]
-	ldr	r7, [sp, #44]
-#else
-	ldrd	r6, r7, [sp, #40]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4515,30 +3642,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #8]
-	str	r5, [sp, #12]
-#else
-	strd	r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #40]
-	str	r7, [sp, #44]
-#else
-	strd	r6, r7, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #16]
-	ldr	r5, [sp, #20]
-#else
-	ldrd	r4, r5, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #48]
-	ldr	r7, [sp, #52]
-#else
-	ldrd	r6, r7, [sp, #48]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4547,30 +3654,10 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #16]
-	str	r5, [sp, #20]
-#else
-	strd	r4, r5, [sp, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #48]
-	str	r7, [sp, #52]
-#else
-	strd	r6, r7, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #24]
-	ldr	r5, [sp, #28]
-#else
-	ldrd	r4, r5, [sp, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #56]
-	ldr	r7, [sp, #60]
-#else
-	ldrd	r6, r7, [sp, #56]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
+	ldm	r3, {r4, r5}
+	ldm	r12, {r6, r7}
 	eor	r8, r4, r6
 	eor	r9, r5, r7
 	and	r8, r8, r1
@@ -4579,1093 +3666,68 @@ L_curve25519_bits:
 	eor	r5, r5, r9
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #24]
-	str	r5, [sp, #28]
-#else
-	strd	r4, r5, [sp, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #56]
-	str	r7, [sp, #60]
-#else
-	strd	r6, r7, [sp, #56]
-#endif
+	stm	r3!, {r4, r5}
+	stm	r12!, {r6, r7}
 	ldr	r1, [sp, #184]
 	str	r1, [sp, #172]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp]
-	ldr	r7, [sp, #4]
-#else
-	ldrd	r6, r7, [sp]
-#endif
-	adds	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #128]
-	str	r11, [sp, #132]
-#else
-	strd	r10, r11, [sp, #128]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #8]
-	ldr	r7, [sp, #12]
-#else
-	ldrd	r6, r7, [sp, #8]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #136]
-	str	r11, [sp, #140]
-#else
-	strd	r10, r11, [sp, #136]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #16]
-	ldr	r7, [sp, #20]
-#else
-	ldrd	r6, r7, [sp, #16]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #144]
-	str	r11, [sp, #148]
-#else
-	strd	r10, r11, [sp, #144]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #24]
-	ldr	r5, [r0, #28]
-#else
-	ldrd	r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #24]
-	ldr	r7, [sp, #28]
-#else
-	ldrd	r6, r7, [sp, #24]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r3, #-19
-	asr	r2, r9, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-	subs	r4, r4, r3
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-	sbcs	r8, r8, r2
-	sbc	r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r3, #-19
-	asr	r2, r11, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #128]
-	ldr	r5, [sp, #132]
-#else
-	ldrd	r4, r5, [sp, #128]
-#endif
-	adds	r4, r4, r3
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #128]
-	str	r5, [sp, #132]
-#else
-	strd	r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #136]
-	ldr	r5, [sp, #140]
-#else
-	ldrd	r4, r5, [sp, #136]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #136]
-	str	r5, [sp, #140]
-#else
-	strd	r4, r5, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #144]
-	ldr	r5, [sp, #148]
-#else
-	ldrd	r4, r5, [sp, #144]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #144]
-	str	r5, [sp, #148]
-#else
-	strd	r4, r5, [sp, #144]
-#endif
-	adcs	r10, r10, r2
-	adc	r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #152]
-	str	r11, [sp, #156]
-#else
-	strd	r10, r11, [sp, #152]
-#endif
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #64]
-	ldr	r5, [sp, #68]
-#else
-	ldrd	r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #32]
-	ldr	r7, [sp, #36]
-#else
-	ldrd	r6, r7, [sp, #32]
-#endif
-	adds	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp]
-	str	r9, [sp, #4]
-#else
-	strd	r8, r9, [sp]
-#endif
-	#  Sub
-	subs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #96]
-	str	r11, [sp, #100]
-#else
-	strd	r10, r11, [sp, #96]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #72]
-	ldr	r5, [sp, #76]
-#else
-	ldrd	r4, r5, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #40]
-	ldr	r7, [sp, #44]
-#else
-	ldrd	r6, r7, [sp, #40]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #8]
-	str	r9, [sp, #12]
-#else
-	strd	r8, r9, [sp, #8]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #104]
-	str	r11, [sp, #108]
-#else
-	strd	r10, r11, [sp, #104]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #80]
-	ldr	r5, [sp, #84]
-#else
-	ldrd	r4, r5, [sp, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #48]
-	ldr	r7, [sp, #52]
-#else
-	ldrd	r6, r7, [sp, #48]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #16]
-	str	r9, [sp, #20]
-#else
-	strd	r8, r9, [sp, #16]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #112]
-	str	r11, [sp, #116]
-#else
-	strd	r10, r11, [sp, #112]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #88]
-	ldr	r5, [sp, #92]
-#else
-	ldrd	r4, r5, [sp, #88]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #56]
-	ldr	r7, [sp, #60]
-#else
-	ldrd	r6, r7, [sp, #56]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r3, #-19
-	asr	r2, r9, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
-#else
-	ldrd	r4, r5, [sp]
-#endif
-	subs	r4, r4, r3
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp]
-	str	r5, [sp, #4]
-#else
-	strd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #8]
-	ldr	r5, [sp, #12]
-#else
-	ldrd	r4, r5, [sp, #8]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #8]
-	str	r5, [sp, #12]
-#else
-	strd	r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #16]
-	ldr	r5, [sp, #20]
-#else
-	ldrd	r4, r5, [sp, #16]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #16]
-	str	r5, [sp, #20]
-#else
-	strd	r4, r5, [sp, #16]
-#endif
-	sbcs	r8, r8, r2
-	sbc	r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #24]
-	str	r9, [sp, #28]
-#else
-	strd	r8, r9, [sp, #24]
-#endif
-	mov	r3, #-19
-	asr	r2, r11, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #96]
-	ldr	r5, [sp, #100]
-#else
-	ldrd	r4, r5, [sp, #96]
-#endif
-	adds	r4, r4, r3
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #96]
-	str	r5, [sp, #100]
-#else
-	strd	r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #104]
-	ldr	r5, [sp, #108]
-#else
-	ldrd	r4, r5, [sp, #104]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #104]
-	str	r5, [sp, #108]
-#else
-	strd	r4, r5, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #112]
-	ldr	r5, [sp, #116]
-#else
-	ldrd	r4, r5, [sp, #112]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #112]
-	str	r5, [sp, #116]
-#else
-	strd	r4, r5, [sp, #112]
-#endif
-	adcs	r10, r10, r2
-	adc	r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #120]
-	str	r11, [sp, #124]
-#else
-	strd	r10, r11, [sp, #120]
-#endif
+	mov	r3, sp
+	ldr	r2, [sp, #160]
+	add	r1, sp, #0x80
+	ldr	r0, [sp, #160]
+	bl	fe_add_sub_op
+	add	r3, sp, #32
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	mov	r0, sp
+	bl	fe_add_sub_op
 	ldr	r2, [sp, #160]
 	add	r1, sp, #0x60
 	add	r0, sp, #32
-	bl	fe_mul
+	bl	fe_mul_op
 	add	r2, sp, #0x80
-	add	r1, sp, #0
-	add	r0, sp, #0
-	bl	fe_mul
+	mov	r1, sp
+	mov	r0, sp
+	bl	fe_mul_op
 	add	r1, sp, #0x80
-	add	r0, sp, #0x60
-	bl	fe_sq
-	ldr	r1, [sp, #160]
 	add	r0, sp, #0x80
-	bl	fe_sq
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #32]
-	ldr	r5, [sp, #36]
-#else
-	ldrd	r4, r5, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp]
-	ldr	r7, [sp, #4]
-#else
-	ldrd	r6, r7, [sp]
-#endif
-	adds	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #64]
-	str	r9, [sp, #68]
-#else
-	strd	r8, r9, [sp, #64]
-#endif
-	#  Sub
-	subs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp]
-	str	r11, [sp, #4]
-#else
-	strd	r10, r11, [sp]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #40]
-	ldr	r5, [sp, #44]
-#else
-	ldrd	r4, r5, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #8]
-	ldr	r7, [sp, #12]
-#else
-	ldrd	r6, r7, [sp, #8]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #72]
-	str	r9, [sp, #76]
-#else
-	strd	r8, r9, [sp, #72]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #8]
-	str	r11, [sp, #12]
-#else
-	strd	r10, r11, [sp, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #48]
-	ldr	r5, [sp, #52]
-#else
-	ldrd	r4, r5, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #16]
-	ldr	r7, [sp, #20]
-#else
-	ldrd	r6, r7, [sp, #16]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	mov	r3, #0
-	adcs	r9, r5, r7
-	adc	r3, r3, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #80]
-	str	r9, [sp, #84]
-#else
-	strd	r8, r9, [sp, #80]
-#endif
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	mov	r12, #0
-	sbcs	r11, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #16]
-	str	r11, [sp, #20]
-#else
-	strd	r10, r11, [sp, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #56]
-	ldr	r5, [sp, #60]
-#else
-	ldrd	r4, r5, [sp, #56]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #24]
-	ldr	r7, [sp, #28]
-#else
-	ldrd	r6, r7, [sp, #24]
-#endif
-	adds	r3, r3, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	r12, r12, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r3, #-19
-	asr	r2, r9, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #64]
-	ldr	r5, [sp, #68]
-#else
-	ldrd	r4, r5, [sp, #64]
-#endif
-	subs	r4, r4, r3
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #64]
-	str	r5, [sp, #68]
-#else
-	strd	r4, r5, [sp, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #72]
-	ldr	r5, [sp, #76]
-#else
-	ldrd	r4, r5, [sp, #72]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #72]
-	str	r5, [sp, #76]
-#else
-	strd	r4, r5, [sp, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #80]
-	ldr	r5, [sp, #84]
-#else
-	ldrd	r4, r5, [sp, #80]
-#endif
-	sbcs	r4, r4, r2
-	sbcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #80]
-	str	r5, [sp, #84]
-#else
-	strd	r4, r5, [sp, #80]
-#endif
-	sbcs	r8, r8, r2
-	sbc	r9, r9, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #88]
-	str	r9, [sp, #92]
-#else
-	strd	r8, r9, [sp, #88]
-#endif
-	mov	r3, #-19
-	asr	r2, r11, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp]
-	ldr	r5, [sp, #4]
-#else
-	ldrd	r4, r5, [sp]
-#endif
-	adds	r4, r4, r3
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp]
-	str	r5, [sp, #4]
-#else
-	strd	r4, r5, [sp]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #8]
-	ldr	r5, [sp, #12]
-#else
-	ldrd	r4, r5, [sp, #8]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #8]
-	str	r5, [sp, #12]
-#else
-	strd	r4, r5, [sp, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #16]
-	ldr	r5, [sp, #20]
-#else
-	ldrd	r4, r5, [sp, #16]
-#endif
-	adcs	r4, r4, r2
-	adcs	r5, r5, r2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #16]
-	str	r5, [sp, #20]
-#else
-	strd	r4, r5, [sp, #16]
-#endif
-	adcs	r10, r10, r2
-	adc	r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #24]
-	str	r11, [sp, #28]
-#else
-	strd	r10, r11, [sp, #24]
-#endif
-	add	r2, sp, #0x60
-	add	r1, sp, #0x80
+	bl	fe_sq_op
+	ldr	r1, [sp, #160]
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r3, sp
+	add	r2, sp, #32
+	mov	r1, sp
+	add	r0, sp, #0x40
+	bl	fe_add_sub_op
+	add	r2, sp, #0x80
+	add	r1, sp, #0x60
 	ldr	r0, [sp, #160]
-	bl	fe_mul
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #128]
-	ldr	r5, [sp, #132]
-#else
-	ldrd	r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #136]
-	ldr	r7, [sp, #140]
-#else
-	ldrd	r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #96]
-	ldr	r9, [sp, #100]
-#else
-	ldrd	r8, r9, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #104]
-	ldr	r11, [sp, #108]
-#else
-	ldrd	r10, r11, [sp, #104]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #128]
-	str	r9, [sp, #132]
-#else
-	strd	r8, r9, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #136]
-	str	r11, [sp, #140]
-#else
-	strd	r10, r11, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #144]
-	ldr	r5, [sp, #148]
-#else
-	ldrd	r4, r5, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #152]
-	ldr	r7, [sp, #156]
-#else
-	ldrd	r6, r7, [sp, #152]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #112]
-	ldr	r9, [sp, #116]
-#else
-	ldrd	r8, r9, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #120]
-	ldr	r11, [sp, #124]
-#else
-	ldrd	r10, r11, [sp, #120]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r3, #-19
-	asr	r2, r11, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #128]
-	ldr	r5, [sp, #132]
-#else
-	ldrd	r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #136]
-	ldr	r7, [sp, #140]
-#else
-	ldrd	r6, r7, [sp, #136]
-#endif
-	adds	r4, r4, r3
-	adcs	r5, r5, r2
-	adcs	r6, r6, r2
-	adcs	r7, r7, r2
-	adcs	r8, r8, r2
-	adcs	r9, r9, r2
-	adcs	r10, r10, r2
-	adc	r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #128]
-	str	r5, [sp, #132]
-#else
-	strd	r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #136]
-	str	r7, [sp, #140]
-#else
-	strd	r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #144]
-	str	r9, [sp, #148]
-#else
-	strd	r8, r9, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #152]
-	str	r11, [sp, #156]
-#else
-	strd	r10, r11, [sp, #152]
-#endif
-	add	r1, sp, #0
-	add	r0, sp, #0
-	bl	fe_sq
-	# Multiply by 121666
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #128]
-	ldr	r5, [sp, #132]
-#else
-	ldrd	r4, r5, [sp, #128]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #136]
-	ldr	r7, [sp, #140]
-#else
-	ldrd	r6, r7, [sp, #136]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #144]
-	ldr	r9, [sp, #148]
-#else
-	ldrd	r8, r9, [sp, #144]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #152]
-	ldr	r11, [sp, #156]
-#else
-	ldrd	r10, r11, [sp, #152]
-#endif
-	movw	r12, #0xdb42
-	movt	r12, #1
-	umull	r4, r2, r4, r12
-	umull	r5, r3, r5, r12
-	adds	r5, r5, r2
-	adc	r2, r3, #0
-	umull	r6, r3, r6, r12
-	adds	r6, r6, r2
-	adc	r2, r3, #0
-	umull	r7, r3, r7, r12
-	adds	r7, r7, r2
-	adc	r2, r3, #0
-	umull	r8, r3, r8, r12
-	adds	r8, r8, r2
-	adc	r2, r3, #0
-	umull	r9, r3, r9, r12
-	adds	r9, r9, r2
-	adc	r2, r3, #0
-	umull	r10, r3, r10, r12
-	adds	r10, r10, r2
-	adc	r2, r3, #0
-	umull	r11, r3, r11, r12
-	adds	r11, r11, r2
-	adc	r2, r3, #0
-	mov	r12, #19
-	lsl	r2, r2, #1
-	orr	r2, r2, r11, lsr #31
-	mul	r2, r2, r12
-	and	r11, r11, #0x7fffffff
-	adds	r4, r4, r2
-	adcs	r5, r5, #0
-	adcs	r6, r6, #0
-	adcs	r7, r7, #0
-	adcs	r8, r8, #0
-	adcs	r9, r9, #0
-	adcs	r10, r10, #0
-	adc	r11, r11, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #32]
-	str	r5, [sp, #36]
-#else
-	strd	r4, r5, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #40]
-	str	r7, [sp, #44]
-#else
-	strd	r6, r7, [sp, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #48]
-	str	r9, [sp, #52]
-#else
-	strd	r8, r9, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #56]
-	str	r11, [sp, #60]
-#else
-	strd	r10, r11, [sp, #56]
-#endif
+	bl	fe_mul_op
+	add	r2, sp, #0x80
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	bl	fe_sub_op
+	mov	r1, sp
+	mov	r0, sp
+	bl	fe_sq_op
+	add	r1, sp, #0x60
+	add	r0, sp, #32
+	bl	fe_mul121666
 	add	r1, sp, #0x40
 	add	r0, sp, #0x40
-	bl	fe_sq
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #96]
-	ldr	r5, [sp, #100]
-#else
-	ldrd	r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #104]
-	ldr	r7, [sp, #108]
-#else
-	ldrd	r6, r7, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #32]
-	ldr	r9, [sp, #36]
-#else
-	ldrd	r8, r9, [sp, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #40]
-	ldr	r11, [sp, #44]
-#else
-	ldrd	r10, r11, [sp, #40]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #96]
-	str	r9, [sp, #100]
-#else
-	strd	r8, r9, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #104]
-	str	r11, [sp, #108]
-#else
-	strd	r10, r11, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #112]
-	ldr	r5, [sp, #116]
-#else
-	ldrd	r4, r5, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #120]
-	ldr	r7, [sp, #124]
-#else
-	ldrd	r6, r7, [sp, #120]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [sp, #48]
-	ldr	r9, [sp, #52]
-#else
-	ldrd	r8, r9, [sp, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [sp, #56]
-	ldr	r11, [sp, #60]
-#else
-	ldrd	r10, r11, [sp, #56]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r3, #-19
-	asr	r2, r11, #31
-	#   Mask the modulus
-	and	r3, r2, r3
-	and	r12, r2, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [sp, #96]
-	ldr	r5, [sp, #100]
-#else
-	ldrd	r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [sp, #104]
-	ldr	r7, [sp, #108]
-#else
-	ldrd	r6, r7, [sp, #104]
-#endif
-	subs	r4, r4, r3
-	sbcs	r5, r5, r2
-	sbcs	r6, r6, r2
-	sbcs	r7, r7, r2
-	sbcs	r8, r8, r2
-	sbcs	r9, r9, r2
-	sbcs	r10, r10, r2
-	sbc	r11, r11, r12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [sp, #96]
-	str	r5, [sp, #100]
-#else
-	strd	r4, r5, [sp, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [sp, #104]
-	str	r7, [sp, #108]
-#else
-	strd	r6, r7, [sp, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [sp, #112]
-	str	r9, [sp, #116]
-#else
-	strd	r8, r9, [sp, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [sp, #120]
-	str	r11, [sp, #124]
-#else
-	strd	r10, r11, [sp, #120]
-#endif
-	add	r2, sp, #0
+	bl	fe_sq_op
+	add	r2, sp, #32
+	add	r1, sp, #0x80
+	add	r0, sp, #0x80
+	bl	fe_add_op
+	mov	r2, sp
 	ldr	r1, [sp, #168]
 	add	r0, sp, #32
-	bl	fe_mul
-	add	r2, sp, #0x60
-	add	r1, sp, #0x80
-	add	r0, sp, #0
-	bl	fe_mul
+	bl	fe_mul_op
+	add	r2, sp, #0x80
+	add	r1, sp, #0x60
+	mov	r0, sp
+	bl	fe_mul_op
 	ldr	r2, [sp, #176]
 	ldr	r1, [sp, #180]
 	subs	r1, r1, #1
@@ -5677,1524 +3739,1570 @@ L_curve25519_bits:
 	str	r2, [sp, #176]
 	bge	L_curve25519_words
 	# Invert
-	add	r0, sp, #32
 	add	r1, sp, #0
-	bl	fe_sq
-	add	r0, sp, #0x40
+	add	r0, sp, #32
+	bl	fe_sq_op
 	add	r1, sp, #32
-	bl	fe_sq
 	add	r0, sp, #0x40
+	bl	fe_sq_op
 	add	r1, sp, #0x40
-	bl	fe_sq
 	add	r0, sp, #0x40
+	bl	fe_sq_op
+	add	r2, sp, #0x40
 	add	r1, sp, #0
+	add	r0, sp, #0x40
+	bl	fe_mul_op
 	add	r2, sp, #0x40
-	bl	fe_mul
+	add	r1, sp, #32
 	add	r0, sp, #32
+	bl	fe_mul_op
 	add	r1, sp, #32
-	add	r2, sp, #0x40
-	bl	fe_mul
 	add	r0, sp, #0x60
-	add	r1, sp, #32
-	bl	fe_sq
+	bl	fe_sq_op
+	add	r2, sp, #0x60
+	add	r1, sp, #0x40
 	add	r0, sp, #0x40
+	bl	fe_mul_op
 	add	r1, sp, #0x40
-	add	r2, sp, #0x60
-	bl	fe_mul
 	add	r0, sp, #0x60
-	add	r1, sp, #0x40
-	bl	fe_sq
-	mov	r4, #4
+	bl	fe_sq_op
+	mov	r12, #4
 L_curve25519_inv_1:
-	add	r0, sp, #0x60
 	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_curve25519_inv_1
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
 	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #9
+L_curve25519_inv_2:
 	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_2
 	add	r2, sp, #0x40
-	bl	fe_mul
+	add	r1, sp, #0x60
 	add	r0, sp, #0x60
-	add	r1, sp, #0x40
-	bl	fe_sq
-	mov	r4, #9
-L_curve25519_inv_2:
+	bl	fe_mul_op
+	add	r1, sp, #0x60
+	add	r0, sp, #0x80
+	bl	fe_sq_op
+	mov	r12, #19
+L_curve25519_inv_3:
+	add	r1, sp, #0x80
+	add	r0, sp, #0x80
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_3
+	add	r2, sp, #0x60
+	add	r1, sp, #0x80
 	add	r0, sp, #0x60
+	bl	fe_mul_op
+	mov	r12, #10
+L_curve25519_inv_4:
 	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_curve25519_inv_2
 	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_4
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #49
+L_curve25519_inv_5:
 	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_5
 	add	r2, sp, #0x40
-	bl	fe_mul
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	bl	fe_mul_op
+	add	r1, sp, #0x60
 	add	r0, sp, #0x80
+	bl	fe_sq_op
+	mov	r12, #0x63
+L_curve25519_inv_6:
+	add	r1, sp, #0x80
+	add	r0, sp, #0x80
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_6
+	add	r2, sp, #0x60
+	add	r1, sp, #0x80
+	add	r0, sp, #0x60
+	bl	fe_mul_op
+	mov	r12, #50
+L_curve25519_inv_7:
 	add	r1, sp, #0x60
-	bl	fe_sq
-	mov	r4, #19
-L_curve25519_inv_3:
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_7
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	mov	r12, #5
+L_curve25519_inv_8:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_8
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #0
+	bl	fe_mul_op
+	mov	r2, sp
+	ldr	r1, [sp, #160]
+	ldr	r0, [sp, #160]
+	bl	fe_mul_op
+	mov	r0, #0
+	add	sp, sp, #0xbc
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	curve25519,.-curve25519
+#else
+	.text
+	.align	4
+	.globl	curve25519
+	.type	curve25519, %function
+curve25519:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #0xc0
+	str	r0, [sp, #176]
+	str	r1, [sp, #160]
+	str	r2, [sp, #172]
+	add	r5, sp, #0x40
+	add	r4, sp, #32
+	str	sp, [sp, #184]
+	str	r5, [sp, #180]
+	str	r4, [sp, #188]
+	mov	r1, #0
+	str	r1, [sp, #164]
+	mov	r4, #1
+	mov	r5, #0
+	mov	r6, #0
+	mov	r7, #0
+	mov	r8, #0
+	mov	r9, #0
+	mov	r10, #0
+	mov	r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	add	r3, sp, #32
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	mov	r4, #0
+	mov	r3, sp
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	add	r3, sp, #0x40
+	# Copy
+	ldm	r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+	stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	mov	r2, #0xfe
+L_curve25519_bits:
+	str	r2, [sp, #168]
+	ldr	r1, [sp, #160]
+	and	r4, r2, #31
+	lsr	r2, r2, #5
+	ldr	r2, [r1, r2, lsl #2]
+	rsb	r4, r4, #31
+	lsl	r2, r2, r4
+	ldr	r1, [sp, #164]
+	eor	r1, r1, r2
+	asr	r1, r1, #31
+	str	r2, [sp, #164]
+	# Conditional Swap
+	add	r11, sp, #0xb0
+	ldm	r11, {r4, r5, r6, r7}
+	eor	r8, r4, r5
+	eor	r9, r6, r7
+	and	r8, r8, r1
+	and	r9, r9, r1
+	eor	r4, r4, r8
+	eor	r5, r5, r8
+	eor	r6, r6, r9
+	eor	r7, r7, r9
+	stm	r11, {r4, r5, r6, r7}
+	# Ladder step
+	ldr	r3, [sp, #184]
+	ldr	r2, [sp, #176]
+	add	r1, sp, #0x80
+	ldr	r0, [sp, #176]
+	bl	fe_add_sub_op
+	ldr	r3, [sp, #188]
+	ldr	r2, [sp, #180]
+	add	r1, sp, #0x60
+	ldr	r0, [sp, #184]
+	bl	fe_add_sub_op
+	ldr	r2, [sp, #176]
+	add	r1, sp, #0x60
+	ldr	r0, [sp, #188]
+	bl	fe_mul_op
+	add	r2, sp, #0x80
+	ldr	r1, [sp, #184]
+	ldr	r0, [sp, #184]
+	bl	fe_mul_op
+	add	r1, sp, #0x80
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	ldr	r1, [sp, #176]
 	add	r0, sp, #0x80
+	bl	fe_sq_op
+	ldr	r3, [sp, #184]
+	ldr	r2, [sp, #188]
+	ldr	r1, [sp, #184]
+	ldr	r0, [sp, #180]
+	bl	fe_add_sub_op
+	add	r2, sp, #0x60
 	add	r1, sp, #0x80
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_curve25519_inv_3
+	ldr	r0, [sp, #176]
+	bl	fe_mul_op
+	add	r2, sp, #0x60
+	add	r1, sp, #0x80
+	add	r0, sp, #0x80
+	bl	fe_sub_op
+	ldr	r1, [sp, #184]
+	ldr	r0, [sp, #184]
+	bl	fe_sq_op
+	add	r1, sp, #0x80
+	ldr	r0, [sp, #188]
+	bl	fe_mul121666
+	ldr	r1, [sp, #180]
+	ldr	r0, [sp, #180]
+	bl	fe_sq_op
+	ldr	r2, [sp, #188]
+	add	r1, sp, #0x60
 	add	r0, sp, #0x60
+	bl	fe_add_op
+	ldr	r2, [sp, #184]
+	ldr	r1, [sp, #172]
+	ldr	r0, [sp, #188]
+	bl	fe_mul_op
+	add	r2, sp, #0x60
 	add	r1, sp, #0x80
+	ldr	r0, [sp, #184]
+	bl	fe_mul_op
+	ldr	r2, [sp, #168]
+	subs	r2, r2, #1
+	bge	L_curve25519_bits
+	ldr	r1, [sp, #184]
+	# Copy
+	ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	stm	sp, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Invert
+	add	r1, sp, #0
+	add	r0, sp, #32
+	bl	fe_sq_op
+	add	r1, sp, #32
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	add	r2, sp, #0x40
+	add	r1, sp, #0
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r2, sp, #0x40
+	add	r1, sp, #32
+	add	r0, sp, #32
+	bl	fe_mul_op
+	add	r1, sp, #32
+	add	r0, sp, #0x60
+	bl	fe_sq_op
 	add	r2, sp, #0x60
-	bl	fe_mul
-	mov	r4, #10
-L_curve25519_inv_4:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
 	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #4
+L_curve25519_inv_1:
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_1
+	add	r2, sp, #0x40
 	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
-	bne	L_curve25519_inv_4
 	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #9
+L_curve25519_inv_2:
 	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_2
 	add	r2, sp, #0x40
-	bl	fe_mul
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	bl	fe_mul_op
+	add	r1, sp, #0x60
+	add	r0, sp, #0x80
+	bl	fe_sq_op
+	mov	r12, #19
+L_curve25519_inv_3:
+	add	r1, sp, #0x80
+	add	r0, sp, #0x80
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_3
+	add	r2, sp, #0x60
+	add	r1, sp, #0x80
+	add	r0, sp, #0x60
+	bl	fe_mul_op
+	mov	r12, #10
+L_curve25519_inv_4:
+	add	r1, sp, #0x60
 	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_curve25519_inv_4
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	add	r0, sp, #0x40
+	bl	fe_mul_op
 	add	r1, sp, #0x40
-	bl	fe_sq
-	mov	r4, #49
-L_curve25519_inv_5:
 	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #49
+L_curve25519_inv_5:
 	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_curve25519_inv_5
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
 	add	r0, sp, #0x60
+	bl	fe_mul_op
 	add	r1, sp, #0x60
-	add	r2, sp, #0x40
-	bl	fe_mul
 	add	r0, sp, #0x80
-	add	r1, sp, #0x60
-	bl	fe_sq
-	mov	r4, #0x63
+	bl	fe_sq_op
+	mov	r12, #0x63
 L_curve25519_inv_6:
-	add	r0, sp, #0x80
 	add	r1, sp, #0x80
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x80
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_curve25519_inv_6
-	add	r0, sp, #0x60
-	add	r1, sp, #0x80
 	add	r2, sp, #0x60
-	bl	fe_mul
-	mov	r4, #50
-L_curve25519_inv_7:
+	add	r1, sp, #0x80
 	add	r0, sp, #0x60
+	bl	fe_mul_op
+	mov	r12, #50
+L_curve25519_inv_7:
 	add	r1, sp, #0x60
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_curve25519_inv_7
-	add	r0, sp, #0x40
-	add	r1, sp, #0x60
 	add	r2, sp, #0x40
-	bl	fe_mul
-	mov	r4, #5
-L_curve25519_inv_8:
+	add	r1, sp, #0x60
 	add	r0, sp, #0x40
+	bl	fe_mul_op
+	mov	r12, #5
+L_curve25519_inv_8:
 	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_curve25519_inv_8
-	add	r0, sp, #0
-	add	r1, sp, #0x40
 	add	r2, sp, #32
-	bl	fe_mul
-	add	r2, sp, #0
-	ldr	r1, [sp, #160]
-	ldr	r0, [sp, #160]
-	bl	fe_mul
+	add	r1, sp, #0x40
+	add	r0, sp, #0
+	bl	fe_mul_op
+	ldr	r2, [sp, #184]
+	ldr	r1, [sp, #176]
+	ldr	r0, [sp, #176]
+	bl	fe_mul_op
+	# Ensure result is less than modulus
+	ldr	r0, [sp, #176]
+	ldm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	mov	r2, #19
+	and	r2, r2, r11, asr #31
+	adds	r4, r4, r2
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
+#else
+	bfc	r11, #31, #1
+#endif
+	adcs	r10, r10, #0
+	adc	r11, r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
 	mov	r0, #0
-	add	sp, sp, #0xbc
+	add	sp, sp, #0xc0
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	curve25519,.-curve25519
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+	.text
+	.align	4
+	.globl	fe_invert
+	.type	fe_invert, %function
+fe_invert:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #0x88
+	# Invert
+	str	r0, [sp, #128]
+	str	r1, [sp, #132]
+	ldr	r1, [sp, #132]
+	mov	r0, sp
+	bl	fe_sq_op
+	mov	r1, sp
+	add	r0, sp, #32
+	bl	fe_sq_op
+	add	r1, sp, #32
+	add	r0, sp, #32
+	bl	fe_sq_op
+	add	r2, sp, #32
+	ldr	r1, [sp, #132]
+	add	r0, sp, #32
+	bl	fe_mul_op
+	add	r2, sp, #32
+	mov	r1, sp
+	mov	r0, sp
+	bl	fe_mul_op
+	mov	r1, sp
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	add	r2, sp, #0x40
+	add	r1, sp, #32
+	add	r0, sp, #32
+	bl	fe_mul_op
+	add	r1, sp, #32
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	mov	r12, #4
+L_fe_invert1:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert1
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #32
+	bl	fe_mul_op
+	add	r1, sp, #32
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	mov	r12, #9
+L_fe_invert2:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert2
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #19
+L_fe_invert3:
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert3
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	mov	r12, #10
+L_fe_invert4:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert4
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #32
+	bl	fe_mul_op
+	add	r1, sp, #32
+	add	r0, sp, #0x40
+	bl	fe_sq_op
+	mov	r12, #49
+L_fe_invert5:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert5
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	add	r1, sp, #0x40
+	add	r0, sp, #0x60
+	bl	fe_sq_op
+	mov	r12, #0x63
+L_fe_invert6:
+	add	r1, sp, #0x60
+	add	r0, sp, #0x60
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert6
+	add	r2, sp, #0x40
+	add	r1, sp, #0x60
+	add	r0, sp, #0x40
+	bl	fe_mul_op
+	mov	r12, #50
+L_fe_invert7:
+	add	r1, sp, #0x40
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert7
+	add	r2, sp, #32
+	add	r1, sp, #0x40
+	add	r0, sp, #32
+	bl	fe_mul_op
+	mov	r12, #5
+L_fe_invert8:
+	add	r1, sp, #32
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
+	bne	L_fe_invert8
+	mov	r2, sp
+	add	r1, sp, #32
+	ldr	r0, [sp, #128]
+	bl	fe_mul_op
+	ldr	r1, [sp, #132]
+	ldr	r0, [sp, #128]
+	add	sp, sp, #0x88
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	fe_invert,.-fe_invert
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	.text
+	.align	4
+	.globl	fe_sq2
+	.type	fe_sq2, %function
+fe_sq2:
+	push	{lr}
+	sub	sp, sp, #0x44
+	str	r0, [sp, #64]
+	# Square * 2
+	mov	r0, #0
+	ldr	r12, [r1]
+	# A[0] * A[1]
+	ldr	lr, [r1, #4]
+	umull	r4, r5, r12, lr
+	# A[0] * A[3]
+	ldr	lr, [r1, #12]
+	umull	r6, r7, r12, lr
+	# A[0] * A[5]
+	ldr	lr, [r1, #20]
+	umull	r8, r9, r12, lr
+	# A[0] * A[7]
+	ldr	lr, [r1, #28]
+	umull	r10, r3, r12, lr
+	# A[0] * A[2]
+	ldr	lr, [r1, #8]
+	mov	r11, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[0] * A[4]
+	ldr	lr, [r1, #16]
+	adcs	r7, r7, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[0] * A[6]
+	ldr	lr, [r1, #24]
+	adcs	r9, r9, #0
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	adcs	r3, r3, #0
+	str	r4, [sp, #4]
+	str	r5, [sp, #8]
+	# A[1] * A[2]
+	ldr	r12, [r1, #4]
+	ldr	lr, [r1, #8]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	str	r6, [sp, #12]
+	adds	r7, r7, r11
+	# A[1] * A[3]
+	ldr	lr, [r1, #12]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	str	r7, [sp, #16]
+	adds	r8, r8, r11
+	# A[1] * A[4]
+	ldr	lr, [r1, #16]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[1] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[1] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[1] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r4, r0, #0
+	umlal	r3, r4, r12, lr
+	# A[2] * A[3]
+	ldr	r12, [r1, #8]
+	ldr	lr, [r1, #12]
+	mov	r11, #0
+	umlal	r8, r11, r12, lr
+	str	r8, [sp, #20]
+	adds	r9, r9, r11
+	# A[2] * A[4]
+	ldr	lr, [r1, #16]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	str	r9, [sp, #24]
+	adds	r10, r10, r11
+	# A[2] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[2] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[2] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r5, r0, #0
+	umlal	r4, r5, r12, lr
+	# A[3] * A[4]
+	ldr	r12, [r1, #12]
+	ldr	lr, [r1, #16]
+	mov	r11, #0
+	umlal	r10, r11, r12, lr
+	str	r10, [sp, #28]
+	adds	r3, r3, r11
+	# A[3] * A[5]
+	ldr	lr, [r1, #20]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[3] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[3] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r6, r0, #0
+	umlal	r5, r6, r12, lr
+	# A[4] * A[5]
+	ldr	r12, [r1, #16]
+	ldr	lr, [r1, #20]
+	mov	r11, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[4] * A[6]
+	ldr	lr, [r1, #24]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[4] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r7, r0, #0
+	umlal	r6, r7, r12, lr
+	# A[5] * A[6]
+	ldr	r12, [r1, #20]
+	ldr	lr, [r1, #24]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[5] * A[7]
+	ldr	lr, [r1, #28]
+	adc	r8, r0, #0
+	umlal	r7, r8, r12, lr
+	# A[6] * A[7]
+	ldr	r12, [r1, #24]
+	ldr	lr, [r1, #28]
+	mov	r9, #0
+	umlal	r8, r9, r12, lr
+	add	lr, sp, #32
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9}
+	add	lr, sp, #4
+	ldm	lr, {r4, r5, r6, r7, r8, r9, r10}
+	adds	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adcs	r10, r10, r10
+	stm	lr!, {r4, r5, r6, r7, r8, r9, r10}
+	ldm	lr, {r3, r4, r5, r6, r7, r8, r9}
+	adcs	r3, r3, r3
+	adcs	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adc	r10, r0, #0
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	add	lr, sp, #4
+	ldm	lr, {r4, r5, r6, r7, r8, r9, r10}
+	mov	lr, sp
+	# A[0] * A[0]
+	ldr	r12, [r1]
+	umull	r3, r11, r12, r12
+	adds	r4, r4, r11
+	# A[1] * A[1]
+	ldr	r12, [r1, #4]
+	adcs	r5, r5, #0
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, r12
+	adds	r6, r6, r11
+	# A[2] * A[2]
+	ldr	r12, [r1, #8]
+	adcs	r7, r7, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, r12
+	adds	r8, r8, r11
+	# A[3] * A[3]
+	ldr	r12, [r1, #12]
+	adcs	r9, r9, #0
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, r12
+	adds	r10, r10, r11
+	stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+	ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	# A[4] * A[4]
+	ldr	r12, [r1, #16]
+	adcs	r3, r3, #0
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, r12
+	adds	r4, r4, r11
+	# A[5] * A[5]
+	ldr	r12, [r1, #20]
+	adcs	r5, r5, #0
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, r12
+	adds	r6, r6, r11
+	# A[6] * A[6]
+	ldr	r12, [r1, #24]
+	adcs	r7, r7, #0
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, r12
+	adds	r8, r8, r11
+	# A[7] * A[7]
+	ldr	r12, [r1, #28]
+	adcs	r9, r9, #0
+	adc	r10, r10, #0
+	umlal	r9, r10, r12, r12
+	# Reduce
+	ldr	r2, [sp, #28]
+	mov	lr, sp
+	mov	r12, #38
+	umull	r10, r11, r12, r10
+	adds	r10, r10, r2
+	adc	r11, r11, #0
+	mov	r12, #19
+	lsl	r11, r11, #1
+	orr	r11, r11, r10, LSR #31
+	mul	r11, r12, r11
+	ldm	lr!, {r1, r2}
+	mov	r12, #38
+	adds	r1, r1, r11
+	adc	r11, r0, #0
+	umlal	r1, r11, r3, r12
+	adds	r2, r2, r11
+	adc	r11, r0, #0
+	umlal	r2, r11, r4, r12
+	ldm	lr!, {r3, r4}
+	adds	r3, r3, r11
+	adc	r11, r0, #0
+	umlal	r3, r11, r5, r12
+	adds	r4, r4, r11
+	adc	r11, r0, #0
+	umlal	r4, r11, r6, r12
+	ldm	lr!, {r5, r6}
+	adds	r5, r5, r11
+	adc	r11, r0, #0
+	umlal	r5, r11, r7, r12
+	adds	r6, r6, r11
+	adc	r11, r0, #0
+	umlal	r6, r11, r8, r12
+	ldm	lr!, {r7, r8}
+	adds	r7, r7, r11
+	adc	r11, r0, #0
+	umlal	r7, r11, r9, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r10, r10, #0x80000000
+#else
+	bfc	r10, #31, #1
+#endif
+	adds	r8, r10, r11
+	# Reduce if top bit set
+	mov	r12, #19
+	and	r11, r12, r8, ASR #31
+	adds	r1, r1, r11
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r8, r8, #0x80000000
+#else
+	bfc	r8, #31, #1
+#endif
+	adcs	r7, r7, #0
+	adc	r8, r8, #0
+	# Double
+	adds	r1, r1, r1
+	adcs	r2, r2, r2
+	adcs	r3, r3, r3
+	adcs	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adc	r8, r8, r8
+	# Reduce if top bit set
+	mov	r12, #19
+	and	r11, r12, r8, ASR #31
+	adds	r1, r1, r11
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r8, r8, #0x80000000
+#else
+	bfc	r8, #31, #1
+#endif
+	adcs	r7, r7, #0
+	adc	r8, r8, #0
+	# Store
+	ldr	r0, [sp, #64]
+	stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	add	sp, sp, #0x44
+	pop	{pc}
+	.size	fe_sq2,.-fe_sq2
+#else
+	.text
+	.align	4
+	.globl	fe_sq2
+	.type	fe_sq2, %function
+fe_sq2:
+	push	{lr}
+	sub	sp, sp, #36
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r0, [sp, #28]
+	str	r1, [sp, #32]
+#else
+	strd	r0, r1, [sp, #28]
+#endif
+	ldm	r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+	# Square * 2
+	umull	r9, r10, r0, r0
+	umull	r11, r12, r0, r1
+	adds	r11, r11, r11
+	mov	lr, #0
+	umaal	r10, r11, lr, lr
+	stm	sp, {r9, r10}
+	mov	r8, lr
+	umaal	r8, r12, r0, r2
+	adcs	r8, r8, r8
+	umaal	r8, r11, r1, r1
+	umull	r9, r10, r0, r3
+	umaal	r9, r12, r1, r2
+	adcs	r9, r9, r9
+	umaal	r9, r11, lr, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r8, [sp, #8]
+	str	r9, [sp, #12]
+#else
+	strd	r8, r9, [sp, #8]
+#endif
+	mov	r9, lr
+	umaal	r9, r10, r0, r4
+	umaal	r9, r12, r1, r3
+	adcs	r9, r9, r9
+	umaal	r9, r11, r2, r2
+	str	r9, [sp, #16]
+	umull	r9, r8, r0, r5
+	umaal	r9, r12, r1, r4
+	umaal	r9, r10, r2, r3
+	adcs	r9, r9, r9
+	umaal	r9, r11, lr, lr
+	str	r9, [sp, #20]
+	mov	r9, lr
+	umaal	r9, r8, r0, r6
+	umaal	r9, r12, r1, r5
+	umaal	r9, r10, r2, r4
+	adcs	r9, r9, r9
+	umaal	r9, r11, r3, r3
+	str	r9, [sp, #24]
+	umull	r0, r9, r0, r7
+	umaal	r0, r8, r1, r6
+	umaal	r0, r12, r2, r5
+	umaal	r0, r10, r3, r4
+	adcs	r0, r0, r0
+	umaal	r0, r11, lr, lr
+	# R[7] = r0
+	umaal	r9, r8, r1, r7
+	umaal	r9, r10, r2, r6
+	umaal	r12, r9, r3, r5
+	adcs	r12, r12, r12
+	umaal	r12, r11, r4, r4
+	# R[8] = r12
+	umaal	r9, r8, r2, r7
+	umaal	r10, r9, r3, r6
+	mov	r2, lr
+	umaal	r10, r2, r4, r5
+	adcs	r10, r10, r10
+	umaal	r11, r10, lr, lr
+	# R[9] = r11
+	umaal	r2, r8, r3, r7
+	umaal	r2, r9, r4, r6
+	adcs	r3, r2, r2
+	umaal	r10, r3, r5, r5
+	# R[10] = r10
+	mov	r1, lr
+	umaal	r1, r8, r4, r7
+	umaal	r1, r9, r5, r6
+	adcs	r4, r1, r1
+	umaal	r3, r4, lr, lr
+	# R[11] = r3
+	umaal	r8, r9, r5, r7
+	adcs	r8, r8, r8
+	umaal	r4, r8, r6, r6
+	# R[12] = r4
+	mov	r5, lr
+	umaal	r5, r9, r6, r7
+	adcs	r5, r5, r5
+	umaal	r8, r5, lr, lr
+	# R[13] = r8
+	adcs	r9, r9, r9
+	umaal	r9, r5, r7, r7
+	adcs	r7, r5, lr
+	# R[14] = r9
+	# R[15] = r7
+	# Reduce
+	mov	r6, #37
+	umaal	r7, r0, r7, r6
+	mov	r6, #19
+	lsl	r0, r0, #1
+	orr	r0, r0, r7, lsr #31
+	mul	lr, r0, r6
+	pop	{r0, r1}
+	mov	r6, #38
+	umaal	r0, lr, r12, r6
+	umaal	r1, lr, r11, r6
+	mov	r12, r3
+	mov	r11, r4
+	pop	{r2, r3, r4}
+	umaal	r2, lr, r10, r6
+	umaal	r3, lr, r12, r6
+	umaal	r4, lr, r11, r6
+	mov	r12, r6
+	pop	{r5, r6}
+	umaal	r5, lr, r8, r12
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r7, r7, #0x80000000
+#else
+	bfc	r7, #31, #1
+#endif
+	umaal	r6, lr, r9, r12
+	add	r7, r7, lr
+	# Reduce if top bit set
+	mov	r11, #19
+	and	r12, r11, r7, ASR #31
+	adds	r0, r0, r12
+	adcs	r1, r1, #0
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r7, r7, #0x80000000
+#else
+	bfc	r7, #31, #1
+#endif
+	adcs	r6, r6, #0
+	adc	r7, r7, #0
+	# Double
+	adds	r0, r0, r0
+	adcs	r1, r1, r1
+	adcs	r2, r2, r2
+	adcs	r3, r3, r3
+	adcs	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adc	r7, r7, r7
+	# Reduce if top bit set
+	mov	r11, #19
+	and	r12, r11, r7, ASR #31
+	adds	r0, r0, r12
+	adcs	r1, r1, #0
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r7, r7, #0x80000000
+#else
+	bfc	r7, #31, #1
+#endif
+	adcs	r6, r6, #0
+	adc	r7, r7, #0
+	pop	{r12, lr}
+	# Store
+	stm	r12, {r0, r1, r2, r3, r4, r5, r6, r7}
+	mov	r0, r12
+	mov	r1, lr
+	pop	{pc}
+	.size	fe_sq2,.-fe_sq2
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	.text
 	.align	4
 	.globl	fe_pow22523
 	.type	fe_pow22523, %function
 fe_pow22523:
-	push	{r4, lr}
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
 	sub	sp, sp, #0x68
 	# pow22523
 	str	r0, [sp, #96]
 	str	r1, [sp, #100]
-	mov	r0, sp
 	ldr	r1, [sp, #100]
-	bl	fe_sq
-	add	r0, sp, #32
+	mov	r0, sp
+	bl	fe_sq_op
 	mov	r1, sp
-	bl	fe_sq
 	add	r0, sp, #32
+	bl	fe_sq_op
 	add	r1, sp, #32
-	bl	fe_sq
 	add	r0, sp, #32
+	bl	fe_sq_op
+	add	r2, sp, #32
 	ldr	r1, [sp, #100]
+	add	r0, sp, #32
+	bl	fe_mul_op
 	add	r2, sp, #32
-	bl	fe_mul
-	mov	r0, sp
 	mov	r1, sp
-	add	r2, sp, #32
-	bl	fe_mul
 	mov	r0, sp
+	bl	fe_mul_op
 	mov	r1, sp
-	bl	fe_sq
 	mov	r0, sp
-	add	r1, sp, #32
+	bl	fe_sq_op
 	mov	r2, sp
-	bl	fe_mul
-	add	r0, sp, #32
+	add	r1, sp, #32
+	mov	r0, sp
+	bl	fe_mul_op
 	mov	r1, sp
-	bl	fe_sq
-	mov	r4, #4
-L_fe_pow22523_1:
 	add	r0, sp, #32
+	bl	fe_sq_op
+	mov	r12, #4
+L_fe_pow22523_1:
 	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_1
-	mov	r0, sp
-	add	r1, sp, #32
 	mov	r2, sp
-	bl	fe_mul
-	add	r0, sp, #32
+	add	r1, sp, #32
+	mov	r0, sp
+	bl	fe_mul_op
 	mov	r1, sp
-	bl	fe_sq
-	mov	r4, #9
-L_fe_pow22523_2:
 	add	r0, sp, #32
+	bl	fe_sq_op
+	mov	r12, #9
+L_fe_pow22523_2:
 	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_2
+	mov	r2, sp
+	add	r1, sp, #32
 	add	r0, sp, #32
+	bl	fe_mul_op
 	add	r1, sp, #32
-	mov	r2, sp
-	bl	fe_mul
 	add	r0, sp, #0x40
-	add	r1, sp, #32
-	bl	fe_sq
-	mov	r4, #19
+	bl	fe_sq_op
+	mov	r12, #19
 L_fe_pow22523_3:
-	add	r0, sp, #0x40
 	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_3
-	add	r0, sp, #32
-	add	r1, sp, #0x40
 	add	r2, sp, #32
-	bl	fe_mul
-	mov	r4, #10
-L_fe_pow22523_4:
+	add	r1, sp, #0x40
 	add	r0, sp, #32
+	bl	fe_mul_op
+	mov	r12, #10
+L_fe_pow22523_4:
 	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_4
-	mov	r0, sp
-	add	r1, sp, #32
 	mov	r2, sp
-	bl	fe_mul
-	add	r0, sp, #32
+	add	r1, sp, #32
+	mov	r0, sp
+	bl	fe_mul_op
 	mov	r1, sp
-	bl	fe_sq
-	mov	r4, #49
-L_fe_pow22523_5:
 	add	r0, sp, #32
+	bl	fe_sq_op
+	mov	r12, #49
+L_fe_pow22523_5:
 	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_5
+	mov	r2, sp
+	add	r1, sp, #32
 	add	r0, sp, #32
+	bl	fe_mul_op
 	add	r1, sp, #32
-	mov	r2, sp
-	bl	fe_mul
 	add	r0, sp, #0x40
-	add	r1, sp, #32
-	bl	fe_sq
-	mov	r4, #0x63
+	bl	fe_sq_op
+	mov	r12, #0x63
 L_fe_pow22523_6:
-	add	r0, sp, #0x40
 	add	r1, sp, #0x40
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #0x40
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_6
-	add	r0, sp, #32
-	add	r1, sp, #0x40
 	add	r2, sp, #32
-	bl	fe_mul
-	mov	r4, #50
-L_fe_pow22523_7:
+	add	r1, sp, #0x40
 	add	r0, sp, #32
+	bl	fe_mul_op
+	mov	r12, #50
+L_fe_pow22523_7:
 	add	r1, sp, #32
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	add	r0, sp, #32
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_7
-	mov	r0, sp
-	add	r1, sp, #32
 	mov	r2, sp
-	bl	fe_mul
-	mov	r4, #2
-L_fe_pow22523_8:
+	add	r1, sp, #32
 	mov	r0, sp
+	bl	fe_mul_op
+	mov	r12, #2
+L_fe_pow22523_8:
 	mov	r1, sp
-	bl	fe_sq
-	sub	r4, r4, #1
-	cmp	r4, #0
+	mov	r0, sp
+	push	{r12}
+	bl	fe_sq_op
+	pop	{r12}
+	subs	r12, r12, #1
 	bne	L_fe_pow22523_8
-	ldr	r0, [sp, #96]
-	mov	r1, sp
 	ldr	r2, [sp, #100]
-	bl	fe_mul
+	mov	r1, sp
+	ldr	r0, [sp, #96]
+	bl	fe_mul_op
 	ldr	r1, [sp, #100]
 	ldr	r0, [sp, #96]
 	add	sp, sp, #0x68
-	pop	{r4, pc}
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
 	.size	fe_pow22523,.-fe_pow22523
 	.text
 	.align	4
-	.globl	fe_ge_to_p2
-	.type	fe_ge_to_p2, %function
-fe_ge_to_p2:
-	push	{lr}
-	sub	sp, sp, #16
+	.globl	ge_p1p1_to_p2
+	.type	ge_p1p1_to_p2, %function
+ge_p1p1_to_p2:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #8
 	str	r0, [sp]
 	str	r1, [sp, #4]
-	str	r2, [sp, #8]
-	str	r3, [sp, #12]
-	ldr	r2, [sp, #28]
-	ldr	r1, [sp, #12]
+	add	r2, r1, #0x60
+	bl	fe_mul_op
 	ldr	r0, [sp]
-	bl	fe_mul
-	ldr	r2, [sp, #24]
-	ldr	r1, [sp, #20]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #28]
-	ldr	r1, [sp, #24]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	add	sp, sp, #16
-	pop	{pc}
-	.size	fe_ge_to_p2,.-fe_ge_to_p2
+	ldr	r1, [sp, #4]
+	add	r2, r1, #0x40
+	add	r1, r1, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #4]
+	add	r2, r1, #0x60
+	add	r1, r1, #0x40
+	add	r0, r0, #0x40
+	bl	fe_mul_op
+	add	sp, sp, #8
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	ge_p1p1_to_p2,.-ge_p1p1_to_p2
 	.text
 	.align	4
-	.globl	fe_ge_to_p3
-	.type	fe_ge_to_p3, %function
-fe_ge_to_p3:
-	push	{lr}
-	sub	sp, sp, #16
+	.globl	ge_p1p1_to_p3
+	.type	ge_p1p1_to_p3, %function
+ge_p1p1_to_p3:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #8
 	str	r0, [sp]
 	str	r1, [sp, #4]
-	str	r2, [sp, #8]
-	str	r3, [sp, #12]
-	ldr	r2, [sp, #32]
-	ldr	r1, [sp, #20]
+	add	r2, r1, #0x60
+	bl	fe_mul_op
 	ldr	r0, [sp]
-	bl	fe_mul
-	ldr	r2, [sp, #28]
-	ldr	r1, [sp, #24]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #32]
-	ldr	r1, [sp, #28]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	ldr	r2, [sp, #24]
-	ldr	r1, [sp, #20]
-	ldr	r0, [sp, #12]
-	bl	fe_mul
-	add	sp, sp, #16
-	pop	{pc}
-	.size	fe_ge_to_p3,.-fe_ge_to_p3
+	ldr	r1, [sp, #4]
+	add	r2, r1, #0x40
+	add	r1, r1, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #4]
+	add	r2, r1, #0x60
+	add	r1, r1, #0x40
+	add	r0, r0, #0x40
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #4]
+	add	r2, r1, #32
+	add	r0, r0, #0x60
+	bl	fe_mul_op
+	add	sp, sp, #8
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	ge_p1p1_to_p3,.-ge_p1p1_to_p3
 	.text
 	.align	4
-	.globl	fe_ge_dbl
-	.type	fe_ge_dbl, %function
-fe_ge_dbl:
+	.globl	ge_p2_dbl
+	.type	ge_p2_dbl, %function
+ge_p2_dbl:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #16
+	sub	sp, sp, #8
 	str	r0, [sp]
 	str	r1, [sp, #4]
-	str	r2, [sp, #8]
-	str	r3, [sp, #12]
-	ldr	r1, [sp, #52]
+	bl	fe_sq_op
 	ldr	r0, [sp]
-	bl	fe_sq
-	ldr	r1, [sp, #56]
-	ldr	r0, [sp, #8]
-	bl	fe_sq
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp, #52]
-	ldr	r2, [sp, #56]
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
 	ldr	r1, [sp, #4]
-	ldr	r0, [sp, #12]
-	bl	fe_sq
-	ldr	r0, [sp, #4]
+	add	r1, r1, #32
+	add	r0, r0, #0x40
+	bl	fe_sq_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #4]
+	add	r2, r1, #32
+	add	r0, r0, #32
+	bl	fe_add_op
+	mov	r1, r0
+	add	r0, r0, #0x40
+	bl	fe_sq_op
+	ldr	r0, [sp]
+	mov	r3, r0
+	add	r2, r0, #0x40
+	add	r1, r0, #0x40
+	add	r0, r0, #32
+	bl	fe_add_sub_op
+	mov	r2, r0
+	add	r1, r0, #0x40
+	sub	r0, r0, #32
+	bl	fe_sub_op
+	ldr	r1, [sp, #4]
+	add	r1, r1, #0x40
+	add	r0, r0, #0x60
+	bl	fe_sq2
+	sub	r2, r0, #32
+	mov	r1, r0
+	bl	fe_sub_op
+	add	sp, sp, #8
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	ge_p2_dbl,.-ge_p2_dbl
+	.text
+	.align	4
+	.globl	ge_madd
+	.type	ge_madd, %function
+ge_madd:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #12
+	str	r0, [sp]
+	str	r1, [sp, #4]
+	str	r2, [sp, #8]
+	mov	r2, r1
+	add	r1, r1, #32
+	bl	fe_add_op
+	ldr	r1, [sp, #4]
+	mov	r2, r1
+	add	r1, r1, #32
+	add	r0, r0, #32
+	bl	fe_sub_op
+	ldr	r2, [sp, #8]
+	sub	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r2, [sp, #8]
+	add	r2, r2, #32
+	add	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
 	ldr	r1, [sp, #8]
-	ldr	r2, [sp]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2]
-	ldr	r7, [r2, #4]
-#else
-	ldrd	r6, r7, [r2]
-#endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2, #8]
-	ldr	r7, [r2, #12]
-#else
-	ldrd	r6, r7, [r2, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2, #16]
-	ldr	r7, [r2, #20]
-#else
-	ldrd	r6, r7, [r2, #16]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	ldr	r2, [sp, #4]
+	add	r2, r2, #0x60
+	add	r1, r1, #0x40
+	add	r0, r0, #0x60
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	add	r3, r0, #32
+	add	r2, r0, #0x40
+	mov	r1, r0
+	add	r0, r0, #32
+	bl	fe_add_sub_op
+	ldr	r1, [sp, #4]
+	add	r1, r1, #0x40
+	add	r0, r0, #32
+	# Double
+	ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	adds	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adcs	r10, r10, r10
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	adcs	r11, r11, r11
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #24]
-	ldr	r5, [r1, #28]
-#else
-	ldrd	r4, r5, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r2, #24]
-	ldr	r7, [r2, #28]
-#else
-	ldrd	r6, r7, [r2, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
+	mov	r12, #19
+	lsl	lr, lr, #1
+	orr	lr, lr, r11, lsr #31
+	mul	r12, lr, r12
 	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
-#else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
-#endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
 #else
-	strd	r10, r11, [r1, #24]
+	bfc	r11, #31, #1
 #endif
+	adcs	r10, r10, #0
+	adc	r11, r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Done Double
+	add	r3, r0, #32
+	add	r1, r0, #32
+	bl	fe_add_sub_op
+	add	sp, sp, #12
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	ge_madd,.-ge_madd
+	.text
+	.align	4
+	.globl	ge_msub
+	.type	ge_msub, %function
+ge_msub:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #12
+	str	r0, [sp]
+	str	r1, [sp, #4]
+	str	r2, [sp, #8]
+	mov	r2, r1
+	add	r1, r1, #32
+	bl	fe_add_op
+	ldr	r1, [sp, #4]
+	mov	r2, r1
+	add	r1, r1, #32
+	add	r0, r0, #32
+	bl	fe_sub_op
+	ldr	r2, [sp, #8]
+	add	r2, r2, #32
+	sub	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r2, [sp, #8]
+	add	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
 	ldr	r0, [sp]
-	ldr	r1, [sp, #12]
-	ldr	r2, [sp, #4]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r1, [sp, #60]
-	ldr	r0, [sp, #12]
-	bl	fe_sq2
-	ldr	r0, [sp, #12]
 	ldr	r1, [sp, #8]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1]
-	ldr	r9, [r1, #4]
-#else
-	ldrd	r8, r9, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #8]
-	ldr	r11, [r1, #12]
-#else
-	ldrd	r10, r11, [r1, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
-#else
-	ldrd	r6, r7, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
-#else
-	ldrd	r10, r11, [r1, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
+	ldr	r2, [sp, #4]
+	add	r2, r2, #0x60
+	add	r1, r1, #0x40
+	add	r0, r0, #0x60
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	add	r3, r0, #32
+	add	r2, r0, #0x40
+	mov	r1, r0
+	add	r0, r0, #32
+	bl	fe_add_sub_op
+	ldr	r1, [sp, #4]
+	add	r1, r1, #0x40
+	add	r0, r0, #32
+	# Double
+	ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	adds	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adcs	r10, r10, r10
+	mov	lr, #0
+	adcs	r11, r11, r11
+	adc	lr, lr, #0
+	mov	r12, #19
+	lsl	lr, lr, #1
+	orr	lr, lr, r11, lsr #31
+	mul	r12, lr, r12
 	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
 #else
-	strd	r10, r11, [r0, #24]
+	bfc	r11, #31, #1
 #endif
-	add	sp, sp, #16
+	adcs	r10, r10, #0
+	adc	r11, r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Done Double
+	add	r3, r0, #32
+	mov	r1, r0
+	add	r0, r0, #32
+	bl	fe_add_sub_op
+	add	sp, sp, #12
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_ge_dbl,.-fe_ge_dbl
+	.size	ge_msub,.-ge_msub
 	.text
 	.align	4
-	.globl	fe_ge_madd
-	.type	fe_ge_madd, %function
-fe_ge_madd:
+	.globl	ge_add
+	.type	ge_add, %function
+ge_add:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #32
+	sub	sp, sp, #44
 	str	r0, [sp]
 	str	r1, [sp, #4]
 	str	r2, [sp, #8]
-	str	r3, [sp, #12]
+	mov	r3, r1
+	add	r2, r1, #32
+	add	r1, r0, #32
+	bl	fe_add_sub_op
+	ldr	r2, [sp, #8]
+	mov	r1, r0
+	add	r0, r0, #0x40
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r2, [sp, #8]
+	add	r2, r2, #32
+	add	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #8]
+	ldr	r2, [sp, #4]
+	add	r2, r2, #0x60
+	add	r1, r1, #0x60
+	add	r0, r0, #0x60
+	bl	fe_mul_op
 	ldr	r0, [sp]
-	ldr	r1, [sp, #72]
-	ldr	r2, [sp, #68]
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp, #72]
-	ldr	r2, [sp, #68]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r2, [sp, #88]
-	ldr	r1, [sp]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	ldr	r2, [sp, #92]
 	ldr	r1, [sp, #4]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #80]
-	ldr	r1, [sp, #84]
-	ldr	r0, [sp, #12]
-	bl	fe_mul
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp]
 	ldr	r2, [sp, #8]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
-#else
-	ldrd	r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
-#else
-	ldrd	r6, r7, [r0]
-#endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
-#else
-	ldrd	r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
-#else
-	ldrd	r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
-#else
-	ldrd	r6, r7, [r0, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
-#else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
-#endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #76]
+	add	r2, r2, #0x40
+	add	r1, r1, #0x40
+	bl	fe_mul_op
+	ldr	r1, [sp]
+	add	r0, sp, #12
 	# Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
-#else
-	ldrd	r10, r11, [r1, #24]
-#endif
+	ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
 	adds	r4, r4, r4
 	adcs	r5, r5, r5
 	adcs	r6, r6, r6
@@ -7202,2782 +5310,3471 @@ fe_ge_madd:
 	adcs	r8, r8, r8
 	adcs	r9, r9, r9
 	adcs	r10, r10, r10
-	adc	r11, r11, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1]
-	ldr	r7, [r1, #4]
-#else
-	ldrd	r6, r7, [r1]
-#endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	adcs	r11, r11, r11
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #16]
-	ldr	r7, [r1, #20]
-#else
-	ldrd	r6, r7, [r1, #16]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #24]
-	ldr	r5, [r0, #28]
-#else
-	ldrd	r4, r5, [r0, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
+	mov	r12, #19
+	lsl	lr, lr, #1
+	orr	lr, lr, r11, lsr #31
+	mul	r12, lr, r12
 	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
-#else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
-#endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
 #else
-	strd	r10, r11, [r1, #24]
+	bfc	r11, #31, #1
 #endif
-	add	sp, sp, #32
+	adcs	r10, r10, #0
+	adc	r11, r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Done Double
+	add	r3, r1, #32
+	add	r2, r1, #0x40
+	add	r0, r1, #32
+	bl	fe_add_sub_op
+	add	r3, r0, #0x40
+	add	r2, sp, #12
+	add	r1, r0, #0x40
+	add	r0, r0, #32
+	bl	fe_add_sub_op
+	add	sp, sp, #44
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_ge_madd,.-fe_ge_madd
+	.size	ge_add,.-ge_add
 	.text
 	.align	4
-	.globl	fe_ge_msub
-	.type	fe_ge_msub, %function
-fe_ge_msub:
+	.globl	ge_sub
+	.type	ge_sub, %function
+ge_sub:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #32
+	sub	sp, sp, #44
 	str	r0, [sp]
 	str	r1, [sp, #4]
 	str	r2, [sp, #8]
-	str	r3, [sp, #12]
+	mov	r3, r1
+	add	r2, r1, #32
+	add	r1, r0, #32
+	bl	fe_add_sub_op
+	ldr	r2, [sp, #8]
+	add	r2, r2, #32
+	mov	r1, r0
+	add	r0, r0, #0x40
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r2, [sp, #8]
+	add	r1, r0, #32
+	add	r0, r0, #32
+	bl	fe_mul_op
+	ldr	r0, [sp]
+	ldr	r1, [sp, #8]
+	ldr	r2, [sp, #4]
+	add	r2, r2, #0x60
+	add	r1, r1, #0x60
+	add	r0, r0, #0x60
+	bl	fe_mul_op
 	ldr	r0, [sp]
-	ldr	r1, [sp, #72]
-	ldr	r2, [sp, #68]
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp, #72]
-	ldr	r2, [sp, #68]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r2, [sp, #92]
-	ldr	r1, [sp]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	ldr	r2, [sp, #88]
 	ldr	r1, [sp, #4]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #80]
-	ldr	r1, [sp, #84]
-	ldr	r0, [sp, #12]
-	bl	fe_mul
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp]
 	ldr	r2, [sp, #8]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
-#else
-	ldrd	r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
-#else
-	ldrd	r6, r7, [r0]
-#endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
+	add	r2, r2, #0x40
+	add	r1, r1, #0x40
+	bl	fe_mul_op
+	ldr	r1, [sp]
+	add	r0, sp, #12
+	# Double
+	ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	adds	r4, r4, r4
+	adcs	r5, r5, r5
+	adcs	r6, r6, r6
+	adcs	r7, r7, r7
+	adcs	r8, r8, r8
+	adcs	r9, r9, r9
+	adcs	r10, r10, r10
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	adcs	r11, r11, r11
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
+	mov	r12, #19
+	lsl	lr, lr, #1
+	orr	lr, lr, r11, lsr #31
+	mul	r12, lr, r12
+	adds	r4, r4, r12
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adcs	r9, r9, #0
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0x80000000
 #else
-	strd	r10, r11, [r1]
+	bfc	r11, #31, #1
 #endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
+	adcs	r10, r10, #0
+	adc	r11, r11, #0
+	stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	# Done Double
+	add	r3, r1, #32
+	add	r2, r1, #0x40
+	add	r0, r1, #32
+	bl	fe_add_sub_op
+	add	r3, r0, #0x40
+	add	r2, sp, #12
+	add	r1, r0, #32
+	add	r0, r0, #0x40
+	bl	fe_add_sub_op
+	add	sp, sp, #44
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	ge_sub,.-ge_sub
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	.text
+	.align	4
+	.globl	sc_reduce
+	.type	sc_reduce, %function
+sc_reduce:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #56
+	str	r0, [sp, #52]
+	# Load bits 252-511
+	add	r0, r0, #28
+	ldm	r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+	lsr	lr, r9, #24
+	lsl	r9, r9, #4
+	orr	r9, r9, r8, LSR #28
+	lsl	r8, r8, #4
+	orr	r8, r8, r7, LSR #28
+	lsl	r7, r7, #4
+	orr	r7, r7, r6, LSR #28
+	lsl	r6, r6, #4
+	orr	r6, r6, r5, LSR #28
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, LSR #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, LSR #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, LSR #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	sub	r0, r0, #28
+	# Add order times bits 504..511
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xa3
+	lsl	r10, r10, #8
+	orr	r10, r10, #10
+	lsl	r10, r10, #8
+	orr	r10, r10, #44
+	lsl	r10, r10, #8
+	orr	r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x2c
+	lsl	r10, r10, #8
+	add	r10, r10, #0x13
+#else
+	mov	r10, #0x2c13
+#endif
+	movt	r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xa7
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xed
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x9c
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xe5
 #else
-	ldrd	r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x9c
+	lsl	r11, r11, #8
+	add	r11, r11, #0xe5
 #else
-	ldrd	r6, r7, [r0, #8]
+	mov	r11, #0x9ce5
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
+	movt	r11, #0xa7ed
 #endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
+	mov	r1, #0
+	umlal	r2, r1, r10, lr
+	adds	r3, r3, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5d
+	lsl	r10, r10, #8
+	orr	r10, r10, #8
+	lsl	r10, r10, #8
+	orr	r10, r10, #0x63
+	lsl	r10, r10, #8
+	orr	r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x63
+	lsl	r10, r10, #8
+	add	r10, r10, #0x29
+#else
+	mov	r10, #0x6329
+#endif
+	movt	r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xeb
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
+	lsl	r11, r11, #8
+	orr	r11, r11, #6
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
 #else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x6
+	lsl	r11, r11, #8
+	add	r11, r11, #0x21
 #else
-	ldrd	r4, r5, [r2, #16]
+	mov	r11, #0x621
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
+	movt	r11, #0xeb21
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
+	adds	r4, r4, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r4, r1, r10, lr
+	adds	r5, r5, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r5, r1, r11, lr
+	adds	r6, r6, r1
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	subs	r6, r6, lr
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbc	r9, r9, #0
+	# Sub product of top 8 words and order
+	mov	r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
+#else
+	mov	r1, #0x2c13
+#endif
+	movt	r1, #0xa30a
 #endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	ldm	r0!, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0xf0000000
 #else
-	ldrd	r6, r7, [r0, #24]
+	bfc	r11, #28, #4
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r0, r0, #16
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+	# Subtract at 4 * 32
+	ldm	r12, {r10, r11}
+	subs	r10, r10, r2
+	sbcs	r11, r11, r3
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r4
+	sbcs	r11, r11, r5
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r6
+	sbcs	r11, r11, r7
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r8
+	sbc	r11, r11, r9
+	stm	r12!, {r10, r11}
+	sub	r12, r12, #36
+	asr	lr, r11, #25
+	# Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa00000
+	lsl	r1, r1, #8
+	add	r1, r1, #0x0
+#else
+	mov	r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0x4b
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x9e
+	lsl	r2, r2, #8
+	orr	r2, r2, #0xba
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0xba
+	lsl	r2, r2, #8
+	add	r2, r2, #0x7d
+#else
+	mov	r2, #0xba7d
+#endif
+	movt	r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0xcb
+	lsl	r3, r3, #8
+	orr	r3, r3, #2
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x4c
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x63
 #else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0x4c
+	lsl	r3, r3, #8
+	add	r3, r3, #0x63
 #else
-	ldrd	r4, r5, [r0, #16]
+	mov	r3, #0x4c63
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
+	movt	r3, #0xcb02
 #endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xd4
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x5e
+	lsl	r4, r4, #8
+	orr	r4, r4, #0xf3
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x9a
 #else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xf3
+	lsl	r4, r4, #8
+	add	r4, r4, #0x9a
 #else
-	ldrd	r4, r5, [r1]
+	mov	r4, #0xf39a
 #endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
+	movt	r4, #0xd45e
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #2
+	lsl	r5, r5, #8
+	orr	r5, r5, #0x9b
+	lsl	r5, r5, #8
+	orr	r5, r5, #0xdf
+	lsl	r5, r5, #8
+	orr	r5, r5, #59
 #else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #0xdf
+	lsl	r5, r5, #8
+	add	r5, r5, #0x3b
 #else
-	strd	r4, r5, [r1, #8]
+	mov	r5, #0xdf3b
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
+	movt	r5, #0x29b
 #endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r9, #0x20000
+	lsl	r9, r9, #8
+	add	r9, r9, #0x0
 #else
-	strd	r4, r5, [r1, #16]
+	mov	r9, #0x2000000
 #endif
+	and	r1, r1, lr
+	and	r2, r2, lr
+	and	r3, r3, lr
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r9, r9, lr
+	ldm	r12, {r10, r11}
+	adds	r10, r10, r1
+	adcs	r11, r11, r2
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
 	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #76]
-	# Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
-#else
-	ldrd	r10, r11, [r1, #24]
-#endif
-	adds	r4, r4, r4
-	adcs	r5, r5, r5
-	adcs	r6, r6, r6
-	adcs	r7, r7, r7
-	adcs	r8, r8, r8
-	adcs	r9, r9, r9
-	adcs	r10, r10, r10
-	adc	r11, r11, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	adcs	r11, r11, r4
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, r5
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, #0
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10}
+	adcs	r10, r10, #0
+	stm	r12!, {r10}
+	sub	r0, r0, #16
+	mov	r12, sp
+	# Load bits 252-376
+	add	r12, r12, #28
+	ldm	r12, {r1, r2, r3, r4, r5}
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, lsr #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, lsr #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, lsr #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r5, r5, #0xe0000000
+#else
+	bfc	r5, #29, #3
+#endif
+	sub	r12, r12, #28
+	# Sub product of top 4 words and order
+	mov	r0, sp
+	#   * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
 #else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #12]
-	ldr	r1, [sp, #8]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
 #else
-	ldrd	r4, r5, [r1]
+	mov	r1, #0x2c13
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
-#else
-	ldrd	r6, r7, [r0]
+	movt	r1, #0xa30a
 #endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, lr, r2, r1
+	adds	r7, r7, lr
+	mov	lr, #0
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	umlal	r7, lr, r3, r1
+	adds	r8, r8, lr
 	mov	lr, #0
-	sbcs	r11, r5, r7
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	umlal	r8, lr, r4, r1
+	adds	r9, r9, lr
 	mov	lr, #0
-	sbcs	r11, r5, r7
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #24]
-	ldr	r5, [r1, #28]
-#else
-	ldrd	r4, r5, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
-#else
-	ldrd	r6, r7, [r0, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
+	umlal	r9, lr, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
+	mov	r10, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r10, r2, r1
+	adds	r7, r7, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r7, r10, r3, r1
+	adds	r8, r8, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r8, r10, r4, r1
+	adds	r9, r9, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r9, r10, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
+	mov	r11, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r11, r2, r1
+	adds	r7, r7, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r7, r11, r3, r1
+	adds	r8, r8, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r8, r11, r4, r1
+	adds	r9, r9, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r9, r11, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
+	mov	r12, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r12, r2, r1
+	adds	r7, r7, r12
+	mov	r12, #0
+	adc	r12, r12, #0
+	umlal	r7, r12, r3, r1
+	adds	r8, r8, r12
+	mov	r12, #0
+	adc	r12, r12, #0
+	umlal	r8, r12, r4, r1
+	adds	r9, r9, r12
+	mov	r12, #0
+	adc	r12, r12, #0
+	umlal	r9, r12, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	# Add overflows at 4 * 32
+	ldm	r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	adds	r6, r6, lr
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adc	r9, r9, r12
+	# Subtract top at 4 * 32
+	subs	r6, r6, r2
+	sbcs	r7, r7, r3
+	sbcs	r8, r8, r4
+	sbcs	r9, r9, r5
+	sbc	r1, r1, r1
+	sub	r0, r0, #16
+	ldm	r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5c
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xf5
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xd3
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xd3
+	lsl	r10, r10, #8
+	add	r10, r10, #0xed
+#else
+	mov	r10, #0xd3ed
+#endif
+	movt	r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x58
+	lsl	r11, r11, #8
+	orr	r11, r11, #18
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x63
+	lsl	r11, r11, #8
+	orr	r11, r11, #26
 #else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x63
+	lsl	r11, r11, #8
+	add	r11, r11, #0x1a
 #else
-	strd	r4, r5, [r0, #16]
+	mov	r11, #0x631a
 #endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
+	movt	r11, #0x5812
 #endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0xa2
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xf7
+	lsl	r12, r12, #8
+	orr	r12, r12, #0x9c
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xd6
 #else
-	ldrd	r4, r5, [r1]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0x9c
+	lsl	r12, r12, #8
+	add	r12, r12, #0xd6
 #else
-	strd	r4, r5, [r1]
+	mov	r12, #0x9cd6
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
+	movt	r12, #0xa2f7
 #endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #20
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xf9
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
 #else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #0xf9
+	lsl	lr, lr, #8
+	add	lr, lr, #0xde
 #else
-	ldrd	r4, r5, [r1, #16]
+	mov	lr, #0xf9de
 #endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
+	movt	lr, #0x14de
 #endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
+	and	r10, r10, r1
+	and	r11, r11, r1
+	and	r12, r12, r1
+	and	lr, lr, r1
+	adds	r2, r2, r10
+	adcs	r3, r3, r11
+	adcs	r4, r4, r12
+	adcs	r5, r5, lr
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	and	r1, r1, #0x10000000
+	adcs	r8, r8, #0
+	adc	r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
 #else
-	strd	r10, r11, [r1, #24]
+	bfc	r9, #28, #4
 #endif
-	add	sp, sp, #32
+	# Store result
+	ldr	r0, [sp, #52]
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	add	sp, sp, #56
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_ge_msub,.-fe_ge_msub
+	.size	sc_reduce,.-sc_reduce
+#else
 	.text
 	.align	4
-	.globl	fe_ge_add
-	.type	fe_ge_add, %function
-fe_ge_add:
+	.globl	sc_reduce
+	.type	sc_reduce, %function
+sc_reduce:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #0x60
-	str	r0, [sp]
-	str	r1, [sp, #4]
-	str	r2, [sp, #8]
-	str	r3, [sp, #12]
-	ldr	r0, [sp]
-	ldr	r1, [sp, #136]
-	ldr	r2, [sp, #132]
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+	sub	sp, sp, #56
+	str	r0, [sp, #52]
+	# Load bits 252-511
+	add	r0, r0, #28
+	ldm	r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+	lsr	lr, r9, #24
+	lsl	r9, r9, #4
+	orr	r9, r9, r8, LSR #28
+	lsl	r8, r8, #4
+	orr	r8, r8, r7, LSR #28
+	lsl	r7, r7, #4
+	orr	r7, r7, r6, LSR #28
+	lsl	r6, r6, #4
+	orr	r6, r6, r5, LSR #28
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, LSR #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, LSR #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, LSR #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	sub	r0, r0, #28
+	# Add order times bits 504..511
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xa3
+	lsl	r10, r10, #8
+	orr	r10, r10, #10
+	lsl	r10, r10, #8
+	orr	r10, r10, #44
+	lsl	r10, r10, #8
+	orr	r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x2c
+	lsl	r10, r10, #8
+	add	r10, r10, #0x13
+#else
+	mov	r10, #0x2c13
+#endif
+	movt	r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xa7
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xed
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x9c
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xe5
 #else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x9c
+	lsl	r11, r11, #8
+	add	r11, r11, #0xe5
 #else
-	ldrd	r6, r7, [r1, #8]
+	mov	r11, #0x9ce5
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
+	movt	r11, #0xa7ed
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
+	mov	r1, #0
+	umlal	r2, r1, r10, lr
+	umaal	r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5d
+	lsl	r10, r10, #8
+	orr	r10, r10, #8
+	lsl	r10, r10, #8
+	orr	r10, r10, #0x63
+	lsl	r10, r10, #8
+	orr	r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x63
+	lsl	r10, r10, #8
+	add	r10, r10, #0x29
+#else
+	mov	r10, #0x6329
+#endif
+	movt	r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xeb
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
+	lsl	r11, r11, #8
+	orr	r11, r11, #6
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
 #else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x6
+	lsl	r11, r11, #8
+	add	r11, r11, #0x21
 #else
-	strd	r8, r9, [r0]
+	mov	r11, #0x621
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
+	movt	r11, #0xeb21
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
+	umaal	r4, r1, r10, lr
+	umaal	r5, r1, r11, lr
+	adds	r6, r6, r1
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	subs	r6, r6, lr
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbc	r9, r9, #0
+	# Sub product of top 8 words and order
+	mov	r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
+#else
+	mov	r1, #0x2c13
+#endif
+	movt	r1, #0xa30a
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
+	mov	lr, #0
+	ldm	r0!, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0xf0000000
+#else
+	bfc	r11, #28, #4
+#endif
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r0, r0, #16
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+	# Subtract at 4 * 32
+	ldm	r12, {r10, r11}
+	subs	r10, r10, r2
+	sbcs	r11, r11, r3
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r4
+	sbcs	r11, r11, r5
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r6
+	sbcs	r11, r11, r7
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r8
+	sbc	r11, r11, r9
+	stm	r12!, {r10, r11}
+	sub	r12, r12, #36
+	asr	lr, r11, #25
+	# Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa00000
+	lsl	r1, r1, #8
+	add	r1, r1, #0x0
+#else
+	mov	r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0x4b
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x9e
+	lsl	r2, r2, #8
+	orr	r2, r2, #0xba
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0xba
+	lsl	r2, r2, #8
+	add	r2, r2, #0x7d
+#else
+	mov	r2, #0xba7d
+#endif
+	movt	r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0xcb
+	lsl	r3, r3, #8
+	orr	r3, r3, #2
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x4c
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x63
 #else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0x4c
+	lsl	r3, r3, #8
+	add	r3, r3, #0x63
 #else
-	ldrd	r6, r7, [r0, #8]
+	mov	r3, #0x4c63
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	movt	r3, #0xcb02
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xd4
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x5e
+	lsl	r4, r4, #8
+	orr	r4, r4, #0xf3
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x9a
 #else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xf3
+	lsl	r4, r4, #8
+	add	r4, r4, #0x9a
 #else
-	strd	r8, r9, [r0, #16]
+	mov	r4, #0xf39a
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
+	movt	r4, #0xd45e
 #endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp, #136]
-	ldr	r2, [sp, #132]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #2
+	lsl	r5, r5, #8
+	orr	r5, r5, #0x9b
+	lsl	r5, r5, #8
+	orr	r5, r5, #0xdf
+	lsl	r5, r5, #8
+	orr	r5, r5, #59
 #else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #0xdf
+	lsl	r5, r5, #8
+	add	r5, r5, #0x3b
 #else
-	ldrd	r6, r7, [r1, #8]
+	mov	r5, #0xdf3b
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
+	movt	r5, #0x29b
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r9, #0x20000
+	lsl	r9, r9, #8
+	add	r9, r9, #0x0
 #else
-	ldrd	r10, r11, [r2, #8]
+	mov	r9, #0x2000000
 #endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
+	and	r1, r1, lr
+	and	r2, r2, lr
+	and	r3, r3, lr
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r9, r9, lr
+	ldm	r12, {r10, r11}
+	adds	r10, r10, r1
+	adcs	r11, r11, r2
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, r3
+	adcs	r11, r11, r4
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, r5
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, #0
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10}
+	adcs	r10, r10, #0
+	stm	r12!, {r10}
+	sub	r0, r0, #16
+	mov	r12, sp
+	# Load bits 252-376
+	add	r12, r12, #28
+	ldm	r12, {r1, r2, r3, r4, r5}
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, lsr #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, lsr #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, lsr #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r5, r5, #0xe0000000
+#else
+	bfc	r5, #29, #3
+#endif
+	sub	r12, r12, #28
+	# Sub product of top 4 words and order
+	mov	r0, sp
+	#   * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
 #else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
 #else
-	strd	r10, r11, [r0, #8]
+	mov	r1, #0x2c13
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
+	movt	r1, #0xa30a
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
+	mov	lr, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, lr, r2, r1
+	umaal	r7, lr, r3, r1
+	umaal	r8, lr, r4, r1
+	umaal	r9, lr, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
+	mov	r10, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r10, r2, r1
+	umaal	r7, r10, r3, r1
+	umaal	r8, r10, r4, r1
+	umaal	r9, r10, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
+	mov	r11, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r11, r2, r1
+	umaal	r7, r11, r3, r1
+	umaal	r8, r11, r4, r1
+	umaal	r9, r11, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
+	mov	r12, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r12, r2, r1
+	umaal	r7, r12, r3, r1
+	umaal	r8, r12, r4, r1
+	umaal	r9, r12, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	# Add overflows at 4 * 32
+	ldm	r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	adds	r6, r6, lr
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adc	r9, r9, r12
+	# Subtract top at 4 * 32
+	subs	r6, r6, r2
+	sbcs	r7, r7, r3
+	sbcs	r8, r8, r4
+	sbcs	r9, r9, r5
+	sbc	r1, r1, r1
+	sub	r0, r0, #16
+	ldm	r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5c
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xf5
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xd3
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xd3
+	lsl	r10, r10, #8
+	add	r10, r10, #0xed
+#else
+	mov	r10, #0xd3ed
+#endif
+	movt	r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x58
+	lsl	r11, r11, #8
+	orr	r11, r11, #18
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x63
+	lsl	r11, r11, #8
+	orr	r11, r11, #26
 #else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x63
+	lsl	r11, r11, #8
+	add	r11, r11, #0x1a
 #else
-	ldrd	r6, r7, [r0, #8]
+	mov	r11, #0x631a
 #endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	movt	r11, #0x5812
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0xa2
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xf7
+	lsl	r12, r12, #8
+	orr	r12, r12, #0x9c
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xd6
 #else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0x9c
+	lsl	r12, r12, #8
+	add	r12, r12, #0xd6
 #else
-	strd	r8, r9, [r0, #16]
+	mov	r12, #0x9cd6
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
+	movt	r12, #0xa2f7
 #endif
-	ldr	r2, [sp, #156]
-	ldr	r1, [sp]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	ldr	r2, [sp, #160]
-	ldr	r1, [sp, #4]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #144]
-	ldr	r1, [sp, #152]
-	ldr	r0, [sp, #12]
-	bl	fe_mul
-	ldr	r2, [sp, #148]
-	ldr	r1, [sp, #140]
-	ldr	r0, [sp]
-	bl	fe_mul
-	add	r0, sp, #16
-	ldr	r1, [sp]
-	# Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #20
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xf9
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
 #else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #0xf9
+	lsl	lr, lr, #8
+	add	lr, lr, #0xde
 #else
-	ldrd	r6, r7, [r1, #8]
+	mov	lr, #0xf9de
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
+	movt	lr, #0x14de
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
+	and	r10, r10, r1
+	and	r11, r11, r1
+	and	r12, r12, r1
+	and	lr, lr, r1
+	adds	r2, r2, r10
+	adcs	r3, r3, r11
+	adcs	r4, r4, r12
+	adcs	r5, r5, lr
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	and	r1, r1, #0x10000000
+	adcs	r8, r8, #0
+	adc	r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
 #else
-	ldrd	r10, r11, [r1, #24]
+	bfc	r9, #28, #4
 #endif
-	adds	r4, r4, r4
-	adcs	r5, r5, r5
-	adcs	r6, r6, r6
-	adcs	r7, r7, r7
-	adcs	r8, r8, r8
-	adcs	r9, r9, r9
-	adcs	r10, r10, r10
-	adc	r11, r11, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
+	# Store result
+	ldr	r0, [sp, #52]
+	stm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	add	sp, sp, #56
+	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	.size	sc_reduce,.-sc_reduce
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifdef HAVE_ED25519_SIGN
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+	.text
+	.align	4
+	.globl	sc_muladd
+	.type	sc_muladd, %function
+sc_muladd:
+	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	sub	sp, sp, #0x50
+	add	lr, sp, #0x44
+	stm	lr, {r0, r1, r3}
+	mov	r0, #0
+	ldr	r12, [r1]
+	# A[0] * B[0]
+	ldr	lr, [r2]
+	umull	r3, r4, r12, lr
+	# A[0] * B[2]
+	ldr	lr, [r2, #8]
+	umull	r5, r6, r12, lr
+	# A[0] * B[4]
+	ldr	lr, [r2, #16]
+	umull	r7, r8, r12, lr
+	# A[0] * B[6]
+	ldr	lr, [r2, #24]
+	umull	r9, r10, r12, lr
+	str	r3, [sp]
+	# A[0] * B[1]
+	ldr	lr, [r2, #4]
+	mov	r11, r0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[0] * B[3]
+	ldr	lr, [r2, #12]
+	adcs	r6, r6, #0
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[0] * B[5]
+	ldr	lr, [r2, #20]
+	adcs	r8, r8, #0
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[0] * B[7]
+	ldr	lr, [r2, #28]
+	adcs	r10, r10, #0
+	adc	r3, r0, #0
+	umlal	r10, r3, r12, lr
+	# A[1] * B[0]
+	ldr	r12, [r1, #4]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r4, r11, r12, lr
+	str	r4, [sp, #4]
+	adds	r5, r5, r11
+	# A[1] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[1] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[1] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[1] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[1] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[1] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[1] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r4, r0, #0
+	umlal	r3, r4, r12, lr
+	# A[2] * B[0]
+	ldr	r12, [r1, #8]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r5, r11, r12, lr
+	str	r5, [sp, #8]
+	adds	r6, r6, r11
+	# A[2] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[2] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[2] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[2] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[2] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[2] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[2] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r5, r0, #0
+	umlal	r4, r5, r12, lr
+	# A[3] * B[0]
+	ldr	r12, [r1, #12]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r6, r11, r12, lr
+	str	r6, [sp, #12]
+	adds	r7, r7, r11
+	# A[3] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[3] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[3] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[3] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[3] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[3] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[3] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r6, r0, #0
+	umlal	r5, r6, r12, lr
+	# A[4] * B[0]
+	ldr	r12, [r1, #16]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r7, r11, r12, lr
+	str	r7, [sp, #16]
+	adds	r8, r8, r11
+	# A[4] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[4] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[4] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[4] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[4] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[4] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[4] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r7, r0, #0
+	umlal	r6, r7, r12, lr
+	# A[5] * B[0]
+	ldr	r12, [r1, #20]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r8, r11, r12, lr
+	str	r8, [sp, #20]
+	adds	r9, r9, r11
+	# A[5] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r9, r11, r12, lr
+	adds	r10, r10, r11
+	# A[5] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[5] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[5] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[5] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[5] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[5] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r8, r0, #0
+	umlal	r7, r8, r12, lr
+	# A[6] * B[0]
+	ldr	r12, [r1, #24]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r9, r11, r12, lr
+	str	r9, [sp, #24]
+	adds	r10, r10, r11
+	# A[6] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r10, r11, r12, lr
+	adds	r3, r3, r11
+	# A[6] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[6] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[6] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[6] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[6] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[6] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r9, r0, #0
+	umlal	r8, r9, r12, lr
+	# A[7] * B[0]
+	ldr	r12, [r1, #28]
+	ldr	lr, [r2]
+	mov	r11, #0
+	umlal	r10, r11, r12, lr
+	str	r10, [sp, #28]
+	adds	r3, r3, r11
+	# A[7] * B[1]
+	ldr	lr, [r2, #4]
+	adc	r11, r0, #0
+	umlal	r3, r11, r12, lr
+	adds	r4, r4, r11
+	# A[7] * B[2]
+	ldr	lr, [r2, #8]
+	adc	r11, r0, #0
+	umlal	r4, r11, r12, lr
+	adds	r5, r5, r11
+	# A[7] * B[3]
+	ldr	lr, [r2, #12]
+	adc	r11, r0, #0
+	umlal	r5, r11, r12, lr
+	adds	r6, r6, r11
+	# A[7] * B[4]
+	ldr	lr, [r2, #16]
+	adc	r11, r0, #0
+	umlal	r6, r11, r12, lr
+	adds	r7, r7, r11
+	# A[7] * B[5]
+	ldr	lr, [r2, #20]
+	adc	r11, r0, #0
+	umlal	r7, r11, r12, lr
+	adds	r8, r8, r11
+	# A[7] * B[6]
+	ldr	lr, [r2, #24]
+	adc	r11, r0, #0
+	umlal	r8, r11, r12, lr
+	adds	r9, r9, r11
+	# A[7] * B[7]
+	ldr	lr, [r2, #28]
+	adc	r10, r0, #0
+	umlal	r9, r10, r12, lr
+	add	lr, sp, #32
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	mov	r0, sp
+	# Add c to a * b
+	ldr	lr, [sp, #76]
+	ldm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ldm	lr!, {r1, r10, r11, r12}
+	adds	r2, r2, r1
+	adcs	r3, r3, r10
+	adcs	r4, r4, r11
+	adcs	r5, r5, r12
+	ldm	lr!, {r1, r10, r11, r12}
+	adcs	r6, r6, r1
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adcs	r9, r9, r12
+	mov	r1, r9
+	stm	r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ldm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	sub	r0, r0, #32
+	# Get 252..503 and 504..507
+	lsr	lr, r9, #24
+	lsl	r9, r9, #4
+	orr	r9, r9, r8, LSR #28
+	lsl	r8, r8, #4
+	orr	r8, r8, r7, LSR #28
+	lsl	r7, r7, #4
+	orr	r7, r7, r6, LSR #28
+	lsl	r6, r6, #4
+	orr	r6, r6, r5, LSR #28
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, LSR #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, LSR #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, LSR #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	# Add order times bits 504..507
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xa3
+	lsl	r10, r10, #8
+	orr	r10, r10, #10
+	lsl	r10, r10, #8
+	orr	r10, r10, #44
+	lsl	r10, r10, #8
+	orr	r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x2c
+	lsl	r10, r10, #8
+	add	r10, r10, #0x13
+#else
+	mov	r10, #0x2c13
+#endif
+	movt	r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xa7
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xed
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x9c
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xe5
 #else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x9c
+	lsl	r11, r11, #8
+	add	r11, r11, #0xe5
 #else
-	strd	r6, r7, [r0, #8]
+	mov	r11, #0x9ce5
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
+	movt	r11, #0xa7ed
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	mov	r1, #0
+	umlal	r2, r1, r10, lr
+	adds	r3, r3, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5d
+	lsl	r10, r10, #8
+	orr	r10, r10, #8
+	lsl	r10, r10, #8
+	orr	r10, r10, #0x63
+	lsl	r10, r10, #8
+	orr	r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x63
+	lsl	r10, r10, #8
+	add	r10, r10, #0x29
+#else
+	mov	r10, #0x6329
+#endif
+	movt	r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xeb
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
+	lsl	r11, r11, #8
+	orr	r11, r11, #6
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
 #else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp]
-	ldr	r2, [sp, #8]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x6
+	lsl	r11, r11, #8
+	add	r11, r11, #0x21
 #else
-	ldrd	r4, r5, [r2]
+	mov	r11, #0x621
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
-#else
-	ldrd	r6, r7, [r0]
+	movt	r11, #0xeb21
 #endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
+	adds	r4, r4, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r4, r1, r10, lr
+	adds	r5, r5, r1
+	mov	r1, #0
+	adc	r1, r1, #0
+	umlal	r5, r1, r11, lr
+	adds	r6, r6, r1
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	subs	r6, r6, lr
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbc	r9, r9, #0
+	# Sub product of top 8 words and order
+	mov	r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
+#else
+	mov	r1, #0x2c13
+#endif
+	movt	r1, #0xa30a
 #endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	ldm	r0!, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
-#else
-	ldrd	r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
 	mov	lr, #0
-	sbcs	r11, r5, r7
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
-#else
-	ldrd	r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
 	mov	lr, #0
-	sbcs	r11, r5, r7
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0xf0000000
 #else
-	ldrd	r6, r7, [r0, #24]
+	bfc	r11, #28, #4
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r0, r0, #16
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r4, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r6, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adds	r10, r10, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r10, lr, r8, r1
+	adds	r11, r11, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+	# Subtract at 4 * 32
+	ldm	r12, {r10, r11}
+	subs	r10, r10, r2
+	sbcs	r11, r11, r3
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r4
+	sbcs	r11, r11, r5
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r6
+	sbcs	r11, r11, r7
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r8
+	sbc	r11, r11, r9
+	stm	r12!, {r10, r11}
+	sub	r12, r12, #36
+	asr	lr, r11, #25
+	# Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa00000
+	lsl	r1, r1, #8
+	add	r1, r1, #0x0
+#else
+	mov	r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0x4b
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x9e
+	lsl	r2, r2, #8
+	orr	r2, r2, #0xba
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0xba
+	lsl	r2, r2, #8
+	add	r2, r2, #0x7d
+#else
+	mov	r2, #0xba7d
+#endif
+	movt	r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0xcb
+	lsl	r3, r3, #8
+	orr	r3, r3, #2
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x4c
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x63
 #else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0x4c
+	lsl	r3, r3, #8
+	add	r3, r3, #0x63
 #else
-	ldrd	r4, r5, [r0, #16]
+	mov	r3, #0x4c63
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
+	movt	r3, #0xcb02
 #endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xd4
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x5e
+	lsl	r4, r4, #8
+	orr	r4, r4, #0xf3
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x9a
 #else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xf3
+	lsl	r4, r4, #8
+	add	r4, r4, #0x9a
 #else
-	ldrd	r4, r5, [r1]
+	mov	r4, #0xf39a
 #endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
+	movt	r4, #0xd45e
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #2
+	lsl	r5, r5, #8
+	orr	r5, r5, #0x9b
+	lsl	r5, r5, #8
+	orr	r5, r5, #0xdf
+	lsl	r5, r5, #8
+	orr	r5, r5, #59
 #else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #0xdf
+	lsl	r5, r5, #8
+	add	r5, r5, #0x3b
 #else
-	strd	r4, r5, [r1, #8]
+	mov	r5, #0xdf3b
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
+	movt	r5, #0x29b
 #endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r9, #0x20000
+	lsl	r9, r9, #8
+	add	r9, r9, #0x0
 #else
-	strd	r4, r5, [r1, #16]
+	mov	r9, #0x2000000
 #endif
+	and	r1, r1, lr
+	and	r2, r2, lr
+	and	r3, r3, lr
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r9, r9, lr
+	ldm	r12, {r10, r11}
+	adds	r10, r10, r1
+	adcs	r11, r11, r2
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
 	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	ldr	r0, [sp, #8]
-	ldr	r1, [sp, #12]
-	add	r2, sp, #16
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
+	adcs	r11, r11, r4
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, r5
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, #0
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10}
+	adcs	r10, r10, #0
+	stm	r12!, {r10}
+	sub	r0, r0, #16
+	mov	r12, sp
+	# Load bits 252-376
+	add	r12, r12, #28
+	ldm	r12, {r1, r2, r3, r4, r5}
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, lsr #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, lsr #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, lsr #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r5, r5, #0xe0000000
+#else
+	bfc	r5, #29, #3
+#endif
+	sub	r12, r12, #28
+	# Sub product of top 4 words and order
+	mov	r0, sp
+	#   * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
 #else
-	ldrd	r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1]
-	ldr	r7, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
 #else
-	ldrd	r6, r7, [r1]
+	mov	r1, #0x2c13
 #endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
+	movt	r1, #0xa30a
 #endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, lr, r2, r1
+	adds	r7, r7, lr
+	mov	lr, #0
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
-#else
-	ldrd	r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
+	umlal	r7, lr, r3, r1
+	adds	r8, r8, lr
 	mov	lr, #0
-	sbcs	r11, r5, r7
 	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
+	umlal	r8, lr, r4, r1
+	adds	r9, r9, lr
+	mov	lr, #0
+	adc	lr, lr, #0
+	umlal	r9, lr, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
-#else
-	ldrd	r4, r5, [r2, #16]
+	mov	r10, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r10, r2, r1
+	adds	r7, r7, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r7, r10, r3, r1
+	adds	r8, r8, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r8, r10, r4, r1
+	adds	r9, r9, r10
+	mov	r10, #0
+	adc	r10, r10, #0
+	umlal	r9, r10, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #16]
-	ldr	r7, [r1, #20]
-#else
-	ldrd	r6, r7, [r1, #16]
+	mov	r11, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r11, r2, r1
+	adds	r7, r7, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r7, r11, r3, r1
+	adds	r8, r8, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r8, r11, r4, r1
+	adds	r9, r9, r11
+	mov	r11, #0
+	adc	r11, r11, #0
+	umlal	r9, r11, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
 	mov	r12, #0
-	adcs	r9, r5, r7
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r12, r2, r1
+	adds	r7, r7, r12
+	mov	r12, #0
 	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+	umlal	r7, r12, r3, r1
+	adds	r8, r8, r12
+	mov	r12, #0
+	adc	r12, r12, #0
+	umlal	r8, r12, r4, r1
+	adds	r9, r9, r12
+	mov	r12, #0
+	adc	r12, r12, #0
+	umlal	r9, r12, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	# Add overflows at 4 * 32
+	ldm	r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	adds	r6, r6, lr
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adc	r9, r9, r12
+	# Subtract top at 4 * 32
+	subs	r6, r6, r2
+	sbcs	r7, r7, r3
+	sbcs	r8, r8, r4
+	sbcs	r9, r9, r5
+	sbc	r1, r1, r1
+	sub	r0, r0, #16
+	ldm	r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5c
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xf5
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xd3
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xd3
+	lsl	r10, r10, #8
+	add	r10, r10, #0xed
+#else
+	mov	r10, #0xd3ed
+#endif
+	movt	r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x58
+	lsl	r11, r11, #8
+	orr	r11, r11, #18
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x63
+	lsl	r11, r11, #8
+	orr	r11, r11, #26
 #else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x63
+	lsl	r11, r11, #8
+	add	r11, r11, #0x1a
 #else
-	strd	r10, r11, [r1, #16]
+	mov	r11, #0x631a
 #endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
+	movt	r11, #0x5812
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0xa2
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xf7
+	lsl	r12, r12, #8
+	orr	r12, r12, #0x9c
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xd6
 #else
-	ldrd	r6, r7, [r1, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0x9c
+	lsl	r12, r12, #8
+	add	r12, r12, #0xd6
 #else
-	ldrd	r4, r5, [r0]
+	mov	r12, #0x9cd6
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	movt	r12, #0xa2f7
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #20
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xf9
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
 #else
-	ldrd	r4, r5, [r0, #8]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #0xf9
+	lsl	lr, lr, #8
+	add	lr, lr, #0xde
 #else
-	strd	r4, r5, [r0, #8]
+	mov	lr, #0xf9de
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
+	movt	lr, #0x14de
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
+	and	r10, r10, r1
+	and	r11, r11, r1
+	and	r12, r12, r1
+	and	lr, lr, r1
+	adds	r2, r2, r10
+	adcs	r3, r3, r11
+	adcs	r4, r4, r12
+	adcs	r5, r5, lr
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	and	r1, r1, #0x10000000
+	adcs	r8, r8, #0
+	adc	r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
 #else
-	strd	r4, r5, [r0, #16]
+	bfc	r9, #28, #4
 #endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	ldr	r0, [sp, #68]
+	# Store result
+	str	r2, [r0]
+	str	r3, [r0, #4]
+	str	r4, [r0, #8]
+	str	r5, [r0, #12]
+	str	r6, [r0, #16]
+	str	r7, [r0, #20]
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
-#else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
-#endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	add	sp, sp, #0x60
+	add	sp, sp, #0x50
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_ge_add,.-fe_ge_add
+	.size	sc_muladd,.-sc_muladd
+#else
 	.text
 	.align	4
-	.globl	fe_ge_sub
-	.type	fe_ge_sub, %function
-fe_ge_sub:
+	.globl	sc_muladd
+	.type	sc_muladd, %function
+sc_muladd:
 	push	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
-	sub	sp, sp, #0x60
-	str	r0, [sp]
-	str	r1, [sp, #4]
-	str	r2, [sp, #8]
-	str	r3, [sp, #12]
-	ldr	r0, [sp]
-	ldr	r1, [sp, #136]
-	ldr	r2, [sp, #132]
-	# Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	adds	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	adcs	r8, r4, r8
-	adcs	r9, r5, r9
-	adcs	r10, r6, r10
-	adc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp, #136]
-	ldr	r2, [sp, #132]
-	# Sub
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2]
-	ldr	r9, [r2, #4]
-#else
-	ldrd	r8, r9, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #8]
-	ldr	r11, [r2, #12]
-#else
-	ldrd	r10, r11, [r2, #8]
-#endif
-	subs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbcs	r11, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #8]
-	str	r11, [r0, #12]
-#else
-	strd	r10, r11, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #24]
-	ldr	r7, [r1, #28]
-#else
-	ldrd	r6, r7, [r1, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r2, #16]
-	ldr	r9, [r2, #20]
-#else
-	ldrd	r8, r9, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r2, #24]
-	ldr	r11, [r2, #28]
-#else
-	ldrd	r10, r11, [r2, #24]
-#endif
-	sbcs	r8, r4, r8
-	sbcs	r9, r5, r9
-	sbcs	r10, r6, r10
-	sbc	r11, r7, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-	adcs	r6, r6, r3
-	adcs	r7, r7, r3
-	adcs	r8, r8, r3
-	adcs	r9, r9, r3
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
-#else
-	strd	r6, r7, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
-#else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r2, [sp, #160]
-	ldr	r1, [sp]
-	ldr	r0, [sp, #8]
-	bl	fe_mul
-	ldr	r2, [sp, #156]
-	ldr	r1, [sp, #4]
-	ldr	r0, [sp, #4]
-	bl	fe_mul
-	ldr	r2, [sp, #144]
-	ldr	r1, [sp, #152]
-	ldr	r0, [sp, #12]
-	bl	fe_mul
-	ldr	r2, [sp, #148]
-	ldr	r1, [sp, #140]
-	ldr	r0, [sp]
-	bl	fe_mul
-	add	r0, sp, #16
-	ldr	r1, [sp]
-	# Double
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r1, #8]
-	ldr	r7, [r1, #12]
-#else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
-#else
-	ldrd	r10, r11, [r1, #24]
-#endif
-	adds	r4, r4, r4
-	adcs	r5, r5, r5
-	adcs	r6, r6, r6
-	adcs	r7, r7, r7
-	adcs	r8, r8, r8
-	adcs	r9, r9, r9
-	adcs	r10, r10, r10
-	adc	r11, r11, r11
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-	sbcs	r6, r6, r3
-	sbcs	r7, r7, r3
-	sbcs	r8, r8, r3
-	sbcs	r9, r9, r3
-	sbcs	r10, r10, r3
-	sbc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
+	sub	sp, sp, #0x50
+	add	lr, sp, #0x44
+	stm	lr, {r0, r1, r3}
+	mov	lr, r2
+	ldm	r1, {r0, r1, r2, r3}
+	ldm	lr!, {r4, r5, r6}
+	umull	r10, r11, r0, r4
+	umull	r12, r7, r1, r4
+	umaal	r11, r12, r0, r5
+	umull	r8, r9, r2, r4
+	umaal	r12, r8, r1, r5
+	umaal	r12, r7, r0, r6
+	umaal	r8, r9, r3, r4
+	stm	sp, {r10, r11, r12}
+	umaal	r7, r8, r2, r5
+	ldm	lr!, {r4}
+	umull	r10, r11, r1, r6
+	umaal	r8, r9, r2, r6
+	umaal	r7, r10, r0, r4
+	umaal	r8, r11, r3, r5
+	str	r7, [sp, #12]
+	umaal	r8, r10, r1, r4
+	umaal	r9, r11, r3, r6
+	umaal	r9, r10, r2, r4
+	umaal	r10, r11, r3, r4
+	ldm	lr, {r4, r5, r6, r7}
+	mov	r12, #0
+	umlal	r8, r12, r0, r4
+	umaal	r9, r12, r1, r4
+	umaal	r10, r12, r2, r4
+	umaal	r11, r12, r3, r4
+	mov	r4, #0
+	umlal	r9, r4, r0, r5
+	umaal	r10, r4, r1, r5
+	umaal	r11, r4, r2, r5
+	umaal	r12, r4, r3, r5
+	mov	r5, #0
+	umlal	r10, r5, r0, r6
+	umaal	r11, r5, r1, r6
+	umaal	r12, r5, r2, r6
+	umaal	r4, r5, r3, r6
+	mov	r6, #0
+	umlal	r11, r6, r0, r7
+	ldr	r0, [sp, #72]
+	umaal	r12, r6, r1, r7
+	add	r0, r0, #16
+	umaal	r4, r6, r2, r7
+	sub	lr, lr, #16
+	umaal	r5, r6, r3, r7
+	ldm	r0, {r0, r1, r2, r3}
+	str	r6, [sp, #64]
+	ldm	lr!, {r6}
+	mov	r7, #0
+	umlal	r8, r7, r0, r6
+	umaal	r9, r7, r1, r6
+	str	r8, [sp, #16]
+	umaal	r10, r7, r2, r6
+	umaal	r11, r7, r3, r6
+	ldm	lr!, {r6}
+	mov	r8, #0
+	umlal	r9, r8, r0, r6
+	umaal	r10, r8, r1, r6
+	str	r9, [sp, #20]
+	umaal	r11, r8, r2, r6
+	umaal	r12, r8, r3, r6
+	ldm	lr!, {r6}
+	mov	r9, #0
+	umlal	r10, r9, r0, r6
+	umaal	r11, r9, r1, r6
+	str	r10, [sp, #24]
+	umaal	r12, r9, r2, r6
+	umaal	r4, r9, r3, r6
+	ldm	lr!, {r6}
+	mov	r10, #0
+	umlal	r11, r10, r0, r6
+	umaal	r12, r10, r1, r6
+	str	r11, [sp, #28]
+	umaal	r4, r10, r2, r6
+	umaal	r5, r10, r3, r6
+	ldm	lr!, {r11}
+	umaal	r12, r7, r0, r11
+	umaal	r4, r7, r1, r11
+	ldr	r6, [sp, #64]
+	umaal	r5, r7, r2, r11
+	umaal	r6, r7, r3, r11
+	ldm	lr!, {r11}
+	umaal	r4, r8, r0, r11
+	umaal	r5, r8, r1, r11
+	umaal	r6, r8, r2, r11
+	umaal	r7, r8, r3, r11
+	ldm	lr, {r11, lr}
+	umaal	r5, r9, r0, r11
+	umaal	r6, r10, r0, lr
+	umaal	r6, r9, r1, r11
+	umaal	r7, r10, r1, lr
+	umaal	r7, r9, r2, r11
+	umaal	r8, r10, r2, lr
+	umaal	r8, r9, r3, r11
+	umaal	r9, r10, r3, lr
+	mov	r3, r12
+	add	lr, sp, #32
+	stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	mov	r0, sp
+	# Add c to a * b
+	ldr	lr, [sp, #76]
+	ldm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ldm	lr!, {r1, r10, r11, r12}
+	adds	r2, r2, r1
+	adcs	r3, r3, r10
+	adcs	r4, r4, r11
+	adcs	r5, r5, r12
+	ldm	lr!, {r1, r10, r11, r12}
+	adcs	r6, r6, r1
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adcs	r9, r9, r12
+	mov	r1, r9
+	stm	r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ldm	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	adcs	r2, r2, #0
+	adcs	r3, r3, #0
+	adcs	r4, r4, #0
+	adcs	r5, r5, #0
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	sub	r0, r0, #32
+	# Get 252..503 and 504..507
+	lsr	lr, r9, #24
+	lsl	r9, r9, #4
+	orr	r9, r9, r8, LSR #28
+	lsl	r8, r8, #4
+	orr	r8, r8, r7, LSR #28
+	lsl	r7, r7, #4
+	orr	r7, r7, r6, LSR #28
+	lsl	r6, r6, #4
+	orr	r6, r6, r5, LSR #28
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, LSR #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, LSR #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, LSR #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, LSR #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	# Add order times bits 504..507
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xa3
+	lsl	r10, r10, #8
+	orr	r10, r10, #10
+	lsl	r10, r10, #8
+	orr	r10, r10, #44
+	lsl	r10, r10, #8
+	orr	r10, r10, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x2c
+	lsl	r10, r10, #8
+	add	r10, r10, #0x13
+#else
+	mov	r10, #0x2c13
+#endif
+	movt	r10, #0xa30a
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xa7
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xed
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x9c
+	lsl	r11, r11, #8
+	orr	r11, r11, #0xe5
 #else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r6, [r0, #8]
-	str	r7, [r0, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x9c
+	lsl	r11, r11, #8
+	add	r11, r11, #0xe5
 #else
-	strd	r6, r7, [r0, #8]
+	mov	r11, #0x9ce5
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
+	movt	r11, #0xa7ed
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r0, #24]
-	str	r11, [r0, #28]
+	mov	r1, #0
+	umlal	r2, r1, r10, lr
+	umaal	r3, r1, r11, lr
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5d
+	lsl	r10, r10, #8
+	orr	r10, r10, #8
+	lsl	r10, r10, #8
+	orr	r10, r10, #0x63
+	lsl	r10, r10, #8
+	orr	r10, r10, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x63
+	lsl	r10, r10, #8
+	add	r10, r10, #0x29
+#else
+	mov	r10, #0x6329
+#endif
+	movt	r10, #0x5d08
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0xeb
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
+	lsl	r11, r11, #8
+	orr	r11, r11, #6
+	lsl	r11, r11, #8
+	orr	r11, r11, #33
 #else
-	strd	r10, r11, [r0, #24]
-#endif
-	ldr	r0, [sp, #4]
-	ldr	r1, [sp]
-	ldr	r2, [sp, #8]
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x6
+	lsl	r11, r11, #8
+	add	r11, r11, #0x21
 #else
-	ldrd	r4, r5, [r2]
+	mov	r11, #0x621
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
-#else
-	ldrd	r6, r7, [r0]
+	movt	r11, #0xeb21
 #endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
+	umaal	r4, r1, r10, lr
+	umaal	r5, r1, r11, lr
+	adds	r6, r6, r1
+	adcs	r7, r7, #0
+	adcs	r8, r8, #0
+	adc	r9, r9, #0
+	subs	r6, r6, lr
+	sbcs	r7, r7, #0
+	sbcs	r8, r8, #0
+	sbc	r9, r9, #0
+	# Sub product of top 8 words and order
+	mov	r12, sp
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
+#else
+	mov	r1, #0x2c13
+#endif
+	movt	r1, #0xa30a
 #endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
-#else
-	ldrd	r4, r5, [r2, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
+	ldm	r0!, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r0!, {r10, r11}
+	umaal	r10, lr, r8, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r11, r11, #0xf0000000
+#else
+	bfc	r11, #28, #4
+#endif
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r0, r0, #16
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
-#else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
-#else
-	ldrd	r4, r5, [r2, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
-#else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
-#else
-	strd	r10, r11, [r1, #16]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
-#else
-	ldrd	r6, r7, [r0, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
-#else
-	ldrd	r4, r5, [r0]
-#endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
-#else
-	ldrd	r4, r5, [r0, #8]
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #8]
-	str	r5, [r0, #12]
+	mov	lr, #0
+	ldm	r12, {r10, r11}
+	umlal	r10, lr, r2, r1
+	umaal	r11, lr, r3, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r4, r1
+	umaal	r11, lr, r5, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r6, r1
+	umaal	r11, lr, r7, r1
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	umaal	r10, lr, r8, r1
+	umaal	r11, lr, r9, r1
+	stm	r12!, {r10, r11, lr}
+	sub	r12, r12, #32
+	# Subtract at 4 * 32
+	ldm	r12, {r10, r11}
+	subs	r10, r10, r2
+	sbcs	r11, r11, r3
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r4
+	sbcs	r11, r11, r5
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r6
+	sbcs	r11, r11, r7
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	sbcs	r10, r10, r8
+	sbc	r11, r11, r9
+	stm	r12!, {r10, r11}
+	sub	r12, r12, #36
+	asr	lr, r11, #25
+	# Conditionally subtract order starting at bit 125
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa00000
+	lsl	r1, r1, #8
+	add	r1, r1, #0x0
+#else
+	mov	r1, #0xa0000000
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0x4b
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x9e
+	lsl	r2, r2, #8
+	orr	r2, r2, #0xba
+	lsl	r2, r2, #8
+	orr	r2, r2, #0x7d
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r2, #0xba
+	lsl	r2, r2, #8
+	add	r2, r2, #0x7d
+#else
+	mov	r2, #0xba7d
+#endif
+	movt	r2, #0x4b9e
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0xcb
+	lsl	r3, r3, #8
+	orr	r3, r3, #2
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x4c
+	lsl	r3, r3, #8
+	orr	r3, r3, #0x63
 #else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r3, #0x4c
+	lsl	r3, r3, #8
+	add	r3, r3, #0x63
 #else
-	ldrd	r4, r5, [r0, #16]
+	mov	r3, #0x4c63
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
+	movt	r3, #0xcb02
 #endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #24]
-	str	r9, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xd4
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x5e
+	lsl	r4, r4, #8
+	orr	r4, r4, #0xf3
+	lsl	r4, r4, #8
+	orr	r4, r4, #0x9a
 #else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r4, #0xf3
+	lsl	r4, r4, #8
+	add	r4, r4, #0x9a
 #else
-	ldrd	r4, r5, [r1]
+	mov	r4, #0xf39a
 #endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
+	movt	r4, #0xd45e
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #2
+	lsl	r5, r5, #8
+	orr	r5, r5, #0x9b
+	lsl	r5, r5, #8
+	orr	r5, r5, #0xdf
+	lsl	r5, r5, #8
+	orr	r5, r5, #59
 #else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r5, #0xdf
+	lsl	r5, r5, #8
+	add	r5, r5, #0x3b
 #else
-	strd	r4, r5, [r1, #8]
+	mov	r5, #0xdf3b
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
+	movt	r5, #0x29b
 #endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r9, #0x20000
+	lsl	r9, r9, #8
+	add	r9, r9, #0x0
 #else
-	strd	r4, r5, [r1, #16]
+	mov	r9, #0x2000000
 #endif
+	and	r1, r1, lr
+	and	r2, r2, lr
+	and	r3, r3, lr
+	and	r4, r4, lr
+	and	r5, r5, lr
+	and	r9, r9, lr
+	ldm	r12, {r10, r11}
+	adds	r10, r10, r1
+	adcs	r11, r11, r2
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
 	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	ldr	r0, [sp, #12]
-	ldr	r1, [sp, #8]
-	add	r2, sp, #16
-	# Add-Sub
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2]
-	ldr	r5, [r2, #4]
+	adcs	r11, r11, r4
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, r5
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10, r11}
+	adcs	r10, r10, #0
+	adcs	r11, r11, #0
+	stm	r12!, {r10, r11}
+	ldm	r12, {r10}
+	adcs	r10, r10, #0
+	stm	r12!, {r10}
+	sub	r0, r0, #16
+	mov	r12, sp
+	# Load bits 252-376
+	add	r12, r12, #28
+	ldm	r12, {r1, r2, r3, r4, r5}
+	lsl	r5, r5, #4
+	orr	r5, r5, r4, lsr #28
+	lsl	r4, r4, #4
+	orr	r4, r4, r3, lsr #28
+	lsl	r3, r3, #4
+	orr	r3, r3, r2, lsr #28
+	lsl	r2, r2, #4
+	orr	r2, r2, r1, lsr #28
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r5, r5, #0xe0000000
+#else
+	bfc	r5, #29, #3
+#endif
+	sub	r12, r12, #28
+	# Sub product of top 4 words and order
+	mov	r0, sp
+	#   * -5cf5d3ed
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa3
+	lsl	r1, r1, #8
+	orr	r1, r1, #10
+	lsl	r1, r1, #8
+	orr	r1, r1, #44
+	lsl	r1, r1, #8
+	orr	r1, r1, #19
 #else
-	ldrd	r4, r5, [r2]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0]
-	ldr	r7, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x2c
+	lsl	r1, r1, #8
+	add	r1, r1, #0x13
 #else
-	ldrd	r6, r7, [r0]
+	mov	r1, #0x2c13
 #endif
-	adds	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0]
-	str	r9, [r0, #4]
-#else
-	strd	r8, r9, [r0]
+	movt	r1, #0xa30a
 #endif
-	#  Sub
-	subs	r10, r4, r6
 	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1]
-	str	r11, [r1, #4]
-#else
-	strd	r10, r11, [r1]
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, lr, r2, r1
+	umaal	r7, lr, r3, r1
+	umaal	r8, lr, r4, r1
+	umaal	r9, lr, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -5812631b
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xa7
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xed
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x9c
+	lsl	r1, r1, #8
+	orr	r1, r1, #0xe5
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x9c
+	lsl	r1, r1, #8
+	add	r1, r1, #0xe5
+#else
+	mov	r1, #0x9ce5
+#endif
+	movt	r1, #0xa7ed
 #endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #8]
-	ldr	r5, [r2, #12]
-#else
-	ldrd	r4, r5, [r2, #8]
+	mov	r10, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r10, r2, r1
+	umaal	r7, r10, r3, r1
+	umaal	r8, r10, r4, r1
+	umaal	r9, r10, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -a2f79cd7
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x5d
+	lsl	r1, r1, #8
+	orr	r1, r1, #8
+	lsl	r1, r1, #8
+	orr	r1, r1, #0x63
+	lsl	r1, r1, #8
+	orr	r1, r1, #41
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x63
+	lsl	r1, r1, #8
+	add	r1, r1, #0x29
+#else
+	mov	r1, #0x6329
+#endif
+	movt	r1, #0x5d08
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #8]
-	ldr	r7, [r0, #12]
-#else
-	ldrd	r6, r7, [r0, #8]
+	mov	r11, #0
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r11, r2, r1
+	umaal	r7, r11, r3, r1
+	umaal	r8, r11, r4, r1
+	umaal	r9, r11, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	#   * -14def9df
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0xeb
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+	lsl	r1, r1, #8
+	orr	r1, r1, #6
+	lsl	r1, r1, #8
+	orr	r1, r1, #33
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r1, #0x6
+	lsl	r1, r1, #8
+	add	r1, r1, #0x21
+#else
+	mov	r1, #0x621
+#endif
+	movt	r1, #0xeb21
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
 	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #8]
-	str	r9, [r0, #12]
-#else
-	strd	r8, r9, [r0, #8]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #8]
-	str	r11, [r1, #12]
+	ldm	r0, {r6, r7, r8, r9}
+	umlal	r6, r12, r2, r1
+	umaal	r7, r12, r3, r1
+	umaal	r8, r12, r4, r1
+	umaal	r9, r12, r5, r1
+	stm	r0, {r6, r7, r8, r9}
+	add	r0, r0, #4
+	# Add overflows at 4 * 32
+	ldm	r0, {r6, r7, r8, r9}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
+#else
+	bfc	r9, #28, #4
+#endif
+	adds	r6, r6, lr
+	adcs	r7, r7, r10
+	adcs	r8, r8, r11
+	adc	r9, r9, r12
+	# Subtract top at 4 * 32
+	subs	r6, r6, r2
+	sbcs	r7, r7, r3
+	sbcs	r8, r8, r4
+	sbcs	r9, r9, r5
+	sbc	r1, r1, r1
+	sub	r0, r0, #16
+	ldm	r0, {r2, r3, r4, r5}
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0x5c
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xf5
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xd3
+	lsl	r10, r10, #8
+	orr	r10, r10, #0xed
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r10, #0xd3
+	lsl	r10, r10, #8
+	add	r10, r10, #0xed
+#else
+	mov	r10, #0xd3ed
+#endif
+	movt	r10, #0x5cf5
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x58
+	lsl	r11, r11, #8
+	orr	r11, r11, #18
+	lsl	r11, r11, #8
+	orr	r11, r11, #0x63
+	lsl	r11, r11, #8
+	orr	r11, r11, #26
 #else
-	strd	r10, r11, [r1, #8]
-#endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #16]
-	ldr	r5, [r2, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r11, #0x63
+	lsl	r11, r11, #8
+	add	r11, r11, #0x1a
 #else
-	ldrd	r4, r5, [r2, #16]
+	mov	r11, #0x631a
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #16]
-	ldr	r7, [r0, #20]
-#else
-	ldrd	r6, r7, [r0, #16]
+	movt	r11, #0x5812
 #endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	mov	r12, #0
-	adcs	r9, r5, r7
-	adc	r12, r12, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r8, [r0, #16]
-	str	r9, [r0, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0xa2
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xf7
+	lsl	r12, r12, #8
+	orr	r12, r12, #0x9c
+	lsl	r12, r12, #8
+	orr	r12, r12, #0xd6
 #else
-	strd	r8, r9, [r0, #16]
-#endif
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	mov	lr, #0
-	sbcs	r11, r5, r7
-	adc	lr, lr, #0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #16]
-	str	r11, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	r12, #0x9c
+	lsl	r12, r12, #8
+	add	r12, r12, #0xd6
 #else
-	strd	r10, r11, [r1, #16]
+	mov	r12, #0x9cd6
 #endif
-	#  Add
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r2, #24]
-	ldr	r5, [r2, #28]
-#else
-	ldrd	r4, r5, [r2, #24]
+	movt	r12, #0xa2f7
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r6, [r0, #24]
-	ldr	r7, [r0, #28]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #20
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xf9
+	lsl	lr, lr, #8
+	orr	lr, lr, #0xde
 #else
-	ldrd	r6, r7, [r0, #24]
-#endif
-	adds	r12, r12, #-1
-	adcs	r8, r4, r6
-	adc	r9, r5, r7
-	#  Sub
-	adds	lr, lr, #-1
-	sbcs	r10, r4, r6
-	sbc	r11, r5, r7
-	mov	r12, #-19
-	asr	r3, r9, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Sub modulus (if overflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0]
-	ldr	r5, [r0, #4]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	mov	lr, #0xf9
+	lsl	lr, lr, #8
+	add	lr, lr, #0xde
 #else
-	ldrd	r4, r5, [r0]
+	mov	lr, #0xf9de
 #endif
-	subs	r4, r4, r12
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0]
-	str	r5, [r0, #4]
-#else
-	strd	r4, r5, [r0]
+	movt	lr, #0x14de
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #8]
-	ldr	r5, [r0, #12]
+	and	r10, r10, r1
+	and	r11, r11, r1
+	and	r12, r12, r1
+	and	lr, lr, r1
+	adds	r2, r2, r10
+	adcs	r3, r3, r11
+	adcs	r4, r4, r12
+	adcs	r5, r5, lr
+	adcs	r6, r6, #0
+	adcs	r7, r7, #0
+	and	r1, r1, #0x10000000
+	adcs	r8, r8, #0
+	adc	r9, r9, r1
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	bic	r9, r9, #0xf0000000
 #else
-	ldrd	r4, r5, [r0, #8]
+	bfc	r9, #28, #4
 #endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	ldr	r0, [sp, #68]
+	# Store result
+	str	r2, [r0]
+	str	r3, [r0, #4]
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
-#else
-	strd	r4, r5, [r0, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r0, #16]
-	ldr	r5, [r0, #20]
-#else
-	ldrd	r4, r5, [r0, #16]
-#endif
-	sbcs	r4, r4, r3
-	sbcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r0, #16]
-	str	r5, [r0, #20]
-#else
-	strd	r4, r5, [r0, #16]
-#endif
-	sbcs	r8, r8, r3
-	sbc	r9, r9, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	str	r6, [r0, #16]
+	str	r7, [r0, #20]
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
-#else
-	strd	r8, r9, [r0, #24]
-#endif
-	mov	r12, #-19
-	asr	r3, r11, #31
-	#   Mask the modulus
-	and	r12, r3, r12
-	and	lr, r3, #0x7fffffff
-	#   Add modulus (if underflow)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1]
-	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-	adds	r4, r4, r12
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1]
-	str	r5, [r1, #4]
-#else
-	strd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #8]
-	ldr	r5, [r1, #12]
-#else
-	ldrd	r4, r5, [r1, #8]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #8]
-	str	r5, [r1, #12]
-#else
-	strd	r4, r5, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r4, [r1, #16]
-	ldr	r5, [r1, #20]
-#else
-	ldrd	r4, r5, [r1, #16]
-#endif
-	adcs	r4, r4, r3
-	adcs	r5, r5, r3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r4, [r1, #16]
-	str	r5, [r1, #20]
-#else
-	strd	r4, r5, [r1, #16]
-#endif
-	adcs	r10, r10, r3
-	adc	r11, r11, lr
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	str	r10, [r1, #24]
-	str	r11, [r1, #28]
-#else
-	strd	r10, r11, [r1, #24]
-#endif
-	add	sp, sp, #0x60
+	add	sp, sp, #0x50
 	pop	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
-	.size	fe_ge_sub,.-fe_ge_sub
+	.size	sc_muladd,.-sc_muladd
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
 
-#endif /* HAVE_CURVE25519 */
-#endif /* !__aarch64__ */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
 
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
index 4862f759..8981d4f0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-curve25519_c.c
@@ -28,33 +28,382 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
 #include <stdint.h>
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+/* Based on work by: Emil Lenngren
+ * https://github.com/pornin/X25519-Cortex-M4
+ */
+
 #include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
 
-#ifdef HAVE_CURVE25519
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
 
 void fe_init()
 {
-
     __asm__ __volatile__ (
         "\n\t"
-        : 
         :
-        : "memory"
+        :
+        : "memory", "cc"
     );
 }
 
+void fe_add_sub_op(void);
+void fe_add_sub_op()
+{
+    __asm__ __volatile__ (
+        /* Add-Sub */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r2]\n\t"
+        "ldr	r5, [r2, #4]\n\t"
+#else
+        "ldrd	r4, r5, [r2]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [r3]\n\t"
+        "ldr	r7, [r3, #4]\n\t"
+#else
+        "ldrd	r6, r7, [r3]\n\t"
+#endif
+        /*  Add */
+        "adds	r8, r4, r6\n\t"
+        "mov	r12, #0\n\t"
+        "adcs	r9, r5, r7\n\t"
+        "adc	r12, r12, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [r0]\n\t"
+        "str	r9, [r0, #4]\n\t"
+#else
+        "strd	r8, r9, [r0]\n\t"
+#endif
+        /*  Sub */
+        "subs	r10, r4, r6\n\t"
+        "sbcs	r11, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r10, [r1]\n\t"
+        "str	r11, [r1, #4]\n\t"
+#else
+        "strd	r10, r11, [r1]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r2, #8]\n\t"
+        "ldr	r5, [r2, #12]\n\t"
+#else
+        "ldrd	r4, r5, [r2, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [r3, #8]\n\t"
+        "ldr	r7, [r3, #12]\n\t"
+#else
+        "ldrd	r6, r7, [r3, #8]\n\t"
+#endif
+        /*  Sub */
+        "sbcs	r10, r4, r6\n\t"
+        "mov	lr, #0\n\t"
+        "sbcs	r11, r5, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r10, [r1, #8]\n\t"
+        "str	r11, [r1, #12]\n\t"
+#else
+        "strd	r10, r11, [r1, #8]\n\t"
+#endif
+        /*  Add */
+        "subs	r12, r12, #1\n\t"
+        "adcs	r8, r4, r6\n\t"
+        "adcs	r9, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [r0, #8]\n\t"
+        "str	r9, [r0, #12]\n\t"
+#else
+        "strd	r8, r9, [r0, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r2, #16]\n\t"
+        "ldr	r5, [r2, #20]\n\t"
+#else
+        "ldrd	r4, r5, [r2, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [r3, #16]\n\t"
+        "ldr	r7, [r3, #20]\n\t"
+#else
+        "ldrd	r6, r7, [r3, #16]\n\t"
+#endif
+        /*  Add */
+        "adcs	r8, r4, r6\n\t"
+        "mov	r12, #0\n\t"
+        "adcs	r9, r5, r7\n\t"
+        "adc	r12, r12, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [r0, #16]\n\t"
+        "str	r9, [r0, #20]\n\t"
+#else
+        "strd	r8, r9, [r0, #16]\n\t"
+#endif
+        /*  Sub */
+        "subs	lr, lr, #1\n\t"
+        "sbcs	r10, r4, r6\n\t"
+        "sbcs	r11, r5, r7\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r10, [r1, #16]\n\t"
+        "str	r11, [r1, #20]\n\t"
+#else
+        "strd	r10, r11, [r1, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r2, #24]\n\t"
+        "ldr	r5, [r2, #28]\n\t"
+#else
+        "ldrd	r4, r5, [r2, #24]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [r3, #24]\n\t"
+        "ldr	r7, [r3, #28]\n\t"
+#else
+        "ldrd	r6, r7, [r3, #24]\n\t"
+#endif
+        /*  Sub */
+        "sbcs	r10, r4, r6\n\t"
+        "sbcs	r11, r5, r7\n\t"
+        "sbc	lr, lr, lr\n\t"
+        /*  Add */
+        "subs	r12, r12, #1\n\t"
+        "adcs	r8, r4, r6\n\t"
+        "mov	r12, #0\n\t"
+        "adcs	r9, r5, r7\n\t"
+        "adc	r12, r12, #0\n\t"
+        /*   Multiply -modulus by overflow */
+        "lsl	r3, r12, #1\n\t"
+        "mov	r12, #19\n\t"
+        "orr	r3, r3, r9, lsr #31\n\t"
+        "mul	r12, r3, r12\n\t"
+        /*   Add -x*modulus (if overflow) */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r0]\n\t"
+        "ldr	r5, [r0, #4]\n\t"
+#else
+        "ldrd	r4, r5, [r0]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r6, [r0, #8]\n\t"
+        "ldr	r7, [r0, #12]\n\t"
+#else
+        "ldrd	r6, r7, [r0, #8]\n\t"
+#endif
+        "adds	r4, r4, r12\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [r0]\n\t"
+        "str	r5, [r0, #4]\n\t"
+#else
+        "strd	r4, r5, [r0]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [r0, #8]\n\t"
+        "str	r7, [r0, #12]\n\t"
+#else
+        "strd	r6, r7, [r0, #8]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "ldr	r4, [r0, #16]\n\t"
+        "ldr	r5, [r0, #20]\n\t"
+#else
+        "ldrd	r4, r5, [r0, #16]\n\t"
+#endif
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [r0, #16]\n\t"
+        "str	r5, [r0, #20]\n\t"
+#else
+        "strd	r4, r5, [r0, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
+#else
+        "bfc	r9, #31, #1\n\t"
+#endif
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [r0, #24]\n\t"
+        "str	r9, [r0, #28]\n\t"
+#else
+        "strd	r8, r9, [r0, #24]\n\t"
+#endif
+        /*   Multiply -modulus by underflow */
+        "lsl	r3, lr, #1\n\t"
+        "mvn	lr, #18\n\t"
+        "orr	r3, r3, r11, lsr #31\n\t"
+        "mul	lr, r3, lr\n\t"
+        /*   Sub -x*modulus (if overflow) */
+        "ldm	r1, {r4, r5, r6, r7, r8, r9}\n\t"
+        "subs	r4, r4, lr\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
+#else
+        "bfc	r11, #31, #1\n\t"
+#endif
+        "sbcs	r10, r10, #0\n\t"
+        "sbc	r11, r11, #0\n\t"
+        "stm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Add-Sub */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+void fe_sub_op(void);
+void fe_sub_op()
+{
+    __asm__ __volatile__ (
+        /* Sub */
+        "ldm	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        "ldm	r1!, {r2, r3, r4, r5}\n\t"
+        "subs	r6, r2, r6\n\t"
+        "sbcs	r7, r3, r7\n\t"
+        "sbcs	r8, r4, r8\n\t"
+        "sbcs	r9, r5, r9\n\t"
+        "ldm	r1!, {r2, r3, r4, r5}\n\t"
+        "sbcs	r10, r2, r10\n\t"
+        "sbcs	r11, r3, r11\n\t"
+        "sbcs	r12, r4, r12\n\t"
+        "sbcs	lr, r5, lr\n\t"
+        "sbc	r3, r3, r3\n\t"
+        "mvn	r2, #18\n\t"
+        "lsl	r3, r3, #1\n\t"
+        "orr	r3, r3, lr, lsr #31\n\t"
+        "mul	r2, r3, r2\n\t"
+        "subs	r6, r6, r2\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+        "sbcs	r10, r10, #0\n\t"
+        "sbcs	r11, r11, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	lr, lr, #0x80000000\n\t"
+#else
+        "bfc	lr, #31, #1\n\t"
+#endif
+        "sbcs	r12, r12, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
+        "stm	r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        /* Done Sub */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+void fe_sub(fe r_p, const fe a_p, const fe b_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+    register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+    __asm__ __volatile__ (
+        "bl	fe_sub_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+void fe_add_op(void);
+void fe_add_op()
+{
+    __asm__ __volatile__ (
+        /* Add */
+        "ldm	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        "ldm	r1!, {r2, r3, r4, r5}\n\t"
+        "adds	r6, r2, r6\n\t"
+        "adcs	r7, r3, r7\n\t"
+        "adcs	r8, r4, r8\n\t"
+        "adcs	r9, r5, r9\n\t"
+        "ldm	r1!, {r2, r3, r4, r5}\n\t"
+        "adcs	r10, r2, r10\n\t"
+        "adcs	r11, r3, r11\n\t"
+        "adcs	r12, r4, r12\n\t"
+        "mov	r3, #0\n\t"
+        "adcs	lr, r5, lr\n\t"
+        "adc	r3, r3, #0\n\t"
+        "mov	r2, #19\n\t"
+        "lsl	r3, r3, #1\n\t"
+        "orr	r3, r3, lr, lsr #31\n\t"
+        "mul	r2, r3, r2\n\t"
+        "adds	r6, r6, r2\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	lr, lr, #0x80000000\n\t"
+#else
+        "bfc	lr, #31, #1\n\t"
+#endif
+        "adcs	r12, r12, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        /* Done Add */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+void fe_add(fe r_p, const fe a_p, const fe b_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+    register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+    __asm__ __volatile__ (
+        "bl	fe_add_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifdef HAVE_ED25519
 void fe_frombytes(fe out_p, const unsigned char* in_p)
 {
-    register fe out asm ("r0") = out_p;
-    register const unsigned char* in asm ("r1") = in_p;
+    register sword32* out asm ("r0") = (sword32*)out_p;
+    register const unsigned char* in asm ("r1") = (const unsigned char*)in_p;
 
     __asm__ __volatile__ (
         "ldr	r2, [%[in]]\n\t"
@@ -65,67 +414,32 @@ void fe_frombytes(fe out_p, const unsigned char* in_p)
         "ldr	r7, [%[in], #20]\n\t"
         "ldr	r8, [%[in], #24]\n\t"
         "ldr	r9, [%[in], #28]\n\t"
-        "and	r9, r9, #0x7fffffff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[out]]\n\t"
-        "str	r3, [%[out], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
 #else
-        "strd	r2, r3, [%[out]]\n\t"
+        "bfc	r9, #31, #1\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        "str	r2, [%[out]]\n\t"
+        "str	r3, [%[out], #4]\n\t"
         "str	r4, [%[out], #8]\n\t"
         "str	r5, [%[out], #12]\n\t"
-#else
-        "strd	r4, r5, [%[out], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "str	r6, [%[out], #16]\n\t"
         "str	r7, [%[out], #20]\n\t"
-#else
-        "strd	r6, r7, [%[out], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "str	r8, [%[out], #24]\n\t"
         "str	r9, [%[out], #28]\n\t"
-#else
-        "strd	r8, r9, [%[out], #24]\n\t"
-#endif
         : [out] "+r" (out), [in] "+r" (in)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
 void fe_tobytes(unsigned char* out_p, const fe n_p)
 {
-    register unsigned char* out asm ("r0") = out_p;
-    register const fe n asm ("r1") = n_p;
+    register unsigned char* out asm ("r0") = (unsigned char*)out_p;
+    register const sword32* n asm ("r1") = (const sword32*)n_p;
 
     __asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[n]]\n\t"
-        "ldr	r3, [%[n], #4]\n\t"
-#else
-        "ldrd	r2, r3, [%[n]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[n], #8]\n\t"
-        "ldr	r5, [%[n], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[n], #16]\n\t"
-        "ldr	r7, [%[n], #20]\n\t"
-#else
-        "ldrd	r6, r7, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[n], #24]\n\t"
-        "ldr	r9, [%[n], #28]\n\t"
-#else
-        "ldrd	r8, r9, [%[n], #24]\n\t"
-#endif
+        "ldm	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         "adds	r12, r2, #19\n\t"
         "adcs	r12, r3, #0\n\t"
         "adcs	r12, r4, #0\n\t"
@@ -144,164 +458,117 @@ void fe_tobytes(unsigned char* out_p, const fe n_p)
         "adcs	r7, r7, #0\n\t"
         "adcs	r8, r8, #0\n\t"
         "adc	r9, r9, #0\n\t"
-        "and	r9, r9, #0x7fffffff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[out]]\n\t"
-        "str	r3, [%[out], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
 #else
-        "strd	r2, r3, [%[out]]\n\t"
+        "bfc	r9, #31, #1\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        "str	r2, [%[out]]\n\t"
+        "str	r3, [%[out], #4]\n\t"
         "str	r4, [%[out], #8]\n\t"
         "str	r5, [%[out], #12]\n\t"
-#else
-        "strd	r4, r5, [%[out], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "str	r6, [%[out], #16]\n\t"
         "str	r7, [%[out], #20]\n\t"
-#else
-        "strd	r6, r7, [%[out], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "str	r8, [%[out], #24]\n\t"
         "str	r9, [%[out], #28]\n\t"
-#else
-        "strd	r8, r9, [%[out], #24]\n\t"
-#endif
         : [out] "+r" (out), [n] "+r" (n)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "cc"
     );
 }
 
 void fe_1(fe n_p)
 {
-    register fe n asm ("r0") = n_p;
+    register sword32* n asm ("r0") = (sword32*)n_p;
 
     __asm__ __volatile__ (
         /* Set one */
         "mov	r2, #1\n\t"
         "mov	r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n]]\n\t"
-        "str	r3, [%[n], #4]\n\t"
-#else
-        "strd	r2, r3, [%[n]]\n\t"
-#endif
-        "mov	r2, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #8]\n\t"
-        "str	r3, [%[n], #12]\n\t"
-#else
-        "strd	r2, r3, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #16]\n\t"
-        "str	r3, [%[n], #20]\n\t"
-#else
-        "strd	r2, r3, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #24]\n\t"
-        "str	r3, [%[n], #28]\n\t"
-#else
-        "strd	r2, r3, [%[n], #24]\n\t"
-#endif
+        "mov	r4, #0\n\t"
+        "mov	r5, #0\n\t"
+        "mov	r6, #0\n\t"
+        "mov	r7, #0\n\t"
+        "mov	r8, #0\n\t"
+        "mov	r9, #0\n\t"
+        "stm	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         : [n] "+r" (n)
         :
-        : "memory", "r2", "r3"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
 void fe_0(fe n_p)
 {
-    register fe n asm ("r0") = n_p;
+    register sword32* n asm ("r0") = (sword32*)n_p;
 
     __asm__ __volatile__ (
         /* Set zero */
         "mov	r2, #0\n\t"
         "mov	r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n]]\n\t"
-        "str	r3, [%[n], #4]\n\t"
-#else
-        "strd	r2, r3, [%[n]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #8]\n\t"
-        "str	r3, [%[n], #12]\n\t"
-#else
-        "strd	r2, r3, [%[n], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #16]\n\t"
-        "str	r3, [%[n], #20]\n\t"
-#else
-        "strd	r2, r3, [%[n], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[n], #24]\n\t"
-        "str	r3, [%[n], #28]\n\t"
-#else
-        "strd	r2, r3, [%[n], #24]\n\t"
-#endif
+        "mov	r4, #0\n\t"
+        "mov	r5, #0\n\t"
+        "mov	r6, #0\n\t"
+        "mov	r7, #0\n\t"
+        "mov	r8, #0\n\t"
+        "mov	r9, #0\n\t"
+        "stm	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         : [n] "+r" (n)
         :
-        : "memory", "r2", "r3"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
 void fe_copy(fe r_p, const fe a_p)
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
 
     __asm__ __volatile__ (
         /* Copy */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r2, [%[a]]\n\t"
         "ldr	r3, [%[a], #4]\n\t"
 #else
         "ldrd	r2, r3, [%[a]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #8]\n\t"
         "ldr	r5, [%[a], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[a], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r2, [%[r]]\n\t"
         "str	r3, [%[r], #4]\n\t"
 #else
         "strd	r2, r3, [%[r]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #8]\n\t"
         "str	r5, [%[r], #12]\n\t"
 #else
         "strd	r4, r5, [%[r], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r2, [%[a], #16]\n\t"
         "ldr	r3, [%[a], #20]\n\t"
 #else
         "ldrd	r2, r3, [%[a], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #24]\n\t"
         "ldr	r5, [%[a], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[a], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r2, [%[r], #16]\n\t"
         "str	r3, [%[r], #20]\n\t"
 #else
         "strd	r2, r3, [%[r], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #24]\n\t"
         "str	r5, [%[r], #28]\n\t"
 #else
@@ -309,380 +576,43 @@ void fe_copy(fe r_p, const fe a_p)
 #endif
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5"
-    );
-}
-
-void fe_sub(fe r_p, const fe a_p, const fe b_p)
-{
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
-    register const fe b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[b]]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#else
-        "ldrd	r8, r9, [%[b]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [%[b], #8]\n\t"
-        "ldr	r11, [%[b], #12]\n\t"
-#else
-        "ldrd	r10, r11, [%[b], #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r]]\n\t"
-        "str	r9, [%[r], #4]\n\t"
-#else
-        "strd	r8, r9, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #8]\n\t"
-        "str	r11, [%[r], #12]\n\t"
-#else
-        "strd	r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[b], #16]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#else
-        "ldrd	r8, r9, [%[b], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [%[b], #24]\n\t"
-        "ldr	r11, [%[b], #28]\n\t"
-#else
-        "ldrd	r10, r11, [%[b], #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	r3, r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, r3, r12\n\t"
-        "and	lr, r3, #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#else
-        "ldrd	r6, r7, [%[r], #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adcs	r7, r7, r3\n\t"
-        "adcs	r8, r8, r3\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-#else
-        "strd	r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
-    );
-}
-
-void fe_add(fe r_p, const fe a_p, const fe b_p)
-{
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
-    register const fe b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[b]]\n\t"
-        "ldr	r9, [%[b], #4]\n\t"
-#else
-        "ldrd	r8, r9, [%[b]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [%[b], #8]\n\t"
-        "ldr	r11, [%[b], #12]\n\t"
-#else
-        "ldrd	r10, r11, [%[b], #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r]]\n\t"
-        "str	r9, [%[r], #4]\n\t"
-#else
-        "strd	r8, r9, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #8]\n\t"
-        "str	r11, [%[r], #12]\n\t"
-#else
-        "strd	r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[b], #16]\n\t"
-        "ldr	r9, [%[b], #20]\n\t"
-#else
-        "ldrd	r8, r9, [%[b], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [%[b], #24]\n\t"
-        "ldr	r11, [%[b], #28]\n\t"
-#else
-        "ldrd	r10, r11, [%[b], #24]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	r3, r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, r3, r12\n\t"
-        "and	lr, r3, #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[r], #8]\n\t"
-        "ldr	r7, [%[r], #12]\n\t"
-#else
-        "ldrd	r6, r7, [%[r], #8]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, r3\n\t"
-        "sbcs	r6, r6, r3\n\t"
-        "sbcs	r7, r7, r3\n\t"
-        "sbcs	r8, r8, r3\n\t"
-        "sbcs	r9, r9, r3\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-#else
-        "strd	r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
 }
 
 void fe_neg(fe r_p, const fe a_p)
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
 
     __asm__ __volatile__ (
-        "mov	lr, #-1\n\t"
-        "mov	r12, #-19\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#else
-        "ldrd	r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #8]\n\t"
-#endif
+        "mvn	lr, #0\n\t"
+        "mvn	r12, #18\n\t"
+        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
         "subs	r2, r12, r2\n\t"
         "sbcs	r3, lr, r3\n\t"
         "sbcs	r4, lr, r4\n\t"
         "sbcs	r5, lr, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-#else
-        "strd	r2, r3, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#else
-        "strd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "mov	r12, #0x7fffff\n\t"
-        "lsl	r12, r12, #8\n\t"
-        "add	r12, r12, #0xff\n\t"
-#else
-        "mov	r12, #0x7fffffff\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-#else
-        "ldrd	r2, r3, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #24]\n\t"
-#endif
+        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
+        "mvn	r12, #0x80000000\n\t"
+        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
         "sbcs	r2, lr, r2\n\t"
         "sbcs	r3, lr, r3\n\t"
         "sbcs	r4, lr, r4\n\t"
         "sbc	r5, r12, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[r], #16]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-#else
-        "strd	r2, r3, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#else
-        "strd	r4, r5, [%[r], #24]\n\t"
-#endif
+        "stm	%[r]!, {r2, r3, r4, r5}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r12", "lr", "cc"
     );
 }
 
 int fe_isnonzero(const fe a_p)
 {
-    register const fe a asm ("r0") = a_p;
+    register const sword32* a asm ("r0") = (const sword32*)a_p;
 
     __asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#else
-        "ldrd	r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-#else
-        "ldrd	r8, r9, [%[a], #24]\n\t"
-#endif
+        "ldm	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         "adds	r1, r2, #19\n\t"
         "adcs	r1, r3, #0\n\t"
         "adcs	r1, r4, #0\n\t"
@@ -701,7 +631,11 @@ int fe_isnonzero(const fe a_p)
         "adcs	r7, r7, #0\n\t"
         "adcs	r8, r8, #0\n\t"
         "adc	r9, r9, #0\n\t"
-        "and	r9, r9, #0x7fffffff\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
+#else
+        "bfc	r9, #31, #1\n\t"
+#endif
         "orr	r2, r2, r3\n\t"
         "orr	r4, r4, r5\n\t"
         "orr	r6, r6, r7\n\t"
@@ -711,68 +645,58 @@ int fe_isnonzero(const fe a_p)
         "orr	%[a], r2, r4\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "cc"
     );
     return (uint32_t)(size_t)a;
 }
 
 int fe_isnegative(const fe a_p)
 {
-    register const fe a asm ("r0") = a_p;
+    register const sword32* a asm ("r0") = (const sword32*)a_p;
 
     __asm__ __volatile__ (
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#else
-        "ldrd	r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #8]\n\t"
-#endif
+        "ldm	%[a]!, {r2, r3, r4, r5}\n\t"
         "adds	r1, r2, #19\n\t"
         "adcs	r1, r3, #0\n\t"
         "adcs	r1, r4, #0\n\t"
         "adcs	r1, r5, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a], #16]\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-#else
-        "ldrd	r2, r3, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #24]\n\t"
-        "ldr	r5, [%[a], #28]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #24]\n\t"
-#endif
+        "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "adcs	r1, r2, #0\n\t"
         "adcs	r1, r3, #0\n\t"
         "adcs	r1, r4, #0\n\t"
-        "ldr	r2, [%[a]]\n\t"
+        "ldr	r2, [%[a], #-16]\n\t"
         "adc	r1, r5, #0\n\t"
         "and	%[a], r2, #1\n\t"
         "lsr	r1, r1, #31\n\t"
         "eor	%[a], %[a], r1\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
 
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
 void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
 {
-    register fe* r asm ("r0") = r_p;
-    register fe* base asm ("r1") = base_p;
-    register signed char b asm ("r2") = b_p;
+    register fe* r asm ("r0") = (fe*)r_p;
+    register fe* base asm ("r1") = (fe*)base_p;
+    register signed char b asm ("r2") = (signed char)b_p;
 
     __asm__ __volatile__ (
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	%[b], %[b], #24\n\t"
+        "asr	%[b], %[b], #24\n\t"
+#else
         "sxtb	%[b], %[b]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "lsl	r3, %[b], #24\n\t"
+        "asr	r3, %[b], #31\n\t"
+#else
         "sbfx	r3, %[b], #7, #1\n\t"
+#endif
         "eor	r12, %[b], r3\n\t"
         "sub	r12, r12, r3\n\t"
         "mov	r4, #1\n\t"
@@ -781,7 +705,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
         "mov	r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -791,7 +715,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #31\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -803,7 +727,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -815,7 +739,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -828,7 +752,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -838,7 +762,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #30\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -850,7 +774,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -862,7 +786,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -875,7 +799,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -885,7 +809,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #29\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -897,7 +821,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -909,7 +833,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -922,7 +846,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -932,7 +856,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #28\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -944,7 +868,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -956,7 +880,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -969,7 +893,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -979,7 +903,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #27\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -991,7 +915,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -1003,7 +927,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -1016,7 +940,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1026,7 +950,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #26\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -1038,7 +962,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -1050,7 +974,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -1063,7 +987,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1073,7 +997,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #25\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -1085,7 +1009,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -1097,7 +1021,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -1110,7 +1034,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1120,7 +1044,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #24\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base]]\n\t"
         "ldr	r11, [%[base], #4]\n\t"
 #else
@@ -1132,7 +1056,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #32]\n\t"
         "ldr	r11, [%[base], #36]\n\t"
 #else
@@ -1144,7 +1068,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #64]\n\t"
         "ldr	r11, [%[base], #68]\n\t"
 #else
@@ -1157,8 +1081,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "sub	%[base], %[base], #0x2a0\n\t"
-        "mov	r10, #-19\n\t"
-        "mov	r11, #-1\n\t"
+        "mvn	r10, #18\n\t"
+        "mvn	r11, #0\n\t"
         "subs	r10, r10, r8\n\t"
         "sbcs	r11, r11, r9\n\t"
         "sbc	lr, lr, lr\n\t"
@@ -1177,25 +1101,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r11, r11, r9\n\t"
         "and	r11, r11, r12\n\t"
         "eor	r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r]]\n\t"
         "str	r5, [%[r], #4]\n\t"
 #else
         "strd	r4, r5, [%[r]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r], #32]\n\t"
         "str	r7, [%[r], #36]\n\t"
 #else
         "strd	r6, r7, [%[r], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #64]\n\t"
         "str	r9, [%[r], #68]\n\t"
 #else
         "strd	r8, r9, [%[r], #64]\n\t"
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "lsl	r3, %[b], #24\n\t"
+        "asr	r3, %[b], #31\n\t"
+#else
         "sbfx	r3, %[b], #7, #1\n\t"
+#endif
         "eor	r12, %[b], r3\n\t"
         "sub	r12, r12, r3\n\t"
         "mov	r4, #0\n\t"
@@ -1204,7 +1133,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
         "mov	r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1214,7 +1143,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #31\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1226,7 +1155,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1238,7 +1167,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1251,7 +1180,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1261,7 +1190,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #30\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1273,7 +1202,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1285,7 +1214,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1298,7 +1227,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1308,7 +1237,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #29\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1320,7 +1249,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1332,7 +1261,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1345,7 +1274,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1355,7 +1284,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #28\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1367,7 +1296,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1379,7 +1308,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1392,7 +1321,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1402,7 +1331,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #27\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1414,7 +1343,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1426,7 +1355,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1439,7 +1368,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1449,7 +1378,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #26\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1461,7 +1390,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1473,7 +1402,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1486,7 +1415,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1496,7 +1425,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #25\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1508,7 +1437,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1520,7 +1449,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1533,7 +1462,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1543,7 +1472,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #24\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #8]\n\t"
         "ldr	r11, [%[base], #12]\n\t"
 #else
@@ -1555,7 +1484,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #40]\n\t"
         "ldr	r11, [%[base], #44]\n\t"
 #else
@@ -1567,7 +1496,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #72]\n\t"
         "ldr	r11, [%[base], #76]\n\t"
 #else
@@ -1580,8 +1509,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "sub	%[base], %[base], #0x2a0\n\t"
-        "mov	r10, #-1\n\t"
-        "mov	r11, #-1\n\t"
+        "mvn	r10, #0\n\t"
+        "mvn	r11, #0\n\t"
         "rsbs	lr, lr, #0\n\t"
         "sbcs	r10, r10, r8\n\t"
         "sbcs	r11, r11, r9\n\t"
@@ -1601,25 +1530,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r11, r11, r9\n\t"
         "and	r11, r11, r12\n\t"
         "eor	r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #8]\n\t"
         "str	r5, [%[r], #12]\n\t"
 #else
         "strd	r4, r5, [%[r], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r], #40]\n\t"
         "str	r7, [%[r], #44]\n\t"
 #else
         "strd	r6, r7, [%[r], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #72]\n\t"
         "str	r9, [%[r], #76]\n\t"
 #else
         "strd	r8, r9, [%[r], #72]\n\t"
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "lsl	r3, %[b], #24\n\t"
+        "asr	r3, %[b], #31\n\t"
+#else
         "sbfx	r3, %[b], #7, #1\n\t"
+#endif
         "eor	r12, %[b], r3\n\t"
         "sub	r12, r12, r3\n\t"
         "mov	r4, #0\n\t"
@@ -1628,7 +1562,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
         "mov	r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1638,7 +1572,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #31\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1650,7 +1584,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1662,7 +1596,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1675,7 +1609,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1685,7 +1619,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #30\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1697,7 +1631,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1709,7 +1643,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1722,7 +1656,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1732,7 +1666,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #29\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1744,7 +1678,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1756,7 +1690,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1769,7 +1703,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1779,7 +1713,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #28\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1791,7 +1725,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1803,7 +1737,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1816,7 +1750,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1826,7 +1760,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #27\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1838,7 +1772,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1850,7 +1784,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1863,7 +1797,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1873,7 +1807,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #26\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1885,7 +1819,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1897,7 +1831,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1910,7 +1844,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1920,7 +1854,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #25\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1932,7 +1866,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1944,7 +1878,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -1957,7 +1891,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -1967,7 +1901,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #24\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #16]\n\t"
         "ldr	r11, [%[base], #20]\n\t"
 #else
@@ -1979,7 +1913,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #48]\n\t"
         "ldr	r11, [%[base], #52]\n\t"
 #else
@@ -1991,7 +1925,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #80]\n\t"
         "ldr	r11, [%[base], #84]\n\t"
 #else
@@ -2004,8 +1938,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "sub	%[base], %[base], #0x2a0\n\t"
-        "mov	r10, #-1\n\t"
-        "mov	r11, #-1\n\t"
+        "mvn	r10, #0\n\t"
+        "mvn	r11, #0\n\t"
         "rsbs	lr, lr, #0\n\t"
         "sbcs	r10, r10, r8\n\t"
         "sbcs	r11, r11, r9\n\t"
@@ -2025,25 +1959,30 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r11, r11, r9\n\t"
         "and	r11, r11, r12\n\t"
         "eor	r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #16]\n\t"
         "str	r5, [%[r], #20]\n\t"
 #else
         "strd	r4, r5, [%[r], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r], #48]\n\t"
         "str	r7, [%[r], #52]\n\t"
 #else
         "strd	r6, r7, [%[r], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #80]\n\t"
         "str	r9, [%[r], #84]\n\t"
 #else
         "strd	r8, r9, [%[r], #80]\n\t"
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "lsl	r3, %[b], #24\n\t"
+        "asr	r3, %[b], #31\n\t"
+#else
         "sbfx	r3, %[b], #7, #1\n\t"
+#endif
         "eor	r12, %[b], r3\n\t"
         "sub	r12, r12, r3\n\t"
         "mov	r4, #0\n\t"
@@ -2052,7 +1991,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
         "mov	r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2062,7 +2001,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #31\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2074,7 +2013,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2086,7 +2025,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2099,7 +2038,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2109,7 +2048,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #30\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2121,7 +2060,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2133,7 +2072,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2146,7 +2085,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2156,7 +2095,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #29\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2168,7 +2107,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2180,7 +2119,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2193,7 +2132,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2203,7 +2142,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #28\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2215,7 +2154,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2227,7 +2166,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2240,7 +2179,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2250,7 +2189,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #27\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2262,7 +2201,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2274,7 +2213,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2287,7 +2226,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2297,7 +2236,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #26\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2309,7 +2248,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2321,7 +2260,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2334,7 +2273,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2344,7 +2283,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #25\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2356,7 +2295,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2368,7 +2307,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2381,7 +2320,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "add	%[base], %[base], #0x60\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x800000\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0x0\n\t"
@@ -2391,7 +2330,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "ror	r3, r3, #24\n\t"
         "ror	r3, r3, r12\n\t"
         "asr	r3, r3, #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #24]\n\t"
         "ldr	r11, [%[base], #28]\n\t"
 #else
@@ -2403,7 +2342,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r4, r4, r10\n\t"
         "eor	r5, r5, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #56]\n\t"
         "ldr	r11, [%[base], #60]\n\t"
 #else
@@ -2415,7 +2354,7 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "and	r11, r11, r3\n\t"
         "eor	r6, r6, r10\n\t"
         "eor	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[base], #88]\n\t"
         "ldr	r11, [%[base], #92]\n\t"
 #else
@@ -2428,14 +2367,8 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r8, r8, r10\n\t"
         "eor	r9, r9, r11\n\t"
         "sub	%[base], %[base], #0x2a0\n\t"
-        "mov	r10, #-1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "mov	r11, #0x7fffff\n\t"
-        "lsl	r11, r11, #8\n\t"
-        "add	r11, r11, #0xff\n\t"
-#else
-        "mov	r11, #0x7fffffff\n\t"
-#endif
+        "mvn	r10, #0\n\t"
+        "mvn	r11, #0x80000000\n\t"
         "rsbs	lr, lr, #0\n\t"
         "sbcs	r10, r10, r8\n\t"
         "sbc	r11, r11, r9\n\t"
@@ -2454,19 +2387,19 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
         "eor	r11, r11, r9\n\t"
         "and	r11, r11, r12\n\t"
         "eor	r9, r9, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #24]\n\t"
         "str	r5, [%[r], #28]\n\t"
 #else
         "strd	r4, r5, [%[r], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r], #56]\n\t"
         "str	r7, [%[r], #60]\n\t"
 #else
         "strd	r6, r7, [%[r], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #88]\n\t"
         "str	r9, [%[r], #92]\n\t"
 #else
@@ -2474,1794 +2407,1232 @@ void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
 #endif
         : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
-void fe_mul(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
-    register const fe b asm ("r2") = b_p;
+    register fe* r asm ("r0") = (fe*)r_p;
+    register fe* base asm ("r1") = (fe*)base_p;
+    register signed char b asm ("r2") = (signed char)b_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        /* Multiply */
-        "ldr	r7, [%[a]]\n\t"
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[b]]\n\t"
-        "ldr	lr, [%[b], #4]\n\t"
-        /*  A[0] * B[0] = 0 */
-        "umull	r4, r5, r7, r9\n\t"
-        "str	r4, [sp]\n\t"
-        /*  A[0] * B[1] = 1 */
-        "umull	r3, r6, r7, lr\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * B[0] = 1 */
-        "umull	r3, r12, r8, r9\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #4]\n\t"
-        /*  A[2] * B[0] = 2 */
-        "ldr	r10, [%[a], #8]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adc	r4, r4, r12\n\t"
-        /*  A[1] * B[1] = 2 */
-        "umull	r3, r12, r8, lr\n\t"
-        "adds	r6, r6, r3\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[0] * B[2] = 2 */
-        "ldr	r11, [%[b], #8]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #8]\n\t"
-        /*  A[0] * B[3] = 3 */
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * B[2] = 3 */
-        "ldr	r11, [%[b], #8]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[2] * B[1] = 3 */
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[3] * B[0] = 3 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #12]\n\t"
-        /*  A[4] * B[0] = 4 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * B[1] = 4 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[2] * B[2] = 4 */
-        "ldr	r10, [%[a], #8]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * B[3] = 4 */
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[0] * B[4] = 4 */
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #16]\n\t"
-        /*  A[0] * B[5] = 5 */
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * B[4] = 5 */
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * B[3] = 5 */
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[3] * B[2] = 5 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r11, [%[b], #8]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[4] * B[1] = 5 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[5] * B[0] = 5 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #20]\n\t"
-        /*  A[6] * B[0] = 6 */
-        "ldr	r10, [%[a], #24]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r4, r4, r3\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[5] * B[1] = 6 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[4] * B[2] = 6 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[3] * B[3] = 6 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[2] * B[4] = 6 */
-        "ldr	r10, [%[a], #8]\n\t"
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * B[5] = 6 */
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[0] * B[6] = 6 */
-        "ldr	r11, [%[b], #24]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #24]\n\t"
-        /*  A[0] * B[7] = 7 */
-        "ldr	r11, [%[b], #28]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * B[6] = 7 */
-        "ldr	r11, [%[b], #24]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[2] * B[5] = 7 */
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * B[4] = 7 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[4] * B[3] = 7 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[5] * B[2] = 7 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r11, [%[b], #8]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[6] * B[1] = 7 */
-        "ldr	r10, [%[a], #24]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[7] * B[0] = 7 */
-        "ldr	r10, [%[a], #28]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #28]\n\t"
-        "ldr	r7, [%[a], #24]\n\t"
-        "ldr	r9, [%[b], #24]\n\t"
-        /*  A[7] * B[1] = 8 */
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r6, r6, r3\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[6] * B[2] = 8 */
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[5] * B[3] = 8 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[4] * B[4] = 8 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[3] * B[5] = 8 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * B[6] = 8 */
-        "ldr	r10, [%[a], #8]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * B[7] = 8 */
-        "ldr	r11, [%[b], #28]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #32]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "mov	lr, r11\n\t"
-        /*  A[2] * B[7] = 9 */
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r4, r4, r3\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[3] * B[6] = 9 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[4] * B[5] = 9 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[5] * B[4] = 9 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[6] * B[3] = 9 */
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[7] * B[2] = 9 */
-        "ldr	r11, [%[b], #8]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #36]\n\t"
-        /*  A[7] * B[3] = 10 */
-        "ldr	r11, [%[b], #12]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[6] * B[4] = 10 */
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[5] * B[5] = 10 */
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r10, r11\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[4] * B[6] = 10 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * B[7] = 10 */
-        "ldr	r10, [%[a], #12]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #40]\n\t"
-        /*  A[4] * B[7] = 11 */
-        "ldr	r10, [%[a], #16]\n\t"
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r6, r6, r3\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[5] * B[6] = 11 */
-        "ldr	r10, [%[a], #20]\n\t"
-        "umull	r3, r12, r10, r9\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[6] * B[5] = 11 */
-        "umull	r3, r12, r7, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[7] * B[4] = 11 */
-        "ldr	r11, [%[b], #16]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #44]\n\t"
-        /*  A[7] * B[5] = 12 */
-        "ldr	r11, [%[b], #20]\n\t"
-        "umull	r3, r12, r8, r11\n\t"
-        "adds	r4, r4, r3\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[6] * B[6] = 12 */
-        "umull	r3, r12, r7, r9\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[5] * B[7] = 12 */
-        "umull	r3, r12, r10, lr\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #48]\n\t"
-        /*  A[6] * B[7] = 13 */
-        "umull	r3, r12, r7, lr\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[7] * B[6] = 13 */
-        "umull	r3, r12, r8, r9\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #52]\n\t"
-        /*  A[7] * B[7] = 14 */
-        "umull	r3, r12, r8, lr\n\t"
-        "adds	r6, r6, r3\n\t"
-        "adc	r4, r4, r12\n\t"
-        "str	r6, [sp, #56]\n\t"
-        "str	r4, [sp, #60]\n\t"
-        /* Reduce */
-        /*  Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "lsl	%[b], %[b], #24\n\t"
+        "asr	%[b], %[b], #24\n\t"
 #else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #16]\n\t"
+        "sxtb	%[b], %[b]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	r11, [sp, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "lsl	r3, %[b], #24\n\t"
+        "asr	r3, %[b], #31\n\t"
 #else
-        "ldrd	r10, r11, [sp, #24]\n\t"
+        "sbfx	r3, %[b], #7, #1\n\t"
 #endif
-        "lsr	r3, r11, #31\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "mov	lr, #19\n\t"
-        "ldr	%[a], [sp, #32]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "adds	r4, r4, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r5, r5, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #36]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r5, r5, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #40]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r6, r6, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r7, r7, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #44]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r7, r7, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r8, r8, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #48]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r8, r8, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r9, r9, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #52]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r9, r9, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r10, r10, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #56]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "add	r12, r12, %[b]\n\t"
-        "adds	r10, r10, r3\n\t"
-        "mov	%[b], #0\n\t"
-        "adcs	r11, r11, r12\n\t"
-        "adc	%[b], %[b], #0\n\t"
-        "lsr	r3, %[a], #31\n\t"
-        "ldr	%[a], [sp, #60]\n\t"
-        "orr	r3, r3, %[a], lsl #1\n\t"
-        "umull	r3, r12, lr, r3\n\t"
-        "adds	r11, r11, r3\n\t"
-        "adc	r3, r12, %[b]\n\t"
-        /*  Overflow */
-        "lsl	r3, r3, #1\n\t"
-        "orr	r3, r3, r11, lsr #31\n\t"
-        "mul	r3, r3, lr\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* Reduce if top bit set */
-        "asr	r3, r11, #31\n\t"
-        "and	r3, r3, lr\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, #0\n\t"
+        "eor	%[b], %[b], r3\n\t"
+        "sub	%[b], %[b], r3\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+        "sub	lr, %[b], #1\n\t"
+#else
+        "clz	lr, %[b]\n\t"
+        "lsl	lr, lr, #26\n\t"
+#endif /* defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6) */
+        "asr	lr, lr, #31\n\t"
+        "mvn	lr, lr\n\t"
+        "add	%[b], %[b], lr\n\t"
+        "mov	r12, #0x60\n\t"
+        "mul	%[b], %[b], r12\n\t"
+        "add	%[base], %[base], %[b]\n\t"
+        "ldm	%[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r6, r6, lr\n\t"
+        "and	r7, r7, lr\n\t"
+        "and	r8, r8, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "and	r10, r10, lr\n\t"
+        "and	r11, r11, lr\n\t"
+        "mvn	r12, lr\n\t"
+        "sub	r4, r4, r12\n\t"
+        "mov	r12, #32\n\t"
+        "and	r12, r12, r3\n\t"
+        "add	%[r], %[r], r12\n\t"
+        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "sub	%[r], %[r], r12\n\t"
+        "ldm	%[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r6, r6, lr\n\t"
+        "and	r7, r7, lr\n\t"
+        "and	r8, r8, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "and	r10, r10, lr\n\t"
+        "and	r11, r11, lr\n\t"
+        "mvn	r12, lr\n\t"
+        "sub	r4, r4, r12\n\t"
+        "mov	r12, #32\n\t"
+        "bic	r12, r12, r3\n\t"
+        "add	%[r], %[r], r12\n\t"
+        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "sub	%[r], %[r], r12\n\t"
+        "add	%[r], %[r], #0x40\n\t"
+        "ldm	%[base]!, {r4, r5, r6, r7}\n\t"
+        "mvn	r12, #18\n\t"
+        "subs	r8, r12, r4\n\t"
+        "sbcs	r9, r3, r5\n\t"
+        "sbcs	r10, r3, r6\n\t"
+        "sbcs	r11, r3, r7\n\t"
+        "bic	r4, r4, r3\n\t"
+        "bic	r5, r5, r3\n\t"
+        "bic	r6, r6, r3\n\t"
+        "bic	r7, r7, r3\n\t"
+        "and	r8, r8, r3\n\t"
+        "and	r9, r9, r3\n\t"
+        "and	r10, r10, r3\n\t"
+        "and	r11, r11, r3\n\t"
+        "orr	r4, r4, r8\n\t"
+        "orr	r5, r5, r9\n\t"
+        "orr	r6, r6, r10\n\t"
+        "orr	r7, r7, r11\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r6, r6, lr\n\t"
+        "and	r7, r7, lr\n\t"
+        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
+        "ldm	%[base]!, {r4, r5, r6, r7}\n\t"
+        "mvn	r12, #0x80000000\n\t"
+        "sbcs	r8, r3, r4\n\t"
+        "sbcs	r9, r3, r5\n\t"
+        "sbcs	r10, r3, r6\n\t"
+        "sbc	r11, r12, r7\n\t"
+        "bic	r4, r4, r3\n\t"
+        "bic	r5, r5, r3\n\t"
+        "bic	r6, r6, r3\n\t"
+        "bic	r7, r7, r3\n\t"
+        "and	r8, r8, r3\n\t"
+        "and	r9, r9, r3\n\t"
+        "and	r10, r10, r3\n\t"
+        "and	r11, r11, r3\n\t"
+        "orr	r4, r4, r8\n\t"
+        "orr	r5, r5, r9\n\t"
+        "orr	r6, r6, r10\n\t"
+        "orr	r7, r7, r11\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r6, r6, lr\n\t"
+        "and	r7, r7, lr\n\t"
+        "stm	%[r]!, {r4, r5, r6, r7}\n\t"
+        "sub	%[base], %[base], %[b]\n\t"
+        : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_mul_op(void);
+void fe_mul_op()
+{
+    __asm__ __volatile__ (
+        "sub	sp, sp, #40\n\t"
+        "str	r0, [sp, #36]\n\t"
+        "mov	r0, #0\n\t"
+        "ldr	r12, [r1]\n\t"
+        /* A[0] * B[0] */
+        "ldr	lr, [r2]\n\t"
+        "umull	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "umull	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "umull	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "umull	r9, r10, r12, lr\n\t"
+        "str	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "mov	r11, r0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
         "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
         "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
         "adcs	r10, r10, #0\n\t"
+        "adc	r3, r0, #0\n\t"
+        "umlal	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "ldr	r12, [r1, #4]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r4, r0, #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "ldr	r12, [r1, #8]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "str	r5, [sp, #8]\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r5, r0, #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "ldr	r12, [r1, #12]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r6, r0, #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "ldr	r12, [r1, #16]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r7, r0, #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "ldr	r12, [r1, #20]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r8, r0, #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "ldr	r12, [r1, #24]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r9, r0, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "ldr	r12, [r1, #28]\n\t"
+        "ldr	lr, [r2]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "ldr	lr, [r2, #4]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "ldr	lr, [r2, #8]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "ldr	lr, [r2, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "ldr	lr, [r2, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "ldr	lr, [r2, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "ldr	lr, [r2, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "ldr	lr, [r2, #28]\n\t"
+        "adc	r10, r0, #0\n\t"
+        "umlal	r9, r10, r12, lr\n\t"
+        /* Reduce */
+        "ldr	r2, [sp, #28]\n\t"
+        "mov	lr, sp\n\t"
+        "mov	r12, #38\n\t"
+        "umull	r10, r11, r12, r10\n\t"
+        "adds	r10, r10, r2\n\t"
         "adc	r11, r11, #0\n\t"
+        "mov	r12, #19\n\t"
+        "lsl	r11, r11, #1\n\t"
+        "orr	r11, r11, r10, LSR #31\n\t"
+        "mul	r11, r12, r11\n\t"
+        "ldm	lr!, {r1, r2}\n\t"
+        "mov	r12, #38\n\t"
+        "adds	r1, r1, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r1, r11, r3, r12\n\t"
+        "adds	r2, r2, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r2, r11, r4, r12\n\t"
+        "ldm	lr!, {r3, r4}\n\t"
+        "adds	r3, r3, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r5, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r6, r12\n\t"
+        "ldm	lr!, {r5, r6}\n\t"
+        "adds	r5, r5, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r7, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r8, r12\n\t"
+        "ldm	lr!, {r7, r8}\n\t"
+        "adds	r7, r7, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r10, r10, #0x80000000\n\t"
+#else
+        "bfc	r10, #31, #1\n\t"
+#endif
+        "adds	r8, r10, r11\n\t"
         /* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-#else
-        "strd	r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        "add	sp, sp, #0x40\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "ldr	r0, [sp, #36]\n\t"
+        "stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #40\n\t"
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        :
+        : "memory", "lr", "cc"
     );
 }
 
-void fe_sq(fe r_p, const fe a_p)
+#else
+void fe_mul_op(void);
+void fe_mul_op()
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
-
     __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        /* Square */
-        "ldr	r7, [%[a]]\n\t"
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[a], #8]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        /*  A[0] * A[0] = 0 */
-        "umull	r4, r5, r7, r7\n\t"
-        "str	r4, [sp]\n\t"
-        /*  A[0] * A[1] = 1 */
-        "umull	r2, r3, r7, r8\n\t"
-        "mov	r6, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adc	r6, r6, r3\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #4]\n\t"
-        /*  A[1] * A[1] = 2 */
-        "umull	r2, r3, r8, r8\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adc	r4, r4, r3\n\t"
-        /*  A[0] * A[2] = 2 */
-        "umull	r2, r3, r7, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #8]\n\t"
-        /*  A[0] * A[3] = 3 */
-        "umull	r2, r3, r7, r10\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adc	r5, r5, r3\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * A[2] = 3 */
-        "umull	r2, r3, r8, r9\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #12]\n\t"
-        /*  A[2] * A[2] = 4 */
-        "umull	r2, r3, r9, r9\n\t"
-        "adds	r5, r5, r2\n\t"
+        "sub	sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r0, [sp, #36]\n\t"
+        "str	r1, [sp, #40]\n\t"
+#else
+        "strd	r0, r1, [sp, #36]\n\t"
+#endif
+        "mov	lr, r2\n\t"
+        "ldm	r1, {r0, r1, r2, r3}\n\t"
+        "ldm	lr!, {r4, r5, r6}\n\t"
+        "umull	r10, r11, r0, r4\n\t"
+        "umull	r12, r7, r1, r4\n\t"
+        "umaal	r11, r12, r0, r5\n\t"
+        "umull	r8, r9, r2, r4\n\t"
+        "umaal	r12, r8, r1, r5\n\t"
+        "umaal	r12, r7, r0, r6\n\t"
+        "umaal	r8, r9, r3, r4\n\t"
+        "stm	sp, {r10, r11, r12}\n\t"
+        "umaal	r7, r8, r2, r5\n\t"
+        "ldm	lr!, {r4}\n\t"
+        "umull	r10, r11, r1, r6\n\t"
+        "umaal	r8, r9, r2, r6\n\t"
+        "umaal	r7, r10, r0, r4\n\t"
+        "umaal	r8, r11, r3, r5\n\t"
+        "str	r7, [sp, #12]\n\t"
+        "umaal	r8, r10, r1, r4\n\t"
+        "umaal	r9, r11, r3, r6\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "umaal	r10, r11, r3, r4\n\t"
+        "ldm	lr, {r4, r5, r6, r7}\n\t"
+        "mov	r12, #0\n\t"
+        "umlal	r8, r12, r0, r4\n\t"
+        "umaal	r9, r12, r1, r4\n\t"
+        "umaal	r10, r12, r2, r4\n\t"
+        "umaal	r11, r12, r3, r4\n\t"
         "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * A[3] = 4 */
-        "umull	r2, r3, r8, r10\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[0] * A[4] = 4 */
-        "umull	r2, r3, r7, r12\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #16]\n\t"
-        /*  A[0] * A[5] = 5 */
-        "ldr	r11, [%[a], #20]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r6, r6, r2\n\t"
+        "umlal	r9, r4, r0, r5\n\t"
+        "umaal	r10, r4, r1, r5\n\t"
+        "umaal	r11, r4, r2, r5\n\t"
+        "umaal	r12, r4, r3, r5\n\t"
         "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * A[4] = 5 */
-        "umull	r2, r3, r8, r12\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * A[3] = 5 */
-        "umull	r2, r3, r9, r10\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #20]\n\t"
-        /*  A[3] * A[3] = 6 */
-        "umull	r2, r3, r10, r10\n\t"
-        "adds	r4, r4, r2\n\t"
+        "umlal	r10, r5, r0, r6\n\t"
+        "umaal	r11, r5, r1, r6\n\t"
+        "umaal	r12, r5, r2, r6\n\t"
+        "umaal	r4, r5, r3, r6\n\t"
         "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[2] * A[4] = 6 */
-        "umull	r2, r3, r9, r12\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * A[5] = 6 */
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[0] * A[6] = 6 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #24]\n\t"
-        /*  A[0] * A[7] = 7 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * A[6] = 7 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[2] * A[5] = 7 */
-        "ldr	r11, [%[a], #20]\n\t"
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * A[4] = 7 */
-        "umull	r2, r3, r10, r12\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #28]\n\t"
-        /*  A[4] * A[4] = 8 */
-        "umull	r2, r3, r12, r12\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[3] * A[5] = 8 */
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * A[6] = 8 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * A[7] = 8 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r11, r6, r0, r7\n\t"
+        "ldr	r0, [sp, #40]\n\t"
+        "umaal	r12, r6, r1, r7\n\t"
+        "add	r0, r0, #16\n\t"
+        "umaal	r4, r6, r2, r7\n\t"
+        "sub	lr, lr, #16\n\t"
+        "umaal	r5, r6, r3, r7\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
         "str	r6, [sp, #32]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        /*  A[2] * A[7] = 9 */
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[3] * A[6] = 9 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[4] * A[5] = 9 */
-        "umull	r2, r3, r12, r7\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #36]\n\t"
-        "mov	r8, r11\n\t"
-        /*  A[5] * A[5] = 10 */
-        "umull	r2, r3, r7, r7\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[4] * A[6] = 10 */
-        "umull	r2, r3, r12, r8\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * A[7] = 10 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #40]\n\t"
-        "mov	r9, r11\n\t"
-        /*  A[4] * A[7] = 11 */
-        "umull	r2, r3, r12, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[5] * A[6] = 11 */
-        "umull	r2, r3, r7, r8\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #44]\n\t"
-        /*  A[6] * A[6] = 12 */
-        "umull	r2, r3, r8, r8\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[5] * A[7] = 12 */
-        "umull	r2, r3, r7, r9\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #48]\n\t"
-        /*  A[6] * A[7] = 13 */
-        "umull	r2, r3, r8, r9\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #52]\n\t"
-        /*  A[7] * A[7] = 14 */
-        "umull	r2, r3, r9, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adc	r4, r4, r3\n\t"
-        "str	r6, [sp, #56]\n\t"
-        "str	r4, [sp, #60]\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r7, #0\n\t"
+        "umlal	r8, r7, r0, r6\n\t"
+        "umaal	r9, r7, r1, r6\n\t"
+        "str	r8, [sp, #16]\n\t"
+        "umaal	r10, r7, r2, r6\n\t"
+        "umaal	r11, r7, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r8, #0\n\t"
+        "umlal	r9, r8, r0, r6\n\t"
+        "umaal	r10, r8, r1, r6\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "umaal	r11, r8, r2, r6\n\t"
+        "umaal	r12, r8, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r10, r9, r0, r6\n\t"
+        "umaal	r11, r9, r1, r6\n\t"
+        "str	r10, [sp, #24]\n\t"
+        "umaal	r12, r9, r2, r6\n\t"
+        "umaal	r4, r9, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r10, #0\n\t"
+        "umlal	r11, r10, r0, r6\n\t"
+        "umaal	r12, r10, r1, r6\n\t"
+        "str	r11, [sp, #28]\n\t"
+        "umaal	r4, r10, r2, r6\n\t"
+        "umaal	r5, r10, r3, r6\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r12, r7, r0, r11\n\t"
+        "umaal	r4, r7, r1, r11\n\t"
+        "ldr	r6, [sp, #32]\n\t"
+        "umaal	r5, r7, r2, r11\n\t"
+        "umaal	r6, r7, r3, r11\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r4, r8, r0, r11\n\t"
+        "umaal	r5, r8, r1, r11\n\t"
+        "umaal	r6, r8, r2, r11\n\t"
+        "umaal	r7, r8, r3, r11\n\t"
+        "ldm	lr, {r11, lr}\n\t"
+        "umaal	r5, r9, r0, r11\n\t"
+        "umaal	r6, r10, r0, lr\n\t"
+        "umaal	r6, r9, r1, r11\n\t"
+        "umaal	r7, r10, r1, lr\n\t"
+        "umaal	r7, r9, r2, r11\n\t"
+        "umaal	r8, r10, r2, lr\n\t"
+        "umaal	r8, r9, r3, r11\n\t"
+        "umaal	r9, r10, r3, lr\n\t"
         /* Reduce */
-        /*  Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-#else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	r11, [sp, #28]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #24]\n\t"
-#endif
-        "lsr	r2, r11, #31\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "mov	r12, #19\n\t"
-        "ldr	%[a], [sp, #32]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #36]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #40]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r7, r7, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #44]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r7, r7, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r8, r8, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #48]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r8, r8, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #52]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r9, r9, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #56]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r10, r10, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #31\n\t"
-        "ldr	%[a], [sp, #60]\n\t"
-        "orr	r2, r2, %[a], lsl #1\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "adds	r11, r11, r2\n\t"
-        "adc	r2, r3, lr\n\t"
-        /*  Overflow */
-        "lsl	r2, r2, #1\n\t"
-        "orr	r2, r2, r11, lsr #31\n\t"
-        "mul	r2, r2, r12\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r2\n\t"
+        "ldr	r0, [sp, #28]\n\t"
+        "mov	lr, #37\n\t"
+        "umaal	r10, r0, r10, lr\n\t"
+        "mov	lr, #19\n\t"
+        "lsl	r0, r0, #1\n\t"
+        "orr	r0, r0, r10, lsr #31\n\t"
+        "mul	r11, r0, lr\n\t"
+        "pop	{r0-r2}\n\t"
+        "mov	lr, #38\n\t"
+        "umaal	r0, r11, r12, lr\n\t"
+        "umaal	r1, r11, r4, lr\n\t"
+        "umaal	r2, r11, r5, lr\n\t"
+        "pop	{r3-r5}\n\t"
+        "umaal	r3, r11, r6, lr\n\t"
+        "umaal	r4, r11, r7, lr\n\t"
+        "umaal	r5, r11, r8, lr\n\t"
+        "pop	{r6}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r10, r10, #0x80000000\n\t"
+#else
+        "bfc	r10, #31, #1\n\t"
+#endif
+        "umaal	r6, r11, r9, lr\n\t"
+        "add	r7, r10, r11\n\t"
+        "ldr	lr, [sp, #8]\n\t"
+        /* Store */
+        "stm	lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "add	sp, sp, #16\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+void fe_mul(fe r_p, const fe a_p, const fe b_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+    register const sword32* b asm ("r2") = (const sword32*)b_p;
+
+    __asm__ __volatile__ (
+        "bl	fe_mul_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_sq_op(void);
+void fe_sq_op()
+{
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	r0, [sp, #64]\n\t"
+        /* Square */
+        "mov	r0, #0\n\t"
+        "ldr	r12, [r1]\n\t"
+        /* A[0] * A[1] */
+        "ldr	lr, [r1, #4]\n\t"
+        "umull	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "ldr	lr, [r1, #12]\n\t"
+        "umull	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "umull	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "umull	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "ldr	lr, [r1, #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "ldr	r12, [r1, #4]\n\t"
+        "ldr	lr, [r1, #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "ldr	lr, [r1, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r4, r0, #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "ldr	r12, [r1, #8]\n\t"
+        "ldr	lr, [r1, #12]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r5, r0, #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "ldr	r12, [r1, #12]\n\t"
+        "ldr	lr, [r1, #16]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r6, r0, #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "ldr	r12, [r1, #16]\n\t"
+        "ldr	lr, [r1, #20]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r7, r0, #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "ldr	r12, [r1, #20]\n\t"
+        "ldr	lr, [r1, #24]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r8, r0, #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "ldr	r12, [r1, #24]\n\t"
+        "ldr	lr, [r1, #28]\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adc	r10, r0, #0\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "ldr	r12, [r1]\n\t"
+        "umull	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "ldr	r12, [r1, #4]\n\t"
         "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "ldr	r12, [r1, #8]\n\t"
         "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "ldr	r12, [r1, #12]\n\t"
         "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* Reduce if top bit set */
-        "asr	r2, r11, #31\n\t"
-        "and	r2, r2, r12\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r2\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, r12\n\t"
+        "adds	r10, r10, r11\n\t"
+        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "ldr	r12, [r1, #16]\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "ldr	r12, [r1, #20]\n\t"
         "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "ldr	r12, [r1, #24]\n\t"
         "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "ldr	r12, [r1, #28]\n\t"
         "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r12, r12\n\t"
+        /* Reduce */
+        "ldr	r2, [sp, #28]\n\t"
+        "mov	lr, sp\n\t"
+        "mov	r12, #38\n\t"
+        "umull	r10, r11, r12, r10\n\t"
+        "adds	r10, r10, r2\n\t"
         "adc	r11, r11, #0\n\t"
+        "mov	r12, #19\n\t"
+        "lsl	r11, r11, #1\n\t"
+        "orr	r11, r11, r10, LSR #31\n\t"
+        "mul	r11, r12, r11\n\t"
+        "ldm	lr!, {r1, r2}\n\t"
+        "mov	r12, #38\n\t"
+        "adds	r1, r1, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r1, r11, r3, r12\n\t"
+        "adds	r2, r2, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r2, r11, r4, r12\n\t"
+        "ldm	lr!, {r3, r4}\n\t"
+        "adds	r3, r3, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r5, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r6, r12\n\t"
+        "ldm	lr!, {r5, r6}\n\t"
+        "adds	r5, r5, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r7, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r8, r12\n\t"
+        "ldm	lr!, {r7, r8}\n\t"
+        "adds	r7, r7, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r10, r10, #0x80000000\n\t"
+#else
+        "bfc	r10, #31, #1\n\t"
+#endif
+        "adds	r8, r10, r11\n\t"
         /* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
-#else
-        "strd	r6, r7, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
+        "ldr	r0, [sp, #64]\n\t"
+        "stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
 #else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
+void fe_sq_op(void);
+void fe_sq_op()
+{
+    __asm__ __volatile__ (
+        "sub	sp, sp, #32\n\t"
+        "str	r0, [sp, #28]\n\t"
+        "ldm	r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        /* Square */
+        "umull	r9, r10, r0, r0\n\t"
+        "umull	r11, r12, r0, r1\n\t"
+        "adds	r11, r11, r11\n\t"
+        "mov	lr, #0\n\t"
+        "umaal	r10, r11, lr, lr\n\t"
+        "stm	sp, {r9, r10}\n\t"
+        "mov	r8, lr\n\t"
+        "umaal	r8, r12, r0, r2\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r8, r11, r1, r1\n\t"
+        "umull	r9, r10, r0, r3\n\t"
+        "umaal	r9, r12, r1, r2\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [sp, #8]\n\t"
+        "str	r9, [sp, #12]\n\t"
 #else
-        "strd	r10, r11, [%[r], #24]\n\t"
+        "strd	r8, r9, [sp, #8]\n\t"
 #endif
-        "add	sp, sp, #0x40\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r10, r0, r4\n\t"
+        "umaal	r9, r12, r1, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r2, r2\n\t"
+        "str	r9, [sp, #16]\n\t"
+        "umull	r9, r8, r0, r5\n\t"
+        "umaal	r9, r12, r1, r4\n\t"
+        "umaal	r9, r10, r2, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r8, r0, r6\n\t"
+        "umaal	r9, r12, r1, r5\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r3, r3\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "umull	r0, r9, r0, r7\n\t"
+        "umaal	r0, r8, r1, r6\n\t"
+        "umaal	r0, r12, r2, r5\n\t"
+        "umaal	r0, r10, r3, r4\n\t"
+        "adcs	r0, r0, r0\n\t"
+        "umaal	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "umaal	r9, r8, r1, r7\n\t"
+        "umaal	r9, r10, r2, r6\n\t"
+        "umaal	r12, r9, r3, r5\n\t"
+        "adcs	r12, r12, r12\n\t"
+        "umaal	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "umaal	r9, r8, r2, r7\n\t"
+        "umaal	r10, r9, r3, r6\n\t"
+        "mov	r2, lr\n\t"
+        "umaal	r10, r2, r4, r5\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "umaal	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "umaal	r2, r8, r3, r7\n\t"
+        "umaal	r2, r9, r4, r6\n\t"
+        "adcs	r3, r2, r2\n\t"
+        "umaal	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "mov	r1, lr\n\t"
+        "umaal	r1, r8, r4, r7\n\t"
+        "umaal	r1, r9, r5, r6\n\t"
+        "adcs	r4, r1, r1\n\t"
+        "umaal	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "umaal	r8, r9, r5, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "mov	r5, lr\n\t"
+        "umaal	r5, r9, r6, r7\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "umaal	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r5, r7, r7\n\t"
+        "adcs	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        /* Reduce */
+        "mov	r6, #37\n\t"
+        "umaal	r7, r0, r7, r6\n\t"
+        "mov	r6, #19\n\t"
+        "lsl	r0, r0, #1\n\t"
+        "orr	r0, r0, r7, lsr #31\n\t"
+        "mul	lr, r0, r6\n\t"
+        "pop	{r0-r1}\n\t"
+        "mov	r6, #38\n\t"
+        "umaal	r0, lr, r12, r6\n\t"
+        "umaal	r1, lr, r11, r6\n\t"
+        "mov	r12, r3\n\t"
+        "mov	r11, r4\n\t"
+        "pop	{r2-r4}\n\t"
+        "umaal	r2, lr, r10, r6\n\t"
+        "umaal	r3, lr, r12, r6\n\t"
+        "umaal	r4, lr, r11, r6\n\t"
+        "mov	r12, r6\n\t"
+        "pop	{r5-r6}\n\t"
+        "umaal	r5, lr, r8, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r7, r7, #0x80000000\n\t"
+#else
+        "bfc	r7, #31, #1\n\t"
+#endif
+        "umaal	r6, lr, r9, r12\n\t"
+        "add	r7, r7, lr\n\t"
+        "pop	{lr}\n\t"
+        /* Store */
+        "stm	lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+void fe_sq(fe r_p, const fe a_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+    __asm__ __volatile__ (
+        "bl	fe_sq_op\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "r11", "cc"
     );
 }
 
+#ifdef HAVE_CURVE25519
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
 void fe_mul121666(fe r_p, fe a_p)
 {
-    register fe r asm ("r0") = r_p;
-    register fe a asm ("r1") = a_p;
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register sword32* a asm ("r1") = (sword32*)a_p;
 
     __asm__ __volatile__ (
         /* Multiply by 121666 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-#else
-        "ldrd	r2, r3, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #8]\n\t"
-        "ldr	r5, [%[a], #12]\n\t"
+        "ldm	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #1\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xdb\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0x42\n\t"
 #else
-        "ldrd	r4, r5, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xdb\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x42\n\t"
 #else
-        "ldrd	r6, r7, [%[a], #16]\n\t"
+        "mov	r10, #0xdb42\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[a], #24]\n\t"
-        "ldr	r9, [%[a], #28]\n\t"
-#else
-        "ldrd	r8, r9, [%[a], #24]\n\t"
+        "movt	r10, #1\n\t"
 #endif
-        "movw	lr, #0xdb42\n\t"
-        "movt	lr, #1\n\t"
-        "umull	r2, r10, r2, lr\n\t"
-        "umull	r3, r12, r3, lr\n\t"
-        "adds	r3, r3, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r4, r12, r4, lr\n\t"
-        "adds	r4, r4, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r5, r12, r5, lr\n\t"
-        "adds	r5, r5, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r6, r12, r6, lr\n\t"
-        "adds	r6, r6, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r7, r12, r7, lr\n\t"
-        "adds	r7, r7, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r8, r12, r8, lr\n\t"
-        "adds	r8, r8, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "umull	r9, r12, r9, lr\n\t"
-        "adds	r9, r9, r10\n\t"
-        "adc	r10, r12, #0\n\t"
-        "mov	lr, #19\n\t"
-        "lsl	r10, r10, #1\n\t"
-        "orr	r10, r10, r9, lsr #31\n\t"
-        "mul	r10, r10, lr\n\t"
-        "and	r9, r9, #0x7fffffff\n\t"
-        "adds	r2, r2, r10\n\t"
+        "umull	r2, r12, r10, r2\n\t"
+        "umull	r3, lr, r10, r3\n\t"
+        "adds	r3, r3, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umull	r4, r12, r10, r4\n\t"
+        "adds	r4, r4, lr\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umull	r5, lr, r10, r5\n\t"
+        "adds	r5, r5, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umull	r6, r12, r10, r6\n\t"
+        "adds	r6, r6, lr\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umull	r7, lr, r10, r7\n\t"
+        "adds	r7, r7, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umull	r8, r12, r10, r8\n\t"
+        "adds	r8, r8, lr\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umull	r9, lr, r10, r9\n\t"
+        "adds	r9, r9, r12\n\t"
+        "mov	r10, #19\n\t"
+        "adc	lr, lr, #0\n\t"
+        "lsl	lr, lr, #1\n\t"
+        "orr	lr, lr, r9, LSR #31\n\t"
+        "mul	lr, r10, lr\n\t"
+        "adds	r2, r2, lr\n\t"
         "adcs	r3, r3, #0\n\t"
         "adcs	r4, r4, #0\n\t"
         "adcs	r5, r5, #0\n\t"
         "adcs	r6, r6, #0\n\t"
         "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adc	r9, r9, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r2, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
 #else
-        "strd	r2, r3, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#else
-        "strd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #16]\n\t"
-        "str	r7, [%[r], #20]\n\t"
-#else
-        "strd	r6, r7, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #24]\n\t"
-        "str	r9, [%[r], #28]\n\t"
-#else
-        "strd	r8, r9, [%[r], #24]\n\t"
+        "bfc	r9, #31, #1\n\t"
 #endif
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "stm	%[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
     );
 }
 
-void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_mul121666(fe r_p, fe a_p)
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register sword32* a asm ("r1") = (sword32*)a_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #0x40\n\t"
-        /* Square * 2 */
-        "ldr	r7, [%[a]]\n\t"
-        "ldr	r8, [%[a], #4]\n\t"
-        "ldr	r9, [%[a], #8]\n\t"
-        "ldr	r10, [%[a], #12]\n\t"
-        "ldr	r12, [%[a], #16]\n\t"
-        /*  A[0] * A[0] = 0 */
-        "umull	r4, r5, r7, r7\n\t"
-        "str	r4, [sp]\n\t"
-        /*  A[0] * A[1] = 1 */
-        "umull	r2, r3, r7, r8\n\t"
-        "mov	r6, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adc	r6, r6, r3\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #4]\n\t"
-        /*  A[1] * A[1] = 2 */
-        "umull	r2, r3, r8, r8\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adc	r4, r4, r3\n\t"
-        /*  A[0] * A[2] = 2 */
-        "umull	r2, r3, r7, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #8]\n\t"
-        /*  A[0] * A[3] = 3 */
-        "umull	r2, r3, r7, r10\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adc	r5, r5, r3\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * A[2] = 3 */
-        "umull	r2, r3, r8, r9\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #12]\n\t"
-        /*  A[2] * A[2] = 4 */
-        "umull	r2, r3, r9, r9\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * A[3] = 4 */
-        "umull	r2, r3, r8, r10\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[0] * A[4] = 4 */
-        "umull	r2, r3, r7, r12\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #16]\n\t"
-        /*  A[0] * A[5] = 5 */
-        "ldr	r11, [%[a], #20]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * A[4] = 5 */
-        "umull	r2, r3, r8, r12\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * A[3] = 5 */
-        "umull	r2, r3, r9, r10\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #20]\n\t"
-        /*  A[3] * A[3] = 6 */
-        "umull	r2, r3, r10, r10\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[2] * A[4] = 6 */
-        "umull	r2, r3, r9, r12\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[1] * A[5] = 6 */
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[0] * A[6] = 6 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #24]\n\t"
-        /*  A[0] * A[7] = 7 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r7, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[1] * A[6] = 7 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[2] * A[5] = 7 */
-        "ldr	r11, [%[a], #20]\n\t"
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * A[4] = 7 */
-        "umull	r2, r3, r10, r12\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #28]\n\t"
-        /*  A[4] * A[4] = 8 */
-        "umull	r2, r3, r12, r12\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[3] * A[5] = 8 */
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[2] * A[6] = 8 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[1] * A[7] = 8 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r8, r11\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #32]\n\t"
-        "ldr	r7, [%[a], #20]\n\t"
-        /*  A[2] * A[7] = 9 */
-        "umull	r2, r3, r9, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[3] * A[6] = 9 */
-        "ldr	r11, [%[a], #24]\n\t"
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[4] * A[5] = 9 */
-        "umull	r2, r3, r12, r7\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #36]\n\t"
-        "mov	r8, r11\n\t"
-        /*  A[5] * A[5] = 10 */
-        "umull	r2, r3, r7, r7\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[4] * A[6] = 10 */
-        "umull	r2, r3, r12, r8\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        /*  A[3] * A[7] = 10 */
-        "ldr	r11, [%[a], #28]\n\t"
-        "umull	r2, r3, r10, r11\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #40]\n\t"
-        "mov	r9, r11\n\t"
-        /*  A[4] * A[7] = 11 */
-        "umull	r2, r3, r12, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	r5, #0\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        /*  A[5] * A[6] = 11 */
-        "umull	r2, r3, r7, r8\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adcs	r4, r4, r3\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r6, [sp, #44]\n\t"
-        /*  A[6] * A[6] = 12 */
-        "umull	r2, r3, r8, r8\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	r6, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        /*  A[5] * A[7] = 12 */
-        "umull	r2, r3, r7, r9\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	r6, r6, #0\n\t"
-        "str	r4, [sp, #48]\n\t"
-        /*  A[6] * A[7] = 13 */
-        "umull	r2, r3, r8, r9\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	r4, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r2\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [sp, #52]\n\t"
-        /*  A[7] * A[7] = 14 */
-        "umull	r2, r3, r9, r9\n\t"
-        "adds	r6, r6, r2\n\t"
-        "adc	r4, r4, r3\n\t"
-        "str	r6, [sp, #56]\n\t"
-        "str	r4, [sp, #60]\n\t"
-        /* Double and Reduce */
-        /*  Load bottom half */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-#else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
+        /* Multiply by 121666 */
+        "ldm	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #1\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xdb\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0x42\n\t"
 #else
-        "ldrd	r6, r7, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #0xdb\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "add	lr, lr, #0x42\n\t"
 #else
-        "ldrd	r8, r9, [sp, #16]\n\t"
+        "mov	lr, #0xdb42\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	r11, [sp, #28]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #24]\n\t"
+        "movt	lr, #1\n\t"
 #endif
-        "lsr	r2, r11, #30\n\t"
-        "lsl	r11, r11, #1\n\t"
-        "orr	r11, r11, r10, lsr #31\n\t"
+        "umull	r2, r10, lr, r2\n\t"
+        "sub	r12, lr, #1\n\t"
+        "umaal	r3, r10, r12, r3\n\t"
+        "umaal	r4, r10, r12, r4\n\t"
+        "umaal	r5, r10, r12, r5\n\t"
+        "umaal	r6, r10, r12, r6\n\t"
+        "umaal	r7, r10, r12, r7\n\t"
+        "umaal	r8, r10, r12, r8\n\t"
+        "mov	lr, #19\n\t"
+        "umaal	r9, r10, r12, r9\n\t"
         "lsl	r10, r10, #1\n\t"
         "orr	r10, r10, r9, lsr #31\n\t"
-        "lsl	r9, r9, #1\n\t"
-        "orr	r9, r9, r8, lsr #31\n\t"
-        "lsl	r8, r8, #1\n\t"
-        "orr	r8, r8, r7, lsr #31\n\t"
-        "lsl	r7, r7, #1\n\t"
-        "orr	r7, r7, r6, lsr #31\n\t"
-        "lsl	r6, r6, #1\n\t"
-        "orr	r6, r6, r5, lsr #31\n\t"
-        "lsl	r5, r5, #1\n\t"
-        "orr	r5, r5, r4, lsr #31\n\t"
-        "lsl	r4, r4, #1\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "mov	r12, #19\n\t"
-        "ldr	%[a], [sp, #32]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "adds	r4, r4, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #36]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r5, r5, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #40]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r6, r6, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r7, r7, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #44]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r7, r7, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r8, r8, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #48]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r8, r8, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r9, r9, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #52]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r9, r9, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r10, r10, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #56]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "add	r3, r3, lr\n\t"
-        "adds	r10, r10, r2\n\t"
-        "mov	lr, #0\n\t"
-        "adcs	r11, r11, r3\n\t"
-        "adc	lr, lr, #0\n\t"
-        "lsr	r2, %[a], #30\n\t"
-        "ldr	%[a], [sp, #60]\n\t"
-        "orr	r2, r2, %[a], lsl #2\n\t"
-        "umull	r2, r3, r12, r2\n\t"
-        "adds	r11, r11, r2\n\t"
-        "adc	r2, r3, lr\n\t"
-        /*  Overflow */
-        "lsl	r2, r2, #1\n\t"
-        "orr	r2, r2, r11, lsr #31\n\t"
-        "mul	r2, r2, r12\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* Reduce if top bit set */
-        "asr	r2, r11, #31\n\t"
-        "and	r2, r2, r12\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, r2\n\t"
+        "mul	r10, lr, r10\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
         "adcs	r5, r5, #0\n\t"
         "adcs	r6, r6, #0\n\t"
         "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* Store */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [%[r], #8]\n\t"
-        "str	r7, [%[r], #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0x80000000\n\t"
 #else
-        "strd	r6, r7, [%[r], #8]\n\t"
+        "bfc	r9, #31, #1\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        "add	sp, sp, #0x40\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
-    );
-}
-
-void fe_invert(fe r_p, const fe a_p)
-{
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
-
-    __asm__ __volatile__ (
-        "sub	sp, sp, #0x88\n\t"
-        /* Invert */
-        "str	%[r], [sp, #128]\n\t"
-        "str	%[a], [sp, #132]\n\t"
-        "mov	r0, sp\n\t"
-        "ldr	r1, [sp, #132]\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #32\n\t"
-        "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #32\n\t"
-        "ldr	r1, [sp, #132]\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r0, sp\n\t"
-        "mov	r1, sp\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #32\n\t"
-        "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #4\n\t"
-        "\n"
-    "L_fe_invert1_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert1_%=\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #9\n\t"
-        "\n"
-    "L_fe_invert2_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert2_%=\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #19\n\t"
-        "\n"
-    "L_fe_invert3_%=: \n\t"
-        "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert3_%=\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x60\n\t"
-        "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #10\n\t"
-        "\n"
-    "L_fe_invert4_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert4_%=\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #49\n\t"
-        "\n"
-    "L_fe_invert5_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert5_%=\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #0x63\n\t"
-        "\n"
-    "L_fe_invert6_%=: \n\t"
-        "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert6_%=\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x60\n\t"
-        "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #50\n\t"
-        "\n"
-    "L_fe_invert7_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert7_%=\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #5\n\t"
-        "\n"
-    "L_fe_invert8_%=: \n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_fe_invert8_%=\n\t"
-        "ldr	r0, [sp, #128]\n\t"
-        "add	r1, sp, #32\n\t"
-        "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	%[a], [sp, #132]\n\t"
-        "ldr	%[r], [sp, #128]\n\t"
-        "add	sp, sp, #0x88\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "stm	%[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "lr", "r4"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
     );
 }
 
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifndef WC_NO_CACHE_RESISTANT
 int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
 {
-    register byte* r asm ("r0") = r_p;
-    register const byte* n asm ("r1") = n_p;
-    register const byte* a asm ("r2") = a_p;
+    register byte* r asm ("r0") = (byte*)r_p;
+    register const byte* n asm ("r1") = (const byte*)n_p;
+    register const byte* a asm ("r2") = (const byte*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0xbc\n\t"
@@ -4270,138 +3641,24 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "str	%[a], [sp, #168]\n\t"
         "mov	%[n], #0\n\t"
         "str	%[n], [sp, #172]\n\t"
-        /* Set one */
-        "mov	r10, #1\n\t"
-        "mov	r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r]]\n\t"
-        "str	r11, [%[r], #4]\n\t"
-#else
-        "strd	r10, r11, [%[r]]\n\t"
-#endif
-        "mov	r10, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #8]\n\t"
-        "str	r11, [%[r], #12]\n\t"
-#else
-        "strd	r10, r11, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #16]\n\t"
-        "str	r11, [%[r], #20]\n\t"
-#else
-        "strd	r10, r11, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        /* Set zero */
+        "mov	r4, #1\n\t"
+        "mov	r5, #0\n\t"
+        "mov	r6, #0\n\t"
+        "mov	r7, #0\n\t"
+        "mov	r8, #0\n\t"
+        "mov	r9, #0\n\t"
         "mov	r10, #0\n\t"
         "mov	r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp]\n\t"
-        "str	r11, [sp, #4]\n\t"
-#else
-        "strd	r10, r11, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #8]\n\t"
-        "str	r11, [sp, #12]\n\t"
-#else
-        "strd	r10, r11, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #16]\n\t"
-        "str	r11, [sp, #20]\n\t"
-#else
-        "strd	r10, r11, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #24]\n\t"
-        "str	r11, [sp, #28]\n\t"
-#else
-        "strd	r10, r11, [sp, #24]\n\t"
-#endif
-        /* Set one */
-        "mov	r10, #1\n\t"
-        "mov	r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #32]\n\t"
-        "str	r11, [sp, #36]\n\t"
-#else
-        "strd	r10, r11, [sp, #32]\n\t"
-#endif
-        "mov	r10, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #40]\n\t"
-        "str	r11, [sp, #44]\n\t"
-#else
-        "strd	r10, r11, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #48]\n\t"
-        "str	r11, [sp, #52]\n\t"
-#else
-        "strd	r10, r11, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #56]\n\t"
-        "str	r11, [sp, #60]\n\t"
-#else
-        "strd	r10, r11, [sp, #56]\n\t"
-#endif
+        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "add	r3, sp, #32\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "mov	r4, #0\n\t"
+        "mov	r3, sp\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "add	r3, sp, #0x40\n\t"
         /* Copy */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[a], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[a]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r7, [%[a], #12]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #64]\n\t"
-        "str	r5, [sp, #68]\n\t"
-#else
-        "strd	r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #72]\n\t"
-        "str	r7, [sp, #76]\n\t"
-#else
-        "strd	r6, r7, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[a], #16]\n\t"
-        "ldr	r5, [%[a], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[a], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r7, [%[a], #28]\n\t"
-#else
-        "ldrd	r6, r7, [%[a], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #80]\n\t"
-        "str	r5, [sp, #84]\n\t"
-#else
-        "strd	r4, r5, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #88]\n\t"
-        "str	r7, [sp, #92]\n\t"
-#else
-        "strd	r6, r7, [sp, #88]\n\t"
-#endif
+        "ldm	r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "mov	%[n], #30\n\t"
         "str	%[n], [sp, #180]\n\t"
         "mov	%[a], #28\n\t"
@@ -4421,19 +3678,11 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "str	%[n], [sp, #172]\n\t"
         "ldr	%[r], [sp, #160]\n\t"
         /* Conditional Swap */
-        "neg	%[n], %[n]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #64]\n\t"
-        "ldr	r7, [sp, #68]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #64]\n\t"
-#endif
+        "rsb	%[n], %[n], #0\n\t"
+        "mov	r3, r0\n\t"
+        "add	r12, sp, #0x40\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4442,30 +3691,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #64]\n\t"
-        "str	r7, [sp, #68]\n\t"
-#else
-        "strd	r6, r7, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #72]\n\t"
-        "ldr	r7, [sp, #76]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #72]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4474,30 +3703,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#else
-        "strd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #72]\n\t"
-        "str	r7, [sp, #76]\n\t"
-#else
-        "strd	r6, r7, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #80]\n\t"
-        "ldr	r7, [sp, #84]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #80]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4506,30 +3715,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#else
-        "strd	r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #80]\n\t"
-        "str	r7, [sp, #84]\n\t"
-#else
-        "strd	r6, r7, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #88]\n\t"
-        "ldr	r7, [sp, #92]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #88]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4538,33 +3727,15 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #24]\n\t"
-        "str	r5, [%[r], #28]\n\t"
-#else
-        "strd	r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #88]\n\t"
-        "str	r7, [sp, #92]\n\t"
-#else
-        "strd	r6, r7, [sp, #88]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
         "ldr	%[n], [sp, #172]\n\t"
         /* Conditional Swap */
-        "neg	%[n], %[n]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-#else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #32]\n\t"
-        "ldr	r7, [sp, #36]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #32]\n\t"
-#endif
+        "rsb	%[n], %[n], #0\n\t"
+        "mov	r3, sp\n\t"
+        "add	r12, sp, #32\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4573,30 +3744,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp]\n\t"
-        "str	r5, [sp, #4]\n\t"
-#else
-        "strd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #32]\n\t"
-        "str	r7, [sp, #36]\n\t"
-#else
-        "strd	r6, r7, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #8]\n\t"
-        "ldr	r5, [sp, #12]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #40]\n\t"
-        "ldr	r7, [sp, #44]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #40]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4605,30 +3756,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #8]\n\t"
-        "str	r5, [sp, #12]\n\t"
-#else
-        "strd	r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #40]\n\t"
-        "str	r7, [sp, #44]\n\t"
-#else
-        "strd	r6, r7, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #16]\n\t"
-        "ldr	r5, [sp, #20]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #48]\n\t"
-        "ldr	r7, [sp, #52]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #48]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4637,30 +3768,10 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #16]\n\t"
-        "str	r5, [sp, #20]\n\t"
-#else
-        "strd	r4, r5, [sp, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #48]\n\t"
-        "str	r7, [sp, #52]\n\t"
-#else
-        "strd	r6, r7, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #24]\n\t"
-        "ldr	r5, [sp, #28]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #56]\n\t"
-        "ldr	r7, [sp, #60]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #56]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
+        "ldm	r3, {r4, r5}\n\t"
+        "ldm	r12, {r6, r7}\n\t"
         "eor	r8, r4, r6\n\t"
         "eor	r9, r5, r7\n\t"
         "and	r8, r8, %[n]\n\t"
@@ -4669,1093 +3780,68 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "eor	r5, r5, r9\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #24]\n\t"
-        "str	r5, [sp, #28]\n\t"
-#else
-        "strd	r4, r5, [sp, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #56]\n\t"
-        "str	r7, [sp, #60]\n\t"
-#else
-        "strd	r6, r7, [sp, #56]\n\t"
-#endif
+        "stm	r3!, {r4, r5}\n\t"
+        "stm	r12!, {r6, r7}\n\t"
         "ldr	%[n], [sp, #184]\n\t"
         "str	%[n], [sp, #172]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp]\n\t"
-        "ldr	r7, [sp, #4]\n\t"
-#else
-        "ldrd	r6, r7, [sp]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r]]\n\t"
-        "str	r9, [%[r], #4]\n\t"
-#else
-        "strd	r8, r9, [%[r]]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #128]\n\t"
-        "str	r11, [sp, #132]\n\t"
-#else
-        "strd	r10, r11, [sp, #128]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #8]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #8]\n\t"
-        "str	r9, [%[r], #12]\n\t"
-#else
-        "strd	r8, r9, [%[r], #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #136]\n\t"
-        "str	r11, [sp, #140]\n\t"
-#else
-        "strd	r10, r11, [sp, #136]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #16]\n\t"
-        "ldr	r7, [sp, #20]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #16]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #144]\n\t"
-        "str	r11, [sp, #148]\n\t"
-#else
-        "strd	r10, r11, [sp, #144]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #24]\n\t"
-        "ldr	r5, [%[r], #28]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #24]\n\t"
-        "ldr	r7, [sp, #28]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #24]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r]]\n\t"
-        "ldr	r5, [%[r], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[r]]\n\t"
-#endif
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r]]\n\t"
-        "str	r5, [%[r], #4]\n\t"
-#else
-        "strd	r4, r5, [%[r]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #8]\n\t"
-        "ldr	r5, [%[r], #12]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #8]\n\t"
-        "str	r5, [%[r], #12]\n\t"
-#else
-        "strd	r4, r5, [%[r], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [%[r], #16]\n\t"
-        "ldr	r5, [%[r], #20]\n\t"
-#else
-        "ldrd	r4, r5, [%[r], #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [%[r], #16]\n\t"
-        "str	r5, [%[r], #20]\n\t"
-#else
-        "strd	r4, r5, [%[r], #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[a]\n\t"
-        "sbc	r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #24]\n\t"
-        "str	r9, [%[r], #28]\n\t"
-#else
-        "strd	r8, r9, [%[r], #24]\n\t"
-#endif
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #128]\n\t"
-        "ldr	r5, [sp, #132]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #128]\n\t"
-#endif
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #128]\n\t"
-        "str	r5, [sp, #132]\n\t"
-#else
-        "strd	r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #136]\n\t"
-        "ldr	r5, [sp, #140]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #136]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #136]\n\t"
-        "str	r5, [sp, #140]\n\t"
-#else
-        "strd	r4, r5, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #144]\n\t"
-        "ldr	r5, [sp, #148]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #144]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #144]\n\t"
-        "str	r5, [sp, #148]\n\t"
-#else
-        "strd	r4, r5, [sp, #144]\n\t"
-#endif
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #152]\n\t"
-        "str	r11, [sp, #156]\n\t"
-#else
-        "strd	r10, r11, [sp, #152]\n\t"
-#endif
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #64]\n\t"
-        "ldr	r5, [sp, #68]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #32]\n\t"
-        "ldr	r7, [sp, #36]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #32]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp]\n\t"
-        "str	r9, [sp, #4]\n\t"
-#else
-        "strd	r8, r9, [sp]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #96]\n\t"
-        "str	r11, [sp, #100]\n\t"
-#else
-        "strd	r10, r11, [sp, #96]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #72]\n\t"
-        "ldr	r5, [sp, #76]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #40]\n\t"
-        "ldr	r7, [sp, #44]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #40]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #8]\n\t"
-        "str	r9, [sp, #12]\n\t"
-#else
-        "strd	r8, r9, [sp, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #104]\n\t"
-        "str	r11, [sp, #108]\n\t"
-#else
-        "strd	r10, r11, [sp, #104]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #80]\n\t"
-        "ldr	r5, [sp, #84]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #48]\n\t"
-        "ldr	r7, [sp, #52]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #48]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #16]\n\t"
-        "str	r9, [sp, #20]\n\t"
-#else
-        "strd	r8, r9, [sp, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #112]\n\t"
-        "str	r11, [sp, #116]\n\t"
-#else
-        "strd	r10, r11, [sp, #112]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #88]\n\t"
-        "ldr	r5, [sp, #92]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #88]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #56]\n\t"
-        "ldr	r7, [sp, #60]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #56]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-#else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp]\n\t"
-        "str	r5, [sp, #4]\n\t"
-#else
-        "strd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #8]\n\t"
-        "ldr	r5, [sp, #12]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #8]\n\t"
-        "str	r5, [sp, #12]\n\t"
-#else
-        "strd	r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #16]\n\t"
-        "ldr	r5, [sp, #20]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #16]\n\t"
-        "str	r5, [sp, #20]\n\t"
-#else
-        "strd	r4, r5, [sp, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[a]\n\t"
-        "sbc	r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #24]\n\t"
-        "str	r9, [sp, #28]\n\t"
-#else
-        "strd	r8, r9, [sp, #24]\n\t"
-#endif
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #96]\n\t"
-        "ldr	r5, [sp, #100]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #96]\n\t"
-#endif
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #96]\n\t"
-        "str	r5, [sp, #100]\n\t"
-#else
-        "strd	r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #104]\n\t"
-        "ldr	r5, [sp, #108]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #104]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #104]\n\t"
-        "str	r5, [sp, #108]\n\t"
-#else
-        "strd	r4, r5, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #112]\n\t"
-        "ldr	r5, [sp, #116]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #112]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #112]\n\t"
-        "str	r5, [sp, #116]\n\t"
-#else
-        "strd	r4, r5, [sp, #112]\n\t"
-#endif
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #120]\n\t"
-        "str	r11, [sp, #124]\n\t"
-#else
-        "strd	r10, r11, [sp, #120]\n\t"
-#endif
+        "mov	r3, sp\n\t"
+        "ldr	r2, [sp, #160]\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "ldr	r0, [sp, #160]\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	r3, sp, #32\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_add_sub_op\n\t"
         "ldr	r2, [sp, #160]\n\t"
         "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #32\n\t"
-        "bl	fe_mul\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r2, sp, #0x80\n\t"
-        "add	r1, sp, #0\n\t"
-        "add	r0, sp, #0\n\t"
-        "bl	fe_mul\n\t"
+        "mov	r1, sp\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #0x80\n\t"
-        "add	r0, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "ldr	r1, [sp, #160]\n\t"
         "add	r0, sp, #0x80\n\t"
-        "bl	fe_sq\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #32]\n\t"
-        "ldr	r5, [sp, #36]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp]\n\t"
-        "ldr	r7, [sp, #4]\n\t"
-#else
-        "ldrd	r6, r7, [sp]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #64]\n\t"
-        "str	r9, [sp, #68]\n\t"
-#else
-        "strd	r8, r9, [sp, #64]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp]\n\t"
-        "str	r11, [sp, #4]\n\t"
-#else
-        "strd	r10, r11, [sp]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #40]\n\t"
-        "ldr	r5, [sp, #44]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #8]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #72]\n\t"
-        "str	r9, [sp, #76]\n\t"
-#else
-        "strd	r8, r9, [sp, #72]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #8]\n\t"
-        "str	r11, [sp, #12]\n\t"
-#else
-        "strd	r10, r11, [sp, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #48]\n\t"
-        "ldr	r5, [sp, #52]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #16]\n\t"
-        "ldr	r7, [sp, #20]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #16]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r3, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #80]\n\t"
-        "str	r9, [sp, #84]\n\t"
-#else
-        "strd	r8, r9, [sp, #80]\n\t"
-#endif
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #16]\n\t"
-        "str	r11, [sp, #20]\n\t"
-#else
-        "strd	r10, r11, [sp, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #56]\n\t"
-        "ldr	r5, [sp, #60]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #56]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #24]\n\t"
-        "ldr	r7, [sp, #28]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #24]\n\t"
-#endif
-        "adds	r3, r3, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	r12, r12, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #64]\n\t"
-        "ldr	r5, [sp, #68]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #64]\n\t"
-#endif
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #64]\n\t"
-        "str	r5, [sp, #68]\n\t"
-#else
-        "strd	r4, r5, [sp, #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #72]\n\t"
-        "ldr	r5, [sp, #76]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #72]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #72]\n\t"
-        "str	r5, [sp, #76]\n\t"
-#else
-        "strd	r4, r5, [sp, #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #80]\n\t"
-        "ldr	r5, [sp, #84]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #80]\n\t"
-#endif
-        "sbcs	r4, r4, %[a]\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #80]\n\t"
-        "str	r5, [sp, #84]\n\t"
-#else
-        "strd	r4, r5, [sp, #80]\n\t"
-#endif
-        "sbcs	r8, r8, %[a]\n\t"
-        "sbc	r9, r9, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #88]\n\t"
-        "str	r9, [sp, #92]\n\t"
-#else
-        "strd	r8, r9, [sp, #88]\n\t"
-#endif
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-#else
-        "ldrd	r4, r5, [sp]\n\t"
-#endif
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp]\n\t"
-        "str	r5, [sp, #4]\n\t"
-#else
-        "strd	r4, r5, [sp]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #8]\n\t"
-        "ldr	r5, [sp, #12]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #8]\n\t"
-        "str	r5, [sp, #12]\n\t"
-#else
-        "strd	r4, r5, [sp, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #16]\n\t"
-        "ldr	r5, [sp, #20]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #16]\n\t"
-        "str	r5, [sp, #20]\n\t"
-#else
-        "strd	r4, r5, [sp, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #24]\n\t"
-        "str	r11, [sp, #28]\n\t"
-#else
-        "strd	r10, r11, [sp, #24]\n\t"
-#endif
-        "add	r2, sp, #0x60\n\t"
-        "add	r1, sp, #0x80\n\t"
+        "bl	fe_sq_op\n\t"
+        "ldr	r1, [sp, #160]\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r3, sp\n\t"
+        "add	r2, sp, #32\n\t"
+        "mov	r1, sp\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	r2, sp, #0x80\n\t"
+        "add	r1, sp, #0x60\n\t"
         "ldr	r0, [sp, #160]\n\t"
-        "bl	fe_mul\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #128]\n\t"
-        "ldr	r5, [sp, #132]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #136]\n\t"
-        "ldr	r7, [sp, #140]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #96]\n\t"
-        "ldr	r9, [sp, #100]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #104]\n\t"
-        "ldr	r11, [sp, #108]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #104]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #128]\n\t"
-        "str	r9, [sp, #132]\n\t"
-#else
-        "strd	r8, r9, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #136]\n\t"
-        "str	r11, [sp, #140]\n\t"
-#else
-        "strd	r10, r11, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #144]\n\t"
-        "ldr	r5, [sp, #148]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #152]\n\t"
-        "ldr	r7, [sp, #156]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #152]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #112]\n\t"
-        "ldr	r9, [sp, #116]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #120]\n\t"
-        "ldr	r11, [sp, #124]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #120]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #128]\n\t"
-        "ldr	r5, [sp, #132]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #136]\n\t"
-        "ldr	r7, [sp, #140]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #136]\n\t"
-#endif
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, %[a]\n\t"
-        "adcs	r6, r6, %[a]\n\t"
-        "adcs	r7, r7, %[a]\n\t"
-        "adcs	r8, r8, %[a]\n\t"
-        "adcs	r9, r9, %[a]\n\t"
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #128]\n\t"
-        "str	r5, [sp, #132]\n\t"
-#else
-        "strd	r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #136]\n\t"
-        "str	r7, [sp, #140]\n\t"
-#else
-        "strd	r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #144]\n\t"
-        "str	r9, [sp, #148]\n\t"
-#else
-        "strd	r8, r9, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #152]\n\t"
-        "str	r11, [sp, #156]\n\t"
-#else
-        "strd	r10, r11, [sp, #152]\n\t"
-#endif
-        "add	r1, sp, #0\n\t"
-        "add	r0, sp, #0\n\t"
-        "bl	fe_sq\n\t"
-        /* Multiply by 121666 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #128]\n\t"
-        "ldr	r5, [sp, #132]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #128]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #136]\n\t"
-        "ldr	r7, [sp, #140]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #136]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #144]\n\t"
-        "ldr	r9, [sp, #148]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #144]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #152]\n\t"
-        "ldr	r11, [sp, #156]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #152]\n\t"
-#endif
-        "movw	r12, #0xdb42\n\t"
-        "movt	r12, #1\n\t"
-        "umull	r4, %[a], r4, r12\n\t"
-        "umull	r5, r3, r5, r12\n\t"
-        "adds	r5, r5, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r6, r3, r6, r12\n\t"
-        "adds	r6, r6, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r7, r3, r7, r12\n\t"
-        "adds	r7, r7, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r8, r3, r8, r12\n\t"
-        "adds	r8, r8, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r9, r3, r9, r12\n\t"
-        "adds	r9, r9, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r10, r3, r10, r12\n\t"
-        "adds	r10, r10, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "umull	r11, r3, r11, r12\n\t"
-        "adds	r11, r11, %[a]\n\t"
-        "adc	%[a], r3, #0\n\t"
-        "mov	r12, #19\n\t"
-        "lsl	%[a], %[a], #1\n\t"
-        "orr	%[a], %[a], r11, lsr #31\n\t"
-        "mul	%[a], %[a], r12\n\t"
-        "and	r11, r11, #0x7fffffff\n\t"
-        "adds	r4, r4, %[a]\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r7, r7, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, #0\n\t"
-        "adc	r11, r11, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #32]\n\t"
-        "str	r5, [sp, #36]\n\t"
-#else
-        "strd	r4, r5, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #40]\n\t"
-        "str	r7, [sp, #44]\n\t"
-#else
-        "strd	r6, r7, [sp, #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #48]\n\t"
-        "str	r9, [sp, #52]\n\t"
-#else
-        "strd	r8, r9, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #56]\n\t"
-        "str	r11, [sp, #60]\n\t"
-#else
-        "strd	r10, r11, [sp, #56]\n\t"
-#endif
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x80\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sub_op\n\t"
+        "mov	r1, sp\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul121666\n\t"
         "add	r1, sp, #0x40\n\t"
         "add	r0, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #96]\n\t"
-        "ldr	r5, [sp, #100]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #104]\n\t"
-        "ldr	r7, [sp, #108]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #32]\n\t"
-        "ldr	r9, [sp, #36]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #40]\n\t"
-        "ldr	r11, [sp, #44]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #40]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #96]\n\t"
-        "str	r9, [sp, #100]\n\t"
-#else
-        "strd	r8, r9, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #104]\n\t"
-        "str	r11, [sp, #108]\n\t"
-#else
-        "strd	r10, r11, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #112]\n\t"
-        "ldr	r5, [sp, #116]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #120]\n\t"
-        "ldr	r7, [sp, #124]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #120]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [sp, #48]\n\t"
-        "ldr	r9, [sp, #52]\n\t"
-#else
-        "ldrd	r8, r9, [sp, #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [sp, #56]\n\t"
-        "ldr	r11, [sp, #60]\n\t"
-#else
-        "ldrd	r10, r11, [sp, #56]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r3, #-19\n\t"
-        "asr	%[a], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r3, %[a], r3\n\t"
-        "and	r12, %[a], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [sp, #96]\n\t"
-        "ldr	r5, [sp, #100]\n\t"
-#else
-        "ldrd	r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [sp, #104]\n\t"
-        "ldr	r7, [sp, #108]\n\t"
-#else
-        "ldrd	r6, r7, [sp, #104]\n\t"
-#endif
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, %[a]\n\t"
-        "sbcs	r6, r6, %[a]\n\t"
-        "sbcs	r7, r7, %[a]\n\t"
-        "sbcs	r8, r8, %[a]\n\t"
-        "sbcs	r9, r9, %[a]\n\t"
-        "sbcs	r10, r10, %[a]\n\t"
-        "sbc	r11, r11, r12\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [sp, #96]\n\t"
-        "str	r5, [sp, #100]\n\t"
-#else
-        "strd	r4, r5, [sp, #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [sp, #104]\n\t"
-        "str	r7, [sp, #108]\n\t"
-#else
-        "strd	r6, r7, [sp, #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [sp, #112]\n\t"
-        "str	r9, [sp, #116]\n\t"
-#else
-        "strd	r8, r9, [sp, #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [sp, #120]\n\t"
-        "str	r11, [sp, #124]\n\t"
-#else
-        "strd	r10, r11, [sp, #120]\n\t"
-#endif
-        "add	r2, sp, #0\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "bl	fe_add_op\n\t"
+        "mov	r2, sp\n\t"
         "ldr	r1, [sp, #168]\n\t"
         "add	r0, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r2, sp, #0x60\n\t"
-        "add	r1, sp, #0x80\n\t"
-        "add	r0, sp, #0\n\t"
-        "bl	fe_mul\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x80\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	%[a], [sp, #176]\n\t"
         "ldr	%[n], [sp, #180]\n\t"
         "subs	%[n], %[n], #1\n\t"
@@ -5767,1596 +3853,1571 @@ int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
         "str	%[a], [sp, #176]\n\t"
         "bge	L_curve25519_words_%=\n\t"
         /* Invert */
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #0\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
         "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
         "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
         "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #0x40\n\t"
         "add	r1, sp, #0\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
+        "add	r1, sp, #32\n\t"
         "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #32\n\t"
-        "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
         "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #0x60\n\t"
+        "add	r1, sp, #0x40\n\t"
         "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #0x40\n\t"
-        "add	r2, sp, #0x60\n\t"
-        "bl	fe_mul\n\t"
         "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #4\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #4\n\t"
         "\n"
     "L_curve25519_inv_1_%=: \n\t"
-        "add	r0, sp, #0x60\n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_curve25519_inv_1_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #9\n\t"
+        "\n"
+    "L_curve25519_inv_2_%=: \n\t"
         "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_2_%=\n\t"
         "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #9\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #19\n\t"
         "\n"
-    "L_curve25519_inv_2_%=: \n\t"
+    "L_curve25519_inv_3_%=: \n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_3_%=\n\t"
+        "add	r2, sp, #0x60\n\t"
+        "add	r1, sp, #0x80\n\t"
         "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #10\n\t"
+        "\n"
+    "L_curve25519_inv_4_%=: \n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_curve25519_inv_2_%=\n\t"
         "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_4_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
         "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #49\n\t"
+        "\n"
+    "L_curve25519_inv_5_%=: \n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_5_%=\n\t"
         "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x80\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #0x63\n\t"
+        "\n"
+    "L_curve25519_inv_6_%=: \n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_6_%=\n\t"
+        "add	r2, sp, #0x60\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #50\n\t"
+        "\n"
+    "L_curve25519_inv_7_%=: \n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #19\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_7_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #5\n\t"
         "\n"
-    "L_curve25519_inv_3_%=: \n\t"
+    "L_curve25519_inv_8_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_8_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r2, sp\n\t"
+        "ldr	r1, [sp, #160]\n\t"
+        "ldr	r0, [sp, #160]\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r0, #0\n\t"
+        "add	sp, sp, #0xbc\n\t"
+        : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+{
+    register byte* r asm ("r0") = (byte*)r_p;
+    register const byte* n asm ("r1") = (const byte*)n_p;
+    register const byte* a asm ("r2") = (const byte*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0xc0\n\t"
+        "str	%[r], [sp, #176]\n\t"
+        "str	%[n], [sp, #160]\n\t"
+        "str	%[a], [sp, #172]\n\t"
+        "add	r5, sp, #0x40\n\t"
+        "add	r4, sp, #32\n\t"
+        "str	sp, [sp, #184]\n\t"
+        "str	r5, [sp, #180]\n\t"
+        "str	r4, [sp, #188]\n\t"
+        "mov	%[n], #0\n\t"
+        "str	%[n], [sp, #164]\n\t"
+        "mov	r4, #1\n\t"
+        "mov	r5, #0\n\t"
+        "mov	r6, #0\n\t"
+        "mov	r7, #0\n\t"
+        "mov	r8, #0\n\t"
+        "mov	r9, #0\n\t"
+        "mov	r10, #0\n\t"
+        "mov	r11, #0\n\t"
+        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "add	r3, sp, #32\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "mov	r4, #0\n\t"
+        "mov	r3, sp\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "add	r3, sp, #0x40\n\t"
+        /* Copy */
+        "ldm	r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "mov	%[a], #0xfe\n\t"
+        "\n"
+    "L_curve25519_bits_%=: \n\t"
+        "str	%[a], [sp, #168]\n\t"
+        "ldr	%[n], [sp, #160]\n\t"
+        "and	r4, %[a], #31\n\t"
+        "lsr	%[a], %[a], #5\n\t"
+        "ldr	%[a], [%[n], r2, lsl #2]\n\t"
+        "rsb	r4, r4, #31\n\t"
+        "lsl	%[a], %[a], r4\n\t"
+        "ldr	%[n], [sp, #164]\n\t"
+        "eor	%[n], %[n], %[a]\n\t"
+        "asr	%[n], %[n], #31\n\t"
+        "str	%[a], [sp, #164]\n\t"
+        /* Conditional Swap */
+        "add	r11, sp, #0xb0\n\t"
+        "ldm	r11, {r4, r5, r6, r7}\n\t"
+        "eor	r8, r4, r5\n\t"
+        "eor	r9, r6, r7\n\t"
+        "and	r8, r8, %[n]\n\t"
+        "and	r9, r9, %[n]\n\t"
+        "eor	r4, r4, r8\n\t"
+        "eor	r5, r5, r8\n\t"
+        "eor	r6, r6, r9\n\t"
+        "eor	r7, r7, r9\n\t"
+        "stm	r11, {r4, r5, r6, r7}\n\t"
+        /* Ladder step */
+        "ldr	r3, [sp, #184]\n\t"
+        "ldr	r2, [sp, #176]\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "ldr	r0, [sp, #176]\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r3, [sp, #188]\n\t"
+        "ldr	r2, [sp, #180]\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "ldr	r0, [sp, #184]\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r2, [sp, #176]\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "ldr	r0, [sp, #188]\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x80\n\t"
+        "ldr	r1, [sp, #184]\n\t"
+        "ldr	r0, [sp, #184]\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "ldr	r1, [sp, #176]\n\t"
         "add	r0, sp, #0x80\n\t"
+        "bl	fe_sq_op\n\t"
+        "ldr	r3, [sp, #184]\n\t"
+        "ldr	r2, [sp, #188]\n\t"
+        "ldr	r1, [sp, #184]\n\t"
+        "ldr	r0, [sp, #180]\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	r2, sp, #0x60\n\t"
         "add	r1, sp, #0x80\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_curve25519_inv_3_%=\n\t"
+        "ldr	r0, [sp, #176]\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x60\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "bl	fe_sub_op\n\t"
+        "ldr	r1, [sp, #184]\n\t"
+        "ldr	r0, [sp, #184]\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "ldr	r0, [sp, #188]\n\t"
+        "bl	fe_mul121666\n\t"
+        "ldr	r1, [sp, #180]\n\t"
+        "ldr	r0, [sp, #180]\n\t"
+        "bl	fe_sq_op\n\t"
+        "ldr	r2, [sp, #188]\n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x60\n\t"
+        "bl	fe_add_op\n\t"
+        "ldr	r2, [sp, #184]\n\t"
+        "ldr	r1, [sp, #172]\n\t"
+        "ldr	r0, [sp, #188]\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x60\n\t"
         "add	r1, sp, #0x80\n\t"
+        "ldr	r0, [sp, #184]\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	%[a], [sp, #168]\n\t"
+        "subs	%[a], %[a], #1\n\t"
+        "bge	L_curve25519_bits_%=\n\t"
+        "ldr	%[n], [sp, #184]\n\t"
+        /* Copy */
+        "ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	sp, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Invert */
+        "add	r1, sp, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
         "add	r2, sp, #0x60\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #10\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #4\n\t"
         "\n"
-    "L_curve25519_inv_4_%=: \n\t"
+    "L_curve25519_inv_1_%=: \n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_1_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
-        "bne	L_curve25519_inv_4_%=\n\t"
         "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #9\n\t"
+        "\n"
+    "L_curve25519_inv_2_%=: \n\t"
         "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_2_%=\n\t"
         "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #19\n\t"
+        "\n"
+    "L_curve25519_inv_3_%=: \n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_3_%=\n\t"
+        "add	r2, sp, #0x60\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #10\n\t"
+        "\n"
+    "L_curve25519_inv_4_%=: \n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_curve25519_inv_4_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #49\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #49\n\t"
         "\n"
     "L_curve25519_inv_5_%=: \n\t"
-        "add	r0, sp, #0x60\n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_curve25519_inv_5_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
         "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #0x60\n\t"
-        "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
         "add	r0, sp, #0x80\n\t"
-        "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #0x63\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #0x63\n\t"
         "\n"
     "L_curve25519_inv_6_%=: \n\t"
-        "add	r0, sp, #0x80\n\t"
         "add	r1, sp, #0x80\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x80\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_curve25519_inv_6_%=\n\t"
-        "add	r0, sp, #0x60\n\t"
-        "add	r1, sp, #0x80\n\t"
         "add	r2, sp, #0x60\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #50\n\t"
+        "add	r1, sp, #0x80\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #50\n\t"
         "\n"
     "L_curve25519_inv_7_%=: \n\t"
-        "add	r0, sp, #0x60\n\t"
         "add	r1, sp, #0x60\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_curve25519_inv_7_%=\n\t"
-        "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #0x60\n\t"
         "add	r2, sp, #0x40\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #5\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #5\n\t"
         "\n"
     "L_curve25519_inv_8_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
         "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_curve25519_inv_8_%=\n\t"
-        "add	r0, sp, #0\n\t"
-        "add	r1, sp, #0x40\n\t"
         "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "add	r2, sp, #0\n\t"
-        "ldr	r1, [sp, #160]\n\t"
-        "ldr	r0, [sp, #160]\n\t"
-        "bl	fe_mul\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r2, [sp, #184]\n\t"
+        "ldr	r1, [sp, #176]\n\t"
+        "ldr	r0, [sp, #176]\n\t"
+        "bl	fe_mul_op\n\t"
+        /* Ensure result is less than modulus */
+        "ldr	%[r], [sp, #176]\n\t"
+        "ldm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "mov	%[a], #19\n\t"
+        "and	%[a], %[a], r11, asr #31\n\t"
+        "adds	r4, r4, %[a]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
+#else
+        "bfc	r11, #31, #1\n\t"
+#endif
+        "adcs	r10, r10, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "mov	r0, #0\n\t"
-        "add	sp, sp, #0xbc\n\t"
+        "add	sp, sp, #0xc0\n\t"
         : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+void fe_invert(fe r_p, const fe a_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x88\n\t"
+        /* Invert */
+        "str	%[r], [sp, #128]\n\t"
+        "str	%[a], [sp, #132]\n\t"
+        "ldr	r1, [sp, #132]\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r1, sp\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #32\n\t"
+        "ldr	r1, [sp, #132]\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r2, sp, #32\n\t"
+        "mov	r1, sp\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r1, sp\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #4\n\t"
+        "\n"
+    "L_fe_invert1_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert1_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #9\n\t"
+        "\n"
+    "L_fe_invert2_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert2_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #19\n\t"
+        "\n"
+    "L_fe_invert3_%=: \n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert3_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #10\n\t"
+        "\n"
+    "L_fe_invert4_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert4_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #49\n\t"
+        "\n"
+    "L_fe_invert5_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert5_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #0x63\n\t"
+        "\n"
+    "L_fe_invert6_%=: \n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x60\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert6_%=\n\t"
+        "add	r2, sp, #0x40\n\t"
+        "add	r1, sp, #0x60\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #50\n\t"
+        "\n"
+    "L_fe_invert7_%=: \n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert7_%=\n\t"
+        "add	r2, sp, #32\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #5\n\t"
+        "\n"
+    "L_fe_invert8_%=: \n\t"
+        "add	r1, sp, #32\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
+        "bne	L_fe_invert8_%=\n\t"
+        "mov	r2, sp\n\t"
+        "add	r1, sp, #32\n\t"
+        "ldr	r0, [sp, #128]\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	%[a], [sp, #132]\n\t"
+        "ldr	%[r], [sp, #128]\n\t"
+        "add	sp, sp, #0x88\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void fe_sq2(fe r_p, const fe a_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	r0, [sp, #64]\n\t"
+        /* Square * 2 */
+        "mov	r0, #0\n\t"
+        "ldr	r12, [r1]\n\t"
+        /* A[0] * A[1] */
+        "ldr	lr, [r1, #4]\n\t"
+        "umull	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "ldr	lr, [r1, #12]\n\t"
+        "umull	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "umull	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "umull	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "ldr	lr, [r1, #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "ldr	r12, [r1, #4]\n\t"
+        "ldr	lr, [r1, #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "ldr	lr, [r1, #12]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r4, r0, #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "ldr	r12, [r1, #8]\n\t"
+        "ldr	lr, [r1, #12]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "ldr	lr, [r1, #16]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r5, r0, #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "ldr	r12, [r1, #12]\n\t"
+        "ldr	lr, [r1, #16]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "ldr	lr, [r1, #20]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r6, r0, #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "ldr	r12, [r1, #16]\n\t"
+        "ldr	lr, [r1, #20]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "ldr	lr, [r1, #24]\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r7, r0, #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "ldr	r12, [r1, #20]\n\t"
+        "ldr	lr, [r1, #24]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "ldr	lr, [r1, #28]\n\t"
+        "adc	r8, r0, #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "ldr	r12, [r1, #24]\n\t"
+        "ldr	lr, [r1, #28]\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adc	r10, r0, #0\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "ldr	r12, [r1]\n\t"
+        "umull	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "ldr	r12, [r1, #4]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "ldr	r12, [r1, #8]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "ldr	r12, [r1, #12]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r9, r11, r12, r12\n\t"
+        "adds	r10, r10, r11\n\t"
+        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "ldr	r12, [r1, #16]\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "ldr	r12, [r1, #20]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "ldr	r12, [r1, #24]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "ldr	r12, [r1, #28]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r12, r12\n\t"
+        /* Reduce */
+        "ldr	r2, [sp, #28]\n\t"
+        "mov	lr, sp\n\t"
+        "mov	r12, #38\n\t"
+        "umull	r10, r11, r12, r10\n\t"
+        "adds	r10, r10, r2\n\t"
+        "adc	r11, r11, #0\n\t"
+        "mov	r12, #19\n\t"
+        "lsl	r11, r11, #1\n\t"
+        "orr	r11, r11, r10, LSR #31\n\t"
+        "mul	r11, r12, r11\n\t"
+        "ldm	lr!, {r1, r2}\n\t"
+        "mov	r12, #38\n\t"
+        "adds	r1, r1, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r1, r11, r3, r12\n\t"
+        "adds	r2, r2, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r2, r11, r4, r12\n\t"
+        "ldm	lr!, {r3, r4}\n\t"
+        "adds	r3, r3, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r3, r11, r5, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r4, r11, r6, r12\n\t"
+        "ldm	lr!, {r5, r6}\n\t"
+        "adds	r5, r5, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r5, r11, r7, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r6, r11, r8, r12\n\t"
+        "ldm	lr!, {r7, r8}\n\t"
+        "adds	r7, r7, r11\n\t"
+        "adc	r11, r0, #0\n\t"
+        "umlal	r7, r11, r9, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r10, r10, #0x80000000\n\t"
+#else
+        "bfc	r10, #31, #1\n\t"
+#endif
+        "adds	r8, r10, r11\n\t"
+        /* Reduce if top bit set */
+        "mov	r12, #19\n\t"
+        "and	r11, r12, r8, ASR #31\n\t"
+        "adds	r1, r1, r11\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r8, r8, #0x80000000\n\t"
+#else
+        "bfc	r8, #31, #1\n\t"
+#endif
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        /* Double */
+        "adds	r1, r1, r1\n\t"
+        "adcs	r2, r2, r2\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adc	r8, r8, r8\n\t"
+        /* Reduce if top bit set */
+        "mov	r12, #19\n\t"
+        "and	r11, r12, r8, ASR #31\n\t"
+        "adds	r1, r1, r11\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r8, r8, #0x80000000\n\t"
+#else
+        "bfc	r8, #31, #1\n\t"
+#endif
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        /* Store */
+        "ldr	r0, [sp, #64]\n\t"
+        "stm	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#else
+void fe_sq2(fe r_p, const fe a_p)
+{
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #36\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r0, [sp, #28]\n\t"
+        "str	r1, [sp, #32]\n\t"
+#else
+        "strd	r0, r1, [sp, #28]\n\t"
+#endif
+        "ldm	r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        /* Square * 2 */
+        "umull	r9, r10, r0, r0\n\t"
+        "umull	r11, r12, r0, r1\n\t"
+        "adds	r11, r11, r11\n\t"
+        "mov	lr, #0\n\t"
+        "umaal	r10, r11, lr, lr\n\t"
+        "stm	sp, {r9, r10}\n\t"
+        "mov	r8, lr\n\t"
+        "umaal	r8, r12, r0, r2\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r8, r11, r1, r1\n\t"
+        "umull	r9, r10, r0, r3\n\t"
+        "umaal	r9, r12, r1, r2\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [sp, #8]\n\t"
+        "str	r9, [sp, #12]\n\t"
+#else
+        "strd	r8, r9, [sp, #8]\n\t"
+#endif
+        "mov	r9, lr\n\t"
+        "umaal	r9, r10, r0, r4\n\t"
+        "umaal	r9, r12, r1, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r2, r2\n\t"
+        "str	r9, [sp, #16]\n\t"
+        "umull	r9, r8, r0, r5\n\t"
+        "umaal	r9, r12, r1, r4\n\t"
+        "umaal	r9, r10, r2, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r8, r0, r6\n\t"
+        "umaal	r9, r12, r1, r5\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r3, r3\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "umull	r0, r9, r0, r7\n\t"
+        "umaal	r0, r8, r1, r6\n\t"
+        "umaal	r0, r12, r2, r5\n\t"
+        "umaal	r0, r10, r3, r4\n\t"
+        "adcs	r0, r0, r0\n\t"
+        "umaal	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "umaal	r9, r8, r1, r7\n\t"
+        "umaal	r9, r10, r2, r6\n\t"
+        "umaal	r12, r9, r3, r5\n\t"
+        "adcs	r12, r12, r12\n\t"
+        "umaal	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "umaal	r9, r8, r2, r7\n\t"
+        "umaal	r10, r9, r3, r6\n\t"
+        "mov	r2, lr\n\t"
+        "umaal	r10, r2, r4, r5\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "umaal	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "umaal	r2, r8, r3, r7\n\t"
+        "umaal	r2, r9, r4, r6\n\t"
+        "adcs	r3, r2, r2\n\t"
+        "umaal	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "mov	r1, lr\n\t"
+        "umaal	r1, r8, r4, r7\n\t"
+        "umaal	r1, r9, r5, r6\n\t"
+        "adcs	r4, r1, r1\n\t"
+        "umaal	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "umaal	r8, r9, r5, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "mov	r5, lr\n\t"
+        "umaal	r5, r9, r6, r7\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "umaal	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r5, r7, r7\n\t"
+        "adcs	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        /* Reduce */
+        "mov	r6, #37\n\t"
+        "umaal	r7, r0, r7, r6\n\t"
+        "mov	r6, #19\n\t"
+        "lsl	r0, r0, #1\n\t"
+        "orr	r0, r0, r7, lsr #31\n\t"
+        "mul	lr, r0, r6\n\t"
+        "pop	{r0-r1}\n\t"
+        "mov	r6, #38\n\t"
+        "umaal	r0, lr, r12, r6\n\t"
+        "umaal	r1, lr, r11, r6\n\t"
+        "mov	r12, r3\n\t"
+        "mov	r11, r4\n\t"
+        "pop	{r2-r4}\n\t"
+        "umaal	r2, lr, r10, r6\n\t"
+        "umaal	r3, lr, r12, r6\n\t"
+        "umaal	r4, lr, r11, r6\n\t"
+        "mov	r12, r6\n\t"
+        "pop	{r5-r6}\n\t"
+        "umaal	r5, lr, r8, r12\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r7, r7, #0x80000000\n\t"
+#else
+        "bfc	r7, #31, #1\n\t"
+#endif
+        "umaal	r6, lr, r9, r12\n\t"
+        "add	r7, r7, lr\n\t"
+        /* Reduce if top bit set */
+        "mov	r11, #19\n\t"
+        "and	r12, r11, r7, ASR #31\n\t"
+        "adds	r0, r0, r12\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r7, r7, #0x80000000\n\t"
+#else
+        "bfc	r7, #31, #1\n\t"
+#endif
+        "adcs	r6, r6, #0\n\t"
+        "adc	r7, r7, #0\n\t"
+        /* Double */
+        "adds	r0, r0, r0\n\t"
+        "adcs	r1, r1, r1\n\t"
+        "adcs	r2, r2, r2\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adc	r7, r7, r7\n\t"
+        /* Reduce if top bit set */
+        "mov	r11, #19\n\t"
+        "and	r12, r11, r7, ASR #31\n\t"
+        "adds	r0, r0, r12\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r7, r7, #0x80000000\n\t"
+#else
+        "bfc	r7, #31, #1\n\t"
+#endif
+        "adcs	r6, r6, #0\n\t"
+        "adc	r7, r7, #0\n\t"
+        "pop	{r12, lr}\n\t"
+        /* Store */
+        "stm	r12, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "mov	r0, r12\n\t"
+        "mov	r1, lr\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 void fe_pow22523(fe r_p, const fe a_p)
 {
-    register fe r asm ("r0") = r_p;
-    register const fe a asm ("r1") = a_p;
+    register sword32* r asm ("r0") = (sword32*)r_p;
+    register const sword32* a asm ("r1") = (const sword32*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x68\n\t"
         /* pow22523 */
         "str	%[r], [sp, #96]\n\t"
         "str	%[a], [sp, #100]\n\t"
-        "mov	r0, sp\n\t"
         "ldr	r1, [sp, #100]\n\t"
-        "bl	fe_sq\n\t"
-        "add	r0, sp, #32\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_sq_op\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
         "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
         "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "add	r2, sp, #32\n\t"
         "ldr	r1, [sp, #100]\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r0, sp\n\t"
         "mov	r1, sp\n\t"
-        "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
         "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
         "mov	r0, sp\n\t"
-        "add	r1, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
         "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #32\n\t"
+        "add	r1, sp, #32\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #4\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #4\n\t"
         "\n"
     "L_fe_pow22523_1_%=: \n\t"
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_1_%=\n\t"
-        "mov	r0, sp\n\t"
-        "add	r1, sp, #32\n\t"
         "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #32\n\t"
+        "add	r1, sp, #32\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #9\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #9\n\t"
         "\n"
     "L_fe_pow22523_2_%=: \n\t"
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_2_%=\n\t"
+        "mov	r2, sp\n\t"
+        "add	r1, sp, #32\n\t"
         "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #32\n\t"
-        "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
         "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #19\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #19\n\t"
         "\n"
     "L_fe_pow22523_3_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
         "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_3_%=\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #0x40\n\t"
         "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #10\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #10\n\t"
         "\n"
     "L_fe_pow22523_4_%=: \n\t"
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_4_%=\n\t"
-        "mov	r0, sp\n\t"
-        "add	r1, sp, #32\n\t"
         "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #32\n\t"
+        "add	r1, sp, #32\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #49\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #49\n\t"
         "\n"
     "L_fe_pow22523_5_%=: \n\t"
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_5_%=\n\t"
+        "mov	r2, sp\n\t"
+        "add	r1, sp, #32\n\t"
         "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
         "add	r1, sp, #32\n\t"
-        "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
         "add	r0, sp, #0x40\n\t"
-        "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "mov	r4, #0x63\n\t"
+        "bl	fe_sq_op\n\t"
+        "mov	r12, #0x63\n\t"
         "\n"
     "L_fe_pow22523_6_%=: \n\t"
-        "add	r0, sp, #0x40\n\t"
         "add	r1, sp, #0x40\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #0x40\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_6_%=\n\t"
-        "add	r0, sp, #32\n\t"
-        "add	r1, sp, #0x40\n\t"
         "add	r2, sp, #32\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #50\n\t"
+        "add	r1, sp, #0x40\n\t"
+        "add	r0, sp, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #50\n\t"
         "\n"
     "L_fe_pow22523_7_%=: \n\t"
-        "add	r0, sp, #32\n\t"
         "add	r1, sp, #32\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "add	r0, sp, #32\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_7_%=\n\t"
-        "mov	r0, sp\n\t"
-        "add	r1, sp, #32\n\t"
         "mov	r2, sp\n\t"
-        "bl	fe_mul\n\t"
-        "mov	r4, #2\n\t"
+        "add	r1, sp, #32\n\t"
+        "mov	r0, sp\n\t"
+        "bl	fe_mul_op\n\t"
+        "mov	r12, #2\n\t"
         "\n"
     "L_fe_pow22523_8_%=: \n\t"
-        "mov	r0, sp\n\t"
         "mov	r1, sp\n\t"
-        "bl	fe_sq\n\t"
-        "sub	r4, r4, #1\n\t"
-        "cmp	r4, #0\n\t"
+        "mov	r0, sp\n\t"
+        "push	{r12}\n\t"
+        "bl	fe_sq_op\n\t"
+        "pop	{r12}\n\t"
+        "subs	r12, r12, #1\n\t"
         "bne	L_fe_pow22523_8_%=\n\t"
-        "ldr	r0, [sp, #96]\n\t"
-        "mov	r1, sp\n\t"
         "ldr	r2, [sp, #100]\n\t"
-        "bl	fe_mul\n\t"
+        "mov	r1, sp\n\t"
+        "ldr	r0, [sp, #96]\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	%[a], [sp, #100]\n\t"
         "ldr	%[r], [sp, #96]\n\t"
         "add	sp, sp, #0x68\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "lr", "r4"
+        : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
 }
 
-void fe_ge_to_p2(fe rx_p, fe ry_p, fe rz_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p)
+void ge_p1p1_to_p2(ge_p2 * r_p, const ge_p1p1 * p_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register const fe px asm ("r3") = px_p;
-    register const fe py asm ("r4") = py_p;
-    register const fe pz asm ("r5") = pz_p;
-    register const fe pt asm ("r6") = pt_p;
+    register ge_p2 * r asm ("r0") = (ge_p2 *)r_p;
+    register const ge_p1p1 * p asm ("r1") = (const ge_p1p1 *)p_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #16\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[px], [sp, #12]\n\t"
-        "ldr	r2, [sp, #28]\n\t"
-        "ldr	r1, [sp, #12]\n\t"
+        "sub	sp, sp, #8\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "add	r2, r1, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #24]\n\t"
-        "ldr	r1, [sp, #20]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #28]\n\t"
-        "ldr	r1, [sp, #24]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "add	sp, sp, #16\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [px] "+r" (px)
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #0x40\n\t"
+        "add	r1, r1, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #0x60\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	sp, sp, #8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "lr"
+        : "memory", "lr", "r2", "r3", "r12", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
 }
 
-void fe_ge_to_p3(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p)
+void ge_p1p1_to_p3(ge_p3 * r_p, const ge_p1p1 * p_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
-    register const fe pt asm ("r7") = pt_p;
+    register ge_p3 * r asm ("r0") = (ge_p3 *)r_p;
+    register const ge_p1p1 * p asm ("r1") = (const ge_p1p1 *)p_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #16\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
-        "ldr	r2, [sp, #32]\n\t"
-        "ldr	r1, [sp, #20]\n\t"
+        "sub	sp, sp, #8\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "add	r2, r1, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #28]\n\t"
-        "ldr	r1, [sp, #24]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #32]\n\t"
-        "ldr	r1, [sp, #28]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #24]\n\t"
-        "ldr	r1, [sp, #20]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_mul\n\t"
-        "add	sp, sp, #16\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #0x40\n\t"
+        "add	r1, r1, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #0x60\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #32\n\t"
+        "add	r0, r0, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "add	sp, sp, #8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "lr"
+        : "memory", "lr", "r2", "r3", "r12", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
 }
 
-void fe_ge_dbl(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p)
+void ge_p2_dbl(ge_p1p1 * r_p, const ge_p2 * p_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
+    register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p2 * p asm ("r1") = (const ge_p2 *)p_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #16\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
-        "ldr	r1, [sp, #52]\n\t"
+        "sub	sp, sp, #8\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "bl	fe_sq_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "bl	fe_sq\n\t"
-        "ldr	r1, [sp, #56]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_sq\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #52]\n\t"
-        "ldr	r2, [sp, #56]\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
         "ldr	r1, [sp, #4]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_sq\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #8]\n\t"
-        "ldr	r2, [sp]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r2]\n\t"
-        "ldr	r7, [r2, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r2]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r2, #8]\n\t"
-        "ldr	r7, [r2, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r2, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r2, #16]\n\t"
-        "ldr	r7, [r2, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r2, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #24]\n\t"
-        "ldr	r5, [r1, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r2, #24]\n\t"
-        "ldr	r7, [r2, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r2, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
-#else
-        "strd	r10, r11, [r1, #24]\n\t"
-#endif
+        "add	r1, r1, #32\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "ldr	r1, [sp, #12]\n\t"
-        "ldr	r2, [sp, #4]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r1, [sp, #60]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r2, r1, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_op\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_sq_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "mov	r3, r0\n\t"
+        "add	r2, r0, #0x40\n\t"
+        "add	r1, r0, #0x40\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "mov	r2, r0\n\t"
+        "add	r1, r0, #0x40\n\t"
+        "sub	r0, r0, #32\n\t"
+        "bl	fe_sub_op\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #0x60\n\t"
         "bl	fe_sq2\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "ldr	r1, [sp, #8]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1]\n\t"
-        "ldr	r9, [r1, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #8]\n\t"
-        "ldr	r11, [r1, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1, #16]\n\t"
-        "ldr	r9, [r1, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #24]\n\t"
-        "ldr	r11, [r1, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "add	sp, sp, #16\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        "sub	r2, r0, #32\n\t"
+        "mov	r1, r0\n\t"
+        "bl	fe_sub_op\n\t"
+        "add	sp, sp, #8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
 }
 
-void fe_ge_madd(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qxy2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_madd(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
-    register const fe pt asm ("r7") = pt_p;
-    register const fe qxy2d asm ("r8") = qxy2d_p;
-    register const fe qyplusx asm ("r9") = qyplusx_p;
-    register const fe qyminusx asm ("r10") = qyminusx_p;
+    register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+    register const ge_precomp * q asm ("r2") = (const ge_precomp *)q_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
-        "ldr	r0, [sp]\n\t"
-        "ldr	r1, [sp, #72]\n\t"
-        "ldr	r2, [sp, #68]\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #72]\n\t"
-        "ldr	r2, [sp, #68]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r2, [sp, #88]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #92]\n\t"
+        "sub	sp, sp, #12\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "str	%[q], [sp, #8]\n\t"
+        "mov	r2, r1\n\t"
+        "add	r1, r1, #32\n\t"
+        "bl	fe_add_op\n\t"
         "ldr	r1, [sp, #4]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #80]\n\t"
-        "ldr	r1, [sp, #84]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp]\n\t"
+        "mov	r2, r1\n\t"
+        "add	r1, r1, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_sub_op\n\t"
         "ldr	r2, [sp, #8]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
+        "sub	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r2, r2, #32\n\t"
+        "add	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #8]\n\t"
+        "ldr	r2, [sp, #4]\n\t"
+        "add	r2, r2, #0x60\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "add	r3, r0, #32\n\t"
+        "add	r2, r0, #0x40\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #32\n\t"
+        /* Double */
+        "ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "adcs	r11, r11, r11\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
+        "mov	r12, #19\n\t"
+        "lsl	lr, lr, #1\n\t"
+        "orr	lr, lr, r11, lsr #31\n\t"
+        "mul	r12, lr, r12\n\t"
         "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "bfc	r11, #31, #1\n\t"
 #endif
-        "ldr	r0, [sp, #8]\n\t"
-        "ldr	r1, [sp, #76]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "add	r3, r0, #32\n\t"
+        "add	r1, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	sp, sp, #12\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+void ge_msub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+{
+    register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+    register const ge_precomp * q asm ("r2") = (const ge_precomp *)q_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #12\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "str	%[q], [sp, #8]\n\t"
+        "mov	r2, r1\n\t"
+        "add	r1, r1, #32\n\t"
+        "bl	fe_add_op\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "mov	r2, r1\n\t"
+        "add	r1, r1, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_sub_op\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r2, r2, #32\n\t"
+        "sub	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #8]\n\t"
+        "ldr	r2, [sp, #4]\n\t"
+        "add	r2, r2, #0x60\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "add	r3, r0, #32\n\t"
+        "add	r2, r0, #0x40\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "add	r0, r0, #32\n\t"
         /* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1, #16]\n\t"
-        "ldr	r9, [r1, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #24]\n\t"
-        "ldr	r11, [r1, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #24]\n\t"
-#endif
+        "ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "adds	r4, r4, r4\n\t"
         "adcs	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
@@ -7364,845 +5425,81 @@ void fe_ge_madd(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p
         "adcs	r8, r8, r8\n\t"
         "adcs	r9, r9, r9\n\t"
         "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #8]\n\t"
-        "ldr	r1, [sp, #12]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1]\n\t"
-        "ldr	r7, [r1, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r1]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "adcs	r11, r11, r11\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #16]\n\t"
-        "ldr	r7, [r1, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #24]\n\t"
-        "ldr	r5, [r0, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
+        "mov	r12, #19\n\t"
+        "lsl	lr, lr, #1\n\t"
+        "orr	lr, lr, r11, lsr #31\n\t"
+        "mul	r12, lr, r12\n\t"
         "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "bfc	r11, #31, #1\n\t"
 #endif
-        "add	sp, sp, #32\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        "adcs	r10, r10, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "add	r3, r0, #32\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	sp, sp, #12\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
-    (void)qxy2d_p;
-    (void)qyplusx_p;
-    (void)qyminusx_p;
 }
 
-void fe_ge_msub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qxy2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_add(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
-    register const fe pt asm ("r7") = pt_p;
-    register const fe qxy2d asm ("r8") = qxy2d_p;
-    register const fe qyplusx asm ("r9") = qyplusx_p;
-    register const fe qyminusx asm ("r10") = qyminusx_p;
+    register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+    register const ge_cached* q asm ("r2") = (const ge_cached*)q_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #32\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
+        "sub	sp, sp, #44\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "str	%[q], [sp, #8]\n\t"
+        "mov	r3, r1\n\t"
+        "add	r2, r1, #32\n\t"
+        "add	r1, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r2, r2, #32\n\t"
+        "add	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #8]\n\t"
+        "ldr	r2, [sp, #4]\n\t"
+        "add	r2, r2, #0x60\n\t"
+        "add	r1, r1, #0x60\n\t"
+        "add	r0, r0, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "ldr	r1, [sp, #72]\n\t"
-        "ldr	r2, [sp, #68]\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #72]\n\t"
-        "ldr	r2, [sp, #68]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r2, [sp, #92]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #88]\n\t"
         "ldr	r1, [sp, #4]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #80]\n\t"
-        "ldr	r1, [sp, #84]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp]\n\t"
         "ldr	r2, [sp, #8]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
-#else
-        "strd	r10, r11, [r1, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #8]\n\t"
-        "ldr	r1, [sp, #76]\n\t"
+        "add	r2, r2, #0x40\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r1, [sp]\n\t"
+        "add	r0, sp, #12\n\t"
         /* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1, #16]\n\t"
-        "ldr	r9, [r1, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #24]\n\t"
-        "ldr	r11, [r1, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #24]\n\t"
-#endif
+        "ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "adds	r4, r4, r4\n\t"
         "adcs	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
@@ -8210,608 +5507,86 @@ void fe_ge_msub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p
         "adcs	r8, r8, r8\n\t"
         "adcs	r9, r9, r9\n\t"
         "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #12]\n\t"
-        "ldr	r1, [sp, #8]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
-#endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "adcs	r11, r11, r11\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #24]\n\t"
-        "ldr	r5, [r1, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
+        "mov	r12, #19\n\t"
+        "lsl	lr, lr, #1\n\t"
+        "orr	lr, lr, r11, lsr #31\n\t"
+        "mul	r12, lr, r12\n\t"
         "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "bfc	r11, #31, #1\n\t"
 #endif
-        "add	sp, sp, #32\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        "adcs	r10, r10, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "add	r3, r1, #32\n\t"
+        "add	r2, r1, #0x40\n\t"
+        "add	r0, r1, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	r3, r0, #0x40\n\t"
+        "add	r2, sp, #12\n\t"
+        "add	r1, r0, #0x40\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	sp, sp, #44\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
-    (void)qxy2d_p;
-    (void)qyplusx_p;
-    (void)qyminusx_p;
 }
 
-void fe_ge_add(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qz_p, const fe qt2d_p, const fe qyplusx_p, const fe qyminusx_p)
+void ge_sub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
-    register const fe pt asm ("r7") = pt_p;
-    register const fe qz asm ("r8") = qz_p;
-    register const fe qt2d asm ("r9") = qt2d_p;
-    register const fe qyplusx asm ("r10") = qyplusx_p;
-    register const fe qyminusx asm ("r11") = qyminusx_p;
+    register ge_p1p1 * r asm ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p asm ("r1") = (const ge_p3 *)p_p;
+    register const ge_cached* q asm ("r2") = (const ge_cached*)q_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #0x60\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
+        "sub	sp, sp, #44\n\t"
+        "str	%[r], [sp]\n\t"
+        "str	%[p], [sp, #4]\n\t"
+        "str	%[q], [sp, #8]\n\t"
+        "mov	r3, r1\n\t"
+        "add	r2, r1, #32\n\t"
+        "add	r1, r0, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r2, r2, #32\n\t"
+        "mov	r1, r0\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "ldr	r1, [sp, #136]\n\t"
-        "ldr	r2, [sp, #132]\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #136]\n\t"
-        "ldr	r2, [sp, #132]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
-#endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r2, [sp, #156]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #160]\n\t"
-        "ldr	r1, [sp, #4]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #144]\n\t"
-        "ldr	r1, [sp, #152]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #148]\n\t"
-        "ldr	r1, [sp, #140]\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r1, r0, #32\n\t"
+        "add	r0, r0, #32\n\t"
+        "bl	fe_mul_op\n\t"
+        "ldr	r0, [sp]\n\t"
+        "ldr	r1, [sp, #8]\n\t"
+        "ldr	r2, [sp, #4]\n\t"
+        "add	r2, r2, #0x60\n\t"
+        "add	r1, r1, #0x60\n\t"
+        "add	r0, r0, #0x60\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r0, [sp]\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #16\n\t"
+        "ldr	r1, [sp, #4]\n\t"
+        "ldr	r2, [sp, #8]\n\t"
+        "add	r2, r2, #0x40\n\t"
+        "add	r1, r1, #0x40\n\t"
+        "bl	fe_mul_op\n\t"
         "ldr	r1, [sp]\n\t"
+        "add	r0, sp, #12\n\t"
         /* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1, #16]\n\t"
-        "ldr	r9, [r1, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #24]\n\t"
-        "ldr	r11, [r1, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #24]\n\t"
-#endif
+        "ldm	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "adds	r4, r4, r4\n\t"
         "adcs	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
@@ -8819,1398 +5594,3410 @@ void fe_ge_add(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p,
         "adcs	r8, r8, r8\n\t"
         "adcs	r9, r9, r9\n\t"
         "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
+        "mov	lr, #0\n\t"
+        "adcs	r11, r11, r11\n\t"
+        "adc	lr, lr, #0\n\t"
+        "mov	r12, #19\n\t"
+        "lsl	lr, lr, #1\n\t"
+        "orr	lr, lr, r11, lsr #31\n\t"
+        "mul	r12, lr, r12\n\t"
+        "adds	r4, r4, r12\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0x80000000\n\t"
 #else
-        "strd	r6, r7, [r0, #8]\n\t"
+        "bfc	r11, #31, #1\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "stm	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "add	r3, r1, #32\n\t"
+        "add	r2, r1, #0x40\n\t"
+        "add	r0, r1, #32\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	r3, r0, #0x40\n\t"
+        "add	r2, sp, #12\n\t"
+        "add	r1, r0, #32\n\t"
+        "add	r0, r0, #0x40\n\t"
+        "bl	fe_add_sub_op\n\t"
+        "add	sp, sp, #44\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void sc_reduce(byte* s_p)
+{
+    register byte* s asm ("r0") = (byte*)s_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #56\n\t"
+        "str	%[s], [sp, #52]\n\t"
+        /* Load bits 252-511 */
+        "add	%[s], %[s], #28\n\t"
+        "ldm	%[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "lsr	lr, r9, #24\n\t"
+        "lsl	r9, r9, #4\n\t"
+        "orr	r9, r9, r8, LSR #28\n\t"
+        "lsl	r8, r8, #4\n\t"
+        "orr	r8, r8, r7, LSR #28\n\t"
+        "lsl	r7, r7, #4\n\t"
+        "orr	r7, r7, r6, LSR #28\n\t"
+        "lsl	r6, r6, #4\n\t"
+        "orr	r6, r6, r5, LSR #28\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, LSR #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, r3, LSR #28\n\t"
+        "lsl	r3, r3, #4\n\t"
+        "orr	r3, r3, r2, LSR #28\n\t"
+        "lsl	r2, r2, #4\n\t"
+        "orr	r2, r2, r1, LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "sub	%[s], %[s], #28\n\t"
+        /* Add order times bits 504..511 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xa3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #10\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #44\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x2c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x13\n\t"
+#else
+        "mov	r10, #0x2c13\n\t"
+#endif
+        "movt	r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xa7\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xed\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xe5\n\t"
 #else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0xe5\n\t"
+#else
+        "mov	r11, #0x9ce5\n\t"
+#endif
+        "movt	r11, #0xa7ed\n\t"
+#endif
+        "mov	r1, #0\n\t"
+        "umlal	r2, r1, r10, lr\n\t"
+        "adds	r3, r3, r1\n\t"
+        "mov	r1, #0\n\t"
+        "adc	r1, r1, #0\n\t"
+        "umlal	r3, r1, r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5d\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #8\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x29\n\t"
+#else
+        "mov	r10, #0x6329\n\t"
+#endif
+        "movt	r10, #0x5d08\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xeb\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
 #else
-        "strd	r10, r11, [r0, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r2, [sp, #8]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x21\n\t"
 #else
-        "ldrd	r4, r5, [r2]\n\t"
+        "mov	r11, #0x621\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
+        "movt	r11, #0xeb21\n\t"
 #endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
+        "adds	r4, r4, r1\n\t"
+        "mov	r1, #0\n\t"
+        "adc	r1, r1, #0\n\t"
+        "umlal	r4, r1, r10, lr\n\t"
+        "adds	r5, r5, r1\n\t"
+        "mov	r1, #0\n\t"
+        "adc	r1, r1, #0\n\t"
+        "umlal	r5, r1, r11, lr\n\t"
+        "adds	r6, r6, r1\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "subs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	r9, r9, #0\n\t"
+        /* Sub product of top 8 words and order */
+        "mov	r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa3\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #10\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #44\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x2c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x13\n\t"
+#else
+        "mov	r1, #0x2c13\n\t"
+#endif
+        "movt	r1, #0xa30a\n\t"
 #endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
+        "umlal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
+        "umlal	r10, lr, r4, r1\n\t"
+        "adds	r11, r11, lr\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
+        "umlal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0xf0000000\n\t"
 #else
-        "ldrd	r4, r5, [r0, #8]\n\t"
+        "bfc	r11, #28, #4\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa7\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xed\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0xe5\n\t"
+#else
+        "mov	r1, #0x9ce5\n\t"
+#endif
+        "movt	r1, #0xa7ed\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x5d\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #8\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x29\n\t"
+#else
+        "mov	r1, #0x6329\n\t"
+#endif
+        "movt	r1, #0x5d08\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xeb\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x21\n\t"
+#else
+        "mov	r1, #0x621\n\t"
+#endif
+        "movt	r1, #0xeb21\n\t"
 #endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, r1\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+        /* Subtract at 4 * 32 */
+        "ldm	r12, {r10, r11}\n\t"
+        "subs	r10, r10, r2\n\t"
+        "sbcs	r11, r11, r3\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r4\n\t"
+        "sbcs	r11, r11, r5\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r6\n\t"
+        "sbcs	r11, r11, r7\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r8\n\t"
+        "sbc	r11, r11, r9\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "sub	r12, r12, #36\n\t"
+        "asr	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa00000\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x0\n\t"
+#else
+        "mov	r1, #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r2, #0x4b\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0x9e\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0xba\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r2, #0xba\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "add	r2, r2, #0x7d\n\t"
+#else
+        "mov	r2, #0xba7d\n\t"
+#endif
+        "movt	r2, #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r3, #0xcb\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #2\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #0x4c\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #0x63\n\t"
 #else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r3, #0x4c\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "add	r3, r3, #0x63\n\t"
 #else
-        "ldrd	r4, r5, [r1]\n\t"
+        "mov	r3, #0x4c63\n\t"
 #endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
-#else
-        "strd	r4, r5, [r1]\n\t"
+        "movt	r3, #0xcb02\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xd4\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x5e\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x9a\n\t"
 #else
-        "ldrd	r4, r5, [r1, #8]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "add	r4, r4, #0x9a\n\t"
 #else
-        "strd	r4, r5, [r1, #8]\n\t"
+        "mov	r4, #0xf39a\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #16]\n\t"
+        "movt	r4, #0xd45e\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #2\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0x9b\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #59\n\t"
 #else
-        "strd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "add	r5, r5, #0x3b\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "mov	r5, #0xdf3b\n\t"
 #endif
-        "ldr	r0, [sp, #8]\n\t"
-        "ldr	r1, [sp, #12]\n\t"
-        "add	r2, sp, #16\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r2]\n\t"
+        "movt	r5, #0x29b\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1]\n\t"
-        "ldr	r7, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r9, #0x20000\n\t"
+        "lsl	r9, r9, #8\n\t"
+        "add	r9, r9, #0x0\n\t"
 #else
-        "ldrd	r6, r7, [r1]\n\t"
+        "mov	r9, #0x2000000\n\t"
 #endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
+        "and	r1, r1, lr\n\t"
+        "and	r2, r2, lr\n\t"
+        "and	r3, r3, lr\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, r1\n\t"
+        "adcs	r11, r11, r2\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r3\n\t"
+        "adcs	r11, r11, r4\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r5\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "stm	r12!, {r10}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "mov	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "add	r12, r12, #28\n\t"
+        "ldm	r12, {r1, r2, r3, r4, r5}\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, lsr #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, r3, lsr #28\n\t"
+        "lsl	r3, r3, #4\n\t"
+        "orr	r3, r3, r2, lsr #28\n\t"
+        "lsl	r2, r2, #4\n\t"
+        "orr	r2, r2, r1, lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r5, r5, #0xe0000000\n\t"
+#else
+        "bfc	r5, #29, #3\n\t"
+#endif
+        "sub	r12, r12, #28\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa3\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #10\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #44\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x2c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x13\n\t"
+#else
+        "mov	r1, #0x2c13\n\t"
+#endif
+        "movt	r1, #0xa30a\n\t"
 #endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, lr, r2, r1\n\t"
+        "adds	r7, r7, lr\n\t"
+        "mov	lr, #0\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
+        "umlal	r7, lr, r3, r1\n\t"
+        "adds	r8, r8, lr\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #16]\n\t"
-        "ldr	r7, [r1, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
+        "umlal	r8, lr, r4, r1\n\t"
+        "adds	r9, r9, lr\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
+        "umlal	r9, lr, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa7\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xed\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0xe5\n\t"
+#else
+        "mov	r1, #0x9ce5\n\t"
+#endif
+        "movt	r1, #0xa7ed\n\t"
 #endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
+        "mov	r10, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r10, r2, r1\n\t"
+        "adds	r7, r7, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r7, r10, r3, r1\n\t"
+        "adds	r8, r8, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r8, r10, r4, r1\n\t"
+        "adds	r9, r9, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x5d\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #8\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x29\n\t"
+#else
+        "mov	r1, #0x6329\n\t"
+#endif
+        "movt	r1, #0x5d08\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
+        "mov	r11, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r11, r2, r1\n\t"
+        "adds	r7, r7, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r7, r11, r3, r1\n\t"
+        "adds	r8, r8, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r8, r11, r4, r1\n\t"
+        "adds	r9, r9, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r9, r11, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xeb\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x21\n\t"
+#else
+        "mov	r1, #0x621\n\t"
+#endif
+        "movt	r1, #0xeb21\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
+        "mov	r12, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r12, r2, r1\n\t"
+        "adds	r7, r7, r12\n\t"
+        "mov	r12, #0\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umlal	r7, r12, r3, r1\n\t"
+        "adds	r8, r8, r12\n\t"
+        "mov	r12, #0\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umlal	r8, r12, r4, r1\n\t"
+        "adds	r9, r9, r12\n\t"
+        "mov	r12, #0\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umlal	r9, r12, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /* Add overflows at 4 * 32 */
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "adds	r6, r6, lr\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adc	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "subs	r6, r6, r2\n\t"
+        "sbcs	r7, r7, r3\n\t"
+        "sbcs	r8, r8, r4\n\t"
+        "sbcs	r9, r9, r5\n\t"
+        "sbc	r1, r1, r1\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "ldm	%[s], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xf5\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0xed\n\t"
+#else
+        "mov	r10, #0xd3ed\n\t"
+#endif
+        "movt	r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x58\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #18\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #26\n\t"
 #else
-        "ldrd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x1a\n\t"
 #else
-        "strd	r4, r5, [r0, #16]\n\t"
+        "mov	r11, #0x631a\n\t"
 #endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
-#else
-        "strd	r8, r9, [r0, #24]\n\t"
+        "movt	r11, #0x5812\n\t"
 #endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0xa2\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xf7\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xd6\n\t"
 #else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "add	r12, r12, #0xd6\n\t"
 #else
-        "strd	r4, r5, [r1]\n\t"
+        "mov	r12, #0x9cd6\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
+        "movt	r12, #0xa2f7\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #20\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
 #else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "add	lr, lr, #0xde\n\t"
 #else
-        "ldrd	r4, r5, [r1, #16]\n\t"
+        "mov	lr, #0xf9de\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
+        "movt	lr, #0x14de\n\t"
 #endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+        "and	r10, r10, r1\n\t"
+        "and	r11, r11, r1\n\t"
+        "and	r12, r12, r1\n\t"
+        "and	lr, lr, r1\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adcs	r5, r5, lr\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "and	r1, r1, #0x10000000\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "bfc	r9, #28, #4\n\t"
 #endif
-        "add	sp, sp, #0x60\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        /* Store result */
+        "ldr	%[s], [sp, #52]\n\t"
+        "stm	%[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	sp, sp, #56\n\t"
+        : [s] "+r" (s)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
-    (void)qz_p;
-    (void)qt2d_p;
-    (void)qyplusx_p;
-    (void)qyminusx_p;
 }
 
-void fe_ge_sub(fe rx_p, fe ry_p, fe rz_p, fe rt_p, const fe px_p, const fe py_p, const fe pz_p, const fe pt_p, const fe qz_p, const fe qt2d_p, const fe qyplusx_p, const fe qyminusx_p)
+#else
+void sc_reduce(byte* s_p)
 {
-    register fe rx asm ("r0") = rx_p;
-    register fe ry asm ("r1") = ry_p;
-    register fe rz asm ("r2") = rz_p;
-    register fe rt asm ("r3") = rt_p;
-    register const fe px asm ("r4") = px_p;
-    register const fe py asm ("r5") = py_p;
-    register const fe pz asm ("r6") = pz_p;
-    register const fe pt asm ("r7") = pt_p;
-    register const fe qz asm ("r8") = qz_p;
-    register const fe qt2d asm ("r9") = qt2d_p;
-    register const fe qyplusx asm ("r10") = qyplusx_p;
-    register const fe qyminusx asm ("r11") = qyminusx_p;
+    register byte* s asm ("r0") = (byte*)s_p;
 
     __asm__ __volatile__ (
-        "sub	sp, sp, #0x60\n\t"
-        "str	%[rx], [sp]\n\t"
-        "str	%[ry], [sp, #4]\n\t"
-        "str	%[rz], [sp, #8]\n\t"
-        "str	%[rt], [sp, #12]\n\t"
-        "ldr	r0, [sp]\n\t"
-        "ldr	r1, [sp, #136]\n\t"
-        "ldr	r2, [sp, #132]\n\t"
-        /* Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
+        "sub	sp, sp, #56\n\t"
+        "str	%[s], [sp, #52]\n\t"
+        /* Load bits 252-511 */
+        "add	%[s], %[s], #28\n\t"
+        "ldm	%[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "lsr	lr, r9, #24\n\t"
+        "lsl	r9, r9, #4\n\t"
+        "orr	r9, r9, r8, LSR #28\n\t"
+        "lsl	r8, r8, #4\n\t"
+        "orr	r8, r8, r7, LSR #28\n\t"
+        "lsl	r7, r7, #4\n\t"
+        "orr	r7, r7, r6, LSR #28\n\t"
+        "lsl	r6, r6, #4\n\t"
+        "orr	r6, r6, r5, LSR #28\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, LSR #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, r3, LSR #28\n\t"
+        "lsl	r3, r3, #4\n\t"
+        "orr	r3, r3, r2, LSR #28\n\t"
+        "lsl	r2, r2, #4\n\t"
+        "orr	r2, r2, r1, LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "sub	%[s], %[s], #28\n\t"
+        /* Add order times bits 504..511 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xa3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #10\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #44\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x2c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x13\n\t"
+#else
+        "mov	r10, #0x2c13\n\t"
+#endif
+        "movt	r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xa7\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xed\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xe5\n\t"
 #else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0xe5\n\t"
 #else
-        "ldrd	r6, r7, [r1, #8]\n\t"
+        "mov	r11, #0x9ce5\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
+        "movt	r11, #0xa7ed\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
+        "mov	r1, #0\n\t"
+        "umlal	r2, r1, r10, lr\n\t"
+        "umaal	r3, r1, r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5d\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #8\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #41\n\t"
 #else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "adds	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x29\n\t"
 #else
-        "strd	r8, r9, [r0]\n\t"
+        "mov	r10, #0x6329\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
+        "movt	r10, #0x5d08\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xeb\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
 #else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x21\n\t"
 #else
-        "ldrd	r6, r7, [r1, #24]\n\t"
+        "mov	r11, #0x621\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
+        "movt	r11, #0xeb21\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
+        "umaal	r4, r1, r10, lr\n\t"
+        "umaal	r5, r1, r11, lr\n\t"
+        "adds	r6, r6, r1\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "subs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	r9, r9, #0\n\t"
+        /* Sub product of top 8 words and order */
+        "mov	r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa3\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #10\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #44\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x2c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x13\n\t"
+#else
+        "mov	r1, #0x2c13\n\t"
+#endif
+        "movt	r1, #0xa30a\n\t"
 #endif
-        "adcs	r8, r4, r8\n\t"
-        "adcs	r9, r5, r9\n\t"
-        "adcs	r10, r6, r10\n\t"
-        "adc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "umaal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, r1\n\t"
+        "umaal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, r1\n\t"
+        "umaal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0xf0000000\n\t"
+#else
+        "bfc	r11, #28, #4\n\t"
+#endif
+        "umaal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa7\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xed\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0xe5\n\t"
+#else
+        "mov	r1, #0x9ce5\n\t"
+#endif
+        "movt	r1, #0xa7ed\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "umaal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, r1\n\t"
+        "umaal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, r1\n\t"
+        "umaal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, r1\n\t"
+        "umaal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x5d\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #8\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x29\n\t"
+#else
+        "mov	r1, #0x6329\n\t"
+#endif
+        "movt	r1, #0x5d08\n\t"
 #endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "umaal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, r1\n\t"
+        "umaal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, r1\n\t"
+        "umaal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, r1\n\t"
+        "umaal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xeb\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x21\n\t"
+#else
+        "mov	r1, #0x621\n\t"
+#endif
+        "movt	r1, #0xeb21\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, r2, r1\n\t"
+        "umaal	r11, lr, r3, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, r1\n\t"
+        "umaal	r11, lr, r5, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, r1\n\t"
+        "umaal	r11, lr, r7, r1\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, r1\n\t"
+        "umaal	r11, lr, r9, r1\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+        /* Subtract at 4 * 32 */
+        "ldm	r12, {r10, r11}\n\t"
+        "subs	r10, r10, r2\n\t"
+        "sbcs	r11, r11, r3\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r4\n\t"
+        "sbcs	r11, r11, r5\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r6\n\t"
+        "sbcs	r11, r11, r7\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r8\n\t"
+        "sbc	r11, r11, r9\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "sub	r12, r12, #36\n\t"
+        "asr	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa00000\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x0\n\t"
+#else
+        "mov	r1, #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r2, #0x4b\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0x9e\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0xba\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "orr	r2, r2, #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r2, #0xba\n\t"
+        "lsl	r2, r2, #8\n\t"
+        "add	r2, r2, #0x7d\n\t"
+#else
+        "mov	r2, #0xba7d\n\t"
+#endif
+        "movt	r2, #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r3, #0xcb\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #2\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #0x4c\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "orr	r3, r3, #0x63\n\t"
 #else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r3, #0x4c\n\t"
+        "lsl	r3, r3, #8\n\t"
+        "add	r3, r3, #0x63\n\t"
 #else
-        "strd	r8, r9, [r0, #16]\n\t"
+        "mov	r3, #0x4c63\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
-#else
-        "strd	r10, r11, [r0, #24]\n\t"
+        "movt	r3, #0xcb02\n\t"
 #endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp, #136]\n\t"
-        "ldr	r2, [sp, #132]\n\t"
-        /* Sub */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xd4\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x5e\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x9a\n\t"
 #else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "add	r4, r4, #0x9a\n\t"
 #else
-        "ldrd	r6, r7, [r1, #8]\n\t"
+        "mov	r4, #0xf39a\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2]\n\t"
-        "ldr	r9, [r2, #4]\n\t"
-#else
-        "ldrd	r8, r9, [r2]\n\t"
+        "movt	r4, #0xd45e\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #8]\n\t"
-        "ldr	r11, [r2, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #2\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0x9b\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #59\n\t"
 #else
-        "ldrd	r10, r11, [r2, #8]\n\t"
-#endif
-        "subs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbcs	r11, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "add	r5, r5, #0x3b\n\t"
 #else
-        "strd	r8, r9, [r0]\n\t"
+        "mov	r5, #0xdf3b\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #8]\n\t"
-        "str	r11, [r0, #12]\n\t"
-#else
-        "strd	r10, r11, [r0, #8]\n\t"
+        "movt	r5, #0x29b\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r9, #0x20000\n\t"
+        "lsl	r9, r9, #8\n\t"
+        "add	r9, r9, #0x0\n\t"
 #else
-        "ldrd	r4, r5, [r1, #16]\n\t"
+        "mov	r9, #0x2000000\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #24]\n\t"
-        "ldr	r7, [r1, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r1, #24]\n\t"
+        "and	r1, r1, lr\n\t"
+        "and	r2, r2, lr\n\t"
+        "and	r3, r3, lr\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, r1\n\t"
+        "adcs	r11, r11, r2\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r3\n\t"
+        "adcs	r11, r11, r4\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r5\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "stm	r12!, {r10}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "mov	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "add	r12, r12, #28\n\t"
+        "ldm	r12, {r1, r2, r3, r4, r5}\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, lsr #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, r3, lsr #28\n\t"
+        "lsl	r3, r3, #4\n\t"
+        "orr	r3, r3, r2, lsr #28\n\t"
+        "lsl	r2, r2, #4\n\t"
+        "orr	r2, r2, r1, lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r5, r5, #0xe0000000\n\t"
+#else
+        "bfc	r5, #29, #3\n\t"
+#endif
+        "sub	r12, r12, #28\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa3\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #10\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #44\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x2c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x13\n\t"
+#else
+        "mov	r1, #0x2c13\n\t"
+#endif
+        "movt	r1, #0xa30a\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r2, #16]\n\t"
-        "ldr	r9, [r2, #20]\n\t"
-#else
-        "ldrd	r8, r9, [r2, #16]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, lr, r2, r1\n\t"
+        "umaal	r7, lr, r3, r1\n\t"
+        "umaal	r8, lr, r4, r1\n\t"
+        "umaal	r9, lr, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xa7\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xed\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x9c\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0xe5\n\t"
+#else
+        "mov	r1, #0x9ce5\n\t"
+#endif
+        "movt	r1, #0xa7ed\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r2, #24]\n\t"
-        "ldr	r11, [r2, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r2, #24]\n\t"
+        "mov	r10, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r10, r2, r1\n\t"
+        "umaal	r7, r10, r3, r1\n\t"
+        "umaal	r8, r10, r4, r1\n\t"
+        "umaal	r9, r10, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x5d\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #8\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x63\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x29\n\t"
+#else
+        "mov	r1, #0x6329\n\t"
+#endif
+        "movt	r1, #0x5d08\n\t"
 #endif
-        "sbcs	r8, r4, r8\n\t"
-        "sbcs	r9, r5, r9\n\t"
-        "sbcs	r10, r6, r10\n\t"
-        "sbc	r11, r7, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
+        "mov	r11, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r11, r2, r1\n\t"
+        "umaal	r7, r11, r3, r1\n\t"
+        "umaal	r8, r11, r4, r1\n\t"
+        "umaal	r9, r11, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0xeb\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "orr	r1, r1, #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r1, #0x6\n\t"
+        "lsl	r1, r1, #8\n\t"
+        "add	r1, r1, #0x21\n\t"
+#else
+        "mov	r1, #0x621\n\t"
+#endif
+        "movt	r1, #0xeb21\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
+        "mov	r12, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r12, r2, r1\n\t"
+        "umaal	r7, r12, r3, r1\n\t"
+        "umaal	r8, r12, r4, r1\n\t"
+        "umaal	r9, r12, r5, r1\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /* Add overflows at 4 * 32 */
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "adds	r6, r6, lr\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adc	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "subs	r6, r6, r2\n\t"
+        "sbcs	r7, r7, r3\n\t"
+        "sbcs	r8, r8, r4\n\t"
+        "sbcs	r9, r9, r5\n\t"
+        "sbc	r1, r1, r1\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "ldm	%[s], {r2, r3, r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xf5\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0xed\n\t"
+#else
+        "mov	r10, #0xd3ed\n\t"
+#endif
+        "movt	r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x58\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #18\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #26\n\t"
 #else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-        "adcs	r6, r6, %[rt]\n\t"
-        "adcs	r7, r7, %[rt]\n\t"
-        "adcs	r8, r8, %[rt]\n\t"
-        "adcs	r9, r9, %[rt]\n\t"
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x1a\n\t"
 #else
-        "strd	r4, r5, [r0]\n\t"
+        "mov	r11, #0x631a\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
-#else
-        "strd	r6, r7, [r0, #8]\n\t"
+        "movt	r11, #0x5812\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0xa2\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xf7\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xd6\n\t"
 #else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "add	r12, r12, #0xd6\n\t"
 #else
-        "strd	r10, r11, [r0, #24]\n\t"
+        "mov	r12, #0x9cd6\n\t"
 #endif
-        "ldr	r2, [sp, #160]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r0, [sp, #8]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #156]\n\t"
-        "ldr	r1, [sp, #4]\n\t"
-        "ldr	r0, [sp, #4]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #144]\n\t"
-        "ldr	r1, [sp, #152]\n\t"
-        "ldr	r0, [sp, #12]\n\t"
-        "bl	fe_mul\n\t"
-        "ldr	r2, [sp, #148]\n\t"
-        "ldr	r1, [sp, #140]\n\t"
-        "ldr	r0, [sp]\n\t"
-        "bl	fe_mul\n\t"
-        "add	r0, sp, #16\n\t"
-        "ldr	r1, [sp]\n\t"
-        /* Double */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
+        "movt	r12, #0xa2f7\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r1, #8]\n\t"
-        "ldr	r7, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #20\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
 #else
-        "ldrd	r6, r7, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [r1, #16]\n\t"
-        "ldr	r9, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "add	lr, lr, #0xde\n\t"
 #else
-        "ldrd	r8, r9, [r1, #16]\n\t"
+        "mov	lr, #0xf9de\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [r1, #24]\n\t"
-        "ldr	r11, [r1, #28]\n\t"
-#else
-        "ldrd	r10, r11, [r1, #24]\n\t"
+        "movt	lr, #0x14de\n\t"
 #endif
-        "adds	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r7, r7, r7\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-        "sbcs	r6, r6, %[rt]\n\t"
-        "sbcs	r7, r7, %[rt]\n\t"
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbcs	r9, r9, %[rt]\n\t"
-        "sbcs	r10, r10, %[rt]\n\t"
-        "sbc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
+        "and	r10, r10, r1\n\t"
+        "and	r11, r11, r1\n\t"
+        "and	r12, r12, r1\n\t"
+        "and	lr, lr, r1\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adcs	r5, r5, lr\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "and	r1, r1, #0x10000000\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, r1\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
 #else
-        "strd	r4, r5, [r0]\n\t"
+        "bfc	r9, #28, #4\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r6, [r0, #8]\n\t"
-        "str	r7, [r0, #12]\n\t"
+        /* Store result */
+        "ldr	%[s], [sp, #52]\n\t"
+        "stm	%[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	sp, sp, #56\n\t"
+        : [s] "+r" (s)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#ifdef HAVE_ED25519_SIGN
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+{
+    register byte* s asm ("r0") = (byte*)s_p;
+    register const byte* a asm ("r1") = (const byte*)a_p;
+    register const byte* b asm ("r2") = (const byte*)b_p;
+    register const byte* c asm ("r3") = (const byte*)c_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x50\n\t"
+        "add	lr, sp, #0x44\n\t"
+        "stm	lr, {%[s], %[a], %[c]}\n\t"
+        "mov	%[s], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "ldr	lr, [%[b]]\n\t"
+        "umull	%[c], r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "umull	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "umull	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "umull	r9, r10, r12, lr\n\t"
+        "str	%[c], [sp]\n\t"
+        /* A[0] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "mov	r11, %[s]\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	%[c], %[s], #0\n\t"
+        "umlal	r10, %[c], r12, lr\n\t"
+        /* A[1] * B[0] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[1] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r4, %[s], #0\n\t"
+        "umlal	%[c], r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "str	r5, [sp, #8]\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[2] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r5, %[s], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[3] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r6, %[s], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[4] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r7, %[s], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[5] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r8, %[s], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[6] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r9, %[s], #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	%[c], %[c], r11\n\t"
+        /* A[7] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	%[c], r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[s], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r10, %[s], #0\n\t"
+        "umlal	r9, r10, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	%[s], sp\n\t"
+        /* Add c to a * b */
+        "ldr	lr, [sp, #76]\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ldm	lr!, {%[a], r10, r11, r12}\n\t"
+        "adds	%[b], %[b], %[a]\n\t"
+        "adcs	%[c], %[c], r10\n\t"
+        "adcs	r4, r4, r11\n\t"
+        "adcs	r5, r5, r12\n\t"
+        "ldm	lr!, {%[a], r10, r11, r12}\n\t"
+        "adcs	r6, r6, %[a]\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adcs	r9, r9, r12\n\t"
+        "mov	%[a], r9\n\t"
+        "stm	%[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	%[b], %[b], #0\n\t"
+        "adcs	%[c], %[c], #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "sub	%[s], %[s], #32\n\t"
+        /* Get 252..503 and 504..507 */
+        "lsr	lr, r9, #24\n\t"
+        "lsl	r9, r9, #4\n\t"
+        "orr	r9, r9, r8, LSR #28\n\t"
+        "lsl	r8, r8, #4\n\t"
+        "orr	r8, r8, r7, LSR #28\n\t"
+        "lsl	r7, r7, #4\n\t"
+        "orr	r7, r7, r6, LSR #28\n\t"
+        "lsl	r6, r6, #4\n\t"
+        "orr	r6, r6, r5, LSR #28\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, LSR #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, %[c], LSR #28\n\t"
+        "lsl	%[c], %[c], #4\n\t"
+        "orr	%[c], %[c], %[b], LSR #28\n\t"
+        "lsl	%[b], %[b], #4\n\t"
+        "orr	%[b], %[b], %[a], LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        /* Add order times bits 504..507 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xa3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #10\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #44\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x2c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x13\n\t"
+#else
+        "mov	r10, #0x2c13\n\t"
+#endif
+        "movt	r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xa7\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xed\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xe5\n\t"
 #else
-        "strd	r6, r7, [r0, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0xe5\n\t"
+#else
+        "mov	r11, #0x9ce5\n\t"
+#endif
+        "movt	r11, #0xa7ed\n\t"
+#endif
+        "mov	%[a], #0\n\t"
+        "umlal	%[b], %[a], r10, lr\n\t"
+        "adds	%[c], %[c], %[a]\n\t"
+        "mov	%[a], #0\n\t"
+        "adc	%[a], %[a], #0\n\t"
+        "umlal	%[c], %[a], r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5d\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #8\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x29\n\t"
+#else
+        "mov	r10, #0x6329\n\t"
+#endif
+        "movt	r10, #0x5d08\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xeb\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
 #else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r0, #24]\n\t"
-        "str	r11, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x21\n\t"
 #else
-        "strd	r10, r11, [r0, #24]\n\t"
+        "mov	r11, #0x621\n\t"
 #endif
-        "ldr	r0, [sp, #4]\n\t"
-        "ldr	r1, [sp]\n\t"
-        "ldr	r2, [sp, #8]\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r2]\n\t"
+        "movt	r11, #0xeb21\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
+        "adds	r4, r4, %[a]\n\t"
+        "mov	%[a], #0\n\t"
+        "adc	%[a], %[a], #0\n\t"
+        "umlal	r4, %[a], r10, lr\n\t"
+        "adds	r5, r5, %[a]\n\t"
+        "mov	%[a], #0\n\t"
+        "adc	%[a], %[a], #0\n\t"
+        "umlal	r5, %[a], r11, lr\n\t"
+        "adds	r6, r6, %[a]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "subs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	r9, r9, #0\n\t"
+        /* Sub product of top 8 words and order */
+        "mov	r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa3\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #10\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #44\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x2c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x13\n\t"
+#else
+        "mov	%[a], #0x2c13\n\t"
+#endif
+        "movt	%[a], #0xa30a\n\t"
 #endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0xf0000000\n\t"
 #else
-        "strd	r8, r9, [r0]\n\t"
+        "bfc	r11, #28, #4\n\t"
 #endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
+        "adds	r11, r11, lr\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
+        "umlal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa7\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xed\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0xe5\n\t"
+#else
+        "mov	%[a], #0x9ce5\n\t"
+#endif
+        "movt	%[a], #0xa7ed\n\t"
 #endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x5d\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #8\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x29\n\t"
+#else
+        "mov	%[a], #0x6329\n\t"
+#endif
+        "movt	%[a], #0x5d08\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xeb\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x21\n\t"
+#else
+        "mov	%[a], #0x621\n\t"
+#endif
+        "movt	%[a], #0xeb21\n\t"
 #endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r4, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r6, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r10, lr, r8, %[a]\n\t"
+        "adds	r11, r11, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+        /* Subtract at 4 * 32 */
+        "ldm	r12, {r10, r11}\n\t"
+        "subs	r10, r10, %[b]\n\t"
+        "sbcs	r11, r11, %[c]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r4\n\t"
+        "sbcs	r11, r11, r5\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r6\n\t"
+        "sbcs	r11, r11, r7\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r8\n\t"
+        "sbc	r11, r11, r9\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "sub	r12, r12, #36\n\t"
+        "asr	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa00000\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x0\n\t"
+#else
+        "mov	%[a], #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[b], #0x4b\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0x9e\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0xba\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[b], #0xba\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "add	%[b], %[b], #0x7d\n\t"
+#else
+        "mov	%[b], #0xba7d\n\t"
+#endif
+        "movt	%[b], #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[c], #0xcb\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #2\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #0x4c\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #0x63\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[c], #0x4c\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "add	%[c], %[c], #0x63\n\t"
+#else
+        "mov	%[c], #0x4c63\n\t"
+#endif
+        "movt	%[c], #0xcb02\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xd4\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x5e\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x9a\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "add	r4, r4, #0x9a\n\t"
+#else
+        "mov	r4, #0xf39a\n\t"
+#endif
+        "movt	r4, #0xd45e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #2\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0x9b\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #59\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "add	r5, r5, #0x3b\n\t"
+#else
+        "mov	r5, #0xdf3b\n\t"
+#endif
+        "movt	r5, #0x29b\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r9, #0x20000\n\t"
+        "lsl	r9, r9, #8\n\t"
+        "add	r9, r9, #0x0\n\t"
+#else
+        "mov	r9, #0x2000000\n\t"
+#endif
+        "and	%[a], %[a], lr\n\t"
+        "and	%[b], %[b], lr\n\t"
+        "and	%[c], %[c], lr\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, %[a]\n\t"
+        "adcs	r11, r11, %[b]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, %[c]\n\t"
+        "adcs	r11, r11, r4\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r5\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "stm	r12!, {r10}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "mov	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "add	r12, r12, #28\n\t"
+        "ldm	r12, {%[a], %[b], %[c], r4, r5}\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, lsr #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, %[c], lsr #28\n\t"
+        "lsl	%[c], %[c], #4\n\t"
+        "orr	%[c], %[c], %[b], lsr #28\n\t"
+        "lsl	%[b], %[b], #4\n\t"
+        "orr	%[b], %[b], %[a], lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r5, r5, #0xe0000000\n\t"
+#else
+        "bfc	r5, #29, #3\n\t"
+#endif
+        "sub	r12, r12, #28\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa3\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #10\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #44\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x2c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x13\n\t"
+#else
+        "mov	%[a], #0x2c13\n\t"
+#endif
+        "movt	%[a], #0xa30a\n\t"
 #endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, lr, %[b], %[a]\n\t"
+        "adds	r7, r7, lr\n\t"
+        "mov	lr, #0\n\t"
         "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
+        "umlal	r7, lr, %[c], %[a]\n\t"
+        "adds	r8, r8, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r8, lr, r4, %[a]\n\t"
+        "adds	r9, r9, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "umlal	r9, lr, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa7\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xed\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0xe5\n\t"
+#else
+        "mov	%[a], #0x9ce5\n\t"
+#endif
+        "movt	%[a], #0xa7ed\n\t"
 #endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
+        "mov	r10, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r10, %[b], %[a]\n\t"
+        "adds	r7, r7, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r7, r10, %[c], %[a]\n\t"
+        "adds	r8, r8, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r8, r10, r4, %[a]\n\t"
+        "adds	r9, r9, r10\n\t"
+        "mov	r10, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x5d\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #8\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x29\n\t"
+#else
+        "mov	%[a], #0x6329\n\t"
+#endif
+        "movt	%[a], #0x5d08\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
+        "mov	r11, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r11, %[b], %[a]\n\t"
+        "adds	r7, r7, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r7, r11, %[c], %[a]\n\t"
+        "adds	r8, r8, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r8, r11, r4, %[a]\n\t"
+        "adds	r9, r9, r11\n\t"
+        "mov	r11, #0\n\t"
+        "adc	r11, r11, #0\n\t"
+        "umlal	r9, r11, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xeb\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x21\n\t"
+#else
+        "mov	%[a], #0x621\n\t"
+#endif
+        "movt	%[a], #0xeb21\n\t"
 #endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
         "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r12, %[b], %[a]\n\t"
+        "adds	r7, r7, r12\n\t"
+        "mov	r12, #0\n\t"
         "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
+        "umlal	r7, r12, %[c], %[a]\n\t"
+        "adds	r8, r8, r12\n\t"
+        "mov	r12, #0\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umlal	r8, r12, r4, %[a]\n\t"
+        "adds	r9, r9, r12\n\t"
+        "mov	r12, #0\n\t"
+        "adc	r12, r12, #0\n\t"
+        "umlal	r9, r12, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /* Add overflows at 4 * 32 */
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "adds	r6, r6, lr\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adc	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "subs	r6, r6, %[b]\n\t"
+        "sbcs	r7, r7, %[c]\n\t"
+        "sbcs	r8, r8, r4\n\t"
+        "sbcs	r9, r9, r5\n\t"
+        "sbc	%[a], %[a], %[a]\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xf5\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0xed\n\t"
+#else
+        "mov	r10, #0xd3ed\n\t"
+#endif
+        "movt	r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x58\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #18\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #26\n\t"
 #else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x1a\n\t"
 #else
-        "strd	r10, r11, [r1, #16]\n\t"
+        "mov	r11, #0x631a\n\t"
 #endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
+        "movt	r11, #0x5812\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0xa2\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xf7\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xd6\n\t"
 #else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "add	r12, r12, #0xd6\n\t"
 #else
-        "ldrd	r4, r5, [r0]\n\t"
+        "mov	r12, #0x9cd6\n\t"
 #endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
+        "movt	r12, #0xa2f7\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #20\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
 #else
-        "ldrd	r4, r5, [r0, #8]\n\t"
-#endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "add	lr, lr, #0xde\n\t"
 #else
-        "strd	r4, r5, [r0, #8]\n\t"
+        "mov	lr, #0xf9de\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
+        "movt	lr, #0x14de\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
-#else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
+        "and	r10, r10, %[a]\n\t"
+        "and	r11, r11, %[a]\n\t"
+        "and	r12, r12, %[a]\n\t"
+        "and	lr, lr, %[a]\n\t"
+        "adds	%[b], %[b], r10\n\t"
+        "adcs	%[c], %[c], r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adcs	r5, r5, lr\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "and	%[a], %[a], #0x10000000\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "ldr	%[s], [sp, #68]\n\t"
+        /* Store result */
+        "str	%[b], [%[s]]\n\t"
+        "str	%[c], [%[s], #4]\n\t"
+        "str	r4, [%[s], #8]\n\t"
+        "str	r5, [%[s], #12]\n\t"
+        "str	r6, [%[s], #16]\n\t"
+        "str	r7, [%[s], #20]\n\t"
+        "str	r8, [%[s], #24]\n\t"
+        "str	r9, [%[s], #28]\n\t"
+        "add	sp, sp, #0x50\n\t"
+        : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
 #else
-        "strd	r8, r9, [r0, #24]\n\t"
-#endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+{
+    register byte* s asm ("r0") = (byte*)s_p;
+    register const byte* a asm ("r1") = (const byte*)a_p;
+    register const byte* b asm ("r2") = (const byte*)b_p;
+    register const byte* c asm ("r3") = (const byte*)c_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x50\n\t"
+        "add	lr, sp, #0x44\n\t"
+        "stm	lr, {%[s], %[a], %[c]}\n\t"
+        "mov	lr, %[b]\n\t"
+        "ldm	%[a], {%[s], %[a], %[b], %[c]}\n\t"
+        "ldm	lr!, {r4, r5, r6}\n\t"
+        "umull	r10, r11, %[s], r4\n\t"
+        "umull	r12, r7, %[a], r4\n\t"
+        "umaal	r11, r12, %[s], r5\n\t"
+        "umull	r8, r9, %[b], r4\n\t"
+        "umaal	r12, r8, %[a], r5\n\t"
+        "umaal	r12, r7, %[s], r6\n\t"
+        "umaal	r8, r9, %[c], r4\n\t"
+        "stm	sp, {r10, r11, r12}\n\t"
+        "umaal	r7, r8, %[b], r5\n\t"
+        "ldm	lr!, {r4}\n\t"
+        "umull	r10, r11, %[a], r6\n\t"
+        "umaal	r8, r9, %[b], r6\n\t"
+        "umaal	r7, r10, %[s], r4\n\t"
+        "umaal	r8, r11, %[c], r5\n\t"
+        "str	r7, [sp, #12]\n\t"
+        "umaal	r8, r10, %[a], r4\n\t"
+        "umaal	r9, r11, %[c], r6\n\t"
+        "umaal	r9, r10, %[b], r4\n\t"
+        "umaal	r10, r11, %[c], r4\n\t"
+        "ldm	lr, {r4, r5, r6, r7}\n\t"
+        "mov	r12, #0\n\t"
+        "umlal	r8, r12, %[s], r4\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r10, r12, %[b], r4\n\t"
+        "umaal	r11, r12, %[c], r4\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r9, r4, %[s], r5\n\t"
+        "umaal	r10, r4, %[a], r5\n\t"
+        "umaal	r11, r4, %[b], r5\n\t"
+        "umaal	r12, r4, %[c], r5\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, %[s], r6\n\t"
+        "umaal	r11, r5, %[a], r6\n\t"
+        "umaal	r12, r5, %[b], r6\n\t"
+        "umaal	r4, r5, %[c], r6\n\t"
+        "mov	r6, #0\n\t"
+        "umlal	r11, r6, %[s], r7\n\t"
+        "ldr	%[s], [sp, #72]\n\t"
+        "umaal	r12, r6, %[a], r7\n\t"
+        "add	%[s], %[s], #16\n\t"
+        "umaal	r4, r6, %[b], r7\n\t"
+        "sub	lr, lr, #16\n\t"
+        "umaal	r5, r6, %[c], r7\n\t"
+        "ldm	%[s], {%[s], %[a], %[b], %[c]}\n\t"
+        "str	r6, [sp, #64]\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r7, #0\n\t"
+        "umlal	r8, r7, %[s], r6\n\t"
+        "umaal	r9, r7, %[a], r6\n\t"
+        "str	r8, [sp, #16]\n\t"
+        "umaal	r10, r7, %[b], r6\n\t"
+        "umaal	r11, r7, %[c], r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r8, #0\n\t"
+        "umlal	r9, r8, %[s], r6\n\t"
+        "umaal	r10, r8, %[a], r6\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "umaal	r11, r8, %[b], r6\n\t"
+        "umaal	r12, r8, %[c], r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r10, r9, %[s], r6\n\t"
+        "umaal	r11, r9, %[a], r6\n\t"
+        "str	r10, [sp, #24]\n\t"
+        "umaal	r12, r9, %[b], r6\n\t"
+        "umaal	r4, r9, %[c], r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r10, #0\n\t"
+        "umlal	r11, r10, %[s], r6\n\t"
+        "umaal	r12, r10, %[a], r6\n\t"
+        "str	r11, [sp, #28]\n\t"
+        "umaal	r4, r10, %[b], r6\n\t"
+        "umaal	r5, r10, %[c], r6\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r12, r7, %[s], r11\n\t"
+        "umaal	r4, r7, %[a], r11\n\t"
+        "ldr	r6, [sp, #64]\n\t"
+        "umaal	r5, r7, %[b], r11\n\t"
+        "umaal	r6, r7, %[c], r11\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r4, r8, %[s], r11\n\t"
+        "umaal	r5, r8, %[a], r11\n\t"
+        "umaal	r6, r8, %[b], r11\n\t"
+        "umaal	r7, r8, %[c], r11\n\t"
+        "ldm	lr, {r11, lr}\n\t"
+        "umaal	r5, r9, %[s], r11\n\t"
+        "umaal	r6, r10, %[s], lr\n\t"
+        "umaal	r6, r9, %[a], r11\n\t"
+        "umaal	r7, r10, %[a], lr\n\t"
+        "umaal	r7, r9, %[b], r11\n\t"
+        "umaal	r8, r10, %[b], lr\n\t"
+        "umaal	r8, r9, %[c], r11\n\t"
+        "umaal	r9, r10, %[c], lr\n\t"
+        "mov	%[c], r12\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	%[s], sp\n\t"
+        /* Add c to a * b */
+        "ldr	lr, [sp, #76]\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ldm	lr!, {%[a], r10, r11, r12}\n\t"
+        "adds	%[b], %[b], %[a]\n\t"
+        "adcs	%[c], %[c], r10\n\t"
+        "adcs	r4, r4, r11\n\t"
+        "adcs	r5, r5, r12\n\t"
+        "ldm	lr!, {%[a], r10, r11, r12}\n\t"
+        "adcs	r6, r6, %[a]\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adcs	r9, r9, r12\n\t"
+        "mov	%[a], r9\n\t"
+        "stm	%[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	%[b], %[b], #0\n\t"
+        "adcs	%[c], %[c], #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "sub	%[s], %[s], #32\n\t"
+        /* Get 252..503 and 504..507 */
+        "lsr	lr, r9, #24\n\t"
+        "lsl	r9, r9, #4\n\t"
+        "orr	r9, r9, r8, LSR #28\n\t"
+        "lsl	r8, r8, #4\n\t"
+        "orr	r8, r8, r7, LSR #28\n\t"
+        "lsl	r7, r7, #4\n\t"
+        "orr	r7, r7, r6, LSR #28\n\t"
+        "lsl	r6, r6, #4\n\t"
+        "orr	r6, r6, r5, LSR #28\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, LSR #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, %[c], LSR #28\n\t"
+        "lsl	%[c], %[c], #4\n\t"
+        "orr	%[c], %[c], %[b], LSR #28\n\t"
+        "lsl	%[b], %[b], #4\n\t"
+        "orr	%[b], %[b], %[a], LSR #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        /* Add order times bits 504..507 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xa3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #10\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #44\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x2c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x13\n\t"
+#else
+        "mov	r10, #0x2c13\n\t"
+#endif
+        "movt	r10, #0xa30a\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xa7\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xed\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0xe5\n\t"
 #else
-        "ldrd	r4, r5, [r1]\n\t"
-#endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x9c\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0xe5\n\t"
 #else
-        "strd	r4, r5, [r1]\n\t"
+        "mov	r11, #0x9ce5\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r1, #8]\n\t"
+        "movt	r11, #0xa7ed\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
+        "mov	%[a], #0\n\t"
+        "umlal	%[b], %[a], r10, lr\n\t"
+        "umaal	%[c], %[a], r11, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5d\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #8\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #41\n\t"
 #else
-        "strd	r4, r5, [r1, #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x63\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0x29\n\t"
 #else
-        "ldrd	r4, r5, [r1, #16]\n\t"
+        "mov	r10, #0x6329\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
-#else
-        "strd	r4, r5, [r1, #16]\n\t"
+        "movt	r10, #0x5d08\n\t"
 #endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0xeb\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #33\n\t"
 #else
-        "strd	r10, r11, [r1, #24]\n\t"
-#endif
-        "ldr	r0, [sp, #12]\n\t"
-        "ldr	r1, [sp, #8]\n\t"
-        "add	r2, sp, #16\n\t"
-        /* Add-Sub */
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2]\n\t"
-        "ldr	r5, [r2, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x6\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x21\n\t"
 #else
-        "ldrd	r4, r5, [r2]\n\t"
+        "mov	r11, #0x621\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0]\n\t"
-        "ldr	r7, [r0, #4]\n\t"
-#else
-        "ldrd	r6, r7, [r0]\n\t"
+        "movt	r11, #0xeb21\n\t"
 #endif
-        "adds	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0]\n\t"
-        "str	r9, [r0, #4]\n\t"
-#else
-        "strd	r8, r9, [r0]\n\t"
+        "umaal	r4, %[a], r10, lr\n\t"
+        "umaal	r5, %[a], r11, lr\n\t"
+        "adds	r6, r6, %[a]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, #0\n\t"
+        "subs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	r9, r9, #0\n\t"
+        /* Sub product of top 8 words and order */
+        "mov	r12, sp\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa3\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #10\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #44\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x2c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x13\n\t"
+#else
+        "mov	%[a], #0x2c13\n\t"
+#endif
+        "movt	%[a], #0xa30a\n\t"
 #endif
-        /*  Sub */
-        "subs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1]\n\t"
-        "str	r11, [r1, #4]\n\t"
-#else
-        "strd	r10, r11, [r1]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #8]\n\t"
-        "ldr	r5, [r2, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #8]\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "umaal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, %[a]\n\t"
+        "umaal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, %[a]\n\t"
+        "umaal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	%[s]!, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r11, r11, #0xf0000000\n\t"
+#else
+        "bfc	r11, #28, #4\n\t"
+#endif
+        "umaal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa7\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xed\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0xe5\n\t"
+#else
+        "mov	%[a], #0x9ce5\n\t"
+#endif
+        "movt	%[a], #0xa7ed\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #8]\n\t"
-        "ldr	r7, [r0, #12]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #8]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #8]\n\t"
-        "str	r9, [r0, #12]\n\t"
-#else
-        "strd	r8, r9, [r0, #8]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #8]\n\t"
-        "str	r11, [r1, #12]\n\t"
-#else
-        "strd	r10, r11, [r1, #8]\n\t"
-#endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #16]\n\t"
-        "ldr	r5, [r2, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #16]\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "umaal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, %[a]\n\t"
+        "umaal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, %[a]\n\t"
+        "umaal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, %[a]\n\t"
+        "umaal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x5d\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #8\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x29\n\t"
+#else
+        "mov	%[a], #0x6329\n\t"
+#endif
+        "movt	%[a], #0x5d08\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #16]\n\t"
-        "ldr	r7, [r0, #20]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #16]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "mov	r12, #0\n\t"
-        "adcs	r9, r5, r7\n\t"
-        "adc	r12, r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #16]\n\t"
-        "str	r9, [r0, #20]\n\t"
-#else
-        "strd	r8, r9, [r0, #16]\n\t"
-#endif
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
         "mov	lr, #0\n\t"
-        "sbcs	r11, r5, r7\n\t"
-        "adc	lr, lr, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #16]\n\t"
-        "str	r11, [r1, #20]\n\t"
-#else
-        "strd	r10, r11, [r1, #16]\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "umaal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, %[a]\n\t"
+        "umaal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, %[a]\n\t"
+        "umaal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, %[a]\n\t"
+        "umaal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xeb\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x21\n\t"
+#else
+        "mov	%[a], #0x621\n\t"
+#endif
+        "movt	%[a], #0xeb21\n\t"
 #endif
-        /*  Add */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r2, #24]\n\t"
-        "ldr	r5, [r2, #28]\n\t"
-#else
-        "ldrd	r4, r5, [r2, #24]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r6, [r0, #24]\n\t"
-        "ldr	r7, [r0, #28]\n\t"
-#else
-        "ldrd	r6, r7, [r0, #24]\n\t"
-#endif
-        "adds	r12, r12, #-1\n\t"
-        "adcs	r8, r4, r6\n\t"
-        "adc	r9, r5, r7\n\t"
-        /*  Sub */
-        "adds	lr, lr, #-1\n\t"
-        "sbcs	r10, r4, r6\n\t"
-        "sbc	r11, r5, r7\n\t"
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r9, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Sub modulus (if overflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0]\n\t"
-        "ldr	r5, [r0, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r0]\n\t"
-#endif
-        "subs	r4, r4, r12\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0]\n\t"
-        "str	r5, [r0, #4]\n\t"
-#else
-        "strd	r4, r5, [r0]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umlal	r10, lr, %[b], %[a]\n\t"
+        "umaal	r11, lr, %[c], %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r4, %[a]\n\t"
+        "umaal	r11, lr, r5, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r6, %[a]\n\t"
+        "umaal	r11, lr, r7, %[a]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "umaal	r10, lr, r8, %[a]\n\t"
+        "umaal	r11, lr, r9, %[a]\n\t"
+        "stm	r12!, {r10, r11, lr}\n\t"
+        "sub	r12, r12, #32\n\t"
+        /* Subtract at 4 * 32 */
+        "ldm	r12, {r10, r11}\n\t"
+        "subs	r10, r10, %[b]\n\t"
+        "sbcs	r11, r11, %[c]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r4\n\t"
+        "sbcs	r11, r11, r5\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r6\n\t"
+        "sbcs	r11, r11, r7\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "sbcs	r10, r10, r8\n\t"
+        "sbc	r11, r11, r9\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "sub	r12, r12, #36\n\t"
+        "asr	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa00000\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x0\n\t"
+#else
+        "mov	%[a], #0xa0000000\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[b], #0x4b\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0x9e\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0xba\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "orr	%[b], %[b], #0x7d\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[b], #0xba\n\t"
+        "lsl	%[b], %[b], #8\n\t"
+        "add	%[b], %[b], #0x7d\n\t"
+#else
+        "mov	%[b], #0xba7d\n\t"
+#endif
+        "movt	%[b], #0x4b9e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[c], #0xcb\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #2\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #0x4c\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "orr	%[c], %[c], #0x63\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[c], #0x4c\n\t"
+        "lsl	%[c], %[c], #8\n\t"
+        "add	%[c], %[c], #0x63\n\t"
+#else
+        "mov	%[c], #0x4c63\n\t"
+#endif
+        "movt	%[c], #0xcb02\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xd4\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x5e\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "orr	r4, r4, #0x9a\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r4, #0xf3\n\t"
+        "lsl	r4, r4, #8\n\t"
+        "add	r4, r4, #0x9a\n\t"
+#else
+        "mov	r4, #0xf39a\n\t"
+#endif
+        "movt	r4, #0xd45e\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #2\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0x9b\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "orr	r5, r5, #59\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r5, #0xdf\n\t"
+        "lsl	r5, r5, #8\n\t"
+        "add	r5, r5, #0x3b\n\t"
+#else
+        "mov	r5, #0xdf3b\n\t"
+#endif
+        "movt	r5, #0x29b\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r9, #0x20000\n\t"
+        "lsl	r9, r9, #8\n\t"
+        "add	r9, r9, #0x0\n\t"
+#else
+        "mov	r9, #0x2000000\n\t"
+#endif
+        "and	%[a], %[a], lr\n\t"
+        "and	%[b], %[b], lr\n\t"
+        "and	%[c], %[c], lr\n\t"
+        "and	r4, r4, lr\n\t"
+        "and	r5, r5, lr\n\t"
+        "and	r9, r9, lr\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adds	r10, r10, %[a]\n\t"
+        "adcs	r11, r11, %[b]\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, %[c]\n\t"
+        "adcs	r11, r11, r4\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, r5\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10, r11}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, #0\n\t"
+        "stm	r12!, {r10, r11}\n\t"
+        "ldm	r12, {r10}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "stm	r12!, {r10}\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "mov	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "add	r12, r12, #28\n\t"
+        "ldm	r12, {%[a], %[b], %[c], r4, r5}\n\t"
+        "lsl	r5, r5, #4\n\t"
+        "orr	r5, r5, r4, lsr #28\n\t"
+        "lsl	r4, r4, #4\n\t"
+        "orr	r4, r4, %[c], lsr #28\n\t"
+        "lsl	%[c], %[c], #4\n\t"
+        "orr	%[c], %[c], %[b], lsr #28\n\t"
+        "lsl	%[b], %[b], #4\n\t"
+        "orr	%[b], %[b], %[a], lsr #28\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r5, r5, #0xe0000000\n\t"
+#else
+        "bfc	r5, #29, #3\n\t"
+#endif
+        "sub	r12, r12, #28\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa3\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #10\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #44\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #19\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x2c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x13\n\t"
+#else
+        "mov	%[a], #0x2c13\n\t"
+#endif
+        "movt	%[a], #0xa30a\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #8]\n\t"
-        "ldr	r5, [r0, #12]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #8]\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, lr, %[b], %[a]\n\t"
+        "umaal	r7, lr, %[c], %[a]\n\t"
+        "umaal	r8, lr, r4, %[a]\n\t"
+        "umaal	r9, lr, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -5812631b */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xa7\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xed\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0xe5\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x9c\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0xe5\n\t"
+#else
+        "mov	%[a], #0x9ce5\n\t"
+#endif
+        "movt	%[a], #0xa7ed\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #8]\n\t"
-        "str	r5, [r0, #12]\n\t"
-#else
-        "strd	r4, r5, [r0, #8]\n\t"
+        "mov	r10, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r10, %[b], %[a]\n\t"
+        "umaal	r7, r10, %[c], %[a]\n\t"
+        "umaal	r8, r10, r4, %[a]\n\t"
+        "umaal	r9, r10, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -a2f79cd7 */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x5d\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #8\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #41\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x63\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x29\n\t"
+#else
+        "mov	%[a], #0x6329\n\t"
+#endif
+        "movt	%[a], #0x5d08\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r0, #16]\n\t"
-        "ldr	r5, [r0, #20]\n\t"
-#else
-        "ldrd	r4, r5, [r0, #16]\n\t"
+        "mov	r11, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r11, %[b], %[a]\n\t"
+        "umaal	r7, r11, %[c], %[a]\n\t"
+        "umaal	r8, r11, r4, %[a]\n\t"
+        "umaal	r9, r11, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /*   * -14def9df */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0xeb\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "orr	%[a], %[a], #33\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	%[a], #0x6\n\t"
+        "lsl	%[a], %[a], #8\n\t"
+        "add	%[a], %[a], #0x21\n\t"
+#else
+        "mov	%[a], #0x621\n\t"
+#endif
+        "movt	%[a], #0xeb21\n\t"
 #endif
-        "sbcs	r4, r4, %[rt]\n\t"
-        "sbcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r0, #16]\n\t"
-        "str	r5, [r0, #20]\n\t"
+        "mov	r12, #0\n\t"
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+        "umlal	r6, r12, %[b], %[a]\n\t"
+        "umaal	r7, r12, %[c], %[a]\n\t"
+        "umaal	r8, r12, r4, %[a]\n\t"
+        "umaal	r9, r12, r5, %[a]\n\t"
+        "stm	%[s], {r6, r7, r8, r9}\n\t"
+        "add	%[s], %[s], #4\n\t"
+        /* Add overflows at 4 * 32 */
+        "ldm	%[s], {r6, r7, r8, r9}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "adds	r6, r6, lr\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adcs	r8, r8, r11\n\t"
+        "adc	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "subs	r6, r6, %[b]\n\t"
+        "sbcs	r7, r7, %[c]\n\t"
+        "sbcs	r8, r8, r4\n\t"
+        "sbcs	r9, r9, r5\n\t"
+        "sbc	%[a], %[a], %[a]\n\t"
+        "sub	%[s], %[s], #16\n\t"
+        "ldm	%[s], {%[b], %[c], r4, r5}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x5c\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xf5\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "orr	r10, r10, #0xed\n\t"
+#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0xd3\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0xed\n\t"
+#else
+        "mov	r10, #0xd3ed\n\t"
+#endif
+        "movt	r10, #0x5cf5\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x58\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #18\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "orr	r11, r11, #26\n\t"
 #else
-        "strd	r4, r5, [r0, #16]\n\t"
-#endif
-        "sbcs	r8, r8, %[rt]\n\t"
-        "sbc	r9, r9, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [r0, #24]\n\t"
-        "str	r9, [r0, #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r11, #0x63\n\t"
+        "lsl	r11, r11, #8\n\t"
+        "add	r11, r11, #0x1a\n\t"
 #else
-        "strd	r8, r9, [r0, #24]\n\t"
+        "mov	r11, #0x631a\n\t"
 #endif
-        "mov	r12, #-19\n\t"
-        "asr	%[rt], r11, #31\n\t"
-        /*   Mask the modulus */
-        "and	r12, %[rt], r12\n\t"
-        "and	lr, %[rt], #0x7fffffff\n\t"
-        /*   Add modulus (if underflow) */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1]\n\t"
-        "ldr	r5, [r1, #4]\n\t"
-#else
-        "ldrd	r4, r5, [r1]\n\t"
+        "movt	r11, #0x5812\n\t"
 #endif
-        "adds	r4, r4, r12\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1]\n\t"
-        "str	r5, [r1, #4]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0xa2\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xf7\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "orr	r12, r12, #0xd6\n\t"
 #else
-        "strd	r4, r5, [r1]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #8]\n\t"
-        "ldr	r5, [r1, #12]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r12, #0x9c\n\t"
+        "lsl	r12, r12, #8\n\t"
+        "add	r12, r12, #0xd6\n\t"
 #else
-        "ldrd	r4, r5, [r1, #8]\n\t"
+        "mov	r12, #0x9cd6\n\t"
 #endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #8]\n\t"
-        "str	r5, [r1, #12]\n\t"
-#else
-        "strd	r4, r5, [r1, #8]\n\t"
+        "movt	r12, #0xa2f7\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r4, [r1, #16]\n\t"
-        "ldr	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #20\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "orr	lr, lr, #0xde\n\t"
 #else
-        "ldrd	r4, r5, [r1, #16]\n\t"
-#endif
-        "adcs	r4, r4, %[rt]\n\t"
-        "adcs	r5, r5, %[rt]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r4, [r1, #16]\n\t"
-        "str	r5, [r1, #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	lr, #0xf9\n\t"
+        "lsl	lr, lr, #8\n\t"
+        "add	lr, lr, #0xde\n\t"
 #else
-        "strd	r4, r5, [r1, #16]\n\t"
+        "mov	lr, #0xf9de\n\t"
 #endif
-        "adcs	r10, r10, %[rt]\n\t"
-        "adc	r11, r11, lr\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [r1, #24]\n\t"
-        "str	r11, [r1, #28]\n\t"
-#else
-        "strd	r10, r11, [r1, #24]\n\t"
+        "movt	lr, #0x14de\n\t"
 #endif
-        "add	sp, sp, #0x60\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt)
+        "and	r10, r10, %[a]\n\t"
+        "and	r11, r11, %[a]\n\t"
+        "and	r12, r12, %[a]\n\t"
+        "and	lr, lr, %[a]\n\t"
+        "adds	%[b], %[b], r10\n\t"
+        "adcs	%[c], %[c], r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adcs	r5, r5, lr\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "and	%[a], %[a], #0x10000000\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r9, r9, %[a]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "bic	r9, r9, #0xf0000000\n\t"
+#else
+        "bfc	r9, #28, #4\n\t"
+#endif
+        "ldr	%[s], [sp, #68]\n\t"
+        /* Store result */
+        "str	%[b], [%[s]]\n\t"
+        "str	%[c], [%[s], #4]\n\t"
+        "str	r4, [%[s], #8]\n\t"
+        "str	r5, [%[s], #12]\n\t"
+        "str	r6, [%[s], #16]\n\t"
+        "str	r7, [%[s], #20]\n\t"
+        "str	r8, [%[s], #24]\n\t"
+        "str	r9, [%[s], #28]\n\t"
+        "add	sp, sp, #0x50\n\t"
+        : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-    (void)px_p;
-    (void)py_p;
-    (void)pz_p;
-    (void)pt_p;
-    (void)qz_p;
-    (void)qt2d_p;
-    (void)qyplusx_p;
-    (void)qyminusx_p;
 }
 
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
 
-#endif /* HAVE_CURVE25519 */
-#endif /* !__aarch64__ */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
index ed3364d4..65b47577 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm.S
@@ -30,7 +30,8 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
 #ifndef NO_SHA256
 #ifdef WOLFSSL_ARMASM_NO_NEON
 	.text
@@ -111,49 +112,49 @@ Transform_Sha256_Len:
 	sub	sp, sp, #0xc0
 	adr	r3, L_SHA256_transform_len_k
 	# Copy digest to add in at end
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r0, #24]
 	ldr	r11, [r0, #28]
 #else
 	ldrd	r10, r11, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #64]
 	str	r5, [sp, #68]
 #else
 	strd	r4, r5, [sp, #64]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #72]
 	str	r7, [sp, #76]
 #else
 	strd	r6, r7, [sp, #72]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [sp, #80]
 	str	r9, [sp, #84]
 #else
 	strd	r8, r9, [sp, #80]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r10, [sp, #88]
 	str	r11, [sp, #92]
 #else
@@ -162,30 +163,144 @@ Transform_Sha256_Len:
 	# Start of loop processing a block
 L_SHA256_transform_len_begin:
 	# Load, Reverse and Store W - 64 bytes
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
 	ldr	r4, [r1]
 	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #8]
 	ldr	r7, [r1, #12]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [sp]
+	str	r5, [sp, #4]
 #else
-	ldrd	r6, r7, [r1, #8]
+	strd	r4, r5, [sp]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r8, [r1, #16]
-	ldr	r9, [r1, #20]
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [sp, #8]
+	str	r7, [sp, #12]
 #else
-	ldrd	r8, r9, [r1, #16]
+	strd	r6, r7, [sp, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-	ldr	r10, [r1, #24]
-	ldr	r11, [r1, #28]
+	ldr	r4, [r1, #16]
+	ldr	r5, [r1, #20]
+	ldr	r6, [r1, #24]
+	ldr	r7, [r1, #28]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [sp, #16]
+	str	r5, [sp, #20]
 #else
-	ldrd	r10, r11, [r1, #24]
+	strd	r4, r5, [sp, #16]
 #endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [sp, #24]
+	str	r7, [sp, #28]
+#else
+	strd	r6, r7, [sp, #24]
+#endif
+	ldr	r4, [r1, #32]
+	ldr	r5, [r1, #36]
+	ldr	r6, [r1, #40]
+	ldr	r7, [r1, #44]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [sp, #32]
+	str	r5, [sp, #36]
+#else
+	strd	r4, r5, [sp, #32]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [sp, #40]
+	str	r7, [sp, #44]
+#else
+	strd	r6, r7, [sp, #40]
+#endif
+	ldr	r4, [r1, #48]
+	ldr	r5, [r1, #52]
+	ldr	r6, [r1, #56]
+	ldr	r7, [r1, #60]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r4, [sp, #48]
+	str	r5, [sp, #52]
+#else
+	strd	r4, r5, [sp, #48]
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+	str	r6, [sp, #56]
+	str	r7, [sp, #60]
+#else
+	strd	r6, r7, [sp, #56]
+#endif
+#else
+	ldr	r4, [r1]
+	ldr	r5, [r1, #4]
+	ldr	r6, [r1, #8]
+	ldr	r7, [r1, #12]
+	ldr	r8, [r1, #16]
+	ldr	r9, [r1, #20]
+	ldr	r10, [r1, #24]
+	ldr	r11, [r1, #28]
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -194,54 +309,38 @@ L_SHA256_transform_len_begin:
 	rev	r9, r9
 	rev	r10, r10
 	rev	r11, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp]
 	str	r5, [sp, #4]
 #else
 	strd	r4, r5, [sp]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #8]
 	str	r7, [sp, #12]
 #else
 	strd	r6, r7, [sp, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [sp, #16]
 	str	r9, [sp, #20]
 #else
 	strd	r8, r9, [sp, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r10, [sp, #24]
 	str	r11, [sp, #28]
 #else
 	strd	r10, r11, [sp, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r4, [r1, #32]
 	ldr	r5, [r1, #36]
-#else
-	ldrd	r4, r5, [r1, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #40]
 	ldr	r7, [r1, #44]
-#else
-	ldrd	r6, r7, [r1, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r8, [r1, #48]
 	ldr	r9, [r1, #52]
-#else
-	ldrd	r8, r9, [r1, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
-#else
-	ldrd	r10, r11, [r1, #56]
-#endif
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -250,30 +349,31 @@ L_SHA256_transform_len_begin:
 	rev	r9, r9
 	rev	r10, r10
 	rev	r11, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #32]
 	str	r5, [sp, #36]
 #else
 	strd	r4, r5, [sp, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #40]
 	str	r7, [sp, #44]
 #else
 	strd	r6, r7, [sp, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [sp, #48]
 	str	r9, [sp, #52]
 #else
 	strd	r8, r9, [sp, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r10, [sp, #56]
 	str	r11, [sp, #60]
 #else
 	strd	r10, r11, [sp, #56]
 #endif
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	ldr	r11, [r0, #4]
 	ldr	r4, [r0, #8]
 	eor	r11, r11, r4
@@ -1548,25 +1648,25 @@ L_SHA256_transform_len_start:
 	str	r8, [r0, #16]
 	str	r9, [r0]
 	# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #64]
 	ldr	r9, [sp, #68]
 #else
 	ldrd	r8, r9, [sp, #64]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #72]
 	ldr	r11, [sp, #76]
 #else
@@ -1576,49 +1676,49 @@ L_SHA256_transform_len_start:
 	add	r5, r5, r9
 	add	r6, r6, r10
 	add	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
 	strd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #64]
 	str	r5, [sp, #68]
 #else
 	strd	r4, r5, [sp, #64]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #72]
 	str	r7, [sp, #76]
 #else
 	strd	r6, r7, [sp, #72]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #80]
 	ldr	r9, [sp, #84]
 #else
 	ldrd	r8, r9, [sp, #80]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #88]
 	ldr	r11, [sp, #92]
 #else
@@ -1628,25 +1728,25 @@ L_SHA256_transform_len_start:
 	add	r5, r5, r9
 	add	r6, r6, r10
 	add	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
 	strd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #80]
 	str	r5, [sp, #84]
 #else
 	strd	r4, r5, [sp, #80]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #88]
 	str	r7, [sp, #92]
 #else
@@ -1739,7 +1839,7 @@ Transform_Sha256_Len:
 	push	{r4, r5, r6, r7, r8, r9, r10, lr}
 	vpush	{d8-d11}
 	sub	sp, sp, #24
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r0, [sp]
 	str	r1, [sp, #4]
 #else
@@ -1748,25 +1848,25 @@ Transform_Sha256_Len:
 	str	r2, [sp, #8]
 	adr	r12, L_SHA256_transform_neon_len_k
 	# Load digest into registers
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r2, [r0]
 	ldr	r3, [r0, #4]
 #else
 	ldrd	r2, r3, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -1797,7 +1897,7 @@ L_SHA256_transform_neon_len_begin:
 	# Start of 16 rounds
 L_SHA256_transform_neon_len_start:
 	# Round 0
-	vmov	r10, d0[0]
+	vmov.32	r10, d0[0]
 	ror	r0, r6, #6
 	eor	r1, r7, r8
 	eor	r0, r0, r6, ror #11
@@ -1820,7 +1920,7 @@ L_SHA256_transform_neon_len_start:
 	add	r9, r9, r0
 	add	r9, r9, r1
 	# Round 1
-	vmov	r10, d0[1]
+	vmov.32	r10, d0[1]
 	# Calc new W[0]-W[1]
 	vext.8	d10, d0, d1, #4
 	ror	r0, r5, #6
@@ -1863,7 +1963,7 @@ L_SHA256_transform_neon_len_start:
 	add	r8, r8, r0
 	add	r8, r8, r1
 	# Round 2
-	vmov	r10, d1[0]
+	vmov.32	r10, d1[0]
 	ror	r0, r4, #6
 	eor	r1, r5, r6
 	eor	r0, r0, r4, ror #11
@@ -1886,7 +1986,7 @@ L_SHA256_transform_neon_len_start:
 	add	r7, r7, r0
 	add	r7, r7, r1
 	# Round 3
-	vmov	r10, d1[1]
+	vmov.32	r10, d1[1]
 	# Calc new W[2]-W[3]
 	vext.8	d10, d1, d2, #4
 	ror	r0, r3, #6
@@ -1929,7 +2029,7 @@ L_SHA256_transform_neon_len_start:
 	add	r6, r6, r0
 	add	r6, r6, r1
 	# Round 4
-	vmov	r10, d2[0]
+	vmov.32	r10, d2[0]
 	ror	r0, r2, #6
 	eor	r1, r3, r4
 	eor	r0, r0, r2, ror #11
@@ -1952,7 +2052,7 @@ L_SHA256_transform_neon_len_start:
 	add	r5, r5, r0
 	add	r5, r5, r1
 	# Round 5
-	vmov	r10, d2[1]
+	vmov.32	r10, d2[1]
 	# Calc new W[4]-W[5]
 	vext.8	d10, d2, d3, #4
 	ror	r0, r9, #6
@@ -1995,7 +2095,7 @@ L_SHA256_transform_neon_len_start:
 	add	r4, r4, r0
 	add	r4, r4, r1
 	# Round 6
-	vmov	r10, d3[0]
+	vmov.32	r10, d3[0]
 	ror	r0, r8, #6
 	eor	r1, r9, r2
 	eor	r0, r0, r8, ror #11
@@ -2018,7 +2118,7 @@ L_SHA256_transform_neon_len_start:
 	add	r3, r3, r0
 	add	r3, r3, r1
 	# Round 7
-	vmov	r10, d3[1]
+	vmov.32	r10, d3[1]
 	# Calc new W[6]-W[7]
 	vext.8	d10, d3, d4, #4
 	ror	r0, r7, #6
@@ -2061,7 +2161,7 @@ L_SHA256_transform_neon_len_start:
 	add	r2, r2, r0
 	add	r2, r2, r1
 	# Round 8
-	vmov	r10, d4[0]
+	vmov.32	r10, d4[0]
 	ror	r0, r6, #6
 	eor	r1, r7, r8
 	eor	r0, r0, r6, ror #11
@@ -2084,7 +2184,7 @@ L_SHA256_transform_neon_len_start:
 	add	r9, r9, r0
 	add	r9, r9, r1
 	# Round 9
-	vmov	r10, d4[1]
+	vmov.32	r10, d4[1]
 	# Calc new W[8]-W[9]
 	vext.8	d10, d4, d5, #4
 	ror	r0, r5, #6
@@ -2127,7 +2227,7 @@ L_SHA256_transform_neon_len_start:
 	add	r8, r8, r0
 	add	r8, r8, r1
 	# Round 10
-	vmov	r10, d5[0]
+	vmov.32	r10, d5[0]
 	ror	r0, r4, #6
 	eor	r1, r5, r6
 	eor	r0, r0, r4, ror #11
@@ -2150,7 +2250,7 @@ L_SHA256_transform_neon_len_start:
 	add	r7, r7, r0
 	add	r7, r7, r1
 	# Round 11
-	vmov	r10, d5[1]
+	vmov.32	r10, d5[1]
 	# Calc new W[10]-W[11]
 	vext.8	d10, d5, d6, #4
 	ror	r0, r3, #6
@@ -2193,7 +2293,7 @@ L_SHA256_transform_neon_len_start:
 	add	r6, r6, r0
 	add	r6, r6, r1
 	# Round 12
-	vmov	r10, d6[0]
+	vmov.32	r10, d6[0]
 	ror	r0, r2, #6
 	eor	r1, r3, r4
 	eor	r0, r0, r2, ror #11
@@ -2216,7 +2316,7 @@ L_SHA256_transform_neon_len_start:
 	add	r5, r5, r0
 	add	r5, r5, r1
 	# Round 13
-	vmov	r10, d6[1]
+	vmov.32	r10, d6[1]
 	# Calc new W[12]-W[13]
 	vext.8	d10, d6, d7, #4
 	ror	r0, r9, #6
@@ -2259,7 +2359,7 @@ L_SHA256_transform_neon_len_start:
 	add	r4, r4, r0
 	add	r4, r4, r1
 	# Round 14
-	vmov	r10, d7[0]
+	vmov.32	r10, d7[0]
 	ror	r0, r8, #6
 	eor	r1, r9, r2
 	eor	r0, r0, r8, ror #11
@@ -2282,7 +2382,7 @@ L_SHA256_transform_neon_len_start:
 	add	r3, r3, r0
 	add	r3, r3, r1
 	# Round 15
-	vmov	r10, d7[1]
+	vmov.32	r10, d7[1]
 	# Calc new W[14]-W[15]
 	vext.8	d10, d7, d0, #4
 	ror	r0, r7, #6
@@ -2328,7 +2428,7 @@ L_SHA256_transform_neon_len_start:
 	subs	lr, lr, #1
 	bne	L_SHA256_transform_neon_len_start
 	# Round 0
-	vmov	r10, d0[0]
+	vmov.32	r10, d0[0]
 	ror	r0, r6, #6
 	eor	r1, r7, r8
 	eor	r0, r0, r6, ror #11
@@ -2351,7 +2451,7 @@ L_SHA256_transform_neon_len_start:
 	add	r9, r9, r0
 	add	r9, r9, r1
 	# Round 1
-	vmov	r10, d0[1]
+	vmov.32	r10, d0[1]
 	ror	r0, r5, #6
 	eor	r1, r6, r7
 	eor	r0, r0, r5, ror #11
@@ -2374,7 +2474,7 @@ L_SHA256_transform_neon_len_start:
 	add	r8, r8, r0
 	add	r8, r8, r1
 	# Round 2
-	vmov	r10, d1[0]
+	vmov.32	r10, d1[0]
 	ror	r0, r4, #6
 	eor	r1, r5, r6
 	eor	r0, r0, r4, ror #11
@@ -2397,7 +2497,7 @@ L_SHA256_transform_neon_len_start:
 	add	r7, r7, r0
 	add	r7, r7, r1
 	# Round 3
-	vmov	r10, d1[1]
+	vmov.32	r10, d1[1]
 	ror	r0, r3, #6
 	eor	r1, r4, r5
 	eor	r0, r0, r3, ror #11
@@ -2420,7 +2520,7 @@ L_SHA256_transform_neon_len_start:
 	add	r6, r6, r0
 	add	r6, r6, r1
 	# Round 4
-	vmov	r10, d2[0]
+	vmov.32	r10, d2[0]
 	ror	r0, r2, #6
 	eor	r1, r3, r4
 	eor	r0, r0, r2, ror #11
@@ -2443,7 +2543,7 @@ L_SHA256_transform_neon_len_start:
 	add	r5, r5, r0
 	add	r5, r5, r1
 	# Round 5
-	vmov	r10, d2[1]
+	vmov.32	r10, d2[1]
 	ror	r0, r9, #6
 	eor	r1, r2, r3
 	eor	r0, r0, r9, ror #11
@@ -2466,7 +2566,7 @@ L_SHA256_transform_neon_len_start:
 	add	r4, r4, r0
 	add	r4, r4, r1
 	# Round 6
-	vmov	r10, d3[0]
+	vmov.32	r10, d3[0]
 	ror	r0, r8, #6
 	eor	r1, r9, r2
 	eor	r0, r0, r8, ror #11
@@ -2489,7 +2589,7 @@ L_SHA256_transform_neon_len_start:
 	add	r3, r3, r0
 	add	r3, r3, r1
 	# Round 7
-	vmov	r10, d3[1]
+	vmov.32	r10, d3[1]
 	ror	r0, r7, #6
 	eor	r1, r8, r9
 	eor	r0, r0, r7, ror #11
@@ -2512,7 +2612,7 @@ L_SHA256_transform_neon_len_start:
 	add	r2, r2, r0
 	add	r2, r2, r1
 	# Round 8
-	vmov	r10, d4[0]
+	vmov.32	r10, d4[0]
 	ror	r0, r6, #6
 	eor	r1, r7, r8
 	eor	r0, r0, r6, ror #11
@@ -2535,7 +2635,7 @@ L_SHA256_transform_neon_len_start:
 	add	r9, r9, r0
 	add	r9, r9, r1
 	# Round 9
-	vmov	r10, d4[1]
+	vmov.32	r10, d4[1]
 	ror	r0, r5, #6
 	eor	r1, r6, r7
 	eor	r0, r0, r5, ror #11
@@ -2558,7 +2658,7 @@ L_SHA256_transform_neon_len_start:
 	add	r8, r8, r0
 	add	r8, r8, r1
 	# Round 10
-	vmov	r10, d5[0]
+	vmov.32	r10, d5[0]
 	ror	r0, r4, #6
 	eor	r1, r5, r6
 	eor	r0, r0, r4, ror #11
@@ -2581,7 +2681,7 @@ L_SHA256_transform_neon_len_start:
 	add	r7, r7, r0
 	add	r7, r7, r1
 	# Round 11
-	vmov	r10, d5[1]
+	vmov.32	r10, d5[1]
 	ror	r0, r3, #6
 	eor	r1, r4, r5
 	eor	r0, r0, r3, ror #11
@@ -2604,7 +2704,7 @@ L_SHA256_transform_neon_len_start:
 	add	r6, r6, r0
 	add	r6, r6, r1
 	# Round 12
-	vmov	r10, d6[0]
+	vmov.32	r10, d6[0]
 	ror	r0, r2, #6
 	eor	r1, r3, r4
 	eor	r0, r0, r2, ror #11
@@ -2627,7 +2727,7 @@ L_SHA256_transform_neon_len_start:
 	add	r5, r5, r0
 	add	r5, r5, r1
 	# Round 13
-	vmov	r10, d6[1]
+	vmov.32	r10, d6[1]
 	ror	r0, r9, #6
 	eor	r1, r2, r3
 	eor	r0, r0, r9, ror #11
@@ -2650,7 +2750,7 @@ L_SHA256_transform_neon_len_start:
 	add	r4, r4, r0
 	add	r4, r4, r1
 	# Round 14
-	vmov	r10, d7[0]
+	vmov.32	r10, d7[0]
 	ror	r0, r8, #6
 	eor	r1, r9, r2
 	eor	r0, r0, r8, ror #11
@@ -2673,7 +2773,7 @@ L_SHA256_transform_neon_len_start:
 	add	r3, r3, r0
 	add	r3, r3, r1
 	# Round 15
-	vmov	r10, d7[1]
+	vmov.32	r10, d7[1]
 	ror	r0, r7, #6
 	eor	r1, r8, r9
 	eor	r0, r0, r7, ror #11
@@ -2697,7 +2797,7 @@ L_SHA256_transform_neon_len_start:
 	add	r2, r2, r1
 	ldr	r10, [sp]
 	# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r0, [r10]
 	ldr	r1, [r10, #4]
 #else
@@ -2705,13 +2805,13 @@ L_SHA256_transform_neon_len_start:
 #endif
 	add	r2, r2, r0
 	add	r3, r3, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r2, [r10]
 	str	r3, [r10, #4]
 #else
 	strd	r2, r3, [r10]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r0, [r10, #8]
 	ldr	r1, [r10, #12]
 #else
@@ -2719,13 +2819,13 @@ L_SHA256_transform_neon_len_start:
 #endif
 	add	r4, r4, r0
 	add	r5, r5, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r10, #8]
 	str	r5, [r10, #12]
 #else
 	strd	r4, r5, [r10, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r0, [r10, #16]
 	ldr	r1, [r10, #20]
 #else
@@ -2733,13 +2833,13 @@ L_SHA256_transform_neon_len_start:
 #endif
 	add	r6, r6, r0
 	add	r7, r7, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r10, #16]
 	str	r7, [r10, #20]
 #else
 	strd	r6, r7, [r10, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r0, [r10, #24]
 	ldr	r1, [r10, #28]
 #else
@@ -2747,7 +2847,7 @@ L_SHA256_transform_neon_len_start:
 #endif
 	add	r8, r8, r0
 	add	r9, r9, r1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r10, #24]
 	str	r9, [r10, #28]
 #else
@@ -2765,9 +2865,10 @@ L_SHA256_transform_neon_len_start:
 	.size	Transform_Sha256_Len,.-Transform_Sha256_Len
 #endif /* WOLFSSL_ARMASM_NO_NEON */
 #endif /* !NO_SHA256 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
 
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
index d81d5bba..3a5e200e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha256-asm_c.c
@@ -28,139 +28,106 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
 #include <stdint.h>
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
 #ifndef NO_SHA256
 #include <wolfssl/wolfcrypt/sha256.h>
 
 #ifdef WOLFSSL_ARMASM_NO_NEON
 static const uint32_t L_SHA256_transform_len_k[] = {
-    0x428a2f98,
-    0x71374491,
-    0xb5c0fbcf,
-    0xe9b5dba5,
-    0x3956c25b,
-    0x59f111f1,
-    0x923f82a4,
-    0xab1c5ed5,
-    0xd807aa98,
-    0x12835b01,
-    0x243185be,
-    0x550c7dc3,
-    0x72be5d74,
-    0x80deb1fe,
-    0x9bdc06a7,
-    0xc19bf174,
-    0xe49b69c1,
-    0xefbe4786,
-    0xfc19dc6,
-    0x240ca1cc,
-    0x2de92c6f,
-    0x4a7484aa,
-    0x5cb0a9dc,
-    0x76f988da,
-    0x983e5152,
-    0xa831c66d,
-    0xb00327c8,
-    0xbf597fc7,
-    0xc6e00bf3,
-    0xd5a79147,
-    0x6ca6351,
-    0x14292967,
-    0x27b70a85,
-    0x2e1b2138,
-    0x4d2c6dfc,
-    0x53380d13,
-    0x650a7354,
-    0x766a0abb,
-    0x81c2c92e,
-    0x92722c85,
-    0xa2bfe8a1,
-    0xa81a664b,
-    0xc24b8b70,
-    0xc76c51a3,
-    0xd192e819,
-    0xd6990624,
-    0xf40e3585,
-    0x106aa070,
-    0x19a4c116,
-    0x1e376c08,
-    0x2748774c,
-    0x34b0bcb5,
-    0x391c0cb3,
-    0x4ed8aa4a,
-    0x5b9cca4f,
-    0x682e6ff3,
-    0x748f82ee,
-    0x78a5636f,
-    0x84c87814,
-    0x8cc70208,
-    0x90befffa,
-    0xa4506ceb,
-    0xbef9a3f7,
-    0xc67178f2,
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
 };
 
-void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p);
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
 void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 {
-    register wc_Sha256* sha256 asm ("r0") = sha256_p;
-    register const byte* data asm ("r1") = data_p;
-    register word32 len asm ("r2") = len_p;
+    register wc_Sha256* sha256 asm ("r0") = (wc_Sha256*)sha256_p;
+    register const byte* data asm ("r1") = (const byte*)data_p;
+    register word32 len asm ("r2") = (word32)len_p;
+    register uint32_t* L_SHA256_transform_len_k_c asm ("r3") = (uint32_t*)&L_SHA256_transform_len_k;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0xc0\n\t"
-        "mov	r3, %[L_SHA256_transform_len_k]\n\t"
         /* Copy digest to add in at end */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha256]]\n\t"
         "ldr	r5, [%[sha256], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha256]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha256], #8]\n\t"
         "ldr	r7, [%[sha256], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha256], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha256], #16]\n\t"
         "ldr	r9, [%[sha256], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha256], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[sha256], #24]\n\t"
         "ldr	r11, [%[sha256], #28]\n\t"
 #else
         "ldrd	r10, r11, [%[sha256], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #64]\n\t"
         "str	r5, [sp, #68]\n\t"
 #else
         "strd	r4, r5, [sp, #64]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #72]\n\t"
         "str	r7, [sp, #76]\n\t"
 #else
         "strd	r6, r7, [sp, #72]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [sp, #80]\n\t"
         "str	r9, [sp, #84]\n\t"
 #else
         "strd	r8, r9, [sp, #80]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [sp, #88]\n\t"
         "str	r11, [sp, #92]\n\t"
 #else
@@ -170,30 +137,144 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "\n"
     "L_SHA256_transform_len_begin_%=: \n\t"
         /* Load, Reverse and Store W - 64 bytes */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
         "ldr	r4, [%[data]]\n\t"
         "ldr	r5, [%[data], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[data]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #8]\n\t"
         "ldr	r7, [%[data], #12]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [sp]\n\t"
+        "str	r5, [sp, #4]\n\t"
 #else
-        "ldrd	r6, r7, [%[data], #8]\n\t"
+        "strd	r4, r5, [sp]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r8, [%[data], #16]\n\t"
-        "ldr	r9, [%[data], #20]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [sp, #8]\n\t"
+        "str	r7, [sp, #12]\n\t"
 #else
-        "ldrd	r8, r9, [%[data], #16]\n\t"
+        "strd	r6, r7, [sp, #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "ldr	r10, [%[data], #24]\n\t"
-        "ldr	r11, [%[data], #28]\n\t"
+        "ldr	r4, [%[data], #16]\n\t"
+        "ldr	r5, [%[data], #20]\n\t"
+        "ldr	r6, [%[data], #24]\n\t"
+        "ldr	r7, [%[data], #28]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [sp, #16]\n\t"
+        "str	r5, [sp, #20]\n\t"
+#else
+        "strd	r4, r5, [sp, #16]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [sp, #24]\n\t"
+        "str	r7, [sp, #28]\n\t"
+#else
+        "strd	r6, r7, [sp, #24]\n\t"
+#endif
+        "ldr	r4, [%[data], #32]\n\t"
+        "ldr	r5, [%[data], #36]\n\t"
+        "ldr	r6, [%[data], #40]\n\t"
+        "ldr	r7, [%[data], #44]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [sp, #32]\n\t"
+        "str	r5, [sp, #36]\n\t"
+#else
+        "strd	r4, r5, [sp, #32]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [sp, #40]\n\t"
+        "str	r7, [sp, #44]\n\t"
+#else
+        "strd	r6, r7, [sp, #40]\n\t"
+#endif
+        "ldr	r4, [%[data], #48]\n\t"
+        "ldr	r5, [%[data], #52]\n\t"
+        "ldr	r6, [%[data], #56]\n\t"
+        "ldr	r7, [%[data], #60]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r4, [sp, #48]\n\t"
+        "str	r5, [sp, #52]\n\t"
+#else
+        "strd	r4, r5, [sp, #48]\n\t"
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r6, [sp, #56]\n\t"
+        "str	r7, [sp, #60]\n\t"
 #else
-        "ldrd	r10, r11, [%[data], #24]\n\t"
+        "strd	r6, r7, [sp, #56]\n\t"
 #endif
+#else
+        "ldr	r4, [%[data]]\n\t"
+        "ldr	r5, [%[data], #4]\n\t"
+        "ldr	r6, [%[data], #8]\n\t"
+        "ldr	r7, [%[data], #12]\n\t"
+        "ldr	r8, [%[data], #16]\n\t"
+        "ldr	r9, [%[data], #20]\n\t"
+        "ldr	r10, [%[data], #24]\n\t"
+        "ldr	r11, [%[data], #28]\n\t"
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -202,54 +283,38 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "rev	r9, r9\n\t"
         "rev	r10, r10\n\t"
         "rev	r11, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp]\n\t"
         "str	r5, [sp, #4]\n\t"
 #else
         "strd	r4, r5, [sp]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #8]\n\t"
         "str	r7, [sp, #12]\n\t"
 #else
         "strd	r6, r7, [sp, #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [sp, #16]\n\t"
         "str	r9, [sp, #20]\n\t"
 #else
         "strd	r8, r9, [sp, #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [sp, #24]\n\t"
         "str	r11, [sp, #28]\n\t"
 #else
         "strd	r10, r11, [sp, #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r4, [%[data], #32]\n\t"
         "ldr	r5, [%[data], #36]\n\t"
-#else
-        "ldrd	r4, r5, [%[data], #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #40]\n\t"
         "ldr	r7, [%[data], #44]\n\t"
-#else
-        "ldrd	r6, r7, [%[data], #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r8, [%[data], #48]\n\t"
         "ldr	r9, [%[data], #52]\n\t"
-#else
-        "ldrd	r8, r9, [%[data], #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r10, [%[data], #56]\n\t"
         "ldr	r11, [%[data], #60]\n\t"
-#else
-        "ldrd	r10, r11, [%[data], #56]\n\t"
-#endif
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -258,30 +323,31 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "rev	r9, r9\n\t"
         "rev	r10, r10\n\t"
         "rev	r11, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #32]\n\t"
         "str	r5, [sp, #36]\n\t"
 #else
         "strd	r4, r5, [sp, #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #40]\n\t"
         "str	r7, [sp, #44]\n\t"
 #else
         "strd	r6, r7, [sp, #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [sp, #48]\n\t"
         "str	r9, [sp, #52]\n\t"
 #else
         "strd	r8, r9, [sp, #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [sp, #56]\n\t"
         "str	r11, [sp, #60]\n\t"
 #else
         "strd	r10, r11, [sp, #56]\n\t"
 #endif
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
         "ldr	r11, [%[sha256], #4]\n\t"
         "ldr	r4, [%[sha256], #8]\n\t"
         "eor	r11, r11, r4\n\t"
@@ -1557,25 +1623,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "str	r8, [%[sha256], #16]\n\t"
         "str	r9, [%[sha256]]\n\t"
         /* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha256]]\n\t"
         "ldr	r5, [%[sha256], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha256]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha256], #8]\n\t"
         "ldr	r7, [%[sha256], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha256], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #64]\n\t"
         "ldr	r9, [sp, #68]\n\t"
 #else
         "ldrd	r8, r9, [sp, #64]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #72]\n\t"
         "ldr	r11, [sp, #76]\n\t"
 #else
@@ -1585,49 +1651,49 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, r9\n\t"
         "add	r6, r6, r10\n\t"
         "add	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha256]]\n\t"
         "str	r5, [%[sha256], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha256]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha256], #8]\n\t"
         "str	r7, [%[sha256], #12]\n\t"
 #else
         "strd	r6, r7, [%[sha256], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #64]\n\t"
         "str	r5, [sp, #68]\n\t"
 #else
         "strd	r4, r5, [sp, #64]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #72]\n\t"
         "str	r7, [sp, #76]\n\t"
 #else
         "strd	r6, r7, [sp, #72]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha256], #16]\n\t"
         "ldr	r5, [%[sha256], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha256], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha256], #24]\n\t"
         "ldr	r7, [%[sha256], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha256], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #80]\n\t"
         "ldr	r9, [sp, #84]\n\t"
 #else
         "ldrd	r8, r9, [sp, #80]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #88]\n\t"
         "ldr	r11, [sp, #92]\n\t"
 #else
@@ -1637,25 +1703,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, r9\n\t"
         "add	r6, r6, r10\n\t"
         "add	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha256], #16]\n\t"
         "str	r5, [%[sha256], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha256], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha256], #24]\n\t"
         "str	r7, [%[sha256], #28]\n\t"
 #else
         "strd	r6, r7, [%[sha256], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #80]\n\t"
         "str	r5, [sp, #84]\n\t"
 #else
         "strd	r4, r5, [sp, #80]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #88]\n\t"
         "str	r7, [sp, #92]\n\t"
 #else
@@ -1666,9 +1732,9 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	%[data], %[data], #0x40\n\t"
         "bne	L_SHA256_transform_len_begin_%=\n\t"
         "add	sp, sp, #0xc0\n\t"
-        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
-        : [L_SHA256_transform_len_k] "r" (L_SHA256_transform_len_k)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len), [L_SHA256_transform_len_k] "+r" (L_SHA256_transform_len_k_c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -1677,82 +1743,35 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 
 #ifndef WOLFSSL_ARMASM_NO_NEON
 static const uint32_t L_SHA256_transform_neon_len_k[] = {
-    0x428a2f98,
-    0x71374491,
-    0xb5c0fbcf,
-    0xe9b5dba5,
-    0x3956c25b,
-    0x59f111f1,
-    0x923f82a4,
-    0xab1c5ed5,
-    0xd807aa98,
-    0x12835b01,
-    0x243185be,
-    0x550c7dc3,
-    0x72be5d74,
-    0x80deb1fe,
-    0x9bdc06a7,
-    0xc19bf174,
-    0xe49b69c1,
-    0xefbe4786,
-    0xfc19dc6,
-    0x240ca1cc,
-    0x2de92c6f,
-    0x4a7484aa,
-    0x5cb0a9dc,
-    0x76f988da,
-    0x983e5152,
-    0xa831c66d,
-    0xb00327c8,
-    0xbf597fc7,
-    0xc6e00bf3,
-    0xd5a79147,
-    0x6ca6351,
-    0x14292967,
-    0x27b70a85,
-    0x2e1b2138,
-    0x4d2c6dfc,
-    0x53380d13,
-    0x650a7354,
-    0x766a0abb,
-    0x81c2c92e,
-    0x92722c85,
-    0xa2bfe8a1,
-    0xa81a664b,
-    0xc24b8b70,
-    0xc76c51a3,
-    0xd192e819,
-    0xd6990624,
-    0xf40e3585,
-    0x106aa070,
-    0x19a4c116,
-    0x1e376c08,
-    0x2748774c,
-    0x34b0bcb5,
-    0x391c0cb3,
-    0x4ed8aa4a,
-    0x5b9cca4f,
-    0x682e6ff3,
-    0x748f82ee,
-    0x78a5636f,
-    0x84c87814,
-    0x8cc70208,
-    0x90befffa,
-    0xa4506ceb,
-    0xbef9a3f7,
-    0xc67178f2,
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
 };
 
-void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p);
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
 void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 {
-    register wc_Sha256* sha256 asm ("r0") = sha256_p;
-    register const byte* data asm ("r1") = data_p;
-    register word32 len asm ("r2") = len_p;
+    register wc_Sha256* sha256 asm ("r0") = (wc_Sha256*)sha256_p;
+    register const byte* data asm ("r1") = (const byte*)data_p;
+    register word32 len asm ("r2") = (word32)len_p;
+    register uint32_t* L_SHA256_transform_neon_len_k_c asm ("r3") = (uint32_t*)&L_SHA256_transform_neon_len_k;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #24\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	%[sha256], [sp]\n\t"
         "str	%[data], [sp, #4]\n\t"
 #else
@@ -1761,25 +1780,25 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "str	%[len], [sp, #8]\n\t"
         "mov	r12, %[L_SHA256_transform_neon_len_k]\n\t"
         /* Load digest into registers */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	%[len], [%[sha256]]\n\t"
         "ldr	r3, [%[sha256], #4]\n\t"
 #else
         "ldrd	%[len], r3, [%[sha256]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha256], #8]\n\t"
         "ldr	r5, [%[sha256], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha256], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha256], #16]\n\t"
         "ldr	r7, [%[sha256], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha256], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha256], #24]\n\t"
         "ldr	r9, [%[sha256], #28]\n\t"
 #else
@@ -1812,7 +1831,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "\n"
     "L_SHA256_transform_neon_len_start_%=: \n\t"
         /* Round 0 */
-        "vmov	r10, d0[0]\n\t"
+        "vmov.32	r10, d0[0]\n\t"
         "ror	%[sha256], r6, #6\n\t"
         "eor	%[data], r7, r8\n\t"
         "eor	%[sha256], %[sha256], r6, ror #11\n\t"
@@ -1835,7 +1854,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r9, r9, %[sha256]\n\t"
         "add	r9, r9, %[data]\n\t"
         /* Round 1 */
-        "vmov	r10, d0[1]\n\t"
+        "vmov.32	r10, d0[1]\n\t"
         /* Calc new W[0]-W[1] */
         "vext.8	d10, d0, d1, #4\n\t"
         "ror	%[sha256], r5, #6\n\t"
@@ -1878,7 +1897,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r8, r8, %[sha256]\n\t"
         "add	r8, r8, %[data]\n\t"
         /* Round 2 */
-        "vmov	r10, d1[0]\n\t"
+        "vmov.32	r10, d1[0]\n\t"
         "ror	%[sha256], r4, #6\n\t"
         "eor	%[data], r5, r6\n\t"
         "eor	%[sha256], %[sha256], r4, ror #11\n\t"
@@ -1901,7 +1920,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r7, r7, %[sha256]\n\t"
         "add	r7, r7, %[data]\n\t"
         /* Round 3 */
-        "vmov	r10, d1[1]\n\t"
+        "vmov.32	r10, d1[1]\n\t"
         /* Calc new W[2]-W[3] */
         "vext.8	d10, d1, d2, #4\n\t"
         "ror	%[sha256], r3, #6\n\t"
@@ -1944,7 +1963,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r6, r6, %[sha256]\n\t"
         "add	r6, r6, %[data]\n\t"
         /* Round 4 */
-        "vmov	r10, d2[0]\n\t"
+        "vmov.32	r10, d2[0]\n\t"
         "ror	%[sha256], %[len], #6\n\t"
         "eor	%[data], r3, r4\n\t"
         "eor	%[sha256], %[sha256], %[len], ror #11\n\t"
@@ -1967,7 +1986,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, %[sha256]\n\t"
         "add	r5, r5, %[data]\n\t"
         /* Round 5 */
-        "vmov	r10, d2[1]\n\t"
+        "vmov.32	r10, d2[1]\n\t"
         /* Calc new W[4]-W[5] */
         "vext.8	d10, d2, d3, #4\n\t"
         "ror	%[sha256], r9, #6\n\t"
@@ -2010,7 +2029,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r4, r4, %[sha256]\n\t"
         "add	r4, r4, %[data]\n\t"
         /* Round 6 */
-        "vmov	r10, d3[0]\n\t"
+        "vmov.32	r10, d3[0]\n\t"
         "ror	%[sha256], r8, #6\n\t"
         "eor	%[data], r9, %[len]\n\t"
         "eor	%[sha256], %[sha256], r8, ror #11\n\t"
@@ -2033,7 +2052,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r3, r3, %[sha256]\n\t"
         "add	r3, r3, %[data]\n\t"
         /* Round 7 */
-        "vmov	r10, d3[1]\n\t"
+        "vmov.32	r10, d3[1]\n\t"
         /* Calc new W[6]-W[7] */
         "vext.8	d10, d3, d4, #4\n\t"
         "ror	%[sha256], r7, #6\n\t"
@@ -2076,7 +2095,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	%[len], %[len], %[sha256]\n\t"
         "add	%[len], %[len], %[data]\n\t"
         /* Round 8 */
-        "vmov	r10, d4[0]\n\t"
+        "vmov.32	r10, d4[0]\n\t"
         "ror	%[sha256], r6, #6\n\t"
         "eor	%[data], r7, r8\n\t"
         "eor	%[sha256], %[sha256], r6, ror #11\n\t"
@@ -2099,7 +2118,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r9, r9, %[sha256]\n\t"
         "add	r9, r9, %[data]\n\t"
         /* Round 9 */
-        "vmov	r10, d4[1]\n\t"
+        "vmov.32	r10, d4[1]\n\t"
         /* Calc new W[8]-W[9] */
         "vext.8	d10, d4, d5, #4\n\t"
         "ror	%[sha256], r5, #6\n\t"
@@ -2142,7 +2161,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r8, r8, %[sha256]\n\t"
         "add	r8, r8, %[data]\n\t"
         /* Round 10 */
-        "vmov	r10, d5[0]\n\t"
+        "vmov.32	r10, d5[0]\n\t"
         "ror	%[sha256], r4, #6\n\t"
         "eor	%[data], r5, r6\n\t"
         "eor	%[sha256], %[sha256], r4, ror #11\n\t"
@@ -2165,7 +2184,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r7, r7, %[sha256]\n\t"
         "add	r7, r7, %[data]\n\t"
         /* Round 11 */
-        "vmov	r10, d5[1]\n\t"
+        "vmov.32	r10, d5[1]\n\t"
         /* Calc new W[10]-W[11] */
         "vext.8	d10, d5, d6, #4\n\t"
         "ror	%[sha256], r3, #6\n\t"
@@ -2208,7 +2227,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r6, r6, %[sha256]\n\t"
         "add	r6, r6, %[data]\n\t"
         /* Round 12 */
-        "vmov	r10, d6[0]\n\t"
+        "vmov.32	r10, d6[0]\n\t"
         "ror	%[sha256], %[len], #6\n\t"
         "eor	%[data], r3, r4\n\t"
         "eor	%[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2231,7 +2250,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, %[sha256]\n\t"
         "add	r5, r5, %[data]\n\t"
         /* Round 13 */
-        "vmov	r10, d6[1]\n\t"
+        "vmov.32	r10, d6[1]\n\t"
         /* Calc new W[12]-W[13] */
         "vext.8	d10, d6, d7, #4\n\t"
         "ror	%[sha256], r9, #6\n\t"
@@ -2274,7 +2293,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r4, r4, %[sha256]\n\t"
         "add	r4, r4, %[data]\n\t"
         /* Round 14 */
-        "vmov	r10, d7[0]\n\t"
+        "vmov.32	r10, d7[0]\n\t"
         "ror	%[sha256], r8, #6\n\t"
         "eor	%[data], r9, %[len]\n\t"
         "eor	%[sha256], %[sha256], r8, ror #11\n\t"
@@ -2297,7 +2316,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r3, r3, %[sha256]\n\t"
         "add	r3, r3, %[data]\n\t"
         /* Round 15 */
-        "vmov	r10, d7[1]\n\t"
+        "vmov.32	r10, d7[1]\n\t"
         /* Calc new W[14]-W[15] */
         "vext.8	d10, d7, d0, #4\n\t"
         "ror	%[sha256], r7, #6\n\t"
@@ -2343,7 +2362,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "subs	lr, lr, #1\n\t"
         "bne	L_SHA256_transform_neon_len_start_%=\n\t"
         /* Round 0 */
-        "vmov	r10, d0[0]\n\t"
+        "vmov.32	r10, d0[0]\n\t"
         "ror	%[sha256], r6, #6\n\t"
         "eor	%[data], r7, r8\n\t"
         "eor	%[sha256], %[sha256], r6, ror #11\n\t"
@@ -2366,7 +2385,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r9, r9, %[sha256]\n\t"
         "add	r9, r9, %[data]\n\t"
         /* Round 1 */
-        "vmov	r10, d0[1]\n\t"
+        "vmov.32	r10, d0[1]\n\t"
         "ror	%[sha256], r5, #6\n\t"
         "eor	%[data], r6, r7\n\t"
         "eor	%[sha256], %[sha256], r5, ror #11\n\t"
@@ -2389,7 +2408,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r8, r8, %[sha256]\n\t"
         "add	r8, r8, %[data]\n\t"
         /* Round 2 */
-        "vmov	r10, d1[0]\n\t"
+        "vmov.32	r10, d1[0]\n\t"
         "ror	%[sha256], r4, #6\n\t"
         "eor	%[data], r5, r6\n\t"
         "eor	%[sha256], %[sha256], r4, ror #11\n\t"
@@ -2412,7 +2431,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r7, r7, %[sha256]\n\t"
         "add	r7, r7, %[data]\n\t"
         /* Round 3 */
-        "vmov	r10, d1[1]\n\t"
+        "vmov.32	r10, d1[1]\n\t"
         "ror	%[sha256], r3, #6\n\t"
         "eor	%[data], r4, r5\n\t"
         "eor	%[sha256], %[sha256], r3, ror #11\n\t"
@@ -2435,7 +2454,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r6, r6, %[sha256]\n\t"
         "add	r6, r6, %[data]\n\t"
         /* Round 4 */
-        "vmov	r10, d2[0]\n\t"
+        "vmov.32	r10, d2[0]\n\t"
         "ror	%[sha256], %[len], #6\n\t"
         "eor	%[data], r3, r4\n\t"
         "eor	%[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2458,7 +2477,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, %[sha256]\n\t"
         "add	r5, r5, %[data]\n\t"
         /* Round 5 */
-        "vmov	r10, d2[1]\n\t"
+        "vmov.32	r10, d2[1]\n\t"
         "ror	%[sha256], r9, #6\n\t"
         "eor	%[data], %[len], r3\n\t"
         "eor	%[sha256], %[sha256], r9, ror #11\n\t"
@@ -2481,7 +2500,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r4, r4, %[sha256]\n\t"
         "add	r4, r4, %[data]\n\t"
         /* Round 6 */
-        "vmov	r10, d3[0]\n\t"
+        "vmov.32	r10, d3[0]\n\t"
         "ror	%[sha256], r8, #6\n\t"
         "eor	%[data], r9, %[len]\n\t"
         "eor	%[sha256], %[sha256], r8, ror #11\n\t"
@@ -2504,7 +2523,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r3, r3, %[sha256]\n\t"
         "add	r3, r3, %[data]\n\t"
         /* Round 7 */
-        "vmov	r10, d3[1]\n\t"
+        "vmov.32	r10, d3[1]\n\t"
         "ror	%[sha256], r7, #6\n\t"
         "eor	%[data], r8, r9\n\t"
         "eor	%[sha256], %[sha256], r7, ror #11\n\t"
@@ -2527,7 +2546,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	%[len], %[len], %[sha256]\n\t"
         "add	%[len], %[len], %[data]\n\t"
         /* Round 8 */
-        "vmov	r10, d4[0]\n\t"
+        "vmov.32	r10, d4[0]\n\t"
         "ror	%[sha256], r6, #6\n\t"
         "eor	%[data], r7, r8\n\t"
         "eor	%[sha256], %[sha256], r6, ror #11\n\t"
@@ -2550,7 +2569,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r9, r9, %[sha256]\n\t"
         "add	r9, r9, %[data]\n\t"
         /* Round 9 */
-        "vmov	r10, d4[1]\n\t"
+        "vmov.32	r10, d4[1]\n\t"
         "ror	%[sha256], r5, #6\n\t"
         "eor	%[data], r6, r7\n\t"
         "eor	%[sha256], %[sha256], r5, ror #11\n\t"
@@ -2573,7 +2592,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r8, r8, %[sha256]\n\t"
         "add	r8, r8, %[data]\n\t"
         /* Round 10 */
-        "vmov	r10, d5[0]\n\t"
+        "vmov.32	r10, d5[0]\n\t"
         "ror	%[sha256], r4, #6\n\t"
         "eor	%[data], r5, r6\n\t"
         "eor	%[sha256], %[sha256], r4, ror #11\n\t"
@@ -2596,7 +2615,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r7, r7, %[sha256]\n\t"
         "add	r7, r7, %[data]\n\t"
         /* Round 11 */
-        "vmov	r10, d5[1]\n\t"
+        "vmov.32	r10, d5[1]\n\t"
         "ror	%[sha256], r3, #6\n\t"
         "eor	%[data], r4, r5\n\t"
         "eor	%[sha256], %[sha256], r3, ror #11\n\t"
@@ -2619,7 +2638,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r6, r6, %[sha256]\n\t"
         "add	r6, r6, %[data]\n\t"
         /* Round 12 */
-        "vmov	r10, d6[0]\n\t"
+        "vmov.32	r10, d6[0]\n\t"
         "ror	%[sha256], %[len], #6\n\t"
         "eor	%[data], r3, r4\n\t"
         "eor	%[sha256], %[sha256], %[len], ror #11\n\t"
@@ -2642,7 +2661,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r5, r5, %[sha256]\n\t"
         "add	r5, r5, %[data]\n\t"
         /* Round 13 */
-        "vmov	r10, d6[1]\n\t"
+        "vmov.32	r10, d6[1]\n\t"
         "ror	%[sha256], r9, #6\n\t"
         "eor	%[data], %[len], r3\n\t"
         "eor	%[sha256], %[sha256], r9, ror #11\n\t"
@@ -2665,7 +2684,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r4, r4, %[sha256]\n\t"
         "add	r4, r4, %[data]\n\t"
         /* Round 14 */
-        "vmov	r10, d7[0]\n\t"
+        "vmov.32	r10, d7[0]\n\t"
         "ror	%[sha256], r8, #6\n\t"
         "eor	%[data], r9, %[len]\n\t"
         "eor	%[sha256], %[sha256], r8, ror #11\n\t"
@@ -2688,7 +2707,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	r3, r3, %[sha256]\n\t"
         "add	r3, r3, %[data]\n\t"
         /* Round 15 */
-        "vmov	r10, d7[1]\n\t"
+        "vmov.32	r10, d7[1]\n\t"
         "ror	%[sha256], r7, #6\n\t"
         "eor	%[data], r8, r9\n\t"
         "eor	%[sha256], %[sha256], r7, ror #11\n\t"
@@ -2712,7 +2731,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "add	%[len], %[len], %[data]\n\t"
         "ldr	r10, [sp]\n\t"
         /* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	%[sha256], [r10]\n\t"
         "ldr	%[data], [r10, #4]\n\t"
 #else
@@ -2720,13 +2739,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 #endif
         "add	%[len], %[len], %[sha256]\n\t"
         "add	r3, r3, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	%[len], [r10]\n\t"
         "str	r3, [r10, #4]\n\t"
 #else
         "strd	%[len], r3, [r10]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	%[sha256], [r10, #8]\n\t"
         "ldr	%[data], [r10, #12]\n\t"
 #else
@@ -2734,13 +2753,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 #endif
         "add	r4, r4, %[sha256]\n\t"
         "add	r5, r5, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [r10, #8]\n\t"
         "str	r5, [r10, #12]\n\t"
 #else
         "strd	r4, r5, [r10, #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	%[sha256], [r10, #16]\n\t"
         "ldr	%[data], [r10, #20]\n\t"
 #else
@@ -2748,13 +2767,13 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 #endif
         "add	r6, r6, %[sha256]\n\t"
         "add	r7, r7, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [r10, #16]\n\t"
         "str	r7, [r10, #20]\n\t"
 #else
         "strd	r6, r7, [r10, #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	%[sha256], [r10, #24]\n\t"
         "ldr	%[data], [r10, #28]\n\t"
 #else
@@ -2762,7 +2781,7 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
 #endif
         "add	r8, r8, %[sha256]\n\t"
         "add	r9, r9, %[data]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [r10, #24]\n\t"
         "str	r9, [r10, #28]\n\t"
 #else
@@ -2775,13 +2794,17 @@ void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
         "str	r10, [sp, #8]\n\t"
         "bne	L_SHA256_transform_neon_len_begin_%=\n\t"
         "add	sp, sp, #24\n\t"
-        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
-        : [L_SHA256_transform_neon_len_k] "r" (L_SHA256_transform_neon_len_k)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11"
+        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len), [L_SHA256_transform_neon_len_k] "+r" (L_SHA256_transform_neon_len_k_c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "cc"
     );
 }
 
 #endif /* WOLFSSL_ARMASM_NO_NEON */
 #endif /* !NO_SHA256 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
 #endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
index 5627688a..f06ae928 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm.S
@@ -30,7 +30,8 @@
 #include <wolfssl/wolfcrypt/settings.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
+#ifndef WOLFSSL_ARMASM_INLINE
 #ifdef WOLFSSL_SHA512
 #ifdef WOLFSSL_ARMASM_NO_NEON
 	.text
@@ -207,97 +208,97 @@ Transform_Sha512_Len:
 	sub	sp, sp, #0xc0
 	adr	r3, L_SHA512_transform_len_k
 	# Copy digest to add in at end
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r0, #24]
 	ldr	r11, [r0, #28]
 #else
 	ldrd	r10, r11, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #128]
 	str	r5, [sp, #132]
 #else
 	strd	r4, r5, [sp, #128]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #136]
 	str	r7, [sp, #140]
 #else
 	strd	r6, r7, [sp, #136]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [sp, #144]
 	str	r9, [sp, #148]
 #else
 	strd	r8, r9, [sp, #144]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r10, [sp, #152]
 	str	r11, [sp, #156]
 #else
 	strd	r10, r11, [sp, #152]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
 	ldrd	r8, r9, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r0, #56]
 	ldr	r11, [r0, #60]
 #else
 	ldrd	r10, r11, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #160]
 	str	r5, [sp, #164]
 #else
 	strd	r4, r5, [sp, #160]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #168]
 	str	r7, [sp, #172]
 #else
 	strd	r6, r7, [sp, #168]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [sp, #176]
 	str	r9, [sp, #180]
 #else
 	strd	r8, r9, [sp, #176]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r10, [sp, #184]
 	str	r11, [sp, #188]
 #else
@@ -305,31 +306,209 @@ Transform_Sha512_Len:
 #endif
 	# Start of loop processing a block
 L_SHA512_transform_len_begin:
-	# Load, Reverse and Store W
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	# Load, Reverse and Store W - 64 bytes
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
 	ldr	r4, [r1]
 	ldr	r5, [r1, #4]
-#else
-	ldrd	r4, r5, [r1]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #8]
 	ldr	r7, [r1, #12]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp]
+	str	r4, [sp, #4]
+	str	r7, [sp, #8]
+	str	r6, [sp, #12]
+	ldr	r4, [r1, #16]
+	ldr	r5, [r1, #20]
+	ldr	r6, [r1, #24]
+	ldr	r7, [r1, #28]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #16]
+	str	r4, [sp, #20]
+	str	r7, [sp, #24]
+	str	r6, [sp, #28]
+	ldr	r4, [r1, #32]
+	ldr	r5, [r1, #36]
+	ldr	r6, [r1, #40]
+	ldr	r7, [r1, #44]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #32]
+	str	r4, [sp, #36]
+	str	r7, [sp, #40]
+	str	r6, [sp, #44]
+	ldr	r4, [r1, #48]
+	ldr	r5, [r1, #52]
+	ldr	r6, [r1, #56]
+	ldr	r7, [r1, #60]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #48]
+	str	r4, [sp, #52]
+	str	r7, [sp, #56]
+	str	r6, [sp, #60]
+	ldr	r4, [r1, #64]
+	ldr	r5, [r1, #68]
+	ldr	r6, [r1, #72]
+	ldr	r7, [r1, #76]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #64]
+	str	r4, [sp, #68]
+	str	r7, [sp, #72]
+	str	r6, [sp, #76]
+	ldr	r4, [r1, #80]
+	ldr	r5, [r1, #84]
+	ldr	r6, [r1, #88]
+	ldr	r7, [r1, #92]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #80]
+	str	r4, [sp, #84]
+	str	r7, [sp, #88]
+	str	r6, [sp, #92]
+	ldr	r4, [r1, #96]
+	ldr	r5, [r1, #100]
+	ldr	r6, [r1, #104]
+	ldr	r7, [r1, #108]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #96]
+	str	r4, [sp, #100]
+	str	r7, [sp, #104]
+	str	r6, [sp, #108]
+	ldr	r4, [r1, #112]
+	ldr	r5, [r1, #116]
+	ldr	r6, [r1, #120]
+	ldr	r7, [r1, #124]
+	eor	r8, r4, r4, ror #16
+	eor	r9, r5, r5, ror #16
+	eor	r10, r6, r6, ror #16
+	eor	r11, r7, r7, ror #16
+	bic	r8, r8, #0xff0000
+	bic	r9, r9, #0xff0000
+	bic	r10, r10, #0xff0000
+	bic	r11, r11, #0xff0000
+	ror	r4, r4, #8
+	ror	r5, r5, #8
+	ror	r6, r6, #8
+	ror	r7, r7, #8
+	eor	r4, r4, r8, lsr #8
+	eor	r5, r5, r9, lsr #8
+	eor	r6, r6, r10, lsr #8
+	eor	r7, r7, r11, lsr #8
+	str	r5, [sp, #112]
+	str	r4, [sp, #116]
+	str	r7, [sp, #120]
+	str	r6, [sp, #124]
 #else
-	ldrd	r6, r7, [r1, #8]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+	ldr	r4, [r1]
+	ldr	r5, [r1, #4]
+	ldr	r6, [r1, #8]
+	ldr	r7, [r1, #12]
 	ldr	r8, [r1, #16]
 	ldr	r9, [r1, #20]
-#else
-	ldrd	r8, r9, [r1, #16]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r10, [r1, #24]
 	ldr	r11, [r1, #28]
-#else
-	ldrd	r10, r11, [r1, #24]
-#endif
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -346,30 +525,14 @@ L_SHA512_transform_len_begin:
 	str	r8, [sp, #20]
 	str	r11, [sp, #24]
 	str	r10, [sp, #28]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r4, [r1, #32]
 	ldr	r5, [r1, #36]
-#else
-	ldrd	r4, r5, [r1, #32]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #40]
 	ldr	r7, [r1, #44]
-#else
-	ldrd	r6, r7, [r1, #40]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r8, [r1, #48]
 	ldr	r9, [r1, #52]
-#else
-	ldrd	r8, r9, [r1, #48]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r10, [r1, #56]
 	ldr	r11, [r1, #60]
-#else
-	ldrd	r10, r11, [r1, #56]
-#endif
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -386,30 +549,14 @@ L_SHA512_transform_len_begin:
 	str	r8, [sp, #52]
 	str	r11, [sp, #56]
 	str	r10, [sp, #60]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r4, [r1, #64]
 	ldr	r5, [r1, #68]
-#else
-	ldrd	r4, r5, [r1, #64]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #72]
 	ldr	r7, [r1, #76]
-#else
-	ldrd	r6, r7, [r1, #72]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r8, [r1, #80]
 	ldr	r9, [r1, #84]
-#else
-	ldrd	r8, r9, [r1, #80]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r10, [r1, #88]
 	ldr	r11, [r1, #92]
-#else
-	ldrd	r10, r11, [r1, #88]
-#endif
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -426,30 +573,14 @@ L_SHA512_transform_len_begin:
 	str	r8, [sp, #84]
 	str	r11, [sp, #88]
 	str	r10, [sp, #92]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r4, [r1, #96]
 	ldr	r5, [r1, #100]
-#else
-	ldrd	r4, r5, [r1, #96]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r6, [r1, #104]
 	ldr	r7, [r1, #108]
-#else
-	ldrd	r6, r7, [r1, #104]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r8, [r1, #112]
 	ldr	r9, [r1, #116]
-#else
-	ldrd	r8, r9, [r1, #112]
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
 	ldr	r10, [r1, #120]
 	ldr	r11, [r1, #124]
-#else
-	ldrd	r10, r11, [r1, #120]
-#endif
 	rev	r4, r4
 	rev	r5, r5
 	rev	r6, r6
@@ -466,14 +597,15 @@ L_SHA512_transform_len_begin:
 	str	r8, [sp, #116]
 	str	r11, [sp, #120]
 	str	r10, [sp, #124]
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
 	# Pre-calc: b ^ c
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [r0, #8]
 	ldr	r11, [r0, #12]
 #else
 	ldrd	r10, r11, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -485,7 +617,7 @@ L_SHA512_transform_len_begin:
 	# Start of 16 rounds
 L_SHA512_transform_len_start:
 	# Round 0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -505,7 +637,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -515,25 +647,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
 	strd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -545,13 +677,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp]
 	ldr	r9, [sp, #4]
 #else
@@ -559,7 +691,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3]
 	ldr	r7, [r3, #4]
 #else
@@ -567,7 +699,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -575,7 +707,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -583,13 +715,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
 #else
@@ -609,7 +741,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -619,19 +751,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
 	ldrd	r8, r9, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -643,7 +775,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
@@ -651,7 +783,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
@@ -660,7 +792,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[0]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #112]
 	ldr	r5, [sp, #116]
 #else
@@ -681,13 +813,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp]
 	ldr	r5, [sp, #4]
 #else
 	ldrd	r4, r5, [sp]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #72]
 	ldr	r9, [sp, #76]
 #else
@@ -697,13 +829,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp]
 	str	r5, [sp, #4]
 #else
 	strd	r4, r5, [sp]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #8]
 	ldr	r5, [sp, #12]
 #else
@@ -724,7 +856,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp]
 	ldr	r5, [sp, #4]
 #else
@@ -732,14 +864,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp]
 	str	r5, [sp, #4]
 #else
 	strd	r4, r5, [sp]
 #endif
 	# Round 1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -759,7 +891,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -769,25 +901,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
 	strd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -799,13 +931,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #8]
 	ldr	r9, [sp, #12]
 #else
@@ -813,7 +945,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #8]
 	ldr	r7, [r3, #12]
 #else
@@ -821,7 +953,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -829,7 +961,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -837,13 +969,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #16]
 	str	r9, [r0, #20]
 #else
@@ -863,7 +995,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -873,19 +1005,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
 	ldrd	r8, r9, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -897,7 +1029,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
@@ -905,7 +1037,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #48]
 	str	r7, [r0, #52]
 #else
@@ -914,7 +1046,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[1]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #120]
 	ldr	r5, [sp, #124]
 #else
@@ -935,13 +1067,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #8]
 	ldr	r5, [sp, #12]
 #else
 	ldrd	r4, r5, [sp, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #80]
 	ldr	r9, [sp, #84]
 #else
@@ -951,13 +1083,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #8]
 	str	r5, [sp, #12]
 #else
 	strd	r4, r5, [sp, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #16]
 	ldr	r5, [sp, #20]
 #else
@@ -978,7 +1110,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #8]
 	ldr	r5, [sp, #12]
 #else
@@ -986,14 +1118,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #8]
 	str	r5, [sp, #12]
 #else
 	strd	r4, r5, [sp, #8]
 #endif
 	# Round 2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -1013,7 +1145,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -1023,25 +1155,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
 	strd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -1053,13 +1185,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #16]
 	ldr	r9, [sp, #20]
 #else
@@ -1067,7 +1199,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #16]
 	ldr	r7, [r3, #20]
 #else
@@ -1075,7 +1207,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -1083,7 +1215,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -1091,13 +1223,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #8]
 	str	r9, [r0, #12]
 #else
@@ -1117,7 +1249,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -1127,19 +1259,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
 	ldrd	r8, r9, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -1151,7 +1283,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
@@ -1159,7 +1291,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
@@ -1168,7 +1300,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[2]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp]
 	ldr	r5, [sp, #4]
 #else
@@ -1189,13 +1321,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #16]
 	ldr	r5, [sp, #20]
 #else
 	ldrd	r4, r5, [sp, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #88]
 	ldr	r9, [sp, #92]
 #else
@@ -1205,13 +1337,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #16]
 	str	r5, [sp, #20]
 #else
 	strd	r4, r5, [sp, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #24]
 	ldr	r5, [sp, #28]
 #else
@@ -1232,7 +1364,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #16]
 	ldr	r5, [sp, #20]
 #else
@@ -1240,14 +1372,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #16]
 	str	r5, [sp, #20]
 #else
 	strd	r4, r5, [sp, #16]
 #endif
 	# Round 3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -1267,7 +1399,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -1277,25 +1409,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
 	strd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -1307,13 +1439,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #24]
 	ldr	r9, [sp, #28]
 #else
@@ -1321,7 +1453,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #24]
 	ldr	r7, [r3, #28]
 #else
@@ -1329,7 +1461,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -1337,7 +1469,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -1345,13 +1477,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0]
 	str	r9, [r0, #4]
 #else
@@ -1371,7 +1503,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -1381,19 +1513,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
 	ldrd	r8, r9, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -1405,7 +1537,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
@@ -1413,7 +1545,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #32]
 	str	r7, [r0, #36]
 #else
@@ -1422,7 +1554,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[3]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #8]
 	ldr	r5, [sp, #12]
 #else
@@ -1443,13 +1575,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #24]
 	ldr	r5, [sp, #28]
 #else
 	ldrd	r4, r5, [sp, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #96]
 	ldr	r9, [sp, #100]
 #else
@@ -1459,13 +1591,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #24]
 	str	r5, [sp, #28]
 #else
 	strd	r4, r5, [sp, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #32]
 	ldr	r5, [sp, #36]
 #else
@@ -1486,7 +1618,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #24]
 	ldr	r5, [sp, #28]
 #else
@@ -1494,14 +1626,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #24]
 	str	r5, [sp, #28]
 #else
 	strd	r4, r5, [sp, #24]
 #endif
 	# Round 4
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -1521,7 +1653,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -1531,25 +1663,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
 	strd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -1561,13 +1693,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #32]
 	ldr	r9, [sp, #36]
 #else
@@ -1575,7 +1707,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #32]
 	ldr	r7, [r3, #36]
 #else
@@ -1583,7 +1715,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -1591,7 +1723,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -1599,13 +1731,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #56]
 	str	r9, [r0, #60]
 #else
@@ -1625,7 +1757,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -1635,19 +1767,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
 	ldrd	r8, r9, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -1659,7 +1791,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
@@ -1667,7 +1799,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
@@ -1676,7 +1808,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[4]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #16]
 	ldr	r5, [sp, #20]
 #else
@@ -1697,13 +1829,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #32]
 	ldr	r5, [sp, #36]
 #else
 	ldrd	r4, r5, [sp, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #104]
 	ldr	r9, [sp, #108]
 #else
@@ -1713,13 +1845,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #32]
 	str	r5, [sp, #36]
 #else
 	strd	r4, r5, [sp, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #40]
 	ldr	r5, [sp, #44]
 #else
@@ -1740,7 +1872,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #32]
 	ldr	r5, [sp, #36]
 #else
@@ -1748,14 +1880,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #32]
 	str	r5, [sp, #36]
 #else
 	strd	r4, r5, [sp, #32]
 #endif
 	# Round 5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -1775,7 +1907,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -1785,25 +1917,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -1815,13 +1947,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #40]
 	ldr	r9, [sp, #44]
 #else
@@ -1829,7 +1961,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #40]
 	ldr	r7, [r3, #44]
 #else
@@ -1837,7 +1969,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -1845,7 +1977,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -1853,13 +1985,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #48]
 	str	r9, [r0, #52]
 #else
@@ -1879,7 +2011,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -1889,19 +2021,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
 	ldrd	r8, r9, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -1913,7 +2045,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
@@ -1921,7 +2053,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
 #else
@@ -1930,7 +2062,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[5]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #24]
 	ldr	r5, [sp, #28]
 #else
@@ -1951,13 +2083,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #40]
 	ldr	r5, [sp, #44]
 #else
 	ldrd	r4, r5, [sp, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #112]
 	ldr	r9, [sp, #116]
 #else
@@ -1967,13 +2099,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #40]
 	str	r5, [sp, #44]
 #else
 	strd	r4, r5, [sp, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #48]
 	ldr	r5, [sp, #52]
 #else
@@ -1994,7 +2126,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #40]
 	ldr	r5, [sp, #44]
 #else
@@ -2002,14 +2134,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #40]
 	str	r5, [sp, #44]
 #else
 	strd	r4, r5, [sp, #40]
 #endif
 	# Round 6
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -2029,7 +2161,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -2039,25 +2171,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -2069,13 +2201,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #48]
 	ldr	r9, [sp, #52]
 #else
@@ -2083,7 +2215,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #48]
 	ldr	r7, [r3, #52]
 #else
@@ -2091,7 +2223,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -2099,7 +2231,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -2107,13 +2239,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #40]
 	str	r9, [r0, #44]
 #else
@@ -2133,7 +2265,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -2143,19 +2275,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -2167,7 +2299,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
@@ -2175,7 +2307,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
@@ -2184,7 +2316,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[6]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #32]
 	ldr	r5, [sp, #36]
 #else
@@ -2205,13 +2337,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #48]
 	ldr	r5, [sp, #52]
 #else
 	ldrd	r4, r5, [sp, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #120]
 	ldr	r9, [sp, #124]
 #else
@@ -2221,13 +2353,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #48]
 	str	r5, [sp, #52]
 #else
 	strd	r4, r5, [sp, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #56]
 	ldr	r5, [sp, #60]
 #else
@@ -2248,7 +2380,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #48]
 	ldr	r5, [sp, #52]
 #else
@@ -2256,14 +2388,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #48]
 	str	r5, [sp, #52]
 #else
 	strd	r4, r5, [sp, #48]
 #endif
 	# Round 7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -2283,7 +2415,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -2293,25 +2425,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -2323,13 +2455,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #56]
 	ldr	r9, [sp, #60]
 #else
@@ -2337,7 +2469,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #56]
 	ldr	r7, [r3, #60]
 #else
@@ -2345,7 +2477,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -2353,7 +2485,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -2361,13 +2493,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #32]
 	str	r9, [r0, #36]
 #else
@@ -2387,7 +2519,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -2397,19 +2529,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
 	ldrd	r8, r9, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -2421,7 +2553,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
@@ -2429,7 +2561,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0]
 	str	r7, [r0, #4]
 #else
@@ -2438,7 +2570,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[7]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #40]
 	ldr	r5, [sp, #44]
 #else
@@ -2459,13 +2591,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #56]
 	ldr	r5, [sp, #60]
 #else
 	ldrd	r4, r5, [sp, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp]
 	ldr	r9, [sp, #4]
 #else
@@ -2475,13 +2607,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #56]
 	str	r5, [sp, #60]
 #else
 	strd	r4, r5, [sp, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #64]
 	ldr	r5, [sp, #68]
 #else
@@ -2502,7 +2634,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #56]
 	ldr	r5, [sp, #60]
 #else
@@ -2510,14 +2642,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #56]
 	str	r5, [sp, #60]
 #else
 	strd	r4, r5, [sp, #56]
 #endif
 	# Round 8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -2537,7 +2669,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -2547,25 +2679,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
 	strd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -2577,13 +2709,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #64]
 	ldr	r9, [sp, #68]
 #else
@@ -2591,7 +2723,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #64]
 	ldr	r7, [r3, #68]
 #else
@@ -2599,7 +2731,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -2607,7 +2739,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -2615,13 +2747,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
 #else
@@ -2641,7 +2773,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -2651,19 +2783,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
 	ldrd	r8, r9, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -2675,7 +2807,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
@@ -2683,7 +2815,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
@@ -2692,7 +2824,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[8]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #48]
 	ldr	r5, [sp, #52]
 #else
@@ -2713,13 +2845,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #64]
 	ldr	r5, [sp, #68]
 #else
 	ldrd	r4, r5, [sp, #64]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #8]
 	ldr	r9, [sp, #12]
 #else
@@ -2729,13 +2861,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #64]
 	str	r5, [sp, #68]
 #else
 	strd	r4, r5, [sp, #64]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #72]
 	ldr	r5, [sp, #76]
 #else
@@ -2756,7 +2888,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #64]
 	ldr	r5, [sp, #68]
 #else
@@ -2764,14 +2896,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #64]
 	str	r5, [sp, #68]
 #else
 	strd	r4, r5, [sp, #64]
 #endif
 	# Round 9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -2791,7 +2923,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -2801,25 +2933,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
 	strd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -2831,13 +2963,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #72]
 	ldr	r9, [sp, #76]
 #else
@@ -2845,7 +2977,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #72]
 	ldr	r7, [r3, #76]
 #else
@@ -2853,7 +2985,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -2861,7 +2993,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -2869,13 +3001,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #16]
 	str	r9, [r0, #20]
 #else
@@ -2895,7 +3027,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -2905,19 +3037,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
 	ldrd	r8, r9, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -2929,7 +3061,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
@@ -2937,7 +3069,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #48]
 	str	r7, [r0, #52]
 #else
@@ -2946,7 +3078,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[9]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #56]
 	ldr	r5, [sp, #60]
 #else
@@ -2967,13 +3099,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #72]
 	ldr	r5, [sp, #76]
 #else
 	ldrd	r4, r5, [sp, #72]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #16]
 	ldr	r9, [sp, #20]
 #else
@@ -2983,13 +3115,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #72]
 	str	r5, [sp, #76]
 #else
 	strd	r4, r5, [sp, #72]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #80]
 	ldr	r5, [sp, #84]
 #else
@@ -3010,7 +3142,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #72]
 	ldr	r5, [sp, #76]
 #else
@@ -3018,14 +3150,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #72]
 	str	r5, [sp, #76]
 #else
 	strd	r4, r5, [sp, #72]
 #endif
 	# Round 10
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -3045,7 +3177,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -3055,25 +3187,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
 	strd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -3085,13 +3217,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #80]
 	ldr	r9, [sp, #84]
 #else
@@ -3099,7 +3231,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #80]
 	ldr	r7, [r3, #84]
 #else
@@ -3107,7 +3239,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -3115,7 +3247,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -3123,13 +3255,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #8]
 	str	r9, [r0, #12]
 #else
@@ -3149,7 +3281,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -3159,19 +3291,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
 	ldrd	r8, r9, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -3183,7 +3315,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
@@ -3191,7 +3323,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
@@ -3200,7 +3332,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[10]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #64]
 	ldr	r5, [sp, #68]
 #else
@@ -3221,13 +3353,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #80]
 	ldr	r5, [sp, #84]
 #else
 	ldrd	r4, r5, [sp, #80]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #24]
 	ldr	r9, [sp, #28]
 #else
@@ -3237,13 +3369,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #80]
 	str	r5, [sp, #84]
 #else
 	strd	r4, r5, [sp, #80]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #88]
 	ldr	r5, [sp, #92]
 #else
@@ -3264,7 +3396,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #80]
 	ldr	r5, [sp, #84]
 #else
@@ -3272,14 +3404,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #80]
 	str	r5, [sp, #84]
 #else
 	strd	r4, r5, [sp, #80]
 #endif
 	# Round 11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -3299,7 +3431,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -3309,25 +3441,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
 	strd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -3339,13 +3471,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #88]
 	ldr	r9, [sp, #92]
 #else
@@ -3353,7 +3485,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #88]
 	ldr	r7, [r3, #92]
 #else
@@ -3361,7 +3493,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -3369,7 +3501,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -3377,13 +3509,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0]
 	str	r9, [r0, #4]
 #else
@@ -3403,7 +3535,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -3413,19 +3545,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
 	ldrd	r8, r9, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -3437,7 +3569,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
@@ -3445,7 +3577,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #32]
 	str	r7, [r0, #36]
 #else
@@ -3454,7 +3586,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[11]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #72]
 	ldr	r5, [sp, #76]
 #else
@@ -3475,13 +3607,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #88]
 	ldr	r5, [sp, #92]
 #else
 	ldrd	r4, r5, [sp, #88]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #32]
 	ldr	r9, [sp, #36]
 #else
@@ -3491,13 +3623,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #88]
 	str	r5, [sp, #92]
 #else
 	strd	r4, r5, [sp, #88]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #96]
 	ldr	r5, [sp, #100]
 #else
@@ -3518,7 +3650,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #88]
 	ldr	r5, [sp, #92]
 #else
@@ -3526,14 +3658,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #88]
 	str	r5, [sp, #92]
 #else
 	strd	r4, r5, [sp, #88]
 #endif
 	# Round 12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -3553,7 +3685,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -3563,25 +3695,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
 	strd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -3593,13 +3725,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #96]
 	ldr	r9, [sp, #100]
 #else
@@ -3607,7 +3739,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #96]
 	ldr	r7, [r3, #100]
 #else
@@ -3615,7 +3747,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -3623,7 +3755,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -3631,13 +3763,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #56]
 	str	r9, [r0, #60]
 #else
@@ -3657,7 +3789,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -3667,19 +3799,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
 	ldrd	r8, r9, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -3691,7 +3823,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
@@ -3699,7 +3831,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
@@ -3708,7 +3840,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[12]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #80]
 	ldr	r5, [sp, #84]
 #else
@@ -3729,13 +3861,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #96]
 	ldr	r5, [sp, #100]
 #else
 	ldrd	r4, r5, [sp, #96]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #40]
 	ldr	r9, [sp, #44]
 #else
@@ -3745,13 +3877,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #96]
 	str	r5, [sp, #100]
 #else
 	strd	r4, r5, [sp, #96]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #104]
 	ldr	r5, [sp, #108]
 #else
@@ -3772,7 +3904,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #96]
 	ldr	r5, [sp, #100]
 #else
@@ -3780,14 +3912,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #96]
 	str	r5, [sp, #100]
 #else
 	strd	r4, r5, [sp, #96]
 #endif
 	# Round 13
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -3807,7 +3939,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -3817,25 +3949,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -3847,13 +3979,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #104]
 	ldr	r9, [sp, #108]
 #else
@@ -3861,7 +3993,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #104]
 	ldr	r7, [r3, #108]
 #else
@@ -3869,7 +4001,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -3877,7 +4009,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -3885,13 +4017,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #48]
 	str	r9, [r0, #52]
 #else
@@ -3911,7 +4043,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -3921,19 +4053,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
 	ldrd	r8, r9, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -3945,7 +4077,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
@@ -3953,7 +4085,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
 #else
@@ -3962,7 +4094,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[13]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #88]
 	ldr	r5, [sp, #92]
 #else
@@ -3983,13 +4115,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #104]
 	ldr	r5, [sp, #108]
 #else
 	ldrd	r4, r5, [sp, #104]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #48]
 	ldr	r9, [sp, #52]
 #else
@@ -3999,13 +4131,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #104]
 	str	r5, [sp, #108]
 #else
 	strd	r4, r5, [sp, #104]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #112]
 	ldr	r5, [sp, #116]
 #else
@@ -4026,7 +4158,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #104]
 	ldr	r5, [sp, #108]
 #else
@@ -4034,14 +4166,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #104]
 	str	r5, [sp, #108]
 #else
 	strd	r4, r5, [sp, #104]
 #endif
 	# Round 14
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -4061,7 +4193,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -4071,25 +4203,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -4101,13 +4233,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #112]
 	ldr	r9, [sp, #116]
 #else
@@ -4115,7 +4247,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #112]
 	ldr	r7, [r3, #116]
 #else
@@ -4123,7 +4255,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -4131,7 +4263,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -4139,13 +4271,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #40]
 	str	r9, [r0, #44]
 #else
@@ -4165,7 +4297,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -4175,19 +4307,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -4199,7 +4331,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
@@ -4207,7 +4339,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
@@ -4216,7 +4348,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[14]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #96]
 	ldr	r5, [sp, #100]
 #else
@@ -4237,13 +4369,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #112]
 	ldr	r5, [sp, #116]
 #else
 	ldrd	r4, r5, [sp, #112]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #56]
 	ldr	r9, [sp, #60]
 #else
@@ -4253,13 +4385,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #112]
 	str	r5, [sp, #116]
 #else
 	strd	r4, r5, [sp, #112]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #120]
 	ldr	r5, [sp, #124]
 #else
@@ -4280,7 +4412,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #112]
 	ldr	r5, [sp, #116]
 #else
@@ -4288,14 +4420,14 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #112]
 	str	r5, [sp, #116]
 #else
 	strd	r4, r5, [sp, #112]
 #endif
 	# Round 15
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -4315,7 +4447,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -4325,25 +4457,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -4355,13 +4487,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #120]
 	ldr	r9, [sp, #124]
 #else
@@ -4369,7 +4501,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #120]
 	ldr	r7, [r3, #124]
 #else
@@ -4377,7 +4509,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -4385,7 +4517,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -4393,13 +4525,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #32]
 	str	r9, [r0, #36]
 #else
@@ -4419,7 +4551,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -4429,19 +4561,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
 	ldrd	r8, r9, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -4453,7 +4585,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
@@ -4461,7 +4593,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0]
 	str	r7, [r0, #4]
 #else
@@ -4470,7 +4602,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Calc new W[15]
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #104]
 	ldr	r5, [sp, #108]
 #else
@@ -4491,13 +4623,13 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #26
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #120]
 	ldr	r5, [sp, #124]
 #else
 	ldrd	r4, r5, [sp, #120]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #64]
 	ldr	r9, [sp, #68]
 #else
@@ -4507,13 +4639,13 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r7
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #120]
 	str	r5, [sp, #124]
 #else
 	strd	r4, r5, [sp, #120]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp]
 	ldr	r5, [sp, #4]
 #else
@@ -4534,7 +4666,7 @@ L_SHA512_transform_len_start:
 	orr	r8, r8, r5, lsl #25
 	eor	r7, r7, r9
 	eor	r6, r6, r8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [sp, #120]
 	ldr	r5, [sp, #124]
 #else
@@ -4542,7 +4674,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #120]
 	str	r5, [sp, #124]
 #else
@@ -4552,7 +4684,7 @@ L_SHA512_transform_len_start:
 	subs	r12, r12, #1
 	bne	L_SHA512_transform_len_start
 	# Round 0
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -4572,7 +4704,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -4582,25 +4714,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
 	strd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -4612,13 +4744,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp]
 	ldr	r9, [sp, #4]
 #else
@@ -4626,7 +4758,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3]
 	ldr	r7, [r3, #4]
 #else
@@ -4634,7 +4766,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -4642,7 +4774,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -4650,13 +4782,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
 #else
@@ -4676,7 +4808,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -4686,19 +4818,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
 	ldrd	r8, r9, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -4710,7 +4842,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
@@ -4718,7 +4850,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
@@ -4727,7 +4859,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 1
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -4747,7 +4879,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -4757,25 +4889,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
 	strd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -4787,13 +4919,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #8]
 	ldr	r9, [sp, #12]
 #else
@@ -4801,7 +4933,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #8]
 	ldr	r7, [r3, #12]
 #else
@@ -4809,7 +4941,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -4817,7 +4949,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -4825,13 +4957,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #16]
 	str	r9, [r0, #20]
 #else
@@ -4851,7 +4983,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -4861,19 +4993,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
 	ldrd	r8, r9, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -4885,7 +5017,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
@@ -4893,7 +5025,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #48]
 	str	r7, [r0, #52]
 #else
@@ -4902,7 +5034,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 2
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -4922,7 +5054,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -4932,25 +5064,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
 	strd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -4962,13 +5094,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #16]
 	ldr	r9, [sp, #20]
 #else
@@ -4976,7 +5108,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #16]
 	ldr	r7, [r3, #20]
 #else
@@ -4984,7 +5116,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -4992,7 +5124,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -5000,13 +5132,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #8]
 	str	r9, [r0, #12]
 #else
@@ -5026,7 +5158,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -5036,19 +5168,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
 	ldrd	r8, r9, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -5060,7 +5192,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
@@ -5068,7 +5200,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
@@ -5077,7 +5209,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 3
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -5097,7 +5229,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -5107,25 +5239,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
 	strd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -5137,13 +5269,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #24]
 	ldr	r9, [sp, #28]
 #else
@@ -5151,7 +5283,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #24]
 	ldr	r7, [r3, #28]
 #else
@@ -5159,7 +5291,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -5167,7 +5299,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -5175,13 +5307,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0]
 	str	r9, [r0, #4]
 #else
@@ -5201,7 +5333,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -5211,19 +5343,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
 	ldrd	r8, r9, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -5235,7 +5367,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
@@ -5243,7 +5375,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #32]
 	str	r7, [r0, #36]
 #else
@@ -5252,7 +5384,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 4
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -5272,7 +5404,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -5282,25 +5414,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
 	strd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -5312,13 +5444,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #32]
 	ldr	r9, [sp, #36]
 #else
@@ -5326,7 +5458,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #32]
 	ldr	r7, [r3, #36]
 #else
@@ -5334,7 +5466,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -5342,7 +5474,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -5350,13 +5482,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #56]
 	str	r9, [r0, #60]
 #else
@@ -5376,7 +5508,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -5386,19 +5518,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
 	ldrd	r8, r9, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -5410,7 +5542,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
@@ -5418,7 +5550,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
@@ -5427,7 +5559,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -5447,7 +5579,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -5457,25 +5589,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -5487,13 +5619,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #40]
 	ldr	r9, [sp, #44]
 #else
@@ -5501,7 +5633,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #40]
 	ldr	r7, [r3, #44]
 #else
@@ -5509,7 +5641,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -5517,7 +5649,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -5525,13 +5657,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #48]
 	str	r9, [r0, #52]
 #else
@@ -5551,7 +5683,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -5561,19 +5693,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
 	ldrd	r8, r9, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -5585,7 +5717,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
@@ -5593,7 +5725,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
 #else
@@ -5602,7 +5734,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 6
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -5622,7 +5754,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -5632,25 +5764,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -5662,13 +5794,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #48]
 	ldr	r9, [sp, #52]
 #else
@@ -5676,7 +5808,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #48]
 	ldr	r7, [r3, #52]
 #else
@@ -5684,7 +5816,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -5692,7 +5824,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -5700,13 +5832,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #40]
 	str	r9, [r0, #44]
 #else
@@ -5726,7 +5858,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -5736,19 +5868,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -5760,7 +5892,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
@@ -5768,7 +5900,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
@@ -5777,7 +5909,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -5797,7 +5929,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -5807,25 +5939,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -5837,13 +5969,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #56]
 	ldr	r9, [sp, #60]
 #else
@@ -5851,7 +5983,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #56]
 	ldr	r7, [r3, #60]
 #else
@@ -5859,7 +5991,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -5867,7 +5999,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -5875,13 +6007,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #32]
 	str	r9, [r0, #36]
 #else
@@ -5901,7 +6033,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -5911,19 +6043,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
 	ldrd	r8, r9, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -5935,7 +6067,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
@@ -5943,7 +6075,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0]
 	str	r7, [r0, #4]
 #else
@@ -5952,7 +6084,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 8
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -5972,7 +6104,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -5982,25 +6114,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
 	strd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -6012,13 +6144,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #64]
 	ldr	r9, [sp, #68]
 #else
@@ -6026,7 +6158,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #64]
 	ldr	r7, [r3, #68]
 #else
@@ -6034,7 +6166,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -6042,7 +6174,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -6050,13 +6182,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #24]
 	str	r9, [r0, #28]
 #else
@@ -6076,7 +6208,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -6086,19 +6218,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
 	ldrd	r8, r9, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #56]
 	str	r5, [r0, #60]
 #else
@@ -6110,7 +6242,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
@@ -6118,7 +6250,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
@@ -6127,7 +6259,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -6147,7 +6279,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -6157,25 +6289,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
 	strd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -6187,13 +6319,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #72]
 	ldr	r9, [sp, #76]
 #else
@@ -6201,7 +6333,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #72]
 	ldr	r7, [r3, #76]
 #else
@@ -6209,7 +6341,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -6217,7 +6349,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -6225,13 +6357,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #16]
 	str	r9, [r0, #20]
 #else
@@ -6251,7 +6383,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -6261,19 +6393,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
 	ldrd	r8, r9, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
@@ -6285,7 +6417,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
@@ -6293,7 +6425,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #48]
 	str	r7, [r0, #52]
 #else
@@ -6302,7 +6434,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 10
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -6322,7 +6454,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -6332,25 +6464,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
 	strd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -6362,13 +6494,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #80]
 	ldr	r9, [sp, #84]
 #else
@@ -6376,7 +6508,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #80]
 	ldr	r7, [r3, #84]
 #else
@@ -6384,7 +6516,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -6392,7 +6524,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -6400,13 +6532,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #8]
 	str	r9, [r0, #12]
 #else
@@ -6426,7 +6558,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -6436,19 +6568,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
 	ldrd	r8, r9, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #40]
 	str	r5, [r0, #44]
 #else
@@ -6460,7 +6592,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
@@ -6468,7 +6600,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
@@ -6477,7 +6609,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -6497,7 +6629,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -6507,25 +6639,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
 	strd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
@@ -6537,13 +6669,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #88]
 	ldr	r9, [sp, #92]
 #else
@@ -6551,7 +6683,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #88]
 	ldr	r7, [r3, #92]
 #else
@@ -6559,7 +6691,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -6567,7 +6699,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -6575,13 +6707,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0]
 	str	r9, [r0, #4]
 #else
@@ -6601,7 +6733,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
@@ -6611,19 +6743,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
 	ldrd	r8, r9, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
@@ -6635,7 +6767,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
@@ -6643,7 +6775,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #32]
 	str	r7, [r0, #36]
 #else
@@ -6652,7 +6784,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 12
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -6672,7 +6804,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -6682,25 +6814,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
 	strd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
@@ -6712,13 +6844,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #96]
 	ldr	r9, [sp, #100]
 #else
@@ -6726,7 +6858,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #96]
 	ldr	r7, [r3, #100]
 #else
@@ -6734,7 +6866,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -6742,7 +6874,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -6750,13 +6882,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #56]
 	str	r9, [r0, #60]
 #else
@@ -6776,7 +6908,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
@@ -6786,19 +6918,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
 	ldrd	r8, r9, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #24]
 	str	r5, [r0, #28]
 #else
@@ -6810,7 +6942,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
@@ -6818,7 +6950,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
@@ -6827,7 +6959,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 13
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
@@ -6847,7 +6979,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -6857,25 +6989,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #56]
 	ldr	r5, [r0, #60]
 #else
 	ldrd	r4, r5, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
 	ldrd	r6, r7, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
@@ -6887,13 +7019,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #104]
 	ldr	r9, [sp, #108]
 #else
@@ -6901,7 +7033,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #104]
 	ldr	r7, [r3, #108]
 #else
@@ -6909,7 +7041,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #48]
 	ldr	r9, [r0, #52]
 #else
@@ -6917,7 +7049,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -6925,13 +7057,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #24]
 	ldr	r5, [r0, #28]
 #else
 	ldrd	r4, r5, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #48]
 	str	r9, [r0, #52]
 #else
@@ -6951,7 +7083,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
@@ -6961,19 +7093,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #24]
 	ldr	r9, [r0, #28]
 #else
 	ldrd	r8, r9, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #32]
 	ldr	r7, [r0, #36]
 #else
 	ldrd	r6, r7, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
@@ -6985,7 +7117,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
@@ -6993,7 +7125,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #16]
 	str	r7, [r0, #20]
 #else
@@ -7002,7 +7134,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 14
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
@@ -7022,7 +7154,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -7032,25 +7164,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
 	strd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0]
 	ldr	r9, [r0, #4]
 #else
@@ -7062,13 +7194,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #112]
 	ldr	r9, [sp, #116]
 #else
@@ -7076,7 +7208,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #112]
 	ldr	r7, [r3, #116]
 #else
@@ -7084,7 +7216,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #40]
 	ldr	r9, [r0, #44]
 #else
@@ -7092,7 +7224,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -7100,13 +7232,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #40]
 	str	r9, [r0, #44]
 #else
@@ -7126,7 +7258,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
@@ -7136,19 +7268,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #16]
 	ldr	r9, [r0, #20]
 #else
 	ldrd	r8, r9, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #8]
 	str	r5, [r0, #12]
 #else
@@ -7160,7 +7292,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
@@ -7168,7 +7300,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
@@ -7177,7 +7309,7 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Round 15
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
@@ -7197,7 +7329,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #23
 	orr	r9, r9, r4, lsr #9
 	orr	r8, r8, r5, lsr #9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -7207,25 +7339,25 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #40]
 	ldr	r5, [r0, #44]
 #else
 	ldrd	r4, r5, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #48]
 	ldr	r7, [r0, #52]
 #else
 	ldrd	r6, r7, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #56]
 	ldr	r9, [r0, #60]
 #else
@@ -7237,13 +7369,13 @@ L_SHA512_transform_len_start:
 	and	r7, r7, r5
 	eor	r6, r6, r8
 	eor	r7, r7, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #120]
 	ldr	r9, [sp, #124]
 #else
@@ -7251,7 +7383,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r3, #120]
 	ldr	r7, [r3, #124]
 #else
@@ -7259,7 +7391,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r8
 	adc	r5, r5, r9
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #32]
 	ldr	r9, [r0, #36]
 #else
@@ -7267,7 +7399,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -7275,13 +7407,13 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r8, r8, r4
 	adc	r9, r9, r5
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #8]
 	ldr	r5, [r0, #12]
 #else
 	ldrd	r4, r5, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r8, [r0, #32]
 	str	r9, [r0, #36]
 #else
@@ -7301,7 +7433,7 @@ L_SHA512_transform_len_start:
 	lsls	r9, r5, #25
 	orr	r9, r9, r4, lsr #7
 	orr	r8, r8, r5, lsr #7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
@@ -7311,19 +7443,19 @@ L_SHA512_transform_len_start:
 	eor	r7, r7, r9
 	adds	r4, r4, r6
 	adc	r5, r5, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [r0, #8]
 	ldr	r9, [r0, #12]
 #else
 	ldrd	r8, r9, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #16]
 	ldr	r7, [r0, #20]
 #else
 	ldrd	r6, r7, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
@@ -7335,7 +7467,7 @@ L_SHA512_transform_len_start:
 	and	r11, r11, r9
 	eor	r10, r10, r6
 	eor	r11, r11, r7
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0]
 	ldr	r7, [r0, #4]
 #else
@@ -7343,7 +7475,7 @@ L_SHA512_transform_len_start:
 #endif
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0]
 	str	r7, [r0, #4]
 #else
@@ -7352,25 +7484,25 @@ L_SHA512_transform_len_start:
 	mov	r10, r8
 	mov	r11, r9
 	# Add in digest from start
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0]
 	ldr	r5, [r0, #4]
 #else
 	ldrd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #8]
 	ldr	r7, [r0, #12]
 #else
 	ldrd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #128]
 	ldr	r9, [sp, #132]
 #else
 	ldrd	r8, r9, [sp, #128]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #136]
 	ldr	r11, [sp, #140]
 #else
@@ -7380,49 +7512,49 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r9
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0]
 	str	r5, [r0, #4]
 #else
 	strd	r4, r5, [r0]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #8]
 	str	r7, [r0, #12]
 #else
 	strd	r6, r7, [r0, #8]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #128]
 	str	r5, [sp, #132]
 #else
 	strd	r4, r5, [sp, #128]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #136]
 	str	r7, [sp, #140]
 #else
 	strd	r6, r7, [sp, #136]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #16]
 	ldr	r5, [r0, #20]
 #else
 	ldrd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #24]
 	ldr	r7, [r0, #28]
 #else
 	ldrd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #144]
 	ldr	r9, [sp, #148]
 #else
 	ldrd	r8, r9, [sp, #144]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #152]
 	ldr	r11, [sp, #156]
 #else
@@ -7432,49 +7564,49 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r9
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #16]
 	str	r5, [r0, #20]
 #else
 	strd	r4, r5, [r0, #16]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #24]
 	str	r7, [r0, #28]
 #else
 	strd	r6, r7, [r0, #24]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #144]
 	str	r5, [sp, #148]
 #else
 	strd	r4, r5, [sp, #144]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #152]
 	str	r7, [sp, #156]
 #else
 	strd	r6, r7, [sp, #152]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #32]
 	ldr	r5, [r0, #36]
 #else
 	ldrd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #40]
 	ldr	r7, [r0, #44]
 #else
 	ldrd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #160]
 	ldr	r9, [sp, #164]
 #else
 	ldrd	r8, r9, [sp, #160]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #168]
 	ldr	r11, [sp, #172]
 #else
@@ -7484,49 +7616,49 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r9
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #32]
 	str	r5, [r0, #36]
 #else
 	strd	r4, r5, [r0, #32]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #40]
 	str	r7, [r0, #44]
 #else
 	strd	r6, r7, [r0, #40]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #160]
 	str	r5, [sp, #164]
 #else
 	strd	r4, r5, [sp, #160]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #168]
 	str	r7, [sp, #172]
 #else
 	strd	r6, r7, [sp, #168]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r4, [r0, #48]
 	ldr	r5, [r0, #52]
 #else
 	ldrd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r6, [r0, #56]
 	ldr	r7, [r0, #60]
 #else
 	ldrd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r8, [sp, #176]
 	ldr	r9, [sp, #180]
 #else
 	ldrd	r8, r9, [sp, #176]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	ldr	r10, [sp, #184]
 	ldr	r11, [sp, #188]
 #else
@@ -7536,25 +7668,25 @@ L_SHA512_transform_len_start:
 	adc	r5, r5, r9
 	adds	r6, r6, r10
 	adc	r7, r7, r11
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [r0, #48]
 	str	r5, [r0, #52]
 #else
 	strd	r4, r5, [r0, #48]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [r0, #56]
 	str	r7, [r0, #60]
 #else
 	strd	r6, r7, [r0, #56]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r4, [sp, #176]
 	str	r5, [sp, #180]
 #else
 	strd	r4, r5, [sp, #176]
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 	str	r6, [sp, #184]
 	str	r7, [sp, #188]
 #else
@@ -7742,6 +7874,7 @@ L_SHA512_transform_neon_len_k:
 	.type	Transform_Sha512_Len, %function
 Transform_Sha512_Len:
 	vpush	{d8-d15}
+	adr	r3, L_SHA512_transform_neon_len_k
 	# Load digest into working vars
 	vldm.64	r0, {d0-d7}
 	# Start of loop processing a block
@@ -7778,7 +7911,6 @@ L_SHA512_transform_neon_len_begin:
 	vrev64.8	d30, d30
 	vrev64.8	d31, d31
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
-	adr	r3, L_SHA512_transform_neon_len_k
 	mov	r12, #4
 	# Start of 16 rounds
 L_SHA512_transform_neon_len_start:
@@ -9227,15 +9359,17 @@ L_SHA512_transform_neon_len_start:
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
 	vstm.64	r0, {d0-d7}
 	subs	r2, r2, #0x80
+	sub	r3, r3, #0x280
 	bne	L_SHA512_transform_neon_len_begin
 	vpop	{d8-d15}
 	bx	lr
 	.size	Transform_Sha512_Len,.-Transform_Sha512_Len
 #endif /* !WOLFSSL_ARMASM_NO_NEON */
 #endif /* WOLFSSL_SHA512 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
 
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
index 06f2bf4d..32c54d10 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-32-sha512-asm_c.c
@@ -28,203 +28,178 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #ifdef WOLFSSL_ARMASM
-#ifndef __aarch64__
+#if !defined(__aarch64__) && defined(__arm__)
 #include <stdint.h>
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__arm__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
 #ifdef WOLFSSL_SHA512
 #include <wolfssl/wolfcrypt/sha512.h>
 
 #ifdef WOLFSSL_ARMASM_NO_NEON
 static const uint64_t L_SHA512_transform_len_k[] = {
-    0x428a2f98d728ae22UL,
-    0x7137449123ef65cdUL,
-    0xb5c0fbcfec4d3b2fUL,
-    0xe9b5dba58189dbbcUL,
-    0x3956c25bf348b538UL,
-    0x59f111f1b605d019UL,
-    0x923f82a4af194f9bUL,
-    0xab1c5ed5da6d8118UL,
-    0xd807aa98a3030242UL,
-    0x12835b0145706fbeUL,
-    0x243185be4ee4b28cUL,
-    0x550c7dc3d5ffb4e2UL,
-    0x72be5d74f27b896fUL,
-    0x80deb1fe3b1696b1UL,
-    0x9bdc06a725c71235UL,
-    0xc19bf174cf692694UL,
-    0xe49b69c19ef14ad2UL,
-    0xefbe4786384f25e3UL,
-    0xfc19dc68b8cd5b5UL,
-    0x240ca1cc77ac9c65UL,
-    0x2de92c6f592b0275UL,
-    0x4a7484aa6ea6e483UL,
-    0x5cb0a9dcbd41fbd4UL,
-    0x76f988da831153b5UL,
-    0x983e5152ee66dfabUL,
-    0xa831c66d2db43210UL,
-    0xb00327c898fb213fUL,
-    0xbf597fc7beef0ee4UL,
-    0xc6e00bf33da88fc2UL,
-    0xd5a79147930aa725UL,
-    0x6ca6351e003826fUL,
-    0x142929670a0e6e70UL,
-    0x27b70a8546d22ffcUL,
-    0x2e1b21385c26c926UL,
-    0x4d2c6dfc5ac42aedUL,
-    0x53380d139d95b3dfUL,
-    0x650a73548baf63deUL,
-    0x766a0abb3c77b2a8UL,
-    0x81c2c92e47edaee6UL,
-    0x92722c851482353bUL,
-    0xa2bfe8a14cf10364UL,
-    0xa81a664bbc423001UL,
-    0xc24b8b70d0f89791UL,
-    0xc76c51a30654be30UL,
-    0xd192e819d6ef5218UL,
-    0xd69906245565a910UL,
-    0xf40e35855771202aUL,
-    0x106aa07032bbd1b8UL,
-    0x19a4c116b8d2d0c8UL,
-    0x1e376c085141ab53UL,
-    0x2748774cdf8eeb99UL,
-    0x34b0bcb5e19b48a8UL,
-    0x391c0cb3c5c95a63UL,
-    0x4ed8aa4ae3418acbUL,
-    0x5b9cca4f7763e373UL,
-    0x682e6ff3d6b2b8a3UL,
-    0x748f82ee5defb2fcUL,
-    0x78a5636f43172f60UL,
-    0x84c87814a1f0ab72UL,
-    0x8cc702081a6439ecUL,
-    0x90befffa23631e28UL,
-    0xa4506cebde82bde9UL,
-    0xbef9a3f7b2c67915UL,
-    0xc67178f2e372532bUL,
-    0xca273eceea26619cUL,
-    0xd186b8c721c0c207UL,
-    0xeada7dd6cde0eb1eUL,
-    0xf57d4f7fee6ed178UL,
-    0x6f067aa72176fbaUL,
-    0xa637dc5a2c898a6UL,
-    0x113f9804bef90daeUL,
-    0x1b710b35131c471bUL,
-    0x28db77f523047d84UL,
-    0x32caab7b40c72493UL,
-    0x3c9ebe0a15c9bebcUL,
-    0x431d67c49c100d4cUL,
-    0x4cc5d4becb3e42b6UL,
-    0x597f299cfc657e2aUL,
-    0x5fcb6fab3ad6faecUL,
-    0x6c44198c4a475817UL,
+    0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+    0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+    0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+    0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+    0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+    0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+    0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+    0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+    0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+    0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+    0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+    0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+    0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+    0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+    0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+    0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+    0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+    0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+    0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+    0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+    0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+    0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+    0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+    0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+    0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+    0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+    0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+    0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+    0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+    0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+    0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+    0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+    0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+    0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+    0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+    0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+    0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+    0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+    0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+    0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
 };
 
-void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p);
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
 void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 {
-    register wc_Sha512* sha512 asm ("r0") = sha512_p;
-    register const byte* data asm ("r1") = data_p;
-    register word32 len asm ("r2") = len_p;
+    register wc_Sha512* sha512 asm ("r0") = (wc_Sha512*)sha512_p;
+    register const byte* data asm ("r1") = (const byte*)data_p;
+    register word32 len asm ("r2") = (word32)len_p;
+    register uint64_t* L_SHA512_transform_len_k_c asm ("r3") = (uint64_t*)&L_SHA512_transform_len_k;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0xc0\n\t"
-        "mov	r3, %[L_SHA512_transform_len_k]\n\t"
         /* Copy digest to add in at end */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[sha512], #24]\n\t"
         "ldr	r11, [%[sha512], #28]\n\t"
 #else
         "ldrd	r10, r11, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #128]\n\t"
         "str	r5, [sp, #132]\n\t"
 #else
         "strd	r4, r5, [sp, #128]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #136]\n\t"
         "str	r7, [sp, #140]\n\t"
 #else
         "strd	r6, r7, [sp, #136]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [sp, #144]\n\t"
         "str	r9, [sp, #148]\n\t"
 #else
         "strd	r8, r9, [sp, #144]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [sp, #152]\n\t"
         "str	r11, [sp, #156]\n\t"
 #else
         "strd	r10, r11, [sp, #152]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[sha512], #56]\n\t"
         "ldr	r11, [%[sha512], #60]\n\t"
 #else
         "ldrd	r10, r11, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #160]\n\t"
         "str	r5, [sp, #164]\n\t"
 #else
         "strd	r4, r5, [sp, #160]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #168]\n\t"
         "str	r7, [sp, #172]\n\t"
 #else
         "strd	r6, r7, [sp, #168]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [sp, #176]\n\t"
         "str	r9, [sp, #180]\n\t"
 #else
         "strd	r8, r9, [sp, #176]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [sp, #184]\n\t"
         "str	r11, [sp, #188]\n\t"
 #else
@@ -233,31 +208,209 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         /* Start of loop processing a block */
         "\n"
     "L_SHA512_transform_len_begin_%=: \n\t"
-        /* Load, Reverse and Store W */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        /* Load, Reverse and Store W - 64 bytes */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 6)
         "ldr	r4, [%[data]]\n\t"
         "ldr	r5, [%[data], #4]\n\t"
-#else
-        "ldrd	r4, r5, [%[data]]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #8]\n\t"
         "ldr	r7, [%[data], #12]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp]\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r7, [sp, #8]\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "ldr	r4, [%[data], #16]\n\t"
+        "ldr	r5, [%[data], #20]\n\t"
+        "ldr	r6, [%[data], #24]\n\t"
+        "ldr	r7, [%[data], #28]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #16]\n\t"
+        "str	r4, [sp, #20]\n\t"
+        "str	r7, [sp, #24]\n\t"
+        "str	r6, [sp, #28]\n\t"
+        "ldr	r4, [%[data], #32]\n\t"
+        "ldr	r5, [%[data], #36]\n\t"
+        "ldr	r6, [%[data], #40]\n\t"
+        "ldr	r7, [%[data], #44]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #32]\n\t"
+        "str	r4, [sp, #36]\n\t"
+        "str	r7, [sp, #40]\n\t"
+        "str	r6, [sp, #44]\n\t"
+        "ldr	r4, [%[data], #48]\n\t"
+        "ldr	r5, [%[data], #52]\n\t"
+        "ldr	r6, [%[data], #56]\n\t"
+        "ldr	r7, [%[data], #60]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #48]\n\t"
+        "str	r4, [sp, #52]\n\t"
+        "str	r7, [sp, #56]\n\t"
+        "str	r6, [sp, #60]\n\t"
+        "ldr	r4, [%[data], #64]\n\t"
+        "ldr	r5, [%[data], #68]\n\t"
+        "ldr	r6, [%[data], #72]\n\t"
+        "ldr	r7, [%[data], #76]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #64]\n\t"
+        "str	r4, [sp, #68]\n\t"
+        "str	r7, [sp, #72]\n\t"
+        "str	r6, [sp, #76]\n\t"
+        "ldr	r4, [%[data], #80]\n\t"
+        "ldr	r5, [%[data], #84]\n\t"
+        "ldr	r6, [%[data], #88]\n\t"
+        "ldr	r7, [%[data], #92]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #80]\n\t"
+        "str	r4, [sp, #84]\n\t"
+        "str	r7, [sp, #88]\n\t"
+        "str	r6, [sp, #92]\n\t"
+        "ldr	r4, [%[data], #96]\n\t"
+        "ldr	r5, [%[data], #100]\n\t"
+        "ldr	r6, [%[data], #104]\n\t"
+        "ldr	r7, [%[data], #108]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #96]\n\t"
+        "str	r4, [sp, #100]\n\t"
+        "str	r7, [sp, #104]\n\t"
+        "str	r6, [sp, #108]\n\t"
+        "ldr	r4, [%[data], #112]\n\t"
+        "ldr	r5, [%[data], #116]\n\t"
+        "ldr	r6, [%[data], #120]\n\t"
+        "ldr	r7, [%[data], #124]\n\t"
+        "eor	r8, r4, r4, ror #16\n\t"
+        "eor	r9, r5, r5, ror #16\n\t"
+        "eor	r10, r6, r6, ror #16\n\t"
+        "eor	r11, r7, r7, ror #16\n\t"
+        "bic	r8, r8, #0xff0000\n\t"
+        "bic	r9, r9, #0xff0000\n\t"
+        "bic	r10, r10, #0xff0000\n\t"
+        "bic	r11, r11, #0xff0000\n\t"
+        "ror	r4, r4, #8\n\t"
+        "ror	r5, r5, #8\n\t"
+        "ror	r6, r6, #8\n\t"
+        "ror	r7, r7, #8\n\t"
+        "eor	r4, r4, r8, lsr #8\n\t"
+        "eor	r5, r5, r9, lsr #8\n\t"
+        "eor	r6, r6, r10, lsr #8\n\t"
+        "eor	r7, r7, r11, lsr #8\n\t"
+        "str	r5, [sp, #112]\n\t"
+        "str	r4, [sp, #116]\n\t"
+        "str	r7, [sp, #120]\n\t"
+        "str	r6, [sp, #124]\n\t"
 #else
-        "ldrd	r6, r7, [%[data], #8]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        "ldr	r4, [%[data]]\n\t"
+        "ldr	r5, [%[data], #4]\n\t"
+        "ldr	r6, [%[data], #8]\n\t"
+        "ldr	r7, [%[data], #12]\n\t"
         "ldr	r8, [%[data], #16]\n\t"
         "ldr	r9, [%[data], #20]\n\t"
-#else
-        "ldrd	r8, r9, [%[data], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r10, [%[data], #24]\n\t"
         "ldr	r11, [%[data], #28]\n\t"
-#else
-        "ldrd	r10, r11, [%[data], #24]\n\t"
-#endif
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -274,30 +427,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "str	r8, [sp, #20]\n\t"
         "str	r11, [sp, #24]\n\t"
         "str	r10, [sp, #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r4, [%[data], #32]\n\t"
         "ldr	r5, [%[data], #36]\n\t"
-#else
-        "ldrd	r4, r5, [%[data], #32]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #40]\n\t"
         "ldr	r7, [%[data], #44]\n\t"
-#else
-        "ldrd	r6, r7, [%[data], #40]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r8, [%[data], #48]\n\t"
         "ldr	r9, [%[data], #52]\n\t"
-#else
-        "ldrd	r8, r9, [%[data], #48]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r10, [%[data], #56]\n\t"
         "ldr	r11, [%[data], #60]\n\t"
-#else
-        "ldrd	r10, r11, [%[data], #56]\n\t"
-#endif
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -314,30 +451,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "str	r8, [sp, #52]\n\t"
         "str	r11, [sp, #56]\n\t"
         "str	r10, [sp, #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r4, [%[data], #64]\n\t"
         "ldr	r5, [%[data], #68]\n\t"
-#else
-        "ldrd	r4, r5, [%[data], #64]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #72]\n\t"
         "ldr	r7, [%[data], #76]\n\t"
-#else
-        "ldrd	r6, r7, [%[data], #72]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r8, [%[data], #80]\n\t"
         "ldr	r9, [%[data], #84]\n\t"
-#else
-        "ldrd	r8, r9, [%[data], #80]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r10, [%[data], #88]\n\t"
         "ldr	r11, [%[data], #92]\n\t"
-#else
-        "ldrd	r10, r11, [%[data], #88]\n\t"
-#endif
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -354,30 +475,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "str	r8, [sp, #84]\n\t"
         "str	r11, [sp, #88]\n\t"
         "str	r10, [sp, #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r4, [%[data], #96]\n\t"
         "ldr	r5, [%[data], #100]\n\t"
-#else
-        "ldrd	r4, r5, [%[data], #96]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r6, [%[data], #104]\n\t"
         "ldr	r7, [%[data], #108]\n\t"
-#else
-        "ldrd	r6, r7, [%[data], #104]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r8, [%[data], #112]\n\t"
         "ldr	r9, [%[data], #116]\n\t"
-#else
-        "ldrd	r8, r9, [%[data], #112]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
         "ldr	r10, [%[data], #120]\n\t"
         "ldr	r11, [%[data], #124]\n\t"
-#else
-        "ldrd	r10, r11, [%[data], #120]\n\t"
-#endif
         "rev	r4, r4\n\t"
         "rev	r5, r5\n\t"
         "rev	r6, r6\n\t"
@@ -394,14 +499,15 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "str	r8, [sp, #116]\n\t"
         "str	r11, [sp, #120]\n\t"
         "str	r10, [sp, #124]\n\t"
+#endif /* WOLFSSL_ARM_ARCH && WOLFSSL_ARM_ARCH < 6 */
         /* Pre-calc: b ^ c */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [%[sha512], #8]\n\t"
         "ldr	r11, [%[sha512], #12]\n\t"
 #else
         "ldrd	r10, r11, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -414,7 +520,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "\n"
     "L_SHA512_transform_len_start_%=: \n\t"
         /* Round 0 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -434,7 +540,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -444,25 +550,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -474,13 +580,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp]\n\t"
         "ldr	r9, [sp, #4]\n\t"
 #else
@@ -488,7 +594,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3]\n\t"
         "ldr	r7, [r3, #4]\n\t"
 #else
@@ -496,7 +602,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -504,7 +610,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -512,13 +618,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #24]\n\t"
         "str	r9, [%[sha512], #28]\n\t"
 #else
@@ -538,7 +644,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -548,19 +654,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -572,7 +678,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
@@ -580,7 +686,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #56]\n\t"
         "str	r7, [%[sha512], #60]\n\t"
 #else
@@ -589,7 +695,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[0] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #112]\n\t"
         "ldr	r5, [sp, #116]\n\t"
 #else
@@ -610,13 +716,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp]\n\t"
         "ldr	r5, [sp, #4]\n\t"
 #else
         "ldrd	r4, r5, [sp]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #72]\n\t"
         "ldr	r9, [sp, #76]\n\t"
 #else
@@ -626,13 +732,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp]\n\t"
         "str	r5, [sp, #4]\n\t"
 #else
         "strd	r4, r5, [sp]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #8]\n\t"
         "ldr	r5, [sp, #12]\n\t"
 #else
@@ -653,7 +759,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp]\n\t"
         "ldr	r5, [sp, #4]\n\t"
 #else
@@ -661,14 +767,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp]\n\t"
         "str	r5, [sp, #4]\n\t"
 #else
         "strd	r4, r5, [sp]\n\t"
 #endif
         /* Round 1 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -688,7 +794,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -698,25 +804,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -728,13 +834,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #8]\n\t"
         "ldr	r9, [sp, #12]\n\t"
 #else
@@ -742,7 +848,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #8]\n\t"
         "ldr	r7, [r3, #12]\n\t"
 #else
@@ -750,7 +856,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -758,7 +864,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -766,13 +872,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #16]\n\t"
         "str	r9, [%[sha512], #20]\n\t"
 #else
@@ -792,7 +898,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -802,19 +908,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -826,7 +932,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
@@ -834,7 +940,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #48]\n\t"
         "str	r7, [%[sha512], #52]\n\t"
 #else
@@ -843,7 +949,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[1] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #120]\n\t"
         "ldr	r5, [sp, #124]\n\t"
 #else
@@ -864,13 +970,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #8]\n\t"
         "ldr	r5, [sp, #12]\n\t"
 #else
         "ldrd	r4, r5, [sp, #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #80]\n\t"
         "ldr	r9, [sp, #84]\n\t"
 #else
@@ -880,13 +986,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #8]\n\t"
         "str	r5, [sp, #12]\n\t"
 #else
         "strd	r4, r5, [sp, #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #16]\n\t"
         "ldr	r5, [sp, #20]\n\t"
 #else
@@ -907,7 +1013,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #8]\n\t"
         "ldr	r5, [sp, #12]\n\t"
 #else
@@ -915,14 +1021,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #8]\n\t"
         "str	r5, [sp, #12]\n\t"
 #else
         "strd	r4, r5, [sp, #8]\n\t"
 #endif
         /* Round 2 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -942,7 +1048,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -952,25 +1058,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -982,13 +1088,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #16]\n\t"
         "ldr	r9, [sp, #20]\n\t"
 #else
@@ -996,7 +1102,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #16]\n\t"
         "ldr	r7, [r3, #20]\n\t"
 #else
@@ -1004,7 +1110,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -1012,7 +1118,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -1020,13 +1126,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #8]\n\t"
         "str	r9, [%[sha512], #12]\n\t"
 #else
@@ -1046,7 +1152,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -1056,19 +1162,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -1080,7 +1186,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
@@ -1088,7 +1194,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #40]\n\t"
         "str	r7, [%[sha512], #44]\n\t"
 #else
@@ -1097,7 +1203,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[2] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp]\n\t"
         "ldr	r5, [sp, #4]\n\t"
 #else
@@ -1118,13 +1224,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #16]\n\t"
         "ldr	r5, [sp, #20]\n\t"
 #else
         "ldrd	r4, r5, [sp, #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #88]\n\t"
         "ldr	r9, [sp, #92]\n\t"
 #else
@@ -1134,13 +1240,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #16]\n\t"
         "str	r5, [sp, #20]\n\t"
 #else
         "strd	r4, r5, [sp, #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #24]\n\t"
         "ldr	r5, [sp, #28]\n\t"
 #else
@@ -1161,7 +1267,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #16]\n\t"
         "ldr	r5, [sp, #20]\n\t"
 #else
@@ -1169,14 +1275,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #16]\n\t"
         "str	r5, [sp, #20]\n\t"
 #else
         "strd	r4, r5, [sp, #16]\n\t"
 #endif
         /* Round 3 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -1196,7 +1302,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -1206,25 +1312,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -1236,13 +1342,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #24]\n\t"
         "ldr	r9, [sp, #28]\n\t"
 #else
@@ -1250,7 +1356,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #24]\n\t"
         "ldr	r7, [r3, #28]\n\t"
 #else
@@ -1258,7 +1364,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -1266,7 +1372,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -1274,13 +1380,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512]]\n\t"
         "str	r9, [%[sha512], #4]\n\t"
 #else
@@ -1300,7 +1406,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -1310,19 +1416,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -1334,7 +1440,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
@@ -1342,7 +1448,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #32]\n\t"
         "str	r7, [%[sha512], #36]\n\t"
 #else
@@ -1351,7 +1457,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[3] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #8]\n\t"
         "ldr	r5, [sp, #12]\n\t"
 #else
@@ -1372,13 +1478,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #24]\n\t"
         "ldr	r5, [sp, #28]\n\t"
 #else
         "ldrd	r4, r5, [sp, #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #96]\n\t"
         "ldr	r9, [sp, #100]\n\t"
 #else
@@ -1388,13 +1494,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #24]\n\t"
         "str	r5, [sp, #28]\n\t"
 #else
         "strd	r4, r5, [sp, #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #32]\n\t"
         "ldr	r5, [sp, #36]\n\t"
 #else
@@ -1415,7 +1521,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #24]\n\t"
         "ldr	r5, [sp, #28]\n\t"
 #else
@@ -1423,14 +1529,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #24]\n\t"
         "str	r5, [sp, #28]\n\t"
 #else
         "strd	r4, r5, [sp, #24]\n\t"
 #endif
         /* Round 4 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -1450,7 +1556,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -1460,25 +1566,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -1490,13 +1596,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #32]\n\t"
         "ldr	r9, [sp, #36]\n\t"
 #else
@@ -1504,7 +1610,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #32]\n\t"
         "ldr	r7, [r3, #36]\n\t"
 #else
@@ -1512,7 +1618,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -1520,7 +1626,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -1528,13 +1634,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #56]\n\t"
         "str	r9, [%[sha512], #60]\n\t"
 #else
@@ -1554,7 +1660,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -1564,19 +1670,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -1588,7 +1694,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
@@ -1596,7 +1702,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #24]\n\t"
         "str	r7, [%[sha512], #28]\n\t"
 #else
@@ -1605,7 +1711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[4] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #16]\n\t"
         "ldr	r5, [sp, #20]\n\t"
 #else
@@ -1626,13 +1732,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #32]\n\t"
         "ldr	r5, [sp, #36]\n\t"
 #else
         "ldrd	r4, r5, [sp, #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #104]\n\t"
         "ldr	r9, [sp, #108]\n\t"
 #else
@@ -1642,13 +1748,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #32]\n\t"
         "str	r5, [sp, #36]\n\t"
 #else
         "strd	r4, r5, [sp, #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #40]\n\t"
         "ldr	r5, [sp, #44]\n\t"
 #else
@@ -1669,7 +1775,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #32]\n\t"
         "ldr	r5, [sp, #36]\n\t"
 #else
@@ -1677,14 +1783,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #32]\n\t"
         "str	r5, [sp, #36]\n\t"
 #else
         "strd	r4, r5, [sp, #32]\n\t"
 #endif
         /* Round 5 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -1704,7 +1810,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -1714,25 +1820,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -1744,13 +1850,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #40]\n\t"
         "ldr	r9, [sp, #44]\n\t"
 #else
@@ -1758,7 +1864,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #40]\n\t"
         "ldr	r7, [r3, #44]\n\t"
 #else
@@ -1766,7 +1872,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -1774,7 +1880,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -1782,13 +1888,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #48]\n\t"
         "str	r9, [%[sha512], #52]\n\t"
 #else
@@ -1808,7 +1914,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -1818,19 +1924,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -1842,7 +1948,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
@@ -1850,7 +1956,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #16]\n\t"
         "str	r7, [%[sha512], #20]\n\t"
 #else
@@ -1859,7 +1965,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #24]\n\t"
         "ldr	r5, [sp, #28]\n\t"
 #else
@@ -1880,13 +1986,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #40]\n\t"
         "ldr	r5, [sp, #44]\n\t"
 #else
         "ldrd	r4, r5, [sp, #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #112]\n\t"
         "ldr	r9, [sp, #116]\n\t"
 #else
@@ -1896,13 +2002,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #40]\n\t"
         "str	r5, [sp, #44]\n\t"
 #else
         "strd	r4, r5, [sp, #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #48]\n\t"
         "ldr	r5, [sp, #52]\n\t"
 #else
@@ -1923,7 +2029,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #40]\n\t"
         "ldr	r5, [sp, #44]\n\t"
 #else
@@ -1931,14 +2037,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #40]\n\t"
         "str	r5, [sp, #44]\n\t"
 #else
         "strd	r4, r5, [sp, #40]\n\t"
 #endif
         /* Round 6 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -1958,7 +2064,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -1968,25 +2074,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -1998,13 +2104,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #48]\n\t"
         "ldr	r9, [sp, #52]\n\t"
 #else
@@ -2012,7 +2118,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #48]\n\t"
         "ldr	r7, [r3, #52]\n\t"
 #else
@@ -2020,7 +2126,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -2028,7 +2134,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -2036,13 +2142,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #40]\n\t"
         "str	r9, [%[sha512], #44]\n\t"
 #else
@@ -2062,7 +2168,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -2072,19 +2178,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -2096,7 +2202,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
@@ -2104,7 +2210,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #8]\n\t"
         "str	r7, [%[sha512], #12]\n\t"
 #else
@@ -2113,7 +2219,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[6] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #32]\n\t"
         "ldr	r5, [sp, #36]\n\t"
 #else
@@ -2134,13 +2240,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #48]\n\t"
         "ldr	r5, [sp, #52]\n\t"
 #else
         "ldrd	r4, r5, [sp, #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #120]\n\t"
         "ldr	r9, [sp, #124]\n\t"
 #else
@@ -2150,13 +2256,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #48]\n\t"
         "str	r5, [sp, #52]\n\t"
 #else
         "strd	r4, r5, [sp, #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #56]\n\t"
         "ldr	r5, [sp, #60]\n\t"
 #else
@@ -2177,7 +2283,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #48]\n\t"
         "ldr	r5, [sp, #52]\n\t"
 #else
@@ -2185,14 +2291,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #48]\n\t"
         "str	r5, [sp, #52]\n\t"
 #else
         "strd	r4, r5, [sp, #48]\n\t"
 #endif
         /* Round 7 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -2212,7 +2318,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -2222,25 +2328,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -2252,13 +2358,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #56]\n\t"
         "ldr	r9, [sp, #60]\n\t"
 #else
@@ -2266,7 +2372,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #56]\n\t"
         "ldr	r7, [r3, #60]\n\t"
 #else
@@ -2274,7 +2380,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -2282,7 +2388,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -2290,13 +2396,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #32]\n\t"
         "str	r9, [%[sha512], #36]\n\t"
 #else
@@ -2316,7 +2422,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -2326,19 +2432,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -2350,7 +2456,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
@@ -2358,7 +2464,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512]]\n\t"
         "str	r7, [%[sha512], #4]\n\t"
 #else
@@ -2367,7 +2473,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #40]\n\t"
         "ldr	r5, [sp, #44]\n\t"
 #else
@@ -2388,13 +2494,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #56]\n\t"
         "ldr	r5, [sp, #60]\n\t"
 #else
         "ldrd	r4, r5, [sp, #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp]\n\t"
         "ldr	r9, [sp, #4]\n\t"
 #else
@@ -2404,13 +2510,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #56]\n\t"
         "str	r5, [sp, #60]\n\t"
 #else
         "strd	r4, r5, [sp, #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #64]\n\t"
         "ldr	r5, [sp, #68]\n\t"
 #else
@@ -2431,7 +2537,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #56]\n\t"
         "ldr	r5, [sp, #60]\n\t"
 #else
@@ -2439,14 +2545,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #56]\n\t"
         "str	r5, [sp, #60]\n\t"
 #else
         "strd	r4, r5, [sp, #56]\n\t"
 #endif
         /* Round 8 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -2466,7 +2572,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -2476,25 +2582,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -2506,13 +2612,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #64]\n\t"
         "ldr	r9, [sp, #68]\n\t"
 #else
@@ -2520,7 +2626,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #64]\n\t"
         "ldr	r7, [r3, #68]\n\t"
 #else
@@ -2528,7 +2634,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -2536,7 +2642,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -2544,13 +2650,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #24]\n\t"
         "str	r9, [%[sha512], #28]\n\t"
 #else
@@ -2570,7 +2676,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -2580,19 +2686,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -2604,7 +2710,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
@@ -2612,7 +2718,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #56]\n\t"
         "str	r7, [%[sha512], #60]\n\t"
 #else
@@ -2621,7 +2727,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[8] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #48]\n\t"
         "ldr	r5, [sp, #52]\n\t"
 #else
@@ -2642,13 +2748,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #64]\n\t"
         "ldr	r5, [sp, #68]\n\t"
 #else
         "ldrd	r4, r5, [sp, #64]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #8]\n\t"
         "ldr	r9, [sp, #12]\n\t"
 #else
@@ -2658,13 +2764,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #64]\n\t"
         "str	r5, [sp, #68]\n\t"
 #else
         "strd	r4, r5, [sp, #64]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #72]\n\t"
         "ldr	r5, [sp, #76]\n\t"
 #else
@@ -2685,7 +2791,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #64]\n\t"
         "ldr	r5, [sp, #68]\n\t"
 #else
@@ -2693,14 +2799,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #64]\n\t"
         "str	r5, [sp, #68]\n\t"
 #else
         "strd	r4, r5, [sp, #64]\n\t"
 #endif
         /* Round 9 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -2720,7 +2826,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -2730,25 +2836,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -2760,13 +2866,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #72]\n\t"
         "ldr	r9, [sp, #76]\n\t"
 #else
@@ -2774,7 +2880,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #72]\n\t"
         "ldr	r7, [r3, #76]\n\t"
 #else
@@ -2782,7 +2888,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -2790,7 +2896,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -2798,13 +2904,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #16]\n\t"
         "str	r9, [%[sha512], #20]\n\t"
 #else
@@ -2824,7 +2930,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -2834,19 +2940,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -2858,7 +2964,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
@@ -2866,7 +2972,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #48]\n\t"
         "str	r7, [%[sha512], #52]\n\t"
 #else
@@ -2875,7 +2981,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #56]\n\t"
         "ldr	r5, [sp, #60]\n\t"
 #else
@@ -2896,13 +3002,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #72]\n\t"
         "ldr	r5, [sp, #76]\n\t"
 #else
         "ldrd	r4, r5, [sp, #72]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #16]\n\t"
         "ldr	r9, [sp, #20]\n\t"
 #else
@@ -2912,13 +3018,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #72]\n\t"
         "str	r5, [sp, #76]\n\t"
 #else
         "strd	r4, r5, [sp, #72]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #80]\n\t"
         "ldr	r5, [sp, #84]\n\t"
 #else
@@ -2939,7 +3045,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #72]\n\t"
         "ldr	r5, [sp, #76]\n\t"
 #else
@@ -2947,14 +3053,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #72]\n\t"
         "str	r5, [sp, #76]\n\t"
 #else
         "strd	r4, r5, [sp, #72]\n\t"
 #endif
         /* Round 10 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -2974,7 +3080,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -2984,25 +3090,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -3014,13 +3120,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #80]\n\t"
         "ldr	r9, [sp, #84]\n\t"
 #else
@@ -3028,7 +3134,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #80]\n\t"
         "ldr	r7, [r3, #84]\n\t"
 #else
@@ -3036,7 +3142,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -3044,7 +3150,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -3052,13 +3158,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #8]\n\t"
         "str	r9, [%[sha512], #12]\n\t"
 #else
@@ -3078,7 +3184,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -3088,19 +3194,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -3112,7 +3218,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
@@ -3120,7 +3226,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #40]\n\t"
         "str	r7, [%[sha512], #44]\n\t"
 #else
@@ -3129,7 +3235,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[10] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #64]\n\t"
         "ldr	r5, [sp, #68]\n\t"
 #else
@@ -3150,13 +3256,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #80]\n\t"
         "ldr	r5, [sp, #84]\n\t"
 #else
         "ldrd	r4, r5, [sp, #80]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #24]\n\t"
         "ldr	r9, [sp, #28]\n\t"
 #else
@@ -3166,13 +3272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #80]\n\t"
         "str	r5, [sp, #84]\n\t"
 #else
         "strd	r4, r5, [sp, #80]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #88]\n\t"
         "ldr	r5, [sp, #92]\n\t"
 #else
@@ -3193,7 +3299,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #80]\n\t"
         "ldr	r5, [sp, #84]\n\t"
 #else
@@ -3201,14 +3307,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #80]\n\t"
         "str	r5, [sp, #84]\n\t"
 #else
         "strd	r4, r5, [sp, #80]\n\t"
 #endif
         /* Round 11 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -3228,7 +3334,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -3238,25 +3344,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -3268,13 +3374,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #88]\n\t"
         "ldr	r9, [sp, #92]\n\t"
 #else
@@ -3282,7 +3388,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #88]\n\t"
         "ldr	r7, [r3, #92]\n\t"
 #else
@@ -3290,7 +3396,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -3298,7 +3404,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -3306,13 +3412,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512]]\n\t"
         "str	r9, [%[sha512], #4]\n\t"
 #else
@@ -3332,7 +3438,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -3342,19 +3448,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -3366,7 +3472,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
@@ -3374,7 +3480,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #32]\n\t"
         "str	r7, [%[sha512], #36]\n\t"
 #else
@@ -3383,7 +3489,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #72]\n\t"
         "ldr	r5, [sp, #76]\n\t"
 #else
@@ -3404,13 +3510,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #88]\n\t"
         "ldr	r5, [sp, #92]\n\t"
 #else
         "ldrd	r4, r5, [sp, #88]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #32]\n\t"
         "ldr	r9, [sp, #36]\n\t"
 #else
@@ -3420,13 +3526,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #88]\n\t"
         "str	r5, [sp, #92]\n\t"
 #else
         "strd	r4, r5, [sp, #88]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #96]\n\t"
         "ldr	r5, [sp, #100]\n\t"
 #else
@@ -3447,7 +3553,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #88]\n\t"
         "ldr	r5, [sp, #92]\n\t"
 #else
@@ -3455,14 +3561,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #88]\n\t"
         "str	r5, [sp, #92]\n\t"
 #else
         "strd	r4, r5, [sp, #88]\n\t"
 #endif
         /* Round 12 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -3482,7 +3588,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -3492,25 +3598,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -3522,13 +3628,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #96]\n\t"
         "ldr	r9, [sp, #100]\n\t"
 #else
@@ -3536,7 +3642,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #96]\n\t"
         "ldr	r7, [r3, #100]\n\t"
 #else
@@ -3544,7 +3650,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -3552,7 +3658,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -3560,13 +3666,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #56]\n\t"
         "str	r9, [%[sha512], #60]\n\t"
 #else
@@ -3586,7 +3692,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -3596,19 +3702,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -3620,7 +3726,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
@@ -3628,7 +3734,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #24]\n\t"
         "str	r7, [%[sha512], #28]\n\t"
 #else
@@ -3637,7 +3743,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[12] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #80]\n\t"
         "ldr	r5, [sp, #84]\n\t"
 #else
@@ -3658,13 +3764,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #96]\n\t"
         "ldr	r5, [sp, #100]\n\t"
 #else
         "ldrd	r4, r5, [sp, #96]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #40]\n\t"
         "ldr	r9, [sp, #44]\n\t"
 #else
@@ -3674,13 +3780,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #96]\n\t"
         "str	r5, [sp, #100]\n\t"
 #else
         "strd	r4, r5, [sp, #96]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #104]\n\t"
         "ldr	r5, [sp, #108]\n\t"
 #else
@@ -3701,7 +3807,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #96]\n\t"
         "ldr	r5, [sp, #100]\n\t"
 #else
@@ -3709,14 +3815,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #96]\n\t"
         "str	r5, [sp, #100]\n\t"
 #else
         "strd	r4, r5, [sp, #96]\n\t"
 #endif
         /* Round 13 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -3736,7 +3842,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -3746,25 +3852,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -3776,13 +3882,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #104]\n\t"
         "ldr	r9, [sp, #108]\n\t"
 #else
@@ -3790,7 +3896,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #104]\n\t"
         "ldr	r7, [r3, #108]\n\t"
 #else
@@ -3798,7 +3904,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -3806,7 +3912,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -3814,13 +3920,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #48]\n\t"
         "str	r9, [%[sha512], #52]\n\t"
 #else
@@ -3840,7 +3946,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -3850,19 +3956,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -3874,7 +3980,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
@@ -3882,7 +3988,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #16]\n\t"
         "str	r7, [%[sha512], #20]\n\t"
 #else
@@ -3891,7 +3997,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[13] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #88]\n\t"
         "ldr	r5, [sp, #92]\n\t"
 #else
@@ -3912,13 +4018,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #104]\n\t"
         "ldr	r5, [sp, #108]\n\t"
 #else
         "ldrd	r4, r5, [sp, #104]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #48]\n\t"
         "ldr	r9, [sp, #52]\n\t"
 #else
@@ -3928,13 +4034,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #104]\n\t"
         "str	r5, [sp, #108]\n\t"
 #else
         "strd	r4, r5, [sp, #104]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #112]\n\t"
         "ldr	r5, [sp, #116]\n\t"
 #else
@@ -3955,7 +4061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #104]\n\t"
         "ldr	r5, [sp, #108]\n\t"
 #else
@@ -3963,14 +4069,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #104]\n\t"
         "str	r5, [sp, #108]\n\t"
 #else
         "strd	r4, r5, [sp, #104]\n\t"
 #endif
         /* Round 14 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -3990,7 +4096,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -4000,25 +4106,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -4030,13 +4136,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #112]\n\t"
         "ldr	r9, [sp, #116]\n\t"
 #else
@@ -4044,7 +4150,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #112]\n\t"
         "ldr	r7, [r3, #116]\n\t"
 #else
@@ -4052,7 +4158,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -4060,7 +4166,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -4068,13 +4174,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #40]\n\t"
         "str	r9, [%[sha512], #44]\n\t"
 #else
@@ -4094,7 +4200,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -4104,19 +4210,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -4128,7 +4234,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
@@ -4136,7 +4242,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #8]\n\t"
         "str	r7, [%[sha512], #12]\n\t"
 #else
@@ -4145,7 +4251,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[14] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #96]\n\t"
         "ldr	r5, [sp, #100]\n\t"
 #else
@@ -4166,13 +4272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #112]\n\t"
         "ldr	r5, [sp, #116]\n\t"
 #else
         "ldrd	r4, r5, [sp, #112]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #56]\n\t"
         "ldr	r9, [sp, #60]\n\t"
 #else
@@ -4182,13 +4288,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #112]\n\t"
         "str	r5, [sp, #116]\n\t"
 #else
         "strd	r4, r5, [sp, #112]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #120]\n\t"
         "ldr	r5, [sp, #124]\n\t"
 #else
@@ -4209,7 +4315,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #112]\n\t"
         "ldr	r5, [sp, #116]\n\t"
 #else
@@ -4217,14 +4323,14 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #112]\n\t"
         "str	r5, [sp, #116]\n\t"
 #else
         "strd	r4, r5, [sp, #112]\n\t"
 #endif
         /* Round 15 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -4244,7 +4350,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -4254,25 +4360,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -4284,13 +4390,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #120]\n\t"
         "ldr	r9, [sp, #124]\n\t"
 #else
@@ -4298,7 +4404,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #120]\n\t"
         "ldr	r7, [r3, #124]\n\t"
 #else
@@ -4306,7 +4412,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -4314,7 +4420,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -4322,13 +4428,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #32]\n\t"
         "str	r9, [%[sha512], #36]\n\t"
 #else
@@ -4348,7 +4454,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -4358,19 +4464,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -4382,7 +4488,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
@@ -4390,7 +4496,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512]]\n\t"
         "str	r7, [%[sha512], #4]\n\t"
 #else
@@ -4399,7 +4505,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Calc new W[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #104]\n\t"
         "ldr	r5, [sp, #108]\n\t"
 #else
@@ -4420,13 +4526,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #26\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #120]\n\t"
         "ldr	r5, [sp, #124]\n\t"
 #else
         "ldrd	r4, r5, [sp, #120]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #64]\n\t"
         "ldr	r9, [sp, #68]\n\t"
 #else
@@ -4436,13 +4542,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r7\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #120]\n\t"
         "str	r5, [sp, #124]\n\t"
 #else
         "strd	r4, r5, [sp, #120]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp]\n\t"
         "ldr	r5, [sp, #4]\n\t"
 #else
@@ -4463,7 +4569,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "orr	r8, r8, r5, lsl #25\n\t"
         "eor	r7, r7, r9\n\t"
         "eor	r6, r6, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [sp, #120]\n\t"
         "ldr	r5, [sp, #124]\n\t"
 #else
@@ -4471,7 +4577,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #120]\n\t"
         "str	r5, [sp, #124]\n\t"
 #else
@@ -4481,7 +4587,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "subs	r12, r12, #1\n\t"
         "bne	L_SHA512_transform_len_start_%=\n\t"
         /* Round 0 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -4501,7 +4607,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -4511,25 +4617,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -4541,13 +4647,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp]\n\t"
         "ldr	r9, [sp, #4]\n\t"
 #else
@@ -4555,7 +4661,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3]\n\t"
         "ldr	r7, [r3, #4]\n\t"
 #else
@@ -4563,7 +4669,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -4571,7 +4677,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -4579,13 +4685,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #24]\n\t"
         "str	r9, [%[sha512], #28]\n\t"
 #else
@@ -4605,7 +4711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -4615,19 +4721,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -4639,7 +4745,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
@@ -4647,7 +4753,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #56]\n\t"
         "str	r7, [%[sha512], #60]\n\t"
 #else
@@ -4656,7 +4762,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 1 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -4676,7 +4782,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -4686,25 +4792,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -4716,13 +4822,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #8]\n\t"
         "ldr	r9, [sp, #12]\n\t"
 #else
@@ -4730,7 +4836,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #8]\n\t"
         "ldr	r7, [r3, #12]\n\t"
 #else
@@ -4738,7 +4844,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -4746,7 +4852,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -4754,13 +4860,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #16]\n\t"
         "str	r9, [%[sha512], #20]\n\t"
 #else
@@ -4780,7 +4886,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -4790,19 +4896,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -4814,7 +4920,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
@@ -4822,7 +4928,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #48]\n\t"
         "str	r7, [%[sha512], #52]\n\t"
 #else
@@ -4831,7 +4937,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 2 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -4851,7 +4957,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -4861,25 +4967,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -4891,13 +4997,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #16]\n\t"
         "ldr	r9, [sp, #20]\n\t"
 #else
@@ -4905,7 +5011,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #16]\n\t"
         "ldr	r7, [r3, #20]\n\t"
 #else
@@ -4913,7 +5019,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -4921,7 +5027,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -4929,13 +5035,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #8]\n\t"
         "str	r9, [%[sha512], #12]\n\t"
 #else
@@ -4955,7 +5061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -4965,19 +5071,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -4989,7 +5095,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
@@ -4997,7 +5103,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #40]\n\t"
         "str	r7, [%[sha512], #44]\n\t"
 #else
@@ -5006,7 +5112,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 3 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -5026,7 +5132,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -5036,25 +5142,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -5066,13 +5172,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #24]\n\t"
         "ldr	r9, [sp, #28]\n\t"
 #else
@@ -5080,7 +5186,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #24]\n\t"
         "ldr	r7, [r3, #28]\n\t"
 #else
@@ -5088,7 +5194,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -5096,7 +5202,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -5104,13 +5210,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512]]\n\t"
         "str	r9, [%[sha512], #4]\n\t"
 #else
@@ -5130,7 +5236,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -5140,19 +5246,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -5164,7 +5270,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
@@ -5172,7 +5278,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #32]\n\t"
         "str	r7, [%[sha512], #36]\n\t"
 #else
@@ -5181,7 +5287,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 4 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -5201,7 +5307,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -5211,25 +5317,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -5241,13 +5347,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #32]\n\t"
         "ldr	r9, [sp, #36]\n\t"
 #else
@@ -5255,7 +5361,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #32]\n\t"
         "ldr	r7, [r3, #36]\n\t"
 #else
@@ -5263,7 +5369,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -5271,7 +5377,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -5279,13 +5385,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #56]\n\t"
         "str	r9, [%[sha512], #60]\n\t"
 #else
@@ -5305,7 +5411,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -5315,19 +5421,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -5339,7 +5445,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
@@ -5347,7 +5453,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #24]\n\t"
         "str	r7, [%[sha512], #28]\n\t"
 #else
@@ -5356,7 +5462,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 5 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -5376,7 +5482,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -5386,25 +5492,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -5416,13 +5522,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #40]\n\t"
         "ldr	r9, [sp, #44]\n\t"
 #else
@@ -5430,7 +5536,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #40]\n\t"
         "ldr	r7, [r3, #44]\n\t"
 #else
@@ -5438,7 +5544,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -5446,7 +5552,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -5454,13 +5560,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #48]\n\t"
         "str	r9, [%[sha512], #52]\n\t"
 #else
@@ -5480,7 +5586,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -5490,19 +5596,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -5514,7 +5620,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
@@ -5522,7 +5628,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #16]\n\t"
         "str	r7, [%[sha512], #20]\n\t"
 #else
@@ -5531,7 +5637,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 6 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -5551,7 +5657,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -5561,25 +5667,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -5591,13 +5697,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #48]\n\t"
         "ldr	r9, [sp, #52]\n\t"
 #else
@@ -5605,7 +5711,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #48]\n\t"
         "ldr	r7, [r3, #52]\n\t"
 #else
@@ -5613,7 +5719,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -5621,7 +5727,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -5629,13 +5735,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #40]\n\t"
         "str	r9, [%[sha512], #44]\n\t"
 #else
@@ -5655,7 +5761,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -5665,19 +5771,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -5689,7 +5795,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
@@ -5697,7 +5803,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #8]\n\t"
         "str	r7, [%[sha512], #12]\n\t"
 #else
@@ -5706,7 +5812,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 7 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -5726,7 +5832,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -5736,25 +5842,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -5766,13 +5872,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #56]\n\t"
         "ldr	r9, [sp, #60]\n\t"
 #else
@@ -5780,7 +5886,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #56]\n\t"
         "ldr	r7, [r3, #60]\n\t"
 #else
@@ -5788,7 +5894,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -5796,7 +5902,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -5804,13 +5910,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #32]\n\t"
         "str	r9, [%[sha512], #36]\n\t"
 #else
@@ -5830,7 +5936,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -5840,19 +5946,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -5864,7 +5970,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
@@ -5872,7 +5978,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512]]\n\t"
         "str	r7, [%[sha512], #4]\n\t"
 #else
@@ -5881,7 +5987,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 8 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -5901,7 +6007,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -5911,25 +6017,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -5941,13 +6047,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #64]\n\t"
         "ldr	r9, [sp, #68]\n\t"
 #else
@@ -5955,7 +6061,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #64]\n\t"
         "ldr	r7, [r3, #68]\n\t"
 #else
@@ -5963,7 +6069,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -5971,7 +6077,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -5979,13 +6085,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #24]\n\t"
         "str	r9, [%[sha512], #28]\n\t"
 #else
@@ -6005,7 +6111,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -6015,19 +6121,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #56]\n\t"
         "str	r5, [%[sha512], #60]\n\t"
 #else
@@ -6039,7 +6145,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
@@ -6047,7 +6153,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #56]\n\t"
         "str	r7, [%[sha512], #60]\n\t"
 #else
@@ -6056,7 +6162,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 9 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -6076,7 +6182,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -6086,25 +6192,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -6116,13 +6222,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #72]\n\t"
         "ldr	r9, [sp, #76]\n\t"
 #else
@@ -6130,7 +6236,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #72]\n\t"
         "ldr	r7, [r3, #76]\n\t"
 #else
@@ -6138,7 +6244,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -6146,7 +6252,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -6154,13 +6260,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #16]\n\t"
         "str	r9, [%[sha512], #20]\n\t"
 #else
@@ -6180,7 +6286,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -6190,19 +6296,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
@@ -6214,7 +6320,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
@@ -6222,7 +6328,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #48]\n\t"
         "str	r7, [%[sha512], #52]\n\t"
 #else
@@ -6231,7 +6337,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 10 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -6251,7 +6357,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -6261,25 +6367,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -6291,13 +6397,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #80]\n\t"
         "ldr	r9, [sp, #84]\n\t"
 #else
@@ -6305,7 +6411,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #80]\n\t"
         "ldr	r7, [r3, #84]\n\t"
 #else
@@ -6313,7 +6419,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -6321,7 +6427,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -6329,13 +6435,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #8]\n\t"
         "str	r9, [%[sha512], #12]\n\t"
 #else
@@ -6355,7 +6461,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -6365,19 +6471,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #40]\n\t"
         "str	r5, [%[sha512], #44]\n\t"
 #else
@@ -6389,7 +6495,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
@@ -6397,7 +6503,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #40]\n\t"
         "str	r7, [%[sha512], #44]\n\t"
 #else
@@ -6406,7 +6512,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 11 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -6426,7 +6532,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -6436,25 +6542,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
@@ -6466,13 +6572,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #88]\n\t"
         "ldr	r9, [sp, #92]\n\t"
 #else
@@ -6480,7 +6586,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #88]\n\t"
         "ldr	r7, [r3, #92]\n\t"
 #else
@@ -6488,7 +6594,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -6496,7 +6602,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -6504,13 +6610,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512]]\n\t"
         "str	r9, [%[sha512], #4]\n\t"
 #else
@@ -6530,7 +6636,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
@@ -6540,19 +6646,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
@@ -6564,7 +6670,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
@@ -6572,7 +6678,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #32]\n\t"
         "str	r7, [%[sha512], #36]\n\t"
 #else
@@ -6581,7 +6687,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 12 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -6601,7 +6707,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -6611,25 +6717,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
@@ -6641,13 +6747,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #96]\n\t"
         "ldr	r9, [sp, #100]\n\t"
 #else
@@ -6655,7 +6761,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #96]\n\t"
         "ldr	r7, [r3, #100]\n\t"
 #else
@@ -6663,7 +6769,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -6671,7 +6777,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -6679,13 +6785,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #56]\n\t"
         "str	r9, [%[sha512], #60]\n\t"
 #else
@@ -6705,7 +6811,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
@@ -6715,19 +6821,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #24]\n\t"
         "str	r5, [%[sha512], #28]\n\t"
 #else
@@ -6739,7 +6845,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
@@ -6747,7 +6853,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #24]\n\t"
         "str	r7, [%[sha512], #28]\n\t"
 #else
@@ -6756,7 +6862,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 13 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
@@ -6776,7 +6882,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -6786,25 +6892,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #56]\n\t"
         "ldr	r5, [%[sha512], #60]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
@@ -6816,13 +6922,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #104]\n\t"
         "ldr	r9, [sp, #108]\n\t"
 #else
@@ -6830,7 +6936,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #104]\n\t"
         "ldr	r7, [r3, #108]\n\t"
 #else
@@ -6838,7 +6944,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #48]\n\t"
         "ldr	r9, [%[sha512], #52]\n\t"
 #else
@@ -6846,7 +6952,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -6854,13 +6960,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #24]\n\t"
         "ldr	r5, [%[sha512], #28]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #48]\n\t"
         "str	r9, [%[sha512], #52]\n\t"
 #else
@@ -6880,7 +6986,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
@@ -6890,19 +6996,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #24]\n\t"
         "ldr	r9, [%[sha512], #28]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #32]\n\t"
         "ldr	r7, [%[sha512], #36]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
@@ -6914,7 +7020,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
@@ -6922,7 +7028,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #16]\n\t"
         "str	r7, [%[sha512], #20]\n\t"
 #else
@@ -6931,7 +7037,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 14 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
@@ -6951,7 +7057,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -6961,25 +7067,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512]]\n\t"
         "ldr	r9, [%[sha512], #4]\n\t"
 #else
@@ -6991,13 +7097,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #112]\n\t"
         "ldr	r9, [sp, #116]\n\t"
 #else
@@ -7005,7 +7111,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #112]\n\t"
         "ldr	r7, [r3, #116]\n\t"
 #else
@@ -7013,7 +7119,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #40]\n\t"
         "ldr	r9, [%[sha512], #44]\n\t"
 #else
@@ -7021,7 +7127,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -7029,13 +7135,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #40]\n\t"
         "str	r9, [%[sha512], #44]\n\t"
 #else
@@ -7055,7 +7161,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
@@ -7065,19 +7171,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #16]\n\t"
         "ldr	r9, [%[sha512], #20]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #8]\n\t"
         "str	r5, [%[sha512], #12]\n\t"
 #else
@@ -7089,7 +7195,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
@@ -7097,7 +7203,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #8]\n\t"
         "str	r7, [%[sha512], #12]\n\t"
 #else
@@ -7106,7 +7212,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Round 15 */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
@@ -7126,7 +7232,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #23\n\t"
         "orr	r9, r9, r4, lsr #9\n\t"
         "orr	r8, r8, r5, lsr #9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -7136,25 +7242,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #40]\n\t"
         "ldr	r5, [%[sha512], #44]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #48]\n\t"
         "ldr	r7, [%[sha512], #52]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #56]\n\t"
         "ldr	r9, [%[sha512], #60]\n\t"
 #else
@@ -7166,13 +7272,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r7, r7, r5\n\t"
         "eor	r6, r6, r8\n\t"
         "eor	r7, r7, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #120]\n\t"
         "ldr	r9, [sp, #124]\n\t"
 #else
@@ -7180,7 +7286,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [r3, #120]\n\t"
         "ldr	r7, [r3, #124]\n\t"
 #else
@@ -7188,7 +7294,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r8\n\t"
         "adc	r5, r5, r9\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #32]\n\t"
         "ldr	r9, [%[sha512], #36]\n\t"
 #else
@@ -7196,7 +7302,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -7204,13 +7310,13 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r8, r8, r4\n\t"
         "adc	r9, r9, r5\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #8]\n\t"
         "ldr	r5, [%[sha512], #12]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[sha512], #32]\n\t"
         "str	r9, [%[sha512], #36]\n\t"
 #else
@@ -7230,7 +7336,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "lsls	r9, r5, #25\n\t"
         "orr	r9, r9, r4, lsr #7\n\t"
         "orr	r8, r8, r5, lsr #7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
@@ -7240,19 +7346,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "eor	r7, r7, r9\n\t"
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[sha512], #8]\n\t"
         "ldr	r9, [%[sha512], #12]\n\t"
 #else
         "ldrd	r8, r9, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #16]\n\t"
         "ldr	r7, [%[sha512], #20]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
@@ -7264,7 +7370,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "and	r11, r11, r9\n\t"
         "eor	r10, r10, r6\n\t"
         "eor	r11, r11, r7\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512]]\n\t"
         "ldr	r7, [%[sha512], #4]\n\t"
 #else
@@ -7272,7 +7378,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512]]\n\t"
         "str	r7, [%[sha512], #4]\n\t"
 #else
@@ -7281,25 +7387,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "mov	r10, r8\n\t"
         "mov	r11, r9\n\t"
         /* Add in digest from start */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512]]\n\t"
         "ldr	r5, [%[sha512], #4]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #8]\n\t"
         "ldr	r7, [%[sha512], #12]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #128]\n\t"
         "ldr	r9, [sp, #132]\n\t"
 #else
         "ldrd	r8, r9, [sp, #128]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #136]\n\t"
         "ldr	r11, [sp, #140]\n\t"
 #else
@@ -7309,49 +7415,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r9\n\t"
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512]]\n\t"
         "str	r5, [%[sha512], #4]\n\t"
 #else
         "strd	r4, r5, [%[sha512]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #8]\n\t"
         "str	r7, [%[sha512], #12]\n\t"
 #else
         "strd	r6, r7, [%[sha512], #8]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #128]\n\t"
         "str	r5, [sp, #132]\n\t"
 #else
         "strd	r4, r5, [sp, #128]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #136]\n\t"
         "str	r7, [sp, #140]\n\t"
 #else
         "strd	r6, r7, [sp, #136]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #16]\n\t"
         "ldr	r5, [%[sha512], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #24]\n\t"
         "ldr	r7, [%[sha512], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #144]\n\t"
         "ldr	r9, [sp, #148]\n\t"
 #else
         "ldrd	r8, r9, [sp, #144]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #152]\n\t"
         "ldr	r11, [sp, #156]\n\t"
 #else
@@ -7361,49 +7467,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r9\n\t"
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #16]\n\t"
         "str	r5, [%[sha512], #20]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #24]\n\t"
         "str	r7, [%[sha512], #28]\n\t"
 #else
         "strd	r6, r7, [%[sha512], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #144]\n\t"
         "str	r5, [sp, #148]\n\t"
 #else
         "strd	r4, r5, [sp, #144]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #152]\n\t"
         "str	r7, [sp, #156]\n\t"
 #else
         "strd	r6, r7, [sp, #152]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #32]\n\t"
         "ldr	r5, [%[sha512], #36]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #40]\n\t"
         "ldr	r7, [%[sha512], #44]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #160]\n\t"
         "ldr	r9, [sp, #164]\n\t"
 #else
         "ldrd	r8, r9, [sp, #160]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #168]\n\t"
         "ldr	r11, [sp, #172]\n\t"
 #else
@@ -7413,49 +7519,49 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r9\n\t"
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #32]\n\t"
         "str	r5, [%[sha512], #36]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #32]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #40]\n\t"
         "str	r7, [%[sha512], #44]\n\t"
 #else
         "strd	r6, r7, [%[sha512], #40]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #160]\n\t"
         "str	r5, [sp, #164]\n\t"
 #else
         "strd	r4, r5, [sp, #160]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #168]\n\t"
         "str	r7, [sp, #172]\n\t"
 #else
         "strd	r6, r7, [sp, #168]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[sha512], #48]\n\t"
         "ldr	r5, [%[sha512], #52]\n\t"
 #else
         "ldrd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[sha512], #56]\n\t"
         "ldr	r7, [%[sha512], #60]\n\t"
 #else
         "ldrd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [sp, #176]\n\t"
         "ldr	r9, [sp, #180]\n\t"
 #else
         "ldrd	r8, r9, [sp, #176]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r10, [sp, #184]\n\t"
         "ldr	r11, [sp, #188]\n\t"
 #else
@@ -7465,25 +7571,25 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "adc	r5, r5, r9\n\t"
         "adds	r6, r6, r10\n\t"
         "adc	r7, r7, r11\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[sha512], #48]\n\t"
         "str	r5, [%[sha512], #52]\n\t"
 #else
         "strd	r4, r5, [%[sha512], #48]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[sha512], #56]\n\t"
         "str	r7, [%[sha512], #60]\n\t"
 #else
         "strd	r6, r7, [%[sha512], #56]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [sp, #176]\n\t"
         "str	r5, [sp, #180]\n\t"
 #else
         "strd	r4, r5, [sp, #176]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [sp, #184]\n\t"
         "str	r7, [sp, #188]\n\t"
 #else
@@ -7495,9 +7601,9 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "bne	L_SHA512_transform_len_begin_%=\n\t"
         "eor	r0, r0, r0\n\t"
         "add	sp, sp, #0xc0\n\t"
-        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
-        : [L_SHA512_transform_len_k] "r" (L_SHA512_transform_len_k)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len), [L_SHA512_transform_len_k] "+r" (L_SHA512_transform_len_k_c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -7506,94 +7612,55 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 
 #ifndef WOLFSSL_ARMASM_NO_NEON
 static const uint64_t L_SHA512_transform_neon_len_k[] = {
-    0x428a2f98d728ae22UL,
-    0x7137449123ef65cdUL,
-    0xb5c0fbcfec4d3b2fUL,
-    0xe9b5dba58189dbbcUL,
-    0x3956c25bf348b538UL,
-    0x59f111f1b605d019UL,
-    0x923f82a4af194f9bUL,
-    0xab1c5ed5da6d8118UL,
-    0xd807aa98a3030242UL,
-    0x12835b0145706fbeUL,
-    0x243185be4ee4b28cUL,
-    0x550c7dc3d5ffb4e2UL,
-    0x72be5d74f27b896fUL,
-    0x80deb1fe3b1696b1UL,
-    0x9bdc06a725c71235UL,
-    0xc19bf174cf692694UL,
-    0xe49b69c19ef14ad2UL,
-    0xefbe4786384f25e3UL,
-    0xfc19dc68b8cd5b5UL,
-    0x240ca1cc77ac9c65UL,
-    0x2de92c6f592b0275UL,
-    0x4a7484aa6ea6e483UL,
-    0x5cb0a9dcbd41fbd4UL,
-    0x76f988da831153b5UL,
-    0x983e5152ee66dfabUL,
-    0xa831c66d2db43210UL,
-    0xb00327c898fb213fUL,
-    0xbf597fc7beef0ee4UL,
-    0xc6e00bf33da88fc2UL,
-    0xd5a79147930aa725UL,
-    0x6ca6351e003826fUL,
-    0x142929670a0e6e70UL,
-    0x27b70a8546d22ffcUL,
-    0x2e1b21385c26c926UL,
-    0x4d2c6dfc5ac42aedUL,
-    0x53380d139d95b3dfUL,
-    0x650a73548baf63deUL,
-    0x766a0abb3c77b2a8UL,
-    0x81c2c92e47edaee6UL,
-    0x92722c851482353bUL,
-    0xa2bfe8a14cf10364UL,
-    0xa81a664bbc423001UL,
-    0xc24b8b70d0f89791UL,
-    0xc76c51a30654be30UL,
-    0xd192e819d6ef5218UL,
-    0xd69906245565a910UL,
-    0xf40e35855771202aUL,
-    0x106aa07032bbd1b8UL,
-    0x19a4c116b8d2d0c8UL,
-    0x1e376c085141ab53UL,
-    0x2748774cdf8eeb99UL,
-    0x34b0bcb5e19b48a8UL,
-    0x391c0cb3c5c95a63UL,
-    0x4ed8aa4ae3418acbUL,
-    0x5b9cca4f7763e373UL,
-    0x682e6ff3d6b2b8a3UL,
-    0x748f82ee5defb2fcUL,
-    0x78a5636f43172f60UL,
-    0x84c87814a1f0ab72UL,
-    0x8cc702081a6439ecUL,
-    0x90befffa23631e28UL,
-    0xa4506cebde82bde9UL,
-    0xbef9a3f7b2c67915UL,
-    0xc67178f2e372532bUL,
-    0xca273eceea26619cUL,
-    0xd186b8c721c0c207UL,
-    0xeada7dd6cde0eb1eUL,
-    0xf57d4f7fee6ed178UL,
-    0x6f067aa72176fbaUL,
-    0xa637dc5a2c898a6UL,
-    0x113f9804bef90daeUL,
-    0x1b710b35131c471bUL,
-    0x28db77f523047d84UL,
-    0x32caab7b40c72493UL,
-    0x3c9ebe0a15c9bebcUL,
-    0x431d67c49c100d4cUL,
-    0x4cc5d4becb3e42b6UL,
-    0x597f299cfc657e2aUL,
-    0x5fcb6fab3ad6faecUL,
-    0x6c44198c4a475817UL,
+    0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+    0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+    0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+    0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+    0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+    0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+    0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+    0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+    0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+    0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+    0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+    0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+    0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+    0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+    0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+    0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+    0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+    0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+    0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+    0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+    0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+    0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+    0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+    0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+    0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+    0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+    0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+    0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+    0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+    0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+    0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+    0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+    0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+    0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+    0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+    0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+    0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+    0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+    0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+    0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
 };
 
-void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p);
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
 void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 {
-    register wc_Sha512* sha512 asm ("r0") = sha512_p;
-    register const byte* data asm ("r1") = data_p;
-    register word32 len asm ("r2") = len_p;
+    register wc_Sha512* sha512 asm ("r0") = (wc_Sha512*)sha512_p;
+    register const byte* data asm ("r1") = (const byte*)data_p;
+    register word32 len asm ("r2") = (word32)len_p;
+    register uint64_t* L_SHA512_transform_neon_len_k_c asm ("r3") = (uint64_t*)&L_SHA512_transform_neon_len_k;
 
     __asm__ __volatile__ (
         /* Load digest into working vars */
@@ -7633,13 +7700,12 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vrev64.8	d30, d30\n\t"
         "vrev64.8	d31, d31\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
-        "mov	r3, %[L_SHA512_transform_neon_len_k]\n\t"
         "mov	r12, #4\n\t"
         /* Start of 16 rounds */
         "\n"
     "L_SHA512_transform_neon_len_start_%=: \n\t"
         /* Round 0 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d4, #50\n\t"
         "vsri.u64	d8, d4, #14\n\t"
         "vshl.u64	d9, d0, #36\n\t"
@@ -7668,7 +7734,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d3, d7\n\t"
         "vadd.i64	d7, d10\n\t"
         /* Round 1 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d3, #50\n\t"
         "vsri.u64	d8, d3, #14\n\t"
         "vshl.u64	d9, d7, #36\n\t"
@@ -7759,7 +7825,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d17, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 2 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d2, #50\n\t"
         "vsri.u64	d8, d2, #14\n\t"
         "vshl.u64	d9, d6, #36\n\t"
@@ -7788,7 +7854,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d1, d5\n\t"
         "vadd.i64	d5, d10\n\t"
         /* Round 3 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d1, #50\n\t"
         "vsri.u64	d8, d1, #14\n\t"
         "vshl.u64	d9, d5, #36\n\t"
@@ -7879,7 +7945,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d19, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 4 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d0, #50\n\t"
         "vsri.u64	d8, d0, #14\n\t"
         "vshl.u64	d9, d4, #36\n\t"
@@ -7908,7 +7974,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d7, d3\n\t"
         "vadd.i64	d3, d10\n\t"
         /* Round 5 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d7, #50\n\t"
         "vsri.u64	d8, d7, #14\n\t"
         "vshl.u64	d9, d3, #36\n\t"
@@ -7999,7 +8065,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d21, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 6 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d6, #50\n\t"
         "vsri.u64	d8, d6, #14\n\t"
         "vshl.u64	d9, d2, #36\n\t"
@@ -8028,7 +8094,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d5, d1\n\t"
         "vadd.i64	d1, d10\n\t"
         /* Round 7 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d5, #50\n\t"
         "vsri.u64	d8, d5, #14\n\t"
         "vshl.u64	d9, d1, #36\n\t"
@@ -8119,7 +8185,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d23, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 8 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d4, #50\n\t"
         "vsri.u64	d8, d4, #14\n\t"
         "vshl.u64	d9, d0, #36\n\t"
@@ -8148,7 +8214,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d3, d7\n\t"
         "vadd.i64	d7, d10\n\t"
         /* Round 9 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d3, #50\n\t"
         "vsri.u64	d8, d3, #14\n\t"
         "vshl.u64	d9, d7, #36\n\t"
@@ -8239,7 +8305,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d25, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 10 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d2, #50\n\t"
         "vsri.u64	d8, d2, #14\n\t"
         "vshl.u64	d9, d6, #36\n\t"
@@ -8268,7 +8334,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d1, d5\n\t"
         "vadd.i64	d5, d10\n\t"
         /* Round 11 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d1, #50\n\t"
         "vsri.u64	d8, d1, #14\n\t"
         "vshl.u64	d9, d5, #36\n\t"
@@ -8359,7 +8425,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d27, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 12 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d0, #50\n\t"
         "vsri.u64	d8, d0, #14\n\t"
         "vshl.u64	d9, d4, #36\n\t"
@@ -8388,7 +8454,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d7, d3\n\t"
         "vadd.i64	d3, d10\n\t"
         /* Round 13 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d7, #50\n\t"
         "vsri.u64	d8, d7, #14\n\t"
         "vshl.u64	d9, d3, #36\n\t"
@@ -8479,7 +8545,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d29, d11\n\t"
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         /* Round 14 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d6, #50\n\t"
         "vsri.u64	d8, d6, #14\n\t"
         "vshl.u64	d9, d2, #36\n\t"
@@ -8508,7 +8574,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d5, d1\n\t"
         "vadd.i64	d1, d10\n\t"
         /* Round 15 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d5, #50\n\t"
         "vsri.u64	d8, d5, #14\n\t"
         "vshl.u64	d9, d1, #36\n\t"
@@ -8601,7 +8667,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "subs	r12, r12, #1\n\t"
         "bne	L_SHA512_transform_neon_len_start_%=\n\t"
         /* Round 0 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d4, #50\n\t"
         "vsri.u64	d8, d4, #14\n\t"
         "vshl.u64	d9, d0, #36\n\t"
@@ -8630,7 +8696,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d3, d7\n\t"
         "vadd.i64	d7, d10\n\t"
         /* Round 1 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d3, #50\n\t"
         "vsri.u64	d8, d3, #14\n\t"
         "vshl.u64	d9, d7, #36\n\t"
@@ -8659,7 +8725,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d2, d6\n\t"
         "vadd.i64	d6, d10\n\t"
         /* Round 2 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d2, #50\n\t"
         "vsri.u64	d8, d2, #14\n\t"
         "vshl.u64	d9, d6, #36\n\t"
@@ -8688,7 +8754,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d1, d5\n\t"
         "vadd.i64	d5, d10\n\t"
         /* Round 3 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d1, #50\n\t"
         "vsri.u64	d8, d1, #14\n\t"
         "vshl.u64	d9, d5, #36\n\t"
@@ -8717,7 +8783,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d0, d4\n\t"
         "vadd.i64	d4, d10\n\t"
         /* Round 4 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d0, #50\n\t"
         "vsri.u64	d8, d0, #14\n\t"
         "vshl.u64	d9, d4, #36\n\t"
@@ -8746,7 +8812,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d7, d3\n\t"
         "vadd.i64	d3, d10\n\t"
         /* Round 5 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d7, #50\n\t"
         "vsri.u64	d8, d7, #14\n\t"
         "vshl.u64	d9, d3, #36\n\t"
@@ -8775,7 +8841,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d6, d2\n\t"
         "vadd.i64	d2, d10\n\t"
         /* Round 6 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d6, #50\n\t"
         "vsri.u64	d8, d6, #14\n\t"
         "vshl.u64	d9, d2, #36\n\t"
@@ -8804,7 +8870,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d5, d1\n\t"
         "vadd.i64	d1, d10\n\t"
         /* Round 7 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d5, #50\n\t"
         "vsri.u64	d8, d5, #14\n\t"
         "vshl.u64	d9, d1, #36\n\t"
@@ -8833,7 +8899,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d4, d0\n\t"
         "vadd.i64	d0, d10\n\t"
         /* Round 8 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d4, #50\n\t"
         "vsri.u64	d8, d4, #14\n\t"
         "vshl.u64	d9, d0, #36\n\t"
@@ -8862,7 +8928,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d3, d7\n\t"
         "vadd.i64	d7, d10\n\t"
         /* Round 9 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d3, #50\n\t"
         "vsri.u64	d8, d3, #14\n\t"
         "vshl.u64	d9, d7, #36\n\t"
@@ -8891,7 +8957,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d2, d6\n\t"
         "vadd.i64	d6, d10\n\t"
         /* Round 10 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d2, #50\n\t"
         "vsri.u64	d8, d2, #14\n\t"
         "vshl.u64	d9, d6, #36\n\t"
@@ -8920,7 +8986,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d1, d5\n\t"
         "vadd.i64	d5, d10\n\t"
         /* Round 11 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d1, #50\n\t"
         "vsri.u64	d8, d1, #14\n\t"
         "vshl.u64	d9, d5, #36\n\t"
@@ -8949,7 +9015,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d0, d4\n\t"
         "vadd.i64	d4, d10\n\t"
         /* Round 12 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d0, #50\n\t"
         "vsri.u64	d8, d0, #14\n\t"
         "vshl.u64	d9, d4, #36\n\t"
@@ -8978,7 +9044,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d7, d3\n\t"
         "vadd.i64	d3, d10\n\t"
         /* Round 13 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d7, #50\n\t"
         "vsri.u64	d8, d7, #14\n\t"
         "vshl.u64	d9, d3, #36\n\t"
@@ -9007,7 +9073,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d6, d2\n\t"
         "vadd.i64	d2, d10\n\t"
         /* Round 14 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d6, #50\n\t"
         "vsri.u64	d8, d6, #14\n\t"
         "vshl.u64	d9, d2, #36\n\t"
@@ -9036,7 +9102,7 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
         "vadd.i64	d5, d1\n\t"
         "vadd.i64	d1, d10\n\t"
         /* Round 15 */
-        "vld1.64	{d12}, [r3]!\n\t"
+        "vld1.64	{d12}, [r3:64]!\n\t"
         "vshl.u64	d8, d5, #50\n\t"
         "vsri.u64	d8, d5, #14\n\t"
         "vshl.u64	d9, d1, #36\n\t"
@@ -9083,14 +9149,19 @@ void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
 #endif /* WOLFSSL_ARM_ARCH_NEON_64BIT */
         "vstm.64	%[sha512], {d0-d7}\n\t"
         "subs	%[len], %[len], #0x80\n\t"
+        "sub	r3, r3, #0x280\n\t"
         "bne	L_SHA512_transform_neon_len_begin_%=\n\t"
-        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
-        : [L_SHA512_transform_neon_len_k] "r" (L_SHA512_transform_neon_len_k)
-        : "memory", "r3", "r12", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "d12", "d13", "d14", "d15", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15"
+        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len), [L_SHA512_transform_neon_len_k] "+r" (L_SHA512_transform_neon_len_k_c)
+        :
+        : "memory", "r12", "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", "d10", "d11", "d12", "d13", "d14", "d15", "q8", "q9", "q10", "q11", "q12", "q13", "q14", "q15", "cc"
     );
 }
 
 #endif /* !WOLFSSL_ARMASM_NO_NEON */
 #endif /* WOLFSSL_SHA512 */
-#endif /* !__aarch64__ */
+#endif /* !__aarch64__ && !__thumb__ */
 #endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__arm__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
index 20691a76..455d30bb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-aes.c
@@ -21,7 +21,7 @@
 
 
 /*
- * There are two versions one for 64 (Aarch64)  and one for 32 bit (Aarch32).
+ * There are two versions one for 64 (Aarch64) and one for 32 bit (Aarch32).
  * If changing one check the other.
  */
 
@@ -31,6 +31,7 @@
 #endif
 
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 #if !defined(NO_AES) && defined(WOLFSSL_ARMASM)
 
@@ -41,7 +42,6 @@
 #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
 
 #include <wolfssl/wolfcrypt/aes.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
@@ -116,6 +116,7 @@ static const byte rcon[] = {
 
 #ifdef HAVE_AESGCM
 
+#if !defined(__aarch64__) || defined(WOLFSSL_AESGCM_STREAM)
 static WC_INLINE void IncrementGcmCounter(byte* inOutCtr)
 {
     int i;
@@ -144,6 +145,7 @@ static WC_INLINE void FlattenSzInBits(byte* buf, word32 sz)
     buf[6] = (sz >>  8) & 0xff;
     buf[7] = sz & 0xff;
 }
+#endif
 
 #endif /* HAVE_AESGCM */
 
@@ -1452,6 +1454,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     return 0;
 }
 
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+        const byte* iv, int dir)
+{
+    (void)dir;
+    return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
+
 #endif /* WOLFSSL_AES_COUNTER */
 
 #ifdef HAVE_AESGCM
@@ -1460,1109 +1469,5714 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
  * Based from GCM implementation in wolfcrypt/src/aes.c
  */
 
+/* START script replace AES-GCM Aarch64 with hardware crypto. */
+
 /* PMULL and RBIT only with AArch64 */
 /* Use ARM hardware for polynomial multiply */
-static void GMULT(byte* X, byte* Y)
+void GMULT(byte* X, byte* Y)
 {
     __asm__ volatile (
-        "LD1 {v0.16b}, [%[inX]] \n"
-        "LD1 {v1.16b}, [%[inY]] \n" /* v1 already reflected from set key */
+        "LD1 {v0.16b}, [%[X]] \n"
+        "LD1 {v1.16b}, [%[Y]] \n" /* v1 already reflected from set key */
+        "MOVI v2.16b, #0x87 \n"
         "RBIT v0.16b, v0.16b \n"
+        "USHR v2.2d, v2.2d, #56 \n"
+
+        "PMULL  v3.1q, v0.1d, v1.1d \n"
+        "PMULL2 v4.1q, v0.2d, v1.2d \n"
+        "EXT v5.16b, v1.16b, v1.16b, #8 \n"
+        "PMULL  v6.1q, v0.1d, v5.1d \n"
+        "PMULL2 v5.1q, v0.2d, v5.2d \n"
+        "EOR v5.16b, v5.16b, v6.16b \n"
+        "EXT v6.16b, v3.16b, v4.16b, #8 \n"
+        "EOR v6.16b, v6.16b, v5.16b \n"
+        "# Reduce \n"
+        "PMULL2 v5.1q, v4.2d, v2.2d \n"
+        "EOR v6.16b, v6.16b, v5.16b \n"
+        "PMULL2 v5.1q, v6.2d, v2.2d \n"
+        "MOV v3.D[1], v6.D[0] \n"
+        "EOR v0.16b, v3.16b, v5.16b \n"
 
-
-        /* Algorithm 1 from Intel GCM white paper.
-           "Carry-Less Multiplication and Its Usage for Computing the GCM Mode"
-         */
-        "PMULL  v3.1q, v0.1d, v1.1d \n"     /* a0 * b0 = C */
-        "PMULL2 v4.1q, v0.2d, v1.2d \n"     /* a1 * b1 = D */
-        "EXT v5.16b, v1.16b, v1.16b, #8 \n" /* b0b1 -> b1b0 */
-        "PMULL  v6.1q, v0.1d, v5.1d \n"     /* a0 * b1 = E */
-        "PMULL2 v5.1q, v0.2d, v5.2d \n"     /* a1 * b0 = F */
-
-        "#Set a register to all 0s using EOR \n"
-        "EOR v7.16b, v7.16b, v7.16b \n"
-        "EOR v5.16b, v5.16b, v6.16b \n"     /* F ^ E */
-        "EXT v6.16b, v7.16b, v5.16b, #8 \n" /* get (F^E)[0] */
-        "EOR v3.16b, v3.16b, v6.16b \n"     /* low 128 bits in v3 */
-        "EXT v6.16b, v5.16b, v7.16b, #8 \n" /* get (F^E)[1] */
-        "EOR v4.16b, v4.16b, v6.16b \n"     /* high 128 bits in v4 */
-
-
-        /* Based from White Paper "Implementing GCM on ARMv8"
-           by Conrado P.L. Gouvea and Julio Lopez
-           reduction on 256bit value using Algorithm 5 */
-        "MOVI v8.16b, #0x87 \n"
-        "USHR v8.2d, v8.2d, #56 \n"
-        /* v8 is now 0x00000000000000870000000000000087 reflected 0xe1....*/
-        "PMULL2 v5.1q, v4.2d, v8.2d \n"
-        "EXT v6.16b, v5.16b, v7.16b, #8 \n" /* v7 is all 0's */
-        "EOR v4.16b, v4.16b, v6.16b \n"
-        "EXT v6.16b, v7.16b, v5.16b, #8 \n"
-        "EOR v3.16b, v3.16b, v6.16b \n"
-        "PMULL v5.1q, v4.1d, v8.1d  \n"
-        "EOR v4.16b, v3.16b, v5.16b \n"
-
-        "RBIT v4.16b, v4.16b \n"
-        "STR q4, [%[out]] \n"
-        : [out] "=r" (X), "=r" (Y)
-        : [inX] "0" (X), [inY] "1" (Y)
-        : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8"
+        "RBIT v0.16b, v0.16b \n"
+        "STR q0, [%[X]] \n"
+        :
+        : [X] "r" (X), [Y] "r" (Y)
+        : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5", "v6"
     );
 }
 
-
-void GHASH(Aes* aes, const byte* a, word32 aSz,
-                                const byte* c, word32 cSz, byte* s, word32 sSz)
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
+    word32 cSz, byte* s, word32 sSz)
 {
-    byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
-    word32 blocks, partial;
-    byte* h = aes->H;
-
-    XMEMSET(x, 0, AES_BLOCK_SIZE);
-
-    /* Hash in A, the Additional Authentication Data */
-    if (aSz != 0 && a != NULL) {
-        blocks = aSz / AES_BLOCK_SIZE;
-        partial = aSz % AES_BLOCK_SIZE;
-        /* do as many blocks as possible */
-        while (blocks--) {
-            xorbuf(x, a, AES_BLOCK_SIZE);
-            GMULT(x, h);
-            a += AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-            XMEMCPY(scratch, a, partial);
-            xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, h);
-        }
-    }
-
-    /* Hash in C, the Ciphertext */
-    if (cSz != 0 && c != NULL) {
-        blocks = cSz / AES_BLOCK_SIZE;
-        partial = cSz % AES_BLOCK_SIZE;
-        while (blocks--) {
-            xorbuf(x, c, AES_BLOCK_SIZE);
-            GMULT(x, h);
-            c += AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-            XMEMCPY(scratch, c, partial);
-            xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, h);
-        }
-    }
 
-    /* Hash in the lengths of A and C in bits */
-    FlattenSzInBits(&scratch[0], aSz);
-    FlattenSzInBits(&scratch[8], cSz);
-    xorbuf(x, scratch, AES_BLOCK_SIZE);
+    __asm__ __volatile__ (
+        "LD1 {v3.16b}, %[h] \n"
+        "MOVI v7.16b, #0x87 \n"
+        "EOR v0.16b, v0.16b, v0.16b \n"
+        "USHR v7.2d, v7.2d, #56 \n"
+
+        "# AAD \n"
+        "CBZ %w[aSz], 20f \n"
+        "MOV w12, %w[aSz] \n"
+
+        "CMP x12, #64 \n"
+        "BLT 15f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v11.1q, v3.2d, v3.2d \n"
+        "PMULL  v10.1q, v3.1d, v3.1d \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v11.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v4.16b, v10.16b, v11.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v10.1q, v4.1d, v3.1d \n"
+        "PMULL2 v11.1q, v4.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v4.1d, v12.1d \n"
+        "PMULL2 v12.1q, v4.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v5.16b, v10.16b, v12.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v11.1q, v4.2d, v4.2d \n"
+        "PMULL  v10.1q, v4.1d, v4.1d \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v11.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v6.16b, v10.16b, v11.16b \n"
+        "14: \n"
+        "LD1 {v10.2d-v13.2d}, [%[a]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v10.16b, v10.16b \n"
+        "RBIT v11.16b, v11.16b \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "EOR v10.16b, v10.16b, v0.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v0.1q, v13.1d, v3.1d \n"
+        "PMULL2 v1.1q, v13.2d, v3.2d \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v2.1q, v13.1d, v3.1d \n"
+        "PMULL2 v9.1q, v13.2d, v3.2d \n"
+        "EOR v2.16b, v2.16b, v9.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v8.1q, v12.1d, v4.1d \n"
+        "PMULL2 v9.1q, v12.2d, v4.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v9.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v12.16b, v9.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v8.1q, v11.1d, v5.1d \n"
+        "PMULL2 v9.1q, v11.2d, v5.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v11.16b, v11.16b, v11.16b, #8 \n"
+        "PMULL  v9.1q, v11.1d, v5.1d \n"
+        "PMULL2 v11.1q, v11.2d, v5.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v11.16b, v9.16b \n"
+#else
+        "EOR v11.16b, v11.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v11.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v8.1q, v10.1d, v6.1d \n"
+        "PMULL2 v9.1q, v10.2d, v6.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v10.16b, v10.16b, v10.16b, #8 \n"
+        "PMULL  v9.1q, v10.1d, v6.1d \n"
+        "PMULL2 v10.1q, v10.2d, v6.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v10.16b, v9.16b \n"
+#else
+        "EOR v10.16b, v10.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v10.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v9.16b, v0.16b, v1.16b, #8 \n"
+        "PMULL2 v8.1q, v1.2d, v7.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v9.16b, v9.16b, v2.16b, v8.16b \n"
+#else
+        "EOR v9.16b, v9.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v9.16b, v9.16b, v8.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v8.1q, v9.2d, v7.2d \n"
+        "MOV v0.D[1], v9.D[0] \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 14b \n"
+        "CBZ x12, 20f \n"
+        "15: \n"
+        "CMP x12, #16 \n"
+        "BLT 12f \n"
+        "11: \n"
+        "LD1 {v14.2d}, [%[a]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v14.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v14.16b \n"
+        "PMULL  v10.1q, v0.1d, v3.1d \n"
+        "PMULL2 v11.1q, v0.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v0.1d, v12.1d \n"
+        "PMULL2 v12.1q, v0.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v0.16b, v10.16b, v12.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 11b \n"
+        "CBZ x12, 120f \n"
+        "12: \n"
+        "# Partial AAD \n"
+        "EOR v14.16b, v14.16b, v14.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v14.2d}, [%[scratch]] \n"
+        "13: \n"
+        "LDRB w13, [%[a]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 13b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v14.2d}, [%[scratch]] \n"
+        "RBIT v14.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v14.16b \n"
+        "PMULL  v10.1q, v0.1d, v3.1d \n"
+        "PMULL2 v11.1q, v0.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v0.1d, v12.1d \n"
+        "PMULL2 v12.1q, v0.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v0.16b, v10.16b, v12.16b \n"
+
+        "20: \n"
+        "# Cipher Text \n"
+        "CBZ %w[cSz], 120f \n"
+        "MOV w12, %w[cSz] \n"
+
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v11.1q, v3.2d, v3.2d \n"
+        "PMULL  v10.1q, v3.1d, v3.1d \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v11.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v4.16b, v10.16b, v11.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v10.1q, v4.1d, v3.1d \n"
+        "PMULL2 v11.1q, v4.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v4.1d, v12.1d \n"
+        "PMULL2 v12.1q, v4.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v5.16b, v10.16b, v12.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v11.1q, v4.2d, v4.2d \n"
+        "PMULL  v10.1q, v4.1d, v4.1d \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v11.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v6.16b, v10.16b, v11.16b \n"
+        "114: \n"
+        "LD1 {v10.2d-v13.2d}, [%[c]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v10.16b, v10.16b \n"
+        "RBIT v11.16b, v11.16b \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "EOR v10.16b, v10.16b, v0.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v0.1q, v13.1d, v3.1d \n"
+        "PMULL2 v1.1q, v13.2d, v3.2d \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v2.1q, v13.1d, v3.1d \n"
+        "PMULL2 v9.1q, v13.2d, v3.2d \n"
+        "EOR v2.16b, v2.16b, v9.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v8.1q, v12.1d, v4.1d \n"
+        "PMULL2 v9.1q, v12.2d, v4.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v9.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v12.16b, v9.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v8.1q, v11.1d, v5.1d \n"
+        "PMULL2 v9.1q, v11.2d, v5.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v11.16b, v11.16b, v11.16b, #8 \n"
+        "PMULL  v9.1q, v11.1d, v5.1d \n"
+        "PMULL2 v11.1q, v11.2d, v5.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v11.16b, v9.16b \n"
+#else
+        "EOR v11.16b, v11.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v11.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v8.1q, v10.1d, v6.1d \n"
+        "PMULL2 v9.1q, v10.2d, v6.2d \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "EOR v1.16b, v1.16b, v9.16b \n"
+        "EXT v10.16b, v10.16b, v10.16b, #8 \n"
+        "PMULL  v9.1q, v10.1d, v6.1d \n"
+        "PMULL2 v10.1q, v10.2d, v6.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v2.16b, v2.16b, v10.16b, v9.16b \n"
+#else
+        "EOR v10.16b, v10.16b, v9.16b \n"
+        "EOR v2.16b, v2.16b, v10.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v9.16b, v0.16b, v1.16b, #8 \n"
+        "PMULL2 v8.1q, v1.2d, v7.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v9.16b, v9.16b, v2.16b, v8.16b \n"
+#else
+        "EOR v9.16b, v9.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v9.16b, v9.16b, v8.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v8.1q, v9.2d, v7.2d \n"
+        "MOV v0.D[1], v9.D[0] \n"
+        "EOR v0.16b, v0.16b, v8.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v14.2d}, [%[c]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v14.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v14.16b \n"
+        "PMULL  v10.1q, v0.1d, v3.1d \n"
+        "PMULL2 v11.1q, v0.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v0.1d, v12.1d \n"
+        "PMULL2 v12.1q, v0.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v0.16b, v10.16b, v12.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial cipher text \n"
+        "EOR v14.16b, v14.16b, v14.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v14.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[c]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v14.2d}, [%[scratch]] \n"
+        "RBIT v14.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v14.16b \n"
+        "PMULL  v10.1q, v0.1d, v3.1d \n"
+        "PMULL2 v11.1q, v0.2d, v3.2d \n"
+        "EXT v12.16b, v3.16b, v3.16b, #8 \n"
+        "PMULL  v13.1q, v0.1d, v12.1d \n"
+        "PMULL2 v12.1q, v0.2d, v12.2d \n"
+        "EOR v12.16b, v12.16b, v13.16b \n"
+        "EXT v13.16b, v10.16b, v11.16b, #8 \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "# Reduce \n"
+        "PMULL2 v12.1q, v11.2d, v7.2d \n"
+        "EOR v13.16b, v13.16b, v12.16b \n"
+        "PMULL2 v12.1q, v13.2d, v7.2d \n"
+        "MOV v10.D[1], v13.D[0] \n"
+        "EOR v0.16b, v10.16b, v12.16b \n"
+        "120: \n"
+        "RBIT v0.16b, v0.16b \n"
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[cSz], %x[cSz], #3 \n"
+        "MOV v10.D[0], %x[aSz] \n"
+        "MOV v10.D[1], %x[cSz] \n"
+        "REV64 v10.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v10.16b \n"
+        "ST1 {v0.16b}, [%[scratch]] \n"
+        : [cSz] "+r" (cSz), [c] "+r" (c), [aSz] "+r" (aSz), [a] "+r" (a)
+        : [scratch] "r" (scratch), [h] "m" (gcm->H)
+        : "cc", "memory", "w12", "w13", "x14",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14"
+    );
 
-    /* Copy the result (minus last GMULT) into s. */
-    XMEMCPY(s, x, sSz);
+    XMEMCPY(s, scratch, sSz);
 }
 
-
 #ifdef WOLFSSL_AES_128
 /* internal function : see wc_AesGcmEncrypt */
 static int Aes128GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
+    const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
 {
-    word32 blocks;
-    word32 partial;
     byte counter[AES_BLOCK_SIZE];
-    byte initialCounter[AES_BLOCK_SIZE];
-    byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
-
     /* Noticed different optimization levels treated head of array different.
-       Some cases was stack pointer plus offset others was a regester containing
-       address. To make uniform for passing in to inline assembly code am using
-       pointers to the head of each local array.
+     * Some cases was stack pointer plus offset others was a register containing
+     * address. To make uniform for passing in to inline assembly code am using
+     * pointers to the head of each local array.
      */
     byte* ctr  = counter;
-    byte* iCtr = initialCounter;
-    byte* xPt  = x;
-    byte* sPt  = scratch;
-    byte* keyPt; /* pointer to handle pointer advencment */
+    byte* keyPt = (byte*)aes->key;
 
-    XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
     if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[AES_BLOCK_SIZE - 1] = 1;
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
-        GMULT(initialCounter, aes->H);
-    }
-    XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
-    /* Hash in the Additional Authentication Data */
-    XMEMSET(x, 0, AES_BLOCK_SIZE);
-    if (authInSz != 0 && authIn != NULL) {
-        blocks = authInSz / AES_BLOCK_SIZE;
-        partial = authInSz % AES_BLOCK_SIZE;
-        /* do as many blocks as possible */
-        while (blocks--) {
-            xorbuf(x, authIn, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-            authIn += AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-            XMEMCPY(scratch, authIn, partial);
-            xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-        }
-    }
-
-    /* do as many blocks as possible */
-    blocks = sz / AES_BLOCK_SIZE;
-    partial = sz % AES_BLOCK_SIZE;
-    if (blocks > 0) {
-        keyPt  = (byte*)aes->key;
-        __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v13.2d}, [%[ctr]] \n"
-
-            "#Create vector with the value 1  \n"
-            "MOVI v14.16b, #1                 \n"
-            "USHR v14.2d, v14.2d, #56         \n"
-            "EOR v22.16b, v22.16b, v22.16b    \n"
-            "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
-            /***************************************************
-               Get first out block for GHASH using AES encrypt
-             ***************************************************/
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-            "MOV v0.16b, v13.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v16.2d}, %[inY] \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "MOVI v23.16b, #0x87 \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "USHR v23.2d, v23.2d, #56 \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b \n"
-            "EOR v0.16b, v0.16b, v11.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "MOV v15.16b, v0.16b \n"
-
-            "CBZ w11, 1f \n" /* only one block jump to final GHASH */
-
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-
-            /***************************************************
-               Interweave GHASH and encrypt if more then 1 block
-             ***************************************************/
-            "2: \n"
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "MOV v0.16b, v13.16b  \n"
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "AESE v0.16b, v10.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v0.16b, v0.16b, v11.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "MOV v15.16b, v0.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-
-            "CBZ w11, 1f \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "B 2b \n"
-
-            /***************************************************
-               GHASH on last block
-             ***************************************************/
-            "1: \n"
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
-            "#store current AES counter value \n"
-            "ST1 {v13.2d}, [%[ctrOut]] \n"
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-
-            "#Reduce product from multiplication \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-            "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
-            :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
-            ,[xOut] "=r" (xPt),"=m" (aes->H)
-            :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (in)
-            ,[inX] "4" (xPt), [inY] "m" (aes->H)
-            : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
-            ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24"
-        );
-    }
-
-    /* take care of partial block sizes leftover */
-    if (partial != 0) {
-        IncrementGcmCounter(counter);
-        wc_AesEncrypt(aes, counter, scratch);
-        xorbuf(scratch, in, partial);
-        XMEMCPY(out, scratch, partial);
-
-        XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-        XMEMCPY(scratch, out, partial);
-        xorbuf(x, scratch, AES_BLOCK_SIZE);
-        GMULT(x, aes->H);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
     }
 
-    /* Hash in the lengths of A and C in bits */
-    XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-    FlattenSzInBits(&scratch[0], authInSz);
-    FlattenSzInBits(&scratch[8], sz);
-    xorbuf(x, scratch, AES_BLOCK_SIZE);
-    XMEMCPY(scratch, x, AES_BLOCK_SIZE);
-
-    keyPt  = (byte*)aes->key;
     __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
 
-        "LD1 {v16.16b}, [%[tag]] \n"
-        "LD1 {v17.16b}, %[h] \n"
-        "RBIT v16.16b, v16.16b \n"
+        "MOV w12, %w[aSz] \n"
 
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Encrypt plaintext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v10.1d, v16.1d \n"
+        "PMULL2 v19.1q, v10.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v10.1d, v20.1d \n"
+        "PMULL2 v20.1q, v10.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v19.16b \n"
+
+        "# First encrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
         "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-        "PMULL  v18.1q, v16.1d, v17.1d \n"     /* a0 * b0 = C */
-        "PMULL2 v19.1q, v16.2d, v17.2d \n"     /* a1 * b1 = D */
         "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-        "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
-        "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-        "PMULL  v21.1q, v16.1d, v20.1d \n"     /* a0 * b1 = E */
-        "PMULL2 v20.1q, v16.2d, v20.2d \n"     /* a1 * b0 = F */
-        "LD1 {v0.2d}, [%[ctr]]             \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First encrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "EOR v27.16b, v27.16b, v11.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "EOR v28.16b, v28.16b, v11.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "EOR v29.16b, v29.16b, v11.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "EOR v30.16b, v30.16b, v11.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "EOR v27.16b, v27.16b, v11.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "EOR v28.16b, v28.16b, v11.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "EOR v29.16b, v29.16b, v11.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "EOR v30.16b, v30.16b, v11.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
 
-        "#Set a register to all 0s using EOR \n"
-        "EOR v22.16b, v22.16b, v22.16b \n"
-        "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-        "AESE v0.16b, v1.16b  \n"
+        "10: \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "# Encrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-        "AESE v0.16b, v2.16b  \n"
+        "AESE v0.16b, v2.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-        "AESE v0.16b, v3.16b  \n"
+        "AESE v0.16b, v3.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-        "MOVI v23.16b, #0x87 \n"
-        "AESE v0.16b, v4.16b  \n"
+        "AESE v0.16b, v4.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "USHR v23.2d, v23.2d, #56 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
+
+        "# When only one full block to encrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+
+        "# Interweave GHASH and encrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
         "PMULL2 v20.1q, v19.2d, v23.2d \n"
-        "AESE v0.16b, v5.16b  \n"
+        "AESE v0.16b, v7.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n"
-        "AESE v0.16b, v6.16b  \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"
-        "AESE v0.16b, v7.16b  \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v9.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-        "AESE v0.16b, v8.16b  \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "B 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"
-        "AESE v0.16b, v9.16b  \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v9.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "PMULL v20.1q, v19.1d, v23.1d  \n"
-        "EOR v19.16b, v18.16b, v20.16b \n"
         "AESE v0.16b, v10.16b \n"
-        "RBIT v19.16b, v19.16b \n"
-        "EOR v0.16b, v0.16b, v11.16b \n"
-        "EOR v19.16b, v19.16b, v0.16b \n"
-        "STR q19, [%[out]] \n"
-
-        :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
-        :[tag] "0" (sPt), [Key] "1" (keyPt),
-        [ctr] "2" (iCtr) , [h] "m" (aes->H)
-        : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
-        "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
-        "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23","v24"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "MOV x15, #16 \n"
+        "EOR w14, w14, w14 \n"
+        "SUB x15, x15, x11 \n"
+        "25: \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 25b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.2d}, [%[ctr]] \n"
+        "ST1 {v22.2d}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v15.d[0], %x[aSz] \n"
+        "MOV v15.d[1], %x[sz] \n"
+        "REV64 v15.16b, v15.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "ST1 {v0.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, %x[tagSz] \n"
+        "44: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[tag]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 44b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "41: \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
     );
 
 
-    if (authTagSz > AES_BLOCK_SIZE) {
-        XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
-    }
-    else {
-        /* authTagSz can be smaller than AES_BLOCK_SIZE */
-        XMEMCPY(authTag, scratch, authTagSz);
-    }
     return 0;
 }
 #endif /* WOLFSSL_AES_128 */
-
 #ifdef WOLFSSL_AES_192
 /* internal function : see wc_AesGcmEncrypt */
 static int Aes192GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
+    const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
 {
-    word32 blocks;
-    word32 partial;
     byte counter[AES_BLOCK_SIZE];
-    byte initialCounter[AES_BLOCK_SIZE];
-    byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
-
     /* Noticed different optimization levels treated head of array different.
-       Some cases was stack pointer plus offset others was a regester containing
-       address. To make uniform for passing in to inline assembly code am using
-       pointers to the head of each local array.
+     * Some cases was stack pointer plus offset others was a register containing
+     * address. To make uniform for passing in to inline assembly code am using
+     * pointers to the head of each local array.
      */
     byte* ctr  = counter;
-    byte* iCtr = initialCounter;
-    byte* xPt  = x;
-    byte* sPt  = scratch;
-    byte* keyPt; /* pointer to handle pointer advencment */
+    byte* keyPt = (byte*)aes->key;
 
-    XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
     if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[AES_BLOCK_SIZE - 1] = 1;
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
-        GMULT(initialCounter, aes->H);
-    }
-    XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
-    /* Hash in the Additional Authentication Data */
-    XMEMSET(x, 0, AES_BLOCK_SIZE);
-    if (authInSz != 0 && authIn != NULL) {
-        blocks = authInSz / AES_BLOCK_SIZE;
-        partial = authInSz % AES_BLOCK_SIZE;
-        /* do as many blocks as possible */
-        while (blocks--) {
-            xorbuf(x, authIn, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-            authIn += AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-            XMEMCPY(scratch, authIn, partial);
-            xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-        }
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
     }
 
-    /* do as many blocks as possible */
-    blocks = sz / AES_BLOCK_SIZE;
-    partial = sz % AES_BLOCK_SIZE;
-    if (blocks > 0) {
-        keyPt  = (byte*)aes->key;
-        __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v13.2d}, [%[ctr]] \n"
-
-            "#Create vector with the value 1  \n"
-            "MOVI v14.16b, #1                 \n"
-            "USHR v14.2d, v14.2d, #56         \n"
-            "EOR v22.16b, v22.16b, v22.16b    \n"
-            "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
-            /***************************************************
-               Get first out block for GHASH using AES encrypt
-             ***************************************************/
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-            "MOV v0.16b, v13.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v16.2d}, %[inY] \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-            "LD1 {v30.2d-v31.2d}, [%[Key]], #32\n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "MOVI v23.16b, #0x87 \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "USHR v23.2d, v23.2d, #56 \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v30.16b \n"
-            "EOR v0.16b, v0.16b, v31.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "MOV v15.16b, v0.16b \n"
-
-            "CBZ w11, 1f \n" /* only one block jump to final GHASH */
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-
-            /***************************************************
-               Interweave GHASH and encrypt if more then 1 block
-             ***************************************************/
-            "2: \n"
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "MOV v0.16b, v13.16b  \n"
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "AESE v0.16b, v30.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v0.16b, v0.16b, v31.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "MOV v15.16b, v0.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-
-            "CBZ w11, 1f \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "B 2b \n"
-
-            /***************************************************
-               GHASH on last block
-             ***************************************************/
-            "1: \n"
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
-            "#store current AES counter value \n"
-            "ST1 {v13.2d}, [%[ctrOut]] \n"
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-
-            "#Reduce product from multiplication \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-            "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
-            :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
-            ,[xOut] "=r" (xPt),"=m" (aes->H)
-            :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (in)
-            ,[inX] "4" (xPt), [inY] "m" (aes->H)
-            : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
-            ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
-            "v24","v25","v26","v27","v28","v29","v30","v31"
-        );
-    }
+    __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
 
-    /* take care of partial block sizes leftover */
-    if (partial != 0) {
-        IncrementGcmCounter(counter);
-        wc_AesEncrypt(aes, counter, scratch);
-        xorbuf(scratch, in, partial);
-        XMEMCPY(out, scratch, partial);
+        "MOV w12, %w[aSz] \n"
 
-        XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-        XMEMCPY(scratch, out, partial);
-        xorbuf(x, scratch, AES_BLOCK_SIZE);
-        GMULT(x, aes->H);
-    }
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Encrypt plaintext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v10.1d, v16.1d \n"
+        "PMULL2 v19.1q, v10.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v10.1d, v20.1d \n"
+        "PMULL2 v20.1q, v10.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v19.16b \n"
+
+        "# First encrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
+        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First encrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v12.16b \n"
+        "EOR v27.16b, v27.16b, v13.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "EOR v28.16b, v28.16b, v13.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "EOR v29.16b, v29.16b, v13.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "EOR v30.16b, v30.16b, v13.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v12.16b \n"
+        "EOR v27.16b, v27.16b, v13.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "EOR v28.16b, v28.16b, v13.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "EOR v29.16b, v29.16b, v13.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "EOR v30.16b, v30.16b, v13.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
 
-    /* Hash in the lengths of A and C in bits */
-    XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-    FlattenSzInBits(&scratch[0], authInSz);
-    FlattenSzInBits(&scratch[8], sz);
-    xorbuf(x, scratch, AES_BLOCK_SIZE);
-    XMEMCPY(scratch, x, AES_BLOCK_SIZE);
+        "10: \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "# Encrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
 
-    keyPt  = (byte*)aes->key;
-    __asm__ __volatile__ (
+        "# When only one full block to encrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
 
-        "LD1 {v16.16b}, [%[tag]] \n"
-        "LD1 {v17.16b}, %[h] \n"
-        "RBIT v16.16b, v16.16b \n"
+        "LD1 {v31.2d}, [%[input]], #16 \n"
 
-        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-        "PMULL  v18.1q, v16.1d, v17.1d \n"     /* a0 * b0 = C */
-        "PMULL2 v19.1q, v16.2d, v17.2d \n"     /* a1 * b1 = D */
-        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-        "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
-        "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-        "LD1 {v30.2d-v31.2d}, [%[Key]], #32\n"
-        "PMULL  v21.1q, v16.1d, v20.1d \n"     /* a0 * b1 = E */
-        "PMULL2 v20.1q, v16.2d, v20.2d \n"     /* a1 * b0 = F */
-        "LD1 {v0.2d}, [%[ctr]]             \n"
-
-        "#Set a register to all 0s using EOR \n"
-        "EOR v22.16b, v22.16b, v22.16b \n"
-        "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-        "AESE v0.16b, v1.16b  \n"
+        "# Interweave GHASH and encrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-        "AESE v0.16b, v2.16b  \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-        "AESE v0.16b, v3.16b  \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-        "MOVI v23.16b, #0x87 \n"
-        "AESE v0.16b, v4.16b  \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "USHR v23.2d, v23.2d, #56 \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
         "PMULL2 v20.1q, v19.2d, v23.2d \n"
-        "AESE v0.16b, v5.16b  \n"
+        "AESE v0.16b, v7.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n"
-        "AESE v0.16b, v6.16b  \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"
-        "AESE v0.16b, v7.16b  \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v9.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-        "AESE v0.16b, v8.16b  \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"
-        "AESE v0.16b, v9.16b  \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v10.16b  \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "B 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v11.16b  \n"
+        "AESE v0.16b, v2.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "PMULL v20.1q, v19.1d, v23.1d  \n"
-        "EOR v19.16b, v18.16b, v20.16b \n"
-        "AESE v0.16b, v30.16b \n"
-        "RBIT v19.16b, v19.16b \n"
-        "EOR v0.16b, v0.16b, v31.16b \n"
-        "EOR v19.16b, v19.16b, v0.16b \n"
-        "STR q19, [%[out]] \n"
-
-        :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
-        :[tag] "0" (sPt), [Key] "1" (keyPt),
-        [ctr] "2" (iCtr) , [h] "m" (aes->H)
-        : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
-        "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
-        "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23","v24"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "MOV x15, #16 \n"
+        "EOR w14, w14, w14 \n"
+        "SUB x15, x15, x11 \n"
+        "25: \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 25b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.2d}, [%[ctr]] \n"
+        "ST1 {v22.2d}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v15.d[0], %x[aSz] \n"
+        "MOV v15.d[1], %x[sz] \n"
+        "REV64 v15.16b, v15.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "ST1 {v0.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, %x[tagSz] \n"
+        "44: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[tag]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 44b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "41: \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
     );
 
 
-    if (authTagSz > AES_BLOCK_SIZE) {
-        XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
-    }
-    else {
-        /* authTagSz can be smaller than AES_BLOCK_SIZE */
-        XMEMCPY(authTag, scratch, authTagSz);
-    }
-
     return 0;
 }
 #endif /* WOLFSSL_AES_192 */
-
 #ifdef WOLFSSL_AES_256
 /* internal function : see wc_AesGcmEncrypt */
 static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
+    const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
 {
-    word32 blocks;
-    word32 partial;
     byte counter[AES_BLOCK_SIZE];
-    byte initialCounter[AES_BLOCK_SIZE];
-    byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
-
     /* Noticed different optimization levels treated head of array different.
-       Some cases was stack pointer plus offset others was a regester containing
-       address. To make uniform for passing in to inline assembly code am using
-       pointers to the head of each local array.
+     * Some cases was stack pointer plus offset others was a register containing
+     * address. To make uniform for passing in to inline assembly code am using
+     * pointers to the head of each local array.
      */
     byte* ctr  = counter;
-    byte* iCtr = initialCounter;
-    byte* xPt  = x;
-    byte* sPt  = scratch;
-    byte* keyPt; /* pointer to handle pointer advencment */
+    byte* keyPt = (byte*)aes->key;
 
-    XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
     if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[AES_BLOCK_SIZE - 1] = 1;
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
-        GMULT(initialCounter, aes->H);
-    }
-    XMEMCPY(counter, initialCounter, AES_BLOCK_SIZE);
-
-
-    /* Hash in the Additional Authentication Data */
-    XMEMSET(x, 0, AES_BLOCK_SIZE);
-    if (authInSz != 0 && authIn != NULL) {
-        blocks = authInSz / AES_BLOCK_SIZE;
-        partial = authInSz % AES_BLOCK_SIZE;
-        /* do as many blocks as possible */
-        while (blocks--) {
-            xorbuf(x, authIn, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-            authIn += AES_BLOCK_SIZE;
-        }
-        if (partial != 0) {
-            XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-            XMEMCPY(scratch, authIn, partial);
-            xorbuf(x, scratch, AES_BLOCK_SIZE);
-            GMULT(x, aes->H);
-        }
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
     }
 
-    /* do as many blocks as possible */
-    blocks = sz / AES_BLOCK_SIZE;
-    partial = sz % AES_BLOCK_SIZE;
-    if (blocks > 0) {
-        keyPt  = (byte*)aes->key;
-        __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v13.2d}, [%[ctr]] \n"
-
-            "#Create vector with the value 1  \n"
-            "MOVI v14.16b, #1                 \n"
-            "USHR v14.2d, v14.2d, #56         \n"
-            "EOR v22.16b, v22.16b, v22.16b    \n"
-            "EXT v14.16b, v14.16b, v22.16b, #8\n"
-
-
-            /***************************************************
-               Get first out block for GHASH using AES encrypt
-             ***************************************************/
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-            "MOV v0.16b, v13.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v16.2d}, %[inY] \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-            "LD1 {v28.2d-v31.2d}, [%[Key]], #64\n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "MOVI v23.16b, #0x87 \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v17.2d}, [%[inX]] \n" /* account for additional data */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "USHR v23.2d, v23.2d, #56 \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v28.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v29.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v30.16b \n"
-            "EOR v0.16b, v0.16b, v31.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "MOV v15.16b, v0.16b \n"
-
-            "CBZ w11, 1f \n" /* only one block jump to final GHASH */
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-
-            /***************************************************
-               Interweave GHASH and encrypt if more then 1 block
-             ***************************************************/
-            "2: \n"
-            "REV64 v13.16b, v13.16b \n" /* network order */
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "ADD v13.4s, v13.4s, v14.4s \n" /* add 1 to counter */
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block (c) */
-            "EXT v13.16b, v13.16b, v13.16b, #8 \n"
-            "REV64 v13.16b, v13.16b \n" /* revert from network order */
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "MOV v0.16b, v13.16b  \n"
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v28.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v29.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "AESE v0.16b, v30.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v0.16b, v0.16b, v31.16b \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-
-            "EOR v0.16b, v0.16b, v12.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "MOV v15.16b, v0.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-
-            "CBZ w11, 1f \n"
-            "LD1 {v12.2d}, [%[input]], #16 \n"
-            "B 2b \n"
-
-            /***************************************************
-               GHASH on last block
-             ***************************************************/
-            "1: \n"
-            "EOR v15.16b, v17.16b, v15.16b \n"
-            "RBIT v15.16b, v15.16b \n" /* v15 is encrypted out block */
-
-            "#store current AES counter value \n"
-            "ST1 {v13.2d}, [%[ctrOut]] \n"
-            "PMULL  v18.1q, v15.1d, v16.1d \n"     /* a0 * b0 = C */
-            "PMULL2 v19.1q, v15.2d, v16.2d \n"     /* a1 * b1 = D */
-            "EXT v20.16b, v16.16b, v16.16b, #8 \n" /* b0b1 -> b1b0 */
-            "PMULL  v21.1q, v15.1d, v20.1d \n"     /* a0 * b1 = E */
-            "PMULL2 v20.1q, v15.2d, v20.2d \n"     /* a1 * b0 = F */
-            "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-            "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-            "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-
-            "#Reduce product from multiplication \n"
-            "PMULL2 v20.1q, v19.2d, v23.2d \n"
-            "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* v22 is all 0's */
-            "EOR v19.16b, v19.16b, v21.16b \n"
-            "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-            "EOR v18.16b, v18.16b, v21.16b \n"
-            "PMULL v20.1q, v19.1d, v23.1d  \n"
-            "EOR v19.16b, v18.16b, v20.16b \n"
-            "RBIT v17.16b, v19.16b \n"
-            "STR q17, [%[xOut]] \n" /* GHASH x value for partial blocks */
-
-            :[out] "=r" (out), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (in)
-            ,[xOut] "=r" (xPt),"=m" (aes->H)
-            :"0" (out), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (in)
-            ,[inX] "4" (xPt), [inY] "m" (aes->H)
-            : "cc", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
-            ,"v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24"
-        );
-    }
+    __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
 
-    /* take care of partial block sizes leftover */
-    if (partial != 0) {
-        IncrementGcmCounter(counter);
-        wc_AesEncrypt(aes, counter, scratch);
-        xorbuf(scratch, in, partial);
-        XMEMCPY(out, scratch, partial);
+        "MOV w12, %w[aSz] \n"
 
-        XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-        XMEMCPY(scratch, out, partial);
-        xorbuf(x, scratch, AES_BLOCK_SIZE);
-        GMULT(x, aes->H);
-    }
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Encrypt plaintext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v10.1d, v16.1d \n"
+        "PMULL2 v19.1q, v10.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v10.1d, v20.1d \n"
+        "PMULL2 v20.1q, v10.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v19.16b \n"
+
+        "# First encrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #192] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #208] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #192] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #208] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v12.16b, v12.16b, v5.16b \n"
+        "EOR v13.16b, v13.16b, v6.16b \n"
+        "EOR v14.16b, v14.16b, v7.16b \n"
+        "EOR v15.16b, v15.16b, v8.16b \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "ST1 {v12.2d-v15.2d}, [%[out]], #64 \n \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v9.1d \n"
+        "PMULL2 v3.1q, v15.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v9.1d \n"
+        "PMULL2 v15.1q, v15.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v10.1d \n"
+        "PMULL2 v3.1q, v14.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v10.1d \n"
+        "PMULL2 v14.1q, v14.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v11.1d \n"
+        "PMULL2 v3.1q, v13.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v11.1d \n"
+        "PMULL2 v13.1q, v13.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v4.1d \n"
+        "PMULL2 v3.1q, v12.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v4.1d \n"
+        "PMULL2 v12.1q, v12.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
+        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First encrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v12.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+        "AESE v27.16b, v13.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v13.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v13.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v13.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v14.16b \n"
+        "EOR v27.16b, v27.16b, v15.16b \n"
+        "AESE v28.16b, v14.16b \n"
+        "EOR v28.16b, v28.16b, v15.16b \n"
+        "AESE v29.16b, v14.16b \n"
+        "EOR v29.16b, v29.16b, v15.16b \n"
+        "AESE v30.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v12.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+        "AESE v27.16b, v13.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v13.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v13.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v13.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v14.16b \n"
+        "EOR v27.16b, v27.16b, v15.16b \n"
+        "AESE v28.16b, v14.16b \n"
+        "EOR v28.16b, v28.16b, v15.16b \n"
+        "AESE v29.16b, v14.16b \n"
+        "EOR v29.16b, v29.16b, v15.16b \n"
+        "AESE v30.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+
+        "# XOR in input \n"
+        "EOR v18.16b, v18.16b, v27.16b \n"
+        "EOR v19.16b, v19.16b, v28.16b \n"
+        "EOR v20.16b, v20.16b, v29.16b \n"
+        "EOR v21.16b, v21.16b, v30.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v18.2d-v21.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
 
-    /* Hash in the lengths of A and C in bits */
-    XMEMSET(scratch, 0, AES_BLOCK_SIZE);
-    FlattenSzInBits(&scratch[0], authInSz);
-    FlattenSzInBits(&scratch[8], sz);
-    xorbuf(x, scratch, AES_BLOCK_SIZE);
-    XMEMCPY(scratch, x, AES_BLOCK_SIZE);
+        "10: \n"
+        "SUB %[Key], %[Key], #32 \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "# Encrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+        "SUB %[Key], %[Key], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
 
-    keyPt  = (byte*)aes->key;
-    __asm__ __volatile__ (
+        "# When only one full block to encrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
 
-        "LD1 {v16.16b}, [%[tag]] \n"
-        "LD1 {v17.16b}, %[h] \n"
-        "RBIT v16.16b, v16.16b \n"
+        "LD1 {v31.2d}, [%[input]], #16 \n"
 
-        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
-        "PMULL  v18.1q, v16.1d, v17.1d \n"     /* a0 * b0 = C */
-        "PMULL2 v19.1q, v16.2d, v17.2d \n"     /* a1 * b1 = D */
-        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
-        "EXT v20.16b, v17.16b, v17.16b, #8 \n" /* b0b1 -> b1b0 */
-        "LD1 {v9.2d-v11.2d}, [%[Key]], #48\n"
-        "LD1 {v28.2d-v31.2d}, [%[Key]], #64\n"
-        "PMULL  v21.1q, v16.1d, v20.1d \n"     /* a0 * b1 = E */
-        "PMULL2 v20.1q, v16.2d, v20.2d \n"     /* a1 * b0 = F */
-        "LD1 {v0.2d}, [%[ctr]]             \n"
-
-        "#Set a register to all 0s using EOR \n"
-        "EOR v22.16b, v22.16b, v22.16b \n"
-        "EOR v20.16b, v20.16b, v21.16b \n"     /* F ^ E */
-        "AESE v0.16b, v1.16b  \n"
+        "# Interweave GHASH and encrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n" /* get (F^E)[0] */
-        "AESE v0.16b, v2.16b  \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"     /* low 128 bits in v3 */
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n" /* get (F^E)[1] */
-        "AESE v0.16b, v3.16b  \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"     /* high 128 bits in v4 */
-        "MOVI v23.16b, #0x87 \n"
-        "AESE v0.16b, v4.16b  \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "USHR v23.2d, v23.2d, #56 \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
         "PMULL2 v20.1q, v19.2d, v23.2d \n"
-        "AESE v0.16b, v5.16b  \n"
+        "AESE v0.16b, v7.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v20.16b, v22.16b, #8 \n"
-        "AESE v0.16b, v6.16b  \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v19.16b, v19.16b, v21.16b \n"
-        "AESE v0.16b, v7.16b  \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v9.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EXT v21.16b, v22.16b, v20.16b, #8 \n"
-        "AESE v0.16b, v8.16b  \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "EOR v18.16b, v18.16b, v21.16b \n"
-        "AESE v0.16b, v9.16b  \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v10.16b  \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+        "AESE v0.16b, v12.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v11.16b  \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+        "SUB %[Key], %[Key], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[out]], #16 \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "LD1 {v31.2d}, [%[input]], #16 \n"
+        "B 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v28.16b  \n"
+        "AESE v0.16b, v2.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "AESE v0.16b, v29.16b  \n"
+        "AESE v0.16b, v3.16b \n"
         "AESMC v0.16b, v0.16b \n"
-        "PMULL v20.1q, v19.1d, v23.1d  \n"
-        "EOR v19.16b, v18.16b, v20.16b \n"
-        "AESE v0.16b, v30.16b \n"
-        "RBIT v19.16b, v19.16b \n"
-        "EOR v0.16b, v0.16b, v31.16b \n"
-        "EOR v19.16b, v19.16b, v0.16b \n"
-        "STR q19, [%[out]] \n"
-
-        :[out] "=r" (sPt), "=r" (keyPt), "=r" (iCtr)
-        :[tag] "0" (sPt), [Key] "1" (keyPt),
-        [ctr] "2" (iCtr) , [h] "m" (aes->H)
-        : "cc", "memory", "v0", "v1", "v2", "v3", "v4", "v5",
-        "v6", "v7", "v8", "v9", "v10","v11","v12","v13","v14",
-        "v15", "v16", "v17","v18", "v19", "v20","v21","v22","v23",
-        "v24","v25","v26","v27","v28","v29","v30","v31"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+        "SUB %[Key], %[Key], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v15.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "MOV x15, #16 \n"
+        "EOR w14, w14, w14 \n"
+        "SUB x15, x15, x11 \n"
+        "25: \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 25b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.2d}, [%[ctr]] \n"
+        "ST1 {v22.2d}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v15.d[0], %x[aSz] \n"
+        "MOV v15.d[1], %x[sz] \n"
+        "REV64 v15.16b, v15.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v12.2d, v13.2d}, [%[Key]] \n"
+        "SUB %[Key], %[Key], #32 \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "ST1 {v0.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, %x[tagSz] \n"
+        "44: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[tag]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 44b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "41: \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
     );
 
 
-    if (authTagSz > AES_BLOCK_SIZE) {
-        XMEMCPY(authTag, scratch, AES_BLOCK_SIZE);
-    }
-    else {
-        /* authTagSz can be smaller than AES_BLOCK_SIZE */
-        XMEMCPY(authTag, scratch, authTagSz);
-    }
-
     return 0;
 }
 #endif /* WOLFSSL_AES_256 */
 
-
 /* aarch64 with PMULL and PMULL2
  * Encrypt and tag data using AES with GCM mode.
  * aes: Aes structure having already been set with set key function
@@ -2585,20 +7199,17 @@ static int Aes256GcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
  * Algorithm 5
  */
 int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
+    const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
 {
     /* sanity checks */
-    if (aes == NULL || (iv == NULL && ivSz > 0) ||
-                       (authTag == NULL) ||
-                       (authIn == NULL && authInSz > 0) ||
-                       (ivSz == 0)) {
+    if ((aes == NULL) || (iv == NULL && ivSz > 0) || (authTag == NULL) ||
+            ((authIn == NULL) && (authInSz > 0)) || (ivSz == 0)) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }
 
-    if (authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ || authTagSz > AES_BLOCK_SIZE) {
+    if ((authTagSz < WOLFSSL_MIN_AUTH_TAG_SZ) || (authTagSz > AES_BLOCK_SIZE)) {
         WOLFSSL_MSG("GcmEncrypt authTagSz error");
         return BAD_FUNC_ARG;
     }
@@ -2625,8 +7236,5315 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     }
 }
 
-
 #ifdef HAVE_AES_DECRYPT
+#ifdef WOLFSSL_AES_128
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes128GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+    const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
+{
+    byte counter[AES_BLOCK_SIZE];
+    byte scratch[AES_BLOCK_SIZE];
+    byte *ctr = counter;
+    byte* keyPt = (byte*)aes->key;
+    int ret = 0;
+
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
+    if (ivSz == GCM_NONCE_MID_SZ) {
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
+    }
+    else {
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
+    }
+
+    __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
+
+        "MOV w12, %w[aSz] \n"
+
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Decrypt ciphertext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v9.1d, v16.1d \n"
+        "PMULL2 v19.1q, v9.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v9.1d, v20.1d \n"
+        "PMULL2 v20.1q, v9.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v19.16b \n"
+
+        "# First decrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
+        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First decrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "EOR v27.16b, v27.16b, v11.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "EOR v28.16b, v28.16b, v11.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "EOR v29.16b, v29.16b, v11.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "EOR v30.16b, v30.16b, v11.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "EOR v27.16b, v27.16b, v11.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "EOR v28.16b, v28.16b, v11.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "EOR v29.16b, v29.16b, v11.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "EOR v30.16b, v30.16b, v11.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+
+        "10: \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "# Decrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+
+        "# When only one full block to decrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "# Interweave GHASH and decrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+        "CMP w11, #16 \n"
+        "BGE 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "RBIT v31.16b, v31.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v31.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "RBIT v31.16b, v31.16b \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "EOR v0.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.16b}, [%[ctr]] \n"
+        "ST1 {v22.16b}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v28.d[0], %x[aSz] \n"
+        "MOV v28.d[1], %x[sz] \n"
+        "REV64 v28.16b, v28.16b \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "EOR v0.16b, v0.16b, v11.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "LD1 {v1.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "EOR v1.16b, v1.16b, v1.16b \n"
+        "MOV x15, %x[tagSz] \n"
+        "ST1 {v1.2d}, [%[scratch]] \n"
+        "43: \n"
+        "LDRB w14, [%[tag]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 43b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "LD1 {v1.2d}, [%[scratch]] \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV w14, #16 \n"
+        "SUB w14, w14, %w[tagSz] \n"
+        "ADD %[scratch], %[scratch], %x[tagSz] \n"
+        "44: \n"
+        "STRB wzr, [%[scratch]], #1 \n"
+        "SUB w14, w14, #1 \n"
+        "CBNZ w14, 44b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v0.2d}, [%[scratch]] \n"
+        "41: \n"
+        "EOR v0.16b, v0.16b, v1.16b \n"
+        "MOV v1.D[0], v0.D[1] \n"
+        "EOR v0.8b, v0.8b, v1.8b \n"
+        "MOV %x[ret], v0.D[0] \n"
+        "CMP %x[ret], #0 \n"
+        "MOV w11, #-180 \n"
+        "CSETM %w[ret], ne \n"
+        "AND %w[ret], %w[ret], w11 \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+          [ret] "+r" (ret)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+    );
+
+    return ret;
+}
+#endif /* WOLFSSL_AES_128 */
+#ifdef WOLFSSL_AES_192
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes192GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+    const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
+{
+    byte counter[AES_BLOCK_SIZE];
+    byte scratch[AES_BLOCK_SIZE];
+    byte *ctr = counter;
+    byte* keyPt = (byte*)aes->key;
+    int ret = 0;
+
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
+    if (ivSz == GCM_NONCE_MID_SZ) {
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
+    }
+    else {
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
+    }
+
+    __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
+
+        "MOV w12, %w[aSz] \n"
+
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Decrypt ciphertext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v9.1d, v16.1d \n"
+        "PMULL2 v19.1q, v9.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v9.1d, v20.1d \n"
+        "PMULL2 v20.1q, v9.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v19.16b \n"
+
+        "# First decrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
+        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First decrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v12.16b \n"
+        "EOR v27.16b, v27.16b, v13.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "EOR v28.16b, v28.16b, v13.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "EOR v29.16b, v29.16b, v13.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "EOR v30.16b, v30.16b, v13.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v12.16b \n"
+        "EOR v27.16b, v27.16b, v13.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "EOR v28.16b, v28.16b, v13.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "EOR v29.16b, v29.16b, v13.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "EOR v30.16b, v30.16b, v13.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+
+        "10: \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "# Decrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+
+        "# When only one full block to decrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "# Interweave GHASH and decrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+        "CMP w11, #16 \n"
+        "BGE 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "RBIT v31.16b, v31.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v31.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "RBIT v31.16b, v31.16b \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "EOR v0.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.16b}, [%[ctr]] \n"
+        "ST1 {v22.16b}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v28.d[0], %x[aSz] \n"
+        "MOV v28.d[1], %x[sz] \n"
+        "REV64 v28.16b, v28.16b \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "EOR v0.16b, v0.16b, v13.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "LD1 {v1.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "EOR v1.16b, v1.16b, v1.16b \n"
+        "MOV x15, %x[tagSz] \n"
+        "ST1 {v1.2d}, [%[scratch]] \n"
+        "43: \n"
+        "LDRB w14, [%[tag]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 43b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "LD1 {v1.2d}, [%[scratch]] \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV w14, #16 \n"
+        "SUB w14, w14, %w[tagSz] \n"
+        "ADD %[scratch], %[scratch], %x[tagSz] \n"
+        "44: \n"
+        "STRB wzr, [%[scratch]], #1 \n"
+        "SUB w14, w14, #1 \n"
+        "CBNZ w14, 44b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v0.2d}, [%[scratch]] \n"
+        "41: \n"
+        "EOR v0.16b, v0.16b, v1.16b \n"
+        "MOV v1.D[0], v0.D[1] \n"
+        "EOR v0.8b, v0.8b, v1.8b \n"
+        "MOV %x[ret], v0.D[0] \n"
+        "CMP %x[ret], #0 \n"
+        "MOV w11, #-180 \n"
+        "CSETM %w[ret], ne \n"
+        "AND %w[ret], %w[ret], w11 \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+          [ret] "+r" (ret)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+    );
+
+    return ret;
+}
+#endif /* WOLFSSL_AES_192 */
+#ifdef WOLFSSL_AES_256
+/* internal function : see wc_AesGcmDecrypt */
+static int Aes256GcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+    const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
+{
+    byte counter[AES_BLOCK_SIZE];
+    byte scratch[AES_BLOCK_SIZE];
+    byte *ctr = counter;
+    byte* keyPt = (byte*)aes->key;
+    int ret = 0;
+
+    XMEMSET(counter, 0, AES_BLOCK_SIZE);
+    if (ivSz == GCM_NONCE_MID_SZ) {
+        XMEMCPY(counter, iv, GCM_NONCE_MID_SZ);
+        counter[AES_BLOCK_SIZE - 1] = 1;
+    }
+    else {
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
+    }
+
+    __asm__ __volatile__ (
+        "LD1 {v16.16b}, %[h] \n"
+        "# v23 = 0x00000000000000870000000000000087 reflected 0xe1.... \n"
+        "MOVI v23.16b, #0x87 \n"
+        "EOR v17.16b, v17.16b, v17.16b \n"
+        "USHR v23.2d, v23.2d, #56 \n"
+        "CBZ %w[aSz], 120f \n"
+
+        "MOV w12, %w[aSz] \n"
+
+        "# GHASH AAD \n"
+        "CMP x12, #64 \n"
+        "BLT 115f \n"
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "114: \n"
+        "LD1 {v18.2d-v21.2d}, [%[aad]], #64 \n"
+        "SUB x12, x12, #64 \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v30.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v30.16b, #8 \n"
+        "PMULL2 v14.1q, v30.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "CMP x12, #64 \n"
+        "BGE 114b \n"
+        "CBZ x12, 120f \n"
+        "115: \n"
+        "CMP x12, #16 \n"
+        "BLT 112f \n"
+        "111: \n"
+        "LD1 {v15.2d}, [%[aad]], #16 \n"
+        "SUB x12, x12, #16 \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "CMP x12, #16 \n"
+        "BGE 111b \n"
+        "CBZ x12, 120f \n"
+        "112: \n"
+        "# Partial AAD \n"
+        "EOR v15.16b, v15.16b, v15.16b \n"
+        "MOV x14, x12 \n"
+        "ST1 {v15.2d}, [%[scratch]] \n"
+        "113: \n"
+        "LDRB w13, [%[aad]], #1 \n"
+        "STRB w13, [%[scratch]], #1 \n"
+        "SUB x14, x14, #1 \n"
+        "CBNZ x14, 113b \n"
+        "SUB %[scratch], %[scratch], x12 \n"
+        "LD1 {v15.2d}, [%[scratch]] \n"
+        "RBIT v15.16b, v15.16b \n"
+        "EOR v17.16b, v17.16b, v15.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "120: \n"
+
+        "# Decrypt ciphertext and GHASH ciphertext \n"
+        "LDR w12, [%[ctr], #12] \n"
+        "MOV w11, %w[sz] \n"
+        "REV w12, w12 \n"
+        "CMP w11, #64 \n"
+        "BLT 80f \n"
+        "CMP %w[aSz], #64 \n"
+        "BGE 82f \n"
+
+        "# Calculate H^[1-4] - GMULT partials \n"
+        "# Square H => H^2 \n"
+        "PMULL2 v19.1q, v16.2d, v16.2d \n"
+        "PMULL  v18.1q, v16.1d, v16.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v24.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^2 => H^3 \n"
+        "PMULL  v18.1q, v24.1d, v16.1d \n"
+        "PMULL2 v19.1q, v24.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v24.1d, v20.1d \n"
+        "PMULL2 v20.1q, v24.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v25.16b, v18.16b, v20.16b \n"
+        "# Square H^2 => H^4 \n"
+        "PMULL2 v19.1q, v24.2d, v24.2d \n"
+        "PMULL  v18.1q, v24.1d, v24.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v26.16b, v18.16b, v19.16b \n"
+        "82: \n"
+        "# Should we do 8 blocks at a time? \n"
+        "CMP w11, #512 \n"
+        "BLT 80f \n"
+
+        "# Calculate H^[5-8] - GMULT partials \n"
+        "# Multiply H and H^4 => H^5 \n"
+        "PMULL  v18.1q, v26.1d, v16.1d \n"
+        "PMULL2 v19.1q, v26.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v26.1d, v20.1d \n"
+        "PMULL2 v20.1q, v26.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v4.16b, v18.16b, v20.16b \n"
+        "# Square H^3 - H^6 \n"
+        "PMULL2 v19.1q, v25.2d, v25.2d \n"
+        "PMULL  v18.1q, v25.1d, v25.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v9.16b, v18.16b, v19.16b \n"
+        "# Multiply H and H^6 => H^7 \n"
+        "PMULL  v18.1q, v9.1d, v16.1d \n"
+        "PMULL2 v19.1q, v9.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v9.1d, v20.1d \n"
+        "PMULL2 v20.1q, v9.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v10.16b, v18.16b, v20.16b \n"
+        "# Square H^4 => H^8 \n"
+        "PMULL2 v19.1q, v26.2d, v26.2d \n"
+        "PMULL  v18.1q, v26.1d, v26.1d \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v19.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v11.16b, v18.16b, v19.16b \n"
+
+        "# First decrypt - no GHASH \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #192] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #208] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "81: \n"
+        "LDR q1, [%[Key]] \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "LD1 {v5.2d}, [%[ctr]] \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v6.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v7.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v8.16b, v5.16b \n"
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w15, w15 \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "REV w13, w13 \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "REV w16, w12 \n"
+        "MOV v5.S[3], w15 \n"
+        "MOV v6.S[3], w14 \n"
+        "MOV v7.S[3], w13 \n"
+        "MOV v8.S[3], w16 \n"
+        "# Calculate next 4 counters (+5-8) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v5.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v5.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v5.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v5.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "REV w15, w15 \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "REV w14, w14 \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "REV w13, w13 \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 8 counters \n"
+        "LDR q22, [%[Key], #16] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "LDR q1, [%[Key], #32] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "LDR q22, [%[Key], #48] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "LDR q1, [%[Key], #64] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+        "LDR q22, [%[Key], #80] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #128 \n"
+        "LDR q1, [%[Key], #96] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #112] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #128] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #144] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #160] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q22, [%[Key], #176] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LDR q1, [%[Key], #192] \n"
+        "AESE v5.16b, v22.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v12.2d-v15.2d}, [%[input]], #64 \n"
+        "LDP q22, q31, [%[Key], #208] \n"
+        "AESE v5.16b, v1.16b \n"
+        "AESMC v5.16b, v5.16b \n"
+        "AESE v6.16b, v1.16b \n"
+        "AESMC v6.16b, v6.16b \n"
+        "AESE v7.16b, v1.16b \n"
+        "AESMC v7.16b, v7.16b \n"
+        "AESE v8.16b, v1.16b \n"
+        "AESMC v8.16b, v8.16b \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v5.16b, v22.16b \n"
+        "EOR v5.16b, v5.16b, v31.16b \n"
+        "AESE v6.16b, v22.16b \n"
+        "EOR v6.16b, v6.16b, v31.16b \n"
+        "AESE v7.16b, v22.16b \n"
+        "EOR v7.16b, v7.16b, v31.16b \n"
+        "AESE v8.16b, v22.16b \n"
+        "EOR v8.16b, v8.16b, v31.16b \n"
+        "AESE v27.16b, v22.16b \n"
+        "EOR v27.16b, v27.16b, v31.16b \n"
+        "AESE v28.16b, v22.16b \n"
+        "EOR v28.16b, v28.16b, v31.16b \n"
+        "AESE v29.16b, v22.16b \n"
+        "EOR v29.16b, v29.16b, v31.16b \n"
+        "AESE v30.16b, v22.16b \n"
+        "EOR v30.16b, v30.16b, v31.16b \n"
+
+        "# XOR in input \n"
+        "EOR v5.16b, v5.16b, v12.16b \n"
+        "EOR v6.16b, v6.16b, v13.16b \n"
+        "EOR v7.16b, v7.16b, v14.16b \n"
+        "EOR v8.16b, v8.16b, v15.16b \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "ST1 {v5.2d-v8.2d}, [%[out]], #64 \n \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+
+        "CMP w11, #128 \n"
+        "BGE 81b \n"
+
+        "# GHASH - 8 blocks \n"
+        "RBIT v12.16b, v12.16b \n"
+        "RBIT v13.16b, v13.16b \n"
+        "RBIT v14.16b, v14.16b \n"
+        "RBIT v15.16b, v15.16b \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v12.16b, v12.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v3.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v3.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v2.1q, v20.1d, v24.1d \n"
+        "PMULL2 v3.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v3.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v3.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v2.1q, v19.1d, v25.1d \n"
+        "PMULL2 v3.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v3.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v3.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v2.1q, v18.1d, v26.1d \n"
+        "PMULL2 v3.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v3.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v3.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^5 \n"
+        "PMULL  v2.1q, v15.1d, v4.1d \n"
+        "PMULL2 v3.1q, v15.2d, v4.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v15.16b, v15.16b, v15.16b, #8 \n"
+        "PMULL  v3.1q, v15.1d, v4.1d \n"
+        "PMULL2 v15.1q, v15.2d, v4.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v15.16b, v3.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^6 \n"
+        "PMULL  v2.1q, v14.1d, v9.1d \n"
+        "PMULL2 v3.1q, v14.2d, v9.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v14.16b, v14.16b, v14.16b, #8 \n"
+        "PMULL  v3.1q, v14.1d, v9.1d \n"
+        "PMULL2 v14.1q, v14.2d, v9.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v14.16b, v3.16b \n"
+#else
+        "EOR v14.16b, v14.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^7 \n"
+        "PMULL  v2.1q, v13.1d, v10.1d \n"
+        "PMULL2 v3.1q, v13.2d, v10.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v13.16b, v13.16b, v13.16b, #8 \n"
+        "PMULL  v3.1q, v13.1d, v10.1d \n"
+        "PMULL2 v13.1q, v13.2d, v10.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v13.16b, v3.16b \n"
+#else
+        "EOR v13.16b, v13.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v13.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^8 \n"
+        "PMULL  v2.1q, v12.1d, v11.1d \n"
+        "PMULL2 v3.1q, v12.2d, v11.2d \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+        "EOR v0.16b, v0.16b, v3.16b \n"
+        "EXT v12.16b, v12.16b, v12.16b, #8 \n"
+        "PMULL  v3.1q, v12.1d, v11.1d \n"
+        "PMULL2 v12.1q, v12.2d, v11.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v12.16b, v3.16b \n"
+#else
+        "EOR v12.16b, v12.16b, v3.16b \n"
+        "EOR v31.16b, v31.16b, v12.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v3.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v2.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v3.16b, v3.16b, v31.16b, v2.16b \n"
+#else
+        "EOR v3.16b, v3.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v3.16b, v3.16b, v2.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v2.1q, v3.2d, v23.2d \n"
+        "MOV v17.D[1], v3.D[0] \n"
+        "EOR v17.16b, v17.16b, v2.16b \n"
+
+        "80: \n"
+        "LD1 {v22.2d}, [%[ctr]] \n"
+        "LD1 {v1.2d-v4.2d}, [%[Key]], #64 \n"
+        "LD1 {v5.2d-v8.2d}, [%[Key]], #64 \n"
+        "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
+        "LD1 {v12.2d-v13.2d}, [%[Key]], #32 \n"
+        "LD1 {v14.2d-v15.2d}, [%[Key]] \n"
+        "# Can we do 4 blocks at a time? \n"
+        "CMP w11, #64 \n"
+        "BLT 10f \n"
+
+        "# First decrypt - no GHASH \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "REV w15, w15 \n"
+        "REV w14, w14 \n"
+        "REV w13, w13 \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v12.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+        "AESE v27.16b, v13.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v13.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v13.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v13.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v14.16b \n"
+        "EOR v27.16b, v27.16b, v15.16b \n"
+        "AESE v28.16b, v14.16b \n"
+        "EOR v28.16b, v28.16b, v15.16b \n"
+        "AESE v29.16b, v14.16b \n"
+        "EOR v29.16b, v29.16b, v15.16b \n"
+        "AESE v30.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BLT 12f \n"
+
+        "11: \n"
+        "# Calculate next 4 counters (+1-4) \n"
+        "ADD w15, w12, #1 \n"
+        "MOV v27.16b, v22.16b \n"
+        "ADD w14, w12, #2 \n"
+        "MOV v28.16b, v22.16b \n"
+        "ADD w13, w12, #3 \n"
+        "MOV v29.16b, v22.16b \n"
+        "ADD w12, w12, #4 \n"
+        "MOV v30.16b, v22.16b \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "REV w15, w15 \n"
+        "RBIT v19.16b, v19.16b \n"
+        "REV w14, w14 \n"
+        "RBIT v20.16b, v20.16b \n"
+        "REV w13, w13 \n"
+        "RBIT v21.16b, v21.16b \n"
+        "REV w16, w12 \n"
+        "MOV v27.S[3], w15 \n"
+        "MOV v28.S[3], w14 \n"
+        "MOV v29.S[3], w13 \n"
+        "MOV v30.S[3], w16 \n"
+
+        "# Encrypt 4 counters \n"
+        "AESE v27.16b, v1.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "AESE v28.16b, v1.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "AESE v29.16b, v1.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "AESE v30.16b, v1.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "AESE v27.16b, v2.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "AESE v28.16b, v2.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "AESE v29.16b, v2.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v30.16b, v2.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "AESE v27.16b, v3.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+        "AESE v28.16b, v3.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v29.16b, v3.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "AESE v30.16b, v3.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v27.16b, v4.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "AESE v28.16b, v4.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+        "AESE v29.16b, v4.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v4.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "AESE v27.16b, v5.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "AESE v28.16b, v5.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "AESE v29.16b, v5.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+        "AESE v30.16b, v5.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "SUB w11, w11, #64 \n"
+        "AESE v27.16b, v6.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "AESE v28.16b, v6.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+        "AESE v29.16b, v6.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v30.16b, v6.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "AESE v27.16b, v7.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "AESE v28.16b, v7.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "AESE v29.16b, v7.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v7.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v8.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v8.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v8.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v8.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v9.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v9.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v9.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v9.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v10.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v10.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v10.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v10.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v11.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v11.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v11.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v11.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "# Load plaintext \n"
+        "LD1 {v18.2d-v21.2d}, [%[input]], #64 \n"
+        "AESE v27.16b, v12.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v12.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v12.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v12.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+        "AESE v27.16b, v13.16b \n"
+        "AESMC v27.16b, v27.16b \n"
+        "AESE v28.16b, v13.16b \n"
+        "AESMC v28.16b, v28.16b \n"
+        "AESE v29.16b, v13.16b \n"
+        "AESMC v29.16b, v29.16b \n"
+        "AESE v30.16b, v13.16b \n"
+        "AESMC v30.16b, v30.16b \n"
+        "AESE v27.16b, v14.16b \n"
+        "EOR v27.16b, v27.16b, v15.16b \n"
+        "AESE v28.16b, v14.16b \n"
+        "EOR v28.16b, v28.16b, v15.16b \n"
+        "AESE v29.16b, v14.16b \n"
+        "EOR v29.16b, v29.16b, v15.16b \n"
+        "AESE v30.16b, v14.16b \n"
+        "EOR v30.16b, v30.16b, v15.16b \n"
+
+        "# XOR in input \n"
+        "EOR v27.16b, v27.16b, v18.16b \n"
+        "EOR v28.16b, v28.16b, v19.16b \n"
+        "EOR v29.16b, v29.16b, v20.16b \n"
+        "EOR v30.16b, v30.16b, v21.16b \n"
+        "# Store cipher text \n"
+        "ST1 {v27.2d-v30.2d}, [%[out]], #64 \n \n"
+        "CMP w11, #64 \n"
+        "BGE 11b \n"
+
+        "12: \n"
+        "# GHASH - 4 blocks \n"
+        "RBIT v18.16b, v18.16b \n"
+        "RBIT v19.16b, v19.16b \n"
+        "RBIT v20.16b, v20.16b \n"
+        "RBIT v21.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v17.16b \n"
+        "# x[0-2] = C * H^1 \n"
+        "PMULL  v17.1q, v21.1d, v16.1d \n"
+        "PMULL2 v0.1q, v21.2d, v16.2d \n"
+        "EXT v21.16b, v21.16b, v21.16b, #8 \n"
+        "PMULL  v31.1q, v21.1d, v16.1d \n"
+        "PMULL2 v15.1q, v21.2d, v16.2d \n"
+        "EOR v31.16b, v31.16b, v15.16b \n"
+        "# x[0-2] += C * H^2 \n"
+        "PMULL  v14.1q, v20.1d, v24.1d \n"
+        "PMULL2 v15.1q, v20.2d, v24.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v20.16b, v20.16b, v20.16b, #8 \n"
+        "PMULL  v15.1q, v20.1d, v24.1d \n"
+        "PMULL2 v20.1q, v20.2d, v24.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v20.16b, v15.16b \n"
+#else
+        "EOR v20.16b, v20.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v20.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^3 \n"
+        "PMULL  v14.1q, v19.1d, v25.1d \n"
+        "PMULL2 v15.1q, v19.2d, v25.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v19.16b, v19.16b, v19.16b, #8 \n"
+        "PMULL  v15.1q, v19.1d, v25.1d \n"
+        "PMULL2 v19.1q, v19.2d, v25.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v19.16b, v15.16b \n"
+#else
+        "EOR v19.16b, v19.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v19.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# x[0-2] += C * H^4 \n"
+        "PMULL  v14.1q, v18.1d, v26.1d \n"
+        "PMULL2 v15.1q, v18.2d, v26.2d \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n"
+        "EXT v18.16b, v18.16b, v18.16b, #8 \n"
+        "PMULL  v15.1q, v18.1d, v26.1d \n"
+        "PMULL2 v18.1q, v18.2d, v26.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v31.16b, v31.16b, v18.16b, v15.16b \n"
+#else
+        "EOR v18.16b, v18.16b, v15.16b \n"
+        "EOR v31.16b, v31.16b, v18.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "# Reduce X = x[0-2] \n"
+        "EXT v15.16b, v17.16b, v0.16b, #8 \n"
+        "PMULL2 v14.1q, v0.2d, v23.2d \n"
+#ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR3 v15.16b, v15.16b, v31.16b, v14.16b \n"
+#else
+        "EOR v15.16b, v15.16b, v31.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA3
+        "EOR v15.16b, v15.16b, v14.16b \n"
+#endif /* WOLFSSL_ARMASM_CRYPTO_SHA3 */
+        "PMULL2 v14.1q, v15.2d, v23.2d \n"
+        "MOV v17.D[1], v15.D[0] \n"
+        "EOR v17.16b, v17.16b, v14.16b \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+
+        "10: \n"
+        "CBZ w11, 30f \n"
+        "CMP w11, #16 \n"
+        "BLT 20f \n"
+        "LD1 {v14.2d, v15.2d}, [%[Key]] \n"
+        "# Decrypt first block for GHASH \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+
+        "# When only one full block to decrypt go straight to GHASH \n"
+        "CMP w11, 16 \n"
+        "BLT 1f \n"
+
+        "# Interweave GHASH and decrypt if more then 1 block \n"
+        "2: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "SUB w11, w11, #16 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "LD1 {v28.2d}, [%[input]], #16 \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n \n"
+        "EOR v0.16b, v0.16b, v28.16b \n \n"
+        "ST1 {v0.2d}, [%[out]], #16 \n"
+        "CMP w11, #16 \n"
+        "BGE 2b \n"
+
+        "# GHASH on last block \n"
+        "1: \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+
+        "20: \n"
+        "CBZ w11, 30f \n"
+        "EOR v31.16b, v31.16b, v31.16b \n"
+        "MOV x15, x11 \n"
+        "ST1 {v31.2d}, [%[scratch]] \n"
+        "23: \n"
+        "LDRB w14, [%[input]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 23b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+        "LD1 {v31.2d}, [%[scratch]] \n"
+        "RBIT v31.16b, v31.16b \n"
+        "ADD w12, w12, #1 \n"
+        "MOV v0.16b, v22.16b \n"
+        "REV w13, w12 \n"
+        "MOV v0.S[3], w13 \n"
+        "EOR v17.16b, v17.16b, v31.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "RBIT v31.16b, v31.16b \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n \n"
+        "EOR v0.16b, v0.16b, v31.16b \n \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV x15, x11 \n"
+        "24: \n"
+        "LDRB w14, [%[scratch]], #1 \n"
+        "STRB w14, [%[out]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 24b \n"
+        "SUB %[scratch], %[scratch], x11 \n"
+
+        "30: \n"
+        "# store current counter value at the end \n"
+        "REV w13, w12 \n"
+        "MOV v22.S[3], w13 \n"
+        "LD1 {v0.16b}, [%[ctr]] \n"
+        "ST1 {v22.16b}, [%[ctr]] \n"
+
+        "LSL %x[aSz], %x[aSz], #3 \n"
+        "LSL %x[sz], %x[sz], #3 \n"
+        "MOV v28.d[0], %x[aSz] \n"
+        "MOV v28.d[1], %x[sz] \n"
+        "REV64 v28.16b, v28.16b \n"
+        "RBIT v28.16b, v28.16b \n"
+        "EOR v17.16b, v17.16b, v28.16b \n"
+        "PMULL  v18.1q, v17.1d, v16.1d \n"
+        "PMULL2 v19.1q, v17.2d, v16.2d \n"
+        "EXT v20.16b, v16.16b, v16.16b, #8 \n"
+        "AESE v0.16b, v1.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL  v21.1q, v17.1d, v20.1d \n"
+        "PMULL2 v20.1q, v17.2d, v20.2d \n"
+        "AESE v0.16b, v2.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v20.16b, v20.16b, v21.16b \n"
+        "AESE v0.16b, v3.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EXT v21.16b, v18.16b, v19.16b, #8 \n"
+        "AESE v0.16b, v4.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v5.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "# Reduce \n"
+        "PMULL2 v20.1q, v19.2d, v23.2d \n"
+        "AESE v0.16b, v6.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v21.16b, v21.16b, v20.16b \n"
+        "AESE v0.16b, v7.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "PMULL2 v20.1q, v21.2d, v23.2d \n"
+        "AESE v0.16b, v8.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "MOV v18.D[1], v21.D[0] \n"
+        "AESE v0.16b, v9.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "EOR v17.16b, v18.16b, v20.16b \n"
+        "AESE v0.16b, v10.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v11.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v12.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v13.16b \n"
+        "AESMC v0.16b, v0.16b \n"
+        "AESE v0.16b, v14.16b \n"
+        "EOR v0.16b, v0.16b, v15.16b \n \n"
+        "RBIT v17.16b, v17.16b \n"
+        "EOR v0.16b, v0.16b, v17.16b \n \n"
+        "CMP %w[tagSz], #16 \n"
+        "BNE 40f \n"
+        "LD1 {v1.2d}, [%[tag]] \n"
+        "B 41f \n"
+        "40: \n"
+        "EOR v1.16b, v1.16b, v1.16b \n"
+        "MOV x15, %x[tagSz] \n"
+        "ST1 {v1.2d}, [%[scratch]] \n"
+        "43: \n"
+        "LDRB w14, [%[tag]], #1 \n"
+        "STRB w14, [%[scratch]], #1 \n"
+        "SUB x15, x15, #1 \n"
+        "CBNZ x15, 43b \n"
+        "SUB %[scratch], %[scratch], %x[tagSz] \n"
+        "LD1 {v1.2d}, [%[scratch]] \n"
+        "ST1 {v0.2d}, [%[scratch]] \n"
+        "MOV w14, #16 \n"
+        "SUB w14, w14, %w[tagSz] \n"
+        "ADD %[scratch], %[scratch], %x[tagSz] \n"
+        "44: \n"
+        "STRB wzr, [%[scratch]], #1 \n"
+        "SUB w14, w14, #1 \n"
+        "CBNZ w14, 44b \n"
+        "SUB %[scratch], %[scratch], #16 \n"
+        "LD1 {v0.2d}, [%[scratch]] \n"
+        "41: \n"
+        "EOR v0.16b, v0.16b, v1.16b \n"
+        "MOV v1.D[0], v0.D[1] \n"
+        "EOR v0.8b, v0.8b, v1.8b \n"
+        "MOV %x[ret], v0.D[0] \n"
+        "CMP %x[ret], #0 \n"
+        "MOV w11, #-180 \n"
+        "CSETM %w[ret], ne \n"
+        "AND %w[ret], %w[ret], w11 \n"
+
+        : [out] "+r" (out), [input] "+r" (in), [Key] "+r" (keyPt),
+          [aSz] "+r" (authInSz), [sz] "+r" (sz), [aad] "+r" (authIn),
+          [ret] "+r" (ret)
+        : [ctr] "r" (ctr), [scratch] "r" (scratch),
+          [h] "m" (aes->gcm.H), [tag] "r" (authTag), [tagSz] "r" (authTagSz)
+        : "cc", "memory", "x11", "x12", "w13", "x14", "x15", "w16",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23",
+          "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+    );
+
+    return ret;
+}
+#endif /* WOLFSSL_AES_256 */
 /*
  * Check tag and decrypt data using AES with GCM mode.
  * aes: Aes structure having already been set with set key function
@@ -2640,295 +12558,44 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
  * authIn:    additional data buffer
  * authInSz:  size of additional data buffer
  */
-int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
-                   const byte* iv, word32 ivSz,
-                   const byte* authTag, word32 authTagSz,
-                   const byte* authIn, word32 authInSz)
+int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
+    const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz,
+    const byte* authIn, word32 authInSz)
 {
-    word32 blocks = sz / AES_BLOCK_SIZE;
-    word32 partial = sz % AES_BLOCK_SIZE;
-    const byte* c = in;
-    byte* p = out;
-    byte counter[AES_BLOCK_SIZE];
-    byte initialCounter[AES_BLOCK_SIZE];
-    byte *ctr ;
-    byte scratch[AES_BLOCK_SIZE];
-
-    ctr = counter ;
-
     /* sanity checks */
-    if (aes == NULL || iv == NULL || (sz != 0 && (in == NULL || out == NULL)) ||
-        authTag == NULL || authTagSz > AES_BLOCK_SIZE || authTagSz == 0 ||
-        ivSz == 0) {
+    if ((aes == NULL) || (iv == NULL) || (authTag == NULL) ||
+            (authTagSz > AES_BLOCK_SIZE) || (authTagSz == 0) || (ivSz == 0) ||
+            ((sz != 0) && ((in == NULL) || (out == NULL)))) {
         WOLFSSL_MSG("a NULL parameter passed in when size is larger than 0");
         return BAD_FUNC_ARG;
     }
 
-    XMEMSET(initialCounter, 0, AES_BLOCK_SIZE);
-    if (ivSz == GCM_NONCE_MID_SZ) {
-        XMEMCPY(initialCounter, iv, ivSz);
-        initialCounter[AES_BLOCK_SIZE - 1] = 1;
-    }
-    else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
-        GMULT(initialCounter, aes->H);
-    }
-    XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
-
-    /* Calculate the authTag again using the received auth data and the
-     * cipher text. */
-    {
-        byte Tprime[AES_BLOCK_SIZE];
-        byte EKY0[AES_BLOCK_SIZE];
-
-        GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
-        GMULT(Tprime, aes->H);
-        wc_AesEncrypt(aes, ctr, EKY0);
-        xorbuf(Tprime, EKY0, sizeof(Tprime));
-
-        if (ConstantCompare(authTag, Tprime, authTagSz) != 0) {
-            return AES_GCM_AUTH_E;
-        }
-    }
-
-    /* do as many blocks as possible */
-    if (blocks > 0) {
-        /* pointer needed because it is incremented when read, causing
-         * an issue with call to encrypt/decrypt leftovers */
-        byte*  keyPt  = (byte*)aes->key;
-        switch(aes->rounds) {
+    switch (aes->rounds) {
 #ifdef WOLFSSL_AES_128
-        case 10: /* AES 128 BLOCK */
-            __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64  \n"
-
-            "#Create vector with the value 1   \n"
-            "MOVI v14.16b, #1                  \n"
-            "USHR v14.2d, v14.2d, #56          \n"
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64  \n"
-            "EOR v13.16b, v13.16b, v13.16b     \n"
-            "EXT v14.16b, v14.16b, v13.16b, #8 \n"
-
-            "LD1 {v9.2d-v11.2d}, [%[Key]], #48 \n"
-            "LD1 {v12.2d}, [%[ctr]]            \n"
-            "LD1 {v13.2d}, [%[input]], #16     \n"
-
-            "1: \n"
-            "REV64 v12.16b, v12.16b \n" /* network order */
-            "EXT v12.16b, v12.16b, v12.16b, #8 \n"
-            "ADD v12.4s, v12.4s, v14.4s \n" /* add 1 to counter */
-            "EXT v12.16b, v12.16b, v12.16b, #8 \n"
-            "REV64 v12.16b, v12.16b \n" /* revert from network order */
-            "MOV v0.16b, v12.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b \n"
-            "EOR v0.16b, v0.16b, v11.16b \n"
-
-            "EOR v0.16b, v0.16b, v13.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-
-            "CBZ w11, 2f \n"
-            "LD1 {v13.2d}, [%[input]], #16 \n"
-            "B 1b \n"
-
-            "2: \n"
-            "#store current counter value at the end \n"
-            "ST1 {v12.16b}, [%[ctrOut]] \n"
-
-            :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
-            :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (c)
-            : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14"
-            );
-            break;
+        case 10:
+            return Aes128GcmDecrypt(aes, out, in, sz, iv, ivSz,
+                                    authTag, authTagSz, authIn, authInSz);
 #endif
 #ifdef WOLFSSL_AES_192
-        case 12: /* AES 192 BLOCK */
-            __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64  \n"
-
-            "#Create vector with the value 1   \n"
-            "MOVI v16.16b, #1                  \n"
-            "USHR v16.2d, v16.2d, #56          \n"
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64  \n"
-            "EOR v14.16b, v14.16b, v14.16b     \n"
-            "EXT v16.16b, v16.16b, v14.16b, #8 \n"
-
-            "LD1 {v9.2d-v12.2d}, [%[Key]], #64 \n"
-            "LD1 {v13.2d}, [%[Key]], #16       \n"
-            "LD1 {v14.2d}, [%[ctr]]            \n"
-            "LD1 {v15.2d}, [%[input]], #16     \n"
-
-            "1: \n"
-            "REV64 v14.16b, v14.16b \n" /* network order */
-            "EXT v14.16b, v14.16b, v14.16b, #8 \n"
-            "ADD v14.4s, v14.4s, v16.4s \n" /* add 1 to counter */
-            "EXT v14.16b, v14.16b, v14.16b, #8 \n"
-            "REV64 v14.16b, v14.16b \n" /* revert from network order */
-            "MOV v0.16b, v14.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v12.16b \n"
-            "EOR v0.16b, v0.16b, v13.16b \n"
-
-            "EOR v0.16b, v0.16b, v15.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-
-            "CBZ w11, 2f \n"
-            "LD1 {v15.2d}, [%[input]], #16 \n"
-            "B 1b \n"
-
-            "2: \n"
-            "#store current counter value at the end \n"
-            "ST1 {v14.2d}, [%[ctrOut]]   \n"
-
-            :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
-            :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (c)
-            : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
-            "v16"
-            );
-            break;
-#endif /* WOLFSSL_AES_192 */
+        case 12:
+            return Aes192GcmDecrypt(aes, out, in, sz, iv, ivSz,
+                                    authTag, authTagSz, authIn, authInSz);
+#endif
 #ifdef WOLFSSL_AES_256
-        case 14: /* AES 256 BLOCK */
-            __asm__ __volatile__ (
-            "MOV w11, %w[blocks] \n"
-            "LD1 {v1.2d-v4.2d}, [%[Key]], #64  \n"
-
-            "#Create vector with the value 1   \n"
-            "MOVI v18.16b, #1                  \n"
-            "USHR v18.2d, v18.2d, #56          \n"
-            "LD1 {v5.2d-v8.2d}, [%[Key]], #64  \n"
-            "EOR v19.16b, v19.16b, v19.16b     \n"
-            "EXT v18.16b, v18.16b, v19.16b, #8 \n"
-
-            "LD1 {v9.2d-v12.2d},  [%[Key]], #64 \n"
-            "LD1 {v13.2d-v15.2d}, [%[Key]], #48 \n"
-            "LD1 {v17.2d}, [%[ctr]]             \n"
-            "LD1 {v16.2d}, [%[input]], #16      \n"
-
-            "1: \n"
-            "REV64 v17.16b, v17.16b \n" /* network order */
-            "EXT v17.16b, v17.16b, v17.16b, #8 \n"
-            "ADD v17.4s, v17.4s, v18.4s \n" /* add 1 to counter */
-            "EXT v17.16b, v17.16b, v17.16b, #8 \n"
-            "REV64 v17.16b, v17.16b \n" /* revert from network order */
-            "MOV v0.16b, v17.16b  \n"
-            "AESE v0.16b, v1.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v2.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v3.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v4.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "SUB w11, w11, #1     \n"
-            "AESE v0.16b, v5.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v6.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v7.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v8.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v9.16b  \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v10.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v11.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v12.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v13.16b \n"
-            "AESMC v0.16b, v0.16b \n"
-            "AESE v0.16b, v14.16b \n"
-            "EOR v0.16b, v0.16b, v15.16b \n"
-
-            "EOR v0.16b, v0.16b, v16.16b \n"
-            "ST1 {v0.2d}, [%[out]], #16  \n"
-
-            "CBZ w11, 2f \n"
-            "LD1 {v16.2d}, [%[input]], #16 \n"
-            "B 1b \n"
-
-            "2: \n"
-            "#store current counter value at the end \n"
-            "ST1 {v17.2d}, [%[ctrOut]] \n"
-
-            :[out] "=r" (p), "=r" (keyPt), [ctrOut] "=r" (ctr), "=r" (c)
-            :"0" (p), [Key] "1" (keyPt), [ctr] "2" (ctr), [blocks] "r" (blocks),
-             [input] "3" (c)
-            : "cc", "memory", "w11", "v0", "v1", "v2", "v3", "v4", "v5",
-            "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
-            "v16", "v17", "v18", "v19"
-            );
-            break;
-#endif /* WOLFSSL_AES_256 */
+        case 14:
+            return Aes256GcmDecrypt(aes, out, in, sz, iv, ivSz,
+                                    authTag, authTagSz, authIn, authInSz);
+#endif
         default:
-            WOLFSSL_MSG("Bad AES-GCM round value");
+            WOLFSSL_MSG("AES-GCM invalid round number");
             return BAD_FUNC_ARG;
-        }
-    }
-    if (partial != 0) {
-        IncrementGcmCounter(ctr);
-        wc_AesEncrypt(aes, ctr, scratch);
-
-        /* check if pointer is null after main AES-GCM blocks
-         * helps static analysis */
-        if (p == NULL || c == NULL) {
-            return BAD_STATE_E;
-        }
-        xorbuf(scratch, c, partial);
-        XMEMCPY(p, scratch, partial);
     }
-    return 0;
 }
 
 #endif /* HAVE_AES_DECRYPT */
+
+/* END script replace AES-GCM Aarch64 with hardware crypto. */
+
 #endif /* HAVE_AESGCM */
 
 
@@ -4207,6 +13874,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     return 0;
 }
 
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+        const byte* iv, int dir)
+{
+    (void)dir;
+    return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
+
 #endif /* WOLFSSL_AES_COUNTER */
 
 #ifdef HAVE_AESGCM
@@ -4215,7 +13889,7 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
  * on ARMv8". Shifting left to account for bit reflection is based on
  * "Carry-Less Multiplication and Its Usage for Computing the GCM mode"
  */
-static void GMULT(byte* X, byte* Y)
+void GMULT(byte* X, byte* Y)
 {
     __asm__ __volatile__ (
         "VLD1.32 {q0}, [%[x]] \n"
@@ -4274,13 +13948,13 @@ static void GMULT(byte* X, byte* Y)
 }
 
 
-void GHASH(Aes* aes, const byte* a, word32 aSz,
-                                const byte* c, word32 cSz, byte* s, word32 sSz)
+void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c, word32 cSz,
+    byte* s, word32 sSz)
 {
     byte x[AES_BLOCK_SIZE];
     byte scratch[AES_BLOCK_SIZE];
     word32 blocks, partial;
-    byte* h = aes->H;
+    byte* h = gcm->H;
 
     XMEMSET(x, 0, AES_BLOCK_SIZE);
 
@@ -4377,7 +14051,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         initialCounter[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
     }
     XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
 
@@ -4398,7 +14072,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 
     }
 
-    GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+    GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
     wc_AesEncrypt(aes, initialCounter, scratch);
     if (authTagSz > AES_BLOCK_SIZE) {
         xorbuf(authTag, scratch, AES_BLOCK_SIZE);
@@ -4454,7 +14128,7 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         initialCounter[AES_BLOCK_SIZE - 1] = 1;
     }
     else {
-        GHASH(aes, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, initialCounter, AES_BLOCK_SIZE);
     }
     XMEMCPY(ctr, initialCounter, AES_BLOCK_SIZE);
 
@@ -4464,7 +14138,7 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         byte Tprime[AES_BLOCK_SIZE];
         byte EKY0[AES_BLOCK_SIZE];
 
-        GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
+        GHASH(&aes->gcm, authIn, authInSz, in, sz, Tprime, sizeof(Tprime));
         wc_AesEncrypt(aes, ctr, EKY0);
         xorbuf(Tprime, EKY0, sizeof(Tprime));
 
@@ -4523,7 +14197,7 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 #define GHASH_ONE_BLOCK(aes, block)                     \
     do {                                                \
         xorbuf(AES_TAG(aes), block, AES_BLOCK_SIZE);    \
-        GMULT(AES_TAG(aes), aes->H);                    \
+        GMULT(AES_TAG(aes), aes->gcm.H);                \
     }                                                   \
     while (0)
 
@@ -4638,7 +14312,7 @@ static void GHASH_UPDATE(Aes* aes, const byte* a, word32 aSz, const byte* c,
                 sz = cSz;
             }
             XMEMCPY(AES_LASTGBLOCK(aes) + aes->cOver, c, sz);
-            /* Update count of unsed encrypted counter. */
+            /* Update count of unused encrypted counter. */
             aes->cOver += sz;
             if (aes->cOver == AES_BLOCK_SIZE) {
                 /* We have filled up the block and can process. */
@@ -4682,7 +14356,7 @@ static void GHASH_FINAL(Aes* aes, byte* s, word32 sSz)
 
     if (aes->cOver > 0) {
         /* Cipher text block incomplete. */
-        over = aes->cOver; 
+        over = aes->cOver;
     }
     if (over > 0) {
         /* Zeroize the unused part of the block. */
@@ -4716,13 +14390,13 @@ static void AesGcmInit_C(Aes* aes, const byte* iv, word32 ivSz)
     else {
         /* Counter is GHASH of IV. */
     #ifdef OPENSSL_EXTRA
-        word32 aadTemp = aes->aadLen;
-        aes->aadLen = 0;
+        word32 aadTemp = aes->gcm.aadLen;
+        aes->gcm.aadLen = 0;
     #endif
-        GHASH(aes, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
-        GMULT(counter, aes->H);
+        GHASH(&aes->gcm, NULL, 0, iv, ivSz, counter, AES_BLOCK_SIZE);
+        GMULT(counter, aes->gcm.H);
     #ifdef OPENSSL_EXTRA
-        aes->aadLen = aadTemp;
+        aes->gcm.aadLen = aadTemp;
     #endif
     }
 
@@ -4811,7 +14485,7 @@ static void AesGcmFinal_C(Aes* aes, byte* authTag, word32 authTagSz)
     xorbuf(authTag, AES_INITCTR(aes), authTagSz);
 #ifdef OPENSSL_EXTRA
     /* store AAD size for next call */
-    aes->aadLen = aes->aSz;
+    aes->gcm.aadLen = aes->aSz;
 #endif
     /* Zeroize last block to protect sensitive data. */
     ForceZero(AES_LASTBLOCK(aes), AES_BLOCK_SIZE);
@@ -4838,8 +14512,7 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
 
     /* Check validity of parameters. */
     if ((aes == NULL) || ((len > 0) && (key == NULL)) ||
-            ((ivSz == 0) && (iv != NULL)) ||
-            ((ivSz > 0) && (iv == NULL))) {
+            ((ivSz == 0) && (iv != NULL)) || ((ivSz > 0) && (iv == NULL))) {
         ret = BAD_FUNC_ARG;
     }
 
@@ -4860,14 +14533,14 @@ int wc_AesGcmInit(Aes* aes, const byte* key, word32 len, const byte* iv,
     }
 
     if (ret == 0) {
-        /* Setup with IV if needed. */
-        if (iv != NULL) {
-            /* Cache the IV in AES GCM object. */
-            XMEMCPY((byte*)aes->reg, iv, ivSz);
+        /* Set the IV passed in if it is smaller than a block. */
+        if ((iv != NULL) && (ivSz <= AES_BLOCK_SIZE)) {
+            XMEMMOVE((byte*)aes->reg, iv, ivSz);
             aes->nonceSz = ivSz;
         }
-        else if (aes->nonceSz != 0) {
-            /* Copy out the cached copy. */
+        /* No IV passed in, check for cached IV. */
+        if ((iv == NULL) && (aes->nonceSz != 0)) {
+            /* Use the cached copy. */
             iv = (byte*)aes->reg;
             ivSz = aes->nonceSz;
         }
@@ -4972,7 +14645,7 @@ int wc_AesGcmEncryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
     if (ret == 0) {
         /* Encrypt the plaintext. */
         AesGcmCryptUpdate_C(aes, out, in, sz);
-        /* Update the authenication tag with any authentication data and the
+        /* Update the authentication tag with any authentication data and the
          * new cipher text. */
         GHASH_UPDATE(aes, authIn, authInSz, out, sz);
     }
@@ -5081,7 +14754,7 @@ int wc_AesGcmDecryptUpdate(Aes* aes, byte* out, const byte* in, word32 sz,
 
     if (ret == 0) {
         /* Decrypt with AAD and/or cipher text. */
-        /* Update the authenication tag with any authentication data and
+        /* Update the authentication tag with any authentication data and
          * cipher text. */
         GHASH_UPDATE(aes, authIn, authInSz, in, sz);
         /* Decrypt the cipher text. */
@@ -5401,10 +15074,10 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
         aes->gcmKeySet = 1;
 #endif
 
-        wc_AesEncrypt(aes, iv, aes->H);
+        wc_AesEncrypt(aes, iv, aes->gcm.H);
     #if defined(__aarch64__)
         {
-            word32* pt = (word32*)aes->H;
+            word32* pt = (word32*)aes->gcm.H;
             __asm__ volatile (
                 "LD1 {v0.16b}, [%[h]] \n"
                 "RBIT v0.16b, v0.16b \n"
@@ -5416,7 +15089,7 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
         }
     #else
         {
-            word32* pt = (word32*)aes->H;
+            word32* pt = (word32*)aes->gcm.H;
             __asm__ volatile (
                 "VLD1.32 {q0}, [%[h]] \n"
                 "VREV64.8 q0, q0 \n"
@@ -5459,10 +15132,1346 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
     #endif /* HAVE_AES_DECRYPT */
 #endif /* WOLFSSL_AES_DIRECT */
 
+#ifdef WOLFSSL_AES_XTS
+
+#ifdef __aarch64__
+
+#define AES_ENCRYPT_UPDATE_TWEAK(label)                             \
+        "AESE v0.16b, v1.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AND x11, x19, x10, ASR #63\n"                              \
+        "AESE v0.16b, v2.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v3.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "EXTR x10, x10, x9, #63 \n"                                 \
+        "AESE v0.16b, v4.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "AESE v0.16b, v5.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "EOR x9, x11, x9, LSL #1 \n"                                \
+        "AESE v0.16b, v6.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v7.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v8.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "AESE v0.16b, v9.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "SUBS WZR, %w[rounds], #10 \n"                              \
+        "BLE " #label "f      \n"                                   \
+        "AESE v0.16b, v10.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v11.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "SUBS WZR, %w[rounds], #12 \n"                              \
+        "BLE " #label "f      \n"                                   \
+        "AESE v0.16b, v12.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v13.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        #label ": \n"                                               \
+        "AESE v0.16b, v14.16b \n"                                   \
+        "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_ENCRYPT(label)                                          \
+        "AESE v0.16b, v1.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v2.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v3.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v4.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "AESE v0.16b, v5.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v6.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v7.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v8.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "AESE v0.16b, v9.16b  \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "SUBS WZR, %w[rounds], #10 \n"                              \
+        "BLE " #label "f      \n"                                   \
+        "AESE v0.16b, v10.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v11.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        "SUBS WZR, %w[rounds], #12 \n"                              \
+        "BLE " #label "f      \n"                                   \
+        "AESE v0.16b, v12.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+        "AESE v0.16b, v13.16b \n"                                   \
+        "AESMC v0.16b, v0.16b \n"                                   \
+                                                                    \
+        #label ": \n"                                               \
+        "AESE v0.16b, v14.16b \n"                                   \
+        "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_DECRYPT_UPDATE_TWEAK(label)                             \
+        "AESD v0.16b, v1.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AND x11, x19, x10, ASR #63\n"                              \
+        "AESD v0.16b, v2.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v3.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "EXTR x10, x10, x9, #63 \n"                                 \
+        "AESD v0.16b, v4.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "AESD v0.16b, v5.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "EOR x9, x11, x9, LSL #1 \n"                                \
+        "AESD v0.16b, v6.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v7.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v8.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "AESD v0.16b, v9.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "SUBS WZR, %w[rounds], #10 \n"                              \
+        "BLE " #label "f       \n"                                  \
+        "AESD v0.16b, v10.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v11.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "SUBS WZR, %w[rounds], #12 \n"                              \
+        "BLE " #label "f       \n"                                  \
+        "AESD v0.16b, v12.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v13.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        #label ": \n"                                               \
+        "AESD v0.16b, v14.16b  \n"                                  \
+        "EOR v0.16b, v0.16b, v15.16b \n"
+
+#define AES_DECRYPT(label)                                          \
+        "AESD v0.16b, v1.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v2.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v3.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v4.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "AESD v0.16b, v5.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v6.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v7.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v8.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "AESD v0.16b, v9.16b   \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "SUBS WZR, %w[rounds], #10 \n"                              \
+        "BLE " #label "f       \n"                                  \
+        "AESD v0.16b, v10.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v11.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        "SUBS WZR, %w[rounds], #12 \n"                              \
+        "BLE " #label "f       \n"                                  \
+        "AESD v0.16b, v12.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+        "AESD v0.16b, v13.16b  \n"                                  \
+        "AESIMC v0.16b, v0.16b \n"                                  \
+                                                                    \
+        #label ": \n"                                               \
+        "AESD v0.16b, v14.16b  \n"                                  \
+        "EOR v0.16b, v0.16b, v15.16b \n"
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold cipher text
+ * in    input plain text buffer to encrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
+ * iSz   size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ *       adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i, word32 iSz)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    byte tmp[AES_BLOCK_SIZE];
+
+    if (xaes == NULL || out == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (iSz < AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (blocks == 0) {
+        WOLFSSL_MSG("Plain text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
+
+    __asm__ __volatile__ (
+        "MOV x19, 0x87 \n"
+
+        "# Load tweak calculation key\n"
+        "LD1 {v0.16b}, [%[i]] \n"
+        "MOV x10, %[key2] \n"
+        "LD1 {v1.2d-v4.2d}, [x10], #64  \n"
+        "LD1 {v5.2d-v8.2d}, [x10], #64  \n"
+        "LD1 {v9.2d-v12.2d}, [x10], #64  \n"
+        "LD1 {v13.2d-v15.2d}, [x10]  \n"
+
+        "# Put last 2 blocks of keys based on rounds into v14, v15\n"
+        "SUBS WZR, %w[rounds], #14 \n"
+        "BEQ 40f \n"
+        "SUBS WZR, %w[rounds], #12 \n"
+        "MOV v14.16b, v12.16b \n"
+        "MOV v15.16b, v13.16b \n"
+        "BEQ 40f \n"
+        "MOV v14.16b, v10.16b \n"
+        "MOV v15.16b, v11.16b \n"
+        "40: \n"
+
+        AES_ENCRYPT(10)
+
+        "MOV x9, v0.d[0] \n"
+        "MOV x10, v0.d[1] \n"
+        "MOV v20.16b, v0.16b \n"
+
+        "# Load encryption key\n"
+        "MOV x11, %[key] \n"
+        "LD1 {v1.2d-v4.2d}, [x11], #64  \n"
+        "LD1 {v5.2d-v8.2d}, [x11], #64  \n"
+        "LD1 {v9.2d-v12.2d}, [x11], #64  \n"
+        "LD1 {v13.2d-v15.2d}, [x11]  \n"
+
+        "# Put last 2 blocks of keys based on rounds into v14, v15\n"
+        "SUBS WZR, %w[rounds], #14 \n"
+        "BEQ 41f \n"
+        "SUBS WZR, %w[rounds], #10 \n"
+        "MOV v14.16b, v10.16b \n"
+        "MOV v15.16b, v11.16b \n"
+        "BEQ 41f \n"
+        "MOV v14.16b, v12.16b \n"
+        "MOV v15.16b, v13.16b \n"
+        "41: \n"
+
+        "SUBS WZR, %w[blocks], #4 \n"
+        "BLT 1f \n"
+
+        "AND %w[sz], %w[sz], 0x3f \n"
+
+        "AND x17, x19, x10, ASR #63\n"
+        "EXTR x12, x10, x9, #63 \n"
+        "EOR x11, x17, x9, LSL #1 \n"
+
+        "AND x17, x19, x12, ASR #63\n"
+        "EXTR x14, x12, x11, #63 \n"
+        "EOR x13, x17, x11, LSL #1 \n"
+
+        "AND x17, x19, x14, ASR #63\n"
+        "EXTR x16, x14, x13, #63 \n"
+        "EOR x15, x17, x13, LSL #1 \n"
+
+        "SUB %w[blocks], %w[blocks], #4 \n"
+
+        "#Four blocks at a time\n"
+        "20:\n"
+
+        "LD1 {v16.16b-v19.16b}, [%[in]], #64 \n"
+
+        "MOV v21.d[0], x11 \n"
+        "MOV v21.d[1], x12 \n"
+        "MOV v22.d[0], x13 \n"
+        "MOV v22.d[1], x14 \n"
+        "MOV v23.d[0], x15 \n"
+        "MOV v23.d[1], x16 \n"
+
+        "EOR v16.16b, v16.16b, v20.16b \n"
+        "EOR v17.16b, v17.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v22.16b \n"
+        "EOR v19.16b, v19.16b, v23.16b \n"
+
+        "AESE v16.16b, v1.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "AND x17, x19, x16, ASR #63\n"
+        "AESE v17.16b, v1.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v1.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "EXTR x10, x16, x15, #63 \n"
+        "AESE v19.16b, v1.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v2.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "EOR x9, x17, x15, LSL #1 \n"
+        "AESE v17.16b, v2.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v2.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "AND x17, x19, x10, ASR #63\n"
+        "AESE v19.16b, v2.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v3.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "EXTR x12, x10, x9, #63 \n"
+        "AESE v17.16b, v3.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v3.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "EOR x11, x17, x9, LSL #1 \n"
+        "AESE v19.16b, v3.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v4.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "AND x17, x19, x12, ASR #63\n"
+        "AESE v17.16b, v4.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v4.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "EXTR x14, x12, x11, #63 \n"
+        "AESE v19.16b, v4.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+
+        "AESE v16.16b, v5.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "EOR x13, x17, x11, LSL #1 \n"
+        "AESE v17.16b, v5.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v5.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "AND x17, x19, x14, ASR #63\n"
+        "AESE v19.16b, v5.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v6.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+          "EXTR x16, x14, x13, #63 \n"
+        "AESE v17.16b, v6.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v6.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+          "EOR x15, x17, x13, LSL #1 \n"
+        "AESE v19.16b, v6.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v7.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v7.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v7.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v7.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v8.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v8.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v8.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v8.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+
+        "AESE v16.16b, v9.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v9.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v9.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v9.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+
+        "SUBS WZR, %w[rounds], #10 \n"
+        "BEQ 21f \n"
+        "AESE v16.16b, v10.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v10.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v10.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v10.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v11.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v11.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v11.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v11.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+
+        "SUBS WZR, %w[rounds], #12 \n"
+        "BEQ 21f \n"
+        "AESE v16.16b, v12.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v12.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v12.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v12.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+        "AESE v16.16b, v13.16b  \n"
+        "AESMC v16.16b, v16.16b \n"
+        "AESE v17.16b, v13.16b  \n"
+        "AESMC v17.16b, v17.16b \n"
+        "AESE v18.16b, v13.16b  \n"
+        "AESMC v18.16b, v18.16b \n"
+        "AESE v19.16b, v13.16b  \n"
+        "AESMC v19.16b, v19.16b \n"
+
+        "21: \n"
+        "AESE v16.16b, v14.16b  \n"
+        "EOR v16.16b, v16.16b, v15.16b   \n"
+        "AESE v17.16b, v14.16b  \n"
+        "EOR v17.16b, v17.16b, v15.16b   \n"
+        "AESE v18.16b, v14.16b  \n"
+        "EOR v18.16b, v18.16b, v15.16b   \n"
+        "AESE v19.16b, v14.16b  \n"
+        "EOR v19.16b, v19.16b, v15.16b   \n"
+
+        "EOR v16.16b, v16.16b, v20.16b \n"
+        "EOR v17.16b, v17.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v22.16b \n"
+        "EOR v19.16b, v19.16b, v23.16b \n"
+        "MOV v20.d[0], x9 \n"
+        "MOV v20.d[1], x10 \n"
+
+        "ST1 {v16.16b-v19.16b}, [%[out]], #64 \n"
+
+        "SUBS %w[blocks], %w[blocks], #4 \n"
+        "BGE 20b \n"
+        "ADD %w[blocks], %w[blocks], #4 \n"
+
+        "CBZ %w[sz], 3f \n"
+
+        "CBZ %w[blocks], 30f \n"
+
+        "1: \n"
+        "LD1 {v0.16b}, [%[in]], #16 \n"
+
+        "MOV x9, v20.d[0] \n"
+        "MOV x10, v20.d[1] \n"
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        AES_ENCRYPT_UPDATE_TWEAK(2)
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        "ST1 {v0.16b}, [%[out]], #16 \n"
+
+        "MOV v20.d[0], x9 \n"
+        "MOV v20.d[1], x10 \n"
+
+        "SUBS %w[blocks], %w[blocks], #1 \n"
+        "SUB %w[sz], %w[sz], #16 \n"
+        "BGT 1b \n"
+
+        "CBZ %w[sz], 3f \n"
+
+        "30: \n"
+        "#Partial block \n"
+        "SUB %[out], %[out], #16 \n"
+        "LD1 {v0.16b}, [%[out]], #16 \n"
+        "ST1 {v0.16b}, [%[tmp]] \n"
+
+        "MOV w12, %w[sz] \n"
+        "4: \n"
+        "LDRB w13, [%[tmp]] \n"
+        "LDRB w14, [%[in]], #1 \n"
+        "STRB w13, [%[out]], #1 \n"
+        "STRB w14, [%[tmp]], #1 \n"
+        "SUBS w12, w12, #1 \n"
+        "BGT 4b \n"
+
+        "SUB %[out], %[out], %x[sz] \n"
+        "SUB %[tmp], %[tmp], %x[sz] \n"
+        "SUB %[out], %[out], #16 \n"
+
+        "LD1 {v0.16b}, [%[tmp]] \n"
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        AES_ENCRYPT(5)
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        "STR q0, [%[out]] \n"
+
+        "3: \n"
+
+        : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+          [sz] "+r" (sz)
+        : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+          [key2] "r" (xaes->tweak.key), [i] "r" (i),
+          [tmp] "r" (tmp)
+        : "cc", "memory",
+          "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16",
+          "x17", "x19",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23"
+    );
+
+    return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold plain text
+ * in    input cipher text buffer to decrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
+ * iSz   size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ *       adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i, word32 iSz)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    byte tmp[AES_BLOCK_SIZE];
+    byte stl = (sz % AES_BLOCK_SIZE);
+
+    if (xaes == NULL || out == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (iSz < AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (blocks == 0) {
+        WOLFSSL_MSG("Plain text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
+
+    /* if Stealing then break out of loop one block early to handle special
+     * case */
+    blocks -= (stl > 0);
+
+    __asm__ __volatile__ (
+        "MOV x19, 0x87 \n"
+
+        "LD1 {v0.16b}, [%[i]] \n"
+        "MOV x10, %[key2] \n"
+        "LD1 {v1.2d-v4.2d}, [x10], #64  \n"
+        "LD1 {v5.2d-v8.2d}, [x10], #64  \n"
+        "LD1 {v9.2d-v12.2d}, [x10], #64  \n"
+        "LD1 {v13.2d-v15.2d}, [x10]  \n"
+
+        "SUBS WZR, %w[rounds], #14 \n"
+        "BEQ 40f \n"
+        "SUBS WZR, %w[rounds], #12 \n"
+        "MOV v14.16b, v12.16b \n"
+        "MOV v15.16b, v13.16b \n"
+        "BEQ 40f \n"
+        "MOV v14.16b, v10.16b \n"
+        "MOV v15.16b, v11.16b \n"
+        "40: \n"
+
+        AES_ENCRYPT(10)
+
+        "MOV x9, v0.d[0] \n"
+        "MOV x10, v0.d[1] \n"
+        "MOV v20.16b, v0.16b \n"
+
+        "MOV x11, %[key] \n"
+        "LD1 {v1.2d-v4.2d}, [x11], #64  \n"
+        "LD1 {v5.2d-v8.2d}, [x11], #64  \n"
+        "LD1 {v9.2d-v12.2d}, [x11], #64  \n"
+        "LD1 {v13.2d-v15.2d}, [x11]  \n"
+
+        "SUBS WZR, %w[rounds], #14 \n"
+        "BEQ 41f \n"
+        "SUBS WZR, %w[rounds], #12 \n"
+        "MOV v14.16b, v12.16b \n"
+        "MOV v15.16b, v13.16b \n"
+        "BEQ 41f \n"
+        "MOV v14.16b, v10.16b \n"
+        "MOV v15.16b, v11.16b \n"
+        "41: \n"
+
+        "CBZ %w[blocks], 3f \n"
+
+        "SUBS WZR, %w[blocks], #4 \n"
+        "BLT 1f \n"
+
+        "AND x17, x19, x10, ASR #63\n"
+        "EXTR x12, x10, x9, #63 \n"
+        "EOR x11, x17, x9, LSL #1 \n"
+
+        "AND x17, x19, x12, ASR #63\n"
+        "EXTR x14, x12, x11, #63 \n"
+        "EOR x13, x17, x11, LSL #1 \n"
+
+        "AND x17, x19, x14, ASR #63\n"
+        "EXTR x16, x14, x13, #63 \n"
+        "EOR x15, x17, x13, LSL #1 \n"
+
+        "SUB %w[blocks], %w[blocks], #4 \n"
+
+        "#Four blocks at a time\n"
+        "20:\n"
+
+        "LD1 {v16.16b-v19.16b}, [%[in]], #64 \n"
+
+        "MOV v21.d[0], x11 \n"
+        "MOV v21.d[1], x12 \n"
+        "MOV v22.d[0], x13 \n"
+        "MOV v22.d[1], x14 \n"
+        "MOV v23.d[0], x15 \n"
+        "MOV v23.d[1], x16 \n"
+
+        "EOR v16.16b, v16.16b, v20.16b \n"
+        "EOR v17.16b, v17.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v22.16b \n"
+        "EOR v19.16b, v19.16b, v23.16b \n"
+
+        "AESD v16.16b, v1.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "AND x17, x19, x16, ASR #63\n"
+        "AESD v17.16b, v1.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v1.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "EXTR x10, x16, x15, #63 \n"
+        "AESD v19.16b, v1.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v2.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "EOR x9, x17, x15, LSL #1 \n"
+        "AESD v17.16b, v2.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v2.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "AND x17, x19, x10, ASR #63\n"
+        "AESD v19.16b, v2.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v3.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "EXTR x12, x10, x9, #63 \n"
+        "AESD v17.16b, v3.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v3.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "EOR x11, x17, x9, LSL #1 \n"
+        "AESD v19.16b, v3.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v4.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "AND x17, x19, x12, ASR #63\n"
+        "AESD v17.16b, v4.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v4.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "EXTR x14, x12, x11, #63 \n"
+        "AESD v19.16b, v4.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+
+        "AESD v16.16b, v5.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "EOR x13, x17, x11, LSL #1 \n"
+        "AESD v17.16b, v5.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v5.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "AND x17, x19, x14, ASR #63\n"
+        "AESD v19.16b, v5.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v6.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+          "EXTR x16, x14, x13, #63 \n"
+        "AESD v17.16b, v6.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v6.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+          "EOR x15, x17, x13, LSL #1 \n"
+        "AESD v19.16b, v6.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v7.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v7.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v7.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v7.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v8.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v8.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v8.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v8.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+
+        "AESD v16.16b, v9.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v9.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v9.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v9.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+
+        "SUBS WZR, %w[rounds], #10 \n"
+        "BEQ 21f \n"
+        "AESD v16.16b, v10.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v10.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v10.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v10.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v11.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v11.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v11.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v11.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+
+        "SUBS WZR, %w[rounds], #12 \n"
+        "BEQ 21f \n"
+        "AESD v16.16b, v12.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v12.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v12.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v12.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+        "AESD v16.16b, v13.16b  \n"
+        "AESIMC v16.16b, v16.16b \n"
+        "AESD v17.16b, v13.16b  \n"
+        "AESIMC v17.16b, v17.16b \n"
+        "AESD v18.16b, v13.16b  \n"
+        "AESIMC v18.16b, v18.16b \n"
+        "AESD v19.16b, v13.16b  \n"
+        "AESIMC v19.16b, v19.16b \n"
+
+        "21: \n"
+        "AESD v16.16b, v14.16b  \n"
+        "EOR v16.16b, v16.16b, v15.16b   \n"
+        "AESD v17.16b, v14.16b  \n"
+        "EOR v17.16b, v17.16b, v15.16b   \n"
+        "AESD v18.16b, v14.16b  \n"
+        "EOR v18.16b, v18.16b, v15.16b   \n"
+        "AESD v19.16b, v14.16b  \n"
+        "EOR v19.16b, v19.16b, v15.16b   \n"
+
+        "EOR v16.16b, v16.16b, v20.16b \n"
+        "EOR v17.16b, v17.16b, v21.16b \n"
+        "EOR v18.16b, v18.16b, v22.16b \n"
+        "EOR v19.16b, v19.16b, v23.16b \n"
+        "MOV v20.d[0], x9 \n"
+        "MOV v20.d[1], x10 \n"
+
+        "ST1 {v16.16b-v19.16b}, [%[out]], #64 \n"
+
+        "SUBS %w[blocks], %w[blocks], #4 \n"
+        "SUB %w[sz], %w[sz], #64 \n"
+        "BGE 20b \n"
+        "ADD %w[blocks], %w[blocks], #4 \n"
+
+        "CBZ %w[sz], 4f \n"
+
+        "CBZ %w[blocks], 3f \n"
+
+        "1: \n"
+        "LD1 {v0.16b}, [%[in]], #16 \n"
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        AES_DECRYPT_UPDATE_TWEAK(2)
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        "ST1 {v0.16b}, [%[out]], #16 \n"
+
+        "MOV v20.d[0], x9 \n"
+        "MOV v20.d[1], x10 \n"
+
+        "SUBS %w[blocks], %w[blocks], #1 \n"
+        "SUB %w[sz], %w[sz], #16 \n"
+        "BGT 1b \n"
+
+        "CBZ %w[sz], 4f \n"
+
+        "3: \n"
+
+        "AND x11, x19, x10, ASR #63\n"
+        "EXTR x10, x10, x9, #63 \n"
+        "EOR x9, x11, x9, LSL #1 \n"
+        "MOV v21.d[0], x9 \n"
+        "MOV v21.d[1], x10 \n"
+
+        "LD1 {v0.16b}, [%[in]], #16 \n"
+
+        "EOR v0.16b, v0.16b, v21.16b \n"
+
+        AES_DECRYPT(5)
+
+        "EOR v0.16b, v0.16b, v21.16b \n"
+
+        "SUB %w[sz], %w[sz], #16 \n"
+
+        "ST1 {v0.16b}, [%[tmp]] \n"
+        "ADD %[out], %[out], #16 \n"
+        "MOV w12, %w[sz] \n"
+        "6: \n"
+        "LDRB w13, [%[tmp]] \n"
+        "LDRB w14, [%[in]], #1 \n"
+        "STRB w13, [%[out]], #1 \n"
+        "STRB w14, [%[tmp]], #1 \n"
+        "SUBS w12, w12, #1 \n"
+        "BGT 6b \n"
+        "SUB %[out], %[out], %x[sz] \n"
+        "SUB %[tmp], %[tmp], %x[sz] \n"
+        "SUB %[out], %[out], #16 \n"
+
+        "LD1 {v0.16b}, [%[tmp]] \n"
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        AES_DECRYPT(7)
+
+        "EOR v0.16b, v0.16b, v20.16b \n"
+
+        "ST1 {v0.16b}, [%[out]] \n"
+
+        "4: \n"
+
+        : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+          [sz] "+r" (sz)
+        : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+          [key2] "r" (xaes->tweak.key), [i] "r" (i),
+          [tmp] "r" (tmp)
+        : "cc", "memory",
+          "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16",
+          "x17", "x19",
+          "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7",
+          "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15",
+          "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23"
+    );
+
+    return ret;
+}
+#else
+
+#define AES_ENCRYPT_UPDATE_TWEAK(label)                             \
+        "AESE.8 q0, q1  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AND %[i], r14, r12, ASR #31 \n"                            \
+        "AESE.8 q0, q2  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "LSL r12, r12, #1 \n"                                       \
+        "AESE.8 q0, q3  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "ORR r12, r12, r11, LSR #31 \n"                             \
+        "AESE.8 q0, q4  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "LSL r11, r11, #1 \n"                                       \
+                                                                    \
+        "AESE.8 q0, q5  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "ORR r11, r11, r10, LSR #31 \n"                             \
+        "AESE.8 q0, q6  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "LSL r10, r10, #1 \n"                                       \
+        "AESE.8 q0, q7  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "ORR r10, r10, r9, LSR #31 \n"                              \
+        "AESE.8 q0, q8  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "EOR r9, %[i], r9, LSL #1 \n"                               \
+                                                                    \
+        "AESE.8 q0, q9  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #10 \n"                                     \
+        "BLE " #label "f      \n"                                   \
+        "AESE.8 q0, q10 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q11 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #12 \n"                                     \
+        "BLE " #label "f      \n"                                   \
+        "AESE.8 q0, q10 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q11 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        #label ": \n"                                               \
+        "AESE.8 q0, q10 \n"                                         \
+        "VEOR q0, q0, q11 \n"
+
+#define AES_ENCRYPT(label)                                          \
+        "AESE.8 q0, q1 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q2 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q3 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q4 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+                                                                    \
+        "AESE.8 q0, q5 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q6 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q7 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q8 \n"                                          \
+        "AESMC.8 q0, q0 \n"                                         \
+                                                                    \
+        "AESE.8 q0, q9  \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #10 \n"                                     \
+        "BLE " #label "f      \n"                                   \
+        "AESE.8 q0, q10 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q11 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #12 \n"                                     \
+        "BLE " #label "f      \n"                                   \
+        "AESE.8 q0, q10 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "AESE.8 q0, q11 \n"                                         \
+        "AESMC.8 q0, q0 \n"                                         \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        #label ": \n"                                               \
+        "AESE.8 q0, q10 \n"                                         \
+        "VEOR q0, q0, q11 \n"
+
+#define AES_DECRYPT_UPDATE_TWEAK(label)                             \
+        "AESD.8 q0, q1   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AND %[i], r14, r12, ASR #31 \n"                            \
+        "AESD.8 q0, q2  \n"                                         \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "LSL r12, r12, #1 \n"                                       \
+        "AESD.8 q0, q3   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "ORR r12, r12, r11, LSR #31 \n"                             \
+        "AESD.8 q0, q4   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "LSL r11, r11, #1 \n"                                       \
+                                                                    \
+        "AESD.8 q0, q5   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "ORR r11, r11, r10, LSR #31 \n"                             \
+        "AESD.8 q0, q6   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "LSL r10, r10, #1 \n"                                       \
+        "AESD.8 q0, q7   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "ORR r10, r10, r9, LSR #31 \n"                              \
+        "AESD.8 q0, q8   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "EOR r9, %[i], r9, LSL #1 \n"                               \
+                                                                    \
+        "AESD.8 q0, q9   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #10 \n"                                     \
+        "BLE " #label "f       \n"                                  \
+        "AESD.8 q0, q10  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q11  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #12 \n"                                     \
+        "BLE " #label "f       \n"                                  \
+        "AESD.8 q0, q10  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q11  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        #label ": \n"                                               \
+        "AESD.8 q0, q10  \n"                                        \
+        "VEOR q0, q0, q11 \n"
+
+#define AES_DECRYPT(label)                                          \
+        "AESD.8 q0, q1  \n"                                         \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q2  \n"                                         \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q3   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q4   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+                                                                    \
+        "AESD.8 q0, q5   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q6   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q7   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q8   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+                                                                    \
+        "AESD.8 q0, q9   \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #10 \n"                                     \
+        "BLE " #label "f       \n"                                  \
+        "AESD.8 q0, q10  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q11  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        "CMP %[rounds], #12 \n"                                     \
+        "BLE " #label "f       \n"                                  \
+        "AESD.8 q0, q10  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "AESD.8 q0, q11  \n"                                        \
+        "AESIMC.8 q0, q0 \n"                                        \
+        "VLD1.32 {d20, d21, d22, d23}, [%[key2]]! \n"               \
+                                                                    \
+        #label ": \n"                                               \
+        "AESD.8 q0, q10  \n"                                        \
+        "VEOR q0, q0, q11 \n"
+
+/* AES with XTS mode. (XTS) XEX encryption with Tweak and cipher text Stealing.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold cipher text
+ * in    input plain text buffer to encrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
+ * iSz   size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ *       adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsEncrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i, word32 iSz)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    byte tmp[AES_BLOCK_SIZE];
+    word32* key2 = xaes->tweak.key;
+
+    if (xaes == NULL || out == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (iSz < AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (blocks == 0) {
+        WOLFSSL_MSG("Plain text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
+
+    __asm__ __volatile__ (
+        "MOV r14, #0x87 \n"
+
+        "# Load tweak calculation key\n"
+        "VLD1.32 {q0}, [%[i]] \n"
+        "VLD1.32 {d2, d3, d4, d5}, [%[key2]]!  \n"
+        "VLD1.32 {d6, d7, d8, d9}, [%[key2]]!  \n"
+        "VLD1.32 {d10, d11, d12, d13}, [%[key2]]!  \n"
+        "VLD1.32 {d14, d15, d16, d17}, [%[key2]]!  \n"
+        "VLD1.32 {d18, d19}, [%[key2]]!  \n"
+
+        AES_ENCRYPT(10)
+
+        "VMOV.32 r9, d0[0] \n"
+        "VMOV.32 r10, d0[1] \n"
+        "VMOV.32 r11, d1[0] \n"
+        "VMOV.32 r12, d1[1] \n"
+        "VMOV q14, q0 \n"
+
+        "# Load encryption key\n"
+        "MOV %[key2], %[key] \n"
+        "VLD1.32 {d2, d3, d4, d5}, [%[key2]]!  \n"
+        "VLD1.32 {d6, d7, d8, d9}, [%[key2]]!  \n"
+        "VLD1.32 {d10, d11, d12, d13}, [%[key2]]!  \n"
+        "VLD1.32 {d14, d15, d16, d17}, [%[key2]]!  \n"
+        "VLD1.32 {d18, d19}, [%[key2]]!  \n"
+
+        "1: \n"
+        "VLD1.32 {q0}, [%[in]]! \n"
+        "ADD %[key2], %[key], #144 \n"
+
+        "VMOV.32 r9, d28[0] \n"
+        "VMOV.32 r10, d28[1] \n"
+        "VMOV.32 r11, d29[0] \n"
+        "VMOV.32 r12, d29[1] \n"
+
+        "VEOR q0, q0, q14 \n"
+
+        AES_ENCRYPT_UPDATE_TWEAK(2)
+
+        "VEOR q0, q0, q14 \n"
+
+        "VST1.32 {q0}, [%[out]]! \n"
+
+        "VMOV.32 d28[0], r9 \n"
+        "VMOV.32 d28[1], r10 \n"
+        "VMOV.32 d29[0], r11 \n"
+        "VMOV.32 d29[1], r12 \n"
+
+        "SUBS %[blocks], %[blocks], #1 \n"
+        "SUB %[sz], %[sz], #16 \n"
+        "BGT 1b \n"
+
+        "CMP %[sz], #0 \n"
+        "BEQ 3f \n"
+
+        "30: \n"
+        "#Partial block \n"
+        "SUB %[out], %[out], #16 \n"
+        "VLD1.32 {q0}, [%[out]]! \n"
+        "VST1.32 {q0}, [%[tmp]] \n"
+
+        "MOV r9, %[sz] \n"
+        "4: \n"
+        "LDRB r10, [%[tmp]] \n"
+        "LDRB r11, [%[in]], #1 \n"
+        "STRB r10, [%[out]], #1 \n"
+        "STRB r11, [%[tmp]], #1 \n"
+        "SUBS r9, r9, #1 \n"
+        "BGT 4b \n"
+
+        "SUB %[out], %[out], %[sz] \n"
+        "SUB %[tmp], %[tmp], %[sz] \n"
+        "SUB %[out], %[out], #16 \n"
+
+        "VLD1.32 {q0}, [%[tmp]] \n"
+        "ADD %[key2], %[key], #144 \n"
+
+        "VEOR q0, q0, q14 \n"
+
+        AES_ENCRYPT(5)
+
+        "VEOR q0, q0, q14 \n"
+
+        "VST1.32 {q0}, [%[out]] \n"
+
+        "3: \n"
+
+        : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+          [sz] "+r" (sz), [i] "+r" (i), [key2] "+r" (key2)
+        : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+          [tmp] "r" (tmp)
+        : "cc", "memory",
+          "r9", "r10", "r11", "r12", "r14",
+          "q0", "q1", "q2", "q3", "q4", "q5", "q6", "q7",
+          "q8", "q9", "q10", "q11", "q14"
+    );
+
+    return ret;
+}
+
+/* Same process as encryption but Aes key is AES_DECRYPTION type.
+ *
+ * xaes  AES keys to use for block encrypt/decrypt
+ * out   output buffer to hold plain text
+ * in    input cipher text buffer to decrypt
+ * sz    size of both out and in buffers
+ * i     value to use for tweak
+ * iSz   size of i buffer, should always be AES_BLOCK_SIZE but having this input
+ *       adds a sanity check on how the user calls the function.
+ *
+ * returns 0 on success
+ */
+int wc_AesXtsDecrypt(XtsAes* xaes, byte* out, const byte* in, word32 sz,
+        const byte* i, word32 iSz)
+{
+    int ret = 0;
+    word32 blocks = (sz / AES_BLOCK_SIZE);
+    byte tmp[AES_BLOCK_SIZE];
+    byte stl = (sz % AES_BLOCK_SIZE);
+    word32* key2 = xaes->tweak.key;
+
+    if (xaes == NULL || out == NULL || in == NULL) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (iSz < AES_BLOCK_SIZE) {
+        return BAD_FUNC_ARG;
+    }
+
+    if (blocks == 0) {
+        WOLFSSL_MSG("Plain text input too small for encryption");
+        return BAD_FUNC_ARG;
+    }
+
+    /* if Stealing then break out of loop one block early to handle special
+     * case */
+    blocks -= (stl > 0);
+
+    __asm__ __volatile__ (
+        "MOV r14, #0x87 \n"
+
+        "VLD1.32 {q0}, [%[i]] \n"
+        "VLD1.32 {d2, d3, d4, d5}, [%[key2]]!  \n"
+        "VLD1.32 {d6, d7, d8, d9}, [%[key2]]!  \n"
+        "VLD1.32 {d10, d11, d12, d13}, [%[key2]]!  \n"
+        "VLD1.32 {d14, d15, d16, d17}, [%[key2]]!  \n"
+        "VLD1.32 {d18, d19}, [%[key2]]!  \n"
+
+        AES_ENCRYPT(10)
+
+        "VMOV.32 r9, d0[0] \n"
+        "VMOV.32 r10, d0[1] \n"
+        "VMOV.32 r11, d1[0] \n"
+        "VMOV.32 r12, d1[1] \n"
+        "VMOV q14, q0 \n"
+
+        "# Load decryption key\n"
+        "MOV %[key2], %[key] \n"
+        "VLD1.32 {d2, d3, d4, d5}, [%[key2]]!  \n"
+        "VLD1.32 {d6, d7, d8, d9}, [%[key2]]!  \n"
+        "VLD1.32 {d10, d11, d12, d13}, [%[key2]]!  \n"
+        "VLD1.32 {d14, d15, d16, d17}, [%[key2]]!  \n"
+        "VLD1.32 {d18, d19}, [%[key2]]!  \n"
+
+        "CMP %[blocks], #0 \n"
+        "BEQ 3f \n"
+
+        "1: \n"
+        "VLD1.32 {q0}, [%[in]]! \n"
+        "ADD %[key2], %[key], #144 \n"
+
+        "VEOR q0, q0, q14 \n"
+
+        AES_DECRYPT_UPDATE_TWEAK(2)
+
+        "VEOR q0, q0, q14 \n"
+
+        "VST1.32 {q0}, [%[out]]! \n"
+
+        "VMOV.32 d28[0], r9 \n"
+        "VMOV.32 d28[1], r10 \n"
+        "VMOV.32 d29[0], r11 \n"
+        "VMOV.32 d29[1], r12 \n"
+
+        "SUBS %[blocks], %[blocks], #1 \n"
+        "SUB %[sz], %[sz], #16 \n"
+        "BGT 1b \n"
+
+        "CMP %[sz], #0 \n"
+        "BEQ 4f \n"
+
+        "3: \n"
+
+        "AND %[i], r14, r12, ASR #31 \n"
+        "LSL r12, r12, #1 \n"
+        "ORR r12, r12, r11, LSR #31 \n"
+        "LSL r11, r11, #1 \n"
+        "ORR r11, r11, r10, LSR #31 \n"
+        "LSL r10, r10, #1 \n"
+        "ORR r10, r10, r9, LSR #31 \n"\
+        "EOR r9, %[i], r9, LSL #1 \n"
+        "VMOV.32 d30[0], r9 \n"
+        "VMOV.32 d30[1], r10 \n"
+        "VMOV.32 d31[0], r11 \n"
+        "VMOV.32 d31[1], r12 \n"
+
+        "VLD1.32 {q0}, [%[in]]! \n"
+        "ADD %[key2], %[key], #144 \n"
+
+        "VEOR q0, q0, q15 \n"
+
+        AES_DECRYPT(5)
+
+        "VEOR q0, q0, q15 \n"
+
+        "SUB %[sz], %[sz], #16 \n"
+
+        "VST1.32 {q0}, [%[tmp]] \n"
+        "ADD %[out], %[out], #16 \n"
+        "MOV r9, %[sz] \n"
+        "6: \n"
+        "LDRB r10, [%[tmp]] \n"
+        "LDRB r11, [%[in]], #1 \n"
+        "STRB r10, [%[out]], #1 \n"
+        "STRB r11, [%[tmp]], #1 \n"
+        "SUBS r9, r9, #1 \n"
+        "BGT 6b \n"
+        "SUB %[out], %[out], %[sz] \n"
+        "SUB %[tmp], %[tmp], %[sz] \n"
+        "SUB %[out], %[out], #16 \n"
+
+        "VLD1.32 {q0}, [%[tmp]] \n"
+        "ADD %[key2], %[key], #144 \n"
+
+        "VEOR q0, q0, q14 \n"
+
+        AES_DECRYPT(7)
+
+        "VEOR q0, q0, q14 \n"
+
+        "VST1.32 {q0}, [%[out]] \n"
+
+        "4: \n"
+
+        : [blocks] "+r" (blocks), [in] "+r" (in), [out] "+r" (out),
+          [sz] "+r" (sz), [i] "+r" (i), [key2] "+r" (key2)
+        : [key] "r" (xaes->aes.key), [rounds] "r" (xaes->aes.rounds),
+          [tmp] "r" (tmp)
+        : "cc", "memory",
+          "r9", "r10", "r11", "r12", "r14",
+          "q0", "q1", "q2", "q3", "q4", "q5", "q6", "q7",
+          "q8", "q9", "q10", "q11", "q14", "q15"
+    );
+
+    return ret;
+}
+
+#endif /* __aach64__ */
+#endif /* WOLFSSL_AES_XTS */
+
 #else /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
 
 #include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/aes.h>
 #ifdef NO_INLINE
     #include <wolfssl/wolfcrypt/misc.h>
@@ -5618,6 +16627,13 @@ int wc_AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     if (sz == 0) {
         return 0;
     }
+    if (sz % AES_BLOCK_SIZE) {
+#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
+        return BAD_LENGTH_E;
+#else
+        return BAD_FUNC_ARG;
+#endif
+    }
 
     AES_CBC_encrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds,
         (unsigned char*)aes->reg);
@@ -5640,6 +16656,13 @@ int wc_AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     if (sz == 0) {
         return 0;
     }
+    if (sz % AES_BLOCK_SIZE) {
+#ifdef WOLFSSL_AES_CBC_LENGTH_CHECKS
+        return BAD_LENGTH_E;
+#else
+        return BAD_FUNC_ARG;
+#endif
+    }
 
     AES_CBC_decrypt(in, out, sz, (const unsigned char*)aes->key, aes->rounds,
         (unsigned char*)aes->reg);
@@ -5701,6 +16724,13 @@ int wc_AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz)
     }
     return 0;
 }
+
+int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+        const byte* iv, int dir)
+{
+    (void)dir;
+    return wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
+}
 #endif /* WOLFSSL_AES_COUNTER */
 
 #ifdef HAVE_AESCCM
@@ -5962,15 +16992,15 @@ static WC_INLINE void RIGHTSHIFTX(byte* x)
     x[0] ^= borrow;
 }
 
-static void GenerateM0(Aes* aes)
+void GenerateM0(Gcm* gcm)
 {
     int i;
-    byte (*m)[AES_BLOCK_SIZE] = aes->M0;
+    byte (*m)[AES_BLOCK_SIZE] = gcm->M0;
 
     /* 0 times -> 0x0 */
     XMEMSET(m[0x0], 0, AES_BLOCK_SIZE);
     /* 1 times -> 0x8 */
-    XMEMCPY(m[0x8], aes->H, AES_BLOCK_SIZE);
+    XMEMCPY(m[0x8], gcm->H, AES_BLOCK_SIZE);
     /* 2 times -> 0x4 */
     XMEMCPY(m[0x4], m[0x8], AES_BLOCK_SIZE);
     RIGHTSHIFTX(m[0x4]);
@@ -6010,7 +17040,7 @@ static void GenerateM0(Aes* aes)
     xorbuf (m[0xf], m[0x7], AES_BLOCK_SIZE);
 
     for (i = 0; i < 16; i++) {
-        word32* m32 = (word32*)aes->M0[i];
+        word32* m32 = (word32*)gcm->M0[i];
         m32[0] = ByteReverseWord32(m32[0]);
         m32[1] = ByteReverseWord32(m32[1]);
         m32[2] = ByteReverseWord32(m32[2]);
@@ -6033,11 +17063,11 @@ int wc_AesGcmSetKey(Aes* aes, const byte* key, word32 len)
 
     XMEMSET(iv, 0, AES_BLOCK_SIZE);
     ret = wc_AesSetKey(aes, key, len, iv, AES_ENCRYPTION);
-    
+
     if (ret == 0) {
-        AES_ECB_encrypt(iv, aes->H, AES_BLOCK_SIZE,
+        AES_ECB_encrypt(iv, aes->gcm.H, AES_BLOCK_SIZE,
             (const unsigned char*)aes->key, aes->rounds);
-        GenerateM0(aes);
+        GenerateM0(&aes->gcm);
     }
 
     return ret;
@@ -6089,13 +17119,13 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c,
         blocks = aSz / AES_BLOCK_SIZE;
         partial = aSz % AES_BLOCK_SIZE;
         if (blocks > 0) {
-            GCM_gmult_len(x, aes->M0, a, blocks * AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, a, blocks * AES_BLOCK_SIZE);
             a += blocks * AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, a, partial);
-            GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
         }
     }
 
@@ -6104,20 +17134,20 @@ static void gcm_ghash_arm32(Aes* aes, const byte* a, word32 aSz, const byte* c,
         blocks = cSz / AES_BLOCK_SIZE;
         partial = cSz % AES_BLOCK_SIZE;
         if (blocks > 0) {
-            GCM_gmult_len(x, aes->M0, c, blocks * AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, c, blocks * AES_BLOCK_SIZE);
             c += blocks * AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, c, partial);
-            GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
         }
     }
 
     /* Hash in the lengths of A and C in bits */
     FlattenSzInBits(&scratch[0], aSz);
     FlattenSzInBits(&scratch[8], cSz);
-    GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+    GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
 
     /* Copy the result into s. */
     XMEMCPY(s, x, sSz);
@@ -6168,13 +17198,13 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         blocks = authInSz / AES_BLOCK_SIZE;
         partial = authInSz % AES_BLOCK_SIZE;
         if (blocks > 0) {
-            GCM_gmult_len(x, aes->M0, authIn, blocks * AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE);
             authIn += blocks * AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, authIn, partial);
-            GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
         }
     }
 
@@ -6184,7 +17214,7 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     if (blocks > 0) {
         AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE,
             (const unsigned char*)aes->key, aes->rounds, counter);
-        GCM_gmult_len(x, aes->M0, out, blocks * AES_BLOCK_SIZE);
+        GCM_gmult_len(x, aes->gcm.M0, out, blocks * AES_BLOCK_SIZE);
         in += blocks * AES_BLOCK_SIZE;
         out += blocks * AES_BLOCK_SIZE;
     }
@@ -6197,14 +17227,14 @@ int wc_AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz,
 
         XMEMSET(scratch, 0, AES_BLOCK_SIZE);
         XMEMCPY(scratch, out, partial);
-        GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+        GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
     }
 
     /* Hash in the lengths of A and C in bits */
     XMEMSET(scratch, 0, AES_BLOCK_SIZE);
     FlattenSzInBits(&scratch[0], authInSz);
     FlattenSzInBits(&scratch[8], sz);
-    GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+    GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
     if (authTagSz > AES_BLOCK_SIZE) {
         XMEMCPY(authTag, x, AES_BLOCK_SIZE);
     }
@@ -6256,13 +17286,13 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
         blocks = authInSz / AES_BLOCK_SIZE;
         partial = authInSz % AES_BLOCK_SIZE;
         if (blocks > 0) {
-            GCM_gmult_len(x, aes->M0, authIn, blocks * AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, authIn, blocks * AES_BLOCK_SIZE);
             authIn += blocks * AES_BLOCK_SIZE;
         }
         if (partial != 0) {
             XMEMSET(scratch, 0, AES_BLOCK_SIZE);
             XMEMCPY(scratch, authIn, partial);
-            GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+            GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
         }
     }
 
@@ -6270,7 +17300,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     partial = sz % AES_BLOCK_SIZE;
     /* do as many blocks as possible */
     if (blocks > 0) {
-        GCM_gmult_len(x, aes->M0, in, blocks * AES_BLOCK_SIZE);
+        GCM_gmult_len(x, aes->gcm.M0, in, blocks * AES_BLOCK_SIZE);
 
         AES_GCM_encrypt(in, out, blocks * AES_BLOCK_SIZE,
             (const unsigned char*)aes->key, aes->rounds, counter);
@@ -6280,7 +17310,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     if (partial != 0) {
         XMEMSET(scratch, 0, AES_BLOCK_SIZE);
         XMEMCPY(scratch, in, partial);
-        GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+        GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
 
         AES_GCM_encrypt(in, scratch, AES_BLOCK_SIZE,
             (const unsigned char*)aes->key, aes->rounds, counter);
@@ -6290,7 +17320,7 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     XMEMSET(scratch, 0, AES_BLOCK_SIZE);
     FlattenSzInBits(&scratch[0], authInSz);
     FlattenSzInBits(&scratch[8], sz);
-    GCM_gmult_len(x, aes->M0, scratch, AES_BLOCK_SIZE);
+    GCM_gmult_len(x, aes->gcm.M0, scratch, AES_BLOCK_SIZE);
     AES_ECB_encrypt(initialCounter, scratch, AES_BLOCK_SIZE,
         (const unsigned char*)aes->key, aes->rounds);
     xorbuf(x, scratch, authTagSz);
@@ -6303,5 +17333,6 @@ int wc_AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz,
     return 0;
 }
 #endif /* HAVE_AESGCM */
+
 #endif /* !WOLFSSL_ARMASM_NO_HW_CRYPTO */
 #endif /* !NO_AES && WOLFSSL_ARMASM */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
index 13afe2c9..94e64504 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-chacha.c
@@ -29,7 +29,7 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#ifdef WOLFSSL_ARMASM
+#if defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)
 #ifdef HAVE_CHACHA
 
 #include <wolfssl/wolfcrypt/chacha.h>
@@ -2896,4 +2896,4 @@ int wc_Chacha_Process(ChaCha* ctx, byte* output, const byte* input,
 }
 
 #endif /* HAVE_CHACHA */
-#endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM && !WOLFSSL_ARMASM_NO_NEON */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
index dafa2f75..3f04ce87 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519.S
@@ -30,7 +30,9 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
-#ifdef HAVE_CURVE25519
+#ifndef WOLFSSL_ARMASM_INLINE
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
 #ifndef __APPLE__
 .text
 .globl	fe_init
@@ -47,6 +49,7 @@ _fe_init:
 #ifndef __APPLE__
 	.size	fe_init,.-fe_init
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
 .globl	fe_frombytes
@@ -180,16 +183,17 @@ _fe_sub:
 	sbcs	x4, x4, x8
 	sbcs	x5, x5, x9
 	sbcs	x6, x6, x10
-	mov	x12, #-19
 	csetm	x11, cc
+	mov	x12, #-19
 	#   Mask the modulus
-	and	x12, x11, x12
-	and	x13, x11, #0x7fffffffffffffff
+	extr	x11, x11, x6, #63
+	mul	x12, x11, x12
 	#   Add modulus (if underflow)
-	adds	x3, x3, x12
-	adcs	x4, x4, x11
-	adcs	x5, x5, x11
-	adc	x6, x6, x13
+	subs	x3, x3, x12
+	sbcs	x4, x4, xzr
+	and	x6, x6, #0x7fffffffffffffff
+	sbcs	x5, x5, xzr
+	sbc	x6, x6, xzr
 	stp	x3, x4, [x0]
 	stp	x5, x6, [x0, #16]
 	ret
@@ -216,17 +220,18 @@ _fe_add:
 	adds	x3, x3, x7
 	adcs	x4, x4, x8
 	adcs	x5, x5, x9
-	adc	x6, x6, x10
-	mov	x12, #-19
-	asr	x11, x6, #63
+	adcs	x6, x6, x10
+	cset	x11, cs
+	mov	x12, #19
 	#   Mask the modulus
-	and	x12, x11, x12
-	and	x13, x11, #0x7fffffffffffffff
+	extr	x11, x11, x6, #63
+	mul	x12, x11, x12
 	#   Sub modulus (if overflow)
-	subs	x3, x3, x12
-	sbcs	x4, x4, x11
-	sbcs	x5, x5, x11
-	sbc	x6, x6, x13
+	adds	x3, x3, x12
+	adcs	x4, x4, xzr
+	and	x6, x6, #0x7fffffffffffffff
+	adcs	x5, x5, xzr
+	adc	x6, x6, xzr
 	stp	x3, x4, [x0]
 	stp	x5, x6, [x0, #16]
 	ret
@@ -553,6 +558,7 @@ _fe_cmov_table:
 #ifndef __APPLE__
 	.size	fe_cmov_table,.-fe_cmov_table
 #endif /* __APPLE__ */
+#endif /* HAVE_ED25519 */
 #ifndef __APPLE__
 .text
 .globl	fe_mul
@@ -576,136 +582,122 @@ _fe_mul:
 	ldp	x16, x17, [x1, #16]
 	ldp	x19, x20, [x2]
 	ldp	x21, x22, [x2, #16]
-	#  A[0] * B[0]
-	mul	x6, x14, x19
+	# A[0] * B[0]
 	umulh	x7, x14, x19
-	#  A[0] * B[1]
-	mul	x3, x14, x20
-	umulh	x8, x14, x20
-	adds	x7, x7, x3
-	adc	x8, x8, xzr
-	#  A[1] * B[0]
+	mul	x6, x14, x19
+	# A[2] * B[0]
+	umulh	x9, x16, x19
+	mul	x8, x16, x19
+	# A[1] * B[0]
 	mul	x3, x15, x19
+	adds	x7, x7, x3
 	umulh	x4, x15, x19
+	adcs	x8, x8, x4
+	# A[1] * B[3]
+	umulh	x11, x15, x22
+	adc	x9, x9, xzr
+	mul	x10, x15, x22
+	# A[0] * B[1]
+	mul	x3, x14, x20
 	adds	x7, x7, x3
+	umulh	x4, x14, x20
 	adcs	x8, x8, x4
-	adc	x9, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x14, x21
-	umulh	x4, x14, x21
-	adds	x8, x8, x3
-	adc	x9, x9, x4
-	#  A[1] * B[1]
-	mul	x3, x15, x20
-	umulh	x4, x15, x20
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x10, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x16, x19
-	umulh	x4, x16, x19
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x10, x10, xzr
-	#  A[0] * B[3]
-	mul	x3, x14, x22
-	umulh	x4, x14, x22
-	adds	x9, x9, x3
-	adcs	x10, x10, x4
-	adc	x11, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x15, x21
-	umulh	x4, x15, x21
-	adds	x9, x9, x3
-	adcs	x10, x10, x4
-	adc	x11, x11, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x16, x20
+	adcs	x9, x9, x3
 	umulh	x4, x16, x20
-	adds	x9, x9, x3
 	adcs	x10, x10, x4
 	adc	x11, x11, xzr
-	#  A[3] * B[0]
-	mul	x3, x17, x19
-	umulh	x4, x17, x19
+	# A[1] * B[2]
+	mul	x3, x15, x21
 	adds	x9, x9, x3
+	umulh	x4, x15, x21
 	adcs	x10, x10, x4
-	adc	x11, x11, xzr
-	#  A[1] * B[3]
-	mul	x3, x15, x22
-	umulh	x4, x15, x22
-	adds	x10, x10, x3
-	adcs	x11, x11, x4
+	adcs	x11, x11, xzr
 	adc	x12, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x16, x21
-	umulh	x4, x16, x21
-	adds	x10, x10, x3
-	adcs	x11, x11, x4
+	# A[0] * B[2]
+	mul	x3, x14, x21
+	adds	x8, x8, x3
+	umulh	x4, x14, x21
+	adcs	x9, x9, x4
+	adcs	x10, x10, xzr
+	adcs	x11, x11, xzr
 	adc	x12, x12, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x15, x20
+	adds	x8, x8, x3
+	umulh	x4, x15, x20
+	adcs	x9, x9, x4
+	# A[3] * B[1]
 	mul	x3, x17, x20
+	adcs	x10, x10, x3
 	umulh	x4, x17, x20
-	adds	x10, x10, x3
 	adcs	x11, x11, x4
 	adc	x12, x12, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x16, x21
+	adds	x10, x10, x3
+	umulh	x4, x16, x21
+	adcs	x11, x11, x4
+	# A[3] * B[3]
+	mul	x3, x17, x22
+	adcs	x12, x12, x3
+	umulh	x13, x17, x22
+	adc	x13, x13, xzr
+	# A[0] * B[3]
+	mul	x3, x14, x22
+	adds	x9, x9, x3
+	umulh	x4, x14, x22
+	adcs	x10, x10, x4
+	# A[2] * B[3]
 	mul	x3, x16, x22
+	adcs	x11, x11, x3
 	umulh	x4, x16, x22
-	adds	x11, x11, x3
 	adcs	x12, x12, x4
-	adc	x13, xzr, xzr
-	#  A[3] * B[2]
+	adc	x13, x13, xzr
+	# A[3] * B[0]
+	mul	x3, x17, x19
+	adds	x9, x9, x3
+	umulh	x4, x17, x19
+	adcs	x10, x10, x4
+	# A[3] * B[2]
 	mul	x3, x17, x21
+	adcs	x11, x11, x3
 	umulh	x4, x17, x21
-	adds	x11, x11, x3
 	adcs	x12, x12, x4
 	adc	x13, x13, xzr
-	#  A[3] * B[3]
-	mul	x3, x17, x22
-	umulh	x4, x17, x22
-	adds	x12, x12, x3
-	adc	x13, x13, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x13, x13, x12, #63
-	extr	x12, x12, x11, #63
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	and	x9, x9, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x3, #38
+	mul	x4, x3, x13
+	adds	x9, x9, x4
+	umulh	x5, x3, x13
+	adc	x5, x5, xzr
 	mov	x3, #19
+	extr	x5, x5, x9, #63
+	mul	x5, x5, x3
+	and	x9, x9, #0x7fffffffffffffff
+	mov	x3, #38
 	mul	x4, x3, x10
-	umulh	x10, x3, x10
 	adds	x6, x6, x4
+	umulh	x10, x3, x10
 	mul	x4, x3, x11
-	umulh	x11, x3, x11
 	adcs	x7, x7, x4
+	umulh	x11, x3, x11
 	mul	x4, x3, x12
-	umulh	x12, x3, x12
 	adcs	x8, x8, x4
-	mul	x4, x3, x13
-	umulh	x5, x3, x13
-	adcs	x9, x9, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x7, x7, x10
-	adcs	x8, x8, x11
-	adcs	x9, x9, x12
-	adc	x5, x5, xzr
-	#  Overflow
-	extr	x5, x5, x9, #63
-	mul	x5, x5, x3
-	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
+	umulh	x12, x3, x12
 	adc	x9, x9, xzr
-	# Reduce if top bit set
-	and	x5, x3, x9, asr 63
-	and	x9, x9, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x6, x6, x5
+	adcs	x7, x7, x10
+	adcs	x8, x8, x11
+	adc	x9, x9, x12
+	# Reduce if top bit set
+	mov	x3, #19
+	and	x4, x3, x9, asr 63
+	adds	x6, x6, x4
 	adcs	x7, x7, xzr
+	and	x9, x9, #0x7fffffffffffffff
 	adcs	x8, x8, xzr
 	adc	x9, x9, xzr
 	# Store
@@ -736,33 +728,30 @@ _fe_sq:
 	ldp	x13, x14, [x1]
 	ldp	x15, x16, [x1, #16]
 	#  A[0] * A[1]
-	mul	x6, x13, x14
 	umulh	x7, x13, x14
+	mul	x6, x13, x14
+	#  A[0] * A[3]
+	umulh	x9, x13, x16
+	mul	x8, x13, x16
 	#  A[0] * A[2]
 	mul	x2, x13, x15
-	umulh	x8, x13, x15
 	adds	x7, x7, x2
-	adc	x8, x8, xzr
-	#  A[0] * A[3]
-	mul	x2, x13, x16
-	umulh	x9, x13, x16
-	adds	x8, x8, x2
-	adc	x9, x9, xzr
+	umulh	x3, x13, x15
+	adcs	x8, x8, x3
+	#  A[1] * A[3]
+	mul	x2, x14, x16
+	adcs	x9, x9, x2
+	umulh	x10, x14, x16
+	adc	x10, x10, xzr
 	#  A[1] * A[2]
 	mul	x2, x14, x15
-	umulh	x3, x14, x15
 	adds	x8, x8, x2
+	umulh	x3, x14, x15
 	adcs	x9, x9, x3
-	adc	x10, xzr, xzr
-	#  A[1] * A[3]
-	mul	x2, x14, x16
-	umulh	x3, x14, x16
-	adds	x9, x9, x2
-	adc	x10, x10, x3
 	#  A[2] * A[3]
 	mul	x2, x15, x16
+	adcs	x10, x10, x2
 	umulh	x11, x15, x16
-	adds	x10, x10, x2
 	adc	x11, x11, xzr
 	# Double
 	adds	x6, x6, x6
@@ -773,66 +762,56 @@ _fe_sq:
 	adcs	x11, x11, x11
 	adc	x12, xzr, xzr
 	#  A[0] * A[0]
+	umulh	x3, x13, x13
 	mul	x5, x13, x13
-	umulh	x4, x13, x13
 	#  A[1] * A[1]
 	mul	x2, x14, x14
+	adds	x6, x6, x3
 	umulh	x3, x14, x14
-	adds	x6, x6, x4
 	adcs	x7, x7, x2
-	adc	x4, x3, xzr
 	#  A[2] * A[2]
 	mul	x2, x15, x15
+	adcs	x8, x8, x3
 	umulh	x3, x15, x15
-	adds	x8, x8, x4
 	adcs	x9, x9, x2
-	adc	x4, x3, xzr
 	#  A[3] * A[3]
 	mul	x2, x16, x16
+	adcs	x10, x10, x3
 	umulh	x3, x16, x16
-	adds	x10, x10, x4
 	adcs	x11, x11, x2
 	adc	x12, x12, x3
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x12, x12, x11, #63
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	and	x8, x8, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x2, #38
+	mul	x3, x2, x12
+	adds	x8, x8, x3
+	umulh	x4, x2, x12
+	adc	x4, x4, xzr
 	mov	x2, #19
+	extr	x4, x4, x8, #63
+	mul	x4, x4, x2
+	and	x8, x8, #0x7fffffffffffffff
+	mov	x2, #38
 	mul	x3, x2, x9
-	umulh	x9, x2, x9
 	adds	x5, x5, x3
+	umulh	x9, x2, x9
 	mul	x3, x2, x10
-	umulh	x10, x2, x10
 	adcs	x6, x6, x3
+	umulh	x10, x2, x10
 	mul	x3, x2, x11
-	umulh	x11, x2, x11
 	adcs	x7, x7, x3
-	mul	x3, x2, x12
-	umulh	x4, x2, x12
-	adcs	x8, x8, x3
-	adc	x4, x4, xzr
-	#  Add remaining product results in
-	adds	x6, x6, x9
-	adcs	x7, x7, x10
-	adcs	x8, x8, x11
-	adc	x4, x4, xzr
-	#  Overflow
-	extr	x4, x4, x8, #63
-	mul	x4, x4, x2
-	and	x8, x8, #0x7fffffffffffffff
-	adds	x5, x5, x4
-	adcs	x6, x6, xzr
-	adcs	x7, x7, xzr
+	umulh	x11, x2, x11
 	adc	x8, x8, xzr
-	# Reduce if top bit set
-	and	x4, x2, x8, asr 63
-	and	x8, x8, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x5, x5, x4
+	adcs	x6, x6, x9
+	adcs	x7, x7, x10
+	adc	x8, x8, x11
+	# Reduce if top bit set
+	mov	x2, #19
+	and	x3, x2, x8, asr 63
+	adds	x5, x5, x3
 	adcs	x6, x6, xzr
+	and	x8, x8, #0x7fffffffffffffff
 	adcs	x7, x7, xzr
 	adc	x8, x8, xzr
 	# Store
@@ -856,6 +835,7 @@ _fe_invert:
 #endif /* __APPLE__ */
 	stp	x29, x30, [sp, #-176]!
 	add	x29, sp, #0
+	str	x17, [x29, #160]
 	str	x20, [x29, #168]
 	# Invert
 	str	x0, [x29, #144]
@@ -920,61 +900,197 @@ _fe_invert:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x50
-#ifndef NDEBUG
-	add	x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x20, #3
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 5 times
+	mov	x20, #5
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_invert1:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert1
-	add	x0, x29, #48
+	bne	L_fe_invert1
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 #ifndef NDEBUG
-	add	x1, x29, #0x50
+	add	x0, x29, #48
 #endif /* !NDEBUG */
+	add	x1, x29, #0x50
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x50
-	add	x1, x29, #48
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x20, #8
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 10 times
+	mov	x20, #10
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_invert2:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert2
-#ifndef NDEBUG
+	bne	L_fe_invert2
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 	add	x0, x29, #0x50
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #0x50
 #endif /* !NDEBUG */
@@ -984,84 +1100,295 @@ L_fe_invert2:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x70
-#ifndef NDEBUG
-	add	x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x20, #18
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 20 times
+	mov	x20, #20
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_fe_invert3:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert3
-	add	x0, x29, #0x50
+	bne	L_fe_invert3
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 #ifndef NDEBUG
-	add	x1, x29, #0x70
+	add	x0, x29, #0x50
 #endif /* !NDEBUG */
+	add	x1, x29, #0x70
 	add	x2, x29, #0x50
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x20, #9
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 10 times
+	mov	x20, #10
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_fe_invert4:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert4
+	bne	L_fe_invert4
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 	add	x0, x29, #48
-#ifndef NDEBUG
 	add	x1, x29, #0x50
-#endif /* !NDEBUG */
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x50
-	add	x1, x29, #48
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x20, #48
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 50 times
+	mov	x20, #50
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_invert5:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert5
-#ifndef NDEBUG
+	bne	L_fe_invert5
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 	add	x0, x29, #0x50
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #0x50
 #endif /* !NDEBUG */
@@ -1071,84 +1398,303 @@ L_fe_invert5:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x70
-#ifndef NDEBUG
-	add	x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x20, #0x62
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 100 times
+	mov	x20, #0x64
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_fe_invert6:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert6
-	add	x0, x29, #0x50
+	bne	L_fe_invert6
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 #ifndef NDEBUG
-	add	x1, x29, #0x70
+	add	x0, x29, #0x50
 #endif /* !NDEBUG */
+	add	x1, x29, #0x70
 	add	x2, x29, #0x50
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x20, #49
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 50 times
+	mov	x20, #50
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_fe_invert7:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert7
+	bne	L_fe_invert7
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 	add	x0, x29, #48
-#ifndef NDEBUG
 	add	x1, x29, #0x50
-#endif /* !NDEBUG */
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x20, #4
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 5 times
+	mov	x20, #5
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_invert8:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x20, x20, #1
-	bcs	L_fe_invert8
+	bne	L_fe_invert8
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
 	ldr	x0, [x29, #144]
-#ifndef NDEBUG
 	add	x1, x29, #48
-#endif /* !NDEBUG */
 	add	x2, x29, #16
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
+	ldr	x17, [x29, #160]
 	ldr	x20, [x29, #168]
 	ldp	x29, x30, [sp], #0xb0
 	ret
@@ -1179,422 +1725,364 @@ _curve25519:
 	mov	x23, xzr
 	str	x0, [x29, #176]
 	str	x2, [x29, #184]
-	# Copy
 	ldp	x6, x7, [x2]
 	ldp	x8, x9, [x2, #16]
-	stp	x6, x7, [x29, #80]
-	stp	x8, x9, [x29, #96]
-	# Set one
-	mov	x2, #1
-	stp	x2, xzr, [x0]
-	stp	xzr, xzr, [x0, #16]
+	mov	x10, #1
+	mov	x11, xzr
+	mov	x12, xzr
+	mov	x13, xzr
+	stp	x10, x11, [x0]
+	stp	x12, x13, [x0, #16]
 	# Set zero
 	stp	xzr, xzr, [x29, #16]
 	stp	xzr, xzr, [x29, #32]
-	# Set one
-	mov	x2, #1
-	stp	x2, xzr, [x29, #48]
-	stp	xzr, xzr, [x29, #64]
-	mov	x25, #62
-	mov	x24, #24
-L_curve25519_words:
+	mov	x24, #0xfe
 L_curve25519_bits:
-	ldr	x2, [x1, x24]
-	lsr	x2, x2, x25
-	and	x2, x2, #1
-	eor	x23, x23, x2
+	lsr	x3, x24, #6
+	and	x4, x24, #63
+	ldr	x5, [x1, x3, LSL 3]
+	lsr	x5, x5, x4
+	eor	x23, x23, x5
+	# Conditional Swap
+	subs	xzr, xzr, x23, lsl 63
+	ldp	x25, x26, [x29, #16]
+	ldp	x27, x28, [x29, #32]
+	csel	x19, x25, x10, ne
+	csel	x25, x10, x25, ne
+	csel	x20, x26, x11, ne
+	csel	x26, x11, x26, ne
+	csel	x21, x27, x12, ne
+	csel	x27, x12, x27, ne
+	csel	x22, x28, x13, ne
+	csel	x28, x13, x28, ne
 	# Conditional Swap
-	cmp	x23, #1
+	subs	xzr, xzr, x23, lsl 63
 	ldp	x10, x11, [x0]
 	ldp	x12, x13, [x0, #16]
-	ldp	x6, x7, [x29, #80]
-	ldp	x8, x9, [x29, #96]
-	csel	x14, x10, x6, eq
-	csel	x10, x6, x10, eq
-	csel	x15, x11, x7, eq
-	csel	x11, x7, x11, eq
-	csel	x16, x12, x8, eq
-	csel	x12, x8, x12, eq
-	csel	x17, x13, x9, eq
-	csel	x13, x9, x13, eq
-	# Conditional Swap
-	cmp	x23, #1
-	ldp	x19, x20, [x29, #16]
-	ldp	x21, x22, [x29, #32]
-	ldp	x6, x7, [x29, #48]
-	ldp	x8, x9, [x29, #64]
-	csel	x5, x19, x6, eq
-	csel	x19, x6, x19, eq
-	csel	x26, x20, x7, eq
-	csel	x20, x7, x20, eq
-	csel	x27, x21, x8, eq
-	csel	x21, x8, x21, eq
-	csel	x28, x22, x9, eq
-	csel	x22, x9, x22, eq
-	mov	x23, x2
+	csel	x14, x10, x6, ne
+	csel	x10, x6, x10, ne
+	csel	x15, x11, x7, ne
+	csel	x11, x7, x11, ne
+	csel	x16, x12, x8, ne
+	csel	x12, x8, x12, ne
+	csel	x17, x13, x9, ne
+	csel	x13, x9, x13, ne
+	mov	x23, x5
 	# Add
-	adds	x6, x10, x19
-	adcs	x7, x11, x20
-	adcs	x8, x12, x21
-	adc	x9, x13, x22
-	mov	x3, #-19
-	asr	x2, x9, #63
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	adds	x6, x10, x25
+	adcs	x7, x11, x26
+	adcs	x8, x12, x27
+	adcs	x9, x13, x28
+	cset	x5, cs
+	mov	x3, #19
+	extr	x5, x5, x9, #63
+	mul	x3, x5, x3
 	#   Sub modulus (if overflow)
-	subs	x6, x6, x3
-	sbcs	x7, x7, x2
-	sbcs	x8, x8, x2
-	sbc	x9, x9, x4
+	adds	x6, x6, x3
+	adcs	x7, x7, xzr
+	and	x9, x9, #0x7fffffffffffffff
+	adcs	x8, x8, xzr
+	adc	x9, x9, xzr
 	# Sub
-	subs	x19, x10, x19
-	sbcs	x20, x11, x20
-	sbcs	x21, x12, x21
-	sbcs	x22, x13, x22
+	subs	x25, x10, x25
+	sbcs	x26, x11, x26
+	sbcs	x27, x12, x27
+	sbcs	x28, x13, x28
+	csetm	x5, cc
 	mov	x3, #-19
-	csetm	x2, cc
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	extr	x5, x5, x28, #63
+	mul	x3, x5, x3
 	#   Add modulus (if underflow)
-	adds	x19, x19, x3
-	adcs	x20, x20, x2
-	adcs	x21, x21, x2
-	adc	x22, x22, x4
-	stp	x19, x20, [x29, #144]
-	stp	x21, x22, [x29, #160]
+	subs	x25, x25, x3
+	sbcs	x26, x26, xzr
+	and	x28, x28, #0x7fffffffffffffff
+	sbcs	x27, x27, xzr
+	sbc	x28, x28, xzr
+	stp	x25, x26, [x29, #80]
+	stp	x27, x28, [x29, #96]
 	# Add
-	adds	x10, x14, x5
-	adcs	x11, x15, x26
-	adcs	x12, x16, x27
-	adc	x13, x17, x28
-	mov	x3, #-19
-	asr	x2, x13, #63
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	adds	x10, x14, x19
+	adcs	x11, x15, x20
+	adcs	x12, x16, x21
+	adcs	x13, x17, x22
+	cset	x5, cs
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x3, x5, x3
 	#   Sub modulus (if overflow)
-	subs	x10, x10, x3
-	sbcs	x11, x11, x2
-	sbcs	x12, x12, x2
-	sbc	x13, x13, x4
+	adds	x10, x10, x3
+	adcs	x11, x11, xzr
+	and	x13, x13, #0x7fffffffffffffff
+	adcs	x12, x12, xzr
+	adc	x13, x13, xzr
 	# Sub
-	subs	x14, x14, x5
-	sbcs	x15, x15, x26
-	sbcs	x16, x16, x27
-	sbcs	x17, x17, x28
+	subs	x14, x14, x19
+	sbcs	x15, x15, x20
+	sbcs	x16, x16, x21
+	sbcs	x17, x17, x22
+	csetm	x5, cc
 	mov	x3, #-19
-	csetm	x2, cc
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	extr	x5, x5, x17, #63
+	mul	x3, x5, x3
 	#   Add modulus (if underflow)
-	adds	x14, x14, x3
-	adcs	x15, x15, x2
-	adcs	x16, x16, x2
-	adc	x17, x17, x4
+	subs	x14, x14, x3
+	sbcs	x15, x15, xzr
+	and	x17, x17, #0x7fffffffffffffff
+	sbcs	x16, x16, xzr
+	sbc	x17, x17, xzr
 	# Multiply
-	#  A[0] * B[0]
-	mul	x19, x14, x6
+	# A[0] * B[0]
 	umulh	x20, x14, x6
-	#  A[0] * B[1]
-	mul	x3, x14, x7
-	umulh	x21, x14, x7
-	adds	x20, x20, x3
-	adc	x21, x21, xzr
-	#  A[1] * B[0]
+	mul	x19, x14, x6
+	# A[2] * B[0]
+	umulh	x22, x16, x6
+	mul	x21, x16, x6
+	# A[1] * B[0]
 	mul	x3, x15, x6
+	adds	x20, x20, x3
 	umulh	x4, x15, x6
+	adcs	x21, x21, x4
+	# A[1] * B[3]
+	umulh	x26, x15, x9
+	adc	x22, x22, xzr
+	mul	x25, x15, x9
+	# A[0] * B[1]
+	mul	x3, x14, x7
 	adds	x20, x20, x3
+	umulh	x4, x14, x7
 	adcs	x21, x21, x4
-	adc	x22, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x14, x8
-	umulh	x4, x14, x8
-	adds	x21, x21, x3
-	adc	x22, x22, x4
-	#  A[1] * B[1]
-	mul	x3, x15, x7
-	umulh	x4, x15, x7
-	adds	x21, x21, x3
-	adcs	x22, x22, x4
-	adc	x2, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x16, x6
-	umulh	x4, x16, x6
-	adds	x21, x21, x3
-	adcs	x22, x22, x4
-	adc	x2, x2, xzr
-	#  A[0] * B[3]
-	mul	x3, x14, x9
-	umulh	x4, x14, x9
-	adds	x22, x22, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x15, x8
-	umulh	x4, x15, x8
-	adds	x22, x22, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x16, x7
+	adcs	x22, x22, x3
 	umulh	x4, x16, x7
-	adds	x22, x22, x3
-	adcs	x2, x2, x4
+	adcs	x25, x25, x4
 	adc	x26, x26, xzr
-	#  A[3] * B[0]
-	mul	x3, x17, x6
-	umulh	x4, x17, x6
+	# A[1] * B[2]
+	mul	x3, x15, x8
 	adds	x22, x22, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[1] * B[3]
-	mul	x3, x15, x9
-	umulh	x4, x15, x9
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	umulh	x4, x15, x8
+	adcs	x25, x25, x4
+	adcs	x26, x26, xzr
 	adc	x27, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x16, x8
-	umulh	x4, x16, x8
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	# A[0] * B[2]
+	mul	x3, x14, x8
+	adds	x21, x21, x3
+	umulh	x4, x14, x8
+	adcs	x22, x22, x4
+	adcs	x25, x25, xzr
+	adcs	x26, x26, xzr
 	adc	x27, x27, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x15, x7
+	adds	x21, x21, x3
+	umulh	x4, x15, x7
+	adcs	x22, x22, x4
+	# A[3] * B[1]
 	mul	x3, x17, x7
+	adcs	x25, x25, x3
 	umulh	x4, x17, x7
-	adds	x2, x2, x3
 	adcs	x26, x26, x4
 	adc	x27, x27, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x16, x8
+	adds	x25, x25, x3
+	umulh	x4, x16, x8
+	adcs	x26, x26, x4
+	# A[3] * B[3]
+	mul	x3, x17, x9
+	adcs	x27, x27, x3
+	umulh	x28, x17, x9
+	adc	x28, x28, xzr
+	# A[0] * B[3]
+	mul	x3, x14, x9
+	adds	x22, x22, x3
+	umulh	x4, x14, x9
+	adcs	x25, x25, x4
+	# A[2] * B[3]
 	mul	x3, x16, x9
+	adcs	x26, x26, x3
 	umulh	x4, x16, x9
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
-	adc	x28, xzr, xzr
-	#  A[3] * B[2]
+	adc	x28, x28, xzr
+	# A[3] * B[0]
+	mul	x3, x17, x6
+	adds	x22, x22, x3
+	umulh	x4, x17, x6
+	adcs	x25, x25, x4
+	# A[3] * B[2]
 	mul	x3, x17, x8
+	adcs	x26, x26, x3
 	umulh	x4, x17, x8
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
 	adc	x28, x28, xzr
-	#  A[3] * B[3]
-	mul	x3, x17, x9
-	umulh	x4, x17, x9
-	adds	x27, x27, x3
-	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x22, #63
-	and	x22, x22, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x19, x19, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x20, x20, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x21, x21, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x22, x22, x4
 	umulh	x5, x3, x28
-	adcs	x22, x22, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x20, x20, x2
-	adcs	x21, x21, x26
-	adcs	x22, x22, x27
 	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x22, #63
 	mul	x5, x5, x3
 	and	x22, x22, #0x7fffffffffffffff
-	adds	x19, x19, x5
-	adcs	x20, x20, xzr
-	adcs	x21, x21, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x19, x19, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x20, x20, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x21, x21, x4
+	umulh	x27, x3, x27
 	adc	x22, x22, xzr
-	# Reduce if top bit set
-	and	x5, x3, x22, asr 63
-	and	x22, x22, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x19, x19, x5
-	adcs	x20, x20, xzr
-	adcs	x21, x21, xzr
-	adc	x22, x22, xzr
+	adcs	x20, x20, x25
+	adcs	x21, x21, x26
+	adc	x22, x22, x27
 	# Store
-	stp	x19, x20, [x29, #112]
-	stp	x21, x22, [x29, #128]
+	stp	x19, x20, [x29, #48]
+	stp	x21, x22, [x29, #64]
 	# Multiply
-	ldp	x2, x26, [x29, #144]
-	ldp	x27, x28, [x29, #160]
-	#  A[0] * B[0]
-	mul	x19, x10, x2
-	umulh	x20, x10, x2
-	#  A[0] * B[1]
-	mul	x3, x10, x26
-	umulh	x21, x10, x26
+	ldp	x25, x26, [x29, #80]
+	ldp	x27, x28, [x29, #96]
+	# A[0] * B[0]
+	umulh	x20, x10, x25
+	mul	x19, x10, x25
+	# A[2] * B[0]
+	umulh	x22, x12, x25
+	mul	x21, x12, x25
+	# A[1] * B[0]
+	mul	x3, x11, x25
 	adds	x20, x20, x3
-	adc	x21, x21, xzr
-	#  A[1] * B[0]
-	mul	x3, x11, x2
-	umulh	x4, x11, x2
+	umulh	x4, x11, x25
+	adcs	x21, x21, x4
+	# A[1] * B[3]
+	umulh	x15, x11, x28
+	adc	x22, x22, xzr
+	mul	x14, x11, x28
+	# A[0] * B[1]
+	mul	x3, x10, x26
 	adds	x20, x20, x3
+	umulh	x4, x10, x26
 	adcs	x21, x21, x4
-	adc	x22, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x10, x27
-	umulh	x4, x10, x27
-	adds	x21, x21, x3
-	adc	x22, x22, x4
-	#  A[1] * B[1]
-	mul	x3, x11, x26
-	umulh	x4, x11, x26
-	adds	x21, x21, x3
-	adcs	x22, x22, x4
-	adc	x14, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x12, x2
-	umulh	x4, x12, x2
-	adds	x21, x21, x3
-	adcs	x22, x22, x4
-	adc	x14, x14, xzr
-	#  A[0] * B[3]
-	mul	x3, x10, x28
-	umulh	x4, x10, x28
-	adds	x22, x22, x3
-	adcs	x14, x14, x4
-	adc	x15, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x11, x27
-	umulh	x4, x11, x27
-	adds	x22, x22, x3
-	adcs	x14, x14, x4
-	adc	x15, x15, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x12, x26
+	adcs	x22, x22, x3
 	umulh	x4, x12, x26
-	adds	x22, x22, x3
 	adcs	x14, x14, x4
 	adc	x15, x15, xzr
-	#  A[3] * B[0]
-	mul	x3, x13, x2
-	umulh	x4, x13, x2
+	# A[1] * B[2]
+	mul	x3, x11, x27
 	adds	x22, x22, x3
+	umulh	x4, x11, x27
 	adcs	x14, x14, x4
-	adc	x15, x15, xzr
-	#  A[1] * B[3]
-	mul	x3, x11, x28
-	umulh	x4, x11, x28
-	adds	x14, x14, x3
-	adcs	x15, x15, x4
+	adcs	x15, x15, xzr
 	adc	x16, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x12, x27
-	umulh	x4, x12, x27
-	adds	x14, x14, x3
-	adcs	x15, x15, x4
+	# A[0] * B[2]
+	mul	x3, x10, x27
+	adds	x21, x21, x3
+	umulh	x4, x10, x27
+	adcs	x22, x22, x4
+	adcs	x14, x14, xzr
+	adcs	x15, x15, xzr
 	adc	x16, x16, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x11, x26
+	adds	x21, x21, x3
+	umulh	x4, x11, x26
+	adcs	x22, x22, x4
+	# A[3] * B[1]
 	mul	x3, x13, x26
+	adcs	x14, x14, x3
 	umulh	x4, x13, x26
-	adds	x14, x14, x3
 	adcs	x15, x15, x4
 	adc	x16, x16, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x12, x27
+	adds	x14, x14, x3
+	umulh	x4, x12, x27
+	adcs	x15, x15, x4
+	# A[3] * B[3]
+	mul	x3, x13, x28
+	adcs	x16, x16, x3
+	umulh	x17, x13, x28
+	adc	x17, x17, xzr
+	# A[0] * B[3]
+	mul	x3, x10, x28
+	adds	x22, x22, x3
+	umulh	x4, x10, x28
+	adcs	x14, x14, x4
+	# A[2] * B[3]
 	mul	x3, x12, x28
+	adcs	x15, x15, x3
 	umulh	x4, x12, x28
-	adds	x15, x15, x3
 	adcs	x16, x16, x4
-	adc	x17, xzr, xzr
-	#  A[3] * B[2]
+	adc	x17, x17, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x25
+	adds	x22, x22, x3
+	umulh	x4, x13, x25
+	adcs	x14, x14, x4
+	# A[3] * B[2]
 	mul	x3, x13, x27
+	adcs	x15, x15, x3
 	umulh	x4, x13, x27
-	adds	x15, x15, x3
 	adcs	x16, x16, x4
 	adc	x17, x17, xzr
-	#  A[3] * B[3]
-	mul	x3, x13, x28
-	umulh	x4, x13, x28
-	adds	x16, x16, x3
-	adc	x17, x17, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	extr	x15, x15, x14, #63
-	extr	x14, x14, x22, #63
-	and	x22, x22, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x22, x22, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
 	mov	x3, #19
+	extr	x5, x5, x22, #63
+	mul	x5, x5, x3
+	and	x22, x22, #0x7fffffffffffffff
+	mov	x3, #38
 	mul	x4, x3, x14
-	umulh	x14, x3, x14
 	adds	x19, x19, x4
+	umulh	x14, x3, x14
 	mul	x4, x3, x15
-	umulh	x15, x3, x15
 	adcs	x20, x20, x4
+	umulh	x15, x3, x15
 	mul	x4, x3, x16
-	umulh	x16, x3, x16
 	adcs	x21, x21, x4
-	mul	x4, x3, x17
-	umulh	x5, x3, x17
-	adcs	x22, x22, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x20, x20, x14
-	adcs	x21, x21, x15
-	adcs	x22, x22, x16
-	adc	x5, x5, xzr
-	#  Overflow
-	extr	x5, x5, x22, #63
-	mul	x5, x5, x3
-	and	x22, x22, #0x7fffffffffffffff
-	adds	x19, x19, x5
-	adcs	x20, x20, xzr
-	adcs	x21, x21, xzr
+	umulh	x16, x3, x16
 	adc	x22, x22, xzr
-	# Reduce if top bit set
-	and	x5, x3, x22, asr 63
-	and	x22, x22, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x19, x19, x5
-	adcs	x20, x20, xzr
-	adcs	x21, x21, xzr
-	adc	x22, x22, xzr
-	# Store
+	adcs	x20, x20, x14
+	adcs	x21, x21, x15
+	adc	x22, x22, x16
 	# Square
 	#  A[0] * A[1]
-	mul	x11, x2, x26
-	umulh	x12, x2, x26
+	umulh	x12, x25, x26
+	mul	x11, x25, x26
+	#  A[0] * A[3]
+	umulh	x14, x25, x28
+	mul	x13, x25, x28
 	#  A[0] * A[2]
-	mul	x3, x2, x27
-	umulh	x13, x2, x27
+	mul	x3, x25, x27
 	adds	x12, x12, x3
-	adc	x13, x13, xzr
-	#  A[0] * A[3]
-	mul	x3, x2, x28
-	umulh	x14, x2, x28
-	adds	x13, x13, x3
-	adc	x14, x14, xzr
+	umulh	x4, x25, x27
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x26, x28
+	adcs	x14, x14, x3
+	umulh	x15, x26, x28
+	adc	x15, x15, xzr
 	#  A[1] * A[2]
 	mul	x3, x26, x27
-	umulh	x4, x26, x27
 	adds	x13, x13, x3
+	umulh	x4, x26, x27
 	adcs	x14, x14, x4
-	adc	x15, xzr, xzr
-	#  A[1] * A[3]
-	mul	x3, x26, x28
-	umulh	x4, x26, x28
-	adds	x14, x14, x3
-	adc	x15, x15, x4
 	#  A[2] * A[3]
 	mul	x3, x27, x28
+	adcs	x15, x15, x3
 	umulh	x16, x27, x28
-	adds	x15, x15, x3
 	adc	x16, x16, xzr
 	# Double
 	adds	x11, x11, x11
@@ -1605,304 +2093,241 @@ L_curve25519_bits:
 	adcs	x16, x16, x16
 	adc	x17, xzr, xzr
 	#  A[0] * A[0]
-	mul	x10, x2, x2
-	umulh	x5, x2, x2
+	umulh	x4, x25, x25
+	mul	x10, x25, x25
 	#  A[1] * A[1]
 	mul	x3, x26, x26
+	adds	x11, x11, x4
 	umulh	x4, x26, x26
-	adds	x11, x11, x5
 	adcs	x12, x12, x3
-	adc	x5, x4, xzr
 	#  A[2] * A[2]
 	mul	x3, x27, x27
+	adcs	x13, x13, x4
 	umulh	x4, x27, x27
-	adds	x13, x13, x5
 	adcs	x14, x14, x3
-	adc	x5, x4, xzr
 	#  A[3] * A[3]
 	mul	x3, x28, x28
+	adcs	x15, x15, x4
 	umulh	x4, x28, x28
-	adds	x15, x15, x5
 	adcs	x16, x16, x3
 	adc	x17, x17, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	extr	x15, x15, x14, #63
-	extr	x14, x14, x13, #63
-	and	x13, x13, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
 	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
 	mul	x4, x3, x14
-	umulh	x14, x3, x14
 	adds	x10, x10, x4
+	umulh	x14, x3, x14
 	mul	x4, x3, x15
-	umulh	x15, x3, x15
 	adcs	x11, x11, x4
+	umulh	x15, x3, x15
 	mul	x4, x3, x16
-	umulh	x16, x3, x16
 	adcs	x12, x12, x4
-	mul	x4, x3, x17
-	umulh	x5, x3, x17
-	adcs	x13, x13, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x11, x11, x14
-	adcs	x12, x12, x15
-	adcs	x13, x13, x16
-	adc	x5, x5, xzr
-	#  Overflow
-	extr	x5, x5, x13, #63
-	mul	x5, x5, x3
-	and	x13, x13, #0x7fffffffffffffff
-	adds	x10, x10, x5
-	adcs	x11, x11, xzr
-	adcs	x12, x12, xzr
+	umulh	x16, x3, x16
 	adc	x13, x13, xzr
-	# Reduce if top bit set
-	and	x5, x3, x13, asr 63
-	and	x13, x13, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x10, x10, x5
-	adcs	x11, x11, xzr
-	adcs	x12, x12, xzr
-	adc	x13, x13, xzr
-	# Store
+	adcs	x11, x11, x14
+	adcs	x12, x12, x15
+	adc	x13, x13, x16
 	# Square
 	#  A[0] * A[1]
-	mul	x15, x6, x7
 	umulh	x16, x6, x7
+	mul	x15, x6, x7
+	#  A[0] * A[3]
+	umulh	x25, x6, x9
+	mul	x17, x6, x9
 	#  A[0] * A[2]
 	mul	x3, x6, x8
-	umulh	x17, x6, x8
 	adds	x16, x16, x3
-	adc	x17, x17, xzr
-	#  A[0] * A[3]
-	mul	x3, x6, x9
-	umulh	x2, x6, x9
-	adds	x17, x17, x3
-	adc	x2, x2, xzr
+	umulh	x4, x6, x8
+	adcs	x17, x17, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x25, x25, x3
+	umulh	x26, x7, x9
+	adc	x26, x26, xzr
 	#  A[1] * A[2]
 	mul	x3, x7, x8
-	umulh	x4, x7, x8
 	adds	x17, x17, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * A[3]
-	mul	x3, x7, x9
-	umulh	x4, x7, x9
-	adds	x2, x2, x3
-	adc	x26, x26, x4
+	umulh	x4, x7, x8
+	adcs	x25, x25, x4
 	#  A[2] * A[3]
 	mul	x3, x8, x9
+	adcs	x26, x26, x3
 	umulh	x27, x8, x9
-	adds	x26, x26, x3
 	adc	x27, x27, xzr
 	# Double
 	adds	x15, x15, x15
 	adcs	x16, x16, x16
 	adcs	x17, x17, x17
-	adcs	x2, x2, x2
+	adcs	x25, x25, x25
 	adcs	x26, x26, x26
 	adcs	x27, x27, x27
 	adc	x28, xzr, xzr
 	#  A[0] * A[0]
+	umulh	x4, x6, x6
 	mul	x14, x6, x6
-	umulh	x5, x6, x6
 	#  A[1] * A[1]
 	mul	x3, x7, x7
+	adds	x15, x15, x4
 	umulh	x4, x7, x7
-	adds	x15, x15, x5
 	adcs	x16, x16, x3
-	adc	x5, x4, xzr
 	#  A[2] * A[2]
 	mul	x3, x8, x8
+	adcs	x17, x17, x4
 	umulh	x4, x8, x8
-	adds	x17, x17, x5
-	adcs	x2, x2, x3
-	adc	x5, x4, xzr
+	adcs	x25, x25, x3
 	#  A[3] * A[3]
 	mul	x3, x9, x9
+	adcs	x26, x26, x4
 	umulh	x4, x9, x9
-	adds	x26, x26, x5
 	adcs	x27, x27, x3
 	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x17, #63
-	and	x17, x17, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x14, x14, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x15, x15, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x16, x16, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x17, x17, x4
 	umulh	x5, x3, x28
-	adcs	x17, x17, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x15, x15, x2
-	adcs	x16, x16, x26
-	adcs	x17, x17, x27
 	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x17, #63
 	mul	x5, x5, x3
 	and	x17, x17, #0x7fffffffffffffff
-	adds	x14, x14, x5
-	adcs	x15, x15, xzr
-	adcs	x16, x16, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x14, x14, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x15, x15, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x16, x16, x4
+	umulh	x27, x3, x27
 	adc	x17, x17, xzr
-	# Reduce if top bit set
-	and	x5, x3, x17, asr 63
-	and	x17, x17, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x14, x14, x5
-	adcs	x15, x15, xzr
-	adcs	x16, x16, xzr
-	adc	x17, x17, xzr
-	# Store
+	adcs	x15, x15, x25
+	adcs	x16, x16, x26
+	adc	x17, x17, x27
 	# Multiply
-	#  A[0] * B[0]
-	mul	x6, x14, x10
+	# A[0] * B[0]
 	umulh	x7, x14, x10
-	#  A[0] * B[1]
-	mul	x3, x14, x11
-	umulh	x8, x14, x11
-	adds	x7, x7, x3
-	adc	x8, x8, xzr
-	#  A[1] * B[0]
+	mul	x6, x14, x10
+	# A[2] * B[0]
+	umulh	x9, x16, x10
+	mul	x8, x16, x10
+	# A[1] * B[0]
 	mul	x3, x15, x10
+	adds	x7, x7, x3
 	umulh	x4, x15, x10
+	adcs	x8, x8, x4
+	# A[1] * B[3]
+	umulh	x26, x15, x13
+	adc	x9, x9, xzr
+	mul	x25, x15, x13
+	# A[0] * B[1]
+	mul	x3, x14, x11
 	adds	x7, x7, x3
+	umulh	x4, x14, x11
 	adcs	x8, x8, x4
-	adc	x9, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x14, x12
-	umulh	x4, x14, x12
-	adds	x8, x8, x3
-	adc	x9, x9, x4
-	#  A[1] * B[1]
-	mul	x3, x15, x11
-	umulh	x4, x15, x11
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x2, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x16, x10
-	umulh	x4, x16, x10
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x2, x2, xzr
-	#  A[0] * B[3]
-	mul	x3, x14, x13
-	umulh	x4, x14, x13
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x15, x12
-	umulh	x4, x15, x12
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x16, x11
+	adcs	x9, x9, x3
 	umulh	x4, x16, x11
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
+	adcs	x25, x25, x4
 	adc	x26, x26, xzr
-	#  A[3] * B[0]
-	mul	x3, x17, x10
-	umulh	x4, x17, x10
+	# A[1] * B[2]
+	mul	x3, x15, x12
 	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[1] * B[3]
-	mul	x3, x15, x13
-	umulh	x4, x15, x13
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	umulh	x4, x15, x12
+	adcs	x25, x25, x4
+	adcs	x26, x26, xzr
 	adc	x27, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x16, x12
-	umulh	x4, x16, x12
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	# A[0] * B[2]
+	mul	x3, x14, x12
+	adds	x8, x8, x3
+	umulh	x4, x14, x12
+	adcs	x9, x9, x4
+	adcs	x25, x25, xzr
+	adcs	x26, x26, xzr
 	adc	x27, x27, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x15, x11
+	adds	x8, x8, x3
+	umulh	x4, x15, x11
+	adcs	x9, x9, x4
+	# A[3] * B[1]
 	mul	x3, x17, x11
+	adcs	x25, x25, x3
 	umulh	x4, x17, x11
-	adds	x2, x2, x3
 	adcs	x26, x26, x4
 	adc	x27, x27, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x16, x12
+	adds	x25, x25, x3
+	umulh	x4, x16, x12
+	adcs	x26, x26, x4
+	# A[3] * B[3]
+	mul	x3, x17, x13
+	adcs	x27, x27, x3
+	umulh	x28, x17, x13
+	adc	x28, x28, xzr
+	# A[0] * B[3]
+	mul	x3, x14, x13
+	adds	x9, x9, x3
+	umulh	x4, x14, x13
+	adcs	x25, x25, x4
+	# A[2] * B[3]
 	mul	x3, x16, x13
+	adcs	x26, x26, x3
 	umulh	x4, x16, x13
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
-	adc	x28, xzr, xzr
-	#  A[3] * B[2]
+	adc	x28, x28, xzr
+	# A[3] * B[0]
+	mul	x3, x17, x10
+	adds	x9, x9, x3
+	umulh	x4, x17, x10
+	adcs	x25, x25, x4
+	# A[3] * B[2]
 	mul	x3, x17, x12
+	adcs	x26, x26, x3
 	umulh	x4, x17, x12
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
 	adc	x28, x28, xzr
-	#  A[3] * B[3]
-	mul	x3, x17, x13
-	umulh	x4, x17, x13
-	adds	x27, x27, x3
-	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x9, #63
-	and	x9, x9, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x6, x6, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x7, x7, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x8, x8, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x9, x9, x4
 	umulh	x5, x3, x28
-	adcs	x9, x9, x4
 	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x7, x7, x2
-	adcs	x8, x8, x26
-	adcs	x9, x9, x27
-	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x9, #63
 	mul	x5, x5, x3
 	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x6, x6, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x7, x7, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x8, x8, x4
+	umulh	x27, x3, x27
 	adc	x9, x9, xzr
-	# Reduce if top bit set
-	and	x5, x3, x9, asr 63
-	and	x9, x9, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
-	adc	x9, x9, xzr
+	adcs	x7, x7, x25
+	adcs	x8, x8, x26
+	adc	x9, x9, x27
 	# Store
 	stp	x6, x7, [x0]
 	stp	x8, x9, [x0, #16]
@@ -1911,576 +2336,479 @@ L_curve25519_bits:
 	sbcs	x15, x15, x11
 	sbcs	x16, x16, x12
 	sbcs	x17, x17, x13
+	csetm	x5, cc
 	mov	x3, #-19
-	csetm	x2, cc
 	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	extr	x5, x5, x17, #63
+	mul	x3, x5, x3
 	#   Add modulus (if underflow)
-	adds	x14, x14, x3
-	adcs	x15, x15, x2
-	adcs	x16, x16, x2
-	adc	x17, x17, x4
+	subs	x14, x14, x3
+	sbcs	x15, x15, xzr
+	and	x17, x17, #0x7fffffffffffffff
+	sbcs	x16, x16, xzr
+	sbc	x17, x17, xzr
 	# Multiply by 121666
 	mov	x5, #0xdb42
 	movk	x5, #1, lsl 16
 	mul	x6, x14, x5
 	umulh	x7, x14, x5
 	mul	x3, x15, x5
-	umulh	x4, x15, x5
+	umulh	x8, x15, x5
 	adds	x7, x7, x3
-	adc	x8, xzr, x4
+	adc	x8, x8, xzr
 	mul	x3, x16, x5
-	umulh	x4, x16, x5
+	umulh	x9, x16, x5
 	adds	x8, x8, x3
-	adc	x9, xzr, x4
+	adc	x9, x9, xzr
 	mul	x3, x17, x5
 	umulh	x4, x17, x5
 	adds	x9, x9, x3
-	adc	x4, xzr, x4
+	adc	x4, x4, xzr
 	mov	x5, #19
 	extr	x4, x4, x9, #63
 	mul	x4, x4, x5
-	and	x9, x9, #0x7fffffffffffffff
 	adds	x6, x6, x4
 	adcs	x7, x7, xzr
+	and	x9, x9, #0x7fffffffffffffff
 	adcs	x8, x8, xzr
 	adc	x9, x9, xzr
 	# Add
 	adds	x10, x10, x6
 	adcs	x11, x11, x7
 	adcs	x12, x12, x8
-	adc	x13, x13, x9
-	mov	x3, #-19
-	asr	x2, x13, #63
+	adcs	x13, x13, x9
+	cset	x5, cs
+	mov	x3, #19
 	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	extr	x5, x5, x13, #63
+	mul	x3, x5, x3
 	#   Sub modulus (if overflow)
-	subs	x10, x10, x3
-	sbcs	x11, x11, x2
-	sbcs	x12, x12, x2
-	sbc	x13, x13, x4
+	adds	x10, x10, x3
+	adcs	x11, x11, xzr
+	and	x13, x13, #0x7fffffffffffffff
+	adcs	x12, x12, xzr
+	adc	x13, x13, xzr
 	# Multiply
-	#  A[0] * B[0]
-	mul	x6, x14, x10
+	# A[0] * B[0]
 	umulh	x7, x14, x10
-	#  A[0] * B[1]
-	mul	x3, x14, x11
-	umulh	x8, x14, x11
-	adds	x7, x7, x3
-	adc	x8, x8, xzr
-	#  A[1] * B[0]
+	mul	x6, x14, x10
+	# A[2] * B[0]
+	umulh	x9, x16, x10
+	mul	x8, x16, x10
+	# A[1] * B[0]
 	mul	x3, x15, x10
+	adds	x7, x7, x3
 	umulh	x4, x15, x10
+	adcs	x8, x8, x4
+	# A[1] * B[3]
+	umulh	x26, x15, x13
+	adc	x9, x9, xzr
+	mul	x25, x15, x13
+	# A[0] * B[1]
+	mul	x3, x14, x11
 	adds	x7, x7, x3
+	umulh	x4, x14, x11
 	adcs	x8, x8, x4
-	adc	x9, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x14, x12
-	umulh	x4, x14, x12
-	adds	x8, x8, x3
-	adc	x9, x9, x4
-	#  A[1] * B[1]
-	mul	x3, x15, x11
-	umulh	x4, x15, x11
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x2, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x16, x10
-	umulh	x4, x16, x10
-	adds	x8, x8, x3
-	adcs	x9, x9, x4
-	adc	x2, x2, xzr
-	#  A[0] * B[3]
-	mul	x3, x14, x13
-	umulh	x4, x14, x13
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x15, x12
-	umulh	x4, x15, x12
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x16, x11
+	adcs	x9, x9, x3
 	umulh	x4, x16, x11
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
+	adcs	x25, x25, x4
 	adc	x26, x26, xzr
-	#  A[3] * B[0]
-	mul	x3, x17, x10
-	umulh	x4, x17, x10
+	# A[1] * B[2]
+	mul	x3, x15, x12
 	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[1] * B[3]
-	mul	x3, x15, x13
-	umulh	x4, x15, x13
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	umulh	x4, x15, x12
+	adcs	x25, x25, x4
+	adcs	x26, x26, xzr
 	adc	x27, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x16, x12
-	umulh	x4, x16, x12
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
+	# A[0] * B[2]
+	mul	x3, x14, x12
+	adds	x8, x8, x3
+	umulh	x4, x14, x12
+	adcs	x9, x9, x4
+	adcs	x25, x25, xzr
+	adcs	x26, x26, xzr
 	adc	x27, x27, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x15, x11
+	adds	x8, x8, x3
+	umulh	x4, x15, x11
+	adcs	x9, x9, x4
+	# A[3] * B[1]
 	mul	x3, x17, x11
+	adcs	x25, x25, x3
 	umulh	x4, x17, x11
-	adds	x2, x2, x3
 	adcs	x26, x26, x4
 	adc	x27, x27, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x16, x12
+	adds	x25, x25, x3
+	umulh	x4, x16, x12
+	adcs	x26, x26, x4
+	# A[3] * B[3]
+	mul	x3, x17, x13
+	adcs	x27, x27, x3
+	umulh	x28, x17, x13
+	adc	x28, x28, xzr
+	# A[0] * B[3]
+	mul	x3, x14, x13
+	adds	x9, x9, x3
+	umulh	x4, x14, x13
+	adcs	x25, x25, x4
+	# A[2] * B[3]
 	mul	x3, x16, x13
+	adcs	x26, x26, x3
 	umulh	x4, x16, x13
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
-	adc	x28, xzr, xzr
-	#  A[3] * B[2]
+	adc	x28, x28, xzr
+	# A[3] * B[0]
+	mul	x3, x17, x10
+	adds	x9, x9, x3
+	umulh	x4, x17, x10
+	adcs	x25, x25, x4
+	# A[3] * B[2]
 	mul	x3, x17, x12
+	adcs	x26, x26, x3
 	umulh	x4, x17, x12
-	adds	x26, x26, x3
 	adcs	x27, x27, x4
 	adc	x28, x28, xzr
-	#  A[3] * B[3]
-	mul	x3, x17, x13
-	umulh	x4, x17, x13
-	adds	x27, x27, x3
-	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x9, #63
-	and	x9, x9, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x6, x6, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x7, x7, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x8, x8, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x9, x9, x4
 	umulh	x5, x3, x28
-	adcs	x9, x9, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x7, x7, x2
-	adcs	x8, x8, x26
-	adcs	x9, x9, x27
 	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x9, #63
 	mul	x5, x5, x3
 	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x6, x6, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x7, x7, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x8, x8, x4
+	umulh	x27, x3, x27
 	adc	x9, x9, xzr
-	# Reduce if top bit set
-	and	x5, x3, x9, asr 63
-	and	x9, x9, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
-	adc	x9, x9, xzr
+	adcs	x7, x7, x25
+	adcs	x8, x8, x26
+	adc	x9, x9, x27
 	# Store
 	stp	x6, x7, [x29, #16]
 	stp	x8, x9, [x29, #32]
 	# Add
-	ldp	x6, x7, [x29, #112]
-	ldp	x8, x9, [x29, #128]
-	adds	x10, x6, x19
-	adcs	x11, x7, x20
-	adcs	x12, x8, x21
-	adc	x13, x9, x22
-	mov	x3, #-19
-	asr	x2, x13, #63
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	ldp	x25, x26, [x29, #48]
+	ldp	x27, x28, [x29, #64]
+	adds	x10, x25, x19
+	adcs	x11, x26, x20
+	adcs	x12, x27, x21
+	adcs	x13, x28, x22
+	cset	x5, cs
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x3, x5, x3
 	#   Sub modulus (if overflow)
-	subs	x10, x10, x3
-	sbcs	x11, x11, x2
-	sbcs	x12, x12, x2
-	sbc	x13, x13, x4
+	adds	x10, x10, x3
+	adcs	x11, x11, xzr
+	and	x13, x13, #0x7fffffffffffffff
+	adcs	x12, x12, xzr
+	adc	x13, x13, xzr
 	# Sub
-	subs	x19, x6, x19
-	sbcs	x20, x7, x20
-	sbcs	x21, x8, x21
-	sbcs	x22, x9, x22
+	subs	x19, x25, x19
+	sbcs	x20, x26, x20
+	sbcs	x21, x27, x21
+	sbcs	x22, x28, x22
+	csetm	x5, cc
 	mov	x3, #-19
-	csetm	x2, cc
-	#   Mask the modulus
-	and	x3, x2, x3
-	and	x4, x2, #0x7fffffffffffffff
+	extr	x5, x5, x22, #63
+	mul	x3, x5, x3
 	#   Add modulus (if underflow)
-	adds	x19, x19, x3
-	adcs	x20, x20, x2
-	adcs	x21, x21, x2
-	adc	x22, x22, x4
+	subs	x19, x19, x3
+	sbcs	x20, x20, xzr
+	and	x22, x22, #0x7fffffffffffffff
+	sbcs	x21, x21, xzr
+	sbc	x22, x22, xzr
 	# Square
 	#  A[0] * A[1]
-	mul	x7, x10, x11
 	umulh	x8, x10, x11
+	mul	x7, x10, x11
+	#  A[0] * A[3]
+	umulh	x25, x10, x13
+	mul	x9, x10, x13
 	#  A[0] * A[2]
 	mul	x3, x10, x12
-	umulh	x9, x10, x12
 	adds	x8, x8, x3
-	adc	x9, x9, xzr
-	#  A[0] * A[3]
-	mul	x3, x10, x13
-	umulh	x2, x10, x13
-	adds	x9, x9, x3
-	adc	x2, x2, xzr
+	umulh	x4, x10, x12
+	adcs	x9, x9, x4
+	#  A[1] * A[3]
+	mul	x3, x11, x13
+	adcs	x25, x25, x3
+	umulh	x26, x11, x13
+	adc	x26, x26, xzr
 	#  A[1] * A[2]
 	mul	x3, x11, x12
-	umulh	x4, x11, x12
 	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * A[3]
-	mul	x3, x11, x13
-	umulh	x4, x11, x13
-	adds	x2, x2, x3
-	adc	x26, x26, x4
+	umulh	x4, x11, x12
+	adcs	x25, x25, x4
 	#  A[2] * A[3]
 	mul	x3, x12, x13
+	adcs	x26, x26, x3
 	umulh	x27, x12, x13
-	adds	x26, x26, x3
 	adc	x27, x27, xzr
 	# Double
 	adds	x7, x7, x7
 	adcs	x8, x8, x8
 	adcs	x9, x9, x9
-	adcs	x2, x2, x2
+	adcs	x25, x25, x25
 	adcs	x26, x26, x26
 	adcs	x27, x27, x27
 	adc	x28, xzr, xzr
 	#  A[0] * A[0]
+	umulh	x4, x10, x10
 	mul	x6, x10, x10
-	umulh	x5, x10, x10
 	#  A[1] * A[1]
 	mul	x3, x11, x11
+	adds	x7, x7, x4
 	umulh	x4, x11, x11
-	adds	x7, x7, x5
 	adcs	x8, x8, x3
-	adc	x5, x4, xzr
 	#  A[2] * A[2]
 	mul	x3, x12, x12
+	adcs	x9, x9, x4
 	umulh	x4, x12, x12
-	adds	x9, x9, x5
-	adcs	x2, x2, x3
-	adc	x5, x4, xzr
+	adcs	x25, x25, x3
 	#  A[3] * A[3]
 	mul	x3, x13, x13
+	adcs	x26, x26, x4
 	umulh	x4, x13, x13
-	adds	x26, x26, x5
 	adcs	x27, x27, x3
 	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x9, #63
-	and	x9, x9, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x6, x6, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x7, x7, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x8, x8, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x9, x9, x4
 	umulh	x5, x3, x28
-	adcs	x9, x9, x4
 	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x7, x7, x2
-	adcs	x8, x8, x26
-	adcs	x9, x9, x27
-	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x9, #63
 	mul	x5, x5, x3
 	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x6, x6, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x7, x7, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x8, x8, x4
+	umulh	x27, x3, x27
 	adc	x9, x9, xzr
-	# Reduce if top bit set
-	and	x5, x3, x9, asr 63
-	and	x9, x9, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
-	adc	x9, x9, xzr
-	# Store
-	stp	x6, x7, [x29, #80]
-	stp	x8, x9, [x29, #96]
+	adcs	x7, x7, x25
+	adcs	x8, x8, x26
+	adc	x9, x9, x27
 	# Square
 	#  A[0] * A[1]
-	mul	x7, x19, x20
-	umulh	x8, x19, x20
+	umulh	x16, x19, x20
+	mul	x15, x19, x20
+	#  A[0] * A[3]
+	umulh	x25, x19, x22
+	mul	x17, x19, x22
 	#  A[0] * A[2]
 	mul	x3, x19, x21
-	umulh	x9, x19, x21
-	adds	x8, x8, x3
-	adc	x9, x9, xzr
-	#  A[0] * A[3]
-	mul	x3, x19, x22
-	umulh	x2, x19, x22
-	adds	x9, x9, x3
-	adc	x2, x2, xzr
+	adds	x16, x16, x3
+	umulh	x4, x19, x21
+	adcs	x17, x17, x4
+	#  A[1] * A[3]
+	mul	x3, x20, x22
+	adcs	x25, x25, x3
+	umulh	x26, x20, x22
+	adc	x26, x26, xzr
 	#  A[1] * A[2]
 	mul	x3, x20, x21
+	adds	x17, x17, x3
 	umulh	x4, x20, x21
-	adds	x9, x9, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * A[3]
-	mul	x3, x20, x22
-	umulh	x4, x20, x22
-	adds	x2, x2, x3
-	adc	x26, x26, x4
+	adcs	x25, x25, x4
 	#  A[2] * A[3]
 	mul	x3, x21, x22
+	adcs	x26, x26, x3
 	umulh	x27, x21, x22
-	adds	x26, x26, x3
 	adc	x27, x27, xzr
 	# Double
-	adds	x7, x7, x7
-	adcs	x8, x8, x8
-	adcs	x9, x9, x9
-	adcs	x2, x2, x2
+	adds	x15, x15, x15
+	adcs	x16, x16, x16
+	adcs	x17, x17, x17
+	adcs	x25, x25, x25
 	adcs	x26, x26, x26
 	adcs	x27, x27, x27
 	adc	x28, xzr, xzr
 	#  A[0] * A[0]
-	mul	x6, x19, x19
-	umulh	x5, x19, x19
+	umulh	x4, x19, x19
+	mul	x14, x19, x19
 	#  A[1] * A[1]
 	mul	x3, x20, x20
+	adds	x15, x15, x4
 	umulh	x4, x20, x20
-	adds	x7, x7, x5
-	adcs	x8, x8, x3
-	adc	x5, x4, xzr
+	adcs	x16, x16, x3
 	#  A[2] * A[2]
 	mul	x3, x21, x21
+	adcs	x17, x17, x4
 	umulh	x4, x21, x21
-	adds	x9, x9, x5
-	adcs	x2, x2, x3
-	adc	x5, x4, xzr
+	adcs	x25, x25, x3
 	#  A[3] * A[3]
 	mul	x3, x22, x22
+	adcs	x26, x26, x4
 	umulh	x4, x22, x22
-	adds	x26, x26, x5
 	adcs	x27, x27, x3
 	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x9, #63
-	and	x9, x9, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x3, #38
+	mul	x4, x3, x28
+	adds	x17, x17, x4
+	umulh	x5, x3, x28
+	adc	x5, x5, xzr
 	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x6, x6, x4
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x14, x14, x4
+	umulh	x25, x3, x25
 	mul	x4, x3, x26
+	adcs	x15, x15, x4
 	umulh	x26, x3, x26
-	adcs	x7, x7, x4
 	mul	x4, x3, x27
+	adcs	x16, x16, x4
 	umulh	x27, x3, x27
-	adcs	x8, x8, x4
-	mul	x4, x3, x28
-	umulh	x5, x3, x28
-	adcs	x9, x9, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x7, x7, x2
-	adcs	x8, x8, x26
-	adcs	x9, x9, x27
-	adc	x5, x5, xzr
-	#  Overflow
-	extr	x5, x5, x9, #63
-	mul	x5, x5, x3
-	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
-	adc	x9, x9, xzr
-	# Reduce if top bit set
-	and	x5, x3, x9, asr 63
-	and	x9, x9, #0x7fffffffffffffff
-	adds	x6, x6, x5
-	adcs	x7, x7, xzr
-	adcs	x8, x8, xzr
-	adc	x9, x9, xzr
-	# Store
-	ldr	x2, [x29, #184]
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x25
+	adcs	x16, x16, x26
+	adc	x17, x17, x27
 	# Multiply
-	ldp	x14, x15, [x2]
-	ldp	x16, x17, [x2, #16]
-	#  A[0] * B[0]
-	mul	x10, x14, x6
-	umulh	x11, x14, x6
-	#  A[0] * B[1]
-	mul	x3, x14, x7
-	umulh	x12, x14, x7
+	ldp	x19, x20, [x2]
+	ldp	x21, x22, [x2, #16]
+	# A[0] * B[0]
+	umulh	x11, x19, x14
+	mul	x10, x19, x14
+	# A[2] * B[0]
+	umulh	x13, x21, x14
+	mul	x12, x21, x14
+	# A[1] * B[0]
+	mul	x3, x20, x14
 	adds	x11, x11, x3
-	adc	x12, x12, xzr
-	#  A[1] * B[0]
-	mul	x3, x15, x6
-	umulh	x4, x15, x6
+	umulh	x4, x20, x14
+	adcs	x12, x12, x4
+	# A[1] * B[3]
+	umulh	x26, x20, x17
+	adc	x13, x13, xzr
+	mul	x25, x20, x17
+	# A[0] * B[1]
+	mul	x3, x19, x15
 	adds	x11, x11, x3
+	umulh	x4, x19, x15
 	adcs	x12, x12, x4
-	adc	x13, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x14, x8
-	umulh	x4, x14, x8
-	adds	x12, x12, x3
-	adc	x13, x13, x4
-	#  A[1] * B[1]
-	mul	x3, x15, x7
-	umulh	x4, x15, x7
+	# A[2] * B[1]
+	mul	x3, x21, x15
+	adcs	x13, x13, x3
+	umulh	x4, x21, x15
+	adcs	x25, x25, x4
+	adc	x26, x26, xzr
+	# A[1] * B[2]
+	mul	x3, x20, x16
+	adds	x13, x13, x3
+	umulh	x4, x20, x16
+	adcs	x25, x25, x4
+	adcs	x26, x26, xzr
+	adc	x27, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x19, x16
 	adds	x12, x12, x3
+	umulh	x4, x19, x16
 	adcs	x13, x13, x4
-	adc	x2, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x16, x6
-	umulh	x4, x16, x6
+	adcs	x25, x25, xzr
+	adcs	x26, x26, xzr
+	adc	x27, x27, xzr
+	# A[1] * B[1]
+	mul	x3, x20, x15
 	adds	x12, x12, x3
+	umulh	x4, x20, x15
 	adcs	x13, x13, x4
-	adc	x2, x2, xzr
-	#  A[0] * B[3]
-	mul	x3, x14, x9
-	umulh	x4, x14, x9
-	adds	x13, x13, x3
-	adcs	x2, x2, x4
-	adc	x26, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x15, x8
-	umulh	x4, x15, x8
-	adds	x13, x13, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[2] * B[1]
-	mul	x3, x16, x7
-	umulh	x4, x16, x7
-	adds	x13, x13, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[3] * B[0]
-	mul	x3, x17, x6
-	umulh	x4, x17, x6
-	adds	x13, x13, x3
-	adcs	x2, x2, x4
-	adc	x26, x26, xzr
-	#  A[1] * B[3]
-	mul	x3, x15, x9
-	umulh	x4, x15, x9
-	adds	x2, x2, x3
-	adcs	x26, x26, x4
-	adc	x27, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x16, x8
-	umulh	x4, x16, x8
-	adds	x2, x2, x3
+	# A[3] * B[1]
+	mul	x3, x22, x15
+	adcs	x25, x25, x3
+	umulh	x4, x22, x15
 	adcs	x26, x26, x4
 	adc	x27, x27, xzr
-	#  A[3] * B[1]
-	mul	x3, x17, x7
-	umulh	x4, x17, x7
-	adds	x2, x2, x3
+	# A[2] * B[2]
+	mul	x3, x21, x16
+	adds	x25, x25, x3
+	umulh	x4, x21, x16
 	adcs	x26, x26, x4
-	adc	x27, x27, xzr
-	#  A[2] * B[3]
-	mul	x3, x16, x9
-	umulh	x4, x16, x9
-	adds	x26, x26, x3
+	# A[3] * B[3]
+	mul	x3, x22, x17
+	adcs	x27, x27, x3
+	umulh	x28, x22, x17
+	adc	x28, x28, xzr
+	# A[0] * B[3]
+	mul	x3, x19, x17
+	adds	x13, x13, x3
+	umulh	x4, x19, x17
+	adcs	x25, x25, x4
+	# A[2] * B[3]
+	mul	x3, x21, x17
+	adcs	x26, x26, x3
+	umulh	x4, x21, x17
 	adcs	x27, x27, x4
-	adc	x28, xzr, xzr
-	#  A[3] * B[2]
-	mul	x3, x17, x8
-	umulh	x4, x17, x8
-	adds	x26, x26, x3
+	adc	x28, x28, xzr
+	# A[3] * B[0]
+	mul	x3, x22, x14
+	adds	x13, x13, x3
+	umulh	x4, x22, x14
+	adcs	x25, x25, x4
+	# A[3] * B[2]
+	mul	x3, x22, x16
+	adcs	x26, x26, x3
+	umulh	x4, x22, x16
 	adcs	x27, x27, x4
 	adc	x28, x28, xzr
-	#  A[3] * B[3]
-	mul	x3, x17, x9
-	umulh	x4, x17, x9
-	adds	x27, x27, x3
-	adc	x28, x28, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x28, x28, x27, #63
-	extr	x27, x27, x26, #63
-	extr	x26, x26, x2, #63
-	extr	x2, x2, x13, #63
-	and	x13, x13, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x3, #19
-	mul	x4, x3, x2
-	umulh	x2, x3, x2
-	adds	x10, x10, x4
-	mul	x4, x3, x26
-	umulh	x26, x3, x26
-	adcs	x11, x11, x4
-	mul	x4, x3, x27
-	umulh	x27, x3, x27
-	adcs	x12, x12, x4
+	mov	x3, #38
 	mul	x4, x3, x28
+	adds	x13, x13, x4
 	umulh	x5, x3, x28
-	adcs	x13, x13, x4
 	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x11, x11, x2
-	adcs	x12, x12, x26
-	adcs	x13, x13, x27
-	adc	x5, x5, xzr
-	#  Overflow
+	mov	x3, #19
 	extr	x5, x5, x13, #63
 	mul	x5, x5, x3
 	and	x13, x13, #0x7fffffffffffffff
-	adds	x10, x10, x5
-	adcs	x11, x11, xzr
-	adcs	x12, x12, xzr
+	mov	x3, #38
+	mul	x4, x3, x25
+	adds	x10, x10, x4
+	umulh	x25, x3, x25
+	mul	x4, x3, x26
+	adcs	x11, x11, x4
+	umulh	x26, x3, x26
+	mul	x4, x3, x27
+	adcs	x12, x12, x4
+	umulh	x27, x3, x27
 	adc	x13, x13, xzr
-	# Reduce if top bit set
-	and	x5, x3, x13, asr 63
-	and	x13, x13, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x10, x10, x5
-	adcs	x11, x11, xzr
-	adcs	x12, x12, xzr
-	adc	x13, x13, xzr
-	# Store
-	stp	x10, x11, [x29, #48]
-	stp	x12, x13, [x29, #64]
-	sub	x25, x25, #1
-	cmp	x25, #0
+	adcs	x11, x11, x25
+	adcs	x12, x12, x26
+	adc	x13, x13, x27
+	subs	x24, x24, #1
 	bge	L_curve25519_bits
-	mov	x25, #63
-	sub	x24, x24, #8
-	cmp	x24, #0
-	bge	L_curve25519_words
 	# Invert
 	add	x0, x29, #48
 	add	x1, x29, #16
@@ -2540,61 +2868,197 @@ L_curve25519_bits:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x70
-#ifndef NDEBUG
-	add	x1, x29, #0x50
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x24, #3
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 5 times
+	mov	x24, #5
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_curve25519_inv_1:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_1
-	add	x0, x29, #0x50
+	bne	L_curve25519_inv_1
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 #ifndef NDEBUG
-	add	x1, x29, #0x70
+	add	x0, x29, #0x50
 #endif /* !NDEBUG */
+	add	x1, x29, #0x70
 	add	x2, x29, #0x50
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x70
-	add	x1, x29, #0x50
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x24, #8
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 10 times
+	mov	x24, #10
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_curve25519_inv_2:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_2
-#ifndef NDEBUG
+	bne	L_curve25519_inv_2
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 	add	x0, x29, #0x70
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #0x70
 #endif /* !NDEBUG */
@@ -2604,84 +3068,295 @@ L_curve25519_inv_2:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x90
-#ifndef NDEBUG
-	add	x1, x29, #0x70
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x24, #18
-#ifndef NDEBUG
-	add	x0, x29, #0x90
-#endif /* !NDEBUG */
-	add	x1, x29, #0x90
+	# Loop: 20 times
+	mov	x24, #20
+	ldp	x6, x7, [x29, #112]
+	ldp	x8, x9, [x29, #128]
 L_curve25519_inv_3:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_3
-	add	x0, x29, #0x70
+	bne	L_curve25519_inv_3
+	# Store
+	stp	x6, x7, [x29, #144]
+	stp	x8, x9, [x29, #160]
 #ifndef NDEBUG
-	add	x1, x29, #0x90
+	add	x0, x29, #0x70
 #endif /* !NDEBUG */
+	add	x1, x29, #0x90
 	add	x2, x29, #0x70
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x24, #9
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 10 times
+	mov	x24, #10
+	ldp	x6, x7, [x29, #112]
+	ldp	x8, x9, [x29, #128]
 L_curve25519_inv_4:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_4
+	bne	L_curve25519_inv_4
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 	add	x0, x29, #0x50
-#ifndef NDEBUG
 	add	x1, x29, #0x70
-#endif /* !NDEBUG */
 	add	x2, x29, #0x50
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x70
-	add	x1, x29, #0x50
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x24, #48
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 50 times
+	mov	x24, #50
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_curve25519_inv_5:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_5
-#ifndef NDEBUG
+	bne	L_curve25519_inv_5
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 	add	x0, x29, #0x70
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #0x70
 #endif /* !NDEBUG */
@@ -2691,78 +3366,296 @@ L_curve25519_inv_5:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x90
-#ifndef NDEBUG
-	add	x1, x29, #0x70
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x24, #0x62
-#ifndef NDEBUG
-	add	x0, x29, #0x90
-#endif /* !NDEBUG */
-	add	x1, x29, #0x90
+	# Loop: 100 times
+	mov	x24, #0x64
+	ldp	x6, x7, [x29, #112]
+	ldp	x8, x9, [x29, #128]
 L_curve25519_inv_6:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_6
-	add	x0, x29, #0x70
+	bne	L_curve25519_inv_6
+	# Store
+	stp	x6, x7, [x29, #144]
+	stp	x8, x9, [x29, #160]
 #ifndef NDEBUG
-	add	x1, x29, #0x90
+	add	x0, x29, #0x70
 #endif /* !NDEBUG */
+	add	x1, x29, #0x90
 	add	x2, x29, #0x70
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x24, #49
-#ifndef NDEBUG
-	add	x0, x29, #0x70
-#endif /* !NDEBUG */
-	add	x1, x29, #0x70
+	# Loop: 50 times
+	mov	x24, #50
+	ldp	x6, x7, [x29, #112]
+	ldp	x8, x9, [x29, #128]
 L_curve25519_inv_7:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_7
+	bne	L_curve25519_inv_7
+	# Store
+	stp	x6, x7, [x29, #112]
+	stp	x8, x9, [x29, #128]
 	add	x0, x29, #0x50
-#ifndef NDEBUG
 	add	x1, x29, #0x70
-#endif /* !NDEBUG */
 	add	x2, x29, #0x50
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x24, #4
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 5 times
+	mov	x24, #5
+	ldp	x6, x7, [x29, #80]
+	ldp	x8, x9, [x29, #96]
 L_curve25519_inv_8:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x24, x24, #1
-	bcs	L_curve25519_inv_8
+	bne	L_curve25519_inv_8
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 	add	x0, x29, #16
-#ifndef NDEBUG
 	add	x1, x29, #0x50
-#endif /* !NDEBUG */
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
@@ -2775,136 +3668,122 @@ L_curve25519_inv_8:
 	ldp	x8, x9, [x0, #16]
 	ldp	x10, x11, [x29, #16]
 	ldp	x12, x13, [x29, #32]
-	#  A[0] * B[0]
-	mul	x14, x6, x10
+	# A[0] * B[0]
 	umulh	x15, x6, x10
-	#  A[0] * B[1]
-	mul	x3, x6, x11
-	umulh	x16, x6, x11
-	adds	x15, x15, x3
-	adc	x16, x16, xzr
-	#  A[1] * B[0]
+	mul	x14, x6, x10
+	# A[2] * B[0]
+	umulh	x17, x8, x10
+	mul	x16, x8, x10
+	# A[1] * B[0]
 	mul	x3, x7, x10
+	adds	x15, x15, x3
 	umulh	x4, x7, x10
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x7, x13
+	adc	x17, x17, xzr
+	mul	x19, x7, x13
+	# A[0] * B[1]
+	mul	x3, x6, x11
 	adds	x15, x15, x3
+	umulh	x4, x6, x11
 	adcs	x16, x16, x4
-	adc	x17, xzr, xzr
-	#  A[0] * B[2]
-	mul	x3, x6, x12
-	umulh	x4, x6, x12
-	adds	x16, x16, x3
-	adc	x17, x17, x4
-	#  A[1] * B[1]
-	mul	x3, x7, x11
-	umulh	x4, x7, x11
-	adds	x16, x16, x3
-	adcs	x17, x17, x4
-	adc	x19, xzr, xzr
-	#  A[2] * B[0]
-	mul	x3, x8, x10
-	umulh	x4, x8, x10
-	adds	x16, x16, x3
-	adcs	x17, x17, x4
-	adc	x19, x19, xzr
-	#  A[0] * B[3]
-	mul	x3, x6, x13
-	umulh	x4, x6, x13
-	adds	x17, x17, x3
-	adcs	x19, x19, x4
-	adc	x20, xzr, xzr
-	#  A[1] * B[2]
-	mul	x3, x7, x12
-	umulh	x4, x7, x12
-	adds	x17, x17, x3
-	adcs	x19, x19, x4
-	adc	x20, x20, xzr
-	#  A[2] * B[1]
+	# A[2] * B[1]
 	mul	x3, x8, x11
+	adcs	x17, x17, x3
 	umulh	x4, x8, x11
-	adds	x17, x17, x3
 	adcs	x19, x19, x4
 	adc	x20, x20, xzr
-	#  A[3] * B[0]
-	mul	x3, x9, x10
-	umulh	x4, x9, x10
+	# A[1] * B[2]
+	mul	x3, x7, x12
 	adds	x17, x17, x3
+	umulh	x4, x7, x12
 	adcs	x19, x19, x4
-	adc	x20, x20, xzr
-	#  A[1] * B[3]
-	mul	x3, x7, x13
-	umulh	x4, x7, x13
-	adds	x19, x19, x3
-	adcs	x20, x20, x4
+	adcs	x20, x20, xzr
 	adc	x21, xzr, xzr
-	#  A[2] * B[2]
-	mul	x3, x8, x12
-	umulh	x4, x8, x12
-	adds	x19, x19, x3
-	adcs	x20, x20, x4
+	# A[0] * B[2]
+	mul	x3, x6, x12
+	adds	x16, x16, x3
+	umulh	x4, x6, x12
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
 	adc	x21, x21, xzr
-	#  A[3] * B[1]
+	# A[1] * B[1]
+	mul	x3, x7, x11
+	adds	x16, x16, x3
+	umulh	x4, x7, x11
+	adcs	x17, x17, x4
+	# A[3] * B[1]
 	mul	x3, x9, x11
+	adcs	x19, x19, x3
 	umulh	x4, x9, x11
-	adds	x19, x19, x3
 	adcs	x20, x20, x4
 	adc	x21, x21, xzr
-	#  A[2] * B[3]
+	# A[2] * B[2]
+	mul	x3, x8, x12
+	adds	x19, x19, x3
+	umulh	x4, x8, x12
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x9, x13
+	adcs	x21, x21, x3
+	umulh	x22, x9, x13
+	adc	x22, x22, xzr
+	# A[0] * B[3]
+	mul	x3, x6, x13
+	adds	x17, x17, x3
+	umulh	x4, x6, x13
+	adcs	x19, x19, x4
+	# A[2] * B[3]
 	mul	x3, x8, x13
+	adcs	x20, x20, x3
 	umulh	x4, x8, x13
-	adds	x20, x20, x3
 	adcs	x21, x21, x4
-	adc	x22, xzr, xzr
-	#  A[3] * B[2]
+	adc	x22, x22, xzr
+	# A[3] * B[0]
+	mul	x3, x9, x10
+	adds	x17, x17, x3
+	umulh	x4, x9, x10
+	adcs	x19, x19, x4
+	# A[3] * B[2]
 	mul	x3, x9, x12
+	adcs	x20, x20, x3
 	umulh	x4, x9, x12
-	adds	x20, x20, x3
 	adcs	x21, x21, x4
 	adc	x22, x22, xzr
-	#  A[3] * B[3]
-	mul	x3, x9, x13
-	umulh	x4, x9, x13
-	adds	x21, x21, x3
-	adc	x22, x22, x4
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x22, x22, x21, #63
-	extr	x21, x21, x20, #63
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	and	x17, x17, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
 	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
 	mul	x4, x3, x19
-	umulh	x19, x3, x19
 	adds	x14, x14, x4
+	umulh	x19, x3, x19
 	mul	x4, x3, x20
-	umulh	x20, x3, x20
 	adcs	x15, x15, x4
+	umulh	x20, x3, x20
 	mul	x4, x3, x21
-	umulh	x21, x3, x21
 	adcs	x16, x16, x4
-	mul	x4, x3, x22
-	umulh	x5, x3, x22
-	adcs	x17, x17, x4
-	adc	x5, x5, xzr
-	#  Add remaining product results in
-	adds	x15, x15, x19
-	adcs	x16, x16, x20
-	adcs	x17, x17, x21
-	adc	x5, x5, xzr
-	#  Overflow
-	extr	x5, x5, x17, #63
-	mul	x5, x5, x3
-	and	x17, x17, #0x7fffffffffffffff
-	adds	x14, x14, x5
-	adcs	x15, x15, xzr
-	adcs	x16, x16, xzr
+	umulh	x21, x3, x21
 	adc	x17, x17, xzr
-	# Reduce if top bit set
-	and	x5, x3, x17, asr 63
-	and	x17, x17, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
+	# Reduce if top bit set
+	mov	x3, #19
+	and	x4, x3, x17, asr 63
+	adds	x14, x14, x4
 	adcs	x15, x15, xzr
+	and	x17, x17, #0x7fffffffffffffff
 	adcs	x16, x16, xzr
 	adc	x17, x17, xzr
 	adds	x4, x14, x3
@@ -2934,6 +3813,7 @@ L_curve25519_inv_8:
 #ifndef __APPLE__
 	.size	curve25519,.-curve25519
 #endif /* __APPLE__ */
+#ifdef HAVE_ED25519
 #ifndef __APPLE__
 .text
 .globl	fe_pow22523
@@ -2948,6 +3828,7 @@ _fe_pow22523:
 #endif /* __APPLE__ */
 	stp	x29, x30, [sp, #-144]!
 	add	x29, sp, #0
+	str	x17, [x29, #128]
 	str	x23, [x29, #136]
 	# pow22523
 	str	x0, [x29, #112]
@@ -3016,27 +3897,99 @@ _fe_pow22523:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #48
-	add	x1, x29, #16
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x23, #3
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 5 times
+	mov	x23, #5
+	ldp	x6, x7, [x29, #16]
+	ldp	x8, x9, [x29, #32]
 L_fe_pow22523_1:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_1
+	bne	L_fe_pow22523_1
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
+#ifndef NDEBUG
 	add	x0, x29, #16
+#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #48
 #endif /* !NDEBUG */
@@ -3046,29 +3999,97 @@ L_fe_pow22523_1:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #48
-	add	x1, x29, #16
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x23, #8
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 10 times
+	mov	x23, #10
+	ldp	x6, x7, [x29, #16]
+	ldp	x8, x9, [x29, #32]
 L_fe_pow22523_2:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_2
-#ifndef NDEBUG
+	bne	L_fe_pow22523_2
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
 	add	x0, x29, #48
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #48
 #endif /* !NDEBUG */
@@ -3078,84 +4099,295 @@ L_fe_pow22523_2:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x50
-#ifndef NDEBUG
-	add	x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x23, #18
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 20 times
+	mov	x23, #20
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_pow22523_3:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_3
-	add	x0, x29, #48
+	bne	L_fe_pow22523_3
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 #ifndef NDEBUG
-	add	x1, x29, #0x50
+	add	x0, x29, #48
 #endif /* !NDEBUG */
+	add	x1, x29, #0x50
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x23, #9
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 10 times
+	mov	x23, #10
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_pow22523_4:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_4
+	bne	L_fe_pow22523_4
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
 	add	x0, x29, #16
-#ifndef NDEBUG
 	add	x1, x29, #48
-#endif /* !NDEBUG */
 	add	x2, x29, #16
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #48
-	add	x1, x29, #16
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x23, #48
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 50 times
+	mov	x23, #50
+	ldp	x6, x7, [x29, #16]
+	ldp	x8, x9, [x29, #32]
 L_fe_pow22523_5:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_5
-#ifndef NDEBUG
+	bne	L_fe_pow22523_5
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
 	add	x0, x29, #48
-#endif /* !NDEBUG */
 #ifndef NDEBUG
 	add	x1, x29, #48
 #endif /* !NDEBUG */
@@ -3165,74 +4397,218 @@ L_fe_pow22523_5:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	add	x0, x29, #0x50
-#ifndef NDEBUG
-	add	x1, x29, #48
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
-	mov	x23, #0x62
-#ifndef NDEBUG
-	add	x0, x29, #0x50
-#endif /* !NDEBUG */
-	add	x1, x29, #0x50
+	# Loop: 100 times
+	mov	x23, #0x64
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_pow22523_6:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_6
-	add	x0, x29, #48
+	bne	L_fe_pow22523_6
+	# Store
+	stp	x6, x7, [x29, #80]
+	stp	x8, x9, [x29, #96]
 #ifndef NDEBUG
-	add	x1, x29, #0x50
+	add	x0, x29, #48
 #endif /* !NDEBUG */
+	add	x1, x29, #0x50
 	add	x2, x29, #48
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x23, #49
-#ifndef NDEBUG
-	add	x0, x29, #48
-#endif /* !NDEBUG */
-	add	x1, x29, #48
+	# Loop: 50 times
+	mov	x23, #50
+	ldp	x6, x7, [x29, #48]
+	ldp	x8, x9, [x29, #64]
 L_fe_pow22523_7:
-#ifndef __APPLE__
-	bl	fe_sq
-#else
-	bl	_fe_sq
-#endif /* __APPLE__ */
+	# Square
+	#  A[0] * A[1]
+	umulh	x12, x6, x7
+	mul	x11, x6, x7
+	#  A[0] * A[3]
+	umulh	x14, x6, x9
+	mul	x13, x6, x9
+	#  A[0] * A[2]
+	mul	x3, x6, x8
+	adds	x12, x12, x3
+	umulh	x4, x6, x8
+	adcs	x13, x13, x4
+	#  A[1] * A[3]
+	mul	x3, x7, x9
+	adcs	x14, x14, x3
+	umulh	x15, x7, x9
+	adc	x15, x15, xzr
+	#  A[1] * A[2]
+	mul	x3, x7, x8
+	adds	x13, x13, x3
+	umulh	x4, x7, x8
+	adcs	x14, x14, x4
+	#  A[2] * A[3]
+	mul	x3, x8, x9
+	adcs	x15, x15, x3
+	umulh	x16, x8, x9
+	adc	x16, x16, xzr
+	# Double
+	adds	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adcs	x15, x15, x15
+	adcs	x16, x16, x16
+	adc	x17, xzr, xzr
+	#  A[0] * A[0]
+	umulh	x4, x6, x6
+	mul	x10, x6, x6
+	#  A[1] * A[1]
+	mul	x3, x7, x7
+	adds	x11, x11, x4
+	umulh	x4, x7, x7
+	adcs	x12, x12, x3
+	#  A[2] * A[2]
+	mul	x3, x8, x8
+	adcs	x13, x13, x4
+	umulh	x4, x8, x8
+	adcs	x14, x14, x3
+	#  A[3] * A[3]
+	mul	x3, x9, x9
+	adcs	x15, x15, x4
+	umulh	x4, x9, x9
+	adcs	x16, x16, x3
+	adc	x17, x17, x4
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x17
+	adds	x13, x13, x4
+	umulh	x5, x3, x17
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x13, #63
+	mul	x5, x5, x3
+	and	x13, x13, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x14
+	adds	x10, x10, x4
+	umulh	x14, x3, x14
+	mul	x4, x3, x15
+	adcs	x11, x11, x4
+	umulh	x15, x3, x15
+	mul	x4, x3, x16
+	adcs	x12, x12, x4
+	umulh	x16, x3, x16
+	adc	x13, x13, xzr
+	#  Add high product results in
+	adds	x6, x10, x5
+	adcs	x7, x11, x14
+	adcs	x8, x12, x15
+	adc	x9, x13, x16
 	subs	x23, x23, #1
-	bcs	L_fe_pow22523_7
+	bne	L_fe_pow22523_7
+	# Store
+	stp	x6, x7, [x29, #48]
+	stp	x8, x9, [x29, #64]
 	add	x0, x29, #16
-#ifndef NDEBUG
 	add	x1, x29, #48
-#endif /* !NDEBUG */
 	add	x2, x29, #16
 #ifndef __APPLE__
 	bl	fe_mul
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
-	mov	x23, #1
 #ifndef NDEBUG
 	add	x0, x29, #16
 #endif /* !NDEBUG */
 	add	x1, x29, #16
-L_fe_pow22523_8:
 #ifndef __APPLE__
 	bl	fe_sq
 #else
 	bl	_fe_sq
 #endif /* __APPLE__ */
-	subs	x23, x23, #1
-	bcs	L_fe_pow22523_8
+#ifndef __APPLE__
+	bl	fe_sq
+#else
+	bl	_fe_sq
+#endif /* __APPLE__ */
 	ldr	x0, [x29, #112]
 #ifndef NDEBUG
 	add	x1, x29, #16
@@ -3243,6 +4619,7 @@ L_fe_pow22523_8:
 #else
 	bl	_fe_mul
 #endif /* __APPLE__ */
+	ldr	x17, [x29, #128]
 	ldr	x23, [x29, #136]
 	ldp	x29, x30, [sp], #0x90
 	ret
@@ -3251,1510 +4628,1278 @@ L_fe_pow22523_8:
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p2
-.type	fe_ge_to_p2,@function
+.globl	ge_p1p1_to_p2
+.type	ge_p1p1_to_p2,@function
 .align	2
-fe_ge_to_p2:
+ge_p1p1_to_p2:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p2
+.globl	_ge_p1p1_to_p2
 .p2align	2
-_fe_ge_to_p2:
+_ge_p1p1_to_p2:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-112]!
+	stp	x29, x30, [sp, #-80]!
 	add	x29, sp, #0
-	str	x17, [x29, #72]
-	str	x19, [x29, #80]
-	stp	x20, x21, [x29, #88]
-	str	x22, [x29, #104]
-	str	x1, [x29, #16]
-	str	x2, [x29, #24]
-	str	x3, [x29, #32]
-	str	x4, [x29, #40]
-	str	x5, [x29, #48]
-	str	x6, [x29, #56]
-	ldr	x1, [x29, #32]
-	ldr	x2, [x29, #56]
+	str	x17, [x29, #40]
+	str	x19, [x29, #48]
+	stp	x20, x21, [x29, #56]
+	str	x22, [x29, #72]
+	str	x0, [x29, #16]
+	str	x1, [x29, #24]
+	mov	x2, x1
+	add	x1, x1, #0x60
 	# Multiply
-	ldp	x11, x12, [x1]
-	ldp	x13, x14, [x1, #16]
-	ldp	x15, x16, [x2]
-	ldp	x17, x19, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x11, x15
-	umulh	x4, x11, x15
-	#  A[0] * B[1]
-	mul	x20, x11, x16
-	umulh	x5, x11, x16
-	adds	x4, x4, x20
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x20, x12, x15
-	umulh	x21, x12, x15
-	adds	x4, x4, x20
-	adcs	x5, x5, x21
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x20, x11, x17
-	umulh	x21, x11, x17
-	adds	x5, x5, x20
-	adc	x6, x6, x21
-	#  A[1] * B[1]
-	mul	x20, x12, x16
-	umulh	x21, x12, x16
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x20, x13, x15
-	umulh	x21, x13, x15
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x20, x11, x19
-	umulh	x21, x11, x19
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x20, x12, x17
-	umulh	x21, x12, x17
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x20, x13, x16
-	umulh	x21, x13, x16
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x20, x14, x15
-	umulh	x21, x14, x15
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x20, x12, x19
-	umulh	x21, x12, x19
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x20, x13, x17
-	umulh	x21, x13, x17
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x20, x14, x16
-	umulh	x21, x14, x16
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x20, x13, x19
-	umulh	x21, x13, x19
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x20, x14, x17
-	umulh	x21, x14, x17
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x20, x14, x19
-	umulh	x21, x14, x19
-	adds	x9, x9, x20
-	adc	x10, x10, x21
-	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x20, #19
-	mul	x21, x20, x7
-	umulh	x7, x20, x7
-	adds	x3, x3, x21
-	mul	x21, x20, x8
-	umulh	x8, x20, x8
-	adcs	x4, x4, x21
-	mul	x21, x20, x9
-	umulh	x9, x20, x9
-	adcs	x5, x5, x21
-	mul	x21, x20, x10
-	umulh	x22, x20, x10
-	adcs	x6, x6, x21
+	ldp	x10, x11, [x1]
+	ldp	x12, x13, [x1, #16]
+	ldp	x6, x7, [x2]
+	ldp	x8, x9, [x2, #16]
+	# A[0] * B[0]
+	umulh	x15, x10, x6
+	mul	x14, x10, x6
+	# A[2] * B[0]
+	umulh	x17, x12, x6
+	mul	x16, x12, x6
+	# A[1] * B[0]
+	mul	x3, x11, x6
+	adds	x15, x15, x3
+	umulh	x4, x11, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x11, x9
+	adc	x17, x17, xzr
+	mul	x19, x11, x9
+	# A[0] * B[1]
+	mul	x3, x10, x7
+	adds	x15, x15, x3
+	umulh	x4, x10, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x12, x7
+	adcs	x17, x17, x3
+	umulh	x4, x12, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x11, x8
+	adds	x17, x17, x3
+	umulh	x4, x11, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x10, x8
+	adds	x16, x16, x3
+	umulh	x4, x10, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x11, x7
+	adds	x16, x16, x3
+	umulh	x4, x11, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x13, x7
+	adcs	x19, x19, x3
+	umulh	x4, x13, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x12, x8
+	adds	x19, x19, x3
+	umulh	x4, x12, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x13, x9
+	adcs	x21, x21, x3
+	umulh	x22, x13, x9
 	adc	x22, x22, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
+	# A[0] * B[3]
+	mul	x3, x10, x9
+	adds	x17, x17, x3
+	umulh	x4, x10, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x12, x9
+	adcs	x20, x20, x3
+	umulh	x4, x12, x9
+	adcs	x21, x21, x4
 	adc	x22, x22, xzr
-	#  Overflow
-	extr	x22, x22, x6, #63
-	mul	x22, x22, x20
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x22, x20, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x6
+	adds	x17, x17, x3
+	umulh	x4, x13, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x13, x8
+	adcs	x20, x20, x3
+	umulh	x4, x13, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x0, [x29, #16]
-	ldr	x1, [x29, #40]
-	ldr	x2, [x29, #48]
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	sub	x2, x1, #32
+	add	x0, x0, #0x40
 	# Multiply
-	ldp	x11, x12, [x1]
-	ldp	x13, x14, [x1, #16]
-	ldp	x15, x16, [x2]
-	ldp	x17, x19, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x11, x15
-	umulh	x4, x11, x15
-	#  A[0] * B[1]
-	mul	x20, x11, x16
-	umulh	x5, x11, x16
-	adds	x4, x4, x20
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x20, x12, x15
-	umulh	x21, x12, x15
-	adds	x4, x4, x20
-	adcs	x5, x5, x21
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x20, x11, x17
-	umulh	x21, x11, x17
-	adds	x5, x5, x20
-	adc	x6, x6, x21
-	#  A[1] * B[1]
-	mul	x20, x12, x16
-	umulh	x21, x12, x16
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x20, x13, x15
-	umulh	x21, x13, x15
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x20, x11, x19
-	umulh	x21, x11, x19
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x20, x12, x17
-	umulh	x21, x12, x17
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x20, x13, x16
-	umulh	x21, x13, x16
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x20, x14, x15
-	umulh	x21, x14, x15
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x20, x12, x19
-	umulh	x21, x12, x19
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x20, x13, x17
-	umulh	x21, x13, x17
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x20, x14, x16
-	umulh	x21, x14, x16
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x20, x13, x19
-	umulh	x21, x13, x19
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x20, x14, x17
-	umulh	x21, x14, x17
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x20, x14, x19
-	umulh	x21, x14, x19
-	adds	x9, x9, x20
-	adc	x10, x10, x21
-	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x20, #19
-	mul	x21, x20, x7
-	umulh	x7, x20, x7
-	adds	x3, x3, x21
-	mul	x21, x20, x8
-	umulh	x8, x20, x8
-	adcs	x4, x4, x21
-	mul	x21, x20, x9
-	umulh	x9, x20, x9
-	adcs	x5, x5, x21
-	mul	x21, x20, x10
-	umulh	x22, x20, x10
-	adcs	x6, x6, x21
+	ldp	x6, x7, [x2]
+	ldp	x8, x9, [x2, #16]
+	# A[0] * B[0]
+	umulh	x15, x10, x6
+	mul	x14, x10, x6
+	# A[2] * B[0]
+	umulh	x17, x12, x6
+	mul	x16, x12, x6
+	# A[1] * B[0]
+	mul	x3, x11, x6
+	adds	x15, x15, x3
+	umulh	x4, x11, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x11, x9
+	adc	x17, x17, xzr
+	mul	x19, x11, x9
+	# A[0] * B[1]
+	mul	x3, x10, x7
+	adds	x15, x15, x3
+	umulh	x4, x10, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x12, x7
+	adcs	x17, x17, x3
+	umulh	x4, x12, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x11, x8
+	adds	x17, x17, x3
+	umulh	x4, x11, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x10, x8
+	adds	x16, x16, x3
+	umulh	x4, x10, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x11, x7
+	adds	x16, x16, x3
+	umulh	x4, x11, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x13, x7
+	adcs	x19, x19, x3
+	umulh	x4, x13, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x12, x8
+	adds	x19, x19, x3
+	umulh	x4, x12, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x13, x9
+	adcs	x21, x21, x3
+	umulh	x22, x13, x9
 	adc	x22, x22, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
+	# A[0] * B[3]
+	mul	x3, x10, x9
+	adds	x17, x17, x3
+	umulh	x4, x10, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x12, x9
+	adcs	x20, x20, x3
+	umulh	x4, x12, x9
+	adcs	x21, x21, x4
 	adc	x22, x22, xzr
-	#  Overflow
-	extr	x22, x22, x6, #63
-	mul	x22, x22, x20
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x22, x20, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x6
+	adds	x17, x17, x3
+	umulh	x4, x13, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x13, x8
+	adcs	x20, x20, x3
+	umulh	x4, x13, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x0, [x29, #24]
-	ldr	x2, [x29, #56]
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	sub	x1, x1, #0x40
+	sub	x0, x0, #32
 	# Multiply
-	ldp	x11, x12, [x2]
-	ldp	x13, x14, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x15, x11
-	umulh	x4, x15, x11
-	#  A[0] * B[1]
-	mul	x20, x15, x12
-	umulh	x5, x15, x12
-	adds	x4, x4, x20
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x20, x16, x11
-	umulh	x21, x16, x11
-	adds	x4, x4, x20
-	adcs	x5, x5, x21
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x20, x15, x13
-	umulh	x21, x15, x13
-	adds	x5, x5, x20
-	adc	x6, x6, x21
-	#  A[1] * B[1]
-	mul	x20, x16, x12
-	umulh	x21, x16, x12
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x20, x17, x11
-	umulh	x21, x17, x11
-	adds	x5, x5, x20
-	adcs	x6, x6, x21
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x20, x15, x14
-	umulh	x21, x15, x14
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x20, x16, x13
-	umulh	x21, x16, x13
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x20, x17, x12
-	umulh	x21, x17, x12
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x20, x19, x11
-	umulh	x21, x19, x11
-	adds	x6, x6, x20
-	adcs	x7, x7, x21
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x20, x16, x14
-	umulh	x21, x16, x14
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x20, x17, x13
-	umulh	x21, x17, x13
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x20, x19, x12
-	umulh	x21, x19, x12
-	adds	x7, x7, x20
-	adcs	x8, x8, x21
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x20, x17, x14
-	umulh	x21, x17, x14
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x20, x19, x13
-	umulh	x21, x19, x13
-	adds	x8, x8, x20
-	adcs	x9, x9, x21
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x20, x19, x14
-	umulh	x21, x19, x14
-	adds	x9, x9, x20
-	adc	x10, x10, x21
-	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x20, #19
-	mul	x21, x20, x7
-	umulh	x7, x20, x7
-	adds	x3, x3, x21
-	mul	x21, x20, x8
-	umulh	x8, x20, x8
-	adcs	x4, x4, x21
-	mul	x21, x20, x9
-	umulh	x9, x20, x9
-	adcs	x5, x5, x21
-	mul	x21, x20, x10
-	umulh	x22, x20, x10
-	adcs	x6, x6, x21
+	ldp	x10, x11, [x1]
+	ldp	x12, x13, [x1, #16]
+	# A[0] * B[0]
+	umulh	x15, x10, x6
+	mul	x14, x10, x6
+	# A[2] * B[0]
+	umulh	x17, x12, x6
+	mul	x16, x12, x6
+	# A[1] * B[0]
+	mul	x3, x11, x6
+	adds	x15, x15, x3
+	umulh	x4, x11, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x11, x9
+	adc	x17, x17, xzr
+	mul	x19, x11, x9
+	# A[0] * B[1]
+	mul	x3, x10, x7
+	adds	x15, x15, x3
+	umulh	x4, x10, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x12, x7
+	adcs	x17, x17, x3
+	umulh	x4, x12, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x11, x8
+	adds	x17, x17, x3
+	umulh	x4, x11, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x10, x8
+	adds	x16, x16, x3
+	umulh	x4, x10, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x11, x7
+	adds	x16, x16, x3
+	umulh	x4, x11, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x13, x7
+	adcs	x19, x19, x3
+	umulh	x4, x13, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x12, x8
+	adds	x19, x19, x3
+	umulh	x4, x12, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x13, x9
+	adcs	x21, x21, x3
+	umulh	x22, x13, x9
 	adc	x22, x22, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
+	# A[0] * B[3]
+	mul	x3, x10, x9
+	adds	x17, x17, x3
+	umulh	x4, x10, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x12, x9
+	adcs	x20, x20, x3
+	umulh	x4, x12, x9
+	adcs	x21, x21, x4
 	adc	x22, x22, xzr
-	#  Overflow
-	extr	x22, x22, x6, #63
-	mul	x22, x22, x20
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x22, x20, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x22
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x6
+	adds	x17, x17, x3
+	umulh	x4, x13, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x13, x8
+	adcs	x20, x20, x3
+	umulh	x4, x13, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# Reduce
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x17, [x29, #72]
-	ldr	x19, [x29, #80]
-	ldp	x20, x21, [x29, #88]
-	ldr	x22, [x29, #104]
-	ldp	x29, x30, [sp], #0x70
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	ldr	x17, [x29, #40]
+	ldr	x19, [x29, #48]
+	ldp	x20, x21, [x29, #56]
+	ldr	x22, [x29, #72]
+	ldp	x29, x30, [sp], #0x50
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_to_p2,.-fe_ge_to_p2
+	.size	ge_p1p1_to_p2,.-ge_p1p1_to_p2
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_to_p3
-.type	fe_ge_to_p3,@function
+.globl	ge_p1p1_to_p3
+.type	ge_p1p1_to_p3,@function
 .align	2
-fe_ge_to_p3:
+ge_p1p1_to_p3:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_to_p3
+.globl	_ge_p1p1_to_p3
 .p2align	2
-_fe_ge_to_p3:
+_ge_p1p1_to_p3:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-160]!
+	stp	x29, x30, [sp, #-112]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	str	x26, [x29, #152]
-	str	x1, [x29, #16]
-	str	x2, [x29, #24]
-	str	x3, [x29, #32]
-	str	x4, [x29, #40]
-	str	x5, [x29, #48]
-	str	x6, [x29, #56]
-	str	x7, [x29, #64]
-	ldr	x1, [x29, #40]
-	ldr	x2, [x29, #64]
+	str	x17, [x29, #40]
+	str	x19, [x29, #48]
+	stp	x20, x21, [x29, #56]
+	stp	x22, x23, [x29, #72]
+	stp	x24, x25, [x29, #88]
+	str	x26, [x29, #104]
+	str	x0, [x29, #16]
+	str	x1, [x29, #24]
+	mov	x2, x1
+	add	x1, x1, #0x60
 	# Multiply
-	ldp	x11, x12, [x1]
-	ldp	x13, x14, [x1, #16]
-	ldp	x15, x16, [x2]
-	ldp	x17, x19, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x11, x15
-	umulh	x4, x11, x15
-	#  A[0] * B[1]
-	mul	x24, x11, x16
-	umulh	x5, x11, x16
-	adds	x4, x4, x24
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x24, x12, x15
-	umulh	x25, x12, x15
-	adds	x4, x4, x24
-	adcs	x5, x5, x25
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x24, x11, x17
-	umulh	x25, x11, x17
-	adds	x5, x5, x24
-	adc	x6, x6, x25
-	#  A[1] * B[1]
-	mul	x24, x12, x16
-	umulh	x25, x12, x16
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x24, x13, x15
-	umulh	x25, x13, x15
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x24, x11, x19
-	umulh	x25, x11, x19
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x24, x12, x17
-	umulh	x25, x12, x17
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x24, x13, x16
-	umulh	x25, x13, x16
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x24, x14, x15
-	umulh	x25, x14, x15
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x24, x12, x19
-	umulh	x25, x12, x19
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x24, x13, x17
-	umulh	x25, x13, x17
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x24, x14, x16
-	umulh	x25, x14, x16
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x24, x13, x19
-	umulh	x25, x13, x19
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x24, x14, x17
-	umulh	x25, x14, x17
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x24, x14, x19
-	umulh	x25, x14, x19
-	adds	x9, x9, x24
-	adc	x10, x10, x25
+	ldp	x10, x11, [x1]
+	ldp	x12, x13, [x1, #16]
+	ldp	x6, x7, [x2]
+	ldp	x8, x9, [x2, #16]
+	# A[0] * B[0]
+	umulh	x15, x10, x6
+	mul	x14, x10, x6
+	# A[2] * B[0]
+	umulh	x17, x12, x6
+	mul	x16, x12, x6
+	# A[1] * B[0]
+	mul	x3, x11, x6
+	adds	x15, x15, x3
+	umulh	x4, x11, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x11, x9
+	adc	x17, x17, xzr
+	mul	x19, x11, x9
+	# A[0] * B[1]
+	mul	x3, x10, x7
+	adds	x15, x15, x3
+	umulh	x4, x10, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x12, x7
+	adcs	x17, x17, x3
+	umulh	x4, x12, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x11, x8
+	adds	x17, x17, x3
+	umulh	x4, x11, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x10, x8
+	adds	x16, x16, x3
+	umulh	x4, x10, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x11, x7
+	adds	x16, x16, x3
+	umulh	x4, x11, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x13, x7
+	adcs	x19, x19, x3
+	umulh	x4, x13, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x12, x8
+	adds	x19, x19, x3
+	umulh	x4, x12, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x13, x9
+	adcs	x21, x21, x3
+	umulh	x22, x13, x9
+	adc	x22, x22, xzr
+	# A[0] * B[3]
+	mul	x3, x10, x9
+	adds	x17, x17, x3
+	umulh	x4, x10, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x12, x9
+	adcs	x20, x20, x3
+	umulh	x4, x12, x9
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x6
+	adds	x17, x17, x3
+	umulh	x4, x13, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x13, x8
+	adcs	x20, x20, x3
+	umulh	x4, x13, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x24, #19
-	mul	x25, x24, x7
-	umulh	x7, x24, x7
-	adds	x3, x3, x25
-	mul	x25, x24, x8
-	umulh	x8, x24, x8
-	adcs	x4, x4, x25
-	mul	x25, x24, x9
-	umulh	x9, x24, x9
-	adcs	x5, x5, x25
-	mul	x25, x24, x10
-	umulh	x26, x24, x10
-	adcs	x6, x6, x25
-	adc	x26, x26, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
-	adc	x26, x26, xzr
-	#  Overflow
-	extr	x26, x26, x6, #63
-	mul	x26, x26, x24
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x26, x24, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x0, [x29, #32]
-	ldr	x2, [x29, #48]
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	sub	x1, x1, #0x40
+	add	x0, x0, #0x60
 	# Multiply
-	ldp	x20, x21, [x2]
-	ldp	x22, x23, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x11, x20
-	umulh	x4, x11, x20
-	#  A[0] * B[1]
-	mul	x24, x11, x21
-	umulh	x5, x11, x21
-	adds	x4, x4, x24
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x24, x12, x20
-	umulh	x25, x12, x20
-	adds	x4, x4, x24
-	adcs	x5, x5, x25
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x24, x11, x22
-	umulh	x25, x11, x22
-	adds	x5, x5, x24
-	adc	x6, x6, x25
-	#  A[1] * B[1]
-	mul	x24, x12, x21
-	umulh	x25, x12, x21
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x24, x13, x20
-	umulh	x25, x13, x20
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x24, x11, x23
-	umulh	x25, x11, x23
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x24, x12, x22
-	umulh	x25, x12, x22
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x24, x13, x21
-	umulh	x25, x13, x21
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x24, x14, x20
-	umulh	x25, x14, x20
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x24, x12, x23
-	umulh	x25, x12, x23
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x24, x13, x22
-	umulh	x25, x13, x22
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x24, x14, x21
-	umulh	x25, x14, x21
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x24, x13, x23
-	umulh	x25, x13, x23
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x24, x14, x22
-	umulh	x25, x14, x22
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x24, x14, x23
-	umulh	x25, x14, x23
-	adds	x9, x9, x24
-	adc	x10, x10, x25
+	ldp	x23, x24, [x1]
+	ldp	x25, x26, [x1, #16]
+	# A[0] * B[0]
+	umulh	x15, x23, x6
+	mul	x14, x23, x6
+	# A[2] * B[0]
+	umulh	x17, x25, x6
+	mul	x16, x25, x6
+	# A[1] * B[0]
+	mul	x3, x24, x6
+	adds	x15, x15, x3
+	umulh	x4, x24, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x24, x9
+	adc	x17, x17, xzr
+	mul	x19, x24, x9
+	# A[0] * B[1]
+	mul	x3, x23, x7
+	adds	x15, x15, x3
+	umulh	x4, x23, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x25, x7
+	adcs	x17, x17, x3
+	umulh	x4, x25, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x24, x8
+	adds	x17, x17, x3
+	umulh	x4, x24, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x23, x8
+	adds	x16, x16, x3
+	umulh	x4, x23, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x24, x7
+	adds	x16, x16, x3
+	umulh	x4, x24, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x26, x7
+	adcs	x19, x19, x3
+	umulh	x4, x26, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x25, x8
+	adds	x19, x19, x3
+	umulh	x4, x25, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x26, x9
+	adcs	x21, x21, x3
+	umulh	x22, x26, x9
+	adc	x22, x22, xzr
+	# A[0] * B[3]
+	mul	x3, x23, x9
+	adds	x17, x17, x3
+	umulh	x4, x23, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x25, x9
+	adcs	x20, x20, x3
+	umulh	x4, x25, x9
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# A[3] * B[0]
+	mul	x3, x26, x6
+	adds	x17, x17, x3
+	umulh	x4, x26, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x26, x8
+	adcs	x20, x20, x3
+	umulh	x4, x26, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x24, #19
-	mul	x25, x24, x7
-	umulh	x7, x24, x7
-	adds	x3, x3, x25
-	mul	x25, x24, x8
-	umulh	x8, x24, x8
-	adcs	x4, x4, x25
-	mul	x25, x24, x9
-	umulh	x9, x24, x9
-	adcs	x5, x5, x25
-	mul	x25, x24, x10
-	umulh	x26, x24, x10
-	adcs	x6, x6, x25
-	adc	x26, x26, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
-	adc	x26, x26, xzr
-	#  Overflow
-	extr	x26, x26, x6, #63
-	mul	x26, x26, x24
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x26, x24, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x0, [x29, #16]
-	ldr	x2, [x29, #56]
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	add	x2, x1, #32
+	sub	x0, x0, #0x40
 	# Multiply
-	ldp	x11, x12, [x2]
-	ldp	x13, x14, [x2, #16]
-	#  A[0] * B[0]
-	mul	x3, x20, x11
-	umulh	x4, x20, x11
-	#  A[0] * B[1]
-	mul	x24, x20, x12
-	umulh	x5, x20, x12
-	adds	x4, x4, x24
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x24, x21, x11
-	umulh	x25, x21, x11
-	adds	x4, x4, x24
-	adcs	x5, x5, x25
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x24, x20, x13
-	umulh	x25, x20, x13
-	adds	x5, x5, x24
-	adc	x6, x6, x25
-	#  A[1] * B[1]
-	mul	x24, x21, x12
-	umulh	x25, x21, x12
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x24, x22, x11
-	umulh	x25, x22, x11
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x24, x20, x14
-	umulh	x25, x20, x14
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x24, x21, x13
-	umulh	x25, x21, x13
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x24, x22, x12
-	umulh	x25, x22, x12
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x24, x23, x11
-	umulh	x25, x23, x11
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x24, x21, x14
-	umulh	x25, x21, x14
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x24, x22, x13
-	umulh	x25, x22, x13
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x24, x23, x12
-	umulh	x25, x23, x12
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x24, x22, x14
-	umulh	x25, x22, x14
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x24, x23, x13
-	umulh	x25, x23, x13
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x24, x23, x14
-	umulh	x25, x23, x14
-	adds	x9, x9, x24
-	adc	x10, x10, x25
+	ldp	x6, x7, [x2]
+	ldp	x8, x9, [x2, #16]
+	# A[0] * B[0]
+	umulh	x15, x23, x6
+	mul	x14, x23, x6
+	# A[2] * B[0]
+	umulh	x17, x25, x6
+	mul	x16, x25, x6
+	# A[1] * B[0]
+	mul	x3, x24, x6
+	adds	x15, x15, x3
+	umulh	x4, x24, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x24, x9
+	adc	x17, x17, xzr
+	mul	x19, x24, x9
+	# A[0] * B[1]
+	mul	x3, x23, x7
+	adds	x15, x15, x3
+	umulh	x4, x23, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x25, x7
+	adcs	x17, x17, x3
+	umulh	x4, x25, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x24, x8
+	adds	x17, x17, x3
+	umulh	x4, x24, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x23, x8
+	adds	x16, x16, x3
+	umulh	x4, x23, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x24, x7
+	adds	x16, x16, x3
+	umulh	x4, x24, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x26, x7
+	adcs	x19, x19, x3
+	umulh	x4, x26, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x25, x8
+	adds	x19, x19, x3
+	umulh	x4, x25, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x26, x9
+	adcs	x21, x21, x3
+	umulh	x22, x26, x9
+	adc	x22, x22, xzr
+	# A[0] * B[3]
+	mul	x3, x23, x9
+	adds	x17, x17, x3
+	umulh	x4, x23, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x25, x9
+	adcs	x20, x20, x3
+	umulh	x4, x25, x9
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# A[3] * B[0]
+	mul	x3, x26, x6
+	adds	x17, x17, x3
+	umulh	x4, x26, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x26, x8
+	adcs	x20, x20, x3
+	umulh	x4, x26, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x24, #19
-	mul	x25, x24, x7
-	umulh	x7, x24, x7
-	adds	x3, x3, x25
-	mul	x25, x24, x8
-	umulh	x8, x24, x8
-	adcs	x4, x4, x25
-	mul	x25, x24, x9
-	umulh	x9, x24, x9
-	adcs	x5, x5, x25
-	mul	x25, x24, x10
-	umulh	x26, x24, x10
-	adcs	x6, x6, x25
-	adc	x26, x26, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
-	adc	x26, x26, xzr
-	#  Overflow
-	extr	x26, x26, x6, #63
-	mul	x26, x26, x24
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x26, x24, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x0, [x29, #24]
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	add	x1, x1, #0x40
+	add	x0, x0, #32
 	# Multiply
-	#  A[0] * B[0]
-	mul	x3, x11, x15
-	umulh	x4, x11, x15
-	#  A[0] * B[1]
-	mul	x24, x11, x16
-	umulh	x5, x11, x16
-	adds	x4, x4, x24
-	adc	x5, x5, xzr
-	#  A[1] * B[0]
-	mul	x24, x12, x15
-	umulh	x25, x12, x15
-	adds	x4, x4, x24
-	adcs	x5, x5, x25
-	adc	x6, xzr, xzr
-	#  A[0] * B[2]
-	mul	x24, x11, x17
-	umulh	x25, x11, x17
-	adds	x5, x5, x24
-	adc	x6, x6, x25
-	#  A[1] * B[1]
-	mul	x24, x12, x16
-	umulh	x25, x12, x16
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, xzr, xzr
-	#  A[2] * B[0]
-	mul	x24, x13, x15
-	umulh	x25, x13, x15
-	adds	x5, x5, x24
-	adcs	x6, x6, x25
-	adc	x7, x7, xzr
-	#  A[0] * B[3]
-	mul	x24, x11, x19
-	umulh	x25, x11, x19
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, xzr, xzr
-	#  A[1] * B[2]
-	mul	x24, x12, x17
-	umulh	x25, x12, x17
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[2] * B[1]
-	mul	x24, x13, x16
-	umulh	x25, x13, x16
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[3] * B[0]
-	mul	x24, x14, x15
-	umulh	x25, x14, x15
-	adds	x6, x6, x24
-	adcs	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[1] * B[3]
-	mul	x24, x12, x19
-	umulh	x25, x12, x19
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, xzr, xzr
-	#  A[2] * B[2]
-	mul	x24, x13, x17
-	umulh	x25, x13, x17
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[3] * B[1]
-	mul	x24, x14, x16
-	umulh	x25, x14, x16
-	adds	x7, x7, x24
-	adcs	x8, x8, x25
-	adc	x9, x9, xzr
-	#  A[2] * B[3]
-	mul	x24, x13, x19
-	umulh	x25, x13, x19
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, xzr, xzr
-	#  A[3] * B[2]
-	mul	x24, x14, x17
-	umulh	x25, x14, x17
-	adds	x8, x8, x24
-	adcs	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[3] * B[3]
-	mul	x24, x14, x19
-	umulh	x25, x14, x19
-	adds	x9, x9, x24
-	adc	x10, x10, x25
+	# A[0] * B[0]
+	umulh	x15, x10, x6
+	mul	x14, x10, x6
+	# A[2] * B[0]
+	umulh	x17, x12, x6
+	mul	x16, x12, x6
+	# A[1] * B[0]
+	mul	x3, x11, x6
+	adds	x15, x15, x3
+	umulh	x4, x11, x6
+	adcs	x16, x16, x4
+	# A[1] * B[3]
+	umulh	x20, x11, x9
+	adc	x17, x17, xzr
+	mul	x19, x11, x9
+	# A[0] * B[1]
+	mul	x3, x10, x7
+	adds	x15, x15, x3
+	umulh	x4, x10, x7
+	adcs	x16, x16, x4
+	# A[2] * B[1]
+	mul	x3, x12, x7
+	adcs	x17, x17, x3
+	umulh	x4, x12, x7
+	adcs	x19, x19, x4
+	adc	x20, x20, xzr
+	# A[1] * B[2]
+	mul	x3, x11, x8
+	adds	x17, x17, x3
+	umulh	x4, x11, x8
+	adcs	x19, x19, x4
+	adcs	x20, x20, xzr
+	adc	x21, xzr, xzr
+	# A[0] * B[2]
+	mul	x3, x10, x8
+	adds	x16, x16, x3
+	umulh	x4, x10, x8
+	adcs	x17, x17, x4
+	adcs	x19, x19, xzr
+	adcs	x20, x20, xzr
+	adc	x21, x21, xzr
+	# A[1] * B[1]
+	mul	x3, x11, x7
+	adds	x16, x16, x3
+	umulh	x4, x11, x7
+	adcs	x17, x17, x4
+	# A[3] * B[1]
+	mul	x3, x13, x7
+	adcs	x19, x19, x3
+	umulh	x4, x13, x7
+	adcs	x20, x20, x4
+	adc	x21, x21, xzr
+	# A[2] * B[2]
+	mul	x3, x12, x8
+	adds	x19, x19, x3
+	umulh	x4, x12, x8
+	adcs	x20, x20, x4
+	# A[3] * B[3]
+	mul	x3, x13, x9
+	adcs	x21, x21, x3
+	umulh	x22, x13, x9
+	adc	x22, x22, xzr
+	# A[0] * B[3]
+	mul	x3, x10, x9
+	adds	x17, x17, x3
+	umulh	x4, x10, x9
+	adcs	x19, x19, x4
+	# A[2] * B[3]
+	mul	x3, x12, x9
+	adcs	x20, x20, x3
+	umulh	x4, x12, x9
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
+	# A[3] * B[0]
+	mul	x3, x13, x6
+	adds	x17, x17, x3
+	umulh	x4, x13, x6
+	adcs	x19, x19, x4
+	# A[3] * B[2]
+	mul	x3, x13, x8
+	adcs	x20, x20, x3
+	umulh	x4, x13, x8
+	adcs	x21, x21, x4
+	adc	x22, x22, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	extr	x7, x7, x6, #63
-	and	x6, x6, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x24, #19
-	mul	x25, x24, x7
-	umulh	x7, x24, x7
-	adds	x3, x3, x25
-	mul	x25, x24, x8
-	umulh	x8, x24, x8
-	adcs	x4, x4, x25
-	mul	x25, x24, x9
-	umulh	x9, x24, x9
-	adcs	x5, x5, x25
-	mul	x25, x24, x10
-	umulh	x26, x24, x10
-	adcs	x6, x6, x25
-	adc	x26, x26, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x7
-	adcs	x5, x5, x8
-	adcs	x6, x6, x9
-	adc	x26, x26, xzr
-	#  Overflow
-	extr	x26, x26, x6, #63
-	mul	x26, x26, x24
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
-	# Reduce if top bit set
-	and	x26, x24, x6, asr 63
-	and	x6, x6, #0x7fffffffffffffff
-	adds	x3, x3, x26
-	adcs	x4, x4, xzr
-	adcs	x5, x5, xzr
-	adc	x6, x6, xzr
+	mov	x3, #38
+	mul	x4, x3, x22
+	adds	x17, x17, x4
+	umulh	x5, x3, x22
+	adc	x5, x5, xzr
+	mov	x3, #19
+	extr	x5, x5, x17, #63
+	mul	x5, x5, x3
+	and	x17, x17, #0x7fffffffffffffff
+	mov	x3, #38
+	mul	x4, x3, x19
+	adds	x14, x14, x4
+	umulh	x19, x3, x19
+	mul	x4, x3, x20
+	adcs	x15, x15, x4
+	umulh	x20, x3, x20
+	mul	x4, x3, x21
+	adcs	x16, x16, x4
+	umulh	x21, x3, x21
+	adc	x17, x17, xzr
+	#  Add high product results in
+	adds	x14, x14, x5
+	adcs	x15, x15, x19
+	adcs	x16, x16, x20
+	adc	x17, x17, x21
 	# Store
-	stp	x3, x4, [x0]
-	stp	x5, x6, [x0, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldr	x26, [x29, #152]
-	ldp	x29, x30, [sp], #0xa0
+	stp	x14, x15, [x0]
+	stp	x16, x17, [x0, #16]
+	ldr	x17, [x29, #40]
+	ldr	x19, [x29, #48]
+	ldp	x20, x21, [x29, #56]
+	ldp	x22, x23, [x29, #72]
+	ldp	x24, x25, [x29, #88]
+	ldr	x26, [x29, #104]
+	ldp	x29, x30, [sp], #0x70
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_to_p3,.-fe_ge_to_p3
+	.size	ge_p1p1_to_p3,.-ge_p1p1_to_p3
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_dbl
-.type	fe_ge_dbl,@function
+.globl	ge_p2_dbl
+.type	ge_p2_dbl,@function
 .align	2
-fe_ge_dbl:
+ge_p2_dbl:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_dbl
+.globl	_ge_p2_dbl
 .p2align	2
-_fe_ge_dbl:
+_ge_p2_dbl:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-176]!
+	stp	x29, x30, [sp, #-128]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	stp	x26, x27, [x29, #152]
-	str	x28, [x29, #168]
+	str	x17, [x29, #40]
+	str	x19, [x29, #48]
+	stp	x20, x21, [x29, #56]
+	stp	x22, x23, [x29, #72]
+	stp	x24, x25, [x29, #88]
+	stp	x26, x27, [x29, #104]
+	str	x28, [x29, #120]
 	str	x0, [x29, #16]
 	str	x1, [x29, #24]
-	str	x2, [x29, #32]
-	str	x3, [x29, #40]
-	str	x4, [x29, #48]
-	str	x5, [x29, #56]
-	str	x6, [x29, #64]
-	ldr	x1, [x29, #48]
+	add	x0, x0, #0x40
 	# Square
-	ldp	x12, x13, [x1]
-	ldp	x14, x15, [x1, #16]
+	ldp	x4, x5, [x1]
+	ldp	x6, x7, [x1, #16]
 	#  A[0] * A[1]
-	mul	x5, x12, x13
-	umulh	x6, x12, x13
-	#  A[0] * A[2]
-	mul	x25, x12, x14
-	umulh	x7, x12, x14
-	adds	x6, x6, x25
-	adc	x7, x7, xzr
+	umulh	x10, x4, x5
+	mul	x9, x4, x5
 	#  A[0] * A[3]
-	mul	x25, x12, x15
-	umulh	x8, x12, x15
-	adds	x7, x7, x25
-	adc	x8, x8, xzr
-	#  A[1] * A[2]
-	mul	x25, x13, x14
-	umulh	x26, x13, x14
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
+	umulh	x12, x4, x7
+	mul	x11, x4, x7
+	#  A[0] * A[2]
+	mul	x25, x4, x6
+	adds	x10, x10, x25
+	umulh	x26, x4, x6
+	adcs	x11, x11, x26
 	#  A[1] * A[3]
-	mul	x25, x13, x15
-	umulh	x26, x13, x15
-	adds	x8, x8, x25
-	adc	x9, x9, x26
+	mul	x25, x5, x7
+	adcs	x12, x12, x25
+	umulh	x13, x5, x7
+	adc	x13, x13, xzr
+	#  A[1] * A[2]
+	mul	x25, x5, x6
+	adds	x11, x11, x25
+	umulh	x26, x5, x6
+	adcs	x12, x12, x26
 	#  A[2] * A[3]
-	mul	x25, x14, x15
-	umulh	x10, x14, x15
-	adds	x9, x9, x25
-	adc	x10, x10, xzr
+	mul	x25, x6, x7
+	adcs	x13, x13, x25
+	umulh	x14, x6, x7
+	adc	x14, x14, xzr
 	# Double
-	adds	x5, x5, x5
-	adcs	x6, x6, x6
-	adcs	x7, x7, x7
-	adcs	x8, x8, x8
-	adcs	x9, x9, x9
+	adds	x9, x9, x9
 	adcs	x10, x10, x10
-	adc	x11, xzr, xzr
+	adcs	x11, x11, x11
+	adcs	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adc	x15, xzr, xzr
 	#  A[0] * A[0]
-	mul	x4, x12, x12
-	umulh	x27, x12, x12
+	umulh	x26, x4, x4
+	mul	x8, x4, x4
 	#  A[1] * A[1]
-	mul	x25, x13, x13
-	umulh	x26, x13, x13
-	adds	x5, x5, x27
-	adcs	x6, x6, x25
-	adc	x27, x26, xzr
+	mul	x25, x5, x5
+	adds	x9, x9, x26
+	umulh	x26, x5, x5
+	adcs	x10, x10, x25
 	#  A[2] * A[2]
-	mul	x25, x14, x14
-	umulh	x26, x14, x14
-	adds	x7, x7, x27
-	adcs	x8, x8, x25
-	adc	x27, x26, xzr
+	mul	x25, x6, x6
+	adcs	x11, x11, x26
+	umulh	x26, x6, x6
+	adcs	x12, x12, x25
 	#  A[3] * A[3]
-	mul	x25, x15, x15
-	umulh	x26, x15, x15
-	adds	x9, x9, x27
-	adcs	x10, x10, x25
-	adc	x11, x11, x26
+	mul	x25, x7, x7
+	adcs	x13, x13, x26
+	umulh	x26, x7, x7
+	adcs	x14, x14, x25
+	adc	x15, x15, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x8
-	umulh	x8, x25, x8
-	adds	x4, x4, x26
-	mul	x26, x25, x9
-	umulh	x9, x25, x9
-	adcs	x5, x5, x26
-	mul	x26, x25, x10
-	umulh	x10, x25, x10
-	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x8
-	adcs	x6, x6, x9
-	adcs	x7, x7, x10
+	mov	x25, #38
+	mul	x26, x25, x15
+	adds	x11, x11, x26
+	umulh	x27, x25, x15
 	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
+	mov	x25, #19
+	extr	x27, x27, x11, #63
 	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x12
+	adds	x8, x8, x26
+	umulh	x12, x25, x12
+	mul	x26, x25, x13
+	adcs	x9, x9, x26
+	umulh	x13, x25, x13
+	mul	x26, x25, x14
+	adcs	x10, x10, x26
+	umulh	x14, x25, x14
+	adc	x11, x11, xzr
+	#  Add high product results in
+	adds	x8, x8, x27
+	adcs	x9, x9, x12
+	adcs	x10, x10, x13
+	adc	x11, x11, x14
 	# Store
-	stp	x4, x5, [x0]
-	stp	x6, x7, [x0, #16]
-	ldr	x0, [x29, #32]
-	ldr	x1, [x29, #56]
+	stp	x8, x9, [x0]
+	stp	x10, x11, [x0, #16]
+	add	x2, x1, #32
+	sub	x0, x0, #32
 	# Square
-	ldp	x21, x22, [x1]
-	ldp	x23, x24, [x1, #16]
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
 	#  A[0] * A[1]
-	mul	x9, x21, x22
-	umulh	x10, x21, x22
-	#  A[0] * A[2]
-	mul	x25, x21, x23
-	umulh	x11, x21, x23
-	adds	x10, x10, x25
-	adc	x11, x11, xzr
+	umulh	x23, x16, x17
+	mul	x22, x16, x17
 	#  A[0] * A[3]
-	mul	x25, x21, x24
-	umulh	x16, x21, x24
-	adds	x11, x11, x25
-	adc	x16, x16, xzr
-	#  A[1] * A[2]
-	mul	x25, x22, x23
-	umulh	x26, x22, x23
-	adds	x11, x11, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
+	umulh	x4, x16, x20
+	mul	x24, x16, x20
+	#  A[0] * A[2]
+	mul	x25, x16, x19
+	adds	x23, x23, x25
+	umulh	x26, x16, x19
+	adcs	x24, x24, x26
 	#  A[1] * A[3]
-	mul	x25, x22, x24
-	umulh	x26, x22, x24
-	adds	x16, x16, x25
-	adc	x17, x17, x26
+	mul	x25, x17, x20
+	adcs	x4, x4, x25
+	umulh	x5, x17, x20
+	adc	x5, x5, xzr
+	#  A[1] * A[2]
+	mul	x25, x17, x19
+	adds	x24, x24, x25
+	umulh	x26, x17, x19
+	adcs	x4, x4, x26
 	#  A[2] * A[3]
-	mul	x25, x23, x24
-	umulh	x19, x23, x24
-	adds	x17, x17, x25
-	adc	x19, x19, xzr
+	mul	x25, x19, x20
+	adcs	x5, x5, x25
+	umulh	x6, x19, x20
+	adc	x6, x6, xzr
 	# Double
-	adds	x9, x9, x9
-	adcs	x10, x10, x10
-	adcs	x11, x11, x11
-	adcs	x16, x16, x16
-	adcs	x17, x17, x17
-	adcs	x19, x19, x19
-	adc	x20, xzr, xzr
+	adds	x22, x22, x22
+	adcs	x23, x23, x23
+	adcs	x24, x24, x24
+	adcs	x4, x4, x4
+	adcs	x5, x5, x5
+	adcs	x6, x6, x6
+	adc	x7, xzr, xzr
 	#  A[0] * A[0]
-	mul	x8, x21, x21
-	umulh	x27, x21, x21
+	umulh	x26, x16, x16
+	mul	x21, x16, x16
 	#  A[1] * A[1]
-	mul	x25, x22, x22
-	umulh	x26, x22, x22
-	adds	x9, x9, x27
-	adcs	x10, x10, x25
-	adc	x27, x26, xzr
+	mul	x25, x17, x17
+	adds	x22, x22, x26
+	umulh	x26, x17, x17
+	adcs	x23, x23, x25
 	#  A[2] * A[2]
-	mul	x25, x23, x23
-	umulh	x26, x23, x23
-	adds	x11, x11, x27
-	adcs	x16, x16, x25
-	adc	x27, x26, xzr
+	mul	x25, x19, x19
+	adcs	x24, x24, x26
+	umulh	x26, x19, x19
+	adcs	x4, x4, x25
 	#  A[3] * A[3]
-	mul	x25, x24, x24
-	umulh	x26, x24, x24
-	adds	x17, x17, x27
-	adcs	x19, x19, x25
-	adc	x20, x20, x26
+	mul	x25, x20, x20
+	adcs	x5, x5, x26
+	umulh	x26, x20, x20
+	adcs	x6, x6, x25
+	adc	x7, x7, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x11, #63
-	and	x11, x11, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x8, x8, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x9, x9, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x10, x10, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x11, x11, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x9, x9, x16
-	adcs	x10, x10, x17
-	adcs	x11, x11, x19
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x11, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x11, x11, #0x7fffffffffffffff
-	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
-	adc	x11, x11, xzr
-	# Reduce if top bit set
-	and	x27, x25, x11, asr 63
-	and	x11, x11, #0x7fffffffffffffff
-	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
-	adc	x11, x11, xzr
-	# Store
-	stp	x8, x9, [x0]
-	stp	x10, x11, [x0, #16]
-	ldr	x0, [x29, #24]
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
+	add	x3, x0, #32
+	mov	x2, x0
+	add	x1, x0, #32
 	# Add
-	adds	x12, x12, x21
-	adcs	x13, x13, x22
-	adcs	x14, x14, x23
-	adc	x15, x15, x24
+	adds	x4, x21, x8
+	adcs	x5, x22, x9
+	adcs	x6, x23, x10
+	adcs	x7, x24, x11
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x7, #63
+	mul	x25, x28, x25
+	#   Sub modulus (if overflow)
+	adds	x4, x4, x25
+	adcs	x5, x5, xzr
+	and	x7, x7, #0x7fffffffffffffff
+	adcs	x6, x6, xzr
+	adc	x7, x7, xzr
+	# Sub
+	subs	x12, x21, x8
+	sbcs	x13, x22, x9
+	sbcs	x14, x23, x10
+	sbcs	x15, x24, x11
+	csetm	x28, cc
 	mov	x25, #-19
-	asr	x28, x15, #63
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
+	#   Add modulus (if underflow)
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	stp	x4, x5, [x0]
+	stp	x6, x7, [x0, #16]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x1, [x29, #24]
+	add	x2, x1, #32
+	sub	x0, x0, #32
+	# Add
+	ldp	x8, x9, [x1]
+	ldp	x10, x11, [x1, #16]
+	adds	x8, x8, x16
+	adcs	x9, x9, x17
+	adcs	x10, x10, x19
+	adcs	x11, x11, x20
+	cset	x28, cs
+	mov	x25, #19
 	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x12, x12, x25
-	sbcs	x13, x13, x28
-	sbcs	x14, x14, x28
-	sbc	x15, x15, x26
-	ldr	x0, [x29, #40]
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
+	mov	x1, x0
 	# Square
 	#  A[0] * A[1]
-	mul	x17, x12, x13
-	umulh	x19, x12, x13
-	#  A[0] * A[2]
-	mul	x25, x12, x14
-	umulh	x20, x12, x14
-	adds	x19, x19, x25
-	adc	x20, x20, xzr
+	umulh	x23, x8, x9
+	mul	x22, x8, x9
 	#  A[0] * A[3]
-	mul	x25, x12, x15
-	umulh	x21, x12, x15
-	adds	x20, x20, x25
-	adc	x21, x21, xzr
-	#  A[1] * A[2]
-	mul	x25, x13, x14
-	umulh	x26, x13, x14
-	adds	x20, x20, x25
-	adcs	x21, x21, x26
-	adc	x22, xzr, xzr
+	umulh	x4, x8, x11
+	mul	x24, x8, x11
+	#  A[0] * A[2]
+	mul	x25, x8, x10
+	adds	x23, x23, x25
+	umulh	x26, x8, x10
+	adcs	x24, x24, x26
 	#  A[1] * A[3]
-	mul	x25, x13, x15
-	umulh	x26, x13, x15
-	adds	x21, x21, x25
-	adc	x22, x22, x26
+	mul	x25, x9, x11
+	adcs	x4, x4, x25
+	umulh	x5, x9, x11
+	adc	x5, x5, xzr
+	#  A[1] * A[2]
+	mul	x25, x9, x10
+	adds	x24, x24, x25
+	umulh	x26, x9, x10
+	adcs	x4, x4, x26
 	#  A[2] * A[3]
-	mul	x25, x14, x15
-	umulh	x23, x14, x15
-	adds	x22, x22, x25
-	adc	x23, x23, xzr
+	mul	x25, x10, x11
+	adcs	x5, x5, x25
+	umulh	x6, x10, x11
+	adc	x6, x6, xzr
 	# Double
-	adds	x17, x17, x17
-	adcs	x19, x19, x19
-	adcs	x20, x20, x20
-	adcs	x21, x21, x21
-	adcs	x22, x22, x22
+	adds	x22, x22, x22
 	adcs	x23, x23, x23
-	adc	x24, xzr, xzr
+	adcs	x24, x24, x24
+	adcs	x4, x4, x4
+	adcs	x5, x5, x5
+	adcs	x6, x6, x6
+	adc	x7, xzr, xzr
 	#  A[0] * A[0]
-	mul	x16, x12, x12
-	umulh	x27, x12, x12
+	umulh	x26, x8, x8
+	mul	x21, x8, x8
 	#  A[1] * A[1]
-	mul	x25, x13, x13
-	umulh	x26, x13, x13
-	adds	x17, x17, x27
-	adcs	x19, x19, x25
-	adc	x27, x26, xzr
+	mul	x25, x9, x9
+	adds	x22, x22, x26
+	umulh	x26, x9, x9
+	adcs	x23, x23, x25
 	#  A[2] * A[2]
-	mul	x25, x14, x14
-	umulh	x26, x14, x14
-	adds	x20, x20, x27
-	adcs	x21, x21, x25
-	adc	x27, x26, xzr
+	mul	x25, x10, x10
+	adcs	x24, x24, x26
+	umulh	x26, x10, x10
+	adcs	x4, x4, x25
 	#  A[3] * A[3]
-	mul	x25, x15, x15
-	umulh	x26, x15, x15
-	adds	x22, x22, x27
-	adcs	x23, x23, x25
-	adc	x24, x24, x26
+	mul	x25, x11, x11
+	adcs	x5, x5, x26
+	umulh	x26, x11, x11
+	adcs	x6, x6, x25
+	adc	x7, x7, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x24, x24, x23, #63
-	extr	x23, x23, x22, #63
-	extr	x22, x22, x21, #63
-	extr	x21, x21, x20, #63
-	and	x20, x20, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x21
-	umulh	x21, x25, x21
-	adds	x16, x16, x26
-	mul	x26, x25, x22
-	umulh	x22, x25, x22
-	adcs	x17, x17, x26
-	mul	x26, x25, x23
-	umulh	x23, x25, x23
-	adcs	x19, x19, x26
-	mul	x26, x25, x24
-	umulh	x27, x25, x24
-	adcs	x20, x20, x26
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x17, x17, x21
-	adcs	x19, x19, x22
-	adcs	x20, x20, x23
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x20, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x20, x20, #0x7fffffffffffffff
-	adds	x16, x16, x27
-	adcs	x17, x17, xzr
-	adcs	x19, x19, xzr
-	adc	x20, x20, xzr
-	# Reduce if top bit set
-	and	x27, x25, x20, asr 63
-	and	x20, x20, #0x7fffffffffffffff
-	adds	x16, x16, x27
-	adcs	x17, x17, xzr
-	adcs	x19, x19, xzr
-	adc	x20, x20, xzr
-	# Store
-	stp	x16, x17, [x0]
-	stp	x19, x20, [x0, #16]
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #32]
-	# Add
-	adds	x12, x8, x4
-	adcs	x13, x9, x5
-	adcs	x14, x10, x6
-	adc	x15, x11, x7
-	mov	x25, #-19
-	asr	x28, x15, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Sub modulus (if overflow)
-	subs	x12, x12, x25
-	sbcs	x13, x13, x28
-	sbcs	x14, x14, x28
-	sbc	x15, x15, x26
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
+	add	x2, x0, #32
 	# Sub
-	subs	x21, x8, x4
-	sbcs	x22, x9, x5
-	sbcs	x23, x10, x6
-	sbcs	x24, x11, x7
-	mov	x25, #-19
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	subs	x21, x21, x8
+	sbcs	x22, x22, x9
+	sbcs	x23, x23, x10
+	sbcs	x24, x24, x11
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Add modulus (if underflow)
-	adds	x21, x21, x25
-	adcs	x22, x22, x28
-	adcs	x23, x23, x28
-	adc	x24, x24, x26
-	stp	x12, x13, [x0]
-	stp	x14, x15, [x0, #16]
-	stp	x21, x22, [x1]
-	stp	x23, x24, [x1, #16]
-	ldr	x0, [x29, #16]
-	# Sub
-	subs	x16, x16, x12
-	sbcs	x17, x17, x13
-	sbcs	x19, x19, x14
-	sbcs	x20, x20, x15
 	mov	x25, #-19
-	csetm	x28, cc
 	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	extr	x28, x28, x24, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
-	stp	x16, x17, [x0]
-	stp	x19, x20, [x0, #16]
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #64]
+	subs	x21, x21, x25
+	sbcs	x22, x22, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	sbcs	x23, x23, xzr
+	sbc	x24, x24, xzr
+	stp	x21, x22, [x0]
+	stp	x23, x24, [x0, #16]
+	ldr	x2, [x29, #24]
+	add	x2, x2, #0x40
+	add	x0, x0, #0x60
 	# Square * 2
-	ldp	x12, x13, [x1]
-	ldp	x14, x15, [x1, #16]
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
 	#  A[0] * A[1]
-	mul	x5, x12, x13
-	umulh	x6, x12, x13
+	umulh	x6, x16, x17
+	mul	x5, x16, x17
+	#  A[0] * A[3]
+	umulh	x8, x16, x20
+	mul	x7, x16, x20
 	#  A[0] * A[2]
-	mul	x25, x12, x14
-	umulh	x7, x12, x14
+	mul	x25, x16, x19
 	adds	x6, x6, x25
-	adc	x7, x7, xzr
-	#  A[0] * A[3]
-	mul	x25, x12, x15
-	umulh	x8, x12, x15
-	adds	x7, x7, x25
-	adc	x8, x8, xzr
+	umulh	x26, x16, x19
+	adcs	x7, x7, x26
+	#  A[1] * A[3]
+	mul	x25, x17, x20
+	adcs	x8, x8, x25
+	umulh	x9, x17, x20
+	adc	x9, x9, xzr
 	#  A[1] * A[2]
-	mul	x25, x13, x14
-	umulh	x26, x13, x14
+	mul	x25, x17, x19
 	adds	x7, x7, x25
+	umulh	x26, x17, x19
 	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
-	#  A[1] * A[3]
-	mul	x25, x13, x15
-	umulh	x26, x13, x15
-	adds	x8, x8, x25
-	adc	x9, x9, x26
 	#  A[2] * A[3]
-	mul	x25, x14, x15
-	umulh	x10, x14, x15
-	adds	x9, x9, x25
+	mul	x25, x19, x20
+	adcs	x9, x9, x25
+	umulh	x10, x19, x20
 	adc	x10, x10, xzr
 	# Double
 	adds	x5, x5, x5
@@ -4765,653 +5910,551 @@ _fe_ge_dbl:
 	adcs	x10, x10, x10
 	adc	x11, xzr, xzr
 	#  A[0] * A[0]
-	mul	x4, x12, x12
-	umulh	x28, x12, x12
+	umulh	x26, x16, x16
+	mul	x4, x16, x16
 	#  A[1] * A[1]
-	mul	x25, x13, x13
-	umulh	x26, x13, x13
-	adds	x5, x5, x28
+	mul	x25, x17, x17
+	adds	x5, x5, x26
+	umulh	x26, x17, x17
 	adcs	x6, x6, x25
-	adc	x28, x26, xzr
 	#  A[2] * A[2]
-	mul	x25, x14, x14
-	umulh	x26, x14, x14
-	adds	x7, x7, x28
+	mul	x25, x19, x19
+	adcs	x7, x7, x26
+	umulh	x26, x19, x19
 	adcs	x8, x8, x25
-	adc	x28, x26, xzr
 	#  A[3] * A[3]
-	mul	x25, x15, x15
-	umulh	x26, x15, x15
-	adds	x9, x9, x28
+	mul	x25, x20, x20
+	adcs	x9, x9, x26
+	umulh	x26, x20, x20
 	adcs	x10, x10, x25
 	adc	x11, x11, x26
-	# Double and Reduce
-	mov	x25, #0x169
-	#  Move top half into t4-t7 and remove top bit from t3
-	lsr	x28, x11, #61
-	extr	x11, x11, x10, #62
-	extr	x10, x10, x9, #62
-	extr	x9, x9, x8, #62
-	extr	x8, x8, x7, #62
-	extr	x7, x7, x6, #63
-	extr	x6, x6, x5, #63
-	extr	x5, x5, x4, #63
-	lsl	x4, x4, #1
-	and	x7, x7, #0x7fffffffffffffff
-	#  Two left, only one right
-	and	x11, x11, #0x7fffffffffffffff
-	#  Multiply top bits by 19*19
-	mul	x28, x28, x25
-	#  Multiply top half by 19
+	# Reduce
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x7, x7, x26
+	umulh	x27, x25, x11
+	adc	x27, x27, xzr
 	mov	x25, #19
+	extr	x27, x27, x7, #63
+	mul	x27, x27, x25
+	and	x7, x7, #0x7fffffffffffffff
+	mov	x25, #38
 	mul	x26, x25, x8
-	umulh	x8, x25, x8
 	adds	x4, x4, x26
+	umulh	x8, x25, x8
 	mul	x26, x25, x9
-	umulh	x9, x25, x9
 	adcs	x5, x5, x26
+	umulh	x9, x25, x9
 	mul	x26, x25, x10
-	umulh	x10, x25, x10
 	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x4, x4, x28
+	umulh	x10, x25, x10
+	adc	x7, x7, xzr
+	#  Add high product results in
+	adds	x4, x4, x27
 	adcs	x5, x5, x8
 	adcs	x6, x6, x9
-	adcs	x7, x7, x10
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
-	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
+	adc	x7, x7, x10
+	mov	x25, #19
+	lsr	x26, x7, #62
+	extr	x7, x7, x6, #63
+	extr	x6, x6, x5, #63
+	extr	x5, x5, x4, #63
+	lsl	x4, x4, #1
+	mul	x26, x26, x25
+	adds	x4, x4, x26
 	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
 	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
 	adcs	x6, x6, xzr
 	adc	x7, x7, xzr
 	# Store
-	ldr	x0, [x29, #40]
+	sub	x1, x0, #32
 	# Sub
-	subs	x4, x4, x21
-	sbcs	x5, x5, x22
-	sbcs	x6, x6, x23
-	sbcs	x7, x7, x24
-	mov	x25, #-19
+	subs	x4, x4, x12
+	sbcs	x5, x5, x13
+	sbcs	x6, x6, x14
+	sbcs	x7, x7, x15
 	csetm	x28, cc
+	mov	x25, #-19
 	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	extr	x28, x28, x7, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x4, x4, x25
-	adcs	x5, x5, x28
-	adcs	x6, x6, x28
-	adc	x7, x7, x26
+	subs	x4, x4, x25
+	sbcs	x5, x5, xzr
+	and	x7, x7, #0x7fffffffffffffff
+	sbcs	x6, x6, xzr
+	sbc	x7, x7, xzr
 	stp	x4, x5, [x0]
 	stp	x6, x7, [x0, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldp	x26, x27, [x29, #152]
-	ldr	x28, [x29, #168]
-	ldp	x29, x30, [sp], #0xb0
+	ldr	x17, [x29, #40]
+	ldr	x19, [x29, #48]
+	ldp	x20, x21, [x29, #56]
+	ldp	x22, x23, [x29, #72]
+	ldp	x24, x25, [x29, #88]
+	ldp	x26, x27, [x29, #104]
+	ldr	x28, [x29, #120]
+	ldp	x29, x30, [sp], #0x80
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_dbl,.-fe_ge_dbl
+	.size	ge_p2_dbl,.-ge_p2_dbl
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_madd
-.type	fe_ge_madd,@function
+.globl	ge_madd
+.type	ge_madd,@function
 .align	2
-fe_ge_madd:
+ge_madd:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_madd
+.globl	_ge_madd
 .p2align	2
-_fe_ge_madd:
+_ge_madd:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-176]!
+	stp	x29, x30, [sp, #-144]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	stp	x26, x27, [x29, #152]
-	str	x28, [x29, #168]
+	str	x17, [x29, #56]
+	str	x19, [x29, #64]
+	stp	x20, x21, [x29, #72]
+	stp	x22, x23, [x29, #88]
+	stp	x24, x25, [x29, #104]
+	stp	x26, x27, [x29, #120]
+	str	x28, [x29, #136]
 	str	x0, [x29, #16]
 	str	x1, [x29, #24]
 	str	x2, [x29, #32]
-	str	x3, [x29, #40]
-	str	x4, [x29, #48]
-	str	x5, [x29, #56]
-	str	x6, [x29, #64]
-	str	x7, [x29, #72]
-	ldr	x2, [x29, #56]
-	ldr	x3, [x29, #48]
+	mov	x3, x1
+	add	x2, x1, #32
+	add	x1, x0, #32
 	# Add
-	ldp	x12, x13, [x2]
-	ldp	x14, x15, [x2, #16]
-	ldp	x16, x17, [x3]
-	ldp	x19, x20, [x3, #16]
-	adds	x4, x12, x16
-	adcs	x5, x13, x17
-	adcs	x6, x14, x19
-	adc	x7, x15, x20
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x16, x8, x4
+	adcs	x17, x9, x5
+	adcs	x19, x10, x6
+	adcs	x20, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x20, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
+	adds	x16, x16, x25
+	adcs	x17, x17, xzr
+	and	x20, x20, #0x7fffffffffffffff
+	adcs	x19, x19, xzr
+	adc	x20, x20, xzr
 	# Sub
-	subs	x8, x12, x16
-	sbcs	x9, x13, x17
-	sbcs	x10, x14, x19
-	sbcs	x11, x15, x20
-	mov	x25, #-19
+	subs	x12, x8, x4
+	sbcs	x13, x9, x5
+	sbcs	x14, x10, x6
+	sbcs	x15, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x8, x8, x25
-	adcs	x9, x9, x28
-	adcs	x10, x10, x28
-	adc	x11, x11, x26
-	ldr	x0, [x29, #32]
-	ldr	x2, [x29, #184]
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	ldr	x2, [x29, #32]
+	mov	x1, x0
 	# Multiply
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x12, x4, x21
-	umulh	x13, x4, x21
-	#  A[0] * B[1]
-	mul	x25, x4, x22
-	umulh	x14, x4, x22
-	adds	x13, x13, x25
-	adc	x14, x14, xzr
-	#  A[1] * B[0]
-	mul	x25, x5, x21
-	umulh	x26, x5, x21
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x4, x23
-	umulh	x26, x4, x23
-	adds	x14, x14, x25
-	adc	x15, x15, x26
-	#  A[1] * B[1]
-	mul	x25, x5, x22
-	umulh	x26, x5, x22
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x6, x21
-	umulh	x26, x6, x21
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x4, x24
-	umulh	x26, x4, x24
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x5, x23
-	umulh	x26, x5, x23
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x6, x22
-	umulh	x26, x6, x22
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x7, x21
-	umulh	x26, x7, x21
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x5, x24
-	umulh	x26, x5, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x6, x23
-	umulh	x26, x6, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x7, x22
-	umulh	x26, x7, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x6, x24
-	umulh	x26, x6, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x7, x23
-	umulh	x26, x7, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x7, x24
-	umulh	x26, x7, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	# A[0] * B[0]
+	umulh	x22, x16, x8
+	mul	x21, x16, x8
+	# A[2] * B[0]
+	umulh	x24, x19, x8
+	mul	x23, x19, x8
+	# A[1] * B[0]
+	mul	x25, x17, x8
+	adds	x22, x22, x25
+	umulh	x26, x17, x8
+	adcs	x23, x23, x26
+	# A[1] * B[3]
+	umulh	x5, x17, x11
+	adc	x24, x24, xzr
+	mul	x4, x17, x11
+	# A[0] * B[1]
+	mul	x25, x16, x9
+	adds	x22, x22, x25
+	umulh	x26, x16, x9
+	adcs	x23, x23, x26
+	# A[2] * B[1]
+	mul	x25, x19, x9
+	adcs	x24, x24, x25
+	umulh	x26, x19, x9
+	adcs	x4, x4, x26
+	adc	x5, x5, xzr
+	# A[1] * B[2]
+	mul	x25, x17, x10
+	adds	x24, x24, x25
+	umulh	x26, x17, x10
+	adcs	x4, x4, x26
+	adcs	x5, x5, xzr
+	adc	x6, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x16, x10
+	adds	x23, x23, x25
+	umulh	x26, x16, x10
+	adcs	x24, x24, x26
+	adcs	x4, x4, xzr
+	adcs	x5, x5, xzr
+	adc	x6, x6, xzr
+	# A[1] * B[1]
+	mul	x25, x17, x9
+	adds	x23, x23, x25
+	umulh	x26, x17, x9
+	adcs	x24, x24, x26
+	# A[3] * B[1]
+	mul	x25, x20, x9
+	adcs	x4, x4, x25
+	umulh	x26, x20, x9
+	adcs	x5, x5, x26
+	adc	x6, x6, xzr
+	# A[2] * B[2]
+	mul	x25, x19, x10
+	adds	x4, x4, x25
+	umulh	x26, x19, x10
+	adcs	x5, x5, x26
+	# A[3] * B[3]
+	mul	x25, x20, x11
+	adcs	x6, x6, x25
+	umulh	x7, x20, x11
+	adc	x7, x7, xzr
+	# A[0] * B[3]
+	mul	x25, x16, x11
+	adds	x24, x24, x25
+	umulh	x26, x16, x11
+	adcs	x4, x4, x26
+	# A[2] * B[3]
+	mul	x25, x19, x11
+	adcs	x5, x5, x25
+	umulh	x26, x19, x11
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
+	# A[3] * B[0]
+	mul	x25, x20, x8
+	adds	x24, x24, x25
+	umulh	x26, x20, x8
+	adcs	x4, x4, x26
+	# A[3] * B[2]
+	mul	x25, x20, x10
+	adcs	x5, x5, x25
+	umulh	x26, x20, x10
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	and	x15, x15, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x12, x12, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x13, x13, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x14, x14, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x15, x15, x26
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x13, x13, x16
-	adcs	x14, x14, x17
-	adcs	x15, x15, x19
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x15, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
-	# Reduce if top bit set
-	and	x27, x25, x15, asr 63
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
-	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #192]
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
+	add	x2, x2, #32
+	add	x1, x0, #32
+	add	x0, x0, #32
 	# Multiply
-	ldp	x21, x22, [x1]
-	ldp	x23, x24, [x1, #16]
-	#  A[0] * B[0]
-	mul	x4, x8, x21
-	umulh	x5, x8, x21
-	#  A[0] * B[1]
-	mul	x25, x8, x22
-	umulh	x6, x8, x22
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
+	# A[0] * B[0]
+	umulh	x5, x12, x16
+	mul	x4, x12, x16
+	# A[2] * B[0]
+	umulh	x7, x14, x16
+	mul	x6, x14, x16
+	# A[1] * B[0]
+	mul	x25, x13, x16
 	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x9, x21
-	umulh	x26, x9, x21
+	umulh	x26, x13, x16
+	adcs	x6, x6, x26
+	# A[1] * B[3]
+	umulh	x9, x13, x20
+	adc	x7, x7, xzr
+	mul	x8, x13, x20
+	# A[0] * B[1]
+	mul	x25, x12, x17
 	adds	x5, x5, x25
+	umulh	x26, x12, x17
 	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x8, x23
-	umulh	x26, x8, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x9, x22
-	umulh	x26, x9, x22
+	# A[2] * B[1]
+	mul	x25, x14, x17
+	adcs	x7, x7, x25
+	umulh	x26, x14, x17
+	adcs	x8, x8, x26
+	adc	x9, x9, xzr
+	# A[1] * B[2]
+	mul	x25, x13, x19
+	adds	x7, x7, x25
+	umulh	x26, x13, x19
+	adcs	x8, x8, x26
+	adcs	x9, x9, xzr
+	adc	x10, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x12, x19
 	adds	x6, x6, x25
+	umulh	x26, x12, x19
 	adcs	x7, x7, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x10, x21
-	umulh	x26, x10, x21
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x13, x17
 	adds	x6, x6, x25
+	umulh	x26, x13, x17
 	adcs	x7, x7, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x8, x24
-	umulh	x26, x8, x24
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x9, x23
-	umulh	x26, x9, x23
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x10, x22
-	umulh	x26, x10, x22
+	# A[3] * B[1]
+	mul	x25, x15, x17
+	adcs	x8, x8, x25
+	umulh	x26, x15, x17
+	adcs	x9, x9, x26
+	adc	x10, x10, xzr
+	# A[2] * B[2]
+	mul	x25, x14, x19
+	adds	x8, x8, x25
+	umulh	x26, x14, x19
+	adcs	x9, x9, x26
+	# A[3] * B[3]
+	mul	x25, x15, x20
+	adcs	x10, x10, x25
+	umulh	x11, x15, x20
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x12, x20
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x11, x21
-	umulh	x26, x11, x21
+	umulh	x26, x12, x20
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x14, x20
+	adcs	x9, x9, x25
+	umulh	x26, x14, x20
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x15, x16
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x9, x24
-	umulh	x26, x9, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x10, x23
-	umulh	x26, x10, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x11, x22
-	umulh	x26, x11, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x10, x24
-	umulh	x26, x10, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x11, x23
-	umulh	x26, x11, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x11, x24
-	umulh	x26, x11, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	umulh	x26, x15, x16
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x15, x19
+	adcs	x9, x9, x25
+	umulh	x26, x15, x19
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x4, x4, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x5, x5, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x6, x6, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x16
-	adcs	x6, x6, x17
-	adcs	x7, x7, x19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x7, x7, x26
+	umulh	x27, x25, x11
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x7, #63
 	mul	x27, x27, x25
 	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
+	mov	x25, #38
+	mul	x26, x25, x8
+	adds	x4, x4, x26
+	umulh	x8, x25, x8
+	mul	x26, x25, x9
+	adcs	x5, x5, x26
+	umulh	x9, x25, x9
+	mul	x26, x25, x10
+	adcs	x6, x6, x26
+	umulh	x10, x25, x10
 	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #16]
+	adcs	x5, x5, x8
+	adcs	x6, x6, x9
+	adc	x7, x7, x10
+	mov	x3, x0
+	sub	x2, x0, #32
+	sub	x1, x0, #32
 	# Add
-	adds	x8, x12, x4
-	adcs	x9, x13, x5
-	adcs	x10, x14, x6
-	adc	x11, x15, x7
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	adds	x8, x21, x4
+	adcs	x9, x22, x5
+	adcs	x10, x23, x6
+	adcs	x11, x24, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x12, x4
-	sbcs	x17, x13, x5
-	sbcs	x19, x14, x6
-	sbcs	x20, x15, x7
-	mov	x25, #-19
+	subs	x12, x21, x4
+	sbcs	x13, x22, x5
+	sbcs	x14, x23, x6
+	sbcs	x15, x24, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
 	stp	x8, x9, [x0]
 	stp	x10, x11, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #176]
-	ldr	x3, [x29, #72]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x1, [x29, #24]
+	ldr	x2, [x29, #32]
+	add	x2, x2, #0x40
+	add	x1, x1, #0x60
+	add	x0, x0, #0x40
 	# Multiply
-	ldp	x16, x17, [x1]
-	ldp	x19, x20, [x1, #16]
-	ldp	x21, x22, [x3]
-	ldp	x23, x24, [x3, #16]
-	#  A[0] * B[0]
-	mul	x4, x16, x21
-	umulh	x5, x16, x21
-	#  A[0] * B[1]
-	mul	x25, x16, x22
-	umulh	x6, x16, x22
-	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x17, x21
-	umulh	x26, x17, x21
-	adds	x5, x5, x25
-	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x16, x23
-	umulh	x26, x16, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x17, x22
-	umulh	x26, x17, x22
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x19, x21
-	umulh	x26, x19, x21
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, x8, xzr
-	#  A[0] * B[3]
-	mul	x25, x16, x24
-	umulh	x26, x16, x24
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x17, x23
-	umulh	x26, x17, x23
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[2] * B[1]
-	mul	x25, x19, x22
-	umulh	x26, x19, x22
-	adds	x7, x7, x25
+	ldp	x21, x22, [x1]
+	ldp	x23, x24, [x1, #16]
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	# A[0] * B[0]
+	umulh	x17, x21, x4
+	mul	x16, x21, x4
+	# A[2] * B[0]
+	umulh	x20, x23, x4
+	mul	x19, x23, x4
+	# A[1] * B[0]
+	mul	x25, x22, x4
+	adds	x17, x17, x25
+	umulh	x26, x22, x4
+	adcs	x19, x19, x26
+	# A[1] * B[3]
+	umulh	x9, x22, x7
+	adc	x20, x20, xzr
+	mul	x8, x22, x7
+	# A[0] * B[1]
+	mul	x25, x21, x5
+	adds	x17, x17, x25
+	umulh	x26, x21, x5
+	adcs	x19, x19, x26
+	# A[2] * B[1]
+	mul	x25, x23, x5
+	adcs	x20, x20, x25
+	umulh	x26, x23, x5
 	adcs	x8, x8, x26
 	adc	x9, x9, xzr
-	#  A[3] * B[0]
-	mul	x25, x20, x21
-	umulh	x26, x20, x21
-	adds	x7, x7, x25
+	# A[1] * B[2]
+	mul	x25, x22, x6
+	adds	x20, x20, x25
+	umulh	x26, x22, x6
 	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[1] * B[3]
-	mul	x25, x17, x24
-	umulh	x26, x17, x24
-	adds	x8, x8, x25
-	adcs	x9, x9, x26
+	adcs	x9, x9, xzr
 	adc	x10, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x19, x23
-	umulh	x26, x19, x23
-	adds	x8, x8, x25
+	# A[0] * B[2]
+	mul	x25, x21, x6
+	adds	x19, x19, x25
+	umulh	x26, x21, x6
+	adcs	x20, x20, x26
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x22, x5
+	adds	x19, x19, x25
+	umulh	x26, x22, x5
+	adcs	x20, x20, x26
+	# A[3] * B[1]
+	mul	x25, x24, x5
+	adcs	x8, x8, x25
+	umulh	x26, x24, x5
 	adcs	x9, x9, x26
 	adc	x10, x10, xzr
-	#  A[3] * B[1]
-	mul	x25, x20, x22
-	umulh	x26, x20, x22
+	# A[2] * B[2]
+	mul	x25, x23, x6
 	adds	x8, x8, x25
+	umulh	x26, x23, x6
 	adcs	x9, x9, x26
-	adc	x10, x10, xzr
-	#  A[2] * B[3]
-	mul	x25, x19, x24
-	umulh	x26, x19, x24
-	adds	x9, x9, x25
+	# A[3] * B[3]
+	mul	x25, x24, x7
+	adcs	x10, x10, x25
+	umulh	x11, x24, x7
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x21, x7
+	adds	x20, x20, x25
+	umulh	x26, x21, x7
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x23, x7
+	adcs	x9, x9, x25
+	umulh	x26, x23, x7
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x20, x23
-	umulh	x26, x20, x23
-	adds	x9, x9, x25
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x24, x4
+	adds	x20, x20, x25
+	umulh	x26, x24, x4
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x24, x6
+	adcs	x9, x9, x25
+	umulh	x26, x24, x6
 	adcs	x10, x10, x26
 	adc	x11, x11, xzr
-	#  A[3] * B[3]
-	mul	x25, x20, x24
-	umulh	x26, x20, x24
-	adds	x10, x10, x25
-	adc	x11, x11, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x20, x20, x26
+	umulh	x27, x25, x11
+	adc	x27, x27, xzr
 	mov	x25, #19
+	extr	x27, x27, x20, #63
+	mul	x27, x27, x25
+	and	x20, x20, #0x7fffffffffffffff
+	mov	x25, #38
 	mul	x26, x25, x8
+	adds	x16, x16, x26
 	umulh	x8, x25, x8
-	adds	x4, x4, x26
 	mul	x26, x25, x9
+	adcs	x17, x17, x26
 	umulh	x9, x25, x9
-	adcs	x5, x5, x26
 	mul	x26, x25, x10
+	adcs	x19, x19, x26
 	umulh	x10, x25, x10
-	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x8
-	adcs	x6, x6, x9
-	adcs	x7, x7, x10
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
-	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Store
-	ldr	x0, [x29, #32]
-	ldr	x1, [x29, #64]
+	adc	x20, x20, xzr
+	#  Add high product results in
+	adds	x16, x16, x27
+	adcs	x17, x17, x8
+	adcs	x19, x19, x9
+	adc	x20, x20, x10
+	sub	x1, x1, #32
 	# Double
-	ldp	x8, x9, [x1]
-	ldp	x10, x11, [x1, #16]
-	adds	x8, x8, x8
-	adcs	x9, x9, x9
-	adcs	x10, x10, x10
-	adc	x11, x11, x11
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
-	ldr	x1, [x29, #40]
-	# Add
-	adds	x12, x8, x4
-	adcs	x13, x9, x5
-	adcs	x14, x10, x6
-	adc	x15, x11, x7
+	ldp	x12, x13, [x1]
+	ldp	x14, x15, [x1, #16]
+	adds	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adc	x15, x15, x15
 	mov	x25, #-19
 	asr	x28, x15, #63
 	#   Mask the modulus
@@ -5422,580 +6465,514 @@ _fe_ge_madd:
 	sbcs	x13, x13, x28
 	sbcs	x14, x14, x28
 	sbc	x15, x15, x26
+	mov	x3, x0
+	sub	x2, x0, #32
+	mov	x1, x0
+	sub	x0, x0, #32
+	# Add
+	adds	x8, x12, x16
+	adcs	x9, x13, x17
+	adcs	x10, x14, x19
+	adcs	x11, x15, x20
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
+	#   Sub modulus (if overflow)
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x8, x4
-	sbcs	x17, x9, x5
-	sbcs	x19, x10, x6
-	sbcs	x20, x11, x7
-	mov	x25, #-19
+	subs	x4, x12, x16
+	sbcs	x5, x13, x17
+	sbcs	x6, x14, x19
+	sbcs	x7, x15, x20
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x7, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
-	stp	x12, x13, [x0]
-	stp	x14, x15, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldp	x26, x27, [x29, #152]
-	ldr	x28, [x29, #168]
-	ldp	x29, x30, [sp], #0xb0
+	subs	x4, x4, x25
+	sbcs	x5, x5, xzr
+	and	x7, x7, #0x7fffffffffffffff
+	sbcs	x6, x6, xzr
+	sbc	x7, x7, xzr
+	stp	x8, x9, [x0]
+	stp	x10, x11, [x0, #16]
+	stp	x4, x5, [x1]
+	stp	x6, x7, [x1, #16]
+	ldr	x17, [x29, #56]
+	ldr	x19, [x29, #64]
+	ldp	x20, x21, [x29, #72]
+	ldp	x22, x23, [x29, #88]
+	ldp	x24, x25, [x29, #104]
+	ldp	x26, x27, [x29, #120]
+	ldr	x28, [x29, #136]
+	ldp	x29, x30, [sp], #0x90
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_madd,.-fe_ge_madd
+	.size	ge_madd,.-ge_madd
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_msub
-.type	fe_ge_msub,@function
+.globl	ge_msub
+.type	ge_msub,@function
 .align	2
-fe_ge_msub:
+ge_msub:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_msub
+.globl	_ge_msub
 .p2align	2
-_fe_ge_msub:
+_ge_msub:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-176]!
+	stp	x29, x30, [sp, #-144]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	stp	x26, x27, [x29, #152]
-	str	x28, [x29, #168]
+	str	x17, [x29, #56]
+	str	x19, [x29, #64]
+	stp	x20, x21, [x29, #72]
+	stp	x22, x23, [x29, #88]
+	stp	x24, x25, [x29, #104]
+	stp	x26, x27, [x29, #120]
+	str	x28, [x29, #136]
 	str	x0, [x29, #16]
 	str	x1, [x29, #24]
 	str	x2, [x29, #32]
-	str	x3, [x29, #40]
-	str	x4, [x29, #48]
-	str	x5, [x29, #56]
-	str	x6, [x29, #64]
-	str	x7, [x29, #72]
-	ldr	x2, [x29, #56]
-	ldr	x3, [x29, #48]
+	mov	x3, x1
+	add	x2, x1, #32
+	add	x1, x0, #32
 	# Add
-	ldp	x12, x13, [x2]
-	ldp	x14, x15, [x2, #16]
-	ldp	x16, x17, [x3]
-	ldp	x19, x20, [x3, #16]
-	adds	x4, x12, x16
-	adcs	x5, x13, x17
-	adcs	x6, x14, x19
-	adc	x7, x15, x20
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x16, x8, x4
+	adcs	x17, x9, x5
+	adcs	x19, x10, x6
+	adcs	x20, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x20, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
+	adds	x16, x16, x25
+	adcs	x17, x17, xzr
+	and	x20, x20, #0x7fffffffffffffff
+	adcs	x19, x19, xzr
+	adc	x20, x20, xzr
 	# Sub
-	subs	x8, x12, x16
-	sbcs	x9, x13, x17
-	sbcs	x10, x14, x19
-	sbcs	x11, x15, x20
-	mov	x25, #-19
+	subs	x12, x8, x4
+	sbcs	x13, x9, x5
+	sbcs	x14, x10, x6
+	sbcs	x15, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x8, x8, x25
-	adcs	x9, x9, x28
-	adcs	x10, x10, x28
-	adc	x11, x11, x26
-	ldr	x0, [x29, #32]
-	ldr	x2, [x29, #192]
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	ldr	x2, [x29, #32]
+	add	x2, x2, #32
+	mov	x1, x0
 	# Multiply
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x12, x4, x21
-	umulh	x13, x4, x21
-	#  A[0] * B[1]
-	mul	x25, x4, x22
-	umulh	x14, x4, x22
-	adds	x13, x13, x25
-	adc	x14, x14, xzr
-	#  A[1] * B[0]
-	mul	x25, x5, x21
-	umulh	x26, x5, x21
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x4, x23
-	umulh	x26, x4, x23
-	adds	x14, x14, x25
-	adc	x15, x15, x26
-	#  A[1] * B[1]
-	mul	x25, x5, x22
-	umulh	x26, x5, x22
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x6, x21
-	umulh	x26, x6, x21
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x4, x24
-	umulh	x26, x4, x24
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x5, x23
-	umulh	x26, x5, x23
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x6, x22
-	umulh	x26, x6, x22
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x7, x21
-	umulh	x26, x7, x21
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x5, x24
-	umulh	x26, x5, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x6, x23
-	umulh	x26, x6, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x7, x22
-	umulh	x26, x7, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x6, x24
-	umulh	x26, x6, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x7, x23
-	umulh	x26, x7, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x7, x24
-	umulh	x26, x7, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	# A[0] * B[0]
+	umulh	x22, x16, x8
+	mul	x21, x16, x8
+	# A[2] * B[0]
+	umulh	x24, x19, x8
+	mul	x23, x19, x8
+	# A[1] * B[0]
+	mul	x25, x17, x8
+	adds	x22, x22, x25
+	umulh	x26, x17, x8
+	adcs	x23, x23, x26
+	# A[1] * B[3]
+	umulh	x5, x17, x11
+	adc	x24, x24, xzr
+	mul	x4, x17, x11
+	# A[0] * B[1]
+	mul	x25, x16, x9
+	adds	x22, x22, x25
+	umulh	x26, x16, x9
+	adcs	x23, x23, x26
+	# A[2] * B[1]
+	mul	x25, x19, x9
+	adcs	x24, x24, x25
+	umulh	x26, x19, x9
+	adcs	x4, x4, x26
+	adc	x5, x5, xzr
+	# A[1] * B[2]
+	mul	x25, x17, x10
+	adds	x24, x24, x25
+	umulh	x26, x17, x10
+	adcs	x4, x4, x26
+	adcs	x5, x5, xzr
+	adc	x6, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x16, x10
+	adds	x23, x23, x25
+	umulh	x26, x16, x10
+	adcs	x24, x24, x26
+	adcs	x4, x4, xzr
+	adcs	x5, x5, xzr
+	adc	x6, x6, xzr
+	# A[1] * B[1]
+	mul	x25, x17, x9
+	adds	x23, x23, x25
+	umulh	x26, x17, x9
+	adcs	x24, x24, x26
+	# A[3] * B[1]
+	mul	x25, x20, x9
+	adcs	x4, x4, x25
+	umulh	x26, x20, x9
+	adcs	x5, x5, x26
+	adc	x6, x6, xzr
+	# A[2] * B[2]
+	mul	x25, x19, x10
+	adds	x4, x4, x25
+	umulh	x26, x19, x10
+	adcs	x5, x5, x26
+	# A[3] * B[3]
+	mul	x25, x20, x11
+	adcs	x6, x6, x25
+	umulh	x7, x20, x11
+	adc	x7, x7, xzr
+	# A[0] * B[3]
+	mul	x25, x16, x11
+	adds	x24, x24, x25
+	umulh	x26, x16, x11
+	adcs	x4, x4, x26
+	# A[2] * B[3]
+	mul	x25, x19, x11
+	adcs	x5, x5, x25
+	umulh	x26, x19, x11
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
+	# A[3] * B[0]
+	mul	x25, x20, x8
+	adds	x24, x24, x25
+	umulh	x26, x20, x8
+	adcs	x4, x4, x26
+	# A[3] * B[2]
+	mul	x25, x20, x10
+	adcs	x5, x5, x25
+	umulh	x26, x20, x10
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	and	x15, x15, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x12, x12, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x13, x13, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x14, x14, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x15, x15, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x13, x13, x16
-	adcs	x14, x14, x17
-	adcs	x15, x15, x19
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x15, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
-	# Reduce if top bit set
-	and	x27, x25, x15, asr 63
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
-	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #184]
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
+	sub	x2, x2, #32
+	add	x1, x0, #32
+	add	x0, x0, #32
 	# Multiply
-	ldp	x21, x22, [x1]
-	ldp	x23, x24, [x1, #16]
-	#  A[0] * B[0]
-	mul	x4, x8, x21
-	umulh	x5, x8, x21
-	#  A[0] * B[1]
-	mul	x25, x8, x22
-	umulh	x6, x8, x22
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
+	# A[0] * B[0]
+	umulh	x5, x12, x16
+	mul	x4, x12, x16
+	# A[2] * B[0]
+	umulh	x7, x14, x16
+	mul	x6, x14, x16
+	# A[1] * B[0]
+	mul	x25, x13, x16
 	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x9, x21
-	umulh	x26, x9, x21
+	umulh	x26, x13, x16
+	adcs	x6, x6, x26
+	# A[1] * B[3]
+	umulh	x9, x13, x20
+	adc	x7, x7, xzr
+	mul	x8, x13, x20
+	# A[0] * B[1]
+	mul	x25, x12, x17
 	adds	x5, x5, x25
+	umulh	x26, x12, x17
 	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x8, x23
-	umulh	x26, x8, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x9, x22
-	umulh	x26, x9, x22
+	# A[2] * B[1]
+	mul	x25, x14, x17
+	adcs	x7, x7, x25
+	umulh	x26, x14, x17
+	adcs	x8, x8, x26
+	adc	x9, x9, xzr
+	# A[1] * B[2]
+	mul	x25, x13, x19
+	adds	x7, x7, x25
+	umulh	x26, x13, x19
+	adcs	x8, x8, x26
+	adcs	x9, x9, xzr
+	adc	x10, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x12, x19
 	adds	x6, x6, x25
+	umulh	x26, x12, x19
 	adcs	x7, x7, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x10, x21
-	umulh	x26, x10, x21
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x13, x17
 	adds	x6, x6, x25
+	umulh	x26, x13, x17
 	adcs	x7, x7, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x8, x24
-	umulh	x26, x8, x24
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x9, x23
-	umulh	x26, x9, x23
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x10, x22
-	umulh	x26, x10, x22
+	# A[3] * B[1]
+	mul	x25, x15, x17
+	adcs	x8, x8, x25
+	umulh	x26, x15, x17
+	adcs	x9, x9, x26
+	adc	x10, x10, xzr
+	# A[2] * B[2]
+	mul	x25, x14, x19
+	adds	x8, x8, x25
+	umulh	x26, x14, x19
+	adcs	x9, x9, x26
+	# A[3] * B[3]
+	mul	x25, x15, x20
+	adcs	x10, x10, x25
+	umulh	x11, x15, x20
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x12, x20
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x11, x21
-	umulh	x26, x11, x21
+	umulh	x26, x12, x20
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x14, x20
+	adcs	x9, x9, x25
+	umulh	x26, x14, x20
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x15, x16
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x9, x24
-	umulh	x26, x9, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x10, x23
-	umulh	x26, x10, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x11, x22
-	umulh	x26, x11, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x10, x24
-	umulh	x26, x10, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x11, x23
-	umulh	x26, x11, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x11, x24
-	umulh	x26, x11, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	umulh	x26, x15, x16
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x15, x19
+	adcs	x9, x9, x25
+	umulh	x26, x15, x19
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x4, x4, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x5, x5, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x6, x6, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x16
-	adcs	x6, x6, x17
-	adcs	x7, x7, x19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x7, x7, x26
+	umulh	x27, x25, x11
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x7, #63
 	mul	x27, x27, x25
 	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
+	mov	x25, #38
+	mul	x26, x25, x8
+	adds	x4, x4, x26
+	umulh	x8, x25, x8
+	mul	x26, x25, x9
+	adcs	x5, x5, x26
+	umulh	x9, x25, x9
+	mul	x26, x25, x10
+	adcs	x6, x6, x26
+	umulh	x10, x25, x10
 	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #16]
+	adcs	x5, x5, x8
+	adcs	x6, x6, x9
+	adc	x7, x7, x10
+	mov	x3, x0
+	sub	x2, x0, #32
+	sub	x1, x0, #32
 	# Add
-	adds	x8, x12, x4
-	adcs	x9, x13, x5
-	adcs	x10, x14, x6
-	adc	x11, x15, x7
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	adds	x8, x21, x4
+	adcs	x9, x22, x5
+	adcs	x10, x23, x6
+	adcs	x11, x24, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x12, x4
-	sbcs	x17, x13, x5
-	sbcs	x19, x14, x6
-	sbcs	x20, x15, x7
-	mov	x25, #-19
+	subs	x12, x21, x4
+	sbcs	x13, x22, x5
+	sbcs	x14, x23, x6
+	sbcs	x15, x24, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
 	stp	x8, x9, [x0]
 	stp	x10, x11, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #176]
-	ldr	x3, [x29, #72]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x1, [x29, #24]
+	ldr	x2, [x29, #32]
+	add	x2, x2, #0x40
+	add	x1, x1, #0x60
+	add	x0, x0, #0x40
 	# Multiply
-	ldp	x16, x17, [x1]
-	ldp	x19, x20, [x1, #16]
-	ldp	x21, x22, [x3]
-	ldp	x23, x24, [x3, #16]
-	#  A[0] * B[0]
-	mul	x4, x16, x21
-	umulh	x5, x16, x21
-	#  A[0] * B[1]
-	mul	x25, x16, x22
-	umulh	x6, x16, x22
-	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x17, x21
-	umulh	x26, x17, x21
-	adds	x5, x5, x25
-	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x16, x23
-	umulh	x26, x16, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x17, x22
-	umulh	x26, x17, x22
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x19, x21
-	umulh	x26, x19, x21
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, x8, xzr
-	#  A[0] * B[3]
-	mul	x25, x16, x24
-	umulh	x26, x16, x24
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x17, x23
-	umulh	x26, x17, x23
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[2] * B[1]
-	mul	x25, x19, x22
-	umulh	x26, x19, x22
-	adds	x7, x7, x25
+	ldp	x21, x22, [x1]
+	ldp	x23, x24, [x1, #16]
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	# A[0] * B[0]
+	umulh	x17, x21, x4
+	mul	x16, x21, x4
+	# A[2] * B[0]
+	umulh	x20, x23, x4
+	mul	x19, x23, x4
+	# A[1] * B[0]
+	mul	x25, x22, x4
+	adds	x17, x17, x25
+	umulh	x26, x22, x4
+	adcs	x19, x19, x26
+	# A[1] * B[3]
+	umulh	x9, x22, x7
+	adc	x20, x20, xzr
+	mul	x8, x22, x7
+	# A[0] * B[1]
+	mul	x25, x21, x5
+	adds	x17, x17, x25
+	umulh	x26, x21, x5
+	adcs	x19, x19, x26
+	# A[2] * B[1]
+	mul	x25, x23, x5
+	adcs	x20, x20, x25
+	umulh	x26, x23, x5
 	adcs	x8, x8, x26
 	adc	x9, x9, xzr
-	#  A[3] * B[0]
-	mul	x25, x20, x21
-	umulh	x26, x20, x21
-	adds	x7, x7, x25
+	# A[1] * B[2]
+	mul	x25, x22, x6
+	adds	x20, x20, x25
+	umulh	x26, x22, x6
 	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[1] * B[3]
-	mul	x25, x17, x24
-	umulh	x26, x17, x24
-	adds	x8, x8, x25
-	adcs	x9, x9, x26
+	adcs	x9, x9, xzr
 	adc	x10, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x19, x23
-	umulh	x26, x19, x23
-	adds	x8, x8, x25
+	# A[0] * B[2]
+	mul	x25, x21, x6
+	adds	x19, x19, x25
+	umulh	x26, x21, x6
+	adcs	x20, x20, x26
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x22, x5
+	adds	x19, x19, x25
+	umulh	x26, x22, x5
+	adcs	x20, x20, x26
+	# A[3] * B[1]
+	mul	x25, x24, x5
+	adcs	x8, x8, x25
+	umulh	x26, x24, x5
 	adcs	x9, x9, x26
 	adc	x10, x10, xzr
-	#  A[3] * B[1]
-	mul	x25, x20, x22
-	umulh	x26, x20, x22
+	# A[2] * B[2]
+	mul	x25, x23, x6
 	adds	x8, x8, x25
+	umulh	x26, x23, x6
 	adcs	x9, x9, x26
-	adc	x10, x10, xzr
-	#  A[2] * B[3]
-	mul	x25, x19, x24
-	umulh	x26, x19, x24
-	adds	x9, x9, x25
+	# A[3] * B[3]
+	mul	x25, x24, x7
+	adcs	x10, x10, x25
+	umulh	x11, x24, x7
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x21, x7
+	adds	x20, x20, x25
+	umulh	x26, x21, x7
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x23, x7
+	adcs	x9, x9, x25
+	umulh	x26, x23, x7
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x20, x23
-	umulh	x26, x20, x23
-	adds	x9, x9, x25
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x24, x4
+	adds	x20, x20, x25
+	umulh	x26, x24, x4
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x24, x6
+	adcs	x9, x9, x25
+	umulh	x26, x24, x6
 	adcs	x10, x10, x26
 	adc	x11, x11, xzr
-	#  A[3] * B[3]
-	mul	x25, x20, x24
-	umulh	x26, x20, x24
-	adds	x10, x10, x25
-	adc	x11, x11, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x20, x20, x26
+	umulh	x27, x25, x11
+	adc	x27, x27, xzr
 	mov	x25, #19
+	extr	x27, x27, x20, #63
+	mul	x27, x27, x25
+	and	x20, x20, #0x7fffffffffffffff
+	mov	x25, #38
 	mul	x26, x25, x8
+	adds	x16, x16, x26
 	umulh	x8, x25, x8
-	adds	x4, x4, x26
 	mul	x26, x25, x9
+	adcs	x17, x17, x26
 	umulh	x9, x25, x9
-	adcs	x5, x5, x26
 	mul	x26, x25, x10
+	adcs	x19, x19, x26
 	umulh	x10, x25, x10
-	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x8
-	adcs	x6, x6, x9
-	adcs	x7, x7, x10
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
-	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Store
-	ldr	x0, [x29, #32]
-	ldr	x1, [x29, #64]
+	adc	x20, x20, xzr
+	#  Add high product results in
+	adds	x16, x16, x27
+	adcs	x17, x17, x8
+	adcs	x19, x19, x9
+	adc	x20, x20, x10
+	sub	x1, x1, #32
 	# Double
-	ldp	x8, x9, [x1]
-	ldp	x10, x11, [x1, #16]
-	adds	x8, x8, x8
-	adcs	x9, x9, x9
-	adcs	x10, x10, x10
-	adc	x11, x11, x11
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
-	ldr	x1, [x29, #40]
-	# Add
-	adds	x12, x8, x4
-	adcs	x13, x9, x5
-	adcs	x14, x10, x6
-	adc	x15, x11, x7
+	ldp	x12, x13, [x1]
+	ldp	x14, x15, [x1, #16]
+	adds	x12, x12, x12
+	adcs	x13, x13, x13
+	adcs	x14, x14, x14
+	adc	x15, x15, x15
 	mov	x25, #-19
 	asr	x28, x15, #63
 	#   Mask the modulus
@@ -6006,1487 +6983,1865 @@ _fe_ge_msub:
 	sbcs	x13, x13, x28
 	sbcs	x14, x14, x28
 	sbc	x15, x15, x26
+	mov	x3, x0
+	sub	x2, x0, #32
+	sub	x1, x0, #32
+	# Add
+	adds	x8, x12, x16
+	adcs	x9, x13, x17
+	adcs	x10, x14, x19
+	adcs	x11, x15, x20
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
+	#   Sub modulus (if overflow)
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x8, x4
-	sbcs	x17, x9, x5
-	sbcs	x19, x10, x6
-	sbcs	x20, x11, x7
-	mov	x25, #-19
+	subs	x4, x12, x16
+	sbcs	x5, x13, x17
+	sbcs	x6, x14, x19
+	sbcs	x7, x15, x20
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x7, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
-	stp	x12, x13, [x1]
-	stp	x14, x15, [x1, #16]
-	stp	x16, x17, [x0]
-	stp	x19, x20, [x0, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldp	x26, x27, [x29, #152]
-	ldr	x28, [x29, #168]
-	ldp	x29, x30, [sp], #0xb0
+	subs	x4, x4, x25
+	sbcs	x5, x5, xzr
+	and	x7, x7, #0x7fffffffffffffff
+	sbcs	x6, x6, xzr
+	sbc	x7, x7, xzr
+	stp	x8, x9, [x0]
+	stp	x10, x11, [x0, #16]
+	stp	x4, x5, [x1]
+	stp	x6, x7, [x1, #16]
+	ldr	x17, [x29, #56]
+	ldr	x19, [x29, #64]
+	ldp	x20, x21, [x29, #72]
+	ldp	x22, x23, [x29, #88]
+	ldp	x24, x25, [x29, #104]
+	ldp	x26, x27, [x29, #120]
+	ldr	x28, [x29, #136]
+	ldp	x29, x30, [sp], #0x90
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_msub,.-fe_ge_msub
+	.size	ge_msub,.-ge_msub
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_add
-.type	fe_ge_add,@function
+.globl	ge_add
+.type	ge_add,@function
 .align	2
-fe_ge_add:
+ge_add:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_add
+.globl	_ge_add
 .p2align	2
-_fe_ge_add:
+_ge_add:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-176]!
+	stp	x29, x30, [sp, #-144]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	stp	x26, x27, [x29, #152]
-	str	x28, [x29, #168]
+	str	x17, [x29, #56]
+	str	x19, [x29, #64]
+	stp	x20, x21, [x29, #72]
+	stp	x22, x23, [x29, #88]
+	stp	x24, x25, [x29, #104]
+	stp	x26, x27, [x29, #120]
+	str	x28, [x29, #136]
 	str	x0, [x29, #16]
 	str	x1, [x29, #24]
 	str	x2, [x29, #32]
-	str	x3, [x29, #40]
-	str	x4, [x29, #48]
-	str	x5, [x29, #56]
-	str	x6, [x29, #64]
-	str	x7, [x29, #72]
-	ldr	x2, [x29, #56]
-	ldr	x3, [x29, #48]
+	mov	x3, x1
+	add	x2, x1, #32
+	add	x1, x0, #32
 	# Add
-	ldp	x12, x13, [x2]
-	ldp	x14, x15, [x2, #16]
-	ldp	x16, x17, [x3]
-	ldp	x19, x20, [x3, #16]
-	adds	x4, x12, x16
-	adcs	x5, x13, x17
-	adcs	x6, x14, x19
-	adc	x7, x15, x20
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x16, x8, x4
+	adcs	x17, x9, x5
+	adcs	x19, x10, x6
+	adcs	x20, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x20, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
+	adds	x16, x16, x25
+	adcs	x17, x17, xzr
+	and	x20, x20, #0x7fffffffffffffff
+	adcs	x19, x19, xzr
+	adc	x20, x20, xzr
 	# Sub
-	subs	x8, x12, x16
-	sbcs	x9, x13, x17
-	sbcs	x10, x14, x19
-	sbcs	x11, x15, x20
-	mov	x25, #-19
+	subs	x12, x8, x4
+	sbcs	x13, x9, x5
+	sbcs	x14, x10, x6
+	sbcs	x15, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x8, x8, x25
-	adcs	x9, x9, x28
-	adcs	x10, x10, x28
-	adc	x11, x11, x26
-	ldr	x0, [x29, #32]
-	ldr	x2, [x29, #192]
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	ldr	x2, [x29, #32]
+	mov	x1, x0
 	# Multiply
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x12, x4, x21
-	umulh	x13, x4, x21
-	#  A[0] * B[1]
-	mul	x25, x4, x22
-	umulh	x14, x4, x22
-	adds	x13, x13, x25
-	adc	x14, x14, xzr
-	#  A[1] * B[0]
-	mul	x25, x5, x21
-	umulh	x26, x5, x21
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x4, x23
-	umulh	x26, x4, x23
-	adds	x14, x14, x25
-	adc	x15, x15, x26
-	#  A[1] * B[1]
-	mul	x25, x5, x22
-	umulh	x26, x5, x22
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x6, x21
-	umulh	x26, x6, x21
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x4, x24
-	umulh	x26, x4, x24
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x5, x23
-	umulh	x26, x5, x23
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x6, x22
-	umulh	x26, x6, x22
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x7, x21
-	umulh	x26, x7, x21
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x5, x24
-	umulh	x26, x5, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x6, x23
-	umulh	x26, x6, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x7, x22
-	umulh	x26, x7, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x6, x24
-	umulh	x26, x6, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x7, x23
-	umulh	x26, x7, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x7, x24
-	umulh	x26, x7, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	# A[0] * B[0]
+	umulh	x22, x16, x8
+	mul	x21, x16, x8
+	# A[2] * B[0]
+	umulh	x24, x19, x8
+	mul	x23, x19, x8
+	# A[1] * B[0]
+	mul	x25, x17, x8
+	adds	x22, x22, x25
+	umulh	x26, x17, x8
+	adcs	x23, x23, x26
+	# A[1] * B[3]
+	umulh	x5, x17, x11
+	adc	x24, x24, xzr
+	mul	x4, x17, x11
+	# A[0] * B[1]
+	mul	x25, x16, x9
+	adds	x22, x22, x25
+	umulh	x26, x16, x9
+	adcs	x23, x23, x26
+	# A[2] * B[1]
+	mul	x25, x19, x9
+	adcs	x24, x24, x25
+	umulh	x26, x19, x9
+	adcs	x4, x4, x26
+	adc	x5, x5, xzr
+	# A[1] * B[2]
+	mul	x25, x17, x10
+	adds	x24, x24, x25
+	umulh	x26, x17, x10
+	adcs	x4, x4, x26
+	adcs	x5, x5, xzr
+	adc	x6, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x16, x10
+	adds	x23, x23, x25
+	umulh	x26, x16, x10
+	adcs	x24, x24, x26
+	adcs	x4, x4, xzr
+	adcs	x5, x5, xzr
+	adc	x6, x6, xzr
+	# A[1] * B[1]
+	mul	x25, x17, x9
+	adds	x23, x23, x25
+	umulh	x26, x17, x9
+	adcs	x24, x24, x26
+	# A[3] * B[1]
+	mul	x25, x20, x9
+	adcs	x4, x4, x25
+	umulh	x26, x20, x9
+	adcs	x5, x5, x26
+	adc	x6, x6, xzr
+	# A[2] * B[2]
+	mul	x25, x19, x10
+	adds	x4, x4, x25
+	umulh	x26, x19, x10
+	adcs	x5, x5, x26
+	# A[3] * B[3]
+	mul	x25, x20, x11
+	adcs	x6, x6, x25
+	umulh	x7, x20, x11
+	adc	x7, x7, xzr
+	# A[0] * B[3]
+	mul	x25, x16, x11
+	adds	x24, x24, x25
+	umulh	x26, x16, x11
+	adcs	x4, x4, x26
+	# A[2] * B[3]
+	mul	x25, x19, x11
+	adcs	x5, x5, x25
+	umulh	x26, x19, x11
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
+	# A[3] * B[0]
+	mul	x25, x20, x8
+	adds	x24, x24, x25
+	umulh	x26, x20, x8
+	adcs	x4, x4, x26
+	# A[3] * B[2]
+	mul	x25, x20, x10
+	adcs	x5, x5, x25
+	umulh	x26, x20, x10
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	and	x15, x15, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x12, x12, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x13, x13, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x14, x14, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x15, x15, x26
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x13, x13, x16
-	adcs	x14, x14, x17
-	adcs	x15, x15, x19
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x15, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
-	# Reduce if top bit set
-	and	x27, x25, x15, asr 63
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
 	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #200]
+	stp	x21, x22, [x0]
+	stp	x23, x24, [x0, #16]
+	add	x2, x2, #32
+	add	x1, x0, #32
+	add	x0, x0, #32
 	# Multiply
-	ldp	x21, x22, [x1]
-	ldp	x23, x24, [x1, #16]
-	#  A[0] * B[0]
-	mul	x4, x8, x21
-	umulh	x5, x8, x21
-	#  A[0] * B[1]
-	mul	x25, x8, x22
-	umulh	x6, x8, x22
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
+	# A[0] * B[0]
+	umulh	x5, x12, x16
+	mul	x4, x12, x16
+	# A[2] * B[0]
+	umulh	x7, x14, x16
+	mul	x6, x14, x16
+	# A[1] * B[0]
+	mul	x25, x13, x16
 	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x9, x21
-	umulh	x26, x9, x21
+	umulh	x26, x13, x16
+	adcs	x6, x6, x26
+	# A[1] * B[3]
+	umulh	x9, x13, x20
+	adc	x7, x7, xzr
+	mul	x8, x13, x20
+	# A[0] * B[1]
+	mul	x25, x12, x17
 	adds	x5, x5, x25
+	umulh	x26, x12, x17
 	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x8, x23
-	umulh	x26, x8, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x9, x22
-	umulh	x26, x9, x22
+	# A[2] * B[1]
+	mul	x25, x14, x17
+	adcs	x7, x7, x25
+	umulh	x26, x14, x17
+	adcs	x8, x8, x26
+	adc	x9, x9, xzr
+	# A[1] * B[2]
+	mul	x25, x13, x19
+	adds	x7, x7, x25
+	umulh	x26, x13, x19
+	adcs	x8, x8, x26
+	adcs	x9, x9, xzr
+	adc	x10, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x12, x19
 	adds	x6, x6, x25
+	umulh	x26, x12, x19
 	adcs	x7, x7, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x10, x21
-	umulh	x26, x10, x21
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x13, x17
 	adds	x6, x6, x25
+	umulh	x26, x13, x17
 	adcs	x7, x7, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x8, x24
-	umulh	x26, x8, x24
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x9, x23
-	umulh	x26, x9, x23
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x10, x22
-	umulh	x26, x10, x22
+	# A[3] * B[1]
+	mul	x25, x15, x17
+	adcs	x8, x8, x25
+	umulh	x26, x15, x17
+	adcs	x9, x9, x26
+	adc	x10, x10, xzr
+	# A[2] * B[2]
+	mul	x25, x14, x19
+	adds	x8, x8, x25
+	umulh	x26, x14, x19
+	adcs	x9, x9, x26
+	# A[3] * B[3]
+	mul	x25, x15, x20
+	adcs	x10, x10, x25
+	umulh	x11, x15, x20
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x12, x20
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x11, x21
-	umulh	x26, x11, x21
+	umulh	x26, x12, x20
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x14, x20
+	adcs	x9, x9, x25
+	umulh	x26, x14, x20
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x15, x16
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x9, x24
-	umulh	x26, x9, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x10, x23
-	umulh	x26, x10, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x11, x22
-	umulh	x26, x11, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x10, x24
-	umulh	x26, x10, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x11, x23
-	umulh	x26, x11, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x11, x24
-	umulh	x26, x11, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	umulh	x26, x15, x16
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x15, x19
+	adcs	x9, x9, x25
+	umulh	x26, x15, x19
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x4, x4, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x5, x5, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x6, x6, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x16
-	adcs	x6, x6, x17
-	adcs	x7, x7, x19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x7, x7, x26
+	umulh	x27, x25, x11
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x7, #63
 	mul	x27, x27, x25
 	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
+	mov	x25, #38
+	mul	x26, x25, x8
+	adds	x4, x4, x26
+	umulh	x8, x25, x8
+	mul	x26, x25, x9
+	adcs	x5, x5, x26
+	umulh	x9, x25, x9
+	mul	x26, x25, x10
+	adcs	x6, x6, x26
+	umulh	x10, x25, x10
 	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	adcs	x5, x5, x8
+	adcs	x6, x6, x9
+	adc	x7, x7, x10
 	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #16]
+	stp	x4, x5, [x0]
+	stp	x6, x7, [x0, #16]
+	mov	x3, x0
+	sub	x2, x0, #32
+	sub	x1, x0, #32
 	# Add
-	adds	x8, x12, x4
-	adcs	x9, x13, x5
-	adcs	x10, x14, x6
-	adc	x11, x15, x7
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	adds	x8, x21, x4
+	adcs	x9, x22, x5
+	adcs	x10, x23, x6
+	adcs	x11, x24, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x12, x4
-	sbcs	x17, x13, x5
-	sbcs	x19, x14, x6
-	sbcs	x20, x15, x7
-	mov	x25, #-19
+	subs	x12, x21, x4
+	sbcs	x13, x22, x5
+	sbcs	x14, x23, x6
+	sbcs	x15, x24, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
 	stp	x8, x9, [x0]
 	stp	x10, x11, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x0, [x29, #48]
-	ldr	x1, [x29, #64]
-	ldr	x2, [x29, #176]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x1, [x29, #24]
+	ldr	x2, [x29, #32]
+	add	x2, x2, #0x60
+	add	x1, x1, #0x60
+	add	x0, x0, #0x40
 	# Multiply
-	ldp	x12, x13, [x1]
-	ldp	x14, x15, [x1, #16]
-	ldp	x16, x17, [x2]
-	ldp	x19, x20, [x2, #16]
-	#  A[0] * B[0]
-	mul	x4, x12, x16
-	umulh	x5, x12, x16
-	#  A[0] * B[1]
-	mul	x25, x12, x17
-	umulh	x6, x12, x17
-	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x13, x16
-	umulh	x26, x13, x16
-	adds	x5, x5, x25
-	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x12, x19
-	umulh	x26, x12, x19
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x13, x17
-	umulh	x26, x13, x17
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x14, x16
-	umulh	x26, x14, x16
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, x8, xzr
-	#  A[0] * B[3]
-	mul	x25, x12, x20
-	umulh	x26, x12, x20
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x13, x19
-	umulh	x26, x13, x19
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[2] * B[1]
-	mul	x25, x14, x17
-	umulh	x26, x14, x17
-	adds	x7, x7, x25
+	ldp	x21, x22, [x1]
+	ldp	x23, x24, [x1, #16]
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	# A[0] * B[0]
+	umulh	x17, x21, x4
+	mul	x16, x21, x4
+	# A[2] * B[0]
+	umulh	x20, x23, x4
+	mul	x19, x23, x4
+	# A[1] * B[0]
+	mul	x25, x22, x4
+	adds	x17, x17, x25
+	umulh	x26, x22, x4
+	adcs	x19, x19, x26
+	# A[1] * B[3]
+	umulh	x9, x22, x7
+	adc	x20, x20, xzr
+	mul	x8, x22, x7
+	# A[0] * B[1]
+	mul	x25, x21, x5
+	adds	x17, x17, x25
+	umulh	x26, x21, x5
+	adcs	x19, x19, x26
+	# A[2] * B[1]
+	mul	x25, x23, x5
+	adcs	x20, x20, x25
+	umulh	x26, x23, x5
 	adcs	x8, x8, x26
 	adc	x9, x9, xzr
-	#  A[3] * B[0]
-	mul	x25, x15, x16
-	umulh	x26, x15, x16
-	adds	x7, x7, x25
+	# A[1] * B[2]
+	mul	x25, x22, x6
+	adds	x20, x20, x25
+	umulh	x26, x22, x6
 	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[1] * B[3]
-	mul	x25, x13, x20
-	umulh	x26, x13, x20
-	adds	x8, x8, x25
-	adcs	x9, x9, x26
+	adcs	x9, x9, xzr
 	adc	x10, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x14, x19
-	umulh	x26, x14, x19
-	adds	x8, x8, x25
+	# A[0] * B[2]
+	mul	x25, x21, x6
+	adds	x19, x19, x25
+	umulh	x26, x21, x6
+	adcs	x20, x20, x26
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x22, x5
+	adds	x19, x19, x25
+	umulh	x26, x22, x5
+	adcs	x20, x20, x26
+	# A[3] * B[1]
+	mul	x25, x24, x5
+	adcs	x8, x8, x25
+	umulh	x26, x24, x5
 	adcs	x9, x9, x26
 	adc	x10, x10, xzr
-	#  A[3] * B[1]
-	mul	x25, x15, x17
-	umulh	x26, x15, x17
+	# A[2] * B[2]
+	mul	x25, x23, x6
 	adds	x8, x8, x25
+	umulh	x26, x23, x6
 	adcs	x9, x9, x26
-	adc	x10, x10, xzr
-	#  A[2] * B[3]
-	mul	x25, x14, x20
-	umulh	x26, x14, x20
-	adds	x9, x9, x25
+	# A[3] * B[3]
+	mul	x25, x24, x7
+	adcs	x10, x10, x25
+	umulh	x11, x24, x7
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x21, x7
+	adds	x20, x20, x25
+	umulh	x26, x21, x7
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x23, x7
+	adcs	x9, x9, x25
+	umulh	x26, x23, x7
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x15, x19
-	umulh	x26, x15, x19
-	adds	x9, x9, x25
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x24, x4
+	adds	x20, x20, x25
+	umulh	x26, x24, x4
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x24, x6
+	adcs	x9, x9, x25
+	umulh	x26, x24, x6
 	adcs	x10, x10, x26
 	adc	x11, x11, xzr
-	#  A[3] * B[3]
-	mul	x25, x15, x20
-	umulh	x26, x15, x20
-	adds	x10, x10, x25
-	adc	x11, x11, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x20, x20, x26
+	umulh	x27, x25, x11
+	adc	x27, x27, xzr
 	mov	x25, #19
+	extr	x27, x27, x20, #63
+	mul	x27, x27, x25
+	and	x20, x20, #0x7fffffffffffffff
+	mov	x25, #38
 	mul	x26, x25, x8
+	adds	x16, x16, x26
 	umulh	x8, x25, x8
-	adds	x4, x4, x26
 	mul	x26, x25, x9
+	adcs	x17, x17, x26
 	umulh	x9, x25, x9
-	adcs	x5, x5, x26
 	mul	x26, x25, x10
+	adcs	x19, x19, x26
 	umulh	x10, x25, x10
-	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x8
-	adcs	x6, x6, x9
-	adcs	x7, x7, x10
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
-	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	adc	x20, x20, xzr
+	#  Add high product results in
+	adds	x16, x16, x27
+	adcs	x17, x17, x8
+	adcs	x19, x19, x9
+	adc	x20, x20, x10
 	# Store
-	ldr	x0, [x29, #48]
-	# Double
-	adds	x4, x4, x4
-	adcs	x5, x5, x5
-	adcs	x6, x6, x6
-	adc	x7, x7, x7
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #184]
-	ldr	x2, [x29, #72]
+	stp	x16, x17, [x0]
+	stp	x19, x20, [x0, #16]
+	sub	x3, x2, #32
+	sub	x2, x1, #32
+	sub	x1, x0, #32
 	# Multiply
-	ldp	x16, x17, [x1]
-	ldp	x19, x20, [x1, #16]
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x8, x16, x21
-	umulh	x9, x16, x21
-	#  A[0] * B[1]
-	mul	x25, x16, x22
-	umulh	x10, x16, x22
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	ldp	x12, x13, [x3]
+	ldp	x14, x15, [x3, #16]
+	# A[0] * B[0]
+	umulh	x9, x4, x12
+	mul	x8, x4, x12
+	# A[2] * B[0]
+	umulh	x11, x6, x12
+	mul	x10, x6, x12
+	# A[1] * B[0]
+	mul	x25, x5, x12
 	adds	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[1] * B[0]
-	mul	x25, x17, x21
-	umulh	x26, x17, x21
+	umulh	x26, x5, x12
+	adcs	x10, x10, x26
+	# A[1] * B[3]
+	umulh	x17, x5, x15
+	adc	x11, x11, xzr
+	mul	x16, x5, x15
+	# A[0] * B[1]
+	mul	x25, x4, x13
 	adds	x9, x9, x25
+	umulh	x26, x4, x13
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x16, x23
-	umulh	x26, x16, x23
-	adds	x10, x10, x25
-	adc	x11, x11, x26
-	#  A[1] * B[1]
-	mul	x25, x17, x22
-	umulh	x26, x17, x22
+	# A[2] * B[1]
+	mul	x25, x6, x13
+	adcs	x11, x11, x25
+	umulh	x26, x6, x13
+	adcs	x16, x16, x26
+	adc	x17, x17, xzr
+	# A[1] * B[2]
+	mul	x25, x5, x14
+	adds	x11, x11, x25
+	umulh	x26, x5, x14
+	adcs	x16, x16, x26
+	adcs	x17, x17, xzr
+	adc	x19, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x4, x14
 	adds	x10, x10, x25
+	umulh	x26, x4, x14
 	adcs	x11, x11, x26
-	adc	x12, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x19, x21
-	umulh	x26, x19, x21
+	adcs	x16, x16, xzr
+	adcs	x17, x17, xzr
+	adc	x19, x19, xzr
+	# A[1] * B[1]
+	mul	x25, x5, x13
 	adds	x10, x10, x25
+	umulh	x26, x5, x13
 	adcs	x11, x11, x26
-	adc	x12, x12, xzr
-	#  A[0] * B[3]
-	mul	x25, x16, x24
-	umulh	x26, x16, x24
-	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x17, x23
-	umulh	x26, x17, x23
-	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[2] * B[1]
-	mul	x25, x19, x22
-	umulh	x26, x19, x22
+	# A[3] * B[1]
+	mul	x25, x7, x13
+	adcs	x16, x16, x25
+	umulh	x26, x7, x13
+	adcs	x17, x17, x26
+	adc	x19, x19, xzr
+	# A[2] * B[2]
+	mul	x25, x6, x14
+	adds	x16, x16, x25
+	umulh	x26, x6, x14
+	adcs	x17, x17, x26
+	# A[3] * B[3]
+	mul	x25, x7, x15
+	adcs	x19, x19, x25
+	umulh	x20, x7, x15
+	adc	x20, x20, xzr
+	# A[0] * B[3]
+	mul	x25, x4, x15
 	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[3] * B[0]
-	mul	x25, x20, x21
-	umulh	x26, x20, x21
+	umulh	x26, x4, x15
+	adcs	x16, x16, x26
+	# A[2] * B[3]
+	mul	x25, x6, x15
+	adcs	x17, x17, x25
+	umulh	x26, x6, x15
+	adcs	x19, x19, x26
+	adc	x20, x20, xzr
+	# A[3] * B[0]
+	mul	x25, x7, x12
 	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[1] * B[3]
-	mul	x25, x17, x24
-	umulh	x26, x17, x24
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x19, x23
-	umulh	x26, x19, x23
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, x14, xzr
-	#  A[3] * B[1]
-	mul	x25, x20, x22
-	umulh	x26, x20, x22
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, x14, xzr
-	#  A[2] * B[3]
-	mul	x25, x19, x24
-	umulh	x26, x19, x24
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x20, x23
-	umulh	x26, x20, x23
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, x15, xzr
-	#  A[3] * B[3]
-	mul	x25, x20, x24
-	umulh	x26, x20, x24
-	adds	x14, x14, x25
-	adc	x15, x15, x26
+	umulh	x26, x7, x12
+	adcs	x16, x16, x26
+	# A[3] * B[2]
+	mul	x25, x7, x14
+	adcs	x17, x17, x25
+	umulh	x26, x7, x14
+	adcs	x19, x19, x26
+	adc	x20, x20, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x15, x15, x14, #63
-	extr	x14, x14, x13, #63
-	extr	x13, x13, x12, #63
-	extr	x12, x12, x11, #63
-	and	x11, x11, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x12
-	umulh	x12, x25, x12
-	adds	x8, x8, x26
-	mul	x26, x25, x13
-	umulh	x13, x25, x13
-	adcs	x9, x9, x26
-	mul	x26, x25, x14
-	umulh	x14, x25, x14
-	adcs	x10, x10, x26
-	mul	x26, x25, x15
-	umulh	x27, x25, x15
-	adcs	x11, x11, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x9, x9, x12
-	adcs	x10, x10, x13
-	adcs	x11, x11, x14
+	mov	x25, #38
+	mul	x26, x25, x20
+	adds	x11, x11, x26
+	umulh	x27, x25, x20
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x11, #63
 	mul	x27, x27, x25
 	and	x11, x11, #0x7fffffffffffffff
-	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
+	mov	x25, #38
+	mul	x26, x25, x16
+	adds	x8, x8, x26
+	umulh	x16, x25, x16
+	mul	x26, x25, x17
+	adcs	x9, x9, x26
+	umulh	x17, x25, x17
+	mul	x26, x25, x19
+	adcs	x10, x10, x26
+	umulh	x19, x25, x19
 	adc	x11, x11, xzr
-	# Reduce if top bit set
-	and	x27, x25, x11, asr 63
-	and	x11, x11, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
-	adc	x11, x11, xzr
-	# Store
-	ldr	x0, [x29, #32]
-	ldr	x1, [x29, #40]
-	# Add
-	adds	x12, x4, x8
-	adcs	x13, x5, x9
-	adcs	x14, x6, x10
-	adc	x15, x7, x11
+	adcs	x9, x9, x16
+	adcs	x10, x10, x17
+	adc	x11, x11, x19
+	# Double
+	adds	x8, x8, x8
+	adcs	x9, x9, x9
+	adcs	x10, x10, x10
+	adc	x11, x11, x11
 	mov	x25, #-19
-	asr	x28, x15, #63
+	asr	x28, x11, #63
 	#   Mask the modulus
 	and	x25, x28, x25
 	and	x26, x28, #0x7fffffffffffffff
 	#   Sub modulus (if overflow)
-	subs	x12, x12, x25
-	sbcs	x13, x13, x28
-	sbcs	x14, x14, x28
-	sbc	x15, x15, x26
+	subs	x8, x8, x25
+	sbcs	x9, x9, x28
+	sbcs	x10, x10, x28
+	sbc	x11, x11, x26
+	mov	x3, x0
+	sub	x2, x0, #32
+	mov	x1, x0
+	sub	x0, x0, #32
+	# Add
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x21, x8, x4
+	adcs	x22, x9, x5
+	adcs	x23, x10, x6
+	adcs	x24, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x24, #63
+	mul	x25, x28, x25
+	#   Sub modulus (if overflow)
+	adds	x21, x21, x25
+	adcs	x22, x22, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	adcs	x23, x23, xzr
+	adc	x24, x24, xzr
 	# Sub
-	subs	x16, x4, x8
-	sbcs	x17, x5, x9
-	sbcs	x19, x6, x10
-	sbcs	x20, x7, x11
-	mov	x25, #-19
+	subs	x12, x8, x4
+	sbcs	x13, x9, x5
+	sbcs	x14, x10, x6
+	sbcs	x15, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
-	stp	x12, x13, [x0]
-	stp	x14, x15, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldp	x26, x27, [x29, #152]
-	ldr	x28, [x29, #168]
-	ldp	x29, x30, [sp], #0xb0
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	stp	x21, x22, [x0]
+	stp	x23, x24, [x0, #16]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x17, [x29, #56]
+	ldr	x19, [x29, #64]
+	ldp	x20, x21, [x29, #72]
+	ldp	x22, x23, [x29, #88]
+	ldp	x24, x25, [x29, #104]
+	ldp	x26, x27, [x29, #120]
+	ldr	x28, [x29, #136]
+	ldp	x29, x30, [sp], #0x90
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_add,.-fe_ge_add
+	.size	ge_add,.-ge_add
 #endif /* __APPLE__ */
 #ifndef __APPLE__
 .text
-.globl	fe_ge_sub
-.type	fe_ge_sub,@function
+.globl	ge_sub
+.type	ge_sub,@function
 .align	2
-fe_ge_sub:
+ge_sub:
 #else
 .section	__TEXT,__text
-.globl	_fe_ge_sub
+.globl	_ge_sub
 .p2align	2
-_fe_ge_sub:
+_ge_sub:
 #endif /* __APPLE__ */
-	stp	x29, x30, [sp, #-176]!
+	stp	x29, x30, [sp, #-144]!
 	add	x29, sp, #0
-	str	x17, [x29, #88]
-	str	x19, [x29, #96]
-	stp	x20, x21, [x29, #104]
-	stp	x22, x23, [x29, #120]
-	stp	x24, x25, [x29, #136]
-	stp	x26, x27, [x29, #152]
-	str	x28, [x29, #168]
+	str	x17, [x29, #56]
+	str	x19, [x29, #64]
+	stp	x20, x21, [x29, #72]
+	stp	x22, x23, [x29, #88]
+	stp	x24, x25, [x29, #104]
+	stp	x26, x27, [x29, #120]
+	str	x28, [x29, #136]
 	str	x0, [x29, #16]
 	str	x1, [x29, #24]
 	str	x2, [x29, #32]
-	str	x3, [x29, #40]
-	str	x4, [x29, #48]
-	str	x5, [x29, #56]
-	str	x6, [x29, #64]
-	str	x7, [x29, #72]
-	ldr	x2, [x29, #56]
-	ldr	x3, [x29, #48]
+	mov	x3, x1
+	add	x2, x1, #32
+	add	x1, x0, #32
 	# Add
-	ldp	x12, x13, [x2]
-	ldp	x14, x15, [x2, #16]
-	ldp	x16, x17, [x3]
-	ldp	x19, x20, [x3, #16]
-	adds	x4, x12, x16
-	adcs	x5, x13, x17
-	adcs	x6, x14, x19
-	adc	x7, x15, x20
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x16, x8, x4
+	adcs	x17, x9, x5
+	adcs	x19, x10, x6
+	adcs	x20, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x20, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
+	adds	x16, x16, x25
+	adcs	x17, x17, xzr
+	and	x20, x20, #0x7fffffffffffffff
+	adcs	x19, x19, xzr
+	adc	x20, x20, xzr
 	# Sub
-	subs	x8, x12, x16
-	sbcs	x9, x13, x17
-	sbcs	x10, x14, x19
-	sbcs	x11, x15, x20
-	mov	x25, #-19
+	subs	x12, x8, x4
+	sbcs	x13, x9, x5
+	sbcs	x14, x10, x6
+	sbcs	x15, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x8, x8, x25
-	adcs	x9, x9, x28
-	adcs	x10, x10, x28
-	adc	x11, x11, x26
-	ldr	x0, [x29, #32]
-	ldr	x2, [x29, #200]
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
+	ldr	x2, [x29, #32]
+	add	x2, x2, #32
+	mov	x1, x0
 	# Multiply
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x12, x4, x21
-	umulh	x13, x4, x21
-	#  A[0] * B[1]
-	mul	x25, x4, x22
-	umulh	x14, x4, x22
-	adds	x13, x13, x25
-	adc	x14, x14, xzr
-	#  A[1] * B[0]
-	mul	x25, x5, x21
-	umulh	x26, x5, x21
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x4, x23
-	umulh	x26, x4, x23
-	adds	x14, x14, x25
-	adc	x15, x15, x26
-	#  A[1] * B[1]
-	mul	x25, x5, x22
-	umulh	x26, x5, x22
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x6, x21
-	umulh	x26, x6, x21
-	adds	x14, x14, x25
-	adcs	x15, x15, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x4, x24
-	umulh	x26, x4, x24
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x5, x23
-	umulh	x26, x5, x23
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x6, x22
-	umulh	x26, x6, x22
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x7, x21
-	umulh	x26, x7, x21
-	adds	x15, x15, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x5, x24
-	umulh	x26, x5, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x6, x23
-	umulh	x26, x6, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x7, x22
-	umulh	x26, x7, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x6, x24
-	umulh	x26, x6, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x7, x23
-	umulh	x26, x7, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x7, x24
-	umulh	x26, x7, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	ldp	x8, x9, [x2]
+	ldp	x10, x11, [x2, #16]
+	# A[0] * B[0]
+	umulh	x22, x16, x8
+	mul	x21, x16, x8
+	# A[2] * B[0]
+	umulh	x24, x19, x8
+	mul	x23, x19, x8
+	# A[1] * B[0]
+	mul	x25, x17, x8
+	adds	x22, x22, x25
+	umulh	x26, x17, x8
+	adcs	x23, x23, x26
+	# A[1] * B[3]
+	umulh	x5, x17, x11
+	adc	x24, x24, xzr
+	mul	x4, x17, x11
+	# A[0] * B[1]
+	mul	x25, x16, x9
+	adds	x22, x22, x25
+	umulh	x26, x16, x9
+	adcs	x23, x23, x26
+	# A[2] * B[1]
+	mul	x25, x19, x9
+	adcs	x24, x24, x25
+	umulh	x26, x19, x9
+	adcs	x4, x4, x26
+	adc	x5, x5, xzr
+	# A[1] * B[2]
+	mul	x25, x17, x10
+	adds	x24, x24, x25
+	umulh	x26, x17, x10
+	adcs	x4, x4, x26
+	adcs	x5, x5, xzr
+	adc	x6, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x16, x10
+	adds	x23, x23, x25
+	umulh	x26, x16, x10
+	adcs	x24, x24, x26
+	adcs	x4, x4, xzr
+	adcs	x5, x5, xzr
+	adc	x6, x6, xzr
+	# A[1] * B[1]
+	mul	x25, x17, x9
+	adds	x23, x23, x25
+	umulh	x26, x17, x9
+	adcs	x24, x24, x26
+	# A[3] * B[1]
+	mul	x25, x20, x9
+	adcs	x4, x4, x25
+	umulh	x26, x20, x9
+	adcs	x5, x5, x26
+	adc	x6, x6, xzr
+	# A[2] * B[2]
+	mul	x25, x19, x10
+	adds	x4, x4, x25
+	umulh	x26, x19, x10
+	adcs	x5, x5, x26
+	# A[3] * B[3]
+	mul	x25, x20, x11
+	adcs	x6, x6, x25
+	umulh	x7, x20, x11
+	adc	x7, x7, xzr
+	# A[0] * B[3]
+	mul	x25, x16, x11
+	adds	x24, x24, x25
+	umulh	x26, x16, x11
+	adcs	x4, x4, x26
+	# A[2] * B[3]
+	mul	x25, x19, x11
+	adcs	x5, x5, x25
+	umulh	x26, x19, x11
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
+	# A[3] * B[0]
+	mul	x25, x20, x8
+	adds	x24, x24, x25
+	umulh	x26, x20, x8
+	adcs	x4, x4, x26
+	# A[3] * B[2]
+	mul	x25, x20, x10
+	adcs	x5, x5, x25
+	umulh	x26, x20, x10
+	adcs	x6, x6, x26
+	adc	x7, x7, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x15, #63
-	and	x15, x15, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x12, x12, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x13, x13, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x14, x14, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x15, x15, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x13, x13, x16
-	adcs	x14, x14, x17
-	adcs	x15, x15, x19
+	mov	x25, #38
+	mul	x26, x25, x7
+	adds	x24, x24, x26
+	umulh	x27, x25, x7
 	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x15, #63
+	mov	x25, #19
+	extr	x27, x27, x24, #63
 	mul	x27, x27, x25
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	mov	x25, #38
+	mul	x26, x25, x4
+	adds	x21, x21, x26
+	umulh	x4, x25, x4
+	mul	x26, x25, x5
+	adcs	x22, x22, x26
+	umulh	x5, x25, x5
+	mul	x26, x25, x6
+	adcs	x23, x23, x26
+	umulh	x6, x25, x6
+	adc	x24, x24, xzr
+	#  Add high product results in
+	adds	x21, x21, x27
+	adcs	x22, x22, x4
+	adcs	x23, x23, x5
+	adc	x24, x24, x6
 	# Reduce if top bit set
-	and	x27, x25, x15, asr 63
-	and	x15, x15, #0x7fffffffffffffff
-	adds	x12, x12, x27
-	adcs	x13, x13, xzr
-	adcs	x14, x14, xzr
-	adc	x15, x15, xzr
+	mov	x25, #19
+	and	x26, x25, x24, asr 63
+	adds	x21, x21, x26
+	adcs	x22, x22, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	adcs	x23, x23, xzr
+	adc	x24, x24, xzr
 	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #192]
+	stp	x21, x22, [x0]
+	stp	x23, x24, [x0, #16]
+	sub	x2, x2, #32
+	add	x1, x0, #32
+	add	x0, x0, #32
 	# Multiply
-	ldp	x21, x22, [x1]
-	ldp	x23, x24, [x1, #16]
-	#  A[0] * B[0]
-	mul	x4, x8, x21
-	umulh	x5, x8, x21
-	#  A[0] * B[1]
-	mul	x25, x8, x22
-	umulh	x6, x8, x22
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
+	# A[0] * B[0]
+	umulh	x5, x12, x16
+	mul	x4, x12, x16
+	# A[2] * B[0]
+	umulh	x7, x14, x16
+	mul	x6, x14, x16
+	# A[1] * B[0]
+	mul	x25, x13, x16
 	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x9, x21
-	umulh	x26, x9, x21
+	umulh	x26, x13, x16
+	adcs	x6, x6, x26
+	# A[1] * B[3]
+	umulh	x9, x13, x20
+	adc	x7, x7, xzr
+	mul	x8, x13, x20
+	# A[0] * B[1]
+	mul	x25, x12, x17
 	adds	x5, x5, x25
+	umulh	x26, x12, x17
 	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x8, x23
-	umulh	x26, x8, x23
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x9, x22
-	umulh	x26, x9, x22
+	# A[2] * B[1]
+	mul	x25, x14, x17
+	adcs	x7, x7, x25
+	umulh	x26, x14, x17
+	adcs	x8, x8, x26
+	adc	x9, x9, xzr
+	# A[1] * B[2]
+	mul	x25, x13, x19
+	adds	x7, x7, x25
+	umulh	x26, x13, x19
+	adcs	x8, x8, x26
+	adcs	x9, x9, xzr
+	adc	x10, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x12, x19
 	adds	x6, x6, x25
+	umulh	x26, x12, x19
 	adcs	x7, x7, x26
-	adc	x16, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x10, x21
-	umulh	x26, x10, x21
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x13, x17
 	adds	x6, x6, x25
+	umulh	x26, x13, x17
 	adcs	x7, x7, x26
-	adc	x16, x16, xzr
-	#  A[0] * B[3]
-	mul	x25, x8, x24
-	umulh	x26, x8, x24
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x9, x23
-	umulh	x26, x9, x23
-	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[2] * B[1]
-	mul	x25, x10, x22
-	umulh	x26, x10, x22
+	# A[3] * B[1]
+	mul	x25, x15, x17
+	adcs	x8, x8, x25
+	umulh	x26, x15, x17
+	adcs	x9, x9, x26
+	adc	x10, x10, xzr
+	# A[2] * B[2]
+	mul	x25, x14, x19
+	adds	x8, x8, x25
+	umulh	x26, x14, x19
+	adcs	x9, x9, x26
+	# A[3] * B[3]
+	mul	x25, x15, x20
+	adcs	x10, x10, x25
+	umulh	x11, x15, x20
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x12, x20
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[3] * B[0]
-	mul	x25, x11, x21
-	umulh	x26, x11, x21
+	umulh	x26, x12, x20
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x14, x20
+	adcs	x9, x9, x25
+	umulh	x26, x14, x20
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x15, x16
 	adds	x7, x7, x25
-	adcs	x16, x16, x26
-	adc	x17, x17, xzr
-	#  A[1] * B[3]
-	mul	x25, x9, x24
-	umulh	x26, x9, x24
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x10, x23
-	umulh	x26, x10, x23
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[3] * B[1]
-	mul	x25, x11, x22
-	umulh	x26, x11, x22
-	adds	x16, x16, x25
-	adcs	x17, x17, x26
-	adc	x19, x19, xzr
-	#  A[2] * B[3]
-	mul	x25, x10, x24
-	umulh	x26, x10, x24
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x11, x23
-	umulh	x26, x11, x23
-	adds	x17, x17, x25
-	adcs	x19, x19, x26
-	adc	x20, x20, xzr
-	#  A[3] * B[3]
-	mul	x25, x11, x24
-	umulh	x26, x11, x24
-	adds	x19, x19, x25
-	adc	x20, x20, x26
+	umulh	x26, x15, x16
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x15, x19
+	adcs	x9, x9, x25
+	umulh	x26, x15, x19
+	adcs	x10, x10, x26
+	adc	x11, x11, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x20, x20, x19, #63
-	extr	x19, x19, x17, #63
-	extr	x17, x17, x16, #63
-	extr	x16, x16, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x16
-	umulh	x16, x25, x16
-	adds	x4, x4, x26
-	mul	x26, x25, x17
-	umulh	x17, x25, x17
-	adcs	x5, x5, x26
-	mul	x26, x25, x19
-	umulh	x19, x25, x19
-	adcs	x6, x6, x26
-	mul	x26, x25, x20
-	umulh	x27, x25, x20
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x16
-	adcs	x6, x6, x17
-	adcs	x7, x7, x19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x7, x7, x26
+	umulh	x27, x25, x11
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x7, #63
 	mul	x27, x27, x25
 	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
+	mov	x25, #38
+	mul	x26, x25, x8
+	adds	x4, x4, x26
+	umulh	x8, x25, x8
+	mul	x26, x25, x9
+	adcs	x5, x5, x26
+	umulh	x9, x25, x9
+	mul	x26, x25, x10
+	adcs	x6, x6, x26
+	umulh	x10, x25, x10
 	adc	x7, x7, xzr
-	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	adcs	x5, x5, x8
+	adcs	x6, x6, x9
+	adc	x7, x7, x10
 	# Store
-	ldr	x0, [x29, #24]
-	ldr	x1, [x29, #16]
+	stp	x4, x5, [x0]
+	stp	x6, x7, [x0, #16]
+	mov	x3, x0
+	sub	x2, x0, #32
+	sub	x1, x0, #32
 	# Add
-	adds	x8, x12, x4
-	adcs	x9, x13, x5
-	adcs	x10, x14, x6
-	adc	x11, x15, x7
-	mov	x25, #-19
-	asr	x28, x11, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	adds	x8, x21, x4
+	adcs	x9, x22, x5
+	adcs	x10, x23, x6
+	adcs	x11, x24, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x11, #63
+	mul	x25, x28, x25
 	#   Sub modulus (if overflow)
-	subs	x8, x8, x25
-	sbcs	x9, x9, x28
-	sbcs	x10, x10, x28
-	sbc	x11, x11, x26
+	adds	x8, x8, x25
+	adcs	x9, x9, xzr
+	and	x11, x11, #0x7fffffffffffffff
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
 	# Sub
-	subs	x16, x12, x4
-	sbcs	x17, x13, x5
-	sbcs	x19, x14, x6
-	sbcs	x20, x15, x7
-	mov	x25, #-19
+	subs	x12, x21, x4
+	sbcs	x13, x22, x5
+	sbcs	x14, x23, x6
+	sbcs	x15, x24, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
+	subs	x12, x12, x25
+	sbcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	sbcs	x14, x14, xzr
+	sbc	x15, x15, xzr
 	stp	x8, x9, [x0]
 	stp	x10, x11, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x0, [x29, #48]
-	ldr	x1, [x29, #64]
-	ldr	x2, [x29, #176]
+	stp	x12, x13, [x1]
+	stp	x14, x15, [x1, #16]
+	ldr	x1, [x29, #24]
+	ldr	x2, [x29, #32]
+	add	x2, x2, #0x60
+	add	x1, x1, #0x60
+	add	x0, x0, #0x40
 	# Multiply
-	ldp	x12, x13, [x1]
-	ldp	x14, x15, [x1, #16]
-	ldp	x16, x17, [x2]
-	ldp	x19, x20, [x2, #16]
-	#  A[0] * B[0]
-	mul	x4, x12, x16
-	umulh	x5, x12, x16
-	#  A[0] * B[1]
-	mul	x25, x12, x17
-	umulh	x6, x12, x17
-	adds	x5, x5, x25
-	adc	x6, x6, xzr
-	#  A[1] * B[0]
-	mul	x25, x13, x16
-	umulh	x26, x13, x16
-	adds	x5, x5, x25
-	adcs	x6, x6, x26
-	adc	x7, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x12, x19
-	umulh	x26, x12, x19
-	adds	x6, x6, x25
-	adc	x7, x7, x26
-	#  A[1] * B[1]
-	mul	x25, x13, x17
-	umulh	x26, x13, x17
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x14, x16
-	umulh	x26, x14, x16
-	adds	x6, x6, x25
-	adcs	x7, x7, x26
-	adc	x8, x8, xzr
-	#  A[0] * B[3]
-	mul	x25, x12, x20
-	umulh	x26, x12, x20
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x13, x19
-	umulh	x26, x13, x19
-	adds	x7, x7, x25
-	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[2] * B[1]
-	mul	x25, x14, x17
-	umulh	x26, x14, x17
-	adds	x7, x7, x25
+	ldp	x21, x22, [x1]
+	ldp	x23, x24, [x1, #16]
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	# A[0] * B[0]
+	umulh	x17, x21, x4
+	mul	x16, x21, x4
+	# A[2] * B[0]
+	umulh	x20, x23, x4
+	mul	x19, x23, x4
+	# A[1] * B[0]
+	mul	x25, x22, x4
+	adds	x17, x17, x25
+	umulh	x26, x22, x4
+	adcs	x19, x19, x26
+	# A[1] * B[3]
+	umulh	x9, x22, x7
+	adc	x20, x20, xzr
+	mul	x8, x22, x7
+	# A[0] * B[1]
+	mul	x25, x21, x5
+	adds	x17, x17, x25
+	umulh	x26, x21, x5
+	adcs	x19, x19, x26
+	# A[2] * B[1]
+	mul	x25, x23, x5
+	adcs	x20, x20, x25
+	umulh	x26, x23, x5
 	adcs	x8, x8, x26
 	adc	x9, x9, xzr
-	#  A[3] * B[0]
-	mul	x25, x15, x16
-	umulh	x26, x15, x16
-	adds	x7, x7, x25
+	# A[1] * B[2]
+	mul	x25, x22, x6
+	adds	x20, x20, x25
+	umulh	x26, x22, x6
 	adcs	x8, x8, x26
-	adc	x9, x9, xzr
-	#  A[1] * B[3]
-	mul	x25, x13, x20
-	umulh	x26, x13, x20
-	adds	x8, x8, x25
-	adcs	x9, x9, x26
+	adcs	x9, x9, xzr
 	adc	x10, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x14, x19
-	umulh	x26, x14, x19
-	adds	x8, x8, x25
+	# A[0] * B[2]
+	mul	x25, x21, x6
+	adds	x19, x19, x25
+	umulh	x26, x21, x6
+	adcs	x20, x20, x26
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x25, x22, x5
+	adds	x19, x19, x25
+	umulh	x26, x22, x5
+	adcs	x20, x20, x26
+	# A[3] * B[1]
+	mul	x25, x24, x5
+	adcs	x8, x8, x25
+	umulh	x26, x24, x5
 	adcs	x9, x9, x26
 	adc	x10, x10, xzr
-	#  A[3] * B[1]
-	mul	x25, x15, x17
-	umulh	x26, x15, x17
+	# A[2] * B[2]
+	mul	x25, x23, x6
 	adds	x8, x8, x25
+	umulh	x26, x23, x6
 	adcs	x9, x9, x26
-	adc	x10, x10, xzr
-	#  A[2] * B[3]
-	mul	x25, x14, x20
-	umulh	x26, x14, x20
-	adds	x9, x9, x25
+	# A[3] * B[3]
+	mul	x25, x24, x7
+	adcs	x10, x10, x25
+	umulh	x11, x24, x7
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x25, x21, x7
+	adds	x20, x20, x25
+	umulh	x26, x21, x7
+	adcs	x8, x8, x26
+	# A[2] * B[3]
+	mul	x25, x23, x7
+	adcs	x9, x9, x25
+	umulh	x26, x23, x7
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x15, x19
-	umulh	x26, x15, x19
-	adds	x9, x9, x25
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x25, x24, x4
+	adds	x20, x20, x25
+	umulh	x26, x24, x4
+	adcs	x8, x8, x26
+	# A[3] * B[2]
+	mul	x25, x24, x6
+	adcs	x9, x9, x25
+	umulh	x26, x24, x6
 	adcs	x10, x10, x26
 	adc	x11, x11, xzr
-	#  A[3] * B[3]
-	mul	x25, x15, x20
-	umulh	x26, x15, x20
-	adds	x10, x10, x25
-	adc	x11, x11, x26
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x11, x11, x10, #63
-	extr	x10, x10, x9, #63
-	extr	x9, x9, x8, #63
-	extr	x8, x8, x7, #63
-	and	x7, x7, #0x7fffffffffffffff
-	#  Multiply top half by 19
+	mov	x25, #38
+	mul	x26, x25, x11
+	adds	x20, x20, x26
+	umulh	x27, x25, x11
+	adc	x27, x27, xzr
 	mov	x25, #19
+	extr	x27, x27, x20, #63
+	mul	x27, x27, x25
+	and	x20, x20, #0x7fffffffffffffff
+	mov	x25, #38
 	mul	x26, x25, x8
+	adds	x16, x16, x26
 	umulh	x8, x25, x8
-	adds	x4, x4, x26
 	mul	x26, x25, x9
+	adcs	x17, x17, x26
 	umulh	x9, x25, x9
-	adcs	x5, x5, x26
 	mul	x26, x25, x10
+	adcs	x19, x19, x26
 	umulh	x10, x25, x10
-	adcs	x6, x6, x26
-	mul	x26, x25, x11
-	umulh	x27, x25, x11
-	adcs	x7, x7, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x5, x5, x8
-	adcs	x6, x6, x9
-	adcs	x7, x7, x10
-	adc	x27, x27, xzr
-	#  Overflow
-	extr	x27, x27, x7, #63
-	mul	x27, x27, x25
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	adc	x20, x20, xzr
+	#  Add high product results in
+	adds	x16, x16, x27
+	adcs	x17, x17, x8
+	adcs	x19, x19, x9
+	adc	x20, x20, x10
 	# Reduce if top bit set
-	and	x27, x25, x7, asr 63
-	and	x7, x7, #0x7fffffffffffffff
-	adds	x4, x4, x27
-	adcs	x5, x5, xzr
-	adcs	x6, x6, xzr
-	adc	x7, x7, xzr
+	mov	x25, #19
+	and	x26, x25, x20, asr 63
+	adds	x16, x16, x26
+	adcs	x17, x17, xzr
+	and	x20, x20, #0x7fffffffffffffff
+	adcs	x19, x19, xzr
+	adc	x20, x20, xzr
 	# Store
-	ldr	x0, [x29, #48]
-	# Double
-	adds	x4, x4, x4
-	adcs	x5, x5, x5
-	adcs	x6, x6, x6
-	adc	x7, x7, x7
-	mov	x25, #-19
-	asr	x28, x7, #63
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
-	#   Sub modulus (if overflow)
-	subs	x4, x4, x25
-	sbcs	x5, x5, x28
-	sbcs	x6, x6, x28
-	sbc	x7, x7, x26
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #184]
-	ldr	x2, [x29, #72]
+	stp	x16, x17, [x0]
+	stp	x19, x20, [x0, #16]
+	sub	x3, x2, #32
+	sub	x2, x1, #32
+	sub	x1, x0, #32
 	# Multiply
-	ldp	x16, x17, [x1]
-	ldp	x19, x20, [x1, #16]
-	ldp	x21, x22, [x2]
-	ldp	x23, x24, [x2, #16]
-	#  A[0] * B[0]
-	mul	x8, x16, x21
-	umulh	x9, x16, x21
-	#  A[0] * B[1]
-	mul	x25, x16, x22
-	umulh	x10, x16, x22
+	ldp	x4, x5, [x2]
+	ldp	x6, x7, [x2, #16]
+	ldp	x12, x13, [x3]
+	ldp	x14, x15, [x3, #16]
+	# A[0] * B[0]
+	umulh	x9, x4, x12
+	mul	x8, x4, x12
+	# A[2] * B[0]
+	umulh	x11, x6, x12
+	mul	x10, x6, x12
+	# A[1] * B[0]
+	mul	x25, x5, x12
 	adds	x9, x9, x25
-	adc	x10, x10, xzr
-	#  A[1] * B[0]
-	mul	x25, x17, x21
-	umulh	x26, x17, x21
+	umulh	x26, x5, x12
+	adcs	x10, x10, x26
+	# A[1] * B[3]
+	umulh	x17, x5, x15
+	adc	x11, x11, xzr
+	mul	x16, x5, x15
+	# A[0] * B[1]
+	mul	x25, x4, x13
 	adds	x9, x9, x25
+	umulh	x26, x4, x13
 	adcs	x10, x10, x26
-	adc	x11, xzr, xzr
-	#  A[0] * B[2]
-	mul	x25, x16, x23
-	umulh	x26, x16, x23
-	adds	x10, x10, x25
-	adc	x11, x11, x26
-	#  A[1] * B[1]
-	mul	x25, x17, x22
-	umulh	x26, x17, x22
+	# A[2] * B[1]
+	mul	x25, x6, x13
+	adcs	x11, x11, x25
+	umulh	x26, x6, x13
+	adcs	x16, x16, x26
+	adc	x17, x17, xzr
+	# A[1] * B[2]
+	mul	x25, x5, x14
+	adds	x11, x11, x25
+	umulh	x26, x5, x14
+	adcs	x16, x16, x26
+	adcs	x17, x17, xzr
+	adc	x19, xzr, xzr
+	# A[0] * B[2]
+	mul	x25, x4, x14
 	adds	x10, x10, x25
+	umulh	x26, x4, x14
 	adcs	x11, x11, x26
-	adc	x12, xzr, xzr
-	#  A[2] * B[0]
-	mul	x25, x19, x21
-	umulh	x26, x19, x21
+	adcs	x16, x16, xzr
+	adcs	x17, x17, xzr
+	adc	x19, x19, xzr
+	# A[1] * B[1]
+	mul	x25, x5, x13
 	adds	x10, x10, x25
+	umulh	x26, x5, x13
 	adcs	x11, x11, x26
-	adc	x12, x12, xzr
-	#  A[0] * B[3]
-	mul	x25, x16, x24
-	umulh	x26, x16, x24
-	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, xzr, xzr
-	#  A[1] * B[2]
-	mul	x25, x17, x23
-	umulh	x26, x17, x23
-	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[2] * B[1]
-	mul	x25, x19, x22
-	umulh	x26, x19, x22
+	# A[3] * B[1]
+	mul	x25, x7, x13
+	adcs	x16, x16, x25
+	umulh	x26, x7, x13
+	adcs	x17, x17, x26
+	adc	x19, x19, xzr
+	# A[2] * B[2]
+	mul	x25, x6, x14
+	adds	x16, x16, x25
+	umulh	x26, x6, x14
+	adcs	x17, x17, x26
+	# A[3] * B[3]
+	mul	x25, x7, x15
+	adcs	x19, x19, x25
+	umulh	x20, x7, x15
+	adc	x20, x20, xzr
+	# A[0] * B[3]
+	mul	x25, x4, x15
 	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[3] * B[0]
-	mul	x25, x20, x21
-	umulh	x26, x20, x21
+	umulh	x26, x4, x15
+	adcs	x16, x16, x26
+	# A[2] * B[3]
+	mul	x25, x6, x15
+	adcs	x17, x17, x25
+	umulh	x26, x6, x15
+	adcs	x19, x19, x26
+	adc	x20, x20, xzr
+	# A[3] * B[0]
+	mul	x25, x7, x12
 	adds	x11, x11, x25
-	adcs	x12, x12, x26
-	adc	x13, x13, xzr
-	#  A[1] * B[3]
-	mul	x25, x17, x24
-	umulh	x26, x17, x24
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, xzr, xzr
-	#  A[2] * B[2]
-	mul	x25, x19, x23
-	umulh	x26, x19, x23
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, x14, xzr
-	#  A[3] * B[1]
-	mul	x25, x20, x22
-	umulh	x26, x20, x22
-	adds	x12, x12, x25
-	adcs	x13, x13, x26
-	adc	x14, x14, xzr
-	#  A[2] * B[3]
-	mul	x25, x19, x24
-	umulh	x26, x19, x24
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, xzr, xzr
-	#  A[3] * B[2]
-	mul	x25, x20, x23
-	umulh	x26, x20, x23
-	adds	x13, x13, x25
-	adcs	x14, x14, x26
-	adc	x15, x15, xzr
-	#  A[3] * B[3]
-	mul	x25, x20, x24
-	umulh	x26, x20, x24
-	adds	x14, x14, x25
-	adc	x15, x15, x26
+	umulh	x26, x7, x12
+	adcs	x16, x16, x26
+	# A[3] * B[2]
+	mul	x25, x7, x14
+	adcs	x17, x17, x25
+	umulh	x26, x7, x14
+	adcs	x19, x19, x26
+	adc	x20, x20, xzr
 	# Reduce
-	#  Move top half into t4-t7 and remove top bit from t3
-	extr	x15, x15, x14, #63
-	extr	x14, x14, x13, #63
-	extr	x13, x13, x12, #63
-	extr	x12, x12, x11, #63
-	and	x11, x11, #0x7fffffffffffffff
-	#  Multiply top half by 19
-	mov	x25, #19
-	mul	x26, x25, x12
-	umulh	x12, x25, x12
-	adds	x8, x8, x26
-	mul	x26, x25, x13
-	umulh	x13, x25, x13
-	adcs	x9, x9, x26
-	mul	x26, x25, x14
-	umulh	x14, x25, x14
-	adcs	x10, x10, x26
-	mul	x26, x25, x15
-	umulh	x27, x25, x15
-	adcs	x11, x11, x26
-	adc	x27, x27, xzr
-	#  Add remaining product results in
-	adds	x9, x9, x12
-	adcs	x10, x10, x13
-	adcs	x11, x11, x14
+	mov	x25, #38
+	mul	x26, x25, x20
+	adds	x11, x11, x26
+	umulh	x27, x25, x20
 	adc	x27, x27, xzr
-	#  Overflow
+	mov	x25, #19
 	extr	x27, x27, x11, #63
 	mul	x27, x27, x25
 	and	x11, x11, #0x7fffffffffffffff
-	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
+	mov	x25, #38
+	mul	x26, x25, x16
+	adds	x8, x8, x26
+	umulh	x16, x25, x16
+	mul	x26, x25, x17
+	adcs	x9, x9, x26
+	umulh	x17, x25, x17
+	mul	x26, x25, x19
+	adcs	x10, x10, x26
+	umulh	x19, x25, x19
 	adc	x11, x11, xzr
-	# Reduce if top bit set
-	and	x27, x25, x11, asr 63
-	and	x11, x11, #0x7fffffffffffffff
+	#  Add high product results in
 	adds	x8, x8, x27
-	adcs	x9, x9, xzr
-	adcs	x10, x10, xzr
-	adc	x11, x11, xzr
-	# Store
-	ldr	x0, [x29, #40]
-	ldr	x1, [x29, #32]
-	# Add
-	adds	x12, x4, x8
-	adcs	x13, x5, x9
-	adcs	x14, x6, x10
-	adc	x15, x7, x11
+	adcs	x9, x9, x16
+	adcs	x10, x10, x17
+	adc	x11, x11, x19
+	# Double
+	adds	x8, x8, x8
+	adcs	x9, x9, x9
+	adcs	x10, x10, x10
+	adc	x11, x11, x11
 	mov	x25, #-19
-	asr	x28, x15, #63
+	asr	x28, x11, #63
 	#   Mask the modulus
 	and	x25, x28, x25
 	and	x26, x28, #0x7fffffffffffffff
 	#   Sub modulus (if overflow)
-	subs	x12, x12, x25
-	sbcs	x13, x13, x28
-	sbcs	x14, x14, x28
-	sbc	x15, x15, x26
+	subs	x8, x8, x25
+	sbcs	x9, x9, x28
+	sbcs	x10, x10, x28
+	sbc	x11, x11, x26
+	mov	x3, x0
+	sub	x2, x0, #32
+	# Add
+	ldp	x4, x5, [x3]
+	ldp	x6, x7, [x3, #16]
+	adds	x12, x8, x4
+	adcs	x13, x9, x5
+	adcs	x14, x10, x6
+	adcs	x15, x11, x7
+	cset	x28, cs
+	mov	x25, #19
+	extr	x28, x28, x15, #63
+	mul	x25, x28, x25
+	#   Sub modulus (if overflow)
+	adds	x12, x12, x25
+	adcs	x13, x13, xzr
+	and	x15, x15, #0x7fffffffffffffff
+	adcs	x14, x14, xzr
+	adc	x15, x15, xzr
 	# Sub
-	subs	x16, x4, x8
-	sbcs	x17, x5, x9
-	sbcs	x19, x6, x10
-	sbcs	x20, x7, x11
-	mov	x25, #-19
+	subs	x21, x8, x4
+	sbcs	x22, x9, x5
+	sbcs	x23, x10, x6
+	sbcs	x24, x11, x7
 	csetm	x28, cc
-	#   Mask the modulus
-	and	x25, x28, x25
-	and	x26, x28, #0x7fffffffffffffff
+	mov	x25, #-19
+	extr	x28, x28, x24, #63
+	mul	x25, x28, x25
 	#   Add modulus (if underflow)
-	adds	x16, x16, x25
-	adcs	x17, x17, x28
-	adcs	x19, x19, x28
-	adc	x20, x20, x26
+	subs	x21, x21, x25
+	sbcs	x22, x22, xzr
+	and	x24, x24, #0x7fffffffffffffff
+	sbcs	x23, x23, xzr
+	sbc	x24, x24, xzr
 	stp	x12, x13, [x0]
 	stp	x14, x15, [x0, #16]
-	stp	x16, x17, [x1]
-	stp	x19, x20, [x1, #16]
-	ldr	x17, [x29, #88]
-	ldr	x19, [x29, #96]
-	ldp	x20, x21, [x29, #104]
-	ldp	x22, x23, [x29, #120]
-	ldp	x24, x25, [x29, #136]
-	ldp	x26, x27, [x29, #152]
-	ldr	x28, [x29, #168]
-	ldp	x29, x30, [sp], #0xb0
+	stp	x21, x22, [x1]
+	stp	x23, x24, [x1, #16]
+	ldr	x17, [x29, #56]
+	ldr	x19, [x29, #64]
+	ldp	x20, x21, [x29, #72]
+	ldp	x22, x23, [x29, #88]
+	ldp	x24, x25, [x29, #104]
+	ldp	x26, x27, [x29, #120]
+	ldr	x28, [x29, #136]
+	ldp	x29, x30, [sp], #0x90
+	ret
+#ifndef __APPLE__
+	.size	ge_sub,.-ge_sub
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_reduce
+.type	sc_reduce,@function
+.align	2
+sc_reduce:
+#else
+.section	__TEXT,__text
+.globl	_sc_reduce
+.p2align	2
+_sc_reduce:
+#endif /* __APPLE__ */
+	stp	x29, x30, [sp, #-64]!
+	add	x29, sp, #0
+	str	x17, [x29, #16]
+	str	x19, [x29, #24]
+	stp	x20, x21, [x29, #32]
+	stp	x22, x23, [x29, #48]
+	ldp	x2, x3, [x0]
+	ldp	x4, x5, [x0, #16]
+	ldp	x6, x7, [x0, #32]
+	ldp	x8, x9, [x0, #48]
+	lsr	x23, x9, #56
+	lsl	x9, x9, #4
+	orr	x9, x9, x8, lsr 60
+	lsl	x8, x8, #4
+	orr	x8, x8, x7, lsr 60
+	lsl	x7, x7, #4
+	orr	x7, x7, x6, lsr 60
+	lsl	x6, x6, #4
+	mov	x1, #15
+	orr	x6, x6, x5, lsr 60
+	bic	x5, x5, x1, lsl 60
+	bic	x9, x9, x1, lsl 60
+	# Add order times bits 504..511
+	mov	x11, #0x2c13
+	movk	x11, #0xa30a, lsl 16
+	movk	x11, #0x9ce5, lsl 32
+	movk	x11, #0xa7ed, lsl 48
+	mov	x13, #0x6329
+	movk	x13, #0x5d08, lsl 16
+	movk	x13, #0x621, lsl 32
+	movk	x13, #0xeb21, lsl 48
+	mul	x10, x23, x11
+	umulh	x11, x23, x11
+	mul	x12, x23, x13
+	umulh	x13, x23, x13
+	adds	x6, x6, x10
+	adcs	x7, x7, x11
+	adcs	x8, x8, xzr
+	adc	x9, x9, xzr
+	adds	x7, x7, x12
+	adcs	x8, x8, x13
+	adc	x9, x9, xzr
+	subs	x8, x8, x23
+	sbc	x9, x9, xzr
+	# Sub product of top 4 words and order
+	mov	x1, #0x2c13
+	movk	x1, #0xa30a, lsl 16
+	movk	x1, #0x9ce5, lsl 32
+	movk	x1, #0xa7ed, lsl 48
+	mul	x10, x6, x1
+	umulh	x11, x6, x1
+	mul	x12, x7, x1
+	umulh	x13, x7, x1
+	mul	x14, x8, x1
+	umulh	x15, x8, x1
+	mul	x16, x9, x1
+	umulh	x17, x9, x1
+	adds	x2, x2, x10
+	adcs	x3, x3, x11
+	adcs	x4, x4, x14
+	adcs	x5, x5, x15
+	adc	x19, xzr, xzr
+	adds	x3, x3, x12
+	adcs	x4, x4, x13
+	adcs	x5, x5, x16
+	adc	x19, x19, x17
+	mov	x1, #0x6329
+	movk	x1, #0x5d08, lsl 16
+	movk	x1, #0x621, lsl 32
+	movk	x1, #0xeb21, lsl 48
+	mul	x10, x6, x1
+	umulh	x11, x6, x1
+	mul	x12, x7, x1
+	umulh	x13, x7, x1
+	mul	x14, x8, x1
+	umulh	x15, x8, x1
+	mul	x16, x9, x1
+	umulh	x17, x9, x1
+	adds	x3, x3, x10
+	adcs	x4, x4, x11
+	adcs	x5, x5, x14
+	adcs	x19, x19, x15
+	adc	x20, xzr, xzr
+	adds	x4, x4, x12
+	adcs	x5, x5, x13
+	adcs	x19, x19, x16
+	adc	x20, x20, x17
+	subs	x4, x4, x6
+	sbcs	x5, x5, x7
+	sbcs	x6, x19, x8
+	sbc	x7, x20, x9
+	asr	x23, x7, #57
+	#   Conditionally subtract order starting at bit 125
+	mov	x10, xzr
+	mov	x13, xzr
+	mov	x11, #0xba7d
+	movk	x11, #0x4b9e, lsl 16
+	movk	x11, #0x4c63, lsl 32
+	movk	x11, #0xcb02, lsl 48
+	mov	x12, #0xf39a
+	movk	x12, #0xd45e, lsl 16
+	movk	x12, #0xdf3b, lsl 32
+	movk	x12, #0x29b, lsl 48
+	movk	x10, #0xa000, lsl 48
+	movk	x13, #0x200, lsl 48
+	and	x10, x10, x23
+	and	x11, x11, x23
+	and	x12, x12, x23
+	and	x13, x13, x23
+	adds	x3, x3, x10
+	adcs	x4, x4, x11
+	adcs	x5, x5, x12
+	adcs	x6, x6, xzr
+	adc	x7, x7, x13
+	#   Move bits 252-376 to own registers
+	lsl	x7, x7, #4
+	orr	x7, x7, x6, lsr 60
+	lsl	x6, x6, #4
+	mov	x23, #15
+	orr	x6, x6, x5, lsr 60
+	bic	x5, x5, x23, lsl 60
+	# Sub product of top 2 words and order
+	#   * -5812631a5cf5d3ed
+	mov	x1, #0x2c13
+	movk	x1, #0xa30a, lsl 16
+	movk	x1, #0x9ce5, lsl 32
+	movk	x1, #0xa7ed, lsl 48
+	mul	x10, x6, x1
+	umulh	x11, x6, x1
+	mul	x12, x7, x1
+	umulh	x13, x7, x1
+	adds	x2, x2, x10
+	adcs	x3, x3, x11
+	adc	x19, xzr, xzr
+	adds	x3, x3, x12
+	adc	x19, x19, x13
+	#   * -14def9dea2f79cd7
+	mov	x1, #0x6329
+	movk	x1, #0x5d08, lsl 16
+	movk	x1, #0x621, lsl 32
+	movk	x1, #0xeb21, lsl 48
+	mul	x10, x6, x1
+	umulh	x11, x6, x1
+	mul	x12, x7, x1
+	umulh	x13, x7, x1
+	adds	x3, x3, x10
+	adcs	x4, x4, x11
+	adc	x20, xzr, xzr
+	adds	x4, x4, x12
+	adc	x20, x20, x13
+	#   Add overflows at 2 * 64
+	mov	x1, #15
+	bic	x5, x5, x1, lsl 60
+	adds	x4, x4, x19
+	adc	x5, x5, x20
+	#   Subtract top at 2 * 64
+	subs	x4, x4, x6
+	sbcs	x5, x5, x7
+	sbc	x1, x1, x1
+	#   Conditional sub order
+	mov	x10, #0xd3ed
+	movk	x10, #0x5cf5, lsl 16
+	movk	x10, #0x631a, lsl 32
+	movk	x10, #0x5812, lsl 48
+	mov	x11, #0x9cd6
+	movk	x11, #0xa2f7, lsl 16
+	movk	x11, #0xf9de, lsl 32
+	movk	x11, #0x14de, lsl 48
+	and	x10, x10, x1
+	and	x11, x11, x1
+	adds	x2, x2, x10
+	adcs	x3, x3, x11
+	and	x1, x1, #0x1000000000000000
+	adcs	x4, x4, xzr
+	mov	x23, #15
+	adc	x5, x5, x1
+	bic	x5, x5, x23, lsl 60
+	# Store result
+	stp	x2, x3, [x0]
+	stp	x4, x5, [x0, #16]
+	ldr	x17, [x29, #16]
+	ldr	x19, [x29, #24]
+	ldp	x20, x21, [x29, #32]
+	ldp	x22, x23, [x29, #48]
+	ldp	x29, x30, [sp], #0x40
+	ret
+#ifndef __APPLE__
+	.size	sc_reduce,.-sc_reduce
+#endif /* __APPLE__ */
+#ifndef __APPLE__
+.text
+.globl	sc_muladd
+.type	sc_muladd,@function
+.align	2
+sc_muladd:
+#else
+.section	__TEXT,__text
+.globl	_sc_muladd
+.p2align	2
+_sc_muladd:
+#endif /* __APPLE__ */
+	stp	x29, x30, [sp, #-96]!
+	add	x29, sp, #0
+	str	x17, [x29, #24]
+	str	x19, [x29, #32]
+	stp	x20, x21, [x29, #40]
+	stp	x22, x23, [x29, #56]
+	stp	x24, x25, [x29, #72]
+	str	x26, [x29, #88]
+	# Multiply
+	ldp	x12, x13, [x1]
+	ldp	x14, x15, [x1, #16]
+	ldp	x16, x17, [x2]
+	ldp	x19, x20, [x2, #16]
+	# A[0] * B[0]
+	umulh	x5, x12, x16
+	mul	x4, x12, x16
+	# A[2] * B[0]
+	umulh	x7, x14, x16
+	mul	x6, x14, x16
+	# A[1] * B[0]
+	mul	x21, x13, x16
+	adds	x5, x5, x21
+	umulh	x22, x13, x16
+	adcs	x6, x6, x22
+	# A[1] * B[3]
+	umulh	x9, x13, x20
+	adc	x7, x7, xzr
+	mul	x8, x13, x20
+	# A[0] * B[1]
+	mul	x21, x12, x17
+	adds	x5, x5, x21
+	umulh	x22, x12, x17
+	adcs	x6, x6, x22
+	# A[2] * B[1]
+	mul	x21, x14, x17
+	adcs	x7, x7, x21
+	umulh	x22, x14, x17
+	adcs	x8, x8, x22
+	adc	x9, x9, xzr
+	# A[1] * B[2]
+	mul	x21, x13, x19
+	adds	x7, x7, x21
+	umulh	x22, x13, x19
+	adcs	x8, x8, x22
+	adcs	x9, x9, xzr
+	adc	x10, xzr, xzr
+	# A[0] * B[2]
+	mul	x21, x12, x19
+	adds	x6, x6, x21
+	umulh	x22, x12, x19
+	adcs	x7, x7, x22
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adc	x10, x10, xzr
+	# A[1] * B[1]
+	mul	x21, x13, x17
+	adds	x6, x6, x21
+	umulh	x22, x13, x17
+	adcs	x7, x7, x22
+	# A[3] * B[1]
+	mul	x21, x15, x17
+	adcs	x8, x8, x21
+	umulh	x22, x15, x17
+	adcs	x9, x9, x22
+	adc	x10, x10, xzr
+	# A[2] * B[2]
+	mul	x21, x14, x19
+	adds	x8, x8, x21
+	umulh	x22, x14, x19
+	adcs	x9, x9, x22
+	# A[3] * B[3]
+	mul	x21, x15, x20
+	adcs	x10, x10, x21
+	umulh	x11, x15, x20
+	adc	x11, x11, xzr
+	# A[0] * B[3]
+	mul	x21, x12, x20
+	adds	x7, x7, x21
+	umulh	x22, x12, x20
+	adcs	x8, x8, x22
+	# A[2] * B[3]
+	mul	x21, x14, x20
+	adcs	x9, x9, x21
+	umulh	x22, x14, x20
+	adcs	x10, x10, x22
+	adc	x11, x11, xzr
+	# A[3] * B[0]
+	mul	x21, x15, x16
+	adds	x7, x7, x21
+	umulh	x22, x15, x16
+	adcs	x8, x8, x22
+	# A[3] * B[2]
+	mul	x21, x15, x19
+	adcs	x9, x9, x21
+	umulh	x22, x15, x19
+	adcs	x10, x10, x22
+	adc	x11, x11, xzr
+	# Add c to a * b
+	ldp	x12, x13, [x3]
+	ldp	x14, x15, [x3, #16]
+	adds	x4, x4, x12
+	adcs	x5, x5, x13
+	adcs	x6, x6, x14
+	adcs	x7, x7, x15
+	adcs	x8, x8, xzr
+	adcs	x9, x9, xzr
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
+	lsr	x25, x11, #56
+	lsl	x11, x11, #4
+	orr	x11, x11, x10, lsr 60
+	lsl	x10, x10, #4
+	orr	x10, x10, x9, lsr 60
+	lsl	x9, x9, #4
+	orr	x9, x9, x8, lsr 60
+	lsl	x8, x8, #4
+	mov	x26, #15
+	orr	x8, x8, x7, lsr 60
+	bic	x7, x7, x26, lsl 60
+	bic	x11, x11, x26, lsl 60
+	# Add order times bits 504..507
+	mov	x22, #0x2c13
+	movk	x22, #0xa30a, lsl 16
+	movk	x22, #0x9ce5, lsl 32
+	movk	x22, #0xa7ed, lsl 48
+	mov	x24, #0x6329
+	movk	x24, #0x5d08, lsl 16
+	movk	x24, #0x621, lsl 32
+	movk	x24, #0xeb21, lsl 48
+	mul	x21, x25, x22
+	umulh	x22, x25, x22
+	mul	x23, x25, x24
+	umulh	x24, x25, x24
+	adds	x8, x8, x21
+	adcs	x9, x9, x22
+	adcs	x10, x10, xzr
+	adc	x11, x11, xzr
+	adds	x9, x9, x23
+	adcs	x10, x10, x24
+	adc	x11, x11, xzr
+	subs	x10, x10, x25
+	sbc	x11, x11, xzr
+	# Sub product of top 4 words and order
+	mov	x26, #0x2c13
+	movk	x26, #0xa30a, lsl 16
+	movk	x26, #0x9ce5, lsl 32
+	movk	x26, #0xa7ed, lsl 48
+	mul	x16, x8, x26
+	umulh	x17, x8, x26
+	mul	x19, x9, x26
+	umulh	x20, x9, x26
+	mul	x21, x10, x26
+	umulh	x22, x10, x26
+	mul	x23, x11, x26
+	umulh	x24, x11, x26
+	adds	x4, x4, x16
+	adcs	x5, x5, x17
+	adcs	x6, x6, x21
+	adcs	x7, x7, x22
+	adc	x12, xzr, xzr
+	adds	x5, x5, x19
+	adcs	x6, x6, x20
+	adcs	x7, x7, x23
+	adc	x12, x12, x24
+	mov	x26, #0x6329
+	movk	x26, #0x5d08, lsl 16
+	movk	x26, #0x621, lsl 32
+	movk	x26, #0xeb21, lsl 48
+	mul	x16, x8, x26
+	umulh	x17, x8, x26
+	mul	x19, x9, x26
+	umulh	x20, x9, x26
+	mul	x21, x10, x26
+	umulh	x22, x10, x26
+	mul	x23, x11, x26
+	umulh	x24, x11, x26
+	adds	x5, x5, x16
+	adcs	x6, x6, x17
+	adcs	x7, x7, x21
+	adcs	x12, x12, x22
+	adc	x13, xzr, xzr
+	adds	x6, x6, x19
+	adcs	x7, x7, x20
+	adcs	x12, x12, x23
+	adc	x13, x13, x24
+	subs	x6, x6, x8
+	sbcs	x7, x7, x9
+	sbcs	x8, x12, x10
+	sbc	x9, x13, x11
+	asr	x25, x9, #57
+	#   Conditionally subtract order starting at bit 125
+	mov	x16, xzr
+	mov	x20, xzr
+	mov	x17, #0xba7d
+	movk	x17, #0x4b9e, lsl 16
+	movk	x17, #0x4c63, lsl 32
+	movk	x17, #0xcb02, lsl 48
+	mov	x19, #0xf39a
+	movk	x19, #0xd45e, lsl 16
+	movk	x19, #0xdf3b, lsl 32
+	movk	x19, #0x29b, lsl 48
+	movk	x16, #0xa000, lsl 48
+	movk	x20, #0x200, lsl 48
+	and	x16, x16, x25
+	and	x17, x17, x25
+	and	x19, x19, x25
+	and	x20, x20, x25
+	adds	x5, x5, x16
+	adcs	x6, x6, x17
+	adcs	x7, x7, x19
+	adcs	x8, x8, xzr
+	adc	x9, x9, x20
+	#   Move bits 252-376 to own registers
+	lsl	x9, x9, #4
+	orr	x9, x9, x8, lsr 60
+	lsl	x8, x8, #4
+	mov	x25, #15
+	orr	x8, x8, x7, lsr 60
+	bic	x7, x7, x25, lsl 60
+	# Sub product of top 2 words and order
+	#   * -5812631a5cf5d3ed
+	mov	x26, #0x2c13
+	movk	x26, #0xa30a, lsl 16
+	movk	x26, #0x9ce5, lsl 32
+	movk	x26, #0xa7ed, lsl 48
+	mul	x16, x8, x26
+	umulh	x17, x8, x26
+	mul	x19, x9, x26
+	umulh	x20, x9, x26
+	adds	x4, x4, x16
+	adcs	x5, x5, x17
+	adc	x12, xzr, xzr
+	adds	x5, x5, x19
+	adc	x12, x12, x20
+	#   * -14def9dea2f79cd7
+	mov	x26, #0x6329
+	movk	x26, #0x5d08, lsl 16
+	movk	x26, #0x621, lsl 32
+	movk	x26, #0xeb21, lsl 48
+	mul	x16, x8, x26
+	umulh	x17, x8, x26
+	mul	x19, x9, x26
+	umulh	x20, x9, x26
+	adds	x5, x5, x16
+	adcs	x6, x6, x17
+	adc	x13, xzr, xzr
+	adds	x6, x6, x19
+	adc	x13, x13, x20
+	#   Add overflows at 2 * 64
+	mov	x26, #15
+	bic	x7, x7, x26, lsl 60
+	adds	x6, x6, x12
+	adc	x7, x7, x13
+	#   Subtract top at 2 * 64
+	subs	x6, x6, x8
+	sbcs	x7, x7, x9
+	sbc	x26, x26, x26
+	#   Conditional sub order
+	mov	x16, #0xd3ed
+	movk	x16, #0x5cf5, lsl 16
+	movk	x16, #0x631a, lsl 32
+	movk	x16, #0x5812, lsl 48
+	mov	x17, #0x9cd6
+	movk	x17, #0xa2f7, lsl 16
+	movk	x17, #0xf9de, lsl 32
+	movk	x17, #0x14de, lsl 48
+	and	x16, x16, x26
+	and	x17, x17, x26
+	adds	x4, x4, x16
+	adcs	x5, x5, x17
+	and	x26, x26, #0x1000000000000000
+	adcs	x6, x6, xzr
+	mov	x25, #15
+	adc	x7, x7, x26
+	bic	x7, x7, x25, lsl 60
+	# Store result
+	stp	x4, x5, [x0]
+	stp	x6, x7, [x0, #16]
+	ldr	x17, [x29, #24]
+	ldr	x19, [x29, #32]
+	ldp	x20, x21, [x29, #40]
+	ldp	x22, x23, [x29, #56]
+	ldp	x24, x25, [x29, #72]
+	ldr	x26, [x29, #88]
+	ldp	x29, x30, [sp], #0x60
 	ret
 #ifndef __APPLE__
-	.size	fe_ge_sub,.-fe_ge_sub
+	.size	sc_muladd,.-sc_muladd
 #endif /* __APPLE__ */
-#endif /* HAVE_CURVE25519 */
+#endif /* HAVE_ED25519 */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
 #endif /* __aarch64__ */
 #endif /* WOLFSSL_ARMASM */
 
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
index 3484b07b..c9a98222 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-curve25519_c.c
@@ -23,6 +23,7 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* Generated using (from wolfssl):
  *   cd ../scripts
@@ -30,19 +31,26 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
-#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_ARMASM_INLINE
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
+
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
 #include <wolfssl/wolfcrypt/fe_operations.h>
 
 void fe_init()
 {
     __asm__ __volatile__ (
         "\n\t"
-        : 
         :
-        : "memory"
+        :
+        : "memory", "cc"
     );
 }
 
+#ifdef HAVE_ED25519
 void fe_frombytes(fe out, const unsigned char* in)
 {
     __asm__ __volatile__ (
@@ -53,7 +61,7 @@ void fe_frombytes(fe out, const unsigned char* in)
         "stp	x4, x5, [%x[out], #16]\n\t"
         : [out] "+r" (out), [in] "+r" (in)
         :
-        : "memory", "x2", "x3", "x4", "x5", "x6"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "cc"
     );
 }
 
@@ -77,7 +85,7 @@ void fe_tobytes(unsigned char* out, const fe n)
         "stp	x4, x5, [%x[out], #16]\n\t"
         : [out] "+r" (out), [n] "+r" (n)
         :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "cc"
     );
 }
 
@@ -90,7 +98,7 @@ void fe_1(fe n)
         "stp	xzr, xzr, [%x[n], #16]\n\t"
         : [n] "+r" (n)
         :
-        : "memory", "x1"
+        : "memory", "x1", "cc"
     );
 }
 
@@ -102,7 +110,7 @@ void fe_0(fe n)
         "stp	xzr, xzr, [%x[n], #16]\n\t"
         : [n] "+r" (n)
         :
-        : "memory"
+        : "memory", "cc"
     );
 }
 
@@ -116,7 +124,7 @@ void fe_copy(fe r, const fe a)
         "stp	x4, x5, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "x2", "x3", "x4", "x5"
+        : "memory", "x2", "x3", "x4", "x5", "cc"
     );
 }
 
@@ -132,21 +140,22 @@ void fe_sub(fe r, const fe a, const fe b)
         "sbcs	x4, x4, x8\n\t"
         "sbcs	x5, x5, x9\n\t"
         "sbcs	x6, x6, x10\n\t"
-        "mov	x12, #-19\n\t"
         "csetm	x11, cc\n\t"
+        "mov	x12, #-19\n\t"
         /*   Mask the modulus */
-        "and	x12, x11, x12\n\t"
-        "and	x13, x11, #0x7fffffffffffffff\n\t"
+        "extr	x11, x11, x6, #63\n\t"
+        "mul	x12, x11, x12\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x3, x3, x12\n\t"
-        "adcs	x4, x4, x11\n\t"
-        "adcs	x5, x5, x11\n\t"
-        "adc	x6, x6, x13\n\t"
+        "subs	x3, x3, x12\n\t"
+        "sbcs	x4, x4, xzr\n\t"
+        "and	x6, x6, #0x7fffffffffffffff\n\t"
+        "sbcs	x5, x5, xzr\n\t"
+        "sbc	x6, x6, xzr\n\t"
         "stp	x3, x4, [%x[r]]\n\t"
         "stp	x5, x6, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
     );
 }
 
@@ -161,22 +170,23 @@ void fe_add(fe r, const fe a, const fe b)
         "adds	x3, x3, x7\n\t"
         "adcs	x4, x4, x8\n\t"
         "adcs	x5, x5, x9\n\t"
-        "adc	x6, x6, x10\n\t"
-        "mov	x12, #-19\n\t"
-        "asr	x11, x6, #63\n\t"
+        "adcs	x6, x6, x10\n\t"
+        "cset	x11, cs\n\t"
+        "mov	x12, #19\n\t"
         /*   Mask the modulus */
-        "and	x12, x11, x12\n\t"
-        "and	x13, x11, #0x7fffffffffffffff\n\t"
+        "extr	x11, x11, x6, #63\n\t"
+        "mul	x12, x11, x12\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x3, x3, x12\n\t"
-        "sbcs	x4, x4, x11\n\t"
-        "sbcs	x5, x5, x11\n\t"
-        "sbc	x6, x6, x13\n\t"
+        "adds	x3, x3, x12\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "and	x6, x6, #0x7fffffffffffffff\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, x6, xzr\n\t"
         "stp	x3, x4, [%x[r]]\n\t"
         "stp	x5, x6, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
     );
 }
 
@@ -197,7 +207,7 @@ void fe_neg(fe r, const fe a)
         "stp	x8, x9, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
     );
 }
 
@@ -222,7 +232,7 @@ int fe_isnonzero(const fe a)
         "orr	%x[a], %x[a], x3\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "x1", "x2", "x3", "x4", "x5", "x6"
+        : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -241,7 +251,7 @@ int fe_isnegative(const fe a)
         "eor	%x[a], %x[a], x5, lsr 63\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "x1", "x2", "x3", "x4", "x5", "x6"
+        : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -456,10 +466,11 @@ void fe_cmov_table(fe* r, fe* base, signed char b)
         "ldp	x29, x30, [sp], #32\n\t"
         : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
         :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
 }
 
+#endif /* HAVE_ED25519 */
 void fe_mul(fe r, const fe a, const fe b)
 {
     __asm__ __volatile__ (
@@ -468,136 +479,122 @@ void fe_mul(fe r, const fe a, const fe b)
         "ldp	x16, x17, [%x[a], #16]\n\t"
         "ldp	x19, x20, [%x[b]]\n\t"
         "ldp	x21, x22, [%x[b], #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x6, x14, x19\n\t"
+        /* A[0] * B[0] */
         "umulh	x7, x14, x19\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x14, x20\n\t"
-        "umulh	x8, x14, x20\n\t"
-        "adds	x7, x7, x3\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[0] */
+        "mul	x6, x14, x19\n\t"
+        /* A[2] * B[0] */
+        "umulh	x9, x16, x19\n\t"
+        "mul	x8, x16, x19\n\t"
+        /* A[1] * B[0] */
         "mul	x3, x15, x19\n\t"
+        "adds	x7, x7, x3\n\t"
         "umulh	x4, x15, x19\n\t"
+        "adcs	x8, x8, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x11, x15, x22\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "mul	x10, x15, x22\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x14, x20\n\t"
         "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x20\n\t"
         "adcs	x8, x8, x4\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x14, x21\n\t"
-        "umulh	x4, x14, x21\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adc	x9, x9, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x15, x20\n\t"
-        "umulh	x4, x15, x20\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x16, x19\n\t"
-        "umulh	x4, x16, x19\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x14, x22\n\t"
-        "umulh	x4, x14, x22\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x15, x21\n\t"
-        "umulh	x4, x15, x21\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x16, x20\n\t"
+        "adcs	x9, x9, x3\n\t"
         "umulh	x4, x16, x20\n\t"
-        "adds	x9, x9, x3\n\t"
         "adcs	x10, x10, x4\n\t"
         "adc	x11, x11, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x17, x19\n\t"
-        "umulh	x4, x17, x19\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x15, x21\n\t"
         "adds	x9, x9, x3\n\t"
+        "umulh	x4, x15, x21\n\t"
         "adcs	x10, x10, x4\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x15, x22\n\t"
-        "umulh	x4, x15, x22\n\t"
-        "adds	x10, x10, x3\n\t"
-        "adcs	x11, x11, x4\n\t"
+        "adcs	x11, x11, xzr\n\t"
         "adc	x12, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x16, x21\n\t"
-        "umulh	x4, x16, x21\n\t"
-        "adds	x10, x10, x3\n\t"
-        "adcs	x11, x11, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x14, x21\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x21\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adcs	x11, x11, xzr\n\t"
         "adc	x12, x12, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x15, x20\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x15, x20\n\t"
+        "adcs	x9, x9, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x17, x20\n\t"
+        "adcs	x10, x10, x3\n\t"
         "umulh	x4, x17, x20\n\t"
-        "adds	x10, x10, x3\n\t"
         "adcs	x11, x11, x4\n\t"
         "adc	x12, x12, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x16, x21\n\t"
+        "adds	x10, x10, x3\n\t"
+        "umulh	x4, x16, x21\n\t"
+        "adcs	x11, x11, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x17, x22\n\t"
+        "adcs	x12, x12, x3\n\t"
+        "umulh	x13, x17, x22\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x14, x22\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x14, x22\n\t"
+        "adcs	x10, x10, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x16, x22\n\t"
+        "adcs	x11, x11, x3\n\t"
         "umulh	x4, x16, x22\n\t"
-        "adds	x11, x11, x3\n\t"
         "adcs	x12, x12, x4\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x13, x13, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x17, x19\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x17, x19\n\t"
+        "adcs	x10, x10, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x17, x21\n\t"
+        "adcs	x11, x11, x3\n\t"
         "umulh	x4, x17, x21\n\t"
-        "adds	x11, x11, x3\n\t"
         "adcs	x12, x12, x4\n\t"
         "adc	x13, x13, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x17, x22\n\t"
-        "umulh	x4, x17, x22\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adc	x13, x13, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x13, x13, x12, #63\n\t"
-        "extr	x12, x12, x11, #63\n\t"
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x13\n\t"
+        "adds	x9, x9, x4\n\t"
+        "umulh	x5, x3, x13\n\t"
+        "adc	x5, x5, xzr\n\t"
         "mov	x3, #19\n\t"
+        "extr	x5, x5, x9, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x10\n\t"
-        "umulh	x10, x3, x10\n\t"
         "adds	x6, x6, x4\n\t"
+        "umulh	x10, x3, x10\n\t"
         "mul	x4, x3, x11\n\t"
-        "umulh	x11, x3, x11\n\t"
         "adcs	x7, x7, x4\n\t"
+        "umulh	x11, x3, x11\n\t"
         "mul	x4, x3, x12\n\t"
-        "umulh	x12, x3, x12\n\t"
         "adcs	x8, x8, x4\n\t"
-        "mul	x4, x3, x13\n\t"
-        "umulh	x5, x3, x13\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x7, x7, x10\n\t"
-        "adcs	x8, x8, x11\n\t"
-        "adcs	x9, x9, x12\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
-        "extr	x5, x5, x9, #63\n\t"
-        "mul	x5, x5, x3\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
+        "umulh	x12, x3, x12\n\t"
         "adc	x9, x9, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x9, asr 63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x6, x6, x5\n\t"
+        "adcs	x7, x7, x10\n\t"
+        "adcs	x8, x8, x11\n\t"
+        "adc	x9, x9, x12\n\t"
+        /* Reduce if top bit set */
+        "mov	x3, #19\n\t"
+        "and	x4, x3, x9, asr 63\n\t"
+        "adds	x6, x6, x4\n\t"
         "adcs	x7, x7, xzr\n\t"
+        "and	x9, x9, #0x7fffffffffffffff\n\t"
         "adcs	x8, x8, xzr\n\t"
         "adc	x9, x9, xzr\n\t"
         /* Store */
@@ -605,7 +602,7 @@ void fe_mul(fe r, const fe a, const fe b)
         "stp	x8, x9, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
     );
 }
 
@@ -616,33 +613,30 @@ void fe_sq(fe r, const fe a)
         "ldp	x13, x14, [%x[a]]\n\t"
         "ldp	x15, x16, [%x[a], #16]\n\t"
         /*  A[0] * A[1] */
-        "mul	x6, x13, x14\n\t"
         "umulh	x7, x13, x14\n\t"
+        "mul	x6, x13, x14\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x9, x13, x16\n\t"
+        "mul	x8, x13, x16\n\t"
         /*  A[0] * A[2] */
         "mul	x2, x13, x15\n\t"
-        "umulh	x8, x13, x15\n\t"
         "adds	x7, x7, x2\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x2, x13, x16\n\t"
-        "umulh	x9, x13, x16\n\t"
-        "adds	x8, x8, x2\n\t"
-        "adc	x9, x9, xzr\n\t"
+        "umulh	x3, x13, x15\n\t"
+        "adcs	x8, x8, x3\n\t"
+        /*  A[1] * A[3] */
+        "mul	x2, x14, x16\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x10, x14, x16\n\t"
+        "adc	x10, x10, xzr\n\t"
         /*  A[1] * A[2] */
         "mul	x2, x14, x15\n\t"
-        "umulh	x3, x14, x15\n\t"
         "adds	x8, x8, x2\n\t"
+        "umulh	x3, x14, x15\n\t"
         "adcs	x9, x9, x3\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x2, x14, x16\n\t"
-        "umulh	x3, x14, x16\n\t"
-        "adds	x9, x9, x2\n\t"
-        "adc	x10, x10, x3\n\t"
         /*  A[2] * A[3] */
         "mul	x2, x15, x16\n\t"
+        "adcs	x10, x10, x2\n\t"
         "umulh	x11, x15, x16\n\t"
-        "adds	x10, x10, x2\n\t"
         "adc	x11, x11, xzr\n\t"
         /* Double */
         "adds	x6, x6, x6\n\t"
@@ -653,66 +647,56 @@ void fe_sq(fe r, const fe a)
         "adcs	x11, x11, x11\n\t"
         "adc	x12, xzr, xzr\n\t"
         /*  A[0] * A[0] */
+        "umulh	x3, x13, x13\n\t"
         "mul	x5, x13, x13\n\t"
-        "umulh	x4, x13, x13\n\t"
         /*  A[1] * A[1] */
         "mul	x2, x14, x14\n\t"
+        "adds	x6, x6, x3\n\t"
         "umulh	x3, x14, x14\n\t"
-        "adds	x6, x6, x4\n\t"
         "adcs	x7, x7, x2\n\t"
-        "adc	x4, x3, xzr\n\t"
         /*  A[2] * A[2] */
         "mul	x2, x15, x15\n\t"
+        "adcs	x8, x8, x3\n\t"
         "umulh	x3, x15, x15\n\t"
-        "adds	x8, x8, x4\n\t"
         "adcs	x9, x9, x2\n\t"
-        "adc	x4, x3, xzr\n\t"
         /*  A[3] * A[3] */
         "mul	x2, x16, x16\n\t"
+        "adcs	x10, x10, x3\n\t"
         "umulh	x3, x16, x16\n\t"
-        "adds	x10, x10, x4\n\t"
         "adcs	x11, x11, x2\n\t"
         "adc	x12, x12, x3\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x12, x12, x11, #63\n\t"
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "and	x8, x8, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x2, #38\n\t"
+        "mul	x3, x2, x12\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x2, x12\n\t"
+        "adc	x4, x4, xzr\n\t"
         "mov	x2, #19\n\t"
+        "extr	x4, x4, x8, #63\n\t"
+        "mul	x4, x4, x2\n\t"
+        "and	x8, x8, #0x7fffffffffffffff\n\t"
+        "mov	x2, #38\n\t"
         "mul	x3, x2, x9\n\t"
-        "umulh	x9, x2, x9\n\t"
         "adds	x5, x5, x3\n\t"
+        "umulh	x9, x2, x9\n\t"
         "mul	x3, x2, x10\n\t"
-        "umulh	x10, x2, x10\n\t"
         "adcs	x6, x6, x3\n\t"
+        "umulh	x10, x2, x10\n\t"
         "mul	x3, x2, x11\n\t"
-        "umulh	x11, x2, x11\n\t"
         "adcs	x7, x7, x3\n\t"
-        "mul	x3, x2, x12\n\t"
-        "umulh	x4, x2, x12\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x4, x4, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adcs	x8, x8, x11\n\t"
-        "adc	x4, x4, xzr\n\t"
-        /*  Overflow */
-        "extr	x4, x4, x8, #63\n\t"
-        "mul	x4, x4, x2\n\t"
-        "and	x8, x8, #0x7fffffffffffffff\n\t"
-        "adds	x5, x5, x4\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adcs	x7, x7, xzr\n\t"
+        "umulh	x11, x2, x11\n\t"
         "adc	x8, x8, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x4, x2, x8, asr 63\n\t"
-        "and	x8, x8, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x5, x5, x4\n\t"
+        "adcs	x6, x6, x9\n\t"
+        "adcs	x7, x7, x10\n\t"
+        "adc	x8, x8, x11\n\t"
+        /* Reduce if top bit set */
+        "mov	x2, #19\n\t"
+        "and	x3, x2, x8, asr 63\n\t"
+        "adds	x5, x5, x3\n\t"
         "adcs	x6, x6, xzr\n\t"
+        "and	x8, x8, #0x7fffffffffffffff\n\t"
         "adcs	x7, x7, xzr\n\t"
         "adc	x8, x8, xzr\n\t"
         /* Store */
@@ -720,7 +704,7 @@ void fe_sq(fe r, const fe a)
         "stp	x7, x8, [%x[r], #16]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "cc"
     );
 }
 
@@ -792,63 +776,199 @@ void fe_invert(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x50\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x20, #3\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 5 times */
+        "mov	x20, #5\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_invert1_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert1_%=\n\t"
-        "add	x0, x29, #48\n\t"
+        "bne	L_fe_invert1_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
+        "add	x0, x29, #48\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x50\n\t"
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x50\n\t"
-        "add	x1, x29, #48\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x20, #8\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 10 times */
+        "mov	x20, #10\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_invert2_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert2_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_fe_invert2_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
         "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #0x50\n\t"
 #endif /* !NDEBUG */
@@ -858,87 +978,298 @@ void fe_invert(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x70\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x20, #18\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 20 times */
+        "mov	x20, #20\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_fe_invert3_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert3_%=\n\t"
-        "add	x0, x29, #0x50\n\t"
+        "bne	L_fe_invert3_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x70\n\t"
+        "add	x0, x29, #0x50\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x70\n\t"
         "add	x2, x29, #0x50\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x20, #9\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 10 times */
+        "mov	x20, #10\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_fe_invert4_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert4_%=\n\t"
+        "bne	L_fe_invert4_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
         "add	x0, x29, #48\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x50\n\t"
-        "add	x1, x29, #48\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x20, #48\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 50 times */
+        "mov	x20, #50\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_invert5_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert5_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_fe_invert5_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
         "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #0x50\n\t"
 #endif /* !NDEBUG */
@@ -948,81 +1279,299 @@ void fe_invert(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x70\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x20, #0x62\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 100 times */
+        "mov	x20, #0x64\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_fe_invert6_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert6_%=\n\t"
-        "add	x0, x29, #0x50\n\t"
+        "bne	L_fe_invert6_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x70\n\t"
+        "add	x0, x29, #0x50\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x70\n\t"
         "add	x2, x29, #0x50\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x20, #49\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 50 times */
+        "mov	x20, #50\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_fe_invert7_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert7_%=\n\t"
+        "bne	L_fe_invert7_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
         "add	x0, x29, #48\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x20, #4\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 5 times */
+        "mov	x20, #5\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_invert8_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x20, x20, #1\n\t"
-        "bcs	L_fe_invert8_%=\n\t"
+        "bne	L_fe_invert8_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
         "ldr	x0, [x29, #144]\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #16\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
@@ -1032,7 +1581,7 @@ void fe_invert(fe r, const fe a)
         "ldp	x29, x30, [sp], #0xa0\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "x2", "x20"
+        : "memory", "x2", "x20", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
     );
 }
 
@@ -1044,424 +1593,365 @@ int curve25519(byte* r, const byte* n, const byte* a)
         "mov	x23, xzr\n\t"
         "str	%x[r], [x29, #176]\n\t"
         "str	%x[a], [x29, #184]\n\t"
-        /* Copy */
         "ldp	x6, x7, [%x[a]]\n\t"
         "ldp	x8, x9, [%x[a], #16]\n\t"
-        "stp	x6, x7, [x29, #80]\n\t"
-        "stp	x8, x9, [x29, #96]\n\t"
-        /* Set one */
-        "mov	%x[a], #1\n\t"
-        "stp	%x[a], xzr, [%x[r]]\n\t"
-        "stp	xzr, xzr, [%x[r], #16]\n\t"
+        "mov	x10, #1\n\t"
+        "mov	x11, xzr\n\t"
+        "mov	x12, xzr\n\t"
+        "mov	x13, xzr\n\t"
+        "stp	x10, x11, [%x[r]]\n\t"
+        "stp	x12, x13, [%x[r], #16]\n\t"
         /* Set zero */
         "stp	xzr, xzr, [x29, #16]\n\t"
         "stp	xzr, xzr, [x29, #32]\n\t"
-        /* Set one */
-        "mov	%x[a], #1\n\t"
-        "stp	%x[a], xzr, [x29, #48]\n\t"
-        "stp	xzr, xzr, [x29, #64]\n\t"
-        "mov	x25, #62\n\t"
-        "mov	x24, #24\n\t"
-        "\n"
-    "L_curve25519_words_%=: \n\t"
+        "mov	x24, #0xfe\n\t"
         "\n"
     "L_curve25519_bits_%=: \n\t"
-        "ldr	%x[a], [%x[n], x24]\n\t"
-        "lsr	%x[a], %x[a], x25\n\t"
-        "and	%x[a], %x[a], #1\n\t"
-        "eor	x23, x23, %x[a]\n\t"
+        "lsr	x3, x24, #6\n\t"
+        "and	x4, x24, #63\n\t"
+        "ldr	x5, [%x[n], x3, LSL 3]\n\t"
+        "lsr	x5, x5, x4\n\t"
+        "eor	x23, x23, x5\n\t"
+        /* Conditional Swap */
+        "subs	xzr, xzr, x23, lsl 63\n\t"
+        "ldp	x25, x26, [x29, #16]\n\t"
+        "ldp	x27, x28, [x29, #32]\n\t"
+        "csel	x19, x25, x10, ne\n\t"
+        "csel	x25, x10, x25, ne\n\t"
+        "csel	x20, x26, x11, ne\n\t"
+        "csel	x26, x11, x26, ne\n\t"
+        "csel	x21, x27, x12, ne\n\t"
+        "csel	x27, x12, x27, ne\n\t"
+        "csel	x22, x28, x13, ne\n\t"
+        "csel	x28, x13, x28, ne\n\t"
         /* Conditional Swap */
-        "cmp	x23, #1\n\t"
+        "subs	xzr, xzr, x23, lsl 63\n\t"
         "ldp	x10, x11, [%x[r]]\n\t"
         "ldp	x12, x13, [%x[r], #16]\n\t"
-        "ldp	x6, x7, [x29, #80]\n\t"
-        "ldp	x8, x9, [x29, #96]\n\t"
-        "csel	x14, x10, x6, eq\n\t"
-        "csel	x10, x6, x10, eq\n\t"
-        "csel	x15, x11, x7, eq\n\t"
-        "csel	x11, x7, x11, eq\n\t"
-        "csel	x16, x12, x8, eq\n\t"
-        "csel	x12, x8, x12, eq\n\t"
-        "csel	x17, x13, x9, eq\n\t"
-        "csel	x13, x9, x13, eq\n\t"
-        /* Conditional Swap */
-        "cmp	x23, #1\n\t"
-        "ldp	x19, x20, [x29, #16]\n\t"
-        "ldp	x21, x22, [x29, #32]\n\t"
-        "ldp	x6, x7, [x29, #48]\n\t"
-        "ldp	x8, x9, [x29, #64]\n\t"
-        "csel	x5, x19, x6, eq\n\t"
-        "csel	x19, x6, x19, eq\n\t"
-        "csel	x26, x20, x7, eq\n\t"
-        "csel	x20, x7, x20, eq\n\t"
-        "csel	x27, x21, x8, eq\n\t"
-        "csel	x21, x8, x21, eq\n\t"
-        "csel	x28, x22, x9, eq\n\t"
-        "csel	x22, x9, x22, eq\n\t"
-        "mov	x23, %x[a]\n\t"
+        "csel	x14, x10, x6, ne\n\t"
+        "csel	x10, x6, x10, ne\n\t"
+        "csel	x15, x11, x7, ne\n\t"
+        "csel	x11, x7, x11, ne\n\t"
+        "csel	x16, x12, x8, ne\n\t"
+        "csel	x12, x8, x12, ne\n\t"
+        "csel	x17, x13, x9, ne\n\t"
+        "csel	x13, x9, x13, ne\n\t"
+        "mov	x23, x5\n\t"
         /* Add */
-        "adds	x6, x10, x19\n\t"
-        "adcs	x7, x11, x20\n\t"
-        "adcs	x8, x12, x21\n\t"
-        "adc	x9, x13, x22\n\t"
-        "mov	x3, #-19\n\t"
-        "asr	%x[a], x9, #63\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "adds	x6, x10, x25\n\t"
+        "adcs	x7, x11, x26\n\t"
+        "adcs	x8, x12, x27\n\t"
+        "adcs	x9, x13, x28\n\t"
+        "cset	x5, cs\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x9, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x6, x6, x3\n\t"
-        "sbcs	x7, x7, %x[a]\n\t"
-        "sbcs	x8, x8, %x[a]\n\t"
-        "sbc	x9, x9, x4\n\t"
+        "adds	x6, x6, x3\n\t"
+        "adcs	x7, x7, xzr\n\t"
+        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adc	x9, x9, xzr\n\t"
         /* Sub */
-        "subs	x19, x10, x19\n\t"
-        "sbcs	x20, x11, x20\n\t"
-        "sbcs	x21, x12, x21\n\t"
-        "sbcs	x22, x13, x22\n\t"
+        "subs	x25, x10, x25\n\t"
+        "sbcs	x26, x11, x26\n\t"
+        "sbcs	x27, x12, x27\n\t"
+        "sbcs	x28, x13, x28\n\t"
+        "csetm	x5, cc\n\t"
         "mov	x3, #-19\n\t"
-        "csetm	%x[a], cc\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "extr	x5, x5, x28, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x19, x19, x3\n\t"
-        "adcs	x20, x20, %x[a]\n\t"
-        "adcs	x21, x21, %x[a]\n\t"
-        "adc	x22, x22, x4\n\t"
-        "stp	x19, x20, [x29, #144]\n\t"
-        "stp	x21, x22, [x29, #160]\n\t"
+        "subs	x25, x25, x3\n\t"
+        "sbcs	x26, x26, xzr\n\t"
+        "and	x28, x28, #0x7fffffffffffffff\n\t"
+        "sbcs	x27, x27, xzr\n\t"
+        "sbc	x28, x28, xzr\n\t"
+        "stp	x25, x26, [x29, #80]\n\t"
+        "stp	x27, x28, [x29, #96]\n\t"
         /* Add */
-        "adds	x10, x14, x5\n\t"
-        "adcs	x11, x15, x26\n\t"
-        "adcs	x12, x16, x27\n\t"
-        "adc	x13, x17, x28\n\t"
-        "mov	x3, #-19\n\t"
-        "asr	%x[a], x13, #63\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "adds	x10, x14, x19\n\t"
+        "adcs	x11, x15, x20\n\t"
+        "adcs	x12, x16, x21\n\t"
+        "adcs	x13, x17, x22\n\t"
+        "cset	x5, cs\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x10, x10, x3\n\t"
-        "sbcs	x11, x11, %x[a]\n\t"
-        "sbcs	x12, x12, %x[a]\n\t"
-        "sbc	x13, x13, x4\n\t"
+        "adds	x10, x10, x3\n\t"
+        "adcs	x11, x11, xzr\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "adcs	x12, x12, xzr\n\t"
+        "adc	x13, x13, xzr\n\t"
         /* Sub */
-        "subs	x14, x14, x5\n\t"
-        "sbcs	x15, x15, x26\n\t"
-        "sbcs	x16, x16, x27\n\t"
-        "sbcs	x17, x17, x28\n\t"
+        "subs	x14, x14, x19\n\t"
+        "sbcs	x15, x15, x20\n\t"
+        "sbcs	x16, x16, x21\n\t"
+        "sbcs	x17, x17, x22\n\t"
+        "csetm	x5, cc\n\t"
         "mov	x3, #-19\n\t"
-        "csetm	%x[a], cc\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, %x[a]\n\t"
-        "adcs	x16, x16, %x[a]\n\t"
-        "adc	x17, x17, x4\n\t"
+        "subs	x14, x14, x3\n\t"
+        "sbcs	x15, x15, xzr\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "sbcs	x16, x16, xzr\n\t"
+        "sbc	x17, x17, xzr\n\t"
         /* Multiply */
-        /*  A[0] * B[0] */
-        "mul	x19, x14, x6\n\t"
+        /* A[0] * B[0] */
         "umulh	x20, x14, x6\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x14, x7\n\t"
-        "umulh	x21, x14, x7\n\t"
-        "adds	x20, x20, x3\n\t"
-        "adc	x21, x21, xzr\n\t"
-        /*  A[1] * B[0] */
+        "mul	x19, x14, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x22, x16, x6\n\t"
+        "mul	x21, x16, x6\n\t"
+        /* A[1] * B[0] */
         "mul	x3, x15, x6\n\t"
+        "adds	x20, x20, x3\n\t"
         "umulh	x4, x15, x6\n\t"
+        "adcs	x21, x21, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x26, x15, x9\n\t"
+        "adc	x22, x22, xzr\n\t"
+        "mul	x25, x15, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x14, x7\n\t"
         "adds	x20, x20, x3\n\t"
+        "umulh	x4, x14, x7\n\t"
         "adcs	x21, x21, x4\n\t"
-        "adc	x22, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x14, x8\n\t"
-        "umulh	x4, x14, x8\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adc	x22, x22, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x15, x7\n\t"
-        "umulh	x4, x15, x7\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adcs	x22, x22, x4\n\t"
-        "adc	%x[a], xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x16, x6\n\t"
-        "umulh	x4, x16, x6\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adcs	x22, x22, x4\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x14, x9\n\t"
-        "umulh	x4, x14, x9\n\t"
-        "adds	x22, x22, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x15, x8\n\t"
-        "umulh	x4, x15, x8\n\t"
-        "adds	x22, x22, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x16, x7\n\t"
+        "adcs	x22, x22, x3\n\t"
         "umulh	x4, x16, x7\n\t"
-        "adds	x22, x22, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
+        "adcs	x25, x25, x4\n\t"
         "adc	x26, x26, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x17, x6\n\t"
-        "umulh	x4, x17, x6\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x15, x8\n\t"
         "adds	x22, x22, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x15, x9\n\t"
-        "umulh	x4, x15, x9\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        "umulh	x4, x15, x8\n\t"
+        "adcs	x25, x25, x4\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x16, x8\n\t"
-        "umulh	x4, x16, x8\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x14, x8\n\t"
+        "adds	x21, x21, x3\n\t"
+        "umulh	x4, x14, x8\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x25, x25, xzr\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x15, x7\n\t"
+        "adds	x21, x21, x3\n\t"
+        "umulh	x4, x15, x7\n\t"
+        "adcs	x22, x22, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x17, x7\n\t"
+        "adcs	x25, x25, x3\n\t"
         "umulh	x4, x17, x7\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
         "adcs	x26, x26, x4\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x16, x8\n\t"
+        "adds	x25, x25, x3\n\t"
+        "umulh	x4, x16, x8\n\t"
+        "adcs	x26, x26, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x17, x9\n\t"
+        "adcs	x27, x27, x3\n\t"
+        "umulh	x28, x17, x9\n\t"
+        "adc	x28, x28, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x14, x9\n\t"
+        "adds	x22, x22, x3\n\t"
+        "umulh	x4, x14, x9\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x16, x9\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x16, x9\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
-        "adc	x28, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x28, x28, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x17, x6\n\t"
+        "adds	x22, x22, x3\n\t"
+        "umulh	x4, x17, x6\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x17, x8\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x17, x8\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
         "adc	x28, x28, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x17, x9\n\t"
-        "umulh	x4, x17, x9\n\t"
-        "adds	x27, x27, x3\n\t"
-        "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x22, #63\n\t"
-        "and	x22, x22, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x19, x19, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x20, x20, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x21, x21, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x22, x22, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x22, x22, x4\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x20, x20, %x[a]\n\t"
-        "adcs	x21, x21, x26\n\t"
-        "adcs	x22, x22, x27\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x22, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x22, x22, #0x7fffffffffffffff\n\t"
-        "adds	x19, x19, x5\n\t"
-        "adcs	x20, x20, xzr\n\t"
-        "adcs	x21, x21, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x19, x19, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x22, x22, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x22, asr 63\n\t"
-        "and	x22, x22, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x19, x19, x5\n\t"
-        "adcs	x20, x20, xzr\n\t"
-        "adcs	x21, x21, xzr\n\t"
-        "adc	x22, x22, xzr\n\t"
+        "adcs	x20, x20, x25\n\t"
+        "adcs	x21, x21, x26\n\t"
+        "adc	x22, x22, x27\n\t"
         /* Store */
-        "stp	x19, x20, [x29, #112]\n\t"
-        "stp	x21, x22, [x29, #128]\n\t"
+        "stp	x19, x20, [x29, #48]\n\t"
+        "stp	x21, x22, [x29, #64]\n\t"
         /* Multiply */
-        "ldp	%x[a], x26, [x29, #144]\n\t"
-        "ldp	x27, x28, [x29, #160]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x19, x10, %x[a]\n\t"
-        "umulh	x20, x10, %x[a]\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x10, x26\n\t"
-        "umulh	x21, x10, x26\n\t"
+        "ldp	x25, x26, [x29, #80]\n\t"
+        "ldp	x27, x28, [x29, #96]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x20, x10, x25\n\t"
+        "mul	x19, x10, x25\n\t"
+        /* A[2] * B[0] */
+        "umulh	x22, x12, x25\n\t"
+        "mul	x21, x12, x25\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x25\n\t"
         "adds	x20, x20, x3\n\t"
-        "adc	x21, x21, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x3, x11, %x[a]\n\t"
-        "umulh	x4, x11, %x[a]\n\t"
+        "umulh	x4, x11, x25\n\t"
+        "adcs	x21, x21, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x15, x11, x28\n\t"
+        "adc	x22, x22, xzr\n\t"
+        "mul	x14, x11, x28\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x26\n\t"
         "adds	x20, x20, x3\n\t"
+        "umulh	x4, x10, x26\n\t"
         "adcs	x21, x21, x4\n\t"
-        "adc	x22, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x10, x27\n\t"
-        "umulh	x4, x10, x27\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adc	x22, x22, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x11, x26\n\t"
-        "umulh	x4, x11, x26\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adcs	x22, x22, x4\n\t"
-        "adc	x14, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x12, %x[a]\n\t"
-        "umulh	x4, x12, %x[a]\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adcs	x22, x22, x4\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x10, x28\n\t"
-        "umulh	x4, x10, x28\n\t"
-        "adds	x22, x22, x3\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x11, x27\n\t"
-        "umulh	x4, x11, x27\n\t"
-        "adds	x22, x22, x3\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x12, x26\n\t"
+        "adcs	x22, x22, x3\n\t"
         "umulh	x4, x12, x26\n\t"
-        "adds	x22, x22, x3\n\t"
         "adcs	x14, x14, x4\n\t"
         "adc	x15, x15, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x13, %x[a]\n\t"
-        "umulh	x4, x13, %x[a]\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x27\n\t"
         "adds	x22, x22, x3\n\t"
+        "umulh	x4, x11, x27\n\t"
         "adcs	x14, x14, x4\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x11, x28\n\t"
-        "umulh	x4, x11, x28\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, x4\n\t"
+        "adcs	x15, x15, xzr\n\t"
         "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x12, x27\n\t"
-        "umulh	x4, x12, x27\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x27\n\t"
+        "adds	x21, x21, x3\n\t"
+        "umulh	x4, x10, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x14, x14, xzr\n\t"
+        "adcs	x15, x15, xzr\n\t"
         "adc	x16, x16, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x11, x26\n\t"
+        "adds	x21, x21, x3\n\t"
+        "umulh	x4, x11, x26\n\t"
+        "adcs	x22, x22, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x13, x26\n\t"
+        "adcs	x14, x14, x3\n\t"
         "umulh	x4, x13, x26\n\t"
-        "adds	x14, x14, x3\n\t"
         "adcs	x15, x15, x4\n\t"
         "adc	x16, x16, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x12, x27\n\t"
+        "adds	x14, x14, x3\n\t"
+        "umulh	x4, x12, x27\n\t"
+        "adcs	x15, x15, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x28\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "umulh	x17, x13, x28\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x28\n\t"
+        "adds	x22, x22, x3\n\t"
+        "umulh	x4, x10, x28\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x12, x28\n\t"
+        "adcs	x15, x15, x3\n\t"
         "umulh	x4, x12, x28\n\t"
-        "adds	x15, x15, x3\n\t"
         "adcs	x16, x16, x4\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x17, x17, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x25\n\t"
+        "adds	x22, x22, x3\n\t"
+        "umulh	x4, x13, x25\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x13, x27\n\t"
+        "adcs	x15, x15, x3\n\t"
         "umulh	x4, x13, x27\n\t"
-        "adds	x15, x15, x3\n\t"
         "adcs	x16, x16, x4\n\t"
         "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x13, x28\n\t"
-        "umulh	x4, x13, x28\n\t"
-        "adds	x16, x16, x3\n\t"
-        "adc	x17, x17, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "extr	x15, x15, x14, #63\n\t"
-        "extr	x14, x14, x22, #63\n\t"
-        "and	x22, x22, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x22, x22, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
         "mov	x3, #19\n\t"
+        "extr	x5, x5, x22, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x22, x22, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x14\n\t"
-        "umulh	x14, x3, x14\n\t"
         "adds	x19, x19, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
         "mul	x4, x3, x15\n\t"
-        "umulh	x15, x3, x15\n\t"
         "adcs	x20, x20, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
         "mul	x4, x3, x16\n\t"
-        "umulh	x16, x3, x16\n\t"
         "adcs	x21, x21, x4\n\t"
-        "mul	x4, x3, x17\n\t"
-        "umulh	x5, x3, x17\n\t"
-        "adcs	x22, x22, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x20, x20, x14\n\t"
-        "adcs	x21, x21, x15\n\t"
-        "adcs	x22, x22, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
-        "extr	x5, x5, x22, #63\n\t"
-        "mul	x5, x5, x3\n\t"
-        "and	x22, x22, #0x7fffffffffffffff\n\t"
-        "adds	x19, x19, x5\n\t"
-        "adcs	x20, x20, xzr\n\t"
-        "adcs	x21, x21, xzr\n\t"
+        "umulh	x16, x3, x16\n\t"
         "adc	x22, x22, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x22, asr 63\n\t"
-        "and	x22, x22, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x19, x19, x5\n\t"
-        "adcs	x20, x20, xzr\n\t"
-        "adcs	x21, x21, xzr\n\t"
-        "adc	x22, x22, xzr\n\t"
-        /* Store */
+        "adcs	x20, x20, x14\n\t"
+        "adcs	x21, x21, x15\n\t"
+        "adc	x22, x22, x16\n\t"
         /* Square */
         /*  A[0] * A[1] */
-        "mul	x11, %x[a], x26\n\t"
-        "umulh	x12, %x[a], x26\n\t"
+        "umulh	x12, x25, x26\n\t"
+        "mul	x11, x25, x26\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x25, x28\n\t"
+        "mul	x13, x25, x28\n\t"
         /*  A[0] * A[2] */
-        "mul	x3, %x[a], x27\n\t"
-        "umulh	x13, %x[a], x27\n\t"
+        "mul	x3, x25, x27\n\t"
         "adds	x12, x12, x3\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x3, %x[a], x28\n\t"
-        "umulh	x14, %x[a], x28\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adc	x14, x14, xzr\n\t"
+        "umulh	x4, x25, x27\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x26, x28\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x26, x28\n\t"
+        "adc	x15, x15, xzr\n\t"
         /*  A[1] * A[2] */
         "mul	x3, x26, x27\n\t"
-        "umulh	x4, x26, x27\n\t"
         "adds	x13, x13, x3\n\t"
+        "umulh	x4, x26, x27\n\t"
         "adcs	x14, x14, x4\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x3, x26, x28\n\t"
-        "umulh	x4, x26, x28\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adc	x15, x15, x4\n\t"
         /*  A[2] * A[3] */
         "mul	x3, x27, x28\n\t"
+        "adcs	x15, x15, x3\n\t"
         "umulh	x16, x27, x28\n\t"
-        "adds	x15, x15, x3\n\t"
         "adc	x16, x16, xzr\n\t"
         /* Double */
         "adds	x11, x11, x11\n\t"
@@ -1472,304 +1962,241 @@ int curve25519(byte* r, const byte* n, const byte* a)
         "adcs	x16, x16, x16\n\t"
         "adc	x17, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x10, %x[a], %x[a]\n\t"
-        "umulh	x5, %x[a], %x[a]\n\t"
+        "umulh	x4, x25, x25\n\t"
+        "mul	x10, x25, x25\n\t"
         /*  A[1] * A[1] */
         "mul	x3, x26, x26\n\t"
+        "adds	x11, x11, x4\n\t"
         "umulh	x4, x26, x26\n\t"
-        "adds	x11, x11, x5\n\t"
         "adcs	x12, x12, x3\n\t"
-        "adc	x5, x4, xzr\n\t"
         /*  A[2] * A[2] */
         "mul	x3, x27, x27\n\t"
+        "adcs	x13, x13, x4\n\t"
         "umulh	x4, x27, x27\n\t"
-        "adds	x13, x13, x5\n\t"
         "adcs	x14, x14, x3\n\t"
-        "adc	x5, x4, xzr\n\t"
         /*  A[3] * A[3] */
         "mul	x3, x28, x28\n\t"
+        "adcs	x15, x15, x4\n\t"
         "umulh	x4, x28, x28\n\t"
-        "adds	x15, x15, x5\n\t"
         "adcs	x16, x16, x3\n\t"
         "adc	x17, x17, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "extr	x15, x15, x14, #63\n\t"
-        "extr	x14, x14, x13, #63\n\t"
-        "and	x13, x13, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
         "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x14\n\t"
-        "umulh	x14, x3, x14\n\t"
         "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
         "mul	x4, x3, x15\n\t"
-        "umulh	x15, x3, x15\n\t"
         "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
         "mul	x4, x3, x16\n\t"
-        "umulh	x16, x3, x16\n\t"
         "adcs	x12, x12, x4\n\t"
-        "mul	x4, x3, x17\n\t"
-        "umulh	x5, x3, x17\n\t"
-        "adcs	x13, x13, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x11, x11, x14\n\t"
-        "adcs	x12, x12, x15\n\t"
-        "adcs	x13, x13, x16\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
-        "extr	x5, x5, x13, #63\n\t"
-        "mul	x5, x5, x3\n\t"
-        "and	x13, x13, #0x7fffffffffffffff\n\t"
-        "adds	x10, x10, x5\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
+        "umulh	x16, x3, x16\n\t"
         "adc	x13, x13, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x13, asr 63\n\t"
-        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x10, x10, x5\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /* Store */
+        "adcs	x11, x11, x14\n\t"
+        "adcs	x12, x12, x15\n\t"
+        "adc	x13, x13, x16\n\t"
         /* Square */
         /*  A[0] * A[1] */
-        "mul	x15, x6, x7\n\t"
         "umulh	x16, x6, x7\n\t"
+        "mul	x15, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x25, x6, x9\n\t"
+        "mul	x17, x6, x9\n\t"
         /*  A[0] * A[2] */
         "mul	x3, x6, x8\n\t"
-        "umulh	x17, x6, x8\n\t"
         "adds	x16, x16, x3\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x3, x6, x9\n\t"
-        "umulh	%x[a], x6, x9\n\t"
-        "adds	x17, x17, x3\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x25, x25, x3\n\t"
+        "umulh	x26, x7, x9\n\t"
+        "adc	x26, x26, xzr\n\t"
         /*  A[1] * A[2] */
         "mul	x3, x7, x8\n\t"
-        "umulh	x4, x7, x8\n\t"
         "adds	x17, x17, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x3, x7, x9\n\t"
-        "umulh	x4, x7, x9\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adc	x26, x26, x4\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x25, x25, x4\n\t"
         /*  A[2] * A[3] */
         "mul	x3, x8, x9\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x27, x8, x9\n\t"
-        "adds	x26, x26, x3\n\t"
         "adc	x27, x27, xzr\n\t"
         /* Double */
         "adds	x15, x15, x15\n\t"
         "adcs	x16, x16, x16\n\t"
         "adcs	x17, x17, x17\n\t"
-        "adcs	%x[a], %x[a], %x[a]\n\t"
+        "adcs	x25, x25, x25\n\t"
         "adcs	x26, x26, x26\n\t"
         "adcs	x27, x27, x27\n\t"
         "adc	x28, xzr, xzr\n\t"
         /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
         "mul	x14, x6, x6\n\t"
-        "umulh	x5, x6, x6\n\t"
         /*  A[1] * A[1] */
         "mul	x3, x7, x7\n\t"
+        "adds	x15, x15, x4\n\t"
         "umulh	x4, x7, x7\n\t"
-        "adds	x15, x15, x5\n\t"
         "adcs	x16, x16, x3\n\t"
-        "adc	x5, x4, xzr\n\t"
         /*  A[2] * A[2] */
         "mul	x3, x8, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
         "umulh	x4, x8, x8\n\t"
-        "adds	x17, x17, x5\n\t"
-        "adcs	%x[a], %x[a], x3\n\t"
-        "adc	x5, x4, xzr\n\t"
+        "adcs	x25, x25, x3\n\t"
         /*  A[3] * A[3] */
         "mul	x3, x9, x9\n\t"
+        "adcs	x26, x26, x4\n\t"
         "umulh	x4, x9, x9\n\t"
-        "adds	x26, x26, x5\n\t"
         "adcs	x27, x27, x3\n\t"
         "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x17, #63\n\t"
-        "and	x17, x17, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x14, x14, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x15, x15, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x16, x16, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x17, x17, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x17, x17, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x15, x15, %x[a]\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adcs	x17, x17, x27\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x17, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x17, x17, #0x7fffffffffffffff\n\t"
-        "adds	x14, x14, x5\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adcs	x16, x16, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x17, x17, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x17, asr 63\n\t"
-        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x14, x14, x5\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adcs	x16, x16, xzr\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /* Store */
+        "adcs	x15, x15, x25\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adc	x17, x17, x27\n\t"
         /* Multiply */
-        /*  A[0] * B[0] */
-        "mul	x6, x14, x10\n\t"
+        /* A[0] * B[0] */
         "umulh	x7, x14, x10\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x14, x11\n\t"
-        "umulh	x8, x14, x11\n\t"
-        "adds	x7, x7, x3\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[0] */
+        "mul	x6, x14, x10\n\t"
+        /* A[2] * B[0] */
+        "umulh	x9, x16, x10\n\t"
+        "mul	x8, x16, x10\n\t"
+        /* A[1] * B[0] */
         "mul	x3, x15, x10\n\t"
+        "adds	x7, x7, x3\n\t"
         "umulh	x4, x15, x10\n\t"
+        "adcs	x8, x8, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x26, x15, x13\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "mul	x25, x15, x13\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x14, x11\n\t"
         "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x11\n\t"
         "adcs	x8, x8, x4\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x14, x12\n\t"
-        "umulh	x4, x14, x12\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adc	x9, x9, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x15, x11\n\t"
-        "umulh	x4, x15, x11\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	%x[a], xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x16, x10\n\t"
-        "umulh	x4, x16, x10\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x14, x13\n\t"
-        "umulh	x4, x14, x13\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x15, x12\n\t"
-        "umulh	x4, x15, x12\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x16, x11\n\t"
+        "adcs	x9, x9, x3\n\t"
         "umulh	x4, x16, x11\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
+        "adcs	x25, x25, x4\n\t"
         "adc	x26, x26, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x17, x10\n\t"
-        "umulh	x4, x17, x10\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x15, x12\n\t"
         "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x15, x13\n\t"
-        "umulh	x4, x15, x13\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        "umulh	x4, x15, x12\n\t"
+        "adcs	x25, x25, x4\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x16, x12\n\t"
-        "umulh	x4, x16, x12\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x14, x12\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x12\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x25, x25, xzr\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x15, x11\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x15, x11\n\t"
+        "adcs	x9, x9, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x17, x11\n\t"
+        "adcs	x25, x25, x3\n\t"
         "umulh	x4, x17, x11\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
         "adcs	x26, x26, x4\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x16, x12\n\t"
+        "adds	x25, x25, x3\n\t"
+        "umulh	x4, x16, x12\n\t"
+        "adcs	x26, x26, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x17, x13\n\t"
+        "adcs	x27, x27, x3\n\t"
+        "umulh	x28, x17, x13\n\t"
+        "adc	x28, x28, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x14, x13\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x14, x13\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x16, x13\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x16, x13\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
-        "adc	x28, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x28, x28, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x17, x10\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x17, x10\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x17, x12\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x17, x12\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
         "adc	x28, x28, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x17, x13\n\t"
-        "umulh	x4, x17, x13\n\t"
-        "adds	x27, x27, x3\n\t"
-        "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x9, #63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x6, x6, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x8, x8, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x9, x9, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x7, x7, %x[a]\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adcs	x9, x9, x27\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x9, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x6, x6, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x9, x9, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x9, asr 63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x9, x9, xzr\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, x27\n\t"
         /* Store */
         "stp	x6, x7, [%x[r]]\n\t"
         "stp	x8, x9, [%x[r], #16]\n\t"
@@ -1778,576 +2205,479 @@ int curve25519(byte* r, const byte* n, const byte* a)
         "sbcs	x15, x15, x11\n\t"
         "sbcs	x16, x16, x12\n\t"
         "sbcs	x17, x17, x13\n\t"
+        "csetm	x5, cc\n\t"
         "mov	x3, #-19\n\t"
-        "csetm	%x[a], cc\n\t"
         /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, %x[a]\n\t"
-        "adcs	x16, x16, %x[a]\n\t"
-        "adc	x17, x17, x4\n\t"
+        "subs	x14, x14, x3\n\t"
+        "sbcs	x15, x15, xzr\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "sbcs	x16, x16, xzr\n\t"
+        "sbc	x17, x17, xzr\n\t"
         /* Multiply by 121666 */
         "mov	x5, #0xdb42\n\t"
         "movk	x5, #1, lsl 16\n\t"
         "mul	x6, x14, x5\n\t"
         "umulh	x7, x14, x5\n\t"
         "mul	x3, x15, x5\n\t"
-        "umulh	x4, x15, x5\n\t"
+        "umulh	x8, x15, x5\n\t"
         "adds	x7, x7, x3\n\t"
-        "adc	x8, xzr, x4\n\t"
+        "adc	x8, x8, xzr\n\t"
         "mul	x3, x16, x5\n\t"
-        "umulh	x4, x16, x5\n\t"
+        "umulh	x9, x16, x5\n\t"
         "adds	x8, x8, x3\n\t"
-        "adc	x9, xzr, x4\n\t"
+        "adc	x9, x9, xzr\n\t"
         "mul	x3, x17, x5\n\t"
         "umulh	x4, x17, x5\n\t"
         "adds	x9, x9, x3\n\t"
-        "adc	x4, xzr, x4\n\t"
+        "adc	x4, x4, xzr\n\t"
         "mov	x5, #19\n\t"
         "extr	x4, x4, x9, #63\n\t"
         "mul	x4, x4, x5\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
         "adds	x6, x6, x4\n\t"
         "adcs	x7, x7, xzr\n\t"
+        "and	x9, x9, #0x7fffffffffffffff\n\t"
         "adcs	x8, x8, xzr\n\t"
         "adc	x9, x9, xzr\n\t"
         /* Add */
         "adds	x10, x10, x6\n\t"
         "adcs	x11, x11, x7\n\t"
         "adcs	x12, x12, x8\n\t"
-        "adc	x13, x13, x9\n\t"
-        "mov	x3, #-19\n\t"
-        "asr	%x[a], x13, #63\n\t"
+        "adcs	x13, x13, x9\n\t"
+        "cset	x5, cs\n\t"
+        "mov	x3, #19\n\t"
         /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x10, x10, x3\n\t"
-        "sbcs	x11, x11, %x[a]\n\t"
-        "sbcs	x12, x12, %x[a]\n\t"
-        "sbc	x13, x13, x4\n\t"
+        "adds	x10, x10, x3\n\t"
+        "adcs	x11, x11, xzr\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "adcs	x12, x12, xzr\n\t"
+        "adc	x13, x13, xzr\n\t"
         /* Multiply */
-        /*  A[0] * B[0] */
-        "mul	x6, x14, x10\n\t"
+        /* A[0] * B[0] */
         "umulh	x7, x14, x10\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x14, x11\n\t"
-        "umulh	x8, x14, x11\n\t"
-        "adds	x7, x7, x3\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[0] */
+        "mul	x6, x14, x10\n\t"
+        /* A[2] * B[0] */
+        "umulh	x9, x16, x10\n\t"
+        "mul	x8, x16, x10\n\t"
+        /* A[1] * B[0] */
         "mul	x3, x15, x10\n\t"
+        "adds	x7, x7, x3\n\t"
         "umulh	x4, x15, x10\n\t"
+        "adcs	x8, x8, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x26, x15, x13\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "mul	x25, x15, x13\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x14, x11\n\t"
         "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x11\n\t"
         "adcs	x8, x8, x4\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x14, x12\n\t"
-        "umulh	x4, x14, x12\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adc	x9, x9, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x15, x11\n\t"
-        "umulh	x4, x15, x11\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	%x[a], xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x16, x10\n\t"
-        "umulh	x4, x16, x10\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x14, x13\n\t"
-        "umulh	x4, x14, x13\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x15, x12\n\t"
-        "umulh	x4, x15, x12\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x16, x11\n\t"
+        "adcs	x9, x9, x3\n\t"
         "umulh	x4, x16, x11\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
+        "adcs	x25, x25, x4\n\t"
         "adc	x26, x26, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x17, x10\n\t"
-        "umulh	x4, x17, x10\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x15, x12\n\t"
         "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x15, x13\n\t"
-        "umulh	x4, x15, x13\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        "umulh	x4, x15, x12\n\t"
+        "adcs	x25, x25, x4\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x16, x12\n\t"
-        "umulh	x4, x16, x12\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x14, x12\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x12\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x25, x25, xzr\n\t"
+        "adcs	x26, x26, xzr\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x15, x11\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x15, x11\n\t"
+        "adcs	x9, x9, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x17, x11\n\t"
+        "adcs	x25, x25, x3\n\t"
         "umulh	x4, x17, x11\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
         "adcs	x26, x26, x4\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x16, x12\n\t"
+        "adds	x25, x25, x3\n\t"
+        "umulh	x4, x16, x12\n\t"
+        "adcs	x26, x26, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x17, x13\n\t"
+        "adcs	x27, x27, x3\n\t"
+        "umulh	x28, x17, x13\n\t"
+        "adc	x28, x28, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x14, x13\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x14, x13\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x16, x13\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x16, x13\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
-        "adc	x28, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x28, x28, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x17, x10\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x17, x10\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x17, x12\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x4, x17, x12\n\t"
-        "adds	x26, x26, x3\n\t"
         "adcs	x27, x27, x4\n\t"
         "adc	x28, x28, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x17, x13\n\t"
-        "umulh	x4, x17, x13\n\t"
-        "adds	x27, x27, x3\n\t"
-        "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x9, #63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x6, x6, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x8, x8, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x9, x9, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x7, x7, %x[a]\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adcs	x9, x9, x27\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x9, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x6, x6, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x9, x9, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x9, asr 63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x9, x9, xzr\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, x27\n\t"
         /* Store */
         "stp	x6, x7, [x29, #16]\n\t"
         "stp	x8, x9, [x29, #32]\n\t"
         /* Add */
-        "ldp	x6, x7, [x29, #112]\n\t"
-        "ldp	x8, x9, [x29, #128]\n\t"
-        "adds	x10, x6, x19\n\t"
-        "adcs	x11, x7, x20\n\t"
-        "adcs	x12, x8, x21\n\t"
-        "adc	x13, x9, x22\n\t"
-        "mov	x3, #-19\n\t"
-        "asr	%x[a], x13, #63\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "ldp	x25, x26, [x29, #48]\n\t"
+        "ldp	x27, x28, [x29, #64]\n\t"
+        "adds	x10, x25, x19\n\t"
+        "adcs	x11, x26, x20\n\t"
+        "adcs	x12, x27, x21\n\t"
+        "adcs	x13, x28, x22\n\t"
+        "cset	x5, cs\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x10, x10, x3\n\t"
-        "sbcs	x11, x11, %x[a]\n\t"
-        "sbcs	x12, x12, %x[a]\n\t"
-        "sbc	x13, x13, x4\n\t"
+        "adds	x10, x10, x3\n\t"
+        "adcs	x11, x11, xzr\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "adcs	x12, x12, xzr\n\t"
+        "adc	x13, x13, xzr\n\t"
         /* Sub */
-        "subs	x19, x6, x19\n\t"
-        "sbcs	x20, x7, x20\n\t"
-        "sbcs	x21, x8, x21\n\t"
-        "sbcs	x22, x9, x22\n\t"
+        "subs	x19, x25, x19\n\t"
+        "sbcs	x20, x26, x20\n\t"
+        "sbcs	x21, x27, x21\n\t"
+        "sbcs	x22, x28, x22\n\t"
+        "csetm	x5, cc\n\t"
         "mov	x3, #-19\n\t"
-        "csetm	%x[a], cc\n\t"
-        /*   Mask the modulus */
-        "and	x3, %x[a], x3\n\t"
-        "and	x4, %x[a], #0x7fffffffffffffff\n\t"
+        "extr	x5, x5, x22, #63\n\t"
+        "mul	x3, x5, x3\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x19, x19, x3\n\t"
-        "adcs	x20, x20, %x[a]\n\t"
-        "adcs	x21, x21, %x[a]\n\t"
-        "adc	x22, x22, x4\n\t"
+        "subs	x19, x19, x3\n\t"
+        "sbcs	x20, x20, xzr\n\t"
+        "and	x22, x22, #0x7fffffffffffffff\n\t"
+        "sbcs	x21, x21, xzr\n\t"
+        "sbc	x22, x22, xzr\n\t"
         /* Square */
         /*  A[0] * A[1] */
-        "mul	x7, x10, x11\n\t"
         "umulh	x8, x10, x11\n\t"
+        "mul	x7, x10, x11\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x25, x10, x13\n\t"
+        "mul	x9, x10, x13\n\t"
         /*  A[0] * A[2] */
         "mul	x3, x10, x12\n\t"
-        "umulh	x9, x10, x12\n\t"
         "adds	x8, x8, x3\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x3, x10, x13\n\t"
-        "umulh	%x[a], x10, x13\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
+        "umulh	x4, x10, x12\n\t"
+        "adcs	x9, x9, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x11, x13\n\t"
+        "adcs	x25, x25, x3\n\t"
+        "umulh	x26, x11, x13\n\t"
+        "adc	x26, x26, xzr\n\t"
         /*  A[1] * A[2] */
         "mul	x3, x11, x12\n\t"
-        "umulh	x4, x11, x12\n\t"
         "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x3, x11, x13\n\t"
-        "umulh	x4, x11, x13\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adc	x26, x26, x4\n\t"
+        "umulh	x4, x11, x12\n\t"
+        "adcs	x25, x25, x4\n\t"
         /*  A[2] * A[3] */
         "mul	x3, x12, x13\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x27, x12, x13\n\t"
-        "adds	x26, x26, x3\n\t"
         "adc	x27, x27, xzr\n\t"
         /* Double */
         "adds	x7, x7, x7\n\t"
         "adcs	x8, x8, x8\n\t"
         "adcs	x9, x9, x9\n\t"
-        "adcs	%x[a], %x[a], %x[a]\n\t"
+        "adcs	x25, x25, x25\n\t"
         "adcs	x26, x26, x26\n\t"
         "adcs	x27, x27, x27\n\t"
         "adc	x28, xzr, xzr\n\t"
         /*  A[0] * A[0] */
+        "umulh	x4, x10, x10\n\t"
         "mul	x6, x10, x10\n\t"
-        "umulh	x5, x10, x10\n\t"
         /*  A[1] * A[1] */
         "mul	x3, x11, x11\n\t"
+        "adds	x7, x7, x4\n\t"
         "umulh	x4, x11, x11\n\t"
-        "adds	x7, x7, x5\n\t"
         "adcs	x8, x8, x3\n\t"
-        "adc	x5, x4, xzr\n\t"
         /*  A[2] * A[2] */
         "mul	x3, x12, x12\n\t"
+        "adcs	x9, x9, x4\n\t"
         "umulh	x4, x12, x12\n\t"
-        "adds	x9, x9, x5\n\t"
-        "adcs	%x[a], %x[a], x3\n\t"
-        "adc	x5, x4, xzr\n\t"
+        "adcs	x25, x25, x3\n\t"
         /*  A[3] * A[3] */
         "mul	x3, x13, x13\n\t"
+        "adcs	x26, x26, x4\n\t"
         "umulh	x4, x13, x13\n\t"
-        "adds	x26, x26, x5\n\t"
         "adcs	x27, x27, x3\n\t"
         "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x9, #63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x6, x6, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x7, x7, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x8, x8, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x9, x9, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x9, x9, x4\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x7, x7, %x[a]\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adcs	x9, x9, x27\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x9, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x6, x6, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x9, x9, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x9, asr 63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /* Store */
-        "stp	x6, x7, [x29, #80]\n\t"
-        "stp	x8, x9, [x29, #96]\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, x27\n\t"
         /* Square */
         /*  A[0] * A[1] */
-        "mul	x7, x19, x20\n\t"
-        "umulh	x8, x19, x20\n\t"
+        "umulh	x16, x19, x20\n\t"
+        "mul	x15, x19, x20\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x25, x19, x22\n\t"
+        "mul	x17, x19, x22\n\t"
         /*  A[0] * A[2] */
         "mul	x3, x19, x21\n\t"
-        "umulh	x9, x19, x21\n\t"
-        "adds	x8, x8, x3\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x3, x19, x22\n\t"
-        "umulh	%x[a], x19, x22\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x19, x21\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x20, x22\n\t"
+        "adcs	x25, x25, x3\n\t"
+        "umulh	x26, x20, x22\n\t"
+        "adc	x26, x26, xzr\n\t"
         /*  A[1] * A[2] */
         "mul	x3, x20, x21\n\t"
+        "adds	x17, x17, x3\n\t"
         "umulh	x4, x20, x21\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x3, x20, x22\n\t"
-        "umulh	x4, x20, x22\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adc	x26, x26, x4\n\t"
+        "adcs	x25, x25, x4\n\t"
         /*  A[2] * A[3] */
         "mul	x3, x21, x22\n\t"
+        "adcs	x26, x26, x3\n\t"
         "umulh	x27, x21, x22\n\t"
-        "adds	x26, x26, x3\n\t"
         "adc	x27, x27, xzr\n\t"
         /* Double */
-        "adds	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	%x[a], %x[a], %x[a]\n\t"
+        "adds	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adcs	x17, x17, x17\n\t"
+        "adcs	x25, x25, x25\n\t"
         "adcs	x26, x26, x26\n\t"
         "adcs	x27, x27, x27\n\t"
         "adc	x28, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x6, x19, x19\n\t"
-        "umulh	x5, x19, x19\n\t"
+        "umulh	x4, x19, x19\n\t"
+        "mul	x14, x19, x19\n\t"
         /*  A[1] * A[1] */
         "mul	x3, x20, x20\n\t"
+        "adds	x15, x15, x4\n\t"
         "umulh	x4, x20, x20\n\t"
-        "adds	x7, x7, x5\n\t"
-        "adcs	x8, x8, x3\n\t"
-        "adc	x5, x4, xzr\n\t"
+        "adcs	x16, x16, x3\n\t"
         /*  A[2] * A[2] */
         "mul	x3, x21, x21\n\t"
+        "adcs	x17, x17, x4\n\t"
         "umulh	x4, x21, x21\n\t"
-        "adds	x9, x9, x5\n\t"
-        "adcs	%x[a], %x[a], x3\n\t"
-        "adc	x5, x4, xzr\n\t"
+        "adcs	x25, x25, x3\n\t"
         /*  A[3] * A[3] */
         "mul	x3, x22, x22\n\t"
+        "adcs	x26, x26, x4\n\t"
         "umulh	x4, x22, x22\n\t"
-        "adds	x26, x26, x5\n\t"
         "adcs	x27, x27, x3\n\t"
         "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x9, #63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x28\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x28\n\t"
+        "adc	x5, x5, xzr\n\t"
         "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x6, x6, x4\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
         "mul	x4, x3, x26\n\t"
+        "adcs	x15, x15, x4\n\t"
         "umulh	x26, x3, x26\n\t"
-        "adcs	x7, x7, x4\n\t"
         "mul	x4, x3, x27\n\t"
+        "adcs	x16, x16, x4\n\t"
         "umulh	x27, x3, x27\n\t"
-        "adcs	x8, x8, x4\n\t"
-        "mul	x4, x3, x28\n\t"
-        "umulh	x5, x3, x28\n\t"
-        "adcs	x9, x9, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x7, x7, %x[a]\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adcs	x9, x9, x27\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
-        "extr	x5, x5, x9, #63\n\t"
-        "mul	x5, x5, x3\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x9, asr 63\n\t"
-        "and	x9, x9, #0x7fffffffffffffff\n\t"
-        "adds	x6, x6, x5\n\t"
-        "adcs	x7, x7, xzr\n\t"
-        "adcs	x8, x8, xzr\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /* Store */
-        "ldr	%x[a], [x29, #184]\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x25\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adc	x17, x17, x27\n\t"
         /* Multiply */
-        "ldp	x14, x15, [%x[a]]\n\t"
-        "ldp	x16, x17, [%x[a], #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x10, x14, x6\n\t"
-        "umulh	x11, x14, x6\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x14, x7\n\t"
-        "umulh	x12, x14, x7\n\t"
+        "ldp	x19, x20, [%x[a]]\n\t"
+        "ldp	x21, x22, [%x[a], #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x11, x19, x14\n\t"
+        "mul	x10, x19, x14\n\t"
+        /* A[2] * B[0] */
+        "umulh	x13, x21, x14\n\t"
+        "mul	x12, x21, x14\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x20, x14\n\t"
         "adds	x11, x11, x3\n\t"
-        "adc	x12, x12, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x3, x15, x6\n\t"
-        "umulh	x4, x15, x6\n\t"
+        "umulh	x4, x20, x14\n\t"
+        "adcs	x12, x12, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x26, x20, x17\n\t"
+        "adc	x13, x13, xzr\n\t"
+        "mul	x25, x20, x17\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x19, x15\n\t"
         "adds	x11, x11, x3\n\t"
+        "umulh	x4, x19, x15\n\t"
         "adcs	x12, x12, x4\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x14, x8\n\t"
-        "umulh	x4, x14, x8\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adc	x13, x13, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x15, x7\n\t"
-        "umulh	x4, x15, x7\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x21, x15\n\t"
+        "adcs	x13, x13, x3\n\t"
+        "umulh	x4, x21, x15\n\t"
+        "adcs	x25, x25, x4\n\t"
+        "adc	x26, x26, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x20, x16\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x20, x16\n\t"
+        "adcs	x25, x25, x4\n\t"
+        "adcs	x26, x26, xzr\n\t"
+        "adc	x27, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x19, x16\n\t"
         "adds	x12, x12, x3\n\t"
+        "umulh	x4, x19, x16\n\t"
         "adcs	x13, x13, x4\n\t"
-        "adc	%x[a], xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x16, x6\n\t"
-        "umulh	x4, x16, x6\n\t"
+        "adcs	x25, x25, xzr\n\t"
+        "adcs	x26, x26, xzr\n\t"
+        "adc	x27, x27, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x20, x15\n\t"
         "adds	x12, x12, x3\n\t"
+        "umulh	x4, x20, x15\n\t"
         "adcs	x13, x13, x4\n\t"
-        "adc	%x[a], %x[a], xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x14, x9\n\t"
-        "umulh	x4, x14, x9\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x15, x8\n\t"
-        "umulh	x4, x15, x8\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x3, x16, x7\n\t"
-        "umulh	x4, x16, x7\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x17, x6\n\t"
-        "umulh	x4, x17, x6\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adcs	%x[a], %x[a], x4\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x15, x9\n\t"
-        "umulh	x4, x15, x9\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
-        "adcs	x26, x26, x4\n\t"
-        "adc	x27, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x16, x8\n\t"
-        "umulh	x4, x16, x8\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x22, x15\n\t"
+        "adcs	x25, x25, x3\n\t"
+        "umulh	x4, x22, x15\n\t"
         "adcs	x26, x26, x4\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x3, x17, x7\n\t"
-        "umulh	x4, x17, x7\n\t"
-        "adds	%x[a], %x[a], x3\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x21, x16\n\t"
+        "adds	x25, x25, x3\n\t"
+        "umulh	x4, x21, x16\n\t"
         "adcs	x26, x26, x4\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x3, x16, x9\n\t"
-        "umulh	x4, x16, x9\n\t"
-        "adds	x26, x26, x3\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x22, x17\n\t"
+        "adcs	x27, x27, x3\n\t"
+        "umulh	x28, x22, x17\n\t"
+        "adc	x28, x28, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x19, x17\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x19, x17\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x21, x17\n\t"
+        "adcs	x26, x26, x3\n\t"
+        "umulh	x4, x21, x17\n\t"
         "adcs	x27, x27, x4\n\t"
-        "adc	x28, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x3, x17, x8\n\t"
-        "umulh	x4, x17, x8\n\t"
-        "adds	x26, x26, x3\n\t"
+        "adc	x28, x28, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x22, x14\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x22, x14\n\t"
+        "adcs	x25, x25, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x22, x16\n\t"
+        "adcs	x26, x26, x3\n\t"
+        "umulh	x4, x22, x16\n\t"
         "adcs	x27, x27, x4\n\t"
         "adc	x28, x28, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x17, x9\n\t"
-        "umulh	x4, x17, x9\n\t"
-        "adds	x27, x27, x3\n\t"
-        "adc	x28, x28, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x28, x28, x27, #63\n\t"
-        "extr	x27, x27, x26, #63\n\t"
-        "extr	x26, x26, %x[a], #63\n\t"
-        "extr	%x[a], %x[a], x13, #63\n\t"
-        "and	x13, x13, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x3, #19\n\t"
-        "mul	x4, x3, %x[a]\n\t"
-        "umulh	%x[a], x3, %x[a]\n\t"
-        "adds	x10, x10, x4\n\t"
-        "mul	x4, x3, x26\n\t"
-        "umulh	x26, x3, x26\n\t"
-        "adcs	x11, x11, x4\n\t"
-        "mul	x4, x3, x27\n\t"
-        "umulh	x27, x3, x27\n\t"
-        "adcs	x12, x12, x4\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x28\n\t"
+        "adds	x13, x13, x4\n\t"
         "umulh	x5, x3, x28\n\t"
-        "adcs	x13, x13, x4\n\t"
         "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x11, x11, %x[a]\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adcs	x13, x13, x27\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
+        "mov	x3, #19\n\t"
         "extr	x5, x5, x13, #63\n\t"
         "mul	x5, x5, x3\n\t"
         "and	x13, x13, #0x7fffffffffffffff\n\t"
-        "adds	x10, x10, x5\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x25\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x25, x3, x25\n\t"
+        "mul	x4, x3, x26\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x26, x3, x26\n\t"
+        "mul	x4, x3, x27\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x27, x3, x27\n\t"
         "adc	x13, x13, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x13, asr 63\n\t"
-        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x10, x10, x5\n\t"
-        "adcs	x11, x11, xzr\n\t"
-        "adcs	x12, x12, xzr\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /* Store */
-        "stp	x10, x11, [x29, #48]\n\t"
-        "stp	x12, x13, [x29, #64]\n\t"
-        "sub	x25, x25, #1\n\t"
-        "cmp	x25, #0\n\t"
+        "adcs	x11, x11, x25\n\t"
+        "adcs	x12, x12, x26\n\t"
+        "adc	x13, x13, x27\n\t"
+        "subs	x24, x24, #1\n\t"
         "bge	L_curve25519_bits_%=\n\t"
-        "mov	x25, #63\n\t"
-        "sub	x24, x24, #8\n\t"
-        "cmp	x24, #0\n\t"
-        "bge	L_curve25519_words_%=\n\t"
         /* Invert */
         "add	x0, x29, #48\n\t"
         "add	x1, x29, #16\n\t"
@@ -2407,63 +2737,199 @@ int curve25519(byte* r, const byte* n, const byte* a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x70\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x24, #3\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 5 times */
+        "mov	x24, #5\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_curve25519_inv_1_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_1_%=\n\t"
-        "add	x0, x29, #0x50\n\t"
+        "bne	L_curve25519_inv_1_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x70\n\t"
+        "add	x0, x29, #0x50\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x70\n\t"
         "add	x2, x29, #0x50\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x70\n\t"
-        "add	x1, x29, #0x50\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x24, #8\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 10 times */
+        "mov	x24, #10\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_curve25519_inv_2_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_2_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_curve25519_inv_2_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
         "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #0x70\n\t"
 #endif /* !NDEBUG */
@@ -2473,87 +2939,298 @@ int curve25519(byte* r, const byte* n, const byte* a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x90\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x24, #18\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x90\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x90\n\t"
+        /* Loop: 20 times */
+        "mov	x24, #20\n\t"
+        "ldp	x6, x7, [x29, #112]\n\t"
+        "ldp	x8, x9, [x29, #128]\n\t"
         "\n"
     "L_curve25519_inv_3_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_3_%=\n\t"
-        "add	x0, x29, #0x70\n\t"
+        "bne	L_curve25519_inv_3_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #144]\n\t"
+        "stp	x8, x9, [x29, #160]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x90\n\t"
+        "add	x0, x29, #0x70\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x90\n\t"
         "add	x2, x29, #0x70\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x24, #9\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 10 times */
+        "mov	x24, #10\n\t"
+        "ldp	x6, x7, [x29, #112]\n\t"
+        "ldp	x8, x9, [x29, #128]\n\t"
         "\n"
     "L_curve25519_inv_4_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_4_%=\n\t"
+        "bne	L_curve25519_inv_4_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
         "add	x0, x29, #0x50\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #0x50\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x70\n\t"
-        "add	x1, x29, #0x50\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x24, #48\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 50 times */
+        "mov	x24, #50\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_curve25519_inv_5_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_5_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_curve25519_inv_5_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
         "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #0x70\n\t"
 #endif /* !NDEBUG */
@@ -2563,81 +3240,299 @@ int curve25519(byte* r, const byte* n, const byte* a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x90\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x24, #0x62\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x90\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x90\n\t"
+        /* Loop: 100 times */
+        "mov	x24, #0x64\n\t"
+        "ldp	x6, x7, [x29, #112]\n\t"
+        "ldp	x8, x9, [x29, #128]\n\t"
         "\n"
     "L_curve25519_inv_6_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_6_%=\n\t"
-        "add	x0, x29, #0x70\n\t"
+        "bne	L_curve25519_inv_6_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #144]\n\t"
+        "stp	x8, x9, [x29, #160]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x90\n\t"
+        "add	x0, x29, #0x70\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x90\n\t"
         "add	x2, x29, #0x70\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x24, #49\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x70\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x70\n\t"
+        /* Loop: 50 times */
+        "mov	x24, #50\n\t"
+        "ldp	x6, x7, [x29, #112]\n\t"
+        "ldp	x8, x9, [x29, #128]\n\t"
         "\n"
     "L_curve25519_inv_7_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_7_%=\n\t"
+        "bne	L_curve25519_inv_7_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #112]\n\t"
+        "stp	x8, x9, [x29, #128]\n\t"
         "add	x0, x29, #0x50\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #0x70\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #0x50\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x24, #4\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 5 times */
+        "mov	x24, #5\n\t"
+        "ldp	x6, x7, [x29, #80]\n\t"
+        "ldp	x8, x9, [x29, #96]\n\t"
         "\n"
     "L_curve25519_inv_8_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x24, x24, #1\n\t"
-        "bcs	L_curve25519_inv_8_%=\n\t"
+        "bne	L_curve25519_inv_8_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
         "add	x0, x29, #16\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #0x50\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
@@ -2650,136 +3545,122 @@ int curve25519(byte* r, const byte* n, const byte* a)
         "ldp	x8, x9, [%x[r], #16]\n\t"
         "ldp	x10, x11, [x29, #16]\n\t"
         "ldp	x12, x13, [x29, #32]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x14, x6, x10\n\t"
+        /* A[0] * B[0] */
         "umulh	x15, x6, x10\n\t"
-        /*  A[0] * B[1] */
-        "mul	x3, x6, x11\n\t"
-        "umulh	x16, x6, x11\n\t"
-        "adds	x15, x15, x3\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[1] * B[0] */
+        "mul	x14, x6, x10\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x8, x10\n\t"
+        "mul	x16, x8, x10\n\t"
+        /* A[1] * B[0] */
         "mul	x3, x7, x10\n\t"
+        "adds	x15, x15, x3\n\t"
         "umulh	x4, x7, x10\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x7, x13\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x7, x13\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x6, x11\n\t"
         "adds	x15, x15, x3\n\t"
+        "umulh	x4, x6, x11\n\t"
         "adcs	x16, x16, x4\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x3, x6, x12\n\t"
-        "umulh	x4, x6, x12\n\t"
-        "adds	x16, x16, x3\n\t"
-        "adc	x17, x17, x4\n\t"
-        /*  A[1] * B[1] */
-        "mul	x3, x7, x11\n\t"
-        "umulh	x4, x7, x11\n\t"
-        "adds	x16, x16, x3\n\t"
-        "adcs	x17, x17, x4\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x3, x8, x10\n\t"
-        "umulh	x4, x8, x10\n\t"
-        "adds	x16, x16, x3\n\t"
-        "adcs	x17, x17, x4\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x3, x6, x13\n\t"
-        "umulh	x4, x6, x13\n\t"
-        "adds	x17, x17, x3\n\t"
-        "adcs	x19, x19, x4\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x3, x7, x12\n\t"
-        "umulh	x4, x7, x12\n\t"
-        "adds	x17, x17, x3\n\t"
-        "adcs	x19, x19, x4\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[2] * B[1] */
+        /* A[2] * B[1] */
         "mul	x3, x8, x11\n\t"
+        "adcs	x17, x17, x3\n\t"
         "umulh	x4, x8, x11\n\t"
-        "adds	x17, x17, x3\n\t"
         "adcs	x19, x19, x4\n\t"
         "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x3, x9, x10\n\t"
-        "umulh	x4, x9, x10\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x7, x12\n\t"
         "adds	x17, x17, x3\n\t"
+        "umulh	x4, x7, x12\n\t"
         "adcs	x19, x19, x4\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x3, x7, x13\n\t"
-        "umulh	x4, x7, x13\n\t"
-        "adds	x19, x19, x3\n\t"
-        "adcs	x20, x20, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
         "adc	x21, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x3, x8, x12\n\t"
-        "umulh	x4, x8, x12\n\t"
-        "adds	x19, x19, x3\n\t"
-        "adcs	x20, x20, x4\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x6, x12\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x6, x12\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
         "adc	x21, x21, xzr\n\t"
-        /*  A[3] * B[1] */
+        /* A[1] * B[1] */
+        "mul	x3, x7, x11\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x7, x11\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
         "mul	x3, x9, x11\n\t"
+        "adcs	x19, x19, x3\n\t"
         "umulh	x4, x9, x11\n\t"
-        "adds	x19, x19, x3\n\t"
         "adcs	x20, x20, x4\n\t"
         "adc	x21, x21, xzr\n\t"
-        /*  A[2] * B[3] */
+        /* A[2] * B[2] */
+        "mul	x3, x8, x12\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x8, x12\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x9, x13\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x9, x13\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x6, x13\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x6, x13\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
         "mul	x3, x8, x13\n\t"
+        "adcs	x20, x20, x3\n\t"
         "umulh	x4, x8, x13\n\t"
-        "adds	x20, x20, x3\n\t"
         "adcs	x21, x21, x4\n\t"
-        "adc	x22, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
+        "adc	x22, x22, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x9, x10\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x9, x10\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
         "mul	x3, x9, x12\n\t"
+        "adcs	x20, x20, x3\n\t"
         "umulh	x4, x9, x12\n\t"
-        "adds	x20, x20, x3\n\t"
         "adcs	x21, x21, x4\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x3, x9, x13\n\t"
-        "umulh	x4, x9, x13\n\t"
-        "adds	x21, x21, x3\n\t"
-        "adc	x22, x22, x4\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x22, x22, x21, #63\n\t"
-        "extr	x21, x21, x20, #63\n\t"
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "and	x17, x17, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
         "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
         "mul	x4, x3, x19\n\t"
-        "umulh	x19, x3, x19\n\t"
         "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
         "mul	x4, x3, x20\n\t"
-        "umulh	x20, x3, x20\n\t"
         "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
         "mul	x4, x3, x21\n\t"
-        "umulh	x21, x3, x21\n\t"
         "adcs	x16, x16, x4\n\t"
-        "mul	x4, x3, x22\n\t"
-        "umulh	x5, x3, x22\n\t"
-        "adcs	x17, x17, x4\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x15, x15, x19\n\t"
-        "adcs	x16, x16, x20\n\t"
-        "adcs	x17, x17, x21\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  Overflow */
-        "extr	x5, x5, x17, #63\n\t"
-        "mul	x5, x5, x3\n\t"
-        "and	x17, x17, #0x7fffffffffffffff\n\t"
-        "adds	x14, x14, x5\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adcs	x16, x16, xzr\n\t"
+        "umulh	x21, x3, x21\n\t"
         "adc	x17, x17, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x5, x3, x17, asr 63\n\t"
-        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
+        /* Reduce if top bit set */
+        "mov	x3, #19\n\t"
+        "and	x4, x3, x17, asr 63\n\t"
+        "adds	x14, x14, x4\n\t"
         "adcs	x15, x15, xzr\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
         "adcs	x16, x16, xzr\n\t"
         "adc	x17, x17, xzr\n\t"
         "adds	x4, x14, x3\n\t"
@@ -2800,11 +3681,12 @@ int curve25519(byte* r, const byte* n, const byte* a)
         "ldp	x29, x30, [sp], #0xc0\n\t"
         : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
         :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#ifdef HAVE_ED25519
 void fe_pow22523(fe r, const fe a)
 {
     __asm__ __volatile__ (
@@ -2877,28 +3759,100 @@ void fe_pow22523(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #48\n\t"
-        "add	x1, x29, #16\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x23, #3\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 5 times */
+        "mov	x23, #5\n\t"
+        "ldp	x6, x7, [x29, #16]\n\t"
+        "ldp	x8, x9, [x29, #32]\n\t"
         "\n"
     "L_fe_pow22523_1_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_1_%=\n\t"
+        "bne	L_fe_pow22523_1_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
+#ifndef NDEBUG
         "add	x0, x29, #16\n\t"
+#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #48\n\t"
 #endif /* !NDEBUG */
@@ -2908,30 +3862,98 @@ void fe_pow22523(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #48\n\t"
-        "add	x1, x29, #16\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x23, #8\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 10 times */
+        "mov	x23, #10\n\t"
+        "ldp	x6, x7, [x29, #16]\n\t"
+        "ldp	x8, x9, [x29, #32]\n\t"
         "\n"
     "L_fe_pow22523_2_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_2_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_fe_pow22523_2_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
         "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #48\n\t"
 #endif /* !NDEBUG */
@@ -2941,87 +3963,298 @@ void fe_pow22523(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x50\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x23, #18\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 20 times */
+        "mov	x23, #20\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_pow22523_3_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_3_%=\n\t"
-        "add	x0, x29, #48\n\t"
+        "bne	L_fe_pow22523_3_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
+        "add	x0, x29, #48\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x50\n\t"
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x23, #9\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 10 times */
+        "mov	x23, #10\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_pow22523_4_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_4_%=\n\t"
+        "bne	L_fe_pow22523_4_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
         "add	x0, x29, #16\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #16\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #48\n\t"
-        "add	x1, x29, #16\n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x23, #48\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 50 times */
+        "mov	x23, #50\n\t"
+        "ldp	x6, x7, [x29, #16]\n\t"
+        "ldp	x8, x9, [x29, #32]\n\t"
         "\n"
     "L_fe_pow22523_5_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_5_%=\n\t"
-#ifndef NDEBUG
+        "bne	L_fe_pow22523_5_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
         "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
 #ifndef NDEBUG
         "add	x1, x29, #48\n\t"
 #endif /* !NDEBUG */
@@ -3031,77 +4264,220 @@ void fe_pow22523(fe r, const fe a)
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "add	x0, x29, #0x50\n\t"
-#ifndef NDEBUG
-        "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
-        "mov	x23, #0x62\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #0x50\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #0x50\n\t"
+        /* Loop: 100 times */
+        "mov	x23, #0x64\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_pow22523_6_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_6_%=\n\t"
-        "add	x0, x29, #48\n\t"
+        "bne	L_fe_pow22523_6_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #80]\n\t"
+        "stp	x8, x9, [x29, #96]\n\t"
 #ifndef NDEBUG
-        "add	x1, x29, #0x50\n\t"
+        "add	x0, x29, #48\n\t"
 #endif /* !NDEBUG */
+        "add	x1, x29, #0x50\n\t"
         "add	x2, x29, #48\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x23, #49\n\t"
-#ifndef NDEBUG
-        "add	x0, x29, #48\n\t"
-#endif /* !NDEBUG */
-        "add	x1, x29, #48\n\t"
+        /* Loop: 50 times */
+        "mov	x23, #50\n\t"
+        "ldp	x6, x7, [x29, #48]\n\t"
+        "ldp	x8, x9, [x29, #64]\n\t"
         "\n"
     "L_fe_pow22523_7_%=: \n\t"
-#ifndef __APPLE__
-        "bl	fe_sq\n\t"
-#else
-        "bl	_fe_sq\n\t"
-#endif /* __APPLE__ */
+        /* Square */
+        /*  A[0] * A[1] */
+        "umulh	x12, x6, x7\n\t"
+        "mul	x11, x6, x7\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x14, x6, x9\n\t"
+        "mul	x13, x6, x9\n\t"
+        /*  A[0] * A[2] */
+        "mul	x3, x6, x8\n\t"
+        "adds	x12, x12, x3\n\t"
+        "umulh	x4, x6, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        /*  A[1] * A[3] */
+        "mul	x3, x7, x9\n\t"
+        "adcs	x14, x14, x3\n\t"
+        "umulh	x15, x7, x9\n\t"
+        "adc	x15, x15, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x3, x7, x8\n\t"
+        "adds	x13, x13, x3\n\t"
+        "umulh	x4, x7, x8\n\t"
+        "adcs	x14, x14, x4\n\t"
+        /*  A[2] * A[3] */
+        "mul	x3, x8, x9\n\t"
+        "adcs	x15, x15, x3\n\t"
+        "umulh	x16, x8, x9\n\t"
+        "adc	x16, x16, xzr\n\t"
+        /* Double */
+        "adds	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adcs	x15, x15, x15\n\t"
+        "adcs	x16, x16, x16\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        /*  A[0] * A[0] */
+        "umulh	x4, x6, x6\n\t"
+        "mul	x10, x6, x6\n\t"
+        /*  A[1] * A[1] */
+        "mul	x3, x7, x7\n\t"
+        "adds	x11, x11, x4\n\t"
+        "umulh	x4, x7, x7\n\t"
+        "adcs	x12, x12, x3\n\t"
+        /*  A[2] * A[2] */
+        "mul	x3, x8, x8\n\t"
+        "adcs	x13, x13, x4\n\t"
+        "umulh	x4, x8, x8\n\t"
+        "adcs	x14, x14, x3\n\t"
+        /*  A[3] * A[3] */
+        "mul	x3, x9, x9\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x4, x9, x9\n\t"
+        "adcs	x16, x16, x3\n\t"
+        "adc	x17, x17, x4\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x17\n\t"
+        "adds	x13, x13, x4\n\t"
+        "umulh	x5, x3, x17\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x13, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x13, x13, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x14\n\t"
+        "adds	x10, x10, x4\n\t"
+        "umulh	x14, x3, x14\n\t"
+        "mul	x4, x3, x15\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "umulh	x15, x3, x15\n\t"
+        "mul	x4, x3, x16\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "umulh	x16, x3, x16\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x6, x10, x5\n\t"
+        "adcs	x7, x11, x14\n\t"
+        "adcs	x8, x12, x15\n\t"
+        "adc	x9, x13, x16\n\t"
         "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_7_%=\n\t"
+        "bne	L_fe_pow22523_7_%=\n\t"
+        /* Store */
+        "stp	x6, x7, [x29, #48]\n\t"
+        "stp	x8, x9, [x29, #64]\n\t"
         "add	x0, x29, #16\n\t"
-#ifndef NDEBUG
         "add	x1, x29, #48\n\t"
-#endif /* !NDEBUG */
         "add	x2, x29, #16\n\t"
 #ifndef __APPLE__
         "bl	fe_mul\n\t"
 #else
         "bl	_fe_mul\n\t"
 #endif /* __APPLE__ */
-        "mov	x23, #1\n\t"
 #ifndef NDEBUG
         "add	x0, x29, #16\n\t"
 #endif /* !NDEBUG */
         "add	x1, x29, #16\n\t"
-        "\n"
-    "L_fe_pow22523_8_%=: \n\t"
 #ifndef __APPLE__
         "bl	fe_sq\n\t"
 #else
         "bl	_fe_sq\n\t"
 #endif /* __APPLE__ */
-        "subs	x23, x23, #1\n\t"
-        "bcs	L_fe_pow22523_8_%=\n\t"
+#ifndef __APPLE__
+        "bl	fe_sq\n\t"
+#else
+        "bl	_fe_sq\n\t"
+#endif /* __APPLE__ */
         "ldr	x0, [x29, #112]\n\t"
 #ifndef NDEBUG
         "add	x1, x29, #16\n\t"
@@ -3115,1466 +4491,1234 @@ void fe_pow22523(fe r, const fe a)
         "ldp	x29, x30, [sp], #0x80\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "x2", "x23"
+        : "memory", "x2", "x23", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
     );
 }
 
-void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py, const fe pz, const fe pt)
+void ge_p1p1_to_p2(ge_p2* r, const ge_p1p1* p)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-64]!\n\t"
+        "stp	x29, x30, [sp, #-32]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[ry], [x29, #16]\n\t"
-        "str	%x[rz], [x29, #24]\n\t"
-        "str	%x[px], [x29, #32]\n\t"
-        "str	%x[py], [x29, #40]\n\t"
-        "str	%x[pz], [x29, #48]\n\t"
-        "str	%x[pt], [x29, #56]\n\t"
-        "ldr	x1, [x29, #32]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "mov	x2, x1\n\t"
+        "add	x1, x1, #0x60\n\t"
         /* Multiply */
-        "ldp	x11, x12, [x1]\n\t"
-        "ldp	x13, x14, [x1, #16]\n\t"
-        "ldp	x15, x16, [x2]\n\t"
-        "ldp	x17, x19, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x11, x15\n\t"
-        "umulh	x4, x11, x15\n\t"
-        /*  A[0] * B[1] */
-        "mul	x20, x11, x16\n\t"
-        "umulh	x5, x11, x16\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x20, x12, x15\n\t"
-        "umulh	x21, x12, x15\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x20, x11, x17\n\t"
-        "umulh	x21, x11, x17\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adc	x6, x6, x21\n\t"
-        /*  A[1] * B[1] */
-        "mul	x20, x12, x16\n\t"
-        "umulh	x21, x12, x16\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x20, x13, x15\n\t"
-        "umulh	x21, x13, x15\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x20, x11, x19\n\t"
-        "umulh	x21, x11, x19\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x20, x12, x17\n\t"
-        "umulh	x21, x12, x17\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x20, x13, x16\n\t"
-        "umulh	x21, x13, x16\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x20, x14, x15\n\t"
-        "umulh	x21, x14, x15\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x20, x12, x19\n\t"
-        "umulh	x21, x12, x19\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x20, x13, x17\n\t"
-        "umulh	x21, x13, x17\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x20, x14, x16\n\t"
-        "umulh	x21, x14, x16\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x20, x13, x19\n\t"
-        "umulh	x21, x13, x19\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x20, x14, x17\n\t"
-        "umulh	x21, x14, x17\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x20, x14, x19\n\t"
-        "umulh	x21, x14, x19\n\t"
-        "adds	x9, x9, x20\n\t"
-        "adc	x10, x10, x21\n\t"
-        /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x20, #19\n\t"
-        "mul	x21, x20, x7\n\t"
-        "umulh	x7, x20, x7\n\t"
-        "adds	x3, x3, x21\n\t"
-        "mul	x21, x20, x8\n\t"
-        "umulh	x8, x20, x8\n\t"
-        "adcs	x4, x4, x21\n\t"
-        "mul	x21, x20, x9\n\t"
-        "umulh	x9, x20, x9\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "mul	x21, x20, x10\n\t"
-        "umulh	x22, x20, x10\n\t"
-        "adcs	x6, x6, x21\n\t"
+        "ldp	x10, x11, [x1]\n\t"
+        "ldp	x12, x13, [x1, #16]\n\t"
+        "ldp	x6, x7, [x2]\n\t"
+        "ldp	x8, x9, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x10, x6\n\t"
+        "mul	x14, x10, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x12, x6\n\t"
+        "mul	x16, x12, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x11, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x11, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x11, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x10, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x12, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x12, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x11, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x10, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x11, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x11, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x13, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x13, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x12, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x12, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x13, x9\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x10, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x12, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x12, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Overflow */
-        "extr	x22, x22, x6, #63\n\t"
-        "mul	x22, x22, x20\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x22, x20, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x13, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x13, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x13, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldr	x0, [x29, #16]\n\t"
-        "ldr	x1, [x29, #40]\n\t"
-        "ldr	x2, [x29, #48]\n\t"
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "sub	x2, x1, #32\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x11, x12, [x1]\n\t"
-        "ldp	x13, x14, [x1, #16]\n\t"
-        "ldp	x15, x16, [x2]\n\t"
-        "ldp	x17, x19, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x11, x15\n\t"
-        "umulh	x4, x11, x15\n\t"
-        /*  A[0] * B[1] */
-        "mul	x20, x11, x16\n\t"
-        "umulh	x5, x11, x16\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x20, x12, x15\n\t"
-        "umulh	x21, x12, x15\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x20, x11, x17\n\t"
-        "umulh	x21, x11, x17\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adc	x6, x6, x21\n\t"
-        /*  A[1] * B[1] */
-        "mul	x20, x12, x16\n\t"
-        "umulh	x21, x12, x16\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x20, x13, x15\n\t"
-        "umulh	x21, x13, x15\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x20, x11, x19\n\t"
-        "umulh	x21, x11, x19\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x20, x12, x17\n\t"
-        "umulh	x21, x12, x17\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x20, x13, x16\n\t"
-        "umulh	x21, x13, x16\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x20, x14, x15\n\t"
-        "umulh	x21, x14, x15\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x20, x12, x19\n\t"
-        "umulh	x21, x12, x19\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x20, x13, x17\n\t"
-        "umulh	x21, x13, x17\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x20, x14, x16\n\t"
-        "umulh	x21, x14, x16\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x20, x13, x19\n\t"
-        "umulh	x21, x13, x19\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x20, x14, x17\n\t"
-        "umulh	x21, x14, x17\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x20, x14, x19\n\t"
-        "umulh	x21, x14, x19\n\t"
-        "adds	x9, x9, x20\n\t"
-        "adc	x10, x10, x21\n\t"
-        /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x20, #19\n\t"
-        "mul	x21, x20, x7\n\t"
-        "umulh	x7, x20, x7\n\t"
-        "adds	x3, x3, x21\n\t"
-        "mul	x21, x20, x8\n\t"
-        "umulh	x8, x20, x8\n\t"
-        "adcs	x4, x4, x21\n\t"
-        "mul	x21, x20, x9\n\t"
-        "umulh	x9, x20, x9\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "mul	x21, x20, x10\n\t"
-        "umulh	x22, x20, x10\n\t"
-        "adcs	x6, x6, x21\n\t"
+        "ldp	x6, x7, [x2]\n\t"
+        "ldp	x8, x9, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x10, x6\n\t"
+        "mul	x14, x10, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x12, x6\n\t"
+        "mul	x16, x12, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x11, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x11, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x11, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x10, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x12, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x12, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x11, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x10, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x11, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x11, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x13, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x13, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x12, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x12, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x13, x9\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x10, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x12, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x12, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Overflow */
-        "extr	x22, x22, x6, #63\n\t"
-        "mul	x22, x22, x20\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x22, x20, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x13, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x13, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x13, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "sub	x1, x1, #0x40\n\t"
+        "sub	x0, x0, #32\n\t"
         /* Multiply */
-        "ldp	x11, x12, [x2]\n\t"
-        "ldp	x13, x14, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x15, x11\n\t"
-        "umulh	x4, x15, x11\n\t"
-        /*  A[0] * B[1] */
-        "mul	x20, x15, x12\n\t"
-        "umulh	x5, x15, x12\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x20, x16, x11\n\t"
-        "umulh	x21, x16, x11\n\t"
-        "adds	x4, x4, x20\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x20, x15, x13\n\t"
-        "umulh	x21, x15, x13\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adc	x6, x6, x21\n\t"
-        /*  A[1] * B[1] */
-        "mul	x20, x16, x12\n\t"
-        "umulh	x21, x16, x12\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x20, x17, x11\n\t"
-        "umulh	x21, x17, x11\n\t"
-        "adds	x5, x5, x20\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x20, x15, x14\n\t"
-        "umulh	x21, x15, x14\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x20, x16, x13\n\t"
-        "umulh	x21, x16, x13\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x20, x17, x12\n\t"
-        "umulh	x21, x17, x12\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x20, x19, x11\n\t"
-        "umulh	x21, x19, x11\n\t"
-        "adds	x6, x6, x20\n\t"
-        "adcs	x7, x7, x21\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x20, x16, x14\n\t"
-        "umulh	x21, x16, x14\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x20, x17, x13\n\t"
-        "umulh	x21, x17, x13\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x20, x19, x12\n\t"
-        "umulh	x21, x19, x12\n\t"
-        "adds	x7, x7, x20\n\t"
-        "adcs	x8, x8, x21\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x20, x17, x14\n\t"
-        "umulh	x21, x17, x14\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x20, x19, x13\n\t"
-        "umulh	x21, x19, x13\n\t"
-        "adds	x8, x8, x20\n\t"
-        "adcs	x9, x9, x21\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x20, x19, x14\n\t"
-        "umulh	x21, x19, x14\n\t"
-        "adds	x9, x9, x20\n\t"
-        "adc	x10, x10, x21\n\t"
-        /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x20, #19\n\t"
-        "mul	x21, x20, x7\n\t"
-        "umulh	x7, x20, x7\n\t"
-        "adds	x3, x3, x21\n\t"
-        "mul	x21, x20, x8\n\t"
-        "umulh	x8, x20, x8\n\t"
-        "adcs	x4, x4, x21\n\t"
-        "mul	x21, x20, x9\n\t"
-        "umulh	x9, x20, x9\n\t"
-        "adcs	x5, x5, x21\n\t"
-        "mul	x21, x20, x10\n\t"
-        "umulh	x22, x20, x10\n\t"
-        "adcs	x6, x6, x21\n\t"
+        "ldp	x10, x11, [x1]\n\t"
+        "ldp	x12, x13, [x1, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x10, x6\n\t"
+        "mul	x14, x10, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x12, x6\n\t"
+        "mul	x16, x12, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x11, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x11, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x11, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x10, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x12, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x12, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x11, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x10, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x11, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x11, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x13, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x13, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x12, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x12, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x13, x9\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x10, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x12, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x12, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
         "adc	x22, x22, xzr\n\t"
-        /*  Overflow */
-        "extr	x22, x22, x6, #63\n\t"
-        "mul	x22, x22, x20\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x22, x20, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x22\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x13, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x13, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x13, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* Reduce */
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x40\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt)
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "ldp	x29, x30, [sp], #32\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
     );
 }
 
-void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt)
+void ge_p1p1_to_p3(ge_p3* r, const ge_p1p1* p)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-96]!\n\t"
+        "stp	x29, x30, [sp, #-32]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[ry], [x29, #16]\n\t"
-        "str	%x[rz], [x29, #24]\n\t"
-        "str	%x[rt], [x29, #32]\n\t"
-        "str	%x[px], [x29, #40]\n\t"
-        "str	%x[py], [x29, #48]\n\t"
-        "str	%x[pz], [x29, #56]\n\t"
-        "str	%x[pt], [x29, #64]\n\t"
-        "ldr	x1, [x29, #40]\n\t"
-        "ldr	x2, [x29, #64]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "mov	x2, x1\n\t"
+        "add	x1, x1, #0x60\n\t"
         /* Multiply */
-        "ldp	x11, x12, [x1]\n\t"
-        "ldp	x13, x14, [x1, #16]\n\t"
-        "ldp	x15, x16, [x2]\n\t"
-        "ldp	x17, x19, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x11, x15\n\t"
-        "umulh	x4, x11, x15\n\t"
-        /*  A[0] * B[1] */
-        "mul	x24, x11, x16\n\t"
-        "umulh	x5, x11, x16\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x24, x12, x15\n\t"
-        "umulh	x25, x12, x15\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x24, x11, x17\n\t"
-        "umulh	x25, x11, x17\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adc	x6, x6, x25\n\t"
-        /*  A[1] * B[1] */
-        "mul	x24, x12, x16\n\t"
-        "umulh	x25, x12, x16\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x24, x13, x15\n\t"
-        "umulh	x25, x13, x15\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x24, x11, x19\n\t"
-        "umulh	x25, x11, x19\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x24, x12, x17\n\t"
-        "umulh	x25, x12, x17\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x24, x13, x16\n\t"
-        "umulh	x25, x13, x16\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x24, x14, x15\n\t"
-        "umulh	x25, x14, x15\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x24, x12, x19\n\t"
-        "umulh	x25, x12, x19\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x24, x13, x17\n\t"
-        "umulh	x25, x13, x17\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x24, x14, x16\n\t"
-        "umulh	x25, x14, x16\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x24, x13, x19\n\t"
-        "umulh	x25, x13, x19\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x24, x14, x17\n\t"
-        "umulh	x25, x14, x17\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x24, x14, x19\n\t"
-        "umulh	x25, x14, x19\n\t"
-        "adds	x9, x9, x24\n\t"
-        "adc	x10, x10, x25\n\t"
+        "ldp	x10, x11, [x1]\n\t"
+        "ldp	x12, x13, [x1, #16]\n\t"
+        "ldp	x6, x7, [x2]\n\t"
+        "ldp	x8, x9, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x10, x6\n\t"
+        "mul	x14, x10, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x12, x6\n\t"
+        "mul	x16, x12, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x11, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x11, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x11, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x10, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x12, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x12, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x11, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x10, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x11, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x11, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x13, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x13, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x12, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x12, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x13, x9\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x10, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x12, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x12, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x13, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x13, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x13, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x24, #19\n\t"
-        "mul	x25, x24, x7\n\t"
-        "umulh	x7, x24, x7\n\t"
-        "adds	x3, x3, x25\n\t"
-        "mul	x25, x24, x8\n\t"
-        "umulh	x8, x24, x8\n\t"
-        "adcs	x4, x4, x25\n\t"
-        "mul	x25, x24, x9\n\t"
-        "umulh	x9, x24, x9\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "mul	x25, x24, x10\n\t"
-        "umulh	x26, x24, x10\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Overflow */
-        "extr	x26, x26, x6, #63\n\t"
-        "mul	x26, x26, x24\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x26, x24, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x2, [x29, #48]\n\t"
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "sub	x1, x1, #0x40\n\t"
+        "add	x0, x0, #0x60\n\t"
         /* Multiply */
-        "ldp	x20, x21, [x2]\n\t"
-        "ldp	x22, x23, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x11, x20\n\t"
-        "umulh	x4, x11, x20\n\t"
-        /*  A[0] * B[1] */
-        "mul	x24, x11, x21\n\t"
-        "umulh	x5, x11, x21\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x24, x12, x20\n\t"
-        "umulh	x25, x12, x20\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x24, x11, x22\n\t"
-        "umulh	x25, x11, x22\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adc	x6, x6, x25\n\t"
-        /*  A[1] * B[1] */
-        "mul	x24, x12, x21\n\t"
-        "umulh	x25, x12, x21\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x24, x13, x20\n\t"
-        "umulh	x25, x13, x20\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x24, x11, x23\n\t"
-        "umulh	x25, x11, x23\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x24, x12, x22\n\t"
-        "umulh	x25, x12, x22\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x24, x13, x21\n\t"
-        "umulh	x25, x13, x21\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x24, x14, x20\n\t"
-        "umulh	x25, x14, x20\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x24, x12, x23\n\t"
-        "umulh	x25, x12, x23\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x24, x13, x22\n\t"
-        "umulh	x25, x13, x22\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x24, x14, x21\n\t"
-        "umulh	x25, x14, x21\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x24, x13, x23\n\t"
-        "umulh	x25, x13, x23\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x24, x14, x22\n\t"
-        "umulh	x25, x14, x22\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x24, x14, x23\n\t"
-        "umulh	x25, x14, x23\n\t"
-        "adds	x9, x9, x24\n\t"
-        "adc	x10, x10, x25\n\t"
+        "ldp	x23, x24, [x1]\n\t"
+        "ldp	x25, x26, [x1, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x23, x6\n\t"
+        "mul	x14, x23, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x25, x6\n\t"
+        "mul	x16, x25, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x24, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x24, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x24, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x24, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x23, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x23, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x25, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x25, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x24, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x24, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x23, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x23, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x24, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x24, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x26, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x26, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x25, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x25, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x26, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x26, x9\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x23, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x23, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x25, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x25, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x26, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x26, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x26, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x26, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x24, #19\n\t"
-        "mul	x25, x24, x7\n\t"
-        "umulh	x7, x24, x7\n\t"
-        "adds	x3, x3, x25\n\t"
-        "mul	x25, x24, x8\n\t"
-        "umulh	x8, x24, x8\n\t"
-        "adcs	x4, x4, x25\n\t"
-        "mul	x25, x24, x9\n\t"
-        "umulh	x9, x24, x9\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "mul	x25, x24, x10\n\t"
-        "umulh	x26, x24, x10\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Overflow */
-        "extr	x26, x26, x6, #63\n\t"
-        "mul	x26, x26, x24\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x26, x24, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldr	x0, [x29, #16]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "add	x2, x1, #32\n\t"
+        "sub	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x11, x12, [x2]\n\t"
-        "ldp	x13, x14, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x3, x20, x11\n\t"
-        "umulh	x4, x20, x11\n\t"
-        /*  A[0] * B[1] */
-        "mul	x24, x20, x12\n\t"
-        "umulh	x5, x20, x12\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x24, x21, x11\n\t"
-        "umulh	x25, x21, x11\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x24, x20, x13\n\t"
-        "umulh	x25, x20, x13\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adc	x6, x6, x25\n\t"
-        /*  A[1] * B[1] */
-        "mul	x24, x21, x12\n\t"
-        "umulh	x25, x21, x12\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x24, x22, x11\n\t"
-        "umulh	x25, x22, x11\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x24, x20, x14\n\t"
-        "umulh	x25, x20, x14\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x24, x21, x13\n\t"
-        "umulh	x25, x21, x13\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x24, x22, x12\n\t"
-        "umulh	x25, x22, x12\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x24, x23, x11\n\t"
-        "umulh	x25, x23, x11\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x24, x21, x14\n\t"
-        "umulh	x25, x21, x14\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x24, x22, x13\n\t"
-        "umulh	x25, x22, x13\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x24, x23, x12\n\t"
-        "umulh	x25, x23, x12\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x24, x22, x14\n\t"
-        "umulh	x25, x22, x14\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x24, x23, x13\n\t"
-        "umulh	x25, x23, x13\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x24, x23, x14\n\t"
-        "umulh	x25, x23, x14\n\t"
-        "adds	x9, x9, x24\n\t"
-        "adc	x10, x10, x25\n\t"
+        "ldp	x6, x7, [x2]\n\t"
+        "ldp	x8, x9, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x23, x6\n\t"
+        "mul	x14, x23, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x25, x6\n\t"
+        "mul	x16, x25, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x24, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x24, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x24, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x24, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x23, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x23, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x25, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x25, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x24, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x24, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x23, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x23, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x24, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x24, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x26, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x26, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x25, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x25, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x26, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x26, x9\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x23, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x23, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x25, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x25, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x26, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x26, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x26, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x26, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x24, #19\n\t"
-        "mul	x25, x24, x7\n\t"
-        "umulh	x7, x24, x7\n\t"
-        "adds	x3, x3, x25\n\t"
-        "mul	x25, x24, x8\n\t"
-        "umulh	x8, x24, x8\n\t"
-        "adcs	x4, x4, x25\n\t"
-        "mul	x25, x24, x9\n\t"
-        "umulh	x9, x24, x9\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "mul	x25, x24, x10\n\t"
-        "umulh	x26, x24, x10\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Overflow */
-        "extr	x26, x26, x6, #63\n\t"
-        "mul	x26, x26, x24\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x26, x24, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldr	x0, [x29, #24]\n\t"
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "add	x1, x1, #0x40\n\t"
+        "add	x0, x0, #32\n\t"
         /* Multiply */
-        /*  A[0] * B[0] */
-        "mul	x3, x11, x15\n\t"
-        "umulh	x4, x11, x15\n\t"
-        /*  A[0] * B[1] */
-        "mul	x24, x11, x16\n\t"
-        "umulh	x5, x11, x16\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adc	x5, x5, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x24, x12, x15\n\t"
-        "umulh	x25, x12, x15\n\t"
-        "adds	x4, x4, x24\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "adc	x6, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x24, x11, x17\n\t"
-        "umulh	x25, x11, x17\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adc	x6, x6, x25\n\t"
-        /*  A[1] * B[1] */
-        "mul	x24, x12, x16\n\t"
-        "umulh	x25, x12, x16\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x24, x13, x15\n\t"
-        "umulh	x25, x13, x15\n\t"
-        "adds	x5, x5, x24\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x24, x11, x19\n\t"
-        "umulh	x25, x11, x19\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x24, x12, x17\n\t"
-        "umulh	x25, x12, x17\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x24, x13, x16\n\t"
-        "umulh	x25, x13, x16\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x24, x14, x15\n\t"
-        "umulh	x25, x14, x15\n\t"
-        "adds	x6, x6, x24\n\t"
-        "adcs	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x24, x12, x19\n\t"
-        "umulh	x25, x12, x19\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x24, x13, x17\n\t"
-        "umulh	x25, x13, x17\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x24, x14, x16\n\t"
-        "umulh	x25, x14, x16\n\t"
-        "adds	x7, x7, x24\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x24, x13, x19\n\t"
-        "umulh	x25, x13, x19\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x24, x14, x17\n\t"
-        "umulh	x25, x14, x17\n\t"
-        "adds	x8, x8, x24\n\t"
-        "adcs	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x24, x14, x19\n\t"
-        "umulh	x25, x14, x19\n\t"
-        "adds	x9, x9, x24\n\t"
-        "adc	x10, x10, x25\n\t"
+        /* A[0] * B[0] */
+        "umulh	x15, x10, x6\n\t"
+        "mul	x14, x10, x6\n\t"
+        /* A[2] * B[0] */
+        "umulh	x17, x12, x6\n\t"
+        "mul	x16, x12, x6\n\t"
+        /* A[1] * B[0] */
+        "mul	x3, x11, x6\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x11, x6\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[1] * B[3] */
+        "umulh	x20, x11, x9\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "mul	x19, x11, x9\n\t"
+        /* A[0] * B[1] */
+        "mul	x3, x10, x7\n\t"
+        "adds	x15, x15, x3\n\t"
+        "umulh	x4, x10, x7\n\t"
+        "adcs	x16, x16, x4\n\t"
+        /* A[2] * B[1] */
+        "mul	x3, x12, x7\n\t"
+        "adcs	x17, x17, x3\n\t"
+        "umulh	x4, x12, x7\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x3, x11, x8\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x11, x8\n\t"
+        "adcs	x19, x19, x4\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x3, x10, x8\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x10, x8\n\t"
+        "adcs	x17, x17, x4\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adcs	x20, x20, xzr\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x3, x11, x7\n\t"
+        "adds	x16, x16, x3\n\t"
+        "umulh	x4, x11, x7\n\t"
+        "adcs	x17, x17, x4\n\t"
+        /* A[3] * B[1] */
+        "mul	x3, x13, x7\n\t"
+        "adcs	x19, x19, x3\n\t"
+        "umulh	x4, x13, x7\n\t"
+        "adcs	x20, x20, x4\n\t"
+        "adc	x21, x21, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x3, x12, x8\n\t"
+        "adds	x19, x19, x3\n\t"
+        "umulh	x4, x12, x8\n\t"
+        "adcs	x20, x20, x4\n\t"
+        /* A[3] * B[3] */
+        "mul	x3, x13, x9\n\t"
+        "adcs	x21, x21, x3\n\t"
+        "umulh	x22, x13, x9\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x3, x10, x9\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x10, x9\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[2] * B[3] */
+        "mul	x3, x12, x9\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x12, x9\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x3, x13, x6\n\t"
+        "adds	x17, x17, x3\n\t"
+        "umulh	x4, x13, x6\n\t"
+        "adcs	x19, x19, x4\n\t"
+        /* A[3] * B[2] */
+        "mul	x3, x13, x8\n\t"
+        "adcs	x20, x20, x3\n\t"
+        "umulh	x4, x13, x8\n\t"
+        "adcs	x21, x21, x4\n\t"
+        "adc	x22, x22, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x24, #19\n\t"
-        "mul	x25, x24, x7\n\t"
-        "umulh	x7, x24, x7\n\t"
-        "adds	x3, x3, x25\n\t"
-        "mul	x25, x24, x8\n\t"
-        "umulh	x8, x24, x8\n\t"
-        "adcs	x4, x4, x25\n\t"
-        "mul	x25, x24, x9\n\t"
-        "umulh	x9, x24, x9\n\t"
-        "adcs	x5, x5, x25\n\t"
-        "mul	x25, x24, x10\n\t"
-        "umulh	x26, x24, x10\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x7\n\t"
-        "adcs	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adc	x26, x26, xzr\n\t"
-        /*  Overflow */
-        "extr	x26, x26, x6, #63\n\t"
-        "mul	x26, x26, x24\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x26, x24, x6, asr 63\n\t"
-        "and	x6, x6, #0x7fffffffffffffff\n\t"
-        "adds	x3, x3, x26\n\t"
-        "adcs	x4, x4, xzr\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adc	x6, x6, xzr\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x22\n\t"
+        "adds	x17, x17, x4\n\t"
+        "umulh	x5, x3, x22\n\t"
+        "adc	x5, x5, xzr\n\t"
+        "mov	x3, #19\n\t"
+        "extr	x5, x5, x17, #63\n\t"
+        "mul	x5, x5, x3\n\t"
+        "and	x17, x17, #0x7fffffffffffffff\n\t"
+        "mov	x3, #38\n\t"
+        "mul	x4, x3, x19\n\t"
+        "adds	x14, x14, x4\n\t"
+        "umulh	x19, x3, x19\n\t"
+        "mul	x4, x3, x20\n\t"
+        "adcs	x15, x15, x4\n\t"
+        "umulh	x20, x3, x20\n\t"
+        "mul	x4, x3, x21\n\t"
+        "adcs	x16, x16, x4\n\t"
+        "umulh	x21, x3, x21\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x14, x14, x5\n\t"
+        "adcs	x15, x15, x19\n\t"
+        "adcs	x16, x16, x20\n\t"
+        "adc	x17, x17, x21\n\t"
         /* Store */
-        "stp	x3, x4, [x0]\n\t"
-        "stp	x5, x6, [x0, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x60\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt)
+        "stp	x14, x15, [x0]\n\t"
+        "stp	x16, x17, [x0, #16]\n\t"
+        "ldp	x29, x30, [sp], #32\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
     );
 }
 
-void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz)
+void ge_p2_dbl(ge_p1p1* r, const ge_p2* p)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-80]!\n\t"
+        "stp	x29, x30, [sp, #-32]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[rx], [x29, #16]\n\t"
-        "str	%x[ry], [x29, #24]\n\t"
-        "str	%x[rz], [x29, #32]\n\t"
-        "str	%x[rt], [x29, #40]\n\t"
-        "str	%x[px], [x29, #48]\n\t"
-        "str	%x[py], [x29, #56]\n\t"
-        "str	%x[pz], [x29, #64]\n\t"
-        "ldr	x1, [x29, #48]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Square */
-        "ldp	x12, x13, [x1]\n\t"
-        "ldp	x14, x15, [x1, #16]\n\t"
+        "ldp	x4, x5, [x1]\n\t"
+        "ldp	x6, x7, [x1, #16]\n\t"
         /*  A[0] * A[1] */
-        "mul	x5, x12, x13\n\t"
-        "umulh	x6, x12, x13\n\t"
-        /*  A[0] * A[2] */
-        "mul	x25, x12, x14\n\t"
-        "umulh	x7, x12, x14\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "umulh	x10, x4, x5\n\t"
+        "mul	x9, x4, x5\n\t"
         /*  A[0] * A[3] */
-        "mul	x25, x12, x15\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[1] * A[2] */
-        "mul	x25, x13, x14\n\t"
-        "umulh	x26, x13, x14\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
+        "umulh	x12, x4, x7\n\t"
+        "mul	x11, x4, x7\n\t"
+        /*  A[0] * A[2] */
+        "mul	x25, x4, x6\n\t"
+        "adds	x10, x10, x25\n\t"
+        "umulh	x26, x4, x6\n\t"
+        "adcs	x11, x11, x26\n\t"
         /*  A[1] * A[3] */
-        "mul	x25, x13, x15\n\t"
-        "umulh	x26, x13, x15\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adc	x9, x9, x26\n\t"
+        "mul	x25, x5, x7\n\t"
+        "adcs	x12, x12, x25\n\t"
+        "umulh	x13, x5, x7\n\t"
+        "adc	x13, x13, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x25, x5, x6\n\t"
+        "adds	x11, x11, x25\n\t"
+        "umulh	x26, x5, x6\n\t"
+        "adcs	x12, x12, x26\n\t"
         /*  A[2] * A[3] */
-        "mul	x25, x14, x15\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adds	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
+        "mul	x25, x6, x7\n\t"
+        "adcs	x13, x13, x25\n\t"
+        "umulh	x14, x6, x7\n\t"
+        "adc	x14, x14, xzr\n\t"
         /* Double */
-        "adds	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "adcs	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
+        "adds	x9, x9, x9\n\t"
         "adcs	x10, x10, x10\n\t"
-        "adc	x11, xzr, xzr\n\t"
+        "adcs	x11, x11, x11\n\t"
+        "adcs	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adc	x15, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x4, x12, x12\n\t"
-        "umulh	x27, x12, x12\n\t"
+        "umulh	x26, x4, x4\n\t"
+        "mul	x8, x4, x4\n\t"
         /*  A[1] * A[1] */
-        "mul	x25, x13, x13\n\t"
-        "umulh	x26, x13, x13\n\t"
-        "adds	x5, x5, x27\n\t"
-        "adcs	x6, x6, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x5, x5\n\t"
+        "adds	x9, x9, x26\n\t"
+        "umulh	x26, x5, x5\n\t"
+        "adcs	x10, x10, x25\n\t"
         /*  A[2] * A[2] */
-        "mul	x25, x14, x14\n\t"
-        "umulh	x26, x14, x14\n\t"
-        "adds	x7, x7, x27\n\t"
-        "adcs	x8, x8, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x6, x6\n\t"
+        "adcs	x11, x11, x26\n\t"
+        "umulh	x26, x6, x6\n\t"
+        "adcs	x12, x12, x25\n\t"
         /*  A[3] * A[3] */
-        "mul	x25, x15, x15\n\t"
-        "umulh	x26, x15, x15\n\t"
-        "adds	x9, x9, x27\n\t"
-        "adcs	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
+        "mul	x25, x7, x7\n\t"
+        "adcs	x13, x13, x26\n\t"
+        "umulh	x26, x7, x7\n\t"
+        "adcs	x14, x14, x25\n\t"
+        "adc	x15, x15, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x8\n\t"
-        "umulh	x8, x25, x8\n\t"
-        "adds	x4, x4, x26\n\t"
-        "mul	x26, x25, x9\n\t"
-        "umulh	x9, x25, x9\n\t"
-        "adcs	x5, x5, x26\n\t"
-        "mul	x26, x25, x10\n\t"
-        "umulh	x10, x25, x10\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x15\n\t"
+        "adds	x11, x11, x26\n\t"
+        "umulh	x27, x25, x15\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x11, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x12\n\t"
+        "adds	x8, x8, x26\n\t"
+        "umulh	x12, x25, x12\n\t"
+        "mul	x26, x25, x13\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "umulh	x13, x25, x13\n\t"
+        "mul	x26, x25, x14\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "umulh	x14, x25, x14\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x8, x8, x27\n\t"
+        "adcs	x9, x9, x12\n\t"
+        "adcs	x10, x10, x13\n\t"
+        "adc	x11, x11, x14\n\t"
         /* Store */
-        "stp	x4, x5, [x0]\n\t"
-        "stp	x6, x7, [x0, #16]\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x1, [x29, #56]\n\t"
+        "stp	x8, x9, [x0]\n\t"
+        "stp	x10, x11, [x0, #16]\n\t"
+        "add	x2, x1, #32\n\t"
+        "sub	x0, x0, #32\n\t"
         /* Square */
-        "ldp	x21, x22, [x1]\n\t"
-        "ldp	x23, x24, [x1, #16]\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
         /*  A[0] * A[1] */
-        "mul	x9, x21, x22\n\t"
-        "umulh	x10, x21, x22\n\t"
-        /*  A[0] * A[2] */
-        "mul	x25, x21, x23\n\t"
-        "umulh	x11, x21, x23\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, xzr\n\t"
+        "umulh	x23, x16, x17\n\t"
+        "mul	x22, x16, x17\n\t"
         /*  A[0] * A[3] */
-        "mul	x25, x21, x24\n\t"
-        "umulh	x16, x21, x24\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[1] * A[2] */
-        "mul	x25, x22, x23\n\t"
-        "umulh	x26, x22, x23\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
+        "umulh	x4, x16, x20\n\t"
+        "mul	x24, x16, x20\n\t"
+        /*  A[0] * A[2] */
+        "mul	x25, x16, x19\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x16, x19\n\t"
+        "adcs	x24, x24, x26\n\t"
         /*  A[1] * A[3] */
-        "mul	x25, x22, x24\n\t"
-        "umulh	x26, x22, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adc	x17, x17, x26\n\t"
+        "mul	x25, x17, x20\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x5, x17, x20\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x25, x17, x19\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x17, x19\n\t"
+        "adcs	x4, x4, x26\n\t"
         /*  A[2] * A[3] */
-        "mul	x25, x23, x24\n\t"
-        "umulh	x19, x23, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adc	x19, x19, xzr\n\t"
+        "mul	x25, x19, x20\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x6, x19, x20\n\t"
+        "adc	x6, x6, xzr\n\t"
         /* Double */
-        "adds	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adcs	x16, x16, x16\n\t"
-        "adcs	x17, x17, x17\n\t"
-        "adcs	x19, x19, x19\n\t"
-        "adc	x20, xzr, xzr\n\t"
+        "adds	x22, x22, x22\n\t"
+        "adcs	x23, x23, x23\n\t"
+        "adcs	x24, x24, x24\n\t"
+        "adcs	x4, x4, x4\n\t"
+        "adcs	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adc	x7, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x8, x21, x21\n\t"
-        "umulh	x27, x21, x21\n\t"
+        "umulh	x26, x16, x16\n\t"
+        "mul	x21, x16, x16\n\t"
         /*  A[1] * A[1] */
-        "mul	x25, x22, x22\n\t"
-        "umulh	x26, x22, x22\n\t"
-        "adds	x9, x9, x27\n\t"
-        "adcs	x10, x10, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x17, x17\n\t"
+        "adds	x22, x22, x26\n\t"
+        "umulh	x26, x17, x17\n\t"
+        "adcs	x23, x23, x25\n\t"
         /*  A[2] * A[2] */
-        "mul	x25, x23, x23\n\t"
-        "umulh	x26, x23, x23\n\t"
-        "adds	x11, x11, x27\n\t"
-        "adcs	x16, x16, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x19, x19\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "umulh	x26, x19, x19\n\t"
+        "adcs	x4, x4, x25\n\t"
         /*  A[3] * A[3] */
-        "mul	x25, x24, x24\n\t"
-        "umulh	x26, x24, x24\n\t"
-        "adds	x17, x17, x27\n\t"
-        "adcs	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "mul	x25, x20, x20\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x26, x20, x20\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "adc	x7, x7, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x11, #63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x8, x8, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x9, x9, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x10, x10, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x11, x11, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x9, x9, x16\n\t"
-        "adcs	x10, x10, x17\n\t"
-        "adcs	x11, x11, x19\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x11, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x11, asr 63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /* Store */
-        "stp	x8, x9, [x0]\n\t"
-        "stp	x10, x11, [x0, #16]\n\t"
-        "ldr	x0, [x29, #24]\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
+        "add	x3, x0, #32\n\t"
+        "mov	x2, x0\n\t"
+        "add	x1, x0, #32\n\t"
         /* Add */
-        "adds	x12, x12, x21\n\t"
-        "adcs	x13, x13, x22\n\t"
-        "adcs	x14, x14, x23\n\t"
-        "adc	x15, x15, x24\n\t"
+        "adds	x4, x21, x8\n\t"
+        "adcs	x5, x22, x9\n\t"
+        "adcs	x6, x23, x10\n\t"
+        "adcs	x7, x24, x11\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x7, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Sub modulus (if overflow) */
+        "adds	x4, x4, x25\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* Sub */
+        "subs	x12, x21, x8\n\t"
+        "sbcs	x13, x22, x9\n\t"
+        "sbcs	x14, x23, x10\n\t"
+        "sbcs	x15, x24, x11\n\t"
+        "csetm	x28, cc\n\t"
         "mov	x25, #-19\n\t"
-        "asr	x28, x15, #63\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Add modulus (if underflow) */
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "stp	x4, x5, [x0]\n\t"
+        "stp	x6, x7, [x0, #16]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldr	x1, [x29, #24]\n\t"
+        "add	x2, x1, #32\n\t"
+        "sub	x0, x0, #32\n\t"
+        /* Add */
+        "ldp	x8, x9, [x1]\n\t"
+        "ldp	x10, x11, [x1, #16]\n\t"
+        "adds	x8, x8, x16\n\t"
+        "adcs	x9, x9, x17\n\t"
+        "adcs	x10, x10, x19\n\t"
+        "adcs	x11, x11, x20\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
         /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x12, x12, x25\n\t"
-        "sbcs	x13, x13, x28\n\t"
-        "sbcs	x14, x14, x28\n\t"
-        "sbc	x15, x15, x26\n\t"
-        "ldr	x0, [x29, #40]\n\t"
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "mov	x1, x0\n\t"
         /* Square */
         /*  A[0] * A[1] */
-        "mul	x17, x12, x13\n\t"
-        "umulh	x19, x12, x13\n\t"
-        /*  A[0] * A[2] */
-        "mul	x25, x12, x14\n\t"
-        "umulh	x20, x12, x14\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, xzr\n\t"
+        "umulh	x23, x8, x9\n\t"
+        "mul	x22, x8, x9\n\t"
         /*  A[0] * A[3] */
-        "mul	x25, x12, x15\n\t"
-        "umulh	x21, x12, x15\n\t"
-        "adds	x20, x20, x25\n\t"
-        "adc	x21, x21, xzr\n\t"
-        /*  A[1] * A[2] */
-        "mul	x25, x13, x14\n\t"
-        "umulh	x26, x13, x14\n\t"
-        "adds	x20, x20, x25\n\t"
-        "adcs	x21, x21, x26\n\t"
-        "adc	x22, xzr, xzr\n\t"
+        "umulh	x4, x8, x11\n\t"
+        "mul	x24, x8, x11\n\t"
+        /*  A[0] * A[2] */
+        "mul	x25, x8, x10\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x8, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
         /*  A[1] * A[3] */
-        "mul	x25, x13, x15\n\t"
-        "umulh	x26, x13, x15\n\t"
-        "adds	x21, x21, x25\n\t"
-        "adc	x22, x22, x26\n\t"
+        "mul	x25, x9, x11\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x5, x9, x11\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /*  A[1] * A[2] */
+        "mul	x25, x9, x10\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x9, x10\n\t"
+        "adcs	x4, x4, x26\n\t"
         /*  A[2] * A[3] */
-        "mul	x25, x14, x15\n\t"
-        "umulh	x23, x14, x15\n\t"
-        "adds	x22, x22, x25\n\t"
-        "adc	x23, x23, xzr\n\t"
+        "mul	x25, x10, x11\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x6, x10, x11\n\t"
+        "adc	x6, x6, xzr\n\t"
         /* Double */
-        "adds	x17, x17, x17\n\t"
-        "adcs	x19, x19, x19\n\t"
-        "adcs	x20, x20, x20\n\t"
-        "adcs	x21, x21, x21\n\t"
-        "adcs	x22, x22, x22\n\t"
+        "adds	x22, x22, x22\n\t"
         "adcs	x23, x23, x23\n\t"
-        "adc	x24, xzr, xzr\n\t"
+        "adcs	x24, x24, x24\n\t"
+        "adcs	x4, x4, x4\n\t"
+        "adcs	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adc	x7, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x16, x12, x12\n\t"
-        "umulh	x27, x12, x12\n\t"
+        "umulh	x26, x8, x8\n\t"
+        "mul	x21, x8, x8\n\t"
         /*  A[1] * A[1] */
-        "mul	x25, x13, x13\n\t"
-        "umulh	x26, x13, x13\n\t"
-        "adds	x17, x17, x27\n\t"
-        "adcs	x19, x19, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x9, x9\n\t"
+        "adds	x22, x22, x26\n\t"
+        "umulh	x26, x9, x9\n\t"
+        "adcs	x23, x23, x25\n\t"
         /*  A[2] * A[2] */
-        "mul	x25, x14, x14\n\t"
-        "umulh	x26, x14, x14\n\t"
-        "adds	x20, x20, x27\n\t"
-        "adcs	x21, x21, x25\n\t"
-        "adc	x27, x26, xzr\n\t"
+        "mul	x25, x10, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "umulh	x26, x10, x10\n\t"
+        "adcs	x4, x4, x25\n\t"
         /*  A[3] * A[3] */
-        "mul	x25, x15, x15\n\t"
-        "umulh	x26, x15, x15\n\t"
-        "adds	x22, x22, x27\n\t"
-        "adcs	x23, x23, x25\n\t"
-        "adc	x24, x24, x26\n\t"
+        "mul	x25, x11, x11\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x26, x11, x11\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "adc	x7, x7, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x24, x24, x23, #63\n\t"
-        "extr	x23, x23, x22, #63\n\t"
-        "extr	x22, x22, x21, #63\n\t"
-        "extr	x21, x21, x20, #63\n\t"
-        "and	x20, x20, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x21\n\t"
-        "umulh	x21, x25, x21\n\t"
-        "adds	x16, x16, x26\n\t"
-        "mul	x26, x25, x22\n\t"
-        "umulh	x22, x25, x22\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "mul	x26, x25, x23\n\t"
-        "umulh	x23, x25, x23\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "mul	x26, x25, x24\n\t"
-        "umulh	x27, x25, x24\n\t"
-        "adcs	x20, x20, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x17, x17, x21\n\t"
-        "adcs	x19, x19, x22\n\t"
-        "adcs	x20, x20, x23\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x20, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x20, x20, #0x7fffffffffffffff\n\t"
-        "adds	x16, x16, x27\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "adcs	x19, x19, xzr\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x20, asr 63\n\t"
-        "and	x20, x20, #0x7fffffffffffffff\n\t"
-        "adds	x16, x16, x27\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "adcs	x19, x19, xzr\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /* Store */
-        "stp	x16, x17, [x0]\n\t"
-        "stp	x19, x20, [x0, #16]\n\t"
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [x29, #32]\n\t"
-        /* Add */
-        "adds	x12, x8, x4\n\t"
-        "adcs	x13, x9, x5\n\t"
-        "adcs	x14, x10, x6\n\t"
-        "adc	x15, x11, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x15, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	x12, x12, x25\n\t"
-        "sbcs	x13, x13, x28\n\t"
-        "sbcs	x14, x14, x28\n\t"
-        "sbc	x15, x15, x26\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
+        "add	x2, x0, #32\n\t"
         /* Sub */
-        "subs	x21, x8, x4\n\t"
-        "sbcs	x22, x9, x5\n\t"
-        "sbcs	x23, x10, x6\n\t"
-        "sbcs	x24, x11, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        "subs	x21, x21, x8\n\t"
+        "sbcs	x22, x22, x9\n\t"
+        "sbcs	x23, x23, x10\n\t"
+        "sbcs	x24, x24, x11\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Add modulus (if underflow) */
-        "adds	x21, x21, x25\n\t"
-        "adcs	x22, x22, x28\n\t"
-        "adcs	x23, x23, x28\n\t"
-        "adc	x24, x24, x26\n\t"
-        "stp	x12, x13, [x0]\n\t"
-        "stp	x14, x15, [x0, #16]\n\t"
-        "stp	x21, x22, [x1]\n\t"
-        "stp	x23, x24, [x1, #16]\n\t"
-        "ldr	x0, [x29, #16]\n\t"
-        /* Sub */
-        "subs	x16, x16, x12\n\t"
-        "sbcs	x17, x17, x13\n\t"
-        "sbcs	x19, x19, x14\n\t"
-        "sbcs	x20, x20, x15\n\t"
         "mov	x25, #-19\n\t"
-        "csetm	x28, cc\n\t"
         /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "extr	x28, x28, x24, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
-        "stp	x16, x17, [x0]\n\t"
-        "stp	x19, x20, [x0, #16]\n\t"
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [x29, #64]\n\t"
+        "subs	x21, x21, x25\n\t"
+        "sbcs	x22, x22, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "sbcs	x23, x23, xzr\n\t"
+        "sbc	x24, x24, xzr\n\t"
+        "stp	x21, x22, [x0]\n\t"
+        "stp	x23, x24, [x0, #16]\n\t"
+        "ldr	x2, [x29, #24]\n\t"
+        "add	x2, x2, #0x40\n\t"
+        "add	x0, x0, #0x60\n\t"
         /* Square * 2 */
-        "ldp	x12, x13, [x1]\n\t"
-        "ldp	x14, x15, [x1, #16]\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
         /*  A[0] * A[1] */
-        "mul	x5, x12, x13\n\t"
-        "umulh	x6, x12, x13\n\t"
+        "umulh	x6, x16, x17\n\t"
+        "mul	x5, x16, x17\n\t"
+        /*  A[0] * A[3] */
+        "umulh	x8, x16, x20\n\t"
+        "mul	x7, x16, x20\n\t"
         /*  A[0] * A[2] */
-        "mul	x25, x12, x14\n\t"
-        "umulh	x7, x12, x14\n\t"
+        "mul	x25, x16, x19\n\t"
         "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /*  A[0] * A[3] */
-        "mul	x25, x12, x15\n\t"
-        "umulh	x8, x12, x15\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adc	x8, x8, xzr\n\t"
+        "umulh	x26, x16, x19\n\t"
+        "adcs	x7, x7, x26\n\t"
+        /*  A[1] * A[3] */
+        "mul	x25, x17, x20\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x9, x17, x20\n\t"
+        "adc	x9, x9, xzr\n\t"
         /*  A[1] * A[2] */
-        "mul	x25, x13, x14\n\t"
-        "umulh	x26, x13, x14\n\t"
+        "mul	x25, x17, x19\n\t"
         "adds	x7, x7, x25\n\t"
+        "umulh	x26, x17, x19\n\t"
         "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[1] * A[3] */
-        "mul	x25, x13, x15\n\t"
-        "umulh	x26, x13, x15\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adc	x9, x9, x26\n\t"
         /*  A[2] * A[3] */
-        "mul	x25, x14, x15\n\t"
-        "umulh	x10, x14, x15\n\t"
-        "adds	x9, x9, x25\n\t"
+        "mul	x25, x19, x20\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x10, x19, x20\n\t"
         "adc	x10, x10, xzr\n\t"
         /* Double */
         "adds	x5, x5, x5\n\t"
@@ -4585,635 +5729,530 @@ void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz
         "adcs	x10, x10, x10\n\t"
         "adc	x11, xzr, xzr\n\t"
         /*  A[0] * A[0] */
-        "mul	x4, x12, x12\n\t"
-        "umulh	x28, x12, x12\n\t"
+        "umulh	x26, x16, x16\n\t"
+        "mul	x4, x16, x16\n\t"
         /*  A[1] * A[1] */
-        "mul	x25, x13, x13\n\t"
-        "umulh	x26, x13, x13\n\t"
-        "adds	x5, x5, x28\n\t"
+        "mul	x25, x17, x17\n\t"
+        "adds	x5, x5, x26\n\t"
+        "umulh	x26, x17, x17\n\t"
         "adcs	x6, x6, x25\n\t"
-        "adc	x28, x26, xzr\n\t"
         /*  A[2] * A[2] */
-        "mul	x25, x14, x14\n\t"
-        "umulh	x26, x14, x14\n\t"
-        "adds	x7, x7, x28\n\t"
+        "mul	x25, x19, x19\n\t"
+        "adcs	x7, x7, x26\n\t"
+        "umulh	x26, x19, x19\n\t"
         "adcs	x8, x8, x25\n\t"
-        "adc	x28, x26, xzr\n\t"
         /*  A[3] * A[3] */
-        "mul	x25, x15, x15\n\t"
-        "umulh	x26, x15, x15\n\t"
-        "adds	x9, x9, x28\n\t"
+        "mul	x25, x20, x20\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "umulh	x26, x20, x20\n\t"
         "adcs	x10, x10, x25\n\t"
         "adc	x11, x11, x26\n\t"
-        /* Double and Reduce */
-        "mov	x25, #0x169\n\t"
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "lsr	x28, x11, #61\n\t"
-        "extr	x11, x11, x10, #62\n\t"
-        "extr	x10, x10, x9, #62\n\t"
-        "extr	x9, x9, x8, #62\n\t"
-        "extr	x8, x8, x7, #62\n\t"
-        "extr	x7, x7, x6, #63\n\t"
-        "extr	x6, x6, x5, #63\n\t"
-        "extr	x5, x5, x4, #63\n\t"
-        "lsl	x4, x4, #1\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Two left, only one right */
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        /*  Multiply top bits by 19*19 */
-        "mul	x28, x28, x25\n\t"
-        /*  Multiply top half by 19 */
+        /* Reduce */
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x7, x7, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
+        "adc	x27, x27, xzr\n\t"
         "mov	x25, #19\n\t"
+        "extr	x27, x27, x7, #63\n\t"
+        "mul	x27, x27, x25\n\t"
+        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
         "mul	x26, x25, x8\n\t"
-        "umulh	x8, x25, x8\n\t"
         "adds	x4, x4, x26\n\t"
+        "umulh	x8, x25, x8\n\t"
         "mul	x26, x25, x9\n\t"
-        "umulh	x9, x25, x9\n\t"
         "adcs	x5, x5, x26\n\t"
+        "umulh	x9, x25, x9\n\t"
         "mul	x26, x25, x10\n\t"
-        "umulh	x10, x25, x10\n\t"
         "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x4, x4, x28\n\t"
+        "umulh	x10, x25, x10\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x4, x4, x27\n\t"
         "adcs	x5, x5, x8\n\t"
         "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
-        "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
+        "adc	x7, x7, x10\n\t"
+        "mov	x25, #19\n\t"
+        "lsr	x26, x7, #62\n\t"
+        "extr	x7, x7, x6, #63\n\t"
+        "extr	x6, x6, x5, #63\n\t"
+        "extr	x5, x5, x4, #63\n\t"
+        "lsl	x4, x4, #1\n\t"
+        "mul	x26, x26, x25\n\t"
+        "adds	x4, x4, x26\n\t"
         "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
         "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
         "adcs	x6, x6, xzr\n\t"
         "adc	x7, x7, xzr\n\t"
         /* Store */
-        "ldr	x0, [x29, #40]\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Sub */
-        "subs	x4, x4, x21\n\t"
-        "sbcs	x5, x5, x22\n\t"
-        "sbcs	x6, x6, x23\n\t"
-        "sbcs	x7, x7, x24\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x4, x4, x12\n\t"
+        "sbcs	x5, x5, x13\n\t"
+        "sbcs	x6, x6, x14\n\t"
+        "sbcs	x7, x7, x15\n\t"
         "csetm	x28, cc\n\t"
+        "mov	x25, #-19\n\t"
         /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "extr	x28, x28, x7, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x4, x4, x25\n\t"
-        "adcs	x5, x5, x28\n\t"
-        "adcs	x6, x6, x28\n\t"
-        "adc	x7, x7, x26\n\t"
+        "subs	x4, x4, x25\n\t"
+        "sbcs	x5, x5, xzr\n\t"
+        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        "sbcs	x6, x6, xzr\n\t"
+        "sbc	x7, x7, xzr\n\t"
         "stp	x4, x5, [x0]\n\t"
         "stp	x6, x7, [x0, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x50\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz)
+        "ldp	x29, x30, [sp], #32\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
         :
-        : "memory", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
 }
 
-void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qxy2d, const fe qyplusx, const fe qyminusx)
+void ge_madd(ge_p1p1* r, const ge_p3* p, const ge_precomp* q)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-112]!\n\t"
+        "stp	x29, x30, [sp, #-48]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[qyminusx], [sp, #104]\n\t"
-        "str	%x[qyplusx], [sp, #96]\n\t"
-        "str	%x[qxy2d], [sp, #88]\n\t"
-        "str	%x[rx], [x29, #16]\n\t"
-        "str	%x[ry], [x29, #24]\n\t"
-        "str	%x[rz], [x29, #32]\n\t"
-        "str	%x[rt], [x29, #40]\n\t"
-        "str	%x[px], [x29, #48]\n\t"
-        "str	%x[py], [x29, #56]\n\t"
-        "str	%x[pz], [x29, #64]\n\t"
-        "str	%x[pt], [x29, #72]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
-        "ldr	x3, [x29, #48]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "str	%x[q], [x29, #32]\n\t"
+        "mov	x3, x1\n\t"
+        "add	x2, x1, #32\n\t"
+        "add	x1, x0, #32\n\t"
         /* Add */
-        "ldp	x12, x13, [x2]\n\t"
-        "ldp	x14, x15, [x2, #16]\n\t"
-        "ldp	x16, x17, [x3]\n\t"
-        "ldp	x19, x20, [x3, #16]\n\t"
-        "adds	x4, x12, x16\n\t"
-        "adcs	x5, x13, x17\n\t"
-        "adcs	x6, x14, x19\n\t"
-        "adc	x7, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x16, x8, x4\n\t"
+        "adcs	x17, x9, x5\n\t"
+        "adcs	x19, x10, x6\n\t"
+        "adcs	x20, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x20, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
+        "adds	x16, x16, x25\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Sub */
-        "subs	x8, x12, x16\n\t"
-        "sbcs	x9, x13, x17\n\t"
-        "sbcs	x10, x14, x19\n\t"
-        "sbcs	x11, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x8, x4\n\t"
+        "sbcs	x13, x9, x5\n\t"
+        "sbcs	x14, x10, x6\n\t"
+        "sbcs	x15, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x28\n\t"
-        "adcs	x10, x10, x28\n\t"
-        "adc	x11, x11, x26\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x2, [sp, #96]\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "mov	x1, x0\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x12, x4, x21\n\t"
-        "umulh	x13, x4, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x4, x22\n\t"
-        "umulh	x14, x4, x22\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x5, x21\n\t"
-        "umulh	x26, x5, x21\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x4, x23\n\t"
-        "umulh	x26, x4, x23\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x5, x22\n\t"
-        "umulh	x26, x5, x22\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x6, x21\n\t"
-        "umulh	x26, x6, x21\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x4, x24\n\t"
-        "umulh	x26, x4, x24\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x5, x23\n\t"
-        "umulh	x26, x5, x23\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x6, x22\n\t"
-        "umulh	x26, x6, x22\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x7, x21\n\t"
-        "umulh	x26, x7, x21\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x5, x24\n\t"
-        "umulh	x26, x5, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x6, x23\n\t"
-        "umulh	x26, x6, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x7, x22\n\t"
-        "umulh	x26, x7, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x6, x24\n\t"
-        "umulh	x26, x6, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x7, x23\n\t"
-        "umulh	x26, x7, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x7, x24\n\t"
-        "umulh	x26, x7, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x22, x16, x8\n\t"
+        "mul	x21, x16, x8\n\t"
+        /* A[2] * B[0] */
+        "umulh	x24, x19, x8\n\t"
+        "mul	x23, x19, x8\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x17, x8\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x17, x8\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x5, x17, x11\n\t"
+        "adc	x24, x24, xzr\n\t"
+        "mul	x4, x17, x11\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x16, x9\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x16, x9\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x19, x9\n\t"
+        "adcs	x24, x24, x25\n\t"
+        "umulh	x26, x19, x9\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x17, x10\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x17, x10\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x16, x10\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x16, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x17, x9\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x17, x9\n\t"
+        "adcs	x24, x24, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x20, x9\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x26, x20, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x19, x10\n\t"
+        "adds	x4, x4, x25\n\t"
+        "umulh	x26, x19, x10\n\t"
+        "adcs	x5, x5, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x20, x11\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "umulh	x7, x20, x11\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x16, x11\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x16, x11\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x19, x11\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x19, x11\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x20, x8\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x20, x8\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x20, x10\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x20, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x12, x12, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x15, x15, x26\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x13, x13, x16\n\t"
-        "adcs	x14, x14, x17\n\t"
-        "adcs	x15, x15, x19\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x15, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x15, asr 63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [sp, #104]\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
+        "add	x2, x2, #32\n\t"
+        "add	x1, x0, #32\n\t"
+        "add	x0, x0, #32\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x1]\n\t"
-        "ldp	x23, x24, [x1, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x8, x21\n\t"
-        "umulh	x5, x8, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x8, x22\n\t"
-        "umulh	x6, x8, x22\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x5, x12, x16\n\t"
+        "mul	x4, x12, x16\n\t"
+        /* A[2] * B[0] */
+        "umulh	x7, x14, x16\n\t"
+        "mul	x6, x14, x16\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x13, x16\n\t"
         "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x9, x21\n\t"
-        "umulh	x26, x9, x21\n\t"
+        "umulh	x26, x13, x16\n\t"
+        "adcs	x6, x6, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x13, x20\n\t"
+        "adc	x7, x7, xzr\n\t"
+        "mul	x8, x13, x20\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x12, x17\n\t"
         "adds	x5, x5, x25\n\t"
+        "umulh	x26, x12, x17\n\t"
         "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x8, x23\n\t"
-        "umulh	x26, x8, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x9, x22\n\t"
-        "umulh	x26, x9, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x14, x17\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "umulh	x26, x14, x17\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x13, x19\n\t"
+        "adds	x7, x7, x25\n\t"
+        "umulh	x26, x13, x19\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x12, x19\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x12, x19\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x10, x21\n\t"
-        "umulh	x26, x10, x21\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x13, x17\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x13, x17\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x8, x24\n\t"
-        "umulh	x26, x8, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x9, x23\n\t"
-        "umulh	x26, x9, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x10, x22\n\t"
-        "umulh	x26, x10, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x15, x17\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x15, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x14, x19\n\t"
+        "adds	x8, x8, x25\n\t"
+        "umulh	x26, x14, x19\n\t"
+        "adcs	x9, x9, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x15, x20\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x15, x20\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x12, x20\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x11, x21\n\t"
-        "umulh	x26, x11, x21\n\t"
+        "umulh	x26, x12, x20\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x14, x20\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x14, x20\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x15, x16\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x9, x24\n\t"
-        "umulh	x26, x9, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x10, x23\n\t"
-        "umulh	x26, x10, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x11, x22\n\t"
-        "umulh	x26, x11, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x10, x24\n\t"
-        "umulh	x26, x10, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x11, x23\n\t"
-        "umulh	x26, x11, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x11, x24\n\t"
-        "umulh	x26, x11, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "umulh	x26, x15, x16\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x15, x19\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x15, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x4, x4, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x5, x5, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x16\n\t"
-        "adcs	x6, x6, x17\n\t"
-        "adcs	x7, x7, x19\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x7, x7, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x7, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x8\n\t"
+        "adds	x4, x4, x26\n\t"
+        "umulh	x8, x25, x8\n\t"
+        "mul	x26, x25, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x9, x25, x9\n\t"
+        "mul	x26, x25, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "umulh	x10, x25, x10\n\t"
         "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [x29, #16]\n\t"
+        "adcs	x5, x5, x8\n\t"
+        "adcs	x6, x6, x9\n\t"
+        "adc	x7, x7, x10\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Add */
-        "adds	x8, x12, x4\n\t"
-        "adcs	x9, x13, x5\n\t"
-        "adcs	x10, x14, x6\n\t"
-        "adc	x11, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "adds	x8, x21, x4\n\t"
+        "adcs	x9, x22, x5\n\t"
+        "adcs	x10, x23, x6\n\t"
+        "adcs	x11, x24, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x12, x4\n\t"
-        "sbcs	x17, x13, x5\n\t"
-        "sbcs	x19, x14, x6\n\t"
-        "sbcs	x20, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x21, x4\n\t"
+        "sbcs	x13, x22, x5\n\t"
+        "sbcs	x14, x23, x6\n\t"
+        "sbcs	x15, x24, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
         "stp	x8, x9, [x0]\n\t"
         "stp	x10, x11, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [sp, #88]\n\t"
-        "ldr	x3, [x29, #72]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldr	x1, [x29, #24]\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #0x40\n\t"
+        "add	x1, x1, #0x60\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x16, x17, [x1]\n\t"
-        "ldp	x19, x20, [x1, #16]\n\t"
-        "ldp	x21, x22, [x3]\n\t"
-        "ldp	x23, x24, [x3, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x16, x21\n\t"
-        "umulh	x5, x16, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x16, x22\n\t"
-        "umulh	x6, x16, x22\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x17, x21\n\t"
-        "umulh	x26, x17, x21\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x16, x23\n\t"
-        "umulh	x26, x16, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x17, x22\n\t"
-        "umulh	x26, x17, x22\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x19, x21\n\t"
-        "umulh	x26, x19, x21\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x16, x24\n\t"
-        "umulh	x26, x16, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x17, x23\n\t"
-        "umulh	x26, x17, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x19, x22\n\t"
-        "umulh	x26, x19, x22\n\t"
-        "adds	x7, x7, x25\n\t"
+        "ldp	x21, x22, [x1]\n\t"
+        "ldp	x23, x24, [x1, #16]\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x17, x21, x4\n\t"
+        "mul	x16, x21, x4\n\t"
+        /* A[2] * B[0] */
+        "umulh	x20, x23, x4\n\t"
+        "mul	x19, x23, x4\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x22, x4\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x22, x4\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x22, x7\n\t"
+        "adc	x20, x20, xzr\n\t"
+        "mul	x8, x22, x7\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x21, x5\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x21, x5\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x23, x5\n\t"
+        "adcs	x20, x20, x25\n\t"
+        "umulh	x26, x23, x5\n\t"
         "adcs	x8, x8, x26\n\t"
         "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x20, x21\n\t"
-        "umulh	x26, x20, x21\n\t"
-        "adds	x7, x7, x25\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x22, x6\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x22, x6\n\t"
         "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x17, x24\n\t"
-        "umulh	x26, x17, x24\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
         "adc	x10, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x19, x23\n\t"
-        "umulh	x26, x19, x23\n\t"
-        "adds	x8, x8, x25\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x21, x6\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x21, x6\n\t"
+        "adcs	x20, x20, x26\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x22, x5\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x22, x5\n\t"
+        "adcs	x20, x20, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x24, x5\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x24, x5\n\t"
         "adcs	x9, x9, x26\n\t"
         "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x20, x22\n\t"
-        "umulh	x26, x20, x22\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x23, x6\n\t"
         "adds	x8, x8, x25\n\t"
+        "umulh	x26, x23, x6\n\t"
         "adcs	x9, x9, x26\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x19, x24\n\t"
-        "umulh	x26, x19, x24\n\t"
-        "adds	x9, x9, x25\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x24, x7\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x24, x7\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x21, x7\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x21, x7\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x23, x7\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x23, x7\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x20, x23\n\t"
-        "umulh	x26, x20, x23\n\t"
-        "adds	x9, x9, x25\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x24, x4\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x24, x4\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x24, x6\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x24, x6\n\t"
         "adcs	x10, x10, x26\n\t"
         "adc	x11, x11, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x20, x24\n\t"
-        "umulh	x26, x20, x24\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x20, x20, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
+        "adc	x27, x27, xzr\n\t"
         "mov	x25, #19\n\t"
+        "extr	x27, x27, x20, #63\n\t"
+        "mul	x27, x27, x25\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
         "mul	x26, x25, x8\n\t"
+        "adds	x16, x16, x26\n\t"
         "umulh	x8, x25, x8\n\t"
-        "adds	x4, x4, x26\n\t"
         "mul	x26, x25, x9\n\t"
+        "adcs	x17, x17, x26\n\t"
         "umulh	x9, x25, x9\n\t"
-        "adcs	x5, x5, x26\n\t"
         "mul	x26, x25, x10\n\t"
+        "adcs	x19, x19, x26\n\t"
         "umulh	x10, x25, x10\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
-        "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x1, [x29, #64]\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x16, x16, x27\n\t"
+        "adcs	x17, x17, x8\n\t"
+        "adcs	x19, x19, x9\n\t"
+        "adc	x20, x20, x10\n\t"
+        "sub	x1, x1, #32\n\t"
         /* Double */
-        "ldp	x8, x9, [x1]\n\t"
-        "ldp	x10, x11, [x1, #16]\n\t"
-        "adds	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, x11, x11\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
-        "ldr	x1, [x29, #40]\n\t"
-        /* Add */
-        "adds	x12, x8, x4\n\t"
-        "adcs	x13, x9, x5\n\t"
-        "adcs	x14, x10, x6\n\t"
-        "adc	x15, x11, x7\n\t"
+        "ldp	x12, x13, [x1]\n\t"
+        "ldp	x14, x15, [x1, #16]\n\t"
+        "adds	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adc	x15, x15, x15\n\t"
         "mov	x25, #-19\n\t"
         "asr	x28, x15, #63\n\t"
         /*   Mask the modulus */
@@ -5224,562 +6263,493 @@ void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe p
         "sbcs	x13, x13, x28\n\t"
         "sbcs	x14, x14, x28\n\t"
         "sbc	x15, x15, x26\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "mov	x1, x0\n\t"
+        "sub	x0, x0, #32\n\t"
+        /* Add */
+        "adds	x8, x12, x16\n\t"
+        "adcs	x9, x13, x17\n\t"
+        "adcs	x10, x14, x19\n\t"
+        "adcs	x11, x15, x20\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Sub modulus (if overflow) */
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x8, x4\n\t"
-        "sbcs	x17, x9, x5\n\t"
-        "sbcs	x19, x10, x6\n\t"
-        "sbcs	x20, x11, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x4, x12, x16\n\t"
+        "sbcs	x5, x13, x17\n\t"
+        "sbcs	x6, x14, x19\n\t"
+        "sbcs	x7, x15, x20\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x7, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
-        "stp	x12, x13, [x0]\n\t"
-        "stp	x14, x15, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x70\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qxy2d] "+r" (qxy2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+        "subs	x4, x4, x25\n\t"
+        "sbcs	x5, x5, xzr\n\t"
+        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        "sbcs	x6, x6, xzr\n\t"
+        "sbc	x7, x7, xzr\n\t"
+        "stp	x8, x9, [x0]\n\t"
+        "stp	x10, x11, [x0, #16]\n\t"
+        "stp	x4, x5, [x1]\n\t"
+        "stp	x6, x7, [x1, #16]\n\t"
+        "ldp	x29, x30, [sp], #48\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
         :
-        : "memory", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
 }
 
-void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qxy2d, const fe qyplusx, const fe qyminusx)
+void ge_msub(ge_p1p1* r, const ge_p3* p, const ge_precomp* q)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-112]!\n\t"
+        "stp	x29, x30, [sp, #-48]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[qyminusx], [sp, #104]\n\t"
-        "str	%x[qyplusx], [sp, #96]\n\t"
-        "str	%x[qxy2d], [sp, #88]\n\t"
-        "str	%x[rx], [x29, #16]\n\t"
-        "str	%x[ry], [x29, #24]\n\t"
-        "str	%x[rz], [x29, #32]\n\t"
-        "str	%x[rt], [x29, #40]\n\t"
-        "str	%x[px], [x29, #48]\n\t"
-        "str	%x[py], [x29, #56]\n\t"
-        "str	%x[pz], [x29, #64]\n\t"
-        "str	%x[pt], [x29, #72]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
-        "ldr	x3, [x29, #48]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "str	%x[q], [x29, #32]\n\t"
+        "mov	x3, x1\n\t"
+        "add	x2, x1, #32\n\t"
+        "add	x1, x0, #32\n\t"
         /* Add */
-        "ldp	x12, x13, [x2]\n\t"
-        "ldp	x14, x15, [x2, #16]\n\t"
-        "ldp	x16, x17, [x3]\n\t"
-        "ldp	x19, x20, [x3, #16]\n\t"
-        "adds	x4, x12, x16\n\t"
-        "adcs	x5, x13, x17\n\t"
-        "adcs	x6, x14, x19\n\t"
-        "adc	x7, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x16, x8, x4\n\t"
+        "adcs	x17, x9, x5\n\t"
+        "adcs	x19, x10, x6\n\t"
+        "adcs	x20, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x20, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
+        "adds	x16, x16, x25\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Sub */
-        "subs	x8, x12, x16\n\t"
-        "sbcs	x9, x13, x17\n\t"
-        "sbcs	x10, x14, x19\n\t"
-        "sbcs	x11, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x8, x4\n\t"
+        "sbcs	x13, x9, x5\n\t"
+        "sbcs	x14, x10, x6\n\t"
+        "sbcs	x15, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x28\n\t"
-        "adcs	x10, x10, x28\n\t"
-        "adc	x11, x11, x26\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x2, [sp, #104]\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #32\n\t"
+        "mov	x1, x0\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x12, x4, x21\n\t"
-        "umulh	x13, x4, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x4, x22\n\t"
-        "umulh	x14, x4, x22\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x5, x21\n\t"
-        "umulh	x26, x5, x21\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x4, x23\n\t"
-        "umulh	x26, x4, x23\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x5, x22\n\t"
-        "umulh	x26, x5, x22\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x6, x21\n\t"
-        "umulh	x26, x6, x21\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x4, x24\n\t"
-        "umulh	x26, x4, x24\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x5, x23\n\t"
-        "umulh	x26, x5, x23\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x6, x22\n\t"
-        "umulh	x26, x6, x22\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x7, x21\n\t"
-        "umulh	x26, x7, x21\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x5, x24\n\t"
-        "umulh	x26, x5, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x6, x23\n\t"
-        "umulh	x26, x6, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x7, x22\n\t"
-        "umulh	x26, x7, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x6, x24\n\t"
-        "umulh	x26, x6, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x7, x23\n\t"
-        "umulh	x26, x7, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x7, x24\n\t"
-        "umulh	x26, x7, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x22, x16, x8\n\t"
+        "mul	x21, x16, x8\n\t"
+        /* A[2] * B[0] */
+        "umulh	x24, x19, x8\n\t"
+        "mul	x23, x19, x8\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x17, x8\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x17, x8\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x5, x17, x11\n\t"
+        "adc	x24, x24, xzr\n\t"
+        "mul	x4, x17, x11\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x16, x9\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x16, x9\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x19, x9\n\t"
+        "adcs	x24, x24, x25\n\t"
+        "umulh	x26, x19, x9\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x17, x10\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x17, x10\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x16, x10\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x16, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x17, x9\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x17, x9\n\t"
+        "adcs	x24, x24, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x20, x9\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x26, x20, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x19, x10\n\t"
+        "adds	x4, x4, x25\n\t"
+        "umulh	x26, x19, x10\n\t"
+        "adcs	x5, x5, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x20, x11\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "umulh	x7, x20, x11\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x16, x11\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x16, x11\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x19, x11\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x19, x11\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x20, x8\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x20, x8\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x20, x10\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x20, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x12, x12, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x15, x15, x26\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x13, x13, x16\n\t"
-        "adcs	x14, x14, x17\n\t"
-        "adcs	x15, x15, x19\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x15, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x15, asr 63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [sp, #96]\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
+        "sub	x2, x2, #32\n\t"
+        "add	x1, x0, #32\n\t"
+        "add	x0, x0, #32\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x1]\n\t"
-        "ldp	x23, x24, [x1, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x8, x21\n\t"
-        "umulh	x5, x8, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x8, x22\n\t"
-        "umulh	x6, x8, x22\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x5, x12, x16\n\t"
+        "mul	x4, x12, x16\n\t"
+        /* A[2] * B[0] */
+        "umulh	x7, x14, x16\n\t"
+        "mul	x6, x14, x16\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x13, x16\n\t"
         "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x9, x21\n\t"
-        "umulh	x26, x9, x21\n\t"
+        "umulh	x26, x13, x16\n\t"
+        "adcs	x6, x6, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x13, x20\n\t"
+        "adc	x7, x7, xzr\n\t"
+        "mul	x8, x13, x20\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x12, x17\n\t"
         "adds	x5, x5, x25\n\t"
+        "umulh	x26, x12, x17\n\t"
         "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x8, x23\n\t"
-        "umulh	x26, x8, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x9, x22\n\t"
-        "umulh	x26, x9, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x14, x17\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "umulh	x26, x14, x17\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x13, x19\n\t"
+        "adds	x7, x7, x25\n\t"
+        "umulh	x26, x13, x19\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x12, x19\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x12, x19\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x10, x21\n\t"
-        "umulh	x26, x10, x21\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x13, x17\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x13, x17\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x8, x24\n\t"
-        "umulh	x26, x8, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x9, x23\n\t"
-        "umulh	x26, x9, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x10, x22\n\t"
-        "umulh	x26, x10, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x15, x17\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x15, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x14, x19\n\t"
+        "adds	x8, x8, x25\n\t"
+        "umulh	x26, x14, x19\n\t"
+        "adcs	x9, x9, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x15, x20\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x15, x20\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x12, x20\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x11, x21\n\t"
-        "umulh	x26, x11, x21\n\t"
+        "umulh	x26, x12, x20\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x14, x20\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x14, x20\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x15, x16\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x9, x24\n\t"
-        "umulh	x26, x9, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x10, x23\n\t"
-        "umulh	x26, x10, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x11, x22\n\t"
-        "umulh	x26, x11, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x10, x24\n\t"
-        "umulh	x26, x10, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x11, x23\n\t"
-        "umulh	x26, x11, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x11, x24\n\t"
-        "umulh	x26, x11, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "umulh	x26, x15, x16\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x15, x19\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x15, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x4, x4, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x5, x5, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x16\n\t"
-        "adcs	x6, x6, x17\n\t"
-        "adcs	x7, x7, x19\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x7, x7, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x7, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x8\n\t"
+        "adds	x4, x4, x26\n\t"
+        "umulh	x8, x25, x8\n\t"
+        "mul	x26, x25, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x9, x25, x9\n\t"
+        "mul	x26, x25, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "umulh	x10, x25, x10\n\t"
         "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [x29, #16]\n\t"
+        "adcs	x5, x5, x8\n\t"
+        "adcs	x6, x6, x9\n\t"
+        "adc	x7, x7, x10\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Add */
-        "adds	x8, x12, x4\n\t"
-        "adcs	x9, x13, x5\n\t"
-        "adcs	x10, x14, x6\n\t"
-        "adc	x11, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "adds	x8, x21, x4\n\t"
+        "adcs	x9, x22, x5\n\t"
+        "adcs	x10, x23, x6\n\t"
+        "adcs	x11, x24, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x12, x4\n\t"
-        "sbcs	x17, x13, x5\n\t"
-        "sbcs	x19, x14, x6\n\t"
-        "sbcs	x20, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x21, x4\n\t"
+        "sbcs	x13, x22, x5\n\t"
+        "sbcs	x14, x23, x6\n\t"
+        "sbcs	x15, x24, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
         "stp	x8, x9, [x0]\n\t"
         "stp	x10, x11, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [sp, #88]\n\t"
-        "ldr	x3, [x29, #72]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldr	x1, [x29, #24]\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #0x40\n\t"
+        "add	x1, x1, #0x60\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x16, x17, [x1]\n\t"
-        "ldp	x19, x20, [x1, #16]\n\t"
-        "ldp	x21, x22, [x3]\n\t"
-        "ldp	x23, x24, [x3, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x16, x21\n\t"
-        "umulh	x5, x16, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x16, x22\n\t"
-        "umulh	x6, x16, x22\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x17, x21\n\t"
-        "umulh	x26, x17, x21\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x16, x23\n\t"
-        "umulh	x26, x16, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x17, x22\n\t"
-        "umulh	x26, x17, x22\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x19, x21\n\t"
-        "umulh	x26, x19, x21\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x16, x24\n\t"
-        "umulh	x26, x16, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x17, x23\n\t"
-        "umulh	x26, x17, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x19, x22\n\t"
-        "umulh	x26, x19, x22\n\t"
-        "adds	x7, x7, x25\n\t"
+        "ldp	x21, x22, [x1]\n\t"
+        "ldp	x23, x24, [x1, #16]\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x17, x21, x4\n\t"
+        "mul	x16, x21, x4\n\t"
+        /* A[2] * B[0] */
+        "umulh	x20, x23, x4\n\t"
+        "mul	x19, x23, x4\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x22, x4\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x22, x4\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x22, x7\n\t"
+        "adc	x20, x20, xzr\n\t"
+        "mul	x8, x22, x7\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x21, x5\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x21, x5\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x23, x5\n\t"
+        "adcs	x20, x20, x25\n\t"
+        "umulh	x26, x23, x5\n\t"
         "adcs	x8, x8, x26\n\t"
         "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x20, x21\n\t"
-        "umulh	x26, x20, x21\n\t"
-        "adds	x7, x7, x25\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x22, x6\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x22, x6\n\t"
         "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x17, x24\n\t"
-        "umulh	x26, x17, x24\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
         "adc	x10, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x19, x23\n\t"
-        "umulh	x26, x19, x23\n\t"
-        "adds	x8, x8, x25\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x21, x6\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x21, x6\n\t"
+        "adcs	x20, x20, x26\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x22, x5\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x22, x5\n\t"
+        "adcs	x20, x20, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x24, x5\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x24, x5\n\t"
         "adcs	x9, x9, x26\n\t"
         "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x20, x22\n\t"
-        "umulh	x26, x20, x22\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x23, x6\n\t"
         "adds	x8, x8, x25\n\t"
+        "umulh	x26, x23, x6\n\t"
         "adcs	x9, x9, x26\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x19, x24\n\t"
-        "umulh	x26, x19, x24\n\t"
-        "adds	x9, x9, x25\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x24, x7\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x24, x7\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x21, x7\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x21, x7\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x23, x7\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x23, x7\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x20, x23\n\t"
-        "umulh	x26, x20, x23\n\t"
-        "adds	x9, x9, x25\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x24, x4\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x24, x4\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x24, x6\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x24, x6\n\t"
         "adcs	x10, x10, x26\n\t"
         "adc	x11, x11, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x20, x24\n\t"
-        "umulh	x26, x20, x24\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x20, x20, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
+        "adc	x27, x27, xzr\n\t"
         "mov	x25, #19\n\t"
+        "extr	x27, x27, x20, #63\n\t"
+        "mul	x27, x27, x25\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
         "mul	x26, x25, x8\n\t"
+        "adds	x16, x16, x26\n\t"
         "umulh	x8, x25, x8\n\t"
-        "adds	x4, x4, x26\n\t"
         "mul	x26, x25, x9\n\t"
+        "adcs	x17, x17, x26\n\t"
         "umulh	x9, x25, x9\n\t"
-        "adcs	x5, x5, x26\n\t"
         "mul	x26, x25, x10\n\t"
+        "adcs	x19, x19, x26\n\t"
         "umulh	x10, x25, x10\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
-        "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x1, [x29, #64]\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x16, x16, x27\n\t"
+        "adcs	x17, x17, x8\n\t"
+        "adcs	x19, x19, x9\n\t"
+        "adc	x20, x20, x10\n\t"
+        "sub	x1, x1, #32\n\t"
         /* Double */
-        "ldp	x8, x9, [x1]\n\t"
-        "ldp	x10, x11, [x1, #16]\n\t"
-        "adds	x8, x8, x8\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adc	x11, x11, x11\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
-        "ldr	x1, [x29, #40]\n\t"
-        /* Add */
-        "adds	x12, x8, x4\n\t"
-        "adcs	x13, x9, x5\n\t"
-        "adcs	x14, x10, x6\n\t"
-        "adc	x15, x11, x7\n\t"
+        "ldp	x12, x13, [x1]\n\t"
+        "ldp	x14, x15, [x1, #16]\n\t"
+        "adds	x12, x12, x12\n\t"
+        "adcs	x13, x13, x13\n\t"
+        "adcs	x14, x14, x14\n\t"
+        "adc	x15, x15, x15\n\t"
         "mov	x25, #-19\n\t"
         "asr	x28, x15, #63\n\t"
         /*   Mask the modulus */
@@ -5790,1444 +6760,1774 @@ void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe p
         "sbcs	x13, x13, x28\n\t"
         "sbcs	x14, x14, x28\n\t"
         "sbc	x15, x15, x26\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "sub	x1, x0, #32\n\t"
+        /* Add */
+        "adds	x8, x12, x16\n\t"
+        "adcs	x9, x13, x17\n\t"
+        "adcs	x10, x14, x19\n\t"
+        "adcs	x11, x15, x20\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Sub modulus (if overflow) */
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x8, x4\n\t"
-        "sbcs	x17, x9, x5\n\t"
-        "sbcs	x19, x10, x6\n\t"
-        "sbcs	x20, x11, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x4, x12, x16\n\t"
+        "sbcs	x5, x13, x17\n\t"
+        "sbcs	x6, x14, x19\n\t"
+        "sbcs	x7, x15, x20\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x7, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
-        "stp	x12, x13, [x1]\n\t"
-        "stp	x14, x15, [x1, #16]\n\t"
-        "stp	x16, x17, [x0]\n\t"
-        "stp	x19, x20, [x0, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x70\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qxy2d] "+r" (qxy2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+        "subs	x4, x4, x25\n\t"
+        "sbcs	x5, x5, xzr\n\t"
+        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        "sbcs	x6, x6, xzr\n\t"
+        "sbc	x7, x7, xzr\n\t"
+        "stp	x8, x9, [x0]\n\t"
+        "stp	x10, x11, [x0, #16]\n\t"
+        "stp	x4, x5, [x1]\n\t"
+        "stp	x6, x7, [x1, #16]\n\t"
+        "ldp	x29, x30, [sp], #48\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
         :
-        : "memory", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
 }
 
-void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qz, const fe qt2d, const fe qyplusx, const fe qyminusx)
+void ge_add(ge_p1p1* r, const ge_p3* p, const ge_cached* q)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-128]!\n\t"
+        "stp	x29, x30, [sp, #-48]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[qyminusx], [sp, #120]\n\t"
-        "str	%x[qyplusx], [sp, #112]\n\t"
-        "str	%x[qt2d], [sp, #104]\n\t"
-        "str	%x[qz], [sp, #96]\n\t"
-        "str	%x[rx], [x29, #16]\n\t"
-        "str	%x[ry], [x29, #24]\n\t"
-        "str	%x[rz], [x29, #32]\n\t"
-        "str	%x[rt], [x29, #40]\n\t"
-        "str	%x[px], [x29, #48]\n\t"
-        "str	%x[py], [x29, #56]\n\t"
-        "str	%x[pz], [x29, #64]\n\t"
-        "str	%x[pt], [x29, #72]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
-        "ldr	x3, [x29, #48]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "str	%x[q], [x29, #32]\n\t"
+        "mov	x3, x1\n\t"
+        "add	x2, x1, #32\n\t"
+        "add	x1, x0, #32\n\t"
         /* Add */
-        "ldp	x12, x13, [x2]\n\t"
-        "ldp	x14, x15, [x2, #16]\n\t"
-        "ldp	x16, x17, [x3]\n\t"
-        "ldp	x19, x20, [x3, #16]\n\t"
-        "adds	x4, x12, x16\n\t"
-        "adcs	x5, x13, x17\n\t"
-        "adcs	x6, x14, x19\n\t"
-        "adc	x7, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x16, x8, x4\n\t"
+        "adcs	x17, x9, x5\n\t"
+        "adcs	x19, x10, x6\n\t"
+        "adcs	x20, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x20, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
+        "adds	x16, x16, x25\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Sub */
-        "subs	x8, x12, x16\n\t"
-        "sbcs	x9, x13, x17\n\t"
-        "sbcs	x10, x14, x19\n\t"
-        "sbcs	x11, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x8, x4\n\t"
+        "sbcs	x13, x9, x5\n\t"
+        "sbcs	x14, x10, x6\n\t"
+        "sbcs	x15, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x28\n\t"
-        "adcs	x10, x10, x28\n\t"
-        "adc	x11, x11, x26\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x2, [sp, #112]\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "mov	x1, x0\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x12, x4, x21\n\t"
-        "umulh	x13, x4, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x4, x22\n\t"
-        "umulh	x14, x4, x22\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x5, x21\n\t"
-        "umulh	x26, x5, x21\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x4, x23\n\t"
-        "umulh	x26, x4, x23\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x5, x22\n\t"
-        "umulh	x26, x5, x22\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x6, x21\n\t"
-        "umulh	x26, x6, x21\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x4, x24\n\t"
-        "umulh	x26, x4, x24\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x5, x23\n\t"
-        "umulh	x26, x5, x23\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x6, x22\n\t"
-        "umulh	x26, x6, x22\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x7, x21\n\t"
-        "umulh	x26, x7, x21\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x5, x24\n\t"
-        "umulh	x26, x5, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x6, x23\n\t"
-        "umulh	x26, x6, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x7, x22\n\t"
-        "umulh	x26, x7, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x6, x24\n\t"
-        "umulh	x26, x6, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x7, x23\n\t"
-        "umulh	x26, x7, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x7, x24\n\t"
-        "umulh	x26, x7, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x22, x16, x8\n\t"
+        "mul	x21, x16, x8\n\t"
+        /* A[2] * B[0] */
+        "umulh	x24, x19, x8\n\t"
+        "mul	x23, x19, x8\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x17, x8\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x17, x8\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x5, x17, x11\n\t"
+        "adc	x24, x24, xzr\n\t"
+        "mul	x4, x17, x11\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x16, x9\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x16, x9\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x19, x9\n\t"
+        "adcs	x24, x24, x25\n\t"
+        "umulh	x26, x19, x9\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x17, x10\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x17, x10\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x16, x10\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x16, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x17, x9\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x17, x9\n\t"
+        "adcs	x24, x24, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x20, x9\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x26, x20, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x19, x10\n\t"
+        "adds	x4, x4, x25\n\t"
+        "umulh	x26, x19, x10\n\t"
+        "adcs	x5, x5, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x20, x11\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "umulh	x7, x20, x11\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x16, x11\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x16, x11\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x19, x11\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x19, x11\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x20, x8\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x20, x8\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x20, x10\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x20, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x12, x12, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x15, x15, x26\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x13, x13, x16\n\t"
-        "adcs	x14, x14, x17\n\t"
-        "adcs	x15, x15, x19\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x15, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x15, asr 63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
         /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [sp, #120]\n\t"
+        "stp	x21, x22, [x0]\n\t"
+        "stp	x23, x24, [x0, #16]\n\t"
+        "add	x2, x2, #32\n\t"
+        "add	x1, x0, #32\n\t"
+        "add	x0, x0, #32\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x1]\n\t"
-        "ldp	x23, x24, [x1, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x8, x21\n\t"
-        "umulh	x5, x8, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x8, x22\n\t"
-        "umulh	x6, x8, x22\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x5, x12, x16\n\t"
+        "mul	x4, x12, x16\n\t"
+        /* A[2] * B[0] */
+        "umulh	x7, x14, x16\n\t"
+        "mul	x6, x14, x16\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x13, x16\n\t"
         "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x9, x21\n\t"
-        "umulh	x26, x9, x21\n\t"
+        "umulh	x26, x13, x16\n\t"
+        "adcs	x6, x6, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x13, x20\n\t"
+        "adc	x7, x7, xzr\n\t"
+        "mul	x8, x13, x20\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x12, x17\n\t"
         "adds	x5, x5, x25\n\t"
+        "umulh	x26, x12, x17\n\t"
         "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x8, x23\n\t"
-        "umulh	x26, x8, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x9, x22\n\t"
-        "umulh	x26, x9, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x14, x17\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "umulh	x26, x14, x17\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x13, x19\n\t"
+        "adds	x7, x7, x25\n\t"
+        "umulh	x26, x13, x19\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x12, x19\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x12, x19\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x10, x21\n\t"
-        "umulh	x26, x10, x21\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x13, x17\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x13, x17\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x8, x24\n\t"
-        "umulh	x26, x8, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x9, x23\n\t"
-        "umulh	x26, x9, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x10, x22\n\t"
-        "umulh	x26, x10, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x15, x17\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x15, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x14, x19\n\t"
+        "adds	x8, x8, x25\n\t"
+        "umulh	x26, x14, x19\n\t"
+        "adcs	x9, x9, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x15, x20\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x15, x20\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x12, x20\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x11, x21\n\t"
-        "umulh	x26, x11, x21\n\t"
+        "umulh	x26, x12, x20\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x14, x20\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x14, x20\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x15, x16\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x9, x24\n\t"
-        "umulh	x26, x9, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x10, x23\n\t"
-        "umulh	x26, x10, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x11, x22\n\t"
-        "umulh	x26, x11, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x10, x24\n\t"
-        "umulh	x26, x10, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x11, x23\n\t"
-        "umulh	x26, x11, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x11, x24\n\t"
-        "umulh	x26, x11, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "umulh	x26, x15, x16\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x15, x19\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x15, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x4, x4, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x5, x5, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x16\n\t"
-        "adcs	x6, x6, x17\n\t"
-        "adcs	x7, x7, x19\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x7, x7, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x7, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x8\n\t"
+        "adds	x4, x4, x26\n\t"
+        "umulh	x8, x25, x8\n\t"
+        "mul	x26, x25, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x9, x25, x9\n\t"
+        "mul	x26, x25, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "umulh	x10, x25, x10\n\t"
         "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "adcs	x5, x5, x8\n\t"
+        "adcs	x6, x6, x9\n\t"
+        "adc	x7, x7, x10\n\t"
         /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [x29, #16]\n\t"
+        "stp	x4, x5, [x0]\n\t"
+        "stp	x6, x7, [x0, #16]\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Add */
-        "adds	x8, x12, x4\n\t"
-        "adcs	x9, x13, x5\n\t"
-        "adcs	x10, x14, x6\n\t"
-        "adc	x11, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "adds	x8, x21, x4\n\t"
+        "adcs	x9, x22, x5\n\t"
+        "adcs	x10, x23, x6\n\t"
+        "adcs	x11, x24, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x12, x4\n\t"
-        "sbcs	x17, x13, x5\n\t"
-        "sbcs	x19, x14, x6\n\t"
-        "sbcs	x20, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x21, x4\n\t"
+        "sbcs	x13, x22, x5\n\t"
+        "sbcs	x14, x23, x6\n\t"
+        "sbcs	x15, x24, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
         "stp	x8, x9, [x0]\n\t"
         "stp	x10, x11, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldr	x0, [x29, #48]\n\t"
-        "ldr	x1, [x29, #64]\n\t"
-        "ldr	x2, [sp, #96]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldr	x1, [x29, #24]\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #0x60\n\t"
+        "add	x1, x1, #0x60\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x12, x13, [x1]\n\t"
-        "ldp	x14, x15, [x1, #16]\n\t"
-        "ldp	x16, x17, [x2]\n\t"
-        "ldp	x19, x20, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x12, x16\n\t"
-        "umulh	x5, x12, x16\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x12, x17\n\t"
-        "umulh	x6, x12, x17\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x13, x16\n\t"
-        "umulh	x26, x13, x16\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x12, x19\n\t"
-        "umulh	x26, x12, x19\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x13, x17\n\t"
-        "umulh	x26, x13, x17\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x14, x16\n\t"
-        "umulh	x26, x14, x16\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x12, x20\n\t"
-        "umulh	x26, x12, x20\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x13, x19\n\t"
-        "umulh	x26, x13, x19\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x14, x17\n\t"
-        "umulh	x26, x14, x17\n\t"
-        "adds	x7, x7, x25\n\t"
+        "ldp	x21, x22, [x1]\n\t"
+        "ldp	x23, x24, [x1, #16]\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x17, x21, x4\n\t"
+        "mul	x16, x21, x4\n\t"
+        /* A[2] * B[0] */
+        "umulh	x20, x23, x4\n\t"
+        "mul	x19, x23, x4\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x22, x4\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x22, x4\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x22, x7\n\t"
+        "adc	x20, x20, xzr\n\t"
+        "mul	x8, x22, x7\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x21, x5\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x21, x5\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x23, x5\n\t"
+        "adcs	x20, x20, x25\n\t"
+        "umulh	x26, x23, x5\n\t"
         "adcs	x8, x8, x26\n\t"
         "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x15, x16\n\t"
-        "umulh	x26, x15, x16\n\t"
-        "adds	x7, x7, x25\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x22, x6\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x22, x6\n\t"
         "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x13, x20\n\t"
-        "umulh	x26, x13, x20\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
         "adc	x10, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x14, x19\n\t"
-        "umulh	x26, x14, x19\n\t"
-        "adds	x8, x8, x25\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x21, x6\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x21, x6\n\t"
+        "adcs	x20, x20, x26\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x22, x5\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x22, x5\n\t"
+        "adcs	x20, x20, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x24, x5\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x24, x5\n\t"
         "adcs	x9, x9, x26\n\t"
         "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x15, x17\n\t"
-        "umulh	x26, x15, x17\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x23, x6\n\t"
         "adds	x8, x8, x25\n\t"
+        "umulh	x26, x23, x6\n\t"
         "adcs	x9, x9, x26\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x14, x20\n\t"
-        "umulh	x26, x14, x20\n\t"
-        "adds	x9, x9, x25\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x24, x7\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x24, x7\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x21, x7\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x21, x7\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x23, x7\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x23, x7\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x15, x19\n\t"
-        "umulh	x26, x15, x19\n\t"
-        "adds	x9, x9, x25\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x24, x4\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x24, x4\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x24, x6\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x24, x6\n\t"
         "adcs	x10, x10, x26\n\t"
         "adc	x11, x11, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x15, x20\n\t"
-        "umulh	x26, x15, x20\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x20, x20, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
+        "adc	x27, x27, xzr\n\t"
         "mov	x25, #19\n\t"
+        "extr	x27, x27, x20, #63\n\t"
+        "mul	x27, x27, x25\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
         "mul	x26, x25, x8\n\t"
+        "adds	x16, x16, x26\n\t"
         "umulh	x8, x25, x8\n\t"
-        "adds	x4, x4, x26\n\t"
         "mul	x26, x25, x9\n\t"
+        "adcs	x17, x17, x26\n\t"
         "umulh	x9, x25, x9\n\t"
-        "adcs	x5, x5, x26\n\t"
         "mul	x26, x25, x10\n\t"
+        "adcs	x19, x19, x26\n\t"
         "umulh	x10, x25, x10\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
-        "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x16, x16, x27\n\t"
+        "adcs	x17, x17, x8\n\t"
+        "adcs	x19, x19, x9\n\t"
+        "adc	x20, x20, x10\n\t"
         /* Store */
-        "ldr	x0, [x29, #48]\n\t"
-        /* Double */
-        "adds	x4, x4, x4\n\t"
-        "adcs	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [sp, #104]\n\t"
-        "ldr	x2, [x29, #72]\n\t"
+        "stp	x16, x17, [x0]\n\t"
+        "stp	x19, x20, [x0, #16]\n\t"
+        "sub	x3, x2, #32\n\t"
+        "sub	x2, x1, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Multiply */
-        "ldp	x16, x17, [x1]\n\t"
-        "ldp	x19, x20, [x1, #16]\n\t"
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x8, x16, x21\n\t"
-        "umulh	x9, x16, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x16, x22\n\t"
-        "umulh	x10, x16, x22\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        "ldp	x12, x13, [x3]\n\t"
+        "ldp	x14, x15, [x3, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x9, x4, x12\n\t"
+        "mul	x8, x4, x12\n\t"
+        /* A[2] * B[0] */
+        "umulh	x11, x6, x12\n\t"
+        "mul	x10, x6, x12\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x5, x12\n\t"
         "adds	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x17, x21\n\t"
-        "umulh	x26, x17, x21\n\t"
+        "umulh	x26, x5, x12\n\t"
+        "adcs	x10, x10, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x17, x5, x15\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "mul	x16, x5, x15\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x4, x13\n\t"
         "adds	x9, x9, x25\n\t"
+        "umulh	x26, x4, x13\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x16, x23\n\t"
-        "umulh	x26, x16, x23\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x17, x22\n\t"
-        "umulh	x26, x17, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x6, x13\n\t"
+        "adcs	x11, x11, x25\n\t"
+        "umulh	x26, x6, x13\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x5, x14\n\t"
+        "adds	x11, x11, x25\n\t"
+        "umulh	x26, x5, x14\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x4, x14\n\t"
         "adds	x10, x10, x25\n\t"
+        "umulh	x26, x4, x14\n\t"
         "adcs	x11, x11, x26\n\t"
-        "adc	x12, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x19, x21\n\t"
-        "umulh	x26, x19, x21\n\t"
+        "adcs	x16, x16, xzr\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adc	x19, x19, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x5, x13\n\t"
         "adds	x10, x10, x25\n\t"
+        "umulh	x26, x5, x13\n\t"
         "adcs	x11, x11, x26\n\t"
-        "adc	x12, x12, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x16, x24\n\t"
-        "umulh	x26, x16, x24\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x17, x23\n\t"
-        "umulh	x26, x17, x23\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x19, x22\n\t"
-        "umulh	x26, x19, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x7, x13\n\t"
+        "adcs	x16, x16, x25\n\t"
+        "umulh	x26, x7, x13\n\t"
+        "adcs	x17, x17, x26\n\t"
+        "adc	x19, x19, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x6, x14\n\t"
+        "adds	x16, x16, x25\n\t"
+        "umulh	x26, x6, x14\n\t"
+        "adcs	x17, x17, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x7, x15\n\t"
+        "adcs	x19, x19, x25\n\t"
+        "umulh	x20, x7, x15\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x4, x15\n\t"
         "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x20, x21\n\t"
-        "umulh	x26, x20, x21\n\t"
+        "umulh	x26, x4, x15\n\t"
+        "adcs	x16, x16, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x6, x15\n\t"
+        "adcs	x17, x17, x25\n\t"
+        "umulh	x26, x6, x15\n\t"
+        "adcs	x19, x19, x26\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x7, x12\n\t"
         "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x17, x24\n\t"
-        "umulh	x26, x17, x24\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x19, x23\n\t"
-        "umulh	x26, x19, x23\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x20, x22\n\t"
-        "umulh	x26, x20, x22\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x19, x24\n\t"
-        "umulh	x26, x19, x24\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x20, x23\n\t"
-        "umulh	x26, x20, x23\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x20, x24\n\t"
-        "umulh	x26, x20, x24\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
+        "umulh	x26, x7, x12\n\t"
+        "adcs	x16, x16, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x7, x14\n\t"
+        "adcs	x17, x17, x25\n\t"
+        "umulh	x26, x7, x14\n\t"
+        "adcs	x19, x19, x26\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x15, x15, x14, #63\n\t"
-        "extr	x14, x14, x13, #63\n\t"
-        "extr	x13, x13, x12, #63\n\t"
-        "extr	x12, x12, x11, #63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x12\n\t"
-        "umulh	x12, x25, x12\n\t"
-        "adds	x8, x8, x26\n\t"
-        "mul	x26, x25, x13\n\t"
-        "umulh	x13, x25, x13\n\t"
-        "adcs	x9, x9, x26\n\t"
-        "mul	x26, x25, x14\n\t"
-        "umulh	x14, x25, x14\n\t"
-        "adcs	x10, x10, x26\n\t"
-        "mul	x26, x25, x15\n\t"
-        "umulh	x27, x25, x15\n\t"
-        "adcs	x11, x11, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x9, x9, x12\n\t"
-        "adcs	x10, x10, x13\n\t"
-        "adcs	x11, x11, x14\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x20\n\t"
+        "adds	x11, x11, x26\n\t"
+        "umulh	x27, x25, x20\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x11, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x11, x11, #0x7fffffffffffffff\n\t"
-        "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x16\n\t"
+        "adds	x8, x8, x26\n\t"
+        "umulh	x16, x25, x16\n\t"
+        "mul	x26, x25, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "umulh	x17, x25, x17\n\t"
+        "mul	x26, x25, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "umulh	x19, x25, x19\n\t"
         "adc	x11, x11, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x11, asr 63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x1, [x29, #40]\n\t"
-        /* Add */
-        "adds	x12, x4, x8\n\t"
-        "adcs	x13, x5, x9\n\t"
-        "adcs	x14, x6, x10\n\t"
-        "adc	x15, x7, x11\n\t"
+        "adcs	x9, x9, x16\n\t"
+        "adcs	x10, x10, x17\n\t"
+        "adc	x11, x11, x19\n\t"
+        /* Double */
+        "adds	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
+        "adcs	x10, x10, x10\n\t"
+        "adc	x11, x11, x11\n\t"
         "mov	x25, #-19\n\t"
-        "asr	x28, x15, #63\n\t"
+        "asr	x28, x11, #63\n\t"
         /*   Mask the modulus */
         "and	x25, x28, x25\n\t"
         "and	x26, x28, #0x7fffffffffffffff\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x12, x12, x25\n\t"
-        "sbcs	x13, x13, x28\n\t"
-        "sbcs	x14, x14, x28\n\t"
-        "sbc	x15, x15, x26\n\t"
+        "subs	x8, x8, x25\n\t"
+        "sbcs	x9, x9, x28\n\t"
+        "sbcs	x10, x10, x28\n\t"
+        "sbc	x11, x11, x26\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "mov	x1, x0\n\t"
+        "sub	x0, x0, #32\n\t"
+        /* Add */
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x21, x8, x4\n\t"
+        "adcs	x22, x9, x5\n\t"
+        "adcs	x23, x10, x6\n\t"
+        "adcs	x24, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x24, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Sub modulus (if overflow) */
+        "adds	x21, x21, x25\n\t"
+        "adcs	x22, x22, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "adcs	x23, x23, xzr\n\t"
+        "adc	x24, x24, xzr\n\t"
         /* Sub */
-        "subs	x16, x4, x8\n\t"
-        "sbcs	x17, x5, x9\n\t"
-        "sbcs	x19, x6, x10\n\t"
-        "sbcs	x20, x7, x11\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x8, x4\n\t"
+        "sbcs	x13, x9, x5\n\t"
+        "sbcs	x14, x10, x6\n\t"
+        "sbcs	x15, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
-        "stp	x12, x13, [x0]\n\t"
-        "stp	x14, x15, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x80\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qz] "+r" (qz), [qt2d] "+r" (qt2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "stp	x21, x22, [x0]\n\t"
+        "stp	x23, x24, [x0, #16]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldp	x29, x30, [sp], #48\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
         :
-        : "memory", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
     );
 }
 
-void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px, const fe py, const fe pz, const fe pt, const fe qz, const fe qt2d, const fe qyplusx, const fe qyminusx)
+void ge_sub(ge_p1p1* r, const ge_p3* p, const ge_cached* q)
 {
     __asm__ __volatile__ (
-        "stp	x29, x30, [sp, #-128]!\n\t"
+        "stp	x29, x30, [sp, #-48]!\n\t"
         "add	x29, sp, #0\n\t"
-        "str	%x[qyminusx], [sp, #120]\n\t"
-        "str	%x[qyplusx], [sp, #112]\n\t"
-        "str	%x[qt2d], [sp, #104]\n\t"
-        "str	%x[qz], [sp, #96]\n\t"
-        "str	%x[rx], [x29, #16]\n\t"
-        "str	%x[ry], [x29, #24]\n\t"
-        "str	%x[rz], [x29, #32]\n\t"
-        "str	%x[rt], [x29, #40]\n\t"
-        "str	%x[px], [x29, #48]\n\t"
-        "str	%x[py], [x29, #56]\n\t"
-        "str	%x[pz], [x29, #64]\n\t"
-        "str	%x[pt], [x29, #72]\n\t"
-        "ldr	x2, [x29, #56]\n\t"
-        "ldr	x3, [x29, #48]\n\t"
+        "str	%x[r], [x29, #16]\n\t"
+        "str	%x[p], [x29, #24]\n\t"
+        "str	%x[q], [x29, #32]\n\t"
+        "mov	x3, x1\n\t"
+        "add	x2, x1, #32\n\t"
+        "add	x1, x0, #32\n\t"
         /* Add */
-        "ldp	x12, x13, [x2]\n\t"
-        "ldp	x14, x15, [x2, #16]\n\t"
-        "ldp	x16, x17, [x3]\n\t"
-        "ldp	x19, x20, [x3, #16]\n\t"
-        "adds	x4, x12, x16\n\t"
-        "adcs	x5, x13, x17\n\t"
-        "adcs	x6, x14, x19\n\t"
-        "adc	x7, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x16, x8, x4\n\t"
+        "adcs	x17, x9, x5\n\t"
+        "adcs	x19, x10, x6\n\t"
+        "adcs	x20, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x20, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
+        "adds	x16, x16, x25\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Sub */
-        "subs	x8, x12, x16\n\t"
-        "sbcs	x9, x13, x17\n\t"
-        "sbcs	x10, x14, x19\n\t"
-        "sbcs	x11, x15, x20\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x8, x4\n\t"
+        "sbcs	x13, x9, x5\n\t"
+        "sbcs	x14, x10, x6\n\t"
+        "sbcs	x15, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x28\n\t"
-        "adcs	x10, x10, x28\n\t"
-        "adc	x11, x11, x26\n\t"
-        "ldr	x0, [x29, #32]\n\t"
-        "ldr	x2, [sp, #120]\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #32\n\t"
+        "mov	x1, x0\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x12, x4, x21\n\t"
-        "umulh	x13, x4, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x4, x22\n\t"
-        "umulh	x14, x4, x22\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x5, x21\n\t"
-        "umulh	x26, x5, x21\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x4, x23\n\t"
-        "umulh	x26, x4, x23\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x5, x22\n\t"
-        "umulh	x26, x5, x22\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x6, x21\n\t"
-        "umulh	x26, x6, x21\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adcs	x15, x15, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x4, x24\n\t"
-        "umulh	x26, x4, x24\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x5, x23\n\t"
-        "umulh	x26, x5, x23\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x6, x22\n\t"
-        "umulh	x26, x6, x22\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x7, x21\n\t"
-        "umulh	x26, x7, x21\n\t"
-        "adds	x15, x15, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x5, x24\n\t"
-        "umulh	x26, x5, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x6, x23\n\t"
-        "umulh	x26, x6, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x7, x22\n\t"
-        "umulh	x26, x7, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x6, x24\n\t"
-        "umulh	x26, x6, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x7, x23\n\t"
-        "umulh	x26, x7, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x7, x24\n\t"
-        "umulh	x26, x7, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "ldp	x8, x9, [x2]\n\t"
+        "ldp	x10, x11, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x22, x16, x8\n\t"
+        "mul	x21, x16, x8\n\t"
+        /* A[2] * B[0] */
+        "umulh	x24, x19, x8\n\t"
+        "mul	x23, x19, x8\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x17, x8\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x17, x8\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x5, x17, x11\n\t"
+        "adc	x24, x24, xzr\n\t"
+        "mul	x4, x17, x11\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x16, x9\n\t"
+        "adds	x22, x22, x25\n\t"
+        "umulh	x26, x16, x9\n\t"
+        "adcs	x23, x23, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x19, x9\n\t"
+        "adcs	x24, x24, x25\n\t"
+        "umulh	x26, x19, x9\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adc	x5, x5, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x17, x10\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x17, x10\n\t"
+        "adcs	x4, x4, x26\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x16, x10\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x16, x10\n\t"
+        "adcs	x24, x24, x26\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "adcs	x5, x5, xzr\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x17, x9\n\t"
+        "adds	x23, x23, x25\n\t"
+        "umulh	x26, x17, x9\n\t"
+        "adcs	x24, x24, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x20, x9\n\t"
+        "adcs	x4, x4, x25\n\t"
+        "umulh	x26, x20, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "adc	x6, x6, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x19, x10\n\t"
+        "adds	x4, x4, x25\n\t"
+        "umulh	x26, x19, x10\n\t"
+        "adcs	x5, x5, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x20, x11\n\t"
+        "adcs	x6, x6, x25\n\t"
+        "umulh	x7, x20, x11\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x16, x11\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x16, x11\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x19, x11\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x19, x11\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x20, x8\n\t"
+        "adds	x24, x24, x25\n\t"
+        "umulh	x26, x20, x8\n\t"
+        "adcs	x4, x4, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x20, x10\n\t"
+        "adcs	x5, x5, x25\n\t"
+        "umulh	x26, x20, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "adc	x7, x7, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x15, #63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x12, x12, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x15, x15, x26\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x7\n\t"
+        "adds	x24, x24, x26\n\t"
+        "umulh	x27, x25, x7\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x13, x13, x16\n\t"
-        "adcs	x14, x14, x17\n\t"
-        "adcs	x15, x15, x19\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x15, #63\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x27, x27, x24, #63\n\t"
         "mul	x27, x27, x25\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x4\n\t"
+        "adds	x21, x21, x26\n\t"
+        "umulh	x4, x25, x4\n\t"
+        "mul	x26, x25, x5\n\t"
+        "adcs	x22, x22, x26\n\t"
+        "umulh	x5, x25, x5\n\t"
+        "mul	x26, x25, x6\n\t"
+        "adcs	x23, x23, x26\n\t"
+        "umulh	x6, x25, x6\n\t"
+        "adc	x24, x24, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x21, x21, x27\n\t"
+        "adcs	x22, x22, x4\n\t"
+        "adcs	x23, x23, x5\n\t"
+        "adc	x24, x24, x6\n\t"
         /* Reduce if top bit set */
-        "and	x27, x25, x15, asr 63\n\t"
-        "and	x15, x15, #0x7fffffffffffffff\n\t"
-        "adds	x12, x12, x27\n\t"
-        "adcs	x13, x13, xzr\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adc	x15, x15, xzr\n\t"
+        "mov	x25, #19\n\t"
+        "and	x26, x25, x24, asr 63\n\t"
+        "adds	x21, x21, x26\n\t"
+        "adcs	x22, x22, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "adcs	x23, x23, xzr\n\t"
+        "adc	x24, x24, xzr\n\t"
         /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [sp, #112]\n\t"
+        "stp	x21, x22, [x0]\n\t"
+        "stp	x23, x24, [x0, #16]\n\t"
+        "sub	x2, x2, #32\n\t"
+        "add	x1, x0, #32\n\t"
+        "add	x0, x0, #32\n\t"
         /* Multiply */
-        "ldp	x21, x22, [x1]\n\t"
-        "ldp	x23, x24, [x1, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x8, x21\n\t"
-        "umulh	x5, x8, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x8, x22\n\t"
-        "umulh	x6, x8, x22\n\t"
+        "ldp	x16, x17, [x2]\n\t"
+        "ldp	x19, x20, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x5, x12, x16\n\t"
+        "mul	x4, x12, x16\n\t"
+        /* A[2] * B[0] */
+        "umulh	x7, x14, x16\n\t"
+        "mul	x6, x14, x16\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x13, x16\n\t"
         "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x9, x21\n\t"
-        "umulh	x26, x9, x21\n\t"
+        "umulh	x26, x13, x16\n\t"
+        "adcs	x6, x6, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x13, x20\n\t"
+        "adc	x7, x7, xzr\n\t"
+        "mul	x8, x13, x20\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x12, x17\n\t"
         "adds	x5, x5, x25\n\t"
+        "umulh	x26, x12, x17\n\t"
         "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x8, x23\n\t"
-        "umulh	x26, x8, x23\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x9, x22\n\t"
-        "umulh	x26, x9, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x14, x17\n\t"
+        "adcs	x7, x7, x25\n\t"
+        "umulh	x26, x14, x17\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adc	x9, x9, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x13, x19\n\t"
+        "adds	x7, x7, x25\n\t"
+        "umulh	x26, x13, x19\n\t"
+        "adcs	x8, x8, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x12, x19\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x12, x19\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x10, x21\n\t"
-        "umulh	x26, x10, x21\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x13, x17\n\t"
         "adds	x6, x6, x25\n\t"
+        "umulh	x26, x13, x17\n\t"
         "adcs	x7, x7, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x8, x24\n\t"
-        "umulh	x26, x8, x24\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x9, x23\n\t"
-        "umulh	x26, x9, x23\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x10, x22\n\t"
-        "umulh	x26, x10, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x15, x17\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x15, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x14, x19\n\t"
+        "adds	x8, x8, x25\n\t"
+        "umulh	x26, x14, x19\n\t"
+        "adcs	x9, x9, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x15, x20\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x15, x20\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x12, x20\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x11, x21\n\t"
-        "umulh	x26, x11, x21\n\t"
+        "umulh	x26, x12, x20\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x14, x20\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x14, x20\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x15, x16\n\t"
         "adds	x7, x7, x25\n\t"
-        "adcs	x16, x16, x26\n\t"
-        "adc	x17, x17, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x9, x24\n\t"
-        "umulh	x26, x9, x24\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x10, x23\n\t"
-        "umulh	x26, x10, x23\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x11, x22\n\t"
-        "umulh	x26, x11, x22\n\t"
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x26\n\t"
-        "adc	x19, x19, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x10, x24\n\t"
-        "umulh	x26, x10, x24\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x11, x23\n\t"
-        "umulh	x26, x11, x23\n\t"
-        "adds	x17, x17, x25\n\t"
-        "adcs	x19, x19, x26\n\t"
-        "adc	x20, x20, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x11, x24\n\t"
-        "umulh	x26, x11, x24\n\t"
-        "adds	x19, x19, x25\n\t"
-        "adc	x20, x20, x26\n\t"
+        "umulh	x26, x15, x16\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x15, x19\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x15, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x20, x20, x19, #63\n\t"
-        "extr	x19, x19, x17, #63\n\t"
-        "extr	x17, x17, x16, #63\n\t"
-        "extr	x16, x16, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x16\n\t"
-        "umulh	x16, x25, x16\n\t"
-        "adds	x4, x4, x26\n\t"
-        "mul	x26, x25, x17\n\t"
-        "umulh	x17, x25, x17\n\t"
-        "adcs	x5, x5, x26\n\t"
-        "mul	x26, x25, x19\n\t"
-        "umulh	x19, x25, x19\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x20\n\t"
-        "umulh	x27, x25, x20\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x16\n\t"
-        "adcs	x6, x6, x17\n\t"
-        "adcs	x7, x7, x19\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x7, x7, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x7, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x8\n\t"
+        "adds	x4, x4, x26\n\t"
+        "umulh	x8, x25, x8\n\t"
+        "mul	x26, x25, x9\n\t"
+        "adcs	x5, x5, x26\n\t"
+        "umulh	x9, x25, x9\n\t"
+        "mul	x26, x25, x10\n\t"
+        "adcs	x6, x6, x26\n\t"
+        "umulh	x10, x25, x10\n\t"
         "adc	x7, x7, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "adcs	x5, x5, x8\n\t"
+        "adcs	x6, x6, x9\n\t"
+        "adc	x7, x7, x10\n\t"
         /* Store */
-        "ldr	x0, [x29, #24]\n\t"
-        "ldr	x1, [x29, #16]\n\t"
+        "stp	x4, x5, [x0]\n\t"
+        "stp	x6, x7, [x0, #16]\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Add */
-        "adds	x8, x12, x4\n\t"
-        "adcs	x9, x13, x5\n\t"
-        "adcs	x10, x14, x6\n\t"
-        "adc	x11, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x11, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "adds	x8, x21, x4\n\t"
+        "adcs	x9, x22, x5\n\t"
+        "adcs	x10, x23, x6\n\t"
+        "adcs	x11, x24, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x11, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x8, x8, x25\n\t"
-        "sbcs	x9, x9, x28\n\t"
-        "sbcs	x10, x10, x28\n\t"
-        "sbc	x11, x11, x26\n\t"
+        "adds	x8, x8, x25\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
         /* Sub */
-        "subs	x16, x12, x4\n\t"
-        "sbcs	x17, x13, x5\n\t"
-        "sbcs	x19, x14, x6\n\t"
-        "sbcs	x20, x15, x7\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x12, x21, x4\n\t"
+        "sbcs	x13, x22, x5\n\t"
+        "sbcs	x14, x23, x6\n\t"
+        "sbcs	x15, x24, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
+        "subs	x12, x12, x25\n\t"
+        "sbcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "sbcs	x14, x14, xzr\n\t"
+        "sbc	x15, x15, xzr\n\t"
         "stp	x8, x9, [x0]\n\t"
         "stp	x10, x11, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldr	x0, [x29, #48]\n\t"
-        "ldr	x1, [x29, #64]\n\t"
-        "ldr	x2, [sp, #96]\n\t"
+        "stp	x12, x13, [x1]\n\t"
+        "stp	x14, x15, [x1, #16]\n\t"
+        "ldr	x1, [x29, #24]\n\t"
+        "ldr	x2, [x29, #32]\n\t"
+        "add	x2, x2, #0x60\n\t"
+        "add	x1, x1, #0x60\n\t"
+        "add	x0, x0, #0x40\n\t"
         /* Multiply */
-        "ldp	x12, x13, [x1]\n\t"
-        "ldp	x14, x15, [x1, #16]\n\t"
-        "ldp	x16, x17, [x2]\n\t"
-        "ldp	x19, x20, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x4, x12, x16\n\t"
-        "umulh	x5, x12, x16\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x12, x17\n\t"
-        "umulh	x6, x12, x17\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adc	x6, x6, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x13, x16\n\t"
-        "umulh	x26, x13, x16\n\t"
-        "adds	x5, x5, x25\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "adc	x7, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x12, x19\n\t"
-        "umulh	x26, x12, x19\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adc	x7, x7, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x13, x17\n\t"
-        "umulh	x26, x13, x17\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x14, x16\n\t"
-        "umulh	x26, x14, x16\n\t"
-        "adds	x6, x6, x25\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x8, x8, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x12, x20\n\t"
-        "umulh	x26, x12, x20\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x13, x19\n\t"
-        "umulh	x26, x13, x19\n\t"
-        "adds	x7, x7, x25\n\t"
-        "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x14, x17\n\t"
-        "umulh	x26, x14, x17\n\t"
-        "adds	x7, x7, x25\n\t"
+        "ldp	x21, x22, [x1]\n\t"
+        "ldp	x23, x24, [x1, #16]\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x17, x21, x4\n\t"
+        "mul	x16, x21, x4\n\t"
+        /* A[2] * B[0] */
+        "umulh	x20, x23, x4\n\t"
+        "mul	x19, x23, x4\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x22, x4\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x22, x4\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x22, x7\n\t"
+        "adc	x20, x20, xzr\n\t"
+        "mul	x8, x22, x7\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x21, x5\n\t"
+        "adds	x17, x17, x25\n\t"
+        "umulh	x26, x21, x5\n\t"
+        "adcs	x19, x19, x26\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x23, x5\n\t"
+        "adcs	x20, x20, x25\n\t"
+        "umulh	x26, x23, x5\n\t"
         "adcs	x8, x8, x26\n\t"
         "adc	x9, x9, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x15, x16\n\t"
-        "umulh	x26, x15, x16\n\t"
-        "adds	x7, x7, x25\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x22, x6\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x22, x6\n\t"
         "adcs	x8, x8, x26\n\t"
-        "adc	x9, x9, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x13, x20\n\t"
-        "umulh	x26, x13, x20\n\t"
-        "adds	x8, x8, x25\n\t"
-        "adcs	x9, x9, x26\n\t"
+        "adcs	x9, x9, xzr\n\t"
         "adc	x10, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x14, x19\n\t"
-        "umulh	x26, x14, x19\n\t"
-        "adds	x8, x8, x25\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x21, x6\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x21, x6\n\t"
+        "adcs	x20, x20, x26\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x22, x5\n\t"
+        "adds	x19, x19, x25\n\t"
+        "umulh	x26, x22, x5\n\t"
+        "adcs	x20, x20, x26\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x24, x5\n\t"
+        "adcs	x8, x8, x25\n\t"
+        "umulh	x26, x24, x5\n\t"
         "adcs	x9, x9, x26\n\t"
         "adc	x10, x10, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x15, x17\n\t"
-        "umulh	x26, x15, x17\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x23, x6\n\t"
         "adds	x8, x8, x25\n\t"
+        "umulh	x26, x23, x6\n\t"
         "adcs	x9, x9, x26\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x14, x20\n\t"
-        "umulh	x26, x14, x20\n\t"
-        "adds	x9, x9, x25\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x24, x7\n\t"
+        "adcs	x10, x10, x25\n\t"
+        "umulh	x11, x24, x7\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x21, x7\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x21, x7\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x23, x7\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x23, x7\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x15, x19\n\t"
-        "umulh	x26, x15, x19\n\t"
-        "adds	x9, x9, x25\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x24, x4\n\t"
+        "adds	x20, x20, x25\n\t"
+        "umulh	x26, x24, x4\n\t"
+        "adcs	x8, x8, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x24, x6\n\t"
+        "adcs	x9, x9, x25\n\t"
+        "umulh	x26, x24, x6\n\t"
         "adcs	x10, x10, x26\n\t"
         "adc	x11, x11, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x15, x20\n\t"
-        "umulh	x26, x15, x20\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x11, x11, x10, #63\n\t"
-        "extr	x10, x10, x9, #63\n\t"
-        "extr	x9, x9, x8, #63\n\t"
-        "extr	x8, x8, x7, #63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x11\n\t"
+        "adds	x20, x20, x26\n\t"
+        "umulh	x27, x25, x11\n\t"
+        "adc	x27, x27, xzr\n\t"
         "mov	x25, #19\n\t"
+        "extr	x27, x27, x20, #63\n\t"
+        "mul	x27, x27, x25\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "mov	x25, #38\n\t"
         "mul	x26, x25, x8\n\t"
+        "adds	x16, x16, x26\n\t"
         "umulh	x8, x25, x8\n\t"
-        "adds	x4, x4, x26\n\t"
         "mul	x26, x25, x9\n\t"
+        "adcs	x17, x17, x26\n\t"
         "umulh	x9, x25, x9\n\t"
-        "adcs	x5, x5, x26\n\t"
         "mul	x26, x25, x10\n\t"
+        "adcs	x19, x19, x26\n\t"
         "umulh	x10, x25, x10\n\t"
-        "adcs	x6, x6, x26\n\t"
-        "mul	x26, x25, x11\n\t"
-        "umulh	x27, x25, x11\n\t"
-        "adcs	x7, x7, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x5, x5, x8\n\t"
-        "adcs	x6, x6, x9\n\t"
-        "adcs	x7, x7, x10\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
-        "extr	x27, x27, x7, #63\n\t"
-        "mul	x27, x27, x25\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /*  Add high product results in */
+        "adds	x16, x16, x27\n\t"
+        "adcs	x17, x17, x8\n\t"
+        "adcs	x19, x19, x9\n\t"
+        "adc	x20, x20, x10\n\t"
         /* Reduce if top bit set */
-        "and	x27, x25, x7, asr 63\n\t"
-        "and	x7, x7, #0x7fffffffffffffff\n\t"
-        "adds	x4, x4, x27\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, xzr\n\t"
+        "mov	x25, #19\n\t"
+        "and	x26, x25, x20, asr 63\n\t"
+        "adds	x16, x16, x26\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "and	x20, x20, #0x7fffffffffffffff\n\t"
+        "adcs	x19, x19, xzr\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Store */
-        "ldr	x0, [x29, #48]\n\t"
-        /* Double */
-        "adds	x4, x4, x4\n\t"
-        "adcs	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adc	x7, x7, x7\n\t"
-        "mov	x25, #-19\n\t"
-        "asr	x28, x7, #63\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
-        /*   Sub modulus (if overflow) */
-        "subs	x4, x4, x25\n\t"
-        "sbcs	x5, x5, x28\n\t"
-        "sbcs	x6, x6, x28\n\t"
-        "sbc	x7, x7, x26\n\t"
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [sp, #104]\n\t"
-        "ldr	x2, [x29, #72]\n\t"
+        "stp	x16, x17, [x0]\n\t"
+        "stp	x19, x20, [x0, #16]\n\t"
+        "sub	x3, x2, #32\n\t"
+        "sub	x2, x1, #32\n\t"
+        "sub	x1, x0, #32\n\t"
         /* Multiply */
-        "ldp	x16, x17, [x1]\n\t"
-        "ldp	x19, x20, [x1, #16]\n\t"
-        "ldp	x21, x22, [x2]\n\t"
-        "ldp	x23, x24, [x2, #16]\n\t"
-        /*  A[0] * B[0] */
-        "mul	x8, x16, x21\n\t"
-        "umulh	x9, x16, x21\n\t"
-        /*  A[0] * B[1] */
-        "mul	x25, x16, x22\n\t"
-        "umulh	x10, x16, x22\n\t"
+        "ldp	x4, x5, [x2]\n\t"
+        "ldp	x6, x7, [x2, #16]\n\t"
+        "ldp	x12, x13, [x3]\n\t"
+        "ldp	x14, x15, [x3, #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x9, x4, x12\n\t"
+        "mul	x8, x4, x12\n\t"
+        /* A[2] * B[0] */
+        "umulh	x11, x6, x12\n\t"
+        "mul	x10, x6, x12\n\t"
+        /* A[1] * B[0] */
+        "mul	x25, x5, x12\n\t"
         "adds	x9, x9, x25\n\t"
-        "adc	x10, x10, xzr\n\t"
-        /*  A[1] * B[0] */
-        "mul	x25, x17, x21\n\t"
-        "umulh	x26, x17, x21\n\t"
+        "umulh	x26, x5, x12\n\t"
+        "adcs	x10, x10, x26\n\t"
+        /* A[1] * B[3] */
+        "umulh	x17, x5, x15\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "mul	x16, x5, x15\n\t"
+        /* A[0] * B[1] */
+        "mul	x25, x4, x13\n\t"
         "adds	x9, x9, x25\n\t"
+        "umulh	x26, x4, x13\n\t"
         "adcs	x10, x10, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        /*  A[0] * B[2] */
-        "mul	x25, x16, x23\n\t"
-        "umulh	x26, x16, x23\n\t"
-        "adds	x10, x10, x25\n\t"
-        "adc	x11, x11, x26\n\t"
-        /*  A[1] * B[1] */
-        "mul	x25, x17, x22\n\t"
-        "umulh	x26, x17, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x25, x6, x13\n\t"
+        "adcs	x11, x11, x25\n\t"
+        "umulh	x26, x6, x13\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adc	x17, x17, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x25, x5, x14\n\t"
+        "adds	x11, x11, x25\n\t"
+        "umulh	x26, x5, x14\n\t"
+        "adcs	x16, x16, x26\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x25, x4, x14\n\t"
         "adds	x10, x10, x25\n\t"
+        "umulh	x26, x4, x14\n\t"
         "adcs	x11, x11, x26\n\t"
-        "adc	x12, xzr, xzr\n\t"
-        /*  A[2] * B[0] */
-        "mul	x25, x19, x21\n\t"
-        "umulh	x26, x19, x21\n\t"
+        "adcs	x16, x16, xzr\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adc	x19, x19, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x25, x5, x13\n\t"
         "adds	x10, x10, x25\n\t"
+        "umulh	x26, x5, x13\n\t"
         "adcs	x11, x11, x26\n\t"
-        "adc	x12, x12, xzr\n\t"
-        /*  A[0] * B[3] */
-        "mul	x25, x16, x24\n\t"
-        "umulh	x26, x16, x24\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        /*  A[1] * B[2] */
-        "mul	x25, x17, x23\n\t"
-        "umulh	x26, x17, x23\n\t"
-        "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[2] * B[1] */
-        "mul	x25, x19, x22\n\t"
-        "umulh	x26, x19, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x25, x7, x13\n\t"
+        "adcs	x16, x16, x25\n\t"
+        "umulh	x26, x7, x13\n\t"
+        "adcs	x17, x17, x26\n\t"
+        "adc	x19, x19, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x25, x6, x14\n\t"
+        "adds	x16, x16, x25\n\t"
+        "umulh	x26, x6, x14\n\t"
+        "adcs	x17, x17, x26\n\t"
+        /* A[3] * B[3] */
+        "mul	x25, x7, x15\n\t"
+        "adcs	x19, x19, x25\n\t"
+        "umulh	x20, x7, x15\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x25, x4, x15\n\t"
         "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[3] * B[0] */
-        "mul	x25, x20, x21\n\t"
-        "umulh	x26, x20, x21\n\t"
+        "umulh	x26, x4, x15\n\t"
+        "adcs	x16, x16, x26\n\t"
+        /* A[2] * B[3] */
+        "mul	x25, x6, x15\n\t"
+        "adcs	x17, x17, x25\n\t"
+        "umulh	x26, x6, x15\n\t"
+        "adcs	x19, x19, x26\n\t"
+        "adc	x20, x20, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x25, x7, x12\n\t"
         "adds	x11, x11, x25\n\t"
-        "adcs	x12, x12, x26\n\t"
-        "adc	x13, x13, xzr\n\t"
-        /*  A[1] * B[3] */
-        "mul	x25, x17, x24\n\t"
-        "umulh	x26, x17, x24\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, xzr, xzr\n\t"
-        /*  A[2] * B[2] */
-        "mul	x25, x19, x23\n\t"
-        "umulh	x26, x19, x23\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[3] * B[1] */
-        "mul	x25, x20, x22\n\t"
-        "umulh	x26, x20, x22\n\t"
-        "adds	x12, x12, x25\n\t"
-        "adcs	x13, x13, x26\n\t"
-        "adc	x14, x14, xzr\n\t"
-        /*  A[2] * B[3] */
-        "mul	x25, x19, x24\n\t"
-        "umulh	x26, x19, x24\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        /*  A[3] * B[2] */
-        "mul	x25, x20, x23\n\t"
-        "umulh	x26, x20, x23\n\t"
-        "adds	x13, x13, x25\n\t"
-        "adcs	x14, x14, x26\n\t"
-        "adc	x15, x15, xzr\n\t"
-        /*  A[3] * B[3] */
-        "mul	x25, x20, x24\n\t"
-        "umulh	x26, x20, x24\n\t"
-        "adds	x14, x14, x25\n\t"
-        "adc	x15, x15, x26\n\t"
+        "umulh	x26, x7, x12\n\t"
+        "adcs	x16, x16, x26\n\t"
+        /* A[3] * B[2] */
+        "mul	x25, x7, x14\n\t"
+        "adcs	x17, x17, x25\n\t"
+        "umulh	x26, x7, x14\n\t"
+        "adcs	x19, x19, x26\n\t"
+        "adc	x20, x20, xzr\n\t"
         /* Reduce */
-        /*  Move top half into t4-t7 and remove top bit from t3 */
-        "extr	x15, x15, x14, #63\n\t"
-        "extr	x14, x14, x13, #63\n\t"
-        "extr	x13, x13, x12, #63\n\t"
-        "extr	x12, x12, x11, #63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
-        /*  Multiply top half by 19 */
-        "mov	x25, #19\n\t"
-        "mul	x26, x25, x12\n\t"
-        "umulh	x12, x25, x12\n\t"
-        "adds	x8, x8, x26\n\t"
-        "mul	x26, x25, x13\n\t"
-        "umulh	x13, x25, x13\n\t"
-        "adcs	x9, x9, x26\n\t"
-        "mul	x26, x25, x14\n\t"
-        "umulh	x14, x25, x14\n\t"
-        "adcs	x10, x10, x26\n\t"
-        "mul	x26, x25, x15\n\t"
-        "umulh	x27, x25, x15\n\t"
-        "adcs	x11, x11, x26\n\t"
-        "adc	x27, x27, xzr\n\t"
-        /*  Add remaining product results in */
-        "adds	x9, x9, x12\n\t"
-        "adcs	x10, x10, x13\n\t"
-        "adcs	x11, x11, x14\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x20\n\t"
+        "adds	x11, x11, x26\n\t"
+        "umulh	x27, x25, x20\n\t"
         "adc	x27, x27, xzr\n\t"
-        /*  Overflow */
+        "mov	x25, #19\n\t"
         "extr	x27, x27, x11, #63\n\t"
         "mul	x27, x27, x25\n\t"
         "and	x11, x11, #0x7fffffffffffffff\n\t"
-        "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
+        "mov	x25, #38\n\t"
+        "mul	x26, x25, x16\n\t"
+        "adds	x8, x8, x26\n\t"
+        "umulh	x16, x25, x16\n\t"
+        "mul	x26, x25, x17\n\t"
+        "adcs	x9, x9, x26\n\t"
+        "umulh	x17, x25, x17\n\t"
+        "mul	x26, x25, x19\n\t"
+        "adcs	x10, x10, x26\n\t"
+        "umulh	x19, x25, x19\n\t"
         "adc	x11, x11, xzr\n\t"
-        /* Reduce if top bit set */
-        "and	x27, x25, x11, asr 63\n\t"
-        "and	x11, x11, #0x7fffffffffffffff\n\t"
+        /*  Add high product results in */
         "adds	x8, x8, x27\n\t"
-        "adcs	x9, x9, xzr\n\t"
-        "adcs	x10, x10, xzr\n\t"
-        "adc	x11, x11, xzr\n\t"
-        /* Store */
-        "ldr	x0, [x29, #40]\n\t"
-        "ldr	x1, [x29, #32]\n\t"
-        /* Add */
-        "adds	x12, x4, x8\n\t"
-        "adcs	x13, x5, x9\n\t"
-        "adcs	x14, x6, x10\n\t"
-        "adc	x15, x7, x11\n\t"
+        "adcs	x9, x9, x16\n\t"
+        "adcs	x10, x10, x17\n\t"
+        "adc	x11, x11, x19\n\t"
+        /* Double */
+        "adds	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
+        "adcs	x10, x10, x10\n\t"
+        "adc	x11, x11, x11\n\t"
         "mov	x25, #-19\n\t"
-        "asr	x28, x15, #63\n\t"
+        "asr	x28, x11, #63\n\t"
         /*   Mask the modulus */
         "and	x25, x28, x25\n\t"
         "and	x26, x28, #0x7fffffffffffffff\n\t"
         /*   Sub modulus (if overflow) */
-        "subs	x12, x12, x25\n\t"
-        "sbcs	x13, x13, x28\n\t"
-        "sbcs	x14, x14, x28\n\t"
-        "sbc	x15, x15, x26\n\t"
+        "subs	x8, x8, x25\n\t"
+        "sbcs	x9, x9, x28\n\t"
+        "sbcs	x10, x10, x28\n\t"
+        "sbc	x11, x11, x26\n\t"
+        "mov	x3, x0\n\t"
+        "sub	x2, x0, #32\n\t"
+        /* Add */
+        "ldp	x4, x5, [x3]\n\t"
+        "ldp	x6, x7, [x3, #16]\n\t"
+        "adds	x12, x8, x4\n\t"
+        "adcs	x13, x9, x5\n\t"
+        "adcs	x14, x10, x6\n\t"
+        "adcs	x15, x11, x7\n\t"
+        "cset	x28, cs\n\t"
+        "mov	x25, #19\n\t"
+        "extr	x28, x28, x15, #63\n\t"
+        "mul	x25, x28, x25\n\t"
+        /*   Sub modulus (if overflow) */
+        "adds	x12, x12, x25\n\t"
+        "adcs	x13, x13, xzr\n\t"
+        "and	x15, x15, #0x7fffffffffffffff\n\t"
+        "adcs	x14, x14, xzr\n\t"
+        "adc	x15, x15, xzr\n\t"
         /* Sub */
-        "subs	x16, x4, x8\n\t"
-        "sbcs	x17, x5, x9\n\t"
-        "sbcs	x19, x6, x10\n\t"
-        "sbcs	x20, x7, x11\n\t"
-        "mov	x25, #-19\n\t"
+        "subs	x21, x8, x4\n\t"
+        "sbcs	x22, x9, x5\n\t"
+        "sbcs	x23, x10, x6\n\t"
+        "sbcs	x24, x11, x7\n\t"
         "csetm	x28, cc\n\t"
-        /*   Mask the modulus */
-        "and	x25, x28, x25\n\t"
-        "and	x26, x28, #0x7fffffffffffffff\n\t"
+        "mov	x25, #-19\n\t"
+        "extr	x28, x28, x24, #63\n\t"
+        "mul	x25, x28, x25\n\t"
         /*   Add modulus (if underflow) */
-        "adds	x16, x16, x25\n\t"
-        "adcs	x17, x17, x28\n\t"
-        "adcs	x19, x19, x28\n\t"
-        "adc	x20, x20, x26\n\t"
+        "subs	x21, x21, x25\n\t"
+        "sbcs	x22, x22, xzr\n\t"
+        "and	x24, x24, #0x7fffffffffffffff\n\t"
+        "sbcs	x23, x23, xzr\n\t"
+        "sbc	x24, x24, xzr\n\t"
         "stp	x12, x13, [x0]\n\t"
         "stp	x14, x15, [x0, #16]\n\t"
-        "stp	x16, x17, [x1]\n\t"
-        "stp	x19, x20, [x1, #16]\n\t"
-        "ldp	x29, x30, [sp], #0x80\n\t"
-        : [rx] "+r" (rx), [ry] "+r" (ry), [rz] "+r" (rz), [rt] "+r" (rt), [px] "+r" (px), [py] "+r" (py), [pz] "+r" (pz), [pt] "+r" (pt), [qz] "+r" (qz), [qt2d] "+r" (qt2d), [qyplusx] "+r" (qyplusx), [qyminusx] "+r" (qyminusx)
+        "stp	x21, x22, [x1]\n\t"
+        "stp	x23, x24, [x1, #16]\n\t"
+        "ldp	x29, x30, [sp], #48\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "cc"
+    );
+}
+
+void sc_reduce(byte* s)
+{
+    __asm__ __volatile__ (
+        "ldp	x2, x3, [%x[s]]\n\t"
+        "ldp	x4, x5, [%x[s], #16]\n\t"
+        "ldp	x6, x7, [%x[s], #32]\n\t"
+        "ldp	x8, x9, [%x[s], #48]\n\t"
+        "lsr	x23, x9, #56\n\t"
+        "lsl	x9, x9, #4\n\t"
+        "orr	x9, x9, x8, lsr 60\n\t"
+        "lsl	x8, x8, #4\n\t"
+        "orr	x8, x8, x7, lsr 60\n\t"
+        "lsl	x7, x7, #4\n\t"
+        "orr	x7, x7, x6, lsr 60\n\t"
+        "lsl	x6, x6, #4\n\t"
+        "mov	x1, #15\n\t"
+        "orr	x6, x6, x5, lsr 60\n\t"
+        "bic	x5, x5, x1, lsl 60\n\t"
+        "bic	x9, x9, x1, lsl 60\n\t"
+        /* Add order times bits 504..511 */
+        "mov	x11, #0x2c13\n\t"
+        "movk	x11, #0xa30a, lsl 16\n\t"
+        "movk	x11, #0x9ce5, lsl 32\n\t"
+        "movk	x11, #0xa7ed, lsl 48\n\t"
+        "mov	x13, #0x6329\n\t"
+        "movk	x13, #0x5d08, lsl 16\n\t"
+        "movk	x13, #0x621, lsl 32\n\t"
+        "movk	x13, #0xeb21, lsl 48\n\t"
+        "mul	x10, x23, x11\n\t"
+        "umulh	x11, x23, x11\n\t"
+        "mul	x12, x23, x13\n\t"
+        "umulh	x13, x23, x13\n\t"
+        "adds	x6, x6, x10\n\t"
+        "adcs	x7, x7, x11\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "adds	x7, x7, x12\n\t"
+        "adcs	x8, x8, x13\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "subs	x8, x8, x23\n\t"
+        "sbc	x9, x9, xzr\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	x1, #0x2c13\n\t"
+        "movk	x1, #0xa30a, lsl 16\n\t"
+        "movk	x1, #0x9ce5, lsl 32\n\t"
+        "movk	x1, #0xa7ed, lsl 48\n\t"
+        "mul	x10, x6, x1\n\t"
+        "umulh	x11, x6, x1\n\t"
+        "mul	x12, x7, x1\n\t"
+        "umulh	x13, x7, x1\n\t"
+        "mul	x14, x8, x1\n\t"
+        "umulh	x15, x8, x1\n\t"
+        "mul	x16, x9, x1\n\t"
+        "umulh	x17, x9, x1\n\t"
+        "adds	x2, x2, x10\n\t"
+        "adcs	x3, x3, x11\n\t"
+        "adcs	x4, x4, x14\n\t"
+        "adcs	x5, x5, x15\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "adds	x3, x3, x12\n\t"
+        "adcs	x4, x4, x13\n\t"
+        "adcs	x5, x5, x16\n\t"
+        "adc	x19, x19, x17\n\t"
+        "mov	x1, #0x6329\n\t"
+        "movk	x1, #0x5d08, lsl 16\n\t"
+        "movk	x1, #0x621, lsl 32\n\t"
+        "movk	x1, #0xeb21, lsl 48\n\t"
+        "mul	x10, x6, x1\n\t"
+        "umulh	x11, x6, x1\n\t"
+        "mul	x12, x7, x1\n\t"
+        "umulh	x13, x7, x1\n\t"
+        "mul	x14, x8, x1\n\t"
+        "umulh	x15, x8, x1\n\t"
+        "mul	x16, x9, x1\n\t"
+        "umulh	x17, x9, x1\n\t"
+        "adds	x3, x3, x10\n\t"
+        "adcs	x4, x4, x11\n\t"
+        "adcs	x5, x5, x14\n\t"
+        "adcs	x19, x19, x15\n\t"
+        "adc	x20, xzr, xzr\n\t"
+        "adds	x4, x4, x12\n\t"
+        "adcs	x5, x5, x13\n\t"
+        "adcs	x19, x19, x16\n\t"
+        "adc	x20, x20, x17\n\t"
+        "subs	x4, x4, x6\n\t"
+        "sbcs	x5, x5, x7\n\t"
+        "sbcs	x6, x19, x8\n\t"
+        "sbc	x7, x20, x9\n\t"
+        "asr	x23, x7, #57\n\t"
+        /*   Conditionally subtract order starting at bit 125 */
+        "mov	x10, xzr\n\t"
+        "mov	x13, xzr\n\t"
+        "mov	x11, #0xba7d\n\t"
+        "movk	x11, #0x4b9e, lsl 16\n\t"
+        "movk	x11, #0x4c63, lsl 32\n\t"
+        "movk	x11, #0xcb02, lsl 48\n\t"
+        "mov	x12, #0xf39a\n\t"
+        "movk	x12, #0xd45e, lsl 16\n\t"
+        "movk	x12, #0xdf3b, lsl 32\n\t"
+        "movk	x12, #0x29b, lsl 48\n\t"
+        "movk	x10, #0xa000, lsl 48\n\t"
+        "movk	x13, #0x200, lsl 48\n\t"
+        "and	x10, x10, x23\n\t"
+        "and	x11, x11, x23\n\t"
+        "and	x12, x12, x23\n\t"
+        "and	x13, x13, x23\n\t"
+        "adds	x3, x3, x10\n\t"
+        "adcs	x4, x4, x11\n\t"
+        "adcs	x5, x5, x12\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "adc	x7, x7, x13\n\t"
+        /*   Move bits 252-376 to own registers */
+        "lsl	x7, x7, #4\n\t"
+        "orr	x7, x7, x6, lsr 60\n\t"
+        "lsl	x6, x6, #4\n\t"
+        "mov	x23, #15\n\t"
+        "orr	x6, x6, x5, lsr 60\n\t"
+        "bic	x5, x5, x23, lsl 60\n\t"
+        /* Sub product of top 2 words and order */
+        /*   * -5812631a5cf5d3ed */
+        "mov	x1, #0x2c13\n\t"
+        "movk	x1, #0xa30a, lsl 16\n\t"
+        "movk	x1, #0x9ce5, lsl 32\n\t"
+        "movk	x1, #0xa7ed, lsl 48\n\t"
+        "mul	x10, x6, x1\n\t"
+        "umulh	x11, x6, x1\n\t"
+        "mul	x12, x7, x1\n\t"
+        "umulh	x13, x7, x1\n\t"
+        "adds	x2, x2, x10\n\t"
+        "adcs	x3, x3, x11\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "adds	x3, x3, x12\n\t"
+        "adc	x19, x19, x13\n\t"
+        /*   * -14def9dea2f79cd7 */
+        "mov	x1, #0x6329\n\t"
+        "movk	x1, #0x5d08, lsl 16\n\t"
+        "movk	x1, #0x621, lsl 32\n\t"
+        "movk	x1, #0xeb21, lsl 48\n\t"
+        "mul	x10, x6, x1\n\t"
+        "umulh	x11, x6, x1\n\t"
+        "mul	x12, x7, x1\n\t"
+        "umulh	x13, x7, x1\n\t"
+        "adds	x3, x3, x10\n\t"
+        "adcs	x4, x4, x11\n\t"
+        "adc	x20, xzr, xzr\n\t"
+        "adds	x4, x4, x12\n\t"
+        "adc	x20, x20, x13\n\t"
+        /*   Add overflows at 2 * 64 */
+        "mov	x1, #15\n\t"
+        "bic	x5, x5, x1, lsl 60\n\t"
+        "adds	x4, x4, x19\n\t"
+        "adc	x5, x5, x20\n\t"
+        /*   Subtract top at 2 * 64 */
+        "subs	x4, x4, x6\n\t"
+        "sbcs	x5, x5, x7\n\t"
+        "sbc	x1, x1, x1\n\t"
+        /*   Conditional sub order */
+        "mov	x10, #0xd3ed\n\t"
+        "movk	x10, #0x5cf5, lsl 16\n\t"
+        "movk	x10, #0x631a, lsl 32\n\t"
+        "movk	x10, #0x5812, lsl 48\n\t"
+        "mov	x11, #0x9cd6\n\t"
+        "movk	x11, #0xa2f7, lsl 16\n\t"
+        "movk	x11, #0xf9de, lsl 32\n\t"
+        "movk	x11, #0x14de, lsl 48\n\t"
+        "and	x10, x10, x1\n\t"
+        "and	x11, x11, x1\n\t"
+        "adds	x2, x2, x10\n\t"
+        "adcs	x3, x3, x11\n\t"
+        "and	x1, x1, #0x1000000000000000\n\t"
+        "adcs	x4, x4, xzr\n\t"
+        "mov	x23, #15\n\t"
+        "adc	x5, x5, x1\n\t"
+        "bic	x5, x5, x23, lsl 60\n\t"
+        /* Store result */
+        "stp	x2, x3, [%x[s]]\n\t"
+        "stp	x4, x5, [%x[s], #16]\n\t"
+        : [s] "+r" (s)
+        :
+        : "memory", "x1", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "cc"
+    );
+}
+
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+{
+    __asm__ __volatile__ (
+        /* Multiply */
+        "ldp	x12, x13, [%x[a]]\n\t"
+        "ldp	x14, x15, [%x[a], #16]\n\t"
+        "ldp	x16, x17, [%x[b]]\n\t"
+        "ldp	x19, x20, [%x[b], #16]\n\t"
+        /* A[0] * B[0] */
+        "umulh	x5, x12, x16\n\t"
+        "mul	x4, x12, x16\n\t"
+        /* A[2] * B[0] */
+        "umulh	x7, x14, x16\n\t"
+        "mul	x6, x14, x16\n\t"
+        /* A[1] * B[0] */
+        "mul	x21, x13, x16\n\t"
+        "adds	x5, x5, x21\n\t"
+        "umulh	x22, x13, x16\n\t"
+        "adcs	x6, x6, x22\n\t"
+        /* A[1] * B[3] */
+        "umulh	x9, x13, x20\n\t"
+        "adc	x7, x7, xzr\n\t"
+        "mul	x8, x13, x20\n\t"
+        /* A[0] * B[1] */
+        "mul	x21, x12, x17\n\t"
+        "adds	x5, x5, x21\n\t"
+        "umulh	x22, x12, x17\n\t"
+        "adcs	x6, x6, x22\n\t"
+        /* A[2] * B[1] */
+        "mul	x21, x14, x17\n\t"
+        "adcs	x7, x7, x21\n\t"
+        "umulh	x22, x14, x17\n\t"
+        "adcs	x8, x8, x22\n\t"
+        "adc	x9, x9, xzr\n\t"
+        /* A[1] * B[2] */
+        "mul	x21, x13, x19\n\t"
+        "adds	x7, x7, x21\n\t"
+        "umulh	x22, x13, x19\n\t"
+        "adcs	x8, x8, x22\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, xzr, xzr\n\t"
+        /* A[0] * B[2] */
+        "mul	x21, x12, x19\n\t"
+        "adds	x6, x6, x21\n\t"
+        "umulh	x22, x12, x19\n\t"
+        "adcs	x7, x7, x22\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[1] * B[1] */
+        "mul	x21, x13, x17\n\t"
+        "adds	x6, x6, x21\n\t"
+        "umulh	x22, x13, x17\n\t"
+        "adcs	x7, x7, x22\n\t"
+        /* A[3] * B[1] */
+        "mul	x21, x15, x17\n\t"
+        "adcs	x8, x8, x21\n\t"
+        "umulh	x22, x15, x17\n\t"
+        "adcs	x9, x9, x22\n\t"
+        "adc	x10, x10, xzr\n\t"
+        /* A[2] * B[2] */
+        "mul	x21, x14, x19\n\t"
+        "adds	x8, x8, x21\n\t"
+        "umulh	x22, x14, x19\n\t"
+        "adcs	x9, x9, x22\n\t"
+        /* A[3] * B[3] */
+        "mul	x21, x15, x20\n\t"
+        "adcs	x10, x10, x21\n\t"
+        "umulh	x11, x15, x20\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[0] * B[3] */
+        "mul	x21, x12, x20\n\t"
+        "adds	x7, x7, x21\n\t"
+        "umulh	x22, x12, x20\n\t"
+        "adcs	x8, x8, x22\n\t"
+        /* A[2] * B[3] */
+        "mul	x21, x14, x20\n\t"
+        "adcs	x9, x9, x21\n\t"
+        "umulh	x22, x14, x20\n\t"
+        "adcs	x10, x10, x22\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* A[3] * B[0] */
+        "mul	x21, x15, x16\n\t"
+        "adds	x7, x7, x21\n\t"
+        "umulh	x22, x15, x16\n\t"
+        "adcs	x8, x8, x22\n\t"
+        /* A[3] * B[2] */
+        "mul	x21, x15, x19\n\t"
+        "adcs	x9, x9, x21\n\t"
+        "umulh	x22, x15, x19\n\t"
+        "adcs	x10, x10, x22\n\t"
+        "adc	x11, x11, xzr\n\t"
+        /* Add c to a * b */
+        "ldp	x12, x13, [%x[c]]\n\t"
+        "ldp	x14, x15, [%x[c], #16]\n\t"
+        "adds	x4, x4, x12\n\t"
+        "adcs	x5, x5, x13\n\t"
+        "adcs	x6, x6, x14\n\t"
+        "adcs	x7, x7, x15\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "lsr	x25, x11, #56\n\t"
+        "lsl	x11, x11, #4\n\t"
+        "orr	x11, x11, x10, lsr 60\n\t"
+        "lsl	x10, x10, #4\n\t"
+        "orr	x10, x10, x9, lsr 60\n\t"
+        "lsl	x9, x9, #4\n\t"
+        "orr	x9, x9, x8, lsr 60\n\t"
+        "lsl	x8, x8, #4\n\t"
+        "mov	x26, #15\n\t"
+        "orr	x8, x8, x7, lsr 60\n\t"
+        "bic	x7, x7, x26, lsl 60\n\t"
+        "bic	x11, x11, x26, lsl 60\n\t"
+        /* Add order times bits 504..507 */
+        "mov	x22, #0x2c13\n\t"
+        "movk	x22, #0xa30a, lsl 16\n\t"
+        "movk	x22, #0x9ce5, lsl 32\n\t"
+        "movk	x22, #0xa7ed, lsl 48\n\t"
+        "mov	x24, #0x6329\n\t"
+        "movk	x24, #0x5d08, lsl 16\n\t"
+        "movk	x24, #0x621, lsl 32\n\t"
+        "movk	x24, #0xeb21, lsl 48\n\t"
+        "mul	x21, x25, x22\n\t"
+        "umulh	x22, x25, x22\n\t"
+        "mul	x23, x25, x24\n\t"
+        "umulh	x24, x25, x24\n\t"
+        "adds	x8, x8, x21\n\t"
+        "adcs	x9, x9, x22\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "adds	x9, x9, x23\n\t"
+        "adcs	x10, x10, x24\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "subs	x10, x10, x25\n\t"
+        "sbc	x11, x11, xzr\n\t"
+        /* Sub product of top 4 words and order */
+        "mov	x26, #0x2c13\n\t"
+        "movk	x26, #0xa30a, lsl 16\n\t"
+        "movk	x26, #0x9ce5, lsl 32\n\t"
+        "movk	x26, #0xa7ed, lsl 48\n\t"
+        "mul	x16, x8, x26\n\t"
+        "umulh	x17, x8, x26\n\t"
+        "mul	x19, x9, x26\n\t"
+        "umulh	x20, x9, x26\n\t"
+        "mul	x21, x10, x26\n\t"
+        "umulh	x22, x10, x26\n\t"
+        "mul	x23, x11, x26\n\t"
+        "umulh	x24, x11, x26\n\t"
+        "adds	x4, x4, x16\n\t"
+        "adcs	x5, x5, x17\n\t"
+        "adcs	x6, x6, x21\n\t"
+        "adcs	x7, x7, x22\n\t"
+        "adc	x12, xzr, xzr\n\t"
+        "adds	x5, x5, x19\n\t"
+        "adcs	x6, x6, x20\n\t"
+        "adcs	x7, x7, x23\n\t"
+        "adc	x12, x12, x24\n\t"
+        "mov	x26, #0x6329\n\t"
+        "movk	x26, #0x5d08, lsl 16\n\t"
+        "movk	x26, #0x621, lsl 32\n\t"
+        "movk	x26, #0xeb21, lsl 48\n\t"
+        "mul	x16, x8, x26\n\t"
+        "umulh	x17, x8, x26\n\t"
+        "mul	x19, x9, x26\n\t"
+        "umulh	x20, x9, x26\n\t"
+        "mul	x21, x10, x26\n\t"
+        "umulh	x22, x10, x26\n\t"
+        "mul	x23, x11, x26\n\t"
+        "umulh	x24, x11, x26\n\t"
+        "adds	x5, x5, x16\n\t"
+        "adcs	x6, x6, x17\n\t"
+        "adcs	x7, x7, x21\n\t"
+        "adcs	x12, x12, x22\n\t"
+        "adc	x13, xzr, xzr\n\t"
+        "adds	x6, x6, x19\n\t"
+        "adcs	x7, x7, x20\n\t"
+        "adcs	x12, x12, x23\n\t"
+        "adc	x13, x13, x24\n\t"
+        "subs	x6, x6, x8\n\t"
+        "sbcs	x7, x7, x9\n\t"
+        "sbcs	x8, x12, x10\n\t"
+        "sbc	x9, x13, x11\n\t"
+        "asr	x25, x9, #57\n\t"
+        /*   Conditionally subtract order starting at bit 125 */
+        "mov	x16, xzr\n\t"
+        "mov	x20, xzr\n\t"
+        "mov	x17, #0xba7d\n\t"
+        "movk	x17, #0x4b9e, lsl 16\n\t"
+        "movk	x17, #0x4c63, lsl 32\n\t"
+        "movk	x17, #0xcb02, lsl 48\n\t"
+        "mov	x19, #0xf39a\n\t"
+        "movk	x19, #0xd45e, lsl 16\n\t"
+        "movk	x19, #0xdf3b, lsl 32\n\t"
+        "movk	x19, #0x29b, lsl 48\n\t"
+        "movk	x16, #0xa000, lsl 48\n\t"
+        "movk	x20, #0x200, lsl 48\n\t"
+        "and	x16, x16, x25\n\t"
+        "and	x17, x17, x25\n\t"
+        "and	x19, x19, x25\n\t"
+        "and	x20, x20, x25\n\t"
+        "adds	x5, x5, x16\n\t"
+        "adcs	x6, x6, x17\n\t"
+        "adcs	x7, x7, x19\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adc	x9, x9, x20\n\t"
+        /*   Move bits 252-376 to own registers */
+        "lsl	x9, x9, #4\n\t"
+        "orr	x9, x9, x8, lsr 60\n\t"
+        "lsl	x8, x8, #4\n\t"
+        "mov	x25, #15\n\t"
+        "orr	x8, x8, x7, lsr 60\n\t"
+        "bic	x7, x7, x25, lsl 60\n\t"
+        /* Sub product of top 2 words and order */
+        /*   * -5812631a5cf5d3ed */
+        "mov	x26, #0x2c13\n\t"
+        "movk	x26, #0xa30a, lsl 16\n\t"
+        "movk	x26, #0x9ce5, lsl 32\n\t"
+        "movk	x26, #0xa7ed, lsl 48\n\t"
+        "mul	x16, x8, x26\n\t"
+        "umulh	x17, x8, x26\n\t"
+        "mul	x19, x9, x26\n\t"
+        "umulh	x20, x9, x26\n\t"
+        "adds	x4, x4, x16\n\t"
+        "adcs	x5, x5, x17\n\t"
+        "adc	x12, xzr, xzr\n\t"
+        "adds	x5, x5, x19\n\t"
+        "adc	x12, x12, x20\n\t"
+        /*   * -14def9dea2f79cd7 */
+        "mov	x26, #0x6329\n\t"
+        "movk	x26, #0x5d08, lsl 16\n\t"
+        "movk	x26, #0x621, lsl 32\n\t"
+        "movk	x26, #0xeb21, lsl 48\n\t"
+        "mul	x16, x8, x26\n\t"
+        "umulh	x17, x8, x26\n\t"
+        "mul	x19, x9, x26\n\t"
+        "umulh	x20, x9, x26\n\t"
+        "adds	x5, x5, x16\n\t"
+        "adcs	x6, x6, x17\n\t"
+        "adc	x13, xzr, xzr\n\t"
+        "adds	x6, x6, x19\n\t"
+        "adc	x13, x13, x20\n\t"
+        /*   Add overflows at 2 * 64 */
+        "mov	x26, #15\n\t"
+        "bic	x7, x7, x26, lsl 60\n\t"
+        "adds	x6, x6, x12\n\t"
+        "adc	x7, x7, x13\n\t"
+        /*   Subtract top at 2 * 64 */
+        "subs	x6, x6, x8\n\t"
+        "sbcs	x7, x7, x9\n\t"
+        "sbc	x26, x26, x26\n\t"
+        /*   Conditional sub order */
+        "mov	x16, #0xd3ed\n\t"
+        "movk	x16, #0x5cf5, lsl 16\n\t"
+        "movk	x16, #0x631a, lsl 32\n\t"
+        "movk	x16, #0x5812, lsl 48\n\t"
+        "mov	x17, #0x9cd6\n\t"
+        "movk	x17, #0xa2f7, lsl 16\n\t"
+        "movk	x17, #0xf9de, lsl 32\n\t"
+        "movk	x17, #0x14de, lsl 48\n\t"
+        "and	x16, x16, x26\n\t"
+        "and	x17, x17, x26\n\t"
+        "adds	x4, x4, x16\n\t"
+        "adcs	x5, x5, x17\n\t"
+        "and	x26, x26, #0x1000000000000000\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "mov	x25, #15\n\t"
+        "adc	x7, x7, x26\n\t"
+        "bic	x7, x7, x25, lsl 60\n\t"
+        /* Store result */
+        "stp	x4, x5, [%x[s]]\n\t"
+        "stp	x6, x7, [%x[s], #16]\n\t"
+        : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
         :
-        : "memory", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28"
+        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "cc"
     );
 }
 
-#endif /* HAVE_CURVE25519 */
+#endif /* HAVE_ED25519 */
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
 #endif /* __aarch64__ */
 #endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
index beea8d01..55860d86 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha256.c
@@ -44,6 +44,13 @@
     #include <wolfcrypt/src/misc.c>
 #endif
 
+#if defined(FREESCALE_MMCAU_SHA)
+    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+        #include "cau_api.h"
+    #else
+        #include "fsl_mmcau.h"
+    #endif
+#endif
 
 #ifndef WOLFSSL_ARMASM_NO_HW_CRYPTO
 static const ALIGN32 word32 K[64] = {
@@ -72,6 +79,17 @@ static int InitSha256(wc_Sha256* sha256)
         return BAD_FUNC_ARG;
     }
 
+#ifdef FREESCALE_MMCAU_SHA
+    ret = wolfSSL_CryptHwMutexLock();
+    if (ret == 0) {
+    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+        cau_sha256_initialize_output(sha256->digest);
+    #else
+        MMCAU_SHA256_InitializeOutput((uint32_t*)sha256->digest);
+    #endif
+        wolfSSL_CryptHwMutexUnLock();
+    }
+#else
     sha256->digest[0] = 0x6A09E667L;
     sha256->digest[1] = 0xBB67AE85L;
     sha256->digest[2] = 0x3C6EF372L;
@@ -80,11 +98,16 @@ static int InitSha256(wc_Sha256* sha256)
     sha256->digest[5] = 0x9B05688CL;
     sha256->digest[6] = 0x1F83D9ABL;
     sha256->digest[7] = 0x5BE0CD19L;
+#endif
 
     sha256->buffLen = 0;
     sha256->loLen   = 0;
     sha256->hiLen   = 0;
 
+#ifdef WOLFSSL_HASH_FLAGS
+    sha256->flags = 0;
+#endif
+
     return ret;
 }
 
@@ -1313,12 +1336,60 @@ static WC_INLINE int Sha256Final(wc_Sha256* sha256, byte* hash)
 
 #endif /* __aarch64__ */
 
-#else
+#else /* WOLFSSL_ARMASM_NO_HW_CRYPTO */
+
+#if defined(FREESCALE_MMCAU_SHA)
+
+    #ifndef WC_HASH_DATA_ALIGNMENT
+        /* these hardware API's require 4 byte (word32) alignment */
+        #define WC_HASH_DATA_ALIGNMENT 4
+    #endif
+
+    static int Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
+        word32 len)
+    {
+        int ret = wolfSSL_CryptHwMutexLock();
+        if (ret == 0) {
+        #if defined(WC_HASH_DATA_ALIGNMENT) && WC_HASH_DATA_ALIGNMENT > 0
+            if ((wc_ptr_t)data % WC_HASH_DATA_ALIGNMENT) {
+                /* data pointer is NOT aligned,
+                 * so copy and perform one block at a time */
+                byte* local = (byte*)sha256->buffer;
+                while (len >= WC_SHA256_BLOCK_SIZE) {
+                    XMEMCPY(local, data, WC_SHA256_BLOCK_SIZE);
+                #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+                    cau_sha256_hash_n(local, 1, sha256->digest);
+                #else
+                    MMCAU_SHA256_HashN(local, 1, (uint32_t*)sha256->digest);
+                #endif
+                    data += WC_SHA256_BLOCK_SIZE;
+                    len  -= WC_SHA256_BLOCK_SIZE;
+                }
+            }
+            else
+        #endif
+            {
+    #ifdef FREESCALE_MMCAU_CLASSIC_SHA
+            cau_sha256_hash_n((byte*)data, len/WC_SHA256_BLOCK_SIZE,
+                sha256->digest);
+    #else
+            MMCAU_SHA256_HashN((byte*)data, len/WC_SHA256_BLOCK_SIZE,
+                (uint32_t*)sha256->digest);
+    #endif
+            }
+            wolfSSL_CryptHwMutexUnLock();
+        }
+        return ret;
+    }
+
+#else /* */
 
 extern void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data,
     word32 len);
 
-/* ARMv8 hardware acceleration Aarch32 */
+#endif
+
+/* ARMv8 hardware acceleration Aarch32 and Thumb2 */
 static WC_INLINE int Sha256Update(wc_Sha256* sha256, const byte* data, word32 len)
 {
     int ret = 0;
@@ -1425,6 +1496,9 @@ int wc_InitSha256_ex(wc_Sha256* sha256, void* heap, int devId)
         return BAD_FUNC_ARG;
 
     sha256->heap = heap;
+#ifdef WOLF_CRYPTO_CB
+    sha256->devId = devId;
+#endif
     (void)devId;
 
     return InitSha256(sha256);
@@ -1575,6 +1649,9 @@ int wc_Sha256Transform(wc_Sha256* sha256, const unsigned char* data)
         sha224->loLen   = 0;
         sha224->hiLen   = 0;
 
+    #ifdef WOLFSSL_HASH_FLAGS
+        sha224->flags = 0;
+    #endif
         return ret;
     }
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
index b4c5d769..209ee0cf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm.S
@@ -30,6 +30,7 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_INLINE
 #ifdef WOLFSSL_SHA3
 #ifdef WOLFSSL_ARMASM_CRYPTO_SHA3
 #ifndef __APPLE__
@@ -213,3 +214,4 @@ L_sha3_crypto_begin:
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
index 54423e44..1f2d0408 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha3-asm_c.c
@@ -23,6 +23,7 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* Generated using (from wolfssl):
  *   cd ../scripts
@@ -30,6 +31,7 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
+#ifdef WOLFSSL_ARMASM_INLINE
 #include <wolfssl/wolfcrypt/sha3.h>
 
 #ifdef WOLFSSL_SHA3
@@ -175,7 +177,7 @@ void BlockSha3(unsigned long* state)
         "st1	{v24.1d}, [%x[state]]\n\t"
         : [state] "+r" (state)
         : [L_SHA3_transform_crypto_r] "S" (L_SHA3_transform_crypto_r)
-        : "memory", "x1", "x2", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+        : "memory", "x1", "x2", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31", "cc"
     );
 }
 
@@ -183,3 +185,4 @@ void BlockSha3(unsigned long* state)
 #endif /* WOLFSSL_SHA3 */
 #endif /* __aarch64__ */
 #endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
index 8bdd0641..3ff01580 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm.S
@@ -30,6 +30,7 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_INLINE
 #ifdef WOLFSSL_SHA512
 #ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
 #ifndef __APPLE__
@@ -1217,7 +1218,7 @@ _Transform_Sha512_Len_crypto:
 	adrp x4, L_SHA512_transform_crypto_len_k@PAGE
 	add  x4, x4, :lo12:L_SHA512_transform_crypto_len_k@PAGEOFF
 #endif /* __APPLE__ */
-	# Load first 16 64-bit words of K permantly
+	# Load first 16 64-bit words of K permanently
 	ld1	{v8.2d, v9.2d, v10.2d, v11.2d}, [x4], #0x40
 	ld1	{v12.2d, v13.2d, v14.2d, v15.2d}, [x4], #0x40
 	# Load digest into working vars
@@ -1739,3 +1740,4 @@ L_sha512_len_crypto_begin:
 #if defined(__linux__) && defined(__ELF__)
 .section	.note.GNU-stack,"",%progbits
 #endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
index 62f6696e..027dc8a1 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512-asm_c.c
@@ -23,6 +23,7 @@
     #include <config.h>
 #endif /* HAVE_CONFIG_H */
 #include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/error-crypt.h>
 
 /* Generated using (from wolfssl):
  *   cd ../scripts
@@ -30,6 +31,7 @@
  */
 #ifdef WOLFSSL_ARMASM
 #ifdef __aarch64__
+#ifdef WOLFSSL_ARMASM_INLINE
 #include <wolfssl/wolfcrypt/sha512.h>
 
 #ifdef WOLFSSL_SHA512
@@ -1047,7 +1049,7 @@ void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data, word32 len)
         "stp	x10, x11, [%x[sha512], #48]\n\t"
         : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
         : [L_SHA512_transform_neon_len_k] "S" (L_SHA512_transform_neon_len_k), [L_SHA512_transform_neon_len_ror8] "S" (L_SHA512_transform_neon_len_ror8)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "cc"
     );
 }
 
@@ -1149,7 +1151,7 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
         "adrp x4, %[L_SHA512_transform_crypto_len_k]@PAGE\n\t"
         "add  x4, x4, %[L_SHA512_transform_crypto_len_k]@PAGEOFF\n\t"
 #endif /* __APPLE__ */
-        /* Load first 16 64-bit words of K permantly */
+        /* Load first 16 64-bit words of K permanently */
         "ld1	{v8.2d, v9.2d, v10.2d, v11.2d}, [x4], #0x40\n\t"
         "ld1	{v12.2d, v13.2d, v14.2d, v15.2d}, [x4], #0x40\n\t"
         /* Load digest into working vars */
@@ -1657,7 +1659,7 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
         "st1	{v24.2d, v25.2d, v26.2d, v27.2d}, [%x[sha512]]\n\t"
         : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
         : [L_SHA512_transform_crypto_len_k] "S" (L_SHA512_transform_crypto_len_k)
-        : "memory", "x3", "x4", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31"
+        : "memory", "x3", "x4", "v0", "v1", "v2", "v3", "v4", "v5", "v6", "v7", "v8", "v9", "v10", "v11", "v12", "v13", "v14", "v15", "v16", "v17", "v18", "v19", "v20", "v21", "v22", "v23", "v24", "v25", "v26", "v27", "v28", "v29", "v30", "v31", "cc"
     );
 }
 
@@ -1665,3 +1667,4 @@ void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data, word32 len
 #endif /* WOLFSSL_SHA512 */
 #endif /* __aarch64__ */
 #endif /* WOLFSSL_ARMASM */
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
index 4a0a5784..45806249 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/armv8-sha512.c
@@ -146,23 +146,6 @@ static int InitSha512_256(wc_Sha512* sha512)
 
 #ifdef WOLFSSL_SHA512
 
-#ifdef WOLFSSL_ARMASM
-#ifdef __aarch64__
-#ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
-    extern void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data,
-        word32 len);
-    #define Transform_Sha512_Len    Transform_Sha512_Len_neon
-#else
-    extern void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data,
-        word32 len);
-    #define Transform_Sha512_Len    Transform_Sha512_Len_crypto
-#endif
-#else
-extern void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
-    word32 len);
-#endif
-#endif
-
 static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
                                                     enum wc_HashType type)
 {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
new file mode 100644
index 00000000..0badf8f9
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
@@ -0,0 +1,3360 @@
+/* thumb2-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./aes/aes.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+	.thumb
+	.syntax unified
+#ifndef NO_AES
+#ifdef HAVE_AES_DECRYPT
+	.text
+	.type	L_AES_Thumb2_td_data, %object
+	.size	L_AES_Thumb2_td_data, 1024
+	.align	4
+L_AES_Thumb2_td_data:
+	.word	0x5051f4a7
+	.word	0x537e4165
+	.word	0xc31a17a4
+	.word	0x963a275e
+	.word	0xcb3bab6b
+	.word	0xf11f9d45
+	.word	0xabacfa58
+	.word	0x934be303
+	.word	0x552030fa
+	.word	0xf6ad766d
+	.word	0x9188cc76
+	.word	0x25f5024c
+	.word	0xfc4fe5d7
+	.word	0xd7c52acb
+	.word	0x80263544
+	.word	0x8fb562a3
+	.word	0x49deb15a
+	.word	0x6725ba1b
+	.word	0x9845ea0e
+	.word	0xe15dfec0
+	.word	0x2c32f75
+	.word	0x12814cf0
+	.word	0xa38d4697
+	.word	0xc66bd3f9
+	.word	0xe7038f5f
+	.word	0x9515929c
+	.word	0xebbf6d7a
+	.word	0xda955259
+	.word	0x2dd4be83
+	.word	0xd3587421
+	.word	0x2949e069
+	.word	0x448ec9c8
+	.word	0x6a75c289
+	.word	0x78f48e79
+	.word	0x6b99583e
+	.word	0xdd27b971
+	.word	0xb6bee14f
+	.word	0x17f088ad
+	.word	0x66c920ac
+	.word	0xb47dce3a
+	.word	0x1863df4a
+	.word	0x82e51a31
+	.word	0x60975133
+	.word	0x4562537f
+	.word	0xe0b16477
+	.word	0x84bb6bae
+	.word	0x1cfe81a0
+	.word	0x94f9082b
+	.word	0x58704868
+	.word	0x198f45fd
+	.word	0x8794de6c
+	.word	0xb7527bf8
+	.word	0x23ab73d3
+	.word	0xe2724b02
+	.word	0x57e31f8f
+	.word	0x2a6655ab
+	.word	0x7b2eb28
+	.word	0x32fb5c2
+	.word	0x9a86c57b
+	.word	0xa5d33708
+	.word	0xf2302887
+	.word	0xb223bfa5
+	.word	0xba02036a
+	.word	0x5ced1682
+	.word	0x2b8acf1c
+	.word	0x92a779b4
+	.word	0xf0f307f2
+	.word	0xa14e69e2
+	.word	0xcd65daf4
+	.word	0xd50605be
+	.word	0x1fd13462
+	.word	0x8ac4a6fe
+	.word	0x9d342e53
+	.word	0xa0a2f355
+	.word	0x32058ae1
+	.word	0x75a4f6eb
+	.word	0x390b83ec
+	.word	0xaa4060ef
+	.word	0x65e719f
+	.word	0x51bd6e10
+	.word	0xf93e218a
+	.word	0x3d96dd06
+	.word	0xaedd3e05
+	.word	0x464de6bd
+	.word	0xb591548d
+	.word	0x571c45d
+	.word	0x6f0406d4
+	.word	0xff605015
+	.word	0x241998fb
+	.word	0x97d6bde9
+	.word	0xcc894043
+	.word	0x7767d99e
+	.word	0xbdb0e842
+	.word	0x8807898b
+	.word	0x38e7195b
+	.word	0xdb79c8ee
+	.word	0x47a17c0a
+	.word	0xe97c420f
+	.word	0xc9f8841e
+	.word	0x0
+	.word	0x83098086
+	.word	0x48322bed
+	.word	0xac1e1170
+	.word	0x4e6c5a72
+	.word	0xfbfd0eff
+	.word	0x560f8538
+	.word	0x1e3daed5
+	.word	0x27362d39
+	.word	0x640a0fd9
+	.word	0x21685ca6
+	.word	0xd19b5b54
+	.word	0x3a24362e
+	.word	0xb10c0a67
+	.word	0xf9357e7
+	.word	0xd2b4ee96
+	.word	0x9e1b9b91
+	.word	0x4f80c0c5
+	.word	0xa261dc20
+	.word	0x695a774b
+	.word	0x161c121a
+	.word	0xae293ba
+	.word	0xe5c0a02a
+	.word	0x433c22e0
+	.word	0x1d121b17
+	.word	0xb0e090d
+	.word	0xadf28bc7
+	.word	0xb92db6a8
+	.word	0xc8141ea9
+	.word	0x8557f119
+	.word	0x4caf7507
+	.word	0xbbee99dd
+	.word	0xfda37f60
+	.word	0x9ff70126
+	.word	0xbc5c72f5
+	.word	0xc544663b
+	.word	0x345bfb7e
+	.word	0x768b4329
+	.word	0xdccb23c6
+	.word	0x68b6edfc
+	.word	0x63b8e4f1
+	.word	0xcad731dc
+	.word	0x10426385
+	.word	0x40139722
+	.word	0x2084c611
+	.word	0x7d854a24
+	.word	0xf8d2bb3d
+	.word	0x11aef932
+	.word	0x6dc729a1
+	.word	0x4b1d9e2f
+	.word	0xf3dcb230
+	.word	0xec0d8652
+	.word	0xd077c1e3
+	.word	0x6c2bb316
+	.word	0x99a970b9
+	.word	0xfa119448
+	.word	0x2247e964
+	.word	0xc4a8fc8c
+	.word	0x1aa0f03f
+	.word	0xd8567d2c
+	.word	0xef223390
+	.word	0xc787494e
+	.word	0xc1d938d1
+	.word	0xfe8ccaa2
+	.word	0x3698d40b
+	.word	0xcfa6f581
+	.word	0x28a57ade
+	.word	0x26dab78e
+	.word	0xa43fadbf
+	.word	0xe42c3a9d
+	.word	0xd507892
+	.word	0x9b6a5fcc
+	.word	0x62547e46
+	.word	0xc2f68d13
+	.word	0xe890d8b8
+	.word	0x5e2e39f7
+	.word	0xf582c3af
+	.word	0xbe9f5d80
+	.word	0x7c69d093
+	.word	0xa96fd52d
+	.word	0xb3cf2512
+	.word	0x3bc8ac99
+	.word	0xa710187d
+	.word	0x6ee89c63
+	.word	0x7bdb3bbb
+	.word	0x9cd2678
+	.word	0xf46e5918
+	.word	0x1ec9ab7
+	.word	0xa8834f9a
+	.word	0x65e6956e
+	.word	0x7eaaffe6
+	.word	0x821bccf
+	.word	0xe6ef15e8
+	.word	0xd9bae79b
+	.word	0xce4a6f36
+	.word	0xd4ea9f09
+	.word	0xd629b07c
+	.word	0xaf31a4b2
+	.word	0x312a3f23
+	.word	0x30c6a594
+	.word	0xc035a266
+	.word	0x37744ebc
+	.word	0xa6fc82ca
+	.word	0xb0e090d0
+	.word	0x1533a7d8
+	.word	0x4af10498
+	.word	0xf741ecda
+	.word	0xe7fcd50
+	.word	0x2f1791f6
+	.word	0x8d764dd6
+	.word	0x4d43efb0
+	.word	0x54ccaa4d
+	.word	0xdfe49604
+	.word	0xe39ed1b5
+	.word	0x1b4c6a88
+	.word	0xb8c12c1f
+	.word	0x7f466551
+	.word	0x49d5eea
+	.word	0x5d018c35
+	.word	0x73fa8774
+	.word	0x2efb0b41
+	.word	0x5ab3671d
+	.word	0x5292dbd2
+	.word	0x33e91056
+	.word	0x136dd647
+	.word	0x8c9ad761
+	.word	0x7a37a10c
+	.word	0x8e59f814
+	.word	0x89eb133c
+	.word	0xeecea927
+	.word	0x35b761c9
+	.word	0xede11ce5
+	.word	0x3c7a47b1
+	.word	0x599cd2df
+	.word	0x3f55f273
+	.word	0x791814ce
+	.word	0xbf73c737
+	.word	0xea53f7cd
+	.word	0x5b5ffdaa
+	.word	0x14df3d6f
+	.word	0x867844db
+	.word	0x81caaff3
+	.word	0x3eb968c4
+	.word	0x2c382434
+	.word	0x5fc2a340
+	.word	0x72161dc3
+	.word	0xcbce225
+	.word	0x8b283c49
+	.word	0x41ff0d95
+	.word	0x7139a801
+	.word	0xde080cb3
+	.word	0x9cd8b4e4
+	.word	0x906456c1
+	.word	0x617bcb84
+	.word	0x70d532b6
+	.word	0x74486c5c
+	.word	0x42d0b857
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.type	L_AES_Thumb2_te_data, %object
+	.size	L_AES_Thumb2_te_data, 1024
+	.align	4
+L_AES_Thumb2_te_data:
+	.word	0xa5c66363
+	.word	0x84f87c7c
+	.word	0x99ee7777
+	.word	0x8df67b7b
+	.word	0xdfff2f2
+	.word	0xbdd66b6b
+	.word	0xb1de6f6f
+	.word	0x5491c5c5
+	.word	0x50603030
+	.word	0x3020101
+	.word	0xa9ce6767
+	.word	0x7d562b2b
+	.word	0x19e7fefe
+	.word	0x62b5d7d7
+	.word	0xe64dabab
+	.word	0x9aec7676
+	.word	0x458fcaca
+	.word	0x9d1f8282
+	.word	0x4089c9c9
+	.word	0x87fa7d7d
+	.word	0x15effafa
+	.word	0xebb25959
+	.word	0xc98e4747
+	.word	0xbfbf0f0
+	.word	0xec41adad
+	.word	0x67b3d4d4
+	.word	0xfd5fa2a2
+	.word	0xea45afaf
+	.word	0xbf239c9c
+	.word	0xf753a4a4
+	.word	0x96e47272
+	.word	0x5b9bc0c0
+	.word	0xc275b7b7
+	.word	0x1ce1fdfd
+	.word	0xae3d9393
+	.word	0x6a4c2626
+	.word	0x5a6c3636
+	.word	0x417e3f3f
+	.word	0x2f5f7f7
+	.word	0x4f83cccc
+	.word	0x5c683434
+	.word	0xf451a5a5
+	.word	0x34d1e5e5
+	.word	0x8f9f1f1
+	.word	0x93e27171
+	.word	0x73abd8d8
+	.word	0x53623131
+	.word	0x3f2a1515
+	.word	0xc080404
+	.word	0x5295c7c7
+	.word	0x65462323
+	.word	0x5e9dc3c3
+	.word	0x28301818
+	.word	0xa1379696
+	.word	0xf0a0505
+	.word	0xb52f9a9a
+	.word	0x90e0707
+	.word	0x36241212
+	.word	0x9b1b8080
+	.word	0x3ddfe2e2
+	.word	0x26cdebeb
+	.word	0x694e2727
+	.word	0xcd7fb2b2
+	.word	0x9fea7575
+	.word	0x1b120909
+	.word	0x9e1d8383
+	.word	0x74582c2c
+	.word	0x2e341a1a
+	.word	0x2d361b1b
+	.word	0xb2dc6e6e
+	.word	0xeeb45a5a
+	.word	0xfb5ba0a0
+	.word	0xf6a45252
+	.word	0x4d763b3b
+	.word	0x61b7d6d6
+	.word	0xce7db3b3
+	.word	0x7b522929
+	.word	0x3edde3e3
+	.word	0x715e2f2f
+	.word	0x97138484
+	.word	0xf5a65353
+	.word	0x68b9d1d1
+	.word	0x0
+	.word	0x2cc1eded
+	.word	0x60402020
+	.word	0x1fe3fcfc
+	.word	0xc879b1b1
+	.word	0xedb65b5b
+	.word	0xbed46a6a
+	.word	0x468dcbcb
+	.word	0xd967bebe
+	.word	0x4b723939
+	.word	0xde944a4a
+	.word	0xd4984c4c
+	.word	0xe8b05858
+	.word	0x4a85cfcf
+	.word	0x6bbbd0d0
+	.word	0x2ac5efef
+	.word	0xe54faaaa
+	.word	0x16edfbfb
+	.word	0xc5864343
+	.word	0xd79a4d4d
+	.word	0x55663333
+	.word	0x94118585
+	.word	0xcf8a4545
+	.word	0x10e9f9f9
+	.word	0x6040202
+	.word	0x81fe7f7f
+	.word	0xf0a05050
+	.word	0x44783c3c
+	.word	0xba259f9f
+	.word	0xe34ba8a8
+	.word	0xf3a25151
+	.word	0xfe5da3a3
+	.word	0xc0804040
+	.word	0x8a058f8f
+	.word	0xad3f9292
+	.word	0xbc219d9d
+	.word	0x48703838
+	.word	0x4f1f5f5
+	.word	0xdf63bcbc
+	.word	0xc177b6b6
+	.word	0x75afdada
+	.word	0x63422121
+	.word	0x30201010
+	.word	0x1ae5ffff
+	.word	0xefdf3f3
+	.word	0x6dbfd2d2
+	.word	0x4c81cdcd
+	.word	0x14180c0c
+	.word	0x35261313
+	.word	0x2fc3ecec
+	.word	0xe1be5f5f
+	.word	0xa2359797
+	.word	0xcc884444
+	.word	0x392e1717
+	.word	0x5793c4c4
+	.word	0xf255a7a7
+	.word	0x82fc7e7e
+	.word	0x477a3d3d
+	.word	0xacc86464
+	.word	0xe7ba5d5d
+	.word	0x2b321919
+	.word	0x95e67373
+	.word	0xa0c06060
+	.word	0x98198181
+	.word	0xd19e4f4f
+	.word	0x7fa3dcdc
+	.word	0x66442222
+	.word	0x7e542a2a
+	.word	0xab3b9090
+	.word	0x830b8888
+	.word	0xca8c4646
+	.word	0x29c7eeee
+	.word	0xd36bb8b8
+	.word	0x3c281414
+	.word	0x79a7dede
+	.word	0xe2bc5e5e
+	.word	0x1d160b0b
+	.word	0x76addbdb
+	.word	0x3bdbe0e0
+	.word	0x56643232
+	.word	0x4e743a3a
+	.word	0x1e140a0a
+	.word	0xdb924949
+	.word	0xa0c0606
+	.word	0x6c482424
+	.word	0xe4b85c5c
+	.word	0x5d9fc2c2
+	.word	0x6ebdd3d3
+	.word	0xef43acac
+	.word	0xa6c46262
+	.word	0xa8399191
+	.word	0xa4319595
+	.word	0x37d3e4e4
+	.word	0x8bf27979
+	.word	0x32d5e7e7
+	.word	0x438bc8c8
+	.word	0x596e3737
+	.word	0xb7da6d6d
+	.word	0x8c018d8d
+	.word	0x64b1d5d5
+	.word	0xd29c4e4e
+	.word	0xe049a9a9
+	.word	0xb4d86c6c
+	.word	0xfaac5656
+	.word	0x7f3f4f4
+	.word	0x25cfeaea
+	.word	0xafca6565
+	.word	0x8ef47a7a
+	.word	0xe947aeae
+	.word	0x18100808
+	.word	0xd56fbaba
+	.word	0x88f07878
+	.word	0x6f4a2525
+	.word	0x725c2e2e
+	.word	0x24381c1c
+	.word	0xf157a6a6
+	.word	0xc773b4b4
+	.word	0x5197c6c6
+	.word	0x23cbe8e8
+	.word	0x7ca1dddd
+	.word	0x9ce87474
+	.word	0x213e1f1f
+	.word	0xdd964b4b
+	.word	0xdc61bdbd
+	.word	0x860d8b8b
+	.word	0x850f8a8a
+	.word	0x90e07070
+	.word	0x427c3e3e
+	.word	0xc471b5b5
+	.word	0xaacc6666
+	.word	0xd8904848
+	.word	0x5060303
+	.word	0x1f7f6f6
+	.word	0x121c0e0e
+	.word	0xa3c26161
+	.word	0x5f6a3535
+	.word	0xf9ae5757
+	.word	0xd069b9b9
+	.word	0x91178686
+	.word	0x5899c1c1
+	.word	0x273a1d1d
+	.word	0xb9279e9e
+	.word	0x38d9e1e1
+	.word	0x13ebf8f8
+	.word	0xb32b9898
+	.word	0x33221111
+	.word	0xbbd26969
+	.word	0x70a9d9d9
+	.word	0x89078e8e
+	.word	0xa7339494
+	.word	0xb62d9b9b
+	.word	0x223c1e1e
+	.word	0x92158787
+	.word	0x20c9e9e9
+	.word	0x4987cece
+	.word	0xffaa5555
+	.word	0x78502828
+	.word	0x7aa5dfdf
+	.word	0x8f038c8c
+	.word	0xf859a1a1
+	.word	0x80098989
+	.word	0x171a0d0d
+	.word	0xda65bfbf
+	.word	0x31d7e6e6
+	.word	0xc6844242
+	.word	0xb8d06868
+	.word	0xc3824141
+	.word	0xb0299999
+	.word	0x775a2d2d
+	.word	0x111e0f0f
+	.word	0xcb7bb0b0
+	.word	0xfca85454
+	.word	0xd66dbbbb
+	.word	0x3a2c1616
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+	.text
+	.type	L_AES_Thumb2_td, %object
+	.size	L_AES_Thumb2_td, 12
+	.align	4
+L_AES_Thumb2_td:
+	.word	L_AES_Thumb2_td_data
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.type	L_AES_Thumb2_te, %object
+	.size	L_AES_Thumb2_te, 12
+	.align	4
+L_AES_Thumb2_te:
+	.word	L_AES_Thumb2_te_data
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+	.text
+	.align	4
+	.globl	AES_invert_key
+	.type	AES_invert_key, %function
+AES_invert_key:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r12, L_AES_Thumb2_te
+	LDR	lr, L_AES_Thumb2_td
+	ADD	r10, r0, r1, LSL #4
+	MOV	r11, r1
+L_AES_invert_key_loop:
+	LDM	r0, {r2, r3, r4, r5}
+	LDM	r10, {r6, r7, r8, r9}
+	STM	r10, {r2, r3, r4, r5}
+	STM	r0!, {r6, r7, r8, r9}
+	SUBS	r11, r11, #0x2
+	SUB	r10, r10, #0x10
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_AES_invert_key_loop
+#else
+	BNE.N	L_AES_invert_key_loop
+#endif
+	SUB	r0, r0, r1, LSL #3
+	ADD	r0, r0, #0x10
+	SUB	r11, r1, #0x1
+L_AES_invert_key_mix_loop:
+	LDM	r0, {r2, r3, r4, r5}
+	UBFX	r6, r2, #0, #8
+	UBFX	r7, r2, #8, #8
+	UBFX	r8, r2, #16, #8
+	LSR	r9, r2, #24
+	LDRB	r6, [r12, r6, LSL #2]
+	LDRB	r7, [r12, r7, LSL #2]
+	LDRB	r8, [r12, r8, LSL #2]
+	LDRB	r9, [r12, r9, LSL #2]
+	LDR	r6, [lr, r6, LSL #2]
+	LDR	r7, [lr, r7, LSL #2]
+	LDR	r8, [lr, r8, LSL #2]
+	LDR	r9, [lr, r9, LSL #2]
+	EOR	r8, r8, r6, ROR #16
+	EOR	r8, r8, r7, ROR #8
+	EOR	r8, r8, r9, ROR #24
+	STR	r8, [r0], #4
+	UBFX	r6, r3, #0, #8
+	UBFX	r7, r3, #8, #8
+	UBFX	r8, r3, #16, #8
+	LSR	r9, r3, #24
+	LDRB	r6, [r12, r6, LSL #2]
+	LDRB	r7, [r12, r7, LSL #2]
+	LDRB	r8, [r12, r8, LSL #2]
+	LDRB	r9, [r12, r9, LSL #2]
+	LDR	r6, [lr, r6, LSL #2]
+	LDR	r7, [lr, r7, LSL #2]
+	LDR	r8, [lr, r8, LSL #2]
+	LDR	r9, [lr, r9, LSL #2]
+	EOR	r8, r8, r6, ROR #16
+	EOR	r8, r8, r7, ROR #8
+	EOR	r8, r8, r9, ROR #24
+	STR	r8, [r0], #4
+	UBFX	r6, r4, #0, #8
+	UBFX	r7, r4, #8, #8
+	UBFX	r8, r4, #16, #8
+	LSR	r9, r4, #24
+	LDRB	r6, [r12, r6, LSL #2]
+	LDRB	r7, [r12, r7, LSL #2]
+	LDRB	r8, [r12, r8, LSL #2]
+	LDRB	r9, [r12, r9, LSL #2]
+	LDR	r6, [lr, r6, LSL #2]
+	LDR	r7, [lr, r7, LSL #2]
+	LDR	r8, [lr, r8, LSL #2]
+	LDR	r9, [lr, r9, LSL #2]
+	EOR	r8, r8, r6, ROR #16
+	EOR	r8, r8, r7, ROR #8
+	EOR	r8, r8, r9, ROR #24
+	STR	r8, [r0], #4
+	UBFX	r6, r5, #0, #8
+	UBFX	r7, r5, #8, #8
+	UBFX	r8, r5, #16, #8
+	LSR	r9, r5, #24
+	LDRB	r6, [r12, r6, LSL #2]
+	LDRB	r7, [r12, r7, LSL #2]
+	LDRB	r8, [r12, r8, LSL #2]
+	LDRB	r9, [r12, r9, LSL #2]
+	LDR	r6, [lr, r6, LSL #2]
+	LDR	r7, [lr, r7, LSL #2]
+	LDR	r8, [lr, r8, LSL #2]
+	LDR	r9, [lr, r9, LSL #2]
+	EOR	r8, r8, r6, ROR #16
+	EOR	r8, r8, r7, ROR #8
+	EOR	r8, r8, r9, ROR #24
+	STR	r8, [r0], #4
+	SUBS	r11, r11, #0x1
+#ifdef __GNUC__
+	BNE	L_AES_invert_key_mix_loop
+#else
+	BNE.W	L_AES_invert_key_mix_loop
+#endif
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 165 */
+	.size	AES_invert_key,.-AES_invert_key
+#endif /* HAVE_AES_DECRYPT */
+	.text
+	.type	L_AES_Thumb2_rcon, %object
+	.size	L_AES_Thumb2_rcon, 40
+	.align	4
+L_AES_Thumb2_rcon:
+	.word	0x1000000
+	.word	0x2000000
+	.word	0x4000000
+	.word	0x8000000
+	.word	0x10000000
+	.word	0x20000000
+	.word	0x40000000
+	.word	0x80000000
+	.word	0x1b000000
+	.word	0x36000000
+	.text
+	.align	4
+	.globl	AES_set_encrypt_key
+	.type	AES_set_encrypt_key, %function
+AES_set_encrypt_key:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, lr}
+	LDR	r10, L_AES_Thumb2_te
+	ADR	lr, L_AES_Thumb2_rcon
+	CMP	r1, #0x80
+#ifdef __GNUC__
+	BEQ	L_AES_set_encrypt_key_start_128
+#else
+	BEQ.W	L_AES_set_encrypt_key_start_128
+#endif
+	CMP	r1, #0xc0
+#ifdef __GNUC__
+	BEQ	L_AES_set_encrypt_key_start_192
+#else
+	BEQ.W	L_AES_set_encrypt_key_start_192
+#endif
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r2!, {r4, r5, r6, r7}
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r2, {r4, r5, r6, r7}
+	SUB	r2, r2, #0x10
+	MOV	r12, #0x6
+L_AES_set_encrypt_key_loop_256:
+	UBFX	r4, r7, #0, #8
+	UBFX	r5, r7, #8, #8
+	UBFX	r6, r7, #16, #8
+	LSR	r7, r7, #24
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r7, [r10, r7, LSL #2]
+	EOR	r3, r7, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7}
+	EOR	r4, r4, r3
+	LDM	lr!, {r3}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	ADD	r2, r2, #0x10
+	STM	r2, {r4, r5, r6, r7}
+	SUB	r2, r2, #0x10
+	MOV	r3, r7
+	UBFX	r4, r3, #8, #8
+	UBFX	r5, r3, #16, #8
+	LSR	r6, r3, #24
+	UBFX	r3, r3, #0, #8
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r3, [r10, r3, LSL #2]
+	EOR	r3, r3, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	ADD	r2, r2, #0x10
+	STM	r2, {r4, r5, r6, r7}
+	SUB	r2, r2, #0x10
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_AES_set_encrypt_key_loop_256
+#else
+	BNE.N	L_AES_set_encrypt_key_loop_256
+#endif
+	UBFX	r4, r7, #0, #8
+	UBFX	r5, r7, #8, #8
+	UBFX	r6, r7, #16, #8
+	LSR	r7, r7, #24
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r7, [r10, r7, LSL #2]
+	EOR	r3, r7, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7}
+	EOR	r4, r4, r3
+	LDM	lr!, {r3}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	ADD	r2, r2, #0x10
+	STM	r2, {r4, r5, r6, r7}
+	SUB	r2, r2, #0x10
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_set_encrypt_key_end
+#else
+	B.N	L_AES_set_encrypt_key_end
+#endif
+L_AES_set_encrypt_key_start_192:
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	STM	r2, {r4, r5, r6, r7}
+	STRD	r8, r9, [r2, #16]
+	MOV	r7, r9
+	MOV	r12, #0x7
+L_AES_set_encrypt_key_loop_192:
+	UBFX	r4, r9, #0, #8
+	UBFX	r5, r9, #8, #8
+	UBFX	r6, r9, #16, #8
+	LSR	r9, r9, #24
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r9, [r10, r9, LSL #2]
+	EOR	r3, r9, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7, r8, r9}
+	EOR	r4, r4, r3
+	LDM	lr!, {r3}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	EOR	r8, r8, r7
+	EOR	r9, r9, r8
+	STM	r2, {r4, r5, r6, r7, r8, r9}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_AES_set_encrypt_key_loop_192
+#else
+	BNE.N	L_AES_set_encrypt_key_loop_192
+#endif
+	UBFX	r4, r9, #0, #8
+	UBFX	r5, r9, #8, #8
+	UBFX	r6, r9, #16, #8
+	LSR	r9, r9, #24
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r9, [r10, r9, LSL #2]
+	EOR	r3, r9, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7, r8, r9}
+	EOR	r4, r4, r3
+	LDM	lr!, {r3}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	STM	r2, {r4, r5, r6, r7}
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_set_encrypt_key_end
+#else
+	B.N	L_AES_set_encrypt_key_end
+#endif
+L_AES_set_encrypt_key_start_128:
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r2, {r4, r5, r6, r7}
+	MOV	r12, #0xa
+L_AES_set_encrypt_key_loop_128:
+	UBFX	r4, r7, #0, #8
+	UBFX	r5, r7, #8, #8
+	UBFX	r6, r7, #16, #8
+	LSR	r7, r7, #24
+	LDRB	r4, [r10, r4, LSL #2]
+	LDRB	r5, [r10, r5, LSL #2]
+	LDRB	r6, [r10, r6, LSL #2]
+	LDRB	r7, [r10, r7, LSL #2]
+	EOR	r3, r7, r4, LSL #8
+	EOR	r3, r3, r5, LSL #16
+	EOR	r3, r3, r6, LSL #24
+	LDM	r2!, {r4, r5, r6, r7}
+	EOR	r4, r4, r3
+	LDM	lr!, {r3}
+	EOR	r4, r4, r3
+	EOR	r5, r5, r4
+	EOR	r6, r6, r5
+	EOR	r7, r7, r6
+	STM	r2, {r4, r5, r6, r7}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_AES_set_encrypt_key_loop_128
+#else
+	BNE.N	L_AES_set_encrypt_key_loop_128
+#endif
+L_AES_set_encrypt_key_end:
+	POP	{r4, r5, r6, r7, r8, r9, r10, pc}
+	/* Cycle Count = 331 */
+	.size	AES_set_encrypt_key,.-AES_set_encrypt_key
+	.text
+	.align	4
+	.globl	AES_encrypt_block
+	.type	AES_encrypt_block, %function
+AES_encrypt_block:
+	PUSH	{lr}
+L_AES_encrypt_block_nr:
+	UBFX	r8, r5, #16, #8
+	LSR	r11, r4, #24
+	UBFX	lr, r6, #8, #8
+	UBFX	r2, r7, #0, #8
+	LDR	r8, [r0, r8, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r9, r6, #16, #8
+	EOR	r8, r8, r11, ROR #24
+	LSR	r11, r5, #24
+	EOR	r8, r8, lr, ROR #8
+	UBFX	lr, r7, #8, #8
+	EOR	r8, r8, r2, ROR #16
+	UBFX	r2, r4, #0, #8
+	LDR	r9, [r0, r9, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r10, r7, #16, #8
+	EOR	r9, r9, r11, ROR #24
+	LSR	r11, r6, #24
+	EOR	r9, r9, lr, ROR #8
+	UBFX	lr, r4, #8, #8
+	EOR	r9, r9, r2, ROR #16
+	UBFX	r2, r5, #0, #8
+	LDR	r10, [r0, r10, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r6, r6, #0, #8
+	EOR	r10, r10, r11, ROR #24
+	UBFX	r11, r4, #16, #8
+	EOR	r10, r10, lr, ROR #8
+	LSR	lr, r7, #24
+	EOR	r10, r10, r2, ROR #16
+	UBFX	r2, r5, #8, #8
+	LDR	r6, [r0, r6, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	EOR	lr, lr, r6, ROR #24
+	LDM	r3!, {r4, r5, r6, r7}
+	EOR	r11, r11, lr, ROR #24
+	EOR	r11, r11, r2, ROR #8
+	/*   XOR in Key Schedule */
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	UBFX	r4, r9, #16, #8
+	LSR	r7, r8, #24
+	UBFX	lr, r10, #8, #8
+	UBFX	r2, r11, #0, #8
+	LDR	r4, [r0, r4, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r5, r10, #16, #8
+	EOR	r4, r4, r7, ROR #24
+	LSR	r7, r9, #24
+	EOR	r4, r4, lr, ROR #8
+	UBFX	lr, r11, #8, #8
+	EOR	r4, r4, r2, ROR #16
+	UBFX	r2, r8, #0, #8
+	LDR	r5, [r0, r5, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r6, r11, #16, #8
+	EOR	r5, r5, r7, ROR #24
+	LSR	r7, r10, #24
+	EOR	r5, r5, lr, ROR #8
+	UBFX	lr, r8, #8, #8
+	EOR	r5, r5, r2, ROR #16
+	UBFX	r2, r9, #0, #8
+	LDR	r6, [r0, r6, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r10, r10, #0, #8
+	EOR	r6, r6, r7, ROR #24
+	UBFX	r7, r8, #16, #8
+	EOR	r6, r6, lr, ROR #8
+	LSR	lr, r11, #24
+	EOR	r6, r6, r2, ROR #16
+	UBFX	r2, r9, #8, #8
+	LDR	r10, [r0, r10, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	EOR	lr, lr, r10, ROR #24
+	LDM	r3!, {r8, r9, r10, r11}
+	EOR	r7, r7, lr, ROR #24
+	EOR	r7, r7, r2, ROR #8
+	/*   XOR in Key Schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	SUBS	r1, r1, #0x1
+#ifdef __GNUC__
+	BNE	L_AES_encrypt_block_nr
+#else
+	BNE.W	L_AES_encrypt_block_nr
+#endif
+	UBFX	r8, r5, #16, #8
+	LSR	r11, r4, #24
+	UBFX	lr, r6, #8, #8
+	UBFX	r2, r7, #0, #8
+	LDR	r8, [r0, r8, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r9, r6, #16, #8
+	EOR	r8, r8, r11, ROR #24
+	LSR	r11, r5, #24
+	EOR	r8, r8, lr, ROR #8
+	UBFX	lr, r7, #8, #8
+	EOR	r8, r8, r2, ROR #16
+	UBFX	r2, r4, #0, #8
+	LDR	r9, [r0, r9, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r10, r7, #16, #8
+	EOR	r9, r9, r11, ROR #24
+	LSR	r11, r6, #24
+	EOR	r9, r9, lr, ROR #8
+	UBFX	lr, r4, #8, #8
+	EOR	r9, r9, r2, ROR #16
+	UBFX	r2, r5, #0, #8
+	LDR	r10, [r0, r10, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	UBFX	r6, r6, #0, #8
+	EOR	r10, r10, r11, ROR #24
+	UBFX	r11, r4, #16, #8
+	EOR	r10, r10, lr, ROR #8
+	LSR	lr, r7, #24
+	EOR	r10, r10, r2, ROR #16
+	UBFX	r2, r5, #8, #8
+	LDR	r6, [r0, r6, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r2, [r0, r2, LSL #2]
+	EOR	lr, lr, r6, ROR #24
+	LDM	r3!, {r4, r5, r6, r7}
+	EOR	r11, r11, lr, ROR #24
+	EOR	r11, r11, r2, ROR #8
+	/*   XOR in Key Schedule */
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	UBFX	r4, r11, #0, #8
+	UBFX	r7, r10, #8, #8
+	UBFX	lr, r9, #16, #8
+	LSR	r2, r8, #24
+	LDRB	r4, [r0, r4, LSL #2]
+	LDRB	r7, [r0, r7, LSL #2]
+	LDRB	lr, [r0, lr, LSL #2]
+	LDRB	r2, [r0, r2, LSL #2]
+	UBFX	r5, r8, #0, #8
+	EOR	r4, r4, r7, LSL #8
+	UBFX	r7, r11, #8, #8
+	EOR	r4, r4, lr, LSL #16
+	UBFX	lr, r10, #16, #8
+	EOR	r4, r4, r2, LSL #24
+	LSR	r2, r9, #24
+	LDRB	r5, [r0, r5, LSL #2]
+	LDRB	r7, [r0, r7, LSL #2]
+	LDRB	lr, [r0, lr, LSL #2]
+	LDRB	r2, [r0, r2, LSL #2]
+	UBFX	r6, r9, #0, #8
+	EOR	r5, r5, r7, LSL #8
+	UBFX	r7, r8, #8, #8
+	EOR	r5, r5, lr, LSL #16
+	UBFX	lr, r11, #16, #8
+	EOR	r5, r5, r2, LSL #24
+	LSR	r2, r10, #24
+	LDRB	r6, [r0, r6, LSL #2]
+	LDRB	r7, [r0, r7, LSL #2]
+	LDRB	lr, [r0, lr, LSL #2]
+	LDRB	r2, [r0, r2, LSL #2]
+	LSR	r11, r11, #24
+	EOR	r6, r6, r7, LSL #8
+	UBFX	r7, r10, #0, #8
+	EOR	r6, r6, lr, LSL #16
+	UBFX	lr, r9, #8, #8
+	EOR	r6, r6, r2, LSL #24
+	UBFX	r2, r8, #16, #8
+	LDRB	r11, [r0, r11, LSL #2]
+	LDRB	r7, [r0, r7, LSL #2]
+	LDRB	lr, [r0, lr, LSL #2]
+	LDRB	r2, [r0, r2, LSL #2]
+	EOR	lr, lr, r11, LSL #16
+	LDM	r3, {r8, r9, r10, r11}
+	EOR	r7, r7, lr, LSL #8
+	EOR	r7, r7, r2, LSL #16
+	/*   XOR in Key Schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	POP	{pc}
+	/* Cycle Count = 285 */
+	.size	AES_encrypt_block,.-AES_encrypt_block
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.type	L_AES_Thumb2_te_ecb, %object
+	.size	L_AES_Thumb2_te_ecb, 12
+	.align	4
+L_AES_Thumb2_te_ecb:
+	.word	L_AES_Thumb2_te_data
+#endif /* HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.align	4
+	.globl	AES_ECB_encrypt
+	.type	AES_ECB_encrypt, %function
+AES_ECB_encrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_te_ecb
+	LDR	r12, [sp, #36]
+	PUSH	{r3}
+	CMP	r12, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_ECB_encrypt_start_block_128
+#else
+	BEQ.W	L_AES_ECB_encrypt_start_block_128
+#endif
+	CMP	r12, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_ECB_encrypt_start_block_192
+#else
+	BEQ.W	L_AES_ECB_encrypt_start_block_192
+#endif
+L_AES_ECB_encrypt_loop_block_256:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_encrypt_loop_block_256
+#else
+	BNE.W	L_AES_ECB_encrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_ECB_encrypt_end
+#else
+	B.N	L_AES_ECB_encrypt_end
+#endif
+L_AES_ECB_encrypt_start_block_192:
+L_AES_ECB_encrypt_loop_block_192:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_encrypt_loop_block_192
+#else
+	BNE.W	L_AES_ECB_encrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_ECB_encrypt_end
+#else
+	B.N	L_AES_ECB_encrypt_end
+#endif
+L_AES_ECB_encrypt_start_block_128:
+L_AES_ECB_encrypt_loop_block_128:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_encrypt_loop_block_128
+#else
+	BNE.W	L_AES_ECB_encrypt_loop_block_128
+#endif
+L_AES_ECB_encrypt_end:
+	POP	{r3}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 212 */
+	.size	AES_ECB_encrypt,.-AES_ECB_encrypt
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+	.text
+	.align	4
+	.globl	AES_CBC_encrypt
+	.type	AES_CBC_encrypt, %function
+AES_CBC_encrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r8, [sp, #36]
+	LDR	r9, [sp, #40]
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_te_ecb
+	LDM	r9, {r4, r5, r6, r7}
+	PUSH	{r3, r9}
+	CMP	r8, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_encrypt_start_block_128
+#else
+	BEQ.W	L_AES_CBC_encrypt_start_block_128
+#endif
+	CMP	r8, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_encrypt_start_block_192
+#else
+	BEQ.W	L_AES_CBC_encrypt_start_block_192
+#endif
+L_AES_CBC_encrypt_loop_block_256:
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_encrypt_loop_block_256
+#else
+	BNE.W	L_AES_CBC_encrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_CBC_encrypt_end
+#else
+	B.N	L_AES_CBC_encrypt_end
+#endif
+L_AES_CBC_encrypt_start_block_192:
+L_AES_CBC_encrypt_loop_block_192:
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_encrypt_loop_block_192
+#else
+	BNE.W	L_AES_CBC_encrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_CBC_encrypt_end
+#else
+	B.N	L_AES_CBC_encrypt_end
+#endif
+L_AES_CBC_encrypt_start_block_128:
+L_AES_CBC_encrypt_loop_block_128:
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	PUSH	{r1, r2, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_encrypt_loop_block_128
+#else
+	BNE.W	L_AES_CBC_encrypt_loop_block_128
+#endif
+L_AES_CBC_encrypt_end:
+	POP	{r3, r9}
+	STM	r9, {r4, r5, r6, r7}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 238 */
+	.size	AES_CBC_encrypt,.-AES_CBC_encrypt
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+	.text
+	.align	4
+	.globl	AES_CTR_encrypt
+	.type	AES_CTR_encrypt, %function
+AES_CTR_encrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r12, [sp, #36]
+	LDR	r8, [sp, #40]
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_te_ecb
+	LDM	r8, {r4, r5, r6, r7}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r8, {r4, r5, r6, r7}
+	PUSH	{r3, r8}
+	CMP	r12, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_CTR_encrypt_start_block_128
+#else
+	BEQ.W	L_AES_CTR_encrypt_start_block_128
+#endif
+	CMP	r12, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_CTR_encrypt_start_block_192
+#else
+	BEQ.W	L_AES_CTR_encrypt_start_block_192
+#endif
+L_AES_CTR_encrypt_loop_block_256:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADDS	r11, r7, #0x1
+	ADCS	r10, r6, #0x0
+	ADCS	r9, r5, #0x0
+	ADC	r8, r4, #0x0
+	STM	lr, {r8, r9, r10, r11}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CTR_encrypt_loop_block_256
+#else
+	BNE.W	L_AES_CTR_encrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+	B	L_AES_CTR_encrypt_end
+#else
+	B.W	L_AES_CTR_encrypt_end
+#endif
+L_AES_CTR_encrypt_start_block_192:
+L_AES_CTR_encrypt_loop_block_192:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADDS	r11, r7, #0x1
+	ADCS	r10, r6, #0x0
+	ADCS	r9, r5, #0x0
+	ADC	r8, r4, #0x0
+	STM	lr, {r8, r9, r10, r11}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CTR_encrypt_loop_block_192
+#else
+	BNE.W	L_AES_CTR_encrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+	B	L_AES_CTR_encrypt_end
+#else
+	B.W	L_AES_CTR_encrypt_end
+#endif
+L_AES_CTR_encrypt_start_block_128:
+L_AES_CTR_encrypt_loop_block_128:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADDS	r11, r7, #0x1
+	ADCS	r10, r6, #0x0
+	ADCS	r9, r5, #0x0
+	ADC	r8, r4, #0x0
+	STM	lr, {r8, r9, r10, r11}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CTR_encrypt_loop_block_128
+#else
+	BNE.W	L_AES_CTR_encrypt_loop_block_128
+#endif
+L_AES_CTR_encrypt_end:
+	POP	{r3, r8}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r8, {r4, r5, r6, r7}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 293 */
+	.size	AES_CTR_encrypt,.-AES_CTR_encrypt
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+	.text
+	.align	4
+	.globl	AES_decrypt_block
+	.type	AES_decrypt_block, %function
+AES_decrypt_block:
+	PUSH	{lr}
+L_AES_decrypt_block_nr:
+	UBFX	r8, r7, #16, #8
+	LSR	r11, r4, #24
+	UBFX	r12, r6, #8, #8
+	UBFX	lr, r5, #0, #8
+	LDR	r8, [r0, r8, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r9, r4, #16, #8
+	EOR	r8, r8, r11, ROR #24
+	LSR	r11, r5, #24
+	EOR	r8, r8, r12, ROR #8
+	UBFX	r12, r7, #8, #8
+	EOR	r8, r8, lr, ROR #16
+	UBFX	lr, r6, #0, #8
+	LDR	r9, [r0, r9, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r10, r5, #16, #8
+	EOR	r9, r9, r11, ROR #24
+	LSR	r11, r6, #24
+	EOR	r9, r9, r12, ROR #8
+	UBFX	r12, r4, #8, #8
+	EOR	r9, r9, lr, ROR #16
+	UBFX	lr, r7, #0, #8
+	LDR	r10, [r0, r10, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r4, r4, #0, #8
+	EOR	r10, r10, r11, ROR #24
+	UBFX	r11, r6, #16, #8
+	EOR	r10, r10, r12, ROR #8
+	LSR	r12, r7, #24
+	EOR	r10, r10, lr, ROR #16
+	UBFX	lr, r5, #8, #8
+	LDR	r4, [r0, r4, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	EOR	r12, r12, r4, ROR #24
+	LDM	r3!, {r4, r5, r6, r7}
+	EOR	r11, r11, lr, ROR #8
+	EOR	r11, r11, r12, ROR #24
+	/*   XOR in Key Schedule */
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	UBFX	r4, r11, #16, #8
+	LSR	r7, r8, #24
+	UBFX	r12, r10, #8, #8
+	UBFX	lr, r9, #0, #8
+	LDR	r4, [r0, r4, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r5, r8, #16, #8
+	EOR	r4, r4, r7, ROR #24
+	LSR	r7, r9, #24
+	EOR	r4, r4, r12, ROR #8
+	UBFX	r12, r11, #8, #8
+	EOR	r4, r4, lr, ROR #16
+	UBFX	lr, r10, #0, #8
+	LDR	r5, [r0, r5, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r6, r9, #16, #8
+	EOR	r5, r5, r7, ROR #24
+	LSR	r7, r10, #24
+	EOR	r5, r5, r12, ROR #8
+	UBFX	r12, r8, #8, #8
+	EOR	r5, r5, lr, ROR #16
+	UBFX	lr, r11, #0, #8
+	LDR	r6, [r0, r6, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r8, r8, #0, #8
+	EOR	r6, r6, r7, ROR #24
+	UBFX	r7, r10, #16, #8
+	EOR	r6, r6, r12, ROR #8
+	LSR	r12, r11, #24
+	EOR	r6, r6, lr, ROR #16
+	UBFX	lr, r9, #8, #8
+	LDR	r8, [r0, r8, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	r7, [r0, r7, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	EOR	r12, r12, r8, ROR #24
+	LDM	r3!, {r8, r9, r10, r11}
+	EOR	r7, r7, lr, ROR #8
+	EOR	r7, r7, r12, ROR #24
+	/*   XOR in Key Schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	SUBS	r1, r1, #0x1
+#ifdef __GNUC__
+	BNE	L_AES_decrypt_block_nr
+#else
+	BNE.W	L_AES_decrypt_block_nr
+#endif
+	UBFX	r8, r7, #16, #8
+	LSR	r11, r4, #24
+	UBFX	r12, r6, #8, #8
+	UBFX	lr, r5, #0, #8
+	LDR	r8, [r0, r8, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r9, r4, #16, #8
+	EOR	r8, r8, r11, ROR #24
+	LSR	r11, r5, #24
+	EOR	r8, r8, r12, ROR #8
+	UBFX	r12, r7, #8, #8
+	EOR	r8, r8, lr, ROR #16
+	UBFX	lr, r6, #0, #8
+	LDR	r9, [r0, r9, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r10, r5, #16, #8
+	EOR	r9, r9, r11, ROR #24
+	LSR	r11, r6, #24
+	EOR	r9, r9, r12, ROR #8
+	UBFX	r12, r4, #8, #8
+	EOR	r9, r9, lr, ROR #16
+	UBFX	lr, r7, #0, #8
+	LDR	r10, [r0, r10, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	UBFX	r4, r4, #0, #8
+	EOR	r10, r10, r11, ROR #24
+	UBFX	r11, r6, #16, #8
+	EOR	r10, r10, r12, ROR #8
+	LSR	r12, r7, #24
+	EOR	r10, r10, lr, ROR #16
+	UBFX	lr, r5, #8, #8
+	LDR	r4, [r0, r4, LSL #2]
+	LDR	r12, [r0, r12, LSL #2]
+	LDR	r11, [r0, r11, LSL #2]
+	LDR	lr, [r0, lr, LSL #2]
+	EOR	r12, r12, r4, ROR #24
+	LDM	r3!, {r4, r5, r6, r7}
+	EOR	r11, r11, lr, ROR #8
+	EOR	r11, r11, r12, ROR #24
+	/*   XOR in Key Schedule */
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	UBFX	r4, r9, #0, #8
+	UBFX	r7, r10, #8, #8
+	UBFX	r12, r11, #16, #8
+	LSR	lr, r8, #24
+	LDRB	r4, [r2, r4]
+	LDRB	r7, [r2, r7]
+	LDRB	r12, [r2, r12]
+	LDRB	lr, [r2, lr]
+	UBFX	r5, r10, #0, #8
+	EOR	r4, r4, r7, LSL #8
+	UBFX	r7, r11, #8, #8
+	EOR	r4, r4, r12, LSL #16
+	UBFX	r12, r8, #16, #8
+	EOR	r4, r4, lr, LSL #24
+	LSR	lr, r9, #24
+	LDRB	r7, [r2, r7]
+	LDRB	lr, [r2, lr]
+	LDRB	r5, [r2, r5]
+	LDRB	r12, [r2, r12]
+	UBFX	r6, r11, #0, #8
+	EOR	r5, r5, r7, LSL #8
+	UBFX	r7, r8, #8, #8
+	EOR	r5, r5, r12, LSL #16
+	UBFX	r12, r9, #16, #8
+	EOR	r5, r5, lr, LSL #24
+	LSR	lr, r10, #24
+	LDRB	r7, [r2, r7]
+	LDRB	lr, [r2, lr]
+	LDRB	r6, [r2, r6]
+	LDRB	r12, [r2, r12]
+	LSR	r11, r11, #24
+	EOR	r6, r6, r7, LSL #8
+	UBFX	r7, r8, #0, #8
+	EOR	r6, r6, r12, LSL #16
+	UBFX	r12, r9, #8, #8
+	EOR	r6, r6, lr, LSL #24
+	UBFX	lr, r10, #16, #8
+	LDRB	r11, [r2, r11]
+	LDRB	r12, [r2, r12]
+	LDRB	r7, [r2, r7]
+	LDRB	lr, [r2, lr]
+	EOR	r12, r12, r11, LSL #16
+	LDM	r3, {r8, r9, r10, r11}
+	EOR	r7, r7, r12, LSL #8
+	EOR	r7, r7, lr, LSL #16
+	/*   XOR in Key Schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	POP	{pc}
+	/* Cycle Count = 285 */
+	.size	AES_decrypt_block,.-AES_decrypt_block
+	.text
+	.type	L_AES_Thumb2_td_ecb, %object
+	.size	L_AES_Thumb2_td_ecb, 12
+	.align	4
+L_AES_Thumb2_td_ecb:
+	.word	L_AES_Thumb2_td_data
+	.text
+	.type	L_AES_Thumb2_td4, %object
+	.size	L_AES_Thumb2_td4, 256
+	.align	4
+L_AES_Thumb2_td4:
+	.byte	0x52
+	.byte	0x9
+	.byte	0x6a
+	.byte	0xd5
+	.byte	0x30
+	.byte	0x36
+	.byte	0xa5
+	.byte	0x38
+	.byte	0xbf
+	.byte	0x40
+	.byte	0xa3
+	.byte	0x9e
+	.byte	0x81
+	.byte	0xf3
+	.byte	0xd7
+	.byte	0xfb
+	.byte	0x7c
+	.byte	0xe3
+	.byte	0x39
+	.byte	0x82
+	.byte	0x9b
+	.byte	0x2f
+	.byte	0xff
+	.byte	0x87
+	.byte	0x34
+	.byte	0x8e
+	.byte	0x43
+	.byte	0x44
+	.byte	0xc4
+	.byte	0xde
+	.byte	0xe9
+	.byte	0xcb
+	.byte	0x54
+	.byte	0x7b
+	.byte	0x94
+	.byte	0x32
+	.byte	0xa6
+	.byte	0xc2
+	.byte	0x23
+	.byte	0x3d
+	.byte	0xee
+	.byte	0x4c
+	.byte	0x95
+	.byte	0xb
+	.byte	0x42
+	.byte	0xfa
+	.byte	0xc3
+	.byte	0x4e
+	.byte	0x8
+	.byte	0x2e
+	.byte	0xa1
+	.byte	0x66
+	.byte	0x28
+	.byte	0xd9
+	.byte	0x24
+	.byte	0xb2
+	.byte	0x76
+	.byte	0x5b
+	.byte	0xa2
+	.byte	0x49
+	.byte	0x6d
+	.byte	0x8b
+	.byte	0xd1
+	.byte	0x25
+	.byte	0x72
+	.byte	0xf8
+	.byte	0xf6
+	.byte	0x64
+	.byte	0x86
+	.byte	0x68
+	.byte	0x98
+	.byte	0x16
+	.byte	0xd4
+	.byte	0xa4
+	.byte	0x5c
+	.byte	0xcc
+	.byte	0x5d
+	.byte	0x65
+	.byte	0xb6
+	.byte	0x92
+	.byte	0x6c
+	.byte	0x70
+	.byte	0x48
+	.byte	0x50
+	.byte	0xfd
+	.byte	0xed
+	.byte	0xb9
+	.byte	0xda
+	.byte	0x5e
+	.byte	0x15
+	.byte	0x46
+	.byte	0x57
+	.byte	0xa7
+	.byte	0x8d
+	.byte	0x9d
+	.byte	0x84
+	.byte	0x90
+	.byte	0xd8
+	.byte	0xab
+	.byte	0x0
+	.byte	0x8c
+	.byte	0xbc
+	.byte	0xd3
+	.byte	0xa
+	.byte	0xf7
+	.byte	0xe4
+	.byte	0x58
+	.byte	0x5
+	.byte	0xb8
+	.byte	0xb3
+	.byte	0x45
+	.byte	0x6
+	.byte	0xd0
+	.byte	0x2c
+	.byte	0x1e
+	.byte	0x8f
+	.byte	0xca
+	.byte	0x3f
+	.byte	0xf
+	.byte	0x2
+	.byte	0xc1
+	.byte	0xaf
+	.byte	0xbd
+	.byte	0x3
+	.byte	0x1
+	.byte	0x13
+	.byte	0x8a
+	.byte	0x6b
+	.byte	0x3a
+	.byte	0x91
+	.byte	0x11
+	.byte	0x41
+	.byte	0x4f
+	.byte	0x67
+	.byte	0xdc
+	.byte	0xea
+	.byte	0x97
+	.byte	0xf2
+	.byte	0xcf
+	.byte	0xce
+	.byte	0xf0
+	.byte	0xb4
+	.byte	0xe6
+	.byte	0x73
+	.byte	0x96
+	.byte	0xac
+	.byte	0x74
+	.byte	0x22
+	.byte	0xe7
+	.byte	0xad
+	.byte	0x35
+	.byte	0x85
+	.byte	0xe2
+	.byte	0xf9
+	.byte	0x37
+	.byte	0xe8
+	.byte	0x1c
+	.byte	0x75
+	.byte	0xdf
+	.byte	0x6e
+	.byte	0x47
+	.byte	0xf1
+	.byte	0x1a
+	.byte	0x71
+	.byte	0x1d
+	.byte	0x29
+	.byte	0xc5
+	.byte	0x89
+	.byte	0x6f
+	.byte	0xb7
+	.byte	0x62
+	.byte	0xe
+	.byte	0xaa
+	.byte	0x18
+	.byte	0xbe
+	.byte	0x1b
+	.byte	0xfc
+	.byte	0x56
+	.byte	0x3e
+	.byte	0x4b
+	.byte	0xc6
+	.byte	0xd2
+	.byte	0x79
+	.byte	0x20
+	.byte	0x9a
+	.byte	0xdb
+	.byte	0xc0
+	.byte	0xfe
+	.byte	0x78
+	.byte	0xcd
+	.byte	0x5a
+	.byte	0xf4
+	.byte	0x1f
+	.byte	0xdd
+	.byte	0xa8
+	.byte	0x33
+	.byte	0x88
+	.byte	0x7
+	.byte	0xc7
+	.byte	0x31
+	.byte	0xb1
+	.byte	0x12
+	.byte	0x10
+	.byte	0x59
+	.byte	0x27
+	.byte	0x80
+	.byte	0xec
+	.byte	0x5f
+	.byte	0x60
+	.byte	0x51
+	.byte	0x7f
+	.byte	0xa9
+	.byte	0x19
+	.byte	0xb5
+	.byte	0x4a
+	.byte	0xd
+	.byte	0x2d
+	.byte	0xe5
+	.byte	0x7a
+	.byte	0x9f
+	.byte	0x93
+	.byte	0xc9
+	.byte	0x9c
+	.byte	0xef
+	.byte	0xa0
+	.byte	0xe0
+	.byte	0x3b
+	.byte	0x4d
+	.byte	0xae
+	.byte	0x2a
+	.byte	0xf5
+	.byte	0xb0
+	.byte	0xc8
+	.byte	0xeb
+	.byte	0xbb
+	.byte	0x3c
+	.byte	0x83
+	.byte	0x53
+	.byte	0x99
+	.byte	0x61
+	.byte	0x17
+	.byte	0x2b
+	.byte	0x4
+	.byte	0x7e
+	.byte	0xba
+	.byte	0x77
+	.byte	0xd6
+	.byte	0x26
+	.byte	0xe1
+	.byte	0x69
+	.byte	0x14
+	.byte	0x63
+	.byte	0x55
+	.byte	0x21
+	.byte	0xc
+	.byte	0x7d
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+	.text
+	.align	4
+	.globl	AES_ECB_decrypt
+	.type	AES_ECB_decrypt, %function
+AES_ECB_decrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r8, [sp, #36]
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_td_ecb
+	MOV	r12, r2
+	ADR	r2, L_AES_Thumb2_td4
+	CMP	r8, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_ECB_decrypt_start_block_128
+#else
+	BEQ.W	L_AES_ECB_decrypt_start_block_128
+#endif
+	CMP	r8, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_ECB_decrypt_start_block_192
+#else
+	BEQ.W	L_AES_ECB_decrypt_start_block_192
+#endif
+L_AES_ECB_decrypt_loop_block_256:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r3, r12, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_decrypt_block
+	POP	{r1, r3, r12, lr}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_decrypt_loop_block_256
+#else
+	BNE.W	L_AES_ECB_decrypt_loop_block_256
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_ECB_decrypt_end
+#else
+	B.N	L_AES_ECB_decrypt_end
+#endif
+L_AES_ECB_decrypt_start_block_192:
+L_AES_ECB_decrypt_loop_block_192:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r3, r12, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_decrypt_block
+	POP	{r1, r3, r12, lr}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_decrypt_loop_block_192
+#else
+	BNE.W	L_AES_ECB_decrypt_loop_block_192
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_ECB_decrypt_end
+#else
+	B.N	L_AES_ECB_decrypt_end
+#endif
+L_AES_ECB_decrypt_start_block_128:
+L_AES_ECB_decrypt_loop_block_128:
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	PUSH	{r1, r3, r12, lr}
+	LDM	r3!, {r8, r9, r10, r11}
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_decrypt_block
+	POP	{r1, r3, r12, lr}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_ECB_decrypt_loop_block_128
+#else
+	BNE.W	L_AES_ECB_decrypt_loop_block_128
+#endif
+L_AES_ECB_decrypt_end:
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 210 */
+	.size	AES_ECB_decrypt,.-AES_ECB_decrypt
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+	.text
+	.align	4
+	.globl	AES_CBC_decrypt
+	.type	AES_CBC_decrypt, %function
+AES_CBC_decrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r8, [sp, #36]
+	LDR	r4, [sp, #40]
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_td_ecb
+	MOV	r12, r2
+	ADR	r2, L_AES_Thumb2_td4
+	PUSH	{r3, r4}
+	CMP	r8, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_decrypt_loop_block_128
+#else
+	BEQ.W	L_AES_CBC_decrypt_loop_block_128
+#endif
+	CMP	r8, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_decrypt_loop_block_192
+#else
+	BEQ.W	L_AES_CBC_decrypt_loop_block_192
+#endif
+L_AES_CBC_decrypt_loop_block_256:
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr, #16]
+	STRD	r6, r7, [lr, #24]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDM	lr, {r8, r9, r10, r11}
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_decrypt_end_odd
+#else
+	BEQ.W	L_AES_CBC_decrypt_end_odd
+#endif
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr]
+	STRD	r6, r7, [lr, #8]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDRD	r8, r9, [lr, #16]
+	LDRD	r10, r11, [lr, #24]
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_decrypt_loop_block_256
+#else
+	BNE.W	L_AES_CBC_decrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+	B	L_AES_CBC_decrypt_end
+#else
+	B.W	L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_loop_block_192:
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr, #16]
+	STRD	r6, r7, [lr, #24]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDM	lr, {r8, r9, r10, r11}
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_decrypt_end_odd
+#else
+	BEQ.W	L_AES_CBC_decrypt_end_odd
+#endif
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr]
+	STRD	r6, r7, [lr, #8]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDRD	r8, r9, [lr, #16]
+	LDRD	r10, r11, [lr, #24]
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_decrypt_loop_block_192
+#else
+	BNE.W	L_AES_CBC_decrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+	B	L_AES_CBC_decrypt_end
+#else
+	B.W	L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_loop_block_128:
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr, #16]
+	STRD	r6, r7, [lr, #24]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDM	lr, {r8, r9, r10, r11}
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BEQ	L_AES_CBC_decrypt_end_odd
+#else
+	BEQ.W	L_AES_CBC_decrypt_end_odd
+#endif
+	PUSH	{r1, r12, lr}
+	LDR	r4, [lr]
+	LDR	r5, [lr, #4]
+	LDR	r6, [lr, #8]
+	LDR	r7, [lr, #12]
+	LDR	lr, [sp, #16]
+	STRD	r4, r5, [lr]
+	STRD	r6, r7, [lr, #8]
+	LDM	r3!, {r8, r9, r10, r11}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_decrypt_block
+	LDR	lr, [sp, #16]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDRD	r8, r9, [lr, #16]
+	LDRD	r10, r11, [lr, #24]
+	POP	{r1, r12, lr}
+	LDR	r3, [sp]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	SUBS	r12, r12, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_CBC_decrypt_loop_block_128
+#else
+	BNE.W	L_AES_CBC_decrypt_loop_block_128
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	B	L_AES_CBC_decrypt_end
+#else
+	B.N	L_AES_CBC_decrypt_end
+#endif
+L_AES_CBC_decrypt_end_odd:
+	LDR	r4, [sp, #4]
+	LDRD	r8, r9, [r4, #16]
+	LDRD	r10, r11, [r4, #24]
+	STRD	r8, r9, [r4]
+	STRD	r10, r11, [r4, #8]
+L_AES_CBC_decrypt_end:
+	POP	{r3, r4}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 518 */
+	.size	AES_CBC_decrypt,.-AES_CBC_decrypt
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+	.text
+	.type	L_GCM_gmult_len_r, %object
+	.size	L_GCM_gmult_len_r, 64
+	.align	4
+L_GCM_gmult_len_r:
+	.word	0x0
+	.word	0x1c200000
+	.word	0x38400000
+	.word	0x24600000
+	.word	0x70800000
+	.word	0x6ca00000
+	.word	0x48c00000
+	.word	0x54e00000
+	.word	0xe1000000
+	.word	0xfd200000
+	.word	0xd9400000
+	.word	0xc5600000
+	.word	0x91800000
+	.word	0x8da00000
+	.word	0xa9c00000
+	.word	0xb5e00000
+	.text
+	.align	4
+	.globl	GCM_gmult_len
+	.type	GCM_gmult_len, %function
+GCM_gmult_len:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	ADR	lr, L_GCM_gmult_len_r
+L_GCM_gmult_len_start_block:
+	PUSH	{r3}
+	LDR	r12, [r0, #12]
+	LDR	r3, [r2, #12]
+	EOR	r12, r12, r3
+	LSR	r3, r12, #24
+	AND	r3, r3, #0xf
+	ADD	r3, r1, r3, LSL #4
+	LDM	r3, {r8, r9, r10, r11}
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #28
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #16
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #20
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #8
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #12
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	AND	r4, r12, #0xf
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #4
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	LDR	r12, [r0, #8]
+	LDR	r3, [r2, #8]
+	EOR	r12, r12, r3
+	LSR	r3, r12, #24
+	AND	r3, r3, #0xf
+	ADD	r3, r1, r3, LSL #4
+	LDM	r3, {r4, r5, r6, r7}
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #28
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #16
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #20
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #8
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #12
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	AND	r4, r12, #0xf
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #4
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	LDR	r12, [r0, #4]
+	LDR	r3, [r2, #4]
+	EOR	r12, r12, r3
+	LSR	r3, r12, #24
+	AND	r3, r3, #0xf
+	ADD	r3, r1, r3, LSL #4
+	LDM	r3, {r4, r5, r6, r7}
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #28
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #16
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #20
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #8
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #12
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	AND	r4, r12, #0xf
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #4
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	LDR	r12, [r0]
+	LDR	r3, [r2]
+	EOR	r12, r12, r3
+	LSR	r3, r12, #24
+	AND	r3, r3, #0xf
+	ADD	r3, r1, r3, LSL #4
+	LDM	r3, {r4, r5, r6, r7}
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #28
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #16
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #20
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #8
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #12
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	AND	r4, r12, #0xf
+	EOR	r11, r11, r10, LSL #28
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LSR	r6, r10, #4
+	AND	r3, r11, #0xf
+	LSR	r11, r11, #4
+	LSR	r4, r12, #4
+	EOR	r11, r11, r10, LSL #28
+	AND	r4, r4, #0xf
+	LDR	r3, [lr, r3, LSL #2]
+	ADD	r4, r1, r4, LSL #4
+	EOR	r10, r6, r9, LSL #28
+	LSR	r9, r9, #4
+	LDM	r4, {r4, r5, r6, r7}
+	EOR	r9, r9, r8, LSL #28
+	EOR	r8, r3, r8, LSR #4
+	EOR	r8, r8, r4
+	EOR	r9, r9, r5
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STM	r0, {r8, r9, r10, r11}
+	POP	{r3}
+	SUBS	r3, r3, #0x10
+	ADD	r2, r2, #0x10
+#ifdef __GNUC__
+	BNE	L_GCM_gmult_len_start_block
+#else
+	BNE.W	L_GCM_gmult_len_start_block
+#endif
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 742 */
+	.size	GCM_gmult_len,.-GCM_gmult_len
+	.text
+	.type	L_AES_Thumb2_te_gcm, %object
+	.size	L_AES_Thumb2_te_gcm, 12
+	.align	4
+L_AES_Thumb2_te_gcm:
+	.word	L_AES_Thumb2_te_data
+	.text
+	.align	4
+	.globl	AES_GCM_encrypt
+	.type	AES_GCM_encrypt, %function
+AES_GCM_encrypt:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	LDR	r12, [sp, #36]
+	LDR	r8, [sp, #40]
+	MOV	lr, r0
+	LDR	r0, L_AES_Thumb2_te_gcm
+	LDM	r8, {r4, r5, r6, r7}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r8, {r4, r5, r6, r7}
+	PUSH	{r3, r8}
+	CMP	r12, #0xa
+#ifdef __GNUC__
+	BEQ	L_AES_GCM_encrypt_start_block_128
+#else
+	BEQ.W	L_AES_GCM_encrypt_start_block_128
+#endif
+	CMP	r12, #0xc
+#ifdef __GNUC__
+	BEQ	L_AES_GCM_encrypt_start_block_192
+#else
+	BEQ.W	L_AES_GCM_encrypt_start_block_192
+#endif
+L_AES_GCM_encrypt_loop_block_256:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADD	r7, r7, #0x1
+	LDM	r3!, {r8, r9, r10, r11}
+	STR	r7, [lr, #12]
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x6
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_GCM_encrypt_loop_block_256
+#else
+	BNE.W	L_AES_GCM_encrypt_loop_block_256
+#endif
+#ifdef __GNUC__
+	B	L_AES_GCM_encrypt_end
+#else
+	B.W	L_AES_GCM_encrypt_end
+#endif
+L_AES_GCM_encrypt_start_block_192:
+L_AES_GCM_encrypt_loop_block_192:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADD	r7, r7, #0x1
+	LDM	r3!, {r8, r9, r10, r11}
+	STR	r7, [lr, #12]
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x5
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_GCM_encrypt_loop_block_192
+#else
+	BNE.W	L_AES_GCM_encrypt_loop_block_192
+#endif
+#ifdef __GNUC__
+	B	L_AES_GCM_encrypt_end
+#else
+	B.W	L_AES_GCM_encrypt_end
+#endif
+L_AES_GCM_encrypt_start_block_128:
+L_AES_GCM_encrypt_loop_block_128:
+	PUSH	{r1, r2, lr}
+	LDR	lr, [sp, #16]
+	ADD	r7, r7, #0x1
+	LDM	r3!, {r8, r9, r10, r11}
+	STR	r7, [lr, #12]
+	/* Round: 0 - XOR in key schedule */
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	MOV	r1, #0x4
+	BL	AES_encrypt_block
+	POP	{r1, r2, lr}
+	LDR	r3, [sp]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	LDR	r8, [lr]
+	LDR	r9, [lr, #4]
+	LDR	r10, [lr, #8]
+	LDR	r11, [lr, #12]
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDR	r8, [sp, #4]
+	STR	r4, [r1]
+	STR	r5, [r1, #4]
+	STR	r6, [r1, #8]
+	STR	r7, [r1, #12]
+	LDM	r8, {r4, r5, r6, r7}
+	SUBS	r2, r2, #0x10
+	ADD	lr, lr, #0x10
+	ADD	r1, r1, #0x10
+#ifdef __GNUC__
+	BNE	L_AES_GCM_encrypt_loop_block_128
+#else
+	BNE.W	L_AES_GCM_encrypt_loop_block_128
+#endif
+L_AES_GCM_encrypt_end:
+	POP	{r3, r8}
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	STM	r8, {r4, r5, r6, r7}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 275 */
+	.size	AES_GCM_encrypt,.-AES_GCM_encrypt
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section        .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
new file mode 100644
index 00000000..54531316
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm_c.c
@@ -0,0 +1,3014 @@
+/* thumb2-aes-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./aes/aes.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-aes-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+#ifndef NO_AES
+#include <wolfssl/wolfcrypt/aes.h>
+
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t L_AES_Thumb2_td_data[] = {
+    0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e,
+    0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303,
+    0x552030fa, 0xf6ad766d, 0x9188cc76, 0x25f5024c,
+    0xfc4fe5d7, 0xd7c52acb, 0x80263544, 0x8fb562a3,
+    0x49deb15a, 0x6725ba1b, 0x9845ea0e, 0xe15dfec0,
+    0x02c32f75, 0x12814cf0, 0xa38d4697, 0xc66bd3f9,
+    0xe7038f5f, 0x9515929c, 0xebbf6d7a, 0xda955259,
+    0x2dd4be83, 0xd3587421, 0x2949e069, 0x448ec9c8,
+    0x6a75c289, 0x78f48e79, 0x6b99583e, 0xdd27b971,
+    0xb6bee14f, 0x17f088ad, 0x66c920ac, 0xb47dce3a,
+    0x1863df4a, 0x82e51a31, 0x60975133, 0x4562537f,
+    0xe0b16477, 0x84bb6bae, 0x1cfe81a0, 0x94f9082b,
+    0x58704868, 0x198f45fd, 0x8794de6c, 0xb7527bf8,
+    0x23ab73d3, 0xe2724b02, 0x57e31f8f, 0x2a6655ab,
+    0x07b2eb28, 0x032fb5c2, 0x9a86c57b, 0xa5d33708,
+    0xf2302887, 0xb223bfa5, 0xba02036a, 0x5ced1682,
+    0x2b8acf1c, 0x92a779b4, 0xf0f307f2, 0xa14e69e2,
+    0xcd65daf4, 0xd50605be, 0x1fd13462, 0x8ac4a6fe,
+    0x9d342e53, 0xa0a2f355, 0x32058ae1, 0x75a4f6eb,
+    0x390b83ec, 0xaa4060ef, 0x065e719f, 0x51bd6e10,
+    0xf93e218a, 0x3d96dd06, 0xaedd3e05, 0x464de6bd,
+    0xb591548d, 0x0571c45d, 0x6f0406d4, 0xff605015,
+    0x241998fb, 0x97d6bde9, 0xcc894043, 0x7767d99e,
+    0xbdb0e842, 0x8807898b, 0x38e7195b, 0xdb79c8ee,
+    0x47a17c0a, 0xe97c420f, 0xc9f8841e, 0x00000000,
+    0x83098086, 0x48322bed, 0xac1e1170, 0x4e6c5a72,
+    0xfbfd0eff, 0x560f8538, 0x1e3daed5, 0x27362d39,
+    0x640a0fd9, 0x21685ca6, 0xd19b5b54, 0x3a24362e,
+    0xb10c0a67, 0x0f9357e7, 0xd2b4ee96, 0x9e1b9b91,
+    0x4f80c0c5, 0xa261dc20, 0x695a774b, 0x161c121a,
+    0x0ae293ba, 0xe5c0a02a, 0x433c22e0, 0x1d121b17,
+    0x0b0e090d, 0xadf28bc7, 0xb92db6a8, 0xc8141ea9,
+    0x8557f119, 0x4caf7507, 0xbbee99dd, 0xfda37f60,
+    0x9ff70126, 0xbc5c72f5, 0xc544663b, 0x345bfb7e,
+    0x768b4329, 0xdccb23c6, 0x68b6edfc, 0x63b8e4f1,
+    0xcad731dc, 0x10426385, 0x40139722, 0x2084c611,
+    0x7d854a24, 0xf8d2bb3d, 0x11aef932, 0x6dc729a1,
+    0x4b1d9e2f, 0xf3dcb230, 0xec0d8652, 0xd077c1e3,
+    0x6c2bb316, 0x99a970b9, 0xfa119448, 0x2247e964,
+    0xc4a8fc8c, 0x1aa0f03f, 0xd8567d2c, 0xef223390,
+    0xc787494e, 0xc1d938d1, 0xfe8ccaa2, 0x3698d40b,
+    0xcfa6f581, 0x28a57ade, 0x26dab78e, 0xa43fadbf,
+    0xe42c3a9d, 0x0d507892, 0x9b6a5fcc, 0x62547e46,
+    0xc2f68d13, 0xe890d8b8, 0x5e2e39f7, 0xf582c3af,
+    0xbe9f5d80, 0x7c69d093, 0xa96fd52d, 0xb3cf2512,
+    0x3bc8ac99, 0xa710187d, 0x6ee89c63, 0x7bdb3bbb,
+    0x09cd2678, 0xf46e5918, 0x01ec9ab7, 0xa8834f9a,
+    0x65e6956e, 0x7eaaffe6, 0x0821bccf, 0xe6ef15e8,
+    0xd9bae79b, 0xce4a6f36, 0xd4ea9f09, 0xd629b07c,
+    0xaf31a4b2, 0x312a3f23, 0x30c6a594, 0xc035a266,
+    0x37744ebc, 0xa6fc82ca, 0xb0e090d0, 0x1533a7d8,
+    0x4af10498, 0xf741ecda, 0x0e7fcd50, 0x2f1791f6,
+    0x8d764dd6, 0x4d43efb0, 0x54ccaa4d, 0xdfe49604,
+    0xe39ed1b5, 0x1b4c6a88, 0xb8c12c1f, 0x7f466551,
+    0x049d5eea, 0x5d018c35, 0x73fa8774, 0x2efb0b41,
+    0x5ab3671d, 0x5292dbd2, 0x33e91056, 0x136dd647,
+    0x8c9ad761, 0x7a37a10c, 0x8e59f814, 0x89eb133c,
+    0xeecea927, 0x35b761c9, 0xede11ce5, 0x3c7a47b1,
+    0x599cd2df, 0x3f55f273, 0x791814ce, 0xbf73c737,
+    0xea53f7cd, 0x5b5ffdaa, 0x14df3d6f, 0x867844db,
+    0x81caaff3, 0x3eb968c4, 0x2c382434, 0x5fc2a340,
+    0x72161dc3, 0x0cbce225, 0x8b283c49, 0x41ff0d95,
+    0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1,
+    0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857,
+};
+
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t L_AES_Thumb2_te_data[] = {
+    0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b,
+    0x0dfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5,
+    0x50603030, 0x03020101, 0xa9ce6767, 0x7d562b2b,
+    0x19e7fefe, 0x62b5d7d7, 0xe64dabab, 0x9aec7676,
+    0x458fcaca, 0x9d1f8282, 0x4089c9c9, 0x87fa7d7d,
+    0x15effafa, 0xebb25959, 0xc98e4747, 0x0bfbf0f0,
+    0xec41adad, 0x67b3d4d4, 0xfd5fa2a2, 0xea45afaf,
+    0xbf239c9c, 0xf753a4a4, 0x96e47272, 0x5b9bc0c0,
+    0xc275b7b7, 0x1ce1fdfd, 0xae3d9393, 0x6a4c2626,
+    0x5a6c3636, 0x417e3f3f, 0x02f5f7f7, 0x4f83cccc,
+    0x5c683434, 0xf451a5a5, 0x34d1e5e5, 0x08f9f1f1,
+    0x93e27171, 0x73abd8d8, 0x53623131, 0x3f2a1515,
+    0x0c080404, 0x5295c7c7, 0x65462323, 0x5e9dc3c3,
+    0x28301818, 0xa1379696, 0x0f0a0505, 0xb52f9a9a,
+    0x090e0707, 0x36241212, 0x9b1b8080, 0x3ddfe2e2,
+    0x26cdebeb, 0x694e2727, 0xcd7fb2b2, 0x9fea7575,
+    0x1b120909, 0x9e1d8383, 0x74582c2c, 0x2e341a1a,
+    0x2d361b1b, 0xb2dc6e6e, 0xeeb45a5a, 0xfb5ba0a0,
+    0xf6a45252, 0x4d763b3b, 0x61b7d6d6, 0xce7db3b3,
+    0x7b522929, 0x3edde3e3, 0x715e2f2f, 0x97138484,
+    0xf5a65353, 0x68b9d1d1, 0x00000000, 0x2cc1eded,
+    0x60402020, 0x1fe3fcfc, 0xc879b1b1, 0xedb65b5b,
+    0xbed46a6a, 0x468dcbcb, 0xd967bebe, 0x4b723939,
+    0xde944a4a, 0xd4984c4c, 0xe8b05858, 0x4a85cfcf,
+    0x6bbbd0d0, 0x2ac5efef, 0xe54faaaa, 0x16edfbfb,
+    0xc5864343, 0xd79a4d4d, 0x55663333, 0x94118585,
+    0xcf8a4545, 0x10e9f9f9, 0x06040202, 0x81fe7f7f,
+    0xf0a05050, 0x44783c3c, 0xba259f9f, 0xe34ba8a8,
+    0xf3a25151, 0xfe5da3a3, 0xc0804040, 0x8a058f8f,
+    0xad3f9292, 0xbc219d9d, 0x48703838, 0x04f1f5f5,
+    0xdf63bcbc, 0xc177b6b6, 0x75afdada, 0x63422121,
+    0x30201010, 0x1ae5ffff, 0x0efdf3f3, 0x6dbfd2d2,
+    0x4c81cdcd, 0x14180c0c, 0x35261313, 0x2fc3ecec,
+    0xe1be5f5f, 0xa2359797, 0xcc884444, 0x392e1717,
+    0x5793c4c4, 0xf255a7a7, 0x82fc7e7e, 0x477a3d3d,
+    0xacc86464, 0xe7ba5d5d, 0x2b321919, 0x95e67373,
+    0xa0c06060, 0x98198181, 0xd19e4f4f, 0x7fa3dcdc,
+    0x66442222, 0x7e542a2a, 0xab3b9090, 0x830b8888,
+    0xca8c4646, 0x29c7eeee, 0xd36bb8b8, 0x3c281414,
+    0x79a7dede, 0xe2bc5e5e, 0x1d160b0b, 0x76addbdb,
+    0x3bdbe0e0, 0x56643232, 0x4e743a3a, 0x1e140a0a,
+    0xdb924949, 0x0a0c0606, 0x6c482424, 0xe4b85c5c,
+    0x5d9fc2c2, 0x6ebdd3d3, 0xef43acac, 0xa6c46262,
+    0xa8399191, 0xa4319595, 0x37d3e4e4, 0x8bf27979,
+    0x32d5e7e7, 0x438bc8c8, 0x596e3737, 0xb7da6d6d,
+    0x8c018d8d, 0x64b1d5d5, 0xd29c4e4e, 0xe049a9a9,
+    0xb4d86c6c, 0xfaac5656, 0x07f3f4f4, 0x25cfeaea,
+    0xafca6565, 0x8ef47a7a, 0xe947aeae, 0x18100808,
+    0xd56fbaba, 0x88f07878, 0x6f4a2525, 0x725c2e2e,
+    0x24381c1c, 0xf157a6a6, 0xc773b4b4, 0x5197c6c6,
+    0x23cbe8e8, 0x7ca1dddd, 0x9ce87474, 0x213e1f1f,
+    0xdd964b4b, 0xdc61bdbd, 0x860d8b8b, 0x850f8a8a,
+    0x90e07070, 0x427c3e3e, 0xc471b5b5, 0xaacc6666,
+    0xd8904848, 0x05060303, 0x01f7f6f6, 0x121c0e0e,
+    0xa3c26161, 0x5f6a3535, 0xf9ae5757, 0xd069b9b9,
+    0x91178686, 0x5899c1c1, 0x273a1d1d, 0xb9279e9e,
+    0x38d9e1e1, 0x13ebf8f8, 0xb32b9898, 0x33221111,
+    0xbbd26969, 0x70a9d9d9, 0x89078e8e, 0xa7339494,
+    0xb62d9b9b, 0x223c1e1e, 0x92158787, 0x20c9e9e9,
+    0x4987cece, 0xffaa5555, 0x78502828, 0x7aa5dfdf,
+    0x8f038c8c, 0xf859a1a1, 0x80098989, 0x171a0d0d,
+    0xda65bfbf, 0x31d7e6e6, 0xc6844242, 0xb8d06868,
+    0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f,
+    0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616,
+};
+
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+static const uint32_t* L_AES_Thumb2_td = L_AES_Thumb2_td_data;
+#endif /* HAVE_AES_DECRYPT */
+#if defined(HAVE_AES_DECRYPT) || defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_Thumb2_te = L_AES_Thumb2_te_data;
+#endif /* HAVE_AES_DECRYPT || HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+void AES_invert_key(unsigned char* ks, word32 rounds);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_invert_key(unsigned char* ks_p, word32 rounds_p)
+#else
+void AES_invert_key(unsigned char* ks, word32 rounds)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register unsigned char* ks __asm__ ("r0") = (unsigned char*)ks_p;
+    register word32 rounds __asm__ ("r1") = (word32)rounds_p;
+    register uint32_t* L_AES_Thumb2_te_c __asm__ ("r2") = (uint32_t*)L_AES_Thumb2_te;
+    register uint32_t* L_AES_Thumb2_td_c __asm__ ("r3") = (uint32_t*)L_AES_Thumb2_td;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r12, %[L_AES_Thumb2_te]\n\t"
+        "MOV	lr, %[L_AES_Thumb2_td]\n\t"
+        "ADD	r10, %[ks], %[rounds], LSL #4\n\t"
+        "MOV	r11, %[rounds]\n\t"
+        "\n"
+    "L_AES_invert_key_loop:\n\t"
+        "LDM	%[ks], {r2, r3, r4, r5}\n\t"
+        "LDM	r10, {r6, r7, r8, r9}\n\t"
+        "STM	r10, {r2, r3, r4, r5}\n\t"
+        "STM	%[ks]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r11, r11, #0x2\n\t"
+        "SUB	r10, r10, #0x10\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_AES_invert_key_loop\n\t"
+#else
+        "BNE.N	L_AES_invert_key_loop\n\t"
+#endif
+        "SUB	%[ks], %[ks], %[rounds], LSL #3\n\t"
+        "ADD	%[ks], %[ks], #0x10\n\t"
+        "SUB	r11, %[rounds], #0x1\n\t"
+        "\n"
+    "L_AES_invert_key_mix_loop:\n\t"
+        "LDM	%[ks], {r2, r3, r4, r5}\n\t"
+        "UBFX	r6, r2, #0, #8\n\t"
+        "UBFX	r7, r2, #8, #8\n\t"
+        "UBFX	r8, r2, #16, #8\n\t"
+        "LSR	r9, r2, #24\n\t"
+        "LDRB	r6, [r12, r6, LSL #2]\n\t"
+        "LDRB	r7, [r12, r7, LSL #2]\n\t"
+        "LDRB	r8, [r12, r8, LSL #2]\n\t"
+        "LDRB	r9, [r12, r9, LSL #2]\n\t"
+        "LDR	r6, [lr, r6, LSL #2]\n\t"
+        "LDR	r7, [lr, r7, LSL #2]\n\t"
+        "LDR	r8, [lr, r8, LSL #2]\n\t"
+        "LDR	r9, [lr, r9, LSL #2]\n\t"
+        "EOR	r8, r8, r6, ROR #16\n\t"
+        "EOR	r8, r8, r7, ROR #8\n\t"
+        "EOR	r8, r8, r9, ROR #24\n\t"
+        "STR	r8, [%[ks]], #4\n\t"
+        "UBFX	r6, r3, #0, #8\n\t"
+        "UBFX	r7, r3, #8, #8\n\t"
+        "UBFX	r8, r3, #16, #8\n\t"
+        "LSR	r9, r3, #24\n\t"
+        "LDRB	r6, [r12, r6, LSL #2]\n\t"
+        "LDRB	r7, [r12, r7, LSL #2]\n\t"
+        "LDRB	r8, [r12, r8, LSL #2]\n\t"
+        "LDRB	r9, [r12, r9, LSL #2]\n\t"
+        "LDR	r6, [lr, r6, LSL #2]\n\t"
+        "LDR	r7, [lr, r7, LSL #2]\n\t"
+        "LDR	r8, [lr, r8, LSL #2]\n\t"
+        "LDR	r9, [lr, r9, LSL #2]\n\t"
+        "EOR	r8, r8, r6, ROR #16\n\t"
+        "EOR	r8, r8, r7, ROR #8\n\t"
+        "EOR	r8, r8, r9, ROR #24\n\t"
+        "STR	r8, [%[ks]], #4\n\t"
+        "UBFX	r6, r4, #0, #8\n\t"
+        "UBFX	r7, r4, #8, #8\n\t"
+        "UBFX	r8, r4, #16, #8\n\t"
+        "LSR	r9, r4, #24\n\t"
+        "LDRB	r6, [r12, r6, LSL #2]\n\t"
+        "LDRB	r7, [r12, r7, LSL #2]\n\t"
+        "LDRB	r8, [r12, r8, LSL #2]\n\t"
+        "LDRB	r9, [r12, r9, LSL #2]\n\t"
+        "LDR	r6, [lr, r6, LSL #2]\n\t"
+        "LDR	r7, [lr, r7, LSL #2]\n\t"
+        "LDR	r8, [lr, r8, LSL #2]\n\t"
+        "LDR	r9, [lr, r9, LSL #2]\n\t"
+        "EOR	r8, r8, r6, ROR #16\n\t"
+        "EOR	r8, r8, r7, ROR #8\n\t"
+        "EOR	r8, r8, r9, ROR #24\n\t"
+        "STR	r8, [%[ks]], #4\n\t"
+        "UBFX	r6, r5, #0, #8\n\t"
+        "UBFX	r7, r5, #8, #8\n\t"
+        "UBFX	r8, r5, #16, #8\n\t"
+        "LSR	r9, r5, #24\n\t"
+        "LDRB	r6, [r12, r6, LSL #2]\n\t"
+        "LDRB	r7, [r12, r7, LSL #2]\n\t"
+        "LDRB	r8, [r12, r8, LSL #2]\n\t"
+        "LDRB	r9, [r12, r9, LSL #2]\n\t"
+        "LDR	r6, [lr, r6, LSL #2]\n\t"
+        "LDR	r7, [lr, r7, LSL #2]\n\t"
+        "LDR	r8, [lr, r8, LSL #2]\n\t"
+        "LDR	r9, [lr, r9, LSL #2]\n\t"
+        "EOR	r8, r8, r6, ROR #16\n\t"
+        "EOR	r8, r8, r7, ROR #8\n\t"
+        "EOR	r8, r8, r9, ROR #24\n\t"
+        "STR	r8, [%[ks]], #4\n\t"
+        "SUBS	r11, r11, #0x1\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_invert_key_mix_loop\n\t"
+#else
+        "BNE.W	L_AES_invert_key_mix_loop\n\t"
+#endif
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [ks] "+r" (ks), [rounds] "+r" (rounds),
+          [L_AES_Thumb2_te] "+r" (L_AES_Thumb2_te_c), [L_AES_Thumb2_td] "+r" (L_AES_Thumb2_td_c)
+        :
+#else
+        : [ks] "+r" (ks), [rounds] "+r" (rounds)
+        : [L_AES_Thumb2_te] "r" (L_AES_Thumb2_te), [L_AES_Thumb2_td] "r" (L_AES_Thumb2_td)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_DECRYPT */
+static const uint32_t L_AES_Thumb2_rcon[] = {
+    0x01000000, 0x02000000, 0x04000000, 0x08000000,
+    0x10000000, 0x20000000, 0x40000000, 0x80000000,
+    0x1b000000, 0x36000000
+};
+
+void AES_set_encrypt_key(const unsigned char* key, word32 len,
+        unsigned char* ks);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_set_encrypt_key(const unsigned char* key_p, word32 len_p, unsigned char* ks_p)
+#else
+void AES_set_encrypt_key(const unsigned char* key, word32 len, unsigned char* ks)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* key __asm__ ("r0") = (const unsigned char*)key_p;
+    register word32 len __asm__ ("r1") = (word32)len_p;
+    register unsigned char* ks __asm__ ("r2") = (unsigned char*)ks_p;
+    register uint32_t* L_AES_Thumb2_te_c __asm__ ("r3") = (uint32_t*)L_AES_Thumb2_te;
+    register uint32_t* L_AES_Thumb2_rcon_c __asm__ ("r4") = (uint32_t*)&L_AES_Thumb2_rcon;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r10, %[L_AES_Thumb2_te]\n\t"
+        "MOV	lr, %[L_AES_Thumb2_rcon]\n\t"
+        "CMP	%[len], #0x80\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_set_encrypt_key_start_128\n\t"
+#else
+        "BEQ.W	L_AES_set_encrypt_key_start_128\n\t"
+#endif
+        "CMP	%[len], #0xc0\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_set_encrypt_key_start_192\n\t"
+#else
+        "BEQ.W	L_AES_set_encrypt_key_start_192\n\t"
+#endif
+        "LDRD	r4, r5, [%[key]]\n\t"
+        "LDRD	r6, r7, [%[key], #8]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "LDRD	r4, r5, [%[key], #16]\n\t"
+        "LDRD	r6, r7, [%[key], #24]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "SUB	%[ks], %[ks], #0x10\n\t"
+        "MOV	r12, #0x6\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_256:\n\t"
+        "UBFX	r4, r7, #0, #8\n\t"
+        "UBFX	r5, r7, #8, #8\n\t"
+        "UBFX	r6, r7, #16, #8\n\t"
+        "LSR	r7, r7, #24\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r7, [r10, r7, LSL #2]\n\t"
+        "EOR	r3, r7, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "LDM	lr!, {r3}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "ADD	%[ks], %[ks], #0x10\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "SUB	%[ks], %[ks], #0x10\n\t"
+        "MOV	r3, r7\n\t"
+        "UBFX	r4, r3, #8, #8\n\t"
+        "UBFX	r5, r3, #16, #8\n\t"
+        "LSR	r6, r3, #24\n\t"
+        "UBFX	r3, r3, #0, #8\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r3, [r10, r3, LSL #2]\n\t"
+        "EOR	r3, r3, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "ADD	%[ks], %[ks], #0x10\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "SUB	%[ks], %[ks], #0x10\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_AES_set_encrypt_key_loop_256\n\t"
+#else
+        "BNE.N	L_AES_set_encrypt_key_loop_256\n\t"
+#endif
+        "UBFX	r4, r7, #0, #8\n\t"
+        "UBFX	r5, r7, #8, #8\n\t"
+        "UBFX	r6, r7, #16, #8\n\t"
+        "LSR	r7, r7, #24\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r7, [r10, r7, LSL #2]\n\t"
+        "EOR	r3, r7, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "LDM	lr!, {r3}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "ADD	%[ks], %[ks], #0x10\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "SUB	%[ks], %[ks], #0x10\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_set_encrypt_key_end\n\t"
+#else
+        "B.N	L_AES_set_encrypt_key_end\n\t"
+#endif
+        "\n"
+    "L_AES_set_encrypt_key_start_192:\n\t"
+        "LDRD	r4, r5, [%[key]]\n\t"
+        "LDRD	r6, r7, [%[key], #8]\n\t"
+        "LDRD	r8, r9, [%[key], #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "STRD	r8, r9, [%[ks], #16]\n\t"
+        "MOV	r7, r9\n\t"
+        "MOV	r12, #0x7\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_192:\n\t"
+        "UBFX	r4, r9, #0, #8\n\t"
+        "UBFX	r5, r9, #8, #8\n\t"
+        "UBFX	r6, r9, #16, #8\n\t"
+        "LSR	r9, r9, #24\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r9, [r10, r9, LSL #2]\n\t"
+        "EOR	r3, r9, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7, r8, r9}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "LDM	lr!, {r3}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "EOR	r8, r8, r7\n\t"
+        "EOR	r9, r9, r8\n\t"
+        "STM	%[ks], {r4, r5, r6, r7, r8, r9}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_AES_set_encrypt_key_loop_192\n\t"
+#else
+        "BNE.N	L_AES_set_encrypt_key_loop_192\n\t"
+#endif
+        "UBFX	r4, r9, #0, #8\n\t"
+        "UBFX	r5, r9, #8, #8\n\t"
+        "UBFX	r6, r9, #16, #8\n\t"
+        "LSR	r9, r9, #24\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r9, [r10, r9, LSL #2]\n\t"
+        "EOR	r3, r9, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7, r8, r9}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "LDM	lr!, {r3}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_set_encrypt_key_end\n\t"
+#else
+        "B.N	L_AES_set_encrypt_key_end\n\t"
+#endif
+        "\n"
+    "L_AES_set_encrypt_key_start_128:\n\t"
+        "LDRD	r4, r5, [%[key]]\n\t"
+        "LDRD	r6, r7, [%[key], #8]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0xa\n\t"
+        "\n"
+    "L_AES_set_encrypt_key_loop_128:\n\t"
+        "UBFX	r4, r7, #0, #8\n\t"
+        "UBFX	r5, r7, #8, #8\n\t"
+        "UBFX	r6, r7, #16, #8\n\t"
+        "LSR	r7, r7, #24\n\t"
+        "LDRB	r4, [r10, r4, LSL #2]\n\t"
+        "LDRB	r5, [r10, r5, LSL #2]\n\t"
+        "LDRB	r6, [r10, r6, LSL #2]\n\t"
+        "LDRB	r7, [r10, r7, LSL #2]\n\t"
+        "EOR	r3, r7, r4, LSL #8\n\t"
+        "EOR	r3, r3, r5, LSL #16\n\t"
+        "EOR	r3, r3, r6, LSL #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "LDM	lr!, {r3}\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r5, r5, r4\n\t"
+        "EOR	r6, r6, r5\n\t"
+        "EOR	r7, r7, r6\n\t"
+        "STM	%[ks], {r4, r5, r6, r7}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_AES_set_encrypt_key_loop_128\n\t"
+#else
+        "BNE.N	L_AES_set_encrypt_key_loop_128\n\t"
+#endif
+        "\n"
+    "L_AES_set_encrypt_key_end:\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks),
+          [L_AES_Thumb2_te] "+r" (L_AES_Thumb2_te_c), [L_AES_Thumb2_rcon] "+r" (L_AES_Thumb2_rcon_c)
+        :
+#else
+        : [key] "+r" (key), [len] "+r" (len), [ks] "+r" (ks)
+        : [L_AES_Thumb2_te] "r" (L_AES_Thumb2_te), [L_AES_Thumb2_rcon] "r" (L_AES_Thumb2_rcon)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+}
+
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_encrypt_block(const uint32_t* te_p, int nr_p, int len_p, const uint32_t* ks_p)
+#else
+void AES_encrypt_block(const uint32_t* te, int nr, int len, const uint32_t* ks)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const uint32_t* te __asm__ ("r0") = (const uint32_t*)te_p;
+    register int nr __asm__ ("r1") = (int)nr_p;
+    register int len __asm__ ("r2") = (int)len_p;
+    register const uint32_t* ks __asm__ ("r3") = (const uint32_t*)ks_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "\n"
+    "L_AES_encrypt_block_nr:\n\t"
+        "UBFX	r8, r5, #16, #8\n\t"
+        "LSR	r11, r4, #24\n\t"
+        "UBFX	lr, r6, #8, #8\n\t"
+        "UBFX	r2, r7, #0, #8\n\t"
+        "LDR	r8, [%[te], r8, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r9, r6, #16, #8\n\t"
+        "EOR	r8, r8, r11, ROR #24\n\t"
+        "LSR	r11, r5, #24\n\t"
+        "EOR	r8, r8, lr, ROR #8\n\t"
+        "UBFX	lr, r7, #8, #8\n\t"
+        "EOR	r8, r8, r2, ROR #16\n\t"
+        "UBFX	r2, r4, #0, #8\n\t"
+        "LDR	r9, [%[te], r9, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r10, r7, #16, #8\n\t"
+        "EOR	r9, r9, r11, ROR #24\n\t"
+        "LSR	r11, r6, #24\n\t"
+        "EOR	r9, r9, lr, ROR #8\n\t"
+        "UBFX	lr, r4, #8, #8\n\t"
+        "EOR	r9, r9, r2, ROR #16\n\t"
+        "UBFX	r2, r5, #0, #8\n\t"
+        "LDR	r10, [%[te], r10, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r6, r6, #0, #8\n\t"
+        "EOR	r10, r10, r11, ROR #24\n\t"
+        "UBFX	r11, r4, #16, #8\n\t"
+        "EOR	r10, r10, lr, ROR #8\n\t"
+        "LSR	lr, r7, #24\n\t"
+        "EOR	r10, r10, r2, ROR #16\n\t"
+        "UBFX	r2, r5, #8, #8\n\t"
+        "LDR	r6, [%[te], r6, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "EOR	lr, lr, r6, ROR #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r11, r11, lr, ROR #24\n\t"
+        "EOR	r11, r11, r2, ROR #8\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "UBFX	r4, r9, #16, #8\n\t"
+        "LSR	r7, r8, #24\n\t"
+        "UBFX	lr, r10, #8, #8\n\t"
+        "UBFX	r2, r11, #0, #8\n\t"
+        "LDR	r4, [%[te], r4, LSL #2]\n\t"
+        "LDR	r7, [%[te], r7, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r5, r10, #16, #8\n\t"
+        "EOR	r4, r4, r7, ROR #24\n\t"
+        "LSR	r7, r9, #24\n\t"
+        "EOR	r4, r4, lr, ROR #8\n\t"
+        "UBFX	lr, r11, #8, #8\n\t"
+        "EOR	r4, r4, r2, ROR #16\n\t"
+        "UBFX	r2, r8, #0, #8\n\t"
+        "LDR	r5, [%[te], r5, LSL #2]\n\t"
+        "LDR	r7, [%[te], r7, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r6, r11, #16, #8\n\t"
+        "EOR	r5, r5, r7, ROR #24\n\t"
+        "LSR	r7, r10, #24\n\t"
+        "EOR	r5, r5, lr, ROR #8\n\t"
+        "UBFX	lr, r8, #8, #8\n\t"
+        "EOR	r5, r5, r2, ROR #16\n\t"
+        "UBFX	r2, r9, #0, #8\n\t"
+        "LDR	r6, [%[te], r6, LSL #2]\n\t"
+        "LDR	r7, [%[te], r7, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r10, r10, #0, #8\n\t"
+        "EOR	r6, r6, r7, ROR #24\n\t"
+        "UBFX	r7, r8, #16, #8\n\t"
+        "EOR	r6, r6, lr, ROR #8\n\t"
+        "LSR	lr, r11, #24\n\t"
+        "EOR	r6, r6, r2, ROR #16\n\t"
+        "UBFX	r2, r9, #8, #8\n\t"
+        "LDR	r10, [%[te], r10, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r7, [%[te], r7, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "EOR	lr, lr, r10, ROR #24\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "EOR	r7, r7, lr, ROR #24\n\t"
+        "EOR	r7, r7, r2, ROR #8\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "SUBS	%[nr], %[nr], #0x1\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_encrypt_block_nr\n\t"
+#else
+        "BNE.W	L_AES_encrypt_block_nr\n\t"
+#endif
+        "UBFX	r8, r5, #16, #8\n\t"
+        "LSR	r11, r4, #24\n\t"
+        "UBFX	lr, r6, #8, #8\n\t"
+        "UBFX	r2, r7, #0, #8\n\t"
+        "LDR	r8, [%[te], r8, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r9, r6, #16, #8\n\t"
+        "EOR	r8, r8, r11, ROR #24\n\t"
+        "LSR	r11, r5, #24\n\t"
+        "EOR	r8, r8, lr, ROR #8\n\t"
+        "UBFX	lr, r7, #8, #8\n\t"
+        "EOR	r8, r8, r2, ROR #16\n\t"
+        "UBFX	r2, r4, #0, #8\n\t"
+        "LDR	r9, [%[te], r9, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r10, r7, #16, #8\n\t"
+        "EOR	r9, r9, r11, ROR #24\n\t"
+        "LSR	r11, r6, #24\n\t"
+        "EOR	r9, r9, lr, ROR #8\n\t"
+        "UBFX	lr, r4, #8, #8\n\t"
+        "EOR	r9, r9, r2, ROR #16\n\t"
+        "UBFX	r2, r5, #0, #8\n\t"
+        "LDR	r10, [%[te], r10, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r6, r6, #0, #8\n\t"
+        "EOR	r10, r10, r11, ROR #24\n\t"
+        "UBFX	r11, r4, #16, #8\n\t"
+        "EOR	r10, r10, lr, ROR #8\n\t"
+        "LSR	lr, r7, #24\n\t"
+        "EOR	r10, r10, r2, ROR #16\n\t"
+        "UBFX	r2, r5, #8, #8\n\t"
+        "LDR	r6, [%[te], r6, LSL #2]\n\t"
+        "LDR	lr, [%[te], lr, LSL #2]\n\t"
+        "LDR	r11, [%[te], r11, LSL #2]\n\t"
+        "LDR	r2, [%[te], r2, LSL #2]\n\t"
+        "EOR	lr, lr, r6, ROR #24\n\t"
+        "LDM	%[ks]!, {r4, r5, r6, r7}\n\t"
+        "EOR	r11, r11, lr, ROR #24\n\t"
+        "EOR	r11, r11, r2, ROR #8\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "UBFX	r4, r11, #0, #8\n\t"
+        "UBFX	r7, r10, #8, #8\n\t"
+        "UBFX	lr, r9, #16, #8\n\t"
+        "LSR	r2, r8, #24\n\t"
+        "LDRB	r4, [%[te], r4, LSL #2]\n\t"
+        "LDRB	r7, [%[te], r7, LSL #2]\n\t"
+        "LDRB	lr, [%[te], lr, LSL #2]\n\t"
+        "LDRB	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r5, r8, #0, #8\n\t"
+        "EOR	r4, r4, r7, LSL #8\n\t"
+        "UBFX	r7, r11, #8, #8\n\t"
+        "EOR	r4, r4, lr, LSL #16\n\t"
+        "UBFX	lr, r10, #16, #8\n\t"
+        "EOR	r4, r4, r2, LSL #24\n\t"
+        "LSR	r2, r9, #24\n\t"
+        "LDRB	r5, [%[te], r5, LSL #2]\n\t"
+        "LDRB	r7, [%[te], r7, LSL #2]\n\t"
+        "LDRB	lr, [%[te], lr, LSL #2]\n\t"
+        "LDRB	r2, [%[te], r2, LSL #2]\n\t"
+        "UBFX	r6, r9, #0, #8\n\t"
+        "EOR	r5, r5, r7, LSL #8\n\t"
+        "UBFX	r7, r8, #8, #8\n\t"
+        "EOR	r5, r5, lr, LSL #16\n\t"
+        "UBFX	lr, r11, #16, #8\n\t"
+        "EOR	r5, r5, r2, LSL #24\n\t"
+        "LSR	r2, r10, #24\n\t"
+        "LDRB	r6, [%[te], r6, LSL #2]\n\t"
+        "LDRB	r7, [%[te], r7, LSL #2]\n\t"
+        "LDRB	lr, [%[te], lr, LSL #2]\n\t"
+        "LDRB	r2, [%[te], r2, LSL #2]\n\t"
+        "LSR	r11, r11, #24\n\t"
+        "EOR	r6, r6, r7, LSL #8\n\t"
+        "UBFX	r7, r10, #0, #8\n\t"
+        "EOR	r6, r6, lr, LSL #16\n\t"
+        "UBFX	lr, r9, #8, #8\n\t"
+        "EOR	r6, r6, r2, LSL #24\n\t"
+        "UBFX	r2, r8, #16, #8\n\t"
+        "LDRB	r11, [%[te], r11, LSL #2]\n\t"
+        "LDRB	r7, [%[te], r7, LSL #2]\n\t"
+        "LDRB	lr, [%[te], lr, LSL #2]\n\t"
+        "LDRB	r2, [%[te], r2, LSL #2]\n\t"
+        "EOR	lr, lr, r11, LSL #16\n\t"
+        "LDM	%[ks], {r8, r9, r10, r11}\n\t"
+        "EOR	r7, r7, lr, LSL #8\n\t"
+        "EOR	r7, r7, r2, LSL #16\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        : [te] "+r" (te), [nr] "+r" (nr), [len] "+r" (len), [ks] "+r" (ks)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#if defined(HAVE_AES_CBC) || defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+static const uint32_t* L_AES_Thumb2_te_ecb = L_AES_Thumb2_te_data;
+#endif /* HAVE_AES_CBC || HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#if defined(HAVE_AESCCM) || defined(HAVE_AESGCM) || defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_ECB_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+#else
+void AES_ECB_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r5") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_te_ecb]\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r12, r4\n\t"
+#else
+        "LDR	r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "PUSH	{%[ks]}\n\t"
+        "CMP	r12, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_ECB_encrypt_start_block_128\n\t"
+#else
+        "BEQ.W	L_AES_ECB_encrypt_start_block_128\n\t"
+#endif
+        "CMP	r12, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_ECB_encrypt_start_block_192\n\t"
+#else
+        "BEQ.W	L_AES_ECB_encrypt_start_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_256:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_encrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_ECB_encrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_ECB_encrypt_end\n\t"
+#else
+        "B.N	L_AES_ECB_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_encrypt_start_block_192:\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_192:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_encrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_ECB_encrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_ECB_encrypt_end\n\t"
+#else
+        "B.N	L_AES_ECB_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_encrypt_start_block_128:\n\t"
+        "\n"
+    "L_AES_ECB_encrypt_loop_block_128:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_encrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_ECB_encrypt_loop_block_128\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_encrypt_end:\n\t"
+        "POP	{%[ks]}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr),
+          [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr)
+        : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AESCCM || HAVE_AESGCM || WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CBC_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+#else
+void AES_CBC_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register unsigned char* iv __asm__ ("r5") = (unsigned char*)iv_p;
+    register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r8, r4\n\t"
+#else
+        "LDR	r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r9, r5\n\t"
+#else
+        "LDR	r9, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_te_ecb]\n\t"
+        "LDM	r9, {r4, r5, r6, r7}\n\t"
+        "PUSH	{%[ks], r9}\n\t"
+        "CMP	r8, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_encrypt_start_block_128\n\t"
+#else
+        "BEQ.W	L_AES_CBC_encrypt_start_block_128\n\t"
+#endif
+        "CMP	r8, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_encrypt_start_block_192\n\t"
+#else
+        "BEQ.W	L_AES_CBC_encrypt_start_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_256:\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_encrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_CBC_encrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_CBC_encrypt_end\n\t"
+#else
+        "B.N	L_AES_CBC_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_encrypt_start_block_192:\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_192:\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_encrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_CBC_encrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_CBC_encrypt_end\n\t"
+#else
+        "B.N	L_AES_CBC_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_encrypt_start_block_128:\n\t"
+        "\n"
+    "L_AES_CBC_encrypt_loop_block_128:\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_encrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_CBC_encrypt_loop_block_128\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_encrypt_end:\n\t"
+        "POP	{%[ks], r9}\n\t"
+        "STM	r9, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv),
+          [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv)
+        : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_CBC */
+#ifdef WOLFSSL_AES_COUNTER
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CTR_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+#else
+void AES_CTR_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register unsigned char* ctr __asm__ ("r5") = (unsigned char*)ctr_p;
+    register uint32_t* L_AES_Thumb2_te_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_ecb;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r12, r4\n\t"
+#else
+        "LDR	r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r8, r5\n\t"
+#else
+        "LDR	r8, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_te_ecb]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	r8, {r4, r5, r6, r7}\n\t"
+        "PUSH	{%[ks], r8}\n\t"
+        "CMP	r12, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CTR_encrypt_start_block_128\n\t"
+#else
+        "BEQ.W	L_AES_CTR_encrypt_start_block_128\n\t"
+#endif
+        "CMP	r12, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CTR_encrypt_start_block_192\n\t"
+#else
+        "BEQ.W	L_AES_CTR_encrypt_start_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_256:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADDS	r11, r7, #0x1\n\t"
+        "ADCS	r10, r6, #0x0\n\t"
+        "ADCS	r9, r5, #0x0\n\t"
+        "ADC	r8, r4, #0x0\n\t"
+        "STM	lr, {r8, r9, r10, r11}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CTR_encrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_CTR_encrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_CTR_encrypt_end\n\t"
+#else
+        "B.W	L_AES_CTR_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CTR_encrypt_start_block_192:\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_192:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADDS	r11, r7, #0x1\n\t"
+        "ADCS	r10, r6, #0x0\n\t"
+        "ADCS	r9, r5, #0x0\n\t"
+        "ADC	r8, r4, #0x0\n\t"
+        "STM	lr, {r8, r9, r10, r11}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CTR_encrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_CTR_encrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_CTR_encrypt_end\n\t"
+#else
+        "B.W	L_AES_CTR_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CTR_encrypt_start_block_128:\n\t"
+        "\n"
+    "L_AES_CTR_encrypt_loop_block_128:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADDS	r11, r7, #0x1\n\t"
+        "ADCS	r10, r6, #0x0\n\t"
+        "ADCS	r9, r5, #0x0\n\t"
+        "ADC	r8, r4, #0x0\n\t"
+        "STM	lr, {r8, r9, r10, r11}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CTR_encrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_CTR_encrypt_loop_block_128\n\t"
+#endif
+        "\n"
+    "L_AES_CTR_encrypt_end:\n\t"
+        "POP	{%[ks], r8}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	r8, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr),
+          [L_AES_Thumb2_te_ecb] "+r" (L_AES_Thumb2_te_ecb_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr)
+        : [L_AES_Thumb2_te_ecb] "r" (L_AES_Thumb2_te_ecb)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_DECRYPT
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER) || defined(HAVE_AES_CBC)
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_decrypt_block(const uint32_t* td_p, int nr_p, const uint8_t* td4_p)
+#else
+void AES_decrypt_block(const uint32_t* td, int nr, const uint8_t* td4)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const uint32_t* td __asm__ ("r0") = (const uint32_t*)td_p;
+    register int nr __asm__ ("r1") = (int)nr_p;
+    register const uint8_t* td4 __asm__ ("r2") = (const uint8_t*)td4_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "\n"
+    "L_AES_decrypt_block_nr:\n\t"
+        "UBFX	r8, r7, #16, #8\n\t"
+        "LSR	r11, r4, #24\n\t"
+        "UBFX	r12, r6, #8, #8\n\t"
+        "UBFX	lr, r5, #0, #8\n\t"
+        "LDR	r8, [%[td], r8, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r9, r4, #16, #8\n\t"
+        "EOR	r8, r8, r11, ROR #24\n\t"
+        "LSR	r11, r5, #24\n\t"
+        "EOR	r8, r8, r12, ROR #8\n\t"
+        "UBFX	r12, r7, #8, #8\n\t"
+        "EOR	r8, r8, lr, ROR #16\n\t"
+        "UBFX	lr, r6, #0, #8\n\t"
+        "LDR	r9, [%[td], r9, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r10, r5, #16, #8\n\t"
+        "EOR	r9, r9, r11, ROR #24\n\t"
+        "LSR	r11, r6, #24\n\t"
+        "EOR	r9, r9, r12, ROR #8\n\t"
+        "UBFX	r12, r4, #8, #8\n\t"
+        "EOR	r9, r9, lr, ROR #16\n\t"
+        "UBFX	lr, r7, #0, #8\n\t"
+        "LDR	r10, [%[td], r10, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r4, r4, #0, #8\n\t"
+        "EOR	r10, r10, r11, ROR #24\n\t"
+        "UBFX	r11, r6, #16, #8\n\t"
+        "EOR	r10, r10, r12, ROR #8\n\t"
+        "LSR	r12, r7, #24\n\t"
+        "EOR	r10, r10, lr, ROR #16\n\t"
+        "UBFX	lr, r5, #8, #8\n\t"
+        "LDR	r4, [%[td], r4, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "EOR	r12, r12, r4, ROR #24\n\t"
+        "LDM	r3!, {r4, r5, r6, r7}\n\t"
+        "EOR	r11, r11, lr, ROR #8\n\t"
+        "EOR	r11, r11, r12, ROR #24\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "UBFX	r4, r11, #16, #8\n\t"
+        "LSR	r7, r8, #24\n\t"
+        "UBFX	r12, r10, #8, #8\n\t"
+        "UBFX	lr, r9, #0, #8\n\t"
+        "LDR	r4, [%[td], r4, LSL #2]\n\t"
+        "LDR	r7, [%[td], r7, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r5, r8, #16, #8\n\t"
+        "EOR	r4, r4, r7, ROR #24\n\t"
+        "LSR	r7, r9, #24\n\t"
+        "EOR	r4, r4, r12, ROR #8\n\t"
+        "UBFX	r12, r11, #8, #8\n\t"
+        "EOR	r4, r4, lr, ROR #16\n\t"
+        "UBFX	lr, r10, #0, #8\n\t"
+        "LDR	r5, [%[td], r5, LSL #2]\n\t"
+        "LDR	r7, [%[td], r7, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r6, r9, #16, #8\n\t"
+        "EOR	r5, r5, r7, ROR #24\n\t"
+        "LSR	r7, r10, #24\n\t"
+        "EOR	r5, r5, r12, ROR #8\n\t"
+        "UBFX	r12, r8, #8, #8\n\t"
+        "EOR	r5, r5, lr, ROR #16\n\t"
+        "UBFX	lr, r11, #0, #8\n\t"
+        "LDR	r6, [%[td], r6, LSL #2]\n\t"
+        "LDR	r7, [%[td], r7, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r8, r8, #0, #8\n\t"
+        "EOR	r6, r6, r7, ROR #24\n\t"
+        "UBFX	r7, r10, #16, #8\n\t"
+        "EOR	r6, r6, r12, ROR #8\n\t"
+        "LSR	r12, r11, #24\n\t"
+        "EOR	r6, r6, lr, ROR #16\n\t"
+        "UBFX	lr, r9, #8, #8\n\t"
+        "LDR	r8, [%[td], r8, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	r7, [%[td], r7, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "EOR	r12, r12, r8, ROR #24\n\t"
+        "LDM	r3!, {r8, r9, r10, r11}\n\t"
+        "EOR	r7, r7, lr, ROR #8\n\t"
+        "EOR	r7, r7, r12, ROR #24\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "SUBS	%[nr], %[nr], #0x1\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_decrypt_block_nr\n\t"
+#else
+        "BNE.W	L_AES_decrypt_block_nr\n\t"
+#endif
+        "UBFX	r8, r7, #16, #8\n\t"
+        "LSR	r11, r4, #24\n\t"
+        "UBFX	r12, r6, #8, #8\n\t"
+        "UBFX	lr, r5, #0, #8\n\t"
+        "LDR	r8, [%[td], r8, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r9, r4, #16, #8\n\t"
+        "EOR	r8, r8, r11, ROR #24\n\t"
+        "LSR	r11, r5, #24\n\t"
+        "EOR	r8, r8, r12, ROR #8\n\t"
+        "UBFX	r12, r7, #8, #8\n\t"
+        "EOR	r8, r8, lr, ROR #16\n\t"
+        "UBFX	lr, r6, #0, #8\n\t"
+        "LDR	r9, [%[td], r9, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r10, r5, #16, #8\n\t"
+        "EOR	r9, r9, r11, ROR #24\n\t"
+        "LSR	r11, r6, #24\n\t"
+        "EOR	r9, r9, r12, ROR #8\n\t"
+        "UBFX	r12, r4, #8, #8\n\t"
+        "EOR	r9, r9, lr, ROR #16\n\t"
+        "UBFX	lr, r7, #0, #8\n\t"
+        "LDR	r10, [%[td], r10, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "UBFX	r4, r4, #0, #8\n\t"
+        "EOR	r10, r10, r11, ROR #24\n\t"
+        "UBFX	r11, r6, #16, #8\n\t"
+        "EOR	r10, r10, r12, ROR #8\n\t"
+        "LSR	r12, r7, #24\n\t"
+        "EOR	r10, r10, lr, ROR #16\n\t"
+        "UBFX	lr, r5, #8, #8\n\t"
+        "LDR	r4, [%[td], r4, LSL #2]\n\t"
+        "LDR	r12, [%[td], r12, LSL #2]\n\t"
+        "LDR	r11, [%[td], r11, LSL #2]\n\t"
+        "LDR	lr, [%[td], lr, LSL #2]\n\t"
+        "EOR	r12, r12, r4, ROR #24\n\t"
+        "LDM	r3!, {r4, r5, r6, r7}\n\t"
+        "EOR	r11, r11, lr, ROR #8\n\t"
+        "EOR	r11, r11, r12, ROR #24\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "UBFX	r4, r9, #0, #8\n\t"
+        "UBFX	r7, r10, #8, #8\n\t"
+        "UBFX	r12, r11, #16, #8\n\t"
+        "LSR	lr, r8, #24\n\t"
+        "LDRB	r4, [%[td4], r4]\n\t"
+        "LDRB	r7, [%[td4], r7]\n\t"
+        "LDRB	r12, [%[td4], r12]\n\t"
+        "LDRB	lr, [%[td4], lr]\n\t"
+        "UBFX	r5, r10, #0, #8\n\t"
+        "EOR	r4, r4, r7, LSL #8\n\t"
+        "UBFX	r7, r11, #8, #8\n\t"
+        "EOR	r4, r4, r12, LSL #16\n\t"
+        "UBFX	r12, r8, #16, #8\n\t"
+        "EOR	r4, r4, lr, LSL #24\n\t"
+        "LSR	lr, r9, #24\n\t"
+        "LDRB	r7, [%[td4], r7]\n\t"
+        "LDRB	lr, [%[td4], lr]\n\t"
+        "LDRB	r5, [%[td4], r5]\n\t"
+        "LDRB	r12, [%[td4], r12]\n\t"
+        "UBFX	r6, r11, #0, #8\n\t"
+        "EOR	r5, r5, r7, LSL #8\n\t"
+        "UBFX	r7, r8, #8, #8\n\t"
+        "EOR	r5, r5, r12, LSL #16\n\t"
+        "UBFX	r12, r9, #16, #8\n\t"
+        "EOR	r5, r5, lr, LSL #24\n\t"
+        "LSR	lr, r10, #24\n\t"
+        "LDRB	r7, [%[td4], r7]\n\t"
+        "LDRB	lr, [%[td4], lr]\n\t"
+        "LDRB	r6, [%[td4], r6]\n\t"
+        "LDRB	r12, [%[td4], r12]\n\t"
+        "LSR	r11, r11, #24\n\t"
+        "EOR	r6, r6, r7, LSL #8\n\t"
+        "UBFX	r7, r8, #0, #8\n\t"
+        "EOR	r6, r6, r12, LSL #16\n\t"
+        "UBFX	r12, r9, #8, #8\n\t"
+        "EOR	r6, r6, lr, LSL #24\n\t"
+        "UBFX	lr, r10, #16, #8\n\t"
+        "LDRB	r11, [%[td4], r11]\n\t"
+        "LDRB	r12, [%[td4], r12]\n\t"
+        "LDRB	r7, [%[td4], r7]\n\t"
+        "LDRB	lr, [%[td4], lr]\n\t"
+        "EOR	r12, r12, r11, LSL #16\n\t"
+        "LDM	r3, {r8, r9, r10, r11}\n\t"
+        "EOR	r7, r7, r12, LSL #8\n\t"
+        "EOR	r7, r7, lr, LSL #16\n\t"
+        /*   XOR in Key Schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        : [td] "+r" (td), [nr] "+r" (nr), [td4] "+r" (td4)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+static const uint32_t* L_AES_Thumb2_td_ecb = L_AES_Thumb2_td_data;
+static const unsigned char L_AES_Thumb2_td4[] = {
+    0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38,
+    0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb,
+    0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87,
+    0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb,
+    0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d,
+    0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e,
+    0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2,
+    0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25,
+    0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16,
+    0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92,
+    0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda,
+    0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84,
+    0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a,
+    0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06,
+    0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02,
+    0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b,
+    0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea,
+    0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73,
+    0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85,
+    0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e,
+    0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89,
+    0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b,
+    0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20,
+    0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4,
+    0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31,
+    0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f,
+    0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d,
+    0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef,
+    0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0,
+    0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61,
+    0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26,
+    0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d,
+};
+
+#if defined(WOLFSSL_AES_DIRECT) || defined(WOLFSSL_AES_COUNTER)
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_ECB_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p)
+#else
+void AES_ECB_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register uint32_t* L_AES_Thumb2_td_ecb_c __asm__ ("r5") = (uint32_t*)L_AES_Thumb2_td_ecb;
+    register unsigned char* L_AES_Thumb2_td4_c __asm__ ("r6") = (unsigned char*)&L_AES_Thumb2_td4;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r8, r4\n\t"
+#else
+        "LDR	r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_td_ecb]\n\t"
+        "MOV	r12, %[len]\n\t"
+        "MOV	r2, %[L_AES_Thumb2_td4]\n\t"
+        "CMP	r8, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_ECB_decrypt_start_block_128\n\t"
+#else
+        "BEQ.W	L_AES_ECB_decrypt_start_block_128\n\t"
+#endif
+        "CMP	r8, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_ECB_decrypt_start_block_192\n\t"
+#else
+        "BEQ.W	L_AES_ECB_decrypt_start_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_256:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[ks], r12, lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "POP	{r1, %[ks], r12, lr}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_decrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_ECB_decrypt_loop_block_256\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_ECB_decrypt_end\n\t"
+#else
+        "B.N	L_AES_ECB_decrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_decrypt_start_block_192:\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_192:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[ks], r12, lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "POP	{r1, %[ks], r12, lr}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_decrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_ECB_decrypt_loop_block_192\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_ECB_decrypt_end\n\t"
+#else
+        "B.N	L_AES_ECB_decrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_decrypt_start_block_128:\n\t"
+        "\n"
+    "L_AES_ECB_decrypt_loop_block_128:\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "PUSH	{r1, %[ks], r12, lr}\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "POP	{r1, %[ks], r12, lr}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_ECB_decrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_ECB_decrypt_loop_block_128\n\t"
+#endif
+        "\n"
+    "L_AES_ECB_decrypt_end:\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr),
+          [L_AES_Thumb2_td_ecb] "+r" (L_AES_Thumb2_td_ecb_c), [L_AES_Thumb2_td4] "+r" (L_AES_Thumb2_td4_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr)
+        : [L_AES_Thumb2_td_ecb] "r" (L_AES_Thumb2_td_ecb), [L_AES_Thumb2_td4] "r" (L_AES_Thumb2_td4)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER */
+#ifdef HAVE_AES_CBC
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr, unsigned char* iv);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_CBC_decrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* iv_p)
+#else
+void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* iv)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register unsigned char* iv __asm__ ("r5") = (unsigned char*)iv_p;
+    register uint32_t* L_AES_Thumb2_td_ecb_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_td_ecb;
+    register unsigned char* L_AES_Thumb2_td4_c __asm__ ("r7") = (unsigned char*)&L_AES_Thumb2_td4;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r8, r4\n\t"
+#else
+        "LDR	r8, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r4, r5\n\t"
+#else
+        "LDR	r4, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_td_ecb]\n\t"
+        "MOV	r12, %[len]\n\t"
+        "MOV	r2, %[L_AES_Thumb2_td4]\n\t"
+        "PUSH	{%[ks], r4}\n\t"
+        "CMP	r8, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_decrypt_loop_block_128\n\t"
+#else
+        "BEQ.W	L_AES_CBC_decrypt_loop_block_128\n\t"
+#endif
+        "CMP	r8, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_decrypt_loop_block_192\n\t"
+#else
+        "BEQ.W	L_AES_CBC_decrypt_loop_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_256:\n\t"
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr, #16]\n\t"
+        "STRD	r6, r7, [lr, #24]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDM	lr, {r8, r9, r10, r11}\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_decrypt_end_odd\n\t"
+#else
+        "BEQ.W	L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr]\n\t"
+        "STRD	r6, r7, [lr, #8]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDRD	r8, r9, [lr, #16]\n\t"
+        "LDRD	r10, r11, [lr, #24]\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_decrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_CBC_decrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_CBC_decrypt_end\n\t"
+#else
+        "B.W	L_AES_CBC_decrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_192:\n\t"
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr, #16]\n\t"
+        "STRD	r6, r7, [lr, #24]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDM	lr, {r8, r9, r10, r11}\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_decrypt_end_odd\n\t"
+#else
+        "BEQ.W	L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr]\n\t"
+        "STRD	r6, r7, [lr, #8]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDRD	r8, r9, [lr, #16]\n\t"
+        "LDRD	r10, r11, [lr, #24]\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_decrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_CBC_decrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_CBC_decrypt_end\n\t"
+#else
+        "B.W	L_AES_CBC_decrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_decrypt_loop_block_128:\n\t"
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr, #16]\n\t"
+        "STRD	r6, r7, [lr, #24]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDM	lr, {r8, r9, r10, r11}\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_CBC_decrypt_end_odd\n\t"
+#else
+        "BEQ.W	L_AES_CBC_decrypt_end_odd\n\t"
+#endif
+        "PUSH	{r1, r12, lr}\n\t"
+        "LDR	r4, [lr]\n\t"
+        "LDR	r5, [lr, #4]\n\t"
+        "LDR	r6, [lr, #8]\n\t"
+        "LDR	r7, [lr, #12]\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "STRD	r4, r5, [lr]\n\t"
+        "STRD	r6, r7, [lr, #8]\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_decrypt_block\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDRD	r8, r9, [lr, #16]\n\t"
+        "LDRD	r10, r11, [lr, #24]\n\t"
+        "POP	{r1, r12, lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "SUBS	r12, r12, #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_CBC_decrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_CBC_decrypt_loop_block_128\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_AES_CBC_decrypt_end\n\t"
+#else
+        "B.N	L_AES_CBC_decrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_CBC_decrypt_end_odd:\n\t"
+        "LDR	r4, [sp, #4]\n\t"
+        "LDRD	r8, r9, [r4, #16]\n\t"
+        "LDRD	r10, r11, [r4, #24]\n\t"
+        "STRD	r8, r9, [r4]\n\t"
+        "STRD	r10, r11, [r4, #8]\n\t"
+        "\n"
+    "L_AES_CBC_decrypt_end:\n\t"
+        "POP	{%[ks], r4}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv),
+          [L_AES_Thumb2_td_ecb] "+r" (L_AES_Thumb2_td_ecb_c), [L_AES_Thumb2_td4] "+r" (L_AES_Thumb2_td4_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [iv] "+r" (iv)
+        : [L_AES_Thumb2_td_ecb] "r" (L_AES_Thumb2_td_ecb), [L_AES_Thumb2_td4] "r" (L_AES_Thumb2_td4)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AES_CBC */
+#endif /* WOLFSSL_AES_DIRECT || WOLFSSL_AES_COUNTER || HAVE_AES_CBC */
+#endif /* HAVE_AES_DECRYPT */
+#ifdef HAVE_AESGCM
+static const uint32_t L_GCM_gmult_len_r[] = {
+    0x00000000, 0x1c200000, 0x38400000, 0x24600000,
+    0x70800000, 0x6ca00000, 0x48c00000, 0x54e00000,
+    0xe1000000, 0xfd200000, 0xd9400000, 0xc5600000,
+    0x91800000, 0x8da00000, 0xa9c00000, 0xb5e00000,
+};
+
+void GCM_gmult_len(unsigned char* x, const unsigned char** m,
+        const unsigned char* data, unsigned long len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void GCM_gmult_len(unsigned char* x_p, const unsigned char** m_p, const unsigned char* data_p, unsigned long len_p)
+#else
+void GCM_gmult_len(unsigned char* x, const unsigned char** m, const unsigned char* data, unsigned long len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register unsigned char* x __asm__ ("r0") = (unsigned char*)x_p;
+    register const unsigned char** m __asm__ ("r1") = (const unsigned char**)m_p;
+    register const unsigned char* data __asm__ ("r2") = (const unsigned char*)data_p;
+    register unsigned long len __asm__ ("r3") = (unsigned long)len_p;
+    register uint32_t* L_GCM_gmult_len_r_c __asm__ ("r4") = (uint32_t*)&L_GCM_gmult_len_r;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	lr, %[L_GCM_gmult_len_r]\n\t"
+        "\n"
+    "L_GCM_gmult_len_start_block:\n\t"
+        "PUSH	{r3}\n\t"
+        "LDR	r12, [r0, #12]\n\t"
+        "LDR	%[len], [r2, #12]\n\t"
+        "EOR	r12, r12, %[len]\n\t"
+        "LSR	%[len], r12, #24\n\t"
+        "AND	%[len], %[len], #0xf\n\t"
+        "ADD	%[len], %[m], %[len], LSL #4\n\t"
+        "LDM	%[len], {r8, r9, r10, r11}\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #28\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #16\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #20\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #8\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #12\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "AND	r4, r12, #0xf\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "LDR	r12, [r0, #8]\n\t"
+        "LDR	%[len], [r2, #8]\n\t"
+        "EOR	r12, r12, %[len]\n\t"
+        "LSR	%[len], r12, #24\n\t"
+        "AND	%[len], %[len], #0xf\n\t"
+        "ADD	%[len], %[m], %[len], LSL #4\n\t"
+        "LDM	%[len], {r4, r5, r6, r7}\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #28\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #16\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #20\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #8\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #12\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "AND	r4, r12, #0xf\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "LDR	r12, [r0, #4]\n\t"
+        "LDR	%[len], [r2, #4]\n\t"
+        "EOR	r12, r12, %[len]\n\t"
+        "LSR	%[len], r12, #24\n\t"
+        "AND	%[len], %[len], #0xf\n\t"
+        "ADD	%[len], %[m], %[len], LSL #4\n\t"
+        "LDM	%[len], {r4, r5, r6, r7}\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #28\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #16\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #20\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #8\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #12\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "AND	r4, r12, #0xf\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "LDR	r12, [r0]\n\t"
+        "LDR	%[len], [r2]\n\t"
+        "EOR	r12, r12, %[len]\n\t"
+        "LSR	%[len], r12, #24\n\t"
+        "AND	%[len], %[len], #0xf\n\t"
+        "ADD	%[len], %[m], %[len], LSL #4\n\t"
+        "LDM	%[len], {r4, r5, r6, r7}\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #28\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #16\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #20\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #8\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #12\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "AND	r4, r12, #0xf\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LSR	r6, r10, #4\n\t"
+        "AND	%[len], r11, #0xf\n\t"
+        "LSR	r11, r11, #4\n\t"
+        "LSR	r4, r12, #4\n\t"
+        "EOR	r11, r11, r10, LSL #28\n\t"
+        "AND	r4, r4, #0xf\n\t"
+        "LDR	%[len], [lr, r3, LSL #2]\n\t"
+        "ADD	r4, %[m], r4, LSL #4\n\t"
+        "EOR	r10, r6, r9, LSL #28\n\t"
+        "LSR	r9, r9, #4\n\t"
+        "LDM	r4, {r4, r5, r6, r7}\n\t"
+        "EOR	r9, r9, r8, LSL #28\n\t"
+        "EOR	r8, %[len], r8, LSR #4\n\t"
+        "EOR	r8, r8, r4\n\t"
+        "EOR	r9, r9, r5\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STM	%[x], {r8, r9, r10, r11}\n\t"
+        "POP	{r3}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	%[data], %[data], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_GCM_gmult_len_start_block\n\t"
+#else
+        "BNE.W	L_GCM_gmult_len_start_block\n\t"
+#endif
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len),
+          [L_GCM_gmult_len_r] "+r" (L_GCM_gmult_len_r_c)
+        :
+#else
+        : [x] "+r" (x), [m] "+r" (m), [data] "+r" (data), [len] "+r" (len)
+        : [L_GCM_gmult_len_r] "r" (L_GCM_gmult_len_r)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+static const uint32_t* L_AES_Thumb2_te_gcm = L_AES_Thumb2_te_data;
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out,
+        unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void AES_GCM_encrypt(const unsigned char* in_p, unsigned char* out_p, unsigned long len_p, const unsigned char* ks_p, int nr_p, unsigned char* ctr_p)
+#else
+void AES_GCM_encrypt(const unsigned char* in, unsigned char* out, unsigned long len, const unsigned char* ks, int nr, unsigned char* ctr)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const unsigned char* in __asm__ ("r0") = (const unsigned char*)in_p;
+    register unsigned char* out __asm__ ("r1") = (unsigned char*)out_p;
+    register unsigned long len __asm__ ("r2") = (unsigned long)len_p;
+    register const unsigned char* ks __asm__ ("r3") = (const unsigned char*)ks_p;
+    register int nr __asm__ ("r4") = (int)nr_p;
+    register unsigned char* ctr __asm__ ("r5") = (unsigned char*)ctr_p;
+    register uint32_t* L_AES_Thumb2_te_gcm_c __asm__ ("r6") = (uint32_t*)L_AES_Thumb2_te_gcm;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r12, r4\n\t"
+#else
+        "LDR	r12, [sp, #36]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "MOV	r8, r5\n\t"
+#else
+        "LDR	r8, [sp, #40]\n\t"
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[in]\n\t"
+        "MOV	r0, %[L_AES_Thumb2_te_gcm]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	r8, {r4, r5, r6, r7}\n\t"
+        "PUSH	{%[ks], r8}\n\t"
+        "CMP	r12, #0xa\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_GCM_encrypt_start_block_128\n\t"
+#else
+        "BEQ.W	L_AES_GCM_encrypt_start_block_128\n\t"
+#endif
+        "CMP	r12, #0xc\n\t"
+#ifdef __GNUC__
+        "BEQ	L_AES_GCM_encrypt_start_block_192\n\t"
+#else
+        "BEQ.W	L_AES_GCM_encrypt_start_block_192\n\t"
+#endif
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_256:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADD	r7, r7, #0x1\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "STR	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x6\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_GCM_encrypt_loop_block_256\n\t"
+#else
+        "BNE.W	L_AES_GCM_encrypt_loop_block_256\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_GCM_encrypt_end\n\t"
+#else
+        "B.W	L_AES_GCM_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_GCM_encrypt_start_block_192:\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_192:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADD	r7, r7, #0x1\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "STR	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x5\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_GCM_encrypt_loop_block_192\n\t"
+#else
+        "BNE.W	L_AES_GCM_encrypt_loop_block_192\n\t"
+#endif
+#ifdef __GNUC__
+        "B	L_AES_GCM_encrypt_end\n\t"
+#else
+        "B.W	L_AES_GCM_encrypt_end\n\t"
+#endif
+        "\n"
+    "L_AES_GCM_encrypt_start_block_128:\n\t"
+        "\n"
+    "L_AES_GCM_encrypt_loop_block_128:\n\t"
+        "PUSH	{r1, %[len], lr}\n\t"
+        "LDR	lr, [sp, #16]\n\t"
+        "ADD	r7, r7, #0x1\n\t"
+        "LDM	%[ks]!, {r8, r9, r10, r11}\n\t"
+        "STR	r7, [lr, #12]\n\t"
+        /* Round: 0 - XOR in key schedule */
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "MOV	r1, #0x4\n\t"
+        "BL	AES_encrypt_block\n\t"
+        "POP	{r1, %[len], lr}\n\t"
+        "LDR	%[ks], [sp]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "LDR	r8, [lr]\n\t"
+        "LDR	r9, [lr, #4]\n\t"
+        "LDR	r10, [lr, #8]\n\t"
+        "LDR	r11, [lr, #12]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "STR	r4, [%[out]]\n\t"
+        "STR	r5, [%[out], #4]\n\t"
+        "STR	r6, [%[out], #8]\n\t"
+        "STR	r7, [%[out], #12]\n\t"
+        "LDM	r8, {r4, r5, r6, r7}\n\t"
+        "SUBS	%[len], %[len], #0x10\n\t"
+        "ADD	lr, lr, #0x10\n\t"
+        "ADD	%[out], %[out], #0x10\n\t"
+#ifdef __GNUC__
+        "BNE	L_AES_GCM_encrypt_loop_block_128\n\t"
+#else
+        "BNE.W	L_AES_GCM_encrypt_loop_block_128\n\t"
+#endif
+        "\n"
+    "L_AES_GCM_encrypt_end:\n\t"
+        "POP	{%[ks], r8}\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "STM	r8, {r4, r5, r6, r7}\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr),
+          [L_AES_Thumb2_te_gcm] "+r" (L_AES_Thumb2_te_gcm_c)
+        :
+#else
+        : [in] "+r" (in), [out] "+r" (out), [len] "+r" (len), [ks] "+r" (ks), [nr] "+r" (nr), [ctr] "+r" (ctr)
+        : [L_AES_Thumb2_te_gcm] "r" (L_AES_Thumb2_te_gcm)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r12", "lr", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#endif /* HAVE_AESGCM */
+#endif /* !NO_AES */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
new file mode 100644
index 00000000..e6b5dcf5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
@@ -0,0 +1,6485 @@
+/* thumb2-curve25519
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./x25519/x25519.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.S
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+	.thumb
+	.syntax unified
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
+
+	.text
+	.align	4
+	.globl	fe_init
+	.type	fe_init, %function
+fe_init:
+	BX	lr
+	/* Cycle Count = 4 */
+	.size	fe_init,.-fe_init
+	.text
+	.align	4
+	.globl	fe_add_sub_op
+	.type	fe_add_sub_op, %function
+fe_add_sub_op:
+	PUSH	{lr}
+	/* Add-Sub */
+	LDRD	r4, r5, [r2]
+	LDRD	r6, r7, [r3]
+	/*  Add */
+	ADDS	r8, r4, r6
+	MOV	r12, #0x0
+	ADCS	r9, r5, r7
+	ADC	r12, r12, #0x0
+	STRD	r8, r9, [r0]
+	/*  Sub */
+	SUBS	r10, r4, r6
+	SBCS	r11, r5, r7
+	STRD	r10, r11, [r1]
+	LDRD	r4, r5, [r2, #8]
+	LDRD	r6, r7, [r3, #8]
+	/*  Sub */
+	SBCS	r10, r4, r6
+	MOV	lr, #0x0
+	SBCS	r11, r5, r7
+	ADC	lr, lr, #0x0
+	STRD	r10, r11, [r1, #8]
+	/*  Add */
+	SUBS	r12, r12, #0x1
+	ADCS	r8, r4, r6
+	ADCS	r9, r5, r7
+	STRD	r8, r9, [r0, #8]
+	LDRD	r4, r5, [r2, #16]
+	LDRD	r6, r7, [r3, #16]
+	/*  Add */
+	ADCS	r8, r4, r6
+	MOV	r12, #0x0
+	ADCS	r9, r5, r7
+	ADC	r12, r12, #0x0
+	STRD	r8, r9, [r0, #16]
+	/*  Sub */
+	SUBS	lr, lr, #0x1
+	SBCS	r10, r4, r6
+	SBCS	r11, r5, r7
+	STRD	r10, r11, [r1, #16]
+	LDRD	r4, r5, [r2, #24]
+	LDRD	r6, r7, [r3, #24]
+	/*  Sub */
+	SBCS	r10, r4, r6
+	SBC	r11, r5, r7
+	/*  Add */
+	SUBS	r12, r12, #0x1
+	ADCS	r8, r4, r6
+	MOV	r12, #0x0
+	ADCS	r9, r5, r7
+	ADC	r12, r12, #0x0
+	/*   Multiply -modulus by overflow */
+	LSL	r3, r12, #1
+	MOV	r12, #0x13
+	ORR	r3, r3, r9, LSR #31
+	MUL	r12, r3, r12
+	/*   Add -x*modulus (if overflow) */
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	ADDS	r4, r4, r12
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	STRD	r4, r5, [r0]
+	STRD	r6, r7, [r0, #8]
+	LDRD	r4, r5, [r0, #16]
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	STRD	r4, r5, [r0, #16]
+	BFC	r9, #31, #1
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	STRD	r8, r9, [r0, #24]
+	/*   Add -modulus on underflow */
+	MOV	lr, #0x13
+	AND	lr, lr, r11, ASR #31
+	LDM	r1, {r4, r5, r6, r7, r8, r9}
+	SUBS	r4, r4, lr
+	SBCS	r5, r5, #0x0
+	SBCS	r6, r6, #0x0
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	SBCS	r10, r10, #0x0
+	SBC	r11, r11, #0x0
+	STM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Done Add-Sub */
+	POP	{pc}
+	/* Cycle Count = 134 */
+	.size	fe_add_sub_op,.-fe_add_sub_op
+	.text
+	.align	4
+	.globl	fe_sub_op
+	.type	fe_sub_op, %function
+fe_sub_op:
+	PUSH	{lr}
+	/* Sub */
+	LDM	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+	LDM	r1!, {r2, r3, r4, r5}
+	SUBS	r6, r2, r6
+	SBCS	r7, r3, r7
+	SBCS	r8, r4, r8
+	SBCS	r9, r5, r9
+	LDM	r1!, {r2, r3, r4, r5}
+	SBCS	r10, r2, r10
+	SBCS	r11, r3, r11
+	SBCS	r12, r4, r12
+	SBC	lr, r5, lr
+	MOV	r2, #0x13
+	AND	r2, r2, lr, ASR #31
+	SUBS	r6, r6, r2
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBCS	r9, r9, #0x0
+	SBCS	r10, r10, #0x0
+	SBCS	r11, r11, #0x0
+	BFC	lr, #31, #1
+	SBCS	r12, r12, #0x0
+	SBC	lr, lr, #0x0
+	STM	r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+	/* Done Sub */
+	POP	{pc}
+	/* Cycle Count = 51 */
+	.size	fe_sub_op,.-fe_sub_op
+	.text
+	.align	4
+	.globl	fe_sub
+	.type	fe_sub, %function
+fe_sub:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	BL	fe_sub_op
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 24 */
+	.size	fe_sub,.-fe_sub
+	.text
+	.align	4
+	.globl	fe_add_op
+	.type	fe_add_op, %function
+fe_add_op:
+	PUSH	{lr}
+	/* Add */
+	LDM	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}
+	LDM	r1!, {r2, r3, r4, r5}
+	ADDS	r6, r2, r6
+	ADCS	r7, r3, r7
+	ADCS	r8, r4, r8
+	ADCS	r9, r5, r9
+	LDM	r1!, {r2, r3, r4, r5}
+	ADCS	r10, r2, r10
+	ADCS	r11, r3, r11
+	ADCS	r12, r4, r12
+	ADC	lr, r5, lr
+	MOV	r2, #0x13
+	AND	r2, r2, lr, ASR #31
+	ADDS	r6, r6, r2
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	ADCS	r10, r10, #0x0
+	ADCS	r11, r11, #0x0
+	BFC	lr, #31, #1
+	ADCS	r12, r12, #0x0
+	ADC	lr, lr, #0x0
+	STM	r0, {r6, r7, r8, r9, r10, r11, r12, lr}
+	/* Done Add */
+	POP	{pc}
+	/* Cycle Count = 51 */
+	.size	fe_add_op,.-fe_add_op
+	.text
+	.align	4
+	.globl	fe_add
+	.type	fe_add, %function
+fe_add:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	BL	fe_add_op
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 24 */
+	.size	fe_add,.-fe_add
+#ifdef HAVE_ED25519
+	.text
+	.align	4
+	.globl	fe_frombytes
+	.type	fe_frombytes, %function
+fe_frombytes:
+	PUSH	{r4, r5, r6, r7, r8, r9, lr}
+	LDR	r2, [r1]
+	LDR	r3, [r1, #4]
+	LDR	r4, [r1, #8]
+	LDR	r5, [r1, #12]
+	LDR	r6, [r1, #16]
+	LDR	r7, [r1, #20]
+	LDR	r8, [r1, #24]
+	LDR	r9, [r1, #28]
+	BFC	r9, #31, #1
+	STR	r2, [r0]
+	STR	r3, [r0, #4]
+	STR	r4, [r0, #8]
+	STR	r5, [r0, #12]
+	STR	r6, [r0, #16]
+	STR	r7, [r0, #20]
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #28]
+	POP	{r4, r5, r6, r7, r8, r9, pc}
+	/* Cycle Count = 49 */
+	.size	fe_frombytes,.-fe_frombytes
+	.text
+	.align	4
+	.globl	fe_tobytes
+	.type	fe_tobytes, %function
+fe_tobytes:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, lr}
+	LDM	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADDS	r10, r2, #0x13
+	ADCS	r10, r3, #0x0
+	ADCS	r10, r4, #0x0
+	ADCS	r10, r5, #0x0
+	ADCS	r10, r6, #0x0
+	ADCS	r10, r7, #0x0
+	ADCS	r10, r8, #0x0
+	ADC	r10, r9, #0x0
+	ASR	r10, r10, #31
+	AND	r10, r10, #0x13
+	ADDS	r2, r2, r10
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	BFC	r9, #31, #1
+	STR	r2, [r0]
+	STR	r3, [r0, #4]
+	STR	r4, [r0, #8]
+	STR	r5, [r0, #12]
+	STR	r6, [r0, #16]
+	STR	r7, [r0, #20]
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #28]
+	POP	{r4, r5, r6, r7, r8, r9, r10, pc}
+	/* Cycle Count = 62 */
+	.size	fe_tobytes,.-fe_tobytes
+	.text
+	.align	4
+	.globl	fe_1
+	.type	fe_1, %function
+fe_1:
+	PUSH	{r4, r5, r6, r7, r8, r9, lr}
+	/* Set one */
+	MOV	r2, #0x1
+	MOV	r3, #0x0
+	MOV	r4, #0x0
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	POP	{r4, r5, r6, r7, r8, r9, pc}
+	/* Cycle Count = 33 */
+	.size	fe_1,.-fe_1
+	.text
+	.align	4
+	.globl	fe_0
+	.type	fe_0, %function
+fe_0:
+	PUSH	{r4, r5, r6, r7, r8, r9, lr}
+	/* Set zero */
+	MOV	r2, #0x0
+	MOV	r3, #0x0
+	MOV	r4, #0x0
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	POP	{r4, r5, r6, r7, r8, r9, pc}
+	/* Cycle Count = 33 */
+	.size	fe_0,.-fe_0
+	.text
+	.align	4
+	.globl	fe_copy
+	.type	fe_copy, %function
+fe_copy:
+	PUSH	{r4, r5, lr}
+	/* Copy */
+	LDRD	r2, r3, [r1]
+	LDRD	r4, r5, [r1, #8]
+	STRD	r2, r3, [r0]
+	STRD	r4, r5, [r0, #8]
+	LDRD	r2, r3, [r1, #16]
+	LDRD	r4, r5, [r1, #24]
+	STRD	r2, r3, [r0, #16]
+	STRD	r4, r5, [r0, #24]
+	POP	{r4, r5, pc}
+	/* Cycle Count = 32 */
+	.size	fe_copy,.-fe_copy
+	.text
+	.align	4
+	.globl	fe_neg
+	.type	fe_neg, %function
+fe_neg:
+	PUSH	{r4, r5, r6, r7, lr}
+	MVN	r7, #0x0
+	MVN	r6, #0x12
+	LDM	r1!, {r2, r3, r4, r5}
+	SUBS	r2, r6, r2
+	SBCS	r3, r7, r3
+	SBCS	r4, r7, r4
+	SBCS	r5, r7, r5
+	STM	r0!, {r2, r3, r4, r5}
+	MVN	r6, #0x80000000
+	LDM	r1!, {r2, r3, r4, r5}
+	SBCS	r2, r7, r2
+	SBCS	r3, r7, r3
+	SBCS	r4, r7, r4
+	SBC	r5, r6, r5
+	STM	r0!, {r2, r3, r4, r5}
+	POP	{r4, r5, r6, r7, pc}
+	/* Cycle Count = 43 */
+	.size	fe_neg,.-fe_neg
+	.text
+	.align	4
+	.globl	fe_isnonzero
+	.type	fe_isnonzero, %function
+fe_isnonzero:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, lr}
+	LDM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADDS	r1, r2, #0x13
+	ADCS	r1, r3, #0x0
+	ADCS	r1, r4, #0x0
+	ADCS	r1, r5, #0x0
+	ADCS	r1, r6, #0x0
+	ADCS	r1, r7, #0x0
+	ADCS	r1, r8, #0x0
+	ADC	r1, r9, #0x0
+	ASR	r1, r1, #31
+	AND	r1, r1, #0x13
+	ADDS	r2, r2, r1
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	BFC	r9, #31, #1
+	ORR	r2, r2, r3
+	ORR	r4, r4, r5
+	ORR	r6, r6, r7
+	ORR	r8, r8, r9
+	ORR	r4, r4, r6
+	ORR	r2, r2, r8
+	ORR	r0, r2, r4
+	POP	{r4, r5, r6, r7, r8, r9, r10, pc}
+	/* Cycle Count = 53 */
+	.size	fe_isnonzero,.-fe_isnonzero
+	.text
+	.align	4
+	.globl	fe_isnegative
+	.type	fe_isnegative, %function
+fe_isnegative:
+	PUSH	{r4, r5, lr}
+	LDM	r0!, {r2, r3, r4, r5}
+	ADDS	r1, r2, #0x13
+	ADCS	r1, r3, #0x0
+	ADCS	r1, r4, #0x0
+	ADCS	r1, r5, #0x0
+	LDM	r0, {r2, r3, r4, r5}
+	ADCS	r1, r2, #0x0
+	ADCS	r1, r3, #0x0
+	ADCS	r1, r4, #0x0
+	LDR	r2, [r0, #-16]
+	ADC	r1, r5, #0x0
+	AND	r0, r2, #0x1
+	LSR	r1, r1, #31
+	EOR	r0, r0, r1
+	POP	{r4, r5, pc}
+	/* Cycle Count = 31 */
+	.size	fe_isnegative,.-fe_isnegative
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
+	.text
+	.align	4
+	.globl	fe_cmov_table
+	.type	fe_cmov_table, %function
+fe_cmov_table:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SXTB	r2, r2
+	SBFX	r3, r2, #7, #1
+	EOR	r12, r2, r3
+	SUB	r12, r12, r3
+	MOV	r4, #0x1
+	MOV	r5, #0x0
+	MOV	r6, #0x1
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #31
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #30
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #29
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #28
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #27
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #26
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #25
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #24
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #32]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #64]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	SUB	r1, r1, #0x2a0
+	MVN	r10, #0x12
+	MVN	r11, #0x0
+	SUBS	r10, r10, r8
+	SBCS	r11, r11, r9
+	SBC	lr, lr, lr
+	ASR	r12, r2, #31
+	EOR	r3, r4, r6
+	AND	r3, r3, r12
+	EOR	r4, r4, r3
+	EOR	r6, r6, r3
+	EOR	r3, r5, r7
+	AND	r3, r3, r12
+	EOR	r5, r5, r3
+	EOR	r7, r7, r3
+	EOR	r10, r10, r8
+	AND	r10, r10, r12
+	EOR	r8, r8, r10
+	EOR	r11, r11, r9
+	AND	r11, r11, r12
+	EOR	r9, r9, r11
+	STRD	r4, r5, [r0]
+	STRD	r6, r7, [r0, #32]
+	STRD	r8, r9, [r0, #64]
+	SBFX	r3, r2, #7, #1
+	EOR	r12, r2, r3
+	SUB	r12, r12, r3
+	MOV	r4, #0x0
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #31
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #30
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #29
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #28
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #27
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #26
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #25
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #24
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #8]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #40]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #72]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	SUB	r1, r1, #0x2a0
+	MVN	r10, #0x0
+	MVN	r11, #0x0
+	RSBS	lr, lr, #0x0
+	SBCS	r10, r10, r8
+	SBCS	r11, r11, r9
+	SBC	lr, lr, lr
+	ASR	r12, r2, #31
+	EOR	r3, r4, r6
+	AND	r3, r3, r12
+	EOR	r4, r4, r3
+	EOR	r6, r6, r3
+	EOR	r3, r5, r7
+	AND	r3, r3, r12
+	EOR	r5, r5, r3
+	EOR	r7, r7, r3
+	EOR	r10, r10, r8
+	AND	r10, r10, r12
+	EOR	r8, r8, r10
+	EOR	r11, r11, r9
+	AND	r11, r11, r12
+	EOR	r9, r9, r11
+	STRD	r4, r5, [r0, #8]
+	STRD	r6, r7, [r0, #40]
+	STRD	r8, r9, [r0, #72]
+	SBFX	r3, r2, #7, #1
+	EOR	r12, r2, r3
+	SUB	r12, r12, r3
+	MOV	r4, #0x0
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #31
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #30
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #29
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #28
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #27
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #26
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #25
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #24
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #48]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #80]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	SUB	r1, r1, #0x2a0
+	MVN	r10, #0x0
+	MVN	r11, #0x0
+	RSBS	lr, lr, #0x0
+	SBCS	r10, r10, r8
+	SBCS	r11, r11, r9
+	SBC	lr, lr, lr
+	ASR	r12, r2, #31
+	EOR	r3, r4, r6
+	AND	r3, r3, r12
+	EOR	r4, r4, r3
+	EOR	r6, r6, r3
+	EOR	r3, r5, r7
+	AND	r3, r3, r12
+	EOR	r5, r5, r3
+	EOR	r7, r7, r3
+	EOR	r10, r10, r8
+	AND	r10, r10, r12
+	EOR	r8, r8, r10
+	EOR	r11, r11, r9
+	AND	r11, r11, r12
+	EOR	r9, r9, r11
+	STRD	r4, r5, [r0, #16]
+	STRD	r6, r7, [r0, #48]
+	STRD	r8, r9, [r0, #80]
+	SBFX	r3, r2, #7, #1
+	EOR	r12, r2, r3
+	SUB	r12, r12, r3
+	MOV	r4, #0x0
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #31
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #30
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #29
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #28
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #27
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #26
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #25
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	ADD	r1, r1, #0x60
+	MOV	r3, #0x80000000
+	ROR	r3, r3, #24
+	ROR	r3, r3, r12
+	ASR	r3, r3, #31
+	LDRD	r10, r11, [r1, #24]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r4, r4, r10
+	EOR	r5, r5, r11
+	LDRD	r10, r11, [r1, #56]
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r6, r6, r10
+	EOR	r7, r7, r11
+	LDRD	r10, r11, [r1, #88]
+	EOR	r10, r10, r8
+	EOR	r11, r11, r9
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	EOR	r8, r8, r10
+	EOR	r9, r9, r11
+	SUB	r1, r1, #0x2a0
+	MVN	r10, #0x0
+	MVN	r11, #0x80000000
+	RSBS	lr, lr, #0x0
+	SBCS	r10, r10, r8
+	SBC	r11, r11, r9
+	ASR	r12, r2, #31
+	EOR	r3, r4, r6
+	AND	r3, r3, r12
+	EOR	r4, r4, r3
+	EOR	r6, r6, r3
+	EOR	r3, r5, r7
+	AND	r3, r3, r12
+	EOR	r5, r5, r3
+	EOR	r7, r7, r3
+	EOR	r10, r10, r8
+	AND	r10, r10, r12
+	EOR	r8, r8, r10
+	EOR	r11, r11, r9
+	AND	r11, r11, r12
+	EOR	r9, r9, r11
+	STRD	r4, r5, [r0, #24]
+	STRD	r6, r7, [r0, #56]
+	STRD	r8, r9, [r0, #88]
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 1195 */
+	.size	fe_cmov_table,.-fe_cmov_table
+#else
+	.text
+	.align	4
+	.globl	fe_cmov_table
+	.type	fe_cmov_table, %function
+fe_cmov_table:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SXTB	r2, r2
+	SBFX	r3, r2, #7, #1
+	EOR	r2, r2, r3
+	SUB	r2, r2, r3
+	CLZ	lr, r2
+	LSL	lr, lr, #26
+	ASR	lr, lr, #31
+	MVN	lr, lr
+	ADD	r2, r2, lr
+	MOV	r12, #0x60
+	MUL	r2, r2, r12
+	ADD	r1, r1, r2
+	LDM	r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r6, r6, lr
+	AND	r7, r7, lr
+	AND	r8, r8, lr
+	AND	r9, r9, lr
+	AND	r10, r10, lr
+	AND	r11, r11, lr
+	MVN	r12, lr
+	SUB	r4, r4, r12
+	MOV	r12, #0x20
+	AND	r12, r12, r3
+	ADD	r0, r0, r12
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	SUB	r0, r0, r12
+	LDM	r1!, {r4, r5, r6, r7, r8, r9, r10, r11}
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r6, r6, lr
+	AND	r7, r7, lr
+	AND	r8, r8, lr
+	AND	r9, r9, lr
+	AND	r10, r10, lr
+	AND	r11, r11, lr
+	MVN	r12, lr
+	SUB	r4, r4, r12
+	MOV	r12, #0x20
+	BIC	r12, r12, r3
+	ADD	r0, r0, r12
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	SUB	r0, r0, r12
+	ADD	r0, r0, #0x40
+	LDM	r1!, {r4, r5, r6, r7}
+	MVN	r12, #0x12
+	SUBS	r8, r12, r4
+	SBCS	r9, r3, r5
+	SBCS	r10, r3, r6
+	SBCS	r11, r3, r7
+	BIC	r4, r4, r3
+	BIC	r5, r5, r3
+	BIC	r6, r6, r3
+	BIC	r7, r7, r3
+	AND	r8, r8, r3
+	AND	r9, r9, r3
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	ORR	r4, r4, r8
+	ORR	r5, r5, r9
+	ORR	r6, r6, r10
+	ORR	r7, r7, r11
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r6, r6, lr
+	AND	r7, r7, lr
+	STM	r0!, {r4, r5, r6, r7}
+	LDM	r1!, {r4, r5, r6, r7}
+	MVN	r12, #0x80000000
+	SBCS	r8, r3, r4
+	SBCS	r9, r3, r5
+	SBCS	r10, r3, r6
+	SBC	r11, r12, r7
+	BIC	r4, r4, r3
+	BIC	r5, r5, r3
+	BIC	r6, r6, r3
+	BIC	r7, r7, r3
+	AND	r8, r8, r3
+	AND	r9, r9, r3
+	AND	r10, r10, r3
+	AND	r11, r11, r3
+	ORR	r4, r4, r8
+	ORR	r5, r5, r9
+	ORR	r6, r6, r10
+	ORR	r7, r7, r11
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r6, r6, lr
+	AND	r7, r7, lr
+	STM	r0!, {r4, r5, r6, r7}
+	SUB	r1, r1, r2
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 160 */
+	.size	fe_cmov_table,.-fe_cmov_table
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	fe_mul_op
+	.type	fe_mul_op, %function
+fe_mul_op:
+	PUSH	{lr}
+	SUB	sp, sp, #0x28
+	STR	r0, [sp, #36]
+	MOV	r0, #0x0
+	LDR	r12, [r1]
+	/* A[0] * B[0] */
+	LDR	lr, [r2]
+	UMULL	r3, r4, r12, lr
+	/* A[0] * B[2] */
+	LDR	lr, [r2, #8]
+	UMULL	r5, r6, r12, lr
+	/* A[0] * B[4] */
+	LDR	lr, [r2, #16]
+	UMULL	r7, r8, r12, lr
+	/* A[0] * B[6] */
+	LDR	lr, [r2, #24]
+	UMULL	r9, r10, r12, lr
+	STR	r3, [sp]
+	/* A[0] * B[1] */
+	LDR	lr, [r2, #4]
+	MOV	r11, r0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[0] * B[3] */
+	LDR	lr, [r2, #12]
+	ADCS	r6, r6, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[0] * B[5] */
+	LDR	lr, [r2, #20]
+	ADCS	r8, r8, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[0] * B[7] */
+	LDR	lr, [r2, #28]
+	ADCS	r10, r10, #0x0
+	ADC	r3, r0, #0x0
+	UMLAL	r10, r3, r12, lr
+	/* A[1] * B[0] */
+	LDR	r12, [r1, #4]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r4, r11, r12, lr
+	STR	r4, [sp, #4]
+	ADDS	r5, r5, r11
+	/* A[1] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[1] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[1] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[1] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[1] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[1] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[1] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r4, r0, #0x0
+	UMLAL	r3, r4, r12, lr
+	/* A[2] * B[0] */
+	LDR	r12, [r1, #8]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r5, r11, r12, lr
+	STR	r5, [sp, #8]
+	ADDS	r6, r6, r11
+	/* A[2] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[2] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[2] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[2] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[2] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[2] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[2] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r5, r0, #0x0
+	UMLAL	r4, r5, r12, lr
+	/* A[3] * B[0] */
+	LDR	r12, [r1, #12]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	STR	r6, [sp, #12]
+	ADDS	r7, r7, r11
+	/* A[3] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[3] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[3] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[3] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[3] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[3] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[3] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r6, r0, #0x0
+	UMLAL	r5, r6, r12, lr
+	/* A[4] * B[0] */
+	LDR	r12, [r1, #16]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r7, r11, r12, lr
+	STR	r7, [sp, #16]
+	ADDS	r8, r8, r11
+	/* A[4] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[4] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[4] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[4] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[4] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[4] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[4] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r7, r0, #0x0
+	UMLAL	r6, r7, r12, lr
+	/* A[5] * B[0] */
+	LDR	r12, [r1, #20]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r8, r11, r12, lr
+	STR	r8, [sp, #20]
+	ADDS	r9, r9, r11
+	/* A[5] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[5] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[5] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[5] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[5] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[5] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[5] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r8, r0, #0x0
+	UMLAL	r7, r8, r12, lr
+	/* A[6] * B[0] */
+	LDR	r12, [r1, #24]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r9, r11, r12, lr
+	STR	r9, [sp, #24]
+	ADDS	r10, r10, r11
+	/* A[6] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[6] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[6] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[6] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[6] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[6] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[6] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r9, r0, #0x0
+	UMLAL	r8, r9, r12, lr
+	/* A[7] * B[0] */
+	LDR	r12, [r1, #28]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r10, r11, r12, lr
+	STR	r10, [sp, #28]
+	ADDS	r3, r3, r11
+	/* A[7] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[7] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[7] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[7] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[7] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[7] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[7] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r10, r0, #0x0
+	UMLAL	r9, r10, r12, lr
+	/* Reduce */
+	LDR	r2, [sp, #28]
+	MOV	lr, sp
+	MOV	r12, #0x26
+	UMULL	r10, r11, r10, r12
+	ADDS	r10, r10, r2
+	ADC	r11, r11, #0x0
+	MOV	r12, #0x13
+	LSL	r11, r11, #1
+	ORR	r11, r11, r10, LSR #31
+	MUL	r11, r11, r12
+	LDM	lr!, {r1, r2}
+	MOV	r12, #0x26
+	ADDS	r1, r1, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r1, r11, r3, r12
+	ADDS	r2, r2, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r2, r11, r4, r12
+	LDM	lr!, {r3, r4}
+	ADDS	r3, r3, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r5, r12
+	ADDS	r4, r4, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r6, r12
+	LDM	lr!, {r5, r6}
+	ADDS	r5, r5, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r7, r12
+	ADDS	r6, r6, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r8, r12
+	LDM	lr!, {r7, r8}
+	ADDS	r7, r7, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r9, r12
+	BFC	r10, #31, #1
+	ADDS	r8, r10, r11
+	/* Store */
+	LDR	r0, [sp, #36]
+	STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	ADD	sp, sp, #0x28
+	POP	{pc}
+	/* Cycle Count = 406 */
+	.size	fe_mul_op,.-fe_mul_op
+#else
+	.text
+	.align	4
+	.globl	fe_mul_op
+	.type	fe_mul_op, %function
+fe_mul_op:
+	PUSH	{lr}
+	SUB	sp, sp, #0x2c
+	STRD	r0, r1, [sp, #36]
+	MOV	lr, r2
+	LDM	r1, {r0, r1, r2, r3}
+	LDM	lr!, {r4, r5, r6}
+	UMULL	r10, r11, r0, r4
+	UMULL	r12, r7, r1, r4
+	UMAAL	r11, r12, r0, r5
+	UMULL	r8, r9, r2, r4
+	UMAAL	r12, r8, r1, r5
+	UMAAL	r12, r7, r0, r6
+	UMAAL	r8, r9, r3, r4
+	STM	sp, {r10, r11, r12}
+	UMAAL	r7, r8, r2, r5
+	LDM	lr!, {r4}
+	UMULL	r10, r11, r1, r6
+	UMAAL	r8, r9, r2, r6
+	UMAAL	r7, r10, r0, r4
+	UMAAL	r8, r11, r3, r5
+	STR	r7, [sp, #12]
+	UMAAL	r8, r10, r1, r4
+	UMAAL	r9, r11, r3, r6
+	UMAAL	r9, r10, r2, r4
+	UMAAL	r10, r11, r3, r4
+	LDM	lr, {r4, r5, r6, r7}
+	MOV	r12, #0x0
+	UMLAL	r8, r12, r0, r4
+	UMAAL	r9, r12, r1, r4
+	UMAAL	r10, r12, r2, r4
+	UMAAL	r11, r12, r3, r4
+	MOV	r4, #0x0
+	UMLAL	r9, r4, r0, r5
+	UMAAL	r10, r4, r1, r5
+	UMAAL	r11, r4, r2, r5
+	UMAAL	r12, r4, r3, r5
+	MOV	r5, #0x0
+	UMLAL	r10, r5, r0, r6
+	UMAAL	r11, r5, r1, r6
+	UMAAL	r12, r5, r2, r6
+	UMAAL	r4, r5, r3, r6
+	MOV	r6, #0x0
+	UMLAL	r11, r6, r0, r7
+	LDR	r0, [sp, #40]
+	UMAAL	r12, r6, r1, r7
+	ADD	r0, r0, #0x10
+	UMAAL	r4, r6, r2, r7
+	SUB	lr, lr, #0x10
+	UMAAL	r5, r6, r3, r7
+	LDM	r0, {r0, r1, r2, r3}
+	STR	r6, [sp, #32]
+	LDM	lr!, {r6}
+	MOV	r7, #0x0
+	UMLAL	r8, r7, r0, r6
+	UMAAL	r9, r7, r1, r6
+	STR	r8, [sp, #16]
+	UMAAL	r10, r7, r2, r6
+	UMAAL	r11, r7, r3, r6
+	LDM	lr!, {r6}
+	MOV	r8, #0x0
+	UMLAL	r9, r8, r0, r6
+	UMAAL	r10, r8, r1, r6
+	STR	r9, [sp, #20]
+	UMAAL	r11, r8, r2, r6
+	UMAAL	r12, r8, r3, r6
+	LDM	lr!, {r6}
+	MOV	r9, #0x0
+	UMLAL	r10, r9, r0, r6
+	UMAAL	r11, r9, r1, r6
+	STR	r10, [sp, #24]
+	UMAAL	r12, r9, r2, r6
+	UMAAL	r4, r9, r3, r6
+	LDM	lr!, {r6}
+	MOV	r10, #0x0
+	UMLAL	r11, r10, r0, r6
+	UMAAL	r12, r10, r1, r6
+	STR	r11, [sp, #28]
+	UMAAL	r4, r10, r2, r6
+	UMAAL	r5, r10, r3, r6
+	LDM	lr!, {r11}
+	UMAAL	r12, r7, r0, r11
+	UMAAL	r4, r7, r1, r11
+	LDR	r6, [sp, #32]
+	UMAAL	r5, r7, r2, r11
+	UMAAL	r6, r7, r3, r11
+	LDM	lr!, {r11}
+	UMAAL	r4, r8, r0, r11
+	UMAAL	r5, r8, r1, r11
+	UMAAL	r6, r8, r2, r11
+	UMAAL	r7, r8, r3, r11
+	LDM	lr, {r11, lr}
+	UMAAL	r5, r9, r0, r11
+	UMAAL	r6, r10, r0, lr
+	UMAAL	r6, r9, r1, r11
+	UMAAL	r7, r10, r1, lr
+	UMAAL	r7, r9, r2, r11
+	UMAAL	r8, r10, r2, lr
+	UMAAL	r8, r9, r3, r11
+	UMAAL	r9, r10, r3, lr
+	/* Reduce */
+	LDR	r0, [sp, #28]
+	MOV	lr, #0x25
+	UMAAL	r10, r0, r10, lr
+	MOV	lr, #0x13
+	LSL	r0, r0, #1
+	ORR	r0, r0, r10, LSR #31
+	MUL	r11, r0, lr
+	POP	{r0, r1, r2}
+	MOV	lr, #0x26
+	UMAAL	r0, r11, r12, lr
+	UMAAL	r1, r11, r4, lr
+	UMAAL	r2, r11, r5, lr
+	POP	{r3, r4, r5}
+	UMAAL	r3, r11, r6, lr
+	UMAAL	r4, r11, r7, lr
+	UMAAL	r5, r11, r8, lr
+	POP	{r6}
+	BFC	r10, #31, #1
+	UMAAL	r6, r11, r9, lr
+	ADD	r7, r10, r11
+	LDR	lr, [sp, #8]
+	/* Store */
+	STM	lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+	ADD	sp, sp, #0x10
+	POP	{pc}
+	/* Cycle Count = 239 */
+	.size	fe_mul_op,.-fe_mul_op
+#endif /* WOLFSSL_SP_NO_UMAAL */
+	.text
+	.align	4
+	.globl	fe_mul
+	.type	fe_mul, %function
+fe_mul:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	BL	fe_mul_op
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 24 */
+	.size	fe_mul,.-fe_mul
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	fe_sq_op
+	.type	fe_sq_op, %function
+fe_sq_op:
+	PUSH	{lr}
+	SUB	sp, sp, #0x44
+	STR	r0, [sp, #64]
+	/* Square */
+	MOV	r0, #0x0
+	LDR	r12, [r1]
+	/* A[0] * A[1] */
+	LDR	lr, [r1, #4]
+	UMULL	r4, r5, r12, lr
+	/* A[0] * A[3] */
+	LDR	lr, [r1, #12]
+	UMULL	r6, r7, r12, lr
+	/* A[0] * A[5] */
+	LDR	lr, [r1, #20]
+	UMULL	r8, r9, r12, lr
+	/* A[0] * A[7] */
+	LDR	lr, [r1, #28]
+	UMULL	r10, r3, r12, lr
+	/* A[0] * A[2] */
+	LDR	lr, [r1, #8]
+	MOV	r11, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[0] * A[4] */
+	LDR	lr, [r1, #16]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[0] * A[6] */
+	LDR	lr, [r1, #24]
+	ADCS	r9, r9, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	ADCS	r3, r3, #0x0
+	STR	r4, [sp, #4]
+	STR	r5, [sp, #8]
+	/* A[1] * A[2] */
+	LDR	r12, [r1, #4]
+	LDR	lr, [r1, #8]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	STR	r6, [sp, #12]
+	ADDS	r7, r7, r11
+	/* A[1] * A[3] */
+	LDR	lr, [r1, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	STR	r7, [sp, #16]
+	ADDS	r8, r8, r11
+	/* A[1] * A[4] */
+	LDR	lr, [r1, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[1] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[1] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[1] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r4, r0, #0x0
+	UMLAL	r3, r4, r12, lr
+	/* A[2] * A[3] */
+	LDR	r12, [r1, #8]
+	LDR	lr, [r1, #12]
+	MOV	r11, #0x0
+	UMLAL	r8, r11, r12, lr
+	STR	r8, [sp, #20]
+	ADDS	r9, r9, r11
+	/* A[2] * A[4] */
+	LDR	lr, [r1, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	STR	r9, [sp, #24]
+	ADDS	r10, r10, r11
+	/* A[2] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[2] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[2] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r5, r0, #0x0
+	UMLAL	r4, r5, r12, lr
+	/* A[3] * A[4] */
+	LDR	r12, [r1, #12]
+	LDR	lr, [r1, #16]
+	MOV	r11, #0x0
+	UMLAL	r10, r11, r12, lr
+	STR	r10, [sp, #28]
+	ADDS	r3, r3, r11
+	/* A[3] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[3] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[3] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r6, r0, #0x0
+	UMLAL	r5, r6, r12, lr
+	/* A[4] * A[5] */
+	LDR	r12, [r1, #16]
+	LDR	lr, [r1, #20]
+	MOV	r11, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[4] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[4] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r7, r0, #0x0
+	UMLAL	r6, r7, r12, lr
+	/* A[5] * A[6] */
+	LDR	r12, [r1, #20]
+	LDR	lr, [r1, #24]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[5] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r8, r0, #0x0
+	UMLAL	r7, r8, r12, lr
+	/* A[6] * A[7] */
+	LDR	r12, [r1, #24]
+	LDR	lr, [r1, #28]
+	MOV	r9, #0x0
+	UMLAL	r8, r9, r12, lr
+	ADD	lr, sp, #0x20
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9}
+	ADD	lr, sp, #0x4
+	LDM	lr, {r4, r5, r6, r7, r8, r9, r10}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	STM	lr!, {r4, r5, r6, r7, r8, r9, r10}
+	LDM	lr, {r3, r4, r5, r6, r7, r8, r9}
+	ADCS	r3, r3, r3
+	ADCS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADC	r10, r0, #0x0
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	ADD	lr, sp, #0x4
+	LDM	lr, {r4, r5, r6, r7, r8, r9, r10}
+	MOV	lr, sp
+	/* A[0] * A[0] */
+	LDR	r12, [r1]
+	UMULL	r3, r11, r12, r12
+	ADDS	r4, r4, r11
+	/* A[1] * A[1] */
+	LDR	r12, [r1, #4]
+	ADCS	r5, r5, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, r12
+	ADDS	r6, r6, r11
+	/* A[2] * A[2] */
+	LDR	r12, [r1, #8]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, r12
+	ADDS	r8, r8, r11
+	/* A[3] * A[3] */
+	LDR	r12, [r1, #12]
+	ADCS	r9, r9, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, r12
+	ADDS	r10, r10, r11
+	STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+	LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	/* A[4] * A[4] */
+	LDR	r12, [r1, #16]
+	ADCS	r3, r3, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, r12
+	ADDS	r4, r4, r11
+	/* A[5] * A[5] */
+	LDR	r12, [r1, #20]
+	ADCS	r5, r5, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, r12
+	ADDS	r6, r6, r11
+	/* A[6] * A[6] */
+	LDR	r12, [r1, #24]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, r12
+	ADDS	r8, r8, r11
+	/* A[7] * A[7] */
+	LDR	r12, [r1, #28]
+	ADCS	r9, r9, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r9, r10, r12, r12
+	/* Reduce */
+	LDR	r2, [sp, #28]
+	MOV	lr, sp
+	MOV	r12, #0x26
+	UMULL	r10, r11, r10, r12
+	ADDS	r10, r10, r2
+	ADC	r11, r11, #0x0
+	MOV	r12, #0x13
+	LSL	r11, r11, #1
+	ORR	r11, r11, r10, LSR #31
+	MUL	r11, r11, r12
+	LDM	lr!, {r1, r2}
+	MOV	r12, #0x26
+	ADDS	r1, r1, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r1, r11, r3, r12
+	ADDS	r2, r2, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r2, r11, r4, r12
+	LDM	lr!, {r3, r4}
+	ADDS	r3, r3, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r5, r12
+	ADDS	r4, r4, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r6, r12
+	LDM	lr!, {r5, r6}
+	ADDS	r5, r5, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r7, r12
+	ADDS	r6, r6, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r8, r12
+	LDM	lr!, {r7, r8}
+	ADDS	r7, r7, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r9, r12
+	BFC	r10, #31, #1
+	ADDS	r8, r10, r11
+	/* Store */
+	LDR	r0, [sp, #64]
+	STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	ADD	sp, sp, #0x44
+	POP	{pc}
+	/* Cycle Count = 355 */
+	.size	fe_sq_op,.-fe_sq_op
+#else
+	.text
+	.align	4
+	.globl	fe_sq_op
+	.type	fe_sq_op, %function
+fe_sq_op:
+	PUSH	{lr}
+	SUB	sp, sp, #0x20
+	STR	r0, [sp, #28]
+	LDM	r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+	/* Square */
+	UMULL	r9, r10, r0, r0
+	UMULL	r11, r12, r0, r1
+	ADDS	r11, r11, r11
+	MOV	lr, #0x0
+	UMAAL	r10, r11, lr, lr
+	STM	sp, {r9, r10}
+	MOV	r8, lr
+	UMAAL	r8, r12, r0, r2
+	ADCS	r8, r8, r8
+	UMAAL	r8, r11, r1, r1
+	UMULL	r9, r10, r0, r3
+	UMAAL	r9, r12, r1, r2
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, lr, lr
+	STRD	r8, r9, [sp, #8]
+	MOV	r9, lr
+	UMAAL	r9, r10, r0, r4
+	UMAAL	r9, r12, r1, r3
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, r2, r2
+	STR	r9, [sp, #16]
+	UMULL	r9, r8, r0, r5
+	UMAAL	r9, r12, r1, r4
+	UMAAL	r9, r10, r2, r3
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, lr, lr
+	STR	r9, [sp, #20]
+	MOV	r9, lr
+	UMAAL	r9, r8, r0, r6
+	UMAAL	r9, r12, r1, r5
+	UMAAL	r9, r10, r2, r4
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, r3, r3
+	STR	r9, [sp, #24]
+	UMULL	r0, r9, r0, r7
+	UMAAL	r0, r8, r1, r6
+	UMAAL	r0, r12, r2, r5
+	UMAAL	r0, r10, r3, r4
+	ADCS	r0, r0, r0
+	UMAAL	r0, r11, lr, lr
+	/* R[7] = r0 */
+	UMAAL	r9, r8, r1, r7
+	UMAAL	r9, r10, r2, r6
+	UMAAL	r12, r9, r3, r5
+	ADCS	r12, r12, r12
+	UMAAL	r12, r11, r4, r4
+	/* R[8] = r12 */
+	UMAAL	r9, r8, r2, r7
+	UMAAL	r10, r9, r3, r6
+	MOV	r2, lr
+	UMAAL	r10, r2, r4, r5
+	ADCS	r10, r10, r10
+	UMAAL	r11, r10, lr, lr
+	/* R[9] = r11 */
+	UMAAL	r2, r8, r3, r7
+	UMAAL	r2, r9, r4, r6
+	ADCS	r3, r2, r2
+	UMAAL	r10, r3, r5, r5
+	/* R[10] = r10 */
+	MOV	r1, lr
+	UMAAL	r1, r8, r4, r7
+	UMAAL	r1, r9, r5, r6
+	ADCS	r4, r1, r1
+	UMAAL	r3, r4, lr, lr
+	/* R[11] = r3 */
+	UMAAL	r8, r9, r5, r7
+	ADCS	r8, r8, r8
+	UMAAL	r4, r8, r6, r6
+	/* R[12] = r4 */
+	MOV	r5, lr
+	UMAAL	r5, r9, r6, r7
+	ADCS	r5, r5, r5
+	UMAAL	r8, r5, lr, lr
+	/* R[13] = r8 */
+	ADCS	r9, r9, r9
+	UMAAL	r9, r5, r7, r7
+	ADCS	r7, r5, lr
+	/* R[14] = r9 */
+	/* R[15] = r7 */
+	/* Reduce */
+	MOV	r6, #0x25
+	UMAAL	r7, r0, r7, r6
+	MOV	r6, #0x13
+	LSL	r0, r0, #1
+	ORR	r0, r0, r7, LSR #31
+	MUL	lr, r0, r6
+	POP	{r0, r1}
+	MOV	r6, #0x26
+	UMAAL	r0, lr, r12, r6
+	UMAAL	r1, lr, r11, r6
+	MOV	r12, r3
+	MOV	r11, r4
+	POP	{r2, r3, r4}
+	UMAAL	r2, lr, r10, r6
+	UMAAL	r3, lr, r12, r6
+	UMAAL	r4, lr, r11, r6
+	MOV	r12, r6
+	POP	{r5, r6}
+	UMAAL	r5, lr, r8, r12
+	BFC	r7, #31, #1
+	UMAAL	r6, lr, r9, r12
+	ADD	r7, r7, lr
+	POP	{lr}
+	/* Store */
+	STM	lr, {r0, r1, r2, r3, r4, r5, r6, r7}
+	POP	{pc}
+	/* Cycle Count = 179 */
+	.size	fe_sq_op,.-fe_sq_op
+#endif /* WOLFSSL_SP_NO_UMAAL */
+	.text
+	.align	4
+	.globl	fe_sq
+	.type	fe_sq, %function
+fe_sq:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	BL	fe_sq_op
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 24 */
+	.size	fe_sq,.-fe_sq
+#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	fe_mul121666
+	.type	fe_mul121666, %function
+fe_mul121666:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	/* Multiply by 121666 */
+	LDM	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+	MOV	r12, #0xdb42
+	MOVT	r12, #0x1
+	UMULL	r2, r10, r2, r12
+	UMULL	r3, r11, r3, r12
+	ADDS	r3, r3, r10
+	ADC	r11, r11, #0x0
+	UMULL	r4, r10, r4, r12
+	ADDS	r4, r4, r11
+	ADC	r10, r10, #0x0
+	UMULL	r5, r11, r5, r12
+	ADDS	r5, r5, r10
+	ADC	r11, r11, #0x0
+	UMULL	r6, r10, r6, r12
+	ADDS	r6, r6, r11
+	ADC	r10, r10, #0x0
+	UMULL	r7, r11, r7, r12
+	ADDS	r7, r7, r10
+	ADC	r11, r11, #0x0
+	UMULL	r8, r10, r8, r12
+	ADDS	r8, r8, r11
+	ADC	r10, r10, #0x0
+	UMULL	r9, r11, r9, r12
+	ADDS	r9, r9, r10
+	MOV	r12, #0x13
+	ADC	r11, r11, #0x0
+	LSL	r11, r11, #1
+	ORR	r11, r11, r9, LSR #31
+	MUL	r11, r11, r12
+	ADDS	r2, r2, r11
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	BFC	r9, #31, #1
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 75 */
+	.size	fe_mul121666,.-fe_mul121666
+#else
+	.text
+	.align	4
+	.globl	fe_mul121666
+	.type	fe_mul121666, %function
+fe_mul121666:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	/* Multiply by 121666 */
+	LDM	r1, {r2, r3, r4, r5, r6, r7, r8, r9}
+	MOV	r11, #0xdb42
+	MOVT	r11, #0x1
+	UMULL	r2, r12, r2, r11
+	SUB	r10, r11, #0x1
+	UMAAL	r3, r12, r3, r10
+	UMAAL	r4, r12, r4, r10
+	UMAAL	r5, r12, r5, r10
+	UMAAL	r6, r12, r6, r10
+	UMAAL	r7, r12, r7, r10
+	UMAAL	r8, r12, r8, r10
+	MOV	r11, #0x13
+	UMAAL	r9, r12, r9, r10
+	LSL	r12, r12, #1
+	ORR	r12, r12, r9, LSR #31
+	MUL	r12, r12, r11
+	ADDS	r2, r2, r12
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	BFC	r9, #31, #1
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 69 */
+	.size	fe_mul121666,.-fe_mul121666
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WC_NO_CACHE_RESISTANT
+	.text
+	.align	4
+	.globl	curve25519
+	.type	curve25519, %function
+curve25519:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xbc
+	STR	r0, [sp, #160]
+	STR	r1, [sp, #164]
+	STR	r2, [sp, #168]
+	MOV	r1, #0x0
+	STR	r1, [sp, #172]
+	MOV	r4, #0x1
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r10, #0x0
+	MOV	r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADD	r3, sp, #0x20
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r4, #0x0
+	MOV	r3, sp
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADD	r3, sp, #0x40
+	/* Copy */
+	LDM	r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r1, #0x1e
+	STR	r1, [sp, #180]
+	MOV	r2, #0x1c
+	STR	r2, [sp, #176]
+L_curve25519_words:
+L_curve25519_bits:
+	LDR	r1, [sp, #164]
+	LDR	r2, [r1, r2]
+	LDR	r1, [sp, #180]
+	LSR	r2, r2, r1
+	AND	r2, r2, #0x1
+	STR	r2, [sp, #184]
+	LDR	r1, [sp, #172]
+	EOR	r1, r1, r2
+	STR	r1, [sp, #172]
+	LDR	r0, [sp, #160]
+	/* Conditional Swap */
+	RSB	r1, r1, #0x0
+	MOV	r3, r0
+	ADD	r12, sp, #0x40
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDR	r1, [sp, #172]
+	/* Conditional Swap */
+	RSB	r1, r1, #0x0
+	MOV	r3, sp
+	ADD	r12, sp, #0x20
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDM	r3, {r4, r5}
+	LDM	r12, {r6, r7}
+	EOR	r8, r4, r6
+	EOR	r9, r5, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r9
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	STM	r3!, {r4, r5}
+	STM	r12!, {r6, r7}
+	LDR	r1, [sp, #184]
+	STR	r1, [sp, #172]
+	MOV	r3, sp
+	LDR	r2, [sp, #160]
+	ADD	r1, sp, #0x80
+	LDR	r0, [sp, #160]
+	BL	fe_add_sub_op
+	ADD	r3, sp, #0x20
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	MOV	r0, sp
+	BL	fe_add_sub_op
+	LDR	r2, [sp, #160]
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r2, sp, #0x80
+	MOV	r1, sp
+	MOV	r0, sp
+	BL	fe_mul_op
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	LDR	r1, [sp, #160]
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r3, sp
+	ADD	r2, sp, #0x20
+	MOV	r1, sp
+	ADD	r0, sp, #0x40
+	BL	fe_add_sub_op
+	ADD	r2, sp, #0x80
+	ADD	r1, sp, #0x60
+	LDR	r0, [sp, #160]
+	BL	fe_mul_op
+	ADD	r2, sp, #0x80
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_sub_op
+	MOV	r1, sp
+	MOV	r0, sp
+	BL	fe_sq_op
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x20
+	BL	fe_mul121666
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	BL	fe_add_op
+	MOV	r2, sp
+	LDR	r1, [sp, #168]
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r2, sp, #0x80
+	ADD	r1, sp, #0x60
+	MOV	r0, sp
+	BL	fe_mul_op
+	LDR	r2, [sp, #176]
+	LDR	r1, [sp, #180]
+	SUBS	r1, r1, #0x1
+	STR	r1, [sp, #180]
+#ifdef __GNUC__
+	BGE	L_curve25519_bits
+#else
+	BGE.W	L_curve25519_bits
+#endif
+	MOV	r1, #0x1f
+	STR	r1, [sp, #180]
+	SUBS	r2, r2, #0x4
+	STR	r2, [sp, #176]
+#ifdef __GNUC__
+	BGE	L_curve25519_words
+#else
+	BGE.W	L_curve25519_words
+#endif
+	/* Invert */
+	ADD	r1, sp, #0x0
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x0
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x4
+L_curve25519_inv_1:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_1
+#else
+	BNE.N	L_curve25519_inv_1
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x9
+L_curve25519_inv_2:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_2
+#else
+	BNE.N	L_curve25519_inv_2
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	MOV	r12, #0x13
+L_curve25519_inv_3:
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_3
+#else
+	BNE.N	L_curve25519_inv_3
+#endif
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	MOV	r12, #0xa
+L_curve25519_inv_4:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_4
+#else
+	BNE.N	L_curve25519_inv_4
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x31
+L_curve25519_inv_5:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_5
+#else
+	BNE.N	L_curve25519_inv_5
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	MOV	r12, #0x63
+L_curve25519_inv_6:
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_6
+#else
+	BNE.N	L_curve25519_inv_6
+#endif
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	MOV	r12, #0x32
+L_curve25519_inv_7:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_7
+#else
+	BNE.N	L_curve25519_inv_7
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	MOV	r12, #0x5
+L_curve25519_inv_8:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_8
+#else
+	BNE.N	L_curve25519_inv_8
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x0
+	BL	fe_mul_op
+	MOV	r2, sp
+	LDR	r1, [sp, #160]
+	LDR	r0, [sp, #160]
+	BL	fe_mul_op
+	MOV	r0, #0x0
+	ADD	sp, sp, #0xbc
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 682 */
+	.size	curve25519,.-curve25519
+#else
+	.text
+	.align	4
+	.globl	curve25519
+	.type	curve25519, %function
+curve25519:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xc0
+	STR	r0, [sp, #176]
+	STR	r1, [sp, #160]
+	STR	r2, [sp, #172]
+	ADD	r5, sp, #0x40
+	ADD	r4, sp, #0x20
+	STR	sp, [sp, #184]
+	STR	r5, [sp, #180]
+	STR	r4, [sp, #188]
+	MOV	r1, #0x0
+	STR	r1, [sp, #164]
+	MOV	r4, #0x1
+	MOV	r5, #0x0
+	MOV	r6, #0x0
+	MOV	r7, #0x0
+	MOV	r8, #0x0
+	MOV	r9, #0x0
+	MOV	r10, #0x0
+	MOV	r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADD	r3, sp, #0x20
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r4, #0x0
+	MOV	r3, sp
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADD	r3, sp, #0x40
+	/* Copy */
+	LDM	r2, {r4, r5, r6, r7, r8, r9, r10, r11}
+	STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r2, #0xfe
+L_curve25519_bits:
+	STR	r2, [sp, #168]
+	LDR	r1, [sp, #160]
+	AND	r4, r2, #0x1f
+	LSR	r2, r2, #5
+	LDR	r2, [r1, r2, LSL #2]
+	RSB	r4, r4, #0x1f
+	LSL	r2, r2, r4
+	LDR	r1, [sp, #164]
+	EOR	r1, r1, r2
+	ASR	r1, r1, #31
+	STR	r2, [sp, #164]
+	/* Conditional Swap */
+	ADD	r11, sp, #0xb0
+	LDM	r11, {r4, r5, r6, r7}
+	EOR	r8, r4, r5
+	EOR	r9, r6, r7
+	AND	r8, r8, r1
+	AND	r9, r9, r1
+	EOR	r4, r4, r8
+	EOR	r5, r5, r8
+	EOR	r6, r6, r9
+	EOR	r7, r7, r9
+	STM	r11, {r4, r5, r6, r7}
+	/* Ladder step */
+	LDR	r3, [sp, #184]
+	LDR	r2, [sp, #176]
+	ADD	r1, sp, #0x80
+	LDR	r0, [sp, #176]
+	BL	fe_add_sub_op
+	LDR	r3, [sp, #188]
+	LDR	r2, [sp, #180]
+	ADD	r1, sp, #0x60
+	LDR	r0, [sp, #184]
+	BL	fe_add_sub_op
+	LDR	r2, [sp, #176]
+	ADD	r1, sp, #0x60
+	LDR	r0, [sp, #188]
+	BL	fe_mul_op
+	ADD	r2, sp, #0x80
+	LDR	r1, [sp, #184]
+	LDR	r0, [sp, #184]
+	BL	fe_mul_op
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	LDR	r1, [sp, #176]
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	LDR	r3, [sp, #184]
+	LDR	r2, [sp, #188]
+	LDR	r1, [sp, #184]
+	LDR	r0, [sp, #180]
+	BL	fe_add_sub_op
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	LDR	r0, [sp, #176]
+	BL	fe_mul_op
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	BL	fe_sub_op
+	LDR	r1, [sp, #184]
+	LDR	r0, [sp, #184]
+	BL	fe_sq_op
+	ADD	r1, sp, #0x80
+	LDR	r0, [sp, #188]
+	BL	fe_mul121666
+	LDR	r1, [sp, #180]
+	LDR	r0, [sp, #180]
+	BL	fe_sq_op
+	LDR	r2, [sp, #188]
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_add_op
+	LDR	r2, [sp, #184]
+	LDR	r1, [sp, #172]
+	LDR	r0, [sp, #188]
+	BL	fe_mul_op
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	LDR	r0, [sp, #184]
+	BL	fe_mul_op
+	LDR	r2, [sp, #168]
+	SUBS	r2, r2, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BGE	L_curve25519_bits
+#else
+	BGE.N	L_curve25519_bits
+#endif
+	/*   Cycle Count: 171 */
+	LDR	r1, [sp, #184]
+	/* Copy */
+	LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	STM	sp, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Invert */
+	ADD	r1, sp, #0x0
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x0
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x4
+L_curve25519_inv_1:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_1
+#else
+	BNE.N	L_curve25519_inv_1
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x9
+L_curve25519_inv_2:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_2
+#else
+	BNE.N	L_curve25519_inv_2
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	MOV	r12, #0x13
+L_curve25519_inv_3:
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_3
+#else
+	BNE.N	L_curve25519_inv_3
+#endif
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	MOV	r12, #0xa
+L_curve25519_inv_4:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_4
+#else
+	BNE.N	L_curve25519_inv_4
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x31
+L_curve25519_inv_5:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_5
+#else
+	BNE.N	L_curve25519_inv_5
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x80
+	BL	fe_sq_op
+	MOV	r12, #0x63
+L_curve25519_inv_6:
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x80
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_6
+#else
+	BNE.N	L_curve25519_inv_6
+#endif
+	ADD	r2, sp, #0x60
+	ADD	r1, sp, #0x80
+	ADD	r0, sp, #0x60
+	BL	fe_mul_op
+	MOV	r12, #0x32
+L_curve25519_inv_7:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_7
+#else
+	BNE.N	L_curve25519_inv_7
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	MOV	r12, #0x5
+L_curve25519_inv_8:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_curve25519_inv_8
+#else
+	BNE.N	L_curve25519_inv_8
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x0
+	BL	fe_mul_op
+	LDR	r2, [sp, #184]
+	LDR	r1, [sp, #176]
+	LDR	r0, [sp, #176]
+	BL	fe_mul_op
+	/* Ensure result is less than modulus */
+	LDR	r0, [sp, #176]
+	LDM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r2, #0x13
+	AND	r2, r2, r11, ASR #31
+	ADDS	r4, r4, r2
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	ADCS	r10, r10, #0x0
+	ADC	r11, r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	MOV	r0, #0x0
+	ADD	sp, sp, #0xc0
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 589 */
+	.size	curve25519,.-curve25519
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+	.text
+	.align	4
+	.globl	fe_invert
+	.type	fe_invert, %function
+fe_invert:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x88
+	/* Invert */
+	STR	r0, [sp, #128]
+	STR	r1, [sp, #132]
+	LDR	r1, [sp, #132]
+	MOV	r0, sp
+	BL	fe_sq_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r2, sp, #0x20
+	LDR	r1, [sp, #132]
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r2, sp, #0x20
+	MOV	r1, sp
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	MOV	r12, #0x4
+L_fe_invert1:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert1
+#else
+	BNE.N	L_fe_invert1
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	MOV	r12, #0x9
+L_fe_invert2:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert2
+#else
+	BNE.N	L_fe_invert2
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x13
+L_fe_invert3:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert3
+#else
+	BNE.N	L_fe_invert3
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	MOV	r12, #0xa
+L_fe_invert4:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert4
+#else
+	BNE.N	L_fe_invert4
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	MOV	r12, #0x31
+L_fe_invert5:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert5
+#else
+	BNE.N	L_fe_invert5
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x60
+	BL	fe_sq_op
+	MOV	r12, #0x63
+L_fe_invert6:
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x60
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert6
+#else
+	BNE.N	L_fe_invert6
+#endif
+	ADD	r2, sp, #0x40
+	ADD	r1, sp, #0x60
+	ADD	r0, sp, #0x40
+	BL	fe_mul_op
+	MOV	r12, #0x32
+L_fe_invert7:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert7
+#else
+	BNE.N	L_fe_invert7
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	MOV	r12, #0x5
+L_fe_invert8:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_invert8
+#else
+	BNE.N	L_fe_invert8
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	LDR	r0, [sp, #128]
+	BL	fe_mul_op
+	LDR	r1, [sp, #132]
+	LDR	r0, [sp, #128]
+	ADD	sp, sp, #0x88
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 292 */
+	.size	fe_invert,.-fe_invert
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	fe_sq2
+	.type	fe_sq2, %function
+fe_sq2:
+	PUSH	{lr}
+	SUB	sp, sp, #0x44
+	STR	r0, [sp, #64]
+	/* Square * 2 */
+	MOV	r0, #0x0
+	LDR	r12, [r1]
+	/* A[0] * A[1] */
+	LDR	lr, [r1, #4]
+	UMULL	r4, r5, r12, lr
+	/* A[0] * A[3] */
+	LDR	lr, [r1, #12]
+	UMULL	r6, r7, r12, lr
+	/* A[0] * A[5] */
+	LDR	lr, [r1, #20]
+	UMULL	r8, r9, r12, lr
+	/* A[0] * A[7] */
+	LDR	lr, [r1, #28]
+	UMULL	r10, r3, r12, lr
+	/* A[0] * A[2] */
+	LDR	lr, [r1, #8]
+	MOV	r11, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[0] * A[4] */
+	LDR	lr, [r1, #16]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[0] * A[6] */
+	LDR	lr, [r1, #24]
+	ADCS	r9, r9, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	ADCS	r3, r3, #0x0
+	STR	r4, [sp, #4]
+	STR	r5, [sp, #8]
+	/* A[1] * A[2] */
+	LDR	r12, [r1, #4]
+	LDR	lr, [r1, #8]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	STR	r6, [sp, #12]
+	ADDS	r7, r7, r11
+	/* A[1] * A[3] */
+	LDR	lr, [r1, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	STR	r7, [sp, #16]
+	ADDS	r8, r8, r11
+	/* A[1] * A[4] */
+	LDR	lr, [r1, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[1] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[1] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[1] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r4, r0, #0x0
+	UMLAL	r3, r4, r12, lr
+	/* A[2] * A[3] */
+	LDR	r12, [r1, #8]
+	LDR	lr, [r1, #12]
+	MOV	r11, #0x0
+	UMLAL	r8, r11, r12, lr
+	STR	r8, [sp, #20]
+	ADDS	r9, r9, r11
+	/* A[2] * A[4] */
+	LDR	lr, [r1, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	STR	r9, [sp, #24]
+	ADDS	r10, r10, r11
+	/* A[2] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[2] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[2] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r5, r0, #0x0
+	UMLAL	r4, r5, r12, lr
+	/* A[3] * A[4] */
+	LDR	r12, [r1, #12]
+	LDR	lr, [r1, #16]
+	MOV	r11, #0x0
+	UMLAL	r10, r11, r12, lr
+	STR	r10, [sp, #28]
+	ADDS	r3, r3, r11
+	/* A[3] * A[5] */
+	LDR	lr, [r1, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[3] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[3] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r6, r0, #0x0
+	UMLAL	r5, r6, r12, lr
+	/* A[4] * A[5] */
+	LDR	r12, [r1, #16]
+	LDR	lr, [r1, #20]
+	MOV	r11, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[4] * A[6] */
+	LDR	lr, [r1, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[4] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r7, r0, #0x0
+	UMLAL	r6, r7, r12, lr
+	/* A[5] * A[6] */
+	LDR	r12, [r1, #20]
+	LDR	lr, [r1, #24]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[5] * A[7] */
+	LDR	lr, [r1, #28]
+	ADC	r8, r0, #0x0
+	UMLAL	r7, r8, r12, lr
+	/* A[6] * A[7] */
+	LDR	r12, [r1, #24]
+	LDR	lr, [r1, #28]
+	MOV	r9, #0x0
+	UMLAL	r8, r9, r12, lr
+	ADD	lr, sp, #0x20
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9}
+	ADD	lr, sp, #0x4
+	LDM	lr, {r4, r5, r6, r7, r8, r9, r10}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	STM	lr!, {r4, r5, r6, r7, r8, r9, r10}
+	LDM	lr, {r3, r4, r5, r6, r7, r8, r9}
+	ADCS	r3, r3, r3
+	ADCS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADC	r10, r0, #0x0
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	ADD	lr, sp, #0x4
+	LDM	lr, {r4, r5, r6, r7, r8, r9, r10}
+	MOV	lr, sp
+	/* A[0] * A[0] */
+	LDR	r12, [r1]
+	UMULL	r3, r11, r12, r12
+	ADDS	r4, r4, r11
+	/* A[1] * A[1] */
+	LDR	r12, [r1, #4]
+	ADCS	r5, r5, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, r12
+	ADDS	r6, r6, r11
+	/* A[2] * A[2] */
+	LDR	r12, [r1, #8]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, r12
+	ADDS	r8, r8, r11
+	/* A[3] * A[3] */
+	LDR	r12, [r1, #12]
+	ADCS	r9, r9, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, r12
+	ADDS	r10, r10, r11
+	STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}
+	LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	/* A[4] * A[4] */
+	LDR	r12, [r1, #16]
+	ADCS	r3, r3, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, r12
+	ADDS	r4, r4, r11
+	/* A[5] * A[5] */
+	LDR	r12, [r1, #20]
+	ADCS	r5, r5, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, r12
+	ADDS	r6, r6, r11
+	/* A[6] * A[6] */
+	LDR	r12, [r1, #24]
+	ADCS	r7, r7, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, r12
+	ADDS	r8, r8, r11
+	/* A[7] * A[7] */
+	LDR	r12, [r1, #28]
+	ADCS	r9, r9, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r9, r10, r12, r12
+	/* Reduce */
+	LDR	r2, [sp, #28]
+	MOV	lr, sp
+	MOV	r12, #0x26
+	UMULL	r10, r11, r10, r12
+	ADDS	r10, r10, r2
+	ADC	r11, r11, #0x0
+	MOV	r12, #0x13
+	LSL	r11, r11, #1
+	ORR	r11, r11, r10, LSR #31
+	MUL	r11, r11, r12
+	LDM	lr!, {r1, r2}
+	MOV	r12, #0x26
+	ADDS	r1, r1, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r1, r11, r3, r12
+	ADDS	r2, r2, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r2, r11, r4, r12
+	LDM	lr!, {r3, r4}
+	ADDS	r3, r3, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r5, r12
+	ADDS	r4, r4, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r6, r12
+	LDM	lr!, {r5, r6}
+	ADDS	r5, r5, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r7, r12
+	ADDS	r6, r6, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r8, r12
+	LDM	lr!, {r7, r8}
+	ADDS	r7, r7, r11
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r9, r12
+	BFC	r10, #31, #1
+	ADDS	r8, r10, r11
+	/* Reduce if top bit set */
+	MOV	r12, #0x13
+	AND	r11, r12, r8, ASR #31
+	ADDS	r1, r1, r11
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	BFC	r8, #31, #1
+	ADCS	r7, r7, #0x0
+	ADC	r8, r8, #0x0
+	/* Double */
+	ADDS	r1, r1, r1
+	ADCS	r2, r2, r2
+	ADCS	r3, r3, r3
+	ADCS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADC	r8, r8, r8
+	/* Reduce if top bit set */
+	MOV	r12, #0x13
+	AND	r11, r12, r8, ASR #31
+	ADDS	r1, r1, r11
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	BFC	r8, #31, #1
+	ADCS	r7, r7, #0x0
+	ADC	r8, r8, #0x0
+	/* Store */
+	LDR	r0, [sp, #64]
+	STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}
+	ADD	sp, sp, #0x44
+	POP	{pc}
+	/* Cycle Count = 385 */
+	.size	fe_sq2,.-fe_sq2
+#else
+	.text
+	.align	4
+	.globl	fe_sq2
+	.type	fe_sq2, %function
+fe_sq2:
+	PUSH	{lr}
+	SUB	sp, sp, #0x24
+	STRD	r0, r1, [sp, #28]
+	LDM	r1, {r0, r1, r2, r3, r4, r5, r6, r7}
+	/* Square * 2 */
+	UMULL	r9, r10, r0, r0
+	UMULL	r11, r12, r0, r1
+	ADDS	r11, r11, r11
+	MOV	lr, #0x0
+	UMAAL	r10, r11, lr, lr
+	STM	sp, {r9, r10}
+	MOV	r8, lr
+	UMAAL	r8, r12, r0, r2
+	ADCS	r8, r8, r8
+	UMAAL	r8, r11, r1, r1
+	UMULL	r9, r10, r0, r3
+	UMAAL	r9, r12, r1, r2
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, lr, lr
+	STRD	r8, r9, [sp, #8]
+	MOV	r9, lr
+	UMAAL	r9, r10, r0, r4
+	UMAAL	r9, r12, r1, r3
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, r2, r2
+	STR	r9, [sp, #16]
+	UMULL	r9, r8, r0, r5
+	UMAAL	r9, r12, r1, r4
+	UMAAL	r9, r10, r2, r3
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, lr, lr
+	STR	r9, [sp, #20]
+	MOV	r9, lr
+	UMAAL	r9, r8, r0, r6
+	UMAAL	r9, r12, r1, r5
+	UMAAL	r9, r10, r2, r4
+	ADCS	r9, r9, r9
+	UMAAL	r9, r11, r3, r3
+	STR	r9, [sp, #24]
+	UMULL	r0, r9, r0, r7
+	UMAAL	r0, r8, r1, r6
+	UMAAL	r0, r12, r2, r5
+	UMAAL	r0, r10, r3, r4
+	ADCS	r0, r0, r0
+	UMAAL	r0, r11, lr, lr
+	/* R[7] = r0 */
+	UMAAL	r9, r8, r1, r7
+	UMAAL	r9, r10, r2, r6
+	UMAAL	r12, r9, r3, r5
+	ADCS	r12, r12, r12
+	UMAAL	r12, r11, r4, r4
+	/* R[8] = r12 */
+	UMAAL	r9, r8, r2, r7
+	UMAAL	r10, r9, r3, r6
+	MOV	r2, lr
+	UMAAL	r10, r2, r4, r5
+	ADCS	r10, r10, r10
+	UMAAL	r11, r10, lr, lr
+	/* R[9] = r11 */
+	UMAAL	r2, r8, r3, r7
+	UMAAL	r2, r9, r4, r6
+	ADCS	r3, r2, r2
+	UMAAL	r10, r3, r5, r5
+	/* R[10] = r10 */
+	MOV	r1, lr
+	UMAAL	r1, r8, r4, r7
+	UMAAL	r1, r9, r5, r6
+	ADCS	r4, r1, r1
+	UMAAL	r3, r4, lr, lr
+	/* R[11] = r3 */
+	UMAAL	r8, r9, r5, r7
+	ADCS	r8, r8, r8
+	UMAAL	r4, r8, r6, r6
+	/* R[12] = r4 */
+	MOV	r5, lr
+	UMAAL	r5, r9, r6, r7
+	ADCS	r5, r5, r5
+	UMAAL	r8, r5, lr, lr
+	/* R[13] = r8 */
+	ADCS	r9, r9, r9
+	UMAAL	r9, r5, r7, r7
+	ADCS	r7, r5, lr
+	/* R[14] = r9 */
+	/* R[15] = r7 */
+	/* Reduce */
+	MOV	r6, #0x25
+	UMAAL	r7, r0, r7, r6
+	MOV	r6, #0x13
+	LSL	r0, r0, #1
+	ORR	r0, r0, r7, LSR #31
+	MUL	lr, r0, r6
+	POP	{r0, r1}
+	MOV	r6, #0x26
+	UMAAL	r0, lr, r12, r6
+	UMAAL	r1, lr, r11, r6
+	MOV	r12, r3
+	MOV	r11, r4
+	POP	{r2, r3, r4}
+	UMAAL	r2, lr, r10, r6
+	UMAAL	r3, lr, r12, r6
+	UMAAL	r4, lr, r11, r6
+	MOV	r12, r6
+	POP	{r5, r6}
+	UMAAL	r5, lr, r8, r12
+	BFC	r7, #31, #1
+	UMAAL	r6, lr, r9, r12
+	ADD	r7, r7, lr
+	/* Reduce if top bit set */
+	MOV	r11, #0x13
+	AND	r12, r11, r7, ASR #31
+	ADDS	r0, r0, r12
+	ADCS	r1, r1, #0x0
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	BFC	r7, #31, #1
+	ADCS	r6, r6, #0x0
+	ADC	r7, r7, #0x0
+	/* Double */
+	ADDS	r0, r0, r0
+	ADCS	r1, r1, r1
+	ADCS	r2, r2, r2
+	ADCS	r3, r3, r3
+	ADCS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADC	r7, r7, r7
+	/* Reduce if top bit set */
+	MOV	r11, #0x13
+	AND	r12, r11, r7, ASR #31
+	ADDS	r0, r0, r12
+	ADCS	r1, r1, #0x0
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	BFC	r7, #31, #1
+	ADCS	r6, r6, #0x0
+	ADC	r7, r7, #0x0
+	POP	{r12, lr}
+	/* Store */
+	STM	r12, {r0, r1, r2, r3, r4, r5, r6, r7}
+	MOV	r0, r12
+	MOV	r1, lr
+	POP	{pc}
+	/* Cycle Count = 213 */
+	.size	fe_sq2,.-fe_sq2
+#endif /* WOLFSSL_SP_NO_UMAAL */
+	.text
+	.align	4
+	.globl	fe_pow22523
+	.type	fe_pow22523, %function
+fe_pow22523:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x68
+	/* pow22523 */
+	STR	r0, [sp, #96]
+	STR	r1, [sp, #100]
+	LDR	r1, [sp, #100]
+	MOV	r0, sp
+	BL	fe_sq_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	ADD	r2, sp, #0x20
+	LDR	r1, [sp, #100]
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r2, sp, #0x20
+	MOV	r1, sp
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r1, sp
+	MOV	r0, sp
+	BL	fe_sq_op
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	MOV	r12, #0x4
+L_fe_pow22523_1:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_1
+#else
+	BNE.N	L_fe_pow22523_1
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	MOV	r12, #0x9
+L_fe_pow22523_2:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_2
+#else
+	BNE.N	L_fe_pow22523_2
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	MOV	r12, #0x13
+L_fe_pow22523_3:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_3
+#else
+	BNE.N	L_fe_pow22523_3
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	MOV	r12, #0xa
+L_fe_pow22523_4:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_4
+#else
+	BNE.N	L_fe_pow22523_4
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r1, sp
+	ADD	r0, sp, #0x20
+	BL	fe_sq_op
+	MOV	r12, #0x31
+L_fe_pow22523_5:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_5
+#else
+	BNE.N	L_fe_pow22523_5
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x40
+	BL	fe_sq_op
+	MOV	r12, #0x63
+L_fe_pow22523_6:
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x40
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_6
+#else
+	BNE.N	L_fe_pow22523_6
+#endif
+	ADD	r2, sp, #0x20
+	ADD	r1, sp, #0x40
+	ADD	r0, sp, #0x20
+	BL	fe_mul_op
+	MOV	r12, #0x32
+L_fe_pow22523_7:
+	ADD	r1, sp, #0x20
+	ADD	r0, sp, #0x20
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_7
+#else
+	BNE.N	L_fe_pow22523_7
+#endif
+	MOV	r2, sp
+	ADD	r1, sp, #0x20
+	MOV	r0, sp
+	BL	fe_mul_op
+	MOV	r12, #0x2
+L_fe_pow22523_8:
+	MOV	r1, sp
+	MOV	r0, sp
+	PUSH	{r12}
+	BL	fe_sq_op
+	POP	{r12}
+	SUBS	r12, r12, #0x1
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+	BNE	L_fe_pow22523_8
+#else
+	BNE.N	L_fe_pow22523_8
+#endif
+	LDR	r2, [sp, #100]
+	MOV	r1, sp
+	LDR	r0, [sp, #96]
+	BL	fe_mul_op
+	LDR	r1, [sp, #100]
+	LDR	r0, [sp, #96]
+	ADD	sp, sp, #0x68
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 293 */
+	.size	fe_pow22523,.-fe_pow22523
+	.text
+	.align	4
+	.globl	ge_p1p1_to_p2
+	.type	ge_p1p1_to_p2, %function
+ge_p1p1_to_p2:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x8
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	ADD	r2, r1, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x40
+	ADD	r1, r1, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x60
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x40
+	BL	fe_mul_op
+	ADD	sp, sp, #0x8
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 53 */
+	.size	ge_p1p1_to_p2,.-ge_p1p1_to_p2
+	.text
+	.align	4
+	.globl	ge_p1p1_to_p3
+	.type	ge_p1p1_to_p3, %function
+ge_p1p1_to_p3:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x8
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	ADD	r2, r1, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x40
+	ADD	r1, r1, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x60
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x40
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x20
+	ADD	r0, r0, #0x60
+	BL	fe_mul_op
+	ADD	sp, sp, #0x8
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 63 */
+	.size	ge_p1p1_to_p3,.-ge_p1p1_to_p3
+	.text
+	.align	4
+	.globl	ge_p2_dbl
+	.type	ge_p2_dbl, %function
+ge_p2_dbl:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x8
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	BL	fe_sq_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r1, r1, #0x20
+	ADD	r0, r0, #0x40
+	BL	fe_sq_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	ADD	r2, r1, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_add_op
+	MOV	r1, r0
+	ADD	r0, r0, #0x40
+	BL	fe_sq_op
+	LDR	r0, [sp]
+	MOV	r3, r0
+	ADD	r2, r0, #0x40
+	ADD	r1, r0, #0x40
+	ADD	r0, r0, #0x20
+	BL	fe_add_sub_op
+	MOV	r2, r0
+	ADD	r1, r0, #0x40
+	SUB	r0, r0, #0x20
+	BL	fe_sub_op
+	LDR	r1, [sp, #4]
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x60
+	BL	fe_sq2
+	SUB	r2, r0, #0x20
+	MOV	r1, r0
+	BL	fe_sub_op
+	ADD	sp, sp, #0x8
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 87 */
+	.size	ge_p2_dbl,.-ge_p2_dbl
+	.text
+	.align	4
+	.globl	ge_madd
+	.type	ge_madd, %function
+ge_madd:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xc
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	STR	r2, [sp, #8]
+	MOV	r2, r1
+	ADD	r1, r1, #0x20
+	BL	fe_add_op
+	LDR	r1, [sp, #4]
+	MOV	r2, r1
+	ADD	r1, r1, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_sub_op
+	LDR	r2, [sp, #8]
+	SUB	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x20
+	ADD	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #8]
+	LDR	r2, [sp, #4]
+	ADD	r2, r2, #0x60
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	ADD	r3, r0, #0x20
+	ADD	r2, r0, #0x40
+	MOV	r1, r0
+	ADD	r0, r0, #0x20
+	BL	fe_add_sub_op
+	LDR	r1, [sp, #4]
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x20
+	/* Double */
+	LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	MOV	lr, #0x0
+	ADCS	r11, r11, r11
+	ADC	lr, lr, #0x0
+	MOV	r12, #0x13
+	LSL	lr, lr, #1
+	ORR	lr, lr, r11, LSR #31
+	MUL	r12, lr, r12
+	ADDS	r4, r4, r12
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	ADCS	r10, r10, #0x0
+	ADC	r11, r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Done Double */
+	ADD	r3, r0, #0x20
+	ADD	r1, r0, #0x20
+	BL	fe_add_sub_op
+	ADD	sp, sp, #0xc
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 136 */
+	.size	ge_madd,.-ge_madd
+	.text
+	.align	4
+	.globl	ge_msub
+	.type	ge_msub, %function
+ge_msub:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xc
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	STR	r2, [sp, #8]
+	MOV	r2, r1
+	ADD	r1, r1, #0x20
+	BL	fe_add_op
+	LDR	r1, [sp, #4]
+	MOV	r2, r1
+	ADD	r1, r1, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_sub_op
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x20
+	SUB	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r2, [sp, #8]
+	ADD	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #8]
+	LDR	r2, [sp, #4]
+	ADD	r2, r2, #0x60
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	ADD	r3, r0, #0x20
+	ADD	r2, r0, #0x40
+	MOV	r1, r0
+	ADD	r0, r0, #0x20
+	BL	fe_add_sub_op
+	LDR	r1, [sp, #4]
+	ADD	r1, r1, #0x40
+	ADD	r0, r0, #0x20
+	/* Double */
+	LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	MOV	lr, #0x0
+	ADCS	r11, r11, r11
+	ADC	lr, lr, #0x0
+	MOV	r12, #0x13
+	LSL	lr, lr, #1
+	ORR	lr, lr, r11, LSR #31
+	MUL	r12, lr, r12
+	ADDS	r4, r4, r12
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	ADCS	r10, r10, #0x0
+	ADC	r11, r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Done Double */
+	ADD	r3, r0, #0x20
+	MOV	r1, r0
+	ADD	r0, r0, #0x20
+	BL	fe_add_sub_op
+	ADD	sp, sp, #0xc
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 137 */
+	.size	ge_msub,.-ge_msub
+	.text
+	.align	4
+	.globl	ge_add
+	.type	ge_add, %function
+ge_add:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x2c
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	STR	r2, [sp, #8]
+	MOV	r3, r1
+	ADD	r2, r1, #0x20
+	ADD	r1, r0, #0x20
+	BL	fe_add_sub_op
+	LDR	r2, [sp, #8]
+	MOV	r1, r0
+	ADD	r0, r0, #0x40
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x20
+	ADD	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #8]
+	LDR	r2, [sp, #4]
+	ADD	r2, r2, #0x60
+	ADD	r1, r1, #0x60
+	ADD	r0, r0, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x40
+	ADD	r1, r1, #0x40
+	BL	fe_mul_op
+	LDR	r1, [sp]
+	ADD	r0, sp, #0xc
+	/* Double */
+	LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	MOV	lr, #0x0
+	ADCS	r11, r11, r11
+	ADC	lr, lr, #0x0
+	MOV	r12, #0x13
+	LSL	lr, lr, #1
+	ORR	lr, lr, r11, LSR #31
+	MUL	r12, lr, r12
+	ADDS	r4, r4, r12
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	ADCS	r10, r10, #0x0
+	ADC	r11, r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Done Double */
+	ADD	r3, r1, #0x20
+	ADD	r2, r1, #0x40
+	ADD	r0, r1, #0x20
+	BL	fe_add_sub_op
+	ADD	r3, r0, #0x40
+	ADD	r2, sp, #0xc
+	ADD	r1, r0, #0x40
+	ADD	r0, r0, #0x20
+	BL	fe_add_sub_op
+	ADD	sp, sp, #0x2c
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 138 */
+	.size	ge_add,.-ge_add
+	.text
+	.align	4
+	.globl	ge_sub
+	.type	ge_sub, %function
+ge_sub:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x2c
+	STR	r0, [sp]
+	STR	r1, [sp, #4]
+	STR	r2, [sp, #8]
+	MOV	r3, r1
+	ADD	r2, r1, #0x20
+	ADD	r1, r0, #0x20
+	BL	fe_add_sub_op
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x20
+	MOV	r1, r0
+	ADD	r0, r0, #0x40
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r2, [sp, #8]
+	ADD	r1, r0, #0x20
+	ADD	r0, r0, #0x20
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #8]
+	LDR	r2, [sp, #4]
+	ADD	r2, r2, #0x60
+	ADD	r1, r1, #0x60
+	ADD	r0, r0, #0x60
+	BL	fe_mul_op
+	LDR	r0, [sp]
+	LDR	r1, [sp, #4]
+	LDR	r2, [sp, #8]
+	ADD	r2, r2, #0x40
+	ADD	r1, r1, #0x40
+	BL	fe_mul_op
+	LDR	r1, [sp]
+	ADD	r0, sp, #0xc
+	/* Double */
+	LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}
+	ADDS	r4, r4, r4
+	ADCS	r5, r5, r5
+	ADCS	r6, r6, r6
+	ADCS	r7, r7, r7
+	ADCS	r8, r8, r8
+	ADCS	r9, r9, r9
+	ADCS	r10, r10, r10
+	MOV	lr, #0x0
+	ADCS	r11, r11, r11
+	ADC	lr, lr, #0x0
+	MOV	r12, #0x13
+	LSL	lr, lr, #1
+	ORR	lr, lr, r11, LSR #31
+	MUL	r12, lr, r12
+	ADDS	r4, r4, r12
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADCS	r9, r9, #0x0
+	BFC	r11, #31, #1
+	ADCS	r10, r10, #0x0
+	ADC	r11, r11, #0x0
+	STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}
+	/* Done Double */
+	ADD	r3, r1, #0x20
+	ADD	r2, r1, #0x40
+	ADD	r0, r1, #0x20
+	BL	fe_add_sub_op
+	ADD	r3, r0, #0x40
+	ADD	r2, sp, #0xc
+	ADD	r1, r0, #0x20
+	ADD	r0, r0, #0x40
+	BL	fe_add_sub_op
+	ADD	sp, sp, #0x2c
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 138 */
+	.size	ge_sub,.-ge_sub
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	sc_reduce
+	.type	sc_reduce, %function
+sc_reduce:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x38
+	STR	r0, [sp, #52]
+	/* Load bits 252-511 */
+	ADD	r0, r0, #0x1c
+	LDM	r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+	LSR	lr, r9, #24
+	LSL	r9, r9, #4
+	ORR	r9, r9, r8, LSR #28
+	LSL	r8, r8, #4
+	ORR	r8, r8, r7, LSR #28
+	LSL	r7, r7, #4
+	ORR	r7, r7, r6, LSR #28
+	LSL	r6, r6, #4
+	ORR	r6, r6, r5, LSR #28
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r9, #28, #4
+	SUB	r0, r0, #0x1c
+	/* Add order times bits 504..511 */
+	MOV	r10, #0x2c13
+	MOVT	r10, #0xa30a
+	MOV	r11, #0x9ce5
+	MOVT	r11, #0xa7ed
+	MOV	r1, #0x0
+	UMLAL	r2, r1, r10, lr
+	ADDS	r3, r3, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r3, r1, r11, lr
+	MOV	r10, #0x6329
+	MOVT	r10, #0x5d08
+	MOV	r11, #0x621
+	MOVT	r11, #0xeb21
+	ADDS	r4, r4, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r4, r1, r10, lr
+	ADDS	r5, r5, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r5, r1, r11, lr
+	ADDS	r6, r6, r1
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUBS	r6, r6, lr
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBC	r9, r9, #0x0
+	/* Sub product of top 8 words and order */
+	MOV	r12, sp
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0!, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	BFC	r11, #28, #4
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r0, r0, #0x10
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	/* Subtract at 4 * 32 */
+	LDM	r12, {r10, r11}
+	SUBS	r10, r10, r2
+	SBCS	r11, r11, r3
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r4
+	SBCS	r11, r11, r5
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r6
+	SBCS	r11, r11, r7
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r8
+	SBC	r11, r11, r9
+	STM	r12!, {r10, r11}
+	SUB	r12, r12, #0x24
+	ASR	lr, r11, #25
+	/* Conditionally subtract order starting at bit 125 */
+	MOV	r1, #0xa0000000
+	MOV	r2, #0xba7d
+	MOVT	r2, #0x4b9e
+	MOV	r3, #0x4c63
+	MOVT	r3, #0xcb02
+	MOV	r4, #0xf39a
+	MOVT	r4, #0xd45e
+	MOV	r5, #0xdf3b
+	MOVT	r5, #0x29b
+	MOV	r9, #0x2000000
+	AND	r1, r1, lr
+	AND	r2, r2, lr
+	AND	r3, r3, lr
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r9, r9, lr
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, r1
+	ADCS	r11, r11, r2
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r3
+	ADCS	r11, r11, r4
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r5
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, #0x0
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10}
+	ADCS	r10, r10, #0x0
+	STM	r12!, {r10}
+	SUB	r0, r0, #0x10
+	MOV	r12, sp
+	/* Load bits 252-376 */
+	ADD	r12, r12, #0x1c
+	LDM	r12, {r1, r2, r3, r4, r5}
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r5, #29, #3
+	SUB	r12, r12, #0x1c
+	/* Sub product of top 4 words and order */
+	MOV	r0, sp
+	/*   * -5cf5d3ed */
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, lr, r2, r1
+	ADDS	r7, r7, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r7, lr, r3, r1
+	ADDS	r8, r8, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r8, lr, r4, r1
+	ADDS	r9, r9, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r9, lr, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -5812631b */
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	r10, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r10, r2, r1
+	ADDS	r7, r7, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r7, r10, r3, r1
+	ADDS	r8, r8, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r8, r10, r4, r1
+	ADDS	r9, r9, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r9, r10, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -a2f79cd7 */
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	r11, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r11, r2, r1
+	ADDS	r7, r7, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r7, r11, r3, r1
+	ADDS	r8, r8, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r8, r11, r4, r1
+	ADDS	r9, r9, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r9, r11, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -14def9df */
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	r12, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r12, r2, r1
+	ADDS	r7, r7, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r7, r12, r3, r1
+	ADDS	r8, r8, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r8, r12, r4, r1
+	ADDS	r9, r9, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r9, r12, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/* Add overflows at 4 * 32 */
+	LDM	r0, {r6, r7, r8, r9}
+	BFC	r9, #28, #4
+	ADDS	r6, r6, lr
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADC	r9, r9, r12
+	/* Subtract top at 4 * 32 */
+	SUBS	r6, r6, r2
+	SBCS	r7, r7, r3
+	SBCS	r8, r8, r4
+	SBCS	r9, r9, r5
+	SBC	r1, r1, r1
+	SUB	r0, r0, #0x10
+	LDM	r0, {r2, r3, r4, r5}
+	MOV	r10, #0xd3ed
+	MOVT	r10, #0x5cf5
+	MOV	r11, #0x631a
+	MOVT	r11, #0x5812
+	MOV	r12, #0x9cd6
+	MOVT	r12, #0xa2f7
+	MOV	lr, #0xf9de
+	MOVT	lr, #0x14de
+	AND	r10, r10, r1
+	AND	r11, r11, r1
+	AND	r12, r12, r1
+	AND	lr, lr, r1
+	ADDS	r2, r2, r10
+	ADCS	r3, r3, r11
+	ADCS	r4, r4, r12
+	ADCS	r5, r5, lr
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	AND	r1, r1, #0x10000000
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, r1
+	BFC	r9, #28, #4
+	/* Store result */
+	LDR	r0, [sp, #52]
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADD	sp, sp, #0x38
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 588 */
+	.size	sc_reduce,.-sc_reduce
+#else
+	.text
+	.align	4
+	.globl	sc_reduce
+	.type	sc_reduce, %function
+sc_reduce:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x38
+	STR	r0, [sp, #52]
+	/* Load bits 252-511 */
+	ADD	r0, r0, #0x1c
+	LDM	r0, {r1, r2, r3, r4, r5, r6, r7, r8, r9}
+	LSR	lr, r9, #24
+	LSL	r9, r9, #4
+	ORR	r9, r9, r8, LSR #28
+	LSL	r8, r8, #4
+	ORR	r8, r8, r7, LSR #28
+	LSL	r7, r7, #4
+	ORR	r7, r7, r6, LSR #28
+	LSL	r6, r6, #4
+	ORR	r6, r6, r5, LSR #28
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r9, #28, #4
+	SUB	r0, r0, #0x1c
+	/* Add order times bits 504..511 */
+	MOV	r10, #0x2c13
+	MOVT	r10, #0xa30a
+	MOV	r11, #0x9ce5
+	MOVT	r11, #0xa7ed
+	MOV	r1, #0x0
+	UMLAL	r2, r1, r10, lr
+	UMAAL	r3, r1, r11, lr
+	MOV	r10, #0x6329
+	MOVT	r10, #0x5d08
+	MOV	r11, #0x621
+	MOVT	r11, #0xeb21
+	UMAAL	r4, r1, r10, lr
+	UMAAL	r5, r1, r11, lr
+	ADDS	r6, r6, r1
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUBS	r6, r6, lr
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBC	r9, r9, #0x0
+	/* Sub product of top 8 words and order */
+	MOV	r12, sp
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0!, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	BFC	r11, #28, #4
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r0, r0, #0x10
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	/* Subtract at 4 * 32 */
+	LDM	r12, {r10, r11}
+	SUBS	r10, r10, r2
+	SBCS	r11, r11, r3
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r4
+	SBCS	r11, r11, r5
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r6
+	SBCS	r11, r11, r7
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r8
+	SBC	r11, r11, r9
+	STM	r12!, {r10, r11}
+	SUB	r12, r12, #0x24
+	ASR	lr, r11, #25
+	/* Conditionally subtract order starting at bit 125 */
+	MOV	r1, #0xa0000000
+	MOV	r2, #0xba7d
+	MOVT	r2, #0x4b9e
+	MOV	r3, #0x4c63
+	MOVT	r3, #0xcb02
+	MOV	r4, #0xf39a
+	MOVT	r4, #0xd45e
+	MOV	r5, #0xdf3b
+	MOVT	r5, #0x29b
+	MOV	r9, #0x2000000
+	AND	r1, r1, lr
+	AND	r2, r2, lr
+	AND	r3, r3, lr
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r9, r9, lr
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, r1
+	ADCS	r11, r11, r2
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r3
+	ADCS	r11, r11, r4
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r5
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, #0x0
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10}
+	ADCS	r10, r10, #0x0
+	STM	r12!, {r10}
+	SUB	r0, r0, #0x10
+	MOV	r12, sp
+	/* Load bits 252-376 */
+	ADD	r12, r12, #0x1c
+	LDM	r12, {r1, r2, r3, r4, r5}
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r5, #29, #3
+	SUB	r12, r12, #0x1c
+	/* Sub product of top 4 words and order */
+	MOV	r0, sp
+	/*   * -5cf5d3ed */
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, lr, r2, r1
+	UMAAL	r7, lr, r3, r1
+	UMAAL	r8, lr, r4, r1
+	UMAAL	r9, lr, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -5812631b */
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	r10, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r10, r2, r1
+	UMAAL	r7, r10, r3, r1
+	UMAAL	r8, r10, r4, r1
+	UMAAL	r9, r10, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -a2f79cd7 */
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	r11, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r11, r2, r1
+	UMAAL	r7, r11, r3, r1
+	UMAAL	r8, r11, r4, r1
+	UMAAL	r9, r11, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -14def9df */
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	r12, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r12, r2, r1
+	UMAAL	r7, r12, r3, r1
+	UMAAL	r8, r12, r4, r1
+	UMAAL	r9, r12, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/* Add overflows at 4 * 32 */
+	LDM	r0, {r6, r7, r8, r9}
+	BFC	r9, #28, #4
+	ADDS	r6, r6, lr
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADC	r9, r9, r12
+	/* Subtract top at 4 * 32 */
+	SUBS	r6, r6, r2
+	SBCS	r7, r7, r3
+	SBCS	r8, r8, r4
+	SBCS	r9, r9, r5
+	SBC	r1, r1, r1
+	SUB	r0, r0, #0x10
+	LDM	r0, {r2, r3, r4, r5}
+	MOV	r10, #0xd3ed
+	MOVT	r10, #0x5cf5
+	MOV	r11, #0x631a
+	MOVT	r11, #0x5812
+	MOV	r12, #0x9cd6
+	MOVT	r12, #0xa2f7
+	MOV	lr, #0xf9de
+	MOVT	lr, #0x14de
+	AND	r10, r10, r1
+	AND	r11, r11, r1
+	AND	r12, r12, r1
+	AND	lr, lr, r1
+	ADDS	r2, r2, r10
+	ADCS	r3, r3, r11
+	ADCS	r4, r4, r12
+	ADCS	r5, r5, lr
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	AND	r1, r1, #0x10000000
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, r1
+	BFC	r9, #28, #4
+	/* Store result */
+	LDR	r0, [sp, #52]
+	STM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADD	sp, sp, #0x38
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 502 */
+	.size	sc_reduce,.-sc_reduce
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifdef HAVE_ED25519_SIGN
+#ifdef WOLFSSL_SP_NO_UMAAL
+	.text
+	.align	4
+	.globl	sc_muladd
+	.type	sc_muladd, %function
+sc_muladd:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x50
+	ADD	lr, sp, #0x44
+	STM	lr, {r0, r1, r3}
+	MOV	r0, #0x0
+	LDR	r12, [r1]
+	/* A[0] * B[0] */
+	LDR	lr, [r2]
+	UMULL	r3, r4, r12, lr
+	/* A[0] * B[2] */
+	LDR	lr, [r2, #8]
+	UMULL	r5, r6, r12, lr
+	/* A[0] * B[4] */
+	LDR	lr, [r2, #16]
+	UMULL	r7, r8, r12, lr
+	/* A[0] * B[6] */
+	LDR	lr, [r2, #24]
+	UMULL	r9, r10, r12, lr
+	STR	r3, [sp]
+	/* A[0] * B[1] */
+	LDR	lr, [r2, #4]
+	MOV	r11, r0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[0] * B[3] */
+	LDR	lr, [r2, #12]
+	ADCS	r6, r6, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[0] * B[5] */
+	LDR	lr, [r2, #20]
+	ADCS	r8, r8, #0x0
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[0] * B[7] */
+	LDR	lr, [r2, #28]
+	ADCS	r10, r10, #0x0
+	ADC	r3, r0, #0x0
+	UMLAL	r10, r3, r12, lr
+	/* A[1] * B[0] */
+	LDR	r12, [r1, #4]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r4, r11, r12, lr
+	STR	r4, [sp, #4]
+	ADDS	r5, r5, r11
+	/* A[1] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[1] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[1] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[1] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[1] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[1] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[1] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r4, r0, #0x0
+	UMLAL	r3, r4, r12, lr
+	/* A[2] * B[0] */
+	LDR	r12, [r1, #8]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r5, r11, r12, lr
+	STR	r5, [sp, #8]
+	ADDS	r6, r6, r11
+	/* A[2] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[2] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[2] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[2] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[2] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[2] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[2] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r5, r0, #0x0
+	UMLAL	r4, r5, r12, lr
+	/* A[3] * B[0] */
+	LDR	r12, [r1, #12]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r6, r11, r12, lr
+	STR	r6, [sp, #12]
+	ADDS	r7, r7, r11
+	/* A[3] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[3] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[3] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[3] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[3] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[3] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[3] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r6, r0, #0x0
+	UMLAL	r5, r6, r12, lr
+	/* A[4] * B[0] */
+	LDR	r12, [r1, #16]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r7, r11, r12, lr
+	STR	r7, [sp, #16]
+	ADDS	r8, r8, r11
+	/* A[4] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[4] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[4] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[4] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[4] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[4] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[4] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r7, r0, #0x0
+	UMLAL	r6, r7, r12, lr
+	/* A[5] * B[0] */
+	LDR	r12, [r1, #20]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r8, r11, r12, lr
+	STR	r8, [sp, #20]
+	ADDS	r9, r9, r11
+	/* A[5] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r9, r11, r12, lr
+	ADDS	r10, r10, r11
+	/* A[5] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[5] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[5] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[5] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[5] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[5] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r8, r0, #0x0
+	UMLAL	r7, r8, r12, lr
+	/* A[6] * B[0] */
+	LDR	r12, [r1, #24]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r9, r11, r12, lr
+	STR	r9, [sp, #24]
+	ADDS	r10, r10, r11
+	/* A[6] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r10, r11, r12, lr
+	ADDS	r3, r3, r11
+	/* A[6] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[6] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[6] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[6] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[6] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[6] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r9, r0, #0x0
+	UMLAL	r8, r9, r12, lr
+	/* A[7] * B[0] */
+	LDR	r12, [r1, #28]
+	LDR	lr, [r2]
+	MOV	r11, #0x0
+	UMLAL	r10, r11, r12, lr
+	STR	r10, [sp, #28]
+	ADDS	r3, r3, r11
+	/* A[7] * B[1] */
+	LDR	lr, [r2, #4]
+	ADC	r11, r0, #0x0
+	UMLAL	r3, r11, r12, lr
+	ADDS	r4, r4, r11
+	/* A[7] * B[2] */
+	LDR	lr, [r2, #8]
+	ADC	r11, r0, #0x0
+	UMLAL	r4, r11, r12, lr
+	ADDS	r5, r5, r11
+	/* A[7] * B[3] */
+	LDR	lr, [r2, #12]
+	ADC	r11, r0, #0x0
+	UMLAL	r5, r11, r12, lr
+	ADDS	r6, r6, r11
+	/* A[7] * B[4] */
+	LDR	lr, [r2, #16]
+	ADC	r11, r0, #0x0
+	UMLAL	r6, r11, r12, lr
+	ADDS	r7, r7, r11
+	/* A[7] * B[5] */
+	LDR	lr, [r2, #20]
+	ADC	r11, r0, #0x0
+	UMLAL	r7, r11, r12, lr
+	ADDS	r8, r8, r11
+	/* A[7] * B[6] */
+	LDR	lr, [r2, #24]
+	ADC	r11, r0, #0x0
+	UMLAL	r8, r11, r12, lr
+	ADDS	r9, r9, r11
+	/* A[7] * B[7] */
+	LDR	lr, [r2, #28]
+	ADC	r10, r0, #0x0
+	UMLAL	r9, r10, r12, lr
+	ADD	lr, sp, #0x20
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	MOV	r0, sp
+	/* Add c to a * b */
+	LDR	lr, [sp, #76]
+	LDM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	LDM	lr!, {r1, r10, r11, r12}
+	ADDS	r2, r2, r1
+	ADCS	r3, r3, r10
+	ADCS	r4, r4, r11
+	ADCS	r5, r5, r12
+	LDM	lr!, {r1, r10, r11, r12}
+	ADCS	r6, r6, r1
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADCS	r9, r9, r12
+	MOV	r1, r9
+	STM	r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+	LDM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUB	r0, r0, #0x20
+	/* Get 252..503 and 504..507 */
+	LSR	lr, r9, #24
+	LSL	r9, r9, #4
+	ORR	r9, r9, r8, LSR #28
+	LSL	r8, r8, #4
+	ORR	r8, r8, r7, LSR #28
+	LSL	r7, r7, #4
+	ORR	r7, r7, r6, LSR #28
+	LSL	r6, r6, #4
+	ORR	r6, r6, r5, LSR #28
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r9, #28, #4
+	/* Add order times bits 504..507 */
+	MOV	r10, #0x2c13
+	MOVT	r10, #0xa30a
+	MOV	r11, #0x9ce5
+	MOVT	r11, #0xa7ed
+	MOV	r1, #0x0
+	UMLAL	r2, r1, r10, lr
+	ADDS	r3, r3, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r3, r1, r11, lr
+	MOV	r10, #0x6329
+	MOVT	r10, #0x5d08
+	MOV	r11, #0x621
+	MOVT	r11, #0xeb21
+	ADDS	r4, r4, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r4, r1, r10, lr
+	ADDS	r5, r5, r1
+	MOV	r1, #0x0
+	ADC	r1, r1, #0x0
+	UMLAL	r5, r1, r11, lr
+	ADDS	r6, r6, r1
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUBS	r6, r6, lr
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBC	r9, r9, #0x0
+	/* Sub product of top 8 words and order */
+	MOV	r12, sp
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0!, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	BFC	r11, #28, #4
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r0, r0, #0x10
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r4, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r6, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r10, lr, r8, r1
+	ADDS	r11, r11, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	/* Subtract at 4 * 32 */
+	LDM	r12, {r10, r11}
+	SUBS	r10, r10, r2
+	SBCS	r11, r11, r3
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r4
+	SBCS	r11, r11, r5
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r6
+	SBCS	r11, r11, r7
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r8
+	SBC	r11, r11, r9
+	STM	r12!, {r10, r11}
+	SUB	r12, r12, #0x24
+	ASR	lr, r11, #25
+	/* Conditionally subtract order starting at bit 125 */
+	MOV	r1, #0xa0000000
+	MOV	r2, #0xba7d
+	MOVT	r2, #0x4b9e
+	MOV	r3, #0x4c63
+	MOVT	r3, #0xcb02
+	MOV	r4, #0xf39a
+	MOVT	r4, #0xd45e
+	MOV	r5, #0xdf3b
+	MOVT	r5, #0x29b
+	MOV	r9, #0x2000000
+	AND	r1, r1, lr
+	AND	r2, r2, lr
+	AND	r3, r3, lr
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r9, r9, lr
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, r1
+	ADCS	r11, r11, r2
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r3
+	ADCS	r11, r11, r4
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r5
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, #0x0
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10}
+	ADCS	r10, r10, #0x0
+	STM	r12!, {r10}
+	SUB	r0, r0, #0x10
+	MOV	r12, sp
+	/* Load bits 252-376 */
+	ADD	r12, r12, #0x1c
+	LDM	r12, {r1, r2, r3, r4, r5}
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r5, #29, #3
+	SUB	r12, r12, #0x1c
+	/* Sub product of top 4 words and order */
+	MOV	r0, sp
+	/*   * -5cf5d3ed */
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, lr, r2, r1
+	ADDS	r7, r7, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r7, lr, r3, r1
+	ADDS	r8, r8, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r8, lr, r4, r1
+	ADDS	r9, r9, lr
+	MOV	lr, #0x0
+	ADC	lr, lr, #0x0
+	UMLAL	r9, lr, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -5812631b */
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	r10, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r10, r2, r1
+	ADDS	r7, r7, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r7, r10, r3, r1
+	ADDS	r8, r8, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r8, r10, r4, r1
+	ADDS	r9, r9, r10
+	MOV	r10, #0x0
+	ADC	r10, r10, #0x0
+	UMLAL	r9, r10, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -a2f79cd7 */
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	r11, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r11, r2, r1
+	ADDS	r7, r7, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r7, r11, r3, r1
+	ADDS	r8, r8, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r8, r11, r4, r1
+	ADDS	r9, r9, r11
+	MOV	r11, #0x0
+	ADC	r11, r11, #0x0
+	UMLAL	r9, r11, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -14def9df */
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	r12, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r12, r2, r1
+	ADDS	r7, r7, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r7, r12, r3, r1
+	ADDS	r8, r8, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r8, r12, r4, r1
+	ADDS	r9, r9, r12
+	MOV	r12, #0x0
+	ADC	r12, r12, #0x0
+	UMLAL	r9, r12, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/* Add overflows at 4 * 32 */
+	LDM	r0, {r6, r7, r8, r9}
+	BFC	r9, #28, #4
+	ADDS	r6, r6, lr
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADC	r9, r9, r12
+	/* Subtract top at 4 * 32 */
+	SUBS	r6, r6, r2
+	SBCS	r7, r7, r3
+	SBCS	r8, r8, r4
+	SBCS	r9, r9, r5
+	SBC	r1, r1, r1
+	SUB	r0, r0, #0x10
+	LDM	r0, {r2, r3, r4, r5}
+	MOV	r10, #0xd3ed
+	MOVT	r10, #0x5cf5
+	MOV	r11, #0x631a
+	MOVT	r11, #0x5812
+	MOV	r12, #0x9cd6
+	MOVT	r12, #0xa2f7
+	MOV	lr, #0xf9de
+	MOVT	lr, #0x14de
+	AND	r10, r10, r1
+	AND	r11, r11, r1
+	AND	r12, r12, r1
+	AND	lr, lr, r1
+	ADDS	r2, r2, r10
+	ADCS	r3, r3, r11
+	ADCS	r4, r4, r12
+	ADCS	r5, r5, lr
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	AND	r1, r1, #0x10000000
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, r1
+	BFC	r9, #28, #4
+	LDR	r0, [sp, #68]
+	/* Store result */
+	STR	r2, [r0]
+	STR	r3, [r0, #4]
+	STR	r4, [r0, #8]
+	STR	r5, [r0, #12]
+	STR	r6, [r0, #16]
+	STR	r7, [r0, #20]
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #28]
+	ADD	sp, sp, #0x50
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 994 */
+	.size	sc_muladd,.-sc_muladd
+#else
+	.text
+	.align	4
+	.globl	sc_muladd
+	.type	sc_muladd, %function
+sc_muladd:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0x50
+	ADD	lr, sp, #0x44
+	STM	lr, {r0, r1, r3}
+	MOV	lr, r2
+	LDM	r1, {r0, r1, r2, r3}
+	LDM	lr!, {r4, r5, r6}
+	UMULL	r10, r11, r0, r4
+	UMULL	r12, r7, r1, r4
+	UMAAL	r11, r12, r0, r5
+	UMULL	r8, r9, r2, r4
+	UMAAL	r12, r8, r1, r5
+	UMAAL	r12, r7, r0, r6
+	UMAAL	r8, r9, r3, r4
+	STM	sp, {r10, r11, r12}
+	UMAAL	r7, r8, r2, r5
+	LDM	lr!, {r4}
+	UMULL	r10, r11, r1, r6
+	UMAAL	r8, r9, r2, r6
+	UMAAL	r7, r10, r0, r4
+	UMAAL	r8, r11, r3, r5
+	STR	r7, [sp, #12]
+	UMAAL	r8, r10, r1, r4
+	UMAAL	r9, r11, r3, r6
+	UMAAL	r9, r10, r2, r4
+	UMAAL	r10, r11, r3, r4
+	LDM	lr, {r4, r5, r6, r7}
+	MOV	r12, #0x0
+	UMLAL	r8, r12, r0, r4
+	UMAAL	r9, r12, r1, r4
+	UMAAL	r10, r12, r2, r4
+	UMAAL	r11, r12, r3, r4
+	MOV	r4, #0x0
+	UMLAL	r9, r4, r0, r5
+	UMAAL	r10, r4, r1, r5
+	UMAAL	r11, r4, r2, r5
+	UMAAL	r12, r4, r3, r5
+	MOV	r5, #0x0
+	UMLAL	r10, r5, r0, r6
+	UMAAL	r11, r5, r1, r6
+	UMAAL	r12, r5, r2, r6
+	UMAAL	r4, r5, r3, r6
+	MOV	r6, #0x0
+	UMLAL	r11, r6, r0, r7
+	LDR	r0, [sp, #72]
+	UMAAL	r12, r6, r1, r7
+	ADD	r0, r0, #0x10
+	UMAAL	r4, r6, r2, r7
+	SUB	lr, lr, #0x10
+	UMAAL	r5, r6, r3, r7
+	LDM	r0, {r0, r1, r2, r3}
+	STR	r6, [sp, #64]
+	LDM	lr!, {r6}
+	MOV	r7, #0x0
+	UMLAL	r8, r7, r0, r6
+	UMAAL	r9, r7, r1, r6
+	STR	r8, [sp, #16]
+	UMAAL	r10, r7, r2, r6
+	UMAAL	r11, r7, r3, r6
+	LDM	lr!, {r6}
+	MOV	r8, #0x0
+	UMLAL	r9, r8, r0, r6
+	UMAAL	r10, r8, r1, r6
+	STR	r9, [sp, #20]
+	UMAAL	r11, r8, r2, r6
+	UMAAL	r12, r8, r3, r6
+	LDM	lr!, {r6}
+	MOV	r9, #0x0
+	UMLAL	r10, r9, r0, r6
+	UMAAL	r11, r9, r1, r6
+	STR	r10, [sp, #24]
+	UMAAL	r12, r9, r2, r6
+	UMAAL	r4, r9, r3, r6
+	LDM	lr!, {r6}
+	MOV	r10, #0x0
+	UMLAL	r11, r10, r0, r6
+	UMAAL	r12, r10, r1, r6
+	STR	r11, [sp, #28]
+	UMAAL	r4, r10, r2, r6
+	UMAAL	r5, r10, r3, r6
+	LDM	lr!, {r11}
+	UMAAL	r12, r7, r0, r11
+	UMAAL	r4, r7, r1, r11
+	LDR	r6, [sp, #64]
+	UMAAL	r5, r7, r2, r11
+	UMAAL	r6, r7, r3, r11
+	LDM	lr!, {r11}
+	UMAAL	r4, r8, r0, r11
+	UMAAL	r5, r8, r1, r11
+	UMAAL	r6, r8, r2, r11
+	UMAAL	r7, r8, r3, r11
+	LDM	lr, {r11, lr}
+	UMAAL	r5, r9, r0, r11
+	UMAAL	r6, r10, r0, lr
+	UMAAL	r6, r9, r1, r11
+	UMAAL	r7, r10, r1, lr
+	UMAAL	r7, r9, r2, r11
+	UMAAL	r8, r10, r2, lr
+	UMAAL	r8, r9, r3, r11
+	UMAAL	r9, r10, r3, lr
+	MOV	r3, r12
+	ADD	lr, sp, #0x20
+	STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}
+	MOV	r0, sp
+	/* Add c to a * b */
+	LDR	lr, [sp, #76]
+	LDM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	LDM	lr!, {r1, r10, r11, r12}
+	ADDS	r2, r2, r1
+	ADCS	r3, r3, r10
+	ADCS	r4, r4, r11
+	ADCS	r5, r5, r12
+	LDM	lr!, {r1, r10, r11, r12}
+	ADCS	r6, r6, r1
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADCS	r9, r9, r12
+	MOV	r1, r9
+	STM	r0!, {r2, r3, r4, r5, r6, r7, r8, r9}
+	LDM	r0, {r2, r3, r4, r5, r6, r7, r8, r9}
+	ADCS	r2, r2, #0x0
+	ADCS	r3, r3, #0x0
+	ADCS	r4, r4, #0x0
+	ADCS	r5, r5, #0x0
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUB	r0, r0, #0x20
+	/* Get 252..503 and 504..507 */
+	LSR	lr, r9, #24
+	LSL	r9, r9, #4
+	ORR	r9, r9, r8, LSR #28
+	LSL	r8, r8, #4
+	ORR	r8, r8, r7, LSR #28
+	LSL	r7, r7, #4
+	ORR	r7, r7, r6, LSR #28
+	LSL	r6, r6, #4
+	ORR	r6, r6, r5, LSR #28
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r9, #28, #4
+	/* Add order times bits 504..507 */
+	MOV	r10, #0x2c13
+	MOVT	r10, #0xa30a
+	MOV	r11, #0x9ce5
+	MOVT	r11, #0xa7ed
+	MOV	r1, #0x0
+	UMLAL	r2, r1, r10, lr
+	UMAAL	r3, r1, r11, lr
+	MOV	r10, #0x6329
+	MOVT	r10, #0x5d08
+	MOV	r11, #0x621
+	MOVT	r11, #0xeb21
+	UMAAL	r4, r1, r10, lr
+	UMAAL	r5, r1, r11, lr
+	ADDS	r6, r6, r1
+	ADCS	r7, r7, #0x0
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, #0x0
+	SUBS	r6, r6, lr
+	SBCS	r7, r7, #0x0
+	SBCS	r8, r8, #0x0
+	SBC	r9, r9, #0x0
+	/* Sub product of top 8 words and order */
+	MOV	r12, sp
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0!, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r0!, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	BFC	r11, #28, #4
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r0, r0, #0x10
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	lr, #0x0
+	LDM	r12, {r10, r11}
+	UMLAL	r10, lr, r2, r1
+	UMAAL	r11, lr, r3, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r4, r1
+	UMAAL	r11, lr, r5, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r6, r1
+	UMAAL	r11, lr, r7, r1
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	UMAAL	r10, lr, r8, r1
+	UMAAL	r11, lr, r9, r1
+	STM	r12!, {r10, r11, lr}
+	SUB	r12, r12, #0x20
+	/* Subtract at 4 * 32 */
+	LDM	r12, {r10, r11}
+	SUBS	r10, r10, r2
+	SBCS	r11, r11, r3
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r4
+	SBCS	r11, r11, r5
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r6
+	SBCS	r11, r11, r7
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	SBCS	r10, r10, r8
+	SBC	r11, r11, r9
+	STM	r12!, {r10, r11}
+	SUB	r12, r12, #0x24
+	ASR	lr, r11, #25
+	/* Conditionally subtract order starting at bit 125 */
+	MOV	r1, #0xa0000000
+	MOV	r2, #0xba7d
+	MOVT	r2, #0x4b9e
+	MOV	r3, #0x4c63
+	MOVT	r3, #0xcb02
+	MOV	r4, #0xf39a
+	MOVT	r4, #0xd45e
+	MOV	r5, #0xdf3b
+	MOVT	r5, #0x29b
+	MOV	r9, #0x2000000
+	AND	r1, r1, lr
+	AND	r2, r2, lr
+	AND	r3, r3, lr
+	AND	r4, r4, lr
+	AND	r5, r5, lr
+	AND	r9, r9, lr
+	LDM	r12, {r10, r11}
+	ADDS	r10, r10, r1
+	ADCS	r11, r11, r2
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r3
+	ADCS	r11, r11, r4
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, r5
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10, r11}
+	ADCS	r10, r10, #0x0
+	ADCS	r11, r11, #0x0
+	STM	r12!, {r10, r11}
+	LDM	r12, {r10}
+	ADCS	r10, r10, #0x0
+	STM	r12!, {r10}
+	SUB	r0, r0, #0x10
+	MOV	r12, sp
+	/* Load bits 252-376 */
+	ADD	r12, r12, #0x1c
+	LDM	r12, {r1, r2, r3, r4, r5}
+	LSL	r5, r5, #4
+	ORR	r5, r5, r4, LSR #28
+	LSL	r4, r4, #4
+	ORR	r4, r4, r3, LSR #28
+	LSL	r3, r3, #4
+	ORR	r3, r3, r2, LSR #28
+	LSL	r2, r2, #4
+	ORR	r2, r2, r1, LSR #28
+	BFC	r5, #29, #3
+	SUB	r12, r12, #0x1c
+	/* Sub product of top 4 words and order */
+	MOV	r0, sp
+	/*   * -5cf5d3ed */
+	MOV	r1, #0x2c13
+	MOVT	r1, #0xa30a
+	MOV	lr, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, lr, r2, r1
+	UMAAL	r7, lr, r3, r1
+	UMAAL	r8, lr, r4, r1
+	UMAAL	r9, lr, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -5812631b */
+	MOV	r1, #0x9ce5
+	MOVT	r1, #0xa7ed
+	MOV	r10, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r10, r2, r1
+	UMAAL	r7, r10, r3, r1
+	UMAAL	r8, r10, r4, r1
+	UMAAL	r9, r10, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -a2f79cd7 */
+	MOV	r1, #0x6329
+	MOVT	r1, #0x5d08
+	MOV	r11, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r11, r2, r1
+	UMAAL	r7, r11, r3, r1
+	UMAAL	r8, r11, r4, r1
+	UMAAL	r9, r11, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/*   * -14def9df */
+	MOV	r1, #0x621
+	MOVT	r1, #0xeb21
+	MOV	r12, #0x0
+	LDM	r0, {r6, r7, r8, r9}
+	UMLAL	r6, r12, r2, r1
+	UMAAL	r7, r12, r3, r1
+	UMAAL	r8, r12, r4, r1
+	UMAAL	r9, r12, r5, r1
+	STM	r0, {r6, r7, r8, r9}
+	ADD	r0, r0, #0x4
+	/* Add overflows at 4 * 32 */
+	LDM	r0, {r6, r7, r8, r9}
+	BFC	r9, #28, #4
+	ADDS	r6, r6, lr
+	ADCS	r7, r7, r10
+	ADCS	r8, r8, r11
+	ADC	r9, r9, r12
+	/* Subtract top at 4 * 32 */
+	SUBS	r6, r6, r2
+	SBCS	r7, r7, r3
+	SBCS	r8, r8, r4
+	SBCS	r9, r9, r5
+	SBC	r1, r1, r1
+	SUB	r0, r0, #0x10
+	LDM	r0, {r2, r3, r4, r5}
+	MOV	r10, #0xd3ed
+	MOVT	r10, #0x5cf5
+	MOV	r11, #0x631a
+	MOVT	r11, #0x5812
+	MOV	r12, #0x9cd6
+	MOVT	r12, #0xa2f7
+	MOV	lr, #0xf9de
+	MOVT	lr, #0x14de
+	AND	r10, r10, r1
+	AND	r11, r11, r1
+	AND	r12, r12, r1
+	AND	lr, lr, r1
+	ADDS	r2, r2, r10
+	ADCS	r3, r3, r11
+	ADCS	r4, r4, r12
+	ADCS	r5, r5, lr
+	ADCS	r6, r6, #0x0
+	ADCS	r7, r7, #0x0
+	AND	r1, r1, #0x10000000
+	ADCS	r8, r8, #0x0
+	ADC	r9, r9, r1
+	BFC	r9, #28, #4
+	LDR	r0, [sp, #68]
+	/* Store result */
+	STR	r2, [r0]
+	STR	r3, [r0, #4]
+	STR	r4, [r0, #8]
+	STR	r5, [r0, #12]
+	STR	r6, [r0, #16]
+	STR	r7, [r0, #20]
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #28]
+	ADD	sp, sp, #0x50
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 752 */
+	.size	sc_muladd,.-sc_muladd
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section        .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c
new file mode 100644
index 00000000..0457266c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519_c.c
@@ -0,0 +1,6910 @@
+/* thumb2-curve25519
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./x25519/x25519.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-curve25519.c
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+/* Based on work by: Emil Lenngren
+ * https://github.com/pornin/X25519-Cortex-M4
+ */
+
+#include <wolfssl/wolfcrypt/fe_operations.h>
+#define CURVED25519_ASM
+#include <wolfssl/wolfcrypt/ge_operations.h>
+
+#if defined(HAVE_CURVE25519) || defined(HAVE_ED25519)
+#if !defined(CURVE25519_SMALL) || !defined(ED25519_SMALL)
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_init()
+#else
+void fe_init()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        "\n\t"
+        :
+        :
+        : "memory", "cc"
+    );
+}
+
+void fe_add_sub_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add_sub_op()
+#else
+void fe_add_sub_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        /* Add-Sub */
+        "LDRD	r4, r5, [r2]\n\t"
+        "LDRD	r6, r7, [r3]\n\t"
+        /*  Add */
+        "ADDS	r8, r4, r6\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADCS	r9, r5, r7\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "STRD	r8, r9, [r0]\n\t"
+        /*  Sub */
+        "SUBS	r10, r4, r6\n\t"
+        "SBCS	r11, r5, r7\n\t"
+        "STRD	r10, r11, [r1]\n\t"
+        "LDRD	r4, r5, [r2, #8]\n\t"
+        "LDRD	r6, r7, [r3, #8]\n\t"
+        /*  Sub */
+        "SBCS	r10, r4, r6\n\t"
+        "MOV	lr, #0x0\n\t"
+        "SBCS	r11, r5, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STRD	r10, r11, [r1, #8]\n\t"
+        /*  Add */
+        "SUBS	r12, r12, #0x1\n\t"
+        "ADCS	r8, r4, r6\n\t"
+        "ADCS	r9, r5, r7\n\t"
+        "STRD	r8, r9, [r0, #8]\n\t"
+        "LDRD	r4, r5, [r2, #16]\n\t"
+        "LDRD	r6, r7, [r3, #16]\n\t"
+        /*  Add */
+        "ADCS	r8, r4, r6\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADCS	r9, r5, r7\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "STRD	r8, r9, [r0, #16]\n\t"
+        /*  Sub */
+        "SUBS	lr, lr, #0x1\n\t"
+        "SBCS	r10, r4, r6\n\t"
+        "SBCS	r11, r5, r7\n\t"
+        "STRD	r10, r11, [r1, #16]\n\t"
+        "LDRD	r4, r5, [r2, #24]\n\t"
+        "LDRD	r6, r7, [r3, #24]\n\t"
+        /*  Sub */
+        "SBCS	r10, r4, r6\n\t"
+        "SBC	r11, r5, r7\n\t"
+        /*  Add */
+        "SUBS	r12, r12, #0x1\n\t"
+        "ADCS	r8, r4, r6\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADCS	r9, r5, r7\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        /*   Multiply -modulus by overflow */
+        "LSL	r3, r12, #1\n\t"
+        "MOV	r12, #0x13\n\t"
+        "ORR	r3, r3, r9, LSR #31\n\t"
+        "MUL	r12, r3, r12\n\t"
+        /*   Add -x*modulus (if overflow) */
+        "LDRD	r4, r5, [r0]\n\t"
+        "LDRD	r6, r7, [r0, #8]\n\t"
+        "ADDS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "STRD	r4, r5, [r0]\n\t"
+        "STRD	r6, r7, [r0, #8]\n\t"
+        "LDRD	r4, r5, [r0, #16]\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "STRD	r4, r5, [r0, #16]\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "STRD	r8, r9, [r0, #24]\n\t"
+        /*   Add -modulus on underflow */
+        "MOV	lr, #0x13\n\t"
+        "AND	lr, lr, r11, ASR #31\n\t"
+        "LDM	r1, {r4, r5, r6, r7, r8, r9}\n\t"
+        "SUBS	r4, r4, lr\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBC	r11, r11, #0x0\n\t"
+        "STM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Add-Sub */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+void fe_sub_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sub_op()
+#else
+void fe_sub_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        /* Sub */
+        "LDM	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        "LDM	r1!, {r2, r3, r4, r5}\n\t"
+        "SUBS	r6, r2, r6\n\t"
+        "SBCS	r7, r3, r7\n\t"
+        "SBCS	r8, r4, r8\n\t"
+        "SBCS	r9, r5, r9\n\t"
+        "LDM	r1!, {r2, r3, r4, r5}\n\t"
+        "SBCS	r10, r2, r10\n\t"
+        "SBCS	r11, r3, r11\n\t"
+        "SBCS	r12, r4, r12\n\t"
+        "SBC	lr, r5, lr\n\t"
+        "MOV	r2, #0x13\n\t"
+        "AND	r2, r2, lr, ASR #31\n\t"
+        "SUBS	r6, r6, r2\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBCS	r11, r11, #0x0\n\t"
+        "BFC	lr, #31, #1\n\t"
+        "SBCS	r12, r12, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
+        "STM	r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        /* Done Sub */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sub(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_sub(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+    register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "BL	fe_sub_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+void fe_add_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add_op()
+#else
+void fe_add_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        /* Add */
+        "LDM	r2!, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        "LDM	r1!, {r2, r3, r4, r5}\n\t"
+        "ADDS	r6, r2, r6\n\t"
+        "ADCS	r7, r3, r7\n\t"
+        "ADCS	r8, r4, r8\n\t"
+        "ADCS	r9, r5, r9\n\t"
+        "LDM	r1!, {r2, r3, r4, r5}\n\t"
+        "ADCS	r10, r2, r10\n\t"
+        "ADCS	r11, r3, r11\n\t"
+        "ADCS	r12, r4, r12\n\t"
+        "ADC	lr, r5, lr\n\t"
+        "MOV	r2, #0x13\n\t"
+        "AND	r2, r2, lr, ASR #31\n\t"
+        "ADDS	r6, r6, r2\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "BFC	lr, #31, #1\n\t"
+        "ADCS	r12, r12, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0, {r6, r7, r8, r9, r10, r11, r12, lr}\n\t"
+        /* Done Add */
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_add(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_add(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+    register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "BL	fe_add_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifdef HAVE_ED25519
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_frombytes(fe out_p, const unsigned char* in_p)
+#else
+void fe_frombytes(fe out, const unsigned char* in)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* out __asm__ ("r0") = (sword32*)out_p;
+    register const unsigned char* in __asm__ ("r1") = (const unsigned char*)in_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	r2, [%[in]]\n\t"
+        "LDR	r3, [%[in], #4]\n\t"
+        "LDR	r4, [%[in], #8]\n\t"
+        "LDR	r5, [%[in], #12]\n\t"
+        "LDR	r6, [%[in], #16]\n\t"
+        "LDR	r7, [%[in], #20]\n\t"
+        "LDR	r8, [%[in], #24]\n\t"
+        "LDR	r9, [%[in], #28]\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "STR	r2, [%[out]]\n\t"
+        "STR	r3, [%[out], #4]\n\t"
+        "STR	r4, [%[out], #8]\n\t"
+        "STR	r5, [%[out], #12]\n\t"
+        "STR	r6, [%[out], #16]\n\t"
+        "STR	r7, [%[out], #20]\n\t"
+        "STR	r8, [%[out], #24]\n\t"
+        "STR	r9, [%[out], #28]\n\t"
+        : [out] "+r" (out), [in] "+r" (in)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_tobytes(unsigned char* out_p, const fe n_p)
+#else
+void fe_tobytes(unsigned char* out, const fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register unsigned char* out __asm__ ("r0") = (unsigned char*)out_p;
+    register const sword32* n __asm__ ("r1") = (const sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADDS	r10, r2, #0x13\n\t"
+        "ADCS	r10, r3, #0x0\n\t"
+        "ADCS	r10, r4, #0x0\n\t"
+        "ADCS	r10, r5, #0x0\n\t"
+        "ADCS	r10, r6, #0x0\n\t"
+        "ADCS	r10, r7, #0x0\n\t"
+        "ADCS	r10, r8, #0x0\n\t"
+        "ADC	r10, r9, #0x0\n\t"
+        "ASR	r10, r10, #31\n\t"
+        "AND	r10, r10, #0x13\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "STR	r2, [%[out]]\n\t"
+        "STR	r3, [%[out], #4]\n\t"
+        "STR	r4, [%[out], #8]\n\t"
+        "STR	r5, [%[out], #12]\n\t"
+        "STR	r6, [%[out], #16]\n\t"
+        "STR	r7, [%[out], #20]\n\t"
+        "STR	r8, [%[out], #24]\n\t"
+        "STR	r9, [%[out], #28]\n\t"
+        : [out] "+r" (out), [n] "+r" (n)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_1(fe n_p)
+#else
+void fe_1(fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* n __asm__ ("r0") = (sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* Set one */
+        "MOV	r2, #0x1\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "STM	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        : [n] "+r" (n)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_0(fe n_p)
+#else
+void fe_0(fe n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* n __asm__ ("r0") = (sword32*)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* Set zero */
+        "MOV	r2, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "STM	%[n], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        : [n] "+r" (n)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_copy(fe r_p, const fe a_p)
+#else
+void fe_copy(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* Copy */
+        "LDRD	r2, r3, [%[a]]\n\t"
+        "LDRD	r4, r5, [%[a], #8]\n\t"
+        "STRD	r2, r3, [%[r]]\n\t"
+        "STRD	r4, r5, [%[r], #8]\n\t"
+        "LDRD	r2, r3, [%[a], #16]\n\t"
+        "LDRD	r4, r5, [%[a], #24]\n\t"
+        "STRD	r2, r3, [%[r], #16]\n\t"
+        "STRD	r4, r5, [%[r], #24]\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_neg(fe r_p, const fe a_p)
+#else
+void fe_neg(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MVN	r7, #0x0\n\t"
+        "MVN	r6, #0x12\n\t"
+        "LDM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SUBS	r2, r6, r2\n\t"
+        "SBCS	r3, r7, r3\n\t"
+        "SBCS	r4, r7, r4\n\t"
+        "SBCS	r5, r7, r5\n\t"
+        "STM	%[r]!, {r2, r3, r4, r5}\n\t"
+        "MVN	r6, #0x80000000\n\t"
+        "LDM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBCS	r2, r7, r2\n\t"
+        "SBCS	r3, r7, r3\n\t"
+        "SBCS	r4, r7, r4\n\t"
+        "SBC	r5, r6, r5\n\t"
+        "STM	%[r]!, {r2, r3, r4, r5}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int fe_isnonzero(const fe a_p)
+#else
+int fe_isnonzero(const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sword32* a __asm__ ("r0") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADDS	r1, r2, #0x13\n\t"
+        "ADCS	r1, r3, #0x0\n\t"
+        "ADCS	r1, r4, #0x0\n\t"
+        "ADCS	r1, r5, #0x0\n\t"
+        "ADCS	r1, r6, #0x0\n\t"
+        "ADCS	r1, r7, #0x0\n\t"
+        "ADCS	r1, r8, #0x0\n\t"
+        "ADC	r1, r9, #0x0\n\t"
+        "ASR	r1, r1, #31\n\t"
+        "AND	r1, r1, #0x13\n\t"
+        "ADDS	r2, r2, r1\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "ORR	r2, r2, r3\n\t"
+        "ORR	r4, r4, r5\n\t"
+        "ORR	r6, r6, r7\n\t"
+        "ORR	r8, r8, r9\n\t"
+        "ORR	r4, r4, r6\n\t"
+        "ORR	r2, r2, r8\n\t"
+        "ORR	%[a], r2, r4\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)a;
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int fe_isnegative(const fe a_p)
+#else
+int fe_isnegative(const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sword32* a __asm__ ("r0") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "ADDS	r1, r2, #0x13\n\t"
+        "ADCS	r1, r3, #0x0\n\t"
+        "ADCS	r1, r4, #0x0\n\t"
+        "ADCS	r1, r5, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "ADCS	r1, r2, #0x0\n\t"
+        "ADCS	r1, r3, #0x0\n\t"
+        "ADCS	r1, r4, #0x0\n\t"
+        "LDR	r2, [%[a], #-16]\n\t"
+        "ADC	r1, r5, #0x0\n\t"
+        "AND	%[a], r2, #0x1\n\t"
+        "LSR	r1, r1, #31\n\t"
+        "EOR	%[a], %[a], r1\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
+    );
+    return (uint32_t)(size_t)a;
+}
+
+#if defined(HAVE_ED25519_MAKE_KEY) || defined(HAVE_ED25519_SIGN)
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
+#else
+void fe_cmov_table(fe* r, fe* base, signed char b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register fe* r __asm__ ("r0") = (fe*)r_p;
+    register fe* base __asm__ ("r1") = (fe*)base_p;
+    register signed char b __asm__ ("r2") = (signed char)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SXTB	%[b], %[b]\n\t"
+        "SBFX	r3, %[b], #7, #1\n\t"
+        "EOR	r12, %[b], r3\n\t"
+        "SUB	r12, r12, r3\n\t"
+        "MOV	r4, #0x1\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #31\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #30\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #29\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #28\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #27\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #26\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #25\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #24\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base]]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #32]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #64]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "SUB	%[base], %[base], #0x2a0\n\t"
+        "MVN	r10, #0x12\n\t"
+        "MVN	r11, #0x0\n\t"
+        "SUBS	r10, r10, r8\n\t"
+        "SBCS	r11, r11, r9\n\t"
+        "SBC	lr, lr, lr\n\t"
+        "ASR	r12, %[b], #31\n\t"
+        "EOR	r3, r4, r6\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r6, r6, r3\n\t"
+        "EOR	r3, r5, r7\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r5, r5, r3\n\t"
+        "EOR	r7, r7, r3\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "AND	r10, r10, r12\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r11, r11, r12\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "STRD	r4, r5, [%[r]]\n\t"
+        "STRD	r6, r7, [%[r], #32]\n\t"
+        "STRD	r8, r9, [%[r], #64]\n\t"
+        "SBFX	r3, %[b], #7, #1\n\t"
+        "EOR	r12, %[b], r3\n\t"
+        "SUB	r12, r12, r3\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #31\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #30\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #29\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #28\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #27\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #26\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #25\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #24\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #8]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #40]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #72]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "SUB	%[base], %[base], #0x2a0\n\t"
+        "MVN	r10, #0x0\n\t"
+        "MVN	r11, #0x0\n\t"
+        "RSBS	lr, lr, #0x0\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBCS	r11, r11, r9\n\t"
+        "SBC	lr, lr, lr\n\t"
+        "ASR	r12, %[b], #31\n\t"
+        "EOR	r3, r4, r6\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r6, r6, r3\n\t"
+        "EOR	r3, r5, r7\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r5, r5, r3\n\t"
+        "EOR	r7, r7, r3\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "AND	r10, r10, r12\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r11, r11, r12\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "STRD	r4, r5, [%[r], #8]\n\t"
+        "STRD	r6, r7, [%[r], #40]\n\t"
+        "STRD	r8, r9, [%[r], #72]\n\t"
+        "SBFX	r3, %[b], #7, #1\n\t"
+        "EOR	r12, %[b], r3\n\t"
+        "SUB	r12, r12, r3\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #31\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #30\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #29\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #28\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #27\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #26\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #25\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #24\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #48]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #80]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "SUB	%[base], %[base], #0x2a0\n\t"
+        "MVN	r10, #0x0\n\t"
+        "MVN	r11, #0x0\n\t"
+        "RSBS	lr, lr, #0x0\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBCS	r11, r11, r9\n\t"
+        "SBC	lr, lr, lr\n\t"
+        "ASR	r12, %[b], #31\n\t"
+        "EOR	r3, r4, r6\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r6, r6, r3\n\t"
+        "EOR	r3, r5, r7\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r5, r5, r3\n\t"
+        "EOR	r7, r7, r3\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "AND	r10, r10, r12\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r11, r11, r12\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "STRD	r4, r5, [%[r], #16]\n\t"
+        "STRD	r6, r7, [%[r], #48]\n\t"
+        "STRD	r8, r9, [%[r], #80]\n\t"
+        "SBFX	r3, %[b], #7, #1\n\t"
+        "EOR	r12, %[b], r3\n\t"
+        "SUB	r12, r12, r3\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #31\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #30\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #29\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #28\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #27\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #26\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #25\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "ADD	%[base], %[base], #0x60\n\t"
+        "MOV	r3, #0x80000000\n\t"
+        "ROR	r3, r3, #24\n\t"
+        "ROR	r3, r3, r12\n\t"
+        "ASR	r3, r3, #31\n\t"
+        "LDRD	r10, r11, [%[base], #24]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r4, r4, r10\n\t"
+        "EOR	r5, r5, r11\n\t"
+        "LDRD	r10, r11, [%[base], #56]\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r6, r6, r10\n\t"
+        "EOR	r7, r7, r11\n\t"
+        "LDRD	r10, r11, [%[base], #88]\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "SUB	%[base], %[base], #0x2a0\n\t"
+        "MVN	r10, #0x0\n\t"
+        "MVN	r11, #0x80000000\n\t"
+        "RSBS	lr, lr, #0x0\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBC	r11, r11, r9\n\t"
+        "ASR	r12, %[b], #31\n\t"
+        "EOR	r3, r4, r6\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r4, r4, r3\n\t"
+        "EOR	r6, r6, r3\n\t"
+        "EOR	r3, r5, r7\n\t"
+        "AND	r3, r3, r12\n\t"
+        "EOR	r5, r5, r3\n\t"
+        "EOR	r7, r7, r3\n\t"
+        "EOR	r10, r10, r8\n\t"
+        "AND	r10, r10, r12\n\t"
+        "EOR	r8, r8, r10\n\t"
+        "EOR	r11, r11, r9\n\t"
+        "AND	r11, r11, r12\n\t"
+        "EOR	r9, r9, r11\n\t"
+        "STRD	r4, r5, [%[r], #24]\n\t"
+        "STRD	r6, r7, [%[r], #56]\n\t"
+        "STRD	r8, r9, [%[r], #88]\n\t"
+        : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r3", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_cmov_table(fe* r_p, fe* base_p, signed char b_p)
+#else
+void fe_cmov_table(fe* r, fe* base, signed char b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register fe* r __asm__ ("r0") = (fe*)r_p;
+    register fe* base __asm__ ("r1") = (fe*)base_p;
+    register signed char b __asm__ ("r2") = (signed char)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SXTB	%[b], %[b]\n\t"
+        "SBFX	r3, %[b], #7, #1\n\t"
+        "EOR	%[b], %[b], r3\n\t"
+        "SUB	%[b], %[b], r3\n\t"
+        "CLZ	lr, %[b]\n\t"
+        "LSL	lr, lr, #26\n\t"
+        "ASR	lr, lr, #31\n\t"
+        "MVN	lr, lr\n\t"
+        "ADD	%[b], %[b], lr\n\t"
+        "MOV	r12, #0x60\n\t"
+        "MUL	%[b], %[b], r12\n\t"
+        "ADD	%[base], %[base], %[b]\n\t"
+        "LDM	%[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r6, r6, lr\n\t"
+        "AND	r7, r7, lr\n\t"
+        "AND	r8, r8, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "AND	r10, r10, lr\n\t"
+        "AND	r11, r11, lr\n\t"
+        "MVN	r12, lr\n\t"
+        "SUB	r4, r4, r12\n\t"
+        "MOV	r12, #0x20\n\t"
+        "AND	r12, r12, r3\n\t"
+        "ADD	%[r], %[r], r12\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUB	%[r], %[r], r12\n\t"
+        "LDM	%[base]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r6, r6, lr\n\t"
+        "AND	r7, r7, lr\n\t"
+        "AND	r8, r8, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "AND	r10, r10, lr\n\t"
+        "AND	r11, r11, lr\n\t"
+        "MVN	r12, lr\n\t"
+        "SUB	r4, r4, r12\n\t"
+        "MOV	r12, #0x20\n\t"
+        "BIC	r12, r12, r3\n\t"
+        "ADD	%[r], %[r], r12\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUB	%[r], %[r], r12\n\t"
+        "ADD	%[r], %[r], #0x40\n\t"
+        "LDM	%[base]!, {r4, r5, r6, r7}\n\t"
+        "MVN	r12, #0x12\n\t"
+        "SUBS	r8, r12, r4\n\t"
+        "SBCS	r9, r3, r5\n\t"
+        "SBCS	r10, r3, r6\n\t"
+        "SBCS	r11, r3, r7\n\t"
+        "BIC	r4, r4, r3\n\t"
+        "BIC	r5, r5, r3\n\t"
+        "BIC	r6, r6, r3\n\t"
+        "BIC	r7, r7, r3\n\t"
+        "AND	r8, r8, r3\n\t"
+        "AND	r9, r9, r3\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "ORR	r4, r4, r8\n\t"
+        "ORR	r5, r5, r9\n\t"
+        "ORR	r6, r6, r10\n\t"
+        "ORR	r7, r7, r11\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r6, r6, lr\n\t"
+        "AND	r7, r7, lr\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[base]!, {r4, r5, r6, r7}\n\t"
+        "MVN	r12, #0x80000000\n\t"
+        "SBCS	r8, r3, r4\n\t"
+        "SBCS	r9, r3, r5\n\t"
+        "SBCS	r10, r3, r6\n\t"
+        "SBC	r11, r12, r7\n\t"
+        "BIC	r4, r4, r3\n\t"
+        "BIC	r5, r5, r3\n\t"
+        "BIC	r6, r6, r3\n\t"
+        "BIC	r7, r7, r3\n\t"
+        "AND	r8, r8, r3\n\t"
+        "AND	r9, r9, r3\n\t"
+        "AND	r10, r10, r3\n\t"
+        "AND	r11, r11, r3\n\t"
+        "ORR	r4, r4, r8\n\t"
+        "ORR	r5, r5, r9\n\t"
+        "ORR	r6, r6, r10\n\t"
+        "ORR	r7, r7, r11\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r6, r6, lr\n\t"
+        "AND	r7, r7, lr\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "SUB	%[base], %[base], %[b]\n\t"
+        : [r] "+r" (r), [base] "+r" (base), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_ED25519_MAKE_KEY || HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+#ifdef WOLFSSL_SP_NO_UMAAL
+void fe_mul_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul_op()
+#else
+void fe_mul_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x28\n\t"
+        "STR	r0, [sp, #36]\n\t"
+        "MOV	r0, #0x0\n\t"
+        "LDR	r12, [r1]\n\t"
+        /* A[0] * B[0] */
+        "LDR	lr, [r2]\n\t"
+        "UMULL	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "UMULL	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "UMULL	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "UMULL	r9, r10, r12, lr\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "MOV	r11, r0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r3, r0, #0x0\n\t"
+        "UMLAL	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "LDR	r12, [r1, #4]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r4, r0, #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "LDR	r12, [r1, #8]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r5, r0, #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "LDR	r12, [r1, #12]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r6, r0, #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "LDR	r12, [r1, #16]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r7, r0, #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "LDR	r12, [r1, #20]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r8, r0, #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "LDR	r12, [r1, #24]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r9, r0, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "LDR	r12, [r1, #28]\n\t"
+        "LDR	lr, [r2]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "LDR	lr, [r2, #4]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "LDR	lr, [r2, #8]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "LDR	lr, [r2, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "LDR	lr, [r2, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "LDR	lr, [r2, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "LDR	lr, [r2, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "LDR	lr, [r2, #28]\n\t"
+        "ADC	r10, r0, #0x0\n\t"
+        "UMLAL	r9, r10, r12, lr\n\t"
+        /* Reduce */
+        "LDR	r2, [sp, #28]\n\t"
+        "MOV	lr, sp\n\t"
+        "MOV	r12, #0x26\n\t"
+        "UMULL	r10, r11, r10, r12\n\t"
+        "ADDS	r10, r10, r2\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	r11, r11, #1\n\t"
+        "ORR	r11, r11, r10, LSR #31\n\t"
+        "MUL	r11, r11, r12\n\t"
+        "LDM	lr!, {r1, r2}\n\t"
+        "MOV	r12, #0x26\n\t"
+        "ADDS	r1, r1, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r1, r11, r3, r12\n\t"
+        "ADDS	r2, r2, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r2, r11, r4, r12\n\t"
+        "LDM	lr!, {r3, r4}\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r5, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r6, r12\n\t"
+        "LDM	lr!, {r5, r6}\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r7, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r8, r12\n\t"
+        "LDM	lr!, {r7, r8}\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r9, r12\n\t"
+        "BFC	r10, #31, #1\n\t"
+        "ADDS	r8, r10, r11\n\t"
+        /* Store */
+        "LDR	r0, [sp, #36]\n\t"
+        "STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x28\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#else
+void fe_mul_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul_op()
+#else
+void fe_mul_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x2c\n\t"
+        "STRD	r0, r1, [sp, #36]\n\t"
+        "MOV	lr, r2\n\t"
+        "LDM	r1, {r0, r1, r2, r3}\n\t"
+        "LDM	lr!, {r4, r5, r6}\n\t"
+        "UMULL	r10, r11, r0, r4\n\t"
+        "UMULL	r12, r7, r1, r4\n\t"
+        "UMAAL	r11, r12, r0, r5\n\t"
+        "UMULL	r8, r9, r2, r4\n\t"
+        "UMAAL	r12, r8, r1, r5\n\t"
+        "UMAAL	r12, r7, r0, r6\n\t"
+        "UMAAL	r8, r9, r3, r4\n\t"
+        "STM	sp, {r10, r11, r12}\n\t"
+        "UMAAL	r7, r8, r2, r5\n\t"
+        "LDM	lr!, {r4}\n\t"
+        "UMULL	r10, r11, r1, r6\n\t"
+        "UMAAL	r8, r9, r2, r6\n\t"
+        "UMAAL	r7, r10, r0, r4\n\t"
+        "UMAAL	r8, r11, r3, r5\n\t"
+        "STR	r7, [sp, #12]\n\t"
+        "UMAAL	r8, r10, r1, r4\n\t"
+        "UMAAL	r9, r11, r3, r6\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "UMAAL	r10, r11, r3, r4\n\t"
+        "LDM	lr, {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMLAL	r8, r12, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r10, r12, r2, r4\n\t"
+        "UMAAL	r11, r12, r3, r4\n\t"
+        "MOV	r4, #0x0\n\t"
+        "UMLAL	r9, r4, r0, r5\n\t"
+        "UMAAL	r10, r4, r1, r5\n\t"
+        "UMAAL	r11, r4, r2, r5\n\t"
+        "UMAAL	r12, r4, r3, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r0, r6\n\t"
+        "UMAAL	r11, r5, r1, r6\n\t"
+        "UMAAL	r12, r5, r2, r6\n\t"
+        "UMAAL	r4, r5, r3, r6\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r11, r6, r0, r7\n\t"
+        "LDR	r0, [sp, #40]\n\t"
+        "UMAAL	r12, r6, r1, r7\n\t"
+        "ADD	r0, r0, #0x10\n\t"
+        "UMAAL	r4, r6, r2, r7\n\t"
+        "SUB	lr, lr, #0x10\n\t"
+        "UMAAL	r5, r6, r3, r7\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "STR	r6, [sp, #32]\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r8, r7, r0, r6\n\t"
+        "UMAAL	r9, r7, r1, r6\n\t"
+        "STR	r8, [sp, #16]\n\t"
+        "UMAAL	r10, r7, r2, r6\n\t"
+        "UMAAL	r11, r7, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r8, #0x0\n\t"
+        "UMLAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r10, r8, r1, r6\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "UMAAL	r11, r8, r2, r6\n\t"
+        "UMAAL	r12, r8, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r10, r9, r0, r6\n\t"
+        "UMAAL	r11, r9, r1, r6\n\t"
+        "STR	r10, [sp, #24]\n\t"
+        "UMAAL	r12, r9, r2, r6\n\t"
+        "UMAAL	r4, r9, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r10, #0x0\n\t"
+        "UMLAL	r11, r10, r0, r6\n\t"
+        "UMAAL	r12, r10, r1, r6\n\t"
+        "STR	r11, [sp, #28]\n\t"
+        "UMAAL	r4, r10, r2, r6\n\t"
+        "UMAAL	r5, r10, r3, r6\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r12, r7, r0, r11\n\t"
+        "UMAAL	r4, r7, r1, r11\n\t"
+        "LDR	r6, [sp, #32]\n\t"
+        "UMAAL	r5, r7, r2, r11\n\t"
+        "UMAAL	r6, r7, r3, r11\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r4, r8, r0, r11\n\t"
+        "UMAAL	r5, r8, r1, r11\n\t"
+        "UMAAL	r6, r8, r2, r11\n\t"
+        "UMAAL	r7, r8, r3, r11\n\t"
+        "LDM	lr, {r11, lr}\n\t"
+        "UMAAL	r5, r9, r0, r11\n\t"
+        "UMAAL	r6, r10, r0, lr\n\t"
+        "UMAAL	r6, r9, r1, r11\n\t"
+        "UMAAL	r7, r10, r1, lr\n\t"
+        "UMAAL	r7, r9, r2, r11\n\t"
+        "UMAAL	r8, r10, r2, lr\n\t"
+        "UMAAL	r8, r9, r3, r11\n\t"
+        "UMAAL	r9, r10, r3, lr\n\t"
+        /* Reduce */
+        "LDR	r0, [sp, #28]\n\t"
+        "MOV	lr, #0x25\n\t"
+        "UMAAL	r10, r0, r10, lr\n\t"
+        "MOV	lr, #0x13\n\t"
+        "LSL	r0, r0, #1\n\t"
+        "ORR	r0, r0, r10, LSR #31\n\t"
+        "MUL	r11, r0, lr\n\t"
+        "POP	{r0, r1, r2}\n\t"
+        "MOV	lr, #0x26\n\t"
+        "UMAAL	r0, r11, r12, lr\n\t"
+        "UMAAL	r1, r11, r4, lr\n\t"
+        "UMAAL	r2, r11, r5, lr\n\t"
+        "POP	{r3, r4, r5}\n\t"
+        "UMAAL	r3, r11, r6, lr\n\t"
+        "UMAAL	r4, r11, r7, lr\n\t"
+        "UMAAL	r5, r11, r8, lr\n\t"
+        "POP	{r6}\n\t"
+        "BFC	r10, #31, #1\n\t"
+        "UMAAL	r6, r11, r9, lr\n\t"
+        "ADD	r7, r10, r11\n\t"
+        "LDR	lr, [sp, #8]\n\t"
+        /* Store */
+        "STM	lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "ADD	sp, sp, #0x10\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul(fe r_p, const fe a_p, const fe b_p)
+#else
+void fe_mul(fe r, const fe a, const fe b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+    register const sword32* b __asm__ ("r2") = (const sword32*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "BL	fe_mul_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+void fe_sq_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq_op()
+#else
+void fe_sq_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	r0, [sp, #64]\n\t"
+        /* Square */
+        "MOV	r0, #0x0\n\t"
+        "LDR	r12, [r1]\n\t"
+        /* A[0] * A[1] */
+        "LDR	lr, [r1, #4]\n\t"
+        "UMULL	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "LDR	lr, [r1, #12]\n\t"
+        "UMULL	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "UMULL	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "UMULL	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "LDR	lr, [r1, #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "LDR	r12, [r1, #4]\n\t"
+        "LDR	lr, [r1, #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "LDR	lr, [r1, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r4, r0, #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "LDR	r12, [r1, #8]\n\t"
+        "LDR	lr, [r1, #12]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r5, r0, #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "LDR	r12, [r1, #12]\n\t"
+        "LDR	lr, [r1, #16]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r6, r0, #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "LDR	r12, [r1, #16]\n\t"
+        "LDR	lr, [r1, #20]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r7, r0, #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "LDR	r12, [r1, #20]\n\t"
+        "LDR	lr, [r1, #24]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r8, r0, #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "LDR	r12, [r1, #24]\n\t"
+        "LDR	lr, [r1, #28]\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADC	r10, r0, #0x0\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "LDR	r12, [r1]\n\t"
+        "UMULL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "LDR	r12, [r1, #4]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "LDR	r12, [r1, #8]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "LDR	r12, [r1, #12]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, r12\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "LDR	r12, [r1, #16]\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "LDR	r12, [r1, #20]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "LDR	r12, [r1, #24]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "LDR	r12, [r1, #28]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r12, r12\n\t"
+        /* Reduce */
+        "LDR	r2, [sp, #28]\n\t"
+        "MOV	lr, sp\n\t"
+        "MOV	r12, #0x26\n\t"
+        "UMULL	r10, r11, r10, r12\n\t"
+        "ADDS	r10, r10, r2\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	r11, r11, #1\n\t"
+        "ORR	r11, r11, r10, LSR #31\n\t"
+        "MUL	r11, r11, r12\n\t"
+        "LDM	lr!, {r1, r2}\n\t"
+        "MOV	r12, #0x26\n\t"
+        "ADDS	r1, r1, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r1, r11, r3, r12\n\t"
+        "ADDS	r2, r2, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r2, r11, r4, r12\n\t"
+        "LDM	lr!, {r3, r4}\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r5, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r6, r12\n\t"
+        "LDM	lr!, {r5, r6}\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r7, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r8, r12\n\t"
+        "LDM	lr!, {r7, r8}\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r9, r12\n\t"
+        "BFC	r10, #31, #1\n\t"
+        "ADDS	r8, r10, r11\n\t"
+        /* Store */
+        "LDR	r0, [sp, #64]\n\t"
+        "STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#else
+void fe_sq_op(void);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq_op()
+#else
+void fe_sq_op()
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x20\n\t"
+        "STR	r0, [sp, #28]\n\t"
+        "LDM	r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        /* Square */
+        "UMULL	r9, r10, r0, r0\n\t"
+        "UMULL	r11, r12, r0, r1\n\t"
+        "ADDS	r11, r11, r11\n\t"
+        "MOV	lr, #0x0\n\t"
+        "UMAAL	r10, r11, lr, lr\n\t"
+        "STM	sp, {r9, r10}\n\t"
+        "MOV	r8, lr\n\t"
+        "UMAAL	r8, r12, r0, r2\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r8, r11, r1, r1\n\t"
+        "UMULL	r9, r10, r0, r3\n\t"
+        "UMAAL	r9, r12, r1, r2\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STRD	r8, r9, [sp, #8]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r10, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r2, r2\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "UMULL	r9, r8, r0, r5\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r9, r10, r2, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r9, r12, r1, r5\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r3, r3\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "UMULL	r0, r9, r0, r7\n\t"
+        "UMAAL	r0, r8, r1, r6\n\t"
+        "UMAAL	r0, r12, r2, r5\n\t"
+        "UMAAL	r0, r10, r3, r4\n\t"
+        "ADCS	r0, r0, r0\n\t"
+        "UMAAL	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "UMAAL	r9, r8, r1, r7\n\t"
+        "UMAAL	r9, r10, r2, r6\n\t"
+        "UMAAL	r12, r9, r3, r5\n\t"
+        "ADCS	r12, r12, r12\n\t"
+        "UMAAL	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "UMAAL	r9, r8, r2, r7\n\t"
+        "UMAAL	r10, r9, r3, r6\n\t"
+        "MOV	r2, lr\n\t"
+        "UMAAL	r10, r2, r4, r5\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "UMAAL	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "UMAAL	r2, r8, r3, r7\n\t"
+        "UMAAL	r2, r9, r4, r6\n\t"
+        "ADCS	r3, r2, r2\n\t"
+        "UMAAL	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "MOV	r1, lr\n\t"
+        "UMAAL	r1, r8, r4, r7\n\t"
+        "UMAAL	r1, r9, r5, r6\n\t"
+        "ADCS	r4, r1, r1\n\t"
+        "UMAAL	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "UMAAL	r8, r9, r5, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "MOV	r5, lr\n\t"
+        "UMAAL	r5, r9, r6, r7\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "UMAAL	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r5, r7, r7\n\t"
+        "ADCS	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        /* Reduce */
+        "MOV	r6, #0x25\n\t"
+        "UMAAL	r7, r0, r7, r6\n\t"
+        "MOV	r6, #0x13\n\t"
+        "LSL	r0, r0, #1\n\t"
+        "ORR	r0, r0, r7, LSR #31\n\t"
+        "MUL	lr, r0, r6\n\t"
+        "POP	{r0, r1}\n\t"
+        "MOV	r6, #0x26\n\t"
+        "UMAAL	r0, lr, r12, r6\n\t"
+        "UMAAL	r1, lr, r11, r6\n\t"
+        "MOV	r12, r3\n\t"
+        "MOV	r11, r4\n\t"
+        "POP	{r2, r3, r4}\n\t"
+        "UMAAL	r2, lr, r10, r6\n\t"
+        "UMAAL	r3, lr, r12, r6\n\t"
+        "UMAAL	r4, lr, r11, r6\n\t"
+        "MOV	r12, r6\n\t"
+        "POP	{r5, r6}\n\t"
+        "UMAAL	r5, lr, r8, r12\n\t"
+        "BFC	r7, #31, #1\n\t"
+        "UMAAL	r6, lr, r9, r12\n\t"
+        "ADD	r7, r7, lr\n\t"
+        "POP	{lr}\n\t"
+        /* Store */
+        "STM	lr, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        :
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq(fe r_p, const fe a_p)
+#else
+void fe_sq(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "BL	fe_sq_op\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifdef HAVE_CURVE25519
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul121666(fe r_p, fe a_p)
+#else
+void fe_mul121666(fe r, fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register sword32* a __asm__ ("r1") = (sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* Multiply by 121666 */
+        "LDM	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "MOV	r12, #0xdb42\n\t"
+        "MOVT	r12, #0x1\n\t"
+        "UMULL	r2, r10, r2, r12\n\t"
+        "UMULL	r3, r11, r3, r12\n\t"
+        "ADDS	r3, r3, r10\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMULL	r4, r10, r4, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMULL	r5, r11, r5, r12\n\t"
+        "ADDS	r5, r5, r10\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMULL	r6, r10, r6, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMULL	r7, r11, r7, r12\n\t"
+        "ADDS	r7, r7, r10\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMULL	r8, r10, r8, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMULL	r9, r11, r9, r12\n\t"
+        "ADDS	r9, r9, r10\n\t"
+        "MOV	r12, #0x13\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "LSL	r11, r11, #1\n\t"
+        "ORR	r11, r11, r9, LSR #31\n\t"
+        "MUL	r11, r11, r12\n\t"
+        "ADDS	r2, r2, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "STM	%[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_mul121666(fe r_p, fe a_p)
+#else
+void fe_mul121666(fe r, fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register sword32* a __asm__ ("r1") = (sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* Multiply by 121666 */
+        "LDM	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "MOV	r11, #0xdb42\n\t"
+        "MOVT	r11, #0x1\n\t"
+        "UMULL	r2, r12, r2, r11\n\t"
+        "SUB	r10, r11, #0x1\n\t"
+        "UMAAL	r3, r12, r3, r10\n\t"
+        "UMAAL	r4, r12, r4, r10\n\t"
+        "UMAAL	r5, r12, r5, r10\n\t"
+        "UMAAL	r6, r12, r6, r10\n\t"
+        "UMAAL	r7, r12, r7, r10\n\t"
+        "UMAAL	r8, r12, r8, r10\n\t"
+        "MOV	r11, #0x13\n\t"
+        "UMAAL	r9, r12, r9, r10\n\t"
+        "LSL	r12, r12, #1\n\t"
+        "ORR	r12, r12, r9, LSR #31\n\t"
+        "MUL	r12, r12, r11\n\t"
+        "ADDS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "BFC	r9, #31, #1\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "STM	%[r], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WC_NO_CACHE_RESISTANT
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+#else
+int curve25519(byte* r, const byte* n, const byte* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* r __asm__ ("r0") = (byte*)r_p;
+    register const byte* n __asm__ ("r1") = (const byte*)n_p;
+    register const byte* a __asm__ ("r2") = (const byte*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xbc\n\t"
+        "STR	%[r], [sp, #160]\n\t"
+        "STR	%[n], [sp, #164]\n\t"
+        "STR	%[a], [sp, #168]\n\t"
+        "MOV	%[n], #0x0\n\t"
+        "STR	%[n], [sp, #172]\n\t"
+        "MOV	r4, #0x1\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r10, #0x0\n\t"
+        "MOV	r11, #0x0\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADD	r3, sp, #0x20\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r3, sp\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADD	r3, sp, #0x40\n\t"
+        /* Copy */
+        "LDM	r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	%[n], #0x1e\n\t"
+        "STR	%[n], [sp, #180]\n\t"
+        "MOV	%[a], #0x1c\n\t"
+        "STR	%[a], [sp, #176]\n\t"
+        "\n"
+    "L_curve25519_words:\n\t"
+        "\n"
+    "L_curve25519_bits:\n\t"
+        "LDR	%[n], [sp, #164]\n\t"
+        "LDR	%[a], [%[n], r2]\n\t"
+        "LDR	%[n], [sp, #180]\n\t"
+        "LSR	%[a], %[a], %[n]\n\t"
+        "AND	%[a], %[a], #0x1\n\t"
+        "STR	%[a], [sp, #184]\n\t"
+        "LDR	%[n], [sp, #172]\n\t"
+        "EOR	%[n], %[n], %[a]\n\t"
+        "STR	%[n], [sp, #172]\n\t"
+        "LDR	%[r], [sp, #160]\n\t"
+        /* Conditional Swap */
+        "RSB	%[n], %[n], #0x0\n\t"
+        "MOV	r3, r0\n\t"
+        "ADD	r12, sp, #0x40\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDR	%[n], [sp, #172]\n\t"
+        /* Conditional Swap */
+        "RSB	%[n], %[n], #0x0\n\t"
+        "MOV	r3, sp\n\t"
+        "ADD	r12, sp, #0x20\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDM	r3, {r4, r5}\n\t"
+        "LDM	r12, {r6, r7}\n\t"
+        "EOR	r8, r4, r6\n\t"
+        "EOR	r9, r5, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r3!, {r4, r5}\n\t"
+        "STM	r12!, {r6, r7}\n\t"
+        "LDR	%[n], [sp, #184]\n\t"
+        "STR	%[n], [sp, #172]\n\t"
+        "MOV	r3, sp\n\t"
+        "LDR	r2, [sp, #160]\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "LDR	r0, [sp, #160]\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	r3, sp, #0x20\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r2, [sp, #160]\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x80\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r1, [sp, #160]\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r3, sp\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	r2, sp, #0x80\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "LDR	r0, [sp, #160]\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x80\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sub_op\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul121666\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_add_op\n\t"
+        "MOV	r2, sp\n\t"
+        "LDR	r1, [sp, #168]\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x80\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	%[a], [sp, #176]\n\t"
+        "LDR	%[n], [sp, #180]\n\t"
+        "SUBS	%[n], %[n], #0x1\n\t"
+        "STR	%[n], [sp, #180]\n\t"
+#ifdef __GNUC__
+        "BGE	L_curve25519_bits\n\t"
+#else
+        "BGE.W	L_curve25519_bits\n\t"
+#endif
+        "MOV	%[n], #0x1f\n\t"
+        "STR	%[n], [sp, #180]\n\t"
+        "SUBS	%[a], %[a], #0x4\n\t"
+        "STR	%[a], [sp, #176]\n\t"
+#ifdef __GNUC__
+        "BGE	L_curve25519_words\n\t"
+#else
+        "BGE.W	L_curve25519_words\n\t"
+#endif
+        /* Invert */
+        "ADD	r1, sp, #0x0\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x0\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x4\n\t"
+        "\n"
+    "L_curve25519_inv_1:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_1\n\t"
+#else
+        "BNE.N	L_curve25519_inv_1\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x9\n\t"
+        "\n"
+    "L_curve25519_inv_2:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_2\n\t"
+#else
+        "BNE.N	L_curve25519_inv_2\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x13\n\t"
+        "\n"
+    "L_curve25519_inv_3:\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_3\n\t"
+#else
+        "BNE.N	L_curve25519_inv_3\n\t"
+#endif
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0xa\n\t"
+        "\n"
+    "L_curve25519_inv_4:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_4\n\t"
+#else
+        "BNE.N	L_curve25519_inv_4\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x31\n\t"
+        "\n"
+    "L_curve25519_inv_5:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_5\n\t"
+#else
+        "BNE.N	L_curve25519_inv_5\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x63\n\t"
+        "\n"
+    "L_curve25519_inv_6:\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_6\n\t"
+#else
+        "BNE.N	L_curve25519_inv_6\n\t"
+#endif
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x32\n\t"
+        "\n"
+    "L_curve25519_inv_7:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_7\n\t"
+#else
+        "BNE.N	L_curve25519_inv_7\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x5\n\t"
+        "\n"
+    "L_curve25519_inv_8:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_8\n\t"
+#else
+        "BNE.N	L_curve25519_inv_8\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x0\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r2, sp\n\t"
+        "LDR	r1, [sp, #160]\n\t"
+        "LDR	r0, [sp, #160]\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r0, #0x0\n\t"
+        "ADD	sp, sp, #0xbc\n\t"
+        : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+int curve25519(byte* r_p, const byte* n_p, const byte* a_p)
+#else
+int curve25519(byte* r, const byte* n, const byte* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* r __asm__ ("r0") = (byte*)r_p;
+    register const byte* n __asm__ ("r1") = (const byte*)n_p;
+    register const byte* a __asm__ ("r2") = (const byte*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xc0\n\t"
+        "STR	%[r], [sp, #176]\n\t"
+        "STR	%[n], [sp, #160]\n\t"
+        "STR	%[a], [sp, #172]\n\t"
+        "ADD	r5, sp, #0x40\n\t"
+        "ADD	r4, sp, #0x20\n\t"
+        "STR	sp, [sp, #184]\n\t"
+        "STR	r5, [sp, #180]\n\t"
+        "STR	r4, [sp, #188]\n\t"
+        "MOV	%[n], #0x0\n\t"
+        "STR	%[n], [sp, #164]\n\t"
+        "MOV	r4, #0x1\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r6, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r9, #0x0\n\t"
+        "MOV	r10, #0x0\n\t"
+        "MOV	r11, #0x0\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADD	r3, sp, #0x20\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r3, sp\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADD	r3, sp, #0x40\n\t"
+        /* Copy */
+        "LDM	r2, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	r3, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	%[a], #0xfe\n\t"
+        "\n"
+    "L_curve25519_bits:\n\t"
+        "STR	%[a], [sp, #168]\n\t"
+        "LDR	%[n], [sp, #160]\n\t"
+        "AND	r4, %[a], #0x1f\n\t"
+        "LSR	%[a], %[a], #5\n\t"
+        "LDR	%[a], [%[n], r2, LSL #2]\n\t"
+        "RSB	r4, r4, #0x1f\n\t"
+        "LSL	%[a], %[a], r4\n\t"
+        "LDR	%[n], [sp, #164]\n\t"
+        "EOR	%[n], %[n], %[a]\n\t"
+        "ASR	%[n], %[n], #31\n\t"
+        "STR	%[a], [sp, #164]\n\t"
+        /* Conditional Swap */
+        "ADD	r11, sp, #0xb0\n\t"
+        "LDM	r11, {r4, r5, r6, r7}\n\t"
+        "EOR	r8, r4, r5\n\t"
+        "EOR	r9, r6, r7\n\t"
+        "AND	r8, r8, %[n]\n\t"
+        "AND	r9, r9, %[n]\n\t"
+        "EOR	r4, r4, r8\n\t"
+        "EOR	r5, r5, r8\n\t"
+        "EOR	r6, r6, r9\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "STM	r11, {r4, r5, r6, r7}\n\t"
+        /* Ladder step */
+        "LDR	r3, [sp, #184]\n\t"
+        "LDR	r2, [sp, #176]\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "LDR	r0, [sp, #176]\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r3, [sp, #188]\n\t"
+        "LDR	r2, [sp, #180]\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "LDR	r0, [sp, #184]\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r2, [sp, #176]\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "LDR	r0, [sp, #188]\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x80\n\t"
+        "LDR	r1, [sp, #184]\n\t"
+        "LDR	r0, [sp, #184]\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r1, [sp, #176]\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r3, [sp, #184]\n\t"
+        "LDR	r2, [sp, #188]\n\t"
+        "LDR	r1, [sp, #184]\n\t"
+        "LDR	r0, [sp, #180]\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "LDR	r0, [sp, #176]\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sub_op\n\t"
+        "LDR	r1, [sp, #184]\n\t"
+        "LDR	r0, [sp, #184]\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "LDR	r0, [sp, #188]\n\t"
+        "BL	fe_mul121666\n\t"
+        "LDR	r1, [sp, #180]\n\t"
+        "LDR	r0, [sp, #180]\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r2, [sp, #188]\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_add_op\n\t"
+        "LDR	r2, [sp, #184]\n\t"
+        "LDR	r1, [sp, #172]\n\t"
+        "LDR	r0, [sp, #188]\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "LDR	r0, [sp, #184]\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	%[a], [sp, #168]\n\t"
+        "SUBS	%[a], %[a], #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGE	L_curve25519_bits\n\t"
+#else
+        "BGE.N	L_curve25519_bits\n\t"
+#endif
+        /*   Cycle Count: 171 */
+        "LDR	%[n], [sp, #184]\n\t"
+        /* Copy */
+        "LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	sp, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Invert */
+        "ADD	r1, sp, #0x0\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x0\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x4\n\t"
+        "\n"
+    "L_curve25519_inv_1:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_1\n\t"
+#else
+        "BNE.N	L_curve25519_inv_1\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x9\n\t"
+        "\n"
+    "L_curve25519_inv_2:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_2\n\t"
+#else
+        "BNE.N	L_curve25519_inv_2\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x13\n\t"
+        "\n"
+    "L_curve25519_inv_3:\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_3\n\t"
+#else
+        "BNE.N	L_curve25519_inv_3\n\t"
+#endif
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0xa\n\t"
+        "\n"
+    "L_curve25519_inv_4:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_4\n\t"
+#else
+        "BNE.N	L_curve25519_inv_4\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x31\n\t"
+        "\n"
+    "L_curve25519_inv_5:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_5\n\t"
+#else
+        "BNE.N	L_curve25519_inv_5\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x63\n\t"
+        "\n"
+    "L_curve25519_inv_6:\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x80\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_6\n\t"
+#else
+        "BNE.N	L_curve25519_inv_6\n\t"
+#endif
+        "ADD	r2, sp, #0x60\n\t"
+        "ADD	r1, sp, #0x80\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x32\n\t"
+        "\n"
+    "L_curve25519_inv_7:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_7\n\t"
+#else
+        "BNE.N	L_curve25519_inv_7\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x5\n\t"
+        "\n"
+    "L_curve25519_inv_8:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_curve25519_inv_8\n\t"
+#else
+        "BNE.N	L_curve25519_inv_8\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x0\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r2, [sp, #184]\n\t"
+        "LDR	r1, [sp, #176]\n\t"
+        "LDR	r0, [sp, #176]\n\t"
+        "BL	fe_mul_op\n\t"
+        /* Ensure result is less than modulus */
+        "LDR	%[r], [sp, #176]\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	%[a], #0x13\n\t"
+        "AND	%[a], %[a], r11, ASR #31\n\t"
+        "ADDS	r4, r4, %[a]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "MOV	r0, #0x0\n\t"
+        "ADD	sp, sp, #0xc0\n\t"
+        : [r] "+r" (r), [n] "+r" (n), [a] "+r" (a)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WC_NO_CACHE_RESISTANT */
+#endif /* HAVE_CURVE25519 */
+#ifdef HAVE_ED25519
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_invert(fe r_p, const fe a_p)
+#else
+void fe_invert(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x88\n\t"
+        /* Invert */
+        "STR	%[r], [sp, #128]\n\t"
+        "STR	%[a], [sp, #132]\n\t"
+        "LDR	r1, [sp, #132]\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "LDR	r1, [sp, #132]\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x4\n\t"
+        "\n"
+    "L_fe_invert1:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert1\n\t"
+#else
+        "BNE.N	L_fe_invert1\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x9\n\t"
+        "\n"
+    "L_fe_invert2:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert2\n\t"
+#else
+        "BNE.N	L_fe_invert2\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x13\n\t"
+        "\n"
+    "L_fe_invert3:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert3\n\t"
+#else
+        "BNE.N	L_fe_invert3\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0xa\n\t"
+        "\n"
+    "L_fe_invert4:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert4\n\t"
+#else
+        "BNE.N	L_fe_invert4\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x31\n\t"
+        "\n"
+    "L_fe_invert5:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert5\n\t"
+#else
+        "BNE.N	L_fe_invert5\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x63\n\t"
+        "\n"
+    "L_fe_invert6:\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x60\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert6\n\t"
+#else
+        "BNE.N	L_fe_invert6\n\t"
+#endif
+        "ADD	r2, sp, #0x40\n\t"
+        "ADD	r1, sp, #0x60\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x32\n\t"
+        "\n"
+    "L_fe_invert7:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert7\n\t"
+#else
+        "BNE.N	L_fe_invert7\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x5\n\t"
+        "\n"
+    "L_fe_invert8:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_invert8\n\t"
+#else
+        "BNE.N	L_fe_invert8\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "LDR	r0, [sp, #128]\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	%[a], [sp, #132]\n\t"
+        "LDR	%[r], [sp, #128]\n\t"
+        "ADD	sp, sp, #0x88\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_sq2(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	r0, [sp, #64]\n\t"
+        /* Square * 2 */
+        "MOV	r0, #0x0\n\t"
+        "LDR	r12, [r1]\n\t"
+        /* A[0] * A[1] */
+        "LDR	lr, [r1, #4]\n\t"
+        "UMULL	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "LDR	lr, [r1, #12]\n\t"
+        "UMULL	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "UMULL	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "UMULL	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "LDR	lr, [r1, #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "LDR	r12, [r1, #4]\n\t"
+        "LDR	lr, [r1, #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "LDR	lr, [r1, #12]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r4, r0, #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "LDR	r12, [r1, #8]\n\t"
+        "LDR	lr, [r1, #12]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "LDR	lr, [r1, #16]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r5, r0, #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "LDR	r12, [r1, #12]\n\t"
+        "LDR	lr, [r1, #16]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "LDR	lr, [r1, #20]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r6, r0, #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "LDR	r12, [r1, #16]\n\t"
+        "LDR	lr, [r1, #20]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "LDR	lr, [r1, #24]\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r7, r0, #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "LDR	r12, [r1, #20]\n\t"
+        "LDR	lr, [r1, #24]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "LDR	lr, [r1, #28]\n\t"
+        "ADC	r8, r0, #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "LDR	r12, [r1, #24]\n\t"
+        "LDR	lr, [r1, #28]\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADC	r10, r0, #0x0\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "LDR	r12, [r1]\n\t"
+        "UMULL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "LDR	r12, [r1, #4]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "LDR	r12, [r1, #8]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "LDR	r12, [r1, #12]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r9, r11, r12, r12\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "LDR	r12, [r1, #16]\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "LDR	r12, [r1, #20]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "LDR	r12, [r1, #24]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "LDR	r12, [r1, #28]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r12, r12\n\t"
+        /* Reduce */
+        "LDR	r2, [sp, #28]\n\t"
+        "MOV	lr, sp\n\t"
+        "MOV	r12, #0x26\n\t"
+        "UMULL	r10, r11, r10, r12\n\t"
+        "ADDS	r10, r10, r2\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	r11, r11, #1\n\t"
+        "ORR	r11, r11, r10, LSR #31\n\t"
+        "MUL	r11, r11, r12\n\t"
+        "LDM	lr!, {r1, r2}\n\t"
+        "MOV	r12, #0x26\n\t"
+        "ADDS	r1, r1, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r1, r11, r3, r12\n\t"
+        "ADDS	r2, r2, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r2, r11, r4, r12\n\t"
+        "LDM	lr!, {r3, r4}\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r3, r11, r5, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r4, r11, r6, r12\n\t"
+        "LDM	lr!, {r5, r6}\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r5, r11, r7, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r6, r11, r8, r12\n\t"
+        "LDM	lr!, {r7, r8}\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        "ADC	r11, r0, #0x0\n\t"
+        "UMLAL	r7, r11, r9, r12\n\t"
+        "BFC	r10, #31, #1\n\t"
+        "ADDS	r8, r10, r11\n\t"
+        /* Reduce if top bit set */
+        "MOV	r12, #0x13\n\t"
+        "AND	r11, r12, r8, ASR #31\n\t"
+        "ADDS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "BFC	r8, #31, #1\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        /* Double */
+        "ADDS	r1, r1, r1\n\t"
+        "ADCS	r2, r2, r2\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADC	r8, r8, r8\n\t"
+        /* Reduce if top bit set */
+        "MOV	r12, #0x13\n\t"
+        "AND	r11, r12, r8, ASR #31\n\t"
+        "ADDS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "BFC	r8, #31, #1\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        /* Store */
+        "LDR	r0, [sp, #64]\n\t"
+        "STM	r0, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_sq2(fe r_p, const fe a_p)
+#else
+void fe_sq2(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x24\n\t"
+        "STRD	r0, r1, [sp, #28]\n\t"
+        "LDM	r1, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        /* Square * 2 */
+        "UMULL	r9, r10, r0, r0\n\t"
+        "UMULL	r11, r12, r0, r1\n\t"
+        "ADDS	r11, r11, r11\n\t"
+        "MOV	lr, #0x0\n\t"
+        "UMAAL	r10, r11, lr, lr\n\t"
+        "STM	sp, {r9, r10}\n\t"
+        "MOV	r8, lr\n\t"
+        "UMAAL	r8, r12, r0, r2\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r8, r11, r1, r1\n\t"
+        "UMULL	r9, r10, r0, r3\n\t"
+        "UMAAL	r9, r12, r1, r2\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STRD	r8, r9, [sp, #8]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r10, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r2, r2\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "UMULL	r9, r8, r0, r5\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r9, r10, r2, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r9, r12, r1, r5\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r3, r3\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "UMULL	r0, r9, r0, r7\n\t"
+        "UMAAL	r0, r8, r1, r6\n\t"
+        "UMAAL	r0, r12, r2, r5\n\t"
+        "UMAAL	r0, r10, r3, r4\n\t"
+        "ADCS	r0, r0, r0\n\t"
+        "UMAAL	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "UMAAL	r9, r8, r1, r7\n\t"
+        "UMAAL	r9, r10, r2, r6\n\t"
+        "UMAAL	r12, r9, r3, r5\n\t"
+        "ADCS	r12, r12, r12\n\t"
+        "UMAAL	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "UMAAL	r9, r8, r2, r7\n\t"
+        "UMAAL	r10, r9, r3, r6\n\t"
+        "MOV	r2, lr\n\t"
+        "UMAAL	r10, r2, r4, r5\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "UMAAL	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "UMAAL	r2, r8, r3, r7\n\t"
+        "UMAAL	r2, r9, r4, r6\n\t"
+        "ADCS	r3, r2, r2\n\t"
+        "UMAAL	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "MOV	r1, lr\n\t"
+        "UMAAL	r1, r8, r4, r7\n\t"
+        "UMAAL	r1, r9, r5, r6\n\t"
+        "ADCS	r4, r1, r1\n\t"
+        "UMAAL	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "UMAAL	r8, r9, r5, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "MOV	r5, lr\n\t"
+        "UMAAL	r5, r9, r6, r7\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "UMAAL	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r5, r7, r7\n\t"
+        "ADCS	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        /* Reduce */
+        "MOV	r6, #0x25\n\t"
+        "UMAAL	r7, r0, r7, r6\n\t"
+        "MOV	r6, #0x13\n\t"
+        "LSL	r0, r0, #1\n\t"
+        "ORR	r0, r0, r7, LSR #31\n\t"
+        "MUL	lr, r0, r6\n\t"
+        "POP	{r0, r1}\n\t"
+        "MOV	r6, #0x26\n\t"
+        "UMAAL	r0, lr, r12, r6\n\t"
+        "UMAAL	r1, lr, r11, r6\n\t"
+        "MOV	r12, r3\n\t"
+        "MOV	r11, r4\n\t"
+        "POP	{r2, r3, r4}\n\t"
+        "UMAAL	r2, lr, r10, r6\n\t"
+        "UMAAL	r3, lr, r12, r6\n\t"
+        "UMAAL	r4, lr, r11, r6\n\t"
+        "MOV	r12, r6\n\t"
+        "POP	{r5, r6}\n\t"
+        "UMAAL	r5, lr, r8, r12\n\t"
+        "BFC	r7, #31, #1\n\t"
+        "UMAAL	r6, lr, r9, r12\n\t"
+        "ADD	r7, r7, lr\n\t"
+        /* Reduce if top bit set */
+        "MOV	r11, #0x13\n\t"
+        "AND	r12, r11, r7, ASR #31\n\t"
+        "ADDS	r0, r0, r12\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "BFC	r7, #31, #1\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* Double */
+        "ADDS	r0, r0, r0\n\t"
+        "ADCS	r1, r1, r1\n\t"
+        "ADCS	r2, r2, r2\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        /* Reduce if top bit set */
+        "MOV	r11, #0x13\n\t"
+        "AND	r12, r11, r7, ASR #31\n\t"
+        "ADDS	r0, r0, r12\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "BFC	r7, #31, #1\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "POP	{r12, lr}\n\t"
+        /* Store */
+        "STM	r12, {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "MOV	r0, r12\n\t"
+        "MOV	r1, lr\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void fe_pow22523(fe r_p, const fe a_p)
+#else
+void fe_pow22523(fe r, const fe a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sword32* r __asm__ ("r0") = (sword32*)r_p;
+    register const sword32* a __asm__ ("r1") = (const sword32*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x68\n\t"
+        /* pow22523 */
+        "STR	%[r], [sp, #96]\n\t"
+        "STR	%[a], [sp, #100]\n\t"
+        "LDR	r1, [sp, #100]\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "LDR	r1, [sp, #100]\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r2, sp, #0x20\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x4\n\t"
+        "\n"
+    "L_fe_pow22523_1:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_1\n\t"
+#else
+        "BNE.N	L_fe_pow22523_1\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x9\n\t"
+        "\n"
+    "L_fe_pow22523_2:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_2\n\t"
+#else
+        "BNE.N	L_fe_pow22523_2\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x13\n\t"
+        "\n"
+    "L_fe_pow22523_3:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_3\n\t"
+#else
+        "BNE.N	L_fe_pow22523_3\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0xa\n\t"
+        "\n"
+    "L_fe_pow22523_4:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_4\n\t"
+#else
+        "BNE.N	L_fe_pow22523_4\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r1, sp\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x31\n\t"
+        "\n"
+    "L_fe_pow22523_5:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_5\n\t"
+#else
+        "BNE.N	L_fe_pow22523_5\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "MOV	r12, #0x63\n\t"
+        "\n"
+    "L_fe_pow22523_6:\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x40\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_6\n\t"
+#else
+        "BNE.N	L_fe_pow22523_6\n\t"
+#endif
+        "ADD	r2, sp, #0x20\n\t"
+        "ADD	r1, sp, #0x40\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x32\n\t"
+        "\n"
+    "L_fe_pow22523_7:\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "ADD	r0, sp, #0x20\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_7\n\t"
+#else
+        "BNE.N	L_fe_pow22523_7\n\t"
+#endif
+        "MOV	r2, sp\n\t"
+        "ADD	r1, sp, #0x20\n\t"
+        "MOV	r0, sp\n\t"
+        "BL	fe_mul_op\n\t"
+        "MOV	r12, #0x2\n\t"
+        "\n"
+    "L_fe_pow22523_8:\n\t"
+        "MOV	r1, sp\n\t"
+        "MOV	r0, sp\n\t"
+        "PUSH	{r12}\n\t"
+        "BL	fe_sq_op\n\t"
+        "POP	{r12}\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_fe_pow22523_8\n\t"
+#else
+        "BNE.N	L_fe_pow22523_8\n\t"
+#endif
+        "LDR	r2, [sp, #100]\n\t"
+        "MOV	r1, sp\n\t"
+        "LDR	r0, [sp, #96]\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	%[a], [sp, #100]\n\t"
+        "LDR	%[r], [sp, #96]\n\t"
+        "ADD	sp, sp, #0x68\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "lr", "r12", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p1p1_to_p2(ge_p2 * r_p, const ge_p1p1 * p_p)
+#else
+void ge_p1p1_to_p2(ge_p2 * r, const ge_p1p1 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p2 * r __asm__ ("r0") = (ge_p2 *)r_p;
+    register const ge_p1p1 * p __asm__ ("r1") = (const ge_p1p1 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x8\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "ADD	r2, r1, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x40\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x60\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	sp, sp, #0x8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
+        :
+        : "memory", "lr", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p1p1_to_p3(ge_p3 * r_p, const ge_p1p1 * p_p)
+#else
+void ge_p1p1_to_p3(ge_p3 * r, const ge_p1p1 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p3 * r __asm__ ("r0") = (ge_p3 *)r_p;
+    register const ge_p1p1 * p __asm__ ("r1") = (const ge_p1p1 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x8\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "ADD	r2, r1, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x40\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x60\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "ADD	sp, sp, #0x8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
+        :
+        : "memory", "lr", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_p2_dbl(ge_p1p1 * r_p, const ge_p2 * p_p)
+#else
+void ge_p2_dbl(ge_p1p1 * r, const ge_p2 * p)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p2 * p __asm__ ("r1") = (const ge_p2 *)p_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x8\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r2, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_op\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_sq_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "MOV	r3, r0\n\t"
+        "ADD	r2, r0, #0x40\n\t"
+        "ADD	r1, r0, #0x40\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "MOV	r2, r0\n\t"
+        "ADD	r1, r0, #0x40\n\t"
+        "SUB	r0, r0, #0x20\n\t"
+        "BL	fe_sub_op\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_sq2\n\t"
+        "SUB	r2, r0, #0x20\n\t"
+        "MOV	r1, r0\n\t"
+        "BL	fe_sub_op\n\t"
+        "ADD	sp, sp, #0x8\n\t"
+        : [r] "+r" (r), [p] "+r" (p)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_madd(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+#else
+void ge_madd(ge_p1p1 * r, const ge_p3 * p, const ge_precomp * q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+    register const ge_precomp * q __asm__ ("r2") = (const ge_precomp *)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xc\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "STR	%[q], [sp, #8]\n\t"
+        "MOV	r2, r1\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "BL	fe_add_op\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "MOV	r2, r1\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_sub_op\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "SUB	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x20\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #8]\n\t"
+        "LDR	r2, [sp, #4]\n\t"
+        "ADD	r2, r2, #0x60\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "ADD	r3, r0, #0x20\n\t"
+        "ADD	r2, r0, #0x40\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        /* Double */
+        "LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	lr, lr, #1\n\t"
+        "ORR	lr, lr, r11, LSR #31\n\t"
+        "MUL	r12, lr, r12\n\t"
+        "ADDS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "ADD	r3, r0, #0x20\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	sp, sp, #0xc\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_msub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_precomp * q_p)
+#else
+void ge_msub(ge_p1p1 * r, const ge_p3 * p, const ge_precomp * q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+    register const ge_precomp * q __asm__ ("r2") = (const ge_precomp *)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xc\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "STR	%[q], [sp, #8]\n\t"
+        "MOV	r2, r1\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "BL	fe_add_op\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "MOV	r2, r1\n\t"
+        "ADD	r1, r1, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_sub_op\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x20\n\t"
+        "SUB	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #8]\n\t"
+        "LDR	r2, [sp, #4]\n\t"
+        "ADD	r2, r2, #0x60\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "ADD	r3, r0, #0x20\n\t"
+        "ADD	r2, r0, #0x40\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        /* Double */
+        "LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	lr, lr, #1\n\t"
+        "ORR	lr, lr, r11, LSR #31\n\t"
+        "MUL	r12, lr, r12\n\t"
+        "ADDS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "ADD	r3, r0, #0x20\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	sp, sp, #0xc\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_add(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
+#else
+void ge_add(ge_p1p1 * r, const ge_p3 * p, const ge_cached* q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+    register const ge_cached* q __asm__ ("r2") = (const ge_cached*)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x2c\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "STR	%[q], [sp, #8]\n\t"
+        "MOV	r3, r1\n\t"
+        "ADD	r2, r1, #0x20\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x20\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #8]\n\t"
+        "LDR	r2, [sp, #4]\n\t"
+        "ADD	r2, r2, #0x60\n\t"
+        "ADD	r1, r1, #0x60\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x40\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r1, [sp]\n\t"
+        "ADD	r0, sp, #0xc\n\t"
+        /* Double */
+        "LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	lr, lr, #1\n\t"
+        "ORR	lr, lr, r11, LSR #31\n\t"
+        "MUL	r12, lr, r12\n\t"
+        "ADDS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "ADD	r3, r1, #0x20\n\t"
+        "ADD	r2, r1, #0x40\n\t"
+        "ADD	r0, r1, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	r3, r0, #0x40\n\t"
+        "ADD	r2, sp, #0xc\n\t"
+        "ADD	r1, r0, #0x40\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	sp, sp, #0x2c\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void ge_sub(ge_p1p1 * r_p, const ge_p3 * p_p, const ge_cached* q_p)
+#else
+void ge_sub(ge_p1p1 * r, const ge_p3 * p, const ge_cached* q)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register ge_p1p1 * r __asm__ ("r0") = (ge_p1p1 *)r_p;
+    register const ge_p3 * p __asm__ ("r1") = (const ge_p3 *)p_p;
+    register const ge_cached* q __asm__ ("r2") = (const ge_cached*)q_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x2c\n\t"
+        "STR	%[r], [sp]\n\t"
+        "STR	%[p], [sp, #4]\n\t"
+        "STR	%[q], [sp, #8]\n\t"
+        "MOV	r3, r1\n\t"
+        "ADD	r2, r1, #0x20\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x20\n\t"
+        "MOV	r1, r0\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x20\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #8]\n\t"
+        "LDR	r2, [sp, #4]\n\t"
+        "ADD	r2, r2, #0x60\n\t"
+        "ADD	r1, r1, #0x60\n\t"
+        "ADD	r0, r0, #0x60\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r0, [sp]\n\t"
+        "LDR	r1, [sp, #4]\n\t"
+        "LDR	r2, [sp, #8]\n\t"
+        "ADD	r2, r2, #0x40\n\t"
+        "ADD	r1, r1, #0x40\n\t"
+        "BL	fe_mul_op\n\t"
+        "LDR	r1, [sp]\n\t"
+        "ADD	r0, sp, #0xc\n\t"
+        /* Double */
+        "LDM	r1, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "MOV	r12, #0x13\n\t"
+        "LSL	lr, lr, #1\n\t"
+        "ORR	lr, lr, r11, LSR #31\n\t"
+        "MUL	r12, lr, r12\n\t"
+        "ADDS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "BFC	r11, #31, #1\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "STM	r0, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        /* Done Double */
+        "ADD	r3, r1, #0x20\n\t"
+        "ADD	r2, r1, #0x40\n\t"
+        "ADD	r0, r1, #0x20\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	r3, r0, #0x40\n\t"
+        "ADD	r2, sp, #0xc\n\t"
+        "ADD	r1, r0, #0x20\n\t"
+        "ADD	r0, r0, #0x40\n\t"
+        "BL	fe_add_sub_op\n\t"
+        "ADD	sp, sp, #0x2c\n\t"
+        : [r] "+r" (r), [p] "+r" (p), [q] "+r" (q)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_reduce(byte* s_p)
+#else
+void sc_reduce(byte* s)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* s __asm__ ("r0") = (byte*)s_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x38\n\t"
+        "STR	%[s], [sp, #52]\n\t"
+        /* Load bits 252-511 */
+        "ADD	%[s], %[s], #0x1c\n\t"
+        "LDM	%[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "LSR	lr, r9, #24\n\t"
+        "LSL	r9, r9, #4\n\t"
+        "ORR	r9, r9, r8, LSR #28\n\t"
+        "LSL	r8, r8, #4\n\t"
+        "ORR	r8, r8, r7, LSR #28\n\t"
+        "LSL	r7, r7, #4\n\t"
+        "ORR	r7, r7, r6, LSR #28\n\t"
+        "LSL	r6, r6, #4\n\t"
+        "ORR	r6, r6, r5, LSR #28\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, r3, LSR #28\n\t"
+        "LSL	r3, r3, #4\n\t"
+        "ORR	r3, r3, r2, LSR #28\n\t"
+        "LSL	r2, r2, #4\n\t"
+        "ORR	r2, r2, r1, LSR #28\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "SUB	%[s], %[s], #0x1c\n\t"
+        /* Add order times bits 504..511 */
+        "MOV	r10, #0x2c13\n\t"
+        "MOVT	r10, #0xa30a\n\t"
+        "MOV	r11, #0x9ce5\n\t"
+        "MOVT	r11, #0xa7ed\n\t"
+        "MOV	r1, #0x0\n\t"
+        "UMLAL	r2, r1, r10, lr\n\t"
+        "ADDS	r3, r3, r1\n\t"
+        "MOV	r1, #0x0\n\t"
+        "ADC	r1, r1, #0x0\n\t"
+        "UMLAL	r3, r1, r11, lr\n\t"
+        "MOV	r10, #0x6329\n\t"
+        "MOVT	r10, #0x5d08\n\t"
+        "MOV	r11, #0x621\n\t"
+        "MOVT	r11, #0xeb21\n\t"
+        "ADDS	r4, r4, r1\n\t"
+        "MOV	r1, #0x0\n\t"
+        "ADC	r1, r1, #0x0\n\t"
+        "UMLAL	r4, r1, r10, lr\n\t"
+        "ADDS	r5, r5, r1\n\t"
+        "MOV	r1, #0x0\n\t"
+        "ADC	r1, r1, #0x0\n\t"
+        "UMLAL	r5, r1, r11, lr\n\t"
+        "ADDS	r6, r6, r1\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUBS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	r9, r9, #0x0\n\t"
+        /* Sub product of top 8 words and order */
+        "MOV	r12, sp\n\t"
+        "MOV	r1, #0x2c13\n\t"
+        "MOVT	r1, #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, r1\n\t"
+        "BFC	r11, #28, #4\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x9ce5\n\t"
+        "MOVT	r1, #0xa7ed\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x6329\n\t"
+        "MOVT	r1, #0x5d08\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x621\n\t"
+        "MOVT	r1, #0xeb21\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, r1\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        /* Subtract at 4 * 32 */
+        "LDM	r12, {r10, r11}\n\t"
+        "SUBS	r10, r10, r2\n\t"
+        "SBCS	r11, r11, r3\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r4\n\t"
+        "SBCS	r11, r11, r5\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBC	r11, r11, r9\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "SUB	r12, r12, #0x24\n\t"
+        "ASR	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+        "MOV	r1, #0xa0000000\n\t"
+        "MOV	r2, #0xba7d\n\t"
+        "MOVT	r2, #0x4b9e\n\t"
+        "MOV	r3, #0x4c63\n\t"
+        "MOVT	r3, #0xcb02\n\t"
+        "MOV	r4, #0xf39a\n\t"
+        "MOVT	r4, #0xd45e\n\t"
+        "MOV	r5, #0xdf3b\n\t"
+        "MOVT	r5, #0x29b\n\t"
+        "MOV	r9, #0x2000000\n\t"
+        "AND	r1, r1, lr\n\t"
+        "AND	r2, r2, lr\n\t"
+        "AND	r3, r3, lr\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, r1\n\t"
+        "ADCS	r11, r11, r2\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r3\n\t"
+        "ADCS	r11, r11, r4\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r5\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "STM	r12!, {r10}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "MOV	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "ADD	r12, r12, #0x1c\n\t"
+        "LDM	r12, {r1, r2, r3, r4, r5}\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, r3, LSR #28\n\t"
+        "LSL	r3, r3, #4\n\t"
+        "ORR	r3, r3, r2, LSR #28\n\t"
+        "LSL	r2, r2, #4\n\t"
+        "ORR	r2, r2, r1, LSR #28\n\t"
+        "BFC	r5, #29, #3\n\t"
+        "SUB	r12, r12, #0x1c\n\t"
+        /* Sub product of top 4 words and order */
+        "MOV	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+        "MOV	r1, #0x2c13\n\t"
+        "MOVT	r1, #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, lr, r2, r1\n\t"
+        "ADDS	r7, r7, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r7, lr, r3, r1\n\t"
+        "ADDS	r8, r8, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r8, lr, r4, r1\n\t"
+        "ADDS	r9, r9, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r9, lr, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -5812631b */
+        "MOV	r1, #0x9ce5\n\t"
+        "MOVT	r1, #0xa7ed\n\t"
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r10, r2, r1\n\t"
+        "ADDS	r7, r7, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r7, r10, r3, r1\n\t"
+        "ADDS	r8, r8, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r8, r10, r4, r1\n\t"
+        "ADDS	r9, r9, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -a2f79cd7 */
+        "MOV	r1, #0x6329\n\t"
+        "MOVT	r1, #0x5d08\n\t"
+        "MOV	r11, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r11, r2, r1\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r7, r11, r3, r1\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r8, r11, r4, r1\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r9, r11, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -14def9df */
+        "MOV	r1, #0x621\n\t"
+        "MOVT	r1, #0xeb21\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r12, r2, r1\n\t"
+        "ADDS	r7, r7, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r7, r12, r3, r1\n\t"
+        "ADDS	r8, r8, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r8, r12, r4, r1\n\t"
+        "ADDS	r9, r9, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r9, r12, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /* Add overflows at 4 * 32 */
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "ADDS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADC	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "SUBS	r6, r6, r2\n\t"
+        "SBCS	r7, r7, r3\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBC	r1, r1, r1\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "LDM	%[s], {r2, r3, r4, r5}\n\t"
+        "MOV	r10, #0xd3ed\n\t"
+        "MOVT	r10, #0x5cf5\n\t"
+        "MOV	r11, #0x631a\n\t"
+        "MOVT	r11, #0x5812\n\t"
+        "MOV	r12, #0x9cd6\n\t"
+        "MOVT	r12, #0xa2f7\n\t"
+        "MOV	lr, #0xf9de\n\t"
+        "MOVT	lr, #0x14de\n\t"
+        "AND	r10, r10, r1\n\t"
+        "AND	r11, r11, r1\n\t"
+        "AND	r12, r12, r1\n\t"
+        "AND	lr, lr, r1\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "AND	r1, r1, #0x10000000\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, r1\n\t"
+        "BFC	r9, #28, #4\n\t"
+        /* Store result */
+        "LDR	%[s], [sp, #52]\n\t"
+        "STM	%[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	sp, sp, #0x38\n\t"
+        : [s] "+r" (s)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_reduce(byte* s_p)
+#else
+void sc_reduce(byte* s)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* s __asm__ ("r0") = (byte*)s_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x38\n\t"
+        "STR	%[s], [sp, #52]\n\t"
+        /* Load bits 252-511 */
+        "ADD	%[s], %[s], #0x1c\n\t"
+        "LDM	%[s], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "LSR	lr, r9, #24\n\t"
+        "LSL	r9, r9, #4\n\t"
+        "ORR	r9, r9, r8, LSR #28\n\t"
+        "LSL	r8, r8, #4\n\t"
+        "ORR	r8, r8, r7, LSR #28\n\t"
+        "LSL	r7, r7, #4\n\t"
+        "ORR	r7, r7, r6, LSR #28\n\t"
+        "LSL	r6, r6, #4\n\t"
+        "ORR	r6, r6, r5, LSR #28\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, r3, LSR #28\n\t"
+        "LSL	r3, r3, #4\n\t"
+        "ORR	r3, r3, r2, LSR #28\n\t"
+        "LSL	r2, r2, #4\n\t"
+        "ORR	r2, r2, r1, LSR #28\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "SUB	%[s], %[s], #0x1c\n\t"
+        /* Add order times bits 504..511 */
+        "MOV	r10, #0x2c13\n\t"
+        "MOVT	r10, #0xa30a\n\t"
+        "MOV	r11, #0x9ce5\n\t"
+        "MOVT	r11, #0xa7ed\n\t"
+        "MOV	r1, #0x0\n\t"
+        "UMLAL	r2, r1, r10, lr\n\t"
+        "UMAAL	r3, r1, r11, lr\n\t"
+        "MOV	r10, #0x6329\n\t"
+        "MOVT	r10, #0x5d08\n\t"
+        "MOV	r11, #0x621\n\t"
+        "MOVT	r11, #0xeb21\n\t"
+        "UMAAL	r4, r1, r10, lr\n\t"
+        "UMAAL	r5, r1, r11, lr\n\t"
+        "ADDS	r6, r6, r1\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUBS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	r9, r9, #0x0\n\t"
+        /* Sub product of top 8 words and order */
+        "MOV	r12, sp\n\t"
+        "MOV	r1, #0x2c13\n\t"
+        "MOVT	r1, #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "UMAAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, r1\n\t"
+        "UMAAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, r1\n\t"
+        "UMAAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, r1\n\t"
+        "BFC	r11, #28, #4\n\t"
+        "UMAAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x9ce5\n\t"
+        "MOVT	r1, #0xa7ed\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "UMAAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, r1\n\t"
+        "UMAAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, r1\n\t"
+        "UMAAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, r1\n\t"
+        "UMAAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x6329\n\t"
+        "MOVT	r1, #0x5d08\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "UMAAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, r1\n\t"
+        "UMAAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, r1\n\t"
+        "UMAAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, r1\n\t"
+        "UMAAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	r1, #0x621\n\t"
+        "MOVT	r1, #0xeb21\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, r2, r1\n\t"
+        "UMAAL	r11, lr, r3, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, r1\n\t"
+        "UMAAL	r11, lr, r5, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, r1\n\t"
+        "UMAAL	r11, lr, r7, r1\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, r1\n\t"
+        "UMAAL	r11, lr, r9, r1\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        /* Subtract at 4 * 32 */
+        "LDM	r12, {r10, r11}\n\t"
+        "SUBS	r10, r10, r2\n\t"
+        "SBCS	r11, r11, r3\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r4\n\t"
+        "SBCS	r11, r11, r5\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBC	r11, r11, r9\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "SUB	r12, r12, #0x24\n\t"
+        "ASR	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+        "MOV	r1, #0xa0000000\n\t"
+        "MOV	r2, #0xba7d\n\t"
+        "MOVT	r2, #0x4b9e\n\t"
+        "MOV	r3, #0x4c63\n\t"
+        "MOVT	r3, #0xcb02\n\t"
+        "MOV	r4, #0xf39a\n\t"
+        "MOVT	r4, #0xd45e\n\t"
+        "MOV	r5, #0xdf3b\n\t"
+        "MOVT	r5, #0x29b\n\t"
+        "MOV	r9, #0x2000000\n\t"
+        "AND	r1, r1, lr\n\t"
+        "AND	r2, r2, lr\n\t"
+        "AND	r3, r3, lr\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, r1\n\t"
+        "ADCS	r11, r11, r2\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r3\n\t"
+        "ADCS	r11, r11, r4\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r5\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "STM	r12!, {r10}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "MOV	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "ADD	r12, r12, #0x1c\n\t"
+        "LDM	r12, {r1, r2, r3, r4, r5}\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, r3, LSR #28\n\t"
+        "LSL	r3, r3, #4\n\t"
+        "ORR	r3, r3, r2, LSR #28\n\t"
+        "LSL	r2, r2, #4\n\t"
+        "ORR	r2, r2, r1, LSR #28\n\t"
+        "BFC	r5, #29, #3\n\t"
+        "SUB	r12, r12, #0x1c\n\t"
+        /* Sub product of top 4 words and order */
+        "MOV	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+        "MOV	r1, #0x2c13\n\t"
+        "MOVT	r1, #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, lr, r2, r1\n\t"
+        "UMAAL	r7, lr, r3, r1\n\t"
+        "UMAAL	r8, lr, r4, r1\n\t"
+        "UMAAL	r9, lr, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -5812631b */
+        "MOV	r1, #0x9ce5\n\t"
+        "MOVT	r1, #0xa7ed\n\t"
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r10, r2, r1\n\t"
+        "UMAAL	r7, r10, r3, r1\n\t"
+        "UMAAL	r8, r10, r4, r1\n\t"
+        "UMAAL	r9, r10, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -a2f79cd7 */
+        "MOV	r1, #0x6329\n\t"
+        "MOVT	r1, #0x5d08\n\t"
+        "MOV	r11, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r11, r2, r1\n\t"
+        "UMAAL	r7, r11, r3, r1\n\t"
+        "UMAAL	r8, r11, r4, r1\n\t"
+        "UMAAL	r9, r11, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -14def9df */
+        "MOV	r1, #0x621\n\t"
+        "MOVT	r1, #0xeb21\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r12, r2, r1\n\t"
+        "UMAAL	r7, r12, r3, r1\n\t"
+        "UMAAL	r8, r12, r4, r1\n\t"
+        "UMAAL	r9, r12, r5, r1\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /* Add overflows at 4 * 32 */
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "ADDS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADC	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "SUBS	r6, r6, r2\n\t"
+        "SBCS	r7, r7, r3\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBC	r1, r1, r1\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "LDM	%[s], {r2, r3, r4, r5}\n\t"
+        "MOV	r10, #0xd3ed\n\t"
+        "MOVT	r10, #0x5cf5\n\t"
+        "MOV	r11, #0x631a\n\t"
+        "MOVT	r11, #0x5812\n\t"
+        "MOV	r12, #0x9cd6\n\t"
+        "MOVT	r12, #0xa2f7\n\t"
+        "MOV	lr, #0xf9de\n\t"
+        "MOVT	lr, #0x14de\n\t"
+        "AND	r10, r10, r1\n\t"
+        "AND	r11, r11, r1\n\t"
+        "AND	r12, r12, r1\n\t"
+        "AND	lr, lr, r1\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "AND	r1, r1, #0x10000000\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, r1\n\t"
+        "BFC	r9, #28, #4\n\t"
+        /* Store result */
+        "LDR	%[s], [sp, #52]\n\t"
+        "STM	%[s], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	sp, sp, #0x38\n\t"
+        : [s] "+r" (s)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#ifdef HAVE_ED25519_SIGN
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+#else
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* s __asm__ ("r0") = (byte*)s_p;
+    register const byte* a __asm__ ("r1") = (const byte*)a_p;
+    register const byte* b __asm__ ("r2") = (const byte*)b_p;
+    register const byte* c __asm__ ("r3") = (const byte*)c_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x50\n\t"
+        "ADD	lr, sp, #0x44\n\t"
+        "STM	lr, {%[s], %[a], %[c]}\n\t"
+        "MOV	%[s], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "LDR	lr, [%[b]]\n\t"
+        "UMULL	%[c], r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "UMULL	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "UMULL	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "UMULL	r9, r10, r12, lr\n\t"
+        "STR	%[c], [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "MOV	r11, %[s]\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	%[c], %[s], #0x0\n\t"
+        "UMLAL	r10, %[c], r12, lr\n\t"
+        /* A[1] * B[0] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[1] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r4, %[s], #0x0\n\t"
+        "UMLAL	%[c], r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[2] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r5, %[s], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[3] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r6, %[s], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[4] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r7, %[s], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[5] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r8, %[s], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[6] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r9, %[s], #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "LDR	r12, [%[a], #28]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	%[c], %[c], r11\n\t"
+        /* A[7] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	%[c], r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[s], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r10, %[s], #0x0\n\t"
+        "UMLAL	r9, r10, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	%[s], sp\n\t"
+        /* Add c to a * b */
+        "LDR	lr, [sp, #76]\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "LDM	lr!, {%[a], r10, r11, r12}\n\t"
+        "ADDS	%[b], %[b], %[a]\n\t"
+        "ADCS	%[c], %[c], r10\n\t"
+        "ADCS	r4, r4, r11\n\t"
+        "ADCS	r5, r5, r12\n\t"
+        "LDM	lr!, {%[a], r10, r11, r12}\n\t"
+        "ADCS	r6, r6, %[a]\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADCS	r9, r9, r12\n\t"
+        "MOV	%[a], r9\n\t"
+        "STM	%[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	%[b], %[b], #0x0\n\t"
+        "ADCS	%[c], %[c], #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUB	%[s], %[s], #0x20\n\t"
+        /* Get 252..503 and 504..507 */
+        "LSR	lr, r9, #24\n\t"
+        "LSL	r9, r9, #4\n\t"
+        "ORR	r9, r9, r8, LSR #28\n\t"
+        "LSL	r8, r8, #4\n\t"
+        "ORR	r8, r8, r7, LSR #28\n\t"
+        "LSL	r7, r7, #4\n\t"
+        "ORR	r7, r7, r6, LSR #28\n\t"
+        "LSL	r6, r6, #4\n\t"
+        "ORR	r6, r6, r5, LSR #28\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, %[c], LSR #28\n\t"
+        "LSL	%[c], %[c], #4\n\t"
+        "ORR	%[c], %[c], %[b], LSR #28\n\t"
+        "LSL	%[b], %[b], #4\n\t"
+        "ORR	%[b], %[b], %[a], LSR #28\n\t"
+        "BFC	r9, #28, #4\n\t"
+        /* Add order times bits 504..507 */
+        "MOV	r10, #0x2c13\n\t"
+        "MOVT	r10, #0xa30a\n\t"
+        "MOV	r11, #0x9ce5\n\t"
+        "MOVT	r11, #0xa7ed\n\t"
+        "MOV	%[a], #0x0\n\t"
+        "UMLAL	%[b], %[a], r10, lr\n\t"
+        "ADDS	%[c], %[c], %[a]\n\t"
+        "MOV	%[a], #0x0\n\t"
+        "ADC	%[a], %[a], #0x0\n\t"
+        "UMLAL	%[c], %[a], r11, lr\n\t"
+        "MOV	r10, #0x6329\n\t"
+        "MOVT	r10, #0x5d08\n\t"
+        "MOV	r11, #0x621\n\t"
+        "MOVT	r11, #0xeb21\n\t"
+        "ADDS	r4, r4, %[a]\n\t"
+        "MOV	%[a], #0x0\n\t"
+        "ADC	%[a], %[a], #0x0\n\t"
+        "UMLAL	r4, %[a], r10, lr\n\t"
+        "ADDS	r5, r5, %[a]\n\t"
+        "MOV	%[a], #0x0\n\t"
+        "ADC	%[a], %[a], #0x0\n\t"
+        "UMLAL	r5, %[a], r11, lr\n\t"
+        "ADDS	r6, r6, %[a]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUBS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	r9, r9, #0x0\n\t"
+        /* Sub product of top 8 words and order */
+        "MOV	r12, sp\n\t"
+        "MOV	%[a], #0x2c13\n\t"
+        "MOVT	%[a], #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, %[a]\n\t"
+        "BFC	r11, #28, #4\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x9ce5\n\t"
+        "MOVT	%[a], #0xa7ed\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x6329\n\t"
+        "MOVT	%[a], #0x5d08\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x621\n\t"
+        "MOVT	%[a], #0xeb21\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r4, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r6, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r10, lr, r8, %[a]\n\t"
+        "ADDS	r11, r11, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        /* Subtract at 4 * 32 */
+        "LDM	r12, {r10, r11}\n\t"
+        "SUBS	r10, r10, %[b]\n\t"
+        "SBCS	r11, r11, %[c]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r4\n\t"
+        "SBCS	r11, r11, r5\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBC	r11, r11, r9\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "SUB	r12, r12, #0x24\n\t"
+        "ASR	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+        "MOV	%[a], #0xa0000000\n\t"
+        "MOV	%[b], #0xba7d\n\t"
+        "MOVT	%[b], #0x4b9e\n\t"
+        "MOV	%[c], #0x4c63\n\t"
+        "MOVT	%[c], #0xcb02\n\t"
+        "MOV	r4, #0xf39a\n\t"
+        "MOVT	r4, #0xd45e\n\t"
+        "MOV	r5, #0xdf3b\n\t"
+        "MOVT	r5, #0x29b\n\t"
+        "MOV	r9, #0x2000000\n\t"
+        "AND	%[a], %[a], lr\n\t"
+        "AND	%[b], %[b], lr\n\t"
+        "AND	%[c], %[c], lr\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, %[a]\n\t"
+        "ADCS	r11, r11, %[b]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, %[c]\n\t"
+        "ADCS	r11, r11, r4\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r5\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "STM	r12!, {r10}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "MOV	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "ADD	r12, r12, #0x1c\n\t"
+        "LDM	r12, {%[a], %[b], %[c], r4, r5}\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, %[c], LSR #28\n\t"
+        "LSL	%[c], %[c], #4\n\t"
+        "ORR	%[c], %[c], %[b], LSR #28\n\t"
+        "LSL	%[b], %[b], #4\n\t"
+        "ORR	%[b], %[b], %[a], LSR #28\n\t"
+        "BFC	r5, #29, #3\n\t"
+        "SUB	r12, r12, #0x1c\n\t"
+        /* Sub product of top 4 words and order */
+        "MOV	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+        "MOV	%[a], #0x2c13\n\t"
+        "MOVT	%[a], #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, lr, %[b], %[a]\n\t"
+        "ADDS	r7, r7, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r7, lr, %[c], %[a]\n\t"
+        "ADDS	r8, r8, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r8, lr, r4, %[a]\n\t"
+        "ADDS	r9, r9, lr\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "UMLAL	r9, lr, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -5812631b */
+        "MOV	%[a], #0x9ce5\n\t"
+        "MOVT	%[a], #0xa7ed\n\t"
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r10, %[b], %[a]\n\t"
+        "ADDS	r7, r7, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r7, r10, %[c], %[a]\n\t"
+        "ADDS	r8, r8, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r8, r10, r4, %[a]\n\t"
+        "ADDS	r9, r9, r10\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -a2f79cd7 */
+        "MOV	%[a], #0x6329\n\t"
+        "MOVT	%[a], #0x5d08\n\t"
+        "MOV	r11, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r11, %[b], %[a]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r7, r11, %[c], %[a]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r8, r11, r4, %[a]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "UMLAL	r9, r11, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -14def9df */
+        "MOV	%[a], #0x621\n\t"
+        "MOVT	%[a], #0xeb21\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r12, %[b], %[a]\n\t"
+        "ADDS	r7, r7, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r7, r12, %[c], %[a]\n\t"
+        "ADDS	r8, r8, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r8, r12, r4, %[a]\n\t"
+        "ADDS	r9, r9, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "UMLAL	r9, r12, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /* Add overflows at 4 * 32 */
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "ADDS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADC	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "SUBS	r6, r6, %[b]\n\t"
+        "SBCS	r7, r7, %[c]\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBC	%[a], %[a], %[a]\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5}\n\t"
+        "MOV	r10, #0xd3ed\n\t"
+        "MOVT	r10, #0x5cf5\n\t"
+        "MOV	r11, #0x631a\n\t"
+        "MOVT	r11, #0x5812\n\t"
+        "MOV	r12, #0x9cd6\n\t"
+        "MOVT	r12, #0xa2f7\n\t"
+        "MOV	lr, #0xf9de\n\t"
+        "MOVT	lr, #0x14de\n\t"
+        "AND	r10, r10, %[a]\n\t"
+        "AND	r11, r11, %[a]\n\t"
+        "AND	r12, r12, %[a]\n\t"
+        "AND	lr, lr, %[a]\n\t"
+        "ADDS	%[b], %[b], r10\n\t"
+        "ADCS	%[c], %[c], r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "AND	%[a], %[a], #0x10000000\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, %[a]\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "LDR	%[s], [sp, #68]\n\t"
+        /* Store result */
+        "STR	%[b], [%[s]]\n\t"
+        "STR	%[c], [%[s], #4]\n\t"
+        "STR	r4, [%[s], #8]\n\t"
+        "STR	r5, [%[s], #12]\n\t"
+        "STR	r6, [%[s], #16]\n\t"
+        "STR	r7, [%[s], #20]\n\t"
+        "STR	r8, [%[s], #24]\n\t"
+        "STR	r9, [%[s], #28]\n\t"
+        "ADD	sp, sp, #0x50\n\t"
+        : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void sc_muladd(byte* s_p, const byte* a_p, const byte* b_p, const byte* c_p)
+#else
+void sc_muladd(byte* s, const byte* a, const byte* b, const byte* c)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register byte* s __asm__ ("r0") = (byte*)s_p;
+    register const byte* a __asm__ ("r1") = (const byte*)a_p;
+    register const byte* b __asm__ ("r2") = (const byte*)b_p;
+    register const byte* c __asm__ ("r3") = (const byte*)c_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x50\n\t"
+        "ADD	lr, sp, #0x44\n\t"
+        "STM	lr, {%[s], %[a], %[c]}\n\t"
+        "MOV	lr, %[b]\n\t"
+        "LDM	%[a], {%[s], %[a], %[b], %[c]}\n\t"
+        "LDM	lr!, {r4, r5, r6}\n\t"
+        "UMULL	r10, r11, %[s], r4\n\t"
+        "UMULL	r12, r7, %[a], r4\n\t"
+        "UMAAL	r11, r12, %[s], r5\n\t"
+        "UMULL	r8, r9, %[b], r4\n\t"
+        "UMAAL	r12, r8, %[a], r5\n\t"
+        "UMAAL	r12, r7, %[s], r6\n\t"
+        "UMAAL	r8, r9, %[c], r4\n\t"
+        "STM	sp, {r10, r11, r12}\n\t"
+        "UMAAL	r7, r8, %[b], r5\n\t"
+        "LDM	lr!, {r4}\n\t"
+        "UMULL	r10, r11, %[a], r6\n\t"
+        "UMAAL	r8, r9, %[b], r6\n\t"
+        "UMAAL	r7, r10, %[s], r4\n\t"
+        "UMAAL	r8, r11, %[c], r5\n\t"
+        "STR	r7, [sp, #12]\n\t"
+        "UMAAL	r8, r10, %[a], r4\n\t"
+        "UMAAL	r9, r11, %[c], r6\n\t"
+        "UMAAL	r9, r10, %[b], r4\n\t"
+        "UMAAL	r10, r11, %[c], r4\n\t"
+        "LDM	lr, {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMLAL	r8, r12, %[s], r4\n\t"
+        "UMAAL	r9, r12, %[a], r4\n\t"
+        "UMAAL	r10, r12, %[b], r4\n\t"
+        "UMAAL	r11, r12, %[c], r4\n\t"
+        "MOV	r4, #0x0\n\t"
+        "UMLAL	r9, r4, %[s], r5\n\t"
+        "UMAAL	r10, r4, %[a], r5\n\t"
+        "UMAAL	r11, r4, %[b], r5\n\t"
+        "UMAAL	r12, r4, %[c], r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, %[s], r6\n\t"
+        "UMAAL	r11, r5, %[a], r6\n\t"
+        "UMAAL	r12, r5, %[b], r6\n\t"
+        "UMAAL	r4, r5, %[c], r6\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r11, r6, %[s], r7\n\t"
+        "LDR	%[s], [sp, #72]\n\t"
+        "UMAAL	r12, r6, %[a], r7\n\t"
+        "ADD	%[s], %[s], #0x10\n\t"
+        "UMAAL	r4, r6, %[b], r7\n\t"
+        "SUB	lr, lr, #0x10\n\t"
+        "UMAAL	r5, r6, %[c], r7\n\t"
+        "LDM	%[s], {%[s], %[a], %[b], %[c]}\n\t"
+        "STR	r6, [sp, #64]\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r8, r7, %[s], r6\n\t"
+        "UMAAL	r9, r7, %[a], r6\n\t"
+        "STR	r8, [sp, #16]\n\t"
+        "UMAAL	r10, r7, %[b], r6\n\t"
+        "UMAAL	r11, r7, %[c], r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r8, #0x0\n\t"
+        "UMLAL	r9, r8, %[s], r6\n\t"
+        "UMAAL	r10, r8, %[a], r6\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "UMAAL	r11, r8, %[b], r6\n\t"
+        "UMAAL	r12, r8, %[c], r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r10, r9, %[s], r6\n\t"
+        "UMAAL	r11, r9, %[a], r6\n\t"
+        "STR	r10, [sp, #24]\n\t"
+        "UMAAL	r12, r9, %[b], r6\n\t"
+        "UMAAL	r4, r9, %[c], r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r10, #0x0\n\t"
+        "UMLAL	r11, r10, %[s], r6\n\t"
+        "UMAAL	r12, r10, %[a], r6\n\t"
+        "STR	r11, [sp, #28]\n\t"
+        "UMAAL	r4, r10, %[b], r6\n\t"
+        "UMAAL	r5, r10, %[c], r6\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r12, r7, %[s], r11\n\t"
+        "UMAAL	r4, r7, %[a], r11\n\t"
+        "LDR	r6, [sp, #64]\n\t"
+        "UMAAL	r5, r7, %[b], r11\n\t"
+        "UMAAL	r6, r7, %[c], r11\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r4, r8, %[s], r11\n\t"
+        "UMAAL	r5, r8, %[a], r11\n\t"
+        "UMAAL	r6, r8, %[b], r11\n\t"
+        "UMAAL	r7, r8, %[c], r11\n\t"
+        "LDM	lr, {r11, lr}\n\t"
+        "UMAAL	r5, r9, %[s], r11\n\t"
+        "UMAAL	r6, r10, %[s], lr\n\t"
+        "UMAAL	r6, r9, %[a], r11\n\t"
+        "UMAAL	r7, r10, %[a], lr\n\t"
+        "UMAAL	r7, r9, %[b], r11\n\t"
+        "UMAAL	r8, r10, %[b], lr\n\t"
+        "UMAAL	r8, r9, %[c], r11\n\t"
+        "UMAAL	r9, r10, %[c], lr\n\t"
+        "MOV	%[c], r12\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {%[c], r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	%[s], sp\n\t"
+        /* Add c to a * b */
+        "LDR	lr, [sp, #76]\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "LDM	lr!, {%[a], r10, r11, r12}\n\t"
+        "ADDS	%[b], %[b], %[a]\n\t"
+        "ADCS	%[c], %[c], r10\n\t"
+        "ADCS	r4, r4, r11\n\t"
+        "ADCS	r5, r5, r12\n\t"
+        "LDM	lr!, {%[a], r10, r11, r12}\n\t"
+        "ADCS	r6, r6, %[a]\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADCS	r9, r9, r12\n\t"
+        "MOV	%[a], r9\n\t"
+        "STM	%[s]!, {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	%[b], %[b], #0x0\n\t"
+        "ADCS	%[c], %[c], #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUB	%[s], %[s], #0x20\n\t"
+        /* Get 252..503 and 504..507 */
+        "LSR	lr, r9, #24\n\t"
+        "LSL	r9, r9, #4\n\t"
+        "ORR	r9, r9, r8, LSR #28\n\t"
+        "LSL	r8, r8, #4\n\t"
+        "ORR	r8, r8, r7, LSR #28\n\t"
+        "LSL	r7, r7, #4\n\t"
+        "ORR	r7, r7, r6, LSR #28\n\t"
+        "LSL	r6, r6, #4\n\t"
+        "ORR	r6, r6, r5, LSR #28\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, %[c], LSR #28\n\t"
+        "LSL	%[c], %[c], #4\n\t"
+        "ORR	%[c], %[c], %[b], LSR #28\n\t"
+        "LSL	%[b], %[b], #4\n\t"
+        "ORR	%[b], %[b], %[a], LSR #28\n\t"
+        "BFC	r9, #28, #4\n\t"
+        /* Add order times bits 504..507 */
+        "MOV	r10, #0x2c13\n\t"
+        "MOVT	r10, #0xa30a\n\t"
+        "MOV	r11, #0x9ce5\n\t"
+        "MOVT	r11, #0xa7ed\n\t"
+        "MOV	%[a], #0x0\n\t"
+        "UMLAL	%[b], %[a], r10, lr\n\t"
+        "UMAAL	%[c], %[a], r11, lr\n\t"
+        "MOV	r10, #0x6329\n\t"
+        "MOVT	r10, #0x5d08\n\t"
+        "MOV	r11, #0x621\n\t"
+        "MOVT	r11, #0xeb21\n\t"
+        "UMAAL	r4, %[a], r10, lr\n\t"
+        "UMAAL	r5, %[a], r11, lr\n\t"
+        "ADDS	r6, r6, %[a]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
+        "SUBS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	r9, r9, #0x0\n\t"
+        /* Sub product of top 8 words and order */
+        "MOV	r12, sp\n\t"
+        "MOV	%[a], #0x2c13\n\t"
+        "MOVT	%[a], #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "UMAAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, %[a]\n\t"
+        "UMAAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, %[a]\n\t"
+        "UMAAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	%[s]!, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, %[a]\n\t"
+        "BFC	r11, #28, #4\n\t"
+        "UMAAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x9ce5\n\t"
+        "MOVT	%[a], #0xa7ed\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "UMAAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, %[a]\n\t"
+        "UMAAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, %[a]\n\t"
+        "UMAAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, %[a]\n\t"
+        "UMAAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x6329\n\t"
+        "MOVT	%[a], #0x5d08\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "UMAAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, %[a]\n\t"
+        "UMAAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, %[a]\n\t"
+        "UMAAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, %[a]\n\t"
+        "UMAAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        "MOV	%[a], #0x621\n\t"
+        "MOVT	%[a], #0xeb21\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMLAL	r10, lr, %[b], %[a]\n\t"
+        "UMAAL	r11, lr, %[c], %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r4, %[a]\n\t"
+        "UMAAL	r11, lr, r5, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r6, %[a]\n\t"
+        "UMAAL	r11, lr, r7, %[a]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "UMAAL	r10, lr, r8, %[a]\n\t"
+        "UMAAL	r11, lr, r9, %[a]\n\t"
+        "STM	r12!, {r10, r11, lr}\n\t"
+        "SUB	r12, r12, #0x20\n\t"
+        /* Subtract at 4 * 32 */
+        "LDM	r12, {r10, r11}\n\t"
+        "SUBS	r10, r10, %[b]\n\t"
+        "SBCS	r11, r11, %[c]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r4\n\t"
+        "SBCS	r11, r11, r5\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "SBCS	r10, r10, r8\n\t"
+        "SBC	r11, r11, r9\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "SUB	r12, r12, #0x24\n\t"
+        "ASR	lr, r11, #25\n\t"
+        /* Conditionally subtract order starting at bit 125 */
+        "MOV	%[a], #0xa0000000\n\t"
+        "MOV	%[b], #0xba7d\n\t"
+        "MOVT	%[b], #0x4b9e\n\t"
+        "MOV	%[c], #0x4c63\n\t"
+        "MOVT	%[c], #0xcb02\n\t"
+        "MOV	r4, #0xf39a\n\t"
+        "MOVT	r4, #0xd45e\n\t"
+        "MOV	r5, #0xdf3b\n\t"
+        "MOVT	r5, #0x29b\n\t"
+        "MOV	r9, #0x2000000\n\t"
+        "AND	%[a], %[a], lr\n\t"
+        "AND	%[b], %[b], lr\n\t"
+        "AND	%[c], %[c], lr\n\t"
+        "AND	r4, r4, lr\n\t"
+        "AND	r5, r5, lr\n\t"
+        "AND	r9, r9, lr\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADDS	r10, r10, %[a]\n\t"
+        "ADCS	r11, r11, %[b]\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, %[c]\n\t"
+        "ADCS	r11, r11, r4\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, r5\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10, r11}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	r12!, {r10, r11}\n\t"
+        "LDM	r12, {r10}\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "STM	r12!, {r10}\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "MOV	r12, sp\n\t"
+        /* Load bits 252-376 */
+        "ADD	r12, r12, #0x1c\n\t"
+        "LDM	r12, {%[a], %[b], %[c], r4, r5}\n\t"
+        "LSL	r5, r5, #4\n\t"
+        "ORR	r5, r5, r4, LSR #28\n\t"
+        "LSL	r4, r4, #4\n\t"
+        "ORR	r4, r4, %[c], LSR #28\n\t"
+        "LSL	%[c], %[c], #4\n\t"
+        "ORR	%[c], %[c], %[b], LSR #28\n\t"
+        "LSL	%[b], %[b], #4\n\t"
+        "ORR	%[b], %[b], %[a], LSR #28\n\t"
+        "BFC	r5, #29, #3\n\t"
+        "SUB	r12, r12, #0x1c\n\t"
+        /* Sub product of top 4 words and order */
+        "MOV	%[s], sp\n\t"
+        /*   * -5cf5d3ed */
+        "MOV	%[a], #0x2c13\n\t"
+        "MOVT	%[a], #0xa30a\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, lr, %[b], %[a]\n\t"
+        "UMAAL	r7, lr, %[c], %[a]\n\t"
+        "UMAAL	r8, lr, r4, %[a]\n\t"
+        "UMAAL	r9, lr, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -5812631b */
+        "MOV	%[a], #0x9ce5\n\t"
+        "MOVT	%[a], #0xa7ed\n\t"
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r10, %[b], %[a]\n\t"
+        "UMAAL	r7, r10, %[c], %[a]\n\t"
+        "UMAAL	r8, r10, r4, %[a]\n\t"
+        "UMAAL	r9, r10, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -a2f79cd7 */
+        "MOV	%[a], #0x6329\n\t"
+        "MOVT	%[a], #0x5d08\n\t"
+        "MOV	r11, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r11, %[b], %[a]\n\t"
+        "UMAAL	r7, r11, %[c], %[a]\n\t"
+        "UMAAL	r8, r11, r4, %[a]\n\t"
+        "UMAAL	r9, r11, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /*   * -14def9df */
+        "MOV	%[a], #0x621\n\t"
+        "MOVT	%[a], #0xeb21\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "UMLAL	r6, r12, %[b], %[a]\n\t"
+        "UMAAL	r7, r12, %[c], %[a]\n\t"
+        "UMAAL	r8, r12, r4, %[a]\n\t"
+        "UMAAL	r9, r12, r5, %[a]\n\t"
+        "STM	%[s], {r6, r7, r8, r9}\n\t"
+        "ADD	%[s], %[s], #0x4\n\t"
+        /* Add overflows at 4 * 32 */
+        "LDM	%[s], {r6, r7, r8, r9}\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "ADDS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADCS	r8, r8, r11\n\t"
+        "ADC	r9, r9, r12\n\t"
+        /* Subtract top at 4 * 32 */
+        "SUBS	r6, r6, %[b]\n\t"
+        "SBCS	r7, r7, %[c]\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBC	%[a], %[a], %[a]\n\t"
+        "SUB	%[s], %[s], #0x10\n\t"
+        "LDM	%[s], {%[b], %[c], r4, r5}\n\t"
+        "MOV	r10, #0xd3ed\n\t"
+        "MOVT	r10, #0x5cf5\n\t"
+        "MOV	r11, #0x631a\n\t"
+        "MOVT	r11, #0x5812\n\t"
+        "MOV	r12, #0x9cd6\n\t"
+        "MOVT	r12, #0xa2f7\n\t"
+        "MOV	lr, #0xf9de\n\t"
+        "MOVT	lr, #0x14de\n\t"
+        "AND	r10, r10, %[a]\n\t"
+        "AND	r11, r11, %[a]\n\t"
+        "AND	r12, r12, %[a]\n\t"
+        "AND	lr, lr, %[a]\n\t"
+        "ADDS	%[b], %[b], r10\n\t"
+        "ADCS	%[c], %[c], r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADCS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "AND	%[a], %[a], #0x10000000\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r9, r9, %[a]\n\t"
+        "BFC	r9, #28, #4\n\t"
+        "LDR	%[s], [sp, #68]\n\t"
+        /* Store result */
+        "STR	%[b], [%[s]]\n\t"
+        "STR	%[c], [%[s], #4]\n\t"
+        "STR	r4, [%[s], #8]\n\t"
+        "STR	r5, [%[s], #12]\n\t"
+        "STR	r6, [%[s], #16]\n\t"
+        "STR	r7, [%[s], #20]\n\t"
+        "STR	r8, [%[s], #24]\n\t"
+        "STR	r9, [%[s], #28]\n\t"
+        "ADD	sp, sp, #0x50\n\t"
+        : [s] "+r" (s), [a] "+r" (a), [b] "+r" (b), [c] "+r" (c)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* HAVE_ED25519_SIGN */
+#endif /* HAVE_ED25519 */
+
+#endif /* !CURVE25519_SMALL || !ED25519_SMALL */
+#endif /* HAVE_CURVE25519 || HAVE_ED25519 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
new file mode 100644
index 00000000..30d8dc76
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
@@ -0,0 +1,1490 @@
+/* thumb2-sha256-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./sha2/sha256.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+	.thumb
+	.syntax unified
+#ifndef NO_SHA256
+#ifdef WOLFSSL_ARMASM_NO_NEON
+	.text
+	.type	L_SHA256_transform_len_k, %object
+	.size	L_SHA256_transform_len_k, 256
+	.align	4
+L_SHA256_transform_len_k:
+	.word	0x428a2f98
+	.word	0x71374491
+	.word	0xb5c0fbcf
+	.word	0xe9b5dba5
+	.word	0x3956c25b
+	.word	0x59f111f1
+	.word	0x923f82a4
+	.word	0xab1c5ed5
+	.word	0xd807aa98
+	.word	0x12835b01
+	.word	0x243185be
+	.word	0x550c7dc3
+	.word	0x72be5d74
+	.word	0x80deb1fe
+	.word	0x9bdc06a7
+	.word	0xc19bf174
+	.word	0xe49b69c1
+	.word	0xefbe4786
+	.word	0xfc19dc6
+	.word	0x240ca1cc
+	.word	0x2de92c6f
+	.word	0x4a7484aa
+	.word	0x5cb0a9dc
+	.word	0x76f988da
+	.word	0x983e5152
+	.word	0xa831c66d
+	.word	0xb00327c8
+	.word	0xbf597fc7
+	.word	0xc6e00bf3
+	.word	0xd5a79147
+	.word	0x6ca6351
+	.word	0x14292967
+	.word	0x27b70a85
+	.word	0x2e1b2138
+	.word	0x4d2c6dfc
+	.word	0x53380d13
+	.word	0x650a7354
+	.word	0x766a0abb
+	.word	0x81c2c92e
+	.word	0x92722c85
+	.word	0xa2bfe8a1
+	.word	0xa81a664b
+	.word	0xc24b8b70
+	.word	0xc76c51a3
+	.word	0xd192e819
+	.word	0xd6990624
+	.word	0xf40e3585
+	.word	0x106aa070
+	.word	0x19a4c116
+	.word	0x1e376c08
+	.word	0x2748774c
+	.word	0x34b0bcb5
+	.word	0x391c0cb3
+	.word	0x4ed8aa4a
+	.word	0x5b9cca4f
+	.word	0x682e6ff3
+	.word	0x748f82ee
+	.word	0x78a5636f
+	.word	0x84c87814
+	.word	0x8cc70208
+	.word	0x90befffa
+	.word	0xa4506ceb
+	.word	0xbef9a3f7
+	.word	0xc67178f2
+	.text
+	.align	4
+	.globl	Transform_Sha256_Len
+	.type	Transform_Sha256_Len, %function
+Transform_Sha256_Len:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xc0
+	ADR	r3, L_SHA256_transform_len_k
+	/* Copy digest to add in at end */
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r10, r11, [r0, #24]
+	STRD	r4, r5, [sp, #64]
+	STRD	r6, r7, [sp, #72]
+	STRD	r8, r9, [sp, #80]
+	STRD	r10, r11, [sp, #88]
+	/* Start of loop processing a block */
+L_SHA256_transform_len_begin:
+	/* Load, Reverse and Store W - 64 bytes */
+	LDR	r4, [r1]
+	LDR	r5, [r1, #4]
+	LDR	r6, [r1, #8]
+	LDR	r7, [r1, #12]
+	LDR	r8, [r1, #16]
+	LDR	r9, [r1, #20]
+	LDR	r10, [r1, #24]
+	LDR	r11, [r1, #28]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STRD	r4, r5, [sp]
+	STRD	r6, r7, [sp, #8]
+	STRD	r8, r9, [sp, #16]
+	STRD	r10, r11, [sp, #24]
+	LDR	r4, [r1, #32]
+	LDR	r5, [r1, #36]
+	LDR	r6, [r1, #40]
+	LDR	r7, [r1, #44]
+	LDR	r8, [r1, #48]
+	LDR	r9, [r1, #52]
+	LDR	r10, [r1, #56]
+	LDR	r11, [r1, #60]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STRD	r4, r5, [sp, #32]
+	STRD	r6, r7, [sp, #40]
+	STRD	r8, r9, [sp, #48]
+	STRD	r10, r11, [sp, #56]
+	LDR	r11, [r0, #4]
+	LDR	r4, [r0, #8]
+	EOR	r11, r11, r4
+	MOV	r12, #0x3
+	/* Start of 16 rounds */
+L_SHA256_transform_len_start:
+	/* Round 0 */
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r9, [r0, #28]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp]
+	LDR	r6, [r3]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r8, [r0, #12]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #12]
+	STR	r9, [r0, #28]
+	/* Calc new W[0] */
+	LDR	r6, [sp, #56]
+	LDR	r7, [sp, #36]
+	LDR	r8, [sp, #4]
+	LDR	r9, [sp]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp]
+	/* Round 1 */
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r9, [r0, #24]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #4]
+	LDR	r6, [r3, #4]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r8, [r0, #8]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #8]
+	STR	r9, [r0, #24]
+	/* Calc new W[1] */
+	LDR	r6, [sp, #60]
+	LDR	r7, [sp, #40]
+	LDR	r8, [sp, #8]
+	LDR	r9, [sp, #4]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #4]
+	/* Round 2 */
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r9, [r0, #20]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #8]
+	LDR	r6, [r3, #8]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r8, [r0, #4]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #4]
+	STR	r9, [r0, #20]
+	/* Calc new W[2] */
+	LDR	r6, [sp]
+	LDR	r7, [sp, #44]
+	LDR	r8, [sp, #12]
+	LDR	r9, [sp, #8]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #8]
+	/* Round 3 */
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r9, [r0, #16]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #12]
+	LDR	r6, [r3, #12]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r8, [r0]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0]
+	STR	r9, [r0, #16]
+	/* Calc new W[3] */
+	LDR	r6, [sp, #4]
+	LDR	r7, [sp, #48]
+	LDR	r8, [sp, #16]
+	LDR	r9, [sp, #12]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #12]
+	/* Round 4 */
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r9, [r0, #12]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #16]
+	LDR	r6, [r3, #16]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r8, [r0, #28]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #28]
+	STR	r9, [r0, #12]
+	/* Calc new W[4] */
+	LDR	r6, [sp, #8]
+	LDR	r7, [sp, #52]
+	LDR	r8, [sp, #20]
+	LDR	r9, [sp, #16]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #16]
+	/* Round 5 */
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r9, [r0, #8]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #20]
+	LDR	r6, [r3, #20]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r8, [r0, #24]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #8]
+	/* Calc new W[5] */
+	LDR	r6, [sp, #12]
+	LDR	r7, [sp, #56]
+	LDR	r8, [sp, #24]
+	LDR	r9, [sp, #20]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #20]
+	/* Round 6 */
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r9, [r0, #4]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #24]
+	LDR	r6, [r3, #24]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r8, [r0, #20]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #20]
+	STR	r9, [r0, #4]
+	/* Calc new W[6] */
+	LDR	r6, [sp, #16]
+	LDR	r7, [sp, #60]
+	LDR	r8, [sp, #28]
+	LDR	r9, [sp, #24]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #24]
+	/* Round 7 */
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r9, [r0]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #28]
+	LDR	r6, [r3, #28]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r8, [r0, #16]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #16]
+	STR	r9, [r0]
+	/* Calc new W[7] */
+	LDR	r6, [sp, #20]
+	LDR	r7, [sp]
+	LDR	r8, [sp, #32]
+	LDR	r9, [sp, #28]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #28]
+	/* Round 8 */
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r9, [r0, #28]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #32]
+	LDR	r6, [r3, #32]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r8, [r0, #12]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #12]
+	STR	r9, [r0, #28]
+	/* Calc new W[8] */
+	LDR	r6, [sp, #24]
+	LDR	r7, [sp, #4]
+	LDR	r8, [sp, #36]
+	LDR	r9, [sp, #32]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #32]
+	/* Round 9 */
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r9, [r0, #24]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #36]
+	LDR	r6, [r3, #36]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r8, [r0, #8]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #8]
+	STR	r9, [r0, #24]
+	/* Calc new W[9] */
+	LDR	r6, [sp, #28]
+	LDR	r7, [sp, #8]
+	LDR	r8, [sp, #40]
+	LDR	r9, [sp, #36]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #36]
+	/* Round 10 */
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r9, [r0, #20]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #40]
+	LDR	r6, [r3, #40]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r8, [r0, #4]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #4]
+	STR	r9, [r0, #20]
+	/* Calc new W[10] */
+	LDR	r6, [sp, #32]
+	LDR	r7, [sp, #12]
+	LDR	r8, [sp, #44]
+	LDR	r9, [sp, #40]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #40]
+	/* Round 11 */
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r9, [r0, #16]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #44]
+	LDR	r6, [r3, #44]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r8, [r0]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0]
+	STR	r9, [r0, #16]
+	/* Calc new W[11] */
+	LDR	r6, [sp, #36]
+	LDR	r7, [sp, #16]
+	LDR	r8, [sp, #48]
+	LDR	r9, [sp, #44]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #44]
+	/* Round 12 */
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r9, [r0, #12]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #48]
+	LDR	r6, [r3, #48]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r8, [r0, #28]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #28]
+	STR	r9, [r0, #12]
+	/* Calc new W[12] */
+	LDR	r6, [sp, #40]
+	LDR	r7, [sp, #20]
+	LDR	r8, [sp, #52]
+	LDR	r9, [sp, #48]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #48]
+	/* Round 13 */
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r9, [r0, #8]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #52]
+	LDR	r6, [r3, #52]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r8, [r0, #24]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #8]
+	/* Calc new W[13] */
+	LDR	r6, [sp, #44]
+	LDR	r7, [sp, #24]
+	LDR	r8, [sp, #56]
+	LDR	r9, [sp, #52]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #52]
+	/* Round 14 */
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r9, [r0, #4]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #56]
+	LDR	r6, [r3, #56]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r8, [r0, #20]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #20]
+	STR	r9, [r0, #4]
+	/* Calc new W[14] */
+	LDR	r6, [sp, #48]
+	LDR	r7, [sp, #28]
+	LDR	r8, [sp, #60]
+	LDR	r9, [sp, #56]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #56]
+	/* Round 15 */
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r9, [r0]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #60]
+	LDR	r6, [r3, #60]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r8, [r0, #16]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #16]
+	STR	r9, [r0]
+	/* Calc new W[15] */
+	LDR	r6, [sp, #52]
+	LDR	r7, [sp, #32]
+	LDR	r8, [sp]
+	LDR	r9, [sp, #60]
+	ROR	r4, r6, #17
+	ROR	r5, r8, #7
+	EOR	r4, r4, r6, ROR #19
+	EOR	r5, r5, r8, ROR #18
+	EOR	r4, r4, r6, LSR #10
+	EOR	r5, r5, r8, LSR #3
+	ADD	r9, r9, r7
+	ADD	r4, r4, r5
+	ADD	r9, r9, r4
+	STR	r9, [sp, #60]
+	ADD	r3, r3, #0x40
+	SUBS	r12, r12, #0x1
+#ifdef __GNUC__
+	BNE	L_SHA256_transform_len_start
+#else
+	BNE.W	L_SHA256_transform_len_start
+#endif
+	/* Round 0 */
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r9, [r0, #28]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp]
+	LDR	r6, [r3]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r8, [r0, #12]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #12]
+	STR	r9, [r0, #28]
+	/* Round 1 */
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r9, [r0, #24]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #4]
+	LDR	r6, [r3, #4]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r8, [r0, #8]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #8]
+	STR	r9, [r0, #24]
+	/* Round 2 */
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r9, [r0, #20]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #8]
+	LDR	r6, [r3, #8]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r8, [r0, #4]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #4]
+	STR	r9, [r0, #20]
+	/* Round 3 */
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r9, [r0, #16]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #12]
+	LDR	r6, [r3, #12]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r8, [r0]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0]
+	STR	r9, [r0, #16]
+	/* Round 4 */
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r9, [r0, #12]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #16]
+	LDR	r6, [r3, #16]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r8, [r0, #28]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #28]
+	STR	r9, [r0, #12]
+	/* Round 5 */
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r9, [r0, #8]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #20]
+	LDR	r6, [r3, #20]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r8, [r0, #24]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #8]
+	/* Round 6 */
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r9, [r0, #4]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #24]
+	LDR	r6, [r3, #24]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r8, [r0, #20]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #20]
+	STR	r9, [r0, #4]
+	/* Round 7 */
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r9, [r0]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #28]
+	LDR	r6, [r3, #28]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r8, [r0, #16]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #16]
+	STR	r9, [r0]
+	/* Round 8 */
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r9, [r0, #28]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #32]
+	LDR	r6, [r3, #32]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r8, [r0, #12]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #12]
+	STR	r9, [r0, #28]
+	/* Round 9 */
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r9, [r0, #24]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #36]
+	LDR	r6, [r3, #36]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r8, [r0, #8]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #8]
+	STR	r9, [r0, #24]
+	/* Round 10 */
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r9, [r0, #20]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #40]
+	LDR	r6, [r3, #40]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r8, [r0, #4]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #4]
+	STR	r9, [r0, #20]
+	/* Round 11 */
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r9, [r0, #16]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #44]
+	LDR	r6, [r3, #44]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r8, [r0]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0]
+	STR	r9, [r0, #16]
+	/* Round 12 */
+	LDR	r5, [r0]
+	LDR	r6, [r0, #4]
+	LDR	r7, [r0, #8]
+	LDR	r9, [r0, #12]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #48]
+	LDR	r6, [r3, #48]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #16]
+	LDR	r6, [r0, #20]
+	LDR	r7, [r0, #24]
+	LDR	r8, [r0, #28]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #28]
+	STR	r9, [r0, #12]
+	/* Round 13 */
+	LDR	r5, [r0, #28]
+	LDR	r6, [r0]
+	LDR	r7, [r0, #4]
+	LDR	r9, [r0, #8]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #52]
+	LDR	r6, [r3, #52]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #12]
+	LDR	r6, [r0, #16]
+	LDR	r7, [r0, #20]
+	LDR	r8, [r0, #24]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #24]
+	STR	r9, [r0, #8]
+	/* Round 14 */
+	LDR	r5, [r0, #24]
+	LDR	r6, [r0, #28]
+	LDR	r7, [r0]
+	LDR	r9, [r0, #4]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #56]
+	LDR	r6, [r3, #56]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #8]
+	LDR	r6, [r0, #12]
+	LDR	r7, [r0, #16]
+	LDR	r8, [r0, #20]
+	ROR	r4, r5, #2
+	EOR	r10, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r11, r11, r10
+	EOR	r4, r4, r5, ROR #22
+	EOR	r11, r11, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r11
+	STR	r8, [r0, #20]
+	STR	r9, [r0, #4]
+	/* Round 15 */
+	LDR	r5, [r0, #20]
+	LDR	r6, [r0, #24]
+	LDR	r7, [r0, #28]
+	LDR	r9, [r0]
+	ROR	r4, r5, #6
+	EOR	r6, r6, r7
+	EOR	r4, r4, r5, ROR #11
+	AND	r6, r6, r5
+	EOR	r4, r4, r5, ROR #25
+	EOR	r6, r6, r7
+	ADD	r9, r9, r4
+	ADD	r9, r9, r6
+	LDR	r5, [sp, #60]
+	LDR	r6, [r3, #60]
+	ADD	r9, r9, r5
+	ADD	r9, r9, r6
+	LDR	r5, [r0, #4]
+	LDR	r6, [r0, #8]
+	LDR	r7, [r0, #12]
+	LDR	r8, [r0, #16]
+	ROR	r4, r5, #2
+	EOR	r11, r5, r6
+	EOR	r4, r4, r5, ROR #13
+	AND	r10, r10, r11
+	EOR	r4, r4, r5, ROR #22
+	EOR	r10, r10, r6
+	ADD	r8, r8, r9
+	ADD	r9, r9, r4
+	ADD	r9, r9, r10
+	STR	r8, [r0, #16]
+	STR	r9, [r0]
+	/* Add in digest from start */
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [sp, #64]
+	LDRD	r10, r11, [sp, #72]
+	ADD	r4, r4, r8
+	ADD	r5, r5, r9
+	ADD	r6, r6, r10
+	ADD	r7, r7, r11
+	STRD	r4, r5, [r0]
+	STRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [sp, #64]
+	STRD	r6, r7, [sp, #72]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [sp, #80]
+	LDRD	r10, r11, [sp, #88]
+	ADD	r4, r4, r8
+	ADD	r5, r5, r9
+	ADD	r6, r6, r10
+	ADD	r7, r7, r11
+	STRD	r4, r5, [r0, #16]
+	STRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [sp, #80]
+	STRD	r6, r7, [sp, #88]
+	SUBS	r2, r2, #0x40
+	SUB	r3, r3, #0xc0
+	ADD	r1, r1, #0x40
+#ifdef __GNUC__
+	BNE	L_SHA256_transform_len_begin
+#else
+	BNE.W	L_SHA256_transform_len_begin
+#endif
+	ADD	sp, sp, #0xc0
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 1874 */
+	.size	Transform_Sha256_Len,.-Transform_Sha256_Len
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* !NO_SHA256 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section        .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
new file mode 100644
index 00000000..4654dd21
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm_c.c
@@ -0,0 +1,1477 @@
+/* thumb2-sha256-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./sha2/sha256.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha256-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+#ifndef NO_SHA256
+#include <wolfssl/wolfcrypt/sha256.h>
+
+#ifdef WOLFSSL_ARMASM_NO_NEON
+static const uint32_t L_SHA256_transform_len_k[] = {
+    0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
+    0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+    0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
+    0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+    0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
+    0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+    0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
+    0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+    0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
+    0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+    0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
+    0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+    0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
+    0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+    0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
+    0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
+};
+
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void Transform_Sha256_Len(wc_Sha256* sha256_p, const byte* data_p, word32 len_p)
+#else
+void Transform_Sha256_Len(wc_Sha256* sha256, const byte* data, word32 len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register wc_Sha256* sha256 __asm__ ("r0") = (wc_Sha256*)sha256_p;
+    register const byte* data __asm__ ("r1") = (const byte*)data_p;
+    register word32 len __asm__ ("r2") = (word32)len_p;
+    register uint32_t* L_SHA256_transform_len_k_c __asm__ ("r3") = (uint32_t*)&L_SHA256_transform_len_k;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xc0\n\t"
+        "MOV	r3, %[L_SHA256_transform_len_k]\n\t"
+        /* Copy digest to add in at end */
+        "LDRD	r4, r5, [%[sha256]]\n\t"
+        "LDRD	r6, r7, [%[sha256], #8]\n\t"
+        "LDRD	r8, r9, [%[sha256], #16]\n\t"
+        "LDRD	r10, r11, [%[sha256], #24]\n\t"
+        "STRD	r4, r5, [sp, #64]\n\t"
+        "STRD	r6, r7, [sp, #72]\n\t"
+        "STRD	r8, r9, [sp, #80]\n\t"
+        "STRD	r10, r11, [sp, #88]\n\t"
+        /* Start of loop processing a block */
+        "\n"
+    "L_SHA256_transform_len_begin:\n\t"
+        /* Load, Reverse and Store W - 64 bytes */
+        "LDR	r4, [%[data]]\n\t"
+        "LDR	r5, [%[data], #4]\n\t"
+        "LDR	r6, [%[data], #8]\n\t"
+        "LDR	r7, [%[data], #12]\n\t"
+        "LDR	r8, [%[data], #16]\n\t"
+        "LDR	r9, [%[data], #20]\n\t"
+        "LDR	r10, [%[data], #24]\n\t"
+        "LDR	r11, [%[data], #28]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STRD	r4, r5, [sp]\n\t"
+        "STRD	r6, r7, [sp, #8]\n\t"
+        "STRD	r8, r9, [sp, #16]\n\t"
+        "STRD	r10, r11, [sp, #24]\n\t"
+        "LDR	r4, [%[data], #32]\n\t"
+        "LDR	r5, [%[data], #36]\n\t"
+        "LDR	r6, [%[data], #40]\n\t"
+        "LDR	r7, [%[data], #44]\n\t"
+        "LDR	r8, [%[data], #48]\n\t"
+        "LDR	r9, [%[data], #52]\n\t"
+        "LDR	r10, [%[data], #56]\n\t"
+        "LDR	r11, [%[data], #60]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STRD	r4, r5, [sp, #32]\n\t"
+        "STRD	r6, r7, [sp, #40]\n\t"
+        "STRD	r8, r9, [sp, #48]\n\t"
+        "STRD	r10, r11, [sp, #56]\n\t"
+        "LDR	r11, [%[sha256], #4]\n\t"
+        "LDR	r4, [%[sha256], #8]\n\t"
+        "EOR	r11, r11, r4\n\t"
+        "MOV	r12, #0x3\n\t"
+        /* Start of 16 rounds */
+        "\n"
+    "L_SHA256_transform_len_start:\n\t"
+        /* Round 0 */
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r9, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp]\n\t"
+        "LDR	r6, [r3]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r8, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #12]\n\t"
+        "STR	r9, [%[sha256], #28]\n\t"
+        /* Calc new W[0] */
+        "LDR	r6, [sp, #56]\n\t"
+        "LDR	r7, [sp, #36]\n\t"
+        "LDR	r8, [sp, #4]\n\t"
+        "LDR	r9, [sp]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp]\n\t"
+        /* Round 1 */
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r9, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #4]\n\t"
+        "LDR	r6, [r3, #4]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r8, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #8]\n\t"
+        "STR	r9, [%[sha256], #24]\n\t"
+        /* Calc new W[1] */
+        "LDR	r6, [sp, #60]\n\t"
+        "LDR	r7, [sp, #40]\n\t"
+        "LDR	r8, [sp, #8]\n\t"
+        "LDR	r9, [sp, #4]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #4]\n\t"
+        /* Round 2 */
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r9, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #8]\n\t"
+        "LDR	r6, [r3, #8]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r8, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #4]\n\t"
+        "STR	r9, [%[sha256], #20]\n\t"
+        /* Calc new W[2] */
+        "LDR	r6, [sp]\n\t"
+        "LDR	r7, [sp, #44]\n\t"
+        "LDR	r8, [sp, #12]\n\t"
+        "LDR	r9, [sp, #8]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #8]\n\t"
+        /* Round 3 */
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r9, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #12]\n\t"
+        "LDR	r6, [r3, #12]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r8, [%[sha256]]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256]]\n\t"
+        "STR	r9, [%[sha256], #16]\n\t"
+        /* Calc new W[3] */
+        "LDR	r6, [sp, #4]\n\t"
+        "LDR	r7, [sp, #48]\n\t"
+        "LDR	r8, [sp, #16]\n\t"
+        "LDR	r9, [sp, #12]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #12]\n\t"
+        /* Round 4 */
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r9, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #16]\n\t"
+        "LDR	r6, [r3, #16]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r8, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #28]\n\t"
+        "STR	r9, [%[sha256], #12]\n\t"
+        /* Calc new W[4] */
+        "LDR	r6, [sp, #8]\n\t"
+        "LDR	r7, [sp, #52]\n\t"
+        "LDR	r8, [sp, #20]\n\t"
+        "LDR	r9, [sp, #16]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        /* Round 5 */
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r9, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #20]\n\t"
+        "LDR	r6, [r3, #20]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r8, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #24]\n\t"
+        "STR	r9, [%[sha256], #8]\n\t"
+        /* Calc new W[5] */
+        "LDR	r6, [sp, #12]\n\t"
+        "LDR	r7, [sp, #56]\n\t"
+        "LDR	r8, [sp, #24]\n\t"
+        "LDR	r9, [sp, #20]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        /* Round 6 */
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r9, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #24]\n\t"
+        "LDR	r6, [r3, #24]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r8, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #20]\n\t"
+        "STR	r9, [%[sha256], #4]\n\t"
+        /* Calc new W[6] */
+        "LDR	r6, [sp, #16]\n\t"
+        "LDR	r7, [sp, #60]\n\t"
+        "LDR	r8, [sp, #28]\n\t"
+        "LDR	r9, [sp, #24]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        /* Round 7 */
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r9, [%[sha256]]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #28]\n\t"
+        "LDR	r6, [r3, #28]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r8, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #16]\n\t"
+        "STR	r9, [%[sha256]]\n\t"
+        /* Calc new W[7] */
+        "LDR	r6, [sp, #20]\n\t"
+        "LDR	r7, [sp]\n\t"
+        "LDR	r8, [sp, #32]\n\t"
+        "LDR	r9, [sp, #28]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #28]\n\t"
+        /* Round 8 */
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r9, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #32]\n\t"
+        "LDR	r6, [r3, #32]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r8, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #12]\n\t"
+        "STR	r9, [%[sha256], #28]\n\t"
+        /* Calc new W[8] */
+        "LDR	r6, [sp, #24]\n\t"
+        "LDR	r7, [sp, #4]\n\t"
+        "LDR	r8, [sp, #36]\n\t"
+        "LDR	r9, [sp, #32]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #32]\n\t"
+        /* Round 9 */
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r9, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #36]\n\t"
+        "LDR	r6, [r3, #36]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r8, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #8]\n\t"
+        "STR	r9, [%[sha256], #24]\n\t"
+        /* Calc new W[9] */
+        "LDR	r6, [sp, #28]\n\t"
+        "LDR	r7, [sp, #8]\n\t"
+        "LDR	r8, [sp, #40]\n\t"
+        "LDR	r9, [sp, #36]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #36]\n\t"
+        /* Round 10 */
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r9, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #40]\n\t"
+        "LDR	r6, [r3, #40]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r8, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #4]\n\t"
+        "STR	r9, [%[sha256], #20]\n\t"
+        /* Calc new W[10] */
+        "LDR	r6, [sp, #32]\n\t"
+        "LDR	r7, [sp, #12]\n\t"
+        "LDR	r8, [sp, #44]\n\t"
+        "LDR	r9, [sp, #40]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #40]\n\t"
+        /* Round 11 */
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r9, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #44]\n\t"
+        "LDR	r6, [r3, #44]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r8, [%[sha256]]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256]]\n\t"
+        "STR	r9, [%[sha256], #16]\n\t"
+        /* Calc new W[11] */
+        "LDR	r6, [sp, #36]\n\t"
+        "LDR	r7, [sp, #16]\n\t"
+        "LDR	r8, [sp, #48]\n\t"
+        "LDR	r9, [sp, #44]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #44]\n\t"
+        /* Round 12 */
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r9, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #48]\n\t"
+        "LDR	r6, [r3, #48]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r8, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #28]\n\t"
+        "STR	r9, [%[sha256], #12]\n\t"
+        /* Calc new W[12] */
+        "LDR	r6, [sp, #40]\n\t"
+        "LDR	r7, [sp, #20]\n\t"
+        "LDR	r8, [sp, #52]\n\t"
+        "LDR	r9, [sp, #48]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #48]\n\t"
+        /* Round 13 */
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r9, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #52]\n\t"
+        "LDR	r6, [r3, #52]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r8, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #24]\n\t"
+        "STR	r9, [%[sha256], #8]\n\t"
+        /* Calc new W[13] */
+        "LDR	r6, [sp, #44]\n\t"
+        "LDR	r7, [sp, #24]\n\t"
+        "LDR	r8, [sp, #56]\n\t"
+        "LDR	r9, [sp, #52]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #52]\n\t"
+        /* Round 14 */
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r9, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #56]\n\t"
+        "LDR	r6, [r3, #56]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r8, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #20]\n\t"
+        "STR	r9, [%[sha256], #4]\n\t"
+        /* Calc new W[14] */
+        "LDR	r6, [sp, #48]\n\t"
+        "LDR	r7, [sp, #28]\n\t"
+        "LDR	r8, [sp, #60]\n\t"
+        "LDR	r9, [sp, #56]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #56]\n\t"
+        /* Round 15 */
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r9, [%[sha256]]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #60]\n\t"
+        "LDR	r6, [r3, #60]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r8, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #16]\n\t"
+        "STR	r9, [%[sha256]]\n\t"
+        /* Calc new W[15] */
+        "LDR	r6, [sp, #52]\n\t"
+        "LDR	r7, [sp, #32]\n\t"
+        "LDR	r8, [sp]\n\t"
+        "LDR	r9, [sp, #60]\n\t"
+        "ROR	r4, r6, #17\n\t"
+        "ROR	r5, r8, #7\n\t"
+        "EOR	r4, r4, r6, ROR #19\n\t"
+        "EOR	r5, r5, r8, ROR #18\n\t"
+        "EOR	r4, r4, r6, LSR #10\n\t"
+        "EOR	r5, r5, r8, LSR #3\n\t"
+        "ADD	r9, r9, r7\n\t"
+        "ADD	r4, r4, r5\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "STR	r9, [sp, #60]\n\t"
+        "ADD	r3, r3, #0x40\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#ifdef __GNUC__
+        "BNE	L_SHA256_transform_len_start\n\t"
+#else
+        "BNE.W	L_SHA256_transform_len_start\n\t"
+#endif
+        /* Round 0 */
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r9, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp]\n\t"
+        "LDR	r6, [r3]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r8, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #12]\n\t"
+        "STR	r9, [%[sha256], #28]\n\t"
+        /* Round 1 */
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r9, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #4]\n\t"
+        "LDR	r6, [r3, #4]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r8, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #8]\n\t"
+        "STR	r9, [%[sha256], #24]\n\t"
+        /* Round 2 */
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r9, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #8]\n\t"
+        "LDR	r6, [r3, #8]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r8, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #4]\n\t"
+        "STR	r9, [%[sha256], #20]\n\t"
+        /* Round 3 */
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r9, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #12]\n\t"
+        "LDR	r6, [r3, #12]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r8, [%[sha256]]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256]]\n\t"
+        "STR	r9, [%[sha256], #16]\n\t"
+        /* Round 4 */
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r9, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #16]\n\t"
+        "LDR	r6, [r3, #16]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r8, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #28]\n\t"
+        "STR	r9, [%[sha256], #12]\n\t"
+        /* Round 5 */
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r9, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #20]\n\t"
+        "LDR	r6, [r3, #20]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r8, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #24]\n\t"
+        "STR	r9, [%[sha256], #8]\n\t"
+        /* Round 6 */
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r9, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #24]\n\t"
+        "LDR	r6, [r3, #24]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r8, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #20]\n\t"
+        "STR	r9, [%[sha256], #4]\n\t"
+        /* Round 7 */
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r9, [%[sha256]]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #28]\n\t"
+        "LDR	r6, [r3, #28]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r8, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #16]\n\t"
+        "STR	r9, [%[sha256]]\n\t"
+        /* Round 8 */
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r9, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #32]\n\t"
+        "LDR	r6, [r3, #32]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r8, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #12]\n\t"
+        "STR	r9, [%[sha256], #28]\n\t"
+        /* Round 9 */
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r9, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #36]\n\t"
+        "LDR	r6, [r3, #36]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r8, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #8]\n\t"
+        "STR	r9, [%[sha256], #24]\n\t"
+        /* Round 10 */
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r9, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #40]\n\t"
+        "LDR	r6, [r3, #40]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r8, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #4]\n\t"
+        "STR	r9, [%[sha256], #20]\n\t"
+        /* Round 11 */
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r9, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #44]\n\t"
+        "LDR	r6, [r3, #44]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r8, [%[sha256]]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256]]\n\t"
+        "STR	r9, [%[sha256], #16]\n\t"
+        /* Round 12 */
+        "LDR	r5, [%[sha256]]\n\t"
+        "LDR	r6, [%[sha256], #4]\n\t"
+        "LDR	r7, [%[sha256], #8]\n\t"
+        "LDR	r9, [%[sha256], #12]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #48]\n\t"
+        "LDR	r6, [r3, #48]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #16]\n\t"
+        "LDR	r6, [%[sha256], #20]\n\t"
+        "LDR	r7, [%[sha256], #24]\n\t"
+        "LDR	r8, [%[sha256], #28]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #28]\n\t"
+        "STR	r9, [%[sha256], #12]\n\t"
+        /* Round 13 */
+        "LDR	r5, [%[sha256], #28]\n\t"
+        "LDR	r6, [%[sha256]]\n\t"
+        "LDR	r7, [%[sha256], #4]\n\t"
+        "LDR	r9, [%[sha256], #8]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #52]\n\t"
+        "LDR	r6, [r3, #52]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #12]\n\t"
+        "LDR	r6, [%[sha256], #16]\n\t"
+        "LDR	r7, [%[sha256], #20]\n\t"
+        "LDR	r8, [%[sha256], #24]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #24]\n\t"
+        "STR	r9, [%[sha256], #8]\n\t"
+        /* Round 14 */
+        "LDR	r5, [%[sha256], #24]\n\t"
+        "LDR	r6, [%[sha256], #28]\n\t"
+        "LDR	r7, [%[sha256]]\n\t"
+        "LDR	r9, [%[sha256], #4]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #56]\n\t"
+        "LDR	r6, [r3, #56]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #8]\n\t"
+        "LDR	r6, [%[sha256], #12]\n\t"
+        "LDR	r7, [%[sha256], #16]\n\t"
+        "LDR	r8, [%[sha256], #20]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r10, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r11, r11, r10\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r11, r11, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r11\n\t"
+        "STR	r8, [%[sha256], #20]\n\t"
+        "STR	r9, [%[sha256], #4]\n\t"
+        /* Round 15 */
+        "LDR	r5, [%[sha256], #20]\n\t"
+        "LDR	r6, [%[sha256], #24]\n\t"
+        "LDR	r7, [%[sha256], #28]\n\t"
+        "LDR	r9, [%[sha256]]\n\t"
+        "ROR	r4, r5, #6\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "EOR	r4, r4, r5, ROR #11\n\t"
+        "AND	r6, r6, r5\n\t"
+        "EOR	r4, r4, r5, ROR #25\n\t"
+        "EOR	r6, r6, r7\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [sp, #60]\n\t"
+        "LDR	r6, [r3, #60]\n\t"
+        "ADD	r9, r9, r5\n\t"
+        "ADD	r9, r9, r6\n\t"
+        "LDR	r5, [%[sha256], #4]\n\t"
+        "LDR	r6, [%[sha256], #8]\n\t"
+        "LDR	r7, [%[sha256], #12]\n\t"
+        "LDR	r8, [%[sha256], #16]\n\t"
+        "ROR	r4, r5, #2\n\t"
+        "EOR	r11, r5, r6\n\t"
+        "EOR	r4, r4, r5, ROR #13\n\t"
+        "AND	r10, r10, r11\n\t"
+        "EOR	r4, r4, r5, ROR #22\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "ADD	r8, r8, r9\n\t"
+        "ADD	r9, r9, r4\n\t"
+        "ADD	r9, r9, r10\n\t"
+        "STR	r8, [%[sha256], #16]\n\t"
+        "STR	r9, [%[sha256]]\n\t"
+        /* Add in digest from start */
+        "LDRD	r4, r5, [%[sha256]]\n\t"
+        "LDRD	r6, r7, [%[sha256], #8]\n\t"
+        "LDRD	r8, r9, [sp, #64]\n\t"
+        "LDRD	r10, r11, [sp, #72]\n\t"
+        "ADD	r4, r4, r8\n\t"
+        "ADD	r5, r5, r9\n\t"
+        "ADD	r6, r6, r10\n\t"
+        "ADD	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha256]]\n\t"
+        "STRD	r6, r7, [%[sha256], #8]\n\t"
+        "STRD	r4, r5, [sp, #64]\n\t"
+        "STRD	r6, r7, [sp, #72]\n\t"
+        "LDRD	r4, r5, [%[sha256], #16]\n\t"
+        "LDRD	r6, r7, [%[sha256], #24]\n\t"
+        "LDRD	r8, r9, [sp, #80]\n\t"
+        "LDRD	r10, r11, [sp, #88]\n\t"
+        "ADD	r4, r4, r8\n\t"
+        "ADD	r5, r5, r9\n\t"
+        "ADD	r6, r6, r10\n\t"
+        "ADD	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha256], #16]\n\t"
+        "STRD	r6, r7, [%[sha256], #24]\n\t"
+        "STRD	r4, r5, [sp, #80]\n\t"
+        "STRD	r6, r7, [sp, #88]\n\t"
+        "SUBS	%[len], %[len], #0x40\n\t"
+        "SUB	r3, r3, #0xc0\n\t"
+        "ADD	%[data], %[data], #0x40\n\t"
+#ifdef __GNUC__
+        "BNE	L_SHA256_transform_len_begin\n\t"
+#else
+        "BNE.W	L_SHA256_transform_len_begin\n\t"
+#endif
+        "ADD	sp, sp, #0xc0\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len),
+          [L_SHA256_transform_len_k] "+r" (L_SHA256_transform_len_k_c)
+        :
+#else
+        : [sha256] "+r" (sha256), [data] "+r" (data), [len] "+r" (len)
+        : [L_SHA256_transform_len_k] "r" (L_SHA256_transform_len_k)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* !NO_SHA256 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
new file mode 100644
index 00000000..6031b924
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
@@ -0,0 +1,3677 @@
+/* thumb2-sha512-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./sha2/sha512.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.S
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#ifndef WOLFSSL_ARMASM_INLINE
+	.thumb
+	.syntax unified
+#ifdef WOLFSSL_SHA512
+#ifdef WOLFSSL_ARMASM_NO_NEON
+	.text
+	.type	L_SHA512_transform_len_k, %object
+	.size	L_SHA512_transform_len_k, 640
+	.align	4
+L_SHA512_transform_len_k:
+	.word	0xd728ae22
+	.word	0x428a2f98
+	.word	0x23ef65cd
+	.word	0x71374491
+	.word	0xec4d3b2f
+	.word	0xb5c0fbcf
+	.word	0x8189dbbc
+	.word	0xe9b5dba5
+	.word	0xf348b538
+	.word	0x3956c25b
+	.word	0xb605d019
+	.word	0x59f111f1
+	.word	0xaf194f9b
+	.word	0x923f82a4
+	.word	0xda6d8118
+	.word	0xab1c5ed5
+	.word	0xa3030242
+	.word	0xd807aa98
+	.word	0x45706fbe
+	.word	0x12835b01
+	.word	0x4ee4b28c
+	.word	0x243185be
+	.word	0xd5ffb4e2
+	.word	0x550c7dc3
+	.word	0xf27b896f
+	.word	0x72be5d74
+	.word	0x3b1696b1
+	.word	0x80deb1fe
+	.word	0x25c71235
+	.word	0x9bdc06a7
+	.word	0xcf692694
+	.word	0xc19bf174
+	.word	0x9ef14ad2
+	.word	0xe49b69c1
+	.word	0x384f25e3
+	.word	0xefbe4786
+	.word	0x8b8cd5b5
+	.word	0xfc19dc6
+	.word	0x77ac9c65
+	.word	0x240ca1cc
+	.word	0x592b0275
+	.word	0x2de92c6f
+	.word	0x6ea6e483
+	.word	0x4a7484aa
+	.word	0xbd41fbd4
+	.word	0x5cb0a9dc
+	.word	0x831153b5
+	.word	0x76f988da
+	.word	0xee66dfab
+	.word	0x983e5152
+	.word	0x2db43210
+	.word	0xa831c66d
+	.word	0x98fb213f
+	.word	0xb00327c8
+	.word	0xbeef0ee4
+	.word	0xbf597fc7
+	.word	0x3da88fc2
+	.word	0xc6e00bf3
+	.word	0x930aa725
+	.word	0xd5a79147
+	.word	0xe003826f
+	.word	0x6ca6351
+	.word	0xa0e6e70
+	.word	0x14292967
+	.word	0x46d22ffc
+	.word	0x27b70a85
+	.word	0x5c26c926
+	.word	0x2e1b2138
+	.word	0x5ac42aed
+	.word	0x4d2c6dfc
+	.word	0x9d95b3df
+	.word	0x53380d13
+	.word	0x8baf63de
+	.word	0x650a7354
+	.word	0x3c77b2a8
+	.word	0x766a0abb
+	.word	0x47edaee6
+	.word	0x81c2c92e
+	.word	0x1482353b
+	.word	0x92722c85
+	.word	0x4cf10364
+	.word	0xa2bfe8a1
+	.word	0xbc423001
+	.word	0xa81a664b
+	.word	0xd0f89791
+	.word	0xc24b8b70
+	.word	0x654be30
+	.word	0xc76c51a3
+	.word	0xd6ef5218
+	.word	0xd192e819
+	.word	0x5565a910
+	.word	0xd6990624
+	.word	0x5771202a
+	.word	0xf40e3585
+	.word	0x32bbd1b8
+	.word	0x106aa070
+	.word	0xb8d2d0c8
+	.word	0x19a4c116
+	.word	0x5141ab53
+	.word	0x1e376c08
+	.word	0xdf8eeb99
+	.word	0x2748774c
+	.word	0xe19b48a8
+	.word	0x34b0bcb5
+	.word	0xc5c95a63
+	.word	0x391c0cb3
+	.word	0xe3418acb
+	.word	0x4ed8aa4a
+	.word	0x7763e373
+	.word	0x5b9cca4f
+	.word	0xd6b2b8a3
+	.word	0x682e6ff3
+	.word	0x5defb2fc
+	.word	0x748f82ee
+	.word	0x43172f60
+	.word	0x78a5636f
+	.word	0xa1f0ab72
+	.word	0x84c87814
+	.word	0x1a6439ec
+	.word	0x8cc70208
+	.word	0x23631e28
+	.word	0x90befffa
+	.word	0xde82bde9
+	.word	0xa4506ceb
+	.word	0xb2c67915
+	.word	0xbef9a3f7
+	.word	0xe372532b
+	.word	0xc67178f2
+	.word	0xea26619c
+	.word	0xca273ece
+	.word	0x21c0c207
+	.word	0xd186b8c7
+	.word	0xcde0eb1e
+	.word	0xeada7dd6
+	.word	0xee6ed178
+	.word	0xf57d4f7f
+	.word	0x72176fba
+	.word	0x6f067aa
+	.word	0xa2c898a6
+	.word	0xa637dc5
+	.word	0xbef90dae
+	.word	0x113f9804
+	.word	0x131c471b
+	.word	0x1b710b35
+	.word	0x23047d84
+	.word	0x28db77f5
+	.word	0x40c72493
+	.word	0x32caab7b
+	.word	0x15c9bebc
+	.word	0x3c9ebe0a
+	.word	0x9c100d4c
+	.word	0x431d67c4
+	.word	0xcb3e42b6
+	.word	0x4cc5d4be
+	.word	0xfc657e2a
+	.word	0x597f299c
+	.word	0x3ad6faec
+	.word	0x5fcb6fab
+	.word	0x4a475817
+	.word	0x6c44198c
+	.text
+	.align	4
+	.globl	Transform_Sha512_Len
+	.type	Transform_Sha512_Len, %function
+Transform_Sha512_Len:
+	PUSH	{r4, r5, r6, r7, r8, r9, r10, r11, lr}
+	SUB	sp, sp, #0xc0
+	ADR	r3, L_SHA512_transform_len_k
+	/* Copy digest to add in at end */
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r10, r11, [r0, #24]
+	STRD	r4, r5, [sp, #128]
+	STRD	r6, r7, [sp, #136]
+	STRD	r8, r9, [sp, #144]
+	STRD	r10, r11, [sp, #152]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [r0, #48]
+	LDRD	r10, r11, [r0, #56]
+	STRD	r4, r5, [sp, #160]
+	STRD	r6, r7, [sp, #168]
+	STRD	r8, r9, [sp, #176]
+	STRD	r10, r11, [sp, #184]
+	/* Start of loop processing a block */
+L_SHA512_transform_len_begin:
+	/* Load, Reverse and Store W */
+	LDR	r4, [r1]
+	LDR	r5, [r1, #4]
+	LDR	r6, [r1, #8]
+	LDR	r7, [r1, #12]
+	LDR	r8, [r1, #16]
+	LDR	r9, [r1, #20]
+	LDR	r10, [r1, #24]
+	LDR	r11, [r1, #28]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STR	r5, [sp]
+	STR	r4, [sp, #4]
+	STR	r7, [sp, #8]
+	STR	r6, [sp, #12]
+	STR	r9, [sp, #16]
+	STR	r8, [sp, #20]
+	STR	r11, [sp, #24]
+	STR	r10, [sp, #28]
+	LDR	r4, [r1, #32]
+	LDR	r5, [r1, #36]
+	LDR	r6, [r1, #40]
+	LDR	r7, [r1, #44]
+	LDR	r8, [r1, #48]
+	LDR	r9, [r1, #52]
+	LDR	r10, [r1, #56]
+	LDR	r11, [r1, #60]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STR	r5, [sp, #32]
+	STR	r4, [sp, #36]
+	STR	r7, [sp, #40]
+	STR	r6, [sp, #44]
+	STR	r9, [sp, #48]
+	STR	r8, [sp, #52]
+	STR	r11, [sp, #56]
+	STR	r10, [sp, #60]
+	LDR	r4, [r1, #64]
+	LDR	r5, [r1, #68]
+	LDR	r6, [r1, #72]
+	LDR	r7, [r1, #76]
+	LDR	r8, [r1, #80]
+	LDR	r9, [r1, #84]
+	LDR	r10, [r1, #88]
+	LDR	r11, [r1, #92]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STR	r5, [sp, #64]
+	STR	r4, [sp, #68]
+	STR	r7, [sp, #72]
+	STR	r6, [sp, #76]
+	STR	r9, [sp, #80]
+	STR	r8, [sp, #84]
+	STR	r11, [sp, #88]
+	STR	r10, [sp, #92]
+	LDR	r4, [r1, #96]
+	LDR	r5, [r1, #100]
+	LDR	r6, [r1, #104]
+	LDR	r7, [r1, #108]
+	LDR	r8, [r1, #112]
+	LDR	r9, [r1, #116]
+	LDR	r10, [r1, #120]
+	LDR	r11, [r1, #124]
+	REV	r4, r4
+	REV	r5, r5
+	REV	r6, r6
+	REV	r7, r7
+	REV	r8, r8
+	REV	r9, r9
+	REV	r10, r10
+	REV	r11, r11
+	STR	r5, [sp, #96]
+	STR	r4, [sp, #100]
+	STR	r7, [sp, #104]
+	STR	r6, [sp, #108]
+	STR	r9, [sp, #112]
+	STR	r8, [sp, #116]
+	STR	r11, [sp, #120]
+	STR	r10, [sp, #124]
+	/* Pre-calc: b ^ c */
+	LDRD	r10, r11, [r0, #8]
+	LDRD	r4, r5, [r0, #16]
+	EOR	r10, r10, r4
+	EOR	r11, r11, r5
+	MOV	r12, #0x4
+	/* Start of 16 rounds */
+L_SHA512_transform_len_start:
+	/* Round 0 */
+	LDRD	r4, r5, [r0, #32]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r8, r9, [sp]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0]
+	STRD	r8, r9, [r0, #24]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0]
+	LDRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [r0, #56]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #56]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #56]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[0] */
+	LDRD	r4, r5, [sp, #112]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp]
+	LDRD	r8, r9, [sp, #72]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp]
+	LDRD	r4, r5, [sp, #8]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp]
+	/* Round 1 */
+	LDRD	r4, r5, [r0, #24]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	LDRD	r8, r9, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r8, r9, [sp, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #8]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #56]
+	STRD	r8, r9, [r0, #16]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #56]
+	LDRD	r6, r7, [r0]
+	STRD	r4, r5, [r0, #48]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #48]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #48]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[1] */
+	LDRD	r4, r5, [sp, #120]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #8]
+	LDRD	r8, r9, [sp, #80]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #8]
+	LDRD	r4, r5, [sp, #16]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #8]
+	/* Round 2 */
+	LDRD	r4, r5, [r0, #16]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r8, r9, [sp, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #16]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #48]
+	STRD	r8, r9, [r0, #8]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	STRD	r4, r5, [r0, #40]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #40]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #40]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[2] */
+	LDRD	r4, r5, [sp]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #16]
+	LDRD	r8, r9, [sp, #88]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #16]
+	LDRD	r4, r5, [sp, #24]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #16]
+	/* Round 3 */
+	LDRD	r4, r5, [r0, #8]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	LDRD	r8, r9, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r8, r9, [sp, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #24]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #40]
+	STRD	r8, r9, [r0]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	STRD	r4, r5, [r0, #32]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #32]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #32]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[3] */
+	LDRD	r4, r5, [sp, #8]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #24]
+	LDRD	r8, r9, [sp, #96]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #24]
+	LDRD	r4, r5, [sp, #32]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #24]
+	/* Round 4 */
+	LDRD	r4, r5, [r0]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r8, r9, [sp, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #32]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #32]
+	STRD	r8, r9, [r0, #56]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	STRD	r4, r5, [r0, #24]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #24]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #24]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[4] */
+	LDRD	r4, r5, [sp, #16]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #32]
+	LDRD	r8, r9, [sp, #104]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #32]
+	LDRD	r4, r5, [sp, #40]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #32]
+	/* Round 5 */
+	LDRD	r4, r5, [r0, #56]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r6, r7, [r0]
+	LDRD	r8, r9, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r8, r9, [sp, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #40]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #24]
+	STRD	r8, r9, [r0, #48]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	STRD	r4, r5, [r0, #16]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #16]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #16]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[5] */
+	LDRD	r4, r5, [sp, #24]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #40]
+	LDRD	r8, r9, [sp, #112]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #40]
+	LDRD	r4, r5, [sp, #48]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #40]
+	/* Round 6 */
+	LDRD	r4, r5, [r0, #48]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	LDRD	r8, r9, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r8, r9, [sp, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #48]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #16]
+	STRD	r8, r9, [r0, #40]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [r0, #8]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #8]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #8]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[6] */
+	LDRD	r4, r5, [sp, #32]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #48]
+	LDRD	r8, r9, [sp, #120]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #48]
+	LDRD	r4, r5, [sp, #56]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #48]
+	/* Round 7 */
+	LDRD	r4, r5, [r0, #40]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	LDRD	r8, r9, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0]
+	LDRD	r8, r9, [sp, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #56]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #8]
+	STRD	r8, r9, [r0, #32]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	STRD	r4, r5, [r0]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[7] */
+	LDRD	r4, r5, [sp, #40]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #56]
+	LDRD	r8, r9, [sp]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #56]
+	LDRD	r4, r5, [sp, #64]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #56]
+	/* Round 8 */
+	LDRD	r4, r5, [r0, #32]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r8, r9, [sp, #64]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #64]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0]
+	STRD	r8, r9, [r0, #24]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0]
+	LDRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [r0, #56]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #56]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #56]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[8] */
+	LDRD	r4, r5, [sp, #48]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #64]
+	LDRD	r8, r9, [sp, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #64]
+	LDRD	r4, r5, [sp, #72]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #64]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #64]
+	/* Round 9 */
+	LDRD	r4, r5, [r0, #24]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	LDRD	r8, r9, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r8, r9, [sp, #72]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #72]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #56]
+	STRD	r8, r9, [r0, #16]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #56]
+	LDRD	r6, r7, [r0]
+	STRD	r4, r5, [r0, #48]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #48]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #48]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[9] */
+	LDRD	r4, r5, [sp, #56]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #72]
+	LDRD	r8, r9, [sp, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #72]
+	LDRD	r4, r5, [sp, #80]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #72]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #72]
+	/* Round 10 */
+	LDRD	r4, r5, [r0, #16]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r8, r9, [sp, #80]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #80]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #48]
+	STRD	r8, r9, [r0, #8]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	STRD	r4, r5, [r0, #40]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #40]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #40]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[10] */
+	LDRD	r4, r5, [sp, #64]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #80]
+	LDRD	r8, r9, [sp, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #80]
+	LDRD	r4, r5, [sp, #88]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #80]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #80]
+	/* Round 11 */
+	LDRD	r4, r5, [r0, #8]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	LDRD	r8, r9, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r8, r9, [sp, #88]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #88]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #40]
+	STRD	r8, r9, [r0]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	STRD	r4, r5, [r0, #32]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #32]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #32]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[11] */
+	LDRD	r4, r5, [sp, #72]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #88]
+	LDRD	r8, r9, [sp, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #88]
+	LDRD	r4, r5, [sp, #96]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #88]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #88]
+	/* Round 12 */
+	LDRD	r4, r5, [r0]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r8, r9, [sp, #96]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #96]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #32]
+	STRD	r8, r9, [r0, #56]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	STRD	r4, r5, [r0, #24]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #24]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #24]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[12] */
+	LDRD	r4, r5, [sp, #80]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #96]
+	LDRD	r8, r9, [sp, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #96]
+	LDRD	r4, r5, [sp, #104]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #96]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #96]
+	/* Round 13 */
+	LDRD	r4, r5, [r0, #56]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r6, r7, [r0]
+	LDRD	r8, r9, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r8, r9, [sp, #104]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #104]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #24]
+	STRD	r8, r9, [r0, #48]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	STRD	r4, r5, [r0, #16]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #16]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #16]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[13] */
+	LDRD	r4, r5, [sp, #88]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #104]
+	LDRD	r8, r9, [sp, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #104]
+	LDRD	r4, r5, [sp, #112]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #104]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #104]
+	/* Round 14 */
+	LDRD	r4, r5, [r0, #48]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	LDRD	r8, r9, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r8, r9, [sp, #112]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #112]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #16]
+	STRD	r8, r9, [r0, #40]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [r0, #8]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #8]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #8]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[14] */
+	LDRD	r4, r5, [sp, #96]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #112]
+	LDRD	r8, r9, [sp, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #112]
+	LDRD	r4, r5, [sp, #120]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #112]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #112]
+	/* Round 15 */
+	LDRD	r4, r5, [r0, #40]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	LDRD	r8, r9, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0]
+	LDRD	r8, r9, [sp, #120]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #120]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #8]
+	STRD	r8, r9, [r0, #32]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	STRD	r4, r5, [r0]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Calc new W[15] */
+	LDRD	r4, r5, [sp, #104]
+	LSRS	r6, r4, #19
+	LSRS	r7, r5, #19
+	ORR	r7, r7, r4, LSL #13
+	ORR	r6, r6, r5, LSL #13
+	LSLS	r8, r4, #3
+	LSLS	r9, r5, #3
+	ORR	r9, r9, r4, LSR #29
+	ORR	r8, r8, r5, LSR #29
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #6
+	LSRS	r9, r5, #6
+	ORR	r8, r8, r5, LSL #26
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #120]
+	LDRD	r8, r9, [sp, #64]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	STRD	r4, r5, [sp, #120]
+	LDRD	r4, r5, [sp]
+	LSRS	r6, r4, #1
+	LSRS	r7, r5, #1
+	ORR	r7, r7, r4, LSL #31
+	ORR	r6, r6, r5, LSL #31
+	LSRS	r8, r4, #8
+	LSRS	r9, r5, #8
+	ORR	r9, r9, r4, LSL #24
+	ORR	r8, r8, r5, LSL #24
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LSRS	r8, r4, #7
+	LSRS	r9, r5, #7
+	ORR	r8, r8, r5, LSL #25
+	EOR	r7, r7, r9
+	EOR	r6, r6, r8
+	LDRD	r4, r5, [sp, #120]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [sp, #120]
+	ADD	r3, r3, #0x80
+	SUBS	r12, r12, #0x1
+#ifdef __GNUC__
+	BNE	L_SHA512_transform_len_start
+#else
+	BNE.W	L_SHA512_transform_len_start
+#endif
+	/* Round 0 */
+	LDRD	r4, r5, [r0, #32]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r8, r9, [sp]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0]
+	STRD	r8, r9, [r0, #24]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0]
+	LDRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [r0, #56]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #56]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #56]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 1 */
+	LDRD	r4, r5, [r0, #24]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	LDRD	r8, r9, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r8, r9, [sp, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #8]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #56]
+	STRD	r8, r9, [r0, #16]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #56]
+	LDRD	r6, r7, [r0]
+	STRD	r4, r5, [r0, #48]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #48]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #48]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 2 */
+	LDRD	r4, r5, [r0, #16]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r8, r9, [sp, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #16]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #48]
+	STRD	r8, r9, [r0, #8]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	STRD	r4, r5, [r0, #40]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #40]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #40]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 3 */
+	LDRD	r4, r5, [r0, #8]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	LDRD	r8, r9, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r8, r9, [sp, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #24]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #40]
+	STRD	r8, r9, [r0]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	STRD	r4, r5, [r0, #32]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #32]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #32]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 4 */
+	LDRD	r4, r5, [r0]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r8, r9, [sp, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #32]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #32]
+	STRD	r8, r9, [r0, #56]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	STRD	r4, r5, [r0, #24]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #24]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #24]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 5 */
+	LDRD	r4, r5, [r0, #56]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r6, r7, [r0]
+	LDRD	r8, r9, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r8, r9, [sp, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #40]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #24]
+	STRD	r8, r9, [r0, #48]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	STRD	r4, r5, [r0, #16]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #16]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #16]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 6 */
+	LDRD	r4, r5, [r0, #48]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	LDRD	r8, r9, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r8, r9, [sp, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #48]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #16]
+	STRD	r8, r9, [r0, #40]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [r0, #8]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #8]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #8]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 7 */
+	LDRD	r4, r5, [r0, #40]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	LDRD	r8, r9, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0]
+	LDRD	r8, r9, [sp, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #56]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #8]
+	STRD	r8, r9, [r0, #32]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	STRD	r4, r5, [r0]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 8 */
+	LDRD	r4, r5, [r0, #32]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r8, r9, [sp, #64]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #64]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #24]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #56]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0]
+	STRD	r8, r9, [r0, #24]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0]
+	LDRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [r0, #56]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #56]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #56]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 9 */
+	LDRD	r4, r5, [r0, #24]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	LDRD	r8, r9, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r8, r9, [sp, #72]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #72]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #16]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #48]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #56]
+	STRD	r8, r9, [r0, #16]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #48]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #56]
+	LDRD	r6, r7, [r0]
+	STRD	r4, r5, [r0, #48]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #48]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #48]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 10 */
+	LDRD	r4, r5, [r0, #16]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r8, r9, [sp, #80]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #80]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #8]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #40]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #48]
+	STRD	r8, r9, [r0, #8]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #40]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	STRD	r4, r5, [r0, #40]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #40]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #40]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 11 */
+	LDRD	r4, r5, [r0, #8]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	LDRD	r8, r9, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r8, r9, [sp, #88]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #88]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #32]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #40]
+	STRD	r8, r9, [r0]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #32]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	STRD	r4, r5, [r0, #32]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #32]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #32]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 12 */
+	LDRD	r4, r5, [r0]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #24]
+	LDRD	r8, r9, [sp, #96]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #96]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #56]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #24]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #32]
+	STRD	r8, r9, [r0, #56]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #24]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	STRD	r4, r5, [r0, #24]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #24]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #24]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 13 */
+	LDRD	r4, r5, [r0, #56]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	LDRD	r4, r5, [r0, #56]
+	LDRD	r6, r7, [r0]
+	LDRD	r8, r9, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r8, r9, [sp, #104]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #104]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #48]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #16]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #24]
+	STRD	r8, r9, [r0, #48]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #16]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #24]
+	LDRD	r6, r7, [r0, #32]
+	STRD	r4, r5, [r0, #16]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #16]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #16]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 14 */
+	LDRD	r4, r5, [r0, #48]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	LDRD	r8, r9, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0, #8]
+	LDRD	r8, r9, [sp, #112]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #112]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #40]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0, #8]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #16]
+	STRD	r8, r9, [r0, #40]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0, #8]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [r0, #8]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0, #8]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0, #8]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Round 15 */
+	LDRD	r4, r5, [r0, #40]
+	LSRS	r6, r4, #14
+	LSRS	r7, r5, #14
+	ORR	r7, r7, r4, LSL #18
+	ORR	r6, r6, r5, LSL #18
+	LSRS	r8, r4, #18
+	LSRS	r9, r5, #18
+	ORR	r9, r9, r4, LSL #14
+	ORR	r8, r8, r5, LSL #14
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #23
+	LSLS	r9, r5, #23
+	ORR	r9, r9, r4, LSR #9
+	ORR	r8, r8, r5, LSR #9
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	LDRD	r4, r5, [r0, #40]
+	LDRD	r6, r7, [r0, #48]
+	LDRD	r8, r9, [r0, #56]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	AND	r6, r6, r4
+	AND	r7, r7, r5
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LDRD	r4, r5, [r0]
+	LDRD	r8, r9, [sp, #120]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r6, r7, [r3, #120]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	LDRD	r8, r9, [r0, #32]
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	STRD	r4, r5, [r0]
+	ADDS	r8, r8, r4
+	ADC	r9, r9, r5
+	LDRD	r4, r5, [r0, #8]
+	STRD	r8, r9, [r0, #32]
+	LSRS	r6, r4, #28
+	LSRS	r7, r5, #28
+	ORR	r7, r7, r4, LSL #4
+	ORR	r6, r6, r5, LSL #4
+	LSLS	r8, r4, #30
+	LSLS	r9, r5, #30
+	ORR	r9, r9, r4, LSR #2
+	ORR	r8, r8, r5, LSR #2
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	LSLS	r8, r4, #25
+	LSLS	r9, r5, #25
+	ORR	r9, r9, r4, LSR #7
+	ORR	r8, r8, r5, LSR #7
+	LDRD	r4, r5, [r0]
+	EOR	r6, r6, r8
+	EOR	r7, r7, r9
+	ADDS	r4, r4, r6
+	ADC	r5, r5, r7
+	LDRD	r8, r9, [r0, #8]
+	LDRD	r6, r7, [r0, #16]
+	STRD	r4, r5, [r0]
+	EOR	r8, r8, r6
+	EOR	r9, r9, r7
+	AND	r10, r10, r8
+	AND	r11, r11, r9
+	EOR	r10, r10, r6
+	EOR	r11, r11, r7
+	LDRD	r6, r7, [r0]
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r6, r7, [r0]
+	MOV	r10, r8
+	MOV	r11, r9
+	/* Add in digest from start */
+	LDRD	r4, r5, [r0]
+	LDRD	r6, r7, [r0, #8]
+	LDRD	r8, r9, [sp, #128]
+	LDRD	r10, r11, [sp, #136]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r4, r5, [r0]
+	STRD	r6, r7, [r0, #8]
+	STRD	r4, r5, [sp, #128]
+	STRD	r6, r7, [sp, #136]
+	LDRD	r4, r5, [r0, #16]
+	LDRD	r6, r7, [r0, #24]
+	LDRD	r8, r9, [sp, #144]
+	LDRD	r10, r11, [sp, #152]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r4, r5, [r0, #16]
+	STRD	r6, r7, [r0, #24]
+	STRD	r4, r5, [sp, #144]
+	STRD	r6, r7, [sp, #152]
+	LDRD	r4, r5, [r0, #32]
+	LDRD	r6, r7, [r0, #40]
+	LDRD	r8, r9, [sp, #160]
+	LDRD	r10, r11, [sp, #168]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r4, r5, [r0, #32]
+	STRD	r6, r7, [r0, #40]
+	STRD	r4, r5, [sp, #160]
+	STRD	r6, r7, [sp, #168]
+	LDRD	r4, r5, [r0, #48]
+	LDRD	r6, r7, [r0, #56]
+	LDRD	r8, r9, [sp, #176]
+	LDRD	r10, r11, [sp, #184]
+	ADDS	r4, r4, r8
+	ADC	r5, r5, r9
+	ADDS	r6, r6, r10
+	ADC	r7, r7, r11
+	STRD	r4, r5, [r0, #48]
+	STRD	r6, r7, [r0, #56]
+	STRD	r4, r5, [sp, #176]
+	STRD	r6, r7, [sp, #184]
+	SUBS	r2, r2, #0x80
+	SUB	r3, r3, #0x200
+	ADD	r1, r1, #0x80
+#ifdef __GNUC__
+	BNE	L_SHA512_transform_len_begin
+#else
+	BNE.W	L_SHA512_transform_len_begin
+#endif
+	EOR	r0, r0, r0
+	ADD	sp, sp, #0xc0
+	POP	{r4, r5, r6, r7, r8, r9, r10, r11, pc}
+	/* Cycle Count = 5021 */
+	.size	Transform_Sha512_Len,.-Transform_Sha512_Len
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* WOLFSSL_SHA512 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+
+#if defined(__linux__) && defined(__ELF__)
+.section        .note.GNU-stack,"",%progbits
+#endif
+#endif /* !WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
new file mode 100644
index 00000000..d7fbd83e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm_c.c
@@ -0,0 +1,3592 @@
+/* thumb2-sha512-asm
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* Generated using (from wolfssl):
+ *   cd ../scripts
+ *   ruby ./sha2/sha512.rb thumb2 ../wolfssl/wolfcrypt/src/port/arm/thumb2-sha512-asm.c
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+#include <stdint.h>
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif /* HAVE_CONFIG_H */
+#include <wolfssl/wolfcrypt/settings.h>
+#ifdef WOLFSSL_ARMASM_INLINE
+
+#ifdef WOLFSSL_ARMASM
+#if !defined(__aarch64__) && defined(__thumb__)
+
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif /* __KEIL__ */
+#ifdef WOLFSSL_SHA512
+#include <wolfssl/wolfcrypt/sha512.h>
+
+#ifdef WOLFSSL_ARMASM_NO_NEON
+static const uint64_t L_SHA512_transform_len_k[] = {
+    0x428a2f98d728ae22UL, 0x7137449123ef65cdUL,
+    0xb5c0fbcfec4d3b2fUL, 0xe9b5dba58189dbbcUL,
+    0x3956c25bf348b538UL, 0x59f111f1b605d019UL,
+    0x923f82a4af194f9bUL, 0xab1c5ed5da6d8118UL,
+    0xd807aa98a3030242UL, 0x12835b0145706fbeUL,
+    0x243185be4ee4b28cUL, 0x550c7dc3d5ffb4e2UL,
+    0x72be5d74f27b896fUL, 0x80deb1fe3b1696b1UL,
+    0x9bdc06a725c71235UL, 0xc19bf174cf692694UL,
+    0xe49b69c19ef14ad2UL, 0xefbe4786384f25e3UL,
+    0x0fc19dc68b8cd5b5UL, 0x240ca1cc77ac9c65UL,
+    0x2de92c6f592b0275UL, 0x4a7484aa6ea6e483UL,
+    0x5cb0a9dcbd41fbd4UL, 0x76f988da831153b5UL,
+    0x983e5152ee66dfabUL, 0xa831c66d2db43210UL,
+    0xb00327c898fb213fUL, 0xbf597fc7beef0ee4UL,
+    0xc6e00bf33da88fc2UL, 0xd5a79147930aa725UL,
+    0x06ca6351e003826fUL, 0x142929670a0e6e70UL,
+    0x27b70a8546d22ffcUL, 0x2e1b21385c26c926UL,
+    0x4d2c6dfc5ac42aedUL, 0x53380d139d95b3dfUL,
+    0x650a73548baf63deUL, 0x766a0abb3c77b2a8UL,
+    0x81c2c92e47edaee6UL, 0x92722c851482353bUL,
+    0xa2bfe8a14cf10364UL, 0xa81a664bbc423001UL,
+    0xc24b8b70d0f89791UL, 0xc76c51a30654be30UL,
+    0xd192e819d6ef5218UL, 0xd69906245565a910UL,
+    0xf40e35855771202aUL, 0x106aa07032bbd1b8UL,
+    0x19a4c116b8d2d0c8UL, 0x1e376c085141ab53UL,
+    0x2748774cdf8eeb99UL, 0x34b0bcb5e19b48a8UL,
+    0x391c0cb3c5c95a63UL, 0x4ed8aa4ae3418acbUL,
+    0x5b9cca4f7763e373UL, 0x682e6ff3d6b2b8a3UL,
+    0x748f82ee5defb2fcUL, 0x78a5636f43172f60UL,
+    0x84c87814a1f0ab72UL, 0x8cc702081a6439ecUL,
+    0x90befffa23631e28UL, 0xa4506cebde82bde9UL,
+    0xbef9a3f7b2c67915UL, 0xc67178f2e372532bUL,
+    0xca273eceea26619cUL, 0xd186b8c721c0c207UL,
+    0xeada7dd6cde0eb1eUL, 0xf57d4f7fee6ed178UL,
+    0x06f067aa72176fbaUL, 0x0a637dc5a2c898a6UL,
+    0x113f9804bef90daeUL, 0x1b710b35131c471bUL,
+    0x28db77f523047d84UL, 0x32caab7b40c72493UL,
+    0x3c9ebe0a15c9bebcUL, 0x431d67c49c100d4cUL,
+    0x4cc5d4becb3e42b6UL, 0x597f299cfc657e2aUL,
+    0x5fcb6fab3ad6faecUL, 0x6c44198c4a475817UL,
+};
+
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len);
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+void Transform_Sha512_Len(wc_Sha512* sha512_p, const byte* data_p, word32 len_p)
+#else
+void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data, word32 len)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register wc_Sha512* sha512 __asm__ ("r0") = (wc_Sha512*)sha512_p;
+    register const byte* data __asm__ ("r1") = (const byte*)data_p;
+    register word32 len __asm__ ("r2") = (word32)len_p;
+    register uint64_t* L_SHA512_transform_len_k_c __asm__ ("r3") = (uint64_t*)&L_SHA512_transform_len_k;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0xc0\n\t"
+        "MOV	r3, %[L_SHA512_transform_len_k]\n\t"
+        /* Copy digest to add in at end */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "LDRD	r10, r11, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [sp, #128]\n\t"
+        "STRD	r6, r7, [sp, #136]\n\t"
+        "STRD	r8, r9, [sp, #144]\n\t"
+        "STRD	r10, r11, [sp, #152]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "LDRD	r10, r11, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [sp, #160]\n\t"
+        "STRD	r6, r7, [sp, #168]\n\t"
+        "STRD	r8, r9, [sp, #176]\n\t"
+        "STRD	r10, r11, [sp, #184]\n\t"
+        /* Start of loop processing a block */
+        "\n"
+    "L_SHA512_transform_len_begin:\n\t"
+        /* Load, Reverse and Store W */
+        "LDR	r4, [%[data]]\n\t"
+        "LDR	r5, [%[data], #4]\n\t"
+        "LDR	r6, [%[data], #8]\n\t"
+        "LDR	r7, [%[data], #12]\n\t"
+        "LDR	r8, [%[data], #16]\n\t"
+        "LDR	r9, [%[data], #20]\n\t"
+        "LDR	r10, [%[data], #24]\n\t"
+        "LDR	r11, [%[data], #28]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STR	r5, [sp]\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r7, [sp, #8]\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "STR	r11, [sp, #24]\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "LDR	r4, [%[data], #32]\n\t"
+        "LDR	r5, [%[data], #36]\n\t"
+        "LDR	r6, [%[data], #40]\n\t"
+        "LDR	r7, [%[data], #44]\n\t"
+        "LDR	r8, [%[data], #48]\n\t"
+        "LDR	r9, [%[data], #52]\n\t"
+        "LDR	r10, [%[data], #56]\n\t"
+        "LDR	r11, [%[data], #60]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STR	r5, [sp, #32]\n\t"
+        "STR	r4, [sp, #36]\n\t"
+        "STR	r7, [sp, #40]\n\t"
+        "STR	r6, [sp, #44]\n\t"
+        "STR	r9, [sp, #48]\n\t"
+        "STR	r8, [sp, #52]\n\t"
+        "STR	r11, [sp, #56]\n\t"
+        "STR	r10, [sp, #60]\n\t"
+        "LDR	r4, [%[data], #64]\n\t"
+        "LDR	r5, [%[data], #68]\n\t"
+        "LDR	r6, [%[data], #72]\n\t"
+        "LDR	r7, [%[data], #76]\n\t"
+        "LDR	r8, [%[data], #80]\n\t"
+        "LDR	r9, [%[data], #84]\n\t"
+        "LDR	r10, [%[data], #88]\n\t"
+        "LDR	r11, [%[data], #92]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STR	r5, [sp, #64]\n\t"
+        "STR	r4, [sp, #68]\n\t"
+        "STR	r7, [sp, #72]\n\t"
+        "STR	r6, [sp, #76]\n\t"
+        "STR	r9, [sp, #80]\n\t"
+        "STR	r8, [sp, #84]\n\t"
+        "STR	r11, [sp, #88]\n\t"
+        "STR	r10, [sp, #92]\n\t"
+        "LDR	r4, [%[data], #96]\n\t"
+        "LDR	r5, [%[data], #100]\n\t"
+        "LDR	r6, [%[data], #104]\n\t"
+        "LDR	r7, [%[data], #108]\n\t"
+        "LDR	r8, [%[data], #112]\n\t"
+        "LDR	r9, [%[data], #116]\n\t"
+        "LDR	r10, [%[data], #120]\n\t"
+        "LDR	r11, [%[data], #124]\n\t"
+        "REV	r4, r4\n\t"
+        "REV	r5, r5\n\t"
+        "REV	r6, r6\n\t"
+        "REV	r7, r7\n\t"
+        "REV	r8, r8\n\t"
+        "REV	r9, r9\n\t"
+        "REV	r10, r10\n\t"
+        "REV	r11, r11\n\t"
+        "STR	r5, [sp, #96]\n\t"
+        "STR	r4, [sp, #100]\n\t"
+        "STR	r7, [sp, #104]\n\t"
+        "STR	r6, [sp, #108]\n\t"
+        "STR	r9, [sp, #112]\n\t"
+        "STR	r8, [sp, #116]\n\t"
+        "STR	r11, [sp, #120]\n\t"
+        "STR	r10, [sp, #124]\n\t"
+        /* Pre-calc: b ^ c */
+        "LDRD	r10, r11, [%[sha512], #8]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r10, r10, r4\n\t"
+        "EOR	r11, r11, r5\n\t"
+        "MOV	r12, #0x4\n\t"
+        /* Start of 16 rounds */
+        "\n"
+    "L_SHA512_transform_len_start:\n\t"
+        /* Round 0 */
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [sp]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "STRD	r8, r9, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #56]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[0] */
+        "LDRD	r4, r5, [sp, #112]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp]\n\t"
+        "LDRD	r8, r9, [sp, #72]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp]\n\t"
+        "LDRD	r4, r5, [sp, #8]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp]\n\t"
+        /* Round 1 */
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [sp, #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #8]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "STRD	r8, r9, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #48]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[1] */
+        "LDRD	r4, r5, [sp, #120]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #8]\n\t"
+        "LDRD	r8, r9, [sp, #80]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #8]\n\t"
+        "LDRD	r4, r5, [sp, #16]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #8]\n\t"
+        /* Round 2 */
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [sp, #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #16]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "STRD	r8, r9, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #40]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[2] */
+        "LDRD	r4, r5, [sp]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #16]\n\t"
+        "LDRD	r8, r9, [sp, #88]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #16]\n\t"
+        "LDRD	r4, r5, [sp, #24]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #16]\n\t"
+        /* Round 3 */
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [sp, #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #24]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "STRD	r8, r9, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #32]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[3] */
+        "LDRD	r4, r5, [sp, #8]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #24]\n\t"
+        "LDRD	r8, r9, [sp, #96]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #24]\n\t"
+        "LDRD	r4, r5, [sp, #32]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #24]\n\t"
+        /* Round 4 */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [sp, #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #32]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "STRD	r8, r9, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #24]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[4] */
+        "LDRD	r4, r5, [sp, #16]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #32]\n\t"
+        "LDRD	r8, r9, [sp, #104]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #32]\n\t"
+        "LDRD	r4, r5, [sp, #40]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #32]\n\t"
+        /* Round 5 */
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [sp, #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #40]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "STRD	r8, r9, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #16]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[5] */
+        "LDRD	r4, r5, [sp, #24]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #40]\n\t"
+        "LDRD	r8, r9, [sp, #112]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #40]\n\t"
+        "LDRD	r4, r5, [sp, #48]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #40]\n\t"
+        /* Round 6 */
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [sp, #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #48]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "STRD	r8, r9, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #8]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[6] */
+        "LDRD	r4, r5, [sp, #32]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #48]\n\t"
+        "LDRD	r8, r9, [sp, #120]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #48]\n\t"
+        "LDRD	r4, r5, [sp, #56]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #48]\n\t"
+        /* Round 7 */
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [sp, #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #56]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "STRD	r8, r9, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512]]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[7] */
+        "LDRD	r4, r5, [sp, #40]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #56]\n\t"
+        "LDRD	r8, r9, [sp]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #56]\n\t"
+        "LDRD	r4, r5, [sp, #64]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #56]\n\t"
+        /* Round 8 */
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [sp, #64]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #64]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "STRD	r8, r9, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #56]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[8] */
+        "LDRD	r4, r5, [sp, #48]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #64]\n\t"
+        "LDRD	r8, r9, [sp, #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #64]\n\t"
+        "LDRD	r4, r5, [sp, #72]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #64]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #64]\n\t"
+        /* Round 9 */
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [sp, #72]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #72]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "STRD	r8, r9, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #48]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[9] */
+        "LDRD	r4, r5, [sp, #56]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #72]\n\t"
+        "LDRD	r8, r9, [sp, #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #72]\n\t"
+        "LDRD	r4, r5, [sp, #80]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #72]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #72]\n\t"
+        /* Round 10 */
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [sp, #80]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #80]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "STRD	r8, r9, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #40]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[10] */
+        "LDRD	r4, r5, [sp, #64]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #80]\n\t"
+        "LDRD	r8, r9, [sp, #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #80]\n\t"
+        "LDRD	r4, r5, [sp, #88]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #80]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #80]\n\t"
+        /* Round 11 */
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [sp, #88]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #88]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "STRD	r8, r9, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #32]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[11] */
+        "LDRD	r4, r5, [sp, #72]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #88]\n\t"
+        "LDRD	r8, r9, [sp, #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #88]\n\t"
+        "LDRD	r4, r5, [sp, #96]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #88]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #88]\n\t"
+        /* Round 12 */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [sp, #96]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #96]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "STRD	r8, r9, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #24]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[12] */
+        "LDRD	r4, r5, [sp, #80]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #96]\n\t"
+        "LDRD	r8, r9, [sp, #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #96]\n\t"
+        "LDRD	r4, r5, [sp, #104]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #96]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #96]\n\t"
+        /* Round 13 */
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [sp, #104]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #104]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "STRD	r8, r9, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #16]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[13] */
+        "LDRD	r4, r5, [sp, #88]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #104]\n\t"
+        "LDRD	r8, r9, [sp, #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #104]\n\t"
+        "LDRD	r4, r5, [sp, #112]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #104]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #104]\n\t"
+        /* Round 14 */
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [sp, #112]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #112]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "STRD	r8, r9, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #8]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[14] */
+        "LDRD	r4, r5, [sp, #96]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #112]\n\t"
+        "LDRD	r8, r9, [sp, #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #112]\n\t"
+        "LDRD	r4, r5, [sp, #120]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #112]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #112]\n\t"
+        /* Round 15 */
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [sp, #120]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #120]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "STRD	r8, r9, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512]]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Calc new W[15] */
+        "LDRD	r4, r5, [sp, #104]\n\t"
+        "LSRS	r6, r4, #19\n\t"
+        "LSRS	r7, r5, #19\n\t"
+        "ORR	r7, r7, r4, LSL #13\n\t"
+        "ORR	r6, r6, r5, LSL #13\n\t"
+        "LSLS	r8, r4, #3\n\t"
+        "LSLS	r9, r5, #3\n\t"
+        "ORR	r9, r9, r4, LSR #29\n\t"
+        "ORR	r8, r8, r5, LSR #29\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #6\n\t"
+        "LSRS	r9, r5, #6\n\t"
+        "ORR	r8, r8, r5, LSL #26\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #120]\n\t"
+        "LDRD	r8, r9, [sp, #64]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "STRD	r4, r5, [sp, #120]\n\t"
+        "LDRD	r4, r5, [sp]\n\t"
+        "LSRS	r6, r4, #1\n\t"
+        "LSRS	r7, r5, #1\n\t"
+        "ORR	r7, r7, r4, LSL #31\n\t"
+        "ORR	r6, r6, r5, LSL #31\n\t"
+        "LSRS	r8, r4, #8\n\t"
+        "LSRS	r9, r5, #8\n\t"
+        "ORR	r9, r9, r4, LSL #24\n\t"
+        "ORR	r8, r8, r5, LSL #24\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LSRS	r8, r4, #7\n\t"
+        "LSRS	r9, r5, #7\n\t"
+        "ORR	r8, r8, r5, LSL #25\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "LDRD	r4, r5, [sp, #120]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [sp, #120]\n\t"
+        "ADD	r3, r3, #0x80\n\t"
+        "SUBS	r12, r12, #0x1\n\t"
+#ifdef __GNUC__
+        "BNE	L_SHA512_transform_len_start\n\t"
+#else
+        "BNE.W	L_SHA512_transform_len_start\n\t"
+#endif
+        /* Round 0 */
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [sp]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "STRD	r8, r9, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #56]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 1 */
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [sp, #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #8]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "STRD	r8, r9, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #48]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 2 */
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [sp, #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #16]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "STRD	r8, r9, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #40]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 3 */
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [sp, #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #24]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "STRD	r8, r9, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #32]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 4 */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [sp, #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #32]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "STRD	r8, r9, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #24]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 5 */
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [sp, #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #40]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "STRD	r8, r9, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #16]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 6 */
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [sp, #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #48]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "STRD	r8, r9, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #8]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 7 */
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [sp, #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #56]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "STRD	r8, r9, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512]]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 8 */
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [sp, #64]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #64]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "STRD	r8, r9, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "STRD	r4, r5, [%[sha512], #56]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #56]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 9 */
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [sp, #72]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #72]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "STRD	r8, r9, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #48]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 10 */
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [sp, #80]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #80]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "STRD	r8, r9, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [%[sha512], #40]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #40]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 11 */
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r8, r9, [sp, #88]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #88]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "STRD	r8, r9, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #32]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 12 */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [sp, #96]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #96]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "STRD	r8, r9, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "STRD	r4, r5, [%[sha512], #24]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #24]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 13 */
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r4, r5, [%[sha512], #56]\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r8, r9, [sp, #104]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #104]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #48]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #24]\n\t"
+        "STRD	r8, r9, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #24]\n\t"
+        "LDRD	r6, r7, [%[sha512], #32]\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #16]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 14 */
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [sp, #112]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #112]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #40]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "STRD	r8, r9, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [%[sha512], #8]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512], #8]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Round 15 */
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LSRS	r6, r4, #14\n\t"
+        "LSRS	r7, r5, #14\n\t"
+        "ORR	r7, r7, r4, LSL #18\n\t"
+        "ORR	r6, r6, r5, LSL #18\n\t"
+        "LSRS	r8, r4, #18\n\t"
+        "LSRS	r9, r5, #18\n\t"
+        "ORR	r9, r9, r4, LSL #14\n\t"
+        "ORR	r8, r8, r5, LSL #14\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #23\n\t"
+        "LSLS	r9, r5, #23\n\t"
+        "ORR	r9, r9, r4, LSR #9\n\t"
+        "ORR	r8, r8, r5, LSR #9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r4, r5, [%[sha512], #40]\n\t"
+        "LDRD	r6, r7, [%[sha512], #48]\n\t"
+        "LDRD	r8, r9, [%[sha512], #56]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "AND	r6, r6, r4\n\t"
+        "AND	r7, r7, r5\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r8, r9, [sp, #120]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r6, r7, [r3, #120]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "LDRD	r8, r9, [%[sha512], #32]\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADC	r9, r9, r5\n\t"
+        "LDRD	r4, r5, [%[sha512], #8]\n\t"
+        "STRD	r8, r9, [%[sha512], #32]\n\t"
+        "LSRS	r6, r4, #28\n\t"
+        "LSRS	r7, r5, #28\n\t"
+        "ORR	r7, r7, r4, LSL #4\n\t"
+        "ORR	r6, r6, r5, LSL #4\n\t"
+        "LSLS	r8, r4, #30\n\t"
+        "LSLS	r9, r5, #30\n\t"
+        "ORR	r9, r9, r4, LSR #2\n\t"
+        "ORR	r8, r8, r5, LSR #2\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "LSLS	r8, r4, #25\n\t"
+        "LSLS	r9, r5, #25\n\t"
+        "ORR	r9, r9, r4, LSR #7\n\t"
+        "ORR	r8, r8, r5, LSR #7\n\t"
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r6, r6, r8\n\t"
+        "EOR	r7, r7, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADC	r5, r5, r7\n\t"
+        "LDRD	r8, r9, [%[sha512], #8]\n\t"
+        "LDRD	r6, r7, [%[sha512], #16]\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "EOR	r8, r8, r6\n\t"
+        "EOR	r9, r9, r7\n\t"
+        "AND	r10, r10, r8\n\t"
+        "AND	r11, r11, r9\n\t"
+        "EOR	r10, r10, r6\n\t"
+        "EOR	r11, r11, r7\n\t"
+        "LDRD	r6, r7, [%[sha512]]\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r6, r7, [%[sha512]]\n\t"
+        "MOV	r10, r8\n\t"
+        "MOV	r11, r9\n\t"
+        /* Add in digest from start */
+        "LDRD	r4, r5, [%[sha512]]\n\t"
+        "LDRD	r6, r7, [%[sha512], #8]\n\t"
+        "LDRD	r8, r9, [sp, #128]\n\t"
+        "LDRD	r10, r11, [sp, #136]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha512]]\n\t"
+        "STRD	r6, r7, [%[sha512], #8]\n\t"
+        "STRD	r4, r5, [sp, #128]\n\t"
+        "STRD	r6, r7, [sp, #136]\n\t"
+        "LDRD	r4, r5, [%[sha512], #16]\n\t"
+        "LDRD	r6, r7, [%[sha512], #24]\n\t"
+        "LDRD	r8, r9, [sp, #144]\n\t"
+        "LDRD	r10, r11, [sp, #152]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha512], #16]\n\t"
+        "STRD	r6, r7, [%[sha512], #24]\n\t"
+        "STRD	r4, r5, [sp, #144]\n\t"
+        "STRD	r6, r7, [sp, #152]\n\t"
+        "LDRD	r4, r5, [%[sha512], #32]\n\t"
+        "LDRD	r6, r7, [%[sha512], #40]\n\t"
+        "LDRD	r8, r9, [sp, #160]\n\t"
+        "LDRD	r10, r11, [sp, #168]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha512], #32]\n\t"
+        "STRD	r6, r7, [%[sha512], #40]\n\t"
+        "STRD	r4, r5, [sp, #160]\n\t"
+        "STRD	r6, r7, [sp, #168]\n\t"
+        "LDRD	r4, r5, [%[sha512], #48]\n\t"
+        "LDRD	r6, r7, [%[sha512], #56]\n\t"
+        "LDRD	r8, r9, [sp, #176]\n\t"
+        "LDRD	r10, r11, [sp, #184]\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADC	r5, r5, r9\n\t"
+        "ADDS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STRD	r4, r5, [%[sha512], #48]\n\t"
+        "STRD	r6, r7, [%[sha512], #56]\n\t"
+        "STRD	r4, r5, [sp, #176]\n\t"
+        "STRD	r6, r7, [sp, #184]\n\t"
+        "SUBS	%[len], %[len], #0x80\n\t"
+        "SUB	r3, r3, #0x200\n\t"
+        "ADD	%[data], %[data], #0x80\n\t"
+#ifdef __GNUC__
+        "BNE	L_SHA512_transform_len_begin\n\t"
+#else
+        "BNE.W	L_SHA512_transform_len_begin\n\t"
+#endif
+        "EOR	r0, r0, r0\n\t"
+        "ADD	sp, sp, #0xc0\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len),
+          [L_SHA512_transform_len_k] "+r" (L_SHA512_transform_len_k_c)
+        :
+#else
+        : [sha512] "+r" (sha512), [data] "+r" (data), [len] "+r" (len)
+        : [L_SHA512_transform_len_k] "r" (L_SHA512_transform_len_k)
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+}
+
+#endif /* WOLFSSL_ARMASM_NO_NEON */
+#endif /* WOLFSSL_SHA512 */
+#endif /* !__aarch64__ && __thumb__ */
+#endif /* WOLFSSL_ARMASM */
+#endif /* !defined(__aarch64__) && defined(__thumb__) */
+#endif /* WOLFSSL_ARMASM */
+
+#endif /* WOLFSSL_ARMASM_INLINE */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
index 56516237..4698d7a5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_driver.c
@@ -1840,7 +1840,7 @@ void caamDescInit(DESCSTRUCT* desc, int type, unsigned int args[4],
 
 static int SetupJobRing(struct JobRing* r)
 {
-    /* get enviornment specific addresses to use for job rings */
+    /* get environment specific addresses to use for job rings */
     CAAM_SET_JOBRING_ADDR(&r->BaseAddr, &r->JobIn, &r->VirtualIn);
 
     /* register the in/out and sizes of job ring */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
index 32d77317..d6e94e8d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/caam_qnx.c
@@ -27,7 +27,7 @@
  * wolfssl/wolfcrypt/- path includes other than
  * wolfssl/wolfcrypt/port/caam/caam_* should be avoided!! */
 #undef WC_NO_HARDEN
-#define WC_NO_HARDEN /* silence warning, it is irrelavent here */
+#define WC_NO_HARDEN /* silence warning, it is irrelevant here */
 #include <wolfssl/wolfcrypt/settings.h>
 
 #if defined(__QNX__) || defined(__QNXNTO__)
@@ -55,7 +55,7 @@ static void* localMemory = NULL;
 static unsigned int localPhy = 0;
 sem_t localMemSem;
 
-/* Can be overriden, variable for how large of a local buffer to have.
+/* Can be overridden, variable for how large of a local buffer to have.
  * This allows for large performance gains when avoiding mapping new memory
  * for each operation. */
 #ifndef WOLFSSL_CAAM_QNX_MEMORY
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
index f6bb2705..c84b0807 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_ecdsa.c
@@ -352,7 +352,7 @@ int wc_CAAM_EccSign(const byte* in, int inlen, byte* out, word32* outlen,
             buf[idx].Length = keySz;
         }
         buf[idx].TheAddress = (CAAM_ADDRESS)pk;
-        args[0] = key->blackKey; /* potentail black key, not in sm */
+        args[0] = key->blackKey; /* potential black key, not in sm */
     }
     idx++;
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
index 4a880189..848d6825 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_fsl_nxp.c
@@ -838,7 +838,7 @@ int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf,
                 buf[1].Length, (byte*)buf[2].TheAddress,
                 buf[2].Length, (byte*)buf[0].TheAddress,
                 buf[0].Length, CAAM_ENCAP_BLOB,
-                (args[0] = 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
+                (args[0] == 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
                 != kStatus_Success) {
             ret = WC_HW_E;
         }
@@ -849,7 +849,7 @@ int SynchronousSendRequest(int type, unsigned int args[4], CAAM_BUFFER *buf,
                 (byte*)buf[2].TheAddress, buf[2].Length,
                 (byte*)buf[0].TheAddress, buf[0].Length,
                 CAAM_DECAP_BLOB,
-                (args[0] = 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
+                (args[0] == 0)? CAAM_RED_BLOB : CAAM_BLACK_BLOB)
                 != kStatus_Success) {
             ret = WC_HW_E;
         }
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
index 0b66fd89..8326f308 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/caam/wolfcaam_seco.c
@@ -1228,7 +1228,7 @@ word32 wc_SECO_WrapKey(word32 keyId, byte* in, word32 inSz, byte* iv,
 }
 
 
-/* trasnlates the HSM error to wolfSSL error and does debug print out */
+/* Translates the HSM error to wolfSSL error and does debug print out */
 int wc_TranslateHSMError(int current, hsm_err_t err)
 {
     int ret = -1;
@@ -1323,7 +1323,7 @@ int wc_TranslateHSMError(int current, hsm_err_t err)
             break;
 
         default:
-            WOLFSSL_MSG("SECO HSM: unkown error value found");
+            WOLFSSL_MSG("SECO HSM: unknown error value found");
     }
 
     if (current != 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
index 7c9e679f..4a68b337 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/intel/quickassist_sync.c
@@ -23,7 +23,7 @@
     #include <config.h>
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef HAVE_INTEL_QA_SYNC
 
@@ -227,7 +227,7 @@ static int IntelQaGetCyInstanceCount(void);
 #ifdef QAT_DEBUG
     #define QLOG(...) do { printf(__VA_ARGS__); } while (0)
 #else
-    #define QLOG(...)
+    #define QLOG(...) WC_DO_NOTHING
 #endif
 
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
index b563c05a..bf87340a 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_aes.c
@@ -97,7 +97,7 @@
             iov.iov_len = sz;
             ret = (int)kcapi_cipher_stream_update(aes->handle, &iov, 1);
             if (ret < 0) {
-                WOLFSSL_MSG("CbcEncrypt error updateing through KCAPI");
+                WOLFSSL_MSG("CbcEncrypt error updating through KCAPI");
             }
         }
         if (ret >= 0) {
@@ -155,7 +155,7 @@
             iov.iov_len = sz;
             ret = (int)kcapi_cipher_stream_update(aes->handle, &iov, 1);
             if (ret < 0) {
-                WOLFSSL_MSG("CbcDecrypt error updateing through KCAPI");
+                WOLFSSL_MSG("CbcDecrypt error updating through KCAPI");
             }
         }
         if (ret >= 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
index 0b1bf4e1..cceaf252 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_dh.c
@@ -47,68 +47,6 @@ void KcapiDh_Free(DhKey* key)
 
 static int KcapiDh_SetParams(DhKey* key)
 {
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    int ret = 0;
-    unsigned char* pkcs3 = NULL;
-    word32 len = 0, idx = 0, len2;
-
-    len  = MAX_SEQ_SZ;                  /* Sequence */
-    len += ASN_TAG_SZ + MAX_LENGTH_SZ;  /* Integer */
-    len += mp_leading_bit(&key->p) ? 1 : 0;
-    len += mp_unsigned_bin_size(&key->p);
-    len += ASN_TAG_SZ + MAX_LENGTH_SZ;  /* Integer */
-    len += mp_leading_bit(&key->g) ? 1 : 0;
-    len += mp_unsigned_bin_size(&key->g);
-
-    pkcs3 = (unsigned char*)XMALLOC(len, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    if (pkcs3 == NULL) {
-        ret = MEMORY_E;
-    }
-
-    if (ret == 0) {
-        idx = len;
-        len2 = mp_unsigned_bin_size(&key->g);
-        idx -= len2;
-        ret = mp_to_unsigned_bin(&key->g, pkcs3 + idx);
-    }
-    if (ret >= 0) {
-        if (mp_leading_bit(&key->g)) {
-            pkcs3[--idx] = 0x00;
-            len2++;
-        }
-        idx -= SetLength(len2, NULL);
-        SetLength(len2, pkcs3 + idx);
-        pkcs3[--idx] = ASN_INTEGER;
-
-        len2 = mp_unsigned_bin_size(&key->p);
-        idx -= len2;
-        ret = mp_to_unsigned_bin(&key->p, pkcs3 + idx);
-    }
-    if (ret >= 0) {
-        if (mp_leading_bit(&key->p)) {
-            pkcs3[--idx] = 0x00;
-            len2++;
-        }
-        idx -= SetLength(len2, NULL);
-        SetLength(len2, pkcs3 + idx);
-        pkcs3[--idx] = ASN_INTEGER;
-
-        len2 = len - idx;
-        idx -= SetSequence(len2, NULL);
-        SetSequence(len2, pkcs3 + idx);
-
-        ret = kcapi_kpp_dh_setparam_pkcs3(key->handle, pkcs3 + idx, len - idx);
-        if (ret != 0) {
-            WOLFSSL_MSG("KcapiDh_SetParams: Failed to set");
-        }
-    }
-
-    if (pkcs3 != NULL) {
-        XFREE(pkcs3, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
-    }
-    return ret;
-#else
     int ret;
     unsigned char* pkcs3 = NULL;
     word32 len;
@@ -136,7 +74,6 @@ static int KcapiDh_SetParams(DhKey* key)
         XFREE(pkcs3, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
     }
     return ret;
-#endif
 }
 
 int KcapiDh_MakeKey(DhKey* key, byte* pub, word32* pubSz)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
index 72265d7b..f4a3b43c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hash.c
@@ -113,7 +113,7 @@ static int KcapiHashUpdate(wolfssl_KCAPI_Hash* hash, const byte* in, word32 sz)
                                            hash->heap, DYNAMIC_TYPE_TMP_BUFFER);
                 if (pt == NULL) {
                     ret = MEMORY_E;
-	        }
+                }
                 else {
                     hash->msg = pt;
                 }
@@ -318,36 +318,6 @@ int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst)
 static const char WC_NAME_SHA256[] = "sha256";
 
 
-/* create KCAPI handle for SHA256 operation */
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int InitSha256(wc_Sha256* sha)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA256);
-}
-
-
-int Sha256Update(wc_Sha256* sha, const byte* in, word32 sz)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha256Final(wc_Sha256* sha, byte* hash)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashFinal(&sha->kcapi, hash, WC_SHA256_DIGEST_SIZE,
-                          WC_NAME_SHA256);
-}
-#else
 int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devid)
 {
     if (sha == NULL) {
@@ -374,8 +344,6 @@ int wc_Sha256Final(wc_Sha256* sha, byte* hash)
     return KcapiHashFinal(&sha->kcapi, hash, WC_SHA256_DIGEST_SIZE,
                           WC_NAME_SHA256);
 }
-#endif
-
 
 int wc_Sha256GetHash(wc_Sha256* sha, byte* hash)
 {
@@ -400,37 +368,6 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
 
 static const char WC_NAME_SHA384[] = "sha384";
 
-
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* create KCAPI handle for SHA384 operation */
-int InitSha384(wc_Sha384* sha)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA384);
-}
-
-
-int Sha384Update(wc_Sha384* sha, const byte* in, word32 sz)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha384Final(wc_Sha384* sha, byte* hash)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashFinal(&sha->kcapi, hash, WC_SHA384_DIGEST_SIZE,
-                          WC_NAME_SHA384);
-}
-#else
 /* create KCAPI handle for SHA384 operation */
 int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devid)
 {
@@ -458,7 +395,6 @@ int wc_Sha384Final(wc_Sha384* sha, byte* hash)
     return KcapiHashFinal(&sha->kcapi, hash, WC_SHA384_DIGEST_SIZE,
                           WC_NAME_SHA384);
 }
-#endif
 
 int wc_Sha384GetHash(wc_Sha384* sha, byte* hash)
 {
@@ -483,36 +419,6 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
 
 static const char WC_NAME_SHA512[] = "sha512";
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* create KCAPI handle for SHA512 operation */
-int InitSha512(wc_Sha512* sha)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashInit(&sha->kcapi, NULL, INVALID_DEVID, WC_NAME_SHA512);
-}
-
-
-int Sha512Update(wc_Sha512* sha, const byte* in, word32 sz)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashUpdate(&sha->kcapi, in, sz);
-}
-
-
-int Sha512Final(wc_Sha512* sha, byte* hash)
-{
-    if (sha == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return KcapiHashFinal(&sha->kcapi, hash, WC_SHA512_DIGEST_SIZE,
-                          WC_NAME_SHA512);
-}
-#else
 /* create KCAPI handle for SHA512 operation */
 int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devid)
 {
@@ -540,7 +446,6 @@ int wc_Sha512Final(wc_Sha512* sha, byte* hash)
     return KcapiHashFinal(&sha->kcapi, hash, WC_SHA512_DIGEST_SIZE,
                           WC_NAME_SHA512);
 }
-#endif
 
 int wc_Sha512GetHash(wc_Sha512* sha, byte* hash)
 {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
index a233d999..0a5d4675 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_hmac.c
@@ -52,12 +52,7 @@ static const char WC_NAME_HMAC_SHA384[] = "hmac(sha384)";
 static const char WC_NAME_HMAC_SHA512[] = "hmac(sha512)";
 #endif
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacInit(Hmac* hmac, void* heap, int devId)
-#else
 int wc_HmacInit(Hmac* hmac, void* heap, int devId)
-#endif
 {
     int ret = 0;
 
@@ -76,12 +71,7 @@ int wc_HmacInit(Hmac* hmac, void* heap, int devId)
     return ret;
 }
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-void HmacFree(Hmac* hmac)
-#else
 void wc_HmacFree(Hmac* hmac)
-#endif
 {
     if (hmac != NULL) {
         if (hmac->handle != NULL) {
@@ -91,12 +81,7 @@ void wc_HmacFree(Hmac* hmac)
     }
 }
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
-#else
 int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
-#endif
 {
     int ret = 0;
     const char* ciphername = NULL;
@@ -197,12 +182,7 @@ int wc_HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length)
     return ret;
 }
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
-#else
 int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
-#endif
 {
     int ret = 0;
 
@@ -244,12 +224,7 @@ int wc_HmacUpdate(Hmac* hmac, const byte* msg, word32 length)
     return ret;
 }
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacFinal(Hmac* hmac, byte* hash)
-#else
 int wc_HmacFinal(Hmac* hmac, byte* hash)
-#endif
 {
     int ret = 0;
     int len = 0;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
index 602c50b8..cafca14e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/kcapi/kcapi_rsa.c
@@ -45,164 +45,6 @@ void KcapiRsa_Free(RsaKey* key)
     }
 }
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* Set the DER/BER encoding of the ASN.1 INTEGER header.
- *
- * len        Length of data to encode.
- * firstByte  First byte of data, most significant byte of integer, to encode.
- * output     Buffer to write into.
- * returns the number of bytes added to the buffer.
- */
-static int SetASNInt(int len, byte firstByte, byte* output)
-{
-    word32 idx = 0;
-
-    if (output)
-        output[idx] = ASN_INTEGER;
-    idx++;
-    if (firstByte & 0x80)
-        len++;
-    idx += SetLength(len, output ? output + idx : NULL);
-    if (firstByte & 0x80) {
-        if (output)
-            output[idx] = 0x00;
-        idx++;
-    }
-
-    return idx;
-}
-
-static int SetASNIntMP(mp_int* n, int maxSz, byte* output)
-{
-    int idx = 0;
-    int leadingBit;
-    int length;
-    int err;
-
-    leadingBit = mp_leading_bit(n);
-    length = mp_unsigned_bin_size(n);
-    idx = SetASNInt(length, leadingBit ? 0x80 : 0x00, output);
-    if (maxSz >= 0 && (idx + length) > maxSz)
-        return BUFFER_E;
-
-    if (output) {
-        err = mp_to_unsigned_bin(n, output + idx);
-        if (err != MP_OKAY)
-            return MP_TO_E;
-    }
-    idx += length;
-
-    return idx;
-}
-
-static mp_int* GetRsaInt(RsaKey* key, int idx)
-{
-    if (idx == 0)
-        return &key->n;
-    if (idx == 1)
-        return &key->e;
-    if (idx == 2)
-        return &key->d;
-    if (idx == 3)
-        return &key->p;
-    if (idx == 4)
-        return &key->q;
-    if (idx == 5)
-        return &key->dP;
-    if (idx == 6)
-        return &key->dQ;
-    if (idx == 7)
-        return &key->u;
-
-    return NULL;
-}
-
-/* Release Tmp RSA resources */
-static WC_INLINE void FreeTmpRsas(byte** tmps, void* heap)
-{
-    int i;
-
-    (void)heap;
-
-    for (i = 0; i < RSA_INTS; i++)
-        XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA);
-}
-
-
-/* Convert RsaKey key to DER format, write to output (inLen), return bytes
-   written */
-static int wc_RsaKeyToDer(RsaKey* key, byte* output, word32 inLen)
-{
-    word32 seqSz, verSz, rawLen, intTotalLen = 0;
-    word32 sizes[RSA_INTS];
-    int    i, j, outLen, ret = 0;
-
-    byte  seq[MAX_SEQ_SZ];
-    byte  ver[MAX_VERSION_SZ];
-    byte* tmps[RSA_INTS];
-
-    if (!key || !output)
-        return BAD_FUNC_ARG;
-
-    if (key->type != RSA_PRIVATE)
-        return BAD_FUNC_ARG;
-
-    for (i = 0; i < RSA_INTS; i++)
-        tmps[i] = NULL;
-
-    /* write all big ints from key to DER tmps */
-    for (i = 0; i < RSA_INTS; i++) {
-        int mpSz;
-        mp_int* keyInt = GetRsaInt(key, i);
-
-        rawLen = mp_unsigned_bin_size(keyInt) + 1;
-        tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap,
-                                 DYNAMIC_TYPE_RSA);
-        if (tmps[i] == NULL) {
-            ret = MEMORY_E;
-            break;
-        }
-
-        mpSz = SetASNIntMP(keyInt, MAX_RSA_INT_SZ, tmps[i]);
-        if (mpSz < 0) {
-            ret = mpSz;
-            break;
-        }
-        intTotalLen += (sizes[i] = mpSz);
-    }
-
-    if (ret != 0) {
-        FreeTmpRsas(tmps, key->heap);
-        return ret;
-    }
-
-    /* make headers */
-    verSz = SetMyVersion(0, ver, FALSE);
-    seqSz = SetSequence(verSz + intTotalLen, seq);
-
-    outLen = seqSz + verSz + intTotalLen;
-    if (outLen > (int)inLen) {
-        FreeTmpRsas(tmps, key->heap);
-        return BAD_FUNC_ARG;
-    }
-
-    /* write to output */
-    XMEMCPY(output, seq, seqSz);
-    j = seqSz;
-    XMEMCPY(output + j, ver, verSz);
-    j += verSz;
-
-    for (i = 0; i < RSA_INTS; i++) {
-        XMEMCPY(output + j, tmps[i], sizes[i]);
-        j += sizes[i];
-    }
-    FreeTmpRsas(tmps, key->heap);
-
-    return outLen;
-}
-#endif
-
 #if !defined(WOLFSSL_RSA_PUBLIC_ONLY) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
 static int KcapiRsa_SetPrivKey(RsaKey* key)
 {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
index a4736bf0..c0375fc5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/maxim/maxq10xx.c
@@ -23,7 +23,7 @@
     #include <config.h>
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #if defined(WOLFSSL_MAXQ1065) ||  defined(WOLFSSL_MAXQ108X)
 
@@ -52,7 +52,7 @@
 #ifdef MAXQ_DEBUG
 void dbg_dumphex(const char *identifier, const uint8_t* pdata, uint32_t plen);
 #else
-#define dbg_dumphex(identifier, pdata, plen)
+#define dbg_dumphex(identifier, pdata, plen) WC_DO_NOTHING
 #endif /* MAXQ_DEBUG */
 
 #if defined(USE_WINDOWS_API)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
index 054f1ea1..5d5434bf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/README_SE050.md
@@ -163,7 +163,7 @@ To enable SCP03 authentication, wolfSSL was using the following defines:
 ```
 
 Default ENC, MAC, and DEK keys for SCP03 should be set by defining the
-following values. Thes are the default keys wolfSSL used for the SE50C2
+following values. These are the default keys wolfSSL used for the SE50C2
 variant (OEF OID: A201). The variant can be seen by running the
 `se05x_GetInfo` sample application.
 
@@ -382,7 +382,7 @@ set to the number of bytes written into “out�.
 wolfSSL will not auto-delete generated keys associated with wolfCrypt
 structures (ex: `RsaKey`, `ecc_key`, etc) when the respective key free function
 is called (ex: `wc_ecc_free()`, `wc_FreeRsaKey()`). This is done by design in
-case the application wants to re-use that key that has been generated and
+case the application wants to reuse that key that has been generated and
 stored in the SE050.
 
 Credentials can be deleted from the SE050 storage by calling the wolfSSL helper
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
index e433ae6f..f78f1d69 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/nxp/dcp_port.c
@@ -47,9 +47,9 @@
 #define dcp_lock() wolfSSL_CryptHwMutexLock()
 #define dcp_unlock() wolfSSL_CryptHwMutexUnLock()
 #else
-#define dcp_lock_init() do{}while(0)
-#define dcp_lock() do{}while(0)
-#define dcp_unlock() do{}while(0)
+#define dcp_lock_init() WC_DO_NOTHING
+#define dcp_lock()      WC_DO_NOTHING
+#define dcp_unlock()    WC_DO_NOTHING
 #endif
 
 #if DCP_USE_OTP_KEY
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
index 55f0c680..6a7452cb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/psa/psa_pkcbs.c
@@ -58,7 +58,7 @@ static int psa_ecc_get_curve_info_from_curve_id(int ecc_curve,
  * psa_ecc_export_to_wc_key() - export psa @key_id into ecc_key @key
  * @key: already initialized ecc_key to export the key into [out]
  * @key_id: key to export [in]
- * @key_size: size fo the key [in]
+ * @key_size: size of the key [in]
  * @curve_id: wc id of the curve [in]
  *
  * returns 0 on success
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
index d6d0f782..aa1a97d2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/README.md
@@ -15,11 +15,15 @@ To enable support define the following:
 #define WOLFSSL_SILABS_SE_ACCEL
 ```
 
+## Simplicity Studio Example
+
+For the Silicon Labs Simplicity Studio example see [/IDE/SimplicityStudio/README.md](/IDE/SimplicityStudio/README.md).
+
 ## Caveats
 
 :warning: **Be sure to update the SE firmware** Testing and results were done using SE firmware `1.2.6`
 
-Update was preformed under Simplicity Studio directory:
+Update was performed under Simplicity Studio directory:
     `./developer/adapter_packs/commander/commander  flash ./offline/efr32/firmware/series2config1/se_firmware_package/s2c1_se_fw_upgrade_app_1v2p6.hex`
 
  * AES GCM tags length >= 16 bytes
@@ -33,8 +37,7 @@ Update was preformed under Simplicity Studio directory:
 
 The SE manager supports multi-threading for FreeRTOS and Micrium
 ([ref](https://docs.silabs.com/gecko-platform/latest/service/api/group-sl-se-manager#autotoc-md152)).
-If a different OS is used with multi-threading, additional mutex
-protection may be necessary.
+If a different OS is used with multi-threading, additional mutex protection may be necessary.
 
 ## Benchmarks
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
index dcd6b256..6dbb2858 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_ecc.c
@@ -31,6 +31,12 @@
 #include <wolfssl/wolfcrypt/error-crypt.h>
 #include <wolfssl/wolfcrypt/ecc.h>
 #include <wolfssl/wolfcrypt/port/silabs/silabs_ecc.h>
+#include "sl_se_manager_internal_keys.h"
+
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+static sl_se_key_descriptor_t private_device_key =
+    SL_SE_APPLICATION_ATTESTATION_KEY;
+#endif
 
 #ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
     /* FIPS build has replaced ecc.h. */
@@ -40,11 +46,17 @@
 
 #define SILABS_UNSUPPORTED_KEY_TYPE 0xFFFFFFFF
 
-static sl_se_key_type_t silabs_map_key_type (ecc_curve_id curve_id)
+/* For older Gecko SDK's with spelling error */
+#ifndef SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY
+#define SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY \
+    SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY
+#endif
+
+static sl_se_key_type_t silabs_map_key_type(ecc_curve_id curve_id)
 {
     sl_se_key_type_t res = SILABS_UNSUPPORTED_KEY_TYPE;
 
-    switch(curve_id) {
+    switch (curve_id) {
     case ECC_SECP192R1:
         res = SL_SE_KEY_TYPE_ECC_P192;
         break;
@@ -84,28 +96,41 @@ static sl_se_key_type_t silabs_map_key_type (ecc_curve_id curve_id)
     return res;
 }
 
-int silabs_ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, ecc_key* key)
+int silabs_ecc_sign_hash(const byte* in, word32 inlen, byte* out,
+    word32 *outlen, ecc_key* key)
 {
-    sl_status_t sl_stat = sl_se_init_command_context(&(key->cmd_ctx));
+    sl_status_t sl_stat;
+    sl_se_key_descriptor_t* slkey = &key->key;
     word32 siglen = *outlen;
 
-    sl_stat = sl_se_validate_key(&(key->key));
-
-    if (key->dp->size * 2 <= (int)siglen) {
+    if ((int)siglen >= key->dp->size * 2) {
         siglen = key->dp->size * 2;
     }
 
-    sl_stat = sl_se_ecc_sign(
-        &(key->cmd_ctx),
-        &(key->key),
-        0,
-        1,
-        in,
-        inlen,
-        out,
-        siglen
-        );
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+    /* if signing and not private key provided then use vault key */
+    if (key->type != ECC_PRIVATEKEY ||
+            mp_unsigned_bin_size(wc_ecc_key_get_priv(key)) == 0) {
+        slkey = &private_device_key;
+    }
+#endif
 
+    sl_stat = sl_se_init_command_context(&key->cmd_ctx);
+    if (sl_stat == SL_STATUS_OK) {
+        sl_stat = sl_se_validate_key(slkey);
+    }
+    if (sl_stat == SL_STATUS_OK) {
+        sl_stat = sl_se_ecc_sign(
+            &key->cmd_ctx,
+            slkey,
+            0,
+            1,
+            in,
+            inlen,
+            out,
+            siglen
+        );
+    }
     return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
 }
 
@@ -115,18 +140,18 @@ int silabs_ecc_verify_hash(const byte* sig, word32 siglen,
                            const byte* hash, word32 hashlen,
                            int* stat, ecc_key* key)
 {
-    sl_status_t sl_stat = sl_se_init_command_context(&(key->cmd_ctx));
-
-    sl_stat = sl_se_ecc_verify(
-        &(key->cmd_ctx),
-        &(key->key),
-        0,
-        1,
-        hash,
-        hashlen,
-        sig,
-        siglen);
-
+    sl_status_t sl_stat = sl_se_init_command_context(&key->cmd_ctx);
+    if (sl_stat == SL_STATUS_OK) {
+        sl_stat = sl_se_ecc_verify(
+            &key->cmd_ctx,
+            &key->key,
+            0,
+            1,
+            hash,
+            hashlen,
+            sig,
+            siglen);
+    }
     if (sl_stat == SL_STATUS_OK) {
         *stat = 1;
     } else if (sl_stat == SL_STATUS_INVALID_SIGNATURE) {
@@ -134,7 +159,6 @@ int silabs_ecc_verify_hash(const byte* sig, word32 siglen,
     } else {
         return WC_HW_E;
     }
-
     return 0;
 }
 #endif
@@ -144,161 +168,86 @@ int silabs_ecc_make_key(ecc_key* key, int keysize)
     sl_status_t sl_stat;
 
     key->key.type = silabs_map_key_type(key->dp->id);
-    if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
+    if (key->key.type == SILABS_UNSUPPORTED_KEY_TYPE)
         return WC_HW_E;
 
     key->key.size = keysize;
     key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
-    key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
-        | SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
-        | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
-    sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
-    key->key.storage.location.buffer.pointer = key->key_raw;
+    key->key.flags = (SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY |
+                      SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY |
+                      SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
 
-    sl_stat = sl_se_generate_key(&(key->cmd_ctx),
-                                 &(key->key));
-
-    key->type = ECC_PRIVATEKEY;
-
-    /* copy key to mp components */
-    mp_read_unsigned_bin (key->pubkey.x,
-                          key->key.storage.location.buffer.pointer,
-                          keysize);
-    mp_read_unsigned_bin (key->pubkey.y,
-                          key->key.storage.location.buffer.pointer  + keysize,
-                          keysize);
-    mp_read_unsigned_bin (wc_ecc_key_get_priv(key),
-                          key->key.storage.location.buffer.pointer + 2 * keysize,
-                          keysize);
+    sl_stat = sl_se_get_storage_size(&key->key,
+        &key->key.storage.location.buffer.size);
+    if (sl_stat == SL_STATUS_OK) {
+        key->key.storage.location.buffer.pointer = key->key_raw;
+        sl_stat = sl_se_generate_key(&key->cmd_ctx,
+                                    &key->key);
+    }
+    if (sl_stat == SL_STATUS_OK) {
+        key->type = ECC_PRIVATEKEY;
+
+        /* copy key to mp components */
+        mp_read_unsigned_bin(key->pubkey.x,
+            key->key.storage.location.buffer.pointer, keysize);
+        mp_read_unsigned_bin(key->pubkey.y,
+            key->key.storage.location.buffer.pointer  + keysize, keysize);
+        mp_read_unsigned_bin(wc_ecc_key_get_priv(key),
+            key->key.storage.location.buffer.pointer + (2 * keysize), keysize);
+    }
 
     return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
 }
 
-int silabs_ecc_import(ecc_key* key, word32 keysize)
+int silabs_ecc_import(ecc_key* key, word32 keysize, int pub, int priv)
 {
     sl_status_t sl_stat;
     int err = MP_OKAY;
-    word32 used = keysize;
+    word32 used;
 
     key->key.type = silabs_map_key_type(key->dp->id);
-    if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
+    if (key->key.type == SILABS_UNSUPPORTED_KEY_TYPE || keysize == 0)
         return WC_HW_E;
 
     key->key.size = keysize;
     key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
-    key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
-        | SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
-        | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
+    key->key.flags = (
+        (pub ?  SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY : 0) |
+        (priv ? SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY : 0) |
+                SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
 
-    sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
+    sl_stat = sl_se_get_storage_size(&key->key,
+        &key->key.storage.location.buffer.size);
     key->key.storage.location.buffer.pointer = key->key_raw;
     if (sl_stat != SL_STATUS_OK)
       return WC_HW_E;
 
-    key->type = ECC_PRIVATEKEY;
+    if (priv && pub)
+        key->type = ECC_PRIVATEKEY;
+    else if (priv)
+        key->type = ECC_PRIVATEKEY_ONLY;
+    else
+        key->type = ECC_PUBLICKEY;
 
     /* copy key from mp components */
-    if (err == MP_OKAY)
-        err = wc_export_int(key->pubkey.x, key->key.storage.location.buffer.pointer,
-                            &used, keysize,
-                            WC_TYPE_UNSIGNED_BIN);
-    if (err == MP_OKAY)
-        err = wc_export_int(key->pubkey.y, key->key.storage.location.buffer.pointer + keysize,
-                            &used, keysize,
-                            WC_TYPE_UNSIGNED_BIN);
-    if (err == MP_OKAY)
-        err = wc_export_int(wc_ecc_key_get_priv(key),
-            key->key.storage.location.buffer.pointer + 2 * keysize, &used,
-            keysize, WC_TYPE_UNSIGNED_BIN);
-
-    return err;
-}
-
-int silabs_ecc_import_private(ecc_key* key, word32 keysize)
-{
-    sl_status_t sl_stat;
-    int ret = 0;
-    word32 keySz = keysize;
-    key->key.type = silabs_map_key_type(key->dp->id);
-    if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
-        return WC_HW_E;
-
-    key->key.size = key->dp->size;
-    key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
-    key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY
-        | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
-    sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
-    key->key.storage.location.buffer.pointer = key->key_raw;
-    if (sl_stat != SL_STATUS_OK)
-          return WC_HW_E;
-
-    ret = wc_export_int(wc_ecc_key_get_priv(key),
-        key->key.storage.location.buffer.pointer, &keySz, keySz,
-        WC_TYPE_UNSIGNED_BIN);
-
-    if (keySz != keysize)
-        ret = WC_HW_E;
-
-    return ret;
-}
-
-int silabs_ecc_sig_to_rs(ecc_key* key, word32 keySz)
-{
-    sl_status_t sl_stat;
-    int err = MP_OKAY;
-
-    key->key.type = silabs_map_key_type(key->dp->id);
-    if (SILABS_UNSUPPORTED_KEY_TYPE == key->key.type)
-        return WC_HW_E;
-
-    key->key.size = keySz;
-    key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
-    key->key.flags = SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY
-        | SL_SE_KEY_FLAG_ASYMMMETRIC_SIGNING_ONLY;
-
-    sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
-    key->key.storage.location.buffer.pointer = key->key_raw;
-    if (sl_stat != SL_STATUS_OK)
-          return WC_HW_E;
-
-    if (err == MP_OKAY) {
-        keySz = key->dp->size;
+    if (err == MP_OKAY && pub) {
+        used = keysize;
         err = wc_export_int(key->pubkey.x,
-                            key->key.storage.location.buffer.pointer,
-                            &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
-        if (err == MP_OKAY)
-            err = wc_export_int(key->pubkey.y,
-                                key->key.storage.location.buffer.pointer + keySz,
-                                &keySz, keySz, WC_TYPE_UNSIGNED_BIN);
+            key->key.storage.location.buffer.pointer,
+            &used, keysize, WC_TYPE_UNSIGNED_BIN);
     }
-
-    return err;
-}
-
-int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int encType)
-{
-    sl_status_t sl_stat;
-    int err = MP_OKAY;
-    key->type = ECC_PRIVATEKEY;
-    key->key.flags |= SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PRIVATE_KEY;
-
-    sl_stat = sl_se_get_storage_size(&key->key, &key->key.storage.location.buffer.size);
-    if (sl_stat != SL_STATUS_OK)
-          return WC_HW_E;
-
-    if (encType == WC_TYPE_HEX_STR)
-        err = mp_read_radix(wc_ecc_key_get_priv(key), d, MP_RADIX_HEX);
-    else
-        err = mp_read_unsigned_bin(wc_ecc_key_get_priv(key), (const byte*)d,
-                                   key->dp->size);
-    if (err == MP_OKAY) {
+    if (err == MP_OKAY && pub) {
+        used = keysize;
+        err = wc_export_int(key->pubkey.y,
+            key->key.storage.location.buffer.pointer + keysize,
+            &used, keysize, WC_TYPE_UNSIGNED_BIN);
+    }
+    if (err == MP_OKAY && priv) {
+        used = keysize;
         err = wc_export_int(wc_ecc_key_get_priv(key),
-            key->key.storage.location.buffer.pointer + (2 * keySz), &keySz,
-            keySz, WC_TYPE_UNSIGNED_BIN);
+            key->key.storage.location.buffer.pointer + (keysize * 2),
+            &used, keysize, WC_TYPE_UNSIGNED_BIN);
     }
-
     return err;
 }
 
@@ -337,7 +286,7 @@ int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
 
     sl_stat = sl_se_ecdh_compute_shared_secret(
         &cmd,
-        &(private_key->key),
+        &private_key->key,
         &pub_key,
         &key_out);
 
@@ -349,4 +298,68 @@ int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
     return (sl_stat == SL_STATUS_OK) ? 0 : WC_HW_E;
 }
 
+int silabs_ecc_export_public(ecc_key* key, sl_se_key_descriptor_t* seKey)
+{
+    int ret;
+    sl_status_t sl_stat;
+    sl_se_command_context_t cmd;
+
+    if (key == NULL || seKey == NULL)
+        return BAD_FUNC_ARG;
+
+    if (seKey->type == SL_SE_KEY_TYPE_ECC_P192)
+        ret = wc_ecc_set_curve(key, 24, ECC_SECP192R1);
+    else if (seKey->type == SL_SE_KEY_TYPE_ECC_P256)
+        ret = wc_ecc_set_curve(key, 32, ECC_SECP256R1);
+#ifdef SL_SE_KEY_TYPE_ECC_P384
+    else if (seKey->type == SL_SE_KEY_TYPE_ECC_P384)
+        ret = wc_ecc_set_curve(key, 48, ECC_SECP384R1);
+#endif
+#ifdef SL_SE_KEY_TYPE_ECC_P521
+    else if (seKey->type == SL_SE_KEY_TYPE_ECC_P521)
+        ret = wc_ecc_set_curve(key, 66, ECC_SECP521R1);
+#endif
+    else
+        ret = ECC_CURVE_OID_E;
+    if (ret != 0)
+        return ret;
+
+    key->type = ECC_PUBLICKEY;
+    key->key.type = seKey->type;
+    key->key.size = key->dp->size;
+    key->key.storage.method = SL_SE_KEY_STORAGE_EXTERNAL_PLAINTEXT;
+    key->key.flags = (SL_SE_KEY_FLAG_ASYMMETRIC_BUFFER_HAS_PUBLIC_KEY |
+        SL_SE_KEY_FLAG_ASYMMETRIC_SIGNING_ONLY);
+
+    sl_stat = sl_se_get_storage_size(&key->key,
+        &key->key.storage.location.buffer.size);
+    key->key.storage.location.buffer.pointer = key->key_raw;
+    if (sl_stat == SL_STATUS_OK) {
+        sl_stat = sl_se_export_public_key(&cmd, seKey, &key->key);
+    }
+    if (sl_stat != SL_STATUS_OK) {
+        ret = WC_HW_E;
+    }
+    if (ret == 0) {
+        /* export public x and y */
+        ret = mp_read_unsigned_bin(key->pubkey.x,
+            key->key.storage.location.buffer.pointer,
+            key->key.size);
+    }
+    if (ret == 0) {
+        ret = mp_read_unsigned_bin(key->pubkey.y,
+            key->key.storage.location.buffer.pointer + key->key.size,
+            key->key.size);
+    }
+
+    return ret;
+}
+
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+int silabs_ecc_load_vault(ecc_key* key)
+{
+    return silabs_ecc_export_public(key, &private_device_key);
+}
+#endif
+
 #endif /* WOLFSSL_SILABS_SE_ACCEL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
index 5e29f55c..f0bb1110 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/silabs/silabs_hash.c
@@ -1,4 +1,4 @@
-/* silabs_se_hash.c
+/* silabs_hash.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -35,58 +35,52 @@
 
 #include <wolfssl/wolfcrypt/port/silabs/silabs_hash.h>
 
-int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
+static sl_se_hash_type_t wc_silabs_gethashtype(enum wc_HashType type)
 {
-    int ret = 0;
-    sl_status_t  rr;
-
-    /* set sizes and state */
-    XMEMSET(sha, 0, sizeof(wc_silabs_sha_t));
-
-    /* set init state */
-    switch(type) {
+ /* set init state */
+    switch (type) {
     case WC_HASH_TYPE_SHA:
-        rr = sl_se_hash_starts(&sha->hash_ctx,
-                               &sha->cmd_ctx,
-                               SL_SE_HASH_SHA1,
-                               &sha->hash_type_ctx);
+        return SL_SE_HASH_SHA1;
         break;
     case WC_HASH_TYPE_SHA224:
-        rr = sl_se_hash_starts(&sha->hash_ctx,
-                               &sha->cmd_ctx,
-                               SL_SE_HASH_SHA224,
-                               &sha->hash_type_ctx);
+        return SL_SE_HASH_SHA224;
         break;
     case WC_HASH_TYPE_SHA256:
-        rr = sl_se_hash_starts(&sha->hash_ctx,
-                               &sha->cmd_ctx,
-                               SL_SE_HASH_SHA256,
-                               &sha->hash_type_ctx);
-        break;
-
+        return SL_SE_HASH_SHA256;
 #ifdef WOLFSSL_SILABS_SHA384
     case WC_HASH_TYPE_SHA384:
-        rr = sl_se_hash_starts(&sha->hash_ctx,
-                               &sha->cmd_ctx,
-                               SL_SE_HASH_SHA384,
-                               &sha->hash_type_ctx);
-        break;
+        return SL_SE_HASH_SHA384;
 #endif
-
 #ifdef WOLFSSL_SILABS_SHA512
     case WC_HASH_TYPE_SHA512:
-        rr = sl_se_hash_starts(&sha->hash_ctx,
-                               &sha->cmd_ctx,
-                               SL_SE_HASH_SHA512,
-                               &sha->hash_type_ctx);
-        break;
+        return SL_SE_HASH_SHA512;
 #endif
-
     default:
-        ret = BAD_FUNC_ARG;
         break;
     }
+    return SL_SE_HASH_NONE;
+}
+
+int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
+{
+    int ret = 0;
+    sl_status_t rr;
+    sl_se_hash_type_t ht = wc_silabs_gethashtype(type);
+
+    if (ht == SL_SE_HASH_NONE) {
+        return NOT_COMPILED_IN;
+    }
+
+    /* set sizes and state */
+    XMEMSET(sha, 0, sizeof(wc_silabs_sha_t));
 
+    /* set init state */
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+    rr = sl_se_hash_starts(&sha->hash_ctx, &sha->cmd_ctx, ht,
+        &sha->hash_type_ctx);
+#else
+    rr = sl_se_hash_multipart_starts(&sha->hash_type_ctx, &sha->cmd_ctx, ht);
+#endif
     if (rr != SL_STATUS_OK) {
       ret = WC_HW_E;
     }
@@ -94,32 +88,43 @@ int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type)
     return ret;
 }
 
-int wc_silabs_se_hash_update (wc_silabs_sha_t* sha, const byte* data, word32 len)
+int wc_silabs_se_hash_update(wc_silabs_sha_t* sha, const byte* data,
+    word32 len)
 {
     int ret = 0;
+    sl_status_t status;
 
-    sl_status_t status = sl_se_hash_update(&sha->hash_ctx, data, len);
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+    status = sl_se_hash_update(&sha->hash_ctx, data, len);
+#else
+    status = sl_se_hash_multipart_update(&sha->hash_type_ctx, &sha->cmd_ctx,
+        data, len);
+#endif
     if (status != SL_STATUS_OK) {
-        ret = BUFFER_E;
+        ret = WC_HW_E;
     }
-
     return ret;
 }
 
-int wc_silabs_se_hash_final (wc_silabs_sha_t* sha, byte* hash)
+int wc_silabs_se_hash_final(wc_silabs_sha_t* sha, byte* hash, word32 len)
 {
     int ret = 0;
+    sl_status_t status;
 
-    sl_status_t status = sl_se_hash_finish(&sha->hash_ctx, hash, sha->hash_ctx.size);
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+    status = sl_se_hash_finish(&sha->hash_ctx, hash, len);
+#else
+    status = sl_se_hash_multipart_finish(&sha->hash_type_ctx, &sha->cmd_ctx,
+        hash, len);
+#endif
     if (status != SL_STATUS_OK) {
-        ret = BUFFER_E;
+        ret = WC_HW_E;
     }
-
     return ret;
 }
 
 
-int wc_HashUpdate_ex (wc_silabs_sha_t* sha, const byte* data, word32 len)
+static int wc_HashUpdate_ex(wc_silabs_sha_t* sha, const byte* data, word32 len)
 {
     int ret = 0;
 
@@ -130,13 +135,12 @@ int wc_HashUpdate_ex (wc_silabs_sha_t* sha, const byte* data, word32 len)
     ret = wolfSSL_CryptHwMutexLock();
     if (ret == 0) {
         ret = wc_silabs_se_hash_update(sha, data, len);
-
         wolfSSL_CryptHwMutexUnLock();
     }
     return ret;
 }
 
-int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash)
+static int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash, word32 len)
 {
     int ret = 0;
 
@@ -146,7 +150,7 @@ int wc_HashFinal_ex(wc_silabs_sha_t* sha, byte* hash)
 
     ret = wolfSSL_CryptHwMutexLock();
     if (ret == 0) {
-        ret = wc_silabs_se_hash_final(sha, hash);
+        ret = wc_silabs_se_hash_final(sha, hash, len);
         wolfSSL_CryptHwMutexUnLock();
     }
 
@@ -164,17 +168,17 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
     (void)devId;
     (void)heap;
 
-    return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA);
+    return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA);
 }
 
 int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
 {
-    return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+    return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
 }
 
 int wc_ShaFinal(wc_Sha* sha, byte* hash)
 {
-    int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+    int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA_DIGEST_SIZE);
 
     (void)wc_InitSha(sha);  /* reset state */
 
@@ -193,18 +197,18 @@ int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
     (void)devId;
     (void)heap;
 
-    return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA256);
+    return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA256);
 }
 
 
 int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len)
 {
-    return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+    return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
 }
 
 int wc_Sha256Final(wc_Sha256* sha, byte* hash)
 {
-    int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+    int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA256_DIGEST_SIZE);
 
     (void)wc_InitSha256(sha);  /* reset state */
 
@@ -212,7 +216,7 @@ int wc_Sha256Final(wc_Sha256* sha, byte* hash)
 }
 #endif /* ! NO_SHA256 */
 
-#ifndef NO_SHA224
+#ifdef WOLFSSL_SHA224
 int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
 {
     if (sha == NULL) {
@@ -222,24 +226,24 @@ int wc_InitSha224_ex(wc_Sha224* sha, void* heap, int devId)
     (void)devId;
     (void)heap;
 
-    return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA224);
+    return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA224);
 }
 
 
 int wc_Sha224Update(wc_Sha224* sha, const byte* data, word32 len)
 {
-    return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+    return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
 }
 
 int wc_Sha224Final(wc_Sha224* sha, byte* hash)
 {
-    int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+    int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA224_DIGEST_SIZE);
 
     (void)wc_InitSha224(sha);  /* reset state */
 
     return ret;
 }
-#endif /* ! NO_SHA224 */
+#endif /* WOLFSSL_SHA224 */
 
 #ifdef WOLFSSL_SILABS_SHA384
 int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
@@ -251,18 +255,18 @@ int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
     (void)devId;
     (void)heap;
 
-    return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA384);
+    return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA384);
 }
 
 
 int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len)
 {
-    return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+    return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
 }
 
 int wc_Sha384Final(wc_Sha384* sha, byte* hash)
 {
-    int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+    int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA384_DIGEST_SIZE);
 
     (void)wc_InitSha384(sha);  /* reset state */
 
@@ -280,18 +284,18 @@ int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId)
     (void)devId;
     (void)heap;
 
-    return wc_silabs_se_hash_init(&(sha->silabsCtx), WC_HASH_TYPE_SHA512);
+    return wc_silabs_se_hash_init(&sha->silabsCtx, WC_HASH_TYPE_SHA512);
 }
 
 
 int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len)
 {
-    return wc_HashUpdate_ex(&(sha->silabsCtx), data, len);
+    return wc_HashUpdate_ex(&sha->silabsCtx, data, len);
 }
 
 int wc_Sha512Final(wc_Sha512* sha, byte* hash)
 {
-    int ret = wc_HashFinal_ex(&(sha->silabsCtx), hash);
+    int ret = wc_HashFinal_ex(&sha->silabsCtx, hash, WC_SHA512_DIGEST_SIZE);
 
     (void)wc_InitSha512(sha);  /* reset state */
 
@@ -299,4 +303,4 @@ int wc_Sha512Final(wc_Sha512* sha, byte* hash)
 }
 #endif /* WOLFSSL_SILABS_SHA512 */
 
-#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
+#endif /* WOLFSSL_SILABS_SE_ACCEL */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
index 34e732ae..04d6c475 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stm32.c
@@ -43,11 +43,42 @@
     #include <wolfssl/wolfcrypt/aes.h>
 #endif
 
+#ifdef WOLFSSL_STM32_PKA
+#include <stdint.h>
+
+#if defined(WOLFSSL_STM32L5)
+#include <stm32l5xx_hal_conf.h>
+#include <stm32l5xx_hal_pka.h>
+#elif defined(WOLFSSL_STM32U5)
+#include <stm32u5xx_hal_conf.h>
+#include <stm32u5xx_hal_pka.h>
+#elif defined(WOLFSSL_STM32WB)
+#include <stm32wbxx_hal_conf.h>
+#include <stm32wbxx_hal_pka.h>
+#elif defined(WOLFSSL_STM32WL)
+#include <stm32wlxx_hal_conf.h>
+#include <stm32wlxx_hal_pka.h>
+#else
+#error Please add the hal_pk.h include
+#endif
+extern PKA_HandleTypeDef hpka;
+
+#if !defined(WOLFSSL_STM32_PKA_V2) && defined(PKA_ECC_SCALAR_MUL_IN_B_COEFF)
+/* PKA hardware like in U5 added coefB and primeOrder */
+#define WOLFSSL_STM32_PKA_V2
+#endif
+
+#ifdef HAVE_ECC
+#include <wolfssl/wolfcrypt/ecc.h>
+
 #ifndef WOLFSSL_HAVE_ECC_KEY_GET_PRIV
     /* FIPS build has replaced ecc.h. */
     #define wc_ecc_key_get_priv(key) (&((key)->k))
     #define WOLFSSL_HAVE_ECC_KEY_GET_PRIV
 #endif
+#endif /* HAVE_ECC */
+#endif /* WOLFSSL_STM32_PKA */
+
 
 #ifdef STM32_HASH
 
@@ -394,6 +425,10 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
 {
     int ret;
     word32 keySize;
+#ifdef STM32_HW_CLOCK_AUTO
+    /* enable the peripheral clock */
+    __HAL_RCC_CRYP_CLK_ENABLE();
+#endif
 
     ret = wc_AesGetKeySize(aes, &keySize);
     if (ret != 0)
@@ -428,6 +463,13 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_HandleTypeDef* hcryp)
     return 0;
 }
 
+void wc_Stm32_Aes_Cleanup(void)
+{
+#ifdef STM32_HW_CLOCK_AUTO
+    /* disable the peripheral clock */
+    __HAL_RCC_CRYP_CLK_DISABLE();
+#endif
+}
 #else /* Standard Peripheral Library */
 
 int wc_Stm32_Aes_Init(Aes* aes, CRYP_InitTypeDef* cryptInit,
@@ -486,35 +528,18 @@ int wc_Stm32_Aes_Init(Aes* aes, CRYP_InitTypeDef* cryptInit,
 
     return 0;
 }
+
+void wc_Stm32_Aes_Cleanup(void)
+{
+}
 #endif /* WOLFSSL_STM32_CUBEMX */
 #endif /* !NO_AES */
 #endif /* STM32_CRYPTO */
 
 #ifdef WOLFSSL_STM32_PKA
-#include <stdint.h>
-
-#if defined(WOLFSSL_STM32L5)
-#include <stm32l5xx_hal_conf.h>
-#include <stm32l5xx_hal_pka.h>
-#elif defined(WOLFSSL_STM32U5)
-#include <stm32u5xx_hal_conf.h>
-#include <stm32u5xx_hal_pka.h>
-#elif defined(WOLFSSL_STM32WB)
-#include <stm32wbxx_hal_conf.h>
-#include <stm32wbxx_hal_pka.h>
-#else
-#error Please add the hal_pk.h include
-#endif
-extern PKA_HandleTypeDef hpka;
-
-#if !defined(WOLFSSL_STM32_PKA_V2) && defined(PKA_ECC_SCALAR_MUL_IN_B_COEFF)
-/* PKA hardware like in U5 added coefB and primeOrder */
-#define WOLFSSL_STM32_PKA_V2
-#endif
 
 /* Reverse array in memory (in place) */
 #ifdef HAVE_ECC
-#include <wolfssl/wolfcrypt/ecc.h>
 
 /* convert from mp_int to STM32 PKA HAL integer, as array of bytes of size sz.
  * if mp_int has less bytes than sz, add zero bytes at most significant byte
@@ -525,11 +550,9 @@ extern PKA_HandleTypeDef hpka;
  */
 static int stm32_get_from_mp_int(uint8_t *dst, const mp_int *a, int sz)
 {
-    int res;
-    int szbin;
-    int offset;
+    int res, szbin, offset;
 
-    if (a == NULL || dst == NULL || sz < 0)
+    if (dst == NULL || a == NULL || sz < 0)
         return BAD_FUNC_ARG;
 
     /* check how many bytes are in the mp_int */
@@ -553,272 +576,93 @@ static int stm32_get_from_mp_int(uint8_t *dst, const mp_int *a, int sz)
     return res;
 }
 
-/* ECC specs in lsbyte at lowest address format for direct use by
- * STM32_PKA PKHA driver functions */
-#if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
-#define ECC192
-#endif
-#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
-#define ECC224
-#endif
-#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
-#define ECC256
-#endif
-#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
-#define ECC384
-#endif
+static int stm32_getabs_from_mp_int(uint8_t *dst, const mp_int *a, int sz,
+    uint32_t* abs_sign)
+{
+    int res;
+    mp_int x;
 
-/* STM32 PKA supports up to 640bit numbers */
-#define STM32_MAX_ECC_SIZE (80)
+    if (dst == NULL || a == NULL || sz < 0 || abs_sign == NULL)
+        return BAD_FUNC_ARG;
 
+    res = mp_init(&x);
+    if (res == MP_OKAY) {
+        /* make abs(x) and capture sign */
+    #if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
+        ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+            defined(WOLFSSL_SP_INT_NEGATIVE))
+        *abs_sign = x.sign;
+    #else
+        *abs_sign = 1; /* default to negative */
+    #endif
+        res = mp_abs(a, &x);
+        if (res == MP_OKAY)
+            res = stm32_get_from_mp_int(dst, &x, sz);
+        mp_clear(&x);
+    }
+    return res;
+}
 
-/* P-192 */
-#ifdef ECC192
-#define ECC192_KEYSIZE (24)
-static const uint8_t stm32_ecc192_prime[ECC192_KEYSIZE] = {
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-static const uint32_t stm32_ecc192_coef_sign = 1U;
-static const uint8_t stm32_ecc192_coef[ECC192_KEYSIZE] = {
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc192_coefB[ECC192_KEYSIZE] = {
-    0x64, 0x21, 0x05, 0x19, 0xe5, 0x9c, 0x80, 0xe7,
-    0x0f, 0xa7, 0xe9, 0xab, 0x72, 0x24, 0x30, 0x49,
-    0xfe, 0xb8, 0xde, 0xec, 0xc1, 0x46, 0xb9, 0xb1
-};
-static const uint8_t stm32_ecc192_pointX[ECC192_KEYSIZE] =  {
-    0x18, 0x8D, 0xA8, 0x0E,  0xB0, 0x30, 0x90, 0xF6,
-    0x7C, 0xBF, 0x20, 0xEB,  0x43, 0xA1, 0x88, 0x00,
-    0xF4, 0xFF, 0x0A, 0xFD,  0x82, 0xFF, 0x10, 0x12
-};
-static const uint8_t stm32_ecc192_pointY[ECC192_KEYSIZE] = {
-    0x07, 0x19, 0x2B, 0x95,  0xFF, 0xC8, 0xDA, 0x78,
-    0x63, 0x10, 0x11, 0xED,  0x6B, 0x24, 0xCD, 0xD5,
-    0x73, 0xF9, 0x77, 0xA1,  0x1E, 0x79, 0x48, 0x11
-};
-static const uint8_t stm32_ecc192_order[ECC192_KEYSIZE] = {
-    0xFF, 0xFF, 0xFF, 0xFF,  0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF,  0x99, 0xDE, 0xF8, 0x36,
-    0x14, 0x6B, 0xC9, 0xB1,  0xB4, 0xD2, 0x28, 0x31
-};
-#endif /* ECC192 */
-
-/* P-224 */
-#ifdef ECC224
-#define ECC224_KEYSIZE (28)
-static const uint8_t stm32_ecc224_prime[ECC224_KEYSIZE] = {
-    0xFF, 0xFF, 0xFF, 0xFF,  0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF,  0xFF, 0xFF, 0xFF, 0xFF,
-    0x00, 0x00, 0x00, 0x00,  0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x01
-};
-static const uint32_t stm32_ecc224_coef_sign = 1U;
-static const uint8_t stm32_ecc224_coef[ECC224_KEYSIZE] = {
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc224_coefB[ECC224_KEYSIZE] = {
-    0xb4, 0x05, 0x0a, 0x85, 0x0c, 0x04, 0xb3, 0xab,
-    0xf5, 0x41, 0x32, 0x56, 0x50, 0x44, 0xb0, 0xb7,
-    0xd7, 0xbf, 0xd8, 0xba, 0x27, 0x0b, 0x39, 0x43,
-    0x23, 0x55, 0xff, 0xb4
-};
-static const uint8_t stm32_ecc224_pointX[ECC224_KEYSIZE] =  {
-    0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F,
-    0x32, 0x13, 0x90, 0xB9, 0x4A, 0x03, 0xC1, 0xD3,
-    0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6,
-    0x11, 0x5C, 0x1D, 0x21
-};
-static const uint8_t stm32_ecc224_pointY[ECC224_KEYSIZE] = {
-    0xBD, 0x37, 0x63, 0x88, 0xB5, 0xF7, 0x23, 0xFB,
-    0x4C, 0x22, 0xDF, 0xE6, 0xCD, 0x43, 0x75, 0xA0,
-    0x5A, 0x07, 0x47, 0x64, 0x44, 0xD5, 0x81, 0x99,
-    0x85, 0x00, 0x7E, 0x34
-};
-static const uint8_t stm32_ecc224_order[ECC224_KEYSIZE] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x16, 0xA2,
-    0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45,
-    0x5C, 0x5C, 0x2A, 0x3D
-};
-#endif /* ECC224 */
-
-/* P-256 */
-#ifdef ECC256
-#define ECC256_KEYSIZE (32)
-static const uint8_t stm32_ecc256_prime[ECC256_KEYSIZE] = {
-    0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x01,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff
-};
-static const uint32_t stm32_ecc256_coef_sign = 1U;
-static const uint8_t stm32_ecc256_coef[ECC256_KEYSIZE] = {
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc256_coefB[ECC256_KEYSIZE] = {
-    0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
-    0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
-    0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
-    0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
-};
-static const uint8_t stm32_ecc256_pointX[ECC256_KEYSIZE] = {
-    0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
-    0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
-    0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
-    0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96
-};
-static const uint8_t stm32_ecc256_pointY[ECC256_KEYSIZE] = {
-    0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
-    0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
-    0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
-    0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
-};
-static const uint8_t stm32_ecc256_order[ECC256_KEYSIZE] = {
-    0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00, 0x00,
-    0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
-    0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e, 0x84,
-    0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
-};
-#endif /* ECC256 */
-
-/* P-384 */
-#ifdef ECC384
-#define ECC384_KEYSIZE (48)
-static const uint8_t stm32_ecc384_prime[ECC384_KEYSIZE] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE,
-    0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF
-};
-static const uint32_t stm32_ecc384_coef_sign = 1U;
-static const uint8_t stm32_ecc384_coef[ECC384_KEYSIZE] = {
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03
-};
-static const uint8_t stm32_ecc384_coefB[ECC384_KEYSIZE] = {
-    0xb3, 0x31, 0x2f, 0xa7, 0xe2, 0x3e, 0xe7, 0xe4,
-    0x98, 0x8e, 0x05, 0x6b, 0xe3, 0xf8, 0x2d, 0x19,
-    0x18, 0x1d, 0x9c, 0x6e, 0xfe, 0x81, 0x41, 0x12,
-    0x03, 0x14, 0x08, 0x8f, 0x50, 0x13, 0x87, 0x5a,
-    0xc6, 0x56, 0x39, 0x8d, 0x8a, 0x2e, 0xd1, 0x9d,
-    0x2a, 0x85, 0xc8, 0xed, 0xd3, 0xec, 0x2a, 0xef
-};
-static const uint8_t stm32_ecc384_pointX[ECC384_KEYSIZE] =  {
-    0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37,
-    0x8E, 0xB1, 0xC7, 0x1E, 0xF3, 0x20, 0xAD, 0x74,
-    0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98,
-    0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38,
-    0x55, 0x02, 0xF2, 0x5D, 0xBF, 0x55, 0x29, 0x6C,
-    0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7,
-};
-static const uint8_t stm32_ecc384_pointY[ECC384_KEYSIZE] = {
-    0x36, 0x17, 0xDE, 0x4A, 0x96, 0x26, 0x2C, 0x6F,
-    0x5D, 0x9E, 0x98, 0xBF, 0x92, 0x92, 0xDC, 0x29,
-    0xF8, 0xF4, 0x1D, 0xBD, 0x28, 0x9A, 0x14, 0x7C,
-    0xE9, 0xDA, 0x31, 0x13, 0xB5, 0xF0, 0xB8, 0xC0,
-    0x0A, 0x60, 0xB1, 0xCE, 0x1D, 0x7E, 0x81, 0x9D,
-    0x7A, 0x43, 0x1D, 0x7C, 0x90, 0xEA, 0x0E, 0x5F,
-};
-static const uint8_t stm32_ecc384_order[ECC384_KEYSIZE] = {
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
-    0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF,
-    0x58, 0x1A, 0x0D, 0xB2, 0x48, 0xB0, 0xA7, 0x7A,
-    0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73
-};
-#endif /* ECC384 */
-
-static int stm32_get_ecc_specs(const uint8_t **prime, const uint8_t **coef,
-    const uint8_t **coefB, const uint32_t **coef_sign,
-    const uint8_t **GenPointX, const uint8_t **GenPointY, const uint8_t **order,
-    int size)
+/* convert hex string to unsigned char */
+static int stm32_getabs_from_hexstr(const char* hex, uint8_t* dst, int sz,
+    uint32_t *abs_sign)
 {
-    switch (size) {
-#ifdef ECC256
-    case 32:
-        if (prime) *prime = stm32_ecc256_prime;
-        if (coef) *coef = stm32_ecc256_coef;
-        if (coefB) *coefB = stm32_ecc256_coefB;
-        if (GenPointX) *GenPointX = stm32_ecc256_pointX;
-        if (GenPointY) *GenPointY = stm32_ecc256_pointY;
-        if (coef_sign) *coef_sign = &stm32_ecc256_coef_sign;
-        if (order) *order = stm32_ecc256_order;
-        break;
-#endif
-#ifdef ECC224
-    case 28:
-        if (prime) *prime = stm32_ecc224_prime;
-        if (coef) *coef = stm32_ecc224_coef;
-        if (coefB) *coefB = stm32_ecc224_coefB;
-        if (GenPointX) *GenPointX = stm32_ecc224_pointX;
-        if (GenPointY) *GenPointY = stm32_ecc224_pointY;
-        if (coef_sign) *coef_sign = &stm32_ecc224_coef_sign;
-        if (order) *order = stm32_ecc224_order;
-        break;
-#endif
-#ifdef ECC192
-    case 24:
-        if (prime) *prime = stm32_ecc192_prime;
-        if (coef) *coef = stm32_ecc192_coef;
-        if (coefB) *coefB = stm32_ecc192_coefB;
-        if (GenPointX) *GenPointX = stm32_ecc192_pointX;
-        if (GenPointY) *GenPointY = stm32_ecc192_pointY;
-        if (coef_sign) *coef_sign = &stm32_ecc192_coef_sign;
-        if (order) *order = stm32_ecc192_order;
-        break;
-#endif
-#ifdef ECC384
-    case 48:
-        if (prime) *prime = stm32_ecc384_prime;
-        if (coef) *coef = stm32_ecc384_coef;
-        if (coefB) *coefB = stm32_ecc384_coefB;
-        if (GenPointX) *GenPointX = stm32_ecc384_pointX;
-        if (GenPointY) *GenPointY = stm32_ecc384_pointY;
-        if (coef_sign) *coef_sign = &stm32_ecc384_coef_sign;
-        if (order) *order = stm32_ecc384_order;
-        break;
-#endif
-    default:
-        return NOT_COMPILED_IN;
+    int res;
+    mp_int x;
+
+    if (hex == NULL || dst == NULL || sz < 0)
+        return BAD_FUNC_ARG;
+
+    res = mp_init(&x);
+    if (res == MP_OKAY) {
+        res = mp_read_radix(&x, hex, MP_RADIX_HEX);
+        /* optionally make abs(x) and capture sign */
+        if (res == MP_OKAY && abs_sign != NULL) {
+        #if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
+            ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
+                defined(WOLFSSL_SP_INT_NEGATIVE))
+            *abs_sign = x.sign;
+        #else
+            *abs_sign = 1; /* default to negative */
+        #endif
+            res = mp_abs(&x, &x);
+        }
+        if (res == MP_OKAY)
+            res = stm32_get_from_mp_int(dst, &x, sz);
+        mp_clear(&x);
     }
-    return 0;
+    return res;
+}
+static int stm32_get_from_hexstr(const char* hex, uint8_t* dst, int sz)
+{
+    return stm32_getabs_from_hexstr(hex, dst, sz, NULL);
 }
 
 
+/* STM32 PKA supports up to 640-bit numbers */
+#define STM32_MAX_ECC_SIZE (80)
+
+
 /**
    Perform a point multiplication  (timing resistant)
    k    The scalar to multiply by
    G    The base point
    R    [out] Destination for kG
+   a    ECC curve parameter a
    modulus  The modulus of the field the ECC curve is in
+   order    curve order
+   rng      Random Generator struct (not used)
    map      Boolean whether to map back to affine or not
-            (1==map, 0 == leave in projective)
+                (1==map, 0 == leave in projective)
    return MP_OKAY on success
 */
-int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
-    mp_int *modulus, int map, void* heap)
+
+int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
+                      mp_int* modulus, mp_int* o, WC_RNG* rng, int map,
+                      void* heap)
 {
     PKA_ECCMulInTypeDef pka_mul;
     PKA_ECCMulOutTypeDef pka_mul_res;
-    uint8_t size;
     int szModulus;
     int szkbin;
     int status;
@@ -828,8 +672,15 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
     uint8_t kbin[STM32_MAX_ECC_SIZE];
     uint8_t PtXbin[STM32_MAX_ECC_SIZE];
     uint8_t PtYbin[STM32_MAX_ECC_SIZE];
-    const uint8_t *prime, *coef, *coefB, *gen_x, *gen_y, *order;
-    const uint32_t *coef_sign;
+    uint8_t prime[STM32_MAX_ECC_SIZE];
+    uint8_t coefA[STM32_MAX_ECC_SIZE];
+#ifdef WOLFSSL_STM32_PKA_V2
+    uint8_t coefB[STM32_MAX_ECC_SIZE];
+    uint8_t order[STM32_MAX_ECC_SIZE];
+#endif
+    uint32_t coefA_sign = 1;
+
+    (void)rng;
 
     XMEMSET(&pka_mul, 0x00, sizeof(PKA_ECCMulInTypeDef));
     XMEMSET(&pka_mul_res, 0x00, sizeof(PKA_ECCMulOutTypeDef));
@@ -848,20 +699,22 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
         res = stm32_get_from_mp_int(Gxbin, G->x, szModulus);
     if (res == MP_OKAY)
         res = stm32_get_from_mp_int(Gybin, G->y, szModulus);
-
+    if (res == MP_OKAY)
+        res = stm32_get_from_mp_int(prime, modulus, szModulus);
+    if (res == MP_OKAY)
+        res = stm32_getabs_from_mp_int(coefA, a, szModulus, &coefA_sign);
+#ifdef WOLFSSL_STM32_PKA_V2
+    XMEMSET(order, 0, sizeof(order));
+    XMEMSET(coefB, 0, sizeof(coefB));
+    if (res == MP_OKAY && o != NULL)
+        res = stm32_get_from_mp_int(order, o, szModulus);
+#endif
     if (res != MP_OKAY)
         return res;
 
-    size = (uint8_t)szModulus;
-    /* find STM32_PKA friendly parameters for the selected curve */
-    if (0 != stm32_get_ecc_specs(&prime, &coef, &coefB, &coef_sign,
-            &gen_x, &gen_y, &order, size)) {
-        return ECC_BAD_ARG_E;
-    }
-
     pka_mul.modulusSize = szModulus;
-    pka_mul.coefSign = *coef_sign;
-    pka_mul.coefA = coef;
+    pka_mul.coefSign = coefA_sign;
+    pka_mul.coefA = coefA;
     pka_mul.modulus = prime;
     pka_mul.pointX = Gxbin;
     pka_mul.pointY = Gybin;
@@ -870,9 +723,6 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
 #ifdef WOLFSSL_STM32_PKA_V2
     pka_mul.coefB = coefB;
     pka_mul.primeOrder = order;
-#else
-    (void)order;
-    (void)coefB;
 #endif
 
     status = HAL_PKA_ECCMul(&hpka, &pka_mul, HAL_MAX_DELAY);
@@ -883,9 +733,9 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
     pka_mul_res.ptX = Gxbin;
     pka_mul_res.ptY = Gybin;
     HAL_PKA_ECCMul_GetResult(&hpka, &pka_mul_res);
-    res = mp_read_unsigned_bin(R->x, Gxbin, size);
+    res = mp_read_unsigned_bin(R->x, Gxbin, szModulus);
     if (res == MP_OKAY) {
-        res = mp_read_unsigned_bin(R->y, Gybin, size);
+        res = mp_read_unsigned_bin(R->y, Gybin, szModulus);
 
 #if defined(USE_FAST_MATH) || defined(USE_INTEGER_HEAP_MATH) || \
     ((defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)) && \
@@ -901,18 +751,14 @@ int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
     HAL_PKA_RAMReset(&hpka);
 
     (void)heap;
-    (void)a; /* uses computed (absolute value, |a| < p) */
 
     return res;
 }
 
-int wc_ecc_mulmod_ex2(const mp_int* k, ecc_point *G, ecc_point *R, mp_int* a,
-                      mp_int* modulus, mp_int* order, WC_RNG* rng, int map,
-                      void* heap)
+int wc_ecc_mulmod_ex(const mp_int *k, ecc_point *G, ecc_point *R, mp_int* a,
+    mp_int *modulus, int map, void* heap)
 {
-    (void)order;
-    (void)rng;
-    return wc_ecc_mulmod_ex(k, G, R, a, modulus, map, heap);
+    return wc_ecc_mulmod_ex2(k, G, R, a, modulus, NULL, NULL, map, heap);
 }
 
 int ecc_map_ex(ecc_point* P, mp_int* modulus, mp_digit mp, int ct)
@@ -929,8 +775,7 @@ int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
                     word32 hashlen, int* res, ecc_key* key)
 {
     PKA_ECDSAVerifInTypeDef pka_ecc;
-    uint8_t size;
-    int szModulus;
+    int size;
     int szrbin;
     int status;
     uint8_t Rbin[STM32_MAX_ECC_SIZE];
@@ -939,47 +784,59 @@ int stm32_ecc_verify_hash_ex(mp_int *r, mp_int *s, const byte* hash,
     uint8_t Qybin[STM32_MAX_ECC_SIZE];
     uint8_t Hashbin[STM32_MAX_ECC_SIZE];
     uint8_t privKeybin[STM32_MAX_ECC_SIZE];
-    const uint8_t *prime, *coef, *gen_x, *gen_y, *order;
-    const uint32_t *coef_sign;
+    uint8_t prime[STM32_MAX_ECC_SIZE];
+    uint8_t coefA[STM32_MAX_ECC_SIZE];
+    uint8_t gen_x[STM32_MAX_ECC_SIZE];
+    uint8_t gen_y[STM32_MAX_ECC_SIZE];
+    uint8_t order[STM32_MAX_ECC_SIZE];
+    uint32_t coefA_sign = 1;
+
     XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSAVerifInTypeDef));
 
-    if (r == NULL || s == NULL || hash == NULL || res == NULL || key == NULL) {
+    if (r == NULL || s == NULL || hash == NULL || res == NULL || key == NULL ||
+            key->dp == NULL) {
         return ECC_BAD_ARG_E;
     }
     *res = 0;
 
-    szModulus = mp_unsigned_bin_size(key->pubkey.x);
     szrbin = mp_unsigned_bin_size(r);
+    size = wc_ecc_size(key);
 
     status = stm32_get_from_mp_int(Rbin, r, szrbin);
     if (status == MP_OKAY)
         status = stm32_get_from_mp_int(Sbin, s, szrbin);
     if (status == MP_OKAY)
-        status = stm32_get_from_mp_int(Qxbin, key->pubkey.x, szModulus);
+        status = stm32_get_from_mp_int(Qxbin, key->pubkey.x, size);
     if (status == MP_OKAY)
-        status = stm32_get_from_mp_int(Qybin, key->pubkey.y, szModulus);
+        status = stm32_get_from_mp_int(Qybin, key->pubkey.y, size);
     if (status == MP_OKAY)
         status = stm32_get_from_mp_int(privKeybin, wc_ecc_key_get_priv(key),
-            szModulus);
+            size);
     if (status != MP_OKAY)
         return status;
 
-    size = (uint8_t)szModulus;
+
     /* find parameters for the selected curve */
-    if (0 != stm32_get_ecc_specs(&prime, &coef, NULL, &coef_sign,
-            &gen_x, &gen_y, &order, size)) {
-        return ECC_BAD_ARG_E;
-    }
+    status = stm32_get_from_hexstr(key->dp->prime, prime, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->order, order, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->Gx, gen_x, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->Gy, gen_y, size);
+    if (status == MP_OKAY)
+        status = stm32_getabs_from_hexstr(key->dp->Af, coefA, size, &coefA_sign);
+    if (status != MP_OKAY)
+        return status;
 
     pka_ecc.primeOrderSize =  size;
     pka_ecc.modulusSize =     size;
-    pka_ecc.coefSign =        *coef_sign;
-    pka_ecc.coef =            coef;
+    pka_ecc.coefSign =        coefA_sign;
+    pka_ecc.coef =            coefA;
     pka_ecc.modulus =         prime;
     pka_ecc.basePointX =      gen_x;
     pka_ecc.basePointY =      gen_y;
     pka_ecc.primeOrder =      order;
-
     pka_ecc.pPubKeyCurvePtX = Qxbin;
     pka_ecc.pPubKeyCurvePtY = Qybin;
     pka_ecc.RSign =           Rbin;
@@ -1025,46 +882,67 @@ int stm32_ecc_sign_hash_ex(const byte* hash, word32 hashlen, WC_RNG* rng,
     uint8_t Rbin[STM32_MAX_ECC_SIZE];
     uint8_t Sbin[STM32_MAX_ECC_SIZE];
     uint8_t Hashbin[STM32_MAX_ECC_SIZE];
-    const uint8_t *prime, *coef, *coefB, *gen_x, *gen_y, *order;
-    const uint32_t *coef_sign;
+    uint8_t prime[STM32_MAX_ECC_SIZE];
+    uint8_t coefA[STM32_MAX_ECC_SIZE];
+#ifdef WOLFSSL_STM32_PKA_V2
+    uint8_t coefB[STM32_MAX_ECC_SIZE];
+#endif
+    uint8_t gen_x[STM32_MAX_ECC_SIZE];
+    uint8_t gen_y[STM32_MAX_ECC_SIZE];
+    uint8_t order[STM32_MAX_ECC_SIZE];
+    uint32_t coefA_sign = 1;
+
     XMEMSET(&pka_ecc, 0x00, sizeof(PKA_ECDSASignInTypeDef));
     XMEMSET(&pka_ecc_out, 0x00, sizeof(PKA_ECDSASignOutTypeDef));
 
-    if (r == NULL || s == NULL || hash == NULL || key == NULL) {
+    if (r == NULL || s == NULL || hash == NULL || key == NULL ||
+            key->dp == NULL) {
         return ECC_BAD_ARG_E;
     }
 
-    mp_init(&gen_k);
-    mp_init(&order_mp);
-
     size = wc_ecc_size(key);
 
-    status = stm32_get_from_mp_int(Keybin, wc_ecc_key_get_priv(key), size);
+    /* find parameters for the selected curve */
+    status = stm32_get_from_hexstr(key->dp->prime, prime, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->order, order, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->Gx, gen_x, size);
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->Gy, gen_y, size);
+    if (status == MP_OKAY)
+        status = stm32_getabs_from_hexstr(key->dp->Af, coefA, size, &coefA_sign);
+#ifdef WOLFSSL_STM32_PKA_V2
+    if (status == MP_OKAY)
+        status = stm32_get_from_hexstr(key->dp->Bf, coefB, size);
+#endif
     if (status != MP_OKAY)
         return status;
 
-    /* find parameters for the selected curve */
-    if (0 != stm32_get_ecc_specs(&prime, &coef, &coefB, &coef_sign,
-            &gen_x, &gen_y, &order, size)) {
-        return ECC_BAD_ARG_E;
-    }
-
+    /* generate random part of "k" */
+    mp_init(&gen_k);
+    mp_init(&order_mp);
     status = mp_read_unsigned_bin(&order_mp, order, size);
     if (status == MP_OKAY)
         status = wc_ecc_gen_k(rng, size, &gen_k, &order_mp);
     if (status == MP_OKAY)
         status = stm32_get_from_mp_int(Intbin, &gen_k, size);
+    mp_clear(&gen_k);
+    mp_clear(&order_mp);
+    if (status != MP_OKAY)
+        return status;
+
+    /* get private part of "k" */
+    status = stm32_get_from_mp_int(Keybin, wc_ecc_key_get_priv(key), size);
     if (status != MP_OKAY)
         return status;
 
     pka_ecc.primeOrderSize =  size;
     pka_ecc.modulusSize =     size;
-    pka_ecc.coefSign =        *coef_sign;
-    pka_ecc.coef =            coef;
+    pka_ecc.coefSign =        coefA_sign;
+    pka_ecc.coef =            coefA;
 #ifdef WOLFSSL_STM32_PKA_V2
     pka_ecc.coefB =           coefB;
-#else
-    (void)coefB;
 #endif
     pka_ecc.modulus =         prime;
     pka_ecc.basePointX =      gen_x;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
index 4625496d..ebe07273 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/st/stsafe.c
@@ -19,11 +19,12 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/wolfcrypt/port/st/stsafe.h>
 #include <wolfssl/wolfcrypt/logging.h>
 
 #ifndef STSAFE_INTERFACE_PRINTF
-#define STSAFE_INTERFACE_PRINTF(...)
+#define STSAFE_INTERFACE_PRINTF(...) WC_DO_NOTHING
 #endif
 
 #ifdef WOLFSSL_STSAFEA100
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
index 3367a02f..aabcbd37 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-aesgcm.c
@@ -151,7 +151,7 @@ static WC_INLINE int setup(Aes* aes,
     byte *aad_buf = NULL;
     int err;
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)aes->keyInit,
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)aes->keyInit,
                                         sizeof(aes->keyInit));
 
     if (XSecure_AesWriteKey(&(aes->xSec.cinst), aes->kup, aes->xKeySize,
@@ -164,7 +164,7 @@ static WC_INLINE int setup(Aes* aes,
         XMEMCPY(iv_, iv, AEAD_NONCE_SZ);
         piv = iv_;
     }
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)piv, AEAD_NONCE_SZ);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)piv, AEAD_NONCE_SZ);
 
     if (init(&(aes->xSec.cinst), aes->kup, aes->xKeySize, XIL_CAST_U64(piv))) {
         WOLFSSL_XIL_MSG("Failed to init");
@@ -195,7 +195,7 @@ static WC_INLINE int setup(Aes* aes,
         XMEMCPY((void* )aad, authIn, authInSz);
     }
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)aad, authInSz);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)aad, authInSz);
 
     if (XSecure_AesUpdateAad(&(aes->xSec.cinst), XIL_CAST_U64(authIn),
                              authInSz)) {
@@ -221,7 +221,7 @@ static WC_INLINE int handle_aad(       Aes* aes,
     byte initalCounter[AES_BLOCK_SIZE] = { 0 };
     XMEMCPY(initalCounter, iv, AEAD_NONCE_SZ);
     initalCounter[AES_BLOCK_SIZE - 1] = 1;
-    GHASH(aes, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
+    GHASH(&aes->gcm, authIn, authInSz, data, sz, authTag, AES_GCM_AUTH_SZ);
     ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
     if (ret == 0)
         xorbuf(authTag, scratch, AES_GCM_AUTH_SZ);
@@ -277,7 +277,7 @@ int wc_AesGcmEncrypt(       Aes* aes, byte* out,
 
     if (NEEDS_ALIGNMENT(out, XIL_AESGCM_ALIGN)) {
         if (in != in_aligned) {
-            /* In case `in` has been copied already, re-use that buffer
+            /* In case `in` has been copied already, reuse that buffer
              * and also write to it instead of allocating another one.
              */
             out_aligned = in_aligned;
@@ -296,9 +296,9 @@ int wc_AesGcmEncrypt(       Aes* aes, byte* out,
         out_aligned = out;
     }
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)in_aligned, sz);
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, sizeof(tag));
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in_aligned, sz);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, sizeof(tag));
 
     if (XSecure_AesEncryptUpdate(&(aes->xSec.cinst), XIL_CAST_U64(in_aligned),
                                  XIL_CAST_U64(out_aligned), sz, TRUE)) {
@@ -313,8 +313,8 @@ int wc_AesGcmEncrypt(       Aes* aes, byte* out,
         ret = WC_HW_E;
         ForceZero(authTag, authTagSz);
     } else {
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, sizeof(tag));
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, sizeof(tag));
 
         if (aes->aadStyle == SW_AAD) {
             ret = handle_aad(aes, out_aligned, sz, iv, authTag, authIn,
@@ -392,7 +392,7 @@ int  wc_AesGcmDecrypt(       Aes* aes, byte* out,
 
     if (NEEDS_ALIGNMENT(out, XIL_AESGCM_ALIGN)) {
         if (in != in_aligned) {
-            /* In case `in` has been copied already, re-use that buffer
+            /* In case `in` has been copied already, reuse that buffer
              * and also write to it instead of allocating another one.
              */
             out_aligned = in_aligned;
@@ -411,8 +411,8 @@ int  wc_AesGcmDecrypt(       Aes* aes, byte* out,
         out_aligned = out;
     }
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)in_aligned, sz);
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)in_aligned, sz);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
 
     if (aes->aadStyle == HW_ENGINE_AAD) {
         /* Use the originally provided tag */
@@ -441,14 +441,14 @@ int  wc_AesGcmDecrypt(       Aes* aes, byte* out,
         goto error_out;
     }
 
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)tag, AES_GCM_AUTH_SZ);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)tag, AES_GCM_AUTH_SZ);
 
     if (XSecure_AesDecryptFinal(&(aes->xSec.cinst), XIL_CAST_U64(tag))) {
         WOLFSSL_XIL_MSG("DecryptFinal failed");
         ret = WC_HW_E;
     } else {
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out_aligned, sz);
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)buf, sizeof(buf));
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out_aligned, sz);
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)buf, sizeof(buf));
 
         if (aes->aadStyle == SW_AAD) {
             if (ConstantCompare(authTag, real_tag, authTagSz) != 0) {
@@ -558,7 +558,7 @@ int  wc_AesGcmEncrypt(Aes* aes, byte* out,
         XMEMSET(initalCounter, 0, AES_BLOCK_SIZE);
         XMEMCPY(initalCounter, iv, ivSz);
         initalCounter[AES_BLOCK_SIZE - 1] = 1;
-        GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz);
+        GHASH(&aes->gcm, authIn, authInSz, out, sz, authTag, authTagSz);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0)
             return ret;
@@ -597,7 +597,7 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out,
         XMEMCPY(initalCounter, iv, ivSz);
         initalCounter[AES_BLOCK_SIZE - 1] = 1;
         tag = buf;
-        GHASH(aes, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
+        GHASH(&aes->gcm, NULL, 0, in, sz, tag, AES_GCM_AUTH_SZ);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0)
             return ret;
@@ -614,7 +614,7 @@ int  wc_AesGcmDecrypt(Aes* aes, byte* out,
 
     /* account for additional data */
     if (authIn != NULL && authInSz > 0) {
-        GHASH(aes, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
+        GHASH(&aes->gcm, authIn, authInSz, in, sz, tag, AES_GCM_AUTH_SZ);
         ret = wc_AesEncryptDirect(aes, scratch, initalCounter);
         if (ret < 0)
             return ret;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
index 459e8d6d..0d440916 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/port/xilinx/xil-sha3.c
@@ -74,7 +74,7 @@ int wc_Sha3_384_Update(wc_Sha3* sha, const byte* data, word32 len)
     if (sha == NULL ||  (data == NULL && len > 0)) {
         return BAD_FUNC_ARG;
     }
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)data, len);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)data, len);
     XSecure_Sha3Update(&(sha->xSec.cinst), XIL_CAST_U64(data), len);
 
     return 0;
@@ -91,7 +91,7 @@ int wc_Sha3_384_Final(wc_Sha3* sha, byte* out)
     if (sha == NULL || out == NULL) {
         return BAD_FUNC_ARG;
     }
-    WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, WC_SHA3_384_DIGEST_SIZE);
+    WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, WC_SHA3_384_DIGEST_SIZE);
     XSecure_Sha3Finish(&(sha->xSec.cinst), XIL_CAST_U64(out));
 
     return wc_InitSha3_384(sha, NULL, INVALID_DEVID);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c b/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
index e75f5df3..8be0c64e 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/pwdbased.c
@@ -559,6 +559,10 @@ int wc_PKCS12_PBKDF_ex(byte* output, const byte* passwd, int passLen,
 #endif /* HAVE_PKCS12 */
 
 #ifdef HAVE_SCRYPT
+#ifdef NO_HMAC
+   #error scrypt requires HMAC
+#endif
+
 /* Rotate the 32-bit value a by b bits to the left.
  *
  * a  32-bit value.
@@ -681,7 +685,7 @@ static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
     word32 i;
     word32 j;
     word32 k;
-    word32 bSz = 128 * r;
+    word32 bSz = (word32)(128 * r);
 #ifdef WORD64_AVAILABLE
     word64* x64 = (word64*)x;
     word64* v64 = (word64*)v;
@@ -703,7 +707,7 @@ static void scryptROMix(byte* x, byte* v, byte* y, int r, word32 n)
     {
 #ifdef LITTLE_ENDIAN_ORDER
 #ifdef WORD64_AVAILABLE
-        j = *(word64*)(x + (2*r - 1) * 64) & (n-1);
+        j = (word32)(*(word64*)(x + (2*r - 1) * 64) & (n-1));
 #else
         j = *(word32*)(x + (2*r - 1) * 64) & (n-1);
 #endif
@@ -764,43 +768,45 @@ int wc_scrypt(byte* output, const byte* passwd, int passLen,
      * the comparison is greater than parallel's type. It wouldn't promote
      * both sides to word64. What follows is just arithmetic simplification.
      */
-    if ((word32)parallel > (SCRYPT_WORD32_MAX / (4 * blockSize)))
+    if (parallel > (int)((SCRYPT_WORD32_MAX / 4) / (word32)blockSize))
         return BAD_FUNC_ARG;
 
-    bSz = 128 * blockSize;
-    if ((word32)parallel > (SCRYPT_WORD32_MAX / bSz))
+    bSz = 128 * (word32)blockSize;
+    if (parallel > (int)(SCRYPT_WORD32_MAX / bSz))
         return BAD_FUNC_ARG;
-    blocksSz = bSz * parallel;
-    blocks = (byte*)XMALLOC(blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    blocksSz = bSz * (word32)parallel;
+    blocks = (byte*)XMALLOC((size_t)blocksSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     if (blocks == NULL) {
         ret = MEMORY_E;
         goto end;
     }
     /* Temporary for scryptROMix. */
-    v = (byte*)XMALLOC((1 << cost) * bSz, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    v = (byte*)XMALLOC((size_t)((1 << cost) * bSz), NULL,
+                       DYNAMIC_TYPE_TMP_BUFFER);
     if (v == NULL) {
         ret = MEMORY_E;
         goto end;
     }
     /* Temporary for scryptBlockMix. */
-    y = (byte*)XMALLOC(blockSize * 128, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+    y = (byte*)XMALLOC((size_t)(blockSize * 128), NULL,
+                       DYNAMIC_TYPE_TMP_BUFFER);
     if (y == NULL) {
         ret = MEMORY_E;
         goto end;
     }
 
     /* Step 1. */
-    ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, blocksSz,
+    ret = wc_PBKDF2(blocks, passwd, passLen, salt, saltLen, 1, (int)blocksSz,
                     WC_SHA256);
     if (ret != 0)
         goto end;
 
     /* Step 2. */
     for (i = 0; i < parallel; i++)
-        scryptROMix(blocks + i * bSz, v, y, blockSize, 1 << cost);
+        scryptROMix(blocks + i * (int)bSz, v, y, (int)blockSize, 1 << cost);
 
     /* Step 3. */
-    ret = wc_PBKDF2(output, passwd, passLen, blocks, blocksSz, 1, dkLen,
+    ret = wc_PBKDF2(output, passwd, passLen, blocks, (int)blocksSz, 1, dkLen,
                     WC_SHA256);
 end:
     if (blocks != NULL)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
index c54e8ce5..cc47fab2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
@@ -63,58 +63,6 @@ This library contains implementation for the random number generator.
 #endif
 
 
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-int wc_GenerateSeed(OS_Seed* os, byte* seed, word32 sz)
-{
-    return GenerateSeed(os, seed, sz);
-}
-
-int wc_InitRng_ex(WC_RNG* rng, void* heap, int devId)
-{
-    (void)heap;
-    (void)devId;
-    return InitRng_fips(rng);
-}
-
-WOLFSSL_ABI
-int wc_InitRng(WC_RNG* rng)
-{
-    return InitRng_fips(rng);
-}
-
-
-int wc_RNG_GenerateBlock(WC_RNG* rng, byte* b, word32 sz)
-{
-    return RNG_GenerateBlock_fips(rng, b, sz);
-}
-
-
-int wc_RNG_GenerateByte(WC_RNG* rng, byte* b)
-{
-    return RNG_GenerateByte(rng, b);
-}
-
-#ifdef HAVE_HASHDRBG
-
-    int wc_FreeRng(WC_RNG* rng)
-    {
-        return FreeRng_fips(rng);
-    }
-
-    int wc_RNG_HealthTest(int reseed, const byte* seedA, word32 seedASz,
-                                      const byte* seedB, word32 seedBSz,
-                                      byte* output, word32 outputSz)
-    {
-        return RNG_HealthTest_fips(reseed, seedA, seedASz,
-                              seedB, seedBSz, output, outputSz);
-   }
-#endif /* HAVE_HASHDRBG */
-
-#else /* else build without fips, or for new fips */
-
 #ifndef WC_NO_RNG /* if not FIPS and RNG is disabled then do not compile */
 
 #include <wolfssl/wolfcrypt/sha256.h>
@@ -874,8 +822,18 @@ static WC_INLINE word64 Entropy_TimeHiRes(void)
 
     return now.tv_nsec;
 }
-#elif !defined(SINGLE_THREADED) && defined(_POSIX_THREADS) && \
-      !defined(__MINGW32__)
+#elif defined(_WIN32) /* USE_WINDOWS_API */
+/* Get the high resolution time counter.
+ *
+ * @return  64-bit timer
+ */
+static WC_INLINE word64 Entropy_TimeHiRes(void)
+{
+    LARGE_INTEGER count;
+    QueryPerformanceCounter(&count);
+    return (word64)(count.QuadPart);
+}
+#elif defined(WOLFSSL_THREAD_NO_JOIN)
 
 /* Start and stop thread that counts as a proxy for time counter. */
 #define ENTROPY_MEMUSE_THREADED
@@ -890,8 +848,6 @@ typedef struct ENTROPY_THREAD_DATA {
 
 /* Track whether entropy thread has been started already. */
 static int entropy_thread_started = 0;
-/* Cache thread id for joining on exit. */
-static THREAD_TYPE entropy_thread_id = 0;
 /* Data for thread to update/observer. */
 static volatile ENTROPY_THREAD_DATA entropy_thread_data = { 0, 0 };
 
@@ -910,13 +866,10 @@ static WC_INLINE word64 Entropy_TimeHiRes(void)
  * @param [in,out] args  Entropy data including: counter and stop flag.
  * @return  NULL always.
  */
-static THREAD_RETURN WOLFSSL_THREAD Entropy_IncCounter(void* args)
+static THREAD_RETURN WOLFSSL_THREAD_NO_JOIN Entropy_IncCounter(void* args)
 {
     (void)args;
 
-    /* Thread resources to be disposed of. */
-    pthread_detach(pthread_self());
-
     /* Keep going until caller tells us to stop and exit. */
     while (!entropy_thread_data.stop) {
         /* Increment counter acting as high resolution timer. */
@@ -927,7 +880,7 @@ static THREAD_RETURN WOLFSSL_THREAD Entropy_IncCounter(void* args)
     fprintf(stderr, "EXITING ENTROPY COUNTER THREAD\n");
 #endif
     /* Exit from thread. */
-    pthread_exit(NULL);
+    WOLFSSL_RETURN_FROM_THREAD(0);
 }
 
 /* Start a thread that increments counter if not one already.
@@ -954,8 +907,8 @@ static int Entropy_StartThread(void)
         fprintf(stderr, "STARTING ENTROPY COUNTER THREAD\n");
     #endif
         /* Create a thread that increments the counter in the data. */
-        ret = pthread_create(&entropy_thread_id, NULL, Entropy_IncCounter,
-            NULL);
+        /* Thread resources to be disposed of. */
+        ret = wolfSSL_NewThreadNoJoin(Entropy_IncCounter, NULL);
         if (ret == 0) {
             /* Wait for the counter to increase indicating thread started. */
             while (entropy_thread_data.counter == start_counter) {
@@ -983,6 +936,7 @@ static void Entropy_StopThread(void)
         entropy_thread_started = 0;
     }
 }
+    /* end if defined(HAVE_PTHREAD) */
 
 #else
 
@@ -1284,7 +1238,7 @@ static int Entropy_HealthTest_Proportion(byte noise)
     }
     else {
         /* Get first value in queue - value to test. */
-        byte val = prop_samples[prop_first];
+        byte val = (byte)prop_samples[prop_first];
         /* Store new sample in queue. */
         prop_samples[prop_last] = noise;
         /* Update first index now that we have removed in from the queue. */
@@ -1912,9 +1866,13 @@ int wc_RNG_GenerateBlock(WC_RNG* rng, byte* output, word32 sz)
             if (ret == DRBG_SUCCESS)
                 ret = Hash_DRBG_Generate((DRBG_internal *)rng->drbg, output, sz);
 
-            ForceZero(newSeed, sizeof(newSeed));
         #ifdef WOLFSSL_SMALL_STACK
+            if (newSeed != NULL) {
+                ForceZero(newSeed, SEED_SZ + SEED_BLOCK_SZ);
+            }
             XFREE(newSeed, rng->heap, DYNAMIC_TYPE_SEED);
+        #else
+            ForceZero(newSeed, sizeof(newSeed));
         #endif
         }
         else {
@@ -2627,6 +2585,8 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 #elif defined(HAVE_RTP_SYS) || defined(EBSNET)
 
 #include "rtprand.h"   /* rtp_rand () */
+
+#if (defined(HAVE_RTP_SYS) || (defined(RTPLATFORM) && (RTPLATFORM != 0)))
 #include "rtptime.h"   /* rtp_get_system_msec() */
 
 int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
@@ -2640,6 +2600,19 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 
     return 0;
 }
+#else
+int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
+{
+    word32 i;
+    KS_SEED(ks_get_ticks());
+
+    for (i = 0; i < sz; i++ ) {
+        output[i] = KS_RANDOM() % 256;
+    }
+
+    return 0;
+}
+#endif /* defined(HAVE_RTP_SYS) || (defined(RTPLATFORM) && (RTPLATFORM != 0)) */
 
 #elif (defined(WOLFSSL_ATMEL) || defined(WOLFSSL_ATECC_RNG)) && \
       !defined(WOLFSSL_PIC32MZ_RNG)
@@ -2935,7 +2908,22 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 
         return 0;
     }
-    #elif defined(WOLFSSL_STM32F427_RNG) || defined(WOLFSSL_STM32_RNG_NOLIB)
+    #elif defined(WOLFSSL_STM32F427_RNG) || defined(WOLFSSL_STM32_RNG_NOLIB) \
+        || defined(STM32_NUTTX_RNG)
+
+    #ifdef STM32_NUTTX_RNG
+        #include "hardware/stm32_rng.h"
+        /* Set CONFIG_STM32U5_RNG in NuttX to enable the RCC */
+        #define WC_RNG_CR *((volatile uint32_t*)(STM32_RNG_CR))
+        #define WC_RNG_SR *((volatile uint32_t*)(STM32_RNG_SR))
+        #define WC_RNG_DR *((volatile uint32_t*)(STM32_RNG_DR))
+    #else
+        /* Comes from "stm32xxxx_hal.h" */
+        #define WC_RNG_CR RNG->CR
+        #define WC_RNG_SR RNG->SR
+        #define WC_RNG_DR RNG->DR
+    #endif
+
 
     /* Generate a RNG seed using the hardware RNG on the STM32F427
      * directly, following steps outlined in STM32F4 Reference
@@ -2951,29 +2939,31 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
             return ret;
         }
 
+    #ifndef STM32_NUTTX_RNG
         /* enable RNG peripheral clock */
         RCC->AHB2ENR |= RCC_AHB2ENR_RNGEN;
+    #endif
 
         /* enable RNG interrupt, set IE bit in RNG->CR register */
-        RNG->CR |= RNG_CR_IE;
+        WC_RNG_CR |= RNG_CR_IE;
 
         /* enable RNG, set RNGEN bit in RNG->CR. Activates RNG,
          * RNG_LFSR, and error detector */
-        RNG->CR |= RNG_CR_RNGEN;
+        WC_RNG_CR |= RNG_CR_RNGEN;
 
         /* verify no errors, make sure SEIS and CEIS bits are 0
          * in RNG->SR register */
-        if (RNG->SR & (RNG_SR_SECS | RNG_SR_CECS)) {
+        if (WC_RNG_SR & (RNG_SR_SECS | RNG_SR_CECS)) {
             wolfSSL_CryptHwMutexUnLock();
             return RNG_FAILURE_E;
         }
 
         for (i = 0; i < sz; i++) {
             /* wait until RNG number is ready */
-            while ((RNG->SR & RNG_SR_DRDY) == 0) { }
+            while ((WC_RNG_SR & RNG_SR_DRDY) == 0) { }
 
             /* get value */
-            output[i] = RNG->DR;
+            output[i] = WC_RNG_DR;
         }
 
         wolfSSL_CryptHwMutexUnLock();
@@ -3400,11 +3390,12 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 #elif defined(WOLFSSL_ESPIDF)
 
     /* Espressif */
-    #if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
+    #if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
 
         /* Espressif ESP32 */
         #include <esp_system.h>
-        #if defined(CONFIG_IDF_TARGET_ESP32S3)
+        #if defined(CONFIG_IDF_TARGET_ESP32S2) || \
+            defined(CONFIG_IDF_TARGET_ESP32S3)
             #include <esp_random.h>
         #endif
 
@@ -3446,7 +3437,7 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
 
             return 0;
         }
-    #endif /* end WOLFSSL_ESPWROOM32 */
+    #endif /* end WOLFSSL_ESP32 */
 
 #elif defined(WOLFSSL_LINUXKM)
     #include <linux/random.h>
@@ -3459,61 +3450,6 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         return 0;
     }
 
-#elif defined(WOLFSSL_RENESAS_TSIP)
-#if defined(WOLFSSL_RENESA_TSIP_IAREWRX)
-   #include "r_bsp/mcu/all/r_rx_compiler.h"
-#endif
-   #include "r_bsp/platform.h"
-    #include "r_tsip_rx_if.h"
-
-    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
-    {
-        int ret = 0;
-        word32 buffer[4];
-
-        while (sz > 0) {
-            word32 len = sizeof(buffer);
-
-            if (sz < len) {
-                len = sz;
-            }
-            /* return 4 words random number*/
-            ret = R_TSIP_GenerateRandomNumber((uint32_t*)buffer);
-            if(ret == TSIP_SUCCESS) {
-                XMEMCPY(output, &buffer, len);
-                output += len;
-                sz -= len;
-            } else
-                return ret;
-        }
-        return ret;
-    }
-#elif defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-          defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    #include "r_sce.h"
-
-    int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
-    {
-        int ret = 0;
-        word32 buffer[4];
-
-        while (sz > 0) {
-            word32 len = sizeof(buffer);
-
-            if (sz < len) {
-                len = sz;
-            }
-            /* return 4 words random number*/
-            ret = R_SCE_RandomNumberGenerate(buffer);
-            if(ret == FSP_SUCCESS) {
-                XMEMCPY(output, &buffer, len);
-                output += len;
-                sz -= len;
-            } else
-                return ret;
-        }
-        return ret;
-    }
 
 #elif defined(WOLFSSL_SCE) && !defined(WOLFSSL_SCE_NO_TRNG)
     #include "hal_data.h"
@@ -3571,23 +3507,16 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
      * extern int myRngFunc(byte* output, word32 sz);
      */
 
-#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) || \
-      defined(WOLFSSL_IAR_ARM)  || defined(WOLFSSL_MDK_ARM) || \
-      defined(WOLFSSL_uITRON4)  || defined(WOLFSSL_uTKERNEL2) || \
-      defined(WOLFSSL_LPC43xx)  || defined(NO_STM32_RNG) || \
-      defined(MBED)             || defined(WOLFSSL_EMBOS) || \
-      defined(WOLFSSL_GENSEED_FORTEST) || defined(WOLFSSL_CHIBIOS) || \
-      defined(WOLFSSL_CONTIKI)  || defined(WOLFSSL_AZSPHERE)
-
-    /* these platforms do not have a default random seed and
-       you'll need to implement your own wc_GenerateSeed or define via
-       CUSTOM_RAND_GENERATE_BLOCK */
-
-    #define USE_TEST_GENSEED
-
 #elif defined(WOLFSSL_ZEPHYR)
 
+        #include <version.h>
+
+    #if KERNEL_VERSION_NUMBER >= 0x30500
+        #include <zephyr/random/random.h>
+    #else
         #include <zephyr/random/rand32.h>
+    #endif
+
     #ifndef _POSIX_C_SOURCE
         #include <zephyr/posix/time.h>
     #else
@@ -3688,6 +3617,20 @@ int wc_GenerateSeed(OS_Seed* os, byte* output, word32 sz)
         return ret;
     }
 
+#elif defined(WOLFSSL_SAFERTOS) || defined(WOLFSSL_LEANPSK) || \
+      defined(WOLFSSL_IAR_ARM)  || defined(WOLFSSL_MDK_ARM) || \
+      defined(WOLFSSL_uITRON4)  || defined(WOLFSSL_uTKERNEL2) || \
+      defined(WOLFSSL_LPC43xx)  || defined(NO_STM32_RNG) || \
+      defined(MBED)             || defined(WOLFSSL_EMBOS) || \
+      defined(WOLFSSL_GENSEED_FORTEST) || defined(WOLFSSL_CHIBIOS) || \
+      defined(WOLFSSL_CONTIKI)  || defined(WOLFSSL_AZSPHERE)
+
+    /* these platforms do not have a default random seed and
+       you'll need to implement your own wc_GenerateSeed or define via
+       CUSTOM_RAND_GENERATE_BLOCK */
+
+    #define USE_TEST_GENSEED
+
 #elif defined(NO_DEV_RANDOM)
 
     #error "you need to write an os specific wc_GenerateSeed() here"
@@ -3833,4 +3776,3 @@ int wc_hwrng_generate_block(byte *output, word32 sz)
 #endif
 
 #endif /* WC_NO_RNG */
-#endif /* HAVE_FIPS */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
index 03c624fc..514ffb23 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/rsa.c
@@ -88,134 +88,6 @@ RSA Key Size Configuration:
 */
 
 
-/* If building for old FIPS. */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-int  wc_InitRsaKey(RsaKey* key, void* ptr)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-
-    return InitRsaKey_fips(key, ptr);
-}
-
-
-int  wc_InitRsaKey_ex(RsaKey* key, void* ptr, int devId)
-{
-    (void)devId;
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return InitRsaKey_fips(key, ptr);
-}
-
-
-int  wc_FreeRsaKey(RsaKey* key)
-{
-    return FreeRsaKey_fips(key);
-}
-
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-int  wc_RsaPublicEncrypt(const byte* in, word32 inLen, byte* out,
-                                 word32 outLen, RsaKey* key, WC_RNG* rng)
-{
-    if (in == NULL || out == NULL || key == NULL || rng == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaPublicEncrypt_fips(in, inLen, out, outLen, key, rng);
-}
-#endif
-
-
-#ifndef WOLFSSL_RSA_PUBLIC_ONLY
-int  wc_RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out,
-                                        RsaKey* key)
-{
-    if (in == NULL || out == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaPrivateDecryptInline_fips(in, inLen, out, key);
-}
-
-
-int  wc_RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out,
-                                  word32 outLen, RsaKey* key)
-{
-    if (in == NULL || out == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaPrivateDecrypt_fips(in, inLen, out, outLen, key);
-}
-
-
-int  wc_RsaSSL_Sign(const byte* in, word32 inLen, byte* out,
-                            word32 outLen, RsaKey* key, WC_RNG* rng)
-{
-    if (in == NULL || out == NULL || key == NULL || inLen == 0) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaSSL_Sign_fips(in, inLen, out, outLen, key, rng);
-}
-#endif
-
-
-int  wc_RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key)
-{
-    if (in == NULL || out == NULL || key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaSSL_VerifyInline_fips(in, inLen, out, key);
-}
-
-
-int  wc_RsaSSL_Verify(const byte* in, word32 inLen, byte* out,
-                              word32 outLen, RsaKey* key)
-{
-    if (in == NULL || out == NULL || key == NULL || inLen == 0) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaSSL_Verify_fips(in, inLen, out, outLen, key);
-}
-
-
-int  wc_RsaEncryptSize(const RsaKey* key)
-{
-    if (key == NULL) {
-        return BAD_FUNC_ARG;
-    }
-    return RsaEncryptSize_fips((RsaKey*)key);
-}
-
-
-#ifndef WOLFSSL_RSA_VERIFY_ONLY
-int wc_RsaFlattenPublicKey(RsaKey* key, byte* a, word32* aSz, byte* b,
-                           word32* bSz)
-{
-
-    /* not specified as fips so not needing _fips */
-    return RsaFlattenPublicKey(key, a, aSz, b, bSz);
-}
-#endif
-
-
-#ifdef WOLFSSL_KEY_GEN
-    int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
-    {
-        return MakeRsaKey(key, size, e, rng);
-    }
-#endif
-
-
-/* these are functions in asn and are routed to wolfssl/wolfcrypt/asn.c
-* wc_RsaPrivateKeyDecode
-* wc_RsaPublicKeyDecode
-*/
-
-#else /* else build without fips, or for new fips */
-
 #include <wolfssl/wolfcrypt/random.h>
 #include <wolfssl/wolfcrypt/logging.h>
 #ifdef WOLF_CRYPTO_CB
@@ -363,6 +235,14 @@ int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
     key->handle = NULL;
 #endif
 
+
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    key->ctx.wrapped_pri1024_key = NULL;
+    key->ctx.wrapped_pub1024_key = NULL;
+    key->ctx.wrapped_pri2048_key = NULL;
+    key->ctx.wrapped_pub2048_key = NULL;
+    key->ctx.keySz = 0;
+#endif
     return ret;
 }
 
@@ -717,6 +597,10 @@ int wc_FreeRsaKey(RsaKey* key)
     wc_MemZero_Check(key, sizeof(RsaKey));
 #endif
 
+#if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    wc_fspsm_RsaKeyFree(key);
+#endif
+
     return ret;
 }
 
@@ -1850,7 +1734,9 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
 
     if ((ret = RsaMGF(mgf, pkcsBlock + maskLen, (word32)hLen, tmp, (word32)maskLen,
                                                                   heap)) != 0) {
+        #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
         XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+        #endif
         return ret;
     }
 
@@ -1864,7 +1750,9 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
             }
         }
         if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
+            #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
             XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+            #endif
             WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
             return PSS_SALTLEN_RECOVER_E;
         }
@@ -1875,13 +1763,17 @@ static int RsaUnPad_PSS(byte *pkcsBlock, unsigned int pkcsBlockLen,
     {
         for (i = 0; i < maskLen - 1 - saltLen; i++) {
             if (tmp[i] != pkcsBlock[i]) {
+                #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
                 XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+                #endif
                 WOLFSSL_MSG("RsaUnPad_PSS: Padding Error Match");
                 return PSS_SALTLEN_E;
             }
         }
         if (tmp[i] != (pkcsBlock[i] ^ 0x01)) {
+            #if !defined(WOLFSSL_NO_MALLOC) || defined(WOLFSSL_STATIC_MEMORY)
             XFREE(tmp, heap, DYNAMIC_TYPE_RSA_BUFFER);
+            #endif
             WOLFSSL_MSG("RsaUnPad_PSS: Padding Error End");
             return PSS_SALTLEN_E;
         }
@@ -2085,6 +1977,9 @@ int wc_hash2mgf(enum wc_HashType hType)
     case WC_HASH_TYPE_SHA3_512:
     case WC_HASH_TYPE_BLAKE2B:
     case WC_HASH_TYPE_BLAKE2S:
+#ifdef WOLFSSL_SM3
+    case WC_HASH_TYPE_SM3:
+#endif
     #ifdef WOLFSSL_SHAKE128
         case WC_HASH_TYPE_SHAKE128:
     #endif
@@ -2123,6 +2018,7 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
 
     if (ret == 0) {
         switch(type) {
+#if !defined(WOLFSSL_RSA_PUBLIC_ONLY)
         case RSA_PRIVATE_DECRYPT:
         case RSA_PRIVATE_ENCRYPT:
             ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->d,
@@ -2132,7 +2028,7 @@ static int wc_RsaFunctionNonBlock(const byte* in, word32 inLen, byte* out,
             if (ret != MP_OKAY)
                 ret = MP_EXPTMOD_E;
             break;
-
+#endif
         case RSA_PUBLIC_ENCRYPT:
         case RSA_PUBLIC_DECRYPT:
             ret = fp_exptmod_nb(&key->nb->exptmod, &key->nb->tmp, &key->e,
@@ -2245,7 +2141,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
                                               XIL_CAST_U64(out)) != XST_SUCCESS) {
                     ret = BAD_STATE_E;
                 }
-                WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, inLen);
+                WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
 #else
                 if (XSecure_RsaPrivateDecrypt(&rsa, (u8*)in, inLen, out) !=
                         XST_SUCCESS) {
@@ -2273,7 +2169,7 @@ static int wc_RsaFunctionSync(const byte* in, word32 inLen, byte* out,
             WOLFSSL_MSG("RSA public operation failed");
             ret = BAD_STATE_E;
         }
-        WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE((UINTPTR)out, inLen);
+        WOLFSSL_XIL_DCACHE_FLUSH_RANGE((UINTPTR)out, inLen);
 #elif defined(WOLFSSL_XILINX_CRYPTO_OLD)
         if (XSecure_RsaDecrypt(&(key->xRsa), in, out) != XST_SUCCESS) {
             ret = BAD_STATE_E;
@@ -2599,6 +2495,7 @@ static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
 {
     int    ret = 0;
 #if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
+    mp_digit mp = 0;
     DECL_MP_INT_SIZE_DYN(rnd, mp_bitsused(&key->n), RSA_MAX_SIZE);
     DECL_MP_INT_SIZE_DYN(rndi, mp_bitsused(&key->n), RSA_MAX_SIZE);
 #endif /* WC_RSA_BLINDING && !WC_NO_RNG */
@@ -2731,9 +2628,31 @@ static int RsaFunctionPrivate(mp_int* tmp, RsaKey* key, WC_RNG* rng)
 #endif   /* RSA_LOW_MEM */
 
 #if defined(WC_RSA_BLINDING) && !defined(WC_NO_RNG)
-    /* unblind */
-    if (ret == 0 && mp_mulmod(tmp, rndi, &key->n, tmp) != MP_OKAY)
+    /* Multiply result (tmp) by blinding invertor (rndi).
+     * Use Montgomery form to make operation more constant time.
+     */
+    if ((ret == 0) && (mp_montgomery_setup(&key->n, &mp) != MP_OKAY)) {
+        ret = MP_MULMOD_E;
+    }
+    if ((ret == 0) && (mp_montgomery_calc_normalization(rnd, &key->n) !=
+            MP_OKAY)) {
+        ret = MP_MULMOD_E;
+    }
+    /* Convert blinding invert to Montgomery form. */
+    if ((ret == 0) && (mp_mul(rndi, rnd, rndi) != MP_OKAY)) {
+        ret = MP_MULMOD_E;
+    }
+    if ((ret == 0) && (mp_mod(rndi, &key->n, rndi) != MP_OKAY)) {
+        ret = MP_MULMOD_E;
+    }
+    /* Multiply result by blinding invert. */
+    if ((ret == 0) && (mp_mul(tmp, rndi, tmp) != MP_OKAY)) {
         ret = MP_MULMOD_E;
+    }
+    /* Reduce result. */
+    if ((ret == 0) && (mp_montgomery_reduce_ct(tmp, &key->n, mp) != MP_OKAY)) {
+        ret = MP_MULMOD_E;
+    }
 
     mp_forcezero(rndi);
     mp_forcezero(rnd);
@@ -2797,7 +2716,7 @@ static int RsaFunctionSync(const byte* in, word32 inLen, byte* out,
     }
 
     if (ret == 0) {
-        if (mp_to_unsigned_bin_len(tmp, out, (int)*outLen) != MP_OKAY)
+        if (mp_to_unsigned_bin_len_ct(tmp, out, (int)*outLen) != MP_OKAY)
              ret = MP_TO_E;
     }
 #else
@@ -2891,7 +2810,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
     }
 #endif /* WOLFSSL_ASYNC_CRYPT_SW */
 
-    switch(type) {
+    switch (type) {
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
     case RSA_PRIVATE_DECRYPT:
     case RSA_PRIVATE_ENCRYPT:
@@ -2913,7 +2832,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
                                 &key->u.raw,
                                 out, outLen);
         #endif
-    #else /* WOLFSSL_ASYNC_CRYPT_SW */
+    #else
         ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
     #endif
         break;
@@ -2931,7 +2850,7 @@ static int wc_RsaFunctionAsync(const byte* in, word32 inLen, byte* out,
         ret = IntelQaRsaPublic(&key->asyncDev, in, inLen,
                                &key->e.raw, &key->n.raw,
                                out, outLen);
-    #else /* WOLFSSL_ASYNC_CRYPT_SW */
+    #else
         ret = wc_RsaFunctionSync(in, inLen, out, outLen, type, key, rng);
     #endif
         break;
@@ -3276,7 +3195,7 @@ static int wc_RsaFunction_ex(const byte* in, word32 inLen, byte* out,
 int wc_RsaFunction(const byte* in, word32 inLen, byte* out,
                           word32* outLen, int type, RsaKey* key, WC_RNG* rng)
 {
-    /* Always check for ciphertext of 0 or 1. (Should't for OAEP decrypt.) */
+    /* Always check for ciphertext of 0 or 1. (Shouldn't for OAEP decrypt.) */
     return wc_RsaFunction_ex(in, inLen, out, outLen, type, key, rng, 1);
 }
 
@@ -3387,8 +3306,10 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
                                   pad_value, pad_type, hash, mgf, label,
                                   labelSz, sz);
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-           /* SCE needs warpped key which is passed via
+    #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
+          (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+            defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
+           /* SCE needs wrapped key which is passed via
             * user ctx object of crypt-call back.
             */
        #ifdef WOLF_CRYPTO_CB
@@ -3546,7 +3467,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
             }
             return ret;
         }
-    #elif defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
+    #elif defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) || \
+          (!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+            defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY))
            #ifdef WOLF_CRYPTO_CB
                 if (key->devId != INVALID_DEVID) {
                     ret = wc_CryptoCb_Rsa(in, inLen, out,
@@ -3620,8 +3543,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
                              mgf, label, labelSz, saltLen,
                              mp_count_bits(&key->n), key->heap);
 #endif
-        if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen)
+        if (rsa_type == RSA_PUBLIC_DECRYPT && ret > (int)outLen) {
             ret = RSA_BUFFER_E;
+        }
         else if (ret >= 0 && pad != NULL) {
             /* only copy output if not inline */
             if (outPtr == NULL) {
@@ -3647,8 +3571,9 @@ static int RsaPrivateDecryptEx(const byte* in, word32 inLen, byte* out,
                     XMEMCPY(out, pad, (size_t)ret);
                 }
             }
-            else
+            else {
                 *outPtr = pad;
+            }
 
 #if !defined(WOLFSSL_RSA_VERIFY_ONLY)
             ret = ctMaskSelInt(ctMaskLTE(ret, (int)outLen), ret, RSA_BUFFER_E);
@@ -4351,9 +4276,6 @@ int wc_RsaFlattenPublicKey(RsaKey* key, byte* e, word32* eSz, byte* n,
 }
 #endif
 
-#endif /* HAVE_FIPS */
-
-
 #ifndef WOLFSSL_RSA_VERIFY_ONLY
 static int RsaGetValue(mp_int* in, byte* out, word32* outSz)
 {
@@ -4451,7 +4373,7 @@ static int wc_CompareDiffPQ(mp_int* p, mp_int* q, int size, int* valid)
 
 #ifdef WOLFSSL_CHECK_MEM_ZERO
     if (ret == 0)
-        mp_memzero_add("Comare PQ d", d);
+        mp_memzero_add("Compare PQ d", d);
 #endif
 
 #if !defined(WOLFSSL_SP_MATH) && (!defined(WOLFSSL_SP_MATH_ALL) || \
@@ -4857,7 +4779,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
     #elif defined(HAVE_INTEL_QA)
         err = IntelQaRsaKeyGen(&key->asyncDev, key, size, e, rng);
         goto out;
-    #else
+    #elif defined(WOLFSSL_ASYNC_CRYPT_SW)
         if (wc_AsyncSwInit(&key->asyncDev, ASYNC_SW_RSA_MAKE)) {
             WC_ASYNC_SW* sw = &key->asyncDev.sw;
             sw->rsaMake.rng = rng;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
index ea625d84..2629365f 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sakke.c
@@ -293,7 +293,7 @@ static int sakke_load_base_point(SakkeKey* key)
             err = mp_read_radix(params->base->y, key->ecc.dp->Gy, MP_RADIX_HEX);
         }
         if (err == 0) {
-            /* Affine co-ordinates have a Z of 1 in Jacobian. */
+            /* Affine coordinates have a Z of 1 in Jacobian. */
             err = mp_set(params->base->z, 1);
         }
         if (err == 0) {
@@ -312,7 +312,7 @@ static int sakke_load_base_point(SakkeKey* key)
  * @param  [in]   key   SAKKE key.
  * @param  [in]   n     MP integer that is the scalar.
  * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine co-ordinates.
+ * @param  [in]   map   Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -338,7 +338,7 @@ static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
  * @param  [in]   n     MP integer that is the scalar.
  * @param  [in]   a     ECC point to add.
  * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine co-ordinates.
+ * @param  [in]   map   Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -363,7 +363,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n,
  * @param  [in]   key   SAKKE key.
  * @param  [in]   n     MP integer that is the scalar.
  * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine co-ordinates.
+ * @param  [in]   map   Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -386,7 +386,7 @@ static int sakke_mulmod_base(SakkeKey* key, const mp_int* n, ecc_point* res,
  * @param  [in]   a     ECC point to add. Point ordinates must be in Montgomery
  *                      form.
  * @param  [out]  res   ECC point to hold the result.
- * @param  [in]   map   Map the result to affine co-ordinates.
+ * @param  [in]   map   Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -408,7 +408,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
                 &params->prime, mp);
     }
     if ((err == 0) && map) {
-        /* Map result back to affine co-ordinates. */
+        /* Map result back to affine coordinates. */
         err = ecc_map(res, &params->prime, mp);
     }
 
@@ -425,7 +425,7 @@ static int sakke_mulmod_base_add(SakkeKey* key, const mp_int* n, ecc_point* a,
  * @param  [in]   p      ECC point to multiply.
  * @param  [in]   table  Precomputation table for p. May be NULL.
  * @param  [out]  res    ECC point to hold the result.
- * @param  [in]   map    Map the result to affine co-ordinates.
+ * @param  [in]   map    Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -457,7 +457,7 @@ static int sakke_mulmod_point(SakkeKey* key, const mp_int* n,
  * @param  [in]   p      ECC point to multiply.
  * @param  [in]   table  Precomputation table for p. May be NULL.
  * @param  [out]  res    ECC point to hold the result.
- * @param  [in]   map    Map the result to affine co-ordinates.
+ * @param  [in]   map    Map the result to affine coordinates.
  * @return  0 on success.
  * @return  MEMORY_E when dynamic memory allocation fails.
  */
@@ -1004,7 +1004,7 @@ int wc_MakeSakkeRsk(SakkeKey* key, const byte* id, word16 idSz, ecc_point* rsk)
 /**
  * Encode the SAKKE Receiver Secret Key (RSK) as DER encoded public ECC key.
  *
- * Encode the RSK to send to ther receiving client.
+ * Encode the RSK to send to the receiving client.
  *
  * X and y ordinate of RSK point concatenated. Each number is zero padded to
  * key size.
@@ -6794,7 +6794,7 @@ int wc_GenerateSakkeSSV(SakkeKey* key, WC_RNG* rng, byte* ssv, word16* ssvSz)
         }
     }
     if (err == 0) {
-        /* Return length only if an ouput buffer is NULL. */
+        /* Return length only if an output buffer is NULL. */
         if (ssv == NULL) {
             *ssvSz = (word16) (n / 8);
             err = LENGTH_ONLY_E;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
index 4c560cc4..4a5f3e18 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha.c
@@ -58,73 +58,52 @@
 #include <wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h>
 #endif
 
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+/* Assume no hash HW available until supporting HW found. */
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
     /* define a single keyword for simplicity & readability
      *
      * by default the HW acceleration is on for ESP32-WROOM32
      * but individual components can be turned off.
      */
-    #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
     #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 
     /* Although we have hardware acceleration,
     ** we may need to fall back to software */
     #define USE_SHA_SOFTWARE_IMPL
-    static const char* TAG = "wc_sha";
+
 #elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
     /* The ESP32C3 is different; HW crypto here. Not yet implemented.
     ** We'll be using software for RISC-V at this time */
-    static const char* TAG = "wc_sha-c3";
 #else
-    #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
 #endif
 
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    int wc_InitSha(wc_Sha* sha)
-    {
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return InitSha_fips(sha);
-    }
-    int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
-    {
-        (void)heap;
-        (void)devId;
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return InitSha_fips(sha);
-    }
-
-    int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
-    {
-        if (sha == NULL || (data == NULL && len > 0)) {
-            return BAD_FUNC_ARG;
-        }
-        return ShaUpdate_fips(sha, data, len);
-    }
-
-    int wc_ShaFinal(wc_Sha* sha, byte* out)
-    {
-        if (sha == NULL || out == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return ShaFinal_fips(sha,out);
-    }
-    void wc_ShaFree(wc_Sha* sha)
-    {
-        (void)sha;
-        /* Not supported in FIPS */
-    }
-
-#else /* else build without fips, or for FIPS v2 */
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+    /* define a single keyword for simplicity & readability
+     *
+     * by default the HW acceleration is on for ESP32-WROOM32
+     * but individual components can be turned off.
+     */
+    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+    #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 
+    /* Although we have hardware acceleration,
+    ** we may need to fall back to software */
+    #define USE_SHA_SOFTWARE_IMPL
+    static const char* TAG = "wc_sha";
+#elif defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
+    /* The ESP32C3 is different; HW crypto here. Not yet implemented.
+    ** We'll be using software for RISC-V at this time */
+    static const char* TAG = "wc_sha-c3";
+#else
+    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#endif
 
 #if defined(WOLFSSL_TI_HASH)
     /* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
@@ -321,7 +300,7 @@
     !defined(WOLFSSL_QNX_CAAM)
     /* wolfcrypt/src/port/caam/caam_sha.c */
 
-#elif defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW) || \
+#elif defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) || \
       defined(WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
 
     /* This function initializes SHA.
@@ -347,11 +326,17 @@
         return ret;
     }
 
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #elif defined(WOLFSSL_IMXRT_DCP)
     #include <wolfssl/wolfcrypt/port/nxp/dcp_port.h>
     /* implemented in wolfcrypt/src/port/nxp/dcp_port.c */
@@ -550,9 +535,9 @@ static WC_INLINE void AddLength(wc_Sha* sha, word32 len)
 
 
 /*
-** wolfCrypt InitSha256 external wrapper.
+** wolfCrypt InitSha external wrapper.
 **
-** we'll assume this is ALWAYS for a new, uninitialized sha256
+** we'll assume this is ALWAYS for a new, uninitialized sha
 */
 int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
 {
@@ -567,7 +552,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
     sha->devCtx = NULL;
 #endif
 
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
     if (sha->ctx.mode != ESP32_SHA_INIT) {
         /* it may be interesting to see old values during debugging */
         ESP_LOGV(TAG, "Set ctx mode from prior value: %d", sha->ctx.mode);
@@ -586,7 +571,7 @@ int wc_InitSha_ex(wc_Sha* sha, void* heap, int devId)
                                                             sha->heap, devId);
 #else
     (void)devId;
-# endif /* WOLFSSL_ASYNC_CRYPT */
+#endif /* WOLFSSL_ASYNC_CRYPT */
 #ifdef WOLFSSL_IMXRT1170_CAAM
    ret = wc_CAAM_HashInit(&sha->hndl, &sha->ctx, WC_HASH_TYPE_SHA);
 #endif
@@ -647,21 +632,43 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
         len          -= blocksLen;
 
         if (sha->buffLen == WC_SHA_BLOCK_SIZE) {
-        #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-            ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
-        #endif
-
-        #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
             if (sha->ctx.mode == ESP32_SHA_INIT) {
-                ESP_LOGV(TAG, "wc_ShaUpdate try hardware");
+                #if defined(WOLFSSL_DEBUG_MUTEX)
+                {
+                    ESP_LOGI(TAG, "wc_ShaUpdate try hardware");
+                }
+                #endif
                 esp_sha_try_hw_lock(&sha->ctx);
             }
+        #endif
+
+        #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+            #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) \
+              && defined(WOLFSSL_ESP32_CRYPT) && \
+                !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+                if (esp_sha_need_byte_reversal(&sha->ctx))
+            #endif
+            {
+                ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+            }
+        #endif
+
+        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
             if (sha->ctx.mode == ESP32_SHA_SW) {
-                ESP_LOGI(TAG, "wc_ShaUpdate process software");
+                #if defined(WOLFSSL_DEBUG_MUTEX)
+                {
+                    ESP_LOGI(TAG, "wc_ShaUpdate process software");
+                }
+                #endif
                 ret = XTRANSFORM(sha, (const byte*)local);
             }
             else {
-                ESP_LOGV(TAG, "wc_ShaUpdate process hardware");
+                #if defined(WOLFSSL_DEBUG_MUTEX)
+                {
+                    ESP_LOGI(TAG, "wc_ShaUpdate process hardware");
+                }
+                #endif
                 esp_sha_process(sha, (const byte*)local);
             }
         #elif defined (WOLFSSL_USE_ESP32C3_CRYPT_HASH_HW)
@@ -708,14 +715,24 @@ int wc_ShaUpdate(wc_Sha* sha, const byte* data, word32 len)
         data += WC_SHA_BLOCK_SIZE;
         len  -= WC_SHA_BLOCK_SIZE;
 
-    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
-    #endif
-
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
         if (sha->ctx.mode == ESP32_SHA_INIT){
             esp_sha_try_hw_lock(&sha->ctx);
         }
+    #endif
+
+    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+             defined(WOLFSSL_ESP32_CRYPT) && \
+            !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+            if (esp_sha_need_byte_reversal(&sha->ctx))
+        #endif
+        {
+            ByteReverseWords(local32, local32, WC_SHA_BLOCK_SIZE);
+        }
+    #endif
+
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
         if (sha->ctx.mode == ESP32_SHA_SW){
             ret = XTRANSFORM(sha, (const byte*)local32);
         }
@@ -748,7 +765,14 @@ int wc_ShaFinalRaw(wc_Sha* sha, byte* hash)
     }
 
 #ifdef LITTLE_ENDIAN_ORDER
-    ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
+    #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+         defined(WOLFSSL_ESP32_CRYPT) && \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+        if (esp_sha_need_byte_reversal(&sha->ctx))
+    #endif
+    {
+        ByteReverseWords((word32*)digest, (word32*)sha->digest, WC_SHA_DIGEST_SIZE);
+    }
     XMEMCPY(hash, (byte *)&digest[0], WC_SHA_DIGEST_SIZE);
 #else
     XMEMCPY(hash, sha->digest, WC_SHA_DIGEST_SIZE);
@@ -802,16 +826,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
         XMEMSET(&local[sha->buffLen], 0, WC_SHA_BLOCK_SIZE - sha->buffLen);
         sha->buffLen += WC_SHA_BLOCK_SIZE - sha->buffLen;
 
-    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-        ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
-    #endif
-
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
         /* For a fresh sha.ctx, try to use hardware acceleration */
         if (sha->ctx.mode == ESP32_SHA_INIT) {
             esp_sha_try_hw_lock(&sha->ctx);
         }
+    #endif
 
+    #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+             defined(WOLFSSL_ESP32_CRYPT) && \
+            !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+            if (esp_sha_need_byte_reversal(&sha->ctx))
+        #endif
+        {
+            ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+        }
+    #endif
+
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
         /* if HW was busy, we may need to fall back to SW. */
         if (sha->ctx.mode == ESP32_SHA_SW) {
             ret = XTRANSFORM(sha, (const byte*)local);
@@ -831,12 +864,25 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
         }
 
         sha->buffLen = 0;
-    } /*  (sha->buffLen > WC_SHA_PAD_SIZE) */
+    } /* (sha->buffLen > WC_SHA_PAD_SIZE) */
 
     XMEMSET(&local[sha->buffLen], 0, WC_SHA_PAD_SIZE - sha->buffLen);
 
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+    if (sha->ctx.mode == ESP32_SHA_INIT) {
+        esp_sha_try_hw_lock(&sha->ctx);
+    }
+#endif
+
 #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
-    ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+    #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+         defined(WOLFSSL_ESP32_CRYPT) && \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+        if (esp_sha_need_byte_reversal(&sha->ctx))
+    #endif
+    { /* reminder local also points to sha->buffer  */
+        ByteReverseWords(sha->buffer, sha->buffer, WC_SHA_BLOCK_SIZE);
+    }
 #endif
 
     /* store lengths */
@@ -855,10 +901,28 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
                      2 * sizeof(word32));
 #endif
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-    if (sha->ctx.mode == ESP32_SHA_INIT) {
-        esp_sha_try_hw_lock(&sha->ctx);
+
+#if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+     defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+if (sha->ctx.mode == ESP32_SHA_HW) {
+    #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+    {
+        ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
     }
+    #endif
+    ByteReverseWords(&sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* out */
+                     &sha->buffer[WC_SHA_PAD_SIZE/sizeof(word32)], /* in  */
+                     2 * sizeof(word32) /* byte count to reverse */
+                    );
+    #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+    {
+        ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
+    }
+    #endif
+} /* end if (sha->ctx.mode == ESP32_SHA_HW) */
+#endif
+
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
     if (sha->ctx.mode == ESP32_SHA_SW) {
         ret = XTRANSFORM(sha, (const byte*)local);
     }
@@ -874,13 +938,22 @@ int wc_ShaFinal(wc_Sha* sha, byte* hash)
 #endif
 
 #ifdef LITTLE_ENDIAN_ORDER
-    ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
+    #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+         defined(WOLFSSL_ESP32_CRYPT) && \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+        if (esp_sha_need_byte_reversal(&sha->ctx))
+    #endif
+    {
+        ByteReverseWords(sha->digest, sha->digest, WC_SHA_DIGEST_SIZE);
+    }
 #endif
 
     XMEMCPY(hash, (byte *)&sha->digest[0], WC_SHA_DIGEST_SIZE);
 
+    /* we'll always reset state upon exit and return the error code from above,
+     * which may cause fall back to SW if HW is busy. we do not return result
+     * of initSha here */
     (void)InitSha(sha); /* reset state */
-
     return ret;
 }
 
@@ -917,6 +990,10 @@ void wc_ShaFree(wc_Sha* sha)
     if (sha == NULL)
         return;
 
+#if defined(WOLFSSL_ESP32) &&  !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+    esp_sha_release_unfinished_lock(&sha->ctx);
+#endif
+
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
     wolfAsync_DevCtxFree(&sha->asyncDev, WOLFSSL_ASYNC_MARKER_SHA);
 #endif /* WOLFSSL_ASYNC_CRYPT */
@@ -927,8 +1004,9 @@ void wc_ShaFree(wc_Sha* sha)
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     se050_hash_free(&sha->se050Ctx);
 #endif
-#if (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
-    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+     defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
+    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) || \
     defined(WOLFSSL_RENESAS_RX64_HASH)
     if (sha->msg != NULL) {
         XFREE(sha->msg, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -942,12 +1020,14 @@ void wc_ShaFree(wc_Sha* sha)
 
 #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
 #endif /* !WOLFSSL_TI_HASH */
-#endif /* !HAVE_FIPS ... */
 
 #if !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP)
 
-#if !defined(WOLFSSL_RENESAS_TSIP_CRYPT) || \
-    defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
+#if ((!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+     !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) || \
+    defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
+    (!defined(WOLFSSL_RENESAS_RSIP) || \
+      defined(NO_WOLFSSL_RENESAS_FSPSM_HASH))
 #if !defined(WOLFSSL_RENESAS_RX64_HASH)
 
 #if !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)
@@ -995,9 +1075,9 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
 
     XMEMCPY(dst, src, sizeof(wc_Sha));
 
-#ifdef WOLFSSL_SILABS_SE_ACCEL
-    dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
 #endif
 
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA)
@@ -1012,7 +1092,7 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
     ret = se050_hash_copy(&src->se050Ctx, &dst->se050Ctx);
 #endif
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
     esp_sha_ctx_copy(src, dst);
 #endif
 
@@ -1023,7 +1103,8 @@ int wc_ShaCopy(wc_Sha* src, wc_Sha* dst)
 }
 #endif /* WOLFSSL_RENESAS_RX64_HASH */
 #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
-#endif /* !defined(WOLFSSL_RENESAS_TSIP_CRYPT) ||
+#endif /* !defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+          !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY) ||
           defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH) */
 #endif /* !defined(WOLFSSL_TI_HASH) && !defined(WOLFSSL_IMXRT_DCP) */
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
index ffdd4019..50e5b1cc 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256.c
@@ -63,7 +63,8 @@ on the specific device platform.
 #endif
 
 
-#if !defined(NO_SHA256) && !defined(WOLFSSL_ARMASM)
+#if !defined(NO_SHA256) && (!defined(WOLFSSL_ARMASM) && \
+    !defined(WOLFSSL_ARMASM_NO_NEON))
 
 #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
     /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */
@@ -90,17 +91,17 @@ on the specific device platform.
 
 
 /* determine if we are using Espressif SHA hardware acceleration */
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
     /* define a single keyword for simplicity & readability
      *
      * by default the HW acceleration is on for ESP32-WROOM32
      * but individual components can be turned off.
      */
-    #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
 #else
-    #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
 #endif
 
 #ifdef WOLFSSL_ESPIDF
@@ -108,58 +109,11 @@ on the specific device platform.
     **
     ** Beware of possible conflict in test.c (that one now named TEST_TAG)
     */
-    static const char* TAG = "wc_sha256";
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+        static const char* TAG = "wc_sha256";
+    #endif
 #endif
 
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    int wc_InitSha256(wc_Sha256* sha)
-    {
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return InitSha256_fips(sha);
-    }
-    int wc_InitSha256_ex(wc_Sha256* sha, void* heap, int devId)
-    {
-        (void)heap;
-        (void)devId;
-        if (sha == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return InitSha256_fips(sha);
-    }
-    int wc_Sha256Update(wc_Sha256* sha, const byte* data, word32 len)
-    {
-        if (sha == NULL ||  (data == NULL && len > 0)) {
-            return BAD_FUNC_ARG;
-        }
-
-        if (data == NULL && len == 0) {
-            /* valid, but do nothing */
-            return 0;
-        }
-
-        return Sha256Update_fips(sha, data, len);
-    }
-    int wc_Sha256Final(wc_Sha256* sha, byte* out)
-    {
-        if (sha == NULL || out == NULL) {
-            return BAD_FUNC_ARG;
-        }
-        return Sha256Final_fips(sha, out);
-    }
-    void wc_Sha256Free(wc_Sha256* sha)
-    {
-        (void)sha;
-        /* Not supported in FIPS */
-    }
-
-#else /* else build without fips, or for FIPS v2 */
-
-
 #if defined(WOLFSSL_TI_HASH)
     /* #include <wolfcrypt/src/port/ti/ti-hash.c> included by wc_port.c */
 #elif defined(WOLFSSL_CRYPTOCELL)
@@ -218,13 +172,15 @@ on the specific device platform.
     (!defined(WOLFSSL_IMX6_CAAM) || defined(NO_IMX6_CAAM_HASH) || \
      defined(WOLFSSL_QNX_CAAM)) && \
     !defined(WOLFSSL_AFALG_HASH) && !defined(WOLFSSL_DEVCRYPTO_HASH) && \
-    (!defined(WOLFSSL_ESP32WROOM32_CRYPT) || defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)) && \
-    (!defined(WOLFSSL_RENESAS_TSIP_CRYPT) || defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
+    (!defined(WOLFSSL_ESP32_CRYPT) || defined(NO_WOLFSSL_ESP32_CRYPT_HASH)) && \
+    ((!defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+      !defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) || \
+     defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) && \
     !defined(WOLFSSL_PSOC6_CRYPTO) && !defined(WOLFSSL_IMXRT_DCP) && !defined(WOLFSSL_SILABS_SE_ACCEL) && \
     !defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_SE050_HASH) && \
     ((!defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) \
-      || defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) && \
+      !defined(WOLFSSL_RENESAS_RSIP)) \
+      || defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) && \
     (!defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)) && \
     !defined(WOLFSSL_RENESAS_RX64_HASH)
 
@@ -266,6 +222,10 @@ static int InitSha256(wc_Sha256* sha256)
     XMEMSET(&sha256->maxq_ctx, 0, sizeof(sha256->maxq_ctx));
 #endif
 
+#ifdef HAVE_ARIA
+    sha256->hSession = NULL;
+#endif
+
     return ret;
 }
 #endif
@@ -735,12 +695,14 @@ static int InitSha256(wc_Sha256* sha256)
         return ret;
     }
 
-#elif defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#elif defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
 
     /* HW may fail since there's only one, so we still need SW */
     #define NEED_SOFT_SHA256
 
     /*
+    ** An Espressif-specific InitSha256()
+    **
     ** soft SHA needs initialization digest, but HW does not.
     */
     static int InitSha256(wc_Sha256* sha256)
@@ -751,6 +713,8 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
         }
 
+        /* We may or may not need initial digest for HW.
+         * Always needed for SW-only. */
         sha256->digest[0] = 0x6A09E667L;
         sha256->digest[1] = 0xBB67AE85L;
         sha256->digest[2] = 0x3C6EF372L;
@@ -764,13 +728,14 @@ static int InitSha256(wc_Sha256* sha256)
         sha256->loLen   = 0;
         sha256->hiLen   = 0;
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
         ret = esp_sha_init(&(sha256->ctx), WC_HASH_TYPE_SHA256);
-
+#endif
         return ret;
     }
 
     /*
-    ** wolfCrypt InitSha256 external wrapper.
+    ** An Espressif-specific wolfCrypt InitSha256 external wrapper.
     **
     ** we'll assume this is ALWAYS for a new, uninitialized sha256
     */
@@ -781,28 +746,30 @@ static int InitSha256(wc_Sha256* sha256)
             return BAD_FUNC_ARG;
         }
 
-    #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #ifdef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#ifndef NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
         /* We know this is a fresh, uninitialized item, so set to INIT */
         if (sha256->ctx.mode != ESP32_SHA_INIT) {
             ESP_LOGV(TAG, "Set ctx mode from prior value: "
                                "%d", sha256->ctx.mode);
         }
         sha256->ctx.mode = ESP32_SHA_INIT;
+#endif
     #endif
 
         return InitSha256(sha256);
     }
 
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
 
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP)) \
+     && !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
 
-    /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
+    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
 
 #elif defined(WOLFSSL_PSOC6_CRYPTO)
 
@@ -973,6 +940,7 @@ static int InitSha256(wc_Sha256* sha256)
         }
 
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_SMALL_STACK_CACHE)
+        ForceZero(W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
         XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER);
     #endif
         return 0;
@@ -1090,33 +1058,61 @@ static int InitSha256(wc_Sha256* sha256)
             len             -= blocksLen;
 
             if (sha256->buffLen == WC_SHA256_BLOCK_SIZE) {
+            #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+               !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+                if (sha256->ctx.mode == ESP32_SHA_INIT) {
+                    ESP_LOGV(TAG, "Sha256Update try hardware");
+                    esp_sha_try_hw_lock(&sha256->ctx);
+                }
+            #endif
+
+
             #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
                 #if defined(WOLFSSL_X86_64_BUILD) && \
                           defined(USE_INTEL_SPEEDUP) && \
                           (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
                 if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
                 #endif
+                #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+                     defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+                    defined(WOLFSSL_ESP32_CRYPT) && \
+                   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+                   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+                    if (esp_sha_need_byte_reversal(&sha256->ctx))
+                #endif
                 {
                     ByteReverseWords(sha256->buffer, sha256->buffer,
                         WC_SHA256_BLOCK_SIZE);
                 }
             #endif
 
-            #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-                if (sha256->ctx.mode == ESP32_SHA_INIT) {
-                    ESP_LOGV(TAG, "Sha256Update try hardware");
-                    esp_sha_try_hw_lock(&sha256->ctx);
-                }
+            #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+               !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
 
                 if (sha256->ctx.mode == ESP32_SHA_SW) {
-                    ESP_LOGV(TAG, "Sha256Update process software");
+                    #if defined(WOLFSSL_DEBUG_MUTEX)
+                    {
+                        ESP_LOGI(TAG, "Sha256Update process software");
+                    }
+                    #endif
+                    #ifdef WOLFSSL_HW_METRICS
+                    {
+                        /* Track of # SW during transforms during active HW */
+                        esp_sw_sha256_count_add();
+                    }
+                    #endif /* WOLFSSL_HW_METRICS */
                     ret = XTRANSFORM(sha256, (const byte*)local);
                 }
                 else {
-                    ESP_LOGV(TAG, "Sha256Update process hardware");
+                    #if defined(WOLFSSL_DEBUG_MUTEX)
+                    {
+                        ESP_LOGI(TAG, "Sha256Update process hardware");
+                    }
+                    #endif
                     esp_sha256_process(sha256, (const byte*)local);
                 }
             #else
+                /* Always SW */
                 ret = XTRANSFORM(sha256, (const byte*)local);
             #endif
 
@@ -1174,8 +1170,22 @@ static int InitSha256(wc_Sha256* sha256)
 
                 data += WC_SHA256_BLOCK_SIZE;
                 len  -= WC_SHA256_BLOCK_SIZE;
+            #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+               !defined( NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+                if (sha256->ctx.mode == ESP32_SHA_INIT){
+                    ESP_LOGV(TAG, "Sha256Update try hardware loop");
+                    esp_sha_try_hw_lock(&sha256->ctx);
+                }
+            #endif
 
             #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+                #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+                     defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+                    defined(WOLFSSL_ESP32_CRYPT) && \
+                   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+                   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+                    if (esp_sha_need_byte_reversal(&sha256->ctx))
+                #endif
                 #if defined(WOLFSSL_X86_64_BUILD) && \
                           defined(USE_INTEL_SPEEDUP) && \
                           (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
@@ -1186,11 +1196,8 @@ static int InitSha256(wc_Sha256* sha256)
                 }
             #endif
 
-            #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-                if (sha256->ctx.mode == ESP32_SHA_INIT){
-                    ESP_LOGV(TAG, "Sha256Update try hardware loop");
-                    esp_sha_try_hw_lock(&sha256->ctx);
-                }
+            #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+               !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
                 if (sha256->ctx.mode == ESP32_SHA_SW) {
                     ESP_LOGV(TAG, "Sha256Update process software loop");
                     ret = XTRANSFORM(sha256, (const byte*)local32);
@@ -1282,7 +1289,21 @@ static int InitSha256(wc_Sha256* sha256)
                 WC_SHA256_BLOCK_SIZE - sha256->buffLen);
             sha256->buffLen += WC_SHA256_BLOCK_SIZE - sha256->buffLen;
 
+        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+            if (sha256->ctx.mode == ESP32_SHA_INIT) {
+                esp_sha_try_hw_lock(&sha256->ctx);
+            }
+        #endif
+
         #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+            #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+                 defined(CONFIG_IDF_TARGET_ESP32C6))  && \
+                defined(WOLFSSL_ESP32_CRYPT) && \
+               !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+               !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+                if (esp_sha_need_byte_reversal(&sha256->ctx))
+            #endif
             #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
                           (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
             if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@@ -1293,7 +1314,8 @@ static int InitSha256(wc_Sha256* sha256)
             }
         #endif
 
-        #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+        #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
             if (sha256->ctx.mode == ESP32_SHA_INIT) {
                 esp_sha_try_hw_lock(&sha256->ctx);
             }
@@ -1314,13 +1336,27 @@ static int InitSha256(wc_Sha256* sha256)
         XMEMSET(&local[sha256->buffLen], 0,
             WC_SHA256_PAD_SIZE - sha256->buffLen);
 
-        /* put lengths in bits */
+        /* put 64 bit length in separate 32 bit parts */
         sha256->hiLen = (sha256->loLen >> (8 * sizeof(sha256->loLen) - 3)) +
                                                          (sha256->hiLen << 3);
         sha256->loLen = sha256->loLen << 3;
 
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+        if (sha256->ctx.mode == ESP32_SHA_INIT) {
+            esp_sha_try_hw_lock(&sha256->ctx);
+        }
+    #endif
+
         /* store lengths */
     #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU_SHA)
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+             defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+            defined(WOLFSSL_ESP32_CRYPT) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+            if (esp_sha_need_byte_reversal(&sha256->ctx))
+        #endif
         #if defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
                           (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
         if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
@@ -1330,11 +1366,33 @@ static int InitSha256(wc_Sha256* sha256)
                 WC_SHA256_BLOCK_SIZE);
         }
     #endif
-        /* ! length ordering dependent on digest endian type ! */
+        /* ! 64-bit length ordering dependent on digest endian type ! */
         XMEMCPY(&local[WC_SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32));
         XMEMCPY(&local[WC_SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen,
                 sizeof(word32));
 
+    /* Only the ESP32-C3 with HW enabled may need pad size byte order reversal
+     * depending on HW or SW mode */
+    #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+         defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+         defined(WOLFSSL_ESP32_CRYPT) && \
+       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+        if (sha256->ctx.mode == ESP32_SHA_HW) {
+        #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+            ESP_LOGV(TAG, "Start: Reverse PAD SIZE Endianness.");
+        #endif
+            ByteReverseWords(
+                &sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* out */
+                &sha256->buffer[WC_SHA256_PAD_SIZE / sizeof(word32)], /* in  */
+                2 * sizeof(word32) /* byte count to reverse */
+            );
+        #if defined(WOLFSSL_SUPER_VERBOSE_DEBUG)
+            ESP_LOGV(TAG, "End: Reverse PAD SIZE Endianness.");
+        #endif
+        } /* end if (sha256->ctx.mode == ESP32_SHA_HW) */
+    #endif
+
     #if defined(FREESCALE_MMCAU_SHA) || \
         (defined(WOLFSSL_X86_64_BUILD) && defined(USE_INTEL_SPEEDUP) && \
                          (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2)))
@@ -1351,10 +1409,13 @@ static int InitSha256(wc_Sha256* sha256)
         }
     #endif
 
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
         if (sha256->ctx.mode == ESP32_SHA_INIT) {
             esp_sha_try_hw_lock(&sha256->ctx);
         }
+        /* depending on architecture and ctx.mode value
+         * we may or may not need default digest */
         if (sha256->ctx.mode == ESP32_SHA_SW) {
             ret = XTRANSFORM(sha256, (const byte*)local);
         }
@@ -1381,8 +1442,18 @@ static int InitSha256(wc_Sha256* sha256)
         }
 
     #ifdef LITTLE_ENDIAN_ORDER
-        ByteReverseWords((word32*)digest, (word32*)sha256->digest,
-                                                         WC_SHA256_DIGEST_SIZE);
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+             defined(CONFIG_IDF_TARGET_ESP32C6)) && \
+            defined(WOLFSSL_ESP32_CRYPT) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+            if (esp_sha_need_byte_reversal(&sha256->ctx))
+        #endif
+            {
+                ByteReverseWords((word32*)digest,
+                                 (word32*)sha256->digest,
+                                  WC_SHA256_DIGEST_SIZE);
+            }
         XMEMCPY(hash, digest, WC_SHA256_DIGEST_SIZE);
     #else
         XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
@@ -1426,7 +1497,16 @@ static int InitSha256(wc_Sha256* sha256)
         }
 
     #if defined(LITTLE_ENDIAN_ORDER)
-        ByteReverseWords(sha256->digest, sha256->digest, WC_SHA256_DIGEST_SIZE);
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || defined(CONFIG_IDF_TARGET_ESP32C6))  && \
+            defined(WOLFSSL_ESP32_CRYPT) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+           !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+            if (esp_sha_need_byte_reversal(&sha256->ctx))
+        #endif
+            {
+                ByteReverseWords(sha256->digest, sha256->digest,
+                                 WC_SHA256_DIGEST_SIZE);
+            }
     #endif
         XMEMCPY(hash, sha256->digest, WC_SHA256_DIGEST_SIZE);
 
@@ -1554,6 +1634,11 @@ static int InitSha256(wc_Sha256* sha256)
 
 /* implemented in wolfcrypt/src/port/Renesas/renesas_rx64_hw_sha.c */
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #else
 
     #define NEED_SOFT_SHA224
@@ -1594,9 +1679,11 @@ static int InitSha256(wc_Sha256* sha256)
         sha224->used = 0;
     #endif
 
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-        /* not to be confused with HAS512_224 */
-        sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+        /* not to be confused with SHAS512_224 */
+        ret = esp_sha_init(&(sha224->ctx), WC_HASH_TYPE_SHA224);
     #endif
 
         return ret;
@@ -1617,14 +1704,19 @@ static int InitSha256(wc_Sha256* sha256)
         sha224->W = NULL;
     #endif
 
-    #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+        #if defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224)
         /* We know this is a fresh, uninitialized item, so set to INIT */
         if (sha224->ctx.mode != ESP32_SHA_SW) {
             ESP_LOGV(TAG, "Set sha224 ctx mode init to ESP32_SHA_SW. "
                           "Prior value: %d", sha224->ctx.mode);
         }
         /* no sha224 HW support is available, set to SW */
-        sha224->ctx.mode = ESP32_SHA_SW;
+            sha224->ctx.mode = ESP32_SHA_SW;
+        #else
+            /* We know this is a fresh, uninitialized item, so set to INIT */
+            sha224->ctx.mode = ESP32_SHA_INIT;
+        #endif
     #endif
 
         ret = InitSha224(sha224);
@@ -1642,7 +1734,9 @@ static int InitSha256(wc_Sha256* sha256)
      ret = wc_CAAM_HashInit(&sha224->hndl, &sha224->ctx, WC_HASH_TYPE_SHA224);
 #endif
 
-    #ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
         if (sha224->ctx.mode != ESP32_SHA_INIT) {
             ESP_LOGV("SHA224", "Set ctx mode from prior value: "
                                "%d", sha224->ctx.mode);
@@ -1670,7 +1764,9 @@ static int InitSha256(wc_Sha256* sha256)
         }
     #endif /* WOLFSSL_ASYNC_CRYPT */
 
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       (defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
         sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
     #endif
 
@@ -1696,8 +1792,11 @@ static int InitSha256(wc_Sha256* sha256)
         }
     #endif /* WOLFSSL_ASYNC_CRYPT */
 
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-        sha224->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+
+        /* nothing enabled here for C3 success */
     #endif
 
         ret = Sha256Final((wc_Sha256*)sha224);
@@ -1705,7 +1804,18 @@ static int InitSha256(wc_Sha256* sha256)
             return ret;
 
     #if defined(LITTLE_ENDIAN_ORDER)
-        ByteReverseWords(sha224->digest, sha224->digest, WC_SHA224_DIGEST_SIZE);
+        #if (defined(CONFIG_IDF_TARGET_ESP32C3) || \
+             defined(CONFIG_IDF_TARGET_ESP32C6))  && \
+            defined(WOLFSSL_ESP32_CRYPT) && \
+       (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+            if (esp_sha_need_byte_reversal(&sha224->ctx))
+        #endif
+        {
+            ByteReverseWords(sha224->digest,
+                             sha224->digest,
+                             WC_SHA224_DIGEST_SIZE);
+        }
     #endif
         XMEMCPY(hash, sha224->digest, WC_SHA224_DIGEST_SIZE);
 
@@ -1732,10 +1842,11 @@ static int InitSha256(wc_Sha256* sha256)
             return;
 
 #ifdef WOLFSSL_SMALL_STACK_CACHE
-    if (sha224->W != NULL) {
-        XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
-        sha224->W = NULL;
-    }
+        if (sha224->W != NULL) {
+            ForceZero(sha224->W, sizeof(word32) * WC_SHA224_BLOCK_SIZE);
+            XFREE(sha224->W, NULL, DYNAMIC_TYPE_DIGEST);
+            sha224->W = NULL;
+        }
 #endif
 
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
@@ -1749,14 +1860,16 @@ static int InitSha256(wc_Sha256* sha256)
         KcapiHashFree(&sha224->kcapi);
     #endif
     #if defined(WOLFSSL_RENESAS_RX64_HASH)
-    if (sha224->msg != NULL) {
-        XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER);
-        sha224->msg = NULL;
-    }
+        if (sha224->msg != NULL) {
+            ForceZero(sha224->msg, sha224->len);
+            XFREE(sha224->msg, sha224->heap, DYNAMIC_TYPE_TMP_BUFFER);
+            sha224->msg = NULL;
+        }
     #endif
+        ForceZero(sha224, sizeof(*sha224));
     }
-#endif /* WOLFSSL_SHA224 */
-#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
+#endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH)  */
+#endif /*  WOLFSSL_SHA224 */
 
 
 int wc_InitSha256(wc_Sha256* sha256)
@@ -1777,8 +1890,15 @@ void wc_Sha256Free(wc_Sha256* sha256)
     if (sha256 == NULL)
         return;
 
+#if defined(WOLFSSL_ESP32) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
+    esp_sha_release_unfinished_lock(&sha256->ctx);
+#endif
+
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     if (sha256->W != NULL) {
+        ForceZero(sha256->W, sizeof(word32) * WC_SHA256_BLOCK_SIZE);
         XFREE(sha256->W, NULL, DYNAMIC_TYPE_DIGEST);
         sha256->W = NULL;
     }
@@ -1805,15 +1925,16 @@ void wc_Sha256Free(wc_Sha256* sha256)
 #endif /* WOLFSSL_DEVCRYPTO */
 #if (defined(WOLFSSL_AFALG_HASH) && defined(WOLFSSL_AFALG_HASH_KEEP)) || \
     (defined(WOLFSSL_DEVCRYPTO_HASH) && defined(WOLFSSL_DEVCRYPTO_HASH_KEEP)) || \
-    (defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+    ((defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+      defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)) || \
-    ((defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-      defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)) || \
+    (defined(WOLFSSL_RENESAS_SCEPROTECT) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)) || \
     defined(WOLFSSL_RENESAS_RX64_HASH) || \
     defined(WOLFSSL_HASH_KEEP)
 
     if (sha256->msg != NULL) {
+        ForceZero(sha256->msg, sha256->len);
         XFREE(sha256->msg, sha256->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha256->msg = NULL;
     }
@@ -1831,8 +1952,17 @@ void wc_Sha256Free(wc_Sha256* sha256)
     wc_MAXQ10XX_Sha256Free(sha256);
 #endif
 
+#ifdef HAVE_ARIA
+    if (sha256->hSession != NULL) {
+        MC_CloseSession(sha256->hSession);
+        sha256->hSession = NULL;
+    }
+#endif
+
 /* Espressif embedded hardware acceleration specific: */
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
     if (sha256->ctx.lockDepth > 0) {
         /* probably due to unclean shutdown, error, or other problem.
          *
@@ -1848,7 +1978,8 @@ void wc_Sha256Free(wc_Sha256* sha256)
         ESP_LOGV(TAG, "Hardware unlock not needed in wc_Sha256Free.");
     }
 #endif
-}
+    ForceZero(sha256, sizeof(*sha256));
+} /* wc_Sha256Free */
 
 #endif /* !defined(WOLFSSL_HAVE_PSA) || defined(WOLFSSL_PSA_NO_HASH) */
 #ifdef WOLFSSL_HASH_KEEP
@@ -1872,11 +2003,12 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
 #endif /* WOLFSSL_HASH_KEEP */
 
 #endif /* !WOLFSSL_TI_HASH */
-#endif /* HAVE_FIPS */
 
 
 #ifndef WOLFSSL_TI_HASH
-#if !defined(WOLFSSL_RENESAS_RX64_HASH)
+#if !defined(WOLFSSL_RENESAS_RX64_HASH) && \
+    (!defined(WOLFSSL_RENESAS_RSIP) || \
+      defined(NO_WOLFSSL_RENESAS_FSPSM_HASH))
 #ifdef WOLFSSL_SHA224
 
 #if defined(WOLFSSL_KCAPI_HASH) && !defined(WOLFSSL_NO_KCAPI_SHA224)
@@ -1933,17 +2065,22 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
         dst->W = NULL;
     #endif
 
-    #ifdef WOLFSSL_SILABS_SE_ACCEL
-        dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
-        dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+    #if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+        dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+        dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
     #endif
 
     #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA224)
         ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
     #endif
 
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-        ret = esp_sha224_ctx_copy(src, dst);
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+        !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
+        /* regardless of any other settings, there's no SHA-224 HW on ESP32 */
+        #ifndef CONFIG_IDF_TARGET_ESP32
+            ret = esp_sha224_ctx_copy(src, dst);
+        #endif
     #endif
 
     #ifdef WOLFSSL_HASH_FLAGS
@@ -1991,16 +2128,16 @@ int wc_Sha224_Grow(wc_Sha224* sha224, const byte* in, int inSz)
 #elif defined(WOLFSSL_DEVCRYPTO_HASH)
     /* implemented in wolfcrypt/src/port/devcrypto/devcrypt_hash.c */
 
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
     !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
 
     /* implemented in wolfcrypt/src/port/Renesas/renesas_tsip_sha.c */
 
-#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-       defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-    !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
+#elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP))\
+     && !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
 
-    /* implemented in wolfcrypt/src/port/Renesas/renesas_sce_sha.c */
+    /* implemented in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
 
 #elif defined(WOLFSSL_PSOC6_CRYPTO)
     /* implemented in wolfcrypt/src/port/cypress/psoc6_crypto.c */
@@ -2068,9 +2205,9 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
     dst->W = NULL;
 #endif
 
-#ifdef WOLFSSL_SILABS_SE_ACCEL
-    dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3)
+    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
 #endif
 
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA256)
@@ -2081,10 +2218,18 @@ int wc_Sha256Copy(wc_Sha256* src, wc_Sha256* dst)
     ret = wc_Pic32HashCopy(&src->cache, &dst->cache);
 #endif
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256)
     esp_sha256_ctx_copy(src, dst);
 #endif
 
+#ifdef HAVE_ARIA
+    dst->hSession = NULL;
+    if((src->hSession != NULL) && (MC_CopySession(src->hSession, &(dst->hSession)) != MC_OK)) {
+        return MEMORY_E;
+    }
+#endif
+
 #ifdef WOLFSSL_HASH_FLAGS
      dst->flags |= WC_HASH_FLAG_ISCOPY;
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
index 3adac1e7..6d1c8ea7 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha256_asm.S
@@ -1,5 +1,5 @@
-/* sha256_asm
- *
+/* sha256_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
index 2baea765..096566d2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3.c
@@ -1399,6 +1399,7 @@ int wc_Shake256_Update(wc_Shake* shake, const byte* data, word32 len)
  *
  * shake  wc_Shake object holding state.
  * hash  Buffer to hold the hash result. Must be at least 64 bytes.
+ * hashLen Size of hash in bytes.
  * returns 0 on success.
  */
 int wc_Shake256_Final(wc_Shake* shake, byte* hash, word32 hashLen)
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
index 99c90d65..07a0b140 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha3_asm.S
@@ -1,5 +1,5 @@
-/* sha3_asm
- *
+/* sha3_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
index 3d17a09b..c6968162 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512.c
@@ -26,21 +26,23 @@
 
 #include <wolfssl/wolfcrypt/settings.h>
 
-#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && !defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_PSOC6_CRYPTO)
+#if (defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)) && \
+    (!defined(WOLFSSL_ARMASM) && !defined(WOLFSSL_ARMASM_NO_NEON)) && \
+    !defined(WOLFSSL_PSOC6_CRYPTO)
 
 /* determine if we are using Espressif SHA hardware acceleration */
-#undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
-    /* define a single keyword for simplicity & readability
+#undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
+#if defined(WOLFSSL_ESP32_CRYPT) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
+    #include "sdkconfig.h"
+    /* Define a single keyword for simplicity & readability.
      *
-     * by default the HW acceleration is on for ESP32-WROOM32
-     * but individual components can be turned off.
+     * By default the HW acceleration is on for ESP32 Chipsets,
+     * but individual components can be turned off. See user_settings.h
      */
-    #define WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #define WOLFSSL_USE_ESP32_CRYPT_HASH_HW
     static const char* TAG = "wc_sha_512";
 #else
-    #undef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+    #undef WOLFSSL_USE_ESP32_CRYPT_HASH_HW
 #endif
 
 #if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
@@ -71,92 +73,6 @@
     #define USE_SLOW_SHA512
 #endif
 
-/* fips wrapper calls, user can call direct */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-
-    #ifdef WOLFSSL_SHA512
-
-        int wc_InitSha512(wc_Sha512* sha)
-        {
-            if (sha == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            return InitSha512_fips(sha);
-        }
-        int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId)
-        {
-            (void)heap;
-            (void)devId;
-            if (sha == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            return InitSha512_fips(sha);
-        }
-        int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len)
-        {
-            if (sha == NULL || (data == NULL && len > 0)) {
-                return BAD_FUNC_ARG;
-            }
-
-            return Sha512Update_fips(sha, data, len);
-        }
-        int wc_Sha512Final(wc_Sha512* sha, byte* out)
-        {
-            if (sha == NULL || out == NULL) {
-                return BAD_FUNC_ARG;
-            }
-
-            return Sha512Final_fips(sha, out);
-        }
-        void wc_Sha512Free(wc_Sha512* sha)
-        {
-            (void)sha;
-            /* Not supported in FIPS */
-        }
-    #endif
-
-    #if defined(WOLFSSL_SHA384) || defined(HAVE_AESGCM)
-        int wc_InitSha384(wc_Sha384* sha)
-        {
-            if (sha == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            return InitSha384_fips(sha);
-        }
-        int wc_InitSha384_ex(wc_Sha384* sha, void* heap, int devId)
-        {
-            (void)heap;
-            (void)devId;
-            if (sha == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            return InitSha384_fips(sha);
-        }
-        int wc_Sha384Update(wc_Sha384* sha, const byte* data, word32 len)
-        {
-            if (sha == NULL || (data == NULL && len > 0)) {
-                return BAD_FUNC_ARG;
-            }
-            return Sha384Update_fips(sha, data, len);
-        }
-        int wc_Sha384Final(wc_Sha384* sha, byte* out)
-        {
-            if (sha == NULL || out == NULL) {
-                return BAD_FUNC_ARG;
-            }
-            return Sha384Final_fips(sha, out);
-        }
-        void wc_Sha384Free(wc_Sha384* sha)
-        {
-            (void)sha;
-            /* Not supported in FIPS */
-        }
-    #endif /* WOLFSSL_SHA384 || HAVE_AESGCM */
-
-#else /* else build without fips, or for FIPS v2 */
-
 #include <wolfssl/wolfcrypt/logging.h>
 
 #ifdef NO_INLINE
@@ -220,6 +136,10 @@
 #elif defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     int wc_InitSha512(wc_Sha512* sha512)
     {
@@ -294,7 +214,8 @@ static int InitSha512(wc_Sha512* sha512)
     sha512->loLen   = 0;
     sha512->hiLen   = 0;
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
 
     /* HW needs to be carefully initialized, taking into account soft copy.
     ** If already in use; copy may revert to SW as needed. */
@@ -334,7 +255,8 @@ static int InitSha512_224(wc_Sha512* sha512)
     sha512->loLen   = 0;
     sha512->hiLen   = 0;
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     /* HW needs to be carefully initialized, taking into account soft copy.
     ** If already in use; copy may revert to SW as needed.
     **
@@ -376,7 +298,8 @@ static int InitSha512_256(wc_Sha512* sha512)
     sha512->loLen   = 0;
     sha512->hiLen   = 0;
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     /* HW needs to be carefully initialized, taking into account soft copy.
     ** If already in use; copy may revert to SW as needed.
     **
@@ -616,7 +539,8 @@ static int InitSha512_Family(wc_Sha512* sha512, void* heap, int devId,
 
 int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
 {
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     if (sha512->ctx.mode != ESP32_SHA_INIT) {
         ESP_LOGV(TAG, "Set ctx mode from prior value: "
                       "%d", sha512->ctx.mode);
@@ -632,7 +556,8 @@ int wc_InitSha512_ex(wc_Sha512* sha512, void* heap, int devId)
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
 {
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     /* No SHA512/224 HW support is available, set to SW. */
     sha512->ctx.mode = ESP32_SHA_SW; /* no SHA224 HW, so always SW */
 #endif
@@ -644,7 +569,8 @@ int wc_InitSha512_224_ex(wc_Sha512* sha512, void* heap, int devId)
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 int wc_InitSha512_256_ex(wc_Sha512* sha512, void* heap, int devId)
 {
-#ifdef WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     /* No SHA512/256 HW support is available on ESP32, set to SW. */
     sha512->ctx.mode = ESP32_SHA_SW;
 #endif
@@ -835,15 +761,17 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
             if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
         #endif
             {
-        #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-             defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+        #if !defined(WOLFSSL_ESP32_CRYPT) || \
+             defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+             defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
                 ByteReverseWords64(sha512->buffer, sha512->buffer,
                                                          WC_SHA512_BLOCK_SIZE);
         #endif
             }
     #endif
-    #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+    #if !defined(WOLFSSL_ESP32_CRYPT) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
             ret = Transform_Sha512(sha512);
     #else
             if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -908,13 +836,15 @@ static WC_INLINE int Sha512Update(wc_Sha512* sha512, const byte* data, word32 le
 
             data += WC_SHA512_BLOCK_SIZE;
             len  -= WC_SHA512_BLOCK_SIZE;
-    #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+    #if !defined(WOLFSSL_ESP32_CRYPT) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
             ByteReverseWords64(sha512->buffer, sha512->buffer,
                                                        WC_SHA512_BLOCK_SIZE);
     #endif
-    #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+    #if !defined(WOLFSSL_ESP32_CRYPT) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
             ret = Transform_Sha512(sha512);
     #else
             if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -980,6 +910,9 @@ int wc_Sha512Update(wc_Sha512* sha512, const byte* data, word32 len)
 
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+   !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
 
 #else
@@ -1014,15 +947,17 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
     #endif
         {
 
-       #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-            defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+       #if !defined(WOLFSSL_ESP32_CRYPT) || \
+            defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+            defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
             ByteReverseWords64(sha512->buffer,sha512->buffer,
                                                          WC_SHA512_BLOCK_SIZE);
        #endif
         }
 
 #endif /* LITTLE_ENDIAN_ORDER */
-    #if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+    #if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW) && \
+       !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
         if (sha512->ctx.mode == ESP32_SHA_INIT) {
             esp_sha_try_hw_lock(&sha512->ctx);
         }
@@ -1056,15 +991,17 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
         (defined(HAVE_INTEL_AVX1) || defined(HAVE_INTEL_AVX2))
         if (!IS_INTEL_AVX1(intel_flags) && !IS_INTEL_AVX2(intel_flags))
     #endif
-    #if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-         defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+    #if !defined(WOLFSSL_ESP32_CRYPT) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+         defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
             ByteReverseWords64(sha512->buffer, sha512->buffer, WC_SHA512_PAD_SIZE);
     #endif
 #endif
     /* ! length ordering dependent on digest endian type ! */
 
-#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-     defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if !defined(WOLFSSL_ESP32_CRYPT) || \
+     defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+     defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen;
     sha512->buffer[WC_SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen;
 #endif
@@ -1077,8 +1014,9 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
                            WC_SHA512_BLOCK_SIZE - WC_SHA512_PAD_SIZE);
 #endif
 
-#if !defined(WOLFSSL_ESP32WROOM32_CRYPT) || \
-    defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if !defined(WOLFSSL_ESP32_CRYPT) || \
+    defined(NO_WOLFSSL_ESP32_CRYPT_HASH) || \
+    defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     ret = Transform_Sha512(sha512);
 #else
     if(sha512->ctx.mode == ESP32_SHA_INIT) {
@@ -1105,6 +1043,7 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
         ByteReverseWords64(sha512->digest, sha512->digest, WC_SHA512_DIGEST_SIZE);
     #endif
 
+
     return 0;
 }
 
@@ -1116,6 +1055,10 @@ static WC_INLINE int Sha512Final(wc_Sha512* sha512)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #else
 
 static int Sha512FinalRaw(wc_Sha512* sha512, byte* hash, size_t digestSz)
@@ -1208,8 +1151,15 @@ void wc_Sha512Free(wc_Sha512* sha512)
     if (sha512 == NULL)
         return;
 
+#if defined(WOLFSSL_ESP32) && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)  && \
+    !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
+    esp_sha_release_unfinished_lock(&sha512->ctx);
+#endif
+
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     if (sha512->W != NULL) {
+        ForceZero(sha512->W, sizeof(word64) * 16);
         XFREE(sha512->W, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha512->W = NULL;
     }
@@ -1221,6 +1171,7 @@ void wc_Sha512Free(wc_Sha512* sha512)
 
 #if defined(WOLFSSL_HASH_KEEP)
     if (sha512->msg != NULL) {
+        ForceZero(sha512->msg, sha512->len);
         XFREE(sha512->msg, sha512->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha512->msg = NULL;
     }
@@ -1229,6 +1180,8 @@ void wc_Sha512Free(wc_Sha512* sha512)
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
     wolfAsync_DevCtxFree(&sha512->asyncDev, WOLFSSL_ASYNC_MARKER_SHA512);
 #endif /* WOLFSSL_ASYNC_CRYPT */
+
+    ForceZero(sha512, sizeof(*sha512));
 }
 #if (defined(OPENSSL_EXTRA) || defined(HAVE_CURL)) \
     && !defined(WOLFSSL_KCAPI_HASH)
@@ -1281,6 +1234,7 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
 
     XMEMCPY(sha->buffer, buffer, WC_SHA512_BLOCK_SIZE);
 #ifdef WOLFSSL_SMALL_STACK
+    ForceZero(buffer, WC_SHA512_BLOCK_SIZE);
     XFREE(buffer, sha->heap, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
     return ret;
@@ -1333,6 +1287,10 @@ int wc_Sha512Transform(wc_Sha512* sha, const unsigned char* data)
 #elif defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #else
 
 static int InitSha384(wc_Sha384* sha384)
@@ -1354,7 +1312,8 @@ static int InitSha384(wc_Sha384* sha384)
     sha384->loLen   = 0;
     sha384->hiLen   = 0;
 
-#if  defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)  && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
     /* HW needs to be carefully initialized, taking into account soft copy.
     ** If already in use; copy may revert to SW as needed. */
     esp_sha_init(&(sha384->ctx), WC_HASH_TYPE_SHA384);
@@ -1364,6 +1323,10 @@ static int InitSha384(wc_Sha384* sha384)
     sha384->flags = 0;
 #endif
 
+#ifdef HAVE_ARIA
+    sha384->hSession = NULL;
+#endif
+
 #ifdef WOLFSSL_HASH_KEEP
     sha384->msg  = NULL;
     sha384->len  = 0;
@@ -1476,7 +1439,8 @@ int wc_InitSha384_ex(wc_Sha384* sha384, void* heap, int devId)
     sha384->devId = devId;
     sha384->devCtx = NULL;
 #endif
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)  && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
     if (sha384->ctx.mode != ESP32_SHA_INIT) {
         ESP_LOGV(TAG, "Set ctx mode from prior value: "
                            "%d", sha384->ctx.mode);
@@ -1524,8 +1488,14 @@ void wc_Sha384Free(wc_Sha384* sha384)
     if (sha384 == NULL)
         return;
 
+#if defined(WOLFSSL_ESP32) && !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)  && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384)
+    esp_sha_release_unfinished_lock(&sha384->ctx);
+#endif
+
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     if (sha384->W != NULL) {
+        ForceZero(sha384->W, sizeof(word64) * 16);
         XFREE(sha384->W, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha384->W = NULL;
     }
@@ -1537,6 +1507,7 @@ void wc_Sha384Free(wc_Sha384* sha384)
 
 #if defined(WOLFSSL_HASH_KEEP)
     if (sha384->msg != NULL) {
+        ForceZero(sha384->msg, sha384->len);
         XFREE(sha384->msg, sha384->heap, DYNAMIC_TYPE_TMP_BUFFER);
         sha384->msg = NULL;
     }
@@ -1549,17 +1520,28 @@ void wc_Sha384Free(wc_Sha384* sha384)
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
     wolfAsync_DevCtxFree(&sha384->asyncDev, WOLFSSL_ASYNC_MARKER_SHA384);
 #endif /* WOLFSSL_ASYNC_CRYPT */
+
+#ifdef HAVE_ARIA
+    if (sha384->hSession != NULL) {
+        MC_CloseSession(sha384->hSession);
+        sha384->hSession = NULL;
+    }
+#endif
+
+    ForceZero(sha384, sizeof(*sha384));
 }
 
 #endif /* WOLFSSL_SHA384 */
 
-#endif /* HAVE_FIPS */
-
 #ifdef WOLFSSL_SHA512
 
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #else
 
 static int Sha512_Family_GetHash(wc_Sha512* sha512, byte* hash,
@@ -1616,19 +1598,34 @@ int wc_Sha512Copy(wc_Sha512* src, wc_Sha512* dst)
     dst->W = NULL;
 #endif
 
-#ifdef WOLFSSL_SILABS_SHA512
-    dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
+    defined(WOLFSSL_SILABS_SHA512)
+    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
 #endif
 
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA512)
     ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
 #endif
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+    if (ret == 0) {
+        ret = esp_sha512_ctx_copy(src, dst);
+    }
+    #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+          defined(CONFIG_IDF_TARGET_ESP32C6)
+        ESP_LOGV(TAG, "No SHA-512 HW on the ESP32-C3");
+    #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
+          defined(CONFIG_IDF_TARGET_ESP32S3)
     if (ret == 0) {
         ret = esp_sha512_ctx_copy(src, dst);
     }
+    #else
+        ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
+                       CONFIG_IDF_TARGET);
+    #endif
+
 #endif
 
 #ifdef WOLFSSL_HASH_FLAGS
@@ -1682,6 +1679,10 @@ int wc_Sha512_224Update(wc_Sha512* sha, const byte* data, word32 len)
 
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
 
 #else
@@ -1706,6 +1707,9 @@ void wc_Sha512_224Free(wc_Sha512* sha)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
 
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
 
 #else
 int wc_Sha512_224GetHash(wc_Sha512* sha512, byte* hash)
@@ -1754,6 +1758,10 @@ int wc_Sha512_256Update(wc_Sha512* sha, const byte* data, word32 len)
 }
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
+
 #elif defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
 
 #else
@@ -1776,6 +1784,9 @@ void wc_Sha512_256Free(wc_Sha512* sha)
 
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/Renesas/renesas_fspsm_sha.c */
 
 #else
 int wc_Sha512_256GetHash(wc_Sha512* sha512, byte* hash)
@@ -1815,7 +1826,9 @@ int wc_Sha512_256Transform(wc_Sha512* sha, const unsigned char* data)
 
 #if defined(WOLFSSL_KCAPI_HASH)
     /* functions defined in wolfcrypt/src/port/kcapi/kcapi_hash.c */
-
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    /* functions defined in wolfcrypt/src/port/renesas/renesas_fspsm_sha.c */
 #else
 
 int wc_Sha384GetHash(wc_Sha384* sha384, byte* hash)
@@ -1867,17 +1880,36 @@ int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst)
     dst->W = NULL;
 #endif
 
-#ifdef WOLFSSL_SILABS_SHA384
-    dst->silabsCtx.hash_ctx.cmd_ctx = &(dst->silabsCtx.cmd_ctx);
-    dst->silabsCtx.hash_ctx.hash_type_ctx = &(dst->silabsCtx.hash_type_ctx);
+#if defined(WOLFSSL_SILABS_SE_ACCEL) && defined(WOLFSSL_SILABS_SE_ACCEL_3) && \
+    defined(WOLFSSL_SILABS_SHA384)
+    dst->silabsCtx.hash_ctx.cmd_ctx = &dst->silabsCtx.cmd_ctx;
+    dst->silabsCtx.hash_ctx.hash_type_ctx = &dst->silabsCtx.hash_type_ctx;
 #endif
 
 #if defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_SHA384)
     ret = wolfAsync_DevCopy(&src->asyncDev, &dst->asyncDev);
 #endif
 
-#if defined(WOLFSSL_USE_ESP32WROOM32_CRYPT_HASH_HW)
-    esp_sha384_ctx_copy(src, dst);
+#if defined(WOLFSSL_USE_ESP32_CRYPT_HASH_HW)
+    #if defined(CONFIG_IDF_TARGET_ESP32)
+        esp_sha384_ctx_copy(src, dst);
+    #elif defined(CONFIG_IDF_TARGET_ESP32C3) || \
+          defined(CONFIG_IDF_TARGET_ESP32C6)
+        ESP_LOGV(TAG, "No SHA-384 HW on the ESP32-C3");
+    #elif defined(CONFIG_IDF_TARGET_ESP32S2) || \
+          defined(CONFIG_IDF_TARGET_ESP32S3)
+        esp_sha384_ctx_copy(src, dst);
+    #else
+        ESP_LOGW(TAG, "No SHA384 HW or not yet implemented for %s",
+                       CONFIG_IDF_TARGET);
+    #endif
+#endif
+
+#ifdef HAVE_ARIA
+    dst->hSession = NULL;
+    if((src->hSession != NULL) && (MC_CopySession(src->hSession, &(dst->hSession)) != MC_OK)) {
+        return MEMORY_E;
+    }
 #endif
 
 #ifdef WOLFSSL_HASH_FLAGS
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
index 83f60047..47789e83 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sha512_asm.S
@@ -1,5 +1,5 @@
-/* sha512_asm
- *
+/* sha512_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c b/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
index f9c71926..efcbd887 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/signature.c
@@ -525,17 +525,12 @@ int wc_SignatureGenerate_ex(
         #endif
         }
         if (ret == 0) {
-            /* Generate signature using hash */
-            ret = wc_SignatureGenerateHash(hash_type, sig_type,
-                hash_data, hash_enc_len, sig, sig_len, key, key_len, rng);
+            /* Generate signature using hash (also handles verify) */
+            ret = wc_SignatureGenerateHash_ex(hash_type, sig_type, hash_data,
+                hash_enc_len, sig, sig_len, key, key_len, rng, verify);
         }
     }
 
-    if (ret == 0 && verify) {
-        ret = wc_SignatureVerifyHash(hash_type, sig_type, hash_data,
-            hash_enc_len, sig, *sig_len, key, key_len);
-    }
-
 #if defined(WOLFSSL_SMALL_STACK) || defined(NO_ASN)
     XFREE(hash_data, NULL, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c b/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
index e91848a9..0fc27218 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/siphash.c
@@ -315,7 +315,7 @@ static WC_INLINE void SipHashOut(SipHash* sipHash, byte* out)
  *
  * @param [in, out] sipHash  SipHash object.
  * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of ouput MAC. 8 or 16 only.
+ * @param [in]      outSz    Size of output MAC. 8 or 16 only.
  * @return  BAD_FUNC_ARG when sipHash or out is NULL.
  * @return  BAD_FUNC_ARG when outSz is not the same as initialized value.
  * @return  0 on success.
@@ -393,7 +393,7 @@ int wc_SipHashFinal(SipHash* sipHash, unsigned char* out, unsigned char outSz)
  * @param [in]      in       Input message.
  * @param [in]      inSz     Size of input message.
  * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of ouput MAC. 8 or 16 only.
+ * @param [in]      outSz    Size of output MAC. 8 or 16 only.
  * @return  BAD_FUNC_ARG when key or out is NULL.
  * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
  * @return  BAD_FUNC_ARG when outSz is neither 8 nor 16.
@@ -622,7 +622,7 @@ int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
  * @param [in]      in       Input message.
  * @param [in]      inSz     Size of input message.
  * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of ouput MAC. 8 or 16 only.
+ * @param [in]      outSz    Size of output MAC. 8 or 16 only.
  * @return  BAD_FUNC_ARG when key or out is NULL.
  * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
  * @return  BAD_FUNC_ARG when outSz is not 8 nor 16.
@@ -851,7 +851,7 @@ int wc_SipHash(const unsigned char* key, const unsigned char* in, word32 inSz,
  * @param [in]      in       Input message.
  * @param [in]      inSz     Size of input message.
  * @param [out]     out      Buffer to place MAC into.
- * @param [in]      outSz    Size of ouput MAC. 8 or 16 only.
+ * @param [in]      outSz    Size of output MAC. 8 or 16 only.
  * @return  BAD_FUNC_ARG when key or out is NULL.
  * @return  BAD_FUNC_ARG when in is NULL and inSz is not zero.
  * @return  BAD_FUNC_ARG when outSz is not 8 nor 16.
diff --git a/extra/wolfssl/wolfssl/ctaocrypt/src/misc.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm2.c
index d31462fe..829d5e5b 100644
--- a/extra/wolfssl/wolfssl/ctaocrypt/src/misc.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm2.c
@@ -1,4 +1,4 @@
-/* misc.c
+/* sm2.c
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,11 +19,15 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
 
-#ifdef NO_INLINE
-    #include <wolfssl/wolfcrypt/misc.h>
-#else
-    /* for inline includes */
-    #define WOLFSSL_MISC_INCLUDED
-    #include <wolfcrypt/src/misc.c>
 #endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c
new file mode 100644
index 00000000..1339037b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3.c
@@ -0,0 +1,33 @@
+/* sm3.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM3
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S
new file mode 100644
index 00000000..2c368f1f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm3_asm.S
@@ -0,0 +1,33 @@
+/* sm3_asm.S
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM3
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c
new file mode 100644
index 00000000..1e4f3176
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sm4.c
@@ -0,0 +1,33 @@
+/* sm4.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM4
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
index a1b68dc8..2014da43 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm32.c
@@ -52,6 +52,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifdef WOLFSSL_SP_ARM32_ASM
 #define SP_PRINT_NUM(var, name, total, words, bits)         \
     do {                                                    \
@@ -118,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -230,6 +240,7 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
 #define sp_2048_norm_64(a)
 
 #ifndef WOLFSSL_SP_SMALL
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
@@ -238,17 +249,15 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
  */
 static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #32\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -271,14 +280,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
         "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -308,16 +312,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -346,16 +342,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -385,17 +374,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -424,16 +405,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -462,16 +436,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -501,16 +468,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -539,15 +498,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -576,16 +528,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -614,16 +559,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -653,16 +591,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -691,16 +621,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -729,16 +652,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -767,16 +683,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -805,16 +714,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -844,17 +746,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -883,15 +777,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -920,15 +807,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -957,16 +837,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -995,16 +868,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1033,16 +899,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1072,17 +931,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1111,15 +962,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1148,16 +992,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1186,16 +1023,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1224,16 +1054,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1262,16 +1085,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1300,16 +1116,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1339,17 +1148,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1378,16 +1179,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1416,15 +1210,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1453,15 +1240,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1490,16 +1270,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1528,16 +1301,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1566,16 +1332,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1604,16 +1363,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #28]\n\t"
         /* A[7] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1643,17 +1395,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1682,15 +1426,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1719,16 +1456,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1757,16 +1487,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1795,16 +1518,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1833,16 +1549,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1871,16 +1580,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [%[r], #32]\n\t"
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1910,17 +1612,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1949,15 +1643,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -1986,15 +1673,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2023,16 +1703,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2061,16 +1734,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2099,16 +1765,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [%[r], #36]\n\t"
         /* A[7] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2138,16 +1797,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2176,16 +1827,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2214,16 +1858,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2252,16 +1889,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2290,16 +1920,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #40]\n\t"
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2329,16 +1952,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2367,15 +1982,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2404,16 +2012,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2442,15 +2043,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [%[r], #44]\n\t"
         /* A[7] * B[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2480,17 +2074,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2519,16 +2105,9 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2557,15 +2136,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [%[r], #48]\n\t"
         /* A[6] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2595,16 +2167,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2633,15 +2197,8 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #52]\n\t"
         /* A[7] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -2666,11 +2223,6 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#endif
         "str	r5, [%[r], #56]\n\t"
         "str	r3, [%[r], #60]\n\t"
         "ldm	sp!, {r3, r4, r5, r6}\n\t"
@@ -2679,10 +2231,495 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
+    );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #36\n\t"
+        "str	%[r], [sp, #32]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "ldr	lr, [%[b]]\n\t"
+        "umull	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "umull	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "umull	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "umull	r9, r10, r12, lr\n\t"
+        "str	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "mov	r11, %[r]\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	r3, %[r], #0\n\t"
+        "umlal	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "str	r5, [sp, #8]\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r9, %[r], #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "umlal	r9, r10, r12, lr\n\t"
+        "ldr	%[r], [sp, #32]\n\t"
+        "add	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #36\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	%[r], [sp, #36]\n\t"
+        "str	%[a], [sp, #40]\n\t"
+#else
+        "strd	%[r], %[a], [sp, #36]\n\t"
+#endif
+        "mov	lr, %[b]\n\t"
+        "ldm	%[a], {%[r], %[a], %[b], r3}\n\t"
+        "ldm	lr!, {r4, r5, r6}\n\t"
+        "umull	r10, r11, %[r], r4\n\t"
+        "umull	r12, r7, %[a], r4\n\t"
+        "umaal	r11, r12, %[r], r5\n\t"
+        "umull	r8, r9, %[b], r4\n\t"
+        "umaal	r12, r8, %[a], r5\n\t"
+        "umaal	r12, r7, %[r], r6\n\t"
+        "umaal	r8, r9, r3, r4\n\t"
+        "stm	sp, {r10, r11, r12}\n\t"
+        "umaal	r7, r8, %[b], r5\n\t"
+        "ldm	lr!, {r4}\n\t"
+        "umull	r10, r11, %[a], r6\n\t"
+        "umaal	r8, r9, %[b], r6\n\t"
+        "umaal	r7, r10, %[r], r4\n\t"
+        "umaal	r8, r11, r3, r5\n\t"
+        "str	r7, [sp, #12]\n\t"
+        "umaal	r8, r10, %[a], r4\n\t"
+        "umaal	r9, r11, r3, r6\n\t"
+        "umaal	r9, r10, %[b], r4\n\t"
+        "umaal	r10, r11, r3, r4\n\t"
+        "ldm	lr, {r4, r5, r6, r7}\n\t"
+        "mov	r12, #0\n\t"
+        "umlal	r8, r12, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r10, r12, %[b], r4\n\t"
+        "umaal	r11, r12, r3, r4\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r9, r4, %[r], r5\n\t"
+        "umaal	r10, r4, %[a], r5\n\t"
+        "umaal	r11, r4, %[b], r5\n\t"
+        "umaal	r12, r4, r3, r5\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, %[r], r6\n\t"
+        "umaal	r11, r5, %[a], r6\n\t"
+        "umaal	r12, r5, %[b], r6\n\t"
+        "umaal	r4, r5, r3, r6\n\t"
+        "mov	r6, #0\n\t"
+        "umlal	r11, r6, %[r], r7\n\t"
+        "ldr	%[r], [sp, #40]\n\t"
+        "umaal	r12, r6, %[a], r7\n\t"
+        "add	%[r], %[r], #16\n\t"
+        "umaal	r4, r6, %[b], r7\n\t"
+        "sub	lr, lr, #16\n\t"
+        "umaal	r5, r6, r3, r7\n\t"
+        "ldm	%[r], {%[r], %[a], %[b], r3}\n\t"
+        "str	r6, [sp, #32]\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r7, #0\n\t"
+        "umlal	r8, r7, %[r], r6\n\t"
+        "umaal	r9, r7, %[a], r6\n\t"
+        "str	r8, [sp, #16]\n\t"
+        "umaal	r10, r7, %[b], r6\n\t"
+        "umaal	r11, r7, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r8, #0\n\t"
+        "umlal	r9, r8, %[r], r6\n\t"
+        "umaal	r10, r8, %[a], r6\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "umaal	r11, r8, %[b], r6\n\t"
+        "umaal	r12, r8, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r10, r9, %[r], r6\n\t"
+        "umaal	r11, r9, %[a], r6\n\t"
+        "str	r10, [sp, #24]\n\t"
+        "umaal	r12, r9, %[b], r6\n\t"
+        "umaal	r4, r9, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r10, #0\n\t"
+        "umlal	r11, r10, %[r], r6\n\t"
+        "umaal	r12, r10, %[a], r6\n\t"
+        "str	r11, [sp, #28]\n\t"
+        "umaal	r4, r10, %[b], r6\n\t"
+        "umaal	r5, r10, r3, r6\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r12, r7, %[r], r11\n\t"
+        "umaal	r4, r7, %[a], r11\n\t"
+        "ldr	r6, [sp, #32]\n\t"
+        "umaal	r5, r7, %[b], r11\n\t"
+        "umaal	r6, r7, r3, r11\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r4, r8, %[r], r11\n\t"
+        "umaal	r5, r8, %[a], r11\n\t"
+        "umaal	r6, r8, %[b], r11\n\t"
+        "umaal	r7, r8, r3, r11\n\t"
+        "ldm	lr, {r11, lr}\n\t"
+        "umaal	r5, r9, %[r], r11\n\t"
+        "umaal	r6, r10, %[r], lr\n\t"
+        "umaal	r6, r9, %[a], r11\n\t"
+        "umaal	r7, r10, %[a], lr\n\t"
+        "umaal	r7, r9, %[b], r11\n\t"
+        "umaal	r8, r10, %[b], lr\n\t"
+        "umaal	r8, r9, r3, r11\n\t"
+        "umaal	r9, r10, r3, lr\n\t"
+        "mov	r3, r12\n\t"
+        "ldr	lr, [sp, #36]\n\t"
+        "add	lr, lr, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	lr, lr, #32\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #44\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+    );
+}
+
+#endif
 /* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
@@ -2691,12 +2728,11 @@ static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
  */
 static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -2711,10 +2747,11 @@ static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -2726,8 +2763,8 @@ static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -2761,7 +2798,7 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -2774,12 +2811,11 @@ static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -2808,10 +2844,11 @@ static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -2888,8 +2925,8 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -2951,7 +2988,7 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -2964,12 +3001,11 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -3026,10 +3062,11 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -3110,8 +3147,8 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -3229,7 +3266,7 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -3242,12 +3279,11 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -3360,10 +3396,11 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -3437,6 +3474,7 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
     (void)sp_2048_add_32(r + 96, r + 96, a1);
 }
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
@@ -3444,14 +3482,13 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
  */
 static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #32\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -3462,15 +3499,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r2, r2, #17\n\t"
         "adds	r8, r8, r2\n\t"
         "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
         "mov	r4, #0\n\t"
         "str	r8, [sp]\n\t"
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3511,22 +3544,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [sp, #4]\n\t"
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3567,20 +3588,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3600,17 +3609,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #8]\n\t"
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3651,21 +3653,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3705,20 +3695,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r2, [sp, #12]\n\t"
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3759,21 +3739,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3813,18 +3781,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3844,17 +3802,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [sp, #16]\n\t"
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3876,15 +3827,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r3, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3913,16 +3860,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3951,12 +3891,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -3967,7 +3901,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -3989,15 +3922,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r4, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4026,16 +3955,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4064,15 +3986,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4095,15 +4010,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "adds	r2, r2, r5\n\t"
         "adcs	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
@@ -4111,7 +4017,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4133,15 +4038,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r2, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4170,16 +4071,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4208,16 +4102,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4246,12 +4133,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -4262,7 +4143,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4284,15 +4164,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r3, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4321,16 +4197,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4359,15 +4228,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4390,15 +4252,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "adds	r4, r4, r5\n\t"
         "adcs	r2, r2, r6\n\t"
         "adc	r3, r3, r7\n\t"
@@ -4406,7 +4259,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4428,15 +4280,11 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r4, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4465,16 +4313,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4503,12 +4344,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -4519,7 +4354,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4560,21 +4394,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4614,18 +4436,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4645,17 +4457,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [%[r], #40]\n\t"
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4696,21 +4501,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4750,20 +4543,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #44]\n\t"
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4804,20 +4587,8 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4837,17 +4608,10 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r2, [%[r], #48]\n\t"
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4888,21 +4652,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [%[r], #52]\n\t"
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -4920,11 +4672,6 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #17\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r2, r2, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-#endif
         "str	r4, [%[r], #56]\n\t"
         "str	r2, [%[r], #60]\n\t"
         "ldm	sp!, {r2, r3, r4, r8}\n\t"
@@ -4933,10 +4680,370 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2, r3, r4, r8}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
+    );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[r], [sp, #64]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * A[1] */
+        "ldr	lr, [%[a], #4]\n\t"
+        "umull	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "umull	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "umull	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "umull	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[a], #12]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[a], #16]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[a], #20]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[a], #24]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[a], #28]\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "ldr	r12, [%[a]]\n\t"
+        "umull	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, r12\n\t"
+        "adds	r10, r10, r11\n\t"
+        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r12, r12\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "add	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #32\n\t"
+        "str	%[r], [sp, #28]\n\t"
+        "ldm	%[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+        "umull	r9, r10, %[r], %[r]\n\t"
+        "umull	r11, r12, %[r], %[a]\n\t"
+        "adds	r11, r11, r11\n\t"
+        "mov	lr, #0\n\t"
+        "umaal	r10, r11, lr, lr\n\t"
+        "stm	sp, {r9, r10}\n\t"
+        "mov	r8, lr\n\t"
+        "umaal	r8, r12, %[r], r2\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r8, r11, %[a], %[a]\n\t"
+        "umull	r9, r10, %[r], r3\n\t"
+        "umaal	r9, r12, %[a], r2\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [sp, #8]\n\t"
+        "str	r9, [sp, #12]\n\t"
+#else
+        "strd	r8, r9, [sp, #8]\n\t"
+#endif
+        "mov	r9, lr\n\t"
+        "umaal	r9, r10, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r2, r2\n\t"
+        "str	r9, [sp, #16]\n\t"
+        "umull	r9, r8, %[r], r5\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r9, r10, r2, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r8, %[r], r6\n\t"
+        "umaal	r9, r12, %[a], r5\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r3, r3\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "umull	%[r], r9, %[r], r7\n\t"
+        "umaal	%[r], r8, %[a], r6\n\t"
+        "umaal	%[r], r12, r2, r5\n\t"
+        "umaal	%[r], r10, r3, r4\n\t"
+        "adcs	%[r], %[r], %[r]\n\t"
+        "umaal	%[r], r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "umaal	r9, r8, %[a], r7\n\t"
+        "umaal	r9, r10, r2, r6\n\t"
+        "umaal	r12, r9, r3, r5\n\t"
+        "adcs	r12, r12, r12\n\t"
+        "umaal	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "umaal	r9, r8, r2, r7\n\t"
+        "umaal	r10, r9, r3, r6\n\t"
+        "mov	r2, lr\n\t"
+        "umaal	r10, r2, r4, r5\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "umaal	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "umaal	r2, r8, r3, r7\n\t"
+        "umaal	r2, r9, r4, r6\n\t"
+        "adcs	r3, r2, r2\n\t"
+        "umaal	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "mov	%[a], lr\n\t"
+        "umaal	%[a], r8, r4, r7\n\t"
+        "umaal	%[a], r9, r5, r6\n\t"
+        "adcs	r4, %[a], %[a]\n\t"
+        "umaal	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "umaal	r8, r9, r5, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "mov	r5, lr\n\t"
+        "umaal	r5, r9, r6, r7\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "umaal	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r5, r7, r7\n\t"
+        "adcs	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "ldr	lr, [sp, #28]\n\t"
+        "add	lr, lr, #28\n\t"
+        "stm	lr!, {%[r], r12}\n\t"
+        "stm	lr!, {r11}\n\t"
+        "stm	lr!, {r10}\n\t"
+        "stm	lr!, {r3, r4, r8, r9}\n\t"
+        "stm	lr!, {r7}\n\t"
+        "sub	lr, lr, #0x40\n\t"
+        "ldm	sp, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+        "stm	lr, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+        "add	sp, sp, #32\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif
 /* Sub b from a into r. (r = a - b)
  *
  * r  A single precision integer.
@@ -4945,9 +5052,9 @@ static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -4967,7 +5074,7 @@ static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -5016,9 +5123,9 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -5052,7 +5159,7 @@ static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -5101,9 +5208,9 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -5165,7 +5272,7 @@ static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -5216,9 +5323,9 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -5240,7 +5347,7 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -5254,16 +5361,15 @@ static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x100\n\t"
         "\n"
     "L_sp_2048_sub_in_pkace_64_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -5271,13 +5377,13 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_2048_sub_in_pkace_64_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -5292,16 +5398,19 @@ static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x200\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_2048_mul_64_outer_%=: \n\t"
         "subs	r3, r5, #0xfc\n\t"
@@ -5312,7 +5421,44 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
     "L_sp_2048_mul_64_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5349,10 +5495,46 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x100\n\t"
-        "beq	L_sp_2048_mul_64_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_2048_mul_64_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_2048_mul_64_inner_done_%=\n\t"
+        "blt	L_sp_2048_mul_64_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_2048_mul_64_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -5360,18 +5542,50 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x1f8\n\t"
+        "cmp	r5, #0x1f4\n\t"
         "ble	L_sp_2048_mul_64_outer_%=\n\t"
+        "ldr	lr, [%[a], #252]\n\t"
+        "ldr	r11, [%[b], #252]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_2048_mul_64_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_2048_mul_64_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -5382,29 +5596,28 @@ static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x200\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_2048_sqr_64_outer_%=: \n\t"
         "subs	r3, r5, #0xfc\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_2048_sqr_64_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_2048_sqr_64_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5453,11 +5666,13 @@ static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_2048_sqr_64_op_done_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_64_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_2048_sqr_64_inner_done_%=\n\t"
+        "blt	L_sp_2048_sqr_64_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5484,34 +5699,50 @@ static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_2048_sqr_64_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x100\n\t"
-        "beq	L_sp_2048_sqr_64_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_sqr_64_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_2048_sqr_64_inner_%=\n\t"
-        "\n"
     "L_sp_2048_sqr_64_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x1f8\n\t"
+        "cmp	r5, #0x1f4\n\t"
         "ble	L_sp_2048_sqr_64_outer_%=\n\t"
+        "ldr	lr, [%[a], #252]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_2048_sqr_64_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_2048_sqr_64_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -5543,9 +5774,9 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -5567,7 +5798,7 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -5581,16 +5812,15 @@ static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x80\n\t"
         "\n"
     "L_sp_2048_sub_in_pkace_32_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -5598,13 +5828,13 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_2048_sub_in_pkace_32_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -5619,16 +5849,19 @@ static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x100\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_2048_mul_32_outer_%=: \n\t"
         "subs	r3, r5, #0x7c\n\t"
@@ -5639,7 +5872,44 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
     "L_sp_2048_mul_32_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5676,10 +5946,46 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x80\n\t"
-        "beq	L_sp_2048_mul_32_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_2048_mul_32_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_2048_mul_32_inner_done_%=\n\t"
+        "blt	L_sp_2048_mul_32_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_2048_mul_32_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -5687,18 +5993,50 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf8\n\t"
+        "cmp	r5, #0xf4\n\t"
         "ble	L_sp_2048_mul_32_outer_%=\n\t"
+        "ldr	lr, [%[a], #124]\n\t"
+        "ldr	r11, [%[b], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_2048_mul_32_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_2048_mul_32_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -5709,29 +6047,28 @@ static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x100\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_2048_sqr_32_outer_%=: \n\t"
         "subs	r3, r5, #0x7c\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_2048_sqr_32_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_2048_sqr_32_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5780,11 +6117,13 @@ static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_2048_sqr_32_op_done_%=\n\t"
-        "\n"
-    "L_sp_2048_sqr_32_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_2048_sqr_32_inner_done_%=\n\t"
+        "blt	L_sp_2048_sqr_32_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -5811,41 +6150,57 @@ static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_2048_sqr_32_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x80\n\t"
-        "beq	L_sp_2048_sqr_32_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_2048_sqr_32_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_2048_sqr_32_inner_%=\n\t"
-        "\n"
     "L_sp_2048_sqr_32_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf8\n\t"
+        "cmp	r5, #0xf4\n\t"
         "ble	L_sp_2048_sqr_32_outer_%=\n\t"
+        "ldr	lr, [%[a], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_2048_sqr_32_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_2048_sqr_32_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -5874,15 +6229,14 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
  */
 static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -5915,7 +6269,7 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_2048_mul_d_64_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -5960,7 +6314,7 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #256]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -5973,15 +6327,14 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -6006,2491 +6359,1995 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[32] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[33] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[34] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[35] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[36] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[37] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[38] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[39] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[40] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[41] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[42] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[43] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[44] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[45] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[46] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[47] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[48] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[49] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[50] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[51] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[52] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[53] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[54] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[55] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[56] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[57] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[58] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[59] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[60] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[61] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[62] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[63] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -8516,15 +8373,13 @@ static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
         "str	r4, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -8555,10 +8410,10 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
  */
 static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -8579,7 +8434,7 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -8595,10 +8450,10 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -8717,12 +8572,13 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -8731,12 +8587,12 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -8749,10 +8605,9 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -8776,14 +8631,8 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -8807,18 +8656,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -8842,17 +8685,11 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -8876,18 +8713,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -8911,18 +8742,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -8946,18 +8771,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -8981,18 +8800,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9016,18 +8829,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9051,18 +8858,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9086,18 +8887,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9121,18 +8916,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9156,18 +8945,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9191,18 +8974,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9226,18 +9003,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9261,18 +9032,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9296,18 +9061,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9331,18 +9090,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9366,18 +9119,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9401,18 +9148,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9436,18 +9177,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9471,18 +9206,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9506,18 +9235,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9541,18 +9264,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9576,18 +9293,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9611,18 +9322,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9646,18 +9351,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9681,18 +9380,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9716,18 +9409,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9751,18 +9438,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -9786,18 +9467,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -9821,22 +9496,16 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #124]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #124]\n\t"
+#else
+        "ldr	r7, [%[m], #124]\n\t"
 #endif
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -9867,13 +9536,301 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x80\n\t"
+        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
@@ -9885,16 +9842,223 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x80\n\t"
         "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #128]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #128]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x80\n\t"
+        "blt	L_sp_2048_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -9902,7 +10066,7 @@ static SP_NOINLINE void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9916,7 +10080,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -9934,15 +10098,14 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
  */
 static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -9975,7 +10138,7 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_2048_mul_d_32_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -10020,7 +10183,7 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #128]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -10033,15 +10196,14 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -10066,1211 +10228,971 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -11296,15 +11218,13 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
         "str	r5, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -11321,9 +11241,9 @@ static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -11363,7 +11283,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -11380,9 +11300,9 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -11412,7 +11332,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_2048_word_32_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -11440,7 +11360,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -11468,7 +11388,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -11501,7 +11421,7 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -11516,8 +11436,8 @@ static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -11900,7 +11820,7 @@ static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -11914,8 +11834,8 @@ static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -11955,7 +11875,8 @@ static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_dig
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_32(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_2048_div_32(a, m, NULL, r);
 }
@@ -12312,10 +12233,10 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
  */
 static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -12336,7 +12257,7 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -12352,10 +12273,10 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -12586,12 +12507,13 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -12600,12 +12522,12 @@ static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -12618,10 +12540,9 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -12645,14 +12566,8 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -12676,18 +12591,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -12711,17 +12620,11 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -12745,18 +12648,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -12780,18 +12677,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -12815,18 +12706,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -12850,18 +12735,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -12885,18 +12764,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -12920,18 +12793,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -12955,18 +12822,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -12990,18 +12851,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13025,18 +12880,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13060,18 +12909,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13095,18 +12938,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13130,18 +12967,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13165,18 +12996,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13200,18 +13025,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13235,18 +13054,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13270,18 +13083,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13305,18 +13112,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13340,18 +13141,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13375,18 +13170,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13410,18 +13199,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13445,18 +13228,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13480,18 +13257,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13515,18 +13286,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13550,18 +13315,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13585,18 +13344,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13620,18 +13373,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13655,18 +13402,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13690,18 +13431,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
         "ldr	r7, [%[m], #124]\n\t"
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13725,18 +13460,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+32] += m[32] * mu */
         "ldr	r7, [%[m], #128]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13760,18 +13489,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #128]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+33] += m[33] * mu */
         "ldr	r7, [%[m], #132]\n\t"
         "ldr	r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13795,18 +13518,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #132]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+34] += m[34] * mu */
         "ldr	r7, [%[m], #136]\n\t"
         "ldr	r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13830,18 +13547,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #136]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+35] += m[35] * mu */
         "ldr	r7, [%[m], #140]\n\t"
         "ldr	r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13865,18 +13576,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #140]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+36] += m[36] * mu */
         "ldr	r7, [%[m], #144]\n\t"
         "ldr	r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13900,18 +13605,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #144]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+37] += m[37] * mu */
         "ldr	r7, [%[m], #148]\n\t"
         "ldr	r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -13935,18 +13634,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #148]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+38] += m[38] * mu */
         "ldr	r7, [%[m], #152]\n\t"
         "ldr	r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -13970,18 +13663,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #152]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+39] += m[39] * mu */
         "ldr	r7, [%[m], #156]\n\t"
         "ldr	r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14005,18 +13692,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #156]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+40] += m[40] * mu */
         "ldr	r7, [%[m], #160]\n\t"
         "ldr	r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14040,18 +13721,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #160]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+41] += m[41] * mu */
         "ldr	r7, [%[m], #164]\n\t"
         "ldr	r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14075,18 +13750,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #164]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+42] += m[42] * mu */
         "ldr	r7, [%[m], #168]\n\t"
         "ldr	r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14110,18 +13779,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #168]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+43] += m[43] * mu */
         "ldr	r7, [%[m], #172]\n\t"
         "ldr	r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14145,18 +13808,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #172]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+44] += m[44] * mu */
         "ldr	r7, [%[m], #176]\n\t"
         "ldr	r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14180,18 +13837,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #176]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+45] += m[45] * mu */
         "ldr	r7, [%[m], #180]\n\t"
         "ldr	r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14215,18 +13866,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #180]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+46] += m[46] * mu */
         "ldr	r7, [%[m], #184]\n\t"
         "ldr	r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14250,18 +13895,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #184]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+47] += m[47] * mu */
         "ldr	r7, [%[m], #188]\n\t"
         "ldr	r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14285,18 +13924,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #188]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+48] += m[48] * mu */
         "ldr	r7, [%[m], #192]\n\t"
         "ldr	r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14320,18 +13953,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #192]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+49] += m[49] * mu */
         "ldr	r7, [%[m], #196]\n\t"
         "ldr	r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14355,18 +13982,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #196]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+50] += m[50] * mu */
         "ldr	r7, [%[m], #200]\n\t"
         "ldr	r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14390,18 +14011,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #200]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+51] += m[51] * mu */
         "ldr	r7, [%[m], #204]\n\t"
         "ldr	r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14425,18 +14040,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #204]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+52] += m[52] * mu */
         "ldr	r7, [%[m], #208]\n\t"
         "ldr	r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14460,18 +14069,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #208]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+53] += m[53] * mu */
         "ldr	r7, [%[m], #212]\n\t"
         "ldr	r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14495,18 +14098,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #212]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+54] += m[54] * mu */
         "ldr	r7, [%[m], #216]\n\t"
         "ldr	r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14530,18 +14127,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #216]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+55] += m[55] * mu */
         "ldr	r7, [%[m], #220]\n\t"
         "ldr	r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14565,18 +14156,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #220]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+56] += m[56] * mu */
         "ldr	r7, [%[m], #224]\n\t"
         "ldr	r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14600,18 +14185,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #224]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+57] += m[57] * mu */
         "ldr	r7, [%[m], #228]\n\t"
         "ldr	r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14635,18 +14214,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #228]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+58] += m[58] * mu */
         "ldr	r7, [%[m], #232]\n\t"
         "ldr	r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14670,18 +14243,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #232]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+59] += m[59] * mu */
         "ldr	r7, [%[m], #236]\n\t"
         "ldr	r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14705,18 +14272,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #236]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+60] += m[60] * mu */
         "ldr	r7, [%[m], #240]\n\t"
         "ldr	r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14740,18 +14301,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #240]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+61] += m[61] * mu */
         "ldr	r7, [%[m], #244]\n\t"
         "ldr	r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -14775,18 +14330,12 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #244]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+62] += m[62] * mu */
         "ldr	r7, [%[m], #248]\n\t"
         "ldr	r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -14810,22 +14359,16 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #248]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+63] += m[63] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #252]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #252]\n\t"
+#else
+        "ldr	r7, [%[m], #252]\n\t"
 #endif
         "ldr	r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -14856,13 +14399,557 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #252]\n\t"
+        "ldr	r10, [%[a], #256]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #256]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x100\n\t"
+        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r7, [%[m], #128]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r7, [%[m], #132]\n\t"
+        "ldr	r10, [%[a], #132]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #132]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r7, [%[m], #136]\n\t"
+        "ldr	r10, [%[a], #136]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #136]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r7, [%[m], #140]\n\t"
+        "ldr	r10, [%[a], #140]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #140]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r7, [%[m], #144]\n\t"
+        "ldr	r10, [%[a], #144]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #144]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r7, [%[m], #148]\n\t"
+        "ldr	r10, [%[a], #148]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #148]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r7, [%[m], #152]\n\t"
+        "ldr	r10, [%[a], #152]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #152]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r7, [%[m], #156]\n\t"
+        "ldr	r10, [%[a], #156]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #156]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r7, [%[m], #160]\n\t"
+        "ldr	r10, [%[a], #160]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #160]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r7, [%[m], #164]\n\t"
+        "ldr	r10, [%[a], #164]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #164]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r7, [%[m], #168]\n\t"
+        "ldr	r10, [%[a], #168]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #168]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r7, [%[m], #172]\n\t"
+        "ldr	r10, [%[a], #172]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #172]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r7, [%[m], #176]\n\t"
+        "ldr	r10, [%[a], #176]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #176]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r7, [%[m], #180]\n\t"
+        "ldr	r10, [%[a], #180]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #180]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r7, [%[m], #184]\n\t"
+        "ldr	r10, [%[a], #184]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #184]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r7, [%[m], #188]\n\t"
+        "ldr	r10, [%[a], #188]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #188]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r7, [%[m], #192]\n\t"
+        "ldr	r10, [%[a], #192]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #192]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r7, [%[m], #196]\n\t"
+        "ldr	r10, [%[a], #196]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #196]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r7, [%[m], #200]\n\t"
+        "ldr	r10, [%[a], #200]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #200]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r7, [%[m], #204]\n\t"
+        "ldr	r10, [%[a], #204]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #204]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r7, [%[m], #208]\n\t"
+        "ldr	r10, [%[a], #208]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #208]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r7, [%[m], #212]\n\t"
+        "ldr	r10, [%[a], #212]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #212]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r7, [%[m], #216]\n\t"
+        "ldr	r10, [%[a], #216]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #216]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r7, [%[m], #220]\n\t"
+        "ldr	r10, [%[a], #220]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #220]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r7, [%[m], #224]\n\t"
+        "ldr	r10, [%[a], #224]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #224]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r7, [%[m], #228]\n\t"
+        "ldr	r10, [%[a], #228]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #228]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r7, [%[m], #232]\n\t"
+        "ldr	r10, [%[a], #232]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #232]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r7, [%[m], #236]\n\t"
+        "ldr	r10, [%[a], #236]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #236]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r7, [%[m], #240]\n\t"
+        "ldr	r10, [%[a], #240]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #240]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r7, [%[m], #244]\n\t"
+        "ldr	r10, [%[a], #244]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #244]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r7, [%[m], #248]\n\t"
+        "ldr	r10, [%[a], #248]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #248]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r7, [%[m], #252]\n\t"
+        "ldr	r10, [%[a], #252]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #252]\n\t"
         "ldr	r10, [%[a], #256]\n\t"
@@ -14874,16 +14961,383 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x100\n\t"
         "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
 }
 
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r10, [%[m], #128]\n\t"
+        "ldr	r9, [%[a], #128]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r10, [%[m], #132]\n\t"
+        "ldr	r9, [%[a], #132]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r10, [%[m], #136]\n\t"
+        "ldr	r9, [%[a], #136]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r10, [%[m], #140]\n\t"
+        "ldr	r9, [%[a], #140]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r10, [%[m], #144]\n\t"
+        "ldr	r9, [%[a], #144]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r10, [%[m], #148]\n\t"
+        "ldr	r9, [%[a], #148]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r10, [%[m], #152]\n\t"
+        "ldr	r9, [%[a], #152]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r10, [%[m], #156]\n\t"
+        "ldr	r9, [%[a], #156]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r10, [%[m], #160]\n\t"
+        "ldr	r9, [%[a], #160]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r10, [%[m], #164]\n\t"
+        "ldr	r9, [%[a], #164]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r10, [%[m], #168]\n\t"
+        "ldr	r9, [%[a], #168]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r10, [%[m], #172]\n\t"
+        "ldr	r9, [%[a], #172]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r10, [%[m], #176]\n\t"
+        "ldr	r9, [%[a], #176]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r10, [%[m], #180]\n\t"
+        "ldr	r9, [%[a], #180]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r10, [%[m], #184]\n\t"
+        "ldr	r9, [%[a], #184]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r10, [%[m], #188]\n\t"
+        "ldr	r9, [%[a], #188]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r10, [%[m], #192]\n\t"
+        "ldr	r9, [%[a], #192]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r10, [%[m], #196]\n\t"
+        "ldr	r9, [%[a], #196]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r10, [%[m], #200]\n\t"
+        "ldr	r9, [%[a], #200]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r10, [%[m], #204]\n\t"
+        "ldr	r9, [%[a], #204]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r10, [%[m], #208]\n\t"
+        "ldr	r9, [%[a], #208]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r10, [%[m], #212]\n\t"
+        "ldr	r9, [%[a], #212]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r10, [%[m], #216]\n\t"
+        "ldr	r9, [%[a], #216]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r10, [%[m], #220]\n\t"
+        "ldr	r9, [%[a], #220]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r10, [%[m], #224]\n\t"
+        "ldr	r9, [%[a], #224]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r10, [%[m], #228]\n\t"
+        "ldr	r9, [%[a], #228]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r10, [%[m], #232]\n\t"
+        "ldr	r9, [%[a], #232]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r10, [%[m], #236]\n\t"
+        "ldr	r9, [%[a], #236]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r10, [%[m], #240]\n\t"
+        "ldr	r9, [%[a], #240]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r10, [%[m], #244]\n\t"
+        "ldr	r9, [%[a], #244]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #244]\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r10, [%[m], #248]\n\t"
+        "ldr	r9, [%[a], #248]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #248]\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r10, [%[m], #252]\n\t"
+        "ldr	r9, [%[a], #252]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #256]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #252]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #256]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x100\n\t"
+        "blt	L_sp_2048_mont_reduce_64_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -14891,7 +15345,7 @@ static SP_NOINLINE void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14905,7 +15359,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -14923,9 +15377,9 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -14946,7 +15400,7 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -14960,9 +15414,9 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -15080,7 +15534,7 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -15098,9 +15552,9 @@ static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -15140,7 +15594,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -15157,9 +15611,9 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -15189,7 +15643,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_2048_word_64_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -15217,7 +15671,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -15245,7 +15699,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -15278,7 +15732,7 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -15293,8 +15747,8 @@ static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -15350,7 +15804,8 @@ static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, s
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_2048_div_64_cond(a, m, NULL, r);
 }
@@ -15396,8 +15851,8 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -16132,7 +16587,7 @@ static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -16146,8 +16601,8 @@ static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -16187,7 +16642,8 @@ static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_dig
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_2048_div_64(a, m, NULL, r);
 }
@@ -16667,10 +17123,10 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
  */
 static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -16691,7 +17147,7 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -16707,10 +17163,10 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r8, #0\n\t"
@@ -16829,7 +17285,7 @@ static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "adc	%[r], r8, r8\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -17151,9 +17607,9 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef HAVE_FFDHE_2048
 static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #31\n\t"
@@ -17543,7 +17999,7 @@ static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "str	r6, [%[r], #4]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
@@ -17845,14 +18301,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -17965,17 +18421,16 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a)
  */
 static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #48\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18005,7 +18460,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18044,7 +18499,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18082,7 +18537,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18122,7 +18577,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18160,7 +18615,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18198,7 +18653,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18237,7 +18692,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18274,7 +18729,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18312,7 +18767,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18350,7 +18805,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18389,7 +18844,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18427,7 +18882,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18465,7 +18920,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18503,7 +18958,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18541,7 +18996,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18581,7 +19036,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18618,7 +19073,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18655,7 +19110,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18693,7 +19148,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18731,7 +19186,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18769,7 +19224,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18809,7 +19264,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18846,7 +19301,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18884,7 +19339,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18922,7 +19377,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18960,7 +19415,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -18998,7 +19453,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19036,7 +19491,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19076,7 +19531,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19114,7 +19569,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19151,7 +19606,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19188,7 +19643,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19226,7 +19681,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19264,7 +19719,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19302,7 +19757,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19340,7 +19795,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #28]\n\t"
         /* A[8] * B[0] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19380,7 +19835,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[1] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19418,7 +19873,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19455,7 +19910,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19493,7 +19948,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19531,7 +19986,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19569,7 +20024,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19607,7 +20062,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19645,7 +20100,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[8] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19683,7 +20138,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #32]\n\t"
         /* A[0] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19723,7 +20178,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[8] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19761,7 +20216,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19799,7 +20254,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19836,7 +20291,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19873,7 +20328,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19911,7 +20366,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19949,7 +20404,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -19987,7 +20442,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[1] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20025,7 +20480,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[0] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20063,7 +20518,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #36]\n\t"
         /* A[10] * B[0] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20103,7 +20558,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[1] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20141,7 +20596,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[2] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20179,7 +20634,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[3] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20216,7 +20671,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20254,7 +20709,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20292,7 +20747,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20330,7 +20785,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20368,7 +20823,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[8] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20406,7 +20861,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[9] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20444,7 +20899,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[10] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20482,7 +20937,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #40]\n\t"
         /* A[0] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20522,7 +20977,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[10] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20560,7 +21015,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[9] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20598,7 +21053,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[8] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20636,7 +21091,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20673,7 +21128,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20710,7 +21165,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20748,7 +21203,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20786,7 +21241,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[3] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20824,7 +21279,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[2] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20862,7 +21317,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[1] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20900,7 +21355,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[0] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20938,7 +21393,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #44]\n\t"
         /* A[11] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -20978,7 +21433,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[2] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21016,7 +21471,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[3] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21054,7 +21509,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[4] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21091,7 +21546,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[5] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21129,7 +21584,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21167,7 +21622,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21205,7 +21660,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[8] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21243,7 +21698,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[9] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21281,7 +21736,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[10] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21319,7 +21774,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[11] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21357,7 +21812,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #48]\n\t"
         /* A[2] * B[11] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21397,7 +21852,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[10] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21435,7 +21890,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[9] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21473,7 +21928,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[8] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21510,7 +21965,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21547,7 +22002,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21585,7 +22040,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[5] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21623,7 +22078,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[4] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21661,7 +22116,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[3] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21699,7 +22154,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[2] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21737,7 +22192,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #52]\n\t"
         /* A[11] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21777,7 +22232,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[4] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21815,7 +22270,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[5] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21852,7 +22307,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[6] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21890,7 +22345,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[7] */
         "ldr	r11, [%[a], #28]\n\t"
         "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21928,7 +22383,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[8] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -21966,7 +22421,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[9] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22004,7 +22459,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[10] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22042,7 +22497,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[11] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22080,7 +22535,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #56]\n\t"
         /* A[4] * B[11] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22120,7 +22575,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[10] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22158,7 +22613,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[9] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22195,7 +22650,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[8] */
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22232,7 +22687,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[7] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22270,7 +22725,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[6] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22308,7 +22763,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[5] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22346,7 +22801,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[4] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22384,7 +22839,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #60]\n\t"
         /* A[11] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22424,7 +22879,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[6] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22461,7 +22916,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[7] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22499,7 +22954,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[8] */
         "ldr	r11, [%[a], #32]\n\t"
         "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22537,7 +22992,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[9] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22575,7 +23030,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[10] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22613,7 +23068,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[11] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22651,7 +23106,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #64]\n\t"
         /* A[6] * B[11] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22691,7 +23146,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[10] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22728,7 +23183,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22765,7 +23220,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[8] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22803,7 +23258,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[7] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22841,7 +23296,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[6] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22879,7 +23334,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #68]\n\t"
         /* A[11] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22918,7 +23373,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[10] * B[8] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22956,7 +23411,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[9] */
         "ldr	r11, [%[a], #36]\n\t"
         "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -22994,7 +23449,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[10] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23032,7 +23487,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[11] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23070,7 +23525,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #72]\n\t"
         /* A[8] * B[11] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23109,7 +23564,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[10] */
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23146,7 +23601,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[10] * B[9] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23184,7 +23639,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[8] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23221,7 +23676,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r4, [%[r], #76]\n\t"
         /* A[11] * B[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23261,7 +23716,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[10] */
         "ldr	r11, [%[a], #40]\n\t"
         "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23299,7 +23754,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[11] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23336,7 +23791,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r5, [%[r], #80]\n\t"
         /* A[10] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23375,7 +23830,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[11] * B[10] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23412,7 +23867,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r3, [%[r], #84]\n\t"
         /* A[11] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -23438,9 +23893,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, r8, r9\n\t"
 #endif
         "str	r4, [%[r], #88]\n\t"
         "str	r5, [%[r], #92]\n\t"
@@ -23452,7 +23905,7 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
@@ -23464,12 +23917,11 @@ static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -23491,10 +23943,11 @@ static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -23506,8 +23959,8 @@ static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -23555,7 +24008,7 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -23568,12 +24021,11 @@ static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -23616,10 +24068,11 @@ static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -23700,8 +24153,8 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -23791,7 +24244,7 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -23804,12 +24257,11 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -23894,10 +24346,11 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -23978,8 +24431,8 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -24153,7 +24606,7 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -24166,12 +24619,11 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -24340,10 +24792,11 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -24424,14 +24877,14 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
  */
 static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #48\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -24450,7 +24903,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24506,7 +24959,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24560,7 +25013,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24590,7 +25043,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24645,7 +25098,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24698,7 +25151,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24753,7 +25206,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24804,7 +25257,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24834,7 +25287,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24864,7 +25317,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24902,7 +25355,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24947,7 +25400,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -24977,7 +25430,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25015,7 +25468,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25052,7 +25505,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25091,7 +25544,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25121,7 +25574,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25159,7 +25612,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25197,7 +25650,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25242,7 +25695,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25272,7 +25725,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25310,7 +25763,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25348,7 +25801,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25385,7 +25838,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25424,7 +25877,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25454,7 +25907,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25492,7 +25945,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25530,7 +25983,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25568,7 +26021,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25613,7 +26066,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25643,7 +26096,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25681,7 +26134,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25719,7 +26172,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25757,7 +26210,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25794,7 +26247,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25833,7 +26286,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25863,7 +26316,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25901,7 +26354,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25939,7 +26392,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -25977,7 +26430,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26015,7 +26468,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26060,7 +26513,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26090,7 +26543,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26128,7 +26581,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26166,7 +26619,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26204,7 +26657,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26241,7 +26694,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26280,7 +26733,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26310,7 +26763,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26348,7 +26801,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26386,7 +26839,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26424,7 +26877,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26469,7 +26922,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26499,7 +26952,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26537,7 +26990,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26575,7 +27028,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26612,7 +27065,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26651,7 +27104,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26681,7 +27134,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26719,7 +27172,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26757,7 +27210,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26802,7 +27255,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26832,7 +27285,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26870,7 +27323,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26907,7 +27360,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[8] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26946,7 +27399,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -26976,7 +27429,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27014,7 +27467,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27059,7 +27512,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27114,7 +27567,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27165,7 +27618,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[9] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27195,7 +27648,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27250,7 +27703,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27303,7 +27756,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27357,7 +27810,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[10] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27387,7 +27840,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27442,7 +27895,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "str	r2, [%[r], #84]\n\t"
         /* A[11] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -27475,7 +27928,7 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2, r3, r4, r8}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -27487,9 +27940,9 @@ static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -27516,7 +27969,7 @@ static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -27565,9 +28018,9 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -27615,7 +28068,7 @@ static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -27664,9 +28117,9 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -27756,7 +28209,7 @@ static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -27807,9 +28260,9 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -27831,7 +28284,7 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -27845,16 +28298,15 @@ static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x180\n\t"
         "\n"
     "L_sp_3072_sub_in_pkace_96_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -27862,13 +28314,13 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_3072_sub_in_pkace_96_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -27883,16 +28335,19 @@ static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x300\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_3072_mul_96_outer_%=: \n\t"
         "subs	r3, r5, #0x17c\n\t"
@@ -27903,7 +28358,44 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
     "L_sp_3072_mul_96_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -27940,10 +28432,46 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x180\n\t"
-        "beq	L_sp_3072_mul_96_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_3072_mul_96_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_3072_mul_96_inner_done_%=\n\t"
+        "blt	L_sp_3072_mul_96_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_3072_mul_96_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -27951,18 +28479,50 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x2f8\n\t"
+        "cmp	r5, #0x2f4\n\t"
         "ble	L_sp_3072_mul_96_outer_%=\n\t"
+        "ldr	lr, [%[a], #380]\n\t"
+        "ldr	r11, [%[b], #380]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_3072_mul_96_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_3072_mul_96_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -27973,29 +28533,28 @@ static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x300\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_3072_sqr_96_outer_%=: \n\t"
         "subs	r3, r5, #0x17c\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_3072_sqr_96_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_3072_sqr_96_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -28044,11 +28603,13 @@ static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_3072_sqr_96_op_done_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_96_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_3072_sqr_96_inner_done_%=\n\t"
+        "blt	L_sp_3072_sqr_96_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -28075,34 +28636,50 @@ static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_3072_sqr_96_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x180\n\t"
-        "beq	L_sp_3072_sqr_96_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_sqr_96_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_3072_sqr_96_inner_%=\n\t"
-        "\n"
     "L_sp_3072_sqr_96_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x2f8\n\t"
+        "cmp	r5, #0x2f4\n\t"
         "ble	L_sp_3072_sqr_96_outer_%=\n\t"
+        "ldr	lr, [%[a], #380]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_3072_sqr_96_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_3072_sqr_96_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -28134,9 +28711,9 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -28158,7 +28735,7 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -28172,16 +28749,15 @@ static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0xc0\n\t"
         "\n"
     "L_sp_3072_sub_in_pkace_48_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -28189,13 +28765,13 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_3072_sub_in_pkace_48_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -28210,16 +28786,19 @@ static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x180\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_3072_mul_48_outer_%=: \n\t"
         "subs	r3, r5, #0xbc\n\t"
@@ -28230,7 +28809,44 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
     "L_sp_3072_mul_48_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -28267,10 +28883,46 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0xc0\n\t"
-        "beq	L_sp_3072_mul_48_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_3072_mul_48_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_3072_mul_48_inner_done_%=\n\t"
+        "blt	L_sp_3072_mul_48_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_3072_mul_48_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -28278,18 +28930,50 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x178\n\t"
+        "cmp	r5, #0x174\n\t"
         "ble	L_sp_3072_mul_48_outer_%=\n\t"
+        "ldr	lr, [%[a], #188]\n\t"
+        "ldr	r11, [%[b], #188]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_3072_mul_48_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_3072_mul_48_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -28300,29 +28984,28 @@ static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x180\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_3072_sqr_48_outer_%=: \n\t"
         "subs	r3, r5, #0xbc\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_3072_sqr_48_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_3072_sqr_48_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -28371,11 +29054,13 @@ static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_3072_sqr_48_op_done_%=\n\t"
-        "\n"
-    "L_sp_3072_sqr_48_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_3072_sqr_48_inner_done_%=\n\t"
+        "blt	L_sp_3072_sqr_48_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -28402,41 +29087,57 @@ static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_3072_sqr_48_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0xc0\n\t"
-        "beq	L_sp_3072_sqr_48_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_3072_sqr_48_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_3072_sqr_48_inner_%=\n\t"
-        "\n"
     "L_sp_3072_sqr_48_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x178\n\t"
+        "cmp	r5, #0x174\n\t"
         "ble	L_sp_3072_sqr_48_outer_%=\n\t"
+        "ldr	lr, [%[a], #188]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_3072_sqr_48_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_3072_sqr_48_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -28465,15 +29166,14 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
  */
 static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -28506,7 +29206,7 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_3072_mul_d_96_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -28551,7 +29251,7 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #384]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -28564,15 +29264,14 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -28597,3771 +29296,3019 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[32] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[33] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[34] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[35] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[36] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[37] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[38] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[39] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[40] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[41] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[42] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[43] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[44] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[45] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[46] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[47] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[48] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[49] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[50] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[51] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[52] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[53] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[54] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[55] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[56] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[57] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[58] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[59] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[60] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[61] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[62] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[63] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[64] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[65] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[66] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[67] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[68] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[69] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[70] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[71] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[72] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[73] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[74] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[75] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[76] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[77] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[78] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[79] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[80] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[81] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[82] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[83] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[84] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[85] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[86] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[87] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[88] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[89] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[90] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[91] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[92] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[93] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[94] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[95] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -32387,15 +32334,13 @@ static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
         "str	r3, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -32426,10 +32371,10 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
  */
 static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -32450,7 +32395,7 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -32466,10 +32411,10 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -32644,12 +32589,13 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -32658,12 +32604,12 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -32676,10 +32622,9 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -32703,14 +32648,8 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -32734,18 +32673,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -32769,17 +32702,11 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -32803,18 +32730,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -32838,18 +32759,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -32873,18 +32788,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -32908,18 +32817,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -32943,18 +32846,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -32978,18 +32875,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33013,18 +32904,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33048,18 +32933,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33083,18 +32962,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33118,18 +32991,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33153,18 +33020,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33188,18 +33049,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33223,18 +33078,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33258,18 +33107,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33293,18 +33136,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33328,18 +33165,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33363,18 +33194,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33398,18 +33223,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33433,18 +33252,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33468,18 +33281,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33503,18 +33310,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33538,18 +33339,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33573,18 +33368,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33608,18 +33397,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33643,18 +33426,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33678,18 +33455,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33713,18 +33484,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33748,18 +33513,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
         "ldr	r7, [%[m], #124]\n\t"
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33783,18 +33542,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+32] += m[32] * mu */
         "ldr	r7, [%[m], #128]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33818,18 +33571,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #128]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+33] += m[33] * mu */
         "ldr	r7, [%[m], #132]\n\t"
         "ldr	r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33853,18 +33600,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #132]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+34] += m[34] * mu */
         "ldr	r7, [%[m], #136]\n\t"
         "ldr	r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33888,18 +33629,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #136]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+35] += m[35] * mu */
         "ldr	r7, [%[m], #140]\n\t"
         "ldr	r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33923,18 +33658,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #140]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+36] += m[36] * mu */
         "ldr	r7, [%[m], #144]\n\t"
         "ldr	r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -33958,18 +33687,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #144]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+37] += m[37] * mu */
         "ldr	r7, [%[m], #148]\n\t"
         "ldr	r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -33993,18 +33716,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #148]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+38] += m[38] * mu */
         "ldr	r7, [%[m], #152]\n\t"
         "ldr	r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -34028,18 +33745,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #152]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+39] += m[39] * mu */
         "ldr	r7, [%[m], #156]\n\t"
         "ldr	r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -34063,18 +33774,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #156]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+40] += m[40] * mu */
         "ldr	r7, [%[m], #160]\n\t"
         "ldr	r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -34098,18 +33803,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #160]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+41] += m[41] * mu */
         "ldr	r7, [%[m], #164]\n\t"
         "ldr	r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -34133,18 +33832,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #164]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+42] += m[42] * mu */
         "ldr	r7, [%[m], #168]\n\t"
         "ldr	r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -34168,18 +33861,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #168]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+43] += m[43] * mu */
         "ldr	r7, [%[m], #172]\n\t"
         "ldr	r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -34203,18 +33890,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #172]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+44] += m[44] * mu */
         "ldr	r7, [%[m], #176]\n\t"
         "ldr	r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -34238,18 +33919,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #176]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+45] += m[45] * mu */
         "ldr	r7, [%[m], #180]\n\t"
         "ldr	r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -34273,18 +33948,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #180]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+46] += m[46] * mu */
         "ldr	r7, [%[m], #184]\n\t"
         "ldr	r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -34308,22 +33977,16 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #184]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+47] += m[47] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #188]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #188]\n\t"
+#else
+        "ldr	r7, [%[m], #188]\n\t"
 #endif
         "ldr	r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -34354,13 +34017,429 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #188]\n\t"
+        "ldr	r10, [%[a], #192]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #192]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0xc0\n\t"
+        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r7, [%[m], #128]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r7, [%[m], #132]\n\t"
+        "ldr	r10, [%[a], #132]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #132]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r7, [%[m], #136]\n\t"
+        "ldr	r10, [%[a], #136]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #136]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r7, [%[m], #140]\n\t"
+        "ldr	r10, [%[a], #140]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #140]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r7, [%[m], #144]\n\t"
+        "ldr	r10, [%[a], #144]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #144]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r7, [%[m], #148]\n\t"
+        "ldr	r10, [%[a], #148]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #148]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r7, [%[m], #152]\n\t"
+        "ldr	r10, [%[a], #152]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #152]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r7, [%[m], #156]\n\t"
+        "ldr	r10, [%[a], #156]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #156]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r7, [%[m], #160]\n\t"
+        "ldr	r10, [%[a], #160]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #160]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r7, [%[m], #164]\n\t"
+        "ldr	r10, [%[a], #164]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #164]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r7, [%[m], #168]\n\t"
+        "ldr	r10, [%[a], #168]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #168]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r7, [%[m], #172]\n\t"
+        "ldr	r10, [%[a], #172]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #172]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r7, [%[m], #176]\n\t"
+        "ldr	r10, [%[a], #176]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #176]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r7, [%[m], #180]\n\t"
+        "ldr	r10, [%[a], #180]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #180]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r7, [%[m], #184]\n\t"
+        "ldr	r10, [%[a], #184]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #184]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r7, [%[m], #188]\n\t"
+        "ldr	r10, [%[a], #188]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #188]\n\t"
         "ldr	r10, [%[a], #192]\n\t"
@@ -34372,16 +34451,303 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0xc0\n\t"
         "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r10, [%[m], #128]\n\t"
+        "ldr	r9, [%[a], #128]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r10, [%[m], #132]\n\t"
+        "ldr	r9, [%[a], #132]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r10, [%[m], #136]\n\t"
+        "ldr	r9, [%[a], #136]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r10, [%[m], #140]\n\t"
+        "ldr	r9, [%[a], #140]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r10, [%[m], #144]\n\t"
+        "ldr	r9, [%[a], #144]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r10, [%[m], #148]\n\t"
+        "ldr	r9, [%[a], #148]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r10, [%[m], #152]\n\t"
+        "ldr	r9, [%[a], #152]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r10, [%[m], #156]\n\t"
+        "ldr	r9, [%[a], #156]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r10, [%[m], #160]\n\t"
+        "ldr	r9, [%[a], #160]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r10, [%[m], #164]\n\t"
+        "ldr	r9, [%[a], #164]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r10, [%[m], #168]\n\t"
+        "ldr	r9, [%[a], #168]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r10, [%[m], #172]\n\t"
+        "ldr	r9, [%[a], #172]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r10, [%[m], #176]\n\t"
+        "ldr	r9, [%[a], #176]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r10, [%[m], #180]\n\t"
+        "ldr	r9, [%[a], #180]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r10, [%[m], #184]\n\t"
+        "ldr	r9, [%[a], #184]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r10, [%[m], #188]\n\t"
+        "ldr	r9, [%[a], #188]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #192]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #188]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #192]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0xc0\n\t"
+        "blt	L_sp_3072_mont_reduce_48_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -34389,7 +34755,7 @@ static SP_NOINLINE void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -34403,7 +34769,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -34421,15 +34787,14 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
  */
 static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -34462,7 +34827,7 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_3072_mul_d_48_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -34507,7 +34872,7 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #192]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -34520,15 +34885,14 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -34553,1851 +34917,1483 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[32] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[33] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[34] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[35] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[36] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[37] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[38] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[39] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[40] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[41] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[42] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[43] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[44] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[45] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[46] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[47] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -36423,15 +36419,13 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
         "str	r3, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -36448,9 +36442,9 @@ static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -36490,7 +36484,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -36507,9 +36501,9 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -36539,7 +36533,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_3072_word_48_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -36567,7 +36561,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -36595,7 +36589,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -36628,7 +36622,7 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -36643,8 +36637,8 @@ static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -37203,7 +37197,7 @@ static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -37217,8 +37211,8 @@ static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[96], t2[49];
     sp_digit div, r1;
@@ -37258,7 +37252,8 @@ static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_dig
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_48(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_3072_div_48(a, m, NULL, r);
 }
@@ -37615,10 +37610,10 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
  */
 static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -37639,7 +37634,7 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -37655,10 +37650,10 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -38001,12 +37996,13 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -38015,12 +38011,12 @@ static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -38033,10 +38029,9 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -38060,14 +38055,8 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -38091,18 +38080,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -38126,17 +38109,11 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38160,18 +38137,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38195,18 +38166,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38230,18 +38195,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38265,18 +38224,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38300,18 +38253,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38335,18 +38282,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38370,18 +38311,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38405,18 +38340,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38440,18 +38369,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38475,18 +38398,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38510,18 +38427,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38545,18 +38456,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38580,18 +38485,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38615,18 +38514,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38650,18 +38543,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38685,18 +38572,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38720,18 +38601,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38755,18 +38630,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38790,18 +38659,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38825,18 +38688,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38860,18 +38717,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38895,18 +38746,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -38930,18 +38775,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -38965,18 +38804,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39000,18 +38833,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39035,18 +38862,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39070,18 +38891,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39105,18 +38920,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
         "ldr	r7, [%[m], #124]\n\t"
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39140,18 +38949,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+32] += m[32] * mu */
         "ldr	r7, [%[m], #128]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39175,18 +38978,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #128]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+33] += m[33] * mu */
         "ldr	r7, [%[m], #132]\n\t"
         "ldr	r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39210,18 +39007,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #132]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+34] += m[34] * mu */
         "ldr	r7, [%[m], #136]\n\t"
         "ldr	r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39245,18 +39036,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #136]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+35] += m[35] * mu */
         "ldr	r7, [%[m], #140]\n\t"
         "ldr	r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39280,18 +39065,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #140]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+36] += m[36] * mu */
         "ldr	r7, [%[m], #144]\n\t"
         "ldr	r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39315,18 +39094,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #144]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+37] += m[37] * mu */
         "ldr	r7, [%[m], #148]\n\t"
         "ldr	r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39350,18 +39123,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #148]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+38] += m[38] * mu */
         "ldr	r7, [%[m], #152]\n\t"
         "ldr	r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39385,18 +39152,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #152]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+39] += m[39] * mu */
         "ldr	r7, [%[m], #156]\n\t"
         "ldr	r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39420,18 +39181,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #156]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+40] += m[40] * mu */
         "ldr	r7, [%[m], #160]\n\t"
         "ldr	r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39455,18 +39210,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #160]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+41] += m[41] * mu */
         "ldr	r7, [%[m], #164]\n\t"
         "ldr	r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39490,18 +39239,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #164]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+42] += m[42] * mu */
         "ldr	r7, [%[m], #168]\n\t"
         "ldr	r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39525,18 +39268,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #168]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+43] += m[43] * mu */
         "ldr	r7, [%[m], #172]\n\t"
         "ldr	r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39560,18 +39297,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #172]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+44] += m[44] * mu */
         "ldr	r7, [%[m], #176]\n\t"
         "ldr	r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39595,18 +39326,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #176]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+45] += m[45] * mu */
         "ldr	r7, [%[m], #180]\n\t"
         "ldr	r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39630,18 +39355,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #180]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+46] += m[46] * mu */
         "ldr	r7, [%[m], #184]\n\t"
         "ldr	r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39665,18 +39384,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #184]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+47] += m[47] * mu */
         "ldr	r7, [%[m], #188]\n\t"
         "ldr	r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39700,18 +39413,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #188]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+48] += m[48] * mu */
         "ldr	r7, [%[m], #192]\n\t"
         "ldr	r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39735,18 +39442,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #192]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+49] += m[49] * mu */
         "ldr	r7, [%[m], #196]\n\t"
         "ldr	r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39770,18 +39471,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #196]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+50] += m[50] * mu */
         "ldr	r7, [%[m], #200]\n\t"
         "ldr	r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39805,18 +39500,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #200]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+51] += m[51] * mu */
         "ldr	r7, [%[m], #204]\n\t"
         "ldr	r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39840,18 +39529,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #204]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+52] += m[52] * mu */
         "ldr	r7, [%[m], #208]\n\t"
         "ldr	r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39875,18 +39558,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #208]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+53] += m[53] * mu */
         "ldr	r7, [%[m], #212]\n\t"
         "ldr	r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39910,18 +39587,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #212]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+54] += m[54] * mu */
         "ldr	r7, [%[m], #216]\n\t"
         "ldr	r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -39945,18 +39616,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #216]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+55] += m[55] * mu */
         "ldr	r7, [%[m], #220]\n\t"
         "ldr	r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -39980,18 +39645,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #220]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+56] += m[56] * mu */
         "ldr	r7, [%[m], #224]\n\t"
         "ldr	r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40015,18 +39674,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #224]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+57] += m[57] * mu */
         "ldr	r7, [%[m], #228]\n\t"
         "ldr	r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40050,18 +39703,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #228]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+58] += m[58] * mu */
         "ldr	r7, [%[m], #232]\n\t"
         "ldr	r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40085,18 +39732,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #232]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+59] += m[59] * mu */
         "ldr	r7, [%[m], #236]\n\t"
         "ldr	r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40120,18 +39761,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #236]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+60] += m[60] * mu */
         "ldr	r7, [%[m], #240]\n\t"
         "ldr	r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40155,18 +39790,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #240]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+61] += m[61] * mu */
         "ldr	r7, [%[m], #244]\n\t"
         "ldr	r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40190,18 +39819,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #244]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+62] += m[62] * mu */
         "ldr	r7, [%[m], #248]\n\t"
         "ldr	r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40225,18 +39848,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #248]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+63] += m[63] * mu */
         "ldr	r7, [%[m], #252]\n\t"
         "ldr	r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40260,18 +39877,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #252]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+64] += m[64] * mu */
         "ldr	r7, [%[m], #256]\n\t"
         "ldr	r10, [%[a], #256]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40295,18 +39906,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #256]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+65] += m[65] * mu */
         "ldr	r7, [%[m], #260]\n\t"
         "ldr	r10, [%[a], #260]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40330,18 +39935,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #260]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+66] += m[66] * mu */
         "ldr	r7, [%[m], #264]\n\t"
         "ldr	r10, [%[a], #264]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40365,18 +39964,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #264]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+67] += m[67] * mu */
         "ldr	r7, [%[m], #268]\n\t"
         "ldr	r10, [%[a], #268]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40400,18 +39993,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #268]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+68] += m[68] * mu */
         "ldr	r7, [%[m], #272]\n\t"
         "ldr	r10, [%[a], #272]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40435,18 +40022,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #272]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+69] += m[69] * mu */
         "ldr	r7, [%[m], #276]\n\t"
         "ldr	r10, [%[a], #276]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40470,18 +40051,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #276]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+70] += m[70] * mu */
         "ldr	r7, [%[m], #280]\n\t"
         "ldr	r10, [%[a], #280]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40505,18 +40080,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #280]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+71] += m[71] * mu */
         "ldr	r7, [%[m], #284]\n\t"
         "ldr	r10, [%[a], #284]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40540,18 +40109,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #284]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+72] += m[72] * mu */
         "ldr	r7, [%[m], #288]\n\t"
         "ldr	r10, [%[a], #288]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40575,18 +40138,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #288]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+73] += m[73] * mu */
         "ldr	r7, [%[m], #292]\n\t"
         "ldr	r10, [%[a], #292]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40610,18 +40167,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #292]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+74] += m[74] * mu */
         "ldr	r7, [%[m], #296]\n\t"
         "ldr	r10, [%[a], #296]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40645,18 +40196,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #296]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+75] += m[75] * mu */
         "ldr	r7, [%[m], #300]\n\t"
         "ldr	r10, [%[a], #300]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40680,18 +40225,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #300]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+76] += m[76] * mu */
         "ldr	r7, [%[m], #304]\n\t"
         "ldr	r10, [%[a], #304]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40715,18 +40254,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #304]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+77] += m[77] * mu */
         "ldr	r7, [%[m], #308]\n\t"
         "ldr	r10, [%[a], #308]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40750,18 +40283,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #308]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+78] += m[78] * mu */
         "ldr	r7, [%[m], #312]\n\t"
         "ldr	r10, [%[a], #312]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40785,18 +40312,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #312]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+79] += m[79] * mu */
         "ldr	r7, [%[m], #316]\n\t"
         "ldr	r10, [%[a], #316]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40820,18 +40341,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #316]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+80] += m[80] * mu */
         "ldr	r7, [%[m], #320]\n\t"
         "ldr	r10, [%[a], #320]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40855,18 +40370,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #320]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+81] += m[81] * mu */
         "ldr	r7, [%[m], #324]\n\t"
         "ldr	r10, [%[a], #324]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40890,18 +40399,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #324]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+82] += m[82] * mu */
         "ldr	r7, [%[m], #328]\n\t"
         "ldr	r10, [%[a], #328]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40925,18 +40428,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #328]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+83] += m[83] * mu */
         "ldr	r7, [%[m], #332]\n\t"
         "ldr	r10, [%[a], #332]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -40960,18 +40457,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #332]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+84] += m[84] * mu */
         "ldr	r7, [%[m], #336]\n\t"
         "ldr	r10, [%[a], #336]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -40995,18 +40486,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #336]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+85] += m[85] * mu */
         "ldr	r7, [%[m], #340]\n\t"
         "ldr	r10, [%[a], #340]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -41030,18 +40515,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #340]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+86] += m[86] * mu */
         "ldr	r7, [%[m], #344]\n\t"
         "ldr	r10, [%[a], #344]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -41065,18 +40544,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #344]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+87] += m[87] * mu */
         "ldr	r7, [%[m], #348]\n\t"
         "ldr	r10, [%[a], #348]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -41100,18 +40573,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #348]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+88] += m[88] * mu */
         "ldr	r7, [%[m], #352]\n\t"
         "ldr	r10, [%[a], #352]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -41135,18 +40602,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #352]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+89] += m[89] * mu */
         "ldr	r7, [%[m], #356]\n\t"
         "ldr	r10, [%[a], #356]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -41170,18 +40631,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #356]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+90] += m[90] * mu */
         "ldr	r7, [%[m], #360]\n\t"
         "ldr	r10, [%[a], #360]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -41205,18 +40660,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #360]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+91] += m[91] * mu */
         "ldr	r7, [%[m], #364]\n\t"
         "ldr	r10, [%[a], #364]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -41240,18 +40689,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #364]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+92] += m[92] * mu */
         "ldr	r7, [%[m], #368]\n\t"
         "ldr	r10, [%[a], #368]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -41275,18 +40718,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #368]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+93] += m[93] * mu */
         "ldr	r7, [%[m], #372]\n\t"
         "ldr	r10, [%[a], #372]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -41310,18 +40747,12 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #372]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+94] += m[94] * mu */
         "ldr	r7, [%[m], #376]\n\t"
         "ldr	r10, [%[a], #376]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -41345,22 +40776,16 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #376]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+95] += m[95] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #380]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #380]\n\t"
+#else
+        "ldr	r7, [%[m], #380]\n\t"
 #endif
         "ldr	r10, [%[a], #380]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -41391,13 +40816,813 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #380]\n\t"
+        "ldr	r10, [%[a], #384]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #384]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x180\n\t"
+        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r7, [%[m], #128]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r7, [%[m], #132]\n\t"
+        "ldr	r10, [%[a], #132]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #132]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r7, [%[m], #136]\n\t"
+        "ldr	r10, [%[a], #136]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #136]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r7, [%[m], #140]\n\t"
+        "ldr	r10, [%[a], #140]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #140]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r7, [%[m], #144]\n\t"
+        "ldr	r10, [%[a], #144]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #144]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r7, [%[m], #148]\n\t"
+        "ldr	r10, [%[a], #148]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #148]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r7, [%[m], #152]\n\t"
+        "ldr	r10, [%[a], #152]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #152]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r7, [%[m], #156]\n\t"
+        "ldr	r10, [%[a], #156]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #156]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r7, [%[m], #160]\n\t"
+        "ldr	r10, [%[a], #160]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #160]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r7, [%[m], #164]\n\t"
+        "ldr	r10, [%[a], #164]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #164]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r7, [%[m], #168]\n\t"
+        "ldr	r10, [%[a], #168]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #168]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r7, [%[m], #172]\n\t"
+        "ldr	r10, [%[a], #172]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #172]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r7, [%[m], #176]\n\t"
+        "ldr	r10, [%[a], #176]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #176]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r7, [%[m], #180]\n\t"
+        "ldr	r10, [%[a], #180]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #180]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r7, [%[m], #184]\n\t"
+        "ldr	r10, [%[a], #184]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #184]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r7, [%[m], #188]\n\t"
+        "ldr	r10, [%[a], #188]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #188]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r7, [%[m], #192]\n\t"
+        "ldr	r10, [%[a], #192]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #192]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r7, [%[m], #196]\n\t"
+        "ldr	r10, [%[a], #196]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #196]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r7, [%[m], #200]\n\t"
+        "ldr	r10, [%[a], #200]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #200]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r7, [%[m], #204]\n\t"
+        "ldr	r10, [%[a], #204]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #204]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r7, [%[m], #208]\n\t"
+        "ldr	r10, [%[a], #208]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #208]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r7, [%[m], #212]\n\t"
+        "ldr	r10, [%[a], #212]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #212]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r7, [%[m], #216]\n\t"
+        "ldr	r10, [%[a], #216]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #216]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r7, [%[m], #220]\n\t"
+        "ldr	r10, [%[a], #220]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #220]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r7, [%[m], #224]\n\t"
+        "ldr	r10, [%[a], #224]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #224]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r7, [%[m], #228]\n\t"
+        "ldr	r10, [%[a], #228]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #228]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r7, [%[m], #232]\n\t"
+        "ldr	r10, [%[a], #232]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #232]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r7, [%[m], #236]\n\t"
+        "ldr	r10, [%[a], #236]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #236]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r7, [%[m], #240]\n\t"
+        "ldr	r10, [%[a], #240]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #240]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r7, [%[m], #244]\n\t"
+        "ldr	r10, [%[a], #244]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #244]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r7, [%[m], #248]\n\t"
+        "ldr	r10, [%[a], #248]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #248]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r7, [%[m], #252]\n\t"
+        "ldr	r10, [%[a], #252]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #252]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+64] += m[64] * mu */
+        "ldr	r7, [%[m], #256]\n\t"
+        "ldr	r10, [%[a], #256]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #256]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+65] += m[65] * mu */
+        "ldr	r7, [%[m], #260]\n\t"
+        "ldr	r10, [%[a], #260]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #260]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+66] += m[66] * mu */
+        "ldr	r7, [%[m], #264]\n\t"
+        "ldr	r10, [%[a], #264]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #264]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+67] += m[67] * mu */
+        "ldr	r7, [%[m], #268]\n\t"
+        "ldr	r10, [%[a], #268]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #268]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+68] += m[68] * mu */
+        "ldr	r7, [%[m], #272]\n\t"
+        "ldr	r10, [%[a], #272]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #272]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+69] += m[69] * mu */
+        "ldr	r7, [%[m], #276]\n\t"
+        "ldr	r10, [%[a], #276]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #276]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+70] += m[70] * mu */
+        "ldr	r7, [%[m], #280]\n\t"
+        "ldr	r10, [%[a], #280]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #280]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+71] += m[71] * mu */
+        "ldr	r7, [%[m], #284]\n\t"
+        "ldr	r10, [%[a], #284]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #284]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+72] += m[72] * mu */
+        "ldr	r7, [%[m], #288]\n\t"
+        "ldr	r10, [%[a], #288]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #288]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+73] += m[73] * mu */
+        "ldr	r7, [%[m], #292]\n\t"
+        "ldr	r10, [%[a], #292]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #292]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+74] += m[74] * mu */
+        "ldr	r7, [%[m], #296]\n\t"
+        "ldr	r10, [%[a], #296]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #296]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+75] += m[75] * mu */
+        "ldr	r7, [%[m], #300]\n\t"
+        "ldr	r10, [%[a], #300]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #300]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+76] += m[76] * mu */
+        "ldr	r7, [%[m], #304]\n\t"
+        "ldr	r10, [%[a], #304]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #304]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+77] += m[77] * mu */
+        "ldr	r7, [%[m], #308]\n\t"
+        "ldr	r10, [%[a], #308]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #308]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+78] += m[78] * mu */
+        "ldr	r7, [%[m], #312]\n\t"
+        "ldr	r10, [%[a], #312]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #312]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+79] += m[79] * mu */
+        "ldr	r7, [%[m], #316]\n\t"
+        "ldr	r10, [%[a], #316]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #316]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+80] += m[80] * mu */
+        "ldr	r7, [%[m], #320]\n\t"
+        "ldr	r10, [%[a], #320]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #320]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+81] += m[81] * mu */
+        "ldr	r7, [%[m], #324]\n\t"
+        "ldr	r10, [%[a], #324]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #324]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+82] += m[82] * mu */
+        "ldr	r7, [%[m], #328]\n\t"
+        "ldr	r10, [%[a], #328]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #328]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+83] += m[83] * mu */
+        "ldr	r7, [%[m], #332]\n\t"
+        "ldr	r10, [%[a], #332]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #332]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+84] += m[84] * mu */
+        "ldr	r7, [%[m], #336]\n\t"
+        "ldr	r10, [%[a], #336]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #336]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+85] += m[85] * mu */
+        "ldr	r7, [%[m], #340]\n\t"
+        "ldr	r10, [%[a], #340]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #340]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+86] += m[86] * mu */
+        "ldr	r7, [%[m], #344]\n\t"
+        "ldr	r10, [%[a], #344]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #344]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+87] += m[87] * mu */
+        "ldr	r7, [%[m], #348]\n\t"
+        "ldr	r10, [%[a], #348]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #348]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+88] += m[88] * mu */
+        "ldr	r7, [%[m], #352]\n\t"
+        "ldr	r10, [%[a], #352]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #352]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+89] += m[89] * mu */
+        "ldr	r7, [%[m], #356]\n\t"
+        "ldr	r10, [%[a], #356]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #356]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+90] += m[90] * mu */
+        "ldr	r7, [%[m], #360]\n\t"
+        "ldr	r10, [%[a], #360]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #360]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+91] += m[91] * mu */
+        "ldr	r7, [%[m], #364]\n\t"
+        "ldr	r10, [%[a], #364]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #364]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+92] += m[92] * mu */
+        "ldr	r7, [%[m], #368]\n\t"
+        "ldr	r10, [%[a], #368]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #368]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+93] += m[93] * mu */
+        "ldr	r7, [%[m], #372]\n\t"
+        "ldr	r10, [%[a], #372]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #372]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+94] += m[94] * mu */
+        "ldr	r7, [%[m], #376]\n\t"
+        "ldr	r10, [%[a], #376]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #376]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+95] += m[95] * mu */
+        "ldr	r7, [%[m], #380]\n\t"
+        "ldr	r10, [%[a], #380]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #380]\n\t"
         "ldr	r10, [%[a], #384]\n\t"
@@ -41409,16 +41634,543 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x180\n\t"
         "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
 }
 
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r10, [%[m], #128]\n\t"
+        "ldr	r9, [%[a], #128]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r10, [%[m], #132]\n\t"
+        "ldr	r9, [%[a], #132]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r10, [%[m], #136]\n\t"
+        "ldr	r9, [%[a], #136]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r10, [%[m], #140]\n\t"
+        "ldr	r9, [%[a], #140]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r10, [%[m], #144]\n\t"
+        "ldr	r9, [%[a], #144]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r10, [%[m], #148]\n\t"
+        "ldr	r9, [%[a], #148]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r10, [%[m], #152]\n\t"
+        "ldr	r9, [%[a], #152]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r10, [%[m], #156]\n\t"
+        "ldr	r9, [%[a], #156]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r10, [%[m], #160]\n\t"
+        "ldr	r9, [%[a], #160]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r10, [%[m], #164]\n\t"
+        "ldr	r9, [%[a], #164]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r10, [%[m], #168]\n\t"
+        "ldr	r9, [%[a], #168]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r10, [%[m], #172]\n\t"
+        "ldr	r9, [%[a], #172]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r10, [%[m], #176]\n\t"
+        "ldr	r9, [%[a], #176]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r10, [%[m], #180]\n\t"
+        "ldr	r9, [%[a], #180]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r10, [%[m], #184]\n\t"
+        "ldr	r9, [%[a], #184]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r10, [%[m], #188]\n\t"
+        "ldr	r9, [%[a], #188]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r10, [%[m], #192]\n\t"
+        "ldr	r9, [%[a], #192]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r10, [%[m], #196]\n\t"
+        "ldr	r9, [%[a], #196]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r10, [%[m], #200]\n\t"
+        "ldr	r9, [%[a], #200]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r10, [%[m], #204]\n\t"
+        "ldr	r9, [%[a], #204]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r10, [%[m], #208]\n\t"
+        "ldr	r9, [%[a], #208]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r10, [%[m], #212]\n\t"
+        "ldr	r9, [%[a], #212]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r10, [%[m], #216]\n\t"
+        "ldr	r9, [%[a], #216]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r10, [%[m], #220]\n\t"
+        "ldr	r9, [%[a], #220]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r10, [%[m], #224]\n\t"
+        "ldr	r9, [%[a], #224]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r10, [%[m], #228]\n\t"
+        "ldr	r9, [%[a], #228]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r10, [%[m], #232]\n\t"
+        "ldr	r9, [%[a], #232]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r10, [%[m], #236]\n\t"
+        "ldr	r9, [%[a], #236]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r10, [%[m], #240]\n\t"
+        "ldr	r9, [%[a], #240]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r10, [%[m], #244]\n\t"
+        "ldr	r9, [%[a], #244]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #244]\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r10, [%[m], #248]\n\t"
+        "ldr	r9, [%[a], #248]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #248]\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r10, [%[m], #252]\n\t"
+        "ldr	r9, [%[a], #252]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #252]\n\t"
+        /* a[i+64] += m[64] * mu */
+        "ldr	r10, [%[m], #256]\n\t"
+        "ldr	r9, [%[a], #256]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #256]\n\t"
+        /* a[i+65] += m[65] * mu */
+        "ldr	r10, [%[m], #260]\n\t"
+        "ldr	r9, [%[a], #260]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #260]\n\t"
+        /* a[i+66] += m[66] * mu */
+        "ldr	r10, [%[m], #264]\n\t"
+        "ldr	r9, [%[a], #264]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #264]\n\t"
+        /* a[i+67] += m[67] * mu */
+        "ldr	r10, [%[m], #268]\n\t"
+        "ldr	r9, [%[a], #268]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #268]\n\t"
+        /* a[i+68] += m[68] * mu */
+        "ldr	r10, [%[m], #272]\n\t"
+        "ldr	r9, [%[a], #272]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #272]\n\t"
+        /* a[i+69] += m[69] * mu */
+        "ldr	r10, [%[m], #276]\n\t"
+        "ldr	r9, [%[a], #276]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #276]\n\t"
+        /* a[i+70] += m[70] * mu */
+        "ldr	r10, [%[m], #280]\n\t"
+        "ldr	r9, [%[a], #280]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #280]\n\t"
+        /* a[i+71] += m[71] * mu */
+        "ldr	r10, [%[m], #284]\n\t"
+        "ldr	r9, [%[a], #284]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #284]\n\t"
+        /* a[i+72] += m[72] * mu */
+        "ldr	r10, [%[m], #288]\n\t"
+        "ldr	r9, [%[a], #288]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #288]\n\t"
+        /* a[i+73] += m[73] * mu */
+        "ldr	r10, [%[m], #292]\n\t"
+        "ldr	r9, [%[a], #292]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #292]\n\t"
+        /* a[i+74] += m[74] * mu */
+        "ldr	r10, [%[m], #296]\n\t"
+        "ldr	r9, [%[a], #296]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #296]\n\t"
+        /* a[i+75] += m[75] * mu */
+        "ldr	r10, [%[m], #300]\n\t"
+        "ldr	r9, [%[a], #300]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #300]\n\t"
+        /* a[i+76] += m[76] * mu */
+        "ldr	r10, [%[m], #304]\n\t"
+        "ldr	r9, [%[a], #304]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #304]\n\t"
+        /* a[i+77] += m[77] * mu */
+        "ldr	r10, [%[m], #308]\n\t"
+        "ldr	r9, [%[a], #308]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #308]\n\t"
+        /* a[i+78] += m[78] * mu */
+        "ldr	r10, [%[m], #312]\n\t"
+        "ldr	r9, [%[a], #312]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #312]\n\t"
+        /* a[i+79] += m[79] * mu */
+        "ldr	r10, [%[m], #316]\n\t"
+        "ldr	r9, [%[a], #316]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #316]\n\t"
+        /* a[i+80] += m[80] * mu */
+        "ldr	r10, [%[m], #320]\n\t"
+        "ldr	r9, [%[a], #320]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #320]\n\t"
+        /* a[i+81] += m[81] * mu */
+        "ldr	r10, [%[m], #324]\n\t"
+        "ldr	r9, [%[a], #324]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #324]\n\t"
+        /* a[i+82] += m[82] * mu */
+        "ldr	r10, [%[m], #328]\n\t"
+        "ldr	r9, [%[a], #328]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #328]\n\t"
+        /* a[i+83] += m[83] * mu */
+        "ldr	r10, [%[m], #332]\n\t"
+        "ldr	r9, [%[a], #332]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #332]\n\t"
+        /* a[i+84] += m[84] * mu */
+        "ldr	r10, [%[m], #336]\n\t"
+        "ldr	r9, [%[a], #336]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #336]\n\t"
+        /* a[i+85] += m[85] * mu */
+        "ldr	r10, [%[m], #340]\n\t"
+        "ldr	r9, [%[a], #340]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #340]\n\t"
+        /* a[i+86] += m[86] * mu */
+        "ldr	r10, [%[m], #344]\n\t"
+        "ldr	r9, [%[a], #344]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #344]\n\t"
+        /* a[i+87] += m[87] * mu */
+        "ldr	r10, [%[m], #348]\n\t"
+        "ldr	r9, [%[a], #348]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #348]\n\t"
+        /* a[i+88] += m[88] * mu */
+        "ldr	r10, [%[m], #352]\n\t"
+        "ldr	r9, [%[a], #352]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #352]\n\t"
+        /* a[i+89] += m[89] * mu */
+        "ldr	r10, [%[m], #356]\n\t"
+        "ldr	r9, [%[a], #356]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #356]\n\t"
+        /* a[i+90] += m[90] * mu */
+        "ldr	r10, [%[m], #360]\n\t"
+        "ldr	r9, [%[a], #360]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #360]\n\t"
+        /* a[i+91] += m[91] * mu */
+        "ldr	r10, [%[m], #364]\n\t"
+        "ldr	r9, [%[a], #364]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #364]\n\t"
+        /* a[i+92] += m[92] * mu */
+        "ldr	r10, [%[m], #368]\n\t"
+        "ldr	r9, [%[a], #368]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #368]\n\t"
+        /* a[i+93] += m[93] * mu */
+        "ldr	r10, [%[m], #372]\n\t"
+        "ldr	r9, [%[a], #372]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #372]\n\t"
+        /* a[i+94] += m[94] * mu */
+        "ldr	r10, [%[m], #376]\n\t"
+        "ldr	r9, [%[a], #376]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #376]\n\t"
+        /* a[i+95] += m[95] * mu */
+        "ldr	r10, [%[m], #380]\n\t"
+        "ldr	r9, [%[a], #380]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #384]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #380]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #384]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x180\n\t"
+        "blt	L_sp_3072_mont_reduce_96_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -41426,7 +42178,7 @@ static SP_NOINLINE void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -41440,7 +42192,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -41458,9 +42210,9 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -41481,7 +42233,7 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -41495,9 +42247,9 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -41671,7 +42423,7 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -41689,9 +42441,9 @@ static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -41731,7 +42483,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -41748,9 +42500,9 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -41780,7 +42532,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_3072_word_96_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -41808,7 +42560,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -41836,7 +42588,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -41869,7 +42621,7 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -41884,8 +42636,8 @@ static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -41941,7 +42693,8 @@ static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, s
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_3072_div_96_cond(a, m, NULL, r);
 }
@@ -41987,8 +42740,8 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -41996,7 +42749,7 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
         "mov	r5, #0\n\t"
         "mov	r3, #-1\n\t"
 #ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r4, #0x1\n\t"
         "lsl	r4, r4, #8\n\t"
         "add	r4, r4, #0x7c\n\t"
@@ -43081,7 +43834,7 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -43095,8 +43848,8 @@ static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -43136,7 +43889,8 @@ static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_dig
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_3072_div_96(a, m, NULL, r);
 }
@@ -43616,10 +44370,10 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
  */
 static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -43640,7 +44394,7 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -43656,10 +44410,10 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r8, #0\n\t"
@@ -43834,7 +44588,7 @@ static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp
         "adc	%[r], r8, r8\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -44156,9 +44910,9 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef HAVE_FFDHE_3072
 static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #31\n\t"
@@ -44740,7 +45494,7 @@ static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "str	r4, [%[r], #4]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
@@ -45042,14 +45796,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -45161,8 +45915,8 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a)
  */
 static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -45392,7 +46146,7 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -45405,12 +46159,11 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -45635,10 +46388,11 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -45728,9 +46482,9 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
  */
 static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -45752,7 +46506,7 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -45766,16 +46520,15 @@ static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x200\n\t"
         "\n"
     "L_sp_4096_sub_in_pkace_128_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -45783,13 +46536,13 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_4096_sub_in_pkace_128_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -45804,16 +46557,19 @@ static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x400\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_4096_mul_128_outer_%=: \n\t"
         "subs	r3, r5, #0x1fc\n\t"
@@ -45824,7 +46580,44 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
     "L_sp_4096_mul_128_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -45861,10 +46654,46 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x200\n\t"
-        "beq	L_sp_4096_mul_128_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_4096_mul_128_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_4096_mul_128_inner_done_%=\n\t"
+        "blt	L_sp_4096_mul_128_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_4096_mul_128_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -45872,18 +46701,50 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x3f8\n\t"
+        "cmp	r5, #0x3f4\n\t"
         "ble	L_sp_4096_mul_128_outer_%=\n\t"
+        "ldr	lr, [%[a], #508]\n\t"
+        "ldr	r11, [%[b], #508]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_4096_mul_128_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_4096_mul_128_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -45894,29 +46755,28 @@ static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
  */
 static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x400\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_4096_sqr_128_outer_%=: \n\t"
         "subs	r3, r5, #0x1fc\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_4096_sqr_128_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_4096_sqr_128_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -45965,11 +46825,13 @@ static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_4096_sqr_128_op_done_%=\n\t"
-        "\n"
-    "L_sp_4096_sqr_128_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_4096_sqr_128_inner_done_%=\n\t"
+        "blt	L_sp_4096_sqr_128_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -45996,39 +46858,55 @@ static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_4096_sqr_128_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x200\n\t"
-        "beq	L_sp_4096_sqr_128_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_4096_sqr_128_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_4096_sqr_128_inner_%=\n\t"
-        "\n"
     "L_sp_4096_sqr_128_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x3f8\n\t"
+        "cmp	r5, #0x3f4\n\t"
         "ble	L_sp_4096_sqr_128_outer_%=\n\t"
+        "ldr	lr, [%[a], #508]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_4096_sqr_128_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_4096_sqr_128_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -46057,15 +46935,14 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
  */
 static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -46098,7 +46975,7 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_4096_mul_d_128_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -46143,7 +47020,7 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #512]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -46156,15 +47033,14 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -46189,5051 +47065,4043 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[32] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[33] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[34] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[35] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[36] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[37] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[38] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[39] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[40] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[41] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[42] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[43] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[44] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[45] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[46] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[47] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[48] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[49] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[50] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[51] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[52] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[53] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[54] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[55] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[56] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[57] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[58] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[59] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[60] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[61] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[62] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[63] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[64] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[65] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[66] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[67] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[68] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[69] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[70] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[71] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[72] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[73] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[74] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[75] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[76] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[77] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[78] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[79] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[80] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[81] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[82] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[83] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[84] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[85] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[86] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[87] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[88] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[89] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[90] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[91] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[92] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[93] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[94] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[95] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[96] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[97] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[98] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[99] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[100] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[101] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[102] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[103] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[104] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[105] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[106] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[107] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[108] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[109] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[110] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[111] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[112] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[113] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[114] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[115] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[116] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[117] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[118] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[119] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[120] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[121] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[122] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[123] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[124] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[125] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[126] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[127] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -51259,15 +51127,13 @@ static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
         "str	r5, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -51299,10 +51165,10 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
  */
 static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -51323,7 +51189,7 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -51339,10 +51205,10 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
  */
 static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -51797,12 +51663,13 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 4096 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -51811,12 +51678,12 @@ static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const s
  */
 static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -51829,10 +51696,9 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -51856,14 +51722,8 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -51887,18 +51747,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -51922,17 +51776,11 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -51956,18 +51804,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -51991,18 +51833,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52026,18 +51862,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52061,18 +51891,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52096,18 +51920,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52131,18 +51949,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52166,18 +51978,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52201,18 +52007,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52236,18 +52036,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52271,18 +52065,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52306,18 +52094,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52341,18 +52123,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52376,18 +52152,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52411,18 +52181,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52446,18 +52210,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52481,18 +52239,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52516,18 +52268,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52551,18 +52297,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52586,18 +52326,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52621,18 +52355,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52656,18 +52384,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52691,18 +52413,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52726,18 +52442,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52761,18 +52471,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52796,18 +52500,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52831,18 +52529,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52866,18 +52558,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52901,18 +52587,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
         "ldr	r7, [%[m], #124]\n\t"
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -52936,18 +52616,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+32] += m[32] * mu */
         "ldr	r7, [%[m], #128]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -52971,18 +52645,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #128]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+33] += m[33] * mu */
         "ldr	r7, [%[m], #132]\n\t"
         "ldr	r10, [%[a], #132]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53006,18 +52674,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #132]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+34] += m[34] * mu */
         "ldr	r7, [%[m], #136]\n\t"
         "ldr	r10, [%[a], #136]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53041,18 +52703,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #136]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+35] += m[35] * mu */
         "ldr	r7, [%[m], #140]\n\t"
         "ldr	r10, [%[a], #140]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53076,18 +52732,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #140]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+36] += m[36] * mu */
         "ldr	r7, [%[m], #144]\n\t"
         "ldr	r10, [%[a], #144]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53111,18 +52761,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #144]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+37] += m[37] * mu */
         "ldr	r7, [%[m], #148]\n\t"
         "ldr	r10, [%[a], #148]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53146,18 +52790,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #148]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+38] += m[38] * mu */
         "ldr	r7, [%[m], #152]\n\t"
         "ldr	r10, [%[a], #152]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53181,18 +52819,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #152]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+39] += m[39] * mu */
         "ldr	r7, [%[m], #156]\n\t"
         "ldr	r10, [%[a], #156]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53216,18 +52848,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #156]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+40] += m[40] * mu */
         "ldr	r7, [%[m], #160]\n\t"
         "ldr	r10, [%[a], #160]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53251,18 +52877,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #160]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+41] += m[41] * mu */
         "ldr	r7, [%[m], #164]\n\t"
         "ldr	r10, [%[a], #164]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53286,18 +52906,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #164]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+42] += m[42] * mu */
         "ldr	r7, [%[m], #168]\n\t"
         "ldr	r10, [%[a], #168]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53321,18 +52935,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #168]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+43] += m[43] * mu */
         "ldr	r7, [%[m], #172]\n\t"
         "ldr	r10, [%[a], #172]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53356,18 +52964,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #172]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+44] += m[44] * mu */
         "ldr	r7, [%[m], #176]\n\t"
         "ldr	r10, [%[a], #176]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53391,18 +52993,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #176]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+45] += m[45] * mu */
         "ldr	r7, [%[m], #180]\n\t"
         "ldr	r10, [%[a], #180]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53426,18 +53022,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #180]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+46] += m[46] * mu */
         "ldr	r7, [%[m], #184]\n\t"
         "ldr	r10, [%[a], #184]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53461,18 +53051,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #184]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+47] += m[47] * mu */
         "ldr	r7, [%[m], #188]\n\t"
         "ldr	r10, [%[a], #188]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53496,18 +53080,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #188]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+48] += m[48] * mu */
         "ldr	r7, [%[m], #192]\n\t"
         "ldr	r10, [%[a], #192]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53531,18 +53109,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #192]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+49] += m[49] * mu */
         "ldr	r7, [%[m], #196]\n\t"
         "ldr	r10, [%[a], #196]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53566,18 +53138,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #196]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+50] += m[50] * mu */
         "ldr	r7, [%[m], #200]\n\t"
         "ldr	r10, [%[a], #200]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53601,18 +53167,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #200]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+51] += m[51] * mu */
         "ldr	r7, [%[m], #204]\n\t"
         "ldr	r10, [%[a], #204]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53636,18 +53196,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #204]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+52] += m[52] * mu */
         "ldr	r7, [%[m], #208]\n\t"
         "ldr	r10, [%[a], #208]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53671,18 +53225,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #208]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+53] += m[53] * mu */
         "ldr	r7, [%[m], #212]\n\t"
         "ldr	r10, [%[a], #212]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53706,18 +53254,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #212]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+54] += m[54] * mu */
         "ldr	r7, [%[m], #216]\n\t"
         "ldr	r10, [%[a], #216]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53741,18 +53283,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #216]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+55] += m[55] * mu */
         "ldr	r7, [%[m], #220]\n\t"
         "ldr	r10, [%[a], #220]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53776,18 +53312,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #220]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+56] += m[56] * mu */
         "ldr	r7, [%[m], #224]\n\t"
         "ldr	r10, [%[a], #224]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53811,18 +53341,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #224]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+57] += m[57] * mu */
         "ldr	r7, [%[m], #228]\n\t"
         "ldr	r10, [%[a], #228]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53846,18 +53370,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #228]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+58] += m[58] * mu */
         "ldr	r7, [%[m], #232]\n\t"
         "ldr	r10, [%[a], #232]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53881,18 +53399,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #232]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+59] += m[59] * mu */
         "ldr	r7, [%[m], #236]\n\t"
         "ldr	r10, [%[a], #236]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53916,18 +53428,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #236]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+60] += m[60] * mu */
         "ldr	r7, [%[m], #240]\n\t"
         "ldr	r10, [%[a], #240]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -53951,18 +53457,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #240]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+61] += m[61] * mu */
         "ldr	r7, [%[m], #244]\n\t"
         "ldr	r10, [%[a], #244]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -53986,18 +53486,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #244]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+62] += m[62] * mu */
         "ldr	r7, [%[m], #248]\n\t"
         "ldr	r10, [%[a], #248]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54021,18 +53515,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #248]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+63] += m[63] * mu */
         "ldr	r7, [%[m], #252]\n\t"
         "ldr	r10, [%[a], #252]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54056,18 +53544,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #252]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+64] += m[64] * mu */
         "ldr	r7, [%[m], #256]\n\t"
         "ldr	r10, [%[a], #256]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54091,18 +53573,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #256]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+65] += m[65] * mu */
         "ldr	r7, [%[m], #260]\n\t"
         "ldr	r10, [%[a], #260]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54126,18 +53602,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #260]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+66] += m[66] * mu */
         "ldr	r7, [%[m], #264]\n\t"
         "ldr	r10, [%[a], #264]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54161,18 +53631,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #264]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+67] += m[67] * mu */
         "ldr	r7, [%[m], #268]\n\t"
         "ldr	r10, [%[a], #268]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54196,18 +53660,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #268]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+68] += m[68] * mu */
         "ldr	r7, [%[m], #272]\n\t"
         "ldr	r10, [%[a], #272]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54231,18 +53689,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #272]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+69] += m[69] * mu */
         "ldr	r7, [%[m], #276]\n\t"
         "ldr	r10, [%[a], #276]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54266,18 +53718,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #276]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+70] += m[70] * mu */
         "ldr	r7, [%[m], #280]\n\t"
         "ldr	r10, [%[a], #280]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54301,18 +53747,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #280]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+71] += m[71] * mu */
         "ldr	r7, [%[m], #284]\n\t"
         "ldr	r10, [%[a], #284]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54336,18 +53776,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #284]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+72] += m[72] * mu */
         "ldr	r7, [%[m], #288]\n\t"
         "ldr	r10, [%[a], #288]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54371,18 +53805,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #288]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+73] += m[73] * mu */
         "ldr	r7, [%[m], #292]\n\t"
         "ldr	r10, [%[a], #292]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54406,18 +53834,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #292]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+74] += m[74] * mu */
         "ldr	r7, [%[m], #296]\n\t"
         "ldr	r10, [%[a], #296]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54441,18 +53863,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #296]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+75] += m[75] * mu */
         "ldr	r7, [%[m], #300]\n\t"
         "ldr	r10, [%[a], #300]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54476,18 +53892,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #300]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+76] += m[76] * mu */
         "ldr	r7, [%[m], #304]\n\t"
         "ldr	r10, [%[a], #304]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54511,18 +53921,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #304]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+77] += m[77] * mu */
         "ldr	r7, [%[m], #308]\n\t"
         "ldr	r10, [%[a], #308]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54546,18 +53950,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #308]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+78] += m[78] * mu */
         "ldr	r7, [%[m], #312]\n\t"
         "ldr	r10, [%[a], #312]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54581,18 +53979,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #312]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+79] += m[79] * mu */
         "ldr	r7, [%[m], #316]\n\t"
         "ldr	r10, [%[a], #316]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54616,18 +54008,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #316]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+80] += m[80] * mu */
         "ldr	r7, [%[m], #320]\n\t"
         "ldr	r10, [%[a], #320]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54651,18 +54037,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #320]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+81] += m[81] * mu */
         "ldr	r7, [%[m], #324]\n\t"
         "ldr	r10, [%[a], #324]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54686,18 +54066,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #324]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+82] += m[82] * mu */
         "ldr	r7, [%[m], #328]\n\t"
         "ldr	r10, [%[a], #328]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54721,18 +54095,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #328]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+83] += m[83] * mu */
         "ldr	r7, [%[m], #332]\n\t"
         "ldr	r10, [%[a], #332]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54756,18 +54124,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #332]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+84] += m[84] * mu */
         "ldr	r7, [%[m], #336]\n\t"
         "ldr	r10, [%[a], #336]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54791,18 +54153,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #336]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+85] += m[85] * mu */
         "ldr	r7, [%[m], #340]\n\t"
         "ldr	r10, [%[a], #340]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54826,18 +54182,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #340]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+86] += m[86] * mu */
         "ldr	r7, [%[m], #344]\n\t"
         "ldr	r10, [%[a], #344]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54861,18 +54211,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #344]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+87] += m[87] * mu */
         "ldr	r7, [%[m], #348]\n\t"
         "ldr	r10, [%[a], #348]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54896,18 +54240,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #348]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+88] += m[88] * mu */
         "ldr	r7, [%[m], #352]\n\t"
         "ldr	r10, [%[a], #352]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -54931,18 +54269,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #352]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+89] += m[89] * mu */
         "ldr	r7, [%[m], #356]\n\t"
         "ldr	r10, [%[a], #356]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -54966,18 +54298,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #356]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+90] += m[90] * mu */
         "ldr	r7, [%[m], #360]\n\t"
         "ldr	r10, [%[a], #360]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55001,18 +54327,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #360]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+91] += m[91] * mu */
         "ldr	r7, [%[m], #364]\n\t"
         "ldr	r10, [%[a], #364]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55036,18 +54356,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #364]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+92] += m[92] * mu */
         "ldr	r7, [%[m], #368]\n\t"
         "ldr	r10, [%[a], #368]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55071,18 +54385,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #368]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+93] += m[93] * mu */
         "ldr	r7, [%[m], #372]\n\t"
         "ldr	r10, [%[a], #372]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55106,18 +54414,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #372]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+94] += m[94] * mu */
         "ldr	r7, [%[m], #376]\n\t"
         "ldr	r10, [%[a], #376]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55141,18 +54443,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #376]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+95] += m[95] * mu */
         "ldr	r7, [%[m], #380]\n\t"
         "ldr	r10, [%[a], #380]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55176,18 +54472,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #380]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+96] += m[96] * mu */
         "ldr	r7, [%[m], #384]\n\t"
         "ldr	r10, [%[a], #384]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55211,18 +54501,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #384]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+97] += m[97] * mu */
         "ldr	r7, [%[m], #388]\n\t"
         "ldr	r10, [%[a], #388]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55246,18 +54530,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #388]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+98] += m[98] * mu */
         "ldr	r7, [%[m], #392]\n\t"
         "ldr	r10, [%[a], #392]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55281,18 +54559,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #392]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+99] += m[99] * mu */
         "ldr	r7, [%[m], #396]\n\t"
         "ldr	r10, [%[a], #396]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55316,18 +54588,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #396]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+100] += m[100] * mu */
         "ldr	r7, [%[m], #400]\n\t"
         "ldr	r10, [%[a], #400]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55351,18 +54617,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #400]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+101] += m[101] * mu */
         "ldr	r7, [%[m], #404]\n\t"
         "ldr	r10, [%[a], #404]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55386,18 +54646,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #404]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+102] += m[102] * mu */
         "ldr	r7, [%[m], #408]\n\t"
         "ldr	r10, [%[a], #408]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55421,18 +54675,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #408]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+103] += m[103] * mu */
         "ldr	r7, [%[m], #412]\n\t"
         "ldr	r10, [%[a], #412]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55456,18 +54704,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #412]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+104] += m[104] * mu */
         "ldr	r7, [%[m], #416]\n\t"
         "ldr	r10, [%[a], #416]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55491,18 +54733,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #416]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+105] += m[105] * mu */
         "ldr	r7, [%[m], #420]\n\t"
         "ldr	r10, [%[a], #420]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55526,18 +54762,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #420]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+106] += m[106] * mu */
         "ldr	r7, [%[m], #424]\n\t"
         "ldr	r10, [%[a], #424]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55561,18 +54791,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #424]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+107] += m[107] * mu */
         "ldr	r7, [%[m], #428]\n\t"
         "ldr	r10, [%[a], #428]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55596,18 +54820,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #428]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+108] += m[108] * mu */
         "ldr	r7, [%[m], #432]\n\t"
         "ldr	r10, [%[a], #432]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55631,18 +54849,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #432]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+109] += m[109] * mu */
         "ldr	r7, [%[m], #436]\n\t"
         "ldr	r10, [%[a], #436]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55666,18 +54878,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #436]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+110] += m[110] * mu */
         "ldr	r7, [%[m], #440]\n\t"
         "ldr	r10, [%[a], #440]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55701,18 +54907,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #440]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+111] += m[111] * mu */
         "ldr	r7, [%[m], #444]\n\t"
         "ldr	r10, [%[a], #444]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55736,18 +54936,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #444]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+112] += m[112] * mu */
         "ldr	r7, [%[m], #448]\n\t"
         "ldr	r10, [%[a], #448]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55771,18 +54965,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #448]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+113] += m[113] * mu */
         "ldr	r7, [%[m], #452]\n\t"
         "ldr	r10, [%[a], #452]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55806,18 +54994,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #452]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+114] += m[114] * mu */
         "ldr	r7, [%[m], #456]\n\t"
         "ldr	r10, [%[a], #456]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55841,18 +55023,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #456]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+115] += m[115] * mu */
         "ldr	r7, [%[m], #460]\n\t"
         "ldr	r10, [%[a], #460]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55876,18 +55052,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #460]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+116] += m[116] * mu */
         "ldr	r7, [%[m], #464]\n\t"
         "ldr	r10, [%[a], #464]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55911,18 +55081,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #464]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+117] += m[117] * mu */
         "ldr	r7, [%[m], #468]\n\t"
         "ldr	r10, [%[a], #468]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -55946,18 +55110,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #468]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+118] += m[118] * mu */
         "ldr	r7, [%[m], #472]\n\t"
         "ldr	r10, [%[a], #472]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -55981,18 +55139,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #472]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+119] += m[119] * mu */
         "ldr	r7, [%[m], #476]\n\t"
         "ldr	r10, [%[a], #476]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -56016,18 +55168,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #476]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+120] += m[120] * mu */
         "ldr	r7, [%[m], #480]\n\t"
         "ldr	r10, [%[a], #480]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -56051,18 +55197,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #480]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+121] += m[121] * mu */
         "ldr	r7, [%[m], #484]\n\t"
         "ldr	r10, [%[a], #484]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -56086,18 +55226,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #484]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+122] += m[122] * mu */
         "ldr	r7, [%[m], #488]\n\t"
         "ldr	r10, [%[a], #488]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -56121,18 +55255,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #488]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+123] += m[123] * mu */
         "ldr	r7, [%[m], #492]\n\t"
         "ldr	r10, [%[a], #492]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -56156,18 +55284,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #492]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+124] += m[124] * mu */
         "ldr	r7, [%[m], #496]\n\t"
         "ldr	r10, [%[a], #496]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -56191,18 +55313,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #496]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+125] += m[125] * mu */
         "ldr	r7, [%[m], #500]\n\t"
         "ldr	r10, [%[a], #500]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -56226,18 +55342,12 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #500]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+126] += m[126] * mu */
         "ldr	r7, [%[m], #504]\n\t"
         "ldr	r10, [%[a], #504]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -56261,22 +55371,16 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #504]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+127] += m[127] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #508]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #508]\n\t"
+#else
+        "ldr	r7, [%[m], #508]\n\t"
 #endif
         "ldr	r10, [%[a], #508]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -56307,13 +55411,1069 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #508]\n\t"
+        "ldr	r10, [%[a], #512]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #512]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x200\n\t"
+        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r7, [%[m], #128]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r7, [%[m], #132]\n\t"
+        "ldr	r10, [%[a], #132]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #132]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r7, [%[m], #136]\n\t"
+        "ldr	r10, [%[a], #136]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #136]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r7, [%[m], #140]\n\t"
+        "ldr	r10, [%[a], #140]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #140]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r7, [%[m], #144]\n\t"
+        "ldr	r10, [%[a], #144]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #144]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r7, [%[m], #148]\n\t"
+        "ldr	r10, [%[a], #148]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #148]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r7, [%[m], #152]\n\t"
+        "ldr	r10, [%[a], #152]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #152]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r7, [%[m], #156]\n\t"
+        "ldr	r10, [%[a], #156]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #156]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r7, [%[m], #160]\n\t"
+        "ldr	r10, [%[a], #160]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #160]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r7, [%[m], #164]\n\t"
+        "ldr	r10, [%[a], #164]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #164]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r7, [%[m], #168]\n\t"
+        "ldr	r10, [%[a], #168]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #168]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r7, [%[m], #172]\n\t"
+        "ldr	r10, [%[a], #172]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #172]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r7, [%[m], #176]\n\t"
+        "ldr	r10, [%[a], #176]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #176]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r7, [%[m], #180]\n\t"
+        "ldr	r10, [%[a], #180]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #180]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r7, [%[m], #184]\n\t"
+        "ldr	r10, [%[a], #184]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #184]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r7, [%[m], #188]\n\t"
+        "ldr	r10, [%[a], #188]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #188]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r7, [%[m], #192]\n\t"
+        "ldr	r10, [%[a], #192]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #192]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r7, [%[m], #196]\n\t"
+        "ldr	r10, [%[a], #196]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #196]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r7, [%[m], #200]\n\t"
+        "ldr	r10, [%[a], #200]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #200]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r7, [%[m], #204]\n\t"
+        "ldr	r10, [%[a], #204]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #204]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r7, [%[m], #208]\n\t"
+        "ldr	r10, [%[a], #208]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #208]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r7, [%[m], #212]\n\t"
+        "ldr	r10, [%[a], #212]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #212]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r7, [%[m], #216]\n\t"
+        "ldr	r10, [%[a], #216]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #216]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r7, [%[m], #220]\n\t"
+        "ldr	r10, [%[a], #220]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #220]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r7, [%[m], #224]\n\t"
+        "ldr	r10, [%[a], #224]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #224]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r7, [%[m], #228]\n\t"
+        "ldr	r10, [%[a], #228]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #228]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r7, [%[m], #232]\n\t"
+        "ldr	r10, [%[a], #232]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #232]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r7, [%[m], #236]\n\t"
+        "ldr	r10, [%[a], #236]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #236]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r7, [%[m], #240]\n\t"
+        "ldr	r10, [%[a], #240]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #240]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r7, [%[m], #244]\n\t"
+        "ldr	r10, [%[a], #244]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #244]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r7, [%[m], #248]\n\t"
+        "ldr	r10, [%[a], #248]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #248]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r7, [%[m], #252]\n\t"
+        "ldr	r10, [%[a], #252]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #252]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+64] += m[64] * mu */
+        "ldr	r7, [%[m], #256]\n\t"
+        "ldr	r10, [%[a], #256]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #256]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+65] += m[65] * mu */
+        "ldr	r7, [%[m], #260]\n\t"
+        "ldr	r10, [%[a], #260]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #260]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+66] += m[66] * mu */
+        "ldr	r7, [%[m], #264]\n\t"
+        "ldr	r10, [%[a], #264]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #264]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+67] += m[67] * mu */
+        "ldr	r7, [%[m], #268]\n\t"
+        "ldr	r10, [%[a], #268]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #268]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+68] += m[68] * mu */
+        "ldr	r7, [%[m], #272]\n\t"
+        "ldr	r10, [%[a], #272]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #272]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+69] += m[69] * mu */
+        "ldr	r7, [%[m], #276]\n\t"
+        "ldr	r10, [%[a], #276]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #276]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+70] += m[70] * mu */
+        "ldr	r7, [%[m], #280]\n\t"
+        "ldr	r10, [%[a], #280]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #280]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+71] += m[71] * mu */
+        "ldr	r7, [%[m], #284]\n\t"
+        "ldr	r10, [%[a], #284]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #284]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+72] += m[72] * mu */
+        "ldr	r7, [%[m], #288]\n\t"
+        "ldr	r10, [%[a], #288]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #288]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+73] += m[73] * mu */
+        "ldr	r7, [%[m], #292]\n\t"
+        "ldr	r10, [%[a], #292]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #292]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+74] += m[74] * mu */
+        "ldr	r7, [%[m], #296]\n\t"
+        "ldr	r10, [%[a], #296]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #296]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+75] += m[75] * mu */
+        "ldr	r7, [%[m], #300]\n\t"
+        "ldr	r10, [%[a], #300]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #300]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+76] += m[76] * mu */
+        "ldr	r7, [%[m], #304]\n\t"
+        "ldr	r10, [%[a], #304]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #304]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+77] += m[77] * mu */
+        "ldr	r7, [%[m], #308]\n\t"
+        "ldr	r10, [%[a], #308]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #308]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+78] += m[78] * mu */
+        "ldr	r7, [%[m], #312]\n\t"
+        "ldr	r10, [%[a], #312]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #312]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+79] += m[79] * mu */
+        "ldr	r7, [%[m], #316]\n\t"
+        "ldr	r10, [%[a], #316]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #316]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+80] += m[80] * mu */
+        "ldr	r7, [%[m], #320]\n\t"
+        "ldr	r10, [%[a], #320]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #320]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+81] += m[81] * mu */
+        "ldr	r7, [%[m], #324]\n\t"
+        "ldr	r10, [%[a], #324]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #324]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+82] += m[82] * mu */
+        "ldr	r7, [%[m], #328]\n\t"
+        "ldr	r10, [%[a], #328]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #328]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+83] += m[83] * mu */
+        "ldr	r7, [%[m], #332]\n\t"
+        "ldr	r10, [%[a], #332]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #332]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+84] += m[84] * mu */
+        "ldr	r7, [%[m], #336]\n\t"
+        "ldr	r10, [%[a], #336]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #336]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+85] += m[85] * mu */
+        "ldr	r7, [%[m], #340]\n\t"
+        "ldr	r10, [%[a], #340]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #340]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+86] += m[86] * mu */
+        "ldr	r7, [%[m], #344]\n\t"
+        "ldr	r10, [%[a], #344]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #344]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+87] += m[87] * mu */
+        "ldr	r7, [%[m], #348]\n\t"
+        "ldr	r10, [%[a], #348]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #348]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+88] += m[88] * mu */
+        "ldr	r7, [%[m], #352]\n\t"
+        "ldr	r10, [%[a], #352]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #352]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+89] += m[89] * mu */
+        "ldr	r7, [%[m], #356]\n\t"
+        "ldr	r10, [%[a], #356]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #356]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+90] += m[90] * mu */
+        "ldr	r7, [%[m], #360]\n\t"
+        "ldr	r10, [%[a], #360]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #360]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+91] += m[91] * mu */
+        "ldr	r7, [%[m], #364]\n\t"
+        "ldr	r10, [%[a], #364]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #364]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+92] += m[92] * mu */
+        "ldr	r7, [%[m], #368]\n\t"
+        "ldr	r10, [%[a], #368]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #368]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+93] += m[93] * mu */
+        "ldr	r7, [%[m], #372]\n\t"
+        "ldr	r10, [%[a], #372]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #372]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+94] += m[94] * mu */
+        "ldr	r7, [%[m], #376]\n\t"
+        "ldr	r10, [%[a], #376]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #376]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+95] += m[95] * mu */
+        "ldr	r7, [%[m], #380]\n\t"
+        "ldr	r10, [%[a], #380]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #380]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+96] += m[96] * mu */
+        "ldr	r7, [%[m], #384]\n\t"
+        "ldr	r10, [%[a], #384]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #384]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+97] += m[97] * mu */
+        "ldr	r7, [%[m], #388]\n\t"
+        "ldr	r10, [%[a], #388]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #388]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+98] += m[98] * mu */
+        "ldr	r7, [%[m], #392]\n\t"
+        "ldr	r10, [%[a], #392]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #392]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+99] += m[99] * mu */
+        "ldr	r7, [%[m], #396]\n\t"
+        "ldr	r10, [%[a], #396]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #396]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+100] += m[100] * mu */
+        "ldr	r7, [%[m], #400]\n\t"
+        "ldr	r10, [%[a], #400]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #400]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+101] += m[101] * mu */
+        "ldr	r7, [%[m], #404]\n\t"
+        "ldr	r10, [%[a], #404]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #404]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+102] += m[102] * mu */
+        "ldr	r7, [%[m], #408]\n\t"
+        "ldr	r10, [%[a], #408]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #408]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+103] += m[103] * mu */
+        "ldr	r7, [%[m], #412]\n\t"
+        "ldr	r10, [%[a], #412]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #412]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+104] += m[104] * mu */
+        "ldr	r7, [%[m], #416]\n\t"
+        "ldr	r10, [%[a], #416]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #416]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+105] += m[105] * mu */
+        "ldr	r7, [%[m], #420]\n\t"
+        "ldr	r10, [%[a], #420]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #420]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+106] += m[106] * mu */
+        "ldr	r7, [%[m], #424]\n\t"
+        "ldr	r10, [%[a], #424]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #424]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+107] += m[107] * mu */
+        "ldr	r7, [%[m], #428]\n\t"
+        "ldr	r10, [%[a], #428]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #428]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+108] += m[108] * mu */
+        "ldr	r7, [%[m], #432]\n\t"
+        "ldr	r10, [%[a], #432]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #432]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+109] += m[109] * mu */
+        "ldr	r7, [%[m], #436]\n\t"
+        "ldr	r10, [%[a], #436]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #436]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+110] += m[110] * mu */
+        "ldr	r7, [%[m], #440]\n\t"
+        "ldr	r10, [%[a], #440]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #440]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+111] += m[111] * mu */
+        "ldr	r7, [%[m], #444]\n\t"
+        "ldr	r10, [%[a], #444]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #444]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+112] += m[112] * mu */
+        "ldr	r7, [%[m], #448]\n\t"
+        "ldr	r10, [%[a], #448]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #448]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+113] += m[113] * mu */
+        "ldr	r7, [%[m], #452]\n\t"
+        "ldr	r10, [%[a], #452]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #452]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+114] += m[114] * mu */
+        "ldr	r7, [%[m], #456]\n\t"
+        "ldr	r10, [%[a], #456]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #456]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+115] += m[115] * mu */
+        "ldr	r7, [%[m], #460]\n\t"
+        "ldr	r10, [%[a], #460]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #460]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+116] += m[116] * mu */
+        "ldr	r7, [%[m], #464]\n\t"
+        "ldr	r10, [%[a], #464]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #464]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+117] += m[117] * mu */
+        "ldr	r7, [%[m], #468]\n\t"
+        "ldr	r10, [%[a], #468]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #468]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+118] += m[118] * mu */
+        "ldr	r7, [%[m], #472]\n\t"
+        "ldr	r10, [%[a], #472]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #472]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+119] += m[119] * mu */
+        "ldr	r7, [%[m], #476]\n\t"
+        "ldr	r10, [%[a], #476]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #476]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+120] += m[120] * mu */
+        "ldr	r7, [%[m], #480]\n\t"
+        "ldr	r10, [%[a], #480]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #480]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+121] += m[121] * mu */
+        "ldr	r7, [%[m], #484]\n\t"
+        "ldr	r10, [%[a], #484]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #484]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+122] += m[122] * mu */
+        "ldr	r7, [%[m], #488]\n\t"
+        "ldr	r10, [%[a], #488]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #488]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+123] += m[123] * mu */
+        "ldr	r7, [%[m], #492]\n\t"
+        "ldr	r10, [%[a], #492]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #492]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+124] += m[124] * mu */
+        "ldr	r7, [%[m], #496]\n\t"
+        "ldr	r10, [%[a], #496]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #496]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+125] += m[125] * mu */
+        "ldr	r7, [%[m], #500]\n\t"
+        "ldr	r10, [%[a], #500]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #500]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+126] += m[126] * mu */
+        "ldr	r7, [%[m], #504]\n\t"
+        "ldr	r10, [%[a], #504]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #504]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+127] += m[127] * mu */
+        "ldr	r7, [%[m], #508]\n\t"
+        "ldr	r10, [%[a], #508]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #508]\n\t"
         "ldr	r10, [%[a], #512]\n\t"
@@ -56325,16 +56485,703 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x200\n\t"
         "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
 }
 
+#else
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "ldr	r10, [%[m], #128]\n\t"
+        "ldr	r9, [%[a], #128]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "ldr	r10, [%[m], #132]\n\t"
+        "ldr	r9, [%[a], #132]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "ldr	r10, [%[m], #136]\n\t"
+        "ldr	r9, [%[a], #136]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "ldr	r10, [%[m], #140]\n\t"
+        "ldr	r9, [%[a], #140]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "ldr	r10, [%[m], #144]\n\t"
+        "ldr	r9, [%[a], #144]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "ldr	r10, [%[m], #148]\n\t"
+        "ldr	r9, [%[a], #148]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "ldr	r10, [%[m], #152]\n\t"
+        "ldr	r9, [%[a], #152]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "ldr	r10, [%[m], #156]\n\t"
+        "ldr	r9, [%[a], #156]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "ldr	r10, [%[m], #160]\n\t"
+        "ldr	r9, [%[a], #160]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "ldr	r10, [%[m], #164]\n\t"
+        "ldr	r9, [%[a], #164]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "ldr	r10, [%[m], #168]\n\t"
+        "ldr	r9, [%[a], #168]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "ldr	r10, [%[m], #172]\n\t"
+        "ldr	r9, [%[a], #172]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "ldr	r10, [%[m], #176]\n\t"
+        "ldr	r9, [%[a], #176]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "ldr	r10, [%[m], #180]\n\t"
+        "ldr	r9, [%[a], #180]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "ldr	r10, [%[m], #184]\n\t"
+        "ldr	r9, [%[a], #184]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "ldr	r10, [%[m], #188]\n\t"
+        "ldr	r9, [%[a], #188]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "ldr	r10, [%[m], #192]\n\t"
+        "ldr	r9, [%[a], #192]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "ldr	r10, [%[m], #196]\n\t"
+        "ldr	r9, [%[a], #196]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "ldr	r10, [%[m], #200]\n\t"
+        "ldr	r9, [%[a], #200]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "ldr	r10, [%[m], #204]\n\t"
+        "ldr	r9, [%[a], #204]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "ldr	r10, [%[m], #208]\n\t"
+        "ldr	r9, [%[a], #208]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "ldr	r10, [%[m], #212]\n\t"
+        "ldr	r9, [%[a], #212]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "ldr	r10, [%[m], #216]\n\t"
+        "ldr	r9, [%[a], #216]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "ldr	r10, [%[m], #220]\n\t"
+        "ldr	r9, [%[a], #220]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "ldr	r10, [%[m], #224]\n\t"
+        "ldr	r9, [%[a], #224]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "ldr	r10, [%[m], #228]\n\t"
+        "ldr	r9, [%[a], #228]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "ldr	r10, [%[m], #232]\n\t"
+        "ldr	r9, [%[a], #232]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "ldr	r10, [%[m], #236]\n\t"
+        "ldr	r9, [%[a], #236]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "ldr	r10, [%[m], #240]\n\t"
+        "ldr	r9, [%[a], #240]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "ldr	r10, [%[m], #244]\n\t"
+        "ldr	r9, [%[a], #244]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #244]\n\t"
+        /* a[i+62] += m[62] * mu */
+        "ldr	r10, [%[m], #248]\n\t"
+        "ldr	r9, [%[a], #248]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #248]\n\t"
+        /* a[i+63] += m[63] * mu */
+        "ldr	r10, [%[m], #252]\n\t"
+        "ldr	r9, [%[a], #252]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #252]\n\t"
+        /* a[i+64] += m[64] * mu */
+        "ldr	r10, [%[m], #256]\n\t"
+        "ldr	r9, [%[a], #256]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #256]\n\t"
+        /* a[i+65] += m[65] * mu */
+        "ldr	r10, [%[m], #260]\n\t"
+        "ldr	r9, [%[a], #260]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #260]\n\t"
+        /* a[i+66] += m[66] * mu */
+        "ldr	r10, [%[m], #264]\n\t"
+        "ldr	r9, [%[a], #264]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #264]\n\t"
+        /* a[i+67] += m[67] * mu */
+        "ldr	r10, [%[m], #268]\n\t"
+        "ldr	r9, [%[a], #268]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #268]\n\t"
+        /* a[i+68] += m[68] * mu */
+        "ldr	r10, [%[m], #272]\n\t"
+        "ldr	r9, [%[a], #272]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #272]\n\t"
+        /* a[i+69] += m[69] * mu */
+        "ldr	r10, [%[m], #276]\n\t"
+        "ldr	r9, [%[a], #276]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #276]\n\t"
+        /* a[i+70] += m[70] * mu */
+        "ldr	r10, [%[m], #280]\n\t"
+        "ldr	r9, [%[a], #280]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #280]\n\t"
+        /* a[i+71] += m[71] * mu */
+        "ldr	r10, [%[m], #284]\n\t"
+        "ldr	r9, [%[a], #284]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #284]\n\t"
+        /* a[i+72] += m[72] * mu */
+        "ldr	r10, [%[m], #288]\n\t"
+        "ldr	r9, [%[a], #288]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #288]\n\t"
+        /* a[i+73] += m[73] * mu */
+        "ldr	r10, [%[m], #292]\n\t"
+        "ldr	r9, [%[a], #292]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #292]\n\t"
+        /* a[i+74] += m[74] * mu */
+        "ldr	r10, [%[m], #296]\n\t"
+        "ldr	r9, [%[a], #296]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #296]\n\t"
+        /* a[i+75] += m[75] * mu */
+        "ldr	r10, [%[m], #300]\n\t"
+        "ldr	r9, [%[a], #300]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #300]\n\t"
+        /* a[i+76] += m[76] * mu */
+        "ldr	r10, [%[m], #304]\n\t"
+        "ldr	r9, [%[a], #304]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #304]\n\t"
+        /* a[i+77] += m[77] * mu */
+        "ldr	r10, [%[m], #308]\n\t"
+        "ldr	r9, [%[a], #308]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #308]\n\t"
+        /* a[i+78] += m[78] * mu */
+        "ldr	r10, [%[m], #312]\n\t"
+        "ldr	r9, [%[a], #312]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #312]\n\t"
+        /* a[i+79] += m[79] * mu */
+        "ldr	r10, [%[m], #316]\n\t"
+        "ldr	r9, [%[a], #316]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #316]\n\t"
+        /* a[i+80] += m[80] * mu */
+        "ldr	r10, [%[m], #320]\n\t"
+        "ldr	r9, [%[a], #320]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #320]\n\t"
+        /* a[i+81] += m[81] * mu */
+        "ldr	r10, [%[m], #324]\n\t"
+        "ldr	r9, [%[a], #324]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #324]\n\t"
+        /* a[i+82] += m[82] * mu */
+        "ldr	r10, [%[m], #328]\n\t"
+        "ldr	r9, [%[a], #328]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #328]\n\t"
+        /* a[i+83] += m[83] * mu */
+        "ldr	r10, [%[m], #332]\n\t"
+        "ldr	r9, [%[a], #332]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #332]\n\t"
+        /* a[i+84] += m[84] * mu */
+        "ldr	r10, [%[m], #336]\n\t"
+        "ldr	r9, [%[a], #336]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #336]\n\t"
+        /* a[i+85] += m[85] * mu */
+        "ldr	r10, [%[m], #340]\n\t"
+        "ldr	r9, [%[a], #340]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #340]\n\t"
+        /* a[i+86] += m[86] * mu */
+        "ldr	r10, [%[m], #344]\n\t"
+        "ldr	r9, [%[a], #344]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #344]\n\t"
+        /* a[i+87] += m[87] * mu */
+        "ldr	r10, [%[m], #348]\n\t"
+        "ldr	r9, [%[a], #348]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #348]\n\t"
+        /* a[i+88] += m[88] * mu */
+        "ldr	r10, [%[m], #352]\n\t"
+        "ldr	r9, [%[a], #352]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #352]\n\t"
+        /* a[i+89] += m[89] * mu */
+        "ldr	r10, [%[m], #356]\n\t"
+        "ldr	r9, [%[a], #356]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #356]\n\t"
+        /* a[i+90] += m[90] * mu */
+        "ldr	r10, [%[m], #360]\n\t"
+        "ldr	r9, [%[a], #360]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #360]\n\t"
+        /* a[i+91] += m[91] * mu */
+        "ldr	r10, [%[m], #364]\n\t"
+        "ldr	r9, [%[a], #364]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #364]\n\t"
+        /* a[i+92] += m[92] * mu */
+        "ldr	r10, [%[m], #368]\n\t"
+        "ldr	r9, [%[a], #368]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #368]\n\t"
+        /* a[i+93] += m[93] * mu */
+        "ldr	r10, [%[m], #372]\n\t"
+        "ldr	r9, [%[a], #372]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #372]\n\t"
+        /* a[i+94] += m[94] * mu */
+        "ldr	r10, [%[m], #376]\n\t"
+        "ldr	r9, [%[a], #376]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #376]\n\t"
+        /* a[i+95] += m[95] * mu */
+        "ldr	r10, [%[m], #380]\n\t"
+        "ldr	r9, [%[a], #380]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #380]\n\t"
+        /* a[i+96] += m[96] * mu */
+        "ldr	r10, [%[m], #384]\n\t"
+        "ldr	r9, [%[a], #384]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #384]\n\t"
+        /* a[i+97] += m[97] * mu */
+        "ldr	r10, [%[m], #388]\n\t"
+        "ldr	r9, [%[a], #388]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #388]\n\t"
+        /* a[i+98] += m[98] * mu */
+        "ldr	r10, [%[m], #392]\n\t"
+        "ldr	r9, [%[a], #392]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #392]\n\t"
+        /* a[i+99] += m[99] * mu */
+        "ldr	r10, [%[m], #396]\n\t"
+        "ldr	r9, [%[a], #396]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #396]\n\t"
+        /* a[i+100] += m[100] * mu */
+        "ldr	r10, [%[m], #400]\n\t"
+        "ldr	r9, [%[a], #400]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #400]\n\t"
+        /* a[i+101] += m[101] * mu */
+        "ldr	r10, [%[m], #404]\n\t"
+        "ldr	r9, [%[a], #404]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #404]\n\t"
+        /* a[i+102] += m[102] * mu */
+        "ldr	r10, [%[m], #408]\n\t"
+        "ldr	r9, [%[a], #408]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #408]\n\t"
+        /* a[i+103] += m[103] * mu */
+        "ldr	r10, [%[m], #412]\n\t"
+        "ldr	r9, [%[a], #412]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #412]\n\t"
+        /* a[i+104] += m[104] * mu */
+        "ldr	r10, [%[m], #416]\n\t"
+        "ldr	r9, [%[a], #416]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #416]\n\t"
+        /* a[i+105] += m[105] * mu */
+        "ldr	r10, [%[m], #420]\n\t"
+        "ldr	r9, [%[a], #420]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #420]\n\t"
+        /* a[i+106] += m[106] * mu */
+        "ldr	r10, [%[m], #424]\n\t"
+        "ldr	r9, [%[a], #424]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #424]\n\t"
+        /* a[i+107] += m[107] * mu */
+        "ldr	r10, [%[m], #428]\n\t"
+        "ldr	r9, [%[a], #428]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #428]\n\t"
+        /* a[i+108] += m[108] * mu */
+        "ldr	r10, [%[m], #432]\n\t"
+        "ldr	r9, [%[a], #432]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #432]\n\t"
+        /* a[i+109] += m[109] * mu */
+        "ldr	r10, [%[m], #436]\n\t"
+        "ldr	r9, [%[a], #436]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #436]\n\t"
+        /* a[i+110] += m[110] * mu */
+        "ldr	r10, [%[m], #440]\n\t"
+        "ldr	r9, [%[a], #440]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #440]\n\t"
+        /* a[i+111] += m[111] * mu */
+        "ldr	r10, [%[m], #444]\n\t"
+        "ldr	r9, [%[a], #444]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #444]\n\t"
+        /* a[i+112] += m[112] * mu */
+        "ldr	r10, [%[m], #448]\n\t"
+        "ldr	r9, [%[a], #448]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #448]\n\t"
+        /* a[i+113] += m[113] * mu */
+        "ldr	r10, [%[m], #452]\n\t"
+        "ldr	r9, [%[a], #452]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #452]\n\t"
+        /* a[i+114] += m[114] * mu */
+        "ldr	r10, [%[m], #456]\n\t"
+        "ldr	r9, [%[a], #456]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #456]\n\t"
+        /* a[i+115] += m[115] * mu */
+        "ldr	r10, [%[m], #460]\n\t"
+        "ldr	r9, [%[a], #460]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #460]\n\t"
+        /* a[i+116] += m[116] * mu */
+        "ldr	r10, [%[m], #464]\n\t"
+        "ldr	r9, [%[a], #464]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #464]\n\t"
+        /* a[i+117] += m[117] * mu */
+        "ldr	r10, [%[m], #468]\n\t"
+        "ldr	r9, [%[a], #468]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #468]\n\t"
+        /* a[i+118] += m[118] * mu */
+        "ldr	r10, [%[m], #472]\n\t"
+        "ldr	r9, [%[a], #472]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #472]\n\t"
+        /* a[i+119] += m[119] * mu */
+        "ldr	r10, [%[m], #476]\n\t"
+        "ldr	r9, [%[a], #476]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #476]\n\t"
+        /* a[i+120] += m[120] * mu */
+        "ldr	r10, [%[m], #480]\n\t"
+        "ldr	r9, [%[a], #480]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #480]\n\t"
+        /* a[i+121] += m[121] * mu */
+        "ldr	r10, [%[m], #484]\n\t"
+        "ldr	r9, [%[a], #484]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #484]\n\t"
+        /* a[i+122] += m[122] * mu */
+        "ldr	r10, [%[m], #488]\n\t"
+        "ldr	r9, [%[a], #488]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #488]\n\t"
+        /* a[i+123] += m[123] * mu */
+        "ldr	r10, [%[m], #492]\n\t"
+        "ldr	r9, [%[a], #492]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #492]\n\t"
+        /* a[i+124] += m[124] * mu */
+        "ldr	r10, [%[m], #496]\n\t"
+        "ldr	r9, [%[a], #496]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #496]\n\t"
+        /* a[i+125] += m[125] * mu */
+        "ldr	r10, [%[m], #500]\n\t"
+        "ldr	r9, [%[a], #500]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #500]\n\t"
+        /* a[i+126] += m[126] * mu */
+        "ldr	r10, [%[m], #504]\n\t"
+        "ldr	r9, [%[a], #504]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #504]\n\t"
+        /* a[i+127] += m[127] * mu */
+        "ldr	r10, [%[m], #508]\n\t"
+        "ldr	r9, [%[a], #508]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #512]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #508]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #512]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x200\n\t"
+        "blt	L_sp_4096_mont_reduce_128_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -56342,7 +57189,7 @@ static SP_NOINLINE void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -56356,7 +57203,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -56374,9 +57221,9 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -56397,7 +57244,7 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -56411,9 +57258,9 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -56643,7 +57490,7 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -56661,9 +57508,9 @@ static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -56703,7 +57550,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -56720,9 +57567,9 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -56752,7 +57599,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_4096_word_128_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -56780,7 +57627,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -56808,7 +57655,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -56841,7 +57688,7 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -56856,8 +57703,8 @@ static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -56913,7 +57760,8 @@ static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_4096_div_128_cond(a, m, NULL, r);
 }
@@ -56959,8 +57807,8 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -56968,7 +57816,7 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
         "mov	r5, #0\n\t"
         "mov	r3, #-1\n\t"
 #ifdef WOLFSSL_SP_SMALL
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r4, #0x1\n\t"
         "lsl	r4, r4, #8\n\t"
         "add	r4, r4, #0xfc\n\t"
@@ -58405,7 +59253,7 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -58419,8 +59267,8 @@ static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -58460,7 +59308,8 @@ static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_di
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_4096_div_128(a, m, NULL, r);
 }
@@ -58940,10 +59789,10 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
  */
 static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -58964,7 +59813,7 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -58980,10 +59829,10 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r8, #0\n\t"
@@ -59214,7 +60063,7 @@ static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp
         "adc	%[r], r8, r8\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -59536,9 +60385,9 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef HAVE_FFDHE_4096
 static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #31\n\t"
@@ -60312,7 +61161,7 @@ static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "str	r5, [%[r], #4]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
@@ -60607,16 +61456,19 @@ static const sp_digit p256_b[8] = {
  */
 static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x40\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_256_mul_8_outer_%=: \n\t"
         "subs	r3, r5, #28\n\t"
@@ -60627,7 +61479,44 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
     "L_sp_256_mul_8_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -60664,10 +61553,46 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #32\n\t"
-        "beq	L_sp_256_mul_8_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_256_mul_8_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_256_mul_8_inner_done_%=\n\t"
+        "blt	L_sp_256_mul_8_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_256_mul_8_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -60675,22 +61600,55 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #56\n\t"
+        "cmp	r5, #52\n\t"
         "ble	L_sp_256_mul_8_outer_%=\n\t"
+        "ldr	lr, [%[a], #28]\n\t"
+        "ldr	r11, [%[b], #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_256_mul_8_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_256_mul_8_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
@@ -60699,17 +61657,15 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
  */
 static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #32\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60732,14 +61688,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
         "mov	r5, #0\n\t"
-#else
-        "umull	r3, r4, r11, r12\n\t"
-        "mov	r5, #0\n\t"
-#endif
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60769,16 +61720,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60807,16 +61750,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60846,17 +61782,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60885,16 +61813,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60923,16 +61844,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -60962,16 +61876,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61000,15 +61906,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61037,16 +61936,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61075,16 +61967,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61114,16 +61999,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61152,16 +62029,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61190,16 +62060,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61228,16 +62091,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61266,16 +62122,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61305,17 +62154,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61344,15 +62185,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61381,15 +62215,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61418,16 +62245,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61456,16 +62276,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61494,16 +62307,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61533,17 +62339,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61572,15 +62370,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61609,16 +62400,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61647,16 +62431,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61685,16 +62462,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61723,16 +62493,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61761,16 +62524,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61800,17 +62556,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61839,16 +62587,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61877,15 +62618,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61914,15 +62648,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61951,16 +62678,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -61989,16 +62709,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62027,16 +62740,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62065,16 +62771,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #28]\n\t"
         /* A[7] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62104,17 +62803,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62143,15 +62834,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62180,16 +62864,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62218,16 +62895,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62256,16 +62926,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62294,16 +62957,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62332,16 +62988,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [%[r], #32]\n\t"
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62371,17 +63020,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62410,15 +63051,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62447,15 +63081,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62484,16 +63111,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62522,16 +63142,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62560,16 +63173,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [%[r], #36]\n\t"
         /* A[7] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62599,16 +63205,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62637,16 +63235,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62675,16 +63266,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62713,16 +63297,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62751,16 +63328,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #40]\n\t"
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62790,16 +63360,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62828,15 +63390,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62865,16 +63420,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62903,15 +63451,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r5, r5, r6\n\t"
         "adcs	r3, r3, r7\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r5, [%[r], #44]\n\t"
         /* A[7] * B[5] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62941,17 +63482,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -62980,16 +63513,9 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r11, r12\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -63018,15 +63544,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r3, r3, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r5, r5, #0\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
-#endif
         "str	r3, [%[r], #48]\n\t"
         /* A[6] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -63056,16 +63575,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r11, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -63094,15 +63605,8 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r12\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #52]\n\t"
         /* A[7] * B[7] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -63127,11 +63631,6 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
-#else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
-#endif
         "str	r5, [%[r], #56]\n\t"
         "str	r3, [%[r], #60]\n\t"
         "ldm	sp!, {r3, r4, r5, r6}\n\t"
@@ -63140,10 +63639,495 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #36\n\t"
+        "str	%[r], [sp, #32]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "ldr	lr, [%[b]]\n\t"
+        "umull	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "umull	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "umull	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "umull	r9, r10, r12, lr\n\t"
+        "str	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "mov	r11, %[r]\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	r3, %[r], #0\n\t"
+        "umlal	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "str	r5, [sp, #8]\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r9, %[r], #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "umlal	r9, r10, r12, lr\n\t"
+        "ldr	%[r], [sp, #32]\n\t"
+        "add	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #36\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	%[r], [sp, #36]\n\t"
+        "str	%[a], [sp, #40]\n\t"
+#else
+        "strd	%[r], %[a], [sp, #36]\n\t"
+#endif
+        "mov	lr, %[b]\n\t"
+        "ldm	%[a], {%[r], %[a], %[b], r3}\n\t"
+        "ldm	lr!, {r4, r5, r6}\n\t"
+        "umull	r10, r11, %[r], r4\n\t"
+        "umull	r12, r7, %[a], r4\n\t"
+        "umaal	r11, r12, %[r], r5\n\t"
+        "umull	r8, r9, %[b], r4\n\t"
+        "umaal	r12, r8, %[a], r5\n\t"
+        "umaal	r12, r7, %[r], r6\n\t"
+        "umaal	r8, r9, r3, r4\n\t"
+        "stm	sp, {r10, r11, r12}\n\t"
+        "umaal	r7, r8, %[b], r5\n\t"
+        "ldm	lr!, {r4}\n\t"
+        "umull	r10, r11, %[a], r6\n\t"
+        "umaal	r8, r9, %[b], r6\n\t"
+        "umaal	r7, r10, %[r], r4\n\t"
+        "umaal	r8, r11, r3, r5\n\t"
+        "str	r7, [sp, #12]\n\t"
+        "umaal	r8, r10, %[a], r4\n\t"
+        "umaal	r9, r11, r3, r6\n\t"
+        "umaal	r9, r10, %[b], r4\n\t"
+        "umaal	r10, r11, r3, r4\n\t"
+        "ldm	lr, {r4, r5, r6, r7}\n\t"
+        "mov	r12, #0\n\t"
+        "umlal	r8, r12, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r10, r12, %[b], r4\n\t"
+        "umaal	r11, r12, r3, r4\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r9, r4, %[r], r5\n\t"
+        "umaal	r10, r4, %[a], r5\n\t"
+        "umaal	r11, r4, %[b], r5\n\t"
+        "umaal	r12, r4, r3, r5\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, %[r], r6\n\t"
+        "umaal	r11, r5, %[a], r6\n\t"
+        "umaal	r12, r5, %[b], r6\n\t"
+        "umaal	r4, r5, r3, r6\n\t"
+        "mov	r6, #0\n\t"
+        "umlal	r11, r6, %[r], r7\n\t"
+        "ldr	%[r], [sp, #40]\n\t"
+        "umaal	r12, r6, %[a], r7\n\t"
+        "add	%[r], %[r], #16\n\t"
+        "umaal	r4, r6, %[b], r7\n\t"
+        "sub	lr, lr, #16\n\t"
+        "umaal	r5, r6, r3, r7\n\t"
+        "ldm	%[r], {%[r], %[a], %[b], r3}\n\t"
+        "str	r6, [sp, #32]\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r7, #0\n\t"
+        "umlal	r8, r7, %[r], r6\n\t"
+        "umaal	r9, r7, %[a], r6\n\t"
+        "str	r8, [sp, #16]\n\t"
+        "umaal	r10, r7, %[b], r6\n\t"
+        "umaal	r11, r7, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r8, #0\n\t"
+        "umlal	r9, r8, %[r], r6\n\t"
+        "umaal	r10, r8, %[a], r6\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "umaal	r11, r8, %[b], r6\n\t"
+        "umaal	r12, r8, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r10, r9, %[r], r6\n\t"
+        "umaal	r11, r9, %[a], r6\n\t"
+        "str	r10, [sp, #24]\n\t"
+        "umaal	r12, r9, %[b], r6\n\t"
+        "umaal	r4, r9, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r10, #0\n\t"
+        "umlal	r11, r10, %[r], r6\n\t"
+        "umaal	r12, r10, %[a], r6\n\t"
+        "str	r11, [sp, #28]\n\t"
+        "umaal	r4, r10, %[b], r6\n\t"
+        "umaal	r5, r10, r3, r6\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r12, r7, %[r], r11\n\t"
+        "umaal	r4, r7, %[a], r11\n\t"
+        "ldr	r6, [sp, #32]\n\t"
+        "umaal	r5, r7, %[b], r11\n\t"
+        "umaal	r6, r7, r3, r11\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r4, r8, %[r], r11\n\t"
+        "umaal	r5, r8, %[a], r11\n\t"
+        "umaal	r6, r8, %[b], r11\n\t"
+        "umaal	r7, r8, r3, r11\n\t"
+        "ldm	lr, {r11, lr}\n\t"
+        "umaal	r5, r9, %[r], r11\n\t"
+        "umaal	r6, r10, %[r], lr\n\t"
+        "umaal	r6, r9, %[a], r11\n\t"
+        "umaal	r7, r10, %[a], lr\n\t"
+        "umaal	r7, r9, %[b], r11\n\t"
+        "umaal	r8, r10, %[b], lr\n\t"
+        "umaal	r8, r9, r3, r11\n\t"
+        "umaal	r9, r10, r3, lr\n\t"
+        "mov	r3, r12\n\t"
+        "ldr	lr, [sp, #36]\n\t"
+        "add	lr, lr, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	lr, lr, #32\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #44\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+    );
+}
+
+#endif
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
 /* Square a and put result in r. (r = a * a)
@@ -63153,29 +64137,28 @@ static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p
  */
 static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x40\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_256_sqr_8_outer_%=: \n\t"
         "subs	r3, r5, #28\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_256_sqr_8_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_256_sqr_8_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -63224,11 +64207,13 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_256_sqr_8_op_done_%=\n\t"
-        "\n"
-    "L_sp_256_sqr_8_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_256_sqr_8_inner_done_%=\n\t"
+        "blt	L_sp_256_sqr_8_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -63255,38 +64240,55 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_256_sqr_8_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #32\n\t"
-        "beq	L_sp_256_sqr_8_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_256_sqr_8_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_256_sqr_8_inner_%=\n\t"
-        "\n"
     "L_sp_256_sqr_8_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #56\n\t"
+        "cmp	r5, #52\n\t"
         "ble	L_sp_256_sqr_8_outer_%=\n\t"
+        "ldr	lr, [%[a], #28]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_256_sqr_8_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_256_sqr_8_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
@@ -63294,14 +64296,13 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
  */
 static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #32\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -63312,15 +64313,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r2, r2, #17\n\t"
         "adds	r8, r8, r2\n\t"
         "adc	r3, r3, r9\n\t"
-#else
-        "umull	r8, r3, r10, r10\n\t"
-#endif
         "mov	r4, #0\n\t"
         "str	r8, [sp]\n\t"
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63361,22 +64358,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [sp, #4]\n\t"
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63417,20 +64402,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63450,17 +64423,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [sp, #8]\n\t"
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63501,21 +64467,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63555,20 +64509,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r2, [sp, #12]\n\t"
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63609,21 +64553,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63663,18 +64595,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63694,17 +64616,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [sp, #16]\n\t"
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63726,15 +64641,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r3, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63763,16 +64674,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63801,12 +64705,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -63817,7 +64715,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63839,15 +64736,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r4, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63876,16 +64769,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63914,15 +64800,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63945,15 +64824,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "adds	r2, r2, r5\n\t"
         "adcs	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
@@ -63961,7 +64831,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -63983,15 +64852,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r2, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64020,16 +64885,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64058,16 +64916,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64096,12 +64947,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -64112,7 +64957,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64134,15 +64978,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r3, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64171,16 +65011,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64209,15 +65042,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64240,15 +65066,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adc	r7, r7, r7\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "adds	r4, r4, r5\n\t"
         "adcs	r2, r2, r6\n\t"
         "adc	r3, r3, r7\n\t"
@@ -64256,7 +65073,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64278,15 +65094,11 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #16\n\t"
         "adds	r5, r5, r8\n\t"
         "adc	r6, r6, r9\n\t"
-#else
-        "umull	r5, r6, r10, r12\n\t"
-#endif
         "mov	r4, #0\n\t"
         "mov	r7, #0\n\t"
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64315,16 +65127,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64353,12 +65158,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r5, r5, r8\n\t"
         "adcs	r6, r6, r9\n\t"
         "adc	r7, r7, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r5, r5, r8\n\t"
-        "adcs	r6, r6, r9\n\t"
-        "adc	r7, r7, #0\n\t"
-#endif
         "adds	r5, r5, r5\n\t"
         "adcs	r6, r6, r6\n\t"
         "adc	r7, r7, r7\n\t"
@@ -64369,7 +65168,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64410,21 +65208,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64464,18 +65250,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64495,17 +65271,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [%[r], #40]\n\t"
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64546,21 +65315,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64600,20 +65357,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r4, r4, r8\n\t"
         "adcs	r2, r2, r9\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adcs	r2, r2, r9\n\t"
-        "adc	r3, r3, #0\n\t"
-#endif
         "str	r4, [%[r], #44]\n\t"
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64654,20 +65401,8 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64687,17 +65422,10 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r2, r2, r8\n\t"
         "adcs	r3, r3, r9\n\t"
         "adc	r4, r4, #0\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adc	r4, r4, #0\n\t"
-#endif
         "str	r2, [%[r], #48]\n\t"
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64738,21 +65466,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "adds	r3, r3, r8\n\t"
         "adcs	r4, r4, r9\n\t"
         "adc	r2, r2, #0\n\t"
-#else
-        "umull	r8, r9, r10, r12\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-        "adds	r3, r3, r8\n\t"
-        "adcs	r4, r4, r9\n\t"
-        "mov	r2, #0\n\t"
-        "adc	r2, r2, #0\n\t"
-#endif
         "str	r3, [%[r], #52]\n\t"
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -64770,11 +65486,6 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "lsl	r8, r8, #17\n\t"
         "adds	r4, r4, r8\n\t"
         "adc	r2, r2, r9\n\t"
-#else
-        "umull	r8, r9, r10, r10\n\t"
-        "adds	r4, r4, r8\n\t"
-        "adc	r2, r2, r9\n\t"
-#endif
         "str	r4, [%[r], #56]\n\t"
         "str	r2, [%[r], #60]\n\t"
         "ldm	sp!, {r2, r3, r4, r8}\n\t"
@@ -64783,10 +65494,370 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2, r3, r4, r8}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
+    );
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[r], [sp, #64]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * A[1] */
+        "ldr	lr, [%[a], #4]\n\t"
+        "umull	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "umull	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "umull	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "umull	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[a], #12]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[a], #16]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[a], #20]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[a], #24]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[a], #28]\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "ldr	r12, [%[a]]\n\t"
+        "umull	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, r12\n\t"
+        "adds	r10, r10, r11\n\t"
+        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r12, r12\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "add	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "sub	%[r], %[r], #32\n\t"
+        "stm	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #32\n\t"
+        "str	%[r], [sp, #28]\n\t"
+        "ldm	%[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+        "umull	r9, r10, %[r], %[r]\n\t"
+        "umull	r11, r12, %[r], %[a]\n\t"
+        "adds	r11, r11, r11\n\t"
+        "mov	lr, #0\n\t"
+        "umaal	r10, r11, lr, lr\n\t"
+        "stm	sp, {r9, r10}\n\t"
+        "mov	r8, lr\n\t"
+        "umaal	r8, r12, %[r], r2\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r8, r11, %[a], %[a]\n\t"
+        "umull	r9, r10, %[r], r3\n\t"
+        "umaal	r9, r12, %[a], r2\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [sp, #8]\n\t"
+        "str	r9, [sp, #12]\n\t"
+#else
+        "strd	r8, r9, [sp, #8]\n\t"
+#endif
+        "mov	r9, lr\n\t"
+        "umaal	r9, r10, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r2, r2\n\t"
+        "str	r9, [sp, #16]\n\t"
+        "umull	r9, r8, %[r], r5\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r9, r10, r2, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r8, %[r], r6\n\t"
+        "umaal	r9, r12, %[a], r5\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r3, r3\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "umull	%[r], r9, %[r], r7\n\t"
+        "umaal	%[r], r8, %[a], r6\n\t"
+        "umaal	%[r], r12, r2, r5\n\t"
+        "umaal	%[r], r10, r3, r4\n\t"
+        "adcs	%[r], %[r], %[r]\n\t"
+        "umaal	%[r], r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "umaal	r9, r8, %[a], r7\n\t"
+        "umaal	r9, r10, r2, r6\n\t"
+        "umaal	r12, r9, r3, r5\n\t"
+        "adcs	r12, r12, r12\n\t"
+        "umaal	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "umaal	r9, r8, r2, r7\n\t"
+        "umaal	r10, r9, r3, r6\n\t"
+        "mov	r2, lr\n\t"
+        "umaal	r10, r2, r4, r5\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "umaal	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "umaal	r2, r8, r3, r7\n\t"
+        "umaal	r2, r9, r4, r6\n\t"
+        "adcs	r3, r2, r2\n\t"
+        "umaal	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "mov	%[a], lr\n\t"
+        "umaal	%[a], r8, r4, r7\n\t"
+        "umaal	%[a], r9, r5, r6\n\t"
+        "adcs	r4, %[a], %[a]\n\t"
+        "umaal	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "umaal	r8, r9, r5, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "mov	r5, lr\n\t"
+        "umaal	r5, r9, r6, r7\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "umaal	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r5, r7, r7\n\t"
+        "adcs	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "ldr	lr, [sp, #28]\n\t"
+        "add	lr, lr, #28\n\t"
+        "stm	lr!, {%[r], r12}\n\t"
+        "stm	lr!, {r11}\n\t"
+        "stm	lr!, {r10}\n\t"
+        "stm	lr!, {r3, r4, r8, r9}\n\t"
+        "stm	lr!, {r7}\n\t"
+        "sub	lr, lr, #0x40\n\t"
+        "ldm	sp, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+        "stm	lr, {%[r], %[a], r2, r3, r4, r5, r6}\n\t"
+        "add	sp, sp, #32\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#endif
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
 /* Add b to a into r. (r = a + b)
@@ -64797,9 +65868,9 @@ static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -64821,7 +65892,7 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -64835,12 +65906,11 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
  */
 static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -64855,84 +65925,11 @@ static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #32\n\t"
-        "\n"
-    "L_sp_256_sub_8_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_256_sub_8_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -64946,8 +65943,8 @@ static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit*
  */
 static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #24\n\t"
@@ -65168,7 +66165,7 @@ static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_di
         "add	sp, sp, #24\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
     );
     (void)m_p;
     return (uint32_t)(size_t)r;
@@ -65184,14 +66181,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -65369,6 +66366,7 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
     return err;
 }
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -65376,13 +66374,13 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x44\n\t"
@@ -65390,7 +66388,6 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         /* A[0] * B[0] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r8, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65412,13 +66409,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r8, r8, r3\n\t"
         "adc	r9, r9, r4\n\t"
-#else
-        "umull	r8, r9, r6, r7\n\t"
-#endif
         "str	r8, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65444,15 +66437,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r9, r9, r3\n\t"
         "adc	r10, r10, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r4, #0\n\t"
-#endif
         /* A[1] * B[0] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65481,16 +66468,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         "str	r9, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65515,15 +66495,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r10, r10, r3\n\t"
         "adc	lr, lr, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, r4, lr\n\t"
-#endif
         /* A[1] * B[1] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65552,16 +66526,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, #0\n\t"
-#endif
         /* A[0] * B[2] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65590,16 +66557,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         "str	r10, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65628,16 +66588,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         /* A[1] * B[2] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65666,16 +66619,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[2] * B[1] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65704,16 +66650,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[3] * B[0] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65742,16 +66681,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         "str	lr, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65780,16 +66712,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         /* A[3] * B[1] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65818,16 +66743,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[2] * B[2] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65856,16 +66774,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[1] * B[3] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65894,16 +66805,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[0] * B[4] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65932,16 +66836,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         "str	r8, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -65970,16 +66867,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         /* A[1] * B[4] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66008,16 +66898,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[2] * B[3] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66046,16 +66929,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[3] * B[2] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66084,16 +66960,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[4] * B[1] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66122,16 +66991,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[5] * B[0] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66160,16 +67022,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         "str	r9, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66198,16 +67053,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, #0\n\t"
-#endif
         /* A[5] * B[1] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66236,16 +67084,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[4] * B[2] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66274,16 +67115,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[3] * B[3] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66312,16 +67146,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[2] * B[4] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66350,16 +67177,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[1] * B[5] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66388,16 +67208,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[0] * B[6] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66426,16 +67239,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         "str	r10, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66464,16 +67270,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         /* A[1] * B[6] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66502,16 +67301,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[2] * B[5] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66540,16 +67332,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[3] * B[4] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66578,16 +67363,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[4] * B[3] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66616,16 +67394,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[5] * B[2] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66654,16 +67425,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[6] * B[1] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66692,16 +67456,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[7] * B[0] */
         "ldr	r6, [%[a], #28]\n\t"
         "ldr	r7, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66730,16 +67487,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         "str	lr, [sp, #28]\n\t"
         /* A[7] * B[1] */
         "ldr	r7, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66768,16 +67518,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         /* A[6] * B[2] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66806,16 +67549,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[5] * B[3] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66844,16 +67580,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[4] * B[4] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66882,16 +67611,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[3] * B[5] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66920,16 +67642,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[2] * B[6] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66958,16 +67673,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[1] * B[7] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -66996,16 +67704,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         "str	r8, [sp, #32]\n\t"
         /* A[2] * B[7] */
         "ldr	r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67034,16 +67735,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         /* A[3] * B[6] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67072,16 +67766,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[4] * B[5] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67110,16 +67797,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[5] * B[4] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67148,16 +67828,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[6] * B[3] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67186,16 +67859,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[7] * B[2] */
         "ldr	r6, [%[a], #28]\n\t"
         "ldr	r7, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67224,16 +67890,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         "str	r9, [sp, #36]\n\t"
         /* A[7] * B[3] */
         "ldr	r7, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67262,16 +67921,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, #0\n\t"
-#endif
         /* A[6] * B[4] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67300,16 +67952,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[5] * B[5] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67338,16 +67983,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[4] * B[6] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67376,16 +68014,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[3] * B[7] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67414,16 +68045,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         "str	r10, [sp, #40]\n\t"
         /* A[4] * B[7] */
         "ldr	r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67452,16 +68076,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         /* A[5] * B[6] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67490,16 +68107,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[6] * B[5] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67528,16 +68138,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[7] * B[4] */
         "ldr	r6, [%[a], #28]\n\t"
         "ldr	r7, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67566,16 +68169,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         "str	lr, [sp, #44]\n\t"
         /* A[7] * B[5] */
         "ldr	r7, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67604,16 +68200,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         /* A[6] * B[6] */
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67642,16 +68231,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[5] * B[7] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67680,15 +68262,8 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[6] * B[7] */
         "ldr	r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67717,16 +68292,9 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         /* A[7] * B[6] */
         "ldr	r6, [%[a], #28]\n\t"
         "ldr	r7, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67755,15 +68323,8 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[7] * B[7] */
         "ldr	r7, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67788,194 +68349,896 @@ static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r10, r10, r3\n\t"
         "adc	lr, lr, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, r4, lr\n\t"
-#endif
         "str	r8, [sp, #48]\n\t"
         "str	r9, [sp, #52]\n\t"
         "str	r10, [sp, #56]\n\t"
         "str	lr, [sp, #60]\n\t"
+        "str	%[r], [sp, #64]\n\t"
         /* Start Reduction */
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	lr, [sp, #28]\n\t"
-        /* mu = a[0..7] + a[0..4] << 96 + (a[0..1] * 2) << 192 */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
         /*    - a[0] << 224 */
-        /*   + (a[0..1] * 2) << (6 * 32) */
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, r5\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, r5\n\t"
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
         /*   - a[0] << (7 * 32) */
-        "sub	lr, lr, r4\n\t"
-        /*   + a[0..4] << (3 * 32) */
-        "mov	%[a], r7\n\t"
-        "mov	r12, r8\n\t"
-        "adds	r7, r7, r4\n\t"
-        "adcs	r8, r8, r5\n\t"
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
         "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	lr, lr, r12\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "str	r9, [sp, #20]\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
         /* a += mu * m */
         /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[6] += t[0] + t[3] */
-        /* a[7] += t[1] + t[4] */
-        "ldr	%[a], [sp, #24]\n\t"
-        "ldr	%[b], [sp, #28]\n\t"
-        "adds	%[a], %[a], r4\n\t"
-        "adcs	%[b], %[b], r5\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r7\n\t"
-        "adcs	%[b], %[b], r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "str	lr, [sp, #28]\n\t"
-        "str	%[b], [sp, #64]\n\t"
-        /* a[8] += t[0] + t[2] + t[5] */
-        /* a[9] += t[1] + t[3] + t[6] */
-        /* a[10] += t[2] + t[4] + t[7] */
-        "ldr	%[a], [sp, #32]\n\t"
-        "ldr	%[b], [sp, #36]\n\t"
-        "ldr	r3, [sp, #40]\n\t"
-        "adds	%[a], %[a], r12\n\t"
-        "adcs	%[b], %[b], #0\n\t"
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
         "adcs	r3, r3, #0\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r4\n\t"
-        "adcs	%[b], %[b], r5\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
         "adcs	r3, r3, r6\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adcs	%[b], %[b], r7\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
         "adcs	r3, r3, r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r9\n\t"
-        "adcs	%[b], %[b], r10\n\t"
-        "adcs	r3, r3, lr\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	%[a], [sp, #32]\n\t"
-        "str	%[b], [sp, #36]\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* a[11] += t[3] + t[5] */
-        /* a[12] += t[4] + t[6] */
-        /* a[13] += t[5] + t[7] */
-        /* a[14] += t[6] */
-        /* a[15] += t[7] */
-        "ldr	%[a], [sp, #44]\n\t"
-        "ldr	%[b], [sp, #48]\n\t"
-        "ldr	r3, [sp, #52]\n\t"
-        "ldr	r4, [sp, #56]\n\t"
-        "ldr	r5, [sp, #60]\n\t"
-        "adds	%[a], %[a], r12\n\t"
-        "adcs	%[b], %[b], #0\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
         "adcs	r3, r3, #0\n\t"
         "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r7\n\t"
-        "adcs	%[b], %[b], r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, lr\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r9\n\t"
-        "adcs	%[b], %[b], r10\n\t"
-        "adcs	r3, r3, lr\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
         "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	%[a], [sp, #44]\n\t"
-        "str	%[b], [sp, #48]\n\t"
-        "str	r3, [sp, #52]\n\t"
-        "str	r4, [sp, #56]\n\t"
-        "str	r5, [sp, #60]\n\t"
-        "ldr	%[a], [sp, #64]\n\t"
-        "ldr	%[b], [sp, #32]\n\t"
-        "ldr	r3, [sp, #36]\n\t"
-        "ldr	r4, [sp, #40]\n\t"
-        "ldr	r8, [sp]\n\t"
-        "ldr	r9, [sp, #4]\n\t"
-        "ldr	r10, [sp, #8]\n\t"
-        "ldr	lr, [sp, #12]\n\t"
-        "subs	%[a], %[a], r8\n\t"
-        "sbcs	%[b], %[b], r9\n\t"
-        "sbcs	r3, r3, r10\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "str	%[b], [sp, #32]\n\t"
-        "str	r3, [sp, #36]\n\t"
-        "str	r4, [sp, #40]\n\t"
-        "ldr	%[a], [sp, #44]\n\t"
-        "ldr	%[b], [sp, #48]\n\t"
-        "ldr	r3, [sp, #52]\n\t"
-        "ldr	r4, [sp, #56]\n\t"
-        "ldr	r5, [sp, #60]\n\t"
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	lr, [sp, #28]\n\t"
-        "sbcs	%[a], %[a], r8\n\t"
-        "sbcs	%[b], %[b], r9\n\t"
-        "sbcs	r3, r3, r10\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "sbc	r5, r5, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
+        "sbcs	r7, r7, r12\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
         /* mask m and sub from result if overflow */
-        "rsb	r12, r12, #0\n\t"
-        "and	lr, r12, #1\n\t"
-        "ldr	r6, [sp, #32]\n\t"
-        "ldr	r7, [sp, #36]\n\t"
-        "ldr	r8, [sp, #40]\n\t"
-        "subs	r6, r6, r12\n\t"
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r12", "cc"
+    );
+    (void)m_p;
+    (void)mp_p;
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r   Result of multiplication.
+ * a   First number to multiply in Montgomery form.
+ * b   Second number to multiply in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[r], [sp, #64]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "ldr	lr, [%[b]]\n\t"
+        "umull	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "umull	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "umull	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "umull	r9, r10, r12, lr\n\t"
+        "str	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "mov	r11, %[r]\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adcs	r6, r6, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adc	r3, %[r], #0\n\t"
+        "umlal	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "str	r5, [sp, #8]\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r9, %[r], #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "ldr	lr, [%[b]]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "ldr	lr, [%[b], #4]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "ldr	lr, [%[b], #8]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "ldr	lr, [%[b], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "ldr	lr, [%[b], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "ldr	lr, [%[b], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "ldr	lr, [%[b], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "ldr	lr, [%[b], #28]\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "umlal	r9, r10, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* Start Reduction */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
+        "adcs	r9, r9, r6\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
+        "adcs	r3, r3, r6\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
         "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, r12\n\t"
-        "sbcs	%[a], %[a], #0\n\t"
-        "sbcs	%[b], %[b], #0\n\t"
-        "sbcs	r3, r3, #0\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "sbc	r5, r5, r12\n\t"
-        "stm	%[r]!, {r6, r7, r8}\n\t"
-        "stm	%[r]!, {%[a], %[b], r3, r4, r5}\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
+        /* mask m and sub from result if overflow */
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
         "add	sp, sp, #0x44\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    (void)m_p;
     (void)mp_p;
+}
+
+#else
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r   Result of multiplication.
+ * a   First number to multiply in Montgomery form.
+ * b   Second number to multiply in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x4c\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	%[r], [sp, #68]\n\t"
+        "str	%[a], [sp, #72]\n\t"
+#else
+        "strd	%[r], %[a], [sp, #68]\n\t"
+#endif
+        "mov	lr, %[b]\n\t"
+        "ldm	%[a], {%[r], %[a], %[b], r3}\n\t"
+        "ldm	lr!, {r4, r5, r6}\n\t"
+        "umull	r10, r11, %[r], r4\n\t"
+        "umull	r12, r7, %[a], r4\n\t"
+        "umaal	r11, r12, %[r], r5\n\t"
+        "umull	r8, r9, %[b], r4\n\t"
+        "umaal	r12, r8, %[a], r5\n\t"
+        "umaal	r12, r7, %[r], r6\n\t"
+        "umaal	r8, r9, r3, r4\n\t"
+        "stm	sp, {r10, r11, r12}\n\t"
+        "umaal	r7, r8, %[b], r5\n\t"
+        "ldm	lr!, {r4}\n\t"
+        "umull	r10, r11, %[a], r6\n\t"
+        "umaal	r8, r9, %[b], r6\n\t"
+        "umaal	r7, r10, %[r], r4\n\t"
+        "umaal	r8, r11, r3, r5\n\t"
+        "str	r7, [sp, #12]\n\t"
+        "umaal	r8, r10, %[a], r4\n\t"
+        "umaal	r9, r11, r3, r6\n\t"
+        "umaal	r9, r10, %[b], r4\n\t"
+        "umaal	r10, r11, r3, r4\n\t"
+        "ldm	lr, {r4, r5, r6, r7}\n\t"
+        "mov	r12, #0\n\t"
+        "umlal	r8, r12, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r10, r12, %[b], r4\n\t"
+        "umaal	r11, r12, r3, r4\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r9, r4, %[r], r5\n\t"
+        "umaal	r10, r4, %[a], r5\n\t"
+        "umaal	r11, r4, %[b], r5\n\t"
+        "umaal	r12, r4, r3, r5\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, %[r], r6\n\t"
+        "umaal	r11, r5, %[a], r6\n\t"
+        "umaal	r12, r5, %[b], r6\n\t"
+        "umaal	r4, r5, r3, r6\n\t"
+        "mov	r6, #0\n\t"
+        "umlal	r11, r6, %[r], r7\n\t"
+        "ldr	%[r], [sp, #72]\n\t"
+        "umaal	r12, r6, %[a], r7\n\t"
+        "add	%[r], %[r], #16\n\t"
+        "umaal	r4, r6, %[b], r7\n\t"
+        "sub	lr, lr, #16\n\t"
+        "umaal	r5, r6, r3, r7\n\t"
+        "ldm	%[r], {%[r], %[a], %[b], r3}\n\t"
+        "str	r6, [sp, #64]\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r7, #0\n\t"
+        "umlal	r8, r7, %[r], r6\n\t"
+        "umaal	r9, r7, %[a], r6\n\t"
+        "str	r8, [sp, #16]\n\t"
+        "umaal	r10, r7, %[b], r6\n\t"
+        "umaal	r11, r7, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r8, #0\n\t"
+        "umlal	r9, r8, %[r], r6\n\t"
+        "umaal	r10, r8, %[a], r6\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "umaal	r11, r8, %[b], r6\n\t"
+        "umaal	r12, r8, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r10, r9, %[r], r6\n\t"
+        "umaal	r11, r9, %[a], r6\n\t"
+        "str	r10, [sp, #24]\n\t"
+        "umaal	r12, r9, %[b], r6\n\t"
+        "umaal	r4, r9, r3, r6\n\t"
+        "ldm	lr!, {r6}\n\t"
+        "mov	r10, #0\n\t"
+        "umlal	r11, r10, %[r], r6\n\t"
+        "umaal	r12, r10, %[a], r6\n\t"
+        "str	r11, [sp, #28]\n\t"
+        "umaal	r4, r10, %[b], r6\n\t"
+        "umaal	r5, r10, r3, r6\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r12, r7, %[r], r11\n\t"
+        "umaal	r4, r7, %[a], r11\n\t"
+        "ldr	r6, [sp, #64]\n\t"
+        "umaal	r5, r7, %[b], r11\n\t"
+        "umaal	r6, r7, r3, r11\n\t"
+        "ldm	lr!, {r11}\n\t"
+        "umaal	r4, r8, %[r], r11\n\t"
+        "umaal	r5, r8, %[a], r11\n\t"
+        "umaal	r6, r8, %[b], r11\n\t"
+        "umaal	r7, r8, r3, r11\n\t"
+        "ldm	lr, {r11, lr}\n\t"
+        "umaal	r5, r9, %[r], r11\n\t"
+        "umaal	r6, r10, %[r], lr\n\t"
+        "umaal	r6, r9, %[a], r11\n\t"
+        "umaal	r7, r10, %[a], lr\n\t"
+        "umaal	r7, r9, %[b], r11\n\t"
+        "umaal	r8, r10, %[b], lr\n\t"
+        "umaal	r8, r9, r3, r11\n\t"
+        "umaal	r9, r10, r3, lr\n\t"
+        "mov	r3, r12\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* Start Reduction */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
+        "adcs	r9, r9, r6\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
+        "adcs	r3, r3, r6\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
+        "sbcs	r7, r7, r12\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
+        /* mask m and sub from result if overflow */
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #68]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x4c\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+    );
     (void)m_p;
     (void)mp_p;
 }
 
+#endif
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
  *
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x44\n\t"
+        "sub	sp, sp, #0x44\n\t"
         "mov	r5, #0\n\t"
         /* A[0] * A[1] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r9, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -67997,13 +69260,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r9, r9, r3\n\t"
         "adc	r10, r10, r4\n\t"
-#else
-        "umull	r9, r10, r6, r7\n\t"
-#endif
         "str	r9, [sp, #4]\n\t"
         /* A[0] * A[2] */
         "ldr	r7, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68029,15 +69288,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r10, r10, r3\n\t"
         "adc	lr, lr, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adc	lr, r4, #0\n\t"
-#endif
         "str	r10, [sp, #8]\n\t"
         /* A[0] * A[3] */
         "ldr	r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68063,15 +69316,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	lr, lr, r3\n\t"
         "adc	r8, r8, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adc	r8, r4, #0\n\t"
-#endif
         /* A[1] * A[2] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68100,16 +69347,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         "str	lr, [sp, #12]\n\t"
         /* A[1] * A[3] */
         "ldr	r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68134,15 +69374,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r8, r8, r3\n\t"
         "adc	r9, r9, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adc	r9, r4, r9\n\t"
-#endif
         /* A[0] * A[4] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68171,16 +69405,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         "str	r8, [sp, #16]\n\t"
         /* A[0] * A[5] */
         "ldr	r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68205,15 +69432,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r9, r9, r3\n\t"
         "adc	r10, r10, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r4, r10\n\t"
-#endif
         /* A[1] * A[4] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68242,16 +69463,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         /* A[2] * A[3] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68280,16 +69494,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         "str	r9, [sp, #20]\n\t"
         /* A[2] * A[4] */
         "ldr	r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68318,16 +69525,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, #0\n\t"
-#endif
         /* A[1] * A[5] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68356,16 +69556,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         /* A[0] * A[6] */
         "ldr	r6, [%[a]]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68394,16 +69587,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         "str	r10, [sp, #24]\n\t"
         /* A[0] * A[7] */
         "ldr	r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68432,16 +69618,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         /* A[1] * A[6] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68470,16 +69649,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[2] * A[5] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68508,16 +69680,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         /* A[3] * A[4] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68546,16 +69711,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         "str	lr, [sp, #28]\n\t"
         /* A[3] * A[5] */
         "ldr	r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68584,16 +69742,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         /* A[2] * A[6] */
         "ldr	r6, [%[a], #8]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68622,16 +69773,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         /* A[1] * A[7] */
         "ldr	r6, [%[a], #4]\n\t"
         "ldr	r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68660,16 +69804,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-#endif
         "str	r8, [sp, #32]\n\t"
         /* A[2] * A[7] */
         "ldr	r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68698,16 +69835,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, #0\n\t"
-#endif
         /* A[3] * A[6] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68736,16 +69866,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         /* A[4] * A[5] */
         "ldr	r6, [%[a], #16]\n\t"
         "ldr	r7, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68774,16 +69897,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r9, r9, r3\n\t"
         "adcs	r10, r10, r4\n\t"
         "adc	lr, lr, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	lr, r5, lr\n\t"
-#endif
         "str	r9, [sp, #36]\n\t"
         /* A[4] * A[6] */
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68812,16 +69928,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, #0\n\t"
-#endif
         /* A[3] * A[7] */
         "ldr	r6, [%[a], #12]\n\t"
         "ldr	r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68850,16 +69959,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r10, r10, r3\n\t"
         "adcs	lr, lr, r4\n\t"
         "adc	r8, r8, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r10, r10, r3\n\t"
-        "adcs	lr, r4, lr\n\t"
-        "adc	r8, r5, r8\n\t"
-#endif
         "str	r10, [sp, #40]\n\t"
         /* A[4] * A[7] */
         "ldr	r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68888,16 +69990,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, #0\n\t"
-#endif
         /* A[5] * A[6] */
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68926,16 +70021,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	lr, lr, r3\n\t"
         "adcs	r8, r8, r4\n\t"
         "adc	r9, r9, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	lr, lr, r3\n\t"
-        "adcs	r8, r4, r8\n\t"
-        "adc	r9, r5, r9\n\t"
-#endif
         "str	lr, [sp, #44]\n\t"
         /* A[5] * A[7] */
         "ldr	r7, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68964,16 +70052,9 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "adds	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
         "adc	r10, r10, #0\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r8, r8, r3\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-#endif
         "str	r8, [sp, #48]\n\t"
         /* A[6] * A[7] */
         "ldr	r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r3, r6, #16\n\t"
         "lsl	r4, r7, #16\n\t"
         "lsr	r3, r3, #16\n\t"
@@ -68998,11 +70079,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r3, r3, #16\n\t"
         "adds	r9, r9, r3\n\t"
         "adc	r10, r10, r4\n\t"
-#else
-        "umull	r3, r4, r6, r7\n\t"
-        "adds	r9, r9, r3\n\t"
-        "adc	r10, r4, r10\n\t"
-#endif
         "str	r9, [sp, #52]\n\t"
         "str	r10, [sp, #56]\n\t"
         /* Double */
@@ -69055,7 +70131,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "ldr	r12, [sp, #12]\n\t"
         /* A[0] * A[0] */
         "ldr	r6, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69066,12 +70141,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adds	r8, r8, r6\n\t"
         "adc	r9, r9, r7\n\t"
-#else
-        "umull	r8, r9, r6, r6\n\t"
-#endif
         /* A[1] * A[1] */
         "ldr	r6, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69082,9 +70153,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	lr, lr, r7\n\t"
-#else
-        "umull	r10, lr, r6, r6\n\t"
-#endif
         "adds	r9, r9, r4\n\t"
         "adcs	r10, r10, r5\n\t"
         "adcs	lr, lr, r12\n\t"
@@ -69098,7 +70166,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "ldr	r12, [sp, #28]\n\t"
         /* A[2] * A[2] */
         "ldr	r6, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69109,12 +70176,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adcs	r8, r8, r6\n\t"
         "adc	r9, r9, r7\n\t"
-#else
-        "umull	r8, r9, r6, r6\n\t"
-#endif
         /* A[3] * A[3] */
         "ldr	r6, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69125,10 +70188,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	lr, lr, r7\n\t"
-#else
-        "umull	r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "adcs	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
 #else
@@ -69147,7 +70207,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "ldr	r12, [sp, #44]\n\t"
         /* A[4] * A[4] */
         "ldr	r6, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69158,12 +70217,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adcs	r8, r8, r6\n\t"
         "adc	r9, r9, r7\n\t"
-#else
-        "umull	r8, r9, r6, r6\n\t"
-#endif
         /* A[5] * A[5] */
         "ldr	r6, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69174,10 +70229,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	lr, lr, r7\n\t"
-#else
-        "umull	r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "adcs	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
 #else
@@ -69196,7 +70248,6 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "ldr	r12, [sp, #60]\n\t"
         /* A[6] * A[6] */
         "ldr	r6, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69207,12 +70258,8 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adcs	r8, r8, r6\n\t"
         "adc	r9, r9, r7\n\t"
-#else
-        "umull	r8, r9, r6, r6\n\t"
-#endif
         /* A[7] * A[7] */
         "ldr	r6, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -69223,10 +70270,7 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "lsl	r6, r6, #17\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	lr, lr, r7\n\t"
-#else
-        "umull	r10, lr, r6, r6\n\t"
-#endif
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "adcs	r8, r8, r3\n\t"
         "adcs	r9, r9, r4\n\t"
 #else
@@ -69239,165 +70283,746 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
         "str	r9, [sp, #52]\n\t"
         "str	r10, [sp, #56]\n\t"
         "str	lr, [sp, #60]\n\t"
+        "str	%[r], [sp, #64]\n\t"
         /* Start Reduction */
-        "ldr	r4, [sp]\n\t"
-        "ldr	r5, [sp, #4]\n\t"
-        "ldr	r6, [sp, #8]\n\t"
-        "ldr	r7, [sp, #12]\n\t"
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	lr, [sp, #28]\n\t"
-        /* mu = a[0..7] + a[0..4] << 96 + (a[0..1] * 2) << 192 */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
         /*    - a[0] << 224 */
-        /*   + (a[0..1] * 2) << (6 * 32) */
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, r5\n\t"
-        "adds	r10, r10, r4\n\t"
-        "adc	lr, lr, r5\n\t"
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
         /*   - a[0] << (7 * 32) */
-        "sub	lr, lr, r4\n\t"
-        /*   + a[0..4] << (3 * 32) */
-        "mov	%[a], r7\n\t"
-        "mov	r12, r8\n\t"
-        "adds	r7, r7, r4\n\t"
-        "adcs	r8, r8, r5\n\t"
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
         "adcs	r9, r9, r6\n\t"
-        "adcs	r10, r10, %[a]\n\t"
-        "adc	lr, lr, r12\n\t"
-        "str	r7, [sp, #12]\n\t"
-        "str	r8, [sp, #16]\n\t"
-        "str	r9, [sp, #20]\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
         /* a += mu * m */
         /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        /* a[6] += t[0] + t[3] */
-        /* a[7] += t[1] + t[4] */
-        "ldr	%[a], [sp, #24]\n\t"
-        "ldr	r2, [sp, #28]\n\t"
-        "adds	%[a], %[a], r4\n\t"
-        "adcs	r2, r2, r5\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r7\n\t"
-        "adcs	r2, r2, r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	r10, [sp, #24]\n\t"
-        "str	lr, [sp, #28]\n\t"
-        "str	r2, [sp, #64]\n\t"
-        /* a[8] += t[0] + t[2] + t[5] */
-        /* a[9] += t[1] + t[3] + t[6] */
-        /* a[10] += t[2] + t[4] + t[7] */
-        "ldr	%[a], [sp, #32]\n\t"
-        "ldr	r2, [sp, #36]\n\t"
-        "ldr	r3, [sp, #40]\n\t"
-        "adds	%[a], %[a], r12\n\t"
-        "adcs	r2, r2, #0\n\t"
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
         "adcs	r3, r3, #0\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r4\n\t"
-        "adcs	r2, r2, r5\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
         "adcs	r3, r3, r6\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adcs	r2, r2, r7\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
         "adcs	r3, r3, r8\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r9\n\t"
-        "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, lr\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	%[a], [sp, #32]\n\t"
-        "str	r2, [sp, #36]\n\t"
-        "str	r3, [sp, #40]\n\t"
-        /* a[11] += t[3] + t[5] */
-        /* a[12] += t[4] + t[6] */
-        /* a[13] += t[5] + t[7] */
-        /* a[14] += t[6] */
-        /* a[15] += t[7] */
-        "ldr	%[a], [sp, #44]\n\t"
-        "ldr	r2, [sp, #48]\n\t"
-        "ldr	r3, [sp, #52]\n\t"
-        "ldr	r4, [sp, #56]\n\t"
-        "ldr	r5, [sp, #60]\n\t"
-        "adds	%[a], %[a], r12\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
         "adcs	r2, r2, #0\n\t"
         "adcs	r3, r3, #0\n\t"
         "adcs	r4, r4, #0\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r12, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r7\n\t"
-        "adcs	r2, r2, r8\n\t"
-        "adcs	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, lr\n\t"
-        "adc	r12, r12, #0\n\t"
-        "adds	%[a], %[a], r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
         "adcs	r2, r2, r10\n\t"
-        "adcs	r3, r3, lr\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
         "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
+        "sbcs	r7, r7, r12\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
+        /* mask m and sub from result if overflow */
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r12", "r8", "r9", "r10", "lr", "cc"
+    );
+    (void)m_p;
+    (void)mp_p;
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r   Result of squaring.
+ * a   Number to square in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[r], [sp, #64]\n\t"
+        "mov	%[r], #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        /* A[0] * A[1] */
+        "ldr	lr, [%[a], #4]\n\t"
+        "umull	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "umull	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "umull	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "umull	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "str	r4, [sp, #4]\n\t"
+        "str	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "ldr	r12, [%[a], #4]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "str	r6, [sp, #12]\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "ldr	lr, [%[a], #12]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, lr\n\t"
+        "str	r7, [sp, #16]\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r4, %[r], #0\n\t"
+        "umlal	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "ldr	lr, [%[a], #12]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r8, r11, r12, lr\n\t"
+        "str	r8, [sp, #20]\n\t"
+        "adds	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "ldr	lr, [%[a], #16]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, lr\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "adds	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r5, %[r], #0\n\t"
+        "umlal	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "ldr	lr, [%[a], #16]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r10, r11, r12, lr\n\t"
+        "str	r10, [sp, #28]\n\t"
+        "adds	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "ldr	lr, [%[a], #20]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, lr\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r6, %[r], #0\n\t"
+        "umlal	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "ldr	lr, [%[a], #20]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r4, r11, r12, lr\n\t"
+        "adds	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "ldr	lr, [%[a], #24]\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, lr\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r7, %[r], #0\n\t"
+        "umlal	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "ldr	lr, [%[a], #24]\n\t"
+        "mov	r11, #0\n\t"
+        "umlal	r6, r11, r12, lr\n\t"
+        "adds	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "ldr	lr, [%[a], #28]\n\t"
+        "adc	r8, %[r], #0\n\t"
+        "umlal	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "ldr	lr, [%[a], #28]\n\t"
+        "mov	r9, #0\n\t"
+        "umlal	r8, r9, r12, lr\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "adds	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "stm	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "adcs	r3, r3, r3\n\t"
+        "adcs	r4, r4, r4\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "adcs	r6, r6, r6\n\t"
+        "adcs	r7, r7, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "adc	r10, %[r], #0\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "add	lr, sp, #4\n\t"
+        "ldm	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "mov	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "ldr	r12, [%[a]]\n\t"
+        "umull	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "ldr	r12, [%[a], #4]\n\t"
         "adcs	r5, r5, #0\n\t"
-        "adc	r12, r12, #0\n\t"
-        "str	%[a], [sp, #44]\n\t"
-        "str	r2, [sp, #48]\n\t"
-        "str	r3, [sp, #52]\n\t"
-        "str	r4, [sp, #56]\n\t"
-        "str	r5, [sp, #60]\n\t"
-        "ldr	%[a], [sp, #64]\n\t"
-        "ldr	r2, [sp, #32]\n\t"
-        "ldr	r3, [sp, #36]\n\t"
-        "ldr	r4, [sp, #40]\n\t"
-        "ldr	r8, [sp]\n\t"
-        "ldr	r9, [sp, #4]\n\t"
-        "ldr	r10, [sp, #8]\n\t"
-        "ldr	lr, [sp, #12]\n\t"
-        "subs	%[a], %[a], r8\n\t"
-        "sbcs	r2, r2, r9\n\t"
-        "sbcs	r3, r3, r10\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "str	r2, [sp, #32]\n\t"
-        "str	r3, [sp, #36]\n\t"
-        "str	r4, [sp, #40]\n\t"
-        "ldr	%[a], [sp, #44]\n\t"
-        "ldr	r2, [sp, #48]\n\t"
-        "ldr	r3, [sp, #52]\n\t"
-        "ldr	r4, [sp, #56]\n\t"
-        "ldr	r5, [sp, #60]\n\t"
-        "ldr	r8, [sp, #16]\n\t"
-        "ldr	r9, [sp, #20]\n\t"
-        "ldr	r10, [sp, #24]\n\t"
-        "ldr	lr, [sp, #28]\n\t"
-        "sbcs	%[a], %[a], r8\n\t"
-        "sbcs	r2, r2, r9\n\t"
-        "sbcs	r3, r3, r10\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "sbc	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "ldr	r12, [%[a], #8]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "ldr	r12, [%[a], #12]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r9, r11, r12, r12\n\t"
+        "adds	r10, r10, r11\n\t"
+        "stm	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ldm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "ldr	r12, [%[a], #16]\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r3, r11, r12, r12\n\t"
+        "adds	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "ldr	r12, [%[a], #20]\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r5, r11, r12, r12\n\t"
+        "adds	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "ldr	r12, [%[a], #24]\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r11, %[r], #0\n\t"
+        "umlal	r7, r11, r12, r12\n\t"
+        "adds	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "ldr	r12, [%[a], #28]\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adc	r10, r10, #0\n\t"
+        "umlal	r9, r10, r12, r12\n\t"
+        "add	lr, sp, #32\n\t"
+        "stm	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* Start Reduction */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
+        "adcs	r9, r9, r6\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
+        "adcs	r3, r3, r6\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
+        "sbcs	r7, r7, r12\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
         /* mask m and sub from result if overflow */
-        "rsb	r12, r12, #0\n\t"
-        "and	lr, r12, #1\n\t"
-        "ldr	r6, [sp, #32]\n\t"
-        "ldr	r7, [sp, #36]\n\t"
-        "ldr	r8, [sp, #40]\n\t"
-        "subs	r6, r6, r12\n\t"
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    (void)m_p;
+    (void)mp_p;
+}
+
+#else
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r   Result of squaring.
+ * a   Number to square in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[r], [sp, #64]\n\t"
+        "ldm	%[a], {%[r], %[a], r2, r3, r4, r5, r6, r7}\n\t"
+        "umull	r9, r10, %[r], %[r]\n\t"
+        "umull	r11, r12, %[r], %[a]\n\t"
+        "adds	r11, r11, r11\n\t"
+        "mov	lr, #0\n\t"
+        "umaal	r10, r11, lr, lr\n\t"
+        "stm	sp, {r9, r10}\n\t"
+        "mov	r8, lr\n\t"
+        "umaal	r8, r12, %[r], r2\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r8, r11, %[a], %[a]\n\t"
+        "umull	r9, r10, %[r], r3\n\t"
+        "umaal	r9, r12, %[a], r2\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "str	r8, [sp, #8]\n\t"
+        "str	r9, [sp, #12]\n\t"
+#else
+        "strd	r8, r9, [sp, #8]\n\t"
+#endif
+        "mov	r9, lr\n\t"
+        "umaal	r9, r10, %[r], r4\n\t"
+        "umaal	r9, r12, %[a], r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r2, r2\n\t"
+        "str	r9, [sp, #16]\n\t"
+        "umull	r9, r8, %[r], r5\n\t"
+        "umaal	r9, r12, %[a], r4\n\t"
+        "umaal	r9, r10, r2, r3\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, lr, lr\n\t"
+        "str	r9, [sp, #20]\n\t"
+        "mov	r9, lr\n\t"
+        "umaal	r9, r8, %[r], r6\n\t"
+        "umaal	r9, r12, %[a], r5\n\t"
+        "umaal	r9, r10, r2, r4\n\t"
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r11, r3, r3\n\t"
+        "str	r9, [sp, #24]\n\t"
+        "umull	%[r], r9, %[r], r7\n\t"
+        "umaal	%[r], r8, %[a], r6\n\t"
+        "umaal	%[r], r12, r2, r5\n\t"
+        "umaal	%[r], r10, r3, r4\n\t"
+        "adcs	%[r], %[r], %[r]\n\t"
+        "umaal	%[r], r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "umaal	r9, r8, %[a], r7\n\t"
+        "umaal	r9, r10, r2, r6\n\t"
+        "umaal	r12, r9, r3, r5\n\t"
+        "adcs	r12, r12, r12\n\t"
+        "umaal	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "umaal	r9, r8, r2, r7\n\t"
+        "umaal	r10, r9, r3, r6\n\t"
+        "mov	r2, lr\n\t"
+        "umaal	r10, r2, r4, r5\n\t"
+        "adcs	r10, r10, r10\n\t"
+        "umaal	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "umaal	r2, r8, r3, r7\n\t"
+        "umaal	r2, r9, r4, r6\n\t"
+        "adcs	r3, r2, r2\n\t"
+        "umaal	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "mov	%[a], lr\n\t"
+        "umaal	%[a], r8, r4, r7\n\t"
+        "umaal	%[a], r9, r5, r6\n\t"
+        "adcs	r4, %[a], %[a]\n\t"
+        "umaal	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "umaal	r8, r9, r5, r7\n\t"
+        "adcs	r8, r8, r8\n\t"
+        "umaal	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "mov	r5, lr\n\t"
+        "umaal	r5, r9, r6, r7\n\t"
+        "adcs	r5, r5, r5\n\t"
+        "umaal	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "adcs	r9, r9, r9\n\t"
+        "umaal	r9, r5, r7, r7\n\t"
+        "adcs	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "mov	lr, sp\n\t"
+        "add	lr, lr, #28\n\t"
+        "stm	lr!, {%[r], r12}\n\t"
+        "stm	lr!, {r11}\n\t"
+        "stm	lr!, {r10}\n\t"
+        "stm	lr!, {r3, r4, r8, r9}\n\t"
+        "stm	lr!, {r7}\n\t"
+        /* Start Reduction */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
+        "adcs	r9, r9, r6\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
+        "adcs	r3, r3, r6\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
         "sbcs	r7, r7, r12\n\t"
-        "sbcs	r8, r8, r12\n\t"
-        "sbcs	%[a], %[a], #0\n\t"
-        "sbcs	r2, r2, #0\n\t"
-        "sbcs	r3, r3, #0\n\t"
-        "sbcs	r4, r4, lr\n\t"
-        "sbc	r5, r5, r12\n\t"
-        "stm	%[r]!, {r6, r7, r8}\n\t"
-        "stm	%[r]!, {%[a], r2, r3, r4, r5}\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbc	lr, lr, #0\n\t"
+        /* mask m and sub from result if overflow */
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[r], [sp, #64]\n\t"
+        "stm	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
         "add	sp, sp, #0x44\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r12", "r8", "r9", "r10", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
     (void)m_p;
     (void)mp_p;
 }
 
+#endif
 #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
 /* Square the Montgomery form number a number of times. (r = a ^ n mod m)
  *
@@ -69405,10 +71030,10 @@ static SP_NOINLINE void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, co
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_8(r, a, m, mp);
     for (; n > 1; n--) {
@@ -69503,8 +71128,8 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
  */
 static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -69623,7 +71248,7 @@ static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -69645,10 +71270,10 @@ static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -69669,7 +71294,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -69685,10 +71310,10 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
  */
 static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -69723,7 +71348,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -69732,6 +71357,7 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
 #ifndef WOLFSSL_SP_SMALL
 #define sp_256_mont_reduce_order_8    sp_256_mont_reduce_8
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -69740,12 +71366,12 @@ static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_d
  */
 static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -69758,10 +71384,9 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -69785,14 +71410,8 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -69816,18 +71435,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -69851,17 +71464,11 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -69885,18 +71492,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -69920,18 +71521,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -69955,18 +71550,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -69990,22 +71579,16 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #28]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #28]\n\t"
+#else
+        "ldr	r7, [%[m], #28]\n\t"
 #endif
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -70036,13 +71619,6 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r4, r7, r3\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
@@ -70054,17 +71630,18 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #32\n\t"
         "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
 }
 
-#else
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -70073,103 +71650,338 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
  */
 static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-        "mov	r1, #0\n\t"
-        /* # i = 0 */
-        "mov	r8, #0\n\t"
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
         "\n"
     "L_sp_256_mont_reduce_8_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
         "mov	r4, #0\n\t"
-        /* mu = a[i] * 1 (mp) = a[i] */
-        "ldr	r2, [%[a]]\n\t"
-        /* a[i+0] += -1 * mu */
-        "mov	r5, r2\n\t"
-        "str	r4, [%[a]]\n\t"
-        /* a[i+1] += -1 * mu */
-        "ldr	r6, [%[a], #4]\n\t"
-        "mov	r4, r2\n\t"
-        "subs	r5, r5, r2\n\t"
-        "sbc	r4, r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
-        "str	r5, [%[a], #4]\n\t"
-        /* a[i+2] += -1 * mu */
-        "ldr	r6, [%[a], #8]\n\t"
-        "mov	r5, r2\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbc	r5, r5, #0\n\t"
-        "adds	r4, r4, r6\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
-        "str	r4, [%[a], #8]\n\t"
-        /* a[i+3] += 0 * mu */
-        "ldr	r6, [%[a], #12]\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
         "mov	r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
-        "str	r5, [%[a], #12]\n\t"
-        /* a[i+4] += 0 * mu */
-        "ldr	r6, [%[a], #16]\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
         "mov	r5, #0\n\t"
-        "adds	r4, r4, r6\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
-        "str	r4, [%[a], #16]\n\t"
-        /* a[i+5] += 0 * mu */
-        "ldr	r6, [%[a], #20]\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
         "mov	r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
-        "str	r5, [%[a], #20]\n\t"
-        /* a[i+6] += 1 * mu */
-        "ldr	r6, [%[a], #24]\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
         "mov	r5, #0\n\t"
-        "adds	r4, r4, r2\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r4, r4, r6\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
-        "str	r4, [%[a], #24]\n\t"
-        /* a[i+7] += -1 * mu */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r7, [%[a], #32]\n\t"
-        "adds	r4, r1, r2\n\t"
-        "mov	r1, #0\n\t"
-        "adc	r1, r1, r1\n\t"
-        "subs	r5, r5, r2\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "sbc	r1, r1, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r1, r1, #0\n\t"
-        "str	r5, [%[a], #28]\n\t"
-        "str	r4, [%[a], #32]\n\t"
+        "adcs	r4, r7, r3\n\t"
+        "mov	r3, #0\n\t"
+        "adc	r3, r3, r3\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r3, r3, #0\n\t"
         /* i += 1 */
-        "add	r8, r8, #4\n\t"
+        "add	r9, r9, #4\n\t"
         "add	%[a], %[a], #4\n\t"
-        "cmp	r8, #32\n\t"
+        "cmp	r9, #32\n\t"
         "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
-        "mov	r2, r1\n\t"
-        "sub	r1, r1, #1\n\t"
-        "mvn	r1, r1\n\t"
-        "ldm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
-        "sub	%[a], %[a], #32\n\t"
-        "subs	r4, r4, r1\n\t"
-        "sbcs	r5, r5, r1\n\t"
-        "sbcs	r6, r6, r1\n\t"
-        "sbcs	r7, r7, #0\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_8_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #32]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #32]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #32\n\t"
+        "blt	L_sp_256_mont_reduce_8_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#endif
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+
+    __asm__ __volatile__ (
+        "sub	sp, sp, #0x44\n\t"
+        "str	%[a], [sp, #64]\n\t"
+        "mov	lr, sp\n\t"
+        "ldm	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "stm	lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ldm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "stm	lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        /* Start Reduction */
+        "ldm	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "mov	r3, r11\n\t"
+        "mov	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        "adds	r11, r11, r5\n\t"
+        "adc	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "sub	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "mov	r0, r8\n\t"
+        "mov	r1, r9\n\t"
+        "mov	r2, r10\n\t"
+        "adds	r8, r8, r5\n\t"
+        "adcs	r9, r9, r6\n\t"
+        "adcs	r10, r10, r7\n\t"
+        "adcs	r11, r11, r0\n\t"
+        "adc	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "adds	r0, r0, r5\n\t"
+        "adcs	r1, r1, r6\n\t"
+        "adcs	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r3, r3, r5\n\t"
+        "adcs	r4, r4, r6\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] + carry */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "add	r0, sp, #32\n\t"
+        "ldm	r0, {r2, r3, r4}\n\t"
+        "adds	r2, r2, lr\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r5\n\t"
+        "adcs	r3, r3, r6\n\t"
+        "adcs	r4, r4, r7\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r7\n\t"
+        "adcs	r3, r3, r8\n\t"
+        "adcs	r4, r4, r9\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "stm	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "ldm	r0, {r0, r1, r2, r3, r4}\n\t"
+        "adds	r0, r0, lr\n\t"
+        "adcs	r1, r1, #0\n\t"
+        "adcs	r2, r2, #0\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "mov	lr, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r8\n\t"
+        "adcs	r1, r1, r9\n\t"
+        "adcs	r2, r2, r10\n\t"
+        "adcs	r3, r3, r11\n\t"
+        "adcs	r4, r4, r12\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r0, r0, r10\n\t"
+        "adcs	r1, r1, r11\n\t"
+        "adcs	r2, r2, r12\n\t"
+        "adcs	r3, r3, #0\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adc	lr, lr, #0\n\t"
+        "str	r0, [sp, #44]\n\t"
+        "str	r1, [sp, #48]\n\t"
+        "str	r2, [sp, #52]\n\t"
+        "str	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "add	r0, sp, #28\n\t"
+        "ldm	r0, {r0, r1, r2, r3}\n\t"
+        "subs	r0, r0, r5\n\t"
+        "sbcs	r1, r1, r6\n\t"
+        "sbcs	r2, r2, r7\n\t"
+        "sbcs	r3, r3, r8\n\t"
+        "add	r0, sp, #44\n\t"
+        "mov	r8, r4\n\t"
+        "ldm	r0, {r4, r5, r6, r7}\n\t"
+        "sbcs	r4, r4, r9\n\t"
+        "sbcs	r5, r5, r10\n\t"
+        "sbcs	r6, r6, r11\n\t"
+        "sbcs	r7, r7, r12\n\t"
         "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r2\n\t"
-        "sbc	r11, r11, r1\n\t"
-        "stm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "sbc	lr, lr, #0\n\t"
+        /* mask m and sub from result if overflow */
+        "rsb	lr, lr, #0\n\t"
+        "subs	r1, r1, lr\n\t"
+        "sbcs	r2, r2, lr\n\t"
+        "sbcs	r3, r3, lr\n\t"
+        "sbcs	r4, r4, #0\n\t"
+        "sbcs	r5, r5, #0\n\t"
+        "sbcs	r6, r6, #0\n\t"
+        "sbcs	r7, r7, lr, lsr #31\n\t"
+        "sbc	r8, r8, lr\n\t"
+        "ldr	%[a], [sp, #64]\n\t"
+        "stm	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "add	sp, sp, #0x44\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
     (void)m_p;
     (void)mp_p;
 }
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -70178,12 +71990,12 @@ static SP_NOINLINE void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p,
  */
 static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -70196,10 +72008,9 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -70223,14 +72034,8 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -70254,18 +72059,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -70289,17 +72088,11 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -70323,18 +72116,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -70358,18 +72145,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -70393,18 +72174,12 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -70428,22 +72203,16 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #28]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #28]\n\t"
+#else
+        "ldr	r7, [%[m], #28]\n\t"
 #endif
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -70474,13 +72243,109 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #32\n\t"
+        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
@@ -70492,16 +72357,103 @@ static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #32\n\t"
         "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
 }
 
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_order_8_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #32]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #32]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #32\n\t"
+        "blt	L_sp_256_mont_reduce_order_8_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#endif
 #endif /* WOLFSSL_SP_SMALL */
 /* Map the Montgomery form projective coordinate point to an affine point.
  *
@@ -70552,41 +72504,49 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
  */
 static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r], {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "adds	r5, r5, r3\n\t"
+        "adcs	r6, r6, r4\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "adcs	r7, r7, r3\n\t"
         "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "adc	r3, r12, #0\n\t"
-        "sub	r3, r12, r3\n\t"
-        "and	r12, r3, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, r3\n\t"
-        "sbcs	r6, r6, r3\n\t"
-        "sbcs	r7, r7, #0\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "adcs	r9, r9, r3\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "adcs	r11, r11, r3\n\t"
+        "adcs	r12, r12, r4\n\t"
+        "adc	lr, lr, #0\n\t"
+        "rsb	lr, lr, #0\n\t"
+        "subs	r5, r5, lr\n\t"
+        "sbcs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, lr\n\t"
         "sbcs	r8, r8, #0\n\t"
         "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r12\n\t"
-        "sbc	r11, r11, r3\n\t"
-        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "sbcs	r10, r10, #0\n\t"
+        "sbcs	r11, r11, lr, lsr #31\n\t"
+        "sbcs	r12, r12, lr\n\t"
+        "sbc	%[b], %[b], %[b]\n\t"
+        "sub	lr, lr, %[b]\n\t"
+        "subs	r5, r5, lr\n\t"
+        "sbcs	r6, r6, lr\n\t"
+        "sbcs	r7, r7, lr\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+        "sbcs	r10, r10, #0\n\t"
+        "sbcs	r11, r11, lr, lsr #31\n\t"
+        "sbc	r12, r12, lr\n\t"
+        "stm	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
     (void)m_p;
 }
@@ -70599,11 +72559,11 @@ static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
+        "mov	r2, #0\n\t"
         "ldm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "adds	r4, r4, r4\n\t"
         "adcs	r5, r5, r5\n\t"
@@ -70613,21 +72573,30 @@ static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "adcs	r9, r9, r9\n\t"
         "adcs	r10, r10, r10\n\t"
         "adcs	r11, r11, r11\n\t"
-        "adc	r2, r3, #0\n\t"
-        "sub	r2, r3, r2\n\t"
-        "and	r3, r2, #1\n\t"
+        "adc	r2, r2, #0\n\t"
+        "rsb	r2, r2, #0\n\t"
+        "subs	r4, r4, r2\n\t"
+        "sbcs	r5, r5, r2\n\t"
+        "sbcs	r6, r6, r2\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+        "sbcs	r10, r10, r2, lsr #31\n\t"
+        "sbcs	r11, r11, r2\n\t"
+        "sbc	%[a], %[a], %[a]\n\t"
+        "sub	r2, r2, %[a]\n\t"
         "subs	r4, r4, r2\n\t"
         "sbcs	r5, r5, r2\n\t"
         "sbcs	r6, r6, r2\n\t"
         "sbcs	r7, r7, #0\n\t"
         "sbcs	r8, r8, #0\n\t"
         "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r3\n\t"
+        "sbcs	r10, r10, r2, lsr #31\n\t"
         "sbc	r11, r11, r2\n\t"
         "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "cc"
     );
     (void)m_p;
 }
@@ -70640,11 +72609,11 @@ static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
+        "mov	r12, #0\n\t"
         "ldm	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "adds	r4, r4, r4\n\t"
         "adcs	r5, r5, r5\n\t"
@@ -70654,59 +72623,62 @@ static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "adcs	r9, r9, r9\n\t"
         "adcs	r10, r10, r10\n\t"
         "adcs	r11, r11, r11\n\t"
-        "adc	r2, r3, #0\n\t"
-        "sub	r2, r3, r2\n\t"
-        "and	r3, r2, #1\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
+        "adc	r12, r12, #0\n\t"
+        "rsb	r12, r12, #0\n\t"
+        "subs	r4, r4, r12\n\t"
+        "sbcs	r5, r5, r12\n\t"
+        "sbcs	r6, r6, r12\n\t"
         "sbcs	r7, r7, #0\n\t"
         "sbcs	r8, r8, #0\n\t"
         "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbc	r11, r11, r2\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r8, [%[r], #16]\n\t"
-        "str	r9, [%[r], #20]\n\t"
-#else
-        "strd	r8, r9, [%[r], #16]\n\t"
-#endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
-        "str	r10, [%[r], #24]\n\t"
-        "str	r11, [%[r], #28]\n\t"
-#else
-        "strd	r10, r11, [%[r], #24]\n\t"
-#endif
-        "mov	r3, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "adds	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adcs	r9, r9, r5\n\t"
-        "adcs	r10, r10, r6\n\t"
-        "adcs	r11, r11, r7\n\t"
-        "sub	%[r], %[r], #16\n\t"
-        "adc	r2, r3, #0\n\t"
-        "sub	r2, r3, r2\n\t"
-        "and	r3, r2, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "subs	r4, r4, r2\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbcs	r6, r6, r2\n\t"
+        "sbcs	r10, r10, r12, lsr #31\n\t"
+        "sbcs	r11, r11, r12\n\t"
+        "sbc	r2, r2, r2\n\t"
+        "sub	r12, r12, r2\n\t"
+        "subs	r4, r4, r12\n\t"
+        "sbcs	r5, r5, r12\n\t"
+        "sbcs	r6, r6, r12\n\t"
         "sbcs	r7, r7, #0\n\t"
         "sbcs	r8, r8, #0\n\t"
         "sbcs	r9, r9, #0\n\t"
-        "sbcs	r10, r10, r3\n\t"
-        "sbc	r11, r11, r2\n\t"
+        "sbcs	r10, r10, r12, lsr #31\n\t"
+        "sbc	r11, r11, r12\n\t"
+        "ldm	%[a]!, {r2, r3}\n\t"
+        "adds	r4, r4, r2\n\t"
+        "adcs	r5, r5, r3\n\t"
+        "ldm	%[a]!, {r2, r3}\n\t"
+        "adcs	r6, r6, r2\n\t"
+        "adcs	r7, r7, r3\n\t"
+        "ldm	%[a]!, {r2, r3}\n\t"
+        "adcs	r8, r8, r2\n\t"
+        "adcs	r9, r9, r3\n\t"
+        "ldm	%[a]!, {r2, r3}\n\t"
+        "adcs	r10, r10, r2\n\t"
+        "adcs	r11, r11, r3\n\t"
+        "adc	r12, r12, #0\n\t"
+        "rsb	r12, r12, #0\n\t"
+        "subs	r4, r4, r12\n\t"
+        "sbcs	r5, r5, r12\n\t"
+        "sbcs	r6, r6, r12\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+        "sbcs	r10, r10, r12, lsr #31\n\t"
+        "sbcs	r11, r11, r12\n\t"
+        "sbc	r2, r2, r2\n\t"
+        "sub	r12, r12, r2\n\t"
+        "subs	r4, r4, r12\n\t"
+        "sbcs	r5, r5, r12\n\t"
+        "sbcs	r6, r6, r12\n\t"
+        "sbcs	r7, r7, #0\n\t"
+        "sbcs	r8, r8, #0\n\t"
+        "sbcs	r9, r9, #0\n\t"
+        "sbcs	r10, r10, r12, lsr #31\n\t"
+        "sbc	r11, r11, r12\n\t"
         "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "r12", "cc"
     );
     (void)m_p;
 }
@@ -70720,86 +72692,90 @@ static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static void sp_256_mont_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
-        "subs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "stm	%[r]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[a]!, {r8, r9, r10, r11}\n\t"
-        "ldm	%[b]!, {r4, r5, r6, r7}\n\t"
+        "mov	lr, #0\n\t"
+        "ldm	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "subs	r5, r5, r3\n\t"
+        "sbcs	r6, r6, r4\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "sbcs	r7, r7, r3\n\t"
         "sbcs	r8, r8, r4\n\t"
-        "sbcs	r9, r9, r5\n\t"
-        "sbcs	r10, r10, r6\n\t"
-        "sbcs	r11, r11, r7\n\t"
-        "sbc	r3, r12, #0\n\t"
-        "sub	%[r], %[r], #16\n\t"
-        "and	r12, r3, #1\n\t"
-        "ldm	%[r], {r4, r5, r6, r7}\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adcs	r5, r5, r3\n\t"
-        "adcs	r6, r6, r3\n\t"
-        "adcs	r7, r7, #0\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "sbcs	r9, r9, r3\n\t"
+        "sbcs	r10, r10, r4\n\t"
+        "ldm	%[b]!, {r3, r4}\n\t"
+        "sbcs	r11, r11, r3\n\t"
+        "sbcs	r12, r12, r4\n\t"
+        "sbc	lr, lr, #0\n\t"
+        "adds	r5, r5, lr\n\t"
+        "adcs	r6, r6, lr\n\t"
+        "adcs	r7, r7, lr\n\t"
         "adcs	r8, r8, #0\n\t"
         "adcs	r9, r9, #0\n\t"
-        "adcs	r10, r10, r12\n\t"
-        "adc	r11, r11, r3\n\t"
-        "stm	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, lr, lsr #31\n\t"
+        "adcs	r12, r12, lr\n\t"
+        "adc	lr, lr, #0\n\t"
+        "adds	r5, r5, lr\n\t"
+        "adcs	r6, r6, lr\n\t"
+        "adcs	r7, r7, lr\n\t"
+        "adcs	r8, r8, #0\n\t"
+        "adcs	r9, r9, #0\n\t"
+        "adcs	r10, r10, #0\n\t"
+        "adcs	r11, r11, lr, lsr #31\n\t"
+        "adc	r12, r12, lr\n\t"
+        "stm	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
     (void)m_p;
 }
 
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+static void sp_256_mont_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "ldm	%[a], {r4, r5, r6, r7}\n\t"
         "and	r3, r4, #1\n\t"
-        "sub	r8, r10, r3\n\t"
-        "and	r9, r8, #1\n\t"
+        "rsb	r8, r3, #0\n\t"
         "adds	r4, r4, r8\n\t"
         "adcs	r5, r5, r8\n\t"
         "adcs	r6, r6, r8\n\t"
-        "adcs	r7, r7, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
         "stm	%[r], {r4, r5, r6, r7}\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #16]\n\t"
         "ldr	r5, [%[a], #20]\n\t"
 #else
         "ldrd	r4, r5, [%[a], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[a], #24]\n\t"
         "ldr	r7, [%[a], #28]\n\t"
 #else
         "ldrd	r6, r7, [%[a], #24]\n\t"
 #endif
-        "adcs	r4, r4, r10\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adcs	r6, r6, r9\n\t"
+        "adcs	r4, r4, #0\n\t"
+        "adcs	r5, r5, #0\n\t"
+        "adcs	r6, r6, r8, lsr #31\n\t"
         "adcs	r7, r7, r8\n\t"
-        "adc	r3, r10, r10\n\t"
+        "mov	r3, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r8, r4, #1\n\t"
         "lsr	r9, r5, #1\n\t"
         "lsr	r10, r6, #1\n\t"
@@ -70809,13 +72785,13 @@ static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_
         "orr	r10, r10, r7, lsl #31\n\t"
         "orr	r11, r11, r3, lsl #31\n\t"
         "mov	r3, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #16]\n\t"
         "str	r9, [%[r], #20]\n\t"
 #else
         "strd	r8, r9, [%[r], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [%[r], #24]\n\t"
         "str	r11, [%[r], #28]\n\t"
 #else
@@ -70833,7 +72809,7 @@ static void sp_256_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_
         "stm	%[r], {r8, r9, r10, r11}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "cc"
     );
 }
 
@@ -70881,7 +72857,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_8(t2, t2, p256_mod);
+    sp_256_mont_div2_8(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
@@ -70891,7 +72867,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* X = X - Y */
     sp_256_mont_sub_8(x, x, y, p256_mod);
     /* Y = Y - X */
-    sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+    sp_256_mont_sub_8(y, y, x, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -70914,7 +72890,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -70988,7 +72965,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -71013,7 +72990,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -71074,12 +73051,12 @@ static int sp_256_iszero_8(const sp_digit* a)
 static void sp_256_proj_point_add_8(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*8;
+    sp_digit* t2 = t + 4*8;
+    sp_digit* t3 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -71101,17 +73078,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -71130,20 +73099,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_mont_dbl_8(t3, y, p256_mod);
         sp_256_mont_sub_8(x, x, t3, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+        sp_256_mont_sub_8(y, y, x, p256_mod);
         sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(y, y, t5, p256_mod);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -71189,12 +73169,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->t3 = t + 4*8;
-        ctx->t4 = t + 6*8;
-        ctx->t5 = t + 8*8;
-        ctx->t6 = t + 10*8;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*8;
+        ctx->t2 = t + 4*8;
+        ctx->t3 = t + 6*8;
+        ctx->t4 = t + 8*8;
+        ctx->t5 = t + 10*8;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -71301,7 +73281,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -71314,22 +73294,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -71349,7 +73335,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -71601,8 +73587,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
 }
 
 #ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -71641,7 +73625,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+        sp_256_mont_tpl_8(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -71650,8 +73634,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         sp_256_mont_dbl_8(t2, b, p256_mod);
         sp_256_mont_sub_8(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+        sp_256_mont_sub_8(t2, b, x, p256_mod);
+        sp_256_mont_dbl_8(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -71671,7 +73655,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+    sp_256_mont_tpl_8(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -71680,8 +73664,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_dbl_8(t2, b, p256_mod);
     sp_256_mont_sub_8(x, x, t2, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+    sp_256_mont_sub_8(t2, b, x, p256_mod);
+    sp_256_mont_dbl_8(b, t2, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -71691,7 +73675,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_sub_8(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_8(y, y, p256_mod);
+    sp_256_mont_div2_8(y, y, p256_mod);
 }
 
 /* Convert the projective point to affine.
@@ -71737,12 +73721,12 @@ typedef struct sp_table_entry_256 {
 static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*8;
+    sp_digit* t6 = t + 4*8;
+    sp_digit* t1 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -71758,13 +73742,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -71773,33 +73753,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_8(t1, t3, p256_mod);
-        sp_256_mont_sub_8(x, x, t1, p256_mod);
+        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+        sp_256_mont_dbl_8(t5, t3, p256_mod);
+        sp_256_mont_sub_8(x, t2, t5, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+        sp_256_mont_sub_8(t3, t3, x, p256_mod);
         sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -71900,7 +73887,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -72095,7 +74082,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -72166,8 +74153,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -72320,7 +74307,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -72515,7 +74502,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -72586,8 +74573,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -72704,7 +74691,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -72715,7 +74702,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -74253,7 +76240,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -74275,7 +76262,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -74336,7 +76323,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
  */
 static void sp_256_add_one_8(sp_digit* a_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r1, r2, r3, r4}\n\t"
@@ -74353,7 +76340,7 @@ static void sp_256_add_one_8(sp_digit* a_p)
         "stm	%[a]!, {r1, r2, r3, r4}\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -74448,7 +76435,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -74456,7 +76443,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -74734,16 +76721,15 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
  */
 static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #32\n\t"
         "\n"
     "L_sp_256_sub_in_pkace_8_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -74751,13 +76737,13 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_256_sub_in_pkace_8_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -74770,8 +76756,8 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -74791,7 +76777,7 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -74806,15 +76792,14 @@ static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -74847,7 +76832,7 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_256_mul_d_8_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -74892,7 +76877,7 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #32]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -74905,15 +76890,14 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -74938,251 +76922,203 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -75208,15 +77144,13 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
         "str	r5, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -75233,9 +77167,9 @@ static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -75275,7 +77209,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -75292,9 +77226,9 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -75324,7 +77258,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_256_word_8_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -75352,7 +77286,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -75380,7 +77314,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -75413,7 +77347,7 @@ static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -75454,8 +77388,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[16], t2[9];
     sp_digit div, r1;
@@ -75495,7 +77429,8 @@ static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_256_mod_8(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_256_div_8(a, m, NULL, r);
 }
@@ -75638,7 +77573,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     sp_256_mont_sqr_n_order_8(t2, t3, 4);
     /* t = a^ff = t2 * t3 */
     sp_256_mont_mul_order_8(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    /* t2= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_8(t2, t, 8);
     /* t = a^ffff = t2 * t */
     sp_256_mont_mul_order_8(t, t2, t);
@@ -75655,7 +77590,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_8(t2, t2, t);
     /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
+    sp_256_mont_sqr_order_8(t2, t2);
+    sp_256_mont_mul_order_8(t2, t2, a);
+    sp_256_mont_sqr_n_order_8(t2, t2, 5);
+    sp_256_mont_mul_order_8(t2, t2, t3);
+    for (i=121; i>=112; i--) {
         sp_256_mont_sqr_order_8(t2, t2);
         if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
             sp_256_mont_mul_order_8(t2, t2, a);
@@ -76060,21 +77999,94 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "mov	r12, #0\n\t"
+        "add	lr, %[a], #32\n\t"
+        "\n"
+    "L_sp_256_sub_8_word_%=: \n\t"
+        "rsbs	r12, r12, #0\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "sbc	r12, r3, r3\n\t"
+        "cmp	%[a], lr\n\t"
+        "bne	L_sp_256_sub_8_word_%=\n\t"
+        "mov	%[r], r12\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "subs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "sbc	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
-        "mov	r11, #0\n\t"
         "mov	r12, #0\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r2, [%[a], #16]\n\t"
         "ldr	r3, [%[a], #20]\n\t"
 #else
         "ldrd	r2, r3, [%[a], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #24]\n\t"
         "ldr	r5, [%[a], #28]\n\t"
 #else
@@ -76089,25 +78101,25 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
         "orr	r8, r8, r5, lsl #31\n\t"
         "orr	r9, r9, r12, lsl #31\n\t"
         "mov	r12, r2\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r], #16]\n\t"
         "str	r7, [%[r], #20]\n\t"
 #else
         "strd	r6, r7, [%[r], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #24]\n\t"
         "str	r9, [%[r], #28]\n\t"
 #else
         "strd	r8, r9, [%[r], #24]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r2, [%[a]]\n\t"
         "ldr	r3, [%[a], #4]\n\t"
 #else
         "ldrd	r2, r3, [%[a]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #8]\n\t"
         "ldr	r5, [%[a], #12]\n\t"
 #else
@@ -76121,13 +78133,13 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
         "orr	r7, r7, r4, lsl #31\n\t"
         "orr	r8, r8, r5, lsl #31\n\t"
         "orr	r9, r9, r12, lsl #31\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r6, [%[r]]\n\t"
         "str	r7, [%[r], #4]\n\t"
 #else
         "strd	r6, r7, [%[r]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #8]\n\t"
         "str	r9, [%[r], #12]\n\t"
 #else
@@ -76135,7 +78147,7 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
 #endif
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "r11"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10", "cc"
     );
 }
 
@@ -76147,13 +78159,13 @@ static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
  */
 static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
-        "ldr	r4, [%[a]], #4\n\t"
+        "ldm	%[a]!, {r4}\n\t"
         "ands	r3, r4, #1\n\t"
         "beq	L_sp_256_div2_mod_8_even_%=\n\t"
         "ldm	%[a]!, {r5, r6, r7}\n\t"
@@ -76173,13 +78185,13 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "b	L_sp_256_div2_mod_8_div2_%=\n\t"
         "\n"
     "L_sp_256_div2_mod_8_even_%=: \n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a], #12]\n\t"
         "ldr	r5, [%[a], #16]\n\t"
 #else
         "ldrd	r4, r5, [%[a], #12]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r6, [%[a], #20]\n\t"
         "ldr	r7, [%[a], #24]\n\t"
 #else
@@ -76197,13 +78209,13 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "orr	r10, r10, r7, lsl #31\n\t"
         "orr	r11, r11, r3, lsl #31\n\t"
         "mov	r3, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r8, [%[r], #16]\n\t"
         "str	r9, [%[r], #20]\n\t"
 #else
         "strd	r8, r9, [%[r], #16]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r10, [%[r], #24]\n\t"
         "str	r11, [%[r], #28]\n\t"
 #else
@@ -76221,49 +78233,50 @@ static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "stm	%[r], {r8, r9, r10, r11}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 static const unsigned char L_sp_256_num_bits_8_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03, 
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
+    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
 };
 
 static int sp_256_num_bits_8(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register unsigned char* L_sp_256_num_bits_8_table_c asm ("r1") = (unsigned char*)&L_sp_256_num_bits_8_table;
 
     __asm__ __volatile__ (
         "mov	lr, %[L_sp_256_num_bits_8_table]\n\t"
@@ -76575,9 +78588,9 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
         "\n"
     "L_sp_256_num_bits_8_9_%=: \n\t"
         "mov	%[a], r12\n\t"
-        : [a] "+r" (a)
-        : [L_sp_256_num_bits_8_table] "r" (L_sp_256_num_bits_8_table)
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : [a] "+r" (a), [L_sp_256_num_bits_8_table] "+r" (L_sp_256_num_bits_8_table_c)
+        :
+        : "memory", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -76585,13 +78598,13 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
 #else
 static int sp_256_num_bits_8(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldr	r1, [%[a], #28]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_256_num_bits_8_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -76666,12 +78679,12 @@ static int sp_256_num_bits_8(const sp_digit* a_p)
         "mov	%[a], r12\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
 
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
 /* Non-constant time modular inversion.
  *
  * @param  [out]  r   Resulting number.
@@ -76715,7 +78728,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
             sp_256_sub_8(u, u, v);
             o = sp_256_sub_8(b, b, d);
             if (o != 0)
@@ -76792,7 +78805,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -77116,7 +79129,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -77144,19 +79157,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 8;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_8(t1, point->y);
         (void)sp_256_mod_8(t1, t1, p256_mod);
         sp_256_sqr_8(t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
         sp_256_mul_8(t2, t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
-        (void)sp_256_sub_8(t2, p256_mod, t2);
-        sp_256_mont_add_8(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_8(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -77170,7 +79185,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -77764,16 +79779,19 @@ static const sp_digit p384_b[12] = {
  */
 static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x60\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_384_mul_12_outer_%=: \n\t"
         "subs	r3, r5, #44\n\t"
@@ -77784,7 +79802,44 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
     "L_sp_384_mul_12_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -77821,10 +79876,46 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #48\n\t"
-        "beq	L_sp_384_mul_12_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_384_mul_12_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_384_mul_12_inner_done_%=\n\t"
+        "blt	L_sp_384_mul_12_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_384_mul_12_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -77832,18 +79923,50 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x58\n\t"
+        "cmp	r5, #0x54\n\t"
         "ble	L_sp_384_mul_12_outer_%=\n\t"
+        "ldr	lr, [%[a], #44]\n\t"
+        "ldr	r11, [%[b], #44]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_384_mul_12_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_384_mul_12_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -77856,17 +79979,16 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
  */
 static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #48\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -77896,7 +80018,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -77935,7 +80057,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -77973,7 +80095,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78013,7 +80135,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78051,7 +80173,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78089,7 +80211,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78128,7 +80250,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78165,7 +80287,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78203,7 +80325,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78241,7 +80363,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78280,7 +80402,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78318,7 +80440,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78356,7 +80478,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78394,7 +80516,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78432,7 +80554,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78472,7 +80594,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78509,7 +80631,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78546,7 +80668,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78584,7 +80706,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78622,7 +80744,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78660,7 +80782,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78700,7 +80822,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78737,7 +80859,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78775,7 +80897,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78813,7 +80935,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78851,7 +80973,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78889,7 +81011,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78927,7 +81049,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -78967,7 +81089,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79005,7 +81127,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79042,7 +81164,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79079,7 +81201,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79117,7 +81239,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79155,7 +81277,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79193,7 +81315,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79231,7 +81353,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #28]\n\t"
         /* A[8] * B[0] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79271,7 +81393,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[1] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79309,7 +81431,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79346,7 +81468,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79384,7 +81506,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79422,7 +81544,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79460,7 +81582,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79498,7 +81620,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79536,7 +81658,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[8] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79574,7 +81696,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #32]\n\t"
         /* A[0] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79614,7 +81736,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[8] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79652,7 +81774,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79690,7 +81812,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79727,7 +81849,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79764,7 +81886,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79802,7 +81924,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79840,7 +81962,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79878,7 +82000,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[1] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79916,7 +82038,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[0] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79954,7 +82076,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #36]\n\t"
         /* A[10] * B[0] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -79994,7 +82116,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[1] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80032,7 +82154,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[2] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80070,7 +82192,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[3] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80107,7 +82229,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80145,7 +82267,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80183,7 +82305,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80221,7 +82343,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80259,7 +82381,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[8] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80297,7 +82419,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[9] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80335,7 +82457,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[10] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80373,7 +82495,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #40]\n\t"
         /* A[0] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80413,7 +82535,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[10] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80451,7 +82573,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[9] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80489,7 +82611,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[8] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80527,7 +82649,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80564,7 +82686,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80601,7 +82723,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80639,7 +82761,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80677,7 +82799,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[3] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80715,7 +82837,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[2] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80753,7 +82875,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[1] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80791,7 +82913,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[0] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80829,7 +82951,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #44]\n\t"
         /* A[11] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80869,7 +82991,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[2] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80907,7 +83029,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[3] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80945,7 +83067,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[4] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -80982,7 +83104,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[5] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81020,7 +83142,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81058,7 +83180,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81096,7 +83218,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[8] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81134,7 +83256,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[9] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81172,7 +83294,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[10] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81210,7 +83332,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[11] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81248,7 +83370,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #48]\n\t"
         /* A[2] * B[11] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81288,7 +83410,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[10] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81326,7 +83448,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[9] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81364,7 +83486,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[8] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81401,7 +83523,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81438,7 +83560,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81476,7 +83598,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[5] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81514,7 +83636,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[4] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81552,7 +83674,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[3] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81590,7 +83712,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[2] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81628,7 +83750,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #52]\n\t"
         /* A[11] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81668,7 +83790,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[4] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81706,7 +83828,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[5] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81743,7 +83865,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[6] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81781,7 +83903,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[7] */
         "ldr	r11, [%[a], #28]\n\t"
         "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81819,7 +83941,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[8] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81857,7 +83979,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[9] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81895,7 +84017,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[10] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81933,7 +84055,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[11] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -81971,7 +84093,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #56]\n\t"
         /* A[4] * B[11] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82011,7 +84133,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[10] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82049,7 +84171,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[9] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82086,7 +84208,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[8] */
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82123,7 +84245,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[7] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82161,7 +84283,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[6] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82199,7 +84321,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[5] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82237,7 +84359,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[4] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82275,7 +84397,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #60]\n\t"
         /* A[11] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82315,7 +84437,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[6] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82352,7 +84474,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[7] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82390,7 +84512,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[8] */
         "ldr	r11, [%[a], #32]\n\t"
         "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82428,7 +84550,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[9] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82466,7 +84588,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[10] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82504,7 +84626,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[11] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82542,7 +84664,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #64]\n\t"
         /* A[6] * B[11] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82582,7 +84704,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[10] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82619,7 +84741,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82656,7 +84778,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[8] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82694,7 +84816,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[7] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82732,7 +84854,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[6] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82770,7 +84892,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #68]\n\t"
         /* A[11] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82809,7 +84931,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[10] * B[8] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82847,7 +84969,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[9] */
         "ldr	r11, [%[a], #36]\n\t"
         "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82885,7 +85007,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[10] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82923,7 +85045,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[11] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -82961,7 +85083,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #72]\n\t"
         /* A[8] * B[11] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83000,7 +85122,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[10] */
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83037,7 +85159,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[10] * B[9] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83075,7 +85197,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[8] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83112,7 +85234,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r4, [%[r], #76]\n\t"
         /* A[11] * B[9] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83152,7 +85274,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[10] */
         "ldr	r11, [%[a], #40]\n\t"
         "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83190,7 +85312,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[11] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83227,7 +85349,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r5, [%[r], #80]\n\t"
         /* A[10] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83266,7 +85388,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[11] * B[10] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83303,7 +85425,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r3, [%[r], #84]\n\t"
         /* A[11] * B[11] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -83329,9 +85451,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, r8, r9\n\t"
 #endif
         "str	r4, [%[r], #88]\n\t"
         "str	r5, [%[r], #92]\n\t"
@@ -83343,7 +85463,7 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
@@ -83356,29 +85476,28 @@ static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
  */
 static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x60\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_384_sqr_12_outer_%=: \n\t"
         "subs	r3, r5, #44\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_384_sqr_12_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_384_sqr_12_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -83427,11 +85546,13 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_384_sqr_12_op_done_%=\n\t"
-        "\n"
-    "L_sp_384_sqr_12_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_384_sqr_12_inner_done_%=\n\t"
+        "blt	L_sp_384_sqr_12_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -83458,34 +85579,50 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_384_sqr_12_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #48\n\t"
-        "beq	L_sp_384_sqr_12_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_384_sqr_12_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_384_sqr_12_inner_%=\n\t"
-        "\n"
     "L_sp_384_sqr_12_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x58\n\t"
+        "cmp	r5, #0x54\n\t"
         "ble	L_sp_384_sqr_12_outer_%=\n\t"
+        "ldr	lr, [%[a], #44]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_384_sqr_12_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_384_sqr_12_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -83497,14 +85634,14 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
  */
 static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #48\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -83523,7 +85660,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83579,7 +85716,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83633,7 +85770,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83663,7 +85800,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83718,7 +85855,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83771,7 +85908,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83826,7 +85963,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83877,7 +86014,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83907,7 +86044,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83937,7 +86074,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -83975,7 +86112,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84020,7 +86157,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84050,7 +86187,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84088,7 +86225,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84125,7 +86262,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84164,7 +86301,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84194,7 +86331,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84232,7 +86369,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84270,7 +86407,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84315,7 +86452,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84345,7 +86482,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84383,7 +86520,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84421,7 +86558,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84458,7 +86595,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84497,7 +86634,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84527,7 +86664,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84565,7 +86702,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84603,7 +86740,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84641,7 +86778,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84686,7 +86823,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84716,7 +86853,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84754,7 +86891,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84792,7 +86929,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84830,7 +86967,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84867,7 +87004,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84906,7 +87043,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84936,7 +87073,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -84974,7 +87111,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85012,7 +87149,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85050,7 +87187,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85088,7 +87225,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85133,7 +87270,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85163,7 +87300,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85201,7 +87338,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85239,7 +87376,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85277,7 +87414,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85314,7 +87451,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85353,7 +87490,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85383,7 +87520,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85421,7 +87558,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85459,7 +87596,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85497,7 +87634,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85542,7 +87679,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85572,7 +87709,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85610,7 +87747,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85648,7 +87785,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85685,7 +87822,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85724,7 +87861,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85754,7 +87891,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85792,7 +87929,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85830,7 +87967,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85875,7 +88012,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85905,7 +88042,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85943,7 +88080,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -85980,7 +88117,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[8] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86019,7 +88156,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86049,7 +88186,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86087,7 +88224,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86132,7 +88269,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86187,7 +88324,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86238,7 +88375,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[9] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86268,7 +88405,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86323,7 +88460,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86376,7 +88513,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86430,7 +88567,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[10] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86460,7 +88597,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86515,7 +88652,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "str	r2, [%[r], #84]\n\t"
         /* A[11] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -86548,7 +88685,7 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2, r3, r4, r8}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -86562,9 +88699,9 @@ static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -86586,7 +88723,7 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -86600,12 +88737,11 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -86627,91 +88763,11 @@ static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #48\n\t"
-        "\n"
-    "L_sp_384_sub_12_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_384_sub_12_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -86829,14 +88885,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -87025,10 +89081,10 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
  */
 static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -87049,7 +89105,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -87065,10 +89121,10 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -87117,7 +89173,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -87125,6 +89181,7 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
 #endif /* WOLFSSL_SP_SMALL */
 #define sp_384_mont_reduce_order_12   sp_384_mont_reduce_12
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 384 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -87133,12 +89190,12 @@ static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -87151,10 +89208,9 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -87178,14 +89234,8 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -87209,18 +89259,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -87244,17 +89288,11 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -87278,18 +89316,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -87313,18 +89345,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -87348,18 +89374,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -87383,18 +89403,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -87418,18 +89432,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -87453,18 +89461,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -87488,18 +89490,12 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -87523,22 +89519,16 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #44]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #44]\n\t"
+#else
+        "ldr	r7, [%[m], #44]\n\t"
 #endif
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -87569,13 +89559,141 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #48\n\t"
+        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_384_mont_reduce_12_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
@@ -87587,16 +89705,123 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #48\n\t"
         "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
 }
 
+#else
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_384_mont_reduce_12_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #48]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #48]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #48\n\t"
+        "blt	L_sp_384_mont_reduce_12_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -87604,7 +89829,7 @@ static SP_NOINLINE void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -87618,7 +89843,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -87634,10 +89859,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_12(r, a, m, mp);
     for (; n > 1; n--) {
@@ -87748,8 +89973,8 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
  */
 static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -87912,7 +90137,7 @@ static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -87972,10 +90197,10 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
  */
 static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register const sp_digit* m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
 
     sp_digit o;
 
@@ -87991,9 +90216,9 @@ static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     sp_digit o;
 
@@ -88009,9 +90234,9 @@ static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     sp_digit o;
 
@@ -88022,6 +90247,87 @@ static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
 }
 
 #ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "mov	r12, #0\n\t"
+        "add	lr, %[a], #48\n\t"
+        "\n"
+    "L_sp_384_sub_12_word_%=: \n\t"
+        "rsbs	r12, r12, #0\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "sbc	r12, r3, r3\n\t"
+        "cmp	%[a], lr\n\t"
+        "bne	L_sp_384_sub_12_word_%=\n\t"
+        "mov	%[r], r12\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "subs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "sbc	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -88032,10 +90338,10 @@ static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -88056,7 +90362,7 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
         "mov	%[r], lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -88072,10 +90378,10 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r8, #0\n\t"
@@ -88124,7 +90430,7 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
         "adc	%[r], r8, r8\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -88139,10 +90445,10 @@ static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register const sp_digit* m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
 
     sp_digit o;
 
@@ -88150,14 +90456,13 @@ static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
     sp_384_cond_add_12(r, r, m, o);
 }
 
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
 #ifdef WOLFSSL_SP_SMALL
 #else
 #endif /* WOLFSSL_SP_SMALL */
 static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3}\n\t"
@@ -88208,7 +90513,7 @@ static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
         "str	r4, [%[r], #44]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -88218,7 +90523,7 @@ static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_384_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
     sp_digit o;
 
@@ -88271,7 +90576,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_12(t2, t2, p384_mod);
+    sp_384_mont_div2_12(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -88281,7 +90586,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_12(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+    sp_384_mont_sub_12(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -88304,7 +90609,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -88378,7 +90684,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -88403,7 +90709,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -88466,12 +90772,12 @@ static int sp_384_iszero_12(const sp_digit* a)
 static void sp_384_proj_point_add_12(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*12;
+    sp_digit* t2 = t + 4*12;
+    sp_digit* t3 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -88493,17 +90799,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -88522,20 +90820,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_mont_dbl_12(t3, y, p384_mod);
         sp_384_mont_sub_12(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+        sp_384_mont_sub_12(y, y, x, p384_mod);
         sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(y, y, t5, p384_mod);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -88581,12 +90890,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->t3 = t + 4*12;
-        ctx->t4 = t + 6*12;
-        ctx->t5 = t + 8*12;
-        ctx->t6 = t + 10*12;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*12;
+        ctx->t2 = t + 4*12;
+        ctx->t3 = t + 6*12;
+        ctx->t4 = t + 8*12;
+        ctx->t5 = t + 10*12;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -88693,7 +91002,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -88706,22 +91015,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -88741,7 +91056,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -89017,8 +91332,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
 }
 
 #ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -89057,7 +91370,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+        sp_384_mont_tpl_12(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -89066,8 +91379,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         sp_384_mont_dbl_12(t2, b, p384_mod);
         sp_384_mont_sub_12(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+        sp_384_mont_sub_12(t2, b, x, p384_mod);
+        sp_384_mont_dbl_12(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -89087,7 +91400,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+    sp_384_mont_tpl_12(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -89096,8 +91409,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_dbl_12(t2, b, p384_mod);
     sp_384_mont_sub_12(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+    sp_384_mont_sub_12(t2, b, x, p384_mod);
+    sp_384_mont_dbl_12(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -89107,7 +91420,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_sub_12(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_12(y, y, p384_mod);
+    sp_384_mont_div2_12(y, y, p384_mod);
 }
 
 /* Convert the projective point to affine.
@@ -89153,12 +91466,12 @@ typedef struct sp_table_entry_384 {
 static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*12;
+    sp_digit* t6 = t + 4*12;
+    sp_digit* t1 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -89174,13 +91487,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -89189,33 +91498,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_12(t1, t3, p384_mod);
-        sp_384_mont_sub_12(x, x, t1, p384_mod);
+        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_12(t5, t3, p384_mod);
+        sp_384_mont_sub_12(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+        sp_384_mont_sub_12(t3, t3, x, p384_mod);
         sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -89316,7 +91632,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -89527,7 +91843,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -89598,8 +91914,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -89752,7 +92068,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -89963,7 +92279,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -90034,8 +92350,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -90152,7 +92468,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -90163,7 +92479,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -91701,7 +94017,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -91723,7 +94039,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -91784,7 +94100,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
  */
 static void sp_384_add_one_12(sp_digit* a_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r1, r2, r3, r4}\n\t"
@@ -91807,7 +94123,7 @@ static void sp_384_add_one_12(sp_digit* a_p)
         "stm	%[a]!, {r1, r2, r3, r4}\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -91902,7 +94218,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -91910,7 +94226,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -92188,16 +94504,15 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
  */
 static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #48\n\t"
         "\n"
     "L_sp_384_sub_in_pkace_12_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -92205,13 +94520,13 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_384_sub_in_pkace_12_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -92224,8 +94539,8 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -92252,7 +94567,7 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -92267,15 +94582,14 @@ static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -92308,7 +94622,7 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_384_mul_d_12_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -92353,7 +94667,7 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #48]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -92366,15 +94680,14 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -92399,411 +94712,331 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -92829,15 +95062,13 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
         "str	r3, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -92854,9 +95085,9 @@ static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -92896,7 +95127,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -92913,9 +95144,9 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -92945,7 +95176,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_384_word_12_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -92973,7 +95204,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -93001,7 +95232,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -93034,7 +95265,7 @@ static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -93079,8 +95310,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[24], t2[13];
     sp_digit div, r1;
@@ -93120,7 +95351,8 @@ static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digi
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_384_mod_12(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_384_div_12(a, m, NULL, r);
 }
@@ -93664,12 +95896,12 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
  */
 static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
-        "ldr	r4, [%[a]], #4\n\t"
+        "ldm	%[a]!, {r4}\n\t"
         "ands	r3, r4, #1\n\t"
         "beq	L_sp_384_div2_mod_12_even_%=\n\t"
         "mov	r12, #0\n\t"
@@ -93706,8 +95938,8 @@ static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4, r5, r6, r7}\n\t"
         "\n"
     "L_sp_384_div2_mod_12_div2_%=: \n\t"
-        "sub	%[r], #48\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        "sub	%[r], %[r], #48\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[r]]\n\t"
         "ldr	r9, [%[r], #4]\n\t"
 #else
@@ -93761,49 +95993,50 @@ static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "str	r10, [%[r], #44]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 static const unsigned char L_sp_384_num_bits_12_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03, 
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
+    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
 };
 
 static int sp_384_num_bits_12(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register unsigned char* L_sp_384_num_bits_12_table_c asm ("r1") = (unsigned char*)&L_sp_384_num_bits_12_table;
 
     __asm__ __volatile__ (
         "mov	lr, %[L_sp_384_num_bits_12_table]\n\t"
@@ -93813,7 +96046,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_11_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x78\n\t"
@@ -93829,7 +96062,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_11_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x70\n\t"
@@ -93845,7 +96078,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_11_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x68\n\t"
@@ -93858,7 +96091,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "\n"
     "L_sp_384_num_bits_12_11_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x60\n\t"
@@ -93876,7 +96109,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_10_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x58\n\t"
@@ -93892,7 +96125,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_10_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x50\n\t"
@@ -93908,7 +96141,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_10_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x48\n\t"
@@ -93921,7 +96154,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "\n"
     "L_sp_384_num_bits_12_10_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x40\n\t"
@@ -93939,7 +96172,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_9_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x38\n\t"
@@ -93955,7 +96188,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_9_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x30\n\t"
@@ -93971,7 +96204,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_9_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x28\n\t"
@@ -93984,7 +96217,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "\n"
     "L_sp_384_num_bits_12_9_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x20\n\t"
@@ -94002,7 +96235,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_8_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x18\n\t"
@@ -94018,7 +96251,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_8_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x10\n\t"
@@ -94034,7 +96267,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_384_num_bits_12_8_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x8\n\t"
@@ -94047,7 +96280,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "\n"
     "L_sp_384_num_bits_12_8_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -94367,9 +96600,9 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "\n"
     "L_sp_384_num_bits_12_13_%=: \n\t"
         "mov	%[a], r12\n\t"
-        : [a] "+r" (a)
-        : [L_sp_384_num_bits_12_table] "r" (L_sp_384_num_bits_12_table)
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : [a] "+r" (a), [L_sp_384_num_bits_12_table] "+r" (L_sp_384_num_bits_12_table_c)
+        :
+        : "memory", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -94377,13 +96610,13 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
 #else
 static int sp_384_num_bits_12(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldr	r1, [%[a], #44]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_384_num_bits_12_11_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x80\n\t"
@@ -94398,7 +96631,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "ldr	r1, [%[a], #40]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_384_num_bits_12_10_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x60\n\t"
@@ -94413,7 +96646,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "ldr	r1, [%[a], #36]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_384_num_bits_12_9_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x40\n\t"
@@ -94428,7 +96661,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "ldr	r1, [%[a], #32]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_384_num_bits_12_8_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x20\n\t"
@@ -94443,7 +96676,7 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "ldr	r1, [%[a], #28]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_384_num_bits_12_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -94518,12 +96751,12 @@ static int sp_384_num_bits_12(const sp_digit* a_p)
         "mov	%[a], r12\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
 
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
 /* Non-constant time modular inversion.
  *
  * @param  [out]  r   Resulting number.
@@ -94567,7 +96800,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
             sp_384_sub_12(u, u, v);
             o = sp_384_sub_12(b, b, d);
             if (o != 0)
@@ -94648,7 +96881,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -94972,7 +97205,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -95000,19 +97233,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 12;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_12(t1, point->y);
         (void)sp_384_mod_12(t1, t1, p384_mod);
         sp_384_sqr_12(t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
         sp_384_mul_12(t2, t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
-        (void)sp_384_sub_12(t2, p384_mod, t2);
-        sp_384_mont_add_12(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_12(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -95026,7 +97261,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -95662,16 +97897,19 @@ static const sp_digit p521_b[17] = {
  */
 static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x88\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_521_mul_17_outer_%=: \n\t"
         "subs	r3, r5, #0x40\n\t"
@@ -95682,7 +97920,44 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
     "L_sp_521_mul_17_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -95719,10 +97994,46 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x44\n\t"
-        "beq	L_sp_521_mul_17_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_521_mul_17_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_521_mul_17_inner_done_%=\n\t"
+        "blt	L_sp_521_mul_17_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_521_mul_17_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -95730,21 +98041,53 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x80\n\t"
+        "cmp	r5, #0x7c\n\t"
         "ble	L_sp_521_mul_17_outer_%=\n\t"
+        "ldr	lr, [%[a], #64]\n\t"
+        "ldr	r11, [%[b], #64]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "ldm	sp!, {r6, r7}\n\t"
         "stm	%[r]!, {r6, r7}\n\t"
         "sub	r5, r5, #8\n\t"
         "\n"
     "L_sp_521_mul_17_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_521_mul_17_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -95757,17 +98100,16 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
  */
 static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x44\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95797,7 +98139,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95836,7 +98178,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95874,7 +98216,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95914,7 +98256,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95952,7 +98294,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -95990,7 +98332,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96029,7 +98371,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96066,7 +98408,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96104,7 +98446,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96142,7 +98484,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96181,7 +98523,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96219,7 +98561,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96257,7 +98599,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96295,7 +98637,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96333,7 +98675,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96373,7 +98715,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96410,7 +98752,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96447,7 +98789,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96485,7 +98827,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96523,7 +98865,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96561,7 +98903,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96601,7 +98943,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96638,7 +98980,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96676,7 +99018,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96714,7 +99056,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96752,7 +99094,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96790,7 +99132,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96828,7 +99170,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96868,7 +99210,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96906,7 +99248,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96943,7 +99285,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -96980,7 +99322,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97018,7 +99360,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97056,7 +99398,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97094,7 +99436,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97132,7 +99474,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #28]\n\t"
         /* A[8] * B[0] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97172,7 +99514,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[1] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97210,7 +99552,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97247,7 +99589,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97285,7 +99627,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97323,7 +99665,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97361,7 +99703,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97399,7 +99741,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97437,7 +99779,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[8] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97475,7 +99817,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #32]\n\t"
         /* A[0] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97515,7 +99857,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[8] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97553,7 +99895,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97591,7 +99933,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97628,7 +99970,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97665,7 +100007,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97703,7 +100045,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97741,7 +100083,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97779,7 +100121,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[1] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97817,7 +100159,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[0] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97855,7 +100197,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #36]\n\t"
         /* A[10] * B[0] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97895,7 +100237,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[1] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97933,7 +100275,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[2] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -97971,7 +100313,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[3] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98008,7 +100350,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98046,7 +100388,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98084,7 +100426,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98122,7 +100464,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98160,7 +100502,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[8] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98198,7 +100540,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[9] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98236,7 +100578,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[10] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98274,7 +100616,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #40]\n\t"
         /* A[0] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98314,7 +100656,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[10] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98352,7 +100694,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[9] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98390,7 +100732,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[8] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98428,7 +100770,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98465,7 +100807,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98502,7 +100844,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98540,7 +100882,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98578,7 +100920,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[3] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98616,7 +100958,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[2] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98654,7 +100996,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[1] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98692,7 +101034,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[0] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98730,7 +101072,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #44]\n\t"
         /* A[12] * B[0] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98770,7 +101112,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[1] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98808,7 +101150,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[2] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98846,7 +101188,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[3] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98884,7 +101226,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[4] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98921,7 +101263,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[5] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98959,7 +101301,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -98997,7 +101339,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99035,7 +101377,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[8] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99073,7 +101415,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[9] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99111,7 +101453,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[10] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99149,7 +101491,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[11] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99187,7 +101529,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[12] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99225,7 +101567,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #48]\n\t"
         /* A[0] * B[13] */
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99265,7 +101607,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[12] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99303,7 +101645,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[11] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99341,7 +101683,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[10] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99379,7 +101721,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[9] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99417,7 +101759,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[8] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99454,7 +101796,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[6] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99491,7 +101833,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99529,7 +101871,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[5] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99567,7 +101909,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[4] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99605,7 +101947,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[3] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99643,7 +101985,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[2] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99681,7 +102023,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[1] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99719,7 +102061,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[0] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99757,7 +102099,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #52]\n\t"
         /* A[14] * B[0] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99797,7 +102139,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[1] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99835,7 +102177,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[2] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99873,7 +102215,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[3] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99911,7 +102253,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[4] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99949,7 +102291,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[5] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -99986,7 +102328,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[6] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100024,7 +102366,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[7] */
         "ldr	r11, [%[a], #28]\n\t"
         "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100062,7 +102404,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[8] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100100,7 +102442,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[9] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100138,7 +102480,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[10] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100176,7 +102518,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[11] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100214,7 +102556,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[12] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100252,7 +102594,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[13] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100290,7 +102632,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[14] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100328,7 +102670,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [sp, #56]\n\t"
         /* A[0] * B[15] */
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100368,7 +102710,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[14] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100406,7 +102748,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[13] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100444,7 +102786,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[12] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100482,7 +102824,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[11] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100520,7 +102862,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[10] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100558,7 +102900,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[9] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100595,7 +102937,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[7] * B[8] */
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100632,7 +102974,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[7] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100670,7 +103012,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[6] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100708,7 +103050,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[5] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100746,7 +103088,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[4] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100784,7 +103126,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[3] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100822,7 +103164,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[2] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100860,7 +103202,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[1] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100898,7 +103240,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[0] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100936,7 +103278,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [sp, #60]\n\t"
         /* A[16] * B[0] */
         "ldr	r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -100976,7 +103318,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[1] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101014,7 +103356,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[2] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101052,7 +103394,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[3] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101090,7 +103432,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[4] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101128,7 +103470,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[5] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101166,7 +103508,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[6] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101203,7 +103545,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[7] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101241,7 +103583,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[8] */
         "ldr	r11, [%[a], #32]\n\t"
         "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101279,7 +103621,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[9] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101317,7 +103659,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[10] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101355,7 +103697,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[11] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101393,7 +103735,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[12] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101431,7 +103773,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[13] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101469,7 +103811,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[14] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101507,7 +103849,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[1] * B[15] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101545,7 +103887,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[0] * B[16] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101583,7 +103925,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [sp, #64]\n\t"
         /* A[1] * B[16] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101623,7 +103965,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[15] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101661,7 +104003,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[14] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101699,7 +104041,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[13] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101737,7 +104079,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[12] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101775,7 +104117,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[11] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101813,7 +104155,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[10] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101850,7 +104192,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[8] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101887,7 +104229,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[8] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101925,7 +104267,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[7] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -101963,7 +104305,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[6] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102001,7 +104343,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[5] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102039,7 +104381,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[4] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102077,7 +104419,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[3] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102115,7 +104457,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[2] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102153,7 +104495,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[1] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102191,7 +104533,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #68]\n\t"
         /* A[16] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102231,7 +104573,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[3] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102269,7 +104611,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[4] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102307,7 +104649,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[5] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102345,7 +104687,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[6] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102383,7 +104725,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[7] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102420,7 +104762,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[10] * B[8] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102458,7 +104800,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[9] */
         "ldr	r11, [%[a], #36]\n\t"
         "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102496,7 +104838,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[10] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102534,7 +104876,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[11] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102572,7 +104914,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[12] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102610,7 +104952,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[13] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102648,7 +104990,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[14] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102686,7 +105028,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[3] * B[15] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102724,7 +105066,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[2] * B[16] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102762,7 +105104,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #72]\n\t"
         /* A[3] * B[16] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102802,7 +105144,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[15] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102840,7 +105182,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[14] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102878,7 +105220,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[13] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102916,7 +105258,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[12] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102954,7 +105296,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[11] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -102991,7 +105333,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[9] * B[10] */
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103028,7 +105370,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[10] * B[9] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103066,7 +105408,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[8] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103104,7 +105446,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[7] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103142,7 +105484,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[6] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103180,7 +105522,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[5] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103218,7 +105560,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[4] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103256,7 +105598,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[3] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103294,7 +105636,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #76]\n\t"
         /* A[16] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103334,7 +105676,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[5] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103372,7 +105714,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[6] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103410,7 +105752,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[7] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103448,7 +105790,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[8] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103485,7 +105827,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[11] * B[9] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103523,7 +105865,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[10] */
         "ldr	r11, [%[a], #40]\n\t"
         "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103561,7 +105903,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[11] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103599,7 +105941,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[12] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103637,7 +105979,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[13] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103675,7 +106017,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[14] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103713,7 +106055,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[5] * B[15] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103751,7 +106093,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[4] * B[16] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103789,7 +106131,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #80]\n\t"
         /* A[5] * B[16] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103829,7 +106171,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[15] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103867,7 +106209,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[14] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103905,7 +106247,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[13] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103943,7 +106285,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[12] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -103980,7 +106322,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[10] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104017,7 +106359,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[11] * B[10] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104055,7 +106397,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[9] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104093,7 +106435,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[8] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104131,7 +106473,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[7] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104169,7 +106511,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[6] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104207,7 +106549,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[5] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104245,7 +106587,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #84]\n\t"
         /* A[16] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104285,7 +106627,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[7] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104323,7 +106665,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[8] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104361,7 +106703,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[9] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104398,7 +106740,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[12] * B[10] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104436,7 +106778,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[11] */
         "ldr	r11, [%[a], #44]\n\t"
         "ldr	r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104474,7 +106816,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[12] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104512,7 +106854,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[13] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104550,7 +106892,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[14] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104588,7 +106930,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[7] * B[15] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104626,7 +106968,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[6] * B[16] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104664,7 +107006,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #88]\n\t"
         /* A[7] * B[16] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104704,7 +107046,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[15] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104742,7 +107084,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[14] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104780,7 +107122,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[13] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104817,7 +107159,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[11] * B[12] */
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104854,7 +107196,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[12] * B[11] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104892,7 +107234,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[10] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104930,7 +107272,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[9] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -104968,7 +107310,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[8] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105006,7 +107348,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[7] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105044,7 +107386,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #92]\n\t"
         /* A[16] * B[8] */
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105084,7 +107426,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[9] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105122,7 +107464,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[10] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105159,7 +107501,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[13] * B[11] */
         "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105197,7 +107539,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[12] */
         "ldr	r11, [%[a], #48]\n\t"
         "ldr	r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105235,7 +107577,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[13] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105273,7 +107615,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[14] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105311,7 +107653,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[9] * B[15] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105349,7 +107691,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[8] * B[16] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105387,7 +107729,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #96]\n\t"
         /* A[9] * B[16] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105427,7 +107769,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[15] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105465,7 +107807,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[14] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105502,7 +107844,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[12] * B[13] */
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105539,7 +107881,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[13] * B[12] */
         "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105577,7 +107919,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[11] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105615,7 +107957,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[10] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105653,7 +107995,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[9] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105691,7 +108033,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #100]\n\t"
         /* A[16] * B[10] */
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105731,7 +108073,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[11] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105768,7 +108110,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[14] * B[12] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105806,7 +108148,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[13] */
         "ldr	r11, [%[a], #52]\n\t"
         "ldr	r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105844,7 +108186,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[14] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105882,7 +108224,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[11] * B[15] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105920,7 +108262,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[10] * B[16] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105958,7 +108300,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r5, [%[r], #104]\n\t"
         /* A[11] * B[16] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -105998,7 +108340,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[15] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106035,7 +108377,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[13] * B[14] */
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106072,7 +108414,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[14] * B[13] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106110,7 +108452,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[12] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106148,7 +108490,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[11] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106186,7 +108528,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r3, [%[r], #108]\n\t"
         /* A[16] * B[12] */
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106225,7 +108567,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[15] * B[13] */
         "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106263,7 +108605,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[14] */
         "ldr	r11, [%[a], #56]\n\t"
         "ldr	r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106301,7 +108643,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[13] * B[15] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106339,7 +108681,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[12] * B[16] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106377,7 +108719,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "str	r4, [%[r], #112]\n\t"
         /* A[13] * B[16] */
         "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106416,7 +108758,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[14] * B[15] */
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106453,7 +108795,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[15] * B[14] */
         "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106491,7 +108833,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[16] * B[13] */
         "ldr	r8, [%[a], #64]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106528,7 +108870,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r5, [%[r], #116]\n\t"
         /* A[16] * B[14] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106568,7 +108910,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[15] * B[15] */
         "ldr	r11, [%[a], #60]\n\t"
         "ldr	r12, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106606,7 +108948,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         /* A[14] * B[16] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106643,7 +108985,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r3, [%[r], #120]\n\t"
         /* A[15] * B[16] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106682,7 +109024,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         /* A[16] * B[15] */
         "ldr	r8, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106719,7 +109061,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
 #endif
         "str	r4, [%[r], #124]\n\t"
         /* A[16] * B[16] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -106745,9 +109087,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "adds	r5, r5, r6\n\t"
         "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r7\n\t"
+        "umlal	r5, r3, r8, r9\n\t"
 #endif
         "str	r5, [%[r], #128]\n\t"
         "str	r3, [%[r], #132]\n\t"
@@ -106763,7 +109103,7 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
         "stm	%[r]!, {r3}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
@@ -106776,29 +109116,28 @@ static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_
  */
 static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x88\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_521_sqr_17_outer_%=: \n\t"
         "subs	r3, r5, #0x40\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_521_sqr_17_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_521_sqr_17_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -106847,11 +109186,13 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_521_sqr_17_op_done_%=\n\t"
-        "\n"
-    "L_sp_521_sqr_17_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_521_sqr_17_inner_done_%=\n\t"
+        "blt	L_sp_521_sqr_17_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -106878,37 +109219,53 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_521_sqr_17_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x44\n\t"
-        "beq	L_sp_521_sqr_17_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_521_sqr_17_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_521_sqr_17_inner_%=\n\t"
-        "\n"
     "L_sp_521_sqr_17_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0x80\n\t"
+        "cmp	r5, #0x7c\n\t"
         "ble	L_sp_521_sqr_17_outer_%=\n\t"
+        "ldr	lr, [%[a], #64]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "ldm	sp!, {r6, r7}\n\t"
         "stm	%[r]!, {r6, r7}\n\t"
         "sub	r5, r5, #8\n\t"
         "\n"
     "L_sp_521_sqr_17_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_521_sqr_17_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -106920,14 +109277,14 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
  */
 static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x44\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -106946,7 +109303,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107002,7 +109359,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107056,7 +109413,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107086,7 +109443,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107141,7 +109498,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107194,7 +109551,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107249,7 +109606,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107300,7 +109657,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107330,7 +109687,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107360,7 +109717,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107398,7 +109755,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107443,7 +109800,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107473,7 +109830,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107511,7 +109868,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107548,7 +109905,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107587,7 +109944,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107617,7 +109974,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107655,7 +110012,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107693,7 +110050,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107738,7 +110095,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107768,7 +110125,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107806,7 +110163,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107844,7 +110201,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107881,7 +110238,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107920,7 +110277,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107950,7 +110307,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -107988,7 +110345,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108026,7 +110383,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108064,7 +110421,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108109,7 +110466,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108139,7 +110496,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108177,7 +110534,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108215,7 +110572,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108253,7 +110610,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108290,7 +110647,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108329,7 +110686,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108359,7 +110716,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108397,7 +110754,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108435,7 +110792,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108473,7 +110830,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108511,7 +110868,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108556,7 +110913,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108586,7 +110943,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108624,7 +110981,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108662,7 +111019,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108700,7 +111057,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108738,7 +111095,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108775,7 +111132,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108814,7 +111171,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108844,7 +111201,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108882,7 +111239,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108920,7 +111277,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108958,7 +111315,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -108996,7 +111353,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109034,7 +111391,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109079,7 +111436,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109109,7 +111466,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109147,7 +111504,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109185,7 +111542,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109223,7 +111580,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109261,7 +111618,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109299,7 +111656,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109336,7 +111693,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109375,7 +111732,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109405,7 +111762,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109443,7 +111800,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109481,7 +111838,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109519,7 +111876,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109557,7 +111914,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109595,7 +111952,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109633,7 +111990,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109678,7 +112035,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109708,7 +112065,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109746,7 +112103,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109784,7 +112141,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109822,7 +112179,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109860,7 +112217,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109898,7 +112255,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109936,7 +112293,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -109973,7 +112330,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[8] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110012,7 +112369,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110042,7 +112399,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110080,7 +112437,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110118,7 +112475,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110156,7 +112513,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110194,7 +112551,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110232,7 +112589,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110270,7 +112627,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110315,7 +112672,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110345,7 +112702,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110383,7 +112740,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110421,7 +112778,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110459,7 +112816,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110497,7 +112854,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110535,7 +112892,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110572,7 +112929,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[9] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110611,7 +112968,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110641,7 +112998,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110679,7 +113036,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110717,7 +113074,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110755,7 +113112,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110793,7 +113150,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110831,7 +113188,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110876,7 +113233,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110906,7 +113263,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110944,7 +113301,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -110982,7 +113339,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111020,7 +113377,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111058,7 +113415,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111095,7 +113452,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[10] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111134,7 +113491,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111164,7 +113521,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111202,7 +113559,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111240,7 +113597,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111278,7 +113635,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111316,7 +113673,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111361,7 +113718,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111391,7 +113748,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111429,7 +113786,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111467,7 +113824,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111505,7 +113862,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111542,7 +113899,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[11] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111581,7 +113938,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111611,7 +113968,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111649,7 +114006,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111687,7 +114044,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111725,7 +114082,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111770,7 +114127,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111800,7 +114157,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111838,7 +114195,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111876,7 +114233,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111913,7 +114270,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[12] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111952,7 +114309,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -111982,7 +114339,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112020,7 +114377,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112058,7 +114415,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112103,7 +114460,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112133,7 +114490,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112171,7 +114528,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112208,7 +114565,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[13] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112247,7 +114604,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112277,7 +114634,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112315,7 +114672,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[13] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112360,7 +114717,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112415,7 +114772,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[13] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112466,7 +114823,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[14] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112496,7 +114853,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[13] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112551,7 +114908,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[14] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112604,7 +114961,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[14] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112658,7 +115015,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[15] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112688,7 +115045,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         /* A[15] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
         "ldr	r12, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112743,7 +115100,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         "str	r3, [%[r], #124]\n\t"
         /* A[16] * A[16] */
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -112780,7 +115137,7 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -112794,9 +115151,9 @@ static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -112824,7 +115181,7 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "adc	%[r], r4, #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -112838,12 +115195,11 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
  */
 static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -112876,107 +115232,11 @@ static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit
         "ldm	%[b]!, {r7}\n\t"
         "adcs	r3, r3, r7\n\t"
         "stm	%[r]!, {r3}\n\t"
-        "adc	%[r], r12, r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x40\n\t"
-        "\n"
-    "L_sp_521_sub_17_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_521_sub_17_word_%=\n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldm	%[b]!, {r7}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "stm	%[r]!, {r3}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3}\n\t"
-        "ldm	%[b]!, {r7}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "stm	%[r]!, {r3}\n\t"
-        "sbc	%[r], r6, r6\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -113010,14 +115270,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -113206,10 +115466,10 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
  */
 static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -113230,7 +115490,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -113246,10 +115506,10 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -113317,7 +115577,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -113331,7 +115591,7 @@ static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_
  */
 static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x44\n\t"
@@ -113402,7 +115662,7 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
         /*  12-16 */
         "ldm	%[a], {r1, r2, r3, r4, r5}\n\t"
         "ldm	sp!, {r7, r8, r9, r10, r11}\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	lr, #0x1\n\t"
         "lsl	lr, lr, #8\n\t"
         "add	lr, lr, #0xff\n\t"
@@ -113445,12 +115705,13 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
         "stm	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
     (void)m_p;
     (void)mp_p;
 }
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 521 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -113459,12 +115720,12 @@ static SP_NOINLINE void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p
  */
 static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -113478,7 +115739,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "mul	r8, %[mp], r12\n\t"
         "cmp	r9, #0x40\n\t"
         "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r7, #0x1\n\t"
         "lsl	r7, r7, #8\n\t"
         "add	r7, r7, #0xff\n\t"
@@ -113489,10 +115750,9 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "\n"
     "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -113516,15 +115776,9 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "str	r12, [%[a]]\n\t"
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -113548,18 +115802,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -113583,17 +115831,11 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113617,18 +115859,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -113652,18 +115888,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113687,18 +115917,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -113722,18 +115946,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113757,18 +115975,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -113792,18 +116004,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113827,18 +116033,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -113862,18 +116062,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113897,18 +116091,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -113932,18 +116120,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -113967,18 +116149,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -114002,18 +116178,12 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -114037,22 +116207,16 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #64]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #64]\n\t"
+#else
+        "ldr	r7, [%[m], #64]\n\t"
 #endif
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -114083,13 +116247,264 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r5, r7\n\t"
         "adc	r3, r3, #0\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "adcs	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x44\n\t"
+        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "sub	%[a], %[a], #4\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #4]\n\t"
+        "ldr	r4, [%[a], #8]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #8]\n\t"
+        "ldr	r5, [%[a], #12]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #12]\n\t"
+        "ldr	r4, [%[a], #16]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #16]\n\t"
+        "ldr	r5, [%[a], #20]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #20]\n\t"
+        "ldr	r4, [%[a], #24]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #24]\n\t"
+        "ldr	r5, [%[a], #28]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #28]\n\t"
+        "ldr	r4, [%[a], #32]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #32]\n\t"
+        "ldr	r5, [%[a], #36]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #36]\n\t"
+        "ldr	r4, [%[a], #40]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #40]\n\t"
+        "ldr	r5, [%[a], #44]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #44]\n\t"
+        "ldr	r4, [%[a], #48]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #48]\n\t"
+        "ldr	r5, [%[a], #52]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #52]\n\t"
+        "ldr	r4, [%[a], #56]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #56]\n\t"
+        "ldr	r5, [%[a], #60]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "orr	r4, r4, r5, lsl #23\n\t"
+        "str	r4, [%[a], #60]\n\t"
+        "ldr	r4, [%[a], #64]\n\t"
+        "lsr	r5, r5, #9\n\t"
+        "orr	r5, r5, r4, lsl #23\n\t"
+        "str	r5, [%[a], #64]\n\t"
+        "lsr	r4, r4, #9\n\t"
+        "str	r4, [%[a], #68]\n\t"
+        "lsr	r3, r4, #9\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        "cmp	r9, #0x40\n\t"
+        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r7, #0x1\n\t"
+        "lsl	r7, r7, #8\n\t"
+        "add	r7, r7, #0xff\n\t"
 #else
+        "mov	r7, #0x1ff\n\t"
+#endif
+        "and	r8, r8, r7\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        "str	r12, [%[a]]\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r4, r4, r6\n\t"
         "adcs	r5, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
@@ -114101,6 +116516,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x44\n\t"
         "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "sub	%[a], %[a], #4\n\t"
@@ -114176,11 +116592,225 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        "cmp	r12, #0x40\n\t"
+        "bne	L_sp_521_mont_reduce_order_17_nomask_%=\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+        "mov	r10, #0x1\n\t"
+        "lsl	r10, r10, #8\n\t"
+        "add	r10, r10, #0xff\n\t"
+#else
+        "mov	r10, #0x1ff\n\t"
+#endif
+        "and	r11, r11, r10\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_nomask_%=: \n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        "str	r4, [%[a]]\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #68]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #68]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x44\n\t"
+        "blt	L_sp_521_mont_reduce_order_17_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "sub	%[a], %[a], #4\n\t"
+        "ldr	r10, [%[a]]\n\t"
+        "ldr	r3, [%[a], #4]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #4]\n\t"
+        "ldr	r10, [%[a], #8]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #8]\n\t"
+        "ldr	r3, [%[a], #12]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #16]\n\t"
+        "ldr	r3, [%[a], #20]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #24]\n\t"
+        "ldr	r3, [%[a], #28]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #32]\n\t"
+        "ldr	r3, [%[a], #36]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #40]\n\t"
+        "ldr	r3, [%[a], #44]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #48]\n\t"
+        "ldr	r3, [%[a], #52]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #56]\n\t"
+        "ldr	r3, [%[a], #60]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "orr	r10, r10, r3, lsl #23\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "lsr	r3, r3, #9\n\t"
+        "orr	r3, r3, r10, lsl #23\n\t"
+        "str	r3, [%[a], #64]\n\t"
+        "lsr	r10, r10, #9\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "lsr	lr, r10, #9\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -114188,7 +116818,7 @@ static SP_NOINLINE void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digi
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -114202,7 +116832,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -114218,10 +116848,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_17(r, a, m, mp);
     for (; n > 1; n--) {
@@ -114329,8 +116959,8 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
  */
 static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -114548,7 +117178,7 @@ static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -114608,9 +117238,9 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
  */
 static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -114645,7 +117275,7 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "ldm	%[a]!, {r8}\n\t"
         "ldm	%[b]!, {r4}\n\t"
         "adcs	r8, r8, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r12, #0x1\n\t"
         "lsl	r12, r12, #8\n\t"
         "add	r12, r12, #0xff\n\t"
@@ -114681,7 +117311,7 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     (void)m_p;
 }
@@ -114694,8 +117324,8 @@ static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "mov	r2, #0\n\t"
@@ -114721,7 +117351,7 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
         "ldm	%[a]!, {r4}\n\t"
         "adcs	r4, r4, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x1\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0xff\n\t"
@@ -114757,7 +117387,7 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
     );
     (void)m_p;
 }
@@ -114770,8 +117400,8 @@ static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "mov	r2, #0\n\t"
@@ -114831,7 +117461,7 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "ldm	%[r], {r4}\n\t"
         "ldm	%[a]!, {r8}\n\t"
         "adcs	r4, r4, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r3, #0x1\n\t"
         "lsl	r3, r3, #8\n\t"
         "add	r3, r3, #0xff\n\t"
@@ -114853,7 +117483,7 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
     );
     (void)m_p;
 }
@@ -114867,9 +117497,9 @@ static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -114904,7 +117534,7 @@ static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "ldm	%[a]!, {r8}\n\t"
         "ldm	%[b]!, {r4}\n\t"
         "sbcs	r8, r8, r4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r12, #0x1\n\t"
         "lsl	r12, r12, #8\n\t"
         "add	r12, r12, #0xff\n\t"
@@ -114941,16 +117571,15 @@ static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     (void)m_p;
 }
 
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
 static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3}\n\t"
@@ -115021,7 +117650,7 @@ static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
         "str	r3, [%[r], #64]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -115031,7 +117660,7 @@ static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_521_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
     sp_digit o = a[0] & 1;
 
@@ -115085,7 +117714,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_17(t2, t2, p521_mod);
+    sp_521_mont_div2_17(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -115095,7 +117724,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_17(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+    sp_521_mont_sub_17(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -115118,7 +117747,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -115192,7 +117822,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -115217,7 +117847,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -115283,12 +117913,12 @@ static int sp_521_iszero_17(const sp_digit* a)
 static void sp_521_proj_point_add_17(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*17;
+    sp_digit* t2 = t + 4*17;
+    sp_digit* t3 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -115310,17 +117940,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -115339,20 +117961,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_mont_dbl_17(t3, y, p521_mod);
         sp_521_mont_sub_17(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+        sp_521_mont_sub_17(y, y, x, p521_mod);
         sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(y, y, t5, p521_mod);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -115398,12 +118031,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->t3 = t + 4*17;
-        ctx->t4 = t + 6*17;
-        ctx->t5 = t + 8*17;
-        ctx->t6 = t + 10*17;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*17;
+        ctx->t2 = t + 4*17;
+        ctx->t3 = t + 6*17;
+        ctx->t4 = t + 8*17;
+        ctx->t5 = t + 10*17;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -115510,7 +118143,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -115523,22 +118156,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -115558,7 +118197,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -115868,8 +118507,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
 }
 
 #ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -115908,7 +118545,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+        sp_521_mont_tpl_17(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -115917,8 +118554,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         sp_521_mont_dbl_17(t2, b, p521_mod);
         sp_521_mont_sub_17(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+        sp_521_mont_sub_17(t2, b, x, p521_mod);
+        sp_521_mont_dbl_17(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -115938,7 +118575,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+    sp_521_mont_tpl_17(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -115947,8 +118584,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_dbl_17(t2, b, p521_mod);
     sp_521_mont_sub_17(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+    sp_521_mont_sub_17(t2, b, x, p521_mod);
+    sp_521_mont_dbl_17(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -115958,7 +118595,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_sub_17(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_17(y, y, p521_mod);
+    sp_521_mont_div2_17(y, y, p521_mod);
 }
 
 /* Convert the projective point to affine.
@@ -116004,12 +118641,12 @@ typedef struct sp_table_entry_521 {
 static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*17;
+    sp_digit* t6 = t + 4*17;
+    sp_digit* t1 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -116025,13 +118662,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -116040,33 +118673,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_17(t1, t3, p521_mod);
-        sp_521_mont_sub_17(x, x, t1, p521_mod);
+        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_17(t5, t3, p521_mod);
+        sp_521_mont_sub_17(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+        sp_521_mont_sub_17(t3, t3, x, p521_mod);
         sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -116167,7 +118807,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -116398,7 +119038,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -116469,8 +119109,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -116623,7 +119263,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -116854,7 +119494,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -116925,8 +119565,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -117043,7 +119683,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -117054,7 +119694,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -119136,7 +121776,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -119158,7 +121798,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -119219,7 +121859,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
  */
 static void sp_521_add_one_17(sp_digit* a_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r1, r2, r3, r4}\n\t"
@@ -119251,7 +121891,7 @@ static void sp_521_add_one_17(sp_digit* a_p)
         "stm	%[a]!, {r1}\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -119347,7 +121987,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -119355,7 +121995,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -119625,13 +122265,13 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
 #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
 static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #32\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, [%[a]]\n\t"
         "ldr	r5, [%[a], #4]\n\t"
 #else
@@ -119716,7 +122356,7 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "lsl	r3, r5, r12\n\t"
         "lsr	r5, r5, %[n]\n\t"
         "orr	r4, r4, r3\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "str	r4, [%[r], #60]\n\t"
         "str	r5, [%[r], #64]\n\t"
 #else
@@ -119724,7 +122364,7 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 #endif
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
@@ -119734,9 +122374,9 @@ static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
 static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #31\n\t"
@@ -119844,15 +122484,15 @@ static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "str	r5, [%[r], #4]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
 static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register byte n asm ("r2") = n_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register byte n asm ("r2") = (byte)n_p;
 
     __asm__ __volatile__ (
         "rsb	r12, %[n], #31\n\t"
@@ -120062,7 +122702,7 @@ static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
         "str	r6, [%[r], #4]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : "memory", "r4", "r5", "r6", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r3", "r12", "cc"
     );
 }
 
@@ -120074,16 +122714,15 @@ static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
  */
 static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x40\n\t"
         "\n"
     "L_sp_521_sub_in_pkace_17_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -120091,18 +122730,18 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_521_sub_in_pkace_17_word_%=\n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2}\n\t"
         "ldm	%[b]!, {r6}\n\t"
         "sbcs	r2, r2, r6\n\t"
         "stm	%[a]!, {r2}\n\t"
-        "sbc	%[a], r10, r10\n\t"
+        "sbc	%[a], %[a], %[a]\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -120115,8 +122754,8 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -120154,7 +122793,7 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -120169,15 +122808,14 @@ static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
  */
 static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -120210,7 +122848,7 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_521_mul_d_17_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -120255,7 +122893,7 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #68]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -120268,15 +122906,14 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -120301,611 +122938,491 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -120931,15 +123448,13 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
         "str	r5, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -120956,9 +123471,9 @@ static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -120998,7 +123513,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -121015,9 +123530,9 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -121047,7 +123562,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_521_word_17_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -121075,7 +123590,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -121103,7 +123618,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -121136,7 +123651,7 @@ static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -121182,8 +123697,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[35];
     sp_digit t2[18];
@@ -121229,7 +123744,8 @@ static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digi
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_521_mod_17(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_521_div_17(a, m, NULL, r);
 }
@@ -121788,6 +124304,103 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "mov	r12, #0\n\t"
+        "add	lr, %[a], #0x40\n\t"
+        "\n"
+    "L_sp_521_sub_17_word_%=: \n\t"
+        "rsbs	r12, r12, #0\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "sbc	r12, r3, r3\n\t"
+        "cmp	%[a], lr\n\t"
+        "bne	L_sp_521_sub_17_word_%=\n\t"
+        "rsbs	r12, r12, #0\n\t"
+        "ldm	%[a]!, {r3}\n\t"
+        "ldm	%[b]!, {r7}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "sbc	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+{
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+
+    __asm__ __volatile__ (
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "subs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "sbcs	r4, r4, r8\n\t"
+        "sbcs	r5, r5, r9\n\t"
+        "sbcs	r6, r6, r10\n\t"
+        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
+        "ldm	%[a]!, {r3}\n\t"
+        "ldm	%[b]!, {r7}\n\t"
+        "sbcs	r3, r3, r7\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "sbc	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 /* Divide the number by 2 mod the modulus. (r = a / 2 % m)
  *
  * r  Result of division by 2.
@@ -121796,12 +124409,12 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
  */
 static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
-        "ldr	r4, [%[a]], #4\n\t"
+        "ldm	%[a]!, {r4}\n\t"
         "ands	r3, r4, #1\n\t"
         "beq	L_sp_521_div2_mod_17_even_%=\n\t"
         "mov	r12, #0\n\t"
@@ -121853,8 +124466,8 @@ static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "stm	%[r]!, {r4}\n\t"
         "\n"
     "L_sp_521_div2_mod_17_div2_%=: \n\t"
-        "sub	%[r], #0x44\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+        "sub	%[r], %[r], #0x44\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r8, [%[r]]\n\t"
         "ldr	r9, [%[r], #4]\n\t"
 #else
@@ -121928,49 +124541,50 @@ static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "str	r9, [%[r], #64]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
 static const unsigned char L_sp_521_num_bits_17_table[] = {
-    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03, 
-    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
-    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 
+    0x00, 0x01, 0x02, 0x02, 0x03, 0x03, 0x03, 0x03,
+    0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04, 0x04,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05, 0x05,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06, 0x06,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07, 0x07,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
+    0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
 };
 
 static int sp_521_num_bits_17(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register unsigned char* L_sp_521_num_bits_17_table_c asm ("r1") = (unsigned char*)&L_sp_521_num_bits_17_table;
 
     __asm__ __volatile__ (
         "mov	lr, %[L_sp_521_num_bits_17_table]\n\t"
@@ -121980,7 +124594,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_16_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x18\n\t"
@@ -121996,7 +124610,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_16_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x10\n\t"
@@ -122012,7 +124626,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_16_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x8\n\t"
@@ -122025,7 +124639,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_16_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -122043,7 +124657,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_15_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xf8\n\t"
@@ -122059,7 +124673,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_15_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xf0\n\t"
@@ -122075,7 +124689,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_15_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xe8\n\t"
@@ -122088,7 +124702,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_15_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xe0\n\t"
@@ -122106,7 +124720,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_14_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xd8\n\t"
@@ -122122,7 +124736,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_14_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xd0\n\t"
@@ -122138,7 +124752,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_14_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xc8\n\t"
@@ -122151,7 +124765,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_14_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xc0\n\t"
@@ -122169,7 +124783,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_13_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xb8\n\t"
@@ -122185,7 +124799,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_13_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xb0\n\t"
@@ -122201,7 +124815,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_13_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xa8\n\t"
@@ -122214,7 +124828,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_13_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xa0\n\t"
@@ -122232,7 +124846,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_12_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x98\n\t"
@@ -122248,7 +124862,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_12_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x90\n\t"
@@ -122264,7 +124878,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_12_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x88\n\t"
@@ -122277,7 +124891,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_12_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x80\n\t"
@@ -122295,7 +124909,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_11_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x78\n\t"
@@ -122311,7 +124925,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_11_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x70\n\t"
@@ -122327,7 +124941,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_11_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x68\n\t"
@@ -122340,7 +124954,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_11_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x60\n\t"
@@ -122358,7 +124972,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_10_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x58\n\t"
@@ -122374,7 +124988,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_10_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x50\n\t"
@@ -122390,7 +125004,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_10_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x48\n\t"
@@ -122403,7 +125017,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_10_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x40\n\t"
@@ -122421,7 +125035,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_9_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x38\n\t"
@@ -122437,7 +125051,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_9_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x30\n\t"
@@ -122453,7 +125067,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_9_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x28\n\t"
@@ -122466,7 +125080,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_9_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x20\n\t"
@@ -122484,7 +125098,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "lsr	r3, r1, #24\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_8_3_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x18\n\t"
@@ -122500,7 +125114,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_8_2_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x10\n\t"
@@ -122516,7 +125130,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "and	r3, r3, #0xff\n\t"
         "cmp	r3, #0\n\t"
         "beq	L_sp_521_num_bits_17_8_1_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x8\n\t"
@@ -122529,7 +125143,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_8_1_%=: \n\t"
         "and	r3, r1, #0xff\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -122849,9 +125463,9 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "\n"
     "L_sp_521_num_bits_17_18_%=: \n\t"
         "mov	%[a], r12\n\t"
-        : [a] "+r" (a)
-        : [L_sp_521_num_bits_17_table] "r" (L_sp_521_num_bits_17_table)
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : [a] "+r" (a), [L_sp_521_num_bits_17_table] "+r" (L_sp_521_num_bits_17_table_c)
+        :
+        : "memory", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -122859,13 +125473,13 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
 #else
 static int sp_521_num_bits_17(const sp_digit* a_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldr	r1, [%[a], #64]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_16_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x20\n\t"
@@ -122880,7 +125494,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #60]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_15_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x2\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -122895,7 +125509,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #56]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_14_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xe0\n\t"
@@ -122910,7 +125524,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #52]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_13_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xc0\n\t"
@@ -122925,7 +125539,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #48]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_12_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0xa0\n\t"
@@ -122940,7 +125554,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #44]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_11_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x80\n\t"
@@ -122955,7 +125569,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #40]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_10_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x60\n\t"
@@ -122970,7 +125584,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #36]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_9_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x40\n\t"
@@ -122985,7 +125599,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #32]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_8_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x20\n\t"
@@ -123000,7 +125614,7 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "ldr	r1, [%[a], #28]\n\t"
         "cmp	r1, #0\n\t"
         "beq	L_sp_521_num_bits_17_7_%=\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "mov	r2, #0x1\n\t"
         "lsl	r2, r2, #8\n\t"
         "add	r2, r2, #0x0\n\t"
@@ -123075,12 +125689,12 @@ static int sp_521_num_bits_17(const sp_digit* a_p)
         "mov	%[a], r12\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r12", "lr"
+        : "memory", "r1", "r2", "r3", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
 
-#endif /* WOLFSSL_SP_ARM_ARCH && (WOLFSSL_SP_ARM_ARCH < 7) */
+#endif /* WOLFSSL_ARM_ARCH && (WOLFSSL_ARM_ARCH < 7) */
 /* Non-constant time modular inversion.
  *
  * @param  [out]  r   Resulting number.
@@ -123124,7 +125738,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
             sp_521_sub_17(u, u, v);
             o = sp_521_sub_17(b, b, d);
             if (o != 0)
@@ -123210,7 +125824,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -123541,7 +126155,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -123569,19 +126183,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 17;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_17(t1, point->y);
         (void)sp_521_mod_17(t1, t1, p521_mod);
         sp_521_sqr_17(t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
         sp_521_mul_17(t2, t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
-        (void)sp_521_sub_17(t2, p521_mod, t2);
-        sp_521_mont_add_17(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_17(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -123595,7 +126211,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -124102,17 +126718,16 @@ typedef struct sp_point_1024 {
  */
 static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x40\n\t"
-        "mov	r10, #0\n\t"
         /* A[0] * B[0] */
         "ldr	r11, [%[a]]\n\t"
         "ldr	r12, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r3, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124142,7 +126757,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp]\n\t"
         /* A[0] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124181,7 +126796,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[1] * B[0] */
         "ldr	r8, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124219,7 +126834,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #4]\n\t"
         /* A[2] * B[0] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124259,7 +126874,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[1] */
         "ldr	r11, [%[a], #4]\n\t"
         "ldr	r12, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124297,7 +126912,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[2] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124335,7 +126950,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #8]\n\t"
         /* A[0] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124374,7 +126989,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[1] * B[2] */
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124411,7 +127026,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[2] * B[1] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124449,7 +127064,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[0] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124487,7 +127102,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #12]\n\t"
         /* A[4] * B[0] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124526,7 +127141,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[1] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124564,7 +127179,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[2] */
         "ldr	r11, [%[a], #8]\n\t"
         "ldr	r12, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124602,7 +127217,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[3] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124640,7 +127255,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[4] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124678,7 +127293,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #16]\n\t"
         /* A[0] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124718,7 +127333,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[4] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124755,7 +127370,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[2] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124792,7 +127407,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[2] */
         "ldr	r8, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124830,7 +127445,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[1] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124868,7 +127483,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[0] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124906,7 +127521,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #20]\n\t"
         /* A[6] * B[0] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124946,7 +127561,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[1] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -124983,7 +127598,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[2] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125021,7 +127636,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[3] */
         "ldr	r11, [%[a], #12]\n\t"
         "ldr	r12, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125059,7 +127674,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[4] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125097,7 +127712,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[5] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125135,7 +127750,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[6] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125173,7 +127788,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #24]\n\t"
         /* A[0] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125213,7 +127828,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[6] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125251,7 +127866,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[5] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125288,7 +127903,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[3] * B[4] */
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125325,7 +127940,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[3] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125363,7 +127978,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[2] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125401,7 +128016,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[1] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125439,7 +128054,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[0] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125477,7 +128092,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #28]\n\t"
         /* A[8] * B[0] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125517,7 +128132,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[1] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125555,7 +128170,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[2] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125592,7 +128207,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[3] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125630,7 +128245,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[4] */
         "ldr	r11, [%[a], #16]\n\t"
         "ldr	r12, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125668,7 +128283,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[5] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125706,7 +128321,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[6] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125744,7 +128359,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[7] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125782,7 +128397,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[8] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125820,7 +128435,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #32]\n\t"
         /* A[0] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125860,7 +128475,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[8] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125898,7 +128513,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[7] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125936,7 +128551,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[6] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -125973,7 +128588,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[4] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126010,7 +128625,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[4] */
         "ldr	r8, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126048,7 +128663,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[3] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126086,7 +128701,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[2] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126124,7 +128739,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[1] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126162,7 +128777,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[0] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126200,7 +128815,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #36]\n\t"
         /* A[10] * B[0] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126240,7 +128855,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[1] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126278,7 +128893,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[2] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126316,7 +128931,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[3] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126353,7 +128968,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[4] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126391,7 +129006,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[5] */
         "ldr	r11, [%[a], #20]\n\t"
         "ldr	r12, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126429,7 +129044,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[6] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126467,7 +129082,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[7] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126505,7 +129120,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[8] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126543,7 +129158,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[9] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126581,7 +129196,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[10] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126619,7 +129234,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #40]\n\t"
         /* A[0] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126659,7 +129274,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[10] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126697,7 +129312,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[9] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126735,7 +129350,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[8] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126773,7 +129388,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[7] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126810,7 +129425,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[5] * B[6] */
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126847,7 +129462,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[5] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126885,7 +129500,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[4] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126923,7 +129538,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[3] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126961,7 +129576,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[2] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -126999,7 +129614,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[1] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127037,7 +129652,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[0] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127075,7 +129690,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #44]\n\t"
         /* A[12] * B[0] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127115,7 +129730,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[1] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127153,7 +129768,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[2] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127191,7 +129806,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[3] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127229,7 +129844,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[4] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127266,7 +129881,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[5] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127304,7 +129919,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[6] */
         "ldr	r11, [%[a], #24]\n\t"
         "ldr	r12, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127342,7 +129957,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[7] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127380,7 +129995,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[8] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127418,7 +130033,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[9] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127456,7 +130071,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[10] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127494,7 +130109,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[11] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127532,7 +130147,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[12] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127570,7 +130185,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #48]\n\t"
         /* A[0] * B[13] */
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127610,7 +130225,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[12] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127648,7 +130263,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[11] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127686,7 +130301,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[10] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127724,7 +130339,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[9] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127762,7 +130377,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[8] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127799,7 +130414,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[6] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127836,7 +130451,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[6] */
         "ldr	r8, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127874,7 +130489,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[5] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127912,7 +130527,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[4] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127950,7 +130565,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[3] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -127988,7 +130603,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[2] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128026,7 +130641,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[1] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128064,7 +130679,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[0] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128102,7 +130717,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [sp, #52]\n\t"
         /* A[14] * B[0] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128142,7 +130757,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[1] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128180,7 +130795,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[2] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128218,7 +130833,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[3] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128256,7 +130871,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[4] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128294,7 +130909,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[5] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128331,7 +130946,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[6] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128369,7 +130984,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[7] */
         "ldr	r11, [%[a], #28]\n\t"
         "ldr	r12, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128407,7 +131022,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[8] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128445,7 +131060,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[9] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128483,7 +131098,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[10] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128521,7 +131136,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[11] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128559,7 +131174,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[12] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128597,7 +131212,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[13] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128635,7 +131250,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[0] * B[14] */
         "ldr	r8, [%[a]]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128673,7 +131288,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [sp, #56]\n\t"
         /* A[0] * B[15] */
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128713,7 +131328,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[14] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128751,7 +131366,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[13] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128789,7 +131404,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[12] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128827,7 +131442,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[11] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128865,7 +131480,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[10] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128903,7 +131518,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[9] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128940,7 +131555,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[7] * B[8] */
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -128977,7 +131592,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[7] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129015,7 +131630,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[6] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129053,7 +131668,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[5] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129091,7 +131706,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[4] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129129,7 +131744,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[3] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129167,7 +131782,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[2] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129205,7 +131820,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[1] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129243,7 +131858,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[0] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129281,7 +131896,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [sp, #60]\n\t"
         /* A[15] * B[1] */
         "ldr	r9, [%[b], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129321,7 +131936,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[2] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129359,7 +131974,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[3] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129397,7 +132012,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[4] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129435,7 +132050,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[5] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129473,7 +132088,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[6] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129510,7 +132125,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[7] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129548,7 +132163,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[8] */
         "ldr	r11, [%[a], #32]\n\t"
         "ldr	r12, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129586,7 +132201,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[9] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129624,7 +132239,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[10] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129662,7 +132277,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[11] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129700,7 +132315,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[12] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129738,7 +132353,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[13] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129776,7 +132391,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[2] * B[14] */
         "ldr	r8, [%[a], #8]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129814,7 +132429,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[1] * B[15] */
         "ldr	r8, [%[a], #4]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129852,7 +132467,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #64]\n\t"
         /* A[2] * B[15] */
         "ldr	r8, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129892,7 +132507,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[14] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129930,7 +132545,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[13] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -129968,7 +132583,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[12] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130006,7 +132621,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[11] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130044,7 +132659,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[10] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130081,7 +132696,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[8] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130118,7 +132733,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[8] */
         "ldr	r8, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130156,7 +132771,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[7] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130194,7 +132809,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[6] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130232,7 +132847,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[5] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130270,7 +132885,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[4] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130308,7 +132923,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[3] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130346,7 +132961,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[2] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130384,7 +132999,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #68]\n\t"
         /* A[15] * B[3] */
         "ldr	r9, [%[b], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130424,7 +133039,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[4] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130462,7 +133077,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[5] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130500,7 +133115,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[6] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130538,7 +133153,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[7] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130575,7 +133190,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[10] * B[8] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130613,7 +133228,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[9] */
         "ldr	r11, [%[a], #36]\n\t"
         "ldr	r12, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130651,7 +133266,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[10] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130689,7 +133304,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[11] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130727,7 +133342,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[12] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130765,7 +133380,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[13] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130803,7 +133418,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[4] * B[14] */
         "ldr	r8, [%[a], #16]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130841,7 +133456,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[3] * B[15] */
         "ldr	r8, [%[a], #12]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130879,7 +133494,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #72]\n\t"
         /* A[4] * B[15] */
         "ldr	r8, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130919,7 +133534,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[14] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130957,7 +133572,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[13] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -130995,7 +133610,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[12] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131033,7 +133648,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[11] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131070,7 +133685,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[9] * B[10] */
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131107,7 +133722,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[10] * B[9] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131145,7 +133760,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[8] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131183,7 +133798,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[7] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131221,7 +133836,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[6] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131259,7 +133874,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[5] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131297,7 +133912,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[4] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131335,7 +133950,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #76]\n\t"
         /* A[15] * B[5] */
         "ldr	r9, [%[b], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131375,7 +133990,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[6] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131413,7 +134028,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[7] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131451,7 +134066,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[8] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131488,7 +134103,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[11] * B[9] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131526,7 +134141,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[10] */
         "ldr	r11, [%[a], #40]\n\t"
         "ldr	r12, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131564,7 +134179,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[11] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131602,7 +134217,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[12] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131640,7 +134255,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[13] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131678,7 +134293,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[6] * B[14] */
         "ldr	r8, [%[a], #24]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131716,7 +134331,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[5] * B[15] */
         "ldr	r8, [%[a], #20]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131754,7 +134369,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #80]\n\t"
         /* A[6] * B[15] */
         "ldr	r8, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131794,7 +134409,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[14] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131832,7 +134447,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[13] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131870,7 +134485,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[12] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131907,7 +134522,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[10] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131944,7 +134559,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[11] * B[10] */
         "ldr	r8, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -131982,7 +134597,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[9] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132020,7 +134635,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[8] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132058,7 +134673,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[7] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132096,7 +134711,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[6] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132134,7 +134749,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #84]\n\t"
         /* A[15] * B[7] */
         "ldr	r9, [%[b], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132174,7 +134789,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[8] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132212,7 +134827,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[9] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132249,7 +134864,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[12] * B[10] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132287,7 +134902,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[11] */
         "ldr	r11, [%[a], #44]\n\t"
         "ldr	r12, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132325,7 +134940,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[12] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132363,7 +134978,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[13] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132401,7 +135016,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[8] * B[14] */
         "ldr	r8, [%[a], #32]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132439,7 +135054,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[7] * B[15] */
         "ldr	r8, [%[a], #28]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132477,7 +135092,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #88]\n\t"
         /* A[8] * B[15] */
         "ldr	r8, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132517,7 +135132,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[14] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132555,7 +135170,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[13] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132592,7 +135207,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[11] * B[12] */
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132629,7 +135244,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[12] * B[11] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132667,7 +135282,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[10] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132705,7 +135320,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[9] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132743,7 +135358,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[8] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132781,7 +135396,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #92]\n\t"
         /* A[15] * B[9] */
         "ldr	r9, [%[b], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132821,7 +135436,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[10] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132858,7 +135473,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[13] * B[11] */
         "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132896,7 +135511,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[12] */
         "ldr	r11, [%[a], #48]\n\t"
         "ldr	r12, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132934,7 +135549,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[13] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -132972,7 +135587,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[10] * B[14] */
         "ldr	r8, [%[a], #40]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133010,7 +135625,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[9] * B[15] */
         "ldr	r8, [%[a], #36]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133048,7 +135663,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r3, [%[r], #96]\n\t"
         /* A[10] * B[15] */
         "ldr	r8, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133088,7 +135703,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[14] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133125,7 +135740,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[12] * B[13] */
         "ldr	r9, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133162,7 +135777,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[13] * B[12] */
         "ldr	r8, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133200,7 +135815,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[11] */
         "ldr	r8, [%[a], #56]\n\t"
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133238,7 +135853,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[10] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133276,7 +135891,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r4, [%[r], #100]\n\t"
         /* A[15] * B[11] */
         "ldr	r9, [%[b], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133315,7 +135930,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[14] * B[12] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133353,7 +135968,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[13] */
         "ldr	r11, [%[a], #52]\n\t"
         "ldr	r12, [%[b], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133391,7 +136006,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[12] * B[14] */
         "ldr	r8, [%[a], #48]\n\t"
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133429,7 +136044,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[11] * B[15] */
         "ldr	r8, [%[a], #44]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133467,7 +136082,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "str	r5, [%[r], #104]\n\t"
         /* A[12] * B[15] */
         "ldr	r8, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133506,7 +136121,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[13] * B[14] */
         "ldr	r9, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133543,7 +136158,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[14] * B[13] */
         "ldr	r8, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133581,7 +136196,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[15] * B[12] */
         "ldr	r8, [%[a], #60]\n\t"
         "ldr	r9, [%[b], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133618,7 +136233,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r3, [%[r], #108]\n\t"
         /* A[15] * B[13] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133658,7 +136273,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[14] * B[14] */
         "ldr	r11, [%[a], #56]\n\t"
         "ldr	r12, [%[b], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133696,7 +136311,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         /* A[13] * B[15] */
         "ldr	r8, [%[a], #52]\n\t"
         "ldr	r9, [%[b], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133733,7 +136348,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r4, [%[r], #112]\n\t"
         /* A[14] * B[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r11, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133772,7 +136387,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         /* A[15] * B[14] */
         "ldr	r8, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r12, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133809,7 +136424,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "str	r5, [%[r], #116]\n\t"
         /* A[15] * B[15] */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r9, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -133835,9 +136450,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "adds	r3, r3, r6\n\t"
         "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, r8, r9\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adc	r4, r4, r7\n\t"
+        "umlal	r3, r4, r8, r9\n\t"
 #endif
         "str	r3, [%[r], #120]\n\t"
         "str	r4, [%[r], #124]\n\t"
@@ -133851,7 +136464,7 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
@@ -133862,14 +136475,14 @@ static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x40\n\t"
         /* A[0] * A[0] */
         "ldr	r10, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsr	r9, r10, #16\n\t"
         "lsl	r2, r10, #16\n\t"
         "lsr	r2, r2, #16\n\t"
@@ -133888,7 +136501,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -133944,7 +136557,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -133998,7 +136611,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[1] * A[1] */
         "ldr	r10, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134028,7 +136641,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134083,7 +136696,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134136,7 +136749,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134191,7 +136804,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134242,7 +136855,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[2] * A[2] */
         "ldr	r10, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134272,7 +136885,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134302,7 +136915,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134340,7 +136953,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134385,7 +136998,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134415,7 +137028,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134453,7 +137066,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134490,7 +137103,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[3] * A[3] */
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134529,7 +137142,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134559,7 +137172,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134597,7 +137210,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134635,7 +137248,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134680,7 +137293,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134710,7 +137323,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134748,7 +137361,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134786,7 +137399,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134823,7 +137436,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[4] * A[4] */
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134862,7 +137475,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134892,7 +137505,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134930,7 +137543,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -134968,7 +137581,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135006,7 +137619,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135051,7 +137664,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135081,7 +137694,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135119,7 +137732,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135157,7 +137770,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135195,7 +137808,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135232,7 +137845,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[5] * A[5] */
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135271,7 +137884,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135301,7 +137914,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135339,7 +137952,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135377,7 +137990,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135415,7 +138028,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135453,7 +138066,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135498,7 +138111,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135528,7 +138141,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135566,7 +138179,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135604,7 +138217,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135642,7 +138255,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135680,7 +138293,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135717,7 +138330,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[6] * A[6] */
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135756,7 +138369,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135786,7 +138399,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135824,7 +138437,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135862,7 +138475,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135900,7 +138513,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135938,7 +138551,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -135976,7 +138589,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136021,7 +138634,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136051,7 +138664,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136089,7 +138702,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136127,7 +138740,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136165,7 +138778,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136203,7 +138816,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136241,7 +138854,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136278,7 +138891,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[7] * A[7] */
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136317,7 +138930,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[0] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136347,7 +138960,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136385,7 +138998,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136423,7 +139036,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136461,7 +139074,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136499,7 +139112,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136537,7 +139150,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136575,7 +139188,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136620,7 +139233,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[1] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136650,7 +139263,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136688,7 +139301,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136726,7 +139339,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136764,7 +139377,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136802,7 +139415,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136840,7 +139453,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136877,7 +139490,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[8] * A[8] */
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136916,7 +139529,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[2] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136946,7 +139559,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -136984,7 +139597,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137022,7 +139635,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137060,7 +139673,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137098,7 +139711,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137136,7 +139749,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137181,7 +139794,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[3] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137211,7 +139824,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137249,7 +139862,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137287,7 +139900,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137325,7 +139938,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137363,7 +139976,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137400,7 +140013,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[9] * A[9] */
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137439,7 +140052,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[4] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137469,7 +140082,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137507,7 +140120,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137545,7 +140158,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137583,7 +140196,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137621,7 +140234,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137666,7 +140279,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[5] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137696,7 +140309,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137734,7 +140347,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137772,7 +140385,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137810,7 +140423,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137847,7 +140460,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[10] * A[10] */
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137886,7 +140499,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[6] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137916,7 +140529,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137954,7 +140567,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -137992,7 +140605,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138030,7 +140643,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138075,7 +140688,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[7] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138105,7 +140718,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138143,7 +140756,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138181,7 +140794,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138218,7 +140831,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[11] * A[11] */
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138257,7 +140870,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[8] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138287,7 +140900,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138325,7 +140938,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138363,7 +140976,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138408,7 +141021,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[9] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138438,7 +141051,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138476,7 +141089,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138513,7 +141126,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[12] * A[12] */
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138552,7 +141165,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[10] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r5, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138582,7 +141195,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138620,7 +141233,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138665,7 +141278,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[11] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138720,7 +141333,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138771,7 +141384,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[13] * A[13] */
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138801,7 +141414,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[12] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138856,7 +141469,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[13] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
         "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138909,7 +141522,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[13] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138963,7 +141576,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
 #endif
         /* A[14] * A[14] */
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -138993,7 +141606,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         /* A[14] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
         "ldr	r12, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsl	r9, r12, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -139048,7 +141661,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         "str	r4, [%[r], #116]\n\t"
         /* A[15] * A[15] */
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r8, r10, #16\n\t"
         "lsr	r9, r10, #16\n\t"
         "lsr	r8, r8, #16\n\t"
@@ -139083,7 +141696,7 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
         "stm	%[r]!, {r2, r3, r4, r8}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -139095,12 +141708,11 @@ static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
  */
 static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -139129,10 +141741,11 @@ static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -139144,8 +141757,8 @@ static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
@@ -139207,7 +141820,7 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
         "sbc	%[a], r9, r9\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -139220,12 +141833,11 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
         "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
         "adds	r3, r3, r7\n\t"
@@ -139282,10 +141894,11 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "adcs	r5, r5, r9\n\t"
         "adcs	r6, r6, r10\n\t"
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "adc	%[r], r12, r12\n\t"
+        "mov	%[r], #0\n\t"
+        "adc	%[r], %[r], #0\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -139367,9 +141980,9 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
  */
 static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
@@ -139403,7 +142016,7 @@ static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "sbc	%[r], r6, r6\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -139453,16 +142066,19 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
  */
 static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x100\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "ldr	r11, [%[b]]\n\t"
+        "umull	r8, r6, lr, r11\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_1024_mul_32_outer_%=: \n\t"
         "subs	r3, r5, #0x7c\n\t"
@@ -139473,7 +142089,44 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
     "L_sp_1024_mul_32_inner_%=: \n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[b], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
+        "ldr	lr, [%[a], r4]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -139510,10 +142163,46 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
 #endif
         "add	r3, r3, #4\n\t"
         "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x80\n\t"
-        "beq	L_sp_1024_mul_32_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_1024_mul_32_inner_%=\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_1024_mul_32_inner_done_%=\n\t"
+        "blt	L_sp_1024_mul_32_inner_%=\n\t"
+        "ldr	lr, [%[a], r3]\n\t"
+        "ldr	r11, [%[b], r3]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adcs	r7, r7, #0\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#else
+        "umull	r9, r10, lr, r11\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adcs	r7, r7, r10\n\t"
+        "adc	r8, r8, #0\n\t"
+#endif
         "\n"
     "L_sp_1024_mul_32_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
@@ -139521,18 +142210,50 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf8\n\t"
+        "cmp	r5, #0xf4\n\t"
         "ble	L_sp_1024_mul_32_outer_%=\n\t"
+        "ldr	lr, [%[a], #124]\n\t"
+        "ldr	r11, [%[b], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "adds	r6, r6, r10\n\t"
+        "adc	r7, r7, #0\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r9, lr, #16\n\t"
+        "lsr	r10, r11, #16\n\t"
+        "mul	r10, r9, r10\n\t"
+        "add	r7, r7, r10\n\t"
+        "lsl	r10, r11, #16\n\t"
+        "lsr	r10, r10, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #16\n\t"
+        "lsl	r9, r9, #16\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umlal	r6, r7, lr, r11\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_1024_mul_32_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_1024_mul_32_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -139543,29 +142264,28 @@ static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b
  */
 static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "sub	sp, sp, #0x100\n\t"
-        "mov	r12, #0\n\t"
-        "mov	r6, #0\n\t"
+        "ldr	lr, [%[a]]\n\t"
+        "umull	r8, r6, lr, lr\n\t"
+        "str	r8, [sp]\n\t"
         "mov	r7, #0\n\t"
         "mov	r8, #0\n\t"
-        "mov	r5, #0\n\t"
+        "mov	r5, #4\n\t"
         "\n"
     "L_sp_1024_sqr_32_outer_%=: \n\t"
         "subs	r3, r5, #0x7c\n\t"
         "it	cc\n\t"
-        "movcc	r3, r12\n\t"
+        "movcc	r3, #0\n\t"
         "sub	r4, r5, r3\n\t"
         "\n"
     "L_sp_1024_sqr_32_inner_%=: \n\t"
-        "cmp	r4, r3\n\t"
-        "beq	L_sp_1024_sqr_32_op_sqr_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
         "ldr	r11, [%[a], r4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsl	r10, r11, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -139614,11 +142334,13 @@ static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
         "adcs	r7, r7, r10\n\t"
         "adc	r8, r8, #0\n\t"
 #endif
-        "bal	L_sp_1024_sqr_32_op_done_%=\n\t"
-        "\n"
-    "L_sp_1024_sqr_32_op_sqr_%=: \n\t"
+        "add	r3, r3, #4\n\t"
+        "sub	r4, r4, #4\n\t"
+        "cmp	r3, r4\n\t"
+        "bgt	L_sp_1024_sqr_32_inner_done_%=\n\t"
+        "blt	L_sp_1024_sqr_32_inner_%=\n\t"
         "ldr	lr, [%[a], r3]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r9, lr, #16\n\t"
         "lsr	r10, lr, #16\n\t"
         "lsr	r9, r9, #16\n\t"
@@ -139645,34 +142367,50 @@ static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
         "adc	r8, r8, #0\n\t"
 #endif
         "\n"
-    "L_sp_1024_sqr_32_op_done_%=: \n\t"
-        "add	r3, r3, #4\n\t"
-        "sub	r4, r4, #4\n\t"
-        "cmp	r3, #0x80\n\t"
-        "beq	L_sp_1024_sqr_32_inner_done_%=\n\t"
-        "cmp	r3, r4\n\t"
-        "bgt	L_sp_1024_sqr_32_inner_done_%=\n\t"
-        "cmp	r3, r5\n\t"
-        "ble	L_sp_1024_sqr_32_inner_%=\n\t"
-        "\n"
     "L_sp_1024_sqr_32_inner_done_%=: \n\t"
         "str	r6, [sp, r5]\n\t"
         "mov	r6, r7\n\t"
         "mov	r7, r8\n\t"
         "mov	r8, #0\n\t"
         "add	r5, r5, #4\n\t"
-        "cmp	r5, #0xf8\n\t"
+        "cmp	r5, #0xf4\n\t"
         "ble	L_sp_1024_sqr_32_outer_%=\n\t"
+        "ldr	lr, [%[a], #124]\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mov	r11, r9\n\t"
+        "mul	r9, r11, r9\n\t"
+        "mov	r11, r10\n\t"
+        "mul	r10, r11, r10\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+        "lsr	r10, lr, #16\n\t"
+        "lsl	r9, lr, #16\n\t"
+        "lsr	r9, r9, #16\n\t"
+        "mul	r9, r10, r9\n\t"
+        "lsr	r10, r9, #15\n\t"
+        "lsl	r9, r9, #17\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#else
+        "umull	r9, r10, lr, lr\n\t"
+        "adds	r6, r6, r9\n\t"
+        "adc	r7, r7, r10\n\t"
+#endif
         "str	r6, [sp, r5]\n\t"
+        "add	r5, r5, #4\n\t"
+        "str	r7, [sp, r5]\n\t"
         "\n"
     "L_sp_1024_sqr_32_store_%=: \n\t"
-        "ldm	sp!, {r6, r7, r8, r9}\n\t"
-        "stm	%[r]!, {r6, r7, r8, r9}\n\t"
-        "subs	r5, r5, #16\n\t"
+        "ldm	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "stm	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "subs	r5, r5, #32\n\t"
         "bgt	L_sp_1024_sqr_32_store_%=\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -139770,16 +142508,15 @@ static const sp_point_1024 p1024_base = {
  */
 static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         "mov	r12, #0\n\t"
         "add	lr, %[a], #0x80\n\t"
         "\n"
     "L_sp_1024_sub_in_pkace_32_word_%=: \n\t"
-        "subs	r12, r10, r12\n\t"
+        "rsbs	r12, r12, #0\n\t"
         "ldm	%[a], {r2, r3, r4, r5}\n\t"
         "ldm	%[b]!, {r6, r7, r8, r9}\n\t"
         "sbcs	r2, r2, r6\n\t"
@@ -139787,13 +142524,13 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
         "sbcs	r4, r4, r8\n\t"
         "sbcs	r5, r5, r9\n\t"
         "stm	%[a]!, {r2, r3, r4, r5}\n\t"
-        "sbc	r12, r10, r10\n\t"
+        "sbc	r12, r12, r12\n\t"
         "cmp	%[a], lr\n\t"
         "bne	L_sp_1024_sub_in_pkace_32_word_%=\n\t"
         "mov	%[a], r12\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "r10"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r12", "lr", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -139810,10 +142547,10 @@ static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
  */
 static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r6, #0\n\t"
@@ -139834,7 +142571,7 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], r12\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -139850,10 +142587,10 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -139972,7 +142709,7 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "sbc	%[r], lr, lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -139987,9 +142724,9 @@ static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r3, #0\n\t"
@@ -140011,7 +142748,7 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
         "mov	%[r], r3\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -140026,15 +142763,14 @@ static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digi
  */
 static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
         "ldr	r8, [%[a]]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r5, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -140067,7 +142803,7 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
     "L_sp_1024_mul_d_32_word_%=: \n\t"
         /* A[i] * B */
         "ldr	r8, [%[a], r9]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -140112,7 +142848,7 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "str	r3, [%[r], #128]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -140125,15 +142861,14 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register sp_digit b asm ("r2") = b_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register sp_digit b asm ("r2") = (sp_digit)b_p;
 
     __asm__ __volatile__ (
-        "mov	r10, #0\n\t"
         /* A[0] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r3, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -140158,1211 +142893,971 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
 #else
         "umull	r3, r4, %[b], r8\n\t"
 #endif
+        "stm	%[r]!, {r3}\n\t"
         "mov	r5, #0\n\t"
-        "str	r3, [%[r]], #4\n\t"
         /* A[1] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[2] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[3] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[4] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[5] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[6] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[7] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[8] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[9] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[10] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[11] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[12] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[13] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[14] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[15] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[16] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[17] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[18] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[19] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[20] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[21] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[22] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[23] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[24] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[25] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[26] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[27] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[28] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r4, r4, r7\n\t"
-        "adcs	r5, r5, #0\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "add	r5, r5, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "adc	r3, r3, #0\n\t"
+        "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r7\n\t"
-        "mov	r3, #0\n\t"
-        "adc	r3, r3, #0\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
+        "mov	r3, #0\n\t"
         /* A[29] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r5, r5, r7\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "add	r3, r3, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "adc	r4, r4, #0\n\t"
+        "adc	r3, r3, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r7\n\t"
-        "mov	r4, #0\n\t"
-        "adc	r4, r4, #0\n\t"
+        "umlal	r5, r3, %[b], r8\n\t"
 #endif
-        "str	r5, [%[r]], #4\n\t"
+        "stm	%[r]!, {r5}\n\t"
+        "mov	r4, #0\n\t"
         /* A[30] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r7, r6, r7\n\t"
         "adds	r3, r3, r7\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, #0\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
         "lsr	r6, %[b], #16\n\t"
         "lsr	r7, r8, #16\n\t"
         "mul	r7, r6, r7\n\t"
-        "adds	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "add	r4, r4, r7\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r7, r7, #16\n\t"
         "mul	r6, r7, r6\n\t"
         "lsr	r7, r6, #16\n\t"
         "lsl	r6, r6, #16\n\t"
         "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "adc	r5, r5, #0\n\t"
+        "adc	r4, r4, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r7\n\t"
-        "mov	r5, #0\n\t"
-        "adc	r5, r5, #0\n\t"
+        "umlal	r3, r4, %[b], r8\n\t"
 #endif
-        "str	r3, [%[r]], #4\n\t"
+        "stm	%[r]!, {r3}\n\t"
+        "mov	r5, #0\n\t"
         /* A[31] * B */
-        "ldr	r8, [%[a]], #4\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+        "ldm	%[a]!, {r8}\n\t"
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r6, %[b], #16\n\t"
         "lsl	r7, r8, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -141388,15 +143883,13 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
         "adds	r4, r4, r6\n\t"
         "adc	r5, r5, r7\n\t"
 #else
-        "umull	r6, r7, %[b], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r7\n\t"
+        "umlal	r4, r5, %[b], r8\n\t"
 #endif
-        "str	r4, [%[r]], #4\n\t"
+        "stm	%[r]!, {r4}\n\t"
         "str	r5, [%[r]]\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -141413,9 +143906,9 @@ static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
  */
 static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	r6, %[div], #16\n\t"
@@ -141455,7 +143948,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "add	%[d1], r4, r3\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -141472,9 +143965,9 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
  */
 static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
 {
-    register sp_digit d1 asm ("r0") = d1_p;
-    register sp_digit d0 asm ("r1") = d0_p;
-    register sp_digit div asm ("r2") = div_p;
+    register sp_digit d1 asm ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 asm ("r1") = (sp_digit)d0_p;
+    register sp_digit div asm ("r2") = (sp_digit)div_p;
 
     __asm__ __volatile__ (
         "lsr	lr, %[div], #1\n\t"
@@ -141504,7 +143997,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "bpl	L_div_1024_word_32_bit_%=\n\t"
         "add	r3, r3, r3\n\t"
         "add	r3, r3, #1\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -141532,7 +144025,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -141560,7 +144053,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "subs	r7, %[d0], r4\n\t"
         "sbc	r8, %[d1], r5\n\t"
         "add	r3, r3, r8\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "lsl	r7, r3, #16\n\t"
         "lsl	r4, %[div], #16\n\t"
         "lsr	r7, r7, #16\n\t"
@@ -141593,7 +144086,7 @@ static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
         "sub	%[d1], r3, r6\n\t"
         : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -141638,8 +144131,8 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
  */
 static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
 {
-    register const sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* b asm ("r1") = b_p;
+    register const sp_digit* a asm ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r1") = (const sp_digit*)b_p;
 
     __asm__ __volatile__ (
         "mov	r2, #-1\n\t"
@@ -142022,7 +144515,7 @@ static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
         "mov	%[a], r2\n\t"
         : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -142036,8 +144529,8 @@ static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -142077,7 +144570,8 @@ static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_dig
  * m  A single precision number that is the modulus to reduce with.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static WC_INLINE int sp_1024_mod_32(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     return sp_1024_div_32(a, m, NULL, r);
 }
@@ -142170,14 +144664,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -142355,6 +144849,7 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
     return err;
 }
 
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
 /* Reduce the number back to 1024 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -142363,12 +144858,12 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
  */
 static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 {
-    register sp_digit* a asm ("r0") = a_p;
-    register const sp_digit* m asm ("r1") = m_p;
-    register sp_digit mp asm ("r2") = mp_p;
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
 
     __asm__ __volatile__ (
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
+#if !(defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4))
         "ldr	r11, [%[m]]\n\t"
 #endif
         /* i = 0 */
@@ -142381,10 +144876,9 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         /* mu = a[i] * mp */
         "mul	r8, %[mp], r12\n\t"
         /* a[i+0] += m[0] * mu */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m]]\n\t"
 #endif
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r7, r11, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r7\n\t"
@@ -142408,14 +144902,8 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r12, r12, r6\n\t"
         "adc	r5, r5, r7\n\t"
-#else
-        "umull	r6, r7, r8, r11\n\t"
-        "adds	r12, r12, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         /* a[i+1] += m[1] * mu */
         "ldr	r7, [%[m], #4]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r10\n\t"
@@ -142439,18 +144927,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r4, r4, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r4, r10, #0\n\t"
-#endif
         "mov	r12, lr\n\t"
         "adds	r12, r12, r5\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+2] += m[2] * mu */
         "ldr	r7, [%[m], #8]\n\t"
         "ldr	lr, [%[a], #8]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r10, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r10\n\t"
@@ -142474,17 +144956,11 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	lr, lr, r6\n\t"
         "adc	r5, r5, r10\n\t"
-#else
-        "umull	r6, r10, r8, r7\n\t"
-        "adds	lr, lr, r6\n\t"
-        "adc	r5, r10, #0\n\t"
-#endif
         "adds	lr, lr, r4\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+3] += m[3] * mu */
         "ldr	r7, [%[m], #12]\n\t"
         "ldr	r10, [%[a], #12]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142508,18 +144984,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #12]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+4] += m[4] * mu */
         "ldr	r7, [%[m], #16]\n\t"
         "ldr	r10, [%[a], #16]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142543,18 +145013,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #16]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+5] += m[5] * mu */
         "ldr	r7, [%[m], #20]\n\t"
         "ldr	r10, [%[a], #20]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142578,18 +145042,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #20]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+6] += m[6] * mu */
         "ldr	r7, [%[m], #24]\n\t"
         "ldr	r10, [%[a], #24]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142613,18 +145071,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #24]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+7] += m[7] * mu */
         "ldr	r7, [%[m], #28]\n\t"
         "ldr	r10, [%[a], #28]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142648,18 +145100,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #28]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+8] += m[8] * mu */
         "ldr	r7, [%[m], #32]\n\t"
         "ldr	r10, [%[a], #32]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142683,18 +145129,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #32]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+9] += m[9] * mu */
         "ldr	r7, [%[m], #36]\n\t"
         "ldr	r10, [%[a], #36]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142718,18 +145158,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #36]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+10] += m[10] * mu */
         "ldr	r7, [%[m], #40]\n\t"
         "ldr	r10, [%[a], #40]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142753,18 +145187,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #40]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+11] += m[11] * mu */
         "ldr	r7, [%[m], #44]\n\t"
         "ldr	r10, [%[a], #44]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142788,18 +145216,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #44]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+12] += m[12] * mu */
         "ldr	r7, [%[m], #48]\n\t"
         "ldr	r10, [%[a], #48]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142823,18 +145245,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #48]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+13] += m[13] * mu */
         "ldr	r7, [%[m], #52]\n\t"
         "ldr	r10, [%[a], #52]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142858,18 +145274,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #52]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+14] += m[14] * mu */
         "ldr	r7, [%[m], #56]\n\t"
         "ldr	r10, [%[a], #56]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142893,18 +145303,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #56]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+15] += m[15] * mu */
         "ldr	r7, [%[m], #60]\n\t"
         "ldr	r10, [%[a], #60]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142928,18 +145332,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #60]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+16] += m[16] * mu */
         "ldr	r7, [%[m], #64]\n\t"
         "ldr	r10, [%[a], #64]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -142963,18 +145361,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #64]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+17] += m[17] * mu */
         "ldr	r7, [%[m], #68]\n\t"
         "ldr	r10, [%[a], #68]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -142998,18 +145390,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #68]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+18] += m[18] * mu */
         "ldr	r7, [%[m], #72]\n\t"
         "ldr	r10, [%[a], #72]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143033,18 +145419,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #72]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+19] += m[19] * mu */
         "ldr	r7, [%[m], #76]\n\t"
         "ldr	r10, [%[a], #76]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143068,18 +145448,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #76]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+20] += m[20] * mu */
         "ldr	r7, [%[m], #80]\n\t"
         "ldr	r10, [%[a], #80]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143103,18 +145477,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #80]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+21] += m[21] * mu */
         "ldr	r7, [%[m], #84]\n\t"
         "ldr	r10, [%[a], #84]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143138,18 +145506,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #84]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+22] += m[22] * mu */
         "ldr	r7, [%[m], #88]\n\t"
         "ldr	r10, [%[a], #88]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143173,18 +145535,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #88]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+23] += m[23] * mu */
         "ldr	r7, [%[m], #92]\n\t"
         "ldr	r10, [%[a], #92]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143208,18 +145564,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #92]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+24] += m[24] * mu */
         "ldr	r7, [%[m], #96]\n\t"
         "ldr	r10, [%[a], #96]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143243,18 +145593,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #96]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+25] += m[25] * mu */
         "ldr	r7, [%[m], #100]\n\t"
         "ldr	r10, [%[a], #100]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143278,18 +145622,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #100]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+26] += m[26] * mu */
         "ldr	r7, [%[m], #104]\n\t"
         "ldr	r10, [%[a], #104]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143313,18 +145651,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #104]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+27] += m[27] * mu */
         "ldr	r7, [%[m], #108]\n\t"
         "ldr	r10, [%[a], #108]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143348,18 +145680,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #108]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+28] += m[28] * mu */
         "ldr	r7, [%[m], #112]\n\t"
         "ldr	r10, [%[a], #112]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143383,18 +145709,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #112]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+29] += m[29] * mu */
         "ldr	r7, [%[m], #116]\n\t"
         "ldr	r10, [%[a], #116]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r4, r6, r11\n\t"
@@ -143418,18 +145738,12 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r4, r4, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r4, r7, #0\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #116]\n\t"
         "adc	r4, r4, #0\n\t"
         /* a[i+30] += m[30] * mu */
         "ldr	r7, [%[m], #120]\n\t"
         "ldr	r10, [%[a], #120]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsr	r11, r7, #16\n\t"
         "lsr	r6, r8, #16\n\t"
         "mul	r5, r6, r11\n\t"
@@ -143453,22 +145767,16 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "lsl	r6, r6, #16\n\t"
         "adds	r10, r10, r6\n\t"
         "adc	r5, r5, r11\n\t"
-#else
-        "umull	r6, r7, r8, r7\n\t"
-        "adds	r10, r10, r6\n\t"
-        "adc	r5, r7, #0\n\t"
-#endif
         "adds	r10, r10, r4\n\t"
         "str	r10, [%[a], #120]\n\t"
         "adc	r5, r5, #0\n\t"
         /* a[i+31] += m[31] * mu */
-#if !(defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4))
-        "ldr	r7, [%[m], #124]\n\t"
-#else
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 4)
         "ldr	r11, [%[m], #124]\n\t"
+#else
+        "ldr	r7, [%[m], #124]\n\t"
 #endif
         "ldr	r10, [%[a], #124]\n\t"
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 4)
         "lsl	r6, r8, #16\n\t"
         "lsl	r7, r11, #16\n\t"
         "lsr	r6, r6, #16\n\t"
@@ -143499,13 +145807,306 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r4, r7\n\t"
         "adc	r3, r3, #0\n\t"
-#else
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #124]\n\t"
+        "ldr	r10, [%[a], #128]\n\t"
+        "adcs	r10, r10, r4\n\t"
+        "str	r10, [%[a], #128]\n\t"
+        "adc	r3, r3, #0\n\t"
+        /* i += 1 */
+        "add	r9, r9, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r9, #0x80\n\t"
+        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
+        "str	r12, [%[a]]\n\t"
+        "str	lr, [%[a], #4]\n\t"
+        "ldr	r6, [%[m], #124]\n\t"
+        "subs	r10, r6, r10\n\t"
+        "neg	r3, r3\n\t"
+        "sbc	r10, r10, r10\n\t"
+        "orr	r3, r3, r10\n\t"
+        "mov	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#elif defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        "ldr	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "mov	r9, #0\n\t"
+        "mov	r3, #0\n\t"
+        "ldr	r12, [%[a]]\n\t"
+        "ldr	lr, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_1024_mont_reduce_32_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r8, %[mp], r12\n\t"
+        /* a[i+0] += m[0] * mu */
+        "mov	r5, #0\n\t"
+        "umlal	r12, r5, r8, r11\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r7, [%[m], #4]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	lr, r4, r8, r7\n\t"
+        "mov	r12, lr\n\t"
+        "adds	r12, r12, r5\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r7, [%[m], #8]\n\t"
+        "ldr	lr, [%[a], #8]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	lr, r5, r8, r7\n\t"
+        "adds	lr, lr, r4\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r7, [%[m], #12]\n\t"
+        "ldr	r10, [%[a], #12]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #12]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r7, [%[m], #16]\n\t"
+        "ldr	r10, [%[a], #16]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #16]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r7, [%[m], #20]\n\t"
+        "ldr	r10, [%[a], #20]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #20]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r7, [%[m], #24]\n\t"
+        "ldr	r10, [%[a], #24]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #24]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r7, [%[m], #28]\n\t"
+        "ldr	r10, [%[a], #28]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #28]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r7, [%[m], #32]\n\t"
+        "ldr	r10, [%[a], #32]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #32]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r7, [%[m], #36]\n\t"
+        "ldr	r10, [%[a], #36]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #36]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r7, [%[m], #40]\n\t"
+        "ldr	r10, [%[a], #40]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #40]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r7, [%[m], #44]\n\t"
+        "ldr	r10, [%[a], #44]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #44]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r7, [%[m], #48]\n\t"
+        "ldr	r10, [%[a], #48]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #48]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r7, [%[m], #52]\n\t"
+        "ldr	r10, [%[a], #52]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #52]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r7, [%[m], #56]\n\t"
+        "ldr	r10, [%[a], #56]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #56]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r7, [%[m], #60]\n\t"
+        "ldr	r10, [%[a], #60]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #60]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r7, [%[m], #64]\n\t"
+        "ldr	r10, [%[a], #64]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #64]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r7, [%[m], #68]\n\t"
+        "ldr	r10, [%[a], #68]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #68]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r7, [%[m], #72]\n\t"
+        "ldr	r10, [%[a], #72]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #72]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r7, [%[m], #76]\n\t"
+        "ldr	r10, [%[a], #76]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #76]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r7, [%[m], #80]\n\t"
+        "ldr	r10, [%[a], #80]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #80]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r7, [%[m], #84]\n\t"
+        "ldr	r10, [%[a], #84]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #84]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r7, [%[m], #88]\n\t"
+        "ldr	r10, [%[a], #88]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #88]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r7, [%[m], #92]\n\t"
+        "ldr	r10, [%[a], #92]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #92]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r7, [%[m], #96]\n\t"
+        "ldr	r10, [%[a], #96]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #96]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r7, [%[m], #100]\n\t"
+        "ldr	r10, [%[a], #100]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #100]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r7, [%[m], #104]\n\t"
+        "ldr	r10, [%[a], #104]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #104]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r7, [%[m], #108]\n\t"
+        "ldr	r10, [%[a], #108]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #108]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r7, [%[m], #112]\n\t"
+        "ldr	r10, [%[a], #112]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #112]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r7, [%[m], #116]\n\t"
+        "ldr	r10, [%[a], #116]\n\t"
+        "mov	r4, #0\n\t"
+        "umlal	r10, r4, r8, r7\n\t"
+        "adds	r10, r10, r5\n\t"
+        "str	r10, [%[a], #116]\n\t"
+        "adc	r4, r4, #0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r7, [%[m], #120]\n\t"
+        "ldr	r10, [%[a], #120]\n\t"
+        "mov	r5, #0\n\t"
+        "umlal	r10, r5, r8, r7\n\t"
+        "adds	r10, r10, r4\n\t"
+        "str	r10, [%[a], #120]\n\t"
+        "adc	r5, r5, #0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r7, [%[m], #124]\n\t"
+        "ldr	r10, [%[a], #124]\n\t"
         "umull	r6, r7, r8, r7\n\t"
         "adds	r5, r5, r6\n\t"
         "adcs	r4, r7, r3\n\t"
         "mov	r3, #0\n\t"
         "adc	r3, r3, r3\n\t"
-#endif
         "adds	r10, r10, r5\n\t"
         "str	r10, [%[a], #124]\n\t"
         "ldr	r10, [%[a], #128]\n\t"
@@ -143517,6 +146118,7 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "add	%[a], %[a], #4\n\t"
         "cmp	r9, #0x80\n\t"
         "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
         "str	r12, [%[a]]\n\t"
         "str	lr, [%[a], #4]\n\t"
         "ldr	r6, [%[m], #124]\n\t"
@@ -143527,11 +146129,222 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
         "mov	%[mp], r3\n\t"
         : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
     sp_1024_cond_sub_32(a - 32, a, m, mp);
 }
 
+#else
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+{
+    register sp_digit* a asm ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m asm ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp asm ("r2") = (sp_digit)mp_p;
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "mov	r12, #0\n\t"
+        "mov	lr, #0\n\t"
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[a], #4]\n\t"
+        "ldr	r6, [%[a], #8]\n\t"
+        "ldr	r7, [%[a], #12]\n\t"
+        "ldr	r8, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_1024_mont_reduce_32_word_%=: \n\t"
+        /* mu = a[i] * mp */
+        "mul	r11, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "ldr	r10, [%[m]]\n\t"
+        "mov	r3, #0\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+1] += m[1] * mu */
+        "ldr	r10, [%[m], #4]\n\t"
+        "mov	r4, r5\n\t"
+        "umaal	r4, r3, r11, r10\n\t"
+        /* a[i+2] += m[2] * mu */
+        "ldr	r10, [%[m], #8]\n\t"
+        "mov	r5, r6\n\t"
+        "umaal	r5, r3, r11, r10\n\t"
+        /* a[i+3] += m[3] * mu */
+        "ldr	r10, [%[m], #12]\n\t"
+        "mov	r6, r7\n\t"
+        "umaal	r6, r3, r11, r10\n\t"
+        /* a[i+4] += m[4] * mu */
+        "ldr	r10, [%[m], #16]\n\t"
+        "mov	r7, r8\n\t"
+        "umaal	r7, r3, r11, r10\n\t"
+        /* a[i+5] += m[5] * mu */
+        "ldr	r10, [%[m], #20]\n\t"
+        "ldr	r8, [%[a], #20]\n\t"
+        "umaal	r8, r3, r11, r10\n\t"
+        /* a[i+6] += m[6] * mu */
+        "ldr	r10, [%[m], #24]\n\t"
+        "ldr	r9, [%[a], #24]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "ldr	r10, [%[m], #28]\n\t"
+        "ldr	r9, [%[a], #28]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "ldr	r10, [%[m], #32]\n\t"
+        "ldr	r9, [%[a], #32]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "ldr	r10, [%[m], #36]\n\t"
+        "ldr	r9, [%[a], #36]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "ldr	r10, [%[m], #40]\n\t"
+        "ldr	r9, [%[a], #40]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "ldr	r10, [%[m], #44]\n\t"
+        "ldr	r9, [%[a], #44]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "ldr	r10, [%[m], #48]\n\t"
+        "ldr	r9, [%[a], #48]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "ldr	r10, [%[m], #52]\n\t"
+        "ldr	r9, [%[a], #52]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "ldr	r10, [%[m], #56]\n\t"
+        "ldr	r9, [%[a], #56]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "ldr	r10, [%[m], #60]\n\t"
+        "ldr	r9, [%[a], #60]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "ldr	r10, [%[m], #64]\n\t"
+        "ldr	r9, [%[a], #64]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "ldr	r10, [%[m], #68]\n\t"
+        "ldr	r9, [%[a], #68]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "ldr	r10, [%[m], #72]\n\t"
+        "ldr	r9, [%[a], #72]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "ldr	r10, [%[m], #76]\n\t"
+        "ldr	r9, [%[a], #76]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "ldr	r10, [%[m], #80]\n\t"
+        "ldr	r9, [%[a], #80]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "ldr	r10, [%[m], #84]\n\t"
+        "ldr	r9, [%[a], #84]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "ldr	r10, [%[m], #88]\n\t"
+        "ldr	r9, [%[a], #88]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "ldr	r10, [%[m], #92]\n\t"
+        "ldr	r9, [%[a], #92]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "ldr	r10, [%[m], #96]\n\t"
+        "ldr	r9, [%[a], #96]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "ldr	r10, [%[m], #100]\n\t"
+        "ldr	r9, [%[a], #100]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "ldr	r10, [%[m], #104]\n\t"
+        "ldr	r9, [%[a], #104]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "ldr	r10, [%[m], #108]\n\t"
+        "ldr	r9, [%[a], #108]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "ldr	r10, [%[m], #112]\n\t"
+        "ldr	r9, [%[a], #112]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "ldr	r10, [%[m], #116]\n\t"
+        "ldr	r9, [%[a], #116]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "ldr	r10, [%[m], #120]\n\t"
+        "ldr	r9, [%[a], #120]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "str	r9, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "ldr	r10, [%[m], #124]\n\t"
+        "ldr	r9, [%[a], #124]\n\t"
+        "umaal	r9, r3, r11, r10\n\t"
+        "ldr	r11, [%[a], #128]\n\t"
+        "mov	r10, #0\n\t"
+        "umaal	r3, r11, r10, r10\n\t"
+        "str	r9, [%[a], #124]\n\t"
+        "adds	r3, r3, lr\n\t"
+        "adc	lr, r11, #0\n\t"
+        "str	r3, [%[a], #128]\n\t"
+        /* i += 1 */
+        "add	r12, r12, #4\n\t"
+        "add	%[a], %[a], #4\n\t"
+        "cmp	r12, #0x80\n\t"
+        "blt	L_sp_1024_mont_reduce_32_word_%=\n\t"
+        /* Loop Done */
+        "str	r4, [%[a]]\n\t"
+        "str	r5, [%[a], #4]\n\t"
+        "str	r6, [%[a], #8]\n\t"
+        "str	r7, [%[a], #12]\n\t"
+        "str	r8, [%[a], #16]\n\t"
+        "ldr	r10, [%[m], #124]\n\t"
+        "subs	r3, r10, r3\n\t"
+        "neg	lr, lr\n\t"
+        "sbc	r3, r3, r3\n\t"
+        "orr	lr, lr, r3\n\t"
+        "mov	%[mp], lr\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
+    );
+    sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -143539,7 +146352,7 @@ static SP_NOINLINE void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -143553,7 +146366,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -143678,10 +146491,10 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
  */
 static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register const sp_digit* m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -143747,7 +146560,7 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "neg	r12, r12\n\t"
         "sbc	r11, r11, r11\n\t"
         "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r11\n\t"
+        "orr	r12, r12, r11\n\t"
         "ldm	%[r], {r4, r5, r6, r7}\n\t"
         "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
         "and	r8, r8, r12\n\t"
@@ -143838,7 +146651,7 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "stm	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -143850,9 +146663,9 @@ static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -143902,7 +146715,7 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "neg	r12, r12\n\t"
         "sbc	r4, r4, r4\n\t"
         "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r4\n\t"
+        "orr	r12, r12, r4\n\t"
         "ldm	%[r], {r4, r5, r6, r7}\n\t"
         "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
         "and	r8, r8, r12\n\t"
@@ -143993,7 +146806,7 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "stm	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12"
+        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
     );
 }
 
@@ -144005,9 +146818,9 @@ static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* m asm ("r2") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m asm ("r2") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
         "mov	r12, #0\n\t"
@@ -144057,7 +146870,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "neg	r12, r12\n\t"
         "sbc	r4, r4, r4\n\t"
         "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r4\n\t"
+        "orr	r12, r12, r4\n\t"
         "ldm	%[r], {r4, r5, r6, r7}\n\t"
         "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
         "and	r8, r8, r12\n\t"
@@ -144212,7 +147025,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "neg	r12, r12\n\t"
         "sbc	r7, r7, r7\n\t"
         "sub	%[r], %[r], #0x80\n\t"
-        "orr	r12, r7\n\t"
+        "orr	r12, r12, r7\n\t"
         "ldm	%[r], {r4, r5, r6, r7}\n\t"
         "ldm	%[m]!, {r8, r9, r10, r11}\n\t"
         "and	r8, r8, r12\n\t"
@@ -144303,7 +147116,7 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "stm	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12"
+        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
     );
 }
 
@@ -144316,10 +147129,10 @@ static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register const sp_digit* m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m asm ("r3") = (const sp_digit*)m_p;
 
     __asm__ __volatile__ (
         "ldm	%[a]!, {r4, r5, r6, r7}\n\t"
@@ -144470,11 +147283,10 @@ static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
         "stm	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
 #ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
@@ -144486,10 +147298,10 @@ static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_dig
  */
 static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	lr, #0\n\t"
@@ -144510,7 +147322,7 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "mov	%[r], lr\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -144526,10 +147338,10 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
  */
 static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-    register sp_digit m asm ("r3") = m_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b asm ("r2") = (const sp_digit*)b_p;
+    register sp_digit m asm ("r3") = (sp_digit)m_p;
 
     __asm__ __volatile__ (
         "mov	r8, #0\n\t"
@@ -144648,7 +147460,7 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
         "adc	%[r], r8, r8\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r12", "lr", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -144656,8 +147468,8 @@ static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp
 #endif /* WOLFSSL_SP_SMALL */
 static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
 {
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
+    register sp_digit* r asm ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a asm ("r1") = (const sp_digit*)a_p;
 
     __asm__ __volatile__ (
         "ldm	%[a], {r2, r3}\n\t"
@@ -144788,7 +147600,7 @@ static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
         "str	r3, [%[r], #124]\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -144798,7 +147610,7 @@ static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_1024_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
     sp_digit o;
 
@@ -144851,7 +147663,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_32(t2, t2, p1024_mod);
+    sp_1024_mont_div2_32(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -144861,7 +147673,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_32(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+    sp_1024_mont_sub_32(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -144884,7 +147696,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -144958,7 +147771,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -144983,7 +147796,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -145008,122 +147821,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "mov	r12, #0\n\t"
-        "add	lr, %[a], #0x80\n\t"
-        "\n"
-    "L_sp_1024_sub_32_word_%=: \n\t"
-        "rsbs	r12, r12, #0\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	r12, r3, r3\n\t"
-        "cmp	%[a], lr\n\t"
-        "bne	L_sp_1024_sub_32_word_%=\n\t"
-        "mov	%[r], r12\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "lr"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
-{
-    register sp_digit* r asm ("r0") = r_p;
-    register const sp_digit* a asm ("r1") = a_p;
-    register const sp_digit* b asm ("r2") = b_p;
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "subs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4, r5, r6}\n\t"
-        "ldm	%[b]!, {r7, r8, r9, r10}\n\t"
-        "sbcs	r3, r3, r7\n\t"
-        "sbcs	r4, r4, r8\n\t"
-        "sbcs	r5, r5, r9\n\t"
-        "sbcs	r6, r6, r10\n\t"
-        "stm	%[r]!, {r3, r4, r5, r6}\n\t"
-        "sbc	%[r], r6, r6\n\t"
-        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
 /* Compare two numbers to determine if they are equal.
  * Constant time implementation.
  *
@@ -145171,12 +147868,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
 static void sp_1024_proj_point_add_32(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*32;
+    sp_digit* t2 = t + 4*32;
+    sp_digit* t3 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -145198,17 +147895,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -145227,20 +147916,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_mont_dbl_32(t3, y, p1024_mod);
         sp_1024_mont_sub_32(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+        sp_1024_mont_sub_32(y, y, x, p1024_mod);
         sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -145286,12 +147986,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->t3 = t + 4*32;
-        ctx->t4 = t + 6*32;
-        ctx->t5 = t + 8*32;
-        ctx->t6 = t + 10*32;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*32;
+        ctx->t2 = t + 4*32;
+        ctx->t3 = t + 6*32;
+        ctx->t4 = t + 8*32;
+        ctx->t5 = t + 10*32;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -145398,7 +148098,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -145411,22 +148111,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -145586,8 +148292,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
 }
 
 #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -145626,7 +148330,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+        sp_1024_mont_tpl_32(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -145635,8 +148339,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         sp_1024_mont_dbl_32(t2, b, p1024_mod);
         sp_1024_mont_sub_32(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_32(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -145656,7 +148360,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+    sp_1024_mont_tpl_32(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -145665,8 +148369,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_dbl_32(t2, b, p1024_mod);
     sp_1024_mont_sub_32(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_32(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -145676,7 +148380,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_sub_32(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_32(y, y, p1024_mod);
+    sp_1024_mont_div2_32(y, y, p1024_mod);
 }
 
 /* Convert the projective point to affine.
@@ -145722,12 +148426,12 @@ typedef struct sp_table_entry_1024 {
 static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*32;
+    sp_digit* t6 = t + 4*32;
+    sp_digit* t1 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -145743,13 +148447,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -145758,33 +148458,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_32(t1, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -146015,7 +148722,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -146086,8 +148793,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -146370,7 +149077,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -146441,8 +149148,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -150196,7 +152903,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -150218,7 +152925,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -150434,7 +153141,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -150460,7 +153167,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_32(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -152481,7 +155188,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -152596,7 +155303,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_32(t1, ty, p1024_mod);
+    sp_1024_mont_div2_32(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -152616,7 +155323,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_32(t1, t1, p1024_mod);
+    sp_1024_mont_div2_32(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -153034,7 +155741,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_32(t1, ty, p1024_mod);
+        sp_1024_mont_div2_32(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -153072,7 +155779,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_32(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -153883,7 +156590,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -153912,19 +156619,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 32;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_32(t1, point->y);
         (void)sp_1024_mod_32(t1, t1, p1024_mod);
         sp_1024_sqr_32(t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
         sp_1024_mul_32(t2, t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        (void)sp_1024_sub_32(t2, p1024_mod, t2);
-        sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_32(t1, p1024_mod);
         sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
         sp_1024_norm_32(t1);
@@ -153941,7 +156650,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
index ff0beb58..ed66e6d1 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_arm64.c
@@ -52,6 +52,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifdef WOLFSSL_SP_ARM64_ASM
 #define SP_PRINT_NUM(var, name, total, words, bits)         \
     do {                                                    \
@@ -89,7 +99,7 @@ static void sp_2048_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -193,14 +203,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -758,7 +768,7 @@ static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 32]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 48]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -906,7 +916,7 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 96]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 112]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -1237,7 +1247,7 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 224]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 240]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -2489,7 +2499,7 @@ static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -2681,7 +2691,7 @@ static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -2848,7 +2858,7 @@ static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -3339,7 +3349,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m,
         "umulh	x8, x10, x9\n\t"
         "adds	x6, x6, x7\n\t"
         "adcs	x8, x8, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x27, x28, x6\n\t"
         "ldr	x28, [%[a], 128]\n\t"
         "adcs	x28, x28, x8\n\t"
@@ -3414,7 +3424,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3428,7 +3438,7 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -3719,7 +3729,7 @@ static void sp_2048_mul_d_16(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -3967,8 +3977,8 @@ static sp_int64 sp_2048_cmp_16(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_16(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[32], t2[17];
     sp_digit div, r1;
@@ -4642,7 +4652,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
         "ldp	x8, x9, [%[a], 248]\n\t"
         "adds	x5, x5, x6\n\t"
         "adcs	x7, x7, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x8, x8, x5\n\t"
         "str	x8, [%[a], 248]\n\t"
         "adcs	x9, x9, x7\n\t"
@@ -4776,7 +4786,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4790,7 +4800,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -4939,7 +4949,7 @@ static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
 #endif /* WOLFSSL_SP_SMALL */
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -5007,8 +5017,8 @@ static sp_digit div_2048_word_32_cond(sp_digit d1, sp_digit d0, sp_digit div)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_32_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -5230,7 +5240,7 @@ static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_dig
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -5574,8 +5584,8 @@ static sp_int64 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -6982,7 +6992,7 @@ static void sp_3072_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -7086,14 +7096,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -7475,7 +7485,7 @@ static sp_digit sp_3072_add_6(sp_digit* r, const sp_digit* a,
         "adcs	x4, x4, x8\n\t"
         "str	x3, [%[r], 32]\n\t"
         "str	x4, [%[r], 40]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -7601,7 +7611,7 @@ static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 64]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 80]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -7877,7 +7887,7 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 160]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 176]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -8318,7 +8328,7 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 352]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 368]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -11292,7 +11302,7 @@ static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -11484,7 +11494,7 @@ static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -11651,7 +11661,7 @@ static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -12354,7 +12364,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m,
         "ldp	x8, x9, [%[a], 184]\n\t"
         "adds	x5, x5, x6\n\t"
         "adcs	x7, x7, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x8, x8, x5\n\t"
         "str	x8, [%[a], 184]\n\t"
         "adcs	x9, x9, x7\n\t"
@@ -12460,7 +12470,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -12474,7 +12484,7 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -12862,7 +12872,7 @@ static void sp_3072_mul_d_24(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -13158,8 +13168,8 @@ static sp_int64 sp_3072_cmp_24(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_24(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[48], t2[25];
     sp_digit div, r1;
@@ -13977,7 +13987,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
         "ldp	x8, x9, [%[a], 376]\n\t"
         "adds	x5, x5, x6\n\t"
         "adcs	x7, x7, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x8, x8, x5\n\t"
         "str	x8, [%[a], 376]\n\t"
         "adcs	x9, x9, x7\n\t"
@@ -14167,7 +14177,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14181,7 +14191,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -14370,7 +14380,7 @@ static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
 #endif /* WOLFSSL_SP_SMALL */
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -14438,8 +14448,8 @@ static sp_digit div_3072_word_48_cond(sp_digit d1, sp_digit d0, sp_digit div)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_48_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[96], t2[49];
     sp_digit div, r1;
@@ -14717,7 +14727,7 @@ static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_dig
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -15157,8 +15167,8 @@ static sp_int64 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[96], t2[49];
     sp_digit div, r1;
@@ -16585,7 +16595,7 @@ static void sp_4096_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -16689,14 +16699,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -17234,7 +17244,7 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 480]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 496]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -17476,7 +17486,7 @@ static sp_digit sp_4096_add_64(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -17641,7 +17651,7 @@ static void sp_4096_sqr_64(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -18840,7 +18850,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m,
         "ldp	x8, x9, [%[a], 504]\n\t"
         "adds	x5, x5, x6\n\t"
         "adcs	x7, x7, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x8, x8, x5\n\t"
         "str	x8, [%[a], 504]\n\t"
         "adcs	x9, x9, x7\n\t"
@@ -19086,7 +19096,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -19100,7 +19110,7 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -19329,7 +19339,7 @@ static sp_digit sp_4096_sub_64(sp_digit* r, const sp_digit* a,
 #endif /* WOLFSSL_SP_SMALL */
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -19397,8 +19407,8 @@ static sp_digit div_4096_word_64_cond(sp_digit d1, sp_digit d0, sp_digit div)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_64_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -19732,7 +19742,7 @@ static sp_digit sp_4096_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_dig
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -20268,8 +20278,8 @@ static sp_int64 sp_4096_cmp_64(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_64(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -21862,114 +21872,104 @@ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
+SP_NOINLINE static void sp_256_mul_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* b)
 {
-    sp_digit tmp[4];
-
     __asm__ __volatile__ (
-        "ldp       x16, x17, [%[a], 0]\n\t"
-        "ldp       x21, x22, [%[b], 0]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul       x8, x16, x21\n\t"
-        "ldr       x19, [%[a], 16]\n\t"
-        "umulh     x9, x16, x21\n\t"
-        "ldr       x23, [%[b], 16]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul       x4, x16, x22\n\t"
-        "ldr       x20, [%[a], 24]\n\t"
-        "umulh     x5, x16, x22\n\t"
-        "ldr       x24, [%[b], 24]\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul       x4, x17, x21\n\t"
-        "adc   x10, xzr, x5\n\t"
-        "umulh     x5, x17, x21\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul       x4, x16, x23\n\t"
-        "adcs   x10, x10, x5\n\t"
-        "umulh     x5, x16, x23\n\t"
-        "adc     x11, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul       x4, x17, x22\n\t"
-        "adc   x11, x11, x5\n\t"
-        "umulh     x5, x17, x22\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul       x4, x19, x21\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x19, x21\n\t"
-        "adc     x12, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul       x4, x16, x24\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x16, x24\n\t"
-        "adc     x12, x12, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul       x4, x17, x23\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x17, x23\n\t"
-        "adc     x13, xzr, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul       x4, x19, x22\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x19, x22\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul       x4, x20, x21\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x20, x21\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul       x4, x17, x24\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x17, x24\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul       x4, x19, x23\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x19, x23\n\t"
-        "adc     x14, xzr, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul       x4, x20, x22\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x20, x22\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul       x4, x19, x24\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x19, x24\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul       x4, x20, x23\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x20, x23\n\t"
-        "adc     x15, xzr, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul       x4, x20, x24\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x20, x24\n\t"
-        "adc     x15, x15, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "adc   x15, x15, x5\n\t"
-        "stp	x8, x9, [%[r], 0]\n\t"
-        "stp	x10, x11, [%[r], 16]\n\t"
-        "stp	x12, x13, [%[r], 32]\n\t"
-        "stp	x14, x15, [%[r], 48]\n\t"
+        "ldp	x13, x14, [%[a], 0]\n\t"
+        "ldp	x15, x16, [%[a], 16]\n\t"
+        "ldp	x17, x19, [%[b], 0]\n\t"
+        "ldp	x20, x21, [%[b], 16]\n\t"
+        "# A[0] * B[0]\n\t"
+        "umulh	x6, x13, x17\n\t"
+        "mul	x5, x13, x17\n\t"
+        "# A[2] * B[0]\n\t"
+        "umulh	x8, x15, x17\n\t"
+        "mul	x7, x15, x17\n\t"
+        "# A[1] * B[0]\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "adc	x8, x8, xzr\n\t"
+        "# A[0] * B[2]\n\t"
+        "mul	x3, x13, x20\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x13, x20\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[1] * B[3]\n\t"
+        "mul	x9, x14, x21\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "umulh	x10, x14, x21\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[0] * B[1]\n\t"
+        "mul	x3, x13, x19\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x13, x19\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "# A[2] * B[1]\n\t"
+        "mul	x3, x15, x19\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "umulh	x4, x15, x19\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[1] * B[2]\n\t"
+        "mul	x3, x14, x20\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x20\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[1] * B[1]\n\t"
+        "mul	x3, x14, x19\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x19\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[3] * B[1]\n\t"
+        "mul	x3, x16, x19\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x4, x16, x19\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "# A[2] * B[2]\n\t"
+        "mul	x3, x15, x20\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x15, x20\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "# A[3] * B[3]\n\t"
+        "mul	x3, x16, x21\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "umulh	x12, x16, x21\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[0] * B[3]\n\t"
+        "mul	x3, x13, x21\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x13, x21\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[2] * B[3]\n\t"
+        "mul	x3, x15, x21\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x15, x21\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[3] * B[0]\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[3] * B[2]\n\t"
+        "mul	x3, x16, x20\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x16, x20\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "stp	x5, x6, [%[r], 0]\n\t"
+        "stp	x7, x8, [%[r], 16]\n\t"
+        "stp	x9, x10, [%[r], 32]\n\t"
+        "stp	x11, x12, [%[r], 48]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
-        : "memory", "x4", "x5", "x6", "x7", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
     );
 }
 
@@ -21979,75 +21979,71 @@ static void sp_256_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
  * r  A single precision integer.
  * a  A single precision integer.
  */
-static void sp_256_sqr_4(sp_digit* r, const sp_digit* a)
+SP_NOINLINE static void sp_256_sqr_4(sp_digit* r, const sp_digit* a)
 {
     __asm__ __volatile__ (
-        "ldp       x16, x17, [%[a], 0]\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul	x9, x16, x17\n\t"
-        "ldr       x19, [%[a], 16]\n\t"
-        "umulh	x10, x16, x17\n\t"
-        "ldr       x20, [%[a], 24]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul	x4, x16, x19\n\t"
-        "umulh	x5, x16, x19\n\t"
-        "adds	x10, x10, x4\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul	x4, x16, x20\n\t"
-        "adc	x11, xzr, x5\n\t"
-        "umulh	x5, x16, x20\n\t"
-        "adds	x11, x11, x4\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul	x4, x17, x19\n\t"
-        "adc	x12, xzr, x5\n\t"
-        "umulh	x5, x17, x19\n\t"
-        "adds	x11, x11, x4\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul	x4, x17, x20\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x17, x20\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul	x4, x19, x20\n\t"
-        "adc	x13, x13, x5\n\t"
-        "umulh	x5, x19, x20\n\t"
-        "adds	x13, x13, x4\n\t"
-        "adc	x14, xzr, x5\n\t"
+        "ldp	x12, x13, [%[a], 0]\n\t"
+        "ldp	x14, x15, [%[a], 16]\n\t"
+        "# A[0] * A[1]\n\t"
+        "umulh	x6, x12, x13\n\t"
+        "mul	x5, x12, x13\n\t"
+        "# A[0] * A[3]\n\t"
+        "umulh	x8, x12, x15\n\t"
+        "mul	x7, x12, x15\n\t"
+        "# A[0] * A[2]\n\t"
+        "mul	x2, x12, x14\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# A[1] * A[3]\n\t"
+        "mul	x2, x13, x15\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x9, x13, x15\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "# A[1] * A[2]\n\t"
+        "mul	x2, x13, x14\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x14\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# A[2] * A[3]\n\t"
+        "mul	x2, x14, x15\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x10, x14, x15\n\t"
+        "adc	x10, x10, xzr\n\t"
         "# Double\n\t"
-        "adds	x9, x9, x9\n\t"
+        "adds	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adcs	x7, x7, x7\n\t"
+        "adcs	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
         "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adcs	x12, x12, x12\n\t"
-        "adcs	x13, x13, x13\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul	x8, x16, x16\n\t"
-        "adcs	x14, x14, x14\n\t"
-        "umulh	x3, x16, x16\n\t"
-        "cset	x15, cs\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul	x4, x17, x17\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x5, x17, x17\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul	x6, x19, x19\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x7, x19, x19\n\t"
-        "adcs	x12, x12, x6\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul	x16, x20, x20\n\t"
-        "adcs	x13, x13, x7\n\t"
-        "umulh	x17, x20, x20\n\t"
-        "adcs	x14, x14, x16\n\t"
-        "adc	x15, x15, x17\n\t"
-        "stp	x8, x9, [%[r], 0]\n\t"
-        "stp	x10, x11, [%[r], 16]\n\t"
-        "stp	x12, x13, [%[r], 32]\n\t"
-        "stp	x14, x15, [%[r], 48]\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[0] * A[0]\n\t"
+        "umulh	x3, x12, x12\n\t"
+        "mul	x4, x12, x12\n\t"
+        "# A[1] * A[1]\n\t"
+        "mul	x2, x13, x13\n\t"
+        "adds	x5, x5, x3\n\t"
+        "umulh	x3, x13, x13\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "# A[2] * A[2]\n\t"
+        "mul	x2, x14, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "umulh	x3, x14, x14\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "# A[3] * A[3]\n\t"
+        "mul	x2, x15, x15\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x3, x15, x15\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "adc	x11, x11, x3\n\t"
+        "stp	x4, x5, [%[r], 0]\n\t"
+        "stp	x6, x7, [%[r], 16]\n\t"
+        "stp	x8, x9, [%[r], 32]\n\t"
+        "stp	x10, x11, [%[r], 48]\n\t"
         :
         : [r] "r" (r), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "cc"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
     );
 }
 
@@ -22071,7 +22067,7 @@ static sp_digit sp_256_add_4(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 0]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 16]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -22198,14 +22194,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -22424,183 +22420,173 @@ static void sp_256_cond_copy_4(sp_digit* r, const sp_digit* a, sp_digit m)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m, sp_digit mp)
 {
     (void)m;
     (void)mp;
 
     __asm__ __volatile__ (
-        "ldp       x16, x17, [%[a], 0]\n\t"
-        "ldp       x21, x22, [%[b], 0]\n\t"
-        "#  A[0] * B[0]\n\t"
-        "mul       x8, x16, x21\n\t"
-        "ldr       x19, [%[a], 16]\n\t"
-        "umulh     x9, x16, x21\n\t"
-        "ldr       x23, [%[b], 16]\n\t"
-        "#  A[0] * B[1]\n\t"
-        "mul       x4, x16, x22\n\t"
-        "ldr       x20, [%[a], 24]\n\t"
-        "umulh     x5, x16, x22\n\t"
-        "ldr       x24, [%[b], 24]\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[1] * B[0]\n\t"
-        "mul       x4, x17, x21\n\t"
-        "adc   x10, xzr, x5\n\t"
-        "umulh     x5, x17, x21\n\t"
-        "adds  x9, x9, x4\n\t"
-        "#  A[0] * B[2]\n\t"
-        "mul       x4, x16, x23\n\t"
-        "adcs   x10, x10, x5\n\t"
-        "umulh     x5, x16, x23\n\t"
-        "adc     x11, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[1] * B[1]\n\t"
-        "mul       x4, x17, x22\n\t"
-        "adc   x11, x11, x5\n\t"
-        "umulh     x5, x17, x22\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[2] * B[0]\n\t"
-        "mul       x4, x19, x21\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x19, x21\n\t"
-        "adc     x12, xzr, xzr\n\t"
-        "adds  x10, x10, x4\n\t"
-        "#  A[0] * B[3]\n\t"
-        "mul       x4, x16, x24\n\t"
-        "adcs   x11, x11, x5\n\t"
-        "umulh     x5, x16, x24\n\t"
-        "adc     x12, x12, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[1] * B[2]\n\t"
-        "mul       x4, x17, x23\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x17, x23\n\t"
-        "adc     x13, xzr, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[2] * B[1]\n\t"
-        "mul       x4, x19, x22\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x19, x22\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[3] * B[0]\n\t"
-        "mul       x4, x20, x21\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x20, x21\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x11, x11, x4\n\t"
-        "#  A[1] * B[3]\n\t"
-        "mul       x4, x17, x24\n\t"
-        "adcs   x12, x12, x5\n\t"
-        "umulh     x5, x17, x24\n\t"
-        "adc     x13, x13, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[2] * B[2]\n\t"
-        "mul       x4, x19, x23\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x19, x23\n\t"
-        "adc     x14, xzr, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[3] * B[1]\n\t"
-        "mul       x4, x20, x22\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x20, x22\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x12, x12, x4\n\t"
-        "#  A[2] * B[3]\n\t"
-        "mul       x4, x19, x24\n\t"
-        "adcs   x13, x13, x5\n\t"
-        "umulh     x5, x19, x24\n\t"
-        "adc     x14, x14, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[3] * B[2]\n\t"
-        "mul       x4, x20, x23\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x20, x23\n\t"
-        "adc     x15, xzr, xzr\n\t"
-        "adds  x13, x13, x4\n\t"
-        "#  A[3] * B[3]\n\t"
-        "mul       x4, x20, x24\n\t"
-        "adcs   x14, x14, x5\n\t"
-        "umulh     x5, x20, x24\n\t"
-        "adc     x15, x15, xzr\n\t"
-        "adds  x14, x14, x4\n\t"
-        "mov	x4, x8\n\t"
-        "adc   x15, x15, x5\n\t"
+        "ldp	x13, x14, [%[a], 0]\n\t"
+        "ldp	x15, x16, [%[a], 16]\n\t"
+        "ldp	x17, x19, [%[b], 0]\n\t"
+        "ldp	x20, x21, [%[b], 16]\n\t"
+        "# A[0] * B[0]\n\t"
+        "umulh	x6, x13, x17\n\t"
+        "mul	x5, x13, x17\n\t"
+        "# A[2] * B[0]\n\t"
+        "umulh	x8, x15, x17\n\t"
+        "mul	x7, x15, x17\n\t"
+        "# A[1] * B[0]\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "adc	x8, x8, xzr\n\t"
+        "# A[0] * B[2]\n\t"
+        "mul	x3, x13, x20\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x13, x20\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[1] * B[3]\n\t"
+        "mul	x9, x14, x21\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "umulh	x10, x14, x21\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[0] * B[1]\n\t"
+        "mul	x3, x13, x19\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x13, x19\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "# A[2] * B[1]\n\t"
+        "mul	x3, x15, x19\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "umulh	x4, x15, x19\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[1] * B[2]\n\t"
+        "mul	x3, x14, x20\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x20\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[1] * B[1]\n\t"
+        "mul	x3, x14, x19\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x19\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[3] * B[1]\n\t"
+        "mul	x3, x16, x19\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x4, x16, x19\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "# A[2] * B[2]\n\t"
+        "mul	x3, x15, x20\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x15, x20\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "# A[3] * B[3]\n\t"
+        "mul	x3, x16, x21\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "umulh	x12, x16, x21\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[0] * B[3]\n\t"
+        "mul	x3, x13, x21\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x13, x21\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[2] * B[3]\n\t"
+        "mul	x3, x15, x21\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x15, x21\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[3] * B[0]\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[3] * B[2]\n\t"
+        "mul	x3, x16, x20\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x16, x20\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "mov	x3, x5\n\t"
+        "adc	x12, x12, xzr\n\t"
         "# Start Reduction\n\t"
-        "mov	x5, x9\n\t"
-        "mov	x6, x10\n\t"
+        "mov	x4, x6\n\t"
+        "mov	x13, x7\n\t"
         "# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
         "#    - a[0] << 32 << 192\n\t"
         "#   + (a[0] * 2) << 192\n\t"
         "#   a[0]-a[2] << 32\n\t"
-        "extr	x22, x10, x9, 32\n\t"
-        "add	x7, x11, x8\n\t"
-        "extr	x21, x9, x8, 32\n\t"
-        "add	x7, x7, x8\n\t"
+        "lsl	x15, x5, #32\n\t"
+        "extr	x17, x7, x6, 32\n\t"
+        "add	x14, x8, x5\n\t"
+        "extr	x16, x6, x5, 32\n\t"
+        "add	x14, x14, x5\n\t"
         "#   + a[0]-a[2] << 32 << 64\n\t"
         "#   - a[0] << 32 << 192\n\t"
-        "adds	x5, x5, x8, lsl #32\n\t"
-        "sub	x7, x7, x8, lsl #32\n\t"
-        "adcs	x6, x6, x21\n\t"
-        "adc	x7, x7, x22\n\t"
+        "adds	x4, x4, x15\n\t"
+        "sub	x14, x14, x15\n\t"
+        "adcs	x13, x13, x16\n\t"
+        "adc	x14, x14, x17\n\t"
         "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
         "#   a += mu << 256\n\t"
-        "adds	x12, x12, x4\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "adcs	x14, x14, x6\n\t"
-        "adcs	x15, x15, x7\n\t"
-        "cset	x8, cs\n\t"
+        "adds	x9, x9, x3\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "adcs	x11, x11, x13\n\t"
+        "adcs	x12, x12, x14\n\t"
+        "adc	x5, xzr, xzr\n\t"
         "#   a += mu << 192\n\t"
         "# mu <<= 32\n\t"
         "#   a += (mu << 32) << 64\n\t"
-        "adds	x11, x11, x4\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "adcs	x13, x13, x6\n\t"
-        "lsr	x16, x7, 32\n\t"
-        "adcs	x14, x14, x7\n\t"
-        "extr	x7, x7, x6, 32\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "extr	x6, x6, x5, 32\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "extr	x5, x5, x4, 32\n\t"
-        "lsl	x4, x4, 32\n\t"
-        "adds	x9, x9, x4\n\t"
-        "adcs	x10, x10, x5\n\t"
-        "adcs	x11, x11, x6\n\t"
-        "adcs	x12, x12, x7\n\t"
-        "adcs	x13, x13, x16\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adc	x8, x8, xzr\n\t"
+        "adds	x8, x8, x3\n\t"
+        "extr	x16, x14, x13, 32\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "extr	x15, x13, x4, 32\n\t"
+        "adcs	x10, x10, x13\n\t"
+        "extr	x4, x4, x3, 32\n\t"
+        "adcs	x11, x11, x14\n\t"
+        "lsl  x3, x3, 32\n\t"
+        "adc	x13, xzr, xzr\n\t"
+        "adds	x6, x6, x3\n\t"
+        "lsr	x17, x14, 32\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "adcs	x8, x8, x15\n\t"
+        "adcs	x9, x9, x16\n\t"
+        "adcs	x10, x10, x17\n\t"
+        "adcs	x11, x11, xzr\n\t"
+        "adcs	x12, x12, x13\n\t"
+        "adc	x5, x5, xzr\n\t"
         "#   a -= (mu << 32) << 192\n\t"
-        "subs	x11, x11, x4\n\t"
-        "sbcs	x12, x12, x5\n\t"
-        "sbcs	x13, x13, x6\n\t"
-        "sbcs	x14, x14, x7\n\t"
-        "sbcs	x15, x15, x16\n\t"
-        "mov	x19, 0xffffffff00000001\n\t"
-        "sbc	x8, x8, xzr\n\t"
-        "neg	x8, x8\n\t"
+        "subs	x8, x8, x3\n\t"
+        "sbcs	x9, x9, x4\n\t"
+        "sbcs	x10, x10, x15\n\t"
+        "sbcs	x11, x11, x16\n\t"
+        "sbcs	x12, x12, x17\n\t"
+        "sbc	x5, x5, xzr\n\t"
+        "neg	x5, x5\n\t"
         "# mask m and sub from result if overflow\n\t"
         "#  m[0] = -1 & mask = mask\n\t"
-        "subs	x12, x12, x8\n\t"
+        "subs	x9, x9, x5\n\t"
         "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
-        "lsr	x17, x8, 32\n\t"
-        "sbcs	x13, x13, x17\n\t"
-        "and	x19, x19, x8\n\t"
+        "lsr	x16, x5, 32\n\t"
+        "sbcs	x10, x10, x16\n\t"
+        "sub	x17, xzr, x16\n\t"
         "#  m[2] =  0 & mask = 0\n\t"
-        "sbcs	x14, x14, xzr\n\t"
-        "stp	x12, x13, [%[r], 0]\n\t"
+        "sbcs	x11, x11, xzr\n\t"
+        "stp	x9, x10, [%[r], 0]\n\t"
         "#  m[3] =  0xffffffff00000001 & mask\n\t"
-        "sbc	x15, x15, x19\n\t"
-        "stp	x14, x15, [%[r], 16]\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        : [r] "r" (r)
-        : "memory", "x4", "x5", "x6", "x7", "x16", "x17", "x19", "x20", "x21", "x22", "x23", "x24", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "cc"
+        "sbc	x12, x12, x17\n\t"
+        "stp	x11, x12, [%[r], 16]\n\t"
+        :
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
     );
 }
 
@@ -22609,146 +22595,141 @@ SP_NOINLINE static void sp_256_mont_mul_4(sp_digit* r, const sp_digit* a, const
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* m, sp_digit mp)
 {
     (void)m;
     (void)mp;
 
     __asm__ __volatile__ (
-        "ldp       x16, x17, [%[a], 0]\n\t"
-        "#  A[0] * A[1]\n\t"
-        "mul	x9, x16, x17\n\t"
-        "ldr       x19, [%[a], 16]\n\t"
-        "umulh	x10, x16, x17\n\t"
-        "ldr       x20, [%[a], 24]\n\t"
-        "#  A[0] * A[2]\n\t"
-        "mul	x4, x16, x19\n\t"
-        "umulh	x5, x16, x19\n\t"
-        "adds	x10, x10, x4\n\t"
-        "#  A[0] * A[3]\n\t"
-        "mul	x4, x16, x20\n\t"
-        "adc	x11, xzr, x5\n\t"
-        "umulh	x5, x16, x20\n\t"
-        "adds	x11, x11, x4\n\t"
-        "#  A[1] * A[2]\n\t"
-        "mul	x4, x17, x19\n\t"
-        "adc	x12, xzr, x5\n\t"
-        "umulh	x5, x17, x19\n\t"
-        "adds	x11, x11, x4\n\t"
-        "#  A[1] * A[3]\n\t"
-        "mul	x4, x17, x20\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x17, x20\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
-        "#  A[2] * A[3]\n\t"
-        "mul	x4, x19, x20\n\t"
-        "adc	x13, x13, x5\n\t"
-        "umulh	x5, x19, x20\n\t"
-        "adds	x13, x13, x4\n\t"
-        "adc	x14, xzr, x5\n\t"
+        "ldp	x12, x13, [%[a], 0]\n\t"
+        "ldp	x14, x15, [%[a], 16]\n\t"
+        "# A[0] * A[1]\n\t"
+        "umulh	x6, x12, x13\n\t"
+        "mul	x5, x12, x13\n\t"
+        "# A[0] * A[3]\n\t"
+        "umulh	x8, x12, x15\n\t"
+        "mul	x7, x12, x15\n\t"
+        "# A[0] * A[2]\n\t"
+        "mul	x2, x12, x14\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# A[1] * A[3]\n\t"
+        "mul	x2, x13, x15\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x9, x13, x15\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "# A[1] * A[2]\n\t"
+        "mul	x2, x13, x14\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x14\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# A[2] * A[3]\n\t"
+        "mul	x2, x14, x15\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x10, x14, x15\n\t"
+        "adc	x10, x10, xzr\n\t"
         "# Double\n\t"
-        "adds	x9, x9, x9\n\t"
+        "adds	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adcs	x7, x7, x7\n\t"
+        "adcs	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
         "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "adcs	x12, x12, x12\n\t"
-        "adcs	x13, x13, x13\n\t"
-        "#  A[0] * A[0]\n\t"
-        "mul	x8, x16, x16\n\t"
-        "adcs	x14, x14, x14\n\t"
-        "umulh	x3, x16, x16\n\t"
-        "cset	x15, cs\n\t"
-        "#  A[1] * A[1]\n\t"
-        "mul	x4, x17, x17\n\t"
-        "adds	x9, x9, x3\n\t"
-        "umulh	x5, x17, x17\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "#  A[2] * A[2]\n\t"
-        "mul	x6, x19, x19\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x7, x19, x19\n\t"
-        "adcs	x12, x12, x6\n\t"
-        "#  A[3] * A[3]\n\t"
-        "mul	x16, x20, x20\n\t"
-        "adcs	x13, x13, x7\n\t"
-        "umulh	x17, x20, x20\n\t"
-        "adcs	x14, x14, x16\n\t"
-        "mov	x3, x8\n\t"
-        "adc	x15, x15, x17\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[0] * A[0]\n\t"
+        "umulh	x3, x12, x12\n\t"
+        "mul	x4, x12, x12\n\t"
+        "# A[1] * A[1]\n\t"
+        "mul	x2, x13, x13\n\t"
+        "adds	x5, x5, x3\n\t"
+        "umulh	x3, x13, x13\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "# A[2] * A[2]\n\t"
+        "mul	x2, x14, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "umulh	x3, x14, x14\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "# A[3] * A[3]\n\t"
+        "mul	x2, x15, x15\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x3, x15, x15\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "mov	x2, x4\n\t"
+        "adc	x11, x11, x3\n\t"
         "# Start Reduction\n\t"
-        "mov	x4, x9\n\t"
-        "mov	x5, x10\n\t"
+        "mov	x3, x5\n\t"
+        "mov	x12, x6\n\t"
         "# mu = a[0]-a[3] + a[0]-a[2] << 32 << 64 + (a[0] * 2) << 192\n\t"
         "#    - a[0] << 32 << 192\n\t"
         "#   + (a[0] * 2) << 192\n\t"
         "#   a[0]-a[2] << 32\n\t"
-        "extr	x21, x10, x9, 32\n\t"
-        "add	x6, x11, x8\n\t"
-        "extr	x20, x9, x8, 32\n\t"
-        "add	x6, x6, x8\n\t"
+        "lsl	x14, x4, #32\n\t"
+        "extr	x16, x6, x5, 32\n\t"
+        "add	x13, x7, x4\n\t"
+        "extr	x15, x5, x4, 32\n\t"
+        "add	x13, x13, x4\n\t"
         "#   + a[0]-a[2] << 32 << 64\n\t"
         "#   - a[0] << 32 << 192\n\t"
-        "adds	x4, x4, x8, lsl #32\n\t"
-        "sub	x6, x6, x8, lsl #32\n\t"
-        "adcs	x5, x5, x20\n\t"
-        "adc	x6, x6, x21\n\t"
+        "adds	x3, x3, x14\n\t"
+        "sub	x13, x13, x14\n\t"
+        "adcs	x12, x12, x15\n\t"
+        "adc	x13, x13, x16\n\t"
         "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
         "#   a += mu << 256\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adcs	x13, x13, x4\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "adcs	x15, x15, x6\n\t"
-        "cset	x8, cs\n\t"
+        "adds	x8, x8, x2\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "adcs	x10, x10, x12\n\t"
+        "adcs	x11, x11, x13\n\t"
+        "adc	x4, xzr, xzr\n\t"
         "#   a += mu << 192\n\t"
         "# mu <<= 32\n\t"
         "#   a += (mu << 32) << 64\n\t"
-        "adds	x11, x11, x3\n\t"
-        "adcs	x12, x12, x4\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "lsr	x7, x6, 32\n\t"
-        "adcs	x14, x14, x6\n\t"
-        "extr	x6, x6, x5, 32\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "extr	x5, x5, x4, 32\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "extr	x4, x4, x3, 32\n\t"
-        "lsl	x3, x3, 32\n\t"
-        "adds	x9, x9, x3\n\t"
-        "adcs	x10, x10, x4\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "adcs	x12, x12, x6\n\t"
-        "adcs	x13, x13, x7\n\t"
-        "adcs	x14, x14, xzr\n\t"
-        "adcs	x15, x15, xzr\n\t"
-        "adc	x8, x8, xzr\n\t"
+        "adds	x7, x7, x2\n\t"
+        "extr	x15, x13, x12, 32\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "extr	x14, x12, x3, 32\n\t"
+        "adcs	x9, x9, x12\n\t"
+        "extr	x3, x3, x2, 32\n\t"
+        "adcs	x10, x10, x13\n\t"
+        "lsl  x2, x2, 32\n\t"
+        "adc	x12, xzr, xzr\n\t"
+        "adds	x5, x5, x2\n\t"
+        "lsr	x16, x13, 32\n\t"
+        "adcs	x6, x6, x3\n\t"
+        "adcs	x7, x7, x14\n\t"
+        "adcs	x8, x8, x15\n\t"
+        "adcs	x9, x9, x16\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adcs	x11, x11, x12\n\t"
+        "adc	x4, x4, xzr\n\t"
         "#   a -= (mu << 32) << 192\n\t"
-        "subs	x11, x11, x3\n\t"
-        "sbcs	x12, x12, x4\n\t"
-        "sbcs	x13, x13, x5\n\t"
-        "sbcs	x14, x14, x6\n\t"
-        "sbcs	x15, x15, x7\n\t"
-        "mov	x17, 0xffffffff00000001\n\t"
-        "sbc	x8, x8, xzr\n\t"
-        "neg	x8, x8\n\t"
+        "subs	x7, x7, x2\n\t"
+        "sbcs	x8, x8, x3\n\t"
+        "sbcs	x9, x9, x14\n\t"
+        "sbcs	x10, x10, x15\n\t"
+        "sbcs	x11, x11, x16\n\t"
+        "sbc	x4, x4, xzr\n\t"
+        "neg	x4, x4\n\t"
         "# mask m and sub from result if overflow\n\t"
         "#  m[0] = -1 & mask = mask\n\t"
-        "subs	x12, x12, x8\n\t"
+        "subs	x8, x8, x4\n\t"
         "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
-        "lsr	x16, x8, 32\n\t"
-        "sbcs	x13, x13, x16\n\t"
-        "and	x17, x17, x8\n\t"
+        "lsr	x15, x4, 32\n\t"
+        "sbcs	x9, x9, x15\n\t"
+        "sub	x16, xzr, x15\n\t"
         "#  m[2] =  0 & mask = 0\n\t"
-        "sbcs	x14, x14, xzr\n\t"
-        "stp	x12, x13, [%[r], 0]\n\t"
+        "sbcs	x10, x10, xzr\n\t"
+        "stp	x8, x9, [%[r], 0]\n\t"
         "#  m[3] =  0xffffffff00000001 & mask\n\t"
-        "sbc	x15, x15, x17\n\t"
-        "stp	x14, x15, [%[r], 16]\n\t"
+        "sbc	x11, x11, x16\n\t"
+        "stp	x10, x11, [%[r], 16]\n\t"
         :
         : [r] "r" (r), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
     );
 }
 
@@ -22759,10 +22740,10 @@ SP_NOINLINE static void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_4(r, a, m, mp);
     for (; n > 1; n--) {
@@ -22990,52 +22971,51 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
         "#    - a[0] << 32 << 192\n\t"
         "#   + (a[0] * 2) << 192\n\t"
         "#   a[0]-a[2] << 32\n\t"
-        "extr	x20, x12, x11, 32\n\t"
+        "lsl	x7, x10, #32\n\t"
+        "extr	x9, x12, x11, 32\n\t"
         "add	x6, x13, x10\n\t"
-        "extr	x19, x11, x10, 32\n\t"
+        "extr	x8, x11, x10, 32\n\t"
         "add	x6, x6, x10\n\t"
         "#   + a[0]-a[2] << 32 << 64\n\t"
         "#   - a[0] << 32 << 192\n\t"
-        "adds	x4, x4, x10, lsl #32\n\t"
-        "sub	x6, x6, x10, lsl #32\n\t"
-        "adcs	x5, x5, x19\n\t"
-        "adc	x6, x6, x20\n\t"
+        "adds	x4, x4, x7\n\t"
+        "sub	x6, x6, x7\n\t"
+        "adcs	x5, x5, x8\n\t"
+        "adc	x6, x6, x9\n\t"
         "# a += (mu << 256) - (mu << 224) + (mu << 192) + (mu << 96) - mu\n\t"
         "#   a += mu << 256\n\t"
         "adds	x14, x14, x3\n\t"
         "adcs	x15, x15, x4\n\t"
         "adcs	x16, x16, x5\n\t"
         "adcs	x17, x17, x6\n\t"
-        "cset	x10, cs\n\t"
+        "adc	x10, xzr, xzr\n\t"
         "#   a += mu << 192\n\t"
         "# mu <<= 32\n\t"
         "#   a += (mu << 32) << 64\n\t"
         "adds	x13, x13, x3\n\t"
+        "extr	x8, x6, x5, 32\n\t"
         "adcs	x14, x14, x4\n\t"
+        "extr	x7, x5, x4, 32\n\t"
         "adcs	x15, x15, x5\n\t"
-        "lsr	x7, x6, 32\n\t"
-        "adcs	x16, x16, x6\n\t"
-        "extr	x6, x6, x5, 32\n\t"
-        "adcs	x17, x17, xzr\n\t"
-        "extr	x5, x5, x4, 32\n\t"
-        "adc	x10, x10, xzr\n\t"
         "extr	x4, x4, x3, 32\n\t"
-        "lsl	x3, x3, 32\n\t"
+        "adcs	x16, x16, x6\n\t"
+        "lsl  x3, x3, 32\n\t"
+        "adc	x5, xzr, xzr\n\t"
         "adds	x11, x11, x3\n\t"
+        "lsr	x9, x6, 32\n\t"
         "adcs	x12, x12, x4\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "adcs	x14, x14, x6\n\t"
-        "adcs	x15, x15, x7\n\t"
+        "adcs	x13, x13, x7\n\t"
+        "adcs	x14, x14, x8\n\t"
+        "adcs	x15, x15, x9\n\t"
         "adcs	x16, x16, xzr\n\t"
-        "adcs	x17, x17, xzr\n\t"
+        "adcs	x17, x17, x5\n\t"
         "adc	x10, x10, xzr\n\t"
         "#   a -= (mu << 32) << 192\n\t"
         "subs	x13, x13, x3\n\t"
         "sbcs	x14, x14, x4\n\t"
-        "sbcs	x15, x15, x5\n\t"
-        "sbcs	x16, x16, x6\n\t"
-        "sbcs	x17, x17, x7\n\t"
-        "mov	x9, 0xffffffff00000001\n\t"
+        "sbcs	x15, x15, x7\n\t"
+        "sbcs	x16, x16, x8\n\t"
+        "sbcs	x17, x17, x9\n\t"
         "sbc	x10, x10, xzr\n\t"
         "neg	x10, x10\n\t"
         "# mask m and sub from result if overflow\n\t"
@@ -23044,7 +23024,7 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
         "#  m[1] = 0xffffffff & mask = mask >> 32 as mask is all 1s or 0s\n\t"
         "lsr	x8, x10, 32\n\t"
         "sbcs	x15, x15, x8\n\t"
-        "and	x9, x9, x10\n\t"
+        "sub	x9, xzr, x8\n\t"
         "#  m[2] =  0 & mask = 0\n\t"
         "sbcs	x16, x16, xzr\n\t"
         "stp	x14, x15, [%[a], 0]\n\t"
@@ -23056,162 +23036,6 @@ SP_NOINLINE static void sp_256_mont_reduce_4(sp_digit* a, const sp_digit* m,
         : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x19", "x20", "cc"
     );
 }
-/* Reduce the number back to 256 bits using Montgomery reduction.
- *
- * a   A single precision number to reduce in place.
- * m   The single precision number representing the modulus.
- * mp  The digit representing the negative inverse of m mod 2^n.
- */
-SP_NOINLINE static void sp_256_mont_reduce_order_4(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
-{
-    __asm__ __volatile__ (
-        "ldp	x9, x10, [%[a], 0]\n\t"
-        "ldp	x11, x12, [%[a], 16]\n\t"
-        "ldp	x17, x19, [%[m], 0]\n\t"
-        "ldp	x20, x21, [%[m], 16]\n\t"
-        "mov	x8, xzr\n\t"
-        "# mu = a[0] * mp\n\t"
-        "mul	x5, %[mp], x9\n\t"
-        "ldr	x13, [%[a], 32]\n\t"
-        "# a[0+0] += m[0] * mu\n\t"
-        "mul	x3, x17, x5\n\t"
-        "ldr	x14, [%[a], 40]\n\t"
-        "umulh	x6, x17, x5\n\t"
-        "ldr	x15, [%[a], 48]\n\t"
-        "adds	x9, x9, x3\n\t"
-        "ldr	x16, [%[a], 56]\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[0+1] += m[1] * mu\n\t"
-        "mul	x3, x19, x5\n\t"
-        "umulh	x7, x19, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x10, x10, x3\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "# a[0+2] += m[2] * mu\n\t"
-        "mul	x3, x20, x5\n\t"
-        "umulh	x6, x20, x5\n\t"
-        "adds	x3, x3, x7\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x11, x11, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[0+3] += m[3] * mu\n\t"
-        "mul	x3, x21, x5\n\t"
-        "umulh	x4, x21, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "cset	x8, cs\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adcs	x13, x13, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# mu = a[1] * mp\n\t"
-        "mul	x5, %[mp], x10\n\t"
-        "# a[1+0] += m[0] * mu\n\t"
-        "mul	x3, x17, x5\n\t"
-        "umulh	x6, x17, x5\n\t"
-        "adds	x10, x10, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[1+1] += m[1] * mu\n\t"
-        "mul	x3, x19, x5\n\t"
-        "umulh	x7, x19, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x11, x11, x3\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "# a[1+2] += m[2] * mu\n\t"
-        "mul	x3, x20, x5\n\t"
-        "umulh	x6, x20, x5\n\t"
-        "adds	x3, x3, x7\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[1+3] += m[3] * mu\n\t"
-        "mul	x3, x21, x5\n\t"
-        "umulh	x4, x21, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "cset	x8, cs\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adcs	x14, x14, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# mu = a[2] * mp\n\t"
-        "mul	x5, %[mp], x11\n\t"
-        "# a[2+0] += m[0] * mu\n\t"
-        "mul	x3, x17, x5\n\t"
-        "umulh	x6, x17, x5\n\t"
-        "adds	x11, x11, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[2+1] += m[1] * mu\n\t"
-        "mul	x3, x19, x5\n\t"
-        "umulh	x7, x19, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "# a[2+2] += m[2] * mu\n\t"
-        "mul	x3, x20, x5\n\t"
-        "umulh	x6, x20, x5\n\t"
-        "adds	x3, x3, x7\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[2+3] += m[3] * mu\n\t"
-        "mul	x3, x21, x5\n\t"
-        "umulh	x4, x21, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "cset	x8, cs\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adcs	x15, x15, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "# mu = a[3] * mp\n\t"
-        "mul	x5, %[mp], x12\n\t"
-        "# a[3+0] += m[0] * mu\n\t"
-        "mul	x3, x17, x5\n\t"
-        "umulh	x6, x17, x5\n\t"
-        "adds	x12, x12, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[3+1] += m[1] * mu\n\t"
-        "mul	x3, x19, x5\n\t"
-        "umulh	x7, x19, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "adds	x13, x13, x3\n\t"
-        "adc	x7, x7, xzr\n\t"
-        "# a[3+2] += m[2] * mu\n\t"
-        "mul	x3, x20, x5\n\t"
-        "umulh	x6, x20, x5\n\t"
-        "adds	x3, x3, x7\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "adds	x14, x14, x3\n\t"
-        "adc	x6, x6, xzr\n\t"
-        "# a[3+3] += m[3] * mu\n\t"
-        "mul	x3, x21, x5\n\t"
-        "umulh	x4, x21, x5\n\t"
-        "adds	x3, x3, x6\n\t"
-        "adcs	x4, x4, x8\n\t"
-        "cset	x8, cs\n\t"
-        "adds	x15, x15, x3\n\t"
-        "adcs	x16, x16, x4\n\t"
-        "adc	x8, x8, xzr\n\t"
-        "sub	x3, xzr, x8\n\t"
-        "and	x17, x17, x3\n\t"
-        "and	x19, x19, x3\n\t"
-        "and	x20, x20, x3\n\t"
-        "and	x21, x21, x3\n\t"
-        "subs	x13, x13, x17\n\t"
-        "sbcs	x14, x14, x19\n\t"
-        "sbcs	x15, x15, x20\n\t"
-        "stp	x13, x14, [%[a], 0]\n\t"
-        "sbc	x16, x16, x21\n\t"
-        "stp	x15, x16, [%[a], 16]\n\t"
-        :
-        : [a] "r" (a), [m] "r" (m), [mp] "r" (mp)
-        : "memory", "x3", "x4", "x5", "x8", "x6", "x7", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "cc"
-    );
-}
-
 /* Map the Montgomery form projective coordinate point to an affine point.
  *
  * r  Resulting affine coordinate point.
@@ -23252,69 +23076,42 @@ static void sp_256_map_4(sp_point_256* r, const sp_point_256* p,
     r->z[0] = 1;
 }
 
-/* Add two Montgomery form numbers (r = a + b % m).
- *
- * r   Result of addition.
- * a   First number to add in Montgomery form.
- * b   Second number to add in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "adds	x4, x4, x8\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "adcs	x5, x5, x9\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "adcs	x6, x6, x10\n\t"
-        "adcs	x7, x7, x11\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cs\n\t"
-        "subs	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x5, x5, x12\n\t"
-        "and	x13, x13, x14\n\t"
-        "sbcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[r],0]\n\t"
-        "sbc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-}
-
 /* Double a Montgomery form number (r = a + a % m).
  *
  * r   Result of doubling.
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x3, x4, [%[a]]\n\t"
         "ldp	x5, x6, [%[a],16]\n\t"
-        "adds	x3, x3, x3\n\t"
-        "adcs	x4, x4, x4\n\t"
-        "adcs	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "mov	x8, 0xffffffff00000001\n\t"
-        "csetm	x9, cs\n\t"
-        "subs	x3, x3, x9\n\t"
-        "lsr	x7, x9, 32\n\t"
-        "sbcs	x4, x4, x7\n\t"
-        "and	x8, x8, x9\n\t"
-        "sbcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r],0]\n\t"
-        "sbc	x6, x6, x8\n\t"
-        "stp	x5, x6, [%[r],16]\n\t"
+        "lsl	x9, x3, #1\n\t"
+        "extr	x10, x4, x3, #63\n\t"
+        "extr	x11, x5, x4, #63\n\t"
+        "asr	x13, x6, #63\n\t"
+        "extr	x12, x6, x5, #63\n\t"
+        "subs	x9, x9, x13\n\t"
+        "lsr	x7, x13, 32\n\t"
+        "sbcs	x10, x10, x7\n\t"
+        "sub	x8, xzr, x7\n\t"
+        "sbcs	x11, x11, xzr\n\t"
+        "sbcs	x12, x12, x8\n\t"
+        "sbc	x8, xzr, xzr\n\t"
+        "sub	x13, x13, x8\n\t"
+        "subs	x9, x9, x13\n\t"
+        "lsr	x7, x13, 32\n\t"
+        "sbcs	x10, x10, x7\n\t"
+        "sub	x8, xzr, x7\n\t"
+        "sbcs	x11, x11, xzr\n\t"
+        "stp	x9, x10, [%[r],0]\n\t"
+        "sbc	x12, x12, x8\n\t"
+        "stp	x11, x12, [%[r],16]\n\t"
         :
         : [r] "r" (r), [a] "r" (a)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "x9", "x10", "x11", "x12", "cc"
     );
 
     (void)m;
@@ -23326,41 +23123,50 @@ static void sp_256_mont_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
-        "ldp	x10, x11, [%[a]]\n\t"
-        "adds	x3, x10, x10\n\t"
-        "ldr	x12, [%[a], 16]\n\t"
-        "adcs	x4, x11, x11\n\t"
-        "ldr	x13, [%[a], 24]\n\t"
-        "adcs	x5, x12, x12\n\t"
-        "adcs	x6, x13, x13\n\t"
-        "mov	x8, 0xffffffff00000001\n\t"
-        "csetm	x9, cs\n\t"
-        "subs	x3, x3, x9\n\t"
-        "lsr	x7, x9, 32\n\t"
+        "ldp	x9, x10, [%[a]]\n\t"
+        "ldp	x11, x12, [%[a], 16]\n\t"
+        "lsl	x3, x9, #1\n\t"
+        "extr	x4, x10, x9, #63\n\t"
+        "extr	x5, x11, x10, #63\n\t"
+        "asr	x13, x12, #63\n\t"
+        "extr	x6, x12, x11, #63\n\t"
+        "subs	x3, x3, x13\n\t"
+        "lsr	x7, x13, 32\n\t"
         "sbcs	x4, x4, x7\n\t"
-        "and	x8, x8, x9\n\t"
+        "sub	x8, xzr, x7\n\t"
         "sbcs	x5, x5, xzr\n\t"
-        "sbc	x6, x6, x8\n\t"
-        "adds	x3, x3, x10\n\t"
-        "adcs	x4, x4, x11\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "adcs	x6, x6, x13\n\t"
-        "mov	x8, 0xffffffff00000001\n\t"
-        "csetm	x9, cs\n\t"
-        "subs	x3, x3, x9\n\t"
-        "lsr	x7, x9, 32\n\t"
+        "sbcs	x6, x6, x8\n\t"
+        "neg	x13, x13\n\t"
+        "sbc	x13, x13, xzr\n\t"
+        "adds	x3, x3, x9\n\t"
+        "adcs	x4, x4, x10\n\t"
+        "adcs	x5, x5, x11\n\t"
+        "adcs	x6, x6, x12\n\t"
+        "adc	x13, x13, xzr\n\t"
+        "neg	x13, x13\n\t"
+        "subs	x3, x3, x13, asr #1\n\t"
+        "lsr	x7, x13, 32\n\t"
         "sbcs	x4, x4, x7\n\t"
-        "and	x8, x8, x9\n\t"
+        "sub	x8, xzr, x7\n\t"
         "sbcs	x5, x5, xzr\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
+        "sbcs	x6, x6, x8\n\t"
+        "sbc	x8, xzr, xzr\n\t"
+        "sub	x13, x13, x8\n\t"
+        "subs	x3, x3, x13\n\t"
+        "lsr	x7, x13, 32\n\t"
+        "sbcs	x4, x4, x7\n\t"
+        "sub	x8, xzr, x7\n\t"
+        "sbcs	x5, x5, xzr\n\t"
+        "stp	x3, x4, [%[r],0]\n\t"
         "sbc	x6, x6, x8\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
+        "stp	x5, x6, [%[r],16]\n\t"
         :
         : [r] "r" (r), [a] "r" (a)
-        : "memory", "x10", "x11", "x12", "x13", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "cc"
+        : "memory", "x9", "x10", "x11", "x12", "x3", "x4", "x5", "x6", "x7", "x8", "x13", "cc"
     );
 
     (void)m;
@@ -23373,66 +23179,213 @@ static void sp_256_mont_tpl_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x4, x5, [%[a], 0]\n\t"
+        "ldp	x6, x7, [%[a], 16]\n\t"
         "ldp	x8, x9, [%[b], 0]\n\t"
+        "ldp	x10, x11, [%[b], 16]\n\t"
         "subs	x4, x4, x8\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
         "sbcs	x5, x5, x9\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
         "sbcs	x6, x6, x10\n\t"
         "sbcs	x7, x7, x11\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cc\n\t"
+        "sbc	x14, xzr, xzr\n\t"
         "adds	x4, x4, x14\n\t"
         "lsr	x12, x14, 32\n\t"
         "adcs	x5, x5, x12\n\t"
-        "and	x13, x13, x14\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "adcs	x7, x7, x13\n\t"
+        "adc	x14, x14, xzr\n\t"
+        "adds	x4, x4, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "adcs	x5, x5, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
         "adcs	x6, x6, xzr\n\t"
         "stp	x4, x5, [%[r],0]\n\t"
         "adc	x7, x7, x13\n\t"
         "stp	x6, x7, [%[r],16]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
         : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
     );
+
+    (void)m;
 }
 
-#define sp_256_mont_sub_lower_4 sp_256_mont_sub_4
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_256_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "and	x9, x3, 1\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sub	x10, xzr, x9\n\t"
-        "lsr	x7, x10, 32\n\t"
-        "adds	x3, x3, x10\n\t"
-        "and	x8, x10, 0xffffffff00000001\n\t"
-        "adcs	x4, x4, x7\n\t"
-        "adcs	x5, x5, xzr\n\t"
-        "extr	x3, x4, x3, 1\n\t"
-        "adcs	x6, x6, x8\n\t"
-        "extr	x4, x5, x4, 1\n\t"
-        "cset	x9, cs\n\t"
-        "extr	x5, x6, x5, 1\n\t"
-        "extr	x6, x9, x6, 1\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
+        "ldp   x3, x4, [%[a], 0]\n\t"
+        "ldp   x5, x6, [%[a], 16]\n\t"
+        "sbfx  x8, x3, 0, 1\n\t"
+        "adds      x3, x3, x8\n\t"
+        "lsr       x7, x8, 32\n\t"
+        "adcs      x4, x4, x7\n\t"
+        "sub       x8, xzr, x7\n\t"
+        "adcs      x5, x5, xzr\n\t"
+        "extr      x3, x4, x3, 1\n\t"
+        "adcs      x6, x6, x8\n\t"
+        "extr  x4, x5, x4, 1\n\t"
+        "adc   x9, xzr, xzr\n\t"
+        "extr  x5, x6, x5, 1\n\t"
+        "extr  x6, x9, x6, 1\n\t"
+        "stp   x3, x4, [%[r], 0]\n\t"
+        "stp   x5, x6, [%[r], 16]\n\t"
         :
         : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
+        : "memory", "x3", "x4", "x5", "x6", "x7", "x9", "x8", "cc"
+    );
+}
+
+/* Double number and subtract (r = (a - 2.b) % m).
+ *
+ * r   Result of subtration.
+ * a   Number to subtract from in Montgomery form.
+ * b   Number to subtract with in Montgomery form.
+ * m   Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_rsb_sub_dbl_4(sp_digit* r,
+    const sp_digit* a, sp_digit* b, const sp_digit* m)
+{
+    __asm__ __volatile__ (
+        "ldp	x8, x9, [%[b]]\n\t"
+        "ldp	x10, x11, [%[b],16]\n\t"
+        "lsl	x15, x8, #1\n\t"
+        "extr	x16, x9, x8, #63\n\t"
+        "extr	x17, x10, x9, #63\n\t"
+        "asr	x14, x11, #63\n\t"
+        "extr	x19, x11, x10, #63\n\t"
+        "ldp	x4, x5, [%[a]]\n\t"
+        "ldp	x6, x7, [%[a],16]\n\t"
+        "subs	x15, x15, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "sbcs	x16, x16, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "sbcs	x17, x17, xzr\n\t"
+        "sbcs	x19, x19, x13\n\t"
+        "neg	x14, x14\n\t"
+        "sbc	x14, x14, xzr\n\t"
+        "subs	x15, x4, x15\n\t"
+        "sbcs	x16, x5, x16\n\t"
+        "sbcs	x17, x6, x17\n\t"
+        "sbcs	x19, x7, x19\n\t"
+        "sbc	x14, xzr, x14\n\t"
+        "adds	x15, x15, x14, asr #1\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "adcs	x16, x16, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adcs	x19, x19, x13\n\t"
+        "adc	x14, x14, xzr\n\t"
+        "adds	x15, x15, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "adcs	x16, x16, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "stp	x15, x16, [%[r],0]\n\t"
+        "adc	x19, x19, x13\n\t"
+        "stp	x17, x19, [%[r],16]\n\t"
+        "subs	x15, x8, x15\n\t"
+        "sbcs	x16, x9, x16\n\t"
+        "sbcs	x17, x10, x17\n\t"
+        "sbcs	x19, x11, x19\n\t"
+        "sbc	x14, xzr, xzr\n\t"
+        "adds	x15, x15, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "adcs	x16, x16, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "adcs	x19, x19, x13\n\t"
+        "adc	x14, x14, xzr\n\t"
+        "adds	x15, x15, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "adcs	x16, x16, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x17, x17, xzr\n\t"
+        "stp	x15, x16, [%[b],0]\n\t"
+        "adc	x19, x19, x13\n\t"
+        "stp	x17, x19, [%[b],16]\n\t"
+        :
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "cc"
     );
 
+    (void)m;
+}
+
+/* Subtract two Montgomery form numbers (r = a - b % m).
+ *
+ * ra  Result of addition.
+ * rs  Result of subtration.
+ * a   Number to subtract from in Montgomery form.
+ * b   Number to subtract with in Montgomery form.
+ * m   Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_add_sub_4(sp_digit* ra,
+    sp_digit* rs, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+{
+    __asm__ __volatile__ (
+        "ldp	x4, x5, [%[a], 0]\n\t"
+        "ldp	x6, x7, [%[a], 16]\n\t"
+        "ldp	x8, x9, [%[b], 0]\n\t"
+        "ldp	x10, x11, [%[b], 16]\n\t"
+        "adds	x14, x4, x8\n\t"
+        "adcs	x15, x5, x9\n\t"
+        "adcs	x16, x6, x10\n\t"
+        "adcs	x17, x7, x11\n\t"
+        "csetm	x19, cs\n\t"
+        "subs	x14, x14, x19\n\t"
+        "lsr	x12, x19, 32\n\t"
+        "sbcs	x15, x15, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "sbcs	x16, x16, xzr\n\t"
+        "sbcs	x17, x17, x13\n\t"
+        "sbc	x13, xzr, xzr\n\t"
+        "sub	x19, x19, x13\n\t"
+        "subs	x14, x14, x19\n\t"
+        "lsr	x12, x19, 32\n\t"
+        "sbcs	x15, x15, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "sbcs	x16, x16, xzr\n\t"
+        "stp	x14, x15, [%[ra],0]\n\t"
+        "sbc	x17, x17, x13\n\t"
+        "stp	x16, x17, [%[ra],16]\n\t"
+        "subs	x4, x4, x8\n\t"
+        "sbcs	x5, x5, x9\n\t"
+        "sbcs	x6, x6, x10\n\t"
+        "sbcs	x7, x7, x11\n\t"
+        "sbc	x19, xzr, xzr\n\t"
+        "adds	x4, x4, x19\n\t"
+        "lsr	x12, x19, 32\n\t"
+        "adcs	x5, x5, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "adcs	x7, x7, x13\n\t"
+        "adc	x19, x19, xzr\n\t"
+        "adds	x4, x4, x19\n\t"
+        "lsr	x12, x19, 32\n\t"
+        "adcs	x5, x5, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "adcs	x6, x6, xzr\n\t"
+        "stp	x4, x5, [%[rs],0]\n\t"
+        "adc	x7, x7, x13\n\t"
+        "stp	x6, x7, [%[rs],16]\n\t"
+        :
+        : [ra] "r" (ra), [rs] "r" (rs), [a] "r" (a), [b] "r" (b)
+        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x19", "x14", "x15", "x16", "x17", "cc"
+    );
+
+    (void)m;
 }
 
 /* Double the Montgomery form projective point p.
@@ -23464,10 +23417,8 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
     sp_256_mont_mul_4(z, p->y, p->z, p256_mod, p256_mp_mod);
     /* Z = 2Z */
     sp_256_mont_dbl_4(z, z, p256_mod);
-    /* T2 = X - T1 */
-    sp_256_mont_sub_4(t2, p->x, t1, p256_mod);
-    /* T1 = X + T1 */
-    sp_256_mont_add_4(t1, p->x, t1, p256_mod);
+    /* T1/T2 = X +/- T1 */
+    sp_256_mont_add_sub_4(t1, t2, p->x, t1, p256_mod);
     /* T2 = T1 * T2 */
     sp_256_mont_mul_4(t2, t1, t2, p256_mod, p256_mp_mod);
     /* T1 = 3T2 */
@@ -23479,17 +23430,14 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_4(t2, t2, p256_mod);
+    sp_256_mont_div2_4(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
     sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_4(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_4(x, x, y, p256_mod);
+    /* X = X - 2*Y */
     /* Y = Y - X */
-    sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+    sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -23512,7 +23460,8 @@ typedef struct sp_256_proj_point_dbl_4_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
@@ -23550,13 +23499,11 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         ctx->state = 4;
         break;
     case 4:
-        /* T2 = X - T1 */
-        sp_256_mont_sub_4(ctx->t2, p->x, ctx->t1, p256_mod);
+        /* T1/T2 = X +/- T1 */
+        sp_256_mont_add_sub_4(ctx->t1, ctx->t2, p->x, ctx->t1, p256_mod);
         ctx->state = 5;
         break;
     case 5:
-        /* T1 = X + T1 */
-        sp_256_mont_add_4(ctx->t1, p->x, ctx->t1, p256_mod);
         ctx->state = 6;
         break;
     case 6:
@@ -23586,7 +23533,7 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_4(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -23600,18 +23547,15 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         ctx->state = 14;
         break;
     case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* X = X - 2*Y */
+        /* Y = Y - X */
+        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 15;
         break;
     case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 16;
         break;
     case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -23636,101 +23580,6 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_256_mont_tpl_lower_4 sp_256_mont_tpl_4
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_sub_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x8, x9, [%[b]]\n\t"
-        "ldp	x10, x11, [%[b],16]\n\t"
-        "adds	x8, x8, x8\n\t"
-        "ldp	x4, x5, [%[a]]\n\t"
-        "adcs	x9, x9, x9\n\t"
-        "ldp	x6, x7, [%[a],16]\n\t"
-        "adcs	x10, x10, x10\n\t"
-        "adcs	x11, x11, x11\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cs\n\t"
-        "subs	x8, x8, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x9, x9, x12\n\t"
-        "and	x13, x13, x14\n\t"
-        "sbcs	x10, x10, xzr\n\t"
-        "sbc	x11, x11, x13\n\t"
-        "subs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "sbcs	x7, x7, x11\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cc\n\t"
-        "adds	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "and	x13, x13, x14\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[r],0]\n\t"
-        "adc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-}
-
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-static void sp_256_mont_dbl_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
-{
-    __asm__ __volatile__ (
-        "ldp	x4, x5, [%[a], 0]\n\t"
-        "ldp	x8, x9, [%[b], 0]\n\t"
-        "subs	x4, x4, x8\n\t"
-        "ldp	x6, x7, [%[a], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "ldp	x10, x11, [%[b], 16]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "sbcs	x7, x7, x11\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cc\n\t"
-        "adds	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "adcs	x5, x5, x12\n\t"
-        "and	x13, x13, x14\n\t"
-        "adcs	x6, x6, xzr\n\t"
-        "adc	x7, x7, x13\n\t"
-        "adds	x4, x4, x4\n\t"
-        "adcs	x5, x5, x5\n\t"
-        "adcs	x6, x6, x6\n\t"
-        "adcs	x7, x7, x7\n\t"
-        "mov	x13, 0xffffffff00000001\n\t"
-        "csetm	x14, cs\n\t"
-        "subs	x4, x4, x14\n\t"
-        "lsr	x12, x14, 32\n\t"
-        "sbcs	x5, x5, x12\n\t"
-        "and	x13, x13, x14\n\t"
-        "sbcs	x6, x6, xzr\n\t"
-        "stp	x4, x5, [%[r],0]\n\t"
-        "sbc	x7, x7, x13\n\t"
-        "stp	x6, x7, [%[r],16]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
-    );
-}
-
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -23768,15 +23617,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+        sp_256_mont_tpl_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
         /* X = A^2 - 2B */
         sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -23796,15 +23645,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+    sp_256_mont_tpl_4(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
     /* X = A^2 - 2B */
     sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+    sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+    sp_256_mont_dbl_4(b, b, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -23814,7 +23663,7 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
     sp_256_mont_sub_4(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_4(y, y, p256_mod);
+    sp_256_mont_div2_4(y, y, p256_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -23852,12 +23701,12 @@ static int sp_256_iszero_4(const sp_digit* a)
 static void sp_256_proj_point_add_4(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*4;
+    sp_digit* t2 = t + 4*4;
+    sp_digit* t3 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
+    sp_digit* t5 = t + 10*4;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -23879,17 +23728,9 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
         sp_256_proj_point_dbl_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_4(t2, t2, t1, p256_mod);
@@ -23905,22 +23746,75 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
         sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(x, x, t5, p256_mod);
         sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, y, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
         sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(y, y, t5, p256_mod);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
-        }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
+{
+    __asm__ __volatile__ (
+        "ldrsw	x10, [%[p], #192]\n\t"
+        "ldrsw	x11, [%[q], #192]\n\t"
+        "ldp	x12, x13, [%[x], #0]\n\t"
+        "ldp	x14, x15, [%[x], #16]\n\t"
+        "ldp	x16, x17, [%[y], #0]\n\t"
+        "ldp	x19, x20, [%[y], #16]\n\t"
+        "ldp	x21, x22, [%[z], #0]\n\t"
+        "ldp	x23, x24, [%[z], #16]\n\t"
+        "bics	xzr, x11, x10\n\t"
+        "ldp	x25, x26, [%[p], #0]\n\t"
+        "ldp	x27, x28, [%[p], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #64]\n\t"
+        "ldp	x27, x28, [%[p], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #128]\n\t"
+        "ldp	x27, x28, [%[p], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "bics	xzr, x10, x11\n\t"
+        "and	x10, x10, x11\n\t"
+        "ldp	x25, x26, [%[q], #0]\n\t"
+        "ldp	x27, x28, [%[q], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #64]\n\t"
+        "ldp	x27, x28, [%[q], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #128]\n\t"
+        "ldp	x27, x28, [%[q], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "orr	x21, x21, x10\n\t"
+        "stp	x12, x13, [%[r], #0]\n\t"
+        "stp	x14, x15, [%[r], #16]\n\t"
+        "stp	x16, x17, [%[r], #64]\n\t"
+        "stp	x19, x20, [%[r], #80]\n\t"
+        "stp	x21, x22, [%[r], #128]\n\t"
+        "stp	x23, x24, [%[r], #144]\n\t"
+        "str	w10, [%[r], #192]\n\t"
+        :
+        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
+          [y] "r" (y), [z] "r" (z)
+        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+          "cc"
+    );
+}
     }
 }
 
@@ -23966,12 +23860,12 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->t3 = t + 4*4;
-        ctx->t4 = t + 6*4;
-        ctx->t5 = t + 8*4;
-        ctx->t6 = t + 10*4;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*4;
+        ctx->t2 = t + 4*4;
+        ctx->t3 = t + 6*4;
+        ctx->t4 = t + 8*4;
+        ctx->t5 = t + 10*4;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -24072,12 +23966,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         ctx->state = 20;
         break;
     case 20:
-        sp_256_mont_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 21;
         break;
     case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -24090,22 +23983,71 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
-        }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
+{
+    __asm__ __volatile__ (
+        "ldrsw	x10, [%[p], #192]\n\t"
+        "ldrsw	x11, [%[q], #192]\n\t"
+        "ldp	x12, x13, [%[x], #0]\n\t"
+        "ldp	x14, x15, [%[x], #16]\n\t"
+        "ldp	x16, x17, [%[y], #0]\n\t"
+        "ldp	x19, x20, [%[y], #16]\n\t"
+        "ldp	x21, x22, [%[z], #0]\n\t"
+        "ldp	x23, x24, [%[z], #16]\n\t"
+        "bics	xzr, x11, x10\n\t"
+        "ldp	x25, x26, [%[p], #0]\n\t"
+        "ldp	x27, x28, [%[p], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #64]\n\t"
+        "ldp	x27, x28, [%[p], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #128]\n\t"
+        "ldp	x27, x28, [%[p], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "bics	xzr, x10, x11\n\t"
+        "and	x10, x10, x11\n\t"
+        "ldp	x25, x26, [%[q], #0]\n\t"
+        "ldp	x27, x28, [%[q], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #64]\n\t"
+        "ldp	x27, x28, [%[q], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #128]\n\t"
+        "ldp	x27, x28, [%[q], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "orr	x21, x21, x10\n\t"
+        "stp	x12, x13, [%[r], #0]\n\t"
+        "stp	x14, x15, [%[r], #16]\n\t"
+        "stp	x16, x17, [%[r], #64]\n\t"
+        "stp	x19, x20, [%[r], #80]\n\t"
+        "stp	x21, x22, [%[r], #128]\n\t"
+        "stp	x23, x24, [%[r], #144]\n\t"
+        "str	w10, [%[r], #192]\n\t"
+        :
+        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (ctx->x),
+          [y] "r" (ctx->y), [z] "r" (ctx->z)
+        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+          "cc"
+    );
+}
         ctx->state = 25;
         break;
     }
@@ -24163,16 +24105,16 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+        sp_256_mont_tpl_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
         x = r[j].x;
         /* X = A^2 - 2B */
         sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
         z = r[j].z;
@@ -24186,7 +24128,7 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
         sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(y, y, t1, p256_mod);
         /* Y = Y/2 */
-        sp_256_div2_4(r[j].y, y, p256_mod);
+        sp_256_mont_div2_4(r[j].y, y, p256_mod);
         r[j].infinity = 0;
     }
 }
@@ -24237,10 +24179,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
     sp_256_mont_mul_4(t4, t4, q->y, p256_mod, p256_mp_mod);
     /* H = U2 - U1 */
     sp_256_mont_sub_4(t2, t2, t1, p256_mod);
-    /* RS = S2 + S1 */
-    sp_256_mont_add_4(t6, t4, t3, p256_mod);
-    /* R = S2 - S1 */
-    sp_256_mont_sub_4(t4, t4, t3, p256_mod);
+    /* RS/R = S2 +/ S1 */
+    sp_256_mont_add_sub_4(t6, t4, t4, t3, p256_mod);
     /* Z3 = H*Z1*Z2 */
     /* ZS = H*Z1*Z2 */
     sp_256_mont_mul_4(za, za, q->z, p256_mod, p256_mp_mod);
@@ -24260,8 +24200,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
     sp_256_mont_sub_4(xs, xs, t1, p256_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_lower_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_lower_4(ya, ya, xa, p256_mod);
+    sp_256_mont_sub_4(ys, ya, xs, p256_mod);
+    sp_256_mont_sub_4(ya, ya, xa, p256_mod);
     sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
     sp_256_sub_4(t6, p256_mod, t6);
     sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -24345,42 +24285,69 @@ static void sp_256_ecc_recode_6_4(const sp_digit* k, ecc_recode_256* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_256_get_point_33_4(sp_point_256* r, const sp_point_256* table,
-    int idx)
+SP_NOINLINE static void sp_256_get_point_33_4(sp_point_256* r,
+    const sp_point_256* table, int idx)
 {
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    for (i = 1; i < 33; i++) {
-        mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-    }
+    __asm__ __volatile__ (
+        "mov	w30, #1\n\t"
+        "add	%[table], %[table], #200\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x15, x16, [%[table], #0]\n\t"
+        "ldp	x17, x19, [%[table], #16]\n\t"
+        "csel	x3, xzr, x15, ne\n\t"
+        "csel	x4, xzr, x16, ne\n\t"
+        "csel	x5, xzr, x17, ne\n\t"
+        "csel	x6, xzr, x19, ne\n\t"
+        "ldp	x15, x16, [%[table], #64]\n\t"
+        "ldp	x17, x19, [%[table], #80]\n\t"
+        "csel	x7, xzr, x15, ne\n\t"
+        "csel	x8, xzr, x16, ne\n\t"
+        "csel	x9, xzr, x17, ne\n\t"
+        "csel	x10, xzr, x19, ne\n\t"
+        "ldp	x15, x16, [%[table], #128]\n\t"
+        "ldp	x17, x19, [%[table], #144]\n\t"
+        "csel	x11, xzr, x15, ne\n\t"
+        "csel	x12, xzr, x16, ne\n\t"
+        "csel	x13, xzr, x17, ne\n\t"
+        "csel	x14, xzr, x19, ne\n\t"
+        "1:\n\t"
+        "add	%[table], %[table], #200\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x15, x16, [%[table], #0]\n\t"
+        "ldp	x17, x19, [%[table], #16]\n\t"
+        "csel	x3, x3, x15, ne\n\t"
+        "csel	x4, x4, x16, ne\n\t"
+        "csel	x5, x5, x17, ne\n\t"
+        "csel	x6, x6, x19, ne\n\t"
+        "ldp	x15, x16, [%[table], #64]\n\t"
+        "ldp	x17, x19, [%[table], #80]\n\t"
+        "csel	x7, x7, x15, ne\n\t"
+        "csel	x8, x8, x16, ne\n\t"
+        "csel	x9, x9, x17, ne\n\t"
+        "csel	x10, x10, x19, ne\n\t"
+        "ldp	x15, x16, [%[table], #128]\n\t"
+        "ldp	x17, x19, [%[table], #144]\n\t"
+        "csel	x11, x11, x15, ne\n\t"
+        "csel	x12, x12, x16, ne\n\t"
+        "csel	x13, x13, x17, ne\n\t"
+        "csel	x14, x14, x19, ne\n\t"
+        "cmp	w30, #33\n\t"
+        "b.ne	1b\n\t"
+        "stp	x3, x4, [%[r], #0]\n\t"
+        "stp	x5, x6, [%[r], #16]\n\t"
+        "stp	x7, x8, [%[r], #64]\n\t"
+        "stp	x9, x10, [%[r], #80]\n\t"
+        "stp	x11, x12, [%[r], #128]\n\t"
+        "stp	x13, x14, [%[r], #144]\n\t"
+       : [table] "+r" (table)
+       : [r] "r" (r), [idx] "r" (idx)
+       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+    );
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -24423,7 +24390,7 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 
+    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -24528,15 +24495,12 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
     return err;
 }
 
-#ifndef WC_NO_CACHE_RESISTANT
 /* A table entry for pre-computed points. */
 typedef struct sp_table_entry_256 {
     sp_digit x[4];
     sp_digit y[4];
 } sp_table_entry_256;
 
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 /* Add two Montgomery form projective points. The second point has a q value of
  * one.
  * Only the first point can be the same pointer as the result point.
@@ -24549,12 +24513,11 @@ typedef struct sp_table_entry_256 {
 static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*4;
+    sp_digit* t6 = t + 4*4;
+    sp_digit* t1 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -24570,13 +24533,9 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
         sp_256_proj_point_dbl_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
@@ -24585,35 +24544,87 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_4(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(x, t1, t5, p256_mod);
-        sp_256_mont_sub_dbl_4(x, x, t3, p256_mod);
+        sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_4(t3, t3, x, p256_mod);
         sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
-        }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
+        sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_4(y, t3, t1, p256_mod);
+{
+    __asm__ __volatile__ (
+        "ldrsw	x10, [%[p], #192]\n\t"
+        "ldrsw	x11, [%[q], #192]\n\t"
+        "ldp	x12, x13, [%[x], #0]\n\t"
+        "ldp	x14, x15, [%[x], #16]\n\t"
+        "ldp	x16, x17, [%[y], #0]\n\t"
+        "ldp	x19, x20, [%[y], #16]\n\t"
+        "ldp	x21, x22, [%[z], #0]\n\t"
+        "ldp	x23, x24, [%[z], #16]\n\t"
+        "bics	xzr, x11, x10\n\t"
+        "ldp	x25, x26, [%[p], #0]\n\t"
+        "ldp	x27, x28, [%[p], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #64]\n\t"
+        "ldp	x27, x28, [%[p], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[p], #128]\n\t"
+        "ldp	x27, x28, [%[p], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "bics	xzr, x10, x11\n\t"
+        "and	x10, x10, x11\n\t"
+        "ldp	x25, x26, [%[q], #0]\n\t"
+        "ldp	x27, x28, [%[q], #16]\n\t"
+        "csel	x12, x12, x25, eq\n\t"
+        "csel	x13, x13, x26, eq\n\t"
+        "csel	x14, x14, x27, eq\n\t"
+        "csel	x15, x15, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #64]\n\t"
+        "ldp	x27, x28, [%[q], #80]\n\t"
+        "csel	x16, x16, x25, eq\n\t"
+        "csel	x17, x17, x26, eq\n\t"
+        "csel	x19, x19, x27, eq\n\t"
+        "csel	x20, x20, x28, eq\n\t"
+        "ldp	x25, x26, [%[q], #128]\n\t"
+        "ldp	x27, x28, [%[q], #144]\n\t"
+        "csel	x21, x21, x25, eq\n\t"
+        "csel	x22, x22, x26, eq\n\t"
+        "csel	x23, x23, x27, eq\n\t"
+        "csel	x24, x24, x28, eq\n\t"
+        "orr	x21, x21, x10\n\t"
+        "stp	x12, x13, [%[r], #0]\n\t"
+        "stp	x14, x15, [%[r], #16]\n\t"
+        "stp	x16, x17, [%[r], #64]\n\t"
+        "stp	x19, x20, [%[r], #80]\n\t"
+        "stp	x21, x22, [%[r], #128]\n\t"
+        "stp	x23, x24, [%[r], #144]\n\t"
+        "str	w10, [%[r], #192]\n\t"
+        :
+        : [r] "r" (r), [p] "r" (p), [q] "r" (q), [x] "r" (x),
+          [y] "r" (y), [z] "r" (z)
+        : "memory", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17",
+          "x19", "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28",
+          "cc"
+    );
+}
     }
 }
 
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 #ifdef FP_ECC
 /* Convert the projective point to affine.
  * Ordinates are in Montgomery form.
@@ -24733,34 +24744,55 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_256_get_entry_64_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_64_4(sp_point_256* r,
     const sp_table_entry_256* table, int idx)
 {
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    for (i = 1; i < 64; i++) {
-        mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-    }
+    __asm__ __volatile__ (
+        "mov	w30, #1\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, xzr, x11, ne\n\t"
+        "csel	x4, xzr, x12, ne\n\t"
+        "csel	x5, xzr, x13, ne\n\t"
+        "csel	x6, xzr, x14, ne\n\t"
+        "csel	x7, xzr, x15, ne\n\t"
+        "csel	x8, xzr, x16, ne\n\t"
+        "csel	x9, xzr, x17, ne\n\t"
+        "csel	x10, xzr, x19, ne\n\t"
+        "1:\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, x3, x11, ne\n\t"
+        "csel	x4, x4, x12, ne\n\t"
+        "csel	x5, x5, x13, ne\n\t"
+        "csel	x6, x6, x14, ne\n\t"
+        "csel	x7, x7, x15, ne\n\t"
+        "csel	x8, x8, x16, ne\n\t"
+        "csel	x9, x9, x17, ne\n\t"
+        "csel	x10, x10, x19, ne\n\t"
+        "cmp	w30, #64\n\t"
+        "b.ne	1b\n\t"
+        "stp	x3, x4, [%[r], #0]\n\t"
+        "stp	x5, x6, [%[r], #16]\n\t"
+        "stp	x7, x8, [%[r], #64]\n\t"
+        "stp	x9, x10, [%[r], #80]\n\t"
+       : [table] "+r" (table)
+       : [r] "r" (r), [idx] "r" (idx)
+       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+    );
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -24788,7 +24820,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     sp_digit* t = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit t[2 * 4 * 6];
+    sp_digit t[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     int i;
@@ -24809,7 +24841,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                DYNAMIC_TYPE_ECC);
         if (t == NULL)
             err = MEMORY_E;
@@ -24913,7 +24945,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -24984,8 +25016,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -24993,13 +25025,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
 #ifdef WOLFSSL_SP_SMALL_STACK
     sp_digit* tmp;
 #else
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_cache_256_t* cache;
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
     if (tmp == NULL) {
         err = MEMORY_E;
     }
@@ -25141,34 +25173,55 @@ static int sp_256_gen_stripe_table_4(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_256_get_entry_256_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_256_4(sp_point_256* r,
     const sp_table_entry_256* table, int idx)
 {
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    for (i = 1; i < 256; i++) {
-        mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-    }
+    __asm__ __volatile__ (
+        "mov	w30, #1\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, xzr, x11, ne\n\t"
+        "csel	x4, xzr, x12, ne\n\t"
+        "csel	x5, xzr, x13, ne\n\t"
+        "csel	x6, xzr, x14, ne\n\t"
+        "csel	x7, xzr, x15, ne\n\t"
+        "csel	x8, xzr, x16, ne\n\t"
+        "csel	x9, xzr, x17, ne\n\t"
+        "csel	x10, xzr, x19, ne\n\t"
+        "1:\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, x3, x11, ne\n\t"
+        "csel	x4, x4, x12, ne\n\t"
+        "csel	x5, x5, x13, ne\n\t"
+        "csel	x6, x6, x14, ne\n\t"
+        "csel	x7, x7, x15, ne\n\t"
+        "csel	x8, x8, x16, ne\n\t"
+        "csel	x9, x9, x17, ne\n\t"
+        "csel	x10, x10, x19, ne\n\t"
+        "cmp	w30, #256\n\t"
+        "b.ne	1b\n\t"
+        "stp	x3, x4, [%[r], #0]\n\t"
+        "stp	x5, x6, [%[r], #16]\n\t"
+        "stp	x7, x8, [%[r], #64]\n\t"
+        "stp	x9, x10, [%[r], #80]\n\t"
+       : [table] "+r" (table)
+       : [r] "r" (r), [idx] "r" (idx)
+       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+    );
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -25196,7 +25249,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     sp_digit* t = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit t[2 * 4 * 6];
+    sp_digit t[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     int i;
@@ -25217,7 +25270,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                DYNAMIC_TYPE_ECC);
         if (t == NULL)
             err = MEMORY_E;
@@ -25321,7 +25374,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -25392,8 +25445,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -25401,13 +25454,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
 #ifdef WOLFSSL_SP_SMALL_STACK
     sp_digit* tmp;
 #else
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_cache_256_t* cache;
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
     if (tmp == NULL) {
         err = MEMORY_E;
     }
@@ -25510,7 +25563,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -25521,7 +25574,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -27319,34 +27372,55 @@ static void sp_256_ecc_recode_7_4(const sp_digit* k, ecc_recode_256* v)
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_256_get_entry_65_4(sp_point_256* r,
+SP_NOINLINE static void sp_256_get_entry_65_4(sp_point_256* r,
     const sp_table_entry_256* table, int idx)
 {
-    int i;
-    sp_digit mask;
-
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    for (i = 1; i < 65; i++) {
-        mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-    }
+    __asm__ __volatile__ (
+        "mov	w30, #1\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, xzr, x11, ne\n\t"
+        "csel	x4, xzr, x12, ne\n\t"
+        "csel	x5, xzr, x13, ne\n\t"
+        "csel	x6, xzr, x14, ne\n\t"
+        "csel	x7, xzr, x15, ne\n\t"
+        "csel	x8, xzr, x16, ne\n\t"
+        "csel	x9, xzr, x17, ne\n\t"
+        "csel	x10, xzr, x19, ne\n\t"
+        "1:\n\t"
+        "add	%[table], %[table], #64\n\t"
+        "cmp	%w[idx], w30\n\t"
+        "add	w30, w30, #1\n\t"
+        "ldp	x11, x12, [%[table], #0]\n\t"
+        "ldp	x13, x14, [%[table], #16]\n\t"
+        "ldp	x15, x16, [%[table], #32]\n\t"
+        "ldp	x17, x19, [%[table], #48]\n\t"
+        "csel	x3, x3, x11, ne\n\t"
+        "csel	x4, x4, x12, ne\n\t"
+        "csel	x5, x5, x13, ne\n\t"
+        "csel	x6, x6, x14, ne\n\t"
+        "csel	x7, x7, x15, ne\n\t"
+        "csel	x8, x8, x16, ne\n\t"
+        "csel	x9, x9, x17, ne\n\t"
+        "csel	x10, x10, x19, ne\n\t"
+        "cmp	w30, #65\n\t"
+        "b.ne	1b\n\t"
+        "stp	x3, x4, [%[r], #0]\n\t"
+        "stp	x5, x6, [%[r], #16]\n\t"
+        "stp	x7, x8, [%[r], #64]\n\t"
+        "stp	x9, x10, [%[r], #80]\n\t"
+       : [table] "+r" (table)
+       : [r] "r" (r), [idx] "r" (idx)
+       : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "w30", "cc"
+    );
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 static const sp_table_entry_256 p256_table[2405] = {
@@ -39328,7 +39402,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     sp_digit* tmp = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     sp_digit* negy = NULL;
@@ -39347,7 +39421,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                  DYNAMIC_TYPE_ECC);
         if (tmp == NULL)
             err = MEMORY_E;
@@ -39406,7 +39480,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     if (tmp != NULL)
 #endif
     {
-        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
     #ifdef WOLFSSL_SP_SMALL_STACK
         XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
     #endif
@@ -39493,7 +39567,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -39515,7 +39589,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -39611,7 +39685,7 @@ static void sp_256_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -39758,7 +39832,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -39766,7 +39840,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -40110,7 +40184,7 @@ static void sp_256_mul_d_4(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -40200,8 +40274,8 @@ static void sp_256_mask_4(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_256_div_4(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[8], t2[5];
     sp_digit div, r1;
@@ -40254,10 +40328,216 @@ static WC_INLINE int sp_256_mod_4(sp_digit* r, const sp_digit* a, const sp_digit
  * a  First operand of the multiplication.
  * b  Second operand of the multiplication.
  */
-static void sp_256_mont_mul_order_4(sp_digit* r, const sp_digit* a, const sp_digit* b)
+SP_NOINLINE static void sp_256_mont_mul_order_4(sp_digit* r,
+    const sp_digit* a, const sp_digit* b)
 {
-    sp_256_mul_4(r, a, b);
-    sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
+    __asm__ __volatile__ (
+        "ldp	x13, x14, [%[a], 0]\n\t"
+        "ldp	x15, x16, [%[a], 16]\n\t"
+        "ldp	x17, x19, [%[b], 0]\n\t"
+        "ldp	x20, x21, [%[b], 16]\n\t"
+        "# A[0] * B[0]\n\t"
+        "umulh	x6, x13, x17\n\t"
+        "mul	x5, x13, x17\n\t"
+        "# A[2] * B[0]\n\t"
+        "umulh	x8, x15, x17\n\t"
+        "mul	x7, x15, x17\n\t"
+        "# A[1] * B[0]\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "adc	x8, x8, xzr\n\t"
+        "# A[0] * B[2]\n\t"
+        "mul	x3, x13, x20\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x13, x20\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[1] * B[3]\n\t"
+        "mul	x9, x14, x21\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "umulh	x10, x14, x21\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[0] * B[1]\n\t"
+        "mul	x3, x13, x19\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x13, x19\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "# A[2] * B[1]\n\t"
+        "mul	x3, x15, x19\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "umulh	x4, x15, x19\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# A[1] * B[2]\n\t"
+        "mul	x3, x14, x20\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x20\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x10, x10, xzr\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[1] * B[1]\n\t"
+        "mul	x3, x14, x19\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x19\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# A[3] * B[1]\n\t"
+        "mul	x3, x16, x19\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x4, x16, x19\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "adc	x11, x11, xzr\n\t"
+        "# A[2] * B[2]\n\t"
+        "mul	x3, x15, x20\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x15, x20\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "# A[3] * B[3]\n\t"
+        "mul	x3, x16, x21\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "umulh	x12, x16, x21\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[0] * B[3]\n\t"
+        "mul	x3, x13, x21\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x13, x21\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[2] * B[3]\n\t"
+        "mul	x3, x15, x21\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x15, x21\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "# A[3] * B[0]\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# A[3] * B[2]\n\t"
+        "mul	x3, x16, x20\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x16, x20\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adc	x12, x12, xzr\n\t"
+        "ldp   x13, x14, [%[m], 0]\n\t"
+        "mov	x15, 0xffffffffffffffff\n\t"
+        "mov	x16, 0xffffffff00000000\n\t"
+        "# mu = a[0] * mp\n\t"
+        "mul	x17, %[mp], x5\n\t"
+        "# a[0+0] += m[0] * mu\n\t"
+        "mul	x3, x13, x17\n\t"
+        "adds	x5, x5, x3\n\t"
+        "umulh	x4, x13, x17\n\t"
+        "adcs	x6, x6, x4\n\t"
+        "# a[0+2] += m[2] * mu\n\t"
+        "mul	x3, x15, x17\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "umulh	x4, x15, x17\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "adcs	x9, x9, xzr\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "# a[0+1] += m[1] * mu\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "# a[0+3] += m[3] * mu\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# mu = a[1] * mp\n\t"
+        "mul	x17, %[mp], x6\n\t"
+        "adc	x19, x19, xzr\n\t"
+        "# a[1+0] += m[0] * mu\n\t"
+        "mul	x3, x13, x17\n\t"
+        "adds	x6, x6, x3\n\t"
+        "umulh	x4, x13, x17\n\t"
+        "adcs	x7, x7, x4\n\t"
+        "# a[1+2] += m[2] * mu\n\t"
+        "mul	x3, x15, x17\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "umulh	x4, x15, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "adcs	x10, x10, x19\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "# a[1+1] += m[1] * mu\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# a[1+3] += m[3] * mu\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "# mu = a[2] * mp\n\t"
+        "mul	x17, %[mp], x7\n\t"
+        "adc	x19, x19, xzr\n\t"
+        "# a[2+0] += m[0] * mu\n\t"
+        "mul	x3, x13, x17\n\t"
+        "adds	x7, x7, x3\n\t"
+        "umulh	x4, x13, x17\n\t"
+        "adcs	x8, x8, x4\n\t"
+        "# a[2+2] += m[2] * mu\n\t"
+        "mul	x3, x15, x17\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x4, x15, x17\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "adcs	x11, x11, x19\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "# a[2+1] += m[1] * mu\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# a[2+3] += m[3] * mu\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "# mu = a[3] * mp\n\t"
+        "mul	x17, %[mp], x8\n\t"
+        "adc	x19, x19, xzr\n\t"
+        "# a[3+0] += m[0] * mu\n\t"
+        "mul	x3, x13, x17\n\t"
+        "adds	x8, x8, x3\n\t"
+        "umulh	x4, x13, x17\n\t"
+        "adcs	x9, x9, x4\n\t"
+        "# a[3+2] += m[2] * mu\n\t"
+        "mul	x3, x15, x17\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "umulh	x4, x15, x17\n\t"
+        "adcs	x11, x11, x4\n\t"
+        "adcs	x12, x12, x19\n\t"
+        "adc	x19, xzr, xzr\n\t"
+        "# a[3+1] += m[1] * mu\n\t"
+        "mul	x3, x14, x17\n\t"
+        "adds	x9, x9, x3\n\t"
+        "umulh	x4, x14, x17\n\t"
+        "adcs	x10, x10, x4\n\t"
+        "# a[3+3] += m[3] * mu\n\t"
+        "mul	x3, x16, x17\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "umulh	x4, x16, x17\n\t"
+        "adcs	x12, x12, x4\n\t"
+        "# x15 == -1\n\t"
+        "adcs	x19, x19, x15\n\t"
+        "csel	x13, x13, xzr, cs\n\t"
+        "csel	x14, x14, xzr, cs\n\t"
+        "csel	x15, x15, xzr, cs\n\t"
+        "csel	x16, x16, xzr, cs\n\t"
+        "subs	x9, x9, x13\n\t"
+        "sbcs	x10, x10, x14\n\t"
+        "sbcs	x11, x11, x15\n\t"
+        "stp	x9, x10, [%[r], 0]\n\t"
+        "sbc	x12, x12, x16\n\t"
+        "stp	x11, x12, [%[r], 16]\n\t"
+        :
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (p256_order),
+          [mp] "r" (p256_mp_order)
+        : "memory", "x3", "x4", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "cc"
+    );
 }
 
 #if defined(HAVE_ECC_SIGN) || (defined(HAVE_ECC_VERIFY) && defined(WOLFSSL_SP_SMALL))
@@ -40267,11 +40547,6 @@ static const uint64_t p256_order_minus_2[4] = {
     0xf3b9cac2fc63254fU,0xbce6faada7179e84U,0xffffffffffffffffU,
     0xffffffff00000000U
 };
-#else
-/* The low half of the order-2 of the P256 curve. */
-static const sp_int_digit p256_order_low[2] = {
-    0xf3b9cac2fc63254fU,0xbce6faada7179e84U
-};
 #endif /* WOLFSSL_SP_SMALL */
 
 /* Square number mod the order of P256 curve. (r = a * a mod order)
@@ -40279,10 +40554,184 @@ static const sp_int_digit p256_order_low[2] = {
  * r  Result of the squaring.
  * a  Number to square.
  */
-static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a)
+SP_NOINLINE static void sp_256_mont_sqr_order_4(sp_digit* r,
+    const sp_digit* a)
 {
-    sp_256_sqr_4(r, a);
-    sp_256_mont_reduce_order_4(r, p256_order, p256_mp_order);
+    __asm__ __volatile__ (
+        "ldp	x12, x13, [%[a], 0]\n\t"
+        "ldp	x14, x15, [%[a], 16]\n\t"
+        "# A[0] * A[1]\n\t"
+        "umulh	x6, x12, x13\n\t"
+        "mul	x5, x12, x13\n\t"
+        "# A[0] * A[3]\n\t"
+        "umulh	x8, x12, x15\n\t"
+        "mul	x7, x12, x15\n\t"
+        "# A[0] * A[2]\n\t"
+        "mul	x2, x12, x14\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# A[1] * A[3]\n\t"
+        "mul	x2, x13, x15\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x9, x13, x15\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "# A[1] * A[2]\n\t"
+        "mul	x2, x13, x14\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x14\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# A[2] * A[3]\n\t"
+        "mul	x2, x14, x15\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x10, x14, x15\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# Double\n\t"
+        "adds	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adcs	x7, x7, x7\n\t"
+        "adcs	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
+        "adcs	x10, x10, x10\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[0] * A[0]\n\t"
+        "umulh	x3, x12, x12\n\t"
+        "mul	x4, x12, x12\n\t"
+        "# A[1] * A[1]\n\t"
+        "mul	x2, x13, x13\n\t"
+        "adds	x5, x5, x3\n\t"
+        "umulh	x3, x13, x13\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "# A[2] * A[2]\n\t"
+        "mul	x2, x14, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "umulh	x3, x14, x14\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "# A[3] * A[3]\n\t"
+        "mul	x2, x15, x15\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x3, x15, x15\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "adc	x11, x11, x3\n\t"
+        "ldp   x12, x13, [%[m], 0]\n\t"
+        "mov	x14, 0xffffffffffffffff\n\t"
+        "mov	x15, 0xffffffff00000000\n\t"
+        "# mu = a[0] * mp\n\t"
+        "mul	x16, %[mp], x4\n\t"
+        "# a[0+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x4, x4, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x5, x5, x3\n\t"
+        "# a[0+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[0+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x5, x5, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x6, x6, x3\n\t"
+        "# a[0+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x7, x7, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# mu = a[1] * mp\n\t"
+        "mul	x16, %[mp], x5\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[1+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x5, x5, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x6, x6, x3\n\t"
+        "# a[1+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x7, x7, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "adcs	x9, x9, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[1+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# a[1+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "# mu = a[2] * mp\n\t"
+        "mul	x16, %[mp], x6\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[2+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# a[2+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "adcs	x10, x10, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[2+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# a[2+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "# mu = a[3] * mp\n\t"
+        "mul	x16, %[mp], x7\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[3+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# a[3+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "adcs	x11, x11, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[3+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x8, x8, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "# a[3+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "# x14 == -1\n\t"
+        "adcs	x17, x17, x14\n\t"
+        "csel	x12, x12, xzr, cs\n\t"
+        "csel	x13, x13, xzr, cs\n\t"
+        "csel	x14, x14, xzr, cs\n\t"
+        "csel	x15, x15, xzr, cs\n\t"
+        "subs	x8, x8, x12\n\t"
+        "sbcs	x9, x9, x13\n\t"
+        "sbcs	x10, x10, x14\n\t"
+        "stp	x8, x9, [%[r], 0]\n\t"
+        "sbc	x11, x11, x15\n\t"
+        "stp	x10, x11, [%[r], 16]\n\t"
+        :
+        : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
+          [mp] "r" (p256_mp_order)
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
+    );
 }
 
 #ifndef WOLFSSL_SP_SMALL
@@ -40292,14 +40741,188 @@ static void sp_256_mont_sqr_order_4(sp_digit* r, const sp_digit* a)
  * r  Result of the squaring.
  * a  Number to square.
  */
-static void sp_256_mont_sqr_n_order_4(sp_digit* r, const sp_digit* a, int n)
+SP_NOINLINE static void sp_256_mont_sqr_n_order_4(sp_digit* r,
+    const sp_digit* a, int n)
 {
-    int i;
 
-    sp_256_mont_sqr_order_4(r, a);
-    for (i=1; i<n; i++) {
-        sp_256_mont_sqr_order_4(r, r);
-    }
+    __asm__ __volatile__ (
+        "ldp	x12, x13, [%[a], 0]\n\t"
+        "ldp	x14, x15, [%[a], 16]\n\t"
+        "1:\n\t"
+        "# A[0] * A[1]\n\t"
+        "umulh	x6, x12, x13\n\t"
+        "mul	x5, x12, x13\n\t"
+        "# A[0] * A[3]\n\t"
+        "umulh	x8, x12, x15\n\t"
+        "mul	x7, x12, x15\n\t"
+        "# A[0] * A[2]\n\t"
+        "mul	x2, x12, x14\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# A[1] * A[3]\n\t"
+        "mul	x2, x13, x15\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x9, x13, x15\n\t"
+        "adc	x9, x9, xzr\n\t"
+        "# A[1] * A[2]\n\t"
+        "mul	x2, x13, x14\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x14\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# A[2] * A[3]\n\t"
+        "mul	x2, x14, x15\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x10, x14, x15\n\t"
+        "adc	x10, x10, xzr\n\t"
+        "# Double\n\t"
+        "adds	x5, x5, x5\n\t"
+        "adcs	x6, x6, x6\n\t"
+        "adcs	x7, x7, x7\n\t"
+        "adcs	x8, x8, x8\n\t"
+        "adcs	x9, x9, x9\n\t"
+        "adcs	x10, x10, x10\n\t"
+        "adc	x11, xzr, xzr\n\t"
+        "# A[0] * A[0]\n\t"
+        "umulh	x3, x12, x12\n\t"
+        "mul	x4, x12, x12\n\t"
+        "# A[1] * A[1]\n\t"
+        "mul	x2, x13, x13\n\t"
+        "adds	x5, x5, x3\n\t"
+        "umulh	x3, x13, x13\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "# A[2] * A[2]\n\t"
+        "mul	x2, x14, x14\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "umulh	x3, x14, x14\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "# A[3] * A[3]\n\t"
+        "mul	x2, x15, x15\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "umulh	x3, x15, x15\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "adc	x11, x11, x3\n\t"
+        "ldp   x12, x13, [%[m], 0]\n\t"
+        "mov	x14, 0xffffffffffffffff\n\t"
+        "mov	x15, 0xffffffff00000000\n\t"
+        "# mu = a[0] * mp\n\t"
+        "mul	x16, %[mp], x4\n\t"
+        "# a[0+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x4, x4, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x5, x5, x3\n\t"
+        "# a[0+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x6, x6, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "adcs	x8, x8, xzr\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[0+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x5, x5, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x6, x6, x3\n\t"
+        "# a[0+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x7, x7, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# mu = a[1] * mp\n\t"
+        "mul	x16, %[mp], x5\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[1+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x5, x5, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x6, x6, x3\n\t"
+        "# a[1+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x7, x7, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "adcs	x9, x9, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[1+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# a[1+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "# mu = a[2] * mp\n\t"
+        "mul	x16, %[mp], x6\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[2+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x6, x6, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x7, x7, x3\n\t"
+        "# a[2+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x8, x8, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "adcs	x10, x10, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[2+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# a[2+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "# mu = a[3] * mp\n\t"
+        "mul	x16, %[mp], x7\n\t"
+        "adc	x17, x17, xzr\n\t"
+        "# a[3+0] += m[0] * mu\n\t"
+        "mul	x2, x12, x16\n\t"
+        "adds	x7, x7, x2\n\t"
+        "umulh	x3, x12, x16\n\t"
+        "adcs	x8, x8, x3\n\t"
+        "# a[3+2] += m[2] * mu\n\t"
+        "mul	x2, x14, x16\n\t"
+        "adcs	x9, x9, x2\n\t"
+        "umulh	x3, x14, x16\n\t"
+        "adcs	x10, x10, x3\n\t"
+        "adcs	x11, x11, x17\n\t"
+        "adc	x17, xzr, xzr\n\t"
+        "# a[3+1] += m[1] * mu\n\t"
+        "mul	x2, x13, x16\n\t"
+        "adds	x8, x8, x2\n\t"
+        "umulh	x3, x13, x16\n\t"
+        "adcs	x9, x9, x3\n\t"
+        "# a[3+3] += m[3] * mu\n\t"
+        "mul	x2, x15, x16\n\t"
+        "adcs	x10, x10, x2\n\t"
+        "umulh	x3, x15, x16\n\t"
+        "adcs	x11, x11, x3\n\t"
+        "# x14 == -1\n\t"
+        "adcs	x17, x17, x14\n\t"
+        "csel	x12, x12, xzr, cs\n\t"
+        "csel	x13, x13, xzr, cs\n\t"
+        "csel	x14, x14, xzr, cs\n\t"
+        "csel	x15, x15, xzr, cs\n\t"
+        "subs	x12, x8, x12\n\t"
+        "sbcs	x13, x9, x13\n\t"
+        "sbcs	x14, x10, x14\n\t"
+        "sbc	x15, x11, x15\n\t"
+        "subs	%w[n], %w[n], #1\n\t"
+        "b.ne	1b\n\t"
+        "stp	x12, x13, [%[r], 0]\n\t"
+        "stp	x14, x15, [%[r], 16]\n\t"
+        : [n] "+r" (n)
+        : [r] "r" (r), [a] "r" (a), [m] "r" (p256_order),
+          [mp] "r" (p256_mp_order)
+        : "memory", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "cc"
+    );
 }
 #endif /* !WOLFSSL_SP_SMALL */
 
@@ -40370,77 +40993,109 @@ static void sp_256_mont_inv_order_4(sp_digit* r, const sp_digit* a,
     sp_digit* t = td;
     sp_digit* t2 = td + 2 * 4;
     sp_digit* t3 = td + 4 * 4;
-    int i;
-
-    /* t = a^2 */
-    sp_256_mont_sqr_order_4(t, a);
-    /* t = a^3 = t * a */
-    sp_256_mont_mul_order_4(t, t, a);
-    /* t2= a^c = t ^ 2 ^ 2 */
-    sp_256_mont_sqr_n_order_4(t2, t, 2);
-    /* t3= a^f = t2 * t */
-    sp_256_mont_mul_order_4(t3, t2, t);
-    /* t2= a^f0 = t3 ^ 2 ^ 4 */
-    sp_256_mont_sqr_n_order_4(t2, t3, 4);
-    /* t = a^ff = t2 * t3 */
-    sp_256_mont_mul_order_4(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    sp_digit* t5 = td + 6 * 4;
+    sp_digit* t7 = td + 8 * 4;
+    sp_digit* t15 = td + 10 * 4;
+
+    /* t2 = a^2 */
+    sp_256_mont_sqr_order_4(t2, a);
+    /* t3 = a^3 = t * a */
+    sp_256_mont_mul_order_4(t3, t2, a);
+    /* t5 = a^5 = t3 * t2 */
+    sp_256_mont_mul_order_4(t5, t3, t2);
+    /* t7 = a^6 = t3 ^ 2 */
+    sp_256_mont_sqr_order_4(t7, t3);
+    /* t7 = a^7 = t7 * a */
+    sp_256_mont_mul_order_4(t7, t7, a);
+    /* t2 = a^c = t3 ^ 2 */
+    sp_256_mont_sqr_order_4(t2, t7);
+    /* t15= a^f = t2 * t3 */
+    sp_256_mont_mul_order_4(t15, t2, a);
+    /* t2 = a^f0 = t15 ^ 2 ^ 4 */
+    sp_256_mont_sqr_n_order_4(t2, t15, 4);
+    /* t  = a^ff = t2 * t15 */
+    sp_256_mont_mul_order_4(t, t2, t15);
+    /* t15= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_4(t2, t, 8);
-    /* t = a^ffff = t2 * t */
+    /* t  = a^ffff = t2 * t */
     sp_256_mont_mul_order_4(t, t2, t);
-    /* t2= a^ffff0000 = t ^ 2 ^ 16 */
+    /* t2 = a^ffff0000 = t ^ 2 ^ 16 */
     sp_256_mont_sqr_n_order_4(t2, t, 16);
-    /* t = a^ffffffff = t2 * t */
+    /* t  = a^ffffffff = t2 * t */
     sp_256_mont_mul_order_4(t, t2, t);
-    /* t2= a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
+    /* t2 = a^ffffffff0000000000000000 = t ^ 2 ^ 64  */
     sp_256_mont_sqr_n_order_4(t2, t, 64);
-    /* t2= a^ffffffff00000000ffffffff = t2 * t */
+    /* t2 = a^ffffffff00000000ffffffff = t2 * t */
     sp_256_mont_mul_order_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
+    /* t2 = a^ffffffff00000000ffffffff00000000 = t2 ^ 2 ^ 32  */
     sp_256_mont_sqr_n_order_4(t2, t2, 32);
-    /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
+    /* t2 = a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_4(t2, t2, t);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6f */
+
+    /* ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
+    sp_256_mont_sqr_order_4(t2, t2);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t7);
     sp_256_mont_sqr_n_order_4(t2, t2, 4);
     sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84 */
-    for (i=107; i>=64; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f */
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 3);
+    sp_256_mont_mul_order_4(t2, t2, t5);
     sp_256_mont_sqr_n_order_4(t2, t2, 4);
+    sp_256_mont_mul_order_4(t2, t2, t5);
+    sp_256_mont_sqr_n_order_4(t2, t2, 3);
     sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2 */
-    for (i=59; i>=32; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2f */
-    sp_256_mont_sqr_n_order_4(t2, t2, 4);
+    sp_256_mont_sqr_n_order_4(t2, t2, 3);
     sp_256_mont_mul_order_4(t2, t2, t3);
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254 */
-    for (i=27; i>=0; i--) {
-        sp_256_mont_sqr_order_4(t2, t2);
-        if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
-            sp_256_mont_mul_order_4(t2, t2, a);
-        }
-    }
-    /* t2= a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632540 */
+    sp_256_mont_sqr_n_order_4(t2, t2, 2);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t7);
+    sp_256_mont_sqr_n_order_4(t2, t2, 4);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 6);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 2);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 6);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t7);
     sp_256_mont_sqr_n_order_4(t2, t2, 4);
-    /* r = a^ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc63254f */
-    sp_256_mont_mul_order_4(r, t2, t3);
+    sp_256_mont_mul_order_4(t2, t2, t7);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t7);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t5);
+    sp_256_mont_sqr_n_order_4(t2, t2, 3);
+    sp_256_mont_mul_order_4(t2, t2, t3);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t15);
+    sp_256_mont_sqr_n_order_4(t2, t2, 2);
+    sp_256_mont_mul_order_4(t2, t2, t3);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t3);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t3);
+    sp_256_mont_sqr_n_order_4(t2, t2, 3);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 5);
+    sp_256_mont_mul_order_4(t2, t2, t5);
+    sp_256_mont_sqr_n_order_4(t2, t2, 2);
+    sp_256_mont_mul_order_4(t2, t2, a);
+    sp_256_mont_sqr_n_order_4(t2, t2, 6);
+    sp_256_mont_mul_order_4(r, t2, t15);
+    /* Multiplications: 31 */
 #endif /* WOLFSSL_SP_SMALL */
 }
 
@@ -40526,7 +41181,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
     sp_digit* e = NULL;
     sp_point_256* point = NULL;
 #else
-    sp_digit e[7 * 2 * 4];
+    sp_digit e[10 * 2 * 4];
     sp_point_256 point[1];
 #endif
     sp_digit* x = NULL;
@@ -40548,7 +41203,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
             err = MEMORY_E;
     }
     if (err == MP_OKAY) {
-        e = (sp_digit*)XMALLOC(sizeof(sp_digit) * 7 * 2 * 4, heap,
+        e = (sp_digit*)XMALLOC(sizeof(sp_digit) * 10 * 2 * 4, heap,
                                DYNAMIC_TYPE_ECC);
         if (e == NULL)
             err = MEMORY_E;
@@ -40623,7 +41278,7 @@ int sp_ecc_sign_256(const byte* hash, word32 hashLen, WC_RNG* rng,
     if (e != NULL)
 #endif
     {
-        ForceZero(e, sizeof(sp_digit) * 7 * 2 * 4);
+        ForceZero(e, sizeof(sp_digit) * 10 * 2 * 4);
     #ifdef WOLFSSL_SP_SMALL_STACK
         XFREE(e, heap, DYNAMIC_TYPE_ECC);
     #endif
@@ -40652,7 +41307,7 @@ typedef struct sp_ecc_sign_256_ctx {
     sp_digit x[2*4];
     sp_digit k[2*4];
     sp_digit r[2*4];
-    sp_digit tmp[3 * 2*4];
+    sp_digit tmp[6 * 2*4];
     sp_point_256 point;
     sp_digit* s;
     sp_digit* kInv;
@@ -40797,7 +41452,7 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
         XMEMSET(ctx->x, 0, sizeof(sp_digit) * 2U * 4U);
         XMEMSET(ctx->k, 0, sizeof(sp_digit) * 2U * 4U);
         XMEMSET(ctx->r, 0, sizeof(sp_digit) * 2U * 4U);
-        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 3U * 2U * 4U);
+        XMEMSET(ctx->tmp, 0, sizeof(sp_digit) * 6U * 2U * 4U);
     }
 
     return err;
@@ -41104,7 +41759,7 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -41428,7 +42083,51 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Add two Montgomery form numbers (r = a + b % m).
+ *
+ * r   Result of addition.
+ * a   First number to add in Montgomery form.
+ * b   Second number to add in Montgomery form.
+ * m   Modulus (prime).
+ */
+SP_NOINLINE static void sp_256_mont_add_4(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
+{
+    __asm__ __volatile__ (
+        "ldp	x4, x5, [%[a], 0]\n\t"
+        "ldp	x6, x7, [%[a], 16]\n\t"
+        "ldp	x8, x9, [%[b], 0]\n\t"
+        "ldp	x10, x11, [%[b], 16]\n\t"
+        "adds	x4, x4, x8\n\t"
+        "adcs	x5, x5, x9\n\t"
+        "adcs	x6, x6, x10\n\t"
+        "adcs	x7, x7, x11\n\t"
+        "csetm	x14, cs\n\t"
+        "subs	x4, x4, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "sbcs	x5, x5, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "sbcs	x6, x6, xzr\n\t"
+        "sbcs	x7, x7, x13\n\t"
+        "sbc	x13, xzr, xzr\n\t"
+        "sub	x14, x14, x13\n\t"
+        "subs	x4, x4, x14\n\t"
+        "lsr	x12, x14, 32\n\t"
+        "sbcs	x5, x5, x12\n\t"
+        "sub	x13, xzr, x12\n\t"
+        "sbcs	x6, x6, xzr\n\t"
+        "stp	x4, x5, [%[r],0]\n\t"
+        "sbc	x7, x7, x13\n\t"
+        "stp	x6, x7, [%[r],16]\n\t"
+        :
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
+        : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "cc"
+    );
+
+    (void)m;
+}
+
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -41456,19 +42155,21 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 4;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_4(t1, point->y);
         (void)sp_256_mod_4(t1, t1, p256_mod);
         sp_256_sqr_4(t2, point->x);
         (void)sp_256_mod_4(t2, t2, p256_mod);
         sp_256_mul_4(t2, t2, point->x);
         (void)sp_256_mod_4(t2, t2, p256_mod);
-        (void)sp_256_sub_4(t2, p256_mod, t2);
-        sp_256_mont_add_4(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_4(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_4(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -41482,7 +42183,7 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -42443,87 +43144,87 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
         "ldp       x19, x20, [%[a], 16]\n\t"
         "ldp       x21, x22, [%[a], 32]\n\t"
         "#  A[0] * A[1]\n\t"
-        "mul	x6, x16, x17\n\t"
-        "umulh	x7, x16, x17\n\t"
+        "mul       x6, x16, x17\n\t"
+        "umulh     x7, x16, x17\n\t"
         "#  A[0] * A[2]\n\t"
-        "mul	x4, x16, x19\n\t"
-        "umulh	x5, x16, x19\n\t"
-        "adds	x7, x7, x4\n\t"
+        "mul       x4, x16, x19\n\t"
+        "umulh     x5, x16, x19\n\t"
+        "adds  x7, x7, x4\n\t"
         "#  A[0] * A[3]\n\t"
-        "mul	x4, x16, x20\n\t"
-        "adc	x8, xzr, x5\n\t"
-        "umulh	x5, x16, x20\n\t"
-        "adds	x8, x8, x4\n\t"
+        "mul       x4, x16, x20\n\t"
+        "adc   x8, xzr, x5\n\t"
+        "umulh     x5, x16, x20\n\t"
+        "adds  x8, x8, x4\n\t"
         "#  A[1] * A[2]\n\t"
-        "mul	x4, x17, x19\n\t"
-        "adc	x9, xzr, x5\n\t"
-        "umulh	x5, x17, x19\n\t"
-        "adds	x8, x8, x4\n\t"
+        "mul       x4, x17, x19\n\t"
+        "adc   x9, xzr, x5\n\t"
+        "umulh     x5, x17, x19\n\t"
+        "adds  x8, x8, x4\n\t"
         "#  A[0] * A[4]\n\t"
-        "mul	x4, x16, x21\n\t"
-        "adcs	x9, x9, x5\n\t"
-        "umulh	x5, x16, x21\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        "adds	x9, x9, x4\n\t"
+        "mul       x4, x16, x21\n\t"
+        "adcs   x9, x9, x5\n\t"
+        "umulh     x5, x16, x21\n\t"
+        "adc     x10, xzr, xzr\n\t"
+        "adds  x9, x9, x4\n\t"
         "#  A[1] * A[3]\n\t"
-        "mul	x4, x17, x20\n\t"
-        "adc	x10, x10, x5\n\t"
-        "umulh	x5, x17, x20\n\t"
-        "adds	x9, x9, x4\n\t"
+        "mul       x4, x17, x20\n\t"
+        "adc   x10, x10, x5\n\t"
+        "umulh     x5, x17, x20\n\t"
+        "adds  x9, x9, x4\n\t"
         "#  A[0] * A[5]\n\t"
-        "mul	x4, x16, x22\n\t"
-        "adcs	x10, x10, x5\n\t"
-        "umulh	x5, x16, x22\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x16, x22\n\t"
+        "adcs   x10, x10, x5\n\t"
+        "umulh     x5, x16, x22\n\t"
+        "adc     x11, xzr, xzr\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[1] * A[4]\n\t"
-        "mul	x4, x17, x21\n\t"
-        "adc	x11, x11, x5\n\t"
-        "umulh	x5, x17, x21\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x17, x21\n\t"
+        "adc   x11, x11, x5\n\t"
+        "umulh     x5, x17, x21\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[2] * A[3]\n\t"
-        "mul	x4, x19, x20\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x5, x19, x20\n\t"
-        "adc	x12, xzr, xzr\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x19, x20\n\t"
+        "adcs   x11, x11, x5\n\t"
+        "umulh     x5, x19, x20\n\t"
+        "adc     x12, xzr, xzr\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[1] * A[5]\n\t"
-        "mul	x4, x17, x22\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x5, x17, x22\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "adds	x11, x11, x4\n\t"
+        "mul       x4, x17, x22\n\t"
+        "adcs   x11, x11, x5\n\t"
+        "umulh     x5, x17, x22\n\t"
+        "adc     x12, x12, xzr\n\t"
+        "adds  x11, x11, x4\n\t"
         "#  A[2] * A[4]\n\t"
-        "mul	x4, x19, x21\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x19, x21\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        "adds	x11, x11, x4\n\t"
+        "mul       x4, x19, x21\n\t"
+        "adcs   x12, x12, x5\n\t"
+        "umulh     x5, x19, x21\n\t"
+        "adc     x13, xzr, xzr\n\t"
+        "adds  x11, x11, x4\n\t"
         "#  A[2] * A[5]\n\t"
-        "mul	x4, x19, x22\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x19, x22\n\t"
-        "adc	x13, x13, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x19, x22\n\t"
+        "adcs   x12, x12, x5\n\t"
+        "umulh     x5, x19, x22\n\t"
+        "adc     x13, x13, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[3] * A[4]\n\t"
-        "mul	x4, x20, x21\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x20, x21\n\t"
-        "adc	x14, xzr, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x20, x21\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x20, x21\n\t"
+        "adc     x14, xzr, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[3] * A[5]\n\t"
-        "mul	x4, x20, x22\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x20, x22\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x13, x13, x4\n\t"
+        "mul       x4, x20, x22\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x20, x22\n\t"
+        "adc     x14, x14, xzr\n\t"
+        "adds  x13, x13, x4\n\t"
         "#  A[4] * A[5]\n\t"
-        "mul	x4, x21, x22\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "umulh	x5, x21, x22\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        "adds	x14, x14, x4\n\t"
-        "adc	x15, x15, x5\n\t"
+        "mul       x4, x21, x22\n\t"
+        "adcs   x14, x14, x5\n\t"
+        "umulh     x5, x21, x22\n\t"
+        "adc     x15, xzr, xzr\n\t"
+        "adds  x14, x14, x4\n\t"
+        "adc   x15, x15, x5\n\t"
         "# Double\n\t"
         "adds	x6, x6, x6\n\t"
         "adcs	x7, x7, x7\n\t"
@@ -42535,34 +43236,34 @@ static void sp_384_sqr_6(sp_digit* r, const sp_digit* a)
         "adcs	x13, x13, x13\n\t"
         "adcs	x14, x14, x14\n\t"
         "#  A[0] * A[0]\n\t"
-        "mul	x5, x16, x16\n\t"
+        "mul       x5, x16, x16\n\t"
         "adcs	x15, x15, x15\n\t"
-        "umulh	x2, x16, x16\n\t"
+        "umulh     x2, x16, x16\n\t"
         "cset  x16, cs\n\t"
         "#  A[1] * A[1]\n\t"
-        "mul	x3, x17, x17\n\t"
+        "mul       x3, x17, x17\n\t"
         "adds	x6, x6, x2\n\t"
-        "umulh	x4, x17, x17\n\t"
+        "umulh     x4, x17, x17\n\t"
         "adcs	x7, x7, x3\n\t"
         "#  A[2] * A[2]\n\t"
-        "mul	x2, x19, x19\n\t"
+        "mul       x2, x19, x19\n\t"
         "adcs	x8, x8, x4\n\t"
-        "umulh	x3, x19, x19\n\t"
+        "umulh     x3, x19, x19\n\t"
         "adcs	x9, x9, x2\n\t"
         "#  A[3] * A[3]\n\t"
-        "mul	x4, x20, x20\n\t"
+        "mul       x4, x20, x20\n\t"
         "adcs	x10, x10, x3\n\t"
-        "umulh	x2, x20, x20\n\t"
+        "umulh     x2, x20, x20\n\t"
         "adcs	x11, x11, x4\n\t"
         "#  A[4] * A[4]\n\t"
-        "mul	x3, x21, x21\n\t"
+        "mul       x3, x21, x21\n\t"
         "adcs	x12, x12, x2\n\t"
-        "umulh	x4, x21, x21\n\t"
+        "umulh     x4, x21, x21\n\t"
         "adcs	x13, x13, x3\n\t"
         "#  A[5] * A[5]\n\t"
-        "mul	x2, x22, x22\n\t"
+        "mul       x2, x22, x22\n\t"
         "adcs	x14, x14, x4\n\t"
-        "umulh	x3, x22, x22\n\t"
+        "umulh     x3, x22, x22\n\t"
         "adcs	x15, x15, x2\n\t"
         "stp	x5, x6, [%[r], 0]\n\t"
         "adc	x16, x16, x3\n\t"
@@ -42606,7 +43307,7 @@ static sp_digit sp_384_add_6(sp_digit* r, const sp_digit* a,
         "adcs	x4, x4, x8\n\t"
         "str	x3, [%[r], 32]\n\t"
         "str	x4, [%[r], 40]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -42773,14 +43474,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -43193,7 +43894,7 @@ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit*
         "umulh	x8, x10, x9\n\t"
         "adds	x6, x6, x7\n\t"
         "adcs	x8, x8, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x16, x17, x6\n\t"
         "ldr	x17, [%[a], 48]\n\t"
         "adcs	x17, x17, x8\n\t"
@@ -43238,7 +43939,7 @@ SP_NOINLINE static void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit*
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -43252,7 +43953,7 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -43268,10 +43969,10 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_6(r, a, m, mp);
     for (; n > 1; n--) {
@@ -43559,8 +44260,8 @@ static void sp_384_map_6(sp_point_384* r, const sp_point_384* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     sp_digit o;
 
@@ -43574,7 +44275,8 @@ static void sp_384_mont_add_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     sp_digit o;
 
@@ -43588,7 +44290,8 @@ static void sp_384_mont_dbl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_tpl_6(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     sp_digit o;
 
@@ -43686,8 +44389,8 @@ static sp_digit sp_384_cond_add_6(sp_digit* r, const sp_digit* a, const sp_digit
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     sp_digit o;
 
@@ -43695,7 +44398,6 @@ static void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
     sp_384_cond_add_6(r, r, m, o);
 }
 
-#define sp_384_mont_sub_lower_6 sp_384_mont_sub_6
 static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a)
 {
     __asm__ __volatile__ (
@@ -43723,7 +44425,8 @@ static void sp_384_rshift1_6(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_384_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     sp_digit o;
 
@@ -43776,7 +44479,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_6(t2, t2, p384_mod);
+    sp_384_mont_div2_6(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -43786,7 +44489,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_6(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+    sp_384_mont_sub_6(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -43809,7 +44512,8 @@ typedef struct sp_384_proj_point_dbl_6_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
@@ -43883,7 +44587,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_6(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -43908,7 +44612,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -43933,8 +44637,6 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_384_mont_dbl_lower_6 sp_384_mont_dbl_6
-#define sp_384_mont_tpl_lower_6 sp_384_mont_tpl_6
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -43973,7 +44675,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+        sp_384_mont_tpl_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -43982,8 +44684,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
         sp_384_mont_dbl_6(t2, b, p384_mod);
         sp_384_mont_sub_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+        sp_384_mont_sub_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -44003,7 +44705,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+    sp_384_mont_tpl_6(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -44012,8 +44714,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     sp_384_mont_dbl_6(t2, b, p384_mod);
     sp_384_mont_sub_6(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+    sp_384_mont_sub_6(t2, b, x, p384_mod);
+    sp_384_mont_dbl_6(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -44023,7 +44725,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     sp_384_mont_sub_6(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_6(y, y, p384_mod);
+    sp_384_mont_div2_6(y, y, p384_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -44061,12 +44763,12 @@ static int sp_384_iszero_6(const sp_digit* a)
 static void sp_384_proj_point_add_6(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*6;
+    sp_digit* t2 = t + 4*6;
+    sp_digit* t3 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -44088,17 +44790,9 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
         sp_384_proj_point_dbl_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_6(t2, t2, t1, p384_mod);
@@ -44117,20 +44811,31 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
         sp_384_mont_dbl_6(t3, y, p384_mod);
         sp_384_mont_sub_6(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+        sp_384_mont_sub_6(y, y, x, p384_mod);
         sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(y, y, t5, p384_mod);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -44176,12 +44881,12 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->t3 = t + 4*6;
-        ctx->t4 = t + 6*6;
-        ctx->t5 = t + 8*6;
-        ctx->t6 = t + 10*6;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*6;
+        ctx->t2 = t + 4*6;
+        ctx->t3 = t + 6*6;
+        ctx->t4 = t + 8*6;
+        ctx->t5 = t + 10*6;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -44288,7 +44993,7 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -44301,22 +45006,28 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -44375,7 +45086,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+        sp_384_mont_tpl_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -44385,8 +45096,8 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         sp_384_mont_dbl_6(t2, b, p384_mod);
         sp_384_mont_sub_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+        sp_384_mont_sub_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
         z = r[j].z;
@@ -44400,7 +45111,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(y, y, t1, p384_mod);
         /* Y = Y/2 */
-        sp_384_div2_6(r[j].y, y, p384_mod);
+        sp_384_mont_div2_6(r[j].y, y, p384_mod);
         r[j].infinity = 0;
     }
 }
@@ -44474,8 +45185,8 @@ static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
     sp_384_mont_sub_6(xs, xs, t1, p384_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_lower_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_lower_6(ya, ya, xa, p384_mod);
+    sp_384_mont_sub_6(ys, ya, xs, p384_mod);
+    sp_384_mont_sub_6(ya, ya, xa, p384_mod);
     sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
     sp_384_sub_6(t6, p384_mod, t6);
     sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -44559,54 +45270,73 @@ static void sp_384_ecc_recode_6_6(const sp_digit* k, ecc_recode_384* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_384_get_point_33_6(sp_point_384* r, const sp_point_384* table,
-    int idx)
+SP_NOINLINE static void sp_384_get_point_33_6(sp_point_384* r,
+    const sp_point_384* table, int idx)
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
+    sp_digit z0 = 0;
+    sp_digit z1 = 0;
+    sp_digit z2 = 0;
+    sp_digit z3 = 0;
+    sp_digit z4 = 0;
+    sp_digit z5 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
     for (i = 1; i < 33; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+        z0 |= mask & table[i].z[0];
+        z1 |= mask & table[i].z[1];
+        z2 |= mask & table[i].z[2];
+        z3 |= mask & table[i].z[3];
+        z4 |= mask & table[i].z[4];
+        z5 |= mask & table[i].z[5];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
+    r->z[0] = z0;
+    r->z[1] = z1;
+    r->z[2] = z2;
+    r->z[3] = z3;
+    r->z[4] = z4;
+    r->z[5] = z5;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -44649,7 +45379,7 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 
+    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -44754,15 +45484,12 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
     return err;
 }
 
-#ifndef WC_NO_CACHE_RESISTANT
 /* A table entry for pre-computed points. */
 typedef struct sp_table_entry_384 {
     sp_digit x[6];
     sp_digit y[6];
 } sp_table_entry_384;
 
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 /* Add two Montgomery form projective points. The second point has a q value of
  * one.
  * Only the first point can be the same pointer as the result point.
@@ -44775,12 +45502,12 @@ typedef struct sp_table_entry_384 {
 static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*6;
+    sp_digit* t6 = t + 4*6;
+    sp_digit* t1 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -44796,13 +45523,9 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
         sp_384_proj_point_dbl_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
@@ -44811,36 +45534,46 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_6(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_6(t1, t3, p384_mod);
-        sp_384_mont_sub_6(x, x, t1, p384_mod);
+        sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_6(t5, t3, p384_mod);
+        sp_384_mont_sub_6(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_6(t3, t3, x, p384_mod);
+        sp_384_mont_sub_6(t3, t3, x, p384_mod);
         sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_6(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 #ifdef FP_ECC
 /* Convert the projective point to affine.
  * Ordinates are in Montgomery form.
@@ -44960,7 +45693,7 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_64_6(sp_point_384* r,
@@ -44968,34 +45701,47 @@ static void sp_384_get_entry_64_6(sp_point_384* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
     for (i = 1; i < 64; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -45148,7 +45894,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -45219,8 +45965,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -45376,7 +46122,7 @@ static int sp_384_gen_stripe_table_6(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_6(sp_point_384* r,
@@ -45384,34 +46130,47 @@ static void sp_384_get_entry_256_6(sp_point_384* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
     for (i = 1; i < 256; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -45564,7 +46323,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -45635,8 +46394,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -45753,7 +46512,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -45764,7 +46523,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -47562,7 +48321,7 @@ static void sp_384_ecc_recode_7_6(const sp_digit* k, ecc_recode_384* v)
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_65_6(sp_point_384* r,
@@ -47570,34 +48329,47 @@ static void sp_384_get_entry_65_6(sp_point_384* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
     for (i = 1; i < 65; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 static const sp_table_entry_384 p384_table[3575] = {
@@ -65558,7 +66330,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -65580,7 +66352,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -65680,7 +66452,7 @@ static void sp_384_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -65827,7 +66599,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -65835,7 +66607,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -66242,7 +67014,7 @@ static void sp_384_mul_d_6(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -66334,8 +67106,8 @@ static void sp_384_mask_6(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_384_div_6(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[12], t2[7];
     sp_digit div, r1;
@@ -67036,7 +67808,7 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_384_cmp_6(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
             sp_384_sub_6(u, u, v);
             o = sp_384_sub_6(b, b, d);
             if (o != 0)
@@ -67111,7 +67883,7 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -67435,7 +68207,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -67463,19 +68235,21 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 6;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_6(t1, point->y);
         (void)sp_384_mod_6(t1, t1, p384_mod);
         sp_384_sqr_6(t2, point->x);
         (void)sp_384_mod_6(t2, t2, p384_mod);
         sp_384_mul_6(t2, t2, point->x);
         (void)sp_384_mod_6(t2, t2, p384_mod);
-        (void)sp_384_sub_6(t2, p384_mod, t2);
-        sp_384_mont_add_6(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_6(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_6(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -67489,7 +68263,7 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -69156,7 +69930,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         "adds	%[c], %[c], #-1\n\t"
@@ -69164,7 +69938,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
         "ldr	x7, [%[b]], #8\n\t"
         "adcs	x3, x3, x7\n\t"
         "str	x3, [%[r]], #8\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
@@ -69208,7 +69982,7 @@ static sp_digit sp_521_add_9(sp_digit* r, const sp_digit* a,
         "ldr	x7, [%[b], 64]\n\t"
         "adcs	x3, x3, x7\n\t"
         "str	x3, [%[r], 64]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -69828,7 +70602,7 @@ static void sp_521_mul_d_9(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -70039,8 +70813,8 @@ static sp_int64 sp_521_cmp_9(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_521_div_9(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[19];
     sp_digit t2[10];
@@ -70115,14 +70889,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -70365,7 +71139,7 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, sp_digit m)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
         const sp_digit* m, sp_digit mp)
@@ -70948,7 +71722,7 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a, const
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m,
         sp_digit mp)
@@ -71385,10 +72159,10 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_9(r, a, m, mp);
     for (; n > 1; n--) {
@@ -71584,7 +72358,7 @@ SP_NOINLINE static void sp_521_mont_reduce_9(sp_digit* a, const sp_digit* m,
         "umulh	x8, x11, x9\n\t"
         "adds	x5, x5, x7\n\t"
         "adcs	x8, x8, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x21, x22, x5\n\t"
         "ldr	x22, [%[a], 72]\n\t"
         "adcs	x22, x22, x8\n\t"
@@ -71687,8 +72461,8 @@ static void sp_521_map_9(sp_point_521* r, const sp_point_521* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x4, x5, [%[a], 0]\n\t"
@@ -71727,9 +72501,11 @@ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
         "stp	x10, x11, [%[r], 48]\n\t"
         "str	x12, [%[r], 64]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
         : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
     );
+
+    (void)m;
 }
 
 /* Double a Montgomery form number (r = a + a % m).
@@ -71738,7 +72514,8 @@ static void sp_521_mont_add_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x4, x5, [%[a], 0]\n\t"
@@ -71772,9 +72549,11 @@ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
         "stp	x10, x11, [%[r], 48]\n\t"
         "str	x12, [%[r], 64]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
+        : [r] "r" (r), [a] "r" (a)
         : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "cc"
     );
+
+    (void)m;
 }
 
 /* Triple a Montgomery form number (r = a + a + a % m).
@@ -71783,7 +72562,8 @@ static void sp_521_mont_dbl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x4, x5, [%[a], 0]\n\t"
@@ -71826,9 +72606,11 @@ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
         "stp	x20, x21, [%[r], 48]\n\t"
         "str	x22, [%[r], 64]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
+        : [r] "r" (r), [a] "r" (a)
         : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
     );
+
+    (void)m;
 }
 
 /* Subtract two Montgomery form numbers (r = a - b % m).
@@ -71838,8 +72620,8 @@ static void sp_521_mont_tpl_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp	x4, x5, [%[a], 0]\n\t"
@@ -71879,12 +72661,13 @@ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
         "stp	x10, x11, [%[r], 48]\n\t"
         "str	x12, [%[r], 64]\n\t"
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
+        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
         : "memory", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x19", "x20", "x21", "x22", "cc"
     );
+
+    (void)m;
 }
 
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
 #ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
@@ -72019,7 +72802,8 @@ static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     sp_digit o;
 
@@ -72072,7 +72856,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_9(t2, t2, p521_mod);
+    sp_521_mont_div2_9(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -72082,7 +72866,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_9(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+    sp_521_mont_sub_9(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -72105,7 +72889,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -72179,7 +72964,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -72204,7 +72989,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -72229,8 +73014,6 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -72269,7 +73052,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72278,8 +73061,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -72299,7 +73082,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+    sp_521_mont_tpl_9(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72308,8 +73091,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_dbl_9(t2, b, p521_mod);
     sp_521_mont_sub_9(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+    sp_521_mont_sub_9(t2, b, x, p521_mod);
+    sp_521_mont_dbl_9(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -72319,7 +73102,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_sub_9(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_9(y, y, p521_mod);
+    sp_521_mont_div2_9(y, y, p521_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -72359,12 +73142,12 @@ static int sp_521_iszero_9(const sp_digit* a)
 static void sp_521_proj_point_add_9(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*9;
+    sp_digit* t2 = t + 4*9;
+    sp_digit* t3 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -72386,17 +73169,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -72415,20 +73190,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_mont_dbl_9(t3, y, p521_mod);
         sp_521_mont_sub_9(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+        sp_521_mont_sub_9(y, y, x, p521_mod);
         sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t5, p521_mod);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -72474,12 +73260,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->t3 = t + 4*9;
-        ctx->t4 = t + 6*9;
-        ctx->t5 = t + 8*9;
-        ctx->t6 = t + 10*9;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*9;
+        ctx->t2 = t + 4*9;
+        ctx->t3 = t + 6*9;
+        ctx->t4 = t + 8*9;
+        ctx->t5 = t + 10*9;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -72586,7 +73372,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -72599,22 +73385,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -72673,7 +73465,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -72683,8 +73475,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
         z = r[j].z;
@@ -72698,7 +73490,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t1, p521_mod);
         /* Y = Y/2 */
-        sp_521_div2_9(r[j].y, y, p521_mod);
+        sp_521_mont_div2_9(r[j].y, y, p521_mod);
         r[j].infinity = 0;
     }
 }
@@ -72772,8 +73564,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
     sp_521_mont_sub_9(xs, xs, t1, p521_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
     sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
     sp_521_sub_9(t6, p521_mod, t6);
     sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -72857,72 +73649,100 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
-static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table,
-    int idx)
+SP_NOINLINE static void sp_521_get_point_33_9(sp_point_521* r,
+    const sp_point_521* table, int idx)
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit x6 = 0;
+    sp_digit x7 = 0;
+    sp_digit x8 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
+    sp_digit y6 = 0;
+    sp_digit y7 = 0;
+    sp_digit y8 = 0;
+    sp_digit z0 = 0;
+    sp_digit z1 = 0;
+    sp_digit z2 = 0;
+    sp_digit z3 = 0;
+    sp_digit z4 = 0;
+    sp_digit z5 = 0;
+    sp_digit z6 = 0;
+    sp_digit z7 = 0;
+    sp_digit z8 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
-    r->z[0] = 0;
-    r->z[1] = 0;
-    r->z[2] = 0;
-    r->z[3] = 0;
-    r->z[4] = 0;
-    r->z[5] = 0;
-    r->z[6] = 0;
-    r->z[7] = 0;
-    r->z[8] = 0;
     for (i = 1; i < 33; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-        r->z[0] |= mask & table[i].z[0];
-        r->z[1] |= mask & table[i].z[1];
-        r->z[2] |= mask & table[i].z[2];
-        r->z[3] |= mask & table[i].z[3];
-        r->z[4] |= mask & table[i].z[4];
-        r->z[5] |= mask & table[i].z[5];
-        r->z[6] |= mask & table[i].z[6];
-        r->z[7] |= mask & table[i].z[7];
-        r->z[8] |= mask & table[i].z[8];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        x6 |= mask & table[i].x[6];
+        x7 |= mask & table[i].x[7];
+        x8 |= mask & table[i].x[8];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+        y6 |= mask & table[i].y[6];
+        y7 |= mask & table[i].y[7];
+        y8 |= mask & table[i].y[8];
+        z0 |= mask & table[i].z[0];
+        z1 |= mask & table[i].z[1];
+        z2 |= mask & table[i].z[2];
+        z3 |= mask & table[i].z[3];
+        z4 |= mask & table[i].z[4];
+        z5 |= mask & table[i].z[5];
+        z6 |= mask & table[i].z[6];
+        z7 |= mask & table[i].z[7];
+        z8 |= mask & table[i].z[8];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->x[6] = x6;
+    r->x[7] = x7;
+    r->x[8] = x8;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
+    r->y[6] = y6;
+    r->y[7] = y7;
+    r->y[8] = y8;
+    r->z[0] = z0;
+    r->z[1] = z1;
+    r->z[2] = z2;
+    r->z[3] = z3;
+    r->z[4] = z4;
+    r->z[5] = z5;
+    r->z[6] = z6;
+    r->z[7] = z7;
+    r->z[8] = z8;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -72965,7 +73785,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 
+    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -73070,15 +73890,12 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
     return err;
 }
 
-#ifndef WC_NO_CACHE_RESISTANT
 /* A table entry for pre-computed points. */
 typedef struct sp_table_entry_521 {
     sp_digit x[9];
     sp_digit y[9];
 } sp_table_entry_521;
 
-#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
-#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 /* Add two Montgomery form projective points. The second point has a q value of
  * one.
  * Only the first point can be the same pointer as the result point.
@@ -73091,12 +73908,12 @@ typedef struct sp_table_entry_521 {
 static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*9;
+    sp_digit* t6 = t + 4*9;
+    sp_digit* t1 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -73112,13 +73929,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -73127,36 +73940,46 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_9(t1, t3, p521_mod);
-        sp_521_mont_sub_9(x, x, t1, p521_mod);
+        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_9(t5, t3, p521_mod);
+        sp_521_mont_sub_9(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+        sp_521_mont_sub_9(t3, t3, x, p521_mod);
         sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
+#ifndef WC_NO_CACHE_RESISTANT
+#if defined(FP_ECC) || defined(WOLFSSL_SP_SMALL)
+#endif /* FP_ECC | WOLFSSL_SP_SMALL */
 #ifdef FP_ECC
 /* Convert the projective point to affine.
  * Ordinates are in Montgomery form.
@@ -73276,7 +74099,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_64_9(sp_point_521* r,
@@ -73284,46 +74107,65 @@ static void sp_521_get_entry_64_9(sp_point_521* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit x6 = 0;
+    sp_digit x7 = 0;
+    sp_digit x8 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
+    sp_digit y6 = 0;
+    sp_digit y7 = 0;
+    sp_digit y8 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
     for (i = 1; i < 64; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        x6 |= mask & table[i].x[6];
+        x7 |= mask & table[i].x[7];
+        x8 |= mask & table[i].x[8];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+        y6 |= mask & table[i].y[6];
+        y7 |= mask & table[i].y[7];
+        y8 |= mask & table[i].y[8];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->x[6] = x6;
+    r->x[7] = x7;
+    r->x[8] = x8;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
+    r->y[6] = y6;
+    r->y[7] = y7;
+    r->y[8] = y8;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -73476,7 +74318,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -73547,8 +74389,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -73704,7 +74546,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_9(sp_point_521* r,
@@ -73712,46 +74554,65 @@ static void sp_521_get_entry_256_9(sp_point_521* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit x6 = 0;
+    sp_digit x7 = 0;
+    sp_digit x8 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
+    sp_digit y6 = 0;
+    sp_digit y7 = 0;
+    sp_digit y8 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
     for (i = 1; i < 256; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        x6 |= mask & table[i].x[6];
+        x7 |= mask & table[i].x[7];
+        x8 |= mask & table[i].x[8];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+        y6 |= mask & table[i].y[6];
+        y7 |= mask & table[i].y[7];
+        y8 |= mask & table[i].y[8];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->x[6] = x6;
+    r->x[7] = x7;
+    r->x[8] = x8;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
+    r->y[6] = y6;
+    r->y[7] = y7;
+    r->y[8] = y8;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 /* Multiply the point by the scalar and return the result.
@@ -73904,7 +74765,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -73975,8 +74836,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -74093,7 +74954,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -74104,7 +74965,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -76538,7 +77399,7 @@ static void sp_521_ecc_recode_7_9(const sp_digit* k, ecc_recode_521* v)
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_65_9(sp_point_521* r,
@@ -76546,46 +77407,65 @@ static void sp_521_get_entry_65_9(sp_point_521* r,
 {
     int i;
     sp_digit mask;
+    sp_digit x0 = 0;
+    sp_digit x1 = 0;
+    sp_digit x2 = 0;
+    sp_digit x3 = 0;
+    sp_digit x4 = 0;
+    sp_digit x5 = 0;
+    sp_digit x6 = 0;
+    sp_digit x7 = 0;
+    sp_digit x8 = 0;
+    sp_digit y0 = 0;
+    sp_digit y1 = 0;
+    sp_digit y2 = 0;
+    sp_digit y3 = 0;
+    sp_digit y4 = 0;
+    sp_digit y5 = 0;
+    sp_digit y6 = 0;
+    sp_digit y7 = 0;
+    sp_digit y8 = 0;
 
-    r->x[0] = 0;
-    r->x[1] = 0;
-    r->x[2] = 0;
-    r->x[3] = 0;
-    r->x[4] = 0;
-    r->x[5] = 0;
-    r->x[6] = 0;
-    r->x[7] = 0;
-    r->x[8] = 0;
-    r->y[0] = 0;
-    r->y[1] = 0;
-    r->y[2] = 0;
-    r->y[3] = 0;
-    r->y[4] = 0;
-    r->y[5] = 0;
-    r->y[6] = 0;
-    r->y[7] = 0;
-    r->y[8] = 0;
     for (i = 1; i < 65; i++) {
         mask = 0 - (i == idx);
-        r->x[0] |= mask & table[i].x[0];
-        r->x[1] |= mask & table[i].x[1];
-        r->x[2] |= mask & table[i].x[2];
-        r->x[3] |= mask & table[i].x[3];
-        r->x[4] |= mask & table[i].x[4];
-        r->x[5] |= mask & table[i].x[5];
-        r->x[6] |= mask & table[i].x[6];
-        r->x[7] |= mask & table[i].x[7];
-        r->x[8] |= mask & table[i].x[8];
-        r->y[0] |= mask & table[i].y[0];
-        r->y[1] |= mask & table[i].y[1];
-        r->y[2] |= mask & table[i].y[2];
-        r->y[3] |= mask & table[i].y[3];
-        r->y[4] |= mask & table[i].y[4];
-        r->y[5] |= mask & table[i].y[5];
-        r->y[6] |= mask & table[i].y[6];
-        r->y[7] |= mask & table[i].y[7];
-        r->y[8] |= mask & table[i].y[8];
-    }
+        x0 |= mask & table[i].x[0];
+        x1 |= mask & table[i].x[1];
+        x2 |= mask & table[i].x[2];
+        x3 |= mask & table[i].x[3];
+        x4 |= mask & table[i].x[4];
+        x5 |= mask & table[i].x[5];
+        x6 |= mask & table[i].x[6];
+        x7 |= mask & table[i].x[7];
+        x8 |= mask & table[i].x[8];
+        y0 |= mask & table[i].y[0];
+        y1 |= mask & table[i].y[1];
+        y2 |= mask & table[i].y[2];
+        y3 |= mask & table[i].y[3];
+        y4 |= mask & table[i].y[4];
+        y5 |= mask & table[i].y[5];
+        y6 |= mask & table[i].y[6];
+        y7 |= mask & table[i].y[7];
+        y8 |= mask & table[i].y[8];
+    }
+
+    r->x[0] = x0;
+    r->x[1] = x1;
+    r->x[2] = x2;
+    r->x[3] = x3;
+    r->x[4] = x4;
+    r->x[5] = x5;
+    r->x[6] = x6;
+    r->x[7] = x7;
+    r->x[8] = x8;
+    r->y[0] = y0;
+    r->y[1] = y1;
+    r->y[2] = y2;
+    r->y[3] = y3;
+    r->y[4] = y4;
+    r->y[5] = y5;
+    r->y[6] = y6;
+    r->y[7] = y7;
+    r->y[8] = y8;
 }
 #endif /* !WC_NO_CACHE_RESISTANT */
 static const sp_table_entry_521 p521_table[4875] = {
@@ -110606,7 +111486,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -110628,7 +111508,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -110736,7 +111616,7 @@ static void sp_521_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -110884,7 +111764,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -110892,7 +111772,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -111862,7 +112742,7 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_521_cmp_9(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
             sp_521_sub_9(u, u, v);
             o = sp_521_sub_9(b, b, d);
             if (o != 0)
@@ -111940,7 +112820,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -112271,7 +113151,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -112299,19 +113179,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 9;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_9(t1, point->y);
         (void)sp_521_mod_9(t1, t1, p521_mod);
         sp_521_sqr_9(t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
         sp_521_mul_9(t2, t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
-        (void)sp_521_sub_9(t2, p521_mod, t2);
-        sp_521_mont_add_9(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_9(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -112325,7 +113207,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -113256,165 +114138,165 @@ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a)
         "ldp       x25, x26, [%[a], 32]\n\t"
         "ldp       x27, x28, [%[a], 48]\n\t"
         "#  A[0] * A[1]\n\t"
-        "mul	x6, x21, x22\n\t"
-        "umulh	x7, x21, x22\n\t"
+        "mul       x6, x21, x22\n\t"
+        "umulh     x7, x21, x22\n\t"
         "#  A[0] * A[2]\n\t"
-        "mul	x4, x21, x23\n\t"
-        "umulh	x5, x21, x23\n\t"
-        "adds	x7, x7, x4\n\t"
+        "mul       x4, x21, x23\n\t"
+        "umulh     x5, x21, x23\n\t"
+        "adds  x7, x7, x4\n\t"
         "#  A[0] * A[3]\n\t"
-        "mul	x4, x21, x24\n\t"
-        "adc	x8, xzr, x5\n\t"
-        "umulh	x5, x21, x24\n\t"
-        "adds	x8, x8, x4\n\t"
+        "mul       x4, x21, x24\n\t"
+        "adc   x8, xzr, x5\n\t"
+        "umulh     x5, x21, x24\n\t"
+        "adds  x8, x8, x4\n\t"
         "#  A[1] * A[2]\n\t"
-        "mul	x4, x22, x23\n\t"
-        "adc	x9, xzr, x5\n\t"
-        "umulh	x5, x22, x23\n\t"
-        "adds	x8, x8, x4\n\t"
+        "mul       x4, x22, x23\n\t"
+        "adc   x9, xzr, x5\n\t"
+        "umulh     x5, x22, x23\n\t"
+        "adds  x8, x8, x4\n\t"
         "#  A[0] * A[4]\n\t"
-        "mul	x4, x21, x25\n\t"
-        "adcs	x9, x9, x5\n\t"
-        "umulh	x5, x21, x25\n\t"
-        "adc	x10, xzr, xzr\n\t"
-        "adds	x9, x9, x4\n\t"
+        "mul       x4, x21, x25\n\t"
+        "adcs   x9, x9, x5\n\t"
+        "umulh     x5, x21, x25\n\t"
+        "adc     x10, xzr, xzr\n\t"
+        "adds  x9, x9, x4\n\t"
         "#  A[1] * A[3]\n\t"
-        "mul	x4, x22, x24\n\t"
-        "adc	x10, x10, x5\n\t"
-        "umulh	x5, x22, x24\n\t"
-        "adds	x9, x9, x4\n\t"
+        "mul       x4, x22, x24\n\t"
+        "adc   x10, x10, x5\n\t"
+        "umulh     x5, x22, x24\n\t"
+        "adds  x9, x9, x4\n\t"
         "#  A[0] * A[5]\n\t"
-        "mul	x4, x21, x26\n\t"
-        "adcs	x10, x10, x5\n\t"
-        "umulh	x5, x21, x26\n\t"
-        "adc	x11, xzr, xzr\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x21, x26\n\t"
+        "adcs   x10, x10, x5\n\t"
+        "umulh     x5, x21, x26\n\t"
+        "adc     x11, xzr, xzr\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[1] * A[4]\n\t"
-        "mul	x4, x22, x25\n\t"
-        "adc	x11, x11, x5\n\t"
-        "umulh	x5, x22, x25\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x22, x25\n\t"
+        "adc   x11, x11, x5\n\t"
+        "umulh     x5, x22, x25\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[2] * A[3]\n\t"
-        "mul	x4, x23, x24\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x5, x23, x24\n\t"
-        "adc	x12, xzr, xzr\n\t"
-        "adds	x10, x10, x4\n\t"
+        "mul       x4, x23, x24\n\t"
+        "adcs   x11, x11, x5\n\t"
+        "umulh     x5, x23, x24\n\t"
+        "adc     x12, xzr, xzr\n\t"
+        "adds  x10, x10, x4\n\t"
         "#  A[0] * A[6]\n\t"
-        "mul	x4, x21, x27\n\t"
-        "adcs	x11, x11, x5\n\t"
-        "umulh	x5, x21, x27\n\t"
-        "adc	x12, x12, xzr\n\t"
-        "adds	x11, x11, x4\n\t"
+        "mul       x4, x21, x27\n\t"
+        "adcs   x11, x11, x5\n\t"
+        "umulh     x5, x21, x27\n\t"
+        "adc     x12, x12, xzr\n\t"
+        "adds  x11, x11, x4\n\t"
         "#  A[1] * A[5]\n\t"
-        "mul	x4, x22, x26\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x22, x26\n\t"
-        "adc	x13, xzr, xzr\n\t"
-        "adds	x11, x11, x4\n\t"
+        "mul       x4, x22, x26\n\t"
+        "adcs   x12, x12, x5\n\t"
+        "umulh     x5, x22, x26\n\t"
+        "adc     x13, xzr, xzr\n\t"
+        "adds  x11, x11, x4\n\t"
         "#  A[2] * A[4]\n\t"
-        "mul	x4, x23, x25\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x23, x25\n\t"
-        "adc	x13, x13, xzr\n\t"
-        "adds	x11, x11, x4\n\t"
+        "mul       x4, x23, x25\n\t"
+        "adcs   x12, x12, x5\n\t"
+        "umulh     x5, x23, x25\n\t"
+        "adc     x13, x13, xzr\n\t"
+        "adds  x11, x11, x4\n\t"
         "#  A[0] * A[7]\n\t"
-        "mul	x4, x21, x28\n\t"
-        "adcs	x12, x12, x5\n\t"
-        "umulh	x5, x21, x28\n\t"
-        "adc	x13, x13, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x21, x28\n\t"
+        "adcs   x12, x12, x5\n\t"
+        "umulh     x5, x21, x28\n\t"
+        "adc     x13, x13, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[1] * A[6]\n\t"
-        "mul	x4, x22, x27\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x22, x27\n\t"
-        "adc	x14, xzr, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x22, x27\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x22, x27\n\t"
+        "adc     x14, xzr, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[2] * A[5]\n\t"
-        "mul	x4, x23, x26\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x23, x26\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x23, x26\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x23, x26\n\t"
+        "adc     x14, x14, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[3] * A[4]\n\t"
-        "mul	x4, x24, x25\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x24, x25\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x12, x12, x4\n\t"
+        "mul       x4, x24, x25\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x24, x25\n\t"
+        "adc     x14, x14, xzr\n\t"
+        "adds  x12, x12, x4\n\t"
         "#  A[1] * A[7]\n\t"
-        "mul	x4, x22, x28\n\t"
-        "adcs	x13, x13, x5\n\t"
-        "umulh	x5, x22, x28\n\t"
-        "adc	x14, x14, xzr\n\t"
-        "adds	x13, x13, x4\n\t"
+        "mul       x4, x22, x28\n\t"
+        "adcs   x13, x13, x5\n\t"
+        "umulh     x5, x22, x28\n\t"
+        "adc     x14, x14, xzr\n\t"
+        "adds  x13, x13, x4\n\t"
         "#  A[2] * A[6]\n\t"
-        "mul	x4, x23, x27\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "umulh	x5, x23, x27\n\t"
-        "adc	x15, xzr, xzr\n\t"
-        "adds	x13, x13, x4\n\t"
+        "mul       x4, x23, x27\n\t"
+        "adcs   x14, x14, x5\n\t"
+        "umulh     x5, x23, x27\n\t"
+        "adc     x15, xzr, xzr\n\t"
+        "adds  x13, x13, x4\n\t"
         "#  A[3] * A[5]\n\t"
-        "mul	x4, x24, x26\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "umulh	x5, x24, x26\n\t"
-        "adc	x15, x15, xzr\n\t"
-        "adds	x13, x13, x4\n\t"
+        "mul       x4, x24, x26\n\t"
+        "adcs   x14, x14, x5\n\t"
+        "umulh     x5, x24, x26\n\t"
+        "adc     x15, x15, xzr\n\t"
+        "adds  x13, x13, x4\n\t"
         "#  A[2] * A[7]\n\t"
-        "mul	x4, x23, x28\n\t"
-        "adcs	x14, x14, x5\n\t"
-        "umulh	x5, x23, x28\n\t"
-        "adc	x15, x15, xzr\n\t"
-        "adds	x14, x14, x4\n\t"
+        "mul       x4, x23, x28\n\t"
+        "adcs   x14, x14, x5\n\t"
+        "umulh     x5, x23, x28\n\t"
+        "adc     x15, x15, xzr\n\t"
+        "adds  x14, x14, x4\n\t"
         "#  A[3] * A[6]\n\t"
-        "mul	x4, x24, x27\n\t"
-        "adcs	x15, x15, x5\n\t"
-        "umulh	x5, x24, x27\n\t"
-        "adc	x16, xzr, xzr\n\t"
-        "adds	x14, x14, x4\n\t"
+        "mul       x4, x24, x27\n\t"
+        "adcs   x15, x15, x5\n\t"
+        "umulh     x5, x24, x27\n\t"
+        "adc     x16, xzr, xzr\n\t"
+        "adds  x14, x14, x4\n\t"
         "#  A[4] * A[5]\n\t"
-        "mul	x4, x25, x26\n\t"
-        "adcs	x15, x15, x5\n\t"
-        "umulh	x5, x25, x26\n\t"
-        "adc	x16, x16, xzr\n\t"
-        "adds	x14, x14, x4\n\t"
+        "mul       x4, x25, x26\n\t"
+        "adcs   x15, x15, x5\n\t"
+        "umulh     x5, x25, x26\n\t"
+        "adc     x16, x16, xzr\n\t"
+        "adds  x14, x14, x4\n\t"
         "#  A[3] * A[7]\n\t"
-        "mul	x4, x24, x28\n\t"
-        "adcs	x15, x15, x5\n\t"
-        "umulh	x5, x24, x28\n\t"
-        "adc	x16, x16, xzr\n\t"
-        "adds	x15, x15, x4\n\t"
+        "mul       x4, x24, x28\n\t"
+        "adcs   x15, x15, x5\n\t"
+        "umulh     x5, x24, x28\n\t"
+        "adc     x16, x16, xzr\n\t"
+        "adds  x15, x15, x4\n\t"
         "#  A[4] * A[6]\n\t"
-        "mul	x4, x25, x27\n\t"
-        "adcs	x16, x16, x5\n\t"
-        "umulh	x5, x25, x27\n\t"
-        "adc	x17, xzr, xzr\n\t"
-        "adds	x15, x15, x4\n\t"
+        "mul       x4, x25, x27\n\t"
+        "adcs   x16, x16, x5\n\t"
+        "umulh     x5, x25, x27\n\t"
+        "adc     x17, xzr, xzr\n\t"
+        "adds  x15, x15, x4\n\t"
         "#  A[4] * A[7]\n\t"
-        "mul	x4, x25, x28\n\t"
-        "adcs	x16, x16, x5\n\t"
-        "umulh	x5, x25, x28\n\t"
-        "adc	x17, x17, xzr\n\t"
-        "adds	x16, x16, x4\n\t"
+        "mul       x4, x25, x28\n\t"
+        "adcs   x16, x16, x5\n\t"
+        "umulh     x5, x25, x28\n\t"
+        "adc     x17, x17, xzr\n\t"
+        "adds  x16, x16, x4\n\t"
         "#  A[5] * A[6]\n\t"
-        "mul	x4, x26, x27\n\t"
-        "adcs	x17, x17, x5\n\t"
-        "umulh	x5, x26, x27\n\t"
-        "adc	x19, xzr, xzr\n\t"
-        "adds	x16, x16, x4\n\t"
+        "mul       x4, x26, x27\n\t"
+        "adcs   x17, x17, x5\n\t"
+        "umulh     x5, x26, x27\n\t"
+        "adc     x19, xzr, xzr\n\t"
+        "adds  x16, x16, x4\n\t"
         "#  A[5] * A[7]\n\t"
-        "mul	x4, x26, x28\n\t"
-        "adcs	x17, x17, x5\n\t"
-        "umulh	x5, x26, x28\n\t"
-        "adc	x19, x19, xzr\n\t"
-        "adds	x17, x17, x4\n\t"
+        "mul       x4, x26, x28\n\t"
+        "adcs   x17, x17, x5\n\t"
+        "umulh     x5, x26, x28\n\t"
+        "adc     x19, x19, xzr\n\t"
+        "adds  x17, x17, x4\n\t"
         "#  A[6] * A[7]\n\t"
-        "mul	x4, x27, x28\n\t"
-        "adcs	x19, x19, x5\n\t"
-        "umulh	x5, x27, x28\n\t"
-        "adc	x20, xzr, xzr\n\t"
-        "adds	x19, x19, x4\n\t"
-        "adc	x20, x20, x5\n\t"
+        "mul       x4, x27, x28\n\t"
+        "adcs   x19, x19, x5\n\t"
+        "umulh     x5, x27, x28\n\t"
+        "adc     x20, xzr, xzr\n\t"
+        "adds  x19, x19, x4\n\t"
+        "adc   x20, x20, x5\n\t"
         "# Double\n\t"
         "adds	x6, x6, x6\n\t"
         "adcs	x7, x7, x7\n\t"
@@ -113430,44 +114312,44 @@ static void sp_1024_sqr_8(sp_digit* r, const sp_digit* a)
         "adcs	x17, x17, x17\n\t"
         "adcs	x19, x19, x19\n\t"
         "#  A[0] * A[0]\n\t"
-        "mul	x5, x21, x21\n\t"
+        "mul       x5, x21, x21\n\t"
         "adcs	x20, x20, x20\n\t"
-        "umulh	x2, x21, x21\n\t"
+        "umulh     x2, x21, x21\n\t"
         "cset  x21, cs\n\t"
         "#  A[1] * A[1]\n\t"
-        "mul	x3, x22, x22\n\t"
+        "mul       x3, x22, x22\n\t"
         "adds	x6, x6, x2\n\t"
-        "umulh	x4, x22, x22\n\t"
+        "umulh     x4, x22, x22\n\t"
         "adcs	x7, x7, x3\n\t"
         "#  A[2] * A[2]\n\t"
-        "mul	x2, x23, x23\n\t"
+        "mul       x2, x23, x23\n\t"
         "adcs	x8, x8, x4\n\t"
-        "umulh	x3, x23, x23\n\t"
+        "umulh     x3, x23, x23\n\t"
         "adcs	x9, x9, x2\n\t"
         "#  A[3] * A[3]\n\t"
-        "mul	x4, x24, x24\n\t"
+        "mul       x4, x24, x24\n\t"
         "adcs	x10, x10, x3\n\t"
-        "umulh	x2, x24, x24\n\t"
+        "umulh     x2, x24, x24\n\t"
         "adcs	x11, x11, x4\n\t"
         "#  A[4] * A[4]\n\t"
-        "mul	x3, x25, x25\n\t"
+        "mul       x3, x25, x25\n\t"
         "adcs	x12, x12, x2\n\t"
-        "umulh	x4, x25, x25\n\t"
+        "umulh     x4, x25, x25\n\t"
         "adcs	x13, x13, x3\n\t"
         "#  A[5] * A[5]\n\t"
-        "mul	x2, x26, x26\n\t"
+        "mul       x2, x26, x26\n\t"
         "adcs	x14, x14, x4\n\t"
-        "umulh	x3, x26, x26\n\t"
+        "umulh     x3, x26, x26\n\t"
         "adcs	x15, x15, x2\n\t"
         "#  A[6] * A[6]\n\t"
-        "mul	x4, x27, x27\n\t"
+        "mul       x4, x27, x27\n\t"
         "adcs	x16, x16, x3\n\t"
-        "umulh	x2, x27, x27\n\t"
+        "umulh     x2, x27, x27\n\t"
         "adcs	x17, x17, x4\n\t"
         "#  A[7] * A[7]\n\t"
-        "mul	x3, x28, x28\n\t"
+        "mul       x3, x28, x28\n\t"
         "adcs	x19, x19, x2\n\t"
-        "umulh	x4, x28, x28\n\t"
+        "umulh     x4, x28, x28\n\t"
         "adcs	x20, x20, x3\n\t"
         "stp	x5, x6, [%[r], 0]\n\t"
         "adc	x21, x21, x4\n\t"
@@ -113514,7 +114396,7 @@ static sp_digit sp_1024_add_8(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 32]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 48]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -113662,7 +114544,7 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r], 96]\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r], 112]\n\t"
-        "cset	%[r], cs\n\t"
+        "adc	%[r], xzr, xzr\n\t"
         : [r] "+r" (r)
         : [a] "r" (a), [b] "r" (b)
         : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
@@ -114189,7 +115071,7 @@ static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
         "stp	x3, x4, [%[r]], #16\n\t"
         "adcs	x6, x6, x10\n\t"
         "stp	x5, x6, [%[r]], #16\n\t"
-        "cset	%[c], cs\n\t"
+        "adc	%[c], xzr, xzr\n\t"
         "cmp	%[a], x11\n\t"
         "b.ne	1b\n\t"
         : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
@@ -114381,7 +115263,7 @@ static void sp_1024_mul_d_16(sp_digit* r, const sp_digit* a,
 
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
- * Assumes divisor has higest bit set.
+ * Assumes divisor has highest bit set.
  *
  * d1   The high order half of the number to divide.
  * d0   The low order half of the number to divide.
@@ -114629,8 +115511,8 @@ static sp_int64 sp_1024_cmp_16(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_1024_div_16(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[32], t2[17];
     sp_digit div, r1;
@@ -114763,14 +115645,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -115177,7 +116059,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m,
         "umulh	x8, x10, x9\n\t"
         "adds	x6, x6, x7\n\t"
         "adcs	x8, x8, x3\n\t"
-        "cset	x3, cs\n\t"
+        "adc	x3, xzr, xzr\n\t"
         "adds	x27, x28, x6\n\t"
         "ldr	x28, [%[a], 128]\n\t"
         "adcs	x28, x28, x8\n\t"
@@ -115255,7 +116137,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -115269,7 +116151,7 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -115392,8 +116274,8 @@ static void sp_1024_map_16(sp_point_1024* r, const sp_point_1024* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp       x4, x5, [%[a], 0]\n\t"
@@ -115493,7 +116375,8 @@ static void sp_1024_mont_add_16(sp_digit* r, const sp_digit* a, const sp_digit*
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp       x4, x5, [%[a], 0]\n\t"
@@ -115585,7 +116468,8 @@ static void sp_1024_mont_dbl_16(sp_digit* r, const sp_digit* a, const sp_digit*
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp       x4, x5, [%[a], 0]\n\t"
@@ -115747,8 +116631,8 @@ static void sp_1024_mont_tpl_16(sp_digit* r, const sp_digit* a, const sp_digit*
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a,
+    const sp_digit* b, const sp_digit* m)
 {
     __asm__ __volatile__ (
         "ldp       x4, x5, [%[a], 0]\n\t"
@@ -115838,7 +116722,6 @@ static void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit*
     );
 }
 
-#define sp_1024_mont_sub_lower_16 sp_1024_mont_sub_16
 #ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
@@ -116017,7 +116900,8 @@ static void sp_1024_rshift1_16(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_1024_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m)
+SP_NOINLINE static void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a,
+    const sp_digit* m)
 {
     sp_digit o;
 
@@ -116070,7 +116954,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_16(t2, t2, p1024_mod);
+    sp_1024_mont_div2_16(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -116080,7 +116964,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_16(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+    sp_1024_mont_sub_16(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -116103,7 +116987,8 @@ typedef struct sp_1024_proj_point_dbl_16_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
@@ -116177,7 +117062,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_16(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -116202,7 +117087,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -116227,8 +117112,6 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_16 sp_1024_mont_dbl_16
-#define sp_1024_mont_tpl_lower_16 sp_1024_mont_tpl_16
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -116267,7 +117150,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116276,8 +117159,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
         sp_1024_mont_dbl_16(t2, b, p1024_mod);
         sp_1024_mont_sub_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -116297,7 +117180,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+    sp_1024_mont_tpl_16(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116306,8 +117189,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     sp_1024_mont_dbl_16(t2, b, p1024_mod);
     sp_1024_mont_sub_16(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+    sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_16(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -116317,107 +117200,9 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     sp_1024_mont_sub_16(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_16(y, y, p1024_mod);
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "add	x11, %[a], 128\n\t"
-        "\n1:\n\t"
-        "subs	%[c], xzr, %[c]\n\t"
-        "ldp	x3, x4, [%[a]], #16\n\t"
-        "ldp	x5, x6, [%[a]], #16\n\t"
-        "ldp	x7, x8, [%[b]], #16\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x9, x10, [%[b]], #16\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r]], #16\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r]], #16\n\t"
-        "csetm	%[c], cc\n\t"
-        "cmp	%[a], x11\n\t"
-        "b.ne	1b\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "x11", "cc"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldp	x3, x4, [%[a], 0]\n\t"
-        "ldp	x7, x8, [%[b], 0]\n\t"
-        "subs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 16]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 16]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 0]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 16]\n\t"
-        "ldp	x3, x4, [%[a], 32]\n\t"
-        "ldp	x7, x8, [%[b], 32]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 48]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 48]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 32]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 48]\n\t"
-        "ldp	x3, x4, [%[a], 64]\n\t"
-        "ldp	x7, x8, [%[b], 64]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 80]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 80]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 64]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 80]\n\t"
-        "ldp	x3, x4, [%[a], 96]\n\t"
-        "ldp	x7, x8, [%[b], 96]\n\t"
-        "sbcs	x3, x3, x7\n\t"
-        "ldp	x5, x6, [%[a], 112]\n\t"
-        "sbcs	x4, x4, x8\n\t"
-        "ldp	x9, x10, [%[b], 112]\n\t"
-        "sbcs	x5, x5, x9\n\t"
-        "stp	x3, x4, [%[r], 96]\n\t"
-        "sbcs	x6, x6, x10\n\t"
-        "stp	x5, x6, [%[r], 112]\n\t"
-        "csetm	%[r], cc\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "memory", "x3", "x4", "x5", "x6", "x7", "x8", "x9", "x10", "cc"
-    );
-
-    return (sp_digit)r;
+    sp_1024_mont_div2_16(y, y, p1024_mod);
 }
 
-#endif /* WOLFSSL_SP_SMALL */
 /* Compare two numbers to determine if they are equal.
  * Constant time implementation.
  *
@@ -116458,12 +117243,12 @@ static int sp_1024_iszero_16(const sp_digit* a)
 static void sp_1024_proj_point_add_16(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*16;
+    sp_digit* t2 = t + 4*16;
+    sp_digit* t3 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -116485,17 +117270,9 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
@@ -116514,20 +117291,31 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
         sp_1024_mont_dbl_16(t3, y, p1024_mod);
         sp_1024_mont_sub_16(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+        sp_1024_mont_sub_16(y, y, x, p1024_mod);
         sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(y, y, t5, p1024_mod);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -116573,12 +117361,12 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->t3 = t + 4*16;
-        ctx->t4 = t + 6*16;
-        ctx->t5 = t + 8*16;
-        ctx->t6 = t + 10*16;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*16;
+        ctx->t2 = t + 4*16;
+        ctx->t3 = t + 6*16;
+        ctx->t4 = t + 8*16;
+        ctx->t5 = t + 10*16;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -116685,7 +117473,7 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -116698,22 +117486,28 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -116772,7 +117566,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -116782,8 +117576,8 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         sp_1024_mont_dbl_16(t2, b, p1024_mod);
         sp_1024_mont_sub_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
         z = r[j].z;
@@ -116797,7 +117591,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(y, y, t1, p1024_mod);
         /* Y = Y/2 */
-        sp_1024_div2_16(r[j].y, y, p1024_mod);
+        sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
         r[j].infinity = 0;
     }
 }
@@ -116871,8 +117665,8 @@ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
     sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_lower_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_lower_16(ya, ya, xa, p1024_mod);
+    sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
+    sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
     sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
     sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -117000,7 +117794,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_10
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 
+    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
         (65+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -117129,12 +117923,12 @@ typedef struct sp_table_entry_1024 {
 static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*16;
+    sp_digit* t6 = t + 4*16;
+    sp_digit* t1 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -117150,13 +117944,9 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
@@ -117165,33 +117955,40 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_16(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_16(t1, t3, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_16(t5, t3, p1024_mod);
+        sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_16(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -117443,7 +118240,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -117514,8 +118311,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
@@ -121031,7 +121828,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -121053,7 +121850,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -121269,7 +122066,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -121295,7 +122092,7 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_16(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -123060,7 +123857,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -123175,7 +123972,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_16(t1, ty, p1024_mod);
+    sp_1024_mont_div2_16(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -123195,7 +123992,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_16(t1, t1, p1024_mod);
+    sp_1024_mont_div2_16(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -123613,7 +124410,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_16(t1, ty, p1024_mod);
+        sp_1024_mont_div2_16(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -123651,7 +124448,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_16(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -124443,7 +125240,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
         "subs	x6, %[n], 8\n\t"
         "mov	x7, xzr\n\t"
         "blt	2f\n\t"
-        /* Put in mulitples of 8 bytes. */
+        /* Put in multiples of 8 bytes. */
         "1:\n\t"
         "ldr	x8, [x4], -8\n\t"
         "subs	x6, x6, 8\n\t"
@@ -124537,7 +125334,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     );
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -124566,19 +125363,21 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 16;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_16(t1, point->y);
         (void)sp_1024_mod_16(t1, t1, p1024_mod);
         sp_1024_sqr_16(t2, point->x);
         (void)sp_1024_mod_16(t2, t2, p1024_mod);
         sp_1024_mul_16(t2, t2, point->x);
         (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        (void)sp_1024_sub_16(t2, p1024_mod, t2);
-        sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_16(t1, p1024_mod);
         sp_1024_cond_sub_16(t1, t1, p1024_mod, ~(n >> 63));
         sp_1024_norm_16(t1);
@@ -124595,7 +125394,7 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
index 2861ef4c..c73f69ab 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_armthumb.c
@@ -52,6 +52,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifdef WOLFSSL_SP_ARM_THUMB_ASM
 #define SP_PRINT_NUM(var, name, total, words, bits)         \
     do {                                                    \
@@ -118,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -469,7 +479,7 @@ SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -9425,7 +9435,7 @@ SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
 }
 
@@ -9516,7 +9526,7 @@ SP_NOINLINE static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -9604,7 +9614,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_8(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -9769,7 +9779,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -9928,7 +9938,7 @@ SP_NOINLINE static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -10143,7 +10153,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -10452,7 +10462,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -10747,7 +10757,7 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -11094,7 +11104,7 @@ SP_NOINLINE static sp_digit sp_2048_add_word_32(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -11691,7 +11701,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -12258,7 +12268,7 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -12750,7 +12760,7 @@ SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -19265,7 +19275,7 @@ SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
         "stm	%[r]!, {r2, r3, r4, r5}\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -19355,7 +19365,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -19548,7 +19558,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -19877,7 +19887,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -19993,7 +20003,7 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -20072,7 +20082,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -20327,7 +20337,7 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -20777,7 +20787,7 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -20869,7 +20879,7 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -20942,7 +20952,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -21187,7 +21197,7 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -21622,14 +21632,14 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -21836,7 +21846,7 @@ SP_NOINLINE static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -21913,11 +21923,12 @@ SP_NOINLINE static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#define sp_2048_mont_reduce_order_64   sp_2048_mont_reduce_64
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -22980,7 +22991,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -22991,7 +23002,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -23005,7 +23016,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -23196,7 +23207,7 @@ SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -23811,7 +23822,7 @@ SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -23920,7 +23931,7 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -23934,8 +23945,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -24386,11 +24397,12 @@ SP_NOINLINE static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#define sp_2048_mont_reduce_order_64   sp_2048_mont_reduce_64
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -26007,7 +26019,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -26018,7 +26030,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -26032,7 +26044,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -26110,7 +26122,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -26677,7 +26689,7 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -27294,7 +27306,7 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -27308,8 +27320,8 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -27507,7 +27519,7 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -27521,8 +27533,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -28096,7 +28108,7 @@ SP_NOINLINE static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -30002,7 +30014,7 @@ static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n)
         "str	r5, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -30304,14 +30316,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -30655,7 +30667,7 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -50837,7 +50849,7 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
 }
 
@@ -50962,7 +50974,7 @@ SP_NOINLINE static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -51082,7 +51094,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_12(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -51319,7 +51331,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -51546,7 +51558,7 @@ SP_NOINLINE static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -51829,7 +51841,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_24(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -52282,7 +52294,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -52713,7 +52725,7 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -53188,7 +53200,7 @@ SP_NOINLINE static sp_digit sp_3072_add_word_48(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -54073,7 +54085,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -54912,7 +54924,7 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -55404,7 +55416,7 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -70175,7 +70187,7 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
         "stm	%[r]!, {r2, r3, r4, r5}\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -70299,7 +70311,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -70560,7 +70572,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -71025,7 +71037,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -71141,7 +71153,7 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -71220,7 +71232,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -71485,7 +71497,7 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -71950,7 +71962,7 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -72042,7 +72054,7 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -72115,7 +72127,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -72365,7 +72377,7 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -72810,14 +72822,14 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -73024,7 +73036,7 @@ SP_NOINLINE static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -73101,11 +73113,12 @@ SP_NOINLINE static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#define sp_3072_mont_reduce_order_96   sp_3072_mont_reduce_96
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -74440,7 +74453,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -74451,7 +74464,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -74465,7 +74478,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -74656,7 +74669,7 @@ SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -75271,7 +75284,7 @@ SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -75380,7 +75393,7 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -75394,8 +75407,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[96], t2[49];
     sp_digit div, r1;
@@ -75846,11 +75859,12 @@ SP_NOINLINE static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#define sp_3072_mont_reduce_order_96   sp_3072_mont_reduce_96
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -78021,7 +78035,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -78032,7 +78046,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -78046,7 +78060,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -78124,7 +78138,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -78963,7 +78977,7 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -79580,7 +79594,7 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -79594,8 +79608,8 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -79798,7 +79812,7 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -79812,8 +79826,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -80387,7 +80401,7 @@ SP_NOINLINE static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -83091,7 +83105,7 @@ static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n)
         "str	r3, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -83393,14 +83407,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -84036,7 +84050,7 @@ SP_NOINLINE static sp_digit sp_4096_add_word_64(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -85209,7 +85223,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -86320,7 +86334,7 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -86473,7 +86487,7 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -86552,7 +86566,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -86817,7 +86831,7 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -87282,12 +87296,12 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -87494,7 +87508,7 @@ SP_NOINLINE static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -87577,11 +87591,12 @@ SP_NOINLINE static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
 
+#define sp_4096_mont_reduce_order_128   sp_4096_mont_reduce_128
 /* Reduce the number back to 4096 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -90296,7 +90311,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -90307,7 +90322,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -90321,7 +90336,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -90399,7 +90414,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -91510,7 +91525,7 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -92127,7 +92142,7 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -92141,8 +92156,8 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -92346,7 +92361,7 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -92360,8 +92375,8 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -92940,7 +92955,7 @@ SP_NOINLINE static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -96432,7 +96447,7 @@ static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n)
         "str	r4, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -96956,7 +96971,7 @@ SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -97381,7 +97396,7 @@ SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -97454,7 +97469,7 @@ SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -97546,167 +97561,7 @@ SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #32\n\t"
-#else
-        "add	r6, r6, #32\n\t"
-#endif
-        "\n"
-    "L_sp_256_sub_8_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_256_sub_8_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -97805,14 +97660,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -97990,69 +97845,6 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
     return err;
 }
 
-/* Conditionally subtract b from a using the mask m.
- * m is -1 to subtract and 0 when not copying.
- *
- * r  A single precision number representing condition subtract result.
- * a  A single precision number to subtract from.
- * b  A single precision number to subtract.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #32\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_256_cond_sub_8_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r4\n\t"
-#else
-        "sub	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r5, r6\n\t"
-#else
-        "sbc	r5, r6\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r4\n\t"
-#else
-        "sbc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_256_cond_sub_8_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
-    );
-    return (uint32_t)(size_t)r;
-}
-
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -98369,7 +98161,7 @@ SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m,
         "str	r7, [%[a], #28]\n\t"
         : [a] "+l" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -99027,7 +98819,7 @@ SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -99038,7 +98830,7 @@ SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -99052,7 +98844,7 @@ SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -99068,10 +98860,10 @@ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_8(r, a, m, mp);
     for (; n > 1; n--) {
@@ -99261,7 +99053,7 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -99272,6 +99064,69 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
  */
 #define sp_256_norm_8(a)
 
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
+        const sp_digit* b, sp_digit m)
+{
+    __asm__ __volatile__ (
+        "movs	r4, #0\n\t"
+        "movs	r5, #32\n\t"
+        "mov	r8, r5\n\t"
+        "movs	r7, #0\n\t"
+        "\n"
+    "L_sp_256_cond_sub_8_words_%=:\n\t"
+        "ldr	r6, [%[b], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+        "ands	r6, r6, %[m]\n\t"
+#elif defined(__clang__)
+        "ands	r6, %[m]\n\t"
+#else
+        "and	r6, %[m]\n\t"
+#endif
+        "movs	r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r5, r5, r4\n\t"
+#else
+        "sub	r5, r5, r4\n\t"
+#endif
+        "ldr	r5, [%[a], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r5, r5, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r5, r6\n\t"
+#else
+        "sbc	r5, r6\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r4\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r4\n\t"
+#else
+        "sbc	r4, r4\n\t"
+#endif
+        "str	r5, [%[r], r7]\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r7, r7, #4\n\t"
+#else
+        "add	r7, r7, #4\n\t"
+#endif
+        "cmp	r7, r8\n\t"
+        "blt	L_sp_256_cond_sub_8_words_%=\n\t"
+        "movs	%[r], r4\n\t"
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
 /* Map the Montgomery form projective coordinate point to an affine point.
  *
  * r  Resulting affine coordinate point.
@@ -99494,7 +99349,7 @@ SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #28]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
 }
 
@@ -99671,7 +99526,7 @@ SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #28]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
 }
 
@@ -100004,7 +99859,7 @@ SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a,
         "str	r2, [%[r], #28]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -100183,18 +100038,17 @@ SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #28]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
 }
 
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a,
         const sp_digit* m)
 {
     (void)m;
@@ -100457,7 +100311,7 @@ SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
     );
 }
 
@@ -100505,7 +100359,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_8(t2, t2, p256_mod);
+    sp_256_mont_div2_8(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
@@ -100515,7 +100369,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* X = X - Y */
     sp_256_mont_sub_8(x, x, y, p256_mod);
     /* Y = Y - X */
-    sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+    sp_256_mont_sub_8(y, y, x, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -100538,7 +100392,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -100612,7 +100467,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -100637,7 +100492,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -100698,12 +100553,12 @@ static int sp_256_iszero_8(const sp_digit* a)
 static void sp_256_proj_point_add_8(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*8;
+    sp_digit* t2 = t + 4*8;
+    sp_digit* t3 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -100725,17 +100580,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -100754,20 +100601,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_mont_dbl_8(t3, y, p256_mod);
         sp_256_mont_sub_8(x, x, t3, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+        sp_256_mont_sub_8(y, y, x, p256_mod);
         sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(y, y, t5, p256_mod);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -100813,12 +100671,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->t3 = t + 4*8;
-        ctx->t4 = t + 6*8;
-        ctx->t5 = t + 8*8;
-        ctx->t6 = t + 10*8;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*8;
+        ctx->t2 = t + 4*8;
+        ctx->t3 = t + 6*8;
+        ctx->t4 = t + 8*8;
+        ctx->t5 = t + 10*8;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -100925,7 +100783,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -100938,22 +100796,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -100973,7 +100837,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -101225,8 +101089,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
 }
 
 #ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -101265,7 +101127,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+        sp_256_mont_tpl_8(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -101274,8 +101136,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         sp_256_mont_dbl_8(t2, b, p256_mod);
         sp_256_mont_sub_8(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+        sp_256_mont_sub_8(t2, b, x, p256_mod);
+        sp_256_mont_dbl_8(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -101295,7 +101157,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+    sp_256_mont_tpl_8(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -101304,8 +101166,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_dbl_8(t2, b, p256_mod);
     sp_256_mont_sub_8(x, x, t2, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+    sp_256_mont_sub_8(t2, b, x, p256_mod);
+    sp_256_mont_dbl_8(b, t2, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -101315,7 +101177,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_sub_8(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_8(y, y, p256_mod);
+    sp_256_mont_div2_8(y, y, p256_mod);
 }
 
 /* Convert the projective point to affine.
@@ -101361,12 +101223,12 @@ typedef struct sp_table_entry_256 {
 static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*8;
+    sp_digit* t6 = t + 4*8;
+    sp_digit* t1 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -101382,13 +101244,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -101397,33 +101255,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_8(t1, t3, p256_mod);
-        sp_256_mont_sub_8(x, x, t1, p256_mod);
+        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+        sp_256_mont_dbl_8(t5, t3, p256_mod);
+        sp_256_mont_sub_8(x, t2, t5, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+        sp_256_mont_sub_8(t3, t3, x, p256_mod);
         sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -101524,7 +101389,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -101719,7 +101584,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -101790,8 +101655,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -101944,7 +101809,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -102139,7 +102004,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -102210,8 +102075,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -102328,7 +102193,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -102339,7 +102204,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -103877,7 +103742,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -103899,7 +103764,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -104035,7 +103900,7 @@ SP_NOINLINE static void sp_256_add_one_8(sp_digit* a)
         "str	r1, [%[a], #28]\n\t"
         : [a] "+l" (a)
         :
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "cc"
     );
 }
 
@@ -104130,7 +103995,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -104138,7 +104003,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -104475,7 +104340,7 @@ SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -104569,7 +104434,7 @@ SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -104757,7 +104622,7 @@ SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -105372,7 +105237,7 @@ SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -105412,8 +105277,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[16], t2[9];
     sp_digit div, r1;
@@ -105598,7 +105463,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     sp_256_mont_sqr_n_order_8(t2, t3, 4);
     /* t = a^ff = t2 * t3 */
     sp_256_mont_mul_order_8(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    /* t2= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_8(t2, t, 8);
     /* t = a^ffff = t2 * t */
     sp_256_mont_mul_order_8(t, t2, t);
@@ -105615,7 +105480,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_8(t2, t2, t);
     /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
+    sp_256_mont_sqr_order_8(t2, t2);
+    sp_256_mont_mul_order_8(t2, t2, a);
+    sp_256_mont_sqr_n_order_8(t2, t2, 5);
+    sp_256_mont_mul_order_8(t2, t2, t3);
+    for (i=121; i>=112; i--) {
         sp_256_mont_sqr_order_8(t2, t2);
         if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
             sp_256_mont_mul_order_8(t2, t2, a);
@@ -106020,6 +105889,166 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "movs	r6, %[a]\n\t"
+        "movs	r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r6, r6, #32\n\t"
+#else
+        "add	r6, r6, #32\n\t"
+#endif
+        "\n"
+    "L_sp_256_sub_8_word_%=:\n\t"
+        "movs	r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r5, r5, r3\n\t"
+#else
+        "sub	r5, r5, r3\n\t"
+#endif
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r5\n\t"
+#else
+        "sbc	r4, r5\n\t"
+#endif
+        "str	r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r3\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r3\n\t"
+#else
+        "sbc	r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[a], %[a], #4\n\t"
+#else
+        "add	%[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[b], %[b], #4\n\t"
+#else
+        "add	%[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[r], %[r], #4\n\t"
+#else
+        "add	%[r], %[r], #4\n\t"
+#endif
+        "cmp	%[a], r6\n\t"
+        "bne	L_sp_256_sub_8_word_%=\n\t"
+        "movs	%[r], r3\n\t"
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r3, r3, r5\n\t"
+#else
+        "sub	r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	%[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+        "sbcs	%[r], %[r]\n\t"
+#else
+        "sbc	%[r], %[r]\n\t"
+#endif
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 /* Right shift a by 1 bit into r. (r = a >> 1)
  *
  * r  A single precision integer.
@@ -106170,7 +106199,7 @@ static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
         "str	r3, [%[r], #28]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
 }
 
@@ -106441,7 +106470,7 @@ static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
         "str	r6, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -107196,7 +107225,7 @@ static int sp_256_num_bits_8(sp_digit* a)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [table] "+l" (table)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -107244,7 +107273,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
             sp_256_sub_8(u, u, v);
             o = sp_256_sub_8(b, b, d);
             if (o != 0)
@@ -107321,7 +107350,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -107645,7 +107674,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -107673,19 +107702,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 8;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_8(t1, point->y);
         (void)sp_256_mod_8(t1, t1, p256_mod);
         sp_256_sqr_8(t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
         sp_256_mul_8(t2, t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
-        (void)sp_256_sub_8(t2, p256_mod, t2);
-        sp_256_mont_add_8(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_8(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -107699,7 +107730,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -108522,7 +108553,7 @@ SP_NOINLINE static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -108947,7 +108978,7 @@ SP_NOINLINE static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -109020,7 +109051,7 @@ SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -109146,201 +109177,7 @@ SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #48\n\t"
-#else
-        "add	r6, r6, #48\n\t"
-#endif
-        "\n"
-    "L_sp_384_sub_12_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_384_sub_12_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -109458,14 +109295,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -109701,7 +109538,7 @@ SP_NOINLINE static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -110430,7 +110267,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -110441,7 +110278,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -110455,7 +110292,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -110471,10 +110308,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_12(r, a, m, mp);
     for (; n > 1; n--) {
@@ -110680,7 +110517,7 @@ SP_NOINLINE static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -110779,6 +110616,200 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a,
     sp_384_cond_sub_12(r, r, m, 0 - o);
 }
 
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "movs	r6, %[a]\n\t"
+        "movs	r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r6, r6, #48\n\t"
+#else
+        "add	r6, r6, #48\n\t"
+#endif
+        "\n"
+    "L_sp_384_sub_12_word_%=:\n\t"
+        "movs	r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r5, r5, r3\n\t"
+#else
+        "sub	r5, r5, r3\n\t"
+#endif
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r5\n\t"
+#else
+        "sbc	r4, r5\n\t"
+#endif
+        "str	r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r3\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r3\n\t"
+#else
+        "sbc	r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[a], %[a], #4\n\t"
+#else
+        "add	%[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[b], %[b], #4\n\t"
+#else
+        "add	%[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[r], %[r], #4\n\t"
+#else
+        "add	%[r], %[r], #4\n\t"
+#endif
+        "cmp	%[a], r6\n\t"
+        "bne	L_sp_384_sub_12_word_%=\n\t"
+        "movs	%[r], r3\n\t"
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r3, r3, r5\n\t"
+#else
+        "sub	r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	%[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+        "sbcs	%[r], %[r]\n\t"
+#else
+        "sbc	%[r], %[r]\n\t"
+#endif
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -110843,7 +110874,7 @@ SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -110864,7 +110895,6 @@ SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a,
     sp_384_cond_add_12(r, r, m, o);
 }
 
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
 /* Right shift a by 1 bit into r. (r = a >> 1)
  *
  * r  A single precision integer.
@@ -111091,7 +111121,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
         "str	r4, [%[r], #44]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
 }
 
@@ -111101,7 +111131,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_384_div2_12(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a,
         const sp_digit* m)
 {
     sp_digit o;
@@ -111155,7 +111185,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_12(t2, t2, p384_mod);
+    sp_384_mont_div2_12(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -111165,7 +111195,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_12(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+    sp_384_mont_sub_12(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -111188,7 +111218,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -111262,7 +111293,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -111287,7 +111318,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -111350,12 +111381,12 @@ static int sp_384_iszero_12(const sp_digit* a)
 static void sp_384_proj_point_add_12(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*12;
+    sp_digit* t2 = t + 4*12;
+    sp_digit* t3 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -111377,17 +111408,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -111406,20 +111429,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_mont_dbl_12(t3, y, p384_mod);
         sp_384_mont_sub_12(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+        sp_384_mont_sub_12(y, y, x, p384_mod);
         sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(y, y, t5, p384_mod);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -111465,12 +111499,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->t3 = t + 4*12;
-        ctx->t4 = t + 6*12;
-        ctx->t5 = t + 8*12;
-        ctx->t6 = t + 10*12;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*12;
+        ctx->t2 = t + 4*12;
+        ctx->t3 = t + 6*12;
+        ctx->t4 = t + 8*12;
+        ctx->t5 = t + 10*12;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -111577,7 +111611,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -111590,22 +111624,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -111625,7 +111665,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -111901,8 +111941,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
 }
 
 #ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -111941,7 +111979,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+        sp_384_mont_tpl_12(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -111950,8 +111988,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         sp_384_mont_dbl_12(t2, b, p384_mod);
         sp_384_mont_sub_12(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+        sp_384_mont_sub_12(t2, b, x, p384_mod);
+        sp_384_mont_dbl_12(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -111971,7 +112009,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+    sp_384_mont_tpl_12(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -111980,8 +112018,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_dbl_12(t2, b, p384_mod);
     sp_384_mont_sub_12(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+    sp_384_mont_sub_12(t2, b, x, p384_mod);
+    sp_384_mont_dbl_12(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -111991,7 +112029,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_sub_12(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_12(y, y, p384_mod);
+    sp_384_mont_div2_12(y, y, p384_mod);
 }
 
 /* Convert the projective point to affine.
@@ -112037,12 +112075,12 @@ typedef struct sp_table_entry_384 {
 static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*12;
+    sp_digit* t6 = t + 4*12;
+    sp_digit* t1 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -112058,13 +112096,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -112073,33 +112107,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_12(t1, t3, p384_mod);
-        sp_384_mont_sub_12(x, x, t1, p384_mod);
+        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_12(t5, t3, p384_mod);
+        sp_384_mont_sub_12(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+        sp_384_mont_sub_12(t3, t3, x, p384_mod);
         sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -112200,7 +112241,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -112411,7 +112452,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -112482,8 +112523,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -112636,7 +112677,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -112847,7 +112888,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -112918,8 +112959,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -113036,7 +113077,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -113047,7 +113088,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -114585,7 +114626,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -114607,7 +114648,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -114779,7 +114820,7 @@ SP_NOINLINE static void sp_384_add_one_12(sp_digit* a)
         "str	r1, [%[a], #44]\n\t"
         : [a] "+l" (a)
         :
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "cc"
     );
 }
 
@@ -114874,7 +114915,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -114882,7 +114923,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -115219,7 +115260,7 @@ SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -115349,7 +115390,7 @@ SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -115537,7 +115578,7 @@ SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -116152,7 +116193,7 @@ SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -116196,8 +116237,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[24], t2[13];
     sp_digit div, r1;
@@ -117177,7 +117218,7 @@ static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a,
         "str	r7, [%[r], #44]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -118376,7 +118417,7 @@ static int sp_384_num_bits_12(sp_digit* a)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [table] "+l" (table)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -118424,7 +118465,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
             sp_384_sub_12(u, u, v);
             o = sp_384_sub_12(b, b, d);
             if (o != 0)
@@ -118505,7 +118546,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -118829,7 +118870,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -118857,19 +118898,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 12;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_12(t1, point->y);
         (void)sp_384_mod_12(t1, t1, p384_mod);
         sp_384_sqr_12(t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
         sp_384_mul_12(t2, t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
-        (void)sp_384_sub_12(t2, p384_mod, t2);
-        sp_384_mont_add_12(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_12(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -118883,7 +118926,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -119748,7 +119791,7 @@ SP_NOINLINE static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -120173,7 +120216,7 @@ SP_NOINLINE static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -120246,7 +120289,7 @@ SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -120416,245 +120459,7 @@ SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x44\n\t"
-#else
-        "add	r6, r6, #0x44\n\t"
-#endif
-        "\n"
-    "L_sp_521_sub_17_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_521_sub_17_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-        "str	r3, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -120688,14 +120493,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -120931,7 +120736,7 @@ SP_NOINLINE static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -121579,7 +121384,7 @@ SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m,
         "add	sp, sp, #0x44\n\t"
         : [a] "+l" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
@@ -122746,7 +122551,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -122757,7 +122562,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -122771,7 +122576,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -122787,10 +122592,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_17(r, a, m, mp);
     for (; n > 1; n--) {
@@ -122993,7 +122798,7 @@ SP_NOINLINE static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -123374,7 +123179,7 @@ SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7"
+        : "memory", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -123690,7 +123495,7 @@ SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -124168,77 +123973,8 @@ SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
-    );
-}
-
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
-{
-    __asm__ __volatile__ (
-        "movs	r4, #0\n\t"
-        "movs	r5, #0x44\n\t"
-        "mov	r8, r5\n\t"
-        "movs	r7, #0\n\t"
-        "\n"
-    "L_sp_521_cond_add_17_words_%=:\n\t"
-        "ldr	r6, [%[b], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "ands	r6, r6, %[m]\n\t"
-#elif defined(__clang__)
-        "ands	r6, %[m]\n\t"
-#else
-        "and	r6, %[m]\n\t"
-#endif
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, #1\n\t"
-#else
-        "sub	r5, r5, #1\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r5, r5, r4\n\t"
-#else
-        "add	r5, r5, r4\n\t"
-#endif
-        "ldr	r5, [%[a], r7]\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r5, r5, r6\n\t"
-#elif defined(__clang__)
-        "adcs	r5, r6\n\t"
-#else
-        "adc	r5, r6\n\t"
-#endif
-        "movs	r4, #0\n\t"
-#ifdef WOLFSSL_KEIL
-        "adcs	r4, r4, r4\n\t"
-#elif defined(__clang__)
-        "adcs	r4, r4\n\t"
-#else
-        "adc	r4, r4\n\t"
-#endif
-        "str	r5, [%[r], r7]\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r7, r7, #4\n\t"
-#else
-        "add	r7, r7, #4\n\t"
-#endif
-        "cmp	r7, r8\n\t"
-        "blt	L_sp_521_cond_add_17_words_%=\n\t"
-        "movs	%[r], r4\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
-        :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
-    return (uint32_t)(size_t)r;
 }
 
 /* Subtract two Montgomery form numbers (r = a - b % m).
@@ -124577,11 +124313,79 @@ SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7"
+        : "memory", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a,
+        const sp_digit* b, sp_digit m)
+{
+    __asm__ __volatile__ (
+        "movs	r4, #0\n\t"
+        "movs	r5, #0x44\n\t"
+        "mov	r8, r5\n\t"
+        "movs	r7, #0\n\t"
+        "\n"
+    "L_sp_521_cond_add_17_words_%=:\n\t"
+        "ldr	r6, [%[b], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+        "ands	r6, r6, %[m]\n\t"
+#elif defined(__clang__)
+        "ands	r6, %[m]\n\t"
+#else
+        "and	r6, %[m]\n\t"
+#endif
+        "movs	r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r5, r5, #1\n\t"
+#else
+        "sub	r5, r5, #1\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r5, r5, r4\n\t"
+#else
+        "add	r5, r5, r4\n\t"
+#endif
+        "ldr	r5, [%[a], r7]\n\t"
+#ifdef WOLFSSL_KEIL
+        "adcs	r5, r5, r6\n\t"
+#elif defined(__clang__)
+        "adcs	r5, r6\n\t"
+#else
+        "adc	r5, r6\n\t"
+#endif
+        "movs	r4, #0\n\t"
+#ifdef WOLFSSL_KEIL
+        "adcs	r4, r4, r4\n\t"
+#elif defined(__clang__)
+        "adcs	r4, r4\n\t"
+#else
+        "adc	r4, r4\n\t"
+#endif
+        "str	r5, [%[r], r7]\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r7, r7, #4\n\t"
+#else
+        "add	r7, r7, #4\n\t"
+#endif
+        "cmp	r7, r8\n\t"
+        "blt	L_sp_521_cond_add_17_words_%=\n\t"
+        "movs	%[r], r4\n\t"
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
 /* Right shift a by 1 bit into r. (r = a >> 1)
  *
  * r  A single precision integer.
@@ -124903,7 +124707,7 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
         "str	r3, [%[r], #64]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
 }
 
@@ -124913,7 +124717,7 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_521_div2_17(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a,
         const sp_digit* m)
 {
     sp_digit o;
@@ -124967,7 +124771,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_17(t2, t2, p521_mod);
+    sp_521_mont_div2_17(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -124977,7 +124781,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_17(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+    sp_521_mont_sub_17(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -125000,7 +124804,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -125074,7 +124879,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -125099,7 +124904,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -125165,12 +124970,12 @@ static int sp_521_iszero_17(const sp_digit* a)
 static void sp_521_proj_point_add_17(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*17;
+    sp_digit* t2 = t + 4*17;
+    sp_digit* t3 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -125192,17 +124997,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -125221,20 +125018,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_mont_dbl_17(t3, y, p521_mod);
         sp_521_mont_sub_17(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+        sp_521_mont_sub_17(y, y, x, p521_mod);
         sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(y, y, t5, p521_mod);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -125280,12 +125088,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->t3 = t + 4*17;
-        ctx->t4 = t + 6*17;
-        ctx->t5 = t + 8*17;
-        ctx->t6 = t + 10*17;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*17;
+        ctx->t2 = t + 4*17;
+        ctx->t3 = t + 6*17;
+        ctx->t4 = t + 8*17;
+        ctx->t5 = t + 10*17;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -125392,7 +125200,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -125405,22 +125213,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -125440,7 +125254,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -125750,8 +125564,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
 }
 
 #ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -125790,7 +125602,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+        sp_521_mont_tpl_17(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -125799,8 +125611,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         sp_521_mont_dbl_17(t2, b, p521_mod);
         sp_521_mont_sub_17(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+        sp_521_mont_sub_17(t2, b, x, p521_mod);
+        sp_521_mont_dbl_17(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -125820,7 +125632,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+    sp_521_mont_tpl_17(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -125829,8 +125641,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_dbl_17(t2, b, p521_mod);
     sp_521_mont_sub_17(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+    sp_521_mont_sub_17(t2, b, x, p521_mod);
+    sp_521_mont_dbl_17(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -125840,7 +125652,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_sub_17(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_17(y, y, p521_mod);
+    sp_521_mont_div2_17(y, y, p521_mod);
 }
 
 /* Convert the projective point to affine.
@@ -125886,12 +125698,12 @@ typedef struct sp_table_entry_521 {
 static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*17;
+    sp_digit* t6 = t + 4*17;
+    sp_digit* t1 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -125907,13 +125719,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -125922,33 +125730,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_17(t1, t3, p521_mod);
-        sp_521_mont_sub_17(x, x, t1, p521_mod);
+        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_17(t5, t3, p521_mod);
+        sp_521_mont_sub_17(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+        sp_521_mont_sub_17(t3, t3, x, p521_mod);
         sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -126049,7 +125864,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -126280,7 +126095,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -126351,8 +126166,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -126505,7 +126320,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -126736,7 +126551,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -126807,8 +126622,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -126925,7 +126740,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -126936,7 +126751,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -129018,7 +128833,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -129040,7 +128855,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -129257,7 +129072,7 @@ SP_NOINLINE static void sp_521_add_one_17(sp_digit* a)
         "str	r1, [%[a], #64]\n\t"
         : [a] "+l" (a)
         :
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "cc"
     );
 }
 
@@ -129353,7 +129168,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -129361,7 +129176,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -129977,7 +129792,7 @@ static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
         "str	r4, [%[r], #64]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -130404,7 +130219,7 @@ static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n)
         "str	r4, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -131265,7 +131080,7 @@ static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
         "str	r5, [%[r], #4]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [n] "+l" (n)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -131336,7 +131151,7 @@ SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -131512,7 +131327,7 @@ SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -131700,7 +131515,7 @@ SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -132315,7 +132130,7 @@ SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -132360,8 +132175,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[35];
     sp_digit t2[18];
@@ -132968,6 +132783,244 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "movs	r6, %[a]\n\t"
+        "movs	r3, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	r6, r6, #0x44\n\t"
+#else
+        "add	r6, r6, #0x44\n\t"
+#endif
+        "\n"
+    "L_sp_521_sub_17_word_%=:\n\t"
+        "movs	r5, #0\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r5, r5, r3\n\t"
+#else
+        "sub	r5, r5, r3\n\t"
+#endif
+        "ldr	r4, [%[a]]\n\t"
+        "ldr	r5, [%[b]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r5\n\t"
+#else
+        "sbc	r4, r5\n\t"
+#endif
+        "str	r4, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r3\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r3\n\t"
+#else
+        "sbc	r3, r3\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[a], %[a], #4\n\t"
+#else
+        "add	%[a], %[a], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[b], %[b], #4\n\t"
+#else
+        "add	%[b], %[b], #4\n\t"
+#endif
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "adds	%[r], %[r], #4\n\t"
+#else
+        "add	%[r], %[r], #4\n\t"
+#endif
+        "cmp	%[a], r6\n\t"
+        "bne	L_sp_521_sub_17_word_%=\n\t"
+        "movs	%[r], r3\n\t"
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
+        const sp_digit* b)
+{
+    __asm__ __volatile__ (
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#if defined(__clang__) || defined(WOLFSSL_KEIL)
+        "subs	r3, r3, r5\n\t"
+#else
+        "sub	r3, r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldm	%[b]!, {r5, r6}\n\t"
+        "ldm	%[a]!, {r3, r4}\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+#ifdef WOLFSSL_KEIL
+        "sbcs	r4, r4, r6\n\t"
+#elif defined(__clang__)
+        "sbcs	r4, r6\n\t"
+#else
+        "sbc	r4, r6\n\t"
+#endif
+        "stm	%[r]!, {r3, r4}\n\t"
+        "ldr	r5, [%[b]]\n\t"
+        "ldr	r3, [%[a]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	r3, r3, r5\n\t"
+#elif defined(__clang__)
+        "sbcs	r3, r5\n\t"
+#else
+        "sbc	r3, r5\n\t"
+#endif
+        "str	r3, [%[r]]\n\t"
+#ifdef WOLFSSL_KEIL
+        "sbcs	%[r], %[r], %[r]\n\t"
+#elif defined(__clang__)
+        "sbcs	%[r], %[r]\n\t"
+#else
+        "sbc	%[r], %[r]\n\t"
+#endif
+        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 /* Divide the number by 2 mod the modulus. (r = a / 2 % m)
  *
  * r  Result of division by 2.
@@ -133525,7 +133578,7 @@ static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #64]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -135294,7 +135347,7 @@ static int sp_521_num_bits_17(sp_digit* a)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [table] "+l" (table)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -135342,7 +135395,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
             sp_521_sub_17(u, u, v);
             o = sp_521_sub_17(b, b, d);
             if (o != 0)
@@ -135428,7 +135481,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -135759,7 +135812,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -135787,19 +135840,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 17;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_17(t1, point->y);
         (void)sp_521_mod_17(t1, t1, p521_mod);
         sp_521_sqr_17(t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
         sp_521_mul_17(t2, t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
-        (void)sp_521_sub_17(t2, p521_mod, t2);
-        sp_521_mont_add_17(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_17(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -135813,7 +135868,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -136551,7 +136606,7 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -172439,7 +172494,7 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
         "stm	%[r]!, {r3, r4, r5, r6}\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
 }
 
@@ -172864,7 +172919,7 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -199219,7 +199274,7 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
         "stm	%[r]!, {r2, r3, r4, r5}\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -199378,7 +199433,7 @@ SP_NOINLINE static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -199530,7 +199585,7 @@ SP_NOINLINE static sp_digit sp_1024_add_word_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5"
+        : "memory", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -199839,7 +199894,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
 #endif
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -200134,7 +200189,7 @@ SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -200359,7 +200414,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
 #endif
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -200638,7 +200693,7 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
         "mov	%[b], r10\n\t"
         : [a] "+l" (a), [b] "+l" (b), [tmp] "+l" (tmp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 
     XMEMCPY(r, t, sizeof(t));
@@ -201073,7 +201128,7 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
         "add	sp, sp, r6\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -201230,7 +201285,7 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -201294,7 +201349,7 @@ SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -201368,7 +201423,7 @@ SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r3\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -201556,7 +201611,7 @@ SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
         "str	r3, [%[r]]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
 }
 
@@ -202171,7 +202226,7 @@ SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
         "movs	%[d1], r3\n\t"
         : [d1] "+l" (d1), [d0] "+l" (d0), [div] "+l" (div)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
     return (uint32_t)(size_t)d1;
 }
@@ -202310,7 +202365,7 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
         "movs	%[a], r2\n\t"
         : [a] "+l" (a), [b] "+l" (b)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "cc"
     );
     return (uint32_t)(size_t)a;
 }
@@ -202324,8 +202379,8 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -202460,14 +202515,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -202645,6 +202700,7 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
     return err;
 }
 
+#define sp_1024_mont_reduce_order_32   sp_1024_mont_reduce_32
 /* Reduce the number back to 1024 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
@@ -203727,7 +203783,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
 #endif /* WOLFSSL_SP_LARGE_CODE */
         : [a] "+l" (a), [m] "+l" (m), [mp] "+l" (mp)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
@@ -203738,7 +203794,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -203752,7 +203808,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -204774,7 +204830,7 @@ SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #124]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7"
+        : "memory", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -205651,7 +205707,7 @@ SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #124]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -207421,7 +207477,7 @@ SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a,
         "str	r7, [%[r], #124]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [m] "+l" (m)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r7"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
@@ -208855,11 +208911,10 @@ SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a,
         "str	r5, [%[r], #124]\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7"
+        : "memory", "r4", "r5", "r6", "r7", "cc"
     );
 }
 
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -208924,7 +208979,7 @@ SP_NOINLINE static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a,
         "movs	%[r], r4\n\t"
         : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b), [m] "+l" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
     return (uint32_t)(size_t)r;
 }
@@ -209535,7 +209590,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
         "str	r3, [%[r], #124]\n\t"
         : [r] "+l" (r), [a] "+l" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5"
+        : "memory", "r2", "r3", "r4", "r5", "cc"
     );
 }
 
@@ -209545,7 +209600,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_1024_div2_32(sp_digit* r, const sp_digit* a,
+SP_NOINLINE static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m)
 {
     sp_digit o;
@@ -209599,7 +209654,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_32(t2, t2, p1024_mod);
+    sp_1024_mont_div2_32(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -209609,7 +209664,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_32(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+    sp_1024_mont_sub_32(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -209632,7 +209687,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -209706,7 +209762,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -209731,7 +209787,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -209756,370 +209812,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "movs	r6, %[a]\n\t"
-        "movs	r3, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	r6, r6, #0x80\n\t"
-#else
-        "add	r6, r6, #0x80\n\t"
-#endif
-        "\n"
-    "L_sp_1024_sub_32_word_%=:\n\t"
-        "movs	r5, #0\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r5, r5, r3\n\t"
-#else
-        "sub	r5, r5, r3\n\t"
-#endif
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r5\n\t"
-#else
-        "sbc	r4, r5\n\t"
-#endif
-        "str	r4, [%[r]]\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r3\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r3\n\t"
-#else
-        "sbc	r3, r3\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[a], %[a], #4\n\t"
-#else
-        "add	%[a], %[a], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[b], %[b], #4\n\t"
-#else
-        "add	%[b], %[b], #4\n\t"
-#endif
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "adds	%[r], %[r], #4\n\t"
-#else
-        "add	%[r], %[r], #4\n\t"
-#endif
-        "cmp	%[a], r6\n\t"
-        "bne	L_sp_1024_sub_32_word_%=\n\t"
-        "movs	%[r], r3\n\t"
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    __asm__ __volatile__ (
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#if defined(__clang__) || defined(WOLFSSL_KEIL)
-        "subs	r3, r3, r5\n\t"
-#else
-        "sub	r3, r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "ldm	%[a]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	r3, r3, r5\n\t"
-#elif defined(__clang__)
-        "sbcs	r3, r5\n\t"
-#else
-        "sbc	r3, r5\n\t"
-#endif
-#ifdef WOLFSSL_KEIL
-        "sbcs	r4, r4, r6\n\t"
-#elif defined(__clang__)
-        "sbcs	r4, r6\n\t"
-#else
-        "sbc	r4, r6\n\t"
-#endif
-        "stm	%[r]!, {r3, r4}\n\t"
-#ifdef WOLFSSL_KEIL
-        "sbcs	%[r], %[r], %[r]\n\t"
-#elif defined(__clang__)
-        "sbcs	%[r], %[r]\n\t"
-#else
-        "sbc	%[r], %[r]\n\t"
-#endif
-        : [r] "+l" (r), [a] "+l" (a), [b] "+l" (b)
-        :
-        : "memory", "r3", "r4", "r5", "r6"
-    );
-    return (uint32_t)(size_t)r;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
 /* Compare two numbers to determine if they are equal.
  * Constant time implementation.
  *
@@ -210167,12 +209859,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
 static void sp_1024_proj_point_add_32(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*32;
+    sp_digit* t2 = t + 4*32;
+    sp_digit* t3 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -210194,17 +209886,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -210223,20 +209907,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_mont_dbl_32(t3, y, p1024_mod);
         sp_1024_mont_sub_32(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+        sp_1024_mont_sub_32(y, y, x, p1024_mod);
         sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -210282,12 +209977,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->t3 = t + 4*32;
-        ctx->t4 = t + 6*32;
-        ctx->t5 = t + 8*32;
-        ctx->t6 = t + 10*32;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*32;
+        ctx->t2 = t + 4*32;
+        ctx->t3 = t + 6*32;
+        ctx->t4 = t + 8*32;
+        ctx->t5 = t + 10*32;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -210394,7 +210089,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -210407,22 +210102,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -210582,8 +210283,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
 }
 
 #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -210622,7 +210321,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+        sp_1024_mont_tpl_32(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -210631,8 +210330,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         sp_1024_mont_dbl_32(t2, b, p1024_mod);
         sp_1024_mont_sub_32(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_32(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -210652,7 +210351,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+    sp_1024_mont_tpl_32(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -210661,8 +210360,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_dbl_32(t2, b, p1024_mod);
     sp_1024_mont_sub_32(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_32(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -210672,7 +210371,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_sub_32(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_32(y, y, p1024_mod);
+    sp_1024_mont_div2_32(y, y, p1024_mod);
 }
 
 /* Convert the projective point to affine.
@@ -210718,12 +210417,12 @@ typedef struct sp_table_entry_1024 {
 static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*32;
+    sp_digit* t6 = t + 4*32;
+    sp_digit* t1 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -210739,13 +210438,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -210754,33 +210449,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_32(t1, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -211011,7 +210713,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -211082,8 +210784,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -211366,7 +211068,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -211437,8 +211139,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -215192,7 +214894,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -215214,7 +214916,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -215430,7 +215132,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -215456,7 +215158,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_32(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -217477,7 +217179,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -217592,7 +217294,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_32(t1, ty, p1024_mod);
+    sp_1024_mont_div2_32(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -217612,7 +217314,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_32(t1, t1, p1024_mod);
+    sp_1024_mont_div2_32(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -218030,7 +217732,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_32(t1, ty, p1024_mod);
+        sp_1024_mont_div2_32(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -218068,7 +217770,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_32(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -218879,7 +218581,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -218908,19 +218610,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 32;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_32(t1, point->y);
         (void)sp_1024_mod_32(t1, t1, p1024_mod);
         sp_1024_sqr_32(t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
         sp_1024_mul_32(t2, t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        (void)sp_1024_sub_32(t2, p1024_mod, t2);
-        sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_32(t1, p1024_mod);
         sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
         sp_1024_norm_32(t1);
@@ -218937,7 +218641,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
index cd226658..468e0fcf 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c32.c
@@ -56,6 +56,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifndef WOLFSSL_SP_ASM
 #if SP_WORD_SIZE == 32
 #define SP_PRINT_NUM(var, name, total, words, bits)   \
@@ -78,11 +88,14 @@
 #define SP_PRINT_INT(var, name)                       \
     fprintf(stderr, name "=%d\n", var)
 
-#if (((!defined(WC_NO_CACHE_RESISTANT) && \
-      (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
-     (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
+#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
+     ((!defined(WC_NO_CACHE_RESISTANT) && \
+       (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
+      (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
     !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
-    defined(WOLFSSL_HAVE_SP_ECC))
+    defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
+    defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
+    defined(WOLFSSL_SP_1024)))
 /* Mask for address to obfuscate which of the two address will be used. */
 static const size_t addr_mask[2] = { 0, (size_t)-1 };
 #endif
@@ -139,14 +152,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 29
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 28);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 28);
     }
 #elif DIGIT_BIT > 29
     unsigned int i;
@@ -1389,7 +1402,7 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -1766,7 +1779,7 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1780,7 +1793,7 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -2795,7 +2808,7 @@ static void sp_2048_mont_reduce_72(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -2809,7 +2822,7 @@ SP_NOINLINE static void sp_2048_mont_mul_72(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_72(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -3531,7 +3544,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -3541,7 +3554,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -3570,12 +3583,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -3594,7 +3607,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         err = sp_2048_mod_72(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=28; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -3631,14 +3644,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 256U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -3667,12 +3680,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         m = r + 72 * 2;
 
         sp_2048_from_bin(a, 72, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -3702,7 +3715,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
             err = sp_2048_mod_72(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=28; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -4900,14 +4913,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 29
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 28);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 28);
     }
 #elif DIGIT_BIT > 29
     unsigned int i;
@@ -5169,7 +5182,7 @@ SP_NOINLINE static void sp_3072_sqr_106(sp_digit* r, const sp_digit* a)
     r[0] = (sp_digit)(c >> 29);
 }
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -5448,7 +5461,7 @@ SP_NOINLINE static void sp_3072_mul_53(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_53(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -5526,7 +5539,7 @@ SP_NOINLINE static void sp_3072_sqr_53(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_53(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -6351,7 +6364,7 @@ static void sp_3072_mont_reduce_106(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6365,7 +6378,7 @@ SP_NOINLINE static void sp_3072_mont_mul_106(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_106(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -6989,7 +7002,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -6999,7 +7012,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -7028,12 +7041,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -7052,7 +7065,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         err = sp_3072_mod_106(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=28; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -7089,14 +7102,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 384U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -7125,12 +7138,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         m = r + 106 * 2;
 
         sp_3072_from_bin(a, 106, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -7160,7 +7173,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
             err = sp_3072_mod_106(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=28; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -8205,14 +8218,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 28
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 27);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 27);
     }
 #elif DIGIT_BIT > 28
     unsigned int i;
@@ -9220,7 +9233,7 @@ SP_NOINLINE static void sp_3072_sqr_112(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -9524,7 +9537,7 @@ static void sp_3072_mont_reduce_56(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9538,7 +9551,7 @@ SP_NOINLINE static void sp_3072_mont_mul_56(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_56(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -10442,7 +10455,7 @@ static void sp_3072_mont_reduce_112(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -10456,7 +10469,7 @@ SP_NOINLINE static void sp_3072_mont_mul_112(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_112(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -11107,7 +11120,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -11117,7 +11130,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 28) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -11146,12 +11159,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 28
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -11170,7 +11183,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         err = sp_3072_mod_112(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=27; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -11207,14 +11220,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 384U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 28) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -11243,12 +11256,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         m = r + 112 * 2;
 
         sp_3072_from_bin(a, 112, in, inLen);
-#if DIGIT_BIT >= 28
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -11278,7 +11291,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
             err = sp_3072_mod_112(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=27; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -12548,14 +12561,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 29
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 28);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 28);
     }
 #elif DIGIT_BIT > 29
     unsigned int i;
@@ -12819,7 +12832,7 @@ SP_NOINLINE static void sp_4096_sqr_142(sp_digit* r, const sp_digit* a)
     r[0] = (sp_digit)(c >> 29);
 }
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -13105,7 +13118,7 @@ SP_NOINLINE static void sp_4096_mul_71(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_71(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -13183,7 +13196,7 @@ SP_NOINLINE static void sp_4096_sqr_71(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_71(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -14009,7 +14022,7 @@ static void sp_4096_mont_reduce_142(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14023,7 +14036,7 @@ SP_NOINLINE static void sp_4096_mont_mul_142(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_142(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -14647,7 +14660,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -14657,7 +14670,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -14686,12 +14699,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -14710,7 +14723,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         err = sp_4096_mod_142(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=28; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -14747,14 +14760,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 512U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 29) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -14783,12 +14796,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         m = r + 142 * 2;
 
         sp_4096_from_bin(a, 142, in, inLen);
-#if DIGIT_BIT >= 29
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -14818,7 +14831,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
             err = sp_4096_mod_142(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=28; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -15721,14 +15734,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 26
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 25);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 25);
     }
 #elif DIGIT_BIT > 26
     unsigned int i;
@@ -16745,7 +16758,7 @@ SP_NOINLINE static void sp_4096_sqr_162(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -17064,7 +17077,7 @@ static void sp_4096_mont_reduce_81(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -17078,7 +17091,7 @@ SP_NOINLINE static void sp_4096_mont_mul_81(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_81(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -17969,7 +17982,7 @@ static void sp_4096_mont_reduce_162(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -17983,7 +17996,7 @@ SP_NOINLINE static void sp_4096_mont_mul_162(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_162(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -18632,7 +18645,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -18642,7 +18655,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 26) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -18671,12 +18684,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 26
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -18695,7 +18708,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         err = sp_4096_mod_162(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=25; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -18732,14 +18745,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 512U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 26) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -18768,12 +18781,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         m = r + 162 * 2;
 
         sp_4096_from_bin(a, 162, in, inLen);
-#if DIGIT_BIT >= 26
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -18803,7 +18816,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
             err = sp_4096_mod_162(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=25; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -20442,14 +20455,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 29
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 28);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 28);
     }
 #elif DIGIT_BIT > 29
     unsigned int i;
@@ -20943,7 +20956,7 @@ static void sp_256_mont_reduce_9(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -20957,7 +20970,7 @@ SP_NOINLINE static void sp_256_mont_mul_9(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -20973,10 +20986,10 @@ SP_NOINLINE static void sp_256_mont_sqr_9(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_9(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_9(r, a, m, mp);
     for (; n > 1; n--) {
@@ -21217,7 +21230,6 @@ static void sp_256_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
     sp_256_norm_9(r);
 }
 
-#define sp_256_mont_sub_lower_9 sp_256_mont_sub_9
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -21251,7 +21263,8 @@ SP_NOINLINE static void sp_256_rshift1_9(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_256_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_256_mont_div2_9(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_256_cond_add_9(r, a, m, 0 - (a[0] & 1));
     sp_256_norm_9(r);
@@ -21302,7 +21315,7 @@ static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_9(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_9(t2, t2, p256_mod);
+    sp_256_mont_div2_9(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_9(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
@@ -21312,7 +21325,7 @@ static void sp_256_proj_point_dbl_9(sp_point_256* r, const sp_point_256* p,
     /* X = X - Y */
     sp_256_mont_sub_9(x, x, y, p256_mod);
     /* Y = Y - X */
-    sp_256_mont_sub_lower_9(y, y, x, p256_mod);
+    sp_256_mont_sub_9(y, y, x, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_9(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -21335,7 +21348,8 @@ typedef struct sp_256_proj_point_dbl_9_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_9_ctx* ctx = (sp_256_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -21409,7 +21423,7 @@ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_9(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_9(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -21434,7 +21448,7 @@ static int sp_256_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_256_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -21496,12 +21510,12 @@ static int sp_256_iszero_9(const sp_digit* a)
 static void sp_256_proj_point_add_9(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*9;
+    sp_digit* t2 = t + 4*9;
+    sp_digit* t3 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_9(t1, q->z, p256_mod, p256_mp_mod);
@@ -21523,17 +21537,9 @@ static void sp_256_proj_point_add_9(sp_point_256* r,
         sp_256_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_9(t2, t2, t1, p256_mod);
@@ -21552,20 +21558,31 @@ static void sp_256_proj_point_add_9(sp_point_256* r,
         sp_256_mont_dbl_9(t3, y, p256_mod);
         sp_256_mont_sub_9(x, x, t3, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_9(y, y, x, p256_mod);
+        sp_256_mont_sub_9(y, y, x, p256_mod);
         sp_256_mont_mul_9(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_9(y, y, t5, p256_mod);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -21611,12 +21628,12 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->t3 = t + 4*9;
-        ctx->t4 = t + 6*9;
-        ctx->t5 = t + 8*9;
-        ctx->t6 = t + 10*9;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*9;
+        ctx->t2 = t + 4*9;
+        ctx->t3 = t + 6*9;
+        ctx->t4 = t + 8*9;
+        ctx->t5 = t + 10*9;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -21723,7 +21740,7 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_9(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -21736,22 +21753,28 @@ static int sp_256_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -22172,8 +22195,6 @@ static void sp_256_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_256_mont_dbl_lower_9 sp_256_mont_dbl_9
-#define sp_256_mont_tpl_lower_9 sp_256_mont_tpl_9
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -22212,7 +22233,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_9(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+        sp_256_mont_tpl_9(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22221,8 +22242,8 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
         sp_256_mont_dbl_9(t2, b, p256_mod);
         sp_256_mont_sub_9(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+        sp_256_mont_sub_9(t2, b, x, p256_mod);
+        sp_256_mont_dbl_9(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -22242,7 +22263,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_9(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+    sp_256_mont_tpl_9(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22251,8 +22272,8 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
     sp_256_mont_dbl_9(t2, b, p256_mod);
     sp_256_mont_sub_9(x, x, t2, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
-    sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+    sp_256_mont_sub_9(t2, b, x, p256_mod);
+    sp_256_mont_dbl_9(b, t2, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_9(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -22262,7 +22283,7 @@ static void sp_256_proj_point_dbl_n_9(sp_point_256* p, int i,
     sp_256_mont_sub_9(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_9(y, y, p256_mod);
+    sp_256_mont_div2_9(y, y, p256_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -22308,7 +22329,7 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_9(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_9(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_9(a, t1, p256_mod);
+        sp_256_mont_tpl_9(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_9(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_9(b, t1, x, p256_mod, p256_mp_mod);
@@ -22318,8 +22339,8 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
         sp_256_mont_dbl_9(t2, b, p256_mod);
         sp_256_mont_sub_9(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_9(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_9(b, t2, p256_mod);
+        sp_256_mont_sub_9(t2, b, x, p256_mod);
+        sp_256_mont_dbl_9(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_9(r[j].z, z, y, p256_mod, p256_mp_mod);
         z = r[j].z;
@@ -22333,7 +22354,7 @@ static void sp_256_proj_point_dbl_n_store_9(sp_point_256* r,
         sp_256_mont_mul_9(y, b, a, p256_mod, p256_mp_mod);
         sp_256_mont_sub_9(y, y, t1, p256_mod);
         /* Y = Y/2 */
-        sp_256_div2_9(r[j].y, y, p256_mod);
+        sp_256_mont_div2_9(r[j].y, y, p256_mod);
         r[j].infinity = 0;
     }
 }
@@ -22407,8 +22428,8 @@ static void sp_256_proj_point_add_sub_9(sp_point_256* ra,
     sp_256_mont_sub_9(xs, xs, t1, p256_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_lower_9(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_lower_9(ya, ya, xa, p256_mod);
+    sp_256_mont_sub_9(ys, ya, xs, p256_mod);
+    sp_256_mont_sub_9(ya, ya, xa, p256_mod);
     sp_256_mont_mul_9(ya, ya, t4, p256_mod, p256_mp_mod);
     sp_256_sub_9(t6, p256_mod, t6);
     sp_256_mont_mul_9(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -22492,7 +22513,7 @@ static void sp_256_ecc_recode_6_9(const sp_digit* k, ecc_recode_256* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_point_33_9(sp_point_256* r, const sp_point_256* table,
@@ -22600,7 +22621,7 @@ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 
+    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -22719,12 +22740,12 @@ static int sp_256_ecc_mulmod_win_add_sub_9(sp_point_256* r, const sp_point_256*
 static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*9;
+    sp_digit* t6 = t + 4*9;
+    sp_digit* t1 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -22740,13 +22761,9 @@ static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
         sp_256_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_9(t2, t2, p->x, p256_mod);
@@ -22755,33 +22772,40 @@ static void sp_256_proj_point_add_qz1_9(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_9(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_9(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_9(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_9(t1, t3, p256_mod);
-        sp_256_mont_sub_9(x, x, t1, p256_mod);
+        sp_256_mont_sqr_9(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_9(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_9(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_9(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_9(t2, t2, t1, p256_mod);
+        sp_256_mont_dbl_9(t5, t3, p256_mod);
+        sp_256_mont_sub_9(x, t2, t5, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_9(t3, t3, x, p256_mod);
+        sp_256_mont_sub_9(t3, t3, x, p256_mod);
         sp_256_mont_mul_9(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_9(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_9(y, t3, t5, p256_mod);
+        sp_256_mont_mul_9(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_9(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -22903,7 +22927,7 @@ static int sp_256_gen_stripe_table_9(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_256_9(sp_point_256* r,
@@ -23102,7 +23126,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -23173,8 +23197,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_9(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -23291,7 +23315,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -23302,7 +23326,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -24759,7 +24783,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -24781,7 +24805,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -24935,7 +24959,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -24943,7 +24967,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -25578,7 +25602,7 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a,
     sp_256_mont_sqr_n_order_9(t2, t3, 4);
     /* t = a^ff = t2 * t3 */
     sp_256_mont_mul_order_9(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    /* t2= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_9(t2, t, 8);
     /* t = a^ffff = t2 * t */
     sp_256_mont_mul_order_9(t, t2, t);
@@ -25595,7 +25619,11 @@ static void sp_256_mont_inv_order_9(sp_digit* r, const sp_digit* a,
     /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_9(t2, t2, t);
     /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
+    sp_256_mont_sqr_order_9(t2, t2);
+    sp_256_mont_mul_order_9(t2, t2, a);
+    sp_256_mont_sqr_n_order_9(t2, t2, 5);
+    sp_256_mont_mul_order_9(t2, t2, t3);
+    for (i=121; i>=112; i--) {
         sp_256_mont_sqr_order_9(t2, t2);
         if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
             sp_256_mont_mul_order_9(t2, t2, a);
@@ -26094,8 +26122,8 @@ static int sp_256_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_256_cmp_9(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_256_cmp_9(u, v) >= 0))) {
                 sp_256_sub_9(u, u, v);
                 sp_256_norm_9(u);
 
@@ -26189,7 +26217,7 @@ static void sp_256_add_points_9(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -26513,7 +26541,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -26541,19 +26569,21 @@ static int sp_256_ecc_is_point_9(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 9;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_9(t1, point->y);
         (void)sp_256_mod_9(t1, t1, p256_mod);
         sp_256_sqr_9(t2, point->x);
         (void)sp_256_mod_9(t2, t2, p256_mod);
         sp_256_mul_9(t2, t2, point->x);
         (void)sp_256_mod_9(t2, t2, p256_mod);
-        (void)sp_256_sub_9(t2, p256_mod, t2);
-        sp_256_mont_add_9(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_9(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_9(t1, t1, point->x, p256_mod);
         sp_256_mont_add_9(t1, t1, point->x, p256_mod);
         sp_256_mont_add_9(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_9(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -26567,7 +26597,7 @@ static int sp_256_ecc_is_point_9(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -27789,14 +27819,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 26
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 25);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 25);
     }
 #elif DIGIT_BIT > 26
     unsigned int i;
@@ -28334,7 +28364,7 @@ static void sp_384_mont_reduce_15(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28348,7 +28378,7 @@ SP_NOINLINE static void sp_384_mont_mul_15(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -28364,10 +28394,10 @@ SP_NOINLINE static void sp_384_mont_sqr_15(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_15(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_15(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_15(r, a, m, mp);
     for (; n > 1; n--) {
@@ -28630,7 +28660,6 @@ static void sp_384_mont_sub_15(sp_digit* r, const sp_digit* a, const sp_digit* b
     sp_384_norm_15(r);
 }
 
-#define sp_384_mont_sub_lower_15 sp_384_mont_sub_15
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -28670,7 +28699,8 @@ SP_NOINLINE static void sp_384_rshift1_15(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_384_div2_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_15(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_384_cond_add_15(r, a, m, 0 - (a[0] & 1));
     sp_384_norm_15(r);
@@ -28721,7 +28751,7 @@ static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_15(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_15(t2, t2, p384_mod);
+    sp_384_mont_div2_15(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_15(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -28731,7 +28761,7 @@ static void sp_384_proj_point_dbl_15(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_15(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_15(y, y, x, p384_mod);
+    sp_384_mont_sub_15(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_15(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -28754,7 +28784,8 @@ typedef struct sp_384_proj_point_dbl_15_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_15_ctx* ctx = (sp_384_proj_point_dbl_15_ctx*)sp_ctx->data;
@@ -28828,7 +28859,7 @@ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_15(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_15(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -28853,7 +28884,7 @@ static int sp_384_proj_point_dbl_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_15(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -28917,12 +28948,12 @@ static int sp_384_iszero_15(const sp_digit* a)
 static void sp_384_proj_point_add_15(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*15;
-    sp_digit* t3 = t + 4*15;
-    sp_digit* t4 = t + 6*15;
-    sp_digit* t5 = t + 8*15;
-    sp_digit* t6 = t + 10*15;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*15;
+    sp_digit* t2 = t + 4*15;
+    sp_digit* t3 = t + 6*15;
+    sp_digit* t4 = t + 8*15;
+    sp_digit* t5 = t + 10*15;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_15(t1, q->z, p384_mod, p384_mp_mod);
@@ -28944,17 +28975,9 @@ static void sp_384_proj_point_add_15(sp_point_384* r,
         sp_384_proj_point_dbl_15(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_15(t2, t2, t1, p384_mod);
@@ -28973,20 +28996,31 @@ static void sp_384_proj_point_add_15(sp_point_384* r,
         sp_384_mont_dbl_15(t3, y, p384_mod);
         sp_384_mont_sub_15(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_15(y, y, x, p384_mod);
+        sp_384_mont_sub_15(y, y, x, p384_mod);
         sp_384_mont_mul_15(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_15(y, y, t5, p384_mod);
-        for (i = 0; i < 15; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 15; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -29032,12 +29066,12 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*15;
-        ctx->t3 = t + 4*15;
-        ctx->t4 = t + 6*15;
-        ctx->t5 = t + 8*15;
-        ctx->t6 = t + 10*15;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*15;
+        ctx->t2 = t + 4*15;
+        ctx->t3 = t + 6*15;
+        ctx->t4 = t + 8*15;
+        ctx->t5 = t + 10*15;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -29144,7 +29178,7 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_15(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_15(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -29157,22 +29191,28 @@ static int sp_384_proj_point_add_15_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 15; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 15; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -29649,8 +29689,6 @@ static void sp_384_cond_copy_15(sp_digit* r, const sp_digit* a, const sp_digit m
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_384_mont_dbl_lower_15 sp_384_mont_dbl_15
-#define sp_384_mont_tpl_lower_15 sp_384_mont_tpl_15
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -29689,7 +29727,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_15(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+        sp_384_mont_tpl_15(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29698,8 +29736,8 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
         sp_384_mont_dbl_15(t2, b, p384_mod);
         sp_384_mont_sub_15(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+        sp_384_mont_sub_15(t2, b, x, p384_mod);
+        sp_384_mont_dbl_15(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -29719,7 +29757,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_15(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+    sp_384_mont_tpl_15(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29728,8 +29766,8 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
     sp_384_mont_dbl_15(t2, b, p384_mod);
     sp_384_mont_sub_15(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+    sp_384_mont_sub_15(t2, b, x, p384_mod);
+    sp_384_mont_dbl_15(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_15(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -29739,7 +29777,7 @@ static void sp_384_proj_point_dbl_n_15(sp_point_384* p, int i,
     sp_384_mont_sub_15(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_15(y, y, p384_mod);
+    sp_384_mont_div2_15(y, y, p384_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -29785,7 +29823,7 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_15(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_15(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_15(a, t1, p384_mod);
+        sp_384_mont_tpl_15(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_15(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_15(b, t1, x, p384_mod, p384_mp_mod);
@@ -29795,8 +29833,8 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
         sp_384_mont_dbl_15(t2, b, p384_mod);
         sp_384_mont_sub_15(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_15(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_15(b, t2, p384_mod);
+        sp_384_mont_sub_15(t2, b, x, p384_mod);
+        sp_384_mont_dbl_15(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_15(r[j].z, z, y, p384_mod, p384_mp_mod);
         z = r[j].z;
@@ -29810,7 +29848,7 @@ static void sp_384_proj_point_dbl_n_store_15(sp_point_384* r,
         sp_384_mont_mul_15(y, b, a, p384_mod, p384_mp_mod);
         sp_384_mont_sub_15(y, y, t1, p384_mod);
         /* Y = Y/2 */
-        sp_384_div2_15(r[j].y, y, p384_mod);
+        sp_384_mont_div2_15(r[j].y, y, p384_mod);
         r[j].infinity = 0;
     }
 }
@@ -29884,8 +29922,8 @@ static void sp_384_proj_point_add_sub_15(sp_point_384* ra,
     sp_384_mont_sub_15(xs, xs, t1, p384_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_lower_15(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_lower_15(ya, ya, xa, p384_mod);
+    sp_384_mont_sub_15(ys, ya, xs, p384_mod);
+    sp_384_mont_sub_15(ya, ya, xa, p384_mod);
     sp_384_mont_mul_15(ya, ya, t4, p384_mod, p384_mp_mod);
     sp_384_sub_15(t6, p384_mod, t6);
     sp_384_mont_mul_15(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -29969,7 +30007,7 @@ static void sp_384_ecc_recode_6_15(const sp_digit* k, ecc_recode_384* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_point_33_15(sp_point_384* r, const sp_point_384* table,
@@ -30113,7 +30151,7 @@ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 
+    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -30232,12 +30270,12 @@ static int sp_384_ecc_mulmod_win_add_sub_15(sp_point_384* r, const sp_point_384*
 static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*15;
-    sp_digit* t3 = t + 4*15;
-    sp_digit* t4 = t + 6*15;
-    sp_digit* t5 = t + 8*15;
-    sp_digit* t6 = t + 10*15;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*15;
+    sp_digit* t6 = t + 4*15;
+    sp_digit* t1 = t + 6*15;
+    sp_digit* t4 = t + 8*15;
+    sp_digit* t5 = t + 10*15;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -30253,13 +30291,9 @@ static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
         sp_384_proj_point_dbl_15(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_15(t2, t2, p->x, p384_mod);
@@ -30268,33 +30302,40 @@ static void sp_384_proj_point_add_qz1_15(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_15(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_15(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_15(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_15(t1, t3, p384_mod);
-        sp_384_mont_sub_15(x, x, t1, p384_mod);
+        sp_384_mont_sqr_15(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_15(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_15(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_15(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_15(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_15(t5, t3, p384_mod);
+        sp_384_mont_sub_15(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_15(t3, t3, x, p384_mod);
+        sp_384_mont_sub_15(t3, t3, x, p384_mod);
         sp_384_mont_mul_15(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_15(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_15(y, t3, t5, p384_mod);
+        sp_384_mont_mul_15(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_15(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 15; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 15; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 15; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 15; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -30416,7 +30457,7 @@ static int sp_384_gen_stripe_table_15(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_15(sp_point_384* r,
@@ -30639,7 +30680,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -30710,8 +30751,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_15(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_15(r, g, k, map, ct, heap);
@@ -30828,7 +30869,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -30839,7 +30880,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -32808,7 +32849,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -32830,7 +32871,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -32984,7 +33025,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -32992,7 +33033,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -34156,8 +34197,8 @@ static int sp_384_mod_inv_15(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_384_cmp_15(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_384_cmp_15(u, v) >= 0))) {
                 sp_384_sub_15(u, u, v);
                 sp_384_norm_15(u);
 
@@ -34257,7 +34298,7 @@ static void sp_384_add_points_15(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -34581,7 +34622,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -34609,19 +34650,21 @@ static int sp_384_ecc_is_point_15(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 15;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_15(t1, point->y);
         (void)sp_384_mod_15(t1, t1, p384_mod);
         sp_384_sqr_15(t2, point->x);
         (void)sp_384_mod_15(t2, t2, p384_mod);
         sp_384_mul_15(t2, t2, point->x);
         (void)sp_384_mod_15(t2, t2, p384_mod);
-        (void)sp_384_sub_15(t2, p384_mod, t2);
-        sp_384_mont_add_15(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_15(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_15(t1, t1, point->x, p384_mod);
         sp_384_mont_add_15(t1, t1, point->x, p384_mod);
         sp_384_mont_add_15(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_15(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -34635,7 +34678,7 @@ static int sp_384_ecc_is_point_15(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -35513,14 +35556,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 25
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 24);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 24);
     }
 #elif DIGIT_BIT > 25
     unsigned int i;
@@ -35994,7 +36037,7 @@ static void sp_521_mont_reduce_order_21(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -36008,7 +36051,7 @@ SP_NOINLINE static void sp_521_mont_mul_21(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -36024,10 +36067,10 @@ SP_NOINLINE static void sp_521_mont_sqr_21(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_21(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_21(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_21(r, a, m, mp);
     for (; n > 1; n--) {
@@ -36289,7 +36332,6 @@ static void sp_521_mont_sub_21(sp_digit* r, const sp_digit* a, const sp_digit* b
     sp_521_norm_21(r);
 }
 
-#define sp_521_mont_sub_lower_21 sp_521_mont_sub_21
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -36335,7 +36377,8 @@ SP_NOINLINE static void sp_521_rshift1_21(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_521_div2_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_21(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_521_cond_add_21(r, a, m, 0 - (a[0] & 1));
     sp_521_norm_21(r);
@@ -36386,7 +36429,7 @@ static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_21(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_21(t2, t2, p521_mod);
+    sp_521_mont_div2_21(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_21(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -36396,7 +36439,7 @@ static void sp_521_proj_point_dbl_21(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_21(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_21(y, y, x, p521_mod);
+    sp_521_mont_sub_21(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_21(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -36419,7 +36462,8 @@ typedef struct sp_521_proj_point_dbl_21_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_21_ctx* ctx = (sp_521_proj_point_dbl_21_ctx*)sp_ctx->data;
@@ -36493,7 +36537,7 @@ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_21(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_21(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -36518,7 +36562,7 @@ static int sp_521_proj_point_dbl_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_21(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -36585,12 +36629,12 @@ static int sp_521_iszero_21(const sp_digit* a)
 static void sp_521_proj_point_add_21(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*21;
-    sp_digit* t3 = t + 4*21;
-    sp_digit* t4 = t + 6*21;
-    sp_digit* t5 = t + 8*21;
-    sp_digit* t6 = t + 10*21;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*21;
+    sp_digit* t2 = t + 4*21;
+    sp_digit* t3 = t + 6*21;
+    sp_digit* t4 = t + 8*21;
+    sp_digit* t5 = t + 10*21;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_21(t1, q->z, p521_mod, p521_mp_mod);
@@ -36612,17 +36656,9 @@ static void sp_521_proj_point_add_21(sp_point_521* r,
         sp_521_proj_point_dbl_21(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_21(t2, t2, t1, p521_mod);
@@ -36641,20 +36677,31 @@ static void sp_521_proj_point_add_21(sp_point_521* r,
         sp_521_mont_dbl_21(t3, y, p521_mod);
         sp_521_mont_sub_21(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_21(y, y, x, p521_mod);
+        sp_521_mont_sub_21(y, y, x, p521_mod);
         sp_521_mont_mul_21(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_21(y, y, t5, p521_mod);
-        for (i = 0; i < 21; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 21; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -36700,12 +36747,12 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*21;
-        ctx->t3 = t + 4*21;
-        ctx->t4 = t + 6*21;
-        ctx->t5 = t + 8*21;
-        ctx->t6 = t + 10*21;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*21;
+        ctx->t2 = t + 4*21;
+        ctx->t3 = t + 6*21;
+        ctx->t4 = t + 8*21;
+        ctx->t5 = t + 10*21;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -36812,7 +36859,7 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_21(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_21(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -36825,22 +36872,28 @@ static int sp_521_proj_point_add_21_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 21; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 21; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -37179,8 +37232,6 @@ static void sp_521_cond_copy_21(sp_digit* r, const sp_digit* a, const sp_digit m
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_521_mont_dbl_lower_21 sp_521_mont_dbl_21
-#define sp_521_mont_tpl_lower_21 sp_521_mont_tpl_21
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -37219,7 +37270,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_21(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+        sp_521_mont_tpl_21(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37228,8 +37279,8 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
         sp_521_mont_dbl_21(t2, b, p521_mod);
         sp_521_mont_sub_21(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+        sp_521_mont_sub_21(t2, b, x, p521_mod);
+        sp_521_mont_dbl_21(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -37249,7 +37300,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_21(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+    sp_521_mont_tpl_21(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37258,8 +37309,8 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
     sp_521_mont_dbl_21(t2, b, p521_mod);
     sp_521_mont_sub_21(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+    sp_521_mont_sub_21(t2, b, x, p521_mod);
+    sp_521_mont_dbl_21(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_21(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -37269,7 +37320,7 @@ static void sp_521_proj_point_dbl_n_21(sp_point_521* p, int i,
     sp_521_mont_sub_21(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_21(y, y, p521_mod);
+    sp_521_mont_div2_21(y, y, p521_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -37315,7 +37366,7 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_21(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_21(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_21(a, t1, p521_mod);
+        sp_521_mont_tpl_21(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_21(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_21(b, t1, x, p521_mod, p521_mp_mod);
@@ -37325,8 +37376,8 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
         sp_521_mont_dbl_21(t2, b, p521_mod);
         sp_521_mont_sub_21(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_21(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_21(b, t2, p521_mod);
+        sp_521_mont_sub_21(t2, b, x, p521_mod);
+        sp_521_mont_dbl_21(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_21(r[j].z, z, y, p521_mod, p521_mp_mod);
         z = r[j].z;
@@ -37340,7 +37391,7 @@ static void sp_521_proj_point_dbl_n_store_21(sp_point_521* r,
         sp_521_mont_mul_21(y, b, a, p521_mod, p521_mp_mod);
         sp_521_mont_sub_21(y, y, t1, p521_mod);
         /* Y = Y/2 */
-        sp_521_div2_21(r[j].y, y, p521_mod);
+        sp_521_mont_div2_21(r[j].y, y, p521_mod);
         r[j].infinity = 0;
     }
 }
@@ -37414,8 +37465,8 @@ static void sp_521_proj_point_add_sub_21(sp_point_521* ra,
     sp_521_mont_sub_21(xs, xs, t1, p521_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_lower_21(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_lower_21(ya, ya, xa, p521_mod);
+    sp_521_mont_sub_21(ys, ya, xs, p521_mod);
+    sp_521_mont_sub_21(ya, ya, xa, p521_mod);
     sp_521_mont_mul_21(ya, ya, t4, p521_mod, p521_mp_mod);
     sp_521_sub_21(t6, p521_mod, t6);
     sp_521_mont_mul_21(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -37499,7 +37550,7 @@ static void sp_521_ecc_recode_6_21(const sp_digit* k, ecc_recode_521* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_point_33_21(sp_point_521* r, const sp_point_521* table,
@@ -37679,7 +37730,7 @@ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 
+    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -37798,12 +37849,12 @@ static int sp_521_ecc_mulmod_win_add_sub_21(sp_point_521* r, const sp_point_521*
 static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*21;
-    sp_digit* t3 = t + 4*21;
-    sp_digit* t4 = t + 6*21;
-    sp_digit* t5 = t + 8*21;
-    sp_digit* t6 = t + 10*21;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*21;
+    sp_digit* t6 = t + 4*21;
+    sp_digit* t1 = t + 6*21;
+    sp_digit* t4 = t + 8*21;
+    sp_digit* t5 = t + 10*21;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -37819,13 +37870,9 @@ static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
         sp_521_proj_point_dbl_21(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_21(t2, t2, p->x, p521_mod);
@@ -37834,33 +37881,40 @@ static void sp_521_proj_point_add_qz1_21(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_21(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_21(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_21(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_21(t1, t3, p521_mod);
-        sp_521_mont_sub_21(x, x, t1, p521_mod);
+        sp_521_mont_sqr_21(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_21(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_21(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_21(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_21(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_21(t5, t3, p521_mod);
+        sp_521_mont_sub_21(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_21(t3, t3, x, p521_mod);
+        sp_521_mont_sub_21(t3, t3, x, p521_mod);
         sp_521_mont_mul_21(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_21(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_21(y, t3, t5, p521_mod);
+        sp_521_mont_mul_21(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_21(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 21; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 21; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 21; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 21; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -37982,7 +38036,7 @@ static int sp_521_gen_stripe_table_21(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_21(sp_point_521* r,
@@ -38229,7 +38283,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -38300,8 +38354,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_21(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_21(r, g, k, map, ct, heap);
@@ -38418,7 +38472,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -38429,7 +38483,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -40908,7 +40962,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -40930,7 +40984,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -41085,7 +41139,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -41093,7 +41147,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -42302,8 +42356,8 @@ static int sp_521_mod_inv_21(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_521_cmp_21(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_521_cmp_21(u, v) >= 0))) {
                 sp_521_sub_21(u, u, v);
                 sp_521_norm_21(u);
 
@@ -42409,7 +42463,7 @@ static void sp_521_add_points_21(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -42742,7 +42796,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -42770,19 +42824,21 @@ static int sp_521_ecc_is_point_21(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 21;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_21(t1, point->y);
         (void)sp_521_mod_21(t1, t1, p521_mod);
         sp_521_sqr_21(t2, point->x);
         (void)sp_521_mod_21(t2, t2, p521_mod);
         sp_521_mul_21(t2, t2, point->x);
         (void)sp_521_mod_21(t2, t2, p521_mod);
-        (void)sp_521_sub_21(t2, p521_mod, t2);
-        sp_521_mont_add_21(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_21(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_21(t1, t1, point->x, p521_mod);
         sp_521_mont_add_21(t1, t1, point->x, p521_mod);
         sp_521_mont_add_21(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_21(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -42796,7 +42852,7 @@ static int sp_521_ecc_is_point_21(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -44421,14 +44477,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 25
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 24);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 24);
     }
 #elif DIGIT_BIT > 25
     unsigned int i;
@@ -44860,7 +44916,7 @@ static void sp_1024_mont_reduce_42(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -44874,7 +44930,7 @@ SP_NOINLINE static void sp_1024_mont_mul_42(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_42(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -45055,7 +45111,6 @@ static void sp_1024_mont_sub_42(sp_digit* r, const sp_digit* a, const sp_digit*
     sp_1024_norm_42(r);
 }
 
-#define sp_1024_mont_sub_lower_42 sp_1024_mont_sub_42
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -45122,7 +45177,8 @@ SP_NOINLINE static void sp_1024_rshift1_42(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_1024_div2_42(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_42(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_1024_cond_add_42(r, a, m, 0 - (a[0] & 1));
     sp_1024_norm_42(r);
@@ -45173,7 +45229,7 @@ static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_42(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_42(t2, t2, p1024_mod);
+    sp_1024_mont_div2_42(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_42(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -45183,7 +45239,7 @@ static void sp_1024_proj_point_dbl_42(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_42(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_42(y, y, x, p1024_mod);
+    sp_1024_mont_sub_42(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_42(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -45206,7 +45262,8 @@ typedef struct sp_1024_proj_point_dbl_42_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_42_ctx* ctx = (sp_1024_proj_point_dbl_42_ctx*)sp_ctx->data;
@@ -45280,7 +45337,7 @@ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_42(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_42(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -45305,7 +45362,7 @@ static int sp_1024_proj_point_dbl_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_42(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -45382,12 +45439,12 @@ static int sp_1024_iszero_42(const sp_digit* a)
 static void sp_1024_proj_point_add_42(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*42;
-    sp_digit* t3 = t + 4*42;
-    sp_digit* t4 = t + 6*42;
-    sp_digit* t5 = t + 8*42;
-    sp_digit* t6 = t + 10*42;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*42;
+    sp_digit* t2 = t + 4*42;
+    sp_digit* t3 = t + 6*42;
+    sp_digit* t4 = t + 8*42;
+    sp_digit* t5 = t + 10*42;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_42(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -45409,17 +45466,9 @@ static void sp_1024_proj_point_add_42(sp_point_1024* r,
         sp_1024_proj_point_dbl_42(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
@@ -45438,20 +45487,31 @@ static void sp_1024_proj_point_add_42(sp_point_1024* r,
         sp_1024_mont_dbl_42(t3, y, p1024_mod);
         sp_1024_mont_sub_42(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_42(y, y, x, p1024_mod);
+        sp_1024_mont_sub_42(y, y, x, p1024_mod);
         sp_1024_mont_mul_42(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_42(y, y, t5, p1024_mod);
-        for (i = 0; i < 42; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 42; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -45497,12 +45557,12 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*42;
-        ctx->t3 = t + 4*42;
-        ctx->t4 = t + 6*42;
-        ctx->t5 = t + 8*42;
-        ctx->t6 = t + 10*42;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*42;
+        ctx->t2 = t + 4*42;
+        ctx->t3 = t + 6*42;
+        ctx->t4 = t + 8*42;
+        ctx->t5 = t + 10*42;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -45609,7 +45669,7 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_42(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_42(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -45622,22 +45682,28 @@ static int sp_1024_proj_point_add_42_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 42; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 42; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -46000,8 +46066,6 @@ static void sp_1024_cond_copy_42(sp_digit* r, const sp_digit* a, const sp_digit
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_1024_mont_dbl_lower_42 sp_1024_mont_dbl_42
-#define sp_1024_mont_tpl_lower_42 sp_1024_mont_tpl_42
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -46040,7 +46104,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+        sp_1024_mont_tpl_42(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46049,8 +46113,8 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
         sp_1024_mont_dbl_42(t2, b, p1024_mod);
         sp_1024_mont_sub_42(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+        sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_42(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -46070,7 +46134,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+    sp_1024_mont_tpl_42(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46079,8 +46143,8 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
     sp_1024_mont_dbl_42(t2, b, p1024_mod);
     sp_1024_mont_sub_42(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+    sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_42(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_42(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -46090,7 +46154,7 @@ static void sp_1024_proj_point_dbl_n_42(sp_point_1024* p, int i,
     sp_1024_mont_sub_42(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_42(y, y, p1024_mod);
+    sp_1024_mont_div2_42(y, y, p1024_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -46136,7 +46200,7 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_42(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_42(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_42(a, t1, p1024_mod);
+        sp_1024_mont_tpl_42(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_42(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_42(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -46146,8 +46210,8 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
         sp_1024_mont_dbl_42(t2, b, p1024_mod);
         sp_1024_mont_sub_42(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_42(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_42(b, t2, p1024_mod);
+        sp_1024_mont_sub_42(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_42(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_42(r[j].z, z, y, p1024_mod, p1024_mp_mod);
         z = r[j].z;
@@ -46161,7 +46225,7 @@ static void sp_1024_proj_point_dbl_n_store_42(sp_point_1024* r,
         sp_1024_mont_mul_42(y, b, a, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_42(y, y, t1, p1024_mod);
         /* Y = Y/2 */
-        sp_1024_div2_42(r[j].y, y, p1024_mod);
+        sp_1024_mont_div2_42(r[j].y, y, p1024_mod);
         r[j].infinity = 0;
     }
 }
@@ -46235,8 +46299,8 @@ static void sp_1024_proj_point_add_sub_42(sp_point_1024* ra,
     sp_1024_mont_sub_42(xs, xs, t1, p1024_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_lower_42(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_lower_42(ya, ya, xa, p1024_mod);
+    sp_1024_mont_sub_42(ys, ya, xs, p1024_mod);
+    sp_1024_mont_sub_42(ya, ya, xa, p1024_mod);
     sp_1024_mont_mul_42(ya, ya, t4, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_42(t6, p1024_mod, t6, p1024_mod);
     sp_1024_mont_mul_42(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -46364,7 +46428,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_10
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 
+    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
         (65+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -46487,12 +46551,12 @@ static int sp_1024_ecc_mulmod_win_add_sub_42(sp_point_1024* r, const sp_point_10
 static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*42;
-    sp_digit* t3 = t + 4*42;
-    sp_digit* t4 = t + 6*42;
-    sp_digit* t5 = t + 8*42;
-    sp_digit* t6 = t + 10*42;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*42;
+    sp_digit* t6 = t + 4*42;
+    sp_digit* t1 = t + 6*42;
+    sp_digit* t4 = t + 8*42;
+    sp_digit* t5 = t + 10*42;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -46508,13 +46572,9 @@ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
         sp_1024_proj_point_dbl_42(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_42(t2, t2, p->x, p1024_mod);
@@ -46523,33 +46583,40 @@ static void sp_1024_proj_point_add_qz1_42(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_42(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_42(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_42(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_42(t1, t3, p1024_mod);
-        sp_1024_mont_sub_42(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_42(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_42(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_42(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_42(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_42(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_42(t5, t3, p1024_mod);
+        sp_1024_mont_sub_42(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_42(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_42(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_42(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_42(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_42(y, t3, t5, p1024_mod);
+        sp_1024_mont_mul_42(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_42(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 42; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 42; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 42; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 42; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -46801,7 +46868,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -46872,8 +46939,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_42(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_win_add_sub_42(r, g, k, map, ct, heap);
@@ -50934,7 +51001,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -50956,7 +51023,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -51172,7 +51239,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -51198,7 +51265,7 @@ static void sp_1024_proj_mul_qx1_42(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_42(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -53219,7 +53286,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -53334,7 +53401,7 @@ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_42(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_42(t1, ty, p1024_mod);
+    sp_1024_mont_div2_42(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -53354,7 +53421,7 @@ static void sp_1024_accumulate_line_dbl_42(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_42(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_42(t1, t1, p1024_mod);
+    sp_1024_mont_div2_42(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_42(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -53772,7 +53839,7 @@ static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_42(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_42(t1, ty, p1024_mod);
+        sp_1024_mont_div2_42(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_42(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -53810,7 +53877,7 @@ static void sp_1024_accumulate_line_dbl_n_42(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_42(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_42(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -54618,7 +54685,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -54647,19 +54714,21 @@ static int sp_1024_ecc_is_point_42(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 42;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_42(t1, point->y);
         (void)sp_1024_mod_42(t1, t1, p1024_mod);
         sp_1024_sqr_42(t2, point->x);
         (void)sp_1024_mod_42(t2, t2, p1024_mod);
         sp_1024_mul_42(t2, t2, point->x);
         (void)sp_1024_mod_42(t2, t2, p1024_mod);
-        (void)sp_1024_sub_42(t2, p1024_mod, t2);
-        sp_1024_mont_add_42(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_42(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_42(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_42(t1, p1024_mod);
         sp_1024_cond_sub_42(t1, t1, p1024_mod, ~(n >> 24));
         sp_1024_norm_42(t1);
@@ -54676,7 +54745,7 @@ static int sp_1024_ecc_is_point_42(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
index ebd668f2..a2b97d81 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_c64.c
@@ -56,6 +56,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifndef WOLFSSL_SP_ASM
 #if SP_WORD_SIZE == 64
 #define SP_PRINT_NUM(var, name, total, words, bits)   \
@@ -78,11 +88,14 @@
 #define SP_PRINT_INT(var, name)                       \
     fprintf(stderr, name "=%d\n", var)
 
-#if (((!defined(WC_NO_CACHE_RESISTANT) && \
-      (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
-     (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
+#if ((defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH)) && \
+     ((!defined(WC_NO_CACHE_RESISTANT) && \
+       (defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH))) || \
+      (defined(WOLFSSL_SP_SMALL) && !defined(WOLFSSL_SP_FAST_MODEXP))) && \
     !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || (defined(WOLFSSL_SP_SMALL) && \
-    defined(WOLFSSL_HAVE_SP_ECC))
+    defined(WOLFSSL_HAVE_SP_ECC) && (!defined(WOLFSSL_SP_NO_256) || \
+    defined(WOLFSSL_SP_384) || defined(WOLFSSL_SP_521) || \
+    defined(WOLFSSL_SP_1024)))
 /* Mask for address to obfuscate which of the two address will be used. */
 static const size_t addr_mask[2] = { 0, (size_t)-1 };
 #endif
@@ -140,14 +153,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 61
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 60);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 60);
     }
 #elif DIGIT_BIT > 61
     unsigned int i;
@@ -409,7 +422,7 @@ SP_NOINLINE static void sp_2048_sqr_34(sp_digit* r, const sp_digit* a)
     r[0] = (sp_digit)(c >> 61);
 }
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -675,7 +688,7 @@ SP_NOINLINE static void sp_2048_mul_17(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_17(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -753,7 +766,7 @@ SP_NOINLINE static void sp_2048_sqr_17(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_17(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -1564,7 +1577,7 @@ static void sp_2048_mont_reduce_34(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1578,7 +1591,7 @@ SP_NOINLINE static void sp_2048_mont_mul_34(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_34(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -2202,7 +2215,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -2212,7 +2225,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 61) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -2241,12 +2254,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 61
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -2265,7 +2278,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         err = sp_2048_mod_34(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=60; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -2302,14 +2315,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 256U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 61) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -2338,12 +2351,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         m = r + 34 * 2;
 
         sp_2048_from_bin(a, 34, in, inLen);
-#if DIGIT_BIT >= 61
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -2373,7 +2386,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
             err = sp_2048_mod_34(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=60; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -3419,14 +3432,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 57
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 56);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 56);
     }
 #elif DIGIT_BIT > 57
     unsigned int i;
@@ -4001,7 +4014,7 @@ SP_NOINLINE static void sp_2048_sqr_36(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -4250,7 +4263,7 @@ static void sp_2048_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4264,7 +4277,7 @@ SP_NOINLINE static void sp_2048_mont_mul_18(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_18(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -5138,7 +5151,7 @@ static void sp_2048_mont_reduce_36(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -5152,7 +5165,7 @@ SP_NOINLINE static void sp_2048_mont_mul_36(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_36(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -5802,7 +5815,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -5812,7 +5825,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 57) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -5841,12 +5854,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 57
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -5865,7 +5878,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         err = sp_2048_mod_36(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=56; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -5902,14 +5915,14 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 256U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 57) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 256U) {
@@ -5938,12 +5951,12 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
         m = r + 36 * 2;
 
         sp_2048_from_bin(a, 36, in, inLen);
-#if DIGIT_BIT >= 57
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -5973,7 +5986,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
             err = sp_2048_mod_36(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=56; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -7092,14 +7105,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 60
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 59);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 59);
     }
 #elif DIGIT_BIT > 60
     unsigned int i;
@@ -7322,7 +7335,7 @@ SP_NOINLINE static void sp_3072_sqr_52(sp_digit* r, const sp_digit* a)
     r[0] = (sp_digit)(c >> 60);
 }
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -7575,7 +7588,7 @@ SP_NOINLINE static void sp_3072_mul_26(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_26(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -7630,7 +7643,7 @@ SP_NOINLINE static void sp_3072_sqr_26(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_26(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -8447,7 +8460,7 @@ static void sp_3072_mont_reduce_52(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -8461,7 +8474,7 @@ SP_NOINLINE static void sp_3072_mont_mul_52(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_52(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -9085,7 +9098,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -9095,7 +9108,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 60) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -9124,12 +9137,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 60
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -9148,7 +9161,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         err = sp_3072_mod_52(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=59; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -9185,14 +9198,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 384U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 60) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -9221,12 +9234,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         m = r + 52 * 2;
 
         sp_3072_from_bin(a, 52, in, inLen);
-#if DIGIT_BIT >= 60
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -9256,7 +9269,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
             err = sp_3072_mod_52(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=59; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -10302,14 +10315,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 57
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 56);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 56);
     }
 #elif DIGIT_BIT > 57
     unsigned int i;
@@ -10967,7 +10980,7 @@ SP_NOINLINE static void sp_3072_sqr_54(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -11266,7 +11279,7 @@ static void sp_3072_mont_reduce_27(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -11280,7 +11293,7 @@ SP_NOINLINE static void sp_3072_mont_mul_27(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_27(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -12166,7 +12179,7 @@ static void sp_3072_mont_reduce_54(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -12180,7 +12193,7 @@ SP_NOINLINE static void sp_3072_mont_mul_54(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_54(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -12834,7 +12847,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -12844,7 +12857,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 57) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -12873,12 +12886,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 57
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -12897,7 +12910,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         err = sp_3072_mod_54(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=56; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -12934,14 +12947,14 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 384U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 57) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 384U) {
@@ -12970,12 +12983,12 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
         m = r + 54 * 2;
 
         sp_3072_from_bin(a, 54, in, inLen);
-#if DIGIT_BIT >= 57
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -13005,7 +13018,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
             err = sp_3072_mod_54(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=56; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -14160,14 +14173,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 59
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 58);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 58);
     }
 #elif DIGIT_BIT > 59
     unsigned int i;
@@ -14392,7 +14405,7 @@ SP_NOINLINE static void sp_4096_sqr_70(sp_digit* r, const sp_digit* a)
     r[0] = (sp_digit)(c >> 59);
 }
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -14649,7 +14662,7 @@ SP_NOINLINE static void sp_4096_mul_35(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_35(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -14704,7 +14717,7 @@ SP_NOINLINE static void sp_4096_sqr_35(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_35(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -15516,7 +15529,7 @@ static void sp_4096_mont_reduce_70(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -15530,7 +15543,7 @@ SP_NOINLINE static void sp_4096_mont_mul_70(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_70(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -16154,7 +16167,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -16164,7 +16177,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 59) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -16193,12 +16206,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 59
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -16217,7 +16230,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         err = sp_4096_mod_70(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=58; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -16254,14 +16267,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 512U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 59) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -16290,12 +16303,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         m = r + 70 * 2;
 
         sp_4096_from_bin(a, 70, in, inLen);
-#if DIGIT_BIT >= 59
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -16325,7 +16338,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
             err = sp_4096_mod_70(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=58; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -17229,14 +17242,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 53
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 52);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 52);
     }
 #elif DIGIT_BIT > 53
     unsigned int i;
@@ -18058,7 +18071,7 @@ SP_NOINLINE static void sp_4096_sqr_78(sp_digit* r, const sp_digit* a)
 }
 
 #endif /* !WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -18382,7 +18395,7 @@ static void sp_4096_mont_reduce_39(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -18396,7 +18409,7 @@ SP_NOINLINE static void sp_4096_mont_mul_39(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_39(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -19291,7 +19304,7 @@ static void sp_4096_mont_reduce_78(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -19305,7 +19318,7 @@ SP_NOINLINE static void sp_4096_mont_mul_78(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_78(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -19959,7 +19972,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* m = NULL;
     sp_digit* r = NULL;
     sp_digit* norm = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     sp_digit mp = 0;
     int i;
     int err = MP_OKAY;
@@ -19969,7 +19982,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     }
 
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 53) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -19998,12 +20011,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         norm = r;
 
         sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 53
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -20022,7 +20035,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         err = sp_4096_mod_78(a, a, m);
     }
     if (err == MP_OKAY) {
-        for (i=52; i>=0; i--) {
+        for (i=63; i>=0; i--) {
             if ((e[0] >> i) != 0) {
                 break;
             }
@@ -20059,14 +20072,14 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
     sp_digit* a = NULL;
     sp_digit* m = NULL;
     sp_digit* r = NULL;
-    sp_digit e[1] = {0};
+    sp_uint64 e[1] = {0};
     int err = MP_OKAY;
 
     if (*outLen < 512U) {
         err = MP_TO_E;
     }
     if (err == MP_OKAY) {
-        if (mp_count_bits(em) > 53) {
+        if (mp_count_bits(em) > 64) {
             err = MP_READ_E;
         }
         else if (inLen > 512U) {
@@ -20095,12 +20108,12 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
         m = r + 78 * 2;
 
         sp_4096_from_bin(a, 78, in, inLen);
-#if DIGIT_BIT >= 53
-        e[0] = (sp_digit)em->dp[0];
+#if DIGIT_BIT >= 64
+        e[0] = (sp_uint64)em->dp[0];
 #else
-        e[0] = (sp_digit)em->dp[0];
+        e[0] = (sp_uint64)em->dp[0];
         if (em->used > 1) {
-            e[0] |= ((sp_digit)em->dp[1]) << DIGIT_BIT;
+            e[0] |= ((sp_uint64)em->dp[1]) << DIGIT_BIT;
         }
 #endif
         if (e[0] == 0) {
@@ -20130,7 +20143,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
             err = sp_4096_mod_78(a, a, m);
 
             if (err == MP_OKAY) {
-                for (i=52; i>=0; i--) {
+                for (i=63; i>=0; i--) {
                     if ((e[0] >> i) != 0) {
                         break;
                     }
@@ -21481,14 +21494,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 52
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 51);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 51);
     }
 #elif DIGIT_BIT > 52
     unsigned int i;
@@ -21923,7 +21936,7 @@ static void sp_256_mont_reduce_5(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -21937,7 +21950,7 @@ SP_NOINLINE static void sp_256_mont_mul_5(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -21953,10 +21966,10 @@ SP_NOINLINE static void sp_256_mont_sqr_5(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_5(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_5(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_5(r, a, m, mp);
     for (; n > 1; n--) {
@@ -22193,7 +22206,6 @@ static void sp_256_mont_sub_5(sp_digit* r, const sp_digit* a, const sp_digit* b,
     sp_256_norm_5(r);
 }
 
-#define sp_256_mont_sub_lower_5 sp_256_mont_sub_5
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -22223,7 +22235,8 @@ SP_NOINLINE static void sp_256_rshift1_5(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_256_div2_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_256_mont_div2_5(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_256_cond_add_5(r, a, m, 0 - (a[0] & 1));
     sp_256_norm_5(r);
@@ -22274,7 +22287,7 @@ static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_5(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_5(t2, t2, p256_mod);
+    sp_256_mont_div2_5(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_5(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
@@ -22284,7 +22297,7 @@ static void sp_256_proj_point_dbl_5(sp_point_256* r, const sp_point_256* p,
     /* X = X - Y */
     sp_256_mont_sub_5(x, x, y, p256_mod);
     /* Y = Y - X */
-    sp_256_mont_sub_lower_5(y, y, x, p256_mod);
+    sp_256_mont_sub_5(y, y, x, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_5(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -22307,7 +22320,8 @@ typedef struct sp_256_proj_point_dbl_5_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_5_ctx* ctx = (sp_256_proj_point_dbl_5_ctx*)sp_ctx->data;
@@ -22381,7 +22395,7 @@ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_5(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_5(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -22406,7 +22420,7 @@ static int sp_256_proj_point_dbl_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_256_mont_sub_lower_5(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -22466,12 +22480,12 @@ static int sp_256_iszero_5(const sp_digit* a)
 static void sp_256_proj_point_add_5(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*5;
-    sp_digit* t3 = t + 4*5;
-    sp_digit* t4 = t + 6*5;
-    sp_digit* t5 = t + 8*5;
-    sp_digit* t6 = t + 10*5;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*5;
+    sp_digit* t2 = t + 4*5;
+    sp_digit* t3 = t + 6*5;
+    sp_digit* t4 = t + 8*5;
+    sp_digit* t5 = t + 10*5;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_5(t1, q->z, p256_mod, p256_mp_mod);
@@ -22493,17 +22507,9 @@ static void sp_256_proj_point_add_5(sp_point_256* r,
         sp_256_proj_point_dbl_5(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_5(t2, t2, t1, p256_mod);
@@ -22522,20 +22528,31 @@ static void sp_256_proj_point_add_5(sp_point_256* r,
         sp_256_mont_dbl_5(t3, y, p256_mod);
         sp_256_mont_sub_5(x, x, t3, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_5(y, y, x, p256_mod);
+        sp_256_mont_sub_5(y, y, x, p256_mod);
         sp_256_mont_mul_5(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_5(y, y, t5, p256_mod);
-        for (i = 0; i < 5; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 5; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -22581,12 +22598,12 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*5;
-        ctx->t3 = t + 4*5;
-        ctx->t4 = t + 6*5;
-        ctx->t5 = t + 8*5;
-        ctx->t6 = t + 10*5;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*5;
+        ctx->t2 = t + 4*5;
+        ctx->t3 = t + 6*5;
+        ctx->t4 = t + 8*5;
+        ctx->t5 = t + 10*5;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -22693,7 +22710,7 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_5(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_5(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -22706,22 +22723,28 @@ static int sp_256_proj_point_add_5_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 5; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 5; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -23119,8 +23142,6 @@ static void sp_256_cond_copy_5(sp_digit* r, const sp_digit* a, const sp_digit m)
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_256_mont_dbl_lower_5 sp_256_mont_dbl_5
-#define sp_256_mont_tpl_lower_5 sp_256_mont_tpl_5
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -23159,7 +23180,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_5(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+        sp_256_mont_tpl_5(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23168,8 +23189,8 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
         sp_256_mont_dbl_5(t2, b, p256_mod);
         sp_256_mont_sub_5(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+        sp_256_mont_sub_5(t2, b, x, p256_mod);
+        sp_256_mont_dbl_5(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -23189,7 +23210,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_5(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+    sp_256_mont_tpl_5(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23198,8 +23219,8 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
     sp_256_mont_dbl_5(t2, b, p256_mod);
     sp_256_mont_sub_5(x, x, t2, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
-    sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+    sp_256_mont_sub_5(t2, b, x, p256_mod);
+    sp_256_mont_dbl_5(b, t2, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_5(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -23209,7 +23230,7 @@ static void sp_256_proj_point_dbl_n_5(sp_point_256* p, int i,
     sp_256_mont_sub_5(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_5(y, y, p256_mod);
+    sp_256_mont_div2_5(y, y, p256_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -23255,7 +23276,7 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_5(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_5(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_5(a, t1, p256_mod);
+        sp_256_mont_tpl_5(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_5(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_5(b, t1, x, p256_mod, p256_mp_mod);
@@ -23265,8 +23286,8 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
         sp_256_mont_dbl_5(t2, b, p256_mod);
         sp_256_mont_sub_5(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_5(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_5(b, t2, p256_mod);
+        sp_256_mont_sub_5(t2, b, x, p256_mod);
+        sp_256_mont_dbl_5(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_5(r[j].z, z, y, p256_mod, p256_mp_mod);
         z = r[j].z;
@@ -23280,7 +23301,7 @@ static void sp_256_proj_point_dbl_n_store_5(sp_point_256* r,
         sp_256_mont_mul_5(y, b, a, p256_mod, p256_mp_mod);
         sp_256_mont_sub_5(y, y, t1, p256_mod);
         /* Y = Y/2 */
-        sp_256_div2_5(r[j].y, y, p256_mod);
+        sp_256_mont_div2_5(r[j].y, y, p256_mod);
         r[j].infinity = 0;
     }
 }
@@ -23354,8 +23375,8 @@ static void sp_256_proj_point_add_sub_5(sp_point_256* ra,
     sp_256_mont_sub_5(xs, xs, t1, p256_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_lower_5(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_lower_5(ya, ya, xa, p256_mod);
+    sp_256_mont_sub_5(ys, ya, xs, p256_mod);
+    sp_256_mont_sub_5(ya, ya, xa, p256_mod);
     sp_256_mont_mul_5(ya, ya, t4, p256_mod, p256_mp_mod);
     sp_256_sub_5(t6, p256_mod, t6);
     sp_256_mont_mul_5(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -23439,7 +23460,7 @@ static void sp_256_ecc_recode_6_5(const sp_digit* k, ecc_recode_256* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_point_33_5(sp_point_256* r, const sp_point_256* table,
@@ -23523,7 +23544,7 @@ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 
+    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -23642,12 +23663,12 @@ static int sp_256_ecc_mulmod_win_add_sub_5(sp_point_256* r, const sp_point_256*
 static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*5;
-    sp_digit* t3 = t + 4*5;
-    sp_digit* t4 = t + 6*5;
-    sp_digit* t5 = t + 8*5;
-    sp_digit* t6 = t + 10*5;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*5;
+    sp_digit* t6 = t + 4*5;
+    sp_digit* t1 = t + 6*5;
+    sp_digit* t4 = t + 8*5;
+    sp_digit* t5 = t + 10*5;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -23663,13 +23684,9 @@ static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
         sp_256_proj_point_dbl_5(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_5(t2, t2, p->x, p256_mod);
@@ -23678,33 +23695,40 @@ static void sp_256_proj_point_add_qz1_5(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_5(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_5(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_5(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_5(t1, t3, p256_mod);
-        sp_256_mont_sub_5(x, x, t1, p256_mod);
+        sp_256_mont_sqr_5(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_5(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_5(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_5(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_5(t2, t2, t1, p256_mod);
+        sp_256_mont_dbl_5(t5, t3, p256_mod);
+        sp_256_mont_sub_5(x, t2, t5, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_5(t3, t3, x, p256_mod);
+        sp_256_mont_sub_5(t3, t3, x, p256_mod);
         sp_256_mont_mul_5(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_5(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_5(y, t3, t5, p256_mod);
+        sp_256_mont_mul_5(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_5(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 5; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 5; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 5; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 5; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -23826,7 +23850,7 @@ static int sp_256_gen_stripe_table_5(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_256_5(sp_point_256* r,
@@ -24009,7 +24033,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -24080,8 +24104,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_5(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_5(r, g, k, map, ct, heap);
@@ -24198,7 +24222,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -24209,7 +24233,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -25666,7 +25690,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -25688,7 +25712,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -25842,7 +25866,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -25850,7 +25874,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -26471,7 +26495,7 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a,
     sp_256_mont_sqr_n_order_5(t2, t3, 4);
     /* t = a^ff = t2 * t3 */
     sp_256_mont_mul_order_5(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    /* t2= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_5(t2, t, 8);
     /* t = a^ffff = t2 * t */
     sp_256_mont_mul_order_5(t, t2, t);
@@ -26488,7 +26512,11 @@ static void sp_256_mont_inv_order_5(sp_digit* r, const sp_digit* a,
     /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_5(t2, t2, t);
     /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
+    sp_256_mont_sqr_order_5(t2, t2);
+    sp_256_mont_mul_order_5(t2, t2, a);
+    sp_256_mont_sqr_n_order_5(t2, t2, 5);
+    sp_256_mont_mul_order_5(t2, t2, t3);
+    for (i=121; i>=112; i--) {
         sp_256_mont_sqr_order_5(t2, t2);
         if ((p256_order_low[i / 64] & ((sp_int_digit)1 << (i % 64))) != 0) {
             sp_256_mont_mul_order_5(t2, t2, a);
@@ -26992,8 +27020,8 @@ static int sp_256_mod_inv_5(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_256_cmp_5(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_256_cmp_5(u, v) >= 0))) {
                 sp_256_sub_5(u, u, v);
                 sp_256_norm_5(u);
 
@@ -27083,7 +27111,7 @@ static void sp_256_add_points_5(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -27407,7 +27435,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -27435,19 +27463,21 @@ static int sp_256_ecc_is_point_5(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 5;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_5(t1, point->y);
         (void)sp_256_mod_5(t1, t1, p256_mod);
         sp_256_sqr_5(t2, point->x);
         (void)sp_256_mod_5(t2, t2, p256_mod);
         sp_256_mul_5(t2, t2, point->x);
         (void)sp_256_mod_5(t2, t2, p256_mod);
-        (void)sp_256_sub_5(t2, p256_mod, t2);
-        sp_256_mont_add_5(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_5(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_5(t1, t1, point->x, p256_mod);
         sp_256_mont_add_5(t1, t1, point->x, p256_mod);
         sp_256_mont_add_5(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_5(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -27461,7 +27491,7 @@ static int sp_256_ecc_is_point_5(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -28347,14 +28377,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 55
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 54);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 54);
     }
 #elif DIGIT_BIT > 55
     unsigned int i;
@@ -28810,7 +28840,7 @@ static void sp_384_mont_reduce_7(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28824,7 +28854,7 @@ SP_NOINLINE static void sp_384_mont_mul_7(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -28840,10 +28870,10 @@ SP_NOINLINE static void sp_384_mont_sqr_7(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_7(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_7(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_7(r, a, m, mp);
     for (; n > 1; n--) {
@@ -29098,7 +29128,6 @@ static void sp_384_mont_sub_7(sp_digit* r, const sp_digit* a, const sp_digit* b,
     sp_384_norm_7(r);
 }
 
-#define sp_384_mont_sub_lower_7 sp_384_mont_sub_7
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -29130,7 +29159,8 @@ SP_NOINLINE static void sp_384_rshift1_7(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_384_div2_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_7(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_384_cond_add_7(r, a, m, 0 - (a[0] & 1));
     sp_384_norm_7(r);
@@ -29181,7 +29211,7 @@ static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_7(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_7(t2, t2, p384_mod);
+    sp_384_mont_div2_7(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_7(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -29191,7 +29221,7 @@ static void sp_384_proj_point_dbl_7(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_7(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_7(y, y, x, p384_mod);
+    sp_384_mont_sub_7(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_7(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -29214,7 +29244,8 @@ typedef struct sp_384_proj_point_dbl_7_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_7_ctx* ctx = (sp_384_proj_point_dbl_7_ctx*)sp_ctx->data;
@@ -29288,7 +29319,7 @@ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_7(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_7(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -29313,7 +29344,7 @@ static int sp_384_proj_point_dbl_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_7(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -29374,12 +29405,12 @@ static int sp_384_iszero_7(const sp_digit* a)
 static void sp_384_proj_point_add_7(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*7;
-    sp_digit* t3 = t + 4*7;
-    sp_digit* t4 = t + 6*7;
-    sp_digit* t5 = t + 8*7;
-    sp_digit* t6 = t + 10*7;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*7;
+    sp_digit* t2 = t + 4*7;
+    sp_digit* t3 = t + 6*7;
+    sp_digit* t4 = t + 8*7;
+    sp_digit* t5 = t + 10*7;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_7(t1, q->z, p384_mod, p384_mp_mod);
@@ -29401,17 +29432,9 @@ static void sp_384_proj_point_add_7(sp_point_384* r,
         sp_384_proj_point_dbl_7(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_7(t2, t2, t1, p384_mod);
@@ -29430,20 +29453,31 @@ static void sp_384_proj_point_add_7(sp_point_384* r,
         sp_384_mont_dbl_7(t3, y, p384_mod);
         sp_384_mont_sub_7(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_7(y, y, x, p384_mod);
+        sp_384_mont_sub_7(y, y, x, p384_mod);
         sp_384_mont_mul_7(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_7(y, y, t5, p384_mod);
-        for (i = 0; i < 7; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 7; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -29489,12 +29523,12 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*7;
-        ctx->t3 = t + 4*7;
-        ctx->t4 = t + 6*7;
-        ctx->t5 = t + 8*7;
-        ctx->t6 = t + 10*7;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*7;
+        ctx->t2 = t + 4*7;
+        ctx->t3 = t + 6*7;
+        ctx->t4 = t + 8*7;
+        ctx->t5 = t + 10*7;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -29601,7 +29635,7 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_7(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_7(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -29614,22 +29648,28 @@ static int sp_384_proj_point_add_7_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 7; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 7; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -30063,8 +30103,6 @@ static void sp_384_cond_copy_7(sp_digit* r, const sp_digit* a, const sp_digit m)
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_384_mont_dbl_lower_7 sp_384_mont_dbl_7
-#define sp_384_mont_tpl_lower_7 sp_384_mont_tpl_7
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -30103,7 +30141,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_7(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+        sp_384_mont_tpl_7(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30112,8 +30150,8 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
         sp_384_mont_dbl_7(t2, b, p384_mod);
         sp_384_mont_sub_7(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+        sp_384_mont_sub_7(t2, b, x, p384_mod);
+        sp_384_mont_dbl_7(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -30133,7 +30171,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_7(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+    sp_384_mont_tpl_7(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30142,8 +30180,8 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
     sp_384_mont_dbl_7(t2, b, p384_mod);
     sp_384_mont_sub_7(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+    sp_384_mont_sub_7(t2, b, x, p384_mod);
+    sp_384_mont_dbl_7(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_7(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -30153,7 +30191,7 @@ static void sp_384_proj_point_dbl_n_7(sp_point_384* p, int i,
     sp_384_mont_sub_7(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_7(y, y, p384_mod);
+    sp_384_mont_div2_7(y, y, p384_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -30199,7 +30237,7 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_7(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_7(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_7(a, t1, p384_mod);
+        sp_384_mont_tpl_7(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_7(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_7(b, t1, x, p384_mod, p384_mp_mod);
@@ -30209,8 +30247,8 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
         sp_384_mont_dbl_7(t2, b, p384_mod);
         sp_384_mont_sub_7(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_7(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_7(b, t2, p384_mod);
+        sp_384_mont_sub_7(t2, b, x, p384_mod);
+        sp_384_mont_dbl_7(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_7(r[j].z, z, y, p384_mod, p384_mp_mod);
         z = r[j].z;
@@ -30224,7 +30262,7 @@ static void sp_384_proj_point_dbl_n_store_7(sp_point_384* r,
         sp_384_mont_mul_7(y, b, a, p384_mod, p384_mp_mod);
         sp_384_mont_sub_7(y, y, t1, p384_mod);
         /* Y = Y/2 */
-        sp_384_div2_7(r[j].y, y, p384_mod);
+        sp_384_mont_div2_7(r[j].y, y, p384_mod);
         r[j].infinity = 0;
     }
 }
@@ -30298,8 +30336,8 @@ static void sp_384_proj_point_add_sub_7(sp_point_384* ra,
     sp_384_mont_sub_7(xs, xs, t1, p384_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_lower_7(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_lower_7(ya, ya, xa, p384_mod);
+    sp_384_mont_sub_7(ys, ya, xs, p384_mod);
+    sp_384_mont_sub_7(ya, ya, xa, p384_mod);
     sp_384_mont_mul_7(ya, ya, t4, p384_mod, p384_mp_mod);
     sp_384_sub_7(t6, p384_mod, t6);
     sp_384_mont_mul_7(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -30383,7 +30421,7 @@ static void sp_384_ecc_recode_6_7(const sp_digit* k, ecc_recode_384* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_point_33_7(sp_point_384* r, const sp_point_384* table,
@@ -30479,7 +30517,7 @@ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 
+    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -30598,12 +30636,12 @@ static int sp_384_ecc_mulmod_win_add_sub_7(sp_point_384* r, const sp_point_384*
 static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*7;
-    sp_digit* t3 = t + 4*7;
-    sp_digit* t4 = t + 6*7;
-    sp_digit* t5 = t + 8*7;
-    sp_digit* t6 = t + 10*7;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*7;
+    sp_digit* t6 = t + 4*7;
+    sp_digit* t1 = t + 6*7;
+    sp_digit* t4 = t + 8*7;
+    sp_digit* t5 = t + 10*7;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -30619,13 +30657,9 @@ static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
         sp_384_proj_point_dbl_7(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_7(t2, t2, p->x, p384_mod);
@@ -30634,33 +30668,40 @@ static void sp_384_proj_point_add_qz1_7(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_7(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_7(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_7(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_7(t1, t3, p384_mod);
-        sp_384_mont_sub_7(x, x, t1, p384_mod);
+        sp_384_mont_sqr_7(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_7(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_7(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_7(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_7(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_7(t5, t3, p384_mod);
+        sp_384_mont_sub_7(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_7(t3, t3, x, p384_mod);
+        sp_384_mont_sub_7(t3, t3, x, p384_mod);
         sp_384_mont_mul_7(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_7(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_7(y, t3, t5, p384_mod);
+        sp_384_mont_mul_7(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_7(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 7; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 7; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 7; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 7; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -30782,7 +30823,7 @@ static int sp_384_gen_stripe_table_7(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_7(sp_point_384* r,
@@ -30973,7 +31014,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -31044,8 +31085,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_7(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_7(r, g, k, map, ct, heap);
@@ -31162,7 +31203,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -31173,7 +31214,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -33140,7 +33181,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -33162,7 +33203,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -33316,7 +33357,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -33324,7 +33365,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -34445,8 +34486,8 @@ static int sp_384_mod_inv_7(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_384_cmp_7(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_384_cmp_7(u, v) >= 0))) {
                 sp_384_sub_7(u, u, v);
                 sp_384_norm_7(u);
 
@@ -34538,7 +34579,7 @@ static void sp_384_add_points_7(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -34862,7 +34903,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -34890,19 +34931,21 @@ static int sp_384_ecc_is_point_7(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 7;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_7(t1, point->y);
         (void)sp_384_mod_7(t1, t1, p384_mod);
         sp_384_sqr_7(t2, point->x);
         (void)sp_384_mod_7(t2, t2, p384_mod);
         sp_384_mul_7(t2, t2, point->x);
         (void)sp_384_mod_7(t2, t2, p384_mod);
-        (void)sp_384_sub_7(t2, p384_mod, t2);
-        sp_384_mont_add_7(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_7(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_7(t1, t1, point->x, p384_mod);
         sp_384_mont_add_7(t1, t1, point->x, p384_mod);
         sp_384_mont_add_7(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_7(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -34916,7 +34959,7 @@ static int sp_384_ecc_is_point_7(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -35910,14 +35953,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 58
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 57);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 57);
     }
 #elif DIGIT_BIT > 58
     unsigned int i;
@@ -36335,7 +36378,7 @@ static void sp_521_mont_reduce_order_9(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -36349,7 +36392,7 @@ SP_NOINLINE static void sp_521_mont_mul_9(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -36365,10 +36408,10 @@ SP_NOINLINE static void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_9(r, a, m, mp);
     for (; n > 1; n--) {
@@ -36622,7 +36665,6 @@ static void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
     sp_521_norm_9(r);
 }
 
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -36656,7 +36698,8 @@ SP_NOINLINE static void sp_521_rshift1_9(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_521_cond_add_9(r, a, m, 0 - (a[0] & 1));
     sp_521_norm_9(r);
@@ -36707,7 +36750,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_9(t2, t2, p521_mod);
+    sp_521_mont_div2_9(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -36717,7 +36760,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_9(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+    sp_521_mont_sub_9(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -36740,7 +36783,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -36814,7 +36858,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -36839,7 +36883,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -36901,12 +36945,12 @@ static int sp_521_iszero_9(const sp_digit* a)
 static void sp_521_proj_point_add_9(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*9;
+    sp_digit* t2 = t + 4*9;
+    sp_digit* t3 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -36928,17 +36972,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -36957,20 +36993,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_mont_dbl_9(t3, y, p521_mod);
         sp_521_mont_sub_9(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+        sp_521_mont_sub_9(y, y, x, p521_mod);
         sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t5, p521_mod);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -37016,12 +37063,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->t3 = t + 4*9;
-        ctx->t4 = t + 6*9;
-        ctx->t5 = t + 8*9;
-        ctx->t6 = t + 10*9;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*9;
+        ctx->t2 = t + 4*9;
+        ctx->t3 = t + 6*9;
+        ctx->t4 = t + 8*9;
+        ctx->t5 = t + 10*9;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -37128,7 +37175,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -37141,22 +37188,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -37471,8 +37524,6 @@ static void sp_521_cond_copy_9(sp_digit* r, const sp_digit* a, const sp_digit m)
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -37511,7 +37562,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37520,8 +37571,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -37541,7 +37592,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+    sp_521_mont_tpl_9(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37550,8 +37601,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_dbl_9(t2, b, p521_mod);
     sp_521_mont_sub_9(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+    sp_521_mont_sub_9(t2, b, x, p521_mod);
+    sp_521_mont_dbl_9(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -37561,7 +37612,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_sub_9(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_9(y, y, p521_mod);
+    sp_521_mont_div2_9(y, y, p521_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -37607,7 +37658,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -37617,8 +37668,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
         z = r[j].z;
@@ -37632,7 +37683,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t1, p521_mod);
         /* Y = Y/2 */
-        sp_521_div2_9(r[j].y, y, p521_mod);
+        sp_521_mont_div2_9(r[j].y, y, p521_mod);
         r[j].infinity = 0;
     }
 }
@@ -37706,8 +37757,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
     sp_521_mont_sub_9(xs, xs, t1, p521_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
     sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
     sp_521_sub_9(t6, p521_mod, t6);
     sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -37791,7 +37842,7 @@ static void sp_521_ecc_recode_6_9(const sp_digit* k, ecc_recode_521* v)
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_point_33_9(sp_point_521* r, const sp_point_521* table,
@@ -37899,7 +37950,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 
+    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -38018,12 +38069,12 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
 static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*9;
+    sp_digit* t6 = t + 4*9;
+    sp_digit* t1 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -38039,13 +38090,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -38054,33 +38101,40 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_9(t1, t3, p521_mod);
-        sp_521_mont_sub_9(x, x, t1, p521_mod);
+        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_9(t5, t3, p521_mod);
+        sp_521_mont_sub_9(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+        sp_521_mont_sub_9(t3, t3, x, p521_mod);
         sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t5, p521_mod);
+        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -38202,7 +38256,7 @@ static int sp_521_gen_stripe_table_9(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_9(sp_point_521* r,
@@ -38401,7 +38455,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -38472,8 +38526,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -38590,7 +38644,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -38601,7 +38655,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -40568,7 +40622,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -40590,7 +40644,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -40745,7 +40799,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -40753,7 +40807,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -41905,8 +41959,8 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
         }
 
         while (ut > 1 && vt > 1) {
-            if (ut > vt || (ut == vt &&
-                                       sp_521_cmp_9(u, v) >= 0)) {
+            if ((ut > vt) || ((ut == vt) &&
+                    (sp_521_cmp_9(u, v) >= 0))) {
                 sp_521_sub_9(u, u, v);
                 sp_521_norm_9(u);
 
@@ -42000,7 +42054,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -42333,7 +42387,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -42361,19 +42415,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 9;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_9(t1, point->y);
         (void)sp_521_mod_9(t1, t1, p521_mod);
         sp_521_sqr_9(t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
         sp_521_mul_9(t2, t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
-        (void)sp_521_sub_9(t2, p521_mod, t2);
-        sp_521_mont_add_9(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_9(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -42387,7 +42443,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -43886,14 +43942,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 57
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 56);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 56);
     }
 #elif DIGIT_BIT > 57
     unsigned int i;
@@ -44297,7 +44353,7 @@ static void sp_1024_mont_reduce_18(sp_digit* a, const sp_digit* m, sp_digit mp)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -44311,7 +44367,7 @@ SP_NOINLINE static void sp_1024_mont_mul_18(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_18(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -44492,7 +44548,6 @@ static void sp_1024_mont_sub_18(sp_digit* r, const sp_digit* a, const sp_digit*
     sp_1024_norm_18(r);
 }
 
-#define sp_1024_mont_sub_lower_18 sp_1024_mont_sub_18
 /* Shift number left one bit.
  * Bottom bit is lost.
  *
@@ -44535,7 +44590,8 @@ SP_NOINLINE static void sp_1024_rshift1_18(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-static void sp_1024_div2_18(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_18(sp_digit* r, const sp_digit* a,
+        const sp_digit* m)
 {
     sp_1024_cond_add_18(r, a, m, 0 - (a[0] & 1));
     sp_1024_norm_18(r);
@@ -44586,7 +44642,7 @@ static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_18(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_18(t2, t2, p1024_mod);
+    sp_1024_mont_div2_18(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_18(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -44596,7 +44652,7 @@ static void sp_1024_proj_point_dbl_18(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_18(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_18(y, y, x, p1024_mod);
+    sp_1024_mont_sub_18(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_18(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -44619,7 +44675,8 @@ typedef struct sp_1024_proj_point_dbl_18_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_18_ctx* ctx = (sp_1024_proj_point_dbl_18_ctx*)sp_ctx->data;
@@ -44693,7 +44750,7 @@ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_18(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_18(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -44718,7 +44775,7 @@ static int sp_1024_proj_point_dbl_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_18(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -44784,12 +44841,12 @@ static int sp_1024_iszero_18(const sp_digit* a)
 static void sp_1024_proj_point_add_18(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*18;
-    sp_digit* t3 = t + 4*18;
-    sp_digit* t4 = t + 6*18;
-    sp_digit* t5 = t + 8*18;
-    sp_digit* t6 = t + 10*18;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*18;
+    sp_digit* t2 = t + 4*18;
+    sp_digit* t3 = t + 6*18;
+    sp_digit* t4 = t + 8*18;
+    sp_digit* t5 = t + 10*18;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_18(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -44811,17 +44868,9 @@ static void sp_1024_proj_point_add_18(sp_point_1024* r,
         sp_1024_proj_point_dbl_18(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
@@ -44840,20 +44889,31 @@ static void sp_1024_proj_point_add_18(sp_point_1024* r,
         sp_1024_mont_dbl_18(t3, y, p1024_mod);
         sp_1024_mont_sub_18(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_18(y, y, x, p1024_mod);
+        sp_1024_mont_sub_18(y, y, x, p1024_mod);
         sp_1024_mont_mul_18(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_18(y, y, t5, p1024_mod);
-        for (i = 0; i < 18; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 18; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -44899,12 +44959,12 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*18;
-        ctx->t3 = t + 4*18;
-        ctx->t4 = t + 6*18;
-        ctx->t5 = t + 8*18;
-        ctx->t6 = t + 10*18;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*18;
+        ctx->t2 = t + 4*18;
+        ctx->t3 = t + 6*18;
+        ctx->t4 = t + 8*18;
+        ctx->t5 = t + 10*18;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -45011,7 +45071,7 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_18(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_18(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -45024,22 +45084,28 @@ static int sp_1024_proj_point_add_18_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        for (i = 0; i < 18; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+            for (i = 0; i < 18; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -45354,8 +45420,6 @@ static void sp_1024_cond_copy_18(sp_digit* r, const sp_digit* a, const sp_digit
 #endif /* WOLFSSL_SP_SMALL */
 }
 
-#define sp_1024_mont_dbl_lower_18 sp_1024_mont_dbl_18
-#define sp_1024_mont_tpl_lower_18 sp_1024_mont_tpl_18
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -45394,7 +45458,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+        sp_1024_mont_tpl_18(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45403,8 +45467,8 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
         sp_1024_mont_dbl_18(t2, b, p1024_mod);
         sp_1024_mont_sub_18(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+        sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_18(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -45424,7 +45488,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+    sp_1024_mont_tpl_18(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45433,8 +45497,8 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
     sp_1024_mont_dbl_18(t2, b, p1024_mod);
     sp_1024_mont_sub_18(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+    sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_18(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_18(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -45444,7 +45508,7 @@ static void sp_1024_proj_point_dbl_n_18(sp_point_1024* p, int i,
     sp_1024_mont_sub_18(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_18(y, y, p1024_mod);
+    sp_1024_mont_div2_18(y, y, p1024_mod);
 }
 
 /* Double the Montgomery form projective point p a number of times.
@@ -45490,7 +45554,7 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_18(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_18(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_18(a, t1, p1024_mod);
+        sp_1024_mont_tpl_18(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_18(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_18(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45500,8 +45564,8 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
         sp_1024_mont_dbl_18(t2, b, p1024_mod);
         sp_1024_mont_sub_18(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_18(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_18(b, t2, p1024_mod);
+        sp_1024_mont_sub_18(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_18(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_18(r[j].z, z, y, p1024_mod, p1024_mp_mod);
         z = r[j].z;
@@ -45515,7 +45579,7 @@ static void sp_1024_proj_point_dbl_n_store_18(sp_point_1024* r,
         sp_1024_mont_mul_18(y, b, a, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_18(y, y, t1, p1024_mod);
         /* Y = Y/2 */
-        sp_1024_div2_18(r[j].y, y, p1024_mod);
+        sp_1024_mont_div2_18(r[j].y, y, p1024_mod);
         r[j].infinity = 0;
     }
 }
@@ -45589,8 +45653,8 @@ static void sp_1024_proj_point_add_sub_18(sp_point_1024* ra,
     sp_1024_mont_sub_18(xs, xs, t1, p1024_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_lower_18(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_lower_18(ya, ya, xa, p1024_mod);
+    sp_1024_mont_sub_18(ys, ya, xs, p1024_mod);
+    sp_1024_mont_sub_18(ya, ya, xa, p1024_mod);
     sp_1024_mont_mul_18(ya, ya, t4, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_18(t6, p1024_mod, t6, p1024_mod);
     sp_1024_mont_mul_18(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -45718,7 +45782,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_10
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 
+    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
         (65+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -45841,12 +45905,12 @@ static int sp_1024_ecc_mulmod_win_add_sub_18(sp_point_1024* r, const sp_point_10
 static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*18;
-    sp_digit* t3 = t + 4*18;
-    sp_digit* t4 = t + 6*18;
-    sp_digit* t5 = t + 8*18;
-    sp_digit* t6 = t + 10*18;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*18;
+    sp_digit* t6 = t + 4*18;
+    sp_digit* t1 = t + 6*18;
+    sp_digit* t4 = t + 8*18;
+    sp_digit* t5 = t + 10*18;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -45862,13 +45926,9 @@ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
         sp_1024_proj_point_dbl_18(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_18(t2, t2, p->x, p1024_mod);
@@ -45877,33 +45937,40 @@ static void sp_1024_proj_point_add_qz1_18(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_18(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_18(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_18(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_18(t1, t3, p1024_mod);
-        sp_1024_mont_sub_18(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_18(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_18(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_18(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_18(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_18(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_18(t5, t3, p1024_mod);
+        sp_1024_mont_sub_18(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_18(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_18(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_18(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_18(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_18(y, t3, t5, p1024_mod);
+        sp_1024_mont_mul_18(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_18(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
 
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 18; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 18; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+            for (i = 0; i < 18; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 18; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -46155,7 +46222,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -46226,8 +46293,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_18(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_win_add_sub_18(r, g, k, map, ct, heap);
@@ -49774,7 +49841,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -49796,7 +49863,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -50012,7 +50079,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -50038,7 +50105,7 @@ static void sp_1024_proj_mul_qx1_18(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_18(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -51803,7 +51870,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -51918,7 +51985,7 @@ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_18(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_18(t1, ty, p1024_mod);
+    sp_1024_mont_div2_18(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -51938,7 +52005,7 @@ static void sp_1024_accumulate_line_dbl_18(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_18(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_18(t1, t1, p1024_mod);
+    sp_1024_mont_div2_18(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_18(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -52356,7 +52423,7 @@ static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_18(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_18(t1, ty, p1024_mod);
+        sp_1024_mont_div2_18(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_18(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -52394,7 +52461,7 @@ static void sp_1024_accumulate_line_dbl_n_18(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_18(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_18(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -53202,7 +53269,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -53231,19 +53298,21 @@ static int sp_1024_ecc_is_point_18(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 18;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_18(t1, point->y);
         (void)sp_1024_mod_18(t1, t1, p1024_mod);
         sp_1024_sqr_18(t2, point->x);
         (void)sp_1024_mod_18(t2, t2, p1024_mod);
         sp_1024_mul_18(t2, t2, point->x);
         (void)sp_1024_mod_18(t2, t2, p1024_mod);
-        (void)sp_1024_sub_18(t2, p1024_mod, t2);
-        sp_1024_mont_add_18(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_18(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_18(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_18(t1, p1024_mod);
         sp_1024_cond_sub_18(t1, t1, p1024_mod, ~(n >> 56));
         sp_1024_norm_18(t1);
@@ -53260,7 +53329,7 @@ static int sp_1024_ecc_is_point_18(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
index 6f51ba05..3ab1accb 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_cortexm.c
@@ -55,6 +55,7 @@
 #ifdef __IAR_SYSTEMS_ICC__
 #define __asm__        asm
 #define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
 #endif /* __IAR_SYSTEMS_ICC__ */
 #ifdef __KEIL__
 #define __asm__        __asm
@@ -127,14 +128,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -239,616 +240,596 @@ static void sp_2048_to_bin_64(sp_digit* r, byte* a)
 #define sp_2048_norm_64(a)
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[8];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
+        "SUB	sp, sp, #0x24\n\t"
+        "STR	%[r], [sp, #32]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
         /* A[0] * B[0] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [%[tmp], #0]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "UMULL	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "UMULL	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "UMULL	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "UMULL	r9, r10, r12, lr\n\t"
+        "STR	r3, [sp]\n\t"
         /* A[0] * B[1] */
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r8\n\t"
+        "LDR	lr, [%[b], #4]\n\t"
+        "MOV	r11, %[r]\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r3, %[r], #0x0\n\t"
+        "UMLAL	r10, r3, r12, lr\n\t"
         /* A[1] * B[0] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #4]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * B[2] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[1] * B[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[0] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #8]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * B[3] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[1] * B[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[1] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[0] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[tmp], #12]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * B[4] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[1] * B[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[1] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[0] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #16]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * B[5] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[1] * B[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[2] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[1] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[0] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #20]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * B[6] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[1] * B[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[2] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[1] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[0] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[tmp], #24]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * B[7] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
         /* A[1] * B[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[3] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[2] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[1] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[0] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #28]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[1] * B[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[2] * B[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[3] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[2] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[1] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[2] * B[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[3] * B[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[4] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[3] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[2] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[3] * B[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[4] * B[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[4] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[3] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[4] * B[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[5] * B[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[5] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[4] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[5] * B[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[6] * B[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[5] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[6] * B[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r9, %[r], #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "LDR	r12, [%[a], #28]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[7] * B[6] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[7] * B[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        /* Transfer tmp to r */
-        "ldr	r3, [%[tmp], #0]\n\t"
-        "ldr	r4, [%[tmp], #4]\n\t"
-        "ldr	r5, [%[tmp], #8]\n\t"
-        "ldr	r6, [%[tmp], #12]\n\t"
-        "str	r3, [%[r], #0]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[tmp], #16]\n\t"
-        "ldr	r4, [%[tmp], #20]\n\t"
-        "ldr	r5, [%[tmp], #24]\n\t"
-        "ldr	r6, [%[tmp], #28]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "UMLAL	r9, r10, r12, lr\n\t"
+        "LDR	%[r], [sp, #32]\n\t"
+        "ADD	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x24\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
-/* Add b to a into r. (r = a + b)
+#else
+/* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_2048_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "SUB	sp, sp, #0x2c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "STRD	%[r], %[a], [sp, #36]\n\t"
+#else
+        "STR	%[r], [sp, #36]\n\t"
+        "STR	%[a], [sp, #40]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[b]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3}\n\t"
+        "LDM	lr!, {r4, r5, r6}\n\t"
+        "UMULL	r10, r11, r0, r4\n\t"
+        "UMULL	r12, r7, r1, r4\n\t"
+        "UMAAL	r11, r12, r0, r5\n\t"
+        "UMULL	r8, r9, r2, r4\n\t"
+        "UMAAL	r12, r8, r1, r5\n\t"
+        "UMAAL	r12, r7, r0, r6\n\t"
+        "UMAAL	r8, r9, r3, r4\n\t"
+        "STM	sp, {r10, r11, r12}\n\t"
+        "UMAAL	r7, r8, r2, r5\n\t"
+        "LDM	lr!, {r4}\n\t"
+        "UMULL	r10, r11, r1, r6\n\t"
+        "UMAAL	r8, r9, r2, r6\n\t"
+        "UMAAL	r7, r10, r0, r4\n\t"
+        "UMAAL	r8, r11, r3, r5\n\t"
+        "STR	r7, [sp, #12]\n\t"
+        "UMAAL	r8, r10, r1, r4\n\t"
+        "UMAAL	r9, r11, r3, r6\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "UMAAL	r10, r11, r3, r4\n\t"
+        "LDM	lr, {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMLAL	r8, r12, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r10, r12, r2, r4\n\t"
+        "UMAAL	r11, r12, r3, r4\n\t"
+        "MOV	r4, #0x0\n\t"
+        "UMLAL	r9, r4, r0, r5\n\t"
+        "UMAAL	r10, r4, r1, r5\n\t"
+        "UMAAL	r11, r4, r2, r5\n\t"
+        "UMAAL	r12, r4, r3, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r0, r6\n\t"
+        "UMAAL	r11, r5, r1, r6\n\t"
+        "UMAAL	r12, r5, r2, r6\n\t"
+        "UMAAL	r4, r5, r3, r6\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r11, r6, r0, r7\n\t"
+        "LDR	r0, [sp, #40]\n\t"
+        "UMAAL	r12, r6, r1, r7\n\t"
+        "ADD	r0, r0, #0x10\n\t"
+        "UMAAL	r4, r6, r2, r7\n\t"
+        "SUB	lr, lr, #0x10\n\t"
+        "UMAAL	r5, r6, r3, r7\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "STR	r6, [sp, #32]\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r8, r7, r0, r6\n\t"
+        "UMAAL	r9, r7, r1, r6\n\t"
+        "STR	r8, [sp, #16]\n\t"
+        "UMAAL	r10, r7, r2, r6\n\t"
+        "UMAAL	r11, r7, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r8, #0x0\n\t"
+        "UMLAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r10, r8, r1, r6\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "UMAAL	r11, r8, r2, r6\n\t"
+        "UMAAL	r12, r8, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r10, r9, r0, r6\n\t"
+        "UMAAL	r11, r9, r1, r6\n\t"
+        "STR	r10, [sp, #24]\n\t"
+        "UMAAL	r12, r9, r2, r6\n\t"
+        "UMAAL	r4, r9, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r10, #0x0\n\t"
+        "UMLAL	r11, r10, r0, r6\n\t"
+        "UMAAL	r12, r10, r1, r6\n\t"
+        "STR	r11, [sp, #28]\n\t"
+        "UMAAL	r4, r10, r2, r6\n\t"
+        "UMAAL	r5, r10, r3, r6\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r12, r7, r0, r11\n\t"
+        "UMAAL	r4, r7, r1, r11\n\t"
+        "LDR	r6, [sp, #32]\n\t"
+        "UMAAL	r5, r7, r2, r11\n\t"
+        "UMAAL	r6, r7, r3, r11\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r4, r8, r0, r11\n\t"
+        "UMAAL	r5, r8, r1, r11\n\t"
+        "UMAAL	r6, r8, r2, r11\n\t"
+        "UMAAL	r7, r8, r3, r11\n\t"
+        "LDM	lr, {r11, lr}\n\t"
+        "UMAAL	r5, r9, r0, r11\n\t"
+        "UMAAL	r6, r10, r0, lr\n\t"
+        "UMAAL	r6, r9, r1, r11\n\t"
+        "UMAAL	r7, r10, r1, lr\n\t"
+        "UMAAL	r7, r9, r2, r11\n\t"
+        "UMAAL	r8, r10, r2, lr\n\t"
+        "UMAAL	r8, r9, r3, r11\n\t"
+        "UMAAL	r9, r10, r3, lr\n\t"
+        "MOV	r3, r12\n\t"
+        "LDR	lr, [sp, #36]\n\t"
+        "ADD	lr, lr, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	lr, lr, #0x20\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x2c\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
     );
-
-    return c;
 }
 
-/* Sub b from a into r. (r = a - b)
+#endif /* WOLFSSL_SP_NO_UMAAL */
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+/* Sub b from a into a. (a -= b)
+ *
+ * a  A single precision integer and result.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_16(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -857,60 +838,54 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_16(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -978,105 +953,85 @@ SP_NOINLINE static void sp_2048_mul_16(sp_digit* r, const sp_digit* a,
     (void)sp_2048_add_8(r + 24, r + 24, a1);
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -1085,100 +1040,82 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -1250,185 +1187,141 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
     (void)sp_2048_add_16(r + 48, r + 48, a1);
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -1437,180 +1330,138 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -1682,396 +1533,412 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
     (void)sp_2048_add_32(r + 96, r + 96, a1);
 }
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
 SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[8];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        /* A[0] * A[0] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "umull	r3, r4, r6, r6\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [%[tmp], #0]\n\t"
-        "mov	r3, #0\n\t"
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[r], [sp, #64]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
         /* A[0] * A[1] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #4]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * A[2] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * A[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #8]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[a], #4]\n\t"
+        "UMULL	r4, r5, r12, lr\n\t"
         /* A[0] * A[3] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
-        /* A[1] * A[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[tmp], #12]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "UMULL	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[0] * A[4] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[1] * A[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[tmp], #16]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * A[5] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[1] * A[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r3, r3, r10\n\t"
-        "adc	r4, r4, r11\n\t"
-        "str	r5, [%[tmp], #20]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * A[6] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[1] * A[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[tmp], #24]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * A[7] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
         /* A[1] * A[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[tmp], #28]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[1] * A[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[2] * A[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[4] * A[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r3, r3, r10\n\t"
-        "adc	r4, r4, r11\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[2] * A[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[3] * A[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[4] * A[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[3] * A[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[a], #20]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[4] * A[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[5] * A[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[4] * A[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
         /* A[5] * A[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[5] * A[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * A[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
         /* A[6] * A[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, r12\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[7] * A[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        /* Transfer tmp to r */
-        "ldr	r3, [%[tmp], #0]\n\t"
-        "ldr	r4, [%[tmp], #4]\n\t"
-        "ldr	r5, [%[tmp], #8]\n\t"
-        "ldr	r6, [%[tmp], #12]\n\t"
-        "str	r3, [%[r], #0]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[tmp], #16]\n\t"
-        "ldr	r4, [%[tmp], #20]\n\t"
-        "ldr	r5, [%[tmp], #24]\n\t"
-        "ldr	r6, [%[tmp], #28]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r12, r12\n\t"
+        "LDR	%[r], [sp, #64]\n\t"
+        "ADD	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+SP_NOINLINE static void sp_2048_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x20\n\t"
+        "STR	%[r], [sp, #28]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "UMULL	r9, r10, r0, r0\n\t"
+        "UMULL	r11, r12, r0, r1\n\t"
+        "ADDS	r11, r11, r11\n\t"
+        "MOV	lr, #0x0\n\t"
+        "UMAAL	r10, r11, lr, lr\n\t"
+        "STM	sp, {r9, r10}\n\t"
+        "MOV	r8, lr\n\t"
+        "UMAAL	r8, r12, r0, r2\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r8, r11, r1, r1\n\t"
+        "UMULL	r9, r10, r0, r3\n\t"
+        "UMAAL	r9, r12, r1, r2\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STRD	r8, r9, [sp, #8]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r10, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r2, r2\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "UMULL	r9, r8, r0, r5\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r9, r10, r2, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r9, r12, r1, r5\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r3, r3\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "UMULL	r0, r9, r0, r7\n\t"
+        "UMAAL	r0, r8, r1, r6\n\t"
+        "UMAAL	r0, r12, r2, r5\n\t"
+        "UMAAL	r0, r10, r3, r4\n\t"
+        "ADCS	r0, r0, r0\n\t"
+        "UMAAL	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "UMAAL	r9, r8, r1, r7\n\t"
+        "UMAAL	r9, r10, r2, r6\n\t"
+        "UMAAL	r12, r9, r3, r5\n\t"
+        "ADCS	r12, r12, r12\n\t"
+        "UMAAL	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "UMAAL	r9, r8, r2, r7\n\t"
+        "UMAAL	r10, r9, r3, r6\n\t"
+        "MOV	r2, lr\n\t"
+        "UMAAL	r10, r2, r4, r5\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "UMAAL	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "UMAAL	r2, r8, r3, r7\n\t"
+        "UMAAL	r2, r9, r4, r6\n\t"
+        "ADCS	r3, r2, r2\n\t"
+        "UMAAL	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "MOV	r1, lr\n\t"
+        "UMAAL	r1, r8, r4, r7\n\t"
+        "UMAAL	r1, r9, r5, r6\n\t"
+        "ADCS	r4, r1, r1\n\t"
+        "UMAAL	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "UMAAL	r8, r9, r5, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "MOV	r5, lr\n\t"
+        "UMAAL	r5, r9, r6, r7\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "UMAAL	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r5, r7, r7\n\t"
+        "ADCS	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "LDR	lr, [sp, #28]\n\t"
+        "ADD	lr, lr, #0x1c\n\t"
+        "STM	lr!, {r0, r12}\n\t"
+        "STM	lr!, {r11}\n\t"
+        "STM	lr!, {r10}\n\t"
+        "STM	lr!, {r3, r4, r8, r9}\n\t"
+        "STM	lr!, {r7}\n\t"
+        "SUB	lr, lr, #0x40\n\t"
+        "LDM	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+        "STM	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+        "ADD	sp, sp, #0x20\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a), [tmp] "r" (tmp)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_NO_UMAAL */
 /* Sub b from a into r. (r = a - b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -2116,59 +1983,53 @@ SP_NOINLINE static void sp_2048_sqr_16(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -2213,99 +2074,81 @@ SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -2352,39 +2195,45 @@ SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #256\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x100\n\t"
+        "\n"
+    "L_sp_2048_add_64_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_2048_add_64_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_2048_add_64_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -2394,39 +2243,43 @@ SP_NOINLINE static sp_digit sp_2048_add_64(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_64(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #256\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x100\n\t"
+        "\n"
+    "L_sp_2048_sub_in_pkace_64_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_2048_sub_in_pkace_64_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_2048_sub_in_pkace_64_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -2437,86 +2290,99 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_64(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_2048_mul_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[64 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #252\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x200\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_2048_mul_64_outer:\n\t"
+        "SUBS	r3, r5, #0xfc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_2048_mul_64_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_2048_mul_64_inner_done\n\t"
+#else
+        "BGT.N	L_sp_2048_mul_64_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BLT	L_sp_2048_mul_64_inner\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BLT.N	L_sp_2048_mul_64_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mul_64_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x1f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLE	L_sp_2048_mul_64_outer\n\t"
+#else
+        "BLE.N	L_sp_2048_mul_64_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #252]\n\t"
+        "LDR	r11, [%[b], #252]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_2048_mul_64_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BGT	L_sp_2048_mul_64_store\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BGT.N	L_sp_2048_mul_64_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -2524,129 +2390,91 @@ SP_NOINLINE static void sp_2048_mul_64(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_sqr_64(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_2048_sqr_64(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #252\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
+        "SUB	sp, sp, #0x200\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_2048_sqr_64_outer:\n\t"
+        "SUBS	r3, r5, #0xfc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_2048_sqr_64_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_2048_sqr_64_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_2048_sqr_64_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_2048_sqr_64_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_2048_sqr_64_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_2048_sqr_64_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x1f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #1\n\t"
-        "lsl	r3, r3, #8\n\t"
-        "add	r3, r3, #252\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_2048_sqr_64_outer\n\t"
+#else
+        "BLE.N	L_sp_2048_sqr_64_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #252]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_2048_sqr_64_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
+        "BGT	L_sp_2048_sqr_64_store\n\t"
 #else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT.N	L_sp_2048_sqr_64_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -2676,39 +2504,45 @@ static void sp_2048_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #128\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x80\n\t"
+        "\n"
+    "L_sp_2048_add_32_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_2048_add_32_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_2048_add_32_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -2718,39 +2552,43 @@ SP_NOINLINE static sp_digit sp_2048_add_32(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #128\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x80\n\t"
+        "\n"
+    "L_sp_2048_sub_in_pkace_32_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_2048_sub_in_pkace_32_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_2048_sub_in_pkace_32_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -2761,83 +2599,99 @@ SP_NOINLINE static sp_digit sp_2048_sub_in_place_32(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_2048_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[32 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x100\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_2048_mul_32_outer:\n\t"
+        "SUBS	r3, r5, #0x7c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_2048_mul_32_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_2048_mul_32_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BGT.N	L_sp_2048_mul_32_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT	L_sp_2048_mul_32_inner\n\t"
+#else
+        "BLT.N	L_sp_2048_mul_32_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mul_32_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0xf4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BLE	L_sp_2048_mul_32_outer\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BLE.N	L_sp_2048_mul_32_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #124]\n\t"
+        "LDR	r11, [%[b], #124]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_2048_mul_32_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_2048_mul_32_store\n\t"
+#else
+        "BGT.N	L_sp_2048_mul_32_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -2845,131 +2699,98 @@ SP_NOINLINE static void sp_2048_mul_32(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_sqr_32(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_2048_sqr_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "SUB	sp, sp, #0x100\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_2048_sqr_32_outer:\n\t"
+        "SUBS	r3, r5, #0x7c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_2048_sqr_32_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_2048_sqr_32_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_2048_sqr_32_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_2048_sqr_32_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_2048_sqr_32_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_2048_sqr_32_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0xf4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #252\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_2048_sqr_32_outer\n\t"
+#else
+        "BLE.N	L_sp_2048_sqr_32_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #124]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_2048_sqr_32_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
+        "BGT	L_sp_2048_sqr_32_store\n\t"
 #else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT.N	L_sp_2048_sqr_32_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -2989,48 +2810,406 @@ static void sp_2048_mont_setup(const sp_digit* a, sp_digit* rho)
     *rho = (sp_digit)0 - x;
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #256\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_2048_mul_d_64_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x100\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_2048_mul_d_64_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_2048_mul_d_64_word\n\t"
+#endif
+        "STR	r3, [%[r], #256]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_64(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_64(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[32] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[33] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[34] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[35] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[36] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[37] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[38] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[39] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[40] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[41] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[42] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[43] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[44] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[45] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[46] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[47] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[48] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[49] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[50] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[51] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[52] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[53] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[54] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[55] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[56] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[57] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[58] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[59] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[60] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[61] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[62] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[63] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "STR	r4, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
 /* r = 2^n mod m where n is the number of bits to reduce by.
  * Given m must be 2048 bits, just need to subtract.
@@ -3046,6 +3225,7 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
     sp_2048_sub_in_place_32(r, m);
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -3054,141 +3234,917 @@ static void sp_2048_mont_norm_32(sp_digit* r, const sp_digit* m)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #128\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_2048_cond_sub_32_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_2048_cond_sub_32_words\n\t"
+#else
+        "BLT.N	L_sp_2048_cond_sub_32_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
 
-    return c;
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x80\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_2048_mont_reduce_32_word\n\t"
+#else
+        "BLT.W	L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
 }
 
+#else
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #128\n\t"
-        "\n1:\n\t"
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #120\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
         /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_32_mul\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_32_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #128]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #128]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BLT	L_sp_2048_mont_reduce_32_word\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
+#else
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
         /* a[i+30] += m[30] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
         /* a[i+31] += m[31] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[31] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[31] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #120\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #128]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #128]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x80\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_2048_mont_reduce_32_word\n\t"
+#else
+        "BLT.W	L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
+}
 
-    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_word:\n\t"
+        /* mu = a[i] * mp */
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_32_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+1] += m[j+1] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_32_mul\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_32_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #128]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #128]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x80\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_32_word\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_2048_cond_sub_32(a - 32, a, m, (sp_digit)0 - mp);
 }
 
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -3196,7 +4152,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3210,7 +4166,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -3219,48 +4175,312 @@ SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
     sp_2048_mont_reduce_32(r, m, mp);
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #128\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_2048_mul_d_32_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_2048_mul_d_32_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_2048_mul_d_32_word\n\t"
+#endif
+        "STR	r3, [%[r], #128]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "STR	r5, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -3270,49 +4490,69 @@ SP_NOINLINE static void sp_2048_mul_d_32(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_2048_word_32_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_2048_word_32_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* Compare a with b in constant time.
  *
  * a  A single precision integer.
@@ -3320,44 +4560,401 @@ SP_NOINLINE static sp_digit div_2048_word_32(sp_digit d1, sp_digit d0,
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_2048_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #124\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x7c\n\t"
+        "\n"
+    "L_sp_2048_cmp_32_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_2048_cmp_32_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -3369,8 +4966,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_32(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -3756,6 +5353,7 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
 }
 
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -3764,142 +5362,1445 @@ static void sp_2048_mont_norm_64(sp_digit* r, const sp_digit* m)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #1\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_2048_cond_sub_64_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x100\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_2048_cond_sub_64_words\n\t"
+#else
+        "BLT.N	L_sp_2048_cond_sub_64_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
 
-    return c;
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r9, [%[m], #128]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r9, [%[m], #132]\n\t"
+        "LDR	r12, [%[a], #132]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #132]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r9, [%[m], #136]\n\t"
+        "LDR	r12, [%[a], #136]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #136]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r9, [%[m], #140]\n\t"
+        "LDR	r12, [%[a], #140]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #140]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r9, [%[m], #144]\n\t"
+        "LDR	r12, [%[a], #144]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #144]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r9, [%[m], #148]\n\t"
+        "LDR	r12, [%[a], #148]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #148]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r9, [%[m], #152]\n\t"
+        "LDR	r12, [%[a], #152]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #152]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r9, [%[m], #156]\n\t"
+        "LDR	r12, [%[a], #156]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #156]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r9, [%[m], #160]\n\t"
+        "LDR	r12, [%[a], #160]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #160]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r9, [%[m], #164]\n\t"
+        "LDR	r12, [%[a], #164]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #164]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r9, [%[m], #168]\n\t"
+        "LDR	r12, [%[a], #168]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #168]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r9, [%[m], #172]\n\t"
+        "LDR	r12, [%[a], #172]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #172]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r9, [%[m], #176]\n\t"
+        "LDR	r12, [%[a], #176]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #176]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r9, [%[m], #180]\n\t"
+        "LDR	r12, [%[a], #180]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #180]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r9, [%[m], #184]\n\t"
+        "LDR	r12, [%[a], #184]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #184]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r9, [%[m], #188]\n\t"
+        "LDR	r12, [%[a], #188]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #188]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r9, [%[m], #192]\n\t"
+        "LDR	r12, [%[a], #192]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #192]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r9, [%[m], #196]\n\t"
+        "LDR	r12, [%[a], #196]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #196]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r9, [%[m], #200]\n\t"
+        "LDR	r12, [%[a], #200]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #200]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r9, [%[m], #204]\n\t"
+        "LDR	r12, [%[a], #204]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #204]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r9, [%[m], #208]\n\t"
+        "LDR	r12, [%[a], #208]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #208]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r9, [%[m], #212]\n\t"
+        "LDR	r12, [%[a], #212]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #212]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r9, [%[m], #216]\n\t"
+        "LDR	r12, [%[a], #216]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #216]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r9, [%[m], #220]\n\t"
+        "LDR	r12, [%[a], #220]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #220]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r9, [%[m], #224]\n\t"
+        "LDR	r12, [%[a], #224]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #224]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r9, [%[m], #228]\n\t"
+        "LDR	r12, [%[a], #228]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #228]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r9, [%[m], #232]\n\t"
+        "LDR	r12, [%[a], #232]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #232]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r9, [%[m], #236]\n\t"
+        "LDR	r12, [%[a], #236]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #236]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r9, [%[m], #240]\n\t"
+        "LDR	r12, [%[a], #240]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #240]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r9, [%[m], #244]\n\t"
+        "LDR	r12, [%[a], #244]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #244]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "LDR	r9, [%[m], #248]\n\t"
+        "LDR	r12, [%[a], #248]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #248]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "LDR	r9, [%[m], #252]\n\t"
+        "LDR	r12, [%[a], #252]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #252]\n\t"
+        "LDR	r12, [%[a], #256]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #256]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x100\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_2048_mont_reduce_64_word\n\t"
+#else
+        "BLT.W	L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
 }
 
+#else
 /* Reduce the number back to 2048 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #256\n\t"
-        "\n1:\n\t"
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #248\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
         /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_64_mul\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_64_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #256]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #256]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x100\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BLT	L_sp_2048_mont_reduce_64_word\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r12, [%[m], #128]\n\t"
+        "LDR	r11, [%[a], #128]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r12, [%[m], #132]\n\t"
+        "LDR	r11, [%[a], #132]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r12, [%[m], #136]\n\t"
+        "LDR	r11, [%[a], #136]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r12, [%[m], #140]\n\t"
+        "LDR	r11, [%[a], #140]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r12, [%[m], #144]\n\t"
+        "LDR	r11, [%[a], #144]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r12, [%[m], #148]\n\t"
+        "LDR	r11, [%[a], #148]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r12, [%[m], #152]\n\t"
+        "LDR	r11, [%[a], #152]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r12, [%[m], #156]\n\t"
+        "LDR	r11, [%[a], #156]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r12, [%[m], #160]\n\t"
+        "LDR	r11, [%[a], #160]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r12, [%[m], #164]\n\t"
+        "LDR	r11, [%[a], #164]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r12, [%[m], #168]\n\t"
+        "LDR	r11, [%[a], #168]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r12, [%[m], #172]\n\t"
+        "LDR	r11, [%[a], #172]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r12, [%[m], #176]\n\t"
+        "LDR	r11, [%[a], #176]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r12, [%[m], #180]\n\t"
+        "LDR	r11, [%[a], #180]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r12, [%[m], #184]\n\t"
+        "LDR	r11, [%[a], #184]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r12, [%[m], #188]\n\t"
+        "LDR	r11, [%[a], #188]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r12, [%[m], #192]\n\t"
+        "LDR	r11, [%[a], #192]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r12, [%[m], #196]\n\t"
+        "LDR	r11, [%[a], #196]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r12, [%[m], #200]\n\t"
+        "LDR	r11, [%[a], #200]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r12, [%[m], #204]\n\t"
+        "LDR	r11, [%[a], #204]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r12, [%[m], #208]\n\t"
+        "LDR	r11, [%[a], #208]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r12, [%[m], #212]\n\t"
+        "LDR	r11, [%[a], #212]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r12, [%[m], #216]\n\t"
+        "LDR	r11, [%[a], #216]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r12, [%[m], #220]\n\t"
+        "LDR	r11, [%[a], #220]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r12, [%[m], #224]\n\t"
+        "LDR	r11, [%[a], #224]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r12, [%[m], #228]\n\t"
+        "LDR	r11, [%[a], #228]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r12, [%[m], #232]\n\t"
+        "LDR	r11, [%[a], #232]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r12, [%[m], #236]\n\t"
+        "LDR	r11, [%[a], #236]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r12, [%[m], #240]\n\t"
+        "LDR	r11, [%[a], #240]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r12, [%[m], #244]\n\t"
+        "LDR	r11, [%[a], #244]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #244]\n\t"
         /* a[i+62] += m[62] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r12, [%[m], #248]\n\t"
+        "LDR	r11, [%[a], #248]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #248]\n\t"
         /* a[i+63] += m[63] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[63] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[63] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #248\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r12, [%[m], #252]\n\t"
+        "LDR	r11, [%[a], #252]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #256]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #252]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #256]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x100\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_2048_mont_reduce_64_word\n\t"
+#else
+        "BLT.W	L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 2048 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - ca);
+    __asm__ __volatile__ (
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_word:\n\t"
+        /* mu = a[i] * mp */
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_2048_mont_reduce_64_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+1] += m[j+1] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_64_mul\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_64_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #256]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #256]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x100\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_2048_mont_reduce_64_word\n\t"
+#else
+        "BLT.N	L_sp_2048_mont_reduce_64_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_2048_cond_sub_64(a - 64, a, m, (sp_digit)0 - mp);
 }
 
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -3907,7 +6808,7 @@ SP_NOINLINE static void sp_2048_mont_reduce_64(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3921,7 +6822,7 @@ SP_NOINLINE static void sp_2048_mont_mul_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -3937,39 +6838,44 @@ SP_NOINLINE static void sp_2048_mont_sqr_64(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r5, #1\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "add	r6, r6, r5\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x100\n\t"
+        "\n"
+    "L_sp_2048_sub_64_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_2048_sub_64_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_2048_sub_64_word\n\t"
+#endif
+        "MOV	%[r], r11\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
@@ -3979,182 +6885,206 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_sub_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)d1;
+}
+
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -4164,49 +7094,69 @@ SP_NOINLINE static sp_digit sp_2048_sub_64(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_2048_word_64_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_2048_word_64_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* Divide d in a and put remainder into r (m*d + r = a)
  * m is not calculated as it is not needed at this time.
  *
@@ -4216,8 +7166,8 @@ SP_NOINLINE static sp_digit div_2048_word_64(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -4279,6 +7229,7 @@ static WC_INLINE int sp_2048_mod_64_cond(sp_digit* r, const sp_digit* a, const s
 }
 
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -4316,44 +7267,753 @@ static void sp_2048_mask_64(sp_digit* r, const sp_digit* a, sp_digit m)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_2048_cmp_64(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #252\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0xfc\n\t"
+        "\n"
+    "L_sp_2048_cmp_64_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_2048_cmp_64_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #252]\n\t"
+        "LDR	r5, [%[b], #252]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #248]\n\t"
+        "LDR	r5, [%[b], #248]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #244]\n\t"
+        "LDR	r5, [%[b], #244]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #240]\n\t"
+        "LDR	r5, [%[b], #240]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #236]\n\t"
+        "LDR	r5, [%[b], #236]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #232]\n\t"
+        "LDR	r5, [%[b], #232]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #228]\n\t"
+        "LDR	r5, [%[b], #228]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #224]\n\t"
+        "LDR	r5, [%[b], #224]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #220]\n\t"
+        "LDR	r5, [%[b], #220]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #216]\n\t"
+        "LDR	r5, [%[b], #216]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #212]\n\t"
+        "LDR	r5, [%[b], #212]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #208]\n\t"
+        "LDR	r5, [%[b], #208]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #204]\n\t"
+        "LDR	r5, [%[b], #204]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #200]\n\t"
+        "LDR	r5, [%[b], #200]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #196]\n\t"
+        "LDR	r5, [%[b], #196]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #192]\n\t"
+        "LDR	r5, [%[b], #192]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #188]\n\t"
+        "LDR	r5, [%[b], #188]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #184]\n\t"
+        "LDR	r5, [%[b], #184]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #180]\n\t"
+        "LDR	r5, [%[b], #180]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #176]\n\t"
+        "LDR	r5, [%[b], #176]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #172]\n\t"
+        "LDR	r5, [%[b], #172]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #168]\n\t"
+        "LDR	r5, [%[b], #168]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #164]\n\t"
+        "LDR	r5, [%[b], #164]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #160]\n\t"
+        "LDR	r5, [%[b], #160]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #156]\n\t"
+        "LDR	r5, [%[b], #156]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #152]\n\t"
+        "LDR	r5, [%[b], #152]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #148]\n\t"
+        "LDR	r5, [%[b], #148]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #144]\n\t"
+        "LDR	r5, [%[b], #144]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #140]\n\t"
+        "LDR	r5, [%[b], #140]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #136]\n\t"
+        "LDR	r5, [%[b], #136]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #132]\n\t"
+        "LDR	r5, [%[b], #132]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "LDR	r5, [%[b], #128]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -4365,8 +8025,8 @@ SP_NOINLINE static sp_int32 sp_2048_cmp_64(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_2048_div_64(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[128], t2[65];
     sp_digit div, r1;
@@ -4411,6 +8071,7 @@ static WC_INLINE int sp_2048_mod_64(sp_digit* r, const sp_digit* a, const sp_dig
     return sp_2048_div_64(a, m, NULL, r);
 }
 
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
                                                      defined(WOLFSSL_HAVE_SP_DH)
 #ifdef WOLFSSL_SP_SMALL
@@ -4874,6 +8535,7 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
 }
 
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -4882,39 +8544,192 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
  * b  A single precision number to add.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #128\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_2048_cond_add_32_words:\n\t"
+        "ADDS	r5, r5, #0xffffffff\n\t"
+        "LDR	r6, [%[a], r4]\n\t"
+        "LDR	r7, [%[b], r4]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "ADCS	r6, r6, r7\n\t"
+        "ADC	r5, r8, r8\n\t"
+        "STR	r6, [%[r], r4]\n\t"
+        "ADD	r4, r4, #0x4\n\t"
+        "CMP	r4, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_2048_cond_add_32_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_2048_cond_add_32_words\n\t"
+#endif
+        "MOV	%[r], r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_2048_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_2048_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "ADC	%[r], r10, r10\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 /* RSA private key operation.
  *
  * in      Array of bytes representing the number to exponentiate, base.
@@ -5229,406 +9044,407 @@ int sp_ModExp_2048(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef WOLFSSL_HAVE_SP_DH
 
 #ifdef HAVE_FFDHE_2048
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_2048_lshift_64(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
 static void sp_2048_lshift_64(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #31\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "add	%[a], %[a], #192\n\t"
-        "add	%[r], %[r], #192\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "lsr	r4, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r4, r4, r6\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r2, [%[r], #64]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r2, [%[r], #52]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r2, [%[r], #40]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r2, [%[r], #28]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r2, [%[r], #16]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #0]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r2, [%[r], #68]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "str	r3, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
+        "RSB	r7, %[n], #0x1f\n\t"
+        "LDR	r5, [%[a], #252]\n\t"
+        "LSR	r6, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r6, r6, r7\n\t"
+        "LDR	r4, [%[a], #248]\n\t"
+        "STR	r6, [%[r], #256]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #244]\n\t"
+        "STR	r5, [%[r], #252]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #240]\n\t"
+        "STR	r4, [%[r], #248]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #236]\n\t"
+        "STR	r6, [%[r], #244]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #232]\n\t"
+        "STR	r5, [%[r], #240]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #228]\n\t"
+        "STR	r4, [%[r], #236]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #224]\n\t"
+        "STR	r6, [%[r], #232]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #220]\n\t"
+        "STR	r5, [%[r], #228]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #216]\n\t"
+        "STR	r4, [%[r], #224]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #212]\n\t"
+        "STR	r6, [%[r], #220]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #208]\n\t"
+        "STR	r5, [%[r], #216]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #204]\n\t"
+        "STR	r4, [%[r], #212]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #200]\n\t"
+        "STR	r6, [%[r], #208]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #196]\n\t"
+        "STR	r5, [%[r], #204]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #192]\n\t"
+        "STR	r4, [%[r], #200]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #188]\n\t"
+        "STR	r6, [%[r], #196]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #184]\n\t"
+        "STR	r5, [%[r], #192]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #180]\n\t"
+        "STR	r4, [%[r], #188]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #176]\n\t"
+        "STR	r6, [%[r], #184]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #172]\n\t"
+        "STR	r5, [%[r], #180]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #168]\n\t"
+        "STR	r4, [%[r], #176]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #164]\n\t"
+        "STR	r6, [%[r], #172]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #160]\n\t"
+        "STR	r5, [%[r], #168]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #156]\n\t"
+        "STR	r4, [%[r], #164]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #152]\n\t"
+        "STR	r6, [%[r], #160]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #148]\n\t"
+        "STR	r5, [%[r], #156]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #144]\n\t"
+        "STR	r4, [%[r], #152]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #140]\n\t"
+        "STR	r6, [%[r], #148]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #136]\n\t"
+        "STR	r5, [%[r], #144]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #132]\n\t"
+        "STR	r4, [%[r], #140]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "STR	r6, [%[r], #136]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #124]\n\t"
+        "STR	r5, [%[r], #132]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #120]\n\t"
+        "STR	r4, [%[r], #128]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "STR	r6, [%[r], #124]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #112]\n\t"
+        "STR	r5, [%[r], #120]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #108]\n\t"
+        "STR	r4, [%[r], #116]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "STR	r6, [%[r], #112]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #100]\n\t"
+        "STR	r5, [%[r], #108]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #96]\n\t"
+        "STR	r4, [%[r], #104]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "STR	r6, [%[r], #100]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #88]\n\t"
+        "STR	r5, [%[r], #96]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #84]\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "STR	r6, [%[r], #88]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #76]\n\t"
+        "STR	r5, [%[r], #84]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #72]\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "STR	r6, [%[r], #76]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #64]\n\t"
+        "STR	r5, [%[r], #72]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #60]\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "STR	r6, [%[r], #64]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #52]\n\t"
+        "STR	r5, [%[r], #60]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #48]\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "STR	r6, [%[r], #52]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #40]\n\t"
+        "STR	r5, [%[r], #48]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #36]\n\t"
+        "STR	r4, [%[r], #44]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "STR	r6, [%[r], #40]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #28]\n\t"
+        "STR	r5, [%[r], #36]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #24]\n\t"
+        "STR	r4, [%[r], #32]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "STR	r6, [%[r], #28]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #16]\n\t"
+        "STR	r5, [%[r], #24]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #12]\n\t"
+        "STR	r4, [%[r], #20]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "STR	r6, [%[r], #16]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #4]\n\t"
+        "STR	r5, [%[r], #12]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a]]\n\t"
+        "STR	r4, [%[r], #8]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "STR	r6, [%[r], #4]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
     );
 }
 
@@ -5930,14 +9746,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -6048,83 +9864,1025 @@ static void sp_3072_to_bin_96(sp_digit* r, byte* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[12 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #48\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #44\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #88\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "SUB	sp, sp, #0x30\n\t"
+        /* A[0] * B[0] */
+        "LDR	r11, [%[a]]\n\t"
+        "LDR	r12, [%[b]]\n\t"
+        "UMULL	r3, r4, r11, r12\n\t"
+        "MOV	r5, #0x0\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[0] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        /* A[2] * B[0] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[1] */
+        "LDR	r11, [%[a], #4]\n\t"
+        "LDR	r12, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[2] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[0] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[2] */
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[1] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[0] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #12]\n\t"
+        /* A[4] * B[0] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[1] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[2] */
+        "LDR	r11, [%[a], #8]\n\t"
+        "LDR	r12, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[3] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[4] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #16]\n\t"
+        /* A[0] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[4] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[2] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[1] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[0] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #20]\n\t"
+        /* A[6] * B[0] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[1] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[2] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[3] */
+        "LDR	r11, [%[a], #12]\n\t"
+        "LDR	r12, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[4] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[5] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[6] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #24]\n\t"
+        /* A[0] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[6] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[5] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[4] */
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[3] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[2] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[1] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[0] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* A[8] * B[0] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[1] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[2] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[3] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[4] */
+        "LDR	r11, [%[a], #16]\n\t"
+        "LDR	r12, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[5] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[6] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[7] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[8] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #32]\n\t"
+        /* A[0] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[8] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[7] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[6] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[4] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[3] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[2] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[1] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[0] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #36]\n\t"
+        /* A[10] * B[0] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[1] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[2] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[3] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[4] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[5] */
+        "LDR	r11, [%[a], #20]\n\t"
+        "LDR	r12, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[6] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[7] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[8] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[9] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[10] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #40]\n\t"
+        /* A[0] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[10] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[9] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[8] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[7] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[6] */
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[5] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[4] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[3] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[2] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[1] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[0] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #44]\n\t"
+        /* A[11] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[2] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[3] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[4] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[5] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[6] */
+        "LDR	r11, [%[a], #24]\n\t"
+        "LDR	r12, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[7] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[8] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[9] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[10] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[11] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #48]\n\t"
+        /* A[2] * B[11] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[10] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[9] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[8] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[6] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[5] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[4] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[3] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[2] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #52]\n\t"
+        /* A[11] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[4] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[5] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[6] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[7] */
+        "LDR	r11, [%[a], #28]\n\t"
+        "LDR	r12, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[8] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[9] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[10] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[11] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #56]\n\t"
+        /* A[4] * B[11] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[10] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[9] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[8] */
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[7] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[6] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[5] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[4] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #60]\n\t"
+        /* A[11] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[6] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[7] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[8] */
+        "LDR	r11, [%[a], #32]\n\t"
+        "LDR	r12, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[9] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[10] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[11] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #64]\n\t"
+        /* A[6] * B[11] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[10] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[8] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[7] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[6] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #68]\n\t"
+        /* A[11] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[8] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[9] */
+        "LDR	r11, [%[a], #36]\n\t"
+        "LDR	r12, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[10] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[11] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #72]\n\t"
+        /* A[8] * B[11] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[10] */
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[9] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[8] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #76]\n\t"
+        /* A[11] * B[9] */
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[10] */
+        "LDR	r11, [%[a], #40]\n\t"
+        "LDR	r12, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[11] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #80]\n\t"
+        /* A[10] * B[11] */
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[10] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #84]\n\t"
+        /* A[11] * B[11] */
+        "UMLAL	r4, r5, r8, r9\n\t"
+        "STR	r4, [%[r], #88]\n\t"
+        "STR	r5, [%[r], #92]\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Add b to a into r. (r = a + b)
@@ -6133,131 +10891,114 @@ SP_NOINLINE static void sp_3072_mul_12(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_24(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_24(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -6266,80 +11007,68 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_24(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_24(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -6411,145 +11140,113 @@ SP_NOINLINE static void sp_3072_mul_24(sp_digit* r, const sp_digit* a,
     (void)sp_3072_add_12(r + 36, r + 36, a1);
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -6558,140 +11255,110 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -6763,265 +11430,197 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
     (void)sp_3072_add_24(r + 72, r + 72, a1);
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -7030,260 +11629,194 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -7360,122 +11893,698 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #96\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #44\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #48\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
-#else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #88\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #92\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
-#else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #96\n\t"
-        "add	sp, sp, r6\n\t"
+        "SUB	sp, sp, #0x30\n\t"
+        /* A[0] * A[0] */
+        "LDR	r10, [%[a]]\n\t"
+        "UMULL	r8, r3, r10, r10\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r8, [sp]\n\t"
+        /* A[0] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #4]\n\t"
+        /* A[0] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #8]\n\t"
+        /* A[0] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [sp, #12]\n\t"
+        /* A[0] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[1] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[2] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #16]\n\t"
+        /* A[0] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #20]\n\t"
+        /* A[0] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #24]\n\t"
+        /* A[0] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #28]\n\t"
+        /* A[0] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #32]\n\t"
+        /* A[0] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #36]\n\t"
+        /* A[0] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #40]\n\t"
+        /* A[0] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #44]\n\t"
+        /* A[1] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[2] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #48]\n\t"
+        /* A[2] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[3] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #52]\n\t"
+        /* A[3] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[4] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        /* A[4] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[5] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #60]\n\t"
+        /* A[5] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[6] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #64]\n\t"
+        /* A[6] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[7] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        /* A[7] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #72]\n\t"
+        /* A[8] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[9] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [%[r], #76]\n\t"
+        /* A[9] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        /* A[10] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #84]\n\t"
+        /* A[11] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "UMLAL	r3, r4, r10, r10\n\t"
+        "STR	r3, [%[r], #88]\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -7485,49 +12594,46 @@ SP_NOINLINE static void sp_3072_sqr_12(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -7572,79 +12678,67 @@ SP_NOINLINE static void sp_3072_sqr_24(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_24(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_24(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -7689,139 +12783,109 @@ SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -7868,39 +12932,45 @@ SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #384\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x180\n\t"
+        "\n"
+    "L_sp_3072_add_96_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_3072_add_96_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_3072_add_96_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -7910,39 +12980,43 @@ SP_NOINLINE static sp_digit sp_3072_add_96(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_96(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #384\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x180\n\t"
+        "\n"
+    "L_sp_3072_sub_in_pkace_96_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_3072_sub_in_pkace_96_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_3072_sub_in_pkace_96_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -7953,89 +13027,99 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_96(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[96 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x300\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_3072_mul_96_outer:\n\t"
+        "SUBS	r3, r5, #0x17c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_3072_mul_96_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_3072_mul_96_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BGT.N	L_sp_3072_mul_96_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT	L_sp_3072_mul_96_inner\n\t"
+#else
+        "BLT.N	L_sp_3072_mul_96_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mul_96_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x2f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BLE	L_sp_3072_mul_96_outer\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BLE.N	L_sp_3072_mul_96_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #380]\n\t"
+        "LDR	r11, [%[b], #380]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_3072_mul_96_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_3072_mul_96_store\n\t"
+#else
+        "BGT.N	L_sp_3072_mul_96_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -8043,132 +13127,91 @@ SP_NOINLINE static void sp_3072_mul_96(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_96(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_96(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #3\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
+        "SUB	sp, sp, #0x300\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_3072_sqr_96_outer:\n\t"
+        "SUBS	r3, r5, #0x17c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_3072_sqr_96_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_3072_sqr_96_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_3072_sqr_96_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_3072_sqr_96_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_3072_sqr_96_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_3072_sqr_96_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x2f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #2\n\t"
-        "lsl	r3, r3, #8\n\t"
-        "add	r3, r3, #252\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_3072_sqr_96_outer\n\t"
+#else
+        "BLE.N	L_sp_3072_sqr_96_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #380]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_3072_sqr_96_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
+        "BGT	L_sp_3072_sqr_96_store\n\t"
 #else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #3\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT.N	L_sp_3072_sqr_96_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -8198,39 +13241,45 @@ static void sp_3072_mask_48(sp_digit* r, const sp_digit* a, sp_digit m)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #192\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0xc0\n\t"
+        "\n"
+    "L_sp_3072_add_48_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_3072_add_48_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_3072_add_48_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -8240,39 +13289,43 @@ SP_NOINLINE static sp_digit sp_3072_add_48(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_in_place_48(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #192\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0xc0\n\t"
+        "\n"
+    "L_sp_3072_sub_in_pkace_48_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_3072_sub_in_pkace_48_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_3072_sub_in_pkace_48_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -8283,85 +13336,99 @@ SP_NOINLINE static sp_digit sp_3072_sub_in_place_48(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_3072_mul_48(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[48 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #192\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #188\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x180\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_3072_mul_48_outer:\n\t"
+        "SUBS	r3, r5, #0xbc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_3072_mul_48_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_3072_mul_48_inner_done\n\t"
+#else
+        "BGT.N	L_sp_3072_mul_48_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BLT	L_sp_3072_mul_48_inner\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BLT.N	L_sp_3072_mul_48_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mul_48_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x174\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #120\n\t"
-        "cmp	r8, r6\n\t"
+        "BLE	L_sp_3072_mul_48_outer\n\t"
+#else
+        "BLE.N	L_sp_3072_mul_48_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #188]\n\t"
+        "LDR	r11, [%[b], #188]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_3072_mul_48_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BGT	L_sp_3072_mul_48_store\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BGT.N	L_sp_3072_mul_48_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -8369,137 +13436,98 @@ SP_NOINLINE static void sp_3072_mul_48(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_sqr_48(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_3072_sqr_48(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #128\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #188\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #192\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "SUB	sp, sp, #0x180\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_3072_sqr_48_outer:\n\t"
+        "SUBS	r3, r5, #0xbc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_3072_sqr_48_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_3072_sqr_48_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_3072_sqr_48_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_3072_sqr_48_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #120\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_3072_sqr_48_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_3072_sqr_48_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x174\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #1\n\t"
-        "lsl	r3, r3, #8\n\t"
-        "add	r3, r3, #124\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_3072_sqr_48_outer\n\t"
+#else
+        "BLE.N	L_sp_3072_sqr_48_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #188]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_3072_sqr_48_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
-#else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #128\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT	L_sp_3072_sqr_48_store\n\t"
+#else
+        "BGT.N	L_sp_3072_sqr_48_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -8519,48 +13547,566 @@ static void sp_3072_mont_setup(const sp_digit* a, sp_digit* rho)
     *rho = (sp_digit)0 - x;
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #384\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_3072_mul_d_96_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x180\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_3072_mul_d_96_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_3072_mul_d_96_word\n\t"
+#endif
+        "STR	r3, [%[r], #384]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_96(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_96(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[32] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[33] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[34] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[35] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[36] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[37] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[38] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[39] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[40] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[41] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[42] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[43] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[44] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[45] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[46] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[47] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[48] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[49] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[50] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[51] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[52] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[53] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[54] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[55] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[56] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[57] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[58] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[59] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[60] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[61] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[62] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[63] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[64] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[65] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[66] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[67] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[68] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[69] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[70] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[71] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[72] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[73] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[74] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[75] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[76] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[77] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[78] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[79] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[80] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[81] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[82] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[83] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[84] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[85] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[86] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[87] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[88] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[89] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[90] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[91] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[92] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[93] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[94] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[95] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "STR	r3, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
 /* r = 2^n mod m where n is the number of bits to reduce by.
  * Given m must be 3072 bits, just need to subtract.
@@ -8576,6 +14122,7 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
     sp_3072_sub_in_place_48(r, m);
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -8584,141 +14131,1181 @@ static void sp_3072_mont_norm_48(sp_digit* r, const sp_digit* m)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #192\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_3072_cond_sub_48_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0xc0\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_3072_cond_sub_48_words\n\t"
+#else
+        "BLT.N	L_sp_3072_cond_sub_48_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_3072_cond_sub_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r9, [%[m], #128]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r9, [%[m], #132]\n\t"
+        "LDR	r12, [%[a], #132]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #132]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r9, [%[m], #136]\n\t"
+        "LDR	r12, [%[a], #136]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #136]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r9, [%[m], #140]\n\t"
+        "LDR	r12, [%[a], #140]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #140]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r9, [%[m], #144]\n\t"
+        "LDR	r12, [%[a], #144]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #144]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r9, [%[m], #148]\n\t"
+        "LDR	r12, [%[a], #148]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #148]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r9, [%[m], #152]\n\t"
+        "LDR	r12, [%[a], #152]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #152]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r9, [%[m], #156]\n\t"
+        "LDR	r12, [%[a], #156]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #156]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r9, [%[m], #160]\n\t"
+        "LDR	r12, [%[a], #160]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #160]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r9, [%[m], #164]\n\t"
+        "LDR	r12, [%[a], #164]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #164]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r9, [%[m], #168]\n\t"
+        "LDR	r12, [%[a], #168]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #168]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r9, [%[m], #172]\n\t"
+        "LDR	r12, [%[a], #172]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #172]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r9, [%[m], #176]\n\t"
+        "LDR	r12, [%[a], #176]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #176]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r9, [%[m], #180]\n\t"
+        "LDR	r12, [%[a], #180]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #180]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r9, [%[m], #184]\n\t"
+        "LDR	r12, [%[a], #184]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #184]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r9, [%[m], #188]\n\t"
+        "LDR	r12, [%[a], #188]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #188]\n\t"
+        "LDR	r12, [%[a], #192]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #192]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0xc0\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_3072_mont_reduce_48_word\n\t"
+#else
+        "BLT.W	L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
 }
 
+#else
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #192\n\t"
-        "\n1:\n\t"
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #184\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
         /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0xc0\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BLT	L_sp_3072_mont_reduce_48_mul\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_48_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #192]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #192]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_48_word\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r12, [%[m], #128]\n\t"
+        "LDR	r11, [%[a], #128]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r12, [%[m], #132]\n\t"
+        "LDR	r11, [%[a], #132]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r12, [%[m], #136]\n\t"
+        "LDR	r11, [%[a], #136]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r12, [%[m], #140]\n\t"
+        "LDR	r11, [%[a], #140]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r12, [%[m], #144]\n\t"
+        "LDR	r11, [%[a], #144]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r12, [%[m], #148]\n\t"
+        "LDR	r11, [%[a], #148]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r12, [%[m], #152]\n\t"
+        "LDR	r11, [%[a], #152]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r12, [%[m], #156]\n\t"
+        "LDR	r11, [%[a], #156]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r12, [%[m], #160]\n\t"
+        "LDR	r11, [%[a], #160]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r12, [%[m], #164]\n\t"
+        "LDR	r11, [%[a], #164]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r12, [%[m], #168]\n\t"
+        "LDR	r11, [%[a], #168]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r12, [%[m], #172]\n\t"
+        "LDR	r11, [%[a], #172]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r12, [%[m], #176]\n\t"
+        "LDR	r11, [%[a], #176]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r12, [%[m], #180]\n\t"
+        "LDR	r11, [%[a], #180]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #180]\n\t"
         /* a[i+46] += m[46] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r12, [%[m], #184]\n\t"
+        "LDR	r11, [%[a], #184]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #184]\n\t"
         /* a[i+47] += m[47] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[47] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[47] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #184\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r12, [%[m], #188]\n\t"
+        "LDR	r11, [%[a], #188]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #192]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #188]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #192]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0xc0\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_3072_mont_reduce_48_word\n\t"
+#else
+        "BLT.W	L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
+}
 
-    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_word:\n\t"
+        /* mu = a[i] * mp */
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_48_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+1] += m[j+1] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_48_mul\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_48_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #192]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #192]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0xc0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_48_word\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_48_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_3072_cond_sub_48(a - 48, a, m, (sp_digit)0 - mp);
 }
 
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -8726,7 +15313,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -8740,7 +15327,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -8749,48 +15336,392 @@ SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
     sp_3072_mont_reduce_48(r, m, mp);
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #192\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_3072_mul_d_48_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0xc0\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_3072_mul_d_48_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_3072_mul_d_48_word\n\t"
+#endif
+        "STR	r3, [%[r], #192]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_mul_d_48(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[32] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[33] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[34] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[35] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[36] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[37] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[38] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[39] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[40] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[41] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[42] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[43] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[44] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[45] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[46] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[47] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "STR	r3, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -8800,49 +15731,69 @@ SP_NOINLINE static void sp_3072_mul_d_48(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_3072_word_48_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_3072_word_48_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* Compare a with b in constant time.
  *
  * a  A single precision integer.
@@ -8850,44 +15801,577 @@ SP_NOINLINE static sp_digit div_3072_word_48(sp_digit d1, sp_digit d0,
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_3072_cmp_48(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #188\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0xbc\n\t"
+        "\n"
+    "L_sp_3072_cmp_48_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_3072_cmp_48_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #188]\n\t"
+        "LDR	r5, [%[b], #188]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #184]\n\t"
+        "LDR	r5, [%[b], #184]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #180]\n\t"
+        "LDR	r5, [%[b], #180]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #176]\n\t"
+        "LDR	r5, [%[b], #176]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #172]\n\t"
+        "LDR	r5, [%[b], #172]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #168]\n\t"
+        "LDR	r5, [%[b], #168]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #164]\n\t"
+        "LDR	r5, [%[b], #164]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #160]\n\t"
+        "LDR	r5, [%[b], #160]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #156]\n\t"
+        "LDR	r5, [%[b], #156]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #152]\n\t"
+        "LDR	r5, [%[b], #152]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #148]\n\t"
+        "LDR	r5, [%[b], #148]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #144]\n\t"
+        "LDR	r5, [%[b], #144]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #140]\n\t"
+        "LDR	r5, [%[b], #140]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #136]\n\t"
+        "LDR	r5, [%[b], #136]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #132]\n\t"
+        "LDR	r5, [%[b], #132]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "LDR	r5, [%[b], #128]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -8899,8 +16383,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_48(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_48(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[96], t2[49];
     sp_digit div, r1;
@@ -9286,6 +16770,7 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
 }
 
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -9294,143 +16779,1973 @@ static void sp_3072_mont_norm_96(sp_digit* r, const sp_digit* m)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #1\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "add	r5, r5, #128\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_3072_cond_sub_96_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x180\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_3072_cond_sub_96_words\n\t"
+#else
+        "BLT.N	L_sp_3072_cond_sub_96_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_3072_cond_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r9, [%[m], #128]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r9, [%[m], #132]\n\t"
+        "LDR	r12, [%[a], #132]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #132]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r9, [%[m], #136]\n\t"
+        "LDR	r12, [%[a], #136]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #136]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r9, [%[m], #140]\n\t"
+        "LDR	r12, [%[a], #140]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #140]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r9, [%[m], #144]\n\t"
+        "LDR	r12, [%[a], #144]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #144]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r9, [%[m], #148]\n\t"
+        "LDR	r12, [%[a], #148]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #148]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r9, [%[m], #152]\n\t"
+        "LDR	r12, [%[a], #152]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #152]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r9, [%[m], #156]\n\t"
+        "LDR	r12, [%[a], #156]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #156]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r9, [%[m], #160]\n\t"
+        "LDR	r12, [%[a], #160]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #160]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r9, [%[m], #164]\n\t"
+        "LDR	r12, [%[a], #164]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #164]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r9, [%[m], #168]\n\t"
+        "LDR	r12, [%[a], #168]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #168]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r9, [%[m], #172]\n\t"
+        "LDR	r12, [%[a], #172]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #172]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r9, [%[m], #176]\n\t"
+        "LDR	r12, [%[a], #176]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #176]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r9, [%[m], #180]\n\t"
+        "LDR	r12, [%[a], #180]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #180]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r9, [%[m], #184]\n\t"
+        "LDR	r12, [%[a], #184]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #184]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r9, [%[m], #188]\n\t"
+        "LDR	r12, [%[a], #188]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #188]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r9, [%[m], #192]\n\t"
+        "LDR	r12, [%[a], #192]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #192]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r9, [%[m], #196]\n\t"
+        "LDR	r12, [%[a], #196]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #196]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r9, [%[m], #200]\n\t"
+        "LDR	r12, [%[a], #200]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #200]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r9, [%[m], #204]\n\t"
+        "LDR	r12, [%[a], #204]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #204]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r9, [%[m], #208]\n\t"
+        "LDR	r12, [%[a], #208]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #208]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r9, [%[m], #212]\n\t"
+        "LDR	r12, [%[a], #212]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #212]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r9, [%[m], #216]\n\t"
+        "LDR	r12, [%[a], #216]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #216]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r9, [%[m], #220]\n\t"
+        "LDR	r12, [%[a], #220]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #220]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r9, [%[m], #224]\n\t"
+        "LDR	r12, [%[a], #224]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #224]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r9, [%[m], #228]\n\t"
+        "LDR	r12, [%[a], #228]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #228]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r9, [%[m], #232]\n\t"
+        "LDR	r12, [%[a], #232]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #232]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r9, [%[m], #236]\n\t"
+        "LDR	r12, [%[a], #236]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #236]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r9, [%[m], #240]\n\t"
+        "LDR	r12, [%[a], #240]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #240]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r9, [%[m], #244]\n\t"
+        "LDR	r12, [%[a], #244]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #244]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "LDR	r9, [%[m], #248]\n\t"
+        "LDR	r12, [%[a], #248]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #248]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "LDR	r9, [%[m], #252]\n\t"
+        "LDR	r12, [%[a], #252]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #252]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+64] += m[64] * mu */
+        "LDR	r9, [%[m], #256]\n\t"
+        "LDR	r12, [%[a], #256]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #256]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+65] += m[65] * mu */
+        "LDR	r9, [%[m], #260]\n\t"
+        "LDR	r12, [%[a], #260]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #260]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+66] += m[66] * mu */
+        "LDR	r9, [%[m], #264]\n\t"
+        "LDR	r12, [%[a], #264]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #264]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+67] += m[67] * mu */
+        "LDR	r9, [%[m], #268]\n\t"
+        "LDR	r12, [%[a], #268]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #268]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+68] += m[68] * mu */
+        "LDR	r9, [%[m], #272]\n\t"
+        "LDR	r12, [%[a], #272]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #272]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+69] += m[69] * mu */
+        "LDR	r9, [%[m], #276]\n\t"
+        "LDR	r12, [%[a], #276]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #276]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+70] += m[70] * mu */
+        "LDR	r9, [%[m], #280]\n\t"
+        "LDR	r12, [%[a], #280]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #280]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+71] += m[71] * mu */
+        "LDR	r9, [%[m], #284]\n\t"
+        "LDR	r12, [%[a], #284]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #284]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+72] += m[72] * mu */
+        "LDR	r9, [%[m], #288]\n\t"
+        "LDR	r12, [%[a], #288]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #288]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+73] += m[73] * mu */
+        "LDR	r9, [%[m], #292]\n\t"
+        "LDR	r12, [%[a], #292]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #292]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+74] += m[74] * mu */
+        "LDR	r9, [%[m], #296]\n\t"
+        "LDR	r12, [%[a], #296]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #296]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+75] += m[75] * mu */
+        "LDR	r9, [%[m], #300]\n\t"
+        "LDR	r12, [%[a], #300]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #300]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+76] += m[76] * mu */
+        "LDR	r9, [%[m], #304]\n\t"
+        "LDR	r12, [%[a], #304]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #304]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+77] += m[77] * mu */
+        "LDR	r9, [%[m], #308]\n\t"
+        "LDR	r12, [%[a], #308]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #308]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+78] += m[78] * mu */
+        "LDR	r9, [%[m], #312]\n\t"
+        "LDR	r12, [%[a], #312]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #312]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+79] += m[79] * mu */
+        "LDR	r9, [%[m], #316]\n\t"
+        "LDR	r12, [%[a], #316]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #316]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+80] += m[80] * mu */
+        "LDR	r9, [%[m], #320]\n\t"
+        "LDR	r12, [%[a], #320]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #320]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+81] += m[81] * mu */
+        "LDR	r9, [%[m], #324]\n\t"
+        "LDR	r12, [%[a], #324]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #324]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+82] += m[82] * mu */
+        "LDR	r9, [%[m], #328]\n\t"
+        "LDR	r12, [%[a], #328]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #328]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+83] += m[83] * mu */
+        "LDR	r9, [%[m], #332]\n\t"
+        "LDR	r12, [%[a], #332]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #332]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+84] += m[84] * mu */
+        "LDR	r9, [%[m], #336]\n\t"
+        "LDR	r12, [%[a], #336]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #336]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+85] += m[85] * mu */
+        "LDR	r9, [%[m], #340]\n\t"
+        "LDR	r12, [%[a], #340]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #340]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+86] += m[86] * mu */
+        "LDR	r9, [%[m], #344]\n\t"
+        "LDR	r12, [%[a], #344]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #344]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+87] += m[87] * mu */
+        "LDR	r9, [%[m], #348]\n\t"
+        "LDR	r12, [%[a], #348]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #348]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+88] += m[88] * mu */
+        "LDR	r9, [%[m], #352]\n\t"
+        "LDR	r12, [%[a], #352]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #352]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+89] += m[89] * mu */
+        "LDR	r9, [%[m], #356]\n\t"
+        "LDR	r12, [%[a], #356]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #356]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+90] += m[90] * mu */
+        "LDR	r9, [%[m], #360]\n\t"
+        "LDR	r12, [%[a], #360]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #360]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+91] += m[91] * mu */
+        "LDR	r9, [%[m], #364]\n\t"
+        "LDR	r12, [%[a], #364]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #364]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+92] += m[92] * mu */
+        "LDR	r9, [%[m], #368]\n\t"
+        "LDR	r12, [%[a], #368]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #368]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+93] += m[93] * mu */
+        "LDR	r9, [%[m], #372]\n\t"
+        "LDR	r12, [%[a], #372]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #372]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+94] += m[94] * mu */
+        "LDR	r9, [%[m], #376]\n\t"
+        "LDR	r12, [%[a], #376]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #376]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+95] += m[95] * mu */
+        "LDR	r9, [%[m], #380]\n\t"
+        "LDR	r12, [%[a], #380]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #380]\n\t"
+        "LDR	r12, [%[a], #384]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #384]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x180\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_3072_mont_reduce_96_word\n\t"
+#else
+        "BLT.W	L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
 }
 
+#else
 /* Reduce the number back to 3072 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #384\n\t"
-        "\n1:\n\t"
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #376\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
         /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_96_mul\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_96_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #384]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #384]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x180\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BLT	L_sp_3072_mont_reduce_96_word\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r12, [%[m], #128]\n\t"
+        "LDR	r11, [%[a], #128]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r12, [%[m], #132]\n\t"
+        "LDR	r11, [%[a], #132]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r12, [%[m], #136]\n\t"
+        "LDR	r11, [%[a], #136]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r12, [%[m], #140]\n\t"
+        "LDR	r11, [%[a], #140]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r12, [%[m], #144]\n\t"
+        "LDR	r11, [%[a], #144]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r12, [%[m], #148]\n\t"
+        "LDR	r11, [%[a], #148]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r12, [%[m], #152]\n\t"
+        "LDR	r11, [%[a], #152]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r12, [%[m], #156]\n\t"
+        "LDR	r11, [%[a], #156]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r12, [%[m], #160]\n\t"
+        "LDR	r11, [%[a], #160]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r12, [%[m], #164]\n\t"
+        "LDR	r11, [%[a], #164]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r12, [%[m], #168]\n\t"
+        "LDR	r11, [%[a], #168]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r12, [%[m], #172]\n\t"
+        "LDR	r11, [%[a], #172]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r12, [%[m], #176]\n\t"
+        "LDR	r11, [%[a], #176]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r12, [%[m], #180]\n\t"
+        "LDR	r11, [%[a], #180]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r12, [%[m], #184]\n\t"
+        "LDR	r11, [%[a], #184]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r12, [%[m], #188]\n\t"
+        "LDR	r11, [%[a], #188]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r12, [%[m], #192]\n\t"
+        "LDR	r11, [%[a], #192]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r12, [%[m], #196]\n\t"
+        "LDR	r11, [%[a], #196]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r12, [%[m], #200]\n\t"
+        "LDR	r11, [%[a], #200]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r12, [%[m], #204]\n\t"
+        "LDR	r11, [%[a], #204]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r12, [%[m], #208]\n\t"
+        "LDR	r11, [%[a], #208]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r12, [%[m], #212]\n\t"
+        "LDR	r11, [%[a], #212]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r12, [%[m], #216]\n\t"
+        "LDR	r11, [%[a], #216]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r12, [%[m], #220]\n\t"
+        "LDR	r11, [%[a], #220]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r12, [%[m], #224]\n\t"
+        "LDR	r11, [%[a], #224]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r12, [%[m], #228]\n\t"
+        "LDR	r11, [%[a], #228]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r12, [%[m], #232]\n\t"
+        "LDR	r11, [%[a], #232]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r12, [%[m], #236]\n\t"
+        "LDR	r11, [%[a], #236]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r12, [%[m], #240]\n\t"
+        "LDR	r11, [%[a], #240]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r12, [%[m], #244]\n\t"
+        "LDR	r11, [%[a], #244]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #244]\n\t"
+        /* a[i+62] += m[62] * mu */
+        "LDR	r12, [%[m], #248]\n\t"
+        "LDR	r11, [%[a], #248]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #248]\n\t"
+        /* a[i+63] += m[63] * mu */
+        "LDR	r12, [%[m], #252]\n\t"
+        "LDR	r11, [%[a], #252]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #252]\n\t"
+        /* a[i+64] += m[64] * mu */
+        "LDR	r12, [%[m], #256]\n\t"
+        "LDR	r11, [%[a], #256]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #256]\n\t"
+        /* a[i+65] += m[65] * mu */
+        "LDR	r12, [%[m], #260]\n\t"
+        "LDR	r11, [%[a], #260]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #260]\n\t"
+        /* a[i+66] += m[66] * mu */
+        "LDR	r12, [%[m], #264]\n\t"
+        "LDR	r11, [%[a], #264]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #264]\n\t"
+        /* a[i+67] += m[67] * mu */
+        "LDR	r12, [%[m], #268]\n\t"
+        "LDR	r11, [%[a], #268]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #268]\n\t"
+        /* a[i+68] += m[68] * mu */
+        "LDR	r12, [%[m], #272]\n\t"
+        "LDR	r11, [%[a], #272]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #272]\n\t"
+        /* a[i+69] += m[69] * mu */
+        "LDR	r12, [%[m], #276]\n\t"
+        "LDR	r11, [%[a], #276]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #276]\n\t"
+        /* a[i+70] += m[70] * mu */
+        "LDR	r12, [%[m], #280]\n\t"
+        "LDR	r11, [%[a], #280]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #280]\n\t"
+        /* a[i+71] += m[71] * mu */
+        "LDR	r12, [%[m], #284]\n\t"
+        "LDR	r11, [%[a], #284]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #284]\n\t"
+        /* a[i+72] += m[72] * mu */
+        "LDR	r12, [%[m], #288]\n\t"
+        "LDR	r11, [%[a], #288]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #288]\n\t"
+        /* a[i+73] += m[73] * mu */
+        "LDR	r12, [%[m], #292]\n\t"
+        "LDR	r11, [%[a], #292]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #292]\n\t"
+        /* a[i+74] += m[74] * mu */
+        "LDR	r12, [%[m], #296]\n\t"
+        "LDR	r11, [%[a], #296]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #296]\n\t"
+        /* a[i+75] += m[75] * mu */
+        "LDR	r12, [%[m], #300]\n\t"
+        "LDR	r11, [%[a], #300]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #300]\n\t"
+        /* a[i+76] += m[76] * mu */
+        "LDR	r12, [%[m], #304]\n\t"
+        "LDR	r11, [%[a], #304]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #304]\n\t"
+        /* a[i+77] += m[77] * mu */
+        "LDR	r12, [%[m], #308]\n\t"
+        "LDR	r11, [%[a], #308]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #308]\n\t"
+        /* a[i+78] += m[78] * mu */
+        "LDR	r12, [%[m], #312]\n\t"
+        "LDR	r11, [%[a], #312]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #312]\n\t"
+        /* a[i+79] += m[79] * mu */
+        "LDR	r12, [%[m], #316]\n\t"
+        "LDR	r11, [%[a], #316]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #316]\n\t"
+        /* a[i+80] += m[80] * mu */
+        "LDR	r12, [%[m], #320]\n\t"
+        "LDR	r11, [%[a], #320]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #320]\n\t"
+        /* a[i+81] += m[81] * mu */
+        "LDR	r12, [%[m], #324]\n\t"
+        "LDR	r11, [%[a], #324]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #324]\n\t"
+        /* a[i+82] += m[82] * mu */
+        "LDR	r12, [%[m], #328]\n\t"
+        "LDR	r11, [%[a], #328]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #328]\n\t"
+        /* a[i+83] += m[83] * mu */
+        "LDR	r12, [%[m], #332]\n\t"
+        "LDR	r11, [%[a], #332]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #332]\n\t"
+        /* a[i+84] += m[84] * mu */
+        "LDR	r12, [%[m], #336]\n\t"
+        "LDR	r11, [%[a], #336]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #336]\n\t"
+        /* a[i+85] += m[85] * mu */
+        "LDR	r12, [%[m], #340]\n\t"
+        "LDR	r11, [%[a], #340]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #340]\n\t"
+        /* a[i+86] += m[86] * mu */
+        "LDR	r12, [%[m], #344]\n\t"
+        "LDR	r11, [%[a], #344]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #344]\n\t"
+        /* a[i+87] += m[87] * mu */
+        "LDR	r12, [%[m], #348]\n\t"
+        "LDR	r11, [%[a], #348]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #348]\n\t"
+        /* a[i+88] += m[88] * mu */
+        "LDR	r12, [%[m], #352]\n\t"
+        "LDR	r11, [%[a], #352]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #352]\n\t"
+        /* a[i+89] += m[89] * mu */
+        "LDR	r12, [%[m], #356]\n\t"
+        "LDR	r11, [%[a], #356]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #356]\n\t"
+        /* a[i+90] += m[90] * mu */
+        "LDR	r12, [%[m], #360]\n\t"
+        "LDR	r11, [%[a], #360]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #360]\n\t"
+        /* a[i+91] += m[91] * mu */
+        "LDR	r12, [%[m], #364]\n\t"
+        "LDR	r11, [%[a], #364]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #364]\n\t"
+        /* a[i+92] += m[92] * mu */
+        "LDR	r12, [%[m], #368]\n\t"
+        "LDR	r11, [%[a], #368]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #368]\n\t"
+        /* a[i+93] += m[93] * mu */
+        "LDR	r12, [%[m], #372]\n\t"
+        "LDR	r11, [%[a], #372]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #372]\n\t"
         /* a[i+94] += m[94] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r12, [%[m], #376]\n\t"
+        "LDR	r11, [%[a], #376]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #376]\n\t"
         /* a[i+95] += m[95] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[95] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[95] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #376\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r12, [%[m], #380]\n\t"
+        "LDR	r11, [%[a], #380]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #384]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #380]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #384]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x180\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_3072_mont_reduce_96_word\n\t"
+#else
+        "BLT.W	L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
+}
 
-    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - ca);
+#else
+/* Reduce the number back to 3072 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_word:\n\t"
+        /* mu = a[i] * mp */
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_3072_mont_reduce_96_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+1] += m[j+1] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_96_mul\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_96_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #384]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #384]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x180\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_3072_mont_reduce_96_word\n\t"
+#else
+        "BLT.N	L_sp_3072_mont_reduce_96_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_3072_cond_sub_96(a - 96, a, m, (sp_digit)0 - mp);
 }
 
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -9438,7 +18753,7 @@ SP_NOINLINE static void sp_3072_mont_reduce_96(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -9452,7 +18767,7 @@ SP_NOINLINE static void sp_3072_mont_mul_96(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -9468,40 +18783,44 @@ SP_NOINLINE static void sp_3072_mont_sqr_96(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r5, #1\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "add	r5, r5, #128\n\t"
-        "add	r6, r6, r5\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x180\n\t"
+        "\n"
+    "L_sp_3072_sub_96_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_3072_sub_96_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_3072_sub_96_word\n\t"
+#endif
+        "MOV	%[r], r11\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
@@ -9511,262 +18830,262 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_sub_96(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)d1;
+}
+
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -9776,49 +19095,69 @@ SP_NOINLINE static sp_digit sp_3072_sub_96(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_3072_word_96_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_3072_word_96_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* Divide d in a and put remainder into r (m*d + r = a)
  * m is not calculated as it is not needed at this time.
  *
@@ -9828,8 +19167,8 @@ SP_NOINLINE static sp_digit div_3072_word_96(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -9891,6 +19230,7 @@ static WC_INLINE int sp_3072_mod_96_cond(sp_digit* r, const sp_digit* a, const s
 }
 
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -9928,46 +19268,1105 @@ static void sp_3072_mask_96(sp_digit* r, const sp_digit* a, sp_digit m)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_3072_cmp_96(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #124\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x17c\n\t"
+        "\n"
+    "L_sp_3072_cmp_96_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_3072_cmp_96_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #380]\n\t"
+        "LDR	r5, [%[b], #380]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #376]\n\t"
+        "LDR	r5, [%[b], #376]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #372]\n\t"
+        "LDR	r5, [%[b], #372]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #368]\n\t"
+        "LDR	r5, [%[b], #368]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #364]\n\t"
+        "LDR	r5, [%[b], #364]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #360]\n\t"
+        "LDR	r5, [%[b], #360]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #356]\n\t"
+        "LDR	r5, [%[b], #356]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #352]\n\t"
+        "LDR	r5, [%[b], #352]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #348]\n\t"
+        "LDR	r5, [%[b], #348]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #344]\n\t"
+        "LDR	r5, [%[b], #344]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #340]\n\t"
+        "LDR	r5, [%[b], #340]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #336]\n\t"
+        "LDR	r5, [%[b], #336]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #332]\n\t"
+        "LDR	r5, [%[b], #332]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #328]\n\t"
+        "LDR	r5, [%[b], #328]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #324]\n\t"
+        "LDR	r5, [%[b], #324]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #320]\n\t"
+        "LDR	r5, [%[b], #320]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #316]\n\t"
+        "LDR	r5, [%[b], #316]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #312]\n\t"
+        "LDR	r5, [%[b], #312]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #308]\n\t"
+        "LDR	r5, [%[b], #308]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #304]\n\t"
+        "LDR	r5, [%[b], #304]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #300]\n\t"
+        "LDR	r5, [%[b], #300]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #296]\n\t"
+        "LDR	r5, [%[b], #296]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #292]\n\t"
+        "LDR	r5, [%[b], #292]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #288]\n\t"
+        "LDR	r5, [%[b], #288]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #284]\n\t"
+        "LDR	r5, [%[b], #284]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #280]\n\t"
+        "LDR	r5, [%[b], #280]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #276]\n\t"
+        "LDR	r5, [%[b], #276]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #272]\n\t"
+        "LDR	r5, [%[b], #272]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #268]\n\t"
+        "LDR	r5, [%[b], #268]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #264]\n\t"
+        "LDR	r5, [%[b], #264]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #260]\n\t"
+        "LDR	r5, [%[b], #260]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #256]\n\t"
+        "LDR	r5, [%[b], #256]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #252]\n\t"
+        "LDR	r5, [%[b], #252]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #248]\n\t"
+        "LDR	r5, [%[b], #248]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #244]\n\t"
+        "LDR	r5, [%[b], #244]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #240]\n\t"
+        "LDR	r5, [%[b], #240]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #236]\n\t"
+        "LDR	r5, [%[b], #236]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #232]\n\t"
+        "LDR	r5, [%[b], #232]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #228]\n\t"
+        "LDR	r5, [%[b], #228]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #224]\n\t"
+        "LDR	r5, [%[b], #224]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #220]\n\t"
+        "LDR	r5, [%[b], #220]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #216]\n\t"
+        "LDR	r5, [%[b], #216]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #212]\n\t"
+        "LDR	r5, [%[b], #212]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #208]\n\t"
+        "LDR	r5, [%[b], #208]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #204]\n\t"
+        "LDR	r5, [%[b], #204]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #200]\n\t"
+        "LDR	r5, [%[b], #200]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #196]\n\t"
+        "LDR	r5, [%[b], #196]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #192]\n\t"
+        "LDR	r5, [%[b], #192]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #188]\n\t"
+        "LDR	r5, [%[b], #188]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #184]\n\t"
+        "LDR	r5, [%[b], #184]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #180]\n\t"
+        "LDR	r5, [%[b], #180]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #176]\n\t"
+        "LDR	r5, [%[b], #176]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #172]\n\t"
+        "LDR	r5, [%[b], #172]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #168]\n\t"
+        "LDR	r5, [%[b], #168]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #164]\n\t"
+        "LDR	r5, [%[b], #164]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #160]\n\t"
+        "LDR	r5, [%[b], #160]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #156]\n\t"
+        "LDR	r5, [%[b], #156]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #152]\n\t"
+        "LDR	r5, [%[b], #152]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #148]\n\t"
+        "LDR	r5, [%[b], #148]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #144]\n\t"
+        "LDR	r5, [%[b], #144]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #140]\n\t"
+        "LDR	r5, [%[b], #140]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #136]\n\t"
+        "LDR	r5, [%[b], #136]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #132]\n\t"
+        "LDR	r5, [%[b], #132]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "LDR	r5, [%[b], #128]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -9979,8 +20378,8 @@ SP_NOINLINE static sp_int32 sp_3072_cmp_96(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_3072_div_96(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[192], t2[97];
     sp_digit div, r1;
@@ -10025,6 +20424,7 @@ static WC_INLINE int sp_3072_mod_96(sp_digit* r, const sp_digit* a, const sp_dig
     return sp_3072_div_96(a, m, NULL, r);
 }
 
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
                                                      defined(WOLFSSL_HAVE_SP_DH)
 #ifdef WOLFSSL_SP_SMALL
@@ -10488,6 +20888,7 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
 }
 
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -10496,39 +20897,248 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
  * b  A single precision number to add.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #192\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_3072_cond_add_48_words:\n\t"
+        "ADDS	r5, r5, #0xffffffff\n\t"
+        "LDR	r6, [%[a], r4]\n\t"
+        "LDR	r7, [%[b], r4]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "ADCS	r6, r6, r7\n\t"
+        "ADC	r5, r8, r8\n\t"
+        "STR	r6, [%[r], r4]\n\t"
+        "ADD	r4, r4, #0x4\n\t"
+        "CMP	r4, #0xc0\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_3072_cond_add_48_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_3072_cond_add_48_words\n\t"
+#endif
+        "MOV	%[r], r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_3072_cond_add_48(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_3072_cond_add_48(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "ADC	%[r], r10, r10\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 /* RSA private key operation.
  *
  * in      Array of bytes representing the number to exponentiate, base.
@@ -10843,602 +21453,599 @@ int sp_ModExp_3072(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef WOLFSSL_HAVE_SP_DH
 
 #ifdef HAVE_FFDHE_3072
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_3072_lshift_96(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
 static void sp_3072_lshift_96(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #31\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "add	%[a], %[a], #320\n\t"
-        "add	%[r], %[r], #320\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "lsr	r4, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r4, r4, r6\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r2, [%[r], #64]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r2, [%[r], #52]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r2, [%[r], #40]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r2, [%[r], #28]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r2, [%[r], #16]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #0]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r2, [%[r], #68]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r2, [%[r], #64]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r2, [%[r], #52]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r2, [%[r], #40]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r2, [%[r], #28]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r2, [%[r], #16]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #0]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "str	r2, [%[r], #4]\n\t"
+        "RSB	r7, %[n], #0x1f\n\t"
+        "LDR	r5, [%[a], #380]\n\t"
+        "LSR	r6, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r6, r6, r7\n\t"
+        "LDR	r4, [%[a], #376]\n\t"
+        "STR	r6, [%[r], #384]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #372]\n\t"
+        "STR	r5, [%[r], #380]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #368]\n\t"
+        "STR	r4, [%[r], #376]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #364]\n\t"
+        "STR	r6, [%[r], #372]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #360]\n\t"
+        "STR	r5, [%[r], #368]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #356]\n\t"
+        "STR	r4, [%[r], #364]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #352]\n\t"
+        "STR	r6, [%[r], #360]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #348]\n\t"
+        "STR	r5, [%[r], #356]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #344]\n\t"
+        "STR	r4, [%[r], #352]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #340]\n\t"
+        "STR	r6, [%[r], #348]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #336]\n\t"
+        "STR	r5, [%[r], #344]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #332]\n\t"
+        "STR	r4, [%[r], #340]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #328]\n\t"
+        "STR	r6, [%[r], #336]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #324]\n\t"
+        "STR	r5, [%[r], #332]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #320]\n\t"
+        "STR	r4, [%[r], #328]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #316]\n\t"
+        "STR	r6, [%[r], #324]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #312]\n\t"
+        "STR	r5, [%[r], #320]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #308]\n\t"
+        "STR	r4, [%[r], #316]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #304]\n\t"
+        "STR	r6, [%[r], #312]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #300]\n\t"
+        "STR	r5, [%[r], #308]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #296]\n\t"
+        "STR	r4, [%[r], #304]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #292]\n\t"
+        "STR	r6, [%[r], #300]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #288]\n\t"
+        "STR	r5, [%[r], #296]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #284]\n\t"
+        "STR	r4, [%[r], #292]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #280]\n\t"
+        "STR	r6, [%[r], #288]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #276]\n\t"
+        "STR	r5, [%[r], #284]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #272]\n\t"
+        "STR	r4, [%[r], #280]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #268]\n\t"
+        "STR	r6, [%[r], #276]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #264]\n\t"
+        "STR	r5, [%[r], #272]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #260]\n\t"
+        "STR	r4, [%[r], #268]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #256]\n\t"
+        "STR	r6, [%[r], #264]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #252]\n\t"
+        "STR	r5, [%[r], #260]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #248]\n\t"
+        "STR	r4, [%[r], #256]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #244]\n\t"
+        "STR	r6, [%[r], #252]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #240]\n\t"
+        "STR	r5, [%[r], #248]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #236]\n\t"
+        "STR	r4, [%[r], #244]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #232]\n\t"
+        "STR	r6, [%[r], #240]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #228]\n\t"
+        "STR	r5, [%[r], #236]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #224]\n\t"
+        "STR	r4, [%[r], #232]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #220]\n\t"
+        "STR	r6, [%[r], #228]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #216]\n\t"
+        "STR	r5, [%[r], #224]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #212]\n\t"
+        "STR	r4, [%[r], #220]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #208]\n\t"
+        "STR	r6, [%[r], #216]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #204]\n\t"
+        "STR	r5, [%[r], #212]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #200]\n\t"
+        "STR	r4, [%[r], #208]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #196]\n\t"
+        "STR	r6, [%[r], #204]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #192]\n\t"
+        "STR	r5, [%[r], #200]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #188]\n\t"
+        "STR	r4, [%[r], #196]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #184]\n\t"
+        "STR	r6, [%[r], #192]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #180]\n\t"
+        "STR	r5, [%[r], #188]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #176]\n\t"
+        "STR	r4, [%[r], #184]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #172]\n\t"
+        "STR	r6, [%[r], #180]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #168]\n\t"
+        "STR	r5, [%[r], #176]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #164]\n\t"
+        "STR	r4, [%[r], #172]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #160]\n\t"
+        "STR	r6, [%[r], #168]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #156]\n\t"
+        "STR	r5, [%[r], #164]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #152]\n\t"
+        "STR	r4, [%[r], #160]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #148]\n\t"
+        "STR	r6, [%[r], #156]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #144]\n\t"
+        "STR	r5, [%[r], #152]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #140]\n\t"
+        "STR	r4, [%[r], #148]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #136]\n\t"
+        "STR	r6, [%[r], #144]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #132]\n\t"
+        "STR	r5, [%[r], #140]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #128]\n\t"
+        "STR	r4, [%[r], #136]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #124]\n\t"
+        "STR	r6, [%[r], #132]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #120]\n\t"
+        "STR	r5, [%[r], #128]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #116]\n\t"
+        "STR	r4, [%[r], #124]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "STR	r6, [%[r], #120]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #108]\n\t"
+        "STR	r5, [%[r], #116]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #104]\n\t"
+        "STR	r4, [%[r], #112]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "STR	r6, [%[r], #108]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #96]\n\t"
+        "STR	r5, [%[r], #104]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #92]\n\t"
+        "STR	r4, [%[r], #100]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "STR	r6, [%[r], #96]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #84]\n\t"
+        "STR	r5, [%[r], #92]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #80]\n\t"
+        "STR	r4, [%[r], #88]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "STR	r6, [%[r], #84]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #72]\n\t"
+        "STR	r5, [%[r], #80]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #68]\n\t"
+        "STR	r4, [%[r], #76]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "STR	r6, [%[r], #72]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #60]\n\t"
+        "STR	r5, [%[r], #68]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #56]\n\t"
+        "STR	r4, [%[r], #64]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "STR	r6, [%[r], #60]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #48]\n\t"
+        "STR	r5, [%[r], #56]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #44]\n\t"
+        "STR	r4, [%[r], #52]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "STR	r6, [%[r], #48]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #36]\n\t"
+        "STR	r5, [%[r], #44]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #32]\n\t"
+        "STR	r4, [%[r], #40]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "STR	r6, [%[r], #36]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #24]\n\t"
+        "STR	r5, [%[r], #32]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #20]\n\t"
+        "STR	r4, [%[r], #28]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "STR	r6, [%[r], #24]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #12]\n\t"
+        "STR	r5, [%[r], #20]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "STR	r4, [%[r], #16]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "STR	r6, [%[r], #12]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "STR	r5, [%[r], #8]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "STR	r6, [%[r]]\n\t"
+        "STR	r4, [%[r], #4]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
     );
 }
 
@@ -11740,14 +22347,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -11852,345 +22459,253 @@ static void sp_4096_to_bin_128(sp_digit* r, byte* a)
 #define sp_4096_norm_128(a)
 
 #ifndef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -12199,340 +22714,250 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Multiply a and b into r. (r = a * b)
@@ -12618,39 +23043,45 @@ SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_add_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #512\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x200\n\t"
+        "\n"
+    "L_sp_4096_add_128_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_4096_add_128_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_4096_add_128_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -12660,39 +23091,43 @@ SP_NOINLINE static sp_digit sp_4096_add_128(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_in_place_128(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #512\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x200\n\t"
+        "\n"
+    "L_sp_4096_sub_in_pkace_128_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_4096_sub_in_pkace_128_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_4096_sub_in_pkace_128_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -12703,88 +23138,99 @@ SP_NOINLINE static sp_digit sp_4096_sub_in_place_128(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_4096_mul_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[128 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #252\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x400\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_4096_mul_128_outer:\n\t"
+        "SUBS	r3, r5, #0x1fc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_4096_mul_128_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_4096_mul_128_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BGT.N	L_sp_4096_mul_128_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_4096_mul_128_inner\n\t"
+#else
+        "BLT.N	L_sp_4096_mul_128_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_4096_mul_128_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x3f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #3\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLE	L_sp_4096_mul_128_outer\n\t"
+#else
+        "BLE.N	L_sp_4096_mul_128_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #508]\n\t"
+        "LDR	r11, [%[b], #508]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_4096_mul_128_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BGT	L_sp_4096_mul_128_store\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BGT.N	L_sp_4096_mul_128_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -12792,136 +23238,96 @@ SP_NOINLINE static void sp_4096_mul_128(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_sqr_128(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_4096_sqr_128(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #4\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #252\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
+        "SUB	sp, sp, #0x400\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_4096_sqr_128_outer:\n\t"
+        "SUBS	r3, r5, #0x1fc\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_4096_sqr_128_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #2\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_4096_sqr_128_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_4096_sqr_128_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_4096_sqr_128_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #3\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_4096_sqr_128_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_4096_sqr_128_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x3f4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #3\n\t"
-        "lsl	r3, r3, #8\n\t"
-        "add	r3, r3, #252\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_4096_sqr_128_outer\n\t"
+#else
+        "BLE.N	L_sp_4096_sqr_128_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #508]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_4096_sqr_128_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
+        "BGT	L_sp_4096_sqr_128_store\n\t"
 #else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #4\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT.N	L_sp_4096_sqr_128_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -12941,48 +23347,726 @@ static void sp_4096_mont_setup(const sp_digit* a, sp_digit* rho)
     *rho = (sp_digit)0 - x;
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #512\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_4096_mul_d_128_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x200\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_4096_mul_d_128_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_4096_mul_d_128_word\n\t"
+#endif
+        "STR	r3, [%[r], #512]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_mul_d_128(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_4096_mul_d_128(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[32] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[33] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[34] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[35] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[36] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[37] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[38] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[39] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[40] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[41] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[42] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[43] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[44] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[45] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[46] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[47] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[48] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[49] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[50] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[51] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[52] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[53] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[54] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[55] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[56] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[57] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[58] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[59] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[60] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[61] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[62] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[63] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[64] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[65] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[66] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[67] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[68] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[69] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[70] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[71] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[72] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[73] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[74] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[75] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[76] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[77] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[78] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[79] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[80] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[81] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[82] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[83] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[84] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[85] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[86] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[87] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[88] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[89] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[90] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[91] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[92] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[93] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[94] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[95] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[96] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[97] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[98] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[99] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[100] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[101] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[102] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[103] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[104] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[105] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[106] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[107] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[108] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[109] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[110] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[111] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[112] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[113] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[114] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[115] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[116] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[117] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[118] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[119] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[120] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[121] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[122] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[123] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[124] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[125] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[126] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[127] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "STR	r5, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
 /* r = 2^n mod m where n is the number of bits to reduce by.
  * Given m must be 4096 bits, just need to subtract.
@@ -12999,6 +24083,7 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
 }
 
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -13007,142 +24092,2501 @@ static void sp_4096_mont_norm_128(sp_digit* r, const sp_digit* m)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #2\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_4096_cond_sub_128_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x200\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_4096_cond_sub_128_words\n\t"
+#else
+        "BLT.N	L_sp_4096_cond_sub_128_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+static sp_digit sp_4096_cond_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_NO_UMAAL
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r9, [%[m], #128]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r9, [%[m], #132]\n\t"
+        "LDR	r12, [%[a], #132]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #132]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r9, [%[m], #136]\n\t"
+        "LDR	r12, [%[a], #136]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #136]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r9, [%[m], #140]\n\t"
+        "LDR	r12, [%[a], #140]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #140]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r9, [%[m], #144]\n\t"
+        "LDR	r12, [%[a], #144]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #144]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r9, [%[m], #148]\n\t"
+        "LDR	r12, [%[a], #148]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #148]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r9, [%[m], #152]\n\t"
+        "LDR	r12, [%[a], #152]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #152]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r9, [%[m], #156]\n\t"
+        "LDR	r12, [%[a], #156]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #156]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r9, [%[m], #160]\n\t"
+        "LDR	r12, [%[a], #160]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #160]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r9, [%[m], #164]\n\t"
+        "LDR	r12, [%[a], #164]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #164]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r9, [%[m], #168]\n\t"
+        "LDR	r12, [%[a], #168]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #168]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r9, [%[m], #172]\n\t"
+        "LDR	r12, [%[a], #172]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #172]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r9, [%[m], #176]\n\t"
+        "LDR	r12, [%[a], #176]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #176]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r9, [%[m], #180]\n\t"
+        "LDR	r12, [%[a], #180]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #180]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r9, [%[m], #184]\n\t"
+        "LDR	r12, [%[a], #184]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #184]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r9, [%[m], #188]\n\t"
+        "LDR	r12, [%[a], #188]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #188]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r9, [%[m], #192]\n\t"
+        "LDR	r12, [%[a], #192]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #192]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r9, [%[m], #196]\n\t"
+        "LDR	r12, [%[a], #196]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #196]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r9, [%[m], #200]\n\t"
+        "LDR	r12, [%[a], #200]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #200]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r9, [%[m], #204]\n\t"
+        "LDR	r12, [%[a], #204]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #204]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r9, [%[m], #208]\n\t"
+        "LDR	r12, [%[a], #208]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #208]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r9, [%[m], #212]\n\t"
+        "LDR	r12, [%[a], #212]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #212]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r9, [%[m], #216]\n\t"
+        "LDR	r12, [%[a], #216]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #216]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r9, [%[m], #220]\n\t"
+        "LDR	r12, [%[a], #220]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #220]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r9, [%[m], #224]\n\t"
+        "LDR	r12, [%[a], #224]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #224]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r9, [%[m], #228]\n\t"
+        "LDR	r12, [%[a], #228]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #228]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r9, [%[m], #232]\n\t"
+        "LDR	r12, [%[a], #232]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #232]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r9, [%[m], #236]\n\t"
+        "LDR	r12, [%[a], #236]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #236]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r9, [%[m], #240]\n\t"
+        "LDR	r12, [%[a], #240]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #240]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r9, [%[m], #244]\n\t"
+        "LDR	r12, [%[a], #244]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #244]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+62] += m[62] * mu */
+        "LDR	r9, [%[m], #248]\n\t"
+        "LDR	r12, [%[a], #248]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #248]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+63] += m[63] * mu */
+        "LDR	r9, [%[m], #252]\n\t"
+        "LDR	r12, [%[a], #252]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #252]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+64] += m[64] * mu */
+        "LDR	r9, [%[m], #256]\n\t"
+        "LDR	r12, [%[a], #256]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #256]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+65] += m[65] * mu */
+        "LDR	r9, [%[m], #260]\n\t"
+        "LDR	r12, [%[a], #260]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #260]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+66] += m[66] * mu */
+        "LDR	r9, [%[m], #264]\n\t"
+        "LDR	r12, [%[a], #264]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #264]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+67] += m[67] * mu */
+        "LDR	r9, [%[m], #268]\n\t"
+        "LDR	r12, [%[a], #268]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #268]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+68] += m[68] * mu */
+        "LDR	r9, [%[m], #272]\n\t"
+        "LDR	r12, [%[a], #272]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #272]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+69] += m[69] * mu */
+        "LDR	r9, [%[m], #276]\n\t"
+        "LDR	r12, [%[a], #276]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #276]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+70] += m[70] * mu */
+        "LDR	r9, [%[m], #280]\n\t"
+        "LDR	r12, [%[a], #280]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #280]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+71] += m[71] * mu */
+        "LDR	r9, [%[m], #284]\n\t"
+        "LDR	r12, [%[a], #284]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #284]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+72] += m[72] * mu */
+        "LDR	r9, [%[m], #288]\n\t"
+        "LDR	r12, [%[a], #288]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #288]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+73] += m[73] * mu */
+        "LDR	r9, [%[m], #292]\n\t"
+        "LDR	r12, [%[a], #292]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #292]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+74] += m[74] * mu */
+        "LDR	r9, [%[m], #296]\n\t"
+        "LDR	r12, [%[a], #296]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #296]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+75] += m[75] * mu */
+        "LDR	r9, [%[m], #300]\n\t"
+        "LDR	r12, [%[a], #300]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #300]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+76] += m[76] * mu */
+        "LDR	r9, [%[m], #304]\n\t"
+        "LDR	r12, [%[a], #304]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #304]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+77] += m[77] * mu */
+        "LDR	r9, [%[m], #308]\n\t"
+        "LDR	r12, [%[a], #308]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #308]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+78] += m[78] * mu */
+        "LDR	r9, [%[m], #312]\n\t"
+        "LDR	r12, [%[a], #312]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #312]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+79] += m[79] * mu */
+        "LDR	r9, [%[m], #316]\n\t"
+        "LDR	r12, [%[a], #316]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #316]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+80] += m[80] * mu */
+        "LDR	r9, [%[m], #320]\n\t"
+        "LDR	r12, [%[a], #320]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #320]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+81] += m[81] * mu */
+        "LDR	r9, [%[m], #324]\n\t"
+        "LDR	r12, [%[a], #324]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #324]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+82] += m[82] * mu */
+        "LDR	r9, [%[m], #328]\n\t"
+        "LDR	r12, [%[a], #328]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #328]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+83] += m[83] * mu */
+        "LDR	r9, [%[m], #332]\n\t"
+        "LDR	r12, [%[a], #332]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #332]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+84] += m[84] * mu */
+        "LDR	r9, [%[m], #336]\n\t"
+        "LDR	r12, [%[a], #336]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #336]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+85] += m[85] * mu */
+        "LDR	r9, [%[m], #340]\n\t"
+        "LDR	r12, [%[a], #340]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #340]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+86] += m[86] * mu */
+        "LDR	r9, [%[m], #344]\n\t"
+        "LDR	r12, [%[a], #344]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #344]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+87] += m[87] * mu */
+        "LDR	r9, [%[m], #348]\n\t"
+        "LDR	r12, [%[a], #348]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #348]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+88] += m[88] * mu */
+        "LDR	r9, [%[m], #352]\n\t"
+        "LDR	r12, [%[a], #352]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #352]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+89] += m[89] * mu */
+        "LDR	r9, [%[m], #356]\n\t"
+        "LDR	r12, [%[a], #356]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #356]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+90] += m[90] * mu */
+        "LDR	r9, [%[m], #360]\n\t"
+        "LDR	r12, [%[a], #360]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #360]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+91] += m[91] * mu */
+        "LDR	r9, [%[m], #364]\n\t"
+        "LDR	r12, [%[a], #364]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #364]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+92] += m[92] * mu */
+        "LDR	r9, [%[m], #368]\n\t"
+        "LDR	r12, [%[a], #368]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #368]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+93] += m[93] * mu */
+        "LDR	r9, [%[m], #372]\n\t"
+        "LDR	r12, [%[a], #372]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #372]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+94] += m[94] * mu */
+        "LDR	r9, [%[m], #376]\n\t"
+        "LDR	r12, [%[a], #376]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #376]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+95] += m[95] * mu */
+        "LDR	r9, [%[m], #380]\n\t"
+        "LDR	r12, [%[a], #380]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #380]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+96] += m[96] * mu */
+        "LDR	r9, [%[m], #384]\n\t"
+        "LDR	r12, [%[a], #384]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #384]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+97] += m[97] * mu */
+        "LDR	r9, [%[m], #388]\n\t"
+        "LDR	r12, [%[a], #388]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #388]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+98] += m[98] * mu */
+        "LDR	r9, [%[m], #392]\n\t"
+        "LDR	r12, [%[a], #392]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #392]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+99] += m[99] * mu */
+        "LDR	r9, [%[m], #396]\n\t"
+        "LDR	r12, [%[a], #396]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #396]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+100] += m[100] * mu */
+        "LDR	r9, [%[m], #400]\n\t"
+        "LDR	r12, [%[a], #400]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #400]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+101] += m[101] * mu */
+        "LDR	r9, [%[m], #404]\n\t"
+        "LDR	r12, [%[a], #404]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #404]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+102] += m[102] * mu */
+        "LDR	r9, [%[m], #408]\n\t"
+        "LDR	r12, [%[a], #408]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #408]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+103] += m[103] * mu */
+        "LDR	r9, [%[m], #412]\n\t"
+        "LDR	r12, [%[a], #412]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #412]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+104] += m[104] * mu */
+        "LDR	r9, [%[m], #416]\n\t"
+        "LDR	r12, [%[a], #416]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #416]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+105] += m[105] * mu */
+        "LDR	r9, [%[m], #420]\n\t"
+        "LDR	r12, [%[a], #420]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #420]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+106] += m[106] * mu */
+        "LDR	r9, [%[m], #424]\n\t"
+        "LDR	r12, [%[a], #424]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #424]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+107] += m[107] * mu */
+        "LDR	r9, [%[m], #428]\n\t"
+        "LDR	r12, [%[a], #428]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #428]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+108] += m[108] * mu */
+        "LDR	r9, [%[m], #432]\n\t"
+        "LDR	r12, [%[a], #432]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #432]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+109] += m[109] * mu */
+        "LDR	r9, [%[m], #436]\n\t"
+        "LDR	r12, [%[a], #436]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #436]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+110] += m[110] * mu */
+        "LDR	r9, [%[m], #440]\n\t"
+        "LDR	r12, [%[a], #440]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #440]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+111] += m[111] * mu */
+        "LDR	r9, [%[m], #444]\n\t"
+        "LDR	r12, [%[a], #444]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #444]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+112] += m[112] * mu */
+        "LDR	r9, [%[m], #448]\n\t"
+        "LDR	r12, [%[a], #448]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #448]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+113] += m[113] * mu */
+        "LDR	r9, [%[m], #452]\n\t"
+        "LDR	r12, [%[a], #452]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #452]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+114] += m[114] * mu */
+        "LDR	r9, [%[m], #456]\n\t"
+        "LDR	r12, [%[a], #456]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #456]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+115] += m[115] * mu */
+        "LDR	r9, [%[m], #460]\n\t"
+        "LDR	r12, [%[a], #460]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #460]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+116] += m[116] * mu */
+        "LDR	r9, [%[m], #464]\n\t"
+        "LDR	r12, [%[a], #464]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #464]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+117] += m[117] * mu */
+        "LDR	r9, [%[m], #468]\n\t"
+        "LDR	r12, [%[a], #468]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #468]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+118] += m[118] * mu */
+        "LDR	r9, [%[m], #472]\n\t"
+        "LDR	r12, [%[a], #472]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #472]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+119] += m[119] * mu */
+        "LDR	r9, [%[m], #476]\n\t"
+        "LDR	r12, [%[a], #476]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #476]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+120] += m[120] * mu */
+        "LDR	r9, [%[m], #480]\n\t"
+        "LDR	r12, [%[a], #480]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #480]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+121] += m[121] * mu */
+        "LDR	r9, [%[m], #484]\n\t"
+        "LDR	r12, [%[a], #484]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #484]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+122] += m[122] * mu */
+        "LDR	r9, [%[m], #488]\n\t"
+        "LDR	r12, [%[a], #488]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #488]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+123] += m[123] * mu */
+        "LDR	r9, [%[m], #492]\n\t"
+        "LDR	r12, [%[a], #492]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #492]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+124] += m[124] * mu */
+        "LDR	r9, [%[m], #496]\n\t"
+        "LDR	r12, [%[a], #496]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #496]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+125] += m[125] * mu */
+        "LDR	r9, [%[m], #500]\n\t"
+        "LDR	r12, [%[a], #500]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #500]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+126] += m[126] * mu */
+        "LDR	r9, [%[m], #504]\n\t"
+        "LDR	r12, [%[a], #504]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #504]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+127] += m[127] * mu */
+        "LDR	r9, [%[m], #508]\n\t"
+        "LDR	r12, [%[a], #508]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #508]\n\t"
+        "LDR	r12, [%[a], #512]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #512]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x200\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_4096_mont_reduce_128_word\n\t"
+#else
+        "BLT.W	L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
 }
 
+#else
 /* Reduce the number back to 4096 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #512\n\t"
-        "\n1:\n\t"
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #504\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
         /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r8, r7\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        "ADC	r4, r5, #0x0\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_4096_mont_reduce_128_mul\n\t"
+#else
+        "BLT.N	L_sp_4096_mont_reduce_128_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #512]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #512]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x200\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BLT	L_sp_4096_mont_reduce_128_word\n\t"
+#else
+        "BLT.N	L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#endif /* !WOLFSSL_SP_SMALL */
+#else
+#ifndef WOLFSSL_SP_SMALL
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        /* a[i+32] += m[32] * mu */
+        "LDR	r12, [%[m], #128]\n\t"
+        "LDR	r11, [%[a], #128]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #128]\n\t"
+        /* a[i+33] += m[33] * mu */
+        "LDR	r12, [%[m], #132]\n\t"
+        "LDR	r11, [%[a], #132]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #132]\n\t"
+        /* a[i+34] += m[34] * mu */
+        "LDR	r12, [%[m], #136]\n\t"
+        "LDR	r11, [%[a], #136]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #136]\n\t"
+        /* a[i+35] += m[35] * mu */
+        "LDR	r12, [%[m], #140]\n\t"
+        "LDR	r11, [%[a], #140]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #140]\n\t"
+        /* a[i+36] += m[36] * mu */
+        "LDR	r12, [%[m], #144]\n\t"
+        "LDR	r11, [%[a], #144]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #144]\n\t"
+        /* a[i+37] += m[37] * mu */
+        "LDR	r12, [%[m], #148]\n\t"
+        "LDR	r11, [%[a], #148]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #148]\n\t"
+        /* a[i+38] += m[38] * mu */
+        "LDR	r12, [%[m], #152]\n\t"
+        "LDR	r11, [%[a], #152]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #152]\n\t"
+        /* a[i+39] += m[39] * mu */
+        "LDR	r12, [%[m], #156]\n\t"
+        "LDR	r11, [%[a], #156]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #156]\n\t"
+        /* a[i+40] += m[40] * mu */
+        "LDR	r12, [%[m], #160]\n\t"
+        "LDR	r11, [%[a], #160]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #160]\n\t"
+        /* a[i+41] += m[41] * mu */
+        "LDR	r12, [%[m], #164]\n\t"
+        "LDR	r11, [%[a], #164]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #164]\n\t"
+        /* a[i+42] += m[42] * mu */
+        "LDR	r12, [%[m], #168]\n\t"
+        "LDR	r11, [%[a], #168]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #168]\n\t"
+        /* a[i+43] += m[43] * mu */
+        "LDR	r12, [%[m], #172]\n\t"
+        "LDR	r11, [%[a], #172]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #172]\n\t"
+        /* a[i+44] += m[44] * mu */
+        "LDR	r12, [%[m], #176]\n\t"
+        "LDR	r11, [%[a], #176]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #176]\n\t"
+        /* a[i+45] += m[45] * mu */
+        "LDR	r12, [%[m], #180]\n\t"
+        "LDR	r11, [%[a], #180]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #180]\n\t"
+        /* a[i+46] += m[46] * mu */
+        "LDR	r12, [%[m], #184]\n\t"
+        "LDR	r11, [%[a], #184]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #184]\n\t"
+        /* a[i+47] += m[47] * mu */
+        "LDR	r12, [%[m], #188]\n\t"
+        "LDR	r11, [%[a], #188]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #188]\n\t"
+        /* a[i+48] += m[48] * mu */
+        "LDR	r12, [%[m], #192]\n\t"
+        "LDR	r11, [%[a], #192]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #192]\n\t"
+        /* a[i+49] += m[49] * mu */
+        "LDR	r12, [%[m], #196]\n\t"
+        "LDR	r11, [%[a], #196]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #196]\n\t"
+        /* a[i+50] += m[50] * mu */
+        "LDR	r12, [%[m], #200]\n\t"
+        "LDR	r11, [%[a], #200]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #200]\n\t"
+        /* a[i+51] += m[51] * mu */
+        "LDR	r12, [%[m], #204]\n\t"
+        "LDR	r11, [%[a], #204]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #204]\n\t"
+        /* a[i+52] += m[52] * mu */
+        "LDR	r12, [%[m], #208]\n\t"
+        "LDR	r11, [%[a], #208]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #208]\n\t"
+        /* a[i+53] += m[53] * mu */
+        "LDR	r12, [%[m], #212]\n\t"
+        "LDR	r11, [%[a], #212]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #212]\n\t"
+        /* a[i+54] += m[54] * mu */
+        "LDR	r12, [%[m], #216]\n\t"
+        "LDR	r11, [%[a], #216]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #216]\n\t"
+        /* a[i+55] += m[55] * mu */
+        "LDR	r12, [%[m], #220]\n\t"
+        "LDR	r11, [%[a], #220]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #220]\n\t"
+        /* a[i+56] += m[56] * mu */
+        "LDR	r12, [%[m], #224]\n\t"
+        "LDR	r11, [%[a], #224]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #224]\n\t"
+        /* a[i+57] += m[57] * mu */
+        "LDR	r12, [%[m], #228]\n\t"
+        "LDR	r11, [%[a], #228]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #228]\n\t"
+        /* a[i+58] += m[58] * mu */
+        "LDR	r12, [%[m], #232]\n\t"
+        "LDR	r11, [%[a], #232]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #232]\n\t"
+        /* a[i+59] += m[59] * mu */
+        "LDR	r12, [%[m], #236]\n\t"
+        "LDR	r11, [%[a], #236]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #236]\n\t"
+        /* a[i+60] += m[60] * mu */
+        "LDR	r12, [%[m], #240]\n\t"
+        "LDR	r11, [%[a], #240]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #240]\n\t"
+        /* a[i+61] += m[61] * mu */
+        "LDR	r12, [%[m], #244]\n\t"
+        "LDR	r11, [%[a], #244]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #244]\n\t"
+        /* a[i+62] += m[62] * mu */
+        "LDR	r12, [%[m], #248]\n\t"
+        "LDR	r11, [%[a], #248]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #248]\n\t"
+        /* a[i+63] += m[63] * mu */
+        "LDR	r12, [%[m], #252]\n\t"
+        "LDR	r11, [%[a], #252]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #252]\n\t"
+        /* a[i+64] += m[64] * mu */
+        "LDR	r12, [%[m], #256]\n\t"
+        "LDR	r11, [%[a], #256]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #256]\n\t"
+        /* a[i+65] += m[65] * mu */
+        "LDR	r12, [%[m], #260]\n\t"
+        "LDR	r11, [%[a], #260]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #260]\n\t"
+        /* a[i+66] += m[66] * mu */
+        "LDR	r12, [%[m], #264]\n\t"
+        "LDR	r11, [%[a], #264]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #264]\n\t"
+        /* a[i+67] += m[67] * mu */
+        "LDR	r12, [%[m], #268]\n\t"
+        "LDR	r11, [%[a], #268]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #268]\n\t"
+        /* a[i+68] += m[68] * mu */
+        "LDR	r12, [%[m], #272]\n\t"
+        "LDR	r11, [%[a], #272]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #272]\n\t"
+        /* a[i+69] += m[69] * mu */
+        "LDR	r12, [%[m], #276]\n\t"
+        "LDR	r11, [%[a], #276]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #276]\n\t"
+        /* a[i+70] += m[70] * mu */
+        "LDR	r12, [%[m], #280]\n\t"
+        "LDR	r11, [%[a], #280]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #280]\n\t"
+        /* a[i+71] += m[71] * mu */
+        "LDR	r12, [%[m], #284]\n\t"
+        "LDR	r11, [%[a], #284]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #284]\n\t"
+        /* a[i+72] += m[72] * mu */
+        "LDR	r12, [%[m], #288]\n\t"
+        "LDR	r11, [%[a], #288]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #288]\n\t"
+        /* a[i+73] += m[73] * mu */
+        "LDR	r12, [%[m], #292]\n\t"
+        "LDR	r11, [%[a], #292]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #292]\n\t"
+        /* a[i+74] += m[74] * mu */
+        "LDR	r12, [%[m], #296]\n\t"
+        "LDR	r11, [%[a], #296]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #296]\n\t"
+        /* a[i+75] += m[75] * mu */
+        "LDR	r12, [%[m], #300]\n\t"
+        "LDR	r11, [%[a], #300]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #300]\n\t"
+        /* a[i+76] += m[76] * mu */
+        "LDR	r12, [%[m], #304]\n\t"
+        "LDR	r11, [%[a], #304]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #304]\n\t"
+        /* a[i+77] += m[77] * mu */
+        "LDR	r12, [%[m], #308]\n\t"
+        "LDR	r11, [%[a], #308]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #308]\n\t"
+        /* a[i+78] += m[78] * mu */
+        "LDR	r12, [%[m], #312]\n\t"
+        "LDR	r11, [%[a], #312]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #312]\n\t"
+        /* a[i+79] += m[79] * mu */
+        "LDR	r12, [%[m], #316]\n\t"
+        "LDR	r11, [%[a], #316]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #316]\n\t"
+        /* a[i+80] += m[80] * mu */
+        "LDR	r12, [%[m], #320]\n\t"
+        "LDR	r11, [%[a], #320]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #320]\n\t"
+        /* a[i+81] += m[81] * mu */
+        "LDR	r12, [%[m], #324]\n\t"
+        "LDR	r11, [%[a], #324]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #324]\n\t"
+        /* a[i+82] += m[82] * mu */
+        "LDR	r12, [%[m], #328]\n\t"
+        "LDR	r11, [%[a], #328]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #328]\n\t"
+        /* a[i+83] += m[83] * mu */
+        "LDR	r12, [%[m], #332]\n\t"
+        "LDR	r11, [%[a], #332]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #332]\n\t"
+        /* a[i+84] += m[84] * mu */
+        "LDR	r12, [%[m], #336]\n\t"
+        "LDR	r11, [%[a], #336]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #336]\n\t"
+        /* a[i+85] += m[85] * mu */
+        "LDR	r12, [%[m], #340]\n\t"
+        "LDR	r11, [%[a], #340]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #340]\n\t"
+        /* a[i+86] += m[86] * mu */
+        "LDR	r12, [%[m], #344]\n\t"
+        "LDR	r11, [%[a], #344]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #344]\n\t"
+        /* a[i+87] += m[87] * mu */
+        "LDR	r12, [%[m], #348]\n\t"
+        "LDR	r11, [%[a], #348]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #348]\n\t"
+        /* a[i+88] += m[88] * mu */
+        "LDR	r12, [%[m], #352]\n\t"
+        "LDR	r11, [%[a], #352]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #352]\n\t"
+        /* a[i+89] += m[89] * mu */
+        "LDR	r12, [%[m], #356]\n\t"
+        "LDR	r11, [%[a], #356]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #356]\n\t"
+        /* a[i+90] += m[90] * mu */
+        "LDR	r12, [%[m], #360]\n\t"
+        "LDR	r11, [%[a], #360]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #360]\n\t"
+        /* a[i+91] += m[91] * mu */
+        "LDR	r12, [%[m], #364]\n\t"
+        "LDR	r11, [%[a], #364]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #364]\n\t"
+        /* a[i+92] += m[92] * mu */
+        "LDR	r12, [%[m], #368]\n\t"
+        "LDR	r11, [%[a], #368]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #368]\n\t"
+        /* a[i+93] += m[93] * mu */
+        "LDR	r12, [%[m], #372]\n\t"
+        "LDR	r11, [%[a], #372]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #372]\n\t"
+        /* a[i+94] += m[94] * mu */
+        "LDR	r12, [%[m], #376]\n\t"
+        "LDR	r11, [%[a], #376]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #376]\n\t"
+        /* a[i+95] += m[95] * mu */
+        "LDR	r12, [%[m], #380]\n\t"
+        "LDR	r11, [%[a], #380]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #380]\n\t"
+        /* a[i+96] += m[96] * mu */
+        "LDR	r12, [%[m], #384]\n\t"
+        "LDR	r11, [%[a], #384]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #384]\n\t"
+        /* a[i+97] += m[97] * mu */
+        "LDR	r12, [%[m], #388]\n\t"
+        "LDR	r11, [%[a], #388]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #388]\n\t"
+        /* a[i+98] += m[98] * mu */
+        "LDR	r12, [%[m], #392]\n\t"
+        "LDR	r11, [%[a], #392]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #392]\n\t"
+        /* a[i+99] += m[99] * mu */
+        "LDR	r12, [%[m], #396]\n\t"
+        "LDR	r11, [%[a], #396]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #396]\n\t"
+        /* a[i+100] += m[100] * mu */
+        "LDR	r12, [%[m], #400]\n\t"
+        "LDR	r11, [%[a], #400]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #400]\n\t"
+        /* a[i+101] += m[101] * mu */
+        "LDR	r12, [%[m], #404]\n\t"
+        "LDR	r11, [%[a], #404]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #404]\n\t"
+        /* a[i+102] += m[102] * mu */
+        "LDR	r12, [%[m], #408]\n\t"
+        "LDR	r11, [%[a], #408]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #408]\n\t"
+        /* a[i+103] += m[103] * mu */
+        "LDR	r12, [%[m], #412]\n\t"
+        "LDR	r11, [%[a], #412]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #412]\n\t"
+        /* a[i+104] += m[104] * mu */
+        "LDR	r12, [%[m], #416]\n\t"
+        "LDR	r11, [%[a], #416]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #416]\n\t"
+        /* a[i+105] += m[105] * mu */
+        "LDR	r12, [%[m], #420]\n\t"
+        "LDR	r11, [%[a], #420]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #420]\n\t"
+        /* a[i+106] += m[106] * mu */
+        "LDR	r12, [%[m], #424]\n\t"
+        "LDR	r11, [%[a], #424]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #424]\n\t"
+        /* a[i+107] += m[107] * mu */
+        "LDR	r12, [%[m], #428]\n\t"
+        "LDR	r11, [%[a], #428]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #428]\n\t"
+        /* a[i+108] += m[108] * mu */
+        "LDR	r12, [%[m], #432]\n\t"
+        "LDR	r11, [%[a], #432]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #432]\n\t"
+        /* a[i+109] += m[109] * mu */
+        "LDR	r12, [%[m], #436]\n\t"
+        "LDR	r11, [%[a], #436]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #436]\n\t"
+        /* a[i+110] += m[110] * mu */
+        "LDR	r12, [%[m], #440]\n\t"
+        "LDR	r11, [%[a], #440]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #440]\n\t"
+        /* a[i+111] += m[111] * mu */
+        "LDR	r12, [%[m], #444]\n\t"
+        "LDR	r11, [%[a], #444]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #444]\n\t"
+        /* a[i+112] += m[112] * mu */
+        "LDR	r12, [%[m], #448]\n\t"
+        "LDR	r11, [%[a], #448]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #448]\n\t"
+        /* a[i+113] += m[113] * mu */
+        "LDR	r12, [%[m], #452]\n\t"
+        "LDR	r11, [%[a], #452]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #452]\n\t"
+        /* a[i+114] += m[114] * mu */
+        "LDR	r12, [%[m], #456]\n\t"
+        "LDR	r11, [%[a], #456]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #456]\n\t"
+        /* a[i+115] += m[115] * mu */
+        "LDR	r12, [%[m], #460]\n\t"
+        "LDR	r11, [%[a], #460]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #460]\n\t"
+        /* a[i+116] += m[116] * mu */
+        "LDR	r12, [%[m], #464]\n\t"
+        "LDR	r11, [%[a], #464]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #464]\n\t"
+        /* a[i+117] += m[117] * mu */
+        "LDR	r12, [%[m], #468]\n\t"
+        "LDR	r11, [%[a], #468]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #468]\n\t"
+        /* a[i+118] += m[118] * mu */
+        "LDR	r12, [%[m], #472]\n\t"
+        "LDR	r11, [%[a], #472]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #472]\n\t"
+        /* a[i+119] += m[119] * mu */
+        "LDR	r12, [%[m], #476]\n\t"
+        "LDR	r11, [%[a], #476]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #476]\n\t"
+        /* a[i+120] += m[120] * mu */
+        "LDR	r12, [%[m], #480]\n\t"
+        "LDR	r11, [%[a], #480]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #480]\n\t"
+        /* a[i+121] += m[121] * mu */
+        "LDR	r12, [%[m], #484]\n\t"
+        "LDR	r11, [%[a], #484]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #484]\n\t"
+        /* a[i+122] += m[122] * mu */
+        "LDR	r12, [%[m], #488]\n\t"
+        "LDR	r11, [%[a], #488]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #488]\n\t"
+        /* a[i+123] += m[123] * mu */
+        "LDR	r12, [%[m], #492]\n\t"
+        "LDR	r11, [%[a], #492]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #492]\n\t"
+        /* a[i+124] += m[124] * mu */
+        "LDR	r12, [%[m], #496]\n\t"
+        "LDR	r11, [%[a], #496]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #496]\n\t"
+        /* a[i+125] += m[125] * mu */
+        "LDR	r12, [%[m], #500]\n\t"
+        "LDR	r11, [%[a], #500]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #500]\n\t"
         /* a[i+126] += m[126] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r12, [%[m], #504]\n\t"
+        "LDR	r11, [%[a], #504]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #504]\n\t"
         /* a[i+127] += m[127] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[127] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[127] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #504\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r12, [%[m], #508]\n\t"
+        "LDR	r11, [%[a], #508]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #512]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #508]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #512]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x200\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_4096_mont_reduce_128_word\n\t"
+#else
+        "BLT.W	L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 4096 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - ca);
+    __asm__ __volatile__ (
+        "LDR	r11, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r9, #0x0\n\t"
+        /* ca = 0 */
+        "MOV	r3, #0x0\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_word:\n\t"
+        /* mu = a[i] * mp */
+        "LDR	r10, [%[a]]\n\t"
+        "MUL	r8, %[mp], r10\n\t"
+        /* j = 0 */
+        "MOV	r12, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_4096_mont_reduce_128_mul:\n\t"
+        /* a[i+j+0] += m[j+0] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+1] += m[j+1] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+2] += m[j+2] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        /* a[i+j+3] += m[j+3] * mu */
+        "LDR	r7, [%[m], r12]\n\t"
+        "LDR	r10, [%[a], r12]\n\t"
+        "UMAAL	r10, r4, r8, r7\n\t"
+        "STR	r10, [%[a], r12]\n\t"
+        /* j += 1 */
+        "ADD	r12, r12, #0x4\n\t"
+        "CMP	r12, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_4096_mont_reduce_128_mul\n\t"
+#else
+        "BLT.N	L_sp_4096_mont_reduce_128_mul\n\t"
+#endif
+        "LDR	r10, [%[a], #512]\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "STR	r10, [%[a], #512]\n\t"
+        /* i += 1 */
+        "ADD	r9, r9, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r9, #0x200\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_4096_mont_reduce_128_word\n\t"
+#else
+        "BLT.N	L_sp_4096_mont_reduce_128_word\n\t"
+#endif
+        /* Loop Done */
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    sp_4096_cond_sub_128(a - 128, a, m, (sp_digit)0 - mp);
 }
 
+#endif /* !WOLFSSL_SP_SMALL */
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -13150,7 +26594,7 @@ SP_NOINLINE static void sp_4096_mont_reduce_128(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -13164,7 +26608,7 @@ SP_NOINLINE static void sp_4096_mont_mul_128(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -13180,39 +26624,44 @@ SP_NOINLINE static void sp_4096_mont_sqr_128(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r5, #2\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "add	r6, r6, r5\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x200\n\t"
+        "\n"
+    "L_sp_4096_sub_128_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_4096_sub_128_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_4096_sub_128_word\n\t"
+#endif
+        "MOV	%[r], r11\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
@@ -13222,342 +26671,253 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_sub_128(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -13567,49 +26927,134 @@ SP_NOINLINE static sp_digit sp_4096_sub_128(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)d1;
+}
+
+#else
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_4096_word_128_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_4096_word_128_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* Divide d in a and put remainder into r (m*d + r = a)
  * m is not calculated as it is not needed at this time.
  *
@@ -13619,8 +27064,8 @@ SP_NOINLINE static sp_digit div_4096_word_128(sp_digit d1, sp_digit d0,
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128_cond(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -13682,6 +27127,7 @@ static WC_INLINE int sp_4096_mod_128_cond(sp_digit* r, const sp_digit* a, const
 }
 
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
+#if defined(WOLFSSL_HAVE_SP_DH) || !defined(WOLFSSL_RSA_PUBLIC_ONLY)
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -13719,46 +27165,1457 @@ static void sp_4096_mask_128(sp_digit* r, const sp_digit* a, sp_digit m)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_4096_cmp_128(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	r6, r6, #252\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x1fc\n\t"
+        "\n"
+    "L_sp_4096_cmp_128_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_4096_cmp_128_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #508]\n\t"
+        "LDR	r5, [%[b], #508]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #504]\n\t"
+        "LDR	r5, [%[b], #504]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #500]\n\t"
+        "LDR	r5, [%[b], #500]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #496]\n\t"
+        "LDR	r5, [%[b], #496]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #492]\n\t"
+        "LDR	r5, [%[b], #492]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #488]\n\t"
+        "LDR	r5, [%[b], #488]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #484]\n\t"
+        "LDR	r5, [%[b], #484]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #480]\n\t"
+        "LDR	r5, [%[b], #480]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #476]\n\t"
+        "LDR	r5, [%[b], #476]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #472]\n\t"
+        "LDR	r5, [%[b], #472]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #468]\n\t"
+        "LDR	r5, [%[b], #468]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #464]\n\t"
+        "LDR	r5, [%[b], #464]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #460]\n\t"
+        "LDR	r5, [%[b], #460]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #456]\n\t"
+        "LDR	r5, [%[b], #456]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #452]\n\t"
+        "LDR	r5, [%[b], #452]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #448]\n\t"
+        "LDR	r5, [%[b], #448]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #444]\n\t"
+        "LDR	r5, [%[b], #444]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #440]\n\t"
+        "LDR	r5, [%[b], #440]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #436]\n\t"
+        "LDR	r5, [%[b], #436]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #432]\n\t"
+        "LDR	r5, [%[b], #432]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #428]\n\t"
+        "LDR	r5, [%[b], #428]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #424]\n\t"
+        "LDR	r5, [%[b], #424]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #420]\n\t"
+        "LDR	r5, [%[b], #420]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #416]\n\t"
+        "LDR	r5, [%[b], #416]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #412]\n\t"
+        "LDR	r5, [%[b], #412]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #408]\n\t"
+        "LDR	r5, [%[b], #408]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #404]\n\t"
+        "LDR	r5, [%[b], #404]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #400]\n\t"
+        "LDR	r5, [%[b], #400]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #396]\n\t"
+        "LDR	r5, [%[b], #396]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #392]\n\t"
+        "LDR	r5, [%[b], #392]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #388]\n\t"
+        "LDR	r5, [%[b], #388]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #384]\n\t"
+        "LDR	r5, [%[b], #384]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #380]\n\t"
+        "LDR	r5, [%[b], #380]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #376]\n\t"
+        "LDR	r5, [%[b], #376]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #372]\n\t"
+        "LDR	r5, [%[b], #372]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #368]\n\t"
+        "LDR	r5, [%[b], #368]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #364]\n\t"
+        "LDR	r5, [%[b], #364]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #360]\n\t"
+        "LDR	r5, [%[b], #360]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #356]\n\t"
+        "LDR	r5, [%[b], #356]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #352]\n\t"
+        "LDR	r5, [%[b], #352]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #348]\n\t"
+        "LDR	r5, [%[b], #348]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #344]\n\t"
+        "LDR	r5, [%[b], #344]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #340]\n\t"
+        "LDR	r5, [%[b], #340]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #336]\n\t"
+        "LDR	r5, [%[b], #336]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #332]\n\t"
+        "LDR	r5, [%[b], #332]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #328]\n\t"
+        "LDR	r5, [%[b], #328]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #324]\n\t"
+        "LDR	r5, [%[b], #324]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #320]\n\t"
+        "LDR	r5, [%[b], #320]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #316]\n\t"
+        "LDR	r5, [%[b], #316]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #312]\n\t"
+        "LDR	r5, [%[b], #312]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #308]\n\t"
+        "LDR	r5, [%[b], #308]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #304]\n\t"
+        "LDR	r5, [%[b], #304]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #300]\n\t"
+        "LDR	r5, [%[b], #300]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #296]\n\t"
+        "LDR	r5, [%[b], #296]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #292]\n\t"
+        "LDR	r5, [%[b], #292]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #288]\n\t"
+        "LDR	r5, [%[b], #288]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #284]\n\t"
+        "LDR	r5, [%[b], #284]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #280]\n\t"
+        "LDR	r5, [%[b], #280]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #276]\n\t"
+        "LDR	r5, [%[b], #276]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #272]\n\t"
+        "LDR	r5, [%[b], #272]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #268]\n\t"
+        "LDR	r5, [%[b], #268]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #264]\n\t"
+        "LDR	r5, [%[b], #264]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #260]\n\t"
+        "LDR	r5, [%[b], #260]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #256]\n\t"
+        "LDR	r5, [%[b], #256]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #252]\n\t"
+        "LDR	r5, [%[b], #252]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #248]\n\t"
+        "LDR	r5, [%[b], #248]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #244]\n\t"
+        "LDR	r5, [%[b], #244]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #240]\n\t"
+        "LDR	r5, [%[b], #240]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #236]\n\t"
+        "LDR	r5, [%[b], #236]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #232]\n\t"
+        "LDR	r5, [%[b], #232]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #228]\n\t"
+        "LDR	r5, [%[b], #228]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #224]\n\t"
+        "LDR	r5, [%[b], #224]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #220]\n\t"
+        "LDR	r5, [%[b], #220]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #216]\n\t"
+        "LDR	r5, [%[b], #216]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #212]\n\t"
+        "LDR	r5, [%[b], #212]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #208]\n\t"
+        "LDR	r5, [%[b], #208]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #204]\n\t"
+        "LDR	r5, [%[b], #204]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #200]\n\t"
+        "LDR	r5, [%[b], #200]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #196]\n\t"
+        "LDR	r5, [%[b], #196]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #192]\n\t"
+        "LDR	r5, [%[b], #192]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #188]\n\t"
+        "LDR	r5, [%[b], #188]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #184]\n\t"
+        "LDR	r5, [%[b], #184]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #180]\n\t"
+        "LDR	r5, [%[b], #180]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #176]\n\t"
+        "LDR	r5, [%[b], #176]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #172]\n\t"
+        "LDR	r5, [%[b], #172]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #168]\n\t"
+        "LDR	r5, [%[b], #168]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #164]\n\t"
+        "LDR	r5, [%[b], #164]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #160]\n\t"
+        "LDR	r5, [%[b], #160]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #156]\n\t"
+        "LDR	r5, [%[b], #156]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #152]\n\t"
+        "LDR	r5, [%[b], #152]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #148]\n\t"
+        "LDR	r5, [%[b], #148]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #144]\n\t"
+        "LDR	r5, [%[b], #144]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #140]\n\t"
+        "LDR	r5, [%[b], #140]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #136]\n\t"
+        "LDR	r5, [%[b], #136]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #132]\n\t"
+        "LDR	r5, [%[b], #132]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "LDR	r5, [%[b], #128]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -13770,8 +28627,8 @@ SP_NOINLINE static sp_int32 sp_4096_cmp_128(const sp_digit* a, const sp_digit* b
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_4096_div_128(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[256], t2[129];
     sp_digit div, r1;
@@ -13816,6 +28673,7 @@ static WC_INLINE int sp_4096_mod_128(sp_digit* r, const sp_digit* a, const sp_di
     return sp_4096_div_128(a, m, NULL, r);
 }
 
+#endif /* WOLFSSL_HAVE_SP_DH || !WOLFSSL_RSA_PUBLIC_ONLY */
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || \
                                                      defined(WOLFSSL_HAVE_SP_DH)
 #ifdef WOLFSSL_SP_SMALL
@@ -14279,6 +29137,7 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
 }
 
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -14287,40 +29146,304 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
  * b  A single precision number to add.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #1\n\t"
-        "lsl	r5, r5, #8\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_4096_cond_add_64_words:\n\t"
+        "ADDS	r5, r5, #0xffffffff\n\t"
+        "LDR	r6, [%[a], r4]\n\t"
+        "LDR	r7, [%[b], r4]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "ADCS	r6, r6, r7\n\t"
+        "ADC	r5, r8, r8\n\t"
+        "STR	r6, [%[r], r4]\n\t"
+        "ADD	r4, r4, #0x4\n\t"
+        "CMP	r4, #0x100\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_4096_cond_add_64_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_4096_cond_add_64_words\n\t"
+#endif
+        "MOV	%[r], r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_4096_cond_add_64(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_4096_cond_add_64(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "ADC	%[r], r10, r10\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 /* RSA private key operation.
  *
  * in      Array of bytes representing the number to exponentiate, base.
@@ -14635,798 +29758,791 @@ int sp_ModExp_4096(const mp_int* base, const mp_int* exp, const mp_int* mod,
 #ifdef WOLFSSL_HAVE_SP_DH
 
 #ifdef HAVE_FFDHE_4096
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_4096_lshift_128(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
 static void sp_4096_lshift_128(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #31\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "add	%[a], %[a], #448\n\t"
-        "add	%[r], %[r], #448\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "lsr	r4, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r4, r4, r6\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r2, [%[r], #64]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r2, [%[r], #52]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r2, [%[r], #40]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r2, [%[r], #28]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r2, [%[r], #16]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #0]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r2, [%[r], #68]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r4, [%[a], #60]\n\t"
-        "str	r3, [%[r], #68]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #56]\n\t"
-        "str	r2, [%[r], #64]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #52]\n\t"
-        "str	r4, [%[r], #60]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #48]\n\t"
-        "str	r3, [%[r], #56]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #44]\n\t"
-        "str	r2, [%[r], #52]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #40]\n\t"
-        "str	r4, [%[r], #48]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #36]\n\t"
-        "str	r3, [%[r], #44]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #32]\n\t"
-        "str	r2, [%[r], #40]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #28]\n\t"
-        "str	r4, [%[r], #36]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #24]\n\t"
-        "str	r3, [%[r], #32]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #20]\n\t"
-        "str	r2, [%[r], #28]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #16]\n\t"
-        "str	r4, [%[r], #24]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "str	r3, [%[r], #20]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "str	r2, [%[r], #16]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #4]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #0]\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r2, [%[r], #68]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "sub	%[a], %[a], #64\n\t"
-        "sub	%[r], %[r], #64\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "str	r2, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
+        "RSB	r7, %[n], #0x1f\n\t"
+        "LDR	r5, [%[a], #508]\n\t"
+        "LSR	r6, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r6, r6, r7\n\t"
+        "LDR	r4, [%[a], #504]\n\t"
+        "STR	r6, [%[r], #512]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #500]\n\t"
+        "STR	r5, [%[r], #508]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #496]\n\t"
+        "STR	r4, [%[r], #504]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #492]\n\t"
+        "STR	r6, [%[r], #500]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #488]\n\t"
+        "STR	r5, [%[r], #496]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #484]\n\t"
+        "STR	r4, [%[r], #492]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #480]\n\t"
+        "STR	r6, [%[r], #488]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #476]\n\t"
+        "STR	r5, [%[r], #484]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #472]\n\t"
+        "STR	r4, [%[r], #480]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #468]\n\t"
+        "STR	r6, [%[r], #476]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #464]\n\t"
+        "STR	r5, [%[r], #472]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #460]\n\t"
+        "STR	r4, [%[r], #468]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #456]\n\t"
+        "STR	r6, [%[r], #464]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #452]\n\t"
+        "STR	r5, [%[r], #460]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #448]\n\t"
+        "STR	r4, [%[r], #456]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #444]\n\t"
+        "STR	r6, [%[r], #452]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #440]\n\t"
+        "STR	r5, [%[r], #448]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #436]\n\t"
+        "STR	r4, [%[r], #444]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #432]\n\t"
+        "STR	r6, [%[r], #440]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #428]\n\t"
+        "STR	r5, [%[r], #436]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #424]\n\t"
+        "STR	r4, [%[r], #432]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #420]\n\t"
+        "STR	r6, [%[r], #428]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #416]\n\t"
+        "STR	r5, [%[r], #424]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #412]\n\t"
+        "STR	r4, [%[r], #420]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #408]\n\t"
+        "STR	r6, [%[r], #416]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #404]\n\t"
+        "STR	r5, [%[r], #412]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #400]\n\t"
+        "STR	r4, [%[r], #408]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #396]\n\t"
+        "STR	r6, [%[r], #404]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #392]\n\t"
+        "STR	r5, [%[r], #400]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #388]\n\t"
+        "STR	r4, [%[r], #396]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #384]\n\t"
+        "STR	r6, [%[r], #392]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #380]\n\t"
+        "STR	r5, [%[r], #388]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #376]\n\t"
+        "STR	r4, [%[r], #384]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #372]\n\t"
+        "STR	r6, [%[r], #380]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #368]\n\t"
+        "STR	r5, [%[r], #376]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #364]\n\t"
+        "STR	r4, [%[r], #372]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #360]\n\t"
+        "STR	r6, [%[r], #368]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #356]\n\t"
+        "STR	r5, [%[r], #364]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #352]\n\t"
+        "STR	r4, [%[r], #360]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #348]\n\t"
+        "STR	r6, [%[r], #356]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #344]\n\t"
+        "STR	r5, [%[r], #352]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #340]\n\t"
+        "STR	r4, [%[r], #348]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #336]\n\t"
+        "STR	r6, [%[r], #344]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #332]\n\t"
+        "STR	r5, [%[r], #340]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #328]\n\t"
+        "STR	r4, [%[r], #336]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #324]\n\t"
+        "STR	r6, [%[r], #332]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #320]\n\t"
+        "STR	r5, [%[r], #328]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #316]\n\t"
+        "STR	r4, [%[r], #324]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #312]\n\t"
+        "STR	r6, [%[r], #320]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #308]\n\t"
+        "STR	r5, [%[r], #316]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #304]\n\t"
+        "STR	r4, [%[r], #312]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #300]\n\t"
+        "STR	r6, [%[r], #308]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #296]\n\t"
+        "STR	r5, [%[r], #304]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #292]\n\t"
+        "STR	r4, [%[r], #300]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #288]\n\t"
+        "STR	r6, [%[r], #296]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #284]\n\t"
+        "STR	r5, [%[r], #292]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #280]\n\t"
+        "STR	r4, [%[r], #288]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #276]\n\t"
+        "STR	r6, [%[r], #284]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #272]\n\t"
+        "STR	r5, [%[r], #280]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #268]\n\t"
+        "STR	r4, [%[r], #276]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #264]\n\t"
+        "STR	r6, [%[r], #272]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #260]\n\t"
+        "STR	r5, [%[r], #268]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #256]\n\t"
+        "STR	r4, [%[r], #264]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #252]\n\t"
+        "STR	r6, [%[r], #260]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #248]\n\t"
+        "STR	r5, [%[r], #256]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #244]\n\t"
+        "STR	r4, [%[r], #252]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #240]\n\t"
+        "STR	r6, [%[r], #248]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #236]\n\t"
+        "STR	r5, [%[r], #244]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #232]\n\t"
+        "STR	r4, [%[r], #240]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #228]\n\t"
+        "STR	r6, [%[r], #236]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #224]\n\t"
+        "STR	r5, [%[r], #232]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #220]\n\t"
+        "STR	r4, [%[r], #228]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #216]\n\t"
+        "STR	r6, [%[r], #224]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #212]\n\t"
+        "STR	r5, [%[r], #220]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #208]\n\t"
+        "STR	r4, [%[r], #216]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #204]\n\t"
+        "STR	r6, [%[r], #212]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #200]\n\t"
+        "STR	r5, [%[r], #208]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #196]\n\t"
+        "STR	r4, [%[r], #204]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #192]\n\t"
+        "STR	r6, [%[r], #200]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #188]\n\t"
+        "STR	r5, [%[r], #196]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #184]\n\t"
+        "STR	r4, [%[r], #192]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #180]\n\t"
+        "STR	r6, [%[r], #188]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #176]\n\t"
+        "STR	r5, [%[r], #184]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #172]\n\t"
+        "STR	r4, [%[r], #180]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #168]\n\t"
+        "STR	r6, [%[r], #176]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #164]\n\t"
+        "STR	r5, [%[r], #172]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #160]\n\t"
+        "STR	r4, [%[r], #168]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #156]\n\t"
+        "STR	r6, [%[r], #164]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #152]\n\t"
+        "STR	r5, [%[r], #160]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #148]\n\t"
+        "STR	r4, [%[r], #156]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #144]\n\t"
+        "STR	r6, [%[r], #152]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #140]\n\t"
+        "STR	r5, [%[r], #148]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #136]\n\t"
+        "STR	r4, [%[r], #144]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #132]\n\t"
+        "STR	r6, [%[r], #140]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #128]\n\t"
+        "STR	r5, [%[r], #136]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #124]\n\t"
+        "STR	r4, [%[r], #132]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "STR	r6, [%[r], #128]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #116]\n\t"
+        "STR	r5, [%[r], #124]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #112]\n\t"
+        "STR	r4, [%[r], #120]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "STR	r6, [%[r], #116]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #104]\n\t"
+        "STR	r5, [%[r], #112]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #100]\n\t"
+        "STR	r4, [%[r], #108]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "STR	r6, [%[r], #104]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #92]\n\t"
+        "STR	r5, [%[r], #100]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #88]\n\t"
+        "STR	r4, [%[r], #96]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "STR	r6, [%[r], #92]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #80]\n\t"
+        "STR	r5, [%[r], #88]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #76]\n\t"
+        "STR	r4, [%[r], #84]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "STR	r6, [%[r], #80]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #68]\n\t"
+        "STR	r5, [%[r], #76]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #64]\n\t"
+        "STR	r4, [%[r], #72]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "STR	r6, [%[r], #68]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #56]\n\t"
+        "STR	r5, [%[r], #64]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #52]\n\t"
+        "STR	r4, [%[r], #60]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "STR	r6, [%[r], #56]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #44]\n\t"
+        "STR	r5, [%[r], #52]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #40]\n\t"
+        "STR	r4, [%[r], #48]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "STR	r6, [%[r], #44]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #32]\n\t"
+        "STR	r5, [%[r], #40]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #28]\n\t"
+        "STR	r4, [%[r], #36]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "STR	r6, [%[r], #32]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #20]\n\t"
+        "STR	r5, [%[r], #28]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #16]\n\t"
+        "STR	r4, [%[r], #24]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "STR	r6, [%[r], #20]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #8]\n\t"
+        "STR	r5, [%[r], #16]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "STR	r4, [%[r], #12]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "STR	r6, [%[r], #8]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "STR	r4, [%[r]]\n\t"
+        "STR	r5, [%[r], #4]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
     );
 }
 
@@ -15712,1032 +30828,1159 @@ static const sp_digit p256_b[8] = {
 };
 #endif
 
+#ifdef WOLFSSL_SP_SMALL
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x40\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_256_mul_8_outer:\n\t"
+        "SUBS	r3, r5, #0x1c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_256_mul_8_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_256_mul_8_inner_done\n\t"
+#else
+        "BGT.N	L_sp_256_mul_8_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_256_mul_8_inner\n\t"
+#else
+        "BLT.N	L_sp_256_mul_8_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_256_mul_8_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x34\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLE	L_sp_256_mul_8_outer\n\t"
+#else
+        "BLE.N	L_sp_256_mul_8_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #28]\n\t"
+        "LDR	r11, [%[b], #28]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_256_mul_8_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_256_mul_8_store\n\t"
+#else
+        "BGT.N	L_sp_256_mul_8_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
+    );
+}
+
+#else
+#ifdef WOLFSSL_SP_NO_UMAAL
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[8];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
+        "SUB	sp, sp, #0x24\n\t"
+        "STR	%[r], [sp, #32]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
         /* A[0] * B[0] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [%[tmp], #0]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "UMULL	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "UMULL	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "UMULL	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "UMULL	r9, r10, r12, lr\n\t"
+        "STR	r3, [sp]\n\t"
         /* A[0] * B[1] */
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r8\n\t"
+        "LDR	lr, [%[b], #4]\n\t"
+        "MOV	r11, %[r]\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r3, %[r], #0x0\n\t"
+        "UMLAL	r10, r3, r12, lr\n\t"
         /* A[1] * B[0] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #4]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * B[2] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[1] * B[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[0] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #8]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * B[3] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[1] * B[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[1] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[0] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[tmp], #12]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * B[4] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[1] * B[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[1] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[0] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #16]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * B[5] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[1] * B[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[2] * B[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[2] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[1] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[0] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #20]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * B[6] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[1] * B[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[2] * B[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[3] * B[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[2] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[1] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[0] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[tmp], #24]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * B[7] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
         /* A[1] * B[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[2] * B[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[3] * B[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[4] * B[3] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[2] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[1] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[0] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #28]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[1] * B[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[2] * B[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[3] * B[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[4] * B[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[5] * B[3] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[2] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[1] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[2] * B[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[3] * B[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[4] * B[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[5] * B[4] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * B[3] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[2] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[3] * B[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[4] * B[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[5] * B[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[6] * B[4] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        /* A[7] * B[3] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[4] * B[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[5] * B[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[6] * B[5] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[7] * B[4] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[5] * B[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[6] * B[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[7] * B[5] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[6] * B[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r9, %[r], #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "LDR	r12, [%[a], #28]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[7] * B[6] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[7] * B[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        /* Transfer tmp to r */
-        "ldr	r3, [%[tmp], #0]\n\t"
-        "ldr	r4, [%[tmp], #4]\n\t"
-        "ldr	r5, [%[tmp], #8]\n\t"
-        "ldr	r6, [%[tmp], #12]\n\t"
-        "str	r3, [%[r], #0]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[tmp], #16]\n\t"
-        "ldr	r4, [%[tmp], #20]\n\t"
-        "ldr	r5, [%[tmp], #24]\n\t"
-        "ldr	r6, [%[tmp], #28]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "UMLAL	r9, r10, r12, lr\n\t"
+        "LDR	%[r], [sp, #32]\n\t"
+        "ADD	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x24\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+}
+
+#else
+/* Multiply a and b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+SP_NOINLINE static void sp_256_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x2c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "STRD	%[r], %[a], [sp, #36]\n\t"
+#else
+        "STR	%[r], [sp, #36]\n\t"
+        "STR	%[a], [sp, #40]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[b]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3}\n\t"
+        "LDM	lr!, {r4, r5, r6}\n\t"
+        "UMULL	r10, r11, r0, r4\n\t"
+        "UMULL	r12, r7, r1, r4\n\t"
+        "UMAAL	r11, r12, r0, r5\n\t"
+        "UMULL	r8, r9, r2, r4\n\t"
+        "UMAAL	r12, r8, r1, r5\n\t"
+        "UMAAL	r12, r7, r0, r6\n\t"
+        "UMAAL	r8, r9, r3, r4\n\t"
+        "STM	sp, {r10, r11, r12}\n\t"
+        "UMAAL	r7, r8, r2, r5\n\t"
+        "LDM	lr!, {r4}\n\t"
+        "UMULL	r10, r11, r1, r6\n\t"
+        "UMAAL	r8, r9, r2, r6\n\t"
+        "UMAAL	r7, r10, r0, r4\n\t"
+        "UMAAL	r8, r11, r3, r5\n\t"
+        "STR	r7, [sp, #12]\n\t"
+        "UMAAL	r8, r10, r1, r4\n\t"
+        "UMAAL	r9, r11, r3, r6\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "UMAAL	r10, r11, r3, r4\n\t"
+        "LDM	lr, {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMLAL	r8, r12, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r10, r12, r2, r4\n\t"
+        "UMAAL	r11, r12, r3, r4\n\t"
+        "MOV	r4, #0x0\n\t"
+        "UMLAL	r9, r4, r0, r5\n\t"
+        "UMAAL	r10, r4, r1, r5\n\t"
+        "UMAAL	r11, r4, r2, r5\n\t"
+        "UMAAL	r12, r4, r3, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r0, r6\n\t"
+        "UMAAL	r11, r5, r1, r6\n\t"
+        "UMAAL	r12, r5, r2, r6\n\t"
+        "UMAAL	r4, r5, r3, r6\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r11, r6, r0, r7\n\t"
+        "LDR	r0, [sp, #40]\n\t"
+        "UMAAL	r12, r6, r1, r7\n\t"
+        "ADD	r0, r0, #0x10\n\t"
+        "UMAAL	r4, r6, r2, r7\n\t"
+        "SUB	lr, lr, #0x10\n\t"
+        "UMAAL	r5, r6, r3, r7\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "STR	r6, [sp, #32]\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r8, r7, r0, r6\n\t"
+        "UMAAL	r9, r7, r1, r6\n\t"
+        "STR	r8, [sp, #16]\n\t"
+        "UMAAL	r10, r7, r2, r6\n\t"
+        "UMAAL	r11, r7, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r8, #0x0\n\t"
+        "UMLAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r10, r8, r1, r6\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "UMAAL	r11, r8, r2, r6\n\t"
+        "UMAAL	r12, r8, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r10, r9, r0, r6\n\t"
+        "UMAAL	r11, r9, r1, r6\n\t"
+        "STR	r10, [sp, #24]\n\t"
+        "UMAAL	r12, r9, r2, r6\n\t"
+        "UMAAL	r4, r9, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r10, #0x0\n\t"
+        "UMLAL	r11, r10, r0, r6\n\t"
+        "UMAAL	r12, r10, r1, r6\n\t"
+        "STR	r11, [sp, #28]\n\t"
+        "UMAAL	r4, r10, r2, r6\n\t"
+        "UMAAL	r5, r10, r3, r6\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r12, r7, r0, r11\n\t"
+        "UMAAL	r4, r7, r1, r11\n\t"
+        "LDR	r6, [sp, #32]\n\t"
+        "UMAAL	r5, r7, r2, r11\n\t"
+        "UMAAL	r6, r7, r3, r11\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r4, r8, r0, r11\n\t"
+        "UMAAL	r5, r8, r1, r11\n\t"
+        "UMAAL	r6, r8, r2, r11\n\t"
+        "UMAAL	r7, r8, r3, r11\n\t"
+        "LDM	lr, {r11, lr}\n\t"
+        "UMAAL	r5, r9, r0, r11\n\t"
+        "UMAAL	r6, r10, r0, lr\n\t"
+        "UMAAL	r6, r9, r1, r11\n\t"
+        "UMAAL	r7, r10, r1, lr\n\t"
+        "UMAAL	r7, r9, r2, r11\n\t"
+        "UMAAL	r8, r10, r2, lr\n\t"
+        "UMAAL	r8, r9, r3, r11\n\t"
+        "UMAAL	r9, r10, r3, lr\n\t"
+        "MOV	r3, r12\n\t"
+        "LDR	lr, [sp, #36]\n\t"
+        "ADD	lr, lr, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	lr, lr, #0x20\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x2c\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_NO_UMAAL */
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
+/* Square a and put result in r. (r = a * a)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x40\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_256_sqr_8_outer:\n\t"
+        "SUBS	r3, r5, #0x1c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_256_sqr_8_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_256_sqr_8_inner_done\n\t"
+#else
+        "BGT.N	L_sp_256_sqr_8_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_256_sqr_8_inner\n\t"
+#else
+        "BLT.N	L_sp_256_sqr_8_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_256_sqr_8_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x34\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLE	L_sp_256_sqr_8_outer\n\t"
+#else
+        "BLE.N	L_sp_256_sqr_8_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #28]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_256_sqr_8_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_256_sqr_8_store\n\t"
+#else
+        "BGT.N	L_sp_256_sqr_8_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [tmp] "r" (tmp)
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
+#else
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
 SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[8];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        /* A[0] * A[0] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "umull	r3, r4, r6, r6\n\t"
-        "mov	r5, #0\n\t"
-        "str	r3, [%[tmp], #0]\n\t"
-        "mov	r3, #0\n\t"
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[r], [sp, #64]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
         /* A[0] * A[1] */
-        "ldr	r8, [%[a], #4]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[tmp], #4]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * A[2] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        /* A[1] * A[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[tmp], #8]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[a], #4]\n\t"
+        "UMULL	r4, r5, r12, lr\n\t"
         /* A[0] * A[3] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
-        /* A[1] * A[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[tmp], #12]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "UMULL	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[0] * A[4] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[1] * A[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[tmp], #16]\n\t"
-        "mov	r4, #0\n\t"
-        /* A[0] * A[5] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[1] * A[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r3, r3, r10\n\t"
-        "adc	r4, r4, r11\n\t"
-        "str	r5, [%[tmp], #20]\n\t"
-        "mov	r5, #0\n\t"
-        /* A[0] * A[6] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
         /* A[1] * A[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[tmp], #24]\n\t"
-        "mov	r3, #0\n\t"
-        /* A[0] * A[7] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
         /* A[1] * A[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[2] * A[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[tmp], #28]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[1] * A[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
         /* A[2] * A[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[3] * A[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[4] * A[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r5, r5, r9\n\t"
-        "adcs	r3, r3, r10\n\t"
-        "adc	r4, r4, r11\n\t"
-        "str	r5, [%[r], #32]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[2] * A[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
         /* A[3] * A[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[4] * A[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r3, r3, r9\n\t"
-        "adcs	r4, r4, r10\n\t"
-        "adc	r5, r5, r11\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[3] * A[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "mov	r11, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[a], #20]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
         /* A[4] * A[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r9, r9, r6\n\t"
-        "adcs 	r10, r10, r8\n\t"
-        "adc	r11, r11, #0\n\t"
-        /* A[5] * A[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "adc	r11, r11, r11\n\t"
-        "adds	r4, r4, r9\n\t"
-        "adcs	r5, r5, r10\n\t"
-        "adc	r3, r3, r11\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
         /* A[4] * A[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
         /* A[5] * A[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r3, r3, r8\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [%[r], #44]\n\t"
-        "mov	r5, #0\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
         /* A[5] * A[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[6] * A[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "mov	r3, #0\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
         /* A[6] * A[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	r3, r3, #0\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "mov	r4, #0\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, r12\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
         /* A[7] * A[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r3, r3, r8\n\t"
-        "str	r5, [%[r], #56]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        /* Transfer tmp to r */
-        "ldr	r3, [%[tmp], #0]\n\t"
-        "ldr	r4, [%[tmp], #4]\n\t"
-        "ldr	r5, [%[tmp], #8]\n\t"
-        "ldr	r6, [%[tmp], #12]\n\t"
-        "str	r3, [%[r], #0]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[tmp], #16]\n\t"
-        "ldr	r4, [%[tmp], #20]\n\t"
-        "ldr	r5, [%[tmp], #24]\n\t"
-        "ldr	r6, [%[tmp], #28]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
-        :
-        : [r] "r" (r), [a] "r" (a), [tmp] "r" (tmp)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11"
-    );
-}
-
-#ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #32\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
-#else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDR	r12, [%[a], #28]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r12, r12\n\t"
+        "LDR	%[r], [sp, #64]\n\t"
+        "ADD	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	sp, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "SUB	%[r], %[r], #0x20\n\t"
+        "STM	%[r], {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-
-    return c;
 }
 
 #else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
- * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r_p, const sp_digit* a_p)
+#else
+SP_NOINLINE static void sp_256_sqr_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "SUB	sp, sp, #0x20\n\t"
+        "STR	%[r], [sp, #28]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "UMULL	r9, r10, r0, r0\n\t"
+        "UMULL	r11, r12, r0, r1\n\t"
+        "ADDS	r11, r11, r11\n\t"
+        "MOV	lr, #0x0\n\t"
+        "UMAAL	r10, r11, lr, lr\n\t"
+        "STM	sp, {r9, r10}\n\t"
+        "MOV	r8, lr\n\t"
+        "UMAAL	r8, r12, r0, r2\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r8, r11, r1, r1\n\t"
+        "UMULL	r9, r10, r0, r3\n\t"
+        "UMAAL	r9, r12, r1, r2\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STRD	r8, r9, [sp, #8]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r10, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r2, r2\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "UMULL	r9, r8, r0, r5\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r9, r10, r2, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r9, r12, r1, r5\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r3, r3\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "UMULL	r0, r9, r0, r7\n\t"
+        "UMAAL	r0, r8, r1, r6\n\t"
+        "UMAAL	r0, r12, r2, r5\n\t"
+        "UMAAL	r0, r10, r3, r4\n\t"
+        "ADCS	r0, r0, r0\n\t"
+        "UMAAL	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "UMAAL	r9, r8, r1, r7\n\t"
+        "UMAAL	r9, r10, r2, r6\n\t"
+        "UMAAL	r12, r9, r3, r5\n\t"
+        "ADCS	r12, r12, r12\n\t"
+        "UMAAL	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "UMAAL	r9, r8, r2, r7\n\t"
+        "UMAAL	r10, r9, r3, r6\n\t"
+        "MOV	r2, lr\n\t"
+        "UMAAL	r10, r2, r4, r5\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "UMAAL	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "UMAAL	r2, r8, r3, r7\n\t"
+        "UMAAL	r2, r9, r4, r6\n\t"
+        "ADCS	r3, r2, r2\n\t"
+        "UMAAL	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "MOV	r1, lr\n\t"
+        "UMAAL	r1, r8, r4, r7\n\t"
+        "UMAAL	r1, r9, r5, r6\n\t"
+        "ADCS	r4, r1, r1\n\t"
+        "UMAAL	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "UMAAL	r8, r9, r5, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "MOV	r5, lr\n\t"
+        "UMAAL	r5, r9, r6, r7\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "UMAAL	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r5, r7, r7\n\t"
+        "ADCS	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "LDR	lr, [sp, #28]\n\t"
+        "ADD	lr, lr, #0x1c\n\t"
+        "STM	lr!, {r0, r12}\n\t"
+        "STM	lr!, {r11}\n\t"
+        "STM	lr!, {r10}\n\t"
+        "STM	lr!, {r3, r4, r8, r9}\n\t"
+        "STM	lr!, {r7}\n\t"
+        "SUB	lr, lr, #0x40\n\t"
+        "LDM	sp, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+        "STM	lr, {r0, r1, r2, r3, r4, r5, r6}\n\t"
+        "ADD	sp, sp, #0x20\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-
-    return c;
 }
 
+#endif /* WOLFSSL_SP_NO_UMAAL */
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "add	r6, r6, #32\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x20\n\t"
+        "\n"
+    "L_sp_256_add_8_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_256_add_8_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_256_add_8_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -16747,258 +31990,244 @@ SP_NOINLINE static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a,
  * a  The number to convert.
  * m  The modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_256_mod_mul_norm_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 static int sp_256_mod_mul_norm_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-   (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "sub   sp, sp, #24\n\t"
-        "ldr r2, [%[a], #0]\n\t"
-        "ldr r3, [%[a], #4]\n\t"
-        "ldr r4, [%[a], #8]\n\t"
-        "ldr r5, [%[a], #12]\n\t"
-        "ldr r6, [%[a], #16]\n\t"
-        "ldr r8, [%[a], #20]\n\t"
-        "ldr r9, [%[a], #24]\n\t"
-        "ldr r10, [%[a], #28]\n\t"
+        "SUB	sp, sp, #0x18\n\t"
+        "LDM	%[a], {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
         /* Clear overflow and underflow */
-        "mov   r14, #0\n\t"
-        "mov   r12, #0\n\t"
+        "MOV	r11, #0x0\n\t"
+        "MOV	r12, #0x0\n\t"
         /* t[0] =  1  1  0 -1 -1 -1 -1  0 */
-        "adds  r11, r2, r3\n\t"
-        "adc   r14, r14, #0\n\t"
-        "subs    r11, r11, r5\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r6\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r8\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r9\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r10, r2, r3\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "SUBS	r10, r10, r5\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r6\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r7\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r8\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[0] */
-        "str       r11, [sp, #0]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r11, #0\n\t"
+        "STR	r10, [sp]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r10, #0x0\n\t"
         /* t[1] =  0  1  1  0 -1 -1 -1 -1 */
-        "adds  r14, r14, r3\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r4\n\t"
-        "adc   r11, r11, #0\n\t"
-        "subs      r14, r14, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r14, r14, r6\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r8\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r9\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r10\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r11, r11, r3\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r4\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "SUBS	r11, r11, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r11, r11, r6\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r7\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r8\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r9\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[1] */
-        "str       r14, [sp, #4]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r14, #0\n\t"
+        "STR	r11, [sp, #4]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r11, #0x0\n\t"
         /* t[2] =  0  0  1  1  0 -1 -1 -1 */
-        "adds  r11, r11, r4\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r5\n\t"
-        "adc   r14, r14, #0\n\t"
-        "subs      r11, r11, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r11, r11, r8\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r9\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r10\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r10, r10, r4\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r5\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "SUBS	r10, r10, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r10, r10, r7\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r8\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r9\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[2] */
-        "str       r11, [sp, #8]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r11, #0\n\t"
+        "STR	r10, [sp, #8]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r10, #0x0\n\t"
         /* t[3] = -1 -1  0  2  2  1  0 -1 */
-        "adds  r14, r14, r5\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r5\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r6\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r6\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r8\n\t"
-        "adc   r11, r11, #0\n\t"
-        "subs      r14, r14, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r14, r14, r2\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r3\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r10\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r6\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r6\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r7\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "SUBS	r11, r11, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r11, r11, r2\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r3\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r9\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[3] */
-        "str       r14, [sp, #12]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r14, #0\n\t"
+        "STR	r11, [sp, #12]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r11, #0x0\n\t"
         /* t[4] =  0 -1 -1  0  2  2  1  0 */
-        "adds  r11, r11, r6\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r6\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r8\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r8\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r9\n\t"
-        "adc   r14, r14, #0\n\t"
-        "subs      r11, r11, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r11, r11, r3\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r4\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r10, r10, r6\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r6\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r7\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r7\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r8\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "SUBS	r10, r10, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r10, r10, r3\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r4\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[4] */
-        "str       r11, [sp, #16]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r11, #0\n\t"
+        "STR	r10, [sp, #16]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r10, #0x0\n\t"
         /* t[5] =  0  0 -1 -1  0  2  2  1 */
-        "adds  r14, r14, r8\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r8\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r9\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r9\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r10\n\t"
-        "adc   r11, r11, #0\n\t"
-        "subs      r14, r14, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r14, r14, r4\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r5\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r11, r11, r7\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r7\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r8\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r8\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r9\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "SUBS	r11, r11, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r11, r11, r4\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r5\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[5] */
-        "str       r14, [sp, #20]\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r14, #0\n\t"
+        "STR	r11, [sp, #20]\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r11, #0x0\n\t"
         /* t[6] = -1 -1  0  0  0  1  3  2 */
-        "adds  r11, r11, r8\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r9\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r9\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r9\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r10\n\t"
-        "adc   r14, r14, #0\n\t"
-        "adds  r11, r11, r10\n\t"
-        "adc   r14, r14, #0\n\t"
-        "subs      r11, r11, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r11, r11, r2\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r11, r11, r3\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r10, r10, r7\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r8\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r8\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r8\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r9\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "ADDS	r10, r10, r9\n\t"
+        "ADC	r11, r11, #0x0\n\t"
+        "SUBS	r10, r10, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r10, r10, r2\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r10, r10, r3\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[6] */
-        "mov       r9, r11\n\t"
-        "neg       r12, r12\n\t"
-        "mov       r11, #0\n\t"
+        "MOV	r8, r10\n\t"
+        "neg	r12, r12\n\t"
+        "MOV	r10, #0x0\n\t"
         /* t[7] =  1  0 -1 -1 -1 -1  0  3 */
-        "adds  r14, r14, r2\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r10\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r10\n\t"
-        "adc   r11, r11, #0\n\t"
-        "adds  r14, r14, r10\n\t"
-        "adc   r11, r11, #0\n\t"
-        "subs      r14, r14, r12\n\t"
-        "mov       r12, #0\n\t"
-        "sbc       r12, r12, #0\n\t"
-        "subs    r14, r14, r4\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r5\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r6\n\t"
-        "sbc     r12, r12, #0\n\t"
-        "subs    r14, r14, r8\n\t"
-        "sbc     r12, r12, #0\n\t"
+        "ADDS	r11, r11, r2\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r9\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r9\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "ADDS	r11, r11, r9\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "SUBS	r11, r11, r12\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUBS	r11, r11, r4\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r5\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r6\n\t"
+        "SBC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r7\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         /* Store t[7] */
         /* Load intermediate */
-        "ldr r2, [sp, #0]\n\t"
-        "ldr r3, [sp, #4]\n\t"
-        "ldr r4, [sp, #8]\n\t"
-        "ldr r5, [sp, #12]\n\t"
-        "ldr r6, [sp, #16]\n\t"
-        "ldr r8, [sp, #20]\n\t"
-        "neg   r12, r12\n\t"
+        "LDM	sp, {r2, r3, r4, r5, r6, r7}\n\t"
+        "neg	r12, r12\n\t"
         /* Add overflow */
         /* Subtract underflow - add neg underflow */
-        "adds	r2, r2, r11\n\t"
-        "adcs	r3, r3, #0\n\t"
-        "adcs	r4, r4, #0\n\t"
-        "adds	r5, r5, r12\n\t"
-        "adcs	r6, r6, #0\n\t"
-        "adcs	r8, r8, #0\n\t"
-        "adcs	r9, r9, r12\n\t"
-        "adcs	r14, r14, r11\n\t"
-        "mov	r10, #0\n\t"
-        "adc	r10, r10, #0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, r12\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, r12\n\t"
+        "ADCS	r11, r11, r10\n\t"
+        "MOV	r9, #0x0\n\t"
+        "ADC	r9, r9, #0x0\n\t"
         /* Subtract overflow */
         /* Add underflow - subtract neg underflow */
-        "subs	r2, r2, r12\n\t"
-        "sbcs	r3, r3, #0\n\t"
-        "sbcs	r4, r4, #0\n\t"
-        "subs	r5, r5, r11\n\t"
-        "sbcs	r6, r6, #0\n\t"
-        "sbcs	r8, r8, #0\n\t"
-        "sbcs	r9, r9, r11\n\t"
-        "sbcs	r14, r14, r12\n\t"
-        "mov	r12, #0\n\t"
-        "sbc	r12, r12, #0\n\t"
+        "SUBS	r2, r2, r12\n\t"
+        "SBCS	r3, r3, #0x0\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, r10\n\t"
+        "SBCS	r11, r11, r12\n\t"
+        "MOV	r12, #0x0\n\t"
+        "SBC	r12, r12, #0x0\n\t"
         "neg	r12, r12\n\t"
         /* Add overflow */
         /* Subtract underflow - add neg underflow */
-        "adds  r2, r2, r10\n\t"
-        "adcs  r3, r3, #0\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adds  r5, r5, r12\n\t"
-        "adcs  r6, r6, #0\n\t"
-        "adcs  r8, r8, #0\n\t"
-        "adcs  r9, r9, r12\n\t"
-        "adc   r14, r14, r10\n\t"
+        "ADDS	r2, r2, r9\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, r12\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, r12\n\t"
+        "ADC	r11, r11, r9\n\t"
         /* Subtract overflow */
         /* Add underflow - subtract neg underflow */
-        "subs  r2, r2, r12\n\t"
-        "sbcs  r3, r3, #0\n\t"
-        "sbcs  r4, r4, #0\n\t"
-        "subs  r5, r5, r10\n\t"
-        "sbcs  r6, r6, #0\n\t"
-        "sbcs  r8, r8, #0\n\t"
-        "sbcs  r9, r9, r10\n\t"
-        "sbc   r14, r14, r12\n\t"
+        "SUBS	r2, r2, r12\n\t"
+        "SBCS	r3, r3, #0x0\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, r9\n\t"
+        "SBC	r11, r11, r12\n\t"
         /* Store result */
-        "str r2, [%[r], #0]\n\t"
-        "str r3, [%[r], #4]\n\t"
-        "str r4, [%[r], #8]\n\t"
-        "str r5, [%[r], #12]\n\t"
-        "str r6, [%[r], #16]\n\t"
-        "str r8, [%[r], #20]\n\t"
-        "str r9, [%[r], #24]\n\t"
-        "str r14, [%[r], #28]\n\t"
-        "add   sp, sp, #24\n\t"
+        "STM	%[r], {r2, r3, r4, r5, r6, r7, r8, r11}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADD	sp, sp, #0x18\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
-
-    return MP_OKAY;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+    return (uint32_t)(size_t)r;
 }
 
 /* Convert an mp_int to an array of sp_digit.
@@ -17011,14 +32240,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -17196,6 +32425,7 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
     return err;
 }
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -17203,1174 +32433,1389 @@ static int sp_256_point_to_ecc_point_8(const sp_point_256* p, ecc_point* pm)
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m, sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)mp;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[r], [sp, #64]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        /* A[0] * B[0] */
+        "LDR	lr, [%[b]]\n\t"
+        "UMULL	r3, r4, r12, lr\n\t"
+        /* A[0] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "UMULL	r5, r6, r12, lr\n\t"
+        /* A[0] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "UMULL	r7, r8, r12, lr\n\t"
+        /* A[0] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "UMULL	r9, r10, r12, lr\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "MOV	r11, %[r]\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[0] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[0] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[0] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADC	r3, %[r], #0x0\n\t"
+        "UMLAL	r10, r3, r12, lr\n\t"
+        /* A[1] * B[0] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[1] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[1] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[1] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * B[0] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[2] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[2] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[2] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * B[0] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[3] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[3] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[3] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * B[0] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[4] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[4] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[4] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[4] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[4] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * B[0] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[5] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[5] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[5] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[5] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[5] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * B[0] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[6] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[6] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[6] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[6] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[6] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[6] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r9, %[r], #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        /* A[7] * B[0] */
+        "LDR	r12, [%[a], #28]\n\t"
+        "LDR	lr, [%[b]]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[7] * B[1] */
+        "LDR	lr, [%[b], #4]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[7] * B[2] */
+        "LDR	lr, [%[b], #8]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[7] * B[3] */
+        "LDR	lr, [%[b], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[7] * B[4] */
+        "LDR	lr, [%[b], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[7] * B[5] */
+        "LDR	lr, [%[b], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * B[6] */
+        "LDR	lr, [%[b], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[7] * B[7] */
+        "LDR	lr, [%[b], #28]\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "UMLAL	r9, r10, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* Start Reduction */
+        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "MOV	r3, r11\n\t"
+        "MOV	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "SUB	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "MOV	r0, r8\n\t"
+        "MOV	r1, r9\n\t"
+        "MOV	r2, r10\n\t"
+        "ADDS	r8, r8, r5\n\t"
+        "ADCS	r9, r9, r6\n\t"
+        "ADCS	r10, r10, r7\n\t"
+        "ADCS	r11, r11, r0\n\t"
+        "ADC	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "ADDS	r0, r0, r5\n\t"
+        "ADCS	r1, r1, r6\n\t"
+        "ADCS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "ADD	r0, sp, #0x20\n\t"
+        "LDM	r0, {r2, r3, r4}\n\t"
+        "ADDS	r2, r2, lr\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
+        "ADDS	r0, r0, lr\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r8\n\t"
+        "ADCS	r1, r1, r9\n\t"
+        "ADCS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r10\n\t"
+        "ADCS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r0, [sp, #44]\n\t"
+        "STR	r1, [sp, #48]\n\t"
+        "STR	r2, [sp, #52]\n\t"
+        "STR	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "ADD	r0, sp, #0x1c\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "SUBS	r0, r0, r5\n\t"
+        "SBCS	r1, r1, r6\n\t"
+        "SBCS	r2, r2, r7\n\t"
+        "SBCS	r3, r3, r8\n\t"
+        "ADD	r0, sp, #0x2c\n\t"
+        "MOV	r8, r4\n\t"
+        "LDM	r0, {r4, r5, r6, r7}\n\t"
+        "SBCS	r4, r4, r9\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, r11\n\t"
+        "SBCS	r7, r7, r12\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
+        /* mask m and sub from result if overflow */
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r1, r1, lr\n\t"
+        "SBCS	r2, r2, lr\n\t"
+        "SBCS	r3, r3, lr\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, lr, LSR #31\n\t"
+        "SBC	r8, r8, lr\n\t"
+        "LDR	%[r], [sp, #64]\n\t"
+        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
     (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
+    (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+}
+
+#else
+/* Multiply two Montgomery form numbers mod the modulus (prime).
+ * (r = a * b mod m)
+ *
+ * r   Result of multiplication.
+ * a   First number to multiply in Montgomery form.
+ * b   Second number to multiply in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_mul_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "sub   sp, sp, #68\n\t"
-        "mov   r5, #0\n\t"
-        /*  A[0] * B[0] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r9, r10, r6, r8\n\t"
-        "str r9, [sp, #0]\n\t"
-        /*  A[0] * B[1] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adc	r11, r4, #0\n\t"
-        /*  A[1] * B[0] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, #0\n\t"
-        "str r10, [sp, #4]\n\t"
-        /*  A[0] * B[2] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adc	r14, r4, r14\n\t"
-        /*  A[1] * B[1] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, #0\n\t"
-        /*  A[2] * B[0] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        "str r11, [sp, #8]\n\t"
-        /*  A[0] * B[3] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-        /*  A[1] * B[2] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[2] * B[1] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[3] * B[0] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        "str r14, [sp, #12]\n\t"
-        /*  A[0] * B[4] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, #0\n\t"
-        /*  A[1] * B[3] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[2] * B[2] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[3] * B[1] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[4] * B[0] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        "str r9, [sp, #16]\n\t"
-        /*  A[0] * B[5] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, #0\n\t"
-        /*  A[1] * B[4] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[2] * B[3] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[3] * B[2] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[4] * B[1] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[5] * B[0] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        "str r10, [sp, #20]\n\t"
-        /*  A[0] * B[6] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, #0\n\t"
-        /*  A[1] * B[5] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[2] * B[4] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[3] * B[3] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[4] * B[2] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[5] * B[1] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[6] * B[0] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        "str r11, [sp, #24]\n\t"
-        /*  A[0] * B[7] */
-        "ldr	r6, [%[a], #0]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-        /*  A[1] * B[6] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[2] * B[5] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[3] * B[4] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[4] * B[3] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[5] * B[2] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[6] * B[1] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[7] * B[0] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #0]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        "str r14, [sp, #28]\n\t"
-        /*  A[1] * B[7] */
-        "ldr	r6, [%[a], #4]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, #0\n\t"
-        /*  A[2] * B[6] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[3] * B[5] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[4] * B[4] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[5] * B[3] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[6] * B[2] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[7] * B[1] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #4]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        "str r9, [sp, #32]\n\t"
-        /*  A[2] * B[7] */
-        "ldr	r6, [%[a], #8]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, #0\n\t"
-        /*  A[3] * B[6] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[4] * B[5] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[5] * B[4] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[6] * B[3] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[7] * B[2] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #8]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        "str r10, [sp, #36]\n\t"
-        /*  A[3] * B[7] */
-        "ldr	r6, [%[a], #12]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, #0\n\t"
-        /*  A[4] * B[6] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[5] * B[5] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[6] * B[4] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        /*  A[7] * B[3] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #12]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adcs	r14, r4, r14\n\t"
-        "adc	r9, r5, r9\n\t"
-        "str r11, [sp, #40]\n\t"
-        /*  A[4] * B[7] */
-        "ldr	r6, [%[a], #16]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, #0\n\t"
-        /*  A[5] * B[6] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[6] * B[5] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        /*  A[7] * B[4] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #16]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r14, r3, r14\n\t"
-        "adcs	r9, r4, r9\n\t"
-        "adc	r10, r5, r10\n\t"
-        "str r14, [sp, #44]\n\t"
-        /*  A[5] * B[7] */
-        "ldr	r6, [%[a], #20]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, #0\n\t"
-        /*  A[6] * B[6] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[7] * B[5] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #20]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r9, r3, r9\n\t"
-        "adcs	r10, r4, r10\n\t"
-        "adc	r11, r5, r11\n\t"
-        /*  A[6] * B[7] */
-        "ldr	r6, [%[a], #24]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, #0\n\t"
-        /*  A[7] * B[6] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #24]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r10, r3, r10\n\t"
-        "adcs	r11, r4, r11\n\t"
-        "adc	r14, r5, r14\n\t"
-        /*  A[7] * B[7] */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[b], #28]\n\t"
-        "umull	r3, r4, r6, r8\n\t"
-        "adds	r11, r3, r11\n\t"
-        "adc	r14, r4, r14\n\t"
-        "str r9, [sp, #48]\n\t"
-        "str r10, [sp, #52]\n\t"
-        "str r11, [sp, #56]\n\t"
-        "str r14, [sp, #60]\n\t"
+        "SUB	sp, sp, #0x4c\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+        "STRD	%[r], %[a], [sp, #68]\n\t"
+#else
+        "STR	%[r], [sp, #68]\n\t"
+        "STR	%[a], [sp, #72]\n\t"
+#endif /* WOLFSSL_NO_VAR_ASSIGN_REG */
+        "MOV	lr, %[b]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3}\n\t"
+        "LDM	lr!, {r4, r5, r6}\n\t"
+        "UMULL	r10, r11, r0, r4\n\t"
+        "UMULL	r12, r7, r1, r4\n\t"
+        "UMAAL	r11, r12, r0, r5\n\t"
+        "UMULL	r8, r9, r2, r4\n\t"
+        "UMAAL	r12, r8, r1, r5\n\t"
+        "UMAAL	r12, r7, r0, r6\n\t"
+        "UMAAL	r8, r9, r3, r4\n\t"
+        "STM	sp, {r10, r11, r12}\n\t"
+        "UMAAL	r7, r8, r2, r5\n\t"
+        "LDM	lr!, {r4}\n\t"
+        "UMULL	r10, r11, r1, r6\n\t"
+        "UMAAL	r8, r9, r2, r6\n\t"
+        "UMAAL	r7, r10, r0, r4\n\t"
+        "UMAAL	r8, r11, r3, r5\n\t"
+        "STR	r7, [sp, #12]\n\t"
+        "UMAAL	r8, r10, r1, r4\n\t"
+        "UMAAL	r9, r11, r3, r6\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "UMAAL	r10, r11, r3, r4\n\t"
+        "LDM	lr, {r4, r5, r6, r7}\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMLAL	r8, r12, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r10, r12, r2, r4\n\t"
+        "UMAAL	r11, r12, r3, r4\n\t"
+        "MOV	r4, #0x0\n\t"
+        "UMLAL	r9, r4, r0, r5\n\t"
+        "UMAAL	r10, r4, r1, r5\n\t"
+        "UMAAL	r11, r4, r2, r5\n\t"
+        "UMAAL	r12, r4, r3, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "UMLAL	r10, r5, r0, r6\n\t"
+        "UMAAL	r11, r5, r1, r6\n\t"
+        "UMAAL	r12, r5, r2, r6\n\t"
+        "UMAAL	r4, r5, r3, r6\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r11, r6, r0, r7\n\t"
+        "LDR	r0, [sp, #72]\n\t"
+        "UMAAL	r12, r6, r1, r7\n\t"
+        "ADD	r0, r0, #0x10\n\t"
+        "UMAAL	r4, r6, r2, r7\n\t"
+        "SUB	lr, lr, #0x10\n\t"
+        "UMAAL	r5, r6, r3, r7\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "STR	r6, [sp, #64]\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r8, r7, r0, r6\n\t"
+        "UMAAL	r9, r7, r1, r6\n\t"
+        "STR	r8, [sp, #16]\n\t"
+        "UMAAL	r10, r7, r2, r6\n\t"
+        "UMAAL	r11, r7, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r8, #0x0\n\t"
+        "UMLAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r10, r8, r1, r6\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "UMAAL	r11, r8, r2, r6\n\t"
+        "UMAAL	r12, r8, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r10, r9, r0, r6\n\t"
+        "UMAAL	r11, r9, r1, r6\n\t"
+        "STR	r10, [sp, #24]\n\t"
+        "UMAAL	r12, r9, r2, r6\n\t"
+        "UMAAL	r4, r9, r3, r6\n\t"
+        "LDM	lr!, {r6}\n\t"
+        "MOV	r10, #0x0\n\t"
+        "UMLAL	r11, r10, r0, r6\n\t"
+        "UMAAL	r12, r10, r1, r6\n\t"
+        "STR	r11, [sp, #28]\n\t"
+        "UMAAL	r4, r10, r2, r6\n\t"
+        "UMAAL	r5, r10, r3, r6\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r12, r7, r0, r11\n\t"
+        "UMAAL	r4, r7, r1, r11\n\t"
+        "LDR	r6, [sp, #64]\n\t"
+        "UMAAL	r5, r7, r2, r11\n\t"
+        "UMAAL	r6, r7, r3, r11\n\t"
+        "LDM	lr!, {r11}\n\t"
+        "UMAAL	r4, r8, r0, r11\n\t"
+        "UMAAL	r5, r8, r1, r11\n\t"
+        "UMAAL	r6, r8, r2, r11\n\t"
+        "UMAAL	r7, r8, r3, r11\n\t"
+        "LDM	lr, {r11, lr}\n\t"
+        "UMAAL	r5, r9, r0, r11\n\t"
+        "UMAAL	r6, r10, r0, lr\n\t"
+        "UMAAL	r6, r9, r1, r11\n\t"
+        "UMAAL	r7, r10, r1, lr\n\t"
+        "UMAAL	r7, r9, r2, r11\n\t"
+        "UMAAL	r8, r10, r2, lr\n\t"
+        "UMAAL	r8, r9, r3, r11\n\t"
+        "UMAAL	r9, r10, r3, lr\n\t"
+        "MOV	r3, r12\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
         /* Start Reduction */
-        "ldr r4, [sp, #0]\n\t"
-        "ldr r5, [sp, #4]\n\t"
-        "ldr r6, [sp, #8]\n\t"
-        "ldr r8, [sp, #12]\n\t"
-        "ldr r9, [sp, #16]\n\t"
-        "ldr r10, [sp, #20]\n\t"
-        "ldr r11, [sp, #24]\n\t"
-        "ldr r14, [sp, #28]\n\t"
+        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "MOV	r3, r11\n\t"
+        "MOV	r4, r12\n\t"
         /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
         /*    - a[0] << 224 */
         /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds  r11, r11, r4\n\t"
-        "adc   r14, r14, r5\n\t"
-        "adds  r11, r11, r4\n\t"
-        "adc   r14, r14, r5\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
         /*   - a[0] << (7 * 32) */
-        "sub   r14, r14, r4\n\t"
+        "SUB	r12, r12, r5\n\t"
         /*   + a[0]-a[4] << (3 * 32) */
-        "mov   %[a], r8\n\t"
-        "mov   %[b], r9\n\t"
-        "adds  r8, r8, r4\n\t"
-        "adcs  r9, r9, r5\n\t"
-        "adcs  r10, r10, r6\n\t"
-        "adcs  r11, r11, %[a]\n\t"
-        "adc   r14, r14, %[b]\n\t"
-        "str r4, [sp, #0]\n\t"
-        "str r5, [sp, #4]\n\t"
-        "str r6, [sp, #8]\n\t"
-        "str r8, [sp, #12]\n\t"
-        "str r9, [sp, #16]\n\t"
-        "str r10, [sp, #20]\n\t"
+        "MOV	r0, r8\n\t"
+        "MOV	r1, r9\n\t"
+        "MOV	r2, r10\n\t"
+        "ADDS	r8, r8, r5\n\t"
+        "ADCS	r9, r9, r6\n\t"
+        "ADCS	r10, r10, r7\n\t"
+        "ADCS	r11, r11, r0\n\t"
+        "ADC	r12, r12, r1\n\t"
         /* a += mu * m */
         /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        "mov   %[a], #0\n\t"
-        /* a[6] +=        t[0] + t[3] */
-        "ldr   r3, [sp, #24]\n\t"
-        "adds  r3, r3, r4\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r11, [sp, #24]\n\t"
-        /* a[7] +=        t[1] + t[4] */
-        "ldr   r3, [sp, #28]\n\t"
-        "adds  r3, r3, %[b]\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r5\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r9\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r14, [sp, #28]\n\t"
-        "str   r3, [sp, #64]\n\t"
-        /* a[8] += t[0] + t[2] + t[5] */
-        "ldr   r3, [sp, #32]\n\t"
-        "adds  r3, r3, %[b]\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r4\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r6\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r10\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r3, [sp, #32]\n\t"
-        /* a[9]  += t[1] + t[3] + t[6] */
-        /* a[10] += t[2] + t[4] + t[7] */
-        "ldr   r3, [sp, #36]\n\t"
-        "ldr   r4, [sp, #40]\n\t"
-        "adds  r3, r3, %[b]\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r5\n\t"
-        "adcs  r4, r4, r6\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adcs  r4, r4, r9\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r11\n\t"
-        "adcs  r4, r4, r14\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r3, [sp, #36]\n\t"
-        "str   r4, [sp, #40]\n\t"
-        /* a[11] += t[3] + t[5] */
-        /* a[12] += t[4] + t[6] */
-        /* a[13] += t[5] + t[7] */
-        /* a[14] += t[6] */
-        "ldr   r3, [sp, #44]\n\t"
-        "ldr   r4, [sp, #48]\n\t"
-        "ldr   r5, [sp, #52]\n\t"
-        "ldr   r6, [sp, #56]\n\t"
-        "adds  r3, r3, %[b]\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adcs  r5, r5, #0\n\t"
-        "adcs  r6, r6, #0\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adcs  r4, r4, r9\n\t"
-        "adcs  r5, r5, r10\n\t"
-        "adcs  r6, r6, r11\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "adds  r3, r3, r10\n\t"
-        "adcs  r4, r4, r11\n\t"
-        "adcs  r5, r5, r14\n\t"
-        "adcs  r6, r6, #0\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r3, [sp, #44]\n\t"
-        "str   r4, [sp, #48]\n\t"
-        "str   r5, [sp, #52]\n\t"
-        "str   r6, [sp, #56]\n\t"
-        /* a[15] += t[7] */
-        "ldr   r3, [sp, #60]\n\t"
-        "adds  r3, r3, %[b]\n\t"
-        "adc   %[b], %[a], #0\n\t"
-        "adds  r3, r3, r14\n\t"
-        "adc   %[b], %[b], #0\n\t"
-        "str   r3, [sp, #60]\n\t"
-        "ldr   r3, [sp, #64]\n\t"
-        "ldr   r4, [sp, #32]\n\t"
-        "ldr   r5, [sp, #36]\n\t"
-        "ldr   r6, [sp, #40]\n\t"
-        "ldr   r9, [sp, #0]\n\t"
-        "ldr   r10, [sp, #4]\n\t"
-        "ldr   r11, [sp, #8]\n\t"
-        "ldr   r14, [sp, #12]\n\t"
-        "subs  r3, r3, r9\n\t"
-        "sbcs  r4, r4, r10\n\t"
-        "sbcs  r5, r5, r11\n\t"
-        "sbcs  r6, r6, r14\n\t"
-        "str   r4, [sp, #32]\n\t"
-        "str   r5, [sp, #36]\n\t"
-        "str   r6, [sp, #40]\n\t"
-        "ldr   r3, [sp, #44]\n\t"
-        "ldr   r4, [sp, #48]\n\t"
-        "ldr   r5, [sp, #52]\n\t"
-        "ldr   r6, [sp, #56]\n\t"
-        "ldr   r8, [sp, #60]\n\t"
-        "ldr   r9, [sp, #16]\n\t"
-        "ldr   r10, [sp, #20]\n\t"
-        "ldr   r11, [sp, #24]\n\t"
-        "ldr   r14, [sp, #28]\n\t"
-        "sbcs  r3, r3, r9\n\t"
-        "sbcs  r4, r4, r10\n\t"
-        "sbcs  r5, r5, r11\n\t"
-        "sbcs  r6, r6, r14\n\t"
-        "sbc   r8, r8, #0\n\t"
-        "str   r3, [sp, #44]\n\t"
-        "str   r4, [sp, #48]\n\t"
-        "str   r5, [sp, #52]\n\t"
-        "str   r6, [sp, #56]\n\t"
-        "str   r8, [sp, #60]\n\t"
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "ADDS	r0, r0, r5\n\t"
+        "ADCS	r1, r1, r6\n\t"
+        "ADCS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "ADD	r0, sp, #0x20\n\t"
+        "LDM	r0, {r2, r3, r4}\n\t"
+        "ADDS	r2, r2, lr\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
+        "ADDS	r0, r0, lr\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r8\n\t"
+        "ADCS	r1, r1, r9\n\t"
+        "ADCS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r10\n\t"
+        "ADCS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r0, [sp, #44]\n\t"
+        "STR	r1, [sp, #48]\n\t"
+        "STR	r2, [sp, #52]\n\t"
+        "STR	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "ADD	r0, sp, #0x1c\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "SUBS	r0, r0, r5\n\t"
+        "SBCS	r1, r1, r6\n\t"
+        "SBCS	r2, r2, r7\n\t"
+        "SBCS	r3, r3, r8\n\t"
+        "ADD	r0, sp, #0x2c\n\t"
+        "MOV	r8, r4\n\t"
+        "LDM	r0, {r4, r5, r6, r7}\n\t"
+        "SBCS	r4, r4, r9\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, r11\n\t"
+        "SBCS	r7, r7, r12\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
         /* mask m and sub from result if overflow */
-        "sub   %[b], %[a], %[b]\n\t"
-        "and   %[a], %[b], #1\n\t"
-        "ldr       r3, [sp, #32]\n\t"
-        "ldr       r4, [sp, #36]\n\t"
-        "ldr       r5, [sp, #40]\n\t"
-        "ldr       r6, [sp, #44]\n\t"
-        "ldr       r8, [sp, #48]\n\t"
-        "ldr       r9, [sp, #52]\n\t"
-        "ldr       r10, [sp, #56]\n\t"
-        "ldr       r11, [sp, #60]\n\t"
-        "subs      r3, r3, %[b]\n\t"
-        "sbcs      r4, r4, %[b]\n\t"
-        "sbcs      r5, r5, %[b]\n\t"
-        "sbcs      r6, r6, #0\n\t"
-        "sbcs      r8, r8, #0\n\t"
-        "sbcs      r9, r9, #0\n\t"
-        "sbcs      r10, r10, %[a]\n\t"
-        "sbc       r11, r11, %[b]\n\t"
-        "str       r3, [%[r], #0]\n\t"
-        "str       r4, [%[r], #4]\n\t"
-        "str       r5, [%[r], #8]\n\t"
-        "str       r6, [%[r], #12]\n\t"
-        "str       r8, [%[r], #16]\n\t"
-        "str       r9, [%[r], #20]\n\t"
-        "str       r10, [%[r], #24]\n\t"
-        "str       r11, [%[r], #28]\n\t"
-        "add   sp, sp, #68\n\t"
-        : [a] "+r" (a), [b] "+r" (b)
-        : [r] "r" (r)
-        : "memory", "r9", "r10", "r11", "r14", "r3", "r4", "r5", "r6", "r8"
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r1, r1, lr\n\t"
+        "SBCS	r2, r2, lr\n\t"
+        "SBCS	r3, r3, lr\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, lr, LSR #31\n\t"
+        "SBC	r8, r8, lr\n\t"
+        "LDR	%[r], [sp, #68]\n\t"
+        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x4c\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r10", "r11", "r12", "r7", "r8", "r9", "lr", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
+    (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
+#endif
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
  *
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)mp;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[r], [sp, #64]\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        /* A[0] * A[1] */
+        "LDR	lr, [%[a], #4]\n\t"
+        "UMULL	r4, r5, r12, lr\n\t"
+        /* A[0] * A[3] */
+        "LDR	lr, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r12, lr\n\t"
+        /* A[0] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r12, lr\n\t"
+        /* A[0] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "UMULL	r10, r3, r12, lr\n\t"
+        /* A[0] * A[2] */
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[0] * A[4] */
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[0] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[1] * A[2] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "LDR	lr, [%[a], #8]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "STR	r6, [sp, #12]\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[1] * A[3] */
+        "LDR	lr, [%[a], #12]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, lr\n\t"
+        "STR	r7, [sp, #16]\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[1] * A[4] */
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[1] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[1] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[1] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r4, %[r], #0x0\n\t"
+        "UMLAL	r3, r4, r12, lr\n\t"
+        /* A[2] * A[3] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "LDR	lr, [%[a], #12]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r8, r11, r12, lr\n\t"
+        "STR	r8, [sp, #20]\n\t"
+        "ADDS	r9, r9, r11\n\t"
+        /* A[2] * A[4] */
+        "LDR	lr, [%[a], #16]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, lr\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        /* A[2] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[2] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[2] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r5, %[r], #0x0\n\t"
+        "UMLAL	r4, r5, r12, lr\n\t"
+        /* A[3] * A[4] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "LDR	lr, [%[a], #16]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r10, r11, r12, lr\n\t"
+        "STR	r10, [sp, #28]\n\t"
+        "ADDS	r3, r3, r11\n\t"
+        /* A[3] * A[5] */
+        "LDR	lr, [%[a], #20]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, lr\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[3] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[3] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r6, %[r], #0x0\n\t"
+        "UMLAL	r5, r6, r12, lr\n\t"
+        /* A[4] * A[5] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "LDR	lr, [%[a], #20]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r4, r11, r12, lr\n\t"
+        "ADDS	r5, r5, r11\n\t"
+        /* A[4] * A[6] */
+        "LDR	lr, [%[a], #24]\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, lr\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[4] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r7, %[r], #0x0\n\t"
+        "UMLAL	r6, r7, r12, lr\n\t"
+        /* A[5] * A[6] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "LDR	lr, [%[a], #24]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "UMLAL	r6, r11, r12, lr\n\t"
+        "ADDS	r7, r7, r11\n\t"
+        /* A[5] * A[7] */
+        "LDR	lr, [%[a], #28]\n\t"
+        "ADC	r8, %[r], #0x0\n\t"
+        "UMLAL	r7, r8, r12, lr\n\t"
+        /* A[6] * A[7] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "LDR	lr, [%[a], #28]\n\t"
+        "MOV	r9, #0x0\n\t"
+        "UMLAL	r8, r9, r12, lr\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "STM	lr!, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADCS	r3, r3, r3\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADC	r10, %[r], #0x0\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "ADD	lr, sp, #0x4\n\t"
+        "LDM	lr, {r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "MOV	lr, sp\n\t"
+        /* A[0] * A[0] */
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[1] * A[1] */
+        "LDR	r12, [%[a], #4]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[2] * A[2] */
+        "LDR	r12, [%[a], #8]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[3] * A[3] */
+        "LDR	r12, [%[a], #12]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r9, r11, r12, r12\n\t"
+        "ADDS	r10, r10, r11\n\t"
+        "STM	lr!, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        "LDM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* A[4] * A[4] */
+        "LDR	r12, [%[a], #16]\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r3, r11, r12, r12\n\t"
+        "ADDS	r4, r4, r11\n\t"
+        /* A[5] * A[5] */
+        "LDR	r12, [%[a], #20]\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r5, r11, r12, r12\n\t"
+        "ADDS	r6, r6, r11\n\t"
+        /* A[6] * A[6] */
+        "LDR	r12, [%[a], #24]\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADC	r11, %[r], #0x0\n\t"
+        "UMLAL	r7, r11, r12, r12\n\t"
+        "ADDS	r8, r8, r11\n\t"
+        /* A[7] * A[7] */
+        "LDR	r12, [%[a], #28]\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADC	r10, r10, #0x0\n\t"
+        "UMLAL	r9, r10, r12, r12\n\t"
+        "ADD	lr, sp, #0x20\n\t"
+        "STM	lr, {r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
+        /* Start Reduction */
+        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "MOV	r3, r11\n\t"
+        "MOV	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "SUB	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "MOV	r0, r8\n\t"
+        "MOV	r1, r9\n\t"
+        "MOV	r2, r10\n\t"
+        "ADDS	r8, r8, r5\n\t"
+        "ADCS	r9, r9, r6\n\t"
+        "ADCS	r10, r10, r7\n\t"
+        "ADCS	r11, r11, r0\n\t"
+        "ADC	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "ADDS	r0, r0, r5\n\t"
+        "ADCS	r1, r1, r6\n\t"
+        "ADCS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "ADD	r0, sp, #0x20\n\t"
+        "LDM	r0, {r2, r3, r4}\n\t"
+        "ADDS	r2, r2, lr\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
+        "ADDS	r0, r0, lr\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r8\n\t"
+        "ADCS	r1, r1, r9\n\t"
+        "ADCS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r10\n\t"
+        "ADCS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r0, [sp, #44]\n\t"
+        "STR	r1, [sp, #48]\n\t"
+        "STR	r2, [sp, #52]\n\t"
+        "STR	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "ADD	r0, sp, #0x1c\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "SUBS	r0, r0, r5\n\t"
+        "SBCS	r1, r1, r6\n\t"
+        "SBCS	r2, r2, r7\n\t"
+        "SBCS	r3, r3, r8\n\t"
+        "ADD	r0, sp, #0x2c\n\t"
+        "MOV	r8, r4\n\t"
+        "LDM	r0, {r4, r5, r6, r7}\n\t"
+        "SBCS	r4, r4, r9\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, r11\n\t"
+        "SBCS	r7, r7, r12\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
+        /* mask m and sub from result if overflow */
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r1, r1, lr\n\t"
+        "SBCS	r2, r2, lr\n\t"
+        "SBCS	r3, r3, lr\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, lr, LSR #31\n\t"
+        "SBC	r8, r8, lr\n\t"
+        "LDR	%[r], [sp, #64]\n\t"
+        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
     (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
+    (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+}
+
+#else
+/* Square the Montgomery form number mod the modulus (prime). (r = a * a mod m)
+ *
+ * r   Result of squaring.
+ * a   Number to square in Montgomery form.
+ * m   Modulus (prime).
+ * mp  Montgomery multiplier.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "sub   sp, sp, #68\n\t"
-        "mov   r5, #0\n\t"
-        /*  A[0] * A[1] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #4]\n\t"
-        "umull     r10, r11, r6, r8\n\t"
-        "str r10, [sp, #4]\n\t"
-        /*  A[0] * A[2] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #8]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adc r14, r4, #0\n\t"
-        "str r11, [sp, #8]\n\t"
-        /*  A[0] * A[3] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #12]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adc r9, r4, #0\n\t"
-        /*  A[1] * A[2] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #8]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, #0\n\t"
-        "str r14, [sp, #12]\n\t"
-        /*  A[0] * A[4] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #16]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adc r10, r4, r10\n\t"
-        /*  A[1] * A[3] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #12]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adcs r10, r4, r10\n\t"
-        "adc   r11, r5, #0\n\t"
-        "str r9, [sp, #16]\n\t"
-        /*  A[0] * A[5] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #20]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adc r11, r4, r11\n\t"
-        /*  A[1] * A[4] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #16]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adcs r11, r4, r11\n\t"
-        "adc   r14, r5, #0\n\t"
-        /*  A[2] * A[3] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "ldr       r8, [%[a], #12]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adcs r11, r4, r11\n\t"
-        "adc   r14, r5, r14\n\t"
-        "str r10, [sp, #20]\n\t"
-        /*  A[0] * A[6] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adcs r14, r4, r14\n\t"
-        "adc   r9, r5, #0\n\t"
-        /*  A[1] * A[5] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #20]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adcs r14, r4, r14\n\t"
-        "adc   r9, r5, r9\n\t"
-        /*  A[2] * A[4] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "ldr       r8, [%[a], #16]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adcs r14, r4, r14\n\t"
-        "adc   r9, r5, r9\n\t"
-        "str r11, [sp, #24]\n\t"
-        /*  A[0] * A[7] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, #0\n\t"
-        /*  A[1] * A[6] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, r10\n\t"
-        /*  A[2] * A[5] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "ldr       r8, [%[a], #20]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, r10\n\t"
-        /*  A[3] * A[4] */
-        "ldr       r6, [%[a], #12]\n\t"
-        "ldr       r8, [%[a], #16]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, r10\n\t"
-        "str r14, [sp, #28]\n\t"
-        /*  A[1] * A[7] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adcs r10, r4, r10\n\t"
-        "adc   r11, r5, #0\n\t"
-        /*  A[2] * A[6] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adcs r10, r4, r10\n\t"
-        "adc   r11, r5, r11\n\t"
-        /*  A[3] * A[5] */
-        "ldr       r6, [%[a], #12]\n\t"
-        "ldr       r8, [%[a], #20]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adcs r10, r4, r10\n\t"
-        "adc   r11, r5, r11\n\t"
-        "str r9, [sp, #32]\n\t"
-        /*  A[2] * A[7] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adcs r11, r4, r11\n\t"
-        "adc   r14, r5, #0\n\t"
-        /*  A[3] * A[6] */
-        "ldr       r6, [%[a], #12]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adcs r11, r4, r11\n\t"
-        "adc   r14, r5, r14\n\t"
-        /*  A[4] * A[5] */
-        "ldr       r6, [%[a], #16]\n\t"
-        "ldr       r8, [%[a], #20]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adcs r11, r4, r11\n\t"
-        "adc   r14, r5, r14\n\t"
-        "str r10, [sp, #36]\n\t"
-        /*  A[3] * A[7] */
-        "ldr       r6, [%[a], #12]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adcs r14, r4, r14\n\t"
-        "adc   r9, r5, #0\n\t"
-        /*  A[4] * A[6] */
-        "ldr       r6, [%[a], #16]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r11, r3, r11\n\t"
-        "adcs r14, r4, r14\n\t"
-        "adc   r9, r5, r9\n\t"
-        "str r11, [sp, #40]\n\t"
-        /*  A[4] * A[7] */
-        "ldr       r6, [%[a], #16]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, #0\n\t"
-        /*  A[5] * A[6] */
-        "ldr       r6, [%[a], #20]\n\t"
-        "ldr       r8, [%[a], #24]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r14, r3, r14\n\t"
-        "adcs r9, r4, r9\n\t"
-        "adc   r10, r5, r10\n\t"
-        "str r14, [sp, #44]\n\t"
-        /*  A[5] * A[7] */
-        "ldr       r6, [%[a], #20]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r9, r3, r9\n\t"
-        "adcs r10, r4, r10\n\t"
-        "adc   r11, r5, #0\n\t"
-        "str r9, [sp, #48]\n\t"
-        /*  A[6] * A[7] */
-        "ldr       r6, [%[a], #24]\n\t"
-        "ldr       r8, [%[a], #28]\n\t"
-        "umull     r3, r4, r6, r8\n\t"
-        "adds  r10, r3, r10\n\t"
-        "adc r11, r4, r11\n\t"
-        "str r10, [sp, #52]\n\t"
-        "str   r11, [sp, #56]\n\t"
-        /*  Double */
-        "ldr       r4, [sp, #4]\n\t"
-        "ldr       r6, [sp, #8]\n\t"
-        "ldr       r8, [sp, #12]\n\t"
-        "ldr       r9, [sp, #16]\n\t"
-        "ldr       r10, [sp, #20]\n\t"
-        "ldr       r11, [sp, #24]\n\t"
-        "ldr       r14, [sp, #28]\n\t"
-        "ldr       r12, [sp, #32]\n\t"
-        "ldr       r3, [sp, #36]\n\t"
-        "adds        r4, r4, r4\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r11, r11, r11\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "adcs      r12, r12, r12\n\t"
-        "adcs      r3, r3, r3\n\t"
-        "str       r4, [sp, #4]\n\t"
-        "str       r6, [sp, #8]\n\t"
-        "str       r8, [sp, #12]\n\t"
-        "str       r9, [sp, #16]\n\t"
-        "str       r10, [sp, #20]\n\t"
-        "str       r11, [sp, #24]\n\t"
-        "str       r14, [sp, #28]\n\t"
-        "str       r12, [sp, #32]\n\t"
-        "str       r3, [sp, #36]\n\t"
-        "ldr       r4, [sp, #40]\n\t"
-        "ldr       r6, [sp, #44]\n\t"
-        "ldr       r8, [sp, #48]\n\t"
-        "ldr       r9, [sp, #52]\n\t"
-        "ldr       r10, [sp, #56]\n\t"
-        "adcs        r4, r4, r4\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "str       r4, [sp, #40]\n\t"
-        "str       r6, [sp, #44]\n\t"
-        "str       r8, [sp, #48]\n\t"
-        "str       r9, [sp, #52]\n\t"
-        "str       r10, [sp, #56]\n\t"
-        "adc   r11, r5, #0\n\t"
-        "str   r11, [sp, #60]\n\t"
-        "ldr       r4, [sp, #4]\n\t"
-        "ldr       r5, [sp, #8]\n\t"
-        "ldr       r12, [sp, #12]\n\t"
-        /*  A[0] * A[0] */
-        "ldr       r6, [%[a], #0]\n\t"
-        "umull     r9, r10, r6, r6\n\t"
-        /*  A[1] * A[1] */
-        "ldr       r6, [%[a], #4]\n\t"
-        "umull     r11, r14, r6, r6\n\t"
-        "adds      r10, r10, r4\n\t"
-        "adcs      r11, r11, r5\n\t"
-        "adcs      r14, r14, r12\n\t"
-        "str       r9, [sp, #0]\n\t"
-        "str       r10, [sp, #4]\n\t"
-        "str       r11, [sp, #8]\n\t"
-        "str       r14, [sp, #12]\n\t"
-        "ldr       r3, [sp, #16]\n\t"
-        "ldr       r4, [sp, #20]\n\t"
-        "ldr       r5, [sp, #24]\n\t"
-        "ldr       r12, [sp, #28]\n\t"
-        /*  A[2] * A[2] */
-        "ldr       r6, [%[a], #8]\n\t"
-        "umull     r9, r10, r6, r6\n\t"
-        /*  A[3] * A[3] */
-        "ldr       r6, [%[a], #12]\n\t"
-        "umull     r11, r14, r6, r6\n\t"
-        "adcs      r9, r9, r3\n\t"
-        "adcs      r10, r10, r4\n\t"
-        "adcs      r11, r11, r5\n\t"
-        "adcs      r14, r14, r12\n\t"
-        "str       r9, [sp, #16]\n\t"
-        "str       r10, [sp, #20]\n\t"
-        "str       r11, [sp, #24]\n\t"
-        "str       r14, [sp, #28]\n\t"
-        "ldr       r3, [sp, #32]\n\t"
-        "ldr       r4, [sp, #36]\n\t"
-        "ldr       r5, [sp, #40]\n\t"
-        "ldr       r12, [sp, #44]\n\t"
-        /*  A[4] * A[4] */
-        "ldr       r6, [%[a], #16]\n\t"
-        "umull     r9, r10, r6, r6\n\t"
-        /*  A[5] * A[5] */
-        "ldr       r6, [%[a], #20]\n\t"
-        "umull     r11, r14, r6, r6\n\t"
-        "adcs      r9, r9, r3\n\t"
-        "adcs      r10, r10, r4\n\t"
-        "adcs      r11, r11, r5\n\t"
-        "adcs      r14, r14, r12\n\t"
-        "str       r9, [sp, #32]\n\t"
-        "str       r10, [sp, #36]\n\t"
-        "str       r11, [sp, #40]\n\t"
-        "str       r14, [sp, #44]\n\t"
-        "ldr       r3, [sp, #48]\n\t"
-        "ldr       r4, [sp, #52]\n\t"
-        "ldr       r5, [sp, #56]\n\t"
-        "ldr       r12, [sp, #60]\n\t"
-        /*  A[6] * A[6] */
-        "ldr       r6, [%[a], #24]\n\t"
-        "umull     r9, r10, r6, r6\n\t"
-        /*  A[7] * A[7] */
-        "ldr       r6, [%[a], #28]\n\t"
-        "umull     r11, r14, r6, r6\n\t"
-        "adcs      r9, r9, r3\n\t"
-        "adcs      r10, r10, r4\n\t"
-        "adcs      r11, r11, r5\n\t"
-        "adc       r14, r14, r12\n\t"
-        "str       r9, [sp, #48]\n\t"
-        "str       r10, [sp, #52]\n\t"
-        "str       r11, [sp, #56]\n\t"
-        "str       r14, [sp, #60]\n\t"
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[r], [sp, #64]\n\t"
+        "LDM	%[a], {r0, r1, r2, r3, r4, r5, r6, r7}\n\t"
+        "UMULL	r9, r10, r0, r0\n\t"
+        "UMULL	r11, r12, r0, r1\n\t"
+        "ADDS	r11, r11, r11\n\t"
+        "MOV	lr, #0x0\n\t"
+        "UMAAL	r10, r11, lr, lr\n\t"
+        "STM	sp, {r9, r10}\n\t"
+        "MOV	r8, lr\n\t"
+        "UMAAL	r8, r12, r0, r2\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r8, r11, r1, r1\n\t"
+        "UMULL	r9, r10, r0, r3\n\t"
+        "UMAAL	r9, r12, r1, r2\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STRD	r8, r9, [sp, #8]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r10, r0, r4\n\t"
+        "UMAAL	r9, r12, r1, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r2, r2\n\t"
+        "STR	r9, [sp, #16]\n\t"
+        "UMULL	r9, r8, r0, r5\n\t"
+        "UMAAL	r9, r12, r1, r4\n\t"
+        "UMAAL	r9, r10, r2, r3\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, lr, lr\n\t"
+        "STR	r9, [sp, #20]\n\t"
+        "MOV	r9, lr\n\t"
+        "UMAAL	r9, r8, r0, r6\n\t"
+        "UMAAL	r9, r12, r1, r5\n\t"
+        "UMAAL	r9, r10, r2, r4\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r11, r3, r3\n\t"
+        "STR	r9, [sp, #24]\n\t"
+        "UMULL	r0, r9, r0, r7\n\t"
+        "UMAAL	r0, r8, r1, r6\n\t"
+        "UMAAL	r0, r12, r2, r5\n\t"
+        "UMAAL	r0, r10, r3, r4\n\t"
+        "ADCS	r0, r0, r0\n\t"
+        "UMAAL	r0, r11, lr, lr\n\t"
+        /* R[7] = r0 */
+        "UMAAL	r9, r8, r1, r7\n\t"
+        "UMAAL	r9, r10, r2, r6\n\t"
+        "UMAAL	r12, r9, r3, r5\n\t"
+        "ADCS	r12, r12, r12\n\t"
+        "UMAAL	r12, r11, r4, r4\n\t"
+        /* R[8] = r12 */
+        "UMAAL	r9, r8, r2, r7\n\t"
+        "UMAAL	r10, r9, r3, r6\n\t"
+        "MOV	r2, lr\n\t"
+        "UMAAL	r10, r2, r4, r5\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "UMAAL	r11, r10, lr, lr\n\t"
+        /* R[9] = r11 */
+        "UMAAL	r2, r8, r3, r7\n\t"
+        "UMAAL	r2, r9, r4, r6\n\t"
+        "ADCS	r3, r2, r2\n\t"
+        "UMAAL	r10, r3, r5, r5\n\t"
+        /* R[10] = r10 */
+        "MOV	r1, lr\n\t"
+        "UMAAL	r1, r8, r4, r7\n\t"
+        "UMAAL	r1, r9, r5, r6\n\t"
+        "ADCS	r4, r1, r1\n\t"
+        "UMAAL	r3, r4, lr, lr\n\t"
+        /* R[11] = r3 */
+        "UMAAL	r8, r9, r5, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "UMAAL	r4, r8, r6, r6\n\t"
+        /* R[12] = r4 */
+        "MOV	r5, lr\n\t"
+        "UMAAL	r5, r9, r6, r7\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "UMAAL	r8, r5, lr, lr\n\t"
+        /* R[13] = r8 */
+        "ADCS	r9, r9, r9\n\t"
+        "UMAAL	r9, r5, r7, r7\n\t"
+        "ADCS	r7, r5, lr\n\t"
+        /* R[14] = r9 */
+        /* R[15] = r7 */
+        "MOV	lr, sp\n\t"
+        "ADD	lr, lr, #0x1c\n\t"
+        "STM	lr!, {r0, r12}\n\t"
+        "STM	lr!, {r11}\n\t"
+        "STM	lr!, {r10}\n\t"
+        "STM	lr!, {r3, r4, r8, r9}\n\t"
+        "STM	lr!, {r7}\n\t"
         /* Start Reduction */
-        "ldr r4, [sp, #0]\n\t"
-        "ldr r5, [sp, #4]\n\t"
-        "ldr r6, [sp, #8]\n\t"
-        "ldr r8, [sp, #12]\n\t"
-        "ldr r9, [sp, #16]\n\t"
-        "ldr r10, [sp, #20]\n\t"
-        "ldr r11, [sp, #24]\n\t"
-        "ldr r14, [sp, #28]\n\t"
+        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "MOV	r3, r11\n\t"
+        "MOV	r4, r12\n\t"
         /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
         /*    - a[0] << 224 */
         /*   + (a[0]-a[1] * 2) << (6 * 32) */
-        "adds  r11, r11, r4\n\t"
-        "adc   r14, r14, r5\n\t"
-        "adds  r11, r11, r4\n\t"
-        "adc   r14, r14, r5\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
         /*   - a[0] << (7 * 32) */
-        "sub   r14, r14, r4\n\t"
+        "SUB	r12, r12, r5\n\t"
         /*   + a[0]-a[4] << (3 * 32) */
-        "mov   %[a], r8\n\t"
-        "mov   r12, r9\n\t"
-        "adds  r8, r8, r4\n\t"
-        "adcs  r9, r9, r5\n\t"
-        "adcs  r10, r10, r6\n\t"
-        "adcs  r11, r11, %[a]\n\t"
-        "adc   r14, r14, r12\n\t"
-        "str r4, [sp, #0]\n\t"
-        "str r5, [sp, #4]\n\t"
-        "str r6, [sp, #8]\n\t"
-        "str r8, [sp, #12]\n\t"
-        "str r9, [sp, #16]\n\t"
-        "str r10, [sp, #20]\n\t"
+        "MOV	r0, r8\n\t"
+        "MOV	r1, r9\n\t"
+        "MOV	r2, r10\n\t"
+        "ADDS	r8, r8, r5\n\t"
+        "ADCS	r9, r9, r6\n\t"
+        "ADCS	r10, r10, r7\n\t"
+        "ADCS	r11, r11, r0\n\t"
+        "ADC	r12, r12, r1\n\t"
         /* a += mu * m */
         /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
-        "mov   %[a], #0\n\t"
-        /* a[6] +=        t[0] + t[3] */
-        "ldr   r3, [sp, #24]\n\t"
-        "adds  r3, r3, r4\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r11, [sp, #24]\n\t"
-        /* a[7] +=        t[1] + t[4] */
-        "ldr   r3, [sp, #28]\n\t"
-        "adds  r3, r3, r12\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r5\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r9\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r14, [sp, #28]\n\t"
-        "str   r3, [sp, #64]\n\t"
-        /* a[8] += t[0] + t[2] + t[5] */
-        "ldr   r3, [sp, #32]\n\t"
-        "adds  r3, r3, r12\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r4\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r6\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r10\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r3, [sp, #32]\n\t"
-        /* a[9]  += t[1] + t[3] + t[6] */
-        /* a[10] += t[2] + t[4] + t[7] */
-        "ldr   r3, [sp, #36]\n\t"
-        "ldr   r4, [sp, #40]\n\t"
-        "adds  r3, r3, r12\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r5\n\t"
-        "adcs  r4, r4, r6\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adcs  r4, r4, r9\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r11\n\t"
-        "adcs  r4, r4, r14\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r3, [sp, #36]\n\t"
-        "str   r4, [sp, #40]\n\t"
-        /* a[11] += t[3] + t[5] */
-        /* a[12] += t[4] + t[6] */
-        /* a[13] += t[5] + t[7] */
-        /* a[14] += t[6] */
-        "ldr   r3, [sp, #44]\n\t"
-        "ldr   r4, [sp, #48]\n\t"
-        "ldr   r5, [sp, #52]\n\t"
-        "ldr   r6, [sp, #56]\n\t"
-        "adds  r3, r3, r12\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adcs  r5, r5, #0\n\t"
-        "adcs  r6, r6, #0\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r8\n\t"
-        "adcs  r4, r4, r9\n\t"
-        "adcs  r5, r5, r10\n\t"
-        "adcs  r6, r6, r11\n\t"
-        "adc   r12, r12, #0\n\t"
-        "adds  r3, r3, r10\n\t"
-        "adcs  r4, r4, r11\n\t"
-        "adcs  r5, r5, r14\n\t"
-        "adcs  r6, r6, #0\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r3, [sp, #44]\n\t"
-        "str   r4, [sp, #48]\n\t"
-        "str   r5, [sp, #52]\n\t"
-        "str   r6, [sp, #56]\n\t"
-        /* a[15] += t[7] */
-        "ldr   r3, [sp, #60]\n\t"
-        "adds  r3, r3, r12\n\t"
-        "adc   r12, %[a], #0\n\t"
-        "adds  r3, r3, r14\n\t"
-        "adc   r12, r12, #0\n\t"
-        "str   r3, [sp, #60]\n\t"
-        "ldr   r3, [sp, #64]\n\t"
-        "ldr   r4, [sp, #32]\n\t"
-        "ldr   r5, [sp, #36]\n\t"
-        "ldr   r6, [sp, #40]\n\t"
-        "ldr   r9, [sp, #0]\n\t"
-        "ldr   r10, [sp, #4]\n\t"
-        "ldr   r11, [sp, #8]\n\t"
-        "ldr   r14, [sp, #12]\n\t"
-        "subs  r3, r3, r9\n\t"
-        "sbcs  r4, r4, r10\n\t"
-        "sbcs  r5, r5, r11\n\t"
-        "sbcs  r6, r6, r14\n\t"
-        "str   r4, [sp, #32]\n\t"
-        "str   r5, [sp, #36]\n\t"
-        "str   r6, [sp, #40]\n\t"
-        "ldr   r3, [sp, #44]\n\t"
-        "ldr   r4, [sp, #48]\n\t"
-        "ldr   r5, [sp, #52]\n\t"
-        "ldr   r6, [sp, #56]\n\t"
-        "ldr   r8, [sp, #60]\n\t"
-        "ldr   r9, [sp, #16]\n\t"
-        "ldr   r10, [sp, #20]\n\t"
-        "ldr   r11, [sp, #24]\n\t"
-        "ldr   r14, [sp, #28]\n\t"
-        "sbcs  r3, r3, r9\n\t"
-        "sbcs  r4, r4, r10\n\t"
-        "sbcs  r5, r5, r11\n\t"
-        "sbcs  r6, r6, r14\n\t"
-        "sbc   r8, r8, #0\n\t"
-        "str   r3, [sp, #44]\n\t"
-        "str   r4, [sp, #48]\n\t"
-        "str   r5, [sp, #52]\n\t"
-        "str   r6, [sp, #56]\n\t"
-        "str   r8, [sp, #60]\n\t"
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "ADDS	r0, r0, r5\n\t"
+        "ADCS	r1, r1, r6\n\t"
+        "ADCS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "ADD	r0, sp, #0x20\n\t"
+        "LDM	r0, {r2, r3, r4}\n\t"
+        "ADDS	r2, r2, lr\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
+        "ADDS	r0, r0, lr\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r8\n\t"
+        "ADCS	r1, r1, r9\n\t"
+        "ADCS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r10\n\t"
+        "ADCS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r0, [sp, #44]\n\t"
+        "STR	r1, [sp, #48]\n\t"
+        "STR	r2, [sp, #52]\n\t"
+        "STR	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "ADD	r0, sp, #0x1c\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "SUBS	r0, r0, r5\n\t"
+        "SBCS	r1, r1, r6\n\t"
+        "SBCS	r2, r2, r7\n\t"
+        "SBCS	r3, r3, r8\n\t"
+        "ADD	r0, sp, #0x2c\n\t"
+        "MOV	r8, r4\n\t"
+        "LDM	r0, {r4, r5, r6, r7}\n\t"
+        "SBCS	r4, r4, r9\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, r11\n\t"
+        "SBCS	r7, r7, r12\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
         /* mask m and sub from result if overflow */
-        "sub   r12, %[a], r12\n\t"
-        "and   %[a], r12, #1\n\t"
-        "ldr       r3, [sp, #32]\n\t"
-        "ldr       r4, [sp, #36]\n\t"
-        "ldr       r5, [sp, #40]\n\t"
-        "ldr       r6, [sp, #44]\n\t"
-        "ldr       r8, [sp, #48]\n\t"
-        "ldr       r9, [sp, #52]\n\t"
-        "ldr       r10, [sp, #56]\n\t"
-        "ldr       r11, [sp, #60]\n\t"
-        "subs      r3, r3, r12\n\t"
-        "sbcs      r4, r4, r12\n\t"
-        "sbcs      r5, r5, r12\n\t"
-        "sbcs      r6, r6, #0\n\t"
-        "sbcs      r8, r8, #0\n\t"
-        "sbcs      r9, r9, #0\n\t"
-        "sbcs      r10, r10, %[a]\n\t"
-        "sbc       r11, r11, r12\n\t"
-        "str       r3, [%[r], #0]\n\t"
-        "str       r4, [%[r], #4]\n\t"
-        "str       r5, [%[r], #8]\n\t"
-        "str       r6, [%[r], #12]\n\t"
-        "str       r8, [%[r], #16]\n\t"
-        "str       r9, [%[r], #20]\n\t"
-        "str       r10, [%[r], #24]\n\t"
-        "str       r11, [%[r], #28]\n\t"
-        "add   sp, sp, #68\n\t"
-        : [a] "+r" (a)
-        : [r] "r" (r)
-        : "memory", "r9", "r10", "r11", "r14", "r3", "r4", "r5", "r6", "r8", "r12"
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r1, r1, lr\n\t"
+        "SBCS	r2, r2, lr\n\t"
+        "SBCS	r3, r3, lr\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, lr, LSR #31\n\t"
+        "SBC	r8, r8, lr\n\t"
+        "LDR	%[r], [sp, #64]\n\t"
+        "STM	%[r], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
+    (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
+#endif
 #if !defined(WOLFSSL_SP_SMALL) || defined(HAVE_COMP_KEY)
 /* Square the Montgomery form number a number of times. (r = a ^ n mod m)
  *
@@ -18378,10 +33823,10 @@ SP_NOINLINE static void sp_256_mont_sqr_8(sp_digit* r, const sp_digit* a, const
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_8(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_8(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_8(r, a, m, mp);
     for (; n > 1; n--) {
@@ -18474,44 +33919,137 @@ static void sp_256_mont_inv_8(sp_digit* r, const sp_digit* a, sp_digit* td)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_256_cmp_8(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #28\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x1c\n\t"
+        "\n"
+    "L_sp_256_cmp_8_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_256_cmp_8_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Normalize the values in each word to 32.
@@ -18520,6 +34058,7 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
  */
 #define sp_256_norm_8(a)
 
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -18528,265 +34067,695 @@ SP_NOINLINE static sp_int32 sp_256_cmp_8(const sp_digit* a, const sp_digit* b)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #32\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_256_cond_sub_8_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_256_cond_sub_8_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_256_cond_sub_8_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_cond_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_256_cond_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_SP_SMALL
+#define sp_256_mont_reduce_order_8    sp_256_mont_reduce_8
+
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)mp;
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r2, #0\n\t"
-        "mov	r1, #0\n\t"
+        "LDR	lr, [%[m]]\n\t"
         /* i = 0 */
-        "mov	r9, r2\n\t"
-        "\n1:\n\t"
-        "mov	r4, #0\n\t"
-        /* mu = a[i] * 1 (mp) = a[i] */
-        "ldr	r3, [%[a]]\n\t"
-        /* a[i] += -1 * mu = -1 * a[i] => a[i] = 0 no carry */
-        /* a[i+1] += -1 * mu */
-        "ldr	r6, [%[a], #4]\n\t"
-        "mov	r5, #0\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r2\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        /* a[i+2] += -1 * mu */
-        "ldr	r6, [%[a], #8]\n\t"
-        "mov	r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r4, r4, r2\n\t"
-        "str	r5, [%[a], #8]\n\t"
-        /* a[i+3] += 0 * mu */
-        "ldr	r6, [%[a], #12]\n\t"
-        "mov	r5, #0\n\t"
-        "adds	r4, r4, r3\n\t"
-        "adc	r5, r5, r2\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r2\n\t"
-        "str	r4, [%[a], #12]\n\t"
-        /* a[i+4] += 0 * mu */
-        "ldr	r6, [%[a], #16]\n\t"
-        "mov	r4, #0\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r4, r4, r2\n\t"
-        "str	r5, [%[a], #16]\n\t"
-        /* a[i+5] += 0 * mu */
-        "ldr	r6, [%[a], #20]\n\t"
-        "mov	r5, #0\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adc	r5, r5, r2\n\t"
-        "str	r4, [%[a], #20]\n\t"
-        /* a[i+6] += 1 * mu */
-        "ldr	r6, [%[a], #24]\n\t"
-        "mov	r4, #0\n\t"
-        "adds	r5, r5, r3\n\t"
-        "adc	r4, r4, r2\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adc	r4, r4, r2\n\t"
-        "str	r5, [%[a], #24]\n\t"
-        /* a[i+7] += -1 * mu */
-        "ldr	r6, [%[a], #28]\n\t"
-        "ldr	r8, [%[a], #32]\n\t"
-        "adds	r5, r1, r3\n\t"
-        "mov	r1, #0\n\t"
-        "adc	r1, r1, r2\n\t"
-        "subs	r4, r4, r3\n\t"
-        "sbcs	r5, r5, r2\n\t"
-        "sbc	r1, r1, r2\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "adc	r1, r1, r2\n\t"
-        "str	r4, [%[a],  #28]\n\t"
-        "str	r5, [%[a], #32]\n\t"
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_8_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
         /* i += 1 */
-        "add	r9, r9, #1\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "mov	r6, #8\n\t"
-        "cmp	r9, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "sub	%[a], %[a], #32\n\t"
-        "mov	r3, r1\n\t"
-        "sub	r1, r1, #1\n\t"
-        "mvn	r1, r1\n\t"
-        "ldr	r4, [%[a],#32]\n\t"
-        "ldr	r5, [%[a],#36]\n\t"
-        "ldr	r6, [%[a],#40]\n\t"
-        "ldr	r8, [%[a],#44]\n\t"
-        "ldr	r9, [%[a],#48]\n\t"
-        "ldr	r10, [%[a],#52]\n\t"
-        "ldr	r11, [%[a],#56]\n\t"
-        "ldr	r14, [%[a],#60]\n\t"
-        "subs	r4, r4, r1\n\t"
-        "sbcs	r5, r5, r1\n\t"
-        "sbcs	r6, r6, r1\n\t"
-        "sbcs	r8, r8, r2\n\t"
-        "sbcs	r9, r9, r2\n\t"
-        "sbcs	r10, r10, r2\n\t"
-        "sbcs	r11, r11, r3\n\t"
-        "sbc	r14, r14, r1\n\t"
-        "str	r4, [%[a],#0]\n\t"
-        "str	r5, [%[a],#4]\n\t"
-        "str	r6, [%[a],#8]\n\t"
-        "str	r8, [%[a],#12]\n\t"
-        "str	r9, [%[a],#16]\n\t"
-        "str	r10, [%[a],#20]\n\t"
-        "str	r11, [%[a],#24]\n\t"
-        "str	r14, [%[a],#28]\n\t"
-        : [a] "+r" (a)
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x20\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_256_mont_reduce_8_word\n\t"
+#else
+        "BLT.W	L_sp_256_mont_reduce_8_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_8_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #32]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #32]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x20\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_256_mont_reduce_8_word\n\t"
+#else
+        "BLT.W	L_sp_256_mont_reduce_8_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
 
+#endif
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
+    __asm__ __volatile__ (
+        "SUB	sp, sp, #0x44\n\t"
+        "STR	%[a], [sp, #64]\n\t"
+        "MOV	lr, sp\n\t"
+        "LDM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "STM	lr!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "STM	lr, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        /* Start Reduction */
+        "LDM	sp, {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "MOV	r3, r11\n\t"
+        "MOV	r4, r12\n\t"
+        /* mu = a[0]-a[7] + a[0]-a[4] << 96 + (a[0]-a[1] * 2) << 192 */
+        /*    - a[0] << 224 */
+        /*   + (a[0]-a[1] * 2) << (6 * 32) */
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        "ADDS	r11, r11, r5\n\t"
+        "ADC	r12, r12, r6\n\t"
+        /*   - a[0] << (7 * 32) */
+        "SUB	r12, r12, r5\n\t"
+        /*   + a[0]-a[4] << (3 * 32) */
+        "MOV	r0, r8\n\t"
+        "MOV	r1, r9\n\t"
+        "MOV	r2, r10\n\t"
+        "ADDS	r8, r8, r5\n\t"
+        "ADCS	r9, r9, r6\n\t"
+        "ADCS	r10, r10, r7\n\t"
+        "ADCS	r11, r11, r0\n\t"
+        "ADC	r12, r12, r1\n\t"
+        /* a += mu * m */
+        /*   += mu * ((1 << 256) - (1 << 224) + (1 << 192) + (1 << 96) - 1) */
+        /* a[0]   =                     = t[0] */
+        /* a[1]   =                     = t[1] */
+        /* a[2]   =                     = t[2] */
+        /* a[3]  +=                t[0] = t[3] */
+        /* a[4]  +=                t[1] = t[4] */
+        /* a[5]  +=                t[2] = t[5] */
+        /* a[6]  +=         t[0] + t[3] = t[6] */
+        /* a[7]  +=         t[1] + t[4] = t[7] + t[0] */
+        "ADDS	r0, r0, r5\n\t"
+        "ADCS	r1, r1, r6\n\t"
+        "ADCS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* a[8]  +=  t[0] + t[2] + t[5] */
+        /* a[9]  +=  t[1] + t[3] + t[6] */
+        /* a[10] +=  t[2] + t[4] + t[7] */
+        "ADD	r0, sp, #0x20\n\t"
+        "LDM	r0, {r2, r3, r4}\n\t"
+        "ADDS	r2, r2, lr\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r7\n\t"
+        "ADCS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STM	r0!, {r2, r3, r4}\n\t"
+        /* a[11] +=  t[3] + t[5] + carry */
+        /* a[12] +=  t[4] + t[6] */
+        /* a[13] +=  t[5] + t[7] */
+        /* a[14] +=  t[6] */
+        /* a[15] +=  t[7] */
+        "LDM	r0, {r0, r1, r2, r3, r4}\n\t"
+        "ADDS	r0, r0, lr\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "MOV	lr, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r8\n\t"
+        "ADCS	r1, r1, r9\n\t"
+        "ADCS	r2, r2, r10\n\t"
+        "ADCS	r3, r3, r11\n\t"
+        "ADCS	r4, r4, r12\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r0, r0, r10\n\t"
+        "ADCS	r1, r1, r11\n\t"
+        "ADCS	r2, r2, r12\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "STR	r0, [sp, #44]\n\t"
+        "STR	r1, [sp, #48]\n\t"
+        "STR	r2, [sp, #52]\n\t"
+        "STR	r3, [sp, #56]\n\t"
+        /* a[7..15] - t[0..7] */
+        "ADD	r0, sp, #0x1c\n\t"
+        "LDM	r0, {r0, r1, r2, r3}\n\t"
+        "SUBS	r0, r0, r5\n\t"
+        "SBCS	r1, r1, r6\n\t"
+        "SBCS	r2, r2, r7\n\t"
+        "SBCS	r3, r3, r8\n\t"
+        "ADD	r0, sp, #0x2c\n\t"
+        "MOV	r8, r4\n\t"
+        "LDM	r0, {r4, r5, r6, r7}\n\t"
+        "SBCS	r4, r4, r9\n\t"
+        "SBCS	r5, r5, r10\n\t"
+        "SBCS	r6, r6, r11\n\t"
+        "SBCS	r7, r7, r12\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBC	lr, lr, #0x0\n\t"
+        /* mask m and sub from result if overflow */
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r1, r1, lr\n\t"
+        "SBCS	r2, r2, lr\n\t"
+        "SBCS	r3, r3, lr\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, lr, LSR #31\n\t"
+        "SBC	r8, r8, lr\n\t"
+        "LDR	%[a], [sp, #64]\n\t"
+        "STM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADD	sp, sp, #0x44\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
     (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
     (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Reduce the number back to 256 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #32\n\t"
-        "\n1:\n\t"
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_order_8_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #24\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
-#else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
         /* a[i+6] += m[6] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
         /* a[i+7] += m[7] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[7] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[7] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #24\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x20\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_256_mont_reduce_order_8_word\n\t"
+#else
+        "BLT.W	L_sp_256_mont_reduce_order_8_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 256 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_256_mont_reduce_order_8(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - ca);
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_256_mont_reduce_order_8_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #32]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #32]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x20\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_256_mont_reduce_order_8_word\n\t"
+#else
+        "BLT.W	L_sp_256_mont_reduce_order_8_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_256_cond_sub_8(a - 8, a, m, (sp_digit)0 - mp);
 }
 
+#endif
+#endif /* WOLFSSL_SP_SMALL */
 /* Map the Montgomery form projective coordinate point to an affine point.
  *
  * r  Resulting affine coordinate point.
@@ -18834,68 +34803,63 @@ static void sp_256_map_8(sp_point_256* r, const sp_point_256* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldr       r4, [%[a],#0]\n\t"
-        "ldr       r5, [%[a],#4]\n\t"
-        "ldr       r6, [%[a],#8]\n\t"
-        "ldr       r8, [%[a],#12]\n\t"
-        "ldr       r9, [%[b],#0]\n\t"
-        "ldr       r10, [%[b],#4]\n\t"
-        "ldr       r11, [%[b],#8]\n\t"
-        "ldr       r14, [%[b],#12]\n\t"
-        "adds    r4, r4, r9\n\t"
-        "adcs    r5, r5, r10\n\t"
-        "adcs    r6, r6, r11\n\t"
-        "adcs    r8, r8, r14\n\t"
-        "str       r4, [%[r],#0]\n\t"
-        "str       r5, [%[r],#4]\n\t"
-        "str       r6, [%[r],#8]\n\t"
-        "str       r8, [%[r],#12]\n\t"
-        "ldr       r4, [%[a],#16]\n\t"
-        "ldr       r5, [%[a],#20]\n\t"
-        "ldr       r6, [%[a],#24]\n\t"
-        "ldr       r8, [%[a],#28]\n\t"
-        "ldr       r9, [%[b],#16]\n\t"
-        "ldr       r10, [%[b],#20]\n\t"
-        "ldr       r11, [%[b],#24]\n\t"
-        "ldr       r14, [%[b],#28]\n\t"
-        "adcs    r4, r4, r9\n\t"
-        "adcs    r5, r5, r10\n\t"
-        "adcs    r6, r6, r11\n\t"
-        "adcs    r8, r8, r14\n\t"
-        "adc   r3, r12, #0\n\t"
-        "sub   r3, r12, r3\n\t"
-        "and   r12, r3, #1\n\t"
-        "ldr   r9, [%[r],#0]\n\t"
-        "ldr   r10, [%[r],#4]\n\t"
-        "ldr   r11, [%[r],#8]\n\t"
-        "ldr   r14, [%[r],#12]\n\t"
-        "subs  r9, r9, r3\n\t"
-        "sbcs  r10, r10, r3\n\t"
-        "sbcs  r11, r11, r3\n\t"
-        "sbcs  r14, r14, #0\n\t"
-        "sbcs  r4, r4, #0\n\t"
-        "sbcs  r5, r5, #0\n\t"
-        "sbcs  r6, r6, r12\n\t"
-        "sbc   r8, r8, r3\n\t"
-        "str   r9, [%[r],#0]\n\t"
-        "str   r10, [%[r],#4]\n\t"
-        "str   r11, [%[r],#8]\n\t"
-        "str   r14, [%[r],#12]\n\t"
-        "str   r4, [%[r],#16]\n\t"
-        "str   r5, [%[r],#20]\n\t"
-        "str   r6, [%[r],#24]\n\t"
-        "str   r8, [%[r],#28]\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "ADDS	r5, r5, r3\n\t"
+        "ADCS	r6, r6, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "ADCS	r7, r7, r3\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "ADCS	r9, r9, r3\n\t"
+        "ADCS	r10, r10, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "ADCS	r11, r11, r3\n\t"
+        "ADCS	r12, r12, r4\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "RSB	lr, lr, #0x0\n\t"
+        "SUBS	r5, r5, lr\n\t"
+        "SBCS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, lr\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBCS	r11, r11, lr, LSR #31\n\t"
+        "SBCS	r12, r12, lr\n\t"
+        "SBC	%[b], %[b], %[b]\n\t"
+        "SUB	lr, lr, %[b]\n\t"
+        "SUBS	r5, r5, lr\n\t"
+        "SBCS	r6, r6, lr\n\t"
+        "SBCS	r7, r7, lr\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBCS	r11, r11, lr, LSR #31\n\t"
+        "SBC	r12, r12, lr\n\t"
+        "STM	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Double a Montgomery form number (r = a + a % m).
@@ -18904,51 +34868,58 @@ SP_NOINLINE static void sp_256_mont_add_8(sp_digit* r, const sp_digit* a, const
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldr        r4, [%[a],#0]\n\t"
-        "ldr        r5, [%[a],#4]\n\t"
-        "ldr        r6, [%[a],#8]\n\t"
-        "ldr        r8, [%[a],#12]\n\t"
-        "ldr        r9, [%[a],#16]\n\t"
-        "ldr        r10, [%[a],#20]\n\t"
-        "ldr        r11, [%[a],#24]\n\t"
-        "ldr        r14, [%[a],#28]\n\t"
-        "adds      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r11, r11, r11\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "adc   r3, r12, #0\n\t"
-        "sub   r3, r12, r3\n\t"
-        "and   r12, r3, #1\n\t"
-        "subs  r4, r4, r3\n\t"
-        "sbcs  r5, r5, r3\n\t"
-        "sbcs  r6, r6, r3\n\t"
-        "sbcs  r8, r8, #0\n\t"
-        "sbcs  r9, r9, #0\n\t"
-        "sbcs  r10, r10, #0\n\t"
-        "sbcs  r11, r11, r12\n\t"
-        "sbc   r14, r14, r3\n\t"
-        "str   r4, [%[r],#0]\n\t"
-        "str   r5, [%[r],#4]\n\t"
-        "str   r6, [%[r],#8]\n\t"
-        "str   r8, [%[r],#12]\n\t"
-        "str   r9, [%[r],#16]\n\t"
-        "str   r10, [%[r],#20]\n\t"
-        "str   r11, [%[r],#24]\n\t"
-        "str   r14, [%[r],#28]\n\t"
+        "MOV	r2, #0x0\n\t"
+        "LDM	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "RSB	r2, r2, #0x0\n\t"
+        "SUBS	r4, r4, r2\n\t"
+        "SBCS	r5, r5, r2\n\t"
+        "SBCS	r6, r6, r2\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r2, LSR #31\n\t"
+        "SBCS	r11, r11, r2\n\t"
+        "SBC	%[a], %[a], %[a]\n\t"
+        "SUB	r2, r2, %[a]\n\t"
+        "SUBS	r4, r4, r2\n\t"
+        "SBCS	r5, r5, r2\n\t"
+        "SBCS	r6, r6, r2\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r2, LSR #31\n\t"
+        "SBC	r11, r11, r2\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Triple a Montgomery form number (r = a + a + a % m).
@@ -18957,83 +34928,90 @@ SP_NOINLINE static void sp_256_mont_dbl_8(sp_digit* r, const sp_digit* a, const
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldr	r2, [%[a],#0]\n\t"
-        "ldr	r3, [%[a],#4]\n\t"
-        "ldr	r4, [%[a],#8]\n\t"
-        "ldr	r5, [%[a],#12]\n\t"
-        "ldr	r6, [%[a],#16]\n\t"
-        "ldr	r8, [%[a],#20]\n\t"
-        "ldr	r9, [%[a],#24]\n\t"
-        "ldr	r10, [%[a],#28]\n\t"
-        "adds	r2, r2, r2\n\t"
-        "adcs	r3, r3, r3\n\t"
-        "adcs	r4, r4, r4\n\t"
-        "adcs	r5, r5, r5\n\t"
-        "adcs	r6, r6, r6\n\t"
-        "adcs	r8, r8, r8\n\t"
-        "adcs	r9, r9, r9\n\t"
-        "adcs	r10, r10, r10\n\t"
-        "mov	r11, #0\n\t"
-        "mov	r14, #0\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, r11\n\t"
-        "sub	r11, r11, #1\n\t"
-        "mvn	r11, r11\n\t"
-        "subs	r2, r2, r11\n\t"
-        "sbcs	r3, r3, r11\n\t"
-        "sbcs	r4, r4, r11\n\t"
-        "sbcs	r5, r5, r14\n\t"
-        "sbcs	r6, r6, r14\n\t"
-        "sbcs	r8, r8, r14\n\t"
-        "sbcs	r9, r9, r12\n\t"
-        "sbc	r10, r10, r11\n\t"
-        "ldr	r12, [%[a],#0]\n\t"
-        "ldr	r14, [%[a],#4]\n\t"
-        "adds	r2, r2, r12\n\t"
-        "adcs	r3, r3, r14\n\t"
-        "ldr	r12, [%[a],#8]\n\t"
-        "ldr	r14, [%[a],#12]\n\t"
-        "adcs	r4, r4, r12\n\t"
-        "adcs	r5, r5, r14\n\t"
-        "ldr	r12, [%[a],#16]\n\t"
-        "ldr	r14, [%[a],#20]\n\t"
-        "adcs	r6, r6, r12\n\t"
-        "adcs	r8, r8, r14\n\t"
-        "ldr	r12, [%[a],#24]\n\t"
-        "ldr	r14, [%[a],#28]\n\t"
-        "adcs	r9, r9, r12\n\t"
-        "adcs	r10, r10, r14\n\t"
-        "mov	r11, #0\n\t"
-        "mov	r14, #0\n\t"
-        "adc	r11, r11, r11\n\t"
-        "mov	r12, r11\n\t"
-        "sub	r11, r11, #1\n\t"
-        "mvn	r11, r11\n\t"
-        "subs	r2, r2, r11\n\t"
-        "str	r2, [%[r],#0]\n\t"
-        "sbcs	r3, r3, r11\n\t"
-        "str	r3, [%[r],#4]\n\t"
-        "sbcs	r4, r4, r11\n\t"
-        "str	r4, [%[r],#8]\n\t"
-        "sbcs	r5, r5, r14\n\t"
-        "str	r5, [%[r],#12]\n\t"
-        "sbcs	r6, r6, r14\n\t"
-        "str	r6, [%[r],#16]\n\t"
-        "sbcs	r8, r8, r14\n\t"
-        "str	r8, [%[r],#20]\n\t"
-        "sbcs	r9, r9, r12\n\t"
-        "str	r9, [%[r],#24]\n\t"
-        "sbc	r10, r10, r11\n\t"
-        "str	r10, [%[r],#28]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "RSB	r12, r12, #0x0\n\t"
+        "SUBS	r4, r4, r12\n\t"
+        "SBCS	r5, r5, r12\n\t"
+        "SBCS	r6, r6, r12\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r12, LSR #31\n\t"
+        "SBCS	r11, r11, r12\n\t"
+        "SBC	r2, r2, r2\n\t"
+        "SUB	r12, r12, r2\n\t"
+        "SUBS	r4, r4, r12\n\t"
+        "SBCS	r5, r5, r12\n\t"
+        "SBCS	r6, r6, r12\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r12, LSR #31\n\t"
+        "SBC	r11, r11, r12\n\t"
+        "LDM	%[a]!, {r2, r3}\n\t"
+        "ADDS	r4, r4, r2\n\t"
+        "ADCS	r5, r5, r3\n\t"
+        "LDM	%[a]!, {r2, r3}\n\t"
+        "ADCS	r6, r6, r2\n\t"
+        "ADCS	r7, r7, r3\n\t"
+        "LDM	%[a]!, {r2, r3}\n\t"
+        "ADCS	r8, r8, r2\n\t"
+        "ADCS	r9, r9, r3\n\t"
+        "LDM	%[a]!, {r2, r3}\n\t"
+        "ADCS	r10, r10, r2\n\t"
+        "ADCS	r11, r11, r3\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "RSB	r12, r12, #0x0\n\t"
+        "SUBS	r4, r4, r12\n\t"
+        "SBCS	r5, r5, r12\n\t"
+        "SBCS	r6, r6, r12\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r12, LSR #31\n\t"
+        "SBCS	r11, r11, r12\n\t"
+        "SBC	r2, r2, r2\n\t"
+        "SUB	r12, r12, r2\n\t"
+        "SUBS	r4, r4, r12\n\t"
+        "SBCS	r5, r5, r12\n\t"
+        "SBCS	r6, r6, r12\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, r12, LSR #31\n\t"
+        "SBC	r11, r11, r12\n\t"
+        "STM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r11", "r12", "r14", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "r12", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Subtract two Montgomery form numbers (r = a - b % m).
@@ -19043,154 +35021,122 @@ SP_NOINLINE static void sp_256_mont_tpl_8(sp_digit* r, const sp_digit* a, const
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldr       r4, [%[a],#0]\n\t"
-        "ldr       r5, [%[a],#4]\n\t"
-        "ldr       r6, [%[a],#8]\n\t"
-        "ldr       r8, [%[a],#12]\n\t"
-        "ldr       r9, [%[b],#0]\n\t"
-        "ldr       r10, [%[b],#4]\n\t"
-        "ldr       r11, [%[b],#8]\n\t"
-        "ldr       r14, [%[b],#12]\n\t"
-        "subs    r4, r4, r9\n\t"
-        "sbcs    r5, r5, r10\n\t"
-        "sbcs    r6, r6, r11\n\t"
-        "sbcs    r8, r8, r14\n\t"
-        "str       r4, [%[r],#0]\n\t"
-        "str       r5, [%[r],#4]\n\t"
-        "str       r6, [%[r],#8]\n\t"
-        "str       r8, [%[r],#12]\n\t"
-        "ldr       r4, [%[a],#16]\n\t"
-        "ldr       r5, [%[a],#20]\n\t"
-        "ldr       r6, [%[a],#24]\n\t"
-        "ldr       r8, [%[a],#28]\n\t"
-        "ldr       r9, [%[b],#16]\n\t"
-        "ldr       r10, [%[b],#20]\n\t"
-        "ldr       r11, [%[b],#24]\n\t"
-        "ldr       r14, [%[b],#28]\n\t"
-        "sbcs    r4, r4, r9\n\t"
-        "sbcs    r5, r5, r10\n\t"
-        "sbcs    r6, r6, r11\n\t"
-        "sbcs    r8, r8, r14\n\t"
-        "sbc   r3, r12, #0\n\t"
-        "and   r12, r3, #1\n\t"
-        "ldr   r9, [%[r],#0]\n\t"
-        "ldr   r10, [%[r],#4]\n\t"
-        "ldr   r11, [%[r],#8]\n\t"
-        "ldr   r14, [%[r],#12]\n\t"
-        "adds  r9, r9, r3\n\t"
-        "adcs  r10, r10, r3\n\t"
-        "adcs  r11, r11, r3\n\t"
-        "adcs  r14, r14, #0\n\t"
-        "adcs  r4, r4, #0\n\t"
-        "adcs  r5, r5, #0\n\t"
-        "adcs  r6, r6, r12\n\t"
-        "adc   r8, r8, r3\n\t"
-        "str   r9, [%[r],#0]\n\t"
-        "str   r10, [%[r],#4]\n\t"
-        "str   r11, [%[r],#8]\n\t"
-        "str   r14, [%[r],#12]\n\t"
-        "str   r4, [%[r],#16]\n\t"
-        "str   r5, [%[r],#20]\n\t"
-        "str   r6, [%[r],#24]\n\t"
-        "str   r8, [%[r],#28]\n\t"
+        "MOV	lr, #0x0\n\t"
+        "LDM	%[a], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "SUBS	r5, r5, r3\n\t"
+        "SBCS	r6, r6, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "SBCS	r7, r7, r3\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "SBCS	r9, r9, r3\n\t"
+        "SBCS	r10, r10, r4\n\t"
+        "LDM	%[b]!, {r3, r4}\n\t"
+        "SBCS	r11, r11, r3\n\t"
+        "SBCS	r12, r12, r4\n\t"
+        "SBC	lr, lr, #0x0\n\t"
+        "ADDS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, lr\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, lr, LSR #31\n\t"
+        "ADCS	r12, r12, lr\n\t"
+        "ADC	lr, lr, #0x0\n\t"
+        "ADDS	r5, r5, lr\n\t"
+        "ADCS	r6, r6, lr\n\t"
+        "ADCS	r7, r7, lr\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, lr, LSR #31\n\t"
+        "ADC	r12, r12, lr\n\t"
+        "STM	%[r], {r5, r6, r7, r8, r9, r10, r11, r12}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r14", "r3", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
-#define sp_256_mont_sub_lower_8 sp_256_mont_sub_8
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_256_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_256_mont_div2_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr	r8, [%[a], #0]\n\t"
-        "lsl	r8, r8, #31\n\t"
-        "lsr	r8, r8, #31\n\t"
-        "mov	r5, #0\n\t"
-        "sub	r5, r5, r8\n\t"
-        "mov	r8, #0\n\t"
-        "lsl	r6, r5, #31\n\t"
-        "lsr	r6, r6, #31\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "adds	r3, r3, r5\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r3, [%[r], #0]\n\t"
-        "str	r4, [%[r], #4]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "adcs	r3, r3, r5\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "str	r3, [%[r], #8]\n\t"
-        "str	r4, [%[r], #12]\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "adcs	r3, r3, r8\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "adcs	r3, r3, r6\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "adc	r8, r8, r8\n\t"
-        "lsl	r8, r8, #31\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, #31\n\t"
-        "lsr	r6, r4, #1\n\t"
-        "lsl	r4, r4, #31\n\t"
-        "orr	r5, r5, r4\n\t"
-        "orr	r6, r6, r8\n\t"
-        "mov	r8, r3\n\t"
-        "str	r5, [%[r], #24]\n\t"
-        "str	r6, [%[r], #28]\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, #31\n\t"
-        "lsr	r6, r4, #1\n\t"
-        "lsl	r4, r4, #31\n\t"
-        "orr	r5, r5, r4\n\t"
-        "orr	r6, r6, r8\n\t"
-        "mov	r8, r3\n\t"
-        "str	r5, [%[r], #16]\n\t"
-        "str	r6, [%[r], #20]\n\t"
-        "ldr	r3, [%[a], #8]\n\t"
-        "ldr	r4, [%[a], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, #31\n\t"
-        "lsr	r6, r4, #1\n\t"
-        "lsl	r4, r4, #31\n\t"
-        "orr	r5, r5, r4\n\t"
-        "orr	r6, r6, r8\n\t"
-        "mov	r8, r3\n\t"
-        "str	r5, [%[r], #8]\n\t"
-        "str	r6, [%[r], #12]\n\t"
-        "ldr	r3, [%[r], #0]\n\t"
-        "ldr	r4, [%[r], #4]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsr	r6, r4, #1\n\t"
-        "lsl	r4, r4, #31\n\t"
-        "orr	r5, r5, r4\n\t"
-        "orr	r6, r6, r8\n\t"
-        "str	r5, [%[r], #0]\n\t"
-        "str	r6, [%[r], #4]\n\t"
+        "LDM	%[a], {r4, r5, r6, r7}\n\t"
+        "AND	r3, r4, #0x1\n\t"
+        "RSB	r8, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "STM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDRD	r4, r5, [%[a], #16]\n\t"
+        "LDRD	r6, r7, [%[a], #24]\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, r8, LSR #31\n\t"
+        "ADCS	r7, r7, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "LSR	r10, r6, #1\n\t"
+        "LSR	r11, r7, #1\n\t"
+        "ORR	r8, r8, r5, LSL #31\n\t"
+        "ORR	r9, r9, r6, LSL #31\n\t"
+        "ORR	r10, r10, r7, LSL #31\n\t"
+        "ORR	r11, r11, r3, LSL #31\n\t"
+        "MOV	r3, r4\n\t"
+        "STRD	r8, r9, [%[r], #16]\n\t"
+        "STRD	r10, r11, [%[r], #24]\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "LSR	r10, r6, #1\n\t"
+        "LSR	r11, r7, #1\n\t"
+        "ORR	r8, r8, r5, LSL #31\n\t"
+        "ORR	r9, r9, r6, LSL #31\n\t"
+        "ORR	r10, r10, r7, LSL #31\n\t"
+        "ORR	r11, r11, r3, LSL #31\n\t"
+        "STM	%[r], {r8, r9, r10, r11}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "cc"
     );
 }
 
@@ -19238,7 +35184,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_8(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_8(t2, t2, p256_mod);
+    sp_256_mont_div2_8(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_8(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
@@ -19248,7 +35194,7 @@ static void sp_256_proj_point_dbl_8(sp_point_256* r, const sp_point_256* p,
     /* X = X - Y */
     sp_256_mont_sub_8(x, x, y, p256_mod);
     /* Y = Y - X */
-    sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+    sp_256_mont_sub_8(y, y, x, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_8(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -19271,7 +35217,8 @@ typedef struct sp_256_proj_point_dbl_8_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_8_ctx* ctx = (sp_256_proj_point_dbl_8_ctx*)sp_ctx->data;
@@ -19345,7 +35292,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_8(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_8(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -19370,7 +35317,7 @@ static int sp_256_proj_point_dbl_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -19431,12 +35378,12 @@ static int sp_256_iszero_8(const sp_digit* a)
 static void sp_256_proj_point_add_8(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*8;
+    sp_digit* t2 = t + 4*8;
+    sp_digit* t3 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_8(t1, q->z, p256_mod, p256_mp_mod);
@@ -19458,17 +35405,9 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_8(t2, t2, t1, p256_mod);
@@ -19487,20 +35426,31 @@ static void sp_256_proj_point_add_8(sp_point_256* r,
         sp_256_mont_dbl_8(t3, y, p256_mod);
         sp_256_mont_sub_8(x, x, t3, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(y, y, x, p256_mod);
+        sp_256_mont_sub_8(y, y, x, p256_mod);
         sp_256_mont_mul_8(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(y, y, t5, p256_mod);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -19546,12 +35496,12 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*8;
-        ctx->t3 = t + 4*8;
-        ctx->t4 = t + 6*8;
-        ctx->t5 = t + 8*8;
-        ctx->t6 = t + 10*8;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*8;
+        ctx->t2 = t + 4*8;
+        ctx->t3 = t + 6*8;
+        ctx->t4 = t + 8*8;
+        ctx->t5 = t + 10*8;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -19658,7 +35608,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_8(ctx->y, ctx->y, ctx->x, p256_mod);
+        sp_256_mont_sub_8(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -19671,22 +35621,28 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -19706,7 +35662,7 @@ static int sp_256_proj_point_add_8_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_point_16_8(sp_point_256* r, const sp_point_256* table,
@@ -19958,8 +35914,6 @@ static int sp_256_ecc_mulmod_fast_8(sp_point_256* r, const sp_point_256* g, cons
 }
 
 #ifdef FP_ECC
-#define sp_256_mont_dbl_lower_8 sp_256_mont_dbl_8
-#define sp_256_mont_tpl_lower_8 sp_256_mont_tpl_8
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -19998,7 +35952,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_8(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+        sp_256_mont_tpl_8(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -20007,8 +35961,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
         sp_256_mont_dbl_8(t2, b, p256_mod);
         sp_256_mont_sub_8(x, x, t2, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-        sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+        sp_256_mont_sub_8(t2, b, x, p256_mod);
+        sp_256_mont_dbl_8(b, t2, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -20028,7 +35982,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_8(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_8(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_8(a, t1, p256_mod);
+    sp_256_mont_tpl_8(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_8(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_8(b, t1, x, p256_mod, p256_mp_mod);
@@ -20037,8 +35991,8 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_dbl_8(t2, b, p256_mod);
     sp_256_mont_sub_8(x, x, t2, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_sub_lower_8(t2, b, x, p256_mod);
-    sp_256_mont_dbl_lower_8(b, t2, p256_mod);
+    sp_256_mont_sub_8(t2, b, x, p256_mod);
+    sp_256_mont_dbl_8(b, t2, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_8(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -20048,7 +36002,7 @@ static void sp_256_proj_point_dbl_n_8(sp_point_256* p, int i,
     sp_256_mont_sub_8(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_8(y, y, p256_mod);
+    sp_256_mont_div2_8(y, y, p256_mod);
 }
 
 /* Convert the projective point to affine.
@@ -20094,12 +36048,12 @@ typedef struct sp_table_entry_256 {
 static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*8;
-    sp_digit* t3 = t + 4*8;
-    sp_digit* t4 = t + 6*8;
-    sp_digit* t5 = t + 8*8;
-    sp_digit* t6 = t + 10*8;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*8;
+    sp_digit* t6 = t + 4*8;
+    sp_digit* t1 = t + 6*8;
+    sp_digit* t4 = t + 8*8;
+    sp_digit* t5 = t + 10*8;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -20115,13 +36069,9 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         sp_256_proj_point_dbl_8(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_8(t2, t2, p->x, p256_mod);
@@ -20130,33 +36080,40 @@ static void sp_256_proj_point_add_qz1_8(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_8(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_8(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_8(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(x, t1, t5, p256_mod);
-        sp_256_mont_dbl_8(t1, t3, p256_mod);
-        sp_256_mont_sub_8(x, x, t1, p256_mod);
+        sp_256_mont_sqr_8(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_8(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_8(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(t2, t2, t1, p256_mod);
+        sp_256_mont_dbl_8(t5, t3, p256_mod);
+        sp_256_mont_sub_8(x, t2, t5, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_8(t3, t3, x, p256_mod);
+        sp_256_mont_sub_8(t3, t3, x, p256_mod);
         sp_256_mont_mul_8(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_8(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_8(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 8; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 8; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_256_mont_mul_8(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_8(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 8; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 8; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -20257,7 +36214,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_16_8(sp_point_256* r,
@@ -20452,7 +36409,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -20523,8 +36480,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -20677,7 +36634,7 @@ static int sp_256_gen_stripe_table_8(const sp_point_256* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_256_get_entry_256_8(sp_point_256* r,
@@ -20872,7 +36829,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -20943,8 +36900,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_8(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_fast_8(r, g, k, map, ct, heap);
@@ -21061,7 +37018,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -21072,7 +37029,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -22610,7 +38567,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -22632,7 +38589,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -22691,38 +38648,32 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
  *
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_256_add_one_8(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_add_one_8(sp_digit* a_p)
+#else
+static void sp_256_add_one_8(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r2, #1\n\t"
-        "ldr	r1, [%[a], #0]\n\t"
-        "adds	r1, r1, r2\n\t"
-        "mov	r2, #0\n\t"
-        "str	r1, [%[a], #0]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #28]\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADDS	r1, r1, #0x1\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        : [a] "+r" (a)
         :
-        : [a] "r" (a)
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -22817,7 +38768,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -22825,7 +38776,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -23101,126 +39052,272 @@ int sp_ecc_secret_gen_256_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_in_place_8(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #32\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x20\n\t"
+        "\n"
+    "L_sp_256_sub_in_pkace_8_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_256_sub_in_pkace_8_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_256_sub_in_pkace_8_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_256_sub_in_place_8(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_in_place_8(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_in_place_8(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #32\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_256_mul_d_8_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_256_mul_d_8_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_256_mul_d_8_word\n\t"
+#endif
+        "STR	r3, [%[r], #32]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_mul_d_8(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "STR	r5, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -23230,49 +39327,69 @@ SP_NOINLINE static void sp_256_mul_d_8(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_256_word_8(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_256_word_8_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_256_word_8_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -23308,8 +39425,8 @@ static void sp_256_mask_8(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_256_div_8(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[16], t2[9];
     sp_digit div, r1;
@@ -23492,7 +39609,7 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     sp_256_mont_sqr_n_order_8(t2, t3, 4);
     /* t = a^ff = t2 * t3 */
     sp_256_mont_mul_order_8(t, t2, t3);
-    /* t3= a^ff00 = t ^ 2 ^ 8 */
+    /* t2= a^ff00 = t ^ 2 ^ 8 */
     sp_256_mont_sqr_n_order_8(t2, t, 8);
     /* t = a^ffff = t2 * t */
     sp_256_mont_mul_order_8(t, t2, t);
@@ -23509,7 +39626,11 @@ static void sp_256_mont_inv_order_8(sp_digit* r, const sp_digit* a,
     /* t2= a^ffffffff00000000ffffffffffffffff = t2 * t */
     sp_256_mont_mul_order_8(t2, t2, t);
     /* t2= a^ffffffff00000000ffffffffffffffffbce6 */
-    for (i=127; i>=112; i--) {
+    sp_256_mont_sqr_order_8(t2, t2);
+    sp_256_mont_mul_order_8(t2, t2, a);
+    sp_256_mont_sqr_n_order_8(t2, t2, 5);
+    sp_256_mont_mul_order_8(t2, t2, t3);
+    for (i=121; i>=112; i--) {
         sp_256_mont_sqr_order_8(t2, t2);
         if ((p256_order_low[i / 32] & ((sp_int_digit)1 << (i % 32))) != 0) {
             sp_256_mont_mul_order_8(t2, t2, a);
@@ -23914,48 +40035,137 @@ int sp_ecc_sign_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x20\n\t"
+        "\n"
+    "L_sp_256_sub_8_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_sp_256_sub_8_word\n\t"
+#else
+        "BNE.N	L_sp_256_sub_8_word\n\t"
+#endif
+        "MOV	%[r], r11\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_256_sub_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_256_sub_8(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_rshift1_8(sp_digit* r_p, const sp_digit* a_p)
+#else
 static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov       r10, #0\n\t"
-        "mov       r9, #0\n\t"
-        "ldr       r3, [%[a], #16]\n\t"
-        "ldr       r4, [%[a], #20]\n\t"
-        "ldr       r5, [%[a], #24]\n\t"
-        "ldr       r6, [%[a], #28]\n\t"
-        "lsr       r7, r3, #1\n\t"
-        "and       r3, r3, #1\n\t"
-        "lsr       r8, r4, #1\n\t"
-        "lsr       r10, r5, #1\n\t"
-        "lsr       r14, r6, #1\n\t"
-        "orr       r7, r7, r4, lsl #31\n\t"
-        "orr       r8, r8, r5, lsl #31\n\t"
-        "orr       r10, r10, r6, lsl #31\n\t"
-        "orr       r14, r14, r9, lsl #31\n\t"
-        "mov       r9, r3\n\t"
-        "str       r7, [%[r], #16]\n\t"
-        "str       r8, [%[r], #20]\n\t"
-        "str       r10, [%[r], #24]\n\t"
-        "str       r14, [%[r], #28]\n\t"
-        "ldr       r3, [%[r], #0]\n\t"
-        "ldr       r4, [%[r], #4]\n\t"
-        "ldr       r5, [%[r], #8]\n\t"
-        "ldr       r6, [%[r], #12]\n\t"
-        "lsr       r7, r3, #1\n\t"
-        "lsr       r8, r4, #1\n\t"
-        "lsr       r10, r5, #1\n\t"
-        "lsr       r14, r6, #1\n\t"
-        "orr       r7, r7, r4, lsl #31\n\t"
-        "orr       r8, r8, r5, lsl #31\n\t"
-        "orr       r10, r10, r6, lsl #31\n\t"
-        "orr       r14, r14, r9, lsl #31\n\t"
-        "str       r7, [%[r], #0]\n\t"
-        "str       r8, [%[r], #4]\n\t"
-        "str       r10, [%[r], #8]\n\t"
-        "str       r14, [%[r], #12]\n\t"
+        "MOV	r10, #0x0\n\t"
+        "LDRD	r2, r3, [%[a], #16]\n\t"
+        "LDRD	r4, r5, [%[a], #24]\n\t"
+        "LSR	r6, r2, #1\n\t"
+        "LSR	r7, r3, #1\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "ORR	r6, r6, r3, lsl #31\n\t"
+        "ORR	r7, r7, r4, lsl #31\n\t"
+        "ORR	r8, r8, r5, lsl #31\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "MOV	r10, r2\n\t"
+        "STRD	r6, r7, [%[r], #16]\n\t"
+        "STRD	r8, r9, [%[r], #24]\n\t"
+        "LDRD	r2, r3, [%[a]]\n\t"
+        "LDRD	r4, r5, [%[a], #8]\n\t"
+        "LSR	r6, r2, #1\n\t"
+        "LSR	r7, r3, #1\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "ORR	r6, r6, r3, lsl #31\n\t"
+        "ORR	r7, r7, r4, lsl #31\n\t"
+        "ORR	r8, r8, r5, lsl #31\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "STRD	r6, r7, [%[r]]\n\t"
+        "STRD	r8, r9, [%[r], #8]\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10", "r14", "r9"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -23965,156 +40175,222 @@ static void sp_256_rshift1_8(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus.
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_256_div2_mod_8(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 static void sp_256_div2_mod_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov       r10, #0\n\t"
-        "ldr       r3, [%[a], #0]\n\t"
-        "ands      r9, r3, #1\n\t"
-        "beq       1f\n\t"
-        "ldr       r4, [%[a], #4]\n\t"
-        "ldr       r5, [%[a], #8]\n\t"
-        "ldr       r6, [%[a], #12]\n\t"
-        "ldr       r7, [%[m], #0]\n\t"
-        "ldr       r8, [%[m], #4]\n\t"
-        "ldr       r10, [%[m], #8]\n\t"
-        "ldr       r14, [%[m], #12]\n\t"
-        "adds      r3, r3, r7\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r10\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "str       r3, [%[r], #0]\n\t"
-        "str       r4, [%[r], #4]\n\t"
-        "str       r5, [%[r], #8]\n\t"
-        "str       r6, [%[r], #12]\n\t"
-        "ldr       r3, [%[a], #16]\n\t"
-        "ldr       r4, [%[a], #20]\n\t"
-        "ldr       r5, [%[a], #24]\n\t"
-        "ldr       r6, [%[a], #28]\n\t"
-        "ldr       r7, [%[m], #16]\n\t"
-        "ldr       r8, [%[m], #20]\n\t"
-        "ldr       r10, [%[m], #24]\n\t"
-        "ldr       r14, [%[m], #28]\n\t"
-        "adcs      r3, r3, r7\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r10\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adc       r9, r10, r10\n\t"
-        "b 2f\n\t"
-        "\n1:\n\t"
-        "ldr       r3, [%[a], #16]\n\t"
-        "ldr       r4, [%[a], #20]\n\t"
-        "ldr       r5, [%[a], #24]\n\t"
-        "ldr       r6, [%[a], #28]\n\t"
-        "\n2:\n\t"
-        "lsr       r7, r3, #1\n\t"
-        "and       r3, r3, #1\n\t"
-        "lsr       r8, r4, #1\n\t"
-        "lsr       r10, r5, #1\n\t"
-        "lsr       r14, r6, #1\n\t"
-        "orr       r7, r7, r4, lsl #31\n\t"
-        "orr       r8, r8, r5, lsl #31\n\t"
-        "orr       r10, r10, r6, lsl #31\n\t"
-        "orr       r14, r14, r9, lsl #31\n\t"
-        "mov       r9, r3\n\t"
-        "str       r7, [%[r], #16]\n\t"
-        "str       r8, [%[r], #20]\n\t"
-        "str       r10, [%[r], #24]\n\t"
-        "str       r14, [%[r], #28]\n\t"
-        "ldr       r3, [%[r], #0]\n\t"
-        "ldr       r4, [%[r], #4]\n\t"
-        "ldr       r5, [%[r], #8]\n\t"
-        "ldr       r6, [%[r], #12]\n\t"
-        "lsr       r7, r3, #1\n\t"
-        "lsr       r8, r4, #1\n\t"
-        "lsr       r10, r5, #1\n\t"
-        "lsr       r14, r6, #1\n\t"
-        "orr       r7, r7, r4, lsl #31\n\t"
-        "orr       r8, r8, r5, lsl #31\n\t"
-        "orr       r10, r10, r6, lsl #31\n\t"
-        "orr       r14, r14, r9, lsl #31\n\t"
-        "str       r7, [%[r], #0]\n\t"
-        "str       r8, [%[r], #4]\n\t"
-        "str       r10, [%[r], #8]\n\t"
-        "str       r14, [%[r], #12]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "ANDS	r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_div2_mod_8_even\n\t"
+#else
+        "BEQ.N	L_sp_256_div2_mod_8_even\n\t"
+#endif
+        "LDM	%[a]!, {r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "ADC	r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_div2_mod_8_div2\n\t"
+#else
+        "B.N	L_sp_256_div2_mod_8_div2\n\t"
+#endif
+        "\n"
+    "L_sp_256_div2_mod_8_even:\n\t"
+        "LDRD	r4, r5, [%[a], #12]\n\t"
+        "LDRD	r6, r7, [%[a], #20]\n\t"
+        "\n"
+    "L_sp_256_div2_mod_8_div2:\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "AND	r4, r4, #0x1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "LSR	r10, r6, #1\n\t"
+        "LSR	r11, r7, #1\n\t"
+        "ORR	r8, r8, r5, lsl #31\n\t"
+        "ORR	r9, r9, r6, lsl #31\n\t"
+        "ORR	r10, r10, r7, lsl #31\n\t"
+        "ORR	r11, r11, r3, lsl #31\n\t"
+        "MOV	r3, r4\n\t"
+        "STRD	r8, r9, [%[r], #16]\n\t"
+        "STRD	r10, r11, [%[r], #24]\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LSR	r8, r4, #1\n\t"
+        "LSR	r9, r5, #1\n\t"
+        "LSR	r10, r6, #1\n\t"
+        "LSR	r11, r7, #1\n\t"
+        "ORR	r8, r8, r5, lsl #31\n\t"
+        "ORR	r9, r9, r6, lsl #31\n\t"
+        "ORR	r10, r10, r7, lsl #31\n\t"
+        "ORR	r11, r11, r3, lsl #31\n\t"
+        "STM	%[r], {r8, r9, r10, r11}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r10", "r14", "r9"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-static int sp_256_num_bits_8(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_256_num_bits_8(const sp_digit* a_p)
+#else
+static int sp_256_num_bits_8(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldr r2, [%[a], #28]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 7f\n\t"
-        "mov r3, #256\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n7:\n\t"
-        "ldr r2, [%[a], #24]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 6f\n\t"
-        "mov r3, #224\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n6:\n\t"
-        "ldr r2, [%[a], #20]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 5f\n\t"
-        "mov r3, #192\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n5:\n\t"
-        "ldr r2, [%[a], #16]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 4f\n\t"
-        "mov r3, #160\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n4:\n\t"
-        "ldr r2, [%[a], #12]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 3f\n\t"
-        "mov r3, #128\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n3:\n\t"
-        "ldr r2, [%[a], #8]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 2f\n\t"
-        "mov r3, #96\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n2:\n\t"
-        "ldr r2, [%[a], #4]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 1f\n\t"
-        "mov r3, #64\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   9f\n\t"
-        "\n1:\n\t"
-        "ldr r2, [%[a], #0]\n\t"
-        "mov r3, #32\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "\n9:\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a)
-        : "r2", "r3"
+        "LDR	r1, [%[a], #28]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_7\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_7\n\t"
+#endif
+        "MOV	r2, #0x100\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_7:\n\t"
+        "LDR	r1, [%[a], #24]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_6\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_6\n\t"
+#endif
+        "MOV	r2, #0xe0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_6:\n\t"
+        "LDR	r1, [%[a], #20]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_5\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_5\n\t"
+#endif
+        "MOV	r2, #0xc0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_5:\n\t"
+        "LDR	r1, [%[a], #16]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_4\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_4\n\t"
+#endif
+        "MOV	r2, #0xa0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_4:\n\t"
+        "LDR	r1, [%[a], #12]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_3\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_3\n\t"
+#endif
+        "MOV	r2, #0x80\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_3:\n\t"
+        "LDR	r1, [%[a], #8]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_2\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_2\n\t"
+#endif
+        "MOV	r2, #0x60\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_2:\n\t"
+        "LDR	r1, [%[a], #4]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_256_num_bits_8_1\n\t"
+#else
+        "BEQ.N	L_sp_256_num_bits_8_1\n\t"
+#endif
+        "MOV	r2, #0x40\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_256_num_bits_8_9\n\t"
+#else
+        "B.N	L_sp_256_num_bits_8_9\n\t"
+#endif
+        "\n"
+    "L_sp_256_num_bits_8_1:\n\t"
+        "LDR	r1, [%[a]]\n\t"
+        "MOV	r2, #0x20\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+        "\n"
+    "L_sp_256_num_bits_8_9:\n\t"
+        "MOV	%[a], r4\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Non-constant time modular inversion.
@@ -24160,7 +40436,7 @@ static int sp_256_mod_inv_8(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_256_cmp_8(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_256_cmp_8(u, v) >= 0))) {
             sp_256_sub_8(u, u, v);
             o = sp_256_sub_8(b, b, d);
             if (o != 0)
@@ -24237,7 +40513,7 @@ static void sp_256_add_points_8(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -24561,7 +40837,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -24589,19 +40865,21 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 8;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_8(t1, point->y);
         (void)sp_256_mod_8(t1, t1, p256_mod);
         sp_256_sqr_8(t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
         sp_256_mul_8(t2, t2, point->x);
         (void)sp_256_mod_8(t2, t2, p256_mod);
-        (void)sp_256_sub_8(t2, p256_mod, t2);
-        sp_256_mont_add_8(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_8(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
         sp_256_mont_add_8(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_8(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -24615,7 +40893,7 @@ static int sp_256_ecc_is_point_8(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -25200,401 +41478,2029 @@ static const sp_digit p384_b[12] = {
 };
 #endif
 
+#ifdef WOLFSSL_SP_SMALL
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_384_mul_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_384_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[12 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #48\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #44\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x60\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_384_mul_12_outer:\n\t"
+        "SUBS	r3, r5, #0x2c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_384_mul_12_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_384_mul_12_inner_done\n\t"
+#else
+        "BGT.N	L_sp_384_mul_12_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BLT	L_sp_384_mul_12_inner\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BLT.N	L_sp_384_mul_12_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_384_mul_12_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x54\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #88\n\t"
-        "cmp	r8, r6\n\t"
+        "BLE	L_sp_384_mul_12_outer\n\t"
+#else
+        "BLE.N	L_sp_384_mul_12_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #44]\n\t"
+        "LDR	r11, [%[b], #44]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_384_mul_12_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BGT	L_sp_384_mul_12_store\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BGT.N	L_sp_384_mul_12_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
-/* Square a and put result in r. (r = a * a)
+#else
+/* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
+ * b  A single precision integer.
  */
-SP_NOINLINE static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_384_mul_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #96\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #44\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #48\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
-#else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #88\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #92\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
-#else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #96\n\t"
-        "add	sp, sp, r6\n\t"
+        "SUB	sp, sp, #0x30\n\t"
+        /* A[0] * B[0] */
+        "LDR	r11, [%[a]]\n\t"
+        "LDR	r12, [%[b]]\n\t"
+        "UMULL	r3, r4, r11, r12\n\t"
+        "MOV	r5, #0x0\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[0] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        /* A[2] * B[0] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[1] */
+        "LDR	r11, [%[a], #4]\n\t"
+        "LDR	r12, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[2] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[0] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[2] */
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[1] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[0] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #12]\n\t"
+        /* A[4] * B[0] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[1] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[2] */
+        "LDR	r11, [%[a], #8]\n\t"
+        "LDR	r12, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[3] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[4] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #16]\n\t"
+        /* A[0] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[4] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[2] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[1] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[0] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #20]\n\t"
+        /* A[6] * B[0] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[1] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[2] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[3] */
+        "LDR	r11, [%[a], #12]\n\t"
+        "LDR	r12, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[4] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[5] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[6] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #24]\n\t"
+        /* A[0] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[6] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[5] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[4] */
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[3] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[2] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[1] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[0] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* A[8] * B[0] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[1] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[2] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[3] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[4] */
+        "LDR	r11, [%[a], #16]\n\t"
+        "LDR	r12, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[5] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[6] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[7] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[8] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #32]\n\t"
+        /* A[0] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[8] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[7] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[6] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[4] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[3] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[2] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[1] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[0] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #36]\n\t"
+        /* A[10] * B[0] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[1] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[2] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[3] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[4] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[5] */
+        "LDR	r11, [%[a], #20]\n\t"
+        "LDR	r12, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[6] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[7] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[8] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[9] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[10] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #40]\n\t"
+        /* A[0] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[10] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[9] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[8] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[7] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[6] */
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[5] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[4] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[3] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[2] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[1] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[0] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #44]\n\t"
+        /* A[11] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[2] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[3] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[4] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[5] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[6] */
+        "LDR	r11, [%[a], #24]\n\t"
+        "LDR	r12, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[7] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[8] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[9] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[10] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[11] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #48]\n\t"
+        /* A[2] * B[11] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[10] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[9] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[8] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[6] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[5] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[4] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[3] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[2] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #52]\n\t"
+        /* A[11] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[4] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[5] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[6] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[7] */
+        "LDR	r11, [%[a], #28]\n\t"
+        "LDR	r12, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[8] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[9] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[10] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[11] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #56]\n\t"
+        /* A[4] * B[11] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[10] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[9] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[8] */
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[7] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[6] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[5] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[4] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #60]\n\t"
+        /* A[11] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[6] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[7] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[8] */
+        "LDR	r11, [%[a], #32]\n\t"
+        "LDR	r12, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[9] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[10] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[11] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #64]\n\t"
+        /* A[6] * B[11] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[10] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[8] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[7] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[6] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #68]\n\t"
+        /* A[11] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[8] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[9] */
+        "LDR	r11, [%[a], #36]\n\t"
+        "LDR	r12, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[10] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[11] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #72]\n\t"
+        /* A[8] * B[11] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[10] */
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[9] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[8] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #76]\n\t"
+        /* A[11] * B[9] */
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[10] */
+        "LDR	r11, [%[a], #40]\n\t"
+        "LDR	r12, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[11] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #80]\n\t"
+        /* A[10] * B[11] */
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[10] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #84]\n\t"
+        /* A[11] * B[11] */
+        "UMLAL	r4, r5, r8, r9\n\t"
+        "STR	r4, [%[r], #88]\n\t"
+        "STR	r5, [%[r], #92]\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
- * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #48\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "SUB	sp, sp, #0x60\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_384_sqr_12_outer:\n\t"
+        "SUBS	r3, r5, #0x2c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_384_sqr_12_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_384_sqr_12_inner_done\n\t"
+#else
+        "BGT.N	L_sp_384_sqr_12_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BLT	L_sp_384_sqr_12_inner\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BLT.N	L_sp_384_sqr_12_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_384_sqr_12_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x54\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLE	L_sp_384_sqr_12_outer\n\t"
+#else
+        "BLE.N	L_sp_384_sqr_12_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #44]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_384_sqr_12_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_384_sqr_12_store\n\t"
+#else
+        "BGT.N	L_sp_384_sqr_12_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    return c;
 }
 
 #else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
- * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_sqr_12(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_384_sqr_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "SUB	sp, sp, #0x30\n\t"
+        /* A[0] * A[0] */
+        "LDR	r10, [%[a]]\n\t"
+        "UMULL	r8, r3, r10, r10\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r8, [sp]\n\t"
+        /* A[0] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #4]\n\t"
+        /* A[0] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #8]\n\t"
+        /* A[0] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [sp, #12]\n\t"
+        /* A[0] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[1] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[2] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #16]\n\t"
+        /* A[0] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #20]\n\t"
+        /* A[0] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #24]\n\t"
+        /* A[0] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #28]\n\t"
+        /* A[0] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #32]\n\t"
+        /* A[0] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #36]\n\t"
+        /* A[0] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #40]\n\t"
+        /* A[0] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #44]\n\t"
+        /* A[1] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[2] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #48]\n\t"
+        /* A[2] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[3] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #52]\n\t"
+        /* A[3] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[4] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        /* A[4] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[5] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #60]\n\t"
+        /* A[5] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[6] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #64]\n\t"
+        /* A[6] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[7] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        /* A[7] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #72]\n\t"
+        /* A[8] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[9] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [%[r], #76]\n\t"
+        /* A[9] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        /* A[10] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #84]\n\t"
+        /* A[11] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "UMLAL	r3, r4, r10, r10\n\t"
+        "STR	r3, [%[r], #88]\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
-
-    return c;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "add	r6, r6, #48\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x30\n\t"
+        "\n"
+    "L_sp_384_add_12_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_384_add_12_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_384_add_12_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -25710,14 +43616,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -25895,6 +43801,7 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
     return err;
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -25903,143 +43810,385 @@ static int sp_384_point_to_ecc_point_12(const sp_point_384* p, ecc_point* pm)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #48\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_384_cond_sub_12_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x30\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_384_cond_sub_12_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_384_cond_sub_12_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #define sp_384_mont_reduce_order_12   sp_384_mont_reduce_12
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Reduce the number back to 384 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #48\n\t"
-        "\n1:\n\t"
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_384_mont_reduce_12_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #40\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
-#else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
         /* a[i+10] += m[10] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
         /* a[i+11] += m[11] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[11] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[11] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #40\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x30\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_384_mont_reduce_12_word\n\t"
+#else
+        "BLT.W	L_sp_384_mont_reduce_12_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 384 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - ca);
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_384_mont_reduce_12_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #48]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #48]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x30\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_384_mont_reduce_12_word\n\t"
+#else
+        "BLT.W	L_sp_384_mont_reduce_12_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_384_cond_sub_12(a - 12, a, m, (sp_digit)0 - mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -26047,7 +44196,7 @@ SP_NOINLINE static void sp_384_mont_reduce_12(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -26061,7 +44210,7 @@ SP_NOINLINE static void sp_384_mont_mul_12(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -26077,10 +44226,10 @@ SP_NOINLINE static void sp_384_mont_sqr_12(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_12(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_12(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_12(r, a, m, mp);
     for (; n > 1; n--) {
@@ -26189,44 +44338,181 @@ static void sp_384_mont_inv_12(sp_digit* r, const sp_digit* a, sp_digit* td)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_384_cmp_12(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_384_cmp_12(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #44\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x2c\n\t"
+        "\n"
+    "L_sp_384_cmp_12_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_384_cmp_12_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Normalize the values in each word to 32.
@@ -26282,9 +44568,19 @@ static void sp_384_map_12(sp_point_384* r, const sp_point_384* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     sp_digit o;
 
     o = sp_384_add_12(r, a, b);
@@ -26297,8 +44593,18 @@ SP_NOINLINE static void sp_384_mont_add_12(sp_digit* r, const sp_digit* a, const
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     sp_digit o;
 
     o = sp_384_add_12(r, a, a);
@@ -26311,8 +44617,18 @@ SP_NOINLINE static void sp_384_mont_dbl_12(sp_digit* r, const sp_digit* a, const
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     sp_digit o;
 
     o = sp_384_add_12(r, a, a);
@@ -26321,6 +44637,104 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const
     sp_384_cond_sub_12(r, r, m, 0 - o);
 }
 
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x30\n\t"
+        "\n"
+    "L_sp_384_sub_12_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_sp_384_sub_12_word\n\t"
+#else
+        "BNE.N	L_sp_384_sub_12_word\n\t"
+#endif
+        "MOV	%[r], r11\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -26329,39 +44743,122 @@ SP_NOINLINE static void sp_384_mont_tpl_12(sp_digit* r, const sp_digit* a, const
  * b  A single precision number to add.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #48\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_384_cond_add_12_words:\n\t"
+        "ADDS	r5, r5, #0xffffffff\n\t"
+        "LDR	r6, [%[a], r4]\n\t"
+        "LDR	r7, [%[b], r4]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "ADCS	r6, r6, r7\n\t"
+        "ADC	r5, r8, r8\n\t"
+        "STR	r6, [%[r], r4]\n\t"
+        "ADD	r4, r4, #0x4\n\t"
+        "CMP	r4, #0x30\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_384_cond_add_12_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_384_cond_add_12_words\n\t"
+#endif
+        "MOV	%[r], r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_cond_add_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "ADC	%[r], r10, r10\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 /* Subtract two Montgomery form numbers (r = a - b % m).
  *
  * r   Result of subtration.
@@ -26369,69 +44866,89 @@ SP_NOINLINE static sp_digit sp_384_cond_add_12(sp_digit* r, const sp_digit* a, c
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_384_mont_sub_12(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     sp_digit o;
 
     o = sp_384_sub_12(r, a, b);
     sp_384_cond_add_12(r, r, m, o);
 }
 
-#define sp_384_mont_sub_lower_12 sp_384_mont_sub_12
+#ifdef WOLFSSL_SP_SMALL
+#else
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_rshift1_12(sp_digit* r_p, const sp_digit* a_p)
+#else
 static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r], #0]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "str	r4, [%[r], #44]\n\t"
+        "LDM	%[a], {r2, r3}\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "STR	r2, [%[r]]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #12]\n\t"
+        "STR	r3, [%[r], #4]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #16]\n\t"
+        "STR	r4, [%[r], #8]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "STR	r2, [%[r], #12]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #24]\n\t"
+        "STR	r3, [%[r], #16]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #28]\n\t"
+        "STR	r4, [%[r], #20]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "STR	r2, [%[r], #24]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #36]\n\t"
+        "STR	r3, [%[r], #28]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #40]\n\t"
+        "STR	r4, [%[r], #32]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "STR	r2, [%[r], #36]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "STR	r3, [%[r], #40]\n\t"
+        "STR	r4, [%[r], #44]\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -26441,7 +44958,7 @@ static void sp_384_rshift1_12(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_384_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_384_mont_div2_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
     sp_digit o;
 
@@ -26494,7 +45011,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_12(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_12(t2, t2, p384_mod);
+    sp_384_mont_div2_12(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_12(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -26504,7 +45021,7 @@ static void sp_384_proj_point_dbl_12(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_12(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+    sp_384_mont_sub_12(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_12(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -26527,7 +45044,8 @@ typedef struct sp_384_proj_point_dbl_12_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_12_ctx* ctx = (sp_384_proj_point_dbl_12_ctx*)sp_ctx->data;
@@ -26601,7 +45119,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_12(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_12(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -26626,7 +45144,7 @@ static int sp_384_proj_point_dbl_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -26689,12 +45207,12 @@ static int sp_384_iszero_12(const sp_digit* a)
 static void sp_384_proj_point_add_12(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*12;
+    sp_digit* t2 = t + 4*12;
+    sp_digit* t3 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_12(t1, q->z, p384_mod, p384_mp_mod);
@@ -26716,17 +45234,9 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_12(t2, t2, t1, p384_mod);
@@ -26745,20 +45255,31 @@ static void sp_384_proj_point_add_12(sp_point_384* r,
         sp_384_mont_dbl_12(t3, y, p384_mod);
         sp_384_mont_sub_12(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(y, y, x, p384_mod);
+        sp_384_mont_sub_12(y, y, x, p384_mod);
         sp_384_mont_mul_12(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(y, y, t5, p384_mod);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -26804,12 +45325,12 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*12;
-        ctx->t3 = t + 4*12;
-        ctx->t4 = t + 6*12;
-        ctx->t5 = t + 8*12;
-        ctx->t6 = t + 10*12;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*12;
+        ctx->t2 = t + 4*12;
+        ctx->t3 = t + 6*12;
+        ctx->t4 = t + 8*12;
+        ctx->t5 = t + 10*12;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -26916,7 +45437,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_12(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_12(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -26929,22 +45450,28 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -26964,7 +45491,7 @@ static int sp_384_proj_point_add_12_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_point_16_12(sp_point_384* r, const sp_point_384* table,
@@ -27240,8 +45767,6 @@ static int sp_384_ecc_mulmod_fast_12(sp_point_384* r, const sp_point_384* g, con
 }
 
 #ifdef FP_ECC
-#define sp_384_mont_dbl_lower_12 sp_384_mont_dbl_12
-#define sp_384_mont_tpl_lower_12 sp_384_mont_tpl_12
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -27280,7 +45805,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_12(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+        sp_384_mont_tpl_12(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -27289,8 +45814,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
         sp_384_mont_dbl_12(t2, b, p384_mod);
         sp_384_mont_sub_12(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+        sp_384_mont_sub_12(t2, b, x, p384_mod);
+        sp_384_mont_dbl_12(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -27310,7 +45835,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_12(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_12(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_12(a, t1, p384_mod);
+    sp_384_mont_tpl_12(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_12(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_12(b, t1, x, p384_mod, p384_mp_mod);
@@ -27319,8 +45844,8 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_dbl_12(t2, b, p384_mod);
     sp_384_mont_sub_12(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_12(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_12(b, t2, p384_mod);
+    sp_384_mont_sub_12(t2, b, x, p384_mod);
+    sp_384_mont_dbl_12(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_12(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -27330,7 +45855,7 @@ static void sp_384_proj_point_dbl_n_12(sp_point_384* p, int i,
     sp_384_mont_sub_12(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_12(y, y, p384_mod);
+    sp_384_mont_div2_12(y, y, p384_mod);
 }
 
 /* Convert the projective point to affine.
@@ -27376,12 +45901,12 @@ typedef struct sp_table_entry_384 {
 static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*12;
-    sp_digit* t3 = t + 4*12;
-    sp_digit* t4 = t + 6*12;
-    sp_digit* t5 = t + 8*12;
-    sp_digit* t6 = t + 10*12;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*12;
+    sp_digit* t6 = t + 4*12;
+    sp_digit* t1 = t + 6*12;
+    sp_digit* t4 = t + 8*12;
+    sp_digit* t5 = t + 10*12;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -27397,13 +45922,9 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         sp_384_proj_point_dbl_12(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_12(t2, t2, p->x, p384_mod);
@@ -27412,33 +45933,40 @@ static void sp_384_proj_point_add_qz1_12(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_12(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_12(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_12(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_12(t1, t3, p384_mod);
-        sp_384_mont_sub_12(x, x, t1, p384_mod);
+        sp_384_mont_sqr_12(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_12(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_12(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_12(t5, t3, p384_mod);
+        sp_384_mont_sub_12(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_12(t3, t3, x, p384_mod);
+        sp_384_mont_sub_12(t3, t3, x, p384_mod);
         sp_384_mont_mul_12(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_12(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_12(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 12; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 12; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_12(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_12(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 12; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 12; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -27539,7 +46067,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_16_12(sp_point_384* r,
@@ -27750,7 +46278,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -27821,8 +46349,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -27975,7 +46503,7 @@ static int sp_384_gen_stripe_table_12(const sp_point_384* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_384_get_entry_256_12(sp_point_384* r,
@@ -28186,7 +46714,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -28257,8 +46785,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_12(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_fast_12(r, g, k, map, ct, heap);
@@ -28375,7 +46903,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -28386,7 +46914,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -29924,7 +48452,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -29946,7 +48474,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -30005,50 +48533,38 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
  *
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_384_add_one_12(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_add_one_12(sp_digit* a_p)
+#else
+static void sp_384_add_one_12(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r2, #1\n\t"
-        "ldr	r1, [%[a], #0]\n\t"
-        "adds	r1, r1, r2\n\t"
-        "mov	r2, #0\n\t"
-        "str	r1, [%[a], #0]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #28]\n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #32]\n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #36]\n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #40]\n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #44]\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADDS	r1, r1, #0x1\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        : [a] "+r" (a)
         :
-        : [a] "r" (a)
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -30143,7 +48659,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -30151,7 +48667,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -30427,136 +48943,299 @@ int sp_ecc_secret_gen_384_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_in_place_12(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #48\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x30\n\t"
+        "\n"
+    "L_sp_384_sub_in_pkace_12_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_384_sub_in_pkace_12_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_384_sub_in_pkace_12_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_384_sub_in_place_12(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_384_sub_in_place_12(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_384_sub_in_place_12(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #48\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_384_mul_d_12_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x30\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_384_mul_d_12_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_384_mul_d_12_word\n\t"
+#endif
+        "STR	r3, [%[r], #48]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_mul_d_12(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "STR	r3, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -30566,49 +49245,69 @@ SP_NOINLINE static void sp_384_mul_d_12(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_384_word_12(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_384_word_12_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_384_word_12_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -30648,8 +49347,8 @@ static void sp_384_mask_12(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_384_div_12(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[24], t2[13];
     sp_digit div, r1;
@@ -31231,245 +49930,328 @@ int sp_ecc_sign_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
  * a  Number to divide.
  * m  Modulus.
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_384_div2_mod_12(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 static void sp_384_div2_mod_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr       r4, [%[a]]\n\t"
-        "ands      r8, r4, #1\n\t"
-        "beq       1f\n\t"
-        "mov       r12, #0\n\t"
-        "ldr     r5, [%[a], #4]\n\t"
-        "ldr     r6, [%[a], #8]\n\t"
-        "ldr     r7, [%[a], #12]\n\t"
-        "ldr     r8, [%[m], #0]\n\t"
-        "ldr     r9, [%[m], #4]\n\t"
-        "ldr     r10, [%[m], #8]\n\t"
-        "ldr     r14, [%[m], #12]\n\t"
-        "adds    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #0]\n\t"
-        "str     r5, [%[r], #4]\n\t"
-        "str     r6, [%[r], #8]\n\t"
-        "str     r7, [%[r], #12]\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "ldr     r5, [%[a], #20]\n\t"
-        "ldr     r6, [%[a], #24]\n\t"
-        "ldr     r7, [%[a], #28]\n\t"
-        "ldr     r8, [%[m], #16]\n\t"
-        "ldr     r9, [%[m], #20]\n\t"
-        "ldr     r10, [%[m], #24]\n\t"
-        "ldr     r14, [%[m], #28]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "str     r5, [%[r], #20]\n\t"
-        "str     r6, [%[r], #24]\n\t"
-        "str     r7, [%[r], #28]\n\t"
-        "ldr     r4, [%[a], #32]\n\t"
-        "ldr     r5, [%[a], #36]\n\t"
-        "ldr     r6, [%[a], #40]\n\t"
-        "ldr     r7, [%[a], #44]\n\t"
-        "ldr     r8, [%[m], #32]\n\t"
-        "ldr     r9, [%[m], #36]\n\t"
-        "ldr     r10, [%[m], #40]\n\t"
-        "ldr     r14, [%[m], #44]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #32]\n\t"
-        "str     r5, [%[r], #36]\n\t"
-        "str     r6, [%[r], #40]\n\t"
-        "str     r7, [%[r], #44]\n\t"
-        "adc       r8, r12, r12\n\t"
-        "b 2f\n\t"
-        "\n1:\n\t"
-        "ldr     r5, [%[a], #2]\n\t"
-        "str     r4, [%[r], #0]\n\t"
-        "str     r5, [%[r], #2]\n\t"
-        "ldr     r4, [%[a], #4]\n\t"
-        "ldr     r5, [%[a], #6]\n\t"
-        "str     r4, [%[r], #4]\n\t"
-        "str     r5, [%[r], #6]\n\t"
-        "ldr     r4, [%[a], #8]\n\t"
-        "ldr     r5, [%[a], #10]\n\t"
-        "str     r4, [%[r], #8]\n\t"
-        "str     r5, [%[r], #10]\n\t"
-        "ldr     r4, [%[a], #12]\n\t"
-        "ldr     r5, [%[a], #14]\n\t"
-        "str     r4, [%[r], #12]\n\t"
-        "str     r5, [%[r], #14]\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "ldr     r5, [%[a], #18]\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "str     r5, [%[r], #18]\n\t"
-        "ldr     r4, [%[a], #20]\n\t"
-        "ldr     r5, [%[a], #22]\n\t"
-        "str     r4, [%[r], #20]\n\t"
-        "str     r5, [%[r], #22]\n\t"
-        "\n2:\n\t"
-        "ldr       r3, [%[r]]\n\t"
-        "ldr       r4, [%[r], #4]\n\t"
-        "lsr       r3, r3, #1\n\t"
-        "orr       r3, r3, r4, lsl #31\n\t"
-        "lsr       r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #8]\n\t"
-        "str     r3, [%[r], #0]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #12]\n\t"
-        "str     r4, [%[r], #4]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "str     r5, [%[r], #8]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #20]\n\t"
-        "str     r3, [%[r], #12]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #24]\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #28]\n\t"
-        "str     r5, [%[r], #20]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #32]\n\t"
-        "str     r3, [%[r], #24]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #36]\n\t"
-        "str     r4, [%[r], #28]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #40]\n\t"
-        "str     r5, [%[r], #32]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #44]\n\t"
-        "str     r3, [%[r], #36]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "orr       r5, r5, r8, lsl #31\n\t"
-        "str       r4, [%[r], #40]\n\t"
-        "str       r5, [%[r], #44]\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "ANDS	r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_div2_mod_12_even\n\t"
+#else
+        "BEQ.N	L_sp_384_div2_mod_12_even\n\t"
+#endif
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "ADC	r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_div2_mod_12_div2\n\t"
+#else
+        "B.N	L_sp_384_div2_mod_12_div2\n\t"
+#endif
+        "\n"
+    "L_sp_384_div2_mod_12_even:\n\t"
+        "LDM	%[a]!, {r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "\n"
+    "L_sp_384_div2_mod_12_div2:\n\t"
+        "SUB	%[r], %[r], #0x30\n\t"
+        "LDRD	r8, r9, [%[r]]\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #8]\n\t"
+        "STR	r8, [%[r]]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #12]\n\t"
+        "STR	r9, [%[r], #4]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #16]\n\t"
+        "STR	r10, [%[r], #8]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #20]\n\t"
+        "STR	r8, [%[r], #12]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #24]\n\t"
+        "STR	r9, [%[r], #16]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #28]\n\t"
+        "STR	r10, [%[r], #20]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #32]\n\t"
+        "STR	r8, [%[r], #24]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #36]\n\t"
+        "STR	r9, [%[r], #28]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #40]\n\t"
+        "STR	r10, [%[r], #32]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #44]\n\t"
+        "STR	r8, [%[r], #36]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "ORR	r10, r10, r3, lsl #31\n\t"
+        "STR	r9, [%[r], #40]\n\t"
+        "STR	r10, [%[r], #44]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-static int sp_384_num_bits_12(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_384_num_bits_12(const sp_digit* a_p)
+#else
+static int sp_384_num_bits_12(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldr r2, [%[a], #44]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 11f\n\t"
-        "mov r3, #384\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n11:\n\t"
-        "ldr r2, [%[a], #40]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 10f\n\t"
-        "mov r3, #352\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n10:\n\t"
-        "ldr r2, [%[a], #36]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 9f\n\t"
-        "mov r3, #320\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n9:\n\t"
-        "ldr r2, [%[a], #32]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 8f\n\t"
-        "mov r3, #288\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n8:\n\t"
-        "ldr r2, [%[a], #28]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 7f\n\t"
-        "mov r3, #256\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n7:\n\t"
-        "ldr r2, [%[a], #24]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 6f\n\t"
-        "mov r3, #224\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n6:\n\t"
-        "ldr r2, [%[a], #20]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 5f\n\t"
-        "mov r3, #192\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n5:\n\t"
-        "ldr r2, [%[a], #16]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 4f\n\t"
-        "mov r3, #160\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n4:\n\t"
-        "ldr r2, [%[a], #12]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 3f\n\t"
-        "mov r3, #128\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n3:\n\t"
-        "ldr r2, [%[a], #8]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 2f\n\t"
-        "mov r3, #96\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n2:\n\t"
-        "ldr r2, [%[a], #4]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 1f\n\t"
-        "mov r3, #64\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   13f\n\t"
-        "\n1:\n\t"
-        "ldr r2, [%[a], #0]\n\t"
-        "mov r3, #32\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "\n13:\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a)
-        : "r2", "r3"
+        "LDR	r1, [%[a], #44]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_11\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_11\n\t"
+#endif
+        "MOV	r2, #0x180\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_11:\n\t"
+        "LDR	r1, [%[a], #40]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_10\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_10\n\t"
+#endif
+        "MOV	r2, #0x160\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_10:\n\t"
+        "LDR	r1, [%[a], #36]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_9\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_9\n\t"
+#endif
+        "MOV	r2, #0x140\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_9:\n\t"
+        "LDR	r1, [%[a], #32]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_8\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_8\n\t"
+#endif
+        "MOV	r2, #0x120\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_8:\n\t"
+        "LDR	r1, [%[a], #28]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_7\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_7\n\t"
+#endif
+        "MOV	r2, #0x100\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_7:\n\t"
+        "LDR	r1, [%[a], #24]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_6\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_6\n\t"
+#endif
+        "MOV	r2, #0xe0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_6:\n\t"
+        "LDR	r1, [%[a], #20]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_5\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_5\n\t"
+#endif
+        "MOV	r2, #0xc0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_5:\n\t"
+        "LDR	r1, [%[a], #16]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_4\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_4\n\t"
+#endif
+        "MOV	r2, #0xa0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_4:\n\t"
+        "LDR	r1, [%[a], #12]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_3\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_3\n\t"
+#endif
+        "MOV	r2, #0x80\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_3:\n\t"
+        "LDR	r1, [%[a], #8]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_2\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_2\n\t"
+#endif
+        "MOV	r2, #0x60\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_2:\n\t"
+        "LDR	r1, [%[a], #4]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_384_num_bits_12_1\n\t"
+#else
+        "BEQ.N	L_sp_384_num_bits_12_1\n\t"
+#endif
+        "MOV	r2, #0x40\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_384_num_bits_12_13\n\t"
+#else
+        "B.N	L_sp_384_num_bits_12_13\n\t"
+#endif
+        "\n"
+    "L_sp_384_num_bits_12_1:\n\t"
+        "LDR	r1, [%[a]]\n\t"
+        "MOV	r2, #0x20\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+        "\n"
+    "L_sp_384_num_bits_12_13:\n\t"
+        "MOV	%[a], r4\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Non-constant time modular inversion.
@@ -31515,7 +50297,7 @@ static int sp_384_mod_inv_12(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_384_cmp_12(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_12(u, v) >= 0))) {
             sp_384_sub_12(u, u, v);
             o = sp_384_sub_12(b, b, d);
             if (o != 0)
@@ -31596,7 +50378,7 @@ static void sp_384_add_points_12(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -31920,7 +50702,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -31948,19 +50730,21 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 12;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_12(t1, point->y);
         (void)sp_384_mod_12(t1, t1, p384_mod);
         sp_384_sqr_12(t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
         sp_384_mul_12(t2, t2, point->x);
         (void)sp_384_mod_12(t2, t2, p384_mod);
-        (void)sp_384_sub_12(t2, p384_mod, t2);
-        sp_384_mont_add_12(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_12(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
         sp_384_mont_add_12(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_12(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -31974,7 +50758,7 @@ static int sp_384_ecc_is_point_12(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -32601,429 +51385,3650 @@ static const sp_digit p521_b[17] = {
 };
 #endif
 
+#ifdef WOLFSSL_SP_SMALL
 /* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_521_mul_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_521_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[17 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #68\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #64\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x88\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_521_mul_17_outer:\n\t"
+        "SUBS	r3, r5, #0x40\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_521_mul_17_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_521_mul_17_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BGT.N	L_sp_521_mul_17_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_521_mul_17_inner\n\t"
+#else
+        "BLT.N	L_sp_521_mul_17_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_521_mul_17_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x7c\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #128\n\t"
-        "cmp	r8, r6\n\t"
+        "BLE	L_sp_521_mul_17_outer\n\t"
+#else
+        "BLE.N	L_sp_521_mul_17_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #64]\n\t"
+        "LDR	r11, [%[b], #64]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "LDM	sp!, {r6, r7}\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SUB	r5, r5, #0x8\n\t"
+        "\n"
+    "L_sp_521_mul_17_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BGT	L_sp_521_mul_17_store\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BGT.N	L_sp_521_mul_17_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
-/* Square a and put result in r. (r = a * a)
+#else
+/* Multiply a and b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
+ * b  A single precision integer.
  */
-SP_NOINLINE static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_521_mul_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #136\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #64\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #68\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
-#else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #128\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #132\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
-#else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #136\n\t"
-        "add	sp, sp, r6\n\t"
+        "SUB	sp, sp, #0x44\n\t"
+        /* A[0] * B[0] */
+        "LDR	r11, [%[a]]\n\t"
+        "LDR	r12, [%[b]]\n\t"
+        "UMULL	r3, r4, r11, r12\n\t"
+        "MOV	r5, #0x0\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[0] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        /* A[2] * B[0] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[1] */
+        "LDR	r11, [%[a], #4]\n\t"
+        "LDR	r12, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[2] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[0] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[2] */
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[1] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[0] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #12]\n\t"
+        /* A[4] * B[0] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[1] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[2] */
+        "LDR	r11, [%[a], #8]\n\t"
+        "LDR	r12, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[3] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[4] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #16]\n\t"
+        /* A[0] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[4] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[2] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[1] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[0] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #20]\n\t"
+        /* A[6] * B[0] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[1] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[2] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[3] */
+        "LDR	r11, [%[a], #12]\n\t"
+        "LDR	r12, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[4] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[5] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[6] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #24]\n\t"
+        /* A[0] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[6] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[5] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[4] */
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[3] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[2] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[1] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[0] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* A[8] * B[0] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[1] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[2] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[3] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[4] */
+        "LDR	r11, [%[a], #16]\n\t"
+        "LDR	r12, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[5] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[6] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[7] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[8] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #32]\n\t"
+        /* A[0] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[8] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[7] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[6] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[4] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[3] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[2] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[1] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[0] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #36]\n\t"
+        /* A[10] * B[0] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[1] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[2] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[3] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[4] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[5] */
+        "LDR	r11, [%[a], #20]\n\t"
+        "LDR	r12, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[6] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[7] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[8] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[9] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[10] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #40]\n\t"
+        /* A[0] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[10] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[9] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[8] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[7] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[6] */
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[5] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[4] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[3] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[2] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[1] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[0] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #44]\n\t"
+        /* A[12] * B[0] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[1] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[2] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[3] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[4] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[5] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[6] */
+        "LDR	r11, [%[a], #24]\n\t"
+        "LDR	r12, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[7] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[8] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[9] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[10] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[11] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[12] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #48]\n\t"
+        /* A[0] * B[13] */
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[12] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[11] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[10] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[9] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[8] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[6] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[5] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[4] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[3] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[2] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[1] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[0] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #52]\n\t"
+        /* A[14] * B[0] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[1] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[2] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[3] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[4] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[5] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[6] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[7] */
+        "LDR	r11, [%[a], #28]\n\t"
+        "LDR	r12, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[8] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[9] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[10] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[11] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[12] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[13] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[14] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #56]\n\t"
+        /* A[0] * B[15] */
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[14] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[13] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[12] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[11] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[10] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[9] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[8] */
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[7] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[6] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[5] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[4] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[3] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[2] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[1] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[0] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #60]\n\t"
+        /* A[16] * B[0] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[1] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[2] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[3] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[4] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[5] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[6] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[7] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[8] */
+        "LDR	r11, [%[a], #32]\n\t"
+        "LDR	r12, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[9] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[10] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[11] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[12] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[13] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[14] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[15] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[16] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #64]\n\t"
+        /* A[1] * B[16] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[15] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[14] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[13] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[12] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[11] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[10] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[8] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[7] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[6] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[5] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[4] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[3] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[2] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[16] * B[1] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #68]\n\t"
+        /* A[16] * B[2] */
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[3] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[4] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[5] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[6] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[7] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[8] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[9] */
+        "LDR	r11, [%[a], #36]\n\t"
+        "LDR	r12, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[10] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[11] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[12] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[13] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[14] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[15] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[16] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #72]\n\t"
+        /* A[3] * B[16] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[15] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[14] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[13] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[12] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[11] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[10] */
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[9] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[8] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[7] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[6] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[5] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[4] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[16] * B[3] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #76]\n\t"
+        /* A[16] * B[4] */
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[5] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[6] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[7] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[8] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[9] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[10] */
+        "LDR	r11, [%[a], #40]\n\t"
+        "LDR	r12, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[11] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[12] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[13] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[14] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[15] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[16] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #80]\n\t"
+        /* A[5] * B[16] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[15] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[14] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[13] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[12] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[10] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[9] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[8] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[7] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[6] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[16] * B[5] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #84]\n\t"
+        /* A[16] * B[6] */
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[7] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[8] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[9] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[10] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[11] */
+        "LDR	r11, [%[a], #44]\n\t"
+        "LDR	r12, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[12] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[13] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[14] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[15] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[16] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #88]\n\t"
+        /* A[7] * B[16] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[15] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[14] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[13] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[12] */
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[11] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[10] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[9] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[8] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[16] * B[7] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #92]\n\t"
+        /* A[16] * B[8] */
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[9] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[10] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[11] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[12] */
+        "LDR	r11, [%[a], #48]\n\t"
+        "LDR	r12, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[13] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[14] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[15] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[16] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #96]\n\t"
+        /* A[9] * B[16] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[15] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[14] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[13] */
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[12] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[11] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[10] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[16] * B[9] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #100]\n\t"
+        /* A[16] * B[10] */
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[11] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[12] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[13] */
+        "LDR	r11, [%[a], #52]\n\t"
+        "LDR	r12, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[14] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[15] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[16] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #104]\n\t"
+        /* A[11] * B[16] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[15] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[14] */
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[13] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[12] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[16] * B[11] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #108]\n\t"
+        /* A[16] * B[12] */
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[13] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[14] */
+        "LDR	r11, [%[a], #56]\n\t"
+        "LDR	r12, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[15] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[16] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #112]\n\t"
+        /* A[13] * B[16] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[15] */
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[14] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[16] * B[13] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #116]\n\t"
+        /* A[16] * B[14] */
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[15] */
+        "LDR	r11, [%[a], #60]\n\t"
+        "LDR	r12, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[16] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #64]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #120]\n\t"
+        /* A[15] * B[16] */
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[16] * B[15] */
+        "LDR	r8, [%[a], #64]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #124]\n\t"
+        /* A[16] * B[16] */
+        "UMLAL	r5, r3, r8, r9\n\t"
+        "STR	r5, [%[r], #128]\n\t"
+        "STR	r3, [%[r], #132]\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3}\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
- * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #68\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "SUB	sp, sp, #0x88\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_521_sqr_17_outer:\n\t"
+        "SUBS	r3, r5, #0x40\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_521_sqr_17_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_521_sqr_17_inner_done\n\t"
+#else
+        "BGT.N	L_sp_521_sqr_17_inner_done\n\t"
+#endif
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BLT	L_sp_521_sqr_17_inner\n\t"
+#else
+        "BLT.N	L_sp_521_sqr_17_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_521_sqr_17_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x7c\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BLE	L_sp_521_sqr_17_outer\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BLE.N	L_sp_521_sqr_17_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #64]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "LDM	sp!, {r6, r7}\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SUB	r5, r5, #0x8\n\t"
+        "\n"
+    "L_sp_521_sqr_17_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_521_sqr_17_store\n\t"
+#else
+        "BGT.N	L_sp_521_sqr_17_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    return c;
 }
 
 #else
-/* Add b to a into r. (r = a + b)
+/* Square a and put result in r. (r = a * a)
  *
  * r  A single precision integer.
  * a  A single precision integer.
- * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_sqr_17(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_521_sqr_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "SUB	sp, sp, #0x44\n\t"
+        /* A[0] * A[0] */
+        "LDR	r10, [%[a]]\n\t"
+        "UMULL	r8, r3, r10, r10\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r8, [sp]\n\t"
+        /* A[0] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #4]\n\t"
+        /* A[0] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #8]\n\t"
+        /* A[0] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [sp, #12]\n\t"
+        /* A[0] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[1] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[2] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #16]\n\t"
+        /* A[0] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #20]\n\t"
+        /* A[0] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #24]\n\t"
+        /* A[0] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #28]\n\t"
+        /* A[0] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #32]\n\t"
+        /* A[0] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #36]\n\t"
+        /* A[0] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #40]\n\t"
+        /* A[0] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #44]\n\t"
+        /* A[0] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #48]\n\t"
+        /* A[0] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #52]\n\t"
+        /* A[0] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #56]\n\t"
+        /* A[0] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #60]\n\t"
+        /* A[0] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #64]\n\t"
+        /* A[1] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[2] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        /* A[2] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[3] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #72]\n\t"
+        /* A[3] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[4] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #76]\n\t"
+        /* A[4] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[5] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        /* A[5] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[6] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #84]\n\t"
+        /* A[6] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[7] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #88]\n\t"
+        /* A[7] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[8] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        /* A[8] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[9] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[12] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #96]\n\t"
+        /* A[9] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[10] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[12] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #100]\n\t"
+        /* A[10] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[11] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[12] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[13] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #104]\n\t"
+        /* A[11] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[12] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[13] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #108]\n\t"
+        /* A[12] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[13] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[14] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [%[r], #112]\n\t"
+        /* A[13] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #116]\n\t"
+        /* A[14] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #120]\n\t"
+        /* A[15] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [%[r], #124]\n\t"
+        /* A[16] * A[16] */
+        "LDR	r10, [%[a], #64]\n\t"
+        "UMLAL	r4, r2, r10, r10\n\t"
+        "STR	r4, [%[r], #128]\n\t"
+        "STR	r2, [%[r], #132]\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2}\n\t"
+        "STM	%[r]!, {r2}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
-
-    return c;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "add	r6, r6, #68\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x40\n\t"
+        "\n"
+    "L_sp_521_add_17_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_521_add_17_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_521_add_17_word\n\t"
+#endif
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a], {r4}\n\t"
+        "LDM	%[b], {r8}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	%[r], r4, #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Add b to a into r. (r = a + b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r6, [%[b]]\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3}\n\t"
+        "LDM	%[b]!, {r7}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
@@ -33055,14 +55060,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -33240,6 +55245,7 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
     return err;
 }
 
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -33248,322 +55254,765 @@ static int sp_521_point_to_ecc_point_17(const sp_point_521* p, ecc_point* pm)
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #68\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_521_cond_sub_17_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x44\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_521_cond_sub_17_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_521_cond_sub_17_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_cond_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_521_cond_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    return c;
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r8, [%[b]]\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "STR	r6, [%[r]]\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 /* Reduce the number back to 521 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)mp;
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "sub   sp, sp, #68\n\t"
-        "mov   r12, sp\n\t"
-        "add   r14, %[a], #64\n\t"
-        "ldm   r14!, {r1, r2, r3, r4, r5, r6, r7, r8, r9, r10}\n\t"
-        "lsr       r1, r1, #9\n\t"
-        "orr       r1, r1, r2, lsl #23\n\t"
-        "lsr       r2, r2, #9\n\t"
-        "orr       r2, r2, r3, lsl #23\n\t"
-        "lsr       r3, r3, #9\n\t"
-        "orr       r3, r3, r4, lsl #23\n\t"
-        "lsr       r4, r4, #9\n\t"
-        "orr       r4, r4, r5, lsl #23\n\t"
-        "lsr       r5, r5, #9\n\t"
-        "orr       r5, r5, r6, lsl #23\n\t"
-        "lsr       r6, r6, #9\n\t"
-        "orr       r6, r6, r7, lsl #23\n\t"
-        "lsr       r7, r7, #9\n\t"
-        "orr       r7, r7, r8, lsl #23\n\t"
-        "lsr       r8, r8, #9\n\t"
-        "orr       r8, r8, r9, lsl #23\n\t"
-        "lsr       r9, r9, #9\n\t"
-        "orr       r9, r9, r10, lsl #23\n\t"
-        "stm   r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "mov   r1, r10\n\t"
-        "ldm   r14, {r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "lsr       r1, r1, #9\n\t"
-        "orr       r1, r1, r2, lsl #23\n\t"
-        "lsr       r2, r2, #9\n\t"
-        "orr       r2, r2, r3, lsl #23\n\t"
-        "lsr       r3, r3, #9\n\t"
-        "orr       r3, r3, r4, lsl #23\n\t"
-        "lsr       r4, r4, #9\n\t"
-        "orr       r4, r4, r5, lsl #23\n\t"
-        "lsr       r5, r5, #9\n\t"
-        "orr       r5, r5, r6, lsl #23\n\t"
-        "lsr       r6, r6, #9\n\t"
-        "orr       r6, r6, r7, lsl #23\n\t"
-        "lsr       r7, r7, #9\n\t"
-        "orr       r7, r7, r8, lsl #23\n\t"
-        "lsr   r8, r8, #9\n\t"
-        "stm   r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "mov   r14, sp\n\t"
-        "ldm   %[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm   r14!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "adds  r1, r1, r7\n\t"
-        "adcs        r2, r2, r8\n\t"
-        "adcs        r3, r3, r9\n\t"
-        "adcs        r4, r4, r10\n\t"
-        "adcs        r5, r5, r11\n\t"
-        "adcs        r6, r6, r12\n\t"
-        "stm   %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm   %[a], {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm   r14!, {r7, r8, r9, r10, r11, r12}\n\t"
-        "adcs        r1, r1, r7\n\t"
-        "adcs        r2, r2, r8\n\t"
-        "adcs        r3, r3, r9\n\t"
-        "adcs        r4, r4, r10\n\t"
-        "adcs        r5, r5, r11\n\t"
-        "adcs        r6, r6, r12\n\t"
-        "stm   %[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
-        "ldm   %[a], {r1, r2, r3, r4, r5}\n\t"
-        "ldm   r14!, {r7, r8, r9, r10, r11}\n\t"
-        "mov   r14, #0x1ff\n\t"
-        "and   r5, r5, r14\n\t"
-        "adcs        r1, r1, r7\n\t"
-        "adcs        r2, r2, r8\n\t"
-        "adcs        r3, r3, r9\n\t"
-        "adcs        r4, r4, r10\n\t"
-        "adcs        r5, r5, r11\n\t"
-        "lsr   r12, r5, #9\n\t"
-        "and   r5, r5, r14\n\t"
-        "stm   %[a]!, {r1, r2, r3, r4, r5}\n\t"
-        "sub   %[a], %[a], #68\n\t"
-        "mov   r11, #0\n\t"
-        "ldm   %[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "adds  r1, r1, r12\n\t"
-        "adcs        r2, r2, r11\n\t"
-        "adcs        r3, r3, r11\n\t"
-        "adcs        r4, r4, r11\n\t"
-        "adcs        r5, r5, r11\n\t"
-        "adcs        r6, r6, r11\n\t"
-        "adcs        r7, r7, r11\n\t"
-        "adcs        r8, r8, r11\n\t"
-        "adcs        r9, r9, r11\n\t"
-        "stm   %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
-        "ldm   %[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "adcs        r1, r1, r11\n\t"
-        "adcs        r2, r2, r11\n\t"
-        "adcs        r3, r3, r11\n\t"
-        "adcs        r4, r4, r11\n\t"
-        "adcs        r5, r5, r11\n\t"
-        "adcs        r6, r6, r11\n\t"
-        "adcs        r7, r7, r11\n\t"
-        "adcs        r8, r8, r11\n\t"
-        "stm   %[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
-        "add   sp, sp, #68\n\t"
-        "sub   %[a], %[a], #68\n\t"
+        "SUB	sp, sp, #0x44\n\t"
+        "MOV	r12, sp\n\t"
+        /* Shift top down by 9 bits */
+        "ADD	lr, %[a], #0x40\n\t"
+        /*  0-7 */
+        "LDM	lr!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "LSR	r1, r1, #9\n\t"
+        "ORR	r1, r1, r2, LSL #23\n\t"
+        "LSR	r2, r2, #9\n\t"
+        "ORR	r2, r2, r3, LSL #23\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r4, LSL #23\n\t"
+        "LSR	r4, r4, #9\n\t"
+        "ORR	r4, r4, r5, LSL #23\n\t"
+        "LSR	r5, r5, #9\n\t"
+        "ORR	r5, r5, r6, LSL #23\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r8, LSL #23\n\t"
+        "LSR	r8, r8, #9\n\t"
+        "ORR	r8, r8, r9, LSL #23\n\t"
+        "STM	r12!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "MOV	r1, r9\n\t"
+        /*  8-16 */
+        "LDM	lr!, {r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "LSR	r1, r1, #9\n\t"
+        "ORR	r1, r1, r2, LSL #23\n\t"
+        "LSR	r2, r2, #9\n\t"
+        "ORR	r2, r2, r3, LSL #23\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r4, LSL #23\n\t"
+        "LSR	r4, r4, #9\n\t"
+        "ORR	r4, r4, r5, LSL #23\n\t"
+        "LSR	r5, r5, #9\n\t"
+        "ORR	r5, r5, r6, LSL #23\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r8, LSL #23\n\t"
+        "LSR	r8, r8, #9\n\t"
+        "ORR	r8, r8, r9, LSL #23\n\t"
+        "LSR	r9, r9, #9\n\t"
+        "STM	r12!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        /* Add top to bottom */
+        /*  0-5 */
+        "LDM	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
+        "ADDS	r1, r1, r7\n\t"
+        "ADCS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADCS	r4, r4, r10\n\t"
+        "ADCS	r5, r5, r11\n\t"
+        "ADCS	r6, r6, r12\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
+        /*  6-11 */
+        "LDM	%[a], {r1, r2, r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r7, r8, r9, r10, r11, r12}\n\t"
+        "ADCS	r1, r1, r7\n\t"
+        "ADCS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADCS	r4, r4, r10\n\t"
+        "ADCS	r5, r5, r11\n\t"
+        "ADCS	r6, r6, r12\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4, r5, r6}\n\t"
+        /*  12-16 */
+        "LDM	%[a], {r1, r2, r3, r4, r5}\n\t"
+        "LDM	sp!, {r7, r8, r9, r10, r11}\n\t"
+        "MOV	lr, #0x1ff\n\t"
+        "AND	r5, r5, lr\n\t"
+        "ADCS	r1, r1, r7\n\t"
+        "ADCS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADCS	r4, r4, r10\n\t"
+        "ADCS	r5, r5, r11\n\t"
+        "LSR	r12, r5, #9\n\t"
+        "AND	r5, r5, lr\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4, r5}\n\t"
+        "SUB	%[a], %[a], #0x44\n\t"
+        /* Add overflow */
+        /*  0-8 */
+        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        "ADDS	r1, r1, r12\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8, r9}\n\t"
+        /*  9-16 */
+        "LDM	%[a], {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4, r5, r6, r7, r8}\n\t"
         : [a] "+r" (a)
         :
-        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r1", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)mp_p;
+#else
+    (void)mp;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Reduce the number back to 521 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #68\n\t"
-        "\n1:\n\t"
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "sub	r14, r11, #4\n\t"
-        "cmp	r10, r14\n\t"
-        "bne	L_521_mont_reduce_17_nomask\n\t"
-        "mov	r8, #0x1ff\n\t"
-        "and	%[mp], %[mp], r8\n\t"
-        "L_521_mont_reduce_17_nomask:\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #64\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
+        "MUL	r10, %[mp], r4\n\t"
+        "CMP	r11, #0x40\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
+        "BNE	L_sp_521_mont_reduce_order_17_nomask\n\t"
 #else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+        "BNE.N	L_sp_521_mont_reduce_order_17_nomask\n\t"
+#endif
+        "MOV	r9, #0x1ff\n\t"
+        "AND	r10, r10, r9\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_nomask:\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        "STR	r4, [%[a]]\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
         /* a[i+16] += m[16] * mu */
-        "mov	r5, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[16] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs 	r5, r5, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[16] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r4\n\t"
-        "adcs	r8, r8, r5\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        "mov	r4, #0\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #60\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "sub       r10, r10, #4\n\t"
-        "ldr       r4, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "ldr     r5, [r10]\n\t"
-        "lsr     r4, r4, #9\n\t"
-        "orr     r4, r4, r5, lsl #23\n\t"
-        "str     r4, [r10], #4\n\t"
-        "ldr     r4, [r10]\n\t"
-        "lsr     r5, r5, #9\n\t"
-        "orr     r5, r5, r4, lsl #23\n\t"
-        "str     r5, [r10], #4\n\t"
-        "lsr       r4, r4, #9\n\t"
-        "str       r4, [r10]\n\t"
-        "lsr       %[ca], r4, #9\n\t"
-        "sub	%[a], r10, #64\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "ADCS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x44\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_521_mont_reduce_order_17_word\n\t"
+#else
+        "BLT.W	L_sp_521_mont_reduce_order_17_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "SUB	%[a], %[a], #0x4\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #4]\n\t"
+        "LDR	r6, [%[a], #8]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #8]\n\t"
+        "LDR	r7, [%[a], #12]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #12]\n\t"
+        "LDR	r6, [%[a], #16]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #16]\n\t"
+        "LDR	r7, [%[a], #20]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #20]\n\t"
+        "LDR	r6, [%[a], #24]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #24]\n\t"
+        "LDR	r7, [%[a], #28]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #28]\n\t"
+        "LDR	r6, [%[a], #32]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #32]\n\t"
+        "LDR	r7, [%[a], #36]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #36]\n\t"
+        "LDR	r6, [%[a], #40]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #40]\n\t"
+        "LDR	r7, [%[a], #44]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #44]\n\t"
+        "LDR	r6, [%[a], #48]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #48]\n\t"
+        "LDR	r7, [%[a], #52]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #52]\n\t"
+        "LDR	r6, [%[a], #56]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #56]\n\t"
+        "LDR	r7, [%[a], #60]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "ORR	r6, r6, r7, LSL #23\n\t"
+        "STR	r6, [%[a], #60]\n\t"
+        "LDR	r6, [%[a], #64]\n\t"
+        "LSR	r7, r7, #9\n\t"
+        "ORR	r7, r7, r6, LSL #23\n\t"
+        "STR	r7, [%[a], #64]\n\t"
+        "LSR	r6, r6, #9\n\t"
+        "STR	r6, [%[a], #68]\n\t"
+        "LSR	r3, r6, #9\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
+}
+
+#else
+/* Reduce the number back to 521 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - ca);
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        "CMP	r4, #0x40\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_sp_521_mont_reduce_order_17_nomask\n\t"
+#else
+        "BNE.N	L_sp_521_mont_reduce_order_17_nomask\n\t"
+#endif
+        "MOV	r12, #0x1ff\n\t"
+        "AND	lr, lr, r12\n\t"
+        "\n"
+    "L_sp_521_mont_reduce_order_17_nomask:\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        "STR	r6, [%[a]]\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #68]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #68]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x44\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_521_mont_reduce_order_17_word\n\t"
+#else
+        "BLT.W	L_sp_521_mont_reduce_order_17_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "SUB	%[a], %[a], #0x4\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "LDR	r3, [%[a], #4]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #4]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #8]\n\t"
+        "LDR	r3, [%[a], #12]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #16]\n\t"
+        "LDR	r3, [%[a], #20]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #24]\n\t"
+        "LDR	r3, [%[a], #28]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #32]\n\t"
+        "LDR	r3, [%[a], #36]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #40]\n\t"
+        "LDR	r3, [%[a], #44]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #48]\n\t"
+        "LDR	r3, [%[a], #52]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #56]\n\t"
+        "LDR	r3, [%[a], #60]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "ORR	r12, r12, r3, LSL #23\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "LSR	r3, r3, #9\n\t"
+        "ORR	r3, r3, r12, LSL #23\n\t"
+        "STR	r3, [%[a], #64]\n\t"
+        "LSR	r12, r12, #9\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "LSR	r5, r12, #9\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_521_cond_sub_17(a - 17, a, m, (sp_digit)0 - mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -33571,7 +56020,7 @@ SP_NOINLINE static void sp_521_mont_reduce_order_17(sp_digit* a, const sp_digit*
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -33585,7 +56034,7 @@ SP_NOINLINE static void sp_521_mont_mul_17(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -33601,10 +56050,10 @@ SP_NOINLINE static void sp_521_mont_sqr_17(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_17(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_17(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_17(r, a, m, mp);
     for (; n > 1; n--) {
@@ -33710,44 +56159,236 @@ static void sp_521_mont_inv_17(sp_digit* r, const sp_digit* a, sp_digit* td)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_521_cmp_17(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_521_cmp_17(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #64\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x40\n\t"
+        "\n"
+    "L_sp_521_cmp_17_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_521_cmp_17_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Normalize the values in each word to 32.
@@ -33803,82 +56444,88 @@ static void sp_521_map_17(sp_point_521* r, const sp_point_521* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adds      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[a]!, {r4}\n\t"
-        "ldm   %[b]!, {r8}\n\t"
-        "adcs        r4, r4, r8\n\t"
-        "mov   r14, #0x1ff\n\t"
-        "lsr   r12, r4, #9\n\t"
-        "and   r4, r4, r14\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "mov   r14, #0\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adds      r4, r4, r12\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[r], {r4}\n\t"
-        "adcs        r4, r4, r14\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8}\n\t"
+        "LDM	%[b]!, {r4}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "MOV	r12, #0x1ff\n\t"
+        "LSR	r3, r8, #9\n\t"
+        "AND	r8, r8, r12\n\t"
+        "STM	%[r]!, {r8}\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r3\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4}\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Double a Montgomery form number (r = a + a % m).
@@ -33887,79 +56534,78 @@ SP_NOINLINE static void sp_521_mont_add_17(sp_digit* r, const sp_digit* a, const
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r8, #0\n\t"
-        "ldm %[a]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "adds      r2, r2, r2\n\t"
-        "adcs      r3, r3, r3\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "str       r2, [%[r], #0]\n\t"
-        "str       r3, [%[r], #4]\n\t"
-        "str       r4, [%[r], #8]\n\t"
-        "str       r5, [%[r], #12]\n\t"
-        "str       r6, [%[r], #16]\n\t"
-        "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "adcs      r2, r2, r2\n\t"
-        "adcs      r3, r3, r3\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "str       r2, [%[r], #0]\n\t"
-        "str       r3, [%[r], #4]\n\t"
-        "str       r4, [%[r], #8]\n\t"
-        "str       r5, [%[r], #12]\n\t"
-        "str       r6, [%[r], #16]\n\t"
-        "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "ldm   %[a]!, {r2, r3, r4, r5, r6}\n\t"
-        "adcs        r2, r2, r2\n\t"
-        "adcs        r3, r3, r3\n\t"
-        "adcs        r4, r4, r4\n\t"
-        "adcs        r5, r5, r5\n\t"
-        "adcs        r6, r6, r6\n\t"
-        "mov   r9, #0x1ff\n\t"
-        "lsr   r8, r6, #9\n\t"
-        "and   r6, r6, r9\n\t"
-        "stm   %[r]!, {r2, r3, r4, r5, r6}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "mov   r9, #0\n\t"
-        "ldm %[r], {r2, r3, r4, r5, r6, r7}\n\t"
-        "adds      r2, r2, r8\n\t"
-        "adcs      r3, r3, r9\n\t"
-        "adcs      r4, r4, r9\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r9\n\t"
-        "adcs      r7, r7, r9\n\t"
-        "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r2, r3, r4, r5, r6, r7}\n\t"
-        "adcs      r2, r2, r9\n\t"
-        "adcs      r3, r3, r9\n\t"
-        "adcs      r4, r4, r9\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r9\n\t"
-        "adcs      r7, r7, r9\n\t"
-        "stm %[r]!, {r2, r3, r4, r5, r6, r7}\n\t"
-        "ldm   %[r], {r2, r3, r4, r5, r6}\n\t"
-        "adcs        r2, r2, r9\n\t"
-        "adcs        r3, r3, r9\n\t"
-        "adcs        r4, r4, r9\n\t"
-        "adcs        r5, r5, r9\n\t"
-        "adcs        r6, r6, r9\n\t"
-        "stm   %[r]!, {r2, r3, r4, r5, r6}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "sub   %[a], %[a], #68\n\t"
+        "MOV	r2, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "MOV	r3, #0x1ff\n\t"
+        "LSR	r2, r4, #9\n\t"
+        "AND	r4, r4, r3\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r2\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "ADCS	r5, r5, #0x0\n\t"
+        "ADCS	r6, r6, #0x0\n\t"
+        "ADCS	r7, r7, #0x0\n\t"
+        "ADCS	r8, r8, #0x0\n\t"
+        "ADCS	r9, r9, #0x0\n\t"
+        "ADCS	r10, r10, #0x0\n\t"
+        "ADCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4}\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Triple a Montgomery form number (r = a + a + a % m).
@@ -33968,110 +56614,98 @@ SP_NOINLINE static void sp_521_mont_dbl_17(sp_digit* r, const sp_digit* a, const
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adds      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[a]!, {r4}\n\t"
-        "adcs        r4, r4, r4\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "sub   %[a], %[a], #68\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adds      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm   %[r], {r8}\n\t"
-        "ldm   %[a]!, {r4}\n\t"
-        "adcs        r8, r8, r4\n\t"
-        "mov   r14, #0x1ff\n\t"
-        "lsr   r12, r8, #9\n\t"
-        "and   r8, r8, r14\n\t"
-        "stm   %[r]!, {r8}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "mov   r14, #0\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adds      r4, r4, r12\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "adcs      r4, r4, r14\n\t"
-        "adcs      r5, r5, r14\n\t"
-        "adcs      r6, r6, r14\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[r], {r4}\n\t"
-        "adcs        r4, r4, r14\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
+        "MOV	r2, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "SUB	%[a], %[a], #0x44\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4}\n\t"
+        "LDM	%[a]!, {r8}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "MOV	r3, #0x1ff\n\t"
+        "LSR	r2, r4, #9\n\t"
+        "AND	r4, r4, r3\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r2\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4}\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r2", "r3", "cc"
     );
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
+#else
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
 /* Subtract two Montgomery form numbers (r = a - b % m).
@@ -34081,200 +56715,172 @@ SP_NOINLINE static void sp_521_mont_tpl_17(sp_digit* r, const sp_digit* a, const
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_521_mont_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    (void)m;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "subs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[a]!, {r4}\n\t"
-        "ldm   %[b]!, {r8}\n\t"
-        "sbcs        r4, r4, r8\n\t"
-        "mov   r14, #0x1ff\n\t"
-        "asr   r12, r4, #9\n\t"
-        "and   r4, r4, r14\n\t"
-        "neg   r12, r12\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
-        "mov   r14, #0\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "subs      r4, r4, r12\n\t"
-        "sbcs      r5, r5, r14\n\t"
-        "sbcs      r6, r6, r14\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "sbcs      r4, r4, r14\n\t"
-        "sbcs      r5, r5, r14\n\t"
-        "sbcs      r6, r6, r14\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "sbcs      r4, r4, r14\n\t"
-        "sbcs      r5, r5, r14\n\t"
-        "sbcs      r6, r6, r14\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "sbcs      r4, r4, r14\n\t"
-        "sbcs      r5, r5, r14\n\t"
-        "sbcs      r6, r6, r14\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm   %[r], {r4}\n\t"
-        "sbcs      r4, r4, r14\n\t"
-        "stm   %[r]!, {r4}\n\t"
-        "sub   %[r], %[r], #68\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "SUBS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[b]!, {r4, r5, r6, r7}\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "SBCS	r9, r9, r5\n\t"
+        "SBCS	r10, r10, r6\n\t"
+        "SBCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r8}\n\t"
+        "LDM	%[b]!, {r4}\n\t"
+        "SBCS	r8, r8, r4\n\t"
+        "MOV	r12, #0x1ff\n\t"
+        "ASR	r3, r8, #9\n\t"
+        "AND	r8, r8, r12\n\t"
+        "neg	r3, r3\n\t"
+        "STM	%[r]!, {r8}\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r4, r4, r3\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "SBCS	r5, r5, #0x0\n\t"
+        "SBCS	r6, r6, #0x0\n\t"
+        "SBCS	r7, r7, #0x0\n\t"
+        "SBCS	r8, r8, #0x0\n\t"
+        "SBCS	r9, r9, #0x0\n\t"
+        "SBCS	r10, r10, #0x0\n\t"
+        "SBCS	r11, r11, #0x0\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[r], {r4}\n\t"
+        "SBCS	r4, r4, #0x0\n\t"
+        "STM	%[r]!, {r4}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-}
-
-#define sp_521_mont_sub_lower_17 sp_521_mont_sub_17
-/* Conditionally add a and b using the mask m.
- * m is -1 to add and 0 when not.
- *
- * r  A single precision number representing conditional add result.
- * a  A single precision number to add with.
- * b  A single precision number to add.
- * m  Mask value to apply.
- */
-SP_NOINLINE static sp_digit sp_521_cond_add_17(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	r5, #68\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    (void)m_p;
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
-    );
-
-    return c;
+    (void)m;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 }
 
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_rshift1_17(sp_digit* r_p, const sp_digit* a_p)
+#else
 static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r], #0]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "str	r3, [%[r], #64]\n\t"
+        "LDM	%[a], {r2, r3}\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "STR	r2, [%[r]]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #12]\n\t"
+        "STR	r3, [%[r], #4]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #16]\n\t"
+        "STR	r4, [%[r], #8]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "STR	r2, [%[r], #12]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #24]\n\t"
+        "STR	r3, [%[r], #16]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #28]\n\t"
+        "STR	r4, [%[r], #20]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "STR	r2, [%[r], #24]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #36]\n\t"
+        "STR	r3, [%[r], #28]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #40]\n\t"
+        "STR	r4, [%[r], #32]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "STR	r2, [%[r], #36]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #48]\n\t"
+        "STR	r3, [%[r], #40]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #52]\n\t"
+        "STR	r4, [%[r], #44]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "STR	r2, [%[r], #48]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #60]\n\t"
+        "STR	r3, [%[r], #52]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #64]\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "STR	r2, [%[r], #60]\n\t"
+        "STR	r3, [%[r], #64]\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -34284,13 +56890,14 @@ static void sp_521_rshift1_17(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_521_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_521_mont_div2_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
-    sp_digit o;
+    sp_digit o = a[0] & 1;
+
+    (void)m;
 
-    o = sp_521_cond_add_17(r, a, m, 0 - (a[0] & 1));
     sp_521_rshift1_17(r, r);
-    r[16] |= o << 31;
+    r[16] |= o << 8;
 }
 
 /* Double the Montgomery form projective point p.
@@ -34337,7 +56944,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_17(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_17(t2, t2, p521_mod);
+    sp_521_mont_div2_17(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_17(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -34347,7 +56954,7 @@ static void sp_521_proj_point_dbl_17(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_17(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+    sp_521_mont_sub_17(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_17(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -34370,7 +56977,8 @@ typedef struct sp_521_proj_point_dbl_17_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_17_ctx* ctx = (sp_521_proj_point_dbl_17_ctx*)sp_ctx->data;
@@ -34444,7 +57052,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_17(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_17(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -34469,7 +57077,7 @@ static int sp_521_proj_point_dbl_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, co
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -34535,12 +57143,12 @@ static int sp_521_iszero_17(const sp_digit* a)
 static void sp_521_proj_point_add_17(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*17;
+    sp_digit* t2 = t + 4*17;
+    sp_digit* t3 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_17(t1, q->z, p521_mod, p521_mp_mod);
@@ -34562,17 +57170,9 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_17(t2, t2, t1, p521_mod);
@@ -34591,20 +57191,31 @@ static void sp_521_proj_point_add_17(sp_point_521* r,
         sp_521_mont_dbl_17(t3, y, p521_mod);
         sp_521_mont_sub_17(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(y, y, x, p521_mod);
+        sp_521_mont_sub_17(y, y, x, p521_mod);
         sp_521_mont_mul_17(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(y, y, t5, p521_mod);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -34650,12 +57261,12 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*17;
-        ctx->t3 = t + 4*17;
-        ctx->t4 = t + 6*17;
-        ctx->t5 = t + 8*17;
-        ctx->t6 = t + 10*17;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*17;
+        ctx->t2 = t + 4*17;
+        ctx->t3 = t + 6*17;
+        ctx->t4 = t + 8*17;
+        ctx->t5 = t + 10*17;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -34762,7 +57373,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_17(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_17(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -34775,22 +57386,28 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -34810,7 +57427,7 @@ static int sp_521_proj_point_add_17_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_point_16_17(sp_point_521* r, const sp_point_521* table,
@@ -35120,8 +57737,6 @@ static int sp_521_ecc_mulmod_fast_17(sp_point_521* r, const sp_point_521* g, con
 }
 
 #ifdef FP_ECC
-#define sp_521_mont_dbl_lower_17 sp_521_mont_dbl_17
-#define sp_521_mont_tpl_lower_17 sp_521_mont_tpl_17
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -35160,7 +57775,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_17(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+        sp_521_mont_tpl_17(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -35169,8 +57784,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
         sp_521_mont_dbl_17(t2, b, p521_mod);
         sp_521_mont_sub_17(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+        sp_521_mont_sub_17(t2, b, x, p521_mod);
+        sp_521_mont_dbl_17(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -35190,7 +57805,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_17(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_17(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_17(a, t1, p521_mod);
+    sp_521_mont_tpl_17(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_17(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_17(b, t1, x, p521_mod, p521_mp_mod);
@@ -35199,8 +57814,8 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_dbl_17(t2, b, p521_mod);
     sp_521_mont_sub_17(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_17(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_17(b, t2, p521_mod);
+    sp_521_mont_sub_17(t2, b, x, p521_mod);
+    sp_521_mont_dbl_17(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_17(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -35210,7 +57825,7 @@ static void sp_521_proj_point_dbl_n_17(sp_point_521* p, int i,
     sp_521_mont_sub_17(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_17(y, y, p521_mod);
+    sp_521_mont_div2_17(y, y, p521_mod);
 }
 
 /* Convert the projective point to affine.
@@ -35256,12 +57871,12 @@ typedef struct sp_table_entry_521 {
 static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*17;
-    sp_digit* t3 = t + 4*17;
-    sp_digit* t4 = t + 6*17;
-    sp_digit* t5 = t + 8*17;
-    sp_digit* t6 = t + 10*17;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*17;
+    sp_digit* t6 = t + 4*17;
+    sp_digit* t1 = t + 6*17;
+    sp_digit* t4 = t + 8*17;
+    sp_digit* t5 = t + 10*17;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -35277,13 +57892,9 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         sp_521_proj_point_dbl_17(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_17(t2, t2, p->x, p521_mod);
@@ -35292,33 +57903,40 @@ static void sp_521_proj_point_add_qz1_17(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_17(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_17(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_17(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_17(t1, t3, p521_mod);
-        sp_521_mont_sub_17(x, x, t1, p521_mod);
+        sp_521_mont_sqr_17(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_17(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_17(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_17(t5, t3, p521_mod);
+        sp_521_mont_sub_17(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_17(t3, t3, x, p521_mod);
+        sp_521_mont_sub_17(t3, t3, x, p521_mod);
         sp_521_mont_mul_17(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_17(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_17(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 17; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 17; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_17(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_17(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 17; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 17; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -35419,7 +58037,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_16_17(sp_point_521* r,
@@ -35650,7 +58268,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -35721,8 +58339,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -35875,7 +58493,7 @@ static int sp_521_gen_stripe_table_17(const sp_point_521* a,
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 static void sp_521_get_entry_256_17(sp_point_521* r,
@@ -36106,7 +58724,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -36177,8 +58795,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_17(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_fast_17(r, g, k, map, ct, heap);
@@ -36295,7 +58913,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -36306,7 +58924,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -38388,7 +61006,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -38410,7 +61028,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -38469,65 +61087,47 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
  *
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_521_add_one_17(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_add_one_17(sp_digit* a_p)
+#else
+static void sp_521_add_one_17(sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r2, #1\n\t"
-        "ldr	r1, [%[a], #0]\n\t"
-        "adds	r1, r1, r2\n\t"
-        "mov	r2, #0\n\t"
-        "str	r1, [%[a], #0]\n\t"
-        "ldr	r1, [%[a], #4]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #4]\n\t"
-        "ldr	r1, [%[a], #8]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #8]\n\t"
-        "ldr	r1, [%[a], #12]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #12]\n\t"
-        "ldr	r1, [%[a], #16]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #16]\n\t"
-        "ldr	r1, [%[a], #20]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #20]\n\t"
-        "ldr	r1, [%[a], #24]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #24]\n\t"
-        "ldr	r1, [%[a], #28]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #28]\n\t"
-        "ldr	r1, [%[a], #32]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #32]\n\t"
-        "ldr	r1, [%[a], #36]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #36]\n\t"
-        "ldr	r1, [%[a], #40]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #40]\n\t"
-        "ldr	r1, [%[a], #44]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #44]\n\t"
-        "ldr	r1, [%[a], #48]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #48]\n\t"
-        "ldr	r1, [%[a], #52]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #52]\n\t"
-        "ldr	r1, [%[a], #56]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #56]\n\t"
-        "ldr	r1, [%[a], #60]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #60]\n\t"
-        "ldr	r1, [%[a], #64]\n\t"
-        "adcs	r1, r1, r2\n\t"
-        "str	r1, [%[a], #64]\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADDS	r1, r1, #0x1\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1, r2, r3, r4}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "ADCS	r2, r2, #0x0\n\t"
+        "ADCS	r3, r3, #0x0\n\t"
+        "ADCS	r4, r4, #0x0\n\t"
+        "STM	%[a]!, {r1, r2, r3, r4}\n\t"
+        "LDM	%[a], {r1}\n\t"
+        "ADCS	r1, r1, #0x0\n\t"
+        "STM	%[a]!, {r1}\n\t"
+        : [a] "+r" (a)
         :
-        : [a] "r" (a)
-        : "memory", "r1", "r2"
+        : "memory", "r1", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -38623,7 +61223,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 
     (void)heap;
 
@@ -38631,7 +61231,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -38899,427 +61499,454 @@ int sp_ecc_secret_gen_521_nb(sp_ecc_ctx_t* sp_ctx, const mp_int* priv,
 #endif /* HAVE_ECC_DHE */
 
 #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
-SP_NOINLINE static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_rshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
+static void sp_521_rshift_17(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #32\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "ldrd	r2, r3, [%[a]]\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r], #0]\n\t"
-        "lsl	r5, r4, r6\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "lsl	r5, r2, r6\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsl	r5, r4, r6\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsl	r5, r2, r6\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsl	r5, r4, r6\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsl	r5, r2, r6\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsl	r5, r4, r6\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsl	r5, r2, r6\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsl	r5, r4, r6\n\t"
-        "lsr	r4, r4, %[n]\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsl	r5, r2, r6\n\t"
-        "lsr	r2, r2, %[n]\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsl	r5, r3, r6\n\t"
-        "lsr	r3, r3, %[n]\n\t"
-        "orr	r2, r2, r5\n\t"
-        "strd	r2, r3, [%[r], #60]\n\t"
-      :
-      : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-      : "memory", "r2", "r3", "r4", "r5", "r6"
-  );
+        "RSB	r7, %[n], #0x20\n\t"
+        "LDRD	r4, r5, [%[a]]\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r6, [%[a], #8]\n\t"
+        "STR	r4, [%[a]]\n\t"
+        "LSL	r3, r6, r7\n\t"
+        "LSR	r6, r6, %[n]\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "LSL	r3, r4, r7\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r5, [%[a], #16]\n\t"
+        "STR	r6, [%[a], #8]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r6, [%[a], #20]\n\t"
+        "STR	r4, [%[a], #12]\n\t"
+        "LSL	r3, r6, r7\n\t"
+        "LSR	r6, r6, %[n]\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "STR	r5, [%[a], #16]\n\t"
+        "LSL	r3, r4, r7\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r5, [%[a], #28]\n\t"
+        "STR	r6, [%[a], #20]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r6, [%[a], #32]\n\t"
+        "STR	r4, [%[a], #24]\n\t"
+        "LSL	r3, r6, r7\n\t"
+        "LSR	r6, r6, %[n]\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "STR	r5, [%[a], #28]\n\t"
+        "LSL	r3, r4, r7\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r5, [%[a], #40]\n\t"
+        "STR	r6, [%[a], #32]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r6, [%[a], #44]\n\t"
+        "STR	r4, [%[a], #36]\n\t"
+        "LSL	r3, r6, r7\n\t"
+        "LSR	r6, r6, %[n]\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "STR	r5, [%[a], #40]\n\t"
+        "LSL	r3, r4, r7\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r5, [%[a], #52]\n\t"
+        "STR	r6, [%[a], #44]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r6, [%[a], #56]\n\t"
+        "STR	r4, [%[a], #48]\n\t"
+        "LSL	r3, r6, r7\n\t"
+        "LSR	r6, r6, %[n]\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "STR	r5, [%[a], #52]\n\t"
+        "LSL	r3, r4, r7\n\t"
+        "LSR	r4, r4, %[n]\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r5, [%[a], #64]\n\t"
+        "STR	r6, [%[a], #56]\n\t"
+        "LSL	r3, r5, r7\n\t"
+        "LSR	r5, r5, %[n]\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "STRD	r4, r5, [%[r], #60]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
+        :
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
+    );
 }
 
 #endif
 #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
 #endif
 #if defined(HAVE_ECC_SIGN) || defined(HAVE_ECC_VERIFY)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_lshift_17(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
 static void sp_521_lshift_17(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #31\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "lsr	r4, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r4, r4, r6\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #0]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "str	r2, [%[r]]\n\t"
-        "str	r3, [%[r], #4]\n\t"
+        "RSB	r7, %[n], #0x1f\n\t"
+        "LDR	r5, [%[a], #64]\n\t"
+        "LSR	r6, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r6, r6, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "STR	r6, [%[r], #68]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #56]\n\t"
+        "STR	r5, [%[r], #64]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #52]\n\t"
+        "STR	r4, [%[r], #60]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "STR	r6, [%[r], #56]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #44]\n\t"
+        "STR	r5, [%[r], #52]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #40]\n\t"
+        "STR	r4, [%[r], #48]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "STR	r6, [%[r], #44]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #32]\n\t"
+        "STR	r5, [%[r], #40]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #28]\n\t"
+        "STR	r4, [%[r], #36]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "STR	r6, [%[r], #32]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #20]\n\t"
+        "STR	r5, [%[r], #28]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #16]\n\t"
+        "STR	r4, [%[r], #24]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "STR	r6, [%[r], #20]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #8]\n\t"
+        "STR	r5, [%[r], #16]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "STR	r4, [%[r], #12]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "STR	r6, [%[r], #8]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "STR	r4, [%[r]]\n\t"
+        "STR	r5, [%[r], #4]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
     );
 }
 
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_lshift_34(sp_digit* r_p, const sp_digit* a_p, byte n_p)
+#else
 static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register byte n __asm__ ("r2") = (byte)n_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r6, #31\n\t"
-        "sub	r6, r6, %[n]\n\t"
-        "ldr	r3, [%[a], #132]\n\t"
-        "lsr	r4, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r4, r4, r6\n\t"
-        "ldr	r2, [%[a], #128]\n\t"
-        "str	r4, [%[r], #136]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #124]\n\t"
-        "str	r3, [%[r], #132]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #120]\n\t"
-        "str	r2, [%[r], #128]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #116]\n\t"
-        "str	r4, [%[r], #124]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #112]\n\t"
-        "str	r3, [%[r], #120]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #108]\n\t"
-        "str	r2, [%[r], #116]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #104]\n\t"
-        "str	r4, [%[r], #112]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #100]\n\t"
-        "str	r3, [%[r], #108]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #96]\n\t"
-        "str	r2, [%[r], #104]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #92]\n\t"
-        "str	r4, [%[r], #100]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #88]\n\t"
-        "str	r3, [%[r], #96]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #84]\n\t"
-        "str	r2, [%[r], #92]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #80]\n\t"
-        "str	r4, [%[r], #88]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #76]\n\t"
-        "str	r3, [%[r], #84]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #72]\n\t"
-        "str	r2, [%[r], #80]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #68]\n\t"
-        "str	r4, [%[r], #76]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #64]\n\t"
-        "str	r3, [%[r], #72]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #60]\n\t"
-        "str	r2, [%[r], #68]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #56]\n\t"
-        "str	r4, [%[r], #64]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #52]\n\t"
-        "str	r3, [%[r], #60]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #48]\n\t"
-        "str	r2, [%[r], #56]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #44]\n\t"
-        "str	r4, [%[r], #52]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #40]\n\t"
-        "str	r3, [%[r], #48]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #36]\n\t"
-        "str	r2, [%[r], #44]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #32]\n\t"
-        "str	r4, [%[r], #40]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #28]\n\t"
-        "str	r3, [%[r], #36]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #24]\n\t"
-        "str	r2, [%[r], #32]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #20]\n\t"
-        "str	r4, [%[r], #28]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #16]\n\t"
-        "str	r3, [%[r], #24]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #12]\n\t"
-        "str	r2, [%[r], #20]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "ldr	r2, [%[a], #8]\n\t"
-        "str	r4, [%[r], #16]\n\t"
-        "lsr	r5, r2, #1\n\t"
-        "lsl	r2, r2, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r3, r3, r5\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "str	r3, [%[r], #12]\n\t"
-        "lsr	r5, r4, #1\n\t"
-        "lsl	r4, r4, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r2, r2, r5\n\t"
-        "ldr	r3, [%[a], #0]\n\t"
-        "str	r2, [%[r], #8]\n\t"
-        "lsr	r5, r3, #1\n\t"
-        "lsl	r3, r3, %[n]\n\t"
-        "lsr	r5, r5, r6\n\t"
-        "orr	r4, r4, r5\n\t"
-        "str	r3, [%[r]]\n\t"
-        "str	r4, [%[r], #4]\n\t"
+        "RSB	r7, %[n], #0x1f\n\t"
+        "LDR	r5, [%[a], #132]\n\t"
+        "LSR	r6, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r6, r6, r7\n\t"
+        "LDR	r4, [%[a], #128]\n\t"
+        "STR	r6, [%[r], #136]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #124]\n\t"
+        "STR	r5, [%[r], #132]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #120]\n\t"
+        "STR	r4, [%[r], #128]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "STR	r6, [%[r], #124]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #112]\n\t"
+        "STR	r5, [%[r], #120]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #108]\n\t"
+        "STR	r4, [%[r], #116]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "STR	r6, [%[r], #112]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #100]\n\t"
+        "STR	r5, [%[r], #108]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #96]\n\t"
+        "STR	r4, [%[r], #104]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "STR	r6, [%[r], #100]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #88]\n\t"
+        "STR	r5, [%[r], #96]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #84]\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "STR	r6, [%[r], #88]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #76]\n\t"
+        "STR	r5, [%[r], #84]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #72]\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "STR	r6, [%[r], #76]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #64]\n\t"
+        "STR	r5, [%[r], #72]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #60]\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "STR	r6, [%[r], #64]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #52]\n\t"
+        "STR	r5, [%[r], #60]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #48]\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "STR	r6, [%[r], #52]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #40]\n\t"
+        "STR	r5, [%[r], #48]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #36]\n\t"
+        "STR	r4, [%[r], #44]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "STR	r6, [%[r], #40]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #28]\n\t"
+        "STR	r5, [%[r], #36]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #24]\n\t"
+        "STR	r4, [%[r], #32]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "STR	r6, [%[r], #28]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #16]\n\t"
+        "STR	r5, [%[r], #24]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a], #12]\n\t"
+        "STR	r4, [%[r], #20]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "STR	r6, [%[r], #16]\n\t"
+        "LSR	r3, r4, #1\n\t"
+        "LSL	r4, r4, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "LDR	r6, [%[a], #4]\n\t"
+        "STR	r5, [%[r], #12]\n\t"
+        "LSR	r3, r6, #1\n\t"
+        "LSL	r6, r6, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r4, r4, r3\n\t"
+        "LDR	r5, [%[a]]\n\t"
+        "STR	r4, [%[r], #8]\n\t"
+        "LSR	r3, r5, #1\n\t"
+        "LSL	r5, r5, %[n]\n\t"
+        "LSR	r3, r3, r7\n\t"
+        "ORR	r6, r6, r3\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "STR	r6, [%[r], #4]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [n] "+r" (n)
         :
-        : [r] "r" (r), [a] "r" (a), [n] "r" (n)
-        : "memory", "r2", "r3", "r4", "r5", "r6"
+        : "memory", "r4", "r5", "r6", "r3", "r7", "cc"
     );
 }
 
@@ -39329,150 +61956,340 @@ static void sp_521_lshift_34(sp_digit* r, const sp_digit* a, byte n)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_in_place_17(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #64\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x40\n\t"
+        "\n"
+    "L_sp_521_sub_in_pkace_17_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_521_sub_in_pkace_17_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_521_sub_in_pkace_17_word\n\t"
+#endif
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2}\n\t"
+        "LDM	%[b]!, {r6}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "STM	%[a]!, {r2}\n\t"
+        "SBC	%[a], %[a], %[a]\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #else
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_521_sub_in_place_17(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_in_place_17(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_in_place_17(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "str	r3, [%[a]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2}\n\t"
+        "LDM	%[b]!, {r6}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "STM	%[a]!, {r2}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #68\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_521_mul_d_17_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x44\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_521_mul_d_17_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_521_mul_d_17_word\n\t"
+#endif
+        "STR	r3, [%[r], #68]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_mul_d_17(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "STR	r5, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -39482,49 +62299,69 @@ SP_NOINLINE static void sp_521_mul_d_17(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_521_word_17(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_521_word_17_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_521_word_17_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -39565,8 +62402,8 @@ static void sp_521_mask_17(sp_digit* r, const sp_digit* a, sp_digit m)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_521_div_17(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[35];
     sp_digit t2[18];
@@ -40171,339 +63008,567 @@ int sp_ecc_sign_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash, word32 hashLen, W
 #endif /* HAVE_ECC_SIGN */
 
 #ifndef WOLFSSL_SP_SMALL
+#ifdef WOLFSSL_SP_SMALL
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r11, #0x0\n\t"
+        "ADD	r12, %[a], #0x40\n\t"
+        "\n"
+    "L_sp_521_sub_17_word:\n\t"
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	r11, r3, r3\n\t"
+        "CMP	%[a], r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BNE	L_sp_521_sub_17_word\n\t"
+#else
+        "BNE.N	L_sp_521_sub_17_word\n\t"
+#endif
+        "RSBS	r11, r11, #0x0\n\t"
+        "LDM	%[a]!, {r3}\n\t"
+        "LDM	%[b]!, {r7}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#else
+/* Sub b from a into r. (r = a - b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision integer.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_521_sub_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_521_sub_17(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3}\n\t"
+        "LDM	%[b]!, {r7}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
+}
+
+#endif /* WOLFSSL_SP_SMALL */
 /* Divide the number by 2 mod the modulus. (r = a / 2 % m)
  *
  * r  Result of division by 2.
  * a  Number to divide.
  * m  Modulus.
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_521_div2_mod_17(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 static void sp_521_div2_mod_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr       r4, [%[a]]\n\t"
-        "ands      r8, r4, #1\n\t"
-        "beq       1f\n\t"
-        "mov       r12, #0\n\t"
-        "ldr     r5, [%[a], #4]\n\t"
-        "ldr     r6, [%[a], #8]\n\t"
-        "ldr     r7, [%[a], #12]\n\t"
-        "ldr     r8, [%[m], #0]\n\t"
-        "ldr     r9, [%[m], #4]\n\t"
-        "ldr     r10, [%[m], #8]\n\t"
-        "ldr     r14, [%[m], #12]\n\t"
-        "adds    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #0]\n\t"
-        "str     r5, [%[r], #4]\n\t"
-        "str     r6, [%[r], #8]\n\t"
-        "str     r7, [%[r], #12]\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "ldr     r5, [%[a], #20]\n\t"
-        "ldr     r6, [%[a], #24]\n\t"
-        "ldr     r7, [%[a], #28]\n\t"
-        "ldr     r8, [%[m], #16]\n\t"
-        "ldr     r9, [%[m], #20]\n\t"
-        "ldr     r10, [%[m], #24]\n\t"
-        "ldr     r14, [%[m], #28]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "str     r5, [%[r], #20]\n\t"
-        "str     r6, [%[r], #24]\n\t"
-        "str     r7, [%[r], #28]\n\t"
-        "ldr     r4, [%[a], #32]\n\t"
-        "ldr     r5, [%[a], #36]\n\t"
-        "ldr     r6, [%[a], #40]\n\t"
-        "ldr     r7, [%[a], #44]\n\t"
-        "ldr     r8, [%[m], #32]\n\t"
-        "ldr     r9, [%[m], #36]\n\t"
-        "ldr     r10, [%[m], #40]\n\t"
-        "ldr     r14, [%[m], #44]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #32]\n\t"
-        "str     r5, [%[r], #36]\n\t"
-        "str     r6, [%[r], #40]\n\t"
-        "str     r7, [%[r], #44]\n\t"
-        "ldr     r4, [%[a], #48]\n\t"
-        "ldr     r5, [%[a], #52]\n\t"
-        "ldr     r6, [%[a], #56]\n\t"
-        "ldr     r7, [%[a], #60]\n\t"
-        "ldr     r8, [%[m], #48]\n\t"
-        "ldr     r9, [%[m], #52]\n\t"
-        "ldr     r10, [%[m], #56]\n\t"
-        "ldr     r14, [%[m], #60]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "adcs    r5, r5, r9\n\t"
-        "adcs    r6, r6, r10\n\t"
-        "adcs    r7, r7, r14\n\t"
-        "str     r4, [%[r], #48]\n\t"
-        "str     r5, [%[r], #52]\n\t"
-        "str     r6, [%[r], #56]\n\t"
-        "str     r7, [%[r], #60]\n\t"
-        "ldr     r4, [%[a], #64]\n\t"
-        "ldr     r8, [%[m], #64]\n\t"
-        "adcs    r4, r4, r8\n\t"
-        "str     r4, [%[r], #64]\n\t"
-        "adc       r8, r12, r12\n\t"
-        "b 2f\n\t"
-        "\n1:\n\t"
-        "ldr     r5, [%[a], #2]\n\t"
-        "str     r4, [%[r], #0]\n\t"
-        "str     r5, [%[r], #2]\n\t"
-        "ldr     r4, [%[a], #4]\n\t"
-        "ldr     r5, [%[a], #6]\n\t"
-        "str     r4, [%[r], #4]\n\t"
-        "str     r5, [%[r], #6]\n\t"
-        "ldr     r4, [%[a], #8]\n\t"
-        "ldr     r5, [%[a], #10]\n\t"
-        "str     r4, [%[r], #8]\n\t"
-        "str     r5, [%[r], #10]\n\t"
-        "ldr     r4, [%[a], #12]\n\t"
-        "ldr     r5, [%[a], #14]\n\t"
-        "str     r4, [%[r], #12]\n\t"
-        "str     r5, [%[r], #14]\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "ldr     r5, [%[a], #18]\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "str     r5, [%[r], #18]\n\t"
-        "ldr     r4, [%[a], #20]\n\t"
-        "ldr     r5, [%[a], #22]\n\t"
-        "str     r4, [%[r], #20]\n\t"
-        "str     r5, [%[r], #22]\n\t"
-        "ldr     r4, [%[a], #24]\n\t"
-        "ldr     r5, [%[a], #26]\n\t"
-        "str     r4, [%[r], #24]\n\t"
-        "str     r5, [%[r], #26]\n\t"
-        "ldr     r4, [%[a], #28]\n\t"
-        "ldr     r5, [%[a], #30]\n\t"
-        "str     r4, [%[r], #28]\n\t"
-        "str     r5, [%[r], #30]\n\t"
-        "\n2:\n\t"
-        "ldr       r3, [%[r]]\n\t"
-        "ldr       r4, [%[r], #4]\n\t"
-        "lsr       r3, r3, #1\n\t"
-        "orr       r3, r3, r4, lsl #31\n\t"
-        "lsr       r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #8]\n\t"
-        "str     r3, [%[r], #0]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #12]\n\t"
-        "str     r4, [%[r], #4]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #16]\n\t"
-        "str     r5, [%[r], #8]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #20]\n\t"
-        "str     r3, [%[r], #12]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #24]\n\t"
-        "str     r4, [%[r], #16]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #28]\n\t"
-        "str     r5, [%[r], #20]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #32]\n\t"
-        "str     r3, [%[r], #24]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #36]\n\t"
-        "str     r4, [%[r], #28]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #40]\n\t"
-        "str     r5, [%[r], #32]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #44]\n\t"
-        "str     r3, [%[r], #36]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #48]\n\t"
-        "str     r4, [%[r], #40]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #52]\n\t"
-        "str     r5, [%[r], #44]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "ldr     r5, [%[a], #56]\n\t"
-        "str     r3, [%[r], #48]\n\t"
-        "orr     r4, r4, r5, lsl #31\n\t"
-        "lsr     r5, r5, #1\n\t"
-        "ldr     r3, [%[a], #60]\n\t"
-        "str     r4, [%[r], #52]\n\t"
-        "orr     r5, r5, r3, lsl #31\n\t"
-        "lsr     r3, r3, #1\n\t"
-        "ldr     r4, [%[a], #64]\n\t"
-        "str     r5, [%[r], #56]\n\t"
-        "orr     r3, r3, r4, lsl #31\n\t"
-        "lsr     r4, r4, #1\n\t"
-        "orr       r4, r4, r8, lsl #31\n\t"
-        "str       r3, [%[r], #60]\n\t"
-        "str       r4, [%[r], #64]\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "ANDS	r3, r4, #0x1\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_div2_mod_17_even\n\t"
+#else
+        "BEQ.N	L_sp_521_div2_mod_17_even\n\t"
+#endif
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "LDM	%[m]!, {r8}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "ADC	r3, r12, r12\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_div2_mod_17_div2\n\t"
+#else
+        "B.N	L_sp_521_div2_mod_17_div2\n\t"
+#endif
+        "\n"
+    "L_sp_521_div2_mod_17_even:\n\t"
+        "LDM	%[a]!, {r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4}\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "\n"
+    "L_sp_521_div2_mod_17_div2:\n\t"
+        "SUB	%[r], %[r], #0x44\n\t"
+        "LDRD	r8, r9, [%[r]]\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #8]\n\t"
+        "STR	r8, [%[r]]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #12]\n\t"
+        "STR	r9, [%[r], #4]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #16]\n\t"
+        "STR	r10, [%[r], #8]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #20]\n\t"
+        "STR	r8, [%[r], #12]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #24]\n\t"
+        "STR	r9, [%[r], #16]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #28]\n\t"
+        "STR	r10, [%[r], #20]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #32]\n\t"
+        "STR	r8, [%[r], #24]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #36]\n\t"
+        "STR	r9, [%[r], #28]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #40]\n\t"
+        "STR	r10, [%[r], #32]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #44]\n\t"
+        "STR	r8, [%[r], #36]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #48]\n\t"
+        "STR	r9, [%[r], #40]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #52]\n\t"
+        "STR	r10, [%[r], #44]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "LDR	r10, [%[r], #56]\n\t"
+        "STR	r8, [%[r], #48]\n\t"
+        "ORR	r9, r9, r10, lsl #31\n\t"
+        "LSR	r10, r10, #1\n\t"
+        "LDR	r8, [%[r], #60]\n\t"
+        "STR	r9, [%[r], #52]\n\t"
+        "ORR	r10, r10, r8, lsl #31\n\t"
+        "LSR	r8, r8, #1\n\t"
+        "LDR	r9, [%[r], #64]\n\t"
+        "STR	r10, [%[r], #56]\n\t"
+        "ORR	r8, r8, r9, lsl #31\n\t"
+        "LSR	r9, r9, #1\n\t"
+        "ORR	r9, r9, r3, lsl #31\n\t"
+        "STR	r8, [%[r], #60]\n\t"
+        "STR	r9, [%[r], #64]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : [r] "r" (r), [a] "r" (a), [m] "r" (m)
-        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
 }
 
-static int sp_521_num_bits_17(sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static int sp_521_num_bits_17(const sp_digit* a_p)
+#else
+static int sp_521_num_bits_17(const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    int r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldr r2, [%[a], #64]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 16f\n\t"
-        "mov r3, #544\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n16:\n\t"
-        "ldr r2, [%[a], #60]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 15f\n\t"
-        "mov r3, #512\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n15:\n\t"
-        "ldr r2, [%[a], #56]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 14f\n\t"
-        "mov r3, #480\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n14:\n\t"
-        "ldr r2, [%[a], #52]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 13f\n\t"
-        "mov r3, #448\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n13:\n\t"
-        "ldr r2, [%[a], #48]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 12f\n\t"
-        "mov r3, #416\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n12:\n\t"
-        "ldr r2, [%[a], #44]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 11f\n\t"
-        "mov r3, #384\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n11:\n\t"
-        "ldr r2, [%[a], #40]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 10f\n\t"
-        "mov r3, #352\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n10:\n\t"
-        "ldr r2, [%[a], #36]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 9f\n\t"
-        "mov r3, #320\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n9:\n\t"
-        "ldr r2, [%[a], #32]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 8f\n\t"
-        "mov r3, #288\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n8:\n\t"
-        "ldr r2, [%[a], #28]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 7f\n\t"
-        "mov r3, #256\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n7:\n\t"
-        "ldr r2, [%[a], #24]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 6f\n\t"
-        "mov r3, #224\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n6:\n\t"
-        "ldr r2, [%[a], #20]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 5f\n\t"
-        "mov r3, #192\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n5:\n\t"
-        "ldr r2, [%[a], #16]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 4f\n\t"
-        "mov r3, #160\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n4:\n\t"
-        "ldr r2, [%[a], #12]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 3f\n\t"
-        "mov r3, #128\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n3:\n\t"
-        "ldr r2, [%[a], #8]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 2f\n\t"
-        "mov r3, #96\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n2:\n\t"
-        "ldr r2, [%[a], #4]\n\t"
-        "cmp r2, #0\n\t"
-        "beq 1f\n\t"
-        "mov r3, #64\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "b   18f\n\t"
-        "\n1:\n\t"
-        "ldr r2, [%[a], #0]\n\t"
-        "mov r3, #32\n\t"
-        "clz %[r], r2\n\t"
-        "sub %[r], r3, %[r]\n\t"
-        "\n18:\n\t"
-        : [r] "+r" (r)
-        : [a] "r" (a)
-        : "r2", "r3"
+        "LDR	r1, [%[a], #64]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_16\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_16\n\t"
+#endif
+        "MOV	r2, #0x220\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_16:\n\t"
+        "LDR	r1, [%[a], #60]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_15\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_15\n\t"
+#endif
+        "MOV	r2, #0x200\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_15:\n\t"
+        "LDR	r1, [%[a], #56]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_14\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_14\n\t"
+#endif
+        "MOV	r2, #0x1e0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_14:\n\t"
+        "LDR	r1, [%[a], #52]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_13\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_13\n\t"
+#endif
+        "MOV	r2, #0x1c0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_13:\n\t"
+        "LDR	r1, [%[a], #48]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_12\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_12\n\t"
+#endif
+        "MOV	r2, #0x1a0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_12:\n\t"
+        "LDR	r1, [%[a], #44]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_11\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_11\n\t"
+#endif
+        "MOV	r2, #0x180\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_11:\n\t"
+        "LDR	r1, [%[a], #40]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_10\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_10\n\t"
+#endif
+        "MOV	r2, #0x160\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_10:\n\t"
+        "LDR	r1, [%[a], #36]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_9\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_9\n\t"
+#endif
+        "MOV	r2, #0x140\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_9:\n\t"
+        "LDR	r1, [%[a], #32]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_8\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_8\n\t"
+#endif
+        "MOV	r2, #0x120\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_8:\n\t"
+        "LDR	r1, [%[a], #28]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_7\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_7\n\t"
+#endif
+        "MOV	r2, #0x100\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_7:\n\t"
+        "LDR	r1, [%[a], #24]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_6\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_6\n\t"
+#endif
+        "MOV	r2, #0xe0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_6:\n\t"
+        "LDR	r1, [%[a], #20]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_5\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_5\n\t"
+#endif
+        "MOV	r2, #0xc0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_5:\n\t"
+        "LDR	r1, [%[a], #16]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_4\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_4\n\t"
+#endif
+        "MOV	r2, #0xa0\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_4:\n\t"
+        "LDR	r1, [%[a], #12]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_3\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_3\n\t"
+#endif
+        "MOV	r2, #0x80\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_3:\n\t"
+        "LDR	r1, [%[a], #8]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_2\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_2\n\t"
+#endif
+        "MOV	r2, #0x60\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_2:\n\t"
+        "LDR	r1, [%[a], #4]\n\t"
+        "CMP	r1, #0x0\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BEQ	L_sp_521_num_bits_17_1\n\t"
+#else
+        "BEQ.N	L_sp_521_num_bits_17_1\n\t"
+#endif
+        "MOV	r2, #0x40\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "B	L_sp_521_num_bits_17_18\n\t"
+#else
+        "B.N	L_sp_521_num_bits_17_18\n\t"
+#endif
+        "\n"
+    "L_sp_521_num_bits_17_1:\n\t"
+        "LDR	r1, [%[a]]\n\t"
+        "MOV	r2, #0x20\n\t"
+        "CLZ	r4, r1\n\t"
+        "SUB	r4, r2, r4\n\t"
+        "\n"
+    "L_sp_521_num_bits_17_18:\n\t"
+        "MOV	%[a], r4\n\t"
+        : [a] "+r" (a)
+        :
+        : "memory", "r1", "r2", "r3", "r4", "r5", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Non-constant time modular inversion.
@@ -40549,7 +63614,7 @@ static int sp_521_mod_inv_17(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_521_cmp_17(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_17(u, v) >= 0))) {
             sp_521_sub_17(u, u, v);
             o = sp_521_sub_17(b, b, d);
             if (o != 0)
@@ -40635,7 +63700,7 @@ static void sp_521_add_points_17(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -40966,7 +64031,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -40994,19 +64059,21 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 17;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_17(t1, point->y);
         (void)sp_521_mod_17(t1, t1, p521_mod);
         sp_521_sqr_17(t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
         sp_521_mul_17(t2, t2, point->x);
         (void)sp_521_mod_17(t2, t2, p521_mod);
-        (void)sp_521_sub_17(t2, p521_mod, t2);
-        sp_521_mont_add_17(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_17(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
         sp_521_mont_add_17(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_17(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -41020,7 +64087,7 @@ static int sp_521_ecc_is_point_17(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -41525,83 +64592,1807 @@ typedef struct sp_point_1024 {
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_1024_mul_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[16 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #64\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #60\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #120\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "SUB	sp, sp, #0x40\n\t"
+        /* A[0] * B[0] */
+        "LDR	r11, [%[a]]\n\t"
+        "LDR	r12, [%[b]]\n\t"
+        "UMULL	r3, r4, r11, r12\n\t"
+        "MOV	r5, #0x0\n\t"
+        "STR	r3, [sp]\n\t"
+        /* A[0] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[0] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #4]\n\t"
+        /* A[2] * B[0] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[1] */
+        "LDR	r11, [%[a], #4]\n\t"
+        "LDR	r12, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[2] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #8]\n\t"
+        /* A[0] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[2] */
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[1] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[0] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #12]\n\t"
+        /* A[4] * B[0] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[1] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[2] */
+        "LDR	r11, [%[a], #8]\n\t"
+        "LDR	r12, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[3] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[4] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #16]\n\t"
+        /* A[0] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[4] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[2] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[1] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[0] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #20]\n\t"
+        /* A[6] * B[0] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[1] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[2] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[3] */
+        "LDR	r11, [%[a], #12]\n\t"
+        "LDR	r12, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[4] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[5] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[6] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #24]\n\t"
+        /* A[0] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[6] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[5] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[4] */
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[3] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[2] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[1] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[0] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #28]\n\t"
+        /* A[8] * B[0] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[1] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[2] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[3] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[4] */
+        "LDR	r11, [%[a], #16]\n\t"
+        "LDR	r12, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[5] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[6] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[7] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[8] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #32]\n\t"
+        /* A[0] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[8] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[7] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[6] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[4] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[3] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[2] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[1] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[0] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #36]\n\t"
+        /* A[10] * B[0] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[1] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[2] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[3] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[4] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[5] */
+        "LDR	r11, [%[a], #20]\n\t"
+        "LDR	r12, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[6] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[7] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[8] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[9] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[0] * B[10] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #40]\n\t"
+        /* A[0] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[10] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[9] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[8] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[7] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[6] */
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[5] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[4] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[3] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[2] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[1] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[0] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #44]\n\t"
+        /* A[12] * B[0] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[1] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[2] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[3] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[4] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[5] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[6] */
+        "LDR	r11, [%[a], #24]\n\t"
+        "LDR	r12, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[7] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[8] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[9] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[10] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[11] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[0] * B[12] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #48]\n\t"
+        /* A[0] * B[13] */
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[12] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[11] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[10] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[9] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[8] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[6] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[5] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[4] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[3] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[2] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[1] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[0] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #52]\n\t"
+        /* A[14] * B[0] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[1] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[2] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[3] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[4] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[5] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[6] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[7] */
+        "LDR	r11, [%[a], #28]\n\t"
+        "LDR	r12, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[8] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[9] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[10] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[11] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[2] * B[12] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * B[13] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[0] * B[14] */
+        "LDR	r8, [%[a]]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [sp, #56]\n\t"
+        /* A[0] * B[15] */
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[1] * B[14] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[2] * B[13] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[12] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[11] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[10] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[9] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[8] */
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[7] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[6] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[5] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[4] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[3] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[2] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[1] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[0] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b]]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [sp, #60]\n\t"
+        /* A[15] * B[1] */
+        "LDR	r9, [%[b], #4]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[2] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[3] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[4] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[5] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[6] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[7] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[8] */
+        "LDR	r11, [%[a], #32]\n\t"
+        "LDR	r12, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[9] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[10] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[11] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[4] * B[12] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[3] * B[13] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[2] * B[14] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * B[15] */
+        "LDR	r8, [%[a], #4]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #64]\n\t"
+        /* A[2] * B[15] */
+        "LDR	r8, [%[a], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[3] * B[14] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[4] * B[13] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[12] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[11] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[10] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[8] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[7] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[6] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[5] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[4] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[3] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[2] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #8]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #68]\n\t"
+        /* A[15] * B[3] */
+        "LDR	r9, [%[b], #12]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[4] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[5] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[6] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[7] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[8] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[9] */
+        "LDR	r11, [%[a], #36]\n\t"
+        "LDR	r12, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[10] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[11] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[6] * B[12] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[5] * B[13] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[4] * B[14] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[3] * B[15] */
+        "LDR	r8, [%[a], #12]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #72]\n\t"
+        /* A[4] * B[15] */
+        "LDR	r8, [%[a], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[5] * B[14] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[6] * B[13] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[12] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[11] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[10] */
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[9] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[8] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[7] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[6] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[5] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[4] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #16]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #76]\n\t"
+        /* A[15] * B[5] */
+        "LDR	r9, [%[b], #20]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[6] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[7] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[8] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[9] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[10] */
+        "LDR	r11, [%[a], #40]\n\t"
+        "LDR	r12, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[11] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[8] * B[12] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[7] * B[13] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[6] * B[14] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[5] * B[15] */
+        "LDR	r8, [%[a], #20]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #80]\n\t"
+        /* A[6] * B[15] */
+        "LDR	r8, [%[a], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[7] * B[14] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[8] * B[13] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[12] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[10] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[9] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[8] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[7] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[6] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #24]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #84]\n\t"
+        /* A[15] * B[7] */
+        "LDR	r9, [%[b], #28]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[8] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[9] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[10] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[11] */
+        "LDR	r11, [%[a], #44]\n\t"
+        "LDR	r12, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[10] * B[12] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[9] * B[13] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[8] * B[14] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[7] * B[15] */
+        "LDR	r8, [%[a], #28]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #88]\n\t"
+        /* A[8] * B[15] */
+        "LDR	r8, [%[a], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[9] * B[14] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[10] * B[13] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[12] */
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[11] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[10] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[9] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[8] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #32]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #92]\n\t"
+        /* A[15] * B[9] */
+        "LDR	r9, [%[b], #36]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[10] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[11] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[12] * B[12] */
+        "LDR	r11, [%[a], #48]\n\t"
+        "LDR	r12, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[11] * B[13] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[10] * B[14] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[9] * B[15] */
+        "LDR	r8, [%[a], #36]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #96]\n\t"
+        /* A[10] * B[15] */
+        "LDR	r8, [%[a], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[11] * B[14] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * B[13] */
+        "LDR	r9, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[12] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[11] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[15] * B[10] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #40]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #100]\n\t"
+        /* A[15] * B[11] */
+        "LDR	r9, [%[b], #44]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[14] * B[12] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * B[13] */
+        "LDR	r11, [%[a], #52]\n\t"
+        "LDR	r12, [%[b], #52]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[12] * B[14] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[11] * B[15] */
+        "LDR	r8, [%[a], #44]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #104]\n\t"
+        /* A[12] * B[15] */
+        "LDR	r8, [%[a], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[13] * B[14] */
+        "LDR	r9, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[14] * B[13] */
+        "LDR	r8, [%[a], #56]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        /* A[15] * B[12] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "LDR	r9, [%[b], #48]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], #108]\n\t"
+        /* A[15] * B[13] */
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[14] * B[14] */
+        "LDR	r11, [%[a], #56]\n\t"
+        "LDR	r12, [%[b], #56]\n\t"
+        "UMULL	r6, r7, r11, r12\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * B[15] */
+        "LDR	r8, [%[a], #52]\n\t"
+        "LDR	r9, [%[b], #60]\n\t"
+        "UMULL	r6, r7, r8, r9\n\t"
+        "ADDS	r4, r4, r6\n\t"
+        "ADCS	r5, r5, r7\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #112]\n\t"
+        /* A[14] * B[15] */
+        "UMULL	r6, r7, r11, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[15] * B[14] */
+        "LDR	r8, [%[a], #60]\n\t"
+        "UMULL	r6, r7, r8, r12\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r5, [%[r], #116]\n\t"
+        /* A[15] * B[15] */
+        "UMLAL	r3, r4, r8, r9\n\t"
+        "STR	r3, [%[r], #120]\n\t"
+        "STR	r4, [%[r], #124]\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	sp!, {r3, r4, r5, r6}\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r11", "r12", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -41609,122 +66400,1150 @@ SP_NOINLINE static void sp_1024_mul_16(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_sqr_16(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #128\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #60\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #64\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
-#else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
-#else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #120\n\t"
-        "cmp	r8, r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #124\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
-#else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #128\n\t"
-        "add	sp, sp, r6\n\t"
+        "SUB	sp, sp, #0x40\n\t"
+        /* A[0] * A[0] */
+        "LDR	r10, [%[a]]\n\t"
+        "UMULL	r8, r3, r10, r10\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r8, [sp]\n\t"
+        /* A[0] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #4]\n\t"
+        /* A[0] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[1] * A[1] */
+        "LDR	r10, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [sp, #8]\n\t"
+        /* A[0] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[1] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [sp, #12]\n\t"
+        /* A[0] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[1] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[2] * A[2] */
+        "LDR	r10, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [sp, #16]\n\t"
+        /* A[0] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #20]\n\t"
+        /* A[0] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[3] */
+        "LDR	r10, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #24]\n\t"
+        /* A[0] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #28]\n\t"
+        /* A[0] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[4] */
+        "LDR	r10, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #32]\n\t"
+        /* A[0] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #36]\n\t"
+        /* A[0] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[5] */
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #40]\n\t"
+        /* A[0] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #44]\n\t"
+        /* A[0] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[6] */
+        "LDR	r10, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #48]\n\t"
+        /* A[0] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [sp, #52]\n\t"
+        /* A[0] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[7] */
+        "LDR	r10, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [sp, #56]\n\t"
+        /* A[0] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a]]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[1] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[2] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [sp, #60]\n\t"
+        /* A[1] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #4]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[2] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[3] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[8] */
+        "LDR	r10, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #64]\n\t"
+        /* A[2] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #8]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[3] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[4] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        /* A[3] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[4] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[5] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[9] */
+        "LDR	r10, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #72]\n\t"
+        /* A[4] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[5] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[6] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #76]\n\t"
+        /* A[5] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[6] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[7] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[10] */
+        "LDR	r10, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        /* A[6] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[7] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[8] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #84]\n\t"
+        /* A[7] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[8] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[9] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[11] */
+        "LDR	r10, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #88]\n\t"
+        /* A[8] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r3, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[9] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[10] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r4, r4, r5\n\t"
+        "ADCS	r2, r2, r6\n\t"
+        "ADC	r3, r3, r7\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        /* A[9] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[10] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[11] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[12] * A[12] */
+        "LDR	r10, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r5\n\t"
+        "ADCS	r3, r3, r6\n\t"
+        "ADC	r4, r4, r7\n\t"
+        "STR	r2, [%[r], #96]\n\t"
+        /* A[10] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "UMULL	r5, r6, r10, r12\n\t"
+        "MOV	r2, #0x0\n\t"
+        "MOV	r7, #0x0\n\t"
+        /* A[11] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* A[12] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r5, r5, r8\n\t"
+        "ADCS	r6, r6, r9\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        "ADDS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADCS	r4, r4, r6\n\t"
+        "ADC	r2, r2, r7\n\t"
+        "STR	r3, [%[r], #100]\n\t"
+        /* A[11] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[12] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* A[13] * A[13] */
+        "LDR	r10, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #104]\n\t"
+        /* A[12] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        /* A[13] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "ADDS	r2, r2, r8\n\t"
+        "ADCS	r3, r3, r9\n\t"
+        "ADC	r4, r4, #0x0\n\t"
+        "STR	r2, [%[r], #108]\n\t"
+        /* A[13] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "MOV	r2, #0x0\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        /* A[14] * A[14] */
+        "LDR	r10, [%[a], #56]\n\t"
+        "UMULL	r8, r9, r10, r10\n\t"
+        "ADDS	r3, r3, r8\n\t"
+        "ADCS	r4, r4, r9\n\t"
+        "ADC	r2, r2, #0x0\n\t"
+        "STR	r3, [%[r], #112]\n\t"
+        /* A[14] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "UMULL	r8, r9, r10, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r2, r2, r9\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        "STR	r4, [%[r], #116]\n\t"
+        /* A[15] * A[15] */
+        "LDR	r10, [%[a], #60]\n\t"
+        "UMLAL	r2, r3, r10, r10\n\t"
+        "STR	r2, [%[r], #120]\n\t"
+        "STR	r3, [%[r], #124]\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        "LDM	sp!, {r2, r3, r4, r8}\n\t"
+        "STM	%[r]!, {r2, r3, r4, r8}\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r12", "cc"
     );
 }
 
@@ -41734,161 +67553,135 @@ SP_NOINLINE static void sp_1024_sqr_16(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
-/* Sub b from a into r. (r = a - b)
+/* Sub b from a into a. (a -= b)
  *
- * r  A single precision integer.
- * a  A single precision integer.
+ * a  A single precision integer and result.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "subs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "ldm	%[a], {r3, r4}\n\t"
-        "ldm	%[b]!, {r5, r6}\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "stm	%[a]!, {r3, r4}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SUBS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	%[a], r9, r9\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 /* Add b to a into r. (r = a + b)
@@ -41897,100 +67690,82 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adds	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "adcs	r4, r4, r6\n\t"
-        "adcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADDS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "ADCS	r3, r3, r7\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "MOV	%[r], #0x0\n\t"
+        "ADC	%[r], %[r], #0x0\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* AND m into each word of a and store in r.
@@ -42068,59 +67843,53 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_16(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SUBS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[a]!, {r3, r4, r5, r6}\n\t"
+        "LDM	%[b]!, {r7, r8, r9, r10}\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "STM	%[r]!, {r3, r4, r5, r6}\n\t"
+        "SBC	%[r], r6, r6\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -42166,83 +67935,99 @@ SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static void sp_1024_mul_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit tmp_arr[32 * 2];
-    sp_digit* tmp = tmp_arr;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r11, %[b]\n\t"
-        "mov	r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "mov	r14, r6\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	%[b], r9\n\t"
-        "sub	%[b], %[b], %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	%[b], %[b], r11\n\t"
-        "\n2:\n\t"
-        /* Multiply Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [%[b]]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply Done */
-        "add	%[a], %[a], #4\n\t"
-        "sub	%[b], %[b], #4\n\t"
-        "cmp	%[a], r14\n\t"
+        "SUB	sp, sp, #0x100\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "LDR	r11, [%[b]]\n\t"
+        "UMULL	r8, r6, lr, r11\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_1024_mul_32_outer:\n\t"
+        "SUBS	r3, r5, #0x7c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_1024_mul_32_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "LDR	lr, [%[a], r4]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_1024_mul_32_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, r9\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
+        "BGT.N	L_sp_1024_mul_32_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT	L_sp_1024_mul_32_inner\n\t"
+#else
+        "BLT.N	L_sp_1024_mul_32_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[b], r3]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_1024_mul_32_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0xf4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
+        "BLE	L_sp_1024_mul_32_outer\n\t"
 #else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[b], r11\n\t"
+        "BLE.N	L_sp_1024_mul_32_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #124]\n\t"
+        "LDR	r11, [%[b], #124]\n\t"
+        "UMLAL	r6, r7, lr, r11\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_1024_mul_32_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
+#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
+        "BGT	L_sp_1024_mul_32_store\n\t"
+#else
+        "BGT.N	L_sp_1024_mul_32_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : [r] "r" (tmp), [a] "r" (a), [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
-
-    XMEMCPY(r, tmp_arr, sizeof(tmp_arr));
 }
 
 /* Square a and put result in r. (r = a * a)
@@ -42250,124 +68035,91 @@ SP_NOINLINE static void sp_1024_mul_32(sp_digit* r, const sp_digit* a,
  * r  A single precision integer.
  * a  A single precision integer.
  */
-SP_NOINLINE static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_sqr_32(sp_digit* r_p, const sp_digit* a_p)
+#else
+static void sp_1024_sqr_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mov	r4, #0\n\t"
-        "mov	r5, #0\n\t"
-        "mov	r9, r3\n\t"
-        "mov	r12, %[r]\n\t"
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "neg	r6, r6\n\t"
-        "add	sp, sp, r6\n\t"
-        "mov	r11, sp\n\t"
-        "mov	r10, %[a]\n\t"
-        "\n1:\n\t"
-        "mov	%[r], #0\n\t"
-        "mov	r6, #124\n\t"
-        "mov	%[a], r9\n\t"
-        "subs	%[a], %[a], r6\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "mvn	r6, r6\n\t"
-        "and	%[a], %[a], r6\n\t"
-        "mov	r2, r9\n\t"
-        "sub	r2, r2, %[a]\n\t"
-        "add	%[a], %[a], r10\n\t"
-        "add	r2, r2, r10\n\t"
-        "\n2:\n\t"
-        "cmp	r2, %[a]\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	4f\n\t"
-#else
-        "beq.n	4f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        /* Multiply * 2: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "ldr	r8, [r2]\n\t"
-        "umull	r6, r8, r6, r8\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Multiply * 2: Done */
+        "SUB	sp, sp, #0x100\n\t"
+        "LDR	lr, [%[a]]\n\t"
+        "UMULL	r8, r6, lr, lr\n\t"
+        "STR	r8, [sp]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r5, #0x4\n\t"
+        "\n"
+    "L_sp_1024_sqr_32_outer:\n\t"
+        "SUBS	r3, r5, #0x7c\n\t"
+        "IT	cc\n\t"
+        "MOVCC	r3, #0x0\n\t"
+        "SUB	r4, r5, r3\n\t"
+        "\n"
+    "L_sp_1024_sqr_32_inner:\n\t"
+        "LDR	lr, [%[a], r3]\n\t"
+        "LDR	r11, [%[a], r4]\n\t"
+        "UMULL	r9, r10, lr, r11\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "ADD	r3, r3, #0x4\n\t"
+        "SUB	r4, r4, #0x4\n\t"
+        "CMP	r3, r4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bal	5f\n\t"
-#else
-        "bal.n	5f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n4:\n\t"
-        /* Square: Start */
-        "ldr	r6, [%[a]]\n\t"
-        "umull	r6, r8, r6, r6\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs	r4, r4, r8\n\t"
-        "adc	r5, r5, %[r]\n\t"
-        /* Square: Done */
-        "\n5:\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "sub	r2, r2, #4\n\t"
-        "mov	r6, #128\n\t"
-        "add	r6, r6, r10\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "beq	3f\n\t"
+        "BGT	L_sp_1024_sqr_32_inner_done\n\t"
 #else
-        "beq.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "cmp	%[a], r2\n\t"
+        "BGT.N	L_sp_1024_sqr_32_inner_done\n\t"
+#endif
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bgt	3f\n\t"
+        "BLT	L_sp_1024_sqr_32_inner\n\t"
 #else
-        "bgt.n	3f\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r8, r9\n\t"
-        "add	r8, r8, r10\n\t"
-        "cmp	%[a], r8\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	2b\n\t"
-#else
-        "ble.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "\n3:\n\t"
-        "mov	%[r], r11\n\t"
-        "mov	r8, r9\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "mov	r5, #0\n\t"
-        "add	r8, r8, #4\n\t"
-        "mov	r9, r8\n\t"
-        "mov	r6, #248\n\t"
-        "cmp	r8, r6\n\t"
+        "BLT.N	L_sp_1024_sqr_32_inner\n\t"
+#endif
+        "LDR	lr, [%[a], r3]\n\t"
+        "UMULL	r9, r10, lr, lr\n\t"
+        "ADDS	r6, r6, r9\n\t"
+        "ADCS	r7, r7, r10\n\t"
+        "ADC	r8, r8, #0x0\n\t"
+        "\n"
+    "L_sp_1024_sqr_32_inner_done:\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "MOV	r6, r7\n\t"
+        "MOV	r7, r8\n\t"
+        "MOV	r8, #0x0\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0xf4\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "ble	1b\n\t"
-#else
-        "ble.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	%[a], r10\n\t"
-        "str	r3, [%[r], r8]\n\t"
-        "mov	%[r], r12\n\t"
-        "mov	%[a], r11\n\t"
-        "mov	r3, #252\n\t"
-        "\n4:\n\t"
-        "ldr	r6, [%[a], r3]\n\t"
-        "str	r6, [%[r], r3]\n\t"
-        "subs	r3, r3, #4\n\t"
+        "BLE	L_sp_1024_sqr_32_outer\n\t"
+#else
+        "BLE.N	L_sp_1024_sqr_32_outer\n\t"
+#endif
+        "LDR	lr, [%[a], #124]\n\t"
+        "UMLAL	r6, r7, lr, lr\n\t"
+        "STR	r6, [sp, r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "STR	r7, [sp, r5]\n\t"
+        "\n"
+    "L_sp_1024_sqr_32_store:\n\t"
+        "LDM	sp!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "STM	%[r]!, {r3, r4, r6, r7, r8, r9, r10, r11}\n\t"
+        "SUBS	r5, r5, #0x20\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	4b\n\t"
+        "BGT	L_sp_1024_sqr_32_store\n\t"
 #else
-        "bge.n	4b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "mov	r6, #1\n\t"
-        "lsl	r6, r6, #8\n\t"
-        "add	sp, sp, r6\n\t"
+        "BGT.N	L_sp_1024_sqr_32_store\n\t"
+#endif
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12"
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "lr", "r11", "cc"
     );
 }
 
@@ -42463,42 +68215,47 @@ static const sp_point_1024 p1024_base = {
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_sub_in_place_32(sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov	r8, %[a]\n\t"
-        "add	r8, r8, #128\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r3, [%[a]]\n\t"
-        "ldr	r4, [%[a], #4]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "ldr	r6, [%[b], #4]\n\t"
-        "sbcs	r3, r3, r5\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "str	r3, [%[a]]\n\t"
-        "str	r4, [%[a], #4]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #8\n\t"
-        "add	%[b], %[b], #8\n\t"
-        "cmp	%[a], r8\n\t"
+        "MOV	r10, #0x0\n\t"
+        "ADD	r11, %[a], #0x80\n\t"
+        "\n"
+    "L_sp_1024_sub_in_pkace_32_word:\n\t"
+        "RSBS	r10, r10, #0x0\n\t"
+        "LDM	%[a], {r2, r3, r4, r5}\n\t"
+        "LDM	%[b]!, {r6, r7, r8, r9}\n\t"
+        "SBCS	r2, r2, r6\n\t"
+        "SBCS	r3, r3, r7\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "STM	%[a]!, {r2, r3, r4, r5}\n\t"
+        "SBC	r10, r10, r10\n\t"
+        "CMP	%[a], r11\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_1024_sub_in_pkace_32_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_1024_sub_in_pkace_32_word\n\t"
+#endif
+        "MOV	%[a], r10\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r3", "r4", "r5", "r6", "r8"
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)a;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally subtract b from a using the mask m.
  * m is -1 to subtract and 0 when not copying.
  *
@@ -42507,39 +68264,192 @@ SP_NOINLINE static sp_digit sp_1024_sub_in_place_32(sp_digit* a,
  * b  A single precision number to subtract.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b, sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #128\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "sbcs	r5, r5, r6\n\t"
-        "sbcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "\n"
+    "L_sp_1024_cond_sub_32_words:\n\t"
+        "SUBS	r4, r8, r4\n\t"
+        "LDR	r6, [%[a], r5]\n\t"
+        "LDR	r7, [%[b], r5]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "SBCS	r6, r6, r7\n\t"
+        "SBC	r4, r8, r8\n\t"
+        "STR	r6, [%[r], r5]\n\t"
+        "ADD	r5, r5, #0x4\n\t"
+        "CMP	r5, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_1024_cond_sub_32_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_1024_cond_sub_32_words\n\t"
+#endif
+        "MOV	%[r], r4\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
 
-    return c;
+#else
+/* Conditionally subtract b from a using the mask m.
+ * m is -1 to subtract and 0 when not copying.
+ *
+ * r  A single precision number representing condition subtract result.
+ * a  A single precision number to subtract from.
+ * b  A single precision number to subtract.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r5, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SUBS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "SBCS	r6, r6, r8\n\t"
+        "SBCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "SBC	%[r], r5, r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
 #ifdef WOLFSSL_SP_SMALL
 /* Add b to a into r. (r = a + b)
  *
@@ -42547,84 +68457,354 @@ SP_NOINLINE static sp_digit sp_1024_cond_sub_32(sp_digit* r, const sp_digit* a,
  * a  A single precision integer.
  * b  A single precision integer.
  */
-SP_NOINLINE static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_digit sp_1024_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "mov	r8, #0\n\t"
-        "add	r6, r6, #128\n\t"
-        "sub	r8, r8, #1\n\t"
-        "\n1:\n\t"
-        "adds	%[c], %[c], r8\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "adcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "mov	%[c], #0\n\t"
-        "adc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADD	r12, %[a], #0x80\n\t"
+        "\n"
+    "L_sp_1024_add_32_word:\n\t"
+        "ADDS	r3, r3, #0xffffffff\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "MOV	r4, #0x0\n\t"
+        "ADC	r3, r4, #0x0\n\t"
+        "CMP	%[a], r12\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
+        "BNE	L_sp_1024_add_32_word\n\t"
 #else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        "BNE.N	L_sp_1024_add_32_word\n\t"
+#endif
+        "MOV	%[r], r3\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
         :
-        : "memory", "r4", "r5", "r6", "r8"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r3", "r12", "cc"
     );
-
-    return c;
+    return (uint32_t)(size_t)r;
 }
 
 #endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_SMALL
 /* Mul a by digit b into r. (r = a * b)
  *
  * r  A single precision integer.
  * a  A single precision integer.
  * b  A single precision digit.
  */
-SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
-        sp_digit b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "add	r9, %[a], #128\n\t"
         /* A[0] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r5, r3, r6, %[b]\n\t"
-        "mov	r4, #0\n\t"
-        "str	r5, [%[r]], #4\n\t"
-        /* A[0] * B - Done */
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        /* A[] * B */
-        "ldr	r6, [%[a]], #4\n\t"
-        "umull	r6, r8, r6, %[b]\n\t"
-        "adds	r3, r3, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	r5, r5, #0\n\t"
-        /* A[] * B - Done */
-        "str	r3, [%[r]], #4\n\t"
-        "mov	r3, r4\n\t"
-        "mov	r4, r5\n\t"
-        "cmp	%[a], r9\n\t"
+        "LDR	r8, [%[a]]\n\t"
+        "UMULL	r5, r3, %[b], r8\n\t"
+        "MOV	r4, #0x0\n\t"
+        "STR	r5, [%[r]]\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r9, #0x4\n\t"
+        "\n"
+    "L_sp_1024_mul_d_32_word:\n\t"
+        /* A[i] * B */
+        "LDR	r8, [%[a], r9]\n\t"
+        "UMULL	r6, r7, %[b], r8\n\t"
+        "ADDS	r3, r3, r6\n\t"
+        "ADCS	r4, r4, r7\n\t"
+        "ADC	r5, r5, #0x0\n\t"
+        "STR	r3, [%[r], r9]\n\t"
+        "MOV	r3, r4\n\t"
+        "MOV	r4, r5\n\t"
+        "MOV	r5, #0x0\n\t"
+        "ADD	r9, r9, #0x4\n\t"
+        "CMP	r9, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_1024_mul_d_32_word\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "str	r3, [%[r]]\n\t"
-        : [r] "+r" (r), [a] "+r" (a)
-        : [b] "r" (b)
-        : "memory", "r3", "r4", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_1024_mul_d_32_word\n\t"
+#endif
+        "STR	r3, [%[r], #128]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "cc"
+    );
+}
+
+#else
+/* Mul a by digit b into r. (r = a * b)
+ *
+ * r  A single precision integer.
+ * a  A single precision integer.
+ * b  A single precision digit.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_mul_d_32(sp_digit* r_p, const sp_digit* a_p, sp_digit b_p)
+#else
+static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a, sp_digit b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register sp_digit b __asm__ ("r2") = (sp_digit)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        /* A[0] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMULL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[1] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[2] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[3] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[4] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[5] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[6] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[7] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[8] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[9] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[10] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[11] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[12] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[13] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[14] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[15] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[16] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[17] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[18] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[19] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[20] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[21] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[22] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[23] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[24] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[25] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[26] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[27] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[28] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "MOV	r3, #0x0\n\t"
+        /* A[29] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r5, r3, %[b], r8\n\t"
+        "STM	%[r]!, {r5}\n\t"
+        "MOV	r4, #0x0\n\t"
+        /* A[30] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r3, r4, %[b], r8\n\t"
+        "STM	%[r]!, {r3}\n\t"
+        "MOV	r5, #0x0\n\t"
+        /* A[31] * B */
+        "LDM	%[a]!, {r8}\n\t"
+        "UMLAL	r4, r5, %[b], r8\n\t"
+        "STM	%[r]!, {r4}\n\t"
+        "STR	r5, [%[r]]\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
+    );
+}
+
+#endif /* WOLFSSL_SP_SMALL */
+#ifdef WOLFSSL_SP_USE_UDIV
+/* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
+ *
+ * d1   The high order half of the number to divide.
+ * d0   The low order half of the number to divide.
+ * div  The divisor.
+ * returns the result of the division.
+ *
+ * Note that this is an approximate div. It may give an answer 1 larger.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "LSR	r8, %[div], #16\n\t"
+        "ADD	r5, r8, #0x1\n\t"
+        "UDIV	r6, %[d1], r5\n\t"
+        "LSL	r7, %[div], #16\n\t"
+        "LSL	r6, r6, #16\n\t"
+        "UMULL	r3, r4, %[div], r6\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "SUBS	r3, %[d1], r5\n\t"
+        "SBC	r9, r9, r9\n\t"
+        "ADD	r9, r9, #0x1\n\t"
+        "RSB	r10, r9, #0x0\n\t"
+        "LSL	r9, r9, #16\n\t"
+        "AND	r7, r7, r10\n\t"
+        "AND	r8, r8, r10\n\t"
+        "SUBS	%[d0], %[d0], r7\n\t"
+        "ADD	r6, r6, r9\n\t"
+        "SBC	%[d1], %[d1], r8\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "UMULL	r3, r4, %[div], r3\n\t"
+        "SUBS	%[d0], %[d0], r3\n\t"
+        "SBC	%[d1], %[d1], r4\n\t"
+        "LSL	r4, %[d1], #16\n\t"
+        "LSR	r3, %[d0], #16\n\t"
+        "ORR	r3, r3, r4\n\t"
+        "UDIV	r3, r3, r5\n\t"
+        "ADD	r6, r6, r3\n\t"
+        "MUL	r3, %[div], r3\n\t"
+        "SUB	%[d0], %[d0], r3\n\t"
+        "UDIV	r3, %[d0], %[div]\n\t"
+        "ADD	%[d1], r6, r3\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
+    return (uint32_t)(size_t)d1;
 }
 
+#else
 /* Divide the double width number (d1|d0) by the divisor. (d1|d0 / div)
  *
  * d1   The high order half of the number to divide.
@@ -42634,49 +68814,69 @@ SP_NOINLINE static void sp_1024_mul_d_32(sp_digit* r, const sp_digit* a,
  *
  * Note that this is an approximate div. It may give an answer 1 larger.
  */
-SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0,
-        sp_digit div)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1_p, sp_digit d0_p, sp_digit div_p)
+#else
+SP_NOINLINE static sp_digit div_1024_word_32(sp_digit d1, sp_digit d0, sp_digit div)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit d1 __asm__ ("r0") = (sp_digit)d1_p;
+    register sp_digit d0 __asm__ ("r1") = (sp_digit)d0_p;
+    register sp_digit div __asm__ ("r2") = (sp_digit)div_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "lsr	r6, %[div], #16\n\t"
-        "add	r6, r6, #1\n\t"
-        "udiv	r4, %[d1], r6\n\t"
-        "lsl	r8, r4, #16\n\t"
-        "umull	r4, r5, %[div], r8\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r5, %[d1], r6\n\t"
-        "lsl	r4, r5, #16\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "lsl	r4, %[d1], #16\n\t"
-        "orr	r4, r4, %[d0], lsr #16\n\t"
-        "udiv	r4, r4, r6\n\t"
-        "add	r8, r8, r4\n\t"
-        "umull	r4, r5, %[div], r4\n\t"
-        "subs	%[d0], %[d0], r4\n\t"
-        "sbc	%[d1], %[d1], r5\n\t"
-        "udiv	r4, %[d0], %[div]\n\t"
-        "add	r8, r8, r4\n\t"
-        "mov	%[r], r8\n\t"
-        : [r] "+r" (r)
-        : [d1] "r" (d1), [d0] "r" (d0), [div] "r" (div)
-        : "r4", "r5", "r6", "r8"
+        "LSR	r5, %[div], #1\n\t"
+        "ADD	r5, r5, #0x1\n\t"
+        "MOV	r6, %[d0]\n\t"
+        "MOV	r7, %[d1]\n\t"
+        /* Do top 32 */
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "MOV	r3, #0x0\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        /* Next 30 bits */
+        "MOV	r4, #0x1d\n\t"
+        "\n"
+    "L_div_1024_word_32_bit:\n\t"
+        "LSLS	r6, r6, #1\n\t"
+        "ADC	r7, r7, r7\n\t"
+        "SUBS	r8, r5, r7\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "SUB	r3, r3, r8\n\t"
+        "AND	r8, r8, r5\n\t"
+        "SUBS	r7, r7, r8\n\t"
+        "SUBS	r4, r4, #0x1\n\t"
+        "bpl	L_div_1024_word_32_bit\n\t"
+        "ADD	r3, r3, r3\n\t"
+        "ADD	r3, r3, #0x1\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "UMULL	r6, r7, r3, %[div]\n\t"
+        "SUBS	r9, %[d0], r6\n\t"
+        "SBC	r10, %[d1], r7\n\t"
+        "ADD	r3, r3, r10\n\t"
+        "SUBS	r8, %[div], r9\n\t"
+        "SBC	r8, r8, r8\n\t"
+        "SUB	%[d1], r3, r8\n\t"
+        : [d1] "+r" (d1), [d0] "+r" (d0), [div] "+r" (div)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
     );
-    return r;
+    return (uint32_t)(size_t)d1;
 }
 
+#endif
 /* AND m into each word of a and store in r.
  *
  * r  A single precision integer.
@@ -42714,44 +68914,401 @@ static void sp_1024_mask_32(sp_digit* r, const sp_digit* a, sp_digit m)
  * return -ve, 0 or +ve if a is less than, equal to or greater than b
  * respectively.
  */
-SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_int32 sp_1024_cmp_32(const sp_digit* a_p, const sp_digit* b_p)
+#else
+static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit r = 0;
-
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register const sp_digit* a __asm__ ("r0") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r1") = (const sp_digit*)b_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r3, #0\n\t"
-        "mvn	r3, r3\n\t"
-        "mov	r6, #124\n\t"
-        "\n1:\n\t"
-        "ldr	r8, [%[a], r6]\n\t"
-        "ldr	r5, [%[b], r6]\n\t"
-        "and	r8, r8, r3\n\t"
-        "and	r5, r5, r3\n\t"
-        "mov	r4, r8\n\t"
-        "subs	r8, r8, r5\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "add	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "subs	r5, r5, r4\n\t"
-        "sbc	r8, r8, r8\n\t"
-        "sub	%[r], %[r], r8\n\t"
-        "mvn	r8, r8\n\t"
-        "and	r3, r3, r8\n\t"
-        "sub	r6, r6, #4\n\t"
-        "cmp	r6, #0\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bge	1b\n\t"
+        "MOV	r2, #0xffffffff\n\t"
+        "MOV	r8, #0x1\n\t"
+        "MOV	r7, #0x0\n\t"
+        "MOV	r3, #0xffffffff\n\t"
+#ifdef WOLFSSL_SP_SMALL
+        "MOV	r6, #0x7c\n\t"
+        "\n"
+    "L_sp_1024_cmp_32_words:\n\t"
+        "LDR	r4, [%[a], r6]\n\t"
+        "LDR	r5, [%[b], r6]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "SUBS	r6, r6, #0x4\n\t"
+        "bcs	L_sp_1024_cmp_32_words\n\t"
+        "EOR	r2, r2, r3\n\t"
 #else
-        "bge.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [r] "+r" (r)
-        : [a] "r" (a), [b] "r" (b)
-        : "r3", "r4", "r5", "r6", "r8"
+        "LDR	r4, [%[a], #124]\n\t"
+        "LDR	r5, [%[b], #124]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #120]\n\t"
+        "LDR	r5, [%[b], #120]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "LDR	r5, [%[b], #116]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #112]\n\t"
+        "LDR	r5, [%[b], #112]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #108]\n\t"
+        "LDR	r5, [%[b], #108]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "LDR	r5, [%[b], #104]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #100]\n\t"
+        "LDR	r5, [%[b], #100]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #96]\n\t"
+        "LDR	r5, [%[b], #96]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "LDR	r5, [%[b], #92]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #88]\n\t"
+        "LDR	r5, [%[b], #88]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #84]\n\t"
+        "LDR	r5, [%[b], #84]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "LDR	r5, [%[b], #80]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #76]\n\t"
+        "LDR	r5, [%[b], #76]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #72]\n\t"
+        "LDR	r5, [%[b], #72]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "LDR	r5, [%[b], #68]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #64]\n\t"
+        "LDR	r5, [%[b], #64]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #60]\n\t"
+        "LDR	r5, [%[b], #60]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "LDR	r5, [%[b], #56]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #52]\n\t"
+        "LDR	r5, [%[b], #52]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #48]\n\t"
+        "LDR	r5, [%[b], #48]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "LDR	r5, [%[b], #44]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #40]\n\t"
+        "LDR	r5, [%[b], #40]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #36]\n\t"
+        "LDR	r5, [%[b], #36]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "LDR	r5, [%[b], #32]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #28]\n\t"
+        "LDR	r5, [%[b], #28]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #24]\n\t"
+        "LDR	r5, [%[b], #24]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "LDR	r5, [%[b], #20]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #16]\n\t"
+        "LDR	r5, [%[b], #16]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #12]\n\t"
+        "LDR	r5, [%[b], #12]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "LDR	r5, [%[b], #8]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a], #4]\n\t"
+        "LDR	r5, [%[b], #4]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[b]]\n\t"
+        "AND	r4, r4, r3\n\t"
+        "AND	r5, r5, r3\n\t"
+        "SUBS	r4, r4, r5\n\t"
+        "IT	hi\n\t"
+        "movhi	r2, r8\n\t"
+        "IT	lo\n\t"
+        "movlo	r2, r3\n\t"
+        "IT	ne\n\t"
+        "movne	r3, r7\n\t"
+        "EOR	r2, r2, r3\n\t"
+#endif /*WOLFSSL_SP_SMALL */
+        "MOV	%[a], r2\n\t"
+        : [a] "+r" (a), [b] "+r" (b)
+        :
+        : "memory", "r2", "r3", "r4", "r5", "r6", "r7", "r8", "cc"
     );
-
-    return r;
+    return (uint32_t)(size_t)a;
 }
 
 /* Divide d in a and put remainder into r (m*d + r = a)
@@ -42763,8 +69320,8 @@ SP_NOINLINE static sp_int32 sp_1024_cmp_32(const sp_digit* a, const sp_digit* b)
  * r  Remainder from the division.
  * returns MP_OKAY indicating success.
  */
-static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d, sp_digit* m,
-        sp_digit* r)
+static WC_INLINE int sp_1024_div_32(const sp_digit* a, const sp_digit* d,
+        sp_digit* m, sp_digit* r)
 {
     sp_digit t1[64], t2[33];
     sp_digit div, r1;
@@ -42897,14 +69454,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 32
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 31);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 31);
     }
 #elif DIGIT_BIT > 32
     unsigned int i;
@@ -43082,113 +69639,537 @@ static int sp_1024_point_to_ecc_point_32(const sp_point_1024* p, ecc_point* pm)
     return err;
 }
 
+#ifdef WOLFSSL_SP_NO_UMAAL
 /* Reduce the number back to 1024 bits using Montgomery reduction.
  *
  * a   A single precision number to reduce in place.
  * m   The single precision number representing the modulus.
  * mp  The digit representing the negative inverse of m mod 2^n.
  */
-SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
-        sp_digit mp)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit ca = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r9, %[mp]\n\t"
-        "mov	r12, %[m]\n\t"
-        "mov	r10, %[a]\n\t"
-        "mov	r4, #0\n\t"
-        "add	r11, r10, #128\n\t"
-        "\n1:\n\t"
+        "LDR	lr, [%[m]]\n\t"
+        /* i = 0 */
+        "MOV	r11, #0x0\n\t"
+        "MOV	r3, #0x0\n\t"
+        "LDR	r4, [%[a]]\n\t"
+        "LDR	r5, [%[a], #4]\n\t"
+        "\n"
+    "L_sp_1024_mont_reduce_32_word:\n\t"
         /* mu = a[i] * mp */
-        "mov	%[mp], r9\n\t"
-        "ldr	%[a], [r10]\n\t"
-        "mul	%[mp], %[mp], %[a]\n\t"
-        "mov	%[m], r12\n\t"
-        "add	r14, r10, #120\n\t"
-        "\n2:\n\t"
-        /* a[i+j] += m[j] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
-        /* a[i+j+1] += m[j+1] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r4, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r4, r4, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r5, r5, %[a]\n\t"
-        "adc	r4, r4, #0\n\t"
-        "str	r5, [r10], #4\n\t"
-        "cmp	r10, r14\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	2b\n\t"
-#else
-        "blt.n	2b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
+        "MUL	r10, %[mp], r4\n\t"
+        /* a[i+0] += m[0] * mu */
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r4, r7, r10, lr\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r9, [%[m], #4]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r5, r6, r10, r9\n\t"
+        "MOV	r4, r5\n\t"
+        "ADDS	r4, r4, r7\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r9, [%[m], #8]\n\t"
+        "LDR	r5, [%[a], #8]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r5, r7, r10, r9\n\t"
+        "ADDS	r5, r5, r6\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r9, [%[m], #12]\n\t"
+        "LDR	r12, [%[a], #12]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #12]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r9, [%[m], #16]\n\t"
+        "LDR	r12, [%[a], #16]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #16]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r9, [%[m], #20]\n\t"
+        "LDR	r12, [%[a], #20]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #20]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r9, [%[m], #24]\n\t"
+        "LDR	r12, [%[a], #24]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #24]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r9, [%[m], #28]\n\t"
+        "LDR	r12, [%[a], #28]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #28]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r9, [%[m], #32]\n\t"
+        "LDR	r12, [%[a], #32]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #32]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r9, [%[m], #36]\n\t"
+        "LDR	r12, [%[a], #36]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #36]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r9, [%[m], #40]\n\t"
+        "LDR	r12, [%[a], #40]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #40]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r9, [%[m], #44]\n\t"
+        "LDR	r12, [%[a], #44]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #44]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r9, [%[m], #48]\n\t"
+        "LDR	r12, [%[a], #48]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #48]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r9, [%[m], #52]\n\t"
+        "LDR	r12, [%[a], #52]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #52]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r9, [%[m], #56]\n\t"
+        "LDR	r12, [%[a], #56]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #56]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r9, [%[m], #60]\n\t"
+        "LDR	r12, [%[a], #60]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #60]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r9, [%[m], #64]\n\t"
+        "LDR	r12, [%[a], #64]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #64]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r9, [%[m], #68]\n\t"
+        "LDR	r12, [%[a], #68]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #68]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r9, [%[m], #72]\n\t"
+        "LDR	r12, [%[a], #72]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #72]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r9, [%[m], #76]\n\t"
+        "LDR	r12, [%[a], #76]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #76]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r9, [%[m], #80]\n\t"
+        "LDR	r12, [%[a], #80]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #80]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r9, [%[m], #84]\n\t"
+        "LDR	r12, [%[a], #84]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #84]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r9, [%[m], #88]\n\t"
+        "LDR	r12, [%[a], #88]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #88]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r9, [%[m], #92]\n\t"
+        "LDR	r12, [%[a], #92]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #92]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r9, [%[m], #96]\n\t"
+        "LDR	r12, [%[a], #96]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #96]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r9, [%[m], #100]\n\t"
+        "LDR	r12, [%[a], #100]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #100]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r9, [%[m], #104]\n\t"
+        "LDR	r12, [%[a], #104]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #104]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r9, [%[m], #108]\n\t"
+        "LDR	r12, [%[a], #108]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #108]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r9, [%[m], #112]\n\t"
+        "LDR	r12, [%[a], #112]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #112]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r9, [%[m], #116]\n\t"
+        "LDR	r12, [%[a], #116]\n\t"
+        "MOV	r6, #0x0\n\t"
+        "UMLAL	r12, r6, r10, r9\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #116]\n\t"
+        "ADC	r6, r6, #0x0\n\t"
         /* a[i+30] += m[30] * mu */
-        "ldr	%[a], [r10]\n\t"
-        "mov	r5, #0\n\t"
-        /* Multiply m[j] and mu - Start */
-        "ldr	r8, [%[m]], #4\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	%[a], %[a], r6\n\t"
-        "adc	r5, r5, r8\n\t"
-        /* Multiply m[j] and mu - Done */
-        "adds	r4, r4, %[a]\n\t"
-        "adc	r5, r5, #0\n\t"
-        "str	r4, [r10], #4\n\t"
+        "LDR	r9, [%[m], #120]\n\t"
+        "LDR	r12, [%[a], #120]\n\t"
+        "MOV	r7, #0x0\n\t"
+        "UMLAL	r12, r7, r10, r9\n\t"
+        "ADDS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #120]\n\t"
+        "ADC	r7, r7, #0x0\n\t"
         /* a[i+31] += m[31] * mu */
-        "mov	r4, %[ca]\n\t"
-        "mov	%[ca], #0\n\t"
-        /* Multiply m[31] and mu - Start */
-        "ldr	r8, [%[m]]\n\t"
-        "umull	r6, r8, %[mp], r8\n\t"
-        "adds	r5, r5, r6\n\t"
-        "adcs 	r4, r4, r8\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        /* Multiply m[31] and mu - Done */
-        "ldr	r6, [r10]\n\t"
-        "ldr	r8, [r10, #4]\n\t"
-        "adds	r6, r6, r5\n\t"
-        "adcs	r8, r8, r4\n\t"
-        "adc	%[ca], %[ca], #0\n\t"
-        "str	r6, [r10]\n\t"
-        "str	r8, [r10, #4]\n\t"
-        /* Next word in a */
-        "sub	r10, r10, #120\n\t"
-        "cmp	r10, r11\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
-#else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        "ldr	r6, [%[m]]\n\t"
-        "subs	r6, r6, r8\n\t"
-        "neg	%[ca], %[ca]\n\t"
-        "sbc	r6, r6, r6\n\t"
-        "orr	%[ca], %[ca], r6\n\t"
-        "mov	%[a], r10\n\t"
-        "mov	%[m], r12\n\t"
-        : [ca] "+r" (ca), [a] "+r" (a)
-        : [m] "r" (m), [mp] "r" (mp)
-        : "memory", "r4", "r5", "r6", "r8", "r9", "r10", "r11", "r12", "r14"
+        "LDR	r9, [%[m], #124]\n\t"
+        "LDR	r12, [%[a], #124]\n\t"
+        "UMULL	r8, r9, r10, r9\n\t"
+        "ADDS	r7, r7, r8\n\t"
+        "ADCS	r6, r9, r3\n\t"
+        "MOV	r3, #0x0\n\t"
+        "ADC	r3, r3, r3\n\t"
+        "ADDS	r12, r12, r7\n\t"
+        "STR	r12, [%[a], #124]\n\t"
+        "LDR	r12, [%[a], #128]\n\t"
+        "ADCS	r12, r12, r6\n\t"
+        "STR	r12, [%[a], #128]\n\t"
+        "ADC	r3, r3, #0x0\n\t"
+        /* i += 1 */
+        "ADD	r11, r11, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r11, #0x80\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_1024_mont_reduce_32_word\n\t"
+#else
+        "BLT.W	L_sp_1024_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r4, [%[a]]\n\t"
+        "STR	r5, [%[a], #4]\n\t"
+        "LDR	r8, [%[m], #124]\n\t"
+        "SUBS	r12, r8, r12\n\t"
+        "neg	r3, r3\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "ORR	r3, r3, r12\n\t"
+        "MOV	%[mp], r3\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
     );
+    sp_1024_cond_sub_32(a - 32, a, m, mp);
+}
+
+#else
+/* Reduce the number back to 1024 bits using Montgomery reduction.
+ *
+ * a   A single precision number to reduce in place.
+ * m   The single precision number representing the modulus.
+ * mp  The digit representing the negative inverse of m mod 2^n.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a_p, const sp_digit* m_p, sp_digit mp_p)
+#else
+SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* a __asm__ ("r0") = (sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r1") = (const sp_digit*)m_p;
+    register sp_digit mp __asm__ ("r2") = (sp_digit)mp_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
-    sp_1024_cond_sub_32(a - 32, a, m, ca);
+    __asm__ __volatile__ (
+        /* i = 0 */
+        "MOV	r4, #0x0\n\t"
+        "MOV	r5, #0x0\n\t"
+        "LDR	r6, [%[a]]\n\t"
+        "LDR	r7, [%[a], #4]\n\t"
+        "LDR	r8, [%[a], #8]\n\t"
+        "LDR	r9, [%[a], #12]\n\t"
+        "LDR	r10, [%[a], #16]\n\t"
+        "\n"
+    "L_sp_1024_mont_reduce_32_word:\n\t"
+        /* mu = a[i] * mp */
+        "MUL	lr, %[mp], r6\n\t"
+        /* a[i+0] += m[0] * mu */
+        "LDR	r12, [%[m]]\n\t"
+        "MOV	r3, #0x0\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+1] += m[1] * mu */
+        "LDR	r12, [%[m], #4]\n\t"
+        "MOV	r6, r7\n\t"
+        "UMAAL	r6, r3, lr, r12\n\t"
+        /* a[i+2] += m[2] * mu */
+        "LDR	r12, [%[m], #8]\n\t"
+        "MOV	r7, r8\n\t"
+        "UMAAL	r7, r3, lr, r12\n\t"
+        /* a[i+3] += m[3] * mu */
+        "LDR	r12, [%[m], #12]\n\t"
+        "MOV	r8, r9\n\t"
+        "UMAAL	r8, r3, lr, r12\n\t"
+        /* a[i+4] += m[4] * mu */
+        "LDR	r12, [%[m], #16]\n\t"
+        "MOV	r9, r10\n\t"
+        "UMAAL	r9, r3, lr, r12\n\t"
+        /* a[i+5] += m[5] * mu */
+        "LDR	r12, [%[m], #20]\n\t"
+        "LDR	r10, [%[a], #20]\n\t"
+        "UMAAL	r10, r3, lr, r12\n\t"
+        /* a[i+6] += m[6] * mu */
+        "LDR	r12, [%[m], #24]\n\t"
+        "LDR	r11, [%[a], #24]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #24]\n\t"
+        /* a[i+7] += m[7] * mu */
+        "LDR	r12, [%[m], #28]\n\t"
+        "LDR	r11, [%[a], #28]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #28]\n\t"
+        /* a[i+8] += m[8] * mu */
+        "LDR	r12, [%[m], #32]\n\t"
+        "LDR	r11, [%[a], #32]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #32]\n\t"
+        /* a[i+9] += m[9] * mu */
+        "LDR	r12, [%[m], #36]\n\t"
+        "LDR	r11, [%[a], #36]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #36]\n\t"
+        /* a[i+10] += m[10] * mu */
+        "LDR	r12, [%[m], #40]\n\t"
+        "LDR	r11, [%[a], #40]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #40]\n\t"
+        /* a[i+11] += m[11] * mu */
+        "LDR	r12, [%[m], #44]\n\t"
+        "LDR	r11, [%[a], #44]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #44]\n\t"
+        /* a[i+12] += m[12] * mu */
+        "LDR	r12, [%[m], #48]\n\t"
+        "LDR	r11, [%[a], #48]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #48]\n\t"
+        /* a[i+13] += m[13] * mu */
+        "LDR	r12, [%[m], #52]\n\t"
+        "LDR	r11, [%[a], #52]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #52]\n\t"
+        /* a[i+14] += m[14] * mu */
+        "LDR	r12, [%[m], #56]\n\t"
+        "LDR	r11, [%[a], #56]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #56]\n\t"
+        /* a[i+15] += m[15] * mu */
+        "LDR	r12, [%[m], #60]\n\t"
+        "LDR	r11, [%[a], #60]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #60]\n\t"
+        /* a[i+16] += m[16] * mu */
+        "LDR	r12, [%[m], #64]\n\t"
+        "LDR	r11, [%[a], #64]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #64]\n\t"
+        /* a[i+17] += m[17] * mu */
+        "LDR	r12, [%[m], #68]\n\t"
+        "LDR	r11, [%[a], #68]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #68]\n\t"
+        /* a[i+18] += m[18] * mu */
+        "LDR	r12, [%[m], #72]\n\t"
+        "LDR	r11, [%[a], #72]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #72]\n\t"
+        /* a[i+19] += m[19] * mu */
+        "LDR	r12, [%[m], #76]\n\t"
+        "LDR	r11, [%[a], #76]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #76]\n\t"
+        /* a[i+20] += m[20] * mu */
+        "LDR	r12, [%[m], #80]\n\t"
+        "LDR	r11, [%[a], #80]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #80]\n\t"
+        /* a[i+21] += m[21] * mu */
+        "LDR	r12, [%[m], #84]\n\t"
+        "LDR	r11, [%[a], #84]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #84]\n\t"
+        /* a[i+22] += m[22] * mu */
+        "LDR	r12, [%[m], #88]\n\t"
+        "LDR	r11, [%[a], #88]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #88]\n\t"
+        /* a[i+23] += m[23] * mu */
+        "LDR	r12, [%[m], #92]\n\t"
+        "LDR	r11, [%[a], #92]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #92]\n\t"
+        /* a[i+24] += m[24] * mu */
+        "LDR	r12, [%[m], #96]\n\t"
+        "LDR	r11, [%[a], #96]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #96]\n\t"
+        /* a[i+25] += m[25] * mu */
+        "LDR	r12, [%[m], #100]\n\t"
+        "LDR	r11, [%[a], #100]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #100]\n\t"
+        /* a[i+26] += m[26] * mu */
+        "LDR	r12, [%[m], #104]\n\t"
+        "LDR	r11, [%[a], #104]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #104]\n\t"
+        /* a[i+27] += m[27] * mu */
+        "LDR	r12, [%[m], #108]\n\t"
+        "LDR	r11, [%[a], #108]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #108]\n\t"
+        /* a[i+28] += m[28] * mu */
+        "LDR	r12, [%[m], #112]\n\t"
+        "LDR	r11, [%[a], #112]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #112]\n\t"
+        /* a[i+29] += m[29] * mu */
+        "LDR	r12, [%[m], #116]\n\t"
+        "LDR	r11, [%[a], #116]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #116]\n\t"
+        /* a[i+30] += m[30] * mu */
+        "LDR	r12, [%[m], #120]\n\t"
+        "LDR	r11, [%[a], #120]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "STR	r11, [%[a], #120]\n\t"
+        /* a[i+31] += m[31] * mu */
+        "LDR	r12, [%[m], #124]\n\t"
+        "LDR	r11, [%[a], #124]\n\t"
+        "UMAAL	r11, r3, lr, r12\n\t"
+        "LDR	lr, [%[a], #128]\n\t"
+        "MOV	r12, #0x0\n\t"
+        "UMAAL	r3, lr, r12, r12\n\t"
+        "STR	r11, [%[a], #124]\n\t"
+        "ADDS	r3, r3, r5\n\t"
+        "ADC	r5, lr, #0x0\n\t"
+        "STR	r3, [%[a], #128]\n\t"
+        /* i += 1 */
+        "ADD	r4, r4, #0x4\n\t"
+        "ADD	%[a], %[a], #0x4\n\t"
+        "CMP	r4, #0x80\n\t"
+#ifdef __GNUC__
+        "BLT	L_sp_1024_mont_reduce_32_word\n\t"
+#else
+        "BLT.W	L_sp_1024_mont_reduce_32_word\n\t"
+#endif
+        /* Loop Done */
+        "STR	r6, [%[a]]\n\t"
+        "STR	r7, [%[a], #4]\n\t"
+        "STR	r8, [%[a], #8]\n\t"
+        "STR	r9, [%[a], #12]\n\t"
+        "STR	r10, [%[a], #16]\n\t"
+        "LDR	r12, [%[m], #124]\n\t"
+        "SUBS	r3, r12, r3\n\t"
+        "neg	r5, r5\n\t"
+        "SBC	r3, r3, r3\n\t"
+        "ORR	r5, r5, r3\n\t"
+        "MOV	%[mp], r5\n\t"
+        : [a] "+r" (a), [m] "+r" (m), [mp] "+r" (mp)
+        :
+        : "memory", "r3", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "lr", "cc"
+    );
+    sp_1024_cond_sub_32(a - 32, a, m, mp);
 }
 
+#endif
 /* Multiply two Montgomery form numbers mod the modulus (prime).
  * (r = a * b mod m)
  *
@@ -43196,7 +70177,7 @@ SP_NOINLINE static void sp_1024_mont_reduce_32(sp_digit* a, const sp_digit* m,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -43210,7 +70191,7 @@ SP_NOINLINE static void sp_1024_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -43333,166 +70314,175 @@ static void sp_1024_map_32(sp_point_1024* r, const sp_point_1024* p,
  * b   Second number to add in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adds      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldr   r14, [%[m], #124]\n\t"
-        "adc   r12, r12, #0\n\t"
-        "subs  r14, r14, r7\n\t"
-        "neg   r12, r12\n\t"
-        "sbc   r14, r14, r14\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "orr   r12, r14\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "subs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbc       r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "sub   %[r], %[r], #128\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDR	r11, [%[m], #124]\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "SUBS	r11, r11, r7\n\t"
+        "neg	r12, r12\n\t"
+        "SBC	r11, r11, r11\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "ORR	r12, r12, r11\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SUBS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBC	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
@@ -43502,149 +70492,158 @@ SP_NOINLINE static void sp_1024_mont_add_32(sp_digit* r, const sp_digit* a, cons
  * a   Number to double in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adds      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldr   r4, [%[m], #124]\n\t"
-        "adc   r12, r12, #0\n\t"
-        "subs  r4, r4, r14\n\t"
-        "neg   r12, r12\n\t"
-        "sbc   r4, r4, r4\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "orr   r12, r4\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "subs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbc       r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "sub   %[r], %[r], #128\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDR	r4, [%[m], #124]\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "SUBS	r4, r4, r11\n\t"
+        "neg	r12, r12\n\t"
+        "SBC	r4, r4, r4\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "ORR	r12, r12, r4\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SUBS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBC	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
     );
 }
 
@@ -43654,304 +70653,313 @@ SP_NOINLINE static void sp_1024_mont_dbl_32(sp_digit* r, const sp_digit* a, cons
  * a   Number to triple in Montgomery form.
  * m   Modulus (prime).
  */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* m_p)
+#else
 SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* m __asm__ ("r2") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adds      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "adcs      r4, r4, r4\n\t"
-        "adcs      r5, r5, r5\n\t"
-        "adcs      r6, r6, r6\n\t"
-        "adcs      r7, r7, r7\n\t"
-        "adcs      r8, r8, r8\n\t"
-        "adcs      r9, r9, r9\n\t"
-        "adcs      r10, r10, r10\n\t"
-        "adcs      r14, r14, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7, r8, r9, r10, r14}\n\t"
-        "ldr   r4, [%[m], #124]\n\t"
-        "adc   r12, r12, #0\n\t"
-        "subs  r4, r4, r14\n\t"
-        "neg   r12, r12\n\t"
-        "sbc   r4, r4, r4\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "orr   r12, r4\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "subs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbc       r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "sub   %[m], %[m], #128\n\t"
-        "sub   %[a], %[a], #128\n\t"
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adds      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "adcs      r8, r8, r4\n\t"
-        "adcs      r9, r9, r5\n\t"
-        "adcs      r10, r10, r6\n\t"
-        "adcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldr   r7, [%[m], #124]\n\t"
-        "adc   r12, r12, #0\n\t"
-        "subs  r7, r7, r14\n\t"
-        "neg   r12, r12\n\t"
-        "sbc   r7, r7, r7\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "orr   r12, r7\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "subs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbcs      r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "ldm %[r], {r8, r9, r10, r14}\n\t"
-        "ldm %[m]!, {r4, r5, r6, r7}\n\t"
-        "and       r4, r4, r12\n\t"
-        "and       r5, r5, r12\n\t"
-        "and       r6, r6, r12\n\t"
-        "and       r7, r7, r12\n\t"
-        "sbcs      r8, r8, r4\n\t"
-        "sbcs      r9, r9, r5\n\t"
-        "sbcs      r10, r10, r6\n\t"
-        "sbc       r14, r14, r7\n\t"
-        "stm %[r]!, {r8, r9, r10, r14}\n\t"
-        "sub   %[r], %[r], #128\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADDS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "ADCS	r4, r4, r4\n\t"
+        "ADCS	r5, r5, r5\n\t"
+        "ADCS	r6, r6, r6\n\t"
+        "ADCS	r7, r7, r7\n\t"
+        "ADCS	r8, r8, r8\n\t"
+        "ADCS	r9, r9, r9\n\t"
+        "ADCS	r10, r10, r10\n\t"
+        "ADCS	r11, r11, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7, r8, r9, r10, r11}\n\t"
+        "LDR	r4, [%[m], #124]\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "SUBS	r4, r4, r11\n\t"
+        "neg	r12, r12\n\t"
+        "SBC	r4, r4, r4\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "ORR	r12, r12, r4\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SUBS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBC	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "SUB	%[m], %[m], #0x80\n\t"
+        "SUB	%[a], %[a], #0x80\n\t"
+        "MOV	r12, #0x0\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADDS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r8, r9, r10, r11}\n\t"
+        "ADCS	r8, r8, r4\n\t"
+        "ADCS	r9, r9, r5\n\t"
+        "ADCS	r10, r10, r6\n\t"
+        "ADCS	r11, r11, r7\n\t"
+        "STM	%[r]!, {r8, r9, r10, r11}\n\t"
+        "LDR	r7, [%[m], #124]\n\t"
+        "ADC	r12, r12, #0x0\n\t"
+        "SUBS	r7, r7, r11\n\t"
+        "neg	r12, r12\n\t"
+        "SBC	r7, r7, r7\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "ORR	r12, r12, r7\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SUBS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBC	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r8", "r9", "r10", "r11", "r4", "r5", "r6", "r7", "r12", "cc"
     );
 }
 
@@ -43962,165 +70970,173 @@ SP_NOINLINE static void sp_1024_mont_tpl_32(sp_digit* r, const sp_digit* a, cons
  * b   Number to subtract with in Montgomery form.
  * m   Modulus (prime).
  */
-SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        const sp_digit* m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, const sp_digit* m_p)
+#else
+SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register const sp_digit* m __asm__ ("r3") = (const sp_digit*)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "mov   r12, #0\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "subs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[a]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[b]!, {r8, r9, r10, r14}\n\t"
-        "sbcs      r4, r4, r8\n\t"
-        "sbcs      r5, r5, r9\n\t"
-        "sbcs      r6, r6, r10\n\t"
-        "sbcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "sbc   r12, r12, r12\n\t"
-        "sub   %[r], %[r], #128\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adds      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adcs      r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "ldm %[r], {r4, r5, r6, r7}\n\t"
-        "ldm %[m]!, {r8, r9, r10, r14}\n\t"
-        "and       r8, r8, r12\n\t"
-        "and       r9, r9, r12\n\t"
-        "and       r10, r10, r12\n\t"
-        "and       r14, r14, r12\n\t"
-        "adcs      r4, r4, r8\n\t"
-        "adcs      r5, r5, r9\n\t"
-        "adcs      r6, r6, r10\n\t"
-        "adc       r7, r7, r14\n\t"
-        "stm %[r]!, {r4, r5, r6, r7}\n\t"
-        "sub   %[r], %[r], #128\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SUBS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[a]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9, r10, r11}\n\t"
+        "SBCS	r4, r4, r8\n\t"
+        "SBCS	r5, r5, r9\n\t"
+        "SBCS	r6, r6, r10\n\t"
+        "SBCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "SBC	r12, r12, r12\n\t"
+        "SUB	%[r], %[r], #0x80\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADDS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADCS	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
+        "LDM	%[r], {r4, r5, r6, r7}\n\t"
+        "LDM	%[m]!, {r8, r9, r10, r11}\n\t"
+        "AND	r8, r8, r12\n\t"
+        "AND	r9, r9, r12\n\t"
+        "AND	r10, r10, r12\n\t"
+        "AND	r11, r11, r12\n\t"
+        "ADCS	r4, r4, r8\n\t"
+        "ADCS	r5, r5, r9\n\t"
+        "ADCS	r6, r6, r10\n\t"
+        "ADC	r7, r7, r11\n\t"
+        "STM	%[r]!, {r4, r5, r6, r7}\n\t"
         : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
         :
-        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r14", "r12"
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "r11", "r12", "cc"
     );
 }
 
-#define sp_1024_mont_sub_lower_32 sp_1024_mont_sub_32
+#ifdef WOLFSSL_SP_SMALL
 /* Conditionally add a and b using the mask m.
  * m is -1 to add and 0 when not.
  *
@@ -44129,172 +71145,333 @@ SP_NOINLINE static void sp_1024_mont_sub_32(sp_digit* r, const sp_digit* a, cons
  * b  A single precision number to add.
  * m  Mask value to apply.
  */
-SP_NOINLINE static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b,
-        sp_digit m)
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
-    sp_digit c = 0;
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 
     __asm__ __volatile__ (
-        "mov	r5, #128\n\t"
-        "mov	r9, r5\n\t"
-        "mov	r8, #0\n\t"
-        "\n1:\n\t"
-        "ldr	r6, [%[b], r8]\n\t"
-        "and	r6, r6, %[m]\n\t"
-        "adds	r5, %[c], #-1\n\t"
-        "ldr	r5, [%[a], r8]\n\t"
-        "adcs	r5, r5, r6\n\t"
-        "mov	%[c], #0\n\t"
-        "adcs	%[c], %[c], %[c]\n\t"
-        "str	r5, [%[r], r8]\n\t"
-        "add	r8, r8, #4\n\t"
-        "cmp	r8, r9\n\t"
+        "MOV	r5, #0x0\n\t"
+        "MOV	r8, #0x0\n\t"
+        "MOV	r4, #0x0\n\t"
+        "\n"
+    "L_sp_1024_cond_add_32_words:\n\t"
+        "ADDS	r5, r5, #0xffffffff\n\t"
+        "LDR	r6, [%[a], r4]\n\t"
+        "LDR	r7, [%[b], r4]\n\t"
+        "AND	r7, r7, %[m]\n\t"
+        "ADCS	r6, r6, r7\n\t"
+        "ADC	r5, r8, r8\n\t"
+        "STR	r6, [%[r], r4]\n\t"
+        "ADD	r4, r4, #0x4\n\t"
+        "CMP	r4, #0x80\n\t"
 #if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "blt	1b\n\t"
+        "BLT	L_sp_1024_cond_add_32_words\n\t"
 #else
-        "blt.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c)
-        : [r] "r" (r), [a] "r" (a), [b] "r" (b), [m] "r" (m)
-        : "memory", "r5", "r6", "r8", "r9"
+        "BLT.N	L_sp_1024_cond_add_32_words\n\t"
+#endif
+        "MOV	%[r], r5\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "cc"
     );
+    return (uint32_t)(size_t)r;
+}
 
-    return c;
+#else
+/* Conditionally add a and b using the mask m.
+ * m is -1 to add and 0 when not.
+ *
+ * r  A single precision number representing conditional add result.
+ * a  A single precision number to add with.
+ * b  A single precision number to add.
+ * m  Mask value to apply.
+ */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static sp_digit sp_1024_cond_add_32(sp_digit* r_p, const sp_digit* a_p, const sp_digit* b_p, sp_digit m_p)
+#else
+static sp_digit sp_1024_cond_add_32(sp_digit* r, const sp_digit* a, const sp_digit* b, sp_digit m)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+{
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+    register const sp_digit* b __asm__ ("r2") = (const sp_digit*)b_p;
+    register sp_digit m __asm__ ("r3") = (sp_digit)m_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
+    __asm__ __volatile__ (
+        "MOV	r10, #0x0\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADDS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "LDM	%[a]!, {r6, r7}\n\t"
+        "LDM	%[b]!, {r8, r9}\n\t"
+        "AND	r8, r8, %[m]\n\t"
+        "AND	r9, r9, %[m]\n\t"
+        "ADCS	r6, r6, r8\n\t"
+        "ADCS	r7, r7, r9\n\t"
+        "STM	%[r]!, {r6, r7}\n\t"
+        "ADC	%[r], r10, r10\n\t"
+        : [r] "+r" (r), [a] "+r" (a), [b] "+r" (b), [m] "+r" (m)
+        :
+        : "memory", "r4", "r5", "r6", "r7", "r8", "r9", "r10", "cc"
+    );
+    return (uint32_t)(size_t)r;
 }
 
+#endif /* WOLFSSL_SP_SMALL */
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+static void sp_1024_rshift1_32(sp_digit* r_p, const sp_digit* a_p)
+#else
 static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
 {
+#ifndef WOLFSSL_NO_VAR_ASSIGN_REG
+    register sp_digit* r __asm__ ("r0") = (sp_digit*)r_p;
+    register const sp_digit* a __asm__ ("r1") = (const sp_digit*)a_p;
+#endif /* !WOLFSSL_NO_VAR_ASSIGN_REG */
+
     __asm__ __volatile__ (
-        "ldr	r2, [%[a]]\n\t"
-        "ldr	r3, [%[a], #4]\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #8]\n\t"
-        "str	r2, [%[r], #0]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #12]\n\t"
-        "str	r3, [%[r], #4]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #16]\n\t"
-        "str	r4, [%[r], #8]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #20]\n\t"
-        "str	r2, [%[r], #12]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #24]\n\t"
-        "str	r3, [%[r], #16]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #28]\n\t"
-        "str	r4, [%[r], #20]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #32]\n\t"
-        "str	r2, [%[r], #24]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #36]\n\t"
-        "str	r3, [%[r], #28]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #40]\n\t"
-        "str	r4, [%[r], #32]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #44]\n\t"
-        "str	r2, [%[r], #36]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #48]\n\t"
-        "str	r3, [%[r], #40]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #52]\n\t"
-        "str	r4, [%[r], #44]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #56]\n\t"
-        "str	r2, [%[r], #48]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #60]\n\t"
-        "str	r3, [%[r], #52]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #64]\n\t"
-        "str	r4, [%[r], #56]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #68]\n\t"
-        "str	r2, [%[r], #60]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #72]\n\t"
-        "str	r3, [%[r], #64]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #76]\n\t"
-        "str	r4, [%[r], #68]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #80]\n\t"
-        "str	r2, [%[r], #72]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #84]\n\t"
-        "str	r3, [%[r], #76]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #88]\n\t"
-        "str	r4, [%[r], #80]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #92]\n\t"
-        "str	r2, [%[r], #84]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #96]\n\t"
-        "str	r3, [%[r], #88]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #100]\n\t"
-        "str	r4, [%[r], #92]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #104]\n\t"
-        "str	r2, [%[r], #96]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #108]\n\t"
-        "str	r3, [%[r], #100]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #112]\n\t"
-        "str	r4, [%[r], #104]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "ldr	r4, [%[a], #116]\n\t"
-        "str	r2, [%[r], #108]\n\t"
-        "orr	r3, r3, r4, lsl #31\n\t"
-        "lsr	r4, r4, #1\n\t"
-        "ldr	r2, [%[a], #120]\n\t"
-        "str	r3, [%[r], #112]\n\t"
-        "orr	r4, r4, r2, lsl #31\n\t"
-        "lsr	r2, r2, #1\n\t"
-        "ldr	r3, [%[a], #124]\n\t"
-        "str	r4, [%[r], #116]\n\t"
-        "orr	r2, r2, r3, lsl #31\n\t"
-        "lsr	r3, r3, #1\n\t"
-        "str	r2, [%[r], #120]\n\t"
-        "str	r3, [%[r], #124]\n\t"
+        "LDM	%[a], {r2, r3}\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #8]\n\t"
+        "STR	r2, [%[r]]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #12]\n\t"
+        "STR	r3, [%[r], #4]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #16]\n\t"
+        "STR	r4, [%[r], #8]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #20]\n\t"
+        "STR	r2, [%[r], #12]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #24]\n\t"
+        "STR	r3, [%[r], #16]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #28]\n\t"
+        "STR	r4, [%[r], #20]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #32]\n\t"
+        "STR	r2, [%[r], #24]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #36]\n\t"
+        "STR	r3, [%[r], #28]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #40]\n\t"
+        "STR	r4, [%[r], #32]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #44]\n\t"
+        "STR	r2, [%[r], #36]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #48]\n\t"
+        "STR	r3, [%[r], #40]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #52]\n\t"
+        "STR	r4, [%[r], #44]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #56]\n\t"
+        "STR	r2, [%[r], #48]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #60]\n\t"
+        "STR	r3, [%[r], #52]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #64]\n\t"
+        "STR	r4, [%[r], #56]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #68]\n\t"
+        "STR	r2, [%[r], #60]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #72]\n\t"
+        "STR	r3, [%[r], #64]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #76]\n\t"
+        "STR	r4, [%[r], #68]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #80]\n\t"
+        "STR	r2, [%[r], #72]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #84]\n\t"
+        "STR	r3, [%[r], #76]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #88]\n\t"
+        "STR	r4, [%[r], #80]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #92]\n\t"
+        "STR	r2, [%[r], #84]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #96]\n\t"
+        "STR	r3, [%[r], #88]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #100]\n\t"
+        "STR	r4, [%[r], #92]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #104]\n\t"
+        "STR	r2, [%[r], #96]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #108]\n\t"
+        "STR	r3, [%[r], #100]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #112]\n\t"
+        "STR	r4, [%[r], #104]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "LDR	r4, [%[a], #116]\n\t"
+        "STR	r2, [%[r], #108]\n\t"
+        "ORR	r3, r3, r4, lsl #31\n\t"
+        "LSR	r4, r4, #1\n\t"
+        "LDR	r2, [%[a], #120]\n\t"
+        "STR	r3, [%[r], #112]\n\t"
+        "ORR	r4, r4, r2, lsl #31\n\t"
+        "LSR	r2, r2, #1\n\t"
+        "LDR	r3, [%[a], #124]\n\t"
+        "STR	r4, [%[r], #116]\n\t"
+        "ORR	r2, r2, r3, lsl #31\n\t"
+        "LSR	r3, r3, #1\n\t"
+        "STR	r2, [%[r], #120]\n\t"
+        "STR	r3, [%[r], #124]\n\t"
+        : [r] "+r" (r), [a] "+r" (a)
         :
-        : [r] "r" (r), [a] "r" (a)
-        : "memory", "r2", "r3", "r4"
+        : "memory", "r2", "r3", "r4", "cc"
     );
 }
 
@@ -44304,7 +71481,7 @@ static void sp_1024_rshift1_32(sp_digit* r, const sp_digit* a)
  * a  Number to divide.
  * m  Modulus (prime).
  */
-SP_NOINLINE static void sp_1024_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
+static void sp_1024_mont_div2_32(sp_digit* r, const sp_digit* a, const sp_digit* m)
 {
     sp_digit o;
 
@@ -44357,7 +71534,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_32(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_32(t2, t2, p1024_mod);
+    sp_1024_mont_div2_32(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_32(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -44367,7 +71544,7 @@ static void sp_1024_proj_point_dbl_32(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_32(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+    sp_1024_mont_sub_32(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_32(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -44390,7 +71567,8 @@ typedef struct sp_1024_proj_point_dbl_32_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_32_ctx* ctx = (sp_1024_proj_point_dbl_32_ctx*)sp_ctx->data;
@@ -44464,7 +71642,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_32(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_32(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -44489,7 +71667,7 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -44514,149 +71692,6 @@ static int sp_1024_proj_point_dbl_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef WOLFSSL_SP_SMALL
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "mov	r6, %[a]\n\t"
-        "add	r6, r6, #128\n\t"
-        "\n1:\n\t"
-        "mov	r5, #0\n\t"
-        "subs	r5, r5, %[c]\n\t"
-        "ldr	r4, [%[a]]\n\t"
-        "ldr	r5, [%[b]]\n\t"
-        "sbcs	r4, r4, r5\n\t"
-        "str	r4, [%[r]]\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        "add	%[a], %[a], #4\n\t"
-        "add	%[b], %[b], #4\n\t"
-        "add	%[r], %[r], #4\n\t"
-        "cmp	%[a], r6\n\t"
-#if defined(__GNUC__) || defined(__ICCARM__) || defined(__IAR_SYSTEMS_ICC__)
-        "bne	1b\n\t"
-#else
-        "bne.n	1b\n\t"
-#endif /* __GNUC__ || __ICCARM__ || __IAR_SYSTEMS_ICC__ */
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r4", "r5", "r6"
-    );
-
-    return c;
-}
-
-#else
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-SP_NOINLINE static sp_digit sp_1024_sub_32(sp_digit* r, const sp_digit* a,
-        const sp_digit* b)
-{
-    sp_digit c = 0;
-
-    __asm__ __volatile__ (
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "subs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "ldm	%[a]!, {r4, r5}\n\t"
-        "ldm	%[b]!, {r6, r8}\n\t"
-        "sbcs	r4, r4, r6\n\t"
-        "sbcs	r5, r5, r8\n\t"
-        "stm	%[r]!, {r4, r5}\n\t"
-        "sbc	%[c], %[c], %[c]\n\t"
-        : [c] "+r" (c), [r] "+r" (r), [a] "+r" (a), [b] "+r" (b)
-        :
-        : "memory", "r4", "r5", "r6", "r8"
-    );
-
-    return c;
-}
-
-#endif /* WOLFSSL_SP_SMALL */
 /* Compare two numbers to determine if they are equal.
  * Constant time implementation.
  *
@@ -44704,12 +71739,12 @@ static int sp_1024_iszero_32(const sp_digit* a)
 static void sp_1024_proj_point_add_32(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*32;
+    sp_digit* t2 = t + 4*32;
+    sp_digit* t3 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_32(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -44731,17 +71766,9 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
@@ -44760,20 +71787,31 @@ static void sp_1024_proj_point_add_32(sp_point_1024* r,
         sp_1024_mont_dbl_32(t3, y, p1024_mod);
         sp_1024_mont_sub_32(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(y, y, x, p1024_mod);
+        sp_1024_mont_sub_32(y, y, x, p1024_mod);
         sp_1024_mont_mul_32(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(y, y, t5, p1024_mod);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -44819,12 +71857,12 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*32;
-        ctx->t3 = t + 4*32;
-        ctx->t4 = t + 6*32;
-        ctx->t5 = t + 8*32;
-        ctx->t6 = t + 10*32;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*32;
+        ctx->t2 = t + 4*32;
+        ctx->t3 = t + 6*32;
+        ctx->t4 = t + 8*32;
+        ctx->t5 = t + 10*32;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -44931,7 +71969,7 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_32(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_32(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -44944,22 +71982,28 @@ static int sp_1024_proj_point_add_32_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -45119,8 +72163,6 @@ static int sp_1024_ecc_mulmod_fast_32(sp_point_1024* r, const sp_point_1024* g,
 }
 
 #if defined(FP_ECC) || !defined(WOLFSSL_SP_SMALL)
-#define sp_1024_mont_dbl_lower_32 sp_1024_mont_dbl_32
-#define sp_1024_mont_tpl_lower_32 sp_1024_mont_tpl_32
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -45159,7 +72201,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+        sp_1024_mont_tpl_32(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45168,8 +72210,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
         sp_1024_mont_dbl_32(t2, b, p1024_mod);
         sp_1024_mont_sub_32(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+        sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_32(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -45189,7 +72231,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_32(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_32(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_32(a, t1, p1024_mod);
+    sp_1024_mont_tpl_32(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_32(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_32(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -45198,8 +72240,8 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_dbl_32(t2, b, p1024_mod);
     sp_1024_mont_sub_32(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_32(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_32(b, t2, p1024_mod);
+    sp_1024_mont_sub_32(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_32(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_32(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -45209,7 +72251,7 @@ static void sp_1024_proj_point_dbl_n_32(sp_point_1024* p, int i,
     sp_1024_mont_sub_32(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_32(y, y, p1024_mod);
+    sp_1024_mont_div2_32(y, y, p1024_mod);
 }
 
 /* Convert the projective point to affine.
@@ -45255,12 +72297,12 @@ typedef struct sp_table_entry_1024 {
 static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*32;
-    sp_digit* t3 = t + 4*32;
-    sp_digit* t4 = t + 6*32;
-    sp_digit* t5 = t + 8*32;
-    sp_digit* t6 = t + 10*32;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*32;
+    sp_digit* t6 = t + 4*32;
+    sp_digit* t1 = t + 6*32;
+    sp_digit* t4 = t + 8*32;
+    sp_digit* t5 = t + 10*32;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -45276,13 +72318,9 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         sp_1024_proj_point_dbl_32(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_32(t2, t2, p->x, p1024_mod);
@@ -45291,33 +72329,40 @@ static void sp_1024_proj_point_add_qz1_32(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_32(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_32(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_32(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_32(t1, t3, p1024_mod);
-        sp_1024_mont_sub_32(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_32(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_32(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_32(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_32(t5, t3, p1024_mod);
+        sp_1024_mont_sub_32(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_32(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_32(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_32(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_32(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_32(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 32; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 32; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_32(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_32(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 32; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 32; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -45548,7 +72593,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -45619,8 +72664,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -45903,7 +72948,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -45974,8 +73019,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_32(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_fast_32(r, g, k, map, ct, heap);
@@ -49729,7 +76774,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -49751,7 +76796,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -49967,7 +77012,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -49993,7 +77038,7 @@ static void sp_1024_proj_mul_qx1_32(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_32(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -52014,7 +79059,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
 }
 
 #endif /* WOLFSSL_SP_SMALL */
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -52129,7 +79174,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_32(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_32(t1, ty, p1024_mod);
+    sp_1024_mont_div2_32(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -52149,7 +79194,7 @@ static void sp_1024_accumulate_line_dbl_32(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_32(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_32(t1, t1, p1024_mod);
+    sp_1024_mont_div2_32(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_32(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -52567,7 +79612,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_32(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_32(t1, ty, p1024_mod);
+        sp_1024_mont_div2_32(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_32(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -52605,7 +79650,7 @@ static void sp_1024_accumulate_line_dbl_n_32(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_32(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_32(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -53416,7 +80461,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -53445,19 +80490,21 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 32;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_32(t1, point->y);
         (void)sp_1024_mod_32(t1, t1, p1024_mod);
         sp_1024_sqr_32(t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
         sp_1024_mul_32(t2, t2, point->x);
         (void)sp_1024_mod_32(t2, t2, p1024_mod);
-        (void)sp_1024_sub_32(t2, p1024_mod, t2);
-        sp_1024_mont_add_32(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_32(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_32(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_32(t1, p1024_mod);
         sp_1024_cond_sub_32(t1, t1, p1024_mod, ~(n >> 31));
         sp_1024_norm_32(t1);
@@ -53474,7 +80521,7 @@ static int sp_1024_ecc_is_point_32(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
index c94da1bd..fd7b88c4 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_dsp32.c
@@ -1180,7 +1180,7 @@ SP_NOINLINE static void sp_256_mul_10(sp_digit* r, const sp_digit* a,
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 static void sp_256_mont_mul_10(sp_digit* r, const sp_digit* a, const sp_digit* b,
         const sp_digit* m, sp_digit mp)
@@ -1281,7 +1281,7 @@ SP_NOINLINE static void sp_256_sqr_10(sp_digit* r, const sp_digit* a)
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m,
         sp_digit mp)
@@ -1297,7 +1297,7 @@ static void sp_256_mont_sqr_10(sp_digit* r, const sp_digit* a, const sp_digit* m
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 static void sp_256_mont_sqr_n_10(sp_digit* r, const sp_digit* a, int n,
         const sp_digit* m, sp_digit mp)
@@ -4464,10 +4464,10 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
         u2 = u2d;
         tmp = tmpd;
 
-	XMEMCPY(u2, r, 40);
-	XMEMCPY(p2->x, x, 40);
-	XMEMCPY(p2->y, y, 40);
-	XMEMCPY(p2->z, z, 40);
+        XMEMCPY(u2, r, 40);
+        XMEMCPY(p2->x, x, 40);
+        XMEMCPY(p2->y, y, 40);
+        XMEMCPY(p2->z, z, 40);
 
             sp_256_mul_10(s, s, p256_norm_order);
         err = sp_256_mod_10(s, s, p256_order);
@@ -4492,7 +4492,7 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
 
         /* (r + n*order).z'.z' mod prime == (u1.G + u2.Q)->x' */
         /* Reload r and convert to Montgomery form. */
-	XMEMCPY(u2, r, 40);
+        XMEMCPY(u2, r, 40);
         err = sp_256_mod_mul_norm_10(u2, u2, p256_mod);
     }
 
@@ -4503,7 +4503,7 @@ int wolfSSL_DSP_ECC_Verify_256(remote_handle64 h, int32 *u1, int hashLen, int32*
         *res = (int)(sp_256_cmp_10(p1->x, u1) == 0);
         if (*res == 0) {
             /* Reload r and add order. */
-	    XMEMCPY(u2, r, 40);
+            XMEMCPY(u2, r, 40);
             carry = sp_256_add_10(u2, u2, p256_order);
             /* Carry means result is greater than mod and is not valid. */
             if (carry == 0) {
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
index 37d554bf..94fc01c3 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_int.c
@@ -197,7 +197,7 @@ This library provides single precision (SP) integer math functions.
     while (0)
 #else
     /* Nothing to do as declared on stack. */
-    #define FREE_SP_INT(n, h)
+    #define FREE_SP_INT(n, h) WC_DO_NOTHING
 #endif
 
 
@@ -318,7 +318,7 @@ while (0)
         FREE_DYN_SP_INT_ARRAY(n, h)
 #else
     /* Nothing to do as data declared on stack. */
-    #define FREE_SP_INT_ARRAY(n, h)
+    #define FREE_SP_INT_ARRAY(n, h) WC_DO_NOTHING
 #endif
 
 
@@ -1245,7 +1245,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
         : [a] "r" (va), [b] "r" (vb), [c] "r" (vc)       \
         : "cc"                                           \
     )
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH >= 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH >= 7)
 /* Count leading zeros - instruction only available on ARMv7 and newer. */
 #define SP_ASM_LZCNT(va, vn)                             \
     __asm__ __volatile__ (                               \
@@ -1272,7 +1272,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
                                           sp_int_digit d)
 {
     sp_int_digit r = 0;
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
     static const char debruijn32[32] = {
         0, 31, 9, 30, 3, 8, 13, 29, 2, 5, 7, 21, 12, 24, 28, 19,
         1, 10, 4, 14, 6, 22, 25, 20, 11, 15, 23, 26, 16, 27, 17, 18
@@ -1282,7 +1282,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
 
     __asm__ __volatile__ (
         /* Shift d so that top bit is set. */
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         "ldr	r4, %[m]\n\t"
         "mov	r5, %[d]\n\t"
         "orr	r5, r5, r5, lsr #1\n\t"
@@ -1291,8 +1291,8 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
         "orr	r5, r5, r5, lsr #8\n\t"
         "orr	r5, r5, r5, lsr #16\n\t"
         "add	r5, r5, #1\n\t"
-        "mul	r5, r5, r4\n\t"
-        "lsr	r5, r5, #27\n\t"
+        "mul	r6, r5, r4\n\t"
+        "lsr	r5, r6, #27\n\t"
         "ldrb	r5, [%[t], r5]\n\t"
 #else
         "clz	r5, %[d]\n\t"
@@ -1352,7 +1352,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
         "sbc	r8, r8, r8\n\t"
         "sub	%[r], %[r], r8\n\t"
         : [r] "+r" (r), [hi] "+r" (hi), [lo] "+r" (lo), [d] "+r" (d)
-#if defined(WOLFSSL_SP_ARM_ARCH) && (WOLFSSL_SP_ARM_ARCH < 7)
+#if defined(WOLFSSL_ARM_ARCH) && (WOLFSSL_ARM_ARCH < 7)
         : [t] "r" (debruijn32), [m] "m" (debruijn32_mul)
 #else
         :
@@ -4770,7 +4770,7 @@ WOLFSSL_LOCAL int sp_ModExp_4096(sp_int* base, sp_int* exp, sp_int* mod,
 
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
     defined(OPENSSL_ALL)
-static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp);
+static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct);
 #endif
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
     defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) || \
@@ -4780,7 +4780,7 @@ static void _sp_mont_setup(const sp_int* m, sp_int_digit* rho);
 
 /* Determine when mp_add_d is required. */
 #if !defined(NO_PWDBASED) || defined(WOLFSSL_KEY_GEN) || !defined(NO_DH) || \
-    !defined(NO_DSA) || \
+    !defined(NO_DSA) || defined(HAVE_ECC) || \
     (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
     defined(OPENSSL_EXTRA)
 #define WOLFSSL_SP_ADD_D
@@ -5128,10 +5128,10 @@ static void _sp_copy_2_ct(const sp_int* a1, const sp_int* a2, sp_int* r1,
 
     /* Copy data - constant time. */
     for (i = 0; i < used; i++) {
-        r1->dp[i] = (a1->dp[i] & ((sp_digit)wc_off_on_addr[y  ])) +
-                    (a2->dp[i] & ((sp_digit)wc_off_on_addr[y^1]));
-        r2->dp[i] = (a1->dp[i] & ((sp_digit)wc_off_on_addr[y^1])) +
-                    (a2->dp[i] & ((sp_digit)wc_off_on_addr[y  ]));
+        r1->dp[i] = (a1->dp[i] & ((sp_int_digit)wc_off_on_addr[y  ])) +
+                    (a2->dp[i] & ((sp_int_digit)wc_off_on_addr[y^1]));
+        r2->dp[i] = (a1->dp[i] & ((sp_int_digit)wc_off_on_addr[y^1])) +
+                    (a2->dp[i] & ((sp_int_digit)wc_off_on_addr[y  ]));
     }
     /* Copy used. */
     r1->used = (a1->used & ((int)wc_off_on_addr[y  ])) +
@@ -5233,50 +5233,69 @@ int sp_exch(sp_int* a, sp_int* b)
  * @param [in]  b     Second SP int to conditionally swap.
  * @param [in]  cnt   Count of words to copy.
  * @param [in]  swap  When value is 1 then swap.
+ * @param [in]  t     Temporary SP int to use in swap.
  * @return  MP_OKAY on success.
  * @return  MP_MEM when dynamic memory allocation fails.
  */
-int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
+int sp_cond_swap_ct_ex(sp_int* a, sp_int* b, int cnt, int swap, sp_int* t)
 {
     unsigned int i;
-    int err = MP_OKAY;
     sp_int_digit mask = (sp_int_digit)0 - (sp_int_digit)swap;
+
+    /* XOR other fields in sp_int into temp - mask set when swapping. */
+    t->used = (a->used ^ b->used) & (unsigned int)mask;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+    t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
+#endif
+
+    /* XOR requested words into temp - mask set when swapping. */
+    for (i = 0; i < (unsigned int)cnt; i++) {
+        t->dp[i] = (a->dp[i] ^ b->dp[i]) & mask;
+    }
+
+    /* XOR temporary - when mask set then result will be b. */
+    a->used ^= t->used;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+    a->sign ^= t->sign;
+#endif
+    for (i = 0; i < (unsigned int)cnt; i++) {
+        a->dp[i] ^= t->dp[i];
+    }
+
+    /* XOR temporary - when mask set then result will be a. */
+    b->used ^= t->used;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+    b->sign ^= b->sign;
+#endif
+    for (i = 0; i < (unsigned int)cnt; i++) {
+        b->dp[i] ^= t->dp[i];
+    }
+
+    return MP_OKAY;
+}
+
+/* Conditional swap of SP int values in constant time.
+ *
+ * @param [in]  a     First SP int to conditionally swap.
+ * @param [in]  b     Second SP int to conditionally swap.
+ * @param [in]  cnt   Count of words to copy.
+ * @param [in]  swap  When value is 1 then swap.
+ * @return  MP_OKAY on success.
+ * @return  MP_MEM when dynamic memory allocation fails.
+ */
+int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap)
+{
+    int err = MP_OKAY;
     DECL_SP_INT(t, (size_t)cnt);
 
     /* Allocate temporary to hold masked xor of a and b. */
     ALLOC_SP_INT(t, cnt, err, NULL);
-    if (err == MP_OKAY) {
-        /* XOR other fields in sp_int into temp - mask set when swapping. */
-        t->used = (a->used ^ b->used) & (unsigned int)mask;
-    #ifdef WOLFSSL_SP_INT_NEGATIVE
-        t->sign = (a->sign ^ b->sign) & (unsigned int)mask;
-    #endif
-
-        /* XOR requested words into temp - mask set when swapping. */
-        for (i = 0; i < (unsigned int)cnt; i++) {
-            t->dp[i] = (a->dp[i] ^ b->dp[i]) & mask;
-        }
-
-        /* XOR temporary - when mask set then result will be b. */
-        a->used ^= t->used;
-    #ifdef WOLFSSL_SP_INT_NEGATIVE
-        a->sign ^= t->sign;
-    #endif
-        for (i = 0; i < (unsigned int)cnt; i++) {
-            a->dp[i] ^= t->dp[i];
-        }
 
-        /* XOR temporary - when mask set then result will be a. */
-        b->used ^= t->used;
-    #ifdef WOLFSSL_SP_INT_NEGATIVE
-        b->sign ^= b->sign;
-    #endif
-        for (i = 0; i < (unsigned int)cnt; i++) {
-            b->dp[i] ^= t->dp[i];
-        }
+    if (err == MP_OKAY) {
+        err = sp_cond_swap_ct_ex(a, b, cnt, swap, t);
+        FREE_SP_INT(t, NULL);
     }
 
-    FREE_SP_INT(t, NULL);
     return err;
 }
 #endif /* HAVE_ECC && ECC_TIMING_RESISTANT && !WC_NO_CACHE_RESISTANT */
@@ -5308,8 +5327,8 @@ int sp_abs(const sp_int* a, sp_int* r)
     (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
 /* Compare absolute value of two multi-precision numbers.
  *
- * @param  [in]  a  SP integer.
- * @param  [in]  b  SP integer.
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
  *
  * @return  MP_GT when a is greater than b.
  * @return  MP_LT when a is less than b.
@@ -5354,8 +5373,8 @@ static int _sp_cmp_abs(const sp_int* a, const sp_int* b)
  *
  * Pointers are compared such that NULL is less than not NULL.
  *
- * @param  [in]  a  SP integer.
- * @param  [in]  b  SP integer.
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
  *
  * @return  MP_GT when a is greater than b.
  * @return  MP_LT when a is less than b.
@@ -5394,8 +5413,8 @@ int sp_cmp_mag(const sp_int* a, const sp_int* b)
  *
  * Assumes a and b are not NULL.
  *
- * @param  [in]  a  SP integer.
- * @param  [in]  a  SP integer.
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
  *
  * @return  MP_GT when a is greater than b.
  * @return  MP_LT when a is less than b.
@@ -5438,8 +5457,8 @@ static int _sp_cmp(const sp_int* a, const sp_int* b)
  *
  * Pointers are compared such that NULL is less than not NULL.
  *
- * @param  [in]  a  SP integer.
- * @param  [in]  a  SP integer.
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
  *
  * @return  MP_GT when a is greater than b.
  * @return  MP_LT when a is less than b.
@@ -5471,13 +5490,87 @@ int sp_cmp(const sp_int* a, const sp_int* b)
 }
 #endif
 
+#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
+    defined(WOLFSSL_ECC_GEN_REJECT_SAMPLING)
+/* Compare two multi-precision numbers in constant time.
+ *
+ * Assumes a and b are not NULL.
+ * Assumes a and b are positive.
+ *
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
+ * @param [in] n  Number of digits to compare.
+ *
+ * @return  MP_GT when a is greater than b.
+ * @return  MP_LT when a is less than b.
+ * @return  MP_EQ when a is equals b.
+ */
+static int _sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n)
+{
+    int ret = MP_EQ;
+    int i;
+    int mask = -1;
+
+    for (i = n - 1; i >= 0; i--) {
+        sp_int_digit ad = a->dp[i] & ((sp_int_digit)0 - (i < (int)a->used));
+        sp_int_digit bd = b->dp[i] & ((sp_int_digit)0 - (i < (int)b->used));
+
+        ret |= mask & ((0 - (ad < bd)) & MP_LT);
+        mask &= 0 - (ret == MP_EQ);
+        ret |= mask & ((0 - (ad > bd)) & MP_GT);
+        mask &= 0 - (ret == MP_EQ);
+    }
+
+    return ret;
+}
+
+/* Compare two multi-precision numbers in constant time.
+ *
+ * Pointers are compared such that NULL is less than not NULL.
+ * Assumes a and b are positive.
+ * Assumes a and b have n digits set at sometime.
+ *
+ * @param [in] a  SP integer.
+ * @param [in] b  SP integer.
+ * @param [in] n  Number of digits to compare.
+ *
+ * @return  MP_GT when a is greater than b.
+ * @return  MP_LT when a is less than b.
+ * @return  MP_EQ when a is equals b.
+ */
+int sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n)
+{
+    int ret;
+
+    /* Check pointers first. Both NULL returns equal. */
+    if (a == b) {
+        ret = MP_EQ;
+    }
+    /* Nothing is smaller than something. */
+    else if (a == NULL) {
+        ret = MP_LT;
+    }
+    /* Something is larger than nothing. */
+    else if (b == NULL) {
+        ret = MP_GT;
+    }
+    else
+    {
+        /* Compare values - a and b are not NULL. */
+        ret = _sp_cmp_ct(a, b, n);
+    }
+
+    return ret;
+}
+#endif /* HAVE_ECC && !WC_NO_RNG && WOLFSSL_ECC_GEN_REJECT_SAMPLING */
+
 /*************************
  * Bit check/set functions
  *************************/
 
 #if (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
-    (defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)) || \
-    defined(OPENSSL_EXTRA)
+    ((defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_SM2)) && \
+     defined(HAVE_ECC)) || defined(OPENSSL_EXTRA)
 /* Check if a bit is set
  *
  * When a is NULL, result is 0.
@@ -6327,7 +6420,7 @@ static WC_INLINE sp_int_digit sp_div_word(sp_int_digit hi, sp_int_digit lo,
         if (r > SP_HALF_MAX) {
             r = SP_HALF_MAX;
         }
-        /* Shift up result for trial division calucation. */
+        /* Shift up result for trial division calculation. */
         r <<= SP_HALF_SIZE;
         /* Calculate trial value. */
         trial = r * (sp_int_word)d;
@@ -6447,7 +6540,7 @@ static void _sp_div_3(const sp_int* a, sp_int* r, sp_int_digit* rem)
         }
         /* Sum digits of sum. */
         t = (t >> SP_WORD_SIZE) + (t & SP_MASK);
-        /* Get top digit after multipling by (2^SP_WORD_SIZE) / 3. */
+        /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 3. */
         tt = (sp_int_digit)((t * SP_DIV_3_CONST) >> SP_WORD_SIZE);
         /* Subtract trial division. */
         tr = (sp_int_digit)(t - (sp_int_word)tt * 3);
@@ -6479,7 +6572,7 @@ static void _sp_div_3(const sp_int* a, sp_int* r, sp_int_digit* rem)
     #ifndef SQR_MUL_ASM
             /* Combine remainder from last operation with this word. */
             t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
-            /* Get top digit after multipling by (2^SP_WORD_SIZE) / 3. */
+            /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 3. */
             tt = (sp_int_digit)((t * SP_DIV_3_CONST) >> SP_WORD_SIZE);
             /* Subtract trial division. */
             tr = (sp_int_digit)(t - (sp_int_word)tt * 3);
@@ -6540,7 +6633,7 @@ static void _sp_div_10(const sp_int* a, sp_int* r, sp_int_digit* rem)
     #ifndef SQR_MUL_ASM
             /* Combine remainder from last operation with this word. */
             t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
-            /* Get top digit after multipling by (2^SP_WORD_SIZE) / 10. */
+            /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 10. */
             tt = (sp_int_digit)((t * SP_DIV_10_CONST) >> SP_WORD_SIZE);
             /* Subtract trial division. */
             tr = (sp_int_digit)(t - (sp_int_word)tt * 10);
@@ -6566,7 +6659,7 @@ static void _sp_div_10(const sp_int* a, sp_int* r, sp_int_digit* rem)
     #ifndef SQR_MUL_ASM
             /* Combine remainder from last operation with this word. */
             t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
-            /* Get top digit after multipling by (2^SP_WORD_SIZE) / 10. */
+            /* Get top digit after multiplying by (2^SP_WORD_SIZE) / 10. */
             tt = (sp_int_digit)((t * SP_DIV_10_CONST) >> SP_WORD_SIZE);
             /* Subtract trial division. */
             tr = (sp_int_digit)(t - (sp_int_word)tt * 10);
@@ -6630,7 +6723,7 @@ static void _sp_div_small(const sp_int* a, sp_int_digit d, sp_int* r,
         #ifndef SQR_MUL_ASM
             /* Combine remainder from last operation with this word. */
             t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
-            /* Get top digit after multipling. */
+            /* Get top digit after multiplying. */
             tt = (sp_int_digit)((t * m) >> SP_WORD_SIZE);
             /* Subtract trial division. */
             tr = (sp_int_digit)t - (sp_int_digit)(tt * d);
@@ -6657,7 +6750,7 @@ static void _sp_div_small(const sp_int* a, sp_int_digit d, sp_int* r,
         #ifndef SQR_MUL_ASM
             /* Combine remainder from last operation with this word. */
             t = ((sp_int_word)tr << SP_WORD_SIZE) | a->dp[i];
-            /* Get top digit after multipling. */
+            /* Get top digit after multiplying. */
             tt = (sp_int_digit)((t * m) >> SP_WORD_SIZE);
             /* Subtract trial division. */
             tr = (sp_int_digit)t - (sp_int_digit)(tt * d);
@@ -7654,6 +7747,23 @@ int sp_submod(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
 }
 #endif /* WOLFSSL_SP_MATH_ALL */
 
+/* Constant time clamping/
+ *
+ * @param [in, out] a  SP integer to clamp.
+ */
+static void sp_clamp_ct(sp_int* a)
+{
+    int i;
+    unsigned int used = a->used;
+    unsigned int mask = (unsigned int)-1;
+
+    for (i = (int)a->used - 1; i >= 0; i--) {
+        used -= ((unsigned int)(a->dp[i] == 0)) & mask;
+        mask &= (unsigned int)0 - (a->dp[i] == 0);
+    }
+    a->used = used;
+}
+
 #if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
 /* Add two value and reduce: r = (a + b) % m
  *
@@ -7807,7 +7917,7 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
         r->sign = MP_ZPOS;
     #endif /* WOLFSSL_SP_INT_NEGATIVE */
         /* Remove leading zeros. */
-        sp_clamp(r);
+        sp_clamp_ct(r);
 
 #if 0
         sp_print(r, "rma");
@@ -7818,11 +7928,13 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
 }
 #endif /* WOLFSSL_SP_MATH_ALL && HAVE_ECC */
 
-#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
-/* Sub b from a and reduce: r = (a - b) % m
- * Result is always positive.
+#if (defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)) || \
+    (defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
+     defined(WOLFCRYPT_HAVE_ECCSI) || defined(WOLFCRYPT_HAVE_SAKKE) || \
+     defined(OPENSSL_ALL))
+/* Sub b from a modulo m: r = (a - b) % m
  *
- * r = a - b (mod m) - constant time (a < m and b < m, a, b and m are positive)
+ * Result is always positive.
  *
  * Assumes a, b, m and r are not NULL.
  * m and r must not be the same pointer.
@@ -7834,9 +7946,9 @@ int sp_addmod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
  *
  * @return  MP_OKAY on success.
  */
-int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
+static void _sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m,
+    unsigned int max, sp_int* r)
 {
-    int err = MP_OKAY;
 #ifndef SQR_MUL_ASM
     sp_int_sword w;
 #else
@@ -7849,6 +7961,106 @@ int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
     sp_int_digit mask_b = (sp_int_digit)-1;
     unsigned int i;
 
+    /* In constant time, subtract b from a putting result in r. */
+#ifndef SQR_MUL_ASM
+    w = 0;
+#else
+    l = 0;
+    h = 0;
+#endif
+    for (i = 0; i < max; i++) {
+        /* Values past 'used' are not initialized. */
+        mask_a += (i == a->used);
+        mask_b += (i == b->used);
+
+    #ifndef SQR_MUL_ASM
+        /* Add a to and subtract b from current value. */
+        w         += a->dp[i] & mask_a;
+        w         -= b->dp[i] & mask_b;
+        /* Store low digit in result. */
+        r->dp[i]   = (sp_int_digit)w;
+        /* Move high digit down. */
+        w        >>= DIGIT_BIT;
+    #else
+        /* Add a and subtract b from current value. */
+        t = a->dp[i] & mask_a;
+        SP_ASM_ADDC_REG(l, h, t);
+        t = b->dp[i] & mask_b;
+        SP_ASM_SUBB_REG(l, h, t);
+        /* Store low digit in result. */
+        r->dp[i] = l;
+        /* Move high digit down. */
+        l = h;
+        /* High digit is 0 when positive or -1 on negative. */
+        h = (sp_int_digit)0 - (l >> (SP_WORD_SIZE - 1));
+    #endif
+    }
+    /* When w is negative then we need to add modulus to make result
+     * positive. */
+#ifndef SQR_MUL_ASM
+    mask = (sp_int_digit)0 - (w < 0);
+#else
+    mask = h;
+#endif
+
+    /* Constant time, conditionally, add modulus to difference. */
+#ifndef SQR_MUL_ASM
+    w = 0;
+#else
+    l = 0;
+#endif
+    for (i = 0; i < m->used; i++) {
+    #ifndef SQR_MUL_ASM
+        /* Add result and conditionally modulus to current value. */
+        w         += r->dp[i];
+        w         += m->dp[i] & mask;
+        /* Store low digit in result. */
+        r->dp[i]   = (sp_int_digit)w;
+        /* Move high digit down. */
+        w        >>= DIGIT_BIT;
+    #else
+        h = 0;
+        /* Add result and conditionally modulus to current value. */
+        SP_ASM_ADDC(l, h, r->dp[i]);
+        t = m->dp[i] & mask;
+        SP_ASM_ADDC_REG(l, h, t);
+        /* Store low digit in result. */
+        r->dp[i] = l;
+        /* Move high digit down. */
+        l = h;
+    #endif
+    }
+    /* Result will always have digits equal to or less than those in
+     * modulus. */
+    r->used = i;
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+    r->sign = MP_ZPOS;
+#endif /* WOLFSSL_SP_INT_NEGATIVE */
+    /* Remove leading zeros. */
+    sp_clamp_ct(r);
+}
+#endif
+
+#if defined(WOLFSSL_SP_MATH_ALL) && defined(HAVE_ECC)
+/* Sub b from a modulo m: r = (a - b) % m
+ * Result is always positive.
+ *
+ * r = a - b (mod m) - constant time (a < m and b < m, a, b and m are positive)
+ *
+ * Assumes a, b, m and r are not NULL.
+ * m and r must not be the same pointer.
+ *
+ * @param  [in]   a  SP integer to subtract from
+ * @param  [in]   b  SP integer to subtract.
+ * @param  [in]   m  SP integer that is the modulus.
+ * @param  [out]  r  SP integer to hold result.
+ *
+ * @return  MP_OKAY on success.
+ */
+int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
+{
+    int err = MP_OKAY;
+
     /* Check result is as big as modulus plus one digit. */
     if (m->used > r->size) {
         err = MP_VAL;
@@ -7865,82 +8077,7 @@ int sp_submod_ct(const sp_int* a, const sp_int* b, const sp_int* m, sp_int* r)
         sp_print(m, "m");
 #endif
 
-        /* In constant time, subtract b from a putting result in r. */
-    #ifndef SQR_MUL_ASM
-        w = 0;
-    #else
-        l = 0;
-        h = 0;
-    #endif
-        for (i = 0; i < m->used; i++) {
-            /* Values past 'used' are not initialized. */
-            mask_a += (i == a->used);
-            mask_b += (i == b->used);
-
-        #ifndef SQR_MUL_ASM
-            /* Add a to and subtract b from current value. */
-            w         += a->dp[i] & mask_a;
-            w         -= b->dp[i] & mask_b;
-            /* Store low digit in result. */
-            r->dp[i]   = (sp_int_digit)w;
-            /* Move high digit down. */
-            w        >>= DIGIT_BIT;
-        #else
-            /* Add a and subtract b from current value. */
-            t = a->dp[i] & mask_a;
-            SP_ASM_ADDC_REG(l, h, t);
-            t = b->dp[i] & mask_b;
-            SP_ASM_SUBB_REG(l, h, t);
-            /* Store low digit in result. */
-            r->dp[i] = l;
-            /* Move high digit down. */
-            l = h;
-            /* High digit is 0 when positive or -1 on negative. */
-            h = (sp_int_digit)0 - (l >> (SP_WORD_SIZE - 1));
-        #endif
-        }
-        /* When w is negative then we need to add modulus to make result
-         * positive. */
-    #ifndef SQR_MUL_ASM
-        mask = (sp_int_digit)0 - (w < 0);
-    #else
-        mask = h;
-    #endif
-        /* Constant time, conditionally, add modulus to difference. */
-    #ifndef SQR_MUL_ASM
-        w = 0;
-    #else
-        l = 0;
-    #endif
-        for (i = 0; i < m->used; i++) {
-        #ifndef SQR_MUL_ASM
-            /* Add result and conditionally modulus to current value. */
-            w         += r->dp[i];
-            w         += m->dp[i] & mask;
-            /* Store low digit in result. */
-            r->dp[i]   = (sp_int_digit)w;
-            /* Move high digit down. */
-            w        >>= DIGIT_BIT;
-        #else
-            h = 0;
-            /* Add result and conditionally modulus to current value. */
-            SP_ASM_ADDC(l, h, r->dp[i]);
-            t = m->dp[i] & mask;
-            SP_ASM_ADDC_REG(l, h, t);
-            /* Store low digit in result. */
-            r->dp[i] = l;
-            /* Move high digit down. */
-            l = h;
-        #endif
-        }
-        /* Result will always have digits equal to or less than those in
-         * modulus. */
-        r->used = i;
-    #ifdef WOLFSSL_SP_INT_NEGATIVE
-        r->sign = MP_ZPOS;
-    #endif /* WOLFSSL_SP_INT_NEGATIVE */
-        /* Remove leading zeros. */
-        sp_clamp(r);
+        _sp_submod_ct(a, b, m, m->used, r);
 
 #if 0
         sp_print(r, "rms");
@@ -8725,9 +8862,9 @@ int sp_mod(const sp_int* a, const sp_int* m, sp_int* r)
  *
  * Optimised code for when number of digits in a and b are the same.
  *
- * @param  [in]   a    SP integer to mulitply.
- * @param  [in]   b    SP integer to mulitply by.
- * @param  [out]  r    SP integer to hod reult.
+ * @param  [in]   a    SP integer to multiply.
+ * @param  [in]   b    SP integer to multiply by.
+ * @param  [out]  r    SP integer to hold result.
  *
  * @return  MP_OKAY otherwise.
  * @return  MP_MEM when dynamic memory allocation fails.
@@ -8804,9 +8941,9 @@ static int _sp_mul_nxn(const sp_int* a, const sp_int* b, sp_int* r)
 
 /* Multiply a by b into r. r = a * b
  *
- * @param  [in]   a    SP integer to mulitply.
- * @param  [in]   b    SP integer to mulitply by.
- * @param  [out]  r    SP integer to hod reult.
+ * @param  [in]   a    SP integer to multiply.
+ * @param  [in]   b    SP integer to multiply by.
+ * @param  [out]  r    SP integer to hold result.
  *
  * @return  MP_OKAY otherwise.
  * @return  MP_MEM when dynamic memory allocation fails.
@@ -8882,9 +9019,9 @@ static int _sp_mul(const sp_int* a, const sp_int* b, sp_int* r)
 #else
 /* Multiply a by b into r. r = a * b
  *
- * @param  [in]   a    SP integer to mulitply.
- * @param  [in]   b    SP integer to mulitply by.
- * @param  [out]  r    SP integer to hod reult.
+ * @param  [in]   a    SP integer to multiply.
+ * @param  [in]   b    SP integer to multiply by.
+ * @param  [out]  r    SP integer to hold result.
  *
  * @return  MP_OKAY otherwise.
  * @return  MP_MEM when dynamic memory allocation fails.
@@ -12358,14 +12495,14 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
             _sp_init_size(pre[i], m->used * 2 + 1);
             err = sp_sqr(pre[i-1], pre[i]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(pre[i], m, mp);
+                err = _sp_mont_red(pre[i], m, mp, 0);
             }
             /* ..10 -> ..11 */
             if (err == MP_OKAY) {
                 err = sp_mul(pre[i], a, pre[i]);
             }
             if (err == MP_OKAY) {
-                err = _sp_mont_red(pre[i], m, mp);
+                err = _sp_mont_red(pre[i], m, mp, 0);
             }
         }
     }
@@ -12397,7 +12534,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
             int bit = sp_is_bit_set(e, (unsigned int)i);
 
             /* 6.2. j += bit
-             *      Update count of consequitive 1 bits.
+             *      Update count of consecutive 1 bits.
              */
             j += bit;
             /* 6.3. s += 1
@@ -12419,7 +12556,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
                     /* 6.4.2.1. t = (t ^ 2) mod m */
                     err = sp_sqr(t, t);
                     if (err == MP_OKAY) {
-                        err = _sp_mont_red(t, m, mp);
+                        err = _sp_mont_red(t, m, mp, 0);
                     }
                 }
                 /* 6.4.3. s = 1 - bit */
@@ -12430,7 +12567,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
                     err = sp_mul(t, pre[j-1], t);
                 }
                 if (err == MP_OKAY) {
-                    err = _sp_mont_red(t, m, mp);
+                    err = _sp_mont_red(t, m, mp, 0);
                 }
                 /* 6.4.5. j = 0
                  *        Reset number of 1 bits seen.
@@ -12446,7 +12583,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
             /* 7.1. t = (t ^ 2) mod m */
             err = sp_sqr(t, t);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t, m, mp);
+                err = _sp_mont_red(t, m, mp, 0);
             }
         }
     }
@@ -12455,7 +12592,7 @@ static int _sp_invmod_mont_ct(const sp_int* a, const sp_int* m, sp_int* r,
         if (j > 0) {
             err = sp_mul(t, pre[j-1], r);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(r, m, mp);
+                err = _sp_mont_red(r, m, mp, 0);
             }
         }
         /* 9. Else r = t */
@@ -12868,7 +13005,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
                      t[3]);
             err = sp_sqr(t[3], t[3]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[3], m, mp);
+                err = _sp_mont_red(t[3], m, mp, 0);
             }
             _sp_copy(t[3],
                      (sp_int*)(((size_t)t[0] & sp_off_on_addr[s^1]) +
@@ -12888,7 +13025,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
                          t[3]);
                 err = sp_mul(t[3], t[2], t[3]);
                 if (err == MP_OKAY) {
-                    err = _sp_mont_red(t[3], m, mp);
+                    err = _sp_mont_red(t[3], m, mp, 0);
                 }
                 _sp_copy(t[3],
                          (sp_int*)(((size_t)t[0] & sp_off_on_addr[j^1]) +
@@ -12897,7 +13034,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
         }
         if (err == MP_OKAY) {
             /* 7. t[1] = FromMont(t[1]) */
-            err = _sp_mont_red(t[1], m, mp);
+            err = _sp_mont_red(t[1], m, mp, 0);
             /* Reduction implementation returns number to range: 0..m-1. */
         }
     }
@@ -12998,7 +13135,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
             /* 4.2. t[2] = t[0] * t[1] */
             err = sp_mul(t[0], t[1], t[2]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[2], m, mp);
+                err = _sp_mont_red(t[2], m, mp, 0);
             }
             /* 4.3. t[3] = t[y] ^ 2 */
             if (err == MP_OKAY) {
@@ -13008,7 +13145,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
                 err = sp_sqr(t[3], t[3]);
             }
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[3], m, mp);
+                err = _sp_mont_red(t[3], m, mp, 0);
             }
             /* 4.4. t[y] = t[3], t[y^1] = t[2] */
             if (err == MP_OKAY) {
@@ -13018,7 +13155,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
 
         if (err == MP_OKAY) {
             /* 5. t[0] = FromMont(t[0]) */
-            err = _sp_mont_red(t[0], m, mp);
+            err = _sp_mont_red(t[0], m, mp, 0);
             /* Reduction implementation returns number to range: 0..m-1. */
         }
     }
@@ -13088,7 +13225,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
     DECL_SP_INT_ARRAY(t, m->used * 2 + 1, (1 << 6) + 1);
 
     /* Window bits based on number of pre-calculations versus number of loop
-     * calculcations.
+     * calculations.
      * Exponents for RSA and DH will result in 6-bit windows.
      */
     if (bits > 450) {
@@ -13170,7 +13307,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
             }
             /* Montgomery reduce square or multiplication result. */
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[i], m, mp);
+                err = _sp_mont_red(t[i], m, mp, 0);
             }
         }
 
@@ -13231,7 +13368,7 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
                 for (j = 0; (j < winBits) && (err == MP_OKAY); j++) {
                     err = sp_sqr(tr, tr);
                     if (err == MP_OKAY) {
-                        err = _sp_mont_red(tr, m, mp);
+                        err = _sp_mont_red(tr, m, mp, 0);
                     }
                 }
 
@@ -13240,14 +13377,14 @@ static int _sp_exptmod_mont_ex(const sp_int* b, const sp_int* e, int bits,
                     err = sp_mul(tr, t[y], tr);
                 }
                 if (err == MP_OKAY) {
-                    err = _sp_mont_red(tr, m, mp);
+                    err = _sp_mont_red(tr, m, mp, 0);
                 }
             }
         }
 
         if (err == MP_OKAY) {
             /* 7. tr = FromMont(tr) */
-            err = _sp_mont_red(tr, m, mp);
+            err = _sp_mont_red(tr, m, mp, 0);
             /* Reduction implementation returns number to range: 0..m-1. */
         }
     }
@@ -13456,7 +13593,7 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m,
             err = sp_sqr(tr, tr);
             if (err == MP_OKAY) {
                 if (useMont) {
-                    err = _sp_mont_red(tr, m, mp);
+                    err = _sp_mont_red(tr, m, mp, 0);
                 }
                 else {
                     err = sp_mod(tr, m, tr);
@@ -13482,7 +13619,7 @@ static int _sp_exptmod_base_2(const sp_int* e, int digits, const sp_int* m,
 
     /* 7. if Words(m) > 1 then tr = FromMont(tr) */
     if ((err == MP_OKAY) && useMont) {
-        err = _sp_mont_red(tr, m, mp);
+        err = _sp_mont_red(tr, m, mp, 0);
         /* Reduction implementation returns number to range: 0..m-1. */
     }
     if (err == MP_OKAY) {
@@ -13777,7 +13914,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
     bits = sp_count_bits(e);
 
     /* Window bits based on number of pre-calculations versus number of loop
-     * calculcations.
+     * calculations.
      * Exponents for RSA and DH will result in 6-bit windows.
      * Note: for 4096-bit values, 7-bit window is slightly better.
      */
@@ -13814,7 +13951,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
         tr = t[preCnt + 0];
         bm = t[preCnt + 1];
 
-        /* Iniitialize all allocated  */
+        /* Initialize all allocated  */
         for (i = 0; i < preCnt; i++) {
             _sp_init_size(t[i], m->used * 2 + 1);
         }
@@ -13861,7 +13998,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
         for (i = 1; (i < winBits) && (err == MP_OKAY); i++) {
             err = sp_sqr(t[0], t[0]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[0], m, mp);
+                err = _sp_mont_red(t[0], m, mp, 0);
             }
         }
         /* For each table entry after first. */
@@ -13869,7 +14006,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
             /* Multiply previous entry by the base in Mont form into table. */
             err = sp_mul(t[i-1], bm, t[i]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[i], m, mp);
+                err = _sp_mont_red(t[i], m, mp, 0);
             }
         }
 
@@ -13953,7 +14090,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                 for (; (err == MP_OKAY) && (sqrs > 0); sqrs--) {
                     err = sp_sqr(tr, tr);
                     if (err == MP_OKAY) {
-                        err = _sp_mont_red(tr, m, mp);
+                        err = _sp_mont_red(tr, m, mp, 0);
                     }
                 }
 
@@ -13962,7 +14099,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                     break;
                 }
 
-                /* 4.4. Get top window bits from expononent and drop. */
+                /* 4.4. Get top window bits from exponent and drop. */
                 if (err == MP_OKAY) {
                     if (c == 0) {
                         /* Bits from next digit. */
@@ -13994,7 +14131,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                     err = sp_mul(tr, t[y], tr);
                 }
                 if (err == MP_OKAY) {
-                    err = _sp_mont_red(tr, m, mp);
+                    err = _sp_mont_red(tr, m, mp, 0);
                 }
             }
 
@@ -14008,7 +14145,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                     /* 5.1. Montogmery square result */
                     err = sp_sqr(tr, tr);
                     if (err == MP_OKAY) {
-                        err = _sp_mont_red(tr, m, mp);
+                        err = _sp_mont_red(tr, m, mp, 0);
                     }
                     /* 5.2. If exponent bit set */
                     if ((err == MP_OKAY) && ((n >> c) & 1)) {
@@ -14017,7 +14154,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                          */
                         err = sp_mul(tr, bm, tr);
                         if (err == MP_OKAY) {
-                            err = _sp_mont_red(tr, m, mp);
+                            err = _sp_mont_red(tr, m, mp, 0);
                         }
                     }
                 }
@@ -14026,7 +14163,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
 
         if (err == MP_OKAY) {
             /* 6. Convert result back from Montgomery form. */
-            err = _sp_mont_red(tr, m, mp);
+            err = _sp_mont_red(tr, m, mp, 0);
             /* Reduction implementation returns number to range: 0..m-1. */
         }
     }
@@ -14122,7 +14259,7 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
             /* 3.1. Montgomery square result. */
             err = sp_sqr(t[0], t[0]);
             if (err == MP_OKAY) {
-                err = _sp_mont_red(t[0], m, mp);
+                err = _sp_mont_red(t[0], m, mp, 0);
             }
             if (err == MP_OKAY) {
                 /* Get bit and index i. */
@@ -14132,14 +14269,14 @@ static int _sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
                     /* 3.2.1. Montgomery multiply result by Mont of base. */
                     err = sp_mul(t[0], t[1], t[0]);
                     if (err == MP_OKAY) {
-                        err = _sp_mont_red(t[0], m, mp);
+                        err = _sp_mont_red(t[0], m, mp, 0);
                     }
                 }
             }
         }
         if (err == MP_OKAY) {
             /* 4. Convert from Montgomery form. */
-            err = _sp_mont_red(t[0], m, mp);
+            err = _sp_mont_red(t[0], m, mp, 0);
             /* Reduction implementation returns number of range 0..m-1. */
         }
     }
@@ -14294,7 +14431,8 @@ int sp_div_2d(const sp_int* a, int e, sp_int* r, sp_int* rem)
 }
 #endif /* WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY */
 
-#if defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)
+#if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
+    defined(HAVE_ECC)
 /* The bottom e bits: r = a & ((1 << e) - 1)
  *
  * @param  [in]   a  SP integer to reduce.
@@ -14364,7 +14502,7 @@ int sp_mod_2d(const sp_int* a, int e, sp_int* r)
 
     return err;
 }
-#endif /* WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY */
+#endif /* (WOLFSSL_SP_MATH_ALL && !WOLFSSL_RSA_VERIFY_ONLY)) || HAVE_ECC */
 
 #if (defined(WOLFSSL_SP_MATH_ALL) && (!defined(WOLFSSL_RSA_VERIFY_ONLY) || \
     !defined(NO_DH))) || defined(OPENSSL_ALL)
@@ -14575,9 +14713,15 @@ static int _sp_sqr(const sp_int* a, sp_int* r)
     }
 #endif
     if (err == MP_OKAY) {
+    #ifndef WOLFSSL_SP_INT_SQR_VOLATILE
         sp_int_word w;
         sp_int_word l;
         sp_int_word h;
+    #else
+        volatile sp_int_word w;
+        volatile sp_int_word l;
+        volatile sp_int_word h;
+    #endif
     #ifdef SP_WORD_OVERFLOW
         sp_int_word o;
     #endif
@@ -16970,10 +17114,11 @@ int sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r)
  * @param  [in,out]  a   SP integer to Montgomery reduce.
  * @param  [in]      m   SP integer that is the modulus.
  * @param  [in]      mp  SP integer digit that is the bottom digit of inv(-m).
+ * @param  [in]      ct  Indicates operation must be constant time.
  *
  * @return  MP_OKAY on success.
  */
-static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
+static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
 {
 #if !defined(SQR_MUL_ASM)
     unsigned int i;
@@ -16990,8 +17135,17 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
     bits = sp_count_bits(m);
 
     /* Adding numbers into m->used * 2 digits - zero out unused digits. */
-    for (i = a->used; i < m->used * 2; i++) {
-        a->dp[i] = 0;
+    if (!ct) {
+        for (i = a->used; i < m->used * 2; i++) {
+            a->dp[i] = 0;
+        }
+    }
+    else {
+        for (i = 0; i < m->used * 2; i++) {
+            a->dp[i] &=
+                (sp_int_digit)
+                (sp_int_sdigit)ctMaskIntGTE((int)(a->used-1), (int)i);
+        }
     }
 
     /* Special case when modulus is 1 digit or less. */
@@ -17062,16 +17216,29 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
         a->used = m->used * 2 + 1;
     }
 
-    /* Remove leading zeros. */
-    sp_clamp(a);
-    /* 3. a >>= NumBits(m) */
-    (void)sp_rshb(a, bits, a);
+    if (!ct) {
+        /* Remove leading zeros. */
+        sp_clamp(a);
+        /* 3. a >>= NumBits(m) */
+        (void)sp_rshb(a, bits, a);
+        /* 4. a = a mod m */
+        if (_sp_cmp_abs(a, m) != MP_LT) {
+            _sp_sub_off(a, m, a, 0);
+        }
+    }
+    else {
+        /* 3. a >>= NumBits(m) */
+        (void)sp_rshb(a, bits, a);
+        /* Constant time clamping. */
+        sp_clamp_ct(a);
 
-    /* 4. a = a mod m */
-    if (_sp_cmp_abs(a, m) != MP_LT) {
-        _sp_sub_off(a, m, a, 0);
+        /* 4. a = a mod m
+         * Always subtract but at a too high offset if a is less than m.
+         */
+        _sp_submod_ct(a, m, m, m->used + 1, a);
     }
 
+
 #if 0
     sp_print(a, "rr");
 #endif
@@ -17093,8 +17260,17 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
     bits = sp_count_bits(m);
     mask = ((sp_int_digit)1 << (bits & (SP_WORD_SIZE - 1))) - 1;
 
-    for (i = a->used; i < m->used * 2; i++) {
-        a->dp[i] = 0;
+    if (!ct) {
+        for (i = a->used; i < m->used * 2; i++) {
+            a->dp[i] = 0;
+        }
+    }
+    else {
+        for (i = 0; i < m->used * 2; i++) {
+            a->dp[i] &=
+                (sp_int_digit)
+                (sp_int_sdigit)ctMaskIntGTE((int)(a->used-1), (int)i);
+        }
     }
 
     if (m->used <= 1) {
@@ -17373,13 +17549,21 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
         a->used = m->used * 2 + 1;
     }
 
-    /* Remove leading zeros. */
-    sp_clamp(a);
-    (void)sp_rshb(a, bits, a);
+    if (!ct) {
+        /* Remove leading zeros. */
+        sp_clamp(a);
+        (void)sp_rshb(a, bits, a);
+        /* a = a mod m */
+        if (_sp_cmp_abs(a, m) != MP_LT) {
+            _sp_sub_off(a, m, a, 0);
+        }
+    }
+    else {
+        (void)sp_rshb(a, bits, a);
+        /* Constant time clamping. */
+        sp_clamp_ct(a);
 
-    /* a = a mod m */
-    if (_sp_cmp_abs(a, m) != MP_LT) {
-        _sp_sub_off(a, m, a, 0);
+        _sp_submod_ct(a, m, m, m->used + 1, a);
     }
 
 #if 0
@@ -17397,11 +17581,12 @@ static int _sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
  * @param  [in,out]  a   SP integer to Montgomery reduce.
  * @param  [in]      m   SP integer that is the modulus.
  * @param  [in]      mp  SP integer digit that is the bottom digit of inv(-m).
+ * @param  [in]      ct  Indicates operation must be constant time.
  *
  * @return  MP_OKAY on success.
  * @return  MP_VAL when a or m is NULL or m is zero.
  */
-int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
+int sp_mont_red_ex(sp_int* a, const sp_int* m, sp_int_digit mp, int ct)
 {
     int err;
 
@@ -17409,13 +17594,18 @@ int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp)
     if ((a == NULL) || (m == NULL) || sp_iszero(m)) {
         err = MP_VAL;
     }
+#ifdef WOLFSSL_SP_INT_NEGATIVE
+    else if ((a->sign == MP_NEG) || (m->sign == MP_NEG)) {
+        err = MP_VAL;
+    }
+#endif
     /* Ensure a has enough space for calculation. */
     else if (a->size < m->used * 2 + 1) {
         err = MP_VAL;
     }
     else {
         /* Perform Montogomery Reduction. */
-        err = _sp_mont_red(a, m, mp);
+        err = _sp_mont_red(a, m, mp, ct);
     }
 
     return err;
@@ -17598,7 +17788,7 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
         a->used = (inSz + SP_WORD_SIZEOF - 1) / SP_WORD_SIZEOF;
 
     #if defined(BIG_ENDIAN_ORDER) && !defined(WOLFSSL_SP_INT_DIGIT_ALIGN)
-        /* Data endian matches respresentation of number.
+        /* Data endian matches representation of number.
          * Directly copy if we don't have alignment issues.
          */
         for (i = (int)(inSz-1); i > SP_WORD_SIZEOF-1; i -= SP_WORD_SIZEOF) {
@@ -17660,7 +17850,7 @@ int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz)
     #endif /* LITTLE_ENDIAN_ORDER */
         }
 #endif
-        sp_clamp(a);
+        sp_clamp_ct(a);
     }
 
     return err;
@@ -17755,6 +17945,73 @@ int sp_to_unsigned_bin_len(const sp_int* a, byte* out, int outSz)
     return err;
 }
 
+/* Convert the multi-precision number to an array of bytes in big-endian format.
+ *
+ * Constant-time implementation.
+ *
+ * The array must be large enough for encoded number - use mp_unsigned_bin_size
+ * to calculate the number of bytes required.
+ * Front-pads the output array with zeros to make number the size of the array.
+ *
+ * @param  [in]   a      SP integer.
+ * @param  [out]  out    Array to put encoding into.
+ * @param  [in]   outSz  Size of the array in bytes.
+ *
+ * @return  MP_OKAY on success.
+ * @return  MP_VAL when a or out is NULL.
+ */
+int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz)
+{
+    int err = MP_OKAY;
+
+    /* Validate parameters. */
+    if ((a == NULL) || (out == NULL) || (outSz < 0)) {
+        err = MP_VAL;
+    }
+
+#if SP_WORD_SIZE > 8
+    if (err == MP_OKAY) {
+        /* Start at the end of the buffer - least significant byte. */
+        int j;
+        unsigned int i;
+        sp_int_digit mask = (sp_int_digit)-1;
+        sp_int_digit d;
+
+        /* Put each digit in. */
+        i = 0;
+        for (j = outSz - 1; j >= 0; ) {
+            int b;
+            d = a->dp[i];
+            /* Place each byte of a digit into the buffer. */
+            for (b = 0; (j >= 0) && (b < SP_WORD_SIZEOF); b++) {
+                out[j--] = (byte)(d & mask);
+                d >>= 8;
+            }
+            mask &= (sp_int_digit)0 - (i < a->used - 1);
+            i += (unsigned int)(1 & mask);
+        }
+    }
+#else
+    if ((err == MP_OKAY) && ((unsigned int)outSz < a->used)) {
+        err = MP_VAL;
+    }
+    if (err == MP_OKAY) {
+        unsigned int i;
+        int j;
+        sp_int_digit mask = (sp_int_digit)-1;
+
+        i = 0;
+        for (j = outSz - 1; j >= 0; j--) {
+            out[j] = a->dp[i] & mask;
+            mask &= (sp_int_digit)0 - (i < a->used - 1);
+            i += (unsigned int)(1 & mask);
+        }
+    }
+#endif
+
+    return err;
+}
+
 #if defined(WOLFSSL_SP_MATH_ALL) && !defined(NO_RSA) && \
     !defined(WOLFSSL_RSA_VERIFY_ONLY)
 /* Store the number in big-endian format in array at an offset.
@@ -17882,7 +18139,7 @@ static int _sp_read_radix_10(sp_int* a, const char* in)
         ch = in[i];
         /* Check character is valid. */
         if ((ch >= '0') && (ch <= '9')) {
-            /* Assume '0'..'9' are continuous valus as characters. */
+            /* Assume '0'..'9' are continuous values as characters. */
             ch -= '0';
         }
         else {
@@ -18476,7 +18733,7 @@ int sp_rand_prime(sp_int* r, int len, WC_RNG* rng, void* heap)
  *
  * @param  [in]   a       SP integer to check.
  * @param  [in]   b       SP integer that is a small prime.
- * @param  [out]  result  MP_YES when number is likey prime.
+ * @param  [out]  result  MP_YES when number is likely prime.
  *                        MP_NO otherwise.
  * @param  [in]   n1      SP integer temporary.
  * @param  [in]   r       SP integer temporary.
@@ -19006,7 +19263,7 @@ int sp_prime_is_prime_ex(const sp_int* a, int trials, int* result, WC_RNG* rng)
  *
  * a and b are positive integers.
  *
- * Euclidian Algorithm:
+ * Euclidean Algorithm:
  *  1. If a > b then a = b, b = a
  *  2. u = a
  *  3. v = b % a
@@ -19319,7 +19576,7 @@ word32 CheckRunTimeFastMath(void)
  */
 void sp_memzero_add(const char* name, sp_int* sp)
 {
-    wc_MemZero_Add(name, sp->dp, sp->size * sizeof(sp_digit));
+    wc_MemZero_Add(name, sp->dp, sp->size * sizeof(sp_int_digit));
 }
 
 /* Check the memory in the data pointer for memory that must be zero.
@@ -19328,7 +19585,7 @@ void sp_memzero_add(const char* name, sp_int* sp)
  */
 void sp_memzero_check(sp_int* sp)
 {
-    wc_MemZero_Check(sp->dp, sp->size * sizeof(sp_digit));
+    wc_MemZero_Check(sp->dp, sp->size * sizeof(sp_int_digit));
 }
 #endif /* WOLFSSL_CHECK_MEM_ZERO */
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c
new file mode 100644
index 00000000..211b1439
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm32.c
@@ -0,0 +1,33 @@
+/* sp_sm2_arm32.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c
new file mode 100644
index 00000000..5c84948a
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_arm64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_arm64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c
new file mode 100644
index 00000000..5d26e27b
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_armthumb.c
@@ -0,0 +1,33 @@
+/* sp_sm2_armthumb.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c
new file mode 100644
index 00000000..41c40d1e
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c32.c
@@ -0,0 +1,33 @@
+/* sp_sm2_c32.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c
new file mode 100644
index 00000000..ee380165
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_c64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_c64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c
new file mode 100644
index 00000000..3bda85f0
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_cortexm.c
@@ -0,0 +1,33 @@
+/* sp_sm2_cortexm.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c
new file mode 100644
index 00000000..f73e4083
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64.c
@@ -0,0 +1,33 @@
+/* sp_sm2_x86_64.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S
new file mode 100644
index 00000000..6ddc3c77
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_sm2_x86_64_asm.S
@@ -0,0 +1,33 @@
+/* sp_sm2_x86_64_asm.S
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include <config.h>
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_SM2
+
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
+
+#endif
+
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
index 862d1731..990a999c 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64.c
@@ -52,6 +52,16 @@
 
 #include <wolfssl/wolfcrypt/sp.h>
 
+#ifdef __IAR_SYSTEMS_ICC__
+#define __asm__        asm
+#define __volatile__   volatile
+#define WOLFSSL_NO_VAR_ASSIGN_REG
+#endif /* __IAR_SYSTEMS_ICC__ */
+#ifdef __KEIL__
+#define __asm__        __asm
+#define __volatile__   volatile
+#endif
+
 #ifdef WOLFSSL_SP_X86_64_ASM
 #define SP_PRINT_NUM(var, name, total, words, bits)         \
     do {                                                    \
@@ -116,14 +126,14 @@ static void sp_2048_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -334,7 +344,7 @@ extern sp_digit sp_2048_sub_in_place_16(sp_digit* a, const sp_digit* b);
 #endif
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -400,7 +410,7 @@ extern void sp_2048_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -414,7 +424,7 @@ SP_NOINLINE static void sp_2048_mont_mul_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -823,7 +833,7 @@ extern void sp_2048_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -839,7 +849,7 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -1091,7 +1101,7 @@ extern void sp_2048_mont_reduce_32(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1105,7 +1115,7 @@ SP_NOINLINE static void sp_2048_mont_mul_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -1636,7 +1646,7 @@ extern void sp_2048_mont_reduce_avx2_32(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -1652,7 +1662,7 @@ SP_NOINLINE static void sp_2048_mont_mul_avx2_32(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_2048_mont_sqr_avx2_32(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -1919,9 +1929,9 @@ int sp_RsaPublic_2048(const byte* in, word32 inLen, const mp_int* em,
 #else
     sp_digit a[32 * 5];
 #endif
-    sp_digit* ah;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* ah = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     sp_digit  e = 0;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -2130,9 +2140,9 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit d[32 * 4];
 #endif
-    sp_digit* a;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* a = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     int err = MP_OKAY;
 
     ASSERT_SAVED_VECTOR_REGISTERS();
@@ -2243,14 +2253,14 @@ int sp_RsaPrivate_2048(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit a[16 * 11];
 #endif
-    sp_digit* p;
-    sp_digit* q;
-    sp_digit* dp;
-    sp_digit* dq;
-    sp_digit* qi;
-    sp_digit* tmpa;
-    sp_digit* tmpb;
-    sp_digit* r;
+    sp_digit* p = NULL;
+    sp_digit* q = NULL;
+    sp_digit* dp = NULL;
+    sp_digit* dq = NULL;
+    sp_digit* qi = NULL;
+    sp_digit* tmpa = NULL;
+    sp_digit* tmpb = NULL;
+    sp_digit* r = NULL;
     sp_digit c;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -3079,14 +3089,14 @@ static void sp_3072_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -3336,7 +3346,7 @@ extern void sp_3072_sqr_avx2_48(sp_digit* r, const sp_digit* a);
 #if (defined(WOLFSSL_HAVE_SP_RSA) && !defined(WOLFSSL_RSA_PUBLIC_ONLY)) || defined(WOLFSSL_HAVE_SP_DH)
 #endif /* (WOLFSSL_HAVE_SP_RSA & !WOLFSSL_RSA_PUBLIC_ONLY) | WOLFSSL_HAVE_SP_DH */
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -3402,7 +3412,7 @@ extern void sp_3072_mont_reduce_24(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3416,7 +3426,7 @@ SP_NOINLINE static void sp_3072_mont_mul_24(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_24(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -3825,7 +3835,7 @@ extern void sp_3072_mont_reduce_avx2_24(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -3841,7 +3851,7 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_24(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_avx2_24(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -4093,7 +4103,7 @@ extern void sp_3072_mont_reduce_48(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4107,7 +4117,7 @@ SP_NOINLINE static void sp_3072_mont_mul_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -4586,7 +4596,7 @@ extern void sp_3072_mont_reduce_avx2_48(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -4602,7 +4612,7 @@ SP_NOINLINE static void sp_3072_mont_mul_avx2_48(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_3072_mont_sqr_avx2_48(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -4817,9 +4827,9 @@ int sp_RsaPublic_3072(const byte* in, word32 inLen, const mp_int* em,
 #else
     sp_digit a[48 * 5];
 #endif
-    sp_digit* ah;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* ah = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     sp_digit  e = 0;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -5028,9 +5038,9 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit d[48 * 4];
 #endif
-    sp_digit* a;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* a = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     int err = MP_OKAY;
 
     ASSERT_SAVED_VECTOR_REGISTERS();
@@ -5141,14 +5151,14 @@ int sp_RsaPrivate_3072(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit a[24 * 11];
 #endif
-    sp_digit* p;
-    sp_digit* q;
-    sp_digit* dp;
-    sp_digit* dq;
-    sp_digit* qi;
-    sp_digit* tmpa;
-    sp_digit* tmpb;
-    sp_digit* r;
+    sp_digit* p = NULL;
+    sp_digit* q = NULL;
+    sp_digit* dp = NULL;
+    sp_digit* dq = NULL;
+    sp_digit* qi = NULL;
+    sp_digit* tmpa = NULL;
+    sp_digit* tmpb = NULL;
+    sp_digit* r = NULL;
     sp_digit c;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -5977,14 +5987,14 @@ static void sp_4096_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -6150,7 +6160,7 @@ extern void sp_4096_sqr_avx2_64(sp_digit* r, const sp_digit* a);
 }
 #endif
 
-/* Caclulate the bottom digit of -1/a mod 2^n.
+/* Calculate the bottom digit of -1/a mod 2^n.
  *
  * a    A single precision number.
  * rho  Bottom word of inverse.
@@ -6217,7 +6227,7 @@ extern void sp_4096_mont_reduce_64(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6231,7 +6241,7 @@ SP_NOINLINE static void sp_4096_mont_mul_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -6710,7 +6720,7 @@ extern void sp_4096_mont_reduce_avx2_64(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -6726,7 +6736,7 @@ SP_NOINLINE static void sp_4096_mont_mul_avx2_64(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_4096_mont_sqr_avx2_64(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -6941,9 +6951,9 @@ int sp_RsaPublic_4096(const byte* in, word32 inLen, const mp_int* em,
 #else
     sp_digit a[64 * 5];
 #endif
-    sp_digit* ah;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* ah = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     sp_digit  e = 0;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -7152,9 +7162,9 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit d[64 * 4];
 #endif
-    sp_digit* a;
-    sp_digit* m;
-    sp_digit* r;
+    sp_digit* a = NULL;
+    sp_digit* m = NULL;
+    sp_digit* r = NULL;
     int err = MP_OKAY;
 
     ASSERT_SAVED_VECTOR_REGISTERS();
@@ -7265,14 +7275,14 @@ int sp_RsaPrivate_4096(const byte* in, word32 inLen, const mp_int* dm,
 #else
     sp_digit a[32 * 11];
 #endif
-    sp_digit* p;
-    sp_digit* q;
-    sp_digit* dp;
-    sp_digit* dq;
-    sp_digit* qi;
-    sp_digit* tmpa;
-    sp_digit* tmpb;
-    sp_digit* r;
+    sp_digit* p = NULL;
+    sp_digit* q = NULL;
+    sp_digit* dp = NULL;
+    sp_digit* dq = NULL;
+    sp_digit* qi = NULL;
+    sp_digit* tmpa = NULL;
+    sp_digit* tmpb = NULL;
+    sp_digit* r = NULL;
     sp_digit c;
     int err = MP_OKAY;
 #ifdef HAVE_INTEL_AVX2
@@ -8184,14 +8194,14 @@ static void sp_256_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -8397,10 +8407,10 @@ extern void sp_256_mont_sqr_4(sp_digit* r, const sp_digit* a, const sp_digit* m,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_4(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_4(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_4(r, a, m, mp);
     for (; n > 1; n--) {
@@ -8591,14 +8601,14 @@ extern void sp_256_mont_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b,
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_256_mont_sub_lower_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
+extern void sp_256_mont_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_256_div2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_256_mont_rsb_sub_dbl_4(sp_digit* r, const sp_digit* a, sp_digit* b, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -8646,17 +8656,14 @@ static void sp_256_proj_point_dbl_4(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_4(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_4(t2, t2, p256_mod);
+    sp_256_mont_div2_4(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_4(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
     sp_256_mont_sqr_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_4(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_4(x, x, y, p256_mod);
+    /* X = X - 2*Y */
     /* Y = Y - X */
-    sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+    sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_4(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -8679,7 +8686,8 @@ typedef struct sp_256_proj_point_dbl_4_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_4_ctx* ctx = (sp_256_proj_point_dbl_4_ctx*)sp_ctx->data;
@@ -8753,7 +8761,7 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_4(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_4(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -8767,18 +8775,15 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
         ctx->state = 14;
         break;
     case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* X = X - 2*Y */
+        /* Y = Y - X */
+        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 15;
         break;
     case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 16;
         break;
     case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -8803,27 +8808,6 @@ static int sp_256_proj_point_dbl_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_tpl_lower_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_sub_dbl_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_256_mont_dbl_sub_4(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -8861,15 +8845,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+        sp_256_mont_tpl_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
         /* X = A^2 - 2B */
         sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -8889,15 +8873,15 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+    sp_256_mont_tpl_4(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
     /* X = A^2 - 2B */
     sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+    sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+    sp_256_mont_dbl_4(b, b, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_4(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -8907,7 +8891,7 @@ static void sp_256_proj_point_dbl_n_4(sp_point_256* p, int i,
     sp_256_mont_sub_4(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_4(y, y, p256_mod);
+    sp_256_mont_div2_4(y, y, p256_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -8945,12 +8929,12 @@ static int sp_256_iszero_4(const sp_digit* a)
 static void sp_256_proj_point_add_4(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*4;
+    sp_digit* t2 = t + 4*4;
+    sp_digit* t3 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
+    sp_digit* t5 = t + 10*4;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -8972,17 +8956,9 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
         sp_256_proj_point_dbl_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_4(t2, t2, t1, p256_mod);
@@ -8998,22 +8974,32 @@ static void sp_256_proj_point_add_4(sp_point_256* r,
         sp_256_mont_sqr_4(x, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(x, x, t5, p256_mod);
         sp_256_mont_mul_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, y, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_4(y, y, x, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, y, p256_mod);
         sp_256_mont_mul_4(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(y, y, t5, p256_mod);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -9059,12 +9045,12 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->t3 = t + 4*4;
-        ctx->t4 = t + 6*4;
-        ctx->t5 = t + 8*4;
-        ctx->t6 = t + 10*4;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*4;
+        ctx->t2 = t + 4*4;
+        ctx->t3 = t + 6*4;
+        ctx->t4 = t + 8*4;
+        ctx->t5 = t + 10*4;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -9165,12 +9151,11 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         ctx->state = 20;
         break;
     case 20:
-        sp_256_mont_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+        sp_256_mont_rsb_sub_dbl_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 21;
         break;
     case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -9183,22 +9168,28 @@ static int sp_256_proj_point_add_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -9256,16 +9247,16 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_4(a, t1, p256_mod);
+        sp_256_mont_tpl_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_4(b, t1, x, p256_mod, p256_mp_mod);
         x = r[j].x;
         /* X = A^2 - 2B */
         sp_256_mont_sqr_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_4(r[j].z, z, y, p256_mod, p256_mp_mod);
         z = r[j].z;
@@ -9279,7 +9270,7 @@ static void sp_256_proj_point_dbl_n_store_4(sp_point_256* r,
         sp_256_mont_mul_4(y, b, a, p256_mod, p256_mp_mod);
         sp_256_mont_sub_4(y, y, t1, p256_mod);
         /* Y = Y/2 */
-        sp_256_div2_4(r[j].y, y, p256_mod);
+        sp_256_mont_div2_4(r[j].y, y, p256_mod);
         r[j].infinity = 0;
     }
 }
@@ -9353,8 +9344,8 @@ static void sp_256_proj_point_add_sub_4(sp_point_256* ra,
     sp_256_mont_sub_4(xs, xs, t1, p256_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_lower_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_lower_4(ya, ya, xa, p256_mod);
+    sp_256_mont_sub_4(ys, ya, xs, p256_mod);
+    sp_256_mont_sub_4(ya, ya, xa, p256_mod);
     sp_256_mont_mul_4(ya, ya, t4, p256_mod, p256_mp_mod);
     sp_256_sub_4(t6, p256_mod, t6);
     sp_256_mont_mul_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -9488,7 +9479,7 @@ static int sp_256_ecc_mulmod_win_add_sub_4(sp_point_256* r, const sp_point_256*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 
+    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -9616,10 +9607,10 @@ extern void sp_256_mont_sqr_avx2_4(sp_digit* r, const sp_digit* a, const sp_digi
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_256_mont_sqr_n_avx2_4(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_256_mont_sqr_n_avx2_4(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_256_mont_sqr_avx2_4(r, a, m, mp);
     for (; n > 1; n--) {
@@ -9709,7 +9700,7 @@ extern sp_digit sp_256_cond_sub_avx2_4(sp_digit* r, const sp_digit* a, const sp_
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_256_mont_reduce_avx2_order_4(sp_digit* a, const sp_digit* m, sp_digit mp);
+extern void sp_256_mont_reduce_order_avx2_4(sp_digit* a, const sp_digit* m, sp_digit mp);
 #ifdef __cplusplus
 }
 #endif
@@ -9757,14 +9748,14 @@ static void sp_256_map_avx2_4(sp_point_256* r, const sp_point_256* p,
 #define sp_256_mont_dbl_avx2_4 sp_256_mont_dbl_4
 #define sp_256_mont_tpl_avx2_4 sp_256_mont_tpl_4
 #define sp_256_mont_sub_avx2_4 sp_256_mont_sub_4
-#define sp_256_mont_sub_lower_avx2_4 sp_256_mont_sub_lower_4
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_256_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_256_mont_div2_avx2_4(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
+#define sp_256_mont_rsb_sub_dbl_avx2_4 sp_256_mont_rsb_sub_dbl_4
 /* Double the Montgomery form projective point p.
  *
  * r  Result of doubling point.
@@ -9809,17 +9800,14 @@ static void sp_256_proj_point_dbl_avx2_4(sp_point_256* r, const sp_point_256* p,
     /* T2 = Y * Y */
     sp_256_mont_sqr_avx2_4(t2, y, p256_mod, p256_mp_mod);
     /* T2 = T2/2 */
-    sp_256_div2_avx2_4(t2, t2, p256_mod);
+    sp_256_mont_div2_avx2_4(t2, t2, p256_mod);
     /* Y = Y * X */
     sp_256_mont_mul_avx2_4(y, y, p->x, p256_mod, p256_mp_mod);
     /* X = T1 * T1 */
     sp_256_mont_sqr_avx2_4(x, t1, p256_mod, p256_mp_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_avx2_4(x, x, y, p256_mod);
-    /* X = X - Y */
-    sp_256_mont_sub_avx2_4(x, x, y, p256_mod);
+    /* X = X - 2*Y */
     /* Y = Y - X */
-    sp_256_mont_sub_lower_avx2_4(y, y, x, p256_mod);
+    sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
     /* Y = Y * T1 */
     sp_256_mont_mul_avx2_4(y, y, t1, p256_mod, p256_mp_mod);
     /* Y = Y - T2 */
@@ -9842,7 +9830,8 @@ typedef struct sp_256_proj_point_dbl_avx2_4_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r, const sp_point_256* p, sp_digit* t)
+static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r,
+        const sp_point_256* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_256_proj_point_dbl_avx2_4_ctx* ctx = (sp_256_proj_point_dbl_avx2_4_ctx*)sp_ctx->data;
@@ -9916,7 +9905,7 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_256_div2_avx2_4(ctx->t2, ctx->t2, p256_mod);
+        sp_256_mont_div2_avx2_4(ctx->t2, ctx->t2, p256_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -9930,18 +9919,15 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
         ctx->state = 14;
         break;
     case 14:
-        /* X = X - Y */
-        sp_256_mont_sub_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* X = X - 2*Y */
+        /* Y = Y - X */
+        sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 15;
         break;
     case 15:
-        /* X = X - Y */
-        sp_256_mont_sub_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 16;
         break;
     case 16:
-        /* Y = Y - X */
-        sp_256_mont_sub_lower_avx2_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -9966,9 +9952,6 @@ static int sp_256_proj_point_dbl_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_256_mont_tpl_lower_avx2_4 sp_256_mont_tpl_lower_4
-#define sp_256_mont_sub_dbl_avx2_4 sp_256_mont_sub_dbl_4
-#define sp_256_mont_dbl_sub_avx2_4 sp_256_mont_dbl_sub_4
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -10006,15 +9989,15 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+        sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
         /* X = A^2 - 2B */
         sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_avx2_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
         /* t1 = Y^4 */
@@ -10034,15 +10017,15 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
     /* A = 3*(X^2 - W) */
     sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
     sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-    sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+    sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
     /* B = X*Y^2 */
     sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
     sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
     /* X = A^2 - 2B */
     sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-    sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+    sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
     /* B = 2.(B - X) */
-    sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+    sp_256_mont_dbl_avx2_4(b, b, p256_mod);
     /* Z = Z*Y */
     sp_256_mont_mul_avx2_4(z, z, y, p256_mod, p256_mp_mod);
     /* t1 = Y^4 */
@@ -10052,7 +10035,7 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
     sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_256_div2_avx2_4(y, y, p256_mod);
+    sp_256_mont_div2_avx2_4(y, y, p256_mod);
 }
 
 
@@ -10066,12 +10049,12 @@ static void sp_256_proj_point_dbl_n_avx2_4(sp_point_256* p, int i,
 static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
         const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*4;
+    sp_digit* t2 = t + 4*4;
+    sp_digit* t3 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
+    sp_digit* t5 = t + 10*4;
 
     /* U1 = X1*Z2^2 */
     sp_256_mont_sqr_avx2_4(t1, q->z, p256_mod, p256_mp_mod);
@@ -10093,17 +10076,9 @@ static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
         sp_256_proj_point_dbl_avx2_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
@@ -10119,22 +10094,32 @@ static void sp_256_proj_point_add_avx2_4(sp_point_256* r,
         sp_256_mont_sqr_avx2_4(x, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_avx2_4(x, x, t5, p256_mod);
         sp_256_mont_mul_avx2_4(t5, t5, t3, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_avx2_4(x, x, y, p256_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_avx2_4(y, y, x, p256_mod);
+        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, y, p256_mod);
         sp_256_mont_mul_avx2_4(y, y, t4, p256_mod, p256_mp_mod);
         sp_256_mont_sub_avx2_4(y, y, t5, p256_mod);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -10180,12 +10165,12 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*4;
-        ctx->t3 = t + 4*4;
-        ctx->t4 = t + 6*4;
-        ctx->t5 = t + 8*4;
-        ctx->t6 = t + 10*4;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*4;
+        ctx->t2 = t + 4*4;
+        ctx->t3 = t + 6*4;
+        ctx->t4 = t + 8*4;
+        ctx->t5 = t + 10*4;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -10286,12 +10271,11 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
         ctx->state = 20;
         break;
     case 20:
-        sp_256_mont_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
+        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
+        sp_256_mont_rsb_sub_dbl_avx2_4(ctx->x, ctx->x, ctx->y, p256_mod);
         ctx->state = 21;
         break;
     case 21:
-        /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_256_mont_sub_lower_avx2_4(ctx->y, ctx->y, ctx->x, p256_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -10304,22 +10288,28 @@ static int sp_256_proj_point_add_avx2_4_nb(sp_ecc_ctx_t* sp_ctx, sp_point_256* r
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -10377,16 +10367,16 @@ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r,
         /* A = 3*(X^2 - W) */
         sp_256_mont_sqr_avx2_4(t1, x, p256_mod, p256_mp_mod);
         sp_256_mont_sub_avx2_4(t1, t1, w, p256_mod);
-        sp_256_mont_tpl_lower_avx2_4(a, t1, p256_mod);
+        sp_256_mont_tpl_avx2_4(a, t1, p256_mod);
         /* B = X*Y^2 */
         sp_256_mont_sqr_avx2_4(t1, y, p256_mod, p256_mp_mod);
         sp_256_mont_mul_avx2_4(b, t1, x, p256_mod, p256_mp_mod);
         x = r[j].x;
         /* X = A^2 - 2B */
         sp_256_mont_sqr_avx2_4(x, a, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_dbl_avx2_4(x, x, b, p256_mod);
+        sp_256_mont_rsb_sub_dbl_avx2_4(x, x, b, p256_mod);
         /* B = 2.(B - X) */
-        sp_256_mont_dbl_sub_avx2_4(b, b, x, p256_mod);
+        sp_256_mont_dbl_avx2_4(b, b, p256_mod);
         /* Z = Z*Y */
         sp_256_mont_mul_avx2_4(r[j].z, z, y, p256_mod, p256_mp_mod);
         z = r[j].z;
@@ -10400,7 +10390,7 @@ static void sp_256_proj_point_dbl_n_store_avx2_4(sp_point_256* r,
         sp_256_mont_mul_avx2_4(y, b, a, p256_mod, p256_mp_mod);
         sp_256_mont_sub_avx2_4(y, y, t1, p256_mod);
         /* Y = Y/2 */
-        sp_256_div2_avx2_4(r[j].y, y, p256_mod);
+        sp_256_mont_div2_avx2_4(r[j].y, y, p256_mod);
         r[j].infinity = 0;
     }
 }
@@ -10474,8 +10464,8 @@ static void sp_256_proj_point_add_sub_avx2_4(sp_point_256* ra,
     sp_256_mont_sub_avx2_4(xs, xs, t1, p256_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_256_mont_sub_lower_avx2_4(ys, ya, xs, p256_mod);
-    sp_256_mont_sub_lower_avx2_4(ya, ya, xa, p256_mod);
+    sp_256_mont_sub_avx2_4(ys, ya, xs, p256_mod);
+    sp_256_mont_sub_avx2_4(ya, ya, xa, p256_mod);
     sp_256_mont_mul_avx2_4(ya, ya, t4, p256_mod, p256_mp_mod);
     sp_256_sub_4(t6, p256_mod, t6);
     sp_256_mont_mul_avx2_4(ys, ys, t6, p256_mod, p256_mp_mod);
@@ -10524,7 +10514,7 @@ static int sp_256_ecc_mulmod_win_add_sub_avx2_4(sp_point_256* r, const sp_point_
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 
+    t = (sp_point_256*)XMALLOC(sizeof(sp_point_256) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -10650,12 +10640,11 @@ typedef struct sp_table_entry_256 {
 static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*4;
+    sp_digit* t6 = t + 4*4;
+    sp_digit* t1 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -10671,13 +10660,9 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
         sp_256_proj_point_dbl_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_4(t2, t2, p->x, p256_mod);
@@ -10686,32 +10671,38 @@ static void sp_256_proj_point_add_qz1_4(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_4(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_4(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(x, t1, t5, p256_mod);
-        sp_256_mont_sub_dbl_4(x, x, t3, p256_mod);
+        sp_256_mont_sqr_4(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_4(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_4(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_4(t2, t2, t1, p256_mod);
+        sp_256_mont_rsb_sub_dbl_4(x, t2, t3, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_4(t3, t3, x, p256_mod);
         sp_256_mont_mul_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_4(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_4(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_256_mont_mul_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_4(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -10869,7 +10860,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     sp_digit* t = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit t[2 * 4 * 6];
+    sp_digit t[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     int i;
@@ -10890,7 +10881,7 @@ static int sp_256_ecc_mulmod_stripe_4(sp_point_256* r, const sp_point_256* g,
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                DYNAMIC_TYPE_ECC);
         if (t == NULL)
             err = MEMORY_E;
@@ -10994,7 +10985,7 @@ static THREAD_LS_T int sp_cache_256_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
@@ -11065,8 +11056,8 @@ static void sp_ecc_get_cache_256(const sp_point_256* g, sp_cache_256_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_4(r, g, k, map, ct, heap);
@@ -11074,13 +11065,13 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
 #ifdef WOLFSSL_SP_SMALL_STACK
     sp_digit* tmp;
 #else
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_cache_256_t* cache;
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
     if (tmp == NULL) {
         err = MEMORY_E;
     }
@@ -11137,12 +11128,11 @@ static int sp_256_ecc_mulmod_4(sp_point_256* r, const sp_point_256* g, const sp_
 static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
     const sp_point_256* p, const sp_point_256* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*4;
-    sp_digit* t3 = t + 4*4;
-    sp_digit* t4 = t + 6*4;
-    sp_digit* t5 = t + 8*4;
-    sp_digit* t6 = t + 10*4;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*4;
+    sp_digit* t6 = t + 4*4;
+    sp_digit* t1 = t + 6*4;
+    sp_digit* t4 = t + 8*4;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -11158,13 +11148,9 @@ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
         sp_256_proj_point_dbl_avx2_4(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_256_mont_sub_avx2_4(t2, t2, p->x, p256_mod);
@@ -11173,32 +11159,38 @@ static void sp_256_proj_point_add_qz1_avx2_4(sp_point_256* r,
         /* Z3 = H*Z1 */
         sp_256_mont_mul_avx2_4(z, p->z, t2, p256_mod, p256_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_256_mont_sqr_avx2_4(t1, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_sqr_avx2_4(t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t3, p->x, t5, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t5, t5, t2, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(x, t1, t5, p256_mod);
-        sp_256_mont_sub_dbl_avx2_4(x, x, t3, p256_mod);
+        sp_256_mont_sqr_avx2_4(t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_avx2_4(t3, p->x, t1, p256_mod, p256_mp_mod);
+        sp_256_mont_mul_avx2_4(t1, t1, t2, p256_mod, p256_mp_mod);
+        sp_256_mont_sqr_avx2_4(t2, t4, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_avx2_4(t2, t2, t1, p256_mod);
+        sp_256_mont_rsb_sub_dbl_avx2_4(x, t2, t3, p256_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_256_mont_sub_lower_avx2_4(t3, t3, x, p256_mod);
         sp_256_mont_mul_avx2_4(t3, t3, t4, p256_mod, p256_mp_mod);
-        sp_256_mont_mul_avx2_4(t5, t5, p->y, p256_mod, p256_mp_mod);
-        sp_256_mont_sub_avx2_4(y, t3, t5, p256_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 4; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 4; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_256_mont_mul_avx2_4(t1, t1, p->y, p256_mod, p256_mp_mod);
+        sp_256_mont_sub_avx2_4(y, t3, t1, p256_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 4; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 4; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -11342,7 +11334,7 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
     sp_digit* t = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit t[2 * 4 * 6];
+    sp_digit t[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     int i;
@@ -11363,7 +11355,7 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        t = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                DYNAMIC_TYPE_ECC);
         if (t == NULL)
             err = MEMORY_E;
@@ -11445,8 +11437,8 @@ static int sp_256_ecc_mulmod_stripe_avx2_4(sp_point_256* r, const sp_point_256*
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_256_ecc_mulmod_win_add_sub_avx2_4(r, g, k, map, ct, heap);
@@ -11454,13 +11446,13 @@ static int sp_256_ecc_mulmod_avx2_4(sp_point_256* r, const sp_point_256* g, cons
 #ifdef WOLFSSL_SP_SMALL_STACK
     sp_digit* tmp;
 #else
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_cache_256_t* cache;
     int err = MP_OKAY;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap, DYNAMIC_TYPE_ECC);
+    tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap, DYNAMIC_TYPE_ECC);
     if (tmp == NULL) {
         err = MEMORY_E;
     }
@@ -11571,7 +11563,7 @@ int sp_ecc_mulmod_256(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -11582,7 +11574,7 @@ int sp_ecc_mulmod_add_256(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_256* point = NULL;    
+    sp_point_256* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_256 point[2];
@@ -24101,7 +24093,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     sp_digit* tmp = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     sp_digit* negy = NULL;
@@ -24120,7 +24112,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                  DYNAMIC_TYPE_ECC);
         if (tmp == NULL)
             err = MEMORY_E;
@@ -24179,7 +24171,7 @@ static int sp_256_ecc_mulmod_add_only_4(sp_point_256* r, const sp_point_256* g,
     if (tmp != NULL)
 #endif
     {
-        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
     #ifdef WOLFSSL_SP_SMALL_STACK
         XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
     #endif
@@ -24235,7 +24227,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
     sp_digit* tmp = NULL;
 #else
     sp_point_256 rt[2];
-    sp_digit tmp[2 * 4 * 6];
+    sp_digit tmp[2 * 4 * 5];
 #endif
     sp_point_256* p = NULL;
     sp_digit* negy = NULL;
@@ -24254,7 +24246,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
     if (rt == NULL)
         err = MEMORY_E;
     if (err == MP_OKAY) {
-        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 6, heap,
+        tmp = (sp_digit*)XMALLOC(sizeof(sp_digit) * 2 * 4 * 5, heap,
                                  DYNAMIC_TYPE_ECC);
         if (tmp == NULL)
             err = MEMORY_E;
@@ -24313,7 +24305,7 @@ static int sp_256_ecc_mulmod_add_only_avx2_4(sp_point_256* r, const sp_point_256
     if (tmp != NULL)
 #endif
     {
-        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 6);
+        ForceZero(tmp, sizeof(sp_digit) * 2 * 4 * 5);
     #ifdef WOLFSSL_SP_SMALL_STACK
         XFREE(tmp, heap, DYNAMIC_TYPE_ECC);
     #endif
@@ -24409,7 +24401,7 @@ int sp_ecc_mulmod_base_256(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -24434,7 +24426,7 @@ int sp_ecc_mulmod_base_add_256(const mp_int* km, const ecc_point* am,
 #endif
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, 
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -24600,7 +24592,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_256* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 #ifdef HAVE_INTEL_AVX2
     word32 cpuid_flags = cpuid_get_flags();
 #endif
@@ -24611,7 +24603,7 @@ int sp_ecc_make_key_256(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_256*)XMALLOC(sizeof(sp_point_256) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_256*)XMALLOC(sizeof(sp_point_256), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -26012,7 +26004,7 @@ static void sp_256_add_points_4(sp_point_256* p1, const sp_point_256* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -26400,7 +26392,7 @@ int sp_ecc_verify_256_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -26428,19 +26420,21 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 4;
 
+        /* y^2 - x^3 - a.x = b */
         sp_256_sqr_4(t1, point->y);
         (void)sp_256_mod_4(t1, t1, p256_mod);
         sp_256_sqr_4(t2, point->x);
         (void)sp_256_mod_4(t2, t2, p256_mod);
         sp_256_mul_4(t2, t2, point->x);
         (void)sp_256_mod_4(t2, t2, p256_mod);
-        (void)sp_256_sub_4(t2, p256_mod, t2);
-        sp_256_mont_add_4(t1, t1, t2, p256_mod);
+        sp_256_mont_sub_4(t1, t1, t2, p256_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
         sp_256_mont_add_4(t1, t1, point->x, p256_mod);
 
+
         if (sp_256_cmp_4(t1, p256_b) != 0) {
             err = MP_VAL;
         }
@@ -26454,7 +26448,7 @@ static int sp_256_ecc_is_point_4(const sp_point_256* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -27289,14 +27283,14 @@ static void sp_384_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -27509,7 +27503,7 @@ extern void sp_384_mont_reduce_order_6(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -27523,7 +27517,7 @@ SP_NOINLINE static void sp_384_mont_mul_6(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -27539,10 +27533,10 @@ SP_NOINLINE static void sp_384_mont_sqr_6(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_6(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_6(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_6(r, a, m, mp);
     for (; n > 1; n--) {
@@ -27728,14 +27722,7 @@ extern void sp_384_mont_sub_6(sp_digit* r, const sp_digit* a, const sp_digit* b,
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_384_mont_sub_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* b, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_384_mont_div2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -27783,7 +27770,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_6(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_6(t2, t2, p384_mod);
+    sp_384_mont_div2_6(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_6(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -27793,7 +27780,7 @@ static void sp_384_proj_point_dbl_6(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_6(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+    sp_384_mont_sub_6(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_6(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -27816,7 +27803,8 @@ typedef struct sp_384_proj_point_dbl_6_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_6_ctx* ctx = (sp_384_proj_point_dbl_6_ctx*)sp_ctx->data;
@@ -27890,7 +27878,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_6(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_6(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -27915,7 +27903,7 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -27940,20 +27928,6 @@ static int sp_384_proj_point_dbl_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_dbl_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern void sp_384_mont_tpl_lower_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
-#ifdef __cplusplus
-}
-#endif
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -27992,7 +27966,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+        sp_384_mont_tpl_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28001,8 +27975,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
         sp_384_mont_dbl_6(t2, b, p384_mod);
         sp_384_mont_sub_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+        sp_384_mont_sub_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -28022,7 +27996,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+    sp_384_mont_tpl_6(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28031,8 +28005,8 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     sp_384_mont_dbl_6(t2, b, p384_mod);
     sp_384_mont_sub_6(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+    sp_384_mont_sub_6(t2, b, x, p384_mod);
+    sp_384_mont_dbl_6(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_6(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -28042,7 +28016,7 @@ static void sp_384_proj_point_dbl_n_6(sp_point_384* p, int i,
     sp_384_mont_sub_6(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_6(y, y, p384_mod);
+    sp_384_mont_div2_6(y, y, p384_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -28080,12 +28054,12 @@ static int sp_384_iszero_6(const sp_digit* a)
 static void sp_384_proj_point_add_6(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*6;
+    sp_digit* t2 = t + 4*6;
+    sp_digit* t3 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -28107,17 +28081,9 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
         sp_384_proj_point_dbl_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_6(t2, t2, t1, p384_mod);
@@ -28136,20 +28102,31 @@ static void sp_384_proj_point_add_6(sp_point_384* r,
         sp_384_mont_dbl_6(t3, y, p384_mod);
         sp_384_mont_sub_6(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_6(y, y, x, p384_mod);
+        sp_384_mont_sub_6(y, y, x, p384_mod);
         sp_384_mont_mul_6(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(y, y, t5, p384_mod);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -28195,12 +28172,12 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->t3 = t + 4*6;
-        ctx->t4 = t + 6*6;
-        ctx->t5 = t + 8*6;
-        ctx->t6 = t + 10*6;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*6;
+        ctx->t2 = t + 4*6;
+        ctx->t3 = t + 6*6;
+        ctx->t4 = t + 8*6;
+        ctx->t5 = t + 10*6;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -28307,7 +28284,7 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -28320,22 +28297,28 @@ static int sp_384_proj_point_add_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -28394,7 +28377,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_6(a, t1, p384_mod);
+        sp_384_mont_tpl_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -28404,8 +28387,8 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         sp_384_mont_dbl_6(t2, b, p384_mod);
         sp_384_mont_sub_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_6(b, t2, p384_mod);
+        sp_384_mont_sub_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_6(r[j].z, z, y, p384_mod, p384_mp_mod);
         z = r[j].z;
@@ -28419,7 +28402,7 @@ static void sp_384_proj_point_dbl_n_store_6(sp_point_384* r,
         sp_384_mont_mul_6(y, b, a, p384_mod, p384_mp_mod);
         sp_384_mont_sub_6(y, y, t1, p384_mod);
         /* Y = Y/2 */
-        sp_384_div2_6(r[j].y, y, p384_mod);
+        sp_384_mont_div2_6(r[j].y, y, p384_mod);
         r[j].infinity = 0;
     }
 }
@@ -28493,8 +28476,8 @@ static void sp_384_proj_point_add_sub_6(sp_point_384* ra,
     sp_384_mont_sub_6(xs, xs, t1, p384_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_lower_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_lower_6(ya, ya, xa, p384_mod);
+    sp_384_mont_sub_6(ys, ya, xs, p384_mod);
+    sp_384_mont_sub_6(ya, ya, xa, p384_mod);
     sp_384_mont_mul_6(ya, ya, t4, p384_mod, p384_mp_mod);
     sp_384_sub_6(t6, p384_mod, t6);
     sp_384_mont_mul_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -28628,7 +28611,7 @@ static int sp_384_ecc_mulmod_win_add_sub_6(sp_point_384* r, const sp_point_384*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 
+    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -28751,7 +28734,7 @@ extern void sp_384_mont_reduce_order_avx2_6(sp_digit* a, const sp_digit* m, sp_d
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -28767,7 +28750,7 @@ SP_NOINLINE static void sp_384_mont_mul_avx2_6(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -28784,10 +28767,10 @@ SP_NOINLINE static void sp_384_mont_sqr_avx2_6(sp_digit* r, const sp_digit* a,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_384_mont_sqr_n_avx2_6(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_384_mont_sqr_n_avx2_6(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_384_mont_sqr_avx2_6(r, a, m, mp);
     for (; n > 1; n--) {
@@ -28933,11 +28916,10 @@ static void sp_384_map_avx2_6(sp_point_384* r, const sp_point_384* p,
 #define sp_384_mont_dbl_avx2_6 sp_384_mont_dbl_6
 #define sp_384_mont_tpl_avx2_6 sp_384_mont_tpl_6
 #define sp_384_mont_sub_avx2_6 sp_384_mont_sub_6
-#define sp_384_mont_sub_lower_avx2_6 sp_384_mont_sub_lower_6
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_384_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_384_mont_div2_avx2_6(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -28985,7 +28967,7 @@ static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p,
     /* T2 = Y * Y */
     sp_384_mont_sqr_avx2_6(t2, y, p384_mod, p384_mp_mod);
     /* T2 = T2/2 */
-    sp_384_div2_avx2_6(t2, t2, p384_mod);
+    sp_384_mont_div2_avx2_6(t2, t2, p384_mod);
     /* Y = Y * X */
     sp_384_mont_mul_avx2_6(y, y, p->x, p384_mod, p384_mp_mod);
     /* X = T1 * T1 */
@@ -28995,7 +28977,7 @@ static void sp_384_proj_point_dbl_avx2_6(sp_point_384* r, const sp_point_384* p,
     /* X = X - Y */
     sp_384_mont_sub_avx2_6(x, x, y, p384_mod);
     /* Y = Y - X */
-    sp_384_mont_sub_lower_avx2_6(y, y, x, p384_mod);
+    sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
     /* Y = Y * T1 */
     sp_384_mont_mul_avx2_6(y, y, t1, p384_mod, p384_mp_mod);
     /* Y = Y - T2 */
@@ -29018,7 +29000,8 @@ typedef struct sp_384_proj_point_dbl_avx2_6_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r, const sp_point_384* p, sp_digit* t)
+static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r,
+        const sp_point_384* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_384_proj_point_dbl_avx2_6_ctx* ctx = (sp_384_proj_point_dbl_avx2_6_ctx*)sp_ctx->data;
@@ -29092,7 +29075,7 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_384_div2_avx2_6(ctx->t2, ctx->t2, p384_mod);
+        sp_384_mont_div2_avx2_6(ctx->t2, ctx->t2, p384_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -29117,7 +29100,7 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
         break;
     case 16:
         /* Y = Y - X */
-        sp_384_mont_sub_lower_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -29142,8 +29125,6 @@ static int sp_384_proj_point_dbl_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_384_mont_dbl_lower_avx2_6 sp_384_mont_dbl_lower_6
-#define sp_384_mont_tpl_lower_avx2_6 sp_384_mont_tpl_lower_6
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -29182,7 +29163,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+        sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29191,8 +29172,8 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
         sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
         sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+        sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
         /* t1 = Y^4 */
@@ -29212,7 +29193,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
     /* A = 3*(X^2 - W) */
     sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
     sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-    sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+    sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
     /* B = X*Y^2 */
     sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
     sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29221,8 +29202,8 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
     sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
     sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
     /* B = 2.(B - X) */
-    sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
-    sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+    sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+    sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
     /* Z = Z*Y */
     sp_384_mont_mul_avx2_6(z, z, y, p384_mod, p384_mp_mod);
     /* t1 = Y^4 */
@@ -29232,7 +29213,7 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
     sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_384_div2_avx2_6(y, y, p384_mod);
+    sp_384_mont_div2_avx2_6(y, y, p384_mod);
 }
 
 
@@ -29246,12 +29227,12 @@ static void sp_384_proj_point_dbl_n_avx2_6(sp_point_384* p, int i,
 static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
         const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*6;
+    sp_digit* t2 = t + 4*6;
+    sp_digit* t3 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* U1 = X1*Z2^2 */
     sp_384_mont_sqr_avx2_6(t1, q->z, p384_mod, p384_mp_mod);
@@ -29273,17 +29254,9 @@ static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
         sp_384_proj_point_dbl_avx2_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
@@ -29302,20 +29275,31 @@ static void sp_384_proj_point_add_avx2_6(sp_point_384* r,
         sp_384_mont_dbl_avx2_6(t3, y, p384_mod);
         sp_384_mont_sub_avx2_6(x, x, t3, p384_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_avx2_6(y, y, x, p384_mod);
+        sp_384_mont_sub_avx2_6(y, y, x, p384_mod);
         sp_384_mont_mul_avx2_6(y, y, t4, p384_mod, p384_mp_mod);
         sp_384_mont_sub_avx2_6(y, y, t5, p384_mod);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -29361,12 +29345,12 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*6;
-        ctx->t3 = t + 4*6;
-        ctx->t4 = t + 6*6;
-        ctx->t5 = t + 8*6;
-        ctx->t6 = t + 10*6;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*6;
+        ctx->t2 = t + 4*6;
+        ctx->t3 = t + 6*6;
+        ctx->t4 = t + 8*6;
+        ctx->t5 = t + 10*6;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -29473,7 +29457,7 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_384_mont_sub_lower_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
+        sp_384_mont_sub_avx2_6(ctx->y, ctx->y, ctx->x, p384_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -29486,22 +29470,28 @@ static int sp_384_proj_point_add_avx2_6_nb(sp_ecc_ctx_t* sp_ctx, sp_point_384* r
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -29560,7 +29550,7 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
         /* A = 3*(X^2 - W) */
         sp_384_mont_sqr_avx2_6(t1, x, p384_mod, p384_mp_mod);
         sp_384_mont_sub_avx2_6(t1, t1, w, p384_mod);
-        sp_384_mont_tpl_lower_avx2_6(a, t1, p384_mod);
+        sp_384_mont_tpl_avx2_6(a, t1, p384_mod);
         /* B = X*Y^2 */
         sp_384_mont_sqr_avx2_6(t1, y, p384_mod, p384_mp_mod);
         sp_384_mont_mul_avx2_6(b, t1, x, p384_mod, p384_mp_mod);
@@ -29570,8 +29560,8 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
         sp_384_mont_dbl_avx2_6(t2, b, p384_mod);
         sp_384_mont_sub_avx2_6(x, x, t2, p384_mod);
         /* B = 2.(B - X) */
-        sp_384_mont_sub_lower_avx2_6(t2, b, x, p384_mod);
-        sp_384_mont_dbl_lower_avx2_6(b, t2, p384_mod);
+        sp_384_mont_sub_avx2_6(t2, b, x, p384_mod);
+        sp_384_mont_dbl_avx2_6(b, t2, p384_mod);
         /* Z = Z*Y */
         sp_384_mont_mul_avx2_6(r[j].z, z, y, p384_mod, p384_mp_mod);
         z = r[j].z;
@@ -29585,7 +29575,7 @@ static void sp_384_proj_point_dbl_n_store_avx2_6(sp_point_384* r,
         sp_384_mont_mul_avx2_6(y, b, a, p384_mod, p384_mp_mod);
         sp_384_mont_sub_avx2_6(y, y, t1, p384_mod);
         /* Y = Y/2 */
-        sp_384_div2_avx2_6(r[j].y, y, p384_mod);
+        sp_384_mont_div2_avx2_6(r[j].y, y, p384_mod);
         r[j].infinity = 0;
     }
 }
@@ -29659,8 +29649,8 @@ static void sp_384_proj_point_add_sub_avx2_6(sp_point_384* ra,
     sp_384_mont_sub_avx2_6(xs, xs, t1, p384_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_384_mont_sub_lower_avx2_6(ys, ya, xs, p384_mod);
-    sp_384_mont_sub_lower_avx2_6(ya, ya, xa, p384_mod);
+    sp_384_mont_sub_avx2_6(ys, ya, xs, p384_mod);
+    sp_384_mont_sub_avx2_6(ya, ya, xa, p384_mod);
     sp_384_mont_mul_avx2_6(ya, ya, t4, p384_mod, p384_mp_mod);
     sp_384_sub_6(t6, p384_mod, t6);
     sp_384_mont_mul_avx2_6(ys, ys, t6, p384_mod, p384_mp_mod);
@@ -29709,7 +29699,7 @@ static int sp_384_ecc_mulmod_win_add_sub_avx2_6(sp_point_384* r, const sp_point_
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 
+    t = (sp_point_384*)XMALLOC(sizeof(sp_point_384) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -29835,12 +29825,12 @@ typedef struct sp_table_entry_384 {
 static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*6;
+    sp_digit* t6 = t + 4*6;
+    sp_digit* t1 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -29856,13 +29846,9 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
         sp_384_proj_point_dbl_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_6(t2, t2, p->x, p384_mod);
@@ -29871,33 +29857,40 @@ static void sp_384_proj_point_add_qz1_6(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_6(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_6(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_6(t1, t3, p384_mod);
-        sp_384_mont_sub_6(x, x, t1, p384_mod);
+        sp_384_mont_sqr_6(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_6(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_6(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_6(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_6(t5, t3, p384_mod);
+        sp_384_mont_sub_6(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_6(t3, t3, x, p384_mod);
+        sp_384_mont_sub_6(t3, t3, x, p384_mod);
         sp_384_mont_mul_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_6(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_6(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_6(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -30180,7 +30173,7 @@ static THREAD_LS_T int sp_cache_384_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
@@ -30251,8 +30244,8 @@ static void sp_ecc_get_cache_384(const sp_point_384* g, sp_cache_384_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_6(r, g, k, map, ct, heap);
@@ -30323,12 +30316,12 @@ static int sp_384_ecc_mulmod_6(sp_point_384* r, const sp_point_384* g, const sp_
 static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
     const sp_point_384* p, const sp_point_384* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*6;
-    sp_digit* t3 = t + 4*6;
-    sp_digit* t4 = t + 6*6;
-    sp_digit* t5 = t + 8*6;
-    sp_digit* t6 = t + 10*6;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*6;
+    sp_digit* t6 = t + 4*6;
+    sp_digit* t1 = t + 6*6;
+    sp_digit* t4 = t + 8*6;
+    sp_digit* t5 = t + 10*6;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -30344,13 +30337,9 @@ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
         sp_384_proj_point_dbl_avx2_6(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_384_mont_sub_avx2_6(t2, t2, p->x, p384_mod);
@@ -30359,33 +30348,40 @@ static void sp_384_proj_point_add_qz1_avx2_6(sp_point_384* r,
         /* Z3 = H*Z1 */
         sp_384_mont_mul_avx2_6(z, p->z, t2, p384_mod, p384_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_384_mont_sqr_avx2_6(t1, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_sqr_avx2_6(t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t3, p->x, t5, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t5, t5, t2, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(x, t1, t5, p384_mod);
-        sp_384_mont_dbl_avx2_6(t1, t3, p384_mod);
-        sp_384_mont_sub_avx2_6(x, x, t1, p384_mod);
+        sp_384_mont_sqr_avx2_6(t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_avx2_6(t3, p->x, t1, p384_mod, p384_mp_mod);
+        sp_384_mont_mul_avx2_6(t1, t1, t2, p384_mod, p384_mp_mod);
+        sp_384_mont_sqr_avx2_6(t2, t4, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_avx2_6(t2, t2, t1, p384_mod);
+        sp_384_mont_dbl_avx2_6(t5, t3, p384_mod);
+        sp_384_mont_sub_avx2_6(x, t2, t5, p384_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_384_mont_sub_lower_avx2_6(t3, t3, x, p384_mod);
+        sp_384_mont_sub_avx2_6(t3, t3, x, p384_mod);
         sp_384_mont_mul_avx2_6(t3, t3, t4, p384_mod, p384_mp_mod);
-        sp_384_mont_mul_avx2_6(t5, t5, p->y, p384_mod, p384_mp_mod);
-        sp_384_mont_sub_avx2_6(y, t3, t5, p384_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 6; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 6; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_384_mont_mul_avx2_6(t1, t1, p->y, p384_mod, p384_mp_mod);
+        sp_384_mont_sub_avx2_6(y, t3, t1, p384_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 6; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 6; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -30632,8 +30628,8 @@ static int sp_384_ecc_mulmod_stripe_avx2_6(sp_point_384* r, const sp_point_384*
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_384_ecc_mulmod_avx2_6(sp_point_384* r, const sp_point_384* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_384_ecc_mulmod_win_add_sub_avx2_6(r, g, k, map, ct, heap);
@@ -30758,7 +30754,7 @@ int sp_ecc_mulmod_384(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -30769,7 +30765,7 @@ int sp_ecc_mulmod_add_384(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_384* point = NULL;    
+    sp_point_384* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_384 point[2];
@@ -49410,7 +49406,7 @@ int sp_ecc_mulmod_base_384(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -49435,7 +49431,7 @@ int sp_ecc_mulmod_base_add_384(const mp_int* km, const ecc_point* am,
 #endif
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, 
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -49601,7 +49597,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_384* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 #ifdef HAVE_INTEL_AVX2
     word32 cpuid_flags = cpuid_get_flags();
 #endif
@@ -49612,7 +49608,7 @@ int sp_ecc_make_key_384(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_384*)XMALLOC(sizeof(sp_point_384) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_384*)XMALLOC(sizeof(sp_point_384), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -50872,7 +50868,7 @@ static int sp_384_mod_inv_6(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_384_cmp_6(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_384_cmp_6(u, v) >= 0))) {
             sp_384_sub_6(u, u, v);
             o = sp_384_sub_6(b, b, d);
             if (o != 0)
@@ -50962,7 +50958,7 @@ static void sp_384_add_points_6(sp_point_384* p1, const sp_point_384* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -51343,7 +51339,7 @@ int sp_ecc_verify_384_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -51371,19 +51367,21 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 6;
 
+        /* y^2 - x^3 - a.x = b */
         sp_384_sqr_6(t1, point->y);
         (void)sp_384_mod_6(t1, t1, p384_mod);
         sp_384_sqr_6(t2, point->x);
         (void)sp_384_mod_6(t2, t2, p384_mod);
         sp_384_mul_6(t2, t2, point->x);
         (void)sp_384_mod_6(t2, t2, p384_mod);
-        (void)sp_384_sub_6(t2, p384_mod, t2);
-        sp_384_mont_add_6(t1, t1, t2, p384_mod);
+        sp_384_mont_sub_6(t1, t1, t2, p384_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
         sp_384_mont_add_6(t1, t1, point->x, p384_mod);
 
+
         if (sp_384_cmp_6(t1, p384_b) != 0) {
             err = MP_VAL;
         }
@@ -51397,7 +51395,7 @@ static int sp_384_ecc_is_point_6(const sp_point_384* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -52203,14 +52201,14 @@ static void sp_521_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -52416,10 +52414,10 @@ extern void sp_521_mont_sqr_9(sp_digit* r, const sp_digit* a, const sp_digit* m,
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_9(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_9(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_9(r, a, m, mp);
     for (; n > 1; n--) {
@@ -52620,11 +52618,10 @@ extern void sp_521_mont_sub_9(sp_digit* r, const sp_digit* a, const sp_digit* b,
 #ifdef __cplusplus
 }
 #endif
-#define sp_521_mont_sub_lower_9 sp_521_mont_sub_9
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_521_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_521_mont_div2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -52672,7 +52669,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_9(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_9(t2, t2, p521_mod);
+    sp_521_mont_div2_9(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_9(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -52682,7 +52679,7 @@ static void sp_521_proj_point_dbl_9(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_9(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+    sp_521_mont_sub_9(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_9(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -52705,7 +52702,8 @@ typedef struct sp_521_proj_point_dbl_9_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_9_ctx* ctx = (sp_521_proj_point_dbl_9_ctx*)sp_ctx->data;
@@ -52779,7 +52777,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_9(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_9(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -52804,7 +52802,7 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -52829,8 +52827,6 @@ static int sp_521_proj_point_dbl_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, con
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_9 sp_521_mont_dbl_9
-#define sp_521_mont_tpl_lower_9 sp_521_mont_tpl_9
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -52869,7 +52865,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -52878,8 +52874,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -52899,7 +52895,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+    sp_521_mont_tpl_9(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -52908,8 +52904,8 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_dbl_9(t2, b, p521_mod);
     sp_521_mont_sub_9(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+    sp_521_mont_sub_9(t2, b, x, p521_mod);
+    sp_521_mont_dbl_9(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_9(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -52919,7 +52915,7 @@ static void sp_521_proj_point_dbl_n_9(sp_point_521* p, int i,
     sp_521_mont_sub_9(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_9(y, y, p521_mod);
+    sp_521_mont_div2_9(y, y, p521_mod);
 }
 
 /* Compare two numbers to determine if they are equal.
@@ -52959,12 +52955,12 @@ static int sp_521_iszero_9(const sp_digit* a)
 static void sp_521_proj_point_add_9(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*9;
+    sp_digit* t2 = t + 4*9;
+    sp_digit* t3 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -52986,17 +52982,9 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_9(t2, t2, t1, p521_mod);
@@ -53015,20 +53003,31 @@ static void sp_521_proj_point_add_9(sp_point_521* r,
         sp_521_mont_dbl_9(t3, y, p521_mod);
         sp_521_mont_sub_9(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(y, y, x, p521_mod);
+        sp_521_mont_sub_9(y, y, x, p521_mod);
         sp_521_mont_mul_9(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t5, p521_mod);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -53074,12 +53073,12 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->t3 = t + 4*9;
-        ctx->t4 = t + 6*9;
-        ctx->t5 = t + 8*9;
-        ctx->t6 = t + 10*9;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*9;
+        ctx->t2 = t + 4*9;
+        ctx->t3 = t + 6*9;
+        ctx->t4 = t + 8*9;
+        ctx->t5 = t + 10*9;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -53186,7 +53185,7 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -53199,22 +53198,28 @@ static int sp_521_proj_point_add_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -53273,7 +53278,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_9(a, t1, p521_mod);
+        sp_521_mont_tpl_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -53283,8 +53288,8 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_dbl_9(t2, b, p521_mod);
         sp_521_mont_sub_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_9(b, t2, p521_mod);
+        sp_521_mont_sub_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_9(r[j].z, z, y, p521_mod, p521_mp_mod);
         z = r[j].z;
@@ -53298,7 +53303,7 @@ static void sp_521_proj_point_dbl_n_store_9(sp_point_521* r,
         sp_521_mont_mul_9(y, b, a, p521_mod, p521_mp_mod);
         sp_521_mont_sub_9(y, y, t1, p521_mod);
         /* Y = Y/2 */
-        sp_521_div2_9(r[j].y, y, p521_mod);
+        sp_521_mont_div2_9(r[j].y, y, p521_mod);
         r[j].infinity = 0;
     }
 }
@@ -53372,8 +53377,8 @@ static void sp_521_proj_point_add_sub_9(sp_point_521* ra,
     sp_521_mont_sub_9(xs, xs, t1, p521_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_lower_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_lower_9(ya, ya, xa, p521_mod);
+    sp_521_mont_sub_9(ys, ya, xs, p521_mod);
+    sp_521_mont_sub_9(ya, ya, xa, p521_mod);
     sp_521_mont_mul_9(ya, ya, t4, p521_mod, p521_mp_mod);
     sp_521_sub_9(t6, p521_mod, t6);
     sp_521_mont_mul_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -53507,7 +53512,7 @@ static int sp_521_ecc_mulmod_win_add_sub_9(sp_point_521* r, const sp_point_521*
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 
+    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -53635,10 +53640,10 @@ extern void sp_521_mont_sqr_avx2_9(sp_digit* r, const sp_digit* a, const sp_digi
  * a   Number to square in Montgomery form.
  * n   Number of times to square.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
-static void sp_521_mont_sqr_n_avx2_9(sp_digit* r, const sp_digit* a, int n,
-        const sp_digit* m, sp_digit mp)
+SP_NOINLINE static void sp_521_mont_sqr_n_avx2_9(sp_digit* r,
+    const sp_digit* a, int n, const sp_digit* m, sp_digit mp)
 {
     sp_521_mont_sqr_avx2_9(r, a, m, mp);
     for (; n > 1; n--) {
@@ -53789,11 +53794,10 @@ static void sp_521_map_avx2_9(sp_point_521* r, const sp_point_521* p,
 #define sp_521_mont_dbl_avx2_9 sp_521_mont_dbl_9
 #define sp_521_mont_tpl_avx2_9 sp_521_mont_tpl_9
 #define sp_521_mont_sub_avx2_9 sp_521_mont_sub_9
-#define sp_521_mont_sub_lower_avx2_9 sp_521_mont_sub_avx2_9
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_521_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_521_mont_div2_avx2_9(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -53841,7 +53845,7 @@ static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p,
     /* T2 = Y * Y */
     sp_521_mont_sqr_avx2_9(t2, y, p521_mod, p521_mp_mod);
     /* T2 = T2/2 */
-    sp_521_div2_avx2_9(t2, t2, p521_mod);
+    sp_521_mont_div2_avx2_9(t2, t2, p521_mod);
     /* Y = Y * X */
     sp_521_mont_mul_avx2_9(y, y, p->x, p521_mod, p521_mp_mod);
     /* X = T1 * T1 */
@@ -53851,7 +53855,7 @@ static void sp_521_proj_point_dbl_avx2_9(sp_point_521* r, const sp_point_521* p,
     /* X = X - Y */
     sp_521_mont_sub_avx2_9(x, x, y, p521_mod);
     /* Y = Y - X */
-    sp_521_mont_sub_lower_avx2_9(y, y, x, p521_mod);
+    sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
     /* Y = Y * T1 */
     sp_521_mont_mul_avx2_9(y, y, t1, p521_mod, p521_mp_mod);
     /* Y = Y - T2 */
@@ -53874,7 +53878,8 @@ typedef struct sp_521_proj_point_dbl_avx2_9_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r, const sp_point_521* p, sp_digit* t)
+static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r,
+        const sp_point_521* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_521_proj_point_dbl_avx2_9_ctx* ctx = (sp_521_proj_point_dbl_avx2_9_ctx*)sp_ctx->data;
@@ -53948,7 +53953,7 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_521_div2_avx2_9(ctx->t2, ctx->t2, p521_mod);
+        sp_521_mont_div2_avx2_9(ctx->t2, ctx->t2, p521_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -53973,7 +53978,7 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
         break;
     case 16:
         /* Y = Y - X */
-        sp_521_mont_sub_lower_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -53998,8 +54003,6 @@ static int sp_521_proj_point_dbl_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_521_mont_dbl_lower_avx2_9 sp_521_mont_dbl_avx2_9
-#define sp_521_mont_tpl_lower_avx2_9 sp_521_mont_tpl_avx2_9
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -54038,7 +54041,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+        sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54047,8 +54050,8 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
         sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
         sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+        sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
         /* t1 = Y^4 */
@@ -54068,7 +54071,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
     /* A = 3*(X^2 - W) */
     sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
     sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-    sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+    sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
     /* B = X*Y^2 */
     sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
     sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54077,8 +54080,8 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
     sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
     sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
     /* B = 2.(B - X) */
-    sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
-    sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+    sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+    sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
     /* Z = Z*Y */
     sp_521_mont_mul_avx2_9(z, z, y, p521_mod, p521_mp_mod);
     /* t1 = Y^4 */
@@ -54088,7 +54091,7 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
     sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_521_div2_avx2_9(y, y, p521_mod);
+    sp_521_mont_div2_avx2_9(y, y, p521_mod);
 }
 
 
@@ -54102,12 +54105,12 @@ static void sp_521_proj_point_dbl_n_avx2_9(sp_point_521* p, int i,
 static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
         const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*9;
+    sp_digit* t2 = t + 4*9;
+    sp_digit* t3 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* U1 = X1*Z2^2 */
     sp_521_mont_sqr_avx2_9(t1, q->z, p521_mod, p521_mp_mod);
@@ -54129,17 +54132,9 @@ static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
         sp_521_proj_point_dbl_avx2_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
@@ -54158,20 +54153,31 @@ static void sp_521_proj_point_add_avx2_9(sp_point_521* r,
         sp_521_mont_dbl_avx2_9(t3, y, p521_mod);
         sp_521_mont_sub_avx2_9(x, x, t3, p521_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_avx2_9(y, y, x, p521_mod);
+        sp_521_mont_sub_avx2_9(y, y, x, p521_mod);
         sp_521_mont_mul_avx2_9(y, y, t4, p521_mod, p521_mp_mod);
         sp_521_mont_sub_avx2_9(y, y, t5, p521_mod);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -54217,12 +54223,12 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*9;
-        ctx->t3 = t + 4*9;
-        ctx->t4 = t + 6*9;
-        ctx->t5 = t + 8*9;
-        ctx->t6 = t + 10*9;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*9;
+        ctx->t2 = t + 4*9;
+        ctx->t3 = t + 6*9;
+        ctx->t4 = t + 8*9;
+        ctx->t5 = t + 10*9;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -54329,7 +54335,7 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_521_mont_sub_lower_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
+        sp_521_mont_sub_avx2_9(ctx->y, ctx->y, ctx->x, p521_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -54342,22 +54348,28 @@ static int sp_521_proj_point_add_avx2_9_nb(sp_ecc_ctx_t* sp_ctx, sp_point_521* r
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -54416,7 +54428,7 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
         /* A = 3*(X^2 - W) */
         sp_521_mont_sqr_avx2_9(t1, x, p521_mod, p521_mp_mod);
         sp_521_mont_sub_avx2_9(t1, t1, w, p521_mod);
-        sp_521_mont_tpl_lower_avx2_9(a, t1, p521_mod);
+        sp_521_mont_tpl_avx2_9(a, t1, p521_mod);
         /* B = X*Y^2 */
         sp_521_mont_sqr_avx2_9(t1, y, p521_mod, p521_mp_mod);
         sp_521_mont_mul_avx2_9(b, t1, x, p521_mod, p521_mp_mod);
@@ -54426,8 +54438,8 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
         sp_521_mont_dbl_avx2_9(t2, b, p521_mod);
         sp_521_mont_sub_avx2_9(x, x, t2, p521_mod);
         /* B = 2.(B - X) */
-        sp_521_mont_sub_lower_avx2_9(t2, b, x, p521_mod);
-        sp_521_mont_dbl_lower_avx2_9(b, t2, p521_mod);
+        sp_521_mont_sub_avx2_9(t2, b, x, p521_mod);
+        sp_521_mont_dbl_avx2_9(b, t2, p521_mod);
         /* Z = Z*Y */
         sp_521_mont_mul_avx2_9(r[j].z, z, y, p521_mod, p521_mp_mod);
         z = r[j].z;
@@ -54441,7 +54453,7 @@ static void sp_521_proj_point_dbl_n_store_avx2_9(sp_point_521* r,
         sp_521_mont_mul_avx2_9(y, b, a, p521_mod, p521_mp_mod);
         sp_521_mont_sub_avx2_9(y, y, t1, p521_mod);
         /* Y = Y/2 */
-        sp_521_div2_avx2_9(r[j].y, y, p521_mod);
+        sp_521_mont_div2_avx2_9(r[j].y, y, p521_mod);
         r[j].infinity = 0;
     }
 }
@@ -54515,8 +54527,8 @@ static void sp_521_proj_point_add_sub_avx2_9(sp_point_521* ra,
     sp_521_mont_sub_avx2_9(xs, xs, t1, p521_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_521_mont_sub_lower_avx2_9(ys, ya, xs, p521_mod);
-    sp_521_mont_sub_lower_avx2_9(ya, ya, xa, p521_mod);
+    sp_521_mont_sub_avx2_9(ys, ya, xs, p521_mod);
+    sp_521_mont_sub_avx2_9(ya, ya, xa, p521_mod);
     sp_521_mont_mul_avx2_9(ya, ya, t4, p521_mod, p521_mp_mod);
     sp_521_sub_9(t6, p521_mod, t6);
     sp_521_mont_mul_avx2_9(ys, ys, t6, p521_mod, p521_mp_mod);
@@ -54565,7 +54577,7 @@ static int sp_521_ecc_mulmod_win_add_sub_avx2_9(sp_point_521* r, const sp_point_
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 
+    t = (sp_point_521*)XMALLOC(sizeof(sp_point_521) *
         (33+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -54691,12 +54703,12 @@ typedef struct sp_table_entry_521 {
 static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*9;
+    sp_digit* t6 = t + 4*9;
+    sp_digit* t1 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -54712,13 +54724,9 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         sp_521_proj_point_dbl_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_9(t2, t2, p->x, p521_mod);
@@ -54727,33 +54735,40 @@ static void sp_521_proj_point_add_qz1_9(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_9(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_9(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_9(t1, t3, p521_mod);
-        sp_521_mont_sub_9(x, x, t1, p521_mod);
+        sp_521_mont_sqr_9(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_9(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_9(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_9(t5, t3, p521_mod);
+        sp_521_mont_sub_9(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_9(t3, t3, x, p521_mod);
+        sp_521_mont_sub_9(t3, t3, x, p521_mod);
         sp_521_mont_mul_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_9(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_9(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_9(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -55036,7 +55051,7 @@ static THREAD_LS_T int sp_cache_521_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
@@ -55107,8 +55122,8 @@ static void sp_ecc_get_cache_521(const sp_point_521* g, sp_cache_521_t** cache)
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_9(r, g, k, map, ct, heap);
@@ -55179,12 +55194,12 @@ static int sp_521_ecc_mulmod_9(sp_point_521* r, const sp_point_521* g, const sp_
 static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
     const sp_point_521* p, const sp_point_521* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*9;
-    sp_digit* t3 = t + 4*9;
-    sp_digit* t4 = t + 6*9;
-    sp_digit* t5 = t + 8*9;
-    sp_digit* t6 = t + 10*9;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*9;
+    sp_digit* t6 = t + 4*9;
+    sp_digit* t1 = t + 6*9;
+    sp_digit* t4 = t + 8*9;
+    sp_digit* t5 = t + 10*9;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -55200,13 +55215,9 @@ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
         sp_521_proj_point_dbl_avx2_9(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_521_mont_sub_avx2_9(t2, t2, p->x, p521_mod);
@@ -55215,33 +55226,40 @@ static void sp_521_proj_point_add_qz1_avx2_9(sp_point_521* r,
         /* Z3 = H*Z1 */
         sp_521_mont_mul_avx2_9(z, p->z, t2, p521_mod, p521_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_521_mont_sqr_avx2_9(t1, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_sqr_avx2_9(t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t3, p->x, t5, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t5, t5, t2, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(x, t1, t5, p521_mod);
-        sp_521_mont_dbl_avx2_9(t1, t3, p521_mod);
-        sp_521_mont_sub_avx2_9(x, x, t1, p521_mod);
+        sp_521_mont_sqr_avx2_9(t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_avx2_9(t3, p->x, t1, p521_mod, p521_mp_mod);
+        sp_521_mont_mul_avx2_9(t1, t1, t2, p521_mod, p521_mp_mod);
+        sp_521_mont_sqr_avx2_9(t2, t4, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_avx2_9(t2, t2, t1, p521_mod);
+        sp_521_mont_dbl_avx2_9(t5, t3, p521_mod);
+        sp_521_mont_sub_avx2_9(x, t2, t5, p521_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_521_mont_sub_lower_avx2_9(t3, t3, x, p521_mod);
+        sp_521_mont_sub_avx2_9(t3, t3, x, p521_mod);
         sp_521_mont_mul_avx2_9(t3, t3, t4, p521_mod, p521_mp_mod);
-        sp_521_mont_mul_avx2_9(t5, t5, p->y, p521_mod, p521_mp_mod);
-        sp_521_mont_sub_avx2_9(y, t3, t5, p521_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 9; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 9; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_521_mont_mul_avx2_9(t1, t1, p->y, p521_mod, p521_mp_mod);
+        sp_521_mont_sub_avx2_9(y, t3, t1, p521_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 9; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 9; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -55488,8 +55506,8 @@ static int sp_521_ecc_mulmod_stripe_avx2_9(sp_point_521* r, const sp_point_521*
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_521_ecc_mulmod_avx2_9(sp_point_521* r, const sp_point_521* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_521_ecc_mulmod_win_add_sub_avx2_9(r, g, k, map, ct, heap);
@@ -55614,7 +55632,7 @@ int sp_ecc_mulmod_521(const mp_int* km, const ecc_point* gm, ecc_point* r,
  *
  * km      Scalar to multiply by.
  * p       Point to multiply.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -55625,7 +55643,7 @@ int sp_ecc_mulmod_add_521(const mp_int* km, const ecc_point* gm,
     const ecc_point* am, int inMont, ecc_point* r, int map, void* heap)
 {
 #ifdef WOLFSSL_SP_SMALL_STACK
-    sp_point_521* point = NULL;    
+    sp_point_521* point = NULL;
     sp_digit* k = NULL;
 #else
     sp_point_521 point[2];
@@ -90452,7 +90470,7 @@ int sp_ecc_mulmod_base_521(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -90477,7 +90495,7 @@ int sp_ecc_mulmod_base_add_521(const mp_int* km, const ecc_point* am,
 #endif
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, 
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -90644,7 +90662,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     sp_point_521* infinity = NULL;
 #endif
     int err = MP_OKAY;
-    
+
 #ifdef HAVE_INTEL_AVX2
     word32 cpuid_flags = cpuid_get_flags();
 #endif
@@ -90655,7 +90673,7 @@ int sp_ecc_make_key_521(WC_RNG* rng, mp_int* priv, ecc_point* pub, void* heap)
     #ifdef WOLFSSL_VALIDATE_ECC_KEYGEN
     point = (sp_point_521*)XMALLOC(sizeof(sp_point_521) * 2, heap, DYNAMIC_TYPE_ECC);
     #else
-    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);    
+    point = (sp_point_521*)XMALLOC(sizeof(sp_point_521), heap, DYNAMIC_TYPE_ECC);
     #endif
     if (point == NULL)
         err = MEMORY_E;
@@ -91978,7 +91996,7 @@ static int sp_521_mod_inv_9(sp_digit* r, const sp_digit* a, const sp_digit* m)
     }
 
     while (ut > 1 && vt > 1) {
-        if (ut > vt || (ut == vt && sp_521_cmp_9(u, v) >= 0)) {
+        if ((ut > vt) || ((ut == vt) && (sp_521_cmp_9(u, v) >= 0))) {
             sp_521_sub_9(u, u, v);
             o = sp_521_sub_9(b, b, d);
             if (o != 0)
@@ -92071,7 +92089,7 @@ static void sp_521_add_points_9(sp_point_521* p1, const sp_point_521* p2,
  * p2    Public point and temporary.
  * s     Second part of signature as a number.
  * u1    Temporary number.
- * u2    Temproray number.
+ * u2    Temporary number.
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
@@ -92459,7 +92477,7 @@ int sp_ecc_verify_521_nb(sp_ecc_ctx_t* sp_ctx, const byte* hash,
 #endif /* HAVE_ECC_VERIFY */
 
 #ifdef HAVE_ECC_CHECK_KEY
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -92487,19 +92505,21 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 9;
 
+        /* y^2 - x^3 - a.x = b */
         sp_521_sqr_9(t1, point->y);
         (void)sp_521_mod_9(t1, t1, p521_mod);
         sp_521_sqr_9(t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
         sp_521_mul_9(t2, t2, point->x);
         (void)sp_521_mod_9(t2, t2, p521_mod);
-        (void)sp_521_sub_9(t2, p521_mod, t2);
-        sp_521_mont_add_9(t1, t1, t2, p521_mod);
+        sp_521_mont_sub_9(t1, t1, t2, p521_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
         sp_521_mont_add_9(t1, t1, point->x, p521_mod);
 
+
         if (sp_521_cmp_9(t1, p521_b) != 0) {
             err = MP_VAL;
         }
@@ -92513,7 +92533,7 @@ static int sp_521_ecc_is_point_9(const sp_point_521* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
@@ -93488,14 +93508,14 @@ static void sp_1024_from_mp(sp_digit* r, int size, const mp_int* a)
 {
 #if DIGIT_BIT == 64
     int i;
-    int j = 0;
+    sp_digit j = (sp_digit)0 - (sp_digit)a->used;
+    int o = 0;
 
     for (i = 0; i < size; i++) {
-        sp_digit mask =
-            (((sp_digit)((int)a->used - i - 1)) >> (SP_WORD_SIZE - 1)) - 1;
-        r[i] = a->dp[j] & mask;
-        j += (int)(((sp_digit)1) -
-                   (((sp_digit)((int)a->used - i - 2)) >> (SP_WORD_SIZE - 1)));
+        sp_digit mask = (sp_digit)0 - (j >> 63);
+        r[i] = a->dp[o] & mask;
+        j++;
+        o += (int)(j >> 63);
     }
 #elif DIGIT_BIT > 64
     unsigned int i;
@@ -93694,7 +93714,7 @@ extern void sp_1024_mont_reduce_16(sp_digit* a, const sp_digit* m, sp_digit mp);
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -93708,7 +93728,7 @@ SP_NOINLINE static void sp_1024_mont_mul_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -93852,11 +93872,10 @@ extern void sp_1024_mont_sub_16(sp_digit* r, const sp_digit* a, const sp_digit*
 #ifdef __cplusplus
 }
 #endif
-#define sp_1024_mont_sub_lower_16 sp_1024_mont_sub_16
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_1024_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_1024_mont_div2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -93904,7 +93923,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
     /* T2 = Y * Y */
     sp_1024_mont_sqr_16(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_16(t2, t2, p1024_mod);
+    sp_1024_mont_div2_16(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_16(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -93914,7 +93933,7 @@ static void sp_1024_proj_point_dbl_16(sp_point_1024* r, const sp_point_1024* p,
     /* X = X - Y */
     sp_1024_mont_sub_16(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+    sp_1024_mont_sub_16(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_16(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -93937,7 +93956,8 @@ typedef struct sp_1024_proj_point_dbl_16_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_16_ctx* ctx = (sp_1024_proj_point_dbl_16_ctx*)sp_ctx->data;
@@ -94011,7 +94031,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_16(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_16(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -94036,7 +94056,7 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -94061,8 +94081,6 @@ static int sp_1024_proj_point_dbl_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_16 sp_1024_mont_dbl_16
-#define sp_1024_mont_tpl_lower_16 sp_1024_mont_tpl_16
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -94101,7 +94119,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94110,8 +94128,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
         sp_1024_mont_dbl_16(t2, b, p1024_mod);
         sp_1024_mont_sub_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -94131,7 +94149,7 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+    sp_1024_mont_tpl_16(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94140,8 +94158,8 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     sp_1024_mont_dbl_16(t2, b, p1024_mod);
     sp_1024_mont_sub_16(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+    sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_16(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_16(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -94151,16 +94169,9 @@ static void sp_1024_proj_point_dbl_n_16(sp_point_1024* p, int i,
     sp_1024_mont_sub_16(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_16(y, y, p1024_mod);
+    sp_1024_mont_div2_16(y, y, p1024_mod);
 }
 
-#ifdef __cplusplus
-extern "C" {
-#endif
-extern sp_digit sp_1024_sub_16(sp_digit* r, const sp_digit* a, const sp_digit* b);
-#ifdef __cplusplus
-}
-#endif
 /* Compare two numbers to determine if they are equal.
  * Constant time implementation.
  *
@@ -94201,12 +94212,12 @@ static int sp_1024_iszero_16(const sp_digit* a)
 static void sp_1024_proj_point_add_16(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*16;
+    sp_digit* t2 = t + 4*16;
+    sp_digit* t3 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -94228,17 +94239,9 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
@@ -94257,20 +94260,31 @@ static void sp_1024_proj_point_add_16(sp_point_1024* r,
         sp_1024_mont_dbl_16(t3, y, p1024_mod);
         sp_1024_mont_sub_16(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_16(y, y, x, p1024_mod);
+        sp_1024_mont_sub_16(y, y, x, p1024_mod);
         sp_1024_mont_mul_16(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(y, y, t5, p1024_mod);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -94316,12 +94330,12 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->t3 = t + 4*16;
-        ctx->t4 = t + 6*16;
-        ctx->t5 = t + 8*16;
-        ctx->t6 = t + 10*16;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*16;
+        ctx->t2 = t + 4*16;
+        ctx->t3 = t + 6*16;
+        ctx->t4 = t + 8*16;
+        ctx->t5 = t + 10*16;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -94428,7 +94442,7 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -94441,22 +94455,28 @@ static int sp_1024_proj_point_add_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -94515,7 +94535,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -94525,8 +94545,8 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         sp_1024_mont_dbl_16(t2, b, p1024_mod);
         sp_1024_mont_sub_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
         z = r[j].z;
@@ -94540,7 +94560,7 @@ static void sp_1024_proj_point_dbl_n_store_16(sp_point_1024* r,
         sp_1024_mont_mul_16(y, b, a, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_16(y, y, t1, p1024_mod);
         /* Y = Y/2 */
-        sp_1024_div2_16(r[j].y, y, p1024_mod);
+        sp_1024_mont_div2_16(r[j].y, y, p1024_mod);
         r[j].infinity = 0;
     }
 }
@@ -94614,8 +94634,8 @@ static void sp_1024_proj_point_add_sub_16(sp_point_1024* ra,
     sp_1024_mont_sub_16(xs, xs, t1, p1024_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_lower_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_lower_16(ya, ya, xa, p1024_mod);
+    sp_1024_mont_sub_16(ys, ya, xs, p1024_mod);
+    sp_1024_mont_sub_16(ya, ya, xa, p1024_mod);
     sp_1024_mont_mul_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_16(t6, p1024_mod, t6, p1024_mod);
     sp_1024_mont_mul_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -94743,7 +94763,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_16(sp_point_1024* r, const sp_point_10
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 
+    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
         (65+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -94868,7 +94888,7 @@ extern void sp_1024_mont_reduce_avx2_16(sp_digit* a, const sp_digit* m, sp_digit
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
         const sp_digit* b, const sp_digit* m, sp_digit mp)
@@ -94884,7 +94904,7 @@ SP_NOINLINE static void sp_1024_mont_mul_avx2_16(sp_digit* r, const sp_digit* a,
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 SP_NOINLINE static void sp_1024_mont_sqr_avx2_16(sp_digit* r, const sp_digit* a,
         const sp_digit* m, sp_digit mp)
@@ -95001,11 +95021,10 @@ extern void sp_1024_mont_sub_avx2_16(sp_digit* r, const sp_digit* a, const sp_di
 #ifdef __cplusplus
 }
 #endif
-#define sp_1024_mont_sub_lower_avx2_16 sp_1024_mont_sub_avx2_16
 #ifdef __cplusplus
 extern "C" {
 #endif
-extern void sp_1024_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
+extern void sp_1024_mont_div2_avx2_16(sp_digit* r, const sp_digit* a, const sp_digit* m);
 #ifdef __cplusplus
 }
 #endif
@@ -95053,7 +95072,7 @@ static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024
     /* T2 = Y * Y */
     sp_1024_mont_sqr_avx2_16(t2, y, p1024_mod, p1024_mp_mod);
     /* T2 = T2/2 */
-    sp_1024_div2_avx2_16(t2, t2, p1024_mod);
+    sp_1024_mont_div2_avx2_16(t2, t2, p1024_mod);
     /* Y = Y * X */
     sp_1024_mont_mul_avx2_16(y, y, p->x, p1024_mod, p1024_mp_mod);
     /* X = T1 * T1 */
@@ -95063,7 +95082,7 @@ static void sp_1024_proj_point_dbl_avx2_16(sp_point_1024* r, const sp_point_1024
     /* X = X - Y */
     sp_1024_mont_sub_avx2_16(x, x, y, p1024_mod);
     /* Y = Y - X */
-    sp_1024_mont_sub_lower_avx2_16(y, y, x, p1024_mod);
+    sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
     /* Y = Y * T1 */
     sp_1024_mont_mul_avx2_16(y, y, t1, p1024_mod, p1024_mp_mod);
     /* Y = Y - T2 */
@@ -95086,7 +95105,8 @@ typedef struct sp_1024_proj_point_dbl_avx2_16_ctx {
  * p  Point to double.
  * t  Temporary ordinate data.
  */
-static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r, const sp_point_1024* p, sp_digit* t)
+static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024* r,
+        const sp_point_1024* p, sp_digit* t)
 {
     int err = FP_WOULDBLOCK;
     sp_1024_proj_point_dbl_avx2_16_ctx* ctx = (sp_1024_proj_point_dbl_avx2_16_ctx*)sp_ctx->data;
@@ -95160,7 +95180,7 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
         break;
     case 11:
         /* T2 = T2/2 */
-        sp_1024_div2_avx2_16(ctx->t2, ctx->t2, p1024_mod);
+        sp_1024_mont_div2_avx2_16(ctx->t2, ctx->t2, p1024_mod);
         ctx->state = 12;
         break;
     case 12:
@@ -95185,7 +95205,7 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
         break;
     case 16:
         /* Y = Y - X */
-        sp_1024_mont_sub_lower_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 17;
         break;
     case 17:
@@ -95210,8 +95230,6 @@ static int sp_1024_proj_point_dbl_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
     return err;
 }
 #endif /* WOLFSSL_SP_NONBLOCK */
-#define sp_1024_mont_dbl_lower_avx2_16 sp_1024_mont_dbl_avx2_16
-#define sp_1024_mont_tpl_lower_avx2_16 sp_1024_mont_tpl_avx2_16
 /* Double the Montgomery form projective point p a number of times.
  *
  * r  Result of repeated doubling of point.
@@ -95250,7 +95268,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95259,8 +95277,8 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
         sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
         sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
         /* t1 = Y^4 */
@@ -95280,7 +95298,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
     /* A = 3*(X^2 - W) */
     sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-    sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+    sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
     /* B = X*Y^2 */
     sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
     sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95289,8 +95307,8 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
     sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
     sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
     /* B = 2.(B - X) */
-    sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
-    sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+    sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+    sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
     /* Z = Z*Y */
     sp_1024_mont_mul_avx2_16(z, z, y, p1024_mod, p1024_mp_mod);
     /* t1 = Y^4 */
@@ -95300,7 +95318,7 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
     sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
 #endif /* WOLFSSL_SP_SMALL */
     /* Y = Y/2 */
-    sp_1024_div2_avx2_16(y, y, p1024_mod);
+    sp_1024_mont_div2_avx2_16(y, y, p1024_mod);
 }
 
 
@@ -95314,12 +95332,12 @@ static void sp_1024_proj_point_dbl_n_avx2_16(sp_point_1024* p, int i,
 static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
         const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t6 = t;
+    sp_digit* t1 = t + 2*16;
+    sp_digit* t2 = t + 4*16;
+    sp_digit* t3 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* U1 = X1*Z2^2 */
     sp_1024_mont_sqr_avx2_16(t1, q->z, p1024_mod, p1024_mp_mod);
@@ -95341,17 +95359,9 @@ static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_avx2_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t6;
         sp_digit* y = t1;
         sp_digit* z = t2;
-        int i;
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
 
         /* H = U2 - U1 */
         sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
@@ -95370,20 +95380,31 @@ static void sp_1024_proj_point_add_avx2_16(sp_point_1024* r,
         sp_1024_mont_dbl_avx2_16(t3, y, p1024_mod);
         sp_1024_mont_sub_avx2_16(x, x, t3, p1024_mod);
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_avx2_16(y, y, x, p1024_mod);
+        sp_1024_mont_sub_avx2_16(y, y, x, p1024_mod);
         sp_1024_mont_mul_avx2_16(y, y, t4, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_avx2_16(y, y, t5, p1024_mod);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -95429,12 +95450,12 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
 
     switch (ctx->state) {
     case 0: /* INIT */
-        ctx->t1 = t;
-        ctx->t2 = t + 2*16;
-        ctx->t3 = t + 4*16;
-        ctx->t4 = t + 6*16;
-        ctx->t5 = t + 8*16;
-        ctx->t6 = t + 10*16;
+        ctx->t6 = t;
+        ctx->t1 = t + 2*16;
+        ctx->t2 = t + 4*16;
+        ctx->t3 = t + 6*16;
+        ctx->t4 = t + 8*16;
+        ctx->t5 = t + 10*16;
         ctx->x = ctx->t6;
         ctx->y = ctx->t1;
         ctx->z = ctx->t2;
@@ -95541,7 +95562,7 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
         break;
     case 21:
         /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
-        sp_1024_mont_sub_lower_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
+        sp_1024_mont_sub_avx2_16(ctx->y, ctx->y, ctx->x, p1024_mod);
         ctx->state = 22;
         break;
     case 22:
@@ -95554,22 +95575,28 @@ static int sp_1024_proj_point_add_avx2_16_nb(sp_ecc_ctx_t* sp_ctx, sp_point_1024
         break;
     case 24:
     {
-        int i;
-        sp_digit maskp = 0 - (q->infinity & (!p->infinity));
-        sp_digit maskq = 0 - (p->infinity & (!q->infinity));
-        sp_digit maskt = ~(maskp | maskq);
-
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (ctx->x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (ctx->y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (ctx->z[i] & maskt);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (ctx->x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (ctx->y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (ctx->z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
         ctx->state = 25;
         break;
     }
@@ -95628,7 +95655,7 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
         /* A = 3*(X^2 - W) */
         sp_1024_mont_sqr_avx2_16(t1, x, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_avx2_16(t1, t1, w, p1024_mod);
-        sp_1024_mont_tpl_lower_avx2_16(a, t1, p1024_mod);
+        sp_1024_mont_tpl_avx2_16(a, t1, p1024_mod);
         /* B = X*Y^2 */
         sp_1024_mont_sqr_avx2_16(t1, y, p1024_mod, p1024_mp_mod);
         sp_1024_mont_mul_avx2_16(b, t1, x, p1024_mod, p1024_mp_mod);
@@ -95638,8 +95665,8 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
         sp_1024_mont_dbl_avx2_16(t2, b, p1024_mod);
         sp_1024_mont_sub_avx2_16(x, x, t2, p1024_mod);
         /* B = 2.(B - X) */
-        sp_1024_mont_sub_lower_avx2_16(t2, b, x, p1024_mod);
-        sp_1024_mont_dbl_lower_avx2_16(b, t2, p1024_mod);
+        sp_1024_mont_sub_avx2_16(t2, b, x, p1024_mod);
+        sp_1024_mont_dbl_avx2_16(b, t2, p1024_mod);
         /* Z = Z*Y */
         sp_1024_mont_mul_avx2_16(r[j].z, z, y, p1024_mod, p1024_mp_mod);
         z = r[j].z;
@@ -95653,7 +95680,7 @@ static void sp_1024_proj_point_dbl_n_store_avx2_16(sp_point_1024* r,
         sp_1024_mont_mul_avx2_16(y, b, a, p1024_mod, p1024_mp_mod);
         sp_1024_mont_sub_avx2_16(y, y, t1, p1024_mod);
         /* Y = Y/2 */
-        sp_1024_div2_avx2_16(r[j].y, y, p1024_mod);
+        sp_1024_mont_div2_avx2_16(r[j].y, y, p1024_mod);
         r[j].infinity = 0;
     }
 }
@@ -95727,8 +95754,8 @@ static void sp_1024_proj_point_add_sub_avx2_16(sp_point_1024* ra,
     sp_1024_mont_sub_avx2_16(xs, xs, t1, p1024_mod);
     /* Y3 = R*(U1*H^2 - X3) - S1*H^3 */
     /* YS = -RS*(U1*H^2 - XS) - S1*H^3 */
-    sp_1024_mont_sub_lower_avx2_16(ys, ya, xs, p1024_mod);
-    sp_1024_mont_sub_lower_avx2_16(ya, ya, xa, p1024_mod);
+    sp_1024_mont_sub_avx2_16(ys, ya, xs, p1024_mod);
+    sp_1024_mont_sub_avx2_16(ya, ya, xa, p1024_mod);
     sp_1024_mont_mul_avx2_16(ya, ya, t4, p1024_mod, p1024_mp_mod);
     sp_1024_mont_sub_avx2_16(t6, p1024_mod, t6, p1024_mod);
     sp_1024_mont_mul_avx2_16(ys, ys, t6, p1024_mod, p1024_mp_mod);
@@ -95777,7 +95804,7 @@ static int sp_1024_ecc_mulmod_win_add_sub_avx2_16(sp_point_1024* r, const sp_poi
     (void)heap;
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 
+    t = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) *
         (65+2), heap, DYNAMIC_TYPE_ECC);
     if (t == NULL)
         err = MEMORY_E;
@@ -95907,12 +95934,12 @@ typedef struct sp_table_entry_1024 {
 static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*16;
+    sp_digit* t6 = t + 4*16;
+    sp_digit* t1 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -95928,13 +95955,9 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_16(t2, t2, p->x, p1024_mod);
@@ -95943,33 +95966,40 @@ static void sp_1024_proj_point_add_qz1_16(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_16(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_16(t1, t3, p1024_mod);
-        sp_1024_mont_sub_16(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_16(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_16(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_16(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_16(t5, t3, p1024_mod);
+        sp_1024_mont_sub_16(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_16(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_16(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_16(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_16(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -96221,7 +96251,7 @@ static THREAD_LS_T int sp_cache_1024_inited = 0;
 
 /* Get the cache entry for the point.
  *
- * g      [in]   Point scalar multipling.
+ * g      [in]   Point scalar multiplying.
  * cache  [out]  Cache table to use.
  */
 static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cache)
@@ -96292,8 +96322,8 @@ static void sp_ecc_get_cache_1024(const sp_point_1024* g, sp_cache_1024_t** cach
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_win_add_sub_16(r, g, k, map, ct, heap);
@@ -96364,12 +96394,12 @@ static int sp_1024_ecc_mulmod_16(sp_point_1024* r, const sp_point_1024* g, const
 static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
     const sp_point_1024* p, const sp_point_1024* q, sp_digit* t)
 {
-    sp_digit* t1 = t;
-    sp_digit* t2 = t + 2*16;
-    sp_digit* t3 = t + 4*16;
-    sp_digit* t4 = t + 6*16;
-    sp_digit* t5 = t + 8*16;
-    sp_digit* t6 = t + 10*16;
+    sp_digit* t2 = t;
+    sp_digit* t3 = t + 2*16;
+    sp_digit* t6 = t + 4*16;
+    sp_digit* t1 = t + 6*16;
+    sp_digit* t4 = t + 8*16;
+    sp_digit* t5 = t + 10*16;
 
     /* Calculate values to subtract from P->x and P->y. */
     /* U2 = X2*Z1^2 */
@@ -96385,13 +96415,9 @@ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
         sp_1024_proj_point_dbl_avx2_16(r, p, t);
     }
     else {
-        sp_digit maskp;
-        sp_digit maskq;
-        sp_digit maskt;
         sp_digit* x = t2;
-        sp_digit* y = t5;
+        sp_digit* y = t3;
         sp_digit* z = t6;
-        int i;
 
         /* H = U2 - X1 */
         sp_1024_mont_sub_avx2_16(t2, t2, p->x, p1024_mod);
@@ -96400,33 +96426,40 @@ static void sp_1024_proj_point_add_qz1_avx2_16(sp_point_1024* r,
         /* Z3 = H*Z1 */
         sp_1024_mont_mul_avx2_16(z, p->z, t2, p1024_mod, p1024_mp_mod);
         /* X3 = R^2 - H^3 - 2*X1*H^2 */
-        sp_1024_mont_sqr_avx2_16(t1, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sqr_avx2_16(t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t3, p->x, t5, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t5, t5, t2, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(x, t1, t5, p1024_mod);
-        sp_1024_mont_dbl_avx2_16(t1, t3, p1024_mod);
-        sp_1024_mont_sub_avx2_16(x, x, t1, p1024_mod);
+        sp_1024_mont_sqr_avx2_16(t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_avx2_16(t3, p->x, t1, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_mul_avx2_16(t1, t1, t2, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sqr_avx2_16(t2, t4, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_avx2_16(t2, t2, t1, p1024_mod);
+        sp_1024_mont_dbl_avx2_16(t5, t3, p1024_mod);
+        sp_1024_mont_sub_avx2_16(x, t2, t5, p1024_mod);
         /* Y3 = R*(X1*H^2 - X3) - Y1*H^3 */
-        sp_1024_mont_sub_lower_avx2_16(t3, t3, x, p1024_mod);
+        sp_1024_mont_sub_avx2_16(t3, t3, x, p1024_mod);
         sp_1024_mont_mul_avx2_16(t3, t3, t4, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_mul_avx2_16(t5, t5, p->y, p1024_mod, p1024_mp_mod);
-        sp_1024_mont_sub_avx2_16(y, t3, t5, p1024_mod);
-
-        maskp = 0 - (q->infinity & (!p->infinity));
-        maskq = 0 - (p->infinity & (!q->infinity));
-        maskt = ~(maskp | maskq);
-        for (i = 0; i < 16; i++) {
-            r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) | (x[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) | (y[i] & maskt);
-        }
-        for (i = 0; i < 16; i++) {
-            r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) | (z[i] & maskt);
+        sp_1024_mont_mul_avx2_16(t1, t1, p->y, p1024_mod, p1024_mp_mod);
+        sp_1024_mont_sub_avx2_16(y, t3, t1, p1024_mod);
+        {
+            int i;
+            sp_digit maskp = 0 - (q->infinity & (!p->infinity));
+            sp_digit maskq = 0 - (p->infinity & (!q->infinity));
+            sp_digit maskt = ~(maskp | maskq);
+            sp_digit inf = (sp_digit)(p->infinity & q->infinity);
+
+            for (i = 0; i < 16; i++) {
+                r->x[i] = (p->x[i] & maskp) | (q->x[i] & maskq) |
+                          (x[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->y[i] = (p->y[i] & maskp) | (q->y[i] & maskq) |
+                          (y[i] & maskt);
+            }
+            for (i = 0; i < 16; i++) {
+                r->z[i] = (p->z[i] & maskp) | (q->z[i] & maskq) |
+                          (z[i] & maskt);
+            }
+            r->z[0] |= inf;
+            r->infinity = (word32)inf;
         }
-        r->z[0] |= p->infinity & q->infinity;
-        r->infinity = p->infinity & q->infinity;
     }
 }
 
@@ -96656,8 +96689,8 @@ static int sp_1024_ecc_mulmod_stripe_avx2_16(sp_point_1024* r, const sp_point_10
  * heap  Heap to use for allocation.
  * returns MEMORY_E when memory allocation fails and MP_OKAY on success.
  */
-static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g, const sp_digit* k,
-        int map, int ct, void* heap)
+static int sp_1024_ecc_mulmod_avx2_16(sp_point_1024* r, const sp_point_1024* g,
+        const sp_digit* k, int map, int ct, void* heap)
 {
 #ifndef FP_ECC
     return sp_1024_ecc_mulmod_win_add_sub_avx2_16(r, g, k, map, ct, heap);
@@ -100214,7 +100247,7 @@ int sp_ecc_mulmod_base_1024(const mp_int* km, ecc_point* r, int map, void* heap)
  * the result. If map is true then convert result to affine coordinates.
  *
  * km      Scalar to multiply by.
- * am      Point to add to scalar mulitply result.
+ * am      Point to add to scalar multiply result.
  * inMont  Point to add is in montgomery form.
  * r       Resulting point.
  * map     Indicates whether to convert result to affine.
@@ -100239,7 +100272,7 @@ int sp_ecc_mulmod_base_add_1024(const mp_int* km, const ecc_point* am,
 #endif
 
 #ifdef WOLFSSL_SP_SMALL_STACK
-    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap, 
+    point = (sp_point_1024*)XMALLOC(sizeof(sp_point_1024) * 2, heap,
                                          DYNAMIC_TYPE_ECC);
     if (point == NULL)
         err = MEMORY_E;
@@ -100488,7 +100521,7 @@ int sp_ecc_mulmod_table_1024(const mp_int* km, const ecc_point* gm, byte* table,
     return err;
 }
 
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -100514,7 +100547,7 @@ static void sp_1024_proj_mul_qx1_16(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_16(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -102280,7 +102313,7 @@ static int sp_ModExp_Fp_star_x64_1024(const mp_int* base, mp_int* exp, mp_int* r
 
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef HAVE_INTEL_AVX2
-/* Multiply p* in projective co-ordinates by q*.
+/* Multiply p* in projective coordinates by q*.
  *
  * r.x = p.x - (p.y * q.y)
  * r.y = (p.x * q.y) + p.y
@@ -102306,7 +102339,7 @@ static void sp_1024_proj_mul_qx1_avx2_16(sp_digit* px, sp_digit* py,
     sp_1024_mont_add_avx2_16(py, t1, py, p1024_mod);
 }
 
-/* Square p* in projective co-ordinates.
+/* Square p* in projective coordinates.
  *
  *   px' = (p.x + p.y) * (p.x - p.y) = p.x^2 - p.y^2
  *   py' = 2 * p.x * p.y
@@ -102559,7 +102592,7 @@ int sp_ModExp_Fp_star_1024(const mp_int* base, mp_int* exp, mp_int* res)
    return err;
 }
 
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -102674,7 +102707,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_16(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_16(t1, ty, p1024_mod);
+    sp_1024_mont_div2_16(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -102694,7 +102727,7 @@ static void sp_1024_accumulate_line_dbl_16(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_16(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_16(t1, t1, p1024_mod);
+    sp_1024_mont_div2_16(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -103112,7 +103145,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_16(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_16(t1, ty, p1024_mod);
+        sp_1024_mont_div2_16(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_16(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -103150,7 +103183,7 @@ static void sp_1024_accumulate_line_dbl_n_16(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_16(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_16(p->y, p->y, p1024_mod);
 }
 
 /* Operations to perform based on order - 1.
@@ -103360,7 +103393,7 @@ static int sp_Pairing_x64_1024(const ecc_point* pm, const ecc_point* qm, mp_int*
 
 #endif /* WOLFSSL_SP_SMALL */
 #ifdef HAVE_INTEL_AVX2
-/* Multiply p* by q* in projective co-ordinates.
+/* Multiply p* by q* in projective coordinates.
  *
  *   p.x' = (p.x * q.x) - (p.y * q.y)
  *   p.y' = (p.x * q.y) + (p.y * q.x)
@@ -103475,7 +103508,7 @@ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy,
     /* ty = 4 * p.y ^ 2 */
     sp_1024_mont_sqr_avx2_16(ty, ry, p1024_mod, p1024_mp_mod);
     /* t1 = 2 * p.y ^ 2 */
-    sp_1024_div2_avx2_16(t1, ty, p1024_mod);
+    sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
     /* r.x -= 2 * (p.y ^ 2) */
     sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
     /* p'.z = p.y * 2 * p.z */
@@ -103495,7 +103528,7 @@ static void sp_1024_accumulate_line_dbl_avx2_16(sp_digit* vx, sp_digit* vy,
     /* t1 = (4 * p.y^2) ^ 2 = 16 * p.y^4 */
     sp_1024_mont_sqr_avx2_16(t1, ty, p1024_mod, p1024_mp_mod);
     /* t1 = 16 * p.y^4 / 2 = 8 * p.y^4 */
-    sp_1024_div2_avx2_16(t1, t1, p1024_mod);
+    sp_1024_mont_div2_avx2_16(t1, t1, p1024_mod);
     /* p'.y = 4 * p.y^2 * p.x */
     sp_1024_mont_mul_avx2_16(p->y, ty, p->x, p1024_mod, p1024_mp_mod);
     /* p'.x = l^2 */
@@ -103913,7 +103946,7 @@ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy,
         /* ty = py ^ 2 */
         sp_1024_mont_sqr_avx2_16(ty, p->y, p1024_mod, p1024_mp_mod);
         /* t1 = py ^ 2 / 2 */
-        sp_1024_div2_avx2_16(t1, ty, p1024_mod);
+        sp_1024_mont_div2_avx2_16(t1, ty, p1024_mod);
         /* r.x -= py ^ 2 / 2 */
         sp_1024_mont_sub_avx2_16(rx, rx, t1, p1024_mod);
         /* p'.z = py * pz */
@@ -103951,7 +103984,7 @@ static void sp_1024_accumulate_line_dbl_n_avx2_16(sp_digit* vx, sp_digit* vy,
     }
 
     /* p'.y = py' / 2 */
-    sp_1024_div2_avx2_16(p->y, p->y, p1024_mod);
+    sp_1024_mont_div2_avx2_16(p->y, p->y, p1024_mod);
 }
 
 /*
@@ -105375,7 +105408,7 @@ static void sp_1024_from_bin(sp_digit* r, int size, const byte* a, int n)
     }
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * point  EC point.
  * heap   Heap to use if dynamically allocating.
@@ -105404,19 +105437,21 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
     if (err == MP_OKAY) {
         t2 = t1 + 2 * 16;
 
+        /* y^2 - x^3 - a.x = b */
         sp_1024_sqr_16(t1, point->y);
         (void)sp_1024_mod_16(t1, t1, p1024_mod);
         sp_1024_sqr_16(t2, point->x);
         (void)sp_1024_mod_16(t2, t2, p1024_mod);
         sp_1024_mul_16(t2, t2, point->x);
         (void)sp_1024_mod_16(t2, t2, p1024_mod);
-        (void)sp_1024_sub_16(t2, p1024_mod, t2);
-        sp_1024_mont_add_16(t1, t1, t2, p1024_mod);
+        sp_1024_mont_sub_16(t1, t1, t2, p1024_mod);
 
+        /* y^2 - x^3 + 3.x = b, when a = -3  */
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
         sp_1024_mont_add_16(t1, t1, point->x, p1024_mod);
 
+
         n = sp_1024_cmp_16(t1, p1024_mod);
         sp_1024_cond_sub_16(t1, t1, p1024_mod, ~(n >> 63));
         sp_1024_norm_16(t1);
@@ -105433,7 +105468,7 @@ static int sp_1024_ecc_is_point_16(const sp_point_1024* point,
     return err;
 }
 
-/* Check that the x and y oridinates are a valid point on the curve.
+/* Check that the x and y ordinates are a valid point on the curve.
  *
  * pX  X ordinate of EC point.
  * pY  Y ordinate of EC point.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
index 31db0102..6879391d 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.S
@@ -1,5 +1,5 @@
-/* sp_x86_64_asm
- *
+/* sp_x86_64_asm.S */
+/*
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
  * This file is part of wolfSSL.
@@ -55378,11 +55378,12 @@ _sp_256_mul_avx2_4:
         pushq	%rbx
         movq	%rdx, %rbp
         movq	(%rsi), %rdx
+        movq	8(%rbp), %r14
         # A[0] * B[0]
         mulxq	(%rbp), %r8, %r9
         xorq	%rbx, %rbx
         # A[0] * B[1]
-        mulxq	8(%rbp), %rax, %r10
+        mulxq	%r14, %rax, %r10
         adcxq	%rax, %r9
         # A[0] * B[2]
         mulxq	16(%rbp), %rax, %r11
@@ -55397,7 +55398,7 @@ _sp_256_mul_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r9
         # A[1] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r10
         adcxq	%rax, %r10
         # A[1] * B[2]
@@ -55416,7 +55417,7 @@ _sp_256_mul_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r10
         # A[2] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r11
         adcxq	%rax, %r11
         # A[2] * B[2]
@@ -55805,7 +55806,7 @@ _sp_256_cond_copy_4:
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -55981,11 +55982,10 @@ _sp_256_mont_mul_4:
         adcq	$0x00, %rbx
         sbbq	$0x00, %r9
         movq	$0xffffffff00000001, %rsi
-        movq	%r9, %rax
         # mask m and sub from result if overflow
         #  m[0] = -1 & mask = mask
-        shrq	$32, %rax
         #  m[2] =  0 & mask = 0
+        movl	%r9d, %eax
         andq	%r9, %rsi
         subq	%r9, %r13
         sbbq	%rax, %r14
@@ -56009,7 +56009,7 @@ _sp_256_mont_mul_4:
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -56163,11 +56163,10 @@ _sp_256_mont_sqr_4:
         adcq	$0x00, %r15
         sbbq	$0x00, %r8
         movq	$0xffffffff00000001, %rsi
-        movq	%r8, %rax
         # mask m and sub from result if overflow
         #  m[0] = -1 & mask = mask
-        shrq	$32, %rax
         #  m[2] =  0 & mask = 0
+        movl	%r8d, %eax
         andq	%r8, %rsi
         subq	%r8, %r12
         sbbq	%rax, %r13
@@ -56388,11 +56387,10 @@ _sp_256_mont_reduce_4:
         adcq	$0x00, %r15
         sbbq	$0x00, %r8
         movq	$0xffffffff00000001, %rbx
-        movq	%r8, %rax
         # mask m and sub from result if overflow
         #  m[0] = -1 & mask = mask
-        shrq	$32, %rax
         #  m[2] =  0 & mask = 0
+        movl	%r8d, %eax
         andq	%r8, %rbx
         subq	%r8, %r12
         sbbq	%rax, %r13
@@ -56543,13 +56541,12 @@ _sp_256_mont_add_4:
         movq	16(%rsi), %r8
         movq	24(%rsi), %r9
         addq	(%rdx), %rax
-        movq	$0xffffffff, %r10
         adcq	8(%rdx), %rcx
         movq	$0xffffffff00000001, %r11
         adcq	16(%rdx), %r8
         adcq	24(%rdx), %r9
         sbbq	%rsi, %rsi
-        andq	%rsi, %r10
+        movl	%esi, %r10d
         andq	%rsi, %r11
         subq	%rsi, %rax
         sbbq	%r10, %rcx
@@ -56593,13 +56590,13 @@ _sp_256_mont_dbl_4:
         movq	16(%rsi), %rcx
         movq	24(%rsi), %r8
         addq	%rdx, %rdx
-        movq	$0xffffffff, %r9
         adcq	%rax, %rax
         movq	$0xffffffff00000001, %r10
         adcq	%rcx, %rcx
+        movq	%r8, %r11
         adcq	%r8, %r8
-        sbbq	%r11, %r11
-        andq	%r11, %r9
+        sarq	$63, %r11
+        movl	%r11d, %r9d
         andq	%r11, %r10
         subq	%r11, %rdx
         sbbq	%r9, %rax
@@ -56643,13 +56640,12 @@ _sp_256_mont_tpl_4:
         movq	16(%rsi), %rcx
         movq	24(%rsi), %r8
         addq	%rdx, %rdx
-        movq	$0xffffffff, %r9
         adcq	%rax, %rax
         movq	$0xffffffff00000001, %r10
         adcq	%rcx, %rcx
         adcq	%r8, %r8
         sbbq	%r11, %r11
-        andq	%r11, %r9
+        movl	%r11d, %r9d
         andq	%r11, %r10
         subq	%r11, %rdx
         sbbq	%r9, %rax
@@ -56663,13 +56659,12 @@ _sp_256_mont_tpl_4:
         sbbq	$0x00, %rcx
         sbbq	%r10, %r8
         addq	(%rsi), %rdx
-        movq	$0xffffffff, %r9
         adcq	8(%rsi), %rax
         movq	$0xffffffff00000001, %r10
         adcq	16(%rsi), %rcx
         adcq	24(%rsi), %r8
-        sbbq	%r11, %r11
-        andq	%r11, %r9
+        sbbq	$0x00, %r11
+        movl	%r11d, %r9d
         andq	%r11, %r10
         subq	%r11, %rdx
         sbbq	%r9, %rax
@@ -56714,13 +56709,12 @@ _sp_256_mont_sub_4:
         movq	16(%rsi), %r8
         movq	24(%rsi), %r9
         subq	(%rdx), %rax
-        movq	$0xffffffff, %r10
         sbbq	8(%rdx), %rcx
         movq	$0xffffffff00000001, %r11
         sbbq	16(%rdx), %r8
         sbbq	24(%rdx), %r9
         sbbq	%rsi, %rsi
-        andq	%rsi, %r10
+        movl	%esi, %r10d
         andq	%rsi, %r11
         addq	%rsi, %rax
         adcq	%r10, %rcx
@@ -56741,52 +56735,6 @@ _sp_256_mont_sub_4:
 #ifndef __APPLE__
 .size	sp_256_mont_sub_4,.-sp_256_mont_sub_4
 #endif /* __APPLE__ */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * b is less than the modulus.
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_256_mont_sub_lower_4
-.type	sp_256_mont_sub_lower_4,@function
-.align	16
-sp_256_mont_sub_lower_4:
-#else
-.section	__TEXT,__text
-.globl	_sp_256_mont_sub_lower_4
-.p2align	4
-_sp_256_mont_sub_lower_4:
-#endif /* __APPLE__ */
-        movq	(%rsi), %rax
-        movq	8(%rsi), %rcx
-        movq	16(%rsi), %r8
-        movq	24(%rsi), %r9
-        subq	(%rdx), %rax
-        movq	$0xffffffff, %r10
-        sbbq	8(%rdx), %rcx
-        movq	$0xffffffff00000001, %r11
-        sbbq	16(%rdx), %r8
-        sbbq	24(%rdx), %r9
-        sbbq	%rsi, %rsi
-        andq	%rsi, %r10
-        andq	%rsi, %r11
-        addq	%rsi, %rax
-        adcq	%r10, %rcx
-        movq	%rax, (%rdi)
-        adcq	$0x00, %r8
-        movq	%rcx, 8(%rdi)
-        adcq	%r11, %r9
-        movq	%r8, 16(%rdi)
-        movq	%r9, 24(%rdi)
-        repz retq
-#ifndef __APPLE__
-.size	sp_256_mont_sub_lower_4,.-sp_256_mont_sub_lower_4
-#endif /* __APPLE__ */
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
@@ -56795,26 +56743,25 @@ _sp_256_mont_sub_lower_4:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_256_div2_4
-.type	sp_256_div2_4,@function
+.globl	sp_256_mont_div2_4
+.type	sp_256_mont_div2_4,@function
 .align	16
-sp_256_div2_4:
+sp_256_mont_div2_4:
 #else
 .section	__TEXT,__text
-.globl	_sp_256_div2_4
+.globl	_sp_256_mont_div2_4
 .p2align	4
-_sp_256_div2_4:
+_sp_256_mont_div2_4:
 #endif /* __APPLE__ */
         movq	(%rsi), %rdx
         movq	8(%rsi), %rax
         movq	16(%rsi), %rcx
         movq	24(%rsi), %r8
-        movq	$0xffffffff, %r9
         movq	$0xffffffff00000001, %r10
         movq	%rdx, %r11
         andq	$0x01, %r11
         negq	%r11
-        andq	%r11, %r9
+        movl	%r11d, %r9d
         andq	%r11, %r10
         addq	%r11, %rdx
         adcq	%r9, %rax
@@ -56832,72 +56779,7 @@ _sp_256_div2_4:
         movq	%r8, 24(%rdi)
         repz retq
 #ifndef __APPLE__
-.size	sp_256_div2_4,.-sp_256_div2_4
-#endif /* __APPLE__ */
-/* Triple a Montgomery form number (r = a + a + a % m).
- *
- * a is less than m.
- *
- * r   Result of Tripling.
- * a   Number to triple in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_256_mont_tpl_lower_4
-.type	sp_256_mont_tpl_lower_4,@function
-.align	16
-sp_256_mont_tpl_lower_4:
-#else
-.section	__TEXT,__text
-.globl	_sp_256_mont_tpl_lower_4
-.p2align	4
-_sp_256_mont_tpl_lower_4:
-#endif /* __APPLE__ */
-        movq	(%rsi), %rdx
-        movq	8(%rsi), %rax
-        movq	16(%rsi), %rcx
-        movq	24(%rsi), %r8
-        addq	%rdx, %rdx
-        movq	$0xffffffff, %r9
-        adcq	%rax, %rax
-        movq	$0xffffffff00000001, %r10
-        adcq	%rcx, %rcx
-        adcq	%r8, %r8
-        sbbq	%r11, %r11
-        andq	%r11, %r9
-        andq	%r11, %r10
-        subq	%r11, %rdx
-        sbbq	%r9, %rax
-        sbbq	$0x00, %rcx
-        sbbq	%r10, %r8
-        addq	(%rsi), %rdx
-        movq	$0xffffffff, %r9
-        adcq	8(%rsi), %rax
-        movq	$0xffffffff00000001, %r10
-        adcq	16(%rsi), %rcx
-        adcq	24(%rsi), %r8
-        sbbq	%r11, %r11
-        andq	%r11, %r9
-        andq	%r11, %r10
-        subq	%r11, %rdx
-        sbbq	%r9, %rax
-        sbbq	$0x00, %rcx
-        sbbq	%r10, %r8
-        adcq	$0x00, %r11
-        andq	%r11, %r9
-        andq	%r11, %r10
-        subq	%r11, %rdx
-        sbbq	%r9, %rax
-        movq	%rdx, (%rdi)
-        sbbq	$0x00, %rcx
-        movq	%rax, 8(%rdi)
-        sbbq	%r10, %r8
-        movq	%rcx, 16(%rdi)
-        movq	%r8, 24(%rdi)
-        repz retq
-#ifndef __APPLE__
-.size	sp_256_mont_tpl_lower_4,.-sp_256_mont_tpl_lower_4
+.size	sp_256_mont_div2_4,.-sp_256_mont_div2_4
 #endif /* __APPLE__ */
 /* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m).
  *
@@ -56908,15 +56790,15 @@ _sp_256_mont_tpl_lower_4:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_256_mont_sub_dbl_4
-.type	sp_256_mont_sub_dbl_4,@function
+.globl	sp_256_mont_rsb_sub_dbl_4
+.type	sp_256_mont_rsb_sub_dbl_4,@function
 .align	16
-sp_256_mont_sub_dbl_4:
+sp_256_mont_rsb_sub_dbl_4:
 #else
 .section	__TEXT,__text
-.globl	_sp_256_mont_sub_dbl_4
+.globl	_sp_256_mont_rsb_sub_dbl_4
 .p2align	4
-_sp_256_mont_sub_dbl_4:
+_sp_256_mont_rsb_sub_dbl_4:
 #endif /* __APPLE__ */
         pushq	%r12
         pushq	%r13
@@ -56931,42 +56813,40 @@ _sp_256_mont_sub_dbl_4:
         movq	16(%rdx), %r12
         movq	24(%rdx), %r13
         addq	%r10, %r10
-        movq	$0xffffffff, %r14
         adcq	%r11, %r11
         movq	$0xffffffff00000001, %r15
         adcq	%r12, %r12
         adcq	%r13, %r13
-        sbbq	%rdx, %rdx
-        andq	%rdx, %r14
-        andq	%rdx, %r15
-        subq	%rdx, %r10
+        sbbq	%rsi, %rsi
+        movl	%esi, %r14d
+        andq	%rsi, %r15
+        subq	%rsi, %r10
         sbbq	%r14, %r11
         sbbq	$0x00, %r12
         sbbq	%r15, %r13
-        adcq	$0x00, %rdx
-        andq	%rdx, %r14
-        andq	%rdx, %r15
-        subq	%rdx, %r10
+        adcq	$0x00, %rsi
+        andq	%rsi, %r14
+        andq	%rsi, %r15
+        subq	%rsi, %r10
         sbbq	%r14, %r11
         sbbq	$0x00, %r12
         sbbq	%r15, %r13
         subq	%r10, %rax
-        movq	$0xffffffff, %r14
         sbbq	%r11, %rcx
         movq	$0xffffffff00000001, %r15
         sbbq	%r12, %r8
         sbbq	%r13, %r9
-        sbbq	%rdx, %rdx
-        andq	%rdx, %r14
-        andq	%rdx, %r15
-        addq	%rdx, %rax
+        sbbq	$0x00, %rsi
+        movl	%esi, %r14d
+        andq	%rsi, %r15
+        addq	%rsi, %rax
         adcq	%r14, %rcx
         adcq	$0x00, %r8
         adcq	%r15, %r9
-        adcq	$0x00, %rdx
-        andq	%rdx, %r14
-        andq	%rdx, %r15
-        addq	%rdx, %rax
+        adcq	$0x00, %rsi
+        andq	%rsi, %r14
+        andq	%rsi, %r15
+        addq	%rsi, %rax
         adcq	%r14, %rcx
         movq	%rax, (%rdi)
         adcq	$0x00, %r8
@@ -56974,79 +56854,46 @@ _sp_256_mont_sub_dbl_4:
         adcq	%r15, %r9
         movq	%r8, 16(%rdi)
         movq	%r9, 24(%rdi)
+        movq	(%rdx), %r10
+        movq	8(%rdx), %r11
+        movq	16(%rdx), %r12
+        movq	24(%rdx), %r13
+        subq	%rax, %r10
+        sbbq	%rcx, %r11
+        movq	$0xffffffff00000001, %r15
+        sbbq	%r8, %r12
+        sbbq	%r9, %r13
+        sbbq	%rsi, %rsi
+        movl	%esi, %r14d
+        andq	%rsi, %r15
+        addq	%rsi, %r10
+        adcq	%r14, %r11
+        adcq	$0x00, %r12
+        adcq	%r15, %r13
+        adcq	$0x00, %rsi
+        andq	%rsi, %r14
+        andq	%rsi, %r15
+        addq	%rsi, %r10
+        adcq	%r14, %r11
+        movq	%r10, (%rdx)
+        adcq	$0x00, %r12
+        movq	%r11, 8(%rdx)
+        adcq	%r15, %r13
+        movq	%r12, 16(%rdx)
+        movq	%r13, 24(%rdx)
         popq	%r15
         popq	%r14
         popq	%r13
         popq	%r12
         repz retq
 #ifndef __APPLE__
-.size	sp_256_mont_sub_dbl_4,.-sp_256_mont_sub_dbl_4
-#endif /* __APPLE__ */
-/* Two Montgomery numbers, subtract second from first and double.
- * (r = 2.(a - b) % m).
- *
- * b must have came from a mont_sub operation.
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_256_mont_dbl_sub_4
-.type	sp_256_mont_dbl_sub_4,@function
-.align	16
-sp_256_mont_dbl_sub_4:
-#else
-.section	__TEXT,__text
-.globl	_sp_256_mont_dbl_sub_4
-.p2align	4
-_sp_256_mont_dbl_sub_4:
-#endif /* __APPLE__ */
-        movq	(%rsi), %rax
-        movq	8(%rsi), %rcx
-        movq	16(%rsi), %r8
-        movq	24(%rsi), %r9
-        subq	(%rdx), %rax
-        movq	$0xffffffff, %r10
-        sbbq	8(%rdx), %rcx
-        movq	$0xffffffff00000001, %r11
-        sbbq	16(%rdx), %r8
-        sbbq	24(%rdx), %r9
-        sbbq	%rdx, %rdx
-        andq	%rdx, %r10
-        andq	%rdx, %r11
-        addq	%rdx, %rax
-        adcq	%r10, %rcx
-        adcq	$0x00, %r8
-        adcq	%r11, %r9
-        addq	%rax, %rax
-        movq	$0xffffffff, %r10
-        adcq	%rcx, %rcx
-        movq	$0xffffffff00000001, %r11
-        adcq	%r8, %r8
-        adcq	%r9, %r9
-        sbbq	%rdx, %rdx
-        andq	%rdx, %r10
-        andq	%rdx, %r11
-        subq	%rdx, %rax
-        sbbq	%r10, %rcx
-        movq	%rax, (%rdi)
-        sbbq	$0x00, %r8
-        movq	%rcx, 8(%rdi)
-        sbbq	%r11, %r9
-        movq	%r8, 16(%rdi)
-        movq	%r9, 24(%rdi)
-        repz retq
-#ifndef __APPLE__
-.size	sp_256_mont_dbl_sub_4,.-sp_256_mont_dbl_sub_4
+.size	sp_256_mont_rsb_sub_dbl_4,.-sp_256_mont_rsb_sub_dbl_4
 #endif /* __APPLE__ */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -57115,7 +56962,7 @@ L_256_get_point_33_4_start_1:
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -57174,7 +57021,7 @@ L_256_get_point_33_avx2_4_start:
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -57196,11 +57043,12 @@ _sp_256_mont_mul_avx2_4:
         pushq	%rbx
         movq	%rdx, %rbp
         movq	(%rsi), %rdx
+        movq	8(%rbp), %r14
         # A[0] * B[0]
         mulxq	(%rbp), %r8, %r9
         xorq	%rbx, %rbx
         # A[0] * B[1]
-        mulxq	8(%rbp), %rax, %r10
+        mulxq	%r14, %rax, %r10
         adcxq	%rax, %r9
         # A[0] * B[2]
         mulxq	16(%rbp), %rax, %r11
@@ -57215,7 +57063,7 @@ _sp_256_mont_mul_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r9
         # A[1] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r10
         adcxq	%rax, %r10
         # A[1] * B[2]
@@ -57234,7 +57082,7 @@ _sp_256_mont_mul_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r10
         # A[2] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r11
         adcxq	%rax, %r11
         # A[2] * B[2]
@@ -57324,11 +57172,10 @@ _sp_256_mont_mul_avx2_4:
         adcq	$0x00, %r15
         sbbq	$0x00, %r8
         movq	$0xffffffff00000001, %rsi
-        movq	%r8, %rax
         # mask m and sub from result if overflow
         #  m[0] = -1 & mask = mask
-        shrq	$32, %rax
         #  m[2] =  0 & mask = 0
+        movl	%r8d, %eax
         andq	%r8, %rsi
         subq	%r8, %r12
         sbbq	%rax, %r13
@@ -57355,7 +57202,7 @@ _sp_256_mont_mul_avx2_4:
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -57489,11 +57336,10 @@ _sp_256_mont_sqr_avx2_4:
         adcq	$0x00, %r15
         sbbq	$0x00, %r8
         movq	$0xffffffff00000001, %rsi
-        movq	%r8, %rax
         # mask m and sub from result if overflow
         #  m[0] = -1 & mask = mask
-        shrq	$32, %rax
         #  m[2] =  0 & mask = 0
+        movl	%r8d, %eax
         andq	%r8, %rsi
         subq	%r8, %r12
         sbbq	%rax, %r13
@@ -57577,15 +57423,15 @@ _sp_256_cond_sub_avx2_4:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_256_mont_reduce_avx2_order_4
-.type	sp_256_mont_reduce_avx2_order_4,@function
+.globl	sp_256_mont_reduce_order_avx2_4
+.type	sp_256_mont_reduce_order_avx2_4,@function
 .align	16
-sp_256_mont_reduce_avx2_order_4:
+sp_256_mont_reduce_order_avx2_4:
 #else
 .section	__TEXT,__text
-.globl	_sp_256_mont_reduce_avx2_order_4
+.globl	_sp_256_mont_reduce_order_avx2_4
 .p2align	4
-_sp_256_mont_reduce_avx2_order_4:
+_sp_256_mont_reduce_order_avx2_4:
 #endif /* __APPLE__ */
         pushq	%r12
         pushq	%r13
@@ -57729,7 +57575,7 @@ _sp_256_mont_reduce_avx2_order_4:
         popq	%r12
         repz retq
 #ifndef __APPLE__
-.size	sp_256_mont_reduce_avx2_order_4,.-sp_256_mont_reduce_avx2_order_4
+.size	sp_256_mont_reduce_order_avx2_4,.-sp_256_mont_reduce_order_avx2_4
 #endif /* __APPLE__ */
 #endif /* HAVE_INTEL_AVX2 */
 #ifdef HAVE_INTEL_AVX2
@@ -57741,26 +57587,25 @@ _sp_256_mont_reduce_avx2_order_4:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_256_div2_avx2_4
-.type	sp_256_div2_avx2_4,@function
+.globl	sp_256_mont_div2_avx2_4
+.type	sp_256_mont_div2_avx2_4,@function
 .align	16
-sp_256_div2_avx2_4:
+sp_256_mont_div2_avx2_4:
 #else
 .section	__TEXT,__text
-.globl	_sp_256_div2_avx2_4
+.globl	_sp_256_mont_div2_avx2_4
 .p2align	4
-_sp_256_div2_avx2_4:
+_sp_256_mont_div2_avx2_4:
 #endif /* __APPLE__ */
         movq	(%rsi), %rdx
         movq	8(%rsi), %rax
         movq	16(%rsi), %rcx
         movq	24(%rsi), %r8
-        movq	$0xffffffff, %r9
         movq	$0xffffffff00000001, %r10
         movq	%rdx, %r11
         andq	$0x01, %r11
         negq	%r11
-        andq	%r11, %r9
+        movl	%r11d, %r9d
         andq	%r11, %r10
         addq	%r11, %rdx
         adcq	%r9, %rax
@@ -57778,14 +57623,14 @@ _sp_256_div2_avx2_4:
         movq	%r8, 24(%rdi)
         repz retq
 #ifndef __APPLE__
-.size	sp_256_div2_avx2_4,.-sp_256_div2_avx2_4
+.size	sp_256_mont_div2_avx2_4,.-sp_256_mont_div2_avx2_4
 #endif /* __APPLE__ */
 #endif /* HAVE_INTEL_AVX2 */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -57845,7 +57690,7 @@ L_256_get_entry_64_4_start_0:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -57895,7 +57740,7 @@ L_256_get_entry_64_avx2_4_start:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -57955,7 +57800,7 @@ L_256_get_entry_65_4_start_0:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -58463,11 +58308,12 @@ _sp_256_mont_mul_order_avx2_4:
         pushq	%rbx
         movq	%rdx, %rbp
         movq	(%rsi), %rdx
+        movq	8(%rbp), %r14
         # A[0] * B[0]
         mulxq	(%rbp), %r8, %r9
         xorq	%rbx, %rbx
         # A[0] * B[1]
-        mulxq	8(%rbp), %rax, %r10
+        mulxq	%r14, %rax, %r10
         adcxq	%rax, %r9
         # A[0] * B[2]
         mulxq	16(%rbp), %rax, %r11
@@ -58482,7 +58328,7 @@ _sp_256_mont_mul_order_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r9
         # A[1] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r10
         adcxq	%rax, %r10
         # A[1] * B[2]
@@ -58501,7 +58347,7 @@ _sp_256_mont_mul_order_avx2_4:
         xorq	%rbx, %rbx
         adcxq	%rax, %r10
         # A[2] * B[1]
-        mulxq	8(%rbp), %rax, %r15
+        mulxq	%r14, %rax, %r15
         adoxq	%rcx, %r11
         adcxq	%rax, %r11
         # A[2] * B[2]
@@ -60712,11 +60558,10 @@ _sp_384_mont_reduce_6:
         # Subtract mod if carry
         negq	%r10
         movq	$0xfffffffffffffffe, %r9
-        movq	%r10, %rcx
+        movl	%r10d, %ecx
         movq	%r10, %r8
-        shrq	$32, %rcx
-        shlq	$32, %r8
         andq	%r10, %r9
+        shlq	$32, %r8
         subq	%rcx, %rbx
         sbbq	%r8, %rbp
         sbbq	%r9, %r11
@@ -60962,7 +60807,6 @@ _sp_384_mont_add_6:
         movq	32(%rsi), %r10
         movq	40(%rsi), %r11
         addq	(%rdx), %rax
-        movq	$0xffffffff, %r12
         adcq	8(%rdx), %rcx
         movq	$0xffffffff00000000, %r13
         adcq	16(%rdx), %r8
@@ -60971,7 +60815,7 @@ _sp_384_mont_add_6:
         adcq	32(%rdx), %r10
         adcq	40(%rdx), %r11
         sbbq	%rsi, %rsi
-        andq	%rsi, %r12
+        movl	%esi, %r12d
         andq	%rsi, %r13
         andq	%rsi, %r14
         subq	%r12, %rax
@@ -61031,16 +60875,16 @@ _sp_384_mont_dbl_6:
         movq	32(%rsi), %r9
         movq	40(%rsi), %r10
         addq	%rdx, %rdx
-        movq	$0xffffffff, %r11
         adcq	%rax, %rax
         movq	$0xffffffff00000000, %r12
         adcq	%rcx, %rcx
         movq	$0xfffffffffffffffe, %r13
         adcq	%r8, %r8
         adcq	%r9, %r9
+        movq	%r10, %r14
         adcq	%r10, %r10
-        sbbq	%r14, %r14
-        andq	%r14, %r11
+        sarq	$63, %r14
+        movl	%r14d, %r11d
         andq	%r14, %r12
         andq	%r14, %r13
         subq	%r11, %rdx
@@ -61100,7 +60944,6 @@ _sp_384_mont_tpl_6:
         movq	32(%rsi), %r9
         movq	40(%rsi), %r10
         addq	%rdx, %rdx
-        movq	$0xffffffff, %r11
         adcq	%rax, %rax
         movq	$0xffffffff00000000, %r12
         adcq	%rcx, %rcx
@@ -61109,7 +60952,7 @@ _sp_384_mont_tpl_6:
         adcq	%r9, %r9
         adcq	%r10, %r10
         sbbq	%r14, %r14
-        andq	%r14, %r11
+        movl	%r14d, %r11d
         andq	%r14, %r12
         andq	%r14, %r13
         subq	%r11, %rdx
@@ -61130,7 +60973,6 @@ _sp_384_mont_tpl_6:
         sbbq	%r14, %r9
         sbbq	%r14, %r10
         addq	(%rsi), %rdx
-        movq	$0xffffffff, %r11
         adcq	8(%rsi), %rax
         movq	$0xffffffff00000000, %r12
         adcq	16(%rsi), %rcx
@@ -61139,7 +60981,7 @@ _sp_384_mont_tpl_6:
         adcq	32(%rsi), %r9
         adcq	40(%rsi), %r10
         sbbq	%r14, %r14
-        andq	%r14, %r11
+        movl	%r14d, %r11d
         andq	%r14, %r12
         andq	%r14, %r13
         subq	%r11, %rdx
@@ -61200,7 +61042,6 @@ _sp_384_mont_sub_6:
         movq	32(%rsi), %r10
         movq	40(%rsi), %r11
         subq	(%rdx), %rax
-        movq	$0xffffffff, %r12
         sbbq	8(%rdx), %rcx
         movq	$0xffffffff00000000, %r13
         sbbq	16(%rdx), %r8
@@ -61209,7 +61050,7 @@ _sp_384_mont_sub_6:
         sbbq	32(%rdx), %r10
         sbbq	40(%rdx), %r11
         sbbq	%rsi, %rsi
-        andq	%rsi, %r12
+        movl	%esi, %r12d
         andq	%rsi, %r13
         andq	%rsi, %r14
         addq	%r12, %rax
@@ -61241,68 +61082,6 @@ _sp_384_mont_sub_6:
 #ifndef __APPLE__
 .size	sp_384_mont_sub_6,.-sp_384_mont_sub_6
 #endif /* __APPLE__ */
-/* Subtract two Montgomery form numbers (r = a - b % m).
- *
- * b is less than the modulus.
- *
- * r   Result of subtration.
- * a   Number to subtract from in Montgomery form.
- * b   Number to subtract with in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_384_mont_sub_lower_6
-.type	sp_384_mont_sub_lower_6,@function
-.align	16
-sp_384_mont_sub_lower_6:
-#else
-.section	__TEXT,__text
-.globl	_sp_384_mont_sub_lower_6
-.p2align	4
-_sp_384_mont_sub_lower_6:
-#endif /* __APPLE__ */
-        pushq	%r12
-        pushq	%r13
-        pushq	%r14
-        movq	(%rsi), %rax
-        movq	8(%rsi), %rcx
-        movq	16(%rsi), %r8
-        movq	24(%rsi), %r9
-        movq	32(%rsi), %r10
-        movq	40(%rsi), %r11
-        subq	(%rdx), %rax
-        movq	$0xffffffff, %r12
-        sbbq	8(%rdx), %rcx
-        movq	$0xffffffff00000000, %r13
-        sbbq	16(%rdx), %r8
-        movq	$0xfffffffffffffffe, %r14
-        sbbq	24(%rdx), %r9
-        sbbq	32(%rdx), %r10
-        sbbq	40(%rdx), %r11
-        sbbq	%rsi, %rsi
-        andq	%rsi, %r12
-        andq	%rsi, %r13
-        andq	%rsi, %r14
-        addq	%r12, %rax
-        adcq	%r13, %rcx
-        movq	%rax, (%rdi)
-        adcq	%r14, %r8
-        movq	%rcx, 8(%rdi)
-        adcq	%rsi, %r9
-        movq	%r8, 16(%rdi)
-        adcq	%rsi, %r10
-        movq	%r9, 24(%rdi)
-        adcq	%rsi, %r11
-        movq	%r10, 32(%rdi)
-        movq	%r11, 40(%rdi)
-        popq	%r14
-        popq	%r13
-        popq	%r12
-        repz retq
-#ifndef __APPLE__
-.size	sp_384_mont_sub_lower_6,.-sp_384_mont_sub_lower_6
-#endif /* __APPLE__ */
 /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
  *
  * r  Result of division by 2.
@@ -61311,15 +61090,15 @@ _sp_384_mont_sub_lower_6:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_384_div2_6
-.type	sp_384_div2_6,@function
+.globl	sp_384_mont_div2_6
+.type	sp_384_mont_div2_6,@function
 .align	16
-sp_384_div2_6:
+sp_384_mont_div2_6:
 #else
 .section	__TEXT,__text
-.globl	_sp_384_div2_6
+.globl	_sp_384_mont_div2_6
 .p2align	4
-_sp_384_div2_6:
+_sp_384_mont_div2_6:
 #endif /* __APPLE__ */
         subq	$48, %rsp
         movq	(%rsi), %r11
@@ -61378,165 +61157,13 @@ _sp_384_div2_6:
         addq	$48, %rsp
         repz retq
 #ifndef __APPLE__
-.size	sp_384_div2_6,.-sp_384_div2_6
-#endif /* __APPLE__ */
-/* Double a Montgomery form number (r = a + a % m).
- *
- * a is less than m.
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_384_mont_dbl_lower_6
-.type	sp_384_mont_dbl_lower_6,@function
-.align	16
-sp_384_mont_dbl_lower_6:
-#else
-.section	__TEXT,__text
-.globl	_sp_384_mont_dbl_lower_6
-.p2align	4
-_sp_384_mont_dbl_lower_6:
-#endif /* __APPLE__ */
-        pushq	%r12
-        pushq	%r13
-        pushq	%r14
-        movq	(%rsi), %rdx
-        movq	8(%rsi), %rax
-        movq	16(%rsi), %rcx
-        movq	24(%rsi), %r8
-        movq	32(%rsi), %r9
-        movq	40(%rsi), %r10
-        addq	%rdx, %rdx
-        movq	$0xffffffff, %r11
-        adcq	%rax, %rax
-        movq	$0xffffffff00000000, %r12
-        adcq	%rcx, %rcx
-        movq	$0xfffffffffffffffe, %r13
-        adcq	%r8, %r8
-        adcq	%r9, %r9
-        adcq	%r10, %r10
-        sbbq	%r14, %r14
-        andq	%r14, %r11
-        andq	%r14, %r12
-        andq	%r14, %r13
-        subq	%r11, %rdx
-        sbbq	%r12, %rax
-        movq	%rdx, (%rdi)
-        sbbq	%r13, %rcx
-        movq	%rax, 8(%rdi)
-        sbbq	%r14, %r8
-        movq	%rcx, 16(%rdi)
-        sbbq	%r14, %r9
-        movq	%r8, 24(%rdi)
-        sbbq	%r14, %r10
-        movq	%r9, 32(%rdi)
-        movq	%r10, 40(%rdi)
-        popq	%r14
-        popq	%r13
-        popq	%r12
-        repz retq
-#ifndef __APPLE__
-.size	sp_384_mont_dbl_lower_6,.-sp_384_mont_dbl_lower_6
-#endif /* __APPLE__ */
-/* Double a Montgomery form number (r = a + a % m).
- *
- * a is less than m.
- *
- * r   Result of doubling.
- * a   Number to double in Montgomery form.
- * m   Modulus (prime).
- */
-#ifndef __APPLE__
-.text
-.globl	sp_384_mont_tpl_lower_6
-.type	sp_384_mont_tpl_lower_6,@function
-.align	16
-sp_384_mont_tpl_lower_6:
-#else
-.section	__TEXT,__text
-.globl	_sp_384_mont_tpl_lower_6
-.p2align	4
-_sp_384_mont_tpl_lower_6:
-#endif /* __APPLE__ */
-        pushq	%r12
-        pushq	%r13
-        pushq	%r14
-        movq	(%rsi), %rdx
-        movq	8(%rsi), %rax
-        movq	16(%rsi), %rcx
-        movq	24(%rsi), %r8
-        movq	32(%rsi), %r9
-        movq	40(%rsi), %r10
-        addq	%rdx, %rdx
-        movq	$0xffffffff, %r11
-        adcq	%rax, %rax
-        movq	$0xffffffff00000000, %r12
-        adcq	%rcx, %rcx
-        movq	$0xfffffffffffffffe, %r13
-        adcq	%r8, %r8
-        adcq	%r9, %r9
-        adcq	%r10, %r10
-        sbbq	%r14, %r14
-        andq	%r14, %r11
-        andq	%r14, %r12
-        andq	%r14, %r13
-        subq	%r11, %rdx
-        sbbq	%r12, %rax
-        movq	%rdx, (%rdi)
-        sbbq	%r13, %rcx
-        sbbq	%r14, %r8
-        sbbq	%r14, %r9
-        sbbq	%r14, %r10
-        addq	(%rsi), %rdx
-        movq	$0xffffffff, %r11
-        adcq	8(%rsi), %rax
-        movq	$0xffffffff00000000, %r12
-        adcq	16(%rsi), %rcx
-        movq	$0xfffffffffffffffe, %r13
-        adcq	24(%rsi), %r8
-        adcq	32(%rsi), %r9
-        adcq	40(%rsi), %r10
-        sbbq	%r14, %r14
-        andq	%r14, %r11
-        andq	%r14, %r12
-        andq	%r14, %r13
-        subq	%r11, %rdx
-        sbbq	%r12, %rax
-        sbbq	%r13, %rcx
-        sbbq	%r14, %r8
-        sbbq	%r14, %r9
-        sbbq	%r14, %r10
-        adcq	$0x00, %r14
-        andq	%r14, %r11
-        andq	%r14, %r12
-        andq	%r14, %r13
-        subq	%r11, %rdx
-        sbbq	%r12, %rax
-        movq	%rdx, (%rdi)
-        sbbq	%r13, %rcx
-        movq	%rax, 8(%rdi)
-        sbbq	%r14, %r8
-        movq	%rcx, 16(%rdi)
-        sbbq	%r14, %r9
-        movq	%r8, 24(%rdi)
-        sbbq	%r14, %r10
-        movq	%r9, 32(%rdi)
-        movq	%r10, 40(%rdi)
-        popq	%r14
-        popq	%r13
-        popq	%r12
-        repz retq
-#ifndef __APPLE__
-.size	sp_384_mont_tpl_lower_6,.-sp_384_mont_tpl_lower_6
+.size	sp_384_mont_div2_6,.-sp_384_mont_div2_6
 #endif /* __APPLE__ */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -61636,7 +61263,7 @@ L_384_get_point_33_6_start_2:
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -62098,15 +61725,15 @@ _sp_384_cond_sub_avx2_6:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_384_div2_avx2_6
-.type	sp_384_div2_avx2_6,@function
+.globl	sp_384_mont_div2_avx2_6
+.type	sp_384_mont_div2_avx2_6,@function
 .align	16
-sp_384_div2_avx2_6:
+sp_384_mont_div2_avx2_6:
 #else
 .section	__TEXT,__text
-.globl	_sp_384_div2_avx2_6
+.globl	_sp_384_mont_div2_avx2_6
 .p2align	4
-_sp_384_div2_avx2_6:
+_sp_384_mont_div2_avx2_6:
 #endif /* __APPLE__ */
         movq	(%rsi), %r11
         xorq	%r10, %r10
@@ -62164,14 +61791,14 @@ _sp_384_div2_avx2_6:
         movq	%r9, 40(%rdi)
         repz retq
 #ifndef __APPLE__
-.size	sp_384_div2_avx2_6,.-sp_384_div2_avx2_6
+.size	sp_384_mont_div2_avx2_6,.-sp_384_mont_div2_avx2_6
 #endif /* __APPLE__ */
 #endif /* HAVE_INTEL_AVX2 */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -62241,7 +61868,7 @@ L_384_get_entry_64_6_start_0:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -62301,7 +61928,7 @@ L_384_get_entry_64_avx2_6_start:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -62371,7 +61998,7 @@ L_384_get_entry_65_6_start_0:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -65220,7 +64847,7 @@ _sp_521_cond_copy_9:
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -65817,7 +65444,7 @@ _sp_521_mont_mul_9:
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -67016,15 +66643,15 @@ _sp_521_mont_sub_9:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_521_div2_9
-.type	sp_521_div2_9,@function
+.globl	sp_521_mont_div2_9
+.type	sp_521_mont_div2_9,@function
 .align	16
-sp_521_div2_9:
+sp_521_mont_div2_9:
 #else
 .section	__TEXT,__text
-.globl	_sp_521_div2_9
+.globl	_sp_521_mont_div2_9
 .p2align	4
-_sp_521_div2_9:
+_sp_521_mont_div2_9:
 #endif /* __APPLE__ */
         pushq	%r12
         pushq	%r13
@@ -67074,13 +66701,13 @@ _sp_521_div2_9:
         popq	%r12
         repz retq
 #ifndef __APPLE__
-.size	sp_521_div2_9,.-sp_521_div2_9
+.size	sp_521_mont_div2_9,.-sp_521_mont_div2_9
 #endif /* __APPLE__ */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -67225,7 +66852,7 @@ L_521_get_point_33_9_start_2:
 /* Touch each possible point that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of point to retrieve.
  */
 #ifndef __APPLE__
@@ -67326,7 +66953,7 @@ L_521_get_point_33_avx2_9_start:
  * a   First number to multiply in Montgomery form.
  * b   Second number to multiply in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -67941,7 +67568,7 @@ _sp_521_mont_mul_avx2_9:
  * r   Result of squaring.
  * a   Number to square in Montgomery form.
  * m   Modulus (prime).
- * mp  Montgomery mulitplier.
+ * mp  Montgomery multiplier.
  */
 #ifndef __APPLE__
 .text
@@ -68782,15 +68409,15 @@ L_521_mont_reduce_order_avx2_9_loop:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_521_div2_avx2_9
-.type	sp_521_div2_avx2_9,@function
+.globl	sp_521_mont_div2_avx2_9
+.type	sp_521_mont_div2_avx2_9,@function
 .align	16
-sp_521_div2_avx2_9:
+sp_521_mont_div2_avx2_9:
 #else
 .section	__TEXT,__text
-.globl	_sp_521_div2_avx2_9
+.globl	_sp_521_mont_div2_avx2_9
 .p2align	4
-_sp_521_div2_avx2_9:
+_sp_521_mont_div2_avx2_9:
 #endif /* __APPLE__ */
         pushq	%r12
         pushq	%r13
@@ -68840,14 +68467,14 @@ _sp_521_div2_avx2_9:
         popq	%r12
         repz retq
 #ifndef __APPLE__
-.size	sp_521_div2_avx2_9,.-sp_521_div2_avx2_9
+.size	sp_521_mont_div2_avx2_9,.-sp_521_mont_div2_avx2_9
 #endif /* __APPLE__ */
 #endif /* HAVE_INTEL_AVX2 */
 #ifndef WC_NO_CACHE_RESISTANT
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -68966,7 +68593,7 @@ L_521_get_entry_64_9_start_1:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -69044,7 +68671,7 @@ L_521_get_entry_64_avx2_9_start:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -69163,7 +68790,7 @@ L_521_get_entry_65_9_start_1:
 /* Touch each possible entry that could be being copied.
  *
  * r      Point to copy into.
- * table  Table - start of the entires to access
+ * table  Table - start of the entries to access
  * idx    Index of entry to retrieve.
  */
 #ifndef __APPLE__
@@ -77693,15 +77320,15 @@ _sp_1024_mont_sub_16:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_1024_div2_16
-.type	sp_1024_div2_16,@function
+.globl	sp_1024_mont_div2_16
+.type	sp_1024_mont_div2_16,@function
 .align	16
-sp_1024_div2_16:
+sp_1024_mont_div2_16:
 #else
 .section	__TEXT,__text
-.globl	_sp_1024_div2_16
+.globl	_sp_1024_mont_div2_16
 .p2align	4
-_sp_1024_div2_16:
+_sp_1024_mont_div2_16:
 #endif /* __APPLE__ */
         subq	$0x80, %rsp
         movq	(%rsi), %r11
@@ -77840,78 +77467,7 @@ _sp_1024_div2_16:
         addq	$0x80, %rsp
         repz retq
 #ifndef __APPLE__
-.size	sp_1024_div2_16,.-sp_1024_div2_16
-#endif /* __APPLE__ */
-/* Sub b from a into r. (r = a - b)
- *
- * r  A single precision integer.
- * a  A single precision integer.
- * b  A single precision integer.
- */
-#ifndef __APPLE__
-.text
-.globl	sp_1024_sub_16
-.type	sp_1024_sub_16,@function
-.align	16
-sp_1024_sub_16:
-#else
-.section	__TEXT,__text
-.globl	_sp_1024_sub_16
-.p2align	4
-_sp_1024_sub_16:
-#endif /* __APPLE__ */
-        movq	(%rsi), %rcx
-        subq	(%rdx), %rcx
-        movq	8(%rsi), %r8
-        movq	%rcx, (%rdi)
-        sbbq	8(%rdx), %r8
-        movq	16(%rsi), %rcx
-        movq	%r8, 8(%rdi)
-        sbbq	16(%rdx), %rcx
-        movq	24(%rsi), %r8
-        movq	%rcx, 16(%rdi)
-        sbbq	24(%rdx), %r8
-        movq	32(%rsi), %rcx
-        movq	%r8, 24(%rdi)
-        sbbq	32(%rdx), %rcx
-        movq	40(%rsi), %r8
-        movq	%rcx, 32(%rdi)
-        sbbq	40(%rdx), %r8
-        movq	48(%rsi), %rcx
-        movq	%r8, 40(%rdi)
-        sbbq	48(%rdx), %rcx
-        movq	56(%rsi), %r8
-        movq	%rcx, 48(%rdi)
-        sbbq	56(%rdx), %r8
-        movq	64(%rsi), %rcx
-        movq	%r8, 56(%rdi)
-        sbbq	64(%rdx), %rcx
-        movq	72(%rsi), %r8
-        movq	%rcx, 64(%rdi)
-        sbbq	72(%rdx), %r8
-        movq	80(%rsi), %rcx
-        movq	%r8, 72(%rdi)
-        sbbq	80(%rdx), %rcx
-        movq	88(%rsi), %r8
-        movq	%rcx, 80(%rdi)
-        sbbq	88(%rdx), %r8
-        movq	96(%rsi), %rcx
-        movq	%r8, 88(%rdi)
-        sbbq	96(%rdx), %rcx
-        movq	104(%rsi), %r8
-        movq	%rcx, 96(%rdi)
-        sbbq	104(%rdx), %r8
-        movq	112(%rsi), %rcx
-        movq	%r8, 104(%rdi)
-        sbbq	112(%rdx), %rcx
-        movq	120(%rsi), %r8
-        movq	%rcx, 112(%rdi)
-        sbbq	120(%rdx), %r8
-        movq	%r8, 120(%rdi)
-        sbbq	%rax, %rax
-        repz retq
-#ifndef __APPLE__
-.size	sp_1024_sub_16,.-sp_1024_sub_16
+.size	sp_1024_mont_div2_16,.-sp_1024_mont_div2_16
 #endif /* __APPLE__ */
 #ifdef HAVE_INTEL_AVX2
 /* Reduce the number back to 1024 bits using Montgomery reduction.
@@ -79028,15 +78584,15 @@ _sp_1024_mont_sub_avx2_16:
  */
 #ifndef __APPLE__
 .text
-.globl	sp_1024_div2_avx2_16
-.type	sp_1024_div2_avx2_16,@function
+.globl	sp_1024_mont_div2_avx2_16
+.type	sp_1024_mont_div2_avx2_16,@function
 .align	16
-sp_1024_div2_avx2_16:
+sp_1024_mont_div2_avx2_16:
 #else
 .section	__TEXT,__text
-.globl	_sp_1024_div2_avx2_16
+.globl	_sp_1024_mont_div2_avx2_16
 .p2align	4
-_sp_1024_div2_avx2_16:
+_sp_1024_mont_div2_avx2_16:
 #endif /* __APPLE__ */
         movq	(%rsi), %r11
         xorq	%r10, %r10
@@ -79174,7 +78730,7 @@ _sp_1024_div2_avx2_16:
         movq	%r9, 120(%rdi)
         repz retq
 #ifndef __APPLE__
-.size	sp_1024_div2_avx2_16,.-sp_1024_div2_avx2_16
+.size	sp_1024_mont_div2_avx2_16,.-sp_1024_mont_div2_avx2_16
 #endif /* __APPLE__ */
 #endif /* HAVE_INTEL_AVX2 */
 /* Read big endian unsigned byte array into r.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
index 66a7f003..fa6558cc 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sp_x86_64_asm.asm
@@ -1,5 +1,5 @@
-; /* sp_x86_64_asm
-;  *
+; /* sp_x86_64_asm.asm */
+; /*
 ;  * Copyright (C) 2006-2023 wolfSSL Inc.
 ;  *
 ;  * This file is part of wolfSSL.
@@ -54329,11 +54329,12 @@ sp_256_mul_avx2_4 PROC
         mov	rbp, r8
         mov	rax, rdx
         mov	rdx, QWORD PTR [rax]
+        mov	r14, QWORD PTR [rbp+8]
         ; A[0] * B[0]
         mulx	r9, r8, QWORD PTR [rbp]
         xor	rbx, rbx
         ; A[0] * B[1]
-        mulx	r10, rdi, QWORD PTR [rbp+8]
+        mulx	r10, rdi, r14
         adcx	r9, rdi
         ; A[0] * B[2]
         mulx	r11, rdi, QWORD PTR [rbp+16]
@@ -54348,7 +54349,7 @@ sp_256_mul_avx2_4 PROC
         xor	rbx, rbx
         adcx	r9, rdi
         ; A[1] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r10, rsi
         adcx	r10, rdi
         ; A[1] * B[2]
@@ -54367,7 +54368,7 @@ sp_256_mul_avx2_4 PROC
         xor	rbx, rbx
         adcx	r10, rdi
         ; A[2] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r11, rsi
         adcx	r11, rdi
         ; A[2] * B[2]
@@ -54716,7 +54717,7 @@ _text ENDS
 ;  * a   First number to multiply in Montgomery form.
 ;  * b   Second number to multiply in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_256_mont_mul_4 PROC
@@ -54884,11 +54885,10 @@ sp_256_mont_mul_4 PROC
         adc	rbx, 0
         sbb	r11, 0
         mov	r10, 18446744069414584321
-        mov	rax, r11
         ; mask m and sub from result if overflow
         ;  m[0] = -1 & mask = mask
-        shr	rax, 32
         ;  m[2] =  0 & mask = 0
+        mov	eax, r11d
         and	r10, r11
         sub	r15, r11
         sbb	rdi, rax
@@ -54913,7 +54913,7 @@ _text ENDS
 ;  * r   Result of squaring.
 ;  * a   Number to square in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_256_mont_sqr_4 PROC
@@ -55060,11 +55060,10 @@ sp_256_mont_sqr_4 PROC
         adc	rsi, 0
         sbb	r10, 0
         mov	r8, 18446744069414584321
-        mov	rax, r10
         ; mask m and sub from result if overflow
         ;  m[0] = -1 & mask = mask
-        shr	rax, 32
         ;  m[2] =  0 & mask = 0
+        mov	eax, r10d
         and	r8, r10
         sub	r14, r10
         sbb	r15, rax
@@ -55263,11 +55262,10 @@ sp_256_mont_reduce_4 PROC
         adc	rdi, 0
         sbb	r9, 0
         mov	rbx, 18446744069414584321
-        mov	rax, r9
         ; mask m and sub from result if overflow
         ;  m[0] = -1 & mask = mask
-        shr	rax, 32
         ;  m[2] =  0 & mask = 0
+        mov	eax, r9d
         and	rbx, r9
         sub	r13, r9
         sbb	r14, rax
@@ -55404,13 +55402,12 @@ sp_256_mont_add_4 PROC
         mov	r10, QWORD PTR [rdx+16]
         mov	r11, QWORD PTR [rdx+24]
         add	rax, QWORD PTR [r8]
-        mov	r12, 4294967295
         adc	r9, QWORD PTR [r8+8]
         mov	r13, 18446744069414584321
         adc	r10, QWORD PTR [r8+16]
         adc	r11, QWORD PTR [r8+24]
         sbb	rdx, rdx
-        and	r12, rdx
+        mov	r12d, edx
         and	r13, rdx
         sub	rax, rdx
         sbb	r9, r12
@@ -55447,13 +55444,13 @@ sp_256_mont_dbl_4 PROC
         mov	r9, QWORD PTR [rdx+16]
         mov	r10, QWORD PTR [rdx+24]
         add	rax, rax
-        mov	r11, 4294967295
         adc	r8, r8
         mov	r12, 18446744069414584321
         adc	r9, r9
+        mov	r13, r10
         adc	r10, r10
-        sbb	r13, r13
-        and	r11, r13
+        sar	r13, 63
+        mov	r11d, r13d
         and	r12, r13
         sub	rax, r13
         sbb	r8, r11
@@ -55490,13 +55487,12 @@ sp_256_mont_tpl_4 PROC
         mov	r9, QWORD PTR [rdx+16]
         mov	r10, QWORD PTR [rdx+24]
         add	rax, rax
-        mov	r11, 4294967295
         adc	r8, r8
         mov	r12, 18446744069414584321
         adc	r9, r9
         adc	r10, r10
         sbb	r13, r13
-        and	r11, r13
+        mov	r11d, r13d
         and	r12, r13
         sub	rax, r13
         sbb	r8, r11
@@ -55510,13 +55506,12 @@ sp_256_mont_tpl_4 PROC
         sbb	r9, 0
         sbb	r10, r12
         add	rax, QWORD PTR [rdx]
-        mov	r11, 4294967295
         adc	r8, QWORD PTR [rdx+8]
         mov	r12, 18446744069414584321
         adc	r9, QWORD PTR [rdx+16]
         adc	r10, QWORD PTR [rdx+24]
-        sbb	r13, r13
-        and	r11, r13
+        sbb	r13, 0
+        mov	r11d, r13d
         and	r12, r13
         sub	rax, r13
         sbb	r8, r11
@@ -55554,13 +55549,12 @@ sp_256_mont_sub_4 PROC
         mov	r10, QWORD PTR [rdx+16]
         mov	r11, QWORD PTR [rdx+24]
         sub	rax, QWORD PTR [r8]
-        mov	r12, 4294967295
         sbb	r9, QWORD PTR [r8+8]
         mov	r13, 18446744069414584321
         sbb	r10, QWORD PTR [r8+16]
         sbb	r11, QWORD PTR [r8+24]
         sbb	rdx, rdx
-        and	r12, rdx
+        mov	r12d, edx
         and	r13, rdx
         add	rax, rdx
         adc	r9, r12
@@ -55582,45 +55576,6 @@ sp_256_mont_sub_4 PROC
         ret
 sp_256_mont_sub_4 ENDP
 _text ENDS
-; /* Subtract two Montgomery form numbers (r = a - b % m).
-;  *
-;  * b is less than the modulus.
-;  *
-;  * r   Result of subtration.
-;  * a   Number to subtract from in Montgomery form.
-;  * b   Number to subtract with in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_256_mont_sub_lower_4 PROC
-        push	r12
-        push	r13
-        mov	rax, QWORD PTR [rdx]
-        mov	r9, QWORD PTR [rdx+8]
-        mov	r10, QWORD PTR [rdx+16]
-        mov	r11, QWORD PTR [rdx+24]
-        sub	rax, QWORD PTR [r8]
-        mov	r12, 4294967295
-        sbb	r9, QWORD PTR [r8+8]
-        mov	r13, 18446744069414584321
-        sbb	r10, QWORD PTR [r8+16]
-        sbb	r11, QWORD PTR [r8+24]
-        sbb	rdx, rdx
-        and	r12, rdx
-        and	r13, rdx
-        add	rax, rdx
-        adc	r9, r12
-        mov	QWORD PTR [rcx], rax
-        adc	r10, 0
-        mov	QWORD PTR [rcx+8], r9
-        adc	r11, r13
-        mov	QWORD PTR [rcx+16], r10
-        mov	QWORD PTR [rcx+24], r11
-        pop	r13
-        pop	r12
-        ret
-sp_256_mont_sub_lower_4 ENDP
-_text ENDS
 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
 ;  *
 ;  * r  Result of division by 2.
@@ -55628,19 +55583,18 @@ _text ENDS
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_256_div2_4 PROC
+sp_256_mont_div2_4 PROC
         push	r12
         push	r13
         mov	rax, QWORD PTR [rdx]
         mov	r8, QWORD PTR [rdx+8]
         mov	r9, QWORD PTR [rdx+16]
         mov	r10, QWORD PTR [rdx+24]
-        mov	r11, 4294967295
         mov	r12, 18446744069414584321
         mov	r13, rax
         and	r13, 1
         neg	r13
-        and	r11, r13
+        mov	r11d, r13d
         and	r12, r13
         add	rax, r13
         adc	r8, r11
@@ -55659,65 +55613,7 @@ sp_256_div2_4 PROC
         pop	r13
         pop	r12
         ret
-sp_256_div2_4 ENDP
-_text ENDS
-; /* Triple a Montgomery form number (r = a + a + a % m).
-;  *
-;  * a is less than m.
-;  *
-;  * r   Result of Tripling.
-;  * a   Number to triple in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_256_mont_tpl_lower_4 PROC
-        push	r12
-        push	r13
-        mov	rax, QWORD PTR [rdx]
-        mov	r8, QWORD PTR [rdx+8]
-        mov	r9, QWORD PTR [rdx+16]
-        mov	r10, QWORD PTR [rdx+24]
-        add	rax, rax
-        mov	r11, 4294967295
-        adc	r8, r8
-        mov	r12, 18446744069414584321
-        adc	r9, r9
-        adc	r10, r10
-        sbb	r13, r13
-        and	r11, r13
-        and	r12, r13
-        sub	rax, r13
-        sbb	r8, r11
-        sbb	r9, 0
-        sbb	r10, r12
-        add	rax, QWORD PTR [rdx]
-        mov	r11, 4294967295
-        adc	r8, QWORD PTR [rdx+8]
-        mov	r12, 18446744069414584321
-        adc	r9, QWORD PTR [rdx+16]
-        adc	r10, QWORD PTR [rdx+24]
-        sbb	r13, r13
-        and	r11, r13
-        and	r12, r13
-        sub	rax, r13
-        sbb	r8, r11
-        sbb	r9, 0
-        sbb	r10, r12
-        adc	r13, 0
-        and	r11, r13
-        and	r12, r13
-        sub	rax, r13
-        sbb	r8, r11
-        mov	QWORD PTR [rcx], rax
-        sbb	r9, 0
-        mov	QWORD PTR [rcx+8], r8
-        sbb	r10, r12
-        mov	QWORD PTR [rcx+16], r9
-        mov	QWORD PTR [rcx+24], r10
-        pop	r13
-        pop	r12
-        ret
-sp_256_mont_tpl_lower_4 ENDP
+sp_256_mont_div2_4 ENDP
 _text ENDS
 ; /* Two Montgomery numbers, subtract double second from first (r = a - 2.b % m).
 ;  *
@@ -55727,7 +55623,7 @@ _text ENDS
 ;  * m   Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_256_mont_sub_dbl_4 PROC
+sp_256_mont_rsb_sub_dbl_4 PROC
         push	r12
         push	r13
         push	r14
@@ -55743,42 +55639,40 @@ sp_256_mont_sub_dbl_4 PROC
         mov	r14, QWORD PTR [r8+16]
         mov	r15, QWORD PTR [r8+24]
         add	r12, r12
-        mov	rdi, 4294967295
         adc	r13, r13
         mov	rsi, 18446744069414584321
         adc	r14, r14
         adc	r15, r15
-        sbb	r8, r8
-        and	rdi, r8
-        and	rsi, r8
-        sub	r12, r8
+        sbb	rdx, rdx
+        mov	edi, edx
+        and	rsi, rdx
+        sub	r12, rdx
         sbb	r13, rdi
         sbb	r14, 0
         sbb	r15, rsi
-        adc	r8, 0
-        and	rdi, r8
-        and	rsi, r8
-        sub	r12, r8
+        adc	rdx, 0
+        and	rdi, rdx
+        and	rsi, rdx
+        sub	r12, rdx
         sbb	r13, rdi
         sbb	r14, 0
         sbb	r15, rsi
         sub	rax, r12
-        mov	rdi, 4294967295
         sbb	r9, r13
         mov	rsi, 18446744069414584321
         sbb	r10, r14
         sbb	r11, r15
-        sbb	r8, r8
-        and	rdi, r8
-        and	rsi, r8
-        add	rax, r8
+        sbb	rdx, 0
+        mov	edi, edx
+        and	rsi, rdx
+        add	rax, rdx
         adc	r9, rdi
         adc	r10, 0
         adc	r11, rsi
-        adc	r8, 0
-        and	rdi, r8
-        and	rsi, r8
-        add	rax, r8
+        adc	rdx, 0
+        and	rdi, rdx
+        and	rsi, rdx
+        add	rax, rdx
         adc	r9, rdi
         mov	QWORD PTR [rcx], rax
         adc	r10, 0
@@ -55786,6 +55680,33 @@ sp_256_mont_sub_dbl_4 PROC
         adc	r11, rsi
         mov	QWORD PTR [rcx+16], r10
         mov	QWORD PTR [rcx+24], r11
+        mov	r12, QWORD PTR [r8]
+        mov	r13, QWORD PTR [r8+8]
+        mov	r14, QWORD PTR [r8+16]
+        mov	r15, QWORD PTR [r8+24]
+        sub	r12, rax
+        sbb	r13, r9
+        mov	rsi, 18446744069414584321
+        sbb	r14, r10
+        sbb	r15, r11
+        sbb	rdx, rdx
+        mov	edi, edx
+        and	rsi, rdx
+        add	r12, rdx
+        adc	r13, rdi
+        adc	r14, 0
+        adc	r15, rsi
+        adc	rdx, 0
+        and	rdi, rdx
+        and	rsi, rdx
+        add	r12, rdx
+        adc	r13, rdi
+        mov	QWORD PTR [r8], r12
+        adc	r14, 0
+        mov	QWORD PTR [r8+8], r13
+        adc	r15, rsi
+        mov	QWORD PTR [r8+16], r14
+        mov	QWORD PTR [r8+24], r15
         pop	rsi
         pop	rdi
         pop	r15
@@ -55793,66 +55714,13 @@ sp_256_mont_sub_dbl_4 PROC
         pop	r13
         pop	r12
         ret
-sp_256_mont_sub_dbl_4 ENDP
-_text ENDS
-; /* Two Montgomery numbers, subtract second from first and double.
-;  * (r = 2.(a - b) % m).
-;  *
-;  * b must have came from a mont_sub operation.
-;  *
-;  * r   Result of subtration.
-;  * a   Number to subtract from in Montgomery form.
-;  * b   Number to subtract with in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_256_mont_dbl_sub_4 PROC
-        push	r12
-        push	r13
-        mov	rax, QWORD PTR [rdx]
-        mov	r9, QWORD PTR [rdx+8]
-        mov	r10, QWORD PTR [rdx+16]
-        mov	r11, QWORD PTR [rdx+24]
-        sub	rax, QWORD PTR [r8]
-        mov	r12, 4294967295
-        sbb	r9, QWORD PTR [r8+8]
-        mov	r13, 18446744069414584321
-        sbb	r10, QWORD PTR [r8+16]
-        sbb	r11, QWORD PTR [r8+24]
-        sbb	r8, r8
-        and	r12, r8
-        and	r13, r8
-        add	rax, r8
-        adc	r9, r12
-        adc	r10, 0
-        adc	r11, r13
-        add	rax, rax
-        mov	r12, 4294967295
-        adc	r9, r9
-        mov	r13, 18446744069414584321
-        adc	r10, r10
-        adc	r11, r11
-        sbb	r8, r8
-        and	r12, r8
-        and	r13, r8
-        sub	rax, r8
-        sbb	r9, r12
-        mov	QWORD PTR [rcx], rax
-        sbb	r10, 0
-        mov	QWORD PTR [rcx+8], r9
-        sbb	r11, r13
-        mov	QWORD PTR [rcx+16], r10
-        mov	QWORD PTR [rcx+24], r11
-        pop	r13
-        pop	r12
-        ret
-sp_256_mont_dbl_sub_4 ENDP
+sp_256_mont_rsb_sub_dbl_4 ENDP
 _text ENDS
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -55932,7 +55800,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -55990,7 +55858,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * a   First number to multiply in Montgomery form.
 ;  * b   Second number to multiply in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_256_mont_mul_avx2_4 PROC
@@ -56005,11 +55873,12 @@ sp_256_mont_mul_avx2_4 PROC
         mov	rbp, r8
         mov	rax, rdx
         mov	rdx, QWORD PTR [rax]
+        mov	r14, QWORD PTR [rbp+8]
         ; A[0] * B[0]
         mulx	r9, r8, QWORD PTR [rbp]
         xor	rbx, rbx
         ; A[0] * B[1]
-        mulx	r10, rdi, QWORD PTR [rbp+8]
+        mulx	r10, rdi, r14
         adcx	r9, rdi
         ; A[0] * B[2]
         mulx	r11, rdi, QWORD PTR [rbp+16]
@@ -56024,7 +55893,7 @@ sp_256_mont_mul_avx2_4 PROC
         xor	rbx, rbx
         adcx	r9, rdi
         ; A[1] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r10, rsi
         adcx	r10, rdi
         ; A[1] * B[2]
@@ -56043,7 +55912,7 @@ sp_256_mont_mul_avx2_4 PROC
         xor	rbx, rbx
         adcx	r10, rdi
         ; A[2] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r11, rsi
         adcx	r11, rdi
         ; A[2] * B[2]
@@ -56133,11 +56002,10 @@ sp_256_mont_mul_avx2_4 PROC
         adc	r15, 0
         sbb	r8, 0
         mov	rax, 18446744069414584321
-        mov	rdi, r8
         ; mask m and sub from result if overflow
         ;  m[0] = -1 & mask = mask
-        shr	rdi, 32
         ;  m[2] =  0 & mask = 0
+        mov	edi, r8d
         and	rax, r8
         sub	r12, r8
         sbb	r13, rdi
@@ -56165,7 +56033,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * r   Result of squaring.
 ;  * a   Number to square in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_256_mont_sqr_avx2_4 PROC
@@ -56292,11 +56160,10 @@ sp_256_mont_sqr_avx2_4 PROC
         adc	r15, 0
         sbb	r8, 0
         mov	rax, 18446744069414584321
-        mov	rdi, r8
         ; mask m and sub from result if overflow
         ;  m[0] = -1 & mask = mask
-        shr	rdi, 32
         ;  m[2] =  0 & mask = 0
+        mov	edi, r8d
         and	rax, r8
         sub	r12, r8
         sbb	r13, rdi
@@ -56373,7 +56240,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * mp  The digit representing the negative inverse of m mod 2^n.
 ;  */
 _text SEGMENT READONLY PARA
-sp_256_mont_reduce_avx2_order_4 PROC
+sp_256_mont_reduce_order_avx2_4 PROC
         push	r12
         push	r13
         push	r14
@@ -56521,7 +56388,7 @@ sp_256_mont_reduce_avx2_order_4 PROC
         pop	r13
         pop	r12
         ret
-sp_256_mont_reduce_avx2_order_4 ENDP
+sp_256_mont_reduce_order_avx2_4 ENDP
 _text ENDS
 ENDIF
 IFDEF HAVE_INTEL_AVX2
@@ -56532,19 +56399,18 @@ IFDEF HAVE_INTEL_AVX2
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_256_div2_avx2_4 PROC
+sp_256_mont_div2_avx2_4 PROC
         push	r12
         push	r13
         mov	rax, QWORD PTR [rdx]
         mov	r8, QWORD PTR [rdx+8]
         mov	r9, QWORD PTR [rdx+16]
         mov	r10, QWORD PTR [rdx+24]
-        mov	r11, 4294967295
         mov	r12, 18446744069414584321
         mov	r13, rax
         and	r13, 1
         neg	r13
-        and	r11, r13
+        mov	r11d, r13d
         and	r12, r13
         add	rax, r13
         adc	r8, r11
@@ -56563,14 +56429,14 @@ sp_256_div2_avx2_4 PROC
         pop	r13
         pop	r12
         ret
-sp_256_div2_avx2_4 ENDP
+sp_256_mont_div2_avx2_4 ENDP
 _text ENDS
 ENDIF
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -56633,7 +56499,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -56678,7 +56544,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -56741,7 +56607,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -57150,11 +57016,12 @@ sp_256_mont_mul_order_avx2_4 PROC
         mov	rbp, r8
         mov	rax, rdx
         mov	rdx, QWORD PTR [rax]
+        mov	r14, QWORD PTR [rbp+8]
         ; A[0] * B[0]
         mulx	r9, r8, QWORD PTR [rbp]
         xor	rbx, rbx
         ; A[0] * B[1]
-        mulx	r10, rdi, QWORD PTR [rbp+8]
+        mulx	r10, rdi, r14
         adcx	r9, rdi
         ; A[0] * B[2]
         mulx	r11, rdi, QWORD PTR [rbp+16]
@@ -57169,7 +57036,7 @@ sp_256_mont_mul_order_avx2_4 PROC
         xor	rbx, rbx
         adcx	r9, rdi
         ; A[1] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r10, rsi
         adcx	r10, rdi
         ; A[1] * B[2]
@@ -57188,7 +57055,7 @@ sp_256_mont_mul_order_avx2_4 PROC
         xor	rbx, rbx
         adcx	r10, rdi
         ; A[2] * B[1]
-        mulx	r15, rdi, QWORD PTR [rbp+8]
+        mulx	r15, rdi, r14
         adox	r11, rsi
         adcx	r11, rdi
         ; A[2] * B[2]
@@ -59310,11 +59177,10 @@ sp_384_mont_reduce_6 PROC
         ; Subtract mod if carry
         neg	r11
         mov	r10, 18446744073709551614
-        mov	r8, r11
+        mov	r8d, r11d
         mov	r9, r11
-        shr	r8, 32
-        shl	r9, 32
         and	r10, r11
+        shl	r9, 32
         sub	rbx, r8
         sbb	rbp, r9
         sbb	r12, r10
@@ -59533,7 +59399,6 @@ sp_384_mont_add_6 PROC
         mov	r12, QWORD PTR [rdx+32]
         mov	r13, QWORD PTR [rdx+40]
         add	rax, QWORD PTR [r8]
-        mov	r14, 4294967295
         adc	r9, QWORD PTR [r8+8]
         mov	r15, 18446744069414584320
         adc	r10, QWORD PTR [r8+16]
@@ -59542,7 +59407,7 @@ sp_384_mont_add_6 PROC
         adc	r12, QWORD PTR [r8+32]
         adc	r13, QWORD PTR [r8+40]
         sbb	rdx, rdx
-        and	r14, rdx
+        mov	r14d, edx
         and	r15, rdx
         and	rdi, rdx
         sub	rax, r14
@@ -59595,16 +59460,16 @@ sp_384_mont_dbl_6 PROC
         mov	r11, QWORD PTR [rdx+32]
         mov	r12, QWORD PTR [rdx+40]
         add	rax, rax
-        mov	r13, 4294967295
         adc	r8, r8
         mov	r14, 18446744069414584320
         adc	r9, r9
         mov	r15, 18446744073709551614
         adc	r10, r10
         adc	r11, r11
+        mov	rdi, r12
         adc	r12, r12
-        sbb	rdi, rdi
-        and	r13, rdi
+        sar	rdi, 63
+        mov	r13d, edi
         and	r14, rdi
         and	r15, rdi
         sub	rax, r13
@@ -59657,7 +59522,6 @@ sp_384_mont_tpl_6 PROC
         mov	r11, QWORD PTR [rdx+32]
         mov	r12, QWORD PTR [rdx+40]
         add	rax, rax
-        mov	r13, 4294967295
         adc	r8, r8
         mov	r14, 18446744069414584320
         adc	r9, r9
@@ -59666,7 +59530,7 @@ sp_384_mont_tpl_6 PROC
         adc	r11, r11
         adc	r12, r12
         sbb	rdi, rdi
-        and	r13, rdi
+        mov	r13d, edi
         and	r14, rdi
         and	r15, rdi
         sub	rax, r13
@@ -59687,7 +59551,6 @@ sp_384_mont_tpl_6 PROC
         sbb	r11, rdi
         sbb	r12, rdi
         add	rax, QWORD PTR [rdx]
-        mov	r13, 4294967295
         adc	r8, QWORD PTR [rdx+8]
         mov	r14, 18446744069414584320
         adc	r9, QWORD PTR [rdx+16]
@@ -59696,7 +59559,7 @@ sp_384_mont_tpl_6 PROC
         adc	r11, QWORD PTR [rdx+32]
         adc	r12, QWORD PTR [rdx+40]
         sbb	rdi, rdi
-        and	r13, rdi
+        mov	r13d, edi
         and	r14, rdi
         and	r15, rdi
         sub	rax, r13
@@ -59750,7 +59613,6 @@ sp_384_mont_sub_6 PROC
         mov	r12, QWORD PTR [rdx+32]
         mov	r13, QWORD PTR [rdx+40]
         sub	rax, QWORD PTR [r8]
-        mov	r14, 4294967295
         sbb	r9, QWORD PTR [r8+8]
         mov	r15, 18446744069414584320
         sbb	r10, QWORD PTR [r8+16]
@@ -59759,7 +59621,7 @@ sp_384_mont_sub_6 PROC
         sbb	r12, QWORD PTR [r8+32]
         sbb	r13, QWORD PTR [r8+40]
         sbb	rdx, rdx
-        and	r14, rdx
+        mov	r14d, edx
         and	r15, rdx
         and	rdi, rdx
         add	rax, r14
@@ -59792,61 +59654,6 @@ sp_384_mont_sub_6 PROC
         ret
 sp_384_mont_sub_6 ENDP
 _text ENDS
-; /* Subtract two Montgomery form numbers (r = a - b % m).
-;  *
-;  * b is less than the modulus.
-;  *
-;  * r   Result of subtration.
-;  * a   Number to subtract from in Montgomery form.
-;  * b   Number to subtract with in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_384_mont_sub_lower_6 PROC
-        push	r12
-        push	r13
-        push	r14
-        push	r15
-        push	rdi
-        mov	rax, QWORD PTR [rdx]
-        mov	r9, QWORD PTR [rdx+8]
-        mov	r10, QWORD PTR [rdx+16]
-        mov	r11, QWORD PTR [rdx+24]
-        mov	r12, QWORD PTR [rdx+32]
-        mov	r13, QWORD PTR [rdx+40]
-        sub	rax, QWORD PTR [r8]
-        mov	r14, 4294967295
-        sbb	r9, QWORD PTR [r8+8]
-        mov	r15, 18446744069414584320
-        sbb	r10, QWORD PTR [r8+16]
-        mov	rdi, 18446744073709551614
-        sbb	r11, QWORD PTR [r8+24]
-        sbb	r12, QWORD PTR [r8+32]
-        sbb	r13, QWORD PTR [r8+40]
-        sbb	rdx, rdx
-        and	r14, rdx
-        and	r15, rdx
-        and	rdi, rdx
-        add	rax, r14
-        adc	r9, r15
-        mov	QWORD PTR [rcx], rax
-        adc	r10, rdi
-        mov	QWORD PTR [rcx+8], r9
-        adc	r11, rdx
-        mov	QWORD PTR [rcx+16], r10
-        adc	r12, rdx
-        mov	QWORD PTR [rcx+24], r11
-        adc	r13, rdx
-        mov	QWORD PTR [rcx+32], r12
-        mov	QWORD PTR [rcx+40], r13
-        pop	rdi
-        pop	r15
-        pop	r14
-        pop	r13
-        pop	r12
-        ret
-sp_384_mont_sub_lower_6 ENDP
-_text ENDS
 ; /* Divide the number by 2 mod the modulus (prime). (r = a / 2 % m)
 ;  *
 ;  * r  Result of division by 2.
@@ -59854,7 +59661,7 @@ _text ENDS
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_384_div2_6 PROC
+sp_384_mont_div2_6 PROC
         push	r12
         push	r13
         sub	rsp, 48
@@ -59915,151 +59722,13 @@ sp_384_div2_6 PROC
         pop	r13
         pop	r12
         ret
-sp_384_div2_6 ENDP
-_text ENDS
-; /* Double a Montgomery form number (r = a + a % m).
-;  *
-;  * a is less than m.
-;  *
-;  * r   Result of doubling.
-;  * a   Number to double in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_384_mont_dbl_lower_6 PROC
-        push	r12
-        push	r13
-        push	r14
-        push	r15
-        push	rdi
-        mov	rax, QWORD PTR [rdx]
-        mov	r8, QWORD PTR [rdx+8]
-        mov	r9, QWORD PTR [rdx+16]
-        mov	r10, QWORD PTR [rdx+24]
-        mov	r11, QWORD PTR [rdx+32]
-        mov	r12, QWORD PTR [rdx+40]
-        add	rax, rax
-        mov	r13, 4294967295
-        adc	r8, r8
-        mov	r14, 18446744069414584320
-        adc	r9, r9
-        mov	r15, 18446744073709551614
-        adc	r10, r10
-        adc	r11, r11
-        adc	r12, r12
-        sbb	rdi, rdi
-        and	r13, rdi
-        and	r14, rdi
-        and	r15, rdi
-        sub	rax, r13
-        sbb	r8, r14
-        mov	QWORD PTR [rcx], rax
-        sbb	r9, r15
-        mov	QWORD PTR [rcx+8], r8
-        sbb	r10, rdi
-        mov	QWORD PTR [rcx+16], r9
-        sbb	r11, rdi
-        mov	QWORD PTR [rcx+24], r10
-        sbb	r12, rdi
-        mov	QWORD PTR [rcx+32], r11
-        mov	QWORD PTR [rcx+40], r12
-        pop	rdi
-        pop	r15
-        pop	r14
-        pop	r13
-        pop	r12
-        ret
-sp_384_mont_dbl_lower_6 ENDP
-_text ENDS
-; /* Double a Montgomery form number (r = a + a % m).
-;  *
-;  * a is less than m.
-;  *
-;  * r   Result of doubling.
-;  * a   Number to double in Montgomery form.
-;  * m   Modulus (prime).
-;  */
-_text SEGMENT READONLY PARA
-sp_384_mont_tpl_lower_6 PROC
-        push	r12
-        push	r13
-        push	r14
-        push	r15
-        push	rdi
-        mov	rax, QWORD PTR [rdx]
-        mov	r8, QWORD PTR [rdx+8]
-        mov	r9, QWORD PTR [rdx+16]
-        mov	r10, QWORD PTR [rdx+24]
-        mov	r11, QWORD PTR [rdx+32]
-        mov	r12, QWORD PTR [rdx+40]
-        add	rax, rax
-        mov	r13, 4294967295
-        adc	r8, r8
-        mov	r14, 18446744069414584320
-        adc	r9, r9
-        mov	r15, 18446744073709551614
-        adc	r10, r10
-        adc	r11, r11
-        adc	r12, r12
-        sbb	rdi, rdi
-        and	r13, rdi
-        and	r14, rdi
-        and	r15, rdi
-        sub	rax, r13
-        sbb	r8, r14
-        mov	QWORD PTR [rcx], rax
-        sbb	r9, r15
-        sbb	r10, rdi
-        sbb	r11, rdi
-        sbb	r12, rdi
-        add	rax, QWORD PTR [rdx]
-        mov	r13, 4294967295
-        adc	r8, QWORD PTR [rdx+8]
-        mov	r14, 18446744069414584320
-        adc	r9, QWORD PTR [rdx+16]
-        mov	r15, 18446744073709551614
-        adc	r10, QWORD PTR [rdx+24]
-        adc	r11, QWORD PTR [rdx+32]
-        adc	r12, QWORD PTR [rdx+40]
-        sbb	rdi, rdi
-        and	r13, rdi
-        and	r14, rdi
-        and	r15, rdi
-        sub	rax, r13
-        sbb	r8, r14
-        sbb	r9, r15
-        sbb	r10, rdi
-        sbb	r11, rdi
-        sbb	r12, rdi
-        adc	rdi, 0
-        and	r13, rdi
-        and	r14, rdi
-        and	r15, rdi
-        sub	rax, r13
-        sbb	r8, r14
-        mov	QWORD PTR [rcx], rax
-        sbb	r9, r15
-        mov	QWORD PTR [rcx+8], r8
-        sbb	r10, rdi
-        mov	QWORD PTR [rcx+16], r9
-        sbb	r11, rdi
-        mov	QWORD PTR [rcx+24], r10
-        sbb	r12, rdi
-        mov	QWORD PTR [rcx+32], r11
-        mov	QWORD PTR [rcx+40], r12
-        pop	rdi
-        pop	r15
-        pop	r14
-        pop	r13
-        pop	r12
-        ret
-sp_384_mont_tpl_lower_6 ENDP
+sp_384_mont_div2_6 ENDP
 _text ENDS
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -60170,7 +59839,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -60626,7 +60295,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_384_div2_avx2_6 PROC
+sp_384_mont_div2_avx2_6 PROC
         push	r12
         push	r13
         mov	r13, QWORD PTR [rdx]
@@ -60686,14 +60355,14 @@ sp_384_div2_avx2_6 PROC
         pop	r13
         pop	r12
         ret
-sp_384_div2_avx2_6 ENDP
+sp_384_mont_div2_avx2_6 ENDP
 _text ENDS
 ENDIF
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -60774,7 +60443,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -60837,7 +60506,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -60918,7 +60587,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -63604,7 +63273,7 @@ _text ENDS
 ;  * a   First number to multiply in Montgomery form.
 ;  * b   Second number to multiply in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_521_mont_mul_9 PROC
@@ -64194,7 +63863,7 @@ _text ENDS
 ;  * r   Result of squaring.
 ;  * a   Number to square in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_521_mont_sqr_9 PROC
@@ -65318,7 +64987,7 @@ _text ENDS
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_521_div2_9 PROC
+sp_521_mont_div2_9 PROC
         push	r12
         push	r13
         push	r14
@@ -65370,13 +65039,13 @@ sp_521_div2_9 PROC
         pop	r13
         pop	r12
         ret
-sp_521_div2_9 ENDP
+sp_521_mont_div2_9 ENDP
 _text ENDS
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -65536,7 +65205,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible point that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of point to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -65652,7 +65321,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * a   First number to multiply in Montgomery form.
 ;  * b   Second number to multiply in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_521_mont_mul_avx2_9 PROC
@@ -66262,7 +65931,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * r   Result of squaring.
 ;  * a   Number to square in Montgomery form.
 ;  * m   Modulus (prime).
-;  * mp  Montgomery mulitplier.
+;  * mp  Montgomery multiplier.
 ;  */
 _text SEGMENT READONLY PARA
 sp_521_mont_sqr_avx2_9 PROC
@@ -67082,7 +66751,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_521_div2_avx2_9 PROC
+sp_521_mont_div2_avx2_9 PROC
         push	r12
         push	r13
         push	r14
@@ -67134,14 +66803,14 @@ sp_521_div2_avx2_9 PROC
         pop	r13
         pop	r12
         ret
-sp_521_div2_avx2_9 ENDP
+sp_521_mont_div2_avx2_9 ENDP
 _text ENDS
 ENDIF
 IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -67273,7 +66942,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -67358,7 +67027,7 @@ IFNDEF WC_NO_CACHE_RESISTANT
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -67490,7 +67159,7 @@ IFDEF HAVE_INTEL_AVX2
 ; /* Touch each possible entry that could be being copied.
 ;  *
 ;  * r      Point to copy into.
-;  * table  Table - start of the entires to access
+;  * table  Table - start of the entries to access
 ;  * idx    Index of entry to retrieve.
 ;  */
 _text SEGMENT READONLY PARA
@@ -75733,7 +75402,7 @@ _text ENDS
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_1024_div2_16 PROC
+sp_1024_mont_div2_16 PROC
         push	r12
         push	r13
         sub	rsp, 128
@@ -75874,67 +75543,7 @@ sp_1024_div2_16 PROC
         pop	r13
         pop	r12
         ret
-sp_1024_div2_16 ENDP
-_text ENDS
-; /* Sub b from a into r. (r = a - b)
-;  *
-;  * r  A single precision integer.
-;  * a  A single precision integer.
-;  * b  A single precision integer.
-;  */
-_text SEGMENT READONLY PARA
-sp_1024_sub_16 PROC
-        mov	r9, QWORD PTR [rdx]
-        sub	r9, QWORD PTR [r8]
-        mov	r10, QWORD PTR [rdx+8]
-        mov	QWORD PTR [rcx], r9
-        sbb	r10, QWORD PTR [r8+8]
-        mov	r9, QWORD PTR [rdx+16]
-        mov	QWORD PTR [rcx+8], r10
-        sbb	r9, QWORD PTR [r8+16]
-        mov	r10, QWORD PTR [rdx+24]
-        mov	QWORD PTR [rcx+16], r9
-        sbb	r10, QWORD PTR [r8+24]
-        mov	r9, QWORD PTR [rdx+32]
-        mov	QWORD PTR [rcx+24], r10
-        sbb	r9, QWORD PTR [r8+32]
-        mov	r10, QWORD PTR [rdx+40]
-        mov	QWORD PTR [rcx+32], r9
-        sbb	r10, QWORD PTR [r8+40]
-        mov	r9, QWORD PTR [rdx+48]
-        mov	QWORD PTR [rcx+40], r10
-        sbb	r9, QWORD PTR [r8+48]
-        mov	r10, QWORD PTR [rdx+56]
-        mov	QWORD PTR [rcx+48], r9
-        sbb	r10, QWORD PTR [r8+56]
-        mov	r9, QWORD PTR [rdx+64]
-        mov	QWORD PTR [rcx+56], r10
-        sbb	r9, QWORD PTR [r8+64]
-        mov	r10, QWORD PTR [rdx+72]
-        mov	QWORD PTR [rcx+64], r9
-        sbb	r10, QWORD PTR [r8+72]
-        mov	r9, QWORD PTR [rdx+80]
-        mov	QWORD PTR [rcx+72], r10
-        sbb	r9, QWORD PTR [r8+80]
-        mov	r10, QWORD PTR [rdx+88]
-        mov	QWORD PTR [rcx+80], r9
-        sbb	r10, QWORD PTR [r8+88]
-        mov	r9, QWORD PTR [rdx+96]
-        mov	QWORD PTR [rcx+88], r10
-        sbb	r9, QWORD PTR [r8+96]
-        mov	r10, QWORD PTR [rdx+104]
-        mov	QWORD PTR [rcx+96], r9
-        sbb	r10, QWORD PTR [r8+104]
-        mov	r9, QWORD PTR [rdx+112]
-        mov	QWORD PTR [rcx+104], r10
-        sbb	r9, QWORD PTR [r8+112]
-        mov	r10, QWORD PTR [rdx+120]
-        mov	QWORD PTR [rcx+112], r9
-        sbb	r10, QWORD PTR [r8+120]
-        mov	QWORD PTR [rcx+120], r10
-        sbb	rax, rax
-        ret
-sp_1024_sub_16 ENDP
+sp_1024_mont_div2_16 ENDP
 _text ENDS
 IFDEF HAVE_INTEL_AVX2
 ; /* Reduce the number back to 1024 bits using Montgomery reduction.
@@ -77012,7 +76621,7 @@ IFDEF HAVE_INTEL_AVX2
 ;  * m  Modulus (prime).
 ;  */
 _text SEGMENT READONLY PARA
-sp_1024_div2_avx2_16 PROC
+sp_1024_mont_div2_avx2_16 PROC
         push	r12
         push	r13
         mov	r13, QWORD PTR [rdx]
@@ -77152,7 +76761,7 @@ sp_1024_div2_avx2_16 PROC
         pop	r13
         pop	r12
         ret
-sp_1024_div2_avx2_16 ENDP
+sp_1024_mont_div2_avx2_16 ENDP
 _text ENDS
 ENDIF
 ; /* Read big endian unsigned byte array into r.
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c b/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
index 2600b775..65bb57a9 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/sphincs.c
@@ -76,22 +76,22 @@ int wc_sphincs_sign_msg(const byte* in, word32 inLen, byte* out, word32 *outLen,
 
     if (ret == 0) {
         if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
         }
         else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
         }
         else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
         }
 
         if (oqssig == NULL) {
@@ -183,22 +183,22 @@ int wc_sphincs_verify_msg(const byte* sig, word32 sigLen, const byte* msg,
 
     if (ret == 0) {
         if ((key->optim == FAST_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128f_simple);
         }
         else if ((key->optim == FAST_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192f_simple);
         }
         else if ((key->optim == FAST_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256f_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256f_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 1)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_128s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_128s_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 3)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_192s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_192s_simple);
         }
         else if ((key->optim == SMALL_VARIANT) && (key->level == 5)) {
-            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake256_256s_simple);
+            oqssig = OQS_SIG_new(OQS_SIG_alg_sphincs_shake_256s_simple);
         }
 
         if (oqssig == NULL) {
@@ -244,7 +244,7 @@ int wc_sphincs_init(sphincs_key* key)
 /* Set the level of the sphincs private/public key.
  *
  * key   [out]  Sphincs key.
- * level [in]   Either 2,3 or 5.
+ * level [in]   Either 1, 3 or 5.
  * optim [in]   Either FAST_VARIANT or SMALL_VARIANT.
  * returns BAD_FUNC_ARG when key is NULL or level or optim are bad values.
  */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c b/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
index 48d6b3bc..1b07f5d5 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/tfm.c
@@ -52,6 +52,39 @@
 #include <wolfcrypt/src/asm.c>  /* will define asm MACROS or C ones */
 #include <wolfssl/wolfcrypt/wolfmath.h> /* common functions */
 
+#ifdef WOLFSSL_ESPIDF
+    #include <esp_log.h>
+    #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
+#endif
+
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI)
+    static const char* TAG = "TFM"; /* esp log breadcrumb */
+    #if !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+        /* Each individual math HW can be turned on or off.
+         * Listed in order of complexity and historical difficulty. */
+        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+        #define WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+    #endif
+
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD)
+        #undef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+    #endif
+
+    /* Note with HW there's a ESP_RSA_EXPT_XBITS setting
+     * as for some small numbers, SW may be faster.
+     * See ESP_LOGV messages for ESP_RSA_EXPT_XBITS values. */
+
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI */
+
 #if defined(FREESCALE_LTC_TFM)
     #include <wolfssl/wolfcrypt/port/nxp/ksdk_port.h>
 #endif
@@ -139,11 +172,44 @@ int s_fp_add(fp_int *a, fp_int *b, fp_int *c)
   c->used = y;
 
   t = 0;
+#ifdef HONOR_MATH_USED_LENGTH
+  for (x = 0; x < y; x++) {
+      if ( (x < a->used) && (x < b->used) ) {
+          /* x is less than both [a].used and [b].used, so we add both */
+                  t += ((fp_word)a->dp[x])    +    ((fp_word)b->dp[x]);
+      }
+      else {
+          /* Here we honor the actual [a].used and [b].used values
+           * and NOT assume that values beyond [used] are zero. */
+          if ((x >= a->used) && (x < b->used)) {
+                  /* x more than [a].used, [b] ok, so just add [b] */
+                  t += /* ((fp_word)(0))      + */ ((fp_word)b->dp[x]);
+          }
+          else {
+              if ((x < a->used) && (x >= b->used)) {
+                  /* x more than [b].used, [a] ok, so just add [a] */
+                  t += ((fp_word)a->dp[x]) /* +     (fp_word)(0) */;
+              }
+              else {
+                  /* we should never get here, as a.used cannot be greater
+                   * than b.used, while b.used is greater than a.used! */
+               /* t += 0 + 0 */
+              }
+          }
+      }
+      c->dp[x]   = (fp_digit)t;
+      t        >>= DIGIT_BIT;
+  }
+
+#else
+  /* the original code */
   for (x = 0; x < y; x++) {
       t         += ((fp_word)a->dp[x]) + ((fp_word)b->dp[x]);
       c->dp[x]   = (fp_digit)t;
       t        >>= DIGIT_BIT;
   }
+#endif /* HONOR_MATH_USED_LENGTH */
+
   if (t != 0) {
      if (x == FP_SIZE)
          return FP_VAL;
@@ -229,15 +295,9 @@ void s_fp_sub(fp_int *a, fp_int *b, fp_int *c)
 /* c = a * b */
 int fp_mul(fp_int *A, fp_int *B, fp_int *C)
 {
-    int   ret = 0;
+    int   ret = FP_OKAY;
     int   y, yy, oldused;
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-  ret = esp_mp_mul(A, B, C);
-  if(ret != -2) return ret;
-#endif
-
     oldused = C->used;
 
     y  = MAX(A->used, B->used);
@@ -249,6 +309,36 @@ int fp_mul(fp_int *A, fp_int *B, fp_int *C)
        goto clean;
     }
 
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+    if (esp_hw_validation_active()) {
+        ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
+                      "during active validation.");
+    }
+    else {
+        ret = esp_mp_mul(A, B, C); /* HW accelerated multiply  */
+        switch (ret) {
+            case MP_OKAY:
+                goto clean; /* success */
+                break;
+
+            case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+            case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+            case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+                /* fall back to software, below */
+                break;
+
+            default:
+                /* Once we've failed, exit without trying to continue.
+                 * We may have mangled operands: (e.g. Z = X * Z)
+                 * Future implementation may consider saving operands,
+                 * but errors should never occur. */
+                goto clean;  /* error */
+                break;
+        }
+    }
+    /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
     /* pick a comba (unrolled 4/8/16/32 x or rolled) based on the size
        of the largest input.  We also want to avoid doing excess mults if the
        inputs are not close to the next power of two.  That is, for example,
@@ -536,6 +626,7 @@ WC_INLINE static int fp_mul_comba_mulx(fp_int *A, fp_int *B, fp_int *C)
 }
 #endif
 
+/*  C = (A * B)   */
 int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
 {
    int       ret = 0;
@@ -602,6 +693,8 @@ int fp_mul_comba(fp_int *A, fp_int *B, fp_int *C)
   COMBA_FINI;
 
   dst->used = pa;
+
+  /* warning: WOLFSSL_SP_INT_NEGATIVE may disable negative numbers */
   dst->sign = A->sign ^ B->sign;
   fp_clamp(dst);
   fp_copy(dst, C);
@@ -1802,7 +1895,7 @@ int fp_exptmod_nb(exptModNb_t* nb, fp_int* G, fp_int* X, fp_int* P, fp_int* Y)
 
   switch (nb->state) {
   case TFM_EXPTMOD_NB_INIT:
-    /* now setup montgomery */
+    /* now setup montgomery  */
     if ((err = fp_montgomery_setup(P, &nb->mp)) != FP_OKAY) {
       nb->state = TFM_EXPTMOD_NB_INIT;
       return err;
@@ -2158,6 +2251,7 @@ static int _fp_exptmod_ct(fp_int * G, fp_int * X, int digits, fp_int * P,
 #ifdef WOLFSSL_SMALL_STACK
    XFREE(R, NULL, DYNAMIC_TYPE_BIGINT);
 #endif
+
    return err;
 }
 
@@ -2993,13 +3087,11 @@ static int _fp_exptmod_base_2(fp_int * X, int digits, fp_int * P,
 #undef WINSIZE
 #endif
 
-
+/* Y = (G * X) mod P */
 int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
 {
-
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+    int retHW = FP_OKAY;
 #endif
 
    /* handle modulus of zero and prevent overflows */
@@ -3019,12 +3111,37 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
       return FP_OKAY;
    }
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   if(x > EPS_RSA_EXPT_XBTIS) {
-      return esp_mp_exptmod(G, X, x, P, Y);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+   if (esp_hw_validation_active()) {
+      ESP_LOGV(TAG, "Skipping call to esp_mp_exptmod "
+                    "during active validation.");
    }
-#endif
+   else {
+      /* HW accelerated exptmod  */
+      retHW = esp_mp_exptmod(G, X, P, Y);
+      switch (retHW) {
+         case MP_OKAY:
+            /* successfully computed in HW */
+            return retHW;
+            break;
+
+         case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+         case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+         case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+            /* use software calc */
+            break;
+
+         default:
+            /* Once we've failed, exit without trying to continue.
+             * We may have mangled operands: (e.g. Z = X * Z)
+             * Future implementation may consider saving operands,
+             * but hard errors should never actually occur. */
+            return retHW; /* error */
+            break;
+      } /* switch */
+   } /* if validation check */
+   /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
 
    if (X->sign == FP_NEG) {
 #ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
@@ -3049,11 +3166,11 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
       if (err == FP_OKAY) {
          fp_copy(X, &tmp[1]);
          tmp[1].sign = FP_ZPOS;
-#ifdef TFM_TIMING_RESISTANT
+   #ifdef TFM_TIMING_RESISTANT
          err =  _fp_exptmod_ct(&tmp[0], &tmp[1], tmp[1].used, P, Y);
-#else
+   #else
          err =  _fp_exptmod_nct(&tmp[0], &tmp[1], P, Y);
-#endif
+   #endif
          if ((err == 0) && (P->sign == FP_NEG)) {
             err = fp_add(Y, P, Y);
          }
@@ -3064,7 +3181,7 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
       return err;
 #else
       return FP_VAL;
-#endif
+#endif /* POSITIVE_EXP_ONLY check */
    }
    else if (G->used == 1 && G->dp[0] == 2) {
       return _fp_exptmod_base_2(X, X->used, P, Y);
@@ -3081,10 +3198,8 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
 
 int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
 {
-
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+   int retHW = FP_OKAY;
 #endif
 
    /* handle modulus of zero and prevent overflows */
@@ -3104,12 +3219,30 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
       return FP_OKAY;
    }
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   if(x > EPS_RSA_EXPT_XBTIS) {
-      return esp_mp_exptmod(G, X, x, P, Y);
-   }
-#endif
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+   retHW = esp_mp_exptmod(G, X, P, Y);
+   switch (retHW) {
+      case MP_OKAY:
+         /* successfully computed in HW */
+         return retHW;
+         break;
+
+      case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+         /* use software calc */
+         break;
+
+      default:
+         /* Once we've failed, exit without trying to continue.
+          * We may have mangled operands: (e.g. Z = X * Z)
+          * Future implementation may consider saving operands,
+          * but hard errors should never actually occur. */
+         return retHW;
+         break;
+   } /* HW result switch */
+   /* falling through to SW: */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
 
    if (X->sign == FP_NEG) {
 #ifndef POSITIVE_EXP_ONLY  /* reduce stack if assume no negatives */
@@ -3166,26 +3299,50 @@ int fp_exptmod_ex(fp_int * G, fp_int * X, int digits, fp_int * P, fp_int * Y)
 
 int fp_exptmod_nct(fp_int * G, fp_int * X, fp_int * P, fp_int * Y)
 {
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   int x = fp_count_bits (X);
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+   int retHW = FP_OKAY;
 #endif
 
+   /* handle modulus of zero and prevent overflows */
+   if (fp_iszero(P) || (P->used > (FP_SIZE/2))) {
+      return FP_VAL;
+   }
+   if (fp_isone(P)) {
+      fp_set(Y, 0);
+      return FP_OKAY;
+   }
+   if (fp_iszero(X)) {
+      fp_set(Y, 1);
+      return FP_OKAY;
+   }
    if (fp_iszero(G)) {
-      fp_set(G, 0);
+      fp_set(Y, 0);
       return FP_OKAY;
    }
 
-   /* prevent overflows */
-   if (P->used > (FP_SIZE/2)) {
-      return FP_VAL;
-   }
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+   retHW = esp_mp_exptmod(G, X, P, Y);
+   switch (retHW) {
+      case MP_OKAY:
+         /* successfully computed in HW */
+         return retHW;
+         break;
 
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-   if(x > EPS_RSA_EXPT_XBTIS) {
-      return esp_mp_exptmod(G, X, x, P, Y);
+      case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+         /* use software calc */
+         break;
+
+      default:
+         /* Once we've failed, exit without trying to continue.
+          * We may have mangled operands: (e.g. Z = X * Z)
+          * Future implementation may consider saving operands,
+          * but hard errors should never actually occur. */
+         return retHW;
+         break;
    }
+   /* falling through to SW: */
 #endif
 
    if (X->sign == FP_NEG) {
@@ -3271,6 +3428,36 @@ int fp_sqr(fp_int *A, fp_int *B)
        goto clean;
     }
 
+#if defined(WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL)
+    if (esp_hw_validation_active()) {
+        ESP_LOGV(TAG, "Skipping call to esp_mp_mul "
+                      "during active validation.");
+    }
+    else {
+        err = esp_mp_mul(A, A, B); /* HW accelerated multiply  */
+        switch (err) {
+            case MP_OKAY:
+                goto clean; /* success */
+                break;
+
+            case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+            case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+            case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+                /* fall back to software, below */
+                break;
+
+            default:
+                /* Once we've failed, exit without trying to continue.
+                 * We may have mangled operands: (e.g. Z = X * Z)
+                 * Future implementation may consider saving operands,
+                 * but errors should never occur. */
+                goto clean;  /* error */
+                break;
+        }
+    }
+    /* fall through to software calcs */
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
 #if defined(TFM_SQR3) && FP_SIZE >= 6
         if (y <= 3) {
            err = fp_sqr_comba3(A,B);
@@ -3864,8 +4051,16 @@ int fp_read_unsigned_bin(fp_int *a, const unsigned char *b, int c)
   /* zero the int */
   fp_zero (a);
 
+  if (c < 0) {
+      return FP_VAL;
+  }
+
+  if (c == 0) {
+      return FP_OKAY;
+  }
+
   /* if input b excess max, then truncate */
-  if (c > 0 && (word32)c > maxC) {
+  if ((word32)c > maxC) {
      int excess = (c - maxC);
      c -= excess;
      b += excess;
@@ -4394,6 +4589,9 @@ void fp_clear(fp_int *a)
 
 void fp_forcezero (mp_int * a)
 {
+    if (a == NULL)
+      return;
+
     int size;
     a->used = 0;
     a->sign = FP_ZPOS;
@@ -4491,16 +4689,32 @@ int wolfcrypt_mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
 int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d)
 #endif
 {
- #if defined(WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI) && \
-    !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-    int A = fp_count_bits (a);
-    int B = fp_count_bits (b);
+   int ret = MP_OKAY;
+#ifdef WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+   ret = esp_mp_mulmod(a, b, c, d);
+   switch (ret) {
+      case MP_OKAY:
+         /* successfully computed in HW */
+         break;
 
-    if( A >= ESP_RSA_MULM_BITS && B >= ESP_RSA_MULM_BITS)
-        return esp_mp_mulmod(a, b, c, d);
-    else
- #endif
-   return fp_mulmod(a, b, c, d);
+      case WC_HW_WAIT_E: /* MP_HW_BUSY math HW busy, fall back */
+      case MP_HW_FALLBACK:    /* forced fallback from HW to SW */
+      case MP_HW_VALIDATION_ACTIVE: /* use SW to compare to HW */
+         /* use software calc */
+         ret = fp_mulmod(a, b, c, d);
+         break;
+
+      default:
+         /* Once we've failed, exit without trying to continue.
+          * We may have mangled operands: (e.g. Z = X * Z)
+          * Future implementation may consider saving operands,
+          * but hard errors should never actually occur. */
+         break;
+   }
+#else /* no HW */
+   ret = fp_mulmod(a, b, c, d);
+#endif /* WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
+   return ret;
 }
 
 /* d = a - b (mod c) */
@@ -4649,6 +4863,12 @@ int mp_div_2d(fp_int* a, int b, fp_int* c, fp_int* d)
   return MP_OKAY;
 }
 
+int mp_mod_2d(fp_int* a, int b, fp_int* c)
+{
+  fp_mod_2d(a, b, c);
+  return MP_OKAY;
+}
+
 /* copy (src = a) to (dst = b) */
 void fp_copy(const fp_int *a, fp_int *b)
 {
@@ -4704,12 +4924,12 @@ int mp_copy(const fp_int* a, fp_int* b)
     return MP_OKAY;
 }
 
-int mp_isodd(mp_int* a)
+int mp_isodd(const mp_int* a)
 {
     return fp_isodd(a);
 }
 
-int mp_iszero(mp_int* a)
+int mp_iszero(const mp_int* a)
 {
     return fp_iszero(a);
 }
@@ -4803,21 +5023,10 @@ int mp_montgomery_calc_normalization(mp_int *a, mp_int *b)
 
 #endif /* WOLFSSL_KEY_GEN || HAVE_ECC */
 
-static int fp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
+static int fp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
 {
     int i;
     mp_digit mask = (mp_digit)0 - m;
-#ifndef WOLFSSL_SMALL_STACK
-    fp_int  t[1];
-#else
-    fp_int* t;
-#endif
-
-#ifdef WOLFSSL_SMALL_STACK
-   t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT);
-   if (t == NULL)
-       return FP_MEM;
-#endif
 
     t->used = (a->used ^ b->used) & mask;
     for (i = 0; i < c; i++) {
@@ -4832,6 +5041,26 @@ static int fp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m)
         b->dp[i] ^= t->dp[i];
     }
 
+    return FP_OKAY;
+}
+
+
+static int fp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
+{
+#ifndef WOLFSSL_SMALL_STACK
+    fp_int  t[1];
+#else
+    fp_int* t;
+#endif
+
+#ifdef WOLFSSL_SMALL_STACK
+   t = (fp_int*)XMALLOC(sizeof(fp_int), NULL, DYNAMIC_TYPE_BIGINT);
+   if (t == NULL)
+       return FP_MEM;
+#endif
+
+   fp_cond_swap_ct_ex(a, b, c, m, t);
+
 #ifdef WOLFSSL_SMALL_STACK
     XFREE(t, NULL, DYNAMIC_TYPE_BIGINT);
 #endif
@@ -5422,7 +5651,12 @@ int mp_prime_is_prime_ex(mp_int* a, int t, int* result, WC_RNG* rng)
 #endif /* !NO_RSA || !NO_DSA || !NO_DH || WOLFSSL_KEY_GEN */
 
 
-int mp_cond_swap_ct(mp_int * a, mp_int * b, int c, int m)
+int mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t)
+{
+    return fp_cond_swap_ct_ex(a, b, c, m, t);
+}
+
+int mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m)
 {
     return fp_cond_swap_ct(a, b, c, m);
 }
@@ -5825,15 +6059,8 @@ int mp_read_radix(mp_int *a, const char *str, int radix)
 
 #endif /* !defined(NO_DSA) || defined(HAVE_ECC) */
 
-#ifdef HAVE_ECC
-
-/* fast math conversion */
-int mp_sqr(fp_int *A, fp_int *B)
-{
-    return fp_sqr(A, B);
-}
+#if defined(HAVE_ECC) || (!defined(NO_RSA) && defined(WC_RSA_BLINDING))
 
-/* fast math conversion */
 int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp)
 {
     return fp_montgomery_reduce(a, m, mp);
@@ -5851,6 +6078,17 @@ int mp_montgomery_setup(fp_int *a, fp_digit *rho)
     return fp_montgomery_setup(a, rho);
 }
 
+#endif /* HAVE_ECC || (!NO_RSA && WC_RSA_BLINDING) */
+
+#ifdef HAVE_ECC
+
+/* fast math conversion */
+int mp_sqr(fp_int *A, fp_int *B)
+{
+    return fp_sqr(A, B);
+}
+
+/* fast math conversion */
 int mp_div_2(fp_int * a, fp_int * b)
 {
     fp_div_2(a, b);
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c
new file mode 100644
index 00000000..60e8519d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_lms.c
@@ -0,0 +1,26 @@
+/* wc_lms.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+    #error "Contact wolfSSL to get the implementation of this file"
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
index 6ae88d79..0d7bd6e2 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_pkcs11.c
@@ -74,7 +74,7 @@
 #endif
 
 
-/* Maximim length of the EC parameter string. */
+/* Maximum length of the EC parameter string. */
 #define MAX_EC_PARAM_LEN   16
 
 
@@ -403,11 +403,11 @@ static void pkcs11_val(const char* op, CK_ULONG val)
 }
 #else
 /* Disable logging of PKCS#11 calls and return value. */
-#define PKCS11_RV(op, ev)
+#define PKCS11_RV(op, ev) WC_DO_NOTHING
 /* Disable logging of PKCS#11 calls and value. */
-#define PKCS11_VAL(op, val)
+#define PKCS11_VAL(op, val) WC_DO_NOTHING
 /* Disable logging of PKCS#11 template. */
-#define PKCS11_DUMP_TEMPLATE(name, templ, cnt)
+#define PKCS11_DUMP_TEMPLATE(name, templ, cnt) WC_DO_NOTHING
 #endif
 
 /**
@@ -3755,7 +3755,12 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx)
     int ret = 0;
     Pkcs11Token* token = (Pkcs11Token*)ctx;
     Pkcs11Session session;
+
+#ifdef WOLFSSL_PKCS11_RW_TOKENS
+    int readWrite = 1;
+#else
     int readWrite = 0;
+#endif
 
     if (devId <= INVALID_DEVID || info == NULL || ctx == NULL)
         ret = BAD_FUNC_ARG;
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
index b6b8c1fd..ef61df84 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_port.c
@@ -61,9 +61,8 @@
 #if defined(WOLFSSL_RENESAS_TSIP)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h>
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    #include <wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h>
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
 #endif
 #if defined(WOLFSSL_RENESAS_RX64_HASH)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h>
@@ -85,6 +84,9 @@
 #if defined(WOLFSSL_CAAM)
     #include <wolfssl/wolfcrypt/port/caam/wolfcaam.h>
 #endif
+#if defined(HAVE_ARIA)
+    #include <wolfssl/wolfcrypt/port/aria/aria-cryptocb.h>
+#endif
 #if defined(WOLFSSL_DEVCRYPTO)
     #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
 #endif
@@ -171,7 +173,7 @@ int wolfCrypt_Init(void)
         }
     #endif
 
-    #if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+    #if defined(WOLFSSL_RENESAS_TSIP)
         ret = tsip_Open( );
         if( ret != TSIP_SUCCESS ) {
             WOLFSSL_MSG("RENESAS TSIP Open failed");
@@ -191,9 +193,8 @@ int wolfCrypt_Init(void)
     }
     #endif
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-            defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        ret = wc_sce_Open( );
+    #if defined(WOLFSSL_RENESAS_FSPSM)
+        ret = wc_fspsm_Open( );
         if( ret != FSP_SUCCESS ) {
             WOLFSSL_MSG("RENESAS SCE Open failed");
             /* not return 1 since WOLFSSL_SUCCESS=1*/
@@ -367,6 +368,12 @@ int wolfCrypt_Init(void)
         }
 #endif
 
+#if defined(HAVE_ARIA)
+        if ((ret = wc_AriaInit()) != 0) {
+            return ret;
+        }
+#endif
+
 #ifdef WOLFSSL_IMXRT_DCP
         if ((ret = wc_dcp_init()) != 0) {
             return ret;
@@ -385,7 +392,7 @@ int wolfCrypt_Init(void)
     return ret;
 }
 
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
 long wolfCrypt_heap_peakAllocs_checkpoint(void) {
     long ret = ourMemStats.peakAllocsTripOdometer;
     ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs -
@@ -441,9 +448,8 @@ int wolfCrypt_Cleanup(void)
         rx64_hw_Close();
     #endif
 
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-        wc_sce_Close();
+    #if defined(WOLFSSL_RENESAS_FSPSM)
+        wc_fspsm_Close();
     #endif
 
     #ifdef WOLFSSL_SCE
@@ -459,7 +465,7 @@ int wolfCrypt_Cleanup(void)
     #ifdef WOLFSSL_SILABS_SE_ACCEL
         ret = sl_se_deinit();
     #endif
-    #if defined(WOLFSSL_RENESAS_TSIP_CRYPT)
+    #if defined(WOLFSSL_RENESAS_TSIP)
         tsip_Close();
     #endif
     #if defined(WOLFSSL_DEVCRYPTO)
@@ -477,7 +483,11 @@ int wolfCrypt_Cleanup(void)
         Entropy_Final();
     #endif
 
-    #ifdef WOLFSSL_MEM_FAIL_COUNT
+    #ifdef WOLF_CRYPTO_CB
+        wc_CryptoCb_Cleanup();
+    #endif
+
+    #if defined(WOLFSSL_MEM_FAIL_COUNT) && defined(WOLFCRYPT_ONLY)
         wc_MemFailCount_Free();
     #endif
     #ifdef WOLFSSL_CHECK_MEM_ZERO
@@ -963,6 +973,7 @@ XFILE z_fs_open(const char* filename, const char* mode)
 
     file = (XFILE)XMALLOC(sizeof(*file), NULL, DYNAMIC_TYPE_FILE);
     if (file != NULL) {
+        fs_file_t_init(file);
         if (fs_open(file, filename, flags) != 0) {
             XFREE(file, NULL, DYNAMIC_TYPE_FILE);
             file = NULL;
@@ -1342,6 +1353,14 @@ int wolfSSL_CryptHwMutexUnLock(void)
         compat_mutex_cb = cb;
         return 0;
     }
+
+    /* Gets the current callback function in use for locking/unlocking mutex
+     *
+     */
+    mutex_cb* wc_GetMutexCb(void)
+    {
+        return compat_mutex_cb;
+    }
 #endif /* defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) */
 #ifdef SINGLE_THREADED
 
@@ -1470,7 +1489,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
         return 0;
     }
 
-#elif defined(USE_WINDOWS_API)
+#elif defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
 
     int wc_InitMutex(wolfSSL_Mutex* m)
     {
@@ -1721,7 +1740,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
     #ifdef WOLFSSL_USE_RWLOCK
         int wc_InitRwLock(wolfSSL_RwLock* m)
         {
-            if (pthread_rwlock_init(m, 0) == 0)
+            if (pthread_rwlock_init(m, NULL) == 0)
                 return 0;
             else
                 return BAD_MUTEX_E;
@@ -1762,7 +1781,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
 
     int wc_InitMutex(wolfSSL_Mutex* m)
     {
-        if (pthread_mutex_init(m, 0) == 0)
+        if (pthread_mutex_init(m, NULL) == 0)
             return 0;
         else
             return BAD_MUTEX_E;
@@ -2031,7 +2050,7 @@ int wolfSSL_CryptHwMutexUnLock(void)
     }
 
 #elif defined(EBSNET)
-
+    #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
     int wc_InitMutex(wolfSSL_Mutex* m)
     {
         if (rtp_sig_mutex_alloc(m, "wolfSSL Mutex") == -1)
@@ -2072,6 +2091,66 @@ int wolfSSL_CryptHwMutexUnLock(void)
 
         return(retval);
     }
+    #else
+    static int rtip_semaphore_build(wolfSSL_Mutex *m)
+    {
+        KS_SEMAPHORE_BUILD(m)
+        return(RTP_TRUE);
+    }
+
+    int wc_InitMutex(wolfSSL_Mutex* m)
+    {
+        if (rtip_semaphore_build(m) == RTP_FALSE)
+            return BAD_MUTEX_E;
+        else
+            return 0;
+    }
+
+    int wc_FreeMutex(wolfSSL_Mutex* m)
+    {
+        KS_SEMAPHORE_FREE(*m);
+        return 0;
+    }
+
+    int wc_LockMutex(wolfSSL_Mutex* m)
+    {
+        if (KS_SEMAPHORE_GET(*m))
+            return 0;
+        else
+            return BAD_MUTEX_E;
+    }
+
+    int wc_UnLockMutex(wolfSSL_Mutex* m)
+    {
+        KS_SEMAPHORE_GIVE(*m);
+        return 0;
+    }
+    #endif
+    int ebsnet_fseek(int a, long b, int c)
+    {
+        int retval;
+
+        retval = (int)vf_lseek(a, b, c);
+        if (retval > 0)
+            retval = 0;
+        else
+            retval =  -1;
+
+        return(retval);
+    }
+
+    int strcasecmp(const char *s1, const char *s2)
+    {
+        while (rtp_tolower(*s1) == rtp_tolower(*s2)) {
+            if (*s1 == '\0' || *s2 == '\0')
+                break;
+            s1++;
+            s2++;
+        }
+
+        return rtp_tolower(*(unsigned char *) s1) -
+               rtp_tolower(*(unsigned char *) s2);
+    }
 
 #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
 
@@ -2730,6 +2809,35 @@ int wolfSSL_CryptHwMutexUnLock(void)
         return 0;
     }
 
+#elif defined(NETOS)
+
+    int wc_InitMutex(wolfSSL_Mutex* m)
+    {
+        if (tx_mutex_create(&ready->mutex, "wolfSSL Lock", TX_INHERIT)
+                == TX_SUCCESS)
+            return 0;
+        else
+            return BAD_MUTEX_E;
+    }
+
+    int wc_FreeMutex(wolfSSL_Mutex* m)
+    {
+        if (tx_mutex_delete(&ready->mutex) == TX_SUCCESS)
+            return 0;
+        else
+            return BAD_MUTEX_E;
+    }
+
+    int wc_LockMutex(wolfSSL_Mutex* m)
+    {
+
+    }
+
+    int wc_UnLockMutex(wolfSSL_Mutex* m)
+    {
+
+    }
+
 #elif defined(WOLFSSL_USER_MUTEX)
 
     /* Use user own mutex */
@@ -2814,7 +2922,7 @@ time_t mynewt_time(time_t* timer)
 #endif /* WOLFSSL_APACHE_MYNEWT */
 
 #if defined(WOLFSSL_GMTIME)
-struct tm* gmtime(const time_t* timer)
+struct tm* gmtime_r(const time_t* timer, struct tm *ret)
 {
     #define YEAR0          1900
     #define EPOCH_YEAR     1970
@@ -2828,8 +2936,6 @@ struct tm* gmtime(const time_t* timer)
         {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
     };
 
-    static struct tm st_time;
-    struct tm* ret = &st_time;
     time_t secs = *timer;
     unsigned long dayclock, dayno;
     int year = EPOCH_YEAR;
@@ -2863,6 +2969,12 @@ struct tm* gmtime(const time_t* timer)
 
     return ret;
 }
+
+struct tm* gmtime(const time_t* timer) {
+    static struct tm st_time;
+    return gmtime_r(timer, &st_time);
+}
+
 #endif /* WOLFSSL_GMTIME */
 
 
@@ -3056,6 +3168,30 @@ time_t z_time(time_t * timer)
 {
     struct timespec ts;
 
+    #if defined(CONFIG_RTC) && \
+        (defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC))
+    /* Try to obtain the actual time from an RTC */
+    static const struct device *rtc = DEVICE_DT_GET(DT_NODELABEL(rtc));
+
+    if (device_is_ready(rtc)) {
+        struct rtc_time rtc_time;
+        struct tm *tm_time = rtc_time_to_tm(&rtc_time);
+
+        int ret = rtc_get_time(rtc, &rtc_time);
+
+        if (ret == 0) {
+            time_t epochTime = mktime(tm_time);
+
+            if (timer != NULL)
+                *timer = epochTime;
+
+            return epochTime;
+        }
+    }
+    #endif
+
+    /* Fallback to uptime since boot. This works for relative times, but
+     * not for ASN.1 date validation */
     if (clock_gettime(CLOCK_REALTIME, &ts) == 0)
         if (timer != NULL)
             *timer = ts.tv_sec;
@@ -3176,8 +3312,10 @@ time_t stm32_hal_time(time_t *t1)
     HAL_RTC_GetTime(&hrtc, &time, FORMAT_BIN);
     HAL_RTC_GetDate(&hrtc, &date, FORMAT_BIN);
 
-    tm_time.tm_year  = date.Year;
-    tm_time.tm_mon   = date.Month - 1;          /* gm starts at 0 */
+    /* RTC year is 0-99 and "struct tm" is 1900+, so assume after year 2000 */
+    tm_time.tm_year  = date.Year + 100;
+    /* RTC month is 1-12 and "struct tm" is 0-12, so subtract 1 */
+    tm_time.tm_mon   = date.Month - 1;
     tm_time.tm_mday  = date.Date;
     tm_time.tm_hour  = time.Hours;
     tm_time.tm_min   = time.Minutes;
@@ -3284,3 +3422,521 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n)
         #include <wolfcrypt/src/port/arm/cryptoCellHash.c> /* sha256 */
     #endif
 #endif
+
+
+#ifndef SINGLE_THREADED
+
+#if defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
+    int wolfSSL_NewThread(THREAD_TYPE* thread,
+        THREAD_CB cb, void* arg)
+    {
+        if (thread == NULL || cb == NULL)
+            return BAD_FUNC_ARG;
+
+        /* Use _beginthreadex instead of _beginthread because of:
+         *   _beginthreadex is safer to use than _beginthread. If the thread
+         *   that's generated by _beginthread exits quickly, the handle that's
+         *   returned to the caller of _beginthread might be invalid or point
+         *   to another thread. However, the handle that's returned by
+         *   _beginthreadex has to be closed by the caller of _beginthreadex,
+         *   so it's guaranteed to be a valid handle if _beginthreadex didn't
+         *   return an error.*/
+        *thread = _beginthreadex(NULL, 0, cb, arg, 0, NULL);
+        if (*thread == 0) {
+            *thread = INVALID_THREAD_VAL;
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+#ifdef WOLFSSL_THREAD_NO_JOIN
+    int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb, void* arg)
+    {
+        THREAD_TYPE thread;
+
+        if (cb == NULL)
+            return BAD_FUNC_ARG;
+
+        thread = _beginthread(cb, 0, arg);
+        if (thread == -1L) {
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+#endif
+
+    int wolfSSL_JoinThread(THREAD_TYPE thread)
+    {
+        int ret = 0;
+
+        if (thread == INVALID_THREAD_VAL)
+            return BAD_FUNC_ARG;
+
+        /* We still want to attempt to close the thread handle even on error */
+        if (WaitForSingleObject((HANDLE)thread, INFINITE) == WAIT_FAILED)
+            ret = MEMORY_E;
+
+        if (CloseHandle((HANDLE)thread) == 0)
+            ret = MEMORY_E;
+
+        return ret;
+    }
+
+#ifdef WOLFSSL_COND
+    int wolfSSL_CondInit(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        cond->cond = CreateEventA(NULL, FALSE, FALSE, NULL);
+        if (cond->cond == NULL)
+            return MEMORY_E;
+
+        if (wc_InitMutex(&cond->mutex) != 0) {
+            if (CloseHandle(cond->cond) == 0)
+                return MEMORY_E;
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+    int wolfSSL_CondFree(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (CloseHandle(cond->cond) == 0)
+            return MEMORY_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondStart(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondSignal(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        if (SetEvent(cond->cond) == 0)
+            return MEMORY_E;
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondWait(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        if (WaitForSingleObject(cond->cond, INFINITE) == WAIT_FAILED)
+            return MEMORY_E;
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondEnd(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+#endif /* WOLFSSL_COND */
+
+#elif defined(WOLFSSL_TIRTOS)
+
+    int wolfSSL_NewThread(THREAD_TYPE* thread,
+        THREAD_CB cb, void* arg)
+    {
+        /* Initialize the defaults and set the parameters. */
+        Task_Params taskParams;
+        Task_Params_init(&taskParams);
+        taskParams.arg0 = (UArg)arg;
+        taskParams.stackSize = 65535;
+        *thread = Task_create((Task_FuncPtr)cb, &taskParams, NULL);
+        if (*thread == NULL) {
+            return MEMORY_E;
+        }
+        Task_yield();
+        return 0;
+    }
+
+    int wolfSSL_JoinThread(THREAD_TYPE thread)
+    {
+        while(1) {
+            if (Task_getMode(thread) == Task_Mode_TERMINATED) {
+                Task_sleep(5);
+                break;
+            }
+            Task_yield();
+        }
+        return 0;
+    }
+
+#elif defined(NETOS)
+
+    int wolfSSL_NewThread(THREAD_TYPE* thread,
+        THREAD_CB cb, void* arg)
+    {
+        /* For backwards compatibility allow using this declaration as well. */
+        #ifdef TESTSUITE_THREAD_STACK_SZ
+            #define WOLFSSL_NETOS_STACK_SZ TESTSUITE_THREAD_STACK_SZ
+        #endif
+        /* This can be adjusted by defining in user_settings.h, will default to
+         * 65k in the event it is undefined */
+        #ifndef WOLFSSL_NETOS_STACK_SZ
+            #define WOLFSSL_NETOS_STACK_SZ 65535
+        #endif
+        int result;
+
+        if (thread == NULL || cb == NULL)
+            return BAD_FUNC_ARG;
+
+        XMEMSET(thread, 0, sizeof(*thread));
+
+        thread->threadStack = (void *)XMALLOC(WOLFSSL_NETOS_STACK_SZ, NULL,
+                DYNAMIC_TYPE_TMP_BUFFER);
+        if (thread->threadStack == NULL)
+            return MEMORY_E;
+
+
+        /* first create the idle thread:
+         * ARGS:
+         * Param1: pointer to thread
+         * Param2: name
+         * Param3 and 4: entry function and input
+         * Param5: pointer to thread stack
+         * Param6: stack size
+         * Param7 and 8: priority level and preempt threshold
+         * Param9 and 10: time slice and auto-start indicator */
+        result = tx_thread_create(&thread->tid,
+                           "wolfSSL thread",
+                           (entry_functionType)cb, (ULONG)arg,
+                           thread->threadStack,
+                           TESTSUITE_THREAD_STACK_SZ,
+                           2, 2,
+                           1, TX_AUTO_START);
+        if (result != TX_SUCCESS) {
+            free(thread->threadStack);
+            thread->threadStack = NULL;
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+    int wolfSSL_JoinThread(THREAD_TYPE thread)
+    {
+        /* TODO: maybe have to use tx_thread_delete? */
+        free(thread.threadStack);
+        thread.threadStack = NULL;
+        return 0;
+    }
+
+#elif defined(WOLFSSL_ZEPHYR)
+
+    int wolfSSL_NewThread(THREAD_TYPE* thread,
+        THREAD_CB cb, void* arg)
+    {
+        #ifndef WOLFSSL_ZEPHYR_STACK_SZ
+            #define WOLFSSL_ZEPHYR_STACK_SZ (24*1024)
+        #endif
+
+        if (thread == NULL || cb == NULL)
+            return BAD_FUNC_ARG;
+
+        XMEMSET(thread, 0, sizeof(*thread));
+
+        /* TODO: Use the following once k_thread_stack_alloc makes it into a
+         * release.
+         * thread->threadStack = k_thread_stack_alloc(WOLFSSL_ZEPHYR_STACK_SZ,
+         *                                            0);
+         */
+        thread->threadStack = (void*)XMALLOC(
+                Z_KERNEL_STACK_SIZE_ADJUST(WOLFSSL_ZEPHYR_STACK_SZ), 0,
+                                             DYNAMIC_TYPE_TMP_BUFFER);
+        if (thread->threadStack == NULL)
+            return MEMORY_E;
+
+        /* k_thread_create does not return any error codes */
+        /* Casting to k_thread_entry_t should be fine since we just ignore the
+         * extra arguments being passed in */
+        k_thread_create(&thread->tid, thread->threadStack,
+                WOLFSSL_ZEPHYR_STACK_SZ, (k_thread_entry_t)cb, arg, NULL, NULL,
+                5, 0, K_NO_WAIT);
+
+        return 0;
+    }
+
+    int wolfSSL_JoinThread(THREAD_TYPE thread)
+    {
+        int ret = 0;
+        int err;
+
+        err = k_thread_join(&thread.tid, K_FOREVER);
+        if (err != 0)
+            ret = MEMORY_E;
+
+        /* TODO: Use the following once k_thread_stack_free makes it into a
+         * release.
+         * err = k_thread_stack_free(thread.threadStack);
+         * if (err != 0)
+         *     ret = MEMORY_E;
+         */
+        XFREE(thread.threadStack, NULL, DYNAMIC_TYPE_TMP_BUFFER);
+        thread.threadStack = NULL;
+
+        /* No thread resources to free. Everything is stored in thread.tid */
+
+        return ret;
+    }
+
+#ifdef WOLFSSL_COND
+    /* Use the pthreads translation layer for signaling */
+
+#endif /* WOLFSSL_COND */
+
+#elif defined(WOLFSSL_PTHREADS)
+
+    int wolfSSL_NewThread(THREAD_TYPE* thread,
+        THREAD_CB cb, void* arg)
+    {
+        if (thread == NULL || cb == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_create(thread, NULL, cb, arg) != 0)
+            return MEMORY_E;
+
+        return 0;
+    }
+
+#ifdef WOLFSSL_THREAD_NO_JOIN
+    int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb, void* arg)
+    {
+        THREAD_TYPE thread;
+        int ret;
+        XMEMSET(&thread, 0, sizeof(thread));
+        ret = wolfSSL_NewThread(&thread, cb, arg);
+        if (ret == 0)
+            ret = pthread_detach(thread);
+        return ret;
+    }
+#endif
+
+    int wolfSSL_JoinThread(THREAD_TYPE thread)
+    {
+        if (thread == INVALID_THREAD_VAL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_join(thread, NULL) != 0)
+            return MEMORY_E;
+
+        return 0;
+    }
+
+#ifdef WOLFSSL_COND
+    #ifndef __MACH__
+    /* Generic POSIX conditional */
+    int wolfSSL_CondInit(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_mutex_init(&cond->mutex, NULL) != 0)
+            return MEMORY_E;
+
+        if (pthread_cond_init(&cond->cond, NULL) != 0) {
+            /* Keep compilers happy that we are using the return code */
+            if (pthread_mutex_destroy(&cond->mutex) != 0)
+                return MEMORY_E;
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+    int wolfSSL_CondFree(COND_TYPE* cond)
+    {
+        int ret = 0;
+
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_mutex_destroy(&cond->mutex) != 0)
+            ret = MEMORY_E;
+
+        if (pthread_cond_destroy(&cond->cond) != 0)
+            ret = MEMORY_E;
+
+        return ret;
+    }
+
+    int wolfSSL_CondStart(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_mutex_lock(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondSignal(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_cond_signal(&cond->cond) != 0)
+            return MEMORY_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondWait(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_cond_wait(&cond->cond, &cond->mutex) != 0)
+            return MEMORY_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondEnd(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (pthread_mutex_unlock(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+    #else /* __MACH__ */
+    /* Apple style dispatch semaphore */
+    int wolfSSL_CondInit(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        /* dispatch_release() fails hard, with Trace/BPT trap signal, if the
+         * sem's internal count is less than the value passed in with
+         * dispatch_semaphore_create().  work around this by initing
+         * with 0, then incrementing it afterwards.
+         */
+        cond->cond = dispatch_semaphore_create(0);
+        if (cond->cond == NULL)
+            return MEMORY_E;
+
+        if (wc_InitMutex(&cond->mutex) != 0) {
+            dispatch_release(cond->cond);
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+    int wolfSSL_CondFree(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        dispatch_release(cond->cond);
+        cond->cond = NULL;
+
+        if (wc_FreeMutex(&cond->mutex) != 0) {
+            return MEMORY_E;
+        }
+
+        return 0;
+    }
+
+    int wolfSSL_CondStart(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondSignal(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        dispatch_semaphore_signal(cond->cond);
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondWait(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        dispatch_semaphore_wait(cond->cond, DISPATCH_TIME_FOREVER);
+
+        if (wc_LockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+
+    int wolfSSL_CondEnd(COND_TYPE* cond)
+    {
+        if (cond == NULL)
+            return BAD_FUNC_ARG;
+
+        if (wc_UnLockMutex(&cond->mutex) != 0)
+            return BAD_MUTEX_E;
+
+        return 0;
+    }
+    #endif /* __MACH__ */
+#endif /* WOLFSSL_COND */
+
+#endif
+
+#endif /* SINGLE_THREADED */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c
new file mode 100644
index 00000000..545b531c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wc_xmss.c
@@ -0,0 +1,26 @@
+/* wc_xmss.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#include <wolfssl/wolfcrypt/settings.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+    #error "Contact wolfSSL to get the implementation of this file"
+#endif
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c b/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
index 492d085a..01ddd113 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/wolfevent.c
@@ -180,8 +180,12 @@ int wolfEventQueue_Remove(WOLF_EVENT_QUEUE* queue, WOLF_EVENT* event)
     else {
         WOLF_EVENT* next = event->next;
         WOLF_EVENT* prev = event->prev;
-        next->prev = prev;
-        prev->next = next;
+        if ((next == NULL) || (prev == NULL)) {
+            ret = BAD_STATE_E;
+        } else {
+            next->prev = prev;
+            prev->next = next;
+        }
     }
     queue->count--;
 
@@ -205,7 +209,7 @@ int wolfEventQueue_Poll(WOLF_EVENT_QUEUE* queue, void* context_filter,
     }
 #endif
 
-    /* iterrate event queue */
+    /* iterate event queue */
     for (event = queue->head; event != NULL; event = event->next)
     {
         /* optional filter based on context */
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/test/test.c b/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
index bcdf69e0..0d1bf239 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/test/test.c
@@ -19,6 +19,15 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+/*
+ * Some common, optional build settings:
+ * these can also be set in wolfssl/options.h or user_settings.h
+ * -------------------------------------------------------------
+ *
+ * set the default devId for cryptocb to the value instead of INVALID_DEVID
+ * WC_USE_DEVID=0x1234
+ */
+
 #ifdef HAVE_CONFIG_H
     #include <config.h>
 #endif
@@ -49,13 +58,17 @@
 
 #ifdef HAVE_STACK_SIZE_VERBOSE
 #ifdef WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES
-    static ssize_t max_relative_stack = WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
+    static WC_MAYBE_UNUSED ssize_t max_relative_stack =
+        WOLFSSL_TEST_MAX_RELATIVE_STACK_BYTES;
 #else
-    static ssize_t max_relative_stack = -1;
+    static WC_MAYBE_UNUSED ssize_t max_relative_stack = -1;
 #endif
 #endif
 
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+const byte const_byte_array[] = "A+Gd\0\0\0";
+#define CBPTR_EXPECTED 'A'
+
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
 #ifdef WOLFSSL_TEST_MAX_RELATIVE_HEAP_ALLOCS
     static ssize_t max_relative_heap_allocs = WOLFSSL_TEST_MAX_RELATIVE_HEAP_ALLOCS;
 #else
@@ -83,8 +96,8 @@
     heap_baselineBytes = wolfCrypt_heap_peakBytes_checkpoint();              \
     }
 #else
-#define PRINT_HEAP_CHECKPOINT()
-#endif
+#define PRINT_HEAP_CHECKPOINT() WC_DO_NOTHING
+#endif /* WOLFSSL_TRACK_MEMORY_VERBOSE && !WOLFSSL_STATIC_MEMORY */
 
 #ifdef USE_FLAT_TEST_H
     #ifdef HAVE_CONFIG_H
@@ -121,6 +134,7 @@
     #include <time.h>
     #include <sys/time.h>
     #include <esp_log.h>
+    #include <wolfcrypt/port/Espressif/esp32-crypt.h> /* */
 #elif defined(WOLFSSL_ZEPHYR)
     #include <stdio.h>
 
@@ -186,6 +200,23 @@
     #include <printx.h>
     #undef printf
     #define printf printx
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    #ifndef TEST_SLEEP
+        #define TEST_SLEEP() vTaskDelay(50)
+    #endif
+    #undef vprintf
+    #define vprintf rsip_vprintf
+    #include <stdarg.h> /* for var args */
+    int rsip_vprintf(const char* restrict format, va_list args)
+    {
+        int ret;
+        char tmpBuf[80];
+
+        ret = XSNPRINTF(tmpBuf, sizeof(tmpBuf), format, args);
+        printf(tmpBuf);
+
+    return ret;
+    }
 #else
     #ifdef XMALLOC_USER
         #include <stdlib.h>  /* we're using malloc / free direct here */
@@ -254,6 +285,9 @@
 #ifdef HAVE_ECC
     #include <wolfssl/wolfcrypt/ecc.h>
 #endif
+#ifdef WOLFSSL_SM2
+    #include <wolfssl/wolfcrypt/sm2.h>
+#endif
 #ifdef HAVE_HPKE
     #include <wolfssl/wolfcrypt/hpke.h>
 #endif
@@ -278,6 +312,18 @@
     #include <wolfssl/wolfcrypt/ext_kyber.h>
 #endif
 #endif
+#if defined(WOLFSSL_HAVE_XMSS)
+    #include <wolfssl/wolfcrypt/xmss.h>
+#ifdef HAVE_LIBXMSS
+    #include <wolfssl/wolfcrypt/ext_xmss.h>
+#endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS)
+    #include <wolfssl/wolfcrypt/lms.h>
+#ifdef HAVE_LIBLMS
+    #include <wolfssl/wolfcrypt/ext_lms.h>
+#endif
+#endif
 #ifdef WOLFCRYPT_HAVE_ECCSI
     #include <wolfssl/wolfcrypt/eccsi.h>
 #endif
@@ -290,6 +336,12 @@
 #ifdef WOLFSSL_SHA3
     #include <wolfssl/wolfcrypt/sha3.h>
 #endif
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifdef WOLFSSL_SM4
+    #include <wolfssl/wolfcrypt/sm4.h>
+#endif
 #ifdef HAVE_LIBZ
     #include <wolfssl/wolfcrypt/compress.h>
 #endif
@@ -319,6 +371,9 @@
     #ifdef HAVE_CAVIUM_OCTEON_SYNC
         #include <wolfssl/wolfcrypt/port/cavium/cavium_octeon_sync.h>
     #endif
+    #ifdef HAVE_RENESAS_SYNC
+        #include <wolfssl/wolfcrypt/port/renesas/renesas_sync.h>
+    #endif
 #endif
 
 #ifdef _MSC_VER
@@ -389,7 +444,11 @@ static void initDefaultName(void);
 #ifdef WOLFSSL_CAAM_DEVID
 static int devId = WOLFSSL_CAAM_DEVID;
 #else
+  #ifdef WC_USE_DEVID
+static int devId = WC_USE_DEVID;
+  #else
 static int devId = INVALID_DEVID;
+  #endif
 #endif
 
 #ifdef HAVE_WNR
@@ -413,217 +472,275 @@ typedef struct testVector {
 PRAGMA_GCC("GCC diagnostic ignored \"-Wunused-function\"")
 PRAGMA_CLANG("clang diagnostic ignored \"-Wunused-function\"")
 
-WOLFSSL_TEST_SUBROUTINE int  error_test(void);
-WOLFSSL_TEST_SUBROUTINE int  base64_test(void);
-WOLFSSL_TEST_SUBROUTINE int  base16_test(void);
-WOLFSSL_TEST_SUBROUTINE int  asn_test(void);
-WOLFSSL_TEST_SUBROUTINE int  md2_test(void);
-WOLFSSL_TEST_SUBROUTINE int  md5_test(void);
-WOLFSSL_TEST_SUBROUTINE int  md4_test(void);
-WOLFSSL_TEST_SUBROUTINE int  sha_test(void);
-WOLFSSL_TEST_SUBROUTINE int  sha224_test(void);
-WOLFSSL_TEST_SUBROUTINE int  sha256_test(void);
-WOLFSSL_TEST_SUBROUTINE int  sha512_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  error_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  base64_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  base16_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  asn_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  md2_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  md5_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  md4_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha512_test(void);
 #if !defined(WOLFSSL_NOSHA512_224) && \
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int  sha512_224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha512_224_test(void);
 #endif
 #if !defined(WOLFSSL_NOSHA512_256) && \
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int  sha512_256_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int  sha384_test(void);
-WOLFSSL_TEST_SUBROUTINE int  sha3_test(void);
-WOLFSSL_TEST_SUBROUTINE int  shake128_test(void);
-WOLFSSL_TEST_SUBROUTINE int  shake256_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hash_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_md5_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha224_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha256_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha384_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha512_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hmac_sha3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha512_256_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha384_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sha3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  shake128_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  shake256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sm3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hash_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_md5_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha224_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha384_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha512_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hmac_sha3_test(void);
 #if defined(HAVE_HKDF) && !defined(NO_HMAC)
+#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) ||     \
+    defined(WOLFSSL_AFALG_XILINX_SHA3) || defined(WOLFSSL_AFALG_HASH_KEEP) || \
+    defined(WOLFSSL_AFALG_XILINX_RSA)
 /* hkdf_test has issue with WOLFSSL_TEST_SUBROUTINE set on Xilinx with afalg */
-static int  hkdf_test(void);
+static                  wc_test_ret_t  hkdf_test(void);
+#else
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hkdf_test(void);
 #endif
-WOLFSSL_TEST_SUBROUTINE int  sshkdf_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sshkdf_test(void);
 #ifdef WOLFSSL_TLS13
-WOLFSSL_TEST_SUBROUTINE int  tls13_kdf_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  tls13_kdf_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  x963kdf_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  hpke_test(void);
+#ifdef WC_SRTP_KDF
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  srtpkdf_test(void);
 #endif
-WOLFSSL_TEST_SUBROUTINE int  x963kdf_test(void);
-WOLFSSL_TEST_SUBROUTINE int  hpke_test(void);
-WOLFSSL_TEST_SUBROUTINE int  arc4_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  arc4_test(void);
 #ifdef WC_RC2
-WOLFSSL_TEST_SUBROUTINE int  rc2_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int  chacha_test(void);
-WOLFSSL_TEST_SUBROUTINE int  XChaCha_test(void);
-WOLFSSL_TEST_SUBROUTINE int  chacha20_poly1305_aead_test(void);
-WOLFSSL_TEST_SUBROUTINE int  XChaCha20Poly1305_test(void);
-WOLFSSL_TEST_SUBROUTINE int  des_test(void);
-WOLFSSL_TEST_SUBROUTINE int  des3_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aes_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aes192_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aes256_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aesofb_test(void);
-WOLFSSL_TEST_SUBROUTINE int  cmac_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  rc2_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  chacha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  XChaCha_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  chacha20_poly1305_aead_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  XChaCha20Poly1305_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  des_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  des3_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aes_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aes192_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aes256_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aesofb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  cmac_test(void);
 #if defined(WOLFSSL_SIPHASH)
-WOLFSSL_TEST_SUBROUTINE int  siphash_test(void);
-#endif
-WOLFSSL_TEST_SUBROUTINE int  poly1305_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aesgcm_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aesgcm_default_test(void);
-WOLFSSL_TEST_SUBROUTINE int  gmac_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aesccm_test(void);
-WOLFSSL_TEST_SUBROUTINE int  aeskeywrap_test(void);
-WOLFSSL_TEST_SUBROUTINE int  camellia_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  siphash_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  poly1305_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aesgcm_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aesgcm_default_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  gmac_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aesccm_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  aeskeywrap_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  camellia_test(void);
+#ifdef WOLFSSL_SM4
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sm4_test(void);
+#endif
 #ifdef WC_RSA_NO_PADDING
-WOLFSSL_TEST_SUBROUTINE int  rsa_no_pad_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  rsa_no_pad_test(void);
 #endif
-WOLFSSL_TEST_SUBROUTINE int  rsa_test(void);
-WOLFSSL_TEST_SUBROUTINE int  dh_test(void);
-WOLFSSL_TEST_SUBROUTINE int  dsa_test(void);
-WOLFSSL_TEST_SUBROUTINE int  srp_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  rsa_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  dh_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  dsa_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  srp_test(void);
 #ifndef WC_NO_RNG
-WOLFSSL_TEST_SUBROUTINE int  random_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  random_test(void);
 #endif /* WC_NO_RNG */
-WOLFSSL_TEST_SUBROUTINE int  pwdbased_test(void);
-WOLFSSL_TEST_SUBROUTINE int  ripemd_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  pwdbased_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ripemd_test(void);
 #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
-WOLFSSL_TEST_SUBROUTINE int  openssl_test(void);   /* test mini api */
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_test(void);   /* test mini api */
 
-WOLFSSL_TEST_SUBROUTINE int  openssl_pkey0_test(void);
-WOLFSSL_TEST_SUBROUTINE int  openssl_pkey1_test(void);
-WOLFSSL_TEST_SUBROUTINE int  openSSL_evpMD_test(void);
-WOLFSSL_TEST_SUBROUTINE int  openssl_evpSig_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_pkey0_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_pkey1_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openSSL_evpMD_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  openssl_evpSig_test(void);
 #endif
 
-WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void);
-WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void);
-WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void);
-WOLFSSL_TEST_SUBROUTINE int scrypt_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void);
+#if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void);
+#endif
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void);
 #ifdef HAVE_ECC
-    WOLFSSL_TEST_SUBROUTINE int  ecc_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ecc_test(void);
     #if defined(HAVE_ECC_ENCRYPT) && defined(HAVE_AES_CBC) && \
         (defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_256))
-        WOLFSSL_TEST_SUBROUTINE int  ecc_encrypt_test(void);
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ecc_encrypt_test(void);
     #endif
     #if defined(USE_CERT_BUFFERS_256) && !defined(WOLFSSL_ATECC508A) && \
         !defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
         defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN) && \
         !defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
         /* skip for ATECC508/608A, cannot import private key buffers */
-        WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void);
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void);
     #endif
 #endif
 #ifdef HAVE_CURVE25519
-    WOLFSSL_TEST_SUBROUTINE int  curve25519_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  curve25519_test(void);
 #endif
 #ifdef HAVE_ED25519
-    WOLFSSL_TEST_SUBROUTINE int  ed25519_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ed25519_test(void);
 #endif
 #ifdef HAVE_CURVE448
-    WOLFSSL_TEST_SUBROUTINE int  curve448_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  curve448_test(void);
 #endif
 #ifdef HAVE_ED448
-    WOLFSSL_TEST_SUBROUTINE int  ed448_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  ed448_test(void);
 #endif
 #ifdef WOLFSSL_HAVE_KYBER
-    WOLFSSL_TEST_SUBROUTINE int  kyber_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  kyber_test(void);
+#endif
+#if defined(WOLFSSL_HAVE_XMSS)
+    #if !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  xmss_test(void);
+    #endif
+    #if defined(WOLFSSL_XMSS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  xmss_test_verify_only(void);
+    #endif
+#endif
+#if defined(WOLFSSL_HAVE_LMS)
+    #if !defined(WOLFSSL_LMS_VERIFY_ONLY)
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  lms_test(void);
+    #endif
+    #if defined(WOLFSSL_LMS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  lms_test_verify_only(void);
+    #endif
 #endif
 #ifdef WOLFCRYPT_HAVE_ECCSI
-    WOLFSSL_TEST_SUBROUTINE int  eccsi_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  eccsi_test(void);
 #endif
 #ifdef WOLFCRYPT_HAVE_SAKKE
-    WOLFSSL_TEST_SUBROUTINE int  sakke_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  sakke_test(void);
 #endif
 #ifdef HAVE_BLAKE2
-    WOLFSSL_TEST_SUBROUTINE int  blake2b_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  blake2b_test(void);
 #endif
 #ifdef HAVE_BLAKE2S
-    WOLFSSL_TEST_SUBROUTINE int  blake2s_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  blake2s_test(void);
 #endif
 #ifdef HAVE_LIBZ
-    WOLFSSL_TEST_SUBROUTINE int compress_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void);
 #endif
 #ifdef HAVE_PKCS7
     #ifndef NO_PKCS7_ENCRYPTED_DATA
-        WOLFSSL_TEST_SUBROUTINE int pkcs7encrypted_test(void);
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void);
     #endif
     #if defined(HAVE_LIBZ) && !defined(NO_PKCS7_COMPRESSED_DATA)
-        WOLFSSL_TEST_SUBROUTINE int pkcs7compressed_test(void);
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void);
     #endif
-    WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void);
-    WOLFSSL_TEST_SUBROUTINE int pkcs7enveloped_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void);
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void);
     #if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
-        WOLFSSL_TEST_SUBROUTINE int pkcs7authenveloped_test(void);
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void);
     #endif
     #if !defined(NO_AES) && defined(HAVE_AES_CBC)
-        WOLFSSL_TEST_SUBROUTINE int pkcs7callback_test(byte* cert, word32 certSz, byte* key,
+        WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 certSz, byte* key,
                 word32 keySz);
     #endif
 #endif
 #if !defined(NO_ASN_TIME) && !defined(NO_RSA) && defined(WOLFSSL_TEST_CERT) && \
     !defined(NO_FILESYSTEM)
-WOLFSSL_TEST_SUBROUTINE int cert_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void);
 #endif
 #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT) && \
    !defined(NO_FILESYSTEM) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int  certext_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t  certext_test(void);
 #endif
 #if defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void);
 #endif
-WOLFSSL_TEST_SUBROUTINE int memory_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void);
 #if defined(WOLFSSL_PUBLIC_MP) && \
     ((defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
      defined(USE_FAST_MATH))
-WOLFSSL_TEST_SUBROUTINE int mp_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void);
 #endif
 #if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_KEY_GEN)
-WOLFSSL_TEST_SUBROUTINE int prime_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void);
 #endif
 #if defined(ASN_BER_TO_DER) && \
     (defined(WOLFSSL_TEST_CERT) || defined(OPENSSL_EXTRA) || \
      defined(OPENSSL_EXTRA_X509_SMALL))
-WOLFSSL_TEST_SUBROUTINE int berder_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void);
 #endif
-WOLFSSL_TEST_SUBROUTINE int logging_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void);
 #if !defined(NO_ASN) && !defined(NO_ASN_TIME)
-WOLFSSL_TEST_SUBROUTINE int time_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void);
 #endif
 #if defined(__INCLUDE_NUTTX_CONFIG_H)
-WOLFSSL_TEST_SUBROUTINE int wolfcrypt_mutex_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t wolfcrypt_mutex_test(void);
 #else
-WOLFSSL_TEST_SUBROUTINE int mutex_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void);
 #endif
 #if defined(USE_WOLFSSL_MEMORY) && !defined(FREERTOS)
-WOLFSSL_TEST_SUBROUTINE int memcb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void);
 #endif
 #ifdef WOLFSSL_CAAM_BLOB
-WOLFSSL_TEST_SUBROUTINE int blob_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void);
+#endif
+#ifdef HAVE_ARIA
+#include "wolfssl/wolfcrypt/port/aria/aria-crypt.h"
+void printOutput(const char *strName, unsigned char *data, unsigned int dataSz);
+WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID);
 #endif
 
 #ifdef WOLF_CRYPTO_CB
-WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void);
 #endif
 #ifdef WOLFSSL_CERT_PIV
-WOLFSSL_TEST_SUBROUTINE int certpiv_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void);
 #endif
 #ifdef WOLFSSL_AES_SIV
-WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void);
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void);
 #endif
 
+#if defined(WOLFSSL_AES_EAX) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void);
+#endif /* WOLFSSL_AES_EAX */
+
 /* General big buffer size for many tests. */
 #define FOURK_BUF 4096
 
+#if defined(WOLFSSL_ESPIDF_ERROR_PAUSE)
+    /* When defined, pause at error condition rather than exit with error. */
+        #define ERROR_OUT(err, eLabel) \
+            do { \
+                ret = (err); \
+                esp_ShowExtendedSystemInfo(); \
+                ESP_LOGE("wolfcrypt_test", "ESP Error! ret = %d ", err); \
+                while (1) { \
+                    vTaskDelay(60000); \
+                } \
+                /* Just to appease compiler, don't actually go to eLabel */ \
+                goto eLabel; \
+            } while (0)
+#else
+    #define ERROR_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
+#endif
 
-#define ERROR_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
+/* Not all unexpected conditions are actually errors .*/
+#define WARNING_OUT(err, eLabel) do { ret = (err); goto eLabel; } while (0)
 
-static void render_error_message(const char* msg, int es)
+static void render_error_message(const char* msg, wc_test_ret_t es)
 {
     (void)msg;
     (void)es;
@@ -699,7 +816,7 @@ static void print_fiducials(void);
 #ifdef HAVE_STACK_SIZE
 static THREAD_RETURN err_sys(const char* msg, int es)
 #else
-static int err_sys(const char* msg, int es)
+static wc_test_ret_t err_sys(const char* msg, wc_test_ret_t es)
 #endif
 {
     render_error_message(msg, es);
@@ -716,7 +833,7 @@ static int err_sys(const char* msg, int es)
 typedef struct func_args {
     int    argc;
     char** argv;
-    int    return_code;
+    wc_test_ret_t return_code;
 } func_args;
 #endif /* !HAVE_WOLFCRYPT_TEST_OPTIONS */
 
@@ -784,7 +901,7 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
 
 /* optional macro to add sleep between tests */
 #ifndef TEST_SLEEP
-#define TEST_SLEEP()
+#define TEST_SLEEP() WC_DO_NOTHING
 #else
     #define TEST_PASS test_pass
     #include <stdarg.h> /* for var args */
@@ -800,7 +917,7 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
     }
 #endif
 
-/* set test pass output to printf if not overriden */
+/* set test pass output to printf if not overridden */
 #ifndef TEST_PASS
     /* redirect to printf */
     #define TEST_PASS(...) {                                    \
@@ -822,11 +939,11 @@ static int rng_crypto_cb(int thisDevId, wc_CryptoInfo* info, void* ctx)
 #ifdef HAVE_STACK_SIZE
 THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args)
 #else
-int wolfcrypt_test(void* args)
+wc_test_ret_t wolfcrypt_test(void* args)
 #endif
 {
-    int ret;
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+    wc_test_ret_t ret;
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
     long heap_baselineAllocs, heap_baselineBytes;
 #endif
 #ifdef TEST_ALWAYS_RUN_TO_END
@@ -834,7 +951,7 @@ int wolfcrypt_test(void* args)
 #endif
     STACK_SIZE_INIT();
 
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+#if defined(WOLFSSL_TRACK_MEMORY_VERBOSE) && !defined(WOLFSSL_STATIC_MEMORY)
     (void)wolfCrypt_heap_peakAllocs_checkpoint();
     heap_baselineAllocs = wolfCrypt_heap_peakAllocs_checkpoint();
     (void)wolfCrypt_heap_peakBytes_checkpoint();
@@ -843,6 +960,10 @@ int wolfcrypt_test(void* args)
 
     printf("------------------------------------------------------------------------------\n");
     printf(" wolfSSL version %s\n", LIBWOLFSSL_VERSION_STRING);
+#ifdef WOLF_CRYPTO_CB
+    if (devId != INVALID_DEVID)
+        printf("  CryptoCB with DevID:%X\n", devId);
+#endif
     printf("------------------------------------------------------------------------------\n");
 
     if (args) {
@@ -947,6 +1068,12 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         printf("Couldn't init the Cavium Octeon\n");
     }
 #endif
+#ifdef HAVE_RENESAS_SYNC
+    devId = wc_CryptoCb_CryptInitRenesasCmn(NULL, &guser_PKCbInfo);
+    if (devId == INVALID_DEVID) {
+        printf("Couldn't get the Renesas device ID\n");
+    }
+#endif
 #endif
 
 #if defined(WOLF_CRYPTO_CB) && !defined(HAVE_HASHDRBG) && \
@@ -1101,6 +1228,13 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_PASS("SHAKE256 test passed!\n");
 #endif
 
+#ifdef WOLFSSL_SM3
+    if ( (ret = sm3_test()) != 0)
+        return err_sys("SM-3     test failed!\n", ret);
+    else
+        TEST_PASS("SM-3     test passed!\n");
+#endif
+
 #ifndef NO_HASH_WRAPPER
     if ( (ret = hash_test()) != 0)
         TEST_FAIL("Hash     test failed!\n", ret);
@@ -1223,8 +1357,16 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_PASS("HPKE     test passed!\n");
 #endif
 
+#if defined(WC_SRTP_KDF)
+    if ( (ret = srtpkdf_test()) != 0)
+        TEST_FAIL("SRTP KDF test failed!\n", ret);
+    else
+        TEST_PASS("SRTP KDF test passed!\n");
+#endif
+
 #if defined(HAVE_AESGCM) && defined(WOLFSSL_AES_128) && \
-   !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT)
+   !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \
+   !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     if ( (ret = gmac_test()) != 0)
         TEST_FAIL("GMAC     test failed!\n", ret);
     else
@@ -1300,14 +1442,15 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
     else
         TEST_PASS("AES      test passed!\n");
 
-#ifdef WOLFSSL_AES_192
+#if defined(WOLFSSL_AES_192)  && \
+   !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
     if ( (ret = aes192_test()) != 0)
         TEST_FAIL("AES192   test failed!\n", ret);
     else
         TEST_PASS("AES192   test passed!\n");
 #endif
 
-#ifdef WOLFSSL_AES_256
+#if defined(WOLFSSL_AES_256)
     if ( (ret = aes256_test()) != 0)
         TEST_FAIL("AES256   test failed!\n", ret);
     else
@@ -1327,6 +1470,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_FAIL("AES-GCM  test failed!\n", ret);
     #endif
     #if !defined(WOLFSSL_AFALG_XILINX_AES) && !defined(WOLFSSL_XILINX_CRYPT) && \
+        !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY) && \
         !defined(WOLFSSL_KCAPI_AES) && !(defined(WOLF_CRYPTO_CB) && \
             (defined(HAVE_INTEL_QA_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC)))
     if ((ret = aesgcm_default_test()) != 0) {
@@ -1358,6 +1502,31 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
 #endif
 #endif
 
+#if defined(WOLFSSL_AES_EAX) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    if ( (ret = aes_eax_test()) != 0)
+        TEST_FAIL("AES-EAX  test failed!\n", ret);
+    else
+        TEST_PASS("AES-EAX  test passed!\n");
+#endif /* WOLFSSL_AES_EAX */
+
+#ifdef HAVE_ARIA
+    if ( (ret = ariagcm_test(MC_ALGID_ARIA_128BITKEY)) != 0)
+        TEST_FAIL("ARIA128  test failed!\n", ret);
+    else
+        TEST_PASS("ARIA128   test passed!\n");
+
+    if ( (ret = ariagcm_test(MC_ALGID_ARIA_192BITKEY)) != 0)
+        TEST_FAIL("ARIA192  test failed!\n", ret);
+    else
+        TEST_PASS("ARIA192   test passed!\n");
+
+    if ( (ret = ariagcm_test(MC_ALGID_ARIA_256BITKEY)) != 0)
+        TEST_FAIL("ARIA256  test failed!\n", ret);
+    else
+        TEST_PASS("ARIA256   test passed!\n");
+#endif
+
 #ifdef HAVE_CAMELLIA
     if ( (ret = camellia_test()) != 0)
         TEST_FAIL("CAMELLIA test failed!\n", ret);
@@ -1365,7 +1534,14 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_PASS("CAMELLIA test passed!\n");
 #endif
 
-#if !defined(NO_RSA)
+#ifdef WOLFSSL_SM4
+    if ( (ret = sm4_test()) != 0)
+        return err_sys("SM-4     test failed!\n", ret);
+    else
+        TEST_PASS("SM-4     test passed!\n");
+#endif
+
+#if !defined(NO_RSA) && !defined(HAVE_RENESAS_SYNC)
     #ifdef WC_RSA_NO_PADDING
     if ( (ret = rsa_no_pad_test()) != 0)
         TEST_FAIL("RSA NOPAD test failed!\n", ret);
@@ -1522,6 +1698,38 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         TEST_PASS("KYBER    test passed!\n");
 #endif
 
+#if defined(WOLFSSL_HAVE_XMSS)
+    #if !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+    if ( (ret = xmss_test()) != 0)
+        TEST_FAIL("XMSS     test failed!\n", ret);
+    else
+        TEST_PASS("XMSS     test passed!\n");
+    #endif
+
+    #if defined(WOLFSSL_XMSS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+    if ( (ret = xmss_test_verify_only()) != 0)
+        TEST_FAIL("XMSS     test failed!\n", ret);
+    else
+        TEST_PASS("XMSS     test passed!\n");
+    #endif
+#endif /* if defined(WOLFSSL_HAVE_XMSS) */
+
+#if defined(WOLFSSL_HAVE_LMS)
+    #if !defined(WOLFSSL_LMS_VERIFY_ONLY)
+    if ( (ret = lms_test()) != 0)
+        TEST_FAIL("LMS      test failed!\n", ret);
+    else
+        TEST_PASS("LMS      test passed!\n");
+    #endif
+
+    #if defined(WOLFSSL_LMS_VERIFY_ONLY) && !defined(WOLFSSL_SMALL_STACK)
+    if ( (ret = lms_test_verify_only()) != 0)
+        TEST_FAIL("LMS      test failed!\n", ret);
+    else
+        TEST_PASS("LMS      test passed!\n");
+    #endif
+#endif /* if defined(WOLFSSL_HAVE_LMS) */
+
 #ifdef WOLFCRYPT_HAVE_ECCSI
     if ( (ret = eccsi_test()) != 0)
         TEST_FAIL("ECCSI    test failed!\n", ret);
@@ -1649,7 +1857,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
 
 #if defined(WOLF_CRYPTO_CB) && \
     !(defined(HAVE_INTEL_QAT_SYNC) || defined(HAVE_CAVIUM_OCTEON_SYNC) || \
-      defined(WOLFSSL_QNX_CAAM))
+      defined(WOLFSSL_QNX_CAAM) || defined(HAVE_RENESAS_SYNC))
     if ( (ret = cryptocb_test()) != 0)
         TEST_FAIL("crypto callback test failed!\n", ret);
     else
@@ -1703,20 +1911,20 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
 
     /* so overall tests can pull in test function */
 #if defined(WOLFSSL_ESPIDF) || defined(_WIN32_WCE)
-    int wolf_test_task(void)
+    wc_test_ret_t wolf_test_task(void)
 #else
 #ifndef NO_MAIN_FUNCTION
     int main(int argc, char** argv)
     {
-        return wolfcrypt_test_main(argc, argv);
+        return (int)wolfcrypt_test_main(argc, argv);
     }
 #endif
 
-    int wolfcrypt_test_main(int argc, char** argv)
+    wc_test_ret_t wolfcrypt_test_main(int argc, char** argv)
 #endif
     {
-        int ret;
-        func_args args;
+        wc_test_ret_t ret;
+        func_args args = { 0, 0, 0 };
 #if defined(WOLFSSL_ESPIDF) || defined(WOLFSSL_SE050)
         /* set dummy wallclock time. */
         struct timeval utctime;
@@ -1782,7 +1990,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         args.argv = argv;
 #endif
         if ((ret = wolfCrypt_Init()) != 0) {
-            printf("wolfCrypt_Init failed %d\n", ret);
+            printf("wolfCrypt_Init failed %d\n", (int)ret);
             err_sys("Error with wolfCrypt_Init!\n", WC_TEST_RET_ENC_EC(ret));
         }
 
@@ -1801,7 +2009,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
     #endif
 
         if ((ret = wolfCrypt_Cleanup()) != 0) {
-            printf("wolfCrypt_Cleanup failed %d\n", ret);
+            printf("wolfCrypt_Cleanup failed %d\n", (int)ret);
             err_sys("Error with wolfCrypt_Cleanup!\n", WC_TEST_RET_ENC_EC(ret));
         }
 
@@ -1818,16 +2026,7 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
         while (1);
 #endif
 
-#ifdef WOLFSSL_ESPIDF
-        /* ESP_LOGI to print takes up a lot less memory than printf */
-        ESP_LOGI("wolfcrypt_test", "Exiting main with return code: % d\n", args.return_code);
-#endif
-
-/* everything else will use printf */
-#if !defined(WOLFSSL_ESPIDF)
-/* gate this for target platforms wishing to avoid printf reference */
-        printf("Exiting main with return code: %d\n", args.return_code);
-#endif
+        printf("Exiting main with return code: %ld\n", (long int)args.return_code);
 
         return args.return_code;
     } /* wolfcrypt_test_main or wolf_test_task */
@@ -1845,11 +2044,11 @@ options: [-s max_relative_stack_bytes] [-m max_relative_heap_memory_bytes]\n\
 #define SaveDerAndPem(d, dSz, fD, fP, pT) _SaveDerAndPem(d, dSz, NULL, NULL, pT, WC_TEST_RET_LN)
 #endif
 
-static int _SaveDerAndPem(const byte* der, int derSz,
+static wc_test_ret_t _SaveDerAndPem(const byte* der, int derSz,
     const char* fileDer, const char* filePem, int pemType, int calling_line)
 {
 #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES)
-    int ret;
+    wc_test_ret_t ret;
     XFILE derFile;
 
     derFile = XFOPEN(fileDer, "wb");
@@ -1915,7 +2114,7 @@ static int _SaveDerAndPem(const byte* der, int derSz,
 }
 #endif /* WOLFSSL_KEY_GEN || WOLFSSL_CERT_GEN */
 
-WOLFSSL_TEST_SUBROUTINE int error_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t error_test(void)
 {
     const char* errStr;
     char        out[WOLFSSL_MAX_ERROR_SZ];
@@ -1935,9 +2134,8 @@ WOLFSSL_TEST_SUBROUTINE int error_test(void)
     int i;
     int j = 0;
     /* Values that are not or no longer error codes. */
-    int missing[] = { -122, -123, -124,       -127, -128, -129, -159,
-                      -163, -164, -165, -166, -167, -168, -169, -233,
-                      0 };
+    int missing[] = { -123, -124, -128, -129, -159, -163, -164,
+                      -165, -166, -167, -168, -169, -233,   0 };
 
     /* Check that all errors have a string and it's the same through the two
      * APIs. Check that the values that are not errors map to the unknown
@@ -1980,9 +2178,9 @@ WOLFSSL_TEST_SUBROUTINE int error_test(void)
 
 #ifndef NO_CODING
 
-WOLFSSL_TEST_SUBROUTINE int base64_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base64_test(void)
 {
-    int        ret;
+    wc_test_ret_t ret;
     WOLFSSL_SMALL_STACK_STATIC const byte good[] = "A+Gd\0\0\0";
     WOLFSSL_SMALL_STACK_STATIC const byte goodEnd[] = "A+Gd \r\n";
     WOLFSSL_SMALL_STACK_STATIC const byte good_spaces[] = " A + G d \0";
@@ -2127,9 +2325,9 @@ WOLFSSL_TEST_SUBROUTINE int base64_test(void)
 }
 
 #ifdef WOLFSSL_BASE16
-WOLFSSL_TEST_SUBROUTINE int base16_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t base16_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     WOLFSSL_SMALL_STACK_STATIC const byte testData[] = "SomeDataToEncode\n";
     WOLFSSL_SMALL_STACK_STATIC const byte encodedTestData[] = "536F6D6544617461546F456E636F64650A00";
     byte   encoded[40];
@@ -2166,9 +2364,9 @@ WOLFSSL_TEST_SUBROUTINE int base16_test(void)
 #endif /* !NO_CODING */
 
 #ifndef NO_ASN
-WOLFSSL_TEST_SUBROUTINE int asn_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t asn_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     /* ASN1 encoded date buffer */
     WOLFSSL_SMALL_STACK_STATIC const byte dateBuf[] = {0x17, 0x0d, 0x31, 0x36, 0x30, 0x38, 0x31, 0x31,
                             0x32, 0x30, 0x30, 0x37, 0x33, 0x37, 0x5a};
@@ -2211,9 +2409,9 @@ WOLFSSL_TEST_SUBROUTINE int asn_test(void)
 #endif /* !NO_ASN */
 
 #ifdef WOLFSSL_MD2
-WOLFSSL_TEST_SUBROUTINE int md2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md2_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     Md2  md2;
     byte hash[MD2_DIGEST_SIZE];
 
@@ -2299,9 +2497,9 @@ WOLFSSL_TEST_SUBROUTINE int md2_test(void)
 #endif
 
 #ifndef NO_MD5
-WOLFSSL_TEST_SUBROUTINE int md5_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md5_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     wc_Md5 md5, md5Copy;
     byte hash[WC_MD5_DIGEST_SIZE];
     byte hashcopy[WC_MD5_DIGEST_SIZE];
@@ -2429,7 +2627,7 @@ exit:
 
 #ifndef NO_MD4
 
-WOLFSSL_TEST_SUBROUTINE int md4_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t md4_test(void)
 {
     Md4  md4;
     byte hash[MD4_DIGEST_SIZE];
@@ -2507,9 +2705,9 @@ WOLFSSL_TEST_SUBROUTINE int md4_test(void)
 
 #ifndef NO_SHA
 
-WOLFSSL_TEST_SUBROUTINE int sha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     wc_Sha sha, shaCopy;
     byte hash[WC_SHA_DIGEST_SIZE];
     byte hashcopy[WC_SHA_DIGEST_SIZE];
@@ -2637,10 +2835,10 @@ exit:
 #endif /* NO_SHA */
 
 #ifdef WOLFSSL_RIPEMD
-WOLFSSL_TEST_SUBROUTINE int ripemd_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ripemd_test(void)
 {
     RipeMd  ripemd;
-    int ret;
+    wc_test_ret_t ret;
     byte hash[RIPEMD_DIGEST_SIZE];
 
     testVector a, b, c, d;
@@ -2744,7 +2942,7 @@ static const byte blake2b_vec[BLAKE2B_TESTS][BLAKE2B_OUTBYTES] =
 
 
 
-WOLFSSL_TEST_SUBROUTINE int blake2b_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2b_test(void)
 {
     Blake2b b2b;
     byte    digest[64];
@@ -2805,7 +3003,7 @@ static const byte blake2s_vec[BLAKE2S_TESTS][BLAKE2S_OUTBYTES] =
 
 
 
-WOLFSSL_TEST_SUBROUTINE int blake2s_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blake2s_test(void)
 {
     Blake2s b2s;
     byte    digest[32];
@@ -2839,12 +3037,12 @@ WOLFSSL_TEST_SUBROUTINE int blake2s_test(void)
 
 
 #ifdef WOLFSSL_SHA224
-WOLFSSL_TEST_SUBROUTINE int sha224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha224_test(void)
 {
     wc_Sha224 sha, shaCopy;
     byte      hash[WC_SHA224_DIGEST_SIZE];
     byte      hashcopy[WC_SHA224_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -2913,12 +3111,12 @@ exit:
 
 
 #ifndef NO_SHA256
-WOLFSSL_TEST_SUBROUTINE int sha256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha256_test(void)
 {
     wc_Sha256 sha, shaCopy;
     byte      hash[WC_SHA256_DIGEST_SIZE];
     byte      hashcopy[WC_SHA256_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -3029,7 +3227,7 @@ exit:
 
 
 #ifdef WOLFSSL_SHA512
-WOLFSSL_TEST_SUBROUTINE int sha512_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_test(void)
 {
     /*
     ** See https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512.pdf
@@ -3037,7 +3235,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_test(void)
     wc_Sha512 sha, shaCopy;
     byte      hash[WC_SHA512_DIGEST_SIZE];
     byte      hashcopy[WC_SHA512_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -3165,7 +3363,7 @@ exit:
 
 #if !defined(WOLFSSL_NOSHA512_224) && \
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
-WOLFSSL_TEST_SUBROUTINE int sha512_224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_224_test(void)
 {
     /*
     ** See https://csrc.nist.gov/Projects/cryptographic-standards-and-guidelines/example-values
@@ -3176,7 +3374,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_224_test(void)
     wc_Sha512 sha, shaCopy;
     byte      hash[WC_SHA512_224_DIGEST_SIZE];
     byte      hashcopy[WC_SHA512_224_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -3317,7 +3515,7 @@ exit:
 #if !defined(WOLFSSL_NOSHA512_256) && \
    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
 
-WOLFSSL_TEST_SUBROUTINE int sha512_256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha512_256_test(void)
 {
     /*
     ** See https://csrc.nist.gov/Projects/cryptographic-standards-and-guidelines/example-values
@@ -3327,7 +3525,7 @@ WOLFSSL_TEST_SUBROUTINE int sha512_256_test(void)
     wc_Sha512 sha, shaCopy;
     byte      hash[WC_SHA512_256_DIGEST_SIZE];
     byte      hashcopy[WC_SHA512_256_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -3469,12 +3667,12 @@ exit:
 
 
 #ifdef WOLFSSL_SHA384
-WOLFSSL_TEST_SUBROUTINE int sha384_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha384_test(void)
 {
     wc_Sha384 sha, shaCopy;
     byte      hash[WC_SHA384_DIGEST_SIZE];
     byte      hashcopy[WC_SHA384_DIGEST_SIZE];
-    int       ret = 0;
+    wc_test_ret_t ret = 0;
 
     testVector a, b, c;
     testVector test_sha[3];
@@ -3589,7 +3787,7 @@ exit:
 
 #ifdef WOLFSSL_SHA3
 #ifndef WOLFSSL_NOSHA3_224
-static int sha3_224_test(void)
+static wc_test_ret_t sha3_224_test(void)
 {
     wc_Sha3  sha;
     byte  hash[WC_SHA3_224_DIGEST_SIZE];
@@ -3597,7 +3795,7 @@ static int sha3_224_test(void)
 
     testVector a, b, c;
     testVector test_sha[3];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     a.input  = "";
@@ -3677,7 +3875,7 @@ exit:
 #endif /* WOLFSSL_NOSHA3_224 */
 
 #ifndef WOLFSSL_NOSHA3_256
-static int sha3_256_test(void)
+static wc_test_ret_t sha3_256_test(void)
 {
     wc_Sha3  sha;
     byte  hash[WC_SHA3_256_DIGEST_SIZE];
@@ -3685,7 +3883,7 @@ static int sha3_256_test(void)
 
     testVector a, b, c;
     testVector test_sha[3];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     byte large_input[1024];
@@ -3798,7 +3996,7 @@ exit:
 #endif /* WOLFSSL_NOSHA3_256 */
 
 #ifndef WOLFSSL_NOSHA3_384
-static int sha3_384_test(void)
+static wc_test_ret_t sha3_384_test(void)
 {
     wc_Sha3  sha;
     byte  hash[WC_SHA3_384_DIGEST_SIZE];
@@ -3809,7 +4007,7 @@ static int sha3_384_test(void)
 
     testVector a, b, c;
     testVector test_sha[3];
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     /*
@@ -3919,7 +4117,7 @@ exit:
 #endif /* WOLFSSL_NOSHA3_384 */
 
 #ifndef WOLFSSL_NOSHA3_512
-static int sha3_512_test(void)
+static wc_test_ret_t sha3_512_test(void)
 {
     wc_Sha3  sha;
     byte  hash[WC_SHA3_512_DIGEST_SIZE];
@@ -3927,7 +4125,7 @@ static int sha3_512_test(void)
 
     testVector a, b, c;
     testVector test_sha[3];
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     /*
@@ -4020,9 +4218,9 @@ exit:
 }
 #endif /* WOLFSSL_NOSHA3_512 */
 
-WOLFSSL_TEST_SUBROUTINE int sha3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sha3_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
 
     (void)ret;
 
@@ -4048,12 +4246,12 @@ WOLFSSL_TEST_SUBROUTINE int sha3_test(void)
 #endif /* WOLFSSL_SHA3 */
 
 #ifdef WOLFSSL_SHAKE128
-static int shake128_absorb_test(wc_Shake* sha, byte *large_input_buf,
+static wc_test_ret_t shake128_absorb_test(wc_Shake* sha, byte *large_input_buf,
                                 size_t large_input_buf_size)
 {
     testVector a, b, c, d, e;
     testVector test_sha[5];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     static const char large_digest[] =
@@ -4233,14 +4431,14 @@ exit:
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int shake128_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake128_test(void)
 {
     wc_Shake  sha;
     byte  hash[250];
 
     testVector a, b, c, d, e;
     testVector test_sha[5];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
 #define SHAKE128_LARGE_INPUT_BUFSIZ 1024
@@ -4404,12 +4602,12 @@ exit:
 #endif
 
 #ifdef WOLFSSL_SHAKE256
-static int shake256_absorb_test(wc_Shake* sha, byte *large_input_buf,
+static wc_test_ret_t shake256_absorb_test(wc_Shake* sha, byte *large_input_buf,
                                 size_t large_input_buf_size)
 {
     testVector a, b, c, d, e;
     testVector test_sha[5];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
     static const char large_digest[] =
@@ -4573,14 +4771,14 @@ exit:
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int shake256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t shake256_test(void)
 {
     wc_Shake  sha;
     byte  hash[250];
 
     testVector a, b, c, d, e;
     testVector test_sha[5];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int times = sizeof(test_sha) / sizeof(struct testVector), i;
 
 #define SHAKE256_LARGE_INPUT_BUFSIZ 1024
@@ -4740,8 +4938,170 @@ exit:
 }
 #endif
 
+#ifdef WOLFSSL_SM3
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm3_test(void)
+{
+    wc_Sm3 sm3, sm3Copy;
+    byte   hash[WC_SM3_DIGEST_SIZE];
+    byte   hashGet[WC_SM3_DIGEST_SIZE];
+    byte   hashCopy[WC_SM3_DIGEST_SIZE];
+    wc_test_ret_t ret = 0;
+
+    testVector a, b, c;
+    testVector test_sm3[3];
+    int times = sizeof(test_sm3) / sizeof(struct testVector), i;
+
+    a.input  = "";
+    a.output = "\x1a\xb2\x1d\x83\x55\xcf\xa1\x7f\x8e\x61\x19\x48\x31\xe8\x1a"
+               "\x8f\x22\xbe\xc8\xc7\x28\xfe\xfb\x74\x7e\xd0\x35\xeb\x50\x82"
+               "\xaa\x2b";
+    a.inLen  = XSTRLEN(a.input);
+    a.outLen = WC_SM3_DIGEST_SIZE;
+
+    b.input  = "abc";
+    b.output = "\x66\xc7\xf0\xf4\x62\xee\xed\xd9\xd1\xf2\xd4\x6b\xdc\x10\xe4"
+               "\xe2\x41\x67\xc4\x87\x5c\xf2\xf7\xa2\x29\x7d\xa0\x2b\x8f\x4b"
+               "\xa8\xe0";
+    b.inLen  = XSTRLEN(b.input);
+    b.outLen = WC_SM3_DIGEST_SIZE;
+
+    c.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    c.output = "\x63\x9b\x6c\xc5\xe6\x4d\x9e\x37\xa3\x90\xb1\x92\xdf\x4f\xa1"
+               "\xea\x07\x20\xab\x74\x7f\xf6\x92\xb9\xf3\x8c\x4e\x66\xad\x7b"
+               "\x8c\x05";
+    c.inLen  = XSTRLEN(c.input);
+    c.outLen = WC_SM3_DIGEST_SIZE;
+
+    test_sm3[0] = a;
+    test_sm3[1] = b;
+    test_sm3[2] = c;
+
+    ret = wc_InitSm3(&sm3, HEAP_HINT, devId);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_InitSm3(&sm3Copy, HEAP_HINT, devId);
+    if (ret != 0) {
+        wc_Sm3Free(&sm3);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Test all the KATs. */
+    for (i = 0; i < times; ++i) {
+        ret = wc_Sm3Update(&sm3, (byte*)test_sm3[i].input,
+            (word32)test_sm3[i].inLen);
+        if (ret != 0) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        }
+        /* Get the final hash but leave ready for more updates. */
+        ret = wc_Sm3GetHash(&sm3, hashGet);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+
+        /* Make a copy of the hash. */
+        ret = wc_Sm3Copy(&sm3, &sm3Copy);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        /* Get the final hash with original. */
+        ret = wc_Sm3Final(&sm3, hash);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+
+        /* Get the final hash with copy. */
+        ret = wc_Sm3Final(&sm3Copy, hashCopy);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        /* Dispose of copy. */
+        wc_Sm3Free(&sm3Copy);
+
+        /* Check hashes match expected. */
+        if (XMEMCMP(hash, test_sm3[i].output, WC_SM3_DIGEST_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        if (XMEMCMP(hash, hashGet, WC_SM3_DIGEST_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        if (XMEMCMP(hash, hashCopy, WC_SM3_DIGEST_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+    }
+
+#ifndef NO_LARGE_HASH_TEST
+    {
+        word32 sz;
+        byte large_input[1024];
+    #ifdef HASH_SIZE_LIMIT
+        const char* large_digest =
+            "\x6c\x42\x57\x64\x8e\x45\xf3\xb6\xc0\x83\xd3\x41\x83\x66\x51\xb4"
+            "\x50\xfe\x06\xb5\xb7\x1e\xd5\x0d\x41\xfc\x1e\xe5\xc6\x57\x95\x0f";
+
+        times = 20;
+    #else
+        const char* large_digest =
+            "\x34\x51\x3c\xde\x7c\x30\xb7\xc5\xaa\x97\x3b\xed\xb3\x16\xb9\x76"
+            "\x35\x46\x14\x80\x2a\x57\xca\xd9\x48\xf9\x93\xcc\x1f\xdd\xab\x79";
+
+        times = 100;
+    #endif
+
+        /* Set large input to something. */
+        for (i = 0; i < (int)sizeof(large_input); i++) {
+            large_input[i] = (byte)(i & 0xFF);
+        }
+
+        /* Hash a large number of times. */
+        for (i = 0; i < times; ++i) {
+            ret = wc_Sm3Update(&sm3, (byte*)large_input,
+                (word32)sizeof(large_input));
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+        }
+        /* Calculate hash and compare to expected. */
+        ret = wc_Sm3Final(&sm3, hash);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
+        if (XMEMCMP(hash, large_digest, WC_SM3_DIGEST_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
+
+
+        /* Check updating with various sizes works. */
+        for (sz = 1; sz <= 64; sz++) {
+            /* Hash a large number of times. */
+            for (i = 0; i < times; ++i) {
+                word32 o;
+
+                /* Update sz bytes at a time from large input buffer. */
+                for (o = 0; o + sz <= (word32)sizeof(large_input); o += sz) {
+                    ret = wc_Sm3Update(&sm3, (byte*)(large_input + o), sz);
+                    if (ret != 0)
+                        ERROR_OUT(WC_TEST_RET_ENC_I(o), exit);
+                }
+                /* Check for left-overs. */
+                if (o < (word32)sizeof(large_input)) {
+                    ret = wc_Sm3Update(&sm3, (byte*)(large_input + o),
+                        (word32)sizeof(large_input) - o);
+                    if (ret != 0)
+                        ERROR_OUT(WC_TEST_RET_ENC_I(i), exit);
+                }
+            }
+
+            /* Calculate hash and compare to expected. */
+            ret = wc_Sm3Final(&sm3, hash);
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_I(sz), exit);
+            if (XMEMCMP(hash, large_digest, WC_SM3_DIGEST_SIZE) != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_I(sz), exit);
+        }
+    }
+#endif /* NO_LARGE_HASH_TEST */
+
+exit:
+
+    wc_Sm3Free(&sm3);
+    wc_Sm3Free(&sm3Copy);
+
+    return ret;
+}
+#endif
+
 #ifndef NO_HASH_WRAPPER
-WOLFSSL_TEST_SUBROUTINE int hash_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hash_test(void)
 {
     wc_HashAlg       hash;
     int              ret, exp_ret;
@@ -5050,7 +5410,7 @@ WOLFSSL_TEST_SUBROUTINE int hash_test(void)
 #if !defined(NO_HMAC) && !defined(NO_MD5) && !(defined(HAVE_FIPS) && \
                                                defined(HAVE_FIPS_VERSION) && \
                                                (HAVE_FIPS_VERSION >= 5))
-WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_md5_test(void)
 {
     Hmac hmac;
     byte hash[WC_MD5_DIGEST_SIZE];
@@ -5065,7 +5425,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
     testVector a, b, c;
     testVector test_hmac[3];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5132,7 +5492,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_md5_test(void)
 #endif /* !NO_HMAC && !NO_MD5 && (!HAVE_FIPS || (HAVE_FIPS_VERSION < 5)) */
 
 #if !defined(NO_HMAC) && !defined(NO_SHA)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA_DIGEST_SIZE];
@@ -5149,7 +5509,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
     testVector a, b, c;
     testVector test_hmac[3];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5215,7 +5575,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha_test(void)
 
 
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA224)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha224_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA224_DIGEST_SIZE];
@@ -5237,7 +5597,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
     testVector a, b, c, d;
     testVector test_hmac[4];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5310,7 +5670,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha224_test(void)
 
 
 #if !defined(NO_HMAC) && !defined(NO_SHA256)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha256_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA256_DIGEST_SIZE];
@@ -5329,7 +5689,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
     testVector a, b, c, d;
     testVector test_hmac[4];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5404,7 +5764,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
 #ifndef HAVE_FIPS
     if ((ret = wc_HmacSizeByType(WC_SHA256)) != WC_SHA256_DIGEST_SIZE)
         return WC_TEST_RET_ENC_EC(ret);
-    if ((ret = wc_HmacSizeByType(20)) != BAD_FUNC_ARG)
+    if ((ret = wc_HmacSizeByType(21)) != BAD_FUNC_ARG)
         return WC_TEST_RET_ENC_EC(ret);
 #endif
     if ((ret = wolfSSL_GetHmacMaxSize()) != WC_MAX_DIGEST_SIZE)
@@ -5416,7 +5776,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha256_test(void)
 
 
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA384)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha384_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA384_DIGEST_SIZE];
@@ -5442,7 +5802,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
     testVector a, b, c, d;
     testVector test_hmac[4];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5523,7 +5883,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha384_test(void)
 
 
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA512)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha512_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA512_DIGEST_SIZE];
@@ -5549,7 +5909,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
     testVector a, b, c, d;
     testVector test_hmac[4];
 
-    int ret;
+    wc_test_ret_t ret;
     int times = sizeof(test_hmac) / sizeof(testVector), i;
 
     a.input  = "Hi There";
@@ -5636,7 +5996,7 @@ WOLFSSL_TEST_SUBROUTINE int hmac_sha512_test(void)
 #if !defined(NO_HMAC) && defined(WOLFSSL_SHA3) && \
     !defined(WOLFSSL_NOSHA3_224) && !defined(WOLFSSL_NOSHA3_256) && \
     !defined(WOLFSSL_NOSHA3_384) && !defined(WOLFSSL_NOSHA3_512)
-WOLFSSL_TEST_SUBROUTINE int hmac_sha3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hmac_sha3_test(void)
 {
     Hmac hmac;
     byte hash[WC_SHA3_512_DIGEST_SIZE];
@@ -5819,9 +6179,9 @@ typedef struct rc2TestVector {
     int effectiveKeyBits;   /* Up to 1024 bits supported */
 } rc2TestVector;
 
-static int rc2_ecb_test(void)
+static wc_test_ret_t rc2_ecb_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     byte cipher[RC2_BLOCK_SIZE];
     byte plain[RC2_BLOCK_SIZE];
 
@@ -5948,9 +6308,9 @@ static int rc2_ecb_test(void)
     return 0;
 }
 
-static int rc2_cbc_test(void)
+static wc_test_ret_t rc2_cbc_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     byte cipher[128];
     byte plain[128];
 
@@ -6110,7 +6470,7 @@ static int rc2_cbc_test(void)
             return WC_TEST_RET_ENC_NC;
         }
 
-        /* reset IV for decrypt, since overriden by encrypt operation */
+        /* reset IV for decrypt, since overridden by encrypt operation */
         ret = wc_Rc2SetIV(&rc2, (byte*)test_rc2[j].iv);
         if (ret != 0) {
             return WC_TEST_RET_ENC_EC(ret);
@@ -6129,9 +6489,9 @@ static int rc2_cbc_test(void)
     return 0;
 }
 
-WOLFSSL_TEST_SUBROUTINE int rc2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rc2_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     ret = rc2_ecb_test();
     if (ret != 0) {
@@ -6144,11 +6504,11 @@ WOLFSSL_TEST_SUBROUTINE int rc2_test(void)
 
 
 #ifndef NO_RC4
-WOLFSSL_TEST_SUBROUTINE int arc4_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t arc4_test(void)
 {
     byte cipher[16];
     byte plain[16];
-    int ret;
+    wc_test_ret_t ret;
 
     const char* keys[] =
     {
@@ -6232,7 +6592,7 @@ WOLFSSL_TEST_SUBROUTINE int arc4_test(void)
 #endif
 
 #ifdef HAVE_CHACHA
-WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha_test(void)
 {
     ChaCha enc;
     ChaCha dec;
@@ -6241,7 +6601,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
     byte   sliver[64];
     byte   input[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
     word32 keySz = 32;
-    int    ret = 0;
+    wc_test_ret_t ret = 0;
     int    i;
     int    times = 4;
 
@@ -6618,9 +6978,9 @@ WOLFSSL_TEST_SUBROUTINE int chacha_test(void)
 
 
 #ifdef HAVE_POLY1305
-WOLFSSL_TEST_SUBROUTINE int poly1305_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t poly1305_test(void)
 {
-    int      ret = 0;
+    wc_test_ret_t ret = 0;
     int      i;
     byte     tag[16];
     Poly1305 enc;
@@ -6829,7 +7189,7 @@ WOLFSSL_TEST_SUBROUTINE int poly1305_test(void)
 
 
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
-WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t chacha20_poly1305_aead_test(void)
 {
     /* Test #1 from Section 2.8.2 of draft-irtf-cfrg-chacha20-poly1305-10 */
     /* https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-10  */
@@ -6994,7 +7354,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
     byte generatedCiphertext[265]; /* max plaintext2/cipher2 */
     byte generatedPlaintext[265];  /* max plaintext2/cipher2 */
     byte generatedAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
-    int err;
+    wc_test_ret_t err;
 
     ChaChaPoly_Aead aead;
 
@@ -7348,7 +7708,7 @@ WOLFSSL_TEST_SUBROUTINE int chacha20_poly1305_aead_test(void)
 
 
 #ifndef NO_DES3
-WOLFSSL_TEST_SUBROUTINE int des_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des_test(void)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
         0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
@@ -7379,7 +7739,7 @@ WOLFSSL_TEST_SUBROUTINE int des_test(void)
         0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
     };
 
-    int ret;
+    wc_test_ret_t ret;
 
     ret = wc_Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
     if (ret != 0)
@@ -7443,7 +7803,7 @@ WOLFSSL_TEST_SUBROUTINE int des_test(void)
 
 
 #ifndef NO_DES3
-WOLFSSL_TEST_SUBROUTINE int des3_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t des3_test(void)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
         0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
@@ -7478,7 +7838,7 @@ WOLFSSL_TEST_SUBROUTINE int des3_test(void)
         0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
     };
 
-    int ret;
+    wc_test_ret_t ret;
 #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
     size_t i;
 #endif
@@ -7592,7 +7952,7 @@ static const int fiducial1 = WC_TEST_RET_LN; /* source code reference point --
     && !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
 /* pass in the function, key, iv, plain text and expected and this function
  * tests that the encryption and decryption is successful */
-static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
+static wc_test_ret_t EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         const byte* iv, const byte* plain, int plainSz,
         const byte* expected, int expectedSz)
 {
@@ -7601,7 +7961,9 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
 #else
     EVP_CIPHER_CTX ctx[1];
 #endif
-    int idx, ret = 0, cipherSz;
+    int ctx_inited = 0;
+    int idx, cipherSz;
+    wc_test_ret_t ret = 0;
     byte* cipher;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -7617,6 +7979,7 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
 
     /* test encrypt */
     EVP_CIPHER_CTX_init(ctx);
+    ctx_inited = 1;
     if (EVP_CipherInit(ctx, type, key, iv, 1) == 0) {
         ret = WC_TEST_RET_ENC_NC;
         goto EVP_TEST_END;
@@ -7639,8 +8002,18 @@ static int EVP_test(const WOLFSSL_EVP_CIPHER* type, const byte* key,
         goto EVP_TEST_END;
     }
 
+    ret = wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
+    ctx_inited = 0;
+    if (ret == WOLFSSL_SUCCESS)
+        ret = 0;
+    else {
+        ret = WC_TEST_RET_ENC_NC;
+        goto EVP_TEST_END;
+    }
+
     /* test decrypt */
     EVP_CIPHER_CTX_init(ctx);
+    ctx_inited = 1;
     if (EVP_CipherInit(ctx, type, key, iv, 0) == 0) {
         ret = WC_TEST_RET_ENC_NC;
         goto EVP_TEST_END;
@@ -7667,6 +8040,13 @@ EVP_TEST_END:
     if (cipher)
         XFREE(cipher, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     (void)cipherSz;
+
+    if (ctx_inited) {
+        int cleanup_ret = wolfSSL_EVP_CIPHER_CTX_cleanup(ctx);
+        if (cleanup_ret != WOLFSSL_SUCCESS)
+            ret = WC_TEST_RET_ENC_NC;
+    }
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     wolfSSL_EVP_CIPHER_CTX_free(ctx);
 #endif
@@ -7678,7 +8058,7 @@ EVP_TEST_END:
 
 #ifdef WOLFSSL_AES_OFB
     /* test vector from https://csrc.nist.gov/Projects/cryptographic-algorithm-validation-program/Block-Ciphers */
-    WOLFSSL_TEST_SUBROUTINE int aesofb_test(void)
+    WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesofb_test(void)
     {
     #ifdef WOLFSSL_AES_256
         WOLFSSL_SMALL_STACK_STATIC const byte key1[] =
@@ -7775,7 +8155,7 @@ EVP_TEST_END:
 #endif
         byte plain [AES_BLOCK_SIZE * 4];
     #endif
-        int  ret = 0;
+        wc_test_ret_t ret = 0;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
@@ -7802,6 +8182,14 @@ EVP_TEST_END:
         }
     #endif
 
+        ret = wc_AesInit(enc, HEAP_HINT, INVALID_DEVID);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+        ret = wc_AesInit(dec, HEAP_HINT, INVALID_DEVID);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
         ret = wc_AesSetKey(enc, key2, sizeof(key2), iv2, AES_ENCRYPTION);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -8044,7 +8432,7 @@ EVP_TEST_END:
 
 #if defined(WOLFSSL_AES_CFB)
     /* Test cases from NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation Methods an*/
-    static int aescfb_test(void)
+    static wc_test_ret_t aescfb_test(void)
     {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         Aes *enc = NULL;
@@ -8062,7 +8450,7 @@ EVP_TEST_END:
         int dec_inited = 0;
         byte plain [AES_BLOCK_SIZE * 4];
     #endif
-        int  ret = 0;
+        wc_test_ret_t ret = 0;
 
         WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
             0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
@@ -8369,7 +8757,7 @@ EVP_TEST_END:
     }
 
 #if !defined(HAVE_SELFTEST) && !defined(HAVE_FIPS)
-    static int aescfb1_test(void)
+    static wc_test_ret_t aescfb1_test(void)
     {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         Aes *enc = NULL;
@@ -8387,7 +8775,7 @@ EVP_TEST_END:
         int dec_inited = 0;
         byte plain [AES_BLOCK_SIZE];
     #endif
-        int  ret = 0;
+        wc_test_ret_t ret = 0;
 
 #ifdef WOLFSSL_AES_128
         WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
@@ -8619,7 +9007,7 @@ EVP_TEST_END:
         return ret;
     }
 
-    static int aescfb8_test(void)
+    static wc_test_ret_t aescfb8_test(void)
     {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         Aes *enc = NULL;
@@ -8637,7 +9025,7 @@ EVP_TEST_END:
         int dec_inited = 0;
         byte plain [AES_BLOCK_SIZE];
     #endif
-        int  ret = 0;
+        wc_test_ret_t ret = 0;
 
 #ifdef WOLFSSL_AES_128
         WOLFSSL_SMALL_STACK_STATIC const byte iv[] = {
@@ -8837,9 +9225,9 @@ EVP_TEST_END:
 #endif /* WOLFSSL_AES_CFB */
 
 
-static int aes_key_size_test(void)
+static wc_test_ret_t aes_key_size_test(void)
 {
-    int    ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Aes    *aes;
 #else
@@ -8970,10 +9358,11 @@ static int aes_key_size_test(void)
     return ret;
 }
 
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
+
 /* test vectors from http://csrc.nist.gov/groups/STM/cavp/block-cipher-modes.html */
 #ifdef WOLFSSL_AES_128
-static int aes_xts_128_test(void)
+static wc_test_ret_t aes_xts_128_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     XtsAes *aes = NULL;
@@ -8981,7 +9370,7 @@ static int aes_xts_128_test(void)
     XtsAes aes[1];
 #endif
     int aes_inited = 0;
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     unsigned char buf[AES_BLOCK_SIZE * 2 + 8];
     unsigned char cipher[AES_BLOCK_SIZE * 2 + 8];
 
@@ -9041,7 +9430,11 @@ static int aes_xts_128_test(void)
         0xff, 0x8d, 0xbc, 0x1d, 0x9f, 0x7f, 0xc8, 0x22
     };
 
-#if !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)
+    WOLFSSL_SMALL_STACK_STATIC unsigned char cp2[] = {
+        0x2b, 0xf7, 0x2c, 0xf3, 0xeb, 0x85, 0xef, 0x7b,
+        0x0b, 0x76, 0xa0, 0xaa, 0xf3, 0x3f, 0x25, 0x8b,
+        0x77, 0x8a, 0xe8, 0xb4, 0x3c, 0xb9, 0x8d, 0x5a
+    };
 
     WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
         0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
@@ -9068,8 +9461,6 @@ static int aes_xts_128_test(void)
         0xB5, 0x5A, 0xDD, 0xCB, 0x80, 0xE0, 0xFC, 0xCD
     };
 
-#endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
-
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
@@ -9085,27 +9476,41 @@ static int aes_xts_128_test(void)
 #endif
 
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     else
         aes_inited = 1;
 
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+    ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(c2, buf, sizeof(c2)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
     ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(c2, buf, sizeof(c2)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
     XMEMSET(buf, 0, sizeof(buf));
-    wc_AesXtsFree(aes);
 
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@@ -9117,6 +9522,19 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
     /* partial block encryption test */
     XMEMSET(cipher, 0, sizeof(cipher));
     ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
@@ -9125,12 +9543,26 @@ static int aes_xts_128_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    wc_AesXtsFree(aes);
+    if (XMEMCMP(cp2, cipher, sizeof(cp2)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    XMEMSET(cipher, 0, sizeof(cipher));
+    ret = wc_AesXtsEncrypt(aes, cipher, pp, sizeof(pp), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(cp2, cipher, sizeof(cp2)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
     /* partial block decrypt test */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@@ -9142,6 +9574,20 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(pp, buf, sizeof(pp)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    XMEMSET(buf, 0, sizeof(buf));
+    ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(pp, buf, sizeof(pp)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
     /* NIST decrypt test vector */
     XMEMSET(buf, 0, sizeof(buf));
     ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1));
@@ -9153,6 +9599,20 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    XMEMSET(buf, 0, sizeof(buf));
+    ret = wc_AesXtsDecrypt(aes, buf, c1, sizeof(c1), i1, sizeof(i1));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
     /* fail case with decrypting using wrong key */
     XMEMSET(buf, 0, sizeof(buf));
     ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9164,12 +9624,9 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(p2, buf, sizeof(p2)) == 0) /* fail case with wrong key */
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
-    wc_AesXtsFree(aes);
-
     /* set correct key and retest */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9181,18 +9638,11 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(p2, buf, sizeof(p2)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
-    wc_AesXtsFree(aes);
-
-#if !defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3)
-
     /* Test ciphertext stealing in-place. */
     XMEMCPY(buf, p3, sizeof(p3));
-    ret = wc_AesXtsSetKey(aes, k3, sizeof(k3), AES_ENCRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    else
-        aes_inited = 1;
 
     ret = wc_AesXtsEncrypt(aes, buf, buf, sizeof(p3), i3, sizeof(i3));
 #if defined(WOLFSSL_ASYNC_CRYPT)
@@ -9203,10 +9653,7 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(c3, buf, sizeof(c3)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
-    wc_AesXtsFree(aes);
-
-    ret = wc_AesXtsSetKey(aes, k3, sizeof(k3), AES_DECRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecrypt(aes, buf, buf, sizeof(c3), i3, sizeof(i3));
@@ -9218,7 +9665,61 @@ static int aes_xts_128_test(void)
     if (XMEMCMP(p3, buf, sizeof(p3)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
-#endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
+#if !defined(BENCH_EMBEDDED) && !defined(HAVE_CAVIUM) && \
+    !defined(WOLFSSL_AFALG)
+    {
+    #define LARGE_XTS_SZ        1024
+    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+        byte* large_input = (byte *)XMALLOC(LARGE_XTS_SZ, HEAP_HINT,
+            DYNAMIC_TYPE_TMP_BUFFER);
+    #else
+        byte large_input[LARGE_XTS_SZ];
+    #endif
+        int i;
+        int j;
+    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+        if (large_input == NULL)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), out);
+    #endif
+
+        for (i = 0; i < (int)LARGE_XTS_SZ; i++)
+            large_input[i] = (byte)i;
+
+        for (j = 16; j < (int)LARGE_XTS_SZ; j++) {
+            ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+            ret = wc_AesXtsEncrypt(aes, large_input, large_input, j, i1,
+                sizeof(i1));
+        #if defined(WOLFSSL_ASYNC_CRYPT)
+            ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+        #endif
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+            ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+            ret = wc_AesXtsDecrypt(aes, large_input, large_input, j, i1,
+                sizeof(i1));
+        #if defined(WOLFSSL_ASYNC_CRYPT)
+            ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+        #endif
+            if (ret != 0)
+                ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+            for (i = 0; i < j; i++) {
+                if (large_input[i] != (byte)i) {
+                    ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+                }
+            }
+        }
+    #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+        XFREE(large_input, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    #endif
+    }
+#endif /* !BENCH_EMBEDDED && !HAVE_CAVIUM &&
+        * !WOLFSSL_AFALG
+        */
 
   out:
 
@@ -9236,7 +9737,7 @@ static int aes_xts_128_test(void)
 
 
 #ifdef WOLFSSL_AES_256
-static int aes_xts_256_test(void)
+static wc_test_ret_t aes_xts_256_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     XtsAes *aes = NULL;
@@ -9244,7 +9745,7 @@ static int aes_xts_256_test(void)
     XtsAes aes[1];
 #endif
     int aes_inited = 0;
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     unsigned char buf[AES_BLOCK_SIZE * 3];
     unsigned char cipher[AES_BLOCK_SIZE * 3];
 
@@ -9334,13 +9835,17 @@ static int aes_xts_256_test(void)
     }
 #endif
 
-    XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     else
         aes_inited = 1;
+
+    XMEMSET(buf, 0, sizeof(buf));
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
     ret = wc_AesXtsEncrypt(aes, buf, p2, sizeof(p2), i2, sizeof(i2));
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9349,11 +9854,9 @@ static int aes_xts_256_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(c2, buf, sizeof(c2)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsEncrypt(aes, buf, p1, sizeof(p1), i1, sizeof(i1));
@@ -9373,12 +9876,10 @@ static int aes_xts_256_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    wc_AesXtsFree(aes);
 
     /* partial block decrypt test */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecrypt(aes, buf, cipher, sizeof(pp), i1, sizeof(i1));
@@ -9400,11 +9901,9 @@ static int aes_xts_256_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
-                          HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecrypt(aes, buf, c2, sizeof(c2), i2, sizeof(i2));
@@ -9433,7 +9932,7 @@ static int aes_xts_256_test(void)
 
 #if defined(WOLFSSL_AES_128) && defined(WOLFSSL_AES_256)
 /* both 128 and 256 bit key test */
-static int aes_xts_sector_test(void)
+static wc_test_ret_t aes_xts_sector_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     XtsAes *aes = NULL;
@@ -9441,7 +9940,7 @@ static int aes_xts_sector_test(void)
     XtsAes aes[1];
 #endif
     int aes_inited = 0;
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     unsigned char buf[AES_BLOCK_SIZE * 2];
 
     /* 128 key tests */
@@ -9490,18 +9989,140 @@ static int aes_xts_sector_test(void)
     };
     word64 s2 = 187;
 
+#if !defined(BENCH_EMBEDDED) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    /* Sector size for encrypt/decrypt consecutive sectors testcase */
+    word32 sectorSz = 512;
+
+    unsigned char data[550];
+
+    WOLFSSL_SMALL_STACK_STATIC unsigned char k3[] = {
+        0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+        0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+        0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
+        0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC unsigned char p3[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+        0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
+        0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+        0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
+        0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+        0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
+        0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
+        0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
+        0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
+        0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83,
+        0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+        0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
+        0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+        0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
+        0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+        0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
+        0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+        0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
+        0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+        0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
+        0xfc, 0xfd, 0xfe, 0xff,
+
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+        0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23,
+        0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
+        0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b,
+        0x3c, 0x3d, 0x3e, 0x3f, 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
+        0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f, 0x50, 0x51, 0x52, 0x53,
+        0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
+        0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6a, 0x6b,
+        0x6c, 0x6d, 0x6e, 0x6f, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
+        0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, 0x80, 0x81, 0x82, 0x83,
+        0x84, 0x85, 0x86, 0x87, 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
+        0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, 0x98, 0x99, 0x9a, 0x9b,
+        0x9c, 0x9d, 0x9e, 0x9f, 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
+        0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf, 0xb0, 0xb1, 0xb2, 0xb3,
+        0xb4, 0xb5, 0xb6, 0xb7, 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
+        0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, 0xc8, 0xc9, 0xca, 0xcb,
+        0xcc, 0xcd, 0xce, 0xcf, 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
+        0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, 0xe0, 0xe1, 0xe2, 0xe3,
+        0xe4, 0xe5, 0xe6, 0xe7, 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
+        0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb,
+        0xfc, 0xfd, 0xfe, 0xff,
+
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+        0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC unsigned char c3[] = {
+        0xb9, 0x6b, 0x2b, 0xfd, 0x61, 0x87, 0x84, 0xd5, 0x26, 0xd2, 0x8c, 0x62,
+        0x63, 0x01, 0xca, 0x46, 0xb1, 0x82, 0xfa, 0xdc, 0xbc, 0x32, 0x18, 0xe9,
+        0xda, 0xe6, 0xda, 0xd1, 0x1a, 0x52, 0x77, 0xca, 0xdb, 0x0e, 0xbe, 0x37,
+        0x88, 0x36, 0x1c, 0x87, 0x16, 0x60, 0xfe, 0xa8, 0x9e, 0xf6, 0x48, 0x64,
+        0x94, 0x34, 0x64, 0xed, 0xf6, 0x9a, 0xc5, 0x28, 0xc9, 0xed, 0x64, 0x80,
+        0x85, 0xd8, 0x93, 0xa7, 0x50, 0xb1, 0x9d, 0x2f, 0x1e, 0x34, 0xcc, 0xb4,
+        0x03, 0xfb, 0x6b, 0x43, 0x21, 0xa8, 0x5b, 0xc6, 0x59, 0x13, 0xd2, 0xb5,
+        0xf5, 0x7b, 0xf6, 0xb2, 0xa4, 0x7a, 0xd2, 0x50, 0x26, 0xcb, 0xa4, 0x83,
+        0xc3, 0x56, 0xb0, 0xb1, 0x14, 0x34, 0x12, 0x1b, 0xea, 0x26, 0x97, 0x24,
+        0x54, 0xcc, 0x32, 0x4c, 0xa4, 0xc2, 0xa3, 0x07, 0xfa, 0x30, 0xa9, 0xf0,
+        0x91, 0x17, 0x60, 0x68, 0x88, 0x7f, 0x34, 0x7e, 0xbd, 0x20, 0x33, 0x95,
+        0x6e, 0xc0, 0xb6, 0x2b, 0xff, 0x7e, 0x61, 0x35, 0x9a, 0x88, 0xff, 0xd9,
+        0x69, 0x21, 0xe7, 0x8f, 0x45, 0x02, 0xf9, 0xd7, 0xeb, 0xa6, 0x53, 0xf1,
+        0x73, 0x04, 0xf1, 0x0b, 0x85, 0xc6, 0x1f, 0x4a, 0x51, 0x2f, 0x95, 0x87,
+        0x5a, 0x67, 0x37, 0xb2, 0x87, 0xf7, 0xbe, 0x2a, 0x17, 0x57, 0xca, 0xfc,
+        0xdd, 0x5f, 0x37, 0x48, 0x78, 0xbd, 0xfa, 0x75, 0xc9, 0xfa, 0x86, 0x7e,
+        0xc4, 0x0f, 0x60, 0x85, 0xce, 0x12, 0x44, 0x7c, 0xd9, 0xb2, 0x50, 0xd9,
+        0x57, 0x85, 0xa5, 0xd7, 0x68, 0x59, 0x03, 0x09, 0x97, 0x2e, 0x8e, 0xa5,
+        0xe3, 0x98, 0xac, 0x16, 0xfb, 0x6d, 0x54, 0xc5, 0x5d, 0x7a, 0x33, 0x44,
+        0x0a, 0x39, 0x91, 0xcc, 0x9f, 0x67, 0xf9, 0x89, 0xbb, 0x62, 0x02, 0xc4,
+        0x22, 0xec, 0xcf, 0x97, 0x69, 0x81, 0x3d, 0x00, 0xfd, 0xeb, 0x55, 0x08,
+        0xa2, 0xff, 0x97, 0xaa, 0x79, 0xde, 0x3c, 0x8a, 0x78, 0x71, 0x73, 0xa2,
+        0x98, 0x2f, 0xd8, 0x5c, 0x62, 0x1c, 0x5c, 0x23, 0x0a, 0xd1, 0xf1, 0x81,
+        0x8a, 0x12, 0xe7, 0x4d, 0xdd, 0x4f, 0xd4, 0xf1, 0xe8, 0x0f, 0x25, 0x79,
+        0x45, 0x4a, 0x49, 0x49, 0x7e, 0x56, 0x91, 0x4e, 0xaa, 0xba, 0x18, 0xe1,
+        0xe4, 0xbe, 0x21, 0xdc, 0x58, 0x60, 0x6f, 0x6a, 0x7f, 0xdc, 0x5e, 0x74,
+        0x47, 0xbf, 0xeb, 0x84, 0xc4, 0x1e, 0x5a, 0x61, 0x64, 0xc8, 0x63, 0x68,
+        0xfa, 0x17, 0x9c, 0xac, 0x60, 0x1c, 0xa5, 0x6e, 0x00, 0x21, 0x93, 0x3c,
+        0xd7, 0xbb, 0x73, 0x45, 0xf7, 0x34, 0x81, 0x6c, 0xfa, 0xf2, 0x33, 0xfd,
+        0xb1, 0x40, 0x30, 0x6b, 0x30, 0xd1, 0x83, 0x5e, 0x2e, 0x7a, 0xce, 0xa6,
+        0x12, 0x2a, 0x15, 0x03, 0x78, 0x29, 0xb9, 0x07, 0xae, 0xe7, 0xc2, 0x78,
+        0x74, 0x72, 0xa5, 0x0e, 0x6b, 0x1f, 0x78, 0xf2, 0x5a, 0x69, 0xb6, 0x2b,
+        0x99, 0x94, 0x1f, 0x89, 0xd1, 0x21, 0x14, 0x4a, 0x54, 0xab, 0x5a, 0x9f,
+        0xaa, 0xa7, 0x96, 0x0a, 0x21, 0xce, 0x30, 0xb6, 0x70, 0x81, 0xe9, 0xd3,
+        0x71, 0xc0, 0xf1, 0x15, 0xe2, 0xf6, 0xd3, 0xcc, 0x41, 0x15, 0x9d, 0xd5,
+        0xa3, 0xa4, 0xe0, 0xf8, 0x62, 0xc4, 0x76, 0x65, 0x63, 0x89, 0xa7, 0xe2,
+        0xfb, 0xf5, 0xc9, 0x80, 0x15, 0x5b, 0xc1, 0x59, 0xb2, 0xd0, 0x01, 0x3a,
+        0xf9, 0xab, 0x5b, 0x79, 0x54, 0xed, 0x6b, 0xf9, 0x1d, 0x9d, 0x87, 0x63,
+        0x80, 0x4f, 0xec, 0x9c, 0x4f, 0xad, 0x97, 0x04, 0xff, 0x62, 0x4a, 0x17,
+        0xc0, 0x09, 0x2a, 0x2c, 0x23, 0x4b, 0xc3, 0xb6, 0x6d, 0xed, 0xdb, 0x1a,
+        0x6f, 0x56, 0x2b, 0x78, 0x92, 0x3a, 0x5c, 0x7f, 0xb2, 0x63, 0xd3, 0xd5,
+        0x1a, 0xbe, 0xc2, 0x34, 0xc8, 0xad, 0x36, 0xb7, 0x12, 0xb8, 0xe1, 0xb7,
+        0x52, 0x7f, 0x16, 0x84, 0x2c, 0x47, 0x7e, 0xf2, 0xa5, 0x36, 0x2e, 0xad,
+        0xe7, 0xbb, 0xc0, 0x6f, 0x27, 0x8e, 0x41, 0x08, 0x75, 0xe5, 0xff, 0xde,
+        0x08, 0x9f, 0x8c, 0x91, 0xba, 0xc9, 0x9d, 0x9f, 0x27, 0x90, 0x50, 0x44,
+        0x24, 0xe7, 0x3d, 0x6f
+    };
+
+    word64 s3 = 0x000000ffffffffff;
+#endif
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((aes = (XtsAes *)XMALLOC(sizeof *aes, HEAP_HINT, DYNAMIC_TYPE_AES)) == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
 #endif
 
-    XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     else
         aes_inited = 1;
+
+    XMEMSET(buf, 0, sizeof(buf));
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
     ret = wc_AesXtsEncryptSector(aes, buf, p1, sizeof(p1), s1);
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9510,12 +10131,10 @@ static int aes_xts_sector_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(c1, buf, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     /* decrypt test */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecryptSector(aes, buf, c1, sizeof(c1), s1);
@@ -9526,12 +10145,10 @@ static int aes_xts_sector_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(p1, buf, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     /* 256 bit key tests */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_ENCRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsEncryptSector(aes, buf, p2, sizeof(p2), s2);
@@ -9542,12 +10159,10 @@ static int aes_xts_sector_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(c2, buf, sizeof(c2)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     /* decrypt test */
     XMEMSET(buf, 0, sizeof(buf));
-    ret = wc_AesXtsSetKey(aes, k2, sizeof(k2), AES_DECRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k2, sizeof(k2), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecryptSector(aes, buf, c2, sizeof(c2), s2);
@@ -9559,7 +10174,41 @@ static int aes_xts_sector_test(void)
     if (XMEMCMP(p2, buf, sizeof(p2)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
-  out:
+#if !defined(BENCH_EMBEDDED) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+    /* encrypt consecutive sectors test */
+    XMEMSET(data, 0, sizeof(buf));
+    ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_ENCRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    ret = wc_AesXtsEncryptConsecutiveSectors(aes, data, p3,
+            sizeof(p3), s3, sectorSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(c3, data, sizeof(c3)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+    /* decrypt consecutive sectors test */
+    XMEMSET(data, 0, sizeof(buf));
+    ret = wc_AesXtsSetKeyNoInit(aes, k3, sizeof(k3), AES_DECRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    ret = wc_AesXtsDecryptConsecutiveSectors(aes, data, c3,
+            sizeof(c3), s3, sectorSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(p3, data, sizeof(p3)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+#endif /* !BENCH_EMBEDDED && (!HAVE_FIPS || FIPS_VERSION_GE(5, 3)) */
+
+out:
 
     if (aes_inited)
         wc_AesXtsFree(aes);
@@ -9576,7 +10225,7 @@ static int aes_xts_sector_test(void)
 
 #ifdef WOLFSSL_AES_128
 /* testing of bad arguments */
-static int aes_xts_args_test(void)
+static wc_test_ret_t aes_xts_args_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     XtsAes *aes = NULL;
@@ -9584,7 +10233,7 @@ static int aes_xts_args_test(void)
     XtsAes aes[1];
 #endif
     int aes_inited = 0;
-    int ret;
+    wc_test_ret_t ret;
     unsigned char buf[AES_BLOCK_SIZE * 2];
 
     /* 128 key tests */
@@ -9611,20 +10260,22 @@ static int aes_xts_args_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_ERRNO, out);
 #endif
 
-    if (wc_AesXtsSetKey(NULL, k1, sizeof(k1), AES_ENCRYPTION,
-            HEAP_HINT, devId) == 0)
+    ret = wc_AesXtsInit(aes, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    else
+        aes_inited = 1;
+
+    if (wc_AesXtsSetKeyNoInit(NULL, k1, sizeof(k1), AES_ENCRYPTION) == 0)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    if (wc_AesXtsSetKey(aes, NULL, sizeof(k1), AES_ENCRYPTION,
-            HEAP_HINT, devId) == 0)
+    if (wc_AesXtsSetKeyNoInit(aes, NULL, sizeof(k1), AES_ENCRYPTION) == 0)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
     /* encryption operations */
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_ENCRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    else
-        aes_inited = 1;
+
     ret = wc_AesXtsEncryptSector(NULL, buf, p1, sizeof(p1), s1);
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &aes->aes.asyncDev, WC_ASYNC_FLAG_NONE);
@@ -9638,11 +10289,9 @@ static int aes_xts_args_test(void)
 #endif
     if (ret == 0)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    wc_AesXtsFree(aes);
 
     /* decryption operations */
-    ret = wc_AesXtsSetKey(aes, k1, sizeof(k1), AES_DECRYPTION,
-            HEAP_HINT, devId);
+    ret = wc_AesXtsSetKeyNoInit(aes, k1, sizeof(k1), AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     ret = wc_AesXtsDecryptSector(NULL, buf, c1, sizeof(c1), s1);
@@ -9674,14 +10323,14 @@ static int aes_xts_args_test(void)
     return ret;
 }
 #endif /* WOLFSSL_AES_128 */
-#endif /* WOLFSSL_AES_XTS */
+#endif /* WOLFSSL_AES_XTS && (!HAVE_FIPS || FIPS_VERSION_GE(5,3)) */
 
 #if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
-static int aes_cbc_test(void)
+static wc_test_ret_t aes_cbc_test(void)
 {
     byte cipher[AES_BLOCK_SIZE];
     byte plain[AES_BLOCK_SIZE];
-    int  ret;
+    wc_test_ret_t ret;
     WOLFSSL_SMALL_STACK_STATIC const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
         0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
         0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
@@ -9722,7 +10371,7 @@ static int aes_cbc_test(void)
 #endif
 
 #if defined(HAVE_AES_ECB) && !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
-static int aesecb_test(void)
+static wc_test_ret_t aesecb_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Aes *enc = (Aes *)XMALLOC(sizeof *enc, HEAP_HINT, DYNAMIC_TYPE_AES);
@@ -9740,7 +10389,7 @@ static int aesecb_test(void)
     int dec_inited = 0;
     byte plain [AES_BLOCK_SIZE * 4];
 #endif /* HAVE_AES_DECRYPT */
-    int  ret = 0;
+    wc_test_ret_t ret = 0;
 
 #if defined(WOLFSSL_AES_256)
     {
@@ -9784,17 +10433,83 @@ static int aesecb_test(void)
         if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        ret = wc_AesSetKey(enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesEcbEncrypt(enc, cipher, niPlain, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
         XMEMSET(plain, 0, AES_BLOCK_SIZE);
         ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
         if (wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE) != 0)
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-        wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
         if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    }
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        ret = wc_AesSetKey(dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesEcbDecrypt(dec, plain, niCipher, AES_BLOCK_SIZE);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+    }
 
   out:
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -9826,9 +10541,9 @@ static int aesecb_test(void)
 #endif /* HAVE_AES_ECB */
 
 #ifdef WOLFSSL_AES_COUNTER
-static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
+static wc_test_ret_t aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     /* test vectors from "Recommendation for Block Cipher Modes of
      * Operation" NIST Special Publication 800-38A */
@@ -10402,7 +11117,84 @@ static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
             ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
                 testVec[i].iv, AES_ENCRYPTION);
             if (ret != 0) {
-                ERROR_OUT(WC_TEST_RET_ENC_EC(i), out);
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+            }
+        }
+
+        ret = wc_AesCtrEncrypt(enc, cipher, testVec[i].plain, testVec[i].len);
+        if (ret != 0) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+        ret = wc_AesCtrEncrypt(dec, plain, cipher, testVec[i].len);
+        if (ret != 0) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+
+        if (XMEMCMP(plain, ctrPlain, testVec[i].len)) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+#if !(FIPS_VERSION_EQ(2,0) && defined(WOLFSSL_ARMASM))
+        if (XMEMCMP(cipher, testVec[i].cipher, testVec[i].len)) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+#endif
+    }
+
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    for (i = 0; i < AES_CTR_TEST_LEN; i++) {
+        if (testVec[i].key != NULL) {
+            ret = wc_AesSetKeyDirect(enc, testVec[i].key, testVec[i].keySz,
+                testVec[i].iv, AES_ENCRYPTION);
+            if (ret != 0) {
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+            }
+            /* Ctr only uses encrypt, even on key setup */
+            ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
+                testVec[i].iv, AES_ENCRYPTION);
+            if (ret != 0) {
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+            }
+        }
+
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesCtrEncrypt(enc, cipher, testVec[i].plain, testVec[i].len);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        ret = wc_AesCtrEncrypt(dec, plain, cipher, testVec[i].len);
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+        if (ret != 0) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+
+        if (XMEMCMP(plain, ctrPlain, testVec[i].len)) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+#if !(FIPS_VERSION_EQ(2,0) && defined(WOLFSSL_ARMASM))
+        if (XMEMCMP(cipher, testVec[i].cipher, testVec[i].len)) {
+            ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+        }
+#endif
+    }
+
+    for (i = 0; i < AES_CTR_TEST_LEN; i++) {
+        if (testVec[i].key != NULL) {
+            WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+            ret = wc_AesSetKeyDirect(enc, testVec[i].key, testVec[i].keySz,
+                testVec[i].iv, AES_ENCRYPTION);
+            WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+            if (ret != 0) {
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
+            }
+            /* Ctr only uses encrypt, even on key setup */
+            WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+            ret = wc_AesSetKeyDirect(dec, testVec[i].key, testVec[i].keySz,
+                testVec[i].iv, AES_ENCRYPTION);
+            WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+            if (ret != 0) {
+                ERROR_OUT(WC_TEST_RET_ENC_I(i), out);
             }
         }
 
@@ -10425,13 +11217,16 @@ static int aesctr_test(Aes* enc, Aes* dec, byte* cipher, byte* plain)
 #endif
     }
 
+#endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_AES_C_DYNAMIC_FALLBACK */
+
+
 out:
     return ret;
 }
 #endif /* WOLFSSL_AES_COUNTER */
 
 
-WOLFSSL_TEST_SUBROUTINE int aes_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_test(void)
 {
 #if defined(HAVE_AES_CBC) || defined(WOLFSSL_AES_COUNTER) || defined(WOLFSSL_AES_DIRECT)
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10451,7 +11246,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
     byte plain [AES_BLOCK_SIZE * 4];
 #endif /* HAVE_AES_DECRYPT */
 #endif /* HAVE_AES_CBC || WOLFSSL_AES_COUNTER || WOLFSSL_AES_DIRECT */
-    int  ret = 0;
+    wc_test_ret_t ret = 0;
 
 #ifdef HAVE_AES_CBC
 #ifdef WOLFSSL_AES_128
@@ -10466,8 +11261,13 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
         0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
         0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
     };
-
-    WOLFSSL_SMALL_STACK_STATIC const byte key[] = "0123456789abcdef   ";  /* align */
+    #ifdef HAVE_RENESAS_SYNC
+        const byte *key =
+                (byte*)guser_PKCbInfo.wrapped_key_aes128;
+    #else
+        WOLFSSL_SMALL_STACK_STATIC const
+            byte key[] = "0123456789abcdef   ";  /* align */
+    #endif
     WOLFSSL_SMALL_STACK_STATIC const byte iv[]  = "1234567890abcdef   ";  /* align */
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10501,6 +11301,35 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 #endif
 
+#ifdef HAVE_AES_ECB
+    {
+        WOLFSSL_SMALL_STACK_STATIC const byte verify_ecb[AES_BLOCK_SIZE] = {
+            0xd0, 0xc9, 0xd9, 0xc9, 0x40, 0xe8, 0x97, 0xb6,
+            0xc8, 0x8c, 0x33, 0x3b, 0xb5, 0x8f, 0x85, 0xd1
+        };
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
+        ret = wc_AesEcbEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
+    #if defined(WOLFSSL_ASYNC_CRYPT)
+        ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+    #endif
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+        if (XMEMCMP(cipher, verify_ecb, AES_BLOCK_SIZE))
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    #ifdef HAVE_AES_DECRYPT
+        XMEMSET(plain, 0, AES_BLOCK_SIZE * 4);
+        ret = wc_AesEcbDecrypt(dec, plain, cipher, AES_BLOCK_SIZE);
+    #if defined(WOLFSSL_ASYNC_CRYPT)
+        ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+    #endif
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+        if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    #endif /* HAVE_AES_DECRYPT */
+    }
+#endif
+
     XMEMSET(cipher, 0, AES_BLOCK_SIZE * 4);
     ret = wc_AesCbcEncrypt(enc, cipher, msg, AES_BLOCK_SIZE);
 #if defined(WOLFSSL_ASYNC_CRYPT)
@@ -10520,8 +11349,11 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
     if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 #endif /* HAVE_AES_DECRYPT */
+    /* skipped because wrapped key use in case of renesas sm */
+    #ifndef HAVE_RENESAS_SYNC
     if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    #endif
 #endif /* WOLFSSL_AES_128 */
 
 #if defined(WOLFSSL_AESNI) && defined(HAVE_AES_DECRYPT)
@@ -10641,6 +11473,57 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
                 break;
         }
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+        /* Iterate from one AES_BLOCK_SIZE of bigMsg through the whole
+         * message by AES_BLOCK_SIZE for each size of AES key. */
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+        for (keySz = 16; keySz <= 32; keySz += 8) {
+            for (msgSz = AES_BLOCK_SIZE;
+                 msgSz <= sizeof(bigMsg);
+                 msgSz += AES_BLOCK_SIZE) {
+
+                XMEMSET(bigCipher, 0, sizeof(bigMsg));
+                XMEMSET(bigPlain, 0, sizeof(bigMsg));
+                ret = wc_AesSetKey(enc, bigKey, keySz, iv, AES_ENCRYPTION);
+                if (ret != 0) {
+                    ret = WC_TEST_RET_ENC_EC(ret);
+                    break;
+                }
+                ret = wc_AesSetKey(dec, bigKey, keySz, iv, AES_DECRYPTION);
+                if (ret != 0) {
+                    ret = WC_TEST_RET_ENC_EC(ret);
+                    break;
+                }
+
+                ret = wc_AesCbcEncrypt(enc, bigCipher, bigMsg, msgSz);
+            #if defined(WOLFSSL_ASYNC_CRYPT)
+                ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+            #endif
+                if (ret != 0) {
+                    ret = WC_TEST_RET_ENC_EC(ret);
+                    break;
+                }
+
+                ret = wc_AesCbcDecrypt(dec, bigPlain, bigCipher, msgSz);
+            #if defined(WOLFSSL_ASYNC_CRYPT)
+                ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+            #endif
+                if (ret != 0) {
+                    ret = WC_TEST_RET_ENC_EC(ret);
+                    break;
+                }
+
+                if (XMEMCMP(bigPlain, bigMsg, msgSz)) {
+                    ret = WC_TEST_RET_ENC_NC;
+                    break;
+                }
+            }
+            if (ret != 0)
+                break;
+        }
+        WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+#endif /* DEBUG_VECTOR_REGISTER_ACCESS && WC_AES_C_DYNAMIC_FALLBACK */
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         XFREE(bigCipher, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
         XFREE(bigPlain, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -10652,7 +11535,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
 #endif /* WOLFSSL_AESNI && HAVE_AES_DECRYPT */
 
     /* Test of AES IV state with encrypt/decrypt */
-#ifdef WOLFSSL_AES_128
+#if defined(WOLFSSL_AES_128) && !defined(HAVE_RENESAS_SYNC)
     {
         /* Test Vector from "NIST Special Publication 800-38A, 2001 Edition"
          * https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-38a.pdf
@@ -10692,9 +11575,10 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
     #endif
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    #ifndef HAVE_RENESAS_SYNC
         if (XMEMCMP(cipher, verify2, AES_BLOCK_SIZE))
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
+    #endif
         ret = wc_AesCbcEncrypt(enc, cipher + AES_BLOCK_SIZE,
                 msg2 + AES_BLOCK_SIZE, AES_BLOCK_SIZE);
     #if defined(WOLFSSL_ASYNC_CRYPT)
@@ -10733,7 +11617,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
 
         #endif /* HAVE_AES_DECRYPT */
     }
-#endif /* WOLFSSL_AES_128 */
+#endif /* WOLFSSL_AES_128 && !HAVE_RENESAS_SYNC */
 #endif /* HAVE_AES_CBC */
 
 #ifdef WOLFSSL_AES_COUNTER
@@ -10800,17 +11684,20 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
     }
 #endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
 
+#ifndef HAVE_RENESAS_SYNC
     ret = aes_key_size_test();
     if (ret != 0)
         goto out;
+#endif
 
-#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128)
+#if defined(HAVE_AES_CBC) && defined(WOLFSSL_AES_128) && \
+    !defined(HAVE_RENESAS_SYNC)
     ret = aes_cbc_test();
     if (ret != 0)
         goto out;
 #endif
 
-#if defined(WOLFSSL_AES_XTS)
+#if defined(WOLFSSL_AES_XTS) && (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5,3))
     #ifdef WOLFSSL_AES_128
     ret = aes_xts_128_test();
     if (ret != 0)
@@ -10887,7 +11774,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_test(void)
 }
 
 #ifdef WOLFSSL_AES_192
-WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes192_test(void)
 {
 #ifdef HAVE_AES_CBC
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -10905,7 +11792,7 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
     byte plain[AES_BLOCK_SIZE];
 #endif
 #endif /* HAVE_AES_CBC */
-    int  ret = 0;
+    wc_test_ret_t ret = 0;
 
 #ifdef HAVE_AES_CBC
     /* Test vectors from NIST Special Publication 800-38A, 2001 Edition
@@ -10966,6 +11853,9 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+
 #ifdef HAVE_AES_DECRYPT
     XMEMSET(plain, 0, AES_BLOCK_SIZE);
     ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
@@ -10979,9 +11869,6 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
     }
 #endif
 
-    if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
-        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
     wc_AesFree(enc);
 #ifdef HAVE_AES_DECRYPT
     wc_AesFree(dec);
@@ -11003,7 +11890,7 @@ WOLFSSL_TEST_SUBROUTINE int aes192_test(void)
 #endif /* WOLFSSL_AES_192 */
 
 #ifdef WOLFSSL_AES_256
-WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes256_test(void)
 {
 #ifdef HAVE_AES_CBC
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -11021,7 +11908,7 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
     byte plain[AES_BLOCK_SIZE];
 #endif
 #endif /* HAVE_AES_CBC */
-    int  ret = 0;
+    wc_test_ret_t ret = 0;
 
 #ifdef HAVE_AES_CBC
     /* Test vectors from NIST Special Publication 800-38A, 2001 Edition,
@@ -11036,13 +11923,19 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
         0xf5,0x8c,0x4c,0x04,0xd6,0xe5,0xf1,0xba,
         0x77,0x9e,0xab,0xfb,0x5f,0x7b,0xfb,0xd6
     };
-
+#ifdef HAVE_RENESAS_SYNC
+    byte *key =
+                (byte*)guser_PKCbInfo.wrapped_key_aes256;
+    int keySz = (256/8);
+#else
     WOLFSSL_SMALL_STACK_STATIC byte key[] = {
         0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
         0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
         0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
         0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
     };
+    int keySz = (int)sizeof(key);
+#endif
     WOLFSSL_SMALL_STACK_STATIC byte iv[]  = {
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
         0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F
@@ -11066,11 +11959,11 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 #endif
 
-    ret = wc_AesSetKey(enc, key, (int) sizeof(key), iv, AES_ENCRYPTION);
+    ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 #ifdef HAVE_AES_DECRYPT
-    ret = wc_AesSetKey(dec, key, (int) sizeof(key), iv, AES_DECRYPTION);
+    ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 #endif
@@ -11094,15 +11987,102 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     }
 #endif
+#ifndef HAVE_RENESAS_SYNC
+    if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+    wc_AesFree(enc);
+#ifdef HAVE_AES_DECRYPT
+    wc_AesFree(dec);
+#endif
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+    ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#endif
+
+    XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+    XMEMSET(plain, 0, AES_BLOCK_SIZE);
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    }
+#endif
+#ifndef HAVE_RENESAS_SYNC
     if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
     wc_AesFree(enc);
 #ifdef HAVE_AES_DECRYPT
     wc_AesFree(dec);
 #endif
 
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesSetKey(enc, key, keySz, iv, AES_ENCRYPTION);
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesSetKey(dec, key, keySz, iv, AES_DECRYPTION);
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#endif
+
+    XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+    ret = wc_AesCbcEncrypt(enc, cipher, msg, (int) sizeof(msg));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifdef HAVE_AES_DECRYPT
+    XMEMSET(plain, 0, AES_BLOCK_SIZE);
+    ret = wc_AesCbcDecrypt(dec, plain, cipher, (int) sizeof(cipher));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(plain, msg, (int) sizeof(plain))) {
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    }
+#endif
+#ifndef HAVE_RENESAS_SYNC
+    if (XMEMCMP(cipher, verify, (int) sizeof(cipher)))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
+
+    wc_AesFree(enc);
+#ifdef HAVE_AES_DECRYPT
+    wc_AesFree(dec);
+#endif
+
+#endif
+
   out:
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if (enc)
@@ -11122,11 +12102,12 @@ WOLFSSL_TEST_SUBROUTINE int aes256_test(void)
 #ifdef HAVE_AESGCM
 
 #ifdef WOLFSSL_AES_128
-static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
+static wc_test_ret_t aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
                 byte* plain, int plainSz, byte* cipher, int cipherSz,
                 byte* aad, int aadSz, byte* tag, int tagSz)
 {
-    int ret, enc_inited = 0, dec_inited = 0;
+    wc_test_ret_t ret;
+    int enc_inited = 0, dec_inited = 0;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Aes *enc = NULL;
     Aes *dec = NULL;
@@ -11168,7 +12149,6 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
     ret = wc_AesGcmEncrypt(enc, resultC, plain, plainSz, iv, ivSz,
                                      resultT, tagSz, aad, aadSz);
-
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
@@ -11181,6 +12161,23 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
     if (XMEMCMP(tag, resultT, tagSz))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesGcmEncrypt(enc, resultC, plain, plainSz, iv, ivSz,
+                                     resultT, tagSz, aad, aadSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (cipher != NULL) {
+        if (XMEMCMP(cipher, resultC, cipherSz))
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    }
+    if (XMEMCMP(tag, resultT, tagSz))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
     ret = wc_AesGcmSetKey(dec, key, keySz);
@@ -11199,6 +12196,22 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
             ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     }
 
+#if defined(DEBUG_VECTOR_REGISTER_ACCESS) && defined(WC_AES_C_DYNAMIC_FALLBACK)
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(SYSLIB_FAILED_E);
+    ret = wc_AesGcmDecrypt(dec, resultP, resultC, cipherSz,
+                   iv, ivSz, resultT, tagSz, aad, aadSz);
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (plain != NULL) {
+        if (XMEMCMP(plain, resultP, plainSz))
+            ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    }
+#endif
+
 #endif /* HAVE_AES_DECRYPT */
 
     ret = 0;
@@ -11231,7 +12244,7 @@ static int aesgcm_default_test_helper(byte* key, int keySz, byte* iv, int ivSz,
 /* tests that only use 12 byte IV and 16 or less byte AAD
  * test vectors are from NIST SP 800-38D
  * https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/CAVP-TESTING-BLOCK-CIPHER-MODES*/
-WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_default_test(void)
 {
 #ifdef WOLFSSL_AES_128
     byte key1[] = {
@@ -11308,7 +12321,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
         0x11, 0x64, 0xb2, 0xff
     };
 
-    int ret;
+    wc_test_ret_t ret;
     ret = aesgcm_default_test_helper(key1, sizeof(key1), iv1, sizeof(iv1),
             plain1, sizeof(plain1), cipher1, sizeof(cipher1),
             aad1, sizeof(aad1), tag1, sizeof(tag1));
@@ -11332,7 +12345,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_default_test(void)
     return 0;
 }
 
-WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesgcm_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Aes *enc = NULL;
@@ -11369,6 +12382,10 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 #endif
 
 #ifdef WOLFSSL_AES_256
+#ifdef HAVE_RENESAS_SYNC
+    const byte *k1 = (byte*)guser_PKCbInfo.wrapped_key_aes256;
+    int k1Sz = (int)(256/8);
+#else
     WOLFSSL_SMALL_STACK_STATIC const byte k1[] =
     {
         0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
@@ -11376,7 +12393,8 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
         0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
     };
-
+    int k1Sz = (int)sizeof(k1);
+#endif
     WOLFSSL_SMALL_STACK_STATIC const byte iv1[] =
     {
         0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
@@ -11462,11 +12480,18 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         0x8e, 0x1a, 0xa2, 0x3b, 0x77, 0xcb, 0xaf, 0xe2
     };
 
+#ifdef HAVE_RENESAS_SYNC
+    const byte *k3 =
+        (byte*)guser_PKCbInfo.wrapped_key_aes128;
+    int k3Sz = (int)(128/8);
+#else
     WOLFSSL_SMALL_STACK_STATIC const byte k3[] =
     {
         0xbb, 0x01, 0xd7, 0x03, 0x81, 0x1c, 0x10, 0x1a,
         0x35, 0xe0, 0xff, 0xd2, 0x91, 0xba, 0xf2, 0x4b
     };
+    int k3Sz = (int)sizeof(k3);
+#endif
 
     WOLFSSL_SMALL_STACK_STATIC const byte iv3[] =
     {
@@ -11499,7 +12524,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
     byte resultT[sizeof(t1) + AES_BLOCK_SIZE];
     byte resultP[sizeof(p) + AES_BLOCK_SIZE];
     byte resultC[sizeof(p) + AES_BLOCK_SIZE];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #ifdef WOLFSSL_AES_256
     #if !(defined(WOLF_CRYPTO_CB) && defined(HAVE_INTEL_QA_SYNC))
     int  alen;
@@ -11557,7 +12582,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
 #ifdef WOLFSSL_AES_256
-    ret = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+    ret = wc_AesGcmSetKey(enc, k1, k1Sz);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
@@ -11569,13 +12594,15 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
     if (XMEMCMP(c1, resultC, sizeof(c1)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     if (XMEMCMP(t1, resultT, sizeof(t1)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
-    ret = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+    ret = wc_AesGcmSetKey(dec, k1, k1Sz);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
@@ -11613,15 +12640,15 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
-    if (ret != 0)
-        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 #endif /* HAVE_AES_DECRYPT */
 #endif /* BENCH_AESGCM_LARGE */
 #if defined(ENABLE_NON_12BYTE_IV_TEST) && defined(WOLFSSL_AES_256)
     /* Variable IV length test */
-    for (ivlen=1; ivlen<(int)sizeof(k1); ivlen++) {
+    for (ivlen=1; ivlen<k1Sz; ivlen++) {
          /* AES-GCM encrypt and decrypt both use AES encrypt internally */
          ret = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p), k1,
                          (word32)ivlen, resultT, sizeof(t1), a, sizeof(a));
@@ -11683,7 +12710,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
     }
 
     /* Test unaligned memory of all potential arguments */
-    ret = wc_AesGcmSetKey(enc, k1, sizeof(k1));
+    ret = wc_AesGcmSetKey(enc, k1, k1Sz);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
@@ -11700,7 +12727,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
 #ifdef HAVE_AES_DECRYPT
-    ret = wc_AesGcmSetKey(dec, k1, sizeof(k1));
+    ret = wc_AesGcmSetKey(dec, k1, k1Sz);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
 
@@ -11798,12 +12825,44 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 #endif /* HAVE_AES_DECRYPT */
 
+    /* Large buffer test */
+#ifdef BENCH_AESGCM_LARGE
+    wc_AesGcmSetKey(enc, k2, k3Sz);
+    wc_AesGcmSetKey(dec, k2, k3Sz);
+    /* setup test buffer */
+    for (alen=0; alen<BENCH_AESGCM_LARGE; alen++)
+        large_input[alen] = (byte)alen;
+
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    ret = wc_AesGcmEncrypt(enc, large_output, large_input,
+                              BENCH_AESGCM_LARGE, iv1, sizeof(iv1),
+                              resultT, sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+#ifdef HAVE_AES_DECRYPT
+    ret = wc_AesGcmDecrypt(dec, large_outdec, large_output,
+                              BENCH_AESGCM_LARGE, iv1, sizeof(iv1), resultT,
+                              sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* BENCH_AESGCM_LARGE */
+
     XMEMSET(resultT, 0, sizeof(resultT));
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
 #endif /* WOLFSSL_AES_192 */
 #ifdef WOLFSSL_AES_128
-    wc_AesGcmSetKey(enc, k3, sizeof(k3));
+    wc_AesGcmSetKey(enc, k3, k3Sz);
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
     ret = wc_AesGcmEncrypt(enc, resultC, p3, sizeof(p3), iv3, sizeof(iv3),
                                         resultT, sizeof(t3), a3, sizeof(a3));
@@ -11812,10 +12871,12 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
     if (XMEMCMP(c3, resultC, sizeof(c3)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     if (XMEMCMP(t3, resultT, sizeof(t3)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif
 
 #ifdef HAVE_AES_DECRYPT
     ret = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(c3),
@@ -11828,6 +12889,38 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
     if (XMEMCMP(p3, resultP, sizeof(p3)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 #endif /* HAVE_AES_DECRYPT */
+
+    /* Large buffer test */
+#ifdef BENCH_AESGCM_LARGE
+    wc_AesGcmSetKey(enc, k3, k3Sz);
+    wc_AesGcmSetKey(dec, k3, k3Sz);
+    /* setup test buffer */
+    for (alen=0; alen<BENCH_AESGCM_LARGE; alen++)
+        large_input[alen] = (byte)alen;
+
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    ret = wc_AesGcmEncrypt(enc, large_output, large_input,
+                              BENCH_AESGCM_LARGE, iv1, sizeof(iv1),
+                              resultT, sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &enc->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+#ifdef HAVE_AES_DECRYPT
+    ret = wc_AesGcmDecrypt(dec, large_outdec, large_output,
+                              BENCH_AESGCM_LARGE, iv1, sizeof(iv1), resultT,
+                              sizeof(t1), a, sizeof(a));
+#if defined(WOLFSSL_ASYNC_CRYPT)
+    ret = wc_AsyncWait(ret, &dec->asyncDev, WC_ASYNC_FLAG_NONE);
+#endif
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    if (XMEMCMP(large_input, large_outdec, BENCH_AESGCM_LARGE))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, out);
+#endif /* HAVE_AES_DECRYPT */
+#endif /* BENCH_AESGCM_LARGE */
 #endif /* WOLFSSL_AES_128 */
 #endif /* ENABLE_NON_12BYTE_IV_TEST */
 
@@ -11839,7 +12932,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
     XMEMSET(resultC, 0, sizeof(resultC));
     XMEMSET(resultP, 0, sizeof(resultP));
 
-    wc_AesGcmSetKey(enc, k1, sizeof(k1));
+    wc_AesGcmSetKey(enc, k1, k1Sz);
     /* AES-GCM encrypt and decrypt both use AES encrypt internally */
     ret = wc_AesGcmEncrypt(enc, resultC, p, sizeof(p), iv1, sizeof(iv1),
                                 resultT + 1, sizeof(t1) - 1, a, sizeof(a));
@@ -11848,11 +12941,12 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+#ifndef HAVE_RENESAS_SYNC
     if (XMEMCMP(c1, resultC, sizeof(c1)))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
     if (XMEMCMP(t1, resultT + 1, sizeof(t1) - 1))
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-
+#endif
 #ifdef HAVE_AES_DECRYPT
     ret = wc_AesGcmDecrypt(enc, resultP, resultC, sizeof(p),
               iv1, sizeof(iv1), resultT + 1, sizeof(t1) - 1, a, sizeof(a));
@@ -11884,7 +12978,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         XMEMSET(resultC, 0, sizeof(resultC));
         XMEMSET(resultP, 0, sizeof(resultP));
 
-        wc_AesGcmSetKey(enc, k1, sizeof(k1));
+        wc_AesGcmSetKey(enc, k1, k1Sz);
         ret = wc_AesGcmSetIV(enc, sizeof(randIV), NULL, 0, &rng);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -11911,7 +13005,7 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
         }
 
 #ifdef HAVE_AES_DECRYPT
-        wc_AesGcmSetKey(dec, k1, sizeof(k1));
+        wc_AesGcmSetKey(dec, k1, k1Sz);
         ret = wc_AesGcmSetIV(dec, sizeof(randIV), NULL, 0, &rng);
         if (ret != 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
@@ -12088,9 +13182,9 @@ WOLFSSL_TEST_SUBROUTINE int aesgcm_test(void)
 }
 
 #ifdef WOLFSSL_AES_128
-WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t gmac_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Gmac *gmac;
 #else
@@ -12235,9 +13329,9 @@ WOLFSSL_TEST_SUBROUTINE int gmac_test(void)
 
 #if defined(WOLFSSL_AES_256)
 
-static int aesccm_256_test(void)
+static wc_test_ret_t aesccm_256_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     /* Test vectors from NIST AES CCM 256-bit CAST Example #1 */
     WOLFSSL_SMALL_STACK_STATIC const byte in_key[32] = {
         0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
@@ -12311,9 +13405,9 @@ static int aesccm_256_test(void)
 
 #if defined(WOLFSSL_AES_128)
 
-static int aesccm_128_test(void)
+static wc_test_ret_t aesccm_128_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Aes *enc;
 #else
@@ -12464,6 +13558,10 @@ static int aesccm_128_test(void)
     XMEMSET(p2, 0, sizeof(p2));
     XMEMSET(iv2, 0, sizeof(iv2));
 
+    ret = wc_AesInit(enc, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
 #ifndef HAVE_SELFTEST
     /* selftest build does not have wc_AesCcmSetNonce() or
      * wc_AesCcmEncrypt_ex() */
@@ -12586,9 +13684,9 @@ static int aesccm_128_test(void)
 }
 #endif /* WOLFSSL_AES_128 */
 
-WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aesccm_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #ifdef WOLFSSL_AES_128
     if (ret == 0)
         ret = aesccm_128_test();
@@ -12602,6 +13700,162 @@ WOLFSSL_TEST_SUBROUTINE int aesccm_test(void)
 #endif /* HAVE_AESCCM */
 
 
+#if defined(WOLFSSL_AES_EAX) && \
+    (!defined(HAVE_FIPS) || FIPS_VERSION_GE(5, 3)) && !defined(HAVE_SELFTEST)
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_eax_test(void)
+{
+    typedef struct {
+        byte key[AES_256_KEY_SIZE];
+        int key_length;
+        byte iv[AES_BLOCK_SIZE];
+        int iv_length;
+        byte aad[AES_BLOCK_SIZE * 2];
+        int aad_length;
+        byte msg[AES_BLOCK_SIZE * 2];
+        int msg_length;
+        byte ct[AES_BLOCK_SIZE * 2];
+        int ct_length;
+        byte tag[AES_BLOCK_SIZE];
+        int tag_length;
+        int valid;
+    } AadVector;
+
+    /*  A small selection of Google wycheproof vectors that use vectors
+     *  from the original paper: eprint.iacr.org/2003/069
+     *  https://github.com/google/wycheproof/blob/master/testvectors/aes_eax_test.json
+     */
+    WOLFSSL_SMALL_STACK_STATIC const AadVector vectors[] = {
+        /* Vector from paper - empty message with auth data */
+        {
+            /* key, key length  */
+            {0x23, 0x39, 0x52, 0xde, 0xe4, 0xd5, 0xed, 0x5f,
+             0x9b, 0x9c, 0x6d, 0x6f, 0xf8, 0x0f, 0xf4, 0x78}, 16,
+            /* iv, iv length  */
+            {0x62, 0xec, 0x67, 0xf9, 0xc3, 0xa4, 0xa4, 0x07,
+             0xfc, 0xb2, 0xa8, 0xc4, 0x90, 0x31, 0xa8, 0xb3}, 16,
+            /* aad, aad length */
+            {0x6b, 0xfb, 0x91, 0x4f, 0xd0, 0x7e, 0xae, 0x6b}, 8,
+            /* msg, msg length */
+            {0}, 0,
+            /* ct, ct length */
+            {0}, 0,
+            /* tag, tag length */
+            {0xe0, 0x37, 0x83, 0x0e, 0x83, 0x89, 0xf2,
+             0x7b, 0x02, 0x5a, 0x2d, 0x65, 0x27, 0xe7, 0x9d, 0x01}, 16,
+            /* valid */
+            1,
+        },
+        /*  Vector from paper - no auth data, valid auth tag */
+        {
+            /* key, key length */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv , iv length */
+            {0x3c, 0x8c, 0xc2, 0x97, 0x0a, 0x00, 0x8f, 0x75,
+             0xcc, 0x5b, 0xea, 0xe2, 0x84, 0x72, 0x58, 0xc2}, 16,
+            /* aad, aad length */
+            {0}, 0,
+            /* msg, msg length */
+            {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
+             0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11}, 32,
+            /* ct, ct length */
+            {0x3c, 0x44, 0x1f, 0x32, 0xce, 0x07, 0x82, 0x23,
+             0x64, 0xd7, 0xa2, 0x99, 0x0e, 0x50, 0xbb, 0x13,
+             0xd7, 0xb0, 0x2a, 0x26, 0x96, 0x9e, 0x4a, 0x93,
+             0x7e, 0x5e, 0x90, 0x73, 0xb0, 0xd9, 0xc9, 0x68}, 32,
+            /* tag, tag length */
+            {0xdb, 0x90, 0xbd, 0xb3, 0xda, 0x3d, 0x00, 0xaf,
+             0xd0, 0xfc, 0x6a, 0x83, 0x55, 0x1d, 0xa9, 0x5e}, 16,
+            /* valid */
+            1,
+        },
+        /* Vector from paper - no auth data with invalid auth tag */
+        {
+            /* key, key length */
+            {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+             0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f}, 16,
+            /* iv, iv length */
+            {0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
+             0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f}, 16,
+            /* aad, aad length */
+            {0}, 0,
+            /* msg, msg length */
+            {0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
+             0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f}, 16,
+            /* ct , ct length */
+            {0x29, 0xa0, 0x91, 0x4f, 0xec, 0x4b, 0xef, 0x54,
+             0xba, 0xbf, 0x66, 0x13, 0xa9, 0xf9, 0xcd, 0x70}, 16,
+            /* tag, tag length */
+            {0xe7, 0x0e, 0x7c, 0x50, 0x13, 0xa6, 0xdb, 0xf2,
+             0x52, 0x98, 0xb1, 0x92, 0x9b, 0xc3, 0x56, 0xa7}, 16,
+            /* valid */
+            0,
+        },
+    };
+
+    WOLFSSL_SMALL_STACK_STATIC byte ciphertext[sizeof(vectors[0].ct)];
+    WOLFSSL_SMALL_STACK_STATIC byte authtag[sizeof(vectors[0].tag)];
+    wc_test_ret_t ret;
+    int i;
+    int len;
+
+    for (i = 0; i < (int)(sizeof(vectors)/sizeof(vectors[0])); i++) {
+
+        XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+        len = sizeof(authtag);
+        ret = wc_AesEaxEncryptAuth(vectors[i].key, vectors[i].key_length,
+                                   ciphertext,
+                                   vectors[i].msg, vectors[i].msg_length,
+                                   vectors[i].iv, vectors[i].iv_length,
+                                   authtag, len,
+                                   vectors[i].aad, vectors[i].aad_length);
+        if (ret != 0) {
+            return WC_TEST_RET_ENC_EC(ret);
+        }
+
+        /* check ciphertext matches vector */
+        if (XMEMCMP(ciphertext, vectors[i].ct, vectors[i].ct_length)) {
+            return WC_TEST_RET_ENC_NC;
+        }
+
+        /* check that tag matches vector only for vectors marked as valid */
+        ret = XMEMCMP(authtag, vectors[i].tag, len);
+        if (vectors[i].valid == 1 && ret != 0 ) {
+            return WC_TEST_RET_ENC_NC;
+        }
+        else if (vectors[i].valid == 0 && ret == 0) {
+            return WC_TEST_RET_ENC_NC;
+        }
+
+        XMEMSET(ciphertext, 0, sizeof(ciphertext));
+
+        ret = wc_AesEaxDecryptAuth(vectors[i].key, vectors[i].key_length,
+                                   ciphertext,
+                                   vectors[i].ct, vectors[i].ct_length,
+                                   vectors[i].iv, vectors[i].iv_length,
+                                   authtag, len,
+                                   vectors[i].aad, vectors[i].aad_length);
+        if (ret != 0) {
+            return WC_TEST_RET_ENC_EC(ret);
+        }
+
+        /* check decrypted ciphertext matches vector plaintext */
+        if (XMEMCMP(ciphertext, vectors[i].msg, vectors[i].msg_length)) {
+            return WC_TEST_RET_ENC_NC;
+        }
+
+    }
+    return 0;
+}
+
+#endif  /* WOLFSSL_AES_EAX */
+
+
+
 #ifdef HAVE_AES_KEYWRAP
 
 #define MAX_KEYWRAP_TEST_OUTLEN 40
@@ -12616,7 +13870,7 @@ typedef struct keywrapVector {
     word32 verifyLen;
 } keywrapVector;
 
-WOLFSSL_TEST_SUBROUTINE int aeskeywrap_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aeskeywrap_test(void)
 {
     int wrapSz, plainSz, testSz, i;
 
@@ -12807,6 +14061,86 @@ WOLFSSL_TEST_SUBROUTINE int aeskeywrap_test(void)
 
 #endif /* NO_AES */
 
+#ifdef HAVE_ARIA
+void printOutput(const char *strName, unsigned char *data, unsigned int dataSz)
+{
+    #ifndef DEBUG_WOLFSSL
+    (void)strName;
+    (void)data;
+    (void)dataSz;
+    #else
+    WOLFSSL_MSG_EX("%s (%d):", strName,dataSz);
+    WOLFSSL_BUFFER(data,dataSz);
+    #endif
+}
+
+WOLFSSL_TEST_SUBROUTINE int ariagcm_test(MC_ALGID algo)
+{
+    int ret = 0;
+    byte data[] = TEST_STRING;
+    word32 dataSz = TEST_STRING_SZ;
+
+    /* Arbitrarily random long key that we will truncate to the right size */
+    byte key[] = { 0x1E, 0xCC, 0x95, 0xCB, 0xD3, 0x74, 0x58, 0x4F,
+                       0x6F, 0x8A, 0x70, 0x26, 0xF7, 0x3C, 0x8D, 0xB6,
+                       0xDC, 0x32, 0x76, 0x20, 0xCF, 0x05, 0x4A, 0xCF,
+                       0x11, 0x86, 0xCD, 0x23, 0x5E, 0xC1, 0x6E, 0x2B };
+    byte cipher[2*TEST_STRING_SZ], plain[TEST_STRING_SZ], ad[256], authTag[AES_BLOCK_SIZE];
+    word32 keySz, adSz = 256, authTagSz = sizeof(authTag);
+
+    wc_Aria aria;
+    XMEMSET((void *)&aria, 0, sizeof(aria));
+    ret = wc_AriaInitCrypt(&aria, algo);
+    if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+    ret = wc_AriaSetKey(&aria, key);
+    if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+    MC_GetObjectValue(aria.hSession, aria.hKey, key, &keySz);
+    printOutput("Key", key, keySz);
+
+    WC_RNG rng;
+
+    ret = wc_InitRng_ex(&rng, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+    ret = wc_AriaGcmSetIV(&aria, GCM_NONCE_MID_SZ, NULL, 0, &rng);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+
+    wc_FreeRng(&rng);
+
+    printOutput("Plaintext", data, sizeof(data));
+    XMEMSET(cipher, 0, sizeof(cipher));
+
+    ret = wc_AriaEncrypt(&aria, cipher, data, dataSz,
+                         (byte *)aria.nonce, aria.nonceSz, ad, adSz,
+                         authTag, authTagSz);
+    if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+    printOutput("Ciphertext", cipher, sizeof(cipher));
+    printOutput("AuthTag", authTag, sizeof(authTag));
+
+    XMEMSET(plain, 0, sizeof(plain));
+
+    ret = wc_AriaDecrypt(&aria, plain, cipher, dataSz,
+                         (byte *)aria.nonce, aria.nonceSz, ad, adSz,
+                         authTag, authTagSz);
+    if (ret != 0) { ERROR_OUT(WC_TEST_RET_ENC_EC(ret),out); }
+
+    printOutput("Plaintext", plain, sizeof(plain));
+
+    if (XMEMCMP(plain, data, dataSz) != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_NC,out);
+out:
+    if (ret != 0) { wc_AriaFreeCrypt(&aria); }
+    else { ret = wc_AriaFreeCrypt(&aria); }
+
+    return ret;
+}
+#endif /* HAVE_ARIA */
+
 
 #ifdef HAVE_CAMELLIA
 
@@ -12824,7 +14158,7 @@ typedef struct {
     int errorCode;
 } test_vector_t;
 
-WOLFSSL_TEST_SUBROUTINE int camellia_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t camellia_test(void)
 {
     /* Camellia ECB Test Plaintext */
     WOLFSSL_SMALL_STACK_STATIC const byte pte[] =
@@ -13017,10 +14351,532 @@ WOLFSSL_TEST_SUBROUTINE int camellia_test(void)
 }
 #endif /* HAVE_CAMELLIA */
 
-#ifdef HAVE_XCHACHA
-WOLFSSL_TEST_SUBROUTINE int XChaCha_test(void) {
+#ifdef WOLFSSL_SM4
+#ifdef WOLFSSL_SM4_ECB
+static int sm4_ecb_test(void)
+{
+    /* draft-ribose-cfrg-sm4-10 A.2.1.1 */
+    WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c1_ecb[] = {
+        0x5E, 0xC8, 0x14, 0x3D, 0xE5, 0x09, 0xCF, 0xF7,
+        0xB5, 0x17, 0x9F, 0x8F, 0x47, 0x4B, 0x86, 0x19,
+        0x2F, 0x1D, 0x30, 0x5A, 0x7F, 0xB1, 0x7D, 0xF9,
+        0x85, 0xF8, 0x1C, 0x84, 0x82, 0x19, 0x23, 0x04
+    };
+
+    wc_Sm4 sm4;
+    byte enc[SM4_BLOCK_SIZE * 4];
+    byte dec[SM4_BLOCK_SIZE * 4];
+    int ret;
+
+    ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    /* Encrypt and decrypt with ECB. */
+    ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4EcbEncrypt(&sm4, enc, p1, sizeof(p1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c1_ecb, sizeof(c1_ecb)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4EcbDecrypt(&sm4, dec, enc, sizeof(c1_ecb));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    wc_Sm4Free(&sm4);
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CBC
+static int sm4_cbc_test(void)
+{
+    /* draft-ribose-cfrg-sm4-10 A.2.2.1 */
+    WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c1_cbc[] = {
+        0x78, 0xEB, 0xB1, 0x1C, 0xC4, 0x0B, 0x0A, 0x48,
+        0x31, 0x2A, 0xAE, 0xB2, 0x04, 0x02, 0x44, 0xCB,
+        0x4C, 0xB7, 0x01, 0x69, 0x51, 0x90, 0x92, 0x26,
+        0x97, 0x9B, 0x0D, 0x15, 0xDC, 0x6A, 0x8F, 0x6D
+    };
+
+    wc_Sm4 sm4;
+    byte enc[SM4_BLOCK_SIZE * 4];
+    byte dec[SM4_BLOCK_SIZE * 4];
+    int ret;
+
+    ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    /* Encrypt and decrypt with CBC. */
+    ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4CbcEncrypt(&sm4, enc, p1, sizeof(p1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c1_cbc, sizeof(c1_cbc)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4CbcDecrypt(&sm4, dec, enc, sizeof(c1_cbc));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    /* Encrypt and decrypt in-place with CBC. */
+    ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    XMEMCPY(enc, p1, sizeof(p1));
+    ret = wc_Sm4CbcEncrypt(&sm4, enc, enc, sizeof(p1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c1_cbc, sizeof(c1_cbc)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4CbcDecrypt(&sm4, enc, enc, sizeof(c1_cbc));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, p1, sizeof(p1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    wc_Sm4Free(&sm4);
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CTR
+static int sm4_ctr_test(void)
+{
+    /* draft-ribose-cfrg-sm4-10 A.2.5.1 */
+    WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+        0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+        0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+        0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c2_ctr[] = {
+        0xAC, 0x32, 0x36, 0xCB, 0x97, 0x0C, 0xC2, 0x07,
+        0x91, 0x36, 0x4C, 0x39, 0x5A, 0x13, 0x42, 0xD1,
+        0xA3, 0xCB, 0xC1, 0x87, 0x8C, 0x6F, 0x30, 0xCD,
+        0x07, 0x4C, 0xCE, 0x38, 0x5C, 0xDD, 0x70, 0xC7,
+        0xF2, 0x34, 0xBC, 0x0E, 0x24, 0xC1, 0x19, 0x80,
+        0xFD, 0x12, 0x86, 0x31, 0x0C, 0xE3, 0x7B, 0x92,
+        0x6E, 0x02, 0xFC, 0xD0, 0xFA, 0xA0, 0xBA, 0xF3,
+        0x8B, 0x29, 0x33, 0x85, 0x1D, 0x82, 0x45, 0x14
+    };
+
+    wc_Sm4 sm4;
+    byte enc[SM4_BLOCK_SIZE * 4];
+    byte dec[SM4_BLOCK_SIZE * 4];
+    int chunk;
+    int i;
+    int ret;
+
+    ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    /* Encrypt and decrypt using encrypt with CTR. */
+    ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4CtrEncrypt(&sm4, enc, p2, sizeof(p2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c2_ctr, sizeof(c2_ctr)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4SetIV(&sm4, i1);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_Sm4CtrEncrypt(&sm4, dec, enc, sizeof(c2_ctr));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    for (chunk = 1; chunk <= SM4_BLOCK_SIZE + 1; chunk++) {
+        ret = wc_Sm4SetIV(&sm4, i1);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_I(chunk);
+
+        XMEMSET(enc, 0, sizeof(enc));
+        for (i = 0; i + chunk <= (int)sizeof(p2); i += chunk) {
+            ret = wc_Sm4CtrEncrypt(&sm4, enc + i, p2 + i, chunk);
+            if (ret != 0)
+                return WC_TEST_RET_ENC_I(i);
+        }
+        if (i < (int)sizeof(p2)) {
+            ret = wc_Sm4CtrEncrypt(&sm4, enc + i, p2 + i, sizeof(p2) - i);
+            if (ret != 0)
+                return WC_TEST_RET_ENC_I(chunk);
+        }
+        if (XMEMCMP(enc, c2_ctr, sizeof(c2_ctr)) != 0)
+            return WC_TEST_RET_ENC_I(chunk);
+    }
+
+    wc_Sm4Free(&sm4);
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_GCM
+static int sm4_gcm_test(void)
+{
+    WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte a1[] = {
+        0xFF, 0xEE, 0xDD
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte tag1[] = {
+        0x83, 0xb2, 0x91, 0xcf, 0x22, 0xc9, 0x5f, 0x89,
+        0xde, 0x3d, 0x52, 0x8d, 0xd7, 0x13, 0x50, 0x89
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c1[] = {
+        0xff, 0x8b, 0xb2, 0x3b, 0x0a, 0x0a, 0x12, 0xa4,
+        0xa8, 0x4c, 0x4f, 0x67, 0x06, 0x81, 0xbb, 0x88,
+        0x66, 0x17, 0xc7, 0x43, 0xbf, 0xae, 0x41, 0x40,
+        0xec, 0x1e, 0x03, 0x85, 0x2b, 0x56, 0xa8, 0xc0
+    };
+    /* RFC8998 A.1. */
+    WOLFSSL_SMALL_STACK_STATIC const byte i2[] = {
+        0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0x00, 0x00,
+        0x00, 0x00, 0xAB, 0xCD
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte k2[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+        0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+        0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte a2[] = {
+        0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xAB, 0xAD, 0xDA, 0xD2
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c2[] = {
+        0x17, 0xF3, 0x99, 0xF0, 0x8C, 0x67, 0xD5, 0xEE,
+        0x19, 0xD0, 0xDC, 0x99, 0x69, 0xC4, 0xBB, 0x7D,
+        0x5F, 0xD4, 0x6F, 0xD3, 0x75, 0x64, 0x89, 0x06,
+        0x91, 0x57, 0xB2, 0x82, 0xBB, 0x20, 0x07, 0x35,
+        0xD8, 0x27, 0x10, 0xCA, 0x5C, 0x22, 0xF0, 0xCC,
+        0xFA, 0x7C, 0xBF, 0x93, 0xD4, 0x96, 0xAC, 0x15,
+        0xA5, 0x68, 0x34, 0xCB, 0xCF, 0x98, 0xC3, 0x97,
+        0xB4, 0x02, 0x4A, 0x26, 0x91, 0x23, 0x3B, 0x8D
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte tag2[] = {
+        0x83, 0xDE, 0x35, 0x41, 0xE4, 0xC2, 0xB5, 0x81,
+        0x77, 0xE0, 0x65, 0xA9, 0xBF, 0x7B, 0x62, 0xEC
+    };
+
+    wc_Sm4 sm4;
+    byte enc[SM4_BLOCK_SIZE * 4];
+    byte dec[SM4_BLOCK_SIZE * 4];
+    byte tag[SM4_BLOCK_SIZE];
     int ret;
 
+    ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    /* Encrypt and decrypt using encrypt with GCM. */
+    ret = wc_Sm4GcmSetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4GcmEncrypt(&sm4, enc, p1, sizeof(p1), i1, sizeof(i1), tag,
+        sizeof(tag), a1, sizeof(a1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c1, sizeof(c1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+    if (XMEMCMP(tag, tag1, sizeof(tag1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4GcmDecrypt(&sm4, dec, enc, sizeof(c1), i1, sizeof(i1), tag,
+        sizeof(tag), a1, sizeof(a1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    /* RFC8998 test vector. */
+    ret = wc_Sm4GcmSetKey(&sm4, k2, sizeof(k2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4GcmEncrypt(&sm4, enc, p2, sizeof(p2), i2, sizeof(i2), tag,
+        sizeof(tag), a2, sizeof(a2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c2, sizeof(c2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+    if (XMEMCMP(tag, tag2, sizeof(tag2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4GcmDecrypt(&sm4, dec, enc, sizeof(c2), i2, sizeof(i2), tag,
+        sizeof(tag), a2, sizeof(a2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    wc_Sm4Free(&sm4);
+
+    return 0;
+}
+#endif
+
+#ifdef WOLFSSL_SM4_CCM
+static int sm4_ccm_test(void)
+{
+    WOLFSSL_SMALL_STACK_STATIC const byte k1[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p1[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xBB, 0xBB, 0xBB, 0xBB
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte i1[] = {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte a1[] = {
+        0xFF, 0xEE, 0xDD
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte tag1[] = {
+        0x9a, 0x98, 0x04, 0xb6, 0x0f, 0x19, 0x4a, 0x46,
+        0xba, 0xed, 0xe6, 0x89, 0x69, 0x34, 0xad, 0x61
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c1[] = {
+        0xbd, 0xc0, 0x72, 0x60, 0xda, 0x2d, 0x11, 0xdc,
+        0x66, 0x33, 0xcc, 0xec, 0xb2, 0xf4, 0x53, 0x59,
+        0x9e, 0xb1, 0xb3, 0x6b, 0x1f, 0x1c, 0xfb, 0x29,
+        0xf5, 0x37, 0xfc, 0x00, 0xf2, 0x4e, 0x70, 0x6f
+    };
+    /* RFC8998 A.1. */
+    WOLFSSL_SMALL_STACK_STATIC const byte i2[] = {
+        0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0x00, 0x00,
+        0x00, 0x00, 0xAB, 0xCD
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte k2[] = {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+        0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte p2[] = {
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA,
+        0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB, 0xBB,
+        0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC, 0xCC,
+        0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE, 0xEE,
+        0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA, 0xAA
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte a2[] = {
+        0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF,
+        0xAB, 0xAD, 0xDA, 0xD2
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte c2[] = {
+        0x48, 0xAF, 0x93, 0x50, 0x1F, 0xA6, 0x2A, 0xDB,
+        0xCD, 0x41, 0x4C, 0xCE, 0x60, 0x34, 0xD8, 0x95,
+        0xDD, 0xA1, 0xBF, 0x8F, 0x13, 0x2F, 0x04, 0x20,
+        0x98, 0x66, 0x15, 0x72, 0xE7, 0x48, 0x30, 0x94,
+        0xFD, 0x12, 0xE5, 0x18, 0xCE, 0x06, 0x2C, 0x98,
+        0xAC, 0xEE, 0x28, 0xD9, 0x5D, 0xF4, 0x41, 0x6B,
+        0xED, 0x31, 0xA2, 0xF0, 0x44, 0x76, 0xC1, 0x8B,
+        0xB4, 0x0C, 0x84, 0xA7, 0x4B, 0x97, 0xDC, 0x5B
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte tag2[] = {
+        0x16, 0x84, 0x2D, 0x4F, 0xA1, 0x86, 0xF5, 0x6A,
+        0xB3, 0x32, 0x56, 0x97, 0x1F, 0xA1, 0x10, 0xF4
+    };
+
+    wc_Sm4 sm4;
+    byte enc[SM4_BLOCK_SIZE * 4];
+    byte dec[SM4_BLOCK_SIZE * 4];
+    byte tag[SM4_BLOCK_SIZE];
+    int ret;
+
+    ret = wc_Sm4Init(&sm4, NULL, INVALID_DEVID);
+    if (ret != 0)
+        return -6720;
+
+    /* Encrypt and decrypt using encrypt with CCM. */
+    ret = wc_Sm4SetKey(&sm4, k1, sizeof(k1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4CcmEncrypt(&sm4, enc, p1, sizeof(p1), i1, sizeof(i1), tag,
+        sizeof(tag), a1, sizeof(a1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c1, sizeof(c1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+    if (XMEMCMP(tag, tag1, sizeof(tag1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4CcmDecrypt(&sm4, dec, enc, sizeof(c1), i1, sizeof(i1), tag,
+        sizeof(tag), a1, sizeof(a1));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p1, sizeof(p1)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    /* RFC8998 test vector. */
+    ret = wc_Sm4SetKey(&sm4, k2, sizeof(k2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_Sm4CcmEncrypt(&sm4, enc, p2, sizeof(p2), i2, sizeof(i2), tag,
+        sizeof(tag), a2, sizeof(a2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(enc, c2, sizeof(c2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+    if (XMEMCMP(tag, tag2, sizeof(tag2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    ret = wc_Sm4CcmDecrypt(&sm4, dec, enc, sizeof(c2), i2, sizeof(i2), tag,
+        sizeof(tag), a2, sizeof(a2));
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    if (XMEMCMP(dec, p2, sizeof(p2)) != 0)
+        return WC_TEST_RET_ENC_NC;
+
+    wc_Sm4Free(&sm4);
+
+    return 0;
+}
+#endif
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sm4_test(void)
+{
+    wc_test_ret_t ret;
+
+#ifdef WOLFSSL_SM4_ECB
+    ret = sm4_ecb_test();
+    if (ret != 0)
+        return ret;
+#endif
+#ifdef WOLFSSL_SM4_CBC
+    ret = sm4_cbc_test();
+    if (ret != 0)
+        return ret;
+#endif
+#ifdef WOLFSSL_SM4_CTR
+    ret = sm4_ctr_test();
+    if (ret != 0)
+        return ret;
+#endif
+#ifdef WOLFSSL_SM4_GCM
+    ret = sm4_gcm_test();
+    if (ret != 0)
+        return ret;
+#endif
+#ifdef WOLFSSL_SM4_CCM
+    ret = sm4_ccm_test();
+    if (ret != 0)
+        return ret;
+#endif
+
+    return 0;
+}
+#endif
+
+#ifdef HAVE_XCHACHA
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha_test(void) {
+    wc_test_ret_t ret;
+
     WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = {
         0x54, 0x68, 0x65, 0x20, 0x64, 0x68, 0x6f, 0x6c, 0x65, 0x20, 0x28, 0x70, 0x72, 0x6f, 0x6e, 0x6f, /* The dhole (prono */
         0x75, 0x6e, 0x63, 0x65, 0x64, 0x20, 0x22, 0x64, 0x6f, 0x6c, 0x65, 0x22, 0x29, 0x20, 0x69, 0x73, /* unced "dole") is */
@@ -13125,8 +14981,8 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha_test(void) {
 #endif /* HAVE_XCHACHA */
 
 #if defined(HAVE_XCHACHA) && defined(HAVE_POLY1305)
-WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
-    int ret;
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t XChaCha20Poly1305_test(void) {
+    wc_test_ret_t ret;
 
     WOLFSSL_SMALL_STACK_STATIC const byte Plaintext[] = {
         0x4c, 0x61, 0x64, 0x69, 0x65, 0x73, 0x20, 0x61, 0x6e, 0x64, 0x20, 0x47, 0x65, 0x6e, 0x74, 0x6c, /* Ladies and Gentl */
@@ -13215,10 +15071,11 @@ WOLFSSL_TEST_SUBROUTINE int XChaCha20Poly1305_test(void) {
 #endif /* defined(HAVE_XCHACHA) && defined(HAVE_POLY1305) */
 
 #ifndef WC_NO_RNG
-static int _rng_test(WC_RNG* rng, int errorOffset)
+static wc_test_ret_t _rng_test(WC_RNG* rng, int errorOffset)
 {
     byte block[32];
-    int ret, i;
+    wc_test_ret_t ret;
+    int i;
 
     XMEMSET(block, 0, sizeof(block));
 
@@ -13278,11 +15135,12 @@ exit:
     return ret;
 }
 
-static int random_rng_test(void)
+
+static wc_test_ret_t random_rng_test(void)
 {
     WC_RNG localRng;
     WC_RNG* rng;
-    int ret;
+    wc_test_ret_t ret;
 
     rng = &localRng;
     /* Test stack based RNG. */
@@ -13310,9 +15168,6 @@ static int random_rng_test(void)
         if (rng == NULL)
             return WC_TEST_RET_ENC_ERRNO;
 
-    #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLF_CRYPTO_CB)
-        rng->devId = devId;
-    #endif
         ret = _rng_test(rng, WC_TEST_RET_ENC_NC);
 
         wc_rng_free(rng);
@@ -13335,7 +15190,7 @@ static int seed_cb(OS_Seed* os, byte* output, word32 sz)
     return 0;
 }
 
-static int rng_seed_test(void)
+static wc_test_ret_t rng_seed_test(void)
 {
 #ifndef HAVE_FIPS
     WOLFSSL_SMALL_STACK_STATIC const byte check[] =
@@ -13357,7 +15212,7 @@ static int rng_seed_test(void)
 #endif
     byte output[WC_SHA256_DIGEST_SIZE];
     WC_RNG rng;
-    int ret;
+    wc_test_ret_t ret;
 
     ret = wc_SetSeed_Cb(seed_cb);
     if (ret != 0) {
@@ -13390,7 +15245,7 @@ out:
 #endif
 
 
-WOLFSSL_TEST_SUBROUTINE int random_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte test1Entropy[] =
     {
@@ -13442,7 +15297,7 @@ WOLFSSL_TEST_SUBROUTINE int random_test(void)
     };
 
     byte output[WC_SHA256_DIGEST_SIZE * 4];
-    int ret;
+    wc_test_ret_t ret;
 
     ret = wc_RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0,
                             output, sizeof(output));
@@ -13507,7 +15362,7 @@ WOLFSSL_TEST_SUBROUTINE int random_test(void)
 
 #else
 
-WOLFSSL_TEST_SUBROUTINE int random_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t random_test(void)
 {
     /* Basic RNG generate block test */
     return random_rng_test();
@@ -13547,9 +15402,42 @@ static int simple_mem_test(int sz)
 }
 #endif
 
-WOLFSSL_TEST_SUBROUTINE int memory_test(void)
+/* If successful, returns the first letter of the byte array `in`.
+**
+** This is a deceptively simple test of a read-only embedded Linux file system.
+** (e.g CFLAGS `-mfdpic` and `-mforce-l32`) for Xtensa Linux ESP32. When the
+** `-mforce-l32` is missing, access to `in` will fail with Illegal Instruction.
+** Const is on read-only memory-mapped file system, *not* loaded in app memory.
+**
+** Edit with caution. See PR #6523. */
+static wc_test_ret_t const_byte_ptr_test(const byte* in, word32 *outJ)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
+    volatile word32 j = -1; /* must be volatile to properly detect error */
+
+    ret = (wc_test_ret_t)*in; /* accessed *in value. */
+    (void)ret;
+    j = *outJ; /* Found index to use in const array. */
+
+    if (j == 0) {
+#ifdef WOLFSSL_DEBUG
+        printf("Testing const byte ptr reference...\n");
+#endif
+        /* although j is zero, in[0] does not detect the Illegal instruction */
+        ret = in[j]; /* The big test: can we actually access the `in` data? */
+    }
+    else {
+        ret = -1;
+    }
+
+    return ret;
+}
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memory_test(void)
+{
+    wc_test_ret_t ret = 0;
+    word32 j = 0; /* used in embedded const pointer test */
+
 #if defined(COMPLEX_MEM_TEST) || defined(WOLFSSL_STATIC_MEMORY)
     int i;
 #endif
@@ -13695,6 +15583,13 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
     }
 #endif
 
+    if (ret == 0) {
+        /* This test is only interesting on embedded R/O Flash systems */
+        if (const_byte_ptr_test(const_byte_array, &j) != CBPTR_EXPECTED) {
+            ret = 1;
+        }
+    }
+
     return ret;
 }
 
@@ -13763,8 +15658,10 @@ WOLFSSL_TEST_SUBROUTINE int memory_test(void)
 #if !defined(NO_ASN) && !defined(NO_DH)
     #if defined(WOLFSSL_DH_EXTRA) && (!defined(HAVE_FIPS) ||                \
         (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
-        static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
-        static const char* dhKeyPubFile = CERT_ROOT "statickeys/dh-ffdhe2048-pub.der";
+        #if !defined(USE_CERT_BUFFERS_2048)
+            static const char* dhKeyFile = CERT_ROOT "statickeys/dh-ffdhe2048.der";
+            static const char* dhKeyPubFile = CERT_ROOT "statickeys/dh-ffdhe2048-pub.der";
+        #endif
     #endif
 #endif
 #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
@@ -13951,15 +15848,12 @@ static void initDefaultName(void)
     WOLFSSL_SMALL_STACK_STATIC const char certKeyUsage[] =
         "digitalSignature,nonRepudiation";
     #endif
-    #if !defined(NO_RSA) && defined(WOLFSSL_CERT_GEN) && \
-        !defined(NO_ASN_TIME) && defined(WOLFSSL_CERT_REQ) && \
-        !defined(WOLFSSL_NO_MALLOC)
+    #if defined(WOLFSSL_CERT_REQ) && !defined(NO_RSA) && !defined(NO_ASN_TIME)
         WOLFSSL_SMALL_STACK_STATIC const char certKeyUsage2[] =
         "digitalSignature,nonRepudiation,keyEncipherment,keyAgreement";
     #endif
 #endif /* WOLFSSL_CERT_EXT */
-#endif /* WOLFSSL_CERT_GEN && (!NO_RSA || HAVE_ECC) || (WOLFSSL_TEST_CERT &&
-        * (HAVE_ED25519 || HAVE_ED448)) */
+#endif /* WOLFSSL_CERT_GEN */
 
 #ifndef NO_RSA
 
@@ -14022,9 +15916,9 @@ static int add_data(byte* certData, int offset, byte* data, byte length)
     return offset + length;
 }
 
-static int cert_asn1_test(void)
+static wc_test_ret_t cert_asn1_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     int len[3];
     DecodedCert cert;
     byte certData[114];
@@ -14078,14 +15972,14 @@ done:
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int cert_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cert_test(void)
 {
 #if !defined(NO_FILESYSTEM)
     DecodedCert cert;
     byte*       tmp;
     size_t      bytes;
     XFILE       file;
-    int         ret;
+    wc_test_ret_t ret;
 
     tmp = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     if (tmp == NULL)
@@ -14156,13 +16050,13 @@ done:
 
 #if defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_TEST_CERT) && \
    !defined(NO_FILESYSTEM) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int certext_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certext_test(void)
 {
     DecodedCert cert;
     byte*       tmp;
     size_t      bytes;
     XFILE       file;
-    int         ret;
+    wc_test_ret_t ret;
 
     /* created from rsa_test : othercert.der */
     byte skid_rsa[]   = "\x33\xD8\x45\x66\xD7\x68\x87\x18\x7E\x54"
@@ -14351,9 +16245,9 @@ WOLFSSL_TEST_SUBROUTINE int certext_test(void)
 
 #if defined(WOLFSSL_CERT_GEN_CACHE) && defined(WOLFSSL_TEST_CERT) && \
     defined(WOLFSSL_CERT_EXT) && defined(WOLFSSL_CERT_GEN)
-WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t decodedCertCache_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     Cert cert;
     FILE* file;
     byte* der;
@@ -14501,9 +16395,9 @@ WOLFSSL_TEST_SUBROUTINE int decodedCertCache_test(void)
 
 #if !defined(NO_ASN) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
                                                !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int rsa_flatten_test(RsaKey* key)
+static wc_test_ret_t rsa_flatten_test(RsaKey* key)
 {
-    int    ret;
+    wc_test_ret_t ret;
     byte   e[RSA_TEST_BYTES];
     byte   n[RSA_TEST_BYTES];
     word32 eSz = sizeof(e);
@@ -14570,9 +16464,6 @@ static int rsa_flatten_test(RsaKey* key)
      *     -101 = USER_CRYPTO_ERROR
      */
     if (ret == 0)
-#elif defined(HAVE_FIPS) && \
-      (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    if (ret != 0)
 #else
     if (ret != RSA_BUFFER_E)
 #endif
@@ -14596,9 +16487,9 @@ static int rsa_flatten_test(RsaKey* key)
 
 #if !defined(HAVE_FIPS) && !defined(HAVE_USER_RSA) && !defined(NO_ASN) \
     && !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int rsa_export_key_test(RsaKey* key)
+static wc_test_ret_t rsa_export_key_test(RsaKey* key)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte e[3];
     word32 eSz = sizeof(e);
     byte n[RSA_TEST_BYTES];
@@ -14672,9 +16563,9 @@ static int rsa_export_key_test(RsaKey* key)
 #endif /* !HAVE_FIPS && !USER_RSA && !NO_ASN */
 
 #ifndef NO_SIG_WRAPPER
-static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
+static wc_test_ret_t rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     word32 sigSz;
     WOLFSSL_SMALL_STACK_STATIC const byte in[] = TEST_STRING;
     WOLFSSL_SMALL_STACK_STATIC const byte hash[] = {
@@ -14867,10 +16758,11 @@ static int rsa_sig_test(RsaKey* key, word32 keyLen, int modLen, WC_RNG* rng)
 #endif /* !NO_SIG_WRAPPER */
 
 #ifdef WC_RSA_NONBLOCK
-static int rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
+static wc_test_ret_t rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
     word32 outSz, byte* plain, word32 plainSz, WC_RNG* rng)
 {
-    int ret = 0, count;
+    wc_test_ret_t ret = 0;
+    int count;
     int signSz = 0;
     RsaNb nb;
     byte* inlinePlain = NULL;
@@ -14954,9 +16846,9 @@ static int rsa_nb_test(RsaKey* key, const byte* in, word32 inLen, byte* out,
 #endif
 
 #if !defined(HAVE_USER_RSA) && !defined(NO_ASN)
-static int rsa_decode_test(RsaKey* keyPub)
+static wc_test_ret_t rsa_decode_test(RsaKey* keyPub)
 {
-    int        ret;
+    wc_test_ret_t ret;
     word32     inSz;
     word32     inOutIdx;
     WOLFSSL_SMALL_STACK_STATIC const byte n[2] = { 0x00, 0x23 };
@@ -15024,11 +16916,12 @@ static int rsa_decode_test(RsaKey* keyPub)
         goto done;
     }
     ret = wc_RsaPublicKeyDecodeRaw(n, (word32)-1, e, sizeof(e), keyPub);
-#if !defined(WOLFSSL_SP_MATH) & !defined(WOLFSSL_SP_MATH_ALL)
-    if (ret != 0) {
+#if defined(USE_INTEGER_HEAP_MATH)
+    if (ret != 0)
 #else
-    if (ret != ASN_GETINT_E) {
+    if (ret != ASN_GETINT_E)
 #endif
+    {
         ret = WC_TEST_RET_ENC_EC(ret);
         goto done;
     }
@@ -15037,11 +16930,12 @@ static int rsa_decode_test(RsaKey* keyPub)
     if (ret != 0)
         return WC_TEST_RET_ENC_EC(ret);
     ret = wc_RsaPublicKeyDecodeRaw(n, sizeof(n), e, (word32)-1, keyPub);
-#if !defined(WOLFSSL_SP_MATH) & !defined(WOLFSSL_SP_MATH_ALL)
-    if (ret != 0) {
+#if defined(USE_INTEGER_HEAP_MATH)
+    if (ret != 0)
 #else
-    if (ret != ASN_GETINT_E) {
+    if (ret != ASN_GETINT_E)
 #endif
+    {
         ret = WC_TEST_RET_ENC_EC(ret);
         goto done;
     }
@@ -15242,10 +17136,10 @@ done:
 /* Need to create known good signatures to test with this. */
 #if !defined(WOLFSSL_RSA_VERIFY_ONLY) && !defined(WOLFSSL_RSA_PUBLIC_ONLY) && \
 !defined(WOLF_CRYPTO_CB_ONLY_RSA)
-static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
+static wc_test_ret_t rsa_pss_test(WC_RNG* rng, RsaKey* key)
 {
     byte             digest[WC_MAX_DIGEST_SIZE];
-    int              ret     = 0;
+    wc_test_ret_t ret = 0;
     const char       inStr[] = TEST_STRING;
     word32           inLen   = (word32)TEST_STRING_SZ;
     word32           outSz;
@@ -15327,7 +17221,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
             } while (ret == WC_PENDING_E);
             if (ret <= 0)
                 ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
-            outSz = ret;
+            outSz = (word32)ret;
 
             XMEMCPY(sig, out, outSz);
             plain = NULL;
@@ -15345,7 +17239,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
             } while (ret == WC_PENDING_E);
             if (ret <= 0)
                 ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
-            plainSz = ret;
+            plainSz = (word32)ret;
             TEST_SLEEP();
 
 #if defined(HAVE_SELFTEST) && \
@@ -15407,7 +17301,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
     } while (ret == WC_PENDING_E);
     if (ret <= 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
-    outSz = ret;
+    outSz = (word32)ret;
     TEST_SLEEP();
 
     do {
@@ -15422,7 +17316,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
     } while (ret == WC_PENDING_E);
     if (ret <= 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
-    plainSz = ret;
+    plainSz = (word32)ret;
     TEST_SLEEP();
 
     do {
@@ -15461,7 +17355,7 @@ static int rsa_pss_test(WC_RNG* rng, RsaKey* key)
     } while (ret == WC_PENDING_E);
     if (ret <= 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa_pss);
-    plainSz = ret;
+    plainSz = (word32)ret;
     TEST_SLEEP();
 
 #if defined(HAVE_SELFTEST) && \
@@ -15595,12 +17489,12 @@ exit_rsa_pss:
 #endif
 
 #ifdef WC_RSA_NO_PADDING
-WOLFSSL_TEST_SUBROUTINE int rsa_no_pad_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_no_pad_test(void)
 {
     WC_RNG rng;
     byte*  tmp = NULL;
     size_t bytes;
-    int    ret;
+    wc_test_ret_t ret;
     word32 inLen   = 0;
     word32 idx     = 0;
     word32 outSz   = RSA_TEST_BYTES;
@@ -15823,11 +17717,11 @@ exit_rsa_nopadding:
 #endif /* WC_RSA_NO_PADDING */
 
 #if defined(WOLFSSL_HAVE_SP_RSA) && defined(USE_FAST_MATH)
-static int rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
+static wc_test_ret_t rsa_even_mod_test(WC_RNG* rng, RsaKey* key)
 {
     byte*  tmp = NULL;
     size_t bytes;
-    int    ret;
+    wc_test_ret_t ret;
     word32 inLen   = 0;
 #ifndef NO_ASN
     word32 idx     = 0;
@@ -15992,7 +17886,7 @@ exit_rsa_even_mod:
 #endif /* WOLFSSL_HAVE_SP_RSA */
 
 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_ASN_TIME)
-static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
+static wc_test_ret_t rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     RsaKey      *caKey = (RsaKey *)XMALLOC(sizeof *caKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -16006,7 +17900,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
 #endif
 #endif
     byte*       der = NULL;
-    int         ret;
+    wc_test_ret_t ret;
     Cert*       myCert = NULL;
     int         certSz;
     size_t      bytes3;
@@ -16107,7 +18001,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
     if (ret < 0) {
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
     }
-    certSz = ret;
+    certSz = (word32)ret;
 
 #ifdef WOLFSSL_TEST_CERT
     InitDecodedCert(decode, der, certSz, HEAP_HINT);
@@ -16266,7 +18160,7 @@ static int rsa_certgen_test(RsaKey* key, RsaKey* keypub, WC_RNG* rng, byte* tmp)
     } while (ret == WC_PENDING_E);
     if (ret < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
-    certSz = ret;
+    certSz = (word32)ret;
 
 #ifdef WOLFSSL_TEST_CERT
     InitDecodedCert(decode, der, certSz, HEAP_HINT);
@@ -16309,7 +18203,7 @@ exit_rsa:
 #if !defined(NO_RSA) && defined(HAVE_ECC) && !defined(NO_ECC_SECP) && \
     defined(WOLFSSL_CERT_GEN)
 /* Make Cert / Sign example for ECC cert and RSA CA */
-static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
+static wc_test_ret_t rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     RsaKey      *caKey = (RsaKey *)XMALLOC(sizeof *caKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -16335,7 +18229,7 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
     || !defined(USE_CERT_BUFFERS_256)
     XFILE       file3;
 #endif
-    int ret;
+    wc_test_ret_t ret;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((caKey == NULL) || (caEccKey == NULL) || (caEccKeyPub == NULL)
@@ -16484,7 +18378,7 @@ static int rsa_ecc_certgen_test(WC_RNG* rng, byte* tmp)
     } while (ret == WC_PENDING_E);
     if (ret < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
-    certSz = ret;
+    certSz = (word32)ret;
 
 #ifdef WOLFSSL_TEST_CERT
     InitDecodedCert(decode, der, certSz, 0);
@@ -16539,14 +18433,14 @@ exit_rsa:
 #endif /* !NO_RSA && HAVE_ECC && WOLFSSL_CERT_GEN */
 
 #ifdef WOLFSSL_KEY_GEN
-static int rsa_keygen_test(WC_RNG* rng)
+static wc_test_ret_t rsa_keygen_test(WC_RNG* rng)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     RsaKey *genKey = (RsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #else
     RsaKey genKey[1];
 #endif
-    int    ret;
+    wc_test_ret_t ret;
     byte*  der = NULL;
 #ifndef WOLFSSL_CRYPTOCELL
     word32 idx = 0;
@@ -16647,9 +18541,9 @@ exit_rsa:
      (!defined(HAVE_FIPS) || \
       (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2))) \
       && !defined(WOLF_CRYPTO_CB_ONLY_RSA)
-static int rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
+static wc_test_ret_t rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     word32 idx = 0;
     const char inStr[] = TEST_STRING;
     const word32 inLen = (word32)TEST_STRING_SZ;
@@ -16891,7 +18785,7 @@ static int rsa_oaep_padding_test(RsaKey* key, WC_RNG* rng)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
         TEST_SLEEP();
 
-        idx = ret;
+        idx = (word32)ret;
 #ifndef WOLFSSL_RSA_PUBLIC_ONLY
         do {
     #if defined(WOLFSSL_ASYNC_CRYPT)
@@ -16966,9 +18860,9 @@ exit_rsa:
 #endif
 #endif
 
-WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t rsa_test(void)
 {
-    int    ret;
+    wc_test_ret_t ret;
     size_t bytes;
     WC_RNG rng;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -17169,7 +19063,7 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
 
 #ifdef WC_RSA_BLINDING
     {
-        int tmpret = ret;
+        wc_test_ret_t tmpret = ret;
         ret = wc_RsaSetRNG(key, &rng);
         if (ret < 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
@@ -17548,7 +19442,7 @@ WOLFSSL_TEST_SUBROUTINE int rsa_test(void)
         } while (ret == WC_PENDING_E);
         if (ret < 0)
             ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit_rsa);
-        derSz = ret;
+        derSz = (word32)ret;
 
         ret = SaveDerAndPem(der, derSz, certReqDerFile, certReqPemFile,
                             CERTREQ_TYPE);
@@ -17654,9 +19548,9 @@ exit_rsa:
 
 #ifndef NO_DH
 
-static int dh_fips_generate_test(WC_RNG *rng)
+static wc_test_ret_t dh_fips_generate_test(WC_RNG *rng)
 {
-    int    ret = 0;
+    wc_test_ret_t ret = 0;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     DhKey  *key = (DhKey *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #else
@@ -17866,9 +19760,9 @@ exit_gen_test:
     return ret;
 }
 
-static int dh_generate_test(WC_RNG *rng)
+static wc_test_ret_t dh_generate_test(WC_RNG *rng)
 {
-    int    ret = 0;
+    wc_test_ret_t ret = 0;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     DhKey  *smallKey = NULL;
 #else
@@ -17993,9 +19887,9 @@ typedef struct dh_pubvalue_test {
     word32 len;
 } dh_pubvalue_test;
 
-static int dh_test_check_pubvalue(void)
+static wc_test_ret_t dh_test_check_pubvalue(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     word32 i;
     WOLFSSL_SMALL_STACK_STATIC const byte prime[] = {0x01, 0x00, 0x01};
     WOLFSSL_SMALL_STACK_STATIC const byte pubValZero[] = { 0x00 };
@@ -18071,12 +19965,12 @@ static int dh_test_check_pubvalue(void)
       (defined(WOLFSSL_SP_ARM64_ASM) || defined(WOLFSSL_SP_ARM32_ASM)))
 
 #ifdef HAVE_PUBLIC_FFDHE
-static int dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
+static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, const DhParams* params)
 #else
-static int dh_ffdhe_test(WC_RNG *rng, int name)
+static wc_test_ret_t dh_ffdhe_test(WC_RNG *rng, int name)
 #endif
 {
-    int    ret;
+    wc_test_ret_t ret;
     word32 privSz, pubSz, privSz2, pubSz2;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     byte   *priv = (byte*)XMALLOC(MAX_DH_PRIV_SZ, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -18250,9 +20144,9 @@ done:
 #endif /* !WC_NO_RNG */
 #endif /* HAVE_FFDHE */
 
-WOLFSSL_TEST_SUBROUTINE int dh_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dh_test(void)
 {
-    int    ret;
+    wc_test_ret_t ret;
     word32 bytes;
     word32 idx = 0, privSz, pubSz, privSz2, pubSz2;
 #ifndef WC_NO_RNG
@@ -18479,6 +20373,11 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
     #else
         byte  tmp2[DH_TEST_TMP_SIZE];
     #endif
+
+    #if defined(USE_CERT_BUFFERS_2048)
+        XMEMCPY(tmp, dh_ffdhe_statickey_der_2048, sizeof_dh_ffdhe_statickey_der_2048);
+        bytes = sizeof_dh_ffdhe_statickey_der_2048;
+    #else
         XFILE file = XFOPEN(dhKeyFile, "rb");
         if (!file)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
@@ -18486,7 +20385,7 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
         XFCLOSE(file);
         if (bytes == 0)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
-
+    #endif
     #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         tmp2 = (byte*)XMALLOC(DH_TEST_TMP_SIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
         if (tmp2 == NULL)
@@ -18510,6 +20409,10 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
 
 
         /* DH Public Key - Export / Import */
+    #if defined(USE_CERT_BUFFERS_2048)
+        XMEMCPY(tmp, dh_ffdhe_pub_statickey_der_2048, sizeof_dh_ffdhe_pub_statickey_der_2048);
+        bytes = sizeof_dh_ffdhe_pub_statickey_der_2048;
+    #else
         file = XFOPEN(dhKeyPubFile, "rb");
         if (!file)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
@@ -18517,6 +20420,7 @@ WOLFSSL_TEST_SUBROUTINE int dh_test(void)
         XFCLOSE(file);
         if (bytes == 0)
             ERROR_OUT(WC_TEST_RET_ENC_ERRNO, done);
+    #endif
 
         /* for HAVE_WOLF_BIGINT prevent leak */
         wc_FreeDhKey(key);
@@ -18677,17 +20581,22 @@ done:
 
 #ifndef NO_DSA
 
-WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t dsa_test(void)
 {
-    int    ret = 0, answer;
+    wc_test_ret_t ret = 0;
+    int answer;
     word32 bytes;
     word32 idx = 0;
     WC_RNG rng;
+    int rng_inited = 0;
     wc_Sha sha;
     byte   hash[WC_SHA_DIGEST_SIZE];
     byte   signature[40];
+    int key_inited = 0;
 #ifdef WOLFSSL_KEY_GEN
     byte*  der = 0;
+    int derIn_inited = 0;
+    int genKey_inited = 0;
 #endif
 #define DSA_TEST_TMP_SIZE 1024
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -18697,6 +20606,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
     DsaKey *derIn = (DsaKey *)XMALLOC(sizeof *derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     DsaKey *genKey = (DsaKey *)XMALLOC(sizeof *genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #endif
+
     if ((tmp == NULL) ||
         (key == NULL)
 #ifdef WOLFSSL_KEY_GEN
@@ -18745,6 +20655,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
     ret = wc_InitDsaKey(key);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    key_inited = 1;
 
     ret = wc_DsaPrivateKeyDecode(tmp, &idx, key, bytes);
     if (ret != 0)
@@ -18757,6 +20668,7 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
 #endif
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    rng_inited = 1;
 
     ret = wc_DsaSign(hash, signature, key, &rng);
     if (ret != 0)
@@ -18769,6 +20681,12 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
 
     wc_FreeDsaKey(key);
+    key_inited = 0;
+
+    ret = wc_InitDsaKey_h(key, NULL);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    key_inited = 1;
 
 #ifdef WOLFSSL_KEY_GEN
     {
@@ -18777,70 +20695,43 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
     ret = wc_InitDsaKey(genKey);
     if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
+    genKey_inited = 1;
 
     ret = wc_MakeDsaParameters(&rng, 1024, genKey);
-    if (ret != 0) {
-        wc_FreeDsaKey(genKey);
+    if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    }
 
     ret = wc_MakeDsaKey(&rng, genKey);
-    if (ret != 0) {
-        wc_FreeDsaKey(genKey);
+    if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    }
 
     der = (byte*)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if (der == NULL) {
-        wc_FreeDsaKey(genKey);
+    if (der == NULL)
         ERROR_OUT(WC_TEST_RET_ENC_NC, out);
-    }
 
     derSz = wc_DsaKeyToDer(genKey, der, FOURK_BUF);
-    if (derSz < 0) {
-        XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (derSz < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(derSz), out);
-    }
 
     ret = SaveDerAndPem(der, derSz, keyDerFile, keyPemFile,
                         DSA_PRIVATEKEY_TYPE);
-    if (ret != 0) {
-        XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        wc_FreeDsaKey(genKey);
+    if (ret != 0)
         goto out;
-    }
 
     ret = wc_InitDsaKey(derIn);
-    if (ret != 0) {
-        XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        wc_FreeDsaKey(genKey);
+    if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
-    }
+    derIn_inited = 1;
 
     idx = 0;
     ret = wc_DsaPrivateKeyDecode(der, &idx, derIn, derSz);
-    if (ret != 0) {
-        XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-        wc_FreeDsaKey(derIn);
-        wc_FreeDsaKey(genKey);
+    if (ret != 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), out);
     }
-
-    }
 #endif /* WOLFSSL_KEY_GEN */
 
   out:
 
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    if (key) {
-#endif
-        ret = wc_InitDsaKey_h(key, NULL);
-        if (ret != 0)
-            ret = WC_TEST_RET_ENC_EC(ret);
-#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
-    }
-#endif
-
 #ifdef WOLFSSL_KEY_GEN
     if (der)
         XFREE(der, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -18849,29 +20740,39 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if (tmp)
         XFREE(tmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
-    if (key)
+    if (key) {
+        if (key_inited)
+            wc_FreeDsaKey(key);
         XFREE(key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    }
 #ifdef WOLFSSL_KEY_GEN
     if (derIn) {
-        wc_FreeDsaKey(derIn);
+        if (derIn_inited)
+            wc_FreeDsaKey(derIn);
         XFREE(derIn, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     }
     if (genKey) {
-        wc_FreeDsaKey(genKey);
+        if (genKey_inited)
+            wc_FreeDsaKey(genKey);
         XFREE(genKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     }
 #endif
 
 #else /* !WOLFSSL_SMALL_STACK || WOLFSSL_NO_MALLOC */
 
+    if (key_inited)
+        wc_FreeDsaKey(key);
 #ifdef WOLFSSL_KEY_GEN
-    wc_FreeDsaKey(derIn);
-    wc_FreeDsaKey(genKey);
+    if (derIn_inited)
+        wc_FreeDsaKey(derIn);
+    if (genKey_inited)
+        wc_FreeDsaKey(genKey);
 #endif
 
 #endif
 
-    wc_FreeRng(&rng);
+    if (rng_inited)
+        wc_FreeRng(&rng);
 
     return ret;
 }
@@ -18880,9 +20781,9 @@ WOLFSSL_TEST_SUBROUTINE int dsa_test(void)
 
 #ifdef WOLFCRYPT_HAVE_SRP
 
-static int generate_random_salt(byte *buf, word32 size)
+static wc_test_ret_t generate_random_salt(byte *buf, word32 size)
 {
-    int ret = WC_TEST_RET_ENC_NC;
+    wc_test_ret_t ret = WC_TEST_RET_ENC_NC;
     WC_RNG rng;
 
     if(NULL == buf || !size)
@@ -18897,9 +20798,9 @@ static int generate_random_salt(byte *buf, word32 size)
     return ret;
 }
 
-static int srp_test_digest(SrpType dgstType)
+static wc_test_ret_t srp_test_digest(SrpType dgstType)
 {
-    int r;
+    wc_test_ret_t r;
 
     byte clientPubKey[192]; /* A */
     byte serverPubKey[192]; /* B */
@@ -19042,9 +20943,9 @@ static int srp_test_digest(SrpType dgstType)
     return r;
 }
 
-WOLFSSL_TEST_SUBROUTINE int srp_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srp_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
 
 #ifndef NO_SHA
     ret = srp_test_digest(SRP_TYPE_SHA);
@@ -19075,7 +20976,7 @@ WOLFSSL_TEST_SUBROUTINE int srp_test(void)
 #if defined(OPENSSL_EXTRA) && !defined(WOLFCRYPT_ONLY)
 
 #if !defined(NO_AES) && !defined(WOLFCRYPT_ONLY)
-static int openssl_aes_test(void)
+static wc_test_ret_t openssl_aes_test(void)
 {
 #ifdef HAVE_AES_CBC
 #ifdef WOLFSSL_AES_128
@@ -19142,6 +21043,8 @@ static int openssl_aes_test(void)
         if (total != 32)
             return 3408;
 
+        EVP_CIPHER_CTX_cleanup(en);
+
         total = 0;
         EVP_CIPHER_CTX_init(de);
         if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19179,6 +21082,8 @@ static int openssl_aes_test(void)
         if (XMEMCMP(plain, cbcPlain, 18))
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(de);
+
         /* test with encrypting/decrypting more than 16 bytes at once */
         total = 0;
         EVP_CIPHER_CTX_init(en);
@@ -19207,6 +21112,8 @@ static int openssl_aes_test(void)
         if (total != 32)
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(en);
+
         total = 0;
         EVP_CIPHER_CTX_init(de);
         if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19253,6 +21160,8 @@ static int openssl_aes_test(void)
             plain[i] = i;
         }
 
+        EVP_CIPHER_CTX_cleanup(de);
+
         total = 0;
         EVP_CIPHER_CTX_init(en);
         if (EVP_CipherInit(en, EVP_aes_128_cbc(),
@@ -19273,6 +21182,8 @@ static int openssl_aes_test(void)
         if (total != sizeof(plain))
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(en);
+
         total = 0;
         EVP_CIPHER_CTX_init(de);
         if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19308,6 +21219,8 @@ static int openssl_aes_test(void)
             }
         }
 
+        EVP_CIPHER_CTX_cleanup(de);
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         wolfSSL_EVP_CIPHER_CTX_free(en);
         wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19371,6 +21284,8 @@ static int openssl_aes_test(void)
         if (EVP_CipherFinal(en, (byte*)&cipher[total], &outlen) != 0)
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(en);
+
         /* turn padding back on and do successful encrypt */
         total = 0;
         EVP_CIPHER_CTX_init(en);
@@ -19393,6 +21308,8 @@ static int openssl_aes_test(void)
             return WC_TEST_RET_ENC_NC;
         XMEMCPY(cipher, padded, EVP_TEST_BUF_SZ);
 
+        EVP_CIPHER_CTX_cleanup(en);
+
         /* test out of bounds read on buffers w/o padding during decryption */
         total = 0;
         EVP_CIPHER_CTX_init(de);
@@ -19413,6 +21330,8 @@ static int openssl_aes_test(void)
         if (EVP_CipherFinal(de, (byte*)&plain[total], &outlen) != 0)
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(de);
+
         total = 0;
         EVP_CIPHER_CTX_init(de);
         if (EVP_CipherInit(de, EVP_aes_128_cbc(),
@@ -19432,6 +21351,8 @@ static int openssl_aes_test(void)
         if (XMEMCMP(padded, cbcPlain, EVP_TEST_BUF_SZ))
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(de);
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         wolfSSL_EVP_CIPHER_CTX_free(en);
         wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19480,6 +21401,8 @@ static int openssl_aes_test(void)
         if (XMEMCMP(cipher, verify, AES_BLOCK_SIZE))
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(ctx);
+
         EVP_CIPHER_CTX_init(ctx);
         if (EVP_CipherInit(ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
             return WC_TEST_RET_ENC_NC;
@@ -19490,6 +21413,8 @@ static int openssl_aes_test(void)
         if (XMEMCMP(plain, msg, AES_BLOCK_SIZE))
             return WC_TEST_RET_ENC_NC;
 
+        EVP_CIPHER_CTX_cleanup(ctx);
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         wolfSSL_EVP_CIPHER_CTX_free(ctx);
 #endif
@@ -19497,6 +21422,8 @@ static int openssl_aes_test(void)
 #endif /* WOLFSSL_AES_128 */
 #endif /* HAVE_AES_CBC */
 
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
 #if defined(HAVE_AES_ECB) && defined(WOLFSSL_AES_256)
     {  /* evp_cipher test: EVP_aes_256_ecb*/
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -19630,6 +21557,8 @@ static int openssl_aes_test(void)
     }
 #endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
 
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
 /* EVP_Cipher with EVP_aes_xxx_ctr() */
 #ifdef WOLFSSL_AES_COUNTER
     {
@@ -19777,6 +21706,11 @@ static int openssl_aes_test(void)
                 AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
             return WC_TEST_RET_ENC_NC;
 
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+
         if (XMEMCMP(cipherBuff, ctrCipher, AES_BLOCK_SIZE*4))
             return WC_TEST_RET_ENC_NC;
         if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4))
@@ -19804,6 +21738,11 @@ static int openssl_aes_test(void)
                 AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
             return WC_TEST_RET_ENC_NC;
 
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+
         wolfSSL_EVP_CIPHER_CTX_free(p_en);
         wolfSSL_EVP_CIPHER_CTX_free(p_de);
 #endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
@@ -19842,6 +21781,11 @@ static int openssl_aes_test(void)
             return WC_TEST_RET_ENC_NC;
         if (XMEMCMP(cipherBuff, oddCipher, 9))
             return WC_TEST_RET_ENC_NC;
+
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
 #endif /* WOLFSSL_AES_128 */
 
 #ifdef WOLFSSL_AES_192
@@ -19866,6 +21810,11 @@ static int openssl_aes_test(void)
             return WC_TEST_RET_ENC_NC;
         if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher)))
             return WC_TEST_RET_ENC_NC;
+
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
 #endif /* WOLFSSL_AES_192 */
 
 #ifdef WOLFSSL_AES_256
@@ -19891,6 +21840,11 @@ static int openssl_aes_test(void)
         if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher)))
             return WC_TEST_RET_ENC_NC;
 
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(en) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+        if (wolfSSL_EVP_CIPHER_CTX_cleanup(de) != WOLFSSL_SUCCESS)
+            return WC_TEST_RET_ENC_NC;
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
         wolfSSL_EVP_CIPHER_CTX_free(en);
         wolfSSL_EVP_CIPHER_CTX_free(de);
@@ -19900,6 +21854,8 @@ static int openssl_aes_test(void)
     }
 #endif /* HAVE_AES_COUNTER */
 
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
 #if defined(WOLFSSL_AES_CFB) && defined(WOLFSSL_AES_128)
     {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -19975,15 +21931,18 @@ static int openssl_aes_test(void)
 #endif
     }
 #endif /* WOLFSSL_AES_CFB && WOLFSSL_AES_128 */
+
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
     return 0;
 }
 
 
 #endif /* !defined(NO_AES) && !defined(WOLFCRYPT_ONLY) */
 
-WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     EVP_MD_CTX md_ctx;
     testVector a, b, c, d, e, f;
     byte       hash[WC_SHA256_DIGEST_SIZE*2];  /* max size */
@@ -20534,6 +22493,8 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
     }  /* end evp_cipher test */
 #endif /* HAVE_AES_ECB && WOLFSSL_AES_128 */
 
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
 #if defined(WOLFSSL_AES_DIRECT) && defined(WOLFSSL_AES_256)
   /* enable HAVE_AES_DECRYPT for AES_encrypt/decrypt */
 {
@@ -20609,6 +22570,8 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
 
 #endif /* WOLFSSL_AES_DIRECT && WOLFSSL_AES_256 */
 
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
 /* EVP_Cipher with EVP_aes_xxx_ctr() */
 #ifdef WOLFSSL_AES_COUNTER
 {
@@ -20759,6 +22722,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
     if (XMEMCMP(plainBuff, ctrPlain, AES_BLOCK_SIZE*4))
         return WC_TEST_RET_ENC_NC;
 
+    EVP_CIPHER_CTX_cleanup(en);
+    EVP_CIPHER_CTX_cleanup(de);
+
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     p_en = wolfSSL_EVP_CIPHER_CTX_new();
     if (p_en == NULL)
@@ -20781,6 +22747,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
             AES_BLOCK_SIZE*4) != AES_BLOCK_SIZE*4)
         return WC_TEST_RET_ENC_NC;
 
+    EVP_CIPHER_CTX_cleanup(p_en);
+    EVP_CIPHER_CTX_cleanup(p_de);
+
     wolfSSL_EVP_CIPHER_CTX_free(p_en);
     wolfSSL_EVP_CIPHER_CTX_free(p_de);
 #endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
@@ -20819,6 +22788,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
         return WC_TEST_RET_ENC_NC;
     if (XMEMCMP(cipherBuff, oddCipher, 9))
         return WC_TEST_RET_ENC_NC;
+
+    EVP_CIPHER_CTX_cleanup(en);
+    EVP_CIPHER_CTX_cleanup(de);
 #endif /* WOLFSSL_AES_128 */
 
 #ifdef WOLFSSL_AES_192
@@ -20843,6 +22815,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
         return WC_TEST_RET_ENC_NC;
     if (XMEMCMP(ctr192Cipher, cipherBuff, sizeof(ctr192Cipher)))
         return WC_TEST_RET_ENC_NC;
+
+    EVP_CIPHER_CTX_cleanup(en);
+    EVP_CIPHER_CTX_cleanup(de);
 #endif /* WOLFSSL_AES_192 */
 
 #ifdef WOLFSSL_AES_256
@@ -20867,6 +22842,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
         return WC_TEST_RET_ENC_NC;
     if (XMEMCMP(ctr256Cipher, cipherBuff, sizeof(ctr256Cipher)))
         return WC_TEST_RET_ENC_NC;
+
+    EVP_CIPHER_CTX_cleanup(en);
+    EVP_CIPHER_CTX_cleanup(de);
 #endif /* WOLFSSL_AES_256 */
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -21149,9 +23127,9 @@ WOLFSSL_TEST_SUBROUTINE int openssl_test(void)
     return 0;
 }
 
-WOLFSSL_TEST_SUBROUTINE int openSSL_evpMD_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openSSL_evpMD_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #if !defined(NO_SHA256) && !defined(NO_SHA)
     WOLFSSL_EVP_MD_CTX* ctx;
     WOLFSSL_EVP_MD_CTX* ctx2;
@@ -21238,14 +23216,14 @@ static void show(const char *title, const char *p, unsigned int s) {
     printf("\n");
 }
 #else
-#define show(a,b,c)
+#define show(a,b,c) WC_DO_NOTHING
 #endif
 
 #define FOURK_BUFF 4096
 
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey0_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey0_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #if !defined(NO_RSA) && !defined(HAVE_USER_RSA) && !defined(NO_SHA)
     byte*   prvTmp;
     byte*   pubTmp;
@@ -21471,9 +23449,9 @@ openssl_pkey0_test_done:
 }
 
 
-WOLFSSL_TEST_SUBROUTINE int openssl_pkey1_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_pkey1_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #if !defined(NO_FILESYSTEM) && !defined(NO_RSA) && !defined(HAVE_USER_RSA) && \
     !defined(NO_SHA)
     EVP_PKEY_CTX* dec = NULL;
@@ -21668,7 +23646,7 @@ openssl_pkey1_test_done:
 }
 
 
-WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t openssl_evpSig_test(void)
 {
 #if !defined(NO_RSA) && !defined(NO_SHA) && !defined(HAVE_USER_RSA)
     byte*   prvTmp;
@@ -21687,7 +23665,7 @@ WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
     unsigned int sigSz;
     const void* pt;
     unsigned int count;
-    int ret, ret1, ret2;
+    wc_test_ret_t ret, ret1, ret2;
 
     #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
     XFILE   keyFile;
@@ -21868,12 +23846,12 @@ WOLFSSL_TEST_SUBROUTINE int openssl_evpSig_test(void)
 #ifndef NO_PWDBASED
 #ifdef HAVE_SCRYPT
 /* Test vectors taken from RFC 7914: scrypt PBKDF - Section 12. */
-WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t scrypt_test(void)
 {
 #ifdef HAVE_FIPS
     /* RFC 7914 test vector keys are too short for FIPS. */
 #else
-    int   ret;
+    wc_test_ret_t ret;
     byte  derived[64];
 
     WOLFSSL_SMALL_STACK_STATIC const byte verify1[] = {
@@ -21886,6 +23864,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
         0xe8, 0xd3, 0xe0, 0xfb, 0x2e, 0x0d, 0x36, 0x28,
         0xcf, 0x35, 0xe2, 0x0c, 0x38, 0xd1, 0x89, 0x06
     };
+#if !defined(BENCH_EMBEDDED)
     WOLFSSL_SMALL_STACK_STATIC const byte verify2[] = {
         0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00,
         0x78, 0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe,
@@ -21896,6 +23875,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
         0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83, 0xee, 0x6d,
         0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06, 0x40
     };
+#endif
 #if !defined(BENCH_EMBEDDED) && !defined(WOLFSSL_LINUXKM) && !defined(HAVE_INTEL_QA)
     WOLFSSL_SMALL_STACK_STATIC const byte verify3[] = {
         0x70, 0x23, 0xbd, 0xcb, 0x3a, 0xfd, 0x73, 0x48,
@@ -21930,16 +23910,18 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
     if (XMEMCMP(derived, verify1, sizeof(verify1)) != 0)
         return WC_TEST_RET_ENC_NC;
 
+#if !defined(BENCH_EMBEDDED)
     ret = wc_scrypt(derived, (byte*)"password", 8, (byte*)"NaCl", 4, 10, 8, 16,
                     sizeof(verify2));
     if (ret != 0)
         return WC_TEST_RET_ENC_EC(ret);
     if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
         return WC_TEST_RET_ENC_NC;
+#endif
 
     /* Test case with parallel overflowing */
     ret = wc_scrypt(derived, (byte*)"password", 16, (byte*)"NaCl", 16, 2, 4, 8388608,
-                    sizeof(verify2));
+                    sizeof(verify1));
     if (ret != BAD_FUNC_ARG)
         return WC_TEST_RET_ENC_EC(ret);
 
@@ -21962,12 +23944,14 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
 #endif
 #endif /* !BENCH_EMBEDDED && !defined(WOLFSSL_LINUXKM) && !HAVE_INTEL_QA */
 
+#if !defined(BENCH_EMBEDDED)
     ret = wc_scrypt_ex(derived, (byte*)"password", 8, (byte*)"NaCl", 4, 1<<10,
                        8, 16, sizeof(verify2));
     if (ret != 0)
         return WC_TEST_RET_ENC_EC(ret);
     if (XMEMCMP(derived, verify2, sizeof(verify2)) != 0)
         return WC_TEST_RET_ENC_NC;
+#endif
 
 #endif /* !HAVE_FIPS */
 
@@ -21976,7 +23960,7 @@ WOLFSSL_TEST_SUBROUTINE int scrypt_test(void)
 #endif
 
 #ifdef HAVE_PKCS12
-WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs12_test(void)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
                             0x00, 0x00 };
@@ -22002,7 +23986,7 @@ WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
     int id         =  1;
     int kLen       = 24;
     int iterations =  1;
-    int ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
+    wc_test_ret_t ret = wc_PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8,
                                                   iterations, kLen, WC_SHA256, id);
 
     if (ret < 0)
@@ -22030,7 +24014,7 @@ WOLFSSL_TEST_SUBROUTINE int pkcs12_test(void)
 #endif /* HAVE_PKCS12 */
 
 #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
-WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf2_test(void)
 {
     char passwd[] = "passwordpassword";
     WOLFSSL_SMALL_STACK_STATIC const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
@@ -22043,7 +24027,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
         0x2d, 0xd4, 0xf9, 0x37, 0xd4, 0x95, 0x16, 0xa7, 0x2a, 0x9a, 0x21, 0xd1
     };
 
-    int ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
+    wc_test_ret_t ret = wc_PBKDF2_ex(derived, (byte*)passwd, (int)XSTRLEN(passwd), salt,
               (int)sizeof(salt), iterations, kLen, WC_SHA256, HEAP_HINT, devId);
     if (ret != 0)
         return ret;
@@ -22057,7 +24041,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf2_test(void)
 #endif /* HAVE_PBKDF2 && !NO_SHA256 && !NO_HMAC */
 
 #if defined(HAVE_PBKDF1) && !defined(NO_SHA)
-WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pbkdf1_test(void)
 {
     char passwd[] = "password";
     WOLFSSL_SMALL_STACK_STATIC const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
@@ -22070,7 +24054,7 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
         0xAF, 0x10, 0xEB, 0xFB, 0x4A, 0x3D, 0x2A, 0x20
     };
 
-    int ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
+    wc_test_ret_t ret = wc_PBKDF1_ex(derived, kLen, NULL, 0, (byte*)passwd,
         (int)XSTRLEN(passwd), salt, (int)sizeof(salt), iterations, WC_SHA,
         HEAP_HINT);
     if (ret != 0)
@@ -22083,9 +24067,9 @@ WOLFSSL_TEST_SUBROUTINE int pbkdf1_test(void)
 }
 #endif /* HAVE_PBKDF2 && !NO_SHA */
 
-WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pwdbased_test(void)
 {
-   int ret = 0;
+   wc_test_ret_t ret = 0;
 
 #if defined(HAVE_PBKDF1) && !defined(NO_SHA)
    ret = pbkdf1_test();
@@ -22114,10 +24098,16 @@ WOLFSSL_TEST_SUBROUTINE int pwdbased_test(void)
 
 #if defined(HAVE_HKDF) && !defined(NO_HMAC)
 
+#if defined(WOLFSSL_AFALG_XILINX) || defined(WOLFSSL_AFALG_XILINX_AES) ||     \
+    defined(WOLFSSL_AFALG_XILINX_SHA3) || defined(WOLFSSL_AFALG_HASH_KEEP) || \
+    defined(WOLFSSL_AFALG_XILINX_RSA)
 /* hkdf_test has issue with WOLFSSL_TEST_SUBROUTINE set on Xilinx with afalg */
-static int hkdf_test(void)
+static wc_test_ret_t hkdf_test(void)
+#else
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hkdf_test(void)
+#endif
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
 #if !defined(NO_SHA) || !defined(NO_SHA256)
     int L;
@@ -22343,9 +24333,9 @@ static const SshKdfTestVector sshKdfTestVectors[] = {
 };
 
 
-int sshkdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sshkdf_test(void)
 {
-    int result = 0;
+    wc_test_ret_t result = 0;
     word32 i;
     word32 tc = sizeof(sshKdfTestVectors)/sizeof(SshKdfTestVector);
     const SshKdfTestVector* tv = NULL;
@@ -22930,9 +24920,9 @@ static const char resMasterLabel[] = "res master";
 static const char derivedLabel[] = "derived";
 
 
-WOLFSSL_TEST_SUBROUTINE int tls13_kdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t tls13_kdf_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     word32 i;
     word32 tc = sizeof(tls13KdfTestVectors)/sizeof(Tls13KdfTestVector);
     const Tls13KdfTestVector* tv = NULL;
@@ -23073,9 +25063,9 @@ static const int fiducial2 = WC_TEST_RET_LN; /* source code reference point --
 
 #if defined(HAVE_ECC) && defined(HAVE_X963_KDF)
 
-WOLFSSL_TEST_SUBROUTINE int x963kdf_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t x963kdf_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte kek[128];
 
 #ifndef NO_SHA
@@ -23219,9 +25209,9 @@ WOLFSSL_TEST_SUBROUTINE int x963kdf_test(void)
 #if defined(HAVE_HPKE) && (defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \
     defined(HAVE_AESGCM)
 
-static int hpke_test_single(Hpke* hpke)
+static wc_test_ret_t hpke_test_single(Hpke* hpke)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int rngRet = 0;
     WC_RNG rng[1];
     const char* start_text = "this is a test";
@@ -23232,33 +25222,39 @@ static int hpke_test_single(Hpke* hpke)
     void* receiverKey = NULL;
     void* ephemeralKey = NULL;
 #ifdef WOLFSSL_SMALL_STACK
-    uint8_t *pubKey = NULL; /* public key */
+    byte *pubKey = NULL; /* public key */
     word16 pubKeySz = (word16)HPKE_Npk_MAX;
 #else
-    uint8_t pubKey[HPKE_Npk_MAX]; /* public key */
+    byte pubKey[HPKE_Npk_MAX]; /* public key */
     word16 pubKeySz = (word16)sizeof(pubKey);
 #endif
 
     rngRet = ret = wc_InitRng(rng);
 
     if (ret != 0)
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
 
 #ifdef WOLFSSL_SMALL_STACK
     if (ret == 0) {
-        pubKey = (uint8_t *)XMALLOC(pubKeySz, HEAP_HINT,
+        pubKey = (byte *)XMALLOC(pubKeySz, HEAP_HINT,
                                     DYNAMIC_TYPE_TMP_BUFFER);
         if (pubKey == NULL)
-            ret = MEMORY_E;
+            ret = WC_TEST_RET_ENC_EC(MEMORY_E);
     }
 #endif
 
     /* generate the keys */
-    if (ret == 0)
+    if (ret == 0) {
         ret = wc_HpkeGenerateKeyPair(hpke, &ephemeralKey, rng);
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_EC(ret);
+    }
 
-    if (ret == 0)
+    if (ret == 0) {
         ret = wc_HpkeGenerateKeyPair(hpke, &receiverKey, rng);
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_EC(ret);
+    }
 
     /* seal */
     if (ret == 0) {
@@ -23267,11 +25263,16 @@ static int hpke_test_single(Hpke* hpke)
             (byte*)aad_text, (word32)XSTRLEN(aad_text),
             (byte*)start_text, (word32)XSTRLEN(start_text),
             ciphertext);
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_EC(ret);
     }
 
     /* export ephemeral key */
-    if (ret == 0)
+    if (ret == 0) {
         ret = wc_HpkeSerializePublicKey(hpke, ephemeralKey, pubKey, &pubKeySz);
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_EC(ret);
+    }
 
     /* open with exported ephemeral key */
     if (ret == 0) {
@@ -23280,10 +25281,15 @@ static int hpke_test_single(Hpke* hpke)
             (byte*)aad_text, (word32)XSTRLEN(aad_text),
             ciphertext, (word32)XSTRLEN(start_text),
             plaintext);
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_EC(ret);
     }
 
-    if (ret == 0)
+    if (ret == 0) {
         ret = XMEMCMP(plaintext, start_text, XSTRLEN(start_text));
+        if (ret != 0)
+            ret = WC_TEST_RET_ENC_NC;
+    }
 
     if (ephemeralKey != NULL)
         wc_HpkeFreeKey(hpke, hpke->kem, ephemeralKey, hpke->heap);
@@ -23302,9 +25308,9 @@ static int hpke_test_single(Hpke* hpke)
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t hpke_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     Hpke hpke[1];
 
 #if defined(HAVE_ECC)
@@ -23314,7 +25320,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
         HPKE_AES_128_GCM, NULL);
 
     if (ret != 0)
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
 
     ret = hpke_test_single(hpke);
 
@@ -23329,7 +25335,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
         HPKE_AES_128_GCM, NULL);
 
     if (ret != 0)
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
 
     ret = hpke_test_single(hpke);
 
@@ -23344,7 +25350,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
         HPKE_AES_128_GCM, NULL);
 
     if (ret != 0)
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
 
     ret = hpke_test_single(hpke);
 
@@ -23359,7 +25365,7 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
         HPKE_AES_256_GCM, NULL);
 
     if (ret != 0)
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
 
     ret = hpke_test_single(hpke);
 
@@ -23372,11 +25378,449 @@ WOLFSSL_TEST_SUBROUTINE int hpke_test(void)
 }
 #endif /* HAVE_HPKE && HAVE_ECC && HAVE_AESGCM */
 
+#if defined(WC_SRTP_KDF)
+typedef struct Srtp_Kdf_Tv {
+    const unsigned char* key;
+    word32 keySz;
+    const unsigned char* salt;
+    word32 saltSz;
+    int kdfIdx;
+    const unsigned char* index;
+    const unsigned char* ke;
+    const unsigned char* ka;
+    const unsigned char* ks;
+    const unsigned char* index_c;
+    const unsigned char* ke_c;
+    const unsigned char* ka_c;
+    const unsigned char* ks_c;
+    word32 keSz;
+    word32 kaSz;
+    word32 ksSz;
+} Srtp_Kdf_Tv;
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t srtpkdf_test(void)
+{
+    wc_test_ret_t ret = 0;
+    /* 128-bit key, kdrIdx = -1 */
+    WOLFSSL_SMALL_STACK_STATIC const byte key_0[] = {
+        0xc4, 0x80, 0x9f, 0x6d, 0x36, 0x98, 0x88, 0x72,
+        0x8e, 0x26, 0xad, 0xb5, 0x32, 0x12, 0x98, 0x90
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte salt_0[] = {
+        0x0e, 0x23, 0x00, 0x6c, 0x6c, 0x04, 0x4f, 0x56,
+        0x62, 0x40, 0x0e, 0x9d, 0x1b, 0xd6
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_0[] = {
+        0x48, 0x71, 0x65, 0x64, 0x9c, 0xca
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_0[] = {
+        0xdc, 0x38, 0x21, 0x92, 0xab, 0x65, 0x10, 0x8a,
+        0x86, 0xb2, 0x59, 0xb6, 0x1b, 0x3a, 0xf4, 0x6f
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_0[] = {
+        0xb8, 0x39, 0x37, 0xfb, 0x32, 0x17, 0x92, 0xee,
+        0x87, 0xb7, 0x88, 0x19, 0x3b, 0xe5, 0xa4, 0xe3,
+        0xbd, 0x32, 0x6e, 0xe4
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_0[] = {
+        0xf1, 0xc0, 0x35, 0xc0, 0x0b, 0x5a, 0x54, 0xa6,
+        0x16, 0x92, 0xc0, 0x16, 0x27, 0x6c
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_c_0[] = {
+        0x56, 0xf3, 0xf1, 0x97
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_c_0[] = {
+        0xab, 0x5b, 0xe0, 0xb4, 0x56, 0x23, 0x5d, 0xcf,
+        0x77, 0xd5, 0x08, 0x69, 0x29, 0xba, 0xfb, 0x38
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_c_0[] = {
+        0xc5, 0x2f, 0xde, 0x0b, 0x80, 0xb0, 0xf0, 0xba,
+        0xd8, 0xd1, 0x56, 0x45, 0xcb, 0x86, 0xe7, 0xc7,
+        0xc3, 0xd8, 0x77, 0x0e
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_c_0[] = {
+        0xde, 0xb5, 0xf8, 0x5f, 0x81, 0x33, 0x6a, 0x96,
+        0x5e, 0xd3, 0x2b, 0xb7, 0xed, 0xe8
+    };
+    /* 192-bit key, kdrIdx = 0 */
+    WOLFSSL_SMALL_STACK_STATIC const byte key_1[] = {
+        0xbb, 0x04, 0x5b, 0x1f, 0x53, 0xc6, 0x93, 0x2c,
+        0x2b, 0xa6, 0x88, 0xf5, 0xe3, 0xf2, 0x24, 0x70,
+        0xe1, 0x7d, 0x7d, 0xec, 0x8a, 0x93, 0x4d, 0xf2
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte salt_1[] = {
+        0xe7, 0x22, 0xab, 0x92, 0xfc, 0x7c, 0x89, 0xb6,
+        0x53, 0x8a, 0xf9, 0x3c, 0xb9, 0x52
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_1[] = {
+        0xd7, 0x87, 0x8f, 0x33, 0xb1, 0x76
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_1[] = {
+        0x2c, 0xc8, 0x3e, 0x54, 0xb2, 0x33, 0x89, 0xb3,
+        0x71, 0x65, 0x0f, 0x51, 0x61, 0x65, 0xe4, 0x93,
+        0x07, 0x4e, 0xb3, 0x47, 0xba, 0x2d, 0x60, 0x60
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_1[] = {
+        0x2e, 0x80, 0xe4, 0x82, 0x55, 0xa2, 0xbe, 0x6d,
+        0xe0, 0x46, 0xcc, 0xc1, 0x75, 0x78, 0x6e, 0x78,
+        0xd1, 0xd1, 0x47, 0x08
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_1[] = {
+        0xe0, 0xc1, 0xe6, 0xaf, 0x1e, 0x8d, 0x8c, 0xfe,
+        0xe5, 0x60, 0x70, 0xb5, 0xe6, 0xea
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_c_1[] = {
+        0x40, 0xbf, 0xd4, 0xa9
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_c_1[] = {
+        0x94, 0x0f, 0x55, 0xce, 0x58, 0xd8, 0x16, 0x65,
+        0xf0, 0xfa, 0x46, 0x40, 0x0c, 0xda, 0xb1, 0x11,
+        0x9e, 0x69, 0xa0, 0x93, 0x4e, 0xd7, 0xf2, 0x84
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_c_1[] = {
+        0xf5, 0x41, 0x6f, 0xc2, 0x65, 0xc5, 0xb3, 0xef,
+        0xbb, 0x22, 0xc8, 0xfc, 0x6b, 0x00, 0x14, 0xb2,
+        0xf3, 0x3b, 0x8e, 0x29
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_c_1[] = {
+        0x35, 0xb7, 0x42, 0x43, 0xf0, 0x01, 0x01, 0xb4,
+        0x68, 0xa1, 0x28, 0x80, 0x37, 0xf0
+    };
+    /* 256-bit key, kdrIdx = 1 */
+    WOLFSSL_SMALL_STACK_STATIC const byte key_2[] = {
+        0x10, 0x38, 0x0a, 0xcd, 0xd6, 0x47, 0xab, 0xee,
+        0xc0, 0xd4, 0x44, 0xf4, 0x7e, 0x51, 0x36, 0x02,
+        0x79, 0xa8, 0x94, 0x80, 0x35, 0x40, 0xed, 0x50,
+        0xf4, 0x45, 0x30, 0x3d, 0xb5, 0xf0, 0x2b, 0xbb
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte salt_2[] = {
+        0xc7, 0x31, 0xf2, 0xc8, 0x40, 0x43, 0xb8, 0x74,
+        0x8a, 0x61, 0x84, 0x7a, 0x25, 0x8a
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_2[] = {
+        0x82, 0xf1, 0x84, 0x8c, 0xac, 0x42
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_2[] = {
+        0xb2, 0x26, 0x60, 0xaf, 0x08, 0x23, 0x14, 0x98,
+        0x91, 0xde, 0x5d, 0x87, 0x95, 0x61, 0xca, 0x8f,
+        0x0e, 0xce, 0xfb, 0x68, 0x4d, 0xd6, 0x28, 0xcb,
+        0x28, 0xe2, 0x27, 0x20, 0x2d, 0xff, 0x64, 0xbb
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_2[] = {
+        0x12, 0x6f, 0x52, 0xe8, 0x07, 0x7f, 0x07, 0x84,
+        0xa0, 0x61, 0x96, 0xf8, 0xee, 0x4d, 0x05, 0x57,
+        0x65, 0xc7, 0x50, 0xc1
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_2[] = {
+        0x18, 0x5a, 0x59, 0xe5, 0x91, 0x4d, 0xc9, 0x6c,
+        0xfa, 0x5b, 0x36, 0x06, 0x8c, 0x9a
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_c_2[] = {
+        0x31, 0x2d, 0x58, 0x15
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_c_2[] = {
+        0x14, 0xf2, 0xc8, 0x25, 0x02, 0x79, 0x22, 0xa1,
+        0x96, 0xb6, 0xf7, 0x07, 0x76, 0xa6, 0xa3, 0xc4,
+        0x37, 0xdf, 0xa0, 0xf8, 0x78, 0x93, 0x2c, 0xfa,
+        0xea, 0x35, 0xf0, 0xf3, 0x3f, 0x32, 0x6e, 0xfd
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_c_2[] = {
+        0x6e, 0x3d, 0x4a, 0x99, 0xea, 0x2f, 0x9d, 0x13,
+        0x4a, 0x1e, 0x71, 0x2e, 0x15, 0xc0, 0xca, 0xb6,
+        0x35, 0x78, 0xdf, 0xa4
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_c_2[] = {
+        0xae, 0xe4, 0xec, 0x18, 0x31, 0x70, 0x5d, 0x3f,
+        0xdc, 0x97, 0x89, 0x88, 0xfd, 0xff
+    };
+    /* 128-bit key, kdrIdx = 8 */
+    WOLFSSL_SMALL_STACK_STATIC const byte key_3[] = {
+        0x36, 0xb4, 0xde, 0xcb, 0x2e, 0x51, 0x23, 0x76,
+        0xe0, 0x27, 0x7e, 0x3e, 0xc8, 0xf6, 0x54, 0x04
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte salt_3[] = {
+        0x73, 0x26, 0xf4, 0x3f, 0xc0, 0xd9, 0xc6, 0xe3,
+        0x2f, 0x92, 0x7d, 0x46, 0x12, 0x76
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_3[] = {
+        0x44, 0x73, 0xb2, 0x2d, 0xb2, 0x60
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_3[] = {
+        0x79, 0x91, 0x3d, 0x7b, 0x20, 0x5d, 0xea, 0xe2,
+        0xeb, 0x46, 0x89, 0x68, 0x5a, 0x06, 0x73, 0x74
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_3[] = {
+        0x2d, 0x2e, 0x97, 0x4e, 0x76, 0x8c, 0x62, 0xa6,
+        0x57, 0x80, 0x13, 0x42, 0x0b, 0x51, 0xa7, 0x66,
+        0xea, 0x31, 0x24, 0xe6
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_3[] = {
+        0xcc, 0xd7, 0x31, 0xf6, 0x3b, 0xf3, 0x89, 0x8a,
+        0x5b, 0x7b, 0xb5, 0x8b, 0x4c, 0x3f
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte index_c_3[] = {
+        0x4a, 0x7d, 0xaa, 0x85
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ke_c_3[] = {
+        0x34, 0x99, 0x71, 0xfe, 0x12, 0x93, 0xae, 0x8c,
+        0x4a, 0xe9, 0x84, 0xe4, 0x93, 0x53, 0x63, 0x88
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ka_c_3[] = {
+        0xa4, 0x53, 0x5e, 0x0a, 0x9c, 0xf2, 0xce, 0x13,
+        0xef, 0x7a, 0x13, 0xee, 0x0a, 0xef, 0xba, 0x17,
+        0x05, 0x18, 0xe3, 0xed
+    };
+    WOLFSSL_SMALL_STACK_STATIC const byte ks_c_3[] = {
+        0xe1, 0x29, 0x4f, 0x61, 0x30, 0x3c, 0x4d, 0x46,
+        0x5f, 0x5c, 0x81, 0x3c, 0x38, 0xb6
+    };
+    #define SRTP_TV_CNT     4
+    Srtp_Kdf_Tv tv[SRTP_TV_CNT] = {
+        { key_0, (word32)sizeof(key_0), salt_0, (word32)sizeof(salt_0), -1,
+          index_0, ke_0, ka_0, ks_0, index_c_0, ke_c_0, ka_c_0, ks_c_0,
+          16, 20, 14 },
+        { key_1, (word32)sizeof(key_1), salt_1, (word32)sizeof(salt_1), 0,
+          index_1, ke_1, ka_1, ks_1, index_c_1, ke_c_1, ka_c_1, ks_c_1,
+          24, 20, 14 },
+        { key_2, (word32)sizeof(key_2), salt_2, (word32)sizeof(salt_2), 1,
+          index_2, ke_2, ka_2, ks_2, index_c_2, ke_c_2, ka_c_2, ks_c_2,
+          32, 20, 14 },
+        { key_3, (word32)sizeof(key_3), salt_3, (word32)sizeof(salt_3), 8,
+          index_3, ke_3, ka_3, ks_3, index_c_3, ke_c_3, ka_c_3, ks_c_3,
+          16, 20, 14 },
+    };
+    int i;
+    int idx;
+    unsigned char keyE[32];
+    unsigned char keyA[20];
+    unsigned char keyS[14];
+
+    for (i = 0; (ret == 0) && (i < SRTP_TV_CNT); i++) {
+    #ifndef WOLFSSL_AES_128
+        if (tv[i].keySz == AES_128_KEY_SIZE) {
+            continue;
+        }
+    #endif
+    #ifndef WOLFSSL_AES_192
+        if (tv[i].keySz == AES_192_KEY_SIZE) {
+            continue;
+        }
+    #endif
+    #ifndef WOLFSSL_AES_256
+        if (tv[i].keySz == AES_256_KEY_SIZE) {
+            continue;
+        }
+    #endif
+
+        ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+            tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+            keyS, tv[i].ksSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+        if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+        if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_ENCRYPTION,
+            keyE, tv[i].keSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyE, tv[i].ke, tv[i].keSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_MSG_AUTH,
+            keyA, tv[i].kaSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyA, tv[i].ka, tv[i].kaSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index, WC_SRTP_LABEL_SALT, keyS,
+            tv[i].ksSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyS, tv[i].ks, tv[i].ksSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+            tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+            keyS, tv[i].ksSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+        if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+        if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c,
+            WC_SRTCP_LABEL_ENCRYPTION, keyE, tv[i].keSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyE, tv[i].ke_c, tv[i].keSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_MSG_AUTH,
+            keyA, tv[i].kaSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyA, tv[i].ka_c, tv[i].kaSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+
+        ret = wc_SRTCP_KDF_label(tv[i].key, tv[i].keySz, tv[i].salt,
+            tv[i].saltSz, tv[i].kdfIdx, tv[i].index_c, WC_SRTCP_LABEL_SALT,
+            keyS, tv[i].ksSz);
+        if (ret != 0)
+            return WC_TEST_RET_ENC_EC(ret);
+        if (XMEMCMP(keyS, tv[i].ks_c, tv[i].ksSz) != 0)
+            return WC_TEST_RET_ENC_NC;
+    }
+
+#ifdef WOLFSSL_AES_128
+    i = 0;
+#elif defined(WOLFSSL_AES_192)
+    i = 1;
+#else
+    i = 2;
+#endif
+    ret = wc_SRTP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, 33, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, 15, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, 15,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(NULL, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
+            tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+            keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, NULL, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        25, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        25, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        -2, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        -2, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != BAD_FUNC_ARG)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, NULL, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, NULL, tv[i].keSz, keyA, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, NULL, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, NULL, tv[i].kaSz,
+        keyS, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    ret = wc_SRTP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        NULL, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = wc_SRTCP_KDF(tv[i].key, tv[i].keySz, tv[i].salt, tv[i].saltSz,
+        tv[i].kdfIdx, tv[i].index_c, keyE, tv[i].keSz, keyA, tv[i].kaSz,
+        NULL, tv[i].ksSz);
+    if (ret != 0)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    idx = wc_SRTP_KDF_kdr_to_idx(0);
+    if (idx != -1)
+        return WC_TEST_RET_ENC_NC;
+    for (i = 0; i < 32; i++) {
+        word32 kdr = 1U << i;
+        idx = wc_SRTP_KDF_kdr_to_idx(kdr);
+        if (idx != i)
+            return WC_TEST_RET_ENC_NC;
+    }
+
+    return 0;
+}
+#endif
+
 #ifdef HAVE_ECC
 
 /* size to use for ECC key gen tests */
 #ifndef ECC_KEYGEN_SIZE
-    #ifndef NO_ECC256
+    #if !defined(NO_ECC256) || defined(WOLFSSL_SM2)
         #define ECC_KEYGEN_SIZE 32
     #elif defined(HAVE_ECC384)
         #define ECC_KEYGEN_SIZE 48
@@ -23433,9 +25877,10 @@ typedef struct eccVector {
 } eccVector;
 
 #if !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_vector_item(const eccVector* vector)
+static wc_test_ret_t ecc_test_vector_item(const eccVector* vector)
 {
-    int ret = 0, verify = 0;
+    wc_test_ret_t ret = 0;
+    int verify = 0;
     word32  sigSz;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -23539,9 +25984,9 @@ done:
     return ret;
 }
 
-static int ecc_test_vector(int keySize)
+static wc_test_ret_t ecc_test_vector(int keySize)
 {
-    int     ret;
+    wc_test_ret_t ret;
     eccVector vec;
 
     XMEMSET(&vec, 0, sizeof(vec));
@@ -23789,9 +26234,9 @@ static int ecc_test_vector(int keySize)
                                defined(WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT)) \
     && (!defined(FIPS_VERSION_GE) || FIPS_VERSION_GE(5,3))
 #if defined(HAVE_ECC256)
-static int ecc_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc_test_deterministic_k(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #ifdef WOLFSSL_SMALL_STACK
     ecc_key *key = NULL;
 #else
@@ -23895,9 +26340,9 @@ done:
 #ifdef WOLFSSL_PUBLIC_MP
 #if defined(HAVE_ECC384)
 /* KAT from RFC6979 */
-static int ecc384_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc384_test_deterministic_k(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #ifdef WOLFSSL_SMALL_STACK
     ecc_key *key;
     mp_int *r, *s, *expR, *expS;
@@ -24008,9 +26453,9 @@ done:
 
 #if defined(HAVE_ECC521)
 /* KAT from RFC6979 */
-static int ecc521_test_deterministic_k(WC_RNG* rng)
+static wc_test_ret_t ecc521_test_deterministic_k(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #ifdef WOLFSSL_SMALL_STACK
     ecc_key *key;
     mp_int *r, *s, *expR, *expS;
@@ -24067,7 +26512,7 @@ static int ecc521_test_deterministic_k(WC_RNG* rng)
     }
     ret = wc_ecc_init_ex(key, HEAP_HINT, devId);
     if (ret != 0) {
-        return ret;
+        return WC_TEST_RET_ENC_EC(ret);
     }
     key_inited = 1;
 
@@ -24132,9 +26577,9 @@ done:
 
 #if defined(HAVE_ECC_SIGN) && defined(WOLFSSL_ECDSA_SET_K) && \
     !defined(WOLFSSL_KCAPI_ECC)
-static int ecc_test_sign_vectors(WC_RNG* rng)
+static wc_test_ret_t ecc_test_sign_vectors(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *key = NULL;
 #else
@@ -24232,9 +26677,9 @@ done:
 #endif
 
 #if defined(HAVE_ECC_CDH) && defined(HAVE_ECC_DHE)
-static int ecc_test_cdh_vectors(WC_RNG* rng)
+static wc_test_ret_t ecc_test_cdh_vectors(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *pub_key = (ecc_key *)XMALLOC(sizeof *pub_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     ecc_key *priv_key = (ecc_key *)XMALLOC(sizeof *priv_key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24336,7 +26781,7 @@ done:
 
 #ifdef HAVE_ECC_KEY_IMPORT
 /* returns 0 on success */
-static int ecc_test_make_pub(WC_RNG* rng)
+static wc_test_ret_t ecc_test_make_pub(WC_RNG* rng)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24357,7 +26802,7 @@ static int ecc_test_make_pub(WC_RNG* rng)
     const byte* msg = (const byte*)"test wolfSSL ECC public gen";
     word32 x;
     word32 tmpSz;
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     ecc_point* pubPoint = NULL;
 #ifdef HAVE_ECC_VERIFY
     int verify = 0;
@@ -24612,9 +27057,9 @@ done:
 
 #if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && \
    !defined(WC_NO_RNG) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_key_decode(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_key_decode(WC_RNG* rng, int keySize)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *eccKey = (ecc_key *)XMALLOC(sizeof *eccKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     byte *tmpBuf = (byte *)XMALLOC(ECC_BUFSIZE, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24648,7 +27093,7 @@ static int ecc_test_key_decode(WC_RNG* rng, int keySize)
     if (ret < 0) {
         goto done;
     }
-    tmpSz = ret;
+    tmpSz = (word32)ret;
 
     ret = wc_ecc_init(eccKey);
     if (ret != 0) {
@@ -24694,9 +27139,9 @@ static int ecc_test_key_decode(WC_RNG* rng, int keySize)
 
 #if defined(HAVE_ECC_KEY_EXPORT) && !defined(NO_ASN_CRYPT) && \
    !defined(WC_NO_RNG) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_test_key_gen(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_key_gen(WC_RNG* rng, int keySize)
 {
-    int    ret = 0;
+    wc_test_ret_t ret = 0;
     int    derSz;
 #ifdef HAVE_PKCS8
     word32 pkcs8Sz;
@@ -24711,41 +27156,40 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((der == NULL) || (userA == NULL))
-        ERROR_OUT(MEMORY_E, done);
+        ERROR_OUT(WC_TEST_RET_ENC_EC(MEMORY_E), done);
 #endif
 
     ret = wc_ecc_init_ex(userA, HEAP_HINT, devId);
     if (ret != 0)
-        goto done;
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
 
     ret = wc_ecc_make_key(rng, keySize, userA);
 #if defined(WOLFSSL_ASYNC_CRYPT)
     ret = wc_AsyncWait(ret, &userA->asyncDev, WC_ASYNC_FLAG_NONE);
 #endif
     if (ret != 0)
-        goto done;
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
     TEST_SLEEP();
 
     ret = wc_ecc_check_key(userA);
     if (ret != 0)
-        goto done;
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
     TEST_SLEEP();
 
     derSz = wc_EccKeyToDer(userA, der, ECC_BUFSIZE);
     if (derSz < 0) {
-        ERROR_OUT(derSz, done);
+        ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
     }
 
     ret = SaveDerAndPem(der, derSz, eccCaKeyTempFile, eccCaKeyPemFile,
                         ECC_PRIVATEKEY_TYPE);
-    if (ret != 0) {
-        goto done;
-    }
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
 
     /* test export of public key */
     derSz = wc_EccPublicKeyToDer(userA, der, ECC_BUFSIZE, 1);
     if (derSz < 0) {
-        ERROR_OUT(derSz, done);
+        ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
     }
     if (derSz == 0) {
         ERROR_OUT(WC_TEST_RET_ENC_NC, done);
@@ -24755,7 +27199,7 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
     /* test export of compressed public key */
     derSz = wc_EccPublicKeyToDer_ex(userA, der, ECC_BUFSIZE, 1, 1);
     if (derSz < 0) {
-        ERROR_OUT(derSz, done);
+        ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
     }
     if (derSz == 0) {
         ERROR_OUT(WC_TEST_RET_ENC_NC, done);
@@ -24763,16 +27207,15 @@ static int ecc_test_key_gen(WC_RNG* rng, int keySize)
 #endif
 
     ret = SaveDerAndPem(der, derSz, eccPubKeyDerFile, NULL, 0);
-    if (ret != 0) {
-        goto done;
-    }
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
 
 #ifdef HAVE_PKCS8
     /* test export of PKCS#8 unencrypted private key */
     pkcs8Sz = FOURK_BUF;
     derSz = wc_EccPrivateKeyToPKCS8(userA, der, &pkcs8Sz);
     if (derSz < 0) {
-        ERROR_OUT(derSz, done);
+        ERROR_OUT(WC_TEST_RET_ENC_I(derSz), done);
     }
 
     if (derSz == 0) {
@@ -24802,7 +27245,7 @@ done:
 }
 #endif /* HAVE_ECC_KEY_EXPORT && !NO_ASN_CRYPT */
 
-static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
+static wc_test_ret_t ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
     int curve_id, const ecc_set_type* dp)
 {
 #if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
@@ -24826,7 +27269,7 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
     int     verify;
 #endif /* HAVE_ECC_VERIFY */
 #endif /* HAVE_ECC_SIGN */
-    int     ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     ecc_key *userB = (ecc_key *)XMALLOC(sizeof *userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -24937,7 +27380,8 @@ static int ecc_test_curve_size(WC_RNG* rng, int keySize, int testVerifyCount,
 
     /* only perform the below tests if the key size matches */
     if (dp == NULL && keySize > 0 && wc_ecc_size(userA) != keySize)
-        ERROR_OUT(ECC_CURVE_OID_E, done);
+        /* Not an error, just not a key size match */
+        WARNING_OUT(ECC_CURVE_OID_E, done);
 
 #ifdef HAVE_ECC_DHE
 #if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
@@ -25243,12 +27687,12 @@ done:
 
 #undef  ECC_TEST_VERIFY_COUNT
 #define ECC_TEST_VERIFY_COUNT 2
-static int ecc_test_curve(WC_RNG* rng, int keySize)
+static wc_test_ret_t ecc_test_curve(WC_RNG* rng, int keySize, int curve_id)
 {
-    int ret;
+    wc_test_ret_t ret;
 
-    ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT,
-        ECC_CURVE_DEF, NULL);
+    ret = ecc_test_curve_size(rng, keySize, ECC_TEST_VERIFY_COUNT, curve_id,
+        NULL);
     if (ret < 0) {
         if (ret == ECC_CURVE_OID_E) {
             /* ignore error for curves not found */
@@ -25257,7 +27701,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
                 and HAVE_ECC_KOBLITZ */
         }
         else {
-            printf("ecc_test_curve_size %d failed!: %d\n", keySize, ret);
+            printf("ecc_test_curve_size %d failed!\n", keySize);
             return ret;
         }
     }
@@ -25266,7 +27710,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
 #ifdef HAVE_ECC_VECTOR_TEST
     ret = ecc_test_vector(keySize);
     if (ret < 0) {
-        printf("ecc_test_vector %d failed!: %d\n", keySize, ret);
+        printf("ecc_test_vector %d failed!\n", keySize);
         return ret;
     }
 #endif
@@ -25279,7 +27723,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
             /* ignore error for curves not found */
         }
         else {
-            printf("ecc_test_key_decode %d failed!: %d\n", keySize, ret);
+            printf("ecc_test_key_decode %d failed!\n", keySize);
             return ret;
         }
     }
@@ -25292,7 +27736,7 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
             /* ignore error for curves not found */
         }
         else {
-            printf("ecc_test_key_gen %d failed!: %d\n", keySize, ret);
+            printf("ecc_test_key_gen %d failed!\n", keySize);
             return ret;
         }
     }
@@ -25305,9 +27749,9 @@ static int ecc_test_curve(WC_RNG* rng, int keySize)
 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
     defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
     !defined(WOLFSSL_NO_MALLOC) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_point_test(void)
+static wc_test_ret_t ecc_point_test(void)
 {
-    int        ret;
+    wc_test_ret_t ret;
     ecc_point* point;
     ecc_point* point2;
 #ifdef HAVE_COMP_KEY
@@ -25548,9 +27992,9 @@ done:
 #endif /* !WOLFSSL_ATECC508A && HAVE_ECC_KEY_IMPORT && HAVE_ECC_KEY_EXPORT */
 
 #if !defined(NO_SIG_WRAPPER) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_sig_test(WC_RNG* rng, ecc_key* key)
+static wc_test_ret_t ecc_sig_test(WC_RNG* rng, ecc_key* key)
 {
-    int     ret;
+    wc_test_ret_t ret;
     word32  sigSz;
     int     size;
     byte    out[ECC_MAX_SIG_SIZE];
@@ -25602,9 +28046,9 @@ static int ecc_sig_test(WC_RNG* rng, ecc_key* key)
 #if defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT) && \
    !defined(WOLF_CRYPTO_CB_ONLY_ECC)
 
-static int ecc_exp_imp_test(ecc_key* key)
+static wc_test_ret_t ecc_exp_imp_test(ecc_key* key)
 {
-    int        ret;
+    wc_test_ret_t ret;
     int        curve_id;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key    *keyImp = (ecc_key *)XMALLOC(sizeof *keyImp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -25732,9 +28176,9 @@ done:
 
 #if defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT) && \
     !defined(WOLFSSL_CRYPTOCELL) && !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_mulmod_test(ecc_key* key1)
+static wc_test_ret_t ecc_mulmod_test(ecc_key* key1)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key    *key2 = (ecc_key *)XMALLOC(sizeof *key2, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     ecc_key    *key3 = (ecc_key *)XMALLOC(sizeof *key3, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -25798,9 +28242,9 @@ done:
 
 #if defined(HAVE_ECC_DHE) && !defined(WC_NO_RNG) && \
     !defined(WOLF_CRYPTO_CB_ONLY_ECC)
-static int ecc_ssh_test(ecc_key* key, WC_RNG* rng)
+static wc_test_ret_t ecc_ssh_test(ecc_key* key, WC_RNG* rng)
 {
-    int    ret;
+    wc_test_ret_t ret;
     byte   out[128];
     word32 outLen = sizeof(out);
 
@@ -25845,17 +28289,17 @@ static int ecc_ssh_test(ecc_key* key, WC_RNG* rng)
 }
 #endif /* HAVE_ECC_DHE && !WC_NO_RNG */
 
-static int ecc_def_curve_test(WC_RNG *rng)
+static wc_test_ret_t ecc_def_curve_test(WC_RNG *rng)
 {
-    int     ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 #else
     ecc_key key[1];
 #endif
-#if ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
-    (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT))) \
-    && !defined(NO_ECC_SECP)
+#if !defined(NO_ECC_SECP) && \
+    ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
+     (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
     word32 idx = 0;
 #endif
 
@@ -25906,9 +28350,9 @@ static int ecc_def_curve_test(WC_RNG *rng)
     (void)rng;
 #endif /* !WC_NO_RNG */
 
-#if ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
-    (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT))) \
-    && !defined(NO_ECC_SECP)
+#if !defined(NO_ECC_SECP) && \
+    ((defined(HAVE_ECC_KEY_IMPORT) && defined(HAVE_ECC_KEY_EXPORT)) || \
+     (defined(HAVE_ECC_KEY_IMPORT) && !defined(WOLFSSL_VALIDATE_ECC_IMPORT)))
     /* Use test ECC key - ensure real private "d" exists */
     #ifdef USE_CERT_BUFFERS_256
     ret = wc_EccPrivateKeyDecode(ecc_key_der_256, &idx, key,
@@ -25963,9 +28407,9 @@ done:
 
 #if defined(WOLFSSL_CERT_EXT) && \
     (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
-static int ecc_decode_test(void)
+static wc_test_ret_t ecc_decode_test(void)
 {
-    int        ret;
+    wc_test_ret_t ret;
     word32     inSz;
     word32     inOutIdx;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -26170,9 +28614,9 @@ static const byte eccKeyExplicitCurve[] = {
     0xac, 0xf0, 0x1d, 0x86, 0xf4, 0x2f, 0x65, 0x0b
 };
 
-static int ecc_test_custom_curves(WC_RNG* rng)
+static wc_test_ret_t ecc_test_custom_curves(WC_RNG* rng)
 {
-    int     ret;
+    wc_test_ret_t ret;
     word32  inOutIdx;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *key = (ecc_key *)XMALLOC(sizeof *key, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
@@ -26226,7 +28670,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
     ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, ECC_CURVE_DEF,
         &ecc_dp_brainpool256r1);
     if (ret != 0) {
-        printf("ECC test for custom curve failed! %d\n", ret);
+        printf("ECC test for custom curve failed!\n");
         goto done;
     }
 #endif
@@ -26242,7 +28686,7 @@ static int ecc_test_custom_curves(WC_RNG* rng)
         /* Test and demonstrate use of non-SECP curve */
         ret = ecc_test_curve_size(rng, 0, ECC_TEST_VERIFY_COUNT, curve_id, NULL);
         if (ret < 0) {
-            printf("ECC test for curve_id %d failed! %d\n", curve_id, ret);
+            printf("ECC test for curve_id %d failed!\n", curve_id);
             goto done;
         }
     }
@@ -26277,12 +28721,556 @@ static int ecc_test_custom_curves(WC_RNG* rng)
 }
 #endif /* WOLFSSL_CUSTOM_CURVES */
 
+#ifdef WOLFSSL_SM2
+#ifdef HAVE_ECC_VERIFY
+#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_CUSTOM_CURVES)
+    #ifdef WOLFSSL_SM2
+        #ifdef HAVE_OID_ENCODING
+            #define CODED_SM2P256V1    {1,2,156,10197,1,301}
+            #define CODED_SM2P256V1_SZ 6
+        #else
+            #define CODED_SM2P256V1 {0x06,0x08,0x2A,0x81,0x1C,0xCF,0x55,0x01,0x82,0x2D}
+            #define CODED_SM2P256V1_SZ 10
+        #endif
+        #ifndef WOLFSSL_ECC_CURVE_STATIC
+            static const ecc_oid_t ecc_oid_sm2p256v1[] = CODED_SM2P256V1;
+        #else
+            #define ecc_oid_sm2p256v1 CODED_SM2P256V1
+        #endif
+        #define ecc_oid_sm2p256v1_sz CODED_SM2P256V1_SZ
+    #endif /* WOLFSSL_SM2 */
+    #define ECC_SM2P256V1_TEST 102
+static int test_sm2_verify_caseA2(void)
+{
+    ecc_key key;
+    int ret, res;
+    mp_int r,s;
+
+    /* test key values */
+    const char qx[] = "0AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A";
+    const char qy[] = "7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857";
+    const char d[] = "128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263";
+
+    const ecc_set_type ecc_sm2_A2 = {
+        32,                                                     /* size/bytes */
+        ECC_SM2P256V1_TEST,                                     /* ID         */
+        "SM2P256V1_TEST",                                       /* curve name */
+
+        /* from test case A.2 in draft-shen-sm2-ecdsa-02 */
+        "8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", /* prime */
+        "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", /* A */
+        "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", /* B */
+        "8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", /* order n */
+        "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", /* Gx */
+        "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", /* Gy */
+        ecc_oid_sm2p256v1,                                      /* oid/oidSz  */
+        ecc_oid_sm2p256v1_sz,
+        ECC_SM2P256V1_OID,                                      /* oid sum    */
+        1,                                                      /* cofactor   */
+    };
+
+    /* use canned hash value hash = H(ZA||M) */
+    const byte hash[] = {
+        0xB5,0x24,0xF5,0x52,0xCD,0x82,0xB8,0xB0,
+        0x28,0x47,0x6E,0x00,0x5C,0x37,0x7F,0xB1,
+        0x9A,0x87,0xE6,0xFC,0x68,0x2D,0x48,0xBB,
+        0x5D,0x42,0xE3,0xD9,0xB9,0xEF,0xFE,0x76
+    };
+
+    /* canned r and s */
+    const byte rCan[] = {
+        0x40,0xF1,0xEC,0x59,0xF7,0x93,0xD9,0xF4,
+        0x9E,0x09,0xDC,0xEF,0x49,0x13,0x0D,0x41,
+        0x94,0xF7,0x9F,0xB1,0xEE,0xD2,0xCA,0xA5,
+        0x5B,0xAC,0xDB,0x49,0xC4,0xE7,0x55,0xD1
+    };
+
+    const byte sCan[] = {
+        0x6F,0xC6,0xDA,0xC3,0x2C,0x5D,0x5C,0xF1,
+        0x0C,0x77,0xDF,0xB2,0x0F,0x7C,0x2E,0xB6,
+        0x67,0xA4,0x57,0x87,0x2F,0xB0,0x9E,0xC5,
+        0x63,0x27,0xA6,0x7E,0xC7,0xDE,0xEB,0xE7
+    };
+    mp_init(&r);
+    mp_init(&s);
+
+    ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    ret = wc_ecc_set_custom_curve(&key, &ecc_sm2_A2);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    ret = wc_ecc_import_raw_ex(&key, qx, qy, d, ECC_SM2P256V1_TEST);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    mp_read_unsigned_bin(&r, rCan, sizeof(rCan));
+    mp_read_unsigned_bin(&s, sCan, sizeof(sCan));
+
+    ret = wc_ecc_sm2_verify_hash_ex(&r, &s, hash, sizeof(hash), &res, &key);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (res != 1)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+done:
+    mp_free(&r);
+    mp_free(&s);
+    wc_ecc_free(&key);
+    return ret;
+}
+#endif /* WOLFSSL_PUBLIC_MP && WOLFSSL_CUSTOM_CURVES */
+
+static int test_sm2_verify_case(void)
+{
+    ecc_key key;
+    int ret, res;
+
+    /* test key values */
+    const char qx[] = "637F1B135036C933DC3F7A8EBB1B7B2FD1DFBD268D4F894B5AD47DBDBECD558F";
+    const char qy[] = "E88101D08048E36CCBF61CA38DDF7ABA542B4486E99E49F3A7470A857A096433";
+
+    /* use canned hash value hash = H(ZA||M) */
+    const byte hash[] = {
+        0x3B,0xFA,0x5F,0xFB,0xC4,0x27,0x8C,0x9D,
+        0x02,0x3A,0x19,0xCB,0x1E,0xAA,0xD2,0xF1,
+        0x50,0x69,0x5B,0x20
+    };
+
+    const byte sig[] = {
+        0x30,0x45,0x02,0x21,0x00,0xD2,0xFC,0xA3,
+        0x88,0xE3,0xDF,0xA3,0x00,0x73,0x9B,0x3C,
+        0x2A,0x0D,0xAD,0x44,0xA2,0xFC,0x62,0xD5,
+        0x6B,0x84,0x54,0xD8,0x40,0x22,0x62,0x3D,
+        0x5C,0xA6,0x61,0x9B,0xE7,0x02,0x20,0x1D,
+        0xB5,0xB5,0xD9,0xD8,0xF1,0x20,0xDD,0x97,
+        0x92,0xBF,0x7E,0x9B,0x3F,0xE6,0x3C,0x4B,
+        0x03,0xD8,0x80,0xBD,0xB7,0x27,0x7E,0x6A,
+        0x84,0x23,0xDE,0x61,0x7C,0x8D,0xDC
+    };
+
+    const byte badSig[] = {
+        0x30,0x45,0x02,0x21,0x00,0xD2,0xFC,0xA3,
+        0x88,0xE3,0xDF,0xA3,0x00,0x73,0x9B,0x3C,
+        0x2A,0x0D,0xAD,0x44,0xA2,0xFC,0x62,0xD5,
+        0x6B,0x84,0x54,0xD8,0x40,0x22,0x62,0x3D,
+        0x5C,0xA6,0x61,0x9B,0xE7,0x02,0x20,0x1D,
+        0xB5,0xB5,0xE9,0xD8,0xF1,0x20,0xDD,0x97,
+        0x92,0xBF,0x7E,0x9B,0x3F,0xE6,0x3C,0x4B,
+        0x03,0xD8,0x80,0xBD,0xB7,0x27,0x7E,0x6A,
+        0x84,0x23,0xDE,0x61,0x7C,0x8D,0xDC
+    };
+
+
+    ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    ret = wc_ecc_import_raw(&key, qx, qy, NULL, "SM2P256V1");
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    ret = wc_ecc_sm2_verify_hash(sig, sizeof(sig), hash, sizeof(hash), &res,
+            &key);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (res != 1)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+    /* now test a case that should fail */
+    ret = wc_ecc_sm2_verify_hash(badSig, sizeof(badSig), hash, sizeof(hash),
+            &res, &key);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (res == 1)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+done:
+    wc_ecc_free(&key);
+    return ret;
+}
+
+static int ecc_sm2_test_curve(WC_RNG* rng, int testVerifyCount)
+{
+    const ecc_set_type* dp = wc_ecc_get_curve_params(
+        wc_ecc_get_curve_idx(ECC_SM2P256V1));
+    int keySize = 32;
+    int curve_id = ECC_SM2P256V1;
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+    WC_DECLARE_VAR(sharedA, byte, ECC_SHARED_SIZE, HEAP_HINT);
+    WC_DECLARE_VAR(sharedB, byte, ECC_SHARED_SIZE, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_KEY_EXPORT
+    #define ECC_KEY_EXPORT_BUF_SIZE (MAX_ECC_BYTES * 2 + 32)
+    WC_DECLARE_VAR(exportBuf, byte, ECC_KEY_EXPORT_BUF_SIZE, HEAP_HINT);
+#endif
+    word32  x = 0;
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+    word32  y;
+#endif
+#ifdef HAVE_ECC_SIGN
+    WC_DECLARE_VAR(sig, byte, ECC_SIG_SIZE, HEAP_HINT);
+    WC_DECLARE_VAR(digest, byte, ECC_DIGEST_SIZE, HEAP_HINT);
+    int     i;
+#ifdef HAVE_ECC_VERIFY
+    int     verify;
+#endif /* HAVE_ECC_VERIFY */
+#endif /* HAVE_ECC_SIGN */
+    int     ret;
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+    ecc_key *userA = (ecc_key *)XMALLOC(sizeof *userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    ecc_key *userB = (ecc_key *)XMALLOC(sizeof *userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    ecc_key *pubKey = (ecc_key *)XMALLOC(sizeof *pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+#else
+    ecc_key userA[1];
+    ecc_key userB[1];
+    ecc_key pubKey[1];
+#endif
+#ifndef WC_NO_RNG
+    int     curveSize;
+#endif
+
+#ifdef WC_DECLARE_VAR_IS_HEAP_ALLOC
+#if (defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)) && !defined(WC_NO_RNG)
+    if (sharedA == NULL || sharedB == NULL)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+#ifdef HAVE_ECC_KEY_EXPORT
+    if (exportBuf == NULL)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+#ifdef HAVE_ECC_SIGN
+    if (sig == NULL || digest == NULL)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+#endif /* WOLFSSL_SMALL_STACK && !WOLFSSL_NO_MALLOC */
+
+    (void)testVerifyCount;
+    (void)dp;
+    (void)x;
+
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+    if ((userA == NULL) ||
+        (userB == NULL) ||
+        (pubKey == NULL))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif
+
+    XMEMSET(userA, 0, sizeof *userA);
+    XMEMSET(userB, 0, sizeof *userB);
+    XMEMSET(pubKey, 0, sizeof *pubKey);
+
+    ret = wc_ecc_init_ex(userA, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    ret = wc_ecc_init_ex(userB, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    ret = wc_ecc_init_ex(pubKey, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifndef WC_NO_RNG
+    ret = wc_ecc_sm2_make_key(rng, userA, WC_ECC_FLAG_NONE);
+    if (ret == ECC_CURVE_OID_E)
+        goto done; /* catch case, where curve is not supported */
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    TEST_SLEEP();
+
+    if (wc_ecc_get_curve_idx(curve_id) != -1) {
+        curveSize = wc_ecc_get_curve_size_from_id(userA->dp->id);
+        if (curveSize != userA->dp->size) {
+            ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+        }
+    }
+
+    ret = wc_ecc_check_key(userA);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    TEST_SLEEP();
+
+    ret = wc_ecc_sm2_make_key(rng, userB, WC_ECC_FLAG_NONE);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    /* only perform the below tests if the key size matches */
+    if (dp == NULL && keySize > 0 && wc_ecc_size(userA) != keySize)
+    if (ret != 0) {
+        ret = ECC_CURVE_OID_E;
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    }
+
+#ifdef HAVE_ECC_DHE
+#if defined(ECC_TIMING_RESISTANT)
+    ret = wc_ecc_set_rng(userA, rng);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    ret = wc_ecc_set_rng(userB, rng);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+#endif
+
+    x = ECC_SHARED_SIZE;
+    ret = wc_ecc_sm2_shared_secret(userA, userB, sharedA, &x);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    y = ECC_SHARED_SIZE;
+    ret = wc_ecc_sm2_shared_secret(userB, userA, sharedB, &y);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (y != x)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+    if (XMEMCMP(sharedA, sharedB, x))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif /* HAVE_ECC_DHE */
+
+#ifdef HAVE_ECC_KEY_EXPORT
+    x = ECC_KEY_EXPORT_BUF_SIZE;
+    ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 0);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_KEY_IMPORT
+    ret = wc_ecc_import_x963_ex(exportBuf, x, pubKey, curve_id);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_DHE
+    y = ECC_SHARED_SIZE;
+    ret = wc_ecc_sm2_shared_secret(userB, pubKey, sharedB, &y);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (XMEMCMP(sharedA, sharedB, y))
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+#endif /* HAVE_ECC_DHE */
+
+    #ifdef HAVE_COMP_KEY
+        /* try compressed export / import too */
+        x = ECC_KEY_EXPORT_BUF_SIZE;
+        ret = wc_ecc_export_x963_ex(userA, exportBuf, &x, 1);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+        wc_ecc_free(pubKey);
+
+        ret = wc_ecc_init_ex(pubKey, HEAP_HINT, devId);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+    #endif
+        ret = wc_ecc_import_x963_ex(exportBuf, x, pubKey, curve_id);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    #ifdef HAVE_ECC_DHE
+        y = ECC_SHARED_SIZE;
+        ret = wc_ecc_sm2_shared_secret(userB, pubKey, sharedB, &y);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+        if (XMEMCMP(sharedA, sharedB, y))
+            ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+    #endif /* HAVE_ECC_DHE */
+
+#endif /* HAVE_ECC_KEY_IMPORT */
+#endif /* HAVE_ECC_KEY_EXPORT */
+#endif /* !WC_NO_RNG */
+
+#if !defined(ECC_TIMING_RESISTANT) || (defined(ECC_TIMING_RESISTANT) && \
+    !defined(WC_NO_RNG))
+#ifdef HAVE_ECC_SIGN
+    /* ECC w/out Shamir has issue with all 0 digest */
+    /* WC_BIGINT doesn't have 0 len well on hardware */
+    /* Cryptocell has issues with all 0 digest */
+#if defined(ECC_SHAMIR)
+    /* test DSA sign hash with zeros */
+    for (i = 0; i < (int)ECC_DIGEST_SIZE; i++) {
+        digest[i] = 0;
+    }
+
+    x = ECC_SIG_SIZE;
+    ret = wc_ecc_sm2_sign_hash(digest, ECC_DIGEST_SIZE, sig, &x, rng, userA);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_VERIFY
+    for (i = 0; i < testVerifyCount; i++) {
+        verify = 0;
+        ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify,
+                                                                         userA);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+        if (verify != 1)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+    }
+#endif /* HAVE_ECC_VERIFY */
+#endif /* ECC_SHAMIR */
+
+    /* test DSA sign hash with sequence (0,1,2,3,4,...) */
+    for (i = 0; i < (int)ECC_DIGEST_SIZE; i++) {
+        digest[i] = (byte)i;
+    }
+
+    x = ECC_SIG_SIZE;
+    ret = wc_ecc_sm2_sign_hash(digest, ECC_DIGEST_SIZE, sig, &x, rng, userA);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+#ifdef HAVE_ECC_VERIFY
+    for (i = 0; i < testVerifyCount; i++) {
+        verify = 0;
+        ret = wc_ecc_sm2_verify_hash(sig, x, digest, ECC_DIGEST_SIZE, &verify,
+                                                                         userA);
+        if (ret != 0)
+            ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+        if (verify != 1)
+            ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+    }
+#endif /* HAVE_ECC_VERIFY */
+#endif /* HAVE_ECC_SIGN */
+#endif /* !ECC_TIMING_RESISTANT || (ECC_TIMING_RESISTANT && !WC_NO_RNG) */
+
+#if defined(HAVE_ECC_KEY_EXPORT) && !defined(WC_NO_RNG)
+    x = ECC_KEY_EXPORT_BUF_SIZE;
+    ret = wc_ecc_export_private_only(userA, exportBuf, &x);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+#elif defined(HAVE_ECC_KEY_EXPORT)
+    (void)exportBuf;
+#endif /* HAVE_ECC_KEY_EXPORT */
+
+done:
+
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+    if (userA != NULL) {
+        wc_ecc_free(userA);
+        XFREE(userA, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (userB != NULL) {
+        wc_ecc_free(userB);
+        XFREE(userB, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+    if (pubKey != NULL) {
+        wc_ecc_free(pubKey);
+        XFREE(pubKey, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    }
+#else
+    wc_ecc_free(pubKey);
+    wc_ecc_free(userB);
+    wc_ecc_free(userA);
+#endif
+
+#if defined(HAVE_ECC_DHE) || defined(HAVE_ECC_CDH)
+    WC_FREE_VAR(sharedA, HEAP_HINT);
+    WC_FREE_VAR(sharedB, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_KEY_EXPORT
+    WC_FREE_VAR(exportBuf, HEAP_HINT);
+#endif
+#ifdef HAVE_ECC_SIGN
+    WC_FREE_VAR(sig, HEAP_HINT);
+    WC_FREE_VAR(digest, HEAP_HINT);
+#endif
+
+    (void)keySize;
+    (void)curve_id;
+    (void)rng;
+
+    return ret;
+}
+#endif /* HAVE_ECC_VERIFY */
+
+static int test_sm2_create_digest(void)
+{
+    const byte msg[] = "message to sign";
+    const byte id[] = "0123456789";
+    const byte badId[] = "0123556789";
+    byte expected[] = {
+        0xdd, 0x4d, 0x65, 0x49, 0xa3, 0x64, 0x76, 0xc0,
+        0x73, 0x05, 0xdc, 0x05, 0x16, 0xb5, 0xee, 0x9f,
+        0x82, 0xf9, 0xe9, 0x7d, 0x01, 0x1a, 0xdc, 0x88,
+        0x5a, 0x59, 0x9c, 0x44, 0xcc, 0x47, 0xa4, 0x78
+    };
+    ecc_key key;
+    int ret;
+
+    /* test key values */
+    const char qx[] =
+        "af178b7b8740cc9d5b493fbd22049c12621bc27dcc5802e75ff4d045a4158baf";
+    const char qy[] =
+        "89933faf7a4798f48c5b9b4cd3a7693d54c9e05449946eb489c0dd50a5294805";
+    const char d[] =
+        "b3e66c2dbfb50c6ff6830c1fac4b51293a2562f9e667052b03df2d4b43c1f34a";
+    byte digest[WC_SHA256_DIGEST_SIZE];
+
+    ret = wc_ecc_init_ex(&key, HEAP_HINT, devId);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    ret = wc_ecc_import_raw(&key, qx, qy, d, "SM2P256V1");
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    ret = wc_ecc_sm2_create_digest(id, (int)XSTRLEN((const char*)id),
+        msg, (int)XSTRLEN((const char*)msg), WC_HASH_TYPE_SHA256, digest,
+        WC_SHA256_DIGEST_SIZE, &key);
+    if (ret != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
+
+    if (XMEMCMP(digest, expected, WC_SHA256_DIGEST_SIZE) != 0)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+
+    ret = wc_ecc_sm2_create_digest(badId, (int)XSTRLEN((const char*)badId),
+        msg, (int)XSTRLEN((const char*)msg), WC_HASH_TYPE_SHA256, digest,
+        WC_SHA256_DIGEST_SIZE, &key);
+    if (ret != 0)
+        goto done;
+
+    /* should be different than the previous ID used */
+    if (XMEMCMP(digest, expected, WC_SHA256_DIGEST_SIZE) == 0)
+        ERROR_OUT(WC_TEST_RET_ENC_NC, done);
+done:
+    wc_ecc_free(&key);
+    return ret;
+}
+
+static int test_sm2_verify(void)
+{
+    int ret = 0;
+
+#ifdef HAVE_ECC_VERIFY
+#if defined(WOLFSSL_PUBLIC_MP) && defined(WOLFSSL_CUSTOM_CURVES)
+    ret = test_sm2_verify_caseA2();
+    if (ret != 0)
+        return ret;
+#endif
+
+    ret = test_sm2_verify_case();
+    if (ret != 0)
+        return ret;
+#endif /* HAVE_ECC_VERIFY */
+
+    ret = test_sm2_create_digest();
+
+    return ret;
+}
+#endif /* WOLFSSL_SM2 */
+
+
 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_ECC_SECP) && !defined(NO_ASN_TIME)
 
 /* Make Cert / Sign example for ECC cert and ECC CA */
-static int ecc_test_cert_gen(WC_RNG* rng)
+static wc_test_ret_t ecc_test_cert_gen(WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     Cert        *myCert = (Cert *)XMALLOC(sizeof *myCert, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
     #ifdef WOLFSSL_TEST_CERT
@@ -26462,7 +29450,7 @@ static int ecc_test_cert_gen(WC_RNG* rng)
     } while (ret == WC_PENDING_E);
     if (ret < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), exit);
-    certSz = ret;
+    certSz = (word32)ret;
     TEST_SLEEP();
 
 #ifdef WOLFSSL_TEST_CERT
@@ -26515,9 +29503,9 @@ exit:
     !defined(WOLFSSL_NO_MALLOC) && !defined(WOLF_CRYPTO_CB_ONLY_ECC) && \
     (!defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES))
 /* Test for the wc_ecc_key_new() and wc_ecc_key_free() functions. */
-static int ecc_test_allocator(WC_RNG* rng)
+static wc_test_ret_t ecc_test_allocator(WC_RNG* rng)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     ecc_key* key;
 #ifdef WC_NO_RNG
     word32 idx = 0;
@@ -26651,11 +29639,12 @@ static const byte p521PubKey[] = {
 /* perform verify of signature and hash using public key */
 /* key is public Qx + public Qy */
 /* sig is r + s */
-static int crypto_ecc_verify(const byte *key, uint32_t keySz,
+static wc_test_ret_t crypto_ecc_verify(const byte *key, uint32_t keySz,
     const byte *hash, uint32_t hashSz, const byte *sig, uint32_t sigSz,
     uint32_t curveSz, int curveId)
 {
-    int ret, verify_res = 0, count = 0;
+    wc_test_ret_t ret;
+    int verify_res = 0, count = 0;
     mp_int r, s;
     ecc_key ecc;
     ecc_nb_ctx_t nb_ctx;
@@ -26752,11 +29741,12 @@ static int crypto_ecc_verify(const byte *key, uint32_t keySz,
 }
 
 /* perform signature operation against hash using private key */
-static int crypto_ecc_sign(const byte *key, uint32_t keySz,
+static wc_test_ret_t crypto_ecc_sign(const byte *key, uint32_t keySz,
     const byte *hash, uint32_t hashSz, byte *sig, uint32_t* sigSz,
     uint32_t curveSz, int curveId, WC_RNG* rng)
 {
-    int ret, count = 0;
+    wc_test_ret_t ret;
+    int count = 0;
     mp_int r, s;
     ecc_key ecc;
     ecc_nb_ctx_t nb_ctx;
@@ -26847,10 +29837,10 @@ static int crypto_ecc_sign(const byte *key, uint32_t keySz,
  * don't have non-blocking versions of the key checking functions, yet.
  */
 #if defined(HAVE_ECC_DHE) && !defined(WOLFSSL_VALIDATE_ECC_KEYGEN)
-static int ecc_test_nonblock_dhe(int curveId, word32 curveSz,
+static wc_test_ret_t ecc_test_nonblock_dhe(int curveId, word32 curveSz,
     const byte* privKey, const byte* pubKey, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     ecc_key keyA;
     ecc_key keyB;
     ecc_nb_ctx_t nbCtxA;
@@ -26933,11 +29923,11 @@ static int ecc_test_nonblock_dhe(int curveId, word32 curveSz,
 #endif /* HAVE_ECC_DHE && !WOLFSSL_VALIDATE_ECC_KEYGEN */
 
 #if defined(HAVE_ECC_SIGN) && defined(HAVE_ECC_VERIFY)
-static int ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
+static wc_test_ret_t ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
     const byte* privKey, word32 privKeySz, const byte* pubKey, word32 pubKeySz,
     WC_RNG* rng)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     byte* sig = NULL;
     word32 sigSz = curveSz * 2;
     static const byte hash[] = {
@@ -26972,9 +29962,9 @@ static int ecc_test_nonblock_ecdsa(int curveId, word32 curveSz,
 }
 #endif /* HAVE_ECC_SIGN && HAVE_ECC_VERIFY */
 
-static int ecc_test_nonblock(WC_RNG* rng)
+static wc_test_ret_t ecc_test_nonblock(WC_RNG* rng)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     word32 i;
     int curveIds[3] = {0, 0, 0};
     word32 curveSzs[3] = {0, 0, 0};
@@ -27028,9 +30018,61 @@ static int ecc_test_nonblock(WC_RNG* rng)
 }
 #endif /* WC_ECC_NONBLOCK && WOLFSSL_HAVE_SP_ECC && WOLFSSL_PUBLIC_MP */
 
-WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
+#if !defined(NO_ASN) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+    (HAVE_FIPS_VERSION > 2)))
+static int ecc_test_raw_enc_dec(void)
 {
     int ret;
+    unsigned char r[1];
+    word32 rSz;
+    unsigned char s[1];
+    word32 sSz;
+    unsigned char rZero[] = { 0, 0, 0, 0 };
+    unsigned char sOne[] = { 0, 0, 1 };
+    unsigned char sigRaw[32];
+    word32 sigRawSz;
+    unsigned char expSig[] = { 0x30, 0x06, 0x02, 0x01, 0x00, 0x02, 0x01, 0x01 };
+
+    sigRawSz = sizeof(sigRaw);
+    ret = wc_ecc_rs_raw_to_sig(rZero, sizeof(rZero), sOne, sizeof(sOne),
+        sigRaw, &sigRawSz);
+    if (ret != 0) {
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+    if (sigRawSz != sizeof(expSig)) {
+        return WC_TEST_RET_ENC_EC((int)sigRawSz);
+    }
+    if (XMEMCMP(sigRaw, expSig, sizeof(expSig)) != 0) {
+        return WC_TEST_RET_ENC_NC;
+    }
+
+    rSz = sizeof(r);
+    sSz = sizeof(s);
+    ret = wc_ecc_sig_to_rs(sigRaw, sigRawSz, r, &rSz, s, &sSz);
+    if (ret != 0) {
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+    if (rSz != 1) {
+        return WC_TEST_RET_ENC_EC((int)rSz);
+    }
+    if (sSz != 1) {
+        return WC_TEST_RET_ENC_EC((int)sSz);
+    }
+    if (r[0] != 0) {
+        return WC_TEST_RET_ENC_EC(r[0]);
+    }
+    if (s[0] != 1) {
+        return WC_TEST_RET_ENC_EC(s[0]);
+    }
+
+    return ret;
+}
+#endif
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test(void)
+{
+    wc_test_ret_t ret;
     WC_RNG rng;
 
 #if defined(WOLFSSL_CERT_EXT) && \
@@ -27053,44 +30095,51 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
 #endif
 
 #if (defined(HAVE_ECC112) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 112
-    ret = ecc_test_curve(&rng, 14);
+    ret = ecc_test_curve(&rng, 14, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=14, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC112 */
 #if (defined(HAVE_ECC128) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 128
-    ret = ecc_test_curve(&rng, 16);
+    ret = ecc_test_curve(&rng, 16, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=16, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC128 */
 #if (defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 160
-    ret = ecc_test_curve(&rng, 20);
+    ret = ecc_test_curve(&rng, 20, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=20, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC160 */
 #if (defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 192
-    ret = ecc_test_curve(&rng, 24);
+    ret = ecc_test_curve(&rng, 24, ECC_CURVE_DEF);
+        printf("keySize=24, Default\n");
     if (ret < 0) {
         goto done;
     }
 #endif /* HAVE_ECC192 */
 #if (defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 224
-    ret = ecc_test_curve(&rng, 28);
+    ret = ecc_test_curve(&rng, 28, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=28, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC224 */
 #if (defined(HAVE_ECC239) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 239
-    ret = ecc_test_curve(&rng, 30);
+    ret = ecc_test_curve(&rng, 30, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=30, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC239 */
 #if (!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 256
-    ret = ecc_test_curve(&rng, 32);
+    ret = ecc_test_curve(&rng, 32, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=32, Default\n");
         goto done;
     }
 #if !defined(WOLFSSL_ATECC508A) && !defined(WOLFSSL_ATECC608A) && \
@@ -27104,38 +30153,74 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
 #if !defined(NO_ECC_SECP) || defined(WOLFSSL_CUSTOM_CURVES)
     ret = ecc_def_curve_test(&rng);
     if (ret < 0) {
+        printf("Default\n");
         goto done;
     }
 #endif
 #endif /* !NO_ECC256 */
 #if (defined(HAVE_ECC320) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 320
-    ret = ecc_test_curve(&rng, 40);
+    ret = ecc_test_curve(&rng, 40, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=40, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC320 */
 #if (defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 384
-    ret = ecc_test_curve(&rng, 48);
+    ret = ecc_test_curve(&rng, 48, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=48, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC384 */
 #if (defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 512
-    ret = ecc_test_curve(&rng, 64);
+    ret = ecc_test_curve(&rng, 64, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=64, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC512 */
 #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521
-    ret = ecc_test_curve(&rng, 66);
+    ret = ecc_test_curve(&rng, 66, ECC_CURVE_DEF);
     if (ret < 0) {
+        printf("keySize=66, Default\n");
         goto done;
     }
 #endif /* HAVE_ECC521 */
+#ifdef WOLFSSL_SM2
+    ret = ecc_test_curve(&rng, 32, ECC_SM2P256V1);
+    if (ret < 0) {
+        printf("SM2\n");
+        goto done;
+    }
+#endif
+
+#if !defined(NO_ASN) && !defined(HAVE_SELFTEST) && \
+    (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
+    (HAVE_FIPS_VERSION > 2)))
+    ret = ecc_test_raw_enc_dec();
+    if (ret != 0) {
+        printf("raw sig encode/decode\n");
+        goto done;
+    }
+#endif
 
 #if defined(WOLFSSL_CUSTOM_CURVES)
     ret = ecc_test_custom_curves(&rng);
     if (ret != 0) {
+        printf("Custom\n");
+        goto done;
+    }
+#endif
+
+#if defined(WOLFSSL_SM2)
+    ret = test_sm2_verify();
+    if (ret != 0) {
+        printf("SM2 Verify\n");
+        goto done;
+    }
+    ret = ecc_sm2_test_curve(&rng, ECC_TEST_VERIFY_COUNT);
+    if (ret != 0) {
+        printf("SM2 test\n");
         goto done;
     }
 #endif
@@ -27146,7 +30231,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     #ifdef HAVE_ECC256
     ret = ecc_test_deterministic_k(&rng);
     if (ret != 0) {
-        printf("ecc_test_deterministic_k failed! %d\n", ret);
+        printf("ecc_test_deterministic_k failed!\n");
         goto done;
     }
     #endif
@@ -27154,14 +30239,14 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     #if defined(HAVE_ECC384)
     ret = ecc384_test_deterministic_k(&rng);
     if (ret != 0) {
-        printf("ecc384_test_deterministic_k failed! %d\n", ret);
+        printf("ecc384_test_deterministic_k failed!\n");
         goto done;
     }
     #endif
     #if defined(HAVE_ECC521)
     ret = ecc521_test_deterministic_k(&rng);
     if (ret != 0) {
-        printf("ecc512_test_deterministic_k failed! %d\n", ret);
+        printf("ecc512_test_deterministic_k failed!\n");
         goto done;
     }
     #endif
@@ -27172,7 +30257,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     !defined(WOLFSSL_KCAPI_ECC)
     ret = ecc_test_sign_vectors(&rng);
     if (ret != 0) {
-        printf("ecc_test_sign_vectors failed! %d\n", ret);
+        printf("ecc_test_sign_vectors failed!\n");
         goto done;
     }
 #endif
@@ -27180,7 +30265,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     defined(HAVE_ECC_DHE)
     ret = ecc_test_cdh_vectors(&rng);
     if (ret != 0) {
-        printf("ecc_test_cdh_vectors failed! %d\n", ret);
+        printf("ecc_test_cdh_vectors failed!\n");
         goto done;
     }
 #endif
@@ -27189,7 +30274,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
   !defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
     ret = ecc_test_make_pub(&rng);
     if (ret != 0) {
-        printf("ecc_test_make_pub failed!: %d\n", ret);
+        printf("ecc_test_make_pub failed!\n");
         goto done;
     }
 #elif defined(HAVE_ECC_KEY_IMPORT)
@@ -27198,7 +30283,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
 #if defined(WOLFSSL_CERT_GEN) && !defined(NO_ECC_SECP) && !defined(NO_ASN_TIME)
     ret = ecc_test_cert_gen(&rng);
     if (ret != 0) {
-        printf("ecc_test_cert_gen failed!: %d\n", ret);
+        printf("ecc_test_cert_gen failed!\n");
         goto done;
     }
 #endif
@@ -27207,7 +30292,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     defined(WOLFSSL_CUSTOM_CURVES))
     ret = ecc_test_allocator(&rng);
     if (ret != 0) {
-        printf("ecc_test_allocator failed!: %d\n", ret);
+        printf("ecc_test_allocator failed!\n");
         goto done;
     }
 #endif
@@ -27216,7 +30301,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test(void)
     defined(HAVE_ECC_SIGN) && defined(HAVE_ECC_VERIFY)
     ret = ecc_test_nonblock(&rng);
     if (ret != 0) {
-        printf("ecc_test_nonblock failed!: %d\n", ret);
+        printf("ecc_test_nonblock failed!\n");
         goto done;
     }
 #endif
@@ -27231,7 +30316,7 @@ done:
     (defined(WOLFSSL_AES_128) || defined(WOLFSSL_AES_256))
 
 #if ((! defined(HAVE_FIPS)) || FIPS_VERSION_GE(5,3))
-static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
+static wc_test_ret_t ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     byte* plaintext;
@@ -27246,7 +30331,7 @@ static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
     ecEncCtx* bCtx = NULL;
     static const byte salt[16] = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13,
                                   14, 15};
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     static const char message[] = "Hello wolfSSL!";
     word32 plaintextLen;
     word32 encryptLen = 128;
@@ -27353,9 +30438,9 @@ static int ecc_ctx_kdf_salt_test(WC_RNG* rng, ecc_key* a, ecc_key* b)
 
 #if (!defined(NO_ECC256)  || defined(HAVE_ALL_CURVES)) && \
     ECC_MIN_KEY_SZ <= 256 && defined(WOLFSSL_AES_128)
-static int ecc_encrypt_kat(WC_RNG *rng)
+static wc_test_ret_t ecc_encrypt_kat(WC_RNG *rng)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #ifdef WOLFSSL_ECIES_OLD
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key* userA = NULL;
@@ -27591,10 +30676,10 @@ static int ecc_encrypt_kat(WC_RNG *rng)
 }
 #endif
 
-static int ecc_encrypt_e2e_test(WC_RNG* rng, ecc_key* userA, ecc_key* userB,
+static wc_test_ret_t ecc_encrypt_e2e_test(WC_RNG* rng, ecc_key* userA, ecc_key* userB,
     byte encAlgo, byte kdfAlgo, byte macAlgo)
 {
-    int     ret = 0;
+    wc_test_ret_t ret = 0;
     byte    msg[48];
     byte    plain[48];
 #ifdef WOLFSSL_ECIES_OLD
@@ -27862,10 +30947,10 @@ done:
 
 #endif /* !HAVE_FIPS || FIPS_VERSION_GE(5,3) */
 
-WOLFSSL_TEST_SUBROUTINE int ecc_encrypt_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_encrypt_test(void)
 {
     WC_RNG  rng;
-    int     ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     ecc_key *userA;
     ecc_key *userB;
@@ -27942,6 +31027,22 @@ WOLFSSL_TEST_SUBROUTINE int ecc_encrypt_test(void)
             printf("ECIES: AES_128_CBC, HKDF_SHA256, HMAC_SHA256\n");
         }
     }
+#ifdef HAVE_X963_KDF
+    if (ret == 0) {
+        ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC,
+            ecKDF_X963_SHA256, ecHMAC_SHA256);
+        if (ret != 0) {
+            printf("ECIES: AES_128_CBC, KDF_X963_SHA256, HMAC_SHA256\n");
+        }
+    }
+    if (ret == 0) {
+        ret = ecc_encrypt_e2e_test(&rng, userA, userB, ecAES_128_CBC,
+            ecKDF_SHA256, ecHMAC_SHA256);
+        if (ret != 0) {
+            printf("ECIES: AES_128_CBC, KDF_SHA256, HMAC_SHA256\n");
+        }
+    }
+#endif
 #endif
 #ifdef WOLFSSL_AES_256
     if (ret == 0) {
@@ -28007,7 +31108,7 @@ done:
     !defined(WOLFSSL_ATECC608A) && !defined(NO_ECC256) && \
     defined(HAVE_ECC_VERIFY) && defined(HAVE_ECC_SIGN) && \
     !defined(WOLF_CRYPTO_CB_ONLY_ECC) && !defined(NO_ECC_SECP)
-WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ecc_test_buffers(void)
 {
     size_t bytes;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -28021,7 +31122,7 @@ WOLFSSL_TEST_SUBROUTINE int ecc_test_buffers(void)
 #endif
     WC_RNG rng;
     word32 idx = 0;
-    int    ret;
+    wc_test_ret_t ret;
     /* pad our test message to 32 bytes so evenly divisible by AES_BLOCK_SZ */
     byte   in[] = "Everyone gets Friday off. ecc p";
     word32 inLen = (word32)XSTRLEN((char*)in);
@@ -28186,7 +31287,7 @@ TEST_SLEEP();
 #else
 #define X25519_TEST_CNT    1
 #endif
-static int curve25519_overflow_test(void)
+static wc_test_ret_t curve25519_overflow_test(void)
 {
     /* secret key for party a */
     byte sa[X25519_TEST_CNT][32] = {
@@ -28297,7 +31398,7 @@ static int curve25519_overflow_test(void)
 #endif
     };
 
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int            i;
     word32         y;
     byte           shared[32];
@@ -28332,9 +31433,9 @@ static int curve25519_overflow_test(void)
  *
  * returns 0 on success and -ve on failure.
  */
-static int curve25519_check_public_test(void)
+static wc_test_ret_t curve25519_check_public_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     /* Little-endian values that will fail */
     byte fail_le[][CURVE25519_KEYSIZE] = {
         {
@@ -28452,9 +31553,9 @@ static int curve25519_check_public_test(void)
 
 #if !defined(NO_ASN) && defined(HAVE_CURVE25519_KEY_EXPORT) && \
     defined(HAVE_CURVE25519_KEY_IMPORT)
-static int curve255519_der_test(void)
+static wc_test_ret_t curve255519_der_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     /* certs/statickeys/x25519.der */
     const byte kCurve25519PrivDer[] = {
         0x30, 0x2E, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x6E,
@@ -28490,7 +31591,7 @@ static int curve255519_der_test(void)
         outputSz = (word32)sizeof(output);
         ret = wc_Curve25519PrivateKeyToDer(&key, output, outputSz);
         if (ret >= 0) {
-            outputSz = ret;
+            outputSz = (word32)ret;
             ret = 0;
         }
         else {
@@ -28514,7 +31615,7 @@ static int curve255519_der_test(void)
         outputSz = (word32)sizeof(output);
         ret = wc_Curve25519PublicKeyToDer(&key, output, outputSz, 1);
         if (ret >= 0) {
-            outputSz = ret;
+            outputSz = (word32)ret;
             ret = 0;
         }
         else {
@@ -28532,10 +31633,10 @@ static int curve255519_der_test(void)
 }
 #endif /* !NO_ASN && HAVE_CURVE25519_KEY_EXPORT && HAVE_CURVE25519_KEY_IMPORT */
 
-WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve25519_test(void)
 {
     WC_RNG  rng;
-    int ret;
+    wc_test_ret_t ret;
 #ifdef HAVE_CURVE25519_SHARED_SECRET
     byte    sharedA[32];
     byte    sharedB[32];
@@ -28621,13 +31722,13 @@ WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
     /* find shared secret key */
     x = sizeof(sharedA);
     if ((ret = wc_curve25519_shared_secret(&userA, &userB, sharedA, &x)) != 0) {
-        printf("wc_curve25519_shared_secret 1 %d\n", ret);
+        printf("wc_curve25519_shared_secret 1 failed\n");
         return WC_TEST_RET_ENC_EC(ret);
     }
 
     y = sizeof(sharedB);
     if ((ret = wc_curve25519_shared_secret(&userB, &userA, sharedB, &y)) != 0) {
-        printf("wc_curve25519_shared_secret 2 %d\n", ret);
+        printf("wc_curve25519_shared_secret 2 failed\n");
         return WC_TEST_RET_ENC_EC(ret);
     }
 
@@ -28755,7 +31856,7 @@ WOLFSSL_TEST_SUBROUTINE int curve25519_test(void)
 
 #ifdef HAVE_ED25519
 #ifdef WOLFSSL_TEST_CERT
-static int ed25519_test_cert(void)
+static wc_test_ret_t ed25519_test_cert(void)
 {
     DecodedCert  cert[2];
     DecodedCert* serverCert = NULL;
@@ -28765,7 +31866,7 @@ static int ed25519_test_cert(void)
     ed25519_key* pubKey = NULL;
     int          verify;
 #endif /* HAVE_ED25519_VERIFY */
-    int          ret;
+    wc_test_ret_t ret;
     byte*        tmp;
     size_t       bytes;
     XFILE        file;
@@ -28853,14 +31954,14 @@ done:
     return ret;
 }
 
-static int ed25519_test_make_cert(void)
+static wc_test_ret_t ed25519_test_make_cert(void)
 {
     WC_RNG       rng;
     Cert         cert;
     DecodedCert  decode;
     ed25519_key  key;
     ed25519_key* privKey = NULL;
-    int          ret = 0;
+    wc_test_ret_t ret = 0;
     byte*        tmp = NULL;
 
     wc_InitCert_ex(&cert, HEAP_HINT, devId);
@@ -28907,7 +32008,7 @@ static int ed25519_test_make_cert(void)
     if (ret < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
 
-    InitDecodedCert(&decode, tmp, ret, HEAP_HINT);
+    InitDecodedCert(&decode, tmp, (word32)ret, HEAP_HINT);
     ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
     FreeDecodedCert(&decode);
     if (ret != 0)
@@ -28924,9 +32025,9 @@ done:
 
 #if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_EXPORT) && \
     defined(HAVE_ED25519_KEY_IMPORT)
-static int ed25519ctx_test(void)
+static wc_test_ret_t ed25519ctx_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte   out[ED25519_SIG_SIZE];
     word32 outlen;
 #ifdef HAVE_ED25519_VERIFY
@@ -29024,9 +32125,9 @@ static int ed25519ctx_test(void)
     return ret;
 }
 
-static int ed25519ph_test(void)
+static wc_test_ret_t ed25519ph_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     byte   out[ED25519_SIG_SIZE];
     word32 outlen;
 #ifdef HAVE_ED25519_VERIFY
@@ -29166,9 +32267,9 @@ static int ed25519ph_test(void)
 }
 #endif /* HAVE_ED25519_SIGN && HAVE_ED25519_KEY_EXPORT && HAVE_ED25519_KEY_IMPORT */
 
-WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed25519_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     WC_RNG rng;
 #if defined(HAVE_ED25519_SIGN) && defined(HAVE_ED25519_KEY_EXPORT) &&\
     defined(HAVE_ED25519_KEY_IMPORT)
@@ -29586,8 +32687,10 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
 #if !defined(NO_ASN) && defined(HAVE_ED25519_SIGN)
     wc_ed25519_init_ex(&key3, HEAP_HINT, devId);
 #endif
+#ifdef HAVE_ED25519_MAKE_KEY
     wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key);
     wc_ed25519_make_key(&rng, ED25519_KEY_SIZE, &key2);
+#endif
 
     /* helper functions for signature and key size */
     keySz = wc_ed25519_size(&key);
@@ -29756,7 +32859,7 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
     ret = ed25519_test_cert();
     if (ret < 0)
         return ret;
-#ifdef WOLFSSL_CERT_GEN
+#if defined(WOLFSSL_CERT_GEN) && defined(HAVE_ED25519_MAKE_KEY)
     ret = ed25519_test_make_cert();
     if (ret < 0)
         return ret;
@@ -29774,7 +32877,7 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
  *
  * returns 0 on success and -ve on failure.
  */
-static int curve448_check_public_test(void)
+static wc_test_ret_t curve448_check_public_test(void)
 {
     /* Little-endian values that will fail */
     byte fail_le[][CURVE448_KEY_SIZE] = {
@@ -29829,7 +32932,7 @@ static int curve448_check_public_test(void)
         0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01
     };
     int i;
-    int ret;
+    wc_test_ret_t ret;
 
     /* Parameter checks */
     /* NULL pointer */
@@ -29890,10 +32993,10 @@ static int curve448_check_public_test(void)
 
 #endif /* HAVE_CURVE448_SHARED_SECRET && HAVE_CURVE448_KEY_IMPORT */
 
-WOLFSSL_TEST_SUBROUTINE int curve448_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t curve448_test(void)
 {
     WC_RNG  rng;
-    int ret;
+    wc_test_ret_t ret;
 #ifdef HAVE_CURVE448_SHARED_SECRET
     byte    sharedA[CURVE448_KEY_SIZE];
     byte    sharedB[CURVE448_KEY_SIZE];
@@ -30109,7 +33212,7 @@ WOLFSSL_TEST_SUBROUTINE int curve448_test(void)
 
 #ifdef HAVE_ED448
 #ifdef WOLFSSL_TEST_CERT
-static int ed448_test_cert(void)
+static wc_test_ret_t ed448_test_cert(void)
 {
     DecodedCert  cert[2];
     DecodedCert* serverCert = NULL;
@@ -30119,7 +33222,7 @@ static int ed448_test_cert(void)
     ed448_key* pubKey = NULL;
     int          verify;
 #endif /* HAVE_ED448_VERIFY */
-    int          ret;
+    wc_test_ret_t ret;
     byte*        tmp;
     size_t       bytes;
     XFILE        file;
@@ -30207,14 +33310,14 @@ done:
     return ret;
 }
 
-static int ed448_test_make_cert(void)
+static wc_test_ret_t ed448_test_make_cert(void)
 {
     WC_RNG       rng;
     Cert         cert;
     DecodedCert  decode;
     ed448_key  key;
     ed448_key* privKey = NULL;
-    int          ret = 0;
+    wc_test_ret_t ret = 0;
     byte*        tmp = NULL;
 
     wc_InitCert_ex(&cert, HEAP_HINT, devId);
@@ -30261,7 +33364,7 @@ static int ed448_test_make_cert(void)
     if (ret < 0)
         ERROR_OUT(WC_TEST_RET_ENC_EC(ret), done);
 
-    InitDecodedCert(&decode, tmp, ret, HEAP_HINT);
+    InitDecodedCert(&decode, tmp, (word32)ret, HEAP_HINT);
     ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
     FreeDecodedCert(&decode);
     if (ret != 0)
@@ -30278,9 +33381,9 @@ done:
 
 #if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_EXPORT) && \
     defined(HAVE_ED448_KEY_IMPORT)
-static int ed448_ctx_test(void)
+static wc_test_ret_t ed448_ctx_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte   out[ED448_SIG_SIZE];
     word32 outlen;
 #ifdef HAVE_ED448_VERIFY
@@ -30369,9 +33472,9 @@ static int ed448_ctx_test(void)
     return 0;
 }
 
-static int ed448ph_test(void)
+static wc_test_ret_t ed448ph_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte   out[ED448_SIG_SIZE];
     word32 outlen;
 #ifdef HAVE_ED448_VERIFY
@@ -30541,9 +33644,9 @@ static int ed448ph_test(void)
 }
 #endif /* HAVE_ED448_SIGN && HAVE_ED448_KEY_EXPORT && HAVE_ED448_KEY_IMPORT */
 
-WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t ed448_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     WC_RNG rng;
 #if defined(HAVE_ED448_SIGN) && defined(HAVE_ED448_KEY_EXPORT) &&\
     defined(HAVE_ED448_KEY_IMPORT)
@@ -31291,10 +34394,10 @@ WOLFSSL_TEST_SUBROUTINE int ed448_test(void)
 #ifdef WOLFSSL_HAVE_KYBER
 #ifdef WOLFSSL_WC_KYBER /* OQS and PQM4 do not support KATs */
 #ifdef WOLFSSL_KYBER512
-static int kyber512_kat(void)
+static wc_test_ret_t kyber512_kat(void)
 {
     KyberKey key;
-    int ret;
+    wc_test_ret_t ret;
     byte priv[KYBER512_PRIVATE_KEY_SIZE];
     byte pub[KYBER512_PUBLIC_KEY_SIZE];
     byte ct[KYBER512_CIPHER_TEXT_SIZE];
@@ -31777,10 +34880,10 @@ static int kyber512_kat(void)
 #endif /* WOLFSSL_KYBER512 */
 
 #ifdef WOLFSSL_KYBER768
-static int kyber768_kat(void)
+static wc_test_ret_t kyber768_kat(void)
 {
     KyberKey key;
-    int ret;
+    wc_test_ret_t ret;
     byte priv[KYBER768_PRIVATE_KEY_SIZE];
     byte pub[KYBER768_PUBLIC_KEY_SIZE];
     byte ct[KYBER768_CIPHER_TEXT_SIZE];
@@ -32448,10 +35551,10 @@ static int kyber768_kat(void)
 #endif /* WOLFSSL_KYBER768 */
 
 #ifdef WOLFSSL_KYBER1024
-static int kyber1024_kat(void)
+static wc_test_ret_t kyber1024_kat(void)
 {
     KyberKey key;
-    int ret;
+    wc_test_ret_t ret;
     byte priv[KYBER1024_PRIVATE_KEY_SIZE];
     byte pub[KYBER1024_PUBLIC_KEY_SIZE];
     byte ct[KYBER1024_CIPHER_TEXT_SIZE];
@@ -33322,9 +36425,9 @@ static int kyber1024_kat(void)
 #endif /* WOLFSSL_KYBER1024 */
 #endif /* WOLFSSL_WC_KYBER */
 
-WOLFSSL_TEST_SUBROUTINE int kyber_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t kyber_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     KyberKey key;
     WC_RNG rng;
     int i;
@@ -33443,15 +36546,1106 @@ WOLFSSL_TEST_SUBROUTINE int kyber_test(void)
 }
 #endif /* WOLFSSL_HAVE_KYBER */
 
+#if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)
+static enum wc_XmssRc xmss_write_key_mem(const byte * priv, word32 privSz,
+    void *context)
+{
+   /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! Production applications should
+    * write only to non-volatile storage. */
+    XMEMCPY(context, priv, privSz);
+    return WC_XMSS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static enum wc_XmssRc xmss_read_key_mem(byte * priv, word32 privSz,
+    void *context)
+{
+   /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! */
+    XMEMCPY(priv, context, privSz);
+    return WC_XMSS_RC_READ_TO_MEMORY;
+}
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test(void)
+{
+    int             i = 0;
+    int             j = 0;
+    int             ret = -1;
+    int             ret2 = -1;
+    XmssKey         signingKey;
+    XmssKey         verifyKey;
+    WC_RNG          rng;
+    word32          pkSz = 0;
+    word32          skSz = 0;
+    word32          sigSz = 0;
+    word32          bufSz = 0;
+    unsigned char * sk = NULL;
+    unsigned char * old_sk = NULL;
+    const char *    msg = "XMSS post quantum signature test";
+    word32          msgSz = (word32) XSTRLEN(msg);
+    const char *    param = "XMSSMT-SHA2_20/4_256";
+    byte *          sig = NULL;
+
+#ifndef HAVE_FIPS
+    ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+    ret = wc_InitRng(&rng);
+#endif
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_Init(&signingKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_Init(&verifyKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    /* Set the parameter string to the signing key, and
+     * get sizes for secret key, pub key, and signature. */
+    ret = wc_XmssKey_SetParamStr(&signingKey, param);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_GetPubLen(&signingKey, &pkSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (pkSz != XMSS_SHA256_PUBLEN) {
+        return WC_TEST_RET_ENC_EC(pkSz);
+    }
+
+    ret = wc_XmssKey_GetPrivLen(&signingKey, &skSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_GetSigLen(&signingKey, &sigSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    /* Allocate signature array. */
+    sig = (byte *)XMALLOC(sigSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sig == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+    bufSz = sigSz;
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+    fprintf(stderr, "param: %s\n", param);
+    fprintf(stderr, "pkSz:  %d\n", pkSz);
+    fprintf(stderr, "skSz:  %d\n", skSz);
+    fprintf(stderr, "sigSz: %d\n", sigSz);
+#endif
+
+    /* Allocate current and old secret keys.*/
+    sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (sk == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+    old_sk = (unsigned char *)XMALLOC(skSz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+    if (old_sk == NULL) { return WC_TEST_RET_ENC_ERRNO; }
+
+    XMEMSET(sk, 0, skSz);
+    XMEMSET(old_sk, 0, skSz);
+    XMEMSET(sig, 0, sigSz);
+
+    ret = wc_XmssKey_SetWriteCb(&signingKey, xmss_write_key_mem);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_SetReadCb(&signingKey, xmss_read_key_mem);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_SetContext(&signingKey, (void *) sk);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_MakeKey(&signingKey, &rng);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    /* Export the pub to a verify key. */
+    ret = wc_XmssKey_ExportPub(&verifyKey, &signingKey);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    /* Repeat a few times to check that:
+     *   1. The secret key is mutated on each sign.
+     *   2. We can verify each new signature.
+     * Only do a few times, because the full signature space
+     * for this parameter set is huge. */
+    for (i = 0; i < 10; ++i) {
+        XMEMCPY(old_sk, sk, skSz);
+
+        ret = wc_XmssKey_Sign(&signingKey, sig, &sigSz, (byte *) msg, msgSz);
+        if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+        if (sigSz != bufSz) { return WC_TEST_RET_ENC_I(i); }
+
+        /* Old secret key and current secret key should not match. */
+        ret = XMEMCMP(old_sk, sk, skSz);
+        if (ret == 0) { return WC_TEST_RET_ENC_I(i); }
+
+        ret = wc_XmssKey_Verify(&verifyKey, sig, sigSz, (byte *) msg, msgSz);
+        if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+        /* Flip bits in a few places throughout the signature, stepping in multiple
+         * of hash size. These should all fail with -1. */
+        for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+            sig[j] ^= 1;
+
+            ret2 = wc_XmssKey_Verify(&verifyKey, sig, sigSz, (byte *) msg,
+                                     msgSz);
+            if (ret2 != -1) {
+                /* Verify passed when it should have failed. */
+                return WC_TEST_RET_ENC_I(j);
+            }
+
+            /* Flip this spot back. */
+            sig[j] ^= 1;
+        }
+    }
+
+    /* Cleanup everything. */
+    if (sig != NULL) {
+        XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        sig = NULL;
+    }
+
+    if (sk != NULL) {
+        XFREE(sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        sk = NULL;
+    }
+
+    if (old_sk != NULL) {
+        XFREE(old_sk, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
+        old_sk = NULL;
+    }
+
+    wc_XmssKey_Free(&signingKey);
+    wc_FreeRng(&rng);
+
+    return ret;
+}
+#endif /*if defined(WOLFSSL_HAVE_XMSS) && !defined(WOLFSSL_XMSS_VERIFY_ONLY)*/
+
+#if defined(WOLFSSL_HAVE_XMSS) && defined(WOLFSSL_XMSS_VERIFY_ONLY) && \
+    !defined(WOLFSSL_SMALL_STACK)
+
+/* A simple xmss verify only test using:
+ *   XMSS-SHA2_10_256
+ *   pub len: 68
+ *   msg len: 32
+ *   sig len: 2500
+ *
+ * These were generated with the test xmss_fast, from the unpatched
+ * xmss-reference repository:
+ *   https://github.com/XMSS/xmss-reference
+ * */
+
+static byte xmss_pub[XMSS_SHA256_PUBLEN] =
+{
+    0x00,0x00,0x00,0x01,0xA5,0x41,0x31,0x96,
+    0x0A,0xF9,0xF3,0xB2,0x4B,0x2E,0x5B,0x3E,
+    0xCA,0x74,0xAD,0x6C,0xA5,0x89,0xAD,0x2C,
+    0x0E,0x96,0xB3,0x54,0xFB,0x5B,0x63,0x50,
+    0x96,0x81,0xE2,0x59,0x72,0x10,0x09,0x54,
+    0xBB,0x39,0xAC,0xEE,0x78,0xEF,0x95,0xEC,
+    0x01,0x1D,0xF0,0x36,0x68,0xE2,0xC4,0xA5,
+    0x2F,0x60,0x42,0x7E,0xD3,0x8E,0xAA,0x27,
+    0xC9,0xB7,0x39,0x4E
+};
+
+static byte xmss_msg[32] =
+{
+    0x07,0x9F,0x80,0x86,0xDB,0x76,0x27,0xDF,
+    0xED,0x5B,0x2A,0x81,0x60,0x60,0x7D,0xB4,
+    0xE8,0x7A,0x69,0x45,0x20,0x6B,0xA2,0x96,
+    0xC0,0x21,0xA5,0x46,0x29,0x63,0x9B,0x37
+};
+
+/* This was actually the 5th signature produced from
+ * xmss_fast test in xmss-reference. */
+static byte xmss_sig[2500] =
+{
+    0x00,0x00,0x00,0x05,0xF0,0x15,0x34,0xBA,
+    0x92,0x03,0x6A,0xB9,0xA5,0x23,0x86,0x11,
+    0xAE,0x65,0x0A,0x5C,0x78,0x2C,0xC9,0xBE,
+    0x7E,0xA6,0xDC,0xA2,0x8B,0xA9,0x9C,0x50,
+    0xF6,0x61,0x8D,0x9D,0xD7,0xE9,0xC0,0xF8,
+    0x67,0xCD,0x8A,0xC4,0x9B,0x74,0x96,0x07,
+    0x5D,0xF2,0xC9,0xCC,0x28,0x05,0xB1,0xBE,
+    0x5E,0xA4,0xBA,0xBE,0xAB,0xD8,0x21,0x6B,
+    0x21,0x5F,0xAB,0xB7,0x6C,0xEC,0x2F,0xC8,
+    0xC6,0x74,0x3E,0x97,0x1B,0xC3,0x45,0x57,
+    0xAF,0xAA,0x1E,0xA8,0xF2,0x86,0xA8,0xAA,
+    0x43,0x6D,0x66,0xE9,0x81,0x14,0xDE,0x09,
+    0x39,0xD2,0xAF,0xD1,0x4C,0xE7,0x75,0x18,
+    0x0D,0xAA,0x29,0xA1,0x92,0x53,0xCC,0xE9,
+    0xF3,0x0B,0x1E,0x3B,0xE2,0xAE,0x80,0x0C,
+    0xE7,0x7A,0x7C,0x13,0x8A,0x28,0xC6,0x5F,
+    0x0A,0xA4,0xA3,0x73,0x0A,0x3A,0xC2,0xA6,
+    0x3B,0xB4,0x30,0x67,0xC0,0x36,0x18,0xA1,
+    0x58,0xCD,0xAD,0x54,0x36,0x64,0xCE,0xFD,
+    0x52,0xFF,0x70,0x7E,0x09,0xFB,0x13,0xA2,
+    0xEA,0xDF,0x67,0x8D,0x6C,0x42,0xB2,0x78,
+    0xF5,0x7D,0x5C,0x4B,0xF7,0x8E,0xCF,0x3E,
+    0xB7,0xC6,0xC1,0x23,0xFA,0x65,0xDE,0xD2,
+    0xFA,0x40,0x51,0x97,0x0D,0x52,0x32,0x76,
+    0x7E,0x82,0x8D,0xD0,0xB9,0x1E,0x62,0xD9,
+    0x1E,0xC1,0xDB,0x40,0x43,0x37,0x4A,0x23,
+    0x8A,0x1D,0x35,0xFA,0xF4,0x53,0x11,0x5A,
+    0xB5,0x6D,0x1E,0x8B,0x22,0xC8,0x7D,0x2A,
+    0xE4,0x94,0xAA,0x25,0x20,0x40,0x96,0xDB,
+    0x82,0x62,0xBA,0x8F,0x8B,0x45,0xCB,0x4F,
+    0x35,0x88,0x33,0xEB,0xEF,0xB3,0xBA,0xA7,
+    0x09,0x72,0xB3,0x4C,0xEC,0xF2,0xC3,0xC7,
+    0x5E,0x02,0x6C,0x41,0x93,0xCB,0x3C,0x89,
+    0x12,0x09,0x68,0x54,0x8E,0xEC,0x6A,0x7E,
+    0x20,0xE1,0x70,0x3D,0x8C,0xEB,0xB4,0x36,
+    0xBE,0x91,0xBE,0x97,0xB5,0xA6,0x34,0x16,
+    0x95,0x0F,0x10,0x26,0xA9,0x13,0x80,0x88,
+    0x9C,0xAA,0x68,0xEC,0x34,0x70,0x4A,0x15,
+    0x9B,0x5E,0x57,0x05,0x87,0x1C,0xF8,0x35,
+    0x45,0x29,0xE9,0x6E,0xF2,0x70,0x13,0x42,
+    0x89,0x4E,0x77,0xC0,0x18,0xC7,0x55,0x6D,
+    0xE7,0xFA,0x0D,0x63,0x83,0x16,0x19,0x01,
+    0x2D,0xFD,0x31,0x14,0x94,0xCA,0x3E,0x0E,
+    0xD6,0x11,0x34,0x81,0x57,0x58,0xEC,0x24,
+    0xA4,0x17,0x63,0xD3,0x25,0x00,0xBF,0x7D,
+    0x78,0x5D,0xC5,0xD8,0xC6,0xC1,0xBD,0x8C,
+    0xD0,0x94,0x0A,0xB1,0x33,0xA5,0x4B,0x31,
+    0x25,0xF5,0xAF,0xE7,0x84,0x26,0xAA,0x05,
+    0xBB,0xF3,0x9A,0xAF,0x58,0x36,0x40,0xEF,
+    0x3D,0xA2,0xBD,0xCA,0xA1,0x8D,0x2F,0x6D,
+    0x54,0xD2,0x62,0x33,0x09,0xAE,0xE6,0x73,
+    0xD6,0x44,0xE8,0x7C,0x5C,0x39,0x2B,0x78,
+    0x94,0x14,0xC7,0xC9,0xAF,0xEC,0x77,0x36,
+    0xA1,0x61,0x61,0xF1,0xD0,0x09,0xA2,0xEE,
+    0xE7,0x55,0xD7,0x35,0x89,0x89,0x9B,0xCF,
+    0xFA,0xA6,0x09,0x1E,0x3B,0xBD,0x5D,0xD9,
+    0x25,0xE7,0xED,0xDD,0x7C,0xF0,0x1C,0x57,
+    0xE0,0x06,0xBB,0x08,0x39,0x59,0xDF,0xD7,
+    0xAF,0x4B,0x88,0x0D,0x87,0x8F,0x4A,0xF3,
+    0x1C,0xD4,0x4B,0xB3,0xE2,0xF3,0x1B,0x86,
+    0x4F,0xCD,0x35,0x75,0xE2,0x03,0xF9,0x1D,
+    0xBF,0x3E,0xD1,0x7B,0xC7,0x23,0x11,0x75,
+    0x5F,0x92,0x0D,0x98,0xEE,0x14,0xE1,0xDA,
+    0x7A,0x02,0x17,0x47,0x6B,0x41,0xEA,0x47,
+    0xA1,0xAF,0x06,0x79,0x1A,0x52,0x6F,0x19,
+    0x31,0x70,0x71,0xBD,0xC2,0x61,0x8D,0xB7,
+    0xEE,0x6B,0x69,0x2A,0xE8,0x21,0x7A,0x95,
+    0xBE,0x86,0x2A,0xA1,0xF4,0xE2,0x2F,0x17,
+    0x02,0xFD,0xAD,0x17,0x9F,0x0A,0x0A,0x78,
+    0xA9,0x92,0x30,0x21,0x72,0x2B,0x28,0xF8,
+    0xF2,0x3E,0x05,0xD5,0xAC,0xC0,0x82,0xF8,
+    0xD2,0xDA,0xD0,0xA3,0xBC,0x93,0xDB,0xA5,
+    0x46,0xDE,0x14,0x1E,0xD4,0x3A,0x5D,0x79,
+    0x3D,0x31,0x4B,0x06,0xCE,0x22,0x29,0x3C,
+    0x98,0xB6,0x18,0x8A,0xAE,0xF7,0xBA,0x22,
+    0x88,0xA1,0xEE,0xC0,0x14,0x4C,0x4A,0xA0,
+    0x57,0x0A,0xD3,0x18,0xA2,0x3D,0xDD,0xC7,
+    0x83,0x73,0xFC,0x38,0x9B,0x31,0xA3,0xE1,
+    0x17,0x76,0xA1,0xA2,0x69,0xFC,0xAB,0x08,
+    0x80,0x72,0x8D,0xF5,0xE4,0x14,0xB7,0x6B,
+    0x03,0xFF,0xE8,0x11,0x4B,0x06,0x55,0x7E,
+    0x36,0x21,0x2F,0xD7,0x54,0x82,0xC9,0x31,
+    0xB4,0x85,0x68,0x41,0xEF,0x75,0xB0,0x3A,
+    0xEA,0x4F,0xE0,0xEC,0x72,0xCC,0x33,0x96,
+    0xCE,0x7D,0xAD,0xDD,0x0D,0x27,0x05,0x6E,
+    0xA2,0xD4,0x11,0x07,0xD8,0x7D,0x27,0xD4,
+    0x80,0x8F,0x00,0x22,0xE4,0xFC,0x2C,0x9D,
+    0xD5,0xD8,0x18,0x7F,0x4E,0xF4,0xB9,0x7F,
+    0xEF,0xD6,0x00,0x08,0x5C,0x05,0x04,0x1E,
+    0x9A,0xC6,0x8D,0xCC,0x19,0xD9,0x0B,0x06,
+    0xCC,0x6A,0x17,0xE2,0x03,0x23,0xDB,0x1C,
+    0xBC,0xA2,0xB9,0xA2,0x95,0x3C,0x73,0xD8,
+    0xFF,0xE6,0x0E,0xAE,0x04,0xB2,0xFC,0x91,
+    0x4F,0xEF,0x8A,0x58,0xB7,0x31,0x68,0x4C,
+    0x1E,0xD0,0x5B,0x85,0xCC,0x03,0xDC,0xF4,
+    0xAC,0xDB,0x03,0x9B,0x35,0x33,0x08,0x71,
+    0xD0,0x50,0x8D,0xDC,0xE3,0x3A,0x98,0x40,
+    0x41,0x80,0xDD,0x35,0xE1,0xA2,0xAF,0x14,
+    0x9A,0xDB,0xD3,0x68,0x14,0xE2,0x50,0x7A,
+    0x76,0x3F,0xE4,0xA4,0x1B,0xAA,0xC1,0x06,
+    0x87,0x9A,0x92,0xF9,0xBE,0x9E,0x86,0x8C,
+    0x92,0x1D,0x74,0xB1,0x7F,0x27,0x43,0xC0,
+    0xEE,0x2E,0xC2,0x6C,0x6D,0xAA,0x0C,0x0E,
+    0x71,0xC9,0x56,0xD6,0x3A,0x56,0xCB,0x90,
+    0xD1,0x7E,0x6E,0x1C,0x6A,0x00,0x2D,0x02,
+    0x2C,0x96,0xF0,0x2A,0x37,0x37,0x18,0x07,
+    0x0B,0xF4,0xB4,0x8C,0x30,0xF2,0xA4,0xAB,
+    0x66,0xFB,0x8B,0x22,0xC0,0x00,0x7E,0x05,
+    0xB6,0xF9,0x95,0x49,0x33,0xA1,0xDC,0x97,
+    0x0C,0x5C,0x61,0x46,0xE2,0xD7,0x87,0x4B,
+    0xC4,0xC7,0x5F,0x26,0x06,0x84,0xD7,0x47,
+    0x05,0xF1,0x33,0xFF,0x85,0x85,0xB2,0xBD,
+    0x1F,0x44,0xC6,0xC2,0x7D,0x51,0xBE,0x0E,
+    0xB5,0xC4,0x44,0x2F,0xFE,0x73,0x5F,0xF4,
+    0xA4,0xEF,0xE2,0xF1,0x73,0x0B,0xEF,0x3E,
+    0x2B,0xD7,0xCC,0x9F,0xDA,0x1A,0x7E,0x92,
+    0x39,0xA1,0x55,0xBF,0x60,0x0A,0xDB,0x23,
+    0x74,0xFE,0xE7,0x05,0x63,0xA9,0x85,0x52,
+    0x9F,0xCC,0xC3,0xFF,0xF6,0x6C,0x1B,0x4E,
+    0x4F,0x01,0xBD,0xC3,0xEB,0x37,0xEC,0x29,
+    0x21,0x3B,0x2C,0xC9,0x2E,0x93,0x20,0x3E,
+    0x19,0xC0,0x8B,0xE8,0x33,0xCD,0xC6,0x6A,
+    0x6E,0x72,0x13,0x15,0xA1,0x90,0x20,0x0C,
+    0x14,0x66,0xED,0xCC,0xA4,0xDD,0x7F,0x58,
+    0x53,0xBC,0x4A,0x68,0xFC,0x86,0x3E,0xAA,
+    0xF1,0x17,0x0F,0x3E,0x20,0x54,0x93,0xF4,
+    0x98,0xBF,0xB4,0x07,0x05,0xBD,0x70,0xE7,
+    0xD7,0x34,0xFD,0xE3,0x69,0xDF,0xCD,0xF5,
+    0x1A,0x73,0x6E,0xC9,0x2B,0x21,0xFB,0xB8,
+    0x7E,0x44,0x10,0x83,0x56,0xCE,0xD5,0x15,
+    0x9A,0x75,0xFC,0x91,0x8E,0x6B,0x9E,0x1A,
+    0x3A,0x33,0x39,0x35,0xB4,0x0D,0x74,0xF4,
+    0xFB,0x4C,0x0E,0x37,0xFE,0x82,0x95,0x46,
+    0x6B,0xD2,0x6E,0xEE,0xCD,0x4D,0x38,0xAF,
+    0x0A,0xAA,0xF1,0xD5,0xA4,0x7C,0x04,0xD8,
+    0xB9,0xDB,0x11,0x68,0x88,0x35,0x41,0xDE,
+    0x31,0x33,0x0C,0xDC,0x2D,0x4C,0xA8,0x20,
+    0xCC,0x2C,0x4C,0x63,0xAB,0xBA,0xDF,0x48,
+    0x84,0xD5,0x25,0xBC,0x70,0xE3,0x49,0xAA,
+    0x43,0xCA,0x8B,0xE7,0x9F,0xDD,0x20,0x76,
+    0x9B,0x38,0xF4,0xBA,0x4D,0x4E,0x34,0x4A,
+    0xAF,0x81,0xE7,0x0B,0xEC,0xE9,0x59,0xC1,
+    0x35,0x22,0x7F,0x69,0x46,0x62,0xD2,0x18,
+    0x6E,0x1F,0x79,0xD1,0xAD,0xC3,0x84,0x95,
+    0x96,0xB2,0x18,0x58,0x5E,0x7E,0x0C,0x25,
+    0x0A,0x0F,0x69,0xA3,0x1D,0xEC,0x29,0xCB,
+    0xDA,0xA2,0xD1,0x1A,0x10,0xA5,0x52,0xC3,
+    0x62,0x1E,0xC5,0x83,0xFF,0xA3,0x56,0xC2,
+    0xFD,0x87,0x3B,0x57,0x52,0x98,0x36,0x95,
+    0x77,0x6B,0xE5,0x49,0x10,0x8E,0x39,0xDD,
+    0xCA,0x4B,0xB3,0x9F,0x4C,0x0C,0x11,0x62,
+    0xF3,0x22,0x78,0xDB,0x48,0xEB,0x68,0xFE,
+    0xE4,0x2A,0xE9,0xAA,0x8F,0x7A,0x2F,0x69,
+    0xA5,0xC5,0x03,0x2D,0xEF,0x62,0xA8,0x71,
+    0x65,0x06,0x40,0x84,0x10,0x0F,0xF2,0xED,
+    0xBC,0x70,0x71,0x69,0x24,0xA2,0xBF,0x83,
+    0x39,0xDD,0xFA,0xA2,0x7B,0xE5,0xEC,0x3D,
+    0xFE,0x3B,0x52,0x6E,0x3D,0x82,0xA6,0x2A,
+    0x86,0x01,0x61,0x51,0x63,0xBF,0xF9,0x0A,
+    0x06,0x72,0xF1,0xD5,0x39,0x0C,0xBA,0xC9,
+    0x78,0xC6,0x77,0x22,0xE4,0x96,0x6E,0xB1,
+    0x48,0x62,0x84,0x62,0x2D,0xEA,0x49,0x56,
+    0x50,0x86,0x3F,0x90,0xC3,0x01,0x42,0x45,
+    0xED,0xE6,0x9A,0x65,0x19,0x93,0x7F,0x48,
+    0x16,0xF2,0x50,0xA7,0x70,0xB3,0xF5,0xDB,
+    0x0E,0x5E,0x22,0x9E,0x64,0x04,0x26,0x69,
+    0xC1,0x16,0xEE,0x65,0x08,0x82,0x27,0x65,
+    0xEC,0x3D,0xDF,0x51,0x5E,0x2D,0xE8,0x76,
+    0xF2,0xE3,0xE4,0x24,0x04,0x88,0x06,0x0F,
+    0xB2,0x7B,0x9B,0x72,0x3D,0x4C,0x7D,0x6A,
+    0x1F,0xB2,0xA2,0xD2,0x35,0xD6,0x40,0x25,
+    0xC2,0x0B,0x25,0xF9,0xDF,0x26,0xE4,0xDC,
+    0xFB,0xB1,0x84,0x84,0x77,0x1B,0x45,0x51,
+    0x60,0xD5,0xF0,0xB6,0x09,0xE6,0xBC,0xE3,
+    0x1C,0x70,0x96,0x2C,0xD3,0x9D,0x7D,0x7F,
+    0xB1,0x70,0xDA,0x79,0xB8,0x74,0x99,0xBF,
+    0x84,0x95,0xCC,0x93,0xD7,0x51,0xDD,0x66,
+    0xD3,0x70,0x0C,0x75,0x86,0x09,0x06,0xFD,
+    0x66,0x14,0x80,0xCD,0xF3,0x59,0xB4,0x92,
+    0x5F,0xE4,0xEE,0x00,0xA8,0xB0,0x8B,0x5C,
+    0x3E,0xDB,0x8A,0x9C,0x0B,0xB5,0x99,0xC2,
+    0x0D,0x81,0x09,0x06,0x6C,0x28,0xC0,0x7E,
+    0xA5,0x07,0x70,0x64,0xD7,0x41,0xF4,0xC3,
+    0x66,0x61,0x1C,0xA8,0x51,0xF6,0x3C,0xBA,
+    0xE0,0x94,0xA3,0x11,0x8C,0x2E,0xBA,0x13,
+    0xB2,0x47,0x48,0x93,0xB4,0x1A,0x2C,0x9A,
+    0x6E,0x8E,0x30,0x66,0x7B,0xD3,0xBB,0x3B,
+    0x5D,0x97,0x0D,0xE4,0xEA,0x24,0x28,0x9E,
+    0xB4,0x88,0xCE,0x1D,0x7D,0x6F,0x39,0xB3,
+    0x87,0x21,0xE5,0x08,0x93,0xF0,0xD4,0x9D,
+    0x2D,0x91,0xC9,0xFD,0x0C,0x74,0x34,0xB4,
+    0x1F,0xFE,0xDA,0xDC,0x10,0x5B,0x8D,0x2B,
+    0x87,0xD3,0x42,0xB4,0xAE,0x32,0x9C,0xAE,
+    0x4C,0x99,0xD8,0xED,0x44,0x41,0x07,0xE0,
+    0x8F,0xBD,0xA5,0x7C,0x5A,0xDF,0x91,0x29,
+    0x00,0xB5,0x4B,0xC3,0x3A,0x40,0x6C,0x48,
+    0xAB,0x2A,0xF3,0x02,0xCB,0xB3,0x69,0xDA,
+    0x06,0x0C,0x4D,0x5C,0x45,0xC3,0x28,0xAC,
+    0x7A,0x01,0xD4,0xF8,0xCB,0x07,0x63,0x89,
+    0x09,0x34,0x78,0xA7,0x14,0x39,0xCF,0x2D,
+    0x94,0x8D,0x7A,0x4E,0x4E,0xBD,0xC4,0x32,
+    0xAB,0x21,0xC9,0xDA,0x3F,0x5F,0x04,0x6B,
+    0x14,0x40,0x18,0x18,0x2F,0xF9,0x46,0x17,
+    0x57,0x54,0x9B,0x28,0x7B,0xBD,0xF9,0xA2,
+    0x13,0xAC,0x69,0x24,0xB1,0x31,0x39,0xBF,
+    0x8D,0x75,0xC3,0xFD,0x03,0x54,0x5A,0xFD,
+    0xD4,0x7A,0xB7,0x56,0x4F,0x66,0x43,0x57,
+    0x1B,0xFB,0xF9,0x92,0x7A,0x83,0xE6,0xFF,
+    0xB4,0xBA,0x83,0xD2,0x61,0x8E,0x4A,0x82,
+    0x82,0xA8,0xF5,0x0C,0xD2,0x43,0x53,0xA8,
+    0x85,0x0A,0xD4,0x69,0x7B,0x04,0x71,0x3B,
+    0x80,0x49,0x27,0x47,0x12,0xB6,0xB0,0xEA,
+    0x90,0x0A,0xFA,0xA8,0xC8,0x78,0x61,0xDE,
+    0x30,0x12,0xBB,0xDC,0xA6,0x57,0x56,0x30,
+    0x6E,0xF1,0xA8,0x3B,0xF6,0x09,0x07,0xEA,
+    0x31,0xE2,0x08,0x23,0x31,0x0F,0xD4,0x34,
+    0xE3,0x60,0xC2,0x2B,0xDB,0x5A,0x99,0xCF,
+    0xD4,0x6B,0x4E,0x75,0x65,0x35,0xE8,0x8B,
+    0x93,0x7D,0xCA,0x11,0x47,0xF0,0x3E,0x11,
+    0x5C,0xD1,0xEE,0x4B,0x11,0xB4,0x65,0x2B,
+    0x6B,0x79,0xC0,0x86,0x60,0xA4,0x4B,0x24,
+    0xA0,0x5C,0x70,0x34,0xC3,0x7C,0xE7,0x4F,
+    0x97,0x89,0x4D,0xFE,0x22,0x89,0x3A,0xE9,
+    0x07,0xB9,0x1A,0x86,0xB8,0x7A,0x12,0x38,
+    0xE1,0x24,0x46,0xBC,0x9B,0x21,0xCD,0xAC,
+    0x30,0xAB,0x98,0x21,0x31,0xC5,0x17,0x3F,
+    0x1E,0x56,0xC3,0x18,0xCE,0xF0,0xA1,0xCC,
+    0xFF,0x9D,0xA8,0x53,0xAF,0x74,0x77,0x54,
+    0x02,0x9A,0x8F,0xA4,0xD4,0xBD,0xB2,0x1A,
+    0xBA,0x52,0x2E,0x19,0xBE,0x49,0x11,0x45,
+    0x02,0x01,0x7A,0xBF,0x28,0xD6,0x18,0xED,
+    0xBD,0xCE,0xE4,0xDE,0xB5,0xF1,0x53,0x5D,
+    0x65,0xF9,0x5F,0x83,0x8F,0x2D,0xF2,0x82,
+    0xA0,0x2D,0x28,0xD3,0x0A,0x9E,0x0F,0x7F,
+    0xC7,0xC4,0x43,0x7F,0xC3,0x0E,0x06,0xEB,
+    0x4E,0xB4,0x2D,0xFA,0xDD,0x48,0xAB,0xF4,
+    0x7D,0x41,0x48,0x33,0x5A,0xE6,0x70,0x02,
+    0xE7,0x71,0x8D,0xD9,0x6B,0x0C,0x5A,0x8F,
+    0xA4,0xC1,0xB7,0x4E,0x96,0x83,0xD6,0xA7,
+    0x1D,0xF1,0x88,0xB3,0x6E,0xF4,0x12,0xA9,
+    0xF6,0x31,0x69,0x66,0xFE,0xFE,0x02,0xF2,
+    0x86,0x6D,0xBB,0x57,0x51,0x8C,0x4C,0xE9,
+    0x7C,0x92,0x3E,0x3A,0xD3,0x2D,0xA8,0x82,
+    0x53,0x84,0x26,0x89,0xBB,0xCC,0x13,0x12,
+    0x3D,0x94,0xBB,0xDF,0x3D,0x4C,0xDF,0x27,
+    0x9B,0x1F,0xB8,0xB6,0xE4,0xEA,0xA2,0x07,
+    0xF8,0x4D,0x42,0x8F,0x29,0x90,0xFE,0x21,
+    0x20,0xE9,0x55,0x02,0xAD,0x90,0xA7,0x77,
+    0x4E,0x29,0xB6,0xD9,0x14,0x94,0xB2,0x25,
+    0xA4,0xB2,0x0E,0x96,0x31,0xAB,0x9E,0x93,
+    0x49,0xAC,0xA9,0xCB,0x68,0x22,0xBA,0xB8,
+    0x57,0x5C,0x9D,0x65,0xC1,0xF1,0xFC,0x99,
+    0x7C,0x3C,0xE9,0xEA,0x4B,0x29,0x22,0x2F,
+    0xDB,0x17,0x21,0x8D,0xB0,0x13,0xBF,0xEE,
+    0x7D,0xE4,0x8B,0x6D,0x17,0xE0,0x53,0x92,
+    0x0B,0x32,0x6B,0xB1,0x65,0x2E,0xA7,0x83,
+    0xFD,0x62,0x62,0xE3,0xAA,0x81,0xE8,0xD6,
+    0xF7,0xB1,0x30,0x65,0x80,0x9F,0x77,0x1E,
+    0x4A,0xEA,0xE8,0x45,0x32,0x12,0x3A,0xFB,
+    0x22,0xE9,0xA9,0xF6,0xCB,0xAB,0xA8,0x0C,
+    0x20,0xA8,0x7C,0xF9,0xF7,0x53,0xC1,0xB4,
+    0xC0,0x5D,0x06,0x45,0xDD,0x7E,0xA7,0x34,
+    0xA1,0x21,0xC2,0x62,0xAB,0x22,0x45,0x3D,
+    0x73,0x4C,0x26,0xD1,0x1A,0xB2,0xF0,0xB2,
+    0x6D,0x11,0x70,0x58,0xAA,0xF5,0xA4,0xF5,
+    0xF8,0x0B,0x3D,0xC1,0xF6,0x17,0x70,0x15,
+    0xCD,0x72,0x02,0x7E,0x4E,0x94,0x96,0x0A,
+    0x56,0xCC,0xA5,0xA3,0xB3,0x7E,0xDD,0x5A,
+    0x72,0xD2,0xFB,0xAC,0x3D,0x0E,0x66,0x65,
+    0xE9,0x08,0x6C,0xB0,0x1C,0xE2,0x1A,0x82,
+    0xF6,0xF3,0x34,0x89,0x73,0x02,0x5B,0x42,
+    0x6D,0x40,0x61,0xB6,0xE0,0xE6,0x53,0x32,
+    0xA5,0x72,0x17,0x4F,0x3B,0x51,0x4F,0xBC,
+    0x00,0xE0,0x69,0x26,0xA9,0xAE,0x83,0xE3,
+    0x73,0x7F,0x71,0x97,0xE0,0xDC,0x7C,0x63,
+    0x9C,0x85,0x5F,0xDF,0x7D,0xE4,0x6C,0xD8,
+    0xA9,0x3A,0x6F,0x5E,0x4A,0x2E,0xB0,0xE7,
+    0x8B,0x45,0xE2,0x90,0x05,0x37,0xE8,0xAB,
+    0x49,0x48,0x4C,0xC0,0x59,0x1D,0x8C,0x46,
+    0x5B,0x84,0xE0,0x83,0xCE,0xEA,0x4B,0xF9,
+    0xD4,0xDC,0x63,0xDF,0x79,0xB7,0x5C,0x11,
+    0x25,0x7F,0x90,0x2E,0x0A,0x38,0x03,0xEA,
+    0xEA,0xA1,0x26,0x52,0x20,0x19,0xA3,0xBE,
+    0xFC,0x9D,0xB7,0x6E,0xA6,0x58,0x8E,0x6D,
+    0xC5,0x58,0xE9,0xED,0x2F,0x55,0x43,0x8B,
+    0x03,0x8B,0xE6,0xA4,0xC2,0x25,0x4B,0x36,
+    0xBA,0xD3,0x27,0x48,0x40,0x2E,0x87,0xA2,
+    0xD4,0x12,0xC6,0x05,0x36,0x03,0x11,0x51,
+    0xD1,0xF2,0xAC,0x71,0x2C,0xB6,0xC3,0xA5,
+    0x57,0x0F,0xAF,0x4B,0xBD,0xCD,0x47,0x4C,
+    0x3A,0x52,0x6F,0x47,0xE7,0x0B,0xB7,0xD5,
+    0xF7,0xA6,0x39,0x63,0x82,0x08,0x4C,0x41,
+    0x0E,0x2A,0x52,0x42,0x5A,0xEA,0x59,0xC7,
+    0x94,0xFB,0xD0,0x88,0x47,0x27,0xF6,0x97,
+    0x03,0x9E,0x29,0xB8,0x3A,0x67,0xE6,0xF3,
+    0x95,0xA7,0x42,0xC1,0x96,0xD1,0x9A,0xA6,
+    0xF0,0x09,0x0C,0xEA,0xE0,0xAB,0x0F,0x15,
+    0xE9,0xC3,0xEB,0xA5,0x89,0x86,0x98,0x32,
+    0x83,0xAB,0x30,0x33,0xAE,0x90,0x8D,0x2E,
+    0xB3,0xAA,0x91,0xA6,0xD9,0xA4,0x4A,0x54,
+    0xE0,0xD3,0x08,0xCC,0x79,0xCE,0xE4,0x15,
+    0x31,0xA6,0xCE,0x61,0xCF,0x03,0x06,0xEE,
+    0x8E,0xE2,0x64,0x29,0xD1,0x54,0x9B,0xD0,
+    0x5F,0x09,0x2B,0x8B,0xD5,0xF8,0xD4,0x7D,
+    0xF1,0x97,0x32,0xD9,0xEA,0x5A,0x0E,0x10,
+    0x8C,0x4D,0xFB,0x55,0xE6,0x27,0x0C,0xBA,
+    0xC1,0x73,0xC1,0x73,0xE3,0x1C,0x09,0xB3,
+    0x6F,0xB4,0x12,0xFA,0xF3,0x29,0xDC,0x23,
+    0x32,0xED,0x80,0x87,0x83,0xC2,0xF6,0x07,
+    0xB5,0xA9,0x22,0xDE,0x66,0x1A,0xA7,0x4A,
+    0x86,0xF1,0x39,0x9B,0xF4,0xE7,0x50,0x15,
+    0x4A,0x55,0x3C,0x93,0xB9,0xF9,0xFD,0xDC,
+    0xB3,0x5D,0x73,0x52
+};
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t xmss_test_verify_only(void)
+{
+    int          ret = -1;
+    int          ret2 = -1;
+    int          j = 0;
+    XmssKey      verifyKey;
+    word32       pkSz = 0;
+    word32       sigSz = 0;
+    const char * param = "XMSS-SHA2_10_256";
+
+    ret = wc_XmssKey_Init(&verifyKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_SetParamStr(&verifyKey, param);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_GetPubLen(&verifyKey, &pkSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (pkSz != XMSS_SHA256_PUBLEN) {
+        return WC_TEST_RET_ENC_EC(pkSz);
+    }
+
+    ret = wc_XmssKey_GetSigLen(&verifyKey, &sigSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+#if defined(DEBUG_WOLFSSL) || defined(WOLFSSL_DEBUG_NONBLOCK)
+    fprintf(stderr, "param: %s\n", param);
+    fprintf(stderr, "pkSz:  %d\n", pkSz);
+    fprintf(stderr, "sigSz: %d\n", sigSz);
+#endif
+
+    if (sigSz != sizeof(xmss_sig)) {
+        return WC_TEST_RET_ENC_EC(sigSz);
+    }
+
+    ret = wc_XmssKey_ImportPubRaw(&verifyKey, xmss_pub, XMSS_SHA256_PUBLEN);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+                            (byte *) xmss_msg, sizeof(xmss_msg));
+    if (ret != 0) {
+        printf("error: wc_XmssKey_Verify returned %d, expected 0\n", ret);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip bits in message. This should fail. */
+    xmss_msg[sizeof(xmss_msg) / 2] ^= 1;
+    ret2 = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+                             (byte *) xmss_msg, sizeof(xmss_msg));
+    if (ret2 != -1) {
+        printf("error: wc_XmssKey_Verify returned %d, expected -1\n", ret2);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip it back. This should pass again. */
+    xmss_msg[sizeof(xmss_msg) / 2] ^= 1;
+    ret = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+                            (byte *) xmss_msg, sizeof(xmss_msg));
+    if (ret != 0) {
+        printf("error: wc_XmssKey_Verify returned %d, expected 0\n", ret);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip bits in a few places throughout the signature, stepping in multiple
+     * of hash size. These should all fail with -1. */
+    for (j = 0; j < (int) sizeof(xmss_sig); j+= 4 * 32) {
+        xmss_sig[j] ^= 1;
+
+        ret2 = wc_XmssKey_Verify(&verifyKey, xmss_sig, sizeof(xmss_sig),
+                                 (byte *) xmss_msg, sizeof(xmss_msg));
+        if (ret2 != -1) {
+            /* Verify passed when it should have failed. */
+            return WC_TEST_RET_ENC_I(j);
+        }
+
+        /* Flip this spot back. */
+        xmss_sig[j] ^= 1;
+    }
+
+    /* Cleanup everything. */
+    wc_XmssKey_Free(&verifyKey);
+
+    return ret;
+}
+#endif /* if defined(WOLFSSL_HAVE_XMSS) && defined(WOLFSSL_XMSS_VERIFY_ONLY) &&
+        *    !defined(WOLFSSL_SMALL_STACK) */
+
+
+#if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY)
+static int lms_write_key_mem(const byte * priv, word32 privSz, void *context)
+{
+   /* WARNING: THIS IS AN INSECURE WRITE CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! Production applications should
+    * write only to non-volatile storage. */
+    XMEMCPY(context, priv, privSz);
+    return WC_LMS_RC_SAVED_TO_NV_MEMORY;
+}
+
+static int lms_read_key_mem(byte * priv, word32 privSz, void *context)
+{
+   /* WARNING: THIS IS AN INSECURE READ CALLBACK THAT SHOULD ONLY
+    * BE USED FOR TESTING PURPOSES! */
+    XMEMCPY(priv, context, privSz);
+    return WC_LMS_RC_READ_TO_MEMORY;
+}
+
+/* LMS signature sizes are a function of their parameters. This
+ * test has a signature of 8688 bytes. */
+#define WC_TEST_LMS_SIG_LEN (8688)
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test(void)
+{
+    int           i = 0;
+    int           j = 0;
+    int           ret = -1;
+    int           ret2 = -1;
+    int           sigsLeft = 0;
+    LmsKey        signingKey;
+    LmsKey        verifyKey;
+    WC_RNG        rng;
+    word32        sigSz = 0;
+    const char *  msg = "LMS HSS post quantum signature test";
+    word32        msgSz = (word32) XSTRLEN(msg);
+    unsigned char priv[HSS_MAX_PRIVATE_KEY_LEN];
+    unsigned char old_priv[HSS_MAX_PRIVATE_KEY_LEN];
+#if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
+    byte *        sig = XMALLOC(WC_TEST_LMS_SIG_LEN, HEAP_HINT,
+                                DYNAMIC_TYPE_TMP_BUFFER);
+    if (sig == NULL) {
+        return WC_TEST_RET_ENC_ERRNO;
+    }
+#else
+    byte          sig[WC_TEST_LMS_SIG_LEN];
+#endif
+
+    XMEMSET(priv, 0, sizeof(priv));
+    XMEMSET(old_priv, 0, sizeof(old_priv));
+    XMEMSET(sig, 0, WC_TEST_LMS_SIG_LEN);
+
+#ifndef HAVE_FIPS
+    ret = wc_InitRng_ex(&rng, HEAP_HINT, INVALID_DEVID);
+#else
+    ret = wc_InitRng(&rng);
+#endif
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+   /* This test:
+    * levels: 1
+    * height: 5
+    * winternitz: 1
+    *
+    * max sigs: 2 ** (1 * 5) = 32
+    * signature length: 8688
+    */
+
+    ret = wc_LmsKey_Init(&signingKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_Init(&verifyKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_SetParameters(&signingKey, 1, 5, 1);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_SetWriteCb(&signingKey, lms_write_key_mem);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_SetReadCb(&signingKey, lms_read_key_mem);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_SetContext(&signingKey, (void *) priv);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_MakeKey(&signingKey, &rng);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    XMEMCPY(old_priv, priv, sizeof(priv));
+
+    ret = wc_LmsKey_ExportPub(&verifyKey, &signingKey);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_GetSigLen(&verifyKey, &sigSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (sigSz != WC_TEST_LMS_SIG_LEN) {
+        printf("error: got %d, expected %d\n", sigSz, WC_TEST_LMS_SIG_LEN);
+        return WC_TEST_RET_ENC_EC(sigSz);
+    }
+
+    /* 2 ** 5 should be the max number of signatures */
+    for (i = 0; i < 32; ++i) {
+        /* We should have remaining signstures. */
+        sigsLeft = wc_LmsKey_SigsLeft(&signingKey);
+        if (sigsLeft == 0) {
+            return WC_TEST_RET_ENC_EC(sigsLeft);
+        }
+
+        /* Sign with key. The private key will be updated on every signature. */
+        ret = wc_LmsKey_Sign(&signingKey, sig, &sigSz, (byte *) msg, msgSz);
+        if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+        /* The updated private key should not match the old one. */
+        if (XMEMCMP(old_priv, priv, sizeof(priv)) == 0) {
+            printf("error: current priv key should not match old: %d\n", i);
+            return WC_TEST_RET_ENC_I(i);
+        }
+
+        XMEMCPY(old_priv, priv, sizeof(priv));
+
+        ret = wc_LmsKey_Verify(&verifyKey, sig, sigSz, (byte *) msg, msgSz);
+        if (ret != 0) { return WC_TEST_RET_ENC_I(i); }
+
+        /* Flip bits in a few places throughout the signature, stepping in multiple
+         * of hash size. These should all fail with -1. */
+        for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+            sig[j] ^= 1;
+
+            ret2 = wc_LmsKey_Verify(&verifyKey, sig, sigSz, (byte *) msg,
+                                     msgSz);
+            if (ret2 != -1) {
+                /* Verify passed when it should have failed. */
+                return WC_TEST_RET_ENC_I(j);
+            }
+
+            /* Flip this spot back. */
+            sig[j] ^= 1;
+        }
+    }
+
+    /* This should be the last signature. */
+    sigsLeft = wc_LmsKey_SigsLeft(&signingKey);
+    if (sigsLeft != 0) {
+        return WC_TEST_RET_ENC_EC(sigsLeft);
+    }
+
+    wc_LmsKey_Free(&signingKey);
+    wc_LmsKey_Free(&verifyKey);
+
+    wc_FreeRng(&rng);
+
+    return ret;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && !defined(WOLFSSL_LMS_VERIFY_ONLY) */
+
+#if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_LMS_VERIFY_ONLY) && \
+    !defined(WOLFSSL_SMALL_STACK)
+
+/* A simple LMS verify only test.
+ *
+ * Note: LMS signature sizes are a function of their parameters. This
+ * test has a signature of 1456 bytes:
+ *   levels: 1
+ *   height: 10
+ *   winternitz: 8
+ *   max sigs: 2 ** (1 * 10) = 1024
+ *   signature length: 1456
+ * */
+
+/* "wolfSSL LMS example message!" without null terminator. */
+static byte lms_msg[28] =
+{
+    0x77,0x6F,0x6C,0x66,0x53,0x53,0x4C,0x20,
+    0x4C,0x4D,0x53,0x20,0x65,0x78,0x61,0x6D,
+    0x70,0x6C,0x65,0x20,0x6D,0x65,0x73,0x73,
+    0x61,0x67,0x65,0x21
+};
+
+static byte lms_L1H10W8_pub[HSS_MAX_PUBLIC_KEY_LEN] =
+{
+    0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x06,
+    0x00,0x00,0x00,0x04,0xA1,0x26,0x76,0xF8,
+    0xBB,0x0B,0xC0,0x82,0x21,0x71,0x0B,0x2E,
+    0x8C,0xA6,0xEF,0x12,0xED,0x41,0x0E,0x8C,
+    0xAF,0x11,0x93,0x34,0x7B,0x49,0x79,0xB7,
+    0xDE,0x63,0x1C,0xFE,0x1F,0xD1,0x17,0x49,
+    0xCD,0x5C,0xD4,0x26,0xA0,0x53,0x26,0x1A,
+    0xC5,0xB4,0x8F,0x23
+};
+
+#define LMS_L1H10W8_SIGLEN (1456)
+
+static byte lms_L1H10W8_sig[LMS_L1H10W8_SIGLEN] =
+{
+    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+    0x00,0x00,0x00,0x04,0x18,0x70,0x09,0x2E,
+    0x21,0xC9,0x6A,0xC9,0x5C,0xB6,0xB0,0xAA,
+    0xC3,0xED,0x6E,0x66,0x2F,0xCC,0x45,0x81,
+    0xBC,0xBA,0x44,0x96,0x1C,0xBF,0x4E,0xFB,
+    0x7A,0x46,0xFB,0xBE,0x9A,0x0C,0xE4,0x50,
+    0x90,0xC7,0x92,0xAC,0x53,0xAE,0x53,0x76,
+    0x29,0xA6,0x65,0xF1,0x09,0xED,0x1A,0x8E,
+    0x03,0x2E,0x5A,0x06,0x51,0xE3,0x1E,0xE6,
+    0xF6,0xFE,0x3A,0x6E,0xD1,0x92,0x31,0x1D,
+    0xA1,0x6A,0x5C,0x30,0x3A,0xC7,0xFD,0x5B,
+    0xFE,0x71,0x2C,0x5C,0x2F,0x5B,0x5B,0xCF,
+    0xBC,0x7F,0xBF,0x6C,0xAF,0x44,0x8A,0xAE,
+    0x14,0x60,0xAB,0x88,0xED,0x0E,0x4F,0xF8,
+    0xC7,0x1B,0x74,0x28,0x72,0xB3,0x96,0xA6,
+    0xE6,0x46,0x22,0x82,0xCF,0x1F,0x4D,0xA6,
+    0xEA,0x22,0x06,0x07,0x52,0xF5,0x26,0x16,
+    0x0B,0x90,0xE3,0xFF,0x64,0xA9,0xE4,0x61,
+    0x1E,0x9C,0x12,0x9C,0xF6,0xD4,0x63,0x29,
+    0xEA,0x02,0xF7,0x18,0x52,0x79,0x6C,0x43,
+    0xDC,0xCF,0x43,0x23,0xB9,0xCC,0x4A,0x25,
+    0x9D,0x10,0xAF,0xA3,0xE6,0x47,0x5A,0x1C,
+    0xFE,0x68,0x89,0xAF,0x1B,0x2D,0x88,0x3E,
+    0xCA,0xDC,0x70,0xEA,0xAC,0x11,0x00,0x8A,
+    0x6E,0xE0,0xC7,0xD0,0xD2,0x1A,0x36,0x18,
+    0x97,0xB3,0x5F,0x0E,0x75,0x48,0x28,0xF8,
+    0xA8,0xF5,0x90,0xD1,0xA1,0x84,0xFB,0xA4,
+    0xAD,0x50,0xBE,0xE9,0x39,0x8C,0xC5,0xA1,
+    0x67,0x51,0xA1,0x8C,0xD6,0x6B,0x97,0x1F,
+    0x47,0x99,0xEE,0xE0,0x70,0x01,0xC7,0x07,
+    0x50,0xF3,0x5E,0x3F,0xE7,0x06,0xD6,0x8D,
+    0x26,0xD6,0x5A,0x59,0x18,0x72,0x6B,0x12,
+    0xD2,0xAF,0x9B,0xB4,0x2B,0xD0,0xB2,0xF2,
+    0x96,0x2F,0x40,0xEA,0xBE,0xE6,0xAC,0x1F,
+    0xB8,0x33,0xC2,0x76,0xDC,0x8C,0xAC,0xC1,
+    0x46,0x5E,0x04,0x84,0x1B,0xC8,0xB9,0x65,
+    0x8D,0xAD,0x96,0xB5,0xB1,0xF6,0x17,0x4A,
+    0x19,0x87,0xE7,0xBF,0x29,0xC7,0x9B,0xB9,
+    0xD6,0x11,0x2C,0x92,0x2F,0xB7,0x24,0xD5,
+    0x01,0x1D,0x80,0x37,0x54,0xED,0x33,0x32,
+    0xAB,0x7A,0x12,0xD4,0x02,0x1D,0x27,0x52,
+    0x89,0xDB,0x32,0xBF,0x61,0xD4,0xBB,0xB4,
+    0x46,0x78,0x1B,0x64,0x17,0x84,0x4B,0x8A,
+    0xBA,0xC6,0xC1,0xCF,0xC7,0x5D,0x8F,0x93,
+    0xC5,0x9A,0x27,0x90,0xAC,0x17,0x98,0xFF,
+    0xC8,0x22,0x59,0x55,0x90,0xB2,0x29,0x39,
+    0xA0,0xBE,0x00,0x23,0x55,0x6B,0xDA,0x83,
+    0xD8,0x5B,0x57,0x7C,0x67,0x1B,0xC3,0x6B,
+    0x6D,0xC7,0x9B,0x2B,0x9E,0xB7,0x95,0xB3,
+    0xF0,0x1B,0x89,0x5A,0xD7,0x4B,0x67,0xAF,
+    0xDC,0x9E,0xCF,0x7E,0x1A,0xBA,0x1B,0xB9,
+    0x3B,0x7A,0xDD,0x3F,0x0D,0xEE,0x4C,0x0B,
+    0xD1,0x4F,0x34,0xF2,0x93,0xF7,0x21,0x64,
+    0x2C,0x07,0x00,0x15,0x4F,0xE3,0x6A,0x9F,
+    0x08,0x52,0xC2,0x65,0x47,0x1F,0x34,0x64,
+    0x66,0x07,0xBC,0xEA,0xAF,0x9B,0xAA,0x39,
+    0x15,0x8B,0x08,0x8C,0x24,0x41,0x9B,0x46,
+    0x1B,0x5B,0x91,0x11,0xC4,0xFD,0xA9,0x88,
+    0x35,0x0E,0x7D,0xAF,0xFD,0xB7,0x90,0x7E,
+    0xD7,0x29,0x02,0x0A,0xDC,0xC8,0x3F,0xC0,
+    0xFD,0x97,0xAF,0x50,0x49,0xA6,0x5E,0x12,
+    0xC1,0xCD,0xEC,0x52,0xC5,0x51,0xF2,0x80,
+    0x17,0x61,0xC7,0x7E,0xBE,0xD1,0x1B,0x65,
+    0xA4,0xAB,0x92,0x8D,0x89,0xB2,0xC5,0x8F,
+    0xFF,0xA5,0x6F,0xFA,0x62,0x75,0xE4,0xA1,
+    0xD4,0x22,0xA8,0x9E,0x40,0x04,0x27,0x1F,
+    0xCC,0x81,0xBA,0x28,0x67,0xA0,0x1C,0x80,
+    0xEB,0xCA,0xB0,0x61,0xA5,0x48,0xD0,0x8A,
+    0x25,0xEB,0x9E,0x67,0x8C,0x8E,0x9B,0xD1,
+    0xAD,0xBB,0xC3,0xEA,0xD3,0xD4,0xC5,0x12,
+    0x7B,0xDD,0x00,0x57,0x7F,0xF6,0xF7,0xF6,
+    0x3C,0x05,0xCF,0xFC,0x12,0xE1,0x93,0x05,
+    0xE5,0x9B,0x79,0x87,0x69,0xD8,0x82,0xD9,
+    0xD7,0x1D,0x41,0x73,0xE4,0x52,0x1D,0x3E,
+    0xE5,0x8C,0x8D,0x34,0xE1,0x75,0xA9,0xF1,
+    0x9D,0x09,0xA2,0x5B,0xEF,0xDA,0x96,0x6E,
+    0x76,0x3D,0xEA,0x50,0xD9,0xCF,0x4F,0xAC,
+    0xAD,0x1D,0x35,0x72,0x1B,0x88,0x8B,0xCD,
+    0x8C,0x8A,0x8A,0xE0,0x96,0x04,0xD8,0xBB,
+    0x28,0x43,0x16,0x77,0x60,0x98,0x63,0xF9,
+    0xB9,0x71,0x46,0xB7,0xE1,0xA7,0xA9,0x84,
+    0xC3,0x65,0x82,0xE1,0x1B,0x67,0x04,0x2D,
+    0x55,0x6B,0xF9,0xC0,0x79,0x09,0x09,0xE7,
+    0xFD,0x06,0x4D,0x09,0x9B,0x1A,0xCE,0x35,
+    0xFA,0x27,0x6F,0x2F,0x01,0x65,0x0D,0xA0,
+    0x97,0x59,0x11,0xF0,0x48,0xD2,0xE7,0x46,
+    0xBE,0xB4,0x0A,0xA3,0xE2,0x75,0x0E,0x09,
+    0x94,0xD9,0x69,0x28,0xD4,0xDA,0x64,0xBA,
+    0xFE,0xA4,0xB9,0xF0,0xBA,0xEB,0xBA,0xAC,
+    0xA8,0xF9,0xD3,0x82,0x4C,0x36,0x80,0xFA,
+    0xE5,0xF6,0x76,0xC3,0x80,0xFA,0x90,0x29,
+    0xF4,0x85,0xA4,0xC6,0x25,0x22,0x79,0x7E,
+    0x39,0x1E,0x30,0xB8,0x65,0x72,0xCF,0xE1,
+    0x99,0xF0,0x75,0xE8,0x09,0xB4,0x92,0x96,
+    0x1B,0x68,0x50,0x88,0xF1,0x2C,0x97,0xE3,
+    0x2D,0x26,0x8F,0xC5,0x30,0xCF,0x24,0xCB,
+    0xB2,0x60,0x77,0xDC,0x02,0x72,0x0D,0xD9,
+    0x2E,0xF2,0x52,0xEA,0x00,0xF6,0x32,0x65,
+    0xA5,0xC6,0x43,0x29,0x29,0x69,0xAB,0x27,
+    0x0C,0x39,0xDF,0x76,0x3E,0x93,0x95,0xB1,
+    0x2C,0xA2,0x0D,0x18,0xCE,0xA0,0x97,0x10,
+    0x3C,0x90,0xC0,0xEF,0x0E,0x04,0xA6,0xC8,
+    0xA0,0x21,0x3C,0x0B,0x22,0x77,0x7A,0x66,
+    0xA5,0x90,0x25,0xA4,0x09,0x3E,0xD5,0x27,
+    0x1F,0x6C,0x99,0x85,0x5C,0xA2,0x99,0x7A,
+    0x25,0xEE,0x8D,0x32,0x3D,0xD3,0xDC,0xF5,
+    0x00,0x5A,0x34,0x61,0xB6,0xCD,0x4E,0xBC,
+    0x26,0x36,0xFB,0x44,0x97,0x35,0xBD,0x06,
+    0x7D,0x2E,0x4A,0xA2,0xDC,0x24,0xFE,0x70,
+    0x0A,0xF9,0x57,0xE3,0xEE,0xAB,0xD1,0x17,
+    0xF3,0x7C,0xD6,0x37,0x26,0xFA,0x83,0x9F,
+    0xDD,0xB2,0xE1,0xD7,0xF9,0xC7,0x0E,0x15,
+    0x01,0xA6,0x58,0x32,0x98,0x04,0x32,0xD4,
+    0xDE,0xB9,0xEF,0x09,0xFA,0xE4,0x5A,0xD7,
+    0xDD,0x09,0x1C,0xC9,0xAC,0xB8,0x6A,0xF5,
+    0x00,0x5D,0x6B,0x95,0x12,0x8C,0x2F,0xCC,
+    0xD8,0xB9,0x50,0x3A,0xEB,0x74,0x86,0xD2,
+    0x3F,0xA1,0x05,0x8F,0x6E,0xEF,0xF5,0xA4,
+    0xD6,0x6E,0x53,0xFA,0x9E,0xFA,0xCE,0xDB,
+    0x99,0x46,0xE7,0xC5,0xDA,0x92,0x51,0x4F,
+    0x22,0x07,0xF3,0xA5,0x38,0x26,0xD3,0xEC,
+    0xD6,0x01,0xDD,0x31,0x3A,0x48,0x93,0xF6,
+    0x69,0x4F,0xD8,0xF6,0xC2,0x91,0xA5,0x7C,
+    0xDF,0x51,0x64,0xF1,0x3B,0x79,0xBC,0x0A,
+    0x2C,0xDC,0x33,0x5A,0x29,0xF6,0xB2,0x09,
+    0x66,0xCA,0x24,0x9F,0x1A,0x18,0xF3,0x76,
+    0x4C,0x5E,0x0B,0x81,0x7F,0x29,0x84,0xD8,
+    0x7A,0xA8,0xD6,0x11,0xAC,0xEC,0xD9,0x07,
+    0x91,0xEC,0xB6,0x6D,0xEC,0xDB,0xBE,0x6F,
+    0x9F,0xC5,0x19,0x5E,0x56,0x87,0x20,0x80,
+    0x75,0xD5,0x64,0xE9,0x80,0xBF,0x2D,0xD5,
+    0x94,0x9F,0x8C,0xA4,0x54,0x41,0xAB,0xB1,
+    0x8E,0xAD,0x51,0xE4,0x3C,0x24,0xF7,0x1D,
+    0xFE,0x02,0x48,0x7C,0x6D,0xED,0xF1,0xAC,
+    0xD9,0x79,0x42,0xE5,0x3A,0xCF,0x6A,0x4C,
+    0x6D,0xE2,0x13,0xD2,0x2B,0x9D,0xAB,0x1F,
+    0x70,0xD3,0xC0,0x6F,0x81,0xE9,0x9A,0x86,
+    0x33,0x39,0x60,0xE7,0x6A,0x00,0x1F,0x97,
+    0xEB,0xE5,0x1D,0x0D,0x66,0x15,0xC9,0xA2,
+    0xB1,0xC0,0xF0,0x2E,0xF4,0x07,0xA2,0x2E,
+    0x49,0x92,0x95,0x13,0xA3,0x18,0x46,0x25,
+    0xB9,0x3C,0xA1,0x4B,0x00,0x00,0x00,0x06,
+    0xAB,0xAA,0xF9,0x3F,0x7E,0x21,0xF4,0x0E,
+    0xCE,0xFD,0xE0,0x44,0xAC,0xC7,0x1A,0x30,
+    0x22,0x9D,0x0A,0xD7,0x96,0x2D,0x8F,0x9A,
+    0x99,0x1F,0x40,0x75,0x7F,0x62,0xF9,0xC1,
+    0x81,0x7B,0x4A,0x1B,0xFA,0xD6,0x87,0xB9,
+    0xEF,0x58,0x48,0xE4,0x5C,0x79,0xE5,0xB1,
+    0x2C,0x59,0xA4,0x42,0xDB,0xA6,0x53,0x70,
+    0x80,0x61,0x17,0xD4,0xD3,0x77,0xBD,0x53,
+    0x26,0x7C,0x0E,0x0E,0xFF,0x30,0x4B,0xD0,
+    0x86,0xFC,0x02,0x20,0x24,0x46,0x5B,0xF5,
+    0xE3,0x99,0x73,0x85,0x60,0x00,0x36,0x47,
+    0x17,0xEE,0x0C,0xD2,0x80,0x71,0x46,0x0E,
+    0x2B,0xB0,0xEF,0x7F,0xFE,0x3B,0xE5,0xE1,
+    0x87,0xC2,0xAF,0x1A,0x6F,0x63,0xF4,0x5A,
+    0xC4,0x16,0xF7,0xAD,0x07,0x70,0x71,0x85,
+    0x7D,0x3D,0x67,0x08,0xB8,0xD8,0xE2,0xF0,
+    0xA1,0xAC,0xD2,0x94,0x7D,0x93,0x03,0xDD,
+    0x54,0xF9,0x64,0x19,0xB3,0xED,0x24,0x22,
+    0x01,0xD7,0x12,0x5E,0xC1,0x2B,0x39,0x10,
+    0x13,0xE2,0x56,0x1C,0xEE,0xF4,0x2A,0x49,
+    0x7B,0xFB,0x36,0x8D,0xF8,0xAF,0x60,0xDF,
+    0x10,0xF0,0x72,0xA2,0xED,0xB6,0x53,0x88,
+    0xA9,0x0C,0xED,0x9C,0x18,0x33,0x7D,0x65,
+    0x9B,0xB2,0x9C,0x3E,0xE9,0x1E,0x43,0x51,
+    0x7E,0xBE,0x01,0x95,0xF6,0x60,0x65,0xBE,
+    0xD1,0xF4,0xE2,0x83,0x6B,0xCA,0x7A,0x70,
+    0x41,0x83,0x72,0xC0,0x23,0x51,0x13,0x11,
+    0x2D,0xF9,0xC0,0x0D,0x7D,0x73,0x76,0xA5,
+    0x30,0x83,0x68,0x10,0x35,0xA2,0x18,0x22,
+    0x4E,0x21,0x93,0x27,0x6A,0x19,0x28,0x83,
+    0x7F,0xDD,0xDD,0xFF,0xC3,0x8A,0x64,0x00,
+    0x5F,0x1C,0x0D,0xF8,0xBB,0xD7,0x15,0xB9,
+    0xEF,0xE0,0x07,0x62,0x05,0x9E,0xCF,0xFC,
+    0x08,0x52,0x1E,0x65,0x41,0x56,0x6A,0xEB,
+    0x81,0x53,0x30,0x7B,0xF2,0xFD,0x65,0xFF,
+    0xA2,0x14,0xF5,0x62,0x1E,0x24,0x48,0x47,
+    0xA5,0x41,0x80,0xB4,0xC5,0xDC,0xB2,0xB4,
+    0x2D,0x17,0xE7,0xBE,0x49,0x53,0x7A,0x25,
+    0xC5,0x0D,0x19,0x59,0xF4,0x88,0x59,0xED,
+    0x92,0x13,0xEE,0x7A,0x4F,0x12,0x98,0x4C
+};
+
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t lms_test_verify_only(void)
+{
+    int    ret = -1;
+    int    ret2 = -1;
+    int    j = 0;
+    LmsKey verifyKey;
+    word32 sigSz = 0;
+    word32 msgSz = sizeof(lms_msg);
+    word32 pubLen = 0;
+    int    levels = 0;
+    int    height = 0;
+    int    winternitz = 0;
+
+    ret = wc_LmsKey_Init(&verifyKey, NULL, INVALID_DEVID);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_SetParameters(&verifyKey, 1, 10, 8);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    ret = wc_LmsKey_ImportPubRaw(&verifyKey, lms_L1H10W8_pub,
+                                 HSS_MAX_PUBLIC_KEY_LEN);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    /* Verify parameters, pub length, and sig length are correct. */
+    ret = wc_LmsKey_GetParameters(&verifyKey, &levels, &height, &winternitz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (levels != 1 || height != 10 || winternitz != 8) {
+        printf("error: invalid LMS parameters: L%d-H%d-W%d\n", levels, height,
+               winternitz);
+        return -1;
+    }
+
+    ret = wc_LmsKey_GetPubLen(&verifyKey, &pubLen);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (pubLen != HSS_MAX_PUBLIC_KEY_LEN) {
+        printf("error: got %d, expected %d\n", pubLen, HSS_MAX_PUBLIC_KEY_LEN);
+        return WC_TEST_RET_ENC_EC(pubLen);
+    }
+
+    ret = wc_LmsKey_GetSigLen(&verifyKey, &sigSz);
+    if (ret != 0) { return WC_TEST_RET_ENC_EC(ret); }
+
+    if (sigSz != LMS_L1H10W8_SIGLEN) {
+        printf("error: got %d, expected %d\n", sigSz, LMS_L1H10W8_SIGLEN);
+        return WC_TEST_RET_ENC_EC(sigSz);
+    }
+
+    ret = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+                           (byte *) lms_msg, msgSz);
+    if (ret != 0) {
+        printf("error: wc_LmsKey_Verify returned %d\n", ret);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip bits in message. This should fail. */
+    lms_msg[msgSz / 2] ^= 1;
+    ret2 = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+                            (byte *) lms_msg, msgSz);
+    if (ret2 != -1) {
+        printf("error: wc_LmsKey_Verify returned %d, expected -1\n", ret2);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip it back. This should pass again. */
+    lms_msg[msgSz / 2] ^= 1;
+    ret = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig, LMS_L1H10W8_SIGLEN,
+                           (byte *) lms_msg, msgSz);
+    if (ret != 0) {
+        printf("error: wc_LmsKey_Verify returned %d, expected 0\n", ret);
+        return WC_TEST_RET_ENC_EC(ret);
+    }
+
+    /* Flip bits in a few places throughout the signature, stepping in multiple
+     * of hash size. These should all fail with -1. */
+    for (j = 0; j < (int) sigSz; j+= 4 * 32) {
+        lms_L1H10W8_sig[j] ^= 1;
+
+        ret2 = wc_LmsKey_Verify(&verifyKey, lms_L1H10W8_sig,
+                                LMS_L1H10W8_SIGLEN,
+                                (byte *) lms_msg, msgSz);
+        if (ret2 != -1) {
+            /* Verify passed when it should have failed. */
+            return WC_TEST_RET_ENC_I(j);
+        }
+
+        /* Flip this spot back. */
+        lms_L1H10W8_sig[j] ^= 1;
+    }
+
+    wc_LmsKey_Free(&verifyKey);
+    return ret;
+}
+
+#endif /* if defined(WOLFSSL_HAVE_LMS) && defined(WOLFSSL_LMS_VERIFY_ONLY) &&
+        *    !defined(WOLFSSL_SMALL_STACK) */
+
 static const int fiducial3 = WC_TEST_RET_LN; /* source code reference point --
                                               * see print_fiducials() below.
                                               */
 
 #ifdef WOLFCRYPT_HAVE_ECCSI
-static int eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
+static wc_test_ret_t eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
                           ecc_point* pvt)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte id[1] = { 0x00 };
     int valid;
     word32 sz;
@@ -33867,9 +38061,9 @@ static int eccsi_api_test(WC_RNG* rng, EccsiKey* key, mp_int* ssk,
 }
 
 /* RFC 6507: Appendix A */
-static int eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
+static wc_test_ret_t eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
 {
-    int ret;
+    wc_test_ret_t ret;
     int verified;
     const byte msg[] = { 0x6D, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x00 };
     word32 msgSz = sizeof(msg);
@@ -33949,9 +38143,9 @@ static int eccsi_kat_verify_test(EccsiKey* key, ecc_point* pvt)
 
     return 0;
 }
-static int eccsi_enc_dec_pair_test(EccsiKey* priv, mp_int* ssk, ecc_point* pvt)
+static wc_test_ret_t eccsi_enc_dec_pair_test(EccsiKey* priv, mp_int* ssk, ecc_point* pvt)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte data[32 * 3];
     word32 sz;
     ecc_point* decPvt = NULL;
@@ -34050,9 +38244,9 @@ out:
     return ret;
 }
 
-static int eccsi_imp_exp_key_test(EccsiKey* priv)
+static wc_test_ret_t eccsi_imp_exp_key_test(EccsiKey* priv)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte data[32 * 3];
     byte out[32 * 3];
     word32 sz;
@@ -34108,9 +38302,9 @@ static int eccsi_imp_exp_key_test(EccsiKey* priv)
     return 0;
 }
 
-static int eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
+static wc_test_ret_t eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte data[32 * 2 + 1];
     byte pubData[32 * 2 + 1];
     word32 sz;
@@ -34154,10 +38348,10 @@ static int eccsi_imp_exp_pubkey_test(EccsiKey* key1, EccsiKey* key2)
     return 0;
 }
 
-static int eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
+static wc_test_ret_t eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
                                mp_int* ssk, ecc_point* pvt)
 {
-    int ret;
+    wc_test_ret_t ret;
     char mail[] = "test@wolfssl.com";
     byte* id = (byte*)mail;
     word32 idSz = (word32) XSTRLEN(mail);
@@ -34193,10 +38387,10 @@ static int eccsi_make_key_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
     return 0;
 }
 
-static int eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
+static wc_test_ret_t eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
                                   mp_int* ssk, ecc_point* pvt)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte hashPriv[WC_MAX_DIGEST_SIZE];
     byte hashPub[WC_MAX_DIGEST_SIZE];
     byte hashSz;
@@ -34348,9 +38542,9 @@ static int eccsi_sign_verify_test(EccsiKey* priv, EccsiKey* pub, WC_RNG* rng,
     return 0;
 }
 
-int eccsi_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t eccsi_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     WC_RNG rng;
     int rng_inited = 0;
     EccsiKey* priv = NULL;
@@ -34457,9 +38651,9 @@ int eccsi_test(void)
 #endif /* WOLFCRYPT_HAVE_ECCSI */
 
 #ifdef WOLFCRYPT_HAVE_SAKKE
-static int sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
+static wc_test_ret_t sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte id[1] = { 0x00 };
     int valid;
     byte data[256];
@@ -34893,7 +39087,7 @@ static int sakke_api_test(WC_RNG* rng, SakkeKey* key, ecc_point* rsk)
     return 0;
 }
 
-static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
+static wc_test_ret_t sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte pubData[] = {
         0x59, 0x58, 0xEF, 0x1B, 0x16, 0x79, 0xBF, 0x09,
@@ -35013,7 +39207,7 @@ static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
         0x89, 0xE0, 0xBC, 0x66, 0x1A, 0xA1, 0xE9, 0x16,
         0x38, 0xE6, 0xAC, 0xC8, 0x4E, 0x49, 0x65, 0x07
     };
-    int ret;
+    wc_test_ret_t ret;
     int valid;
     byte pubKey[sizeof(pubData) + 1];
     word32 sz = sizeof(pubKey);
@@ -35127,7 +39321,7 @@ static int sakke_kat_derive_test(SakkeKey* key, ecc_point* rsk)
     return 0;
 }
 
-static int sakke_kat_encapsulate_test(SakkeKey* key)
+static wc_test_ret_t sakke_kat_encapsulate_test(SakkeKey* key)
 {
     static const byte pubData[] = {
         0x59, 0x58, 0xEF, 0x1B, 0x16, 0x79, 0xBF, 0x09,
@@ -35214,7 +39408,7 @@ static int sakke_kat_encapsulate_test(SakkeKey* key)
         0x89, 0xE0, 0xBC, 0x66, 0x1A, 0xA1, 0xE9, 0x16,
         0x38, 0xE6, 0xAC, 0xC8, 0x4E, 0x49, 0x65, 0x07
     };
-    int ret;
+    wc_test_ret_t ret;
     byte auth[257];
     word16 authSz = sizeof(auth);
 
@@ -35241,10 +39435,10 @@ static int sakke_kat_encapsulate_test(SakkeKey* key)
     return 0;
 }
 
-static int sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
+static wc_test_ret_t sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
     WC_RNG* rng, ecc_point* rsk)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte data[440];
     byte pubData[257];
     word32 sz;
@@ -35387,10 +39581,10 @@ static int sakke_make_key_test(SakkeKey* priv, SakkeKey* pub, SakkeKey* key,
     return 0;
 }
 
-static int sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
+static wc_test_ret_t sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
                          ecc_point* rsk)
 {
-    int ret;
+    wc_test_ret_t ret;
     byte ssv[16];
     word16 ssvSz;
     byte auth[257];
@@ -35503,9 +39697,9 @@ static int sakke_op_test(SakkeKey* priv, SakkeKey* pub, WC_RNG* rng,
     return 0;
 }
 
-int sakke_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t sakke_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     WC_RNG rng;
     int rng_inited = 0;
     SakkeKey* priv = NULL;
@@ -35623,7 +39817,7 @@ typedef struct CMAC_Test_Case {
     word32 tSz;
 } CMAC_Test_Case;
 
-WOLFSSL_TEST_SUBROUTINE int cmac_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cmac_test(void)
 {
 #ifdef WOLFSSL_AES_128
     WOLFSSL_SMALL_STACK_STATIC const byte k128[] =
@@ -35775,7 +39969,7 @@ WOLFSSL_TEST_SUBROUTINE int cmac_test(void)
     byte tag[AES_BLOCK_SIZE];
     const CMAC_Test_Case* tc;
     word32 i, tagSz;
-    int ret;
+    wc_test_ret_t ret;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if ((cmac = (Cmac *)XMALLOC(sizeof *cmac, HEAP_HINT, DYNAMIC_TYPE_CMAC)) == NULL)
@@ -36066,9 +40260,9 @@ static const unsigned char siphash_r16[64][SIPHASH_MAC_SIZE_16] = {
 };
 #endif
 
-WOLFSSL_TEST_SUBROUTINE int siphash_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t siphash_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int i;
 #if WOLFSSL_SIPHASH_CROUNDS == 2 && WOLFSSL_SIPHASH_DROUNDS == 4
     unsigned char res[SIPHASH_MAC_SIZE_16];
@@ -36426,9 +40620,9 @@ static const byte sample_text_gz[] = {
     0x6F, 0x86, 0x43, 0x51, 0xB6, 0x11, 0x00, 0x00
 };
 
-WOLFSSL_TEST_SUBROUTINE int compress_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t compress_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     word32 dSz = sizeof(sample_text);
     word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
     byte *c;
@@ -36536,7 +40730,7 @@ exit:
  *
  * Returns 0 on success, negative on error
  */
-static int pkcs7_load_certs_keys(
+static wc_test_ret_t pkcs7_load_certs_keys(
                        byte* rsaClientCertBuf,    word32* rsaClientCertBufSz,
                        byte* rsaClientPrivKeyBuf, word32* rsaClientPrivKeyBufSz,
                        byte* rsaServerCertBuf,    word32* rsaServerCertBufSz,
@@ -36935,7 +41129,8 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
         byte* aad, word32 aadSz, byte* authTag, word32 authTagSz,
         byte* in, int inSz, byte* out, void* usrCtx)
 {
-    int keyId = -1, ret, keySz;
+    wc_test_ret_t ret;
+    int keyId = -1, keySz;
     word32 keyIdSz = 8;
     const byte*  key;
     byte   keyIdRaw[8];
@@ -37028,7 +41223,7 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
     #ifdef WOLFSSL_AES_256
         case AES256CBCb:
             if ((keySz != 32 ) || (ivSz  != AES_BLOCK_SIZE))
-                ERROR_OUT(BAD_FUNC_ARG, out);
+                WARNING_OUT(BAD_FUNC_ARG, out);
             break;
     #endif
     #ifdef WOLFSSL_AES_128
@@ -37061,19 +41256,20 @@ static int myDecryptionFunc(PKCS7* pkcs7, int encryptOID, byte* iv, int ivSz,
     (void)aadSz;
     (void)authTag;
     (void)authTagSz;
-    return ret;
+    return (int)ret;
 }
 #endif /* !NO_AES && HAVE_AES_CBC */
 
 
 #define PKCS7_BUF_SIZE 2048
 
-static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
+static wc_test_ret_t pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
                                       byte* rsaPrivKey,  word32 rsaPrivKeySz,
                                       byte* eccCert, word32 eccCertSz,
                                       byte* eccPrivKey,  word32 eccPrivKeySz)
 {
-    int ret = 0, testSz = 0, i;
+    wc_test_ret_t ret = 0;
+    int testSz = 0, i;
     int envelopedSz, decodedSz;
 
     byte   *enveloped = NULL;
@@ -37542,9 +41738,9 @@ static int pkcs7enveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
 }
 
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7enveloped_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7enveloped_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     byte* rsaCert    = NULL;
     byte* rsaPrivKey = NULL;
@@ -37686,12 +41882,13 @@ typedef struct {
 } pkcs7AuthEnvelopedVector;
 
 
-static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
+static wc_test_ret_t pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
                                           byte* rsaPrivKey,  word32 rsaPrivKeySz,
                                           byte* eccCert, word32 eccCertSz,
                                           byte* eccPrivKey,  word32 eccPrivKeySz)
 {
-    int ret = 0, testSz = 0, i;
+    wc_test_ret_t ret = 0;
+    int testSz = 0, i;
     int envelopedSz, decodedSz;
 
     byte   *enveloped = NULL;
@@ -37724,7 +41921,7 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
 #endif
 
 #if !defined(NO_AES) && defined(WOLFSSL_AES_256) && defined(HAVE_ECC) && \
-    defined(WOLFSSL_SHA512)
+    defined(WOLFSSL_SHA512) && defined(HAVE_AESGCM)
     WOLFSSL_SMALL_STACK_STATIC const byte optionalUkm[] = {
         0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07
     };
@@ -37827,7 +42024,12 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
          NULL, 0, 0, NULL, 0, NULL, 0, 0, 0, 0, 0, 0, 0, 0,
          "pkcs7authEnvelopedDataAES256GCM_IANDS.der");
         #endif
-    #endif /* NO_AES */
+    #else /* NO_AES || !HAVE_AESGCM */
+        (void)rsaCert;
+        (void)rsaCertSz;
+        (void)rsaPrivKey;
+        (void)rsaPrivKeySz;
+    #endif /* NO_AES || !HAVE_AESGCM */
 #endif
 
         /* key agreement key encryption technique*/
@@ -38242,9 +42444,9 @@ static int pkcs7authenveloped_run_vectors(byte* rsaCert, word32 rsaCertSz,
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7authenveloped_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7authenveloped_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     byte* rsaCert    = NULL;
     byte* rsaPrivKey = NULL;
@@ -38349,7 +42551,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
         word32 keyIdSz, byte* orginKey, word32 orginKeySz,
         byte* out, word32 outSz, int keyWrapAlgo, int type, int direction)
 {
-    int ret;
+    wc_test_ret_t ret;
 
     if (cek == NULL || out == NULL)
         return BAD_FUNC_ARG;
@@ -38372,7 +42574,7 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
             ret = wc_AesKeyUnWrap(p7DefKey, sizeof(p7DefKey), cek, cekSz,
                                       out, outSz, NULL);
             if (ret <= 0)
-                return ret;
+                return (int)ret;
             break;
 
         default:
@@ -38384,14 +42586,14 @@ static int myCEKwrapFunc(PKCS7* pkcs7, byte* cek, word32 cekSz, byte* keyId,
     (void)direction;
     (void)orginKey; /* used with KAKRI */
     (void)orginKeySz;
-    return ret;
+    return (int)ret;
 }
 
 
 /* returns key size on success */
-static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
+static wc_test_ret_t getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
 {
-    int    ret;
+    wc_test_ret_t ret;
     word32 atrSz;
     byte   atr[256];
 
@@ -38444,10 +42646,10 @@ static int getFirmwareKey(PKCS7* pkcs7, byte* key, word32 keySz)
 
 /* create a KEKRI enveloped data
  * return size on success */
-static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
+static wc_test_ret_t envelopedData_encrypt(byte* in, word32 inSz, byte* out,
         word32 outSz)
 {
-    int ret;
+    wc_test_ret_t ret;
     PKCS7* pkcs7;
     WOLFSSL_SMALL_STACK_STATIC const byte keyId[] = { 0x00 };
 
@@ -38467,7 +42669,7 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
                                       sizeof(p7DefKey), (byte*)keyId,
                                       sizeof(keyId), NULL, NULL, 0, NULL, 0, 0);
     if (ret < 0) {
-        printf("wc_PKCS7_AddRecipient_KEKRI() failed, ret = %d\n", ret);
+        printf("wc_PKCS7_AddRecipient_KEKRI() failed\n");
         wc_PKCS7_Free(pkcs7);
         return WC_TEST_RET_ENC_EC(ret);
     }
@@ -38475,7 +42677,7 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
     /* encode envelopedData, returns size */
     ret = wc_PKCS7_EncodeEnvelopedData(pkcs7, out, outSz);
     if (ret <= 0) {
-        printf("wc_PKCS7_EncodeEnvelopedData() failed, ret = %d\n", ret);
+        printf("wc_PKCS7_EncodeEnvelopedData() failed\n");
         wc_PKCS7_Free(pkcs7);
         return WC_TEST_RET_ENC_EC(ret);
 
@@ -38491,11 +42693,12 @@ static int envelopedData_encrypt(byte* in, word32 inSz, byte* out,
  * keyHint is the KeyID to be set in the fwDecryptKeyID attribute
  * returns size of buffer output on success
  */
-static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
+static wc_test_ret_t generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
         word32 encryptKeySz, byte keyHint, byte* cert, word32 certSz,
         byte* key, word32 keySz)
 {
-    int ret, attribNum = 1;
+    wc_test_ret_t ret;
+    int attribNum = 1;
     PKCS7* pkcs7;
 
     /* KEY ID
@@ -38532,7 +42735,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
         if (ret <= 0) {
             return ret;
         }
-        attribs[1].valueSz = ret;
+        attribs[1].valueSz = (int)ret;
         attribNum++;
     }
 
@@ -38574,7 +42777,7 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
         return WC_TEST_RET_ENC_EC(ret);
 
     } else {
-        *outSz = ret;
+        *outSz = (int)ret;
     }
 
     wc_PKCS7_Free(pkcs7);
@@ -38586,9 +42789,9 @@ static int generateBundle(byte* out, word32 *outSz, const byte* encryptKey,
 /* test verification and decryption of PKCS7 bundle
  * return 0 on success
  */
-static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
+static wc_test_ret_t verifyBundle(byte* derBuf, word32 derSz, int keyHint)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int usrCtx = 1; /* test value to pass as user context to callback */
     PKCS7* pkcs7 = NULL;
     byte*  sid = NULL;
@@ -38674,7 +42877,7 @@ static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
         if (ret < 0)
             goto out;
         pkcs7->encryptionKey = key;
-        pkcs7->encryptionKeySz = ret;
+        pkcs7->encryptionKeySz = (int)ret;
     }
     else {
         decodedSz = PKCS7_BUF_SIZE;
@@ -38709,10 +42912,10 @@ static int verifyBundle(byte* derBuf, word32 derSz, int keyHint)
 }
 
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7callback_test(byte* cert, word32 certSz, byte* key, word32 keySz)
 {
 
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     word32 derSz;
     byte *derBuf = (byte *)XMALLOC(FOURK_BUF, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 
@@ -38781,9 +42984,9 @@ typedef struct {
 } pkcs7EncryptedVector;
 
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7encrypted_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7encrypted_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int i, testSz;
     int encryptedSz, decodedSz, attribIdx;
     PKCS7* pkcs7;
@@ -39049,9 +43252,9 @@ typedef struct {
 } pkcs7CompressedVector;
 
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7compressed_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7compressed_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int i, testSz;
     int compressedSz, decodedSz;
     PKCS7* pkcs7;
@@ -39195,7 +43398,7 @@ typedef struct {
 } pkcs7SignedVector;
 
 
-static int pkcs7signed_run_vectors(
+static wc_test_ret_t pkcs7signed_run_vectors(
                         byte* rsaClientCertBuf, word32 rsaClientCertBufSz,
                         byte* rsaClientPrivKeyBuf, word32 rsaClientPrivKeyBufSz,
                         byte* rsaServerCertBuf, word32 rsaServerCertBufSz,
@@ -39205,7 +43408,8 @@ static int pkcs7signed_run_vectors(
                         byte* eccClientCertBuf, word32 eccClientCertBufSz,
                         byte* eccClientPrivKeyBuf, word32 eccClientPrivKeyBufSz)
 {
-    int ret, testSz = 0, i;
+    wc_test_ret_t ret;
+    int testSz = 0, i;
     int encodedSz;
     byte*  out = NULL;
     word32 outSz;
@@ -39706,7 +43910,7 @@ static int pkcs7signed_run_vectors(
 }
 
 
-static int pkcs7signed_run_SingleShotVectors(
+static wc_test_ret_t pkcs7signed_run_SingleShotVectors(
                         byte* rsaClientCertBuf, word32 rsaClientCertBufSz,
                         byte* rsaClientPrivKeyBuf, word32 rsaClientPrivKeyBufSz,
                         byte* rsaServerCertBuf, word32 rsaServerCertBufSz,
@@ -39716,7 +43920,8 @@ static int pkcs7signed_run_SingleShotVectors(
                         byte* eccClientCertBuf, word32 eccClientCertBufSz,
                         byte* eccClientPrivKeyBuf, word32 eccClientPrivKeyBufSz)
 {
-    int ret, testSz = 0, i;
+    wc_test_ret_t ret;
+    int testSz = 0, i;
     int encodedSz;
     byte*  out = NULL;
     word32 outSz;
@@ -40245,9 +44450,9 @@ static int pkcs7signed_run_SingleShotVectors(
 }
 
 
-WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t pkcs7signed_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     byte* rsaClientCertBuf    = NULL;
     byte* rsaServerCertBuf    = NULL;
@@ -40394,10 +44599,10 @@ WOLFSSL_TEST_SUBROUTINE int pkcs7signed_test(void)
 /* Maximum number of bytes in a number to test. */
 #define MP_MAX_TEST_BYTE_LEN      32
 
-static int randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
+static wc_test_ret_t randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
 {
     byte d[MP_MAX_TEST_BYTE_LEN];
-    int  ret;
+    wc_test_ret_t ret;
 
     (void)heap;
 
@@ -40414,12 +44619,12 @@ static int randNum(mp_int* n, int len, WC_RNG* rng, void* heap)
 }
 
 #if defined(WOLFSSL_SP_MATH_ALL) || !defined(USE_FAST_MATH)
-static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
 {
     int i, j;
     mp_digit rem;
     mp_digit rem2;
-    int ret;
+    wc_test_ret_t ret;
 
 #if (defined(WOLFSSL_SP_MATH_ALL) && !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
     defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)
@@ -40508,9 +44713,9 @@ static int mp_test_div_3(mp_int* a, mp_int* r, WC_RNG* rng)
     !defined(WOLFSSL_RSA_VERIFY_ONLY)) || \
     (!defined WOLFSSL_SP_MATH && !defined(WOLFSSL_SP_MATH_ALL) && \
     (defined(WOLFSSL_KEY_GEN) || defined(HAVE_COMP_KEY)))
-static int mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i, j;
     int size;
     char str[30];
@@ -40587,9 +44792,9 @@ static int mp_test_radix_10(mp_int* a, mp_int* r, WC_RNG* rng)
 
 #if defined(WOLFSSL_SP_MATH_ALL) || (!defined WOLFSSL_SP_MATH && \
                                                               defined(HAVE_ECC))
-static int mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i, j;
     int size;
     char str[30];
@@ -40674,10 +44879,10 @@ static int mp_test_radix_16(mp_int* a, mp_int* r, WC_RNG* rng)
 }
 #endif
 
-static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
+static wc_test_ret_t mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
 {
     int i;
-    int ret;
+    wc_test_ret_t ret;
 
     ret = randNum(a, 4, rng, NULL);
     if (ret != 0)
@@ -40711,10 +44916,10 @@ static int mp_test_shift(mp_int* a, mp_int* r1, WC_RNG* rng)
     return 0;
 }
 
-static int mp_test_add_sub_d(mp_int* a, mp_int* r1)
+static wc_test_ret_t mp_test_add_sub_d(mp_int* a, mp_int* r1)
 {
     int i, j;
-    int ret;
+    wc_test_ret_t ret;
 
     for (i = 0; i <= DIGIT_BIT * 2; i++) {
         mp_zero(a);
@@ -40751,7 +44956,7 @@ static int mp_test_add_sub_d(mp_int* a, mp_int* r1)
     return 0;
 }
 
-static int mp_test_read_to_bin(mp_int* a)
+static wc_test_ret_t mp_test_read_to_bin(mp_int* a)
 {
     WOLFSSL_SMALL_STACK_STATIC const byte in[16] = {
         0x91, 0xa2, 0xb3, 0xc4, 0xd5, 0xe6, 0xf7, 0x08,
@@ -40760,7 +44965,7 @@ static int mp_test_read_to_bin(mp_int* a)
     byte out[24];
     int i, j, k;
     const byte* p;
-    int ret;
+    wc_test_ret_t ret;
 
     for (i = 0; i < (int)sizeof(in); i++) {
         p = in + sizeof(in) - i;
@@ -40798,7 +45003,7 @@ static int mp_test_read_to_bin(mp_int* a)
 }
 
 #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_set_int(mp_int* a)
+static wc_test_ret_t mp_test_set_int(mp_int* a)
 {
 #if SP_ULONG_BITS == 64
     unsigned long n = 0xfedcba9876543210UL;
@@ -40817,7 +45022,7 @@ static int mp_test_set_int(mp_int* a)
     byte exp[1] = { 0xfe };
     byte out[1] = { 0 };
 #endif
-    int ret;
+    wc_test_ret_t ret;
 
     ret = mp_set_int(a, n);
     if (ret != 0)
@@ -40837,7 +45042,7 @@ static int mp_test_set_int(mp_int* a)
 #endif
 
 #if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
 {
     byte buffer[16];
 #if defined(HAVE_ECC) || defined(WOLFSSL_SP_MATH_ALL)
@@ -40850,7 +45055,7 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
                                                           defined(HAVE_COMP_KEY)
     char decStr[] = "0987654321";
 #endif
-    int ret;
+    wc_test_ret_t ret;
 #ifdef WOLFSSL_SP_MATH_ALL
     mp_digit rho;
     int size;
@@ -41852,10 +46057,10 @@ static int mp_test_param(mp_int* a, mp_int* b, mp_int* r, WC_RNG* rng)
 #endif
 
 #if !defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_set_is_bit(mp_int* a)
+static wc_test_ret_t mp_test_set_is_bit(mp_int* a)
 {
     int i, j;
-    int ret;
+    wc_test_ret_t ret;
 
     mp_zero(a);
     for (i = 0; i <= DIGIT_BIT * 2; i++) {
@@ -41944,9 +46149,9 @@ static int mp_test_set_is_bit(mp_int* a)
 }
 #endif /* !WOLFSSL_SP_MATH || WOLFSSL_SP_MATH_ALL */
 
-static int mp_test_cmp(mp_int* a, mp_int* b)
+static wc_test_ret_t mp_test_cmp(mp_int* a, mp_int* b)
 {
-    int ret;
+    wc_test_ret_t ret;
 
     mp_zero(a);
     mp_zero(b);
@@ -42017,13 +46222,74 @@ static int mp_test_cmp(mp_int* a, mp_int* b)
         return WC_TEST_RET_ENC_NC;
 #endif
 
+#if defined(HAVE_ECC) && !defined(WC_NO_RNG) && \
+    defined(WOLFSSL_ECC_GEN_REJECT_SAMPLING)
+    mp_zero(a);
+    mp_zero(b);
+    ret = mp_cmp_ct(a, b, 1);
+    if (ret != MP_EQ)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(a, a, a->used);
+    if (ret != MP_EQ)
+        return WC_TEST_RET_ENC_EC(ret);
+
+#ifdef WOLFSSL_SP_MATH_ALL
+    ret = mp_cmp_ct(a, NULL, a->used);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(NULL, a, a->used);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+#endif
+
+    mp_read_radix(a, "1", MP_RADIX_HEX);
+    ret = mp_cmp_ct(a, b, 1);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(b, a, 1);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    mp_read_radix(a, "0123456789abcdef0123456789abcdef", MP_RADIX_HEX);
+    ret = mp_cmp_ct(a, b, a->used);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(b, a, a->used);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    mp_read_radix(b, "1123456789abcdef0123456789abcdef", MP_RADIX_HEX);
+    ret = mp_cmp_ct(b, a, a->used);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(a, b, a->used);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    mp_read_radix(b, "0123456789abcdef0123456789abcdf0", MP_RADIX_HEX);
+    ret = mp_cmp_ct(b, a, a->used);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(a, b, a->used);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+
+    mp_read_radix(b, "0123456789abcdf0", MP_RADIX_HEX);
+    ret = mp_cmp_ct(a, b, a->used);
+    if (ret != MP_GT)
+        return WC_TEST_RET_ENC_EC(ret);
+    ret = mp_cmp_ct(b, a, a->used);
+    if (ret != MP_LT)
+        return WC_TEST_RET_ENC_EC(ret);
+#endif
+
     return 0;
 }
 
 #if !defined(NO_DH) || defined(HAVE_ECC) || !defined(WOLFSSL_RSA_VERIFY_ONLY)
-static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
+static wc_test_ret_t mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i, j, k;
 
 #ifndef WOLFSSL_SP_MATH
@@ -42092,10 +46358,10 @@ static int mp_test_shbd(mp_int* a, mp_int* b, WC_RNG* rng)
 #if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \
     (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
      !defined(WOLFSSL_RSA_PUBLIC_ONLY))
-static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
+static wc_test_ret_t mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
                        WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i, j, k;
 
     mp_zero(a);
@@ -42231,9 +46497,9 @@ static int mp_test_div(mp_int* a, mp_int* d, mp_int* r, mp_int* rem,
 
 #if defined(WOLFSSL_KEY_GEN) && (!defined(NO_DH) || !defined(NO_DSA)) && \
     !defined(WC_NO_RNG)
-static int mp_test_prime(mp_int* a, WC_RNG* rng)
+static wc_test_ret_t mp_test_prime(mp_int* a, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int res;
 
     ret = mp_rand_prime(a, 1, rng, NULL);
@@ -42335,10 +46601,10 @@ static int mp_test_prime(mp_int* a, WC_RNG* rng)
 #endif
 
 #if !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && !defined(WC_RSA_BLINDING)
-static int mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
+static wc_test_ret_t mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
                            WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i;
     WOLFSSL_SMALL_STACK_STATIC const int kat[][3] = {
       { 1, 1, 1 }, { 2, 1, 2 }, { 1, 2, 2 }, { 2, 4, 4 }, { 4, 2, 4 },
@@ -42421,9 +46687,9 @@ static int mp_test_lcm_gcd(mp_int* a, mp_int* b, mp_int* r, mp_int* exp,
 
 #if (!defined(WOLFSSL_SP_MATH) && !defined(USE_FAST_MATH)) || \
     defined(WOLFSSL_SP_MATH_ALL)
-static int mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
+static wc_test_ret_t mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i;
     int j;
 
@@ -42506,9 +46772,9 @@ static int mp_test_mod_2d(mp_int* a, mp_int* r, mp_int* t, WC_RNG* rng)
 
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(OPENSSL_EXTRA) ||  \
     (defined(HAVE_ECC) && defined(HAVE_COMP_KEY))
-static int mp_test_mod_d(mp_int* a, WC_RNG* rng)
+static wc_test_ret_t mp_test_mod_d(mp_int* a, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     mp_digit r;
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_SP_MATH)
     mp_digit rem;
@@ -42555,10 +46821,10 @@ static int mp_test_mod_d(mp_int* a, WC_RNG* rng)
 }
 #endif
 
-static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
+static wc_test_ret_t mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
                            WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i;
 
     for (i = 1; i < 16; i++) {
@@ -42644,9 +46910,9 @@ static int mp_test_mul_sqr(mp_int* a, mp_int* b, mp_int* r1, mp_int* r2,
 
 #if !defined(NO_RSA) || defined(HAVE_ECC) || !defined(NO_DSA) || \
     defined(OPENSSL_EXTRA)
-static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
+static wc_test_ret_t mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
 {
-    int ret;
+    wc_test_ret_t ret;
 
     mp_set(a, 0);
     mp_set(m, 1);
@@ -42755,9 +47021,9 @@ static int mp_test_invmod(mp_int* a, mp_int* m, mp_int* r)
 
 #if !defined(NO_RSA) || !defined(NO_DSA) || !defined(NO_DH) || \
     (defined(HAVE_ECC) && defined(HAVE_COMP_KEY)) || defined(OPENSSL_EXTRA)
-static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
+static wc_test_ret_t mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
 {
-    int ret;
+    wc_test_ret_t ret;
 
     mp_set(b, 0x2);
     mp_set(e, 0x3);
@@ -42885,9 +47151,9 @@ static int mp_test_exptmod(mp_int* b, mp_int* e, mp_int* m, mp_int* r)
 
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(WOLFSSL_HAVE_SP_DH) || \
     defined(HAVE_ECC) || (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY))
-static int mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
+static wc_test_ret_t mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
 {
-    int ret;
+    wc_test_ret_t ret;
     mp_digit mp;
     static int      exp[] = {     7,     8,    16,    27,    32,    64,
                                 127,   128,   255,   256,
@@ -42995,11 +47261,11 @@ static int mp_test_mont(mp_int* a, mp_int* m, mp_int* n, mp_int* r, WC_RNG* rng)
 }
 #endif
 
-WOLFSSL_TEST_SUBROUTINE int mp_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mp_test(void)
 {
     WC_RNG rng;
     int rng_inited = 0;
-    int    ret;
+    wc_test_ret_t ret;
 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN)
     int    i, j;
 #ifndef WOLFSSL_SP_MATH
@@ -43244,7 +47510,9 @@ WOLFSSL_TEST_SUBROUTINE int mp_test(void)
     if ((ret = mp_test_set_is_bit(a)) != 0)
         goto done;
 #endif
-#if defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL)
+#if defined(WOLFSSL_SP_MATH_ALL) || !defined(NO_DH) || defined(HAVE_ECC) || \
+    (!defined(NO_RSA) && !defined(WOLFSSL_RSA_VERIFY_ONLY) && \
+     !defined(WOLFSSL_RSA_PUBLIC_ONLY))
     if ((ret = mp_test_div(a, b, r1, r2, &rng)) != 0)
         goto done;
 #endif
@@ -43383,9 +47651,9 @@ static const unsigned char controlPrime[] = {
 static const unsigned char testOne[] = { 1 };
 
 
-static int GenerateNextP(mp_int* p1, mp_int* p2, int k)
+static wc_test_ret_t GenerateNextP(mp_int* p1, mp_int* p2, int k)
 {
-    int ret;
+    wc_test_ret_t ret;
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     mp_int *ki = (mp_int *)XMALLOC(sizeof(*ki), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
 
@@ -43428,7 +47696,7 @@ static int GenerateNextP(mp_int* p1, mp_int* p2, int k)
 }
 
 
-static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
+static wc_test_ret_t GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
                 const pairs_t* ecPairs, int ecPairsSz,
                 const int* k)
 {
@@ -43437,7 +47705,8 @@ static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
 #else
     mp_int x[1], y[1];
 #endif
-    int ret, i;
+    wc_test_ret_t ret;
+    int i;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     if (((x = (mp_int *)XMALLOC(sizeof(*x), HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)) == NULL) ||
@@ -43504,7 +47773,7 @@ static int GenerateP(mp_int* p1, mp_int* p2, mp_int* p3,
     return ret;
 }
 
-WOLFSSL_TEST_SUBROUTINE int prime_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t prime_test(void)
 {
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
     mp_int *n = (mp_int *)XMALLOC(sizeof *n, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER),
@@ -43517,7 +47786,8 @@ WOLFSSL_TEST_SUBROUTINE int prime_test(void)
         p2[1],
         p3[1];
 #endif
-    int ret, isPrime = 0;
+    wc_test_ret_t ret;
+    int isPrime = 0;
     WC_RNG rng;
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -43657,9 +47927,9 @@ typedef struct berDerTestData {
     word32 outSz;
 } berDerTestData;
 
-WOLFSSL_TEST_SUBROUTINE int berder_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t berder_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     int i;
     word32 len = 0, l;
     byte out[32];
@@ -43775,9 +48045,9 @@ static void my_Logging_cb(const int logLevel, const char *const logMessage)
 }
 #endif /* DEBUG_WOLFSSL */
 
-WOLFSSL_TEST_SUBROUTINE int logging_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t logging_test(void)
 {
-    int         ret;
+    wc_test_ret_t ret;
 #ifdef DEBUG_WOLFSSL
     const char* msg = "Testing, testing. 1, 2, 3, 4 ...";
     byte        a[8] = { 1, 2, 3, 4, 5, 6, 7, 8 };
@@ -43841,9 +48111,9 @@ WOLFSSL_TEST_SUBROUTINE int logging_test(void)
 }
 
 #if defined(__INCLUDE_NUTTX_CONFIG_H)
-WOLFSSL_TEST_SUBROUTINE int wolfcrypt_mutex_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t wolfcrypt_mutex_test(void)
 #else
-WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t mutex_test(void)
 #endif
 {
 #ifdef WOLFSSL_PTHREADS
@@ -43851,7 +48121,7 @@ WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
 #endif
 #if defined(WOLFSSL_PTHREADS) || (!defined(WOLFSSL_NO_MALLOC) && \
     !defined(WOLFSSL_USER_MUTEX) && defined(WOLFSSL_STATIC_MEMORY))
-    int ret;
+    wc_test_ret_t ret;
 #endif
 #if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_USER_MUTEX)
   #ifndef WOLFSSL_STATIC_MEMORY
@@ -43913,9 +48183,9 @@ WOLFSSL_TEST_SUBROUTINE int mutex_test(void)
 
 #if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_LINUXKM) && \
     !defined(WOLFSSL_STATIC_MEMORY)
-static int malloc_cnt = 0;
-static int realloc_cnt = 0;
-static int free_cnt = 0;
+static wc_test_ret_t malloc_cnt = 0;
+static wc_test_ret_t realloc_cnt = 0;
+static wc_test_ret_t free_cnt = 0;
 
 #ifdef WOLFSSL_DEBUG_MEMORY
 static void *my_Malloc_cb(size_t size, const char* func, unsigned int line)
@@ -43975,9 +48245,9 @@ static void *my_Realloc_cb(void *ptr, size_t size)
 }
 #endif /* !WOLFSSL_NO_MALLOC */
 
-WOLFSSL_TEST_SUBROUTINE int memcb_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t memcb_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 #if !defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_LINUXKM) && \
     !defined(WOLFSSL_STATIC_MEMORY)
     byte* b = NULL;
@@ -44046,9 +48316,9 @@ exit_memcb:
 
 
 #if defined(WOLFSSL_CAAM_BLOB)
-WOLFSSL_TEST_SUBROUTINE int blob_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t blob_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     byte out[112];
     byte blob[112];
     word32 outSz;
@@ -44133,9 +48403,9 @@ typedef struct {
  * ctx callback ctx
  * returen 0 on success, otherwise return negative
  */
-static int rsa_onlycb_test(myCryptoDevCtx *ctx)
+static wc_test_ret_t rsa_onlycb_test(myCryptoDevCtx *ctx)
 {
-    int     ret = 0;
+    wc_test_ret_t ret = 0;
 #if !defined(NO_RSA)
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -44295,9 +48565,9 @@ exit_onlycb:
  * ctx callback ctx
  * returen 0 on success, otherwise return negative
  */
-static int ecc_onlycb_test(myCryptoDevCtx *ctx)
+static wc_test_ret_t ecc_onlycb_test(myCryptoDevCtx *ctx)
 {
-     int     ret = 0;
+     wc_test_ret_t ret = 0;
 #if defined(HAVE_ECC)
 
 #if defined(WOLFSSL_SMALL_STACK) && !defined(WOLFSSL_NO_MALLOC)
@@ -44830,7 +49100,7 @@ static int myCryptoDevCb(int devIdArg, wc_CryptoInfo* info, void* ctx)
             info->pk.curve25519.private_key->devId = devIdArg;
         }
     #endif /* HAVE_CURVE25519 */
-    #ifdef HAVE_ED25519
+    #if defined(HAVE_ED25519) && defined(HAVE_ED25519_MAKE_KEY)
         if (info->pk.type == WC_PK_TYPE_ED25519_KEYGEN) {
             /* set devId to invalid, so software is used */
             info->pk.ed25519kg.key->devId = INVALID_DEVID;
@@ -45241,9 +49511,9 @@ static int myCryptoCbFind(int currentId, int algoType)
 #endif /* WOLF_CRYPTO_CB_FIND */
 
 
-WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t cryptocb_test(void)
 {
-    int ret = 0;
+    wc_test_ret_t ret = 0;
     int origDevId = devId;
     myCryptoDevCtx myCtx;
 
@@ -45337,7 +49607,7 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
     #endif
 #endif
 #ifndef NO_PWDBASED
-    #if defined(HAVE_PBKDF2) && !defined(NO_SHA256)
+    #if defined(HAVE_PBKDF2) && !defined(NO_SHA256) && !defined(NO_HMAC)
     if (ret == 0)
         ret = pbkdf2_test();
     #endif
@@ -45355,9 +49625,9 @@ WOLFSSL_TEST_SUBROUTINE int cryptocb_test(void)
 #endif /* WOLF_CRYPTO_CB */
 
 #ifdef WOLFSSL_CERT_PIV
-WOLFSSL_TEST_SUBROUTINE int certpiv_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t certpiv_test(void)
 {
-    int ret;
+    wc_test_ret_t ret;
     wc_CertPIV piv;
 
     /* Template for Identiv PIV cert, nonce and signature */
@@ -45371,7 +49641,7 @@ WOLFSSL_TEST_SUBROUTINE int certpiv_test(void)
         0x0B, 0x01, 0x00,     /* Nonce */
         0x0C, 0x01, 0x00,     /* Signed Nonce */
     };
-    /* PIV certificate data including certificate, info and error dectection. */
+    /* PIV certificate data including certificate, info and error detection. */
     WOLFSSL_SMALL_STACK_STATIC const byte pivCert[] = {
         0x53, 0x09,         /* NIST PIV Cert */
           0x70, 0x02,       /* Certificate */
@@ -45444,10 +49714,10 @@ static time_t time_cb(time_t* t)
     return 99;
 }
 
-WOLFSSL_TEST_SUBROUTINE int time_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t time_test(void)
 {
     time_t t;
-    int ret;
+    wc_test_ret_t ret;
 
     ret = wc_SetTimeCb(time_cb);
     if (ret != 0)
@@ -45486,7 +49756,7 @@ typedef struct {
 
 #define AES_SIV_TEST_VECTORS 7
 
-WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void)
+WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_siv_test(void)
 {
     /* These test vectors come from chrony 4.1's SIV unit tests. */
     WOLFSSL_SMALL_STACK_STATIC const AesSivTestVector testVectors[AES_SIV_TEST_VECTORS] = {
@@ -45570,7 +49840,7 @@ WOLFSSL_TEST_SUBROUTINE int aes_siv_test(void)
     byte computedCiphertext[82];
     byte computedPlaintext[82];
     byte siv[AES_BLOCK_SIZE];
-    int ret = 0;
+    wc_test_ret_t ret = 0;
 
     for (i = 0; i < AES_SIV_TEST_VECTORS; ++i) {
         ret = wc_AesSivEncrypt(testVectors[i].key, testVectors[i].keySz,
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/test/test.h b/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
index d49f5f01..b58beca0 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
+++ b/extra/wolfssl/wolfssl/wolfcrypt/test/test.h
@@ -23,19 +23,28 @@
 #ifndef WOLFCRYPT_TEST_H
 #define WOLFCRYPT_TEST_H
 
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef __cplusplus
     extern "C" {
 #endif
 
+#ifdef WC_TEST_RET_CUSTOM_TYPE
+    typedef WC_TEST_RET_CUSTOM_TYPE wc_test_ret_t;
+#else
+    typedef sword32 wc_test_ret_t;
+#endif
+
+#include <wolfssl/wolfcrypt/settings.h>
+
 #ifdef HAVE_STACK_SIZE
 THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args);
 #else
-int wolfcrypt_test(void* args);
+wc_test_ret_t wolfcrypt_test(void* args);
 #endif
 
 #ifndef NO_MAIN_DRIVER
-int wolfcrypt_test_main(int argc, char** argv);
+wc_test_ret_t wolfcrypt_test_main(int argc, char** argv);
 #endif
 
 #if defined(WOLFSSL_ESPIDF) || defined(_WIN32_WCE)
@@ -44,13 +53,13 @@ int wolf_test_task(void);
 
 #ifndef WC_TEST_RET_HAVE_CUSTOM_MACROS
 
-#define WC_TEST_RET_TAG_NC     0
-#define WC_TEST_RET_TAG_EC     1
-#define WC_TEST_RET_TAG_ERRNO  2
-#define WC_TEST_RET_TAG_I      3
+#define WC_TEST_RET_TAG_NC     0L
+#define WC_TEST_RET_TAG_EC     1L
+#define WC_TEST_RET_TAG_ERRNO  2L
+#define WC_TEST_RET_TAG_I      3L
 
 #define WC_TEST_RET_ENC(line, i, tag)                           \
-        (-((line) + ((int)((unsigned)(i) & 0x7ff) * 100000) + ((tag) << 29)))
+        ((wc_test_ret_t)(-((wc_test_ret_t)(line) + ((wc_test_ret_t)((word32)(i) & 0x7ffL) * 100000L) + ((wc_test_ret_t)(tag) << 29L))))
 
 #ifndef WC_TEST_RET_LN
 #define WC_TEST_RET_LN __LINE__
@@ -74,16 +83,16 @@ int wolf_test_task(void);
 #define WC_TEST_RET_ENC_ERRNO WC_TEST_RET_ENC_NC
 #endif
 
-#define WC_TEST_RET_DEC_TAG(x) ((-(x)) >> 29)
+#define WC_TEST_RET_DEC_TAG(x) ((-(x)) >> 29L)
 
 /* decode line number */
-#define WC_TEST_RET_DEC_LN(x) (((-(x)) & ~(3 << 29)) % 100000)
+#define WC_TEST_RET_DEC_LN(x) ((int)(((-(x)) & ~(3L << 29L)) % 100000L))
 
 /* decode integer or errno */
-#define WC_TEST_RET_DEC_I(x) (((-(x)) & ~(3 << 29)) / 100000)
+#define WC_TEST_RET_DEC_I(x) ((int)((((-(x)) & ~(3L << 29L)) / 100000L)))
 
 /* decode error code */
-#define WC_TEST_RET_DEC_EC(x) (-WC_TEST_RET_DEC_I(x))
+#define WC_TEST_RET_DEC_EC(x) ((int)(-WC_TEST_RET_DEC_I(x)))
 
 #endif /* !WC_TEST_RET_HAVE_CUSTOM_MACROS */
 
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c b/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
index bb70dc78..66357372 100644
--- a/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
+++ b/extra/wolfssl/wolfssl/wolfcrypt/user-crypto/src/rsa.c
@@ -25,7 +25,7 @@
 #endif
 
 #include <wolfssl/options.h>
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifndef NO_RSA
 
@@ -37,11 +37,11 @@
 #endif
 #include "user_rsa.h"
 
-#ifdef DEBUG_WOLFSSL /* debug done without variadric to allow older compilers */
+#ifdef DEBUG_WOLFSSL /* debug done without variadic to allow older compilers */
     #include <stdio.h>
     #define USER_DEBUG(x) printf x
 #else
-    #define USER_DEBUG(x)
+    #define USER_DEBUG(x) WC_DO_NOTHING
 #endif
 
 #define ASN_INTEGER    0x02
@@ -2042,7 +2042,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
 {
     IppStatus ret;
     int scratchSz;
-    int i; /* for trys on calling make key */
+    int i; /* for tries on calling make key */
     int ctxSz;
 
     IppsBigNumState* pSrcPublicExp = NULL;
@@ -2178,7 +2178,7 @@ int wc_MakeRsaKey(RsaKey* key, int size, long e, WC_RNG* rng)
         goto makeKeyEnd;
     }
 
-    /* call IPP to generate keys, if inseficent entropy error call again */
+    /* call IPP to generate keys, if insufficient entropy error call again */
     ret = ippStsInsufficientEntropy;
     while (ret == ippStsInsufficientEntropy) {
         ret = ippsRSA_GenerateKeys(pSrcPublicExp, key->n, key->e,
diff --git a/extra/wolfssl/wolfssl/wolfssl.rc b/extra/wolfssl/wolfssl/wolfssl.rc
index d9c9a3e4..d9a8b919 100644
--- a/extra/wolfssl/wolfssl/wolfssl.rc
+++ b/extra/wolfssl/wolfssl/wolfssl.rc
diff --git a/extra/wolfssl/wolfssl/wolfssl.vcproj b/extra/wolfssl/wolfssl/wolfssl.vcproj
index cca7ea49..c75b2f93 100644
--- a/extra/wolfssl/wolfssl/wolfssl.vcproj
+++ b/extra/wolfssl/wolfssl/wolfssl.vcproj
@@ -42,7 +42,7 @@
 				Name="VCCLCompilerTool"
 				Optimization="0"
 				AdditionalIncludeDirectories="./;./IDE/WIN"
-				PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
 				MinimalRebuild="true"
 				BasicRuntimeChecks="3"
 				RuntimeLibrary="3"
@@ -107,7 +107,7 @@
 				Optimization="2"
 				EnableIntrinsicFunctions="true"
 				AdditionalIncludeDirectories="./;./IDE/WIN"
-				PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS"
+				PreprocessorDefinitions="WOLFSSL_LIB;WOLFSSL_USER_SETTINGS"
 				RuntimeLibrary="2"
 				EnableFunctionLevelLinking="true"
 				UsePrecompiledHeader="0"
diff --git a/extra/wolfssl/wolfssl/wolfssl.vcxproj b/extra/wolfssl/wolfssl/wolfssl.vcxproj
index e3a80499..b5e9b076 100644
--- a/extra/wolfssl/wolfssl/wolfssl.vcxproj
+++ b/extra/wolfssl/wolfssl/wolfssl.vcxproj
@@ -148,7 +148,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -162,7 +162,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <MinimalRebuild>true</MinimalRebuild>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
@@ -183,7 +183,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -197,7 +197,7 @@
     <ClCompile>
       <Optimization>Disabled</Optimization>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
       <PrecompiledHeader>
@@ -217,7 +217,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader />
@@ -230,7 +230,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -248,7 +248,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -262,7 +262,7 @@
       <Optimization>MaxSpeed</Optimization>
       <IntrinsicFunctions>true</IntrinsicFunctions>
       <AdditionalIncludeDirectories>./;./IDE/WIN;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
-      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;CYASSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <PreprocessorDefinitions>WOLFSSL_LIB;BUILDING_WOLFSSL;WOLFSSL_DLL;WOLFSSL_USER_SETTINGS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
       <RuntimeLibrary>MultiThreadedDLL</RuntimeLibrary>
       <FunctionLevelLinking>true</FunctionLevelLinking>
       <PrecompiledHeader>
@@ -299,6 +299,7 @@
     <ClCompile Include="wolfcrypt\src\curve25519.c" />
     <ClCompile Include="wolfcrypt\src\curve448.c" />
     <ClCompile Include="wolfcrypt\src\cpuid.c" />
+    <ClCompile Include="wolfcrypt\src\cryptocb.c" />
     <ClCompile Include="wolfcrypt\src\des3.c" />
     <ClCompile Include="wolfcrypt\src\dh.c" />
     <ClCompile Include="wolfcrypt\src\dsa.c" />
diff --git a/extra/wolfssl/wolfssl/wolfssl/certs_test.h b/extra/wolfssl/wolfssl/wolfssl/certs_test.h
index a7c23559..09ed4b12 100644
--- a/extra/wolfssl/wolfssl/wolfssl/certs_test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/certs_test.h
@@ -100,9 +100,9 @@ static const int sizeof_client_keypub_der_1024 = sizeof(client_keypub_der_1024);
 static const unsigned char client_cert_der_1024[] =
 {
         0x30, 0x82, 0x04, 0x18, 0x30, 0x82, 0x03, 0x81, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x41, 0x1F, 0xEC, 0xCF, 0x49,
-        0x20, 0x14, 0x81, 0xDC, 0xAB, 0x32, 0x02, 0x01, 0x6A, 0xCD,
-        0x18, 0xBD, 0xF5, 0xE3, 0x53, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x59, 0xF2, 0xEA, 0x44, 0x08,
+        0xB5, 0x12, 0x30, 0xA0, 0x96, 0x93, 0xD1, 0xD1, 0x7F, 0xE1,
+        0xEC, 0x49, 0x75, 0x9B, 0xA2, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -120,10 +120,10 @@ static const unsigned char client_cert_der_1024[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
         0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -180,8 +180,8 @@ static const unsigned char client_cert_der_1024[] =
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
         0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
         0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
-        0x41, 0x1F, 0xEC, 0xCF, 0x49, 0x20, 0x14, 0x81, 0xDC, 0xAB,
-        0x32, 0x02, 0x01, 0x6A, 0xCD, 0x18, 0xBD, 0xF5, 0xE3, 0x53,
+        0x59, 0xF2, 0xEA, 0x44, 0x08, 0xB5, 0x12, 0x30, 0xA0, 0x96,
+        0x93, 0xD1, 0xD1, 0x7F, 0xE1, 0xEC, 0x49, 0x75, 0x9B, 0xA2,
         0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
         0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
         0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -191,20 +191,20 @@ static const unsigned char client_cert_der_1024[] =
         0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
         0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
-        0x03, 0x81, 0x81, 0x00, 0x64, 0x0E, 0x1B, 0xA2, 0xB2, 0x39,
-        0xCC, 0xDF, 0x9C, 0x63, 0x48, 0x4B, 0x58, 0x2C, 0xE5, 0xAF,
-        0xE2, 0xBA, 0xD2, 0x74, 0x37, 0xF8, 0xA0, 0xC8, 0x2F, 0x62,
-        0x36, 0x84, 0x49, 0x55, 0xD6, 0x8D, 0x2B, 0x4D, 0x96, 0x4F,
-        0xB4, 0x2E, 0x83, 0xF9, 0x00, 0xE8, 0xCB, 0x7E, 0x04, 0xF1,
-        0x19, 0xF2, 0x00, 0x24, 0x0D, 0x2B, 0xBA, 0x30, 0x89, 0x7F,
-        0x8A, 0xE3, 0x64, 0xE2, 0xD5, 0x1B, 0x5A, 0x0A, 0x9D, 0x26,
-        0xDB, 0xE8, 0x6A, 0x60, 0xC2, 0x79, 0xAA, 0xAD, 0x8D, 0xF1,
-        0x1C, 0x2A, 0x33, 0xD4, 0x66, 0x42, 0x98, 0x7A, 0x94, 0xD4,
-        0xB7, 0x2D, 0x0B, 0xCB, 0xF5, 0xB5, 0x62, 0xAE, 0xE1, 0x88,
-        0x47, 0xAD, 0xEE, 0x8D, 0x32, 0xB5, 0x60, 0x1A, 0x5B, 0xA1,
-        0xD3, 0xA1, 0x58, 0xCC, 0x0C, 0x40, 0x30, 0x0D, 0x05, 0xCB,
-        0x4B, 0xD2, 0xE1, 0xD7, 0xCA, 0x63, 0xDE, 0xA8, 0x78, 0x56,
-        0x96, 0xE7
+        0x03, 0x81, 0x81, 0x00, 0x45, 0x63, 0x6F, 0xF9, 0xED, 0xF4,
+        0x12, 0x3C, 0x3C, 0xC5, 0x2C, 0x51, 0x08, 0x94, 0x61, 0x7E,
+        0x08, 0xE8, 0x32, 0x46, 0x2B, 0x22, 0x02, 0xD0, 0xE8, 0x2B,
+        0xA4, 0x23, 0x15, 0x48, 0x47, 0x87, 0x5D, 0x72, 0xAB, 0x38,
+        0xD5, 0x34, 0xB9, 0xFC, 0xF4, 0x86, 0x93, 0x49, 0x95, 0xD8,
+        0x81, 0x32, 0x1C, 0x21, 0xE3, 0xEF, 0xB8, 0x40, 0xC5, 0x87,
+        0x02, 0xE8, 0x28, 0xAA, 0x54, 0x93, 0x2D, 0x8A, 0xE9, 0x1E,
+        0xDD, 0x5D, 0x11, 0xF8, 0xBF, 0xCA, 0x4E, 0x33, 0x20, 0x56,
+        0x4E, 0x6F, 0x53, 0xBB, 0x79, 0xB0, 0xDA, 0x65, 0xA1, 0x4B,
+        0x9F, 0xC8, 0x55, 0xFA, 0x53, 0x26, 0x84, 0xC6, 0x1E, 0x0A,
+        0x5E, 0x7A, 0x6E, 0xF2, 0x2D, 0x2A, 0x81, 0xA5, 0xD0, 0x2B,
+        0xEC, 0xD5, 0x8E, 0xB9, 0xF0, 0xC7, 0x57, 0xD7, 0xD6, 0x14,
+        0x1A, 0x3B, 0xDC, 0x09, 0x41, 0xB4, 0x9D, 0x0D, 0x72, 0x20,
+        0x44, 0x79
 };
 static const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024);
 
@@ -418,9 +418,9 @@ static const int sizeof_ca_key_der_1024 = sizeof(ca_key_der_1024);
 static const unsigned char ca_cert_der_1024[] =
 {
         0x30, 0x82, 0x04, 0x09, 0x30, 0x82, 0x03, 0x72, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD,
-        0x1F, 0x53, 0xD1, 0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F,
-        0xDC, 0x7B, 0x11, 0x72, 0x11, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3,
+        0xA8, 0x2A, 0xD8, 0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7,
+        0xD4, 0x59, 0x07, 0xAA, 0xDD, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -438,9 +438,9 @@ static const unsigned char ca_cert_der_1024[] =
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10,
         0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73,
         0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D,
-        0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31,
-        0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81,
+        0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30,
+        0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x30, 0x81,
         0x99, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
         0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
         0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
@@ -496,9 +496,9 @@ static const unsigned char ca_cert_der_1024[] =
         0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
         0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
         0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x82, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD,
-        0x1F, 0x53, 0xD1, 0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F,
-        0xDC, 0x7B, 0x11, 0x72, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55,
+        0x63, 0x6F, 0x6D, 0x82, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3,
+        0xA8, 0x2A, 0xD8, 0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7,
+        0xD4, 0x59, 0x07, 0xAA, 0xDD, 0x30, 0x0C, 0x06, 0x03, 0x55,
         0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30,
         0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13,
         0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E,
@@ -507,20 +507,20 @@ static const unsigned char ca_cert_der_1024[] =
         0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
         0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
         0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
-        0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xB8,
-        0x80, 0xBF, 0xB2, 0xF5, 0x83, 0x95, 0x51, 0x81, 0x6A, 0x7E,
-        0x41, 0x87, 0x29, 0xD7, 0xC3, 0xC9, 0xC6, 0x9B, 0x60, 0xE4,
-        0x65, 0xA1, 0x04, 0x97, 0x1D, 0x1B, 0x3B, 0xE9, 0x27, 0xFA,
-        0x43, 0xD6, 0x89, 0x6A, 0x3C, 0x9E, 0xBF, 0x28, 0xD1, 0x75,
-        0x37, 0x21, 0xF3, 0x0D, 0x64, 0x17, 0xB2, 0xA3, 0x2D, 0x83,
-        0x52, 0xFF, 0x57, 0xF0, 0x42, 0xA9, 0x48, 0xAA, 0xD8, 0x84,
-        0xEA, 0x0D, 0x80, 0x05, 0x71, 0x0A, 0xAA, 0x23, 0xB4, 0x6C,
-        0xC6, 0xD6, 0x7F, 0x13, 0x4A, 0xF4, 0x82, 0xB9, 0xE2, 0x81,
-        0xAE, 0x46, 0x8C, 0x59, 0xFB, 0xC3, 0x8C, 0x6D, 0x5B, 0xF3,
-        0x32, 0xEC, 0x86, 0xF0, 0x6E, 0xDA, 0x2A, 0x78, 0xAB, 0xF2,
-        0x36, 0xFB, 0x48, 0xFA, 0x74, 0x09, 0x0E, 0x19, 0xC2, 0xBF,
-        0xEB, 0xCC, 0xFB, 0xA9, 0x05, 0xC1, 0xC9, 0xE1, 0xAB, 0x8B,
-        0x79, 0xF6, 0xF1, 0xAD, 0x4A, 0x9F, 0xAA
+        0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x70,
+        0x7D, 0x83, 0x94, 0xD0, 0xEE, 0xE1, 0x19, 0x8B, 0x17, 0xCA,
+        0x79, 0x87, 0x12, 0x5B, 0x7F, 0x70, 0xA3, 0x51, 0x20, 0x4F,
+        0x21, 0x99, 0x71, 0x69, 0x21, 0x28, 0x55, 0x61, 0x70, 0x85,
+        0x54, 0x21, 0xA9, 0x70, 0xA2, 0xA9, 0x12, 0xDB, 0x44, 0x11,
+        0x44, 0xE7, 0x41, 0x00, 0x70, 0x80, 0xB5, 0x37, 0x0C, 0x7E,
+        0x78, 0x8F, 0x88, 0x64, 0xBC, 0xE5, 0xC0, 0x44, 0xA7, 0xA5,
+        0x3D, 0xDB, 0x62, 0xC4, 0xD6, 0xCD, 0xAA, 0x4B, 0xAC, 0xFB,
+        0x01, 0x46, 0xBB, 0xEC, 0xCB, 0x6F, 0x01, 0x67, 0xB4, 0x65,
+        0xF3, 0x5E, 0x53, 0x39, 0x64, 0x99, 0x9B, 0x68, 0x80, 0x14,
+        0x91, 0xA4, 0xA4, 0xEB, 0x04, 0xF3, 0x76, 0x9A, 0x7D, 0xB4,
+        0x38, 0x05, 0x9C, 0xA5, 0xE0, 0xBC, 0x7E, 0xD9, 0xD2, 0xD3,
+        0xD4, 0xE8, 0xC3, 0x9F, 0x38, 0x4B, 0x6C, 0x29, 0x94, 0xBE,
+        0x35, 0xBD, 0x30, 0x1F, 0xB5, 0xB7, 0x3D
 };
 static const int sizeof_ca_cert_der_1024 = sizeof(ca_cert_der_1024);
 
@@ -613,9 +613,9 @@ static const unsigned char server_cert_der_1024[] =
         0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
         0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
         0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17,
-        0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31,
-        0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39,
-        0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30,
+        0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31,
+        0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39,
+        0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x30,
         0x81, 0x95, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
         0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
         0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74,
@@ -671,9 +671,9 @@ static const unsigned char server_cert_der_1024[] =
         0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
         0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
         0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x82, 0x14, 0x0E, 0x75, 0x3B, 0x39, 0xAD, 0x1F, 0x53, 0xD1,
-        0x85, 0x3B, 0x05, 0x3B, 0x11, 0x62, 0x4F, 0xDC, 0x7B, 0x11,
-        0x72, 0x11, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+        0x82, 0x14, 0x5C, 0x44, 0x2B, 0xBF, 0xD3, 0xA8, 0x2A, 0xD8,
+        0xFD, 0x54, 0xC9, 0xCD, 0xAA, 0x7F, 0xF7, 0xD4, 0x59, 0x07,
+        0xAA, 0xDD, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
         0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
         0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
         0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -682,20 +682,20 @@ static const unsigned char server_cert_der_1024[] =
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
-        0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xC0, 0x94, 0x34, 0x0D,
-        0x41, 0xA3, 0x03, 0x17, 0x05, 0x08, 0xD9, 0x54, 0xD9, 0xA2,
-        0xF0, 0xE9, 0x22, 0x58, 0x25, 0x50, 0x10, 0x6D, 0xDA, 0x09,
-        0x2D, 0x7D, 0xFC, 0x0D, 0xC0, 0x13, 0x35, 0x0E, 0x96, 0x7F,
-        0x1E, 0x38, 0xA1, 0x11, 0x97, 0x42, 0xDF, 0x83, 0x07, 0x05,
-        0xCE, 0xD6, 0xDE, 0x90, 0x22, 0xAB, 0x0F, 0x6D, 0x56, 0x90,
-        0x02, 0x9A, 0xA5, 0xCF, 0x5A, 0x9B, 0x96, 0x66, 0x0F, 0x71,
-        0xED, 0xB2, 0x72, 0x7A, 0xE4, 0x9D, 0x61, 0x9F, 0x2A, 0x45,
-        0xB8, 0x51, 0xB9, 0xA6, 0xEE, 0xD6, 0x73, 0x2A, 0x03, 0xF4,
-        0x03, 0x32, 0x6E, 0x19, 0x6E, 0x70, 0x48, 0x6B, 0x72, 0x29,
-        0x30, 0x19, 0x87, 0x06, 0x30, 0xD6, 0x2F, 0x19, 0xF5, 0x39,
-        0x78, 0x2F, 0x2F, 0xC2, 0x49, 0x38, 0x5A, 0xD8, 0x38, 0x06,
-        0xF9, 0xFE, 0xBF, 0x45, 0xEA, 0x7B, 0xE6, 0x7B, 0xA6, 0x0B,
-        0xB5, 0xBA, 0x06, 0x80
+        0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x35, 0x2E, 0x7B, 0x57,
+        0x7B, 0x64, 0x70, 0x53, 0xE0, 0x81, 0xED, 0xF4, 0xAC, 0xB3,
+        0x3A, 0x3B, 0xBA, 0x82, 0x8D, 0xA2, 0x31, 0xD9, 0xD4, 0xAC,
+        0xD1, 0x8A, 0x6D, 0x35, 0x41, 0x15, 0xB3, 0xE8, 0x06, 0x91,
+        0xCA, 0x2A, 0xF7, 0xFF, 0x28, 0x0E, 0x3D, 0xCD, 0xE7, 0x28,
+        0xF0, 0x07, 0xC0, 0x78, 0x62, 0x9E, 0x88, 0x3D, 0xDC, 0x98,
+        0xF0, 0x8C, 0x89, 0xA7, 0x1C, 0x5B, 0x77, 0x37, 0xB2, 0x55,
+        0x38, 0xB2, 0x60, 0x42, 0xE8, 0x02, 0x81, 0xBF, 0x7C, 0xC3,
+        0x54, 0x86, 0x7E, 0xE4, 0x2F, 0x7D, 0x74, 0x74, 0x27, 0xF7,
+        0x9A, 0xE2, 0x8D, 0xA9, 0x2F, 0x7C, 0x82, 0x31, 0x41, 0xF1,
+        0xCB, 0x48, 0xA0, 0x05, 0x00, 0x26, 0x3D, 0xA4, 0x6B, 0x27,
+        0x43, 0x4C, 0x3F, 0x6F, 0x2F, 0x41, 0x2E, 0xEE, 0xBA, 0x0D,
+        0x8F, 0x39, 0x42, 0x0D, 0x2D, 0x76, 0x00, 0x12, 0x4C, 0xF9,
+        0x49, 0x2D, 0x7F, 0xED
 };
 static const int sizeof_server_cert_der_1024 = sizeof(server_cert_der_1024);
 
@@ -869,9 +869,9 @@ static const int sizeof_client_keypub_der_2048 = sizeof(client_keypub_der_2048);
 static const unsigned char client_cert_der_2048[] =
 {
         0x30, 0x82, 0x05, 0x1D, 0x30, 0x82, 0x04, 0x05, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03,
-        0x7D, 0x4C, 0x07, 0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90,
-        0xDC, 0x48, 0x8D, 0xEA, 0x53, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03,
+        0x5A, 0xEC, 0x55, 0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6,
+        0x13, 0xD9, 0x59, 0xB8, 0xE8, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -889,10 +889,10 @@ static const unsigned char client_cert_der_2048[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
         0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -962,9 +962,9 @@ static const unsigned char client_cert_der_2048[] =
         0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
         0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
         0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x82, 0x14, 0x73, 0xFB, 0x54, 0xD6, 0x03, 0x7D, 0x4C, 0x07,
-        0x84, 0xE2, 0x00, 0x11, 0x8C, 0xDD, 0x90, 0xDC, 0x48, 0x8D,
-        0xEA, 0x53, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+        0x82, 0x14, 0x08, 0xB0, 0x54, 0x7A, 0x03, 0x5A, 0xEC, 0x55,
+        0x8A, 0x12, 0xE8, 0xF9, 0x8E, 0x34, 0xB6, 0x13, 0xD9, 0x59,
+        0xB8, 0xE8, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
         0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
         0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
         0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -973,33 +973,33 @@ static const unsigned char client_cert_der_2048[] =
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
-        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x36, 0xCB, 0xBC,
-        0xC5, 0x52, 0x9A, 0x66, 0xCD, 0x91, 0x4D, 0x8F, 0x27, 0x9F,
-        0xB3, 0x64, 0x80, 0x0E, 0x64, 0xB4, 0xCB, 0x1A, 0xCD, 0x75,
-        0x9E, 0x82, 0x7C, 0x55, 0x67, 0xD8, 0x9F, 0x90, 0xA3, 0x34,
-        0x96, 0x99, 0x43, 0xF7, 0x49, 0x53, 0xA2, 0x58, 0x85, 0xA0,
-        0xB3, 0x83, 0x4F, 0xAF, 0xB8, 0x15, 0x8A, 0x88, 0x1E, 0xF3,
-        0x60, 0xF4, 0x7C, 0x94, 0xB5, 0x58, 0x68, 0xF1, 0x2A, 0x13,
-        0x80, 0x34, 0xC2, 0x6F, 0xA5, 0xF8, 0x7E, 0x76, 0x16, 0x81,
-        0x4F, 0x36, 0x8B, 0xC3, 0x59, 0xBD, 0x51, 0xDD, 0x60, 0x87,
-        0xD7, 0x1D, 0x96, 0x44, 0x69, 0x07, 0x3C, 0x8F, 0x28, 0x56,
-        0xB1, 0x11, 0x5C, 0x4E, 0x81, 0x3F, 0x57, 0x25, 0xFD, 0x65,
-        0xDD, 0x07, 0xCF, 0x17, 0x0A, 0x01, 0x7E, 0x4E, 0x3F, 0x8E,
-        0x73, 0xDB, 0xFE, 0xF4, 0xF2, 0xC5, 0xFF, 0xA3, 0x76, 0xA8,
-        0x74, 0x46, 0x2E, 0x47, 0x0D, 0xB0, 0xED, 0x0A, 0xC0, 0xC5,
-        0x0A, 0x65, 0xD3, 0xDC, 0x62, 0xB2, 0xE0, 0x1E, 0x8E, 0xBD,
-        0xF3, 0xBD, 0xAF, 0xAF, 0x66, 0x84, 0x36, 0x92, 0xE2, 0x3B,
-        0x80, 0xD0, 0x57, 0xA6, 0x41, 0xA3, 0x62, 0xD1, 0xA6, 0x6D,
-        0x14, 0x6C, 0xCD, 0x82, 0xB1, 0xC1, 0xC1, 0x35, 0x55, 0xAE,
-        0x59, 0x49, 0xA8, 0x26, 0x52, 0xBD, 0xEF, 0x1B, 0x2C, 0x1F,
-        0x9D, 0x39, 0x04, 0xD2, 0x82, 0xA0, 0x6B, 0x39, 0x71, 0x59,
-        0x33, 0x82, 0xBA, 0x55, 0x6C, 0x97, 0xF2, 0x1B, 0x5B, 0xE0,
-        0x4D, 0xE2, 0xCF, 0x89, 0xE7, 0x26, 0xB8, 0x2C, 0x6C, 0x9F,
-        0x83, 0xD6, 0xED, 0x4E, 0x2F, 0x75, 0xA9, 0x30, 0x4E, 0x01,
-        0x95, 0x0D, 0x4F, 0x83, 0x5E, 0xC8, 0xAF, 0x7F, 0x67, 0xEA,
-        0x53, 0xBF, 0xCA, 0x9B, 0x1F, 0xD4, 0xFF, 0x36, 0x97, 0x02,
-        0x71, 0x8E, 0x33, 0xDE, 0xE2, 0x58, 0x27, 0xAA, 0x70, 0x0C,
-        0x5B, 0xDE, 0x0E
+        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x89, 0x84, 0xEB,
+        0x6A, 0x70, 0x3B, 0x2A, 0x6E, 0xA8, 0x8B, 0xF2, 0x92, 0x79,
+        0x97, 0x5C, 0xBD, 0x98, 0x8B, 0x71, 0xDB, 0xDB, 0x7C, 0xDF,
+        0xDB, 0xA4, 0x2C, 0x59, 0xD3, 0xA6, 0x75, 0x41, 0xC2, 0x06,
+        0xB6, 0x17, 0x1E, 0x0C, 0x1F, 0x7D, 0x0B, 0x7F, 0x58, 0x3E,
+        0xC1, 0xE7, 0x0C, 0xF0, 0x62, 0x92, 0x77, 0xAB, 0x99, 0x79,
+        0x7B, 0x85, 0xF4, 0xD9, 0x6C, 0xD0, 0x0E, 0xE5, 0x8B, 0x13,
+        0x35, 0x65, 0x9E, 0xD7, 0x9A, 0x51, 0x98, 0xE4, 0x49, 0x44,
+        0x51, 0xC8, 0xE3, 0xE0, 0x9A, 0xFF, 0xC2, 0xCB, 0x3D, 0x81,
+        0xEB, 0xEE, 0xF4, 0x1A, 0xD1, 0x96, 0x4B, 0xE9, 0x7D, 0xDE,
+        0x5B, 0xF2, 0x64, 0x40, 0xAD, 0xE1, 0xD9, 0xD6, 0xB7, 0xE1,
+        0xEB, 0xA9, 0x3A, 0x52, 0x29, 0x89, 0xAA, 0x07, 0x37, 0x96,
+        0x44, 0xE3, 0x23, 0x49, 0xF3, 0xBE, 0xF3, 0x0D, 0x70, 0xD1,
+        0xA2, 0xCE, 0x78, 0x86, 0x22, 0xFC, 0x76, 0x00, 0x84, 0x1D,
+        0xFA, 0x8B, 0x8A, 0xD2, 0x43, 0x93, 0x88, 0xFA, 0xEE, 0x22,
+        0xCC, 0xA6, 0x86, 0xF5, 0x3F, 0x24, 0xF1, 0xD4, 0x70, 0x05,
+        0x4F, 0x3B, 0x18, 0x32, 0x50, 0x67, 0xC1, 0x80, 0x77, 0x0D,
+        0x3C, 0x78, 0x75, 0x35, 0xD0, 0xFD, 0x60, 0xF3, 0xED, 0xA1,
+        0x30, 0xD0, 0x62, 0x25, 0x99, 0x6B, 0x80, 0x56, 0x17, 0x3D,
+        0xB4, 0xAF, 0x1D, 0xDF, 0xAB, 0x48, 0x21, 0xC1, 0xD2, 0x0B,
+        0x6B, 0x94, 0xA7, 0x33, 0xD1, 0xD0, 0x82, 0xB7, 0x3B, 0x92,
+        0xEB, 0x9D, 0xD6, 0x6C, 0x32, 0x81, 0x5E, 0x07, 0x3C, 0x46,
+        0x34, 0x32, 0x7B, 0xEA, 0x22, 0xDB, 0xA6, 0xA3, 0x18, 0x69,
+        0x7C, 0xAD, 0x17, 0xE4, 0xC8, 0xA9, 0x8F, 0xA8, 0xBA, 0x67,
+        0xAF, 0x99, 0x39, 0xEF, 0x6E, 0x0C, 0xF8, 0xA9, 0xB3, 0xBD,
+        0xAB, 0x71, 0x94, 0xE0, 0x41, 0xAA, 0xA4, 0x2D, 0x72, 0x60,
+        0x51, 0xD1, 0x5C
 };
 static const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048);
 
@@ -1098,6 +1098,107 @@ static const unsigned char dh_pub_key_der_2048[] =
 };
 static const int sizeof_dh_pub_key_der_2048 = sizeof(dh_pub_key_der_2048);
 
+/* ./certs/statickeys/dh-ffdhe2048.der, 2048-bit */
+static const unsigned char dh_ffdhe_statickey_der_2048[] =
+{
+        0x30, 0x82, 0x01, 0x3F, 0x02, 0x01, 0x00, 0x30, 0x82, 0x01,
+        0x17, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
+        0x03, 0x01, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01,
+        0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD,
+        0xF8, 0x54, 0x58, 0xA2, 0xBB, 0x4A, 0x9A, 0xAF, 0xDC, 0x56,
+        0x20, 0x27, 0x3D, 0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 0xCE,
+        0x2D, 0x36, 0x95, 0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33,
+        0xFB, 0xCC, 0x93, 0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D,
+        0x2F, 0xE3, 0x63, 0x63, 0x0C, 0x75, 0xD8, 0xF6, 0x81, 0xB2,
+        0x02, 0xAE, 0xC4, 0x61, 0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5,
+        0xFD, 0x65, 0x61, 0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E,
+        0xD0, 0x85, 0x63, 0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 0xB5,
+        0x57, 0x13, 0x5E, 0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 0x0C,
+        0x70, 0xE0, 0xE6, 0x8B, 0x77, 0xE2, 0xA6, 0x89, 0xDA, 0xF3,
+        0xEF, 0xE8, 0x72, 0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7,
+        0x35, 0x30, 0xAC, 0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 0xBC,
+        0x0A, 0xB1, 0x82, 0xB3, 0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9,
+        0x4B, 0xB2, 0xC8, 0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 0xB7, 0x60,
+        0xD7, 0xF4, 0x68, 0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D,
+        0xF4, 0xAE, 0x56, 0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 0x0B,
+        0x07, 0xA7, 0xC8, 0xEE, 0x0A, 0x6D, 0x70, 0x9E, 0x02, 0xFC,
+        0xE1, 0xCD, 0xF7, 0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28,
+        0x34, 0x2F, 0x61, 0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83,
+        0xFF, 0x8E, 0x4F, 0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3,
+        0xFE, 0x3B, 0x1B, 0x4C, 0x6F, 0xAD, 0x73, 0x3B, 0xB5, 0xFC,
+        0xBC, 0x2E, 0xC2, 0x20, 0x05, 0xC5, 0x8E, 0xF1, 0x83, 0x7D,
+        0x16, 0x83, 0xB2, 0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF,
+        0xFA, 0x88, 0x6B, 0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x02, 0x01, 0x02,
+        0x04, 0x1F, 0x02, 0x1D, 0x5C, 0xFB, 0x86, 0xF7, 0xFA, 0x51,
+        0x02, 0x79, 0x71, 0x9E, 0xC0, 0x29, 0x98, 0x03, 0xCF, 0x3E,
+        0x65, 0x46, 0xF6, 0x34, 0xB8, 0xB0, 0xC1, 0x55, 0x3A, 0xF7,
+        0xC8, 0x43, 0xB8
+};
+static const int sizeof_dh_ffdhe_statickey_der_2048 = sizeof(dh_ffdhe_statickey_der_2048);
+
+/* ./certs/statickeys/dh-ffdhe2048-pub.der, 2048-bit */
+static const unsigned char dh_ffdhe_pub_statickey_der_2048[] =
+{
+        0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17, 0x06, 0x09,
+        0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x03, 0x01, 0x30,
+        0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xAD, 0xF8, 0x54, 0x58,
+        0xA2, 0xBB, 0x4A, 0x9A, 0xAF, 0xDC, 0x56, 0x20, 0x27, 0x3D,
+        0x3C, 0xF1, 0xD8, 0xB9, 0xC5, 0x83, 0xCE, 0x2D, 0x36, 0x95,
+        0xA9, 0xE1, 0x36, 0x41, 0x14, 0x64, 0x33, 0xFB, 0xCC, 0x93,
+        0x9D, 0xCE, 0x24, 0x9B, 0x3E, 0xF9, 0x7D, 0x2F, 0xE3, 0x63,
+        0x63, 0x0C, 0x75, 0xD8, 0xF6, 0x81, 0xB2, 0x02, 0xAE, 0xC4,
+        0x61, 0x7A, 0xD3, 0xDF, 0x1E, 0xD5, 0xD5, 0xFD, 0x65, 0x61,
+        0x24, 0x33, 0xF5, 0x1F, 0x5F, 0x06, 0x6E, 0xD0, 0x85, 0x63,
+        0x65, 0x55, 0x3D, 0xED, 0x1A, 0xF3, 0xB5, 0x57, 0x13, 0x5E,
+        0x7F, 0x57, 0xC9, 0x35, 0x98, 0x4F, 0x0C, 0x70, 0xE0, 0xE6,
+        0x8B, 0x77, 0xE2, 0xA6, 0x89, 0xDA, 0xF3, 0xEF, 0xE8, 0x72,
+        0x1D, 0xF1, 0x58, 0xA1, 0x36, 0xAD, 0xE7, 0x35, 0x30, 0xAC,
+        0xCA, 0x4F, 0x48, 0x3A, 0x79, 0x7A, 0xBC, 0x0A, 0xB1, 0x82,
+        0xB3, 0x24, 0xFB, 0x61, 0xD1, 0x08, 0xA9, 0x4B, 0xB2, 0xC8,
+        0xE3, 0xFB, 0xB9, 0x6A, 0xDA, 0xB7, 0x60, 0xD7, 0xF4, 0x68,
+        0x1D, 0x4F, 0x42, 0xA3, 0xDE, 0x39, 0x4D, 0xF4, 0xAE, 0x56,
+        0xED, 0xE7, 0x63, 0x72, 0xBB, 0x19, 0x0B, 0x07, 0xA7, 0xC8,
+        0xEE, 0x0A, 0x6D, 0x70, 0x9E, 0x02, 0xFC, 0xE1, 0xCD, 0xF7,
+        0xE2, 0xEC, 0xC0, 0x34, 0x04, 0xCD, 0x28, 0x34, 0x2F, 0x61,
+        0x91, 0x72, 0xFE, 0x9C, 0xE9, 0x85, 0x83, 0xFF, 0x8E, 0x4F,
+        0x12, 0x32, 0xEE, 0xF2, 0x81, 0x83, 0xC3, 0xFE, 0x3B, 0x1B,
+        0x4C, 0x6F, 0xAD, 0x73, 0x3B, 0xB5, 0xFC, 0xBC, 0x2E, 0xC2,
+        0x20, 0x05, 0xC5, 0x8E, 0xF1, 0x83, 0x7D, 0x16, 0x83, 0xB2,
+        0xC6, 0xF3, 0x4A, 0x26, 0xC1, 0xB2, 0xEF, 0xFA, 0x88, 0x6B,
+        0x42, 0x38, 0x61, 0x28, 0x5C, 0x97, 0xFF, 0xFF, 0xFF, 0xFF,
+        0xFF, 0xFF, 0xFF, 0xFF, 0x02, 0x01, 0x02, 0x03, 0x82, 0x01,
+        0x05, 0x00, 0x02, 0x82, 0x01, 0x00, 0x4D, 0x3F, 0x4C, 0xE4,
+        0x6C, 0x46, 0x71, 0xFF, 0x61, 0x02, 0x73, 0x0B, 0x65, 0x4F,
+        0x46, 0xE7, 0x2E, 0x0F, 0x9E, 0x41, 0x04, 0x55, 0x41, 0x51,
+        0x89, 0xA9, 0x5E, 0x84, 0xBC, 0x7A, 0x0A, 0x35, 0x34, 0x15,
+        0xBE, 0xB1, 0xC3, 0x1E, 0xCD, 0xC7, 0x5A, 0x17, 0x98, 0x5F,
+        0xFF, 0x96, 0x3D, 0x1B, 0x9B, 0xFA, 0xCC, 0x1F, 0x1E, 0xA7,
+        0x22, 0x8B, 0x95, 0xEE, 0x2B, 0xD4, 0x74, 0xE2, 0x63, 0xE2,
+        0xFD, 0x9C, 0xAA, 0x4F, 0xBE, 0x64, 0x69, 0x83, 0x31, 0x5E,
+        0x90, 0x5C, 0x85, 0x5D, 0xB2, 0x99, 0xE0, 0x05, 0xB5, 0xF2,
+        0xB6, 0x19, 0xCD, 0x06, 0xCD, 0xA8, 0xB3, 0x59, 0x8D, 0x87,
+        0x84, 0x7F, 0x8F, 0x09, 0xEE, 0xBD, 0x61, 0x6F, 0xC5, 0xCD,
+        0xB8, 0x9C, 0xA7, 0x15, 0x97, 0xD0, 0x44, 0x2E, 0x2D, 0x2E,
+        0x32, 0x20, 0xC5, 0x3B, 0xDF, 0x50, 0x6F, 0x8D, 0x17, 0xB8,
+        0x84, 0xA3, 0x67, 0x24, 0x7E, 0xA3, 0xEC, 0x8C, 0x08, 0x78,
+        0x6C, 0x25, 0x88, 0x02, 0xD3, 0xA0, 0x68, 0xCE, 0x1A, 0x25,
+        0x46, 0x2E, 0x9B, 0x4C, 0x82, 0xF4, 0xEB, 0xB3, 0xC9, 0x1D,
+        0x17, 0x0C, 0x92, 0x94, 0x54, 0x0F, 0xB5, 0xDF, 0x3F, 0x71,
+        0x45, 0x33, 0x97, 0x4D, 0x87, 0x1A, 0x4B, 0x40, 0x0A, 0x71,
+        0xB4, 0x19, 0xBE, 0x33, 0xBD, 0xCF, 0xF3, 0x15, 0x63, 0x06,
+        0x37, 0x5C, 0xA1, 0x9D, 0xC0, 0xE7, 0xA7, 0x8B, 0xD3, 0xA2,
+        0x6B, 0x3F, 0xF1, 0x42, 0xC8, 0x36, 0x6B, 0x0A, 0x43, 0x8B,
+        0xE9, 0xD0, 0x8C, 0xCD, 0x0F, 0x31, 0xCD, 0x22, 0xE7, 0x39,
+        0xC8, 0x8D, 0xEB, 0x5D, 0x91, 0x8B, 0x06, 0x6E, 0x1F, 0x07,
+        0xDB, 0xAB, 0x2B, 0x4F, 0x85, 0xF8, 0xBB, 0x55, 0xE3, 0xBD,
+        0x70, 0x51, 0x5C, 0x73, 0x66, 0x5D, 0xD1, 0xB6, 0xF8, 0x44,
+        0x10, 0xE0, 0xF2, 0x09, 0x1C, 0x6D, 0x02, 0x5D, 0xFC, 0x7A,
+        0x08, 0x82
+};
+static const int sizeof_dh_ffdhe_pub_statickey_der_2048 = sizeof(dh_ffdhe_pub_statickey_der_2048);
+
 /* ./certs/dsa-pubkey-2048.der, 2048-bit */
 static const unsigned char dsa_pub_key_der_2048[] =
 {
@@ -1535,9 +1636,9 @@ static const int sizeof_ca_key_der_2048 = sizeof(ca_key_der_2048);
 static const unsigned char ca_cert_der_2048[] =
 {
         0x30, 0x82, 0x04, 0xFF, 0x30, 0x82, 0x03, 0xE7, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x2C, 0x80, 0xCE, 0xDB, 0x47,
-        0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68, 0xD7, 0xCA, 0xAC, 0x90,
-        0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x33, 0x44, 0x1A, 0xA8, 0x6C,
+        0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70, 0x51, 0x0A, 0x4C, 0xD1,
+        0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -1554,10 +1655,10 @@ static const unsigned char ca_cert_der_2048[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
         0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -1625,9 +1726,9 @@ static const unsigned char ca_cert_der_2048[] =
         0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
         0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
         0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x82, 0x14, 0x2C, 0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66,
-        0x92, 0x3D, 0x68, 0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69,
-        0x41, 0x4B, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+        0x82, 0x14, 0x33, 0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6,
+        0x60, 0xF2, 0x70, 0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC,
+        0xE9, 0x44, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
         0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
         0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
         0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -1636,33 +1737,33 @@ static const unsigned char ca_cert_der_2048[] =
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06,
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
-        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0xAE, 0xB0, 0xA4,
-        0x35, 0x8E, 0x8A, 0x1B, 0xA6, 0xEB, 0xB3, 0xA2, 0x57, 0xCF,
-        0x3A, 0x1F, 0xDC, 0x6E, 0xBC, 0xD2, 0xD0, 0xA6, 0x4A, 0x8F,
-        0x88, 0x0A, 0x6E, 0x74, 0xD5, 0xD1, 0x7C, 0xD1, 0x44, 0xB1,
-        0xD4, 0x3B, 0x17, 0x03, 0x09, 0x5A, 0x46, 0xED, 0x08, 0x08,
-        0xCF, 0xF1, 0xFD, 0x20, 0x07, 0x67, 0xC0, 0x97, 0xEC, 0x35,
-        0xF3, 0x75, 0xCA, 0x20, 0x61, 0x98, 0x3E, 0xF5, 0x4D, 0xBE,
-        0xE6, 0x9D, 0x75, 0x1E, 0xE4, 0x03, 0xAD, 0x8C, 0xA6, 0x1E,
-        0x3D, 0xEC, 0xE4, 0x1A, 0x92, 0x5B, 0xF9, 0xA3, 0xAD, 0x83,
-        0xCA, 0x4F, 0xCD, 0xAA, 0x38, 0xBB, 0x6E, 0xAE, 0xAD, 0xFA,
-        0xA7, 0x46, 0xF1, 0x8B, 0x73, 0xEC, 0x09, 0x23, 0xBC, 0xF2,
-        0x18, 0xE5, 0xB7, 0x92, 0x86, 0x3E, 0xA4, 0x75, 0x60, 0xC7,
-        0x3D, 0x0F, 0x3F, 0x83, 0x00, 0xC3, 0x06, 0x08, 0x9C, 0xD1,
-        0x54, 0xD6, 0xBA, 0x6D, 0x95, 0x3D, 0x34, 0xA1, 0xBE, 0x24,
-        0x91, 0xCC, 0x20, 0x03, 0x11, 0x5B, 0x72, 0x1C, 0xD4, 0x65,
-        0xD0, 0x11, 0x88, 0x75, 0x26, 0x04, 0x26, 0xEF, 0x66, 0x70,
-        0xE6, 0x3B, 0x38, 0x87, 0x9C, 0x53, 0x71, 0x1B, 0x09, 0x51,
-        0x70, 0x50, 0x99, 0x4C, 0x31, 0x0C, 0x62, 0x44, 0x57, 0x30,
-        0x60, 0x04, 0xFC, 0x12, 0x2C, 0xA3, 0x24, 0xB4, 0xF7, 0x11,
-        0xD5, 0x0E, 0xB5, 0x21, 0x0B, 0xED, 0x86, 0x11, 0x67, 0x4D,
-        0x36, 0xFA, 0x57, 0xA0, 0x59, 0x55, 0x21, 0xB3, 0x6D, 0xE4,
-        0x77, 0x5E, 0xEC, 0x7E, 0xF0, 0x09, 0x13, 0x8E, 0x99, 0x98,
-        0xB2, 0xE1, 0x82, 0xB6, 0x4B, 0x3E, 0x0F, 0x41, 0xA6, 0x0C,
-        0xCD, 0x49, 0x99, 0x7E, 0xE4, 0x8A, 0xCB, 0x37, 0xED, 0x53,
-        0xCF, 0x86, 0x5D, 0xA9, 0x26, 0xA8, 0xE5, 0x01, 0x25, 0x5A,
-        0xB4, 0xBC, 0x25, 0x35, 0xF1, 0xFA, 0x5A, 0x5C, 0xCE, 0xD4,
-        0xB8, 0x9A, 0x2C
+        0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x2D, 0xFC, 0xF9,
+        0x32, 0x5A, 0xBE, 0xD6, 0x9D, 0x42, 0x8B, 0x86, 0x4E, 0x67,
+        0x22, 0xC3, 0x50, 0x2D, 0xCB, 0x14, 0x27, 0x1D, 0x94, 0xF3,
+        0xCD, 0x88, 0x42, 0xDA, 0x41, 0x1C, 0x39, 0x24, 0x67, 0xA7,
+        0x92, 0x4D, 0x27, 0xEA, 0x56, 0x82, 0x19, 0xBF, 0x11, 0xB2,
+        0x43, 0xA4, 0x8D, 0x5D, 0x87, 0xB2, 0x27, 0x64, 0x66, 0x82,
+        0x81, 0xDF, 0xC4, 0xFD, 0x5B, 0x62, 0xB0, 0xC2, 0x4D, 0x9D,
+        0x29, 0xF2, 0x41, 0x32, 0xCC, 0x2E, 0xB5, 0xDA, 0x38, 0x06,
+        0x1B, 0xE8, 0x7F, 0x8C, 0x6E, 0x3D, 0x80, 0x1E, 0x00, 0x56,
+        0x49, 0xBF, 0x39, 0xE0, 0xDA, 0x68, 0x2F, 0xC4, 0xFD, 0x00,
+        0xE6, 0xD1, 0x81, 0x1A, 0xD1, 0x4A, 0xBB, 0x76, 0x52, 0xCE,
+        0x4D, 0x24, 0x9D, 0xC4, 0xA3, 0xA7, 0xF1, 0x65, 0x14, 0x2F,
+        0x1F, 0xA8, 0x2D, 0xC6, 0xCB, 0xCE, 0xB1, 0xA7, 0x89, 0x74,
+        0x26, 0x27, 0xC3, 0xF3, 0xA3, 0x84, 0x4C, 0x34, 0x01, 0x14,
+        0x03, 0x7D, 0x16, 0x3A, 0xC8, 0x8B, 0x25, 0x2E, 0x7B, 0x90,
+        0xCC, 0x46, 0xB1, 0x52, 0x34, 0xBA, 0x93, 0x6E, 0xEF, 0xFE,
+        0x43, 0xA3, 0xAD, 0xC6, 0x6F, 0x51, 0xFB, 0xBA, 0xEA, 0x38,
+        0xE3, 0x6F, 0xD6, 0xEE, 0x63, 0x62, 0x36, 0xEA, 0x5E, 0x08,
+        0xB4, 0xE2, 0x2A, 0x46, 0x89, 0xE3, 0xAE, 0xB3, 0xB4, 0x06,
+        0xEF, 0x63, 0x7A, 0x6E, 0x5D, 0xDD, 0xC9, 0xEC, 0x02, 0x4F,
+        0xF7, 0x64, 0xC0, 0x27, 0x07, 0xB4, 0x6F, 0x4A, 0x18, 0x72,
+        0x5B, 0x34, 0x74, 0x7C, 0xD0, 0xA9, 0x04, 0x8F, 0x40, 0x8B,
+        0x6A, 0x39, 0xD2, 0x6B, 0x1A, 0x01, 0xF2, 0x01, 0xA8, 0x81,
+        0x34, 0x3A, 0xE5, 0xB0, 0x55, 0xD1, 0x3C, 0x95, 0xCA, 0xB0,
+        0x82, 0xD6, 0xED, 0x98, 0x28, 0x15, 0x59, 0x7E, 0x95, 0xA7,
+        0x69, 0xC7, 0xB5, 0x7B, 0xEC, 0x01, 0xA7, 0x4D, 0xE6, 0xB9,
+        0xA2, 0xFE, 0x35
 };
 static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
 
@@ -1670,9 +1771,9 @@ static const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048);
 static const unsigned char ca_cert_chain_der[] =
 {
         0x30, 0x82, 0x03, 0xFA, 0x30, 0x82, 0x03, 0x63, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x5C, 0x79, 0xE0, 0x7D, 0x3D,
-        0xBC, 0xB0, 0xFE, 0x85, 0xCF, 0xA0, 0x28, 0xE9, 0xF6, 0x27,
-        0xDD, 0x0C, 0xBF, 0xA3, 0x36, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x5D, 0x82, 0xE6, 0x32, 0x61,
+        0xE7, 0x3B, 0x5E, 0x77, 0x3D, 0xDA, 0xA6, 0xF3, 0xFC, 0x54,
+        0xB5, 0x04, 0xD4, 0x10, 0x4E, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -1689,10 +1790,10 @@ static const unsigned char ca_cert_chain_der[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
         0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -1747,8 +1848,8 @@ static const unsigned char ca_cert_chain_der[] =
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
         0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
         0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
-        0x5C, 0x79, 0xE0, 0x7D, 0x3D, 0xBC, 0xB0, 0xFE, 0x85, 0xCF,
-        0xA0, 0x28, 0xE9, 0xF6, 0x27, 0xDD, 0x0C, 0xBF, 0xA3, 0x36,
+        0x5D, 0x82, 0xE6, 0x32, 0x61, 0xE7, 0x3B, 0x5E, 0x77, 0x3D,
+        0xDA, 0xA6, 0xF3, 0xFC, 0x54, 0xB5, 0x04, 0xD4, 0x10, 0x4E,
         0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
         0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
         0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -1758,20 +1859,20 @@ static const unsigned char ca_cert_chain_der[] =
         0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
         0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
-        0x03, 0x81, 0x81, 0x00, 0x84, 0x96, 0x5D, 0x69, 0x2C, 0xEF,
-        0x4C, 0x96, 0xD6, 0x90, 0xB8, 0xE5, 0x98, 0x2F, 0x35, 0x84,
-        0xE3, 0x05, 0x83, 0xE2, 0x69, 0xA3, 0xBF, 0x39, 0xF8, 0xD3,
-        0x2A, 0xB5, 0x50, 0x16, 0xCB, 0xD6, 0x02, 0x5B, 0x1B, 0x9B,
-        0x7F, 0x84, 0x87, 0xB0, 0x71, 0xC3, 0xC5, 0xC6, 0xDF, 0xBF,
-        0xAE, 0xC5, 0x19, 0x18, 0x23, 0x5E, 0x71, 0x52, 0xED, 0x00,
-        0xC5, 0x75, 0x22, 0xDA, 0x46, 0x3A, 0x80, 0x7C, 0xF9, 0x63,
-        0xE7, 0x15, 0x6D, 0xD5, 0x0B, 0x1C, 0x0A, 0x9C, 0xCC, 0x23,
-        0xEC, 0x51, 0xAE, 0x2B, 0xB5, 0x47, 0x02, 0x42, 0xF4, 0x8E,
-        0x06, 0x89, 0xE9, 0x71, 0x52, 0x16, 0x04, 0x0C, 0xBC, 0xC8,
-        0x05, 0x2A, 0xE5, 0xAC, 0xE8, 0x0F, 0xC8, 0xCD, 0x22, 0x02,
-        0x7E, 0x7A, 0x63, 0x55, 0x10, 0x0B, 0x8C, 0xB9, 0x02, 0x9B,
-        0x17, 0x62, 0xA7, 0x84, 0x26, 0x24, 0xDB, 0xEF, 0x34, 0x1E,
-        0xF9, 0x0D
+        0x03, 0x81, 0x81, 0x00, 0x23, 0x19, 0xF7, 0x04, 0xB7, 0x99,
+        0x84, 0x86, 0xCE, 0x45, 0x9E, 0xA4, 0x55, 0x2D, 0x14, 0xAC,
+        0xC5, 0x1C, 0x2D, 0x2F, 0x8D, 0xD3, 0x14, 0x81, 0x91, 0x27,
+        0x1C, 0x0C, 0x3C, 0x44, 0x14, 0x8B, 0x99, 0x46, 0xF2, 0x43,
+        0xB3, 0x51, 0x33, 0x1B, 0xFA, 0x77, 0x95, 0x07, 0x5C, 0xE4,
+        0x3C, 0x11, 0x17, 0x55, 0x57, 0xBF, 0x9D, 0xF4, 0xB5, 0xD4,
+        0xAD, 0x7C, 0xB1, 0x82, 0x62, 0x77, 0xC8, 0xAA, 0x02, 0xEE,
+        0x73, 0xEE, 0x77, 0x67, 0xD5, 0xB5, 0x58, 0xD7, 0x19, 0x6F,
+        0x0F, 0xFD, 0x8B, 0xFC, 0xD4, 0x32, 0xFF, 0x86, 0x48, 0xF8,
+        0x49, 0x5B, 0xD8, 0xF1, 0xFB, 0x36, 0x28, 0x27, 0xC1, 0x7D,
+        0xDD, 0x0F, 0xFF, 0x7F, 0x95, 0x16, 0x5B, 0x85, 0xCA, 0x3E,
+        0x9B, 0xDC, 0x78, 0xB7, 0x6B, 0xB1, 0xF1, 0x75, 0xFA, 0x61,
+        0xDA, 0xCE, 0x8A, 0x4E, 0x5F, 0x90, 0x7C, 0x38, 0x9E, 0x31,
+        0x00, 0x66
 };
 static const int sizeof_ca_cert_chain_der = sizeof(ca_cert_chain_der);
 
@@ -1922,10 +2023,10 @@ static const unsigned char server_cert_der_2048[] =
         0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
         0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
         0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
-        0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
-        0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
-        0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
+        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+        0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+        0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+        0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
         0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
         0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
         0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@@ -1992,9 +2093,9 @@ static const unsigned char server_cert_der_2048[] =
         0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
         0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
         0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2C,
-        0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68,
-        0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30,
+        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x33,
+        0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70,
+        0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30,
         0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03,
         0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11,
         0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D,
@@ -2004,32 +2105,32 @@ static const unsigned char server_cert_der_2048[] =
         0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
         0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
         0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
-        0x82, 0x01, 0x01, 0x00, 0xB9, 0x10, 0xF0, 0xBE, 0xFE, 0xC8,
-        0x67, 0x5E, 0x7D, 0x0F, 0x36, 0x33, 0xC7, 0x17, 0x2A, 0x01,
-        0xC4, 0xBB, 0x74, 0x83, 0x4C, 0xBC, 0xBB, 0xE2, 0xBA, 0x92,
-        0x82, 0x3A, 0xD9, 0x2D, 0x8C, 0x0E, 0xE3, 0x75, 0x1B, 0xC0,
-        0x14, 0xAA, 0x40, 0x1E, 0xA8, 0x11, 0x7D, 0x94, 0x9C, 0x3D,
-        0x74, 0x7A, 0x3B, 0x16, 0x7B, 0xD8, 0x9D, 0xF0, 0xE8, 0x7D,
-        0x1D, 0xFA, 0x3B, 0x14, 0x42, 0x20, 0xE3, 0x05, 0xA3, 0xFD,
-        0xB1, 0x0C, 0xF1, 0x2A, 0xC4, 0x00, 0x50, 0x8D, 0x1E, 0x97,
-        0x93, 0x6A, 0xDE, 0x82, 0x13, 0x24, 0x9E, 0x2B, 0xFA, 0x08,
-        0x85, 0xE3, 0x4F, 0x40, 0xFD, 0x63, 0xC7, 0x3D, 0xE9, 0xBD,
-        0x6F, 0x7C, 0x03, 0x98, 0x85, 0xFE, 0xB4, 0x51, 0x5D, 0x7F,
-        0x8C, 0x83, 0xB3, 0xAD, 0x4A, 0x88, 0xE9, 0xF3, 0x4C, 0x33,
-        0x84, 0x77, 0xD3, 0x02, 0x35, 0x59, 0xE3, 0x4E, 0x64, 0xA1,
-        0xB7, 0xBB, 0xFB, 0xF8, 0xFB, 0x14, 0x2A, 0xAE, 0x36, 0xBF,
-        0xD9, 0x82, 0xE7, 0xCB, 0x98, 0x48, 0x16, 0xC8, 0x81, 0xD6,
-        0xA0, 0xF1, 0x74, 0x14, 0xE3, 0x74, 0x4A, 0x72, 0x4A, 0xF1,
-        0x6F, 0xDD, 0xBE, 0x86, 0x1E, 0x20, 0xF3, 0x05, 0x16, 0x83,
-        0x1F, 0xAA, 0x7C, 0x59, 0x35, 0x97, 0x24, 0xB8, 0x27, 0xB7,
-        0x56, 0x9F, 0x30, 0x2E, 0x90, 0xE0, 0x19, 0xE0, 0x21, 0xCA,
-        0x9D, 0x3F, 0xDA, 0x99, 0x07, 0x94, 0x79, 0x49, 0x53, 0x14,
-        0x5C, 0xA2, 0x2C, 0x56, 0x5B, 0xB2, 0x55, 0x68, 0x5C, 0x1F,
-        0x91, 0x58, 0x9A, 0xCD, 0x53, 0xB5, 0xEA, 0x63, 0x5A, 0x72,
-        0x49, 0x41, 0xCC, 0x76, 0x9F, 0x88, 0x35, 0x86, 0x0D, 0x60,
-        0x5D, 0xE5, 0x91, 0xBD, 0xAC, 0x6F, 0xCF, 0xD5, 0x92, 0x27,
-        0x72, 0x4A, 0x21, 0xF4, 0x58, 0x98, 0x8E, 0x3B, 0xD2, 0x29,
-        0xE6, 0xEE, 0xFA, 0xE6, 0xB0, 0x6C, 0x8B, 0x1E, 0xE0, 0x54
+        0x82, 0x01, 0x01, 0x00, 0x4A, 0xFF, 0xB9, 0xE5, 0x85, 0x9B,
+        0xDA, 0x53, 0x66, 0x7F, 0x07, 0x22, 0xBF, 0xB6, 0x19, 0xEA,
+        0x42, 0xEB, 0xA4, 0x11, 0x07, 0x62, 0xFF, 0x39, 0x5F, 0x33,
+        0x37, 0x3A, 0x87, 0x26, 0x71, 0x3D, 0x13, 0xB2, 0xCA, 0xB8,
+        0x64, 0x38, 0x7B, 0x8A, 0x99, 0x48, 0x0E, 0xA5, 0xA4, 0x6B,
+        0xB1, 0x99, 0x6E, 0xE0, 0x46, 0x51, 0xBD, 0x19, 0x52, 0xAD,
+        0xBC, 0xA6, 0x7E, 0x2A, 0x7A, 0x7C, 0x23, 0xA7, 0xCC, 0xDB,
+        0x5E, 0x43, 0x7D, 0x6B, 0x04, 0xC8, 0xB7, 0xDD, 0x95, 0xAD,
+        0xF0, 0x91, 0x80, 0x59, 0xC5, 0x19, 0x91, 0x26, 0x27, 0x91,
+        0xB8, 0x48, 0x1C, 0xEB, 0x55, 0xB6, 0xAA, 0x7D, 0xA4, 0x38,
+        0xF1, 0x03, 0xBC, 0x6C, 0x8B, 0xAA, 0x94, 0xD6, 0x3C, 0x05,
+        0x7A, 0x96, 0xC5, 0x06, 0xF1, 0x26, 0x14, 0x2E, 0x75, 0xFB,
+        0xDD, 0xE5, 0x35, 0xB3, 0x01, 0x2C, 0xB3, 0xAD, 0x62, 0x5A,
+        0x21, 0x9A, 0x08, 0xBE, 0x56, 0xFC, 0xF9, 0xA2, 0x42, 0x87,
+        0x86, 0xE5, 0xA9, 0xC5, 0x99, 0xCF, 0xAE, 0x14, 0xBE, 0xE0,
+        0xB9, 0x08, 0x24, 0x0D, 0x1D, 0x5C, 0xD6, 0x14, 0xE1, 0x4C,
+        0x9F, 0x40, 0xB3, 0xA9, 0xE9, 0x2D, 0x52, 0x8B, 0x4C, 0xBF,
+        0xAC, 0x44, 0x31, 0x67, 0xC1, 0x8D, 0x06, 0x85, 0xEC, 0x0F,
+        0xE4, 0x99, 0xD7, 0x4B, 0x7B, 0x21, 0x06, 0x66, 0xD4, 0xE4,
+        0xF5, 0x9D, 0xFF, 0x8E, 0xF0, 0x86, 0x39, 0x58, 0x1D, 0xA4,
+        0x5B, 0xE2, 0x63, 0xEF, 0x7C, 0xC9, 0x18, 0x87, 0xA8, 0x02,
+        0x25, 0x10, 0x3E, 0x87, 0x28, 0xF9, 0xF5, 0xEF, 0x47, 0x9E,
+        0xA5, 0x80, 0x08, 0x11, 0x90, 0x68, 0xFE, 0xD1, 0xA3, 0xA8,
+        0x51, 0xB9, 0x37, 0xFF, 0xD5, 0xCA, 0x7C, 0x87, 0x7F, 0x6B,
+        0xBC, 0x2C, 0x12, 0xC8, 0xC5, 0x85, 0x8B, 0xFC, 0x0C, 0xC6,
+        0xB9, 0x86, 0xB8, 0xC9, 0x04, 0xC3, 0x51, 0x37, 0xD2, 0x4F
 
 };
 static const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048);
@@ -2634,9 +2735,9 @@ static const int sizeof_client_keypub_der_3072 = sizeof(client_keypub_der_3072);
 static const unsigned char client_cert_der_3072[] =
 {
         0x30, 0x82, 0x06, 0x1D, 0x30, 0x82, 0x04, 0x85, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x03, 0x33, 0x56, 0x6E, 0x5F,
-        0xE0, 0x69, 0x69, 0x99, 0x6B, 0xEB, 0xD0, 0xEB, 0x47, 0xCF,
-        0xF2, 0x05, 0x3F, 0x98, 0x15, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x0B, 0x5C, 0x9F, 0x12, 0x25,
+        0x90, 0xAA, 0x52, 0xC0, 0xDF, 0xE1, 0xE1, 0x1F, 0xED, 0xA9,
+        0x31, 0x01, 0x0A, 0x09, 0x8B, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
         0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
         0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
@@ -2654,10 +2755,10 @@ static const unsigned char client_cert_der_3072[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
         0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
@@ -2740,8 +2841,8 @@ static const unsigned char client_cert_der_3072[] =
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
         0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
         0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
-        0x03, 0x33, 0x56, 0x6E, 0x5F, 0xE0, 0x69, 0x69, 0x99, 0x6B,
-        0xEB, 0xD0, 0xEB, 0x47, 0xCF, 0xF2, 0x05, 0x3F, 0x98, 0x15,
+        0x0B, 0x5C, 0x9F, 0x12, 0x25, 0x90, 0xAA, 0x52, 0xC0, 0xDF,
+        0xE1, 0xE1, 0x1F, 0xED, 0xA9, 0x31, 0x01, 0x0A, 0x09, 0x8B,
         0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
         0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
         0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -2751,45 +2852,45 @@ static const unsigned char client_cert_der_3072[] =
         0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
         0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A,
         0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
-        0x03, 0x82, 0x01, 0x81, 0x00, 0x90, 0xE4, 0x43, 0x8E, 0xBE,
-        0x9D, 0xDE, 0x45, 0x4E, 0xDF, 0xDF, 0x8D, 0xE7, 0x7C, 0x2D,
-        0x1B, 0xA9, 0x1A, 0xEF, 0x90, 0x15, 0xFB, 0xD3, 0xA9, 0x99,
-        0xA8, 0x5B, 0xD7, 0xF9, 0xB8, 0x95, 0x19, 0xFE, 0xE0, 0x00,
-        0x09, 0xC1, 0xE3, 0xE8, 0x27, 0x82, 0x11, 0x7C, 0x39, 0x23,
-        0x92, 0x38, 0x45, 0x86, 0x6D, 0x77, 0xC2, 0x83, 0x8C, 0x1A,
-        0x0F, 0x4B, 0xC5, 0x94, 0x0D, 0xE9, 0x17, 0x28, 0x8C, 0xCF,
-        0x8F, 0x6D, 0xE9, 0x43, 0x82, 0x0F, 0x31, 0x67, 0xBB, 0xD5,
-        0xD7, 0x3F, 0x0B, 0xCE, 0xCE, 0x22, 0xF4, 0xA8, 0x5B, 0x84,
-        0x8D, 0xFD, 0xD2, 0xCB, 0xD6, 0xDC, 0xEE, 0x31, 0xF3, 0xE7,
-        0x26, 0xB7, 0x58, 0x6A, 0xC5, 0x9E, 0xFF, 0x89, 0x5F, 0xF6,
-        0x70, 0xFB, 0x6B, 0x02, 0xBA, 0x79, 0x6A, 0x9A, 0x12, 0x1B,
-        0x82, 0x94, 0x1B, 0x02, 0x22, 0x30, 0x7D, 0x74, 0x44, 0x46,
-        0x25, 0x85, 0xA1, 0xA8, 0x7D, 0xA0, 0xAB, 0xC3, 0xA7, 0x9E,
-        0x08, 0xA3, 0xD7, 0x5C, 0x42, 0xA2, 0xAF, 0x96, 0x42, 0x9C,
-        0x76, 0x9B, 0x8D, 0xEC, 0x08, 0x68, 0x71, 0x95, 0x92, 0xA5,
-        0xB9, 0xAA, 0x12, 0xF9, 0xC5, 0x62, 0xAC, 0x8E, 0x4F, 0xDF,
-        0xCC, 0xB7, 0x53, 0xE3, 0xC4, 0x70, 0x74, 0x9B, 0x38, 0xD2,
-        0xE9, 0xDA, 0x3F, 0xEF, 0xC4, 0x55, 0x01, 0x9A, 0xB9, 0x3E,
-        0xC4, 0x33, 0xE7, 0x33, 0xDB, 0x0F, 0xBA, 0x55, 0x84, 0x0F,
-        0x3C, 0x4C, 0xA5, 0x85, 0xEC, 0x5A, 0xF2, 0x98, 0x75, 0xE0,
-        0xEB, 0x47, 0xB8, 0x4B, 0xD3, 0x85, 0x63, 0xDC, 0xB0, 0x29,
-        0x85, 0x51, 0x62, 0xBF, 0x6A, 0x61, 0x9B, 0x40, 0x01, 0x66,
-        0x0D, 0x72, 0x42, 0xBD, 0x4F, 0xE0, 0xC6, 0x31, 0xA6, 0x06,
-        0xDF, 0xC1, 0xE9, 0x8A, 0xA0, 0x57, 0xC7, 0x4D, 0x4F, 0xE7,
-        0xC0, 0x45, 0x7F, 0x7F, 0xA7, 0x53, 0xCA, 0x90, 0x1D, 0x70,
-        0xA8, 0x46, 0x95, 0x99, 0xEF, 0x19, 0xEE, 0xE2, 0x45, 0x35,
-        0x1A, 0xDC, 0x0D, 0xCB, 0xC3, 0xB0, 0xD5, 0x88, 0x8B, 0xB9,
-        0x9F, 0xB5, 0xEA, 0xC1, 0xFE, 0x5E, 0x7A, 0xC1, 0x83, 0xC8,
-        0x74, 0xF5, 0x1A, 0x29, 0x52, 0x38, 0x5D, 0x14, 0xEA, 0x17,
-        0x2D, 0x39, 0xF6, 0x19, 0x16, 0xC4, 0x91, 0xB0, 0xE7, 0x18,
-        0x36, 0x56, 0xA0, 0x64, 0x75, 0x8D, 0x66, 0x57, 0x48, 0x1B,
-        0x38, 0xF2, 0xA0, 0x01, 0xB1, 0x44, 0x32, 0x34, 0xA5, 0x0E,
-        0xBC, 0x28, 0x46, 0x77, 0xED, 0x65, 0xC1, 0x75, 0x34, 0xF8,
-        0x06, 0x12, 0x45, 0x1A, 0x70, 0x78, 0x81, 0xD1, 0x55, 0x27,
-        0xCF, 0xAD, 0xB3, 0xD4, 0x5A, 0x97, 0x43, 0x88, 0x02, 0xBB,
-        0x93, 0xBA, 0x17, 0x42, 0x51, 0x59, 0x52, 0x13, 0xEC, 0xFC,
-        0xEF, 0x6B, 0x53, 0xF7, 0xF2, 0x41, 0x8A, 0x42, 0x06, 0x56,
-        0xE2, 0xF4, 0x97, 0xD2, 0x22, 0x31, 0x02, 0x2A, 0x47
+        0x03, 0x82, 0x01, 0x81, 0x00, 0x14, 0x27, 0x57, 0x47, 0x12,
+        0xA4, 0x78, 0xA2, 0xC9, 0xDC, 0x93, 0xF8, 0x47, 0xEE, 0xF4,
+        0xFD, 0x66, 0x80, 0x13, 0x43, 0x9E, 0xDE, 0x23, 0x8C, 0xF7,
+        0x3F, 0xFE, 0x46, 0x9C, 0x85, 0x58, 0x2A, 0x6F, 0x8D, 0x22,
+        0x92, 0x8C, 0xD6, 0x36, 0xCA, 0x90, 0x4F, 0x45, 0xC3, 0xAB,
+        0x78, 0xCA, 0x3C, 0xFE, 0xD0, 0xF5, 0x0F, 0x6D, 0x00, 0xFE,
+        0x3B, 0x42, 0xB0, 0x86, 0x0B, 0x75, 0xF2, 0x7C, 0xD3, 0xC7,
+        0xDB, 0x0B, 0x70, 0xE8, 0xEC, 0xB7, 0xBF, 0x26, 0x30, 0xA8,
+        0x19, 0x67, 0xBD, 0x74, 0x03, 0xCF, 0xD1, 0x08, 0x8E, 0x9C,
+        0xD5, 0x1B, 0x45, 0x28, 0xB2, 0x67, 0x8E, 0x3A, 0xA5, 0x27,
+        0xC9, 0x1B, 0x6A, 0xE9, 0x93, 0xCE, 0x94, 0xC0, 0x00, 0x0C,
+        0xE8, 0xF1, 0x76, 0x02, 0xA4, 0x30, 0x72, 0xA8, 0xFD, 0x55,
+        0x1C, 0xD1, 0xB8, 0x25, 0xF1, 0x62, 0xF6, 0xBA, 0x28, 0xFD,
+        0x30, 0xB1, 0x11, 0x63, 0xF7, 0xB3, 0x78, 0x54, 0x09, 0x04,
+        0xC1, 0x66, 0x12, 0xC7, 0x01, 0xAE, 0x99, 0xE3, 0x55, 0xC4,
+        0x29, 0xBD, 0x1B, 0x1A, 0xDA, 0xB9, 0x77, 0xFD, 0x04, 0xDB,
+        0xB1, 0x68, 0x56, 0x35, 0x65, 0xE1, 0xAA, 0x67, 0xC8, 0xAC,
+        0xBE, 0xE5, 0xF8, 0x27, 0xFB, 0xB4, 0x51, 0x4F, 0x38, 0xE5,
+        0xDE, 0x09, 0xA6, 0x81, 0xA9, 0xEF, 0xDC, 0xD6, 0x4A, 0x96,
+        0x47, 0xB8, 0x38, 0x14, 0xF8, 0x25, 0x5D, 0xAC, 0xF3, 0xE5,
+        0x3B, 0xF2, 0x1B, 0x70, 0x32, 0x3B, 0x2D, 0xFA, 0x20, 0xCA,
+        0x2E, 0xA5, 0xCA, 0x13, 0x9D, 0x84, 0xD2, 0xD4, 0x35, 0x16,
+        0x58, 0x6E, 0x52, 0x5E, 0x09, 0x61, 0x83, 0xC2, 0xE2, 0x56,
+        0x2C, 0xAB, 0x52, 0xBF, 0x54, 0xDC, 0xBD, 0xF3, 0xBF, 0xA7,
+        0x16, 0x6E, 0x0E, 0xCA, 0x68, 0x54, 0xD1, 0x5C, 0x4D, 0x06,
+        0x7A, 0x93, 0x47, 0x1C, 0xCC, 0xA9, 0x66, 0xDA, 0x69, 0x0F,
+        0xF9, 0x1F, 0x25, 0x64, 0x29, 0x40, 0x97, 0x50, 0x3B, 0xCF,
+        0x0C, 0x50, 0x9B, 0x4D, 0xFF, 0x60, 0xBC, 0xD3, 0xE4, 0xA0,
+        0xB7, 0x64, 0xC6, 0x66, 0x2A, 0xF6, 0x02, 0xE2, 0x3F, 0x92,
+        0x31, 0x3B, 0xD7, 0xEA, 0x1A, 0xC3, 0x1A, 0x0C, 0x19, 0x88,
+        0xAB, 0x5F, 0x74, 0xB7, 0x9D, 0x7B, 0x8D, 0x4D, 0x3A, 0x84,
+        0x43, 0xF2, 0x67, 0xB1, 0xBE, 0xA0, 0x9E, 0xFD, 0x3D, 0xAA,
+        0xC1, 0x38, 0x1A, 0xDF, 0xAC, 0x30, 0xFE, 0x63, 0x69, 0xAF,
+        0xD6, 0xF2, 0x21, 0x63, 0x11, 0x63, 0x29, 0xAC, 0x63, 0x9E,
+        0x9F, 0x9F, 0xC4, 0x53, 0xB3, 0xDB, 0x78, 0xC0, 0x2D, 0x79,
+        0x68, 0x1F, 0xD2, 0xD1, 0x36, 0xD1, 0xFB, 0xE3, 0xC0, 0xA7,
+        0x31, 0xEB, 0x15, 0x63, 0x99, 0x0B, 0x93, 0x9D, 0x87, 0xC7,
+        0xFE, 0x56, 0x5D, 0xFC, 0xE7, 0x29, 0x2A, 0x9E, 0x15, 0xBE,
+        0xEF, 0x54, 0xE7, 0x0F, 0x6D, 0x9B, 0x36, 0xB6, 0x17
 };
 static const int sizeof_client_cert_der_3072 = sizeof(client_cert_der_3072);
 
@@ -3103,189 +3204,189 @@ static const int sizeof_client_keypub_der_4096 = sizeof(client_keypub_der_4096);
 /* ./certs/4096/client-cert.der, 4096-bit */
 static const unsigned char client_cert_der_4096[] =
 {
-        0x30, 0x82, 0x07, 0x1B, 0x30, 0x82, 0x05, 0x03, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x13, 0x31, 0xFE, 0x22, 0xAF, 0x75,
-        0x2F, 0xDC, 0x63, 0xBD, 0xE4, 0x94, 0xF2, 0x94, 0x38, 0xC3,
-        0x0D, 0x7D, 0x9A, 0xD1, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
-        0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x30,
-        0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04,
-        0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06,
-        0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74,
-        0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
-        0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61,
-        0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04, 0x0A,
-        0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F,
-        0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06, 0x03,
-        0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67, 0x72,
-        0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39,
-        0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
-        0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30,
-        0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
-        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
-        0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32,
-        0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34,
-        0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06,
-        0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
-        0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
-        0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A,
-        0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03,
-        0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53,
-        0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30,
-        0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72,
-        0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D,
-        0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03,
-        0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
-        0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
-        0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D, 0x06,
-        0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
-        0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82, 0x02,
-        0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31, 0xE4,
-        0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79, 0xFC,
-        0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86, 0x71,
-        0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17, 0x13,
-        0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D, 0xAF,
-        0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A, 0x12,
-        0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46, 0x74,
-        0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C, 0x2E,
-        0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B, 0xBE,
-        0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66, 0xC5,
-        0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB, 0xC1,
-        0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99, 0x13,
-        0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4, 0xD5,
-        0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17, 0x05,
-        0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28, 0x48,
-        0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7, 0xCD,
-        0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5, 0x3F,
-        0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0, 0x18,
-        0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C, 0xF4,
-        0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7, 0xC2,
-        0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D, 0x80,
-        0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED, 0x51,
-        0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E, 0x81,
-        0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3, 0x8E,
-        0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5, 0xAA,
-        0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1, 0x8E,
-        0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2, 0xFD,
-        0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A, 0x8B,
-        0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C, 0x9C,
-        0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5, 0x88,
-        0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C, 0x0B,
-        0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6, 0x47,
-        0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26, 0xB1,
-        0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21, 0xD6,
-        0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9, 0x85,
-        0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3, 0x51,
-        0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76, 0x94,
-        0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3, 0x62,
-        0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31, 0xE8,
-        0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57, 0xC4,
-        0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA, 0xBD,
-        0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54, 0x9B,
-        0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F, 0xEE,
-        0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6, 0x44,
-        0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9, 0x26,
-        0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13, 0xB2,
-        0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5, 0x7B,
-        0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB, 0xAE,
-        0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C, 0x17,
-        0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9, 0xC9,
-        0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD, 0x0E,
-        0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02, 0x03,
-        0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4E, 0x30, 0x82, 0x01,
-        0x4A, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16,
-        0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31,
-        0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16,
-        0xA5, 0x6E, 0x30, 0x81, 0xDD, 0x06, 0x03, 0x55, 0x1D, 0x23,
-        0x04, 0x81, 0xD5, 0x30, 0x81, 0xD2, 0x80, 0x14, 0xFA, 0x54,
-        0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD, 0xE7,
-        0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1, 0x81,
-        0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30,
-        0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
-        0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
-        0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
-        0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42,
-        0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13,
-        0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C,
-        0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31,
-        0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10,
-        0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E,
-        0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16,
-        0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77,
-        0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86,
-        0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69,
-        0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73,
-        0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x13, 0x31, 0xFE, 0x22,
-        0xAF, 0x75, 0x2F, 0xDC, 0x63, 0xBD, 0xE4, 0x94, 0xF2, 0x94,
-        0x38, 0xC3, 0x0D, 0x7D, 0x9A, 0xD1, 0x30, 0x0C, 0x06, 0x03,
-        0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF,
-        0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30,
-        0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65,
-        0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00, 0x00, 0x01,
-        0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x16, 0x30,
-        0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
-        0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03,
-        0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
-        0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82, 0x02, 0x01,
-        0x00, 0xDD, 0x6B, 0x7F, 0xCA, 0xDC, 0x80, 0xE0, 0x6D, 0xE2,
-        0x5F, 0x6C, 0x32, 0x01, 0x2F, 0x8F, 0x3A, 0xE9, 0x41, 0x5F,
-        0x35, 0xC6, 0xBB, 0xA9, 0xA5, 0x84, 0x57, 0xEE, 0xA4, 0x21,
-        0x4F, 0xB3, 0xB9, 0xAE, 0x24, 0xDC, 0xD1, 0x80, 0x30, 0x7A,
-        0x2A, 0x7F, 0x7E, 0xFC, 0x6C, 0xBE, 0x50, 0xD3, 0x5A, 0x51,
-        0x2D, 0xE6, 0xFD, 0x15, 0xDB, 0x9D, 0xFF, 0xFA, 0xCA, 0xC0,
-        0xCF, 0xBE, 0x97, 0x59, 0xD0, 0x83, 0x20, 0xCE, 0x3A, 0xD8,
-        0x10, 0xFE, 0x41, 0xD5, 0xA9, 0x6B, 0x19, 0xE2, 0x9F, 0x28,
-        0xFE, 0xC0, 0x21, 0x75, 0x47, 0x46, 0x94, 0x31, 0x6A, 0xC4,
-        0xC4, 0x52, 0x3B, 0x02, 0x73, 0xC4, 0x47, 0x2A, 0xB5, 0xCE,
-        0x65, 0x6D, 0x58, 0xC7, 0xFA, 0x3E, 0x0A, 0x6F, 0xE1, 0xA8,
-        0xA1, 0x3B, 0x33, 0x8A, 0x6F, 0xCA, 0x4A, 0xEF, 0x52, 0x88,
-        0x09, 0xCA, 0xB2, 0xF2, 0x1D, 0x3D, 0x69, 0xF5, 0x5B, 0x80,
-        0x4F, 0x29, 0x66, 0xB1, 0x25, 0xC7, 0xEB, 0xD1, 0xBB, 0xDF,
-        0xCF, 0x91, 0xC8, 0xCE, 0x58, 0x3B, 0x9D, 0x10, 0x5B, 0x8E,
-        0x55, 0x93, 0x5A, 0x32, 0xED, 0x0B, 0xC7, 0x7F, 0xC8, 0xF5,
-        0xF2, 0x7F, 0x0A, 0xCE, 0xAD, 0xBB, 0xDB, 0x43, 0x2A, 0x92,
-        0xF6, 0xF2, 0xA0, 0x34, 0x8E, 0x7C, 0x22, 0x4A, 0x5A, 0xF9,
-        0x84, 0xB0, 0x88, 0xE3, 0xA4, 0x2A, 0xBF, 0x23, 0x3A, 0xEC,
-        0xAA, 0x32, 0x77, 0xC9, 0xAB, 0xBC, 0x4B, 0xBB, 0x82, 0xBC,
-        0xC0, 0x07, 0xE6, 0xFC, 0xCF, 0x33, 0x72, 0x8F, 0xB2, 0x4E,
-        0xDA, 0x2B, 0x7E, 0x08, 0x44, 0x72, 0x2B, 0xA0, 0xC7, 0x3A,
-        0x7E, 0x6F, 0xB4, 0x31, 0xB1, 0x3A, 0x34, 0xC3, 0x5C, 0xBE,
-        0x9C, 0x85, 0xD8, 0x82, 0x99, 0x35, 0x92, 0xB4, 0xB4, 0x31,
-        0x24, 0x31, 0xDF, 0xFB, 0x17, 0xDB, 0x1D, 0x3B, 0xA7, 0xD1,
-        0xE2, 0xA4, 0x44, 0xC7, 0x3F, 0x6B, 0x17, 0x1C, 0x32, 0xCC,
-        0xF9, 0x48, 0xF0, 0xC0, 0x38, 0x45, 0xE8, 0xF5, 0x84, 0x6C,
-        0x59, 0x29, 0x5A, 0xEC, 0x38, 0x43, 0x10, 0x97, 0x67, 0x76,
-        0xB5, 0x60, 0xB7, 0x8C, 0x42, 0x11, 0x44, 0x9A, 0x62, 0x87,
-        0xDB, 0x02, 0xAA, 0xE7, 0x1E, 0xEC, 0x9F, 0x6B, 0x7F, 0xC5,
-        0xFA, 0x9E, 0x03, 0x80, 0x73, 0x74, 0x20, 0xE9, 0x7A, 0xE1,
-        0x3F, 0x49, 0x41, 0xBB, 0xC4, 0x9A, 0x70, 0x14, 0xA1, 0x13,
-        0x2A, 0x90, 0xEF, 0x06, 0xCC, 0x9D, 0xBA, 0x32, 0x94, 0x8C,
-        0xA9, 0x95, 0x45, 0xA4, 0x89, 0x04, 0xD2, 0x68, 0xB9, 0x13,
-        0xFD, 0x73, 0x43, 0xEA, 0xC5, 0xEE, 0x7F, 0x00, 0x75, 0xF0,
-        0xCA, 0x4D, 0x91, 0xD3, 0x04, 0x72, 0xE6, 0xAF, 0xC8, 0xAD,
-        0x43, 0x11, 0x70, 0x36, 0x45, 0xAA, 0xB5, 0x46, 0xA6, 0xBF,
-        0xAC, 0x6C, 0x20, 0x86, 0x3E, 0x5E, 0x66, 0xA5, 0x15, 0x6A,
-        0xA2, 0x58, 0xE6, 0x6F, 0xE8, 0xAE, 0xB4, 0x1D, 0x67, 0xDA,
-        0x18, 0xD6, 0xAD, 0xDE, 0x11, 0x9C, 0xF3, 0xD1, 0xA4, 0x06,
-        0x3F, 0xD5, 0x01, 0xFD, 0x3D, 0xB8, 0xFD, 0x14, 0x0F, 0x1A,
-        0xE8, 0x7E, 0xB4, 0xA3, 0x2B, 0x8B, 0x52, 0x4C, 0x71, 0x72,
-        0x5E, 0x7C, 0x9E, 0x23, 0xFF, 0x50, 0x83, 0x7D, 0x5B, 0xEC,
-        0x60, 0xD5, 0xAD, 0xA5, 0x44, 0x0B, 0xDD, 0x66, 0xCC, 0xA5,
-        0xF8, 0x0C, 0x65, 0xDB, 0xB2, 0x76, 0x1E, 0x1C, 0x01, 0x87,
-        0xCB, 0x1C, 0x76, 0x17, 0x5D, 0x12, 0xCD, 0x28, 0xDC, 0x20,
-        0xE0, 0x3A, 0xC8, 0x65, 0xFE, 0xDD, 0xE3, 0xBC, 0x6A, 0x8B,
-        0x24, 0x6B, 0x86, 0xA7, 0x2D, 0xBC, 0x4F, 0x26, 0x3F, 0xD7,
-        0x3F, 0x04, 0xBF, 0xA4, 0x5D, 0x06, 0x52, 0xB5, 0xE4, 0xFD,
-        0x85, 0xB0, 0x2C, 0x52, 0xAC, 0x99, 0x49, 0xEF, 0x56, 0x76,
-        0x2A, 0x7C, 0xE3, 0xD8, 0x8E, 0xE4, 0xEB, 0xB2, 0xDB, 0xC1,
-        0x54, 0x20, 0x64
+        0x30, 0x82, 0x07, 0x1D, 0x30, 0x82, 0x05, 0x05, 0xA0, 0x03,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x2F, 0x36, 0x54, 0x05, 0x64,
+        0x52, 0xDD, 0x0E, 0x75, 0x75, 0x33, 0x7C, 0xB2, 0xCE, 0x9F,
+        0x5C, 0x48, 0x9B, 0xAB, 0x0E, 0x30, 0x0D, 0x06, 0x09, 0x2A,
+        0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00,
+        0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55,
+        0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E,
+        0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E,
+        0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
+        0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D,
+        0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06, 0x03, 0x55, 0x04,
+        0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
+        0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19, 0x30, 0x17, 0x06,
+        0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50, 0x72, 0x6F, 0x67,
+        0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x2D, 0x34, 0x30,
+        0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
+        0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
+        0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+        0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x0B, 0x30, 0x09,
+        0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07,
+        0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30,
+        0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F,
+        0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30, 0x13, 0x06,
+        0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F, 0x6C, 0x66,
+        0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36, 0x31, 0x19,
+        0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x10, 0x50,
+        0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67,
+        0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30, 0x16, 0x06,
+        0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E,
+        0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C,
+        0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x02, 0x22, 0x30, 0x0D,
+        0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01,
+        0x01, 0x05, 0x00, 0x03, 0x82, 0x02, 0x0F, 0x00, 0x30, 0x82,
+        0x02, 0x0A, 0x02, 0x82, 0x02, 0x01, 0x00, 0xF5, 0xD0, 0x31,
+        0xE4, 0x71, 0x59, 0x58, 0xB3, 0x07, 0x50, 0xDD, 0x16, 0x79,
+        0xFC, 0xC6, 0x95, 0x50, 0xFC, 0x46, 0x0E, 0x57, 0x12, 0x86,
+        0x71, 0x8D, 0xE3, 0x9B, 0x4A, 0x33, 0xEA, 0x4F, 0xD9, 0x17,
+        0x13, 0x6D, 0x48, 0x69, 0xDF, 0x59, 0x11, 0x08, 0x02, 0x9D,
+        0xAF, 0x2B, 0xC7, 0x30, 0xBE, 0x0C, 0xDC, 0x87, 0xD4, 0x5A,
+        0x12, 0x09, 0x23, 0x5D, 0xE1, 0x76, 0x5A, 0x62, 0x37, 0x46,
+        0x74, 0xEF, 0x03, 0x05, 0xBB, 0x1E, 0x6D, 0x29, 0x75, 0x6C,
+        0x2E, 0x9D, 0x87, 0x0D, 0x8F, 0x87, 0xCB, 0x14, 0x95, 0x9B,
+        0xBE, 0x17, 0x6B, 0x51, 0xD1, 0x4C, 0xDA, 0xD7, 0x91, 0x66,
+        0xC5, 0x36, 0xEB, 0xE0, 0x07, 0x1A, 0x76, 0x4D, 0xB0, 0xFB,
+        0xC1, 0xF5, 0x5E, 0x05, 0xDB, 0xBA, 0xCB, 0x25, 0xD9, 0x99,
+        0x13, 0x1C, 0xC0, 0x35, 0xDC, 0x40, 0xE9, 0x36, 0xCD, 0xC4,
+        0xD5, 0x7A, 0x41, 0x70, 0x0F, 0x36, 0xEB, 0xA5, 0x4E, 0x17,
+        0x05, 0xD5, 0x75, 0x1B, 0x64, 0x62, 0x7A, 0x3F, 0x0D, 0x28,
+        0x48, 0x6A, 0xE3, 0xAC, 0x9C, 0xA8, 0x8F, 0xE9, 0xED, 0xF7,
+        0xCD, 0x24, 0xA0, 0xB1, 0xA0, 0x03, 0xAC, 0xE3, 0x03, 0xF5,
+        0x3F, 0xD1, 0x96, 0xFF, 0x2A, 0x7E, 0x08, 0xB1, 0xD3, 0xE0,
+        0x18, 0x14, 0xEC, 0x65, 0x37, 0x50, 0x43, 0xC2, 0x6A, 0x8C,
+        0xF4, 0x5B, 0xFE, 0xC4, 0xCB, 0x8D, 0x3F, 0x81, 0x02, 0xF7,
+        0xC2, 0xDD, 0xE4, 0xC1, 0x8E, 0x80, 0x0C, 0x04, 0x25, 0x2D,
+        0x80, 0x5A, 0x2E, 0x0F, 0x22, 0x35, 0x4A, 0xF4, 0x85, 0xED,
+        0x51, 0xD8, 0xAB, 0x6D, 0x8F, 0xA2, 0x3B, 0x24, 0x00, 0x6E,
+        0x81, 0xE2, 0x1E, 0x76, 0xD6, 0xAC, 0x31, 0x12, 0xDB, 0xF3,
+        0x8E, 0x07, 0xA1, 0xDE, 0x89, 0x4A, 0x39, 0x60, 0x77, 0xC5,
+        0xAA, 0xF1, 0x51, 0xE6, 0x06, 0xF1, 0x95, 0x56, 0x2A, 0xE1,
+        0x8E, 0x92, 0x30, 0x9F, 0xFE, 0x58, 0x44, 0xAC, 0x46, 0xF2,
+        0xFD, 0x9A, 0xFC, 0xA8, 0x1D, 0xA1, 0xD3, 0x55, 0x37, 0x4A,
+        0x8B, 0xFC, 0x9C, 0x33, 0xF8, 0xA7, 0x61, 0x48, 0x41, 0x7C,
+        0x9C, 0x77, 0x3F, 0xF5, 0x80, 0x23, 0x7D, 0x43, 0xB4, 0xD5,
+        0x88, 0x0A, 0xC9, 0x75, 0xD7, 0x44, 0x19, 0x4D, 0x77, 0x6C,
+        0x0B, 0x0A, 0x49, 0xAA, 0x1C, 0x2F, 0xD6, 0x5A, 0x44, 0xA6,
+        0x47, 0x4D, 0xE5, 0x36, 0x96, 0x40, 0x99, 0x2C, 0x56, 0x26,
+        0xB1, 0xF2, 0x92, 0x31, 0x59, 0xD7, 0x2C, 0xD4, 0xB4, 0x21,
+        0xD6, 0x65, 0x13, 0x0B, 0x3E, 0xFB, 0xFF, 0x04, 0xEB, 0xB9,
+        0x85, 0xB9, 0xD8, 0xD8, 0x28, 0x4F, 0x5C, 0x17, 0x96, 0xA3,
+        0x51, 0xBE, 0xFE, 0x7D, 0x0B, 0x1B, 0x48, 0x40, 0x25, 0x76,
+        0x94, 0xDC, 0x41, 0xFB, 0xBF, 0x73, 0x76, 0xDA, 0xEB, 0xB3,
+        0x62, 0xE7, 0xC1, 0xC8, 0x54, 0x6A, 0x93, 0xE1, 0x8D, 0x31,
+        0xE8, 0x3E, 0x3E, 0xDF, 0xBC, 0x87, 0x02, 0x30, 0x22, 0x57,
+        0xC4, 0xE0, 0x18, 0x7A, 0xD3, 0xAE, 0xE4, 0x02, 0x9B, 0xAA,
+        0xBD, 0x4E, 0x49, 0x47, 0x72, 0xE9, 0x8D, 0x13, 0x2D, 0x54,
+        0x9B, 0x00, 0xA7, 0x91, 0x61, 0x71, 0xC9, 0xCC, 0x48, 0x4F,
+        0xEE, 0xDF, 0x5E, 0x1B, 0x1A, 0xDF, 0x67, 0xD3, 0x20, 0xE6,
+        0x44, 0x45, 0x98, 0x7E, 0xE7, 0x0E, 0x63, 0x16, 0x83, 0xC9,
+        0x26, 0x5D, 0x90, 0xC1, 0xE5, 0x2A, 0x5C, 0x45, 0x54, 0x13,
+        0xB2, 0x81, 0x18, 0x06, 0x20, 0x2E, 0x2E, 0x66, 0x5A, 0xB5,
+        0x7B, 0x6E, 0xD6, 0x0C, 0x4E, 0x89, 0x01, 0x56, 0x70, 0xBB,
+        0xAE, 0xDE, 0xE9, 0x99, 0x5E, 0xD1, 0xB9, 0x3A, 0xB7, 0x6C,
+        0x17, 0xB6, 0x03, 0xA9, 0x08, 0xDD, 0x9C, 0xF4, 0x14, 0xC9,
+        0xC9, 0x59, 0x39, 0x72, 0xD4, 0x7E, 0x02, 0x37, 0x31, 0xCD,
+        0x0E, 0xA7, 0x3D, 0xF8, 0xF2, 0xCF, 0x6B, 0x15, 0xAB, 0x02,
+        0x03, 0x01, 0x00, 0x01, 0xA3, 0x82, 0x01, 0x4F, 0x30, 0x82,
+        0x01, 0x4B, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04,
+        0x16, 0x04, 0x14, 0xFA, 0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7,
+        0x31, 0x40, 0xEA, 0xFD, 0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56,
+        0x16, 0xA5, 0x6E, 0x30, 0x81, 0xDE, 0x06, 0x03, 0x55, 0x1D,
+        0x23, 0x04, 0x81, 0xD6, 0x30, 0x81, 0xD3, 0x80, 0x14, 0xFA,
+        0x54, 0x89, 0x67, 0xE5, 0x5F, 0xB7, 0x31, 0x40, 0xEA, 0xFD,
+        0xE7, 0xF6, 0xA3, 0xC6, 0x5A, 0x56, 0x16, 0xA5, 0x6E, 0xA1,
+        0x81, 0xA4, 0xA4, 0x81, 0xA1, 0x30, 0x81, 0x9E, 0x31, 0x0B,
+        0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
+        0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
+        0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
+        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07,
+        0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x15, 0x30,
+        0x13, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x0C, 0x77, 0x6F,
+        0x6C, 0x66, 0x53, 0x53, 0x4C, 0x5F, 0x34, 0x30, 0x39, 0x36,
+        0x31, 0x19, 0x30, 0x17, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C,
+        0x10, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69,
+        0x6E, 0x67, 0x2D, 0x34, 0x30, 0x39, 0x36, 0x31, 0x18, 0x30,
+        0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77,
+        0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
+        0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A,
+        0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10,
+        0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73,
+        0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2F, 0x36,
+        0x54, 0x05, 0x64, 0x52, 0xDD, 0x0E, 0x75, 0x75, 0x33, 0x7C,
+        0xB2, 0xCE, 0x9F, 0x5C, 0x48, 0x9B, 0xAB, 0x0E, 0x30, 0x0C,
+        0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01,
+        0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04,
+        0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70,
+        0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D, 0x87, 0x04, 0x7F, 0x00,
+        0x00, 0x01, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04,
+        0x16, 0x30, 0x14, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+        0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+        0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48,
+        0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03, 0x82,
+        0x02, 0x01, 0x00, 0xC2, 0x72, 0x38, 0x27, 0xF0, 0x5C, 0x45,
+        0x04, 0x4B, 0x09, 0x0E, 0x5D, 0x98, 0x6E, 0x38, 0x6A, 0xBC,
+        0xFB, 0xA8, 0x85, 0x4F, 0xF2, 0x04, 0x38, 0x63, 0x4F, 0x86,
+        0x4F, 0x3C, 0xF5, 0xFD, 0xF8, 0xCD, 0x89, 0x09, 0x76, 0x72,
+        0x47, 0x97, 0xDF, 0xF8, 0x17, 0x6A, 0x81, 0x3A, 0xB2, 0xB4,
+        0xFC, 0xAC, 0xE9, 0xFC, 0xE2, 0x47, 0x9B, 0x07, 0x6D, 0x9C,
+        0x53, 0xED, 0xD8, 0x64, 0xBC, 0x6C, 0x4D, 0xA9, 0xBD, 0x3E,
+        0x5E, 0xCD, 0x61, 0xBC, 0x8E, 0x82, 0x20, 0xB2, 0x50, 0xBC,
+        0x9E, 0x72, 0xE6, 0x9F, 0x40, 0xFF, 0x6C, 0x4B, 0x38, 0xF8,
+        0x4B, 0x82, 0x0F, 0x7E, 0x49, 0xCD, 0x45, 0x5C, 0xCD, 0x44,
+        0xDE, 0x47, 0x25, 0xB3, 0x57, 0xD0, 0x1A, 0x0D, 0x8D, 0x4D,
+        0xC7, 0xEA, 0x23, 0xFA, 0x03, 0xE8, 0x86, 0xD8, 0x37, 0x89,
+        0x84, 0x2E, 0xE8, 0x53, 0x7A, 0x77, 0xBE, 0x94, 0xEC, 0x70,
+        0xE7, 0xC4, 0x7B, 0x8F, 0x6F, 0x28, 0x67, 0x33, 0x89, 0xEC,
+        0xC9, 0xDF, 0x98, 0x6D, 0x4A, 0xD9, 0xC6, 0x7B, 0xD3, 0xB5,
+        0x82, 0xD0, 0x8A, 0xCE, 0x8F, 0x06, 0xBF, 0xA2, 0xF7, 0xDE,
+        0x4A, 0x45, 0x22, 0x6F, 0xFF, 0x41, 0x6F, 0x08, 0xF5, 0xC3,
+        0x65, 0x25, 0x27, 0xFB, 0x43, 0x3E, 0xCC, 0x25, 0x0A, 0xD3,
+        0x3D, 0xD2, 0x34, 0x9F, 0x89, 0x6B, 0xE2, 0x97, 0x9C, 0x42,
+        0xD9, 0x3E, 0x64, 0x03, 0x45, 0x5F, 0x07, 0x95, 0xED, 0x1A,
+        0x70, 0x6A, 0xBE, 0x3E, 0x7F, 0x7F, 0x16, 0xBE, 0x47, 0xA6,
+        0x6D, 0x3B, 0x0D, 0x27, 0xB3, 0x89, 0xB1, 0xF1, 0xF6, 0xCE,
+        0x99, 0x71, 0x18, 0xB6, 0xC0, 0xC5, 0x9E, 0x76, 0x7A, 0x8E,
+        0xFB, 0x4A, 0xBE, 0x4F, 0xCD, 0xBC, 0x21, 0xA9, 0x4E, 0x9C,
+        0xFC, 0x48, 0x86, 0xFF, 0xE4, 0x63, 0x14, 0x96, 0x3A, 0xEB,
+        0xC8, 0x48, 0xAE, 0x27, 0xBD, 0x43, 0x0C, 0x27, 0x85, 0xE1,
+        0x25, 0x1A, 0x69, 0x48, 0x6C, 0xE7, 0x11, 0xF8, 0xF3, 0x68,
+        0x9D, 0xEE, 0x15, 0x1A, 0xBE, 0xAD, 0x46, 0x33, 0x24, 0x3D,
+        0xBE, 0xB8, 0x0E, 0x6E, 0x4D, 0xEF, 0x12, 0xB6, 0xAE, 0x1B,
+        0x88, 0xBD, 0x0E, 0xA6, 0xFF, 0x91, 0x08, 0xDC, 0xED, 0xAF,
+        0xFA, 0x13, 0x2B, 0xF2, 0xB4, 0x2C, 0xEA, 0x72, 0xC2, 0x85,
+        0xD6, 0xEE, 0x64, 0x09, 0xE1, 0x4E, 0x1A, 0x5A, 0xBD, 0xC2,
+        0x44, 0xC2, 0x95, 0x82, 0x59, 0x0A, 0xD8, 0x27, 0xBC, 0x48,
+        0x4A, 0x8A, 0xA3, 0xC3, 0x77, 0xAC, 0x92, 0xB6, 0x8B, 0x0B,
+        0x13, 0xE2, 0x87, 0xEC, 0x21, 0x7E, 0x7E, 0x52, 0x29, 0x51,
+        0x5C, 0x59, 0xE1, 0xC8, 0xDB, 0x05, 0xCE, 0x9E, 0xF4, 0x36,
+        0xD8, 0x63, 0x42, 0x45, 0x71, 0x9A, 0xEE, 0x0E, 0x24, 0xB0,
+        0xBA, 0xA5, 0xA5, 0xAA, 0xC9, 0xEE, 0x9E, 0xA3, 0xE3, 0xE9,
+        0x7F, 0xC6, 0x64, 0x6C, 0x9E, 0x65, 0x78, 0x88, 0xF2, 0x61,
+        0x6F, 0xD3, 0x3B, 0x9E, 0x0D, 0x16, 0xFA, 0xAD, 0xC2, 0x58,
+        0xAC, 0xBC, 0x14, 0xB1, 0xF7, 0x6F, 0xDB, 0xB9, 0x7E, 0x79,
+        0x81, 0xF1, 0xF8, 0xE9, 0x41, 0x5B, 0xFE, 0xD9, 0xE2, 0x89,
+        0x86, 0x5C, 0x01, 0x03, 0x5D, 0x0C, 0xD9, 0xA9, 0xD6, 0xDF,
+        0x4B, 0x26, 0x5C, 0xAE, 0xE6, 0xDF, 0xB5, 0xC9, 0xF0, 0x86,
+        0xCA, 0x7B, 0x80, 0xDB, 0x6A, 0x86, 0xFD, 0xA9, 0x00, 0x46,
+        0x32, 0x39, 0x5A, 0x72, 0xC4, 0x67, 0x20, 0xDB, 0xD8, 0x7A,
+        0x5D, 0x2D, 0x78, 0xB9, 0xA7, 0xDE, 0x7F, 0xF4, 0x7A, 0x5B,
+        0x0F, 0x38, 0xB0, 0x9E, 0x1A, 0xAE, 0xC5, 0xCC, 0xFF, 0x61,
+        0x5E, 0xEC, 0xF1, 0x0D, 0xF7, 0x0A, 0x22, 0xBB, 0xCB, 0x08,
+        0x2B, 0x91, 0x58, 0x77, 0x1F, 0x90, 0x2B, 0xA3, 0x78, 0xBE,
+        0xEF, 0x4D, 0xD8, 0x8D, 0xE8, 0xF7, 0x31, 0xF8, 0x92, 0x84,
+        0xE5, 0xB2, 0x2A, 0xE8, 0x3A
 };
 static const int sizeof_client_cert_der_4096 = sizeof(client_cert_der_4096);
 
@@ -5764,17 +5865,17 @@ static const int sizeof_bench_dilithium_level5_key = sizeof(bench_dilithium_leve
 static const unsigned char bench_sphincs_fast_level1_key[] =
 {
         0x30, 0x71, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06, 0x2B,
-        0xCE, 0x0F, 0x06, 0x07, 0x04, 0x04, 0x62, 0x04, 0x60, 0x59,
-        0xE0, 0xD4, 0x1F, 0x22, 0x74, 0xBD, 0xAC, 0x46, 0x01, 0xE4,
-        0x8C, 0x89, 0xB7, 0x39, 0x20, 0x9F, 0x6F, 0x96, 0xC4, 0xE7,
-        0x78, 0x0F, 0xA1, 0x7D, 0xEC, 0xE8, 0xD5, 0xC3, 0xDD, 0x45,
-        0x13, 0x56, 0xCF, 0xEA, 0x68, 0x70, 0x2A, 0xFF, 0xDA, 0x9A,
-        0xA3, 0x2B, 0xEC, 0x4D, 0xBF, 0x7D, 0x09, 0xC0, 0xCC, 0xF4,
-        0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D, 0xC2, 0x9E,
-        0xD1, 0xB4, 0x12, 0x56, 0xCF, 0xEA, 0x68, 0x70, 0x2A, 0xFF,
-        0xDA, 0x9A, 0xA3, 0x2B, 0xEC, 0x4D, 0xBF, 0x7D, 0x09, 0xC0,
-        0xCC, 0xF4, 0x2F, 0xF2, 0xAC, 0x74, 0xDF, 0x0E, 0x20, 0x9D,
-        0xC2, 0x9E, 0xD1, 0xB4, 0x12
+        0xCE, 0x0F, 0x06, 0x07, 0x0D, 0x04, 0x62, 0x04, 0x60, 0xD8,
+        0xC4, 0x6E, 0x8D, 0x3B, 0xB7, 0xE7, 0x48, 0x8D, 0x6F, 0x0C,
+        0x3D, 0xDF, 0xAB, 0x79, 0xB6, 0x62, 0xAE, 0x89, 0x19, 0x6F,
+        0x5E, 0xF9, 0xD3, 0x3A, 0x69, 0xBA, 0xFF, 0x4C, 0x46, 0xDE,
+        0xAA, 0x7C, 0x40, 0x79, 0x8C, 0xE1, 0xE5, 0x30, 0xE6, 0xDF,
+        0x4E, 0x23, 0x5E, 0x14, 0xDB, 0x0A, 0x48, 0x4E, 0xF6, 0x57,
+        0xCE, 0x45, 0x8F, 0x8B, 0x1D, 0x68, 0x63, 0xAA, 0x24, 0xA4,
+        0xE1, 0x0D, 0xFB, 0x7C, 0x40, 0x79, 0x8C, 0xE1, 0xE5, 0x30,
+        0xE6, 0xDF, 0x4E, 0x23, 0x5E, 0x14, 0xDB, 0x0A, 0x48, 0x4E,
+        0xF6, 0x57, 0xCE, 0x45, 0x8F, 0x8B, 0x1D, 0x68, 0x63, 0xAA,
+        0x24, 0xA4, 0xE1, 0x0D, 0xFB
 };
 static const int sizeof_bench_sphincs_fast_level1_key = sizeof(bench_sphincs_fast_level1_key);
 
@@ -5782,22 +5883,22 @@ static const int sizeof_bench_sphincs_fast_level1_key = sizeof(bench_sphincs_fas
 static const unsigned char bench_sphincs_fast_level3_key[] =
 {
         0x30, 0x81, 0xA3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
-        0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x03, 0x04, 0x81, 0x93, 0x04,
-        0x81, 0x90, 0x00, 0x8E, 0xB0, 0x75, 0x2E, 0xC5, 0x61, 0x66,
-        0xEE, 0x01, 0xEE, 0x97, 0x13, 0xD7, 0x65, 0x69, 0xEA, 0x5C,
-        0x23, 0xAA, 0x6E, 0x86, 0x04, 0xE9, 0x2A, 0xEC, 0x8C, 0xA3,
-        0xB7, 0x28, 0xEB, 0xDF, 0x0E, 0x77, 0x07, 0x59, 0x3F, 0xB6,
-        0x10, 0xB3, 0xCC, 0xE1, 0x09, 0x64, 0xC4, 0x42, 0x37, 0x71,
-        0xDC, 0xB4, 0x20, 0x2D, 0x03, 0x00, 0x6C, 0x4C, 0x3F, 0xE3,
-        0x80, 0x28, 0xEC, 0x90, 0xF9, 0xDB, 0x50, 0xFC, 0x0A, 0x58,
-        0xC2, 0x81, 0xE2, 0x17, 0x06, 0x7A, 0x58, 0xBB, 0x21, 0x90,
-        0xC8, 0xE6, 0x64, 0x8B, 0xF4, 0x68, 0x70, 0x1D, 0xE2, 0xAB,
-        0x8F, 0x50, 0x4D, 0xEE, 0x29, 0xD7, 0x15, 0x5E, 0xDC, 0xB4,
-        0x20, 0x2D, 0x03, 0x00, 0x6C, 0x4C, 0x3F, 0xE3, 0x80, 0x28,
-        0xEC, 0x90, 0xF9, 0xDB, 0x50, 0xFC, 0x0A, 0x58, 0xC2, 0x81,
-        0xE2, 0x17, 0x06, 0x7A, 0x58, 0xBB, 0x21, 0x90, 0xC8, 0xE6,
-        0x64, 0x8B, 0xF4, 0x68, 0x70, 0x1D, 0xE2, 0xAB, 0x8F, 0x50,
-        0x4D, 0xEE, 0x29, 0xD7, 0x15, 0x5E
+        0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x0A, 0x04, 0x81, 0x93, 0x04,
+        0x81, 0x90, 0xB2, 0x3A, 0x67, 0xA6, 0x4B, 0x8E, 0xB9, 0xEF,
+        0xAD, 0x99, 0xE4, 0x3D, 0x65, 0xE8, 0xEE, 0xCF, 0xAC, 0xCF,
+        0x2F, 0xDE, 0xBC, 0x11, 0x67, 0x8D, 0x8F, 0x8D, 0x3E, 0x99,
+        0x31, 0x67, 0xED, 0x31, 0x6A, 0x05, 0x47, 0xC1, 0xDA, 0xC5,
+        0x14, 0x17, 0xA1, 0x93, 0x83, 0x44, 0x58, 0x09, 0x80, 0x3A,
+        0x47, 0x67, 0x42, 0x6D, 0x4C, 0xB7, 0xC8, 0x7D, 0x37, 0xF3,
+        0x90, 0xF7, 0x46, 0x92, 0xB6, 0x26, 0xF7, 0x4E, 0x0D, 0x8D,
+        0xB8, 0xCA, 0x8B, 0xA8, 0x20, 0x5D, 0x67, 0x85, 0xD2, 0x83,
+        0x2C, 0x2A, 0x38, 0x1F, 0x57, 0x89, 0x76, 0x8C, 0x6D, 0x88,
+        0xCE, 0x18, 0x4F, 0xA7, 0x88, 0x48, 0x7C, 0x0D, 0x47, 0x67,
+        0x42, 0x6D, 0x4C, 0xB7, 0xC8, 0x7D, 0x37, 0xF3, 0x90, 0xF7,
+        0x46, 0x92, 0xB6, 0x26, 0xF7, 0x4E, 0x0D, 0x8D, 0xB8, 0xCA,
+        0x8B, 0xA8, 0x20, 0x5D, 0x67, 0x85, 0xD2, 0x83, 0x2C, 0x2A,
+        0x38, 0x1F, 0x57, 0x89, 0x76, 0x8C, 0x6D, 0x88, 0xCE, 0x18,
+        0x4F, 0xA7, 0x88, 0x48, 0x7C, 0x0D
 };
 static const int sizeof_bench_sphincs_fast_level3_key = sizeof(bench_sphincs_fast_level3_key);
 
@@ -5805,27 +5906,27 @@ static const int sizeof_bench_sphincs_fast_level3_key = sizeof(bench_sphincs_fas
 static const unsigned char bench_sphincs_fast_level5_key[] =
 {
         0x30, 0x81, 0xD3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
-        0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x03, 0x04, 0x81, 0xC3, 0x04,
-        0x81, 0xC0, 0x91, 0x8B, 0xB7, 0x1A, 0x08, 0x61, 0x50, 0x70,
-        0x26, 0x71, 0xCD, 0x36, 0x10, 0xE2, 0xB8, 0x95, 0x0D, 0xA7,
-        0x57, 0xC7, 0x18, 0xFF, 0x55, 0xA4, 0x16, 0x9D, 0x3C, 0xF8,
-        0xA3, 0x48, 0xB0, 0x9B, 0xFD, 0x22, 0xBE, 0x20, 0x3D, 0x88,
-        0x96, 0x0B, 0xF1, 0x6D, 0x05, 0x8A, 0x1B, 0x71, 0xCE, 0xCD,
-        0x31, 0x01, 0xEA, 0xAC, 0x62, 0x61, 0x1F, 0x4A, 0xC1, 0x62,
-        0x05, 0x36, 0xBB, 0x7F, 0xEF, 0x5B, 0x42, 0x8B, 0xC6, 0xCD,
-        0xEF, 0xCE, 0xE1, 0x00, 0x39, 0x4F, 0x01, 0xBC, 0x03, 0x94,
-        0x00, 0xA8, 0x7F, 0x22, 0xB9, 0x9F, 0x79, 0x51, 0x25, 0x61,
-        0x1B, 0x43, 0x47, 0x52, 0xD0, 0x39, 0x2B, 0x93, 0xC5, 0xD4,
-        0x2A, 0xE1, 0xEF, 0x0B, 0x01, 0x36, 0xC3, 0x54, 0xC8, 0xDE,
-        0xF4, 0xA2, 0x6F, 0x4C, 0x4B, 0xEC, 0x5D, 0x9D, 0xEE, 0xC9,
-        0xFA, 0xBE, 0xFA, 0x5F, 0xC4, 0x89, 0xC1, 0xFC, 0xEB, 0xA8,
-        0x42, 0x8B, 0xC6, 0xCD, 0xEF, 0xCE, 0xE1, 0x00, 0x39, 0x4F,
-        0x01, 0xBC, 0x03, 0x94, 0x00, 0xA8, 0x7F, 0x22, 0xB9, 0x9F,
-        0x79, 0x51, 0x25, 0x61, 0x1B, 0x43, 0x47, 0x52, 0xD0, 0x39,
-        0x2B, 0x93, 0xC5, 0xD4, 0x2A, 0xE1, 0xEF, 0x0B, 0x01, 0x36,
-        0xC3, 0x54, 0xC8, 0xDE, 0xF4, 0xA2, 0x6F, 0x4C, 0x4B, 0xEC,
-        0x5D, 0x9D, 0xEE, 0xC9, 0xFA, 0xBE, 0xFA, 0x5F, 0xC4, 0x89,
-        0xC1, 0xFC, 0xEB, 0xA8
+        0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x0A, 0x04, 0x81, 0xC3, 0x04,
+        0x81, 0xC0, 0xAB, 0xD3, 0xFD, 0x3B, 0x17, 0x00, 0xCD, 0xD5,
+        0xB2, 0xEE, 0xD2, 0x36, 0xE5, 0xF7, 0x1D, 0xDC, 0xC8, 0x42,
+        0xDB, 0x53, 0x6A, 0x8A, 0x0D, 0x6D, 0xD2, 0x3C, 0x1C, 0x7C,
+        0x98, 0x4D, 0x73, 0xC8, 0xAB, 0x2E, 0xAA, 0x7A, 0xC0, 0x26,
+        0xC4, 0x0D, 0x7E, 0xB4, 0xD3, 0xBB, 0x13, 0xF4, 0x6E, 0xFE,
+        0x0E, 0xA5, 0xA4, 0x58, 0x57, 0xA2, 0xDD, 0x99, 0x62, 0xB9,
+        0xBA, 0xC2, 0x5B, 0x26, 0xED, 0x6E, 0x99, 0xFA, 0x11, 0x0E,
+        0xCF, 0x33, 0x54, 0x85, 0x56, 0x0C, 0xEB, 0x2A, 0xB0, 0xAA,
+        0xEB, 0x74, 0x14, 0x89, 0x1A, 0xB9, 0x38, 0xF5, 0x29, 0x66,
+        0x28, 0x28, 0x17, 0xF5, 0x72, 0x42, 0xEE, 0xC0, 0x14, 0x59,
+        0xA0, 0x72, 0x9B, 0x9B, 0x1E, 0x7F, 0x70, 0x70, 0xBB, 0x89,
+        0x0C, 0x7E, 0x87, 0x8B, 0x83, 0x80, 0x2B, 0x66, 0x58, 0x64,
+        0x1D, 0x94, 0xAF, 0x58, 0xB5, 0x23, 0x2C, 0xA1, 0xE9, 0x95,
+        0x99, 0xFA, 0x11, 0x0E, 0xCF, 0x33, 0x54, 0x85, 0x56, 0x0C,
+        0xEB, 0x2A, 0xB0, 0xAA, 0xEB, 0x74, 0x14, 0x89, 0x1A, 0xB9,
+        0x38, 0xF5, 0x29, 0x66, 0x28, 0x28, 0x17, 0xF5, 0x72, 0x42,
+        0xEE, 0xC0, 0x14, 0x59, 0xA0, 0x72, 0x9B, 0x9B, 0x1E, 0x7F,
+        0x70, 0x70, 0xBB, 0x89, 0x0C, 0x7E, 0x87, 0x8B, 0x83, 0x80,
+        0x2B, 0x66, 0x58, 0x64, 0x1D, 0x94, 0xAF, 0x58, 0xB5, 0x23,
+        0x2C, 0xA1, 0xE9, 0x95
 };
 static const int sizeof_bench_sphincs_fast_level5_key = sizeof(bench_sphincs_fast_level5_key);
 
@@ -5833,17 +5934,17 @@ static const int sizeof_bench_sphincs_fast_level5_key = sizeof(bench_sphincs_fas
 static const unsigned char bench_sphincs_small_level1_key[] =
 {
         0x30, 0x71, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06, 0x2B,
-        0xCE, 0x0F, 0x06, 0x07, 0x0A, 0x04, 0x62, 0x04, 0x60, 0x44,
-        0x7A, 0xCF, 0xB9, 0x03, 0xF2, 0xB2, 0x41, 0xBC, 0x1A, 0xE6,
-        0x75, 0x29, 0x04, 0xDA, 0x6C, 0x6E, 0x08, 0x17, 0x1E, 0x46,
-        0x75, 0xE8, 0x32, 0x23, 0xCD, 0x11, 0xC8, 0x88, 0xF7, 0x00,
-        0x11, 0x4C, 0xBD, 0x14, 0x62, 0xC2, 0x4B, 0x83, 0x36, 0xDE,
-        0x61, 0x78, 0x7F, 0x09, 0x16, 0x97, 0x98, 0x3D, 0x52, 0x70,
-        0x7F, 0xED, 0x86, 0xDB, 0x75, 0x42, 0x52, 0xF3, 0xB1, 0xAE,
-        0x70, 0x7F, 0xD3, 0x4C, 0xBD, 0x14, 0x62, 0xC2, 0x4B, 0x83,
-        0x36, 0xDE, 0x61, 0x78, 0x7F, 0x09, 0x16, 0x97, 0x98, 0x3D,
-        0x52, 0x70, 0x7F, 0xED, 0x86, 0xDB, 0x75, 0x42, 0x52, 0xF3,
-        0xB1, 0xAE, 0x70, 0x7F, 0xD3
+        0xCE, 0x0F, 0x06, 0x07, 0x10, 0x04, 0x62, 0x04, 0x60, 0xFF,
+        0x26, 0x56, 0x65, 0xAC, 0x6C, 0x0B, 0x72, 0x2D, 0x8D, 0xB8,
+        0x29, 0x4A, 0x15, 0x7E, 0xEF, 0x55, 0xFD, 0xBE, 0xF4, 0xC0,
+        0xE6, 0x6F, 0x2B, 0x7A, 0x97, 0x60, 0x51, 0x1C, 0xCB, 0x82,
+        0x43, 0x44, 0xDE, 0x14, 0x3D, 0x4F, 0xE7, 0x3C, 0x1C, 0xB3,
+        0xBB, 0x9F, 0xE8, 0x9F, 0x8F, 0xA4, 0xAD, 0xB9, 0x52, 0xC1,
+        0x31, 0xF7, 0xC1, 0x86, 0x7E, 0x73, 0xFB, 0x9E, 0x72, 0x57,
+        0x8A, 0xD7, 0x44, 0x44, 0xDE, 0x14, 0x3D, 0x4F, 0xE7, 0x3C,
+        0x1C, 0xB3, 0xBB, 0x9F, 0xE8, 0x9F, 0x8F, 0xA4, 0xAD, 0xB9,
+        0x52, 0xC1, 0x31, 0xF7, 0xC1, 0x86, 0x7E, 0x73, 0xFB, 0x9E,
+        0x72, 0x57, 0x8A, 0xD7, 0x44
 };
 static const int sizeof_bench_sphincs_small_level1_key = sizeof(bench_sphincs_small_level1_key);
 
@@ -5851,22 +5952,22 @@ static const int sizeof_bench_sphincs_small_level1_key = sizeof(bench_sphincs_sm
 static const unsigned char bench_sphincs_small_level3_key[] =
 {
         0x30, 0x81, 0xA3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
-        0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x07, 0x04, 0x81, 0x93, 0x04,
-        0x81, 0x90, 0x7E, 0x80, 0x20, 0x6C, 0x20, 0xAE, 0x7D, 0xAB,
-        0xC1, 0x4E, 0x15, 0x51, 0x0C, 0xDD, 0x96, 0xAC, 0xFB, 0xD2,
-        0x5B, 0xF1, 0xEB, 0x51, 0xDC, 0xC3, 0xB3, 0x92, 0x33, 0xC2,
-        0x54, 0x59, 0x4F, 0xB2, 0x33, 0x7C, 0x10, 0xC6, 0xA3, 0x49,
-        0x8D, 0x07, 0x52, 0xB2, 0xA1, 0x14, 0x0C, 0x54, 0x21, 0xD4,
-        0xB1, 0xCC, 0xBD, 0xB1, 0x20, 0xAC, 0xF1, 0xBD, 0xF5, 0x60,
-        0x2F, 0x07, 0x98, 0x57, 0x4E, 0x31, 0x6F, 0x42, 0x84, 0xCE,
-        0x71, 0x72, 0x74, 0x20, 0xDF, 0x38, 0x39, 0xFB, 0xD3, 0xEE,
-        0xAD, 0xFB, 0xB6, 0x2B, 0x60, 0x61, 0x85, 0xF1, 0x2A, 0x59,
-        0x00, 0xA5, 0xCA, 0xC8, 0xE3, 0x3F, 0x96, 0xE9, 0xB1, 0xCC,
-        0xBD, 0xB1, 0x20, 0xAC, 0xF1, 0xBD, 0xF5, 0x60, 0x2F, 0x07,
-        0x98, 0x57, 0x4E, 0x31, 0x6F, 0x42, 0x84, 0xCE, 0x71, 0x72,
-        0x74, 0x20, 0xDF, 0x38, 0x39, 0xFB, 0xD3, 0xEE, 0xAD, 0xFB,
-        0xB6, 0x2B, 0x60, 0x61, 0x85, 0xF1, 0x2A, 0x59, 0x00, 0xA5,
-        0xCA, 0xC8, 0xE3, 0x3F, 0x96, 0xE9
+        0x2B, 0xCE, 0x0F, 0x06, 0x08, 0x0C, 0x04, 0x81, 0x93, 0x04,
+        0x81, 0x90, 0x59, 0xC1, 0x44, 0x8A, 0x5F, 0xF3, 0xF1, 0xB3,
+        0xB8, 0xFF, 0x98, 0x7F, 0x86, 0x4A, 0x4C, 0x19, 0xFC, 0x51,
+        0xB8, 0x12, 0x87, 0x9C, 0x52, 0xD6, 0x7F, 0xD6, 0xB0, 0xA9,
+        0xF7, 0xED, 0x44, 0x26, 0xAF, 0xC2, 0xCE, 0x47, 0xD9, 0xE3,
+        0x95, 0x1A, 0xE6, 0x11, 0xC1, 0x37, 0x67, 0xA5, 0x89, 0xDD,
+        0x37, 0x6A, 0xE9, 0xC3, 0x8C, 0x9B, 0x3E, 0xBA, 0xB1, 0x76,
+        0x4A, 0x5A, 0xEE, 0xCD, 0x96, 0x66, 0xF2, 0x53, 0xDA, 0x8C,
+        0x89, 0x69, 0xBF, 0xBF, 0xF9, 0xA5, 0xBC, 0x7D, 0x80, 0xA8,
+        0x97, 0x63, 0x90, 0x55, 0x58, 0x6C, 0x0A, 0x52, 0x61, 0x0B,
+        0xF3, 0xBC, 0xE1, 0x1F, 0xB4, 0xA6, 0x5F, 0x9F, 0x37, 0x6A,
+        0xE9, 0xC3, 0x8C, 0x9B, 0x3E, 0xBA, 0xB1, 0x76, 0x4A, 0x5A,
+        0xEE, 0xCD, 0x96, 0x66, 0xF2, 0x53, 0xDA, 0x8C, 0x89, 0x69,
+        0xBF, 0xBF, 0xF9, 0xA5, 0xBC, 0x7D, 0x80, 0xA8, 0x97, 0x63,
+        0x90, 0x55, 0x58, 0x6C, 0x0A, 0x52, 0x61, 0x0B, 0xF3, 0xBC,
+        0xE1, 0x1F, 0xB4, 0xA6, 0x5F, 0x9F
 };
 static const int sizeof_bench_sphincs_small_level3_key = sizeof(bench_sphincs_small_level3_key);
 
@@ -5874,27 +5975,27 @@ static const int sizeof_bench_sphincs_small_level3_key = sizeof(bench_sphincs_sm
 static const unsigned char bench_sphincs_small_level5_key[] =
 {
         0x30, 0x81, 0xD3, 0x02, 0x01, 0x00, 0x30, 0x08, 0x06, 0x06,
-        0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x07, 0x04, 0x81, 0xC3, 0x04,
-        0x81, 0xC0, 0x5E, 0xEA, 0x46, 0x6D, 0xE5, 0xA1, 0x70, 0x07,
-        0xF0, 0x5C, 0x59, 0xD5, 0xD7, 0x37, 0x06, 0xC7, 0xD6, 0x1C,
-        0xEA, 0x06, 0x15, 0x6E, 0xB3, 0x07, 0x71, 0x34, 0xE8, 0xD4,
-        0x13, 0x65, 0x58, 0xAE, 0xAC, 0xE9, 0x32, 0x26, 0x76, 0xCD,
-        0x2C, 0x3D, 0x11, 0xF7, 0xAB, 0x8A, 0x84, 0x4F, 0x56, 0x6F,
-        0x2F, 0x63, 0x82, 0x1A, 0x37, 0xAA, 0xAA, 0x49, 0x50, 0xC8,
-        0xA5, 0x92, 0x6E, 0x3F, 0xD6, 0x67, 0xEA, 0x5C, 0x18, 0x8A,
-        0x99, 0xD2, 0xB6, 0xE3, 0xD7, 0x68, 0x9E, 0x65, 0x21, 0xDD,
-        0xE3, 0x44, 0x8B, 0x32, 0x30, 0x31, 0xA8, 0xF2, 0xBB, 0xED,
-        0xC0, 0x3E, 0x1A, 0x7B, 0x36, 0xD8, 0xAD, 0x2A, 0xA4, 0x81,
-        0xAC, 0xD3, 0x08, 0xAC, 0x54, 0x2A, 0xAC, 0xAA, 0x1B, 0x64,
-        0x58, 0x7B, 0x94, 0xE0, 0x16, 0x36, 0xC9, 0x92, 0x09, 0x6A,
-        0x8C, 0x4D, 0xE3, 0xAB, 0x0F, 0x1C, 0xE8, 0x77, 0x1F, 0xE5,
-        0xEA, 0x5C, 0x18, 0x8A, 0x99, 0xD2, 0xB6, 0xE3, 0xD7, 0x68,
-        0x9E, 0x65, 0x21, 0xDD, 0xE3, 0x44, 0x8B, 0x32, 0x30, 0x31,
-        0xA8, 0xF2, 0xBB, 0xED, 0xC0, 0x3E, 0x1A, 0x7B, 0x36, 0xD8,
-        0xAD, 0x2A, 0xA4, 0x81, 0xAC, 0xD3, 0x08, 0xAC, 0x54, 0x2A,
-        0xAC, 0xAA, 0x1B, 0x64, 0x58, 0x7B, 0x94, 0xE0, 0x16, 0x36,
-        0xC9, 0x92, 0x09, 0x6A, 0x8C, 0x4D, 0xE3, 0xAB, 0x0F, 0x1C,
-        0xE8, 0x77, 0x1F, 0xE5
+        0x2B, 0xCE, 0x0F, 0x06, 0x09, 0x0C, 0x04, 0x81, 0xC3, 0x04,
+        0x81, 0xC0, 0x53, 0xE5, 0x25, 0x41, 0x1C, 0xCB, 0x8F, 0xAF,
+        0x83, 0xBE, 0x64, 0x43, 0x70, 0x4E, 0x1D, 0x86, 0xF8, 0xFA,
+        0xEA, 0x65, 0x9B, 0x45, 0xBC, 0xF1, 0x79, 0x57, 0x87, 0x51,
+        0x2F, 0x6D, 0x50, 0xB8, 0x0D, 0x9A, 0x9F, 0x8C, 0xE8, 0x9B,
+        0xE8, 0xFA, 0x1E, 0xF0, 0xA1, 0x98, 0xCA, 0x8B, 0x34, 0xD4,
+        0x71, 0x53, 0xF0, 0xA7, 0x1D, 0xD6, 0x0D, 0xDF, 0x63, 0x61,
+        0xA7, 0x12, 0x80, 0x64, 0xF7, 0x73, 0x14, 0x03, 0xD4, 0x54,
+        0x01, 0x9D, 0x9D, 0x5D, 0x42, 0xC1, 0x2B, 0x91, 0xC3, 0xA2,
+        0xD3, 0x12, 0x67, 0x35, 0x3B, 0xD7, 0x67, 0x31, 0xD5, 0xDC,
+        0xDF, 0x4C, 0x4C, 0xAA, 0x45, 0xA8, 0x5D, 0x1E, 0xFB, 0x9E,
+        0x34, 0x5D, 0x4B, 0x83, 0x77, 0xBF, 0x52, 0x8A, 0xDB, 0x67,
+        0x7A, 0x52, 0xA4, 0x02, 0x29, 0xEB, 0x34, 0x9A, 0x4E, 0x86,
+        0x25, 0x66, 0xFF, 0xA0, 0x79, 0x47, 0xBE, 0x94, 0xC2, 0x69,
+        0x14, 0x03, 0xD4, 0x54, 0x01, 0x9D, 0x9D, 0x5D, 0x42, 0xC1,
+        0x2B, 0x91, 0xC3, 0xA2, 0xD3, 0x12, 0x67, 0x35, 0x3B, 0xD7,
+        0x67, 0x31, 0xD5, 0xDC, 0xDF, 0x4C, 0x4C, 0xAA, 0x45, 0xA8,
+        0x5D, 0x1E, 0xFB, 0x9E, 0x34, 0x5D, 0x4B, 0x83, 0x77, 0xBF,
+        0x52, 0x8A, 0xDB, 0x67, 0x7A, 0x52, 0xA4, 0x02, 0x29, 0xEB,
+        0x34, 0x9A, 0x4E, 0x86, 0x25, 0x66, 0xFF, 0xA0, 0x79, 0x47,
+        0xBE, 0x94, 0xC2, 0x69
 };
 static const int sizeof_bench_sphincs_small_level5_key = sizeof(bench_sphincs_small_level5_key);
 
@@ -5940,10 +6041,10 @@ static const int sizeof_ecc_clikeypub_der_256 = sizeof(ecc_clikeypub_der_256);
 /* ./certs/client-ecc-cert.der, ECC */
 static const unsigned char cliecc_cert_der_256[] =
 {
-        0x30, 0x82, 0x03, 0x5E, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x59, 0xE6, 0x5A, 0x21, 0xE0,
-        0xC4, 0x3F, 0x67, 0x06, 0x9B, 0x21, 0x43, 0x3E, 0x76, 0xCA,
-        0xF0, 0x3F, 0x68, 0x5B, 0x53, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+        0x30, 0x82, 0x03, 0x5D, 0x30, 0x82, 0x03, 0x04, 0xA0, 0x03,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x37, 0x67, 0x2A, 0x05, 0x24,
+        0xB5, 0x2B, 0xB6, 0xAE, 0x40, 0x6B, 0xE1, 0x75, 0xE0, 0x97,
+        0xCC, 0x1D, 0x12, 0x8B, 0x2A, 0x30, 0x0A, 0x06, 0x08, 0x2A,
         0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x8D,
         0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
         0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55,
@@ -5959,10 +6060,10 @@ static const unsigned char cliecc_cert_der_256[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x8D, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06,
         0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, 0x0E, 0x30, 0x0C,
@@ -6008,9 +6109,9 @@ static const unsigned char cliecc_cert_der_256[] =
         0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
         0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
         0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x82, 0x14, 0x59, 0xE6, 0x5A, 0x21, 0xE0,
-        0xC4, 0x3F, 0x67, 0x06, 0x9B, 0x21, 0x43, 0x3E, 0x76, 0xCA,
-        0xF0, 0x3F, 0x68, 0x5B, 0x53, 0x30, 0x0C, 0x06, 0x03, 0x55,
+        0x63, 0x6F, 0x6D, 0x82, 0x14, 0x37, 0x67, 0x2A, 0x05, 0x24,
+        0xB5, 0x2B, 0xB6, 0xAE, 0x40, 0x6B, 0xE1, 0x75, 0xE0, 0x97,
+        0xCC, 0x1D, 0x12, 0x8B, 0x2A, 0x30, 0x0C, 0x06, 0x03, 0x55,
         0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30,
         0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13,
         0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E,
@@ -6019,14 +6120,14 @@ static const unsigned char cliecc_cert_der_256[] =
         0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
         0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02,
         0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04,
-        0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x20, 0x70,
-        0xF8, 0x0E, 0x6E, 0x91, 0xC9, 0x09, 0x77, 0x25, 0x8C, 0xBA,
-        0x99, 0x6D, 0x54, 0x2D, 0xA8, 0x52, 0x87, 0x17, 0x51, 0x24,
-        0x8B, 0x13, 0x92, 0x89, 0x7D, 0xC9, 0xBA, 0xB4, 0x43, 0x2E,
-        0x48, 0x02, 0x21, 0x00, 0xAB, 0x41, 0x13, 0x3A, 0xD5, 0xEB,
-        0x68, 0x66, 0x36, 0x56, 0x7C, 0x75, 0x5D, 0x37, 0xE3, 0xF6,
-        0x27, 0x7F, 0x54, 0xD5, 0x42, 0x80, 0x29, 0xDB, 0xE5, 0x9B,
-        0x16, 0x8A, 0xD3, 0xC2, 0xAD, 0xD6
+        0x03, 0x02, 0x03, 0x47, 0x00, 0x30, 0x44, 0x02, 0x20, 0x7A,
+        0x6D, 0xC5, 0xBD, 0x6F, 0x9D, 0x54, 0x4F, 0xC5, 0x4C, 0xD0,
+        0x12, 0x8C, 0x31, 0x3B, 0xB6, 0x17, 0x80, 0x9E, 0xC7, 0x34,
+        0xF8, 0xC5, 0xDA, 0xFB, 0x61, 0x23, 0x35, 0xE6, 0x93, 0x35,
+        0xB4, 0x02, 0x20, 0x1B, 0x6A, 0x86, 0xC4, 0x11, 0xBE, 0x7C,
+        0x15, 0xA7, 0x5E, 0xAB, 0x85, 0xEE, 0xB7, 0x8C, 0x20, 0xDC,
+        0xEB, 0x17, 0xA3, 0xF2, 0x66, 0x63, 0xAA, 0x6B, 0x67, 0xE0,
+        0x62, 0x1F, 0x17, 0x3E, 0xAC
 };
 static const int sizeof_cliecc_cert_der_256 = sizeof(cliecc_cert_der_256);
 
@@ -6065,13 +6166,32 @@ static const unsigned char ecc_key_pub_der_256[] =
 };
 static const int sizeof_ecc_key_pub_der_256 = sizeof(ecc_key_pub_der_256);
 
+/* ./certs/statickeys/ecc-secp256r1.der, ECC */
+static const unsigned char ecc_secp_r1_statickey_der_256[] =
+{
+        0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0xD3, 0x6B, 0xC6,
+        0x68, 0x76, 0xDE, 0xD8, 0x97, 0x95, 0xF6, 0xD9, 0x8E, 0x2F,
+        0x41, 0x73, 0x53, 0xF8, 0x03, 0x57, 0xED, 0x90, 0x80, 0x19,
+        0xEB, 0xAA, 0x4A, 0x91, 0x8A, 0x8F, 0x31, 0x63, 0x45, 0xA0,
+        0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+        0x07, 0xA1, 0x44, 0x03, 0x42, 0x00, 0x04, 0x58, 0xA0, 0x80,
+        0x7C, 0x51, 0xEC, 0xDD, 0x41, 0x5F, 0x93, 0xA8, 0x7A, 0x60,
+        0x47, 0x47, 0xE9, 0xCF, 0x5A, 0x40, 0xE4, 0xDD, 0x37, 0xEC,
+        0xCA, 0xA7, 0x10, 0x1C, 0x43, 0xDA, 0xE8, 0x73, 0x8C, 0x28,
+        0xF5, 0xC9, 0xEC, 0x1A, 0x33, 0x0B, 0x26, 0x2E, 0x97, 0x80,
+        0x2E, 0xE0, 0xB8, 0x01, 0x91, 0x16, 0xB4, 0xCC, 0x02, 0x18,
+        0xB5, 0x1D, 0xCC, 0xBA, 0x3C, 0xED, 0x04, 0xC9, 0xA8, 0x92,
+        0x37
+};
+static const int sizeof_ecc_secp_r1_statickey_der_256 = sizeof(ecc_secp_r1_statickey_der_256);
+
 /* ./certs/server-ecc-comp.der, ECC */
 static const unsigned char serv_ecc_comp_der_256[] =
 {
         0x30, 0x82, 0x03, 0x77, 0x30, 0x82, 0x03, 0x1D, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x04, 0xD0, 0xEE, 0xF8, 0x6F,
-        0x67, 0x42, 0xA9, 0x6F, 0x3F, 0xD2, 0x7D, 0x6E, 0x7B, 0xCE,
-        0x29, 0xCE, 0x14, 0xD2, 0x1B, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x21, 0xD7, 0x53, 0x80, 0x24,
+        0x5C, 0xEB, 0xBF, 0xC0, 0xA4, 0x40, 0xF4, 0x42, 0x19, 0x3B,
+        0x83, 0xFD, 0x58, 0xC5, 0xA6, 0x30, 0x0A, 0x06, 0x08, 0x2A,
         0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0xA0,
         0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
         0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55,
@@ -6089,10 +6209,10 @@ static const unsigned char serv_ecc_comp_der_256[] =
         0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
         0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
         0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36,
-        0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32,
-        0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x34,
-        0x39, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06,
+        0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33,
+        0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D, 0x32,
+        0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32,
+        0x38, 0x5A, 0x30, 0x81, 0xA0, 0x31, 0x0B, 0x30, 0x09, 0x06,
         0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
         0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
         0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E,
@@ -6139,8 +6259,8 @@ static const unsigned char serv_ecc_comp_der_256[] =
         0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01,
         0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C,
         0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14,
-        0x04, 0xD0, 0xEE, 0xF8, 0x6F, 0x67, 0x42, 0xA9, 0x6F, 0x3F,
-        0xD2, 0x7D, 0x6E, 0x7B, 0xCE, 0x29, 0xCE, 0x14, 0xD2, 0x1B,
+        0x21, 0xD7, 0x53, 0x80, 0x24, 0x5C, 0xEB, 0xBF, 0xC0, 0xA4,
+        0x40, 0xF4, 0x42, 0x19, 0x3B, 0x83, 0xFD, 0x58, 0xC5, 0xA6,
         0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30,
         0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D,
         0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61,
@@ -6150,14 +6270,14 @@ static const unsigned char serv_ecc_comp_der_256[] =
         0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01,
         0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x0A, 0x06, 0x08, 0x2A,
         0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00,
-        0x30, 0x45, 0x02, 0x21, 0x00, 0x8D, 0x97, 0x8F, 0xD4, 0x70,
-        0xBF, 0x10, 0x7A, 0x3F, 0xF4, 0x35, 0xBB, 0x8E, 0x6D, 0x39,
-        0x5B, 0xA1, 0x02, 0xEE, 0x32, 0xDA, 0x02, 0x91, 0x57, 0x02,
-        0x0B, 0x43, 0x08, 0x3E, 0x61, 0xDA, 0xF1, 0x02, 0x20, 0x73,
-        0x55, 0x17, 0x84, 0x06, 0x34, 0x0E, 0x9B, 0xCD, 0x55, 0xC4,
-        0x6D, 0x3B, 0x26, 0xA3, 0xED, 0x3A, 0x8B, 0xBA, 0x22, 0xE3,
-        0xDC, 0x35, 0xFB, 0x8C, 0x0F, 0xB7, 0xBA, 0x6C, 0x63, 0x9D,
-        0xE1
+        0x30, 0x45, 0x02, 0x20, 0x57, 0x1A, 0x59, 0xBC, 0xC9, 0x45,
+        0x0A, 0x46, 0xE6, 0x16, 0xDA, 0x17, 0xCE, 0xC3, 0x0A, 0x57,
+        0x57, 0xF2, 0x3D, 0x15, 0xCD, 0xCA, 0x1B, 0xA7, 0xA8, 0x39,
+        0x2E, 0x9D, 0x09, 0xF3, 0x3E, 0xA0, 0x02, 0x21, 0x00, 0xDE,
+        0xA3, 0x3A, 0x4D, 0x88, 0x38, 0x2B, 0x3A, 0x84, 0xDE, 0x2F,
+        0x0A, 0x81, 0x14, 0x57, 0x7F, 0x7F, 0x2E, 0xD6, 0xA5, 0x4D,
+        0x61, 0x10, 0x69, 0xB9, 0xA2, 0xC6, 0x51, 0xCD, 0x80, 0x4A,
+        0x63
 };
 static const int sizeof_serv_ecc_comp_der_256 = sizeof(serv_ecc_comp_der_256);
 
@@ -6182,10 +6302,10 @@ static const unsigned char serv_ecc_rsa_der_256[] =
         0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
         0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
         0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
-        0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
-        0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
-        0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30,
+        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+        0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+        0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+        0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x9D, 0x31, 0x0B, 0x30,
         0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
         0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
         0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10,
@@ -6233,9 +6353,9 @@ static const unsigned char serv_ecc_rsa_der_256[] =
         0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09,
         0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16,
         0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x2C,
-        0x80, 0xCE, 0xDB, 0x47, 0x9D, 0x07, 0x66, 0x92, 0x3D, 0x68,
-        0xD7, 0xCA, 0xAC, 0x90, 0x4F, 0xCA, 0x69, 0x41, 0x4B, 0x30,
+        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x14, 0x33,
+        0x44, 0x1A, 0xA8, 0x6C, 0x01, 0xEC, 0xF6, 0x60, 0xF2, 0x70,
+        0x51, 0x0A, 0x4C, 0xD1, 0x14, 0xFA, 0xBC, 0xE9, 0x44, 0x30,
         0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03,
         0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x1D, 0x11,
         0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65, 0x78, 0x61, 0x6D,
@@ -6245,32 +6365,32 @@ static const unsigned char serv_ecc_rsa_der_256[] =
         0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05,
         0x05, 0x07, 0x03, 0x02, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86,
         0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B, 0x05, 0x00, 0x03,
-        0x82, 0x01, 0x01, 0x00, 0x44, 0xDA, 0x4D, 0xA2, 0xD3, 0x96,
-        0x51, 0x31, 0x35, 0x74, 0x21, 0xD5, 0x27, 0x0D, 0xAB, 0x72,
-        0xEB, 0xD8, 0x24, 0x11, 0x3C, 0x52, 0x07, 0x01, 0x51, 0xE8,
-        0x26, 0x11, 0x39, 0xDA, 0xAC, 0x57, 0xCA, 0xE3, 0x8D, 0x8C,
-        0x91, 0x16, 0x28, 0xE3, 0x7B, 0xFE, 0x58, 0x76, 0x0A, 0x3E,
-        0x9D, 0xAC, 0xF3, 0xCE, 0x9F, 0x5A, 0xFF, 0x07, 0xC9, 0xA1,
-        0x27, 0x9A, 0x9A, 0x5C, 0xDB, 0x82, 0xBA, 0x0E, 0xD0, 0x80,
-        0xBC, 0xCF, 0xB1, 0x34, 0x6A, 0x26, 0xAF, 0x15, 0x7A, 0x21,
-        0xF6, 0xA9, 0x48, 0x3C, 0xC6, 0x02, 0xD0, 0x4E, 0x32, 0xAC,
-        0x75, 0x17, 0x60, 0x19, 0x45, 0x12, 0x37, 0x5D, 0x75, 0x65,
-        0x84, 0xCA, 0xE8, 0x40, 0x73, 0xF5, 0x1C, 0x71, 0x82, 0xAE,
-        0xE2, 0x3A, 0x1C, 0xD7, 0x4C, 0x59, 0xF2, 0x83, 0x16, 0x1F,
-        0x77, 0x02, 0x91, 0xCC, 0x9C, 0xAA, 0xC9, 0xE7, 0x72, 0x6B,
-        0xFF, 0x40, 0x7E, 0xDA, 0x35, 0x65, 0x47, 0xBD, 0x55, 0x90,
-        0xC8, 0xC8, 0x21, 0xB2, 0xFB, 0x89, 0xD4, 0xD4, 0xCC, 0x39,
-        0x02, 0x54, 0x20, 0x83, 0x17, 0x46, 0xEB, 0x5F, 0x60, 0x58,
-        0x35, 0x4E, 0xCA, 0x24, 0x8D, 0x0B, 0x77, 0x10, 0xB0, 0x4A,
-        0x2A, 0x51, 0xA9, 0xD0, 0x74, 0x27, 0x35, 0x61, 0x76, 0x0F,
-        0x94, 0x2C, 0x0B, 0x10, 0x1D, 0xB8, 0x4A, 0x3E, 0x38, 0x95,
-        0x17, 0x0A, 0x0A, 0x7E, 0xC6, 0x35, 0xC3, 0x68, 0x89, 0xC0,
-        0x82, 0x8B, 0x61, 0xB8, 0xE6, 0x2F, 0xF9, 0xC8, 0x58, 0x96,
-        0xC7, 0x1F, 0xEB, 0x1D, 0x2F, 0x09, 0x34, 0x5F, 0xBF, 0x76,
-        0xAF, 0x00, 0x6C, 0x33, 0x80, 0x10, 0x5B, 0xA0, 0xD2, 0x76,
-        0x6F, 0xE2, 0x4C, 0x96, 0xB6, 0x2D, 0xDC, 0xC0, 0x21, 0x43,
-        0x6E, 0xF3, 0x58, 0x2A, 0x4B, 0xA6, 0xEF, 0x15, 0xB5, 0xCA,
-        0x00, 0x28, 0x1A, 0xC6, 0xE0, 0x31, 0xF0, 0x5D, 0x99, 0x70
+        0x82, 0x01, 0x01, 0x00, 0x16, 0xB7, 0xD3, 0x9C, 0x7C, 0x6E,
+        0xD2, 0xB7, 0x79, 0xAA, 0x5A, 0x16, 0x0B, 0x1E, 0xDA, 0xD0,
+        0xF7, 0xDF, 0x64, 0xC9, 0x3C, 0xB8, 0x41, 0x24, 0x4B, 0x1B,
+        0xC2, 0x83, 0x5E, 0xDF, 0xDE, 0xA8, 0x8A, 0x7C, 0xEB, 0x07,
+        0x75, 0x20, 0xF6, 0xF3, 0x4C, 0xBD, 0x3F, 0x2E, 0xF0, 0xF0,
+        0xDA, 0x4B, 0xC5, 0xD2, 0xC4, 0xF8, 0xDB, 0x34, 0x75, 0xE2,
+        0x32, 0xB4, 0x34, 0x92, 0x8A, 0x7F, 0xD7, 0x84, 0xEA, 0xDF,
+        0x99, 0xCA, 0x64, 0xE6, 0x7C, 0x68, 0x05, 0x1C, 0x75, 0xDE,
+        0x3F, 0x06, 0x65, 0x5D, 0xFC, 0x29, 0xC9, 0x73, 0x0F, 0x4A,
+        0xAD, 0xFD, 0xBC, 0x0D, 0x91, 0x37, 0x67, 0x63, 0x55, 0x65,
+        0x93, 0x99, 0x56, 0x84, 0x25, 0x1B, 0xF1, 0x50, 0x03, 0x31,
+        0x2D, 0x48, 0xAD, 0xA3, 0x38, 0x91, 0x29, 0x88, 0xB8, 0x72,
+        0x08, 0x4C, 0x11, 0x36, 0x35, 0x20, 0x13, 0x78, 0x98, 0xD8,
+        0x84, 0x30, 0xC5, 0x7B, 0x70, 0x24, 0x45, 0x8C, 0xE1, 0x55,
+        0x80, 0x06, 0x5F, 0x19, 0x57, 0x89, 0x58, 0x1C, 0x2A, 0x40,
+        0xFB, 0xF3, 0xA6, 0xBF, 0xEA, 0x41, 0x7A, 0x79, 0x2C, 0xAB,
+        0xFE, 0xB6, 0x16, 0x5D, 0xD5, 0xFA, 0x32, 0x50, 0x9D, 0x89,
+        0xF2, 0xCC, 0x87, 0x7A, 0x57, 0xCF, 0x4D, 0x38, 0xC4, 0xD5,
+        0x33, 0x9A, 0x4D, 0x83, 0xC9, 0x00, 0xB8, 0x36, 0x66, 0x14,
+        0x76, 0x20, 0xC1, 0x7A, 0xC7, 0xF7, 0x0A, 0x94, 0x69, 0xCE,
+        0x0A, 0x0F, 0x81, 0x04, 0x12, 0x5F, 0x71, 0xD0, 0xD1, 0xFF,
+        0x08, 0xD0, 0x89, 0x6F, 0xAC, 0x45, 0xD3, 0x06, 0x23, 0xA0,
+        0x76, 0x88, 0xAD, 0x5D, 0x9A, 0x7A, 0x8C, 0x1F, 0x61, 0xD4,
+        0xD8, 0x21, 0x1D, 0x8E, 0x05, 0x89, 0xD1, 0xD4, 0xD6, 0x86,
+        0x5B, 0x4B, 0x43, 0xE6, 0x03, 0x4A, 0x10, 0x48, 0xF4, 0x1B,
+        0x9D, 0x3B, 0x76, 0xD8, 0x2C, 0xAD, 0xFA, 0x33, 0xA5, 0x70
 
 };
 static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256);
@@ -6278,7 +6398,7 @@ static const int sizeof_serv_ecc_rsa_der_256 = sizeof(serv_ecc_rsa_der_256);
 /* ./certs/server-ecc.der, ECC */
 static const unsigned char serv_ecc_der_256[] =
 {
-        0x30, 0x82, 0x02, 0xA1, 0x30, 0x82, 0x02, 0x47, 0xA0, 0x03,
+        0x30, 0x82, 0x02, 0xA2, 0x30, 0x82, 0x02, 0x48, 0xA0, 0x03,
         0x02, 0x01, 0x02, 0x02, 0x01, 0x03, 0x30, 0x0A, 0x06, 0x08,
         0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81,
         0x97, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
@@ -6296,56 +6416,56 @@ static const unsigned char serv_ecc_der_256[] =
         0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
         0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F,
         0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63,
-        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32,
-        0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17,
-        0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31,
-        0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x8F, 0x31, 0x0B, 0x30,
+        0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32,
+        0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17,
+        0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31,
+        0x39, 0x32, 0x38, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30,
         0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53,
         0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C,
         0x0A, 0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F,
         0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07,
         0x0C, 0x07, 0x53, 0x65, 0x61, 0x74, 0x74, 0x6C, 0x65, 0x31,
-        0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07,
-        0x45, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C, 0x30,
-        0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45, 0x43,
-        0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03,
-        0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66,
-        0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30,
-        0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
-        0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77,
-        0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D,
-        0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE,
-        0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
-        0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33, 0xAC,
-        0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3, 0x3C,
-        0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA, 0x2B,
-        0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61, 0x02,
-        0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B, 0x97,
-        0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11, 0x02,
-        0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34, 0x89,
-        0xD8, 0xA3, 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D, 0x06,
-        0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D, 0x5D,
-        0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15, 0x2B,
-        0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, 0x89, 0x30, 0x30, 0x1F,
-        0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80,
-        0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18, 0xB9,
-        0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3, 0xA5,
-        0x21, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01, 0x01,
-        0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03, 0x55,
-        0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x03,
-        0xA8, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04, 0x0C,
-        0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07,
-        0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
-        0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06,
-        0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D,
-        0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21,
-        0x00, 0xCF, 0x3A, 0x17, 0x97, 0xD4, 0xBE, 0x7C, 0x50, 0xE1,
-        0xBE, 0x1B, 0x53, 0x95, 0x7B, 0xA3, 0xB8, 0xC6, 0x73, 0xC4,
-        0x34, 0xE0, 0x73, 0x5A, 0xDB, 0x3E, 0xCB, 0x3A, 0xB6, 0xA8,
-        0xF1, 0xCD, 0xBF, 0x02, 0x20, 0x2B, 0xE6, 0xF9, 0x65, 0xB2,
-        0xAB, 0x0F, 0xBB, 0x2B, 0x36, 0x5C, 0xCC, 0x2E, 0x19, 0xA9,
-        0x59, 0x1C, 0x6F, 0x6F, 0xCE, 0x9B, 0x7A, 0xE6, 0x5B, 0x65,
-        0x31, 0x33, 0x80, 0x05, 0xCB, 0x7C, 0x96
+        0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08,
+        0x45, 0x6C, 0x6C, 0x69, 0x70, 0x74, 0x69, 0x63, 0x31, 0x0C,
+        0x30, 0x0A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x03, 0x45,
+        0x43, 0x43, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04,
+        0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C,
+        0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F,
+        0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+        0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
+        0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
+        0x6D, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
+        0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE,
+        0x3D, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xBB, 0x33,
+        0xAC, 0x4C, 0x27, 0x50, 0x4A, 0xC6, 0x4A, 0xA5, 0x04, 0xC3,
+        0x3C, 0xDE, 0x9F, 0x36, 0xDB, 0x72, 0x2D, 0xCE, 0x94, 0xEA,
+        0x2B, 0xFA, 0xCB, 0x20, 0x09, 0x39, 0x2C, 0x16, 0xE8, 0x61,
+        0x02, 0xE9, 0xAF, 0x4D, 0xD3, 0x02, 0x93, 0x9A, 0x31, 0x5B,
+        0x97, 0x92, 0x21, 0x7F, 0xF0, 0xCF, 0x18, 0xDA, 0x91, 0x11,
+        0x02, 0x34, 0x86, 0xE8, 0x20, 0x58, 0x33, 0x0B, 0x80, 0x34,
+        0x89, 0xD8, 0xA3, 0x81, 0x89, 0x30, 0x81, 0x86, 0x30, 0x1D,
+        0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x5D,
+        0x5D, 0x26, 0xEF, 0xAC, 0x7E, 0x36, 0xF9, 0x9B, 0x76, 0x15,
+        0x2B, 0x4A, 0x25, 0x02, 0x23, 0xEF, 0xB2, 0x89, 0x30, 0x30,
+        0x1F, 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16,
+        0x80, 0x14, 0x56, 0x8E, 0x9A, 0xC3, 0xF0, 0x42, 0xDE, 0x18,
+        0xB9, 0x45, 0x55, 0x6E, 0xF9, 0x93, 0xCF, 0xEA, 0xC3, 0xF3,
+        0xA5, 0x21, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x01,
+        0x01, 0xFF, 0x04, 0x02, 0x30, 0x00, 0x30, 0x0E, 0x06, 0x03,
+        0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02,
+        0x03, 0xA8, 0x30, 0x13, 0x06, 0x03, 0x55, 0x1D, 0x25, 0x04,
+        0x0C, 0x30, 0x0A, 0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05,
+        0x07, 0x03, 0x01, 0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48,
+        0x01, 0x86, 0xF8, 0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02,
+        0x06, 0x40, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE,
+        0x3D, 0x04, 0x03, 0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02,
+        0x21, 0x00, 0x86, 0xBD, 0x87, 0x16, 0xD2, 0x9C, 0x66, 0xE7,
+        0x5E, 0x5C, 0x28, 0x0E, 0x5F, 0xEF, 0x94, 0x61, 0x2F, 0xD4,
+        0x21, 0x6D, 0x8E, 0xC3, 0x94, 0x0A, 0x1E, 0xB5, 0x6A, 0x1D,
+        0xC6, 0x04, 0x87, 0xC6, 0x02, 0x20, 0x66, 0x46, 0xC4, 0x29,
+        0xD9, 0x8E, 0xEB, 0x0B, 0xF7, 0x5B, 0x32, 0x13, 0xEB, 0x0A,
+        0xEA, 0x47, 0x99, 0x4B, 0x74, 0x56, 0xBA, 0x21, 0x97, 0xB1,
+        0x67, 0x75, 0x5C, 0xF3, 0xF3, 0xC0, 0x88, 0xAA
 };
 static const int sizeof_serv_ecc_der_256 = sizeof(serv_ecc_der_256);
 
@@ -6371,10 +6491,10 @@ static const int sizeof_ca_ecc_key_der_256 = sizeof(ca_ecc_key_der_256);
 /* ./certs/ca-ecc-cert.der, ECC */
 static const unsigned char ca_ecc_cert_der_256[] =
 {
-        0x30, 0x82, 0x02, 0x96, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x65, 0x67, 0x42, 0x4C, 0x06,
-        0xE7, 0xE4, 0xC3, 0x68, 0x01, 0xA9, 0x94, 0xA9, 0x07, 0xE6,
-        0xFE, 0xBD, 0x2C, 0xD6, 0x3D, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+        0x30, 0x82, 0x02, 0x95, 0x30, 0x82, 0x02, 0x3B, 0xA0, 0x03,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x0F, 0x17, 0x46, 0x70, 0xFD,
+        0xC2, 0x70, 0xD1, 0xF9, 0x42, 0x49, 0x9C, 0x1A, 0xC3, 0x5D,
+        0xDD, 0x30, 0xC8, 0x5F, 0x85, 0x30, 0x0A, 0x06, 0x08, 0x2A,
         0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x81, 0x97,
         0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
         0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
@@ -6391,10 +6511,10 @@ static const unsigned char ca_ecc_cert_der_256[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A,
         0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E,
@@ -6430,14 +6550,14 @@ static const unsigned char ca_ecc_cert_der_256[] =
         0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F,
         0x01, 0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30,
         0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03,
-        0x02, 0x03, 0x49, 0x00, 0x30, 0x46, 0x02, 0x21, 0x00, 0xB0,
-        0x12, 0x16, 0x03, 0x26, 0x79, 0xD4, 0x6B, 0x94, 0xD9, 0x7E,
-        0xCA, 0xE1, 0x2D, 0x24, 0x64, 0xEF, 0x11, 0x6E, 0xF2, 0x12,
-        0x81, 0xE4, 0xCE, 0x1D, 0x77, 0x7D, 0xCA, 0x5C, 0x47, 0x50,
-        0x62, 0x02, 0x21, 0x00, 0x80, 0xBF, 0x46, 0x3C, 0x5D, 0xD8,
-        0xE5, 0xAB, 0x47, 0xCE, 0xA2, 0x19, 0xBD, 0x21, 0xDE, 0x85,
-        0x6F, 0xAB, 0xC9, 0x8F, 0x01, 0xF3, 0xAB, 0x1B, 0xB9, 0xE1,
-        0x53, 0xD6, 0x24, 0x77, 0xA6, 0x4D
+        0x02, 0x03, 0x48, 0x00, 0x30, 0x45, 0x02, 0x21, 0x00, 0xC8,
+        0x64, 0x7F, 0xEE, 0x4B, 0xBE, 0x83, 0x48, 0x13, 0xEA, 0x92,
+        0xF8, 0x1A, 0x82, 0x1E, 0x85, 0xB1, 0x5A, 0xA4, 0x1C, 0xE3,
+        0xE8, 0xEA, 0x25, 0x44, 0x6F, 0xE7, 0x70, 0xFD, 0xEB, 0xF3,
+        0x76, 0x02, 0x20, 0x44, 0x02, 0xA2, 0xEC, 0xC5, 0xA1, 0xAE,
+        0xE2, 0xA4, 0x8A, 0xD9, 0x13, 0x95, 0x2B, 0xA6, 0x5B, 0x09,
+        0x57, 0x86, 0x61, 0x42, 0x96, 0x97, 0xF0, 0x95, 0x62, 0x0C,
+        0x03, 0xE6, 0x53, 0x04, 0x25
 };
 static const int sizeof_ca_ecc_cert_der_256 = sizeof(ca_ecc_cert_der_256);
 
@@ -6467,10 +6587,10 @@ static const int sizeof_ca_ecc_key_der_384 = sizeof(ca_ecc_key_der_384);
 /* ./certs/ca-ecc384-cert.der, ECC */
 static const unsigned char ca_ecc_cert_der_384[] =
 {
-        0x30, 0x82, 0x02, 0xD1, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x0A, 0xF8, 0xC7, 0xEE, 0x86,
-        0x55, 0x2F, 0x18, 0x21, 0xBF, 0x88, 0x49, 0x50, 0x03, 0x5A,
-        0xFC, 0x2D, 0x93, 0x31, 0x0A, 0x30, 0x0A, 0x06, 0x08, 0x2A,
+        0x30, 0x82, 0x02, 0xD2, 0x30, 0x82, 0x02, 0x58, 0xA0, 0x03,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x2E, 0xEA, 0xF0, 0x11, 0x40,
+        0x1E, 0xAD, 0xFA, 0xA7, 0x85, 0x68, 0x65, 0x7A, 0x25, 0x2B,
+        0x13, 0xB7, 0x61, 0xD7, 0x80, 0x30, 0x0A, 0x06, 0x08, 0x2A,
         0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03, 0x30, 0x81, 0x97,
         0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
         0x02, 0x55, 0x53, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55,
@@ -6487,10 +6607,10 @@ static const unsigned char ca_ecc_cert_der_384[] =
         0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
         0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40,
         0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F,
-        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31,
-        0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x17, 0x0D,
-        0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
+        0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31,
+        0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x38, 0x5A, 0x17, 0x0D,
+        0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x38, 0x5A, 0x30, 0x81, 0x97, 0x31, 0x0B, 0x30, 0x09,
         0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31,
         0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x0A,
         0x57, 0x61, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x74, 0x6F, 0x6E,
@@ -6529,17 +6649,17 @@ static const unsigned char ca_ecc_cert_der_384[] =
         0x01, 0xFF, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x1D, 0x0F, 0x01,
         0x01, 0xFF, 0x04, 0x04, 0x03, 0x02, 0x01, 0x86, 0x30, 0x0A,
         0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x03,
-        0x03, 0x67, 0x00, 0x30, 0x64, 0x02, 0x30, 0x03, 0x31, 0x8C,
-        0xD3, 0x04, 0xF5, 0xB2, 0xBF, 0xBD, 0xA2, 0x27, 0x6A, 0xFF,
-        0xDD, 0x7F, 0xBD, 0x88, 0xD5, 0x3E, 0x09, 0x9A, 0xCF, 0xDA,
-        0x79, 0x95, 0x6B, 0x32, 0x6F, 0xFA, 0x98, 0xD8, 0x48, 0x8B,
-        0x99, 0x91, 0xFE, 0x39, 0x9E, 0x7B, 0x35, 0x2C, 0x78, 0x32,
-        0xBA, 0xA3, 0x0B, 0x65, 0x1C, 0x02, 0x30, 0x3E, 0x6A, 0x10,
-        0x8C, 0x57, 0x47, 0x85, 0x73, 0x3C, 0xEB, 0x2A, 0x02, 0xB2,
-        0x27, 0x62, 0x1F, 0x44, 0x52, 0x2B, 0xB1, 0x34, 0x3F, 0x9C,
-        0x78, 0x70, 0x0A, 0x59, 0x01, 0x3E, 0xAD, 0xC0, 0x08, 0xBC,
-        0xD5, 0xD1, 0xA6, 0xC0, 0xDD, 0x2C, 0x8B, 0x2A, 0x8B, 0xF4,
-        0x04, 0xAD, 0xD3, 0x01, 0xE6
+        0x03, 0x68, 0x00, 0x30, 0x65, 0x02, 0x31, 0x00, 0xBD, 0x2E,
+        0x67, 0x71, 0x54, 0xBE, 0xB8, 0x5E, 0x29, 0x19, 0xD3, 0x18,
+        0xF7, 0xE1, 0xAE, 0x79, 0xF0, 0xCC, 0x09, 0xC3, 0x91, 0xC0,
+        0x81, 0xAB, 0xD7, 0xB7, 0x21, 0xF8, 0x4F, 0xDA, 0xBC, 0xAD,
+        0x0E, 0xFC, 0x3D, 0x54, 0x32, 0x21, 0x3A, 0x67, 0xC5, 0x26,
+        0x35, 0xE9, 0x33, 0xB2, 0x58, 0xD2, 0x02, 0x30, 0x64, 0x2F,
+        0xFB, 0x10, 0xD0, 0x65, 0xB5, 0xAC, 0xBB, 0xB3, 0x41, 0x64,
+        0x24, 0xEB, 0x0A, 0x6B, 0xAE, 0xA4, 0xED, 0x3E, 0xC8, 0x62,
+        0x81, 0x45, 0x97, 0x92, 0xAD, 0x61, 0xEB, 0x69, 0x54, 0xCE,
+        0x42, 0x83, 0xBB, 0x68, 0x23, 0x20, 0xF7, 0xB2, 0x5A, 0x55,
+        0x0C, 0xD4, 0xE6, 0x13, 0x42, 0x61
 };
 static const int sizeof_ca_ecc_cert_der_384 = sizeof(ca_ecc_cert_der_384);
 
@@ -6628,9 +6748,9 @@ static const unsigned char server_ed25519_cert[] =
         0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A, 0x09, 0x92, 0x26,
         0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01, 0x0C, 0x07, 0x77,
         0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30, 0x1E, 0x17, 0x0D,
-        0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37,
-        0x34, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31,
-        0x31, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81,
+        0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39,
+        0x32, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30,
+        0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39, 0x5A, 0x30, 0x81,
         0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06,
         0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03,
         0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61,
@@ -6668,14 +6788,14 @@ static const unsigned char server_ed25519_cert[] =
         0x06, 0x08, 0x2B, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01,
         0x30, 0x11, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8,
         0x42, 0x01, 0x01, 0x04, 0x04, 0x03, 0x02, 0x06, 0x40, 0x30,
-        0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x36,
-        0x3F, 0x8D, 0x2F, 0x28, 0xBD, 0x51, 0x83, 0xB8, 0xD8, 0x9C,
-        0x09, 0x64, 0xC4, 0x77, 0xFD, 0xCD, 0xC6, 0xC3, 0x86, 0xB0,
-        0x8D, 0x81, 0xE3, 0xE9, 0xCE, 0x7A, 0x2A, 0x32, 0x15, 0xE9,
-        0xF9, 0x6A, 0x75, 0x1A, 0xA0, 0x5E, 0x71, 0x62, 0x72, 0xDE,
-        0x46, 0x11, 0xA8, 0x9D, 0xDB, 0x80, 0x6B, 0x73, 0x38, 0x61,
-        0x0C, 0xF3, 0x24, 0x11, 0x45, 0xC9, 0xA1, 0xD3, 0xD2, 0x3B,
-        0x05, 0xD5, 0x05
+        0x05, 0x06, 0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x22,
+        0xD7, 0x34, 0xAC, 0x33, 0x65, 0x8B, 0x18, 0xA4, 0x34, 0xF9,
+        0x3A, 0xE6, 0xCE, 0xC1, 0x77, 0xA6, 0x3D, 0x2A, 0x2A, 0xEE,
+        0x22, 0xAD, 0x6E, 0xFC, 0x36, 0xFC, 0x98, 0x8D, 0x8A, 0xFD,
+        0x3F, 0xCB, 0xA9, 0x74, 0x01, 0x25, 0x96, 0x05, 0xE1, 0x39,
+        0x13, 0x8B, 0xD9, 0x05, 0x6D, 0xC9, 0xBA, 0x0E, 0x5D, 0x36,
+        0xBF, 0x39, 0x03, 0x57, 0x2A, 0x55, 0xFC, 0xE3, 0x53, 0xC3,
+        0x1B, 0xE1, 0x0B
 };
 static const int sizeof_server_ed25519_cert = sizeof(server_ed25519_cert);
 
@@ -6711,10 +6831,10 @@ static const unsigned char ca_ed25519_cert[] =
         0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86,
         0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66,
         0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E,
-        0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31,
-        0x32, 0x31, 0x36, 0x32, 0x31, 0x31, 0x37, 0x34, 0x39, 0x5A,
-        0x17, 0x0D, 0x32, 0x35, 0x30, 0x39, 0x31, 0x31, 0x32, 0x31,
-        0x31, 0x37, 0x34, 0x39, 0x5A, 0x30, 0x81, 0xB4, 0x31, 0x0B,
+        0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31,
+        0x32, 0x31, 0x33, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39, 0x5A,
+        0x17, 0x0D, 0x32, 0x36, 0x30, 0x39, 0x30, 0x38, 0x32, 0x32,
+        0x31, 0x39, 0x32, 0x39, 0x5A, 0x30, 0x81, 0xB4, 0x31, 0x0B,
         0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55,
         0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08,
         0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31,
@@ -6748,13 +6868,13 @@ static const unsigned char ca_ed25519_cert[] =
         0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0E, 0x06,
         0x03, 0x55, 0x1D, 0x0F, 0x01, 0x01, 0xFF, 0x04, 0x04, 0x03,
         0x02, 0x01, 0x86, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x70,
-        0x03, 0x41, 0x00, 0x40, 0x01, 0x0F, 0x0B, 0x8D, 0xD6, 0xAA,
-        0xDC, 0x2C, 0xB3, 0x40, 0x22, 0xE7, 0x78, 0xEF, 0x1C, 0x8B,
-        0x08, 0x27, 0xEE, 0xD9, 0xD7, 0xB6, 0x91, 0xB3, 0x2D, 0x3D,
-        0xAC, 0xB9, 0x50, 0xFB, 0x2F, 0xB5, 0x25, 0x63, 0x5A, 0x1A,
-        0x3D, 0x3E, 0xCD, 0x81, 0xA1, 0xA9, 0xE7, 0xD5, 0xA1, 0x4A,
-        0x19, 0xB8, 0x4C, 0xB0, 0x1D, 0x3C, 0x8A, 0xE3, 0x47, 0xC0,
-        0xF6, 0x41, 0x95, 0xE6, 0x59, 0x23, 0x08
+        0x03, 0x41, 0x00, 0xE6, 0x71, 0xA0, 0x59, 0x63, 0xB4, 0x31,
+        0x31, 0x1F, 0x75, 0x06, 0xCE, 0xF1, 0x89, 0xF0, 0xE7, 0xA2,
+        0xDB, 0xA8, 0xC1, 0xE4, 0xC8, 0x61, 0x38, 0x0C, 0xE6, 0xE9,
+        0xE7, 0xB9, 0x9F, 0xCE, 0xE2, 0xF5, 0x49, 0xA3, 0xF5, 0x04,
+        0x1E, 0x85, 0xF7, 0x7D, 0x10, 0xFB, 0x1D, 0xEE, 0xB6, 0xDC,
+        0x5E, 0x51, 0xF1, 0x82, 0x33, 0xA4, 0xED, 0xE0, 0x0A, 0x65,
+        0x09, 0x2B, 0x0E, 0x1E, 0xB2, 0xAF, 0x0B
 };
 static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert);
 
@@ -6762,9 +6882,9 @@ static const int sizeof_ca_ed25519_cert = sizeof(ca_ed25519_cert);
 static const unsigned char client_ed25519_cert[] =
 {
         0x30, 0x82, 0x03, 0x9F, 0x30, 0x82, 0x03, 0x51, 0xA0, 0x03,
-        0x02, 0x01, 0x02, 0x02, 0x14, 0x69, 0xAC, 0xB8, 0xB4, 0xF7,
-        0xE4, 0x11, 0xCB, 0xC5, 0x63, 0xB2, 0xCC, 0x2A, 0xA8, 0xE2,
-        0x0F, 0x55, 0xEE, 0x86, 0x86, 0x30, 0x05, 0x06, 0x03, 0x2B,
+        0x02, 0x01, 0x02, 0x02, 0x14, 0x31, 0xE6, 0x4A, 0xB1, 0x6B,
+        0x4E, 0x2E, 0x77, 0x7B, 0xD6, 0xE3, 0x94, 0x8A, 0xCF, 0x02,
+        0xB7, 0x58, 0x5A, 0xFB, 0xAB, 0x30, 0x05, 0x06, 0x03, 0x2B,
         0x65, 0x70, 0x30, 0x81, 0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06,
         0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10,
         0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D,
@@ -6784,9 +6904,9 @@ static const unsigned char client_ed25519_cert[] =
         0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06, 0x0A,
         0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01,
         0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x30,
-        0x1E, 0x17, 0x0D, 0x32, 0x32, 0x31, 0x32, 0x31, 0x36, 0x32,
-        0x31, 0x31, 0x37, 0x35, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x35,
-        0x30, 0x39, 0x31, 0x31, 0x32, 0x31, 0x31, 0x37, 0x35, 0x30,
+        0x1E, 0x17, 0x0D, 0x32, 0x33, 0x31, 0x32, 0x31, 0x33, 0x32,
+        0x32, 0x31, 0x39, 0x32, 0x39, 0x5A, 0x17, 0x0D, 0x32, 0x36,
+        0x30, 0x39, 0x30, 0x38, 0x32, 0x32, 0x31, 0x39, 0x32, 0x39,
         0x5A, 0x30, 0x81, 0xB8, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03,
         0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30,
         0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F,
@@ -6837,9 +6957,9 @@ static const unsigned char client_ed25519_cert[] =
         0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x17, 0x30, 0x15, 0x06,
         0x0A, 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01,
         0x01, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C,
-        0x82, 0x14, 0x69, 0xAC, 0xB8, 0xB4, 0xF7, 0xE4, 0x11, 0xCB,
-        0xC5, 0x63, 0xB2, 0xCC, 0x2A, 0xA8, 0xE2, 0x0F, 0x55, 0xEE,
-        0x86, 0x86, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
+        0x82, 0x14, 0x31, 0xE6, 0x4A, 0xB1, 0x6B, 0x4E, 0x2E, 0x77,
+        0x7B, 0xD6, 0xE3, 0x94, 0x8A, 0xCF, 0x02, 0xB7, 0x58, 0x5A,
+        0xFB, 0xAB, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04,
         0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x1C, 0x06, 0x03,
         0x55, 0x1D, 0x11, 0x04, 0x15, 0x30, 0x13, 0x82, 0x0B, 0x65,
         0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x2E, 0x63, 0x6F, 0x6D,
@@ -6847,14 +6967,14 @@ static const unsigned char client_ed25519_cert[] =
         0x55, 0x1D, 0x25, 0x04, 0x16, 0x30, 0x14, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01, 0x06, 0x08, 0x2B,
         0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02, 0x30, 0x05, 0x06,
-        0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x2E, 0x4A, 0xB8,
-        0x2A, 0xF0, 0x75, 0xEE, 0x31, 0x6A, 0x51, 0x0A, 0x6A, 0x54,
-        0x5B, 0x45, 0x6E, 0xAC, 0x03, 0xA8, 0xA9, 0x9A, 0xD4, 0xD6,
-        0x38, 0x02, 0xEB, 0x76, 0xB6, 0xA7, 0x66, 0x86, 0xEA, 0xE9,
-        0xF3, 0x6F, 0x31, 0x4E, 0xE4, 0x50, 0xD1, 0x75, 0xFE, 0x88,
-        0x3F, 0x23, 0x9D, 0x76, 0xD9, 0x9C, 0x07, 0x14, 0x13, 0x16,
-        0x30, 0xC3, 0x40, 0x51, 0x06, 0xDA, 0xA5, 0x39, 0x5F, 0x0A,
-        0x09
+        0x03, 0x2B, 0x65, 0x70, 0x03, 0x41, 0x00, 0x92, 0xAC, 0x52,
+        0xCF, 0x34, 0xC2, 0x76, 0x8A, 0x78, 0xF7, 0xEF, 0xDA, 0x3F,
+        0x79, 0xE9, 0x66, 0xD1, 0xDE, 0xE1, 0xD7, 0x56, 0xB5, 0x4B,
+        0xCF, 0xA7, 0xC2, 0x03, 0xAF, 0xCC, 0x23, 0x11, 0x4B, 0x44,
+        0x0C, 0x33, 0xCE, 0x45, 0xE0, 0x33, 0xEB, 0xCC, 0xC9, 0xF8,
+        0x38, 0x5B, 0x19, 0x6F, 0x86, 0x4D, 0x97, 0x30, 0xD1, 0x55,
+        0x6E, 0xCB, 0x5F, 0x39, 0xC9, 0xA3, 0x22, 0x16, 0x66, 0x5F,
+        0x07
 };
 static const int sizeof_client_ed25519_cert = sizeof(client_ed25519_cert);
 
@@ -6871,5 +6991,31 @@ static const int sizeof_client_ed25519_key = sizeof(client_ed25519_key);
 
 #endif /* HAVE_ED25519 */
 
+#if defined(USE_CERT_BUFFERS_25519)
+
+/* ./certs/statickeys/x25519.der, CURVE25519 */
+static const unsigned char x25519_statickey_der[] =
+{
+        0x30, 0x2E, 0x02, 0x01, 0x00, 0x30, 0x05, 0x06, 0x03, 0x2B,
+        0x65, 0x6E, 0x04, 0x22, 0x04, 0x20, 0x78, 0x8E, 0x31, 0x5C,
+        0x33, 0xA9, 0x19, 0xC0, 0x5E, 0x36, 0x70, 0x1B, 0xA4, 0xE8,
+        0xEF, 0xC1, 0x89, 0x8C, 0xB3, 0x15, 0xC6, 0x79, 0xD3, 0xAC,
+        0x22, 0x00, 0xAE, 0xFA, 0xB3, 0xB7, 0x0F, 0x78
+};
+static const int sizeof_x25519_statickey_der = sizeof(x25519_statickey_der);
+
+/* ./certs/statickeys/x25519-pub.der, CURVE25519 */
+static const unsigned char x25519_pub_statickey_der[] =
+{
+        0x30, 0x2A, 0x30, 0x05, 0x06, 0x03, 0x2B, 0x65, 0x6E, 0x03,
+        0x21, 0x00, 0x09, 0xBC, 0x8C, 0xC7, 0x45, 0x0D, 0xC1, 0xC2,
+        0x02, 0x57, 0x9A, 0x68, 0x3A, 0xFD, 0x7A, 0xA8, 0xA5, 0x2F,
+        0xF0, 0x99, 0x39, 0x98, 0xEA, 0x26, 0xA2, 0x5B, 0x38, 0xFD,
+        0x96, 0xDB, 0x2A, 0x26
+};
+static const int sizeof_x25519_pub_statickey_der = sizeof(x25519_pub_statickey_der);
+
+#endif /* USE_CERT_BUFFERS_25519 */
+
 #endif /* WOLFSSL_CERTS_TEST_H */
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/crl.h b/extra/wolfssl/wolfssl/wolfssl/crl.h
index e68aa79c..4b4dcc27 100644
--- a/extra/wolfssl/wolfssl/wolfssl/crl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/crl.h
@@ -42,6 +42,9 @@ WOLFSSL_LOCAL int  LoadCRL(WOLFSSL_CRL* crl, const char* path, int type,
 WOLFSSL_LOCAL int  BufferLoadCRL(WOLFSSL_CRL* crl, const byte* buff, long sz,
                                  int type, int verify);
 WOLFSSL_LOCAL int  CheckCertCRL(WOLFSSL_CRL* crl, DecodedCert* cert);
+WOLFSSL_LOCAL int  CheckCertCRL_ex(WOLFSSL_CRL* crl, byte* issuerHash,
+        byte* serial, int serialSz, byte* serialHash, const byte* extCrlInfo,
+        int extCrlInfoSz, void* issuerName);
 
 
 #ifdef __cplusplus
diff --git a/extra/wolfssl/wolfssl/wolfssl/error-ssl.h b/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
index 9a6a9cf2..e579bfb6 100644
--- a/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/error-ssl.h
@@ -191,7 +191,8 @@ enum wolfSSL_ErrorCodes {
     COMPRESSION_ERROR            = -502,   /* compression mismatch */
     KEY_SHARE_ERROR              = -503,   /* key share mismatch */
     POST_HAND_AUTH_ERROR         = -504,   /* client won't do post-hand auth */
-    HRR_COOKIE_ERROR             = -505    /* HRR msg cookie mismatch */
+    HRR_COOKIE_ERROR             = -505,   /* HRR msg cookie mismatch */
+    UNSUPPORTED_CERTIFICATE      = -506    /* unsupported certificate type */
     /* end negotiation parameter errors only 10 for now */
     /* add strings to wolfSSL_ERR_reason_error_string in internal.c !!!!! */
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/internal.h b/extra/wolfssl/wolfssl/wolfssl/internal.h
index dbe64dda..f59da64f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/internal.h
+++ b/extra/wolfssl/wolfssl/wolfssl/internal.h
@@ -55,9 +55,15 @@
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && defined(OPENSSL_EXTRA)
     #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
 #endif
+#ifdef HAVE_ARIA
+    #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#endif
 #ifdef HAVE_CAMELLIA
     #include <wolfssl/wolfcrypt/camellia.h>
 #endif
+#ifdef WOLFSSL_SM4
+    #include <wolfssl/wolfcrypt/sm4.h>
+#endif
 #include <wolfssl/wolfcrypt/logging.h>
 #ifndef NO_HMAC
     #include <wolfssl/wolfcrypt/hmac.h>
@@ -83,6 +89,9 @@
 #ifdef WOLFSSL_SHA512
     #include <wolfssl/wolfcrypt/sha512.h>
 #endif
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
 #ifdef HAVE_AESGCM
     #include <wolfssl/wolfcrypt/sha512.h>
 #endif
@@ -95,6 +104,9 @@
 #ifdef HAVE_ECC
     #include <wolfssl/wolfcrypt/ecc.h>
 #endif
+#ifdef WOLFSSL_SM2
+    #include <wolfssl/wolfcrypt/sm2.h>
+#endif
 #ifndef NO_DH
     #include <wolfssl/wolfcrypt/dh.h>
 #endif
@@ -267,6 +279,10 @@
 
 #include <wolfssl/wolfcrypt/hpke.h>
 
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+#include <wolfssl/sniffer.h>
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -640,6 +656,10 @@
                 #endif
             #endif
         #endif /* NO_AES */
+        #ifdef HAVE_ARIA
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
+        #endif /* HAVE_ARIA */
         #if !defined(NO_RC4) && !defined(WSSL_HARDEN_TLS)
             /* MUST NOT negotiate RC4 cipher suites
              * https://www.rfc-editor.org/rfc/rfc9325#section-4.1 */
@@ -840,6 +860,17 @@
     #endif
 #endif
 
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        #ifdef WOLFSSL_SM4_CBC
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3
+        #endif
+        #ifdef WOLFSSL_SM4_GCM
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3
+        #endif
+        #ifdef WOLFSSL_SM4_CCM
+            #define BUILD_TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3
+        #endif
+    #endif
 #endif
 
 #if defined(WOLFSSL_TLS13)
@@ -872,6 +903,16 @@
             #define BUILD_TLS_SHA384_SHA384
         #endif
     #endif
+
+    #ifdef WOLFSSL_SM3
+        #ifdef WOLFSSL_SM4_GCM
+            #define BUILD_TLS_SM4_GCM_SM3
+        #endif
+
+        #ifdef WOLFSSL_SM4_CCM
+            #define BUILD_TLS_SM4_CCM_SM3
+        #endif
+    #endif
 #endif
 
 #if !defined(WOLFCRYPT_ONLY) && defined(NO_PSK) && \
@@ -924,6 +965,11 @@
     #define NO_AESGCM_AEAD
 #endif
 
+#if defined(BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256) || \
+    defined(BUILD_TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384)
+    #define BUILD_ARIA
+#endif
+
 #if defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256) || \
     defined(BUILD_TLS_DHE_RSA_WITH_CHACHA20_OLD_POLY1305_SHA256) || \
     defined(BUILD_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256) || \
@@ -969,8 +1015,10 @@
 #if defined(WOLFSSL_MAX_STRENGTH) || \
     (defined(HAVE_AESGCM) && !defined(NO_AESGCM_AEAD)) || \
      defined(HAVE_AESCCM) || \
+     defined(HAVE_ARIA) || \
     (defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && \
      !defined(NO_CHAPOL_AEAD)) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
     (defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER))
 
     #define HAVE_AEAD
@@ -999,6 +1047,13 @@
 
 #undef WSSL_HARDEN_TLS
 
+#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
+#define SSL_CA_NAMES(ssl) ((ssl)->client_ca_names != NULL ? (ssl)->client_ca_names : \
+        (ssl)->ctx->client_ca_names)
+#else
+#define WOLFSSL_NO_CA_NAMES
+#endif
+
 /* actual cipher values, 2nd byte */
 enum {
     TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x16,
@@ -1140,6 +1195,21 @@ enum {
     TLS_SHA256_SHA256            = 0xB4,
     TLS_SHA384_SHA384            = 0xB5,
 
+    /* ARIA-GCM, first byte is 0xC0 (ECC_BYTE)
+    * See: https://www.rfc-editor.org/rfc/rfc6209.html#section-5
+    */
+    TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256   = 0x5c,
+    TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384   = 0x5d,
+
+    /* TLS v1.3 SM cipher suites - 0x00 (CIPHER_BYTE) is first byte */
+    TLS_SM4_GCM_SM3              = 0xC6,
+    TLS_SM4_CCM_SM3              = 0xC7,
+
+    /* TLS v1.2 SM cipher suites - 0xE0 (SM_BYTE) is first byte */
+    TLS_ECDHE_ECDSA_WITH_SM4_CBC_SM3 = 0x11,
+    TLS_ECDHE_ECDSA_WITH_SM4_GCM_SM3 = 0x51,
+    TLS_ECDHE_ECDSA_WITH_SM4_CCM_SM3 = 0x52,
+
     /* Fallback SCSV (Signaling Cipher Suite Value) */
     TLS_FALLBACK_SCSV                        = 0x56,
     /* Renegotiation Indication Extension Special Suite */
@@ -1395,6 +1465,15 @@ enum {
 #define DTLS_AEAD_AES_CCM_FAIL_LIMIT             w64From32(0x00B5, 0x04F3)
 #define DTLS_AEAD_AES_CCM_FAIL_KU_LIMIT          w64From32(0x005A, 0x8279)
 
+/* Limit is (2^22 - 1) full messages [2^36 - 31 octets]
+ * https://www.rfc-editor.org/rfc/rfc8998.html#name-aead_sm4_gcm
+ */
+#define AEAD_SM4_GCM_LIMIT                       w64From32(0, (1 << 22) - 1)
+/* Limit is (2^10 - 1) full messages [2^24 - 1 octets]
+ * https://www.rfc-editor.org/rfc/rfc8998.html#name-aead_sm4_ccm
+ */
+#define AEAD_SM4_CCM_LIMIT                       w64From32(0, (1 << 10) - 1)
+
 #if defined(WOLFSSL_TLS13) || !defined(NO_PSK)
 
 #define TLS13_TICKET_NONCE_MAX_SZ 255
@@ -1432,6 +1511,7 @@ enum Misc {
     CHACHA_BYTE    = 0xCC,         /* ChaCha first cipher suite */
     TLS13_BYTE     = 0x13,         /* TLS v1.3 first byte of cipher suite */
     ECDHE_PSK_BYTE = 0xD0,         /* RFC 8442 */
+    SM_BYTE        = 0xE0,         /* SM first byte - private range */
 
     SEND_CERT       = 1,
     SEND_BLANK_CERT = 2,
@@ -1572,7 +1652,8 @@ enum Misc {
     DTLS_EXPORT_PRO          = 165,/* wolfSSL protocol for serialized session */
     DTLS_EXPORT_STATE_PRO    = 166,/* wolfSSL protocol for serialized state */
     TLS_EXPORT_PRO           = 167,/* wolfSSL protocol for serialized TLS */
-    DTLS_EXPORT_OPT_SZ       = 61, /* amount of bytes used from Options */
+    DTLS_EXPORT_OPT_SZ       = 62, /* amount of bytes used from Options */
+    DTLS_EXPORT_OPT_SZ_4     = 61, /* amount of bytes used from Options */
     TLS_EXPORT_OPT_SZ        = 65, /* amount of bytes used from Options */
     DTLS_EXPORT_OPT_SZ_3     = 60, /* amount of bytes used from Options */
     DTLS_EXPORT_KEY_SZ       = 325 + (DTLS_SEQ_SZ * 2),
@@ -1585,8 +1666,9 @@ enum Misc {
     WOLFSSL_EXPORT_SPC_SZ    = 16, /* amount of bytes used from CipherSpecs */
 #endif
     WOLFSSL_EXPORT_LEN       = 2,  /* 2 bytes for length and protocol */
-    WOLFSSL_EXPORT_VERSION   = 4,  /* wolfSSL version for serialized session */
+    WOLFSSL_EXPORT_VERSION   = 5,  /* wolfSSL version for serialized session */
 
+    WOLFSSL_EXPORT_VERSION_4 = 4,  /* 5.6.4 release and before */
     /* older export versions supported */
     WOLFSSL_EXPORT_VERSION_3 = 3,  /* wolfSSL version before TLS 1.3 addition */
 
@@ -1611,21 +1693,16 @@ enum Misc {
     SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */
     TLS_MAX_PAD_SZ      = 255, /* Max padding in TLS */
 
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    MAX_SYM_KEY_SIZE    = AES_256_KEY_SIZE,
-#else
-    #if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
-        #if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
-            MAX_SYM_KEY_SIZE    = WC_SHA384_DIGEST_SIZE,
-        #elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
-            MAX_SYM_KEY_SIZE    = WC_SHA256_DIGEST_SIZE,
-        #else
-            MAX_SYM_KEY_SIZE    = WC_MAX_SYM_KEY_SIZE,
-        #endif
+#if defined(HAVE_NULL_CIPHER) && defined(WOLFSSL_TLS13)
+    #if defined(WOLFSSL_SHA384) && WC_MAX_SYM_KEY_SIZE < 48
+        MAX_SYM_KEY_SIZE    = WC_SHA384_DIGEST_SIZE,
+    #elif !defined(NO_SHA256) && WC_MAX_SYM_KEY_SIZE < 32
+        MAX_SYM_KEY_SIZE    = WC_SHA256_DIGEST_SIZE,
     #else
         MAX_SYM_KEY_SIZE    = WC_MAX_SYM_KEY_SIZE,
     #endif
+#else
+    MAX_SYM_KEY_SIZE    = WC_MAX_SYM_KEY_SIZE,
 #endif
 
 #if defined(HAVE_SELFTEST) && \
@@ -1651,6 +1728,9 @@ enum Misc {
     AESGCM_IMP_IV_SZ    = 4,   /* Size of GCM/CCM AEAD implicit IV */
     AESGCM_EXP_IV_SZ    = 8,   /* Size of GCM/CCM AEAD explicit IV */
     AESGCM_NONCE_SZ     = AESGCM_EXP_IV_SZ + AESGCM_IMP_IV_SZ,
+    GCM_IMP_IV_SZ       = 4,   /* Size of GCM/CCM AEAD implicit IV */
+    GCM_EXP_IV_SZ       = 8,   /* Size of GCM/CCM AEAD explicit IV */
+    GCM_NONCE_SZ        = GCM_EXP_IV_SZ + GCM_IMP_IV_SZ,
 
     CHACHA20_IMP_IV_SZ  = 12,  /* Size of ChaCha20 AEAD implicit IV */
     CHACHA20_NONCE_SZ   = 12,  /* Size of ChacCha20 nonce           */
@@ -1663,6 +1743,11 @@ enum Misc {
     AES_CCM_8_AUTH_SZ   = 8,  /* AES-CCM-8 Auth Tag Length  */
     AESCCM_NONCE_SZ     = 12,
 
+    SM4_GCM_AUTH_SZ     = 16, /* SM4-GCM Auth Tag length    */
+    SM4_GCM_NONCE_SZ    = 12, /* SM4 GCM Nonce length       */
+    SM4_CCM_AUTH_SZ     = 16, /* SM4-CCM Auth Tag length    */
+    SM4_CCM_NONCE_SZ    = 12, /* SM4 CCM Nonce length       */
+
     CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */
     CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */
     CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */
@@ -1681,7 +1766,7 @@ enum Misc {
 #ifndef ECDHE_SIZE /* allow this to be overridden at compile-time */
     ECDHE_SIZE          = 32,  /* ECDHE server size defaults to 256 bit */
 #endif
-    MAX_EXPORT_ECC_SZ   = 256, /* Export ANS X9.62 max future size */
+    MAX_EXPORT_ECC_SZ   = 256, /* Export ANSI X9.62 max future size */
     MAX_CURVE_NAME_SZ   = 16,  /* Maximum size of curve name string */
 
     NEW_SA_MAJOR        = 8,   /* Most significant byte used with new sig algos */
@@ -1689,6 +1774,8 @@ enum Misc {
     ED25519_SA_MINOR    = 7,   /* Least significant byte for ED25519 */
     ED448_SA_MAJOR      = 8,   /* Most significant byte for ED448 */
     ED448_SA_MINOR      = 8,   /* Least significant byte for ED448 */
+    SM2_SA_MAJOR        = 7,   /* Most significant byte for SM2 with SM3 */
+    SM2_SA_MINOR        = 8,   /* Least significant byte for SM2 with SM3 */
 
     PQC_SA_MAJOR        = 0xFE,/* Most significant byte used with PQC sig algs */
 
@@ -1737,13 +1824,6 @@ enum Misc {
     MAX_WOLFSSL_FILE_SIZE = 1024UL * 1024UL * 4,  /* 4 mb file size alloc limit */
 #endif
 
-#if defined(HAVE_PQC)
-    MAX_X509_SIZE      = 8*1024, /* max static x509 buffer size; dilithium is big */
-#elif defined(WOLFSSL_HAPROXY)
-    MAX_X509_SIZE      = 3072, /* max static x509 buffer size */
-#else
-    MAX_X509_SIZE      = 2048, /* max static x509 buffer size */
-#endif
     CERT_MIN_SIZE      =  256, /* min PEM cert size with header/footer */
 
     NO_SNIFF           =   0,  /* not sniffing */
@@ -1876,6 +1956,15 @@ enum Misc {
 #define SESSIDX_IDX_MASK  0x0F
 #endif
 
+#ifndef MAX_X509_SIZE
+    #if defined(HAVE_PQC)
+        #define MAX_X509_SIZE   (8*1024) /* max static x509 buffer size; dilithium is big */
+    #elif defined(WOLFSSL_HAPROXY)
+        #define MAX_X509_SIZE   3072 /* max static x509 buffer size */
+    #else
+        #define MAX_X509_SIZE   2048 /* max static x509 buffer size */
+    #endif
+#endif
 
 /* max cert chain peer depth */
 #ifndef MAX_CHAIN_DEPTH
@@ -1929,11 +2018,19 @@ enum Misc {
 
 #define MAX_ENCRYPT_SZ ENCRYPT_LEN
 
-#define WOLFSSL_ASSERT_SIZEOF_GE(x, y) do {                           \
-    typedef char _args_test_[sizeof((x)) >= sizeof((y)) ? 1 : -1];    \
-    (void)sizeof(_args_test_);                                        \
+/* A static check to assert a relation between x and y */
+#define WOLFSSL_ASSERT_TEST(x, y, op) do {         \
+    typedef char _args_test_[(x) op (y) ? 1 : -1]; \
+    (void)sizeof(_args_test_);                     \
 } while(0)
 
+#define WOLFSSL_ASSERT_EQ(x, y) WOLFSSL_ASSERT_TEST(x, y, ==)
+
+#define WOLFSSL_ASSERT_SIZEOF_TEST(x, y, op) \
+    WOLFSSL_ASSERT_TEST(sizeof((x)), sizeof((y)), op)
+
+#define WOLFSSL_ASSERT_SIZEOF_GE(x, y) WOLFSSL_ASSERT_SIZEOF_TEST(x, y, >=)
+
 /* states. Adding state before HANDSHAKE_DONE will break session importing */
 enum states {
     NULL_STATE = 0,
@@ -2040,6 +2137,9 @@ WOLFSSL_LOCAL void InitSSL_CTX_Suites(WOLFSSL_CTX* ctx);
 WOLFSSL_LOCAL int InitSSL_Suites(WOLFSSL* ssl);
 WOLFSSL_LOCAL int InitSSL_Side(WOLFSSL* ssl, word16 side);
 
+
+WOLFSSL_LOCAL int DoHandShakeMsgType(WOLFSSL* ssl, byte* input,
+        word32* inOutIdx, byte type, word32 size, word32 totalSz);
 /* for sniffer */
 WOLFSSL_LOCAL int DoFinished(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             word32 size, word32 totalSz, int sniff);
@@ -2050,8 +2150,7 @@ WOLFSSL_LOCAL int DoTls13Finished(WOLFSSL* ssl, const byte* input, word32* inOut
 WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                                     int sniff);
 /* TLS v1.3 needs these */
-WOLFSSL_LOCAL int  HandleTlsResumption(WOLFSSL* ssl, int bogusID,
-                                       Suites* clSuites);
+WOLFSSL_LOCAL int  HandleTlsResumption(WOLFSSL* ssl, Suites* clSuites);
 #ifdef WOLFSSL_TLS13
 WOLFSSL_LOCAL byte SuiteMac(const byte* suite);
 #endif
@@ -2093,7 +2192,9 @@ WOLFSSL_LOCAL int  MatchDomainName(const char* pattern, int len, const char* str
 #ifndef NO_CERTS
 WOLFSSL_LOCAL int  CheckForAltNames(DecodedCert* dCert, const char* domain, int* checkCN);
 WOLFSSL_LOCAL int  CheckIPAddr(DecodedCert* dCert, const char* ipasc);
+WOLFSSL_LOCAL void CopyDecodedName(WOLFSSL_X509_NAME* name, DecodedCert* dCert, int nameType);
 #endif
+WOLFSSL_LOCAL int  SetupTicket(WOLFSSL* ssl);
 WOLFSSL_LOCAL int  CreateTicket(WOLFSSL* ssl);
 WOLFSSL_LOCAL int  HashRaw(WOLFSSL* ssl, const byte* output, int sz);
 WOLFSSL_LOCAL int  HashOutput(WOLFSSL* ssl, const byte* output, int sz,
@@ -2112,6 +2213,8 @@ WOLFSSL_LOCAL int ALPN_Select(WOLFSSL* ssl);
 
 WOLFSSL_LOCAL int ChachaAEADEncrypt(WOLFSSL* ssl, byte* out, const byte* input,
                               word16 sz); /* needed by sniffer */
+WOLFSSL_LOCAL int ChachaAEADDecrypt(WOLFSSL* ssl, byte* plain, const byte* input,
+                              word16 sz); /* needed by sniffer */
 
 #ifdef WOLFSSL_TLS13
 WOLFSSL_LOCAL int  DecryptTls13(WOLFSSL* ssl, byte* output, const byte* input,
@@ -2251,6 +2354,10 @@ WOLFSSL_LOCAL void InitSuitesHashSigAlgo_ex(byte* hashSigAlgo, int haveECDSAsig,
                                             int haveRSAsig, int haveFalconSig,
                                             int haveDilithiumSig, int haveAnon,
                                             int tls1_2, int keySz, word16* len);
+/* use wolfSSL_API visibility to be able to test in tests/api.c */
+WOLFSSL_API void InitSuitesHashSigAlgo_ex2(byte* hashSigAlgo, int have,
+                                             int tls1_2, int keySz,
+                                             word16* len);
 WOLFSSL_LOCAL int AllocateCtxSuites(WOLFSSL_CTX* ctx);
 WOLFSSL_LOCAL int AllocateSuites(WOLFSSL* ssl);
 WOLFSSL_LOCAL void InitSuites(Suites* suites, ProtocolVersion pv, int keySz,
@@ -2340,7 +2447,9 @@ struct WOLFSSL_OCSP {
 
 typedef struct CRL_Entry CRL_Entry;
 
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    #define CRL_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
     #define CRL_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
 #else
     #define CRL_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -2358,7 +2467,16 @@ typedef struct CRL_Entry CRL_Entry;
 #endif
 /* Complete CRL */
 struct CRL_Entry {
+    byte*   toBeSigned;
+    byte*   signature;
+#if defined(OPENSSL_EXTRA)
+    WOLFSSL_X509_NAME*    issuer;     /* X509_NAME type issuer */
+#endif
     CRL_Entry* next;                      /* next entry */
+    wolfSSL_Mutex verifyMutex;
+    /* DupCRL_Entry copies data after the `verifyMutex` member. Using the mutex
+     * as the marker because clang-tidy doesn't like taking the sizeof a
+     * pointer. */
     byte    issuerHash[CRL_DIGEST_SIZE];  /* issuer hash                 */
     /* byte    crlHash[CRL_DIGEST_SIZE];      raw crl data hash           */
     /* restore the hash here if needed for optimized comparisons */
@@ -2378,9 +2496,7 @@ struct CRL_Entry {
     int     totalCerts;             /* number on list     */
     int     version;                /* version of certificate */
     int     verified;
-    byte*   toBeSigned;
     word32  tbsSz;
-    byte*   signature;
     word32  signatureSz;
     word32  signatureOID;
 #if !defined(NO_SKID) && !defined(NO_ASN)
@@ -2388,9 +2504,6 @@ struct CRL_Entry {
     byte    extAuthKeyId[KEYID_SIZE];
 #endif
     int                   crlNumber;  /* CRL number extension */
-#if defined(OPENSSL_EXTRA)
-    WOLFSSL_X509_NAME*    issuer;     /* X509_NAME type issuer */
-#endif
 };
 
 
@@ -2407,6 +2520,19 @@ struct CRL_Monitor {
     #undef HAVE_CRL_MONITOR
 #endif
 
+/* PEM and DER possible */
+#define WOLFSSL_CRL_MONITORS_LEN (2)
+
+#if defined(__MACH__) || defined(__FreeBSD__) || defined(__linux__)
+typedef int    wolfSSL_CRL_mfd_t; /* monitor fd, -1 if no init yet */
+/* mfd for bsd is kqueue fd, eventfd for linux */
+#define WOLFSSL_CRL_MFD_INIT_VAL (-1)
+#elif defined(_MSC_VER)
+typedef HANDLE wolfSSL_CRL_mfd_t; /* monitor fd, INVALID_HANDLE_VALUE if
+                                   * no init yet */
+#define WOLFSSL_CRL_MFD_INIT_VAL (INVALID_HANDLE_VALUE)
+#endif
+
 /* wolfSSL CRL controller */
 struct WOLFSSL_CRL {
     WOLFSSL_CERT_MANAGER* cm;            /* pointer back to cert manager */
@@ -2415,12 +2541,12 @@ struct WOLFSSL_CRL {
 #ifdef HAVE_CRL_IO
     CbCrlIO               crlIOCb;
 #endif
-    wolfSSL_Mutex         crlLock;       /* CRL list lock */
-    CRL_Monitor           monitors[2];   /* PEM and DER possible */
+    wolfSSL_RwLock        crlLock;       /* CRL list lock */
+    CRL_Monitor           monitors[WOLFSSL_CRL_MONITORS_LEN];
 #ifdef HAVE_CRL_MONITOR
-    pthread_cond_t        cond;          /* condition to signal setup */
-    pthread_t             tid;           /* monitoring thread */
-    int                   mfd;           /* monitor fd, -1 if no init yet */
+    COND_TYPE             cond;          /* condition to signal setup */
+    THREAD_TYPE           tid;           /* monitoring thread */
+    wolfSSL_CRL_mfd_t     mfd;
     int                   setup;         /* thread is setup predicate */
 #endif
     void*                 heap;          /* heap hint for dynamic memory */
@@ -2507,7 +2633,7 @@ WOLFSSL_LOCAL int CM_MemRestoreCertCache(WOLFSSL_CERT_MANAGER* cm,
                                          const void* mem, int sz);
 WOLFSSL_LOCAL int CM_GetCertCacheMemSize(WOLFSSL_CERT_MANAGER* cm);
 WOLFSSL_LOCAL int CM_VerifyBuffer_ex(WOLFSSL_CERT_MANAGER* cm, const byte* buff,
-                                    long sz, int format, int err_val);
+                                     long sz, int format, int prev_err);
 
 
 #ifndef NO_CERTS
@@ -2649,10 +2775,9 @@ typedef struct Keys {
     tsip_hmac_sha_key_index_t tsip_server_write_MAC_secret;
 
 #endif
-#ifdef WOLFSSL_RENESAS_SCEPROTECT
-
-    sce_hmac_sha_wrapped_key_t sce_client_write_MAC_secret;
-    sce_hmac_sha_wrapped_key_t sce_server_write_MAC_secret;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+    FSPSM_HMAC_WKEY fspsm_client_write_MAC_secret;
+    FSPSM_HMAC_WKEY fspsm_server_write_MAC_secret;
 #endif
 } Keys;
 
@@ -2681,6 +2806,10 @@ typedef enum {
 #endif
     TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */
     TLSX_STATUS_REQUEST_V2          = 0x0011, /* a.k.a. OCSP stapling v2 */
+#ifdef HAVE_RPK
+    TLSX_CLIENT_CERTIFICATE_TYPE    = 0x0013, /* RFC8446 */
+    TLSX_SERVER_CERTIFICATE_TYPE    = 0x0014, /* RFC8446 */
+#endif
 #if defined(HAVE_ENCRYPT_THEN_MAC) && !defined(WOLFSSL_AEAD_ONLY)
     TLSX_ENCRYPT_THEN_MAC           = 0x0016, /* RFC 7366 */
 #endif
@@ -2700,6 +2829,9 @@ typedef enum {
     #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
     TLSX_PSK_KEY_EXCHANGE_MODES     = 0x002d,
     #endif
+    #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CA_NAMES)
+    TLSX_CERTIFICATE_AUTHORITIES    = 0x002f,
+    #endif
     #ifdef WOLFSSL_POST_HANDSHAKE_AUTH
     TLSX_POST_HANDSHAKE_AUTH        = 0x0031,
     #endif
@@ -2723,6 +2855,36 @@ typedef enum {
 #endif
 } TLSX_Type;
 
+/* TLS Certificate type defined RFC7250
+ * https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3
+ */
+#if defined(HAVE_RPK)
+typedef struct RpkConfig {
+    /* user's preference */
+    byte preferred_ClientCertTypeCnt;
+    byte preferred_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+    byte preferred_ServerCertTypeCnt;
+    byte preferred_ServerCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+    /* reflect to client_certificate_type extension in xxxHello */
+} RpkConfig;
+
+typedef struct RpkState {
+    byte sending_ClientCertTypeCnt;
+    byte sending_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+    /* reflect to server_certificate_type extension in xxxHello */
+    byte sending_ServerCertTypeCnt;
+    byte sending_ServerCertTypes[MAX_SERVER_CERT_TYPE_CNT];
+    /* client_certificate_type extension in received yyyHello  */
+    byte received_ClientCertTypeCnt;
+    byte received_ClientCertTypes[MAX_CLIENT_CERT_TYPE_CNT];
+    /* server_certificate_type extension in received yyyHello  */
+    byte received_ServerCertTypeCnt;
+    byte received_ServerCertTypes[MAX_SERVER_CERT_TYPE_CNT];
+    /* set if Raw-public-key cert is loaded as own certificate */
+    int  isRPKLoaded;
+} RpkState;
+#endif /* HAVE_RPK */
+
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
 
 typedef enum {
@@ -2929,7 +3091,7 @@ typedef struct {
     union {
         OcspRequest ocsp;
     } request;
-#if defined(WOLFSSL_TLS13)
+#ifdef WOLFSSL_TLS13
     buffer response;
 #endif
 } CertificateStatusRequest;
@@ -3084,6 +3246,10 @@ typedef struct InternalTicket {
 #ifdef WOLFSSL_TICKET_HAVE_ID
     byte            id[ID_LEN];
 #endif
+#ifdef OPENSSL_EXTRA
+    byte            sessionCtxSz;          /* sessionCtx length        */
+    byte            sessionCtx[ID_LEN];    /* app specific context id */
+#endif /* OPENSSL_EXTRA */
 } InternalTicket;
 
 #ifndef WOLFSSL_TICKET_EXTRA_PADDING_SZ
@@ -3194,10 +3360,11 @@ WOLFSSL_LOCAL int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group,
         word16 len, byte* data, KeyShareEntry **kse, TLSX** extensions);
 WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
 WOLFSSL_LOCAL int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl,
-                                             TLSX** extensions);
+        TLSX** extensions);
 WOLFSSL_LOCAL int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse);
 WOLFSSL_LOCAL int TLSX_KeyShare_Choose(const WOLFSSL *ssl, TLSX* extensions,
-                                       KeyShareEntry** kse, byte* searched);
+        byte cipherSuite0, byte cipherSuite, KeyShareEntry** kse,
+        byte* searched);
 WOLFSSL_LOCAL int TLSX_KeyShare_Setup(WOLFSSL *ssl, KeyShareEntry* clientKSE);
 WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl, int* doHelloRetry);
 WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* sclientKSEclientKSEsl);
@@ -3369,8 +3536,8 @@ struct WOLFSSL_CTX {
     DerBuffer*  certificate;
     DerBuffer*  certChain;
                  /* chain after self, in DER, with leading size for each cert */
-    #if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
-    WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
+    #ifndef WOLFSSL_NO_CA_NAMES
+    WOLF_STACK_OF(WOLFSSL_X509_NAME)* client_ca_names;
     #endif
     #ifdef OPENSSL_EXTRA
     WOLF_STACK_OF(WOLFSSL_X509)* x509Chain;
@@ -3412,7 +3579,7 @@ struct WOLFSSL_CTX {
     byte        sendVerify:2;     /* for client side (can not be single bit) */
     byte        haveRSA:1;        /* RSA available */
     byte        haveECC:1;        /* ECC available */
-    byte        haveDH:1;         /* server DH parms set by user */
+    byte        haveDH:1;         /* server DH params set by user */
     byte        haveECDSAsig:1;   /* server cert signed w/ ECDSA */
     byte        haveFalconSig:1;  /* server cert signed w/ Falcon */
     byte        haveDilithiumSig:1;/* server cert signed w/ Dilithium */
@@ -3468,7 +3635,10 @@ struct WOLFSSL_CTX {
 #endif
     word16      minProto:1; /* sets min to min available */
     word16      maxProto:1; /* sets max to max available */
-
+#if defined(HAVE_RPK)
+    RpkConfig   rpkConfig;
+    RpkState    rpkState;
+#endif /* HAVE_RPK */
 #ifdef WOLFSSL_SRTP
     word16      dtlsSrtpProfiles;  /* DTLS-with-SRTP mode
                                     * (list of selected profiles - up to 16) */
@@ -3499,11 +3669,13 @@ struct WOLFSSL_CTX {
 #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
     word32            disabledCurves;   /* curves disabled by user */
 #endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     byte              sessionCtx[ID_LEN]; /* app session context ID */
+    byte              sessionCtxSz;
+#endif
+#ifdef OPENSSL_EXTRA
     const unsigned char *alpn_cli_protos;/* ALPN client protocol list */
     unsigned int         alpn_cli_protos_len;
-    byte              sessionCtxSz;
     byte              cbioFlag;  /* WOLFSSL_CBIO_RECV/SEND: CBIORecv/Send is set */
     CallbackInfoState* CBIS;      /* used to get info about SSL state */
     WOLFSSL_X509_VERIFY_PARAM* param;    /* verification parameters*/
@@ -3755,6 +3927,9 @@ struct WOLFSSL_CTX {
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
     WOLFSSL_EchConfig* echConfigs;
 #endif
+#if defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS)
+    byte doAppleNativeCertValidationFlag:1;
+#endif /* defined(__APPLE__) && defined(WOLFSSL_SYS_CA_CERTS) */
 };
 
 WOLFSSL_LOCAL
@@ -3824,6 +3999,14 @@ enum KeyExchangeAlgorithm {
     ecc_static_diffie_hellman_kea       /* for verify suite only */
 };
 
+/* Used with InitSuitesHashSigAlgo_ex2 */
+#define SIG_ECDSA       0x01
+#define SIG_RSA         0x02
+#define SIG_SM2         0x04
+#define SIG_FALCON      0x08
+#define SIG_DILITHIUM   0x10
+#define SIG_ANON        0x20
+
 /* Supported Authentication Schemes */
 enum SignatureAlgorithm {
     anonymous_sa_algo            = 0,
@@ -3839,6 +4022,7 @@ enum SignatureAlgorithm {
     dilithium_level2_sa_algo     = 14,
     dilithium_level3_sa_algo     = 15,
     dilithium_level5_sa_algo     = 16,
+    sm2_sa_algo                  = 17,
     invalid_sa_algo              = 255
 };
 
@@ -3854,6 +4038,18 @@ enum SigAlgRsaPss {
     pss_sha512  = 0x0b,
 };
 
+#ifdef WOLFSSL_SM2
+    /* Default SM2 signature ID. */
+    #define TLS12_SM2_SIG_ID        ((byte*)"1234567812345678")
+    /* Length of default SM2 signature ID. */
+    #define TLS12_SM2_SIG_ID_SZ     16
+
+    /* https://www.rfc-editor.org/rfc/rfc8998.html#name-sm2-signature-scheme */
+    /* ID to use when signing/verifying TLS v1.3 data. */
+    #define TLS13_SM2_SIG_ID        ((byte*)"TLSv1.3+GM+Cipher+Suite")
+    /* Length of ID to use when signing/verifying TLS v1.3 data. */
+    #define TLS13_SM2_SIG_ID_SZ     23
+#endif
 
 /* Supported ECC Curve Types */
 enum EccCurves {
@@ -3885,8 +4081,8 @@ enum CipherType { aead };
 #endif
 
 
-#if defined(BUILD_AES) || defined(BUILD_AESGCM) || (defined(HAVE_CHACHA) && \
-                               defined(HAVE_POLY1305)) || defined(WOLFSSL_TLS13)
+#if defined(BUILD_AES) || defined(BUILD_AESGCM) || defined(HAVE_ARIA) || \
+        (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(WOLFSSL_TLS13)
     #define CIPHER_NONCE
 #endif
 
@@ -3915,10 +4111,12 @@ typedef struct Ciphers {
 #endif
 #if defined(BUILD_AES) || defined(BUILD_AESGCM)
     Aes*    aes;
-    #if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && \
-                                                      !defined(WOLFSSL_NO_TLS12)
-        byte* additional;
-    #endif
+#endif
+#if (defined(BUILD_AESGCM) || defined(HAVE_AESCCM)) && !defined(WOLFSSL_NO_TLS12)
+    byte* additional;
+#endif
+#ifdef HAVE_ARIA
+    wc_Aria* aria;
 #endif
 #ifdef CIPHER_NONCE
     byte* nonce;
@@ -3929,6 +4127,9 @@ typedef struct Ciphers {
 #ifdef HAVE_CHACHA
     ChaCha*   chacha;
 #endif
+#ifdef WOLFSSL_SM4
+    wc_Sm4*   sm4;
+#endif
 #if defined(WOLFSSL_TLS13) && defined(HAVE_NULL_CIPHER) && !defined(NO_HMAC)
     Hmac* hmac;
 #endif
@@ -3987,6 +4188,9 @@ typedef struct Hashes {
     #ifdef WOLFSSL_SHA512
         byte sha512[WC_SHA512_DIGEST_SIZE];
     #endif
+    #ifdef WOLFSSL_SM3
+        byte sm3[WC_SM3_DIGEST_SIZE];
+    #endif
 } Hashes;
 
 WOLFSSL_LOCAL int BuildCertHashes(const WOLFSSL* ssl, Hashes* hashes);
@@ -4002,6 +4206,9 @@ typedef union Digest {
 #ifdef WOLFSSL_SHA512
     wc_Sha512 sha512;
 #endif
+#ifdef WOLFSSL_SM3
+    wc_Sm3    sm3;
+#endif
 } Digest;
 #endif
 
@@ -4123,10 +4330,10 @@ struct WOLFSSL_SESSION {
     word16             idLen;             /* serverID length          */
     byte               serverID[SERVER_ID_LEN]; /* for easier client lookup */
 #endif
-#ifdef OPENSSL_EXTRA
+#ifdef WOLFSSL_SESSION_ID_CTX
     byte               sessionCtxSz;      /* sessionCtx length        */
     byte               sessionCtx[ID_LEN]; /* app specific context id */
-#endif /* OPENSSL_EXTRA */
+#endif /* WOLFSSL_SESSION_ID_CTX */
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
     byte               peerVerifyRet;     /* cert verify error */
 #endif
@@ -4407,13 +4614,19 @@ struct Options {
     word16            failNoCertxPSK:1;   /* fail for no cert except with PSK */
     word16            downgrade:1;        /* allow downgrade of versions */
     word16            resuming:1;
+#ifdef HAVE_SECURE_RENEGOTIATION
+    word16            resumed:1;          /* resuming may be reset on SCR */
+#endif
     word16            isPSK:1;
     word16            haveSessionId:1;    /* server may not send */
     word16            tls:1;              /* using TLS ? */
     word16            tls1_1:1;           /* using TLSv1.1+ ? */
     word16            tls1_3:1;           /* using TLSv1.3+ ? */
+    word16            seenUnifiedHdr:1;   /* received msg with unified header */
     word16            dtls:1;             /* using datagrams ? */
+#ifdef WOLFSSL_DTLS
     word16            dtlsStateful:1;     /* allow stateful processing ? */
+#endif
     word16            connReset:1;        /* has the peer reset */
     word16            isClosed:1;         /* if we consider conn closed */
     word16            closeNotify:1;      /* we've received a close notify */
@@ -4422,7 +4635,7 @@ struct Options {
     word16            usingCompression:1; /* are we using compression */
     word16            haveRSA:1;          /* RSA available */
     word16            haveECC:1;          /* ECC available */
-    word16            haveDH:1;           /* server DH parms set by user */
+    word16            haveDH:1;           /* server DH params set by user */
     word16            haveECDSAsig:1;     /* server ECDSA signed cert */
     word16            haveStaticECC:1;    /* static server ECC private key */
     word16            haveFalconSig:1;    /* server Falcon signed cert */
@@ -4497,7 +4710,8 @@ struct Options {
     word16            sentChangeCipher:1; /* Change Cipher Spec sent */
 #endif
 #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \
-               ((defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
+               ((defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)) || \
+                (defined(HAVE_ED25519) && !defined(NO_ED25519_CLIENT_AUTH)) || \
                 (defined(HAVE_ED448) && !defined(NO_ED448_CLIENT_AUTH)))
     word16            cacheMessages:1;    /* Cache messages for sign/verify */
 #endif
@@ -4523,6 +4737,12 @@ struct Options {
 #ifdef WOLFSSL_DTLS13
     word16            dtls13SendMoreAcks:1;  /* Send more acks during the
                                               * handshake process */
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+    word16            dtls13NoHrrOnResume:1;
+#endif
+#ifdef WOLFSSL_DTLS_CH_FRAG
+    word16            dtls13ChFrag:1;
+#endif
 #endif
 #ifdef WOLFSSL_TLS13
     word16            tls13MiddleBoxCompat:1; /* TLSv1.3 middlebox compatibility */
@@ -4536,6 +4756,13 @@ struct Options {
 #ifdef WOLFSSL_SEND_HRR_COOKIE
     word16            cookieGood:1;
 #endif
+#if defined(HAVE_DANE)
+    word16            useDANE:1;
+#endif /* HAVE_DANE */
+#if defined(HAVE_RPK)
+    RpkConfig         rpkConfig;
+    RpkState          rpkState;
+#endif /* HAVE_RPK */
 
     /* need full byte values for this section */
     byte            processReply;           /* nonblocking resume */
@@ -4613,8 +4840,8 @@ typedef struct Arrays {
    !defined(NO_WOLFSSL_RENESAS_TSIP_TLS_SESSION)
     byte            tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE];
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT)
-    byte            sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE];
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS)
+    byte            fspsm_masterSecret[FSPSM_TLS_MASTERSECRET_SIZE];
 #endif
 #ifdef WOLFSSL_DTLS
     byte            cookie[MAX_COOKIE_LEN];
@@ -4711,7 +4938,7 @@ struct WOLFSSL_X509_NAME {
     WOLFSSL_X509_NAME_ENTRY entry[MAX_NAME_ENTRIES]; /* all entries i.e. CN */
     WOLFSSL_X509*           x509;   /* x509 that struct belongs to */
 #endif /* OPENSSL_EXTRA */
-#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
+#ifndef WOLFSSL_NO_CA_NAMES
     byte  raw[ASN_NAME_MAX];
     int   rawLen;
 
@@ -4919,6 +5146,7 @@ typedef struct DtlsMsg {
     byte            type;
     byte            fragBucketListCount;
     byte            ready:1;
+    byte            encrypted:1;
 } DtlsMsg;
 
 
@@ -4976,8 +5204,12 @@ typedef struct HS_Hashes {
 #ifdef WOLFSSL_SHA512
     wc_Sha512       hashSha512;         /* sha512 hash of handshake msgs */
 #endif
-#if (defined(HAVE_ED25519) || defined(HAVE_ED448)) && \
-                                                !defined(WOLFSSL_NO_CLIENT_AUTH)
+#ifdef WOLFSSL_SM3
+    wc_Sm3          hashSm3;            /* sm3 hash of handshake msgs */
+#endif
+#if (defined(HAVE_ED25519) || defined(HAVE_ED448) || \
+     (defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3))) && \
+    !defined(WOLFSSL_NO_CLIENT_AUTH)
     byte*           messages;           /* handshake messages */
     int             length;             /* length of handshake messages' data */
     int             prevLen;            /* length of messages but last */
@@ -5144,7 +5376,7 @@ typedef struct Dtls13Rtx {
 typedef struct CIDInfo CIDInfo;
 #endif /* WOLFSSL_DTLS_CID */
 
-/* The idea is to re-use the context suites object whenever possible to save
+/* The idea is to reuse the context suites object whenever possible to save
  * space. */
 #define WOLFSSL_SUITES(ssl) \
     ((const Suites*) ((ssl)->suites != NULL ? \
@@ -5154,10 +5386,16 @@ typedef struct CIDInfo CIDInfo;
 /* wolfSSL ssl type */
 struct WOLFSSL {
     WOLFSSL_CTX*    ctx;
+#if defined(WOLFSSL_HAPROXY)
+    WOLFSSL_CTX*    initial_ctx; /* preserve session key materials */
+#endif
     Suites*         suites; /* Only need during handshake. Can be NULL when
                              * re-using the context's object. When WOLFSSL
                              * object needs separate instance of suites use
                              * AllocateSuites(). */
+#ifdef OPENSSL_EXTRA
+    const Suites*   clSuites;
+#endif
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
     WOLF_STACK_OF(WOLFSSL_CIPHER)* suitesStack; /* stack of available cipher
                                                  * suites */
@@ -5198,13 +5436,13 @@ struct WOLFSSL {
     WOLFSSL_HEAP_HINT heap_hint;
 #endif
 #if defined(WOLFSSL_DTLS) && !defined(NO_WOLFSSL_SERVER)
-    ClientHelloGoodCb chGoodCb;        /*  notify user we parsed a verified
-                                        *  ClientHello */
-    void*             chGoodCtx;       /*  user ClientHello cb context  */
+    ClientHelloGoodCb chGoodCb;        /* notify user we parsed a verified
+                                        * ClientHello that passed basic tests */
+    void*             chGoodCtx;       /* user ClientHello cb context  */
 #endif
 #ifndef NO_HANDSHAKE_DONE_CB
-    HandShakeDoneCb hsDoneCb;          /*  notify user handshake done */
-    void*           hsDoneCtx;         /*  user handshake cb context  */
+    HandShakeDoneCb hsDoneCb;          /* notify user handshake done */
+    void*           hsDoneCtx;         /* user handshake cb context  */
 #endif
 #ifdef WOLFSSL_ASYNC_IO
 #ifdef WOLFSSL_ASYNC_CRYPT
@@ -5238,6 +5476,7 @@ struct WOLFSSL {
     word32          timeout;            /* session timeout */
     word32          fragOffset;         /* fragment offset */
     word16          curSize;
+    word32          curStartIdx;
     byte            verifyDepth;
     RecordLayerHeader curRL;
     MsgsReceived    msgsReceived;       /* peer messages received */
@@ -5246,31 +5485,34 @@ struct WOLFSSL {
     CipherSpecs     specs;
     Keys            keys;
     Options         options;
+#ifdef WOLFSSL_SESSION_ID_CTX
+    byte             sessionCtx[ID_LEN]; /* app session context ID */
+    byte             sessionCtxSz;       /* size of sessionCtx stored */
+#endif
 #ifdef OPENSSL_EXTRA
     CallbackInfoState* CBIS;             /* used to get info about SSL state */
     int              cbmode;             /* read or write on info callback */
     int              cbtype;             /* event type in info callback */
     WOLFSSL_BIO*     biord;              /* socket bio read  to free/close */
     WOLFSSL_BIO*     biowr;              /* socket bio write to free/close */
-    byte             sessionCtx[ID_LEN]; /* app session context ID */
     WOLFSSL_X509_VERIFY_PARAM* param;    /* verification parameters*/
 #endif
 #if defined(OPENSSL_EXTRA) || defined(HAVE_CURL)
     word32            disabledCurves;   /* curves disabled by user */
 #endif
-#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
+    defined(OPENSSL_ALL)
     unsigned long    peerVerifyRet;
 #endif
 #ifdef OPENSSL_EXTRA
     byte             readAhead;
-    byte             sessionCtxSz;       /* size of sessionCtx stored */
 #ifdef HAVE_PK_CALLBACKS
     void*            loggingCtx;         /* logging callback argument */
 #endif
 #endif /* OPENSSL_EXTRA */
 #ifndef NO_RSA
     RsaKey*         peerRsaKey;
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     void*           RenesasUserCtx;
     byte*           peerSceTsipEncRsaKeyIndex;
 #endif
@@ -5349,7 +5591,6 @@ struct WOLFSSL {
     DtlsMsg*        dtls_tx_msg;
     DtlsMsg*        dtls_rx_msg_list;
     void*           IOCB_CookieCtx;     /* gen cookie ctx */
-    word32          dtls_expected_rx;
 #ifdef WOLFSSL_SESSION_EXPORT
     wc_dtls_export  dtls_export;        /* export function for session */
 #endif
@@ -5575,9 +5816,6 @@ struct WOLFSSL {
     word32 earlyDataSz;
     byte earlyDataStatus;
 #endif
-#ifdef OPENSSL_ALL
-    long verifyCallbackResult;
-#endif
 #if defined(OPENSSL_EXTRA)
     WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */
     WOLFSSL_STACK* peerCertChain;    /* Used in wolfSSL_get_peer_cert_chain */
@@ -5602,8 +5840,8 @@ struct WOLFSSL {
     byte clientFinished_len;
     byte serverFinished_len;
 #endif
-#if defined(OPENSSL_EXTRA) || defined(WOLFSSL_EXTRA) || defined(HAVE_LIGHTY)
-    WOLF_STACK_OF(WOLFSSL_X509_NAME)* ca_names;
+#ifndef WOLFSSL_NO_CA_NAMES
+    WOLF_STACK_OF(WOLFSSL_X509_NAME)* client_ca_names;
 #endif
 #if defined(WOLFSSL_IOTSAFE) && defined(HAVE_PK_CALLBACKS)
     IOTSAFE iotsafe;
@@ -5635,6 +5873,11 @@ struct WOLFSSL {
 #if defined(WOLFSSL_TLS13) && defined(HAVE_ECH)
     WOLFSSL_EchConfig* echConfigs;
 #endif
+
+#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_SNIFFER_KEYLOGFILE)
+    SSLSnifferSecretCb snifferSecretCb;
+#endif /* WOLFSSL_SNIFFER && WOLFSSL_SNIFFER_KEYLOGFILE */
+
 };
 
 /*
@@ -5659,16 +5902,24 @@ struct WOLFSSL {
  * Always use SSL specific objects when available and revert to CTX otherwise.
  */
 #ifdef WOLFSSL_LOCAL_X509_STORE
-#define SSL_CM(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt->cm : (ssl)->ctx->cm)
+#define SSL_CM(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt->cm : \
+                     ((ssl)->ctx->x509_store_pt ? (ssl)->ctx->x509_store_pt->cm : \
+                                            (ssl)->ctx->cm))
 #define SSL_STORE(ssl) ((ssl)->x509_store_pt ? (ssl)->x509_store_pt : \
                   ((ssl)->ctx->x509_store_pt ? (ssl)->ctx->x509_store_pt : \
                                             &(ssl)->ctx->x509_store))
+#define CTX_STORE(ctx) ((ctx)->x509_store_pt ? (ctx)->x509_store_pt : \
+                                            &(ctx)->x509_store)
 #else
 #define SSL_CM(ssl) (ssl)->ctx->cm
 #endif
-
-#define SSL_CA_NAMES(ssl) ((ssl)->ca_names != NULL ? (ssl)->ca_names : \
-        (ssl)->ctx->ca_names)
+/* Issue warning when we are modifying the overall context CM */
+#define SSL_CM_WARNING(ssl) \
+    do {                                                             \
+        if (SSL_CM( (ssl) ) == (ssl)->ctx->cm) {                     \
+            WOLFSSL_MSG("Modifying SSL_CTX CM not SSL specific CM"); \
+        }                                                            \
+    } while (0)
 
 WOLFSSL_LOCAL int  SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup);
 WOLFSSL_LOCAL int  InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup);
@@ -5768,6 +6019,16 @@ enum ProvisionSide {
     PROVISION_CLIENT_SERVER = 3
 };
 
+/* cipher requirements */
+enum {
+    REQUIRES_RSA,
+    REQUIRES_DHE,
+    REQUIRES_ECC,
+    REQUIRES_ECC_STATIC,
+    REQUIRES_PSK,
+    REQUIRES_RSA_SIG,
+    REQUIRES_AEAD
+};
 
 static const byte kTlsClientStr[SIZEOF_SENDER+1] = { 0x43, 0x4C, 0x4E, 0x54, 0x00 }; /* CLNT */
 static const byte kTlsServerStr[SIZEOF_SENDER+1] = { 0x53, 0x52, 0x56, 0x52, 0x00 }; /* SRVR */
@@ -5851,7 +6112,7 @@ WOLFSSL_LOCAL int StoreKeys(WOLFSSL* ssl, const byte* keyData, int side);
 WOLFSSL_LOCAL int IsTLS(const WOLFSSL* ssl);
 WOLFSSL_LOCAL int IsAtLeastTLSv1_2(const WOLFSSL* ssl);
 WOLFSSL_LOCAL int IsAtLeastTLSv1_3(ProtocolVersion pv);
-WOLFSSL_LOCAL int IsEncryptionOn(WOLFSSL* ssl, int isSend);
+WOLFSSL_LOCAL int IsEncryptionOn(const WOLFSSL* ssl, int isSend);
 WOLFSSL_LOCAL int TLSv1_3_Capable(WOLFSSL* ssl);
 
 WOLFSSL_LOCAL void FreeHandshakeResources(WOLFSSL* ssl);
@@ -5859,6 +6120,7 @@ WOLFSSL_LOCAL void ShrinkInputBuffer(WOLFSSL* ssl, int forcedFree);
 WOLFSSL_LOCAL void ShrinkOutputBuffer(WOLFSSL* ssl);
 WOLFSSL_LOCAL byte* GetOutputBuffer(WOLFSSL* ssl);
 
+WOLFSSL_LOCAL int CipherRequires(byte first, byte second, int requirement);
 WOLFSSL_LOCAL int VerifyClientSuite(word16 havePSK, byte cipherSuite0,
                                     byte cipherSuite);
 
@@ -5917,6 +6179,14 @@ WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
             ecc_key* pub_key, byte* pubKeyDer, word32* pubKeySz, byte* out,
             word32* outlen, int side);
     #endif /* HAVE_ECC */
+    #if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+        WOLFSSL_LOCAL int Sm2wSm3Sign(WOLFSSL* ssl, const byte* id, word32 idSz,
+            const byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key,
+            DerBuffer* keyBufInfo);
+        WOLFSSL_LOCAL int Sm2wSm3Verify(WOLFSSL* ssl, const byte* id,
+            word32 idSz, const byte* in, word32 inSz, const byte* out,
+            word32 outSz, ecc_key* key, buffer* keyBufInfo);
+    #endif /* WOLFSSL_SM2 && WOLFSSL_SM3 */
     #ifdef HAVE_ED25519
         WOLFSSL_LOCAL int Ed25519CheckPubKey(WOLFSSL* ssl);
         WOLFSSL_LOCAL int Ed25519Sign(WOLFSSL* ssl, const byte* in, word32 inSz,
@@ -5946,8 +6216,14 @@ WOLFSSL_LOCAL WC_RNG* WOLFSSL_RSA_GetRNG(WOLFSSL_RSA *rsa, WC_RNG **tmpRNG,
                                                              DecodedCert* cert);
     #endif
 
-    WOLFSSL_LOCAL Signer* GetCA(void* cm, byte* hash);
-    #ifndef NO_SKID
+    #ifndef GetCA
+        WOLFSSL_LOCAL Signer* GetCA(void* vp, byte* hash);
+    #endif
+    #ifdef WOLFSSL_AKID_NAME
+        WOLFSSL_LOCAL Signer* GetCAByAKID(void* vp, const byte* issuer,
+                word32 issuerSz, const byte* serial, word32 serialSz);
+    #endif
+    #if !defined(NO_SKID) && !defined(GetCAByName)
         WOLFSSL_LOCAL Signer* GetCAByName(void* cm, byte* hash);
     #endif
 #endif /* !NO_CERTS */
@@ -5958,6 +6234,9 @@ WOLFSSL_LOCAL int  BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes,
 WOLFSSL_LOCAL void FreeArrays(WOLFSSL* ssl, int keep);
 WOLFSSL_LOCAL  int CheckAvailableSize(WOLFSSL *ssl, int size);
 WOLFSSL_LOCAL  int GrowInputBuffer(WOLFSSL* ssl, int size, int usedLength);
+WOLFSSL_LOCAL  int MsgCheckEncryption(WOLFSSL* ssl, byte type, byte encrypted);
+WOLFSSL_LOCAL  int EarlySanityCheckMsgReceived(WOLFSSL* ssl, byte type,
+        word32 msgSz);
 #if !defined(NO_WOLFSSL_CLIENT) || !defined(WOLFSSL_NO_CLIENT_AUTH)
 WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret);
 #endif
@@ -5972,6 +6251,7 @@ WOLFSSL_LOCAL void DoCertFatalAlert(WOLFSSL* ssl, int ret);
 WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
 
 #ifndef NO_WOLFSSL_CLIENT
+    WOLFSSL_LOCAL int HaveUniqueSessionObj(WOLFSSL* ssl);
     WOLFSSL_LOCAL int SendClientHello(WOLFSSL* ssl);
     WOLFSSL_LOCAL int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
         word32 size);
@@ -5996,7 +6276,7 @@ WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
     WOLFSSL_LOCAL int  DtlsMsgSet(DtlsMsg* msg, word32 seq, word16 epoch,
                                   const byte* data, byte type,
                                   word32 fragOffset, word32 fragSz, void* heap,
-                                  word32 totalLen);
+                                  word32 totalLen, byte encrypted);
     /* Use WOLFSSL_API to enable src/api.c testing */
     WOLFSSL_API DtlsMsg* DtlsMsgFind(DtlsMsg* head, word16 epoch, word32 seq);
 
@@ -6025,7 +6305,7 @@ WOLFSSL_LOCAL int cipherExtraData(WOLFSSL* ssl);
 
 #if !defined(NO_WOLFSSL_SERVER)
     WOLFSSL_LOCAL int DoClientHelloStateless(WOLFSSL* ssl,
-            const byte* input, word32* inOutIdx, word32 helloSz);
+            const byte* input, word32 helloSz, byte isFirstCHFrag, byte* tls13);
 #endif /* !defined(NO_WOLFSSL_SERVER) */
 #endif /* WOLFSSL_DTLS */
 
@@ -6053,6 +6333,10 @@ WOLFSSL_LOCAL word32  LowResTimer(void);
 
 WOLFSSL_LOCAL int FindSuiteSSL(const WOLFSSL* ssl, byte* suite);
 
+WOLFSSL_LOCAL void DecodeSigAlg(const byte* input, byte* hashAlgo,
+        byte* hsType);
+WOLFSSL_LOCAL enum wc_HashType HashAlgoToType(int hashAlgo);
+
 #ifndef NO_CERTS
     WOLFSSL_LOCAL void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag,
                                     void* heap);
@@ -6231,6 +6515,7 @@ WOLFSSL_LOCAL word32 nid2oid(int nid, int grp);
 #ifdef WOLFSSL_DTLS
 WOLFSSL_API int wolfSSL_DtlsUpdateWindow(word16 cur_hi, word32 cur_lo,
         word16* next_hi, word32* next_lo, word32 *window);
+WOLFSSL_LOCAL int DtlsUpdateWindow(WOLFSSL* ssl);
 WOLFSSL_LOCAL void DtlsResetState(WOLFSSL *ssl);
 WOLFSSL_LOCAL int DtlsIgnoreError(int err);
 WOLFSSL_LOCAL void DtlsSetSeqNumForReply(WOLFSSL* ssl);
@@ -6294,9 +6579,12 @@ WOLFSSL_LOCAL int Dtls13HashHandshake(WOLFSSL* ssl, const byte* input,
 WOLFSSL_LOCAL int Dtls13HashClientHello(const WOLFSSL* ssl, byte* hash,
         int* hashSz, const byte* body, word32 length, CipherSpecs* specs);
 WOLFSSL_LOCAL void Dtls13FreeFsmResources(WOLFSSL* ssl);
+WOLFSSL_LOCAL void Dtls13RtxFlushBuffered(WOLFSSL* ssl,
+        byte keepNewSessionTicket);
 WOLFSSL_LOCAL int Dtls13RtxTimeout(WOLFSSL* ssl);
 WOLFSSL_LOCAL int Dtls13ProcessBufferedMessages(WOLFSSL* ssl);
 WOLFSSL_LOCAL int Dtls13CheckAEADFailLimit(WOLFSSL* ssl);
+WOLFSSL_LOCAL int Dtls13UpdateWindowRecordRecvd(WOLFSSL* ssl);
 #endif /* WOLFSSL_DTLS13 */
 
 #ifdef WOLFSSL_STATIC_EPHEMERAL
@@ -6375,6 +6663,17 @@ WOLFSSL_LOCAL int wolfSSL_quic_keys_active(WOLFSSL* ssl, enum encrypt_side side)
 #define WOLFSSL_IS_QUIC(s) 0
 #endif /* WOLFSSL_QUIC (else) */
 
+#if defined(SHOW_SECRETS) && defined(WOLFSSL_SSLKEYLOGFILE)
+WOLFSSL_LOCAL int tls13ShowSecrets(WOLFSSL* ssl, int id, const unsigned char* secret,
+    int secretSz, void* ctx);
+#endif
+
+/* Optional Pre-Master-Secret logging for Wireshark */
+#if !defined(NO_FILESYSTEM) && defined(WOLFSSL_SSLKEYLOGFILE)
+#ifndef WOLFSSL_SSLKEYLOGFILE_OUTPUT
+    #define WOLFSSL_SSLKEYLOGFILE_OUTPUT "sslkeylog.log"
+#endif
+#endif
 
 #if defined(WOLFSSL_TLS13) && !defined(NO_PSK)
 WOLFSSL_LOCAL int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk,
diff --git a/extra/wolfssl/wolfssl/wolfssl/ocsp.h b/extra/wolfssl/wolfssl/wolfssl/ocsp.h
index 8afb196c..4dff068b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/ocsp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/ocsp.h
@@ -53,15 +53,19 @@ typedef struct OcspRequest WOLFSSL_OCSP_REQUEST;
 WOLFSSL_LOCAL int  InitOCSP(WOLFSSL_OCSP* ocsp, WOLFSSL_CERT_MANAGER* cm);
 WOLFSSL_LOCAL void FreeOCSP(WOLFSSL_OCSP* ocsp, int dynamic);
 
-WOLFSSL_LOCAL int  CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
-                                 WOLFSSL_BUFFER_INFO* responseBuffer);
+WOLFSSL_LOCAL int  CheckCertOCSP(WOLFSSL_OCSP* ocsp, DecodedCert* cert);
 WOLFSSL_LOCAL int  CheckCertOCSP_ex(WOLFSSL_OCSP* ocsp, DecodedCert* cert,
-                                    WOLFSSL_BUFFER_INFO* responseBuffer, WOLFSSL* ssl);
+                                    WOLFSSL* ssl);
 WOLFSSL_LOCAL int  CheckOcspRequest(WOLFSSL_OCSP* ocsp,
-                 OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer);
+                 OcspRequest* ocspRequest, WOLFSSL_BUFFER_INFO* responseBuffer,
+                 void* heap);
 WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int responseSz,
                                     WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
-                                    OcspEntry *entry, OcspRequest *ocspRequest);
+                                    OcspEntry *entry, OcspRequest *ocspRequest,
+                                    void* heap);
+
+WOLFSSL_LOCAL int CheckOcspResponder(OcspResponse *bs, DecodedCert *cert,
+                                     void* vp);
 
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY) || \
     defined(WOLFSSL_APACHE_HTTPD) || defined(HAVE_LIGHTY)
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h b/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
index caecd8be..38e71ae5 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/aes.h
@@ -33,6 +33,14 @@
 
 #ifndef NO_AES
 #include <wolfssl/wolfcrypt/aes.h>
+
+#if !defined(WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API) && \
+    defined(WC_AESFREE_IS_MANDATORY)
+#define WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+#endif
+
+#ifndef WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API
+
 #include <wolfssl/openssl/ssl.h> /* for size_t */
 
 #ifdef __cplusplus
@@ -95,6 +103,8 @@ WOLFSSL_API void wolfSSL_AES_decrypt(
     } /* extern "C" */
 #endif
 
+#endif /* !WOLFSSL_NO_OPENSSL_AES_LOW_LEVEL_API */
+
 #endif /* NO_AES */
 
 #endif /* WOLFSSL_AES_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h b/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
index c2a0e9bc..e6f5a709 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/bio.h
@@ -52,6 +52,9 @@
 #define BIO_ctrl_pending                wolfSSL_BIO_ctrl_pending
 #define BIO_wpending                    wolfSSL_BIO_wpending
 #define BIO_get_mem_ptr                 wolfSSL_BIO_get_mem_ptr
+#ifdef OPENSSL_ALL
+#define BIO_set_mem_buf                 wolfSSL_BIO_set_mem_buf
+#endif
 #define BIO_int_ctrl                    wolfSSL_BIO_int_ctrl
 #define BIO_reset                       wolfSSL_BIO_reset
 #define BIO_s_file                      wolfSSL_BIO_s_file
@@ -79,6 +82,8 @@
 #define BIO_puts      wolfSSL_BIO_puts
 
 #define BIO_should_retry                wolfSSL_BIO_should_retry
+#define BIO_should_read                 wolfSSL_BIO_should_read
+#define BIO_should_write                wolfSSL_BIO_should_write
 
 #define BIO_TYPE_FILE WOLFSSL_BIO_FILE
 #define BIO_TYPE_BIO  WOLFSSL_BIO_BIO
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h b/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
index b8a37368..973b8556 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/bn.h
@@ -30,7 +30,7 @@
 #ifndef WOLFSSL_BN_H_
 #define WOLFSSL_BN_H_
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/wolfcrypt/wolfmath.h>
 
 #ifdef __cplusplus
@@ -271,7 +271,7 @@ typedef WOLFSSL_BN_GENCB BN_GENCB;
 
 #define BN_mod_inverse wolfSSL_BN_mod_inverse
 
-#define BN_set_flags(x1, x2)
+#define BN_set_flags(x1, x2) WC_DO_NOTHING
 
 #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
 #define BN_get_rfc2409_prime_768   wolfSSL_DH_768_prime
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h b/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
index 7a4e1d8a..f57626f3 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/crypto.h
@@ -97,7 +97,7 @@ WOLFSSL_API int wolfSSL_OPENSSL_init_crypto(word64 opts, const OPENSSL_INIT_SETT
 #define SSLeay wolfSSLeay
 #define OpenSSL_version_num wolfSSL_OpenSSL_version_num
 
-#ifdef WOLFSSL_QT
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_HITCH)
     #define SSLEAY_VERSION 0x10001000L
 #else
     #define SSLEAY_VERSION 0x0090600fL
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h b/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
index 065c63ce..23ef5e9a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/ec.h
@@ -24,6 +24,7 @@
 #ifndef WOLFSSL_EC_H_
 #define WOLFSSL_EC_H_
 
+#include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/openssl/bn.h>
 #include <wolfssl/wolfcrypt/asn.h>
 #include <wolfssl/wolfcrypt/ecc.h>
@@ -264,6 +265,9 @@ WOLFSSL_API
 int wolfSSL_EC_METHOD_get_field_type(const WOLFSSL_EC_METHOD *meth);
 WOLFSSL_API
 WOLFSSL_EC_POINT *wolfSSL_EC_POINT_new(const WOLFSSL_EC_GROUP *group);
+WOLFSSL_LOCAL
+int ec_point_convert_to_affine(const WOLFSSL_EC_GROUP *group,
+    WOLFSSL_EC_POINT *point);
 WOLFSSL_API
 int wolfSSL_EC_POINT_get_affine_coordinates_GFp(const WOLFSSL_EC_GROUP *group,
                                                 const WOLFSSL_EC_POINT *p,
@@ -352,7 +356,7 @@ typedef WOLFSSL_EC_BUILTIN_CURVE      EC_builtin_curve;
 #define EC_GROUP_order_bits             wolfSSL_EC_GROUP_order_bits
 #define EC_GROUP_method_of              wolfSSL_EC_GROUP_method_of
 #ifndef NO_WOLFSSL_STUB
-#define EC_GROUP_set_point_conversion_form(...)
+#define EC_GROUP_set_point_conversion_form(...) WC_DO_NOTHING
 #endif
 
 #define EC_METHOD_get_field_type        wolfSSL_EC_METHOD_get_field_type
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h b/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
index ba147ff7..243513c7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/engine.h
@@ -6,5 +6,4 @@
 
 /* ENGINE_load_builtin_engines not needed, as all builtin engines are already
    loaded into memory and used on startup. */
-#define ENGINE_load_builtin_engines()
-
+#define ENGINE_load_builtin_engines() WC_DO_NOTHING
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h b/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
index 4b8bcf33..bdeabf25 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/evp.h
@@ -30,7 +30,7 @@
 #ifndef WOLFSSL_EVP_H_
 #define WOLFSSL_EVP_H_
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef WOLFSSL_PREFIX
 #include "prefix_evp.h"
@@ -49,6 +49,7 @@
 #include <wolfssl/openssl/dsa.h>
 #include <wolfssl/openssl/ec.h>
 #include <wolfssl/openssl/dh.h>
+#include <wolfssl/openssl/opensslv.h>
 #include <wolfssl/openssl/compat_types.h>
 
 #include <wolfssl/wolfcrypt/aes.h>
@@ -57,11 +58,21 @@
 #include <wolfssl/wolfcrypt/chacha20_poly1305.h>
 #include <wolfssl/wolfcrypt/hmac.h>
 #include <wolfssl/wolfcrypt/pwdbased.h>
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
+#ifdef WOLFSSL_SM4
+    #include <wolfssl/wolfcrypt/sm4.h>
+#endif
 
 #if defined(WOLFSSL_BASE64_ENCODE) || defined(WOLFSSL_BASE64_DECODE)
 #include <wolfssl/wolfcrypt/coding.h>
 #endif
 
+#ifdef HAVE_ARIA
+    #include <wolfssl/wolfcrypt/port/aria/aria-crypt.h>
+#endif
+
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -91,6 +102,8 @@ WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_256(void);
 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_384(void);
 WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sha3_512(void);
 
+WOLFSSL_API const WOLFSSL_EVP_MD* wolfSSL_EVP_sm3(void);
+
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ecb(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ecb(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ecb(void);
@@ -134,6 +147,11 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ccm(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_128_ctr(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_192_ctr(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aes_256_ctr(void);
+#if defined(HAVE_ARIA)
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_128_gcm(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_192_gcm(void);
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_aria_256_gcm(void);
+#endif
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ecb(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_ede3_ecb(void);
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_des_cbc(void);
@@ -149,7 +167,21 @@ WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20_poly1305(void);
 #define WOLFSSL_EVP_CHACHA_IV_BYTES     (CHACHA_IV_BYTES + sizeof(word32))
 WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_chacha20(void);
 #endif
-
+#ifdef WOLFSSL_SM4_ECB
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ecb(void);
+#endif
+#ifdef WOLFSSL_SM4_CBC
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_cbc(void);
+#endif
+#ifdef WOLFSSL_SM4_CTR
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ctr(void);
+#endif
+#ifdef WOLFSSL_SM4_GCM
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_gcm(void);
+#endif
+#ifdef WOLFSSL_SM4_CCM
+WOLFSSL_API const WOLFSSL_EVP_CIPHER* wolfSSL_EVP_sm4_ccm(void);
+#endif
 
 typedef union {
     #ifndef NO_MD4
@@ -186,6 +218,9 @@ typedef union {
     #ifndef WOLFSSL_NOSHA3_512
         WOLFSSL_SHA3_512_CTX sha3_512;
     #endif
+    #ifdef WOLFSSL_SM3
+        wc_Sm3               sm3;
+    #endif
 } WOLFSSL_Hasher;
 
 
@@ -211,6 +246,9 @@ typedef union {
     XtsAes xts;
 #endif
 #endif
+#ifdef HAVE_ARIA
+    wc_Aria aria;
+#endif
 #ifndef NO_DES3
     Des  des;
     Des3 des3;
@@ -225,6 +263,9 @@ typedef union {
 #ifdef HAVE_CHACHA
     ChaCha chacha;
 #endif
+#ifdef WOLFSSL_SM4
+    wc_Sm4 sm4;
+#endif
 } WOLFSSL_Cipher;
 
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
@@ -266,6 +307,11 @@ typedef union {
 #define NID_camellia_256_cbc            753
 #define NID_chacha20_poly1305           1018
 #define NID_chacha20                    1019
+#define NID_sm4_ecb                     1133
+#define NID_sm4_cbc                     1134
+#define NID_sm4_ctr                     1139
+#define NID_sm4_gcm                     1248
+#define NID_sm4_ccm                     1249
 #define NID_md5WithRSA                  104
 #define NID_md2WithRSAEncryption        9
 #define NID_md5WithRSAEncryption        99
@@ -303,6 +349,7 @@ typedef union {
 #define NID_shake256                    1101
 #define NID_sha1                        64
 #define NID_sha224                      675
+#define NID_sm3                         1143
 #define NID_md2                         77
 #define NID_md4                         257
 #define NID_md5                         40
@@ -346,6 +393,11 @@ typedef union {
 #define NID_auth_srp                    1052
 #define NID_auth_null                   1054
 #define NID_auth_any                    1055
+/* Curve */
+#define NID_aria_128_gcm                1123
+#define NID_aria_192_gcm                1124
+#define NID_aria_256_gcm                1125
+#define NID_sm2                         1172
 
 #define NID_X9_62_id_ecPublicKey EVP_PKEY_EC
 #define NID_rsaEncryption        EVP_PKEY_RSA
@@ -360,52 +412,60 @@ typedef union {
 #define EVP_PKEY_PRINT_INDENT_MAX    128
 
 enum {
-    AES_128_CBC_TYPE  = 1,
-    AES_192_CBC_TYPE  = 2,
-    AES_256_CBC_TYPE  = 3,
-    AES_128_CTR_TYPE  = 4,
-    AES_192_CTR_TYPE  = 5,
-    AES_256_CTR_TYPE  = 6,
-    AES_128_ECB_TYPE  = 7,
-    AES_192_ECB_TYPE  = 8,
-    AES_256_ECB_TYPE  = 9,
-    DES_CBC_TYPE      = 10,
-    DES_ECB_TYPE      = 11,
-    DES_EDE3_CBC_TYPE = 12,
-    DES_EDE3_ECB_TYPE = 13,
-    ARC4_TYPE         = 14,
-    NULL_CIPHER_TYPE  = 15,
-    EVP_PKEY_RSA      = 16,
-    EVP_PKEY_DSA      = 17,
-    EVP_PKEY_EC       = 18,
-    AES_128_GCM_TYPE  = 21,
-    AES_192_GCM_TYPE  = 22,
-    AES_256_GCM_TYPE  = 23,
-    EVP_PKEY_DH       = NID_dhKeyAgreement,
-    EVP_PKEY_HMAC     = NID_hmac,
-    EVP_PKEY_CMAC     = NID_cmac,
-    EVP_PKEY_HKDF     = NID_hkdf,
-    EVP_PKEY_FALCON   = 300, /* Randomly picked value. */
-    EVP_PKEY_DILITHIUM= 301, /* Randomly picked value. */
-    AES_128_CFB1_TYPE = 24,
-    AES_192_CFB1_TYPE = 25,
-    AES_256_CFB1_TYPE = 26,
-    AES_128_CFB8_TYPE = 27,
-    AES_192_CFB8_TYPE = 28,
-    AES_256_CFB8_TYPE = 29,
-    AES_128_CFB128_TYPE = 30,
-    AES_192_CFB128_TYPE = 31,
-    AES_256_CFB128_TYPE = 32,
-    AES_128_OFB_TYPE = 33,
-    AES_192_OFB_TYPE = 34,
-    AES_256_OFB_TYPE = 35,
-    AES_128_XTS_TYPE = 36,
-    AES_256_XTS_TYPE = 37,
+    AES_128_CBC_TYPE       = 1,
+    AES_192_CBC_TYPE       = 2,
+    AES_256_CBC_TYPE       = 3,
+    AES_128_CTR_TYPE       = 4,
+    AES_192_CTR_TYPE       = 5,
+    AES_256_CTR_TYPE       = 6,
+    AES_128_ECB_TYPE       = 7,
+    AES_192_ECB_TYPE       = 8,
+    AES_256_ECB_TYPE       = 9,
+    DES_CBC_TYPE           = 10,
+    DES_ECB_TYPE           = 11,
+    DES_EDE3_CBC_TYPE      = 12,
+    DES_EDE3_ECB_TYPE      = 13,
+    ARC4_TYPE              = 14,
+    NULL_CIPHER_TYPE       = 15,
+    EVP_PKEY_RSA           = 16,
+    EVP_PKEY_DSA           = 17,
+    EVP_PKEY_EC            = 18,
+    AES_128_GCM_TYPE       = 21,
+    AES_192_GCM_TYPE       = 22,
+    AES_256_GCM_TYPE       = 23,
+    EVP_PKEY_DH            = NID_dhKeyAgreement,
+    EVP_PKEY_HMAC          = NID_hmac,
+    EVP_PKEY_CMAC          = NID_cmac,
+    EVP_PKEY_HKDF          = NID_hkdf,
+    EVP_PKEY_FALCON        = 300, /* Randomly picked value. */
+    EVP_PKEY_DILITHIUM     = 301, /* Randomly picked value. */
+    AES_128_CFB1_TYPE      = 24,
+    AES_192_CFB1_TYPE      = 25,
+    AES_256_CFB1_TYPE      = 26,
+    AES_128_CFB8_TYPE      = 27,
+    AES_192_CFB8_TYPE      = 28,
+    AES_256_CFB8_TYPE      = 29,
+    AES_128_CFB128_TYPE    = 30,
+    AES_192_CFB128_TYPE    = 31,
+    AES_256_CFB128_TYPE    = 32,
+    AES_128_OFB_TYPE       = 33,
+    AES_192_OFB_TYPE       = 34,
+    AES_256_OFB_TYPE       = 35,
+    AES_128_XTS_TYPE       = 36,
+    AES_256_XTS_TYPE       = 37,
     CHACHA20_POLY1305_TYPE = 38,
-    CHACHA20_TYPE    = 39,
-    AES_128_CCM_TYPE  = 40,
-    AES_192_CCM_TYPE  = 41,
-    AES_256_CCM_TYPE  = 42
+    CHACHA20_TYPE          = 39,
+    AES_128_CCM_TYPE       = 40,
+    AES_192_CCM_TYPE       = 41,
+    AES_256_CCM_TYPE       = 42,
+    SM4_ECB_TYPE           = 43,
+    SM4_CBC_TYPE           = 44,
+    SM4_CTR_TYPE           = 45,
+    SM4_GCM_TYPE           = 46,
+    SM4_CCM_TYPE           = 47,
+    ARIA_128_GCM_TYPE      = 48,
+    ARIA_192_GCM_TYPE      = 49,
+    ARIA_256_GCM_TYPE      = 50
 };
 
 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
@@ -421,6 +481,8 @@ struct WOLFSSL_EVP_CIPHER_CTX {
 #if !defined(NO_AES)
     /* working iv pointer into cipher */
     ALIGN16 unsigned char  iv[AES_BLOCK_SIZE];
+#elif defined(WOLFSSL_SM4)
+    ALIGN16 unsigned char  iv[SM4_BLOCK_SIZE];
 #elif defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
     ALIGN16 unsigned char  iv[CHACHA20_POLY1305_AEAD_IV_SIZE];
 #elif !defined(NO_DES3)
@@ -433,10 +495,12 @@ struct WOLFSSL_EVP_CIPHER_CTX {
     int  lastUsed;
 #if !defined(NO_AES) || !defined(NO_DES3) || defined(HAVE_AESGCM) || \
     defined (WOLFSSL_AES_XTS) || (defined(HAVE_CHACHA) || \
-    defined(HAVE_POLY1305) || defined(HAVE_AESCCM))
+    defined(HAVE_POLY1305) || defined(HAVE_AESCCM)) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
 #define HAVE_WOLFSSL_EVP_CIPHER_CTX_IV
     int    ivSz;
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
     byte*   authBuffer;
     int     authBufferLen;
     byte*   authIn;
@@ -445,16 +509,20 @@ struct WOLFSSL_EVP_CIPHER_CTX {
 #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
     byte*   key;                 /* used in partial Init()s */
 #endif
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
-        (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM) || \
+    (defined(HAVE_CHACHA) && defined(HAVE_POLY1305))
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || defined(HAVE_ARIA)
     ALIGN16 unsigned char authTag[AES_BLOCK_SIZE];
+#elif defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
+    ALIGN16 unsigned char authTag[SM4_BLOCK_SIZE];
 #else
     ALIGN16 unsigned char authTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE];
 #endif
     int     authTagSz;
 #endif
-#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM)
+#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) || \
+    defined(WOLFSSL_SM4_GCM) || defined(WOLFSSL_SM4_CCM)
     byte    authIvGenEnable:1;
     byte    authIncIv:1;
 #endif
@@ -786,6 +854,7 @@ WOLFSSL_API int wolfSSL_EVP_PKEY_CTX_hkdf_mode(WOLFSSL_EVP_PKEY_CTX* ctx,
 #define WOLFSSL_EVP_CIPH_FLAG_AEAD_CIPHER  0x20
 #define WOLFSSL_EVP_CIPH_NO_PADDING       0x100
 #define WOLFSSL_EVP_CIPH_VARIABLE_LENGTH  0x200
+#define WOLFSSL_EVP_CIPH_LOW_LEVEL_INITED 0x400
 #define WOLFSSL_EVP_CIPH_TYPE_INIT         0xff
 
 
@@ -877,6 +946,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 #define EVP_ripemd160     wolfSSL_EVP_ripemd160
 #define EVP_shake128      wolfSSL_EVP_shake128
 #define EVP_shake256      wolfSSL_EVP_shake256
+#define EVP_sm3           wolfSSL_EVP_sm3
 #define EVP_set_pw_prompt wolfSSL_EVP_set_pw_prompt
 
 #define EVP_sha3_224    wolfSSL_EVP_sha3_224
@@ -923,6 +993,14 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 #define EVP_rc4               wolfSSL_EVP_rc4
 #define EVP_chacha20          wolfSSL_EVP_chacha20
 #define EVP_chacha20_poly1305 wolfSSL_EVP_chacha20_poly1305
+#define EVP_aria_128_gcm      wolfSSL_EVP_aria_128_gcm
+#define EVP_aria_192_gcm      wolfSSL_EVP_aria_192_gcm
+#define EVP_aria_256_gcm      wolfSSL_EVP_aria_256_gcm
+#define EVP_sm4_ecb           wolfSSL_EVP_sm4_ecb
+#define EVP_sm4_cbc           wolfSSL_EVP_sm4_cbc
+#define EVP_sm4_ctr           wolfSSL_EVP_sm4_ctr
+#define EVP_sm4_gcm           wolfSSL_EVP_sm4_gcm
+#define EVP_sm4_ccm           wolfSSL_EVP_sm4_ccm
 #define EVP_enc_null          wolfSSL_EVP_enc_null
 
 #define EVP_MD_size             wolfSSL_EVP_MD_size
@@ -941,7 +1019,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 #define EVP_MD_block_size       wolfSSL_EVP_MD_block_size
 #define EVP_MD_type             wolfSSL_EVP_MD_type
 #ifndef NO_WOLFSSL_STUB
-#define EVP_MD_CTX_set_flags(...)
+#define EVP_MD_CTX_set_flags(...) WC_DO_NOTHING
 #endif
 
 #define EVP_Digest             wolfSSL_EVP_Digest
@@ -1124,7 +1202,7 @@ WOLFSSL_API int wolfSSL_EVP_SignInit_ex(WOLFSSL_EVP_MD_CTX* ctx,
 #define EVP_CTRL_CCM_SET_MSGLEN        0x15
 
 #define EVP_PKEY_print_public           wolfSSL_EVP_PKEY_print_public
-#define EVP_PKEY_print_private(arg1, arg2, arg3, arg4)
+#define EVP_PKEY_print_private(arg1, arg2, arg3, arg4) WC_DO_NOTHING
 
 #ifndef EVP_MAX_MD_SIZE
     #define EVP_MAX_MD_SIZE   64     /* sha512 */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h b/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
index 24526568..5f8d8f7c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/objects.h
@@ -23,7 +23,7 @@
 #ifndef WOLFSSL_OBJECTS_H_
 #define WOLFSSL_OBJECTS_H_
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 #ifndef OPENSSL_EXTRA_SSL_GUARD
 #define OPENSSL_EXTRA_SSL_GUARD
 #include <wolfssl/ssl.h>
@@ -62,7 +62,7 @@
 #define i2t_ASN1_OBJECT  wolfSSL_i2t_ASN1_OBJECT
 
 /* not required for wolfSSL */
-#define OPENSSL_load_builtin_modules()
+#define OPENSSL_load_builtin_modules() WC_DO_NOTHING
 
 
 #define NID_ad_OCSP                     178
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h b/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
index 7584273c..c43e507b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/opensslv.h
@@ -24,6 +24,8 @@
 #ifndef WOLFSSL_OPENSSLV_H_
 #define WOLFSSL_OPENSSLV_H_
 
+#include <wolfssl/wolfcrypt/settings.h>
+
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
 
 /* api version compatibility */
@@ -37,7 +39,7 @@
       defined(WOLFSSL_RSYSLOG) || defined(WOLFSSL_KRB) || defined(HAVE_STUNNEL)
     /* For Apache httpd, Use 1.1.0 compatibility */
      #define OPENSSL_VERSION_NUMBER 0x10100003L
-#elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON)
+#elif defined(WOLFSSL_QT) || defined(WOLFSSL_PYTHON) || defined(WOLFSSL_KRB)
     /* For Qt and Python 3.8.5 compatibility */
      #define OPENSSL_VERSION_NUMBER 0x10101000L
 #elif defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_FFMPEG)
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h b/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
index cc3622b7..7284948a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/rsa.h
@@ -54,6 +54,8 @@
 #define RSA_PSS_SALTLEN_DIGEST   (-1)
 /* Old max salt length */
 #define RSA_PSS_SALTLEN_MAX_SIGN (-2)
+/* Verification only value to indicate to discover salt length. */
+#define RSA_PSS_SALTLEN_AUTO     (-2)
 /* Max salt length */
 #define RSA_PSS_SALTLEN_MAX      (-3)
 #endif /* OPENSSL_EXTRA || OPENSSL_EXTRA_X509_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h b/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
index 6498231e..c3644149 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/sha.h
@@ -41,8 +41,8 @@
     #define CTX_SHA_HW_ADDER sizeof(STM32_HASH_Context)
 #elif defined(WOLFSSL_IMXRT1170_CAAM)
     #define CTX_SHA_HW_ADDER (sizeof(caam_hash_ctx_t) + sizeof(caam_handle_t))
-#elif defined(WOLFSSL_ESPWROOM32) && \
-     !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#elif defined(WOLFSSL_ESP32) && \
+     !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
     #define CTX_SHA_HW_ADDER sizeof(WC_ESP32SHA)
 #else
     #define CTX_SHA_HW_ADDER 0
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h b/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
index d9ada762..77874c77 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/ssl.h
@@ -29,6 +29,8 @@
 #ifndef WOLFSSL_OPENSSL_H_
 #define WOLFSSL_OPENSSL_H_
 
+#include <wolfssl/wolfcrypt/types.h>
+
 /* wolfssl_openssl compatibility layer */
 #ifndef OPENSSL_EXTRA_SSL_GUARD
 #define OPENSSL_EXTRA_SSL_GUARD
@@ -165,6 +167,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
 #define CRYPTO_WRITE            0x08
 
 #define CRYPTO_set_locking_callback     wolfSSL_set_locking_callback
+#define CRYPTO_get_locking_callback     wolfSSL_get_locking_callback
 #define CRYPTO_set_dynlock_create_callback  wolfSSL_set_dynlock_create_callback
 #define CRYPTO_set_dynlock_lock_callback wolfSSL_set_dynlock_lock_callback
 #define CRYPTO_set_dynlock_destroy_callback wolfSSL_set_dynlock_destroy_callback
@@ -783,6 +786,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define BIO_method_type                 wolfSSL_BIO_method_type
 #define BIO_set_ssl                     wolfSSL_BIO_set_ssl
 #define BIO_get_ssl                     wolfSSL_BIO_get_ssl
+#define BIO_new_ssl                     wolfSSL_BIO_new_ssl
 #define BIO_new_ssl_connect             wolfSSL_BIO_new_ssl_connect
 #define BIO_set_conn_hostname           wolfSSL_BIO_set_conn_hostname
 #define BIO_eof                         wolfSSL_BIO_eof
@@ -885,6 +889,11 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define ASN1_UTF8STRING_free            wolfSSL_ASN1_STRING_free
 #define ASN1_UTF8STRING_set             wolfSSL_ASN1_STRING_set
 
+#define ASN1_IA5STRING                 WOLFSSL_ASN1_STRING
+#define ASN1_IA5STRING_new             wolfSSL_ASN1_STRING_new
+#define ASN1_IA5STRING_free            wolfSSL_ASN1_STRING_free
+#define ASN1_IA5STRING_set             wolfSSL_ASN1_STRING_set
+
 #define ASN1_PRINTABLE_type(...)        V_ASN1_PRINTABLESTRING
 
 #define ASN1_UTCTIME_pr                 wolfSSL_ASN1_UTCTIME_pr
@@ -899,6 +908,9 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define SSL_CTX_set_client_CA_list      wolfSSL_CTX_set_client_CA_list
 #define SSL_CTX_set_client_cert_cb      wolfSSL_CTX_set_client_cert_cb
 #define SSL_CTX_set_cert_store          wolfSSL_CTX_set_cert_store
+#ifdef OPENSSL_ALL
+#define SSL_CTX_set1_verify_cert_store  wolfSSL_CTX_set1_verify_cert_store
+#endif
 #define SSL_set0_verify_cert_store      wolfSSL_set0_verify_cert_store
 #define SSL_set1_verify_cert_store      wolfSSL_set1_verify_cert_store
 #define SSL_CTX_get_cert_store(x)       wolfSSL_CTX_get_cert_store ((WOLFSSL_CTX*) (x))
@@ -913,6 +925,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define SSL_CTX_set_timeout(ctx, to)    \
                                  wolfSSL_CTX_set_timeout(ctx, (unsigned int)(to))
 #define SSL_CTX_set_info_callback       wolfSSL_CTX_set_info_callback
+#define SSL_set_info_callback           wolfSSL_set_info_callback
 #define SSL_CTX_set_alpn_protos         wolfSSL_CTX_set_alpn_protos
 
 #define SSL_CTX_keylog_cb_func          wolfSSL_CTX_keylog_cb_func
@@ -1083,6 +1096,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
                                         wolfSSL_SESSION_get_ticket_lifetime_hint
 #define SSL_SESSION_set_timeout         wolfSSL_SSL_SESSION_set_timeout
 #define SSL_SESSION_get_timeout         wolfSSL_SESSION_get_timeout
+#define SSL_SESSION_set_time            wolfSSL_SESSION_set_time
 #define SSL_SESSION_get_time            wolfSSL_SESSION_get_time
 
 #define SSL_CTX_get_ex_new_index        wolfSSL_CTX_get_ex_new_index
@@ -1092,16 +1106,16 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_
 #define PEM_do_header                   wolfSSL_PEM_do_header
 
 /*#if OPENSSL_API_COMPAT < 0x10100000L*/
-#define CONF_modules_free()
-#define ENGINE_cleanup()
+#define CONF_modules_free()             WC_DO_NOTHING
+#define ENGINE_cleanup()                WC_DO_NOTHING
 #define SSL_CTX_need_tmp_RSA(ctx)       0
 #define SSL_CTX_set_tmp_rsa(ctx,rsa)    1
 #define SSL_need_tmp_RSA(ssl)           0
 #define SSL_set_tmp_rsa(ssl,rsa)        1
 /*#endif*/
 
-#define CONF_modules_unload(a)
-#define CONF_get1_default_config_file wolfSSL_CONF_get1_default_config_file
+#define CONF_modules_unload(a)          WC_DO_NOTHING
+#define CONF_get1_default_config_file   wolfSSL_CONF_get1_default_config_file
 
 #define SSL_get_hit                     wolfSSL_session_reused
 
@@ -1233,7 +1247,8 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_CTX_set_tlsext_max_fragment_length \
                             wolfSSL_CTX_set_tlsext_max_fragment_length
 #define SSL_get_server_random           wolfSSL_get_server_random
-#define SSL_get_server_tmp_key          wolfSSL_get_server_tmp_key
+#define SSL_get_server_tmp_key          wolfSSL_get_peer_tmp_key
+#define SSL_get_peer_tmp_key            wolfSSL_get_peer_tmp_key
 
 #define SSL_CTX_set_min_proto_version   wolfSSL_CTX_set_min_proto_version
 #define SSL_CTX_set_max_proto_version   wolfSSL_CTX_set_max_proto_version
@@ -1268,6 +1283,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_CTRL_SET_GROUPS                       91
 #define SSL_CTRL_GET_PEER_TMP_KEY                 109
 #define SSL_CTRL_GET_SERVER_TMP_KEY               SSL_CTRL_GET_PEER_TMP_KEY
+#define SSL_CTRL_GET_CHAIN_CERTS                  115
 #define SSL_CTRL_SET_MIN_PROTO_VERSION            123
 #define SSL_CTRL_SET_MAX_PROTO_VERSION            124
 #define SSL_CTRL_GET_MIN_PROTO_VERSION            125
@@ -1353,6 +1369,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define GENERAL_NAME_dup                wolfSSL_GENERAL_NAME_dup
 #define GENERAL_NAME_print              wolfSSL_GENERAL_NAME_print
 #define GENERAL_NAME_set0_othername     wolfSSL_GENERAL_NAME_set0_othername
+#define GENERAL_NAME_set0_value         wolfSSL_GENERAL_NAME_set0_value
 #define sk_GENERAL_NAME_push            wolfSSL_sk_GENERAL_NAME_push
 #define sk_GENERAL_NAME_value           wolfSSL_sk_GENERAL_NAME_value
 
@@ -1380,6 +1397,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define sk_ASN1_OBJECT_pop_free         wolfSSL_sk_ASN1_OBJECT_pop_free
 #define GENERAL_NAME_free               wolfSSL_GENERAL_NAME_free
 #define GENERAL_NAMES_free              wolfSSL_GENERAL_NAMES_free
+#define EXTENDED_KEY_USAGE_free         wolfSSL_EXTENDED_KEY_USAGE_free
 
 #define AUTHORITY_INFO_ACCESS_free      wolfSSL_AUTHORITY_INFO_ACCESS_free
 #define AUTHORITY_INFO_ACCESS_pop_free  wolfSSL_AUTHORITY_INFO_ACCESS_pop_free
@@ -1510,6 +1528,11 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_R_UNEXPECTED_MESSAGE                   OUT_OF_ORDER_E
 #define SSL_R_UNEXPECTED_RECORD                    SANITY_MSG_E
 #define SSL_R_UNKNOWN_ALERT_TYPE                   BUFFER_ERROR
+#define SSL_R_BAD_DIGEST_LENGTH                    BUFFER_ERROR
+#define SSL_R_BAD_PACKET_LENGTH                    BUFFER_ERROR
+#define SSL_R_DATA_LENGTH_TOO_LONG                 BUFFER_ERROR
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG            BUFFER_ERROR
+#define SSL_R_BAD_LENGTH                           BUFFER_ERROR
 #define SSL_R_UNKNOWN_PROTOCOL                     VERSION_ERROR
 #define SSL_R_WRONG_VERSION_NUMBER                 VERSION_ERROR
 #define SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC  ENCRYPT_ERROR
@@ -1519,6 +1542,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_R_CERTIFICATE_VERIFY_FAILED            VERIFY_CERT_ERROR
 #define SSL_R_CERT_CB_ERROR                        CLIENT_CERT_CB_ERROR
 #define SSL_R_NULL_SSL_METHOD_PASSED               BAD_FUNC_ARG
+#define SSL_R_CCS_RECEIVED_EARLY                   OUT_OF_ORDER_E
 
 #ifdef HAVE_SESSION_TICKET
 #define SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB 72
@@ -1529,6 +1553,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_OP_SINGLE_DH_USE            WOLFSSL_OP_SINGLE_DH_USE
 #define SSL_OP_SINGLE_ECDH_USE          WOLFSSL_OP_SINGLE_ECDH_USE
 #define SSL_OP_CIPHER_SERVER_PREFERENCE WOLFSSL_OP_CIPHER_SERVER_PREFERENCE
+#define SSL_OP_NO_RENEGOTIATION         WOLFSSL_OP_NO_RENEGOTIATION
 
 #define OPENSSL_config                  wolfSSL_OPENSSL_config
 #define OPENSSL_memdup                  wolfSSL_OPENSSL_memdup
@@ -1540,6 +1565,7 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #define SSL_get_wbio                    wolfSSL_SSL_get_wbio
 #define SSL_do_handshake                wolfSSL_SSL_do_handshake
 #define SSL_in_init                     wolfSSL_SSL_in_init
+#define SSL_in_before                   wolfSSL_SSL_in_before
 #define SSL_in_connect_init             wolfSSL_SSL_in_connect_init
 #define SSL_get0_session                wolfSSL_SSL_get0_session
 #define SSL_CTX_set_tlsext_ticket_key_cb wolfSSL_CTX_set_tlsext_ticket_key_cb
@@ -1637,8 +1663,8 @@ typedef WOLFSSL_SRTP_PROTECTION_PROFILE      SRTP_PROTECTION_PROFILE;
 #endif
 
 #ifndef NO_WOLFSSL_STUB
-#define OBJ_create_objects(...)
-#define sk_SSL_COMP_free(...)
+#define OBJ_create_objects(...)         WC_DO_NOTHING
+#define sk_SSL_COMP_free(...)           WC_DO_NOTHING
 #endif
 
 #define OBJ_dup                         wolfSSL_ASN1_OBJECT_dup
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h b/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
index f794a327..a603ce68 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/x509.h
@@ -74,47 +74,41 @@
  * satisfy OpenSSL compatibility consumers to prevent compilation errors.
  * The list was taken from
  * https://github.com/openssl/openssl/blob/master/include/openssl/x509_vfy.h.in
+ * One requirement for HAProxy is that the values should be literal constants.
  */
 
-#define X509_V_OK                       WOLFSSL_X509_V_OK
+#define X509_V_OK                                       0
 #define X509_V_ERR_UNSPECIFIED                          1
 #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            2
 #define X509_V_ERR_UNABLE_TO_GET_CRL                    3
 #define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     4
 #define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      5
 #define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   6
-#define X509_V_ERR_CERT_SIGNATURE_FAILURE               \
-                            WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE
+#define X509_V_ERR_CERT_SIGNATURE_FAILURE               7
 #define X509_V_ERR_CRL_SIGNATURE_FAILURE                8
-#define X509_V_ERR_CERT_NOT_YET_VALID   WOLFSSL_X509_V_ERR_CERT_NOT_YET_VALID
-#define X509_V_ERR_CERT_HAS_EXPIRED     WOLFSSL_X509_V_ERR_CERT_HAS_EXPIRED
+#define X509_V_ERR_CERT_NOT_YET_VALID                   9
+#define X509_V_ERR_CERT_HAS_EXPIRED                     10
 #define X509_V_ERR_CRL_NOT_YET_VALID                    11
 #define X509_V_ERR_CRL_HAS_EXPIRED                      12
-#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       \
-                            WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD
-#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        \
-                            WOLFSSL_X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD
+#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       13
+#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        14
 #define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       15
 #define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       16
 #define X509_V_ERR_OUT_OF_MEM                           17
-#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          \
-                            WOLFSSL_X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
+#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          18
 #define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            19
-#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    \
-                            WOLFSSL_X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
-#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      \
-                            WOLFSSL_X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE
-#define X509_V_ERR_CERT_CHAIN_TOO_LONG  WOLFSSL_X509_V_ERR_CERT_CHAIN_TOO_LONG
-#define X509_V_ERR_CERT_REVOKED         WOLFSSL_X509_V_ERR_CERT_REVOKED
-#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY WOLFSSL_X509_V_ERR_INVALID_CA
-#define X509_V_ERR_PATH_LENGTH_EXCEEDED WOLFSSL_X509_V_ERR_PATH_LENGTH_EXCEEDED
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    20
+#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      21
+#define X509_V_ERR_CERT_CHAIN_TOO_LONG                  22
+#define X509_V_ERR_CERT_REVOKED                         23
+#define X509_V_ERR_NO_ISSUER_PUBLIC_KEY                 24
+#define X509_V_ERR_PATH_LENGTH_EXCEEDED                 25
 #define X509_V_ERR_INVALID_PURPOSE                      26
 #define X509_V_ERR_CERT_UNTRUSTED                       27
-#define X509_V_ERR_CERT_REJECTED        WOLFSSL_X509_V_ERR_CERT_REJECTED
+#define X509_V_ERR_CERT_REJECTED                        28
 
 /* These are 'informational' when looking for issuer cert */
-#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH              \
-                             WOLFSSL_X509_V_ERR_SUBJECT_ISSUER_MISMATCH
+#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH              29
 #define X509_V_ERR_AKID_SKID_MISMATCH                   30
 #define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          31
 #define X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 32
diff --git a/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h b/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
index 30c95393..c9c9ad85 100644
--- a/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
+++ b/extra/wolfssl/wolfssl/wolfssl/openssl/x509v3.h
@@ -24,6 +24,7 @@
 #ifndef WOLFSSL_x509v3_H
 #define WOLFSSL_x509v3_H
 
+#include <wolfssl/wolfcrypt/types.h>
 #include <wolfssl/openssl/compat_types.h>
 #include <wolfssl/openssl/conf.h>
 #include <wolfssl/openssl/bio.h>
@@ -159,8 +160,8 @@ WOLFSSL_API WOLFSSL_ASN1_STRING* wolfSSL_a2i_IPADDRESS(const char* ipa);
 #define X509V3_EXT_conf_nid       wolfSSL_X509V3_EXT_conf_nid
 #define X509V3_set_ctx            wolfSSL_X509V3_set_ctx
 #ifndef NO_WOLFSSL_STUB
-#define X509V3_set_nconf(...)
-#define X509V3_EXT_cleanup(...)
+#define X509V3_set_nconf(...)     WC_DO_NOTHING
+#define X509V3_EXT_cleanup(...)   WC_DO_NOTHING
 #endif
 #define X509V3_set_ctx_test(ctx)  wolfSSL_X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST)
 #define X509V3_set_ctx_nodb       wolfSSL_X509V3_set_ctx_nodb
diff --git a/extra/wolfssl/wolfssl/wolfssl/quic.h b/extra/wolfssl/wolfssl/wolfssl/quic.h
index 87195116..c1462cba 100644
--- a/extra/wolfssl/wolfssl/wolfssl/quic.h
+++ b/extra/wolfssl/wolfssl/wolfssl/quic.h
@@ -52,7 +52,7 @@ typedef struct wolfssl_quic_method_t WOLFSSL_QUIC_METHOD;
 
 struct wolfssl_quic_method_t {
     /**
-     * Provide secrets to the QUIC stack when they becaome available in the SSL
+     * Provide secrets to the QUIC stack when they become available in the SSL
      * instance during handshake processing. read/write secrets have the same
      * length. A call may only provide one, passing NULL as the other.
      */
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer.h b/extra/wolfssl/wolfssl/wolfssl/sniffer.h
index 5fe023f6..3b5f2373 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer.h
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer.h
@@ -313,6 +313,35 @@ SSL_SNIFFER_API int ssl_PollSniffer(WOLF_EVENT** events, int maxEvents,
 
 #endif /* WOLFSSL_ASYNC_CRYPT */
 
+#ifdef WOLFSSL_SNIFFER_KEYLOGFILE
+
+typedef enum {
+    SNIFFER_SECRET_TLS12_MASTER_SECRET,
+#if defined(WOLFSSL_TLS13)
+    SNIFFER_SECRET_CLIENT_EARLY_TRAFFIC_SECRET,
+    SNIFFER_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
+    SNIFFER_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET,
+    SNIFFER_SECRET_CLIENT_TRAFFIC_SECRET,
+    SNIFFER_SECRET_SERVER_TRAFFIC_SECRET,
+#endif /* WOLFSSL_TLS13 */
+    SNIFFER_SECRET_NUM_SECRET_TYPES
+} SnifferSecretType;
+
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_CreateKeyLogSnifferServer(const char* address,
+                                                  int port,
+                                                  char* error);
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_LoadSecretsFromKeyLogFile(const char* keylogfile,
+                                                  char* error);
+
+typedef int (*SSLSnifferSecretCb)(unsigned char* client_random,
+                                  int type,
+                                  unsigned char* output_secret);
+
+#endif /* WOLFSSL_SNIFFER_KEYLOGFILE */
 
 
 #ifdef __cplusplus
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
index bea4c130..841241d9 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.h
@@ -142,6 +142,8 @@
 #define SNIFFER_KEY_SETUP_STR 96
 #define UNSUPPORTED_TLS_VER_STR 97
 #define KEY_MISMATCH_STR 98
+
+#define KEYLOG_FILE_INVALID 99
 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */
 
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
index 113aee59..dca40db8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
+++ b/extra/wolfssl/wolfssl/wolfssl/sniffer_error.rc
@@ -1,5 +1,5 @@
 
-STRINGTABLE 
+STRINGTABLE
 {
     1, "Out of Memory"
     2, "New SSL Sniffer Server Registered"
@@ -60,7 +60,7 @@ STRINGTABLE
     48, "Wrong Protocol type"
     49, "Packet Short for header processing"
     50, "Got Unknown Record Type"
-    
+
     51, "Can't Open Trace File"
     52, "Session in Fatal Error State"
     53, "Partial SSL record received"
@@ -72,7 +72,7 @@ STRINGTABLE
     58, "Received an Overlap Duplicate Packet"
     59, "Received an Overlap Reassembly Begin Duplicate Packet"
     60, "Received an Overlap Reassembly End Duplicate Packet"
-    
+
     61, "Missed the Client Hello Entirely"
     62, "Got Hello Request msg"
     63, "Got Session Ticket msg"
@@ -118,4 +118,6 @@ STRINGTABLE
     96, "Setting up keys"
     97, "Unsupported TLS Version"
     98, "Server Client Key Mismatch"
+
+    99, "Invalid or missing keylog file"
 }
diff --git a/extra/wolfssl/wolfssl/wolfssl/ssl.h b/extra/wolfssl/wolfssl/wolfssl/ssl.h
index 648cdbce..907b3691 100644
--- a/extra/wolfssl/wolfssl/wolfssl/ssl.h
+++ b/extra/wolfssl/wolfssl/wolfssl/ssl.h
@@ -525,6 +525,9 @@ struct WOLFSSL_BIO_METHOD {
     wolfssl_BIO_meth_ctrl_info_cb ctrlInfoCb;
 };
 
+#define WOLFSSL_BIO_METHOD_INIT(bio_type) \
+    { bio_type, { 0 }, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL }
+
 /* wolfSSL BIO type */
 typedef long (*wolf_bio_info_cb)(WOLFSSL_BIO *bio, int event, const char *parg,
                                  int iarg, long larg, long return_value);
@@ -1061,8 +1064,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfSSL_CTX_use_PrivateKey_file(
 #define WOLFSSL_LOAD_FLAG_IGNORE_ERR    0x00000001
 #define WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY 0x00000002
 #define WOLFSSL_LOAD_FLAG_PEM_CA_ONLY   0x00000004
-#if defined(WOLFSSL_QT)
+#if defined(WOLFSSL_QT) || defined(WOLFSSL_IGNORE_BAD_CERT_PATH)
 #define WOLFSSL_LOAD_FLAG_IGNORE_BAD_PATH_ERR 0x00000008
+#endif
+#if defined(WOLFSSL_QT)
 #define WOLFSSL_LOAD_FLAG_IGNORE_ZEROFILE     0x00000010
 #endif
 
@@ -1181,18 +1186,20 @@ WOLFSSL_API int  wolfSSL_CTX_allow_post_handshake_auth(WOLFSSL_CTX* ctx);
 WOLFSSL_API int  wolfSSL_allow_post_handshake_auth(WOLFSSL* ssl);
 WOLFSSL_API int  wolfSSL_request_certificate(WOLFSSL* ssl);
 
-WOLFSSL_API int  wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
-WOLFSSL_API int  wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
-
 WOLFSSL_API int  wolfSSL_preferred_group(WOLFSSL* ssl);
 WOLFSSL_API int  wolfSSL_CTX_set_groups(WOLFSSL_CTX* ctx, int* groups,
                                         int count);
 WOLFSSL_API int  wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count);
 
-#ifdef OPENSSL_EXTRA
+#if defined(OPENSSL_EXTRA) && defined(HAVE_SUPPORTED_CURVES)
 WOLFSSL_API int  wolfSSL_CTX_set1_groups(WOLFSSL_CTX* ctx, int* groups,
                                         int count);
 WOLFSSL_API int  wolfSSL_set1_groups(WOLFSSL* ssl, int* groups, int count);
+
+#ifdef HAVE_ECC
+WOLFSSL_API int  wolfSSL_CTX_set1_groups_list(WOLFSSL_CTX *ctx, char *list);
+WOLFSSL_API int  wolfSSL_set1_groups_list(WOLFSSL *ssl, char *list);
+#endif
 #endif
 
 WOLFSSL_API int  wolfSSL_connect_TLSv13(WOLFSSL* ssl);
@@ -1233,6 +1240,7 @@ WOLFSSL_API int  wolfSSL_get_alert_history(WOLFSSL* ssl, WOLFSSL_ALERT_HISTORY *
 
 WOLFSSL_ABI WOLFSSL_API int  wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session);
 WOLFSSL_API long wolfSSL_SSL_SESSION_set_timeout(WOLFSSL_SESSION* ses, long t);
+WOLFSSL_API long wolfSSL_SESSION_set_time(WOLFSSL_SESSION *ses, long t);
 WOLFSSL_ABI WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get_session(WOLFSSL* ssl);
 WOLFSSL_ABI WOLFSSL_API void wolfSSL_flush_sessions(WOLFSSL_CTX* ctx, long tm);
 WOLFSSL_API void wolfSSL_CTX_flush_sessions(WOLFSSL_CTX* ctx, long tm);
@@ -1470,8 +1478,10 @@ typedef struct WOLFSSL_SRTP_PROTECTION_PROFILE {
 } WOLFSSL_SRTP_PROTECTION_PROFILE;
 
 /* Compatibility API's for SRTP */
-WOLFSSL_API int wolfSSL_CTX_set_tlsext_use_srtp(WOLFSSL_CTX* ctx, const char*);
-WOLFSSL_API int wolfSSL_set_tlsext_use_srtp(WOLFSSL* ssl, const char*);
+WOLFSSL_API int wolfSSL_CTX_set_tlsext_use_srtp(WOLFSSL_CTX* ctx,
+                                                const char* profile_str);
+WOLFSSL_API int wolfSSL_set_tlsext_use_srtp(WOLFSSL* ssl,
+                                const char* wolfSSL_set_tlsext_use_srtp);
 WOLFSSL_API const WOLFSSL_SRTP_PROTECTION_PROFILE*
                 wolfSSL_get_selected_srtp_profile(WOLFSSL* ssl);
 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_SRTP_PROTECTION_PROFILE)*
@@ -1479,7 +1489,7 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_SRTP_PROTECTION_PROFILE)*
 
 /* Non standard API for getting the SRTP session keys using KDF */
 WOLFSSL_API int wolfSSL_export_dtls_srtp_keying_material(WOLFSSL* ssl,
-    unsigned char*, size_t*);
+    unsigned char* out, size_t* olen);
 #endif /* WOLFSSL_SRTP */
 
 WOLFSSL_API int  wolfSSL_dtls_get_drop_stats(WOLFSSL* ssl,
@@ -1518,6 +1528,7 @@ WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_new_node(void* heap);
 WOLFSSL_API void wolfSSL_sk_free(WOLFSSL_STACK* sk);
 WOLFSSL_API void wolfSSL_sk_free_node(WOLFSSL_STACK* in);
 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk);
+WOLFSSL_API WOLFSSL_STACK* wolfSSL_shallow_sk_dup(WOLFSSL_STACK* sk);
 WOLFSSL_API int wolfSSL_sk_push_node(WOLFSSL_STACK** stack, WOLFSSL_STACK* in);
 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_get_node(WOLFSSL_STACK* sk, int idx);
 WOLFSSL_API int wolfSSL_sk_push(WOLFSSL_STACK *st, const void *data);
@@ -1561,6 +1572,8 @@ WOLFSSL_API WOLFSSL_GENERAL_NAMES* wolfSSL_GENERAL_NAMES_dup(
 WOLFSSL_API int wolfSSL_GENERAL_NAME_set0_othername(WOLFSSL_GENERAL_NAME* gen,
                                                     WOLFSSL_ASN1_OBJECT* oid,
                                                     WOLFSSL_ASN1_TYPE* value);
+WOLFSSL_API void wolfSSL_GENERAL_NAME_set0_value(WOLFSSL_GENERAL_NAME *a,
+                                                 int type, void *value);
 
 WOLFSSL_API WOLFSSL_STACK* wolfSSL_sk_GENERAL_NAME_new(void *cmpFunc);
 WOLFSSL_API int wolfSSL_sk_GENERAL_NAME_push(WOLFSSL_GENERAL_NAMES* sk,
@@ -1574,6 +1587,7 @@ WOLFSSL_API void wolfSSL_sk_GENERAL_NAME_free(WOLFSSL_STACK* sk);
 WOLFSSL_API void wolfSSL_GENERAL_NAMES_free(WOLFSSL_GENERAL_NAMES* name);
 WOLFSSL_API int wolfSSL_GENERAL_NAME_print(WOLFSSL_BIO* out,
                                            WOLFSSL_GENERAL_NAME* name);
+WOLFSSL_API void wolfSSL_EXTENDED_KEY_USAGE_free(WOLFSSL_STACK * sk);
 
 WOLFSSL_API WOLFSSL_DIST_POINT* wolfSSL_DIST_POINT_new(void);
 WOLFSSL_API void wolfSSL_DIST_POINT_free(WOLFSSL_DIST_POINT* dp);
@@ -1646,7 +1660,7 @@ WOLFSSL_API int wolfSSL_CTX_add_session(WOLFSSL_CTX* ctx,
                                         WOLFSSL_SESSION* session);
 WOLFSSL_API int wolfSSL_SESSION_set_cipher(WOLFSSL_SESSION* session,
                                         const WOLFSSL_CIPHER* cipher);
-WOLFSSL_API int  wolfSSL_is_init_finished(WOLFSSL* ssl);
+WOLFSSL_API int  wolfSSL_is_init_finished(const WOLFSSL* ssl);
 
 WOLFSSL_API const char*  wolfSSL_get_version(const WOLFSSL* ssl);
 WOLFSSL_API int  wolfSSL_get_current_cipher_suite(WOLFSSL* ssl);
@@ -1683,7 +1697,7 @@ WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
 #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(const WOLFSSL_BIO_METHOD* method);
 #else
-WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD*);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new(WOLFSSL_BIO_METHOD* method);
 #endif
 WOLFSSL_API int  wolfSSL_BIO_free(WOLFSSL_BIO* bio);
 WOLFSSL_API void wolfSSL_BIO_vfree(WOLFSSL_BIO* bio);
@@ -1739,6 +1753,8 @@ WOLFSSL_API void wolfSSL_BIO_set_shutdown(WOLFSSL_BIO* bio, int shut);
 WOLFSSL_API int wolfSSL_BIO_get_shutdown(WOLFSSL_BIO* bio);
 WOLFSSL_API void wolfSSL_BIO_clear_retry_flags(WOLFSSL_BIO* bio);
 WOLFSSL_API int wolfSSL_BIO_should_retry(WOLFSSL_BIO *bio);
+WOLFSSL_API int wolfSSL_BIO_should_read(WOLFSSL_BIO *bio);
+WOLFSSL_API int wolfSSL_BIO_should_write(WOLFSSL_BIO *bio);
 
 WOLFSSL_API WOLFSSL_BIO_METHOD *wolfSSL_BIO_meth_new(int type, const char* name);
 WOLFSSL_API void wolfSSL_BIO_meth_free(WOLFSSL_BIO_METHOD* biom);
@@ -1774,6 +1790,7 @@ WOLFSSL_API long wolfSSL_BIO_set_conn_hostname(WOLFSSL_BIO* b, char* name);
 WOLFSSL_API long wolfSSL_BIO_set_conn_port(WOLFSSL_BIO *b, char* port);
 WOLFSSL_API long wolfSSL_BIO_do_connect(WOLFSSL_BIO *b);
 WOLFSSL_API int wolfSSL_BIO_do_accept(WOLFSSL_BIO *b);
+WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_ssl(WOLFSSL_CTX* ctx, int client);
 WOLFSSL_API WOLFSSL_BIO* wolfSSL_BIO_new_ssl_connect(WOLFSSL_CTX* ctx);
 
 WOLFSSL_API long wolfSSL_BIO_do_handshake(WOLFSSL_BIO *b);
@@ -1796,6 +1813,10 @@ WOLFSSL_API int  wolfSSL_BIO_tell(WOLFSSL_BIO* bio);
 WOLFSSL_API int  wolfSSL_BIO_write_filename(WOLFSSL_BIO *bio, char *name);
 WOLFSSL_API long wolfSSL_BIO_set_mem_eof_return(WOLFSSL_BIO *bio, int v);
 WOLFSSL_API long wolfSSL_BIO_get_mem_ptr(WOLFSSL_BIO *bio, WOLFSSL_BUF_MEM **m);
+#ifdef OPENSSL_ALL
+WOLFSSL_API int wolfSSL_BIO_set_mem_buf(WOLFSSL_BIO* bio, WOLFSSL_BUF_MEM* bufMem,
+                                        int closeFlag);
+#endif
 WOLFSSL_API int wolfSSL_BIO_get_len(WOLFSSL_BIO *bio);
 #endif
 
@@ -1815,8 +1836,10 @@ WOLFSSL_API int wolfSSL_COMP_add_compression_method(int method, void* data);
 
 WOLFSSL_API unsigned long wolfSSL_thread_id(void);
 WOLFSSL_API void wolfSSL_set_id_callback(unsigned long (*f)(void));
-WOLFSSL_API void wolfSSL_set_locking_callback(void (*f)(int, int, const char*,
-                                                      int));
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+WOLFSSL_API void wolfSSL_set_locking_callback(mutex_cb* f);
+WOLFSSL_API mutex_cb* wolfSSL_get_locking_callback(void);
+#endif
 WOLFSSL_API void wolfSSL_set_dynlock_create_callback(WOLFSSL_dynlock_value* (*f)
                                                    (const char*, int));
 WOLFSSL_API void wolfSSL_set_dynlock_lock_callback(void (*f)(int,
@@ -2100,6 +2123,19 @@ WOLFSSL_API void wolfSSL_CTX_set_client_cert_cb(WOLFSSL_CTX *ctx, client_cert_cb
 typedef int (*CertSetupCallback)(WOLFSSL* ssl, void*);
 WOLFSSL_API void wolfSSL_CTX_set_cert_cb(WOLFSSL_CTX* ctx,
     CertSetupCallback cb, void *arg);
+WOLFSSL_API int wolfSSL_get_client_suites_sigalgs(const WOLFSSL* ssl,
+        const byte** suites, word16* suiteSz,
+        const byte** hashSigAlgo, word16* hashSigAlgoSz);
+typedef struct WOLFSSL_CIPHERSUITE_INFO {
+    byte rsaAuth:1;
+    byte eccAuth:1;
+    byte eccStatic:1;
+    byte psk:1;
+} WOLFSSL_CIPHERSUITE_INFO;
+WOLFSSL_API WOLFSSL_CIPHERSUITE_INFO wolfSSL_get_ciphersuite_info(byte first,
+        byte second);
+WOLFSSL_API int wolfSSL_get_sigalg_info(byte first,
+        byte second, int* hashAlgo, int* sigAlgo);
 WOLFSSL_LOCAL int CertSetupCbWrapper(WOLFSSL* ssl);
 
 WOLFSSL_API void* wolfSSL_X509_STORE_CTX_get_ex_data(
@@ -2148,6 +2184,8 @@ WOLFSSL_API void *wolfSSL_CTX_get_default_passwd_cb_userdata(WOLFSSL_CTX *ctx);
 
 WOLFSSL_API void wolfSSL_CTX_set_info_callback(WOLFSSL_CTX* ctx,
                           void (*f)(const WOLFSSL* ssl, int type, int val));
+WOLFSSL_API void wolfSSL_set_info_callback(WOLFSSL* ssl,
+                          void (*f)(const WOLFSSL* ssl, int type, int val));
 
 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error(void);
 WOLFSSL_API int           wolfSSL_GET_REASON(int);
@@ -2250,26 +2288,27 @@ enum {
     WOLFSSL_OP_TLS_D5_BUG                             = 0x00000080,
     WOLFSSL_OP_TLS_BLOCK_PADDING_BUG                  = 0x00000100,
     WOLFSSL_OP_TLS_ROLLBACK_BUG                       = 0x00000200,
+    WOLFSSL_OP_NO_RENEGOTIATION                       = 0x00000400,
     WOLFSSL_OP_EPHEMERAL_RSA                          = 0x00000800,
-    WOLFSSL_OP_NO_SSLv3                           = 0x00001000,
-    WOLFSSL_OP_NO_TLSv1                           = 0x00002000,
+    WOLFSSL_OP_NO_SSLv3                               = 0x00001000,
+    WOLFSSL_OP_NO_TLSv1                               = 0x00002000,
     WOLFSSL_OP_PKCS1_CHECK_1                          = 0x00004000,
     WOLFSSL_OP_PKCS1_CHECK_2                          = 0x00008000,
     WOLFSSL_OP_NETSCAPE_CA_DN_BUG                     = 0x00010000,
     WOLFSSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG        = 0x00020000,
-    WOLFSSL_OP_SINGLE_DH_USE                      = 0x00040000,
+    WOLFSSL_OP_SINGLE_DH_USE                          = 0x00040000,
     WOLFSSL_OP_NO_TICKET                              = 0x00080000,
     WOLFSSL_OP_DONT_INSERT_EMPTY_FRAGMENTS            = 0x00100000,
     WOLFSSL_OP_NO_QUERY_MTU                           = 0x00200000,
     WOLFSSL_OP_COOKIE_EXCHANGE                        = 0x00400000,
     WOLFSSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 0x00800000,
-    WOLFSSL_OP_SINGLE_ECDH_USE                    = 0x01000000,
-    WOLFSSL_OP_CIPHER_SERVER_PREFERENCE           = 0x02000000,
-    WOLFSSL_OP_NO_TLSv1_1                         = 0x04000000,
-    WOLFSSL_OP_NO_TLSv1_2                         = 0x08000000,
-    WOLFSSL_OP_NO_COMPRESSION                     = 0x10000000,
-    WOLFSSL_OP_NO_TLSv1_3                         = 0x20000000,
-    WOLFSSL_OP_NO_SSLv2                           = 0x40000000,
+    WOLFSSL_OP_SINGLE_ECDH_USE                        = 0x01000000,
+    WOLFSSL_OP_CIPHER_SERVER_PREFERENCE               = 0x02000000,
+    WOLFSSL_OP_NO_TLSv1_1                             = 0x04000000,
+    WOLFSSL_OP_NO_TLSv1_2                             = 0x08000000,
+    WOLFSSL_OP_NO_COMPRESSION                         = 0x10000000,
+    WOLFSSL_OP_NO_TLSv1_3                             = 0x20000000,
+    WOLFSSL_OP_NO_SSLv2                               = 0x40000000,
     WOLFSSL_OP_ALL   =
                    (WOLFSSL_OP_MICROSOFT_SESS_ID_BUG
                   | WOLFSSL_OP_NETSCAPE_CHALLENGE_BUG
@@ -2285,7 +2324,7 @@ enum {
 };
 
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
-    defined(HAVE_WEBSERVER)
+    defined(HAVE_WEBSERVER) || defined(HAVE_MEMCACHED)
 /* for compatibility these must be macros */
 
 #define SSL_OP_MICROSOFT_SESS_ID_BUG            WOLFSSL_OP_MICROSOFT_SESS_ID_BUG
@@ -2386,8 +2425,8 @@ enum {
                               * limit the possibility of an infinite retry loop
                               */
     SSL_MODE_RELEASE_BUFFERS = -1, /* For libwebsockets build. No current use. */
-    /* Errors used in wolfSSL.
-     * Should map the defines in wolfssl/openssl/x509.h
+    /* Errors used in wolfSSL. utilize the values from the defines in
+     * wolfssl/openssl/x509.h, but without the WOLFSSL_ prefix.
      */
     WOLFSSL_X509_V_OK                                    = 0,
     WOLFSSL_X509_V_ERR_CERT_SIGNATURE_FAILURE            = 7,
@@ -2535,7 +2574,9 @@ enum { /* ssl Constants */
     WOLFSSL_SESS_CACHE_NO_AUTO_CLEAR      = 0x0008,
     WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 0x0100,
     WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE  = 0x0200,
-    WOLFSSL_SESS_CACHE_NO_INTERNAL        = 0x0300,
+    WOLFSSL_SESS_CACHE_NO_INTERNAL        =
+            (WOLFSSL_SESS_CACHE_NO_INTERNAL_STORE |
+                    WOLFSSL_SESS_CACHE_NO_INTERNAL_LOOKUP),
 
     WOLFSSL_ERROR_WANT_READ        =  2,
     WOLFSSL_ERROR_WANT_WRITE       =  3,
@@ -3227,7 +3268,11 @@ enum BulkCipherAlgorithm {
     wolfssl_aes_gcm     = 7,
     wolfssl_aes_ccm     = 8,
     wolfssl_chacha      = 9,
-    wolfssl_camellia    = 10
+    wolfssl_camellia    = 10,
+    wolfssl_sm4_cbc     = 11,
+    wolfssl_sm4_gcm     = 12,
+    wolfssl_sm4_ccm     = 13,
+    wolfssl_aria_gcm    = 14
 };
 
 
@@ -3235,7 +3280,8 @@ enum BulkCipherAlgorithm {
 enum KDF_MacAlgorithm {
     wolfssl_sha256 = 4,     /* needs to match hash.h wc_MACAlgorithm */
     wolfssl_sha384,
-    wolfssl_sha512
+    wolfssl_sha512,
+    wolfssl_sm3 = 9
 };
 
 
@@ -3541,70 +3587,73 @@ WOLFSSL_API void wolfSSL_CTX_SetPerformTlsRecordProcessingCb(WOLFSSL_CTX* ctx,
     WOLFSSL_API void wolfSSL_CertManagerFree(WOLFSSL_CERT_MANAGER* cm);
     WOLFSSL_API int wolfSSL_CertManager_up_ref(WOLFSSL_CERT_MANAGER* cm);
 
-    WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm, const char* f,
-                                                                 const char* d);
+    WOLFSSL_API int wolfSSL_CertManagerLoadCA(WOLFSSL_CERT_MANAGER* cm,
+        const char* f, const char* d);
     WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer_ex(WOLFSSL_CERT_MANAGER* cm,
-            const unsigned char* in, long sz, int format, int userChain,
-            word32 flags);
+        const unsigned char* buff, long sz, int format, int userChain,
+        word32 flags);
     WOLFSSL_API int wolfSSL_CertManagerLoadCABuffer(WOLFSSL_CERT_MANAGER* cm,
-            const unsigned char* in, long sz, int format);
+        const unsigned char* buff, long sz, int format);
 
     WOLFSSL_API int wolfSSL_CertManagerUnloadCAs(WOLFSSL_CERT_MANAGER* cm);
 #ifdef WOLFSSL_TRUST_PEER_CERT
-    WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(WOLFSSL_CERT_MANAGER* cm);
+    WOLFSSL_API int wolfSSL_CertManagerUnload_trust_peers(
+        WOLFSSL_CERT_MANAGER* cm);
 #endif
-    WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm, const char* f,
-                                                                    int format);
+    WOLFSSL_API int wolfSSL_CertManagerVerify(WOLFSSL_CERT_MANAGER* cm,
+        const char* f, int format);
     WOLFSSL_API int wolfSSL_CertManagerVerifyBuffer(WOLFSSL_CERT_MANAGER* cm,
-                                const unsigned char* buff, long sz, int format);
+        const unsigned char* buff, long sz, int format);
     WOLFSSL_API int wolfSSL_CertManagerCheckCRL(WOLFSSL_CERT_MANAGER* cm,
-                                                        unsigned char* der, int sz);
+        const unsigned char* der, int sz);
     WOLFSSL_API int wolfSSL_CertManagerEnableCRL(WOLFSSL_CERT_MANAGER* cm,
-                                                                   int options);
+        int options);
     WOLFSSL_API int wolfSSL_CertManagerDisableCRL(WOLFSSL_CERT_MANAGER* cm);
     WOLFSSL_API void wolfSSL_CertManagerSetVerify(WOLFSSL_CERT_MANAGER* cm,
-            VerifyCallback vc);
+        VerifyCallback vc);
     WOLFSSL_API int wolfSSL_CertManagerLoadCRL(WOLFSSL_CERT_MANAGER* cm,
-                                                         const char* path, int type, int monitor);
+        const char* path, int type, int monitor);
     WOLFSSL_API int wolfSSL_CertManagerLoadCRLFile(WOLFSSL_CERT_MANAGER* cm,
-                                                         const char* file, int type);
+        const char* file, int type);
     WOLFSSL_API int wolfSSL_CertManagerLoadCRLBuffer(WOLFSSL_CERT_MANAGER* cm,
-                                            const unsigned char* buff, long sz, int type);
+        const unsigned char* buff, long sz, int type);
     WOLFSSL_API int wolfSSL_CertManagerSetCRL_Cb(WOLFSSL_CERT_MANAGER* cm,
-                                                                  CbMissingCRL cb);
+        CbMissingCRL cb);
     WOLFSSL_API int wolfSSL_CertManagerFreeCRL(WOLFSSL_CERT_MANAGER* cm);
 #ifdef HAVE_CRL_IO
     WOLFSSL_API int wolfSSL_CertManagerSetCRL_IOCb(WOLFSSL_CERT_MANAGER* cm,
-                                                                       CbCrlIO cb);
+        CbCrlIO cb);
 #endif
 #if defined(HAVE_OCSP)
-    WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(WOLFSSL_CERT_MANAGER* cm,
-        byte *response, int responseSz, WOLFSSL_BUFFER_INFO *responseBuffer,
-        CertStatus *status, OcspEntry *entry, OcspRequest *ocspRequest);
+    WOLFSSL_API int wolfSSL_CertManagerCheckOCSPResponse(
+        WOLFSSL_CERT_MANAGER* cm, unsigned char *response, int responseSz,
+        WOLFSSL_BUFFER_INFO *responseBuffer, CertStatus *status,
+        OcspEntry *entry, OcspRequest *ocspRequest);
 #endif
     WOLFSSL_API int wolfSSL_CertManagerCheckOCSP(WOLFSSL_CERT_MANAGER* cm,
-                                                        unsigned char* der, int sz);
+        const unsigned char* der, int sz);
     WOLFSSL_API int wolfSSL_CertManagerEnableOCSP(WOLFSSL_CERT_MANAGER* cm,
-                                                                   int options);
+        int options);
     WOLFSSL_API int wolfSSL_CertManagerDisableOCSP(WOLFSSL_CERT_MANAGER* cm);
-    WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(WOLFSSL_CERT_MANAGER* cm,
-                                                                   const char* url);
+    WOLFSSL_API int wolfSSL_CertManagerSetOCSPOverrideURL(
+        WOLFSSL_CERT_MANAGER* cm, const char* url);
     WOLFSSL_API int wolfSSL_CertManagerSetOCSP_Cb(WOLFSSL_CERT_MANAGER* cm,
-                                               CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx);
+        CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx);
 
     WOLFSSL_API int wolfSSL_CertManagerEnableOCSPStapling(
-                                                      WOLFSSL_CERT_MANAGER* cm);
+        WOLFSSL_CERT_MANAGER* cm);
     WOLFSSL_API int wolfSSL_CertManagerDisableOCSPStapling(
-                                                      WOLFSSL_CERT_MANAGER* cm);
+        WOLFSSL_CERT_MANAGER* cm);
     WOLFSSL_API int wolfSSL_CertManagerEnableOCSPMustStaple(
-                                                      WOLFSSL_CERT_MANAGER* cm);
+        WOLFSSL_CERT_MANAGER* cm);
     WOLFSSL_API int wolfSSL_CertManagerDisableOCSPMustStaple(
-                                                      WOLFSSL_CERT_MANAGER* cm);
+        WOLFSSL_CERT_MANAGER* cm);
 #if defined(OPENSSL_EXTRA) && defined(WOLFSSL_SIGNER_DER_CERT) && \
     !defined(NO_FILESYSTEM)
-WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(WOLFSSL_CERT_MANAGER* cm);
+WOLFSSL_API WOLFSSL_STACK* wolfSSL_CertManagerGetCerts(
+    WOLFSSL_CERT_MANAGER* cm);
 WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_X509_STORE_get1_certs(
-                               WOLFSSL_X509_STORE_CTX* ctx, WOLFSSL_X509_NAME* name);
+    WOLFSSL_X509_STORE_CTX* ctx, WOLFSSL_X509_NAME* name);
 #endif /* OPENSSL_EXTRA && WOLFSSL_SIGNER_DER_CERT && !NO_FILESYSTEM */
     WOLFSSL_API int wolfSSL_EnableCRL(WOLFSSL* ssl, int options);
     WOLFSSL_API int wolfSSL_DisableCRL(WOLFSSL* ssl);
@@ -3895,8 +3944,12 @@ enum {
     WOLFSSL_ECC_BRAINPOOLP512R1 = 28,
     WOLFSSL_ECC_X25519    = 29,
     WOLFSSL_ECC_X448      = 30,
-    WOLFSSL_ECC_MAX       = 30,
+    WOLFSSL_ECC_SM2P256V1 = 41,
+    WOLFSSL_ECC_MAX       = 41,
+    WOLFSSL_ECC_MAX_AVAIL = 46,
+    /* Update use of disabled curves when adding value greater than 46. */
 
+    WOLFSSL_FFDHE_START   = 256,
     WOLFSSL_FFDHE_2048    = 256,
     WOLFSSL_FFDHE_3072    = 257,
     WOLFSSL_FFDHE_4096    = 258,
@@ -3961,8 +4014,10 @@ WOLFSSL_API int wolfSSL_NoKeyShares(WOLFSSL* ssl);
 
 WOLFSSL_API int wolfSSL_UseSecureRenegotiation(WOLFSSL* ssl);
 WOLFSSL_API int wolfSSL_CTX_UseSecureRenegotiation(WOLFSSL_CTX* ctx);
+#ifdef HAVE_SECURE_RENEGOTIATION
 WOLFSSL_API int wolfSSL_Rehandshake(WOLFSSL* ssl);
 WOLFSSL_API int wolfSSL_SecureResume(WOLFSSL* ssl);
+#endif
 WOLFSSL_API long wolfSSL_SSL_get_secure_renegotiation_support(WOLFSSL* ssl);
 
 #endif
@@ -4226,6 +4281,7 @@ WOLFSSL_API WOLFSSL_X509_NAME_ENTRY *wolfSSL_X509_NAME_delete_entry(
 WOLFSSL_API int wolfSSL_X509_NAME_cmp(const WOLFSSL_X509_NAME* x,
             const WOLFSSL_X509_NAME* y);
 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new(void);
+WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_new_ex(void *heap);
 WOLFSSL_API WOLFSSL_X509_NAME* wolfSSL_X509_NAME_dup(WOLFSSL_X509_NAME* name);
 WOLFSSL_API int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to);
 WOLFSSL_API int wolfSSL_check_private_key(const WOLFSSL* ssl);
@@ -4337,6 +4393,10 @@ WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509) *wolfSSL_get0_verified_chain(
         const WOLFSSL *ssl);
 WOLFSSL_API void wolfSSL_CTX_set_cert_store(WOLFSSL_CTX* ctx,
                                                        WOLFSSL_X509_STORE* str);
+#ifdef OPENSSL_ALL
+WOLFSSL_API int wolfSSL_CTX_set1_verify_cert_store(WOLFSSL_CTX* ctx,
+                                                       WOLFSSL_X509_STORE* str);
+#endif
 WOLFSSL_API int wolfSSL_set0_verify_cert_store(WOLFSSL *ssl,
                                                        WOLFSSL_X509_STORE* str);
 WOLFSSL_API int wolfSSL_set1_verify_cert_store(WOLFSSL *ssl,
@@ -4357,7 +4417,9 @@ WOLFSSL_API size_t wolfSSL_BIO_wpending(const WOLFSSL_BIO *bio);
 WOLFSSL_API int wolfSSL_BIO_supports_pending(const WOLFSSL_BIO *bio);
 WOLFSSL_API size_t wolfSSL_BIO_ctrl_pending(WOLFSSL_BIO *b);
 
-WOLFSSL_API int wolfSSL_get_server_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey);
+/* Definition for backwards comaptiblity */
+#define wolfSSL_get_server_tmp_key          wolfSSL_get_peer_tmp_key
+WOLFSSL_API int wolfSSL_get_peer_tmp_key(const WOLFSSL* ssl, WOLFSSL_EVP_PKEY** pkey);
 
 WOLFSSL_API int wolfSSL_CTX_set_min_proto_version(WOLFSSL_CTX* ctx, int version);
 WOLFSSL_API int wolfSSL_CTX_set_max_proto_version(WOLFSSL_CTX* ctx, int version);
@@ -4895,6 +4957,7 @@ WOLFSSL_API int wolfSSL_SSL_in_init(const WOLFSSL* ssl);
 #else
 WOLFSSL_API int wolfSSL_SSL_in_init(WOLFSSL* ssl);
 #endif
+WOLFSSL_API int wolfSSL_SSL_in_before(const WOLFSSL* ssl);
 WOLFSSL_API int wolfSSL_SSL_in_connect_init(WOLFSSL* ssl);
 
 #ifndef NO_SESSION_CACHE
@@ -4964,6 +5027,13 @@ WOLFSSL_API int wolfSSL_select_next_proto(unsigned char **out,
         const unsigned char *in, unsigned int inlen,
         const unsigned char *client,
         unsigned int client_len);
+WOLFSSL_API void wolfSSL_set_alpn_select_cb(WOLFSSL *ssl,
+        int (*cb) (WOLFSSL *ssl,
+            const unsigned char **out,
+            unsigned char *outlen,
+            const unsigned char *in,
+            unsigned int inlen,
+            void *arg), void *arg);
 WOLFSSL_API void wolfSSL_CTX_set_alpn_select_cb(WOLFSSL_CTX *ctx,
         int (*cb) (WOLFSSL *ssl,
             const unsigned char **out,
@@ -5103,6 +5173,29 @@ WOLFSSL_API int wolfSSL_get_ephemeral_key(WOLFSSL* ssl, int keyAlgo,
     const unsigned char** key, unsigned int* keySz);
 #endif
 
+#ifdef HAVE_RPK
+/* cert type for client_certificate_type/server_certificate_type extensions */
+enum {
+    WOLFSSL_CERT_TYPE_UNKNOWN = -1,
+    WOLFSSL_CERT_TYPE_X509 = 0,
+    WOLFSSL_CERT_TYPE_RPK  = 2,
+};
+#define MAX_CLIENT_CERT_TYPE_CNT 2
+#define MAX_SERVER_CERT_TYPE_CNT 2
+
+WOLFSSL_API int wolfSSL_CTX_set_client_cert_type(WOLFSSL_CTX* ctx,
+                                          const char* buf, int len);
+WOLFSSL_API int wolfSSL_CTX_set_server_cert_type(WOLFSSL_CTX* ctx,
+                                          const char* buf, int len);
+WOLFSSL_API int wolfSSL_set_client_cert_type(WOLFSSL* ssl,
+                                          const char* buf, int len);
+WOLFSSL_API int wolfSSL_set_server_cert_type(WOLFSSL* ssl,
+                                          const char* buf, int len);
+WOLFSSL_API int wolfSSL_get_negotiated_client_cert_type(WOLFSSL* ssl, int* tp);
+WOLFSSL_API int wolfSSL_get_negotiated_server_cert_type(WOLFSSL* ssl, int* tp);
+#endif /* HAVE_RPK */
+
+
 #if defined(OPENSSL_EXTRA)
 #ifndef WOLFCRYPT_ONLY
 WOLFSSL_API int wolfSSL_EVP_PKEY_param_check(WOLFSSL_EVP_PKEY_CTX* ctx);
@@ -5158,6 +5251,13 @@ WOLFSSL_API int wolfSSL_dtls_cid_get_tx(WOLFSSL* ssl, unsigned char* buffer,
     unsigned int bufferSz);
 #endif /* defined(WOLFSSL_DTLS_CID) */
 
+#ifdef WOLFSSL_DTLS_CH_FRAG
+    WOLFSSL_API int wolfSSL_dtls13_allow_ch_frag(WOLFSSL *ssl, int enabled);
+#endif
+#ifdef WOLFSSL_DTLS13_NO_HRR_ON_RESUME
+    WOLFSSL_API int wolfSSL_dtls13_no_hrr_on_resume(WOLFSSL *ssl, int enabled);
+#endif
+
 /*  */
 #define SSL2_VERSION                     0x0002
 #define SSL3_VERSION                     0x0300
diff --git a/extra/wolfssl/wolfssl/wolfssl/test.h b/extra/wolfssl/wolfssl/wolfssl/test.h
index fff63630..5265e87f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/test.h
@@ -28,6 +28,9 @@
 #ifndef wolfSSL_TEST_H
 #define wolfSSL_TEST_H
 
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/wc_port.h>
+
 #ifdef FUSION_RTOS
     #include <fclstdio.h>
     #include <fclstdlib.h>
@@ -182,7 +185,9 @@
     #include <sys/ioctl.h>
     #include <sys/time.h>
     #include <sys/socket.h>
-    #include <pthread.h>
+    #ifdef HAVE_PTHREAD
+        #include <pthread.h>
+    #endif
     #include <fcntl.h>
     #ifdef TEST_IPV6
         #include <netdb.h>
@@ -248,7 +253,7 @@
 #elif defined(WOLFSSL_TIRTOS)
     #define WOLFSSL_SOCKET_INVALID  ((SOCKET_T)-1)
 #else
-    #define WOLFSSL_SOCKET_INVALID  (SOCKET_T)(0)
+    #define WOLFSSL_SOCKET_INVALID  (SOCKET_T)(-1)
 #endif
 #endif /* WOLFSSL_SOCKET_INVALID */
 
@@ -358,13 +363,13 @@ err_sys_with_errno(const char* msg)
         }                                                            \
     } while(0)
 
-#define PTHREAD_CHECK_RET(...) do {                                  \
-        int _pthread_ret = (__VA_ARGS__);                            \
-        if (_pthread_ret != 0) {                                     \
-            errno = _pthread_ret;                                    \
+#define THREAD_CHECK_RET(...) do {                                   \
+        int _thread_ret = (__VA_ARGS__);                             \
+        if (_thread_ret != 0) {                                      \
+            errno = _thread_ret;                                     \
             fprintf(stderr, "%s L%d error %d for \"%s\"\n",          \
-                    __FILE__, __LINE__, _pthread_ret, #__VA_ARGS__); \
-            err_sys("pthread call failed");                          \
+                    __FILE__, __LINE__, _thread_ret, #__VA_ARGS__);  \
+            err_sys("thread call failed");                           \
         }                                                            \
     } while(0)
 
@@ -529,12 +534,13 @@ typedef struct tcp_ready {
     word16 ready;              /* predicate */
     word16 port;
     char*  srfName;     /* server ready file name */
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    pthread_mutex_t mutex;
-    pthread_cond_t  cond;
+#ifndef SINGLE_THREADED
+#ifdef WOLFSSL_COND
+    wolfSSL_Mutex mutex;
+    COND_TYPE     cond;
+#else /* No signaling available, rely only on the mutex */
+    wolfSSL_Mutex mutex;
 #endif
-#ifdef NETOS
-    TX_MUTEX mutex;
 #endif
 } tcp_ready;
 
@@ -543,12 +549,12 @@ static WC_INLINE void InitTcpReady(tcp_ready* ready)
     ready->ready = 0;
     ready->port = 0;
     ready->srfName = NULL;
-#ifdef SINGLE_THREADED
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_mutex_init(&ready->mutex, 0));
-    PTHREAD_CHECK_RET(pthread_cond_init(&ready->cond, 0));
-#elif defined(NETOS)
-    tx_mutex_create(&ready->mutex, "wolfSSL Lock", TX_INHERIT);
+
+#ifndef SINGLE_THREADED
+    THREAD_CHECK_RET(wc_InitMutex(&ready->mutex));
+    #ifdef WOLFSSL_COND
+    THREAD_CHECK_RET(wolfSSL_CondInit(&ready->cond));
+    #endif
 #endif
 }
 
@@ -558,13 +564,11 @@ static WC_INLINE void InitTcpReady(tcp_ready* ready)
 
 static WC_INLINE void FreeTcpReady(tcp_ready* ready)
 {
-#ifdef SINGLE_THREADED
-    (void)ready;
-#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
-    PTHREAD_CHECK_RET(pthread_mutex_destroy(&ready->mutex));
-    PTHREAD_CHECK_RET(pthread_cond_destroy(&ready->cond));
-#elif defined(NETOS)
-    tx_mutex_delete(&ready->mutex);
+#ifndef SINGLE_THREADED
+    THREAD_CHECK_RET(wc_FreeMutex(&ready->mutex));
+#ifdef WOLFSSL_COND
+    THREAD_CHECK_RET(wolfSSL_CondFree(&ready->cond));
+#endif
 #else
     (void)ready;
 #endif
@@ -599,14 +603,14 @@ typedef struct callback_functions {
     unsigned char doUdp:1;
 } callback_functions;
 
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
 typedef struct srtp_test_helper {
-    pthread_mutex_t mutex;
-    pthread_cond_t  cond;
+    wolfSSL_Mutex mutex;
+    COND_TYPE     cond;
     uint8_t* server_srtp_ekm;
     size_t   server_srtp_ekm_size;
 } srtp_test_helper;
-#endif
+#endif /* WOLFSSL_SRTP WOLFSSL_COND */
 
 typedef struct func_args {
     int    argc;
@@ -614,7 +618,7 @@ typedef struct func_args {
     int    return_code;
     tcp_ready* signal;
     callback_functions *callbacks;
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
     srtp_test_helper* srtp_helper;
 #endif
 } func_args;
@@ -627,14 +631,10 @@ typedef struct func_args {
 
 void wait_tcp_ready(func_args* args);
 
-#ifdef WOLFSSL_ZEPHYR
-typedef void THREAD_FUNC(void*, void*, void*);
-#else
-typedef THREAD_RETURN WOLFSSL_THREAD THREAD_FUNC(void*);
-#endif
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread);
+#ifndef SINGLE_THREADED
+void start_thread(THREAD_CB fun, func_args* args, THREAD_TYPE* thread);
 void join_thread(THREAD_TYPE thread);
+#endif
 
 typedef int (*cbType)(WOLFSSL_CTX *ctx, WOLFSSL *ssl);
 
@@ -643,6 +643,19 @@ void test_wolfSSL_client_server_nofail_ex(callback_functions* client_cb,
 void test_wolfSSL_client_server_nofail(callback_functions* client_cb,
                                        callback_functions* server_cb);
 
+/* Return
+ *   tmpDir on success
+ *   NULL on failure */
+char* create_tmp_dir(char* tmpDir, int len);
+/* Remaining functions return
+ * 0 on success
+ * -1 on failure */
+int rem_dir(const char* dirName);
+int rem_file(const char* fileName);
+int copy_file(const char* in, const char* out);
+
+void signal_ready(tcp_ready* ready);
+
 /* wolfSSL */
 #ifndef TEST_IPV6
     static const char* const wolfSSLIP   = "127.0.0.1";
@@ -655,15 +668,15 @@ static const word16      wolfSSLPort = 11111;
 extern int   myoptind;
 extern char* myoptarg;
 
-#if defined(WOLFSSL_SRTP) && !defined(SINGLE_THREADED) && defined(_POSIX_THREADS)
+#if defined(WOLFSSL_SRTP) && defined(WOLFSSL_COND)
 
 static WC_INLINE void srtp_helper_init(srtp_test_helper *srtp)
 {
     srtp->server_srtp_ekm_size = 0;
     srtp->server_srtp_ekm = NULL;
 
-    PTHREAD_CHECK_RET(pthread_mutex_init(&srtp->mutex, 0));
-    PTHREAD_CHECK_RET(pthread_cond_init(&srtp->cond, 0));
+    THREAD_CHECK_RET(wc_InitMutex(&srtp->mutex));
+    THREAD_CHECK_RET(wolfSSL_CondInit(&srtp->cond));
 }
 
 /**
@@ -678,19 +691,17 @@ static WC_INLINE void srtp_helper_init(srtp_test_helper *srtp)
 static WC_INLINE void srtp_helper_get_ekm(srtp_test_helper *srtp,
                                           uint8_t **ekm, size_t *size)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&srtp->mutex));
-
-    if (srtp->server_srtp_ekm == NULL)
-        PTHREAD_CHECK_RET(pthread_cond_wait(&srtp->cond, &srtp->mutex));
-
+    THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));
+    if (srtp->server_srtp_ekm == NULL) {
+        THREAD_CHECK_RET(wolfSSL_CondWait(&srtp->cond));
+    }
     *ekm = srtp->server_srtp_ekm;
     *size = srtp->server_srtp_ekm_size;
 
     /* reset */
     srtp->server_srtp_ekm = NULL;
     srtp->server_srtp_ekm_size = 0;
-
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&srtp->mutex));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));
 }
 
 /**
@@ -707,22 +718,21 @@ static WC_INLINE void srtp_helper_get_ekm(srtp_test_helper *srtp,
 static WC_INLINE void srtp_helper_set_ekm(srtp_test_helper *srtp,
                                           uint8_t *ekm, size_t size)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_lock(&srtp->mutex));
-
+    THREAD_CHECK_RET(wolfSSL_CondStart(&srtp->cond));
     srtp->server_srtp_ekm_size = size;
     srtp->server_srtp_ekm = ekm;
-    PTHREAD_CHECK_RET(pthread_cond_signal(&srtp->cond));
-
-    PTHREAD_CHECK_RET(pthread_mutex_unlock(&srtp->mutex));
+    THREAD_CHECK_RET(wolfSSL_CondSignal(&srtp->cond));
+    THREAD_CHECK_RET(wolfSSL_CondEnd(&srtp->cond));
 }
 
 static WC_INLINE void srtp_helper_free(srtp_test_helper *srtp)
 {
-    PTHREAD_CHECK_RET(pthread_mutex_destroy(&srtp->mutex));
-    PTHREAD_CHECK_RET(pthread_cond_destroy(&srtp->cond));
+    THREAD_CHECK_RET(wc_FreeMutex(&srtp->mutex));
+    THREAD_CHECK_RET(wolfSSL_CondFree(&srtp->cond));
 }
 
-#endif /* WOLFSSL_SRTP && !SINGLE_THREADED && POSIX_THREADS */
+#endif /* WOLFSSL_SRTP && WOLFSSL_COND */
+
 
 /**
  *
@@ -1215,7 +1225,7 @@ static WC_INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
 
 #ifndef TEST_IPV6
     /* peer could be in human readable form */
-    if ( ((size_t)peer != INADDR_ANY) && isalpha((int)peer[0])) {
+    if ( ((size_t)peer != INADDR_ANY) && isalpha((unsigned char)peer[0])) {
     #ifdef WOLFSSL_USE_POPEN_HOST
         char host_ipaddr[4] = { 127, 0, 0, 1 };
         int found = 1;
@@ -1417,554 +1427,7 @@ static WC_INLINE void tcp_socket(SOCKET_T* sockfd, int udp, int sctp)
 
 #if defined(WOLFSSL_WOLFSENTRY_HOOKS) && defined(WOLFSENTRY_H)
 
-#include <wolfsentry/wolfsentry_util.h>
-
-#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
-#include <wolfsentry/wolfsentry_json.h>
-#endif
-
-#if defined(WOLFSENTRY_VERSION_GE)
-#if WOLFSENTRY_VERSION_GE(0, 8, 0)
-#define HAVE_WOLFSENTRY_API_0v8
-#endif
-#endif
-
-#ifndef HAVE_WOLFSENTRY_API_0v8
-#define WOLFSENTRY_CONTEXT_ARGS_OUT_EX(x) (x)
-#define WOLFSENTRY_CONTEXT_ARGS_OUT_EX4(x, y) (x)
-#endif
-
-struct wolfsentry_data {
-    WOLFSENTRY_SOCKADDR(128) remote;
-    WOLFSENTRY_SOCKADDR(128) local;
-    wolfsentry_route_flags_t flags;
-    void *heap;
-    int alloctype;
-};
-
-static void free_wolfsentry_data(struct wolfsentry_data *data) {
-    XFREE(data, data->heap, data->alloctype);
-}
-
-static struct wolfsentry_context *wolfsentry = NULL;
-
-static int wolfsentry_data_index = -1;
-
-static WC_INLINE int wolfsentry_store_endpoints(
-    WOLFSSL *ssl,
-    SOCKADDR_IN_T *remote,
-    SOCKADDR_IN_T *local,
-    int proto,
-    wolfsentry_route_flags_t flags,
-    struct wolfsentry_data **wolfsentry_data_out)
-{
-    struct wolfsentry_data *wolfsentry_data = (struct wolfsentry_data *)XMALLOC(
-        sizeof *wolfsentry_data, NULL, DYNAMIC_TYPE_SOCKADDR);
-    if (wolfsentry_data == NULL)
-        return WOLFSSL_FAILURE;
-
-    wolfsentry_data->heap = NULL;
-    wolfsentry_data->alloctype = DYNAMIC_TYPE_SOCKADDR;
-
-#ifdef TEST_IPV6
-    if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin6_addr) ||
-        (sizeof wolfsentry_data->local.addr < sizeof local->sin6_addr))
-        return WOLFSSL_FAILURE;
-    wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin6_family;
-    wolfsentry_data->remote.sa_port = ntohs(remote->sin6_port);
-    wolfsentry_data->local.sa_port = ntohs(local->sin6_port);
-    if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_ADDR_WILDCARD)) {
-        wolfsentry_data->remote.addr_len = 0;
-        XMEMSET(wolfsentry_data->remote.addr, 0, sizeof remote->sin6_addr);
-    } else {
-        wolfsentry_data->remote.addr_len = sizeof remote->sin6_addr * BITS_PER_BYTE;
-        XMEMCPY(wolfsentry_data->remote.addr, &remote->sin6_addr, sizeof remote->sin6_addr);
-    }
-    if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD)) {
-        wolfsentry_data->local.addr_len = 0;
-        XMEMSET(wolfsentry_data->local.addr, 0, sizeof local->sin6_addr);
-    } else {
-        wolfsentry_data->local.addr_len = sizeof local->sin6_addr * BITS_PER_BYTE;
-        XMEMCPY(wolfsentry_data->local.addr, &local->sin6_addr, sizeof local->sin6_addr);
-    }
-#else
-    if ((sizeof wolfsentry_data->remote.addr < sizeof remote->sin_addr) ||
-        (sizeof wolfsentry_data->local.addr < sizeof local->sin_addr))
-        return WOLFSSL_FAILURE;
-    wolfsentry_data->remote.sa_family = wolfsentry_data->local.sa_family = remote->sin_family;
-    wolfsentry_data->remote.sa_port = ntohs(remote->sin_port);
-    wolfsentry_data->local.sa_port = ntohs(local->sin_port);
-    if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_ADDR_WILDCARD)) {
-        wolfsentry_data->remote.addr_len = 0;
-        XMEMSET(wolfsentry_data->remote.addr, 0, sizeof remote->sin_addr);
-    } else {
-        wolfsentry_data->remote.addr_len = sizeof remote->sin_addr * BITS_PER_BYTE;
-        XMEMCPY(wolfsentry_data->remote.addr, &remote->sin_addr, sizeof remote->sin_addr);
-    }
-    if (WOLFSENTRY_MASKIN_BITS(flags, WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD)) {
-        wolfsentry_data->local.addr_len = 0;
-        XMEMSET(wolfsentry_data->local.addr, 0, sizeof local->sin_addr);
-    } else {
-        wolfsentry_data->local.addr_len = sizeof local->sin_addr * BITS_PER_BYTE;
-        XMEMCPY(wolfsentry_data->local.addr, &local->sin_addr, sizeof local->sin_addr);
-    }
-#endif
-    wolfsentry_data->remote.sa_proto = wolfsentry_data->local.sa_proto = proto;
-    wolfsentry_data->remote.interface = wolfsentry_data->local.interface = 0;
-    wolfsentry_data->flags = flags;
-
-    if (wolfSSL_set_ex_data_with_cleanup(
-            ssl, wolfsentry_data_index, wolfsentry_data,
-            (wolfSSL_ex_data_cleanup_routine_t)free_wolfsentry_data) !=
-        WOLFSSL_SUCCESS) {
-        free_wolfsentry_data(wolfsentry_data);
-        return WOLFSSL_FAILURE;
-    }
-
-    if (wolfsentry_data_out != NULL)
-        *wolfsentry_data_out = wolfsentry_data;
-
-    return WOLFSSL_SUCCESS;
-}
-
-static int wolfSentry_NetworkFilterCallback(
-    WOLFSSL *ssl,
-    struct wolfsentry_context *_wolfsentry,
-    wolfSSL_netfilter_decision_t *decision)
-{
-    struct wolfsentry_data *data;
-    char inet_ntop_buf[INET6_ADDRSTRLEN], inet_ntop_buf2[INET6_ADDRSTRLEN];
-    wolfsentry_errcode_t ret;
-    wolfsentry_action_res_t action_results;
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
-    WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
-        fprintf(stderr, "wolfsentry thread init error: "
-                WOLFSENTRY_ERROR_FMT "\n",
-                WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
-        return WOLFSSL_FAILURE;
-    }
-#endif /* WOLFSENTRY_THREADSAFE && HAVE_WOLFSENTRY_API_0v8 */
-
-    if ((data = wolfSSL_get_ex_data(ssl, wolfsentry_data_index)) == NULL)
-        return WOLFSSL_FAILURE;
-
-    ret = wolfsentry_route_event_dispatch(
-        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(_wolfsentry),
-        (const struct wolfsentry_sockaddr *)&data->remote,
-        (const struct wolfsentry_sockaddr *)&data->local,
-        data->flags,
-        NULL /* event_label */,
-        0 /* event_label_len */,
-        NULL /* caller_context */,
-        NULL /* id */,
-        NULL /* inexact_matches */,
-        &action_results);
-
-    if (ret >= 0) {
-        if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_REJECT))
-            *decision = WOLFSSL_NETFILTER_REJECT;
-        else if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_ACCEPT))
-            *decision = WOLFSSL_NETFILTER_ACCEPT;
-        else
-            *decision = WOLFSSL_NETFILTER_PASS;
-    } else {
-        fprintf(stderr, "wolfsentry_route_event_dispatch error "
-               WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
-        *decision = WOLFSSL_NETFILTER_PASS;
-    }
-
-    printf("wolfSentry got network filter callback: family=%d proto=%d rport=%d"
-           " lport=%d raddr=%s laddr=%s interface=%d; decision=%d (%s)\n",
-           data->remote.sa_family,
-           data->remote.sa_proto,
-           data->remote.sa_port,
-           data->local.sa_port,
-           inet_ntop(data->remote.sa_family, data->remote.addr, inet_ntop_buf,
-                     sizeof inet_ntop_buf),
-           inet_ntop(data->local.sa_family, data->local.addr, inet_ntop_buf2,
-                     sizeof inet_ntop_buf2),
-           data->remote.interface,
-           *decision,
-           *decision == WOLFSSL_NETFILTER_REJECT ? "REJECT" :
-           *decision == WOLFSSL_NETFILTER_ACCEPT ? "ACCEPT" :
-           *decision == WOLFSSL_NETFILTER_PASS ? "PASS" :
-           "???");
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
-    ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (ret < 0) {
-        fprintf(stderr, "wolfsentry thread exit error: "
-               WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
-    }
-#endif
-
-    return WOLFSSL_SUCCESS;
-}
-
-static int wolfsentry_setup(
-    struct wolfsentry_context **_wolfsentry,
-    const char *_wolfsentry_config_path,
-    wolfsentry_route_flags_t route_flags)
-{
-    wolfsentry_errcode_t ret;
-
-#ifdef HAVE_WOLFSENTRY_API_0v8
-#ifdef WOLFSENTRY_THREADSAFE
-    WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
-        fprintf(stderr, "wolfsentry thread init error: "
-                WOLFSENTRY_ERROR_FMT "\n",
-                WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
-        err_sys("unable to initialize wolfSentry thread context");
-    }
-#endif
-    ret =  wolfsentry_init(wolfsentry_build_settings,
-                           WOLFSENTRY_CONTEXT_ARGS_OUT_EX(NULL /* hpi */),
-                           NULL /* default config */,
-                           _wolfsentry);
-#else
-    ret =  wolfsentry_init(NULL /* hpi */, NULL /* default config */,
-                           _wolfsentry);
-#endif
-    if (ret < 0) {
-        fprintf(stderr, "wolfsentry_init() returned " WOLFSENTRY_ERROR_FMT "\n",
-                WOLFSENTRY_ERROR_FMT_ARGS(ret));
-        err_sys("unable to initialize wolfSentry");
-    }
-
-    if (wolfsentry_data_index < 0)
-        wolfsentry_data_index = wolfSSL_get_ex_new_index(0, NULL, NULL, NULL,
-                                                         NULL);
-
-#if !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON)
-    if (_wolfsentry_config_path != NULL) {
-        unsigned char buf[512];
-        char err_buf[512];
-        struct wolfsentry_json_process_state *jps;
-
-        FILE *f = fopen(_wolfsentry_config_path, "r");
-
-        if (f == NULL) {
-            fprintf(stderr, "fopen(%s): %s\n",_wolfsentry_config_path,strerror(errno));
-            err_sys("unable to open wolfSentry config file");
-        }
-
-        if ((ret = wolfsentry_config_json_init(
-                 WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
-                 WOLFSENTRY_CONFIG_LOAD_FLAG_NONE,
-                 &jps)) < 0) {
-            fprintf(stderr, "wolfsentry_config_json_init() returned "
-                    WOLFSENTRY_ERROR_FMT "\n",
-                    WOLFSENTRY_ERROR_FMT_ARGS(ret));
-            err_sys("error while initializing wolfSentry config parser");
-        }
-
-        for (;;) {
-            size_t n = fread(buf, 1, sizeof buf, f);
-            if ((n < sizeof buf) && ferror(f)) {
-                fprintf(stderr,"fread(%s): %s\n",_wolfsentry_config_path, strerror(errno));
-                err_sys("error while reading wolfSentry config file");
-            }
-
-            ret = wolfsentry_config_json_feed(jps, buf, n, err_buf, sizeof err_buf);
-            if (ret < 0) {
-                fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf);
-                err_sys("error while loading wolfSentry config file");
-            }
-            if ((n < sizeof buf) && feof(f))
-                break;
-        }
-        fclose(f);
-
-        if ((ret = wolfsentry_config_json_fini(&jps, err_buf, sizeof err_buf)) < 0) {
-            fprintf(stderr, "%.*s\n", (int)sizeof err_buf, err_buf);
-            err_sys("error while loading wolfSentry config file");
-        }
-
-    } else
-#endif /* !NO_FILESYSTEM && !WOLFSENTRY_NO_JSON */
-    {
-        struct wolfsentry_route_table *table;
-
-#ifdef WOLFSENTRY_THREADSAFE
-        ret = WOLFSENTRY_SHARED_EX(*_wolfsentry);
-        if (ret < 0) {
-            fprintf(stderr, "wolfsentry shared lock op failed: "
-                    WOLFSENTRY_ERROR_FMT ".\n",
-                    WOLFSENTRY_ERROR_FMT_ARGS(ret));
-            return ret;
-        }
-#endif
-
-        if ((ret = wolfsentry_route_get_main_table(
-                 WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
-                 &table)) < 0)
-        {
-            fprintf(stderr, "wolfsentry_route_get_main_table() returned "
-                    WOLFSENTRY_ERROR_FMT "\n",
-                    WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
-            WOLFSENTRY_WARN_ON_FAILURE(
-                wolfsentry_context_unlock(
-                    WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-            return ret;
-        }
-
-        if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT)) {
-            WOLFSENTRY_SOCKADDR(128) remote, local;
-            wolfsentry_ent_id_t id;
-            wolfsentry_action_res_t action_results;
-
-            if ((ret = wolfsentry_route_table_default_policy_set(
-                     WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
-                     table,
-                     WOLFSENTRY_ACTION_RES_ACCEPT))
-                < 0) {
-                fprintf(stderr,
-                        "wolfsentry_route_table_default_policy_set() returned "
-                        WOLFSENTRY_ERROR_FMT "\n",
-                        WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
-                WOLFSENTRY_WARN_ON_FAILURE(
-                    wolfsentry_context_unlock(
-                        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-                return ret;
-            }
-
-            XMEMSET(&remote, 0, sizeof remote);
-            XMEMSET(&local, 0, sizeof local);
-#ifdef TEST_IPV6
-            remote.sa_family = local.sa_family = AF_INET6;
-            remote.addr_len = 128;
-            XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
-#else
-            remote.sa_family = local.sa_family = AF_INET;
-            remote.addr_len = 32;
-            XMEMCPY(remote.addr, "\177\000\000\001", 4);
-#endif
-
-            if ((ret = wolfsentry_route_insert
-                 (WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
-                  NULL /* caller_context */,
-                  (const struct wolfsentry_sockaddr *)&remote,
-                  (const struct wolfsentry_sockaddr *)&local,
-                  route_flags                                    |
-                  WOLFSENTRY_ROUTE_FLAG_GREENLISTED              |
-                  WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD    |
-                  WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD|
-                  WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD |
-                  WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD   |
-                  WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD        |
-                  WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD  |
-                  WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD,
-                  0 /* event_label_len */, 0 /* event_label */, &id,
-                  &action_results)) < 0) {
-                fprintf(stderr, "wolfsentry_route_insert() returned "
-                        WOLFSENTRY_ERROR_FMT "\n",
-                        WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
-                WOLFSENTRY_WARN_ON_FAILURE(
-                    wolfsentry_context_unlock(
-                        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-                return ret;
-            }
-        } else if (WOLFSENTRY_MASKIN_BITS(route_flags, WOLFSENTRY_ROUTE_FLAG_DIRECTION_IN)) {
-            WOLFSENTRY_SOCKADDR(128) remote, local;
-            wolfsentry_ent_id_t id;
-            wolfsentry_action_res_t action_results;
-
-            if ((ret = wolfsentry_route_table_default_policy_set(
-                     WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry), table,
-                     WOLFSENTRY_ACTION_RES_REJECT|WOLFSENTRY_ACTION_RES_STOP))
-                < 0) {
-                fprintf(stderr,
-                        "wolfsentry_route_table_default_policy_set() returned "
-                        WOLFSENTRY_ERROR_FMT "\n",
-                        WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
-                WOLFSENTRY_WARN_ON_FAILURE(
-                    wolfsentry_context_unlock(
-                        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-                return ret;
-            }
-
-            XMEMSET(&remote, 0, sizeof remote);
-            XMEMSET(&local, 0, sizeof local);
-#ifdef TEST_IPV6
-            remote.sa_family = local.sa_family = AF_INET6;
-            remote.addr_len = 128;
-            XMEMCPY(remote.addr, "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\001", 16);
-#else
-            remote.sa_family = local.sa_family = AF_INET;
-            remote.addr_len = 32;
-            XMEMCPY(remote.addr, "\177\000\000\001", 4);
-#endif
-
-            if ((ret = wolfsentry_route_insert
-                 (WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry),
-                  NULL /* caller_context */,
-                  (const struct wolfsentry_sockaddr *)&remote,
-                  (const struct wolfsentry_sockaddr *)&local,
-                  route_flags                                    |
-                  WOLFSENTRY_ROUTE_FLAG_GREENLISTED              |
-                  WOLFSENTRY_ROUTE_FLAG_PARENT_EVENT_WILDCARD    |
-                  WOLFSENTRY_ROUTE_FLAG_REMOTE_INTERFACE_WILDCARD|
-                  WOLFSENTRY_ROUTE_FLAG_LOCAL_INTERFACE_WILDCARD |
-                  WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD   |
-                  WOLFSENTRY_ROUTE_FLAG_SA_PROTO_WILDCARD        |
-                  WOLFSENTRY_ROUTE_FLAG_SA_REMOTE_PORT_WILDCARD  |
-                  WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD,
-                  0 /* event_label_len */, 0 /* event_label */, &id,
-                  &action_results)) < 0) {
-                fprintf(stderr, "wolfsentry_route_insert() returned "
-                        WOLFSENTRY_ERROR_FMT "\n",
-                        WOLFSENTRY_ERROR_FMT_ARGS(ret));
-#ifdef WOLFSENTRY_THREADSAFE
-                WOLFSENTRY_WARN_ON_FAILURE(
-                    wolfsentry_context_unlock(
-                        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-                return ret;
-            }
-        }
-#ifdef WOLFSENTRY_THREADSAFE
-        WOLFSENTRY_WARN_ON_FAILURE(
-            wolfsentry_context_unlock(
-                WOLFSENTRY_CONTEXT_ARGS_OUT_EX(*_wolfsentry)));
-#endif
-    }
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
-    ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (ret < 0) {
-        fprintf(stderr, "wolfsentry thread exit error: "
-               WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
-    }
-#endif
-
-    return 0;
-}
-
-static WC_INLINE int tcp_connect_with_wolfSentry(
-    SOCKET_T* sockfd,
-    const char* ip,
-    word16 port,
-    int udp,
-    int sctp,
-    WOLFSSL* ssl,
-    struct wolfsentry_context *_wolfsentry)
-{
-    SOCKADDR_IN_T remote_addr;
-    struct wolfsentry_data *wolfsentry_data;
-    char inet_ntop_buf[INET6_ADDRSTRLEN], inet_ntop_buf2[INET6_ADDRSTRLEN];
-    wolfsentry_errcode_t ret;
-    wolfsentry_action_res_t action_results;
-    wolfSSL_netfilter_decision_t decision;
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
-    WOLFSENTRY_THREAD_HEADER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (WOLFSENTRY_THREAD_GET_ERROR < 0) {
-        fprintf(stderr, "wolfsentry thread init error: "
-                WOLFSENTRY_ERROR_FMT "\n",
-                WOLFSENTRY_ERROR_FMT_ARGS(WOLFSENTRY_THREAD_GET_ERROR));
-        err_sys("unable to initialize wolfSentry thread context");
-    }
-#endif
-
-    build_addr(&remote_addr, ip, port, udp, sctp);
-
-    {
-        SOCKADDR_IN_T local_addr;
-#ifdef TEST_IPV6
-        local_addr.sin6_port = 0;
-#else
-        local_addr.sin_port = 0;
-#endif
-        ((struct sockaddr *)&local_addr)->sa_family = ((struct sockaddr *)&remote_addr)->sa_family;
-
-        if (wolfsentry_store_endpoints(
-                ssl, &remote_addr, &local_addr,
-                udp ? IPPROTO_UDP : IPPROTO_TCP,
-                WOLFSENTRY_ROUTE_FLAG_DIRECTION_OUT|
-                WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_ADDR_WILDCARD|
-                WOLFSENTRY_ROUTE_FLAG_SA_LOCAL_PORT_WILDCARD, &wolfsentry_data) != WOLFSSL_SUCCESS)
-            return WOLFSSL_FAILURE;
-    }
-
-    ret = wolfsentry_route_event_dispatch(
-        WOLFSENTRY_CONTEXT_ARGS_OUT_EX(_wolfsentry),
-        (const struct wolfsentry_sockaddr *)&wolfsentry_data->remote,
-        (const struct wolfsentry_sockaddr *)&wolfsentry_data->local,
-        wolfsentry_data->flags,
-        NULL /* event_label */,
-        0    /* event_label_len */,
-        NULL /* caller_context */,
-        NULL /* id */,
-        NULL /* inexact_matches */,
-        &action_results);
-
-    if (ret < 0) {
-        fprintf(stderr, "wolfsentry_route_event_dispatch error "
-               WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
-        decision = WOLFSSL_NETFILTER_PASS;
-    } else {
-        if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_REJECT))
-            decision = WOLFSSL_NETFILTER_REJECT;
-        else if (WOLFSENTRY_MASKIN_BITS(action_results, WOLFSENTRY_ACTION_RES_ACCEPT))
-            decision = WOLFSSL_NETFILTER_ACCEPT;
-        else
-            decision = WOLFSSL_NETFILTER_PASS;
-    }
-
-    printf("wolfSentry callin from tcp_connect_with_wolfSentry: family=%d proto=%d rport=%d"
-           " lport=%d raddr=%s laddr=%s interface=%d; decision=%d (%s)\n",
-           wolfsentry_data->remote.sa_family,
-           wolfsentry_data->remote.sa_proto,
-           wolfsentry_data->remote.sa_port,
-           wolfsentry_data->local.sa_port,
-           inet_ntop(wolfsentry_data->remote.sa_family, wolfsentry_data->remote.addr, inet_ntop_buf,
-                     sizeof inet_ntop_buf),
-           inet_ntop(wolfsentry_data->local.sa_family, wolfsentry_data->local.addr, inet_ntop_buf2,
-                     sizeof inet_ntop_buf2),
-           wolfsentry_data->remote.interface,
-           decision,
-           decision == WOLFSSL_NETFILTER_REJECT ? "REJECT" :
-           decision == WOLFSSL_NETFILTER_ACCEPT ? "ACCEPT" :
-           decision == WOLFSSL_NETFILTER_PASS ?   "PASS" :
-           "???");
-
-    if (decision == WOLFSSL_NETFILTER_REJECT)
-        return SOCKET_FILTERED_E;
-
-    if (udp) {
-        wolfSSL_dtls_set_peer(ssl, &remote_addr, sizeof(remote_addr));
-    }
-    tcp_socket(sockfd, udp, sctp);
-
-    if (!udp) {
-        if (connect(*sockfd, (const struct sockaddr*)&remote_addr, sizeof(remote_addr)) != 0)
-            err_sys_with_errno("tcp connect failed");
-    }
-
-#if defined(WOLFSENTRY_THREADSAFE) && defined(HAVE_WOLFSENTRY_API_0v8)
-    ret = WOLFSENTRY_THREAD_TAILER(WOLFSENTRY_THREAD_FLAG_NONE);
-    if (ret < 0) {
-        fprintf(stderr, "wolfsentry thread exit error: "
-               WOLFSENTRY_ERROR_FMT "\n", WOLFSENTRY_ERROR_FMT_ARGS(ret));
-    }
-#endif
-
-    return WOLFSSL_SUCCESS;
-}
-
-#define tcp_connect(sockfd, ip, port, udp, sctp, ssl) \
-    tcp_connect_with_wolfSentry(sockfd, ip, port, udp, sctp, ssl, wolfsentry)
+#include <wolfsentry/wolfssl_test.h>
 
 #else /* !WOLFSSL_WOLFSENTRY_HOOKS */
 
@@ -2187,7 +1650,8 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
     if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0)
         err_sys_with_errno("tcp bind failed");
 
-    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS)
+    #if !defined(USE_WINDOWS_API) && !defined(WOLFSSL_TIRTOS) && \
+           !defined(SINGLE_THREADED)
         if (port == 0) {
             socklen_t len = sizeof(addr);
             if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) {
@@ -2198,31 +1662,24 @@ static WC_INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
                 #endif
             }
         }
+    #else
+        (void)port;
     #endif
 
     if (args != NULL && args->signal != NULL) {
-#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
-        /* signal ready to accept data */
+#ifndef SINGLE_THREADED
         tcp_ready* ready = args->signal;
-        PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
-        ready->ready = 1;
-        ready->port = port;
-        PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
-        PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
-#elif defined (WOLFSSL_TIRTOS)
-        /* Need mutex? */
-        tcp_ready* ready = args->signal;
-        ready->ready = 1;
-        ready->port = port;
-#elif defined(NETOS)
-        tcp_ready* ready = args->signal;
-        (void)tx_mutex_get(&ready->mutex, TX_WAIT_FOREVER);
+    #ifdef WOLFSSL_COND
+        THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+    #endif
         ready->ready = 1;
         ready->port = port;
-        (void)tx_mutex_put(&ready->mutex);
-#else
-        (void)port;
-#endif
+    #ifdef WOLFSSL_COND
+        /* signal ready to accept data */
+        THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+        THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+    #endif
+#endif /* !SINGLE_THREADED */
     }
     else {
         fprintf(stderr, "args or args->signal was NULL. Not setting ready info.");
@@ -2248,36 +1705,22 @@ static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
     if(do_listen) {
         tcp_listen(sockfd, &port, useAnyAddr, udp, sctp);
 
-    #if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
+#ifndef SINGLE_THREADED
         /* signal ready to tcp_accept */
         if (args)
             ready = args->signal;
         if (ready) {
-            PTHREAD_CHECK_RET(pthread_mutex_lock(&ready->mutex));
-            ready->ready = 1;
-            ready->port = port;
-            PTHREAD_CHECK_RET(pthread_cond_signal(&ready->cond));
-            PTHREAD_CHECK_RET(pthread_mutex_unlock(&ready->mutex));
-        }
-    #elif defined (WOLFSSL_TIRTOS)
-        /* Need mutex? */
-        if (args)
-            ready = args->signal;
-        if (ready) {
-            ready->ready = 1;
-            ready->port = port;
-        }
-    #elif defined(NETOS)
-        /* signal ready to tcp_accept */
-        if (args)
-            ready = args->signal;
-        if (ready) {
-            (void)tx_mutex_get(&ready->mutex, TX_WAIT_FOREVER);
+        #ifdef WOLFSSL_COND
+            THREAD_CHECK_RET(wolfSSL_CondStart(&ready->cond));
+        #endif
             ready->ready = 1;
             ready->port = port;
-            (void)tx_mutex_put(&ready->mutex);
+        #ifdef WOLFSSL_COND
+            THREAD_CHECK_RET(wolfSSL_CondSignal(&ready->cond));
+            THREAD_CHECK_RET(wolfSSL_CondEnd(&ready->cond));
+        #endif
         }
-    #endif
+#endif /* !SINGLE_THREADED */
 
         if (ready_file) {
         #if !defined(NO_FILESYSTEM) || defined(FORCE_BUFFER_TEST) && \
@@ -2313,7 +1756,7 @@ static WC_INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
 
 static WC_INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
 {
-    #ifdef USE_WINDOWS_API
+    #if defined(USE_WINDOWS_API) || defined(EBSNET)
         unsigned long blocking = 1;
         int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
         if (ret == SOCKET_ERROR)
@@ -2574,7 +2017,7 @@ static WC_INLINE unsigned int my_psk_client_cs_cb(WOLFSSL* ssl,
 
 #ifdef WOLFSSL_PSK_MULTI_ID_PER_CS
     /* Multiple calls for each cipher suite. First identity byte indicates the
-     * number of identites seen so far for cipher suite. */
+     * number of identities seen so far for cipher suite. */
     if (identity[0] != 0) {
         return 0;
     }
@@ -2897,7 +2340,8 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
     char buffer[WOLFSSL_MAX_ERROR_SZ];
 #if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
     WOLFSSL_X509* peer;
-#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM)
+#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM) && \
+    !defined(OPENSSL_EXTRA_X509_SMALL)
     WOLFSSL_BIO* bio = NULL;
     WOLFSSL_STACK* sk = NULL;
     X509* x509 = NULL;
@@ -2942,7 +2386,8 @@ static WC_INLINE int myVerify(int preverify, WOLFSSL_X509_STORE_CTX* store)
 
         XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
         XFREE(issuer,  0, DYNAMIC_TYPE_OPENSSL);
-#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM)
+#if defined(SHOW_CERTS) && !defined(NO_FILESYSTEM) && \
+    !defined(OPENSSL_EXTRA_X509_SMALL)
         /* avoid printing duplicate certs */
         if (store->depth == 1) {
             int i;
@@ -3224,6 +2669,11 @@ static WC_INLINE int myMacEncryptCb(WOLFSSL* ssl, unsigned char* macOut,
             iv  = wolfSSL_GetServerWriteIV(ssl);
         }
 
+        ret = wc_AesInit(&encCtx->aes, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            fprintf(stderr, "AesInit failed in myMacEncryptCb\n");
+            return ret;
+        }
         ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
         if (ret != 0) {
             fprintf(stderr, "AesSetKey failed in myMacEncryptCb\n");
@@ -3280,6 +2730,11 @@ static WC_INLINE int myDecryptVerifyCb(WOLFSSL* ssl,
             iv  = wolfSSL_GetServerWriteIV(ssl);
         }
 
+        ret = wc_AesInit(&decCtx->aes, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            fprintf(stderr, "AesInit failed in myDecryptVerifyCb\n");
+            return ret;
+        }
         ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
         if (ret != 0) {
             fprintf(stderr, "AesSetKey failed in myDecryptVerifyCb\n");
@@ -3374,6 +2829,11 @@ static WC_INLINE int myEncryptMacCb(WOLFSSL* ssl, unsigned char* macOut,
             iv  = wolfSSL_GetServerWriteIV(ssl);
         }
 
+        ret = wc_AesInit(&encCtx->aes, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            fprintf(stderr, "AesInit failed in myMacEncryptCb\n");
+            return ret;
+        }
         ret = wc_AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
         if (ret != 0) {
             fprintf(stderr, "AesSetKey failed in myMacEncryptCb\n");
@@ -3472,6 +2932,11 @@ static WC_INLINE int myVerifyDecryptCb(WOLFSSL* ssl,
             iv  = wolfSSL_GetServerWriteIV(ssl);
         }
 
+        ret = wc_AesInit(&decCtx->aes, NULL, INVALID_DEVID);
+        if (ret != 0) {
+            fprintf(stderr, "AesInit failed in myDecryptVerifyCb\n");
+            return ret;
+        }
         ret = wc_AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
         if (ret != 0) {
             fprintf(stderr, "AesSetKey failed in myDecryptVerifyCb\n");
@@ -3496,6 +2961,7 @@ static WC_INLINE int myVerifyDecryptCb(WOLFSSL* ssl,
 
 static WC_INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
 {
+#if !defined(NO_HMAC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
     AtomicEncCtx* encCtx;
     AtomicDecCtx* decCtx;
 
@@ -3511,7 +2977,6 @@ static WC_INLINE void SetupAtomicUser(WOLFSSL_CTX* ctx, WOLFSSL* ssl)
     }
     XMEMSET(decCtx, 0, sizeof(AtomicDecCtx));
 
-#if !defined(NO_HMAC) && !defined(NO_AES) && defined(HAVE_AES_CBC)
     wolfSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb);
     wolfSSL_SetMacEncryptCtx(ssl, encCtx);
 
@@ -3547,7 +3012,7 @@ static WC_INLINE void FreeAtomicUser(WOLFSSL* ssl)
     if (decCtx != NULL) {
         if (decCtx->keySetup  == 1)
             wc_AesFree(&decCtx->aes);
-    free(decCtx);
+        free(decCtx);
     }
 }
 
@@ -3613,7 +3078,7 @@ typedef struct PkCbInfo {
 #if defined(DEBUG_PK_CB) || defined(TEST_PK_PRIVKEY)
     #define WOLFSSL_PKMSG(...) printf(__VA_ARGS__)
 #else
-    #define WOLFSSL_PKMSG(...)
+    #define WOLFSSL_PKMSG(...) WC_DO_NOTHING
 #endif
 
 #ifdef HAVE_ECC
@@ -5283,210 +4748,4 @@ void DEBUG_WRITE_DER(const byte* der, int derSz, const char* fileName);
 
 #define DTLS_CID_BUFFER_SIZE 256
 
-#if !defined(NO_FILESYSTEM) && (                                               \
-    defined(WOLFSSL_TICKET_NONCE_MALLOC) && defined(HAVE_SESSION_TICKET)       \
-    && defined(WOLFSSL_TLS13) &&                                               \
-    (!defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(5,3)))\
-    ||                                                                         \
-    (defined(WOLFSSL_DTLS) && !defined(WOLFSSL_NO_TLS12) &&                    \
-     !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER))               \
-    ||                                                                         \
-        (defined(HAVE_SECURE_RENEGOTIATION) &&                                 \
-            !defined(NO_RSA) &&                                                \
-            defined(HAVE_CHACHA) && defined(HAVE_POLY1305) &&                  \
-            defined(WOLFSSL_SHA384) && defined(WOLFSSL_AES_256) &&             \
-            defined(HAVE_AESGCM))                                              \
-     ) ||                                                                      \
-    (defined(HAVE_SESSION_TICKET)  && !defined(WOLFSSL_NO_TLS12) &&            \
-    !defined(WOLFSSL_TICKET_DECRYPT_NO_CREATE) &&                              \
-    !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER) &&              \
-    !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB))  || \
-    (defined(WOLFSSL_EXTRA_ALERTS) && !defined(WOLFSSL_NO_TLS12) &&            \
-    !defined(NO_FILESYSTEM) && !defined(NO_CERTS) &&                           \
-    !defined(NO_RSA)        && !defined(SINGLE_THREADED) &&                    \
-    !defined(NO_WOLFSSL_SERVER) && !defined(NO_WOLFSSL_CLIENT))
-#define TEST_MEMIO_BUF_SZ (64 * 1024)
-struct test_memio_ctx
-{
-    byte c_buff[TEST_MEMIO_BUF_SZ];
-    int c_len;
-    const char* c_ciphers;
-    byte s_buff[TEST_MEMIO_BUF_SZ];
-    int s_len;
-    const char* s_ciphers;
-};
-
-static WC_INLINE int test_memio_write_cb(WOLFSSL *ssl, char *data, int sz,
-    void *ctx)
-{
-    struct test_memio_ctx *test_ctx;
-    byte *buf;
-    int *len;
-
-    test_ctx = (struct test_memio_ctx*)ctx;
-
-    if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
-        buf = test_ctx->c_buff;
-        len = &test_ctx->c_len;
-    }
-    else {
-        buf = test_ctx->s_buff;
-        len = &test_ctx->s_len;
-    }
-
-    if ((unsigned)(*len + sz) > TEST_MEMIO_BUF_SZ)
-            return WOLFSSL_CBIO_ERR_WANT_READ;
-
-    XMEMCPY(buf + *len, data, sz);
-    *len += sz;
-
-    return sz;
-}
-
-static WC_INLINE int test_memio_read_cb(WOLFSSL *ssl, char *data, int sz,
-    void *ctx)
-{
-    struct test_memio_ctx *test_ctx;
-    int read_sz;
-    byte *buf;
-    int *len;
-
-    test_ctx = (struct test_memio_ctx*)ctx;
-
-    if (wolfSSL_GetSide(ssl) == WOLFSSL_SERVER_END) {
-        buf = test_ctx->s_buff;
-        len = &test_ctx->s_len;
-    }
-    else {
-        buf = test_ctx->c_buff;
-        len = &test_ctx->c_len;
-    }
-
-    if (*len == 0)
-        return WOLFSSL_CBIO_ERR_WANT_READ;
-
-    read_sz = sz < *len ? sz : *len;
-
-    XMEMCPY(data, buf, read_sz);
-    XMEMMOVE(buf, buf + read_sz, *len - read_sz);
-
-    *len -= read_sz;
-
-    return read_sz;
-}
-
-static WC_INLINE int test_memio_do_handshake(WOLFSSL *ssl_c, WOLFSSL *ssl_s,
-    int max_rounds, int *rounds)
-{
-    byte handshake_complete = 0, hs_c = 0, hs_s = 0;
-    int ret, err;
-
-    if (rounds != NULL)
-        *rounds = 0;
-    while (!handshake_complete && max_rounds > 0) {
-        if (!hs_c) {
-            ret = wolfSSL_connect(ssl_c);
-            if (ret == WOLFSSL_SUCCESS) {
-                hs_c = 1;
-            }
-            else {
-                err = wolfSSL_get_error(ssl_c, ret);
-                if (err != WOLFSSL_ERROR_WANT_READ &&
-                    err != WOLFSSL_ERROR_WANT_WRITE)
-                    return -1;
-            }
-        }
-        if (!hs_s) {
-            ret = wolfSSL_accept(ssl_s);
-            if (ret == WOLFSSL_SUCCESS) {
-                hs_s = 1;
-            }
-            else {
-                err = wolfSSL_get_error(ssl_s, ret);
-                if (err != WOLFSSL_ERROR_WANT_READ &&
-                    err != WOLFSSL_ERROR_WANT_WRITE)
-                    return -1;
-            }
-        }
-        handshake_complete = hs_c && hs_s;
-        max_rounds--;
-        if (rounds != NULL)
-            *rounds = *rounds + 1;
-    }
-
-    if (!handshake_complete)
-        return -1;
-
-    return 0;
-}
-
-static WC_INLINE int test_memio_setup(struct test_memio_ctx *ctx,
-    WOLFSSL_CTX **ctx_c, WOLFSSL_CTX **ctx_s, WOLFSSL **ssl_c, WOLFSSL **ssl_s,
-    method_provider method_c, method_provider method_s)
-{
-    int ret;
-
-    if (ctx_c != NULL && *ctx_c == NULL) {
-        *ctx_c = wolfSSL_CTX_new(method_c());
-        if (*ctx_c == NULL)
-            return -1;
-#ifndef NO_CERTS
-        ret = wolfSSL_CTX_load_verify_locations(*ctx_c, caCertFile, 0);
-        if (ret != WOLFSSL_SUCCESS)
-            return -1;
-#endif /* NO_CERTS */
-        wolfSSL_SetIORecv(*ctx_c, test_memio_read_cb);
-        wolfSSL_SetIOSend(*ctx_c, test_memio_write_cb);
-        if (ctx->c_ciphers != NULL) {
-            ret = wolfSSL_CTX_set_cipher_list(*ctx_c, ctx->c_ciphers);
-            if (ret != WOLFSSL_SUCCESS)
-                return -1;
-        }
-    }
-
-    if (ctx_s != NULL && *ctx_s == NULL) {
-        *ctx_s = wolfSSL_CTX_new(method_s());
-        if (*ctx_s == NULL)
-            return -1;
-#ifndef NO_CERTS
-        ret = wolfSSL_CTX_use_PrivateKey_file(*ctx_s, svrKeyFile,
-            WOLFSSL_FILETYPE_PEM);
-        if (ret != WOLFSSL_SUCCESS)
-            return- -1;
-        ret = wolfSSL_CTX_use_certificate_file(*ctx_s, svrCertFile,
-                                               WOLFSSL_FILETYPE_PEM);
-        if (ret != WOLFSSL_SUCCESS)
-            return -1;
-#endif
-        wolfSSL_SetIORecv(*ctx_s, test_memio_read_cb);
-        wolfSSL_SetIOSend(*ctx_s, test_memio_write_cb);
-        if (ctx->s_ciphers != NULL) {
-            ret = wolfSSL_CTX_set_cipher_list(*ctx_s, ctx->s_ciphers);
-            if (ret != WOLFSSL_SUCCESS)
-                return -1;
-        }
-    }
-
-    if (ctx_c != NULL && ssl_c != NULL) {
-        *ssl_c = wolfSSL_new(*ctx_c);
-        if (*ssl_c == NULL)
-            return -1;
-        wolfSSL_SetIOWriteCtx(*ssl_c, ctx);
-        wolfSSL_SetIOReadCtx(*ssl_c, ctx);
-    }
-    if (ctx_s != NULL && ssl_s != NULL) {
-        *ssl_s = wolfSSL_new(*ctx_s);
-        if (*ssl_s == NULL)
-            return -1;
-        wolfSSL_SetIOWriteCtx(*ssl_s, ctx);
-        wolfSSL_SetIOReadCtx(*ssl_s, ctx);
-#if !defined(NO_DH)
-        SetDH(*ssl_s);
-#endif
-    }
-
-    return 0;
-}
-#endif
-
 #endif /* wolfSSL_TEST_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/version.h b/extra/wolfssl/wolfssl/wolfssl/version.h
index 424d8d27..c0cad152 100644
--- a/extra/wolfssl/wolfssl/wolfssl/version.h
+++ b/extra/wolfssl/wolfssl/wolfssl/version.h
@@ -28,8 +28,8 @@
 extern "C" {
 #endif
 
-#define LIBWOLFSSL_VERSION_STRING "5.6.3"
-#define LIBWOLFSSL_VERSION_HEX 0x05006003
+#define LIBWOLFSSL_VERSION_STRING "5.6.6"
+#define LIBWOLFSSL_VERSION_HEX 0x05006006
 
 #ifdef __cplusplus
 }
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
index 90cb8a86..75653bad 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/aes.h
@@ -36,6 +36,33 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
 
 #include <wolfssl/wolfcrypt/types.h>
 
+#if !defined(NO_AES) || defined(WOLFSSL_SM4)
+typedef struct Gcm {
+    ALIGN16 byte H[16];
+#ifdef OPENSSL_EXTRA
+    word32 aadH[4]; /* additional authenticated data GHASH */
+    word32 aadLen;  /* additional authenticated data len */
+#endif
+#ifdef GCM_TABLE
+    /* key-based fast multiplication table. */
+    ALIGN16 byte M0[256][16];
+#elif defined(GCM_TABLE_4BIT)
+    #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
+        ALIGN16 byte M0[16][16];
+    #else
+        ALIGN16 byte M0[32][16];
+    #endif
+#endif /* GCM_TABLE */
+} Gcm;
+
+WOLFSSL_LOCAL void GenerateM0(Gcm* gcm);
+#ifdef WOLFSSL_ARMASM
+WOLFSSL_LOCAL void GMULT(byte* X, byte* Y);
+#endif
+WOLFSSL_LOCAL void GHASH(Gcm* gcm, const byte* a, word32 aSz, const byte* c,
+                         word32 cSz, byte* s, word32 sSz);
+#endif
+
 #ifndef NO_AES
 
 #if defined(HAVE_FIPS) && \
@@ -43,18 +70,6 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-/* included for fips @wc_fips */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#include <cyassl/ctaocrypt/aes.h>
-#if defined(CYASSL_AES_COUNTER) && !defined(WOLFSSL_AES_COUNTER)
-    #define WOLFSSL_AES_COUNTER
-#endif
-#if !defined(WOLFSSL_AES_DIRECT) && defined(CYASSL_AES_DIRECT)
-    #define WOLFSSL_AES_DIRECT
-#endif
-#endif
-
 #ifndef WC_NO_RNG
     #include <wolfssl/wolfcrypt/random.h>
 #endif
@@ -117,15 +132,21 @@ block cipher mechanism that uses n-bit binary string parameter key with 128-bits
     #include <wolfssl/wolfcrypt/port/arm/cryptoCell.h>
 #endif
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
-    defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+    defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)) ||\
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     #include <wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h>
 #endif
 
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    #include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h>
+#endif
+
 #ifdef WOLFSSL_MAXQ10XX_CRYPTO
     #include <wolfssl/wolfcrypt/port/maxim/maxq10xx.h>
 #endif
 
+
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -184,11 +205,53 @@ enum {
     WOLF_ENUM_DUMMY_LAST_ELEMENT(AES)
 };
 
+#ifdef WC_AES_BITSLICED
+    #ifdef WC_AES_BS_WORD_SIZE
+        #define BS_WORD_SIZE        WC_AES_BS_WORD_SIZE
+    #elif defined(NO_64BIT)
+        #define BS_WORD_SIZE        32
+    #else
+        #define BS_WORD_SIZE        64
+    #endif
+
+    /* Number of bits to a block. */
+    #define AES_BLOCK_BITS      (AES_BLOCK_SIZE * 8)
+    /* Number of bytes of input that can be processed in one call. */
+    #define BS_BLOCK_SIZE       (AES_BLOCK_SIZE * BS_WORD_SIZE)
+    /* Number of words in a block.  */
+    #define BS_BLOCK_WORDS      (AES_BLOCK_BITS / BS_WORD_SIZE)
+
+    #if BS_WORD_SIZE == 64
+        typedef word64          bs_word;
+        #define BS_WORD_SHIFT   6
+        #define bs_bswap(x)     ByteReverseWord64(x)
+    #elif BS_WORD_SIZE == 32
+        typedef word32          bs_word;
+        #define BS_WORD_SHIFT   5
+        #define bs_bswap(x)     ByteReverseWord32(x)
+    #elif BS_WORD_SIZE == 16
+        typedef word16          bs_word;
+        #define BS_WORD_SHIFT   4
+        #define bs_bswap(x)     ByteReverseWord16(x)
+    #elif BS_WORD_SIZE == 8
+        typedef word8           bs_word;
+        #define BS_WORD_SHIFT   3
+        #define bs_bswap(x)     (x)
+    #else
+        #error "Word size not supported"
+    #endif
+#endif
 
 struct Aes {
-    /* AESNI needs key first, rounds 2nd, not sure why yet */
     ALIGN16 word32 key[60];
+#ifdef WC_AES_BITSLICED
+    /* Extra key schedule space required for bit-slicing technique. */
+    ALIGN16 bs_word bs_key[15 * AES_BLOCK_SIZE * BS_WORD_SIZE];
+#endif
     word32  rounds;
+#ifdef WC_AES_C_DYNAMIC_FALLBACK
+    word32 key_C_fallback[60];
+#endif
     int     keylen;
 
     ALIGN16 word32 reg[AES_BLOCK_SIZE / sizeof(word32)];      /* for CBC mode */
@@ -199,11 +262,7 @@ struct Aes {
     word32 nonceSz;
 #endif
 #ifdef HAVE_AESGCM
-    ALIGN16 byte H[AES_BLOCK_SIZE];
-#ifdef OPENSSL_EXTRA
-    word32 aadH[4]; /* additional authenticated data GHASH */
-    word32 aadLen;  /* additional authenticated data len */
-#endif
+    Gcm gcm;
 
 #ifdef WOLFSSL_SE050
     sss_symmetric_t aes_ctx; /* used as the function context */
@@ -212,16 +271,6 @@ struct Aes {
     byte   keyIdSet;
     byte   useSWCrypt; /* Use SW crypt instead of SE050, before SCP03 auth */
 #endif
-#ifdef GCM_TABLE
-    /* key-based fast multiplication table. */
-    ALIGN16 byte M0[256][AES_BLOCK_SIZE];
-#elif defined(GCM_TABLE_4BIT)
-    #if defined(BIG_ENDIAN_ORDER) || defined(WC_16BIT_CPU)
-        ALIGN16 byte M0[16][AES_BLOCK_SIZE];
-    #else
-        ALIGN16 byte M0[32][AES_BLOCK_SIZE];
-    #endif
-#endif /* GCM_TABLE */
 #ifdef HAVE_CAVIUM_OCTEON_SYNC
     word32 y0;
 #endif
@@ -292,13 +341,13 @@ struct Aes {
 #if defined(WOLFSSL_CRYPTOCELL)
     aes_context_t ctx;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) && \
-    defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if (defined(WOLFSSL_RENESAS_TSIP_TLS) && \
+    defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)) ||\
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     TSIP_AES_CTX ctx;
 #endif
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
-    defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    SCE_AES_CTX ctx;
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    FSPSM_AES_CTX ctx;
 #endif
 #if defined(WOLFSSL_IMXRT_DCP)
     dcp_handle_t handle;
@@ -331,6 +380,11 @@ struct Aes {
     byte         nonceSet:1;
     byte         ctrSet:1;
 #endif
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+    void *CipherLifecycleTag; /* used for dummy allocation and initialization,
+                               * trackable by sanitizers.
+                               */
+#endif
 };
 
 #ifndef WC_AES_TYPE_DEFINED
@@ -345,6 +399,26 @@ typedef struct XtsAes {
 } XtsAes;
 #endif
 
+#if (!defined(WC_AESFREE_IS_MANDATORY)) &&                              \
+    (defined(WC_DEBUG_CIPHER_LIFECYCLE) ||                              \
+     (defined(WOLFSSL_ASYNC_CRYPT) && defined(WC_ASYNC_ENABLE_AES)) ||  \
+     defined(WOLFSSL_AFALG) || defined(WOLFSSL_AFALG_XILINX_AES) ||     \
+     defined(WOLFSSL_KCAPI_AES) ||                                      \
+     (defined(WOLFSSL_DEVCRYPTO) &&                                     \
+      (defined(WOLFSSL_DEVCRYPTO_AES) ||                                \
+       defined(WOLFSSL_DEVCRYPTO_CBC))) ||                              \
+     defined(WOLFSSL_IMXRT_DCP) ||                                      \
+     (defined(WOLFSSL_AESGCM_STREAM) && defined(WOLFSSL_SMALL_STACK) && \
+      !defined(WOLFSSL_AESNI)) ||                                       \
+     (defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_CRYPT)) ||        \
+     (defined(WOLFSSL_HAVE_PSA) && !defined(WOLFSSL_PSA_NO_AES)) ||     \
+     defined(WOLFSSL_MAXQ10XX_CRYPTO) ||                                \
+     ((defined(WOLFSSL_RENESAS_FSPSM_TLS) ||                            \
+       defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)) &&                     \
+      !defined(NO_WOLFSSL_RENESAS_FSPSM_AES)))
+#define WC_AESFREE_IS_MANDATORY
+#endif
+
 #ifdef HAVE_AESGCM
 typedef struct Gmac {
     Aes aes;
@@ -414,16 +488,13 @@ WOLFSSL_API int wc_AesEcbDecrypt(Aes* aes, byte* out,
 #ifdef WOLFSSL_AES_COUNTER
  WOLFSSL_API int wc_AesCtrEncrypt(Aes* aes, byte* out,
                                    const byte* in, word32 sz);
+ WOLFSSL_API int wc_AesCtrSetKey(Aes* aes, const byte* key, word32 len,
+                                        const byte* iv, int dir);
+
 #endif
 /* AES-DIRECT */
 #if defined(WOLFSSL_AES_DIRECT)
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
- WOLFSSL_API void wc_AesEncryptDirect(Aes* aes, byte* out, const byte* in);
- WOLFSSL_API void wc_AesDecryptDirect(Aes* aes, byte* out, const byte* in);
- WOLFSSL_API int wc_AesSetKeyDirect(Aes* aes, const byte* key, word32 len,
-                                const byte* iv, int dir);
-#elif defined(BUILDING_WOLFSSL)
+#if defined(BUILDING_WOLFSSL)
  WOLFSSL_API WARN_UNUSED_RESULT int wc_AesEncryptDirect(Aes* aes, byte* out,
                                                         const byte* in);
  WOLFSSL_API WARN_UNUSED_RESULT int wc_AesDecryptDirect(Aes* aes, byte* out,
@@ -505,8 +576,6 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
                                const byte* authIn, word32 authInSz,
                                const byte* authTag, word32 authTagSz);
 #endif /* WC_NO_RNG */
- WOLFSSL_LOCAL void GHASH(Aes* aes, const byte* a, word32 aSz, const byte* c,
-                               word32 cSz, byte* s, word32 sSz);
 #endif /* HAVE_AESGCM */
 #ifdef HAVE_AESCCM
  WOLFSSL_LOCAL int wc_AesCcmCheckTagSize(int sz);
@@ -529,6 +598,7 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
                                    byte* authTag, word32 authTagSz,
                                    const byte* authIn, word32 authInSz);
 #endif /* HAVE_AESCCM */
+
 #ifdef HAVE_AES_KEYWRAP
  WOLFSSL_API int  wc_AesKeyWrap(const byte* key, word32 keySz,
                                 const byte* in, word32 inSz,
@@ -550,6 +620,11 @@ WOLFSSL_API int wc_AesGcmDecryptFinal(Aes* aes, const byte* authTag,
 
 #ifdef WOLFSSL_AES_XTS
 
+WOLFSSL_API int wc_AesXtsInit(XtsAes* aes, void* heap, int devId);
+
+WOLFSSL_API int wc_AesXtsSetKeyNoInit(XtsAes* aes, const byte* key,
+         word32 len, int dir);
+
 WOLFSSL_API int wc_AesXtsSetKey(XtsAes* aes, const byte* key,
          word32 len, int dir, void* heap, int devId);
 
@@ -565,6 +640,14 @@ WOLFSSL_API int wc_AesXtsEncrypt(XtsAes* aes, byte* out,
 WOLFSSL_API int wc_AesXtsDecrypt(XtsAes* aes, byte* out,
         const byte* in, word32 sz, const byte* i, word32 iSz);
 
+WOLFSSL_API int wc_AesXtsEncryptConsecutiveSectors(XtsAes* aes,
+        byte* out, const byte* in, word32 sz, word64 sector,
+        word32 sectorSz);
+
+WOLFSSL_API int wc_AesXtsDecryptConsecutiveSectors(XtsAes* aes,
+        byte* out, const byte* in, word32 sz, word64 sector,
+        word32 sectorSz);
+
 WOLFSSL_API int wc_AesXtsFree(XtsAes* aes);
 #endif
 
@@ -590,6 +673,71 @@ int wc_AesSivDecrypt(const byte* key, word32 keySz, const byte* assoc,
                      const byte* in, word32 inSz, byte* siv, byte* out);
 #endif
 
+#ifdef WOLFSSL_AES_EAX
+
+/* Because of the circular dependency between AES and CMAC, we need to prevent
+ * inclusion of AES EAX from CMAC to avoid a recursive inclusion */
+#ifndef WOLF_CRYPT_CMAC_H
+#include <wolfssl/wolfcrypt/cmac.h>
+struct AesEax {
+    Aes  aes;
+    Cmac nonceCmac;
+    Cmac aadCmac;
+    Cmac ciphertextCmac;
+    byte nonceCmacFinal[AES_BLOCK_SIZE];
+    byte aadCmacFinal[AES_BLOCK_SIZE];
+    byte ciphertextCmacFinal[AES_BLOCK_SIZE];
+    byte prefixBuf[AES_BLOCK_SIZE];
+};
+#endif /* !defined(WOLF_CRYPT_CMAC_H) */
+
+typedef struct AesEax AesEax;
+
+/* One-shot API */
+WOLFSSL_API int  wc_AesEaxEncryptAuth(const byte* key, word32 keySz, byte* out,
+                                      const byte* in, word32 inSz,
+                                      const byte* nonce, word32 nonceSz,
+                                      /* output computed auth tag */
+                                      byte* authTag, word32 authTagSz,
+                                      /* input data to authenticate (header) */
+                                      const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int  wc_AesEaxDecryptAuth(const byte* key, word32 keySz, byte* out,
+                                      const byte* in, word32 inSz,
+                                      const byte* nonce, word32 nonceSz,
+                                      /* auth tag to verify against */
+                                      const byte* authTag, word32 authTagSz,
+                                      /* input data to authenticate (header) */
+                                      const byte* authIn, word32 authInSz);
+
+/* Incremental API */
+WOLFSSL_API int  wc_AesEaxInit(AesEax* eax,
+                               const byte* key, word32 keySz,
+                               const byte* nonce, word32 nonceSz,
+                               const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int  wc_AesEaxEncryptUpdate(AesEax* eax, byte* out,
+                                        const byte* in, word32 inSz,
+                                        const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int  wc_AesEaxDecryptUpdate(AesEax* eax, byte* out,
+                                        const byte* in, word32 inSz,
+                                        const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int  wc_AesEaxAuthDataUpdate(AesEax* eax,
+                                       const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxEncryptFinal(AesEax* eax,
+                                      byte* authTag, word32 authTagSz);
+
+WOLFSSL_API int wc_AesEaxDecryptFinal(AesEax* eax,
+                                      const byte* authIn, word32 authInSz);
+
+WOLFSSL_API int wc_AesEaxFree(AesEax* eax);
+
+#endif /* WOLFSSL_AES_EAX */
+
+
 #ifdef __cplusplus
     } /* extern "C" */
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
index 24d8362c..351517e4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn.h
@@ -45,12 +45,6 @@ that can be serialized and deserialized in a cross-platform way.
 
 #include <wolfssl/wolfcrypt/wolfmath.h>
 
-/* fips declare of RsaPrivateKeyDecode @wc_fips */
-#if defined(HAVE_FIPS) && !defined(NO_RSA) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    #include <cyassl/ctaocrypt/rsa.h>
-#endif
-
 #ifndef NO_DH
     #include <wolfssl/wolfcrypt/dh.h>
 #endif
@@ -64,6 +58,9 @@ that can be serialized and deserialized in a cross-platform way.
     #include <wolfssl/wolfcrypt/md5.h>
 #endif
 #include <wolfssl/wolfcrypt/sha256.h>
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
 #include <wolfssl/wolfcrypt/asn_public.h>   /* public interface */
 
 #if defined(NO_SHA) && defined(NO_SHA256)
@@ -139,6 +136,7 @@ enum ASN_Tags {
     ASN_DIR_TYPE          = 0x04,
     ASN_URI_TYPE          = 0x06, /* the value 6 is from GeneralName OID */
     ASN_IP_TYPE           = 0x07, /* the value 7 is from GeneralName OID */
+    ASN_RID_TYPE          = 0x08,
 
     /* PKCS #7 types */
     ASN_ENC_CONTENT       = 0x00,
@@ -707,8 +705,10 @@ enum DN_Tags {
     ASN_DNQUALIFIER   = 0x2e,   /* dnQualifier */
 #endif /* WOLFSSL_CERT_NAME_ALL */
 
-    ASN_EMAIL_NAME    = 0x98,   /* not actual OID (see attrEmailOid) */
-    ASN_CUSTOM_NAME   = 0x99,   /* not actual OID (see CertOidField) */
+
+    ASN_CONTENT_TYPE  = 0x97, /* not actual OID (see attrPkcs9ContentTypeOid) */
+    ASN_EMAIL_NAME    = 0x98, /* not actual OID (see attrEmailOid) */
+    ASN_CUSTOM_NAME   = 0x99, /* not actual OID (see CertOidField) */
 
     /* pilot attribute types
      * OID values of 0.9.2342.19200300.100.1.* */
@@ -765,6 +765,7 @@ extern const WOLFSSL_ObjectInfo wolfssl_object_info[];
 #define WOLFSSL_USER_ID          "/UID="
 #define WOLFSSL_DOMAIN_COMPONENT "/DC="
 #define WOLFSSL_FAVOURITE_DRINK  "/favouriteDrink="
+#define WOLFSSL_CONTENT_TYPE     "/contentType="
 
 #if defined(WOLFSSL_APACHE_HTTPD)
     /* otherName strings */
@@ -897,13 +898,22 @@ enum ECC_TYPES
     #endif
 #endif
 
+/* Maximum OID dotted form size. */
+#define ASN1_OID_DOTTED_MAX_SZ         16
+
+#ifndef WOLFSSL_ASN_MAX_LENGTH_SZ
+    #define WOLFSSL_ASN_MAX_LENGTH_SZ 5 /* 1 byte length + 4 bytes of number */
+#endif
+
 enum Misc_ASN {
     MAX_SALT_SIZE       =  64,     /* MAX PKCS Salt length */
     MAX_IV_SIZE         =  64,     /* MAX PKCS Iv length */
     ASN_BOOL_SIZE       =   2,     /* including type */
     ASN_ECC_HEADER_SZ   =   2,     /* String type + 1 byte len */
     ASN_ECC_CONTEXT_SZ  =   2,     /* Content specific type + 1 byte len */
-#if defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    KEYID_SIZE          = WC_SM3_DIGEST_SIZE,
+#elif defined(NO_SHA) || (!defined(NO_SHA256) && defined(WC_ASN_HASH_SHA256))
     KEYID_SIZE          = WC_SHA256_DIGEST_SIZE,
 #else
     KEYID_SIZE          = WC_SHA_DIGEST_SIZE,
@@ -937,18 +947,18 @@ enum Misc_ASN {
 #endif
     MAX_SIG_SZ          = 256,
     MAX_ALGO_SZ         =  20,
-    MAX_SHORT_SZ        =   6,     /* asn int + byte len + 4 byte length */
-    MAX_LENGTH_SZ       =   4,     /* Max length size for DER encoding */
-    MAX_SEQ_SZ          =   5,     /* enum(seq | con) + length(4) */
-    MAX_SET_SZ          =   5,     /* enum(set | con) + length(4) */
-    MAX_OCTET_STR_SZ    =   5,     /* enum(set | con) + length(4) */
-    MAX_EXP_SZ          =   5,     /* enum(contextspec|con|exp) + length(4) */
-    MAX_PRSTR_SZ        =   5,     /* enum(prstr) + length(4) */
+    MAX_LENGTH_SZ       = WOLFSSL_ASN_MAX_LENGTH_SZ, /* Max length size for DER encoding */
+    MAX_SHORT_SZ        = (1 + MAX_LENGTH_SZ),     /* asn int + byte len + 4 byte length */
+    MAX_SEQ_SZ          = (1 + MAX_LENGTH_SZ), /* enum(seq | con) + length(5) */
+    MAX_SET_SZ          = (1 + MAX_LENGTH_SZ), /* enum(set | con) + length(5) */
+    MAX_OCTET_STR_SZ    = (1 + MAX_LENGTH_SZ), /* enum(set | con) + length(5) */
+    MAX_EXP_SZ          = (1 + MAX_LENGTH_SZ), /* enum(contextspec|con|exp) + length(5) */
+    MAX_PRSTR_SZ        = (1 + MAX_LENGTH_SZ), /* enum(prstr) + length(5) */
     MAX_VERSION_SZ      =   5,     /* enum + id + version(byte) + (header(2))*/
-    MAX_ENCODED_DIG_ASN_SZ= 9,     /* enum(bit or octet) + length(4) */
+    MAX_ENCODED_DIG_ASN_SZ = (5 + MAX_LENGTH_SZ),   /* enum(bit or octet) + length(5) */
     MAX_ENCODED_DIG_SZ  =  64 + MAX_ENCODED_DIG_ASN_SZ, /* asn header + sha512 */
-    MAX_RSA_INT_SZ      = 517,     /* RSA raw sz 4096 for bits + tag + len(4) */
-    MAX_DSA_INT_SZ      = 389,     /* DSA raw sz 3072 for bits + tag + len(4) */
+    MAX_RSA_INT_SZ      = (512 + 1 + MAX_LENGTH_SZ), /* RSA raw sz 4096 for bits + tag + len(5) */
+    MAX_DSA_INT_SZ      = (384 + 1 + MAX_LENGTH_SZ), /* DSA raw sz 3072 for bits + tag + len(5) */
     MAX_DSA_PUBKEY_SZ   = (DSA_PUB_INTS * MAX_DSA_INT_SZ) + (2 * MAX_SEQ_SZ) +
                           2 + MAX_LENGTH_SZ, /* Maximum size of a DSA public
                                       key taken from wc_SetDsaPublicKey. */
@@ -998,7 +1008,6 @@ enum Misc_ASN {
     MAX_CERTPOL_NB      = CTC_MAX_CERTPOL_NB,/* Max number of Cert Policy */
     MAX_CERTPOL_SZ      = CTC_MAX_CERTPOL_SZ,
 #endif
-    MAX_AIA_SZ          = 2,       /* Max Authority Info Access extension size*/
     OCSP_NONCE_EXT_SZ   = 35,      /* OCSP Nonce Extension size */
     MAX_OCSP_EXT_SZ     = 58,      /* Max OCSP Extension length */
     MAX_OCSP_NONCE_SZ   = 16,      /* OCSP Nonce size           */
@@ -1085,7 +1094,8 @@ enum Hash_Sum  {
     SHA3_384h = 422,
     SHA3_512h = 423,
     SHAKE128h = 424,
-    SHAKE256h = 425
+    SHAKE256h = 425,
+    SM3h      = 640
 };
 
 #if !defined(NO_DES3) || !defined(NO_AES)
@@ -1119,6 +1129,7 @@ enum Key_Sum {
     RSAPSSk           = 654,
     RSAESOAEPk        = 651, /* 1.2.840.113549.1.1.7 */
     ECDSAk            = 518,
+    SM2k              = 667,
     ED25519k          = 256, /* 1.3.101.112 */
     X25519k           = 254, /* 1.3.101.110 */
     ED448k            = 257, /* 1.3.101.113 */
@@ -1359,6 +1370,10 @@ struct DNS_entry {
 #if defined(OPENSSL_ALL) || defined(WOLFSSL_IP_ALT_NAME)
     char*      ipString; /* human readable form of IP address */
 #endif
+#if defined(OPENSSL_ALL)
+    char*      ridString; /* human readable form of registeredID */
+#endif
+
 #ifdef WOLFSSL_FPKI
     int        oidSum; /* provide oid sum for verification */
 #endif
@@ -1405,7 +1420,7 @@ enum SignatureState {
 #endif
 #endif /* HAVE_PK_CALLBACKS */
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
     defined(HAVE_PK_CALLBACKS)
 typedef struct tagCertAttribute {
         byte   verifyByTSIP_SCE;
@@ -1478,7 +1493,7 @@ struct SignatureCtx {
 #endif
 #endif /* HAVE_PK_CALLBACKS */
 #ifndef NO_RSA
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT) ||\
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS) ||\
     defined(HAVE_PK_CALLBACKS)
     CertAttribute  CertAtt;
 #endif
@@ -1653,6 +1668,12 @@ struct DecodedCert {
     int     extCrlInfoSz;            /* length of the URI                */
     byte    extSubjKeyId[KEYID_SIZE]; /* Subject Key ID                  */
     byte    extAuthKeyId[KEYID_SIZE]; /* Authority Key ID                */
+#ifdef WOLFSSL_AKID_NAME
+    const byte* extAuthKeyIdIssuer;  /* Authority Key ID authorityCertIssuer */
+    word32  extAuthKeyIdIssuerSz;    /* Authority Key ID authorityCertIssuer length */
+    const byte* extAuthKeyIdIssuerSN; /* Authority Key ID authorityCertSerialNumber */
+    word32  extAuthKeyIdIssuerSNSz;   /* Authority Key ID authorityCertSerialNumber length */
+#endif
     byte    pathLength;              /* CA basic constraint path length  */
     byte    maxPathLen;              /* max_path_len see RFC 5280 section
                                       * 6.1.2 "Initialization" - (k) for
@@ -1699,6 +1720,9 @@ struct DecodedCert {
 
 #if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
     word32  pkCurveOID;           /* Public Key's curve OID */
+    #ifdef WOLFSSL_CUSTOM_CURVES
+        int  pkCurveSize;         /* Public Key's curve size */
+    #endif
 #endif /* HAVE_ECC */
     const byte* beforeDate;
     int     beforeDateLen;
@@ -1846,7 +1870,7 @@ struct DecodedCert {
 #ifndef NO_CERTS
     SignatureCtx sigCtx;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     byte*  sce_tsip_encRsaKeyIdx;
 #endif
 #ifdef WOLFSSL_MAXQ10XX_TLS
@@ -1907,13 +1931,18 @@ struct DecodedCert {
 #ifdef WOLFSSL_CERT_REQ
     byte isCSR : 1;                /* Do we intend on parsing a CSR? */
 #endif
+#ifdef HAVE_RPK
+    byte isRPK : 1;   /* indicate the cert is Raw-Public-Key cert in RFC7250 */
+#endif
 #if defined(WOLFSSL_CUSTOM_OID) && defined(WOLFSSL_ASN_TEMPLATE) \
     && defined(HAVE_OID_DECODING)
     wc_UnknownExtCallback unknownExtCallback;
 #endif
 };
 
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    #define SIGNER_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
     #define SIGNER_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
 #else
     #define SIGNER_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -1926,8 +1955,6 @@ struct Signer {
     word32  keyOID;                  /* key type */
     word16  keyUsage;
     byte    maxPathLen;
-    byte    pathLength;
-    byte    pathLengthSet : 1;
     byte    selfSigned : 1;
     const byte* publicKey;
     int     nameLen;
@@ -1938,17 +1965,26 @@ struct Signer {
 #endif /* IGNORE_NAME_CONSTRAINTS */
     byte    subjectNameHash[SIGNER_DIGEST_SIZE];
                                      /* sha hash of names in certificate */
+    #if defined(HAVE_OCSP) || defined(HAVE_CRL)
+        byte    issuerNameHash[SIGNER_DIGEST_SIZE];
+                                     /* sha hash of issuer names in certificate.
+                                      * Used in OCSP to check for authorized
+                                      * responders. */
+    #endif
     #ifndef NO_SKID
         byte    subjectKeyIdHash[SIGNER_DIGEST_SIZE];
-                                     /* sha hash of names in certificate */
+                                     /* sha hash of key in certificate */
     #endif
     #ifdef HAVE_OCSP
         byte subjectKeyHash[KEYID_SIZE];
     #endif
+#if defined(WOLFSSL_AKID_NAME) || defined(HAVE_CRL)
+    byte serialHash[SIGNER_DIGEST_SIZE]; /* serial number hash */
+#endif
 #ifdef WOLFSSL_SIGNER_DER_CERT
     DerBuffer* derCert;
 #endif
-#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_SCEPROTECT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
     word32 cm_idx;
 #endif
     Signer* next;
@@ -2021,7 +2057,10 @@ typedef enum MimeStatus
 #endif /* HAVE_SMIME */
 
 
+WOLFSSL_LOCAL int HashIdAlg(word32 oidSum);
 WOLFSSL_LOCAL int CalcHashId(const byte* data, word32 len, byte* hash);
+WOLFSSL_LOCAL int CalcHashId_ex(const byte* data, word32 len, byte* hash,
+    int hashAlg);
 WOLFSSL_LOCAL int GetName(DecodedCert* cert, int nameType, int maxIdx);
 
 WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
@@ -2076,6 +2115,7 @@ WOLFSSL_LOCAL int DecodeToKey(DecodedCert* cert, int verify);
 #ifdef WOLFSSL_ASN_TEMPLATE
 WOLFSSL_LOCAL int DecodeCert(DecodedCert* cert, int verify, int* criticalExt);
 #endif
+WOLFSSL_LOCAL int TryDecodeRPKToKey(DecodedCert* cert);
 WOLFSSL_LOCAL int wc_GetPubX509(DecodedCert* cert, int verify, int* badDate);
 
 WOLFSSL_LOCAL const byte* OidFromId(word32 id, word32 type, word32* oidSz);
@@ -2159,12 +2199,17 @@ WOLFSSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx,
                               int* version, word32 maxIdx);
 WOLFSSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx,
                          word32 maxIdx);
+WOLFSSL_ASN_API int GetASNInt(const byte* input, word32* inOutIdx, int* len,
+                              word32 maxIdx);
 
 #ifdef HAVE_OID_ENCODING
+    WOLFSSL_API int wc_EncodeObjectId(const word16* in, word32 inSz,
+        byte* out, word32* outSz);
     WOLFSSL_LOCAL int EncodeObjectId(const word16* in, word32 inSz,
         byte* out, word32* outSz);
 #endif
-#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT)
+#if defined(HAVE_OID_DECODING) || defined(WOLFSSL_ASN_PRINT) || \
+    defined(OPENSSL_ALL)
     WOLFSSL_LOCAL int DecodeObjectId(const byte* in, word32 inSz,
         word16* out, word32* outSz);
 #endif
@@ -2207,6 +2252,8 @@ WOLFSSL_LOCAL int wc_GetSerialNumber(const byte* input, word32* inOutIdx,
 #endif
 WOLFSSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash,
                               int maxIdx);
+WOLFSSL_LOCAL int GetNameHash_ex(const byte* source, word32* idx, byte* hash,
+                                 int maxIdx, word32 sigOID);
 WOLFSSL_LOCAL int wc_CheckPrivateKeyCert(const byte* key, word32 keySz, DecodedCert* der);
 WOLFSSL_LOCAL int wc_CheckPrivateKey(const byte* privKey, word32 privKeySz,
                                      const byte* pubKey, word32 pubKeySz, enum Key_Sum ks);
@@ -2260,6 +2307,14 @@ WOLFSSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type,
 WOLFSSL_LOCAL int AllocDer(DerBuffer** der, word32 length, int type, void* heap);
 WOLFSSL_LOCAL void FreeDer(DerBuffer** der);
 
+#if (defined(WOLFSSL_CERT_GEN) && defined(WOLFSSL_CERT_EXT)) || \
+    (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
+WOLFSSL_LOCAL int ParseKeyUsageStr(const char* value, word16* keyUsage,
+        void* heap);
+WOLFSSL_LOCAL int ParseExtKeyUsageStr(const char* value, byte* extKeyUsage,
+        void* heap);
+#endif /* (CERT_GEN && CERT_EXT) || (OPENSSL_ALL || OPENSSL_EXTRA) */
+
 #endif /* !NO_CERTS */
 
 #ifdef HAVE_SMIME
@@ -2364,7 +2419,9 @@ struct CertStatus {
 
 typedef struct OcspEntry OcspEntry;
 
-#ifdef NO_SHA
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+#define OCSP_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+#elif defined(NO_SHA)
 #define OCSP_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
 #else
 #define OCSP_DIGEST_SIZE WC_SHA_DIGEST_SIZE
@@ -2427,11 +2484,19 @@ struct OcspResponse {
 struct OcspRequest {
     byte   issuerHash[KEYID_SIZE];
     byte   issuerKeyHash[KEYID_SIZE];
+#if defined(WOLFSSL_SM2) && defined(WOLFSSL_SM3)
+    int    hashSz;
+#endif
     byte*  serial;   /* copy of the serial number in source cert */
     int    serialSz;
 #ifdef OPENSSL_EXTRA
     WOLFSSL_ASN1_INTEGER* serialInt;
 #endif
+#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || \
+    defined(WOLFSSL_HAPROXY) || defined(WOLFSSL_APACHE_HTTPD) || \
+    defined(HAVE_LIGHTY)
+    void* cid; /* WOLFSSL_OCSP_CERTID kept to free */
+#endif
     byte*  url;      /* copy of the extAuthInfo in source cert */
     int    urlSz;
 
@@ -2566,11 +2631,12 @@ enum PBESTypes {
     PBE_AES128_CBC     = 5,
     PBE_SHA1_40RC2_CBC = 6,
 
-    PBE_SHA1_RC4_128_SUM = 657,
-    PBE_SHA1_DES3_SUM    = 659,
-    PBE_MD5_DES_SUM      = 651,
-    PBE_SHA1_DES_SUM     = 658,
-    PBES2_SUM            = 661,
+    PBE_SHA1_RC4_128_SUM   = 657,
+    PBE_SHA1_DES3_SUM      = 659,
+    PBE_SHA1_40RC2_CBC_SUM = 662,
+    PBE_MD5_DES_SUM        = 651,
+    PBE_SHA1_DES_SUM       = 658,
+    PBES2_SUM              = 661,
 
     PBES2              = 13,       /* algo ID */
     PBES1_MD5_DES      = 3,
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
index 21399b8f..a4395ed0 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/asn_public.h
@@ -104,6 +104,7 @@ enum Ecc_Sum {
     ECC_SECP256R1_OID = 526,
     ECC_SECP256K1_OID = 186,
     ECC_BRAINPOOLP256R1_OID = 104,
+    ECC_SM2P256V1_OID = 667,
     ECC_X25519_OID = 365,
     ECC_ED25519_OID = 256,
     ECC_BRAINPOOLP320R1_OID = 106,
@@ -116,6 +117,26 @@ enum Ecc_Sum {
 };
 
 
+enum EncPkcs8Types {
+    ENC_PKCS8_VER_PKCS12 = 1,
+    ENC_PKCS8_VER_PKCS5 =  5,
+
+    ENC_PKCS8_PBES2 =  13,
+
+    ENC_PKCS8_PBE_SHA1_RC4_128   = 1,
+    ENC_PKCS8_PBE_SHA1_DES       = 2,
+    ENC_PKCS8_PBE_SHA1_DES3      = 3,
+    ENC_PKCS8_PBE_SHA1_40RC2_CBC = 6,
+
+    ENC_PKCS8_PBES1_MD5_DES      = 3,
+    ENC_PKCS8_PBES1_SHA1_DES     = 10,
+
+    ENC_PKCS8_ALG_AES128CBC = 414,
+    ENC_PKCS8_ALG_AES256CBC = 454,
+    ENC_PKCS8_ALG_DES       = 69,
+    ENC_PKCS8_ALG_DES3      = 652
+};
+
 /* Certificate file Type */
 enum CertType {
     CERT_TYPE       = 0,
@@ -154,7 +175,8 @@ enum CertType {
     SPHINCS_SMALL_LEVEL1_TYPE,
     SPHINCS_SMALL_LEVEL3_TYPE,
     SPHINCS_SMALL_LEVEL5_TYPE,
-    ECC_PARAM_TYPE
+    ECC_PARAM_TYPE,
+    CHAIN_CERT_TYPE
 };
 
 
@@ -187,6 +209,8 @@ enum Ctc_SigType {
 
     CTC_RSASSAPSS    = 654,
 
+    CTC_SM3wSM2      = 740, /* 1.2.156.10197.1.501 */
+
     CTC_ED25519      = 256,
     CTC_ED448        = 257,
 
@@ -368,7 +392,9 @@ typedef struct CertExtension {
 } CertExtension;
 #endif
 
-#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL)
+#if defined(WOLFSSL_CERT_GEN) || defined(OPENSSL_EXTRA) || \
+    defined(OPENSSL_EXTRA_X509_SMALL) || defined(WOLFSSL_CERT_EXT) || \
+    defined(WOLFSSL_CERT_REQ)
 typedef struct CertName {
     char country[CTC_NAME_SIZE];
     char countryEnc;
@@ -422,6 +448,7 @@ typedef struct CertName {
 
 #ifndef NUM_CUSTOM_EXT
 #define NUM_CUSTOM_EXT 16
+#endif /* NUM_CUSTOM_EXT */
 
 /* for user to fill for certificate generation */
 typedef struct Cert {
@@ -503,6 +530,9 @@ typedef struct Cert {
     byte*   der;              /* Pointer to buffer of current DecodedCert cache */
     void*   heap;             /* heap hint */
     byte    basicConstSet:1;  /* Indicator for when Basic Constraint is set */
+#ifdef WOLFSSL_ALLOW_ENCODING_CA_FALSE
+    byte    isCaSet:1;        /* Indicator for when isCA is set */
+#endif
     byte    pathLenSet:1;     /* Indicator for when path length is set */
 #ifdef WOLFSSL_ALT_NAMES
     byte    altNamesCrit:1;   /* Indicator of criticality of SAN extension */
@@ -618,7 +648,6 @@ WOLFSSL_API int wc_SetCustomExtension(Cert *cert, int critical, const char *oid,
 #endif
 
 #endif /* WOLFSSL_CERT_EXT */
-#endif /* WOLFSSL_CERT_GEN */
 
 WOLFSSL_API int wc_GetDateInfo(const byte* certDate, int certDateSz,
     const byte** date, byte* format, int* length);
@@ -723,6 +752,8 @@ WOLFSSL_API int wc_DhPrivKeyToDer(DhKey* key, byte* out, word32* outSz);
     WOLFSSL_ABI
     WOLFSSL_API int wc_EccPrivateKeyDecode(const byte* input, word32* inOutIdx,
                                            ecc_key* key, word32 inSz);
+    WOLFSSL_LOCAL int wc_BuildEccKeyDer(ecc_key* key, byte* output, word32 *inLen,
+                                        int pubIn, int curveIn);
     WOLFSSL_ABI
     WOLFSSL_API int wc_EccKeyToDer(ecc_key* key, byte* output, word32 inLen);
     WOLFSSL_API int wc_EccPrivateKeyToDer(ecc_key* key, byte* output,
@@ -911,9 +942,6 @@ WOLFSSL_API int wc_GetUUIDFromCert(struct DecodedCert* cert,
 WOLFSSL_API int wc_GetFASCNFromCert(struct DecodedCert* cert,
                                     byte* fascn, word32* fascnSz);
 #endif /* WOLFSSL_FPKI */
-#ifdef __cplusplus
-    } /* extern "C" */
-#endif
 
 #if !defined(XFPRINTF) || defined(NO_FILESYSTEM) || \
     defined(NO_STDIO_FILESYSTEM) && defined(WOLFSSL_ASN_PRINT)
@@ -1015,4 +1043,8 @@ WOLFSSL_API int wc_Asn1_PrintAll(Asn1* asn1, Asn1PrintOptions* opts,
 
 #endif /* WOLFSSL_ASN_PRINT */
 
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
 #endif /* WOLF_CRYPT_ASN_PUBLIC_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
index 679952ba..5fbda43c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cmac.h
@@ -98,10 +98,16 @@ WOLFSSL_API
 int wc_CmacUpdate(Cmac* cmac,
                   const byte* in, word32 inSz);
 WOLFSSL_API
+int wc_CmacFinalNoFree(Cmac* cmac,
+                       byte* out, word32* outSz);
+WOLFSSL_API
 int wc_CmacFinal(Cmac* cmac,
                  byte* out, word32* outSz);
 
 WOLFSSL_API
+int wc_CmacFree(Cmac* cmac);
+
+WOLFSSL_API
 int wc_AesCmacGenerate(byte* out, word32* outSz,
                        const byte* in, word32 inSz,
                        const byte* key, word32 keySz);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
index c1b4307f..cf38444f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/cryptocb.h
@@ -72,13 +72,23 @@
     #include <wolfssl/wolfcrypt/sha512.h>
 #endif
 
+#ifdef WOLF_CRYPTO_CB_CMD
+/* CryptoCb Commands */
+enum wc_CryptoCbCmdType {
+    WC_CRYPTOCB_CMD_TYPE_NONE = 0,
+    WC_CRYPTOCB_CMD_TYPE_REGISTER,
+    WC_CRYPTOCB_CMD_TYPE_UNREGISTER,
+
+    WC_CRYPTOCB_CMD_TYPE_MAX = WC_CRYPTOCB_CMD_TYPE_UNREGISTER
+};
+#endif
+
 /* Crypto Information Structure for callbacks */
 typedef struct wc_CryptoInfo {
     int algo_type; /* enum wc_AlgoType */
 #if HAVE_ANONYMOUS_INLINE_AGGREGATES
     union {
 #endif
-#if !defined(NO_RSA) || defined(HAVE_ECC)
     struct {
         int type; /* enum wc_PkType */
 #if HAVE_ANONYMOUS_INLINE_AGGREGATES
@@ -195,7 +205,6 @@ typedef struct wc_CryptoInfo {
         };
 #endif
     } pk;
-#endif /* !NO_RSA || HAVE_ECC */
 #if !defined(NO_AES) || !defined(NO_DES3)
     struct {
         int type; /* enum wc_CipherType */
@@ -356,6 +365,12 @@ typedef struct wc_CryptoInfo {
         int type;
     } cmac;
 #endif
+#ifdef WOLF_CRYPTO_CB_CMD
+    struct {      /* uses wc_AlgoType=ALGO_NONE */
+        int type; /* enum wc_CryptoCbCmdType */
+        void *ctx;
+    } cmd;
+#endif
 #if HAVE_ANONYMOUS_INLINE_AGGREGATES
     };
 #endif
@@ -365,6 +380,7 @@ typedef struct wc_CryptoInfo {
 typedef int (*CryptoDevCallbackFunc)(int devId, wc_CryptoInfo* info, void* ctx);
 
 WOLFSSL_LOCAL void wc_CryptoCb_Init(void);
+WOLFSSL_LOCAL void wc_CryptoCb_Cleanup(void);
 WOLFSSL_LOCAL int wc_CryptoCb_GetDevIdAtIndex(int startIdx);
 WOLFSSL_API int  wc_CryptoCb_RegisterDevice(int devId, CryptoDevCallbackFunc cb, void* ctx);
 WOLFSSL_API void wc_CryptoCb_UnRegisterDevice(int devId);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
index 7f6bed03..3b25a9df 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/curve25519.h
@@ -61,9 +61,9 @@ typedef struct {
 /* ECC point, the internal structure is Little endian
  * the mathematical functions used the endianness */
 typedef struct ECPoint {
-    byte point[CURVE25519_KEYSIZE];
+    ALIGN16 byte point[CURVE25519_KEYSIZE];
 #ifdef FREESCALE_LTC_ECC
-    byte pointY[CURVE25519_KEYSIZE];
+    ALIGN16 byte pointY[CURVE25519_KEYSIZE];
 #endif
     byte pointSz;
 } ECPoint;
@@ -80,13 +80,14 @@ struct curve25519_key {
                            curve in dp */
     const curve25519_set_type* dp;   /* domain parameters, either points to
                                    curves (idx >= 0) or user supplied */
-    ECPoint   p;                     /* public point for key  */
-    byte      k[CURVE25519_KEYSIZE]; /* private scaler for key */
+    ECPoint      p;                     /* public point for key  */
+    ALIGN16 byte k[CURVE25519_KEYSIZE]; /* private scaler for key */
 
 #ifdef WOLFSSL_ASYNC_CRYPT
     WC_ASYNC_DEV asyncDev;
 #endif
 #if defined(WOLF_CRYPTO_CB)
+    void* devCtx;
     int devId;
 #endif
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
index 96e154dd..d5b12321 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/des3.h
@@ -35,12 +35,6 @@
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    /* included for fips @wc_fips */
-    #include <cyassl/ctaocrypt/des3.h>
-#endif
-
 #ifdef __cplusplus
     extern "C" {
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
index 1709b597..5f67d2d6 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ecc.h
@@ -107,7 +107,7 @@
     #define MAX_ECC_BITS_NEEDED    384
 #elif defined(HAVE_ECC320)
     #define MAX_ECC_BITS_NEEDED    320
-#elif !defined(NO_ECC256)
+#elif !defined(NO_ECC256) || defined(WOLFSSL_SM2)
     #define MAX_ECC_BITS_NEEDED    256
 #elif defined(HAVE_ECC239)
     #define MAX_ECC_BITS_NEEDED    239
@@ -243,6 +243,9 @@ typedef enum ecc_curve_id {
     ECC_BRAINPOOLP384R1,
     ECC_BRAINPOOLP512R1,
 
+    /* SM2 */
+    ECC_SM2P256V1,
+
     /* Twisted Edwards Curves */
 #ifdef HAVE_CURVE25519
     ECC_X25519,
@@ -502,6 +505,7 @@ struct ecc_key {
     byte pubkey_raw[ECC_MAX_CRYPTO_HW_PUBKEY_SIZE];
 #endif
 #if defined(PLUTON_CRYPTO_ECC) || defined(WOLF_CRYPTO_CB)
+    void* devCtx;
     int devId;
 #endif
 #if defined(HAVE_PKCS11)
@@ -892,8 +896,12 @@ enum ecEncAlgo {
 };
 
 enum ecKdfAlgo {
-    ecHKDF_SHA256 = 1,  /* default */
-    ecHKDF_SHA1   = 2
+    ecHKDF_SHA256      = 1,  /* default */
+    ecHKDF_SHA1        = 2,
+    ecKDF_X963_SHA1    = 3,
+    ecKDF_X963_SHA256  = 4,
+    ecKDF_SHA1         = 5,
+    ecKDF_SHA256       = 6
 };
 
 enum ecMacAlgo {
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
index 8306f44b..0d6ef49f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed25519.h
@@ -85,12 +85,12 @@ enum {
 
 /* An ED25519 Key */
 struct ed25519_key {
-    byte    p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
-    byte    k[ED25519_PRV_KEY_SIZE]; /* private key : 32 secret -- 32 public */
+    ALIGN16 byte p[ED25519_PUB_KEY_SIZE]; /* compressed public key */
+    ALIGN16 byte k[ED25519_PRV_KEY_SIZE]; /* private key: 32 secret, 32 pub */
 #ifdef FREESCALE_LTC_ECC
     /* uncompressed point coordinates */
-    byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
-    byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
+    ALIGN16 byte pointX[ED25519_KEY_SIZE]; /* recovered X coordinate */
+    ALIGN16 byte pointY[ED25519_KEY_SIZE]; /* Y coordinate is the public key with The most significant bit of the final octet always zero. */
 #endif
 #ifdef WOLFSSL_SE050
     word32 keyId;
@@ -103,6 +103,7 @@ struct ed25519_key {
     WC_ASYNC_DEV asyncDev;
 #endif
 #if defined(WOLF_CRYPTO_CB)
+    void* devCtx;
     int devId;
 #endif
     void *heap;
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
index a5845fbe..b45671d7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ed448.h
@@ -92,6 +92,7 @@ struct ed448_key {
     WC_ASYNC_DEV asyncDev;
 #endif
 #if defined(WOLF_CRYPTO_CB)
+    void* devCtx;
     int devId;
 #endif
     void *heap;
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
index 5c062efd..d29ac13b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/error-crypt.h
@@ -33,11 +33,6 @@ the error status.
 
 #include <wolfssl/wolfcrypt/types.h>
 
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    #include <cyassl/ctaocrypt/error-crypt.h>
-#endif /* HAVE_FIPS V1 */
-
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -54,7 +49,7 @@ enum {
     BAD_MUTEX_E        = -106,  /* Bad mutex operation */
     WC_TIMEOUT_E       = -107,  /* timeout error */
     WC_PENDING_E       = -108,  /* wolfCrypt operation pending (would block) */
-    WC_NOT_PENDING_E   = -109,  /* wolfCrypt operation not pending */
+    WC_NO_PENDING_E    = -109,  /* no asynchronous operation pending */
 
     MP_INIT_E          = -110,  /* mp_init error state */
     MP_READ_E          = -111,  /* mp_read error state */
@@ -69,8 +64,11 @@ enum {
     MP_CMP_E           = -120,  /* mp_cmp error state */
     MP_ZERO_E          = -121,  /* got a mp zero result, not expected */
 
+    AES_EAX_AUTH_E     = -122, /* AES-EAX Authentication check failure */
+
     MEMORY_E           = -125,  /* out of memory error */
     VAR_STATE_CHANGE_E = -126,  /* var state modified by different thread */
+    FIPS_DEGRADED_E    = -127,  /* FIPS Module in degraded mode */
 
     RSA_WRONG_TYPE_E   = -130,  /* RSA wrong block type for RSA function */
     RSA_BUFFER_E       = -131,  /* RSA buffer error, output too small or
@@ -240,19 +238,19 @@ enum {
     BAD_LENGTH_E        = -279,  /* Value of length parameter is invalid. */
     ECDSA_KAT_FIPS_E    = -280,  /* ECDSA KAT failure */
     RSA_PAT_FIPS_E      = -281,  /* RSA Pairwise failure */
-    KDF_TLS12_KAT_FIPS_E = -282,  /* TLS12 KDF KAT failure */
-    KDF_TLS13_KAT_FIPS_E = -283,  /* TLS13 KDF KAT failure */
+    KDF_TLS12_KAT_FIPS_E = -282, /* TLS12 KDF KAT failure */
+    KDF_TLS13_KAT_FIPS_E = -283, /* TLS13 KDF KAT failure */
     KDF_SSH_KAT_FIPS_E  = -284,  /* SSH KDF KAT failure */
     DHE_PCT_E           = -285,  /* DHE Pairwise Consistency Test failure */
     ECC_PCT_E           = -286,  /* ECDHE Pairwise Consistency Test failure */
     FIPS_PRIVATE_KEY_LOCKED_E = -287, /* Cannot export private key. */
     PROTOCOLCB_UNAVAILABLE  = -288, /* Protocol callback unavailable */
-    AES_SIV_AUTH_E = -289, /* AES-SIV authentication failed */
-    NO_VALID_DEVID = -290, /* no valid device ID */
+    AES_SIV_AUTH_E      = -289,  /* AES-SIV authentication failed */
+    NO_VALID_DEVID      = -290,  /* no valid device ID */
 
-    IO_FAILED_E = -291,          /* Input/output failure */
-    SYSLIB_FAILED_E = -292,      /* System/library call failed */
-    USE_HW_PSK = -293,           /* Callback return to indicate HW has PSK */
+    IO_FAILED_E         = -291,  /* Input/output failure */
+    SYSLIB_FAILED_E     = -292,  /* System/library call failed */
+    USE_HW_PSK          = -293,  /* Callback return to indicate HW has PSK */
 
     ENTROPY_RT_E        = -294,  /* Entropy Repetition Test failed */
     ENTROPY_APT_E       = -295,  /* Entropy Adaptive Proportion Test failed */
@@ -260,7 +258,10 @@ enum {
     ASN_DEPTH_E         = -296,  /* Invalid ASN.1 - depth check */
     ASN_LEN_E           = -297,  /* ASN.1 length invalid */
 
-    WC_LAST_E           = -297,  /* Update this to indicate last error */
+    SM4_GCM_AUTH_E      = -298,  /* SM4-GCM Authentication check failure */
+    SM4_CCM_AUTH_E      = -299,  /* SM4-CCM Authentication check failure */
+
+    WC_LAST_E           = -299,  /* Update this to indicate last error */
     MIN_CODE_E          = -300   /* errors -101 - -299 */
 
     /* add new companion error id strings for any new error codes
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h
new file mode 100644
index 00000000..ccdfdcb3
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_lms.h
@@ -0,0 +1,65 @@
+/* ext_lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef EXT_LMS_H
+#define EXT_LMS_H
+
+#ifdef WOLFSSL_HAVE_LMS
+#include <wolfssl/wolfcrypt/lms.h>
+
+#if !defined(HAVE_LIBLMS)
+#error "This code requires liblms"
+#endif
+
+/* hash-sigs LMS HSS includes */
+#include <hss.h>
+
+#if defined(WOLFSSL_WC_LMS)
+#error "This code is incompatible with wolfCrypt's implementation of LMS."
+#endif
+
+/*
+ * The hash-sigs LMS lib supports from MIN_HSS_LEVELS to MAX_HSS_LEVELS
+ * number of levels of Merkle trees. It allows for the tree height and
+ * winternitz parameter to be unique per level.
+ */
+
+/* hss structs */
+typedef struct hss_working_key hss_working_key;
+typedef struct hss_extra_info  hss_extra_info;
+
+struct LmsKey {
+    unsigned             levels;                      /* Number of tree levels. */
+    param_set_t          lm_type[MAX_HSS_LEVELS];     /* Height param per level. */
+    param_set_t          lm_ots_type[MAX_HSS_LEVELS]; /* Winternitz param per level. */
+    unsigned char        pub[HSS_MAX_PUBLIC_KEY_LEN];
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+    hss_working_key *    working_key;
+    write_private_key_cb write_private_key; /* Callback to write/update key. */
+    read_private_key_cb  read_private_key;  /* Callback to read key. */
+    void *               context;           /* Context arg passed to callbacks. */
+    hss_extra_info       info;
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+    enum wc_LmsState     state;
+};
+
+#endif /* WOLFSSL_HAVE_LMS */
+#endif /* EXT_LMS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h
new file mode 100644
index 00000000..9abf1583
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ext_xmss.h
@@ -0,0 +1,56 @@
+/* ext_xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#ifndef EXT_XMSS_H
+#define EXT_XMSS_H
+
+#ifdef WOLFSSL_HAVE_XMSS
+#include <wolfssl/wolfcrypt/xmss.h>
+
+#if !defined(HAVE_LIBXMSS)
+    #error "This code requires libxmss"
+#endif
+
+#include <xmss.h>
+#include <params.h>
+
+#if defined(WOLFSSL_WC_XMSS)
+    #error "This code is incompatible with wolfCrypt's implementation of XMSS."
+#endif
+
+struct XmssKey {
+    unsigned char        pk[XMSS_SHA256_PUBLEN];
+    uint32_t             oid;
+    int                  is_xmssmt;
+    xmss_params          params;
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+    /* The secret key length is a function of xmss_params. */
+    unsigned char *      sk;
+    word32               sk_len;
+    write_private_key_cb write_private_key; /* Callback to write/update key. */
+    read_private_key_cb  read_private_key;  /* Callback to read key. */
+    void *               context;           /* Context arg passed to callbacks. */
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+    enum wc_XmssState    state;
+};
+
+#endif /* WOLFSSL_HAVE_XMSS */
+#endif /* EXT_XMSS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
index 09aa4e8d..c925d7da 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_448.h
@@ -66,7 +66,7 @@ WOLFSSL_LOCAL int  curve448(byte* r, const byte* n, const byte* a);
 #if !defined(CURVED448_128BIT)
 WOLFSSL_LOCAL void fe448_reduce(fe448*);
 #else
-#define fe448_reduce(a)
+#define fe448_reduce(a) WC_DO_NOTHING
 #endif
 WOLFSSL_LOCAL void fe448_neg(fe448* r, const fe448* a);
 WOLFSSL_LOCAL void fe448_add(fe448* r, const fe448* a, const fe448* b);
@@ -93,7 +93,7 @@ WOLFSSL_LOCAL void fe448_pow_2_446_222_1(fe448* r, const fe448* a);
 WOLFSSL_LOCAL void fe448_init(void);
 WOLFSSL_LOCAL int  curve448(byte* r, const byte* n, const byte* a);
 
-#define fe448_reduce(a)
+#define fe448_reduce(a) WC_DO_NOTHING
 
 WOLFSSL_LOCAL void fe448_neg(word8* r, const word8* a);
 WOLFSSL_LOCAL void fe448_add(word8* r, const word8* a, const word8* b);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
index 45daa003..cdd27db5 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fe_operations.h
@@ -120,28 +120,6 @@ WOLFSSL_LOCAL word64 load_3(const unsigned char *in);
 WOLFSSL_LOCAL word64 load_4(const unsigned char *in);
 
 #ifdef CURVED25519_ASM
-WOLFSSL_LOCAL void fe_ge_to_p2(fe rx, fe ry, fe rz, const fe px, const fe py,
-                               const fe pz, const fe pt);
-WOLFSSL_LOCAL void fe_ge_to_p3(fe rx, fe ry, fe rz, fe rt, const fe px,
-                               const fe py, const fe pz, const fe pt);
-WOLFSSL_LOCAL void fe_ge_dbl(fe rx, fe ry, fe rz, fe rt, const fe px,
-                             const fe py, const fe pz);
-WOLFSSL_LOCAL void fe_ge_madd(fe rx, fe ry, fe rz, fe rt, const fe px,
-                              const fe py, const fe pz, const fe pt,
-                              const fe qxy2d, const fe qyplusx,
-                              const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_msub(fe rx, fe ry, fe rz, fe rt, const fe px,
-                              const fe py, const fe pz, const fe pt,
-                              const fe qxy2d, const fe qyplusx,
-                              const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_add(fe rx, fe ry, fe rz, fe rt, const fe px,
-                             const fe py, const fe pz, const fe pt, const fe qz,
-                             const fe qt2d, const fe qyplusx,
-                             const fe qyminusx);
-WOLFSSL_LOCAL void fe_ge_sub(fe rx, fe ry, fe rz, fe rt, const fe px,
-                             const fe py, const fe pz, const fe pt, const fe qz,
-                             const fe qt2d, const fe qyplusx,
-                             const fe qyminusx);
 WOLFSSL_LOCAL void fe_cmov_table(fe* r, fe* base, signed char b);
 #endif /* CURVED25519_ASM */
 #endif /* !CURVE25519_SMALL || !ED25519_SMALL */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
index 5e819d4c..dc37477d 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/fips_test.h
@@ -77,10 +77,10 @@ enum FipsCastStateId {
 };
 
 enum FipsModeId {
-    FIPS_MODE_INIT,
-    FIPS_MODE_NORMAL,
-    FIPS_MODE_DEGRADED,
-    FIPS_MODE_FAILED
+    FIPS_MODE_INIT = 0,
+    FIPS_MODE_NORMAL = 1,
+    FIPS_MODE_DEGRADED = 2,
+    FIPS_MODE_FAILED = 3
 };
 
 
@@ -92,6 +92,7 @@ WOLFSSL_API int wolfCrypt_SetCb_fips(wolfCrypt_fips_cb cbf);
 
 /* Public get status functions */
 WOLFSSL_API int wolfCrypt_GetStatus_fips(void);
+WOLFSSL_API int wolfCrypt_GetMode_fips(void);
 WOLFSSL_API const char* wolfCrypt_GetCoreHash_fips(void);
 
 #ifdef HAVE_FORCE_FIPS_FAILURE
@@ -105,6 +106,7 @@ WOLFSSL_LOCAL int DoKnownAnswerTests(char* base16_hash, int base16_hashSz); /* F
 
 WOLFSSL_API int wc_RunCast_fips(int type);
 WOLFSSL_API int wc_GetCastStatus_fips(int type);
+WOLFSSL_API int wc_RunAllCast_fips(void);
 
 #ifdef __cplusplus
     } /* extern "C" */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
index 69bd60c7..0c6ce8dd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/ge_operations.h
@@ -46,15 +46,15 @@ Representations:
 */
 
 #ifdef ED25519_SMALL
-  typedef byte     ge[F25519_SIZE];
+  ALIGN16 typedef byte     ge[F25519_SIZE];
 #elif defined(CURVED25519_ASM_64BIT)
-  typedef sword64  ge[4];
+  ALIGN16 typedef sword64  ge[4];
 #elif defined(CURVED25519_ASM_32BIT)
-  typedef sword32  ge[8];
+  ALIGN16 typedef sword32  ge[8];
 #elif defined(CURVED25519_128BIT)
-  typedef sword64  ge[5];
+  ALIGN16 typedef sword64  ge[5];
 #else
-  typedef sword32  ge[10];
+  ALIGN16 typedef sword32  ge[10];
 #endif
 
 typedef struct {
@@ -70,6 +70,9 @@ typedef struct {
   ge T;
 } ge_p3;
 
+#ifdef __cplusplus
+    extern "C" {
+#endif
 
 WOLFSSL_LOCAL int  ge_compress_key(byte* out, const byte* xIn, const byte* yIn,
                                                                 word32 keySz);
@@ -82,7 +85,11 @@ WOLFSSL_LOCAL void sc_reduce(byte* s);
 WOLFSSL_LOCAL void sc_muladd(byte* s, const byte* a, const byte* b,
                              const byte* c);
 WOLFSSL_LOCAL void ge_tobytes(unsigned char *s,const ge_p2 *h);
+#ifndef GE_P3_TOBYTES_IMPL
+#define ge_p3_tobytes(s, h) ge_tobytes((s), (const ge_p2 *)(h))
+#else
 WOLFSSL_LOCAL void ge_p3_tobytes(unsigned char *s,const ge_p3 *h);
+#endif
 
 
 #ifndef ED25519_SMALL
@@ -105,9 +112,23 @@ typedef struct {
   ge Z;
   ge T2d;
 } ge_cached;
-
 #endif /* !ED25519_SMALL */
 
+#ifdef CURVED25519_ASM
+void ge_p1p1_to_p2(ge_p2 *r, const ge_p1p1 *p);
+void ge_p1p1_to_p3(ge_p3 *r, const ge_p1p1 *p);
+void ge_p2_dbl(ge_p1p1 *r, const ge_p2 *p);
+#define ge_p3_dbl(r, p)     ge_p2_dbl((ge_p1p1 *)(r), (ge_p2 *)(p))
+void ge_madd(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
+void ge_msub(ge_p1p1 *r, const ge_p3 *p, const ge_precomp *q);
+void ge_add(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
+void ge_sub(ge_p1p1 *r, const ge_p3 *p, const ge_cached *q);
+#endif
+
+#ifdef __cplusplus
+    }    /* extern "C" */
+#endif
+
 #endif /* HAVE_ED25519 */
 
 #endif /* WOLF_CRYPT_GE_OPERATIONS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
index 71a21c2e..b8079ba2 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hash.h
@@ -55,6 +55,9 @@
 #if defined(HAVE_BLAKE2) || defined(HAVE_BLAKE2S)
     #include <wolfssl/wolfcrypt/blake2.h>
 #endif
+#ifdef WOLFSSL_SM3
+    #include <wolfssl/wolfcrypt/sm3.h>
+#endif
 
 
 #ifdef __cplusplus
@@ -76,7 +79,8 @@ enum wc_MACAlgorithm {
     sha384_mac,
     sha512_mac,
     rmd_mac,
-    blake2b_mac
+    blake2b_mac,
+    sm3_mac,
 };
 
 enum wc_HashFlags {
@@ -112,6 +116,9 @@ typedef union {
     #ifdef WOLFSSL_SHA3
         wc_Sha3 sha3;
     #endif
+    #ifdef WOLFSSL_SM3
+        wc_Sm3 sm3;
+    #endif
 } wc_HashAlg;
 #endif /* !NO_HASH_WRAPPER */
 
@@ -132,6 +139,9 @@ typedef union {
 #elif !defined(NO_SHA256)
     #define WC_MAX_DIGEST_SIZE WC_SHA256_DIGEST_SIZE
     #define WC_MAX_BLOCK_SIZE  WC_SHA256_BLOCK_SIZE
+#elif defined(WOLFSSL_SM3)
+    #define WC_MAX_DIGEST_SIZE WC_SM3_DIGEST_SIZE
+    #define WC_MAX_BLOCK_SIZE  WC_SM3_BLOCK_SIZE
 #elif defined(WOLFSSL_SHA224)
     #define WC_MAX_DIGEST_SIZE WC_SHA224_DIGEST_SIZE
     #define WC_MAX_BLOCK_SIZE  WC_SHA224_BLOCK_SIZE
@@ -226,6 +236,10 @@ WOLFSSL_API int wc_Shake256Hash(const byte* data, word32 len, byte* hash,
 #endif
 #endif /* WOLFSSL_SHA3 */
 
+#ifdef WOLFSSL_SM3
+WOLFSSL_API int wc_Sm3Hash(const byte* data, word32 len, byte* hash);
+#endif
+
 #endif /* !NO_HASH_WRAPPER */
 
 #if defined(WOLFSSL_HASH_KEEP)
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
index b17e40f4..f325dd35 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/hmac.h
@@ -31,14 +31,6 @@
 #ifndef NO_HMAC
 
 #if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* for fips @wc_fips */
-    #include <cyassl/ctaocrypt/hmac.h>
-    #define WC_HMAC_BLOCK_SIZE HMAC_BLOCK_SIZE
-#endif
-
-
-#if defined(HAVE_FIPS) && \
         defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
     #include <wolfssl/wolfcrypt/fips.h>
 #endif
@@ -144,6 +136,9 @@ typedef union {
 #ifdef WOLFSSL_SHA3
     wc_Sha3 sha3;
 #endif
+#ifdef WOLFSSL_SM3
+    wc_Sm3 sm3;
+#endif
 } wc_HmacHash;
 
 /* Hmac digest */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
index c8d831c5..dfdc80ac 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/include.am
@@ -75,9 +75,20 @@ nobase_include_HEADERS+= \
                          wolfssl/wolfcrypt/cryptocb.h \
                          wolfssl/wolfcrypt/kyber.h \
                          wolfssl/wolfcrypt/wc_kyber.h \
-                         wolfssl/wolfcrypt/ext_kyber.h
+                         wolfssl/wolfcrypt/ext_kyber.h \
+                         wolfssl/wolfcrypt/sm2.h \
+                         wolfssl/wolfcrypt/sm3.h \
+                         wolfssl/wolfcrypt/sm4.h \
+                         wolfssl/wolfcrypt/lms.h \
+                         wolfssl/wolfcrypt/wc_lms.h \
+                         wolfssl/wolfcrypt/ext_lms.h \
+                         wolfssl/wolfcrypt/xmss.h \
+                         wolfssl/wolfcrypt/wc_xmss.h \
+                         wolfssl/wolfcrypt/ext_xmss.h
 
 noinst_HEADERS+= \
+                         wolfssl/wolfcrypt/port/aria/aria-crypt.h \
+                         wolfssl/wolfcrypt/port/aria/aria-cryptocb.h \
                          wolfssl/wolfcrypt/port/pic32/pic32mz-crypt.h \
                          wolfssl/wolfcrypt/port/ti/ti-hash.h \
                          wolfssl/wolfcrypt/port/ti/ti-ccm.h \
@@ -99,7 +110,8 @@ noinst_HEADERS+= \
                          wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h \
                          wolfssl/wolfcrypt/port/arm/cryptoCell.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h \
-                         wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h \
+                         wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h \
+                         wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_sync.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h \
                          wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h \
@@ -127,6 +139,11 @@ if BUILD_DEVCRYPTO
 nobase_include_HEADERS+= wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h
 endif
 
+if BUILD_ARIA
+nobase_include_HEADERS+= wolfssl/wolfcrypt/port/aria/aria-crypt.h
+nobase_include_HEADERS+= wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
+endif
+
 if BUILD_ASYNCCRYPT
 nobase_include_HEADERS+= wolfssl/wolfcrypt/async.h
 endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
index 3ec64ae6..243d3f0d 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/integer.h
@@ -69,7 +69,7 @@ extern "C" {
 #else
 
 /* C on the other hand doesn't care */
-#define  OPT_CAST(x)
+#define  OPT_CAST(x) /* null expansion */
 
 #endif /* __cplusplus */
 
@@ -206,7 +206,7 @@ typedef int           mp_err;
 #define NEW_MP_INT_SIZE(name, bits, heap, type) \
     XMEMSET(name, 0, sizeof(mp_int))
 /* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
 /* Initialize an mp_int. */
 #define INIT_MP_INT_SIZE(name, bits) \
     mp_init(name)
@@ -313,6 +313,7 @@ MP_API int  mp_unsigned_bin_size(const mp_int * a);
 MP_API int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
 MP_API int  mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
 MP_API int  mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+#define mp_to_unsigned_bin_len_ct mp_to_unsigned_bin_len
 MP_API int  mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
 MP_API int  mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y);
 MP_API int  mp_exptmod_ex (mp_int * G, mp_int * X, int digits, mp_int * P,
@@ -329,6 +330,8 @@ MP_API int  mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d);
 MP_API void mp_zero (mp_int * a);
 MP_API void mp_clamp (mp_int * a);
 MP_API int  mp_exch (mp_int * a, mp_int * b);
+MP_API int  mp_cond_swap_ct_ex (mp_int * a, mp_int * b, int c, int m,
+                                mp_int * t);
 MP_API int  mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
 MP_API void mp_rshd (mp_int * a, int b);
 MP_API void mp_rshb (mp_int * a, int b);
@@ -341,6 +344,7 @@ int  fast_mp_invmod (mp_int * a, mp_int * b, mp_int * c);
 MP_API int  mp_invmod_slow (mp_int * a, mp_int * b, mp_int * c);
 MP_API int  mp_cmp_mag (mp_int * a, mp_int * b);
 MP_API int  mp_cmp (mp_int * a, mp_int * b);
+#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
 MP_API int  mp_cmp_d(mp_int * a, mp_digit b);
 MP_API int  mp_set (mp_int * a, mp_digit b);
 MP_API int  mp_is_bit_set (mp_int * a, mp_digit b);
@@ -363,6 +367,7 @@ MP_API int  mp_montgomery_setup (mp_int * n, mp_digit * rho);
 int  fast_mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
 MP_API int  mp_montgomery_reduce (mp_int * x, mp_int * n, mp_digit rho);
 #define mp_montgomery_reduce_ex(x, n, rho, ct) mp_montgomery_reduce (x, n, rho)
+#define mp_montgomery_reduce_ct(x, n, rho)     mp_montgomery_reduce (x, n, rho)
 MP_API void mp_dr_setup(mp_int *a, mp_digit *d);
 MP_API int  mp_dr_reduce (mp_int * x, mp_int * n, mp_digit k);
 MP_API int  mp_reduce_2k(mp_int *a, mp_int *n, mp_digit d);
@@ -406,7 +411,7 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
 #ifdef WOLFSSL_DEBUG_MATH
     MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
 #else
-    #define mp_dump(desc, a, verbose)
+    #define mp_dump(desc, a, verbose) WC_DO_NOTHING
 #endif
 
 #if defined(HAVE_ECC) || defined(WOLFSSL_KEY_GEN) || !defined(NO_RSA) || \
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
index b1a64fe5..6a6a8569 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/kdf.h
@@ -105,6 +105,42 @@ WOLFSSL_API int wc_SSH_KDF(byte hashId, byte keyId,
 
 #endif /* WOLFSSL_WOLFSSH */
 
+#ifdef WC_SRTP_KDF
+/* Label values for purpose. */
+#define WC_SRTP_LABEL_ENCRYPTION        0x00
+#define WC_SRTP_LABEL_MSG_AUTH          0x01
+#define WC_SRTP_LABEL_SALT              0x02
+#define WC_SRTCP_LABEL_ENCRYPTION       0x03
+#define WC_SRTCP_LABEL_MSG_AUTH         0x04
+#define WC_SRTCP_LABEL_SALT             0x05
+#define WC_SRTP_LABEL_HDR_ENCRYPTION    0x06
+#define WC_SRTP_LABEL_HDR_SALT          0x07
+
+/* Length of index for SRTP KDF. */
+#define WC_SRTP_INDEX_LEN               6
+/* Length of index for SRTCP KDF. */
+#define WC_SRTCP_INDEX_LEN              4
+
+/* Maximum length of salt that can be used with SRTP/SRTCP. */
+#define WC_SRTP_MAX_SALT    14
+
+WOLFSSL_API int wc_SRTP_KDF(const byte* key, word32 keySz, const byte* salt,
+    word32 saltSz, int kdrIdx, const byte* index, byte* key1, word32 key1Sz,
+    byte* key2, word32 key2Sz, byte* key3, word32 key3Sz);
+WOLFSSL_API int wc_SRTCP_KDF(const byte* key, word32 keySz, const byte* salt,
+    word32 saltSz, int kdrIdx, const byte* index, byte* key1, word32 key1Sz,
+    byte* key2, word32 key2Sz, byte* key3, word32 key3Sz);
+WOLFSSL_API int wc_SRTP_KDF_label(const byte* key, word32 keySz,
+    const byte* salt, word32 saltSz, int kdrIdx, const byte* index, byte label,
+    byte* outKey, word32 outKeySz);
+WOLFSSL_API int wc_SRTCP_KDF_label(const byte* key, word32 keySz,
+    const byte* salt, word32 saltSz, int kdrIdx, const byte* index, byte label,
+    byte* outKey, word32 outKeySz);
+
+WOLFSSL_API int wc_SRTP_KDF_kdr_to_idx(word32 kdr);
+
+#endif /* WC_SRTP_KDF */
+
 #ifdef __cplusplus
     } /* extern "C" */
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h
new file mode 100644
index 00000000..483f349c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/lms.h
@@ -0,0 +1,144 @@
+/* lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+    \file wolfssl/wolfcrypt/lms.h
+ */
+
+#ifndef WOLF_CRYPT_LMS_H
+#define WOLF_CRYPT_LMS_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_HAVE_LMS
+
+typedef struct LmsKey LmsKey;
+
+/* Private key write and read callbacks. */
+typedef int (*write_private_key_cb)(const byte * priv, word32 privSz, void *context);
+typedef int (*read_private_key_cb)(byte * priv, word32 privSz, void *context);
+
+/* Return codes returned by private key callbacks. */
+enum wc_LmsRc {
+  WC_LMS_RC_NONE,
+  WC_LMS_RC_BAD_ARG,            /* Bad arg in read or write callback. */
+  WC_LMS_RC_WRITE_FAIL,         /* Write or update private key failed. */
+  WC_LMS_RC_READ_FAIL,          /* Read private key failed. */
+  WC_LMS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
+  WC_LMS_RC_READ_TO_MEMORY      /* Read private key from storage. */
+};
+
+/* LMS/HSS signatures are defined by 3 parameters:
+ *   levels: number of levels of Merkle trees.
+ *   height: height of an individual Merkle tree.
+ *   winternitz: number of bits from hash used in a Winternitz chain.
+ *
+ * The acceptable parameter values are those in RFC8554:
+ *   levels = {1..8}
+ *   height = {5, 10, 15, 20, 25}
+ *   winternitz = {1, 2, 4, 8}
+ *
+ * The number of available signatures is:
+ *   N = 2 ** (levels * height)
+ *
+ * Signature sizes are determined by levels and winternitz
+ * parameters primarily, and height to a lesser extent:
+ *   - Larger levels values increase signature size significantly.
+ *   - Larger height values increase signature size moderately.
+ *   - Larger winternitz values will reduce the signature size, at
+ *     the expense of longer key generation and sign/verify times.
+ *
+ * Key generation time is strongly determined by the height of
+ * the first level tree. A 3 level, 5 height tree is much faster
+ * than 1 level, 15 height at initial key gen, even if the number
+ * of available signatures is the same.
+ * */
+
+/* Predefined LMS/HSS parameter sets for convenience.
+ *
+ * Not predefining a set with Winternitz=1, because the signatures
+ * will be large. */
+enum wc_LmsParm {
+    WC_LMS_PARM_NONE      =  0,
+    WC_LMS_PARM_L1_H15_W2 =  1, /* 1 level Merkle tree of 15 height. */
+    WC_LMS_PARM_L1_H15_W4 =  2,
+    WC_LMS_PARM_L2_H10_W2 =  3, /* 2 level Merkle tree of 10 height. */
+    WC_LMS_PARM_L2_H10_W4 =  4,
+    WC_LMS_PARM_L2_H10_W8 =  5,
+    WC_LMS_PARM_L3_H5_W2  =  6, /* 3 level Merkle tree of 5 height. */
+    WC_LMS_PARM_L3_H5_W4  =  7,
+    WC_LMS_PARM_L3_H5_W8  =  8,
+    WC_LMS_PARM_L3_H10_W4 =  9, /* 3 level Merkle tree of 10 height. */
+    WC_LMS_PARM_L4_H5_W8  = 10, /* 4 level Merkle tree of 5 height. */
+};
+
+/* enum wc_LmsState is to help track the state of an LMS/HSS Key. */
+enum wc_LmsState {
+    WC_LMS_STATE_FREED,      /* Key has been freed from memory. */
+    WC_LMS_STATE_INITED,     /* Key has been inited, ready to set params.*/
+    WC_LMS_STATE_PARMSET,    /* Params are set, ready to MakeKey or Reload. */
+    WC_LMS_STATE_OK,         /* Able to sign signatures and verify. */
+    WC_LMS_STATE_VERIFYONLY, /* A public only LmsKey. */
+    WC_LMS_STATE_BAD,        /* Can't guarantee key's state. */
+    WC_LMS_STATE_NOSIGS      /* Signatures exhausted. */
+};
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+WOLFSSL_API int  wc_LmsKey_Init(LmsKey * key, void * heap, int devId);
+WOLFSSL_API int  wc_LmsKey_SetLmsParm(LmsKey * key, enum wc_LmsParm lmsParm);
+WOLFSSL_API int  wc_LmsKey_SetParameters(LmsKey * key, int levels,
+    int height, int winternitz);
+WOLFSSL_API int  wc_LmsKey_GetParameters(const LmsKey * key, int * levels,
+    int * height, int * winternitz);
+#ifndef WOLFSSL_LMS_VERIFY_ONLY
+WOLFSSL_API int  wc_LmsKey_SetWriteCb(LmsKey * key,
+    write_private_key_cb write_cb);
+WOLFSSL_API int  wc_LmsKey_SetReadCb(LmsKey * key,
+    read_private_key_cb read_cb);
+WOLFSSL_API int  wc_LmsKey_SetContext(LmsKey * key, void * context);
+WOLFSSL_API int  wc_LmsKey_MakeKey(LmsKey * key, WC_RNG * rng);
+WOLFSSL_API int  wc_LmsKey_Reload(LmsKey * key);
+WOLFSSL_API int  wc_LmsKey_GetPrivLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int  wc_LmsKey_Sign(LmsKey * key, byte * sig, word32 * sigSz,
+    const byte * msg, int msgSz);
+WOLFSSL_API int  wc_LmsKey_SigsLeft(LmsKey * key);
+#endif /* ifndef WOLFSSL_LMS_VERIFY_ONLY */
+WOLFSSL_API void wc_LmsKey_Free(LmsKey * key);
+WOLFSSL_API int  wc_LmsKey_GetSigLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int  wc_LmsKey_GetPubLen(const LmsKey * key, word32 * len);
+WOLFSSL_API int  wc_LmsKey_ExportPub(LmsKey * keyDst, const LmsKey * keySrc);
+WOLFSSL_API int  wc_LmsKey_ExportPubRaw(const LmsKey * key, byte * out,
+    word32 * outLen);
+WOLFSSL_API int  wc_LmsKey_ImportPubRaw(LmsKey * key, const byte * in,
+    word32 inLen);
+WOLFSSL_API int  wc_LmsKey_Verify(LmsKey * key, const byte * sig, word32 sigSz,
+    const byte * msg, int msgSz);
+WOLFSSL_API const char * wc_LmsKey_ParmToStr(enum wc_LmsParm lmsParm);
+WOLFSSL_API const char * wc_LmsKey_RcToStr(enum wc_LmsRc lmsRc);
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_HAVE_LMS */
+#endif /* WOLF_CRYPT_LMS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
index d47abec8..498b605e 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/logging.h
@@ -100,6 +100,8 @@ WOLFSSL_API int  wolfSSL_Debugging_ON(void);
 /* turn logging off */
 WOLFSSL_API void wolfSSL_Debugging_OFF(void);
 
+WOLFSSL_API void wolfSSL_SetLoggingPrefix(const char* prefix);
+
 #ifdef HAVE_WC_INTROSPECTION
     WOLFSSL_API const char *wolfSSL_configure_args(void);
     WOLFSSL_API const char *wolfSSL_global_cflags(void);
@@ -107,11 +109,12 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
 
 
 #if (defined(OPENSSL_EXTRA) && !defined(_WIN32) && \
-        !defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE)
+        !defined(NO_ERROR_QUEUE)) || defined(DEBUG_WOLFSSL_VERBOSE) \
+        || defined(HAVE_MEMCACHED)
 #define WOLFSSL_HAVE_ERROR_QUEUE
 #endif
 
-#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE)
+#if defined(OPENSSL_EXTRA) || defined(DEBUG_WOLFSSL_VERBOSE) || defined(HAVE_MEMCACHED)
     WOLFSSL_LOCAL int wc_LoggingInit(void);
     WOLFSSL_LOCAL int wc_LoggingCleanup(void);
     WOLFSSL_LOCAL int wc_AddErrorNode(int error, int line, char* buf,
@@ -133,7 +136,7 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
         WOLFSSL_API void wc_ERR_print_errors_cb(int (*cb)(const char *str,
                                                 size_t len, void *u), void *u);
     #endif
-#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE */
+#endif /* OPENSSL_EXTRA || DEBUG_WOLFSSL_VERBOSE || HAVE_MEMCACHED */
 
 #ifdef WOLFSSL_FUNC_TIME
     /* WARNING: This code is only to be used for debugging performance.
@@ -144,9 +147,9 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
     WOLFSSL_API void WOLFSSL_END(int funcNum);
     WOLFSSL_API void WOLFSSL_TIME(int count);
 #else
-    #define WOLFSSL_START(n)
-    #define WOLFSSL_END(n)
-    #define WOLFSSL_TIME(n)
+    #define WOLFSSL_START(n) WC_DO_NOTHING
+    #define WOLFSSL_END(n)   WC_DO_NOTHING
+    #define WOLFSSL_TIME(n)  WC_DO_NOTHING
 #endif
 
 #if defined(DEBUG_WOLFSSL) && !defined(WOLFSSL_DEBUG_ERRORS_ONLY)
@@ -166,25 +169,25 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
     #define WOLFSSL_STUB(m) \
         WOLFSSL_MSG(WOLFSSL_LOG_CAT(wolfSSL Stub, m, not implemented))
     WOLFSSL_API int WOLFSSL_IS_DEBUG_ON(void);
-#if !defined(_WIN32) && defined(XVSNPRINTF)
+#if defined(XVSNPRINTF)
     WOLFSSL_API void WOLFSSL_MSG_EX(const char* fmt, ...);
     #define HAVE_WOLFSSL_MSG_EX
 #else
-    #define WOLFSSL_MSG_EX(...) do{} while(0)
+    #define WOLFSSL_MSG_EX(...) WC_DO_NOTHING
 #endif
     WOLFSSL_API void WOLFSSL_MSG(const char* msg);
     WOLFSSL_API void WOLFSSL_BUFFER(const byte* buffer, word32 length);
 
 #else
 
-    #define WOLFSSL_ENTER(m)
-    #define WOLFSSL_LEAVE(m, r)
-    #define WOLFSSL_STUB(m)
+    #define WOLFSSL_ENTER(m)      WC_DO_NOTHING
+    #define WOLFSSL_LEAVE(m, r)   WC_DO_NOTHING
+    #define WOLFSSL_STUB(m)       WC_DO_NOTHING
     #define WOLFSSL_IS_DEBUG_ON() 0
 
-    #define WOLFSSL_MSG_EX(...)    do{} while(0)
-    #define WOLFSSL_MSG(m)            do{} while(0)
-    #define WOLFSSL_BUFFER(b, l)      do{} while(0)
+    #define WOLFSSL_MSG_EX(...)   WC_DO_NOTHING
+    #define WOLFSSL_MSG(m)        WC_DO_NOTHING
+    #define WOLFSSL_BUFFER(b, l)  WC_DO_NOTHING
 
 #endif /* DEBUG_WOLFSSL && !WOLFSSL_DEBUG_ERRORS_ONLY */
 
@@ -202,8 +205,8 @@ WOLFSSL_API void wolfSSL_Debugging_OFF(void);
 
     WOLFSSL_API void WOLFSSL_ERROR_MSG(const char* msg);
 #else
-    #define WOLFSSL_ERROR(e)
-    #define WOLFSSL_ERROR_MSG(m)
+    #define WOLFSSL_ERROR(e) (void)(e)
+    #define WOLFSSL_ERROR_MSG(m) (void)(m)
 #endif /* DEBUG_WOLFSSL | OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY ||
           OPENSSL_EXTRA */
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
index 483f14ab..58575642 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/mem_track.h
@@ -24,8 +24,6 @@
 #ifndef WOLFSSL_MEM_TRACK_H
 #define WOLFSSL_MEM_TRACK_H
 
-#if defined(USE_WOLFSSL_MEMORY) && !defined(WOLFSSL_STATIC_MEMORY)
-
 /* The memory tracker overrides the wolfSSL memory callback system and uses a
  * static to track the total, peak and currently allocated bytes.
  *
@@ -61,7 +59,9 @@
  */
 
 #include "wolfssl/wolfcrypt/settings.h"
+#include "wolfssl/wolfcrypt/types.h"
 #include "wolfssl/wolfcrypt/logging.h"
+#include "wolfssl/wolfcrypt/error-crypt.h"
 #include "wolfssl/wolfcrypt/memory.h"
 
 #if defined(WOLFSSL_TRACK_MEMORY) || defined(HAVE_STACK_SIZE) || \
@@ -77,13 +77,14 @@
     #endif
 #endif
 
-#if defined(WOLFSSL_TRACK_MEMORY)
-    #define DO_MEM_STATS
-    #if (defined(__linux__) && !defined(WOLFSSL_LINUXKM)) || defined(__MACH__)
-        #define DO_MEM_LIST
-    #endif
-#endif
+/* Track Memory */
+#if defined(WOLFSSL_TRACK_MEMORY) && defined(USE_WOLFSSL_MEMORY) && \
+    !defined(WOLFSSL_STATIC_MEMORY)
 
+#define DO_MEM_STATS
+#if (defined(__linux__) && !defined(WOLFSSL_LINUXKM)) || defined(__MACH__)
+    #define DO_MEM_LIST
+#endif
 
 typedef struct memoryStats {
     long totalAllocs;     /* number of allocations */
@@ -93,12 +94,12 @@ typedef struct memoryStats {
     long currentBytes;    /* total current bytes in use */
 #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
     long peakAllocsTripOdometer; /* peak number of concurrent allocations,
-                                    * subject to reset by
-                                    * wolfCrypt_heap_peak_checkpoint()
-                                    */
+                                  * subject to reset by
+                                  * wolfCrypt_heap_peak_checkpoint()
+                                  */
     long peakBytesTripOdometer; /* peak concurrent bytes, subject to reset
-                                    * by wolfCrypt_heap_peak_checkpoint()
-                                    */
+                                 * by wolfCrypt_heap_peak_checkpoint()
+                                 */
 #endif
 } memoryStats;
 
@@ -119,7 +120,8 @@ typedef struct memHint {
 typedef struct memoryTrack {
     union {
         memHint hint;
-        byte    alignit[sizeof(memHint) + ((16-1) & ~(16-1))]; /* make sure we have strong alignment */
+        /* make sure we have strong alignment */
+        byte    alignit[sizeof(memHint) + ((16-1) & ~(16-1))];
     } u;
 } memoryTrack;
 
@@ -132,7 +134,7 @@ typedef struct memoryList {
 } memoryList;
 #endif
 
-#if defined(WOLFSSL_TRACK_MEMORY)
+
 static memoryStats ourMemStats;
 
 #ifdef DO_MEM_LIST
@@ -140,7 +142,6 @@ static memoryStats ourMemStats;
     static memoryList ourMemList;
     static pthread_mutex_t memLock = PTHREAD_MUTEX_INITIALIZER;
 #endif
-#endif
 
 #ifdef WOLFSSL_DEBUG_MEMORY
 static WC_INLINE void* TrackMalloc(size_t sz, const char* func,
@@ -169,7 +170,8 @@ static WC_INLINE void* TrackMalloc(size_t sz)
 
 #ifdef WOLFSSL_DEBUG_MEMORY
 #ifdef WOLFSSL_DEBUG_MEMORY_PRINT
-    wc_mem_printf("Alloc: %p -> %u at %s:%d\n", header->thisMemory, (word32)sz, func, line);
+    wc_mem_printf("Alloc: %p -> %u at %s:%d\n",
+        header->thisMemory, (word32)sz, func, line);
 #else
     (void)func;
     (void)line;
@@ -180,18 +182,23 @@ static WC_INLINE void* TrackMalloc(size_t sz)
     ourMemStats.totalAllocs++;
     ourMemStats.totalBytes   += sz;
     ourMemStats.currentBytes += sz;
+#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+    if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs -
+            ourMemStats.totalDeallocs) {
+        ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs -
+            ourMemStats.totalDeallocs;
+    }
+    if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes)
+#endif
+    {
     #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
-    if (ourMemStats.peakAllocsTripOdometer < ourMemStats.totalAllocs - ourMemStats.totalDeallocs)
-        ourMemStats.peakAllocsTripOdometer = ourMemStats.totalAllocs - ourMemStats.totalDeallocs;
-    if (ourMemStats.peakBytesTripOdometer < ourMemStats.currentBytes) {
         ourMemStats.peakBytesTripOdometer = ourMemStats.currentBytes;
     #endif
         if (ourMemStats.currentBytes > ourMemStats.peakBytes)
             ourMemStats.peakBytes = ourMemStats.currentBytes;
-    #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
     }
-    #endif
-#endif
+#endif /* DO_MEM_STATS */
+
 #ifdef DO_MEM_LIST
     if (pthread_mutex_lock(&memLock) == 0) {
     #ifdef WOLFSSL_DEBUG_MEMORY
@@ -214,7 +221,7 @@ static WC_INLINE void* TrackMalloc(size_t sz)
 
         pthread_mutex_unlock(&memLock);
     }
-#endif
+#endif /* DO_MEM_LIST */
 
     return header->thisMemory;
 }
@@ -332,7 +339,6 @@ static WC_INLINE void* TrackRealloc(void* ptr, size_t sz)
     return ret;
 }
 
-#ifdef WOLFSSL_TRACK_MEMORY
 static wolfSSL_Malloc_cb mfDefault = NULL;
 static wolfSSL_Free_cb ffDefault = NULL;
 static wolfSSL_Realloc_cb rfDefault = NULL;
@@ -353,27 +359,26 @@ static WC_INLINE int InitMemoryTracker(void)
 
 #ifdef DO_MEM_LIST
     if (pthread_mutex_lock(&memLock) == 0)
-    {
-#endif
-
-#ifdef DO_MEM_STATS
-    ourMemStats.totalAllocs  = 0;
-    ourMemStats.totalDeallocs = 0;
-    ourMemStats.totalBytes   = 0;
-    ourMemStats.peakBytes    = 0;
-    ourMemStats.currentBytes = 0;
-#ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
-    ourMemStats.peakAllocsTripOdometer = 0;
-    ourMemStats.peakBytesTripOdometer    = 0;
-#endif
 #endif
+    {
+    #ifdef DO_MEM_STATS
+        ourMemStats.totalAllocs  = 0;
+        ourMemStats.totalDeallocs = 0;
+        ourMemStats.totalBytes   = 0;
+        ourMemStats.peakBytes    = 0;
+        ourMemStats.currentBytes = 0;
+    #ifdef WOLFSSL_TRACK_MEMORY_VERBOSE
+        ourMemStats.peakAllocsTripOdometer = 0;
+        ourMemStats.peakBytesTripOdometer    = 0;
+    #endif
+    #endif /* DO_MEM_STATS */
 
-#ifdef DO_MEM_LIST
-    XMEMSET(&ourMemList, 0, sizeof(ourMemList));
+    #ifdef DO_MEM_LIST
+        XMEMSET(&ourMemList, 0, sizeof(ourMemList));
 
-    pthread_mutex_unlock(&memLock);
+        pthread_mutex_unlock(&memLock);
+    #endif
     }
-#endif
 
     return ret;
 }
@@ -382,36 +387,38 @@ static WC_INLINE void ShowMemoryTracker(void)
 {
 #ifdef DO_MEM_LIST
     if (pthread_mutex_lock(&memLock) == 0)
-    {
-#endif
-
-#ifdef DO_MEM_STATS
-    wc_mem_printf("total   Allocs   = %9ld\n", ourMemStats.totalAllocs);
-    wc_mem_printf("total   Deallocs = %9ld\n", ourMemStats.totalDeallocs);
-    wc_mem_printf("total   Bytes    = %9ld\n", ourMemStats.totalBytes);
-    wc_mem_printf("peak    Bytes    = %9ld\n", ourMemStats.peakBytes);
-    wc_mem_printf("current Bytes    = %9ld\n", ourMemStats.currentBytes);
 #endif
+    {
+    #ifdef DO_MEM_STATS
+        wc_mem_printf("total   Allocs   = %9ld\n", ourMemStats.totalAllocs);
+        wc_mem_printf("total   Deallocs = %9ld\n", ourMemStats.totalDeallocs);
+        wc_mem_printf("total   Bytes    = %9ld\n", ourMemStats.totalBytes);
+        wc_mem_printf("peak    Bytes    = %9ld\n", ourMemStats.peakBytes);
+        wc_mem_printf("current Bytes    = %9ld\n", ourMemStats.currentBytes);
+    #endif
 
-#ifdef DO_MEM_LIST
-    if (ourMemList.count > 0) {
-        /* print list of allocations */
-        memHint* header;
-        for (header = ourMemList.head; header != NULL; header = header->next) {
-            #ifdef WOLFSSL_DEBUG_MEMORY
-            wc_mem_printf("Leak: Ptr %p, Size %u, Func %s, Line %d\n",
-                (byte*)header + sizeof(memHint), (unsigned int)header->thisSize,
-                header->func, header->line);
-#else
-            wc_mem_printf("Leak: Ptr %p, Size %u\n",
-               (byte*)header + sizeof(memHint), (unsigned int)header->thisSize);
-#endif
+    #ifdef DO_MEM_LIST
+        if (ourMemList.count > 0) {
+            /* print list of allocations */
+            memHint* header;
+            for (header = ourMemList.head;
+                 header != NULL;
+                 header = header->next) {
+        #ifdef WOLFSSL_DEBUG_MEMORY
+                wc_mem_printf("Leak: Ptr %p, Size %u, Func %s, Line %d\n",
+                    (byte*)header + sizeof(memHint),
+                    (unsigned int)header->thisSize, header->func, header->line);
+        #else
+                wc_mem_printf("Leak: Ptr %p, Size %u\n",
+                    (byte*)header + sizeof(memHint),
+                    (unsigned int)header->thisSize);
+        #endif
+            }
         }
-    }
 
-    pthread_mutex_unlock(&memLock);
+        pthread_mutex_unlock(&memLock);
+    #endif
     }
-#endif
 }
 
 static WC_INLINE int CleanupMemoryTracker(void)
@@ -419,9 +426,8 @@ static WC_INLINE int CleanupMemoryTracker(void)
     /* restore default allocators */
     return wolfSSL_SetAllocators(mfDefault, ffDefault, rfDefault);
 }
-#endif /* WOLFSSL_TRACK_MEMORY */
-
-#endif /* USE_WOLFSSL_MEMORY && !WOLFSSL_STATIC_MEMORY */
+#endif /* WOLFSSL_TRACK_MEMORY && USE_WOLFSSL_MEMORY && \
+          !WOLFSSL_STATIC_MEMORY */
 
 
 #ifdef HAVE_STACK_SIZE
@@ -432,10 +438,6 @@ static WC_INLINE int CleanupMemoryTracker(void)
 #include <sched.h>
 #include <unistd.h>
 
-#include <wolfssl/wolfcrypt/types.h>
-#include <wolfssl/wolfcrypt/logging.h>
-#include <wolfssl/wolfcrypt/error-crypt.h>
-
 typedef void* (*thread_func)(void* args);
 #define STACK_CHECK_VAL 0x01
 
@@ -557,7 +559,8 @@ int StackSizeHWMReset(void)
     _ret = StackSizeHWMReset();                      \
     if ((max >= 0) && (HWM > (ssize_t)(max))) {      \
         wc_mem_printf(                               \
-            "    relative stack usage at %s L%d exceeds designated max %ld bytes.\n", \
+            "    relative stack usage at %s L%d exceeds designated " \
+                "max %ld bytes.\n", \
             __FILE__, __LINE__, (long int)(max));    \
         _ret = -1;                                   \
     }                                                \
@@ -720,7 +723,8 @@ static WC_INLINE int StackSizeCheck_launch(struct func_args* args,
     return 0;
 }
 
-static WC_INLINE int StackSizeCheck_reap(pthread_t threadId, void *stack_context)
+static WC_INLINE int StackSizeCheck_reap(pthread_t threadId,
+    void *stack_context)
 {
     struct stack_size_debug_context *shim_args =
         (struct stack_size_debug_context *)stack_context;
@@ -755,7 +759,6 @@ static WC_INLINE int StackSizeCheck_reap(pthread_t threadId, void *stack_context
     return (int)((size_t)status);
 }
 
-
 #endif /* HAVE_STACK_SIZE */
 
 
@@ -799,13 +802,13 @@ static WC_INLINE void StackTrap(void)
 #define STACK_SIZE_CHECKPOINT(...) (__VA_ARGS__)
 #endif
 #ifndef STACK_SIZE_CHECKPOINT_MSG
-#define STACK_SIZE_CHECKPOINT_MSG(msg)
+#define STACK_SIZE_CHECKPOINT_MSG(msg) WC_DO_NOTHING
 #endif
 #ifndef STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK
 #define STACK_SIZE_CHECKPOINT_WITH_MAX_CHECK(max, ...) (__VA_ARGS__, 0)
 #endif
 #ifndef STACK_SIZE_INIT
-#define STACK_SIZE_INIT()
+#define STACK_SIZE_INIT() WC_DO_NOTHING
 #endif
 
 #endif /* WOLFSSL_MEM_TRACK_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
index 15978b83..cf832731 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/memory.h
@@ -251,9 +251,189 @@ WOLFSSL_LOCAL void wc_MemZero_Add(const char* name, const void* addr,
 WOLFSSL_LOCAL void wc_MemZero_Check(void* addr, size_t len);
 #endif
 
+#ifdef WC_DEBUG_CIPHER_LIFECYCLE
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleInit(void **CipherLifecycleTag,
+                                               void *heap);
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleCheck(void *CipherLifecycleTag,
+                                                int abort_p);
+WOLFSSL_LOCAL int wc_debug_CipherLifecycleFree(void **CipherLifecycleTag,
+                                               void *heap, int abort_p);
+#else
+#define wc_debug_CipherLifecycleInit(CipherLifecycleTag, heap) \
+        ((void)(CipherLifecycleTag), (void)(heap), 0)
+#define wc_debug_CipherLifecycleCheck(CipherLifecycleTag, abort_p) \
+        ((void)(CipherLifecycleTag), (void)(abort_p), 0)
+#define wc_debug_CipherLifecycleFree(CipherLifecycleTag, heap, abort_p) \
+        ((void)(CipherLifecycleTag), (void)(heap), (void)(abort_p), 0)
+#endif
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS
+    WOLFSSL_API extern THREAD_LS_T int wc_svr_count;
+    WOLFSSL_API extern THREAD_LS_T const char *wc_svr_last_file;
+    WOLFSSL_API extern THREAD_LS_T int wc_svr_last_line;
+
+    #ifdef DEBUG_VECTOR_REGISTERS_ABORT_ON_FAIL
+        #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE abort();
+    #elif defined(DEBUG_VECTOR_REGISTERS_EXIT_ON_FAIL)
+        #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE exit(1);
+    #else
+        #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE
+    #endif
+
+    #define SAVE_VECTOR_REGISTERS(fail_clause) {                    \
+        int _svr_ret = wc_debug_vector_registers_retval;            \
+        if (_svr_ret != 0) { fail_clause }                          \
+        ++wc_svr_count;                                             \
+        if (wc_svr_count > 5) {                                     \
+            fprintf(stderr,                                         \
+                    ("%s @ L%d : incr : "                           \
+                     "wc_svr_count %d (last op %s L%d)\n"),         \
+                    __FILE__,                                       \
+                    __LINE__,                                       \
+                    wc_svr_count,                                   \
+                    wc_svr_last_file,                               \
+                    wc_svr_last_line);                              \
+            DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
+        }                                                           \
+        wc_svr_last_file = __FILE__;                                \
+        wc_svr_last_line = __LINE__;                                \
+    }
+
+    WOLFSSL_API extern THREAD_LS_T int wc_debug_vector_registers_retval;
+
+#ifndef WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL
+#define WC_DEBUG_VECTOR_REGISTERS_RETVAL_INITVAL 0
+#endif
+#define WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(x) do { \
+            if (((x) != 0) && (wc_svr_count > 0)) {                 \
+                fprintf(stderr,                                     \
+                        ("%s @ L%d : incr : "                       \
+                         "wc_svr_count %d (last op %s L%d)\n"),     \
+                        __FILE__,                                   \
+                        __LINE__,                                   \
+                        wc_svr_count,                               \
+                        wc_svr_last_file,                           \
+                        wc_svr_last_line);                          \
+                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE            \
+            }                                                       \
+        wc_debug_vector_registers_retval = (x);                     \
+    } while (0)
+
+#ifdef DEBUG_VECTOR_REGISTER_ACCESS_FUZZING
+    #ifndef WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED
+        #define WC_DEBUG_VECTOR_REGISTERS_FUZZING_SEED 0
+    #endif
+        WOLFSSL_LOCAL int SAVE_VECTOR_REGISTERS2_fuzzer(void);
+
+    #define SAVE_VECTOR_REGISTERS2(...) ({                          \
+        int _svr2_val = SAVE_VECTOR_REGISTERS2_fuzzer();            \
+        if (_svr2_val == 0) {                                       \
+            ++wc_svr_count;                                         \
+            if (wc_svr_count > 5) {                                 \
+                fprintf(stderr,                                     \
+                        ("%s @ L%d : incr : "                       \
+                         "wc_svr_count %d (last op %s L%d)\n"),     \
+                        __FILE__,                                   \
+                        __LINE__,                                   \
+                        wc_svr_count,                               \
+                        wc_svr_last_file,                           \
+                        wc_svr_last_line);                          \
+                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE            \
+            }                                                       \
+            wc_svr_last_file = __FILE__;                            \
+            wc_svr_last_line = __LINE__;                            \
+            _svr2_val = 0;                                          \
+        }                                                           \
+        _svr2_val;                                                  \
+    })
+
+#else
+
+    #define SAVE_VECTOR_REGISTERS2(...) ({                          \
+        int _svr2_val;                                              \
+        if (wc_debug_vector_registers_retval != 0) {                \
+            if (wc_svr_count > 0) {                                 \
+                fprintf(stderr,                                     \
+                        ("%s @ L%d : incr : "                       \
+                        "wc_svr_count %d (last op %s L%d)\n"),      \
+                        __FILE__,                                   \
+                        __LINE__,                                   \
+                        wc_svr_count,                               \
+                        wc_svr_last_file,                           \
+                        wc_svr_last_line);                          \
+                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE            \
+            }                                                       \
+            _svr2_val = wc_debug_vector_registers_retval;           \
+        } else {                                                    \
+            ++wc_svr_count;                                         \
+            if (wc_svr_count > 5) {                                 \
+                fprintf(stderr,                                     \
+                        ("%s @ L%d : incr : "                       \
+                         "wc_svr_count %d (last op %s L%d)\n"),     \
+                        __FILE__,                                   \
+                        __LINE__,                                   \
+                        wc_svr_count,                               \
+                        wc_svr_last_file,                           \
+                        wc_svr_last_line);                          \
+                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE            \
+            }                                                       \
+            wc_svr_last_file = __FILE__;                            \
+            wc_svr_last_line = __LINE__;                            \
+            _svr2_val = 0;                                          \
+        }                                                           \
+        _svr2_val;                                                  \
+    })
+
+#endif
+
+    #define ASSERT_SAVED_VECTOR_REGISTERS(fail_clause) do {         \
+        if (wc_svr_count <= 0) {                                    \
+            fprintf(stderr,                                         \
+                    ("ASSERT_SAVED_VECTOR_REGISTERS : %s @ L%d : "  \
+                    "wc_svr_count %d (last op %s L%d)\n"),          \
+                    __FILE__,                                       \
+                    __LINE__,                                       \
+                    wc_svr_count,                                   \
+                    wc_svr_last_file,                               \
+                    wc_svr_last_line);                              \
+            DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
+            { fail_clause }                                         \
+        }                                                           \
+    } while (0)
+    #define ASSERT_RESTORED_VECTOR_REGISTERS(fail_clause) do {      \
+        if (wc_svr_count != 0) {                                    \
+            fprintf(stderr,                                         \
+                    ("ASSERT_RESTORED_VECTOR_REGISTERS : %s @ L%d"  \
+                     " : wc_svr_count %d (last op %s L%d)\n"),      \
+                    __FILE__,                                       \
+                    __LINE__,                                       \
+                    wc_svr_count,                                   \
+                    wc_svr_last_file,                               \
+                    wc_svr_last_line);                              \
+            DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
+            { fail_clause }                                         \
+        }                                                           \
+    } while (0)
+    #define RESTORE_VECTOR_REGISTERS(...) do {                      \
+        --wc_svr_count;                                             \
+        if ((wc_svr_count > 4) || (wc_svr_count < 0)) {             \
+            fprintf(stderr,                                         \
+                    ("%s @ L%d : decr : "                           \
+                     "wc_svr_count %d (last op %s L%d)\n"),         \
+                    __FILE__,                                       \
+                    __LINE__,                                       \
+                    wc_svr_count,                                   \
+                    wc_svr_last_file,                               \
+                    wc_svr_last_line);                              \
+            DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
+        }                                                           \
+        wc_svr_last_file = __FILE__;                                \
+        wc_svr_last_line = __LINE__;                                \
+    } while(0)
+#endif
+
 #ifdef __cplusplus
     }  /* extern "C" */
 #endif
 
 #endif /* WOLFSSL_MEMORY_H */
-
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
index e433a1a3..8901733f 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/misc.h
@@ -102,12 +102,13 @@ void   ByteReverseWords64(word64* out, const word64* in, word32 byteCount);
 
 
 void c32to24(word32 in, word24 out);
-void c16toa(word16 u16, byte* c);
-void c32toa(word32 u32, byte* c);
-void c24to32(const word24 u24, word32* u32);
-void ato16(const byte* c, word16* u16);
-void ato24(const byte* c, word32* u24);
-void ato32(const byte* c, word32* u32);
+void c16toa(word16 wc_u16, byte* c);
+void c32toa(word32 wc_u32, byte* c);
+void c24to32(const word24 wc_u24, word32* wc_u32);
+void ato16(const byte* c, word16* wc_u16);
+void ato24(const byte* c, word32* wc_u24);
+void ato32(const byte* c, word32* wc_u32);
+void ato32le(const byte* c, word32* wc_u32);
 word32 btoi(byte b);
 
 WOLFSSL_LOCAL signed char HexCharToByte(char ch);
@@ -156,6 +157,26 @@ WOLFSSL_LOCAL void w64Zero(w64wrapper *a);
 
 #define WC_MISC_STATIC static
 
+/* Declarations for user defined functions */
+#ifdef WOLFSSL_NO_FORCE_ZERO
+void ForceZero(void* mem, word32 len);
+#endif
+#ifdef WOLFSSL_NO_CONST_CMP
+int ConstantCompare(const byte* a, const byte* b, int length);
+#endif
+#ifdef WOLFSSL_NO_INT_ENCODE
+void c32to24(word32 in, word24 out);
+void c16toa(word16 wc_u16, byte* c);
+void c32toa(word32 wc_u32, byte* c);
+#endif
+#ifdef WOLFSSL_NO_INT_DECODE
+void c24to32(const word24 wc_u24, word32* wc_u32);
+void ato24(const byte* c, word32* wc_u24);
+void ato16(const byte* c, word16* wc_u16);
+void ato32(const byte* c, word32* wc_u32);
+void ato32le(const byte* c, word32* wc_u32);
+word32 btoi(byte b);
+#endif
 #endif /* NO_INLINE */
 
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
index 8f28fdba..1e2733c8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/pkcs7.h
@@ -341,6 +341,7 @@ struct PKCS7 {
     byte*  cachedEncryptedContent;
     word32 cachedEncryptedContentSz;
     word16 contentCRLF:1; /* have content line endings been converted to CRLF */
+    word16 contentIsPkcs7Type:1; /* eContent follows PKCS#7 RFC not CMS */
     /* !! NEW DATA MEMBERS MUST BE ADDED AT END !! */
 };
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
index 4f61000a..f8d88ef8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h
@@ -22,108 +22,580 @@
 
 #define __ESP32_CRYPT_H__
 
-#include "wolfssl/wolfcrypt/settings.h"
-#include <wolfssl/wolfcrypt/types.h> /* for MATH_INT_T */
+/* WOLFSSL_USER_SETTINGS must be defined, typically in the CMakeLists.txt:
+ *
+ * set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -DWOLFSSL_USER_SETTINGS") */
+#include <wolfssl/wolfcrypt/settings.h> /* references user_settings.h */
+
+#if defined(WOLFSSL_ESPIDF) /* Entire file is only for Espressif EDP-IDF */
+
+#ifndef WOLFSSL_USER_SETTINGS
+    #error  "WOLFSSL_USER_SETTINGS must be defined for Espressif targts"
+#endif
 
-#include "esp_idf_version.h"
-#include "esp_types.h"
-#include "esp_log.h"
+#include "sdkconfig.h" /* ensure ESP-IDF settings are available everywhere */
 
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+/* wolfSSL  */
+#include <wolfssl/wolfcrypt/error-crypt.h>
+#include <wolfssl/wolfcrypt/types.h>    /* for MATH_INT_T */
+
+/* Espressif */
+#include <esp_idf_version.h>
+#include <esp_types.h>
+#include <esp_log.h>
+
+/* exit codes to be used in tfm.c, sp_int.c, integer.c, etc.
+ *
+ * see wolfssl/wolfcrypt/error-crypt.h
+ *
+ * WC_HW_E - generic hardware failure. Consider falling back to SW.
+ * WC_HW_WAIT_E - waited too long for HW, fall back to SW
+ */
+
+/* Exit codes only used in Espressif port: */
+enum {
+    ESP_MP_HW_FALLBACK          = (WC_LAST_E - 2),
+    ESP_MP_HW_VALIDATION_ACTIVE = (WC_LAST_E - 3)
+};
+
+/* MP_HW_FALLBACK: signal to caller to fall back to SW for math:
+ *   algorithm not supported in SW
+ *   known state needing only SW, (e.g. ctx copy)
+ *   any other reason to force SW  (was -108)*/
+#define MP_HW_FALLBACK ESP_MP_HW_FALLBACK
+
+/* MP_HW_VALIDATION_ACTIVE this is informative only:
+ * typically also means "MP_HW_FALLBACK": fall back to SW.
+ *  optional HW validation active, so compute in SW to compare.
+ *  fall back to SW, typically only used during debugging. (was -109)
+ */
+#define MP_HW_VALIDATION_ACTIVE ESP_MP_HW_VALIDATION_ACTIVE
+
+/*
+*******************************************************************************
+*******************************************************************************
+** Global Settings:
+**
+**   Settings that start with "CONFIG_" are typically defined in sdkconfig.h
+**
+** Primary Settings:
+**
+** WC_NO_HARDEN
+**   Disables some timing resistance / side-channel attack prevention.
+**
+** NO_ESPIDF_DEFAULT
+**   When defined, disables some default definitions. See wolfcrypt/settings.h
+**
+** NO_ESP32_CRYPT
+**   When defined, disables all hardware acceleration on the ESP32
+**
+** NO_WOLFSSL_ESP32_CRYPT_HASH
+**   Used to disabled only hash hardware, all algorithms: SHA2, etc.
+**
+**   NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+**     When defined, disables only SHA hardware acceleration, uses SW.
+**
+**   NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+**     When defined, disables only SHA-224 hardware acceleration, uses SW.
+**
+**   NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+**     When defined, disables only SHA-384 hardware acceleration, uses SW.
+**
+**   NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+**     When defined, disables only SHA-256 hardware acceleration, uses SW.
+**
+**   NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+**     When defined, disables only SHA-512 hardware acceleration, uses SW.
+**
+** WOLFSSL_NOSHA512_224
+**   Define to disable SHA-512/224
+**
+** WOLFSSL_NOSHA512_256
+**   Define to disable SHA-512/512
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI
+**   Defined in wolfSSL settings.h: this turns on or off esp32_mp math library.
+**   Unless turned off, this is enabled by default for the ESP32
+**
+**   NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+**     Turns off hardware acceleration esp_mp_mul()
+**
+**   NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+**     Turns off hardware acceleration esp_mp_exptmod()
+**
+**   NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+**     Turns off hardware acceleration esp_mp_mulmod()
+**
+** NO_WOLFSSL_ESP32_CRYPT_AES
+**   Used to disable only AES hardware algorithms. Software used instead.
+**
+*******************************************************************************
+** Math library settings: TFM
+*******************************************************************************
+** Listed in increasing order of complexity:
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+**   When defined, use hardware acceleration esp_mp_mul()
+**   for Large Number Multiplication: Z = X * Y
+**   Currently defined by default in tfm.c, see above to disable.
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
+**   When defined, use hardware acceleration esp_mp_exptmod()
+**   for Large Number Modular Exponentiation Z = X^Y mod M
+**   Currently defined by default in tfm.c, see above to disable.
+**
+** WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
+**   When defined, use hardware acceleration esp_mp_mulmod()
+**   for Large Number Modular Multiplication: Z = X * Y mod M
+**   Currently defined by default in tfm.c, see above to disable.
+**
+**
+*******************************************************************************
+** Optional Settings:
+*******************************************************************************
+**
+** WOLFSSL_HW_METRICS
+**   Enables metric counters for calls to HW, success, fall back, oddities.
+**
+** WOLFSSL_HAS_METRICS
+**   Indicates that we actually have metrics to show. Useful for old wolfSSL
+**   libraries tested with newer examples, or when all HW turned off.
+**
+** DEBUG_WOLFSSL
+**   Turns on development testing. Validates HW accelerated results to software
+**   - Automatically turns on WOLFSSL_HW_METRICS
+**
+** DEBUG_WOLFSSL_SHA_MUTEX
+**   Turns on diagnostic messages for SHA mutex. Note that given verbosity,
+**   there may be TLS timing issues encountered. Use with caution.
+**
+** LOG_LOCAL_LEVEL
+**   Debugging. Default value is ESP_LOG_DEBUG
+**
+** ESP_VERIFY_MEMBLOCK
+**   Used to re-read data from registers in esp32_mp & verify written contents
+**   actually match the source data.
+**
+** WOLFSSL_ESP32_CRYPT_DEBUG
+**   When defined, enables hardware cryptography debugging.
+**
+** WOLFSSL_DEBUG_ESP_RSA_MULM_BITS
+**   Shows a warning when mulm falls back for minimum number of bits.
+**
+** NO_HW_MATH_TEST
+**   Even if HW is enabled, do not run HW math tests. See HW_MATH_ENABLED.
+**
+** NO_ESP_MP_MUL_EVEN_ALT_CALC
+**   Used during Z = X × Y mod M
+**   By default, even moduli use a two step HW esp_mp_mul with SW mp_mod.
+**   Enable this to instead fall back to pure software mp_mulmod.
+**
+** NO_RECOVER_SOFTWARE_CALC
+**   When defined, will NOT recover software calculation result when not
+**   matched with hardware. Useful only during development. Needs DEBUG_WOLFSSL
+**
+** ESP_PROHIBIT_SMALL_X
+**   When set to 1 X operands less than 8 bits will fall back to SW.
+**
+** ESP_NO_ERRATA_MITIGATION
+**   Disable all errata mitigation code.
+**
+** USE_ESP_DPORT_ACCESS_READ_BUFFER
+**   Sets ESP_NO_ERRATA_MITIGATION and uses esp_dport_access_read_buffer()
+**
+** ESP_MONITOR_HW_TASK_LOCK
+**   Although wolfSSL is in general not fully thread safe, this option
+**   enables some features that can be useful in a multi-threaded environment.
+**
+*******************************************************************************
+** Settings used from <esp_idf_version.h>
+**   see .\esp-idf\v[N]\components\esp_common\include
+*******************************************************************************
+**
+** ESP_IDF_VERSION_MAJOR
+**   Espressif ESP-IDF Version (e.g. 4, 5)
+**
+*******************************************************************************
+** Settings used from ESP-IDF (sdkconfig.h)
+*******************************************************************************
+**
+** CONFIG_IDF_TARGET_[SoC]
+**   CONFIG_IDF_TARGET_ESP32
+**   CONFIG_IDF_TARGET_ESP32C2
+**   CONFIG_IDF_TARGET_ESP32C3
+**   CONFIG_IDF_TARGET_ESP32C6
+**   CONFIG_IDF_TARGET_ESP32S2
+**   CONFIG_IDF_TARGET_ESP32S3
+**   CONFIG_IDF_TARGET_ESP32H2
+**
+]*******************************************************************************
+** Informative settings. Not meant to be edited:
+*******************************************************************************
+**
+** HW_MATH_ENABLED
+**   Used to detect if any hardware math acceleration algorithms are used.
+**   This is typically only used to flag wolfCrypt tests to run HW tests.
+**   See NO_HW_MATH_TEST.
+**
+*******************************************************************************
+*/
+#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
     #undef LOG_LOCAL_LEVEL
     #define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
 #else
     #undef LOG_LOCAL_LEVEL
-    #define LOG_LOCAL_LEVEL ESP_LOG_DEBUG
+    #define LOG_LOCAL_LEVEL CONFIG_LOG_DEFAULT_LEVEL
 #endif
 
 #include <freertos/FreeRTOS.h>
-#if defined(CONFIG_IDF_TARGET_ESP32C3)
-    /* no includes for ESP32C3 at this time (no HW implemented yet) */
-#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+
+#if defined(CONFIG_IDF_TARGET_ESP32)
+    /* there's no SHA-224 HW on the ESP32 */
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
     #include "soc/dport_reg.h"
-    #include "soc/hwcrypto_reg.h"
+    #include <soc/hwcrypto_reg.h>
+
+    #if ESP_IDF_VERSION_MAJOR < 5
+        #include <soc/cpu.h>
+    #endif
+
     #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
-        #include "esp_private/periph_ctrl.h"
+        #include <esp_private/periph_ctrl.h>
     #else
-        #include "driver/periph_ctrl.h"
+        #include <driver/periph_ctrl.h>
     #endif
-#else
-    #include "soc/dport_reg.h"
-    #include "soc/hwcrypto_reg.h"
+
+    #if ESP_IDF_VERSION_MAJOR >= 4
+        #include <esp32/rom/ets_sys.h>
+    #else
+        #include <rom/ets_sys.h>
+    #endif
+    #define ESP_PROHIBIT_SMALL_X FALSE
+    /***** END CONFIG_IDF_TARGET_ESP32 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+      defined(CONFIG_IDF_TARGET_ESP8684)
+    /* ESP8684 is essentially ESP32-C2 chip + flash embedded together in a
+     * single QFN 4x4 mm package. Out of released documentation, Technical
+     * Reference Manual as well as ESP-IDF Programming Guide is applicable
+     * to both ESP32-C2 and ESP8684.
+     *
+     * Note there is not currently an expected CONFIG_IDF_TARGET_ESP8684.
+     * The ESP8684 is detected with CONFIG_IDF_TARGET_ESP32C2.
+     * The macro is included for clarity, and possible future rename. */
+
+    /* #define NO_ESP32_CRYPT */
+    /* #define NO_WOLFSSL_ESP32_CRYPT_HASH */
+    #define NO_WOLFSSL_ESP32_CRYPT_AES /* No AES HW */
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI /* No RSA HW*/
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL /* No RSA, so no mp_mul    */
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD /* No RSA, so no mp_mulmod */
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD /* No RSA, no mp_exptmod  */
+
+    #include <soc/dport_access.h>
+    #include <soc/hwcrypto_reg.h>
 
     #if ESP_IDF_VERSION_MAJOR < 5
-        #include "soc/cpu.h"
+        #include <soc/cpu.h>
     #endif
 
     #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
-        #include "esp_private/periph_ctrl.h"
+        #include <esp_private/periph_ctrl.h>
     #else
-        #include "driver/periph_ctrl.h"
+        #include <driver/periph_ctrl.h>
     #endif
 
     #if ESP_IDF_VERSION_MAJOR >= 4
-        #include <esp32/rom/ets_sys.h>
+        /* #include <esp32/rom/ets_sys.h> */
     #else
         #include <rom/ets_sys.h>
     #endif
 
+/* If for some reason there's a desire to disable specific HW on the C2: */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA                              */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA     there is SHA HW on C2    */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224                           */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224  there is SHA224 HW on C2 */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256                           */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256  there is SHA256 HW on C2 */
+
+    /* Code will fall back to SW with warning if these are removed:
+     * Note there is no SHA384/SHA512 HW on ESP32-C3 */
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    /***** END CONFIG_IDF_TARGET_ESP32C2 aka CONFIG_IDF_TARGET_ESP8684 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C3)
+    #include <soc/dport_access.h>
+    #include <soc/hwcrypto_reg.h>
+
+    #if ESP_IDF_VERSION_MAJOR < 5
+        #include <soc/cpu.h>
+    #endif
+
+    #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+        #include <esp_private/periph_ctrl.h>
+    #else
+        #include <driver/periph_ctrl.h>
+    #endif
+
+    #if ESP_IDF_VERSION_MAJOR >= 4
+    /* #include <esp32/rom/ets_sys.h> */
+    #else
+        #include <rom/ets_sys.h>
+    #endif
+
+/* If for some reason there's a desire to disable specific HW on the C3: */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA                              */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA     there is SHA HW on C3    */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224                           */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224  there is SHA224 HW on C3 */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256                           */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256  there is SHA256 HW on C3 */
+
+    /* Code will fall back to SW with warning if these are removed:
+     * Note there is no SHA384/SHA512 HW on ESP32-C3 */
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    /***** END CONFIG_IDF_TARGET_ESP32C3 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32C6)
+    #include <soc/dport_access.h>
+    #include <soc/hwcrypto_reg.h>
+
+    #if ESP_IDF_VERSION_MAJOR < 5
+        #include <soc/cpu.h>
+    #endif
+
+    #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+        #include <esp_private/periph_ctrl.h>
+    #else
+        #include <driver/periph_ctrl.h>
+    #endif
+
+    #if ESP_IDF_VERSION_MAJOR >= 4
+        /* #include <esp32/rom/ets_sys.h> */
+    #else
+        #include <rom/ets_sys.h>
+    #endif
+
+/* If for some reason there's a desire to disable specific SHA HW on the C6: */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA                                  */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA     there *is* SHA HW on C6      */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224                               */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224  there *is* SHA224 HW on C6   */
+/*  #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256                               */
+/*  #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256  there *is* SHA225 HW on C6   */
+
+    /* Code will fall back to SW with warning if these are removed:
+     * note there is no SHA384/SHA512 HW on C6 */
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    /***** END CONFIG_IDF_TARGET_ESP32C6 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S2)
+    #include "soc/dport_reg.h"
+    #include <soc/hwcrypto_reg.h>
+    #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+        #include <esp_private/periph_ctrl.h>
+    #else
+        #include <driver/periph_ctrl.h>
+    #endif
+    #define ESP_PROHIBIT_SMALL_X 0
+    /***** END CONFIG_IDF_TARGET_ESP32S2 *****/
+
+#elif defined(CONFIG_IDF_TARGET_ESP32S3)
+    #include "soc/dport_reg.h"
+    #include <soc/hwcrypto_reg.h>
+    #if defined(ESP_IDF_VERSION_MAJOR) && ESP_IDF_VERSION_MAJOR >= 5
+        #include <esp_private/periph_ctrl.h>
+    #else
+        #include <driver/periph_ctrl.h>
+    #endif
+    #define ESP_PROHIBIT_SMALL_X 0
+
+#else
+    /* not yet supported. no HW */
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA384
+    #undef  NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512
+    /***** END CONFIG_IDF_TARGET_[x] config unknown *****/
+
+#endif /* CONFIG_IDF_TARGET target check */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #if defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL) && \
+        defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD) && \
+        defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD)
+        #warning "MP_MUL, MULMOD, EXPTMOD all turned off. " && \
+                 "Define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI to disable all math HW"
+        #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #endif
+#endif /* !NO_WOLFSSL_ESP32_CRYPT_RSA_PRI */
+
+#if defined(USE_ESP_DPORT_ACCESS_READ_BUFFER)
+    #define ESP_NO_ERRATA_MITIGATION
 #endif
 
+#ifdef SINGLE_THREADED
+    #undef ESP_MONITOR_HW_TASK_LOCK
+#else
+    /* Unless explicitly disabled, monitor task lock when not single thread. */
+    #ifndef ESP_DISABLE_HW_TASK_LOCK
+        #define ESP_MONITOR_HW_TASK_LOCK
+    #endif
+#endif
 
 #ifdef __cplusplus
-    extern "C" {
+extern "C"
+{
 #endif
 
-int esp_ShowExtendedSystemInfo(void);
+/*
+******************************************************************************
+** Some common esp utilities
+******************************************************************************
+*/
 
-int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
-int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex, TickType_t xBloxkTime);
-int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
+    WOLFSSL_LOCAL int esp_ShowExtendedSystemInfo(void);
 
-#ifndef NO_AES
+    /* Compare MATH_INT_T A to MATH_INT_T B
+     * During debug, the strings name_A and name_B can help
+     * identify variable name. */
+    WOLFSSL_LOCAL int esp_mp_cmp(char* name_A, MATH_INT_T* A,
+                                 char* name_B, MATH_INT_T* B);
+
+    /* Show MATH_INT_T value attributes.  */
+    WOLFSSL_LOCAL int esp_show_mp_attributes(char* c, MATH_INT_T* X);
+
+    /* Show MATH_INT_T value.
+     *
+     * Calls esp_show_mp_attributes().
+     *
+     * During debug, the string name_A can help
+     * identify variable name. */
+    WOLFSSL_LOCAL int esp_show_mp(char* name_X, MATH_INT_T* X);
+
+    /* To use a Mutex, it must first be initialized. */
+    WOLFSSL_LOCAL int esp_CryptHwMutexInit(wolfSSL_Mutex* mutex);
+
+    /*  Take the mutex to indicate the HW is in use.  Wait up to [block_time].
+     *  When the HW in use the mutex will be locked. */
+    WOLFSSL_LOCAL int esp_CryptHwMutexLock(wolfSSL_Mutex* mutex,
+                                           TickType_t block_time);
 
+    /* Release the mutex to indicate the HW is no longer in use. */
+    WOLFSSL_LOCAL int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
+
+    /* Validation active check. When active, we'll fall back to SW. */
+    WOLFSSL_LOCAL int esp_hw_validation_active(void);
+
+/*
+*******************************************************************************
+** AES features:
+*******************************************************************************
+*/
+
+#ifndef NO_AES
     #if ESP_IDF_VERSION_MAJOR >= 4
         #include "esp32/rom/aes.h"
     #else
         #include "rom/aes.h"
     #endif
 
-    typedef enum tagES32_AES_PROCESS {
-        ESP32_AES_LOCKHW = 1,
+    typedef enum tagES32_AES_PROCESS /* TODO what's this ? */
+    {
+        ESP32_AES_LOCKHW            = 1,
         ESP32_AES_UPDATEKEY_ENCRYPT = 2,
         ESP32_AES_UPDATEKEY_DECRYPT = 3,
         ESP32_AES_UNLOCKHW          = 4
     } ESP32_AESPROCESS;
 
     struct Aes; /* see aes.h */
-    int wc_esp32AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
-    int wc_esp32AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in, word32 sz);
-    int wc_esp32AesEncrypt(struct Aes *aes, const byte* in, byte* out);
-    int wc_esp32AesDecrypt(struct Aes *aes, const byte* in, byte* out);
-
+#if  defined(WOLFSSL_HW_METRICS)
+    WOLFSSL_LOCAL int esp_hw_show_aes_metrics(void);
+    WOLFSSL_LOCAL int wc_esp32AesUnupportedLengthCountAdd(void);
 #endif
-
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT_DEBUG
+    WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLenValue(int keylen);
+    WOLFSSL_LOCAL int wc_esp32AesSupportedKeyLen(struct Aes* aes);
+
+    WOLFSSL_LOCAL int wc_esp32AesCbcEncrypt(struct Aes* aes,
+                                            byte*  out,
+                                            const  byte* in,
+                                            word32 sz);
+    WOLFSSL_LOCAL int wc_esp32AesCbcDecrypt(struct Aes* aes,
+                                            byte*  out,
+                                            const  byte* in,
+                                            word32 sz);
+    WOLFSSL_LOCAL int wc_esp32AesEncrypt(   struct Aes* aes,
+                                            const  byte* in,
+                                            byte*  out);
+    WOLFSSL_LOCAL int wc_esp32AesDecrypt(   struct Aes* aes,
+                                            const  byte* in,
+                                            byte*  out);
+#endif /* ! NO_AES */
+
+#ifdef WOLFSSL_ESP32_CRYPT_DEBUG
 
     void wc_esp32TimerStart(void);
-    uint64_t  wc_esp32elapsedTime(void);
+    uint64_t wc_esp32elapsedTime(void);
 
-#endif /* WOLFSSL_ESP32WROOM32_CRYPT_DEBUG */
+#endif /* WOLFSSL_ESP32_CRYPT_DEBUG */
 
-#if !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH) &&     \
+/*
+*******************************************************************************
+** Cryptographic hash algorithms (e.g. SHA[x]):
+*******************************************************************************
+*/
+
+#if !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) &&     \
    (!defined(NO_SHA) || !defined(NO_SHA256) ||          \
      defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512) \
    )
 
-    /* RAW hash function APIs are not implemented with esp32 hardware acceleration*/
-    #define WOLFSSL_NO_HASH_RAW
     #define SHA_CTX ETS_SHAContext
 
     #if ESP_IDF_VERSION_MAJOR >= 4
-        #include "esp32/rom/sha.h"
-    #elif defined(CONFIG_IDF_TARGET_ESP32S3)
-         #include "esp32s3/rom/sha.h"
+        #if defined(CONFIG_IDF_TARGET_ESP32)
+            #include "esp32/rom/sha.h"
+            #define WC_ESP_SHA_TYPE enum SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32C2) || \
+              defined(CONFIG_IDF_TARGET_ESP8684)
+            #include "esp32c2/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32C3)
+            #include "esp32c3/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32C6)
+            #include "esp32c6/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32H2)
+            #include "esp32h2/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32S2)
+            #include "esp32s2/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #elif defined(CONFIG_IDF_TARGET_ESP32S3)
+            #include "esp32s3/rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #else
+            #include "rom/sha.h"
+            #define WC_ESP_SHA_TYPE SHA_TYPE
+        #endif
     #else
         #include "rom/sha.h"
     #endif
@@ -136,6 +608,7 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
         ESP32_SHA_HW               = 1,
         ESP32_SHA_SW               = 2,
         ESP32_SHA_HW_COPY          = 3,
+        ESP32_SHA_FREED            = 4,
         ESP32_SHA_FAIL_NEED_UNROLL = -1
     } ESP32_MODE;
 
@@ -143,6 +616,9 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
     {
         /* pointer to object the initialized HW; to track copies */
         void* initializer;
+#ifndef SINGLE_THREADED
+        void* task_owner;
+#endif
 
         /* an ESP32_MODE value; typically:
         **   0 init,
@@ -154,56 +630,86 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
         **
         **  the Espressif type: SHA1, SHA256, etc.
         */
-        enum SHA_TYPE sha_type;
+
+        WC_ESP_SHA_TYPE sha_type;
 
         /* we'll keep track of our own locks.
         ** actual enable/disable only occurs for ref_counts[periph] == 0
         **
         **  see ref_counts[periph] in periph_ctrl.c */
-        byte lockDepth:7;   /* 7 bits for a small number, pack with below. */
+        byte lockDepth : 7; /* 7 bits for a small number, pack with below. */
 
         /* 0 (false) this is NOT first block.
         ** 1 (true ) this is first block.  */
-        byte isfirstblock:1; /* 1 bit only for true / false */
+        byte isfirstblock : 1; /* 1 bit only for true / false */
     } WC_ESP32SHA;
 
-    int esp_sha_init(WC_ESP32SHA* ctx, enum wc_HashType hash_type);
-    int esp_sha_init_ctx(WC_ESP32SHA* ctx);
-    int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
-    int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_need_byte_reversal(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_init(WC_ESP32SHA* ctx,
+                                   enum wc_HashType hash_type);
+    WOLFSSL_LOCAL int esp_sha_init_ctx(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_try_hw_lock(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_hw_unlock(WC_ESP32SHA* ctx);
+
+    /* esp_sha_hw_islocked: returns 0 if not locked, otherwise owner address */
+    WOLFSSL_LOCAL int esp_sha_hw_islocked(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_call_count();
+    WOLFSSL_LOCAL int esp_sha_lock_count();
+    WOLFSSL_LOCAL int esp_sha_release_unfinished_lock(WC_ESP32SHA* ctx);
+    WOLFSSL_LOCAL int esp_sha_set_stray(WC_ESP32SHA* ctx);
 
     struct wc_Sha;
-    int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
-    int esp_sha_digest_process(struct wc_Sha* sha, byte blockprocess);
-    int esp_sha_process(struct wc_Sha* sha, const byte* data);
+    WOLFSSL_LOCAL int esp_sha_ctx_copy(struct wc_Sha* src, struct wc_Sha* dst);
+    WOLFSSL_LOCAL int esp_sha_digest_process(struct wc_Sha* sha,
+                                             byte blockprocess);
+    WOLFSSL_LOCAL int esp_sha_process(struct wc_Sha* sha, const byte* data);
+
+#ifdef WOLFSSL_DEBUG_MUTEX
+    /* testing HW release in task that did not lock */
+    extern WC_ESP32SHA* stray_ctx;
+#endif
 
-    #ifndef NO_SHA256
-        struct wc_Sha256;
-        int esp_sha224_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
-        int esp_sha256_ctx_copy(struct wc_Sha256* src, struct wc_Sha256* dst);
-        int esp_sha256_digest_process(struct wc_Sha256* sha, byte blockprocess);
-        int esp_sha256_process(struct wc_Sha256* sha, const byte* data);
-        int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256, const byte* data);
-    #endif
+#ifndef NO_SHA256
+    struct wc_Sha256;
+    WOLFSSL_LOCAL int esp_sha224_ctx_copy(struct wc_Sha256* src,
+                                          struct wc_Sha256* dst);
+    WOLFSSL_LOCAL int esp_sha256_ctx_copy(struct wc_Sha256* src,
+                                          struct wc_Sha256* dst);
+    WOLFSSL_LOCAL int esp_sha256_digest_process(struct wc_Sha256* sha,
+                                                byte blockprocess);
+    WOLFSSL_LOCAL int esp_sha256_process(struct wc_Sha256* sha,
+                                         const byte* data);
+    WOLFSSL_LOCAL int esp32_Transform_Sha256_demo(struct wc_Sha256* sha256,
+                                                  const byte* data);
+#endif
 
-    /* TODO do we really call esp_sha512_process for WOLFSSL_SHA384 ? */
     #if defined(WOLFSSL_SHA512) || defined(WOLFSSL_SHA384)
-        struct wc_Sha512;
-        int esp_sha384_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
-        int esp_sha512_ctx_copy(struct wc_Sha512* src, struct wc_Sha512* dst);
-        int esp_sha512_process(struct wc_Sha512* sha);
-        int esp_sha512_digest_process(struct wc_Sha512* sha, byte blockproc);
-    #endif
+    struct wc_Sha512;
+    WOLFSSL_LOCAL int esp_sha384_ctx_copy(struct wc_Sha512* src,
+                                          struct wc_Sha512* dst);
+    WOLFSSL_LOCAL int esp_sha512_ctx_copy(struct wc_Sha512* src,
+                                          struct wc_Sha512* dst);
+    WOLFSSL_LOCAL int esp_sha512_process(struct wc_Sha512* sha);
+    WOLFSSL_LOCAL int esp_sha512_digest_process(struct wc_Sha512* sha,
+                                                byte blockproc);
+#endif
 
-#endif /* NO_SHA && */
+#endif /* NO_SHA && etc */
 
 
+/*
+*******************************************************************************
+** RSA Big Math
+*******************************************************************************
+*/
+
 #if !defined(NO_RSA) || defined(HAVE_ECC)
 
     #if !defined(ESP_RSA_TIMEOUT_CNT)
         #define ESP_RSA_TIMEOUT_CNT     0x249F00
     #endif
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD
     /*
      * The parameter names in the Espressif implementation are arbitrary.
      *
@@ -214,29 +720,143 @@ int esp_CryptHwMutexUnLock(wolfSSL_Mutex* mutex);
 
     /* Z = (X ^ Y) mod M   : Espressif generic notation    */
     /* Y = (G ^ X) mod P   : wolfSSL DH reference notation */
-    int esp_mp_exptmod(MATH_INT_T* X,    /* G  */
-                       MATH_INT_T* Y,    /* X  */
-                       word32 Xbits, /* Ys   typically = mp_count_bits (X) */
-                       MATH_INT_T* M,    /* P  */
-                       MATH_INT_T* Z);   /* Y  */
-
-    /* Z = X * Y */
-    int esp_mp_mul(MATH_INT_T* X,
-                   MATH_INT_T* Y,
-                   MATH_INT_T* Z);
+    WOLFSSL_LOCAL int esp_mp_exptmod(MATH_INT_T* X,    /* G  */
+                                     MATH_INT_T* Y,    /* X  */
+                                     MATH_INT_T* M,    /* P  */
+                                     MATH_INT_T* Z);   /* Y  */
 
+    /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+    #undef  HW_MATH_ENABLED
+    #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_EXPTMOD */
 
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL
+    /* Z = X * Y */
+    WOLFSSL_LOCAL int esp_mp_mul(MATH_INT_T* X,
+                                 MATH_INT_T* Y,
+                                 MATH_INT_T* Z);
+    /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+    #undef  HW_MATH_ENABLED
+    #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MP_MUL */
+
+#ifndef NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD
     /* Z = X * Y (mod M) */
-    int esp_mp_mulmod(MATH_INT_T* X,
-                      MATH_INT_T* Y,
-                      MATH_INT_T* M,
-                      MATH_INT_T* Z);
+    WOLFSSL_LOCAL int esp_mp_mulmod(MATH_INT_T* X,
+                                    MATH_INT_T* Y,
+                                    MATH_INT_T* M,
+                                    MATH_INT_T* Z);
+    /* HW_MATH_ENABLED is typically used in wolfcrypt tests */
+    #undef  HW_MATH_ENABLED
+    #define HW_MATH_ENABLED
+#endif /* ! NO_WOLFSSL_ESP32_CRYPT_RSA_PRI_MULMOD */
 
 #endif /* !NO_RSA || HAVE_ECC*/
 
+
+/* Optionally enable some metrics to count interesting usage */
+/*
+*******************************************************************************
+** Usage metrics
+*******************************************************************************
+*/
+#ifdef WOLFSSL_HW_METRICS
+    #define WOLFSSL_HAS_METRICS
+
+    /* Allow sha256 code to keep track of SW fallback during active HW */
+    WOLFSSL_LOCAL int esp_sw_sha256_count_add();
+
+    /* show MP HW Metrics*/
+    WOLFSSL_LOCAL int esp_hw_show_mp_metrics(void);
+
+    /* show SHA HW Metrics*/
+    WOLFSSL_LOCAL int esp_hw_show_sha_metrics(void);
+
+    /* show all HW Metrics*/
+    WOLFSSL_LOCAL int esp_hw_show_metrics(void);
+#endif
+
+/*
+ * Errata Mitigation. See
+ * https://www.espressif.com/sites/default/files/documentation/esp32_errata_en.pdf
+ * https://www.espressif.com/sites/default/files/documentation/esp32-c3_errata_en.pdf
+ * https://www.espressif.com/sites/default/files/documentation/esp32-s3_errata_en.pdf
+ */
+#define ESP_MP_HW_LOCK_MAX_DELAY ( TickType_t ) 0xffUL
+
+#if defined(CONFIG_IDF_TARGET_ESP32) && !defined(ESP_NO_ERRATA_MITIGATION)
+    /* some of these may be tuned for specific silicon versions */
+    #define ESP_EM__MP_HW_WAIT_CLEAN     {__asm__ __volatile__("memw");}
+    #define ESP_EM__MP_HW_WAIT_DONE      {__asm__ __volatile__("memw");}
+    #define ESP_EM__POST_SP_MP_HW_LOCK   {__asm__ __volatile__("memw");}
+    #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {__asm__ __volatile__("memw");}
+    #define ESP_EM__PRE_DPORT_READ       {__asm__ __volatile__("memw");}
+    #define ESP_EM__PRE_DPORT_WRITE      {__asm__ __volatile__("memw");}
+
+    /* Non-FIFO read may not be needed in chip revision v3.0. */
+    #define ESP_EM__READ_NON_FIFO_REG    {DPORT_SEQUENCE_REG_READ(0x3FF40078);}
+
+    /* When the CPU frequency is 160 MHz, add six �nop� between two consecutive
+    ** FIFO reads. When the CPU frequency is 240 MHz, add seven �nop� between
+    ** two consecutive FIFO reads.  See 3.16 */
+    #if defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_80)
+        #define ESP_EM__3_16 { \
+            __asm__ __volatile__("memw");              \
+            __asm__ __volatile__("nop"); /* 1 */       \
+            __asm__ __volatile__("nop"); /* 2 */       \
+            __asm__ __volatile__("nop"); /* 3 */       \
+            __asm__ __volatile__("nop"); /* 4 */       \
+            __asm__ __volatile__("nop"); /* 5 */       \
+        };
+    #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_160)
+        #define ESP_EM__3_16 { \
+            __asm__ __volatile__("memw");              \
+            __asm__ __volatile__("nop"); /* 1 */       \
+            __asm__ __volatile__("nop"); /* 2 */       \
+            __asm__ __volatile__("nop"); /* 3 */       \
+            __asm__ __volatile__("nop"); /* 4 */       \
+            __asm__ __volatile__("nop"); /* 5 */       \
+            __asm__ __volatile__("nop"); /* 6 */       \
+            __asm__ __volatile__("nop"); /* 7 */       \
+            __asm__ __volatile__("nop"); /* 8 */       \
+        };
+    #elif defined(CONFIG_ESP_DEFAULT_CPU_FREQ_MHZ_240)
+        #define ESP_EM__3_16 { \
+            __asm__ __volatile__("memw");              \
+            __asm__ __volatile__("nop"); /* 1 */       \
+            __asm__ __volatile__("nop"); /* 2 */       \
+            __asm__ __volatile__("nop"); /* 3 */       \
+            __asm__ __volatile__("nop"); /* 4 */       \
+            __asm__ __volatile__("nop"); /* 5 */       \
+            __asm__ __volatile__("nop"); /* 6 */       \
+            __asm__ __volatile__("nop"); /* 7 */       \
+            __asm__ __volatile__("nop"); /* 8 */       \
+            __asm__ __volatile__("nop"); /* 9 */       \
+        };
+    #else
+        #define ESP_EM__3_16  {};
+    #endif
+
+    #define ESP_EM__POST_PROCESS_START { ESP_EM__3_16 };
+    #define ESP_EM__DPORT_FIFO_READ    { ESP_EM__3_16 };
+#else
+    #define ESP_EM__3_16                 {};
+    #define ESP_EM__MP_HW_WAIT_CLEAN     {};
+    #define ESP_EM__MP_HW_WAIT_DONE      {};
+    #define ESP_EM__POST_SP_MP_HW_LOCK   {};
+    #define ESP_EM__PRE_MP_HW_WAIT_CLEAN {};
+    #define ESP_EM__POST_PROCESS_START   {};
+    #define ESP_EM__DPORT_FIFO_READ      {};
+    #define ESP_EM__READ_NON_FIFO_REG    {};
+    #define ESP_EM__PRE_DPORT_READ       {};
+    #define ESP_EM__PRE_DPORT_WRITE      {};
+#endif
+
 /* end c++ wrapper */
 #ifdef __cplusplus
 }
 #endif
 
+#endif /* WOLFSSL_ESPIDF (entire contents excluded when not Espressif ESP-IDF) */
+
 #endif  /* __ESP32_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h
new file mode 100644
index 00000000..9671fafa
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h
@@ -0,0 +1,345 @@
+/* renesas-fspsm-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef __RENESAS_FSPSM_CRYPT_H__
+#define __RENESAS_FSPSM_CRYPT_H__
+
+
+#include <wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define WOLFSSL_FSPSM_ILLEGAL_CIPHERSUITE     -1
+#define MAX_FSPSM_CBINDEX 5
+
+typedef void* FSPSM_W_KEYVAR;
+
+/* flsgas related to TLS */
+struct FSPSM_tls_flg_ST {
+    uint8_t pk_key_set:1;
+    uint8_t session_key_set:1;
+};
+
+/* flags Crypt Only */
+struct FSPSM_key_flg_ST {
+    uint8_t aes256_installedkey_set:1;
+    uint8_t aes128_installedkey_set:1;
+    uint8_t rsapri2048_installedkey_set:1;
+    uint8_t rsapub2048_installedkey_set:1;
+    uint8_t rsapri1024_installedkey_set:1;
+    uint8_t rsapub1024_installedkey_set:1;
+    uint8_t message_type:1;/*message 0, hashed 1*/
+};
+
+typedef struct FSPSM_tag_ST {
+    /* unique number for each session */
+    int devId;
+   #if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+        !defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    /* out from R_SCE_TLS_ServerKeyExchangeVerify */
+    uint32_t
+        encrypted_ephemeral_ecdh_public_key[FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ];
+    /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */
+    sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key;
+    uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE];
+
+    uint32_t    masterSecret[FSPSM_TLS_MASTERSECRET_SIZE/4];
+    uint8_t     clientRandom[FSPSM_TLS_CLIENTRANDOM_SZ];
+    uint8_t     serverRandom[FSPSM_TLS_SERVERRANDOM_SZ];
+    uint8_t     cipher;
+
+   #endif
+
+    /* installed key handling */
+    /* aes */
+    FSPSM_W_KEYVAR   wrapped_key_aes256;
+    FSPSM_W_KEYVAR   wrapped_key_aes128;
+
+   #if defined(WOLFSSL_RENESAS_FSPSM_CRYPTONLY)
+    /* rsa */
+    FSPSM_W_KEYVAR   wrapped_key_rsapri2048;
+    FSPSM_W_KEYVAR   wrapped_key_rsapub2048;
+    FSPSM_W_KEYVAR   wrapped_key_rsapri1024;
+    FSPSM_W_KEYVAR   wrapped_key_rsapub1024;
+   #endif
+
+   #if defined(WOLFSSL_RENESAS_RSIP)
+    uint8_t hash_type;
+   #endif
+    /* key status flags */
+    /* flag whether encrypted ec key is set */
+    union {
+        uint8_t chr;
+        struct FSPSM_tls_flg_ST bits;
+    } keyflgs_tls;
+    /* key status flags */
+    /* flags shows status if wrapped keys are installed */
+    union {
+        uint8_t chr;
+        struct FSPSM_key_flg_ST bits;
+    } keyflgs_crypt;
+} FSPSM_ST;
+
+typedef struct tagPKCbInfo {
+    FSPSM_ST    *user_PKCbInfo[MAX_FSPSM_CBINDEX];
+    uint32_t    num_session;
+} FSPSM_ST_PKC;
+
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+typedef struct
+{
+    uint8_t                          *encrypted_provisioning_key;
+    uint8_t                          *iv;
+    uint8_t                          *encrypted_user_tls_key;
+    uint32_t                         encrypted_user_tls_key_type;
+    FSPSM_CACERT_PUB_WKEY            user_rsa2048_tls_wrappedkey;
+} fspsm_key_data;
+#endif
+
+struct WOLFSSL;
+struct WOLFSSL_CTX;
+struct ecc_key;
+
+WOLFSSL_LOCAL int     wc_fspsm_Open();
+WOLFSSL_LOCAL void    wc_fspsm_Close();
+WOLFSSL_LOCAL int     wc_fspsm_hw_lock();
+WOLFSSL_LOCAL void    wc_fspsm_hw_unlock( void );
+WOLFSSL_LOCAL int     wc_fspsm_usable(const struct WOLFSSL *ssl, 
+                                    uint8_t session_key_generated);
+
+typedef struct {
+    FSPSM_AES_PWKEY   wrapped_key;
+    word32           keySize;
+#ifdef WOLFSSL_RENESAS_FSPSM_TLS
+    byte             setup;
+#endif
+} FSPSM_AES_CTX;
+
+struct Aes;
+WOLFSSL_LOCAL void wc_fspsm_Aesfree(struct Aes* aes);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcEncrypt(struct Aes* aes, byte* out,
+                        const byte* in, word32 sz);
+WOLFSSL_LOCAL int wc_fspsm_AesCbcDecrypt(struct Aes* aes, byte* out,
+                        const byte* in, word32 sz);
+
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmEncrypt(struct Aes* aes, byte* out,
+                          const byte* in, word32 sz,
+                          byte* iv, word32 ivSz,
+                          byte* authTag, word32 authTagSz,
+                          const byte* authIn, word32 authInSz,
+                          void* ctx);
+
+WOLFSSL_LOCAL int  wc_fspsm_AesGcmDecrypt(struct Aes* aes, byte* out,
+                          const byte* in, word32 sz,
+                          const byte* iv, word32 ivSz,
+                          const byte* authTag, word32 authTagSz,
+                          const byte* authIn, word32 authInSz,
+                          void* ctx);
+
+#if (!defined(NO_SHA) || !defined(NO_SHA256) || defined(WOLFSSL_SH224) || \
+    defined(WOLFSSL_SHA384) || defined(WOLFSSL_SHA512)) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+
+typedef enum {
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    FSPSM_SHA256 = 1,
+#elif defined(WOLFSSL_RENESAS_RSIP)
+    FSPSM_SHA1 = RSIP_HASH_TYPE_SHA1,
+    FSPSM_SHA224 = RSIP_HASH_TYPE_SHA224,
+    FSPSM_SHA256 = RSIP_HASH_TYPE_SHA256,
+    FSPSM_SHA384 = RSIP_HASH_TYPE_SHA384,
+    FSPSM_SHA512 = RSIP_HASH_TYPE_SHA512,
+    FSPSM_SHA512_224 = RSIP_HASH_TYPE_SHA512_224,
+    FSPSM_SHA512_256 = RSIP_HASH_TYPE_SHA512_256,
+#endif
+} FSPSM_SHA_TYPE;
+
+typedef struct {
+    void*  heap;
+    word32 sha_type;
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+    word32 used;
+    word32 len;
+    byte*  msg;
+#endif
+#if defined(WOLFSSL_RENESAS_RSIP)
+    FSPSM_SHA_HANDLE handle;
+#endif
+#if defined(WOLF_CRYPTO_CB)
+    word32 flags;
+    int devId;
+#endif
+} wolfssl_FSPSM_Hash;
+
+/* RAW hash function APIs are not implemented with SCE */
+#undef  WOLFSSL_NO_HASH_RAW
+#define WOLFSSL_NO_HASH_RAW
+
+#if !defined(NO_SHA) && defined(WOLFSSL_RENESAS_RSIP)
+    typedef wolfssl_FSPSM_Hash wc_Sha;
+#endif
+
+#if defined(WOLFSSL_SHA224) && defined(WOLFSSL_RENESAS_RSIP)
+    typedef wolfssl_FSPSM_Hash wc_Sha224;
+    #define WC_SHA224_TYPE_DEFINED
+#endif
+
+#if !defined(NO_SHA256) && \
+    (defined(WOLFSSL_RENESAS_SCEPROTECT) || defined(WOLFSSL_RENESAS_RSIP))
+    typedef wolfssl_FSPSM_Hash wc_Sha256;
+#endif
+
+#if defined(WOLFSSL_SHA384) && defined(WOLFSSL_RENESAS_RSIP)
+    typedef wolfssl_FSPSM_Hash wc_Sha384;
+    #define WC_SHA384_TYPE_DEFINED
+#endif
+
+#if defined(WOLFSSL_SHA512) && defined(WOLFSSL_RENESAS_RSIP)
+    typedef wolfssl_FSPSM_Hash wc_Sha512;
+    typedef wolfssl_FSPSM_Hash wc_Sha512_224;
+    typedef wolfssl_FSPSM_Hash wc_Sha512_256;
+    #define WC_SHA512_TYPE_DEFINED
+#endif
+
+#endif /* NO_SHA */
+
+#if defined(WOLFSSL_RENESAS_FSPSM_TLS) && \
+        !defined(WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY)
+
+WOLFSSL_LOCAL int     wc_fspsm_tls_RootCertVerify(
+            const   uint8_t* cert,         uint32_t cert_len,
+            uint32_t  key_n_start,        uint32_t key_n_len,
+            uint32_t  key_e_start,        uint32_t key_e_len,
+            uint32_t  cm_row);
+
+WOLFSSL_LOCAL int     wc_sce_tls_CertVerify(
+            const   uint8_t* cert,         uint32_t certSz,
+            const   uint8_t* signature,    uint32_t sigSz,
+            uint32_t  key_n_start,        uint32_t key_n_len,
+            uint32_t  key_e_start,        uint32_t key_e_len,
+            uint8_t*   sce_encRsaKeyIdx);
+
+
+WOLFSSL_LOCAL int     wc_fspsm_generatePremasterSecret(
+            uint8_t*   premaster,
+            uint32_t  preSz);
+
+WOLFSSL_LOCAL int     wc_fspsm_generateEncryptPreMasterSecret(
+            struct WOLFSSL* ssl,
+            uint8_t*           out,
+            uint32_t*         outSz);
+
+WOLFSSL_LOCAL int     wc_fspsm_Sha256GenerateHmac(
+            const struct WOLFSSL *ssl,
+            const uint8_t* myInner,
+            uint32_t      innerSz,
+            const uint8_t* in,
+            uint32_t      sz,
+            uint8_t*       digest);
+
+WOLFSSL_LOCAL int wc_fspsm_Sha256VerifyHmac(
+        const struct WOLFSSL *ssl,
+        const uint8_t* message,
+        uint32_t      messageSz,
+        uint32_t      macSz,
+        uint32_t      content);
+
+WOLFSSL_LOCAL int wc_fspsm_storeKeyCtx(
+        struct WOLFSSL* ssl,
+        FSPSM_ST* info);
+
+WOLFSSL_LOCAL int wc_fspsm_generateVerifyData(
+        const uint8_t*  ms, /* master secret */
+        const uint8_t*  side,
+        const uint8_t*  handshake_hash,
+        uint8_t*        hashes /* out */);
+
+WOLFSSL_LOCAL int wc_fspsm_generateSessionKey(
+        struct WOLFSSL*   ssl,
+        FSPSM_ST* cbInfo,
+        int               devId);
+
+WOLFSSL_LOCAL int wc_fspsm_generateMasterSecret(
+        uint8_t        cipherSuiteFirst,
+        uint8_t        cipherSuite,
+        const uint8_t *pr, /* pre-master    */
+        const uint8_t *cr, /* client random */
+        const uint8_t *sr, /* server random */
+        uint8_t *ms);
+
+WOLFSSL_LOCAL int wc_fspsm_RsaVerifyTLS(struct WOLFSSL* ssl, byte* sig,
+                        uint32_t sigSz, uint8_t** out,
+                        const byte* key, uint32_t keySz, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_EccVerifyTLS(struct WOLFSSL* ssl,
+                        const uint8_t* sig, uint32_t sigSz,
+                        const uint8_t* hash, uint32_t hashSz,
+                        const uint8_t* key, uint32_t keySz,
+                        int* result, void* ctx);
+WOLFSSL_LOCAL int wc_fspsm_tls_CertVerify(
+        const uint8_t* cert,       uint32_t certSz,
+        const uint8_t* signature,  uint32_t sigSz,
+        uint32_t      key_n_start,uint32_t key_n_len,
+        uint32_t      key_e_start,uint32_t key_e_len,
+        uint8_t*      fspsm_encPublickey);
+
+/* Callback for EccShareSecret */
+WOLFSSL_LOCAL int fspsm_EccSharedSecret(struct WOLFSSL* ssl,
+            struct ecc_key* otherKey,
+            uint8_t* pubKeyDer, unsigned int* pubKeySz,
+            uint8_t* out, unsigned int* outlen, int side, void* ctx);
+
+/* user API */
+WOLFSSL_API void FSPSM_INFORM_FUNC(
+    uint8_t*     encrypted_provisioning_key,
+    uint8_t*     iv,
+    uint8_t*     encrypted_user_tls_key,
+    uint32_t    encrypted_user_tls_key_type);
+
+WOLFSSL_API void FSPSM_CALLBACK_FUNC(struct WOLFSSL_CTX* ctx);
+WOLFSSL_API int  FSPSM_CALLBACK_CTX_FUNC(struct WOLFSSL* ssl, void* user_ctx);
+WOLFSSL_API void FSPSM_INFORM_CERT_SIGN(const uint8_t *sign);
+
+
+#endif  /* WOLFSSL_RENESAS_FSPSM_TLS && 
+         * !WOLFSSL_RENESAS_FSPSM_CRYPT_ONLY */
+
+typedef struct FSPSM_RSA_CTX {
+    FSPSM_RSA1024_WPI_KEY *wrapped_pri1024_key;
+    FSPSM_RSA1024_WPB_KEY *wrapped_pub1024_key;
+    FSPSM_RSA2048_WPI_KEY *wrapped_pri2048_key;
+    FSPSM_RSA2048_WPB_KEY *wrapped_pub2048_key;
+    word32 keySz;
+} FSPSM_RSA_CTX;
+
+/* rsa */
+struct RsaKey;
+struct WC_RNG;
+WOLFSSL_LOCAL void wc_fspsm_RsaKeyFree(struct RsaKey *key);
+WOLFSSL_LOCAL int  wc_fspsm_RsaFunction(const byte* in, word32 inLen, byte* out,
+  word32 *outLen, int type, struct RsaKey* key, struct WC_RNG* rng);
+WOLFSSL_LOCAL int  wc_fspsm_MakeRsaKey(struct RsaKey* key, int size, void* ctx);
+WOLFSSL_LOCAL int  wc_fspsm_RsaSign(const byte* in, word32 inLen, byte* out,
+                    word32* outLen, struct RsaKey* key, void* ctx);
+WOLFSSL_LOCAL int  wc_fspsm_RsaVerify(const byte* in, word32 inLen, byte* out,
+                    word32* outLen,struct RsaKey* key, void* ctx);
+WOLFSSL_LOCAL int  wc_fspsm_GenerateRandBlock(byte* output, word32 size);
+#endif  /* __RENESAS_FSPSM_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h
new file mode 100644
index 00000000..b110343f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-types.h
@@ -0,0 +1,325 @@
+/* renesas-fsp-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+#ifndef __RENESAS_FSP_CRYPT_H__
+#define __RENESAS_FSP_CRYPT_H__
+
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/logging.h>
+
+
+#if defined(WOLFSSL_RENESAS_SCEPROTECT)
+
+    #include "r_sce.h"
+
+    #define FSPSM_W_KEYVAR          renesas_sce_wrappedkey
+    #define FSPSM_tls_flg_ST        sce_keyflgs_tls
+    #define FSPSM_key_flg_ST        sce_keyflgs_cryt
+    #define FSPSM_tag_ST            tagUser_SCEPKCbInfo
+    #define FSPSM_ST                User_SCEPKCbInfo
+    #define FSPSM_ST_PKC            SCE_PKCbInfo
+
+    /* map SCE API to macro */
+    #define FSPSM_INSTANCE          sce_instance_ctrl_t
+    #define gFSPSM_ctrl             sce_ctrl
+    #define FSPSM_CONFIG            sce_cfg_t
+    #define gFSPSM_cfg              sce_cfg
+    #define H_INSTANCE              _handle
+    #define FSPSM_OPEN              R_SCE_Open
+    #define FSPSM_CLOSE             R_SCE_Close
+
+    /* rand generation func */
+    #define R_RANDOM_GEN(b)         R_SCE_RandomNumberGenerate(b)
+
+    #define FSPSM_ROOTCA_RSA2048    \
+                        R_SCE_TLS_RootCertificateRSA2048PublicKeyInstall
+    #define FSPSM_TLS_SVRKEYExVfy   R_SCE_TLS_ServerKeyExchangeVerify
+    #define FSPSM_TLS_ECCS256R1_KPG \
+                    R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate
+    #define FSPSM_TLS_PREMASTERGEN \
+                    R_SCE_TLS_PreMasterSecretGenerateForECC_secp256r1
+    /* hmac */
+    #define FSPSM_S256HMAC_GInt   R_SCE_SHA256HMAC_GenerateInit
+    #define FSPSM_S256HMAC_GUp    R_SCE_SHA256HMAC_GenerateUpdate
+    #define FSPSM_S256HMAC_GFnl   R_SCE_SHA256HMAC_GenerateFinal
+    #define FSPSM_S256HMAC_VInt   R_SCE_SHA256HMAC_VerifyInit
+    #define FSPSM_S256HMAC_VUp    R_SCE_SHA256HMAC_VerifyUpdate
+    #define FSPSM_S256HMAC_VFnl   R_SCE_SHA256HMAC_VerifyFinal
+    #define FSPSM_HMAC_HANDLE     sce_hmac_sha_handle_t
+    #define FSPSM_HMAC_WKEY       sce_hmac_sha_wrapped_key_t
+
+    /* TLS */
+    #define FSPSM_SESSIONKEY_GEN_FUNC R_SCE_TLS_SessionKeyGenerate
+    #define FSPSM_MASTERSECRET_GEN_FUNC R_SCE_TLS_MasterSecretGenerate
+    #define FSPSM_PREGEN_FUNC       R_SCE_TLS_PreMasterSecretGenerateForRSA2048
+    #define FSPSM_PREGENENC_FUNC    R_SCE_TLS_PreMasterSecretEncryptWithRSA2048
+
+    /* certificate */
+    #define FSPSM_TLSCERT_VRY       R_SCE_TLS_CertificateVerify
+    #define FSPSM_TLSROOTCERT_VRY   R_SCE_TLS_RootCertificateVerify
+    #define FSPSM_CACERT_PUB_WKEY   \
+                            sce_tls_ca_certification_public_wrapped_key_t
+
+    /* verify data */
+    #define FSPSM_VERIFY_DATA_FUNC  R_SCE_TLS_VerifyDataGenerate
+
+    /* aes */
+    #define FSPSM_AES_WKEY          sce_aes_wrapped_key_t
+    #define FSPSM_AES_PWKEY         sce_aes_wrapped_key_t*
+    #define FSPSM_AESGCM_HANDLE     sce_gcm_handle_t
+    #define FSPSM_AES_HANDLE        sce_aes_handle_t
+    /* aes 128 cbc */
+    #define FSPSM_AES128CBCEnc_Init    R_SCE_AES128CBC_EncryptInit
+    #define FSPSM_AES128CBCEnc_Up      R_SCE_AES128CBC_EncryptUpdate
+    #define FSPSM_AES128CBCEnc_Final   R_SCE_AES128CBC_EncryptFinal
+    #define FSPSM_AES128CBCDec_Init    R_SCE_AES128CBC_DecryptInit
+    #define FSPSM_AES128CBCDec_Up      R_SCE_AES128CBC_DecryptUpdate
+    #define FSPSM_AES128CBCDec_Final   R_SCE_AES128CBC_DecryptFinal
+
+    /* aes 256 cbc */
+    #define FSPSM_AES256CBCEnc_Init    R_SCE_AES256CBC_EncryptInit
+    #define FSPSM_AES256CBCEnc_Up      R_SCE_AES256CBC_EncryptUpdate
+    #define FSPSM_AES256CBCEnc_Final   R_SCE_AES256CBC_EncryptFinal
+    #define FSPSM_AES256CBCDec_Init    R_SCE_AES256CBC_DecryptInit
+    #define FSPSM_AES256CBCDec_Up      R_SCE_AES256CBC_DecryptUpdate
+    #define FSPSM_AES256CBCDec_Final   R_SCE_AES256CBC_DecryptFinal
+
+    /* aes128 gcm */
+    #define FSPSM_AES128GCMEnc_Init    R_SCE_AES128GCM_EncryptInit
+    #define FSPSM_AES128GCMEnc_Up      R_SCE_AES128GCM_EncryptUpdate
+    #define FSPSM_AES128GCMEnc_Final   R_SCE_AES128GCM_EncryptFinal
+    #define FSPSM_AES128GCMDec_Init    R_SCE_AES128GCM_DecryptInit
+    #define FSPSM_AES128GCMDec_Up      R_SCE_AES128GCM_DecryptUpdate
+    #define FSPSM_AES128GCMDec_Final   R_SCE_AES128GCM_DecryptFinal
+
+    /* aes256 gcm */
+    #define FSPSM_AES256GCMEnc_Init    R_SCE_AES256GCM_EncryptInit
+    #define FSPSM_AES256GCMEnc_Up      R_SCE_AES256GCM_EncryptUpdate
+    #define FSPSM_AES256GCMEnc_Final   R_SCE_AES256GCM_EncryptFinal
+    #define FSPSM_AES256GCMDec_Init    R_SCE_AES256GCM_DecryptInit
+    #define FSPSM_AES256GCMDec_Up      R_SCE_AES256GCM_DecryptUpdate
+    #define FSPSM_AES256GCMDec_Final   R_SCE_AES256GCM_DecryptFinal
+
+    /* rsa */
+    /* rsa data */
+    #define FSPSM_RSA_DATA          sce_rsa_byte_data_t
+    /* rsa 1024 key */
+    #define FSPSM_RSA1024_WPA_KEY   sce_rsa1024_wrapped_pair_key_t
+    #define FSPSM_RSA1024_WPB_KEY   sce_rsa1024_public_wrapped_key_t
+    #define FSPSM_RSA1024_WPI_KEY   sce_rsa1024_private_wrapped_key_t
+    /* rsa 2048 key */
+    #define FSPSM_RSA2048_WPA_KEY   sce_rsa2048_wrapped_pair_key_t
+    #define FSPSM_RSA2048_WPB_KEY   sce_rsa2048_public_wrapped_key_t
+    #define FSPSM_RSA2048_WPI_KEY   sce_rsa2048_private_wrapped_key_t
+
+    /* rsa key gen */
+    #define FSPSM_RSA1024_KEYPA_GEN(x,y) R_SCE_RSA1024_WrappedKeyPairGenerate\
+                                    (x)
+    #define FSPSM_RSA2048_KEYPA_GEN(x,y) R_SCE_RSA2048_WrappedKeyPairGenerate\
+                                    (x)
+
+    /* rsa function */
+    #define FSPSM_RSA1024_PKCSENC_FUNC(p,c,k) R_SCE_RSAES_PKCS1024_Encrypt\
+                                                            (p,c,k)
+    #define FSPSM_RSA2048_PKCSENC_FUNC(p,c,k) R_SCE_RSAES_PKCS2048_Encrypt\
+                                                            (p,c,k)
+    #define FSPSM_RSA1024_PKCSDEC_FUNC(p,c,k,l) R_SCE_RSAES_PKCS1024_Decrypt\
+                                                            (p,c,k)
+    #define FSPSM_RSA2048_PKCSDEC_FUNC(p,c,k,l) R_SCE_RSAES_PKCS2048_Decrypt\
+                                                            (p,c,k)
+    #define FSPSM_RSA1024_SIGN_FUNC(m,s,k,t) \
+                        R_SCE_RSASSA_PKCS1024_SignatureGenerate(m,s,k,t)
+    #define FSPSM_RSA2048_SIGN_FUNC(m,s,k,t)  \
+                        R_SCE_RSASSA_PKCS2048_SignatureGenerate(m,s,k,t)
+    #define FSPSM_RSA1024_VRY_FUNC(m,s,k,t) \
+                        R_SCE_RSASSA_PKCS1024_SignatureVerify(m,s,k,t)
+    #define FSPSM_RSA2048_VRY_FUNC(m,s,k,t) \
+                        R_SCE_RSASSA_PKCS2048_SignatureVerify(m,s,k,t)
+    /* sha */
+    #define FSPSM_SHA_HANDLE    sce_sha_md5_handle_t
+    #define FSPSM_SHA256_Init   R_SCE_SHA256_Init
+    #define FSPSM_SHA256_Up     R_SCE_SHA256_Update
+    #define FSPSM_SHA256_Final  R_SCE_SHA256_Final
+
+    /* user API */
+    #define FSPSM_INFORM_FUNC       wc_sce_inform_user_keys
+    #define FSPSM_CALLBACK_FUNC     wc_sce_set_callbacks
+    #define FSPSM_CALLBACK_CTX_FUNC wc_sce_set_callback_ctx
+    #define FSPSM_INFORM_CERT_SIGN  wc_sce_inform_cert_sign
+
+#elif defined(WOLFSSL_RENESAS_RSIP)
+
+    #include "r_rsip.h"
+
+    /* structure, type so on */
+    #define FSPSM_W_KEYVAR          renesas_rsip_wrappedkey
+    #define FSPSM_tls_flg_ST        rsip_keyflgs_tls
+    #define FSPSM_key_flg_ST        rsip_keyflgs_cryt
+    #define FSPSM_tag_ST            tagUser_RSIPPKCbInfo
+    #define FSPSM_ST                User_RSIPPKCbInfo
+    #define FSPSM_ST_PKC            RSIP_PKCbInfo
+    #define FSPSM_KEY_TYPE          rsip_key_type_t
+
+    #define FSPSM_INSTANCE          rsip_instance_ctrl_t
+    #define gFSPSM_ctrl             rsip_ctrl
+    #define FSPSM_CONFIG            rsip_cfg_t
+    #define gFSPSM_cfg              rsip_cfg
+    #define H_INSTANCE              gFSPSM_ctrl
+    #define FSPSM_OPEN              R_RSIP_Open
+    #define FSPSM_CLOSE             R_RSIP_Close
+
+    /* rnd generation func */
+    #define R_RANDOM_GEN(b)         R_RSIP_RandomNumberGenerate(&gFSPSM_ctrl,b)
+    /* sha 1*/
+    #define FSPSM_SHA_HANDLE        rsip_sha_handle_t
+    #define FSPSM_SHA1_Init         _R_RSIP_SHA1_GenerateInit
+    #define FSPSM_SHA1_Up           _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA1_Final        _R_RSIP_SHA_GenerateFinal
+
+    /* sha 224 */
+    #define FSPSM_SHA224_Init       _R_RSIP_SHA224_GenerateInit
+    #define FSPSM_SHA224_Up         _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA224_Final      _R_RSIP_SHA_GenerateFinal
+
+    /* sha 256 */
+    #define FSPSM_SHA256_Init       _R_RSIP_SHA256_GenerateInit
+    #define FSPSM_SHA256_Up         _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA256_Final      _R_RSIP_SHA_GenerateFinal
+
+    /* sha 384 */
+    #define FSPSM_SHA384_Init       _R_RSIP_SHA384_GenerateInit
+    #define FSPSM_SHA384_Up         _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA384_Final      _R_RSIP_SHA_GenerateFinal
+
+    /* sha 512 */
+    #define FSPSM_SHA512_Init       _R_RSIP_SHA512_GenerateInit
+    #define FSPSM_SHA512_Up         _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA512_Final      _R_RSIP_SHA_GenerateFinal
+
+    /* sha 512 224*/
+    #define FSPSM_SHA512_224_Init   _R_RSIP_SHA512_224_GenerateInit
+    #define FSPSM_SHA512_224_Up     _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA512_224_Final  _R_RSIP_SHA_GenerateFinal
+
+     /* sha 512 256 */
+    #define FSPSM_SHA512_256_Init   _R_RSIP_SHA512_256_GenerateInit
+    #define FSPSM_SHA512_256_Up     _R_RSIP_SHA_GenerateUpdate
+    #define FSPSM_SHA512_256_Final  _R_RSIP_SHA_GenerateFinal
+    /* aes */
+    #define FSPSM_AES_WKEY          rsip_wrapped_key_t
+    #define FSPSM_AES_PWKEY         rsip_wrapped_key_t*
+    #define FSPSM_AESGCM_HANDLE     rsip_instance_ctrl_t*
+    #define FSPSM_AES_HANDLE        rsip_instance_ctrl_t*
+    #define FSPSM_AES_KEYGEN_FUNC   _R_RSIP_KeyGenerate
+
+    /* aes 128 cbc */
+    /* mode : RSIP_AES_MODE_CBC */
+    #define FSPSM_AES128CBCEnc_Init    _R_RSIP_AESCBC_Cipher_EncryptInit
+    #define FSPSM_AES128CBCEnc_Up      _R_RSIP_AESCBC_Cipher_EncryptUpdate
+    #define FSPSM_AES128CBCEnc_Final   _R_RSIP_AESCBC_Cipher_EncryptFinal
+    #define FSPSM_AES128CBCDec_Init    _R_RSIP_AESCBC_Cipher_DecryptInit
+    #define FSPSM_AES128CBCDec_Up      _R_RSIP_AESCBC_Cipher_DecryptUpdate
+    #define FSPSM_AES128CBCDec_Final   _R_RSIP_AESCBC_Cipher_DecryptFinal
+
+    /* aes 256 cbc */
+    /* mode : RSIP_AES_MODE_CBC */
+    #define FSPSM_AES256CBCEnc_Init    _R_RSIP_AESCBC_Cipher_EncryptInit
+    #define FSPSM_AES256CBCEnc_Up      _R_RSIP_AESCBC_Cipher_EncryptUpdate
+    #define FSPSM_AES256CBCEnc_Final   _R_RSIP_AESCBC_Cipher_EncryptFinal
+    #define FSPSM_AES256CBCDec_Init    _R_RSIP_AESCBC_Cipher_DecryptInit
+    #define FSPSM_AES256CBCDec_Up      _R_RSIP_AESCBC_Cipher_DecryptUpdate
+    #define FSPSM_AES256CBCDec_Final   _R_RSIP_AESCBC_Cipher_DecryptFinal
+
+    /* aes128 gcm */
+    #define FSPSM_AES128GCMEnc_Init    _R_RSIP_AES_GCM_EncryptInit
+    #define FSPSM_AES128GCMEnc_Up      _R_RSIP_AES_GCM_EncryptUpdate
+    #define FSPSM_AES128GCMEnc_Final   _R_RSIP_AES_GCM_EncryptFinal
+    #define FSPSM_AES128GCMDec_Init    _R_RSIP_AES_GCM_DecryptInit
+    #define FSPSM_AES128GCMDec_Up      _R_RSIP_AES_GCM_DecryptUpdate
+    #define FSPSM_AES128GCMDec_Final   _R_RSIP_AES_GCM_DecryptFinal
+
+    /* aes256 gcm */
+    #define FSPSM_AES256GCMEnc_Init    _R_RSIP_AES_GCM_EncryptInit
+    #define FSPSM_AES256GCMEnc_Up      _R_RSIP_AES_GCM_EncryptUpdate
+    #define FSPSM_AES256GCMEnc_Final   _R_RSIP_AES_GCM_EncryptFinal
+    #define FSPSM_AES256GCMDec_Init    _R_RSIP_AES_GCM_DecryptInit
+    #define FSPSM_AES256GCMDec_Up      _R_RSIP_AES_GCM_DecryptUpdate
+    #define FSPSM_AES256GCMDec_Final   _R_RSIP_AES_GCM_DecryptFinal
+
+    /* rsa */
+    /* rsa data */
+    typedef struct {
+        uint8_t *pdata;
+        uint32_t data_length;
+        uint32_t data_type;/* no use for RSIP */
+        uint32_t hash_type;/* for rsip, hash type */
+    } tmpRSIP_RSA_DATA;
+
+    #define FSPSM_RSA_DATA          tmpRSIP_RSA_DATA
+
+    /* rsa 1024 key */
+    #define FSPSM_RSA1024_WPA_KEY   rsip_wrapped_key_t
+    #define FSPSM_RSA1024_WPB_KEY   rsip_wrapped_key_t
+    #define FSPSM_RSA1024_WPI_KEY   rsip_wrapped_key_t
+    /* rsa 2048 key */
+    #define FSPSM_RSA2048_WPA_KEY   rsip_wrapped_key_t
+    #define FSPSM_RSA2048_WPB_KEY   rsip_wrapped_key_t
+    #define FSPSM_RSA2048_WPI_KEY   rsip_wrapped_key_t
+
+    /* rsa key gen */
+    #define FSPSM_RSA1024_KEYPA_GEN(x,y) R_RSIP_KeyPairGenerate\
+                                    (&gFSPSM_ctrl, RSIP_KEY_PAIR_TYPE_RSA_1024,\
+                                    x,y)
+    #define FSPSM_RSA2048_KEYPA_GEN(x,y) R_RSIP_KeyPairGenerate\
+                                    (&gFSPSM_ctrl, RSIP_KEY_PAIR_TYPE_RSA_2048,\
+                                    x,y)
+
+    /* rsa function */
+    /* encrypt */
+    #define FSPSM_RSA1024_PKCSENC_FUNC(p,c,k) R_RSIP_RSAES_PKCS1_V1_5_Encrypt\
+        (&gFSPSM_ctrl, k, (uint8_t const *const)(p)->pdata, \
+        (uint32_t const)(p)->data_length, \
+        (uint8_t *const)(c)->pdata);
+
+    #define FSPSM_RSA2048_PKCSENC_FUNC(p,c,k) FSPSM_RSA1024_PKCSENC_FUNC(p,c,k)
+    /* decrypt */
+    #define FSPSM_RSA1024_PKCSDEC_FUNC(c,p,k,l) R_RSIP_RSAES_PKCS1_V1_5_Decrypt\
+        (&gFSPSM_ctrl, k, (uint8_t const *const)(c)->pdata, \
+        (uint8_t *const)(p)->pdata,\
+        (uint32_t *const)l, \
+        (uint32_t const)(p)->data_length);
+    #define FSPSM_RSA2048_PKCSDEC_FUNC(c,p,k,l) \
+                                            FSPSM_RSA1024_PKCSDEC_FUNC(c,p,k,l)
+
+    /* sign */
+    #define FSPSM_RSA1024_SIGN_FUNC(m,s,k,t) R_RSIP_RSASSA_PKCS1_V1_5_Sign\
+        (&gFSPSM_ctrl, k, (m)->hash_type, (uint8_t const *const)(m)->pdata,\
+        (uint8_t *const)(s)->pdata)
+    #define FSPSM_RSA2048_SIGN_FUNC(m,s,k,t)  FSPSM_RSA1024_SIGN_FUNC(m,s,k,t)
+
+    /* verify */
+    #define FSPSM_RSA1024_VRY_FUNC(s,m,k,t)  R_RSIP_RSASSA_PKCS1_V1_5_Verify\
+        (&gFSPSM_ctrl, k, (m)->hash_type, (uint8_t const *const)(m)->pdata,\
+        (uint8_t *const)(s)->pdata)
+    #define FSPSM_RSA2048_VRY_FUNC(s,m,k,t)  FSPSM_RSA1024_VRY_FUNC(s,m,k,t)
+
+#endif
+
+#endif /* __RENESAS_FSP_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h
deleted file mode 100644
index 35847131..00000000
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h
+++ /dev/null
@@ -1,278 +0,0 @@
-/* renesas-sce-crypt.h
- *
- * Copyright (C) 2006-2023 wolfSSL Inc.
- *
- * This file is part of wolfSSL.
- *
- * wolfSSL is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * wolfSSL is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
- */
-#ifndef __RENESAS_SCE_CRYPT_H__
-#define __RENESAS_SCE_CRYPT_H__
-
-#include "r_sce.h"
-#include <wolfssl/wolfcrypt/settings.h>
-#include <wolfssl/wolfcrypt/logging.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define SCE_SESSIONKEY_NONCE_SIZE           8
-#define WOLFSSL_SCE_ILLEGAL_CIPHERSUITE     -1
-
-#define MAX_SCE_CBINDEX 5
-
-typedef void* renesas_sce_wrappedkey;
-
-/* flsgas related to TLS */
-struct sce_keyflgs_tls {
-    uint8_t pk_key_set:1;
-    uint8_t session_key_set:1;
-};
-
-/* flags Crypt Only */
-struct sce_keyflgs_cryt {
-    uint8_t aes256_installedkey_set:1;
-    uint8_t aes128_installedkey_set:1;
-    uint8_t rsapri2048_installedkey_set:1;
-    uint8_t rsapub2048_installedkey_set:1;
-    uint8_t rsapri1024_installedkey_set:1;
-    uint8_t rsapub1024_installedkey_set:1;
-    uint8_t message_type:1;/*message 0, hashed 1*/
-};
-
-typedef struct tagUser_SCEPKCbInfo {
-    /* unique number for each session */
-    int devId;
-   #if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    /* out from R_SCE_TLS_ServerKeyExchangeVerify */
-    uint32_t encrypted_ephemeral_ecdh_public_key[SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ];
-    /* out from R_SCE_TLS_ECC_secp256r1_EphemeralWrappedKeyPairGenerate */
-    sce_tls_p256_ecc_wrapped_key_t ecc_p256_wrapped_key;
-    uint8_t ecc_ecdh_public_key[HW_SCE_ECC_PUBLIC_KEY_BYTE_SIZE];
-    
-    uint32_t    sce_masterSecret[SCE_TLS_MASTERSECRET_SIZE/4];
-    uint8_t     sce_clientRandom[SCE_TLS_CLIENTRANDOM_SZ];
-    uint8_t     sce_serverRandom[SCE_TLS_SERVERRANDOM_SZ];
-    uint8_t     sce_cipher;
-
-   #endif
-    
-    /* installed key handling */
-    /* aes */
-    renesas_sce_wrappedkey   sce_wrapped_key_aes256;
-    renesas_sce_wrappedkey   sce_wrapped_key_aes128;
-    
-   #if defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)
-    /* rsa */
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapri2048;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapub2048;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapri1024;
-    renesas_sce_wrappedkey   sce_wrapped_key_rsapub1024;
-   #endif
-    
-    /* key status flags */
-    /* flag whether encrypted ec key is set */
-    union {
-        uint8_t chr;
-        struct sce_keyflgs_tls bits;
-    } keyflgs_tls;
-    /* key status flags */
-    /* flags shows status if wrapped keys are installed */
-    union {
-        uint8_t chr;
-        struct sce_keyflgs_cryt bits;
-    } keyflgs_crypt;
-    
-} User_SCEPKCbInfo;
-
-typedef struct tagSCE_PKCbInfo {
-    User_SCEPKCbInfo *user_PKCbInfo[MAX_SCE_CBINDEX];
-    uint32_t    num_session;
-} SCE_PKCbInfo;
-
-typedef struct
-{
-    uint8_t                          *encrypted_provisioning_key;
-    uint8_t                          *iv;
-    uint8_t                          *encrypted_user_tls_key;
-    uint32_t                          encrypted_user_tls_key_type;
-    sce_tls_ca_certification_public_wrapped_key_t  user_rsa2048_tls_wrappedkey;
-} sce_key_data;
-    
-struct WOLFSSL;
-struct WOLFSSL_CTX;
-struct ecc_key;
-    
-WOLFSSL_LOCAL int     wc_sce_Open();
-WOLFSSL_LOCAL void    wc_sce_Close();
-WOLFSSL_LOCAL int     wc_sce_hw_lock();
-WOLFSSL_LOCAL void    wc_sce_hw_unlock( void );
-WOLFSSL_LOCAL int     wc_sce_usable(const struct WOLFSSL *ssl, 
-                                    uint8_t session_key_generated);
-
-typedef struct {
-    sce_aes_wrapped_key_t   sce_wrapped_key;
-    word32                  keySize;
-    byte                    setup;
-} SCE_AES_CTX;
-
-struct Aes;
-WOLFSSL_LOCAL int wc_sce_AesCbcEncrypt(struct Aes* aes, byte* out, const byte* in,
-                             word32 sz);
-WOLFSSL_LOCAL int wc_sce_AesCbcDecrypt(struct Aes* aes, byte* out, const byte* in,
-                             word32 sz);
-
-WOLFSSL_LOCAL int  wc_sce_AesGcmEncrypt(struct Aes* aes, byte* out,
-                          const byte* in, word32 sz,
-                          byte* iv, word32 ivSz,
-                          byte* authTag, word32 authTagSz,
-                          const byte* authIn, word32 authInSz,
-                          void* ctx);
-
-WOLFSSL_LOCAL int  wc_sce_AesGcmDecrypt(struct Aes* aes, byte* out,
-                          const byte* in, word32 sz,
-                          const byte* iv, word32 ivSz,
-                          const byte* authTag, word32 authTagSz,
-                          const byte* authIn, word32 authInSz,
-                          void* ctx);
-                          
-#if !defined(NO_SHA256) && !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
-
-typedef enum {
-    SCE_SHA256 = 1,
-} SCE_SHA_TYPE;
-
-typedef struct {
-    byte*  msg;
-    void*  heap;
-    word32 used;
-    word32 len;
-    word32 sha_type;
-#if defined(WOLF_CRYPTO_CB)
-    word32 flags;
-    int devId;
-#endif
-} wolfssl_SCE_Hash;
-
-/* RAW hash function APIs are not implemented with SCE */
-#undef  WOLFSSL_NO_HASH_RAW
-#define WOLFSSL_NO_HASH_RAW
-
-typedef wolfssl_SCE_Hash wc_Sha256;
-
-#endif /* NO_SHA */
-
-#if defined(WOLFSSL_RENESAS_SCEPROTECT) && \
-        !defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY)
-        
-WOLFSSL_LOCAL int     wc_sce_tls_RootCertVerify(
-            const   uint8_t* cert,         uint32_t cert_len,
-            uint32_t  key_n_start,        uint32_t key_n_len,
-            uint32_t  key_e_start,        uint32_t key_e_len,
-            uint32_t  cm_row);
-
-WOLFSSL_LOCAL int     wc_sce_tls_CertVerify(
-            const   uint8_t* cert,         uint32_t certSz,
-            const   uint8_t* signature,    uint32_t sigSz,
-            uint32_t  key_n_start,        uint32_t key_n_len,
-            uint32_t  key_e_start,        uint32_t key_e_len,
-            uint8_t*   sce_encRsaKeyIdx);
-
-
-WOLFSSL_LOCAL int     wc_sce_generatePremasterSecret(
-            uint8_t*   premaster,
-            uint32_t  preSz);
-
-WOLFSSL_LOCAL int     wc_sce_generateEncryptPreMasterSecret(
-            struct WOLFSSL* ssl, 
-            uint8_t*           out, 
-            uint32_t*         outSz);
-
-WOLFSSL_LOCAL int     wc_sce_Sha256GenerateHmac(
-            const struct WOLFSSL *ssl,
-            const uint8_t* myInner, 
-            uint32_t      innerSz,
-            const uint8_t* in,
-            uint32_t      sz,
-            uint8_t*       digest);
-    
-WOLFSSL_LOCAL int wc_sce_Sha256VerifyHmac(
-        const struct WOLFSSL *ssl,
-        const uint8_t* message, 
-        uint32_t      messageSz,
-        uint32_t      macSz,
-        uint32_t      content);
-
-WOLFSSL_LOCAL int wc_sce_storeKeyCtx(
-        struct WOLFSSL* ssl,
-        User_SCEPKCbInfo* info);
-
-WOLFSSL_LOCAL int wc_sce_generateVerifyData(
-        const uint8_t*  ms, /* master secret */
-        const uint8_t*  side,
-        const uint8_t*  handshake_hash,
-        uint8_t*        hashes /* out */);
-
-WOLFSSL_LOCAL int wc_sce_generateSessionKey(
-        struct WOLFSSL*   ssl,
-        User_SCEPKCbInfo* cbInfo, 
-        int               devId);
-        
-WOLFSSL_LOCAL int wc_sce_generateMasterSecret(
-        uint8_t        cipherSuiteFirst,
-        uint8_t        cipherSuite,
-        const uint8_t *pr, /* pre-master    */
-        const uint8_t *cr, /* client random */
-        const uint8_t *sr, /* server random */
-        uint8_t *ms);
-
-WOLFSSL_LOCAL int wc_SCE_RsaVerify(struct WOLFSSL* ssl, byte* sig, uint32_t sigSz,
-        uint8_t** out, const byte* key, uint32_t keySz, void* ctx);
-WOLFSSL_LOCAL int wc_SCE_EccVerify(struct WOLFSSL* ssl, const uint8_t* sig, uint32_t sigSz,
-        const uint8_t* hash, uint32_t hashSz, const uint8_t* key, uint32_t keySz,
-        int* result, void* ctx);
-/* Callback for EccShareSecret */
-WOLFSSL_LOCAL int SCE_EccSharedSecret(struct WOLFSSL* ssl, struct ecc_key* otherKey,
-        uint8_t* pubKeyDer, unsigned int* pubKeySz,
-        uint8_t* out, unsigned int* outlen, int side, void* ctx);
-
-/* user API */
-WOLFSSL_API void wc_sce_inform_user_keys(
-    uint8_t*     encrypted_provisioning_key,
-    uint8_t*     iv,
-    uint8_t*     encrypted_user_tls_key,
-    uint32_t    encrypted_user_tls_key_type);
-
-WOLFSSL_API void wc_sce_set_callbacks(struct WOLFSSL_CTX* ctx);
-WOLFSSL_API int  wc_sce_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx);
-WOLFSSL_API void wc_sce_inform_cert_sign(const uint8_t *sign);
-
-/* rsa */
-struct RsaKey;
-struct WC_RNG;
-WOLFSSL_API int  wc_sce_RsaFunction(const byte* in, word32 inLen, byte* out,
-    word32 outLen, int type, struct RsaKey* key, struct WC_RNG* rng, void* ctx);
-WOLFSSL_API int  wc_sce_MakeRsaKey(int size, void* ctx);
-WOLFSSL_API int  wc_sce_RsaSign(const byte* in, word32 inLen, byte* out,
-                    word32* outLen, struct RsaKey* key, void* ctx);
-WOLFSSL_API int  wc_sce_RsaVerify(const byte* in, word32 inLen, byte* out,
-                    word32* outLen,struct RsaKey* key, void* ctx);
-
-#endif  /* WOLFSSL_RENESAS_SCEPROTECT && 
-         * !WOLFSSL_RENESAS_SCEPROTECT_CRYPT_ONLY */
-
-#endif  /* __RENESAS_SCE_CRYPT_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
index bd588108..6b1bbfda 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas-tsip-crypt.h
@@ -21,7 +21,8 @@
 #ifndef __RENESAS_TSIP_CRYPT_H__
 #define __RENESAS_TSIP_CRYPT_H__
 
-#if !defined(WOLFCRYPT_ONLY)
+#if !defined(WOLFCRYPT_ONLY) || \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 
 #if defined(WOLFSSL_RENESAS_TSIP_IAREWRX)
     #include "r_bsp/mcu/all/r_rx_compiler.h"
@@ -29,7 +30,8 @@
     #include "r_tsip_rx_if.h"
 #endif
 
-#if defined(WOLFSSL_RENESAS_TSIP)
+#if defined(WOLFSSL_RENESAS_TSIP) || \
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
     #include "r_tsip_rx_if.h"    
 #endif
 
@@ -69,7 +71,7 @@ enum {
     l_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23,
     l_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256   = 0x27,
     l_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b,
-    l_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   = 0x2f,    
+    l_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256   = 0x2f,
     l_TLS_AES_128_GCM_SHA256                  = 0x01,
     l_TLS_AES_128_CCM_SHA256                  = 0x04,
 };
@@ -88,6 +90,10 @@ typedef enum {
     TSIP_KEY_TYPE_RSA2048      = 0,
     TSIP_KEY_TYPE_RSA4096      = 1,
     TSIP_KEY_TYPE_ECDSAP256    = 2,
+    #ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+    TSIP_KEY_TYPE_RSA1024      = 3,
+    #endif
+    
 } wolfssl_TSIP_KEY_TYPE;
 
 struct WOLFSSL;
@@ -114,14 +120,28 @@ typedef struct MsgBag
     byte  buff[MSGBAG_SIZE];
 } MsgBag;
 
-
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+ 
+ typedef void* renesas_tsip_key;
+ 
+ /* flags Crypt Only */
+ struct tsip_keyflgs_cryt {
+    uint8_t aes256_key_set:1;
+    uint8_t aes128_key_set:1;
+    uint8_t rsapri2048_key_set:1;
+    uint8_t rsapub2048_key_set:1;
+    uint8_t rsapri1024_key_set:1;
+    uint8_t rsapub1024_key_set:1;
+    uint8_t message_type:1;/*message 0, hashed 1*/
+ };
+#endif
 /*
  * TsipUserCtx holds mainly keys used for TLS handshake in TSIP specific format.
  */
 typedef struct TsipUserCtx {
     /* unique number for each session */
     int devId;
-
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
     /* 0:working as a TLS client, 1: as a server */
     byte                    side;
 
@@ -139,12 +159,13 @@ typedef struct TsipUserCtx {
 
     /* handle is used as work area for Tls13 handshake */
     tsip_tls13_handle_t                                handle13;
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
     /* client key pair wrapped by provisioning key */
     byte*                                              wrappedPrivateKey;
     byte*                                              wrappedPublicKey;
-    int                                                wrappedKeyType;
 
+    int                                                wrappedKeyType;
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
     #if !defined(NO_RSA)
     /* RSA-2048bit private and public key-index for client authentication */
     tsip_rsa2048_private_key_index_t                   Rsa2048PrivateKeyIdx;
@@ -227,7 +248,27 @@ typedef struct TsipUserCtx {
     uint32_t    tsip_masterSecret[TSIP_TLS_MASTERSECRET_SIZE/4];
     uint8_t     tsip_clientRandom[TSIP_TLS_CLIENTRANDOM_SZ];
     uint8_t     tsip_serverRandom[TSIP_TLS_SERVERRANDOM_SZ];
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
+/* for tsip crypt only mode */
+#ifdef WOLFSSL_RENESAS_TSIP_CRYPTONLY
+    
+    renesas_tsip_key    rsa1024pri_keyIdx;
+    renesas_tsip_key    rsa1024pub_keyIdx;
+    renesas_tsip_key    rsa2048pri_keyIdx;
+    renesas_tsip_key    rsa2048pub_keyIdx;
+    
+    /* sign/verify hash type :
+     * md5, sha1 or sha256
+     */
+    int sing_hash_type;
+    
+    /* flags shows status if tsip keys are installed */
+    union {
+        uint8_t chr;
+        struct tsip_keyflgs_cryt bits;
+    } keyflgs_crypt;
+    
+#endif
     /* installed key handling */
     tsip_aes_key_index_t user_aes256_key_index;
     uint8_t user_aes256_key_set:1;
@@ -238,6 +279,7 @@ typedef struct TsipUserCtx {
     uint32_t    tsip_cipher;
     
     /* flags */
+#ifdef WOLFSSL_RENESAS_TSIP_TLS
     #if !defined(NO_RSA)
     uint8_t ClientRsa2048PrivKey_set:1;
     uint8_t ClientRsa2048PubKey_set:1;
@@ -264,7 +306,7 @@ typedef struct TsipUserCtx {
     uint8_t ServerWriteTrafficKey_set:1;
     uint8_t ClientWriteTrafficKey_set:1;
     uint8_t session_key_set:1;
-
+#endif /* WOLFSSL_RENESAS_TSIP_TLS */
 
 } TsipUserCtx;
 
@@ -289,7 +331,7 @@ typedef struct
     uint32_t   encrypted_user_private_key_type;
     uint8_t *  encrypted_user_public_key;
     uint32_t   encrypted_user_public_key_type;
-    tsip_ecc_private_key_index_t client_private_key_index;       
+    tsip_ecc_private_key_index_t client_private_key_index;
     tsip_tls_ca_certification_public_key_index_t  user_rsa2048_tls_pubindex;
 } tsip_key_data;
 
@@ -321,10 +363,21 @@ WOLFSSL_API int  tsip_set_callback_ctx(struct WOLFSSL* ssl, void* user_ctx);
 WOLFSSL_API int  tsip_set_clientPrivateKeyEnc(const byte* key, int keyType);
 
 #if defined(WOLF_PRIVATE_KEY_ID)
-WOLFSSL_API int tsip_use_PrivateKey_buffer(struct WOLFSSL* ssl,
+
+#if defined(WOLFSSL_RENESAS_TSIP_TLS)
+WOLFSSL_API int tsip_use_PublicKey_buffer_TLS(WOLFSSL* ssl,
+                                const char* keyBuf, int keyBufLen, int keyType);
+WOLFSSL_API int tsip_use_PrivateKey_buffer_TLS(struct WOLFSSL* ssl,
+                                const char* keyBuf, int keyBufLen, int keyType);
+#endif
+
+#if defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
+WOLFSSL_API int tsip_use_PubicKey_buffer_crypt(TsipUserCtx *uc,
                                 const char* keyBuf, int keyBufLen, int keyType);
-WOLFSSL_API int tsip_use_PublicKey_buffer(struct WOLFSSL* ssl,
+WOLFSSL_API int tsip_use_PrivateKey_buffer_crypt(TsipUserCtx *uc,
                                 const char* keyBuf, int keyBufLen, int keyType);
+#endif
+
 #endif /* WOLF_PRIVATE_KEY_ID */
 
 #if (WOLFSSL_RENESAS_TSIP_VER >=109)
@@ -345,7 +398,6 @@ WOLFSSL_API void tsip_inform_user_keys(
 
 #endif
 
-
 /*----------------------------------------------------*/
 /*   internal use functions                           */
 /*----------------------------------------------------*/
@@ -489,7 +541,7 @@ WOLFSSL_LOCAL int wc_tsip_generateVerifyData(
         const uint8_t*  side,
         const uint8_t*  handshake_hash,
         uint8_t*        hashes);
-
+#ifndef NO_AES
 WOLFSSL_LOCAL int wc_tsip_AesCbcEncrypt(
         Aes* aes,
         byte*       out,
@@ -517,7 +569,7 @@ WOLFSSL_LOCAL int wc_tsip_AesGcmDecrypt(
         const byte* authTag, word32 authTagSz,
         const byte* authIn, word32 authInSz,
         void* ctx);
-
+#endif /* NO_AES */
 WOLFSSL_LOCAL int wc_tsip_ShaXHmacVerify(
         const WOLFSSL *ssl,
         const byte* message, 
@@ -583,8 +635,11 @@ WOLFSSL_LOCAL int  wc_tsip_generateSessionKey(
         TsipUserCtx*    ctx,
         int             devId);
 
+WOLFSSL_LOCAL int wc_tsip_MakeRsaKey(int size, void* ctx);
+WOLFSSL_LOCAL int wc_tsip_RsaVerifyPkcs(wc_CryptoInfo* info, 
+                                                TsipUserCtx* tuc);
 
-
+WOLFSSL_LOCAL int  wc_tsip_GenerateRandBlock(byte* output, word32 size);
 
 #if defined(WOLFSSL_RENESAS_TSIP_CRYPT_DEBUG)
 byte *ret2err(word32 ret);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
index ffd7d725..1213eeee 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_cmn.h
@@ -44,7 +44,7 @@ WOLFSSL_LOCAL int Renesas_cmn_RsaEnc(WOLFSSL* ssl, const unsigned char* in,
 WOLFSSL_LOCAL int Renesas_cmn_VerifyHmac(WOLFSSL *ssl, const byte* message, 
                     word32 messageSz, word32 macSz, word32 content, void* ctx);
 WOLFSSL_LOCAL int Renesas_cmn_EccVerify(WOLFSSL* ssl, const unsigned char* sig,
-		unsigned int sigSz, const unsigned char* hash, unsigned int hashSz,
+        unsigned int sigSz, const unsigned char* hash, unsigned int hashSz,
         const unsigned char* key, unsigned int keySz, int* result, void* ctx);
 WOLFSSL_LOCAL int Renesas_cmn_RsaVerify(WOLFSSL* ssl,
                                 unsigned char* sig, unsigned int sigSz,
@@ -68,6 +68,7 @@ WOLFSSL_LOCAL int Renesas_cmn_SigPkCbEccVerify(const unsigned char* sig, unsigne
        int* result, void* ctx);
 
 /* Common Methods */
+WOLFSSL_LOCAL void* Renesas_cmn_GetCbCtxBydevId(int devId);
 int wc_CryptoCb_CryptInitRenesasCmn(WOLFSSL* ssl, void* ctx);
 void wc_CryptoCb_CleanupRenesasCmn(int* id);
 int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len, 
@@ -75,4 +76,8 @@ int wc_Renesas_cmn_RootCertVerify(const byte* cert, word32 cert_len,
         word32 key_e_len, word32 cm_row);
 WOLFSSL_LOCAL int Renesas_cmn_Cleanup(WOLFSSL* ssl);
 WOLFSSL_LOCAL byte Renesas_cmn_checkCA(word32 cmIdx);
+WOLFSSL_LOCAL int Renesas_cmn_TlsFinished(WOLFSSL* ssl, const byte *side,
+                            const byte *handshake_hash, word32 hashSz,
+                            byte *hashes, void* ctx);
+WOLFSSL_LOCAL int Renesas_cmn_generateSessionKey(WOLFSSL* ssl, void* ctx);
 #endif /* __RENESAS_CMN_H__ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
index bdf941fd..365abf5a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_sync.h
@@ -25,8 +25,8 @@
 #ifdef HAVE_RENESAS_SYNC
 
 struct WOLFSSL;
-struct User_SCEPKCbInfo;
-extern User_SCEPKCbInfo guser_PKCbInfo;
+struct FSPSM_ST;
+extern FSPSM_ST guser_PKCbInfo;
 
 WOLFSSL_API int wc_CryptoCb_CryptInitRenesasCmn(struct WOLFSSL* ssl, void* ctx);
 WOLFSSL_API void wc_CryptoCb_CleanupRenesasCmn(int* id);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
index fb9f79df..93738780 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h
@@ -63,7 +63,8 @@ typedef wolfssl_TSIP_Hash wc_Sha256;
 #endif /* NO_SHA */
 
 
-#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT)
+#if defined(WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT) ||\
+    defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)
 #include "r_tsip_rx_if.h"
 
 typedef struct {
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h
new file mode 100644
index 00000000..9d49b875
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-crypt.h
@@ -0,0 +1,80 @@
+/* aria-crypt.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+    \file wolfssl/wolfcrypt/port/aria/aria-crypt.h
+*/
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher implementation for
+encrypting and decrypting data.
+
+*/
+#ifndef WOLF_CRYPT_ARIA_CRYPT_H
+#define WOLF_CRYPT_ARIA_CRYPT_H
+
+#include <wolfssl/wolfcrypt/types.h>
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#include "mcapi.h"
+#include "mcapi_error.h"
+
+#define ARIA_128_KEY_SIZE 16
+#define ARIA_192_KEY_SIZE 24
+#define ARIA_256_KEY_SIZE 32
+
+#define ARIA_BLOCK_SIZE 16
+#define ARIA_GCM_AUTH_SZ 16
+
+#define WC_ARIA_GCM_GET_CIPHERTEXT_SIZE(x) (x+ARIA_GCM_AUTH_SZ)
+
+typedef struct {
+    MC_HSESSION hSession;
+    MC_ALGID algo;
+    MC_HOBJECT hKey;
+    word32 nonce[ARIA_BLOCK_SIZE / sizeof(word32)];
+    word32 nonceSz;
+} wc_Aria;
+
+WOLFSSL_API int wc_AriaInitCrypt(wc_Aria* aria, MC_ALGID algo);
+WOLFSSL_API int wc_AriaFreeCrypt(wc_Aria* aria);
+WOLFSSL_API int wc_AriaSetKey(wc_Aria* aria, byte* key);
+WOLFSSL_API int wc_AriaGcmSetExtIV(wc_Aria* aria, const byte* iv, word32 ivSz);
+WOLFSSL_API int wc_AriaGcmSetIV(wc_Aria* aria, word32 ivSz,
+                   const byte* ivFixed, word32 ivFixedSz,
+                   WC_RNG* rng);
+
+WOLFSSL_API int wc_AriaEncrypt(wc_Aria *aria, byte* out, byte* in, word32 inSz,
+                                    byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+                                    byte* authTag, word32 authTagSz);
+WOLFSSL_API int wc_AriaDecrypt(wc_Aria *aria, byte* out, byte* in, word32 inSz,
+                                    byte* iv, word32 ivSz, byte* aad, word32 aadSz,
+                                    byte* authTag, word32 authTagSz);
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ARIA_CRYPT_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
new file mode 100644
index 00000000..01e18b07
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
@@ -0,0 +1,69 @@
+/* aria-cryptocb.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+    \file wolfssl/wolfcrypt/port/aria/aria-cryptocb.h
+*/
+/*
+
+DESCRIPTION
+This library provides the interfaces to the ARIA cipher implementation for
+signing, verifying and hashing data.
+
+*/
+#ifndef WOLF_CRYPT_ARIA_CRYPTOCB_H
+#define WOLF_CRYPT_ARIA_CRYPTOCB_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/cryptocb.h>
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+#include "mcapi.h"
+#include "mcapi_error.h"
+
+int wc_AriaInit(void);
+int wc_AriaInitSha(MC_HSESSION* hSession, MC_ALGID algo);
+int wc_AriaShaUpdate(MC_HSESSION hSession, byte* data, word32 len);
+int wc_AriaShaFinal(MC_HSESSION hSession, byte* out, word32* len);
+int wc_AriaFree(MC_HSESSION* hSession, MC_HOBJECT *obj1);
+
+int wc_AriaSign(byte* in, word32 inSz, byte* out, word32* outSz, ecc_key* key);
+int wc_AriaVerify(byte* sig, word32 sigSz, byte* hash, word32 hashSz, int* res, ecc_key* key);
+int wc_AriaDerive(ecc_key* private_key, ecc_key* public_key, byte* out, word32* outSz);
+
+#ifndef ARIA_KEYASN1_MAXSZ
+#define ARIA_KEYASN1_MAXSZ 128
+#endif
+
+#ifdef WOLF_CRYPTO_CB
+
+#define WOLFSSL_ARIA_DEVID 8
+int wc_AriaCryptoCb(int devIdArg, wc_CryptoInfo* info, void* ctx);
+#endif
+
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLF_CRYPT_ARIA_CRYPTOCB_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
index e3e277d5..3f5174eb 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_driver.h
@@ -54,8 +54,8 @@
     #define WOLFSSL_MSG(in) printf("%s\n", (in))
     void DEBUG_PRINT_ARRAY(void* a, int aSz, char* str);
 #else
-    #define WOLFSSL_MSG(in)
-    #define DEBUG_PRINT_ARRAY(a,aSz,str)
+    #define WOLFSSL_MSG(in) do {} while (0)
+    #define DEBUG_PRINT_ARRAY(a,aSz,str) do {} while (0)
 #endif
 
 #define CAAM_PAGE_MAX 6
@@ -455,5 +455,6 @@ struct DESCSTRUCT {
 #define MAX_ECDSA_SIGN_ADDR 8
 #define BLACK_KEY_MAC_SZ 16
 #define BLACK_BLOB_KEYMOD_SZ 16
-#define RED_BLOB_KEYMOD_SZ 8
+#define RED_BLOB_KEYMOD_SZ 16
+#define SM_BLOB_KEYMOD_SZ 8
 #endif /* CAAM_DRIVER_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
index d3016f4a..55d1fccd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/caam_qnx.h
@@ -47,7 +47,7 @@
 #define CAAM_ADDRESS uintptr_t
 #define Success 1
 #define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() do {} while (0)
 #define MemoryMapMayNotBeEmpty -1
 #define CAAM_WAITING -2
 #define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
index ba9d7513..6c96edc4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam.h
@@ -91,8 +91,9 @@ WOLFSSL_API int wc_caamCoverKey(byte* in, word32 inSz, byte* out, word32* outSz,
 #define WC_CAAM_MAC_SZ 16
 #define WC_CAAM_BLOB_RED   1
 #define WC_CAAM_BLOB_BLACK 2
-#define WC_CAAM_RED_KEYMOD_SZ 8
+#define WC_CAAM_RED_KEYMOD_SZ 16
 #define WC_CAAM_BLACK_KEYMOD_SZ 16
+#define WC_SM_BLOB_KEYMOD_SZ 8
 #define WC_CAAM_MAX_ENTROPY 44
 
 #if !defined(WOLFSSL_QNX_CAAM) && !defined(WOLFSSL_SECO_CAAM) && \
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
index 7cdda7f5..c1f13672 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_fsl_nxp.h
@@ -24,7 +24,7 @@
 #ifndef WOLFCAAM_FSL_NXP_H
 #define WOLFCAAM_FSL_NXP_H
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef WOLFSSL_IMXRT1170_CAAM
 
@@ -44,7 +44,7 @@
 #define Boolean int
 #define Success 1
 #define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
 #define MemoryMapMayNotBeEmpty -1
 #define CAAM_WAITING -2
 #define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
index 1e329c66..6eee6b2c 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_qnx.h
@@ -24,7 +24,7 @@
 #ifndef WOLFCAAM_QNX_H
 #define WOLFCAAM_QNX_H
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef WOLFSSL_QNX_CAAM
 #include <sys/iofunc.h>
@@ -35,7 +35,7 @@
 #define Boolean int
 #define Success 1
 #define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
 #define MemoryMapMayNotBeEmpty -1
 #define CAAM_WAITING -2
 #define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
index bebfb3f3..d07c0549 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/caam/wolfcaam_seco.h
@@ -24,7 +24,7 @@
 #ifndef WOLFCAAM_SECO_H
 #define WOLFCAAM_SECO_H
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #ifdef WOLFSSL_SECO_CAAM
 
@@ -38,7 +38,7 @@
 #define Boolean int
 #define Success 1
 #define Failure 0
-#define INTERRUPT_Panic()
+#define INTERRUPT_Panic() WC_DO_NOTHING
 #define MemoryMapMayNotBeEmpty -1
 #define CAAM_WAITING -2
 #define NoActivityReady -1
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
index a987527e..cfd841fe 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/kcapi/kcapi_hmac.h
@@ -27,11 +27,5 @@
 #include <wolfssl/wolfcrypt/port/kcapi/wc_kcapi.h>
 #include <wolfssl/wolfcrypt/hmac.h>
 
-#if defined(HAVE_FIPS) && \
-                        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-int HmacInit(Hmac* hmac, void* heap, int devId);
-void HmacFree(Hmac* hmac);
-#endif
-
 #endif /* WOLF_CRYPT_KCAPI_HMAC_H  */
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
index 59e650f8..886d823a 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/psa/psa.h
@@ -42,7 +42,7 @@
     #include <config.h>
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 /* PSA implementation takes over the Sha struct and Sha functions implementation
    completely. Devoiding the struct of the DevId field and hooks to make
@@ -78,8 +78,8 @@
 void PSA_LOCK(void);
 void PSA_UNLOCK(void);
 #else
-#define PSA_LOCK()
-#define PSA_UNLOCK()
+#define PSA_LOCK() WC_DO_NOTHING
+#define PSA_UNLOCK() WC_DO_NOTHING
 #endif
 
 int wc_psa_init(void);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
index 4820b577..43cd0f09 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_ecc.h
@@ -44,20 +44,19 @@ int silabs_ecc_verify_hash (const byte* sig, word32 siglen,
                             int* stat, ecc_key* key);
 
 
-
 int silabs_ecc_make_key(ecc_key* key, int keysize);
 
-int silabs_ecc_import(ecc_key* key, word32 keysize);
-
-int silabs_ecc_import_private(ecc_key* key, word32 keysize);
-
-int silabs_ecc_sig_to_rs(ecc_key* key, word32 keySz);
-
-int silabs_ecc_import_private_raw(ecc_key* key, word32 keySz, const char* d, int encType);
+int silabs_ecc_import(ecc_key* key, word32 keysize, int pub, int priv);
+int silabs_ecc_export_public(ecc_key* key, sl_se_key_descriptor_t* seKey);
 
 int silabs_ecc_shared_secret(ecc_key* private_key, ecc_key* public_key,
                              byte* out, word32* outlen);
 
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+int silabs_ecc_load_vault(ecc_key* key);
+#endif
+
+
 #endif /* WOLFSSL_SILABS_SE_ACCEL */
 
 #endif /* _SILABS_ECC_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
index 6da76ac7..de502a9b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/silabs/silabs_hash.h
@@ -22,45 +22,75 @@
 #ifndef _SILABS_HASH_H_
 #define _SILABS_HASH_H_
 
-#include <em_device.h>
+#include <wolfssl/wolfcrypt/settings.h>
 
 #if defined(WOLFSSL_SILABS_SE_ACCEL)
 
+#include <em_device.h>
+
 #include <wolfssl/wolfcrypt/types.h>
 
 #include <sl_se_manager.h>
 #include <sl_se_manager_hash.h>
 
-#if defined(SL_SE_HASH_SHA384) && !defined(NO_SHA384)
-#define WOLFSSL_SILABS_SHA384
+/* workaround to detect older Gecko SDK version 3 */
+#if !defined(WOLFSSL_SILABS_SE_ACCEL_3) && !defined(SL_SE_PRF_HMAC_SHA1)
+    /* Use streaming instead of new multipart */
+    #define WOLFSSL_SILABS_SE_ACCEL_3
 #endif
 
-#if defined(SL_SE_HASH_SHA512) && !defined(NO_SHA384)
-#define WOLFSSL_SILABS_SHA512
+/* Enable SHA2-2384 and SHA2-512 if HW supports and enabled */
+#if (_SILICON_LABS_SECURITY_FEATURE == _SILICON_LABS_SECURITY_FEATURE_VAULT)
+    #ifdef WOLFSSL_SHA384
+        #define WOLFSSL_SILABS_SHA384
+    #endif
+    #ifdef WOLFSSL_SHA512
+        #define WOLFSSL_SILABS_SHA512
+    #endif
 #endif
 
+#ifdef WOLFSSL_SILABS_SE_ACCEL_3
+/* Gecko SDK v3 uses "streaming" interface */
 typedef struct {
-  sl_se_hash_streaming_context_t hash_ctx;
-  sl_se_command_context_t cmd_ctx;
-  union hash_type_ctx_u {
-    sl_se_sha1_streaming_context_t   sha1_ctx;
-    sl_se_sha224_streaming_context_t sha224_ctx;
-    sl_se_sha256_streaming_context_t sha256_ctx;
-#ifdef WOLFSSL_SILABS_SHA384
-    sl_se_sha384_streaming_context_t sha384_ctx;
-#endif
-#ifdef WOLFSSL_SILABS_SHA512
-    sl_se_sha512_streaming_context_t sha512_ctx;
-#endif
-  } hash_type_ctx;
+    sl_se_hash_streaming_context_t hash_ctx;
+    sl_se_command_context_t cmd_ctx;
+    union hash_type_ctx_u {
+        sl_se_sha1_streaming_context_t   sha1_ctx;
+        sl_se_sha224_streaming_context_t sha224_ctx;
+        sl_se_sha256_streaming_context_t sha256_ctx;
+    #ifdef WOLFSSL_SILABS_SHA384
+        sl_se_sha384_streaming_context_t sha384_ctx;
+    #endif
+    #ifdef WOLFSSL_SILABS_SHA512
+        sl_se_sha512_streaming_context_t sha512_ctx;
+    #endif
+    } hash_type_ctx;
+} wc_silabs_sha_t;
+#else
+/* Gecko SDK v4 or later uses "multipart" interface */
+typedef struct {
+    sl_se_command_context_t cmd_ctx;
+    union hash_type_ctx_u {
+        sl_se_sha1_multipart_context_t   sha1_ctx;
+        sl_se_sha224_multipart_context_t sha224_ctx;
+        sl_se_sha256_multipart_context_t sha256_ctx;
+    #ifdef WOLFSSL_SILABS_SHA384
+        sl_se_sha384_multipart_context_t sha384_ctx;
+    #endif
+    #ifdef WOLFSSL_SILABS_SHA512
+        sl_se_sha512_multipart_context_t sha512_ctx;
+    #endif
+    } hash_type_ctx;
 } wc_silabs_sha_t;
+#endif
 
-int wc_silabs_se_hash_init (wc_silabs_sha_t* sha, enum wc_HashType type);
-int wc_silabs_se_hash_update (wc_silabs_sha_t* sha, const byte* data, word32 len);
-int wc_silabs_se_hash_final (wc_silabs_sha_t* sha, byte* hash);
+int wc_silabs_se_hash_init(wc_silabs_sha_t* sha, enum wc_HashType type);
+int wc_silabs_se_hash_update(wc_silabs_sha_t* sha, const byte* data,
+    word32 len);
+int wc_silabs_se_hash_final(wc_silabs_sha_t* sha, byte* hash, word32 len);
 
 
 
-#endif /* defined(WOLFSSL_SILABS_SE_ACCEL) */
+#endif /* WOLFSSL_SILABS_SE_ACCEL */
 
 #endif /* _SILABS_HASH_H_ */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
index 1bcb7749..44666304 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/st/stm32.h
@@ -131,9 +131,13 @@ int  wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
         #define STM32_CRYPTO_AES_GCM
     #endif
 
-    #if defined(WOLFSSL_STM32WB)
+    #if defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32WL)
         #define STM32_CRYPTO_AES_ONLY /* crypto engine only supports AES */
-        #define CRYP AES1
+        #ifdef WOLFSSL_STM32WB
+            #define CRYP AES1
+        #else
+            #define CRYP AES
+        #endif
         #define STM32_HAL_V2
     #endif
     #if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
@@ -168,9 +172,11 @@ int  wc_Stm32_Hash_Final(STM32_HASH_Context* stmCtx, word32 algo,
     struct Aes;
     #ifdef WOLFSSL_STM32_CUBEMX
         int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_HandleTypeDef* hcryp);
+        void wc_Stm32_Aes_Cleanup(void);
     #else /* Standard Peripheral Library */
         int wc_Stm32_Aes_Init(struct Aes* aes, CRYP_InitTypeDef* cryptInit,
             CRYP_KeyInitTypeDef* keyInit);
+        void wc_Stm32_Aes_Cleanup(void);
     #endif /* WOLFSSL_STM32_CUBEMX */
 #endif /* !NO_AES */
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
index a9fb8bc2..c2379060 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/ti/ti-ccm.h
@@ -27,7 +27,7 @@
     #include <config.h>
 #endif
 
-#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/wolfcrypt/types.h>
 
 #if defined(WOLFSSL_TI_CRYPT) ||  defined(WOLFSSL_TI_HASH)
 
@@ -37,8 +37,8 @@ int wolfSSL_TI_CCMInit(void) ;
 void wolfSSL_TI_lockCCM(void) ;
 void wolfSSL_TI_unlockCCM(void) ;
 #else
-#define wolfSSL_TI_lockCCM()
-#define wolfSSL_TI_unlockCCM()
+#define wolfSSL_TI_lockCCM() WC_DO_NOTHING
+#define wolfSSL_TI_unlockCCM() WC_DO_NOTHING
 #endif
 
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
index 1cb35183..41203c2b 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/port/xilinx/xil-versal-glue.h
@@ -37,8 +37,8 @@ extern "C" {
 #define XIL_CAST_U64(v) ((u64)(UINTPTR)(v))
 
 #ifdef XSECURE_CACHE_DISABLE
-#define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) do{}while(0)
-#define WOLFSSL_XIL_DCACHE_FLUSH_RANGE(p, l)      do{}while(0)
+#define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) WC_DO_NOTHING
+#define WOLFSSL_XIL_DCACHE_FLUSH_RANGE(p, l)      WC_DO_NOTHING
 #else
 #define WOLFSSL_XIL_DCACHE_INVALIDATE_RANGE(p, l) \
     do{ Xil_DCacheInvalidateRange((p), (l)); }while(0)
@@ -51,7 +51,7 @@ extern "C" {
 #include <unistd.h>
 #define WOLFSSL_XIL_SLEEP(n) do{ sleep(n); }while(0)
 #else
-#define WOLFSSL_XIL_SLEEP(n) do{}while(0)
+#define WOLFSSL_XIL_SLEEP(n) WC_DO_NOTHING
 #endif
 
 /* Provide our own message macro since the Versal PLM maybe
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
index b7d75884..8cd599bd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/random.h
@@ -35,12 +35,6 @@
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-/* included for fips @wc_fips */
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#include <cyassl/ctaocrypt/random.h>
-#endif
-
 #ifdef __cplusplus
     extern "C" {
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
index a904c8a6..acdc3bb7 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/rsa.h
@@ -63,17 +63,9 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
     #include "user_rsa.h"
 #else
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-/* for fips @wc_fips */
-#include <cyassl/ctaocrypt/rsa.h>
-#if defined(CYASSL_KEY_GEN) && !defined(WOLFSSL_KEY_GEN)
-    #define WOLFSSL_KEY_GEN
-#endif
-#else
-    #include <wolfssl/wolfcrypt/wolfmath.h>
-    #include <wolfssl/wolfcrypt/random.h>
-#endif /* HAVE_FIPS && HAVE_FIPS_VERION 1 */
+#include <wolfssl/wolfcrypt/wolfmath.h>
+#include <wolfssl/wolfcrypt/random.h>
+
 #if defined(HAVE_FIPS) && \
         defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
 #include <wolfssl/wolfcrypt/fips.h>
@@ -102,6 +94,10 @@ RSA keys can be used to encrypt, decrypt, sign and verify data.
     #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
 #endif
 
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    #include <wolfssl/wolfcrypt/port/renesas/renesas-fspsm-crypt.h>
+#endif
+
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -213,6 +209,7 @@ struct RsaKey {
     byte   keyIdSet;
 #endif
 #ifdef WOLF_CRYPTO_CB
+    void* devCtx;
     int   devId;
 #endif
 #if defined(HAVE_PKCS11)
@@ -263,6 +260,9 @@ struct RsaKey {
 #if defined(WOLFSSL_DEVCRYPTO_RSA)
     WC_CRYPTODEV ctx;
 #endif
+#if defined(WOLFSSL_RENESAS_FSPSM)
+    FSPSM_RSA_CTX ctx;
+#endif
 };
 
 #ifndef WC_RSAKEY_TYPE_DEFINED
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
index 47e3b736..5eacd6c8 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/settings.h
@@ -224,7 +224,7 @@
 /* #define WOLFSSL_ESPIDF */
 
 /* Uncomment next line if using Espressif ESP32-WROOM-32 */
-/* #define WOLFSSL_ESPWROOM32 */
+/* #define WOLFSSL_ESP32 */
 
 /* Uncomment next line if using Espressif ESP32-WROOM-32SE */
 /* #define WOLFSSL_ESPWROOM32SE */
@@ -297,7 +297,11 @@
     #if FIPS_VERSION_LT(2,0)
         #define WC_RNG RNG
     #else
-        #ifndef WOLFSSL_STM32L4
+        /* RNG needs to be defined to WC_RNG anytime another library on the
+         * system or other set of headers included by wolfSSL already defines
+         * RNG. Examples are:
+         * wolfEngine, wolfProvider and potentially other use-cases */
+        #ifndef RNG
             #define RNG WC_RNG
         #endif
     #endif
@@ -312,6 +316,45 @@
     #endif
 #endif
 
+/* OpenSSL compat layer */
+#if defined(OPENSSL_EXTRA) && !defined(OPENSSL_COEXIST)
+#undef  WOLFSSL_ALWAYS_VERIFY_CB
+#define WOLFSSL_ALWAYS_VERIFY_CB
+
+#undef WOLFSSL_VERIFY_CB_ALL_CERTS
+#define WOLFSSL_VERIFY_CB_ALL_CERTS
+
+#undef WOLFSSL_EXTRA_ALERTS
+#define WOLFSSL_EXTRA_ALERTS
+
+#undef HAVE_EXT_CACHE
+#define HAVE_EXT_CACHE
+
+#undef WOLFSSL_FORCE_CACHE_ON_TICKET
+#define WOLFSSL_FORCE_CACHE_ON_TICKET
+
+#undef WOLFSSL_AKID_NAME
+#define WOLFSSL_AKID_NAME
+
+#undef HAVE_CTS
+#define HAVE_CTS
+
+#undef WOLFSSL_SESSION_ID_CTX
+#define WOLFSSL_SESSION_ID_CTX
+#endif /* OPENSSL_EXTRA && !OPENSSL_COEXIST */
+
+/* Special small OpenSSL compat layer for certs */
+#ifdef OPENSSL_EXTRA_X509_SMALL
+#undef WOLFSSL_EKU_OID
+#define WOLFSSL_EKU_OID
+
+#undef WOLFSSL_MULTI_ATTRIB
+#define WOLFSSL_MULTI_ATTRIB
+
+#undef WOLFSSL_NO_OPENSSL_RAND_CB
+#define WOLFSSL_NO_OPENSSL_RAND_CB
+#endif /* OPENSSL_EXTRA_X509_SMALL */
+
 #if defined(_WIN32) && !defined(_M_X64) && \
     defined(HAVE_AESGCM) && defined(WOLFSSL_AESNI)
 
@@ -339,41 +382,108 @@
 #endif
 
 #if defined(WOLFSSL_ESPIDF)
-    #define FREERTOS
-    #define WOLFSSL_LWIP
-    #define NO_WRITEV
     #define SIZEOF_LONG_LONG 8
-    #define NO_WOLFSSL_DIR
-    #define WOLFSSL_NO_CURRDIR
+    #ifndef NO_ESPIDF_DEFAULT
+        #define FREERTOS
+        #define WOLFSSL_LWIP
+        #define NO_WRITEV
+        #define NO_WOLFSSL_DIR
+        #define WOLFSSL_NO_CURRDIR
 
-    #define TFM_TIMING_RESISTANT
-    #define ECC_TIMING_RESISTANT
-    #define WC_RSA_BLINDING
+        #define TFM_TIMING_RESISTANT
+        #define ECC_TIMING_RESISTANT
+        #define WC_RSA_BLINDING
+        #define WC_NO_CACHE_RESISTANT
+    #endif /* !WOLFSSL_ESPIDF_NO_DEFAULT */
+
+#if defined(WOLFSSL_ESPWROOM32)
+    /* WOLFSSL_ESPWROOM32 is a legacy macro gate.
+    ** Not be be confused with WOLFSSL_ESPWROOM32SE, naming a specific board */
+    #undef WOLFSSL_ESP32
+    #define WOLFSSL_ESP32
+#endif
+
+#if defined(NO_ESP32WROOM32_CRYPT)
+    #undef NO_ESP32WROOM32_CRYPT
+    #define NO_ESP32_CRYPT
+    #error "Please use NO_ESP32_CRYPT not NO_ESP32WROOM32_CRYPT"
+#endif
+
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+    #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH
+    #define NO_WOLFSSL_ESP32_CRYPT_HASH
+    #error "Please use NO_WOLFSSL_ESP32_CRYPT_HASH not NO_ESP32WROOM32_CRYPT"
+#endif
+
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_AES)
+    #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_AES
+    #define NO_WOLFSSL_ESP32_CRYPT_AES
+    #error "Please use NO_WOLFSSL_ESP32_CRYPT_AES" \
+           " not " "NO_WOLFSSL_ESP32WROOM32_CRYPT_AES"
+#endif
 
-#if defined(WOLFSSL_ESPWROOM32) || defined(WOLFSSL_ESPWROOM32SE)
-   #ifndef NO_ESP32WROOM32_CRYPT
-        #define WOLFSSL_ESP32WROOM32_CRYPT
+#if defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
+    #undef NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+    #define NO_WOLFSSL_ESP32_CRYPT_RSA_PRI
+    #error "Please use NO_WOLFSSL_ESP32_CRYPT_RSA_PRI" \
+           " not " "NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI"
+#endif
+
+#if defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE)
+    #ifndef NO_ESP32_CRYPT
+        #define WOLFSSL_ESP32_CRYPT
         #if defined(ESP32_USE_RSA_PRIMITIVE) && \
-            !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI)
-            #define WOLFSSL_ESP32WROOM32_CRYPT_RSA_PRI
+            !defined(NO_WOLFSSL_ESP32_CRYPT_RSA_PRI)
+            #define WOLFSSL_ESP32_CRYPT_RSA_PRI
             #define WOLFSSL_SMALL_STACK
         #endif
-   #endif
-#endif
+    #endif
+
+    #if defined(WOLFSSL_SP_RISCV32)
+        #if defined(CONFIG_IDF_TARGET_ESP32C2) || \
+            defined(CONFIG_IDF_TARGET_ESP32C3) || \
+            defined(CONFIG_IDF_TARGET_ESP32C6)
+            /* ok, only the known C2, C3, C6 chips allowed */
+        #else
+            #error "WOLFSSL_SP_RISCV32 can only be used on RISC-V architecture"
+        #endif
+    #endif
+    #if defined(WOLFSSL_SM2) || defined(WOLFSSL_SM3) || defined(WOLFSSL_SM4)
+        /* SM settings */
+        #undef  WOLFSSL_BASE16
+        #define WOLFSSL_BASE16 /* required for WOLFSSL_SM2 */
+
+        #undef  WOLFSSL_SM4_ECB
+        #define WOLFSSL_SM4_ECB
+
+        #undef  WOLFSSL_SM4_CBC
+        #define WOLFSSL_SM4_CBC
+
+        #undef  WOLFSSL_SM4_CTR
+        #define WOLFSSL_SM4_CTR
+
+        #undef  WOLFSSL_SM4_GCM
+        #define WOLFSSL_SM4_GCM
+
+        #undef  WOLFSSL_SM4_CCM
+        #define WOLFSSL_SM4_CCM
+
+        #undef  HAVE_POLY1305
+        #define HAVE_POLY1305
+
+        #undef  HAVE_CHACHA
+        #define HAVE_CHACHA
+
+        #undef  HAVE_AESGCM
+        #define HAVE_AESGCM
+    #endif /* SM */
+#endif /* defined(WOLFSSL_ESP32) || defined(WOLFSSL_ESPWROOM32SE) */
 #endif /* WOLFSSL_ESPIDF */
 
-#if defined(WOLFCRYPT_ONLY)
-    #undef WOLFSSL_RENESAS_TSIP
-#endif /* WOLFCRYPT_ONLY */
 #if defined(WOLFSSL_RENESAS_TSIP)
     #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE 64
     #define TSIP_TLS_MASTERSECRET_SIZE       80   /* 20 words */
     #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in byte  */
-    #if !defined(NO_RENESAS_TSIP_CRYPT) && defined(WOLFSSL_RENESAS_RX65N)
-        #define WOLFSSL_RENESAS_TSIP_CRYPT
-        #define WOLFSSL_RENESAS_TSIP_TLS
-        #define WOLFSSL_RENESAS_TSIP_TLS_AES_CRYPT
-    #endif
 #endif /* WOLFSSL_RENESAS_TSIP */
 
 #if !defined(WOLFSSL_NO_HASH_RAW) && defined(WOLFSSL_RENESAS_RX64_HASH)
@@ -382,15 +492,15 @@
 #endif
 
 #if defined(WOLFSSL_RENESAS_SCEPROTECT)
-    #define SCE_TLS_MASTERSECRET_SIZE         80  /* 20 words */
+    #define FSPSM_TLS_MASTERSECRET_SIZE         80  /* 20 words */
     #define TSIP_TLS_HMAC_KEY_INDEX_WORDSIZE  64
-    #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560 /* in bytes */
-    #define SCE_TLS_CLIENTRANDOM_SZ           36  /* in bytes */
-    #define SCE_TLS_SERVERRANDOM_SZ           36  /* in bytes */
-    #define SCE_TLS_ENCRYPTED_ECCPUBKEY_SZ    96  /* in bytes */
+    #define TSIP_TLS_ENCPUBKEY_SZ_BY_CERTVRFY 560   /* in bytes */
+    #define FSPSM_TLS_CLIENTRANDOM_SZ           36  /* in bytes */
+    #define FSPSM_TLS_SERVERRANDOM_SZ           36  /* in bytes */
+    #define FSPSM_TLS_ENCRYPTED_ECCPUBKEY_SZ    96  /* in bytes */
 
-    #define WOLFSSL_RENESAS_SCEPROTECT_ECC
-    #if defined(WOLFSSL_RENESAS_SCEPROTECT_ECC)
+    #define WOLFSSL_RENESAS_FSPSM_ECC
+    #if defined(WOLFSSL_RENESAS_FSPSM_ECC)
         #define HAVE_PK_CALLBACKS
         /* #define DEBUG_PK_CB */
     #endif
@@ -559,8 +669,8 @@
 #ifdef WOLFSSL_PICOTCP_DEMO
     #define WOLFSSL_STM32
     #define TFM_TIMING_RESISTANT
-    #define XMALLOC(s, h, type)  PICO_ZALLOC((s))
-    #define XFREE(p, h, type)    PICO_FREE((p))
+    #define XMALLOC(s, h, type)  ((void)(h), (void)(type), PICO_ZALLOC((s)))
+    #define XFREE(p, h, type)    ((void)(h), (void)(type), PICO_FREE((p)))
     #define SINGLE_THREADED
     #define NO_WRITEV
     #define WOLFSSL_USER_IO
@@ -747,9 +857,9 @@ extern void *uITRON4_malloc(size_t sz) ;
 extern void *uITRON4_realloc(void *p, size_t sz) ;
 extern void uITRON4_free(void *p) ;
 
-#define XMALLOC(sz, heap, type)     uITRON4_malloc(sz)
-#define XREALLOC(p, sz, heap, type) uITRON4_realloc(p, sz)
-#define XFREE(p, heap, type)        uITRON4_free(p)
+#define XMALLOC(sz, heap, type)     ((void)(heap), (void)(type), uITRON4_malloc(sz))
+#define XREALLOC(p, sz, heap, type) ((void)(heap), (void)(type), uITRON4_realloc(p, sz))
+#define XFREE(p, heap, type)        ((void)(heap), (void)(type), uITRON4_free(p))
 #endif
 
 #if defined(WOLFSSL_uTKERNEL2)
@@ -759,9 +869,9 @@ extern void uITRON4_free(void *p) ;
     void* uTKernel_malloc(unsigned int sz);
     void* uTKernel_realloc(void *p, unsigned int sz);
     void  uTKernel_free(void *p);
-    #define XMALLOC(s, h, type)  uTKernel_malloc((s))
-    #define XREALLOC(p, n, h, t) uTKernel_realloc((p), (n))
-    #define XFREE(p, h, type)    uTKernel_free((p))
+    #define XMALLOC(s, h, type)  ((void)(h), (void)(type), uTKernel_malloc((s)))
+    #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), uTKernel_realloc((p), (n)))
+    #define XFREE(p, h, type)    ((void)(h), (void)(type), uTKernel_free((p)))
   #endif
 
   #ifndef NO_STDIO_FGETS_REMAP
@@ -791,9 +901,9 @@ extern void uITRON4_free(void *p) ;
 #if defined(WOLFSSL_LEANPSK) && !defined(XMALLOC_USER) && \
         !defined(NO_WOLFSSL_MEMORY)
     #include <stdlib.h>
-    #define XMALLOC(s, h, type)  malloc((s))
-    #define XFREE(p, h, type)    free((p))
-    #define XREALLOC(p, n, h, t) realloc((p), (n))
+    #define XMALLOC(s, h, type)  ((void)(h), (void)(type), malloc((s)))
+    #define XFREE(p, h, type)    ((void)(h), (void)(type), free((p)))
+    #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
 #endif
 
 #if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
@@ -812,16 +922,16 @@ extern void uITRON4_free(void *p) ;
 
     #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
         !defined(WOLFSSL_STATIC_MEMORY) && !defined(WOLFSSL_TRACK_MEMORY)
-        #define XMALLOC(s, h, type)  pvPortMalloc((s))
-        #define XFREE(p, h, type)    vPortFree((p))
+        #define XMALLOC(s, h, type)  ((void)(h), (void)(type), pvPortMalloc((s)))
+        #define XFREE(p, h, type)    ((void)(h), (void)(type), vPortFree((p)))
         #if defined(WOLFSSL_ESPIDF)
                 /* In IDF, realloc(p, n) is equivalent to
                  * heap_caps_realloc(p, s, MALLOC_CAP_8BIT) */
-                #define XREALLOC(p, n, h, t) realloc((p), (n))
+                #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), realloc((p), (n)))
         /* FreeRTOS pvPortRealloc() implementation can be found here:
          * https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
         #elif defined(USE_INTEGER_HEAP_MATH) || defined(OPENSSL_EXTRA)
-                #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+                #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
         #endif
     #endif
 
@@ -918,7 +1028,7 @@ extern void uITRON4_free(void *p) ;
         #define SINGLE_THREADED
     #endif
 
-    #if (RTPLATFORM)
+    #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
         #if (!RTP_LITTLE_ENDIAN)
             #define BIG_ENDIAN_ORDER
         #endif
@@ -937,9 +1047,13 @@ extern void uITRON4_free(void *p) ;
         #endif
     #endif
 
-    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
-    #define XFREE(p, h, type) (rtp_free(p))
-    #define XREALLOC(p, n, h, t) (rtp_realloc((p), (n)))
+    #if (WINMSP3)
+        #define strtok_r strtok_s
+    #endif
+
+    #define XMALLOC(s, h, type) ((void)(h), (void)(type), ((void *)rtp_malloc((s), SSL_PRO_MALLOC)))
+    #define XFREE(p, h, type) ((void)(h), (void)(type), rtp_free(p))
+    #define XREALLOC(p, n, h, t) ((void)(h), rtp_realloc((p), (n), (t)))
 
     #if (WINMSP3)
         #define XSTRNCASECMP(s1,s2,n)  _strnicmp((s1),(s2),(n))
@@ -999,14 +1113,14 @@ extern void uITRON4_free(void *p) ;
     #endif
     #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
         !defined(WOLFSSL_STATIC_MEMORY)
-        #define XMALLOC(s, h, type)  pvPortMalloc((s))
-        #define XFREE(p, h, type)    vPortFree((p))
+        #define XMALLOC(s, h, type)  ((void)(h), (void)(type), pvPortMalloc((s)))
+        #define XFREE(p, h, type)    ((void)(h), (void)(type), vPortFree((p)))
 
         /* FreeRTOS pvPortRealloc() implementation can be found here:
             https://github.com/wolfSSL/wolfssl-freertos/pull/3/files */
         #if !defined(USE_FAST_MATH) || defined(HAVE_ED25519) || \
             defined(HAVE_ED448)
-            #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+            #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), pvPortRealloc((p), (n)))
         #endif
     #endif
 #endif
@@ -1062,8 +1176,8 @@ extern void uITRON4_free(void *p) ;
 
     #if !defined(XMALLOC_OVERRIDE) && !defined(XMALLOC_USER)
         #define XMALLOC_OVERRIDE
-        #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
-        #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+        #define XMALLOC(s, h, t)    ((void)(h), (void)(t), (void *)_mem_alloc_system((s)))
+        #define XFREE(p, h, t)      {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));}
         /* Note: MQX has no realloc, using fastmath above */
     #endif
     #ifdef USE_FAST_MATH
@@ -1093,8 +1207,8 @@ extern void uITRON4_free(void *p) ;
         #include <mutex.h>
     #endif
 
-    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
-    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    #define XMALLOC(s, h, t)    ((void)(h), (void)(t), (void *)_mem_alloc_system((s)))
+    #define XFREE(p, h, t)      {void* xp = (p); (void)(h); (void)(t); if ((xp)) _mem_free((xp));}
     #define XREALLOC(p, n, h, t) _mem_realloc((p), (n)) /* since MQX 4.1.2 */
 
     #define MQX_FILE_PTR FILE *
@@ -1107,8 +1221,8 @@ extern void uITRON4_free(void *p) ;
     #define WOLFSSL_CRYPT_HW_MUTEX 1
 
     #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY)
-        #define XMALLOC(s, h, type)  pvPortMalloc((s))
-        #define XFREE(p, h, type)    vPortFree((p))
+        #define XMALLOC(s, h, type)  ((void)(h), (void)(type), pvPortMalloc((s)))
+        #define XFREE(p, h, type)    ((void)(h), (void)(type), vPortFree((p)))
     #endif
 
     /* #define USER_TICKS */
@@ -1363,7 +1477,7 @@ extern void uITRON4_free(void *p) ;
     defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
     defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32H7) || \
     defined(WOLFSSL_STM32G0) || defined(WOLFSSL_STM32U5) || \
-    defined(WOLFSSL_STM32H5)
+    defined(WOLFSSL_STM32H5) || defined(WOLFSSL_STM32WL)
 
     #define SIZEOF_LONG_LONG 8
     #ifndef CHAR_BIT
@@ -1383,7 +1497,8 @@ extern void uITRON4_free(void *p) ;
         #define STM32_CRYPTO
 
         #if defined(WOLFSSL_STM32L4) || defined(WOLFSSL_STM32L5) || \
-            defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32U5)
+            defined(WOLFSSL_STM32WB) || defined(WOLFSSL_STM32U5) || \
+            defined(WOLFSSL_STM32WL)
             #define NO_AES_192 /* hardware does not support 192-bit */
         #endif
     #endif
@@ -1414,6 +1529,8 @@ extern void uITRON4_free(void *p) ;
             #include "stm32h7xx_hal.h"
         #elif defined(WOLFSSL_STM32WB)
             #include "stm32wbxx_hal.h"
+        #elif defined(WOLFSSL_STM32WL)
+            #include "stm32wlxx_hal.h"
         #elif defined(WOLFSSL_STM32G0)
             #include "stm32g0xx_hal.h"
         #elif defined(WOLFSSL_STM32U5)
@@ -1428,6 +1545,11 @@ extern void uITRON4_free(void *p) ;
         #ifndef STM32_HAL_TIMEOUT
             #define STM32_HAL_TIMEOUT   0xFF
         #endif
+
+        #if defined(WOLFSSL_STM32_PKA) && !defined(WOLFSSL_SP_INT_NEGATIVE)
+            /* enable the negative support for abs(a) |a| */
+            #define WOLFSSL_SP_INT_NEGATIVE
+        #endif
     #else
         #if defined(WOLFSSL_STM32F2)
             #include "stm32f2xx.h"
@@ -1524,6 +1646,7 @@ extern void uITRON4_free(void *p) ;
 #ifdef MICRIUM
     #include <stdlib.h>
     #include <os.h>
+    #include <app_cfg.h>
     #if defined(RTOS_MODULE_NET_AVAIL) || (APP_CFG_TCPIP_EN == DEF_ENABLED)
         #include <net_cfg.h>
         #include <net_sock.h>
@@ -1761,9 +1884,9 @@ extern void uITRON4_free(void *p) ;
     #define NO_SESSION_CACHE
     #define NO_ERROR_STRINGS
     #define XMALLOC_USER
-    #define XMALLOC(sz, heap, type)     os_malloc(sz)
-    #define XREALLOC(p, sz, heap, type) os_realloc(p, sz)
-    #define XFREE(p, heap, type)        os_free(p)
+    #define XMALLOC(sz, heap, type)     ((void)(heap), (void)(type), os_malloc(sz))
+    #define XREALLOC(p, sz, heap, type) ((void)(heap), (void)(type), os_realloc(p, sz))
+    #define XFREE(p, heap, type)        ((void)(heap), (void)(type), os_free(p))
 
 #endif /*(WOLFSSL_APACHE_MYNEWT)*/
 
@@ -1876,11 +1999,13 @@ extern void uITRON4_free(void *p) ;
     #endif
 #endif
 
-#ifdef _MSC_VER
-    #ifndef HAVE_SSIZE_T
-        #include <BaseTsd.h>
-        typedef SSIZE_T ssize_t;
-    #endif
+#if defined(NO_WC_SSIZE_TYPE) || defined(ssize_t)
+    /* ssize_t comes from system headers or user_settings.h */
+#elif defined(WC_SSIZE_TYPE)
+    typedef WC_SSIZE_TYPE ssize_t;
+#elif defined(_MSC_VER)
+    #include <BaseTsd.h>
+    typedef SSIZE_T ssize_t;
 #endif
 
 /* If DCP is used without SINGLE_THREADED, enforce WOLFSSL_CRYPT_HW_MUTEX */
@@ -1899,9 +2024,9 @@ extern void uITRON4_free(void *p) ;
     #include "RTOS.h"
     #if !defined(XMALLOC_USER) && !defined(NO_WOLFSSL_MEMORY) && \
         !defined(WOLFSSL_STATIC_MEMORY)
-        #define XMALLOC(s, h, type)  OS_HEAP_malloc((s))
-        #define XFREE(p, h, type)    OS_HEAP_free((p))
-        #define XREALLOC(p, n, h, t) OS_HEAP_realloc(((p), (n))
+        #define XMALLOC(s, h, type)  ((void)(h), (void)(type), OS_HEAP_malloc((s)))
+        #define XFREE(p, h, type)    ((void)(h), (void)(type), OS_HEAP_free((p)))
+        #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), OS_HEAP_realloc(((p), (n)))
     #endif
 #endif
 
@@ -2014,8 +2139,6 @@ extern void uITRON4_free(void *p) ;
     #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */
 #endif
 
-
-
 /* ---------------------------------------------------------------------------
  * Math Library Selection (in order of preference)
  * ---------------------------------------------------------------------------
@@ -2027,17 +2150,22 @@ extern void uITRON4_free(void *p) ;
          *      Constant time: Always
          *      Enable:        WOLFSSL_SP_MATH_ALL
          */
+        #undef USE_FAST_MATH
+        #undef USE_INTEGER_HEAP_MATH
     #elif defined(WOLFSSL_SP_MATH)
         /*  2) SP Math with restricted key sizes: wolfSSL proprietary math
          *         implementation (sp_*.c).
          *      Constant time: Always
          *      Enable:        WOLFSSL_SP_MATH
          */
+        #undef USE_FAST_MATH
+        #undef USE_INTEGER_HEAP_MATH
     #elif defined(USE_FAST_MATH)
         /*  3) Tom's Fast Math: Stack based (tfm.c)
          *      Constant time: Only with TFM_TIMING_RESISTANT
          *      Enable:        USE_FAST_MATH
          */
+        #undef USE_INTEGER_HEAP_MATH
     #elif defined(USE_INTEGER_HEAP_MATH)
         /*  4) Integer Heap Math:  Heap based (integer.c)
          *      Constant time: Not supported
@@ -2078,6 +2206,9 @@ extern void uITRON4_free(void *p) ;
     #ifdef WOLFSSL_SP_MATH
         /* for single precision math only make sure the enabled key sizes are
          * included in the ECC curve table */
+        #if defined(WOLFSSL_SP_NO_256) && !defined(NO_ECC256)
+            #define NO_ECC256
+        #endif
         #if defined(WOLFSSL_SP_384) && !defined(HAVE_ECC384)
             #define HAVE_ECC384
         #endif
@@ -2184,8 +2315,15 @@ extern void uITRON4_free(void *p) ;
 
 /* Ed25519 Configs */
 #ifdef HAVE_ED25519
-    /* By default enable sign, verify, key export and import */
+    /* By default enable make key, sign, verify, key export and import */
+    #ifndef NO_ED25519_MAKE_KEY
+        #undef HAVE_ED25519_MAKE_KEY
+        #define HAVE_ED25519_MAKE_KEY
+    #endif
     #ifndef NO_ED25519_SIGN
+        #ifndef HAVE_ED25519_MAKE_KEY
+           #error "Need HAVE_ED25519_MAKE_KEY with HAVE_ED25519_SIGN"
+        #endif
         #undef HAVE_ED25519_SIGN
         #define HAVE_ED25519_SIGN
     #endif
@@ -2421,6 +2559,7 @@ extern void uITRON4_free(void *p) ;
 /* Asynchronous Crypto */
 #ifdef WOLFSSL_ASYNC_CRYPT
     #if !defined(HAVE_CAVIUM) && !defined(HAVE_INTEL_QA) && \
+        !defined(WOLF_CRYPTO_CB) && !defined(HAVE_PK_CALLBACKS) && \
         !defined(WOLFSSL_ASYNC_CRYPT_SW)
         #error No async backend defined with WOLFSSL_ASYNC_CRYPT!
     #endif
@@ -2602,6 +2741,11 @@ extern void uITRON4_free(void *p) ;
     #endif
 #endif
 
+/* Make sure setting OPENSSL_ALL also sets OPENSSL_EXTRA. */
+#if defined(OPENSSL_ALL) && !defined(OPENSSL_EXTRA)
+    #define OPENSSL_EXTRA
+#endif
+
 #ifdef HAVE_SNI
     #define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
 #endif
@@ -2848,6 +2992,12 @@ extern void uITRON4_free(void *p) ;
     #error Small stack cannot be used with no malloc (WOLFSSL_NO_MALLOC)
 #endif
 
+/* If malloc is disabled make sure it is also disabled in SP math */
+#if defined(WOLFSSL_NO_MALLOC) && !defined(WOLFSSL_SP_NO_MALLOC) && \
+    (defined(WOLFSSL_SP_MATH) || defined(WOLFSSL_SP_MATH_ALL))
+    #define WOLFSSL_SP_NO_MALLOC
+#endif
+
 /* Enable DH Extra for QT, openssl all, openssh and static ephemeral */
 /* Allows export/import of DH key and params as DER */
 #if !defined(NO_DH) && !defined(WOLFSSL_DH_EXTRA) && \
@@ -2922,7 +3072,9 @@ extern void uITRON4_free(void *p) ;
 #define HAVE_PQC
 #define HAVE_FALCON
 #define HAVE_DILITHIUM
-#define HAVE_SPHINCS
+#ifndef WOLFSSL_NO_SPHINCS
+    #define HAVE_SPHINCS
+#endif
 #ifndef WOLFSSL_HAVE_KYBER
     #define WOLFSSL_HAVE_KYBER
     #define WOLFSSL_KYBER512
@@ -2948,6 +3100,15 @@ extern void uITRON4_free(void *p) ;
 #error Please do not define both HAVE_LIBOQS and HAVE_PQM4.
 #endif
 
+#if defined(HAVE_PQC) && defined(WOLFSSL_DTLS13) && \
+    !defined(WOLFSSL_DTLS_CH_FRAG)
+#warning "Using DTLS 1.3 + pqc without WOLFSSL_DTLS_CH_FRAG will probably" \
+         "fail.Use --enable-dtls-frag-ch to enable it."
+#endif
+#if !defined(WOLFSSL_DTLS13) && defined(WOLFSSL_DTLS_CH_FRAG)
+#error "WOLFSSL_DTLS_CH_FRAG only works with DTLS 1.3"
+#endif
+
 /* SRTP requires DTLS */
 #if defined(WOLFSSL_SRTP) && !defined(WOLFSSL_DTLS)
     #error The SRTP extension requires DTLS
@@ -2990,6 +3151,10 @@ extern void uITRON4_free(void *p) ;
 #error "ConnectionID is supported for DTLSv1.3 only"
 #endif
 
+#if defined(WOLFSSL_QUIC) && defined(WOLFSSL_CALLBACKS)
+    #error WOLFSSL_QUIC is incompatible with WOLFSSL_CALLBACKS.
+#endif
+
 /* RSA Key Checking is disabled by default unless WOLFSSL_RSA_KEY_CHECK is
  *   defined or FIPS v2 3389, FIPS v5 or later.
  * Not allowed for:
@@ -3065,11 +3230,6 @@ extern void uITRON4_free(void *p) ;
         /* Turning off WOLFSSL_SYS_CA_CERTS b/c NO_CERTS is defined */
         #undef WOLFSSL_SYS_CA_CERTS
     #endif
-
-    #if defined(__APPLE__) && !defined(HAVE_SECURITY_SECTRUSTSETTINGS_H)
-        /* Turning off WOLFSSL_SYS_CA_CERTS b/c no Security/SecTrustSettings.h header */
-        #undef WOLFSSL_SYS_CA_CERTS
-    #endif
 #endif /* WOLFSSL_SYS_CA_CERTS */
 
 #if defined(SESSION_CACHE_DYNAMIC_MEM) && defined(PERSIST_SESSION_CACHE)
@@ -3093,6 +3253,7 @@ extern void uITRON4_free(void *p) ;
     /* Ciphersuite check done in internal.h */
 #endif
 
+
 #ifdef __cplusplus
     }   /* extern "C" */
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
index 1b181f52..65cc60ec 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha.h
@@ -36,18 +36,6 @@
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-#define wc_Sha             Sha
-#define WC_SHA             SHA
-#define WC_SHA_BLOCK_SIZE  SHA_BLOCK_SIZE
-#define WC_SHA_DIGEST_SIZE SHA_DIGEST_SIZE
-#define WC_SHA_PAD_SIZE    SHA_PAD_SIZE
-
-/* for fips @wc_fips */
-#include <cyassl/ctaocrypt/sha.h>
-#endif
-
 #ifdef FREESCALE_LTC_SHA
     #include "fsl_ltc.h"
 #endif
@@ -78,7 +66,7 @@
 #ifdef WOLFSSL_ASYNC_CRYPT
     #include <wolfssl/wolfcrypt/async.h>
 #endif
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+#ifdef WOLFSSL_ESP32_CRYPT
     #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 #endif
 #if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -110,11 +98,15 @@ enum {
 
 #elif defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
     #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
 #elif defined(WOLFSSL_RENESAS_RX64_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+    !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
 #else
 
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
@@ -173,8 +165,8 @@ struct wc_Sha {
         word32 len;
     #endif
 #endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH)
     WC_ESP32SHA ctx;
 #endif
 #ifdef WOLFSSL_HASH_FLAGS
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
index 51a91a05..454290c4 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha256.h
@@ -37,26 +37,6 @@
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    #define wc_Sha256             Sha256
-    #define WC_SHA256             SHA256
-    #define WC_SHA256_BLOCK_SIZE  SHA256_BLOCK_SIZE
-    #define WC_SHA256_DIGEST_SIZE SHA256_DIGEST_SIZE
-    #define WC_SHA256_PAD_SIZE    SHA256_PAD_SIZE
-
-    #ifdef WOLFSSL_SHA224
-        #define wc_Sha224             Sha224
-        #define WC_SHA224             SHA224
-        #define WC_SHA224_BLOCK_SIZE  SHA224_BLOCK_SIZE
-        #define WC_SHA224_DIGEST_SIZE SHA224_DIGEST_SIZE
-        #define WC_SHA224_PAD_SIZE    SHA224_PAD_SIZE
-    #endif
-
-    /* for fips @wc_fips */
-    #include <cyassl/ctaocrypt/sha256.h>
-#endif
-
 #ifdef FREESCALE_LTC_SHA
     #include "fsl_ltc.h"
 #endif
@@ -97,7 +77,7 @@
 #if defined(WOLFSSL_DEVCRYPTO) && defined(WOLFSSL_DEVCRYPTO_HASH)
     #include <wolfssl/wolfcrypt/port/devcrypto/wc_devcrypto.h>
 #endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT)
+#if defined(WOLFSSL_ESP32_CRYPT)
     #include "wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h"
 #endif
 #if defined(WOLFSSL_CRYPTOCELL)
@@ -150,13 +130,14 @@ enum {
     #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
 #elif defined(WOLFSSL_AFALG_HASH)
     #include "wolfssl/wolfcrypt/port/af_alg/afalg_hash.h"
-#elif defined(WOLFSSL_RENESAS_TSIP_CRYPT) && \
+#elif (defined(WOLFSSL_RENESAS_TSIP_TLS) || \
+       defined(WOLFSSL_RENESAS_TSIP_CRYPTONLY)) && \
    !defined(NO_WOLFSSL_RENESAS_TSIP_CRYPT_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas_tsip_types.h"
 #elif (defined(WOLFSSL_RENESAS_SCEPROTECT) || \
-        defined(WOLFSSL_RENESAS_SCEPROTECT_CRYPTONLY)) && \
-   !defined(NO_WOLFSSL_RENESAS_SCEPROTECT_HASH)
-    #include "wolfssl/wolfcrypt/port/Renesas/renesas-sce-crypt.h"
+       defined(WOLFSSL_RENESAS_RSIP))    && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
 #elif defined(WOLFSSL_RENESAS_RX64_HASH)
     #include "wolfssl/wolfcrypt/port/Renesas/renesas-rx64-hw-crypt.h"
 #else
@@ -169,6 +150,11 @@ enum {
     #include <wolfssl/wolfcrypt/port/maxim/maxq10xx.h>
 #endif
 
+#ifdef HAVE_ARIA
+    #include "mcapi.h"
+    #include "mcapi_error.h"
+#endif
+
 /* wc_Sha256 digest */
 struct wc_Sha256 {
 #ifdef FREESCALE_LTC_SHA
@@ -214,8 +200,10 @@ struct wc_Sha256 {
     word32 used;
     word32 len;
 #endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+  (!defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA256) || \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA224))
     WC_ESP32SHA ctx;
 #endif
 #ifdef WOLFSSL_MAXQ10XX_CRYPTO
@@ -235,6 +223,9 @@ struct wc_Sha256 {
     caam_hash_ctx_t ctx;
     caam_handle_t hndl;
 #endif
+#ifdef HAVE_ARIA
+    MC_HSESSION hSession;
+#endif
 #ifdef WOLFSSL_HASH_FLAGS
     word32 flags; /* enum wc_HashFlags in hash.h */
 #endif
@@ -329,4 +320,3 @@ WOLFSSL_API int wc_Sha224Copy(wc_Sha224* src, wc_Sha224* dst);
 
 #endif /* NO_SHA256 */
 #endif /* WOLF_CRYPT_SHA256_H */
-
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
index 07411b01..1c943d94 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sha512.h
@@ -37,33 +37,6 @@
     #include <wolfssl/wolfcrypt/fips.h>
 #endif /* HAVE_FIPS_VERSION >= 2 */
 
-#if defined(HAVE_FIPS) && \
-        (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    #ifdef WOLFSSL_SHA512
-        #define wc_Sha512             Sha512
-        #define WC_SHA512             SHA512
-        #define WC_SHA512_BLOCK_SIZE  SHA512_BLOCK_SIZE
-        #define WC_SHA512_DIGEST_SIZE SHA512_DIGEST_SIZE
-        #define WC_SHA512_PAD_SIZE    SHA512_PAD_SIZE
-        #define wc_Sha512_224         Sha512_224
-        #define wc_Sha512_256         Sha512_256
-    #endif /* WOLFSSL_SHA512 */
-    #ifdef WOLFSSL_SHA384
-        #define wc_Sha384             Sha384
-        #define WC_SHA384             SHA384
-        #define WC_SHA384_BLOCK_SIZE  SHA384_BLOCK_SIZE
-        #define WC_SHA384_DIGEST_SIZE SHA384_DIGEST_SIZE
-        #define WC_SHA384_PAD_SIZE    SHA384_PAD_SIZE
-    #endif /* WOLFSSL_SHA384 */
-
-    #define CYASSL_SHA512
-    #if defined(WOLFSSL_SHA384)
-        #define CYASSL_SHA384
-    #endif
-    /* for fips @wc_fips */
-    #include <cyassl/ctaocrypt/sha512.h>
-#endif
-
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -75,7 +48,7 @@
 #ifdef WOLFSSL_ASYNC_CRYPT
     #include <wolfssl/wolfcrypt/async.h>
 #endif
-#ifdef WOLFSSL_ESP32WROOM32_CRYPT
+#ifdef WOLFSSL_ESP32_CRYPT
     #include <wolfssl/wolfcrypt/port/Espressif/esp32-crypt.h>
 #endif
 #if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -146,10 +119,18 @@ enum {
 
 #if defined(WOLFSSL_IMX6_CAAM) && !defined(WOLFSSL_QNX_CAAM)
     #include "wolfssl/wolfcrypt/port/caam/wolfcaam_sha.h"
+#elif defined(WOLFSSL_RENESAS_RSIP) && \
+     !defined(NO_WOLFSSL_RENESAS_FSPSM_HASH)
+    #include "wolfssl/wolfcrypt/port/Renesas/renesas-fspsm-crypt.h"
+
 #else
 #if defined(WOLFSSL_SE050) && defined(WOLFSSL_SE050_HASH)
     #include "wolfssl/wolfcrypt/port/nxp/se050_port.h"
 #endif
+#ifdef HAVE_ARIA
+    #include "mcapi.h"
+    #include "mcapi_error.h"
+#endif
 /* wc_Sha512 digest */
 struct wc_Sha512 {
 #ifdef WOLFSSL_PSOC6_CRYPTO
@@ -172,8 +153,9 @@ struct wc_Sha512 {
 #ifdef WOLFSSL_SMALL_STACK_CACHE
     word64* W;
 #endif
-#if defined(WOLFSSL_ESP32WROOM32_CRYPT) && \
-   !defined(NO_WOLFSSL_ESP32WROOM32_CRYPT_HASH)
+#if defined(WOLFSSL_ESP32_CRYPT) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH) && \
+   !defined(NO_WOLFSSL_ESP32_CRYPT_HASH_SHA512)
     WC_ESP32SHA ctx;
 #endif
 #if defined(WOLFSSL_SILABS_SE_ACCEL)
@@ -201,6 +183,9 @@ struct wc_Sha512 {
     caam_hash_ctx_t ctx;
     caam_handle_t hndl;
 #endif
+#ifdef HAVE_ARIA
+    MC_HSESSION hSession;
+#endif
 #endif /* WOLFSSL_PSOC6_CRYPTO */
 };
 
@@ -218,6 +203,23 @@ struct wc_Sha512 {
 
 #ifdef WOLFSSL_SHA512
 
+#ifdef WOLFSSL_ARMASM
+#ifdef __aarch64__
+#ifndef WOLFSSL_ARMASM_CRYPTO_SHA512
+    void Transform_Sha512_Len_neon(wc_Sha512* sha512, const byte* data,
+        word32 len);
+    #define Transform_Sha512_Len    Transform_Sha512_Len_neon
+#else
+    void Transform_Sha512_Len_crypto(wc_Sha512* sha512, const byte* data,
+        word32 len);
+    #define Transform_Sha512_Len    Transform_Sha512_Len_crypto
+#endif
+#else
+extern void Transform_Sha512_Len(wc_Sha512* sha512, const byte* data,
+    word32 len);
+#endif
+#endif
+
 WOLFSSL_API int wc_InitSha512(wc_Sha512* sha);
 WOLFSSL_API int wc_InitSha512_ex(wc_Sha512* sha, void* heap, int devId);
 WOLFSSL_API int wc_Sha512Update(wc_Sha512* sha, const byte* data, word32 len);
@@ -342,4 +344,3 @@ WOLFSSL_API int wc_Sha384Copy(wc_Sha384* src, wc_Sha384* dst);
 
 #endif /* WOLFSSL_SHA512 || WOLFSSL_SHA384 */
 #endif /* WOLF_CRYPT_SHA512_H */
-
diff --git a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_superclass.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm2.h
index 90a652b2..87167f42 100644
--- a/extra/wolfssl/wolfssl/cyassl/ctaocrypt/mpi_superclass.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm2.h
@@ -1,4 +1,4 @@
-/* mpi_superclass.h
+/* sm2.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,9 +19,9 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifdef WOLFSSL_SM2
 
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
 
-/* super class file for PK algos */
-
-#include <wolfssl/wolfcrypt/mpi_superclass.h>
+#endif
 
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/des.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm3.h
index ac3ec545..2b3fc503 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/des.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm3.h
@@ -1,4 +1,4 @@
-/* des.h
+/* sm3.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,10 +19,9 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifdef WOLFSSL_SM3
 
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
 
-/*  des.h defines mini des openssl compatibility layer
- *
- */
+#endif
 
-#include <wolfssl/openssl/des.h>
diff --git a/extra/wolfssl/wolfssl/cyassl/openssl/hmac.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm4.h
index 8cbd560f..f3e66cb8 100644
--- a/extra/wolfssl/wolfssl/cyassl/openssl/hmac.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sm4.h
@@ -1,4 +1,4 @@
-/* hmac.h
+/* sm4.h
  *
  * Copyright (C) 2006-2023 wolfSSL Inc.
  *
@@ -19,10 +19,9 @@
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  */
 
+#ifdef WOLFSSL_SM4
 
+#error "See https://github.com/wolfSSL/wolfsm for implementation of this file"
 
-/*  hmac.h defines mini hamc openssl compatibility layer
- *
- */
+#endif
 
-#include <wolfssl/openssl/hmac.h>
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
index 3d44dccf..88e9a069 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp.h
@@ -24,6 +24,7 @@
 #define WOLF_CRYPT_SP_H
 
 #include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/settings.h>
 
 #if defined(WOLFSSL_HAVE_SP_RSA) || defined(WOLFSSL_HAVE_SP_DH) || \
                                     defined(WOLFSSL_HAVE_SP_ECC)
@@ -41,7 +42,11 @@
 #include <wolfssl/wolfcrypt/wolfmath.h>
 #include <wolfssl/wolfcrypt/sp_int.h>
 
-#include <wolfssl/wolfcrypt/ecc.h>
+#if defined(HAVE_ECC) && defined(WOLFSSL_HAVE_SP_ECC)
+    #include <wolfssl/wolfcrypt/ecc.h>
+#else
+    #undef WOLFSSL_HAVE_SP_ECC
+#endif
 
 #ifdef noinline
     #define SP_NOINLINE noinline
@@ -326,6 +331,36 @@ WOLFSSL_LOCAL int sp_ecc_is_point_1024(const mp_int* pX, const mp_int* pY);
 WOLFSSL_LOCAL int sp_ecc_check_key_1024(const mp_int* pX, const mp_int* pY,
     const mp_int* privm, void* heap);
 
+WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(const mp_int* km, const ecc_point* gm,
+    ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_add_sm2_256(const mp_int* km, const ecc_point* gm,
+    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(const mp_int* km, ecc_point* rm,
+    int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_add_sm2_256(const mp_int* km,
+    const ecc_point* am, int inMont, ecc_point* rm, int map, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
+    ecc_point* pub, void* heap);
+WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(const mp_int* priv,
+    const ecc_point* pub, byte* out, word32* outlen, void* heap);
+WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
+    WC_RNG* rng, const mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km,
+    void* heap);
+WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
+    const mp_int* pX, const mp_int* pY, const mp_int* pZ, const mp_int* r,
+    const mp_int* sm, int* res, void* heap);
+WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(const mp_int* pX, const mp_int* pY);
+WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(const mp_int* pX, const mp_int* pY,
+    const mp_int* privm, void* heap);
+WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
+    mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
+    mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
+    mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
+WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
+
 #endif /* HAVE_FIPS_VERSION && HAVE_FIPS_VERSION == 2  && !WOLFSSL_SP_ARM[32|64]_ASM */
 
 #ifdef WOLFSSL_SP_NONBLOCK
@@ -366,6 +401,39 @@ WOLFSSL_LOCAL int sp_ecc_verify_521_nb(sp_ecc_ctx_t* ctx, const byte* hash,
     const mp_int* r, const mp_int* sm, int* res, void* heap);
 #endif /* WOLFSSL_SP_NONBLOCK */
 
+#ifdef HAVE_ECC_SM2
+
+WOLFSSL_LOCAL int sp_ecc_mulmod_sm2_256(mp_int* km, ecc_point* gm,
+    ecc_point* rm, int map, void* heap);
+WOLFSSL_LOCAL int sp_ecc_mulmod_base_sm2_256(mp_int* km, ecc_point* rm, int map,
+    void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_make_key_sm2_256(WC_RNG* rng, mp_int* priv,
+    ecc_point* pub, void* heap);
+WOLFSSL_LOCAL int sp_ecc_secret_gen_sm2_256(mp_int* priv, ecc_point* pub,
+    byte* out, word32* outlen, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_sign_sm2_256(const byte* hash, word32 hashLen,
+    WC_RNG* rng, mp_int* priv, mp_int* rm, mp_int* sm, mp_int* km, void* heap);
+WOLFSSL_LOCAL int sp_ecc_verify_sm2_256(const byte* hash, word32 hashLen,
+    mp_int* pX, mp_int* pY, mp_int* pZ, mp_int* r, mp_int* sm, int* res,
+    void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_is_point_sm2_256(mp_int* pX, mp_int* pY);
+WOLFSSL_LOCAL int sp_ecc_check_key_sm2_256(mp_int* pX, mp_int* pY,
+    mp_int* privm, void* heap);
+
+WOLFSSL_LOCAL int sp_ecc_proj_add_point_sm2_256(mp_int* pX, mp_int* pY,
+    mp_int* pZ, mp_int* qX, mp_int* qY, mp_int* qZ, mp_int* rX, mp_int* rY,
+    mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_proj_dbl_point_sm2_256(mp_int* pX, mp_int* pY,
+    mp_int* pZ, mp_int* rX, mp_int* rY, mp_int* rZ);
+WOLFSSL_LOCAL int sp_ecc_map_sm2_256(mp_int* pX, mp_int* pY, mp_int* pZ);
+WOLFSSL_LOCAL int sp_ecc_uncompress_sm2_256(mp_int* xm, int odd, mp_int* ym);
+
+#endif
+
+
 #endif /* WOLFSSL_HAVE_SP_ECC */
 
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
index 1a9704f8..e768d0cd 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sp_int.h
@@ -37,6 +37,10 @@ This library provides single precision (SP) integer math functions.
 extern "C" {
 #endif
 
+#if defined(WOLFSSL_SP_ARM_ARCH) && !defined(WOLFSSL_ARM_ARCH)
+    #define WOLFSSL_ARM_ARCH    WOLFSSL_SP_ARM_ARCH
+#endif
+
 #if defined(OPENSSL_EXTRA) && !defined(NO_ASN) && \
     !defined(WOLFSSL_SP_INT_NEGATIVE)
     #define WOLFSSL_SP_INT_NEGATIVE
@@ -174,6 +178,13 @@ extern "C" {
 #define WOLFSSL_SP_DIV_WORD_HALF
 #endif
 
+/* Detect Cortex M3 (no UMAAL) */
+#if defined(WOLFSSL_SP_ARM_CORTEX_M_ASM) && defined(__ARM_ARCH_7M__)
+    #undef  WOLFSSL_SP_NO_UMAAL
+    #define WOLFSSL_SP_NO_UMAAL
+#endif
+
+
 /* Make sure WOLFSSL_SP_ASM build option defined when requested */
 #if !defined(WOLFSSL_SP_ASM) && ( \
       defined(WOLFSSL_SP_X86_64_ASM) || defined(WOLFSSL_SP_ARM32_ASM) || \
@@ -548,9 +559,9 @@ typedef struct sp_ecc_ctx {
     /* No filesystem, no output
      * TODO: Use logging API?
      */
-    #define sp_print(a, s)
-    #define sp_print_digit(a, s)
-    #define sp_print_int(a, s)
+    #define sp_print(a, s) WC_DO_NOTHING
+    #define sp_print_digit(a, s) WC_DO_NOTHING
+    #define sp_print_int(a, s) WC_DO_NOTHING
 
 #endif /* !NO_FILESYSTEM */
 
@@ -656,7 +667,7 @@ typedef struct sp_ecc_ctx {
 /* Sets the multi-precision number negative.
  *
  * Negative support not compiled in, so does nothing. */
-#define sp_setneg(a) do{}while(0)
+#define sp_setneg(a) WC_DO_NOTHING
 #else
 /* Returns whether multi-precision number is negative.
  *
@@ -830,7 +841,7 @@ while (0)
 #define NEW_MP_INT_SIZE(name, bits, heap, type) \
     XMEMSET(name, 0, MP_INT_SIZEOF(MP_BITS_CNT(bits)))
 /* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
 /* Type to force compiler to not complain about size. */
 #define MP_INT_SIZE     sp_int_minimal
 #endif
@@ -924,6 +935,8 @@ MP_API int sp_init_copy (sp_int* r, const sp_int* a);
 MP_API int sp_copy(const sp_int* a, sp_int* r);
 MP_API int sp_exch(sp_int* a, sp_int* b);
 MP_API int sp_cond_swap_ct(sp_int* a, sp_int* b, int cnt, int swap);
+MP_API int sp_cond_swap_ct_ex(sp_int* a, sp_int* b, int cnt, int swap,
+    sp_int* t);
 
 #ifdef WOLFSSL_SP_INT_NEGATIVE
 MP_API int sp_abs(const sp_int* a, sp_int* r);
@@ -932,6 +945,7 @@ MP_API int sp_abs(const sp_int* a, sp_int* r);
 MP_API int sp_cmp_mag(const sp_int* a, const sp_int* b);
 #endif
 MP_API int sp_cmp(const sp_int* a, const sp_int* b);
+MP_API int sp_cmp_ct(const sp_int* a, const sp_int* b, unsigned int n);
 
 MP_API int sp_is_bit_set(const sp_int* a, unsigned int b);
 MP_API int sp_count_bits(const sp_int* a);
@@ -1017,14 +1031,17 @@ MP_API int sp_exptmod_nct(const sp_int* b, const sp_int* e, const sp_int* m,
 
 #if defined(WOLFSSL_SP_MATH_ALL) || defined(OPENSSL_ALL)
 MP_API int sp_div_2d(const sp_int* a, int e, sp_int* r, sp_int* rem);
-MP_API int sp_mod_2d(const sp_int* a, int e, sp_int* r);
 MP_API int sp_mul_2d(const sp_int* a, int e, sp_int* r);
 #endif
+#if defined(WOLFSSL_SP_MATH_ALL) || defined(HAVE_ECC) || defined(OPENSSL_ALL)
+MP_API int sp_mod_2d(const sp_int* a, int e, sp_int* r);
+#endif
 
 MP_API int sp_sqr(const sp_int* a, sp_int* r);
 MP_API int sp_sqrmod(const sp_int* a, const sp_int* m, sp_int* r);
 
-MP_API int sp_mont_red(sp_int* a, const sp_int* m, sp_int_digit mp);
+MP_API int sp_mont_red_ex(sp_int* a, const sp_int* m, sp_int_digit mp, int ct);
+#define sp_mont_red(a, m, mp)               sp_mont_red_ex(a, m, mp, 0)
 MP_API int sp_mont_setup(const sp_int* m, sp_int_digit* rho);
 MP_API int sp_mont_norm(sp_int* norm, const sp_int* m);
 
@@ -1032,6 +1049,7 @@ MP_API int sp_unsigned_bin_size(const sp_int* a);
 MP_API int sp_read_unsigned_bin(sp_int* a, const byte* in, word32 inSz);
 MP_API int sp_to_unsigned_bin(const sp_int* a, byte* out);
 MP_API int sp_to_unsigned_bin_len(const sp_int* a, byte* out, int outSz);
+MP_API int sp_to_unsigned_bin_len_ct(const sp_int* a, byte* out, int outSz);
 #ifdef WOLFSSL_SP_MATH_ALL
 MP_API int sp_to_unsigned_bin_at_pos(int o, const sp_int* a,
     unsigned char* out);
@@ -1071,7 +1089,8 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
 #define mp_div_3(a, r, rem)                 sp_div_d(a, 3, r, rem)
 #define mp_rshb(A,x)                        sp_rshb(A,x,A)
 #define mp_is_bit_set(a,b)                  sp_is_bit_set(a,(unsigned int)(b))
-#define mp_montgomery_reduce                sp_mont_red
+#define mp_montgomery_reduce(a, m, mp)      sp_mont_red_ex(a, m, mp, 0)
+#define mp_montgomery_reduce_ct(a, m, mp)   sp_mont_red_ex(a, m, mp, 1)
 #define mp_montgomery_setup                 sp_mont_setup
 #define mp_montgomery_calc_normalization    sp_mont_norm
 
@@ -1100,8 +1119,10 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
 #define mp_init_copy                        sp_init_copy
 #define mp_exch                             sp_exch
 #define mp_cond_swap_ct                     sp_cond_swap_ct
+#define mp_cond_swap_ct_ex                  sp_cond_swap_ct_ex
 #define mp_cmp_mag                          sp_cmp_mag
 #define mp_cmp                              sp_cmp
+#define mp_cmp_ct                           sp_cmp_ct
 #define mp_count_bits                       sp_count_bits
 #define mp_cnt_lsb                          sp_cnt_lsb
 #define mp_leading_bit                      sp_leading_bit
@@ -1144,6 +1165,7 @@ WOLFSSL_LOCAL void sp_memzero_check(sp_int* sp);
 #define mp_read_unsigned_bin                sp_read_unsigned_bin
 #define mp_to_unsigned_bin                  sp_to_unsigned_bin
 #define mp_to_unsigned_bin_len              sp_to_unsigned_bin_len
+#define mp_to_unsigned_bin_len_ct           sp_to_unsigned_bin_len_ct
 #define mp_to_unsigned_bin_at_pos           sp_to_unsigned_bin_at_pos
 #define mp_read_radix                       sp_read_radix
 #define mp_tohex                            sp_tohex
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
index c1f558f9..958d8529 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/sphincs.h
@@ -24,12 +24,12 @@
 */
 
 /* Interfaces for Sphincs:
- *     - SPHINCS_FAST_LEVEL1 (AKA SPHINCS+-SHAKE256-128f-simple)
- *     - SPHINCS_FAST_LEVEL3 (AKA SPHINCS+-SHAKE256-192f-simple)
- *     - SPHINCS_FAST_LEVEL5 (AKA SPHINCS+-SHAKE256-256f-simple)
- *     - SPHINCS_SMALL_LEVEL1 (AKA SPHINCS+-SHAKE256-128s-simple)
- *     - SPHINCS_SMALL_LEVEL3 (AKA SPHINCS+-SHAKE256-192s-simple)
- *     - SPHINCS_SMALL_LEVEL5 (AKA SPHINCS+-SHAKE256-256s-simple)
+ *     - SPHINCS_FAST_LEVEL1 (AKA SPHINCS+-SHAKE-128f-simple)
+ *     - SPHINCS_FAST_LEVEL3 (AKA SPHINCS+-SHAKE-192f-simple)
+ *     - SPHINCS_FAST_LEVEL5 (AKA SPHINCS+-SHAKE-256f-simple)
+ *     - SPHINCS_SMALL_LEVEL1 (AKA SPHINCS+-SHAKE-128s-simple)
+ *     - SPHINCS_SMALL_LEVEL3 (AKA SPHINCS+-SHAKE-192s-simple)
+ *     - SPHINCS_SMALL_LEVEL5 (AKA SPHINCS+-SHAKE-256s-simple)
  */
 
 #ifndef WOLF_CRYPT_SPHINCS_H
@@ -51,23 +51,23 @@
 
 #ifdef HAVE_LIBOQS
 
-#define SPHINCS_FAST_LEVEL1_SIG_SIZE     OQS_SIG_sphincs_shake256_128f_simple_length_signature
-#define SPHINCS_FAST_LEVEL3_SIG_SIZE     OQS_SIG_sphincs_shake256_192f_simple_length_signature
-#define SPHINCS_FAST_LEVEL5_SIG_SIZE     OQS_SIG_sphincs_shake256_256f_simple_length_signature
-#define SPHINCS_SMALL_LEVEL1_SIG_SIZE    OQS_SIG_sphincs_shake256_128s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL3_SIG_SIZE    OQS_SIG_sphincs_shake256_192s_simple_length_signature
-#define SPHINCS_SMALL_LEVEL5_SIG_SIZE    OQS_SIG_sphincs_shake256_256s_simple_length_signature
+#define SPHINCS_FAST_LEVEL1_SIG_SIZE     OQS_SIG_sphincs_shake_128f_simple_length_signature
+#define SPHINCS_FAST_LEVEL3_SIG_SIZE     OQS_SIG_sphincs_shake_192f_simple_length_signature
+#define SPHINCS_FAST_LEVEL5_SIG_SIZE     OQS_SIG_sphincs_shake_256f_simple_length_signature
+#define SPHINCS_SMALL_LEVEL1_SIG_SIZE    OQS_SIG_sphincs_shake_128s_simple_length_signature
+#define SPHINCS_SMALL_LEVEL3_SIG_SIZE    OQS_SIG_sphincs_shake_192s_simple_length_signature
+#define SPHINCS_SMALL_LEVEL5_SIG_SIZE    OQS_SIG_sphincs_shake_256s_simple_length_signature
 
-#define SPHINCS_LEVEL1_KEY_SIZE     OQS_SIG_sphincs_shake256_128f_simple_length_secret_key
-#define SPHINCS_LEVEL1_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_128f_simple_length_public_key
+#define SPHINCS_LEVEL1_KEY_SIZE     OQS_SIG_sphincs_shake_128f_simple_length_secret_key
+#define SPHINCS_LEVEL1_PUB_KEY_SIZE OQS_SIG_sphincs_shake_128f_simple_length_public_key
 #define SPHINCS_LEVEL1_PRV_KEY_SIZE (SPHINCS_LEVEL1_PUB_KEY_SIZE+SPHINCS_LEVEL1_KEY_SIZE)
 
-#define SPHINCS_LEVEL3_KEY_SIZE     OQS_SIG_sphincs_shake256_192f_simple_length_secret_key
-#define SPHINCS_LEVEL3_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_192f_simple_length_public_key
+#define SPHINCS_LEVEL3_KEY_SIZE     OQS_SIG_sphincs_shake_192f_simple_length_secret_key
+#define SPHINCS_LEVEL3_PUB_KEY_SIZE OQS_SIG_sphincs_shake_192f_simple_length_public_key
 #define SPHINCS_LEVEL3_PRV_KEY_SIZE (SPHINCS_LEVEL3_PUB_KEY_SIZE+SPHINCS_LEVEL3_KEY_SIZE)
 
-#define SPHINCS_LEVEL5_KEY_SIZE     OQS_SIG_sphincs_shake256_256f_simple_length_secret_key
-#define SPHINCS_LEVEL5_PUB_KEY_SIZE OQS_SIG_sphincs_shake256_256f_simple_length_public_key
+#define SPHINCS_LEVEL5_KEY_SIZE     OQS_SIG_sphincs_shake_256f_simple_length_secret_key
+#define SPHINCS_LEVEL5_PUB_KEY_SIZE OQS_SIG_sphincs_shake_256f_simple_length_public_key
 #define SPHINCS_LEVEL5_PRV_KEY_SIZE (SPHINCS_LEVEL5_PUB_KEY_SIZE+SPHINCS_LEVEL5_KEY_SIZE)
 #endif
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
index 94912a3c..dc6d55a1 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/tfm.h
@@ -290,6 +290,8 @@
 #define FP_MASK    (fp_digit)(-1)
 #define FP_DIGIT_MAX FP_MASK
 #define FP_SIZE    (FP_MAX_SIZE/DIGIT_BIT)
+#define MP_SIZE    (FP_MAX_SIZE/DIGIT_BIT) /* for compatibility with SP_INT */
+
 
 #define FP_MAX_PRIME_SIZE (FP_MAX_BITS/(2*CHAR_BIT))
 /* In terms of FP_MAX_BITS, it is double the size possible for a number
@@ -356,7 +358,7 @@ while (0)
 #define NEW_MP_INT_SIZE(name, bits, heap, type) \
     XMEMSET(name, 0, sizeof(mp_int))
 /* Dispose of static mp_int. */
-#define FREE_MP_INT_SIZE(name, heap, type)
+#define FREE_MP_INT_SIZE(name, heap, type) WC_DO_NOTHING
 #endif
 
 /* Initialize an mp_int. */
@@ -836,18 +838,20 @@ MP_API int  mp_2expt(mp_int* a, int b);
 MP_API int  mp_div(mp_int * a, mp_int * b, mp_int * c, mp_int * d);
 
 MP_API int  mp_cmp(mp_int *a, mp_int *b);
+#define mp_cmp_ct(a, b, n) mp_cmp(a, b)
 MP_API int  mp_cmp_d(mp_int *a, mp_digit b);
 
 MP_API int  mp_unsigned_bin_size(const mp_int * a);
 MP_API int  mp_read_unsigned_bin (mp_int * a, const unsigned char *b, int c);
 MP_API int  mp_to_unsigned_bin_at_pos(int x, mp_int *t, unsigned char *b);
 MP_API int  mp_to_unsigned_bin (mp_int * a, unsigned char *b);
+#define mp_to_unsigned_bin_len_ct   mp_to_unsigned_bin_len
 MP_API int  mp_to_unsigned_bin_len(mp_int * a, unsigned char *b, int c);
 
 MP_API int  mp_sub_d(fp_int *a, fp_digit b, fp_int *c);
 MP_API int  mp_copy(const fp_int* a, fp_int* b);
-MP_API int  mp_isodd(mp_int* a);
-MP_API int  mp_iszero(mp_int* a);
+MP_API int  mp_isodd(const mp_int* a);
+MP_API int  mp_iszero(const mp_int* a);
 MP_API int  mp_count_bits(const mp_int *a);
 MP_API int  mp_leading_bit(mp_int *a);
 MP_API int  mp_set_int(mp_int *a, unsigned long b);
@@ -861,19 +865,20 @@ MP_API int mp_radix_size (mp_int * a, int radix, int *size);
 #ifdef WOLFSSL_DEBUG_MATH
     MP_API void mp_dump(const char* desc, mp_int* a, byte verbose);
 #else
-    #define mp_dump(desc, a, verbose)
+    #define mp_dump(desc, a, verbose) WC_DO_NOTHING
 #endif
 
 #if defined(OPENSSL_EXTRA) || !defined(NO_DSA) || defined(HAVE_ECC)
     MP_API int mp_read_radix(mp_int* a, const char* str, int radix);
 #endif
 
+#define mp_montgomery_reduce_ct(a, m, mp) \
+    mp_montgomery_reduce_ex(a, m, mp, 1)
+MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
+MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp, int ct);
+MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
 #ifdef HAVE_ECC
     MP_API int mp_sqr(fp_int *a, fp_int *b);
-    MP_API int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp);
-    MP_API int mp_montgomery_reduce_ex(fp_int *a, fp_int *m, fp_digit mp,
-                                       int ct);
-    MP_API int mp_montgomery_setup(fp_int *a, fp_digit *rho);
     MP_API int mp_div_2(fp_int * a, fp_int * b);
     MP_API int mp_div_2_mod_ct(mp_int *a, mp_int *b, mp_int *c);
 #endif
@@ -899,10 +904,12 @@ MP_API int  mp_lcm(fp_int *a, fp_int *b, fp_int *c);
 MP_API int  mp_rand_prime(mp_int* a, int len, WC_RNG* rng, void* heap);
 MP_API int  mp_exch(mp_int *a, mp_int *b);
 #endif /* WOLFSSL_KEY_GEN */
-MP_API int  mp_cond_swap_ct (mp_int * a, mp_int * b, int c, int m);
+MP_API int  mp_cond_swap_ct_ex(mp_int* a, mp_int* b, int c, int m, mp_int* t);
+MP_API int  mp_cond_swap_ct(mp_int* a, mp_int* b, int c, int m);
 
 MP_API int  mp_cnt_lsb(fp_int *a);
 MP_API int  mp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d);
+MP_API int  mp_mod_2d(fp_int *a, int b, fp_int *c);
 MP_API int  mp_mod_d(fp_int* a, fp_digit b, fp_digit* c);
 MP_API int  mp_lshd (mp_int * a, int b);
 MP_API int  mp_abs(mp_int* a, mp_int* b);
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
index 05943d0a..0d41354e 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/types.h
@@ -131,7 +131,7 @@ decouple library dependencies with standard string, memory and so on.
     #if defined(WOLF_C89) || defined(WOLF_NO_TRAILING_ENUM_COMMAS)
         #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) _wolf_ ## prefix ## _enum_dummy_last_element
     #else
-        #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix)
+        #define WOLF_ENUM_DUMMY_LAST_ELEMENT(prefix) /* null expansion */
     #endif
 
     /* helpers for stringifying the expanded value of a macro argument rather
@@ -316,6 +316,16 @@ typedef struct w64wrapper {
         #endif
     #endif /* WC_MAYBE_UNUSED */
 
+    #ifndef WC_DO_NOTHING
+        #define WC_DO_NOTHING do {} while (0)
+        #ifdef _MSC_VER
+            /* disable buggy MSC warning around while(0),
+             *"warning C4127: conditional expression is constant"
+             */
+            #pragma warning(disable: 4127)
+        #endif
+    #endif
+
     /* use inlining if compiler allows */
     #ifndef WC_INLINE
     #ifndef NO_INLINE
@@ -416,6 +426,8 @@ typedef struct w64wrapper {
 
     #define XSTR_SIZEOF(x) (sizeof(x) - 1) /* -1 to not count the null char */
 
+    #define XELEM_CNT(x) (sizeof((x))/sizeof(*(x)))
+
     /* idea to add global alloc override by Moises Guimaraes  */
     /* default to libc stuff */
     /* XREALLOC is used once in normal math lib, not in fast math lib */
@@ -476,7 +488,7 @@ typedef struct w64wrapper {
     #elif defined(WOLFSSL_TELIT_M2MB)
         /* Telit M2MB SDK requires use m2mb_os API's, not std malloc/free */
         /* Use of malloc/free will cause CPU reboot */
-        #define XMALLOC(s, h, t)     ((void)h, (void)t, m2mb_os_malloc((s)))
+        #define XMALLOC(s, h, t)     ((void)(h), (void)(t), m2mb_os_malloc((s)))
         #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
             #define XFREE(p, h, t)       m2mb_os_free(xp)
         #else
@@ -493,24 +505,25 @@ typedef struct w64wrapper {
                     fprintf(stderr, "wolfSSL_malloc failed");
                     return NULL;
                 };
-                #define XMALLOC(s, h, t)     malloc_check((s))
-                #define XFREE(p, h, t)
-                #define XREALLOC(p, n, h, t) (NULL)
+                #define XMALLOC(s, h, t)     ((void)(h), (void)(t), malloc_check((s)))
+                #define XFREE(p, h, t)       (void)(h); (void)(t)
+                #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), NULL)
             #else
-                #define XMALLOC(s, h, t)     (NULL)
-                #define XFREE(p, h, t)
-                #define XREALLOC(p, n, h, t) (NULL)
+                #define XMALLOC(s, h, t)     ((void)(s), (void)(h), (void)(t), NULL)
+                #define XFREE(p, h, t)       (void)(p); (void)(h); (void)(t)
+                #define XREALLOC(p, n, h, t) ((void)(p), (void)(n), (void)(h), (void)(t), NULL)
             #endif
         #else
-        /* just use plain C stdlib stuff if desired */
-        #include <stdlib.h>
-        #define XMALLOC(s, h, t)     malloc((size_t)(s))
-        #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
-            #define XFREE(p, h, t)       free(xp)
-        #else
-            #define XFREE(p, h, t)       {void* xp = (p); if (xp) free(xp);}
-        #endif
-        #define XREALLOC(p, n, h, t) realloc((p), (size_t)(n))
+            /* just use plain C stdlib stuff if desired */
+            #include <stdlib.h>
+            #define XMALLOC(s, h, t)     ((void)(h), (void)(t), malloc((size_t)(s)))
+            #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
+                #define XFREE(p, h, t)       ((void)(h), (void)(t), free(p))
+            #else
+                #define XFREE(p, h, t)       {void* xp = (p); (void)(h); if (xp) free(xp);}
+            #endif
+            #define XREALLOC(p, n, h, t) \
+                ((void)(h), (void)(t), realloc((p), (size_t)(n)))
         #endif
 
     #elif defined(WOLFSSL_LINUXKM)
@@ -547,19 +560,19 @@ typedef struct w64wrapper {
             #ifdef WOLFSSL_DEBUG_MEMORY
                 #define XMALLOC(s, h, t)     ((void)(h), (void)(t), wolfSSL_Malloc((s), __func__, __LINE__))
                 #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
-                    #define XFREE(p, h, t)       wolfSSL_Free(xp, __func__, __LINE__)
+                    #define XFREE(p, h, t)       ((void)(h), (void)(t), wolfSSL_Free(xp, __func__, __LINE__))
                 #else
-                    #define XFREE(p, h, t)       {void* xp = (p); if (xp) wolfSSL_Free(xp, __func__, __LINE__);}
+                    #define XFREE(p, h, t)       {void* xp = (p); (void)(h); (void)(t); if (xp) wolfSSL_Free(xp, __func__, __LINE__);}
                 #endif
-                #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n), __func__, __LINE__)
+                #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), wolfSSL_Realloc((p), (n), __func__, __LINE__))
             #else
                 #define XMALLOC(s, h, t)     ((void)(h), (void)(t), wolfSSL_Malloc((s)))
                 #ifdef WOLFSSL_XFREE_NO_NULLNESS_CHECK
-                    #define XFREE(p, h, t)       wolfSSL_Free(p)
+                    #define XFREE(p, h, t)       ((void)(h), (void)(t), wolfSSL_Free(p))
                 #else
-                    #define XFREE(p, h, t)       {void* xp = (p); if (xp) wolfSSL_Free(xp);}
+                    #define XFREE(p, h, t)       {void* xp = (p); (void)(h); (void)(t); if (xp) wolfSSL_Free(xp);}
                 #endif
-                #define XREALLOC(p, n, h, t) wolfSSL_Realloc((p), (n))
+                #define XREALLOC(p, n, h, t) ((void)(h), (void)(t), wolfSSL_Realloc((p), (n)))
             #endif /* WOLFSSL_DEBUG_MEMORY */
         #endif /* WOLFSSL_STATIC_MEMORY */
     #endif
@@ -605,9 +618,9 @@ typedef struct w64wrapper {
             VAR_TYPE VAR_NAME[VAR_SIZE]
         #define WC_DECLARE_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
             VAR_TYPE VAR_NAME[VAR_ITEMS][VAR_SIZE]
-        #define WC_INIT_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) do {} while(0)
-        #define WC_FREE_VAR(VAR_NAME, HEAP) do {} while(0) /* nothing to free, its stack */
-        #define WC_FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) do {} while(0) /* nothing to free, its stack */
+        #define WC_INIT_ARRAY(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) WC_DO_NOTHING
+        #define WC_FREE_VAR(VAR_NAME, HEAP) WC_DO_NOTHING /* nothing to free, its stack */
+        #define WC_FREE_ARRAY(VAR_NAME, VAR_ITEMS, HEAP) WC_DO_NOTHING /* nothing to free, its stack */
 
         #define WC_DECLARE_ARRAY_DYNAMIC_DEC(VAR_NAME, VAR_TYPE, VAR_ITEMS, VAR_SIZE, HEAP) \
             VAR_TYPE* VAR_NAME[VAR_ITEMS]; \
@@ -748,15 +761,8 @@ typedef struct w64wrapper {
 
         /* snprintf is used in asn.c for GetTimeString, PKCS7 test, and when
            debugging is turned on */
+        #ifndef XSNPRINTF
         #ifndef USE_WINDOWS_API
-            #ifndef XSNPRINTF
-            #if defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) && \
-                (defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) || \
-                 defined(WOLFSSL_CERT_EXT) || defined(HAVE_PKCS7))
-                /* case where stdio is not included else where but is needed
-                   for snprintf */
-                #include <stdio.h>
-            #endif
             #if defined(WOLFSSL_ESPIDF) && \
                 (!defined(NO_ASN_TIME) && defined(HAVE_PKCS7))
                     #include<stdarg.h>
@@ -786,11 +792,12 @@ typedef struct w64wrapper {
                     }
                 #define XSNPRINTF _xsnprintf_
             #elif defined(WOLF_C89)
+                #include <stdio.h>
                 #define XSPRINTF sprintf
             #else
+                #include <stdio.h>
                 #define XSNPRINTF snprintf
             #endif
-            #endif
         #else
             #if defined(_MSC_VER) || defined(__CYGWIN__) || defined(__MINGW32__)
                 #if defined(_MSC_VER) && (_MSC_VER >= 1900)
@@ -826,6 +833,7 @@ typedef struct w64wrapper {
                 #define XSNPRINTF snprintf
             #endif /* _MSC_VER */
         #endif /* USE_WINDOWS_API */
+        #endif /* !XSNPRINTF */
 
         #if defined(WOLFSSL_CERT_EXT) || defined(OPENSSL_EXTRA) || \
             defined(HAVE_ALPN) || defined(WOLFSSL_SNIFFER)
@@ -1005,13 +1013,17 @@ typedef struct w64wrapper {
         DYNAMIC_TYPE_SESSION      = 96,
         DYNAMIC_TYPE_DILITHIUM    = 97,
         DYNAMIC_TYPE_SPHINCS      = 98,
-        DYNAMIC_TYPE_SNIFFER_SERVER     = 1000,
-        DYNAMIC_TYPE_SNIFFER_SESSION    = 1001,
-        DYNAMIC_TYPE_SNIFFER_PB         = 1002,
-        DYNAMIC_TYPE_SNIFFER_PB_BUFFER  = 1003,
-        DYNAMIC_TYPE_SNIFFER_TICKET_ID  = 1004,
-        DYNAMIC_TYPE_SNIFFER_NAMED_KEY  = 1005,
-        DYNAMIC_TYPE_SNIFFER_KEY        = 1006
+        DYNAMIC_TYPE_SM4_BUFFER   = 99,
+        DYNAMIC_TYPE_DEBUG_TAG    = 100,
+        DYNAMIC_TYPE_SNIFFER_SERVER      = 1000,
+        DYNAMIC_TYPE_SNIFFER_SESSION     = 1001,
+        DYNAMIC_TYPE_SNIFFER_PB          = 1002,
+        DYNAMIC_TYPE_SNIFFER_PB_BUFFER   = 1003,
+        DYNAMIC_TYPE_SNIFFER_TICKET_ID   = 1004,
+        DYNAMIC_TYPE_SNIFFER_NAMED_KEY   = 1005,
+        DYNAMIC_TYPE_SNIFFER_KEY         = 1006,
+        DYNAMIC_TYPE_SNIFFER_KEYLOG_NODE = 1007,
+        DYNAMIC_TYPE_AES_EAX = 1008,
     };
 
     /* max error buffer string size */
@@ -1063,7 +1075,7 @@ typedef struct w64wrapper {
         WC_HASH_TYPE_SHA3_512 = 13,
         WC_HASH_TYPE_BLAKE2B = 14,
         WC_HASH_TYPE_BLAKE2S = 19,
-        WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S
+        WC_HASH_TYPE_MAX = WC_HASH_TYPE_BLAKE2S,
         #ifndef WOLFSSL_NOSHA512_224
             #define WOLFSSL_NOSHA512_224
         #endif
@@ -1100,12 +1112,19 @@ typedef struct w64wrapper {
         #endif
         #ifdef WOLFSSL_SHAKE128
             WC_HASH_TYPE_SHAKE128 = 18,
+            #undef _WC_HASH_TYPE_MAX
+            #define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHAKE128
         #endif
         #ifdef WOLFSSL_SHAKE256
             WC_HASH_TYPE_SHAKE256 = 19,
             #undef _WC_HASH_TYPE_MAX
             #define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SHAKE256
         #endif
+        #ifdef WOLFSSL_SM3
+            WC_HASH_TYPE_SM3     = 20,
+            #undef _WC_HASH_TYPE_MAX
+            #define _WC_HASH_TYPE_MAX WC_HASH_TYPE_SM3
+        #endif
         WC_HASH_TYPE_MAX = _WC_HASH_TYPE_MAX
         #undef _WC_HASH_TYPE_MAX
 
@@ -1197,9 +1216,9 @@ typedef struct w64wrapper {
     #elif defined(XASM_LINK)
         /* keep user-supplied definition */
     #elif defined(WOLFSSL_NO_ASM)
-        #define XASM_LINK(f)
+        #define XASM_LINK(f) /* null expansion */
     #elif defined(_MSC_VER)
-        #define XASM_LINK(f)
+        #define XASM_LINK(f) /* null expansion */
     #elif defined(__APPLE__)
         #define XASM_LINK(f) asm("_" f)
     #elif defined(__GNUC__)
@@ -1335,15 +1354,23 @@ typedef struct w64wrapper {
         #define WOLFSSL_THREAD
     #elif defined(WOLFSSL_TIRTOS)
         typedef void          THREAD_RETURN;
+        #define WOLFSSL_THREAD_VOID_RETURN
         typedef Task_Handle   THREAD_TYPE;
         #define WOLFSSL_THREAD
     #elif defined(WOLFSSL_ZEPHYR)
         typedef void            THREAD_RETURN;
-        typedef struct k_thread THREAD_TYPE;
+        #define WOLFSSL_THREAD_VOID_RETURN
+        typedef struct {
+            struct k_thread tid;
+            k_thread_stack_t* threadStack;
+        } THREAD_TYPE;
         #define WOLFSSL_THREAD
     #elif defined(NETOS)
         typedef UINT        THREAD_RETURN;
-        typedef TX_THREAD   THREAD_TYPE;
+        typedef struct {
+            TX_THREAD tid;
+            void* threadStack;
+        } THREAD_TYPE;
         #define WOLFSSL_THREAD
         #define INFINITE TX_WAIT_FOREVER
         #define WAIT_OBJECT_0 TX_NO_WAIT
@@ -1351,23 +1378,124 @@ typedef struct w64wrapper {
         typedef unsigned int  THREAD_RETURN;
         typedef size_t        THREAD_TYPE;
         #define WOLFSSL_THREAD
-    #elif (defined(_POSIX_THREADS) || defined(HAVE_PTHREAD)) && \
-        !defined(__MINGW32__)
+    #elif defined(WOLFSSL_PTHREADS)
+        #ifndef __MACH__
+            #include <pthread.h>
+            typedef struct COND_TYPE {
+                pthread_mutex_t mutex;
+                pthread_cond_t cond;
+            } COND_TYPE;
+        #else
+            #include <dispatch/dispatch.h>
+            typedef struct COND_TYPE {
+                wolfSSL_Mutex mutex;
+                dispatch_semaphore_t cond;
+            } COND_TYPE;
+        #endif
         typedef void*         THREAD_RETURN;
         typedef pthread_t     THREAD_TYPE;
+        #define WOLFSSL_COND
         #define WOLFSSL_THREAD
-        #define INFINITE      (-1)
-        #define WAIT_OBJECT_0 0L
+        #ifndef HAVE_SELFTEST
+            #define WOLFSSL_THREAD_NO_JOIN
+        #endif
     #elif defined(FREERTOS)
         typedef unsigned int   THREAD_RETURN;
         typedef TaskHandle_t   THREAD_TYPE;
         #define WOLFSSL_THREAD
+    #elif defined(USE_WINDOWS_API)
+        typedef unsigned      THREAD_RETURN;
+        typedef uintptr_t     THREAD_TYPE;
+        typedef struct COND_TYPE {
+            wolfSSL_Mutex mutex;
+            HANDLE cond;
+        } COND_TYPE;
+        #define WOLFSSL_COND
+        #define INVALID_THREAD_VAL ((THREAD_TYPE)(INVALID_HANDLE_VALUE))
+        #define WOLFSSL_THREAD __stdcall
+        #if !defined(__MINGW32__)
+            #define WOLFSSL_THREAD_NO_JOIN __cdecl
+        #endif
     #else
         typedef unsigned int  THREAD_RETURN;
         typedef size_t        THREAD_TYPE;
         #define WOLFSSL_THREAD __stdcall
     #endif
 
+
+    #ifndef SINGLE_THREADED
+        /* Necessary headers should already be included. */
+
+        #ifndef INVALID_THREAD_VAL
+            #define INVALID_THREAD_VAL ((THREAD_TYPE)(-1))
+        #endif
+
+        #ifndef WOLFSSL_THREAD_VOID_RETURN
+            #define WOLFSSL_RETURN_FROM_THREAD(x) return (THREAD_RETURN)(x)
+        #else
+            #define WOLFSSL_RETURN_FROM_THREAD(x) \
+                do { (void)(x); return; } while(0)
+        #endif
+
+        /* List of defines/types and what they mean:
+         * THREAD_RETURN - return type of a thread callback
+         * THREAD_TYPE - type that should be passed into thread handling API
+         * INVALID_THREAD_VAL - a value that THREAD_TYPE can be checked against
+         *                      to check if the value is an invalid thread
+         * WOLFSSL_THREAD - attribute that should be used to declare thread
+         *                  callbacks
+         * WOLFSSL_THREAD_NO_JOIN - attribute that should be used to declare
+         *                          thread callbacks that don't require cleanup
+         * WOLFSSL_COND - defined if this system supports signaling
+         * COND_TYPE - type that should be passed into the signaling API
+         * WOLFSSL_THREAD_VOID_RETURN - defined if the thread callback has a
+         *                              void return
+         * WOLFSSL_RETURN_FROM_THREAD - define used to correctly return from a
+         *                              thread callback
+         * THREAD_CB - thread callback type for regular threading API
+         * THREAD_CB_NOJOIN - thread callback type for threading API that don't
+         *                    require cleanup
+         *
+         * Other defines/types are specific for the threading implementation
+         */
+
+        /* Internal wolfSSL threading interface. It does NOT need to be ported
+         * during initial porting efforts. This is a very basic interface. Some
+         * areas don't use this interface on purpose as they need more control
+         * over threads.
+         *
+         * It is currently used for:
+         * - CRL monitor
+         * - Testing
+         * - Entropy generation */
+
+        /* We don't support returns from threads */
+        typedef THREAD_RETURN (WOLFSSL_THREAD *THREAD_CB)(void* arg);
+        WOLFSSL_API int wolfSSL_NewThread(THREAD_TYPE* thread,
+            THREAD_CB cb, void* arg);
+        #ifdef WOLFSSL_THREAD_NO_JOIN
+            /* Create a thread that will be automatically cleaned up. We can't
+             * return a handle/pointer to the new thread because there are no
+             * guarantees for how long it will be valid. */
+            typedef THREAD_RETURN (WOLFSSL_THREAD_NO_JOIN *THREAD_CB_NOJOIN)
+                    (void* arg);
+            WOLFSSL_API int wolfSSL_NewThreadNoJoin(THREAD_CB_NOJOIN cb,
+                    void* arg);
+        #endif
+        WOLFSSL_API int wolfSSL_JoinThread(THREAD_TYPE thread);
+
+        #ifdef WOLFSSL_COND
+            WOLFSSL_API int wolfSSL_CondInit(COND_TYPE* cond);
+            WOLFSSL_API int wolfSSL_CondFree(COND_TYPE* cond);
+            WOLFSSL_API int wolfSSL_CondSignal(COND_TYPE* cond);
+            WOLFSSL_API int wolfSSL_CondWait(COND_TYPE* cond);
+            WOLFSSL_API int wolfSSL_CondStart(COND_TYPE* cond);
+            WOLFSSL_API int wolfSSL_CondEnd(COND_TYPE* cond);
+        #endif
+    #else
+        #define WOLFSSL_RETURN_FROM_THREAD(x) return (THREAD_RETURN)(x)
+    #endif /* SINGLE_THREADED */
+
     #if defined(HAVE_STACK_SIZE)
         #define EXIT_TEST(ret) return (THREAD_RETURN)((size_t)(ret))
     #else
@@ -1413,9 +1541,9 @@ typedef struct w64wrapper {
         #define PRAGMA(str) PRAGMA_GCC(str)
         #define PRAGMA_DIAG_POP PRAGMA_GCC_DIAG_POP
     #else
-        #define PRAGMA_GCC_DIAG_PUSH
-        #define PRAGMA_GCC(str)
-        #define PRAGMA_GCC_DIAG_POP
+        #define PRAGMA_GCC_DIAG_PUSH /* null expansion */
+        #define PRAGMA_GCC(str) /* null expansion */
+        #define PRAGMA_GCC_DIAG_POP /* null expansion */
     #endif
 
     #ifdef __clang__
@@ -1426,119 +1554,47 @@ typedef struct w64wrapper {
         #define PRAGMA(str) PRAGMA_CLANG(str)
         #define PRAGMA_DIAG_POP PRAGMA_CLANG_DIAG_POP
     #else
-        #define PRAGMA_CLANG_DIAG_PUSH
-        #define PRAGMA_CLANG(str)
-        #define PRAGMA_CLANG_DIAG_POP
+        #define PRAGMA_CLANG_DIAG_PUSH /* null expansion */
+        #define PRAGMA_CLANG(str) /* null expansion */
+        #define PRAGMA_CLANG_DIAG_POP /* null expansion */
     #endif
 
     #ifndef PRAGMA_DIAG_PUSH
-        #define PRAGMA_DIAG_PUSH
+        #define PRAGMA_DIAG_PUSH /* null expansion */
     #endif
     #ifndef PRAGMA
-        #define PRAGMA(str)
+        #define PRAGMA(str) /* null expansion */
     #endif
     #ifndef PRAGMA_DIAG_POP
-        #define PRAGMA_DIAG_POP
+        #define PRAGMA_DIAG_POP /* null expansion */
     #endif
 
-    #ifdef DEBUG_VECTOR_REGISTER_ACCESS
-        WOLFSSL_API extern THREAD_LS_T int wc_svr_count;
-        WOLFSSL_API extern THREAD_LS_T const char *wc_svr_last_file;
-        WOLFSSL_API extern THREAD_LS_T int wc_svr_last_line;
-
-        #ifdef DEBUG_VECTOR_REGISTERS_ABORT_ON_FAIL
-            #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE abort();
-        #elif defined(DEBUG_VECTOR_REGISTERS_EXIT_ON_FAIL)
-            #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE exit(1);
-        #else
-            #define DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE
-        #endif
-
-        #define SAVE_VECTOR_REGISTERS(...) {                            \
-            ++wc_svr_count;                                             \
-            if (wc_svr_count > 5) {                                     \
-                fprintf(stderr,                                         \
-                        "%s @ L%d : incr : wc_svr_count %d (last op %s L%d)\n", \
-                        __FILE__,                                       \
-                        __LINE__,                                       \
-                        wc_svr_count,                                   \
-                        wc_svr_last_file,                               \
-                        wc_svr_last_line);                              \
-                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
-            }                                                           \
-            wc_svr_last_file = __FILE__;                                \
-            wc_svr_last_line = __LINE__;                                \
-        }
-        #define ASSERT_SAVED_VECTOR_REGISTERS(fail_clause) {            \
-            if (wc_svr_count <= 0) {                                    \
-                fprintf(stderr,                                         \
-                        "ASSERT_SAVED_VECTOR_REGISTERS : %s @ L%d : wc_svr_count %d (last op %s L%d)\n", \
-                        __FILE__,                                       \
-                        __LINE__,                                       \
-                        wc_svr_count,                                   \
-                        wc_svr_last_file,                               \
-                        wc_svr_last_line);                              \
-                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
-                { fail_clause }                                         \
-            }                                                           \
-        }
-        #define ASSERT_RESTORED_VECTOR_REGISTERS(fail_clause) {         \
-            if (wc_svr_count != 0) {                                    \
-                fprintf(stderr,                                         \
-                        "ASSERT_RESTORED_VECTOR_REGISTERS : %s @ L%d : wc_svr_count %d (last op %s L%d)\n", \
-                        __FILE__,                                       \
-                        __LINE__,                                       \
-                        wc_svr_count,                                   \
-                        wc_svr_last_file,                               \
-                        wc_svr_last_line);                              \
-                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
-                { fail_clause }                                         \
-            }                                                           \
-        }
-        #define RESTORE_VECTOR_REGISTERS(...) {                         \
-            --wc_svr_count;                                             \
-            if ((wc_svr_count > 4) || (wc_svr_count < 0)) {             \
-                fprintf(stderr,                                         \
-                        "%s @ L%d : decr : wc_svr_count %d (last op %s L%d)\n", \
-                        __FILE__,                                       \
-                        __LINE__,                                       \
-                        wc_svr_count,                                   \
-                        wc_svr_last_file,                               \
-                        wc_svr_last_line);                              \
-                DEBUG_VECTOR_REGISTERS_EXTRA_FAIL_CLAUSE                \
-            }                                                           \
-            wc_svr_last_file = __FILE__;                                \
-            wc_svr_last_line = __LINE__;                                \
-        }
-    #else
-        #ifdef _MSC_VER
-            /* disable buggy MSC warning around while(0),
-             *"warning C4127: conditional expression is constant"
-             */
-            #pragma warning(disable: 4127)
-        #endif
-        #ifndef SAVE_VECTOR_REGISTERS
-            #define SAVE_VECTOR_REGISTERS(...) do{}while(0)
-        #endif
-        #ifndef ASSERT_SAVED_VECTOR_REGISTERS
-            #define ASSERT_SAVED_VECTOR_REGISTERS(...) do{}while(0)
-        #endif
-        #ifndef ASSERT_RESTORED_VECTOR_REGISTERS
-            #define ASSERT_RESTORED_VECTOR_REGISTERS(...) do{}while(0)
-        #endif
-        #ifndef RESTORE_VECTOR_REGISTERS
-            #define RESTORE_VECTOR_REGISTERS() do{}while(0)
-        #endif
+    #ifndef SAVE_VECTOR_REGISTERS
+        #define SAVE_VECTOR_REGISTERS(...) WC_DO_NOTHING
+    #endif
+    #ifndef SAVE_VECTOR_REGISTERS2
+        #define SAVE_VECTOR_REGISTERS2() 0
+    #endif
+    #ifndef WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL
+        #define WC_DEBUG_SET_VECTOR_REGISTERS_RETVAL(x) WC_DO_NOTHING
+    #endif
+    #ifndef ASSERT_SAVED_VECTOR_REGISTERS
+        #define ASSERT_SAVED_VECTOR_REGISTERS(...) WC_DO_NOTHING
+    #endif
+    #ifndef ASSERT_RESTORED_VECTOR_REGISTERS
+        #define ASSERT_RESTORED_VECTOR_REGISTERS(...) WC_DO_NOTHING
+    #endif
+    #ifndef RESTORE_VECTOR_REGISTERS
+        #define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
     #endif
-
 
     #if FIPS_VERSION_GE(5,1)
         #define WC_SPKRE_F(x,y) wolfCrypt_SetPrivateKeyReadEnable_fips((x),(y))
         #define PRIVATE_KEY_LOCK() WC_SPKRE_F(0,WC_KEYTYPE_ALL)
         #define PRIVATE_KEY_UNLOCK() WC_SPKRE_F(1,WC_KEYTYPE_ALL)
     #else
-        #define PRIVATE_KEY_LOCK() do{}while(0)
-        #define PRIVATE_KEY_UNLOCK() do{}while(0)
+        #define PRIVATE_KEY_LOCK() WC_DO_NOTHING
+        #define PRIVATE_KEY_UNLOCK() WC_DO_NOTHING
     #endif
 
 
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
index 68b9b76e..6ee10dfc 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/visibility.h
@@ -25,17 +25,6 @@
 #ifndef WOLF_CRYPT_VISIBILITY_H
 #define WOLF_CRYPT_VISIBILITY_H
 
-
-/* for compatibility and so that fips is using same name of macro @wc_fips */
-/* The following visibility wrappers are for old FIPS. New FIPS should use
- * the same as a non-FIPS build. */
-#if defined(HAVE_FIPS) && \
-    (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 2))
-    #include <cyassl/ctaocrypt/visibility.h>
-    #define WOLFSSL_API   CYASSL_API
-    #define WOLFSSL_LOCAL CYASSL_LOCAL
-#else
-
 /* WOLFSSL_API is used for the public API symbols.
         It either imports or exports (or does nothing for static builds)
 
@@ -76,8 +65,6 @@
     #endif
 #endif /* BUILDING_WOLFSSL */
 
-#endif /* HAVE_FIPS */
-
 /* WOLFSSL_ABI is used for public API symbols that must not change
  * their signature. This tag is used for all APIs that are a
  * part of the fixed ABI.
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h
new file mode 100644
index 00000000..a0e06e41
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_lms.h
@@ -0,0 +1,23 @@
+/* wc_lms.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#error "Contact wolfSSL to get the implementation of this file"
+
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
index 7b452841..5240effa 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_port.h
@@ -60,6 +60,9 @@
 
 /* THREADING/MUTEX SECTION */
 #ifdef USE_WINDOWS_API
+    #if defined(WOLFSSL_PTHREADS)
+        #include <pthread.h>
+    #endif
     #ifdef WOLFSSL_GAME_BUILD
         #include "system/xtl.h"
     #else
@@ -77,6 +80,9 @@
             #endif
         #endif /* WOLFSSL_SGX */
     #endif
+    #ifndef SINGLE_THREADED
+        #include <process.h>
+    #endif
 #elif defined(THREADX)
     #ifndef SINGLE_THREADED
         #ifdef NEED_THREADX_TYPES
@@ -224,7 +230,7 @@
             signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES];
             xSemaphoreHandle mutex;
         } wolfSSL_Mutex;
-    #elif defined(USE_WINDOWS_API)
+    #elif defined(USE_WINDOWS_API) && !defined(WOLFSSL_PTHREADS)
         typedef CRITICAL_SECTION wolfSSL_Mutex;
     #elif defined(MAXQ10XX_MUTEX)
         #include <sys/mman.h>
@@ -237,6 +243,7 @@
             typedef pthread_rwlock_t wolfSSL_RwLock;
         #endif
         typedef pthread_mutex_t wolfSSL_Mutex;
+        #define WOLFSSL_MUTEX_INITIALIZER PTHREAD_MUTEX_INITIALIZER
     #elif defined(THREADX)
         typedef TX_MUTEX wolfSSL_Mutex;
     #elif defined(WOLFSSL_DEOS)
@@ -244,7 +251,11 @@
     #elif defined(MICRIUM)
         typedef OS_MUTEX wolfSSL_Mutex;
     #elif defined(EBSNET)
-        typedef RTP_MUTEX wolfSSL_Mutex;
+        #if (defined(RTPLATFORM) && (RTPLATFORM != 0))
+            typedef RTP_MUTEX wolfSSL_Mutex;
+        #else
+            typedef KS_RTIPSEM wolfSSL_Mutex;
+        #endif
     #elif defined(FREESCALE_MQX) || defined(FREESCALE_KSDK_MQX)
         typedef MUTEX_STRUCT wolfSSL_Mutex;
     #elif defined(FREESCALE_FREE_RTOS)
@@ -349,7 +360,7 @@ typedef struct wolfSSL_Ref {
         (ref)->count = 1;                    \
         *(err) = 0;                          \
     } while(0)
-#define wolfSSL_RefFree(ref)
+#define wolfSSL_RefFree(ref) WC_DO_NOTHING
     #define wolfSSL_RefInc(ref, err)         \
     do {                                     \
         (ref)->count++;                      \
@@ -369,7 +380,7 @@ typedef struct wolfSSL_Ref {
         wolfSSL_Atomic_Int_Init(&(ref)->count, 1); \
         *(err) = 0;                          \
     } while(0)
-#define wolfSSL_RefFree(ref)
+#define wolfSSL_RefFree(ref) WC_DO_NOTHING
 #define wolfSSL_RefInc(ref, err)             \
     do {                                     \
         (void)wolfSSL_Atomic_Int_FetchAdd(&(ref)->count, 1); \
@@ -440,6 +451,7 @@ typedef void (mutex_cb)(int flag, int type, const char* file, int line);
 
 WOLFSSL_API int wc_LockMutex_ex(int flag, int type, const char* file, int line);
 WOLFSSL_API int wc_SetMutexCb(mutex_cb* cb);
+WOLFSSL_API mutex_cb* wc_GetMutexCb(void);
 #endif
 
 /* main crypto initialization function */
@@ -474,6 +486,8 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #define XSEEK_END                VSEEK_END
     #define XBADFILE                 -1
     #define XFGETS(b,s,f)            -2 /* Not ported yet */
+    #define XSNPRINTF rtp_snprintf
+    #define XFPRINTF fprintf
 
 #elif defined(LSR_FS)
     #include <fs.h>
@@ -615,7 +629,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #define XFREAD     fread
     #define XFWRITE    fwrite
     #define XFCLOSE    fclose
-    #define XSEEK_END  SEEK_SET
+    #define XSEEK_SET  SEEK_SET
     #define XSEEK_END  SEEK_END
     #define XBADFILE   NULL
     #define XFGETS     fgets
@@ -729,10 +743,10 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
 #endif
 
     #ifndef MAX_FILENAME_SZ
-        #define MAX_FILENAME_SZ  256 /* max file name length */
+        #define MAX_FILENAME_SZ (260 + 1) /* max file name length */
     #endif
     #ifndef MAX_PATH
-        #define MAX_PATH 256
+        #define MAX_PATH (260 + 1)
     #endif
 
     WOLFSSL_LOCAL int wc_FileLoad(const char* fname, unsigned char** buf,
@@ -856,7 +870,7 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #include "os.h"           /* dc_rtc_api needs    */
     #include "dc_rtc_api.h"   /* to get current time */
 
-    /* uses parital <time.h> structures */
+    /* uses partial <time.h> structures */
     #define XTIME(tl)       (0)
     #define XGMTIME(c, t)   rtpsys_gmtime((c))
 
@@ -968,7 +982,15 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #ifndef _POSIX_C_SOURCE
         #include <zephyr/posix/time.h>
     #else
-        #include <sys/time.h>
+        #include <time.h>
+    #endif
+
+    #if defined(CONFIG_RTC)
+        #if defined(CONFIG_PICOLIBC) || defined(CONFIG_NEWLIB_LIBC)
+            #include <zephyr/drivers/rtc.h>
+        #else
+            #warning "RTC support needs picolibc or newlib (nano)"
+        #endif
     #endif
 
     time_t z_time(time_t *timer);
@@ -1041,6 +1063,11 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #define XTIME(tl)       time((tl))
     #endif
 #endif
+
+#if defined(WOLFSSL_GMTIME) && !defined(HAVE_GMTIME_R)
+    #define HAVE_GMTIME_R
+#endif
+
 #if !defined(XGMTIME) && !defined(TIME_OVERRIDES)
     /* Always use gmtime_r if available. */
     #if defined(HAVE_GMTIME_S)
@@ -1106,8 +1133,9 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     extern struct tm* XGMTIME(const time_t* timer, struct tm* tmp);
 #elif defined(WOLFSSL_GMTIME)
     struct tm* gmtime(const time_t* timer);
+    struct tm* gmtime_r(const time_t* timer, struct tm *ret);
 #endif
-#endif /* NO_ASN_TIME */
+#endif /* !NO_ASN_TIME */
 
 
 #ifndef WOLFSSL_LEANPSK
@@ -1151,6 +1179,23 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void);
     #endif
 #endif
 
+
+    /* AFTER user_settings.h is loaded,
+    ** determine if POSIX multi-threaded: HAVE_PTHREAD  */
+    #if defined(SINGLE_THREADED) || defined(__MINGW32__)
+        /* Never HAVE_PTHREAD in single thread, or non-POSIX mode.
+        ** Reminder: MING32 is win32 threads, not POSIX threads */
+        #undef HAVE_PTHREAD
+    #else
+        /* _POSIX_THREADS is defined by unistd.h so this check needs to happen
+         * after we include all the platform relevant libs. */
+        #ifdef _POSIX_THREADS
+            /* HAVE_PTHREAD == POSIX threads capable and enabled. */
+            #undef HAVE_PTHREAD
+            #define HAVE_PTHREAD 1
+        #endif
+    #endif
+
 #ifdef __cplusplus
     }  /* extern "C" */
 #endif
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h
new file mode 100644
index 00000000..96274d79
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/wc_xmss.h
@@ -0,0 +1,23 @@
+/* wc_xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+#error "Contact wolfSSL to get the implementation of this file"
+
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h
new file mode 100644
index 00000000..70f26c48
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfcrypt/xmss.h
@@ -0,0 +1,152 @@
+/* xmss.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/*!
+    \file wolfssl/wolfcrypt/xmss.h
+ */
+
+#ifndef WOLF_CRYPT_XMSS_H
+#define WOLF_CRYPT_XMSS_H
+
+#include <wolfssl/wolfcrypt/types.h>
+#include <wolfssl/wolfcrypt/random.h>
+
+#ifdef WOLFSSL_HAVE_XMSS
+
+/* Note on XMSS/XMSS^MT pub/priv key sizes:
+ *   - The XMSS/XMSS^MT pub key has a defined format and size.
+ *   - The XMSS/XMSS^MT private key is implementation and parameter
+ *     specific. It does not have a standardized format or size.
+ *
+ * The XMSS/XMSS^MT public and secret key format and length is:
+ *   PK = OID || root || SEED;
+ *   PK_len = 4 + 2 * n
+ *
+ *   SK = OID || (implementation defined)
+ *   SK_len = 4 + (implementation defined)
+ *
+ * where n is the number of bytes in the hash function, which is 32
+ * in this SHA256 implementation.
+ *
+ * However the private key is implementation specific. For example,
+ * in xmss-reference the private key size varies from 137 bytes to
+ * 1377 bytes between slow and fast implementations with param name
+ * "XMSSMT-SHA2_20/2_256".
+ *
+ * References:
+ *   - RFC 8391
+ *   - Table 2 of Kampanakis, Fluhrer, IACR, 2017.
+ * */
+
+#define XMSS_SHA256_PUBLEN (68)
+
+/* Supported XMSS/XMSS^MT parameter set names:
+ * We are supporting all SHA256 parameter sets with n=32 and
+ * Winternitz=16, from RFC 8391 and NIST SP 800-208.
+ *
+ *         ----------------------------------------------------------
+ *         | Name                     OID         n   w  len  h   d  |
+ * XMSS:   | "XMSS-SHA2_10_256"       0x00000001  32  16  67  10  1  |
+ *         | "XMSS-SHA2_16_256"       0x00000002  32  16  67  16  1  |
+ *         | "XMSS-SHA2_20_256"       0x00000003  32  16  67  20  1  |
+ *         |                                                         |
+ * XMSSMT: | "XMSSMT-SHA2_20/2_256"   0x00000001  32  16  67  20  2  |
+ *         | "XMSSMT-SHA2_20/4_256"   0x00000002  32  16  67  20  4  |
+ *         | "XMSSMT-SHA2_40/2_256"   0x00000003  32  16  67  40  2  |
+ *         | "XMSSMT-SHA2_40/4_256"   0x00000004  32  16  67  40  4  |
+ *         | "XMSSMT-SHA2_40/8_256"   0x00000005  32  16  67  40  8  |
+ *         | "XMSSMT-SHA2_60/3_256"   0x00000006  32  16  67  60  3  |
+ *         | "XMSSMT-SHA2_60/6_256"   0x00000007  32  16  67  60  6  |
+ *         | "XMSSMT-SHA2_60/12_256"  0x00000008  32  16  67  60  12 |
+ *         ----------------------------------------------------------
+ *
+ * Note that some XMSS and XMSSMT names do have overlapping OIDs.
+ *
+ * References:
+ *   1. NIST SP 800-208
+ *   2. RFC 8391
+ * */
+
+#define XMSS_NAME_LEN       (16) /* strlen("XMSS-SHA2_10_256") */
+#define XMSSMT_NAME_MIN_LEN (20) /* strlen("XMSSMT-SHA2_20/2_256") */
+#define XMSSMT_NAME_MAX_LEN (21) /* strlen("XMSSMT-SHA2_60/12_256") */
+
+typedef struct XmssKey XmssKey;
+
+/* Return codes returned by private key callbacks. */
+enum wc_XmssRc {
+  WC_XMSS_RC_NONE,
+  WC_XMSS_RC_BAD_ARG,            /* Bad arg in read or write callback. */
+  WC_XMSS_RC_WRITE_FAIL,         /* Write or update private key failed. */
+  WC_XMSS_RC_READ_FAIL,          /* Read private key failed. */
+  WC_XMSS_RC_SAVED_TO_NV_MEMORY, /* Wrote private key to nonvolatile storage. */
+  WC_XMSS_RC_READ_TO_MEMORY      /* Read private key from storage. */
+};
+
+/* enum wc_XmssState is to help track the state of an XMSS Key. */
+enum wc_XmssState {
+    WC_XMSS_STATE_FREED,      /* Key has been freed from memory. */
+    WC_XMSS_STATE_INITED,     /* Key has been inited, ready to set params.*/
+    WC_XMSS_STATE_PARMSET,    /* Params are set, ready to MakeKey or Reload. */
+    WC_XMSS_STATE_OK,         /* Able to sign signatures and verify. */
+    WC_XMSS_STATE_VERIFYONLY, /* A public only XmssKey. */
+    WC_XMSS_STATE_BAD,        /* Can't guarantee key's state. */
+    WC_XMSS_STATE_NOSIGS      /* Signatures exhausted. */
+};
+
+/* Private key write and read callbacks. */
+typedef enum wc_XmssRc (*write_private_key_cb)(const byte * priv, word32 privSz, void *context);
+typedef enum wc_XmssRc (*read_private_key_cb)(byte * priv, word32 privSz, void *context);
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+WOLFSSL_API int  wc_XmssKey_Init(XmssKey * key, void * heap, int devId);
+WOLFSSL_API int  wc_XmssKey_SetParamStr(XmssKey * key, const char * str);
+#ifndef WOLFSSL_XMSS_VERIFY_ONLY
+WOLFSSL_API int  wc_XmssKey_SetWriteCb(XmssKey * key,
+    write_private_key_cb write_cb);
+WOLFSSL_API int  wc_XmssKey_SetReadCb(XmssKey * key,
+    read_private_key_cb read_cb);
+WOLFSSL_API int  wc_XmssKey_SetContext(XmssKey * key, void * context);
+WOLFSSL_API int  wc_XmssKey_MakeKey(XmssKey * key, WC_RNG * rng);
+WOLFSSL_API int  wc_XmssKey_Reload(XmssKey * key);
+WOLFSSL_API int  wc_XmssKey_GetPrivLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int  wc_XmssKey_Sign(XmssKey * key, byte * sig, word32 * sigSz,
+    const byte * msg, int msgSz);
+WOLFSSL_API int  wc_XmssKey_SigsLeft(XmssKey * key);
+#endif /* ifndef WOLFSSL_XMSS_VERIFY_ONLY */
+WOLFSSL_API void wc_XmssKey_Free(XmssKey * key);
+WOLFSSL_API int  wc_XmssKey_GetSigLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int  wc_XmssKey_GetPubLen(const XmssKey * key, word32 * len);
+WOLFSSL_API int  wc_XmssKey_ExportPub(XmssKey * keyDst, const XmssKey * keySrc);
+WOLFSSL_API int  wc_XmssKey_ExportPubRaw(const XmssKey * key, byte * out,
+    word32 * outLen);
+WOLFSSL_API int  wc_XmssKey_ImportPubRaw(XmssKey * key, const byte * in,
+    word32 inLen);
+WOLFSSL_API int  wc_XmssKey_Verify(XmssKey * key, const byte * sig, word32 sigSz,
+    const byte * msg, int msgSz);
+#ifdef __cplusplus
+    } /* extern "C" */
+#endif
+
+#endif /* WOLFSSL_HAVE_XMSS */
+#endif /* WOLF_CRYPT_XMSS_H */
diff --git a/extra/wolfssl/wolfssl/wolfssl/wolfio.h b/extra/wolfssl/wolfssl/wolfssl/wolfio.h
index f783fd03..9a8b5113 100644
--- a/extra/wolfssl/wolfssl/wolfssl/wolfio.h
+++ b/extra/wolfssl/wolfssl/wolfssl/wolfio.h
@@ -26,6 +26,8 @@
 #ifndef WOLFSSL_IO_H
 #define WOLFSSL_IO_H
 
+#include <wolfssl/ssl.h>
+
 #ifdef __cplusplus
     extern "C" {
 #endif
@@ -169,7 +171,8 @@
     #endif
 
     #if defined(WOLFSSL_RENESAS_RA6M3G) || defined(WOLFSSL_RENESAS_RA6M3) ||\
-                    defined(WOLFSSL_RENESAS_RA6M4)
+                    defined(WOLFSSL_RENESAS_RA6M4) || \
+                    defined(WOLFSSL_RENESAS_RZN2L)
       /* Uses FREERTOS_TCP */
         #include <errno.h>
     #endif
@@ -381,6 +384,13 @@
             #define XSOCKLENT socklen_t
         #endif
     #endif
+    #ifndef XSOCKOPT_TYPE_OPTVAL_TYPE
+        #ifdef USE_WINDOWS_API
+            #define XSOCKOPT_TYPE_OPTVAL_TYPE void*
+        #else
+            #define XSOCKOPT_TYPE_OPTVAL_TYPE char*
+        #endif
+    #endif
 
     /* Socket Addr Support */
     #ifdef HAVE_SOCKADDR
@@ -429,7 +439,7 @@ WOLFSSL_API  int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
         extern int closesocket(int);
         #define CloseSocket(s) closesocket(s)
     #endif
-    #define StartTCP()
+    #define StartTCP() WC_DO_NOTHING
 #elif defined(FUSION_RTOS)
     #ifndef CloseSocket
         #define CloseSocket(s) do {                     \
@@ -441,7 +451,7 @@ WOLFSSL_API  int wolfIO_Recv(SOCKET_T sd, char *buf, int sz, int rdFlags);
     #ifndef CloseSocket
         #define CloseSocket(s) close(s)
     #endif
-    #define StartTCP()
+    #define StartTCP() WC_DO_NOTHING
     #ifdef FREERTOS_TCP_WINSIM
         extern int close(int);
     #endif
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/README.md b/extra/wolfssl/wolfssl/wrapper/Ada/README.md
new file mode 100644
index 00000000..0af9eafc
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/README.md
@@ -0,0 +1,116 @@
+# Ada Binding Example
+The source code for the Ada/SPARK binding of the WolfSSL library
+is the WolfSSL Ada package in the wolfssl.ads and wolfssl.adb files.
+
+The source code here also demonstrates a TLS v1.3 server and client
+using the WolfSSL Ada binding. The implementation is cross-platform
+and compiles on Linux, Mac OS X and Windows.
+
+Security: The WolfSSL Ada binding avoids usage of the
+Secondary Stack. The GNAT compiler has a number of hardening
+features for example Stack Scrubbing; the compiler can generate
+code to zero-out stack frames used by subprograms.
+Unfortunately this works well for the primary stack but not
+for the secondary stack. The GNAT User's Guide recommends
+avoiding the secondary stack using the restriction
+No_Secondary_Stack (see the GNAT configuration file gnat.adc
+which instructs compilation of the WolfSSL Ada binding under
+this restriction).
+
+Portability: The WolfSSL Ada binding makes no usage of controlled types
+and has no dependency upon the Ada.Finalization package.
+Lighter Ada run-times for embedded systems often have
+the restriction No_Finalization. The WolfSSL Ada binding has
+been developed with maximum portability in mind.
+
+Not only can the WolfSSL Ada binding be used in Ada applications but
+also SPARK applications (a subset of the Ada language suitable
+formal verification). To formally verify the Ada code in this repository
+open the client.gpr with GNAT Studio and then select
+SPARK -> Prove All Sources and use Proof Level 2.
+
+```
+Summary of SPARK analysis
+=========================
+
+---------------------------------------------------------------------------------------------------------------
+SPARK Analysis results        Total        Flow   CodePeer                       Provers   Justified   Unproved
+---------------------------------------------------------------------------------------------------------------
+Data Dependencies                 2           2          .                             .           .          .
+Flow Dependencies                 .           .          .                             .           .          .
+Initialization                   15          15          .                             .           .          .
+Non-Aliasing                      .           .          .                             .           .          .
+Run-time Checks                  58           .          .    58 (CVC4 85%, Trivial 15%)           .          .
+Assertions                        6           .          .                      6 (CVC4)           .          .
+Functional Contracts             91           .          .                     91 (CVC4)           .          .
+LSP Verification                  .           .          .                             .           .          .
+Termination                       .           .          .                             .           .          .
+Concurrency                       .           .          .                             .           .          .
+---------------------------------------------------------------------------------------------------------------
+Total                           172    17 (10%)          .                     155 (90%)           .          .
+```
+
+## Compiler and Build System installation
+
+### GNAT Community Edition 2021
+Download and install the GNAT community Edition 2021 compiler and studio:
+https://www.adacore.com/download
+
+Linux Install:
+
+```sh
+chmod +x gnat-2021-20210519-x86_64-linux-bin
+./gnat-2021-20210519-x86_64-linux-bin
+```
+
+```sh
+export PATH="/opt/GNAT/2021/bin:$PATH"
+cd wrapper/Ada
+gprclean
+gprbuild default.gpr
+gprbuild client.gpr
+
+cd obj/
+./tls_server_main &
+./tls_client_main 127.0.0.1
+```
+
+On Windows, build the executables with:
+```sh
+gprbuild -XOS=Windows default.gpr
+gprbuild -XOS=Windows client.gpr
+```
+
+
+### GNAT FSF Compiler and GPRBuild manual installation
+In May 2022 AdaCore announced the end of the GNAT Community releases.
+Pre-built binaries for the GNAT FSF compiler and GPRBuild can be
+downloaded and manually installed from here:
+https://github.com/alire-project/GNAT-FSF-builds/releases
+Make sure the executables for the compiler and GPRBuild are on the PATH
+and use gprbuild to build the source code.
+
+## Files
+The TLS v1.3 client example in the Ada/SPARK programming language
+using the WolfSSL library can be found in the files:
+tls_client_main.adb
+tls_client.ads
+tls_client.adb
+
+The TLS v1.3 server example in the Ada/SPARK programming language
+using the WolfSSL library can be found in the files:
+tls_server_main.adb
+tls_server.ads
+tls_server.adb
+
+A feature of the Ada language that is not part of SPARK is exceptions.
+Some packages of the Ada standard library and GNAT specific packages
+provided by the GNAT compiler can therefore not be used directly but
+need to be put into wrapper packages that does not raise exceptions.
+The packages that provide access to sockets and command line arguments
+to applications implemented in the SPARK programming language can be
+found in the files:
+spark_sockets.ads
+spark_sockets.adb
+spark_terminal.ads
+spark_terminal.adb
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c b/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c
new file mode 100644
index 00000000..0becb0e7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/ada_binding.c
@@ -0,0 +1,105 @@
+/* ada_binding.c
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+/* wolfSSL */
+#include <wolfssl/wolfcrypt/settings.h>
+#include <wolfssl/ssl.h>
+
+/* These functions give access to the integer values of the enumeration
+   constants used in WolfSSL. These functions make it possible
+   for the WolfSSL implementation to change the values of the constants
+   without the need to make a corresponding change in the Ada code. */
+extern int get_wolfssl_error_want_read(void);
+extern int get_wolfssl_error_want_write(void);
+extern int get_wolfssl_max_error_size (void);
+extern int get_wolfssl_success(void);
+extern int get_wolfssl_failure(void);
+extern int get_wolfssl_verify_none(void);
+extern int get_wolfssl_verify_peer(void);
+extern int get_wolfssl_verify_fail_if_no_peer_cert(void);
+extern int get_wolfssl_verify_client_once(void);
+extern int get_wolfssl_verify_post_handshake(void);
+extern int get_wolfssl_verify_fail_except_psk(void);
+extern int get_wolfssl_verify_default(void);
+
+extern int get_wolfssl_filetype_asn1(void);
+extern int get_wolfssl_filetype_pem(void);
+extern int get_wolfssl_filetype_default(void);
+
+extern int get_wolfssl_error_want_read(void) {
+  return WOLFSSL_ERROR_WANT_READ;
+}
+
+extern int get_wolfssl_error_want_write(void) {
+  return WOLFSSL_ERROR_WANT_WRITE;
+}
+
+extern int get_wolfssl_max_error_size(void) {
+  return WOLFSSL_MAX_ERROR_SZ;
+}
+
+extern int get_wolfssl_success(void) {
+  return WOLFSSL_SUCCESS;
+}
+
+extern int get_wolfssl_failure(void) {
+  return WOLFSSL_FAILURE;
+}
+
+extern int get_wolfssl_verify_none(void) {
+  return WOLFSSL_VERIFY_NONE;
+}
+
+extern int get_wolfssl_verify_peer(void) {
+  return WOLFSSL_VERIFY_PEER;
+}
+
+extern int get_wolfssl_verify_fail_if_no_peer_cert(void) {
+  return WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+}
+
+extern int get_wolfssl_verify_client_once(void) {
+  return WOLFSSL_VERIFY_CLIENT_ONCE;
+}
+
+extern int get_wolfssl_verify_post_handshake(void) {
+  return WOLFSSL_VERIFY_POST_HANDSHAKE;
+}
+
+extern int get_wolfssl_verify_fail_except_psk(void) {
+  return WOLFSSL_VERIFY_FAIL_EXCEPT_PSK;
+}
+
+extern int get_wolfssl_verify_default(void) {
+  return WOLFSSL_VERIFY_DEFAULT;
+}
+
+extern int get_wolfssl_filetype_asn1(void) {
+  return WOLFSSL_FILETYPE_ASN1;
+}
+
+extern int get_wolfssl_filetype_pem(void) {
+  return WOLFSSL_FILETYPE_PEM;
+}
+
+extern int get_wolfssl_filetype_default(void) {
+  return WOLFSSL_FILETYPE_DEFAULT;
+}
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr b/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr
new file mode 100644
index 00000000..b8360a07
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/client.gpr
@@ -0,0 +1,78 @@
+project Client is
+   type OS_Kind is ("Windows", "Linux_Or_Mac");
+
+   OS : OS_Kind := external ("OS", "Linux_Or_Mac");
+
+   for Languages use ("C", "Ada");
+
+   for Source_Dirs use (".",
+                        "../../",
+                        "../../src",
+                        "../../wolfcrypt/src");
+
+   for Object_Dir use "obj";
+
+   for Main use ("tls_client_main.adb");
+
+   package Naming is
+      for Spec_Suffix ("C") use ".h";
+   end Naming;
+
+   package Compiler is
+      for Switches ("C") use
+         ("-DWOLFSSL_USER_SETTINGS",  --  Use the user_settings.h file.
+          "-Wno-pragmas",
+          "-Wall",
+          "-Wextra",
+          "-Wunknown-pragmas",
+          "--param=ssp-buffer-size=1",
+          "-Waddress",
+          "-Warray-bounds",
+          "-Wbad-function-cast",
+          "-Wchar-subscripts",
+          "-Wcomment",
+          "-Wfloat-equal",
+          "-Wformat-security",
+          "-Wformat=2",
+          "-Wmaybe-uninitialized",
+          "-Wmissing-field-initializers",
+          "-Wmissing-noreturn",
+          "-Wmissing-prototypes",
+          "-Wnested-externs",
+          "-Wnormalized=id",
+          "-Woverride-init",
+          "-Wpointer-arith",
+          "-Wpointer-sign",
+          "-Wshadow",
+          "-Wsign-compare",
+          "-Wstrict-overflow=1",
+          "-Wstrict-prototypes",
+          "-Wswitch-enum",
+          "-Wundef",
+          "-Wunused",
+          "-Wunused-result",
+          "-Wunused-variable",
+          "-Wwrite-strings",
+          "-fwrapv");
+
+      for Switches ("Ada") use ("-g");
+   end Compiler;
+
+   package Linker is
+      case OS is
+         when "Windows" =>
+            for Switches ("Ada") use
+               ("-lm",         --  To include the math library (used by WolfSSL).
+                "-lcrypt32");  --  Needed on Windows.
+
+         when "Linux_Or_Mac" =>
+            for Switches ("Ada") use
+               ("-lm");  --  To include the math library (used by WolfSSL).
+      end case;
+   end Linker;
+
+   package Binder is
+      for Switches ("Ada") use ("-Es");  --  To include stack traces.
+   end Binder;
+
+end Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr b/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr
new file mode 100644
index 00000000..bbd3b34f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/default.gpr
@@ -0,0 +1,90 @@
+project Default is
+
+   type OS_Kind is ("Windows", "Linux_Or_Mac");
+
+   OS : OS_Kind := external ("OS", "Linux_Or_Mac");
+
+   for Languages use ("C", "Ada");
+
+   for Source_Dirs use (".",
+                        "../../",
+                        "../../src",
+                        "../../wolfcrypt/src");
+
+   --  Don't build the tls client application because it makes use
+   --  of the Secondary Stack due to usage of the Ada.Command_Line
+   --  package. All other Ada source code does not use the secondary stack.
+   for Excluded_Source_Files use ("tls_client_main.adb",
+                                  "tls_client.ads",
+                                  "tls_client.adb");
+
+   for Object_Dir use "obj";
+
+   for Main use ("tls_server_main.adb");
+
+   package Naming is
+      for Spec_Suffix ("C") use ".h";
+   end Naming;
+
+   package Builder is
+      for Global_Configuration_Pragmas use "gnat.adc";
+   end Builder;
+
+   package Compiler is
+      for Switches ("C") use
+         ("-DWOLFSSL_USER_SETTINGS", --  Use the user_settings.h file.
+          "-Wno-pragmas",
+          "-Wall",
+          "-Wextra",
+          "-Wunknown-pragmas",
+          "--param=ssp-buffer-size=1",
+          "-Waddress",
+          "-Warray-bounds",
+          "-Wbad-function-cast",
+          "-Wchar-subscripts",
+          "-Wcomment",
+          "-Wfloat-equal",
+          "-Wformat-security",
+          "-Wformat=2",
+          "-Wmaybe-uninitialized",
+          "-Wmissing-field-initializers",
+          "-Wmissing-noreturn",
+          "-Wmissing-prototypes",
+          "-Wnested-externs",
+          "-Wnormalized=id",
+          "-Woverride-init",
+          "-Wpointer-arith",
+          "-Wpointer-sign",
+          "-Wshadow",
+          "-Wsign-compare",
+          "-Wstrict-overflow=1",
+          "-Wstrict-prototypes",
+          "-Wswitch-enum",
+          "-Wundef",
+          "-Wunused",
+          "-Wunused-result",
+          "-Wunused-variable",
+          "-Wwrite-strings",
+          "-fwrapv");
+
+      for Switches ("Ada") use ("-g");
+   end Compiler;
+
+   package Linker is
+      case OS is
+         when "Windows" =>
+            for Switches ("Ada") use
+               ("-lm",         --  To include the math library (used by WolfSSL).
+                "-lcrypt32");  --  Needed on Windows.
+
+         when "Linux_Or_Mac" =>
+            for Switches ("Ada") use
+               ("-lm");  --  To include the math library (used by WolfSSL).
+      end case;
+   end Linker;
+
+   package Binder is
+      for Switches ("Ada") use ("-Es");  --  To include stack traces.
+   end Binder;
+
+end Default;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc b/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc
new file mode 100644
index 00000000..e479c000
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/gnat.adc
@@ -0,0 +1 @@
+pragma Restrictions (No_Secondary_Stack);
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/include.am b/extra/wolfssl/wolfssl/wrapper/Ada/include.am
new file mode 100644
index 00000000..3701e581
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/include.am
@@ -0,0 +1,17 @@
+# vim:ft=automake
+# included from Top Level Makefile.am
+# All paths should be given relative to the root
+
+EXTRA_DIST+= wrapper/Ada/README.md
+EXTRA_DIST+= wrapper/Ada/default.gpr
+EXTRA_DIST+= wrapper/Ada/gnat.adc
+EXTRA_DIST+= wrapper/Ada/ada_binding.c
+EXTRA_DIST+= wrapper/Ada/tls_client_main.adb
+EXTRA_DIST+= wrapper/Ada/tls_client.adb
+EXTRA_DIST+= wrapper/Ada/tls_client.ads
+EXTRA_DIST+= wrapper/Ada/tls_server_main.adb
+EXTRA_DIST+= wrapper/Ada/tls_server.adb
+EXTRA_DIST+= wrapper/Ada/tls_server.ads
+EXTRA_DIST+= wrapper/Ada/user_settings.h
+EXTRA_DIST+= wrapper/Ada/wolfssl.adb
+EXTRA_DIST+= wrapper/Ada/wolfssl.ads
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb
new file mode 100644
index 00000000..e315f230
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.adb
@@ -0,0 +1,138 @@
+-- spark_sockets.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C;
+
+package body SPARK_Sockets is
+
+   function Inet_Addr (Image : String) return Optional_Inet_Addr is
+      A : Inet_Addr_Type;
+   begin
+      A := GNAT.Sockets.Inet_Addr (Image);
+      return (Exists => True, Addr => A);
+   exception
+      when others =>
+         return (Exists => False);
+   end Inet_Addr;
+
+   procedure Create_Socket (Socket : in out Optional_Socket) is
+      S : Socket_Type;
+   begin
+      GNAT.Sockets.Create_Socket (S);
+      Socket := (Exists => True, Socket => S);
+   exception
+      when others =>
+         Socket := (Exists => False);
+   end Create_Socket;
+
+   function Connect_Socket (Socket : Socket_Type;
+                            Server : Sock_Addr_Type)
+                            return Subprogram_Result is
+   begin
+      GNAT.Sockets.Connect_Socket (Socket, Server);
+      return Success;
+   exception
+      when others =>
+         return Failure;
+   end Connect_Socket;
+
+   function To_C (Socket : Socket_Type) return Integer is
+   begin
+      --  The call to GNAT.Sockets.To_C can never raise an exception.
+      return GNAT.Sockets.To_C (Socket);
+   end To_C;
+
+   procedure Close_Socket (Socket : in out Optional_Socket) is
+   begin
+      GNAT.Sockets.Close_Socket (Socket.Socket);
+      Socket := (Exists => False);
+   end Close_Socket;
+
+   function Set_Socket_Option (Socket : Socket_Type;
+                               Level  : Level_Type;
+                               Option : Option_Type)
+                               return Subprogram_Result is
+   begin
+      GNAT.Sockets.Set_Socket_Option (Socket, Level, Option);
+      return Success;
+   exception
+      when others =>
+         return Failure;
+   end Set_Socket_Option;
+
+   function Bind_Socket (Socket  : Socket_Type;
+                         Address : Sock_Addr_Type)
+                         return Subprogram_Result is
+   begin
+      GNAT.Sockets.Bind_Socket (Socket, Address);
+      return Success;
+   exception
+      when others =>
+         return Failure;
+   end Bind_Socket;
+
+   function Listen_Socket (Socket : Socket_Type;
+                           Length : Natural) return Subprogram_Result is
+   begin
+      GNAT.Sockets.Listen_Socket (Socket, Length);
+      return Success;
+   exception
+      when others =>
+         return Failure;
+   end Listen_Socket;
+
+   procedure Accept_Socket (Server  : Socket_Type;
+                            Socket  : out Optional_Socket;
+                            Address : out Sock_Addr_Type;
+                            Result  : out Subprogram_Result) is
+      C : Socket_Type;
+   begin
+      GNAT.Sockets.Accept_Socket (Server, C, Address);
+      Socket := (Exists => True, Socket => C);
+      Result := Success;
+   exception
+      when others =>
+         Socket := (Exists => False);
+         Address := (Family => GNAT.Sockets.Family_Unspec);
+         Result := Failure;
+   end Accept_Socket;
+
+   procedure To_C (Item       : String;
+                   Target     : out Byte_Array;
+                   Count      : out Byte_Index) is
+   begin
+      Interfaces.C.To_C (Item       => Item,
+                         Target     => Target,
+                         Count      => Count,
+                         Append_Nul => False);
+   end To_C;
+
+   procedure To_Ada (Item     : Byte_Array;
+                     Target   : out String;
+                     Count    : out Natural) is
+   begin
+      Interfaces.C.To_Ada (Item     => Item,
+                           Target   => Target,
+                           Count    => Count,
+                           Trim_Nul => False);
+   end To_Ada;
+
+end SPARK_Sockets;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads
new file mode 100644
index 00000000..ee9864c6
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_sockets.ads
@@ -0,0 +1,137 @@
+-- spark_sockets.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+--  GNAT Library packages.
+with GNAT.Sockets;
+
+--  The WolfSSL package.
+with WolfSSL;
+
+--  This is a wrapper package around the GNAT.Sockets package.
+--  GNAT.Sockets raises exceptions to signal errors but exceptions
+--  are not supported by SPARK. This package converts raised exceptions
+--  into returned enumeration values by functions indicating success
+--  or failure.
+--
+--  The intended use of this package is to demonstrate the usage
+--  of the WolfSSL Ada binding in Ada/SPARK code.
+package SPARK_Sockets with SPARK_Mode is
+
+   subtype Byte_Array is WolfSSL.Byte_Array;
+   subtype Byte_Index is WolfSSL.Byte_Index; use type Byte_Index;
+
+   subtype Port_Type is GNAT.Sockets.Port_Type;
+
+   subtype Level_Type is GNAT.Sockets.Level_Type;
+
+   subtype Socket_Type is GNAT.Sockets.Socket_Type;
+   subtype Option_Name is GNAT.Sockets.Option_Name;
+   subtype Option_Type is GNAT.Sockets.Option_Type;
+   subtype Family_Type is GNAT.Sockets.Family_Type;
+
+   subtype Sock_Addr_Type is GNAT.Sockets.Sock_Addr_Type;
+   subtype Inet_Addr_Type is GNAT.Sockets.Inet_Addr_Type;
+
+   Socket_Error : exception renames GNAT.Sockets.Socket_Error;
+
+   Reuse_Address : Option_Name renames GNAT.Sockets.Reuse_Address;
+
+   Socket_Level : Level_Type renames GNAT.Sockets.Socket_Level;
+
+   Family_Inet : Family_Type renames GNAT.Sockets.Family_Inet;
+   use type GNAT.Sockets.Family_Type;
+
+   Any_Inet_Addr : Inet_Addr_Type renames GNAT.Sockets.Any_Inet_Addr;
+
+   subtype Subprogram_Result is WolfSSL.Subprogram_Result;
+   use type Subprogram_Result;
+
+   Success : Subprogram_Result renames WolfSSL.Success;
+   Failure : Subprogram_Result renames WolfSSL.Failure;
+
+   type Optional_Inet_Addr (Exists : Boolean := False) is record
+      case Exists is
+         when True  => Addr : Inet_Addr_Type;
+         when False => null;
+      end case;
+   end record;
+
+   function Inet_Addr (Image : String) return Optional_Inet_Addr;
+
+   type Optional_Socket (Exists : Boolean := False) is record
+      case Exists is
+         when True  => Socket : Socket_Type;
+         when False => null;
+      end case;
+   end record;
+
+   procedure Create_Socket (Socket : in out Optional_Socket) with
+      Pre => not Socket.Exists;
+
+   function Connect_Socket (Socket : Socket_Type;
+                            Server : Sock_Addr_Type)
+                            return Subprogram_Result;
+
+   function To_C (Socket : Socket_Type) return Integer with Inline;
+
+   --  Close a socket and more specifically a non-connected socket.
+   procedure Close_Socket (Socket : in out Optional_Socket) with
+      Pre  => Socket.Exists,
+      Post => not Socket.Exists;
+
+   function Set_Socket_Option (Socket : Socket_Type;
+                               Level  : Level_Type;
+                               Option : Option_Type)
+                               return Subprogram_Result;
+   --  Manipulate socket options.
+
+   function Bind_Socket (Socket  : Socket_Type;
+                         Address : Sock_Addr_Type)
+                         return Subprogram_Result;
+
+   function Listen_Socket (Socket : Socket_Type;
+                           Length : Natural) return Subprogram_Result;
+   --  To accept connections, a socket is first created with
+   --  Create_Socket, a willingness to accept incoming connections and
+   --  a queue Length for incoming connections are specified.
+   --  The queue length of 15 is an example value that should be
+   --  appropriate in usual cases. It can be adjusted according to each
+   --  application's particular requirements.
+
+   procedure Accept_Socket (Server  : Socket_Type;
+                            Socket  : out Optional_Socket;
+                            Address : out Sock_Addr_Type;
+                            Result  : out Subprogram_Result) with
+      Post => (if Result = Success then Socket.Exists else not Socket.Exists);
+
+   procedure To_C (Item       : String;
+                   Target     : out Byte_Array;
+                   Count      : out Byte_Index) with
+      Pre  => Item'Length <= Target'Length,
+      Post => Count <= Target'Last;
+
+   procedure To_Ada (Item     : Byte_Array;
+                     Target   : out String;
+                     Count    : out Natural) with
+      Pre  => Item'Length <= Target'Length,
+      Post => Count <= Target'Last;
+
+end SPARK_Sockets;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb
new file mode 100644
index 00000000..14bfb4b1
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.adb
@@ -0,0 +1,18 @@
+package body SPARK_Terminal is
+
+   procedure Set_Exit_Status (Status : Exit_Status) is
+   begin
+      Ada.Command_Line.Set_Exit_Status (Status);
+   end Set_Exit_Status;
+
+   function Argument_Count return Natural is
+   begin
+      return Ada.Command_Line.Argument_Count;
+   end Argument_Count;
+
+   function Argument (Number : Positive) return String is
+   begin
+      return Ada.Command_Line.Argument (Number);
+   end Argument;
+
+end SPARK_Terminal;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads
new file mode 100644
index 00000000..1c516ca7
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/spark_terminal.ads
@@ -0,0 +1,43 @@
+-- spark_sockets.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Ada.Command_Line;
+
+--  SPARK wrapper package around Ada.Command_Line and Interfaces.C
+--  packages because these packages lack contracts in their specification
+--  files that SPARK can use to verify the context in which
+--  subprograms can safely be called.
+package SPARK_Terminal with SPARK_Mode is
+
+   subtype Exit_Status is Ada.Command_Line.Exit_Status;
+
+   Exit_Status_Success : Exit_Status renames Ada.Command_Line.Success;
+   Exit_Status_Failure : Exit_Status renames Ada.Command_Line.Failure;
+
+   procedure Set_Exit_Status (Status : Exit_Status) with
+      Global => null;
+
+   function Argument_Count return Natural;
+
+   function Argument (Number : Positive) return String with
+      Pre => Number <= Argument_Count;
+
+end SPARK_Terminal;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb
new file mode 100644
index 00000000..88f5a60d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.adb
@@ -0,0 +1,328 @@
+-- tls_client.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+--  Ada Standard Library packages.
+with Ada.Characters.Handling;
+with Ada.Strings.Bounded;
+with Ada.Text_IO;
+with Interfaces.C;
+
+with SPARK_Terminal;
+
+package body Tls_Client with SPARK_Mode is
+
+   use type WolfSSL.Mode_Type;
+   use type WolfSSL.Byte_Index;
+   use type WolfSSL.Byte_Array;
+   use type WolfSSL.Subprogram_Result;
+
+   subtype Byte_Index is WolfSSL.Byte_Index;
+
+   Success : WolfSSL.Subprogram_Result renames WolfSSL.Success;
+
+   subtype Byte_Type is WolfSSL.Byte_Type;
+
+   package Natural_IO is new Ada.Text_IO.Integer_IO (Natural);
+
+   procedure Put (Text : String) is
+   begin
+      Ada.Text_IO.Put (Text);
+   end Put;
+
+   procedure Put (Number : Natural) is
+   begin
+      Natural_IO.Put (Item => Number, Width => 0, Base => 10);
+   end Put;
+
+   procedure Put (Number : Byte_Index) is
+   begin
+      Natural_IO.Put (Item => Natural (Number), Width => 0, Base => 10);
+   end Put;
+
+   procedure Put_Line (Text : String) is
+   begin
+      Ada.Text_IO.Put_Line (Text);
+   end Put_Line;
+
+   procedure New_Line is
+   begin
+      Ada.Text_IO.New_Line;
+   end New_Line;
+
+   subtype Exit_Status is SPARK_Terminal.Exit_Status;
+
+   Exit_Status_Success : Exit_Status renames SPARK_Terminal.Exit_Status_Success;
+   Exit_Status_Failure : Exit_Status renames SPARK_Terminal.Exit_Status_Failure;
+
+   procedure Set (Status : Exit_Status) with Global => null is
+   begin
+      SPARK_Terminal.Set_Exit_Status (Status);
+   end Set;
+
+   subtype Port_Type is SPARK_Sockets.Port_Type;
+
+   subtype Level_Type is SPARK_Sockets.Level_Type;
+
+   subtype Socket_Type is SPARK_Sockets.Socket_Type;
+   subtype Option_Name is SPARK_Sockets.Option_Name;
+   subtype Option_Type is SPARK_Sockets.Option_Type;
+   subtype Family_Type is SPARK_Sockets.Family_Type;
+
+   subtype Sock_Addr_Type is SPARK_Sockets.Sock_Addr_Type;
+   subtype Inet_Addr_Type is SPARK_Sockets.Inet_Addr_Type;
+
+   use type Family_Type;
+
+   Socket_Error : exception renames SPARK_Sockets.Socket_Error;
+
+   Reuse_Address : Option_Name renames SPARK_Sockets.Reuse_Address;
+
+   Socket_Level : Level_Type renames SPARK_Sockets.Socket_Level;
+
+   Family_Inet : Family_Type renames SPARK_Sockets.Family_Inet;
+
+   Any_Inet_Addr : Inet_Addr_Type renames SPARK_Sockets.Any_Inet_Addr;
+
+   CERT_FILE : constant String := "../../../certs/client-cert.pem";
+   KEY_FILE  : constant String := "../../../certs/client-key.pem";
+   CA_FILE   : constant String := "../../../certs/ca-cert.pem";
+
+   subtype Byte_Array is WolfSSL.Byte_Array;
+
+   function Argument_Count return Natural renames
+      SPARK_Terminal.Argument_Count;
+
+   function Argument (Number : Positive) return String with
+      Pre => Number <= Argument_Count;
+
+   function Argument (Number : Positive) return String is
+   begin
+      return SPARK_Terminal.Argument (Number);
+   end Argument;
+
+   procedure Run (Ssl    : in out WolfSSL.WolfSSL_Type;
+                  Ctx    : in out WolfSSL.Context_Type;
+                  Client : in out SPARK_Sockets.Optional_Socket) is
+      A : Sock_Addr_Type;
+      C : SPARK_Sockets.Optional_Socket renames Client;
+      D : Byte_Array (1 .. 200);
+      P : constant Port_Type := 11111;
+
+      Addr : SPARK_Sockets.Optional_Inet_Addr;
+
+      Count : WolfSSL.Byte_Index;
+
+      Text : String (1 .. 200);
+      Last : Natural;
+
+      Input  : WolfSSL.Read_Result;
+      Output : WolfSSL.Write_Result;
+
+      Result : WolfSSL.Subprogram_Result;
+   begin
+      Result := WolfSSL.Initialize;
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to initialize the WolfSSL library.");
+         return;
+      end if;
+
+      if Argument_Count < 1 then
+         Put_Line ("usage: tcl_client <IPv4 address>");
+         return;
+      end if;
+      SPARK_Sockets.Create_Socket (C);
+      if not C.Exists then
+         Put_Line ("ERROR: Failed to create socket.");
+         return;
+      end if;
+
+      Addr := SPARK_Sockets.Inet_Addr (Argument (1));
+      if not Addr.Exists or
+         (Addr.Exists and then Addr.Addr.Family /= Family_Inet)
+      then
+         Put_Line ("ERROR: please specify IPv4 address.");
+         SPARK_Sockets.Close_Socket (C);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+      A := (Family => Family_Inet,
+            Addr   => Addr.Addr,
+            Port   => P);
+
+      Result := SPARK_Sockets.Connect_Socket (Socket => C.Socket,
+                                              Server => A);
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to connect to server.");
+         SPARK_Sockets.Close_Socket (C);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Create and initialize WOLFSSL_CTX.
+      WolfSSL.Create_Context (Method  => WolfSSL.TLSv1_3_Client_Method,
+                              Context => Ctx);
+      if not WolfSSL.Is_Valid (Ctx) then
+         Put_Line ("ERROR: failed to create WOLFSSL_CTX.");
+         SPARK_Sockets.Close_Socket (C);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Load client certificate into WOLFSSL_CTX.
+      Result := WolfSSL.Use_Certificate_File (Context => Ctx,
+                                              File    => CERT_FILE,
+                                              Format  => WolfSSL.Format_Pem);
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (CERT_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Load client key into WOLFSSL_CTX.
+      Result := WolfSSL.Use_Private_Key_File (Context => Ctx,
+                                              File    => KEY_FILE,
+                                              Format  => WolfSSL.Format_Pem);
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (KEY_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Load CA certificate into WOLFSSL_CTX.
+      Result := WolfSSL.Load_Verify_Locations (Context => Ctx,
+                                               File    => CA_FILE,
+                                               Path    => "");
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (CA_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Create a WOLFSSL object.
+      WolfSSL.Create_WolfSSL (Context => Ctx, Ssl => Ssl);
+      if not WolfSSL.Is_Valid (Ssl) then
+         Put_Line ("ERROR: failed to create WOLFSSL object.");
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Attach wolfSSL to the socket.
+      Result := WolfSSL.Attach (Ssl    => Ssl,
+                                Socket => SPARK_Sockets.To_C (C.Socket));
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to set the file descriptor.");
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Ssl);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      Result := WolfSSL.Connect (Ssl);
+      if Result /= Success then
+         Put_Line ("ERROR: failed to connect to wolfSSL.");
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Ssl);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      Put ("Message for server: ");
+      Ada.Text_IO.Get_Line (Text, Last);
+
+      SPARK_Sockets.To_C (Item       => Text (1 .. Last),
+                          Target     => D,
+                          Count      => Count);
+      Output := WolfSSL.Write (Ssl  => Ssl,
+                               Data => D (1 .. Count));
+      if not Output.Success then
+         Put ("ERROR: write failure");
+         New_Line;
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Ssl);
+         WolfSSL.Free (Context => Ctx);
+         return;
+      end if;
+
+      if Natural (Output.Bytes_Written) < Last then
+         Put ("ERROR: failed to write entire message");
+         New_Line;
+         Put (Output.Bytes_Written);
+         Put (" bytes of ");
+         Put (Last);
+         Put ("bytes were sent");
+         New_Line;
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Ssl);
+         WolfSSL.Free (Context => Ctx);
+         return;
+      end if;
+
+      Input := WolfSSL.Read (Ssl);
+      if not Input.Success then
+         Put_Line ("Read error.");
+         Set (Exit_Status_Failure);
+         SPARK_Sockets.Close_Socket (C);
+         WolfSSL.Free (Ssl);
+         WolfSSL.Free (Context => Ctx);
+         return;
+      end if;
+      if Input.Buffer'Length > Text'Length then
+         SPARK_Sockets.To_Ada (Item     => Input.Buffer (1 .. 200),
+                               Target   => Text,
+                               Count    => Last);
+      else
+         SPARK_Sockets.To_Ada (Item     => Input.Buffer,
+                               Target   => Text,
+                               Count    => Last);
+      end if;
+      Put ("Server: ");
+      Put (Text (1 .. Last));
+      New_Line;
+
+      SPARK_Sockets.Close_Socket (C);
+      WolfSSL.Free (Ssl);
+      WolfSSL.Free (Context => Ctx);
+      Result := WolfSSL.Finalize;
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to finalize the WolfSSL library.");
+      end if;
+   end Run;
+
+end Tls_Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads
new file mode 100644
index 00000000..50a52b3c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client.ads
@@ -0,0 +1,37 @@
+-- tls_client.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+--  The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+package Tls_Client with SPARK_Mode is
+
+   procedure Run (Ssl    : in out WolfSSL.WolfSSL_Type;
+                  Ctx    : in out WolfSSL.Context_Type;
+                  Client : in out SPARK_Sockets.Optional_Socket) with
+      Pre  => (not Client.Exists and not
+                  WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx)),
+      Post => (not Client.Exists and not WolfSSL.Is_Valid (Ssl) and
+                  not WolfSSL.Is_Valid (Ctx));
+
+end Tls_Client;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb
new file mode 100644
index 00000000..ab50dab8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_client_main.adb
@@ -0,0 +1,33 @@
+-- tls_client_main.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Tls_Client;    pragma Elaborate_All (Tls_Client);
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+with WolfSSL;       pragma Elaborate_All (WolfSSL);
+--  Application entry point for the Ada translation of the
+--  tls client v1.3 example in C.
+procedure Tls_Client_Main is
+   Ssl : WolfSSL.WolfSSL_Type;
+   Ctx : WolfSSL.Context_Type;
+   C   : SPARK_Sockets.Optional_Socket;
+begin
+   Tls_Client.Run (Ssl, Ctx, Client => C);
+end Tls_Client_Main;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb
new file mode 100644
index 00000000..2858f26f
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.adb
@@ -0,0 +1,330 @@
+-- tls_server.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+--  Ada Standard Library packages.
+with Ada.Characters.Handling;
+with Ada.Strings.Bounded;
+with Ada.Text_IO.Bounded_IO;
+
+with SPARK_Terminal; pragma Elaborate_All (SPARK_Terminal);
+
+package body Tls_Server with SPARK_Mode is
+
+   use type WolfSSL.Mode_Type;
+   use type WolfSSL.Byte_Index;
+   use type WolfSSL.Byte_Array;
+   use type WolfSSL.Subprogram_Result;
+
+   Success : WolfSSL.Subprogram_Result renames WolfSSL.Success;
+
+   procedure Put (Char : Character) is
+   begin
+      Ada.Text_IO.Put (Char);
+   end Put;
+
+   procedure Put (Text : String) is
+   begin
+      Ada.Text_IO.Put (Text);
+   end Put;
+
+   procedure Put_Line (Text : String) is
+   begin
+      Ada.Text_IO.Put_Line (Text);
+   end Put_Line;
+
+   procedure New_Line is
+   begin
+      Ada.Text_IO.New_Line;
+   end New_Line;
+
+   subtype Exit_Status is SPARK_Terminal.Exit_Status;
+
+   Exit_Status_Success : Exit_Status renames SPARK_Terminal.Exit_Status_Success;
+   Exit_Status_Failure : Exit_Status renames SPARK_Terminal.Exit_Status_Failure;
+
+   procedure Set (Status : Exit_Status) with Global => null is
+   begin
+      SPARK_Terminal.Set_Exit_Status (Status);
+   end Set;
+
+   subtype Port_Type is SPARK_Sockets.Port_Type;
+
+   subtype Level_Type is SPARK_Sockets.Level_Type;
+
+   subtype Socket_Type is SPARK_Sockets.Socket_Type;
+   subtype Option_Name is SPARK_Sockets.Option_Name;
+   subtype Option_Type is SPARK_Sockets.Option_Type;
+   subtype Family_Type is SPARK_Sockets.Family_Type;
+
+   subtype Sock_Addr_Type is SPARK_Sockets.Sock_Addr_Type;
+   subtype Inet_Addr_Type is SPARK_Sockets.Inet_Addr_Type;
+
+   Socket_Error : exception renames SPARK_Sockets.Socket_Error;
+
+   Reuse_Address : Option_Name renames SPARK_Sockets.Reuse_Address;
+
+   Socket_Level : Level_Type renames SPARK_Sockets.Socket_Level;
+
+   Family_Inet : Family_Type renames SPARK_Sockets.Family_Inet;
+
+   Any_Inet_Addr : Inet_Addr_Type renames SPARK_Sockets.Any_Inet_Addr;
+
+   CERT_FILE : constant String := "../../../certs/server-cert.pem";
+   KEY_FILE  : constant String := "../../../certs/server-key.pem";
+   CA_FILE   : constant String := "../../../certs/client-cert.pem";
+
+   subtype Byte_Array is WolfSSL.Byte_Array;
+
+   Reply : constant Byte_Array := "I hear ya fa shizzle!";
+
+   procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+                  Ctx : in out WolfSSL.Context_Type;
+                  L   : in out SPARK_Sockets.Optional_Socket;
+                  C   : in out SPARK_Sockets.Optional_Socket) is
+      A : Sock_Addr_Type;
+      P : constant Port_Type := 11111;
+
+      Ch : Character;
+
+      Result : WolfSSL.Subprogram_Result;
+      Shall_Continue : Boolean := True;
+
+      Input  : WolfSSL.Read_Result;
+      Output : WolfSSL.Write_Result;
+      Option : Option_Type;
+   begin
+      Result := WolfSSL.Initialize;
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to initialize the WolfSSL library.");
+         return;
+      end if;
+
+      SPARK_Sockets.Create_Socket (Socket => L);
+      if not L.Exists then
+         Put_Line ("ERROR: Failed to create socket.");
+         return;
+      end if;
+
+      Option := (Name => Reuse_Address, Enabled => True);
+      Result := SPARK_Sockets.Set_Socket_Option (Socket => L.Socket,
+                                                 Level  => Socket_Level,
+                                                 Option => Option);
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to set socket option.");
+         SPARK_Sockets.Close_Socket (L);
+         return;
+      end if;
+
+      A := (Family => Family_Inet,
+            Addr   => Any_Inet_Addr,
+            Port   => P);
+      Result := SPARK_Sockets.Bind_Socket (Socket  => L.Socket,
+                                           Address => A);
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to bind socket.");
+         SPARK_Sockets.Close_Socket (L);
+         return;
+      end if;
+
+      Result := SPARK_Sockets.Listen_Socket (Socket => L.Socket,
+                                             Length => 5);
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to configure listener socket.");
+         SPARK_Sockets.Close_Socket (L);
+         return;
+      end if;
+
+      --  Create and initialize WOLFSSL_CTX.
+      WolfSSL.Create_Context (Method  => WolfSSL.TLSv1_3_Server_Method,
+                              Context => Ctx);
+      if not WolfSSL.Is_Valid (Ctx) then
+         Put_Line ("ERROR: failed to create WOLFSSL_CTX.");
+         SPARK_Sockets.Close_Socket (L);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Require mutual authentication.
+      WolfSSL.Set_Verify
+         (Context => Ctx,
+          Mode    => WolfSSL.Verify_Peer & WolfSSL.Verify_Fail_If_No_Peer_Cert);
+
+      --  Load server certificates into WOLFSSL_CTX.
+      Result := WolfSSL.Use_Certificate_File (Context => Ctx,
+                                              File    => CERT_FILE,
+                                              Format  => WolfSSL.Format_Pem);
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (CERT_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (L);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Load server key into WOLFSSL_CTX.
+      Result := WolfSSL.Use_Private_Key_File (Context => Ctx,
+                                              File    => KEY_FILE,
+                                              Format  => WolfSSL.Format_Pem);
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (KEY_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (L);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      --  Load client certificate as "trusted" into WOLFSSL_CTX.
+      Result := WolfSSL.Load_Verify_Locations (Context => Ctx,
+                                               File    => CA_FILE,
+                                               Path    => "");
+      if Result /= Success then
+         Put ("ERROR: failed to load ");
+         Put (CA_FILE);
+         Put (", please check the file.");
+         New_Line;
+         SPARK_Sockets.Close_Socket (L);
+         WolfSSL.Free (Context => Ctx);
+         Set (Exit_Status_Failure);
+         return;
+      end if;
+
+      while Shall_Continue loop
+         pragma Loop_Invariant (not C.Exists);
+         pragma Loop_Invariant (not WolfSSL.Is_Valid (Ssl));
+         pragma Loop_Invariant (WolfSSL.Is_Valid (Ctx));
+
+         Put_Line ("Waiting for a connection...");
+         SPARK_Sockets.Accept_Socket (Server  => L.Socket,
+                                      Socket  => C,
+                                      Address => A,
+                                      Result  => Result);
+         if Result /= Success then
+            Put_Line ("ERROR: failed to accept the connection.");
+            SPARK_Sockets.Close_Socket (L);
+            WolfSSL.Free (Context => Ctx);
+            return;
+         end if;
+
+         --  Create a WOLFSSL object.
+         WolfSSL.Create_WolfSSL (Context => Ctx, Ssl => Ssl);
+         if not WolfSSL.Is_Valid (Ssl) then
+            Put_Line ("ERROR: failed to create WOLFSSL object.");
+            SPARK_Sockets.Close_Socket (L);
+            SPARK_Sockets.Close_Socket (C);
+            WolfSSL.Free (Context => Ctx);
+            Set (Exit_Status_Failure);
+            return;
+         end if;
+
+         --  Attach wolfSSL to the socket.
+         Result := WolfSSL.Attach (Ssl    => Ssl,
+                                   Socket => SPARK_Sockets.To_C (C.Socket));
+         if Result /= Success then
+            Put_Line ("ERROR: Failed to set the file descriptor.");
+            WolfSSL.Free (Ssl);
+            SPARK_Sockets.Close_Socket (L);
+            SPARK_Sockets.Close_Socket (C);
+            WolfSSL.Free (Context => Ctx);
+            Set (Exit_Status_Failure);
+            return;
+         end if;
+
+         --  Establish TLS connection.
+         Result := WolfSSL.Accept_Connection (Ssl);
+         if Result /= Success then
+            Put_Line ("Accept error.");
+            WolfSSL.Free (Ssl);
+            SPARK_Sockets.Close_Socket (L);
+            SPARK_Sockets.Close_Socket (C);
+            WolfSSL.Free (Context => Ctx);
+            Set (Exit_Status_Failure);
+            return;
+         end if;
+
+         Put_Line ("Client connected successfully.");
+
+         Input := WolfSSL.Read (Ssl);
+         if not  Input.Success then
+            Put_Line ("Read error.");
+            WolfSSL.Free (Ssl);
+            SPARK_Sockets.Close_Socket (L);
+            SPARK_Sockets.Close_Socket (C);
+            WolfSSL.Free (Context => Ctx);
+            Set (Exit_Status_Failure);
+            return;
+         end if;
+
+         --  Print to stdout any data the client sends.
+         for I in Input.Buffer'Range loop
+            Ch := Character (Input.Buffer (I));
+            if Ada.Characters.Handling.Is_Graphic (Ch) then
+               Put (Ch);
+            else
+               null;
+               --  Ignore the "newline" characters at end of message.
+            end if;
+         end loop;
+         New_Line;
+
+         --  Check for server shutdown command.
+         if Input.Last >= 8  then
+            if Input.Buffer (1 .. 8) = "shutdown" then
+               Put_Line ("Shutdown command issued!");
+               Shall_Continue := False;
+            end if;
+         end if;
+
+         Output := WolfSSL.Write (Ssl, Reply);
+         if not Output.Success then
+            Put_Line ("ERROR: write failure.");
+         elsif Output.Bytes_Written /= Reply'Length then
+            Put_Line ("ERROR: failed to write full response.");
+         end if;
+
+         for I in 1 .. 3 loop
+            Result := WolfSSL.Shutdown (Ssl);
+            exit when Result = Success;
+            delay 0.001;  --  Delay is expressed in seconds.
+         end loop;
+         if Result /= Success then
+            Put_Line ("ERROR: Failed to shutdown WolfSSL context.");
+         end if;
+         WolfSSL.Free (Ssl);
+         SPARK_Sockets.Close_Socket (C);
+
+         Put_Line ("Shutdown complete.");
+      end loop;
+      SPARK_Sockets.Close_Socket (L);
+      WolfSSL.Free (Context => Ctx);
+      Result := WolfSSL.Finalize;
+      if Result /= Success then
+         Put_Line ("ERROR: Failed to finalize the WolfSSL library.");
+         return;
+      end if;
+   end Run;
+
+end Tls_Server;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads
new file mode 100644
index 00000000..142fad2c
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server.ads
@@ -0,0 +1,39 @@
+-- tls_server.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+--  SPARK wrapper package around GNAT Library packages.
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+--  The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+package Tls_Server with SPARK_Mode is
+
+   procedure Run (Ssl : in out WolfSSL.WolfSSL_Type;
+                  Ctx : in out WolfSSL.Context_Type;
+                  L   : in out SPARK_Sockets.Optional_Socket;
+                  C   : in out SPARK_Sockets.Optional_Socket) with
+      Pre  => (not C.Exists and not L.Exists and not
+                  WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx)),
+      Post => (not C.Exists and not L.Exists and not
+                  WolfSSL.Is_Valid (Ssl) and not WolfSSL.Is_Valid (Ctx));
+
+end Tls_Server;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb
new file mode 100644
index 00000000..80b3a88d
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/tls_server_main.adb
@@ -0,0 +1,39 @@
+-- tls_server_main.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Tls_Server; pragma Elaborate_All (Tls_Server);
+
+--  SPARK wrapper package around GNAT Library packages.
+with SPARK_Sockets; pragma Elaborate_All (SPARK_Sockets);
+
+--  The WolfSSL package.
+with WolfSSL; pragma Elaborate_All (WolfSSL);
+
+--  Application entry point for the Ada translation of the
+--  tls server v1.3 example in C.
+procedure Tls_Server_Main is
+   Ssl : WolfSSL.WolfSSL_Type;
+   Ctx : WolfSSL.Context_Type;
+   L   : SPARK_Sockets.Optional_Socket;
+   C   : SPARK_Sockets.Optional_Socket;
+begin
+   Tls_Server.Run (Ssl, Ctx, L, C);
+end Tls_Server_Main;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h b/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h
new file mode 100644
index 00000000..df4ada44
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/user_settings.h
@@ -0,0 +1,385 @@
+/* user_settings.h
+ *
+ * Copyright (C) 2006-2023 wolfSSL Inc.
+ *
+ * This file is part of wolfSSL.
+ *
+ * wolfSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * wolfSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+ */
+
+
+/* should be renamed to user_settings.h for customer use
+ * generated from configure options ./configure --enable-all
+ *
+ * Cleaned up by David Garske
+ */
+
+#ifndef WOLFSSL_USER_SETTINGS_H
+#define WOLFSSL_USER_SETTINGS_H
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Usually comes from configure -> config.h */
+#define HAVE_SYS_TIME_H
+
+/* Features */
+#define SINGLE_THREADED
+#define WOLFSSL_IGNORE_FILE_WARN /* Ignore *.c include warnings */
+#define WOLFSSL_PUBLIC_MP /* Make math API's public */
+#define WOLFSSL_ENCRYPTED_KEYS /* Support for encrypted keys PKCS8 */
+//#define WOLFSSL_SYS_CA_CERTS /* Enable ability to load CA certs from OS */
+
+#if 0 /* Not needed */
+    #define KEEP_PEER_CERT /* Retain peer's certificate */
+    #define KEEP_OUR_CERT /* Keep our certificate */
+    #define WOLFSSL_ALWAYS_VERIFY_CB /* Always call verify callback (configured via wolfSSL_CTX_set_verify API) */
+    #define WOLFSSL_VERIFY_CB_ALL_CERTS /* Call verify callback for all intermediate certs */
+    #define WOLFSSL_ALWAYS_KEEP_SNI
+    #define WOLFSSL_EXTRA_ALERTS /* Allow sending other TLS alerts */
+    #define HAVE_EX_DATA /* Enable "extra" EX data API's for user information in CTX/WOLFSSL */
+    #define HAVE_EXT_CACHE
+    #define ATOMIC_USER /* Enable Atomic Record Layer callbacks */
+    #define HAVE_PK_CALLBACKS /* Enable public key callbacks */
+    #define WOLFSSL_ALT_NAMES /* Allow alternate cert chain validation to any trusted cert (not entire chain presented by peer) */
+    #define HAVE_NULL_CIPHER /* Enable use of TLS cipher suites without cipher (clear text / no encryption) */
+    #define WOLFSSL_HAVE_CERT_SERVICE
+    #define WOLFSSL_JNI
+    #define WOLFSSL_SEP /* certificate policy set extension */
+    #define WOLFCRYPT_HAVE_SRP
+    #define WOLFSSL_HAVE_WOLFSCEP
+    #define HAVE_PKCS7
+    #define WOLFSSL_SIGNER_DER_CERT
+    #define WOLFSSL_TRUST_PEER_CERT
+    #define WOLFSSL_WOLFSSH
+    #define WC_NO_ASYNC_THREADING
+#endif
+
+/* TLS Features */
+#define WOLFSSL_TLS13
+#define WOLFSSL_EITHER_SIDE /* allow generic server/client method for WOLFSSL_CTX new */
+#define WOLFSSL_TLS13_NO_PEEK_HANDSHAKE_DONE
+
+/* DTLS */
+#if 0
+    #define WOLFSSL_DTLS
+    #define WOLFSSL_MULTICAST
+
+    /* DTLS v1.3 is not yet included with enable-all */
+    //#define WOLFSSL_DTLS13
+#endif
+
+/* DG Disabled SSLv3 and TLSv1.0 - should avoid using */
+//#define WOLFSSL_ALLOW_SSLV3
+//#define WOLFSSL_ALLOW_TLSV10
+
+/* TLS Extensions */
+#define HAVE_TLS_EXTENSIONS
+#define HAVE_SUPPORTED_CURVES
+#define HAVE_ONE_TIME_AUTH
+#define HAVE_SNI
+#define HAVE_ALPN
+#define HAVE_MAX_FRAGMENT
+#define HAVE_TRUNCATED_HMAC
+#define HAVE_SESSION_TICKET
+#define WOLFSSL_TICKET_HAVE_ID
+#define WOLFSSL_FORCE_CACHE_ON_TICKET
+#define HAVE_EXTENDED_MASTER
+#define HAVE_TRUSTED_CA
+#define HAVE_ENCRYPT_THEN_MAC
+#define WOLFSSL_POST_HANDSHAKE_AUTH
+#define WOLFSSL_SEND_HRR_COOKIE /* Used by DTLS v1.3 */
+#define HAVE_ANON /* anon cipher suites */
+#define HAVE_FALLBACK_SCSV /* TLS_FALLBACK_SCSV */
+#define WOLFSSL_EARLY_DATA
+#define HAVE_SERVER_RENEGOTIATION_INFO
+
+/* TLS Session Cache */
+#define SESSION_CERTS
+#define PERSIST_SESSION_CACHE
+#define PERSIST_CERT_CACHE
+
+/* Key and Certificate Generation */
+#define WOLFSSL_KEY_GEN
+#define WOLFSSL_CERT_GEN
+#define WOLFSSL_CERT_REQ
+#define WOLFSSL_CERT_EXT
+#define WOLFSSL_MULTI_ATTRIB
+#define HAVE_SMIME
+#define WOLFSSL_DER_LOAD
+#define ASN_BER_TO_DER /* BER to DER support */
+#define WOLFSSL_HAVE_ISSUER_NAMES /* Store pointers to issuer name components and their lengths and encodings */
+#define WOLFSSL_SUBJ_DIR_ATTR /* Enable support for SubjectDirectoryAttributes extension */
+#define WOLFSSL_SUBJ_INFO_ACC /* Enable support for SubjectInfoAccess extension */
+#define WOLFSSL_CERT_NAME_ALL /* Adds more certificate name capability at the cost of taking up more memory. Adds initials, givenname, dnQualifer for example */
+#define WOLFSSL_FPKI /* Enable support for FPKI (Federal PKI) extensions */
+#define WOLFSSL_AKID_NAME /* Enable support for full AuthorityKeyIdentifier extension. Only supports copying full AKID from an existing certificate */
+#define HAVE_CTS /* Ciphertext stealing interface */
+#define WOLFSSL_PEM_TO_DER
+#define WOLFSSL_DER_TO_PEM
+#define WOLFSSL_CUSTOM_OID
+#define HAVE_OID_ENCODING
+#define WOLFSSL_ASN_TEMPLATE
+
+/* Certificate Revocation */
+#define HAVE_OCSP
+#define HAVE_CERTIFICATE_STATUS_REQUEST
+#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
+#define HAVE_CRL
+#define HAVE_CRL_IO
+#define HAVE_IO_TIMEOUT
+//#define HAVE_CRL_MONITOR /* DG Disabled (Monitors CRL files on filesystem) - not portable feature */
+
+
+#if 1
+    /* sp_int.c */
+    #define WOLFSSL_SP_MATH_ALL
+#else
+    /* Fast math key size 4096-bit max */
+    #define USE_FAST_MATH
+#endif
+//#define HAVE___UINT128_T 1 /* DG commented: May not be portable */
+
+/* Max Sizes */
+#define RSA_MAX_SIZE 4096
+#define FP_MAX_BITS 8192
+#define SP_INT_BITS 4096
+
+
+/* Timing Resistance */
+#define TFM_TIMING_RESISTANT
+#define ECC_TIMING_RESISTANT
+#define WC_RSA_BLINDING
+
+/* DH Key Sizes */
+#define HAVE_FFDHE_2048
+#define HAVE_FFDHE_3072
+#define WOLFSSL_DH_EXTRA /* Enable additional DH key import/export */
+#define HAVE_DH_DEFAULT_PARAMS
+
+/* ECC Features */
+#define HAVE_ECC
+#define TFM_ECC256
+#define ECC_SHAMIR
+#define WOLFSSL_CUSTOM_CURVES /* enable other curves (not just prime) */
+#define HAVE_ECC_SECPR2
+#define HAVE_ECC_SECPR3
+#define HAVE_ECC_BRAINPOOL
+#define HAVE_ECC_KOBLITZ
+#define HAVE_ECC_CDH /* Co-factor */
+#define HAVE_COMP_KEY /* Compressed key support */
+#define FP_ECC /* Fixed point caching - speed repeated operations against same key */
+#define HAVE_ECC_ENCRYPT
+#define WOLFCRYPT_HAVE_ECCSI
+#define WOLFCRYPT_HAVE_SAKKE
+#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
+
+/* RSA */
+#define WC_RSA_PSS
+#define WOLFSSL_PSS_LONG_SALT
+#define WC_RSA_NO_PADDING
+
+/* AES */
+#define HAVE_AES_DECRYPT
+#define HAVE_AES_ECB
+#define WOLFSSL_AES_DIRECT
+#define WOLFSSL_AES_COUNTER
+#define HAVE_AESGCM
+#define GCM_TABLE_4BIT
+#define WOLFSSL_AESGCM_STREAM
+#define HAVE_AESCCM
+#define WOLFSSL_AES_OFB
+#define WOLFSSL_AES_CFB
+#define WOLFSSL_AES_XTS
+#define HAVE_AES_KEYWRAP
+#define WOLFSSL_AES_CBC_LENGTH_CHECKS
+#define WOLFSSL_USE_ALIGN
+#define WOLFSSL_AES_SIV
+
+/* Hashing */
+#define WOLFSSL_SHA224
+#define WOLFSSL_SHA512
+#define WOLFSSL_SHA384
+#define WOLFSSL_SHAKE256
+#define WOLFSSL_SHA3
+#define WOLFSSL_HASH_FLAGS /* enable hash flag API's */
+#define WOLFSSL_SHAKE256
+
+/* Additional Algorithms */
+#define HAVE_HASHDRBG
+#define HAVE_CURVE25519
+#define HAVE_ED25519
+#define WOLFSSL_ED25519_STREAMING_VERIFY
+#define CURVED25519_SMALL
+#define HAVE_ED448
+#define WOLFSSL_ED448_STREAMING_VERIFY
+#define HAVE_CURVE448
+#define HAVE_POLY1305
+#define HAVE_CHACHA
+#define HAVE_XCHACHA
+#define HAVE_HKDF
+#define HAVE_X963_KDF
+#define WOLFSSL_CMAC
+#define WOLFSSL_DES_ECB
+#define HAVE_BLAKE2
+#define HAVE_BLAKE2B
+#define HAVE_BLAKE2S
+#define WOLFSSL_SIPHASH
+#define HAVE_KEYING_MATERIAL
+#define WOLFSSL_HAVE_PRF
+
+/* Encrypted Client Hello */
+#define HAVE_HPKE
+#define HAVE_ECH
+
+/* Non-Standard Algorithms (DG disabled) */
+//#define HAVE_CAMELLIA
+//#define WOLFSSL_RIPEMD
+//#define HAVE_SCRYPT
+//#define WOLFSSL_MD2
+//#define WOLFSSL_ALLOW_RC4
+
+/* Encoding */
+#define WOLFSSL_BASE16
+#define WOLFSSL_BASE64_ENCODE
+
+
+/* Openssl compatibility */
+#if 0 /* DG Disabled */
+    /* Openssl compatibility API's */
+    #define OPENSSL_EXTRA
+    #define OPENSSL_ALL
+    #define HAVE_OPENSSL_CMD
+    #define SSL_TXT_TLSV1_2
+    #define SSL_TXT_TLSV1_1
+    #define OPENSSL_NO_SSL2
+    #define OPENSSL_NO_SSL3
+    #define NO_OLD_RNGNAME
+    #define NO_OLD_WC_NAMES
+    #define NO_OLD_SSL_NAMES
+    #define NO_OLD_SHA_NAMES
+    #define NO_OLD_MD5_NAME
+    #define OPENSSL_NO_EC /* macro to enable ECC in openssl */
+    #define WOLFSSL_VERBOSE_ERRORS
+    #define ERROR_QUEUE_PER_THREAD
+    #define WOLFSSL_ERROR_CODE_OPENSSL
+    #define HAVE_WOLFSSL_SSL_H 1
+    #define OPENSSL_COMPATIBLE_DEFAULTS
+
+    /* Openssl compatibility application specific */
+    #define WOLFSSL_LIBWEBSOCKETS
+    #define WOLFSSL_OPENSSH
+    #define WOLFSSL_QT
+    #define FORTRESS
+    #define HAVE_WEBSERVER
+    #define HAVE_LIGHTY
+    #define WOLFSSL_NGINX
+    #define WOLFSSL_HAPROXY
+    #define HAVE_STUNNEL
+    #define WOLFSSL_ASIO
+    #define ASIO_USE_WOLFSSL
+    #define BOOST_ASIO_USE_WOLFSSL
+    #define WOLFSSL_OPENVPN
+
+    #define NO_WOLFSSL_STUB
+#endif
+
+/* TLS static cipher support - off by default */
+#if 0
+    #define WOLFSSL_STATIC_RSA
+    #define WOLFSSL_STATIC_DH
+    #define WOLFSSL_STATIC_PSK
+#endif
+
+/* TLS sniffer support - off by default */
+#if 0
+    #define WOLFSSL_STATIC_EPHEMERAL
+    #define WOLFSSL_SNIFFER
+#endif
+
+/* Deprecated */
+#define NO_DSA
+#define NO_MD4
+#define NO_MD5
+#define NO_OLD_TLS
+
+/* Used to manually test disable edge cases */
+#ifdef TEST_DISABLES
+    #define NO_SESSION_CACHE
+
+    //#define NO_ECC256
+    //#define NO_ECC_KEY_EXPORT
+    //#define NO_ECC_DHE
+    //#define NO_ECC_SIGN
+    //#define NO_ECC_VERIFY
+
+    //#define NO_RSA
+    #define NO_DH
+
+    #define NO_SHA
+    #define NO_SHA256
+    #ifdef NO_SHA256
+        #undef WOLFSSL_SHA224
+    #endif
+    #define NO_SHA512
+    #ifdef NO_SHA512
+        #undef WOLFSSL_SHA384
+        #undef WOLFSSL_SHA512
+        #undef HAVE_ED25519
+    #endif
+
+    //#define NO_KDF
+    //#define NO_HMAC
+
+    #define NO_RC4
+    #define NO_DES3
+    //#define NO_AES
+    #define NO_AES_CBC
+    #define WOLFSSL_NO_SHAKE128
+
+    #define NO_PSK
+    #define NO_PWDBASED
+
+    //#define WOLFSSL_NO_TLS12
+
+    //#define NO_64BIT
+    #define WOLFSSL_SP_NO_MALLOC
+    #define NO_FILESYSTEM
+    #define NO_WRITEV
+
+    #define NO_ERROR_STRINGS
+    //#define NO_WOLFSSL_CLIENT
+    //#define NO_WOLFSSL_SERVER
+
+    #define NO_MULTIBYTE_PRINT
+    //#define NO_ASN_TIME
+    //#define NO_ASN_CRYPT
+    //#define NO_CODING
+    #define NO_SIG_WRAPPER
+    //#define NO_HASH_WRAPPER
+    //#define WC_NO_HARDEN
+
+    //#define NO_CERTS
+    //#define NO_ASN
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#endif /* WOLFSSL_USER_SETTINGS_H */
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb
new file mode 100644
index 00000000..f1eac8f8
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.adb
@@ -0,0 +1,688 @@
+-- wolfssl.adb
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C.Strings;
+
+package body WolfSSL is
+
+   subtype size_t is Interfaces.C.size_t; use type size_t;
+
+   subtype long is Interfaces.C.long;
+   subtype unsigned_long is Interfaces.C.unsigned_long;
+
+   WOLFSSL_SUCCESS : constant int := Get_WolfSSL_Success;
+
+   function Initialize_WolfSSL return int with
+     Convention    => C,
+     External_Name => "wolfSSL_Init",
+     Import        => True;
+
+   function Finalize_WolfSSL return int with
+     Convention    => C,
+     External_Name => "wolfSSL_Cleanup",
+     Import        => True;
+
+   function Initialize return Subprogram_Result is
+      Result : constant int := Initialize_WolfSSL;
+   begin
+      return Subprogram_Result (Result);
+   end Initialize;
+
+   function Finalize return Subprogram_Result is
+      Result : constant int := Finalize_WolfSSL;
+   begin
+      return Subprogram_Result (Result);
+   end Finalize;
+
+   function Is_Valid (Context : Context_Type) return Boolean is
+   begin
+      return Context /= null;
+   end Is_Valid;
+
+   function WolfTLSv1_2_Server_Method return Method_Type with
+     Convention    => C,
+     External_Name => "wolfTLSv1_2_server_method",
+     Import        => True;
+
+   function TLSv1_2_Server_Method return Method_Type is
+   begin
+      return WolfTLSv1_2_Server_Method;
+   end TLSv1_2_Server_Method;
+
+   function WolfTLSv1_2_Client_Method return Method_Type with
+     Convention    => C,
+     External_Name => "wolfTLSv1_2_client_method",
+     Import        => True;
+
+   function TLSv1_2_Client_Method return Method_Type is
+   begin
+      return WolfTLSv1_2_Client_Method;
+   end TLSv1_2_Client_Method;
+
+   function WolfTLSv1_3_Server_Method return Method_Type with
+     Convention    => C,
+     External_Name => "wolfTLSv1_3_server_method",
+     Import        => True;
+
+   function TLSv1_3_Server_Method return Method_Type is
+   begin
+      return WolfTLSv1_3_Server_Method;
+   end TLSv1_3_Server_Method;
+
+   function WolfTLSv1_3_Client_Method return Method_Type with
+     Convention    => C,
+     External_Name => "wolfTLSv1_3_client_method",
+     Import        => True;
+
+   function TLSv1_3_Client_Method return Method_Type is
+   begin
+      return WolfTLSv1_3_Client_Method;
+   end TLSv1_3_Client_Method;
+
+   function WolfSSL_CTX_new (Method : Method_Type)
+                             return Context_Type with
+     Convention => C, External_Name => "wolfSSL_CTX_new", Import => True;
+
+   procedure Create_Context (Method  : Method_Type;
+                             Context : out Context_Type) is
+   begin
+      Context := WolfSSL_CTX_new (Method);
+   end Create_Context;
+
+   procedure WolfSSL_CTX_free (Context : Context_Type) with
+     Convention => C, External_Name => "wolfSSL_CTX_free", Import => True;
+
+   procedure Free (Context : in out Context_Type) is
+   begin
+      WolfSSL_CTX_free (Context);
+      Context := null;
+   end Free;
+
+   type Opaque_X509_Store_Context is limited null record;
+   type X509_Store_Context is access Opaque_X509_Store_Context with
+     Convention => C;
+
+   type Verify_Callback is access function
+     (A : int;
+      Context : X509_Store_Context)
+      return int
+     with Convention => C;
+
+   procedure WolfSSL_CTX_Set_Verify (Context  : Context_Type;
+                                     Mode     : int;
+                                     Callback : Verify_Callback) with
+     Convention    => C,
+     External_Name => "wolfSSL_CTX_set_verify",
+     Import        => True;
+   --  This function sets the verification method for remote peers and
+   --  also allows a verify callback to be registered with the SSL
+   --  context. The verify callback will be called only when a
+   --  verification failure has occurred. If no verify callback is
+   --  desired, the NULL pointer can be used for verify_callback.
+   --  The verification mode of peer certificates is a logically OR'd
+   --  list of flags. The possible flag values include:
+   --  SSL_VERIFY_NONE Client mode: the client will not verify the
+   --  certificate received from the server and the handshake will
+   --  continue as normal. Server mode: the server will not send a
+   --  certificate request to the client. As such, client verification
+   --  will not be enabled. SSL_VERIFY_PEER Client mode: the client will
+   --  verify the certificate received from the server during the
+   --  handshake. This is turned on by default in wolfSSL, therefore,
+   --  using this option has no effect. Server mode: the server will send
+   --  a certificate request to the client and verify the client
+   --  certificate received. SSL_VERIFY_FAIL_IF_NO_PEER_CERT Client mode:
+   --  no effect when used on the client side. Server mode:
+   --  the verification will fail on the server side if the client fails
+   --  to send a certificate when requested to do so (when using
+   --  SSL_VERIFY_PEER on the SSL server).
+   --  SSL_VERIFY_FAIL_EXCEPT_PSK Client mode: no effect when used on
+   --  the client side. Server mode: the verification is the same as
+   --  SSL_VERIFY_FAIL_IF_NO_PEER_CERT except in the case of a
+   --  PSK connection. If a PSK connection is being made then the
+   --  connection will go through without a peer cert.
+
+   function "&" (Left, Right : Mode_Type) return Mode_Type is
+      L : constant Unsigned_32 := Unsigned_32 (Left);
+      R : constant Unsigned_32 := Unsigned_32 (Right);
+   begin
+      return Mode_Type (L and R);
+   end "&";
+
+   procedure Set_Verify (Context : Context_Type;
+                         Mode    : Mode_Type) is
+   begin
+      WolfSSL_CTX_Set_Verify (Context  => Context,
+                              Mode     => int (Mode),
+                              Callback => null);
+   end Set_Verify;
+
+   function Use_Certificate_File (Context : Context_Type;
+                                  File    : char_array;
+                                  Format  : int)
+                                  return int with
+     Convention    => C,
+     External_Name => "wolfSSL_CTX_use_certificate_file",
+     Import        => True;
+
+   function Use_Certificate_File (Context : Context_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result is
+      Ctx : constant Context_Type := Context;
+      C : size_t;
+      F : char_array (1 .. File'Length + 1);
+      Result : int;
+   begin
+      Interfaces.C.To_C (Item       => File,
+                         Target     => F,
+                         Count      => C,
+                         Append_Nul => True);
+      Result := Use_Certificate_File (Ctx, F (1 .. C), int (Format));
+      return Subprogram_Result (Result);
+   end Use_Certificate_File;
+
+   function Use_Certificate_Buffer (Context : Context_Type;
+                                    Input   : char_array;
+                                    Size    : long;
+                                    Format  : int)
+                                    return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_use_certificate_buffer",
+      Import        => True;
+
+   function Use_Certificate_Buffer (Context : Context_Type;
+                                    Input   : char_array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result is
+      Result : int;
+   begin
+      Result := Use_Certificate_Buffer (Context, Input,
+                                        Input'Length, int (Format));
+      return Subprogram_Result (Result);
+   end Use_Certificate_Buffer;
+
+   function Use_Private_Key_File (Context : Context_Type;
+                                  File    : char_array;
+                                  Format  : int)
+                                  return int with
+     Convention    => C,
+     External_Name => "wolfSSL_CTX_use_PrivateKey_file",
+     Import        => True;
+
+   function Use_Private_Key_File (Context : Context_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result is
+      Ctx : constant Context_Type := Context;
+      C : size_t;
+      F : char_array (1 .. File'Length + 1);
+      Result : int;
+   begin
+      Interfaces.C.To_C (Item       => File,
+                         Target     => F,
+                         Count      => C,
+                         Append_Nul => True);
+      Result := Use_Private_Key_File (Ctx, F (1 .. C), int (Format));
+      return Subprogram_Result (Result);
+   end Use_Private_Key_File;
+
+   function Use_Private_Key_Buffer (Context : Context_Type;
+                                    Input   : char_array;
+                                    Size    : long;
+                                    Format  : int)
+                                    return int with
+     Convention    => C,
+     External_Name => "wolfSSL_CTX_use_PrivateKey_buffer",
+     Import        => True;
+
+   function Use_Private_Key_Buffer (Context : Context_Type;
+                                    Input   : Byte_Array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result is
+      Result : int;
+   begin
+      Result := Use_Private_Key_Buffer (Context, Input,
+                                        Input'Length, int (Format));
+      return Subprogram_Result (Result);
+   end Use_Private_Key_Buffer;
+
+   function Load_Verify_Locations1
+      (Context : Context_Type;
+       File    : char_array;
+       Path    : char_array) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_load_verify_locations",
+      Import        => True;
+   --  This function loads PEM-formatted CA certificate files into
+   --  the SSL context (WOLFSSL_CTX). These certificates will be treated
+   --  as trusted root certificates and used to verify certs received
+   --  from peers during the SSL handshake. The root certificate file,
+   --  provided by the file argument, may be a single certificate or a
+   --  file containing multiple certificates. If multiple CA certs are
+   --  included in the same file, wolfSSL will load them in the same order
+   --  they are presented in the file. The path argument is a pointer to
+   --  the name of a directory that contains certificates of trusted
+   --  root CAs. If the value of file is not NULL, path may be specified
+   --  as NULL if not needed. If path is specified and NO_WOLFSSL_DIR was
+   --  not defined when building the library, wolfSSL will load all
+   --  CA certificates located in the given directory. This function will
+   --  attempt to load all files in the directory. This function expects
+   --  PEM formatted CERT_TYPE file with header "--BEGIN CERTIFICATE--".
+
+   subtype char_array_ptr is Interfaces.C.Strings.char_array_access;
+
+   function Load_Verify_Locations2
+      (Context : Context_Type;
+       File    : char_array;
+       Path    : char_array_ptr) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_load_verify_locations",
+      Import        => True;
+
+   function Load_Verify_Locations3
+      (Context : Context_Type;
+       File    : char_array_ptr;
+       Path    : char_array) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_load_verify_locations",
+      Import        => True;
+
+   function Load_Verify_Locations4
+      (Context : Context_Type;
+       File    : char_array_ptr;
+       Path    : char_array_ptr) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_load_verify_locations",
+      Import        => True;
+
+   function Load_Verify_Locations (Context : Context_Type;
+                                   File    : String;
+                                   Path    : String)
+                                   return Subprogram_Result is
+      Ctx : constant Context_Type := Context;
+      FC : size_t;  -- File Count, specifies the characters used in F.
+      F : aliased char_array := (1 .. File'Length + 1 => '#');
+
+      PC : size_t;  -- Path Count, specifies the characters used in P.
+      P : aliased char_array := (1 .. Path'Length + 1 => '#');
+
+      Result : int;
+   begin
+      if File = "" then
+         if Path = "" then
+            Result := Load_Verify_Locations4 (Ctx, null, null);
+         else
+            Interfaces.C.To_C (Item       => Path,
+                               Target     => P,
+                               Count      => PC,
+                               Append_Nul => True);
+            Result := Load_Verify_Locations3 (Ctx, null, P);
+         end if;
+      else
+         Interfaces.C.To_C (Item       => File,
+                            Target     => F,
+                            Count      => FC,
+                            Append_Nul => True);
+         if Path = "" then
+            Result := Load_Verify_Locations2 (Ctx, F, null);
+         else
+            Interfaces.C.To_C (Item       => Path,
+                               Target     => P,
+                               Count      => PC,
+                               Append_Nul => True);
+            Interfaces.C.To_C (Item       => Path,
+                               Target     => P,
+                               Count      => PC,
+                               Append_Nul => True);
+            Result := Load_Verify_Locations1 (Context => Ctx,
+                                              File    => F,
+                                              Path    => P);
+         end if;
+      end if;
+      return Subprogram_Result (Result);
+   end Load_Verify_Locations;
+
+   function Load_Verify_Buffer
+      (Context : Context_Type;
+       Input   : char_array;
+       Size    : int;
+       Format  : int) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_CTX_load_verify_buffer",
+      Import        => True;
+
+   function Load_Verify_Buffer (Context : Context_Type;
+                                Input   : Byte_Array;
+                                Format  : File_Format)
+                                return Subprogram_Result is
+      Result : int;
+   begin
+      Result := Load_Verify_Buffer (Context => Context,
+                                     Input   => Input,
+                                     Size    => Input'Length,
+                                     Format  => int(Format));
+      return Subprogram_Result (Result);
+   end Load_Verify_Buffer;
+
+   function Is_Valid (Ssl : WolfSSL_Type) return Boolean is
+   begin
+      return Ssl /= null;
+   end Is_Valid;
+
+   function WolfSSL_New (Context : Context_Type)
+                         return WolfSSL_Type with
+     Convention    => C,
+     External_Name => "wolfSSL_new",
+     Import        => True;
+
+   procedure Create_WolfSSL (Context : Context_Type;
+                             Ssl     : out WolfSSL_Type) is
+   begin
+      Ssl := WolfSSL_New (Context);
+   end Create_WolfSSL;
+
+   function Use_Certificate_File (Ssl     : WolfSSL_Type;
+                                  File    : char_array;
+                                  Format  : int)
+                                  return int with
+     Convention    => C,
+     External_Name => "wolfSSL_use_certificate_file",
+     Import        => True;
+
+   function Use_Certificate_File (Ssl     : WolfSSL_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result is
+      C : size_t;
+      F : char_array (1 .. File'Length + 1);
+      Result : int;
+   begin
+      Interfaces.C.To_C (Item       => File,
+                         Target     => F,
+                         Count      => C,
+                         Append_Nul => True);
+      Result := Use_Certificate_File (Ssl, F (1 .. C), int (Format));
+      return Subprogram_Result (Result);
+   end Use_Certificate_File;
+
+   function Use_Certificate_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : char_array;
+                                    Size    : long;
+                                    Format  : int)
+                                    return int with
+      Convention    => C,
+      External_Name => "wolfSSL_use_certificate_buffer",
+      Import        => True;
+
+   function Use_Certificate_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : char_array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result is
+      Result : int;
+   begin
+      Result := Use_Certificate_Buffer (Ssl, Input,
+                                        Input'Length, int (Format));
+      return Subprogram_Result (Result);
+   end Use_Certificate_Buffer;
+
+   function Use_Private_Key_File (Ssl     : WolfSSL_Type;
+                                  File    : char_array;
+                                  Format  : int)
+                                   return int with
+      Convention    => C,
+      External_Name => "wolfSSL_use_PrivateKey_file",
+      Import        => True;
+
+   function Use_Private_Key_File (Ssl     : WolfSSL_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result is
+      C : size_t;
+      F : char_array (1 .. File'Length + 1);
+      Result : int;
+   begin
+      Interfaces.C.To_C (Item       => File,
+                         Target     => F,
+                         Count      => C,
+                         Append_Nul => True);
+      Result := Use_Private_Key_File (Ssl, F (1 .. C), int (Format));
+      return Subprogram_Result (Result);
+   end Use_Private_Key_File;
+
+   function Use_Private_Key_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : char_array;
+                                    Size    : long;
+                                    Format  : int)
+                                    return int with
+     Convention    => C,
+     External_Name => "wolfSSL_use_PrivateKey_buffer",
+     Import        => True;
+
+   function Use_Private_Key_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : Byte_Array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result is
+      Result : int;
+   begin
+      Result := Use_Private_Key_Buffer (Ssl, Input,
+                                        Input'Length, int (Format));
+      return Subprogram_Result (Result);
+   end Use_Private_Key_Buffer;
+
+   function WolfSSL_Set_Fd (Ssl : WolfSSL_Type; Fd : int) return int with
+     Convention    => C,
+     External_Name => "wolfSSL_set_fd",
+     Import        => True;
+
+   function Attach (Ssl    : WolfSSL_Type;
+                    Socket : Integer)
+                    return Subprogram_Result is
+      Result : int := WolfSSL_Set_Fd (Ssl, int (Socket));
+   begin
+      return Subprogram_Result (Result);
+   end Attach;
+
+   procedure WolfSSL_Keep_Arrays (Ssl : WolfSSL_Type) with
+      Convention    => C,
+      External_Name => "wolfSSL_KeepArrays",
+      Import        => True;
+
+   procedure Keep_Arrays (Ssl : WolfSSL_Type) is
+   begin
+      WolfSSL_Keep_Arrays (Ssl);
+   end Keep_Arrays;
+
+   function WolfSSL_Accept (Ssl : WolfSSL_Type) return int with
+     Convention    => C,
+     External_Name => "wolfSSL_accept",
+     Import        => True;
+
+   function Accept_Connection (Ssl : WolfSSL_Type)
+                               return Subprogram_Result is
+      Result : int := WolfSSL_Accept (Ssl);
+   begin
+      return Subprogram_Result (Result);
+   end Accept_Connection;
+
+   procedure WolfSSL_Free_Arrays (Ssl : WolfSSL_Type) with
+     Convention    => C,
+     External_Name => "wolfSSL_FreeArrays",
+     Import        => True;
+
+   procedure Free_Arrays (Ssl : WolfSSL_Type) is
+   begin
+      WolfSSL_Free_Arrays (Ssl);
+   end Free_Arrays;
+
+   function WolfSSL_Read (Ssl  : WolfSSL_Type;
+                          Data : out char_array;
+                          Sz   : int) return int with
+     Convention    => C,
+     External_Name => "wolfSSL_read",
+     Import        => True;
+   --  This function reads sz bytes from the SSL session (ssl) internal
+   --  read buffer into the buffer data. The bytes read are removed from
+   --  the internal receive buffer. If necessary wolfSSL_read() will
+   --  negotiate an SSL/TLS session if the handshake has not already
+   --  been performed yet by wolfSSL_connect() or wolfSSL_accept().
+   --  The SSL/TLS protocol uses SSL records which have a maximum size
+   --  of 16kB (the max record size can be controlled by the
+   --  MAX_RECORD_SIZE define in /wolfssl/internal.h). As such, wolfSSL
+   --  needs to read an entire SSL record internally before it is able
+   --  to process and decrypt the record. Because of this, a call to
+   --  wolfSSL_read() will only be able to return the maximum buffer
+   --  size which has been decrypted at the time of calling. There may
+   --  be additional not-yet-decrypted data waiting in the internal
+   --  wolfSSL receive buffer which will be retrieved and decrypted with
+   --  the next call to wolfSSL_read(). If sz is larger than the number
+   --  of bytes in the internal read buffer, SSL_read() will return
+   --  the bytes available in the internal read buffer. If no bytes are
+   --  buffered in the internal read buffer yet, a call to wolfSSL_read()
+   --  will trigger processing of the next record.
+   --
+   --  The integer returned is the number of bytes read upon success.
+   --  0 will be returned upon failure. This may be caused by a either
+   --  a clean (close notify alert) shutdown or just that the peer closed
+   --  the connection. Call wolfSSL_get_error() for the specific
+   --  error code. SSL_FATAL_ERROR will be returned upon failure when
+   --  either an error occurred or, when using non-blocking sockets,
+   --  the SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE error was received
+   --  and and the application needs to call wolfSSL_read() again.
+   --  Use wolfSSL_get_error() to get a specific error code.
+
+   function Read (Ssl : WolfSSL_Type) return Read_Result is
+      Data   : char_array (1 .. Byte_Index'Last);
+      Size   : int;
+   begin
+      Size := WolfSSL_Read (Ssl, Data, int (Byte_Index'Last));
+      if Size <= 0 then
+         return (Success => False,
+                 Last    => 0,
+                 Code    => Subprogram_Result (Size));
+      else
+         return (Success => True,
+                 Last    => Byte_Index (Size),
+                 Buffer  => Data (1 .. Byte_Index (Size)));
+      end if;
+   end Read;
+
+   function WolfSSL_Write (Ssl  : WolfSSL_Type;
+                           Data : char_array;
+                           Sz   : int) return int with
+     Convention    => C,
+     External_Name => "wolfSSL_write",
+     Import        => True;
+
+   function Write (Ssl  : WolfSSL_Type;
+                   Data : Byte_Array) return Write_Result is
+      Size   : constant int := Data'Length;
+      Result : int;
+   begin
+      Result := WolfSSL_Write (Ssl, Data, Size);
+      if Result > 0 then
+         return (Success       => True,
+                 Bytes_Written => Byte_Index (Result));
+      else
+         return (Success => False, Code => Subprogram_Result (Result));
+      end if;
+   end Write;
+
+   function WolfSSL_Shutdown (Ssl : WolfSSL_Type) return int with
+     Convention    => C,
+     External_Name => "wolfSSL_shutdown",
+     Import        => True;
+
+   function Shutdown (Ssl : WolfSSL_Type) return Subprogram_Result is
+      Result : constant int := WolfSSL_Shutdown (Ssl);
+   begin
+      return Subprogram_Result (Result);
+   end Shutdown;
+
+   function WolfSSL_Connect (Ssl : WolfSSL_Type) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_connect",
+      Import        => True;
+
+   function Connect (Ssl : WolfSSL_Type) return Subprogram_Result is
+      Result : constant int := WolfSSL_Connect (Ssl);
+   begin
+      return Subprogram_Result (Result);
+   end Connect;
+
+   procedure WolfSSL_Free (Ssl : WolfSSL_Type) with
+      Convention    => C,
+      External_Name => "wolfSSL_free",
+      Import        => True;
+
+   procedure Free (Ssl : in out WolfSSL_Type) is
+   begin
+      if Ssl /= null then
+         WolfSSL_Free (Ssl);
+      end if;
+      Ssl := null;
+   end Free;
+
+   function WolfSSL_Get_Error (Ssl : WolfSSL_Type;
+                               Ret : int) return int with
+      Convention    => C,
+      External_Name => "wolfSSL_get_error",
+      Import        => True;
+
+   function Get_Error (Ssl    : WolfSSL_Type;
+                       Result : Subprogram_Result) return Error_Code is
+   begin
+      return Error_Code (WolfSSL_Get_Error (Ssl, int (Result)));
+   end Get_Error;
+
+   procedure WolfSSL_Error_String (Error : unsigned_long;
+                                   Data  : out Byte_Array;
+                                   Size  : unsigned_long) with
+      Convention    => C,
+      External_Name => "wolfSSL_ERR_error_string_n",
+      Import        => True;
+
+   function Error (Code : Error_Code) return Error_Message is
+      S : String (1 .. Error_Message_Index'Last);
+      B : Byte_Array (1 .. size_t (Error_Message_Index'Last));
+      C : Natural;
+   begin
+      WolfSSL_Error_String (Error => unsigned_long (Code),
+                            Data  => B,
+                            Size  => unsigned_long (B'Last));
+      Interfaces.C.To_Ada (Item     => B,
+                           Target   => S,
+                           Count    => C,
+                           Trim_Nul => True);
+      return (Last => C,
+              Text => S (1 .. C));
+   end Error;
+
+   function Get_WolfSSL_Max_Error_Size return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_max_error_size",
+     Import        => True;
+
+   function Max_Error_Size return Natural is
+   begin
+      return Natural (Get_WolfSSL_Max_Error_Size);
+   end Max_Error_Size;
+
+end WolfSSL;
diff --git a/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads
new file mode 100644
index 00000000..a3f536e5
--- /dev/null
+++ b/extra/wolfssl/wolfssl/wrapper/Ada/wolfssl.ads
@@ -0,0 +1,606 @@
+-- wolfssl.ads
+--
+-- Copyright (C) 2006-2023 wolfSSL Inc.
+--
+-- This file is part of wolfSSL.
+--
+-- wolfSSL is free software; you can redistribute it and/or modify
+-- it under the terms of the GNU General Public License as published by
+-- the Free Software Foundation; either version 2 of the License, or
+-- (at your option) any later version.
+--
+-- wolfSSL is distributed in the hope that it will be useful,
+-- but WITHOUT ANY WARRANTY; without even the implied warranty of
+-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+-- GNU General Public License for more details.
+--
+-- You should have received a copy of the GNU General Public License
+-- along with this program; if not, write to the Free Software
+-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
+--
+
+with Interfaces.C;
+
+--  This package is annotated "with SPARK_Mode" that SPARK can verify
+--  the API of this package is used correctly.
+package WolfSSL with SPARK_Mode is
+
+   type Subprogram_Result is new Integer;
+   Success : constant Subprogram_Result;
+   Failure : constant Subprogram_Result;
+
+   function Initialize return Subprogram_Result;
+   --  Initializes the wolfSSL library for use. Must be called once per
+   --  application and before any other call to the library.
+
+   function Finalize return Subprogram_Result;
+   --  Un-initializes the wolfSSL library from further use.
+   --  Doesn't have to be called, though it will free any resources
+   --  used by the library.
+
+   subtype char_array is Interfaces.C.char_array;  --  Remove?
+
+   subtype Byte_Type  is Interfaces.C.char;
+   subtype Byte_Index is Interfaces.C.size_t range 0 .. 16_000;
+   subtype Byte_Array is Interfaces.C.char_array;
+
+   type Context_Type is limited private;
+   --  Instances of this type are called SSL Contexts.
+
+   function Is_Valid (Context : Context_Type) return Boolean;
+   --  Indicates if the SSL Context has successfully been initialized.
+   --  If initialized, the SSL Context has allocated resources
+   --  that needs to be deallocated before application exit.
+
+   type Method_Type is limited private;
+
+   function TLSv1_2_Server_Method return Method_Type;
+   --  This function is used to indicate that the application is a server
+   --  and will only support the TLS 1.2 protocol.
+
+   function TLSv1_2_Client_Method return Method_Type;
+   --  This function is used to indicate that the application is a client
+   --  and will only support the TLS 1.2 protocol.
+
+   function TLSv1_3_Server_Method return Method_Type;
+   --  This function is used to indicate that the application is a server
+   --  and will only support the TLS 1.3 protocol.
+
+   function TLSv1_3_Client_Method return Method_Type;
+   --  This function is used to indicate that the application is a client
+   --  and will only support the TLS 1.3 protocol.
+
+   procedure Create_Context (Method  : Method_Type;
+                             Context : out Context_Type);
+   --  This function creates a new SSL context, taking a desired SSL/TLS
+   --  protocol method for input.
+   --  If successful Is_Valid (Context) = True, otherwise False.
+
+   procedure Free (Context : in out Context_Type) with
+      Pre  => Is_Valid (Context),
+      Post => not Is_Valid (Context);
+   --  This function frees an allocated SSL Context object.
+
+   type Mode_Type is private;
+
+   function "&" (Left, Right : Mode_Type) return Mode_Type;
+
+   Verify_None : constant Mode_Type;
+   --  Client mode: the client will not verify the certificate received
+   --  from the server and the handshake will continue as normal.
+   --
+   --  Server mode: the server will not send a certificate request to
+   --  the client. As such, client verification will not be enabled.
+
+   Verify_Peer : constant Mode_Type;
+   --  Client mode: the client will verify the certificate received from
+   --  the server during the handshake. This is turned on by default
+   --  in wolfSSL, therefore, using this option has no effect.
+   --
+   --  Server mode: the server will send a certificate request to
+   --  the client and verify the client certificate received.
+
+   Verify_Fail_If_No_Peer_Cert : constant Mode_Type;
+   --  Client mode: no effect when used on the client side.
+   --
+   --  Server mode: the verification will fail on the server side if
+   --  the client fails to send a certificate when requested to do so
+   --  (when using Verify_Peer on the SSL server).
+
+   Verify_Client_Once : constant Mode_Type;
+
+   Verify_Post_Handshake : constant Mode_Type;
+
+   Verify_Fail_Except_Psk : constant Mode_Type;
+   --  Client mode: no effect when used on the client side.
+   --
+   --  Server mode: the verification is the same as
+   --  Verify_Fail_If_No_Peer_Cert except in the case of a PSK connection.
+   --  If a PSK connection is being made then the connection
+   --  will go through without a peer cert.
+
+   Verify_Default : constant Mode_Type;
+
+   procedure Set_Verify (Context : Context_Type;
+                         Mode    : Mode_Type) with
+      Pre => Is_Valid (Context);
+   --  This function sets the verification method for remote peers
+
+   type File_Format is private;
+
+   Format_Asn1    : constant File_Format;
+   Format_Pem     : constant File_Format;
+   Format_Default : constant File_Format;
+
+   function Use_Certificate_File (Context : Context_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads a certificate file into the SSL context.
+   --  The file is provided by the file argument. The format argument
+   --  specifies the format type of the file, either ASN1 or
+   --  PEM file types. Please see the examples for proper usage.
+
+   function Use_Certificate_Buffer (Context : Context_Type;
+                                    Input   : char_array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads a certificate buffer into the SSL Context.
+   --  It behaves like the non-buffered version (Use_Certificate_File),
+   --  only differing in its ability to be called with a buffer as input
+   --  instead of a file. The buffer is provided by the Input argument.
+   --  Format specifies the format type of the buffer; ASN1 or PEM.
+   --  Please see the examples for proper usage.
+
+   function Use_Private_Key_File (Context : Context_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads a private key file into the SSL context.
+   --  The file is provided by the File argument. The Format argument
+   --  specifies the format type of the file - ASN1 or PEM.
+   --  Please see the examples for proper usage.
+
+   function Use_Private_Key_Buffer (Context : Context_Type;
+                                    Input   : Byte_Array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads a private key buffer into the SSL Context.
+   --  It behaves like the non-buffered version (Use_Private_Key_File),
+   --  only differing in its ability to be called with a buffer as input
+   --  instead of a file. The buffer is provided by the Input argument.
+   --  Format specifies the format type of the buffer; ASN1 or PEM.
+   --  Please see the examples for proper usage.
+
+   function Load_Verify_Locations (Context : Context_Type;
+                                   File    : String;
+                                   Path    : String)
+                                   return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads PEM-formatted CA certificate files into
+   --  the SSL context. These certificates will be treated as trusted
+   --  root certificates and used to verify certs received from peers
+   --  during the SSL handshake. The root certificate file,
+   --  provided by the File argument, may be a single certificate or
+   --  a file containing multiple certificates. If multiple CA certs
+   --  are included in the same file, wolfSSL will load them in the same
+   --  order they are presented in the file. The path argument is
+   --  a pointer to the name of a directory that contains certificates
+   --  of trusted root CAs. If the value of File is not empty "",
+   --  path may be specified as "" if not needed. If path is specified
+   --  and NO_WOLFSSL_DIR was not defined when building the library,
+   --  wolfSSL will load all CA certificates located in the given
+   --  directory. This function will attempt to load all files in
+   --  the directory. This function expects PEM formatted CERT_TYPE file
+   --  with header "--BEGIN CERTIFICATE--".
+
+   function Load_Verify_Buffer (Context : Context_Type;
+                                Input   : Byte_Array;
+                                Format  : File_Format)
+                                return Subprogram_Result with
+      Pre => Is_Valid (Context);
+   --  This function loads a CA certificate buffer into the SSL
+   --  Context. It behaves like the non-buffered version, only differing
+   --  in its ability to be called with a buffer as input instead of
+   --  a file. The buffer is provided by the Input argument.
+   --  Format specifies the format type of the buffer; ASN1 or PEM.
+   --  More than one CA certificate may be loaded
+   --  per buffer as long as the format is in PEM.
+   --  Please see the examples for proper usage.
+
+   type WolfSSL_Type is limited private;
+   --  Instances of this type are called SSL Sessions.
+
+   function Is_Valid (Ssl : WolfSSL_Type) return Boolean;
+   --  Indicates if the SSL Session has successfully been initialized.
+   --  If initialized, the SSL Session has allocated resources
+   --  that needs to be deallocated before application exit.
+
+   procedure Create_WolfSSL (Context : Context_Type;
+                             Ssl     : out WolfSSL_Type) with
+      Pre => Is_Valid (Context);
+   --  This function creates a new SSL session, taking an already created
+   --  SSL context as input.
+   --  If successful Is_Valid (Ssl) = True, otherwise False.
+
+   function Use_Certificate_File (Ssl     : WolfSSL_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function loads a certificate file into the SSL session.
+   --  The certificate file is provided by the file argument.
+   --  The format argument specifies the format type of the file
+   --  either ASN1 or PEM.
+
+   function Use_Certificate_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : char_array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function loads a certificate buffer into the SSL session
+   --  object. It behaves like the non-buffered version, only differing
+   --  in its ability to be called with a buffer as input instead
+   --  of a file. The buffer is provided by the Input argument.
+   --  Format specifies the format type of the buffer; ASN1 or PEM.
+   --  Please see the examples for proper usage.
+
+   function Use_Private_Key_File (Ssl     : WolfSSL_Type;
+                                  File    : String;
+                                  Format  : File_Format)
+                                  return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function loads a private key file into the SSL session.
+   --  The key file is provided by the File argument. The Format argument
+   --  specifies the format type of the file - ASN1 or PEM.
+
+   function Use_Private_Key_Buffer (Ssl     : WolfSSL_Type;
+                                    Input   : Byte_Array;
+                                    Format  : File_Format)
+                                    return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function loads a private key buffer into the SSL session
+   --  object. It behaves like the non-buffered version, only differing
+   --  in its ability to be called with a buffer as input instead
+   --  of a file. The buffer is provided by the Input argument.
+   --  Format specifies the format type of the buffer; ASN1 or PEM.
+   --  Please see the examples for proper usage.
+
+   function Attach (Ssl    : WolfSSL_Type;
+                    Socket : Integer)
+                    return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  Attach wolfSSL to the socket.
+   --
+   --  This function assigns a file descriptor (Socket) as
+   --  the input/output facility for the SSL connection.
+   --  Typically this will be a socket file descriptor.
+
+   procedure Keep_Arrays (Ssl : WolfSSL_Type) with
+      Pre => Is_Valid (Ssl);
+   --  Normally, at the end of the SSL handshake, wolfSSL frees
+   --  temporary arrays. Calling this function before the handshake
+   --  begins will prevent wolfSSL from freeing temporary arrays.
+   --  Temporary arrays may be needed for things such as
+   --  wolfSSL_get_keys() or PSK hints. When the user is done with
+   --  temporary arrays, either Free_Arrays(..) may be called to free
+   --  the resources immediately, or alternatively the resources will
+   --  be freed when the associated SSL object is freed.
+
+   procedure Free_Arrays (Ssl : WolfSSL_Type) with
+      Pre => Is_Valid (Ssl);
+   --  Normally, at the end of the SSL handshake, wolfSSL frees temporary
+   --  arrays. If Keep_Arrays(..) has been called before the handshake,
+   --  wolfSSL will not free temporary arrays. This function explicitly
+   --  frees temporary arrays and should be called when the user is done
+   --  with temporary arrays and does not want to wait for the SSL object
+   --  to be freed to free these resources.
+
+   function Accept_Connection (Ssl : WolfSSL_Type)
+                               return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  The name of this function is not Accept (..) because the word
+   --  "accept" is a reserved keyword in the Ada language.
+   --
+   --  This function is called on the server side and waits for an
+   --  SSL client to initiate the SSL/TLS handshake. When this function
+   --  is called, the underlying communication channel has already been
+   --  set up. This function works with both blocking and
+   --  non-blocking I/O. When the underlying I/O is non-blocking,
+   --  Accept_Connection (..) will return when the underlying I/O could
+   --  not satisfy the needs of Accept_Connection (..) to continue
+   --  the handshake. In this case, a call to Get_Error(..) will
+   --  yield either Error_Want_Read or Error_Want_Write.
+   --  The calling process must then repeat the call to
+   --  Accept_Connection (..) when data is available to read and
+   --  wolfSSL will pick up where it left off. When using a
+   --  non_blocking socket, nothing needs to be done, but select() can
+   --  be used to check for the required condition.
+   --  If the underlying I/O is blocking, Accept_Connection (..) will
+   --  only return once the handshake has been finished or
+   --  an error occurred.
+
+   --  This record type has discriminants with default values to be able
+   --  to compile this code under the restriction No Secondary Stack.
+   type Read_Result (Success : Boolean := False;
+                     Last    : Byte_Index := Byte_Index'Last) is record
+      case Success is
+         when True  => Buffer : Byte_Array (1 .. Last);
+         when False => Code : Subprogram_Result; --  Error code
+      end case;
+   end record;
+
+   function Read (Ssl : WolfSSL_Type) return Read_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function reads a number of bytes from the SSL session (ssl)
+   --  internal read buffer into the buffer data. The bytes read are
+   --  removed from the internal receive buffer.
+   --  If necessary Read(..) will negotiate an SSL/TLS session
+   --  if the handshake has not already
+   --  been performed yet by Connect(..) or Accept_Connection (..).
+   --  The SSL/TLS protocol uses SSL records which have a maximum size
+   --  of 16kB (the max record size can be controlled by the
+   --  MAX_RECORD_SIZE define in /wolfssl/internal.h). As such, wolfSSL
+   --  needs to read an entire SSL record internally before it is able
+   --  to process and decrypt the record. Because of this, a call to
+   --  Read(..) will only be able to return the maximum buffer
+   --  size which has been decrypted at the time of calling. There may
+   --  be additional not-yet-decrypted data waiting in the internal
+   --  wolfSSL receive buffer which will be retrieved and decrypted with
+   --  the next call to Read(..).
+
+   --  This record type has discriminants with default values to be able
+   --  to compile this code under the restriction No Secondary Stack.
+   type Write_Result (Success : Boolean := False) is record
+      case Success is
+         when True  => Bytes_Written : Byte_Index;
+         when False => Code : Subprogram_Result; --  Error code
+      end case;
+   end record;
+
+   function Write (Ssl  : WolfSSL_Type;
+                   Data : Byte_Array) return Write_Result with
+      Pre => Is_Valid (Ssl);
+   --  The number of bytes written is returned.
+   --  This function writes bytes from the buffer, Data,
+   --  to the SSL connection, ssl. If necessary, Write(..) will
+   --  negotiate an SSL/TLS session if the handshake has not already
+   --  been performed yet by Connect(..) or Accept_Connection(..).
+   --  Write(..) works with both blocking and non-blocking I/O.
+   --  When the underlying I/O is non-blocking, Write(..) will return
+   --  when the underlying I/O could not satisfy the needs of Write(..)
+   --  to continue. In this case, a call to Get_Error(..) will
+   --  yield either Error_Want_Read or Error_Want_Write.
+   --  The calling process must then repeat the call to Write(..)
+   --  when the underlying I/O is ready. If the underlying I/O is
+   --  blocking, Write(..) will only return once the buffer data
+   --  has been completely written or an error occurred.
+
+   function Shutdown (Ssl : WolfSSL_Type) return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function shuts down an active SSL/TLS connection using
+   --  the SSL session, ssl. This function will try to send a
+   --  "close notify" alert to the peer. The calling application can
+   --  choose to wait for the peer to send its "close notify" alert
+   --  in response or just go ahead and shut down the underlying
+   --  connection after directly calling wolfSSL_shutdown (to save
+   --  resources). Either option is allowed by the TLS specification.
+   --  If the underlying connection will be used again in the future,
+   --  the complete two_directional shutdown procedure must be performed
+   --  to keep synchronization intact between the peers.
+   --  Shutdown(..) works with both blocking and non_blocking I/O.
+   --  When the underlying I/O is non_blocking, Shutdown(..) will
+   --  return an error if the underlying I/O could not satisfy the needs
+   --  of Shutdown(..) to continue. In this case, a call to
+   --  Get_Error(..) will yield either Error_Want_Read or
+   --  Error_Want_Write. The calling process must then repeat
+   --  the call to Shutdown() when the underlying I/O is ready.
+
+   procedure Free (Ssl : in out WolfSSL_Type) with
+      Pre  => Is_Valid (Ssl),
+      Post => not Is_Valid (Ssl);
+   --  Frees the resources allocated by the SSL session object.
+
+   function Connect (Ssl : WolfSSL_Type) return Subprogram_Result with
+      Pre => Is_Valid (Ssl);
+   --  This function is called on the client side and initiates
+   --  an SSL/TLS handshake with a server. When this function is called,
+   --  the underlying communication channel has already been set up.
+   --  Connect(..) works with both blocking and non_blocking I/O.
+   --  When the underlying I/O is non_blocking, Connect(..) will
+   --  return when the underlying I/O could not satisfy the needs
+   --  of wolfSSL_connect to continue the handshake. In this case,
+   --  a call to Get_Error(..) will yield either
+   --  Error_Want_Read or SSL_ERROR_WANT_WRITE. The calling process
+   --  must then repeat the call to Connect(..) when
+   --  the underlying I/O is ready and wolfSSL will pick up where
+   --  it left off. When using a non_blocking socket, nothing needs
+   --  to be done, but select() can be used to check for the required
+   --  condition. If the underlying I/O is blocking, Connect(..)
+   --  will only return once the handshake has been finished or an error
+   --  occurred. wolfSSL takes a different approach to certificate
+   --  verification than OpenSSL does. The default policy for the client
+   --  is to verify the server, this means that if you don't load CAs
+   --  to verify the server you'll get a connect error,
+   --  unable to verify. It you want to mimic OpenSSL behavior
+   --  of having SSL_connect succeed even if verifying the server fails
+   --  and reducing security you can do this by calling:
+   --  Set_Verify (Ctx, Verify_None, 0); before calling
+   --  Create_WolfSSL(...); Though it's not recommended.
+
+   type Error_Code is new Integer;
+
+   Error_Want_Read  : constant Error_Code;
+   Error_Want_Write : constant Error_Code;
+
+   function Get_Error (Ssl    : WolfSSL_Type;
+                       Result : Subprogram_Result) return Error_Code;
+   --  This function returns a unique error code describing why
+   --  the previous API function call (Connect, Accept_Connection,
+   --  Read, Write, etc.) resulted in an error return code.
+   --  After Get_Error is called and returns the unique error code,
+   --  wolfSSL_ERR_error_string() may be called to get a human readable
+   --  error string.
+
+   subtype Error_Message_Index is Natural range 0 .. 80;
+   --  The default error message length is 80 in WolfSSL unless
+   --  configured to another value. See the result
+   --  of the Max_Error_Size function.
+
+   type Error_Message (Last : Error_Message_Index := 0) is record
+      Text : String (1 .. Last);
+   end record;
+
+   function Error (Code : Error_Code) return Error_Message;
+   --  This function converts an error code returned by Get_Error(..)
+   --  into a more human readable error string. Code is the error code
+   --  returned by Get_error(). The maximum length of error strings is
+   --  80 characters by default, as defined by MAX_ERROR_SZ
+   --  is wolfssl/wolfcrypt/error.h.
+
+   function Max_Error_Size return Natural;
+   --  Returns the value of the defined MAX_ERROR_SZ integer
+   --  in wolfssl/wolfcrypt/error.h.
+
+private
+   pragma SPARK_Mode (Off);
+
+   subtype int is Interfaces.C.int; use type int;
+
+   type Opaque_Method  is limited null record;
+   type Opaque_Context is limited null record;
+   type Opaque_WolfSSL is limited null record;
+
+   --  Access-to-object types with convention C uses the same amount of
+   --  memory for storing pointers as is done in the C programming
+   --  language. The following access type definitions are used in
+   --  the Ada binding to the WolfSSL library:
+   type Context_Type is access Opaque_Context with Convention => C;
+   type Method_Type  is access Opaque_Method  with Convention => C;
+   type WolfSSL_Type is access Opaque_WolfSSL with Convention => C;
+
+   subtype Unsigned_32 is Interfaces.Unsigned_32; use type Unsigned_32;
+
+   type Mode_Type is new Unsigned_32;
+
+   --  The following imported subprograms are used to initialize
+   --  the constants defined in the public part of this package
+   --  specification. They cannot therefore be moved to the body
+   --  of this package.
+
+   function WolfSSL_Verify_None return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_none",
+     Import        => True;
+
+   function WolfSSL_Verify_Peer return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_peer",
+     Import        => True;
+
+   function WolfSSL_Verify_Fail_If_No_Peer_Cert return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_fail_if_no_peer_cert",
+     Import        => True;
+
+   function WolfSSL_Verify_Client_Once return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_client_once",
+     Import        => True;
+
+   function WolfSSL_Verify_Post_Handshake return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_post_handshake",
+     Import        => True;
+
+   function WolfSSL_Verify_Fail_Except_Psk return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_fail_except_psk",
+     Import        => True;
+
+   function WolfSSL_Verify_Default return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_verify_default",
+     Import        => True;
+
+   Verify_None : constant Mode_Type := Mode_Type (WolfSSL_Verify_None);
+   Verify_Peer : constant Mode_Type := Mode_Type (WolfSSL_Verify_Peer);
+
+   Verify_Fail_If_No_Peer_Cert : constant Mode_Type :=
+     Mode_Type (WolfSSL_Verify_Fail_If_No_Peer_Cert);
+
+   Verify_Client_Once : constant Mode_Type :=
+     Mode_Type (WolfSSL_Verify_Client_Once);
+
+   Verify_Post_Handshake : constant Mode_Type :=
+     Mode_Type (WolfSSL_Verify_Post_Handshake);
+
+   Verify_Fail_Except_Psk : constant Mode_Type :=
+     Mode_Type (WolfSSL_Verify_Fail_Except_Psk);
+
+   Verify_Default : constant Mode_Type :=
+     Mode_Type (WolfSSL_Verify_Default);
+
+   type File_Format is new Unsigned_32;
+
+   function WolfSSL_Filetype_Asn1 return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_filetype_asn1",
+     Import        => True;
+
+   function WolfSSL_Filetype_Pem return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_filetype_pem",
+     Import        => True;
+
+   function WolfSSL_Filetype_Default return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_filetype_default",
+     Import        => True;
+
+   Format_Asn1 : constant File_Format :=
+     File_Format (WolfSSL_Filetype_Asn1);
+
+   Format_Pem : constant File_Format :=
+     File_Format (WolfSSL_Filetype_Pem);
+
+   Format_Default : constant File_Format :=
+     File_Format (WolfSSL_Filetype_Default);
+
+   function Get_WolfSSL_Success return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_success",
+     Import        => True;
+
+   function Get_WolfSSL_Failure return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_failure",
+     Import        => True;
+
+   Success : constant Subprogram_Result :=
+      Subprogram_Result (Get_WolfSSL_Success);
+
+   Failure : constant Subprogram_Result :=
+      Subprogram_Result (Get_WolfSSL_Failure);
+
+   function Get_WolfSSL_Error_Want_Read return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_error_want_read",
+     Import        => True;
+
+   function Get_WolfSSL_Error_Want_Write return int with
+     Convention    => C,
+     External_Name => "get_wolfssl_error_want_write",
+     Import        => True;
+
+   Error_Want_Read  : constant Error_Code :=
+      Error_Code (Get_WolfSSL_Error_Want_Read);
+
+   Error_Want_Write : constant Error_Code :=
+      Error_Code (Get_WolfSSL_Error_Want_Write);
+
+end WolfSSL;
diff --git a/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs b/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
index d47305eb..34cdc242 100644
--- a/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
+++ b/extra/wolfssl/wolfssl/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs
@@ -725,7 +725,7 @@ namespace wolfSSL.CSharp {
                 int ret;
                 byte[] msg;
 
-                buf.Clear(); /* Clear incomming buffer */
+                buf.Clear(); /* Clear incoming buffer */
 
                 if (sslCtx == IntPtr.Zero)
                 {
@@ -1760,7 +1760,7 @@ namespace wolfSSL.CSharp {
         /// Used to load in the private key from a file
         /// </summary>
         /// <param name="ctx">CTX structure for TLS/SSL connections </param>
-        /// <param name="fileKey">Name of the file, includeing absolute directory</param>
+        /// <param name="fileKey">Name of the file, including absolute directory</param>
         /// <param name="type">Type of file ie PEM or DER</param>
         /// <returns>1 on success</returns>
         public static int CTX_use_PrivateKey_file(IntPtr ctx, string fileKey, int type)
diff --git a/extra/wolfssl/wolfssl/wrapper/include.am b/extra/wolfssl/wolfssl/wrapper/include.am
index d966d4bd..0bdcbc78 100644
--- a/extra/wolfssl/wolfssl/wrapper/include.am
+++ b/extra/wolfssl/wolfssl/wrapper/include.am
@@ -2,6 +2,7 @@
 # included from Top Level Makefile.am
 # All paths should be given relative to the root
 
+include wrapper/Ada/include.am
 include wrapper/CSharp/include.am
 
 EXTRA_DIST+= wrapper/python/README.md
diff --git a/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt b/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
index 36b19b95..bf8fe1a7 100644
--- a/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
+++ b/extra/wolfssl/wolfssl/zephyr/CMakeLists.txt
@@ -113,9 +113,12 @@ if(CONFIG_WOLFSSL)
     zephyr_library_sources(${ZEPHYR_CURRENT_MODULE_DIR}/wolfcrypt/src/port/st/stm32.c)
   
     zephyr_library_link_libraries(wolfSSL)
-  
-    add_definitions(-DWOLFSSL_USER_SETTINGS)
-    add_definitions(-DWOLFSSL_ZEPHYR)
+
+  	target_compile_definitions(wolfSSL INTERFACE WOLFSSL_ZEPHYR)
+  	target_compile_definitions(wolfSSL INTERFACE WOLFSSL_USER_SETTINGS)
+    if(CONFIG_WOLFSSL_DEBUG)
+      target_compile_definitions(wolfSSL INTERFACE DEBUG_WOLFSSL)
+    endif()
   else()
     assert(CONFIG_WOLFSSL_LIBRARY "wolfSSL was enabled, but neither BUILTIN or LIBRARY was selected.")
   
diff --git a/extra/wolfssl/wolfssl/zephyr/Kconfig b/extra/wolfssl/wolfssl/zephyr/Kconfig
index 47e1e949..6d58cc02 100644
--- a/extra/wolfssl/wolfssl/zephyr/Kconfig
+++ b/extra/wolfssl/wolfssl/zephyr/Kconfig
@@ -24,7 +24,7 @@ config WOLFSSL_PROMPTLESS
           Symbol to disable the prompt for WOLFSSL selection.
           This symbol may be used internally in a Kconfig tree to hide the
           wolfSSL menu prompt and instead handle the selection of WOLFSSL from
-          dependent sub-configurations and thus preven stuck symbol behavior.
+          dependent sub-configurations and thus prevent stuck symbol behavior.
 
 
 menuconfig WOLFSSL
diff --git a/extra/wolfssl/wolfssl/zephyr/README.md b/extra/wolfssl/wolfssl/zephyr/README.md
index ec2f0fd1..098d51c9 100644
--- a/extra/wolfssl/wolfssl/zephyr/README.md
+++ b/extra/wolfssl/wolfssl/zephyr/README.md
@@ -60,6 +60,14 @@ then "Open Terminal".
 
 ## Build and Run wolfCrypt Test Application
 
+If you want to run build apps without running `west zephyr-export` then it is
+possible by setting the `CMAKE_PREFIX_PATH` variable to the location of the
+zephyr sdk and building from the `zephyr` directory. For example:
+
+```
+CMAKE_PREFIX_PATH=/path/to/zephyr-sdk-<VERSION> west build -p always -b qemu_x86 ../modules/crypto/wolfssl/zephyr/samples/wolfssl_test/
+```
+
 build and execute `wolfssl_test`
 
 ```
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
index 2cf27140..15d4ebba 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/prj.conf
@@ -1,7 +1,5 @@
-
 # Configure stack and heap sizes
 CONFIG_MAIN_STACK_SIZE=32768
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
 
 # Pthreads
 CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
index 8b45f178..4c5d1fce 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_benchmark/sample.yaml
@@ -2,9 +2,14 @@ sample:
   description: wolfCrypt benchmark sample app
   name: wolfCrypt benchmark
 common:
-  min_flash: 65
-  min_ram: 36
   tags: crypto wolfssl userspace random
+  harness: console
+  harness_config:
+    type: one_line
+    regex:
+      - "Benchmark complete"
 tests:
-  crypto.wolfssl_benchmark:
-    platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp
+  sample.crypto.wolfssl_benchmark:
+    platform_allow: qemu_x86
+    integration_platforms:
+      - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
index c2f99743..a989213b 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/prj.conf
@@ -1,7 +1,7 @@
 
 # Configure stack and heap sizes
 CONFIG_MAIN_STACK_SIZE=32768
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=16384
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=16384
 
 # Pthreads
 CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
index 72069ff6..a1c4f819 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_test/sample.yaml
@@ -2,9 +2,14 @@ sample:
   description: wolfCrypt test sample app
   name: wolfCrypt test
 common:
-  min_flash: 65
-  min_ram: 36
-  tags: crypto wolfssl userspace random
+  harness: console
+  harness_config:
+    type: one_line
+    regex:
+      - "Exiting main with return code: 0"
 tests:
-  crypto.wolfssl_test:
-    platform_allow: qemu_x86 nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp
+  sample.crypto.wolfssl_test:
+    timeout: 120
+    platform_allow: qemu_x86
+    integration_platforms:
+      - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
index 9ca0cef9..f8b0f292 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/prj.conf
@@ -2,7 +2,7 @@
 CONFIG_MAIN_STACK_SIZE=16384
 CONFIG_ENTROPY_GENERATOR=y
 CONFIG_INIT_STACKS=y
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=8192
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=8192
 
 # General config
 CONFIG_NEWLIB_LIBC=y
@@ -23,9 +23,6 @@ CONFIG_NET_SOCKETS_POSIX_NAMES=y
 
 CONFIG_NET_TEST=y
 CONFIG_NET_LOOPBACK=y
-CONFIG_DNS_RESOLVER=y
-CONFIG_DNS_SERVER_IP_ADDRESSES=y
-CONFIG_DNS_SERVER1="192.0.2.2"
 
 # Network driver config
 CONFIG_TEST_RANDOM_GENERATOR=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
index 86f7f9a7..ea002827 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/sample.yaml
@@ -1,9 +1,16 @@
-common:
-  harness: crypto
-  tags: crypto
 sample:
   description: wolfSSL TLS test application
   name: wolfSSL TLS Test
+common:
+  harness: console
+  harness_config:
+    type: multi_line
+    regex:
+      - "Server Return: 0"
+      - "Client Return: 0"
 tests:
-  test:
-    platform_whitelist: qemu_x86
+  sample.crypto.wolfssl_tls_sock:
+    timeout: 60
+    platform_allow: qemu_x86
+    integration_platforms:
+      - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
index 8e71527d..7be36532 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_sock/src/tls_sock.c
@@ -33,12 +33,8 @@
 
 #define BUFFER_SIZE           2048
 #define STATIC_MEM_SIZE       (192*1024)
-#define THREAD_STACK_SIZE     (24*1024)
 #define MAX_SEND_SIZE         256
 
-/* The stack to use in the server's thread. */
-K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
-
 #ifdef WOLFSSL_STATIC_MEMORY
     static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
     static WOLFSSL_HEAP_HINT* HEAP_HINT_CLIENT;
@@ -292,20 +288,6 @@ static void wolfssl_memstats(WOLFSSL* ssl)
 #endif
 }
 
-
-/* Start the server thread. */
-void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
-{
-    k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
-                    func, args, NULL, NULL, 5, 0, K_NO_WAIT);
-}
-
-void join_thread(THREAD_TYPE thread)
-{
-    /* Threads are handled in the kernel. */
-}
-
-
 int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd)
 {
     int ret = 0;
@@ -350,7 +332,7 @@ int wolfssl_server_accept_tcp(WOLFSSL* ssl, SOCKET_T* fd, SOCKET_T* acceptfd)
 }
 
 /* Thread to do the server operations. */
-void server_thread(void* arg1, void* arg2, void* arg3)
+void server_thread(void* arg1)
 {
     int           ret = 0;
     WOLFSSL_CTX*  server_ctx = NULL;
@@ -509,12 +491,18 @@ int main()
 #endif
 
     /* Start server */
-    start_thread(server_thread, NULL, &serverThread);
+    if (wolfSSL_NewThread(&serverThread, server_thread, NULL) != 0) {
+        printf("Failed to start server thread\n");
+        return -1;
+    }
 
     k_sleep(Z_TIMEOUT_TICKS(100));
     client_thread();
 
-    join_thread(serverThread);
+    if (wolfSSL_JoinThread(serverThread) != 0) {
+        printf("Failed to join server thread\n");
+        return -1;
+    }
 
     wolfSSL_Cleanup();
 
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
index e675b38a..4a1e290a 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/prj.conf
@@ -2,7 +2,7 @@
 CONFIG_MAIN_STACK_SIZE=16384
 CONFIG_ENTROPY_GENERATOR=y
 CONFIG_INIT_STACKS=y
-CONFIG_MINIMAL_LIBC_MALLOC_ARENA_SIZE=65536
+CONFIG_COMMON_LIBC_MALLOC_ARENA_SIZE=65536
 
 # Pthreads
 CONFIG_PTHREAD_IPC=y
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
index 86f7f9a7..270648b6 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/sample.yaml
@@ -1,9 +1,18 @@
-common:
-  harness: crypto
-  tags: crypto
 sample:
   description: wolfSSL TLS test application
   name: wolfSSL TLS Test
+common:
+  harness: console
+  harness_config:
+    type: multi_line
+    regex:
+      - "Server Return: 0"
+      - "Server Error: 0"
+      - "Client Return: 0"
+      - "Client Error: 0"
 tests:
-  test:
-    platform_whitelist: qemu_x86
+  sample.crypto.wolfssl_tls_thread:
+    timeout: 60
+    platform_allow: qemu_x86
+    integration_platforms:
+      - qemu_x86
diff --git a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
index 57990ab9..490e3362 100644
--- a/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
+++ b/extra/wolfssl/wolfssl/zephyr/samples/wolfssl_tls_thread/src/tls_threaded.c
@@ -44,10 +44,6 @@
 
 #define BUFFER_SIZE           2048
 #define STATIC_MEM_SIZE       (192*1024)
-#define THREAD_STACK_SIZE     (24*1024)
-
-/* The stack to use in the server's thread. */
-K_THREAD_STACK_DEFINE(server_stack, THREAD_STACK_SIZE);
 
 #ifdef WOLFSSL_STATIC_MEMORY
     static WOLFSSL_HEAP_HINT* HEAP_HINT_SERVER;
@@ -515,22 +511,8 @@ static void wolfssl_memstats(WOLFSSL* ssl)
 #endif
 }
 
-
-/* Start the server thread. */
-void start_thread(THREAD_FUNC func, func_args* args, THREAD_TYPE* thread)
-{
-    k_thread_create(thread, server_stack, K_THREAD_STACK_SIZEOF(server_stack),
-                    func, args, NULL, NULL, 5, 0, K_NO_WAIT);
-}
-
-void join_thread(THREAD_TYPE thread)
-{
-    /* Threads are handled in the kernel. */
-}
-
-
 /* Thread to do the server operations. */
-void server_thread(void* arg1, void* arg2, void* arg3)
+void server_thread(void* arg1)
 {
     int ret = 0;
     WOLFSSL_CTX* server_ctx = NULL;
@@ -602,7 +584,10 @@ int main()
     wc_InitMutex(&server_mutex);
 
     /* Start server */
-    start_thread(server_thread, NULL, &serverThread);
+    if (wolfSSL_NewThread(&serverThread, server_thread, NULL) != 0) {
+        printf("Failed to start server thread\n");
+        return -1;
+    }
 
 #ifdef WOLFSSL_STATIC_MEMORY
     if (wc_LoadStaticMemory(&HEAP_HINT_CLIENT, gMemoryClient,
@@ -643,8 +628,10 @@ int main()
     printf("Client Return: %d\n", ret);
     printf("Client Error: %d\n", wolfSSL_get_error(client_ssl, ret));
 
-
-    join_thread(serverThread);
+    if (wolfSSL_JoinThread(serverThread) != 0) {
+        printf("Failed to join server thread\n");
+        return -1;
+    }
 
 #ifdef WOLFSSL_STATIC_MEMORY
     printf("Client Memory Stats\n");
diff --git a/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h b/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
index 1ebad1e7..32a28bbc 100644
--- a/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
+++ b/extra/wolfssl/wolfssl/zephyr/user_settings-tls-generic.h
@@ -28,9 +28,6 @@
 extern "C" {
 #endif
 
-#undef  WOLFSSL_ZEPHYR
-#define WOLFSSL_ZEPHYR
-
 #if 0
 #undef  SINGLE_THREADED
 #define SINGLE_THREADED
@@ -147,11 +144,6 @@ extern "C" {
 #define WOLFSSL_HAVE_SP_ECC
 #endif
 
-#if defined(CONFIG_WOLFSSL_DEBUG)
-#undef  DEBUG_WOLFSSL
-#define DEBUG_WOLFSSL
-#endif
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/extra/wolfssl/wolfssl/zephyr/user_settings.h b/extra/wolfssl/wolfssl/zephyr/user_settings.h
index f5b00526..ba0ba9b2 100644
--- a/extra/wolfssl/wolfssl/zephyr/user_settings.h
+++ b/extra/wolfssl/wolfssl/zephyr/user_settings.h
@@ -33,9 +33,6 @@
 extern "C" {
 #endif
 
-#undef  WOLFSSL_ZEPHYR
-#define WOLFSSL_ZEPHYR
-
 #if 0
 #undef  SINGLE_THREADED
 #define SINGLE_THREADED
@@ -140,11 +137,6 @@ extern "C" {
 #define WOLFSSL_HAVE_SP_ECC
 #endif
 
-#if defined(CONFIG_WOLFSSL_DEBUG)
-#undef  DEBUG_WOLFSSL
-#define DEBUG_WOLFSSL
-#endif
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/include/byte_order_generic_x86_64.h b/include/byte_order_generic_x86_64.h
index a25e6a2a..305ba2b4 100644
--- a/include/byte_order_generic_x86_64.h
+++ b/include/byte_order_generic_x86_64.h
@@ -83,7 +83,7 @@ static inline ulonglong uint6korr(const void *p)
 #define HAVE_mi_uint5korr
 #define HAVE_mi_uint6korr
 #define HAVE_mi_uint7korr
-#define HAVE_mi_uint78orr
+#define HAVE_mi_uint8korr
 
 /* Read numbers stored in high-bytes-first order */
 
diff --git a/include/m_ctype.h b/include/m_ctype.h
index 3adcb474..5c68224f 100644
--- a/include/m_ctype.h
+++ b/include/m_ctype.h
@@ -447,7 +447,8 @@ enum my_lex_states
   MY_LEX_IDENT_OR_KEYWORD,
   MY_LEX_IDENT_OR_HEX, MY_LEX_IDENT_OR_BIN, MY_LEX_IDENT_OR_NCHAR,
   MY_LEX_STRING_OR_DELIMITER, MY_LEX_MINUS_OR_COMMENT, MY_LEX_PLACEHOLDER,
-  MY_LEX_COMMA
+  MY_LEX_COMMA,
+  MY_LEX_IDENT_OR_QUALIFIED_SPECIAL_FUNC
 };
 
 struct charset_info_st;
diff --git a/include/my_alloc.h b/include/my_alloc.h
index caa4be8f..0b777437 100644
--- a/include/my_alloc.h
+++ b/include/my_alloc.h
@@ -25,6 +25,8 @@
 #define ALLOC_MAX_BLOCK_TO_DROP			4096
 #define ALLOC_MAX_BLOCK_USAGE_BEFORE_DROP	10
 
+#define ROOT_FLAG_READ_ONLY       4
+
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -53,10 +55,6 @@ typedef struct st_mem_root
   unsigned short first_block_usage;
   unsigned short flags;
 
-#ifdef PROTECT_STATEMENT_MEMROOT
-  int read_only;
-#endif
-
   void (*error_handler)(void);
 
   PSI_memory_key psi_key;
diff --git a/include/my_pthread.h b/include/my_pthread.h
index 3e68538b..ca32fecc 100644
--- a/include/my_pthread.h
+++ b/include/my_pthread.h
@@ -147,9 +147,6 @@ int pthread_cancel(pthread_t thread);
 #ifndef _REENTRANT
 #define _REENTRANT
 #endif
-#ifdef HAVE_THR_SETCONCURRENCY
-#include <thread.h>			/* Probably solaris */
-#endif
 #ifdef HAVE_SCHED_H
 #include <sched.h>
 #endif
@@ -618,9 +615,6 @@ extern int my_rw_trywrlock(my_rw_lock_t *);
 
 #define GETHOSTBYADDR_BUFF_SIZE 2048
 
-#ifndef HAVE_THR_SETCONCURRENCY
-#define thr_setconcurrency(A) pthread_dummy(0)
-#endif
 #if !defined(HAVE_PTHREAD_ATTR_SETSTACKSIZE) && ! defined(pthread_attr_setstacksize)
 #define pthread_attr_setstacksize(A,B) pthread_dummy(0)
 #endif
@@ -667,15 +661,19 @@ extern void my_mutex_end(void);
   We need to have at least 256K stack to handle calls to myisamchk_init()
   with the current number of keys and key parts.
 */
-#if defined(__SANITIZE_ADDRESS__) || defined(WITH_UBSAN)
-#ifndef DBUG_OFF
-#define DEFAULT_THREAD_STACK	(1024*1024L)
-#else
-#define DEFAULT_THREAD_STACK	(383*1024L) /* 392192 */
-#endif
-#else
-#define DEFAULT_THREAD_STACK	(292*1024L) /* 299008 */
-#endif
+# if defined(__SANITIZE_ADDRESS__) || defined(WITH_UBSAN)
+/*
+  Optimized WITH_ASAN=ON executables produced
+  by GCC 12.3.0, GCC 13.2.0, or clang 16.0.6
+  would fail ./mtr main.1st when the stack size is 5 MiB.
+  The minimum is more than 6 MiB for CMAKE_BUILD_TYPE=RelWithDebInfo and
+  more than 10 MiB for CMAKE_BUILD_TYPE=Debug.
+  Let us add some safety margin.
+*/
+#  define DEFAULT_THREAD_STACK	(11L<<20)
+# else
+#  define DEFAULT_THREAD_STACK	(292*1024L) /* 299008 */
+# endif
 #endif
 
 #define MY_PTHREAD_LOCK_READ 0
diff --git a/include/my_sys.h b/include/my_sys.h
index 8316975c..540432ce 100644
--- a/include/my_sys.h
+++ b/include/my_sys.h
@@ -884,6 +884,7 @@ extern void init_alloc_root(PSI_memory_key key, MEM_ROOT *mem_root,
 extern void *alloc_root(MEM_ROOT *mem_root, size_t Size);
 extern void *multi_alloc_root(MEM_ROOT *mem_root, ...);
 extern void free_root(MEM_ROOT *root, myf MyFLAGS);
+extern void move_root(MEM_ROOT *to, MEM_ROOT *from);
 extern void set_prealloc_root(MEM_ROOT *root, char *ptr);
 extern void reset_root_defaults(MEM_ROOT *mem_root, size_t block_size,
                                 size_t prealloc_size);
diff --git a/include/myisamchk.h b/include/myisamchk.h
index c494c672..85f7c0a5 100644
--- a/include/myisamchk.h
+++ b/include/myisamchk.h
@@ -112,6 +112,7 @@ typedef struct st_handler_check_param
   uint progress_counter;             /* How often to call _report_progress() */
   ulonglong progress, max_progress;
 
+  void (*init_fix_record)(void *);
   int (*fix_record)(struct st_myisam_info *info, uchar *record, int keynum);
 
   mysql_mutex_t print_msg_mutex;
diff --git a/include/mysql.h b/include/mysql.h
index a66dcc7b..486f57fb 100644
--- a/include/mysql.h
+++ b/include/mysql.h
@@ -268,7 +268,6 @@ typedef struct st_mysql
   char		*host,*user,*passwd,*unix_socket,*server_version,*host_info;
   char          *info, *db;
   const struct charset_info_st *charset;
-  MYSQL_FIELD	*fields;
   MEM_ROOT	field_alloc;
   my_ulonglong affected_rows;
   my_ulonglong insert_id;		/* id if insert on table with NEXTNR */
@@ -290,7 +289,8 @@ typedef struct st_mysql
   /* session-wide random string */
   char	        scramble[SCRAMBLE_LENGTH+1];
   my_bool       auto_local_infile;
-  void *unused2, *unused3, *unused4, *unused5;
+  void *unused2, *unused3, *unused4;
+  MYSQL_FIELD	*fields;
 
   LIST  *stmts;                     /* list of all statements */
   const struct st_mysql_methods *methods;
diff --git a/include/mysql/plugin.h b/include/mysql/plugin.h
index 14c75251..a5763a02 100644
--- a/include/mysql/plugin.h
+++ b/include/mysql/plugin.h
@@ -531,7 +531,13 @@ struct st_mysql_plugin
   const char *author;   /* plugin author (for I_S.PLUGINS)              */
   const char *descr;    /* general descriptive text (for I_S.PLUGINS)   */
   int license;          /* the plugin license (PLUGIN_LICENSE_XXX)      */
-  int (*init)(void *);  /* the function to invoke when plugin is loaded */
+  /*
+    The function to invoke when plugin is loaded. Plugin
+    initialisation done here should defer any ALTER TABLE queries to
+    after the ddl recovery is done, in the signal_ddl_recovery_done()
+    callback called by ha_signal_ddl_recovery_done().
+  */
+  int (*init)(void *);
   int (*deinit)(void *);/* the function to invoke when plugin is unloaded */
   unsigned int version; /* plugin version (for I_S.PLUGINS)             */
   struct st_mysql_show_var *status_vars;
@@ -555,7 +561,13 @@ struct st_maria_plugin
   const char *author;   /* plugin author (for SHOW PLUGINS)             */
   const char *descr;    /* general descriptive text (for SHOW PLUGINS ) */
   int license;          /* the plugin license (PLUGIN_LICENSE_XXX)      */
-  int (*init)(void *);  /* the function to invoke when plugin is loaded */
+  /*
+    The function to invoke when plugin is loaded. Plugin
+    initialisation done here should defer any ALTER TABLE queries to
+    after the ddl recovery is done, in the signal_ddl_recovery_done()
+    callback called by ha_signal_ddl_recovery_done().
+  */
+  int (*init)(void *);
   int (*deinit)(void *);/* the function to invoke when plugin is unloaded */
   unsigned int version; /* plugin version (for SHOW PLUGINS)            */
   struct st_mysql_show_var *status_vars;
diff --git a/include/mysql/plugin_audit.h.pp b/include/mysql/plugin_audit.h.pp
index a01e4ff8..57ba61d3 100644
--- a/include/mysql/plugin_audit.h.pp
+++ b/include/mysql/plugin_audit.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_auth.h.pp b/include/mysql/plugin_auth.h.pp
index 1844f7b7..15e4c0cd 100644
--- a/include/mysql/plugin_auth.h.pp
+++ b/include/mysql/plugin_auth.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_data_type.h.pp b/include/mysql/plugin_data_type.h.pp
index 80b5a863..7938bf3c 100644
--- a/include/mysql/plugin_data_type.h.pp
+++ b/include/mysql/plugin_data_type.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_encryption.h.pp b/include/mysql/plugin_encryption.h.pp
index ac5798b1..97191c4a 100644
--- a/include/mysql/plugin_encryption.h.pp
+++ b/include/mysql/plugin_encryption.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_ftparser.h.pp b/include/mysql/plugin_ftparser.h.pp
index 919c9aae..cc2c276c 100644
--- a/include/mysql/plugin_ftparser.h.pp
+++ b/include/mysql/plugin_ftparser.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_function.h.pp b/include/mysql/plugin_function.h.pp
index f5b22dbd..afdcb534 100644
--- a/include/mysql/plugin_function.h.pp
+++ b/include/mysql/plugin_function.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/plugin_password_validation.h.pp b/include/mysql/plugin_password_validation.h.pp
index 115cbf26..3f238088 100644
--- a/include/mysql/plugin_password_validation.h.pp
+++ b/include/mysql/plugin_password_validation.h.pp
@@ -487,6 +487,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 MYSQL *mysql_real_connect_local(MYSQL *mysql);
 }
diff --git a/include/mysql/service_sql.h b/include/mysql/service_sql.h
index 2fee56ca..e9d1491d 100644
--- a/include/mysql/service_sql.h
+++ b/include/mysql/service_sql.h
@@ -68,6 +68,9 @@ extern struct sql_service_st {
   int (STDCALL *mysql_set_character_set_func)(MYSQL *mysql, const char *cs_name);
   unsigned int (STDCALL *mysql_num_fields_func)(MYSQL_RES *res);
   int (STDCALL *mysql_select_db_func)(MYSQL *mysql, const char *db);
+  my_bool (STDCALL *mysql_ssl_set_func)(MYSQL *mysql, const char *key,
+                                        const char *cert, const char *ca,
+                                        const char *capath, const char *cipher);
 } *sql_service;
 
 #ifdef MYSQL_DYNAMIC_PLUGIN
@@ -89,6 +92,7 @@ extern struct sql_service_st {
 #define mysql_set_character_set(M,C) sql_service->mysql_set_character_set_func(M,C)
 #define mysql_num_fields(R) sql_service->mysql_num_fields_func(R)
 #define mysql_select_db(M,D) sql_service->mysql_select_db_func(M,D)
+#define mysql_ssl_set(M,K,C,A,P,H) sql_service->mysql_ssl_set_func(M,K,C,A,P,H)
 
 #else
 
@@ -111,5 +115,3 @@ MYSQL *mysql_real_connect_local(MYSQL *mysql);
 #endif
 
 #endif /*MYSQL_SERVICE_SQL */
-
-
diff --git a/include/mysql/service_wsrep.h b/include/mysql/service_wsrep.h
index 8add7093..a0d0a338 100644
--- a/include/mysql/service_wsrep.h
+++ b/include/mysql/service_wsrep.h
@@ -95,6 +95,7 @@ extern struct wsrep_service_st {
   void                        (*wsrep_thd_kill_LOCK_func)(const MYSQL_THD thd);
   void                        (*wsrep_thd_kill_UNLOCK_func)(const MYSQL_THD thd);
   void                        (*wsrep_thd_set_wsrep_PA_unsafe_func)(MYSQL_THD thd);
+  uint32                      (*wsrep_get_domain_id_func)();
 } *wsrep_service;
 
 #define MYSQL_SERVICE_WSREP_INCLUDED
@@ -144,6 +145,7 @@ extern struct wsrep_service_st {
 #define wsrep_thd_set_ignored_error(T,V) wsrep_service->wsrep_thd_set_ignored_error_func(T,V)
 #define wsrep_report_bf_lock_wait(T,I) wsrep_service->wsrep_report_bf_lock_wait(T,I)
 #define wsrep_thd_set_PA_unsafe(T) wsrep_service->wsrep_thd_set_PA_unsafe_func(T)
+#define wsrep_get_domain_id(T) wsrep_service->wsrep_get_domain_id_func(T)
 #else
 
 #define MYSQL_SERVICE_WSREP_STATIC_INCLUDED
@@ -253,5 +255,6 @@ extern "C" void wsrep_report_bf_lock_wait(const THD *thd,
                                           unsigned long long trx_id);
 /* declare parallel applying unsafety for the THD */
 extern "C" void wsrep_thd_set_PA_unsafe(MYSQL_THD thd);
+extern "C" uint32 wsrep_get_domain_id();
 #endif
 #endif /* MYSQL_SERVICE_WSREP_INCLUDED */
diff --git a/include/mysql_com.h b/include/mysql_com.h
index 1bc2fcc7..4b07be8f 100644
--- a/include/mysql_com.h
+++ b/include/mysql_com.h
@@ -477,7 +477,7 @@ typedef struct st_net {
   char net_skip_rest_factor;
   my_bool thread_specific_malloc;
   unsigned char compress;
-  my_bool unused3; /* Please remove with the next incompatible ABI change. */
+  my_bool pkt_nr_can_be_reset;
   /*
     Pointer to query object in query cache, do not equal NULL (0) for
     queries in cache that have not stored its results yet
diff --git a/libmariadb/.travis.yml b/libmariadb/.travis.yml
index d084bc17..aab4dfec 100644
--- a/libmariadb/.travis.yml
+++ b/libmariadb/.travis.yml
@@ -1,10 +1,5 @@
-os: linux
-dist: focal
 language: c
-services: docker
-addons:
-  hosts:
-    - mariadb.example.com
+version: ~> 1.0
 
 cache:
   apt: true
@@ -12,98 +7,22 @@ cache:
   directories:
     - $HOME/docker
 
-before_install:
-  - git clone https://github.com/mariadb-corporation/connector-test-machine.git
-  # Load cached docker images
-  - if [[ -d $HOME/docker ]]; then ls $HOME/docker/*.tar.gz | xargs -I {file} sh -c "zcat {file} | docker load"; fi
+env:
+  global: local=0 DB=testc CLEAR_TEXT=0
 
-install:
-  - |-
-    if [ -z "$server_branch" ] ; then
-      case $TRAVIS_OS_NAME in
-        windows)
-          connector-test-machine/launch.bat -t "$srv" -v "$v" -d testc
-          ;;
-        linux)
-          source connector-test-machine/launch.sh -t "$srv" -v "$v" -d testc -l "$local" -n "$native"
-          ;;
-      esac
-    fi
-
-
-env: local=0
-
-stages:
-  - Minimal
-  - name: Enterprise
-    if: type = push AND fork = false
-  - Community
+import: mariadb-corporation/connector-test-machine:common-build.yml@master
 
 jobs:
-  fast_finish: true
-  allow_failures:
-    - env: srv=maxscale
-    - env: srv=skysql
-    - env: srv=skysql-ha
-    - env: srv=xpand
-    - env: srv=mysql v=5.7
-    - env: srv=mysql v=8.0
   include:
-    - stage: Minimal
-      env: srv=mariadb v=10.6 packet=8
-      name: "CS 10.6"
-    - env: srv=mariadb-es
-      name: "ES latest"
-      if: type = push AND fork = false
-    - env: server_branch=10.11
-      name: "10.11 Server unit testing"
-
-    - stage: Enterprise
-      env: srv=mariadb-es v=10.4
-      dist: bionic
-      name: "ES 10.4"
-    - env: srv=mariadb-es v=10.5
-      dist: bionic
-      name: "ES 10.5"
-    - env: srv=mariadb-es v=10.6
-      name: "ES 10.6"
-    - env: srv=mariadb-es-test v=23.08
-      name: "ES 23.08"
-    - env: srv=maxscale
-      name: "Maxscale"
-    - env: srv=xpand
-      name: "Xpand"
-
     - stage: Community
-      env: srv=mariadb v=10.11
-      os: windows
-      language: shell
-      name: "Windows"
-    - env: server_branch=10.6
-      name: "10.6 Server unit testing"
+      env: srv=mariadb v=10.11 local=1 TEST_OPTION=--ps-protocol
+      name: "CS 10.11 with ps-protocol"
+    - stage: Other
+      env: server_branch=10.6
+      name: "CS 10.6 Server unit testing"
+    - env: server_branch=10.11
+      name: "CS 10.11 Server unit testing"
     - env: server_branch=11.3 TEST_OPTION=--ps-protocol
       name: "11.3 Server unit testing with ps-protocol"
-    - env: srv=mariadb v=10.4 local=1
-      dist: bionic
-      name: "CS 10.4"
-    - env: srv=mariadb v=10.5 local=1
-      dist: bionic
-      name: "CS 10.5"
-    - env: srv=mariadb v=10.9 local=1
-      name: "CS 10.9"
-    - env: srv=mariadb v=10.10 local=1
-      name: "CS 10.10"
-    - env: srv=mariadb v=10.11 local=1
-      name: "CS 10.11"
-    - env: srv=mariadb v=10.11 local=1 TEST_OPTION=--ps-protocol
-      name: "CS 10.11 with ps-protocol"
-    - env: srv=mariadb v=11.0 local=1
-      name: "CS 11.0"
-    - env: srv=mariadb v=11.1 local=1
-      name: "CS 11.1"
-    - env: srv=mysql v=5.7 native=1
-      name: "MySQL 5.7"
-    - env: srv=mysql v=8.0 native=1
-      name: "MySQL 8.0"
 
 script: ./travis.sh
diff --git a/libmariadb/CMakeLists.txt b/libmariadb/CMakeLists.txt
index 206e4e03..4aab676d 100644
--- a/libmariadb/CMakeLists.txt
+++ b/libmariadb/CMakeLists.txt
@@ -36,7 +36,7 @@ SET(CC_BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR})
 
 SET(CPACK_PACKAGE_VERSION_MAJOR 3)
 SET(CPACK_PACKAGE_VERSION_MINOR 3)
-SET(CPACK_PACKAGE_VERSION_PATCH 8)
+SET(CPACK_PACKAGE_VERSION_PATCH 9)
 SET(CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
 MATH(EXPR MARIADB_PACKAGE_VERSION_ID "${CPACK_PACKAGE_VERSION_MAJOR} * 10000 +
                             ${CPACK_PACKAGE_VERSION_MINOR} * 100   +
diff --git a/libmariadb/cmake/FindZStd.cmake b/libmariadb/cmake/FindZStd.cmake
index d03e96fc..f4bb5398 100644
--- a/libmariadb/cmake/FindZStd.cmake
+++ b/libmariadb/cmake/FindZStd.cmake
@@ -10,7 +10,7 @@ find_path(ZSTD_INCLUDE_DIRS
   HINTS ${ZSTD_ROOT_DIR}/include)
 
 find_library(ZSTD_LIBRARIES
-  NAMES zstd
+  NAMES zstd zstd_static
   HINTS ${ZSTD_ROOT_DIR}/lib)
 
 include(FindPackageHandleStandardArgs)
diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c
index e8db51a0..36219385 100644
--- a/libmariadb/libmariadb/mariadb_lib.c
+++ b/libmariadb/libmariadb/mariadb_lib.c
@@ -241,18 +241,29 @@ restart:
         }
         goto restart;
       }
-      net->last_errno= last_errno;
-      if (pos[0]== '#')
+      if (IS_MYSQL_ERROR(last_errno) || IS_MARIADB_ERROR(last_errno))
       {
-        ma_strmake(net->sqlstate, pos+1, SQLSTATE_LENGTH);
-        pos+= SQLSTATE_LENGTH + 1;
+        /* The server appears to have sent an error code within the
+         * range(s) of error codes that should only be generated
+         * client-side.
+         */
+        my_set_error(mysql, CR_MALFORMED_PACKET, SQLSTATE_UNKNOWN, 0);
       }
       else
       {
-        strncpy(net->sqlstate, SQLSTATE_UNKNOWN, SQLSTATE_LENGTH);
+        net->last_errno= last_errno;
+        if (pos[0]== '#')
+        {
+          ma_strmake(net->sqlstate, pos+1, SQLSTATE_LENGTH);
+          pos+= SQLSTATE_LENGTH + 1;
+        }
+        else
+        {
+          strncpy(net->sqlstate, SQLSTATE_UNKNOWN, SQLSTATE_LENGTH);
+        }
+        ma_strmake(net->last_error,(char*) pos,
+                min(len,sizeof(net->last_error)-1));
       }
-      ma_strmake(net->last_error,(char*) pos,
-              min(len,sizeof(net->last_error)-1));
     }
     else
     {
@@ -1787,11 +1798,20 @@ restart:
  */
   if ((pkt_length=ma_net_safe_read(mysql)) == packet_error)
   {
-    if (mysql->net.last_errno == CR_SERVER_LOST)
+
+    unsigned int code= mysql->net.last_errno;
+    if (code == CR_SERVER_LOST)
       my_set_error(mysql, CR_SERVER_LOST, SQLSTATE_UNKNOWN,
                  ER(CR_SERVER_LOST_EXTENDED),
                  "handshake: reading initial communication packet",
                  errno);
+    else if (IS_MYSQL_ERROR(code) || IS_MARIADB_ERROR(code))
+      ; /* not forged - generated on the client side */
+    else if (mysql->options.use_ssl)
+      my_set_error(mysql, CR_CONNECTION_ERROR, SQLSTATE_UNKNOWN,
+                   "Received error packet before completion of TLS handshake. "
+                   "The authenticity of the following error cannot be verified:\n%d - %s",
+                   code, mysql->net.last_error);
 
     goto error;
   }
@@ -1803,17 +1823,6 @@ restart:
   mysql->protocol_version= end[0];
   end++;
 
-  /* Check if server sends an error */
-  if (mysql->protocol_version == 0XFF)
-  {
-    net_get_error(end, pkt_length - 1, net->last_error, sizeof(net->last_error),
-      &net->last_errno, net->sqlstate);
-    /* fix for bug #26426 */
-    if (net->last_errno == 1040)
-      memcpy(net->sqlstate, "08004", SQLSTATE_LENGTH);
-    goto error;
-  }
-
   if (mysql->protocol_version <  PROTOCOL_VERSION)
   {
     net->last_errno= CR_VERSION_ERROR;
diff --git a/libmariadb/plugins/pvio/pvio_npipe.c b/libmariadb/plugins/pvio/pvio_npipe.c
index 17c59cef..d2d5222a 100644
--- a/libmariadb/plugins/pvio/pvio_npipe.c
+++ b/libmariadb/plugins/pvio/pvio_npipe.c
@@ -150,19 +150,38 @@ static BOOL complete_io(HANDLE file, OVERLAPPED *ov, BOOL ret, DWORD timeout, DW
   return GetOverlappedResult(file, ov, size, FALSE);
 }
 
+/*
+  Disable posting IO completion event to the port.
+  Handle can be bound to IOCP outside of the connector for other purposes
+  (e.g polling functionality)
+*/
+
+static inline void disable_iocp_notification(HANDLE *h)
+{
+  *h= (HANDLE) ((ULONG_PTR) *h | 1);
+}
+
+static inline void enable_iocp_notification(HANDLE *h)
+{
+  *h= (HANDLE) ((ULONG_PTR) *h & ~1);
+}
+
 ssize_t pvio_npipe_read(MARIADB_PVIO *pvio, uchar *buffer, size_t length)
 {
   BOOL ret;
   ssize_t r= -1;
   struct st_pvio_npipe *cpipe= NULL;
   DWORD size;
+  HANDLE *h;
 
   if (!pvio || !pvio->data)
     return -1;
 
   cpipe= (struct st_pvio_npipe *)pvio->data;
-
+  h= &cpipe->overlapped.hEvent;
+  disable_iocp_notification(h);
   ret= ReadFile(cpipe->pipe, buffer, (DWORD)length, NULL, &cpipe->overlapped);
+  enable_iocp_notification(h);
   ret= complete_io(cpipe->pipe, &cpipe->overlapped, ret, pvio->timeout[PVIO_READ_TIMEOUT], &size);
   r= ret? (ssize_t) size:-1;
 
@@ -175,13 +194,15 @@ ssize_t pvio_npipe_write(MARIADB_PVIO *pvio, const uchar *buffer, size_t length)
   struct st_pvio_npipe *cpipe= NULL;
   BOOL ret;
   DWORD size;
-
+  HANDLE *h;
   if (!pvio || !pvio->data)
     return -1;
 
   cpipe= (struct st_pvio_npipe *)pvio->data;
-
+  h= &cpipe->overlapped.hEvent;
+  disable_iocp_notification(h);
   ret= WriteFile(cpipe->pipe, buffer, (DWORD)length, NULL , &cpipe->overlapped);
+  enable_iocp_notification(h);
   ret= complete_io(cpipe->pipe, &cpipe->overlapped, ret, pvio->timeout[PVIO_WRITE_TIMEOUT], &size);
   r= ret ? (ssize_t)size : -1;
   return r;
diff --git a/libmariadb/unittest/libmariadb/charset.c b/libmariadb/unittest/libmariadb/charset.c
index b438f8d9..4d17731f 100644
--- a/libmariadb/unittest/libmariadb/charset.c
+++ b/libmariadb/unittest/libmariadb/charset.c
@@ -47,6 +47,9 @@ int bug_8378(MYSQL *mysql) {
   MYSQL_RES *res;
   MYSQL_ROW row;
 
+  /* MXS-4898: MaxScale sends utf8mb4 in handshake OK packet */
+  SKIP_MAXSCALE;
+
   len= mysql_real_escape_string(mysql, out, TEST_BUG8378_IN, 4);
   FAIL_IF(memcmp(out, TEST_BUG8378_OUT, len), "wrong result");
 
diff --git a/libmariadb/unittest/libmariadb/connection.c b/libmariadb/unittest/libmariadb/connection.c
index 517bc538..fa232cad 100644
--- a/libmariadb/unittest/libmariadb/connection.c
+++ b/libmariadb/unittest/libmariadb/connection.c
@@ -1222,6 +1222,9 @@ static int test_mdev13100(MYSQL *my __attribute__((unused)))
   int rc;
   FILE *fp;
 
+  /* MXS-4898: MaxScale sends utf8mb4 in handshake OK packet */
+  SKIP_MAXSCALE;
+
   if (!(fp= fopen("./mdev13100.cnf", "w")))
     return FAIL;
 
@@ -1240,6 +1243,7 @@ static int test_mdev13100(MYSQL *my __attribute__((unused)))
     diag("Error: %s", mysql_error(mysql));
     return FAIL;
   }
+  diag("Default charset: %s", mysql_character_set_name(mysql));
   FAIL_IF(strcmp("latin2", mysql_character_set_name(mysql)), "Expected charset latin2");
   mysql_close(mysql);
 
@@ -2190,6 +2194,7 @@ void my_status_callback(void *ptr, enum enum_mariadb_status_info type, ...)
         {
           MARIADB_CONST_STRING *str= va_arg(ap, MARIADB_CONST_STRING *);
           strncpy(data->database, str->str, str->length);
+          data->database[str->length]= 0;
         }
         break;
       case SESSION_TRACK_SYSTEM_VARIABLES:
@@ -2200,6 +2205,7 @@ void my_status_callback(void *ptr, enum enum_mariadb_status_info type, ...)
           if (!strncmp(key->str, "character_set_client", key->length))
           {
             strncpy(data->charset, val->str, val->length);
+            data->charset[val->length]= 0;
           }
         }
         break;
diff --git a/libmysqld/CMakeLists.txt b/libmysqld/CMakeLists.txt
index 04cc2159..63cdd03e 100644
--- a/libmysqld/CMakeLists.txt
+++ b/libmysqld/CMakeLists.txt
@@ -23,7 +23,7 @@ ${CMAKE_SOURCE_DIR}/libmysqld
 ${CMAKE_SOURCE_DIR}/sql
 ${CMAKE_SOURCE_DIR}/tpool
 ${CMAKE_BINARY_DIR}/sql 
-${PCRE_INCLUDES}
+${PCRE_INCLUDE_DIRS}
 ${LIBFMT_INCLUDE_DIR}
 ${ZLIB_INCLUDE_DIR}
 ${SSL_INCLUDE_DIRS}
diff --git a/libmysqld/examples/CMakeLists.txt b/libmysqld/examples/CMakeLists.txt
index 2a10def8..d6646a12 100644
--- a/libmysqld/examples/CMakeLists.txt
+++ b/libmysqld/examples/CMakeLists.txt
@@ -15,7 +15,7 @@
 
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
                     ${CMAKE_SOURCE_DIR}/libmysqld/include
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${CMAKE_SOURCE_DIR}/sql
                     ${MY_READLINE_INCLUDE_DIR}
                     )
diff --git a/libmysqld/lib_sql.cc b/libmysqld/lib_sql.cc
index d4edd242..0be844fb 100644
--- a/libmysqld/lib_sql.cc
+++ b/libmysqld/lib_sql.cc
@@ -459,6 +459,7 @@ static int emb_read_change_user_result(MYSQL *mysql)
   return mysql_errno(mysql) ? (int)packet_error : 1 /* length of the OK packet */;
 }
 
+
 static void emb_on_close_free(MYSQL *mysql)
 {
   my_free(mysql->info_buffer);
@@ -470,6 +471,7 @@ static void emb_on_close_free(MYSQL *mysql)
   }
 }
 
+
 MYSQL_METHODS embedded_methods= 
 {
   emb_read_query_result,
@@ -632,8 +634,6 @@ int init_embedded_server(int argc, char **argv, char **groups)
     udf_init();
 #endif
 
-  (void) thr_setconcurrency(concurrency);	// 10 by default
-
   if (flush_time && flush_time != ~(ulong) 0L)
     start_handle_manager();
 
@@ -705,8 +705,7 @@ void *create_embedded_thd(ulong client_flag)
 
   if (thd->variables.max_join_size == HA_POS_ERROR)
     thd->variables.option_bits |= OPTION_BIG_SELECTS;
-  thd->proc_info=0;				// Remove 'login'
-  thd->set_command(COM_SLEEP);
+  thd->mark_connection_idle();
   thd->set_time();
   thd->init_for_queries();
   thd->client_capabilities= client_flag | MARIADB_CLIENT_EXTENDED_METADATA;
@@ -1446,4 +1445,3 @@ int vprint_msg_to_log(enum loglevel level __attribute__((unused)),
   }
   return 0;
 }
-
diff --git a/libmysqld/libmysql.c b/libmysqld/libmysql.c
index 7f55b0c2..07926763 100644
--- a/libmysqld/libmysql.c
+++ b/libmysqld/libmysql.c
@@ -3229,7 +3229,8 @@ static void fetch_string_with_conversion(MYSQL_BIND *param, char *value, size_t
   {
     longlong data= my_strtoll10(value, &endptr, &err);
     *param->error= (IS_TRUNCATED(data, param->is_unsigned,
-                                 INT_MIN32, INT_MAX32, UINT_MAX32) || err > 0);
+                                 (longlong) INT_MIN32, (longlong) INT_MAX32,
+                                 (longlong) UINT_MAX32) || err > 0);
     longstore(buffer, (int32) data);
     break;
   }
@@ -3346,7 +3347,8 @@ static void fetch_long_with_conversion(MYSQL_BIND *param, MYSQL_FIELD *field,
     break;
   case MYSQL_TYPE_LONG:
     *param->error= IS_TRUNCATED(value, param->is_unsigned,
-                                INT_MIN32, INT_MAX32, UINT_MAX32);
+                                (longlong) INT_MIN32, (longlong) INT_MAX32,
+                                (longlong) UINT_MAX32);
     longstore(buffer, (int32) value);
     break;
   case MYSQL_TYPE_LONGLONG:
diff --git a/mysql-test/README b/mysql-test/README
index ae1d6d56..ef9e07fa 100644
--- a/mysql-test/README
+++ b/mysql-test/README
@@ -84,8 +84,8 @@ edit the test result to the correct results so that we can verify that
 the bug is corrected in future releases.
 
 If you want to submit your test case you can send it
-to maria-developers@lists.launchpad.net or attach it to a bug report on
-https://mariadb.org/jira/.
+to developers@lists.mariadb.org or attach it to a bug report on
+http://mariadb.org/jira/.
 
 If the test case is really big or if it contains 'not public' data,
 then put your .test file and .result file(s) into a tar.gz archive,
diff --git a/mysql-test/include/delete_anonymous_users.inc b/mysql-test/include/delete_anonymous_users.inc
index 704e74ae..cc44a01f 100644
--- a/mysql-test/include/delete_anonymous_users.inc
+++ b/mysql-test/include/delete_anonymous_users.inc
@@ -1,7 +1,7 @@
 # Remove anonymous users added by add_anonymous_users.inc
 disable_warnings;
 disable_query_log;
-DELETE FROM mysql.user where host='localhost' and user='';
+DELETE FROM mysql.global_priv where host='localhost' and user='';
 FLUSH PRIVILEGES;
 enable_query_log;
 enable_warnings;
diff --git a/mysql-test/include/explain_non_select.inc b/mysql-test/include/explain_non_select.inc
index bd0962d3..bab76ffb 100644
--- a/mysql-test/include/explain_non_select.inc
+++ b/mysql-test/include/explain_non_select.inc
@@ -306,6 +306,19 @@ INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
 --source include/explain_utils.inc
 DROP TABLE t1;
 
+--echo #30a
+--echo #
+--echo # MDEV-32957 Unusable key notes report wrong predicates for > and >=
+--echo #
+CREATE TABLE t1(a INT, i CHAR(2), INDEX(i(1)));
+INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
+                          (20),(21),(22),(23),(24),(25),(26),(27),(28),(29),
+                          (30),(31),(32),(33),(34),(35);
+--let $query =  DELETE   FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5
+--let $select = SELECT * FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5
+--source include/explain_utils.inc
+DROP TABLE t1;
+
 --echo #31
 CREATE TABLE t1 (i INT);
 INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
diff --git a/mysql-test/include/galera_sst_method.combinations b/mysql-test/include/galera_sst_method.combinations
new file mode 100644
index 00000000..14b6172e
--- /dev/null
+++ b/mysql-test/include/galera_sst_method.combinations
@@ -0,0 +1,5 @@
+[rsync]
+wsrep-sst-method=rsync
+
+[mariabackup]
+wsrep_sst_method=mariabackup
diff --git a/mysql-test/include/galera_sst_method.inc b/mysql-test/include/galera_sst_method.inc
new file mode 100644
index 00000000..99dd3453
--- /dev/null
+++ b/mysql-test/include/galera_sst_method.inc
@@ -0,0 +1,4 @@
+# The goal of including this file is to enable galera_sst_method combinations
+# (see include/galera_sst_method.combinations)
+
+--source include/have_innodb.inc
diff --git a/mysql-test/include/have_normal_bzip.inc b/mysql-test/include/have_normal_zlib.inc
index 36c06274..a4531e68 100644
--- a/mysql-test/include/have_normal_bzip.inc
+++ b/mysql-test/include/have_normal_zlib.inc
@@ -1,9 +1,9 @@
 --source include/have_compress.inc
 
-# Test that the system is using the default/standard bzip library.
+# Test that the system is using the default/standard zlib library.
 # If not, we have to skip the test as the compression lengths displayed
 # in the test will not match the results from used compression library.
 
 if (`select length(COMPRESS(space(5000))) != 33`) {
-   skip Test skipped as standard bzip is needed;
+   skip Test skipped as standard zlib is needed;
 }
diff --git a/mysql-test/include/innodb_stable_estimates.inc b/mysql-test/include/innodb_stable_estimates.inc
new file mode 100644
index 00000000..dc3bc4de
--- /dev/null
+++ b/mysql-test/include/innodb_stable_estimates.inc
@@ -0,0 +1,12 @@
+#
+# Include this file in your .test file if your testcase uses InnoDB tables
+# requiring stable query plans, which likely requires that InnoDB produces
+# stable estimates for #records in tables.
+#
+# How it works:
+# Unstable InnoDB estimates are caused by InnoDB's background statistics
+# collection. When you include this file, MTR will use server options from
+# include/innodb_stable_estimates.opt, which disables background statistics
+# collection.
+# (and no, InnoDB team objects to using this configuration for all MTR tests)
+#
diff --git a/mysql-test/include/innodb_stable_estimates.opt b/mysql-test/include/innodb_stable_estimates.opt
new file mode 100644
index 00000000..896950f4
--- /dev/null
+++ b/mysql-test/include/innodb_stable_estimates.opt
@@ -0,0 +1 @@
+--innodb_stats_auto_recalc=0
diff --git a/mysql-test/include/read_head.inc b/mysql-test/include/read_head.inc
new file mode 100644
index 00000000..98818d76
--- /dev/null
+++ b/mysql-test/include/read_head.inc
@@ -0,0 +1,30 @@
+# Purpose:
+#    Print first LINES_TO_READ from a file.
+#    The environment variables SEARCH_FILE and LINES_TO_READ must be set
+#    before sourcing this routine.
+# Use:
+#    When the test is slow ( example because of ASAN build) then it
+#    may not flush the lines when 'cat' command is called and the
+#    test could fail with missing lines. Hence this can be used to
+#    to print first N lines.
+#
+
+perl;
+
+use strict;
+
+my $search_file = $ENV{SEARCH_FILE} or die "SEARCH_FILE not set";
+my $lines_to_read = $ENV{LINES_TO_READ} or die "LINES_TO_READ not set";
+
+open(FILE, '<', $search_file) or die "Can't open file $search_file: $!";
+
+my $line_count = 0;
+while ($line_count < $lines_to_read and my $line = <FILE>)
+{
+    print $line;
+    $line_count++;
+}
+
+close(FILE);
+
+EOF
diff --git a/mysql-test/include/search_pattern_in_file.inc b/mysql-test/include/search_pattern_in_file.inc
index a899a929..3105f7f9 100644
--- a/mysql-test/include/search_pattern_in_file.inc
+++ b/mysql-test/include/search_pattern_in_file.inc
@@ -51,12 +51,15 @@
 # Created: 2011-11-11 mleich
 #
 
+--error 0,1
 perl;
     use strict;
     die "SEARCH_FILE not set" unless $ENV{SEARCH_FILE};
     my @search_files= glob($ENV{SEARCH_FILE});
     my $search_pattern= $ENV{SEARCH_PATTERN} or die "SEARCH_PATTERN not set";
     my $search_range=   $ENV{SEARCH_RANGE};
+    my $silent=         $ENV{SEARCH_SILENT};
+    my $search_result= 0;
     my $content;
     foreach my $search_file (@search_files) {
         open(FILE, '<', $search_file) || die("Can't open file $search_file: $!");
@@ -89,16 +92,39 @@ perl;
     {
       @matches=($content =~ /$search_pattern/gm);
     }
-    my $res=@matches ? "FOUND " . scalar(@matches) : "NOT FOUND";
+    my $res;
+    if (@matches)
+    {
+        $res="FOUND " . scalar(@matches);
+        $search_result= 1;
+    }
+    else
+    {
+        $res= "NOT FOUND";
+    }
     $ENV{SEARCH_FILE} =~ s{^.*?([^/\\]+)$}{$1};
 
-    if ($ENV{SEARCH_OUTPUT} eq "matches") {
-      foreach (@matches) {
-        print $_ . "\n";
-      }
-    } else {
-      print "$res /$search_pattern/ in $ENV{SEARCH_FILE}\n";
+    if (!$silent || $search_result)
+    {
+        if ($ENV{SEARCH_OUTPUT} eq "matches")
+        {
+            foreach (@matches)
+            {
+                print $_ . "\n";
+            }
+        }
+        else
+        {
+            print "$res /$search_pattern/ in $ENV{SEARCH_FILE}\n";
+        }
     }
     die "$ENV{SEARCH_ABORT}\n"
       if $ENV{SEARCH_ABORT} && $res =~ /^$ENV{SEARCH_ABORT}/;
+   exit($search_result != 1);
 EOF
+
+let $SEARCH_RESULT= 1;          # Found pattern
+if ($errno)
+{
+    let $SEARCH_RESULT= 0;      # Did not find pattern
+}
diff --git a/mysql-test/include/wait_for_pattern_in_file.inc b/mysql-test/include/wait_for_pattern_in_file.inc
new file mode 100644
index 00000000..52226acd
--- /dev/null
+++ b/mysql-test/include/wait_for_pattern_in_file.inc
@@ -0,0 +1,56 @@
+# ==== Purpose ====
+#
+# Waits until pattern comes into log file or until a timeout is reached.
+# This is a timeout wrapper for search_pattern_in_file.inc
+#
+#
+# ==== Usage ====
+#
+# [--let $timeout= NUMBER in seconds]
+# For other parameters, check search_pattern_in_file.inc
+
+--let $wait_save_keep_include_silent=$keep_include_silent
+--let $include_filename= wait_for_pattern_in_file.inc
+--source include/begin_include_file.inc
+--let $keep_include_silent= 1
+
+let $_timeout= $timeout;
+if (!$_timeout)
+{
+  let $_timeout= 10;
+  if ($VALGRIND_TEST)
+  {
+    let $_timeout= 30;
+  }
+}
+
+let $_timeout_counter=`SELECT $_timeout * 10`;
+let SEARCH_SILENT=1;
+
+let $_continue= 1;
+while ($_continue)
+{
+  source include/search_pattern_in_file.inc;
+  if ($SEARCH_RESULT)
+  {
+    # Found match
+    let $_continue= 0;
+  }
+  if (!$SEARCH_RESULT)
+  {
+    dec $_timeout_counter;
+    if ($_timeout_counter == 1)
+    {
+      let $SEARCH_SILENT= 0;
+    }
+    if (!$_timeout_counter)
+    {
+        let $_continue= 0;
+    }
+  }
+}
+
+let SEARCH_SILENT=0;
+
+--source include/end_include_file.inc
+--let $keep_include_silent=$wait_save_keep_include_silent
diff --git a/mysql-test/include/wait_for_slave_io_error.inc b/mysql-test/include/wait_for_slave_io_error.inc
index 96844106..15859430 100644
--- a/mysql-test/include/wait_for_slave_io_error.inc
+++ b/mysql-test/include/wait_for_slave_io_error.inc
@@ -59,7 +59,7 @@ let $_wfsie_errno= query_get_value(SHOW SLAVE STATUS, Last_IO_Errno, 1);
 
 if ($slave_io_errno == '') {
   --echo !!!ERROR IN TEST: you must set \$slave_io_errno before you source
-  --echo !!!wait_for_slave_sql_error.inc. The error we got this time was '$_wfsie_errno',
+  --echo !!!wait_for_slave_io_error.inc. The error we got this time was '$_wfsie_errno',
   --echo !!!so you probably want to add the following line to your test case:
   --echo !!!  --let \$slave_io_errno= $_wfsie_errno
   --die !!!ERROR IN TEST: you must set \$slave_io_errno before sourcing wait_for_slave_io_error.inc
diff --git a/mysql-test/include/wait_for_slave_io_to_stop.inc b/mysql-test/include/wait_for_slave_io_to_stop.inc
index d25c2ac0..760e032e 100644
--- a/mysql-test/include/wait_for_slave_io_to_stop.inc
+++ b/mysql-test/include/wait_for_slave_io_to_stop.inc
@@ -21,6 +21,17 @@
 #   $slave_timeout
 #     See include/wait_for_slave_param.inc.
 #
+#   $rpl_allow_error
+#     By default, this file fails if there is an error in the IO
+#     thread. However, if an error in the IO thread is possible and allowed,
+#     setting $rpl_allow_error=1 will prevent this file from failing if
+#     there is an error in the IO thread.
+#     (If an error is _always_ expected, a better alternative might be to
+#     use wait_for_slave_io_error.inc instead of this file).
+#     Note: This is currently always enabled, since a simple STOP SLAVE
+#     IO_THREAD can cause an error if it interrupts the slave's initial
+#     communication with the master (MDEV-32892).
+#
 #   $rpl_debug
 #     See include/rpl_init.inc
 
@@ -31,9 +42,15 @@
 
 --let $slave_param= Slave_IO_Running
 --let $slave_param_value= No
---let $slave_error_param= Last_IO_Errno
+--let $_io_stop_save_allow_error= $slave_error_param
+# Disabled, as IO errors are left behind when a normal STOP SLAVE interrupts
+# the initial communication between the IO thread and the master (MDEV-32892).
+#if (!$rpl_allow_error)
+#{
+#  --let $slave_error_param= Last_IO_Errno
+#}
 --source include/wait_for_slave_param.inc
---let $slave_error_param=
+--let $slave_error_param= $_io_stop_save_allow_error
 
 
 --let $include_filename= wait_for_slave_io_to_stop.inc
diff --git a/mysql-test/include/wait_for_slave_param.inc b/mysql-test/include/wait_for_slave_param.inc
index b06dee3c..ed81c559 100644
--- a/mysql-test/include/wait_for_slave_param.inc
+++ b/mysql-test/include/wait_for_slave_param.inc
@@ -35,7 +35,7 @@
 # $slave_error_param
 #   If set, this script will check if the column of the output from
 #   SHOW SLAVE STATUS named $slave_error_param is nonzero.  If it is,
-#   this script will faile immediately.  Typically, this should be set
+#   this script will fail immediately.  Typically, this should be set
 #   to Last_IO_Errno or Last_SQL_Errno.
 #
 # $rpl_debug
@@ -56,11 +56,6 @@ if (!$_slave_timeout)
   }
 }
 
-if ($slave_error_param == '')
-{
-  --let $slave_error_param= 1
-}
-
 let $_slave_param_comparison= $slave_param_comparison;
 if (!$_slave_param_comparison)
 {
@@ -90,7 +85,7 @@ while ($_slave_continue)
   --let $_show_slave_status_value= query_get_value("SHOW SLAVE STATUS", $slave_param, 1)
 
   # Check if an error condition is reached.
-  if (!$slave_error_param)
+  if ($slave_error_param)
   {
     --let $_show_slave_status_error_value= query_get_value("SHOW SLAVE STATUS", $slave_error_param, 1)
     if ($_show_slave_status_error_value)
diff --git a/mysql-test/include/wait_for_slave_sql_to_stop.inc b/mysql-test/include/wait_for_slave_sql_to_stop.inc
index 492b3237..0a05464c 100644
--- a/mysql-test/include/wait_for_slave_sql_to_stop.inc
+++ b/mysql-test/include/wait_for_slave_sql_to_stop.inc
@@ -21,6 +21,14 @@
 #   $slave_timeout
 #     See include/wait_for_slave_param.inc
 #
+#   $rpl_allow_error
+#     By default, this file fails if there is an error in the SQL
+#     thread. However, if an error in the SQL thread is possible and allowed,
+#     setting $rpl_allow_error=1 will prevent this file from failing if
+#     there is an error in the SQL thread.
+#     (If an error is _always_ expected, a better alternative might be to
+#     use wait_for_slave_sql_error.inc instead of this file).
+#
 #   $rpl_debug
 #     See include/rpl_init.inc
 
@@ -31,7 +39,10 @@
 
 --let $slave_param= Slave_SQL_Running
 --let $slave_param_value= No
---let $slave_error_param= Last_SQL_Errno
+if (!$rpl_allow_error)
+{
+  --let $slave_error_param= Last_SQL_Errno
+}
 --source include/wait_for_slave_param.inc
 --let $slave_error_param= 
 
diff --git a/mysql-test/lib/mtr_cases.pm b/mysql-test/lib/mtr_cases.pm
index 41d943e3..c7271757 100644
--- a/mysql-test/lib/mtr_cases.pm
+++ b/mysql-test/lib/mtr_cases.pm
@@ -892,6 +892,12 @@ sub collect_one_test_case {
   }
   my @no_combs = grep { $test_combs{$_} == 1 } keys %test_combs;
   if (@no_combs) {
+    if ($::opt_skip_not_found) {
+      push @{$tinfo->{combinations}}, @no_combs;
+      $tinfo->{'skip'}= 1;
+      $tinfo->{'comment'}= "combination not found";
+      return $tinfo;
+    }
     mtr_error("Could not run $name with '".(
         join(',', sort @no_combs))."' combination(s)");
   }
diff --git a/mysql-test/main/alter_table.result b/mysql-test/main/alter_table.result
index 7b9eab3f..2e7047f3 100644
--- a/mysql-test/main/alter_table.result
+++ b/mysql-test/main/alter_table.result
@@ -1999,8 +1999,7 @@ ALTER TABLE ti1 DROP FOREIGN KEY fi1;
 affected rows: 0
 info: Records: 0  Duplicates: 0  Warnings: 0
 ALTER TABLE tm1 DROP FOREIGN KEY fm1;
-affected rows: 2
-info: Records: 2  Duplicates: 0  Warnings: 0
+ERROR 42000: Can't DROP FOREIGN KEY `fm1`; check that it exists
 ALTER TABLE ti1 RENAME TO ti3;
 affected rows: 0
 ALTER TABLE tm1 RENAME TO tm3;
diff --git a/mysql-test/main/alter_table.test b/mysql-test/main/alter_table.test
index c6aba3fd..17d71d8e 100644
--- a/mysql-test/main/alter_table.test
+++ b/mysql-test/main/alter_table.test
@@ -1696,6 +1696,7 @@ ALTER TABLE ti1 DROP PRIMARY KEY;
 ALTER TABLE tm1 DROP PRIMARY KEY;
 
 ALTER TABLE ti1 DROP FOREIGN KEY fi1;
+--error ER_CANT_DROP_FIELD_OR_KEY
 ALTER TABLE tm1 DROP FOREIGN KEY fm1;
 
 ALTER TABLE ti1 RENAME TO ti3;
diff --git a/mysql-test/main/backup_interaction.result b/mysql-test/main/backup_interaction.result
index a6fe7cf4..c775c5eb 100644
--- a/mysql-test/main/backup_interaction.result
+++ b/mysql-test/main/backup_interaction.result
@@ -95,7 +95,7 @@ drop table t1;
 #
 # BACKUP STAGE performs implicit commits
 #
-create table t1(a int) engine=InnoDB;
+create table t1(a int) stats_persistent=0, engine=InnoDB;
 begin;
 insert into t1 values(1);
 select lock_mode from information_schema.metadata_lock_info where thread_id>0;
@@ -197,8 +197,9 @@ drop table t1;
 # CHECK: RO transaction under BACKUP STAGE is a potential deadlock
 # OTOH we most probably allow them under FTWRL as well
 #
-CREATE TABLE t1 (col1 INT) ENGINE = InnoDB;
+CREATE TABLE t1 (col1 INT)stats_persistent=0, ENGINE = InnoDB;
 insert into t1 values (1);
+InnoDB		0 transactions not purged
 backup stage start;
 backup stage block_commit;
 begin;
diff --git a/mysql-test/main/backup_interaction.test b/mysql-test/main/backup_interaction.test
index c755bdf8..25f22f66 100644
--- a/mysql-test/main/backup_interaction.test
+++ b/mysql-test/main/backup_interaction.test
@@ -120,7 +120,7 @@ drop table t1;
 --echo # BACKUP STAGE performs implicit commits
 --echo #
 --disable_view_protocol
-create table t1(a int) engine=InnoDB;
+create table t1(a int) stats_persistent=0, engine=InnoDB;
 begin;
 insert into t1 values(1);
 select lock_mode from information_schema.metadata_lock_info where thread_id>0;
@@ -221,8 +221,9 @@ drop table t1;
 --echo # OTOH we most probably allow them under FTWRL as well
 --echo #
 --disable_view_protocol
-CREATE TABLE t1 (col1 INT) ENGINE = InnoDB;
+CREATE TABLE t1 (col1 INT)stats_persistent=0, ENGINE = InnoDB;
 insert into t1 values (1);
+--source ../suite/innodb/include/wait_all_purged.inc
 backup stage start;
 backup stage block_commit;
 begin;
diff --git a/mysql-test/main/backup_lock.result b/mysql-test/main/backup_lock.result
index 16806148..488e81fd 100644
--- a/mysql-test/main/backup_lock.result
+++ b/mysql-test/main/backup_lock.result
@@ -1,6 +1,7 @@
 #
 # Testing which locks we get from all stages
 #
+InnoDB		0 transactions not purged
 BACKUP STAGE START;
 SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info
 WHERE TABLE_NAME NOT LIKE 'innodb_%_stats';
@@ -34,7 +35,8 @@ connection default;
 #
 # testing if BACKUP STAGE FLUSH causes deadlocks with ALTER TABLE
 #
-create table t1 (a int) engine=innodb;
+create table t1 (a int) stats_persistent= 0, engine=innodb;
+InnoDB		0 transactions not purged
 connection con2;
 backup stage start;
 connection default;
@@ -104,7 +106,8 @@ drop table t1;
 #
 # testing if BACKUP STAGE FLUSH causes deadlocks with DROP TABLE
 #
-create table t1 (a int) engine=innodb;
+create table t1 (a int)stats_persistent=0, engine=innodb;
+InnoDB		0 transactions not purged
 start transaction;
 insert into t1 values (1);
 connection con1;
@@ -132,6 +135,7 @@ connection default;
 # Check if backup stage block_dll + concurrent drop table blocks select
 #
 create table t1 (a int) engine=innodb;
+InnoDB		0 transactions not purged
 backup stage start;
 backup stage block_ddl;
 connection con1;
diff --git a/mysql-test/main/backup_lock.test b/mysql-test/main/backup_lock.test
index 5453e5b0..f86f2f36 100644
--- a/mysql-test/main/backup_lock.test
+++ b/mysql-test/main/backup_lock.test
@@ -15,6 +15,8 @@
 let $mdl= LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info
 WHERE TABLE_NAME NOT LIKE 'innodb_%_stats';
 
+--source ../suite/innodb/include/wait_all_purged.inc
+
 BACKUP STAGE START;
 eval SELECT $mdl;
 BACKUP STAGE FLUSH;
@@ -39,7 +41,8 @@ connection default;
 --echo # testing if BACKUP STAGE FLUSH causes deadlocks with ALTER TABLE
 --echo #
 
-create table t1 (a int) engine=innodb;
+create table t1 (a int) stats_persistent= 0, engine=innodb;
+--source ../suite/innodb/include/wait_all_purged.inc
 
 connection con2;
 backup stage start;
@@ -129,7 +132,8 @@ drop table t1;
 --echo # testing if BACKUP STAGE FLUSH causes deadlocks with DROP TABLE
 --echo #
 
-create table t1 (a int) engine=innodb;
+create table t1 (a int)stats_persistent=0, engine=innodb;
+--source ../suite/innodb/include/wait_all_purged.inc
 start transaction;
 # Acquires MDL lock
 insert into t1 values (1);
@@ -165,6 +169,7 @@ connection default;
 --echo #
 
 create table t1 (a int) engine=innodb;
+--source ../suite/innodb/include/wait_all_purged.inc
 backup stage start;
 backup stage block_ddl;
 connection con1;
diff --git a/mysql-test/main/backup_locks.result b/mysql-test/main/backup_locks.result
index 31aed5f3..4d5de53c 100644
--- a/mysql-test/main/backup_locks.result
+++ b/mysql-test/main/backup_locks.result
@@ -23,7 +23,7 @@ BACKUP UNLOCK;
 #
 connect  con1,localhost,root,,;
 connection default;
-create table t1 (a int) engine=innodb;
+create table t1 (a int) stats_persistent=0,engine=innodb;
 insert into t1 values (1);
 backup lock t1;
 select * from t1;
@@ -184,5 +184,82 @@ ERROR HY000: Can't execute the query because you have a conflicting read lock
 BACKUP UNLOCK;
 DROP TABLE t3;
 #
+#  MDEV-28367: BACKUP LOCKS on table to be accessible to those
+#              with database LOCK TABLES privileges
+#
+create database db1;
+create table db1.t1(t int);
+create user user1@localhost;
+select user,host from mysql.user where user='user1';
+User	Host
+user1	localhost
+connect(localhost,user1,,db1,MASTER_PORT,MASTER_SOCKET);
+connect  con1, localhost, user1, ,db1;
+ERROR 42000: Access denied for user 'user1'@'localhost' to database 'db1'
+grant reload on *.* to user1@localhost;
+grant select on db1.* to user1@localhost;
+show grants for user1@localhost;
+Grants for user1@localhost
+GRANT RELOAD ON *.* TO `user1`@`localhost`
+GRANT SELECT ON `db1`.* TO `user1`@`localhost`
+connect  con1, localhost, user1, ,db1;
+BACKUP UNLOCK;
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+MDL_SHARED_HIGH_PRIO	Table metadata lock	db1	t1
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+connection default;
+disconnect con1;
+grant lock tables on db1.* to user1@localhost;
+show grants for user1@localhost;
+Grants for user1@localhost
+GRANT RELOAD ON *.* TO `user1`@`localhost`
+GRANT SELECT, LOCK TABLES ON `db1`.* TO `user1`@`localhost`
+connect  con1, localhost, user1, ,db1;
+BACKUP UNLOCK;
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+MDL_SHARED_HIGH_PRIO	Table metadata lock	db1	t1
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+connection default;
+disconnect con1;
+revoke reload on *.* from user1@localhost;
+show grants for user1@localhost;
+Grants for user1@localhost
+GRANT USAGE ON *.* TO `user1`@`localhost`
+GRANT SELECT, LOCK TABLES ON `db1`.* TO `user1`@`localhost`
+connect  con1, localhost, user1, ,db1;
+BACKUP UNLOCK;
+ERROR 42000: Access denied; you need (at least one of) the RELOAD, LOCK TABLES privilege(s) for this operation
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+MDL_SHARED_HIGH_PRIO	Table metadata lock	db1	t1
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
+connection default;
+disconnect con1;
+revoke lock tables on db1.* from user1@localhost;
+show grants for user1@localhost;
+Grants for user1@localhost
+GRANT USAGE ON *.* TO `user1`@`localhost`
+GRANT SELECT ON `db1`.* TO `user1`@`localhost`
+connect  con1, localhost, user1, ,db1;
+BACKUP LOCK db1.t1;
+ERROR 42000: Access denied; you need (at least one of) the RELOAD, LOCK TABLES privilege(s) for this operation
+BACKUP UNLOCK;
+ERROR 42000: Access denied; you need (at least one of) the RELOAD, LOCK TABLES privilege(s) for this operation
+connection default;
+disconnect con1;
+drop database db1;
+drop user user1@localhost;
+#
 # End of MariaDB 10.4 tests
 #
diff --git a/mysql-test/main/backup_locks.test b/mysql-test/main/backup_locks.test
index 2c2c226f..40f12bb7 100644
--- a/mysql-test/main/backup_locks.test
+++ b/mysql-test/main/backup_locks.test
@@ -29,7 +29,7 @@ BACKUP UNLOCK;
 connect (con1,localhost,root,,);
 
 connection default;
-create table t1 (a int) engine=innodb;
+create table t1 (a int) stats_persistent=0,engine=innodb;
 insert into t1 values (1);
 backup lock t1;
 select * from t1;
@@ -214,7 +214,78 @@ LOCK TABLES t3 AS a2 WRITE, t3 AS a1 READ LOCAL;
 DROP TABLE t3;
 BACKUP UNLOCK;
 DROP TABLE t3;
+--echo #
+--echo #  MDEV-28367: BACKUP LOCKS on table to be accessible to those
+--echo #              with database LOCK TABLES privileges
+--echo #
+
+--source include/have_metadata_lock_info.inc
+create database db1;
+create table db1.t1(t int);
+create user user1@localhost;
+select user,host from mysql.user where user='user1';
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_DBACCESS_DENIED_ERROR
+--connect (con1, localhost, user1, ,db1)
+
+grant reload on *.* to user1@localhost;
+# To access DB one need select privileges
+grant select on db1.* to user1@localhost;
+show grants for user1@localhost;
+--connect (con1, localhost, user1, ,db1)
+
+# This should work we have RELOAD privilege
+BACKUP UNLOCK;
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+
+# Add LOCK TABLES DB privileges (all privileges for BACKUP LOCK are there)
+connection default;
+disconnect con1;
+grant lock tables on db1.* to user1@localhost;
+show grants for user1@localhost;
+--connect (con1, localhost, user1, ,db1)
+# This should work we have RELOAD & LOCK privilege
+BACKUP UNLOCK;
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+
+# Remove reload privilege, leave only LOCK TABLES privilege
+connection default;
+disconnect con1;
+revoke reload on *.* from user1@localhost;
+show grants for user1@localhost;
+--connect (con1, localhost, user1, ,db1)
+# There is no reload priv needed for unlock and there is no mdl_backup_lock taken
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+BACKUP UNLOCK;
+# BACKUP LOCK should work, since we have LOCK privilege
+BACKUP LOCK db1.t1;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+# This works since there was taken mdl_backup_lock before
+BACKUP UNLOCK;
+SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info where table_name not like "innodb_%";
+
+# Remove LOCK TABLES privilege
+connection default;
+disconnect con1;
+revoke lock tables on db1.* from user1@localhost;
+show grants for user1@localhost;
+--connect (con1, localhost, user1, ,db1)
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+BACKUP LOCK db1.t1;
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
+BACKUP UNLOCK;
+
+connection default;
+disconnect con1;
 
+drop database db1;
+drop user user1@localhost;
 --echo #
 --echo # End of MariaDB 10.4 tests
 --echo #
diff --git a/mysql-test/main/backup_stages.result b/mysql-test/main/backup_stages.result
index 823e5d7e..3fb912af 100644
--- a/mysql-test/main/backup_stages.result
+++ b/mysql-test/main/backup_stages.result
@@ -17,6 +17,7 @@ FROM information_schema.processlist WHERE id = @con1_id;
 ID	USER	COMMAND	STATE	INFO	STAGE	MAX_STAGE	INFO_BINARY
 <con1_id>	root	Query	Waiting for backup lock	BACKUP STAGE START	0	0	BACKUP STAGE START
 BACKUP STAGE END;
+InnoDB		0 transactions not purged
 connection con1;
 # The connection default has removed the backup lock.
 # And so the current connection con1 can reap for its BACKUP STAGE START
diff --git a/mysql-test/main/backup_stages.test b/mysql-test/main/backup_stages.test
index 77d410b6..56be6205 100644
--- a/mysql-test/main/backup_stages.test
+++ b/mysql-test/main/backup_stages.test
@@ -50,6 +50,7 @@ FROM information_schema.processlist WHERE id = @con1_id;
 # con1 uses @@global.lock_wait_timeout
 
 BACKUP STAGE END;
+--source ../suite/innodb/include/wait_all_purged.inc
 
 --connection con1
 --echo # The connection default has removed the backup lock.
diff --git a/mysql-test/main/cast.result b/mysql-test/main/cast.result
index 4f48e9e0..81ac3f3e 100644
--- a/mysql-test/main/cast.result
+++ b/mysql-test/main/cast.result
@@ -814,7 +814,7 @@ show create table t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
   `a` int(11) DEFAULT NULL,
-  `b` char(5) GENERATED ALWAYS AS (cast('a' as char(10) charset latin1) + `a`) VIRTUAL
+  `b` char(5) GENERATED ALWAYS AS (cast('a' as char(10) charset latin1 binary) + `a`) VIRTUAL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 select collation(cast("a" as char(10) binary));
diff --git a/mysql-test/main/cast.test b/mysql-test/main/cast.test
index 478c59a5..5a0f87be 100644
--- a/mysql-test/main/cast.test
+++ b/mysql-test/main/cast.test
@@ -158,10 +158,9 @@ select cast(1 as double(64,63));
 #
 set names binary;
 select cast(_latin1'test' as char character set latin2);
-#enable after MDEV-32461 fix
---disable_view_protocol
+--disable_service_connection
 select cast(_koi8r'ÔÅÓÔ' as char character set cp1251);
---enable_view_protocol
+--enable_service_connection
 create table t1 select cast(_koi8r'ÔÅÓÔ' as char character set cp1251) as t;
 show create table t1;
 drop table t1;
@@ -169,8 +168,7 @@ drop table t1;
 #
 # CAST to CHAR with/without length
 #
-#enable after MDEV-32461 fix
---disable_view_protocol
+--disable_service_connection
 select
   cast(_latin1'ab'  AS char)    as c1,
   cast(_latin1'a '  AS char)    as c2,
@@ -178,7 +176,7 @@ select
   cast(_latin1'a  ' AS char(2)) as c4,
   hex(cast(_latin1'a'   AS char(2))) as c5;
 select cast(1000 as CHAR(3));
---enable_view_protocol
+--enable_service_connection
 
 SET STATEMENT sql_mode = 'NO_ENGINE_SUBSTITUTION' FOR
 create table t1 select
@@ -239,15 +237,14 @@ select cast("1:2:3" as TIME) = "1:02:03";
 #
 CREATE TABLE t1 (a enum ('aac','aab','aaa') not null);
 INSERT INTO t1 VALUES ('aaa'),('aab'),('aac');
-#enable after MDEV-32461 fix
---disable_view_protocol
+--disable_service_connection
 # these two should be in enum order
 SELECT a, CAST(a AS CHAR) FROM t1 ORDER BY CAST(a AS UNSIGNED) ;
 SELECT a, CAST(a AS CHAR(3)) FROM t1 ORDER BY CAST(a AS CHAR(2)), a;
 # these two should be in alphabetic order
 SELECT a, CAST(a AS UNSIGNED) FROM t1 ORDER BY CAST(a AS CHAR) ;
 SELECT a, CAST(a AS CHAR(2)) FROM t1 ORDER BY CAST(a AS CHAR(3)), a;
---enable_view_protocol
+--enable_service_connection
 DROP TABLE t1;
 
 #
@@ -349,12 +346,11 @@ select cast(NULL as decimal(6)) as t1;
 # Bug #17903: cast to char results in binary
 #
 set names latin1;
-#enable after MDEV-32461 fix
---disable_view_protocol
+--disable_service_connection
 select hex(cast('a' as char(2) binary));
 select hex(cast('a' as binary(2)));
 select hex(cast('a' as char(2) binary));
---enable_view_protocol
+--enable_service_connection
 
 #
 # Bug#29898: Item_date_typecast::val_int doesn't reset the null_value flag.
@@ -484,14 +480,13 @@ drop table t1;
 #
 # CAST (... BINARY)
 #
-#enable after MDEV-32461 fix
---disable_view_protocol
+--disable_service_connection
 select collation(cast("a" as char(10) binary));
 select collation(cast("a" as char(10) charset utf8 binary));
 select collation(cast("a" as char(10) ascii binary));
 select collation(cast("a" as char(10) binary charset utf8));
 select collation(cast("a" as char(10) binary ascii));
---enable_view_protocol
+--enable_service_connection
 
 --echo #
 --echo # MDEV-11030 Assertion `precision > 0' failed in decimal_bin_size
@@ -773,10 +768,7 @@ INSERT INTO t1 VALUES (-1.0);
 SELECT * FROM t1;
 DROP TABLE t1;
 
-#enable after MDEV-32461 fix
---disable_view_protocol
 SELECT CAST(-1e0 AS UNSIGNED);
---enable_view_protocol
 CREATE TABLE t1 (a BIGINT UNSIGNED);
 INSERT INTO t1 VALUES (-1e0);
 SELECT * FROM t1;
diff --git a/mysql-test/main/change_user.result b/mysql-test/main/change_user.result
index fa934fbf..c91522dc 100644
--- a/mysql-test/main/change_user.result
+++ b/mysql-test/main/change_user.result
@@ -1,4 +1,6 @@
 set global secure_auth=0;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 create user test_nopw;
 grant select on test.* to test_nopw;
 create user test_oldpw identified by password "09301740536db389";
@@ -90,6 +92,8 @@ NULL
 FLUSH STATUS;
 Value of com_select did not change
 set global secure_auth=default;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 set timestamp=unix_timestamp('2010-10-10 10:10:10');
 select now();
 now()
diff --git a/mysql-test/main/column_compression.test b/mysql-test/main/column_compression.test
index 642399be..5fa8192d 100644
--- a/mysql-test/main/column_compression.test
+++ b/mysql-test/main/column_compression.test
@@ -1,6 +1,6 @@
 --source include/have_innodb.inc
 --source include/have_csv.inc
---source include/have_normal_bzip.inc
+--source include/have_normal_zlib.inc
 
 let $MYSQLD_DATADIR= `select @@datadir`;
 
diff --git a/mysql-test/main/column_compression_rpl.test b/mysql-test/main/column_compression_rpl.test
index df8e8890..18992f33 100644
--- a/mysql-test/main/column_compression_rpl.test
+++ b/mysql-test/main/column_compression_rpl.test
@@ -1,6 +1,6 @@
 --source include/have_innodb.inc
+--source include/have_normal_zlib.inc
 --source include/master-slave.inc
---source include/have_normal_bzip.inc
 
 --let $engine_type= myisam
 --let $engine_type2= innodb
diff --git a/mysql-test/main/connect.result b/mysql-test/main/connect.result
index 74387168..6642b8a1 100644
--- a/mysql-test/main/connect.result
+++ b/mysql-test/main/connect.result
@@ -1,4 +1,6 @@
 SET global secure_auth=0;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 connect  con1,localhost,root,,mysql;
 show tables;
 Tables_in_mysql
@@ -412,6 +414,8 @@ test
 test
 drop procedure p1;
 SET global secure_auth=default;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 #
 # MDEV-19282: Log more specific warning with log_warnings=2 if
 # connection is aborted prior to authentication
diff --git a/mysql-test/main/create_or_replace.result b/mysql-test/main/create_or_replace.result
index 4e96af97..4bc0afe9 100644
--- a/mysql-test/main/create_or_replace.result
+++ b/mysql-test/main/create_or_replace.result
@@ -260,6 +260,7 @@ Note	1051	Unknown table 'test.t1,mysqltest2.t2'
 create table test.t1 (i int) engine=myisam;
 create table mysqltest2.t2 like test.t1;
 lock table test.t1 write, mysqltest2.t2 write;
+InnoDB		0 transactions not purged
 select * from information_schema.metadata_lock_info;
 THREAD_ID	LOCK_MODE	LOCK_DURATION	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
 #	MDL_BACKUP_DDL	NULL	Backup lock		
diff --git a/mysql-test/main/create_or_replace.test b/mysql-test/main/create_or_replace.test
index 05c5d25b..7c83f3e2 100644
--- a/mysql-test/main/create_or_replace.test
+++ b/mysql-test/main/create_or_replace.test
@@ -216,6 +216,7 @@ drop table if exists test.t1,mysqltest2.t2;
 create table test.t1 (i int) engine=myisam;
 create table mysqltest2.t2 like test.t1;
 lock table test.t1 write, mysqltest2.t2 write;
+--source ../suite/innodb/include/wait_all_purged.inc
 --replace_column 1 #
 --sorted_result
 select * from information_schema.metadata_lock_info;
diff --git a/mysql-test/main/cte_nonrecursive.result b/mysql-test/main/cte_nonrecursive.result
index f7871d4f..67a38ce0 100644
--- a/mysql-test/main/cte_nonrecursive.result
+++ b/mysql-test/main/cte_nonrecursive.result
@@ -2339,4 +2339,342 @@ set sql_mode="oracle";
 with data as (select 1 as id)
 select id into @myid from data;
 set sql_mode= @save_sql_mode;
+#
+# MDEV-31995 Bogus error executing PS for query using CTE with renaming of columns
+#
+create table t1 (a int, b int);
+insert into t1 values (1,1),(1,2),(1,3),(2,1),(2,2);
+create table t2 (a int, b int);
+insert into t2 values (3,1),(3,2),(3,3),(4,1),(4,2);
+with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 group by col1)
+select * from cte;
+c1	c2
+1	6
+2	3
+prepare st from "with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 group by col1)
+select * from cte";
+execute st;
+c1	c2
+1	6
+2	3
+execute st;
+c1	c2
+1	6
+2	3
+drop prepare st;
+create procedure sp() with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 group by col1)
+select * from cte;
+call sp();
+c1	c2
+1	6
+2	3
+call sp();
+c1	c2
+1	6
+2	3
+drop procedure sp;
+with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 order by col1)
+select * from cte;
+c1	c2
+1	9
+prepare st from "with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 order by col1)
+select * from cte";
+execute st;
+c1	c2
+1	9
+execute st;
+c1	c2
+1	9
+drop prepare st;
+create procedure sp() with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 order by col1)
+select * from cte;
+call sp();
+c1	c2
+1	9
+call sp();
+c1	c2
+1	9
+drop procedure sp;
+with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 where a > 1 group by col1
+union select a as col3, sum(b) as col4 from t2 where b > 2 group by col3),
+cte2 (c3, c4) as
+(select a as col5, sum(b) as col6 from t1 where a <= 1 group by col5
+union select a as col7, sum(b) as col8 from t2 where b <= 2 group by col7)
+select * from cte where c1=1 union select * from cte2 where c3=3;
+c1	c2
+3	3
+prepare st from "with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 where a > 1 group by col1
+union select a as col3, sum(b) as col4 from t2 where b > 2 group by col3),
+cte2 (c3, c4) as
+(select a as col5, sum(b) as col6 from t1 where a <= 1 group by col5
+union select a as col7, sum(b) as col8 from t2 where b <= 2 group by col7)
+select * from cte where c1=1 union select * from cte2 where c3=3";
+execute st;
+c1	c2
+3	3
+execute st;
+c1	c2
+3	3
+drop prepare st;
+create procedure sp() with cte (c1,c2) as
+(select a as col1, sum(b) as col2 from t1 where a > 1 group by col1
+union select a as col3, sum(b) as col4 from t2 where b > 2 group by col3),
+cte2 (c3, c4) as
+(select a as col5, sum(b) as col6 from t1 where a <= 1 group by col5
+union select a as col7, sum(b) as col8 from t2 where b <= 2 group by col7)
+select * from cte where c1=1 union select * from cte2 where c3=3;
+call sp();
+c1	c2
+3	3
+call sp();
+c1	c2
+3	3
+drop procedure sp;
+with cte (c1,c2) as (select * from t1)
+select cte.c1+1 as col1 , cte.c2 as col2 from cte where cte.c1  > 1
+union
+select cte.c1 as col3, cte.c2+1 as col4 from cte where cte.c1 < 0;
+col1	col2
+3	1
+3	2
+prepare st from "with cte (c1,c2) as (select * from t1)
+select cte.c1+1 as col1 , cte.c2 as col2 from cte where cte.c1  > 1
+union
+select cte.c1 as col3, cte.c2+1 as col4 from cte where cte.c1 < 0";
+execute st;
+col1	col2
+3	1
+3	2
+execute st;
+col1	col2
+3	1
+3	2
+save this to the end to test errors >drop prepare st;
+create procedure sp() with cte (c1,c2) as (select * from t1)
+select cte.c1+1 as col1 , cte.c2 as col2 from cte where cte.c1  > 1
+union
+select cte.c1 as col3, cte.c2+1 as col4 from cte where cte.c1 < 0;
+call sp();
+col1	col2
+3	1
+3	2
+call sp();
+col1	col2
+3	1
+3	2
+drop procedure sp;
+insert into t1 select * from t2;
+with cte (c1, c2) 
+as (select a, sum(b) from t1 where b > 1 group by a having sum(b) < 5)
+select * from cte where c1 < 4 and c2 > 1;
+c1	c2
+2	2
+# Check pushdown conditions in JSON output
+explain format=json with cte (c1, c2) 
+as (select a, sum(b) from t1 where b > 1 group by a having sum(b) < 5)
+select * from cte where c1 < 4 and c2 > 1;
+EXPLAIN
+{
+  "query_block": {
+    "select_id": 1,
+    "nested_loop": [
+      {
+        "table": {
+          "table_name": "<derived2>",
+          "access_type": "ALL",
+          "rows": 10,
+          "filtered": 100,
+          "attached_condition": "cte.c1 < 4 and cte.c2 > 1",
+          "materialized": {
+            "query_block": {
+              "select_id": 2,
+              "having_condition": "sum(t1.b) < 5 and c2 > 1",
+              "filesort": {
+                "sort_key": "t1.a",
+                "temporary_table": {
+                  "nested_loop": [
+                    {
+                      "table": {
+                        "table_name": "t1",
+                        "access_type": "ALL",
+                        "rows": 10,
+                        "filtered": 100,
+                        "attached_condition": "t1.b > 1 and t1.a < 4"
+                      }
+                    }
+                  ]
+                }
+              }
+            }
+          }
+        }
+      }
+    ]
+  }
+}
+alter table t1 add column c int;
+execute st;
+ERROR HY000: WITH column list and SELECT field list have different column counts
+drop prepare st;
+drop table t1,t2;
+Test out recursive CTEs
+create table distances (src char(1), dest char(1), distance int);
+create table city_population (city char(1), population int);
+INSERT INTO `distances` VALUES ('A','A',0),('B','A',593),('C','A',800),
+('D','A',221),('E','A',707),('F','A',869),('G','A',225),('H','A',519),
+('A','B',919),('B','B',0),('C','B',440),('D','B',79),('E','B',79),
+('F','B',154),('G','B',537),('H','B',220),('A','C',491),('B','C',794),
+('C','C',0),('D','C',100),('E','C',350),('F','C',748),('G','C',712),
+('H','C',315),('A','D',440),('B','D',256),('C','D',958),('D','D',0),
+('E','D',255),('F','D',161),('G','D',63),('H','D',831),('A','E',968),
+('B','E',345),('C','E',823),('D','E',81),('E','E',0),('F','E',436),
+('G','E',373),('H','E',558),('A','F',670),('B','F',677),('C','F',375),
+('D','F',843),('E','F',90),('F','F',0),('G','F',328),('H','F',881),
+('A','G',422),('B','G',467),('C','G',67),('D','G',936),('E','G',480),
+('F','G',592),('G','G',0),('H','G',819),('A','H',537),('B','H',229),
+('C','H',534),('D','H',984),('E','H',319),('F','H',643),('G','H',257),
+('H','H',0);
+insert into city_population values ('A', 5000), ('B', 6000), ('C', 100000),
+('D', 80000), ('E', 7000), ('F', 1000), ('G', 100), ('H', -80000);
+#find the biggest city within 300 kellikams of 'E'
+with recursive travel (src, path, dest, distance, population) as (
+select city, cast('' as varchar(10)), city,
+0, population
+from city_population where city='E'
+  union all
+select src.src, concat(src.path, dst.dest), dst.dest,
+src.distance + dst.distance, dstc.population
+from travel src
+join distances dst on src.dest != dst.dest
+join city_population dstc on dst.dest = dstc.city
+where dst.src = src.dest and src.distance + dst.distance < 300
+and length(path) < 10
+)
+select * from travel where dest != 'E' order by population desc, distance
+limit 1;
+src	path	dest	distance	population
+E	FD	D	251	80000
+prepare st from "with recursive travel (src, path, dest, distance, population) as (
+select city, cast('' as varchar(10)), city,
+0, population
+from city_population where city='E'
+  union all
+select src.src, concat(src.path, dst.dest), dst.dest,
+src.distance + dst.distance, dstc.population
+from travel src
+join distances dst on src.dest != dst.dest
+join city_population dstc on dst.dest = dstc.city
+where dst.src = src.dest and src.distance + dst.distance < 300
+and length(path) < 10
+)
+select * from travel where dest != 'E' order by population desc, distance
+limit 1";
+execute st;
+src	path	dest	distance	population
+E	FD	D	251	80000
+execute st;
+src	path	dest	distance	population
+E	FD	D	251	80000
+drop prepare st;
+create procedure sp() with recursive travel (src, path, dest, distance, population) as (
+select city, cast('' as varchar(10)), city,
+0, population
+from city_population where city='E'
+  union all
+select src.src, concat(src.path, dst.dest), dst.dest,
+src.distance + dst.distance, dstc.population
+from travel src
+join distances dst on src.dest != dst.dest
+join city_population dstc on dst.dest = dstc.city
+where dst.src = src.dest and src.distance + dst.distance < 300
+and length(path) < 10
+)
+select * from travel where dest != 'E' order by population desc, distance
+limit 1;
+call sp();
+src	path	dest	distance	population
+E	FD	D	251	80000
+call sp();
+src	path	dest	distance	population
+E	FD	D	251	80000
+drop procedure sp;
+drop table distances, city_population;
+#
+# MDEV-28615: Multi-table UPDATE over derived table containing
+#             row that uses subquery with hanging CTE
+#
+CREATE TABLE t1 (a int) ENGINE=MYISAM;
+INSERT INTO t1 VALUES (3), (7), (1);
+UPDATE
+(SELECT (5, (WITH cte AS (SELECT 1) SELECT a FROM t1))) dt
+JOIN t1 t
+ON t.a=dt.a
+SET t.a = 1;
+ERROR 21000: Operand should contain 1 column(s)
+UPDATE
+(SELECT a FROM t1
+WHERE (5, (WITH cte AS (SELECT 1) SELECT a FROM t1 WHERE a > 4)) <=
+(5,a)) dt
+JOIN t1 t
+ON t.a=dt.a
+SET t.a = 1;
+SELECT * FROM t1;
+a
+3
+1
+1
+DROP TABLE t1;
+#
+# MDEV-31657: CTE with the same name as base table used twice
+#             in another CTE
+#
+create table t (a int);
+insert into t values (3), (7), (1);
+with
+t as (select * from t),
+cte as (select t1.a as t1a, t2.a as t2a from t as t1, t as t2 where t1.a=t2.a)
+select * from cte;
+t1a	t2a
+3	3
+7	7
+1	1
+create table s (a int);
+insert into s values (1), (4), (7);
+with
+t as (select * from t),
+s as (select a-1 as a from s),
+cte as (select t.a as ta, s.a as sa from t, s where t.a=s.a
+union
+select t.a+1, s.a+1 from t, s where t.a=s.a+1)
+select * from cte;
+ta	sa
+3	3
+2	1
+8	7
+with
+t as (select * from t),
+cte as (select t.a as ta, s.a as sa from t, s where t.a=s.a
+union
+select t.a+1, s.a+1 from t, s where t.a=s.a),
+s as (select a+10 as a from s)
+select * from cte;
+ta	sa
+1	1
+7	7
+2	2
+8	8
+drop table t,s;
+with
+t as (select * from t),
+cte as (select t1.a as t1a, t2.a as t2a from t as t1, t as t2 where t1.a=t2.a)
+select * from cte;
+ERROR 42S02: Table 'test.t' doesn't exist
 # End of 10.4 tests
diff --git a/mysql-test/main/cte_nonrecursive.test b/mysql-test/main/cte_nonrecursive.test
index c420a5e0..bebf02ea 100644
--- a/mysql-test/main/cte_nonrecursive.test
+++ b/mysql-test/main/cte_nonrecursive.test
@@ -1796,4 +1796,233 @@ with data as (select 1 as id)
 select id into @myid from data;
 set sql_mode= @save_sql_mode;
 
+--echo #
+--echo # MDEV-31995 Bogus error executing PS for query using CTE with renaming of columns
+--echo #
+
+create table t1 (a int, b int);
+insert into t1 values (1,1),(1,2),(1,3),(2,1),(2,2);
+create table t2 (a int, b int);
+insert into t2 values (3,1),(3,2),(3,3),(4,1),(4,2);
+
+let $q=
+with cte (c1,c2) as
+  (select a as col1, sum(b) as col2 from t1 group by col1)
+select * from cte;
+
+eval $q;
+
+eval prepare st from "$q";
+execute st;
+execute st;
+drop prepare st;
+
+eval create procedure sp() $q;
+call sp();
+call sp();
+drop procedure sp;
+
+let $q=
+with cte (c1,c2) as
+  (select a as col1, sum(b) as col2 from t1 order by col1)
+select * from cte;
+
+eval $q;
+
+eval prepare st from "$q";
+execute st;
+execute st;
+drop prepare st;
+
+eval create procedure sp() $q;
+call sp();
+call sp();
+drop procedure sp;
+
+let $q=
+with cte (c1,c2) as
+  (select a as col1, sum(b) as col2 from t1 where a > 1 group by col1
+  union select a as col3, sum(b) as col4 from t2 where b > 2 group by col3),
+cte2 (c3, c4) as
+  (select a as col5, sum(b) as col6 from t1 where a <= 1 group by col5
+  union select a as col7, sum(b) as col8 from t2 where b <= 2 group by col7)
+select * from cte where c1=1 union select * from cte2 where c3=3;
+
+eval $q;
+
+eval prepare st from "$q";
+execute st;
+execute st;
+drop prepare st;
+
+eval create procedure sp() $q;
+call sp();
+call sp();
+drop procedure sp;
+
+let $q=
+with cte (c1,c2) as (select * from t1)
+select cte.c1+1 as col1 , cte.c2 as col2 from cte where cte.c1  > 1
+union
+select cte.c1 as col3, cte.c2+1 as col4 from cte where cte.c1 < 0;
+
+eval $q;
+
+eval prepare st from "$q";
+execute st;
+execute st;
+--echo save this to the end to test errors >drop prepare st;
+
+eval create procedure sp() $q;
+call sp();
+call sp();
+drop procedure sp;
+
+insert into t1 select * from t2;
+
+let $q=
+with cte (c1, c2) 
+  as (select a, sum(b) from t1 where b > 1 group by a having sum(b) < 5)
+select * from cte where c1 < 4 and c2 > 1;
+
+eval $q;
+
+--echo # Check pushdown conditions in JSON output
+--source include/analyze-format.inc
+eval explain format=json $q;
+
+alter table t1 add column c int;
+
+--error ER_WITH_COL_WRONG_LIST
+execute st;
+
+drop prepare st;
+drop table t1,t2;
+
+--echo Test out recursive CTEs
+
+create table distances (src char(1), dest char(1), distance int);
+create table city_population (city char(1), population int);
+INSERT INTO `distances` VALUES ('A','A',0),('B','A',593),('C','A',800),
+('D','A',221),('E','A',707),('F','A',869),('G','A',225),('H','A',519),
+('A','B',919),('B','B',0),('C','B',440),('D','B',79),('E','B',79),
+('F','B',154),('G','B',537),('H','B',220),('A','C',491),('B','C',794),
+('C','C',0),('D','C',100),('E','C',350),('F','C',748),('G','C',712),
+('H','C',315),('A','D',440),('B','D',256),('C','D',958),('D','D',0),
+('E','D',255),('F','D',161),('G','D',63),('H','D',831),('A','E',968),
+('B','E',345),('C','E',823),('D','E',81),('E','E',0),('F','E',436),
+('G','E',373),('H','E',558),('A','F',670),('B','F',677),('C','F',375),
+('D','F',843),('E','F',90),('F','F',0),('G','F',328),('H','F',881),
+('A','G',422),('B','G',467),('C','G',67),('D','G',936),('E','G',480),
+('F','G',592),('G','G',0),('H','G',819),('A','H',537),('B','H',229),
+('C','H',534),('D','H',984),('E','H',319),('F','H',643),('G','H',257),
+('H','H',0);
+insert into city_population values ('A', 5000), ('B', 6000), ('C', 100000),
+('D', 80000), ('E', 7000), ('F', 1000), ('G', 100), ('H', -80000);
+
+--echo #find the biggest city within 300 kellikams of 'E'
+let $q=
+with recursive travel (src, path, dest, distance, population) as (
+  select city, cast('' as varchar(10)), city,
+         0, population
+    from city_population where city='E'
+  union all
+  select src.src, concat(src.path, dst.dest), dst.dest,
+         src.distance + dst.distance, dstc.population
+    from travel src
+    join distances dst on src.dest != dst.dest
+    join city_population dstc on dst.dest = dstc.city
+  where dst.src = src.dest and src.distance + dst.distance < 300
+    and length(path) < 10
+  )
+select * from travel where dest != 'E' order by population desc, distance
+limit 1;
+
+eval $q;
+
+eval prepare st from "$q";
+execute st;
+execute st;
+drop prepare st;
+
+eval create procedure sp() $q;
+call sp();
+call sp();
+drop procedure sp;
+
+drop table distances, city_population;
+
+--echo #
+--echo # MDEV-28615: Multi-table UPDATE over derived table containing
+--echo #             row that uses subquery with hanging CTE
+--echo #
+
+CREATE TABLE t1 (a int) ENGINE=MYISAM;
+INSERT INTO t1 VALUES (3), (7), (1);
+
+--error ER_OPERAND_COLUMNS
+UPDATE
+  (SELECT (5, (WITH cte AS (SELECT 1) SELECT a FROM t1))) dt
+  JOIN t1 t
+  ON t.a=dt.a
+SET t.a = 1;
+
+UPDATE
+  (SELECT a FROM t1
+     WHERE (5, (WITH cte AS (SELECT 1) SELECT a FROM t1 WHERE a > 4)) <=
+           (5,a)) dt
+  JOIN t1 t
+  ON t.a=dt.a
+SET t.a = 1;
+
+SELECT * FROM t1;
+
+DROP TABLE t1;
+
+--echo #
+--echo # MDEV-31657: CTE with the same name as base table used twice
+--echo #             in another CTE
+--echo #
+
+create table t (a int);
+insert into t values (3), (7), (1);
+
+let $q1=
+with
+t as (select * from t),
+cte as (select t1.a as t1a, t2.a as t2a from t as t1, t as t2 where t1.a=t2.a)
+select * from cte;
+
+eval $q1;
+
+create table s (a int);
+insert into s values (1), (4), (7);
+
+let $q2=
+with
+t as (select * from t),
+s as (select a-1 as a from s),
+cte as (select t.a as ta, s.a as sa from t, s where t.a=s.a
+        union
+        select t.a+1, s.a+1 from t, s where t.a=s.a+1)
+select * from cte;
+
+eval $q2;
+
+let $q3=
+with
+t as (select * from t),
+cte as (select t.a as ta, s.a as sa from t, s where t.a=s.a
+        union
+        select t.a+1, s.a+1 from t, s where t.a=s.a),
+s as (select a+10 as a from s)
+select * from cte;
+
+eval $q3;
+
+drop table t,s;
+
+--ERROR ER_NO_SUCH_TABLE
+eval $q1;
+
 --echo # End of 10.4 tests
diff --git a/mysql-test/main/ctype_collate.result b/mysql-test/main/ctype_collate.result
index d53efe89..eafe7ff3 100644
--- a/mysql-test/main/ctype_collate.result
+++ b/mysql-test/main/ctype_collate.result
@@ -614,18 +614,24 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 EXPLAIN SELECT * FROM t1 WHERE s2 BETWEEN 'a' AND 'b' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` >= "'a'" of collation `latin1_german1_ci`
 EXPLAIN SELECT * FROM t1 WHERE s1 IN  ('a','b' COLLATE latin1_german1_ci);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	range	s1	s1	11	NULL	2	Using index condition
 EXPLAIN SELECT * FROM t1 WHERE s2 IN  ('a','b' COLLATE latin1_german1_ci);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` = "'a'" of collation `latin1_german1_ci`
 EXPLAIN SELECT * FROM t1 WHERE s1 LIKE 'a' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	range	s1	s1	11	NULL	1	Using index condition
 EXPLAIN SELECT * FROM t1 WHERE s2 LIKE 'a' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` like "'a' collate latin1_german1_ci" of collation `latin1_german1_ci`
 DROP TABLE t1;
 create table t1(f1 varchar(10) character set latin2 collate latin2_hungarian_ci, key(f1));
 insert into t1 set f1=0x3F3F9DC73F;
diff --git a/mysql-test/main/ctype_cp932.result b/mysql-test/main/ctype_cp932.result
index 47b3cbc1..a66bf1da 100644
--- a/mysql-test/main/ctype_cp932.result
+++ b/mysql-test/main/ctype_cp932.result
@@ -888,7 +888,7 @@ ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET STATEMENT ',@seq, '.a=1 SELECT 1');
 ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET STATEMENT a.',@seq, '=1 SELECT 1');
-ERROR HY000: Invalid cp932 character string: '\x81\xAD'
+ERROR HY000: Invalid cp932 character string: '\x81'
 #
 # SET SESSION (bad|good.bad|bad.good)=1
 #
@@ -897,7 +897,7 @@ ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET SESSION ',@seq, '.a=1 SELECT 1');
 ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET SESSION a.',@seq, '=1 SELECT 1');
-ERROR HY000: Invalid cp932 character string: '\x81\xAD'
+ERROR HY000: Invalid cp932 character string: '\x81'
 #
 # SET (bad|good.bad|bad.good)=1
 #
@@ -906,7 +906,7 @@ ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET ', @seq, '.a=1');
 ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('SET a.', @seq, '=1');
-ERROR HY000: Invalid cp932 character string: '\x81\xAD'
+ERROR HY000: Invalid cp932 character string: '\x81'
 #
 # Oracle SP call: BEGIN (bad|good.bad|bad.good)(params); END
 #
@@ -916,7 +916,7 @@ ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('BEGIN ',@seq, '.a(1); END;');
 ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('BEGIN a.',@seq, '(1); END;');
-ERROR HY000: Invalid cp932 character string: '\x81\xAD'
+ERROR HY000: Invalid cp932 character string: '\x81'
 #
 # Oracle assignment: (bad|good.bad|bad.good):= value
 #
@@ -925,7 +925,7 @@ ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT(@seq, '.a:=1');
 ERROR HY000: Invalid cp932 character string: '\x81\xAD'
 EXECUTE IMMEDIATE CONCAT('a.', @seq, ':=1');
-ERROR HY000: Invalid cp932 character string: '\x81\xAD'
+ERROR HY000: Invalid cp932 character string: '\x81'
 SET sql_mode=DEFAULT;
 #
 # End of 10.5 tests
diff --git a/mysql-test/main/ctype_sjis.result b/mysql-test/main/ctype_sjis.result
index ee760d9c..7a1f4cf5 100644
--- a/mysql-test/main/ctype_sjis.result
+++ b/mysql-test/main/ctype_sjis.result
@@ -19619,7 +19619,7 @@ ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET STATEMENT ',@seq, '.a=1 SELECT 1');
 ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET STATEMENT a.',@seq, '=1 SELECT 1');
-ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
+ERROR HY000: Invalid sjis character string: '�_x81'
 #
 # SET SESSION (bad|good.bad|bad.good)=1
 #
@@ -19628,7 +19628,7 @@ ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET SESSION ',@seq, '.a=1 SELECT 1');
 ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET SESSION a.',@seq, '=1 SELECT 1');
-ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
+ERROR HY000: Invalid sjis character string: '�_x81'
 #
 # SET (bad|good.bad|bad.good)=1
 #
@@ -19637,7 +19637,7 @@ ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET ', @seq, '.a=1');
 ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('SET a.', @seq, '=1');
-ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
+ERROR HY000: Invalid sjis character string: '�_x81'
 #
 # Oracle SP call: BEGIN (bad|good.bad|bad.good)(params); END
 #
@@ -19647,7 +19647,7 @@ ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('BEGIN ',@seq, '.a(1); END;');
 ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('BEGIN a.',@seq, '(1); END;');
-ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
+ERROR HY000: Invalid sjis character string: '�_x81'
 #
 # Oracle assignment: (bad|good.bad|bad.good):= value
 #
@@ -19656,7 +19656,7 @@ ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT(@seq, '.a:=1');
 ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
 EXECUTE IMMEDIATE CONCAT('a.', @seq, ':=1');
-ERROR HY000: Invalid sjis character string: '�_x81�_xAD'
+ERROR HY000: Invalid sjis character string: '�_x81'
 SET sql_mode=DEFAULT;
 #
 # End of 10.5 tests
diff --git a/mysql-test/main/derived_split_innodb.result b/mysql-test/main/derived_split_innodb.result
index 31522379..b9ee3f0a 100644
--- a/mysql-test/main/derived_split_innodb.result
+++ b/mysql-test/main/derived_split_innodb.result
@@ -862,5 +862,20 @@ SELECT * FROM t1 JOIN t2 WHERE (t1.a, t2.b) IN (SELECT * FROM v);
 a	b
 DROP VIEW v;
 DROP TABLE t1, t2, t3;
+#
+# MDEV-31279 Crash when lateral derived is guaranteed to return no rows
+#
+CREATE TABLE t1 (a CHAR(1)) ENGINE=MyISAM;
+INSERT INTO t1 VALUES ('1'),('2');
+CREATE TABLE t2 (b INT, KEY(b)) ENGINE=MyISAM;
+ALTER TABLE t2 DISABLE KEYS;
+INSERT INTO t2 VALUES (1),(2),(3);
+ALTER TABLE t2 ENABLE KEYS;
+CREATE TABLE t3 (c INT) ENGINE=MyISAM;
+INSERT INTO t3 (c) SELECT seq FROM seq_1_to_101;
+SELECT * FROM t1 WHERE t1.a IN (SELECT b FROM
+(SELECT t2.b FROM t2 WHERE NOT EXISTS (SELECT 1 FROM t3) GROUP BY b) sq);
+a
+DROP TABLE t1, t2, t3;
 # End of 10.4 tests
 SET GLOBAL innodb_stats_persistent=@save_innodb_stats_persistent;
diff --git a/mysql-test/main/derived_split_innodb.test b/mysql-test/main/derived_split_innodb.test
index bccda42d..075d6e81 100644
--- a/mysql-test/main/derived_split_innodb.test
+++ b/mysql-test/main/derived_split_innodb.test
@@ -487,6 +487,24 @@ SELECT * FROM t1 JOIN t2 WHERE (t1.a, t2.b) IN (SELECT * FROM v);
 DROP VIEW v;
 DROP TABLE t1, t2, t3;
 
+--echo #
+--echo # MDEV-31279 Crash when lateral derived is guaranteed to return no rows
+--echo #
+
+CREATE TABLE t1 (a CHAR(1)) ENGINE=MyISAM;
+INSERT INTO t1 VALUES ('1'),('2');
+CREATE TABLE t2 (b INT, KEY(b)) ENGINE=MyISAM;
+ALTER TABLE t2 DISABLE KEYS;
+INSERT INTO t2 VALUES (1),(2),(3);
+ALTER TABLE t2 ENABLE KEYS;
+CREATE TABLE t3 (c INT) ENGINE=MyISAM;
+INSERT INTO t3 (c) SELECT seq FROM seq_1_to_101;
+
+SELECT * FROM t1 WHERE t1.a IN (SELECT b FROM
+  (SELECT t2.b FROM t2 WHERE NOT EXISTS (SELECT 1 FROM t3) GROUP BY b) sq);
+
+DROP TABLE t1, t2, t3;
+
 --echo # End of 10.4 tests
 
 SET GLOBAL innodb_stats_persistent=@save_innodb_stats_persistent;
diff --git a/mysql-test/main/derived_view.result b/mysql-test/main/derived_view.result
index 6bc9b424..3ac06c20 100644
--- a/mysql-test/main/derived_view.result
+++ b/mysql-test/main/derived_view.result
@@ -4246,6 +4246,51 @@ a
 deallocate prepare stmt;
 drop view v;
 drop table t1,t2,t3;
+#
+# MDEV-32829 Crash when executing PS for query with eliminated subquery
+#   using view
+#
+create view v1 as select 1 as a;
+prepare stmt from
+'SELECT EXISTS (SELECT 1 FROM v1 GROUP BY a IN (SELECT a FROM v1))';
+execute stmt;
+EXISTS (SELECT 1 FROM v1 GROUP BY a IN (SELECT a FROM v1))
+1
+drop view v1;
+create table t1 (a int, b int);
+insert into t1 values (1,2),(3,4),(5,6);
+create view v1 as select * from t1;
+create table t2 select * from t1;
+prepare stmt from "select t2.a from t2 where exists
+(
+select * from t1 where t2.b = t1.b and t1.b != 6
+group by a in (select a from v1 where v1.a = t2.a)
+)";
+execute stmt;
+a
+1
+3
+execute stmt;
+a
+1
+3
+deallocate prepare stmt;
+create procedure aproc() select t2.a from t2 where exists
+(
+select * from t1 where t2.b = t1.b and t1.b != 6
+group by a in (select a from v1 where v1.a = t2.a)
+);
+call aproc();
+a
+1
+3
+call aproc();
+a
+1
+3
+drop table t1, t2;
+drop view v1;
+drop procedure aproc;
 # End of 10.4 tests
 #
 # MDEV-31143: view with ORDER BY used in query with rownum() in WHERE
diff --git a/mysql-test/main/derived_view.test b/mysql-test/main/derived_view.test
index 03565ae0..ddead30a 100644
--- a/mysql-test/main/derived_view.test
+++ b/mysql-test/main/derived_view.test
@@ -2759,6 +2759,42 @@ deallocate prepare stmt;
 drop view v;
 drop table t1,t2,t3;
 
+--echo #
+--echo # MDEV-32829 Crash when executing PS for query with eliminated subquery
+--echo #   using view
+--echo #
+
+create view v1 as select 1 as a;
+prepare stmt from
+  'SELECT EXISTS (SELECT 1 FROM v1 GROUP BY a IN (SELECT a FROM v1))';
+execute stmt;
+drop view v1;
+
+create table t1 (a int, b int);
+insert into t1 values (1,2),(3,4),(5,6);
+create view v1 as select * from t1;
+create table t2 select * from t1;
+
+let $q=
+select t2.a from t2 where exists
+(
+  select * from t1 where t2.b = t1.b and t1.b != 6
+  group by a in (select a from v1 where v1.a = t2.a)
+);
+
+eval prepare stmt from "$q";
+execute stmt;
+execute stmt;
+deallocate prepare stmt;
+
+eval create procedure aproc() $q;
+call aproc();
+call aproc();
+
+drop table t1, t2;
+drop view v1;
+drop procedure aproc;
+
 --echo # End of 10.4 tests
 
 --echo #
diff --git a/mysql-test/main/disabled.def b/mysql-test/main/disabled.def
index 02104f6a..8ba5b271 100644
--- a/mysql-test/main/disabled.def
+++ b/mysql-test/main/disabled.def
@@ -17,4 +17,3 @@ mysql_embedded           : Bug#12561297 2011-05-14 Anitha Dependent on PB2 chang
 file_contents            : MDEV-6526 these files are not installed anymore
 max_statement_time       : cannot possibly work, depends on timing
 partition_open_files_limit : open_files_limit check broken by MDEV-18360
-partition_innodb         : Waiting for fix MDEV-20169
diff --git a/mysql-test/main/dyncol.test b/mysql-test/main/dyncol.test
index cb983bd3..8b316421 100644
--- a/mysql-test/main/dyncol.test
+++ b/mysql-test/main/dyncol.test
@@ -670,18 +670,16 @@ SELECT COLUMN_GET(`x`, 'y' AS DECIMAL(5,50));
 --echo #
 --echo # creation test (names)
 set names utf8;
-#enable after MDEV-32465 fix
---disable_view_protocol
+--disable_service_connection
 select hex(column_create("адын", 1212));
---enable_view_protocol
+--enable_service_connection
 select hex(column_create("1212", 1212));
 select hex(column_create(1212, 2, "www", 3));
 select hex(column_create("1212", 2, "www", 3));
 select hex(column_create("1212", 2, 3, 3));
-#enable after MDEV-32465 fix
---disable_view_protocol
+--disable_service_connection
 select hex(column_create("1212", 2, "адын", 1, 3, 3));
---enable_view_protocol
+--enable_service_connection
 set names latin1;
 
 --echo # fetching column test (names)
@@ -708,15 +706,14 @@ select column_exists(column_create("1212", 2, "адын", 1, 3, 3), "4") as ex;
 set names latin1;
 
 --echo # column changing test (names)
-#enable after MDEV-32465 fix
---disable_view_protocol
+--disable_service_connection
 select hex(column_add(column_create(1, "AAA"), "b", "BBB")) as ex;
 select hex(column_add(column_create("1", "AAA"), "b", "BBB")) as ex;
 select column_get(column_add(column_create(1, "AAA"), "b", "BBB"), 1 as char) as ex;
 select column_get(column_add(column_create(1, "AAA"), "b", "BBB"), "b" as char) as ex;
 select hex(column_add(column_create("a", "AAA"), 1, "BBB")) as ex;
 select hex(column_add(column_create("a", "AAA"), "1", "BBB")) as ex;
---enable_view_protocol
+--enable_service_connection
 select hex(column_add(column_create("a", 1212 as integer), "b", "1212" as integer)) as ex;
 select hex(column_add(column_create("a", 1212 as integer), "a", "1212" as integer)) as ex;
 select hex(column_add(column_create("a", 1212 as integer), "a", NULL as integer)) as ex;
diff --git a/mysql-test/main/enforce_storage_engine.result b/mysql-test/main/enforce_storage_engine.result
index c761277a..cc91daa7 100644
--- a/mysql-test/main/enforce_storage_engine.result
+++ b/mysql-test/main/enforce_storage_engine.result
@@ -158,5 +158,12 @@ t3	CREATE TABLE `t3` (
   PRIMARY KEY (`c1`)
 ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 DROP TABLE t3;
+#
+# MDEV-21618 CREATE UNIQUE INDEX fails with "ERROR 1286 (42000): Unknown storage engine 'partition'"
+#
+SET SESSION enforce_storage_engine=MyISAM;
+CREATE TABLE t4 (a INT) ENGINE=MyISAM PARTITION BY HASH(a);
+CREATE INDEX x on t4 (a);
+DROP TABLE t4;
 SET SESSION enforce_storage_engine=NULL;
 SET GLOBAL enforce_storage_engine=NULL;
diff --git a/mysql-test/main/enforce_storage_engine.test b/mysql-test/main/enforce_storage_engine.test
index 6b422477..7768ed1b 100644
--- a/mysql-test/main/enforce_storage_engine.test
+++ b/mysql-test/main/enforce_storage_engine.test
@@ -1,4 +1,5 @@
--- source include/not_embedded.inc
+--source include/not_embedded.inc
+--source include/have_partition.inc
 
 set local sql_mode="";
 set global sql_mode="";
@@ -107,5 +108,15 @@ ALTER TABLE t3 ADD COLUMN c3 INT;
 SHOW CREATE TABLE t3;
 DROP TABLE t3;
 
+--echo #
+--echo # MDEV-21618 CREATE UNIQUE INDEX fails with "ERROR 1286 (42000): Unknown storage engine 'partition'"
+--echo #
+SET SESSION enforce_storage_engine=MyISAM;
+
+CREATE TABLE t4 (a INT) ENGINE=MyISAM PARTITION BY HASH(a);
+CREATE INDEX x on t4 (a);
+
+DROP TABLE t4;
+
 SET SESSION enforce_storage_engine=NULL;
-SET GLOBAL enforce_storage_engine=NULL;
\ No newline at end of file
+SET GLOBAL enforce_storage_engine=NULL;
diff --git a/mysql-test/main/execution_constants.test b/mysql-test/main/execution_constants.test
index 285197cd..49b1da8f 100644
--- a/mysql-test/main/execution_constants.test
+++ b/mysql-test/main/execution_constants.test
@@ -1,5 +1,6 @@
 # In embedded server we don't really have a control over stack usage
 -- source include/not_embedded.inc
+-- source include/not_asan.inc
 
 #
 # Bug#21476: Lost Database Connection During Query
diff --git a/mysql-test/main/explain.result b/mysql-test/main/explain.result
index 8db5e9f5..75d46110 100644
--- a/mysql-test/main/explain.result
+++ b/mysql-test/main/explain.result
@@ -458,3 +458,43 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 NULL	UNION RESULT	<union1,3>	ALL	NULL	NULL	NULL	NULL	NULL	
 Warnings:
 Note	1249	Select 4 was reduced during optimization
+#
+# End of 10.4 tests
+#
+CREATE TABLE t1 (a INT);
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (b INT);
+INSERT INTO t2 VALUES (3),(4);
+EXPLAIN SELECT * FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	PRIMARY	t1	ALL	NULL	NULL	NULL	NULL	2	
+1	PRIMARY	t2	ALL	NULL	NULL	NULL	NULL	2	Using where; Using join buffer (flat, BNL join)
+2	DEPENDENT SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+3	DEPENDENT UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	
+EXPLAIN DELETE t2 FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	PRIMARY	t1	ALL	NULL	NULL	NULL	NULL	2	
+1	PRIMARY	t2	ALL	NULL	NULL	NULL	NULL	2	Using where
+2	DEPENDENT SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+3	DEPENDENT UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	
+prepare stmt from "EXPLAIN DELETE t2 FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6)";
+execute stmt;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	PRIMARY	t1	ALL	NULL	NULL	NULL	NULL	2	
+1	PRIMARY	t2	ALL	NULL	NULL	NULL	NULL	2	Using where
+2	DEPENDENT SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+3	DEPENDENT UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	
+execute stmt;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	PRIMARY	t1	ALL	NULL	NULL	NULL	NULL	2	
+1	PRIMARY	t2	ALL	NULL	NULL	NULL	NULL	2	Using where
+2	DEPENDENT SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+3	DEPENDENT UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	
+DROP TABLE t1, t2;
+#
+# End of 10.5 tests
+#
diff --git a/mysql-test/main/explain.test b/mysql-test/main/explain.test
index 36595ba7..5269fccf 100644
--- a/mysql-test/main/explain.test
+++ b/mysql-test/main/explain.test
@@ -372,3 +372,26 @@ drop table t1;
 explain
 VALUES ( (VALUES (2))) UNION VALUES ( (SELECT 3));
 --enable_ps_protocol
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
+
+CREATE TABLE t1 (a INT);
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (b INT);
+INSERT INTO t2 VALUES (3),(4);
+
+EXPLAIN SELECT * FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6);
+EXPLAIN DELETE t2 FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6);
+prepare stmt from "EXPLAIN DELETE t2 FROM t1, t2 WHERE t2.b IN (SELECT 5 UNION SELECT 6)";
+execute stmt;
+execute stmt;
+
+# Cleanup
+
+DROP TABLE t1, t2;
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/main/func_compress.test b/mysql-test/main/func_compress.test
index 221dddd5..d18af140 100644
--- a/mysql-test/main/func_compress.test
+++ b/mysql-test/main/func_compress.test
@@ -1,5 +1,5 @@
 -- source include/have_compress.inc
--- source include/have_normal_bzip.inc
+-- source include/have_normal_zlib.inc
 #
 # Test for compress and uncompress functions:
 #
diff --git a/mysql-test/main/func_in.result b/mysql-test/main/func_in.result
index 4627208d..b3865bab 100644
--- a/mysql-test/main/func_in.result
+++ b/mysql-test/main/func_in.result
@@ -531,6 +531,8 @@ Warning	1292	Truncated incorrect DECIMAL value: 'b'
 explain select f1 from t1 where f1 in (2,1);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	t1f1_idx	t1f1_idx	2	NULL	3	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `t1f1_idx` part[0] for lookup: `test`.`t1`.`f1` of type `char` = "2" of type `int`
 create table t2(f2 int, index t2f2(f2));
 insert into t2 values(0),(1),(2);
 select f2 from t2 where f2 in ('a',2);
diff --git a/mysql-test/main/func_json.result b/mysql-test/main/func_json.result
index 0336de08..ea1767af 100644
--- a/mysql-test/main/func_json.result
+++ b/mysql-test/main/func_json.result
@@ -1460,6 +1460,39 @@ f
 foo
 SET @@COLLATION_CONNECTION= @old_collation_connection;
 #
+# MDEV-32587 JSON_VALID fail to validate integer zero in scientific notation
+#
+select JSON_VALID(' {"number": 1E-4}');
+JSON_VALID(' {"number": 1E-4}')
+1
+select JSON_VALID(' {"number": 0E-4}');
+JSON_VALID(' {"number": 0E-4}')
+1
+select JSON_VALID(' {"number": 0.0}');
+JSON_VALID(' {"number": 0.0}')
+1
+select JSON_VALID(' {"number": 0.1E-4}');
+JSON_VALID(' {"number": 0.1E-4}')
+1
+select JSON_VALID(' {"number": 0e-4}');
+JSON_VALID(' {"number": 0e-4}')
+1
+select JSON_VALID(' {"number": -0E-4}');
+JSON_VALID(' {"number": -0E-4}')
+1
+select JSON_VALUE(' {"number": 0E-4}', '$.number');
+JSON_VALUE(' {"number": 0E-4}', '$.number')
+0E-4
+select JSON_VALID(' {"number": 00E-4}');
+JSON_VALID(' {"number": 00E-4}')
+0
+select JSON_VALID(' {"number": 01E-4}');
+JSON_VALID(' {"number": 01E-4}')
+0
+select JSON_VALID(' {"number": 0E-4.0}');
+JSON_VALID(' {"number": 0E-4.0}')
+0
+#
 # End of 10.4 tests
 #
 #
@@ -1646,6 +1679,17 @@ SELECT JSON_OBJECTAGG('\\', 1);
 JSON_OBJECTAGG('\\', 1)
 {"\\":1}
 #
+# MDEV-24784 JSON_ARRAYAGG charset issue
+#
+set names utf8;
+select json_arrayagg('ä'), json_objectagg(1, 'ä');
+json_arrayagg('ä')	json_objectagg(1, 'ä')
+["ä"]	{"1":"ä"}
+set names latin1;
+select json_arrayagg('ä'), json_objectagg(1, 'ä');
+json_arrayagg('ä')	json_objectagg(1, 'ä')
+["ä"]	{"1":"ä"}
+#
 # End of 10.5 tests
 #
 #
diff --git a/mysql-test/main/func_json.test b/mysql-test/main/func_json.test
index 2218a976..f8a656c9 100644
--- a/mysql-test/main/func_json.test
+++ b/mysql-test/main/func_json.test
@@ -948,6 +948,22 @@ SELECT JSON_VALUE('["foo"]', '$**[0]') AS f;
 SET @@COLLATION_CONNECTION= @old_collation_connection;
 
 --echo #
+--echo # MDEV-32587 JSON_VALID fail to validate integer zero in scientific notation
+--echo #
+# Passing
+select JSON_VALID(' {"number": 1E-4}');
+select JSON_VALID(' {"number": 0E-4}');
+select JSON_VALID(' {"number": 0.0}');
+select JSON_VALID(' {"number": 0.1E-4}');
+select JSON_VALID(' {"number": 0e-4}');
+select JSON_VALID(' {"number": -0E-4}');
+select JSON_VALUE(' {"number": 0E-4}', '$.number');
+# Failing
+select JSON_VALID(' {"number": 00E-4}');
+select JSON_VALID(' {"number": 01E-4}');
+select JSON_VALID(' {"number": 0E-4.0}');
+
+--echo #
 --echo # End of 10.4 tests
 --echo #
 
@@ -1112,6 +1128,16 @@ SELECT JSON_OBJECTAGG('\"', 1);
 SELECT JSON_OBJECTAGG('\\', 1);
 
 --echo #
+--echo # MDEV-24784 JSON_ARRAYAGG charset issue
+--echo #
+--disable_service_connection
+set names utf8;
+select json_arrayagg('ä'), json_objectagg(1, 'ä');
+set names latin1;
+select json_arrayagg('ä'), json_objectagg(1, 'ä');
+--enable_service_connection
+
+--echo #
 --echo # End of 10.5 tests
 --echo #
 
diff --git a/mysql-test/main/func_regexp_pcre.result b/mysql-test/main/func_regexp_pcre.result
index 9e51ced9..36f2fced 100644
--- a/mysql-test/main/func_regexp_pcre.result
+++ b/mysql-test/main/func_regexp_pcre.result
@@ -895,3 +895,12 @@ REGEXP_INSTR('a_kollision', 'o([lm])\\1')
 4
 SELECT a FROM (SELECT "aa" a) t WHERE a REGEXP '[0-9]';
 a
+#
+# MDEV-11777 REGEXP_REPLACE converts utf8mb4 supplementary characters to '?'
+#
+select hex(regexp_replace(cast(x'F09F9881' as char character set 'utf8mb4'), _utf8mb4'a', _utf8mb4'b')) as Text;
+Text
+F09F9881
+#
+# End of 10.6 tests
+#
diff --git a/mysql-test/main/func_regexp_pcre.test b/mysql-test/main/func_regexp_pcre.test
index e6e356f4..8c2408f5 100644
--- a/mysql-test/main/func_regexp_pcre.test
+++ b/mysql-test/main/func_regexp_pcre.test
@@ -470,3 +470,11 @@ SELECT REGEXP_INSTR('a_kollision', 'o([lm])\\1');
 #
 SELECT a FROM (SELECT "aa" a) t WHERE a REGEXP '[0-9]';
 --enable_service_connection
+
+--echo #
+--echo # MDEV-11777 REGEXP_REPLACE converts utf8mb4 supplementary characters to '?'
+--echo #
+select hex(regexp_replace(cast(x'F09F9881' as char character set 'utf8mb4'), _utf8mb4'a', _utf8mb4'b')) as Text;
+--echo #
+--echo # End of 10.6 tests
+--echo #
diff --git a/mysql-test/main/func_replace.result b/mysql-test/main/func_replace.result
new file mode 100644
index 00000000..7f354d52
--- /dev/null
+++ b/mysql-test/main/func_replace.result
@@ -0,0 +1,124 @@
+#
+# Start of 10.5 tests
+#
+#
+# MDEV-17226 Column Data in Truncated on UNION to the length of the first value if using REPLACE
+#
+CREATE TABLE t1 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (2),
+col2 VARCHAR (2),
+PRIMARY KEY (id)
+);
+CREATE TABLE t2 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (1),
+col2 VARCHAR (2),
+PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ("a", "ba");
+INSERT INTO t2 (col1, col2) VALUES ("a", "ba");
+SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+a
+a
+ba
+SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t2;
+a
+a
+ba
+SELECT REPLACE('z', col1, col2) FROM t1 UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+REPLACE('z', col1, col2)
+z
+ba
+SELECT REPLACE('z', col1, col2) FROM t2 UNION ALL SELECT REPLACE('a', col1, col2) FROM t2;
+REPLACE('z', col1, col2)
+z
+ba
+DROP TABLE t1, t2;
+CREATE TABLE t1 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (2),
+col2 VARCHAR (2),
+PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'ba');
+SELECT REPLACE('a', col1, col2) FROM t1;
+REPLACE('a', col1, col2)
+ba
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+SELECT * FROM t2;
+a
+a
+ba
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `a` varchar(2) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1, t2;
+CREATE TABLE t1 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (1),
+col2 VARCHAR (10),
+PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', '0123456789');
+SELECT REPLACE('aa', col1, col2) FROM t1;
+REPLACE('aa', col1, col2)
+01234567890123456789
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aa', col1, col2) FROM t1;
+SELECT * FROM t2;
+a
+a
+01234567890123456789
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `a` varchar(20) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1, t2;
+CREATE TABLE t1 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (1),
+col2 VARCHAR (20),
+PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'aaaaaaaaaabbbbbbbbbb');
+SELECT REPLACE('aa', col1, col2) FROM t1;
+REPLACE('aa', col1, col2)
+aaaaaaaaaabbbbbbbbbbaaaaaaaaaabbbbbbbbbb
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aa', col1, col2) FROM t1;
+SELECT * FROM t2;
+a
+a
+aaaaaaaaaabbbbbbbbbbaaaaaaaaaabbbbbbbbbb
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `a` varchar(40) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1, t2;
+CREATE TABLE t1 (
+id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+col1 VARCHAR (1),
+col2 VARCHAR (30),
+PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'aaaaaaaaaabbbbbbbbbbcccccccccc');
+SELECT REPLACE('aaa', col1, col2) FROM t1;
+REPLACE('aaa', col1, col2)
+aaaaaaaaaabbbbbbbbbbccccccccccaaaaaaaaaabbbbbbbbbbccccccccccaaaaaaaaaabbbbbbbbbbcccccccccc
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aaa', col1, col2) FROM t1;
+SELECT * FROM t2;
+a
+a
+aaaaaaaaaabbbbbbbbbbccccccccccaaaaaaaaaabbbbbbbbbbccccccccccaaaaaaaaaabbbbbbbbbbcccccccccc
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `a` varchar(90) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1, t2;
+#
+# End of 10.5 tests
+#
diff --git a/mysql-test/main/func_replace.test b/mysql-test/main/func_replace.test
new file mode 100644
index 00000000..f06ef992
--- /dev/null
+++ b/mysql-test/main/func_replace.test
@@ -0,0 +1,86 @@
+--echo #
+--echo # Start of 10.5 tests
+--echo #
+
+--echo #
+--echo # MDEV-17226 Column Data in Truncated on UNION to the length of the first value if using REPLACE
+--echo #
+
+CREATE TABLE t1 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (2),
+  col2 VARCHAR (2),
+  PRIMARY KEY (id)
+);
+CREATE TABLE t2 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (1),
+  col2 VARCHAR (2),
+  PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ("a", "ba");
+INSERT INTO t2 (col1, col2) VALUES ("a", "ba");
+SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t2;
+SELECT REPLACE('z', col1, col2) FROM t1 UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+SELECT REPLACE('z', col1, col2) FROM t2 UNION ALL SELECT REPLACE('a', col1, col2) FROM t2;
+DROP TABLE t1, t2;
+
+
+
+CREATE TABLE t1 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (2),
+  col2 VARCHAR (2),
+  PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'ba');
+SELECT REPLACE('a', col1, col2) FROM t1;
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('a', col1, col2) FROM t1;
+SELECT * FROM t2;
+SHOW CREATE TABLE t2;
+DROP TABLE t1, t2;
+
+CREATE TABLE t1 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (1),
+  col2 VARCHAR (10),
+  PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', '0123456789');
+SELECT REPLACE('aa', col1, col2) FROM t1;
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aa', col1, col2) FROM t1;
+SELECT * FROM t2;
+SHOW CREATE TABLE t2;
+DROP TABLE t1, t2;
+
+CREATE TABLE t1 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (1),
+  col2 VARCHAR (20),
+  PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'aaaaaaaaaabbbbbbbbbb');
+SELECT REPLACE('aa', col1, col2) FROM t1;
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aa', col1, col2) FROM t1;
+SELECT * FROM t2;
+SHOW CREATE TABLE t2;
+DROP TABLE t1, t2;
+
+CREATE TABLE t1 (
+  id INT UNSIGNED NOT NULL AUTO_INCREMENT,
+  col1 VARCHAR (1),
+  col2 VARCHAR (30),
+  PRIMARY KEY (id)
+);
+INSERT INTO t1 (col1, col2) VALUES ('a', 'aaaaaaaaaabbbbbbbbbbcccccccccc');
+SELECT REPLACE('aaa', col1, col2) FROM t1;
+CREATE TABLE t2 AS SELECT 'a' UNION ALL SELECT REPLACE('aaa', col1, col2) FROM t1;
+SELECT * FROM t2;
+SHOW CREATE TABLE t2;
+DROP TABLE t1, t2;
+
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/main/func_str.result b/mysql-test/main/func_str.result
index daf97dd8..0d46453c 100644
--- a/mysql-test/main/func_str.result
+++ b/mysql-test/main/func_str.result
@@ -5286,6 +5286,33 @@ ERROR 42000: Incorrect parameter count in the call to native function 'DECODE'
 # End of 10.4 tests
 #
 #
+# Start of 10.5 tests
+#
+#
+# MDEV-28651 quote(NULL) returns incorrect result in view ('NU' instead of 'NULL')
+#
+CREATE VIEW v1 AS SELECT quote(NULL);
+SELECT * FROM v1;
+quote(NULL)
+NULL
+DESCRIBE v1;
+Field	Type	Null	Key	Default	Extra
+quote(NULL)	varbinary(4)	YES		NULL	
+CREATE TABLE t1 AS SELECT * FROM v1;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `quote(NULL)` varbinary(4) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT * FROM t1;
+quote(NULL)
+NULL
+DROP TABLE t1;
+DROP VIEW v1;
+#
+# End of 10.5 tests
+#
+#
 # MDEV-25704 Function random_bytes
 #
 create table t1 as select random_bytes(100);
diff --git a/mysql-test/main/func_str.test b/mysql-test/main/func_str.test
index bbd84fde..e939b21e 100644
--- a/mysql-test/main/func_str.test
+++ b/mysql-test/main/func_str.test
@@ -2334,6 +2334,28 @@ SELECT DECODE(NULL, NULL, NULL);
 --echo #
 
 --echo #
+--echo # Start of 10.5 tests
+--echo #
+
+--echo #
+--echo # MDEV-28651 quote(NULL) returns incorrect result in view ('NU' instead of 'NULL')
+--echo #
+
+CREATE VIEW v1 AS SELECT quote(NULL);
+SELECT * FROM v1;
+DESCRIBE v1;
+CREATE TABLE t1 AS SELECT * FROM v1;
+SHOW CREATE TABLE t1;
+SELECT * FROM t1;
+DROP TABLE t1;
+DROP VIEW v1;
+
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
+
+--echo #
 --echo # MDEV-25704 Function random_bytes
 --echo #
 
diff --git a/mysql-test/main/gis.result b/mysql-test/main/gis.result
index 99d41aad..d8d42489 100644
--- a/mysql-test/main/gis.result
+++ b/mysql-test/main/gis.result
@@ -5328,5 +5328,112 @@ SELECT BIT_XOR(a) FROM t1;
 ERROR HY000: Illegal parameter data type geometry for operation 'bit_xor('
 DROP TABLE t1;
 #
+# MDEV-27666 User variable not parsed as geometry variable in geometry function.
+#
+set @g= point(1, 1);
+select ST_AsWKT(GeometryCollection(Point(44, 6), @g));
+ST_AsWKT(GeometryCollection(Point(44, 6), @g))
+GEOMETRYCOLLECTION(POINT(44 6),POINT(1 1))
+set @g=  "just a string";
+select ST_AsWKT(GeometryCollection(Point(44, 6), @g));
+ERROR HY000: Illegal parameter data type longblob for operation 'geometrycollection'
+SET @g= LineString(Point(0,0), Point(0,1));
+SELECT AsText(PointN(@g, 1));
+AsText(PointN(@g, 1))
+POINT(0 0)
+SELECT AsText(PointN(@g, 2));
+AsText(PointN(@g, 2))
+POINT(0 1)
+SET @g= Point(1, 1);
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` point DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+POINT(1 1)
+DROP TABLE t1;
+SET @g= MultiPoint(Point(1, 1), Point(-1,-1));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` multipoint DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+MULTIPOINT(1 1,-1 -1)
+DROP TABLE t1;
+SET @g= LineString(Point(1, 1), Point(2,2));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` linestring DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+LINESTRING(1 1,2 2)
+DROP TABLE t1;
+SET @g= MultiLineString(LineString(Point(1, 1), Point(2,2)),
+LineString(Point(-1, -1), Point(-2,-2)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` multilinestring DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+MULTILINESTRING((1 1,2 2),(-1 -1,-2 -2))
+DROP TABLE t1;
+SET @g= Polygon(LineString(Point(0, 0), Point(30, 0), Point(30, 30), Point(0, 0)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` polygon DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+POLYGON((0 0,30 0,30 30,0 0))
+DROP TABLE t1;
+SET @g= MultiPolygon(Polygon(LineString(Point(0, 3), Point(3, 3),
+Point(3, 0), Point(0, 3))));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` multipolygon DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+MULTIPOLYGON(((0 3,3 3,3 0,0 3)))
+DROP TABLE t1;
+SET @g= GeometryCollection(Point(44, 6), LineString(Point(3, 6), Point(7, 9)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` geometrycollection DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+GEOMETRYCOLLECTION(POINT(44 6),LINESTRING(3 6,7 9))
+DROP TABLE t1;
+SET @g= GeometryFromText('POINT(1 1)');
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `g` geometry DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT AsText(g) FROM t1;
+AsText(g)
+POINT(1 1)
+DROP TABLE t1;
+#
 # End of 10.5 tests
 #
diff --git a/mysql-test/main/gis.test b/mysql-test/main/gis.test
index e68b1f14..659636b1 100644
--- a/mysql-test/main/gis.test
+++ b/mysql-test/main/gis.test
@@ -1,5 +1,5 @@
 -- source include/have_geometry.inc
-
+-- source include/not_embedded.inc
 
 #
 # Spatial objects
@@ -3374,6 +3374,69 @@ SELECT BIT_OR(a) FROM t1;
 SELECT BIT_XOR(a) FROM t1;
 DROP TABLE t1;
 
+--echo #
+--echo # MDEV-27666 User variable not parsed as geometry variable in geometry function.
+--echo #
+
+set @g= point(1, 1);
+select ST_AsWKT(GeometryCollection(Point(44, 6), @g));
+set @g=  "just a string";
+--error ER_ILLEGAL_PARAMETER_DATA_TYPE_FOR_OPERATION
+select ST_AsWKT(GeometryCollection(Point(44, 6), @g));
+
+SET @g= LineString(Point(0,0), Point(0,1));
+SELECT AsText(PointN(@g, 1));
+SELECT AsText(PointN(@g, 2));
+
+SET @g= Point(1, 1);
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= MultiPoint(Point(1, 1), Point(-1,-1));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= LineString(Point(1, 1), Point(2,2));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= MultiLineString(LineString(Point(1, 1), Point(2,2)),
+                        LineString(Point(-1, -1), Point(-2,-2)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= Polygon(LineString(Point(0, 0), Point(30, 0), Point(30, 30), Point(0, 0)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= MultiPolygon(Polygon(LineString(Point(0, 3), Point(3, 3),
+                                        Point(3, 0), Point(0, 3))));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= GeometryCollection(Point(44, 6), LineString(Point(3, 6), Point(7, 9)));
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
+
+SET @g= GeometryFromText('POINT(1 1)');
+CREATE TABLE t1 AS SELECT @g AS g;
+SHOW CREATE TABLE t1;
+SELECT AsText(g) FROM t1;
+DROP TABLE t1;
 
 --echo #
 --echo # End of 10.5 tests
diff --git a/mysql-test/main/grant.result b/mysql-test/main/grant.result
index d89bf9f0..031ebbc9 100644
--- a/mysql-test/main/grant.result
+++ b/mysql-test/main/grant.result
@@ -1991,6 +1991,11 @@ GRANT EXECUTE                 ON mysqltest_db1.* TO mysqltest_u1@localhost;
 GRANT FILE                    ON *.* TO mysqltest_u1@localhost;
 GRANT CREATE USER             ON *.* TO mysqltest_u1@localhost;
 GRANT PROCESS                 ON *.* TO mysqltest_u1@localhost;
+GRANT RELOAD                  ON mysqltest_db1.* TO mysqltest_u1@localhost;
+ERROR HY000: Incorrect usage of DB GRANT and GLOBAL PRIVILEGES
+connect(localhost,mysqltest_u1,,db1,MASTER_PORT,MASTER_SOCKET);
+connect  con1, localhost, mysqltest_u1, ,db1;
+ERROR 42000: Access denied for user 'mysqltest_u1'@'localhost' to database 'db1'
 GRANT RELOAD                  ON *.* TO mysqltest_u1@localhost;
 GRANT REPLICATION CLIENT      ON *.* TO mysqltest_u1@localhost;
 GRANT REPLICATION SLAVE       ON *.* TO mysqltest_u1@localhost;
diff --git a/mysql-test/main/grant.test b/mysql-test/main/grant.test
index 69bb0507..52f2f78b 100644
--- a/mysql-test/main/grant.test
+++ b/mysql-test/main/grant.test
@@ -1824,6 +1824,13 @@ GRANT EXECUTE                 ON mysqltest_db1.* TO mysqltest_u1@localhost;
 GRANT FILE                    ON *.* TO mysqltest_u1@localhost;
 GRANT CREATE USER             ON *.* TO mysqltest_u1@localhost;
 GRANT PROCESS                 ON *.* TO mysqltest_u1@localhost;
+# Global privileges should be granted to all schemas, not individual DB
+--error ER_WRONG_USAGE
+GRANT RELOAD                  ON mysqltest_db1.* TO mysqltest_u1@localhost;
+# Select privilege is needed beside RELOAD privilege
+--replace_result $MASTER_MYSOCK MASTER_SOCKET $MASTER_MYPORT MASTER_PORT
+--error ER_DBACCESS_DENIED_ERROR
+--connect (con1, localhost, mysqltest_u1, ,db1)
 GRANT RELOAD                  ON *.* TO mysqltest_u1@localhost;
 GRANT REPLICATION CLIENT      ON *.* TO mysqltest_u1@localhost;
 GRANT REPLICATION SLAVE       ON *.* TO mysqltest_u1@localhost;
diff --git a/mysql-test/main/group_min_max.result b/mysql-test/main/group_min_max.result
index 88c56804..452088f3 100644
--- a/mysql-test/main/group_min_max.result
+++ b/mysql-test/main/group_min_max.result
@@ -3298,6 +3298,8 @@ explain
 SELECT b, min(a) FROM t1 WHERE a > ('0' = b) AND b = 'z' GROUP BY b;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ref	b	b	4	const	1	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `b` part[1] for lookup: `test`.`t1`.`a` of type `varchar` > "'0' = 'z'" of type `boolean`
 SELECT b, min(a) FROM t1 WHERE a > ('0' = b) AND b = 'z' GROUP BY b;
 b	min(a)
 explain
@@ -3984,12 +3986,18 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 EXPLAIN SELECT id,MIN(a),MAX(a) FROM t1 WHERE a BETWEEN DATE'2001-01-04' AND DATE'2001-01-05' GROUP BY id;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	NULL	id	27	NULL	64	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `id` part[1] for lookup: `test`.`t1`.`a` of type `varchar` >= "DATE'2001-01-04'" of type `date`
 EXPLAIN SELECT id,MIN(a),MAX(a) FROM t1 WHERE a BETWEEN DATE'2001-01-04' AND     '2001-01-05' GROUP BY id;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	NULL	id	27	NULL	64	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `id` part[1] for lookup: `test`.`t1`.`a` of type `varchar` >= "DATE'2001-01-04'" of type `date`
 EXPLAIN SELECT id,MIN(a),MAX(a) FROM t1 WHERE a BETWEEN     '2001-01-04' AND DATE'2001-01-05' GROUP BY id;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	NULL	id	27	NULL	64	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `id` part[1] for lookup: `test`.`t1`.`a` of type `varchar` >= "<cache>('2001-01-04')" of type `date`
 DROP TABLE t1;
 #
 # MIN() optimization didn't work correctly with BETWEEN when using too
diff --git a/mysql-test/main/group_min_max_innodb.result b/mysql-test/main/group_min_max_innodb.result
index fed3d30b..27656374 100644
--- a/mysql-test/main/group_min_max_innodb.result
+++ b/mysql-test/main/group_min_max_innodb.result
@@ -330,6 +330,113 @@ JOIN t1 ON dt.a=t1.b;
 a
 Australia
 DROP TABLES t1, t2;
+#
+# MDEV-15656: Assertion `is_last_prefix <= 0' failed in
+#             QUICK_GROUP_MIN_MAX_SELECT::get_next
+#
+SET @lru_depth.save= @@innodb_lru_scan_depth;
+SET GLOBAL innodb_lru_scan_depth= 1024;
+CREATE TABLE t1 (
+pk_part1 INT AUTO_INCREMENT,
+a VARCHAR(4),
+row_start timestamp(6) default current_timestamp,
+PRIMARY KEY (pk_part1, row_start)
+) ENGINE=InnoDB;
+INSERT INTO t1 (a) VALUES
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo');
+connect  con1,localhost,root,,test;
+SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+SELECT DISTINCT pk_part1 FROM t1;
+connection default;
+INSERT INTO t1 (pk_part1) VALUES (NULL);
+connection con1;
+disconnect con1;
+connection default;
+DROP TABLE t1;
+SET GLOBAL innodb_lru_scan_depth= @lru_depth.save;
 set global innodb_stats_persistent= @innodb_stats_persistent_save;
 set global innodb_stats_persistent_sample_pages=
 @innodb_stats_persistent_sample_pages_save;
diff --git a/mysql-test/main/group_min_max_innodb.test b/mysql-test/main/group_min_max_innodb.test
index fcecbec4..33a3a888 100644
--- a/mysql-test/main/group_min_max_innodb.test
+++ b/mysql-test/main/group_min_max_innodb.test
@@ -273,6 +273,53 @@ eval $query;
 
 DROP TABLES t1, t2;
 
+--echo #
+--echo # MDEV-15656: Assertion `is_last_prefix <= 0' failed in
+--echo #             QUICK_GROUP_MIN_MAX_SELECT::get_next
+--echo #
+SET @lru_depth.save= @@innodb_lru_scan_depth;
+SET GLOBAL innodb_lru_scan_depth= 1024;
+
+CREATE TABLE t1 (
+  pk_part1 INT AUTO_INCREMENT,
+  a VARCHAR(4),
+  row_start timestamp(6) default current_timestamp,
+  PRIMARY KEY (pk_part1, row_start)
+) ENGINE=InnoDB;
+
+INSERT INTO t1 (a) VALUES
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo'),
+('foo'),('bar'),('foo'),('bar'),('foo');
+
+--connect (con1,localhost,root,,test)
+
+SET SESSION TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;
+
+--let $run= 20
+--disable_result_log
+while ($run)
+{
+  --send
+    SELECT DISTINCT pk_part1 FROM t1;
+  --connection default
+  INSERT INTO t1 (pk_part1) VALUES (NULL);
+  --connection con1
+  --reap
+  --dec $run
+}
+--enable_result_log
+
+--disconnect con1
+--connection default
+DROP TABLE t1;
+SET GLOBAL innodb_lru_scan_depth= @lru_depth.save;
+
 set global innodb_stats_persistent= @innodb_stats_persistent_save;
 set global innodb_stats_persistent_sample_pages=
              @innodb_stats_persistent_sample_pages_save;
diff --git a/mysql-test/main/innodb_ext_key,covering,innodb,on.rdiff b/mysql-test/main/innodb_ext_key,covering,innodb,on.rdiff
new file mode 100644
index 00000000..0d8bcc6c
--- /dev/null
+++ b/mysql-test/main/innodb_ext_key,covering,innodb,on.rdiff
@@ -0,0 +1,20 @@
+--- ./main/innodb_ext_key.result
++++ ./main/innodb_ext_key.reject
+@@ -244,7 +244,7 @@
+ Variable_name	Value
+ Handler_read_first	0
+ Handler_read_key	21
+-Handler_read_last	1
++Handler_read_last	0
+ Handler_read_next	0
+ Handler_read_prev	0
+ Handler_read_retry	0
+@@ -266,7 +266,7 @@
+ Variable_name	Value
+ Handler_read_first	0
+ Handler_read_key	6
+-Handler_read_last	1
++Handler_read_last	0
+ Handler_read_next	0
+ Handler_read_prev	0
+ Handler_read_retry	0
diff --git a/mysql-test/main/innodb_ext_key,innodb,on,unoptimized.rdiff b/mysql-test/main/innodb_ext_key,innodb,on,unoptimized.rdiff
new file mode 100644
index 00000000..0d8bcc6c
--- /dev/null
+++ b/mysql-test/main/innodb_ext_key,innodb,on,unoptimized.rdiff
@@ -0,0 +1,20 @@
+--- ./main/innodb_ext_key.result
++++ ./main/innodb_ext_key.reject
+@@ -244,7 +244,7 @@
+ Variable_name	Value
+ Handler_read_first	0
+ Handler_read_key	21
+-Handler_read_last	1
++Handler_read_last	0
+ Handler_read_next	0
+ Handler_read_prev	0
+ Handler_read_retry	0
+@@ -266,7 +266,7 @@
+ Variable_name	Value
+ Handler_read_first	0
+ Handler_read_key	6
+-Handler_read_last	1
++Handler_read_last	0
+ Handler_read_next	0
+ Handler_read_prev	0
+ Handler_read_retry	0
diff --git a/mysql-test/main/keywords.result b/mysql-test/main/keywords.result
index 483a8f7e..4e246e38 100644
--- a/mysql-test/main/keywords.result
+++ b/mysql-test/main/keywords.result
@@ -500,21 +500,21 @@ SELECT @@global.rpad(); -- Unknown system variable 'rpad'
 --------
 SELECT @@global.adddate(); -- Unknown system variable 'adddate'
 --------
-SELECT @@global.substr(); -- Unknown system variable 'substr'
+SELECT @@global.substr(); -- ..syntax.. near 'substr()' at line 1
 --------
-SELECT @@global.substring(); -- Unknown system variable 'substring'
+SELECT @@global.substring(); -- ..syntax.. near 'substring()' at line 1
 --------
 SELECT @@global.trim_oracle(); -- Unknown system variable 'trim_oracle'
 --------
 SELECT @@global.ascii(); -- Unknown system variable 'ascii'
 --------
-SELECT @@global.replace(); -- Unknown system variable 'replace'
+SELECT @@global.replace(); -- ..syntax.. near 'replace()' at line 1
 --------
 SELECT @@global.weight_string(); -- Unknown system variable 'weight_string'
 --------
 SELECT @@global.char(); -- Unknown system variable 'char'
 --------
-SELECT @@global.trim(); -- Unknown system variable 'trim'
+SELECT @@global.trim(); -- ..syntax.. near 'trim()' at line 1
 --------
 SELECT @@global.year(); -- Unknown system variable 'year'
 --------
@@ -732,21 +732,21 @@ CREATE FUNCTION test.rpad() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
 CREATE FUNCTION test.adddate() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
-CREATE FUNCTION test.substr() RETURNS OOPS; -- Unknown data type: 'OOPS'
+CREATE FUNCTION test.substr() RETURNS OOPS; -- ..syntax.. near 'substr() RETURNS OOPS' 
 --------
-CREATE FUNCTION test.substring() RETURNS OOPS; -- Unknown data type: 'OOPS'
+CREATE FUNCTION test.substring() RETURNS OOPS; -- ..syntax.. near 'substring() RETURNS OOP
 --------
 CREATE FUNCTION test.trim_oracle() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
 CREATE FUNCTION test.ascii() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
-CREATE FUNCTION test.replace() RETURNS OOPS; -- Unknown data type: 'OOPS'
+CREATE FUNCTION test.replace() RETURNS OOPS; -- ..syntax.. near 'replace() RETURNS OOPS'
 --------
 CREATE FUNCTION test.weight_string() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
 CREATE FUNCTION test.char() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
-CREATE FUNCTION test.trim() RETURNS OOPS; -- Unknown data type: 'OOPS'
+CREATE FUNCTION test.trim() RETURNS OOPS; -- ..syntax.. near 'trim() RETURNS OOPS' at
 --------
 CREATE FUNCTION test.year() RETURNS OOPS; -- Unknown data type: 'OOPS'
 --------
diff --git a/mysql-test/main/log_slow_debug.result b/mysql-test/main/log_slow_debug.result
index 920b1641..bc934c04 100644
--- a/mysql-test/main/log_slow_debug.result
+++ b/mysql-test/main/log_slow_debug.result
@@ -287,15 +287,18 @@ SET @old_dbug= @@GLOBAL.debug_dbug;
 SET GLOBAL log_output= "TABLE";
 SET GLOBAL slow_query_log= ON;
 SET SESSION long_query_time= 0;
-SET GLOBAL debug_dbug="+d,debug_huge_number_of_examined_rows";
+SET debug_dbug="+d,debug_huge_number_of_examined_rows";
 SELECT * FROM tab_MDEV_30820 ORDER BY 1;
 ID	A
 1	0
 2	0
-SET GLOBAL debug_dbug=@old_dbug;
+SET debug_dbug=@old_dbug;
 SET @@long_query_time= @old_long_query_time;
 SET @@global.log_output= @old_log_output;
 SET @@global.slow_query_log= @old_slow_query_log;
+SELECT rows_examined, sql_text from mysql.slow_log where sql_text like "SELECT%FROM tab_MDEV_30820%";
+rows_examined	sql_text
+18446744073708551615	SELECT * FROM tab_MDEV_30820 ORDER BY 1
 drop table tab_MDEV_30820;
 #
 # End of 10.4 test
diff --git a/mysql-test/main/log_slow_debug.test b/mysql-test/main/log_slow_debug.test
index ee040611..456b2953 100644
--- a/mysql-test/main/log_slow_debug.test
+++ b/mysql-test/main/log_slow_debug.test
@@ -170,16 +170,21 @@ SET GLOBAL log_output= "TABLE";
 SET GLOBAL slow_query_log= ON;
 SET SESSION long_query_time= 0;
 
-SET GLOBAL debug_dbug="+d,debug_huge_number_of_examined_rows";
+SET debug_dbug="+d,debug_huge_number_of_examined_rows";
+--disable_ps_protocol
+--disable_view_protocol
 SELECT * FROM tab_MDEV_30820 ORDER BY 1;
-SET GLOBAL debug_dbug=@old_dbug;
-
+--enable_view_protocol
+--enable_ps_protocol
+SET debug_dbug=@old_dbug;
 
 ## Reset to initial values
 SET @@long_query_time= @old_long_query_time;
 SET @@global.log_output= @old_log_output;
 SET @@global.slow_query_log= @old_slow_query_log;
 
+SELECT rows_examined, sql_text from mysql.slow_log where sql_text like "SELECT%FROM tab_MDEV_30820%";
+
 drop table tab_MDEV_30820;
 
 --echo #
diff --git a/mysql-test/main/log_tables.result b/mysql-test/main/log_tables.result
index 1d642c0a..e64b71d4 100644
--- a/mysql-test/main/log_tables.result
+++ b/mysql-test/main/log_tables.result
@@ -1,14 +1,9 @@
 SET SQL_MODE="";
-SET @old_general_log_state = @@global.general_log;
 SET @old_log_output=       @@global.log_output;
 SET @old_slow_query_log=   @@global.slow_query_log;
 SET @old_general_log=      @@global.general_log;
 SET @old_long_query_time=  @@session.long_query_time;
 use mysql;
-SET @saved_long_query_time = @@long_query_time;
-SET @saved_log_output = @@log_output;
-SET @saved_general_log = @@GLOBAL.general_log;
-SET @saved_slow_query_log = @@GLOBAL.slow_query_log;
 truncate table general_log;
 select * from general_log;
 event_time	user_host	thread_id	server_id	command_type	argument
@@ -120,6 +115,9 @@ show open tables;
 Database	Table	In_use	Name_locked
 SET GLOBAL GENERAL_LOG=ON;
 SET GLOBAL SLOW_QUERY_LOG=ON;
+#
+# Bug#23924 general_log truncates queries with character set introducers.
+#
 truncate table mysql.general_log;
 set names binary;
 select _koi8r'ÔÅÓÔ' as test;
@@ -131,6 +129,9 @@ TIMESTAMP	USER_HOST	THREAD_ID	1	Query	set names binary
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	select _koi8r'\xD4\xC5\xD3\xD4' as test
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	select * from mysql.general_log
 set names utf8;
+#
+# Bug #16905    Log tables: unicode statements are logged incorrectly
+#
 truncate table mysql.general_log;
 set names utf8;
 create table bug16905 (s char(15) character set utf8 default 'пу�то');
@@ -142,6 +143,9 @@ TIMESTAMP	USER_HOST	THREAD_ID	1	Query	create table bug16905 (s char(15) characte
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	insert into bug16905 values ('новое')
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	select * from mysql.general_log
 drop table bug16905;
+#
+# Bug #17600: Invalid data logged into mysql.slow_log
+#
 truncate table mysql.slow_log;
 set session long_query_time=1;
 select sleep(2);
@@ -150,7 +154,11 @@ sleep(2)
 select * from mysql.slow_log;
 start_time	user_host	query_time	lock_time	rows_sent	rows_examined	db	last_insert_id	insert_id	server_id	sql_text	thread_id	rows_affected
 TIMESTAMP	USER_HOST	QUERY_TIME	00:00:00.000000	1	0	mysql	0	0	1	select sleep(2)	THREAD_ID	0
-set @@session.long_query_time = @saved_long_query_time;
+set @@session.long_query_time = @old_long_query_time;
+#
+# Bug #18559 log tables cannot change engine, and gets deadlocked when
+# dropping w/ log on
+#
 alter table mysql.general_log engine=myisam;
 ERROR HY000: You cannot 'ALTER' a log table if logging is enabled
 alter table mysql.slow_log engine=myisam;
@@ -232,7 +240,7 @@ TIMESTAMP	USER_HOST	THREAD_ID	1	Query	truncate table mysql.slow_log
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	set session long_query_time=1
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	select sleep(2)
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	select * from mysql.slow_log
-TIMESTAMP	USER_HOST	THREAD_ID	1	Query	set @@session.long_query_time = @saved_long_query_time
+TIMESTAMP	USER_HOST	THREAD_ID	1	Query	set @@session.long_query_time = @old_long_query_time
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	alter table mysql.general_log engine=myisam
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	alter table mysql.slow_log engine=myisam
 TIMESTAMP	USER_HOST	THREAD_ID	1	Query	drop table mysql.general_log
@@ -300,17 +308,20 @@ ON UPDATE CURRENT_TIMESTAMP,
 set global general_log='ON';
 set global slow_query_log='ON';
 use test;
+#
+# Bug #20139 Infinite loop after "FLUSH" and "LOCK tabX, general_log"
+#
 flush tables with read lock;
 unlock tables;
 use mysql;
 lock tables general_log read local, help_category read local;
 ERROR HY000: You can't use locks with log tables
 unlock tables;
+#
+# Bug #17544 Cannot do atomic log rotate and
+# Bug #21785 Server crashes after rename of the log table
+#
 SET SESSION long_query_time = 1000;
-drop table if exists mysql.renamed_general_log;
-drop table if exists mysql.renamed_slow_log;
-drop table if exists mysql.general_log_new;
-drop table if exists mysql.slow_log_new;
 use mysql;
 RENAME TABLE general_log TO renamed_general_log;
 ERROR HY000: Cannot rename 'general_log'. When logging enabled, rename to/from log table must rename two tables: the log table to an archive table and another table back to 'general_log'
@@ -356,13 +367,16 @@ set global slow_query_log='ON';
 ERROR 42S02: Table 'mysql.slow_log' doesn't exist
 RENAME TABLE general_log2 TO general_log;
 RENAME TABLE slow_log2 TO slow_log;
-SET SESSION long_query_time = @saved_long_query_time;
+SET SESSION long_query_time = @old_long_query_time;
 set global general_log='ON';
 set global slow_query_log='ON';
 flush logs;
 flush logs;
 drop table renamed_general_log, renamed_slow_log;
 use test;
+#
+# Bug #21966 Strange warnings on repair of the log tables
+#
 use mysql;
 repair table general_log;
 Table	Op	Msg_type	Msg_text
@@ -380,6 +394,10 @@ slow_log
 slow_log_new
 drop table slow_log_new, general_log_new;
 use test;
+#
+# Bug#69953 / MDEV-4851
+# Log tables should be modifable on LOG_OUTPUT != TABLE
+#
 SET GLOBAL LOG_OUTPUT = 'FILE';
 SET GLOBAL slow_query_log = 1;
 SET GLOBAL general_log = 1;
@@ -388,6 +406,10 @@ ALTER TABLE mysql.general_log ADD COLUMN comment_text TEXT NOT NULL;
 SET GLOBAL LOG_OUTPUT = 'NONE';
 ALTER TABLE mysql.slow_log DROP COLUMN comment_text;
 ALTER TABLE mysql.general_log DROP COLUMN comment_text;
+#
+# Bug#27857 (Log tables supplies the wrong value for generating
+#            AUTO_INCREMENT numbers)
+#
 SET GLOBAL LOG_OUTPUT = 'TABLE';
 SET GLOBAL general_log = 0;
 FLUSH LOGS;
@@ -451,16 +473,15 @@ START_TIME	USER_HOST	QUERY_TIME	00:00:00.000000	1	0	test	0	0	1	SELECT "My own sl
 START_TIME	USER_HOST	QUERY_TIME	00:00:00.000000	1	0	test	0	0	1	SELECT "My own slow query", sleep(2)	THREAD_ID	0	3
 START_TIME	USER_HOST	QUERY_TIME	00:00:00.000000	1	0	test	0	0	1	SELECT "My own slow query", sleep(2)	THREAD_ID	0	4
 SET GLOBAL slow_query_log = 0;
-SET SESSION long_query_time =@saved_long_query_time;
+SET SESSION long_query_time =@old_long_query_time;
 FLUSH LOGS;
 ALTER TABLE mysql.slow_log DROP COLUMN seq;
 ALTER TABLE mysql.slow_log ENGINE = CSV;
 SET GLOBAL general_log = @old_general_log;
 SET GLOBAL slow_query_log = @old_slow_query_log;
-drop procedure if exists proc25422_truncate_slow;
-drop procedure if exists proc25422_truncate_general;
-drop procedure if exists proc25422_alter_slow;
-drop procedure if exists proc25422_alter_general;
+#
+# Bug#25422 (Hang with log tables)
+#
 use test//
 create procedure proc25422_truncate_slow (loops int)
 begin
@@ -485,26 +506,26 @@ end//
 create procedure proc25422_alter_slow (loops int)
 begin
 declare v1 int default 0;
+declare old_log_state int default @@global.slow_query_log;
 declare ER_BAD_LOG_STATEMENT condition for 1575;
 declare continue handler for ER_BAD_LOG_STATEMENT begin end;
 while v1 < loops do
-set @old_log_state = @@global.slow_query_log;
 set global slow_query_log = 'OFF';
 alter table mysql.slow_log engine = CSV;
-set global slow_query_log = @old_log_state;
+set global slow_query_log = old_log_state;
 set v1 = v1 + 1;
 end while;
 end//
 create procedure proc25422_alter_general (loops int)
 begin
 declare v1 int default 0;
+declare old_log_state int default @@global.general_log;
 declare ER_BAD_LOG_STATEMENT condition for 1575;
 declare continue handler for ER_BAD_LOG_STATEMENT begin end;
 while v1 < loops do
-set @old_log_state = @@global.general_log;
 set global general_log = 'OFF';
 alter table mysql.general_log engine = CSV;
-set global general_log = @old_log_state;
+set global general_log = old_log_state;
 set v1 = v1 + 1;
 end while;
 end//
@@ -563,17 +584,19 @@ drop procedure proc25422_truncate_slow;
 drop procedure proc25422_truncate_general;
 drop procedure proc25422_alter_slow;
 drop procedure proc25422_alter_general;
+#
+# Bug#23044 (Warnings on flush of a log table)
+#
 FLUSH TABLE mysql.general_log;
 show warnings;
 Level	Code	Message
 FLUSH TABLE mysql.slow_log;
 show warnings;
 Level	Code	Message
-DROP TABLE IF EXISTS `db_17876.slow_log_data`;
-DROP TABLE IF EXISTS `db_17876.general_log_data`;
-DROP PROCEDURE IF EXISTS `db_17876.archiveSlowLog`;
-DROP PROCEDURE IF EXISTS `db_17876.archiveGeneralLog`;
-DROP DATABASE IF EXISTS `db_17876`;
+#
+# Bug#17876 (Truncating mysql.slow_log in a SP after using cursor locks the
+#            thread)
+#
 CREATE DATABASE db_17876;
 CREATE TABLE `db_17876.slow_log_data` (
 `start_time` timestamp(6)  default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,
@@ -686,6 +709,9 @@ DROP PROCEDURE IF EXISTS `db_17876.archiveGeneralLog`;
 DROP DATABASE IF EXISTS `db_17876`;
 SET GLOBAL general_log = @old_general_log;
 SET GLOBAL slow_query_log = @old_slow_query_log;
+#
+# Bug#21557 entries in the general query log truncated at 1000 characters.
+#
 select CONNECTION_ID() into @thread_id;
 truncate table mysql.general_log;
 set global general_log = on;
@@ -902,9 +928,9 @@ select '000 001 002 003 004 005 006 007 008 009010 011 012 013 014 015 016 017 0
 set global general_log = off
 deallocate prepare long_query;
 set global general_log = @old_general_log;
-DROP TABLE IF EXISTS log_count;
-DROP TABLE IF EXISTS slow_log_copy;
-DROP TABLE IF EXISTS general_log_copy;
+#
+# Bug#34306: Can't make copy of log tables when server binary log is enabled
+#
 CREATE TABLE log_count (count BIGINT(21));
 SET GLOBAL general_log = ON;
 SET GLOBAL slow_query_log = ON;
@@ -926,9 +952,12 @@ CREATE TABLE general_log_copy SELECT * FROM mysql.general_log;
 INSERT INTO general_log_copy SELECT * FROM mysql.general_log;
 INSERT INTO log_count (count) VALUES ((SELECT count(*) FROM mysql.general_log));
 DROP TABLE general_log_copy;
-SET GLOBAL general_log = @saved_general_log;
-SET GLOBAL slow_query_log = @saved_slow_query_log;
+SET GLOBAL general_log = @old_general_log;
+SET GLOBAL slow_query_log = @old_slow_query_log;
 DROP TABLE log_count;
+#
+# Bug #31700: thd->examined_row_count not incremented for 'const' type queries
+#
 SET SESSION long_query_time = 0;
 SET GLOBAL slow_query_log = ON;
 FLUSH LOGS;
@@ -954,9 +983,10 @@ TIMESTAMP	1	1	SELECT SQL_NO_CACHE 'Bug#31700 - KEY', f1,f2,f3,SLEEP(1.1) FROM t1
 TIMESTAMP	1	1	SELECT SQL_NO_CACHE 'Bug#31700 - PK',  f1,f2,f3,SLEEP(1.1) FROM t1 WHERE f1=2
 DROP TABLE t1;
 TRUNCATE TABLE mysql.slow_log;
+#
+# Bug #47924 main.log_tables times out sporadically
+#
 use mysql;
-drop table if exists renamed_general_log;
-drop table if exists renamed_slow_log;
 RENAME TABLE general_log TO renamed_general_log;
 ERROR HY000: Cannot rename 'general_log'. When logging enabled, rename to/from log table must rename two tables: the log table to an archive table and another table back to 'general_log'
 RENAME TABLE slow_log TO renamed_slow_log;
@@ -964,7 +994,34 @@ ERROR HY000: Cannot rename 'slow_log'. When logging enabled, rename to/from log
 use test;
 flush tables with read lock;
 unlock tables;
-SET @@session.long_query_time= @old_long_query_time;
+#
+# MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
+#
+truncate mysql.slow_log;
+set global log_output= 'TABLE';
+create user u@localhost;
+set slow_query_log=on, long_query_time=0.1;
+select 'before evil-doing', sleep(0.2);
+before evil-doing	sleep(0.2)
+before evil-doing	0
+connect  con1,localhost,u,,;
+set @@timestamp= 2147483647;
+set slow_query_log=on, long_query_time=0.1;
+select 'evil-doing', sleep(1.1);
+evil-doing	sleep(1.1)
+evil-doing	0
+disconnect con1;
+connection default;
+select 'after evil-doing', sleep(0.2);
+after evil-doing	sleep(0.2)
+after evil-doing	0
+select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
+sql_text
+select 'before evil-doing', sleep(0.2)
+select 'evil-doing', sleep(1.1)
+select 'after evil-doing', sleep(0.2)
+set global log_output=default;
+drop user u@localhost;
 SET @@global.log_output=       @old_log_output;
 SET @@global.slow_query_log=   @old_slow_query_log;
 SET @@global.general_log=      @old_general_log;
diff --git a/mysql-test/main/log_tables.test b/mysql-test/main/log_tables.test
index 1eee6be0..37df8d46 100644
--- a/mysql-test/main/log_tables.test
+++ b/mysql-test/main/log_tables.test
@@ -1,13 +1,9 @@
 # this test needs multithreaded mysqltest
 -- source include/not_embedded.inc
-#
-# Basic log tables test
-#
-# check that CSV engine was compiled in
+
 --source include/have_csv.inc
 
 SET SQL_MODE="";
-SET @old_general_log_state = @@global.general_log;
 SET @old_log_output=       @@global.log_output;
 SET @old_slow_query_log=   @@global.slow_query_log;
 SET @old_general_log=      @@global.general_log;
@@ -16,16 +12,9 @@ SET @old_long_query_time=  @@session.long_query_time;
 --disable_ps_protocol
 use mysql;
 
-# Capture initial settings of system variables
-# so that we can revert to old state after manipulation for testing
-# NOTE:  PLEASE USE THESE VALUES TO 'RESET' SYSTEM VARIABLES
-# Capturing old values within the tests results in loss of values
-# due to people not paying attention to previous tests' changes, captures
-# or improper cleanup
-SET @saved_long_query_time = @@long_query_time;
-SET @saved_log_output = @@log_output;
-SET @saved_general_log = @@GLOBAL.general_log;
-SET @saved_slow_query_log = @@GLOBAL.slow_query_log;
+#
+# Basic log tables test
+#
 
 #
 # Check that log tables work and we can do basic selects. This also
@@ -147,9 +136,9 @@ show open tables;
 SET GLOBAL GENERAL_LOG=ON;
 SET GLOBAL SLOW_QUERY_LOG=ON;
 
-#
-# Bug#23924 general_log truncates queries with character set introducers.
-#
+--echo #
+--echo # Bug#23924 general_log truncates queries with character set introducers.
+--echo #
 truncate table mysql.general_log;
 set names binary;
 select _koi8r'ÔÅÓÔ' as test;
@@ -157,9 +146,9 @@ select _koi8r'ÔÅÓÔ' as test;
 select * from mysql.general_log;
 set names utf8;
 
-#
-# Bug #16905    Log tables: unicode statements are logged incorrectly
-#
+--echo #
+--echo # Bug #16905    Log tables: unicode statements are logged incorrectly
+--echo #
 
 truncate table mysql.general_log;
 set names utf8;
@@ -169,21 +158,21 @@ insert into bug16905 values ('новое');
 select * from mysql.general_log;
 drop table bug16905;
 
-#
-# Bug #17600: Invalid data logged into mysql.slow_log
-#
+--echo #
+--echo # Bug #17600: Invalid data logged into mysql.slow_log
+--echo #
 
 truncate table mysql.slow_log;
 set session long_query_time=1;
 select sleep(2);
 --replace_column 1 TIMESTAMP 2 USER_HOST 3 QUERY_TIME 12 THREAD_ID
 select * from mysql.slow_log;
-set @@session.long_query_time = @saved_long_query_time;
+set @@session.long_query_time = @old_long_query_time;
 
-#
-# Bug #18559 log tables cannot change engine, and gets deadlocked when
-# dropping w/ log on
-#
+--echo #
+--echo # Bug #18559 log tables cannot change engine, and gets deadlocked when
+--echo # dropping w/ log on
+--echo #
 
 # check that appropriate error messages are given when one attempts to alter
 # or drop a log tables, while corresponding logs are enabled
@@ -322,9 +311,9 @@ set global general_log='ON';
 set global slow_query_log='ON';
 use test;
 
-#
-# Bug #20139 Infinite loop after "FLUSH" and "LOCK tabX, general_log"
-#
+--echo #
+--echo # Bug #20139 Infinite loop after "FLUSH" and "LOCK tabX, general_log"
+--echo #
 
 flush tables with read lock;
 unlock tables;
@@ -333,18 +322,12 @@ use mysql;
 lock tables general_log read local, help_category read local;
 unlock tables;
 
-#
-# Bug #17544 Cannot do atomic log rotate and
-# Bug #21785 Server crashes after rename of the log table
-#
+--echo #
+--echo # Bug #17544 Cannot do atomic log rotate and
+--echo # Bug #21785 Server crashes after rename of the log table
+--echo #
 
 SET SESSION long_query_time = 1000;
---disable_warnings
-drop table if exists mysql.renamed_general_log;
-drop table if exists mysql.renamed_slow_log;
-drop table if exists mysql.general_log_new;
-drop table if exists mysql.slow_log_new;
---enable_warnings
 
 use mysql;
 # Should result in error
@@ -399,7 +382,7 @@ set global slow_query_log='ON';
 
 RENAME TABLE general_log2 TO general_log;
 RENAME TABLE slow_log2 TO slow_log;
-SET SESSION long_query_time = @saved_long_query_time;
+SET SESSION long_query_time = @old_long_query_time;
 
 # this should work
 set global general_log='ON';
@@ -427,13 +410,6 @@ use test;
 # TODO: improve filtering of expected errors in master.err in
 # mysql-test-run.pl (based on the test name ?), and uncomment this test.
 
-# --disable_warnings
-# drop table if exists mysql.bad_general_log;
-# drop table if exists mysql.bad_slow_log;
-# drop table if exists mysql.general_log_hide;
-# drop table if exists mysql.slow_log_hide;
-# --enable_warnings
-# 
 # create table mysql.bad_general_log (a int) engine= CSV;
 # create table mysql.bad_slow_log (a int) engine= CSV;
 # 
@@ -459,9 +435,9 @@ use test;
 # drop table mysql.bad_general_log;
 # drop table mysql.bad_slow_log;
 
-#
-# Bug #21966 Strange warnings on repair of the log tables
-#
+--echo #
+--echo # Bug #21966 Strange warnings on repair of the log tables
+--echo #
 
 use mysql;
 # check that no warning occurs on repair of the log tables
@@ -474,11 +450,10 @@ show tables like "%log%";
 drop table slow_log_new, general_log_new;
 use test;
 
-#
-# Bug#69953 / MDEV-4851
-# Log tables should be modifable on LOG_OUTPUT != TABLE
-#
-#
+--echo #
+--echo # Bug#69953 / MDEV-4851
+--echo # Log tables should be modifable on LOG_OUTPUT != TABLE
+--echo #
 
 SET GLOBAL LOG_OUTPUT = 'FILE';
 SET GLOBAL slow_query_log = 1;
@@ -492,10 +467,10 @@ ALTER TABLE mysql.slow_log DROP COLUMN comment_text;
 ALTER TABLE mysql.general_log DROP COLUMN comment_text;
 
 
-#
-# Bug#27857 (Log tables supplies the wrong value for generating
-#            AUTO_INCREMENT numbers)
-#
+--echo #
+--echo # Bug#27857 (Log tables supplies the wrong value for generating
+--echo #            AUTO_INCREMENT numbers)
+--echo #
 
 SET GLOBAL LOG_OUTPUT = 'TABLE';
 
@@ -554,7 +529,7 @@ SELECT "My own slow query", sleep(2);
 SELECT * FROM mysql.slow_log WHERE seq >= 2 LIMIT 3;
 
 SET GLOBAL slow_query_log = 0;
-SET SESSION long_query_time =@saved_long_query_time;
+SET SESSION long_query_time =@old_long_query_time;
 FLUSH LOGS;
 
 ALTER TABLE mysql.slow_log DROP COLUMN seq;
@@ -563,16 +538,9 @@ ALTER TABLE mysql.slow_log ENGINE = CSV;
 SET GLOBAL general_log = @old_general_log;
 SET GLOBAL slow_query_log = @old_slow_query_log;
 
-#
-# Bug#25422 (Hang with log tables)
-#
-
---disable_warnings
-drop procedure if exists proc25422_truncate_slow;
-drop procedure if exists proc25422_truncate_general;
-drop procedure if exists proc25422_alter_slow;
-drop procedure if exists proc25422_alter_general;
---enable_warnings
+--echo #
+--echo # Bug#25422 (Hang with log tables)
+--echo #
 
 delimiter //;
 
@@ -602,14 +570,14 @@ end//
 create procedure proc25422_alter_slow (loops int)
 begin
   declare v1 int default 0;
+  declare old_log_state int default @@global.slow_query_log;
   declare ER_BAD_LOG_STATEMENT condition for 1575;
   declare continue handler for ER_BAD_LOG_STATEMENT begin end;
 
   while v1 < loops do
-    set @old_log_state = @@global.slow_query_log;
     set global slow_query_log = 'OFF';
     alter table mysql.slow_log engine = CSV;
-    set global slow_query_log = @old_log_state;
+    set global slow_query_log = old_log_state;
     set v1 = v1 + 1;
     end while;
 end//
@@ -617,14 +585,14 @@ end//
 create procedure proc25422_alter_general (loops int)
 begin
   declare v1 int default 0;
+  declare old_log_state int default @@global.general_log;
   declare ER_BAD_LOG_STATEMENT condition for 1575;
   declare continue handler for ER_BAD_LOG_STATEMENT begin end;
 
   while v1 < loops do
-    set @old_log_state = @@global.general_log;
     set global general_log = 'OFF';
     alter table mysql.general_log engine = CSV;
-    set global general_log = @old_log_state;
+    set global general_log = old_log_state;
     set v1 = v1 + 1;
     end while;
 end//
@@ -713,9 +681,9 @@ drop procedure proc25422_alter_general;
 --enable_ps_protocol
 
 
-#
-# Bug#23044 (Warnings on flush of a log table)
-#
+--echo #
+--echo # Bug#23044 (Warnings on flush of a log table)
+--echo #
 
 FLUSH TABLE mysql.general_log;
 show warnings;
@@ -723,18 +691,10 @@ show warnings;
 FLUSH TABLE mysql.slow_log;
 show warnings;
 
-#
-# Bug#17876 (Truncating mysql.slow_log in a SP after using cursor locks the
-#            thread)
-#
-
---disable_warnings
-DROP TABLE IF EXISTS `db_17876.slow_log_data`;
-DROP TABLE IF EXISTS `db_17876.general_log_data`;
-DROP PROCEDURE IF EXISTS `db_17876.archiveSlowLog`;
-DROP PROCEDURE IF EXISTS `db_17876.archiveGeneralLog`;
-DROP DATABASE IF EXISTS `db_17876`;
---enable_warnings
+--echo #
+--echo # Bug#17876 (Truncating mysql.slow_log in a SP after using cursor locks the
+--echo #            thread)
+--echo #
 
 CREATE DATABASE db_17876;
 
@@ -872,9 +832,9 @@ DROP DATABASE IF EXISTS `db_17876`;
 SET GLOBAL general_log = @old_general_log;
 SET GLOBAL slow_query_log = @old_slow_query_log;
 
-#
-# Bug#21557 entries in the general query log truncated at 1000 characters.
-#
+--echo #
+--echo # Bug#21557 entries in the general query log truncated at 1000 characters.
+--echo #
 
 select CONNECTION_ID() into @thread_id;
 --disable_ps_protocol
@@ -993,15 +953,9 @@ AND (command_type = 'Query' OR command_type= 'Execute');
 deallocate prepare long_query;
 set global general_log = @old_general_log;
 
-#
-# Bug#34306: Can't make copy of log tables when server binary log is enabled
-#
-
---disable_warnings
-DROP TABLE IF EXISTS log_count;
-DROP TABLE IF EXISTS slow_log_copy;
-DROP TABLE IF EXISTS general_log_copy;
---enable_warnings
+--echo #
+--echo # Bug#34306: Can't make copy of log tables when server binary log is enabled
+--echo #
 
 CREATE TABLE log_count (count BIGINT(21));
 
@@ -1031,14 +985,14 @@ INSERT INTO general_log_copy SELECT * FROM mysql.general_log;
 INSERT INTO log_count (count) VALUES ((SELECT count(*) FROM mysql.general_log));
 DROP TABLE general_log_copy;
 
-SET GLOBAL general_log = @saved_general_log;
-SET GLOBAL slow_query_log = @saved_slow_query_log;
+SET GLOBAL general_log = @old_general_log;
+SET GLOBAL slow_query_log = @old_slow_query_log;
 
 DROP TABLE log_count;
 
-#
-# Bug #31700: thd->examined_row_count not incremented for 'const' type queries
-#
+--echo #
+--echo # Bug #31700: thd->examined_row_count not incremented for 'const' type queries
+--echo #
 
 SET SESSION long_query_time = 0;
 SET GLOBAL slow_query_log = ON;
@@ -1065,16 +1019,12 @@ DROP TABLE t1;
 
 TRUNCATE TABLE mysql.slow_log;
 
-#
-# Bug #47924 main.log_tables times out sporadically
-#
+--echo #
+--echo # Bug #47924 main.log_tables times out sporadically
+--echo #
 
 use mysql;
 # Should result in error
---disable_warnings
-drop table if exists renamed_general_log;
-drop table if exists renamed_slow_log;
---enable_warnings
 --error ER_CANT_RENAME_LOG_TABLE
 RENAME TABLE general_log TO renamed_general_log;
 --error ER_CANT_RENAME_LOG_TABLE
@@ -1084,7 +1034,24 @@ use test;
 flush tables with read lock;
 unlock tables;
 
-SET @@session.long_query_time= @old_long_query_time;
+--echo #
+--echo # MDEV-33267 User with minimal permissions can intentionally corrupt mysql.slow_log table
+--echo #
+truncate mysql.slow_log;
+set global log_output= 'TABLE';
+create user u@localhost;
+set slow_query_log=on, long_query_time=0.1;
+select 'before evil-doing', sleep(0.2);
+--connect (con1,localhost,u,,)
+set @@timestamp= 2147483647;
+set slow_query_log=on, long_query_time=0.1;
+select 'evil-doing', sleep(1.1);
+--disconnect con1
+--connection default
+select 'after evil-doing', sleep(0.2);
+select distinct sql_text from mysql.slow_log where sql_text like '%evil%';
+set global log_output=default;
+drop user u@localhost;
 
 SET @@global.log_output=       @old_log_output;
 SET @@global.slow_query_log=   @old_slow_query_log;
diff --git a/mysql-test/main/long_host.result b/mysql-test/main/long_host.result
index 52b479b6..c11dcd52 100644
--- a/mysql-test/main/long_host.result
+++ b/mysql-test/main/long_host.result
@@ -19,9 +19,9 @@ create table mariadbtestdb2.t2 (a int);
 create table mariadbtestdb.t3 (a int);
 SET @saved_dbug = @@GLOBAL.debug_dbug;
 set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,getaddrinfo_fake_good_ipv4";
+flush hosts;
 # check connect
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,;
-connection con1;
 select current_user();
 current_user()
 user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345
@@ -34,7 +34,6 @@ connection default;
 grant SELECT ON *.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 a	b
 select * from mariadbtestdb2.t2;
@@ -44,7 +43,6 @@ connection default;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1`
 select * from mariadbtestdb2.t2;
@@ -54,7 +52,6 @@ connection default;
 grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 a	b
 select * from mariadbtestdb2.t2;
@@ -67,7 +64,6 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_3456789
 grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 a	b
 select * from mariadbtestdb2.t2;
@@ -80,7 +76,6 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_3456789
 grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1`
 select * from mariadbtestdb2.t2;
@@ -100,7 +95,6 @@ GRANT CREATE ROUTINE on test.* to user5678901_345678902_345678903_345678904_3456
 grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678 to user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect  con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,;
-connection con1;
 select * from mariadbtestdb.t1;
 ERROR 42000: SELECT command denied to user 'user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678'@'host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345' for table `mariadbtestdb`.`t1`
 select * from mariadbtestdb2.t2;
diff --git a/mysql-test/main/long_host.test b/mysql-test/main/long_host.test
index 301744a1..8ba1a120 100644
--- a/mysql-test/main/long_host.test
+++ b/mysql-test/main/long_host.test
@@ -33,11 +33,11 @@ create table mariadbtestdb.t3 (a int);
 
 SET @saved_dbug = @@GLOBAL.debug_dbug;
 set global debug_dbug= "+d,vio_peer_addr_fake_ipv4,getnameinfo_fake_long_host,getaddrinfo_fake_good_ipv4";
+flush hosts;
 
 --echo # check connect
 
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,);
-connection con1;
 select current_user();
 
 --echo # check global privileges
@@ -51,7 +51,6 @@ connection default;
 grant SELECT ON *.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,);
-connection con1;
 select * from mariadbtestdb.t1;
 select * from mariadbtestdb2.t2;
 
@@ -62,7 +61,6 @@ connection default;
 REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,);
-connection con1;
 --error ER_TABLEACCESS_DENIED_ERROR
 select * from mariadbtestdb.t1;
 --error ER_TABLEACCESS_DENIED_ERROR
@@ -75,7 +73,6 @@ connection default;
 grant SELECT ON mariadbtestdb.* TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,);
-connection con1;
 select * from mariadbtestdb.t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 select * from mariadbtestdb2.t2;
@@ -88,7 +85,6 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_3456789
 grant SELECT ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,);
-connection con1;
 select * from mariadbtestdb.t1;
 --error ER_TABLEACCESS_DENIED_ERROR
 select * from mariadbtestdb2.t2;
@@ -102,7 +98,6 @@ REVOKE ALL PRIVILEGES, GRANT OPTION FROM user5678901_345678902_345678903_3456789
 grant SELECT (a) ON mariadbtestdb.t1 TO user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678@host5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678913_345678914_345678915_345678916_345678917_345678918_345678919_345678920_345678921_345678922_345678923_345678924_345678925_345;
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,"*NO-ONE*",$MASTER_MYPORT,);
-connection con1;
 --error ER_TABLEACCESS_DENIED_ERROR
 select * from mariadbtestdb.t1;
 --error ER_TABLEACCESS_DENIED_ERROR
@@ -132,7 +127,6 @@ grant role5678901_345678902_345678903_345678904_345678905_345678906_345678907_34
 
 disconnect con1;
 connect (con1,"127.0.0.1","user5678901_345678902_345678903_345678904_345678905_345678906_345678907_345678908_345678909_345678910_345678911_345678912_345678",,test,$MASTER_MYPORT,);
-connection con1;
 
 --error ER_TABLEACCESS_DENIED_ERROR
 select * from mariadbtestdb.t1;
diff --git a/mysql-test/main/long_unique_bugs.result b/mysql-test/main/long_unique_bugs.result
index ce44ae2b..b8fbd40b 100644
--- a/mysql-test/main/long_unique_bugs.result
+++ b/mysql-test/main/long_unique_bugs.result
@@ -574,5 +574,108 @@ insert into t1 values (1,10),(2,20);
 update t1 set b = 30 limit 1;
 drop table t1;
 #
+# MDEV-32839 LONG UNIQUE gives error when used with REPLACE
+#
+create table t1 (
+f1 bigint(20) not null auto_increment primary key,
+f2 varchar(30) default null,
+f3 varchar(30) default null,
+f4 varchar(255) default null,
+f5 varchar(30) default null,
+f6 varchar(255) default null,
+f7 varchar(255) default null,
+unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=myisam;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+f1	f2	f3	f4	f5	f6	f7
+2	00004	0001009089999		netstes	psit	d
+4	00004	0001009089999		netstes	psit	e
+drop table t1;
+create table t1 (
+f1 bigint(20) not null auto_increment primary key,
+f2 varchar(30) default null,
+f3 varchar(30) default null,
+f4 varchar(255) default null,
+f5 varchar(30) default null,
+f6 varchar(255) default null,
+f7 varchar(255) default null,
+unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=innodb;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+f1	f2	f3	f4	f5	f6	f7
+2	00004	0001009089999		netstes	psit	d
+4	00004	0001009089999		netstes	psit	e
+drop table t1;
+create table t1 (
+f1 bigint(20) not null auto_increment primary key,
+f2 varchar(30) default null,
+f3 varchar(30) default null,
+f4 varchar(255) default null,
+f5 varchar(30) default null,
+f6 varchar(255) default null,
+f7 varchar(255) default null,
+unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=myisam partition by key(f1) partitions 2;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+f1	f2	f3	f4	f5	f6	f7
+2	00004	0001009089999		netstes	psit	d
+4	00004	0001009089999		netstes	psit	e
+drop table t1;
+create table t1 (
+f1 bigint(20) not null auto_increment primary key,
+f2 varchar(30) default null,
+f3 varchar(30) default null,
+f4 varchar(255) default null,
+f5 varchar(30) default null,
+f6 varchar(255) default null,
+f7 varchar(255) default null,
+unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=innodb partition by key(f1) partitions 2;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+f1	f2	f3	f4	f5	f6	f7
+2	00004	0001009089999		netstes	psit	d
+4	00004	0001009089999		netstes	psit	e
+drop table t1;
+#
+# MDEV-29954 Unique hash key on column prefix is computed incorrectly
+#
+create table t1 (c char(10),unique key a using hash (c(1)));
+insert into t1 values (0);
+check table t1 extended;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+drop table t1;
+#
+# MDEV-32837 long unique does not work like unique key when using replace
+#
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+REPLACE INTO t1 VALUES (3,1,1);
+SELECT * FROM t1 ORDER BY a;
+a	b	c
+2	2	2
+3	1	1
+REPLACE INTO t1 VALUES (3,2,2);
+SELECT * FROM t1;
+a	b	c
+3	2	2
+DROP TABLE t1;
+#
 # End of 10.5 tests
 #
diff --git a/mysql-test/main/long_unique_bugs.test b/mysql-test/main/long_unique_bugs.test
index c06b4169..01c3f736 100644
--- a/mysql-test/main/long_unique_bugs.test
+++ b/mysql-test/main/long_unique_bugs.test
@@ -564,5 +564,97 @@ update t1 set b = 30 limit 1;
 drop table t1;
 
 --echo #
+--echo # MDEV-32839 LONG UNIQUE gives error when used with REPLACE
+--echo #
+create table t1 (
+  f1 bigint(20) not null auto_increment primary key,
+  f2 varchar(30) default null,
+  f3 varchar(30) default null,
+  f4 varchar(255) default null,
+  f5 varchar(30) default null,
+  f6 varchar(255) default null,
+  f7 varchar(255) default null,
+  unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=myisam;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+drop table t1;
+
+create table t1 (
+  f1 bigint(20) not null auto_increment primary key,
+  f2 varchar(30) default null,
+  f3 varchar(30) default null,
+  f4 varchar(255) default null,
+  f5 varchar(30) default null,
+  f6 varchar(255) default null,
+  f7 varchar(255) default null,
+  unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=innodb;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+drop table t1;
+
+create table t1 (
+  f1 bigint(20) not null auto_increment primary key,
+  f2 varchar(30) default null,
+  f3 varchar(30) default null,
+  f4 varchar(255) default null,
+  f5 varchar(30) default null,
+  f6 varchar(255) default null,
+  f7 varchar(255) default null,
+  unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=myisam partition by key(f1) partitions 2;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+drop table t1;
+
+create table t1 (
+  f1 bigint(20) not null auto_increment primary key,
+  f2 varchar(30) default null,
+  f3 varchar(30) default null,
+  f4 varchar(255) default null,
+  f5 varchar(30) default null,
+  f6 varchar(255) default null,
+  f7 varchar(255) default null,
+  unique problem_key (f3,f5,f6,f2,f4,f7) using hash
+) engine=innodb partition by key(f1) partitions 2;
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'd');
+insert  t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+replace t1 (f2, f3, f4, f5, f6, f7) values ('00004', '0001009089999', '', 'netstes', 'psit', 'e');
+select * from t1;
+drop table t1;
+
+--echo #
+--echo # MDEV-29954 Unique hash key on column prefix is computed incorrectly
+--echo #
+create table t1 (c char(10),unique key a using hash (c(1)));
+insert into t1 values (0);
+check table t1 extended;
+drop table t1;
+
+
+--echo #
+--echo # MDEV-32837 long unique does not work like unique key when using replace
+--echo #
+
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+REPLACE INTO t1 VALUES (3,1,1);
+SELECT * FROM t1 ORDER BY a;
+REPLACE INTO t1 VALUES (3,2,2);
+SELECT * FROM t1;
+DROP TABLE t1;
+
+--echo #
 --echo # End of 10.5 tests
 --echo #
diff --git a/mysql-test/main/long_unique_bugs_no_sp_protocol.result b/mysql-test/main/long_unique_bugs_no_sp_protocol.result
new file mode 100644
index 00000000..0776a130
--- /dev/null
+++ b/mysql-test/main/long_unique_bugs_no_sp_protocol.result
@@ -0,0 +1,95 @@
+#
+# Start of 10.5 tests
+#
+#
+# MDEV-32837 long unique does not work like unique key when using replace
+#
+#
+# Normal unique key + long unique key
+#
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_delete	1
+Handler_read_key	2
+Handler_read_rnd	1
+Handler_write	1
+SELECT * FROM t1 ORDER BY a;
+a	b	c
+2	2	2
+3	1	1
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_delete	1
+Handler_read_key	3
+Handler_read_rnd	2
+Handler_update	1
+Handler_write	1
+SELECT * FROM t1;
+a	b	c
+3	2	2
+DROP TABLE t1;
+#
+# Two long unique keys
+#
+CREATE TABLE t1 (a INT, b INT, c INT, UNIQUE KEY a (a) USING HASH,UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_read_key	3
+Handler_read_rnd	1
+Handler_update	1
+SELECT * FROM t1 ORDER BY a;
+a	b	c
+2	2	2
+3	1	1
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_delete	1
+Handler_read_key	4
+Handler_read_rnd	2
+Handler_update	1
+SELECT * FROM t1;
+a	b	c
+3	2	2
+DROP TABLE t1;
+#
+# One long unique key
+#
+CREATE TABLE t1 (a INT, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_read_key	1
+Handler_read_rnd	1
+Handler_update	1
+SELECT * FROM t1 ORDER BY a;
+a	b	c
+2	2	2
+3	1	1
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+Variable_name	Value
+Handler_read_key	1
+Handler_read_rnd	1
+Handler_update	1
+SELECT * FROM t1;
+a	b	c
+3	1	1
+3	2	2
+DROP TABLE t1;
+#
+# End of 10.5 tests
+#
diff --git a/mysql-test/main/long_unique_bugs_no_sp_protocol.test b/mysql-test/main/long_unique_bugs_no_sp_protocol.test
new file mode 100644
index 00000000..6bfa6182
--- /dev/null
+++ b/mysql-test/main/long_unique_bugs_no_sp_protocol.test
@@ -0,0 +1,68 @@
+if (`SELECT $SP_PROTOCOL > 0`)
+{
+   --skip Test requires: sp-protocol disabled
+}
+
+
+--echo #
+--echo # Start of 10.5 tests
+--echo #
+
+--echo #
+--echo # MDEV-32837 long unique does not work like unique key when using replace
+--echo #
+
+# This test produces different Handler commands in the SHOW STATUS output
+# with --sp-protocol. So it's here, in this *.test file with --sp-protocol disabled.
+
+--echo #
+--echo # Normal unique key + long unique key
+--echo #
+
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1 ORDER BY a;
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1;
+DROP TABLE t1;
+
+--echo #
+--echo # Two long unique keys
+--echo #
+
+CREATE TABLE t1 (a INT, b INT, c INT, UNIQUE KEY a (a) USING HASH,UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1 ORDER BY a;
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1;
+DROP TABLE t1;
+
+--echo #
+--echo # One long unique key
+--echo #
+
+CREATE TABLE t1 (a INT, b INT, c INT, UNIQUE KEY `test` (b,c) USING HASH) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1,1,1),(2,2,2);
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,1,1);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1 ORDER BY a;
+FLUSH STATUS;
+REPLACE INTO t1 VALUES (3,2,2);
+SHOW STATUS WHERE Variable_name LIKE 'handler%' AND Value>0;
+SELECT * FROM t1;
+DROP TABLE t1;
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/main/lotofstack.result b/mysql-test/main/lotofstack.result
new file mode 100644
index 00000000..553dcb3b
--- /dev/null
+++ b/mysql-test/main/lotofstack.result
@@ -0,0 +1,101 @@
+create function bug10100f(prm int) returns int
+begin
+if prm > 1 then
+return prm * bug10100f(prm - 1);
+end if;
+return 1;
+end|
+set statement sql_mode = '' for
+create procedure bug10100p(prm int, inout res int)
+begin
+set res = res * prm;
+if prm > 1 then
+call bug10100p(prm - 1, res);
+end if;
+end|
+set statement sql_mode = '' for
+create procedure bug10100t(prm int)
+begin
+declare res int;
+set res = 1;
+call bug10100p(prm, res);
+select res;
+end|
+create table t3 (a int)|
+insert into t3 values (0)|
+create view v1 as select a from t3|
+create procedure bug10100pt(level int, lim int)
+begin
+if level < lim then
+update t3 set a=level;
+FLUSH TABLES;
+call bug10100pt(level+1, lim);
+else
+select * from t3;
+end if;
+end|
+create procedure bug10100pv(level int, lim int)
+begin
+if level < lim then
+update v1 set a=level;
+FLUSH TABLES;
+call bug10100pv(level+1, lim);
+else
+select * from v1;
+end if;
+end|
+prepare stmt2 from "select * from t3;";
+create procedure bug10100pd(level int, lim int)
+begin
+if level < lim then
+select level;
+prepare stmt1 from "update t3 set a=a+2";
+execute stmt1;
+FLUSH TABLES;
+execute stmt1;
+FLUSH TABLES;
+execute stmt1;
+FLUSH TABLES;
+deallocate prepare stmt1;
+execute stmt2;
+select * from t3;
+call bug10100pd(level+1, lim);
+else
+execute stmt2;
+end if;
+end|
+create procedure bug10100pc(level int, lim int)
+begin
+declare lv int;
+declare c cursor for select a from t3;
+open c;
+if level < lim then
+select level;
+fetch c into lv;
+select lv;
+update t3 set a=level+lv;
+FLUSH TABLES;
+call bug10100pc(level+1, lim);
+else
+select * from t3;
+end if;
+close c;
+end|
+set @@max_sp_recursion_depth=255|
+set @var=1|
+call bug10100p(255, @var)|
+call bug10100pt(1,255)|
+call bug10100pv(1,255)|
+call bug10100pd(1,255)|
+call bug10100pc(1,255)|
+set @@max_sp_recursion_depth=0|
+deallocate prepare stmt2|
+drop function bug10100f|
+drop procedure bug10100p|
+drop procedure bug10100t|
+drop procedure bug10100pt|
+drop procedure bug10100pv|
+drop procedure bug10100pd|
+drop procedure bug10100pc|
+drop view v1|
+drop table t3|
diff --git a/mysql-test/main/lotofstack.test b/mysql-test/main/lotofstack.test
new file mode 100644
index 00000000..a658fb00
--- /dev/null
+++ b/mysql-test/main/lotofstack.test
@@ -0,0 +1,133 @@
+#
+# For tests that need a lot of stack - they likely won't work under ASAN
+#
+source include/not_asan.inc;
+source include/not_embedded.inc;
+
+#
+# Bug#10100 function (and stored procedure?) recursivity problem
+#
+# routines with simple recursion
+delimiter |;
+create function bug10100f(prm int) returns int
+begin
+  if prm > 1 then
+    return prm * bug10100f(prm - 1);
+  end if;
+  return 1;
+end|
+set statement sql_mode = '' for
+create procedure bug10100p(prm int, inout res int)
+begin
+  set res = res * prm;
+  if prm > 1 then
+    call bug10100p(prm - 1, res);
+  end if;
+end|
+set statement sql_mode = '' for
+create procedure bug10100t(prm int)
+begin
+  declare res int;
+  set res = 1;
+  call bug10100p(prm, res);
+  select res;
+end|
+
+# a procedure which use tables and recursion
+create table t3 (a int)|
+insert into t3 values (0)|
+create view v1 as select a from t3|
+create procedure bug10100pt(level int, lim int)
+begin
+  if level < lim then
+    update t3 set a=level;
+    FLUSH TABLES;
+    call bug10100pt(level+1, lim);
+  else
+    select * from t3;
+  end if;
+end|
+# view & recursion
+create procedure bug10100pv(level int, lim int)
+begin
+  if level < lim then
+    update v1 set a=level;
+    FLUSH TABLES;
+    call bug10100pv(level+1, lim);
+  else
+    select * from v1;
+  end if;
+end|
+# dynamic sql & recursion
+prepare stmt2 from "select * from t3;";
+create procedure bug10100pd(level int, lim int)
+begin
+  if level < lim then
+    select level;
+    prepare stmt1 from "update t3 set a=a+2";
+    execute stmt1;
+    FLUSH TABLES;
+    execute stmt1;
+    FLUSH TABLES;
+    execute stmt1;
+    FLUSH TABLES;
+    deallocate prepare stmt1;
+    execute stmt2;
+    select * from t3;
+    call bug10100pd(level+1, lim);
+  else
+    execute stmt2;
+  end if;
+end|
+# cursor & recursion
+create procedure bug10100pc(level int, lim int)
+begin
+  declare lv int;
+  declare c cursor for select a from t3;
+  open c;
+  if level < lim then
+    select level;
+    fetch c into lv;
+    select lv;
+    update t3 set a=level+lv;
+    FLUSH TABLES;
+    call bug10100pc(level+1, lim);
+  else
+    select * from t3;
+  end if;
+  close c;
+end|
+
+# end of the stack checking
+set @@max_sp_recursion_depth=255|
+set @var=1|
+# disable log because error about stack overrun contains numbers which
+# depend on a system
+-- disable_ps_protocol
+-- disable_result_log
+-- error ER_STACK_OVERRUN_NEED_MORE
+call bug10100p(255, @var)|
+-- error ER_STACK_OVERRUN_NEED_MORE
+call bug10100pt(1,255)|
+-- error ER_STACK_OVERRUN_NEED_MORE
+call bug10100pv(1,255)|
+-- error ER_STACK_OVERRUN_NEED_MORE
+call bug10100pd(1,255)|
+-- error ER_STACK_OVERRUN_NEED_MORE
+call bug10100pc(1,255)|
+-- enable_result_log
+-- enable_ps_protocol
+set @@max_sp_recursion_depth=0|
+
+deallocate prepare stmt2|
+
+drop function bug10100f|
+drop procedure bug10100p|
+drop procedure bug10100t|
+drop procedure bug10100pt|
+drop procedure bug10100pv|
+drop procedure bug10100pd|
+drop procedure bug10100pc|
+drop view v1|
+drop table t3|
+delimiter ;|
diff --git a/mysql-test/main/lowercase_table5.result b/mysql-test/main/lowercase_table5.result
index f2b5bb0c..77318a8e 100644
--- a/mysql-test/main/lowercase_table5.result
+++ b/mysql-test/main/lowercase_table5.result
@@ -11,3 +11,39 @@ Database	Create Database
 mysql_TEST	CREATE DATABASE `mysql_TEST` /*!40100 DEFAULT CHARACTER SET utf8mb3 COLLATE utf8mb3_general_ci */
 DROP DATABASE mysql_test;
 DROP DATABASE mysql_TEST;
+#
+# Start of 10.4 tests
+#
+#
+# MDEV-33019 The database part is not case sensitive in SP names
+#
+CREATE DATABASE DB1;
+CREATE DATABASE db1;
+CREATE PROCEDURE DB1.sp() SELECT 'This is DB1.sp' AS ret;
+CREATE PROCEDURE db1.sp() SELECT 'This is db1.sp' AS ret;
+CALL DB1.sp();
+ret
+This is DB1.sp
+CALL db1.sp();
+ret
+This is db1.sp
+DROP DATABASE DB1;
+CALL DB1.sp();
+ERROR 42000: PROCEDURE DB1.sp does not exist
+CALL db1.sp();
+ret
+This is db1.sp
+DROP DATABASE db1;
+CREATE PROCEDURE SP() SELECT 'This is SP' AS ret;
+CREATE PROCEDURE sp() SELECT 'This is sp' AS ret;
+ERROR 42000: PROCEDURE sp already exists
+CALL SP();
+ret
+This is SP
+CALL sp();
+ret
+This is SP
+DROP PROCEDURE SP;
+#
+# End of 10.4 tests
+#
diff --git a/mysql-test/main/lowercase_table5.test b/mysql-test/main/lowercase_table5.test
index dfdfafcb..0103dbf5 100644
--- a/mysql-test/main/lowercase_table5.test
+++ b/mysql-test/main/lowercase_table5.test
@@ -18,3 +18,34 @@ DROP DATABASE mysql_test;
 DROP DATABASE mysql_TEST;
 
 # End of 10.0 tests
+
+--echo #
+--echo # Start of 10.4 tests
+--echo #
+
+--echo #
+--echo # MDEV-33019 The database part is not case sensitive in SP names
+--echo #
+
+CREATE DATABASE DB1;
+CREATE DATABASE db1;
+CREATE PROCEDURE DB1.sp() SELECT 'This is DB1.sp' AS ret;
+CREATE PROCEDURE db1.sp() SELECT 'This is db1.sp' AS ret;
+CALL DB1.sp();
+CALL db1.sp();
+DROP DATABASE DB1;
+--error ER_SP_DOES_NOT_EXIST
+CALL DB1.sp();
+CALL db1.sp();
+DROP DATABASE db1;
+
+CREATE PROCEDURE SP() SELECT 'This is SP' AS ret;
+--error ER_SP_ALREADY_EXISTS
+CREATE PROCEDURE sp() SELECT 'This is sp' AS ret;
+CALL SP();
+CALL sp();
+DROP PROCEDURE SP;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
diff --git a/mysql-test/main/mdl.result b/mysql-test/main/mdl.result
index c0f5671c..dd3d9239 100644
--- a/mysql-test/main/mdl.result
+++ b/mysql-test/main/mdl.result
@@ -61,7 +61,7 @@ DROP TABLE t1,t3;
 #
 # Check MDL locks taken for different kind of tables by open
 #
-CREATE TABLE t1(a INT) ENGINE=InnoDB;
+CREATE TABLE t1(a INT) stats_persistent=0, ENGINE=InnoDB;
 CREATE TABLE t3(a INT) ENGINE=myisam;
 connect purge_control,localhost,root,,;
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
diff --git a/mysql-test/main/mdl.test b/mysql-test/main/mdl.test
index 65d02d77..6b0c7690 100644
--- a/mysql-test/main/mdl.test
+++ b/mysql-test/main/mdl.test
@@ -43,7 +43,7 @@ DROP TABLE t1,t3;
 --echo # Check MDL locks taken for different kind of tables by open
 --echo #
 
-CREATE TABLE t1(a INT) ENGINE=InnoDB;
+CREATE TABLE t1(a INT) stats_persistent=0, ENGINE=InnoDB;
 CREATE TABLE t3(a INT) ENGINE=myisam;
 connect(purge_control,localhost,root,,);
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
diff --git a/mysql-test/main/mdl_sync.result b/mysql-test/main/mdl_sync.result
index 0ffe2f74..0324c261 100644
--- a/mysql-test/main/mdl_sync.result
+++ b/mysql-test/main/mdl_sync.result
@@ -2403,6 +2403,7 @@ connection con2;
 SET DEBUG_SYNC= 'now WAIT_FOR table_opened';
 # Check that FLUSH must wait to get the GRL
 # and let DROP PROCEDURE continue
+InnoDB		0 transactions not purged
 SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info;
 LOCK_MODE	LOCK_TYPE	TABLE_SCHEMA	TABLE_NAME
 MDL_BACKUP_DDL	Backup lock		
@@ -2427,7 +2428,7 @@ SET DEBUG_SYNC= 'RESET';
 # UPDATE should wait for FTWRL with non transactional table second
 #
 create table t1 (a int) engine=myisam;
-create table t2 (a int) engine=innodb;
+create table t2 (a int) stats_persistent=0, engine=innodb;
 insert into t1 values (1);
 insert into t2 values (1);
 SET DEBUG_SYNC= 'after_open_table_mdl_shared SIGNAL table_opened WAIT_FOR grlwait execute 2';
diff --git a/mysql-test/main/mdl_sync.test b/mysql-test/main/mdl_sync.test
index 3df19aca..7a928a4c 100644
--- a/mysql-test/main/mdl_sync.test
+++ b/mysql-test/main/mdl_sync.test
@@ -3085,6 +3085,7 @@ connection con2;
 SET DEBUG_SYNC= 'now WAIT_FOR table_opened';
 --echo # Check that FLUSH must wait to get the GRL
 --echo # and let DROP PROCEDURE continue
+--source ../suite/innodb/include/wait_all_purged.inc
 SELECT LOCK_MODE, LOCK_TYPE, TABLE_SCHEMA, TABLE_NAME FROM information_schema.metadata_lock_info;
 SET DEBUG_SYNC= 'mdl_acquire_lock_wait SIGNAL grlwait';
 --send FLUSH TABLES WITH READ LOCK
@@ -3110,7 +3111,7 @@ SET DEBUG_SYNC= 'RESET';
 --echo #
 
 create table t1 (a int) engine=myisam;
-create table t2 (a int) engine=innodb;
+create table t2 (a int) stats_persistent=0, engine=innodb;
 insert into t1 values (1);
 insert into t2 values (1);
 
diff --git a/mysql-test/main/mrr_icp_extra.result b/mysql-test/main/mrr_icp_extra.result
index 1b33b008..48b3b91d 100644
--- a/mysql-test/main/mrr_icp_extra.result
+++ b/mysql-test/main/mrr_icp_extra.result
@@ -38,18 +38,24 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 EXPLAIN SELECT * FROM t1 WHERE s2 BETWEEN 'a' AND 'b' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` >= "'a'" of collation `latin1_german1_ci`
 EXPLAIN SELECT * FROM t1 WHERE s1 IN  ('a','b' COLLATE latin1_german1_ci);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	range	s1	s1	11	NULL	2	Using index condition; Rowid-ordered scan
 EXPLAIN SELECT * FROM t1 WHERE s2 IN  ('a','b' COLLATE latin1_german1_ci);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` = "'a'" of collation `latin1_german1_ci`
 EXPLAIN SELECT * FROM t1 WHERE s1 LIKE 'a' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	range	s1	s1	11	NULL	1	Using index condition; Rowid-ordered scan
 EXPLAIN SELECT * FROM t1 WHERE s2 LIKE 'a' COLLATE latin1_german1_ci;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	s2	NULL	NULL	NULL	10	Using where
+Warnings:
+Note	1105	Cannot use key `s2` part[0] for lookup: `test`.`t1`.`s2` of collation `latin1_swedish_ci` like "'a' collate latin1_german1_ci" of collation `latin1_german1_ci`
 DROP TABLE t1;
 #
 #
diff --git a/mysql-test/main/myisam_explain_non_select_all.result b/mysql-test/main/myisam_explain_non_select_all.result
index cc42c16d..e28c2a0f 100644
--- a/mysql-test/main/myisam_explain_non_select_all.result
+++ b/mysql-test/main/myisam_explain_non_select_all.result
@@ -1506,7 +1506,7 @@ EXPLAIN DELETE   FROM t1 WHERE i > 10 AND i <= 18 ORDER BY i LIMIT 5;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` <= "18" of type `int`
 FLUSH STATUS;
 FLUSH TABLES;
@@ -1514,7 +1514,7 @@ EXPLAIN EXTENDED DELETE   FROM t1 WHERE i > 10 AND i <= 18 ORDER BY i LIMIT 5;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	100.00	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` <= "18" of type `int`
 Note	1003	delete  from `test`.`t1` where `test`.`t1`.`i` > 10 and `test`.`t1`.`i` <= 18 order by `test`.`t1`.`i` limit 5
 # Status of EXPLAIN EXTENDED query
@@ -1526,7 +1526,9 @@ EXPLAIN EXTENDED SELECT * FROM t1 WHERE i > 10 AND i <= 18 ORDER BY i LIMIT 5;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	i	NULL	NULL	NULL	26	100.00	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` <= "18" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` <= "18" of type `int`
 Note	1003	select `test`.`t1`.`a` AS `a`,`test`.`t1`.`i` AS `i` from `test`.`t1` where `test`.`t1`.`i` > 10 and `test`.`t1`.`i` <= 18 order by `test`.`t1`.`i` limit 5
 # Status of EXPLAIN EXTENDED "equivalent" SELECT query execution
@@ -1551,6 +1553,71 @@ Sort_rows	8
 Sort_scan	1
 
 DROP TABLE t1;
+#30a
+#
+# MDEV-32957 Unusable key notes report wrong predicates for > and >=
+#
+CREATE TABLE t1(a INT, i CHAR(2), INDEX(i(1)));
+INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
+(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),
+(30),(31),(32),(33),(34),(35);
+#
+# query:  DELETE   FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5
+# select: SELECT * FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5
+#
+Warnings:
+Warning	1287	'<select expression> INTO <destination>;' is deprecated and will be removed in a future release. Please use 'SELECT <select list> INTO <destination> FROM...' instead
+EXPLAIN DELETE   FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "18" of type `int`
+FLUSH STATUS;
+FLUSH TABLES;
+EXPLAIN EXTENDED DELETE   FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	100.00	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "18" of type `int`
+Note	1003	delete  from `test`.`t1` where `test`.`t1`.`i` >= 10 and `test`.`t1`.`i` < 18 order by `test`.`t1`.`i` limit 5
+# Status of EXPLAIN EXTENDED query
+Variable_name	Value
+Handler_read_key	4
+FLUSH STATUS;
+FLUSH TABLES;
+EXPLAIN EXTENDED SELECT * FROM t1 WHERE i >= 10 AND i < 18 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	t1	ALL	i	NULL	NULL	NULL	26	100.00	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "18" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "18" of type `int`
+Note	1003	select `test`.`t1`.`a` AS `a`,`test`.`t1`.`i` AS `i` from `test`.`t1` where `test`.`t1`.`i` >= 10 and `test`.`t1`.`i` < 18 order by `test`.`t1`.`i` limit 5
+# Status of EXPLAIN EXTENDED "equivalent" SELECT query execution
+Variable_name	Value
+Handler_read_key	4
+Warnings:
+Warning	1287	'<select expression> INTO <destination>;' is deprecated and will be removed in a future release. Please use 'SELECT <select list> INTO <destination> FROM...' instead
+# Status of "equivalent" SELECT query execution:
+Variable_name	Value
+Handler_read_key	4
+Handler_read_rnd_next	27
+Sort_priority_queue_sorts	1
+Sort_rows	5
+Sort_scan	1
+# Status of testing query execution:
+Variable_name	Value
+Handler_delete	5
+Handler_read_key	4
+Handler_read_rnd	5
+Handler_read_rnd_next	27
+Sort_rows	8
+Sort_scan	1
+
+DROP TABLE t1;
 #31
 CREATE TABLE t1 (i INT);
 INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
@@ -2057,7 +2124,7 @@ EXPLAIN UPDATE t2 SET a = 10 WHERE i > 10 AND i <= 18 ORDER BY i LIMIT 5;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t2	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` <= "18" of type `int`
 FLUSH STATUS;
 FLUSH TABLES;
@@ -2065,7 +2132,7 @@ EXPLAIN EXTENDED UPDATE t2 SET a = 10 WHERE i > 10 AND i <= 18 ORDER BY i LIMIT
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t2	ALL	NULL	NULL	NULL	NULL	26	100.00	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` <= "18" of type `int`
 Note	1003	update `test`.`t2` set `test`.`t2`.`a` = 10 where `test`.`t2`.`i` > 10 and `test`.`t2`.`i` <= 18 order by `test`.`t2`.`i` limit 5
 # Status of EXPLAIN EXTENDED query
@@ -2077,7 +2144,9 @@ EXPLAIN EXTENDED SELECT * FROM t2     WHERE i > 10 AND i <= 18 ORDER BY i LIMIT
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t2	ALL	i	NULL	NULL	NULL	26	100.00	Using where; Using filesort
 Warnings:
-Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` > "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` <= "18" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` > "10" of type `int`
 Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t2`.`i` of type `char` <= "18" of type `int`
 Note	1003	select `test`.`t2`.`a` AS `a`,`test`.`t2`.`i` AS `i` from `test`.`t2` where `test`.`t2`.`i` > 10 and `test`.`t2`.`i` <= 18 order by `test`.`t2`.`i` limit 5
 # Status of EXPLAIN EXTENDED "equivalent" SELECT query execution
diff --git a/mysql-test/main/mysql-interactive.result b/mysql-test/main/mysql-interactive.result
new file mode 100644
index 00000000..a18c018b
--- /dev/null
+++ b/mysql-test/main/mysql-interactive.result
@@ -0,0 +1,24 @@
+#
+# regression introduced by MDEV-14448
+#
+delimiter $

+select 1;

+$

+Welcome to the MariaDB monitor.  Commands end with ; or \g.

+Your MariaDB connection id is X

+Server version: Y

+Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

+

+Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

+

+MariaDB [(none)]> delimiter $

+MariaDB [(none)]> select 1;

+    -> $

++---+

+| 1 |

++---+

+| 1 |

++---+

+1 row in set

+

+MariaDB [(none)]> 
\ No newline at end of file
diff --git a/mysql-test/main/mysql-interactive.test b/mysql-test/main/mysql-interactive.test
new file mode 100644
index 00000000..2015e9d6
--- /dev/null
+++ b/mysql-test/main/mysql-interactive.test
@@ -0,0 +1,29 @@
+--echo #
+--echo # regression introduced by MDEV-14448
+--echo #
+source include/not_embedded.inc;
+source include/not_windows.inc;
+
+error 0,1;
+exec $MYSQL -V|grep -q readline;
+if ($sys_errno == 1)
+{
+  # strangely enough
+  skip does not work with libedit;
+}
+
+write_file $MYSQL_TMP_DIR/mysql_in;
+delimiter $
+select 1;
+$
+EOF
+let TERM=dumb;
+replace_regex /id is \d+/id is X/ /Server version: .*/Server version: Y/ / \(\d+\.\d+ sec\)//;
+error 0,127;
+exec socat EXEC:"$MYSQL",pty STDIO < $MYSQL_TMP_DIR/mysql_in;
+if ($sys_errno == 127)
+{
+  remove_file $MYSQL_TMP_DIR/mysql_in;
+  skip no socat;
+}
+remove_file $MYSQL_TMP_DIR/mysql_in;
diff --git a/mysql-test/main/mysql_connector_net.ps1 b/mysql-test/main/mysql_connector_net.ps1
new file mode 100644
index 00000000..159acf93
--- /dev/null
+++ b/mysql-test/main/mysql_connector_net.ps1
@@ -0,0 +1,58 @@
+$assembly = [system.reflection.Assembly]::LoadWithPartialName("MySql.Data")
+if ($assembly -eq $null)
+{
+  "Can't load assembly MySql.Data"
+  exit 100
+}
+
+try
+{
+  $connectionString =[string]::Format("server=127.0.0.1;uid=root;port={0};Connection Reset=true;",$Env:MASTER_MYPORT)
+  $connection = [MySql.Data.MySqlClient.MySqlConnection]@{ConnectionString=$connectionString}
+  $connection.Open()
+
+  # Test ExecuteReader()
+  $command = New-Object MySql.Data.MySqlClient.MySqlCommand
+  $command.Connection = $connection
+  $command.CommandText = "SELECT @@old_mode"
+  $reader = $command.ExecuteReader()
+  $reader.GetName(0)
+  while ($reader.Read())
+  {
+    $reader.GetValue(0)
+  }
+
+  # Test connection reset
+  $connection.Close()
+  $connection.Open()
+  # Test ExecuteNonQuery()
+  $command.CommandText="do 1";
+  $affected_rows = $command.ExecuteNonQuery()
+  if ($affected_rows -ne 0)
+  {
+    "Expected affected rows 0, actual $affected_rows"
+    exit 1
+  }
+  # Test Prepared Statement
+  $command.CommandText = "SELECT @var";
+  [void]$command.Parameters.AddWithValue("@var", 1);
+  $command.Prepare();
+  $out = $command.ExecuteScalar();
+  if ($out -ne 1)
+  {
+    "Expected output 1, actual $out"
+    exit 1
+  }
+  $connection.Close()
+}
+catch
+{
+  # Dump exception
+  $_
+  $inner = $PSItem.Exception.InnerException
+  if ($inner -ne  $null)
+  {
+    $PSItem.Exception.InnerException.Message
+    $PSItem.Exception.InnerException.StackTrace
+  }
+}
diff --git a/mysql-test/main/mysql_connector_net.result b/mysql-test/main/mysql_connector_net.result
new file mode 100644
index 00000000..f2fa39df
--- /dev/null
+++ b/mysql-test/main/mysql_connector_net.result
@@ -0,0 +1,2 @@
+@@old_mode
+UTF8_IS_UTF8MB3,NO_NULL_COLLATION_IDS
diff --git a/mysql-test/main/mysql_connector_net.test b/mysql-test/main/mysql_connector_net.test
new file mode 100644
index 00000000..c1dce65a
--- /dev/null
+++ b/mysql-test/main/mysql_connector_net.test
@@ -0,0 +1,11 @@
+--source include/windows.inc
+let $sys_errno=0;
+
+# Error 100 is returned by the powershell script
+# if MySql.Data is not installed
+--error 0,100
+--exec powershell -NoLogo -NoProfile -File main\mysql_connector_net.ps1
+if ($sys_errno != 0)
+{
+  --skip Connector/NET is not installed
+}
diff --git a/mysql-test/main/mysql_install_db_win.test b/mysql-test/main/mysql_install_db_win.test
index f6113847..f0ce4805 100644
--- a/mysql-test/main/mysql_install_db_win.test
+++ b/mysql-test/main/mysql_install_db_win.test
@@ -24,7 +24,9 @@ rmdir $ddir;
 # MDEV-23052
 # 1. mysql_install_db works on existing, empty directory
 mkdir $ddir;
-exec $MYSQL_INSTALL_DB_EXE --datadir=$ddir --password=foo -R > /dev/null;
+disable_result_log;
+exec $MYSQL_INSTALL_DB_EXE --datadir=$ddir --password=foo -R --verbose-bootstrap;
+enable_result_log;
 rmdir $ddir;
 
 # 2. mysql_install_db rejects existing, non-empty directory, and does not
diff --git a/mysql-test/main/mysql_json_table_recreate.result b/mysql-test/main/mysql_json_table_recreate.result
index 207dde9d..a61377fe 100644
--- a/mysql-test/main/mysql_json_table_recreate.result
+++ b/mysql-test/main/mysql_json_table_recreate.result
@@ -30,6 +30,12 @@ show create table mysql_json_test;
 ERROR HY000: Table rebuild required. Please do "ALTER TABLE `test.mysql_json_test` FORCE" or dump/reload to fix it!
 select * from mysql_json_test;
 ERROR HY000: Table rebuild required. Please do "ALTER TABLE `test.mysql_json_test` FORCE" or dump/reload to fix it!
+CREATE TABLE t2 AS SELECT * FROM mysql_json_test;
+ERROR HY000: Table rebuild required. Please do "ALTER TABLE `test.mysql_json_test` FORCE" or dump/reload to fix it!
+CREATE TABLE t2 (a mysql_json /*new column*/) AS SELECT * FROM mysql_json_test;
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE TABLE t2 (actual mysql_json /*existing column*/) AS SELECT * FROM mysql_json_test;
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
 LOCK TABLES mysql_json_test WRITE;
 ERROR HY000: Table rebuild required. Please do "ALTER TABLE `test.mysql_json_test` FORCE" or dump/reload to fix it!
 alter table mysql_json_test force;
@@ -169,3 +175,67 @@ Total_Number_of_Tests	Succesful_Tests	String_is_valid_JSON
 drop table tempty;
 drop table mysql_json_test;
 drop table mysql_json_test_big;
+#
+# MDEV-32790: Output result in show create table
+#             for mysql_json type should be longtext
+#
+create table t1(j json);
+show create table t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `j` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT NULL CHECK (json_valid(`j`))
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+drop table t1;
+create table t1(j mysql_json);
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+create table `testjson` (
+`t` json /* JSON from MySQL 5.7*/ CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=InnoDB DEFAULT CH...' at line 2
+create table `testjson` (
+`t` json /* JSON from MySQL 5.7*/ COLLATE utf8mb4_bin NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+show create table testjson;
+Table	Create Table
+testjson	CREATE TABLE `testjson` (
+  `t` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL CHECK (json_valid(`t`))
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+drop table testjson;
+create table `testjson` (
+`t` longtext /* JSON from MySQL 5.7 */ CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+show create table testjson;
+Table	Create Table
+testjson	CREATE TABLE `testjson` (
+  `t` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+drop table testjson;
+#
+# MDEV-32235: mysql_json cannot be used on newly created table
+#
+CREATE TABLE t(j mysql_json);
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE TABLE IF NOT EXISTS t(j mysql_json);
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE OR REPLACE TABLE t(j mysql_json);
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE TEMPORARY TABLE t(j mysql_json);
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE TABLE t1 (a TEXT);
+ALTER TABLE t1 MODIFY a mysql_json;
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+DROP TABLE t1;
+CREATE FUNCTION f1() RETURNS mysql_json RETURN NULL;
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE FUNCTION f1(a mysql_json) RETURNS INT RETURN 0;
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+CREATE PROCEDURE p1()
+BEGIN
+DECLARE a mysql_json;
+END;
+$$
+ERROR HY000: 'MYSQL_JSON' is not allowed in this context
+#
+# End of 10.5 tests
+#
diff --git a/mysql-test/main/mysql_json_table_recreate.test b/mysql-test/main/mysql_json_table_recreate.test
index a399b546..a6f1d319 100644
--- a/mysql-test/main/mysql_json_table_recreate.test
+++ b/mysql-test/main/mysql_json_table_recreate.test
@@ -52,6 +52,13 @@ show create table mysql_json_test;
 select * from mysql_json_test;
 
 --error ER_TABLE_NEEDS_REBUILD
+CREATE TABLE t2 AS SELECT * FROM mysql_json_test;
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE TABLE t2 (a mysql_json /*new column*/) AS SELECT * FROM mysql_json_test;
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE TABLE t2 (actual mysql_json /*existing column*/) AS SELECT * FROM mysql_json_test;
+
+--error ER_TABLE_NEEDS_REBUILD
 LOCK TABLES mysql_json_test WRITE;
 
 alter table mysql_json_test force;
@@ -88,3 +95,69 @@ from mysql_json_test_big;
 drop table tempty;
 drop table mysql_json_test;
 drop table mysql_json_test_big;
+
+--echo #
+--echo # MDEV-32790: Output result in show create table
+--echo #             for mysql_json type should be longtext
+--echo #
+
+create table t1(j json);
+show create table t1;
+drop table t1;
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+create table t1(j mysql_json);
+# `json` type should not have character set and collation other than utf8mb4_bin
+--error ER_PARSE_ERROR
+create table `testjson` (
+  `t` json /* JSON from MySQL 5.7*/ CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+
+# By removing character set from `json` field query should work and
+# expand to `longtext` with characterset
+create table `testjson` (
+  `t` json /* JSON from MySQL 5.7*/ COLLATE utf8mb4_bin NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+show create table testjson;
+drop table testjson;
+
+# `longtext` that is alias can have character set
+create table `testjson` (
+  `t` longtext /* JSON from MySQL 5.7 */ CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+show create table testjson;
+drop table testjson;
+
+--echo #
+--echo # MDEV-32235: mysql_json cannot be used on newly created table
+--echo #
+
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE TABLE t(j mysql_json);
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE TABLE IF NOT EXISTS t(j mysql_json);
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE OR REPLACE TABLE t(j mysql_json);
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE TEMPORARY TABLE t(j mysql_json);
+
+CREATE TABLE t1 (a TEXT);
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+ALTER TABLE t1 MODIFY a mysql_json;
+DROP TABLE t1;
+
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE FUNCTION f1() RETURNS mysql_json RETURN NULL;
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE FUNCTION f1(a mysql_json) RETURNS INT RETURN 0;
+DELIMITER $$;
+--error ER_NOT_ALLOWED_IN_THIS_CONTEXT
+CREATE PROCEDURE p1()
+BEGIN
+  DECLARE a mysql_json;
+END;
+$$
+DELIMITER ;$$
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/main/mysql_upgrade.result b/mysql-test/main/mysql_upgrade.result
index bb37a889..e67a43d5 100644
--- a/mysql-test/main/mysql_upgrade.result
+++ b/mysql-test/main/mysql_upgrade.result
@@ -2505,6 +2505,14 @@ Phase 7/8: uninstalling plugins
 Phase 8/8: Running 'FLUSH PRIVILEGES'
 OK
 set global sql_safe_updates=@orig_sql_safe_updates;
+#
+# MDEV-32043 Remove plugins previously external that are now built in (unix_socket)
+#
+INSERT INTO mysql.plugin SELECT 'unix_socket', 'auth_socket.so'
+    FROM dual WHERE convert(@@version_compile_os using latin1) not in ('Win32', 'Win64', 'Windows');
+# mariadb-upgrade --force --silent 2>&1
+SELECT * FROM mysql.plugin WHERE name='unix_socket';
+name	dl
 # End of 10.4 tests
 #
 # Check that mysql_upgrade can be run on mysqldump
diff --git a/mysql-test/main/mysql_upgrade.test b/mysql-test/main/mysql_upgrade.test
index 9bc809d6..70206213 100644
--- a/mysql-test/main/mysql_upgrade.test
+++ b/mysql-test/main/mysql_upgrade.test
@@ -496,6 +496,17 @@ set global sql_safe_updates=ON;
 --remove_file $MYSQLD_DATADIR/mysql_upgrade_info
 set global sql_safe_updates=@orig_sql_safe_updates;
 
+--echo #
+--echo # MDEV-32043 Remove plugins previously external that are now built in (unix_socket)
+--echo #
+
+INSERT INTO mysql.plugin SELECT 'unix_socket', 'auth_socket.so'
+    FROM dual WHERE convert(@@version_compile_os using latin1) not in ('Win32', 'Win64', 'Windows');
+--echo # mariadb-upgrade --force --silent 2>&1
+--exec $MYSQL_UPGRADE --force --silent 2>&1
+SELECT * FROM mysql.plugin WHERE name='unix_socket';
+--remove_file $MYSQLD_DATADIR/mysql_upgrade_info
+
 --echo # End of 10.4 tests
 
 #
diff --git a/mysql-test/main/mysql_upgrade_file_leak.result b/mysql-test/main/mysql_upgrade_file_leak.result
new file mode 100644
index 00000000..648a0c97
--- /dev/null
+++ b/mysql-test/main/mysql_upgrade_file_leak.result
@@ -0,0 +1,4 @@
+Running mysql_upgrade with --check-if-upgrade-is-needed
+Checking for absence of temporary files by mysql_upgrade
+No temporary files found
+End of 10.4 tests
diff --git a/mysql-test/main/mysql_upgrade_file_leak.test b/mysql-test/main/mysql_upgrade_file_leak.test
new file mode 100644
index 00000000..44f17832
--- /dev/null
+++ b/mysql-test/main/mysql_upgrade_file_leak.test
@@ -0,0 +1,24 @@
+-- source include/mysql_upgrade_preparation.inc
+
+#
+# MDEV-31925 mysqld_upgrade --check-if-upgrade-is-needed leaks files
+#
+
+# Run mysql_upgrade with --check-if-upgrade-is-needed
+--echo Running mysql_upgrade with --check-if-upgrade-is-needed
+--exec $MYSQL_UPGRADE --check-if-upgrade-is-needed 2>&1
+
+# Check if temporary files related to mysql_upgrade are cleared
+--echo Checking for absence of temporary files by mysql_upgrade
+--perl
+
+# Use the temporary directory path from the MySQL configuration
+my $tmpdir = "$ENV{MYSQL_TMP_DIR}";
+
+die "Test failed: Found temporary file left by mysql_upgrade\n" if (glob("$tmpdir/mysql_upgrade-*"));
+print "No temporary files found\n";
+EOF
+
+let $MYSQLD_DATADIR= `select @@datadir`;
+--remove_file $MYSQLD_DATADIR/mysql_upgrade_info
+--echo End of 10.4 tests
diff --git a/mysql-test/main/mysql_json_mysql_upgrade.result b/mysql-test/main/mysql_upgrade_mysql_json.result
index 2b909594..2b909594 100644
--- a/mysql-test/main/mysql_json_mysql_upgrade.result
+++ b/mysql-test/main/mysql_upgrade_mysql_json.result
diff --git a/mysql-test/main/mysql_json_mysql_upgrade.test b/mysql-test/main/mysql_upgrade_mysql_json.test
index 4380b004..4380b004 100644
--- a/mysql-test/main/mysql_json_mysql_upgrade.test
+++ b/mysql-test/main/mysql_upgrade_mysql_json.test
diff --git a/mysql-test/main/mysql_upgrade_mysql_json_system_tables.result b/mysql-test/main/mysql_upgrade_mysql_json_system_tables.result
new file mode 100644
index 00000000..237b19c4
--- /dev/null
+++ b/mysql-test/main/mysql_upgrade_mysql_json_system_tables.result
@@ -0,0 +1,94 @@
+#
+# MDEV-32462: mysql_upgrade -s still checks for non system tables
+#
+call mtr.add_suppression("Table rebuild required");
+SET NAMES utf8;
+# mariadb_upgrade on system and user table
+show tables from mysql like '%json%';
+Tables_in_mysql (%json%)
+mysql_json_test
+use mysql;
+show create table mysql.mysql_json_test;
+ERROR HY000: Unknown data type: 'MYSQL_JSON'
+show create table test.mysql_json_test;
+ERROR HY000: Unknown data type: 'MYSQL_JSON'
+SET @old_general_log= @@global.general_log;
+SET @old_log_output= @@global.log_output;
+SET @@global.general_log = ON;
+SET @@global.log_output = "TABLE";
+The --upgrade-system-tables option was used, user tables won't be touched.
+Phase 1/8: Checking and upgrading mysql database
+Processing databases
+mysql
+mysql.column_stats                                 OK
+mysql.columns_priv                                 OK
+mysql.db                                           OK
+mysql.event                                        OK
+mysql.func                                         OK
+mysql.global_priv                                  OK
+mysql.gtid_slave_pos                               OK
+mysql.help_category                                OK
+mysql.help_keyword                                 OK
+mysql.help_relation                                OK
+mysql.help_topic                                   OK
+mysql.index_stats                                  OK
+mysql.innodb_index_stats
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+mysql.innodb_table_stats
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+mysql.mysql_json_test
+Error    : Unknown data type: 'MYSQL_JSON'
+error    : Corrupt
+mysql.plugin                                       OK
+mysql.proc                                         OK
+mysql.procs_priv                                   OK
+mysql.proxies_priv                                 OK
+mysql.roles_mapping                                OK
+mysql.servers                                      OK
+mysql.table_stats                                  OK
+mysql.tables_priv                                  OK
+mysql.time_zone                                    OK
+mysql.time_zone_leap_second                        OK
+mysql.time_zone_name                               OK
+mysql.time_zone_transition                         OK
+mysql.time_zone_transition_type                    OK
+mysql.transaction_registry
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+
+Repairing tables
+mysql.innodb_index_stats
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+mysql.innodb_table_stats
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+mysql.mysql_json_test
+Error    : Unknown data type: 'MYSQL_JSON'
+error    : Corrupt
+mysql.transaction_registry
+Error    : Unknown storage engine 'InnoDB'
+error    : Corrupt
+Phase 2/8: Installing used storage engines... Skipped
+Phase 3/8: Running 'mysql_fix_privilege_tables'
+Phase 4/8: Fixing views... Skipped
+Phase 5/8: Fixing table and database names ... Skipped
+Phase 6/8: Checking and upgrading tables... Skipped
+Phase 7/8: uninstalling plugins
+Phase 8/8: Running 'FLUSH PRIVILEGES'
+OK
+SET @@global.general_log = @old_general_log;
+SET @@global.log_output = @old_log_output;
+select command_type, argument from mysql.general_log where argument like "%SELECT table_comment FROM information_schema.tables%";
+command_type	argument
+show create table mysql.mysql_json_test;
+ERROR HY000: Unknown data type: 'MYSQL_JSON'
+show create table test.mysql_json_test;
+ERROR HY000: Unknown data type: 'MYSQL_JSON'
+drop table mysql.mysql_json_test;
+drop table test.mysql_json_test;
+#
+# End of 10.5 tests
+#
diff --git a/mysql-test/main/mysql_upgrade_mysql_json_system_tables.test b/mysql-test/main/mysql_upgrade_mysql_json_system_tables.test
new file mode 100644
index 00000000..6ae3e8dd
--- /dev/null
+++ b/mysql-test/main/mysql_upgrade_mysql_json_system_tables.test
@@ -0,0 +1,52 @@
+--echo #
+--echo # MDEV-32462: mysql_upgrade -s still checks for non system tables
+--echo #
+
+# Let's now load plugin first
+--source include/have_utf8.inc
+--source include/not_embedded.inc
+
+--source include/mysql_upgrade_preparation.inc
+call mtr.add_suppression("Table rebuild required");
+
+SET NAMES utf8;
+
+let $MYSQLD_DATADIR= `select @@datadir`;
+
+--echo # mariadb_upgrade on system and user table
+--copy_file std_data/mysql_json/mysql_json_test.frm $MYSQLD_DATADIR/mysql/mysql_json_test.frm
+--copy_file std_data/mysql_json/mysql_json_test.MYI $MYSQLD_DATADIR/mysql/mysql_json_test.MYI
+--copy_file std_data/mysql_json/mysql_json_test.MYD $MYSQLD_DATADIR/mysql/mysql_json_test.MYD
+--copy_file std_data/mysql_json/mysql_json_test.frm $MYSQLD_DATADIR/test/mysql_json_test.frm
+--copy_file std_data/mysql_json/mysql_json_test.MYI $MYSQLD_DATADIR/test/mysql_json_test.MYI
+--copy_file std_data/mysql_json/mysql_json_test.MYD $MYSQLD_DATADIR/test/mysql_json_test.MYD
+
+show tables from mysql like '%json%';
+use mysql;
+--error ER_UNKNOWN_DATA_TYPE
+show create table mysql.mysql_json_test;
+--error ER_UNKNOWN_DATA_TYPE
+show create table test.mysql_json_test;
+
+SET @old_general_log= @@global.general_log;
+SET @old_log_output= @@global.log_output;
+SET @@global.general_log = ON;
+SET @@global.log_output = "TABLE";
+--exec $MYSQL_UPGRADE -s --force 2>&1
+--remove_file $MYSQLD_DATADIR/mysql_upgrade_info
+SET @@global.general_log = @old_general_log;
+SET @@global.log_output = @old_log_output;
+
+select command_type, argument from mysql.general_log where argument like "%SELECT table_comment FROM information_schema.tables%";
+
+# User table is not upgraded in `mysql\test` DB, so we cannot see it.
+--error ER_UNKNOWN_DATA_TYPE
+show create table mysql.mysql_json_test;
+--error ER_UNKNOWN_DATA_TYPE
+show create table test.mysql_json_test;
+drop table mysql.mysql_json_test;
+drop table test.mysql_json_test;
+
+--echo #
+--echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result b/mysql-test/main/mysql_upgrade_mysql_json_with_plugin_loaded.result
index 7bc2808a..7bc2808a 100644
--- a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.result
+++ b/mysql-test/main/mysql_upgrade_mysql_json_with_plugin_loaded.result
diff --git a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.test b/mysql-test/main/mysql_upgrade_mysql_json_with_plugin_loaded.test
index f3e9c2e5..f3e9c2e5 100644
--- a/mysql-test/main/mysql_json_mysql_upgrade_with_plugin_loaded.test
+++ b/mysql-test/main/mysql_upgrade_mysql_json_with_plugin_loaded.test
diff --git a/mysql-test/main/mysqlbinlog_row_compressed.test b/mysql-test/main/mysqlbinlog_row_compressed.test
index be973634..03868d3e 100644
--- a/mysql-test/main/mysqlbinlog_row_compressed.test
+++ b/mysql-test/main/mysqlbinlog_row_compressed.test
@@ -4,7 +4,7 @@
 
 --source include/have_log_bin.inc
 --source include/have_binlog_format_row.inc
---source include/have_normal_bzip.inc
+--source include/have_normal_zlib.inc
 
 #
 #  
diff --git a/mysql-test/main/mysqlbinlog_stmt_compressed.test b/mysql-test/main/mysqlbinlog_stmt_compressed.test
index 08db2009..4a651243 100644
--- a/mysql-test/main/mysqlbinlog_stmt_compressed.test
+++ b/mysql-test/main/mysqlbinlog_stmt_compressed.test
@@ -4,7 +4,7 @@
 
 --source include/have_log_bin.inc
 --source include/have_binlog_format_statement.inc
---source include/have_normal_bzip.inc
+--source include/have_normal_zlib.inc
 #
 #  
 # mysqlbinlog: compressed query event 
diff --git a/mysql-test/main/mysqld--help,win.rdiff b/mysql-test/main/mysqld--help,win.rdiff
index 3e9541d7..a42c0c6f 100644
--- a/mysql-test/main/mysqld--help,win.rdiff
+++ b/mysql-test/main/mysqld--help,win.rdiff
@@ -1,4 +1,6 @@
-@@ -180,6 +180,7 @@
+--- main/mysqld--help.result	2023-11-30 02:21:51.951132200 +0100
++++ main/mysqld--help,win.reject	2023-11-30 02:35:44.404612300 +0100
+@@ -191,6 +191,7 @@
   --console           Write error output on screen; don't remove the console
   window on windows.
   --core-file         Write core on crashes
@@ -6,7 +8,7 @@
   -h, --datadir=name  Path to the database root directory
   --date-format=name  The DATE format (ignored)
   --datetime-format=name 
-@@ -650,6 +651,7 @@
+@@ -696,6 +697,7 @@
   Use MySQL-5.6 (instead of MariaDB-5.3) format for TIME,
   DATETIME, TIMESTAMP columns.
   (Defaults to on; use --skip-mysql56-temporal-format to disable.)
@@ -14,7 +16,7 @@
   --net-buffer-length=# 
   Buffer length for TCP/IP and socket communication
   --net-read-timeout=# 
-@@ -1327,6 +1328,10 @@
+@@ -1351,6 +1353,10 @@
   Alias for log_slow_query_file. Log slow queries to given
   log file. Defaults logging to 'hostname'-slow.log. Must
   be enabled to activate other slow log options
@@ -25,7 +27,7 @@
   --socket=name       Socket file to use for connection
   --sort-buffer-size=# 
   Each thread that needs to do a sort allocates a buffer of
-@@ -1351,6 +1356,7 @@
+@@ -1376,6 +1382,7 @@
   deleting or updating every row in a table.
   --stack-trace       Print a symbolic stack trace on failure
   (Defaults to on; use --skip-stack-trace to disable.)
@@ -33,7 +35,7 @@
   --standard-compliant-cte 
   Allow only CTEs compliant to SQL standard
   (Defaults to on; use --skip-standard-compliant-cte to disable.)
-@@ -1426,6 +1432,11 @@
+@@ -1454,6 +1461,11 @@
   --thread-pool-max-threads=# 
   Maximum allowed number of worker threads in the thread
   pool
@@ -45,7 +47,7 @@
   --thread-pool-oversubscribe=# 
   How many additional active worker threads in a group are
   allowed.
-@@ -1464,8 +1475,8 @@
+@@ -1493,8 +1505,8 @@
   automatically convert it to an on-disk MyISAM or Aria
   table.
   -t, --tmpdir=name   Path for temporary files. Several paths may be specified,
@@ -56,7 +58,7 @@
   --transaction-alloc-block-size=# 
   Allocation block size for transactions to be stored in
   binary log
-@@ -1685,6 +1696,7 @@
+@@ -1716,6 +1728,7 @@
  myisam-stats-method NULLS_UNEQUAL
  myisam-use-mmap FALSE
  mysql56-temporal-format TRUE
@@ -64,7 +66,7 @@
  net-buffer-length 16384
  net-read-timeout 30
  net-retry-count 10
-@@ -1841,6 +1853,7 @@
+@@ -1874,6 +1887,7 @@
  slave-type-conversions 
  slow-launch-time 2
  slow-query-log FALSE
@@ -72,7 +74,7 @@
  sort-buffer-size 2097152
  sql-mode STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION
  sql-safe-updates FALSE
-@@ -1867,6 +1880,8 @@
+@@ -1901,6 +1915,8 @@
  thread-pool-exact-stats FALSE
  thread-pool-idle-timeout 60
  thread-pool-max-threads 65536
diff --git a/mysql-test/main/mysqld--help.result b/mysql-test/main/mysqld--help.result
index d271f1a3..2a3a9f00 100644
--- a/mysql-test/main/mysqld--help.result
+++ b/mysql-test/main/mysqld--help.result
@@ -565,9 +565,8 @@ The following specify which files/extra groups are read (specified before remain
  when binary log is disabled).
  --log-tc-size=#     Size of transaction coordinator log.
  -W, --log-warnings[=#] 
- Log some not critical warnings to the general log
- file.Value can be between 0 and 11. Higher values mean
- more verbosity
+ Log some non critical warnings to the error log.Value can
+ be between 0 and 11. Higher values mean more verbosity
  --long-query-time=# Alias for log_slow_query_time. Log all queries that have
  taken more than long_query_time seconds to execute to the
  slow query log file. The argument will be treated as a
@@ -721,7 +720,8 @@ The following specify which files/extra groups are read (specified before remain
  MySQL versions. Any combination of: 
  NO_DUP_KEY_WARNINGS_WITH_IGNORE, NO_PROGRESS_INFO, 
  ZERO_DATE_TIME_CAST, UTF8_IS_UTF8MB3, 
- IGNORE_INDEX_ONLY_FOR_JOIN, COMPAT_5_1_CHECKSUM
+ IGNORE_INDEX_ONLY_FOR_JOIN, COMPAT_5_1_CHECKSUM, 
+ NO_NULL_COLLATION_IDS
  Use 'ALL' to set all combinations.
  --old-passwords     Use old password encryption method (needed for 4.0 and
  older clients)
@@ -736,6 +736,13 @@ The following specify which files/extra groups are read (specified before remain
  max_connections*5 or max_connections + table_cache*2
  (whichever is larger) number of file descriptors
  (Automatically configured unless set explicitly)
+ --optimizer-adjust-secondary-key-costs=# 
+ 0 = No changes. 1 = Update secondary key costs for ranges
+ to be at least 5x of clustered primary key costs. 2 =
+ Remove 'max_seek optimization' for secondary keys and
+ slight adjustment of filter cost. This option will be
+ deleted in MariaDB 11.0 as it is not needed with the new
+ 11.0 optimizer.
  --optimizer-extra-pruning-depth=# 
  If the optimizer needs to enumerate join prefix of this
  size or larger, then it will try aggressively prune away
@@ -1167,7 +1174,7 @@ The following specify which files/extra groups are read (specified before remain
  The tracing level for semi-sync replication.
  --rpl-semi-sync-master-wait-no-slave 
  Wait until timeout when no semi-synchronous replication
- slave available (enabled by default).
+ slave is available.
  (Defaults to on; use --skip-rpl-semi-sync-master-wait-no-slave to disable.)
  --rpl-semi-sync-master-wait-point=name 
  Should transaction wait for semi-sync ack after having
@@ -1725,6 +1732,7 @@ old-alter-table DEFAULT
 old-mode UTF8_IS_UTF8MB3
 old-passwords FALSE
 old-style-user-limits FALSE
+optimizer-adjust-secondary-key-costs 0
 optimizer-extra-pruning-depth 8
 optimizer-max-sel-arg-weight 32000
 optimizer-max-sel-args 16000
diff --git a/mysql-test/main/old-mode.result b/mysql-test/main/old-mode.result
index daa2a4dc..cb87c45a 100644
--- a/mysql-test/main/old-mode.result
+++ b/mysql-test/main/old-mode.result
@@ -257,3 +257,13 @@ Warning	1264	Out of range value for column 'a' at row 2
 DROP TABLE t1;
 SET @@time_zone=DEFAULT;
 SET TIMESTAMP=DEFAULT;
+#
+# MDEV-31608 - Connector/NET fails to connect since 10.10
+#
+select count(*) > 0 from information_schema.collations where id IS NULL;
+count(*) > 0
+1
+SET old_mode=no_null_collation_ids;
+select count(*) > 0 from information_schema.collations where id IS NULL;
+count(*) > 0
+0
diff --git a/mysql-test/main/old-mode.test b/mysql-test/main/old-mode.test
index e4928329..177e00ed 100644
--- a/mysql-test/main/old-mode.test
+++ b/mysql-test/main/old-mode.test
@@ -169,3 +169,11 @@ DROP TABLE t1;
 
 SET @@time_zone=DEFAULT;
 SET TIMESTAMP=DEFAULT;
+
+--echo #
+--echo # MDEV-31608 - Connector/NET fails to connect since 10.10
+--echo #
+select count(*) > 0 from information_schema.collations where id IS NULL;
+SET old_mode=no_null_collation_ids;
+select count(*) > 0 from information_schema.collations where id IS NULL;
+
diff --git a/mysql-test/main/opt_trace.result b/mysql-test/main/opt_trace.result
index 43989025..aeaff29a 100644
--- a/mysql-test/main/opt_trace.result
+++ b/mysql-test/main/opt_trace.result
@@ -10746,6 +10746,18 @@ json_detailed(json_extract(trace, '$**.in_to_subquery_conversion'))
 set in_predicate_conversion_threshold=@tmp;
 drop table t0;
 #
+# MDEV-29298: INSERT ... SELECT Does not produce an optimizer trace
+#
+create table t1 (a int, b int);
+create table t2 (a int, b int);
+insert into t1 values (1,1), (2,2), (3,3), (4,4), (5,5);
+set optimizer_trace=1;
+insert into t2 select * from t1 where a<= b and a>4;
+select QUERY, LENGTH(trace)>1 from information_schema.optimizer_trace;
+QUERY	LENGTH(trace)>1
+insert into t2 select * from t1 where a<= b and a>4	1
+drop table t1, t2;
+#
 # End of 10.5 tests
 #
 #
diff --git a/mysql-test/main/opt_trace.test b/mysql-test/main/opt_trace.test
index 29b72fcd..7b0ee5be 100644
--- a/mysql-test/main/opt_trace.test
+++ b/mysql-test/main/opt_trace.test
@@ -875,6 +875,20 @@ drop table t0;
 --enable_view_protocol
 
 --echo #
+--echo # MDEV-29298: INSERT ... SELECT Does not produce an optimizer trace
+--echo #
+create table t1 (a int, b int);
+create table t2 (a int, b int);
+insert into t1 values (1,1), (2,2), (3,3), (4,4), (5,5);
+set optimizer_trace=1;
+
+insert into t2 select * from t1 where a<= b and a>4;
+
+select QUERY, LENGTH(trace)>1 from information_schema.optimizer_trace;
+
+drop table t1, t2;
+
+--echo #
 --echo # End of 10.5 tests
 --echo #
 
diff --git a/mysql-test/main/order_by.result b/mysql-test/main/order_by.result
index bc65f67f..9d587c06 100644
--- a/mysql-test/main/order_by.result
+++ b/mysql-test/main/order_by.result
@@ -3733,6 +3733,126 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	t2	ALL	NULL	NULL	NULL	NULL	2	
 2	DEPENDENT SUBQUERY	t1	eq_ref	PRIMARY	PRIMARY	4	test.t2.b	1	Using where
 DROP TABLE t1,t2;
+#
+# MDEV-29681 Server crashes when optimizing SQL with ORDER BY
+#
+CREATE TABLE t1 (b INT);
+CREATE TABLE t2 (a INT, c INT);
+# First test empty tables
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a+1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	0.00	Const row not found
+2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
+Warnings:
+Note	1003	/* select#1 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from ((/* select#2 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from `test`.`t1` join `test`.`t2` where 0 limit 3)) `__2` order by NULL + 1
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=2;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	0.00	Const row not found
+2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
+Warnings:
+Note	1003	/* select#1 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from ((/* select#2 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from `test`.`t1` join `test`.`t2` where 0 limit 3)) `__2` order by NULL = 2
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3)
+ORDER BY a+1, a-b DESC, c<>a;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	system	NULL	NULL	NULL	NULL	0	0.00	Const row not found
+2	DERIVED	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	no matching row in const table
+Warnings:
+Note	1003	/* select#1 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from ((/* select#2 */ select NULL AS `b`,NULL AS `a`,NULL AS `c` from `test`.`t1` join `test`.`t2` where 0 limit 3)) `__2` order by NULL + 1,NULL - NULL desc,NULL <> NULL
+# Insert some data
+INSERT INTO t1 VALUES (1),(2),(3),(4);
+INSERT INTO t2 VALUES (1,1),(2,2),(3,3),(4,4);
+(SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=b, a-10 DESC, b+a, c+a+a+b;
+b	a	c
+1	1	1
+2	2	2
+3	3	3
+(SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=2;
+b	a	c
+1	1	1
+2	2	2
+3	3	3
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3)
+ORDER BY a=b, a-10, b+a, c+a+a+b;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	ALL	NULL	NULL	NULL	NULL	3	100.00	Using filesort
+2	DERIVED	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	
+2	DERIVED	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+Warnings:
+Note	1003	/* select#1 */ select `__2`.`b` AS `b`,`__2`.`a` AS `a`,`__2`.`c` AS `c` from ((/* select#2 */ select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` = `test`.`t1`.`b` limit 3)) `__2` order by `__2`.`a` = `__2`.`b`,`__2`.`a` - 10,`__2`.`b` + `__2`.`a`,`__2`.`c` + `__2`.`a` + `__2`.`a` + `__2`.`b`
+# When there is no LIMIT clause the derived table must be merged
+(SELECT * FROM t1 JOIN t2 ON a=b) ORDER BY a+16, b+a, c<>b;
+b	a	c
+1	1	1
+2	2	2
+3	3	3
+4	4	4
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b) ORDER BY a+16 DESC, b+a, c<>b;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	Using temporary; Using filesort
+1	SIMPLE	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+Warnings:
+Note	1003	(select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` = `test`.`t1`.`b` order by `test`.`t2`.`a` + 16 desc,`test`.`t1`.`b` + `test`.`t2`.`a`,`test`.`t2`.`c` <> `test`.`t1`.`b`)
+# Test UNIONs:
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT * FROM t1 JOIN t2 ON a!=b
+LIMIT 3)
+ORDER BY a+16, b+a, c<>b;
+b	a	c
+1	1	1
+2	2	2
+3	3	3
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT * FROM t1 JOIN t2 ON a!=b
+LIMIT 3)
+ORDER BY a+16, b+a, c<>b;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	ALL	NULL	NULL	NULL	NULL	32	100.00	Using filesort
+2	DERIVED	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	
+2	DERIVED	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+3	UNION	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	
+3	UNION	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	NULL	
+Warnings:
+Note	1003	/* select#1 */ select `__3`.`b` AS `b`,`__3`.`a` AS `a`,`__3`.`c` AS `c` from (/* select#2 */ select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` = `test`.`t1`.`b` union /* select#3 */ select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` <> `test`.`t1`.`b` limit 3) `__3` order by `__3`.`a` + 16,`__3`.`b` + `__3`.`a`,`__3`.`c` <> `__3`.`b`
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT NULL, NULL, NULL
+LIMIT 3)
+ORDER BY b-a-c;
+b	a	c
+1	1	1
+2	2	2
+3	3	3
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT NULL, NULL, NULL
+LIMIT 3)
+ORDER BY b-a-c;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	ALL	NULL	NULL	NULL	NULL	16	100.00	Using filesort
+2	DERIVED	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	
+2	DERIVED	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+3	UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	NULL	
+Warnings:
+Note	1003	/* select#1 */ select `__3`.`b` AS `b`,`__3`.`a` AS `a`,`__3`.`c` AS `c` from (/* select#2 */ select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` = `test`.`t1`.`b` union /* select#3 */ select NULL AS `NULL`,NULL AS `NULL`,NULL AS `NULL` limit 3) `__3` order by `__3`.`b` - `__3`.`a` - `__3`.`c`
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT NULL, NULL, NULL
+ORDER BY a LIMIT 3)
+ORDER BY b-a-c LIMIT 1;
+b	a	c
+NULL	NULL	NULL
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+SELECT NULL, NULL, NULL
+ORDER BY a LIMIT 3)
+ORDER BY b-a-c LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	<derived2>	ALL	NULL	NULL	NULL	NULL	16	100.00	Using filesort
+2	DERIVED	t1	ALL	NULL	NULL	NULL	NULL	4	100.00	
+2	DERIVED	t2	ALL	NULL	NULL	NULL	NULL	4	100.00	Using where; Using join buffer (flat, BNL join)
+3	UNION	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+NULL	UNION RESULT	<union2,3>	ALL	NULL	NULL	NULL	NULL	NULL	NULL	Using filesort
+Warnings:
+Note	1003	/* select#1 */ select `__3`.`b` AS `b`,`__3`.`a` AS `a`,`__3`.`c` AS `c` from (/* select#2 */ select `test`.`t1`.`b` AS `b`,`test`.`t2`.`a` AS `a`,`test`.`t2`.`c` AS `c` from `test`.`t1` join `test`.`t2` where `test`.`t2`.`a` = `test`.`t1`.`b` union /* select#3 */ select NULL AS `NULL`,NULL AS `NULL`,NULL AS `NULL` order by `a` limit 3) `__3` order by `__3`.`b` - `__3`.`a` - `__3`.`c` limit 1
+DROP TABLE t1, t2;
 # End of 10.4 tests
 #
 # MDEV-21655: Server crashes in my_qsort2 / Filesort_buffer::sort_buffer
diff --git a/mysql-test/main/order_by.test b/mysql-test/main/order_by.test
index f6df090c..14e50cb2 100644
--- a/mysql-test/main/order_by.test
+++ b/mysql-test/main/order_by.test
@@ -2462,6 +2462,65 @@ EXPLAIN SELECT (SELECT 1 FROM t1 WHERE t1.a=t2.b ORDER BY t1.b LIMIT 1) AS c FRO
 
 DROP TABLE t1,t2;
 
+--echo #
+--echo # MDEV-29681 Server crashes when optimizing SQL with ORDER BY
+--echo #
+CREATE TABLE t1 (b INT);
+CREATE TABLE t2 (a INT, c INT);
+
+--echo # First test empty tables
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a+1;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=2;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3)
+  ORDER BY a+1, a-b DESC, c<>a;
+
+--echo # Insert some data
+INSERT INTO t1 VALUES (1),(2),(3),(4);
+INSERT INTO t2 VALUES (1,1),(2,2),(3,3),(4,4);
+
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=b, a-10 DESC, b+a, c+a+a+b;
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3) ORDER BY a=2;
+
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b LIMIT 3)
+  ORDER BY a=b, a-10, b+a, c+a+a+b;
+
+--echo # When there is no LIMIT clause the derived table must be merged
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b) ORDER BY a+16, b+a, c<>b;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b) ORDER BY a+16 DESC, b+a, c<>b;
+
+--echo # Test UNIONs:
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT * FROM t1 JOIN t2 ON a!=b
+                  LIMIT 3)
+                  ORDER BY a+16, b+a, c<>b;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT * FROM t1 JOIN t2 ON a!=b
+                  LIMIT 3)
+                  ORDER BY a+16, b+a, c<>b;
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT NULL, NULL, NULL
+                  LIMIT 3)
+                  ORDER BY b-a-c;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT NULL, NULL, NULL
+                  LIMIT 3)
+                  ORDER BY b-a-c;
+--sorted_result
+(SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT NULL, NULL, NULL
+                  ORDER BY a LIMIT 3)
+                  ORDER BY b-a-c LIMIT 1;
+EXPLAIN EXTENDED (SELECT * FROM t1 JOIN t2 ON a=b UNION
+                  SELECT NULL, NULL, NULL
+                  ORDER BY a LIMIT 3)
+                  ORDER BY b-a-c LIMIT 1;
+DROP TABLE t1, t2;
+
 --echo # End of 10.4 tests
 
 --echo #
diff --git a/mysql-test/main/parser.result b/mysql-test/main/parser.result
index 89732e20..bf9b8e4b 100644
--- a/mysql-test/main/parser.result
+++ b/mysql-test/main/parser.result
@@ -1507,7 +1507,7 @@ BEGIN NOT ATOMIC DECLARE history INT; SET history=10; SELECT history; END
 SELECT history FROM t1
 SELECT history 'alias' FROM t1
 SELECT history()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.history does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT history.history()
 Error	1630	FUNCTION history.history does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT history DATE FROM t1
@@ -1530,7 +1530,7 @@ BEGIN NOT ATOMIC DECLARE next INT; SET next=10; SELECT next; END
 SELECT next FROM t1
 SELECT next 'alias' FROM t1
 SELECT next()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.next does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT next.next()
 Error	1630	FUNCTION next.next does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT next DATE FROM t1
@@ -1577,7 +1577,7 @@ BEGIN NOT ATOMIC DECLARE previous INT; SET previous=10; SELECT previous; END
 SELECT previous FROM t1
 SELECT previous 'alias' FROM t1
 SELECT previous()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.previous does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT previous.previous()
 Error	1630	FUNCTION previous.previous does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT previous DATE FROM t1
@@ -1601,7 +1601,7 @@ BEGIN NOT ATOMIC DECLARE system INT; SET system=10; SELECT system; END
 SELECT system FROM t1
 SELECT system 'alias' FROM t1
 SELECT system()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.system does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system.system()
 Error	1630	FUNCTION system.system does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system DATE FROM t1
@@ -1624,7 +1624,7 @@ BEGIN NOT ATOMIC DECLARE system_time INT; SET system_time=10; SELECT system_time
 SELECT system_time FROM t1
 SELECT system_time 'alias' FROM t1
 SELECT system_time()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.system_time does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system_time.system_time()
 Error	1630	FUNCTION system_time.system_time does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system_time DATE FROM t1
@@ -1695,7 +1695,7 @@ BEGIN NOT ATOMIC DECLARE transaction INT; SET transaction=10; SELECT transaction
 SELECT transaction FROM t1
 SELECT transaction 'alias' FROM t1
 SELECT transaction()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.transaction does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT transaction.transaction()
 Error	1630	FUNCTION transaction.transaction does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT transaction DATE FROM t1
@@ -1741,7 +1741,7 @@ BEGIN NOT ATOMIC DECLARE versioning INT; SET versioning=10; SELECT versioning; E
 SELECT versioning FROM t1
 SELECT versioning 'alias' FROM t1
 SELECT versioning()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.versioning does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT versioning.versioning()
 Error	1630	FUNCTION versioning.versioning does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT versioning DATE FROM t1
@@ -1764,7 +1764,7 @@ BEGIN NOT ATOMIC DECLARE without INT; SET without=10; SELECT without; END
 SELECT without FROM t1
 SELECT without 'alias' FROM t1
 SELECT without()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.without does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT without.without()
 Error	1630	FUNCTION without.without does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT without DATE FROM t1
diff --git a/mysql-test/main/partition_innodb.result b/mysql-test/main/partition_innodb.result
index 95ca989e..cbaec550 100644
--- a/mysql-test/main/partition_innodb.result
+++ b/mysql-test/main/partition_innodb.result
@@ -198,6 +198,10 @@ INSERT INTO t1 VALUES (100);
 ERROR HY000: Table has no partition for value 100
 insert INTO t1 VALUES (110);
 ERROR HY000: Table has no partition for value 110
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	Engine-independent statistics collected
+test.t1	analyze	status	OK
 EXPLAIN PARTITIONS SELECT * FROM t1 WHERE a > 90;
 id	select_type	table	partitions	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE noticed after reading const tables
@@ -401,7 +405,7 @@ t1	InnoDB	10	Dynamic	2	8192	16384	0	0	0	NULL	Create_time	NULL	NULL	latin1_swedis
 insert into t1 values (0), (1), (2), (3);
 show table status;
 Name	Engine	Version	Row_format	Rows	Avg_row_length	Data_length	Max_data_length	Index_length	Data_free	Auto_increment	Create_time	Update_time	Check_time	Collation	Checksum	Create_options	Comment	Max_index_length	Temporary
-t1	InnoDB	10	Dynamic	4	4096	16384	0	0	0	NULL	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
+t1	InnoDB	10	Dynamic	Rows	Avg_row_length	16384	0	0	0	NULL	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
 drop table t1;
 create table t1 (a int auto_increment primary key)
 engine = innodb
@@ -412,11 +416,11 @@ t1	InnoDB	10	Dynamic	2	8192	16384	0	0	0	1	Create_time	NULL	NULL	latin1_swedish_c
 insert into t1 values (NULL), (NULL), (NULL), (NULL);
 show table status;
 Name	Engine	Version	Row_format	Rows	Avg_row_length	Data_length	Max_data_length	Index_length	Data_free	Auto_increment	Create_time	Update_time	Check_time	Collation	Checksum	Create_options	Comment	Max_index_length	Temporary
-t1	InnoDB	10	Dynamic	4	4096	16384	0	0	0	5	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
+t1	InnoDB	10	Dynamic	Rows	Avg_row_length	16384	0	0	0	5	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
 insert into t1 values (NULL), (NULL), (NULL), (NULL);
 show table status;
 Name	Engine	Version	Row_format	Rows	Avg_row_length	Data_length	Max_data_length	Index_length	Data_free	Auto_increment	Create_time	Update_time	Check_time	Collation	Checksum	Create_options	Comment	Max_index_length	Temporary
-t1	InnoDB	10	Dynamic	8	2048	16384	0	0	0	9	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
+t1	InnoDB	10	Dynamic	Rows	Avg_row_length	16384	0	0	0	9	Create_time	Update_time	NULL	latin1_swedish_ci	NULL	partitioned		0	N
 drop table t1;
 create table t1 (a int)
 partition by key (a)
@@ -567,7 +571,7 @@ test.t1	optimize	note	Table does not support optimize, doing recreate + analyze
 test.t1	optimize	error	Invalid default value for 'b'
 test.t1	optimize	status	Operation failed
 Warnings:
-Warning	1265	Data truncated for column 'b' at row 1
+Warning	1265	Data truncated for column 'b' at row 0
 Error	1067	Invalid default value for 'b'
 SET SESSION sql_mode = @old_mode;
 DROP TABLE t1;
diff --git a/mysql-test/main/partition_innodb.test b/mysql-test/main/partition_innodb.test
index 563a750b..e9771811 100644
--- a/mysql-test/main/partition_innodb.test
+++ b/mysql-test/main/partition_innodb.test
@@ -208,6 +208,7 @@ INSERT INTO t1 VALUES (90);
 INSERT INTO t1 VALUES (100);
 --error ER_NO_PARTITION_FOR_GIVEN_VALUE
 insert INTO t1 VALUES (110);
+ANALYZE TABLE t1;
 EXPLAIN PARTITIONS SELECT * FROM t1 WHERE a > 90;
 EXPLAIN PARTITIONS SELECT * FROM t1 WHERE a >= 90;
 EXPLAIN PARTITIONS SELECT * FROM t1 WHERE a = 90;
@@ -420,7 +421,9 @@ partition by key (a);
 --replace_column 12 Create_time
 show table status;
 insert into t1 values (0), (1), (2), (3);
---replace_column 12 Create_time 13 Update_time
+# Mask `Rows`, as it can fluctuate slightly if background statistics are
+# running simultaneously with insert (MDEV-20169).
+--replace_column 5 Rows 6 Avg_row_length 12 Create_time 13 Update_time
 show table status;
 drop table t1;
 
@@ -430,10 +433,10 @@ partition by key (a);
 --replace_column 12 Create_time
 show table status;
 insert into t1 values (NULL), (NULL), (NULL), (NULL);
---replace_column 12 Create_time 13 Update_time
+--replace_column 5 Rows 6 Avg_row_length 12 Create_time 13 Update_time
 show table status;
 insert into t1 values (NULL), (NULL), (NULL), (NULL);
---replace_column 12 Create_time 13 Update_time
+--replace_column 5 Rows 6 Avg_row_length 12 Create_time 13 Update_time
 show table status;
 drop table t1;
 
diff --git a/mysql-test/main/ps.result b/mysql-test/main/ps.result
index a2aa76a7..7fd30f3e 100644
--- a/mysql-test/main/ps.result
+++ b/mysql-test/main/ps.result
@@ -5802,5 +5802,15 @@ END;
 $
 ERROR 42000: EXECUTE..USING does not support subqueries or stored functions
 #
+#  MDEV-32965: Assertion `thd->active_stmt_arena_to_use()-> is_stmt_prepare_or_first_sp_execute() || thd->active_stmt_arena_to_use()-> is_conventional() || thd->active_stmt_arena_to_use()->state == Query_arena::STMT_SP_QUERY_ARGUMENTS' failed
+#
+CREATE TABLE t (f VARCHAR(8)) CHARACTER SET utf8;
+INSERT INTO t VALUES ('foo'),('bar');
+EXECUTE IMMEDIATE 'SELECT GROUP_CONCAT(@x) FROM t GROUP BY @x := f';
+GROUP_CONCAT(@x)
+0
+0
+DROP TABLE t;
+#
 # End of 10.4 tests
 #
diff --git a/mysql-test/main/ps.test b/mysql-test/main/ps.test
index 0043d3aa..675c5102 100644
--- a/mysql-test/main/ps.test
+++ b/mysql-test/main/ps.test
@@ -5237,5 +5237,17 @@ $
 delimiter ;$
 
 --echo #
+--echo #  MDEV-32965: Assertion `thd->active_stmt_arena_to_use()-> is_stmt_prepare_or_first_sp_execute() || thd->active_stmt_arena_to_use()-> is_conventional() || thd->active_stmt_arena_to_use()->state == Query_arena::STMT_SP_QUERY_ARGUMENTS' failed
+--echo #
+CREATE TABLE t (f VARCHAR(8)) CHARACTER SET utf8;
+
+INSERT INTO t VALUES ('foo'),('bar');
+EXECUTE IMMEDIATE 'SELECT GROUP_CONCAT(@x) FROM t GROUP BY @x := f';
+
+# Cleanup
+
+DROP TABLE t;
+
+--echo #
 --echo # End of 10.4 tests
 --echo #
diff --git a/mysql-test/main/ps_mem_leaks.result b/mysql-test/main/ps_mem_leaks.result
index 8d66a025..2ddf47a9 100644
--- a/mysql-test/main/ps_mem_leaks.result
+++ b/mysql-test/main/ps_mem_leaks.result
@@ -3,6 +3,20 @@
 #
 CREATE TABLE t1 (a VARCHAR(10)) ENGINE=MYISAM;
 CREATE TABLE t2 (b VARCHAR(10) CHARACTER SET utf8) ENGINE=MYISAM;
+INSERT INTO t1 VALUES ('b'), ('a'), ('c');
+INSERT INTO t2 VALUES ('c'), ('d'), ('b');
+PREPARE stmt FROM "SELECT t1.a FROM t1 WHERE t1.a IN (SELECT t2.b FROM t2)";
+EXECUTE stmt;
+a
+c
+b
+EXECUTE stmt;
+a
+c
+b
+DEALLOCATE PREPARE stmt;
+DELETE FROM t1;
+DELETE FROM t2;
 INSERT INTO t1 VALUES ('b');
 INSERT INTO t2 VALUES ('b');
 PREPARE stmt FROM "SELECT t1.a FROM t1 WHERE t1.a IN (SELECT t2.b FROM t2)";
@@ -14,3 +28,64 @@ a
 b
 DEALLOCATE PREPARE stmt;
 DROP TABLE t1, t2;
+#
+# MDEV-32569: Failure when executing PS for query using IN subquery
+#
+CREATE TABLE t1 (a varchar(10)) ENGINE=MYISAM;
+CREATE TABLE t2 (b varchar(10) CHARACTER SET utf8) ENGINE=MYISAM;
+INSERT INTO t1 VALUES ('b');
+INSERT INTO t2 VALUES ('b');
+PREPARE stmt FROM
+"SELECT STRAIGHT_JOIN  t1.a FROM t1 WHERE t1.a IN (SELECT t2.b FROM t2)";
+EXECUTE stmt;
+a
+b
+EXECUTE stmt;
+a
+b
+DEALLOCATE PREPARE stmt;
+DROP TABLE t1,t2;
+#
+# MDEV-32733: Two JSON related tests running in PS mode fail on server
+#              built with -DWITH_PROTECT_STATEMENT_MEMROOT=YES
+#
+PREPARE stmt FROM "select json_contains_path('{\"key1\":1}', 'oNE', '$.key2[1]') as exp";
+EXECUTE stmt;
+exp
+0
+EXECUTE stmt;
+exp
+0
+DEALLOCATE PREPARE stmt;
+#
+# MDEV-32466: Potential memory leak on execuing of create view statement
+#
+CREATE FUNCTION f1 () RETURNS VARCHAR(1)
+BEGIN
+DECLARE rec1 ROW TYPE OF v1;
+SELECT z INTO rec1 FROM v1;
+RETURN 1;
+END|
+CREATE FUNCTION f2 () RETURNS VARCHAR(1) RETURN '!';
+CREATE VIEW v1 AS SELECT f2() z;
+PREPARE stmt FROM "SELECT f1()";
+EXECUTE stmt;
+f1()
+1
+EXECUTE stmt;
+f1()
+1
+DEALLOCATE PREPARE stmt;
+DROP FUNCTION f1;
+DROP VIEW v1;
+DROP FUNCTION f2;
+#
+# MDEV-32867: ASAN errors in Item_func_json_contains_path::val_int upon PS execution
+#
+CREATE TABLE t1 (f BLOB) ENGINE=MyISAM;
+PREPARE stmt FROM "SELECT * FROM t1 WHERE JSON_EXISTS(JSON_ARRAY('[true,1234567890]'), '$**.*') != JSON_CONTAINS_PATH(JSON_INSERT('{}', '$[1]', NULL), 'all', '$[1]')";
+EXECUTE stmt;
+f
+DEALLOCATE PREPARE stmt;
+DROP TABLE t1;
+# End of 10.4 tests
diff --git a/mysql-test/main/ps_mem_leaks.test b/mysql-test/main/ps_mem_leaks.test
index 2e357f94..dacb4eca 100644
--- a/mysql-test/main/ps_mem_leaks.test
+++ b/mysql-test/main/ps_mem_leaks.test
@@ -13,6 +13,19 @@
 CREATE TABLE t1 (a VARCHAR(10)) ENGINE=MYISAM;
 CREATE TABLE t2 (b VARCHAR(10) CHARACTER SET utf8) ENGINE=MYISAM;
 
+INSERT INTO t1 VALUES ('b'), ('a'), ('c');
+INSERT INTO t2 VALUES ('c'), ('d'), ('b');
+
+PREPARE stmt FROM "SELECT t1.a FROM t1 WHERE t1.a IN (SELECT t2.b FROM t2)";
+
+EXECUTE stmt;
+EXECUTE stmt;
+
+DEALLOCATE PREPARE stmt;
+
+DELETE FROM t1;
+DELETE FROM t2;
+
 INSERT INTO t1 VALUES ('b');
 INSERT INTO t2 VALUES ('b');
 
@@ -25,3 +38,75 @@ DEALLOCATE PREPARE stmt;
 
 DROP TABLE t1, t2;
 
+--echo #
+--echo # MDEV-32569: Failure when executing PS for query using IN subquery
+--echo #
+
+CREATE TABLE t1 (a varchar(10)) ENGINE=MYISAM;
+CREATE TABLE t2 (b varchar(10) CHARACTER SET utf8) ENGINE=MYISAM;
+
+INSERT INTO t1 VALUES ('b');
+INSERT INTO t2 VALUES ('b');
+
+PREPARE stmt FROM
+"SELECT STRAIGHT_JOIN  t1.a FROM t1 WHERE t1.a IN (SELECT t2.b FROM t2)";
+
+EXECUTE stmt;
+EXECUTE stmt;
+
+DEALLOCATE PREPARE stmt;
+
+DROP TABLE t1,t2;
+
+--echo #
+--echo # MDEV-32733: Two JSON related tests running in PS mode fail on server
+--echo #              built with -DWITH_PROTECT_STATEMENT_MEMROOT=YES
+--echo #
+PREPARE stmt FROM "select json_contains_path('{\"key1\":1}', 'oNE', '$.key2[1]') as exp";
+
+EXECUTE stmt;
+EXECUTE stmt;
+
+DEALLOCATE PREPARE stmt;
+
+--echo #
+--echo # MDEV-32466: Potential memory leak on execuing of create view statement
+--echo #
+
+--delimiter |
+
+CREATE FUNCTION f1 () RETURNS VARCHAR(1)
+BEGIN
+  DECLARE rec1 ROW TYPE OF v1;
+  SELECT z INTO rec1 FROM v1;
+  RETURN 1;
+END|
+--delimiter ;
+
+CREATE FUNCTION f2 () RETURNS VARCHAR(1) RETURN '!';
+CREATE VIEW v1 AS SELECT f2() z;
+
+PREPARE stmt FROM "SELECT f1()";
+EXECUTE stmt;
+EXECUTE stmt;
+
+DEALLOCATE PREPARE stmt;
+
+# Clean up
+DROP FUNCTION f1;
+DROP VIEW v1;
+DROP FUNCTION f2;
+
+--echo #
+--echo # MDEV-32867: ASAN errors in Item_func_json_contains_path::val_int upon PS execution
+--echo #
+CREATE TABLE t1 (f BLOB) ENGINE=MyISAM;
+
+PREPARE stmt FROM "SELECT * FROM t1 WHERE JSON_EXISTS(JSON_ARRAY('[true,1234567890]'), '$**.*') != JSON_CONTAINS_PATH(JSON_INSERT('{}', '$[1]', NULL), 'all', '$[1]')";
+EXECUTE stmt;
+
+# Clean up
+DEALLOCATE PREPARE stmt;
+DROP TABLE t1;
+
+--echo # End of 10.4 tests
diff --git a/mysql-test/main/rpl_mysqldump_slave.result b/mysql-test/main/rpl_mysqldump_slave.result
index 903b6711..9f93e3c4 100644
--- a/mysql-test/main/rpl_mysqldump_slave.result
+++ b/mysql-test/main/rpl_mysqldump_slave.result
@@ -65,4 +65,20 @@ SET GLOBAL gtid_slave_pos='0-2-1003';
 -- CHANGE MASTER TO MASTER_LOG_FILE='slave-bin.000001', MASTER_LOG_POS=BINLOG_START;
 CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 SET GLOBAL gtid_slave_pos='0-2-1003';
+connection master;
+CREATE TABLE t (
+id int
+);
+insert into t values (1);
+insert into t values (2);
+drop table t;
+connection slave;
+include/stop_slave.inc
+change master to master_use_gtid=slave_pos;
+connection master;
+# Ensuring the binlog dump thread is killed on primary...
+-- CHANGE MASTER TO MASTER_LOG_FILE='master-bin.000002', MASTER_LOG_POS=BINLOG_START;
+-- SET GLOBAL gtid_slave_pos='0-1-1005';
+connection slave;
+include/start_slave.inc
 include/rpl_end.inc
diff --git a/mysql-test/main/rpl_mysqldump_slave.test b/mysql-test/main/rpl_mysqldump_slave.test
index 345bdb82..0273e196 100644
--- a/mysql-test/main/rpl_mysqldump_slave.test
+++ b/mysql-test/main/rpl_mysqldump_slave.test
@@ -83,6 +83,76 @@ DROP TABLE t2;
 --replace_regex /MASTER_LOG_POS=[0-9]+/MASTER_LOG_POS=BINLOG_START/
 --exec $MYSQL_DUMP_SLAVE --compact --master-data --single-transaction --gtid test
 
+#
+# MDEV-32611 Added test for mysqldump --delete-master-logs option.
+# This options is alias of
+# get binlogs: show master status -> flush logs -> purge binary logs to <new_binlog>
+# sequence and this test is derived using the same pattern.
+#
+
+connection master;
+
+CREATE TABLE t (
+    id int
+);
+
+insert into t values (1);
+insert into t values (2);
 
+drop table t;
+
+--sync_slave_with_master
+
+# MDEV-32953: Because --delete-master-logs immediately purges logs after
+# flushing, it is possible the binlog dump threads will still be using the old
+# log when the purge executes, disallowing the file from being deleted.
+# Therefore, we temporarily stop the slave so there is no chance the old binlog
+# is still being referenced. master_use_gtid=Slave_pos is necessary to still
+# appear up-to-date to the master on restart after the master has flushed the
+# logs (while the slave is offline). Otherwise (i.e. if using binlog file/pos),
+# the slave would point to a purged log file, and receive an error immediately
+# upon connecting to the master.
+--source include/stop_slave.inc
+change master to master_use_gtid=slave_pos;
+
+connection master;
+
+--echo # Ensuring the binlog dump thread is killed on primary...
+--disable_query_log
+--let $binlog_dump_thd_tid= `SELECT ID FROM INFORMATION_SCHEMA.PROCESSLIST WHERE COMMAND LIKE 'Binlog Dump'`
+if ($binlog_dump_thd_tid)
+{
+  --eval kill $binlog_dump_thd_tid
+}
+--let $wait_condition= SELECT COUNT(*)=0 FROM INFORMATION_SCHEMA.PROCESSLIST WHERE COMMAND LIKE 'Binlog Dump'
+--source include/wait_condition.inc
+--enable_query_log
+
+--let $predump_binlog_filename= query_get_value(SHOW MASTER STATUS, File, 1)
+
+# Execute mysqldump with delete-master-logs option
+--replace_regex /MASTER_LOG_POS=[0-9]+/MASTER_LOG_POS=BINLOG_START/
+--exec $MYSQL_DUMP --compact --no-create-info --no-data --delete-master-logs test
+
+--let $postdump_binlog_filename= query_get_value(SHOW MASTER STATUS, File, 1)
+
+--let $postdump_first_binary_log_filename= query_get_value(SHOW BINARY LOGS, Log_name, 1)
+
+if ($predump_binlog_filename == $postdump_binlog_filename)
+{
+  --echo # predump_binlog_filename: $predump_binlog_filename
+  --echo # postdump_binlog_filename: $postdump_binlog_filename
+  --die Master state didn't change after mariadb-dump with --delete-master-logs.
+}
+
+if ($postdump_first_binary_log_filename != $postdump_binlog_filename)
+{
+  --echo # postdump_first_binary_log_filename: $postdump_first_binary_log_filename
+  --echo # postdump_binlog_filename: $postdump_binlog_filename
+  --die Master binlog wasn't deleted after mariadb-dump with --delete-master-logs.
+}
+
+connection slave;
+--source include/start_slave.inc
 
 --source include/rpl_end.inc
diff --git a/mysql-test/main/secondary_key_costs.result b/mysql-test/main/secondary_key_costs.result
new file mode 100644
index 00000000..55c84705
--- /dev/null
+++ b/mysql-test/main/secondary_key_costs.result
@@ -0,0 +1,82 @@
+create table t1 (
+pk int primary key auto_increment,
+nm varchar(32),
+fl1 tinyint default 0,
+fl2 tinyint default 0,
+index idx1(nm, fl1),
+index idx2(fl2)
+) engine=myisam;
+create table name (
+pk int primary key auto_increment,
+nm bigint
+) engine=myisam;
+create table flag2 (
+pk int primary key auto_increment,
+fl2 tinyint
+) engine=myisam;
+insert into name(nm) select seq from seq_1_to_1000 order by rand(17);
+insert into flag2(fl2) select seq mod 2 from seq_1_to_1000 order by rand(19);
+insert into t1(nm,fl2)
+select nm, fl2 from name, flag2 where name.pk = flag2.pk;
+analyze table t1 persistent for all;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	Engine-independent statistics collected
+test.t1	analyze	status	Table is already up to date
+set optimizer_trace="enabled=on";
+set optimizer_switch='rowid_filter=on';
+set statement optimizer_adjust_secondary_key_costs=0 for
+explain select * from t1  where nm like '500%' AND fl2 = 0;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	range	idx1,idx2	idx1	35	NULL	1	Using index condition; Using where
+set @trace=(select trace from information_schema.optimizer_trace);
+select json_detailed(json_extract(@trace, '$**.considered_access_paths'));
+json_detailed(json_extract(@trace, '$**.considered_access_paths'))
+[
+    [
+        {
+            "access_type": "ref",
+            "index": "idx2",
+            "used_range_estimates": true,
+            "rowid_filter_skipped": "worst/max seeks clipping",
+            "rows": 492,
+            "cost": 492.3171406,
+            "chosen": true
+        },
+        {
+            "access_type": "range",
+            "resulting_rows": 0.492,
+            "cost": 1.448699097,
+            "chosen": true
+        }
+    ]
+]
+
+The following trace should have a different rowid_filter_key cost
+
+set statement optimizer_adjust_secondary_key_costs=2 for
+explain select * from t1  where nm like '500%' AND fl2 = 0;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	range	idx1,idx2	idx1	35	NULL	1	Using index condition; Using where
+set @trace=(select trace from information_schema.optimizer_trace);
+select json_detailed(json_extract(@trace, '$**.considered_access_paths'));
+json_detailed(json_extract(@trace, '$**.considered_access_paths'))
+[
+    [
+        {
+            "access_type": "ref",
+            "index": "idx2",
+            "used_range_estimates": true,
+            "rowid_filter_key": "idx1",
+            "rows": 492,
+            "cost": 3.814364688,
+            "chosen": true
+        },
+        {
+            "access_type": "range",
+            "resulting_rows": 0.492,
+            "cost": 1.448699097,
+            "chosen": true
+        }
+    ]
+]
+drop table t1, name, flag2;
diff --git a/mysql-test/main/secondary_key_costs.test b/mysql-test/main/secondary_key_costs.test
new file mode 100644
index 00000000..d3db1376
--- /dev/null
+++ b/mysql-test/main/secondary_key_costs.test
@@ -0,0 +1,53 @@
+--source include/have_sequence.inc
+--source include/not_embedded.inc
+
+#
+# Show the costs for rowid filter
+#
+
+create table t1 (
+  pk int primary key auto_increment,
+  nm varchar(32),
+  fl1 tinyint default 0,
+  fl2 tinyint default 0,
+  index idx1(nm, fl1),
+  index idx2(fl2)
+) engine=myisam;
+
+create table name (
+  pk int primary key auto_increment,
+  nm bigint
+) engine=myisam;
+
+create table flag2 (
+  pk int primary key auto_increment,
+  fl2 tinyint
+) engine=myisam;
+
+insert into name(nm) select seq from seq_1_to_1000 order by rand(17);
+insert into flag2(fl2) select seq mod 2 from seq_1_to_1000 order by rand(19);
+
+insert into t1(nm,fl2)
+  select nm, fl2 from name, flag2 where name.pk = flag2.pk;
+
+analyze table t1 persistent for all;
+
+--disable_ps_protocol
+set optimizer_trace="enabled=on";
+set optimizer_switch='rowid_filter=on';
+set statement optimizer_adjust_secondary_key_costs=0 for
+explain select * from t1  where nm like '500%' AND fl2 = 0;
+set @trace=(select trace from information_schema.optimizer_trace);
+select json_detailed(json_extract(@trace, '$**.considered_access_paths'));
+
+--echo
+--echo The following trace should have a different rowid_filter_key cost
+--echo
+set statement optimizer_adjust_secondary_key_costs=2 for
+explain select * from t1  where nm like '500%' AND fl2 = 0;
+set @trace=(select trace from information_schema.optimizer_trace);
+select json_detailed(json_extract(@trace, '$**.considered_access_paths'));
+
+--enable_ps_protocol
+
+drop table t1, name, flag2;
diff --git a/mysql-test/main/set_password.result b/mysql-test/main/set_password.result
index a3d8683e..19ca628f 100644
--- a/mysql-test/main/set_password.result
+++ b/mysql-test/main/set_password.result
@@ -1,4 +1,6 @@
 set global secure_auth=0;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 create user natauth@localhost identified via 'mysql_native_password' using '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
 create user invalidauth@localhost identified via 'mysql_native_password' using 'invalid';
 create user newpass@localhost identified by password '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
@@ -186,6 +188,8 @@ drop user natauth@localhost, newpass@localhost, newpassnat@localhost;
 drop user invalidauth@localhost, invalidpass@localhost, invalidpassnat@localhost,invalidmysql57auth@localhost;
 drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost;
 set global secure_auth=default;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 # switching from mysql.global_priv to mysql.user
 create user foo@localhost identified with mysql_native_password;
 update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost';
diff --git a/mysql-test/main/show_check.result b/mysql-test/main/show_check.result
index 5058f6d6..30637e12 100644
--- a/mysql-test/main/show_check.result
+++ b/mysql-test/main/show_check.result
@@ -104,19 +104,19 @@ drop table t1;
 show variables like "wait_timeout%";
 Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
 def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_NAME	Variable_name	253	64	12	N	4097	0	8
-def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	2048	5	N	4097	0	8
+def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	4096	5	N	4097	0	8
 Variable_name	Value
 wait_timeout	28800
 show variables like "WAIT_timeout%";
 Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
 def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_NAME	Variable_name	253	64	12	N	4097	0	8
-def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	2048	5	N	4097	0	8
+def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	4096	5	N	4097	0	8
 Variable_name	Value
 wait_timeout	28800
 show variables like "this_doesn't_exists%";
 Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
 def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_NAME	Variable_name	253	64	0	N	4097	0	8
-def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	2048	0	N	4097	0	8
+def	information_schema	SESSION_VARIABLES	SESSION_VARIABLES	VARIABLE_VALUE	Value	253	4096	0	N	4097	0	8
 Variable_name	Value
 show table status from test like "this_doesn't_exists%";
 Catalog	Database	Table	Table_alias	Column	Column_alias	Type	Length	Max length	Is_null	Flags	Decimals	Charsetnr
diff --git a/mysql-test/main/show_explain.result b/mysql-test/main/show_explain.result
index 6bdc773a..22ac7de6 100644
--- a/mysql-test/main/show_explain.result
+++ b/mysql-test/main/show_explain.result
@@ -244,9 +244,7 @@ set @foo= (select max(a) from t0 where sin(a) >0);
 connection default;
 show explain for $thr2;
 ERROR HY000: Target is not executing an operation with a query plan
-kill query $thr2;
 connection con1;
-ERROR 70100: Query execution was interrupted
 SET debug_dbug=@old_debug;
 #
 # Attempt SHOW EXPLAIN for an UPDATE
@@ -568,9 +566,14 @@ SELECT * FROM v1, t2;
 connection default;
 show explain for $thr2;
 ERROR HY000: Target is not executing an operation with a query plan
-kill query $thr2;
 connection con1;
-ERROR 70100: Query execution was interrupted
+a	b
+8	4
+8	5
+8	6
+8	7
+8	8
+8	9
 SET debug_dbug=@old_debug;
 DROP VIEW v1;
 DROP TABLE t2, t3;
diff --git a/mysql-test/main/show_explain.test b/mysql-test/main/show_explain.test
index e6cf3971..749c08b1 100644
--- a/mysql-test/main/show_explain.test
+++ b/mysql-test/main/show_explain.test
@@ -273,9 +273,7 @@ connection default;
 --source include/wait_condition.inc
 --error ER_TARGET_NOT_EXPLAINABLE
 evalp show explain for $thr2;
-evalp kill query $thr2;
 connection con1;
---error ER_QUERY_INTERRUPTED
 reap;
 SET debug_dbug=@old_debug;
 
@@ -504,9 +502,7 @@ connection default;
 --source include/wait_condition.inc
 --error ER_TARGET_NOT_EXPLAINABLE
 evalp show explain for $thr2;
-evalp kill query $thr2;
 connection con1;
---error ER_QUERY_INTERRUPTED
 reap;
 SET debug_dbug=@old_debug;
 DROP VIEW v1;
diff --git a/mysql-test/main/sp.result b/mysql-test/main/sp.result
index 670a039b..522c2ced 100644
--- a/mysql-test/main/sp.result
+++ b/mysql-test/main/sp.result
@@ -8955,6 +8955,21 @@ DROP FUNCTION f1;
 DROP FUNCTION f2;
 DROP FUNCTION f3;
 DROP VIEW v1;
+#
+# MDEV-33270: Call of SP invoking another SP with a parameter
+#             requiring type conversion
+#
+SET NAMES latin1;
+CREATE PROCEDURE p1 (a text) BEGIN SELECT a; END |
+CREATE PROCEDURE p2 () CALL p1(concat('x',_utf8'x')) |
+CALL p2();
+a
+xx
+CALL p2();
+a
+xx
+DROP PROCEDURE p1;
+DROP PROCEDURE p2;
 # End of 10.4 tests
 #
 #
@@ -9008,6 +9023,79 @@ BEGIN NOT ATOMIC DECLARE r ROW TYPE OF t1 DEFAULT (SELECT * FROM t1); SELECT r.a
 r.a
 1
 SET SESSION log_slow_verbosity= @tmp;
+# 
+# MDEV-31616 Problems with a stored function EMPTY() on upgrade to 10.6.
+# 
+CREATE OR REPLACE FUNCTION empty(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'empty' has the same name as a native function
+SELECT empty('1');
+empty('1')
+0
+Warnings:
+Note	1585	This function 'empty' has the same name as a native function
+DROP FUNCTION empty;
+CREATE OR REPLACE FUNCTION json_table(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'json_table' has the same name as a native function
+SELECT json_table('1');
+json_table('1')
+0
+Warnings:
+Note	1585	This function 'json_table' has the same name as a native function
+DROP FUNCTION json_table;
+CREATE OR REPLACE FUNCTION nested(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'nested' has the same name as a native function
+SELECT nested('1');
+nested('1')
+0
+Warnings:
+Note	1585	This function 'nested' has the same name as a native function
+DROP FUNCTION nested;
+CREATE OR REPLACE FUNCTION ordinality(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'ordinality' has the same name as a native function
+SELECT ordinality('1');
+ordinality('1')
+0
+Warnings:
+Note	1585	This function 'ordinality' has the same name as a native function
+DROP FUNCTION ordinality;
+CREATE OR REPLACE FUNCTION path(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'path' has the same name as a native function
+SELECT path('1');
+path('1')
+0
+Warnings:
+Note	1585	This function 'path' has the same name as a native function
+DROP FUNCTION path;
+CREATE OR REPLACE FUNCTION fast(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'fast' has the same name as a native function
+SELECT fast('1');
+fast('1')
+0
+Warnings:
+Note	1585	This function 'fast' has the same name as a native function
+DROP FUNCTION fast;
+CREATE OR REPLACE FUNCTION relay(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+Warnings:
+Note	1585	This function 'relay' has the same name as a native function
+SELECT relay('1');
+relay('1')
+0
+Warnings:
+Note	1585	This function 'relay' has the same name as a native function
+DROP FUNCTION relay;
+CREATE OR REPLACE FUNCTION database() RETURNS int RETURN 333;
+Warnings:
+Note	1585	This function 'database' has the same name as a native function
+SELECT database();
+database()
+test
+DROP FUNCTION database;
 DROP TABLE t1;
 #
 # MDEV-28129: MariaDB UAF issue at lex_end_nops(LEX*)
diff --git a/mysql-test/main/sp.test b/mysql-test/main/sp.test
index 9d2ea3cf..4e9b4c78 100644
--- a/mysql-test/main/sp.test
+++ b/mysql-test/main/sp.test
@@ -10566,6 +10566,26 @@ DROP FUNCTION f2;
 DROP FUNCTION f3;
 DROP VIEW v1;
 
+--echo #
+--echo # MDEV-33270: Call of SP invoking another SP with a parameter
+--echo #             requiring type conversion
+--echo #
+
+SET NAMES latin1;
+
+--delimiter |
+
+CREATE PROCEDURE p1 (a text) BEGIN SELECT a; END |
+CREATE PROCEDURE p2 () CALL p1(concat('x',_utf8'x')) |
+
+--delimiter ;
+
+CALL p2();
+CALL p2();
+
+DROP PROCEDURE p1;
+DROP PROCEDURE p2;
+
 --echo # End of 10.4 tests
 --echo #
 
@@ -10618,6 +10638,44 @@ BEGIN NOT ATOMIC DECLARE r ROW TYPE OF t1 DEFAULT (SELECT * FROM t1); SELECT r.a
 --delimiter ;
 
 SET SESSION log_slow_verbosity= @tmp;
+
+--echo # 
+--echo # MDEV-31616 Problems with a stored function EMPTY() on upgrade to 10.6.
+--echo # 
+CREATE OR REPLACE FUNCTION empty(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT empty('1');
+DROP FUNCTION empty;
+
+CREATE OR REPLACE FUNCTION json_table(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT json_table('1');
+DROP FUNCTION json_table;
+
+CREATE OR REPLACE FUNCTION nested(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT nested('1');
+DROP FUNCTION nested;
+
+CREATE OR REPLACE FUNCTION ordinality(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT ordinality('1');
+DROP FUNCTION ordinality;
+
+CREATE OR REPLACE FUNCTION path(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT path('1');
+DROP FUNCTION path;
+
+
+CREATE OR REPLACE FUNCTION fast(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT fast('1');
+DROP FUNCTION fast;
+
+CREATE OR REPLACE FUNCTION relay(a VARCHAR(128)) RETURNS int RETURN LENGTH(a)=0;
+SELECT relay('1');
+DROP FUNCTION relay;
+
+CREATE OR REPLACE FUNCTION database() RETURNS int RETURN 333;
+SELECT database();
+DROP FUNCTION database;
+
+
 # Cleanup
 DROP TABLE t1;
 
diff --git a/mysql-test/main/sp_notembedded.result b/mysql-test/main/sp_notembedded.result
index e0336159..927e03d2 100644
--- a/mysql-test/main/sp_notembedded.result
+++ b/mysql-test/main/sp_notembedded.result
@@ -1,7 +1,5 @@
 set @old_concurrent_insert= @@global.concurrent_insert;
 set @@global.concurrent_insert= 0;
-drop table if exists t1,t3;
-drop procedure if exists bug4902|
 create procedure bug4902()
 begin
 show grants for 'root'@'localhost';
@@ -15,7 +13,6 @@ Grants for root@localhost
 GRANT ALL PRIVILEGES ON *.* TO `root`@`localhost` WITH GRANT OPTION
 GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION
 drop procedure bug4902|
-drop procedure if exists bug4902_2|
 create procedure bug4902_2()
 begin
 show processlist;
@@ -23,13 +20,10 @@ end|
 call bug4902_2()|
 show warnings|
 Level	Code	Message
-Note	1305	PROCEDURE test.bug4902_2 does not exist
 call bug4902_2()|
 show warnings|
 Level	Code	Message
-Note	1305	PROCEDURE test.bug4902_2 does not exist
 drop procedure bug4902_2|
-drop procedure if exists bug6807|
 create procedure bug6807()
 begin
 declare a int;
@@ -42,116 +36,6 @@ ERROR 70100: Query execution was interrupted
 call bug6807()|
 ERROR 70100: Query execution was interrupted
 drop procedure bug6807|
-drop function if exists bug10100f|
-drop procedure if exists bug10100p|
-drop procedure if exists bug10100t|
-drop procedure if exists bug10100pt|
-drop procedure if exists bug10100pv|
-drop procedure if exists bug10100pd|
-drop procedure if exists bug10100pc|
-create function bug10100f(prm int) returns int
-begin
-if prm > 1 then
-return prm * bug10100f(prm - 1);
-end if;
-return 1;
-end|
-set statement sql_mode = '' for
-create procedure bug10100p(prm int, inout res int)
-begin
-set res = res * prm;
-if prm > 1 then
-call bug10100p(prm - 1, res);
-end if;
-end|
-set statement sql_mode = '' for
-create procedure bug10100t(prm int)
-begin
-declare res int;
-set res = 1;
-call bug10100p(prm, res);
-select res;
-end|
-create table t3 (a int)|
-insert into t3 values (0)|
-create view v1 as select a from t3|
-create procedure bug10100pt(level int, lim int)
-begin
-if level < lim then
-update t3 set a=level;
-FLUSH TABLES;
-call bug10100pt(level+1, lim);
-else
-select * from t3;
-end if;
-end|
-create procedure bug10100pv(level int, lim int)
-begin
-if level < lim then
-update v1 set a=level;
-FLUSH TABLES;
-call bug10100pv(level+1, lim);
-else
-select * from v1;
-end if;
-end|
-prepare stmt2 from "select * from t3;";
-create procedure bug10100pd(level int, lim int)
-begin
-if level < lim then
-select level;
-prepare stmt1 from "update t3 set a=a+2";
-execute stmt1;
-FLUSH TABLES;
-execute stmt1;
-FLUSH TABLES;
-execute stmt1;
-FLUSH TABLES;
-deallocate prepare stmt1;
-execute stmt2;
-select * from t3;
-call bug10100pd(level+1, lim);
-else
-execute stmt2;
-end if;
-end|
-create procedure bug10100pc(level int, lim int)
-begin
-declare lv int;
-declare c cursor for select a from t3;
-open c;
-if level < lim then
-select level;
-fetch c into lv;
-select lv;
-update t3 set a=level+lv;
-FLUSH TABLES;
-call bug10100pc(level+1, lim);
-else
-select * from t3;
-end if;
-close c;
-end|
-set @@max_sp_recursion_depth=255|
-set @var=1|
-call bug10100p(255, @var)|
-call bug10100pt(1,255)|
-call bug10100pv(1,255)|
-call bug10100pd(1,255)|
-call bug10100pc(1,255)|
-set @@max_sp_recursion_depth=0|
-deallocate prepare stmt2|
-drop function bug10100f|
-drop procedure bug10100p|
-drop procedure bug10100t|
-drop procedure bug10100pt|
-drop procedure bug10100pv|
-drop procedure bug10100pd|
-drop procedure bug10100pc|
-drop view v1|
-drop table t3|
-drop procedure if exists bug15298_1;
-drop procedure if exists bug15298_2;
 create user 'mysqltest_1'@'localhost';
 grant all privileges on test.* to 'mysqltest_1'@'localhost';
 create procedure 15298_1 () sql security definer show grants for current_user;
@@ -170,8 +54,6 @@ disconnect con1;
 drop user mysqltest_1@localhost;
 drop procedure 15298_1;
 drop procedure 15298_2;
-drop table if exists t1;
-drop procedure if exists p1;
 create table t1 (value varchar(15));
 create procedure p1() update t1 set value='updated' where value='old';
 call p1();
@@ -283,7 +165,6 @@ disconnect con2;
 # functions in databases which names contained dot.
 #
 connection default;
-DROP DATABASE IF EXISTS `my.db`;
 create database `my.db`;
 use `my.db`;
 CREATE FUNCTION f1(a int) RETURNS INT RETURN a;
diff --git a/mysql-test/main/sp_notembedded.test b/mysql-test/main/sp_notembedded.test
index 12bacff4..9aca03fb 100644
--- a/mysql-test/main/sp_notembedded.test
+++ b/mysql-test/main/sp_notembedded.test
@@ -7,19 +7,12 @@ set @@global.concurrent_insert= 0;
 # Save the initial number of concurrent sessions
 --source include/count_sessions.inc
 
---disable_warnings
-drop table if exists t1,t3;
---enable_warnings
 delimiter |;
 
-
 #
 # Bug#4902 Stored procedure with SHOW WARNINGS leads to packet error
 #
 # Added tests for show grants command
---disable_warnings
-drop procedure if exists bug4902|
---enable_warnings
 create procedure bug4902()
 begin
   show grants for 'root'@'localhost';
@@ -38,9 +31,6 @@ call bug4902()|
 drop procedure bug4902|
 
 # We need separate SP for SHOW PROCESSLIST  since we want use replace_column
---disable_warnings
-drop procedure if exists bug4902_2|
---enable_warnings
 create procedure bug4902_2()
 begin
   show processlist;
@@ -58,9 +48,6 @@ drop procedure bug4902_2|
 #
 # Bug#6807 Stored procedure crash if CREATE PROCEDURE ... KILL QUERY
 #
---disable_warnings
-drop procedure if exists bug6807|
---enable_warnings
 create procedure bug6807()
 begin
   declare a int;
@@ -77,152 +64,11 @@ call bug6807()|
 
 drop procedure bug6807|
 
-
-#
-# Bug#10100 function (and stored procedure?) recursivity problem
-#
---disable_warnings
-drop function if exists bug10100f|
-drop procedure if exists bug10100p|
-drop procedure if exists bug10100t|
-drop procedure if exists bug10100pt|
-drop procedure if exists bug10100pv|
-drop procedure if exists bug10100pd|
-drop procedure if exists bug10100pc|
---enable_warnings
-# routines with simple recursion
-create function bug10100f(prm int) returns int
-begin
-  if prm > 1 then
-    return prm * bug10100f(prm - 1);
-  end if;
-  return 1;
-end|
-set statement sql_mode = '' for
-create procedure bug10100p(prm int, inout res int)
-begin
-  set res = res * prm;
-  if prm > 1 then
-    call bug10100p(prm - 1, res);
-  end if;
-end|
-set statement sql_mode = '' for
-create procedure bug10100t(prm int)
-begin
-  declare res int;
-  set res = 1;
-  call bug10100p(prm, res);
-  select res;
-end|
-
-# a procedure which use tables and recursion
-create table t3 (a int)|
-insert into t3 values (0)|
-create view v1 as select a from t3|
-create procedure bug10100pt(level int, lim int)
-begin
-  if level < lim then
-    update t3 set a=level;
-    FLUSH TABLES;
-    call bug10100pt(level+1, lim);
-  else
-    select * from t3;
-  end if;
-end|
-# view & recursion
-create procedure bug10100pv(level int, lim int)
-begin
-  if level < lim then
-    update v1 set a=level;
-    FLUSH TABLES;
-    call bug10100pv(level+1, lim);
-  else
-    select * from v1;
-  end if;
-end|
-# dynamic sql & recursion
-prepare stmt2 from "select * from t3;";
-create procedure bug10100pd(level int, lim int)
-begin
-  if level < lim then
-    select level;
-    prepare stmt1 from "update t3 set a=a+2";
-    execute stmt1;
-    FLUSH TABLES;
-    execute stmt1;
-    FLUSH TABLES;
-    execute stmt1;
-    FLUSH TABLES;
-    deallocate prepare stmt1;
-    execute stmt2;
-    select * from t3;
-    call bug10100pd(level+1, lim);
-  else
-    execute stmt2;
-  end if;
-end|
-# cursor & recursion
-create procedure bug10100pc(level int, lim int)
-begin
-  declare lv int;
-  declare c cursor for select a from t3;
-  open c;
-  if level < lim then
-    select level;
-    fetch c into lv;
-    select lv;
-    update t3 set a=level+lv;
-    FLUSH TABLES;
-    call bug10100pc(level+1, lim);
-  else
-    select * from t3;
-  end if;
-  close c;
-end|
-
-# end of the stack checking
-set @@max_sp_recursion_depth=255|
-set @var=1|
-# disable log because error about stack overrun contains numbers which
-# depend on a system
--- disable_ps_protocol
--- disable_result_log
--- error ER_STACK_OVERRUN_NEED_MORE
-call bug10100p(255, @var)|
--- error ER_STACK_OVERRUN_NEED_MORE
-call bug10100pt(1,255)|
--- error ER_STACK_OVERRUN_NEED_MORE
-call bug10100pv(1,255)|
--- error ER_STACK_OVERRUN_NEED_MORE
-call bug10100pd(1,255)|
--- error ER_STACK_OVERRUN_NEED_MORE
-call bug10100pc(1,255)|
--- enable_result_log
--- enable_ps_protocol
-set @@max_sp_recursion_depth=0|
-
-deallocate prepare stmt2|
-
-drop function bug10100f|
-drop procedure bug10100p|
-drop procedure bug10100t|
-drop procedure bug10100pt|
-drop procedure bug10100pv|
-drop procedure bug10100pd|
-drop procedure bug10100pc|
-drop view v1|
-drop table t3|
-
 delimiter ;|
 
-
 #
 # Bug#15298 SHOW GRANTS FOR CURRENT_USER: Incorrect output in DEFINER context
 #
---disable_warnings
-drop procedure if exists bug15298_1;
-drop procedure if exists bug15298_2;
---enable_warnings
 create user 'mysqltest_1'@'localhost';
 grant all privileges on test.* to 'mysqltest_1'@'localhost';
 create procedure 15298_1 () sql security definer show grants for current_user;
@@ -242,11 +88,6 @@ drop procedure 15298_2;
 # Bug#29936 Stored Procedure DML ignores low_priority_updates setting
 #
 
---disable_warnings
-drop table if exists t1;
-drop procedure if exists p1;
---enable_warnings
-
 create table t1 (value varchar(15));
 create procedure p1() update t1 set value='updated' where value='old';
 
@@ -411,10 +252,6 @@ DROP FUNCTION f1;
 
 connection default;
 
---disable_warnings
-DROP DATABASE IF EXISTS `my.db`;
---enable_warnings
-
 create database `my.db`;
 use `my.db`;
 
diff --git a/mysql-test/main/ssl.result b/mysql-test/main/ssl.result
index 794830e5..4f8ce517 100644
--- a/mysql-test/main/ssl.result
+++ b/mysql-test/main/ssl.result
@@ -1,4 +1,22 @@
 connect  ssl_con,localhost,root,,,,,SSL;
+select variable_name from performance_schema.status_by_thread where VARIABLE_NAME LIKE 'Ssl%';
+variable_name
+Ssl_cipher
+Ssl_cipher_list
+Ssl_default_timeout
+Ssl_server_not_after
+Ssl_server_not_before
+Ssl_verify_depth
+Ssl_verify_mode
+Ssl_version
+Ssl_cipher
+Ssl_cipher_list
+Ssl_default_timeout
+Ssl_server_not_after
+Ssl_server_not_before
+Ssl_verify_depth
+Ssl_verify_mode
+Ssl_version
 SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 have_ssl
 1
diff --git a/mysql-test/main/ssl.test b/mysql-test/main/ssl.test
index d3830bb7..642af380 100644
--- a/mysql-test/main/ssl.test
+++ b/mysql-test/main/ssl.test
@@ -10,9 +10,12 @@
 --source include/count_sessions.inc
 
 --source include/default_charset.inc
+--source include/have_perfschema.inc
 
 connect (ssl_con,localhost,root,,,,,SSL);
 
+select variable_name from performance_schema.status_by_thread where VARIABLE_NAME LIKE 'Ssl%';
+
 # Check ssl turned on
 SELECT (VARIABLE_VALUE <> '') AS have_ssl FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_NAME='Ssl_cipher';
 
diff --git a/mysql-test/main/strict.result b/mysql-test/main/strict.result
index 31630599..d9d92402 100644
--- a/mysql-test/main/strict.result
+++ b/mysql-test/main/strict.result
@@ -897,7 +897,7 @@ ERROR 22003: Out of range value for column 'col1' at row 1
 INSERT INTO t1 (col2) VALUES ('-1.2E-3');
 ERROR 22003: Out of range value for column 'col2' at row 1
 UPDATE t1 SET col1 =col1 * 5000 WHERE col1 > 0;
-ERROR 22003: DOUBLE value is out of range in '"test"."t1"."col1" * 5000'
+Got one of the listed errors
 UPDATE t1 SET col2 =col2 / 0 WHERE col2 > 0;
 ERROR 22012: Division by 0
 UPDATE t1 SET col2= MOD(col2,0) WHERE col2 > 0;
diff --git a/mysql-test/main/strict.test b/mysql-test/main/strict.test
index 830f051a..1819f399 100644
--- a/mysql-test/main/strict.test
+++ b/mysql-test/main/strict.test
@@ -824,7 +824,7 @@ INSERT INTO t1 (col2) VALUES (-1.1E-3);
 INSERT INTO t1 (col1) VALUES ('+1.8E+309');
 --error 1264
 INSERT INTO t1 (col2) VALUES ('-1.2E-3');
---error ER_DATA_OUT_OF_RANGE
+--error ER_DATA_OUT_OF_RANGE, ER_WARN_DATA_OUT_OF_RANGE
 UPDATE t1 SET col1 =col1 * 5000 WHERE col1 > 0;
 --error 1365
 UPDATE t1 SET col2 =col2 / 0 WHERE col2 > 0;
diff --git a/mysql-test/main/subselect.result b/mysql-test/main/subselect.result
index 32652244..9fbf36e3 100644
--- a/mysql-test/main/subselect.result
+++ b/mysql-test/main/subselect.result
@@ -1318,7 +1318,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7161,23 +7161,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7190,6 +7193,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7495,6 +7499,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect.test b/mysql-test/main/subselect.test
index 97869a70..002d5ced 100644
--- a/mysql-test/main/subselect.test
+++ b/mysql-test/main/subselect.test
@@ -1180,8 +1180,10 @@ create table t1 (a int, b decimal(13, 3));
 insert into t1 values (1, 0.123);
 let $outfile_abs= $MYSQLTEST_VARDIR/tmp/subselect.out.file.1;
 let $outfile_rel= ../../tmp/subselect.out.file.1;
+--disable_warnings
 --error 0,1
 --remove_file $outfile_abs
+--enable_warnings
 eval select a, (select max(b) from t1) into outfile "$outfile_rel" from t1;
 delete from t1;
 eval load data infile "$outfile_rel" into table t1;
@@ -6000,24 +6002,28 @@ drop table t1;
 --echo #
 --echo # MDEV-7565: Server crash with Signal 6 (part 2)
 --echo #
+
+create table t1 (id int not null primary key);
 Select 
-  (Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-    Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+  (Select Sum(`TestCase`.Revenue) From t1 E
+    Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
   ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
+drop table t1;
 
 --echo #
 --echo # MDEV-7445:Server crash with Signal 6
 --echo #
 
+create table t1 (id int not null primary key);
 --delimiter |
 CREATE PROCEDURE procedure2()
 BEGIN
   Select 
-    (Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-      Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+    (Select Sum(`TestCase`.Revenue) From t1 E           
+      Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
      ) As `ControlRev`
   From 
   (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -6029,6 +6035,7 @@ call procedure2();
 call procedure2();
 
 drop procedure procedure2;
+drop table t1;
 
 
 --echo #
@@ -6351,6 +6358,50 @@ SELECT ROW(1,2) = 1 IN (SELECT 1 UNION SELECT 2);
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 
 --echo #
+--echo # MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+--echo # in Item_type_holder::val_decimal on SELECT
+--echo #
+
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+
+UPDATE t1 SET a = 0
+  WHERE (SELECT a, a WHERE a < 0 INTERSECT
+         SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+                        SELECT + 1 / + 1, a FROM t1
+  WHERE a > -0 + 1) IN (SELECT a, a);
+
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+let $q= WITH RECURSIVE x (x) AS (
+  SELECT 1 INTERSECT
+  SELECT -(SELECT 1.000000 AS x
+           UNION
+           SELECT 1.000000 ORDER BY NOT x < 'x',
+                                    -(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+                                    WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+           ) + 1 FROM x
+  )
+  SELECT DISTINCT x, 1, NULL, 1.000000
+  FROM x
+  WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+        (SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+        ORDER BY x ASC, x DESC, x;
+
+--error ER_NOT_STANDARD_COMPLIANT_RECURSIVE
+eval $q;
+
+DROP TABLE t1, x;
+
+--echo #
 --echo # End of 10.4 tests
 --echo #
 
diff --git a/mysql-test/main/subselect4.result b/mysql-test/main/subselect4.result
index a041d76e..6d1e0dac 100644
--- a/mysql-test/main/subselect4.result
+++ b/mysql-test/main/subselect4.result
@@ -1892,6 +1892,8 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 2	SUBQUERY	SUBQUERY2_t1	index	NULL	col_int_key	5	NULL	2	Using index
 2	SUBQUERY	SUBQUERY2_t2	ALL	col_varchar_key	NULL	NULL	NULL	2	Using where; Using join buffer (flat, BNL join)
 3	MATERIALIZED	t1	ALL	NULL	NULL	NULL	NULL	2	
+Warnings:
+Note	1105	Cannot use key `col_varchar_key` part[0] for lookup: `test`.`t1`.`col_varchar_key` of type `varchar` < "0" of type `bigint`
 SELECT col_int_key
 FROM t2
 WHERE (SELECT SUBQUERY2_t1.col_int_key
@@ -1917,6 +1919,8 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 2	SUBQUERY	SUBQUERY2_t1	index	NULL	col_int_key	5	NULL	2	Using index
 2	SUBQUERY	SUBQUERY2_t2	ALL	col_varchar_key	NULL	NULL	NULL	2	Using where; Using join buffer (flat, BNL join)
 3	DEPENDENT SUBQUERY	t1	ALL	NULL	NULL	NULL	NULL	2	Using where
+Warnings:
+Note	1105	Cannot use key `col_varchar_key` part[0] for lookup: `test`.`t1`.`col_varchar_key` of type `varchar` < "0" of type `bigint`
 SELECT col_int_key
 FROM t2
 WHERE (SELECT SUBQUERY2_t1.col_int_key
@@ -3235,4 +3239,95 @@ FROM x
 )
 );
 ERROR 21000: Operand should contain 2 column(s)
+#
+# MDEV-29362: Constant subquery used as left part of IN subquery
+#
+CREATE TABLE t1 (a int) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (15), (1), (2);
+CREATE TABLE t2 (b int) ENGINE=MyISAM;
+INSERT INTO t2 VALUES (15), (1);
+CREATE TABLE t3 (c int) ENGINE=MyISAM;
+INSERT INTO t3 VALUES (15), (1);
+SET optimizer_switch='condition_pushdown_from_having=off';
+SELECT a FROM t1 GROUP BY a
+HAVING a = ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  ) + 1;
+a
+2
+SELECT a FROM t1 GROUP BY a
+HAVING a IN ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  );
+a
+1
+SET optimizer_switch='condition_pushdown_from_having=on';
+SELECT a FROM t1 GROUP BY a
+HAVING a = ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  ) + 1;
+a
+2
+SELECT a FROM t1 GROUP BY a
+HAVING a IN ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  );
+a
+1
+EXPLAIN FORMAT=JSON SELECT a FROM t1 GROUP BY a
+HAVING a = ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  ) + 1;
+EXPLAIN
+{
+  "query_block": {
+    "select_id": 1,
+    "nested_loop": [
+      {
+        "table": {
+          "table_name": "t1",
+          "access_type": "ALL",
+          "rows": 3,
+          "filtered": 100,
+          "attached_condition": "t1.a = <cache>((<in_optimizer>((subquery#2),<exists>(subquery#3))) + 1)"
+        }
+      }
+    ],
+    "subqueries": [
+      {
+        "query_block": {
+          "select_id": 3,
+          "having_condition": "trigcond(t3.c is null)",
+          "nested_loop": [
+            {
+              "table": {
+                "table_name": "t3",
+                "access_type": "ALL",
+                "rows": 2,
+                "filtered": 100,
+                "attached_condition": "trigcond(1 = t3.c or t3.c is null)"
+              }
+            }
+          ]
+        }
+      },
+      {
+        "query_block": {
+          "select_id": 2,
+          "nested_loop": [
+            {
+              "table": {
+                "table_name": "t2",
+                "access_type": "ALL",
+                "rows": 2,
+                "filtered": 100,
+                "attached_condition": "t2.b = 1"
+              }
+            }
+          ]
+        }
+      }
+    ]
+  }
+}
+PREPARE stmt FROM "SELECT a FROM t1 GROUP BY a
+HAVING a = ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  ) + 1";
+EXECUTE stmt;
+a
+2
+EXECUTE stmt;
+a
+2
+DEALLOCATE PREPARE stmt;
+DROP TABLE t1,t2,t3;
 # End of 10.4 tests
diff --git a/mysql-test/main/subselect4.test b/mysql-test/main/subselect4.test
index d1ad903c..41fa9066 100644
--- a/mysql-test/main/subselect4.test
+++ b/mysql-test/main/subselect4.test
@@ -2633,6 +2633,42 @@ SELECT
          )
   );
 
+--echo #
+--echo # MDEV-29362: Constant subquery used as left part of IN subquery
+--echo #
+
+CREATE TABLE t1 (a int) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (15), (1), (2);
+CREATE TABLE t2 (b int) ENGINE=MyISAM;
+INSERT INTO t2 VALUES (15), (1);
+CREATE TABLE t3 (c int) ENGINE=MyISAM;
+INSERT INTO t3 VALUES (15), (1);
+
+let $q1=
+SELECT a FROM t1 GROUP BY a
+  HAVING a = ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  ) + 1;
+let $q2=
+SELECT a FROM t1 GROUP BY a
+  HAVING a IN ( (SELECT b FROM t2 where b=1) IN (SELECT c FROM t3)  );
+
+SET optimizer_switch='condition_pushdown_from_having=off';
+
+eval $q1;
+eval $q2;
+
+SET optimizer_switch='condition_pushdown_from_having=on';
+
+eval $q1;
+eval $q2;
+
+eval EXPLAIN FORMAT=JSON $q1;
+
+eval PREPARE stmt FROM "$q1";
+EXECUTE stmt;
+EXECUTE stmt;
+DEALLOCATE PREPARE stmt;
+
+DROP TABLE t1,t2,t3;
 
 --echo # End of 10.4 tests
 
diff --git a/mysql-test/main/subselect_no_exists_to_in.result b/mysql-test/main/subselect_no_exists_to_in.result
index 2f9b36d1..0fdd573b 100644
--- a/mysql-test/main/subselect_no_exists_to_in.result
+++ b/mysql-test/main/subselect_no_exists_to_in.result
@@ -1322,7 +1322,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7161,23 +7161,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7190,6 +7193,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7495,6 +7499,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect_no_mat.result b/mysql-test/main/subselect_no_mat.result
index 7e692c1a..5183d50c 100644
--- a/mysql-test/main/subselect_no_mat.result
+++ b/mysql-test/main/subselect_no_mat.result
@@ -1325,7 +1325,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7154,23 +7154,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7183,6 +7186,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7488,6 +7492,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect_no_opts.result b/mysql-test/main/subselect_no_opts.result
index 790e0f84..603958d2 100644
--- a/mysql-test/main/subselect_no_opts.result
+++ b/mysql-test/main/subselect_no_opts.result
@@ -1321,7 +1321,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7152,23 +7152,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7181,6 +7184,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7486,6 +7490,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect_no_scache.result b/mysql-test/main/subselect_no_scache.result
index 96d68a94..67d738a8 100644
--- a/mysql-test/main/subselect_no_scache.result
+++ b/mysql-test/main/subselect_no_scache.result
@@ -1324,7 +1324,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7167,23 +7167,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7196,6 +7199,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7501,6 +7505,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect_no_semijoin.result b/mysql-test/main/subselect_no_semijoin.result
index 46894d3c..09073c99 100644
--- a/mysql-test/main/subselect_no_semijoin.result
+++ b/mysql-test/main/subselect_no_semijoin.result
@@ -1321,7 +1321,7 @@ a
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
-  `a` int(3) DEFAULT NULL
+  `a` int(11) DEFAULT NULL
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 create table t1 (a int);
@@ -7152,23 +7152,26 @@ drop table t1;
 #
 # MDEV-7565: Server crash with Signal 6 (part 2)
 #
+create table t1 (id int not null primary key);
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
 From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
 Group By  TestCase.Revenue, TestCase.TemplateID;
 ControlRev
 NULL
+drop table t1;
 #
 # MDEV-7445:Server crash with Signal 6
 #
+create table t1 (id int not null primary key);
 CREATE PROCEDURE procedure2()
 BEGIN
 Select 
-(Select Sum(`TestCase`.Revenue) From mysql.slow_log E           
-Where TestCase.TemplateID not in (Select 1 from mysql.slow_log where 2=2)
+(Select Sum(`TestCase`.Revenue) From t1 E           
+Where TestCase.TemplateID not in (Select 1 from t1 where 2=2)
 ) As `ControlRev`
   From 
 (Select  3 as Revenue, 4 as TemplateID) As `TestCase` 
@@ -7181,6 +7184,7 @@ call procedure2();
 ControlRev
 NULL
 drop procedure procedure2;
+drop table t1;
 #
 # MDEV-7846:Server crashes in Item_subselect::fix
 #_fields or fails with Thread stack overrun
@@ -7486,6 +7490,45 @@ ERROR HY000: Illegal parameter data types row and boolean for operation '='
 SELECT ROW(1,2) = (1 = ANY (SELECT 1 UNION SELECT 2));
 ERROR HY000: Illegal parameter data types row and boolean for operation '='
 #
+# MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed
+# in Item_type_holder::val_decimal on SELECT
+#
+CREATE TABLE t1(a INT UNIQUE);
+INSERT INTO t1(a) VALUES (1);
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT 1, 1);
+a
+1
+SELECT a FROM t1 WHERE (SELECT a, a UNION SELECT 1, a FROM t1) IN (SELECT a, a);
+a
+1
+UPDATE t1 SET a = 0
+WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT +1 / +1, a FROM t1 WHERE a > -0+1) IN (SELECT a, a);
+SELECT a FROM t1 WHERE (SELECT a, a WHERE a < 0 INTERSECT
+SELECT + 1 / + 1, a FROM t1
+WHERE a > -0 + 1) IN (SELECT a, a);
+a
+CREATE TABLE x (x INT);
+INSERT INTO x (x) VALUES (1);
+UPDATE x SET x = 1 WHERE x = 1;
+INSERT INTO x (x) VALUES (1), (1);
+WITH RECURSIVE x (x) AS (
+SELECT 1 INTERSECT
+SELECT -(SELECT 1.000000 AS x
+UNION
+SELECT 1.000000 ORDER BY NOT x < 'x',
+-(SELECT 1 + x/1.000000 IN (1, 1) FROM x
+WHERE x ORDER BY 1 - x) DESC LIMIT 1 OFFSET 1
+) + 1 FROM x
+)
+SELECT DISTINCT x, 1, NULL, 1.000000
+FROM x
+WHERE (SELECT (SELECT x WHERE x IN (SELECT x FROM x))) >
+(SELECT (SELECT x ORDER BY x = x OR (x = 1 AND x = 1) DESC))
+ORDER BY x ASC, x DESC, x;
+ERROR HY000: Restrictions imposed on recursive definitions are violated for table 'x'
+DROP TABLE t1, x;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/subselect_nulls_innodb.result b/mysql-test/main/subselect_nulls_innodb.result
new file mode 100644
index 00000000..2cab4176
--- /dev/null
+++ b/mysql-test/main/subselect_nulls_innodb.result
@@ -0,0 +1,27 @@
+#
+# MDEV-32090 Index does not handle null-safe equals operator correctly in join
+#
+CREATE TEMPORARY TABLE t1 (
+`id` int(10) unsigned NOT NULL,
+`number` int(10) unsigned DEFAULT 0,
+`name` varchar(47) DEFAULT NULL,
+`street` mediumint(8) unsigned DEFAULT NULL,
+PRIMARY KEY (`id`),
+KEY `streetNumber` (`street`,`number`,`name`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+INSERT INTO t1 (id, number, name, street) VALUES (100733476, 14, NULL, 1115569);
+SELECT
+b1.id
+FROM
+t1 b1
+INNER JOIN t1 b2 ON (
+b1.street = b2.street
+AND b1.number <=> b2.number
+AND b1.name <=> b2.name
+);
+id
+100733476
+DROP TABLE t1;
+#
+# End of 10.11 tests
+#
diff --git a/mysql-test/main/subselect_nulls_innodb.test b/mysql-test/main/subselect_nulls_innodb.test
new file mode 100644
index 00000000..79d572a2
--- /dev/null
+++ b/mysql-test/main/subselect_nulls_innodb.test
@@ -0,0 +1,32 @@
+--source include/have_innodb.inc
+
+--echo #
+--echo # MDEV-32090 Index does not handle null-safe equals operator correctly in join
+--echo #
+
+CREATE TEMPORARY TABLE t1 (
+  `id` int(10) unsigned NOT NULL,
+  `number` int(10) unsigned DEFAULT 0,
+  `name` varchar(47) DEFAULT NULL,
+  `street` mediumint(8) unsigned DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  KEY `streetNumber` (`street`,`number`,`name`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_unicode_ci;
+
+INSERT INTO t1 (id, number, name, street) VALUES (100733476, 14, NULL, 1115569);
+
+SELECT
+    b1.id
+FROM
+    t1 b1
+    INNER JOIN t1 b2 ON (
+        b1.street = b2.street
+        AND b1.number <=> b2.number
+        AND b1.name <=> b2.name
+    );
+
+DROP TABLE t1;
+
+--echo #
+--echo # End of 10.11 tests
+--echo #
diff --git a/mysql-test/main/temp_table.result b/mysql-test/main/temp_table.result
index 7f005bde..23052e03 100644
--- a/mysql-test/main/temp_table.result
+++ b/mysql-test/main/temp_table.result
@@ -600,6 +600,22 @@ DROP TEMPORARY TABLE t1;
 #
 # End of 10.2 tests
 #
+#
+# MDEV-31523: Using two temporary tables in OPTIMIZE TABLE lead to crash
+#
+CREATE TEMPORARY TABLE t1 (c INT) ENGINE=MyISAM;
+CREATE TEMPORARY TABLE t2 (c INT) ENGINE=MyISAM;
+optimize TABLE t1,t2;
+Table	Op	Msg_type	Msg_text
+test.t1	optimize	status	Table is already up to date
+test.t2	optimize	status	Table is already up to date
+SHOW TABLES;
+Tables_in_test
+# in 11.2 and above here should be listed above used temporary tables
+DROP TEMPORARY TABLE t1, t2;
+#
+# End of 10.4 tests
+#
 create function f1() returns int
 begin
 drop temporary table t1, t2;
diff --git a/mysql-test/main/temp_table.test b/mysql-test/main/temp_table.test
index 6ed5dbd8..11a66743 100644
--- a/mysql-test/main/temp_table.test
+++ b/mysql-test/main/temp_table.test
@@ -657,6 +657,22 @@ DROP TEMPORARY TABLE t1;
 --echo # End of 10.2 tests
 --echo #
 
+--echo #
+--echo # MDEV-31523: Using two temporary tables in OPTIMIZE TABLE lead to crash
+--echo #
+
+CREATE TEMPORARY TABLE t1 (c INT) ENGINE=MyISAM;
+CREATE TEMPORARY TABLE t2 (c INT) ENGINE=MyISAM;
+optimize TABLE t1,t2;
+SHOW TABLES;
+--echo # in 11.2 and above here should be listed above used temporary tables
+
+DROP TEMPORARY TABLE t1, t2;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
+
 #
 # DROP TEMPORARY TABLE fails in the middle
 #
diff --git a/mysql-test/main/type_float.result b/mysql-test/main/type_float.result
index 68f74f09..2df714af 100644
--- a/mysql-test/main/type_float.result
+++ b/mysql-test/main/type_float.result
@@ -1173,6 +1173,43 @@ d	50
 fdbl	123.456.789,12345678000000000000000000000000000000
 fdec	123.456.789,12345678900000000000000000000000000000
 #
+# MDEV-32645 CAST(AS UNSIGNED) fails with --view-protocol
+#
+SELECT
+CAST(-1e0 AS UNSIGNED),
+CAST(--2e0 AS UNSIGNED),
+CAST(---3e0 AS UNSIGNED),
+CAST(----4e0 AS UNSIGNED);
+CAST(-1e0 AS UNSIGNED)	CAST(--2e0 AS UNSIGNED)	CAST(---3e0 AS UNSIGNED)	CAST(----4e0 AS UNSIGNED)
+0	2	0	4
+Warnings:
+Note	1916	Got overflow when converting '-1' to UNSIGNED BIGINT. Value truncated
+Note	1916	Got overflow when converting '-3' to UNSIGNED BIGINT. Value truncated
+EXPLAIN EXTENDED SELECT
+CAST(-1e0 AS UNSIGNED),
+CAST(--2e0 AS UNSIGNED),
+CAST(---3e0 AS UNSIGNED),
+CAST(----4e0 AS UNSIGNED);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Warnings:
+Note	1003	select cast(-1e0 as unsigned) AS `CAST(-1e0 AS UNSIGNED)`,cast(2e0 as unsigned) AS `CAST(--2e0 AS UNSIGNED)`,cast(-3e0 as unsigned) AS `CAST(---3e0 AS UNSIGNED)`,cast(4e0 as unsigned) AS `CAST(----4e0 AS UNSIGNED)`
+CREATE VIEW v1 AS SELECT
+CAST(-1e0 AS UNSIGNED),
+CAST(--2e0 AS UNSIGNED),
+CAST(---3e0 AS UNSIGNED),
+CAST(----4e0 AS UNSIGNED);
+SHOW CREATE VIEW v1;
+View	Create View	character_set_client	collation_connection
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select cast(-1e0 as unsigned) AS `CAST(-1e0 AS UNSIGNED)`,cast(2e0 as unsigned) AS `CAST(--2e0 AS UNSIGNED)`,cast(-3e0 as unsigned) AS `CAST(---3e0 AS UNSIGNED)`,cast(4e0 as unsigned) AS `CAST(----4e0 AS UNSIGNED)`	latin1	latin1_swedish_ci
+SELECT * FROM v1;
+CAST(-1e0 AS UNSIGNED)	CAST(--2e0 AS UNSIGNED)	CAST(---3e0 AS UNSIGNED)	CAST(----4e0 AS UNSIGNED)
+0	2	0	4
+Warnings:
+Note	1916	Got overflow when converting '-1' to UNSIGNED BIGINT. Value truncated
+Note	1916	Got overflow when converting '-3' to UNSIGNED BIGINT. Value truncated
+DROP VIEW v1;
+#
 # End of 10.4 tests
 #
 #
diff --git a/mysql-test/main/type_float.test b/mysql-test/main/type_float.test
index 12e3f070..c90d8b8a 100644
--- a/mysql-test/main/type_float.test
+++ b/mysql-test/main/type_float.test
@@ -717,6 +717,32 @@ DELIMITER ;$$
 --horizontal_results
 
 --echo #
+--echo # MDEV-32645 CAST(AS UNSIGNED) fails with --view-protocol
+--echo #
+
+SELECT
+  CAST(-1e0 AS UNSIGNED),
+  CAST(--2e0 AS UNSIGNED),
+  CAST(---3e0 AS UNSIGNED),
+  CAST(----4e0 AS UNSIGNED);
+
+EXPLAIN EXTENDED SELECT
+  CAST(-1e0 AS UNSIGNED),
+  CAST(--2e0 AS UNSIGNED),
+  CAST(---3e0 AS UNSIGNED),
+  CAST(----4e0 AS UNSIGNED);
+
+CREATE VIEW v1 AS SELECT
+  CAST(-1e0 AS UNSIGNED),
+  CAST(--2e0 AS UNSIGNED),
+  CAST(---3e0 AS UNSIGNED),
+  CAST(----4e0 AS UNSIGNED);
+
+SHOW CREATE VIEW v1;
+SELECT * FROM v1;
+DROP VIEW v1;
+
+--echo #
 --echo # End of 10.4 tests
 --echo #
 
diff --git a/mysql-test/main/type_ranges.result b/mysql-test/main/type_ranges.result
index 02b6c79b..efd83423 100644
--- a/mysql-test/main/type_ranges.result
+++ b/mysql-test/main/type_ranges.result
@@ -144,8 +144,10 @@ alter short drop default,
 DROP INDEX utiny,
 DROP INDEX ushort,
 DROP PRIMARY KEY,
-DROP FOREIGN KEY any_name,
+DROP FOREIGN KEY IF EXISTS any_name,
 ADD INDEX (auto);
+Warnings:
+Note	1091	Can't DROP FOREIGN KEY `any_name`; check that it exists
 LOCK TABLES t1 WRITE;
 ALTER TABLE t1 
 RENAME as t2,
diff --git a/mysql-test/main/type_ranges.test b/mysql-test/main/type_ranges.test
index 7bf29321..a69e3ac5 100644
--- a/mysql-test/main/type_ranges.test
+++ b/mysql-test/main/type_ranges.test
@@ -76,7 +76,7 @@ alter short drop default,
 DROP INDEX utiny,
 DROP INDEX ushort,
 DROP PRIMARY KEY,
-DROP FOREIGN KEY any_name,
+DROP FOREIGN KEY IF EXISTS any_name,
 ADD INDEX (auto);
 
 LOCK TABLES t1 WRITE;
diff --git a/mysql-test/main/type_timestamp.result b/mysql-test/main/type_timestamp.result
index 1c0fd23a..243d223c 100644
--- a/mysql-test/main/type_timestamp.result
+++ b/mysql-test/main/type_timestamp.result
@@ -1368,7 +1368,7 @@ t1	CREATE TABLE `t1` (
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 drop table t1;
 #
-# End of 10.10 tests
+# End of 10.5 tests
 #
 #
 # MDEV-32203 Raise notes when an index cannot be used on data type mismatch
@@ -1489,3 +1489,4 @@ indexed_col	not_indexed_col
 DROP TABLE t2;
 DROP TABLE t1;
 SET note_verbosity=DEFAULT;
+# End of 10.6 tests
diff --git a/mysql-test/main/type_timestamp.test b/mysql-test/main/type_timestamp.test
index 76589f1f..b3dfa192 100644
--- a/mysql-test/main/type_timestamp.test
+++ b/mysql-test/main/type_timestamp.test
@@ -921,7 +921,7 @@ show create table t1;
 drop table t1;
 
 --echo #
---echo # End of 10.10 tests
+--echo # End of 10.5 tests
 --echo #
 
 --echo #
@@ -941,3 +941,5 @@ DELIMITER ;$$
 --source unusable_keys_joins.inc
 DROP TABLE t1;
 SET note_verbosity=DEFAULT;
+
+--echo # End of 10.6 tests
diff --git a/mysql-test/main/type_varchar.result b/mysql-test/main/type_varchar.result
index 39225c4c..c7bf59ba 100644
--- a/mysql-test/main/type_varchar.result
+++ b/mysql-test/main/type_varchar.result
@@ -952,3 +952,232 @@ Note	1105	Cannot use key parts with `test`.`t1`.`indexed_col` in the rewritten c
 DROP TABLE t2;
 DROP TABLE t1;
 SET note_verbosity=DEFAULT;
+#
+# MDEV-32957 Unusable key notes report wrong predicates for > and >=
+#
+SET note_verbosity=unusable_keys;
+CREATE TABLE t1 (a INT, i CHAR(32), KEY(i));
+FOR i IN 1..31
+DO
+INSERT INTO t1 VALUES (i, 10+i);
+END FOR;
+$$
+EXPLAIN SELECT * FROM t1 WHERE i>30 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	i	NULL	NULL	NULL	31	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "30" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` > "30" of type `int`
+EXPLAIN SELECT * FROM t1 WHERE i>=30 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	i	NULL	NULL	NULL	31	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "30" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "30" of type `int`
+DROP TABLE t1;
+SET note_verbosity=DEFAULT;
+#
+# MDEV-32958 Unusable key notes do not get reported for some operations
+#
+SET note_verbosity=unusable_keys;
+CREATE TABLE t1 (c1 varchar(10), KEY(c1)) CHARACTER SET latin1;
+INSERT INTO t1 VALUES ('a');
+INSERT INTO t1 VALUES ('b');
+INSERT INTO t1 VALUES ('c');
+INSERT INTO t1 VALUES ('d');
+INSERT INTO t1 VALUES ('e');
+INSERT INTO t1 VALUES ('f');
+INSERT INTO t1 VALUES ('g');
+INSERT INTO t1 VALUES ('h');
+INSERT INTO t1 VALUES ('i');
+INSERT INTO t1 VALUES ('j');
+EXPLAIN SELECT * FROM t1 WHERE c1=10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` = "10" of type `int`
+SELECT * FROM t1 WHERE c1=10;
+c1
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` = "10" of type `int`
+Warning	1292	Truncated incorrect DECIMAL value: 'a'
+Warning	1292	Truncated incorrect DECIMAL value: 'b'
+Warning	1292	Truncated incorrect DECIMAL value: 'c'
+Warning	1292	Truncated incorrect DECIMAL value: 'd'
+Warning	1292	Truncated incorrect DECIMAL value: 'e'
+Warning	1292	Truncated incorrect DECIMAL value: 'f'
+Warning	1292	Truncated incorrect DECIMAL value: 'g'
+Warning	1292	Truncated incorrect DECIMAL value: 'h'
+Warning	1292	Truncated incorrect DECIMAL value: 'i'
+Warning	1292	Truncated incorrect DECIMAL value: 'j'
+EXPLAIN SELECT * FROM t1 WHERE c1<10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` < "10" of type `int`
+SELECT * FROM t1 WHERE c1<10;
+c1
+a
+b
+c
+d
+e
+f
+g
+h
+i
+j
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` < "10" of type `int`
+Warning	1292	Truncated incorrect DECIMAL value: 'a'
+Warning	1292	Truncated incorrect DECIMAL value: 'b'
+Warning	1292	Truncated incorrect DECIMAL value: 'c'
+Warning	1292	Truncated incorrect DECIMAL value: 'd'
+Warning	1292	Truncated incorrect DECIMAL value: 'e'
+Warning	1292	Truncated incorrect DECIMAL value: 'f'
+Warning	1292	Truncated incorrect DECIMAL value: 'g'
+Warning	1292	Truncated incorrect DECIMAL value: 'h'
+Warning	1292	Truncated incorrect DECIMAL value: 'i'
+Warning	1292	Truncated incorrect DECIMAL value: 'j'
+EXPLAIN SELECT * FROM t1 WHERE c1 BETWEEN 10 AND 11;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` >= "10" of type `int`
+SELECT * FROM t1 WHERE c1 BETWEEN 10 AND 11;
+c1
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` >= "10" of type `int`
+Warning	1292	Truncated incorrect DECIMAL value: 'a'
+Warning	1292	Truncated incorrect DECIMAL value: 'b'
+Warning	1292	Truncated incorrect DECIMAL value: 'c'
+Warning	1292	Truncated incorrect DECIMAL value: 'd'
+Warning	1292	Truncated incorrect DECIMAL value: 'e'
+Warning	1292	Truncated incorrect DECIMAL value: 'f'
+Warning	1292	Truncated incorrect DECIMAL value: 'g'
+Warning	1292	Truncated incorrect DECIMAL value: 'h'
+Warning	1292	Truncated incorrect DECIMAL value: 'i'
+Warning	1292	Truncated incorrect DECIMAL value: 'j'
+EXPLAIN SELECT * FROM t1 WHERE c1 BETWEEN 10 AND '11';
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` >= "10" of type `int`
+SELECT * FROM t1 WHERE c1 BETWEEN 10 AND '11';
+c1
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` >= "10" of type `int`
+Warning	1292	Truncated incorrect DOUBLE value: 'a'
+Warning	1292	Truncated incorrect DOUBLE value: 'b'
+Warning	1292	Truncated incorrect DOUBLE value: 'c'
+Warning	1292	Truncated incorrect DOUBLE value: 'd'
+Warning	1292	Truncated incorrect DOUBLE value: 'e'
+Warning	1292	Truncated incorrect DOUBLE value: 'f'
+Warning	1292	Truncated incorrect DOUBLE value: 'g'
+Warning	1292	Truncated incorrect DOUBLE value: 'h'
+Warning	1292	Truncated incorrect DOUBLE value: 'i'
+Warning	1292	Truncated incorrect DOUBLE value: 'j'
+EXPLAIN SELECT * FROM t1 WHERE c1 IN (10,20);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` = "10" of type `int`
+SELECT * FROM t1 WHERE c1 IN (10,20);
+c1
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of type `varchar` = "10" of type `int`
+Warning	1292	Truncated incorrect DECIMAL value: 'a'
+Warning	1292	Truncated incorrect DECIMAL value: 'b'
+Warning	1292	Truncated incorrect DECIMAL value: 'c'
+Warning	1292	Truncated incorrect DECIMAL value: 'd'
+Warning	1292	Truncated incorrect DECIMAL value: 'e'
+Warning	1292	Truncated incorrect DECIMAL value: 'f'
+Warning	1292	Truncated incorrect DECIMAL value: 'g'
+Warning	1292	Truncated incorrect DECIMAL value: 'h'
+Warning	1292	Truncated incorrect DECIMAL value: 'i'
+Warning	1292	Truncated incorrect DECIMAL value: 'j'
+EXPLAIN SELECT * FROM t1 WHERE c1 IN (_latin1'a' COLLATE latin1_german2_ci,'b');
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of collation `latin1_swedish_ci` = "_latin1'a' collate latin1_german2_ci" of collation `latin1_german2_ci`
+SELECT * FROM t1 WHERE c1 IN (_latin1'a' COLLATE latin1_german2_ci,'b');
+c1
+a
+b
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of collation `latin1_swedish_ci` = "_latin1'a' collate latin1_german2_ci" of collation `latin1_german2_ci`
+EXPLAIN SELECT * FROM t1 WHERE c1 IN ('a',_latin1'b' COLLATE latin1_german2_ci);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	index	c1	c1	13	NULL	10	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of collation `latin1_swedish_ci` = "'a'" of collation `latin1_german2_ci`
+SELECT * FROM t1 WHERE c1 IN ('a',_latin1'b' COLLATE latin1_german2_ci);
+c1
+a
+b
+Warnings:
+Note	1105	Cannot use key `c1` part[0] for lookup: `test`.`t1`.`c1` of collation `latin1_swedish_ci` = "'a'" of collation `latin1_german2_ci`
+DROP TABLE t1;
+CREATE TABLE t1(a INT, i CHAR(2), INDEX(i(1)));
+INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
+(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),
+(30),(31),(32),(33),(34),(35);
+EXPLAIN SELECT * FROM t1 WHERE i >= 10 ORDER BY i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	i	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+SELECT * FROM t1 WHERE i >= 10 ORDER BY i LIMIT 5;
+a	i
+NULL	10
+NULL	11
+NULL	12
+NULL	13
+NULL	14
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` >= "10" of type `int`
+EXPLAIN UPDATE t1 SET a = 1 WHERE i = 10 ORDER BY a, i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` = "10" of type `int`
+EXPLAIN UPDATE t1 SET a = 1 WHERE i < 10 ORDER BY a, i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "10" of type `int`
+EXPLAIN DELETE FROM t1 WHERE i = 10 ORDER BY a, i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` = "10" of type `int`
+EXPLAIN DELETE FROM t1 WHERE i < 10 ORDER BY a, i LIMIT 5;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where; Using filesort
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "10" of type `int`
+EXPLAIN UPDATE t1 SET a = 1 WHERE i = 10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` = "10" of type `int`
+EXPLAIN UPDATE t1 SET a = 1 WHERE i < 10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "10" of type `int`
+EXPLAIN DELETE FROM t1 WHERE i = 10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` = "10" of type `int`
+EXPLAIN DELETE FROM t1 WHERE i < 10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	26	Using where
+Warnings:
+Note	1105	Cannot use key `i` part[0] for lookup: `test`.`t1`.`i` of type `char` < "10" of type `int`
+DROP TABLE t1;
+SET note_verbosity=DEFAULT;
diff --git a/mysql-test/main/type_varchar.test b/mysql-test/main/type_varchar.test
index 46b37554..feb27027 100644
--- a/mysql-test/main/type_varchar.test
+++ b/mysql-test/main/type_varchar.test
@@ -415,3 +415,86 @@ DELIMITER ;$$
 --source unusable_keys_joins.inc
 DROP TABLE t1;
 SET note_verbosity=DEFAULT;
+
+
+--echo #
+--echo # MDEV-32957 Unusable key notes report wrong predicates for > and >=
+--echo #
+
+SET note_verbosity=unusable_keys;
+CREATE TABLE t1 (a INT, i CHAR(32), KEY(i));
+DELIMITER $$;
+FOR i IN 1..31
+DO
+  INSERT INTO t1 VALUES (i, 10+i);
+END FOR;
+$$
+DELIMITER ;$$
+EXPLAIN SELECT * FROM t1 WHERE i>30 ORDER BY i LIMIT 5;
+EXPLAIN SELECT * FROM t1 WHERE i>=30 ORDER BY i LIMIT 5;
+DROP TABLE t1;
+SET note_verbosity=DEFAULT;
+
+
+--echo #
+--echo # MDEV-32958 Unusable key notes do not get reported for some operations
+--echo #
+
+SET note_verbosity=unusable_keys;
+CREATE TABLE t1 (c1 varchar(10), KEY(c1)) CHARACTER SET latin1;
+INSERT INTO t1 VALUES ('a');
+INSERT INTO t1 VALUES ('b');
+INSERT INTO t1 VALUES ('c');
+INSERT INTO t1 VALUES ('d');
+INSERT INTO t1 VALUES ('e');
+INSERT INTO t1 VALUES ('f');
+INSERT INTO t1 VALUES ('g');
+INSERT INTO t1 VALUES ('h');
+INSERT INTO t1 VALUES ('i');
+INSERT INTO t1 VALUES ('j');
+
+EXPLAIN SELECT * FROM t1 WHERE c1=10;
+SELECT * FROM t1 WHERE c1=10;
+
+EXPLAIN SELECT * FROM t1 WHERE c1<10;
+SELECT * FROM t1 WHERE c1<10;
+
+EXPLAIN SELECT * FROM t1 WHERE c1 BETWEEN 10 AND 11;
+SELECT * FROM t1 WHERE c1 BETWEEN 10 AND 11;
+
+EXPLAIN SELECT * FROM t1 WHERE c1 BETWEEN 10 AND '11';
+SELECT * FROM t1 WHERE c1 BETWEEN 10 AND '11';
+
+EXPLAIN SELECT * FROM t1 WHERE c1 IN (10,20);
+SELECT * FROM t1 WHERE c1 IN (10,20);
+
+EXPLAIN SELECT * FROM t1 WHERE c1 IN (_latin1'a' COLLATE latin1_german2_ci,'b');
+SELECT * FROM t1 WHERE c1 IN (_latin1'a' COLLATE latin1_german2_ci,'b');
+
+EXPLAIN SELECT * FROM t1 WHERE c1 IN ('a',_latin1'b' COLLATE latin1_german2_ci);
+SELECT * FROM t1 WHERE c1 IN ('a',_latin1'b' COLLATE latin1_german2_ci);
+
+DROP TABLE t1;
+
+
+CREATE TABLE t1(a INT, i CHAR(2), INDEX(i(1)));
+INSERT INTO t1 (i) VALUES (10),(11),(12),(13),(14),(15),(16),(17),(18),(19),
+                          (20),(21),(22),(23),(24),(25),(26),(27),(28),(29),
+                          (30),(31),(32),(33),(34),(35);
+
+EXPLAIN SELECT * FROM t1 WHERE i >= 10 ORDER BY i LIMIT 5;
+SELECT * FROM t1 WHERE i >= 10 ORDER BY i LIMIT 5;
+
+EXPLAIN UPDATE t1 SET a = 1 WHERE i = 10 ORDER BY a, i LIMIT 5;
+EXPLAIN UPDATE t1 SET a = 1 WHERE i < 10 ORDER BY a, i LIMIT 5;
+EXPLAIN DELETE FROM t1 WHERE i = 10 ORDER BY a, i LIMIT 5;
+EXPLAIN DELETE FROM t1 WHERE i < 10 ORDER BY a, i LIMIT 5;
+
+EXPLAIN UPDATE t1 SET a = 1 WHERE i = 10;
+EXPLAIN UPDATE t1 SET a = 1 WHERE i < 10;
+EXPLAIN DELETE FROM t1 WHERE i = 10;
+EXPLAIN DELETE FROM t1 WHERE i < 10;
+
+DROP TABLE t1;
+
+SET note_verbosity=DEFAULT;
diff --git a/mysql-test/main/view.result b/mysql-test/main/view.result
index 0f47c47b..9cab1b5f 100644
--- a/mysql-test/main/view.result
+++ b/mysql-test/main/view.result
@@ -4422,12 +4422,14 @@ SELECT * FROM v1 WHERE a > 'JJ' OR a <> 0 AND a = 'VV';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	range	a	a	13	NULL	4	100.00	Using where; Using index
 Warnings:
+Note	1105	Cannot use key `a` part[0] for lookup: `test`.`t1`.`a` of type `varchar` < "0" of type `int`
 Note	1003	select `test`.`t1`.`a` AS `a` from `test`.`t1` where `test`.`t1`.`a` > 'JJ' or `test`.`t1`.`a` = 'VV' and `test`.`t1`.`a` <> 0
 EXPLAIN EXTENDED
 SELECT * FROM t1 WHERE a > 'JJ' OR a <> 0 AND a = 'VV';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	range	a	a	13	NULL	4	100.00	Using where; Using index
 Warnings:
+Note	1105	Cannot use key `a` part[0] for lookup: `test`.`t1`.`a` of type `varchar` < "0" of type `int`
 Note	1003	select `test`.`t1`.`a` AS `a` from `test`.`t1` where `test`.`t1`.`a` > 'JJ' or `test`.`t1`.`a` = 'VV' and `test`.`t1`.`a` <> 0
 # t1 and v1 should return the same result set
 SELECT * FROM v1 WHERE a > 'JJ' OR a AND a = 'VV';
@@ -4448,12 +4450,14 @@ SELECT * FROM v1 WHERE a > 'JJ' OR a AND a = 'VV';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	range	a	a	13	NULL	4	100.00	Using where; Using index
 Warnings:
+Note	1105	Cannot use key `a` part[0] for lookup: `test`.`t1`.`a` of type `varchar` < "0" of type `int`
 Note	1003	select `test`.`t1`.`a` AS `a` from `test`.`t1` where `test`.`t1`.`a` > 'JJ' or `test`.`t1`.`a` = 'VV' and `test`.`t1`.`a` <> 0
 EXPLAIN EXTENDED
 SELECT * FROM t1 WHERE a > 'JJ' OR a AND a = 'VV';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	range	a	a	13	NULL	4	100.00	Using where; Using index
 Warnings:
+Note	1105	Cannot use key `a` part[0] for lookup: `test`.`t1`.`a` of type `varchar` < "0" of type `int`
 Note	1003	select `test`.`t1`.`a` AS `a` from `test`.`t1` where `test`.`t1`.`a` > 'JJ' or `test`.`t1`.`a` = 'VV' and `test`.`t1`.`a` <> 0
 DROP VIEW v1;
 DROP TABLE t1;
@@ -7025,3 +7029,49 @@ DROP TABLE t1, t2;
 #
 # End of 10.6 tests
 #
+#
+# MDEV-29587: Allowing insert into a view with columns that
+# are not part the table
+#
+# view with 2 the same fields
+CREATE TABLE table1 (x INT);
+CREATE VIEW view1 AS SELECT x, x as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+INSERT INTO view1(x1) VALUES (1);
+INSERT INTO view1(x1,x) VALUES (1,1);
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+DROP VIEW view1;
+DROP TABLE table1;
+# view with a field and expression over the field
+CREATE TABLE table1 (x INT);
+CREATE VIEW view1 AS SELECT x, x + 1 as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+INSERT INTO view1(x1) VALUES (1);
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+INSERT INTO view1(x1,x) VALUES (1,1);
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+DROP VIEW view1;
+DROP TABLE table1;
+# view with a field and collation expression over the field
+CREATE TABLE table1 (x char(20));
+CREATE VIEW view1 AS SELECT x, x collate latin1_german1_ci as x1 FROM table1;
+INSERT INTO view1(x) VALUES ("ua");
+# we can insert in the field with collation
+INSERT INTO view1(x1) VALUES ("ua");
+INSERT INTO view1(x1,x) VALUES ("ua","ua");
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+DROP VIEW view1;
+DROP TABLE table1;
+# view with a field and expression over other field
+CREATE TABLE table1 (x INT, y INT);
+CREATE VIEW view1 AS SELECT x, y + 1 as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+INSERT INTO view1(x1) VALUES (1);
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+INSERT INTO view1(x1,x) VALUES (1,1);
+ERROR HY000: The target table view1 of the INSERT is not insertable-into
+DROP VIEW view1;
+DROP TABLE table1;
+#
+# End of 10.11 test
+#
diff --git a/mysql-test/main/view.test b/mysql-test/main/view.test
index a4fe17a8..4c2d71d4 100644
--- a/mysql-test/main/view.test
+++ b/mysql-test/main/view.test
@@ -6792,3 +6792,56 @@ DROP TABLE t1, t2;
 --echo #
 --echo # End of 10.6 tests
 --echo #
+
+
+--echo #
+--echo # MDEV-29587: Allowing insert into a view with columns that
+--echo # are not part the table
+--echo #
+
+--echo # view with 2 the same fields
+CREATE TABLE table1 (x INT);
+CREATE VIEW view1 AS SELECT x, x as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+INSERT INTO view1(x1) VALUES (1);
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1,x) VALUES (1,1);
+DROP VIEW view1;
+DROP TABLE table1;
+
+--echo # view with a field and expression over the field
+CREATE TABLE table1 (x INT);
+CREATE VIEW view1 AS SELECT x, x + 1 as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1) VALUES (1);
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1,x) VALUES (1,1);
+DROP VIEW view1;
+DROP TABLE table1;
+
+--echo # view with a field and collation expression over the field
+CREATE TABLE table1 (x char(20));
+CREATE VIEW view1 AS SELECT x, x collate latin1_german1_ci as x1 FROM table1;
+INSERT INTO view1(x) VALUES ("ua");
+--echo # we can insert in the field with collation
+INSERT INTO view1(x1) VALUES ("ua");
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1,x) VALUES ("ua","ua");
+DROP VIEW view1;
+DROP TABLE table1;
+
+--echo # view with a field and expression over other field
+CREATE TABLE table1 (x INT, y INT);
+CREATE VIEW view1 AS SELECT x, y + 1 as x1 FROM table1;
+INSERT INTO view1(x) VALUES (1);
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1) VALUES (1);
+--error ER_NON_INSERTABLE_TABLE
+INSERT INTO view1(x1,x) VALUES (1,1);
+DROP VIEW view1;
+DROP TABLE table1;
+
+--echo #
+--echo # End of 10.11 test
+--echo #
diff --git a/mysql-test/main/win.result b/mysql-test/main/win.result
index a1f20a62..1c3be0bd 100644
--- a/mysql-test/main/win.result
+++ b/mysql-test/main/win.result
@@ -4496,5 +4496,18 @@ NULL
 DROP FUNCTION f;
 DROP TABLE t;
 #
+# MDEV-31296: Crash in Item_func::fix_fields when prepared statement
+#             with subqueries and window function is executed with
+#             sql_mode = ONLY_FULL_GROUP_BY
+#
+CREATE TABLE t1 ( a INT, i INT) ;
+CREATE TABLE t2 ( a INT);
+INSERT INTO t2 VALUES (4000);
+SET SESSION sql_mode = "ONLY_FULL_GROUP_BY";
+EXECUTE IMMEDIATE "SELECT SUM(i) OVER (ORDER BY i) FROM t1 NATURAL JOIN t2";
+SUM(i) OVER (ORDER BY i)
+# Clean up
+DROP TABLE t1, t2;
+#
 # End of 10.6 tests
 #
diff --git a/mysql-test/main/win.test b/mysql-test/main/win.test
index 0c610f35..2eed8783 100644
--- a/mysql-test/main/win.test
+++ b/mysql-test/main/win.test
@@ -2899,5 +2899,19 @@ DROP FUNCTION f;
 DROP TABLE t;
 
 --echo #
+--echo # MDEV-31296: Crash in Item_func::fix_fields when prepared statement
+--echo #             with subqueries and window function is executed with
+--echo #             sql_mode = ONLY_FULL_GROUP_BY
+--echo #
+CREATE TABLE t1 ( a INT, i INT) ;
+CREATE TABLE t2 ( a INT);
+INSERT INTO t2 VALUES (4000);
+SET SESSION sql_mode = "ONLY_FULL_GROUP_BY";
+EXECUTE IMMEDIATE "SELECT SUM(i) OVER (ORDER BY i) FROM t1 NATURAL JOIN t2";
+
+--echo # Clean up
+DROP TABLE t1, t2;
+
+--echo #
 --echo # End of 10.6 tests
 --echo #
diff --git a/mysql-test/mariadb-test-run.pl b/mysql-test/mariadb-test-run.pl
index 1e868efa..8effcfeb 100755
--- a/mysql-test/mariadb-test-run.pl
+++ b/mysql-test/mariadb-test-run.pl
@@ -3101,6 +3101,7 @@ sub mysql_install_db {
   mtr_add_arg($args, "--core-file");
   mtr_add_arg($args, "--console");
   mtr_add_arg($args, "--character-set-server=latin1");
+  mtr_add_arg($args, "--disable-performance-schema");
 
   if ( $opt_debug )
   {
@@ -4454,6 +4455,7 @@ sub extract_warning_lines ($$) {
      qr/InnoDB: Warning: a long semaphore wait:/,
      qr/InnoDB: Dumping buffer pool.*/,
      qr/InnoDB: Buffer pool.*/,
+     qr/InnoDB: Could not free any blocks in the buffer pool!/,
      qr/InnoDB: Warning: Writer thread is waiting this semaphore:/,
      qr/InnoDB: innodb_open_files .* should not be greater than/,
      qr/Slave: Unknown table 't1' .* 1051/,
@@ -4506,7 +4508,7 @@ sub extract_warning_lines ($$) {
      qr|InnoDB: io_setup\(\) failed with EAGAIN|,
      qr|io_uring_queue_init\(\) failed with|,
      qr|InnoDB: liburing disabled|,
-     qr/InnoDB: Failed to set (O_DIRECT|DIRECTIO_ON) on file/,
+     qr/InnoDB: Failed to set O_DIRECT on file/,
      qr|setrlimit could not change the size of core files to 'infinity';|,
      qr|feedback plugin: failed to retrieve the MAC address|,
      qr|Plugin 'FEEDBACK' init function returned error|,
diff --git a/mysql-test/std_data/mysql80/t2.cfg b/mysql-test/std_data/mysql80/t2.cfg
new file mode 100644
index 00000000..81f92978
--- /dev/null
+++ b/mysql-test/std_data/mysql80/t2.cfg
diff --git a/mysql-test/std_data/mysql80/t2.ibd b/mysql-test/std_data/mysql80/t2.ibd
new file mode 100644
index 00000000..be2b46a7
--- /dev/null
+++ b/mysql-test/std_data/mysql80/t2.ibd
diff --git a/mysql-test/suite/binlog/r/binlog_gis_user_var_stm.result b/mysql-test/suite/binlog/r/binlog_gis_user_var_stm.result
new file mode 100644
index 00000000..e467c9c8
--- /dev/null
+++ b/mysql-test/suite/binlog/r/binlog_gis_user_var_stm.result
@@ -0,0 +1,12 @@
+SET @g0= POINT(1,1);
+SET @g1= Polygon(LineString(Point(0, 0), Point(30, 0), Point(30, 30), Point(0, 0)));
+CREATE TABLE t1 AS SELECT @g0 AS g0, @g1 AS g1;
+DROP TABLE t1;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+master-bin.000001	#	Gtid	#	#	GTID #-#-#
+master-bin.000001	#	User var	#	#	@`g0`=/*point*/_binary X'000000000101000000000000000000F03F000000000000F03F' COLLATE binary
+master-bin.000001	#	User var	#	#	@`g1`=/*polygon*/_binary X'0000000001030000000100000004000000000000000000000000000000000000000000000000003E4000000000000000000000000000003E400000000000003E4000000000000000000000000000000000' COLLATE binary
+master-bin.000001	#	Query	#	#	use `test`; CREATE TABLE t1 AS SELECT @g0 AS g0, @g1 AS g1
+master-bin.000001	#	Gtid	#	#	GTID #-#-#
+master-bin.000001	#	Query	#	#	use `test`; DROP TABLE `t1` /* generated by server */
diff --git a/mysql-test/suite/binlog/r/binlog_mysqlbinlog_raw_flush.result b/mysql-test/suite/binlog/r/binlog_mysqlbinlog_raw_flush.result
index 294e96e5..d6977880 100644
--- a/mysql-test/suite/binlog/r/binlog_mysqlbinlog_raw_flush.result
+++ b/mysql-test/suite/binlog/r/binlog_mysqlbinlog_raw_flush.result
@@ -1,3 +1,4 @@
+RESET MASTER;
 #
 # MDEV-30698 Cover missing test cases for mariadb-binlog options
 #            --raw [and] --flashback
diff --git a/mysql-test/suite/binlog/r/binlog_show_binlog_events_invalid_offset_silent.result b/mysql-test/suite/binlog/r/binlog_show_binlog_events_invalid_offset_silent.result
new file mode 100644
index 00000000..ec86cc8e
--- /dev/null
+++ b/mysql-test/suite/binlog/r/binlog_show_binlog_events_invalid_offset_silent.result
@@ -0,0 +1,21 @@
+#
+# Initialize test data
+set @save_master_verify_checksum = @@global.master_verify_checksum;
+set @@global.master_verify_checksum = 1;
+create table t1 (a int);
+insert into t1 values (1);
+insert into t1 values (2);
+SHOW BINLOG EVENTS FROM invalid_pos;
+ERROR HY000: Error when executing command SHOW BINLOG EVENTS: Wrong offset or I/O error
+include/assert_grep.inc [Ensure the client error is not in the server log]
+SHOW BINLOG EVENTS FROM 500;
+ERROR HY000: Error when executing command SHOW BINLOG EVENTS: Wrong offset or I/O error
+include/assert_grep.inc [Ensure the client error is not in the server log]
+SHOW BINLOG EVENTS FROM 498;
+ERROR HY000: Error when executing command SHOW BINLOG EVENTS: Wrong offset or I/O error
+include/assert_grep.inc [Ensure the client error is not in the server log]
+include/assert_grep.inc [Ensure there is not a specific checksum failure error]
+#
+# Cleanup
+set @@global.master_verify_checksum = @save_master_verify_checksum;
+drop table t1;
diff --git a/mysql-test/suite/binlog/t/binlog_gis_user_var_stm.test b/mysql-test/suite/binlog/t/binlog_gis_user_var_stm.test
new file mode 100644
index 00000000..7e789cd7
--- /dev/null
+++ b/mysql-test/suite/binlog/t/binlog_gis_user_var_stm.test
@@ -0,0 +1,15 @@
+--source include/not_embedded.inc
+--source include/have_binlog_format_statement.inc
+--source include/have_geometry.inc
+
+--disable_query_log
+reset master; # get rid of previous tests binlog
+--enable_query_log
+
+SET @g0= POINT(1,1);
+SET @g1= Polygon(LineString(Point(0, 0), Point(30, 0), Point(30, 30), Point(0, 0)));
+CREATE TABLE t1 AS SELECT @g0 AS g0, @g1 AS g1;
+DROP TABLE t1;
+
+--let $binlog_file = LAST
+source include/show_binlog_events.inc;
diff --git a/mysql-test/suite/binlog/t/binlog_mysqlbinlog_raw_flush.test b/mysql-test/suite/binlog/t/binlog_mysqlbinlog_raw_flush.test
index 252a8577..539a8fe5 100644
--- a/mysql-test/suite/binlog/t/binlog_mysqlbinlog_raw_flush.test
+++ b/mysql-test/suite/binlog/t/binlog_mysqlbinlog_raw_flush.test
@@ -20,6 +20,8 @@
 
 --source include/linux.inc
 --source include/have_log_bin.inc
+# Test needs to reset the binlog as it is checking specific GTID.
+RESET MASTER;
 
 --echo #
 --echo # MDEV-30698 Cover missing test cases for mariadb-binlog options
@@ -35,7 +37,7 @@ FLUSH LOGS;
 INSERT INTO t1 VALUES (1);
 
 # Read binlog data from master to intermediary result file
---let TIMEOUT=1
+--let TIMEOUT=5
 --echo # timeout TIMEOUT MYSQL_BINLOG --raw --read-from-remote-server --user=root --host=127.0.0.1 --port=MASTER_MYPORT --stop-never --result-file=MYSQLTEST_VARDIR/tmp/ master-bin.000001
 --error 124 # Error 124 means timeout was reached
 --exec timeout $TIMEOUT $MYSQL_BINLOG --raw --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT --stop-never --result-file=$MYSQLTEST_VARDIR/tmp/ master-bin.000001
diff --git a/mysql-test/suite/binlog/t/binlog_show_binlog_events_invalid_offset_silent.test b/mysql-test/suite/binlog/t/binlog_show_binlog_events_invalid_offset_silent.test
new file mode 100644
index 00000000..d3b31596
--- /dev/null
+++ b/mysql-test/suite/binlog/t/binlog_show_binlog_events_invalid_offset_silent.test
@@ -0,0 +1,53 @@
+#
+#   Ensure that calling SHOW BINLOG EVENTS FROM <offset> with an invalid offset
+# will not result in error messages in the server log. That is, this call is a
+# read operation for a user, and if it fails due to invalid usage, that is not
+# a server error, but only one to report to the user.
+#
+# References:
+#   MDEV-32628: Cryptic ERROR message & inconsistent behavior on incorrect
+#               SHOW BINLOG EVENTS FROM ...
+#
+--source include/have_binlog_format_row.inc
+
+--echo #
+--echo # Initialize test data
+set @save_master_verify_checksum = @@global.master_verify_checksum;
+set @@global.master_verify_checksum = 1;
+create table t1 (a int);
+insert into t1 values (1);
+--let $middle_binlog_pos= query_get_value(SHOW BINARY LOGS, File_size, 1)
+insert into t1 values (2);
+
+--let $assert_text= Ensure the client error is not in the server log
+--let $assert_select= Error in Log_event
+--let $assert_file= $MYSQLTEST_VARDIR/log/mysqld.1.err
+--let $assert_count= 0
+--let $assert_only_after = CURRENT_TEST:
+
+
+# Pre MDEV-32628, this would write an event truncated error in the logs
+--let $invalid_pos= `SELECT $middle_binlog_pos - 1`
+--replace_result $invalid_pos invalid_pos
+--error 1220
+--eval SHOW BINLOG EVENTS FROM $invalid_pos
+--source include/assert_grep.inc
+
+# Pre MDEV-32628, this would write an event too big error in the logs
+--error 1220
+SHOW BINLOG EVENTS FROM 500;
+--source include/assert_grep.inc
+
+
+# Pre MDEV-32628, this would write a checksum verification failed error in the logs
+--error 1220
+SHOW BINLOG EVENTS FROM 498;
+--source include/assert_grep.inc
+--let $assert_text= Ensure there is not a specific checksum failure error
+--let $assert_select= Replication event checksum verification failed while reading from a log file
+--source include/assert_grep.inc
+
+--echo #
+--echo # Cleanup
+set @@global.master_verify_checksum = @save_master_verify_checksum;
+drop table t1;
diff --git a/mysql-test/suite/binlog/t/flashback.test b/mysql-test/suite/binlog/t/flashback.test
index 7c58b56c..8daf3f43 100644
--- a/mysql-test/suite/binlog/t/flashback.test
+++ b/mysql-test/suite/binlog/t/flashback.test
@@ -1,4 +1,4 @@
---source include/have_log_bin.inc
+--source include/have_binlog_format_row.inc
 --source include/have_innodb.inc
 
 --echo #
@@ -101,7 +101,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_1.sql
 --exec $MYSQL_BINLOG -B -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_1.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_1.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_1.sql;"
 
 SELECT * FROM t1;
 
@@ -126,7 +126,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_2.sql
 --exec $MYSQL_BINLOG -B -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_2.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_2.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_2.sql;"
 
 SELECT * FROM t1;
 
@@ -160,7 +160,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_3.sql
 --exec $MYSQL_BINLOG -B -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_3.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_3.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_3.sql;"
 
 SELECT * FROM t1;
 
@@ -202,7 +202,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_4.sql
 --exec $MYSQL_BINLOG -B $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_4.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_4.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_4.sql;"
 
 SELECT * FROM t1;
 SELECT * FROM t2;
@@ -247,7 +247,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_5.sql
 --exec $MYSQL_BINLOG -B $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_5.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_5.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_5.sql;"
 
 SELECT * FROM t1;
 
@@ -323,7 +323,7 @@ let $MYSQLD_DATADIR= `select @@datadir`;
 --replace_result $MYSQLTEST_VARDIR MYSQLTEST_VARDIR
 --exec $MYSQL_BINLOG --database=world --table=city -vv $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_original_6.sql
 --exec $MYSQL_BINLOG --database=world --table=city -B $MYSQLD_DATADIR/master-bin.000001 > $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_6.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_6.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_6.sql;"
 
 SELECT * FROM world.city;
 
@@ -355,7 +355,7 @@ FLUSH LOGS;
 --source include/assert.inc
 
 --exec $MYSQL_BINLOG -vv -B --read-from-remote-server --user=root --host=127.0.0.1 --port=$MASTER_MYPORT master-bin.000002> $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_7.sql
---exec $MYSQL -e "SET binlog_format= ROW; source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_7.sql;"
+--exec $MYSQL -e "source $MYSQLTEST_VARDIR/tmp/mysqlbinlog_row_flashback_7.sql;"
 
 --echo # 6- Rows must be present upon restoring from flashback
 --let $assert_cond= COUNT(*) = 6 FROM t1
diff --git a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.result b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.result
index 35b44be0..903704ac 100644
--- a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.result
+++ b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.result
@@ -68,7 +68,7 @@ include/wait_for_slave_io_error.inc [errno=1236]
 SHOW TABLES;
 Tables_in_test
 table1_no_encryption
-include/stop_slave.inc
+include/stop_slave_sql.inc
 include/reset_slave.inc
 Warnings:
 Note	4190	RESET SLAVE is implicitly changing the value of 'Using_Gtid' from 'No' to 'Slave_Pos'
diff --git a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.test b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.test
index e05994f1..97d81d2a 100644
--- a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.test
+++ b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_coords.test
@@ -143,7 +143,8 @@ start slave;
 SHOW TABLES;
 
 --disable_connect_log
---source include/stop_slave.inc
+# IO thread is stopped, stop SQL thread only
+--source include/stop_slave_sql.inc
 --enable_connect_log
 --let $master_use_gtid_option= No
 --source include/reset_slave.inc
diff --git a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.result b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.result
index 16ea3055..c6835ff9 100644
--- a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.result
+++ b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.result
@@ -62,7 +62,7 @@ include/wait_for_slave_io_error.inc [errno=1236]
 # ..success
 SHOW TABLES;
 Tables_in_test
-include/stop_slave.inc
+include/stop_slave_sql.inc
 reset slave;
 ##########
 # Cleanup
diff --git a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.test b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.test
index f882e8f3..9991fb9b 100644
--- a/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.test
+++ b/mysql-test/suite/binlog_encryption/encrypted_master_switch_to_unencrypted_gtid.test
@@ -132,7 +132,8 @@ if (`SELECT strcmp("$gsp","")`)
 SHOW TABLES;
 
 --disable_connect_log
---source include/stop_slave.inc
+# IO thread is stopped, wait for SQL thread to be stopped
+--source include/stop_slave_sql.inc
 --enable_connect_log
 reset slave;
 
diff --git a/mysql-test/suite/binlog_encryption/rpl_gtid_basic.result b/mysql-test/suite/binlog_encryption/rpl_gtid_basic.result
index 2bdfe0b1..fde37036 100644
--- a/mysql-test/suite/binlog_encryption/rpl_gtid_basic.result
+++ b/mysql-test/suite/binlog_encryption/rpl_gtid_basic.result
@@ -188,6 +188,13 @@ BINLOG_GTID_POS('master-bin.000001',18446744073709551616)
 NULL
 Warnings:
 Warning	1916	Got overflow when converting '18446744073709551616' to INT. Value truncated
+SET sql_log_bin= 0;
+CREATE TABLE t1 AS SELECT MASTER_POS_WAIT(@binlog_file, 4, 0);
+SELECT BINLOG_GTID_POS(@binlog_file, 4);
+BINLOG_GTID_POS(@binlog_file, 4)
+NULL
+DROP TABLE t1;
+SET sql_log_bin= 1;
 *** Some tests of @@GLOBAL.gtid_binlog_state ***
 connection server_2;
 include/sync_with_master_gtid.inc
diff --git a/mysql-test/suite/binlog_encryption/rpl_mixed_binlog_max_cache_size.result b/mysql-test/suite/binlog_encryption/rpl_mixed_binlog_max_cache_size.result
index e94e097f..dbaceb65 100644
--- a/mysql-test/suite/binlog_encryption/rpl_mixed_binlog_max_cache_size.result
+++ b/mysql-test/suite/binlog_encryption/rpl_mixed_binlog_max_cache_size.result
@@ -197,7 +197,7 @@ SET GLOBAL max_binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL max_binlog_stmt_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_stmt_cache_size= ORIGINAL_VALUE;
-include/stop_slave.inc
+include/stop_slave_io.inc
 include/start_slave.inc
 connection master;
 connection slave;
diff --git a/mysql-test/suite/binlog_encryption/rpl_parallel_ignored_errors.result b/mysql-test/suite/binlog_encryption/rpl_parallel_ignored_errors.result
index ce11b814..57654d15 100644
--- a/mysql-test/suite/binlog_encryption/rpl_parallel_ignored_errors.result
+++ b/mysql-test/suite/binlog_encryption/rpl_parallel_ignored_errors.result
@@ -36,7 +36,8 @@ connection server_2;
 connection con_temp2;
 COMMIT;
 connection server_2;
-include/stop_slave.inc
+include/wait_for_slave_sql_error.inc [errno=1062]
+include/stop_slave_io.inc
 include/assert.inc [table t1 should have zero rows where a>32]
 SELECT * FROM t1 WHERE a>32;
 a
diff --git a/mysql-test/suite/binlog_encryption/rpl_parallel_missed_error_handling.result b/mysql-test/suite/binlog_encryption/rpl_parallel_missed_error_handling.result
index e9d04c02..c9094c8b 100644
--- a/mysql-test/suite/binlog_encryption/rpl_parallel_missed_error_handling.result
+++ b/mysql-test/suite/binlog_encryption/rpl_parallel_missed_error_handling.result
@@ -38,7 +38,6 @@ connection con2;
 SET debug_sync='RESET';
 connection server_2;
 include/wait_for_slave_sql_error.inc [errno=1062]
-include/wait_for_slave_sql_to_stop.inc
 SELECT * FROM t3 WHERE a >= 110 ORDER BY a;
 a	b
 110	1
diff --git a/mysql-test/suite/binlog_encryption/rpl_semi_sync.result b/mysql-test/suite/binlog_encryption/rpl_semi_sync.result
index edd5e774..03e3443b 100644
--- a/mysql-test/suite/binlog_encryption/rpl_semi_sync.result
+++ b/mysql-test/suite/binlog_encryption/rpl_semi_sync.result
@@ -7,7 +7,6 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
 set sql_log_bin=0;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin=1;
@@ -28,7 +27,7 @@ set global rpl_semi_sync_slave_enabled= 0;
 # Main test of semi-sync replication start here
 #
 connection master;
-set global rpl_semi_sync_master_timeout= 60000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ default state of semi-sync on master should be OFF ]
 show variables like 'rpl_semi_sync_master_enabled';
 Variable_name	Value
@@ -163,11 +162,15 @@ connection slave;
 # Test semi-sync master will switch OFF after one transaction
 # timeout waiting for slave reply.
 #
+connection master;
+show status like "Rpl_semi_sync_master_status";
+Variable_name	Value
+Rpl_semi_sync_master_status	ON
 connection slave;
 include/stop_slave.inc
 connection master;
 include/kill_binlog_dump_threads.inc
-set global rpl_semi_sync_master_timeout= 5000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ master status should be ON ]
 show status like 'Rpl_semi_sync_master_no_tx';
 Variable_name	Value
@@ -317,6 +320,8 @@ include/kill_binlog_dump_threads.inc
 connection slave;
 include/start_slave.inc
 connection master;
+connection slave;
+connection master;
 create table t1 (a int) engine = ENGINE_TYPE;
 insert into t1 values (1);
 insert into t1 values (2), (3);
@@ -359,6 +364,8 @@ show status like 'Rpl_semi_sync_slave_status';
 Variable_name	Value
 Rpl_semi_sync_slave_status	ON
 connection master;
+connection slave;
+connection master;
 [ master semi-sync should be ON ]
 show status like 'Rpl_semi_sync_master_clients';
 Variable_name	Value
diff --git a/mysql-test/suite/compat/oracle/r/func_concat.result b/mysql-test/suite/compat/oracle/r/func_concat.result
index 392d5797..17ca4be0 100644
--- a/mysql-test/suite/compat/oracle/r/func_concat.result
+++ b/mysql-test/suite/compat/oracle/r/func_concat.result
@@ -3,12 +3,12 @@ EXPLAIN EXTENDED SELECT 'a'||'b'||'c';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(concat_operator_oracle('a','b'),'c') AS "'a'||'b'||'c'"
+Note	1003	select concat(concat('a','b'),'c') AS "'a'||'b'||'c'"
 EXPLAIN EXTENDED SELECT CONCAT('a'||'b'||'c');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(concat_operator_oracle(concat_operator_oracle('a','b'),'c')) AS "CONCAT('a'||'b'||'c')"
+Note	1003	select concat(concat(concat('a','b'),'c')) AS "CONCAT('a'||'b'||'c')"
 SELECT ''   || '';
 ''   || ''
 
@@ -211,14 +211,14 @@ SET sql_mode=ORACLE;
 CREATE VIEW v1 AS SELECT 'foo'||NULL||'bar' AS test;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select concat_operator_oracle(concat_operator_oracle('foo',NULL),'bar') AS "test"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select concat(concat('foo',NULL),'bar') AS "test"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 test
 foobar
 SET sql_mode=DEFAULT;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select concat_operator_oracle(concat_operator_oracle('foo',NULL),'bar') AS `test`	latin1	latin1_swedish_ci
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select oracle_schema.concat(oracle_schema.concat('foo',NULL),'bar') AS `test`	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 test
 foobar
@@ -234,7 +234,7 @@ NULL
 SET sql_mode=ORACLE;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select concat('foo',NULL,'bar') AS "test"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select mariadb_schema.concat('foo',NULL,'bar') AS "test"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 test
 NULL
@@ -268,12 +268,12 @@ EXPLAIN EXTENDED SELECT -1<<1||1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select -1 << concat_operator_oracle(1,1) AS "a"
+Note	1003	select -1 << concat(1,1) AS "a"
 EXPLAIN EXTENDED SELECT -1||0<<1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(-1,0) << 1 AS "a"
+Note	1003	select concat(-1,0) << 1 AS "a"
 SELECT -1+1||1 AS a FROM DUAL;
 a
 01
@@ -284,12 +284,12 @@ EXPLAIN EXTENDED SELECT -1+1||1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(-1 + 1,1) AS "a"
+Note	1003	select concat(-1 + 1,1) AS "a"
 EXPLAIN EXTENDED SELECT -1||0+1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(-1,0) + 1 AS "a"
+Note	1003	select concat(-1,0) + 1 AS "a"
 SELECT 1*1||-1 AS a FROM DUAL;
 a
 1-1
@@ -300,12 +300,12 @@ EXPLAIN EXTENDED SELECT 1*1||-1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(1 * 1,-1) AS "a"
+Note	1003	select concat(1 * 1,-1) AS "a"
 EXPLAIN EXTENDED SELECT 1||1*-1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(1,1 * -1) AS "a"
+Note	1003	select concat(1,1 * -1) AS "a"
 SELECT -1^1||1 AS a FROM DUAL;
 a
 184467440737095516141
@@ -316,12 +316,12 @@ EXPLAIN EXTENDED SELECT -1^1||1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(-1 ^ 1,1) AS "a"
+Note	1003	select concat(-1 ^ 1,1) AS "a"
 EXPLAIN EXTENDED SELECT -1||0^1 AS a FROM DUAL;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select concat_operator_oracle(-1,0 ^ 1) AS "a"
+Note	1003	select concat(-1,0 ^ 1) AS "a"
 #
 # MDEV-17359 Concatenation operator || in like expression failed in sql_mode=ORACLE
 #
@@ -332,7 +332,7 @@ EXPLAIN EXTENDED SELECT 'abc' LIKE 'a'||'%';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select 'abc' like concat_operator_oracle('a','%') AS "'abc' LIKE 'a'||'%'"
+Note	1003	select 'abc' like concat('a','%') AS "'abc' LIKE 'a'||'%'"
 SELECT 'x' FROM DUAL WHERE 11 LIKE 1||1;
 x
 x
@@ -353,7 +353,7 @@ EXPLAIN EXTENDED SELECT c1 FROM t1 WHERE c1 LIKE '%'||'b' ORDER BY ord;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	3	100.00	Using where; Using filesort
 Warnings:
-Note	1003	select "test"."t1"."c1" AS "c1" from "test"."t1" where "test"."t1"."c1" like <cache>(concat_operator_oracle('%','b')) order by "test"."t1"."ord"
+Note	1003	select "test"."t1"."c1" AS "c1" from "test"."t1" where "test"."t1"."c1" like <cache>(concat('%','b')) order by "test"."t1"."ord"
 SELECT c1 FROM t1 WHERE c1 LIKE c2||'%'||'c' ORDER BY ord;
 c1
 abc
@@ -361,7 +361,7 @@ EXPLAIN EXTENDED SELECT c1 FROM t1 WHERE c1 LIKE c2||'%'||'c' ORDER BY ord;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	3	100.00	Using where; Using filesort
 Warnings:
-Note	1003	select "test"."t1"."c1" AS "c1" from "test"."t1" where "test"."t1"."c1" like concat_operator_oracle(concat_operator_oracle("test"."t1"."c2",'%'),'c') order by "test"."t1"."ord"
+Note	1003	select "test"."t1"."c1" AS "c1" from "test"."t1" where "test"."t1"."c1" like concat(concat("test"."t1"."c2",'%'),'c') order by "test"."t1"."ord"
 SELECT 'x' FROM t1 WHERE c1||c2 LIKE 'aa%';
 x
 x
@@ -369,7 +369,7 @@ EXPLAIN EXTENDED SELECT 'x' FROM t1 WHERE c1||c2 LIKE 'aa%';
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	3	100.00	Using where
 Warnings:
-Note	1003	select 'x' AS "x" from "test"."t1" where concat_operator_oracle("test"."t1"."c1","test"."t1"."c2") like 'aa%'
+Note	1003	select 'x' AS "x" from "test"."t1" where concat("test"."t1"."c1","test"."t1"."c2") like 'aa%'
 SELECT 'x' FROM t1 WHERE c1||c2 LIKE c2||c1;
 x
 x
@@ -377,7 +377,7 @@ EXPLAIN EXTENDED SELECT 'x' FROM t1 WHERE c1||c2 LIKE c2||c1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	3	100.00	Using where
 Warnings:
-Note	1003	select 'x' AS "x" from "test"."t1" where concat_operator_oracle("test"."t1"."c1","test"."t1"."c2") like concat_operator_oracle("test"."t1"."c2","test"."t1"."c1")
+Note	1003	select 'x' AS "x" from "test"."t1" where concat("test"."t1"."c1","test"."t1"."c2") like concat("test"."t1"."c2","test"."t1"."c1")
 CREATE VIEW v1 AS SELECT c1, c2, c1 LIKE c2||'_' FROM t1 ORDER BY ord;
 SELECT * FROM v1;
 c1	c2	c1 LIKE c2||'_'
@@ -388,6 +388,6 @@ EXPLAIN EXTENDED SELECT * FROM v1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	3	100.00	Using filesort
 Warnings:
-Note	1003	select "test"."t1"."c1" AS "c1","test"."t1"."c2" AS "c2","test"."t1"."c1" like concat_operator_oracle("test"."t1"."c2",'_') AS "c1 LIKE c2||'_'" from "test"."t1" order by "test"."t1"."ord"
+Note	1003	select "test"."t1"."c1" AS "c1","test"."t1"."c2" AS "c2","test"."t1"."c1" like concat("test"."t1"."c2",'_') AS "c1 LIKE c2||'_'" from "test"."t1" order by "test"."t1"."ord"
 DROP VIEW v1;
 DROP TABLE t1;
diff --git a/mysql-test/suite/compat/oracle/r/func_decode.result b/mysql-test/suite/compat/oracle/r/func_decode.result
index 2809e971..afbba204 100644
--- a/mysql-test/suite/compat/oracle/r/func_decode.result
+++ b/mysql-test/suite/compat/oracle/r/func_decode.result
@@ -28,7 +28,7 @@ EXPLAIN EXTENDED SELECT DECODE(12,10,'x10',11,'x11','def');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select decode_oracle(12,10,'x10',11,'x11','def') AS "DECODE(12,10,'x10',11,'x11','def')"
+Note	1003	select decode(12,10,'x10',11,'x11','def') AS "DECODE(12,10,'x10',11,'x11','def')"
 CREATE TABLE decode (decode int);
 DROP TABLE decode;
 #
@@ -46,22 +46,22 @@ EXPLAIN EXTENDED SELECT DECODE(12,10,'x10',11,'x11');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select decode_oracle(12,10,'x10',11,'x11') AS "DECODE(12,10,'x10',11,'x11')"
+Note	1003	select decode(12,10,'x10',11,'x11') AS "DECODE(12,10,'x10',11,'x11')"
 EXPLAIN EXTENDED SELECT DECODE(12,10,'x10',11,'x11','def');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select decode_oracle(12,10,'x10',11,'x11','def') AS "DECODE(12,10,'x10',11,'x11','def')"
+Note	1003	select decode(12,10,'x10',11,'x11','def') AS "DECODE(12,10,'x10',11,'x11','def')"
 EXPLAIN EXTENDED SELECT DECODE_ORACLE(12,10,'x10',11,'x11');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select decode_oracle(12,10,'x10',11,'x11') AS "DECODE_ORACLE(12,10,'x10',11,'x11')"
+Note	1003	select decode(12,10,'x10',11,'x11') AS "DECODE_ORACLE(12,10,'x10',11,'x11')"
 EXPLAIN EXTENDED SELECT DECODE_ORACLE(12,10,'x10',11,'x11','def');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select decode_oracle(12,10,'x10',11,'x11','def') AS "DECODE_ORACLE(12,10,'x10',11,'x11','def')"
+Note	1003	select decode(12,10,'x10',11,'x11','def') AS "DECODE_ORACLE(12,10,'x10',11,'x11','def')"
 CREATE TABLE t1 (a INT);
 CREATE VIEW v1 AS
 SELECT
@@ -72,7 +72,7 @@ DECODE_ORACLE(a,1,'x1',NULL,'xNULL','xELSE') AS d4
 FROM t1;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select decode_oracle("t1"."a",1,'x1',NULL,'xNULL') AS "d1",decode_oracle("t1"."a",1,'x1',NULL,'xNULL','xELSE') AS "d2",decode_oracle("t1"."a",1,'x1',NULL,'xNULL') AS "d3",decode_oracle("t1"."a",1,'x1',NULL,'xNULL','xELSE') AS "d4" from "t1"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select decode("t1"."a",1,'x1',NULL,'xNULL') AS "d1",decode("t1"."a",1,'x1',NULL,'xNULL','xELSE') AS "d2",decode("t1"."a",1,'x1',NULL,'xNULL') AS "d3",decode("t1"."a",1,'x1',NULL,'xNULL','xELSE') AS "d4" from "t1"	latin1	latin1_swedish_ci
 DROP VIEW v1;
 DROP TABLE t1;
 SELECT DECODE(TIME'10:20:31','10:20:31','then1','10:20:32','then2','def');
diff --git a/mysql-test/suite/compat/oracle/r/func_pad.result b/mysql-test/suite/compat/oracle/r/func_pad.result
index ca7d52cd..63952959 100644
--- a/mysql-test/suite/compat/oracle/r/func_pad.result
+++ b/mysql-test/suite/compat/oracle/r/func_pad.result
@@ -44,11 +44,11 @@ EXPLAIN EXTENDED SELECT RPAD('a',0,'.'), LPAD('a',0,'.'), LPAD(c1,c2,c3), LPAD(c
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	7	100.00	Using filesort
 Warnings:
-Note	1003	select rpad_oracle('a',0,'.') AS "RPAD('a',0,'.')",lpad_oracle('a',0,'.') AS "LPAD('a',0,'.')",lpad_oracle("test"."t1"."c1","test"."t1"."c2","test"."t1"."c3") AS "LPAD(c1,c2,c3)",lpad_oracle("test"."t1"."c1","test"."t1"."c2") AS "LPAD(c1,c2)",rpad_oracle("test"."t1"."c1","test"."t1"."c2","test"."t1"."c3") AS "RPAD(c1,c2,c3)",rpad_oracle("test"."t1"."c1","test"."t1"."c2") AS "RPAD(c1,c2)" from "test"."t1" order by "test"."t1"."ord"
+Note	1003	select rpad('a',0,'.') AS "RPAD('a',0,'.')",lpad('a',0,'.') AS "LPAD('a',0,'.')",lpad("test"."t1"."c1","test"."t1"."c2","test"."t1"."c3") AS "LPAD(c1,c2,c3)",lpad("test"."t1"."c1","test"."t1"."c2") AS "LPAD(c1,c2)",rpad("test"."t1"."c1","test"."t1"."c2","test"."t1"."c3") AS "RPAD(c1,c2,c3)",rpad("test"."t1"."c1","test"."t1"."c2") AS "RPAD(c1,c2)" from "test"."t1" order by "test"."t1"."ord"
 CREATE VIEW v1 AS SELECT RPAD('a',0,'.') AS "C1", LPAD('a',0,'.') AS "C2", LPAD(c1,c2,c3) AS "C3", LPAD(c1,c2) AS "C4", RPAD(c1,c2,c3) AS "C5", RPAD(c1,c2) AS "C6" FROM t1 ORDER BY ord;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select rpad_oracle('a',0,'.') AS "C1",lpad_oracle('a',0,'.') AS "C2",lpad_oracle("t1"."c1","t1"."c2","t1"."c3") AS "C3",lpad_oracle("t1"."c1","t1"."c2") AS "C4",rpad_oracle("t1"."c1","t1"."c2","t1"."c3") AS "C5",rpad_oracle("t1"."c1","t1"."c2") AS "C6" from "t1" order by "t1"."ord"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select rpad('a',0,'.') AS "C1",lpad('a',0,'.') AS "C2",lpad("t1"."c1","t1"."c2","t1"."c3") AS "C3",lpad("t1"."c1","t1"."c2") AS "C4",rpad("t1"."c1","t1"."c2","t1"."c3") AS "C5",rpad("t1"."c1","t1"."c2") AS "C6" from "t1" order by "t1"."ord"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 C1	C2	C3	C4	C5	C6
 NULL	NULL	NULL	a	NULL	a
diff --git a/mysql-test/suite/compat/oracle/r/func_qualified.result b/mysql-test/suite/compat/oracle/r/func_qualified.result
new file mode 100644
index 00000000..4750a625
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/r/func_qualified.result
@@ -0,0 +1,2547 @@
+#
+# MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+#
+SET sql_mode=DEFAULT;
+SELECT decode_oracle(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode_oracle'
+SELECT DECODE_ORACLE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE_ORACLE'
+SET sql_mode=ORACLE;
+SELECT decode_oracle(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode_oracle'
+SELECT DECODE_ORACLE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE_ORACLE'
+SET sql_mode=DEFAULT;
+SELECT decode(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode'
+SELECT DECODE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE'
+SET sql_mode=ORACLE;
+SELECT decode(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode'
+SELECT DECODE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE'
+SELECT mariadb_schema.decode(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode'
+SELECT mariadb_schema.DECODE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE'
+SELECT mariadb_schema.decode_oracle(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'decode_oracle'
+SELECT mariadb_schema.DECODE_ORACLE(1);
+ERROR 42000: Incorrect parameter count in the call to native function 'DECODE_ORACLE'
+SET sql_mode=DEFAULT;
+SELECT unknown.TRIM(1);
+ERROR 42000: FUNCTION unknown.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.trim(1);
+ERROR 42000: FUNCTION unknown.trim does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT oracle_schema.TRIM();
+ERROR HY000: Function 'TRIM' is not defined
+SELECT oracle_schema.TRIM('a','b');
+ERROR HY000: Function 'TRIM' is not defined
+SELECT oracle_schema.TRIM('a','b','c','d');
+ERROR HY000: Function 'TRIM' is not defined
+SELECT unknown.SUBSTR('a',1,2);
+ERROR 42000: FUNCTION unknown.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.substr('a',1,2);
+ERROR 42000: FUNCTION unknown.substr does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.SUBSTRING('a',1,2);
+ERROR 42000: FUNCTION unknown.SUBSTRING does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.substring('a',1,2);
+ERROR 42000: FUNCTION unknown.substring does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.REPLACE('a','b','c');
+ERROR 42000: FUNCTION unknown.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT unknown.replace('a','b','c');
+ERROR 42000: FUNCTION unknown.replace does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+SELECT oracle_schema.REPLACE();
+ERROR HY000: Function 'REPLACE' is not defined
+SELECT oracle_schema.REPLACE('a');
+ERROR HY000: Function 'REPLACE' is not defined
+SELECT oracle_schema.REPLACE('a','b');
+ERROR HY000: Function 'REPLACE' is not defined
+SELECT oracle_schema.REPLACE('a','b','c','d');
+ERROR HY000: Function 'REPLACE' is not defined
+SET sql_mode=DEFAULT;
+CREATE PROCEDURE p1(sqlmode TEXT, qualifier TEXT, expr TEXT)
+BEGIN
+DECLARE query TEXT DEFAULT 'SELECT $(QUALIFIER)$(EXPR)';
+DECLARE errmsg TEXT DEFAULT NULL;
+DECLARE CONTINUE HANDLER FOR 1064, 1128, 1305, 1582, 1630
+BEGIN
+GET DIAGNOSTICS CONDITION 1 errmsg = MESSAGE_TEXT;
+END;
+SET sql_mode=sqlmode;
+SET query=REPLACE(query, '$(QUALIFIER)', qualifier);
+SET query=REPLACE(query, '$(EXPR)', expr);
+SET query= CONCAT('EXPLAIN EXTENDED ', query);
+SELECT CONCAT('sql_mode=''',sqlmode,'''', '   ',
+'qualifier=''',qualifier,'''') AS `----------`;
+SELECT query;
+EXECUTE IMMEDIATE query;
+IF errmsg IS NOT NULL THEN
+SELECT CONCAT('ERROR: ', errmsg) AS errmsg;
+ELSE
+SHOW WARNINGS;
+END IF;
+END;
+$$
+CREATE PROCEDURE p2(sqlmode TEXT, expr TEXT)
+BEGIN
+CALL p1(sqlmode, '',                expr);
+CALL p1(sqlmode, 'unknown_schema.', expr);
+CALL p1(sqlmode, 'mariadb_schema.', expr);
+CALL p1(sqlmode, 'maxdb_schema.',   expr);
+CALL p1(sqlmode, 'oracle_schema.',  expr);
+END;
+$$
+CREATE PROCEDURE p3(expr TEXT)
+BEGIN
+CALL p2('',       expr);
+CALL p2('ORACLE', expr);
+END;
+$$
+CALL p3('CONCAT(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS `CONCAT('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.CONCAT('a')
+errmsg
+ERROR: FUNCTION unknown_schema.CONCAT does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS `mariadb_schema.CONCAT('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS `maxdb_schema.CONCAT('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.concat('a') AS `oracle_schema.CONCAT('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "CONCAT('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.CONCAT('a')
+errmsg
+ERROR: FUNCTION unknown_schema.CONCAT does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.concat('a') AS "mariadb_schema.CONCAT('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.concat('a') AS "maxdb_schema.CONCAT('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.CONCAT('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "oracle_schema.CONCAT('a')"
+Warnings:
+Note	1003	select concat('a') AS "oracle_schema.CONCAT('a')"
+CALL p3('DECODE(''1'',''2'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE('1','2')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode('1','2') AS `DECODE('1','2')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE('1','2')
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE('1','2')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode('1','2') AS `mariadb_schema.DECODE('1','2')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE('1','2')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode('1','2') AS `maxdb_schema.DECODE('1','2')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE('1','2')
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE('1','2')
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE('1','2')
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE('1','2')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.decode('1','2') AS "mariadb_schema.DECODE('1','2')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE('1','2')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.decode('1','2') AS "maxdb_schema.DECODE('1','2')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE('1','2')
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+CALL p3('DECODE(1,1,10)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE(1,1,10)
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE(1,1,10)
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE(1,1,10)
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE(1,1,10)
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.decode(1,1,10) AS `oracle_schema.DECODE(1,1,10)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "DECODE(1,1,10)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE(1,1,10)
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE(1,1,10)
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE(1,1,10)
+errmsg
+ERROR: Incorrect parameter count in the call to native function 'DECODE'
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "oracle_schema.DECODE(1,1,10)"
+Warnings:
+Note	1003	select decode(1,1,10) AS "oracle_schema.DECODE(1,1,10)"
+CALL p3('LTRIM(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS `LTRIM('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LTRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.LTRIM does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS `mariadb_schema.LTRIM('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS `maxdb_schema.LTRIM('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.ltrim('a') AS `oracle_schema.LTRIM('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "LTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LTRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.LTRIM does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.ltrim('a') AS "mariadb_schema.LTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.ltrim('a') AS "maxdb_schema.LTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "oracle_schema.LTRIM('a')"
+Warnings:
+Note	1003	select ltrim('a') AS "oracle_schema.LTRIM('a')"
+CALL p3('RTRIM(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS `RTRIM('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RTRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.RTRIM does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS `mariadb_schema.RTRIM('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS `maxdb_schema.RTRIM('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rtrim('a') AS `oracle_schema.RTRIM('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "RTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RTRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.RTRIM does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rtrim('a') AS "mariadb_schema.RTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rtrim('a') AS "maxdb_schema.RTRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RTRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "oracle_schema.RTRIM('a')"
+Warnings:
+Note	1003	select rtrim('a') AS "oracle_schema.RTRIM('a')"
+CALL p3('LPAD(''a'',3)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS `LPAD('a',3)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS `mariadb_schema.LPAD('a',3)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS `maxdb_schema.LPAD('a',3)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3) AS `oracle_schema.LPAD('a',3)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "LPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.lpad('a',3) AS "mariadb_schema.LPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.lpad('a',3) AS "maxdb_schema.LPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "oracle_schema.LPAD('a',3)"
+Warnings:
+Note	1003	select lpad('a',3) AS "oracle_schema.LPAD('a',3)"
+CALL p3('LPAD(''a'',3, '' '')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3,' ') AS `LPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD('a',3, ' ')
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3,' ') AS `mariadb_schema.LPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3,' ') AS `maxdb_schema.LPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3,' ') AS `oracle_schema.LPAD('a',3, ' ')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3,' ') AS "LPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD('a',3, ' ')
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.lpad('a',3,' ') AS "mariadb_schema.LPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.lpad('a',3,' ') AS "maxdb_schema.LPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3,' ') AS "oracle_schema.LPAD('a',3, ' ')"
+Warnings:
+Note	1003	select lpad('a',3,' ') AS "oracle_schema.LPAD('a',3, ' ')"
+CALL p3('RPAD(''a'',3)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS `RPAD('a',3)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS `mariadb_schema.RPAD('a',3)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS `maxdb_schema.RPAD('a',3)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3) AS `oracle_schema.RPAD('a',3)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "RPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rpad('a',3) AS "mariadb_schema.RPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rpad('a',3) AS "maxdb_schema.RPAD('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "oracle_schema.RPAD('a',3)"
+Warnings:
+Note	1003	select rpad('a',3) AS "oracle_schema.RPAD('a',3)"
+CALL p3('RPAD(''a'',3, '' '')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3,' ') AS `RPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD('a',3, ' ')
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3,' ') AS `mariadb_schema.RPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3,' ') AS `maxdb_schema.RPAD('a',3, ' ')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3,' ') AS `oracle_schema.RPAD('a',3, ' ')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3,' ') AS "RPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD('a',3, ' ')
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rpad('a',3,' ') AS "mariadb_schema.RPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.rpad('a',3,' ') AS "maxdb_schema.RPAD('a',3, ' ')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD('a',3, ' ')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3,' ') AS "oracle_schema.RPAD('a',3, ' ')"
+Warnings:
+Note	1003	select rpad('a',3,' ') AS "oracle_schema.RPAD('a',3, ' ')"
+CALL p3('REPLACE()');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE()
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE()
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE()
+errmsg
+ERROR: Function 'REPLACE' is not defined
+CALL p3('REPLACE(''a'',''b'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b')
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b')
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+CALL p3('REPLACE(''a'',''b'',''c'',''d'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b','c','d')
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''d')' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b','c','d')
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ''d')' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b','c','d')
+errmsg
+ERROR: Function 'REPLACE' is not defined
+CALL p3('REPLACE(''a'',''b'',''c'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS `REPLACE('a','b','c')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b','c')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS `mariadb_schema.REPLACE('a','b','c')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS `maxdb_schema.REPLACE('a','b','c')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.replace('a','b','c') AS `oracle_schema.REPLACE('a','b','c')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "REPLACE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE('a','b','c')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.replace('a','b','c') AS "mariadb_schema.REPLACE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.replace('a','b','c') AS "maxdb_schema.REPLACE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "oracle_schema.REPLACE('a','b','c')"
+Warnings:
+Note	1003	select replace('a','b','c') AS "oracle_schema.REPLACE('a','b','c')"
+CALL p3('SUBSTR()');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR()
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR()
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR()
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+CALL p3('SUBSTR(''a'',1,2,3)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a',1,2,3)
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '3)' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a',1,2,3)
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '3)' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a',1,2,3)
+errmsg
+ERROR: Function 'SUBSTR' is not defined
+CALL p3('SUBSTR(''a'',1,2)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `SUBSTR('a',1,2)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `mariadb_schema.SUBSTR('a',1,2)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `maxdb_schema.SUBSTR('a',1,2)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `oracle_schema.SUBSTR('a',1,2)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "SUBSTR('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1,2) AS "mariadb_schema.SUBSTR('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1,2) AS "maxdb_schema.SUBSTR('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTR('a',1,2)"
+Warnings:
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTR('a',1,2)"
+CALL p3('SUBSTR(''a'' FROM 1)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `SUBSTR('a' FROM 1)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a' FROM 1)
+errmsg
+ERROR: Function 'unknown_schema.SUBSTR' is not defined
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `mariadb_schema.SUBSTR('a' FROM 1)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `maxdb_schema.SUBSTR('a' FROM 1)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1) AS `oracle_schema.SUBSTR('a' FROM 1)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS "SUBSTR('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR('a' FROM 1)
+errmsg
+ERROR: Function 'unknown_schema.SUBSTR' is not defined
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1) AS "mariadb_schema.SUBSTR('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1) AS "maxdb_schema.SUBSTR('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS "oracle_schema.SUBSTR('a' FROM 1)"
+Warnings:
+Note	1003	select substr('a',1) AS "oracle_schema.SUBSTR('a' FROM 1)"
+CALL p3('SUBSTRING(''a'',1,2)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `SUBSTRING('a',1,2)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTRING('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTRING does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `mariadb_schema.SUBSTRING('a',1,2)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS `maxdb_schema.SUBSTRING('a',1,2)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `oracle_schema.SUBSTRING('a',1,2)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "SUBSTRING('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTRING('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTRING does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1,2) AS "mariadb_schema.SUBSTRING('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1,2) AS "maxdb_schema.SUBSTRING('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTRING('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTRING('a',1,2)"
+Warnings:
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTRING('a',1,2)"
+CALL p3('SUBSTRING(''a'' FROM 1)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `SUBSTRING('a' FROM 1)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTRING('a' FROM 1)
+errmsg
+ERROR: Function 'unknown_schema.SUBSTRING' is not defined
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `mariadb_schema.SUBSTRING('a' FROM 1)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS `maxdb_schema.SUBSTRING('a' FROM 1)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1) AS `oracle_schema.SUBSTRING('a' FROM 1)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS "SUBSTRING('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTRING('a' FROM 1)
+errmsg
+ERROR: Function 'unknown_schema.SUBSTRING' is not defined
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1) AS "mariadb_schema.SUBSTRING('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.substr('a',1) AS "maxdb_schema.SUBSTRING('a' FROM 1)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTRING('a' FROM 1)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1) AS "oracle_schema.SUBSTRING('a' FROM 1)"
+Warnings:
+Note	1003	select substr('a',1) AS "oracle_schema.SUBSTRING('a' FROM 1)"
+CALL p3('TRIM()');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM()
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM()
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ')' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM()
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM()
+errmsg
+ERROR: Function 'TRIM' is not defined
+CALL p3('TRIM(1,2)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM(1,2)
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '2)' at line 1
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM(1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM(1,2)
+errmsg
+ERROR: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '2)' at line 1
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM(1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM(1,2)
+errmsg
+ERROR: Function 'TRIM' is not defined
+CALL p3('TRIM(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim('a') AS `TRIM('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim('a') AS `mariadb_schema.TRIM('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim('a') AS `maxdb_schema.TRIM('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.trim('a') AS `oracle_schema.TRIM('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim('a') AS "TRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM('a')
+errmsg
+ERROR: FUNCTION unknown_schema.TRIM does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.trim('a') AS "mariadb_schema.TRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.trim('a') AS "maxdb_schema.TRIM('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim('a') AS "oracle_schema.TRIM('a')"
+Warnings:
+Note	1003	select trim('a') AS "oracle_schema.TRIM('a')"
+CALL p3('TRIM(BOTH '' '' FROM ''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim(both ' ' from 'a') AS `TRIM(BOTH ' ' FROM 'a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM(BOTH ' ' FROM 'a')
+errmsg
+ERROR: Function 'unknown_schema.TRIM' is not defined
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim(both ' ' from 'a') AS `mariadb_schema.TRIM(BOTH ' ' FROM 'a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim(both ' ' from 'a') AS `maxdb_schema.TRIM(BOTH ' ' FROM 'a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.trim(both ' ' from 'a') AS `oracle_schema.TRIM(BOTH ' ' FROM 'a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim(both ' ' from 'a') AS "TRIM(BOTH ' ' FROM 'a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.TRIM(BOTH ' ' FROM 'a')
+errmsg
+ERROR: Function 'unknown_schema.TRIM' is not defined
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.trim(both ' ' from 'a') AS "mariadb_schema.TRIM(BOTH ' ' FROM 'a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.trim(both ' ' from 'a') AS "maxdb_schema.TRIM(BOTH ' ' FROM 'a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.TRIM(BOTH ' ' FROM 'a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select trim(both ' ' from 'a') AS "oracle_schema.TRIM(BOTH ' ' FROM 'a')"
+Warnings:
+Note	1003	select trim(both ' ' from 'a') AS "oracle_schema.TRIM(BOTH ' ' FROM 'a')"
+CALL p3('REGEXP_REPLACE(''test'',''t'','''')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select regexp_replace('test','t','') AS `REGEXP_REPLACE('test','t','')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REGEXP_REPLACE('test','t','')
+errmsg
+ERROR: FUNCTION unknown_schema.REGEXP_REPLACE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select regexp_replace('test','t','') AS `mariadb_schema.REGEXP_REPLACE('test','t','')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select regexp_replace('test','t','') AS `maxdb_schema.REGEXP_REPLACE('test','t','')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.regexp_replace('test','t','') AS `oracle_schema.REGEXP_REPLACE('test','t','')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select regexp_replace('test','t','') AS "REGEXP_REPLACE('test','t','')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REGEXP_REPLACE('test','t','')
+errmsg
+ERROR: FUNCTION unknown_schema.REGEXP_REPLACE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.regexp_replace('test','t','') AS "mariadb_schema.REGEXP_REPLACE('test','t','')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select mariadb_schema.regexp_replace('test','t','') AS "maxdb_schema.REGEXP_REPLACE('test','t','')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REGEXP_REPLACE('test','t','')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select regexp_replace('test','t','') AS "oracle_schema.REGEXP_REPLACE('test','t','')"
+Warnings:
+Note	1003	select regexp_replace('test','t','') AS "oracle_schema.REGEXP_REPLACE('test','t','')"
+CALL p3('CONCAT_OPERATOR_ORACLE(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.concat('a') AS `CONCAT_OPERATOR_ORACLE('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.CONCAT_OPERATOR_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.CONCAT_OPERATOR_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.concat('a') AS `mariadb_schema.CONCAT_OPERATOR_ORACLE('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.concat('a') AS `maxdb_schema.CONCAT_OPERATOR_ORACLE('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.concat('a') AS `oracle_schema.CONCAT_OPERATOR_ORACLE('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "CONCAT_OPERATOR_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.CONCAT_OPERATOR_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.CONCAT_OPERATOR_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "mariadb_schema.CONCAT_OPERATOR_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "maxdb_schema.CONCAT_OPERATOR_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.CONCAT_OPERATOR_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select concat('a') AS "oracle_schema.CONCAT_OPERATOR_ORACLE('a')"
+Warnings:
+Note	1003	select concat('a') AS "oracle_schema.CONCAT_OPERATOR_ORACLE('a')"
+CALL p3('DECODE_ORACLE(1,1,10)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.decode(1,1,10) AS `DECODE_ORACLE(1,1,10)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE_ORACLE(1,1,10)
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.decode(1,1,10) AS `mariadb_schema.DECODE_ORACLE(1,1,10)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.decode(1,1,10) AS `maxdb_schema.DECODE_ORACLE(1,1,10)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.decode(1,1,10) AS `oracle_schema.DECODE_ORACLE(1,1,10)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "DECODE_ORACLE(1,1,10)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.DECODE_ORACLE(1,1,10)
+errmsg
+ERROR: FUNCTION unknown_schema.DECODE_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "mariadb_schema.DECODE_ORACLE(1,1,10)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "maxdb_schema.DECODE_ORACLE(1,1,10)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.DECODE_ORACLE(1,1,10)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select decode(1,1,10) AS "oracle_schema.DECODE_ORACLE(1,1,10)"
+Warnings:
+Note	1003	select decode(1,1,10) AS "oracle_schema.DECODE_ORACLE(1,1,10)"
+CALL p3('LTRIM_ORACLE(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.ltrim('a') AS `LTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LTRIM_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.LTRIM_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.ltrim('a') AS `mariadb_schema.LTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.ltrim('a') AS `maxdb_schema.LTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.ltrim('a') AS `oracle_schema.LTRIM_ORACLE('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "LTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LTRIM_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.LTRIM_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "mariadb_schema.LTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "maxdb_schema.LTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select ltrim('a') AS "oracle_schema.LTRIM_ORACLE('a')"
+Warnings:
+Note	1003	select ltrim('a') AS "oracle_schema.LTRIM_ORACLE('a')"
+CALL p3('RTRIM_ORACLE(''a'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rtrim('a') AS `RTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RTRIM_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.RTRIM_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rtrim('a') AS `mariadb_schema.RTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rtrim('a') AS `maxdb_schema.RTRIM_ORACLE('a')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rtrim('a') AS `oracle_schema.RTRIM_ORACLE('a')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "RTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RTRIM_ORACLE('a')
+errmsg
+ERROR: FUNCTION unknown_schema.RTRIM_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "mariadb_schema.RTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "maxdb_schema.RTRIM_ORACLE('a')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RTRIM_ORACLE('a')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rtrim('a') AS "oracle_schema.RTRIM_ORACLE('a')"
+Warnings:
+Note	1003	select rtrim('a') AS "oracle_schema.RTRIM_ORACLE('a')"
+CALL p3('LPAD_ORACLE(''a'',3)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3) AS `LPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD_ORACLE('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3) AS `mariadb_schema.LPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3) AS `maxdb_schema.LPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.lpad('a',3) AS `oracle_schema.LPAD_ORACLE('a',3)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "LPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.LPAD_ORACLE('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.LPAD_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "mariadb_schema.LPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "maxdb_schema.LPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.LPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select lpad('a',3) AS "oracle_schema.LPAD_ORACLE('a',3)"
+Warnings:
+Note	1003	select lpad('a',3) AS "oracle_schema.LPAD_ORACLE('a',3)"
+CALL p3('RPAD_ORACLE(''a'',3)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3) AS `RPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD_ORACLE('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3) AS `mariadb_schema.RPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3) AS `maxdb_schema.RPAD_ORACLE('a',3)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.rpad('a',3) AS `oracle_schema.RPAD_ORACLE('a',3)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "RPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.RPAD_ORACLE('a',3)
+errmsg
+ERROR: FUNCTION unknown_schema.RPAD_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "mariadb_schema.RPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "maxdb_schema.RPAD_ORACLE('a',3)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.RPAD_ORACLE('a',3)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select rpad('a',3) AS "oracle_schema.RPAD_ORACLE('a',3)"
+Warnings:
+Note	1003	select rpad('a',3) AS "oracle_schema.RPAD_ORACLE('a',3)"
+CALL p3('REPLACE_ORACLE(''a'',''b'',''c'')');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.replace('a','b','c') AS `REPLACE_ORACLE('a','b','c')`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE_ORACLE('a','b','c')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.replace('a','b','c') AS `mariadb_schema.REPLACE_ORACLE('a','b','c')`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.replace('a','b','c') AS `maxdb_schema.REPLACE_ORACLE('a','b','c')`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.replace('a','b','c') AS `oracle_schema.REPLACE_ORACLE('a','b','c')`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "REPLACE_ORACLE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.REPLACE_ORACLE('a','b','c')
+errmsg
+ERROR: FUNCTION unknown_schema.REPLACE_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "mariadb_schema.REPLACE_ORACLE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "maxdb_schema.REPLACE_ORACLE('a','b','c')"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.REPLACE_ORACLE('a','b','c')
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select replace('a','b','c') AS "oracle_schema.REPLACE_ORACLE('a','b','c')"
+Warnings:
+Note	1003	select replace('a','b','c') AS "oracle_schema.REPLACE_ORACLE('a','b','c')"
+CALL p3('SUBSTR_ORACLE(''a'',1,2)');
+----------
+sql_mode=''   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `SUBSTR_ORACLE('a',1,2)`
+----------
+sql_mode=''   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR_ORACLE('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR_ORACLE does not exist
+----------
+sql_mode=''   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `mariadb_schema.SUBSTR_ORACLE('a',1,2)`
+----------
+sql_mode=''   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `maxdb_schema.SUBSTR_ORACLE('a',1,2)`
+----------
+sql_mode=''   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select oracle_schema.substr('a',1,2) AS `oracle_schema.SUBSTR_ORACLE('a',1,2)`
+----------
+sql_mode='ORACLE'   qualifier=''
+query
+EXPLAIN EXTENDED SELECT SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "SUBSTR_ORACLE('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='unknown_schema.'
+query
+EXPLAIN EXTENDED SELECT unknown_schema.SUBSTR_ORACLE('a',1,2)
+errmsg
+ERROR: FUNCTION unknown_schema.SUBSTR_ORACLE does not exist
+----------
+sql_mode='ORACLE'   qualifier='mariadb_schema.'
+query
+EXPLAIN EXTENDED SELECT mariadb_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "mariadb_schema.SUBSTR_ORACLE('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='maxdb_schema.'
+query
+EXPLAIN EXTENDED SELECT maxdb_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "maxdb_schema.SUBSTR_ORACLE('a',1,2)"
+----------
+sql_mode='ORACLE'   qualifier='oracle_schema.'
+query
+EXPLAIN EXTENDED SELECT oracle_schema.SUBSTR_ORACLE('a',1,2)
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Level	Code	Message
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTR_ORACLE('a',1,2)"
+Warnings:
+Note	1003	select substr('a',1,2) AS "oracle_schema.SUBSTR_ORACLE('a',1,2)"
+SELECT oracle_schema.SUBSTR_ORACLE('a' FROM 1 FOR 2);
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'FROM 1 FOR 2)' at line 1
+SELECT oracle_schema.SUBSTR('a' FROM 1 FOR 2);
+oracle_schema.SUBSTR('a' FROM 1 FOR 2)
+a
+SELECT oracle_schema.TRIM_ORACLE(LEADING ' ' FROM 'a');
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'LEADING ' ' FROM 'a')' at line 1
+SELECT oracle_schema.TRIM(LEADING ' ' FROM 'a');
+oracle_schema.TRIM(LEADING ' ' FROM 'a')
+a
+SELECT oracle_schema.TRIM_ORACLE('a');
+ERROR HY000: Function 'TRIM_ORACLE' is not defined
+SELECT oracle_schema.TRIM('a');
+oracle_schema.TRIM('a')
+a
+DROP PROCEDURE p1;
+DROP PROCEDURE p2;
+DROP PROCEDURE p3;
+SET sql_mode='';
+CREATE VIEW v1 AS SELECT
+concat('a','b'),
+decode('1','2'),
+ltrim('1'),
+rtrim('1'),
+lpad('1','2', 3),
+rpad('1','2', 3),
+replace('1','2','3'),
+substr('a',1,2),
+trim(both 'a' FROM 'b');
+CREATE TABLE kv (v BLOB);
+LOAD DATA INFILE 'MYSQLD_DATADIR/test/v1.frm' REPLACE INTO TABLE kv;
+SELECT v FROM kv WHERE v RLIKE '^(query|view_body_utf8)=' ORDER BY v;
+v
+query=select concat('a','b') AS `concat('a','b')`,decode('1','2') AS `decode('1','2')`,ltrim('1') AS `ltrim('1')`,rtrim('1') AS `rtrim('1')`,lpad('1','2',3) AS `lpad('1','2', 3)`,rpad('1','2',3) AS `rpad('1','2', 3)`,replace('1','2','3') AS `replace('1','2','3')`,substr('a',1,2) AS `substr('a',1,2)`,trim(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+view_body_utf8=select concat('a','b') AS `concat('a','b')`,decode('1','2') AS `decode('1','2')`,ltrim('1') AS `ltrim('1')`,rtrim('1') AS `rtrim('1')`,lpad('1','2',3) AS `lpad('1','2', 3)`,rpad('1','2',3) AS `rpad('1','2', 3)`,replace('1','2','3') AS `replace('1','2','3')`,substr('a',1,2) AS `substr('a',1,2)`,trim(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+SELECT VIEW_DEFINITION FROM INFORMATION_SCHEMA.VIEWS WHERE TABLE_NAME='v1' AND TABLE_SCHEMA='test';
+VIEW_DEFINITION
+select concat('a','b') AS `concat('a','b')`,decode('1','2') AS `decode('1','2')`,ltrim('1') AS `ltrim('1')`,rtrim('1') AS `rtrim('1')`,lpad('1','2',3) AS `lpad('1','2', 3)`,rpad('1','2',3) AS `rpad('1','2', 3)`,replace('1','2','3') AS `replace('1','2','3')`,substr('a',1,2) AS `substr('a',1,2)`,trim(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+DROP TABLE kv;
+DROP VIEW v1;
+SET sql_mode='ORACLE';
+CREATE VIEW v1 AS SELECT
+concat('a','b'),
+decode('1',2,3),
+ltrim('1'),
+rtrim('1'),
+lpad('1','2', 3),
+rpad('1','2', 3),
+replace('1','2','3'),
+substr('a',1,2),
+trim(both 'a' FROM 'b');
+CREATE TABLE kv (v BLOB);
+LOAD DATA INFILE 'MYSQLD_DATADIR/test/v1.frm' REPLACE INTO TABLE kv;
+SELECT v FROM kv WHERE v RLIKE '^(query|view_body_utf8)=' ORDER BY v;
+v
+query=select concat_operator_oracle('a','b') AS `concat('a','b')`,decode_oracle('1',2,3) AS `decode('1',2,3)`,ltrim_oracle('1') AS `ltrim('1')`,rtrim_oracle('1') AS `rtrim('1')`,lpad_oracle('1','2',3) AS `lpad('1','2', 3)`,rpad_oracle('1','2',3) AS `rpad('1','2', 3)`,replace_oracle('1','2','3') AS `replace('1','2','3')`,substr_oracle('a',1,2) AS `substr('a',1,2)`,trim_oracle(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+view_body_utf8=select oracle_schema.concat('a','b') AS `concat('a','b')`,oracle_schema.decode('1',2,3) AS `decode('1',2,3)`,oracle_schema.ltrim('1') AS `ltrim('1')`,oracle_schema.rtrim('1') AS `rtrim('1')`,oracle_schema.lpad('1','2',3) AS `lpad('1','2', 3)`,oracle_schema.rpad('1','2',3) AS `rpad('1','2', 3)`,oracle_schema.replace('1','2','3') AS `replace('1','2','3')`,oracle_schema.substr('a',1,2) AS `substr('a',1,2)`,oracle_schema.trim(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+SELECT VIEW_DEFINITION FROM INFORMATION_SCHEMA.VIEWS WHERE TABLE_NAME='v1' AND TABLE_SCHEMA='test';
+VIEW_DEFINITION
+select oracle_schema.concat('a','b') AS `concat('a','b')`,oracle_schema.decode('1',2,3) AS `decode('1',2,3)`,oracle_schema.ltrim('1') AS `ltrim('1')`,oracle_schema.rtrim('1') AS `rtrim('1')`,oracle_schema.lpad('1','2',3) AS `lpad('1','2', 3)`,oracle_schema.rpad('1','2',3) AS `rpad('1','2', 3)`,oracle_schema.replace('1','2','3') AS `replace('1','2','3')`,oracle_schema.substr('a',1,2) AS `substr('a',1,2)`,oracle_schema.trim(both 'a' from 'b') AS `trim(both 'a' FROM 'b')`
+DROP TABLE kv;
+DROP VIEW v1;
diff --git a/mysql-test/suite/compat/oracle/r/func_regexp_replace.result b/mysql-test/suite/compat/oracle/r/func_regexp_replace.result
new file mode 100644
index 00000000..7d0c5f79
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/r/func_regexp_replace.result
@@ -0,0 +1,34 @@
+SET sql_mode=ORACLE;
+#
+# MDEV-29095 REGEXP_REPLACE treats empty strings different than REPLACE in ORACLE mode
+#
+CREATE TABLE t1 (replacement VARCHAR(10));
+INSERT INTO t1 VALUES (NULL), ('');
+SELECT replacement, REGEXP_REPLACE('abba','a',replacement) FROM t1 ORDER BY replacement;
+replacement	REGEXP_REPLACE('abba','a',replacement)
+NULL	bb
+	bb
+DROP TABLE t1;
+SELECT REGEXP_REPLACE('abba','a',null);
+REGEXP_REPLACE('abba','a',null)
+bb
+EXPLAIN EXTENDED SELECT REPLACE('abba','a',null) ;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
+Warnings:
+Note	1003	select replace('abba','a',NULL) AS "REPLACE('abba','a',null)"
+CREATE VIEW v1 AS SELECT REPLACE('abba','a',null) ;
+SHOW CREATE VIEW v1;
+View	Create View	character_set_client	collation_connection
+v1	CREATE VIEW "v1" AS select replace('abba','a',NULL) AS "REPLACE('abba','a',null)"	latin1	latin1_swedish_ci
+SELECT * FROM v1;
+REPLACE('abba','a',null)
+bb
+SET sql_mode=DEFAULT;
+SHOW CREATE VIEW v1;
+View	Create View	character_set_client	collation_connection
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select oracle_schema.replace('abba','a',NULL) AS `REPLACE('abba','a',null)`	latin1	latin1_swedish_ci
+SELECT * FROM v1;
+REPLACE('abba','a',null)
+bb
+DROP VIEW v1;
diff --git a/mysql-test/suite/compat/oracle/r/func_replace.result b/mysql-test/suite/compat/oracle/r/func_replace.result
index 02516096..012db2a7 100644
--- a/mysql-test/suite/compat/oracle/r/func_replace.result
+++ b/mysql-test/suite/compat/oracle/r/func_replace.result
@@ -21,11 +21,11 @@ EXPLAIN EXTENDED SELECT REPLACE('ab','a',null) ;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select replace_oracle('ab','a',NULL) AS "REPLACE('ab','a',null)"
+Note	1003	select replace('ab','a',NULL) AS "REPLACE('ab','a',null)"
 CREATE VIEW v1 AS SELECT REPLACE('ab','a',null) ;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select replace_oracle('ab','a',NULL) AS "REPLACE('ab','a',null)"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select replace('ab','a',NULL) AS "REPLACE('ab','a',null)"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 REPLACE('ab','a',null)
 b
diff --git a/mysql-test/suite/compat/oracle/r/func_substr.result b/mysql-test/suite/compat/oracle/r/func_substr.result
index 5d9fdd5f..cbb0e74c 100644
--- a/mysql-test/suite/compat/oracle/r/func_substr.result
+++ b/mysql-test/suite/compat/oracle/r/func_substr.result
@@ -76,11 +76,11 @@ EXPLAIN EXTENDED SELECT SUBSTR('abc',2,1) ;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select substr_oracle('abc',2,1) AS "SUBSTR('abc',2,1)"
+Note	1003	select substr('abc',2,1) AS "SUBSTR('abc',2,1)"
 CREATE VIEW v1 AS SELECT SUBSTR('abc',2,1) ;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select substr_oracle('abc',2,1) AS "SUBSTR('abc',2,1)"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select substr('abc',2,1) AS "SUBSTR('abc',2,1)"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 SUBSTR('abc',2,1)
 b
diff --git a/mysql-test/suite/compat/oracle/r/func_trim.result b/mysql-test/suite/compat/oracle/r/func_trim.result
index bed8dadf..965531db 100644
--- a/mysql-test/suite/compat/oracle/r/func_trim.result
+++ b/mysql-test/suite/compat/oracle/r/func_trim.result
@@ -116,13 +116,13 @@ TRIM(TRAILING 'a' FROM 'abc') ;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select trim_oracle('abc') AS "TRIM('abc')",trim_oracle(both 'a' from 'abc') AS "TRIM(BOTH 'a' FROM 'abc')",trim_oracle(leading 'a' from 'abc') AS "TRIM(LEADING 'a' FROM 'abc')",trim_oracle(trailing 'a' from 'abc') AS "TRIM(TRAILING 'a' FROM 'abc')"
+Note	1003	select trim('abc') AS "TRIM('abc')",trim(both 'a' from 'abc') AS "TRIM(BOTH 'a' FROM 'abc')",trim(leading 'a' from 'abc') AS "TRIM(LEADING 'a' FROM 'abc')",trim(trailing 'a' from 'abc') AS "TRIM(TRAILING 'a' FROM 'abc')"
 EXPLAIN EXTENDED SELECT RTRIM('abc'),
 LTRIM('abc');
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No tables used
 Warnings:
-Note	1003	select rtrim_oracle('abc') AS "RTRIM('abc')",ltrim_oracle('abc') AS "LTRIM('abc')"
+Note	1003	select rtrim('abc') AS "RTRIM('abc')",ltrim('abc') AS "LTRIM('abc')"
 CREATE VIEW v1 AS SELECT ord,TRIM('abc'),RTRIM('abc'),LTRIM('abc'),
 '['||c1||']',
 TRIM(LEADING 'a' FROM c1),
@@ -133,7 +133,7 @@ RTRIM(c1)
 FROM t1 ORDER BY ord ;
 SHOW CREATE VIEW v1;
 View	Create View	character_set_client	collation_connection
-v1	CREATE VIEW "v1" AS select "t1"."ord" AS "ord",trim_oracle('abc') AS "TRIM('abc')",rtrim_oracle('abc') AS "RTRIM('abc')",ltrim_oracle('abc') AS "LTRIM('abc')",concat_operator_oracle(concat_operator_oracle('[',"t1"."c1"),']') AS "'['||c1||']'",trim_oracle(leading 'a' from "t1"."c1") AS "TRIM(LEADING 'a' FROM c1)",trim_oracle(trailing 'a' from "t1"."c1") AS "TRIM(TRAILING 'a' FROM c1)",trim_oracle(both 'a' from "t1"."c1") AS "TRIM(BOTH 'a' FROM c1)",ltrim_oracle("t1"."c1") AS "LTRIM(c1)",rtrim_oracle("t1"."c1") AS "RTRIM(c1)" from "t1" order by "t1"."ord"	latin1	latin1_swedish_ci
+v1	CREATE VIEW "v1" AS select "t1"."ord" AS "ord",trim('abc') AS "TRIM('abc')",rtrim('abc') AS "RTRIM('abc')",ltrim('abc') AS "LTRIM('abc')",concat(concat('[',"t1"."c1"),']') AS "'['||c1||']'",trim(leading 'a' from "t1"."c1") AS "TRIM(LEADING 'a' FROM c1)",trim(trailing 'a' from "t1"."c1") AS "TRIM(TRAILING 'a' FROM c1)",trim(both 'a' from "t1"."c1") AS "TRIM(BOTH 'a' FROM c1)",ltrim("t1"."c1") AS "LTRIM(c1)",rtrim("t1"."c1") AS "RTRIM(c1)" from "t1" order by "t1"."ord"	latin1	latin1_swedish_ci
 SELECT * FROM v1;
 ord	TRIM('abc')	RTRIM('abc')	LTRIM('abc')	'['||c1||']'	TRIM(LEADING 'a' FROM c1)	TRIM(TRAILING 'a' FROM c1)	TRIM(BOTH 'a' FROM c1)	LTRIM(c1)	RTRIM(c1)
 1	abc	abc	abc	[abc]	bc	abc	bc	abc	abc
diff --git a/mysql-test/suite/compat/oracle/r/mysqldump_restore_func_qualified.result b/mysql-test/suite/compat/oracle/r/mysqldump_restore_func_qualified.result
new file mode 100644
index 00000000..fd3dd787
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/r/mysqldump_restore_func_qualified.result
@@ -0,0 +1,112 @@
+#
+# Start of 10.4 tests
+#
+#
+# MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+#
+SET sql_mode=DEFAULT;
+CREATE TABLE t1 (
+a0 VARCHAR(64) NOT NULL DEFAULT LTRIM(now()),
+a1 VARCHAR(64) AS (LTRIM(a0)) PERSISTENT,
+b0 VARCHAR(64) NOT NULL DEFAULT LPAD(now(),10),
+b1 VARCHAR(64) AS (LPAD(b0,10)) PERSISTENT
+);
+CREATE VIEW v1 AS SELECT
+LTRIM(now()) AS a0,
+LPAD(now(),10) AS b0;
+SET sql_mode=ORACLE;
+CREATE TABLE t2 (
+a0 VARCHAR(64) NOT NULL DEFAULT LTRIM(now()),
+a1 VARCHAR(64) AS (LTRIM(a0)) PERSISTENT,
+b0 VARCHAR(64) NOT NULL DEFAULT LPAD(now(),10),
+b1 VARCHAR(64) AS (LPAD(b0,10)) PERSISTENT
+);
+CREATE VIEW v2 AS SELECT
+LTRIM(now()) AS a0,
+LPAD(now(),10) AS b0;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `t1` (
+  `a0` varchar(64) NOT NULL DEFAULT ltrim(current_timestamp()),
+  `a1` varchar(64) GENERATED ALWAYS AS (ltrim(`a0`)) STORED,
+  `b0` varchar(64) NOT NULL DEFAULT lpad(current_timestamp(),10),
+  `b1` varchar(64) GENERATED ALWAYS AS (lpad(`b0`,10)) STORED
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+/*!40101 SET character_set_client = @saved_cs_client */;
+/*!40101 SET @saved_cs_client     = @@character_set_client */;
+/*!40101 SET character_set_client = utf8 */;
+CREATE TABLE `t2` (
+  `a0` varchar(64) NOT NULL DEFAULT ltrim_oracle(current_timestamp()),
+  `a1` varchar(64) GENERATED ALWAYS AS (ltrim_oracle(`a0`)) STORED,
+  `b0` varchar(64) NOT NULL DEFAULT lpad_oracle(current_timestamp(),10),
+  `b1` varchar(64) GENERATED ALWAYS AS (lpad_oracle(`b0`,10)) STORED
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci;
+/*!40101 SET character_set_client = @saved_cs_client */;
+SET @saved_cs_client     = @@character_set_client;
+SET character_set_client = utf8;
+/*!50001 CREATE VIEW `v1` AS SELECT
+ 1 AS `a0`,
+  1 AS `b0` */;
+SET character_set_client = @saved_cs_client;
+SET @saved_cs_client     = @@character_set_client;
+SET character_set_client = utf8;
+/*!50001 CREATE VIEW `v2` AS SELECT
+ 1 AS `a0`,
+  1 AS `b0` */;
+SET character_set_client = @saved_cs_client;
+/*!50001 DROP VIEW IF EXISTS `v1`*/;
+/*!50001 SET @saved_cs_client          = @@character_set_client */;
+/*!50001 SET @saved_cs_results         = @@character_set_results */;
+/*!50001 SET @saved_col_connection     = @@collation_connection */;
+/*!50001 SET character_set_client      = latin1 */;
+/*!50001 SET character_set_results     = latin1 */;
+/*!50001 SET collation_connection      = latin1_swedish_ci */;
+/*!50001 CREATE ALGORITHM=UNDEFINED */
+/*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
+/*!50001 VIEW `v1` AS select ltrim(current_timestamp()) AS `a0`,lpad(current_timestamp(),10) AS `b0` */;
+/*!50001 SET character_set_client      = @saved_cs_client */;
+/*!50001 SET character_set_results     = @saved_cs_results */;
+/*!50001 SET collation_connection      = @saved_col_connection */;
+/*!50001 DROP VIEW IF EXISTS `v2`*/;
+/*!50001 SET @saved_cs_client          = @@character_set_client */;
+/*!50001 SET @saved_cs_results         = @@character_set_results */;
+/*!50001 SET @saved_col_connection     = @@collation_connection */;
+/*!50001 SET character_set_client      = latin1 */;
+/*!50001 SET character_set_results     = latin1 */;
+/*!50001 SET collation_connection      = latin1_swedish_ci */;
+/*!50001 CREATE ALGORITHM=UNDEFINED */
+/*!50013 DEFINER=`root`@`localhost` SQL SECURITY DEFINER */
+/*!50001 VIEW `v2` AS select oracle_schema.ltrim(current_timestamp()) AS `a0`,oracle_schema.lpad(current_timestamp(),10) AS `b0` */;
+/*!50001 SET character_set_client      = @saved_cs_client */;
+/*!50001 SET character_set_results     = @saved_cs_results */;
+/*!50001 SET collation_connection      = @saved_col_connection */;
+DROP TABLE t1,t2;
+DROP VIEW v1,v2;
+SET sql_mode=DEFAULT;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `a0` varchar(64) NOT NULL DEFAULT ltrim(current_timestamp()),
+  `a1` varchar(64) GENERATED ALWAYS AS (ltrim(`a0`)) STORED,
+  `b0` varchar(64) NOT NULL DEFAULT lpad(current_timestamp(),10),
+  `b1` varchar(64) GENERATED ALWAYS AS (lpad(`b0`,10)) STORED
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `a0` varchar(64) NOT NULL DEFAULT ltrim_oracle(current_timestamp()),
+  `a1` varchar(64) GENERATED ALWAYS AS (ltrim_oracle(`a0`)) STORED,
+  `b0` varchar(64) NOT NULL DEFAULT lpad_oracle(current_timestamp(),10),
+  `b1` varchar(64) GENERATED ALWAYS AS (lpad_oracle(`b0`,10)) STORED
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SHOW CREATE VIEW v1;
+View	Create View	character_set_client	collation_connection
+v1	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select ltrim(current_timestamp()) AS `a0`,lpad(current_timestamp(),10) AS `b0`	latin1	latin1_swedish_ci
+SHOW CREATE VIEW v2;
+View	Create View	character_set_client	collation_connection
+v2	CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v2` AS select oracle_schema.ltrim(current_timestamp()) AS `a0`,oracle_schema.lpad(current_timestamp(),10) AS `b0`	latin1	latin1_swedish_ci
+DROP TABLE t1,t2;
+DROP VIEW v1, v2;
+#
+# End of 10.4 tests
+#
diff --git a/mysql-test/suite/compat/oracle/r/parser.result b/mysql-test/suite/compat/oracle/r/parser.result
index 32ea444e..0944b7f3 100644
--- a/mysql-test/suite/compat/oracle/r/parser.result
+++ b/mysql-test/suite/compat/oracle/r/parser.result
@@ -84,7 +84,7 @@ DECLARE history INT; BEGIN history:=10; SELECT history; END
 SELECT history FROM t1
 SELECT history 'alias' FROM t1
 SELECT history()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.history does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT history.history()
 Error	1630	FUNCTION history.history does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT history DATE FROM t1
@@ -106,7 +106,7 @@ DECLARE next INT; BEGIN next:=10; SELECT next; END
 SELECT next FROM t1
 SELECT next 'alias' FROM t1
 SELECT next()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.next does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT next.next()
 Error	1630	FUNCTION next.next does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT next DATE FROM t1
@@ -151,7 +151,7 @@ DECLARE previous INT; BEGIN previous:=10; SELECT previous; END
 SELECT previous FROM t1
 SELECT previous 'alias' FROM t1
 SELECT previous()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.previous does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT previous.previous()
 Error	1630	FUNCTION previous.previous does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT previous DATE FROM t1
@@ -174,7 +174,7 @@ DECLARE system INT; BEGIN system:=10; SELECT system; END
 SELECT system FROM t1
 SELECT system 'alias' FROM t1
 SELECT system()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.system does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system.system()
 Error	1630	FUNCTION system.system does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system DATE FROM t1
@@ -196,7 +196,7 @@ DECLARE system_time INT; BEGIN system_time:=10; SELECT system_time; END
 SELECT system_time FROM t1
 SELECT system_time 'alias' FROM t1
 SELECT system_time()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.system_time does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system_time.system_time()
 Error	1630	FUNCTION system_time.system_time does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT system_time DATE FROM t1
@@ -264,7 +264,7 @@ DECLARE transaction INT; BEGIN transaction:=10; SELECT transaction; END
 SELECT transaction FROM t1
 SELECT transaction 'alias' FROM t1
 SELECT transaction()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.transaction does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT transaction.transaction()
 Error	1630	FUNCTION transaction.transaction does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT transaction DATE FROM t1
@@ -308,7 +308,7 @@ DECLARE versioning INT; BEGIN versioning:=10; SELECT versioning; END
 SELECT versioning FROM t1
 SELECT versioning 'alias' FROM t1
 SELECT versioning()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.versioning does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT versioning.versioning()
 Error	1630	FUNCTION versioning.versioning does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT versioning DATE FROM t1
@@ -330,7 +330,7 @@ DECLARE without INT; BEGIN without:=10; SELECT without; END
 SELECT without FROM t1
 SELECT without 'alias' FROM t1
 SELECT without()
-Error	1064	You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '()' at line 1
+Error	1630	FUNCTION test.without does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT without.without()
 Error	1630	FUNCTION without.without does not exist. Check the 'Function Name Parsing and Resolution' section in the Reference Manual
 SELECT without DATE FROM t1
diff --git a/mysql-test/suite/compat/oracle/r/ps.result b/mysql-test/suite/compat/oracle/r/ps.result
index 818c97b0..2d0c4da9 100644
--- a/mysql-test/suite/compat/oracle/r/ps.result
+++ b/mysql-test/suite/compat/oracle/r/ps.result
@@ -178,9 +178,9 @@ EXECUTE IMMEDIATE 'SELECT :1 FROM DUAL' USING 10;
 # Testing erroneous and diallowed prepare source
 #
 EXECUTE IMMEDIATE _latin1'SELECT 1 AS c FROM ' || _latin2 'DUAL';
-ERROR HY000: Illegal mix of collations (latin1_swedish_ci,COERCIBLE) and (latin2_general_ci,COERCIBLE) for operation 'concat_operator_oracle'
+ERROR HY000: Illegal mix of collations (latin1_swedish_ci,COERCIBLE) and (latin2_general_ci,COERCIBLE) for operation 'concat'
 PREPARE stmt FROM _latin1'SELECT 1 AS c FROM ' || _latin2 'DUAL';
-ERROR HY000: Illegal mix of collations (latin1_swedish_ci,COERCIBLE) and (latin2_general_ci,COERCIBLE) for operation 'concat_operator_oracle'
+ERROR HY000: Illegal mix of collations (latin1_swedish_ci,COERCIBLE) and (latin2_general_ci,COERCIBLE) for operation 'concat'
 EXECUTE IMMEDIATE (SELECT 'SELECT 1');
 ERROR 42000: EXECUTE IMMEDIATE does not support subqueries or stored functions
 PREPARE stmt FROM (SELECT 'SELECT 1');
diff --git a/mysql-test/suite/compat/oracle/r/sp-cursor-rowtype.result b/mysql-test/suite/compat/oracle/r/sp-cursor-rowtype.result
index 31d794c9..93300cc3 100644
--- a/mysql-test/suite/compat/oracle/r/sp-cursor-rowtype.result
+++ b/mysql-test/suite/compat/oracle/r/sp-cursor-rowtype.result
@@ -758,7 +758,7 @@ END;
 END;
 $$
 CALL p1();
-ERROR HY000: Illegal mix of collations (latin1_bin,EXPLICIT) and (latin1_swedish_ci,EXPLICIT) for operation 'concat_operator_oracle'
+ERROR HY000: Illegal mix of collations (latin1_bin,EXPLICIT) and (latin1_swedish_ci,EXPLICIT) for operation 'concat'
 DROP PROCEDURE p1;
 #
 # Non-existing field
diff --git a/mysql-test/suite/compat/oracle/r/vcol_innodb.result b/mysql-test/suite/compat/oracle/r/vcol_innodb.result
new file mode 100644
index 00000000..112d1b4a
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/r/vcol_innodb.result
@@ -0,0 +1,54 @@
+#
+# MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+#
+FLUSH TABLES;
+SET sql_mode='';
+CREATE TABLE t (d INT,b VARCHAR(1),c CHAR(1),g CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b),KEY g(g)) ENGINE=InnoDB;
+INSERT INTO t VALUES (0);
+ERROR 21S01: Column count doesn't match value count at row 1
+SET sql_mode='ORACLE';
+INSERT INTO t SET c=REPEAT (1,0);
+Warnings:
+Warning	1364	Field 'b' doesn't have a default value
+ALTER TABLE t CHANGE COLUMN a b INT;
+ERROR 42S22: Unknown column 'a' in 't'
+DELETE FROM t;
+SET sql_mode='';
+FLUSH TABLES;
+INSERT INTO t SET c='0';
+Warnings:
+Warning	1364	Field 'b' doesn't have a default value
+DROP TABLE t;
+FLUSH TABLES;
+SET sql_mode='';
+CREATE TABLE t (a INT(1),d INT(1),b VARCHAR(1),c CHAR(1),vadc INT(1) GENERATED ALWAYS AS ( (a + length (d))) STORED,vbc CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,vbidxc CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b (1),a,d),KEY d (d),KEY a (a),KEY c_renamed (c (1),b (1)),KEY b (b (1),c (1),a),KEY vbidxc (vbidxc),KEY a_2 (a,vbidxc),KEY vbidxc_2 (vbidxc,d)) DEFAULT CHARSET=latin1 ENGINE=InnoDB;
+INSERT INTO t VALUES (0,0,1,0,1,0,1,0,0);
+ERROR 21S01: Column count doesn't match value count at row 1
+SET SESSION sql_mode='ORACLE';
+INSERT INTO t SET c=REPEAT (1,0);
+Warnings:
+Warning	1364	Field 'a' doesn't have a default value
+Warning	1364	Field 'd' doesn't have a default value
+Warning	1364	Field 'b' doesn't have a default value
+ALTER TABLE t CHANGE COLUMN a b CHAR(1);
+ERROR 42S21: Duplicate column name 'b'
+DELETE FROM t;
+SET SESSION sql_mode=DEFAULT;
+DROP TABLE t;
+SET sql_mode='';
+CREATE TABLE t1 (d INT,b VARCHAR(1),c CHAR(1),g CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b),KEY g(g)) ENGINE=InnoDB;
+INSERT INTO t1 VALUES (0);
+ERROR 21S01: Column count doesn't match value count at row 1
+SET sql_mode='ORACLE';
+INSERT INTO t1 SET c=REPEAT (1,0);
+Warnings:
+Warning	1364	Field 'b' doesn't have a default value
+ALTER TABLE t1 CHANGE COLUMN a b INT;
+ERROR 42S22: Unknown column 'a' in 't1'
+DELETE FROM t1;
+SET sql_mode='';
+FLUSH TABLES;
+INSERT INTO t1 SET c='0';
+Warnings:
+Warning	1364	Field 'b' doesn't have a default value
+DROP TABLE t1;
diff --git a/mysql-test/suite/compat/oracle/t/column_compression.test b/mysql-test/suite/compat/oracle/t/column_compression.test
index 01d4977b..e8d55000 100644
--- a/mysql-test/suite/compat/oracle/t/column_compression.test
+++ b/mysql-test/suite/compat/oracle/t/column_compression.test
@@ -1,6 +1,6 @@
 --source include/have_innodb.inc
 --source include/have_csv.inc
---source include/have_normal_bzip.inc
+--source include/have_normal_zlib.inc
 
 SET sql_mode=ORACLE;
 
diff --git a/mysql-test/suite/compat/oracle/t/func_qualified.test b/mysql-test/suite/compat/oracle/t/func_qualified.test
new file mode 100644
index 00000000..f2c019ec
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/t/func_qualified.test
@@ -0,0 +1,248 @@
+--let $MYSQLD_DATADIR= `select @@datadir`
+
+--echo #
+--echo # MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+--echo #
+
+#
+# Testing that the error message for DECODE preserves
+# the exact letter case as typed by the user
+#
+
+SET sql_mode=DEFAULT;
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT decode_oracle(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT DECODE_ORACLE(1);
+
+SET sql_mode=ORACLE;
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT decode_oracle(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT DECODE_ORACLE(1);
+
+SET sql_mode=DEFAULT;
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT decode(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT DECODE(1);
+
+SET sql_mode=ORACLE;
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT decode(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT DECODE(1);
+
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT mariadb_schema.decode(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT mariadb_schema.DECODE(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT mariadb_schema.decode_oracle(1);
+--error ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT
+SELECT mariadb_schema.DECODE_ORACLE(1);
+
+#
+# Testing that REPLACE, SUBSTR, TRIM print the exact name
+# as typed by the user in "Function .. is not defined"
+#
+
+SET sql_mode=DEFAULT;
+
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.TRIM(1);
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.trim(1);
+
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.TRIM();
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.TRIM('a','b');
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.TRIM('a','b','c','d');
+
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.SUBSTR('a',1,2);
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.substr('a',1,2);
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.SUBSTRING('a',1,2);
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.substring('a',1,2);
+
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.REPLACE('a','b','c');
+--error ER_FUNC_INEXISTENT_NAME_COLLISION
+SELECT unknown.replace('a','b','c');
+
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.REPLACE();
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.REPLACE('a');
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.REPLACE('a','b');
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.REPLACE('a','b','c','d');
+
+#
+# Testing EXPLAIN EXTENDED SELECT
+#
+
+SET sql_mode=DEFAULT;
+DELIMITER $$;
+CREATE PROCEDURE p1(sqlmode TEXT, qualifier TEXT, expr TEXT)
+BEGIN
+  DECLARE query TEXT DEFAULT 'SELECT $(QUALIFIER)$(EXPR)';
+  DECLARE errmsg TEXT DEFAULT NULL;
+  DECLARE CONTINUE HANDLER FOR 1064, 1128, 1305, 1582, 1630
+  BEGIN
+    GET DIAGNOSTICS CONDITION 1 errmsg = MESSAGE_TEXT;
+  END;
+
+  SET sql_mode=sqlmode;
+  SET query=REPLACE(query, '$(QUALIFIER)', qualifier);
+  SET query=REPLACE(query, '$(EXPR)', expr);
+  SET query= CONCAT('EXPLAIN EXTENDED ', query);
+  SELECT CONCAT('sql_mode=''',sqlmode,'''', '   ',
+                'qualifier=''',qualifier,'''') AS `----------`;
+  SELECT query;
+  EXECUTE IMMEDIATE query;
+  IF errmsg IS NOT NULL THEN
+    SELECT CONCAT('ERROR: ', errmsg) AS errmsg;
+  ELSE
+    SHOW WARNINGS;
+  END IF;
+END;
+$$
+CREATE PROCEDURE p2(sqlmode TEXT, expr TEXT)
+BEGIN
+  CALL p1(sqlmode, '',                expr);
+  CALL p1(sqlmode, 'unknown_schema.', expr);
+  CALL p1(sqlmode, 'mariadb_schema.', expr);
+  CALL p1(sqlmode, 'maxdb_schema.',   expr);
+  CALL p1(sqlmode, 'oracle_schema.',  expr);
+END;
+$$
+CREATE PROCEDURE p3(expr TEXT)
+BEGIN
+  CALL p2('',       expr);
+  CALL p2('ORACLE', expr);
+END;
+$$
+DELIMITER ;$$
+
+CALL p3('CONCAT(''a'')');
+
+# MariaDB style
+CALL p3('DECODE(''1'',''2'')');
+# Oracle style
+CALL p3('DECODE(1,1,10)');
+
+CALL p3('LTRIM(''a'')');
+CALL p3('RTRIM(''a'')');
+
+CALL p3('LPAD(''a'',3)');
+CALL p3('LPAD(''a'',3, '' '')');
+
+CALL p3('RPAD(''a'',3)');
+CALL p3('RPAD(''a'',3, '' '')');
+
+CALL p3('REPLACE()');
+CALL p3('REPLACE(''a'',''b'')');
+CALL p3('REPLACE(''a'',''b'',''c'',''d'')');
+CALL p3('REPLACE(''a'',''b'',''c'')');
+
+CALL p3('SUBSTR()');
+CALL p3('SUBSTR(''a'',1,2,3)');
+CALL p3('SUBSTR(''a'',1,2)');
+CALL p3('SUBSTR(''a'' FROM 1)');
+
+CALL p3('SUBSTRING(''a'',1,2)');
+CALL p3('SUBSTRING(''a'' FROM 1)');
+
+CALL p3('TRIM()');
+CALL p3('TRIM(1,2)');
+CALL p3('TRIM(''a'')');
+CALL p3('TRIM(BOTH '' '' FROM ''a'')');
+
+CALL p3('REGEXP_REPLACE(''test'',''t'','''')');
+
+# Deprecated compatibility XXX_ORACLE functions.
+# These functions are implemented as simple native functions
+# and have no special grammar rules in sql_yacc.yy.
+# So they support the qualified syntax automatically,
+# which is not absolutely required, but is not harmful.
+
+CALL p3('CONCAT_OPERATOR_ORACLE(''a'')');
+CALL p3('DECODE_ORACLE(1,1,10)');
+CALL p3('LTRIM_ORACLE(''a'')');
+CALL p3('RTRIM_ORACLE(''a'')');
+CALL p3('LPAD_ORACLE(''a'',3)');
+CALL p3('RPAD_ORACLE(''a'',3)');
+CALL p3('REPLACE_ORACLE(''a'',''b'',''c'')');
+CALL p3('SUBSTR_ORACLE(''a'',1,2)');
+
+
+# Deprecated compatibility XXX_ORACLE variants for functions
+# with a special syntax in sql_yacc.yy.
+# These compatibility functions do not support qualified syntax.
+# One should use a qualified variant without the _ORACLE suffix instead.
+
+--error ER_PARSE_ERROR
+SELECT oracle_schema.SUBSTR_ORACLE('a' FROM 1 FOR 2);
+# Use this instead:
+SELECT oracle_schema.SUBSTR('a' FROM 1 FOR 2);
+
+--error ER_PARSE_ERROR
+SELECT oracle_schema.TRIM_ORACLE(LEADING ' ' FROM 'a');
+# Use this instead:
+SELECT oracle_schema.TRIM(LEADING ' ' FROM 'a');
+
+--error ER_FUNCTION_NOT_DEFINED
+SELECT oracle_schema.TRIM_ORACLE('a');
+# Use this instead:
+SELECT oracle_schema.TRIM('a');
+
+
+DROP PROCEDURE p1;
+DROP PROCEDURE p2;
+DROP PROCEDURE p3;
+
+
+SET sql_mode='';
+CREATE VIEW v1 AS SELECT
+  concat('a','b'),
+  decode('1','2'),
+  ltrim('1'),
+  rtrim('1'),
+  lpad('1','2', 3),
+  rpad('1','2', 3),
+  replace('1','2','3'),
+  substr('a',1,2),
+  trim(both 'a' FROM 'b');
+CREATE TABLE kv (v BLOB);
+--replace_result $MYSQLD_DATADIR MYSQLD_DATADIR
+eval LOAD DATA INFILE '$MYSQLD_DATADIR/test/v1.frm' REPLACE INTO TABLE kv;
+SELECT v FROM kv WHERE v RLIKE '^(query|view_body_utf8)=' ORDER BY v;
+SELECT VIEW_DEFINITION FROM INFORMATION_SCHEMA.VIEWS WHERE TABLE_NAME='v1' AND TABLE_SCHEMA='test';
+DROP TABLE kv;
+DROP VIEW v1;
+
+SET sql_mode='ORACLE';
+CREATE VIEW v1 AS SELECT
+  concat('a','b'),
+  decode('1',2,3),
+  ltrim('1'),
+  rtrim('1'),
+  lpad('1','2', 3),
+  rpad('1','2', 3),
+  replace('1','2','3'),
+  substr('a',1,2),
+  trim(both 'a' FROM 'b');
+CREATE TABLE kv (v BLOB);
+--replace_result $MYSQLD_DATADIR MYSQLD_DATADIR
+eval LOAD DATA INFILE '$MYSQLD_DATADIR/test/v1.frm' REPLACE INTO TABLE kv;
+SELECT v FROM kv WHERE v RLIKE '^(query|view_body_utf8)=' ORDER BY v;
+SELECT VIEW_DEFINITION FROM INFORMATION_SCHEMA.VIEWS WHERE TABLE_NAME='v1' AND TABLE_SCHEMA='test';
+DROP TABLE kv;
+DROP VIEW v1;
diff --git a/mysql-test/suite/compat/oracle/t/func_regexp_replace.test b/mysql-test/suite/compat/oracle/t/func_regexp_replace.test
new file mode 100644
index 00000000..8841d524
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/t/func_regexp_replace.test
@@ -0,0 +1,26 @@
+SET sql_mode=ORACLE;
+
+--echo #
+--echo # MDEV-29095 REGEXP_REPLACE treats empty strings different than REPLACE in ORACLE mode
+--echo #
+
+#SELECT REGEXP_REPLACE(null,'a','b') ;
+#SELECT REGEXP_REPLACE('ab',null,'b') ;
+#SELECT REGEXP_REPLACE('ab','a',null) ;
+#SELECT REGEXP_REPLACE('ab',null,null) ;
+
+CREATE TABLE t1 (replacement VARCHAR(10));
+INSERT INTO t1 VALUES (NULL), ('');
+SELECT replacement, REGEXP_REPLACE('abba','a',replacement) FROM t1 ORDER BY replacement;
+DROP TABLE t1;
+
+SELECT REGEXP_REPLACE('abba','a',null);
+EXPLAIN EXTENDED SELECT REPLACE('abba','a',null) ;
+
+CREATE VIEW v1 AS SELECT REPLACE('abba','a',null) ;
+SHOW CREATE VIEW v1;
+SELECT * FROM v1;
+SET sql_mode=DEFAULT;
+SHOW CREATE VIEW v1;
+SELECT * FROM v1;
+DROP VIEW v1;
diff --git a/mysql-test/suite/compat/oracle/t/mysqldump_restore_func_qualified.test b/mysql-test/suite/compat/oracle/t/mysqldump_restore_func_qualified.test
new file mode 100644
index 00000000..36ab3543
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/t/mysqldump_restore_func_qualified.test
@@ -0,0 +1,50 @@
+# See comments in mysql-test/main/mysqldump_restore.test
+--source include/not_embedded.inc
+
+let $mysqldumpfile = $MYSQLTEST_VARDIR/tmp/mysqldump_func_qualified.sql;
+
+--echo #
+--echo # Start of 10.4 tests
+--echo #
+
+--echo #
+--echo # MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+--echo #
+
+SET sql_mode=DEFAULT;
+CREATE TABLE t1 (
+  a0 VARCHAR(64) NOT NULL DEFAULT LTRIM(now()),
+  a1 VARCHAR(64) AS (LTRIM(a0)) PERSISTENT,
+  b0 VARCHAR(64) NOT NULL DEFAULT LPAD(now(),10),
+  b1 VARCHAR(64) AS (LPAD(b0,10)) PERSISTENT
+);
+CREATE VIEW v1 AS SELECT
+  LTRIM(now()) AS a0,
+  LPAD(now(),10) AS b0;
+SET sql_mode=ORACLE;
+CREATE TABLE t2 (
+  a0 VARCHAR(64) NOT NULL DEFAULT LTRIM(now()),
+  a1 VARCHAR(64) AS (LTRIM(a0)) PERSISTENT,
+  b0 VARCHAR(64) NOT NULL DEFAULT LPAD(now(),10),
+  b1 VARCHAR(64) AS (LPAD(b0,10)) PERSISTENT
+);
+CREATE VIEW v2 AS SELECT
+  LTRIM(now()) AS a0,
+  LPAD(now(),10) AS b0;
+--exec $MYSQL_DUMP --skip-extended-insert test --skip-comments --compact t1 t2 v1 v2
+--exec $MYSQL_DUMP --skip-extended-insert test --skip-comments t1 t2 v1 v2 > $mysqldumpfile
+DROP TABLE t1,t2;
+DROP VIEW v1,v2;
+--exec $MYSQL test < $mysqldumpfile
+SET sql_mode=DEFAULT;
+SHOW CREATE TABLE t1;
+SHOW CREATE TABLE t2;
+SHOW CREATE VIEW v1;
+SHOW CREATE VIEW v2;
+--remove_file $mysqldumpfile
+DROP TABLE t1,t2;
+DROP VIEW v1, v2;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
diff --git a/mysql-test/suite/compat/oracle/t/vcol_innodb.test b/mysql-test/suite/compat/oracle/t/vcol_innodb.test
new file mode 100644
index 00000000..bd923f9b
--- /dev/null
+++ b/mysql-test/suite/compat/oracle/t/vcol_innodb.test
@@ -0,0 +1,47 @@
+--source include/have_innodb.inc
+
+--echo #
+--echo # MDEV-27744 LPAD in vcol created in ORACLE mode makes table corrupted in non-ORACLE
+--echo #
+
+FLUSH TABLES;
+SET sql_mode='';
+CREATE TABLE t (d INT,b VARCHAR(1),c CHAR(1),g CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b),KEY g(g)) ENGINE=InnoDB;
+--error ER_WRONG_VALUE_COUNT_ON_ROW
+INSERT INTO t VALUES (0);
+SET sql_mode='ORACLE';
+INSERT INTO t SET c=REPEAT (1,0);
+--error ER_BAD_FIELD_ERROR
+ALTER TABLE t CHANGE COLUMN a b INT;
+DELETE FROM t;
+SET sql_mode='';
+FLUSH TABLES;
+INSERT INTO t SET c='0';
+DROP TABLE t;
+FLUSH TABLES;
+
+SET sql_mode='';
+CREATE TABLE t (a INT(1),d INT(1),b VARCHAR(1),c CHAR(1),vadc INT(1) GENERATED ALWAYS AS ( (a + length (d))) STORED,vbc CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,vbidxc CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b (1),a,d),KEY d (d),KEY a (a),KEY c_renamed (c (1),b (1)),KEY b (b (1),c (1),a),KEY vbidxc (vbidxc),KEY a_2 (a,vbidxc),KEY vbidxc_2 (vbidxc,d)) DEFAULT CHARSET=latin1 ENGINE=InnoDB;
+--error ER_WRONG_VALUE_COUNT_ON_ROW
+INSERT INTO t VALUES (0,0,1,0,1,0,1,0,0);
+SET SESSION sql_mode='ORACLE';
+INSERT INTO t SET c=REPEAT (1,0);
+--error ER_DUP_FIELDNAME
+ALTER TABLE t CHANGE COLUMN a b CHAR(1);
+DELETE FROM t;
+SET SESSION sql_mode=DEFAULT;
+DROP TABLE t;
+
+SET sql_mode='';
+CREATE TABLE t1 (d INT,b VARCHAR(1),c CHAR(1),g CHAR(1) GENERATED ALWAYS AS (SUBSTR(b,0,0)) VIRTUAL,PRIMARY KEY(b),KEY g(g)) ENGINE=InnoDB;
+--error ER_WRONG_VALUE_COUNT_ON_ROW
+INSERT INTO t1 VALUES (0);
+SET sql_mode='ORACLE';
+INSERT INTO t1 SET c=REPEAT (1,0);
+--error ER_BAD_FIELD_ERROR
+ALTER TABLE t1 CHANGE COLUMN a b INT;
+DELETE FROM t1;
+SET sql_mode='';
+FLUSH TABLES;
+INSERT INTO t1 SET c='0';
+DROP TABLE t1;
diff --git a/mysql-test/suite/encryption/r/corrupted_during_recovery.result b/mysql-test/suite/encryption/r/corrupted_during_recovery.result
index 2b29bf26..7329999d 100644
--- a/mysql-test/suite/encryption/r/corrupted_during_recovery.result
+++ b/mysql-test/suite/encryption/r/corrupted_during_recovery.result
@@ -9,7 +9,7 @@ INSERT INTO t2 VALUES(2);
 SELECT * FROM t1;
 ERROR 42000: Unknown storage engine 'InnoDB'
 SELECT * FROM t1;
-ERROR HY000: Table test/t1 is corrupted. Please drop the table and recreate.
+Got one of the listed errors
 SELECT * FROM t2;
 a
 2
diff --git a/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result b/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result
index 541680ae..d86ca6f9 100644
--- a/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result
+++ b/mysql-test/suite/encryption/r/innodb_encrypt_temporary_tables.result
@@ -1,6 +1,8 @@
-SELECT variable_value into @old_encrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) INTO @old_encrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
-SELECT variable_value into @old_decrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) INTO @old_decrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
 CREATE TEMPORARY TABLE t1(f1 CHAR(200), f2 CHAR(200)) ENGINE=InnoDB;
 INSERT INTO t1 (f1,f2) SELECT '', '' FROM seq_1_to_8192;
@@ -12,11 +14,13 @@ COUNT(*)
 SELECT COUNT(*) FROM t2;
 COUNT(*)
 8192
-SELECT variable_value > @old_encrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) > @old_encrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
-variable_value > @old_encrypted
+CAST(variable_value AS INT) > @old_encrypted
 1
-SELECT variable_value > @old_decrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) > @old_decrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
-variable_value > @old_decrypted
+CAST(variable_value AS INT) > @old_decrypted
 1
diff --git a/mysql-test/suite/encryption/r/innodb_encryption_discard_import.result b/mysql-test/suite/encryption/r/innodb_encryption_discard_import.result
index 7ee30423..18082027 100644
--- a/mysql-test/suite/encryption/r/innodb_encryption_discard_import.result
+++ b/mysql-test/suite/encryption/r/innodb_encryption_discard_import.result
@@ -13,11 +13,13 @@ set current_num = current_num + 1;
 end while;
 end//
 commit;
-set autocommit=0;
-call innodb_insert_proc(10000);
+begin;
+set statement unique_checks=0, foreign_key_checks=0 for
+call innodb_insert_proc(100);
 commit;
-set autocommit=1;
+DROP PROCEDURE innodb_insert_proc;
 # Wait max 10 min for key encryption threads to encrypt all spaces
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 # tablespaces should be now encrypted
 # t1 yes on expecting NOT FOUND
 NOT FOUND /foobar/ in t1.ibd
@@ -25,15 +27,16 @@ NOT FOUND /foobar/ in t1.ibd
 NOT FOUND /temp/ in t2.ibd
 # t3 ... on expecting NOT FOUND
 NOT FOUND /barfoo/ in t3.ibd
-# restart
 db.opt
+t1.cfg
 t1.frm
 t1.ibd
+t2.cfg
 t2.frm
 t2.ibd
+t3.cfg
 t3.frm
 t3.ibd
-FLUSH TABLES t1, t2, t3 FOR EXPORT;
 backup: t1
 backup: t2
 backup: t3
@@ -55,17 +58,18 @@ restore: t1 .ibd and .cfg files
 restore: t2 .ibd and .cfg files
 restore: t3 .ibd and .cfg files
 ALTER TABLE t1 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t1;
-COUNT(1)
-10000
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+100
 ALTER TABLE t2 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t2;
-COUNT(1)
-10000
+SELECT COUNT(*) FROM t2;
+COUNT(*)
+100
 ALTER TABLE t3 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t3;
-COUNT(1)
-10000
+SELECT COUNT(*) FROM t3;
+COUNT(*)
+100
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 # tablespaces should remain encrypted after import
 # t1 yes on expecting NOT FOUND
 NOT FOUND /foobar/ in t1.ibd
@@ -73,8 +77,8 @@ NOT FOUND /foobar/ in t1.ibd
 NOT FOUND /temp/ in t2.ibd
 # t3 ... on expecting NOT FOUND
 NOT FOUND /barfoo/ in t3.ibd
-# restart
-ALTER TABLE t1 ENGINE InnoDB;
+UNLOCK TABLES;
+ALTER TABLE t1 FORCE;
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
@@ -82,7 +86,7 @@ t1	CREATE TABLE `t1` (
   `a` varchar(255) DEFAULT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci `encrypted`=yes
-ALTER TABLE t2 ENGINE InnoDB;
+ALTER TABLE t2 FORCE;
 SHOW CREATE TABLE t2;
 Table	Create Table
 t2	CREATE TABLE `t2` (
@@ -90,7 +94,7 @@ t2	CREATE TABLE `t2` (
   `a` varchar(255) DEFAULT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
-ALTER TABLE t3 ENGINE InnoDB;
+ALTER TABLE t3 FORCE;
 SHOW CREATE TABLE t3;
 Table	Create Table
 t3	CREATE TABLE `t3` (
@@ -98,30 +102,17 @@ t3	CREATE TABLE `t3` (
   `a` varchar(255) DEFAULT NULL,
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci ROW_FORMAT=COMPRESSED `encrypted`=yes
-# Restarting server
-# restart
-# Done restarting server
 # Verify that tables are still usable
-SELECT COUNT(1) FROM t1;
-COUNT(1)
-10000
-SELECT COUNT(1) FROM t2;
-COUNT(1)
-10000
-SELECT COUNT(1) FROM t3;
-COUNT(1)
-10000
-# Tablespaces should be encrypted after restart
+CHECK TABLE t1, t2, t3 EXTENDED;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+test.t2	check	status	OK
+test.t3	check	status	OK
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 # t1 yes on expecting NOT FOUND
 NOT FOUND /foobar/ in t1.ibd
 # t2 ... on expecting NOT FOUND
 NOT FOUND /temp/ in t2.ibd
 # t3 ... on expecting NOT FOUND
-NOT FOUND /barfoo/ in t3.ibd
-# restart
-# Wait max 10 min for key encryption threads to encrypt all spaces
-# Success!
-# Restart mysqld --innodb_encrypt_tables=0 --innodb_encryption_threads=0
-# restart: --innodb_encrypt_tables=0 --innodb_encryption_threads=0
-DROP PROCEDURE innodb_insert_proc;
+UNLOCK TABLES;
 DROP TABLE t1, t2, t3;
diff --git a/mysql-test/suite/encryption/r/tempfiles_encrypted.result b/mysql-test/suite/encryption/r/tempfiles_encrypted.result
index d0dadb6d..6dedcd4b 100644
--- a/mysql-test/suite/encryption/r/tempfiles_encrypted.result
+++ b/mysql-test/suite/encryption/r/tempfiles_encrypted.result
@@ -4502,6 +4502,19 @@ NULL
 DROP FUNCTION f;
 DROP TABLE t;
 #
+# MDEV-31296: Crash in Item_func::fix_fields when prepared statement
+#             with subqueries and window function is executed with
+#             sql_mode = ONLY_FULL_GROUP_BY
+#
+CREATE TABLE t1 ( a INT, i INT) ;
+CREATE TABLE t2 ( a INT);
+INSERT INTO t2 VALUES (4000);
+SET SESSION sql_mode = "ONLY_FULL_GROUP_BY";
+EXECUTE IMMEDIATE "SELECT SUM(i) OVER (ORDER BY i) FROM t1 NATURAL JOIN t2";
+SUM(i) OVER (ORDER BY i)
+# Clean up
+DROP TABLE t1, t2;
+#
 # End of 10.6 tests
 #
 #
diff --git a/mysql-test/suite/encryption/t/corrupted_during_recovery.test b/mysql-test/suite/encryption/t/corrupted_during_recovery.test
index e4a31a0b..1240ee1a 100644
--- a/mysql-test/suite/encryption/t/corrupted_during_recovery.test
+++ b/mysql-test/suite/encryption/t/corrupted_during_recovery.test
@@ -60,7 +60,7 @@ call mtr.add_suppression("Table .*t1.* is corrupted. Please drop the table and r
 let $restart_parameters=--innodb_force_recovery=1 --skip-innodb-buffer-pool-load-at-startup;
 --source include/restart_mysqld.inc
 
---error ER_TABLE_CORRUPT
+--error ER_NO_SUCH_TABLE_IN_ENGINE,ER_TABLE_CORRUPT
 SELECT * FROM t1;
 SELECT * FROM t2;
 CHECK TABLE t2;
diff --git a/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test
index d99a55b9..83abb783 100644
--- a/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test
+++ b/mysql-test/suite/encryption/t/innodb_encrypt_temporary_tables.test
@@ -2,10 +2,12 @@
 --source include/have_innodb.inc
 --source include/have_file_key_management_plugin.inc
 
-SELECT variable_value into @old_encrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) INTO @old_encrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
 
-SELECT variable_value into @old_decrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) INTO @old_decrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
 
 CREATE TEMPORARY TABLE t1(f1 CHAR(200), f2 CHAR(200)) ENGINE=InnoDB;
@@ -17,8 +19,10 @@ INSERT INTO t2 (f1,f2,f3) SELECT '', '', '' FROM seq_1_to_8192;
 SELECT COUNT(*) FROM t1;
 SELECT COUNT(*) FROM t2;
 
-SELECT variable_value > @old_encrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) > @old_encrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_encrypted';
 
-SELECT variable_value > @old_decrypted FROM information_schema.global_status
+SELECT CAST(variable_value AS INT) > @old_decrypted
+FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_temp_blocks_decrypted';
diff --git a/mysql-test/suite/encryption/t/innodb_encryption_discard_import.test b/mysql-test/suite/encryption/t/innodb_encryption_discard_import.test
index 22755571..5f02d966 100644
--- a/mysql-test/suite/encryption/t/innodb_encryption_discard_import.test
+++ b/mysql-test/suite/encryption/t/innodb_encryption_discard_import.test
@@ -6,7 +6,6 @@
 let MYSQLD_DATADIR = `SELECT @@datadir`;
 
 --let SEARCH_RANGE = 10000000
---let $id = `SELECT RAND()`
 --let t1_IBD = $MYSQLD_DATADIR/test/t1.ibd
 --let t2_IBD = $MYSQLD_DATADIR/test/t2.ibd
 --let t3_IBD = $MYSQLD_DATADIR/test/t3.ibd
@@ -30,19 +29,18 @@ end//
 delimiter ;//
 commit;
 
-set autocommit=0;
-call innodb_insert_proc(10000);
+begin;
+set statement unique_checks=0, foreign_key_checks=0 for
+call innodb_insert_proc(100);
 commit;
-set autocommit=1;
+DROP PROCEDURE innodb_insert_proc;
 
 --echo # Wait max 10 min for key encryption threads to encrypt all spaces
 --let $wait_timeout= 600
 --let $wait_condition=SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND ROTATING_OR_FLUSHING <> 0
 --source include/wait_condition.inc
 
-# shutdown so that grep is safe
---source include/shutdown_mysqld.inc
-
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 --echo # tablespaces should be now encrypted
 --let SEARCH_PATTERN=foobar
 --echo # t1 yes on expecting NOT FOUND
@@ -57,11 +55,8 @@ set autocommit=1;
 -- let SEARCH_FILE=$t3_IBD
 -- source include/search_pattern_in_file.inc
 
---source include/start_mysqld.inc
 let MYSQLD_DATADIR =`SELECT @@datadir`;
-
 --list_files $MYSQLD_DATADIR/test
-FLUSH TABLES t1, t2, t3 FOR EXPORT;
 perl;
 do "$ENV{MTR_SUITE_DIR}/include/innodb-util.pl";
 ib_backup_tablespaces("test", "t1","t2","t3");
@@ -80,14 +75,13 @@ ib_restore_tablespaces("test", "t1","t2","t3");
 EOF
 
 ALTER TABLE t1 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t1;
+SELECT COUNT(*) FROM t1;
 ALTER TABLE t2 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t2;
+SELECT COUNT(*) FROM t2;
 ALTER TABLE t3 IMPORT TABLESPACE;
-SELECT COUNT(1) FROM t3;
+SELECT COUNT(*) FROM t3;
 
-# shutdown so that grep is safe
---source include/shutdown_mysqld.inc
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 
 --echo # tablespaces should remain encrypted after import
 --let SEARCH_PATTERN=foobar
@@ -103,28 +97,18 @@ SELECT COUNT(1) FROM t3;
 -- let SEARCH_FILE=$t3_IBD
 -- source include/search_pattern_in_file.inc
 
---source include/start_mysqld.inc
-
-ALTER TABLE t1 ENGINE InnoDB;
+UNLOCK TABLES;
+ALTER TABLE t1 FORCE;
 SHOW CREATE TABLE t1;
-ALTER TABLE t2 ENGINE InnoDB;
+ALTER TABLE t2 FORCE;
 SHOW CREATE TABLE t2;
-ALTER TABLE t3 ENGINE InnoDB;
+ALTER TABLE t3 FORCE;
 SHOW CREATE TABLE t3;
 
---echo # Restarting server
--- source include/restart_mysqld.inc
---echo # Done restarting server
-
 --echo # Verify that tables are still usable
-SELECT COUNT(1) FROM t1;
-SELECT COUNT(1) FROM t2;
-SELECT COUNT(1) FROM t3;
-
-# shutdown so that grep is safe
---source include/shutdown_mysqld.inc
+CHECK TABLE t1, t2, t3 EXTENDED;
+FLUSH TABLES t1, t2, t3 FOR EXPORT;
 
---echo # Tablespaces should be encrypted after restart
 --let SEARCH_PATTERN=foobar
 --echo # t1 yes on expecting NOT FOUND
 -- let SEARCH_FILE=$t1_IBD
@@ -136,19 +120,7 @@ SELECT COUNT(1) FROM t3;
 --echo # t3 ... on expecting NOT FOUND
 --let SEARCH_PATTERN=barfoo
 -- let SEARCH_FILE=$t3_IBD
--- source include/search_pattern_in_file.inc
-
---source include/start_mysqld.inc
-
---echo # Wait max 10 min for key encryption threads to encrypt all spaces
---let $wait_timeout= 600
---let $wait_condition=SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.INNODB_TABLESPACES_ENCRYPTION WHERE MIN_KEY_VERSION = 0 AND ROTATING_OR_FLUSHING <> 0
---source include/wait_condition.inc
 
---echo # Success!
---echo # Restart mysqld --innodb_encrypt_tables=0 --innodb_encryption_threads=0
--- let $restart_parameters=--innodb_encrypt_tables=0 --innodb_encryption_threads=0
--- source include/restart_mysqld.inc
+UNLOCK TABLES;
 
-DROP PROCEDURE innodb_insert_proc;
 DROP TABLE t1, t2, t3;
diff --git a/mysql-test/suite/engines/funcs/r/db_use_error.result b/mysql-test/suite/engines/funcs/r/db_use_error.result
index a7c76e69..bf5ca852 100644
--- a/mysql-test/suite/engines/funcs/r/db_use_error.result
+++ b/mysql-test/suite/engines/funcs/r/db_use_error.result
@@ -10,7 +10,7 @@ performance_schema
 sys
 test
 USE DATABASE nond6;
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'DATABASE nond6' at line 1
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'nond6' at line 1
 DROP DATABASE d6;
 SHOW DATABASES;
 Database
diff --git a/mysql-test/suite/engines/funcs/r/rpl_row_until.result b/mysql-test/suite/engines/funcs/r/rpl_row_until.result
index 8ef10bf4..b4e3704c 100644
--- a/mysql-test/suite/engines/funcs/r/rpl_row_until.result
+++ b/mysql-test/suite/engines/funcs/r/rpl_row_until.result
@@ -51,7 +51,9 @@ ERROR HY000: Incorrect parameter or combination of parameters for START SLAVE UN
 START SLAVE UNTIL RELAY_LOG_FILE='slave-relay-bin.000002', MASTER_LOG_POS=MASTER_LOG_POS;
 ERROR HY000: Incorrect parameter or combination of parameters for START SLAVE UNTIL
 START SLAVE UNTIL MASTER_LOG_FILE='master-bin.000001', MASTER_LOG_POS=MASTER_LOG_POS;
-include/stop_slave.inc
+include/wait_for_slave_io_to_start.inc
+include/wait_for_slave_sql_to_stop.inc
+include/stop_slave_io.inc
 include/reset_slave.inc
 include/start_slave.inc
 include/rpl_reset.inc
diff --git a/mysql-test/suite/engines/funcs/r/rpl_server_id1.result b/mysql-test/suite/engines/funcs/r/rpl_server_id1.result
index 33d1abb3..b4d0855a 100644
--- a/mysql-test/suite/engines/funcs/r/rpl_server_id1.result
+++ b/mysql-test/suite/engines/funcs/r/rpl_server_id1.result
@@ -15,7 +15,7 @@ insert into t1 values (1);
 include/wait_for_slave_param.inc [Last_IO_Errno]
 Last_IO_Errno = '1593'
 Last_IO_Error = 'Fatal error: The slave I/O thread stops because master and slave have equal MariaDB server ids; these ids must be different for replication to work (or the --replicate-same-server-id option must be used on slave but this does not always make sense; please check the manual before using it).'
-include/stop_slave.inc
+include/stop_slave_sql.inc
 reset slave;
 reset master;
 drop table t1;
diff --git a/mysql-test/suite/engines/funcs/r/rpl_session_var.result b/mysql-test/suite/engines/funcs/r/rpl_session_var.result
index 67863583..f9794df3 100644
--- a/mysql-test/suite/engines/funcs/r/rpl_session_var.result
+++ b/mysql-test/suite/engines/funcs/r/rpl_session_var.result
@@ -1,5 +1,16 @@
 include/master-slave.inc
 [connection master]
+select @@rpl_semi_sync_master_enabled;
+@@rpl_semi_sync_master_enabled
+0
+connection slave;
+select @@rpl_semi_sync_slave_enabled;
+@@rpl_semi_sync_slave_enabled
+0
+show status like "rpl_semi_sync_slave_status";
+Variable_name	Value
+Rpl_semi_sync_slave_status	OFF
+connection master;
 drop table if exists t1;
 Warnings:
 Note	1051	Unknown table 'test.t1'
diff --git a/mysql-test/suite/engines/funcs/r/rpl_slave_status.result b/mysql-test/suite/engines/funcs/r/rpl_slave_status.result
index 1c81cec2..ef122b9c 100644
--- a/mysql-test/suite/engines/funcs/r/rpl_slave_status.result
+++ b/mysql-test/suite/engines/funcs/r/rpl_slave_status.result
@@ -36,7 +36,6 @@ connection slave;
 include/stop_slave.inc
 START SLAVE;
 include/wait_for_slave_sql_to_start.inc
-include/wait_for_slave_io_to_stop.inc
 ==== Verify that Slave IO thread stopped with error ====
 include/wait_for_slave_io_error.inc [errno=1045]
 ==== Cleanup (Note that slave IO thread is not running) ====
diff --git a/mysql-test/suite/engines/funcs/t/rpl_server_id1.test b/mysql-test/suite/engines/funcs/t/rpl_server_id1.test
index 1412db46..8f0248eb 100644
--- a/mysql-test/suite/engines/funcs/t/rpl_server_id1.test
+++ b/mysql-test/suite/engines/funcs/t/rpl_server_id1.test
@@ -25,7 +25,7 @@ insert into t1 values (1);
 --let $status_items= Last_IO_Errno, Last_IO_Error
 --source include/show_slave_status.inc
 
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 reset slave;
 reset master;
 drop table t1;
diff --git a/mysql-test/suite/federated/update.result b/mysql-test/suite/federated/update.result
new file mode 100644
index 00000000..1905f80e
--- /dev/null
+++ b/mysql-test/suite/federated/update.result
@@ -0,0 +1,36 @@
+connect  master,127.0.0.1,root,,test,$MASTER_MYPORT,;
+connect  slave,127.0.0.1,root,,test,$SLAVE_MYPORT,;
+connection master;
+CREATE DATABASE federated;
+connection slave;
+CREATE DATABASE federated;
+#
+# MDEV-32984 Update federated table and column privileges
+#
+connection slave;
+create database db1;
+create user my@localhost identified by '1qaz2wsx';
+create table db1.t1 (
+f1 int auto_increment primary key,
+f2 varchar(50),
+f3 varchar(50),
+unique (f2)
+);
+grant insert, select (f1, f2, f3), update (f3) on db1.t1 to my@localhost;
+connection master;
+create table tt1 engine=federated connection='mysql://my:1qaz2wsx@localhost:$SLAVE_MYPORT/db1/t1';
+insert into tt1 (f2,f3) values ('test','123');
+select * from tt1;
+f1	f2	f3
+1	test	123
+update tt1 set f3='123456' where f2='test';
+drop table tt1;
+connection slave;
+drop database db1;
+drop user my@localhost;
+connection master;
+DROP TABLE IF EXISTS federated.t1;
+DROP DATABASE IF EXISTS federated;
+connection slave;
+DROP TABLE IF EXISTS federated.t1;
+DROP DATABASE IF EXISTS federated;
diff --git a/mysql-test/suite/federated/update.test b/mysql-test/suite/federated/update.test
new file mode 100644
index 00000000..5a0414f1
--- /dev/null
+++ b/mysql-test/suite/federated/update.test
@@ -0,0 +1,32 @@
+source include/federated.inc;
+source have_federatedx.inc;
+
+--echo #
+--echo # MDEV-32984 Update federated table and column privileges
+--echo #
+connection slave;
+create database db1;
+create user my@localhost identified by '1qaz2wsx';
+create table db1.t1 (
+  f1 int auto_increment primary key,
+  f2 varchar(50),
+  f3 varchar(50),
+  unique (f2)
+);
+grant insert, select (f1, f2, f3), update (f3) on db1.t1 to my@localhost;
+
+connection master;
+evalp create table tt1 engine=federated connection='mysql://my:1qaz2wsx@localhost:$SLAVE_MYPORT/db1/t1';
+insert into tt1 (f2,f3) values ('test','123');
+select * from tt1;
+update tt1 set f3='123456' where f2='test';
+
+drop table tt1;
+
+connection slave;
+drop database db1;
+drop user my@localhost;
+
+source include/federated_cleanup.inc;
+
+
diff --git a/mysql-test/suite/funcs_1/r/innodb_views.result b/mysql-test/suite/funcs_1/r/innodb_views.result
index 90d72b45..5bd48cf9 100644
--- a/mysql-test/suite/funcs_1/r/innodb_views.result
+++ b/mysql-test/suite/funcs_1/r/innodb_views.result
@@ -22145,9 +22145,9 @@ DELETE FROM t1;
 DROP VIEW v1;
 CREATE VIEW v1 AS SELECT f1, f2, f3, 'HELLO' AS my_greeting FROM t1;
 INSERT INTO v1 SET f1 = 1;
-ERROR HY000: The target table v1 of the INSERT is not insertable-into
 SELECT * from t1;
 f1	f2	f3	f4
+1	NULL	NULL	NULL
 DELETE FROM t1;
 INSERT INTO v1 SET f1 = 1, my_greeting = 'HELLO';
 ERROR HY000: The target table v1 of the INSERT is not insertable-into
diff --git a/mysql-test/suite/funcs_1/r/is_columns_is.result b/mysql-test/suite/funcs_1/r/is_columns_is.result
index 1a363643..be9d2b4c 100644
--- a/mysql-test/suite/funcs_1/r/is_columns_is.result
+++ b/mysql-test/suite/funcs_1/r/is_columns_is.result
@@ -178,9 +178,9 @@ def	information_schema	GEOMETRY_COLUMNS	MAX_PPR	12	NULL	NO	tinyint	NULL	NULL	3	0
 def	information_schema	GEOMETRY_COLUMNS	SRID	13	NULL	NO	smallint	NULL	NULL	5	0	NULL	NULL	NULL	smallint(5)			select		NEVER	NULL
 def	information_schema	GEOMETRY_COLUMNS	STORAGE_TYPE	9	NULL	NO	tinyint	NULL	NULL	3	0	NULL	NULL	NULL	tinyint(2)			select		NEVER	NULL
 def	information_schema	GLOBAL_STATUS	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)			select		NEVER	NULL
-def	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)			select		NEVER	NULL
+def	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)			select		NEVER	NULL
 def	information_schema	GLOBAL_VARIABLES	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)			select		NEVER	NULL
-def	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)			select		NEVER	NULL
+def	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)			select		NEVER	NULL
 def	information_schema	INDEX_STATISTICS	INDEX_NAME	3	NULL	NO	varchar	192	576	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(192)			select		NEVER	NULL
 def	information_schema	INDEX_STATISTICS	ROWS_READ	4	NULL	NO	bigint	NULL	NULL	19	0	NULL	NULL	NULL	bigint(21)			select		NEVER	NULL
 def	information_schema	INDEX_STATISTICS	TABLE_NAME	2	NULL	NO	varchar	192	576	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(192)			select		NEVER	NULL
@@ -340,9 +340,9 @@ def	information_schema	SCHEMA_PRIVILEGES	PRIVILEGE_TYPE	4	NULL	NO	varchar	64	192
 def	information_schema	SCHEMA_PRIVILEGES	TABLE_CATALOG	2	NULL	NO	varchar	512	1536	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(512)			select		NEVER	NULL
 def	information_schema	SCHEMA_PRIVILEGES	TABLE_SCHEMA	3	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)			select		NEVER	NULL
 def	information_schema	SESSION_STATUS	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)			select		NEVER	NULL
-def	information_schema	SESSION_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)			select		NEVER	NULL
+def	information_schema	SESSION_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)			select		NEVER	NULL
 def	information_schema	SESSION_VARIABLES	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)			select		NEVER	NULL
-def	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)			select		NEVER	NULL
+def	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)			select		NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	AUTH_NAME	2	NULL	NO	varchar	512	1536	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(512)			select		NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	AUTH_SRID	3	NULL	NO	int	NULL	NULL	10	0	NULL	NULL	NULL	int(5)			select		NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	SRID	1	NULL	NO	smallint	NULL	NULL	5	0	NULL	NULL	NULL	smallint(5)			select		NEVER	NULL
@@ -729,9 +729,9 @@ NULL	information_schema	GEOMETRY_COLUMNS	COORD_DIMENSION	tinyint	NULL	NULL	NULL
 NULL	information_schema	GEOMETRY_COLUMNS	MAX_PPR	tinyint	NULL	NULL	NULL	NULL	tinyint(2)
 NULL	information_schema	GEOMETRY_COLUMNS	SRID	smallint	NULL	NULL	NULL	NULL	smallint(5)
 3.0000	information_schema	GLOBAL_STATUS	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	INDEX_STATISTICS	TABLE_SCHEMA	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
 3.0000	information_schema	INDEX_STATISTICS	TABLE_NAME	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
 3.0000	information_schema	INDEX_STATISTICS	INDEX_NAME	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
@@ -891,9 +891,9 @@ NULL	information_schema	ROUTINES	LAST_ALTERED	datetime	NULL	NULL	NULL	NULL	datet
 3.0000	information_schema	SCHEMA_PRIVILEGES	PRIVILEGE_TYPE	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
 3.0000	information_schema	SCHEMA_PRIVILEGES	IS_GRANTABLE	varchar	3	9	utf8mb3	utf8mb3_general_ci	varchar(3)
 3.0000	information_schema	SESSION_STATUS	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	SESSION_STATUS	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	SESSION_STATUS	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	SESSION_VARIABLES	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 NULL	information_schema	SPATIAL_REF_SYS	SRID	smallint	NULL	NULL	NULL	NULL	smallint(5)
 3.0000	information_schema	SPATIAL_REF_SYS	AUTH_NAME	varchar	512	1536	utf8mb3	utf8mb3_general_ci	varchar(512)
 NULL	information_schema	SPATIAL_REF_SYS	AUTH_SRID	int	NULL	NULL	NULL	NULL	int(5)
diff --git a/mysql-test/suite/funcs_1/r/is_columns_is_embedded.result b/mysql-test/suite/funcs_1/r/is_columns_is_embedded.result
index 676d0ed5..79c43e18 100644
--- a/mysql-test/suite/funcs_1/r/is_columns_is_embedded.result
+++ b/mysql-test/suite/funcs_1/r/is_columns_is_embedded.result
@@ -178,9 +178,9 @@ def	information_schema	GEOMETRY_COLUMNS	MAX_PPR	12	NULL	NO	tinyint	NULL	NULL	3	0
 def	information_schema	GEOMETRY_COLUMNS	SRID	13	NULL	NO	smallint	NULL	NULL	5	0	NULL	NULL	NULL	smallint(5)					NEVER	NULL
 def	information_schema	GEOMETRY_COLUMNS	STORAGE_TYPE	9	NULL	NO	tinyint	NULL	NULL	3	0	NULL	NULL	NULL	tinyint(2)					NEVER	NULL
 def	information_schema	GLOBAL_STATUS	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)					NEVER	NULL
-def	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)					NEVER	NULL
+def	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)					NEVER	NULL
 def	information_schema	GLOBAL_VARIABLES	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)					NEVER	NULL
-def	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)					NEVER	NULL
+def	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)					NEVER	NULL
 def	information_schema	INDEX_STATISTICS	INDEX_NAME	3	NULL	NO	varchar	192	576	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(192)					NEVER	NULL
 def	information_schema	INDEX_STATISTICS	ROWS_READ	4	NULL	NO	bigint	NULL	NULL	19	0	NULL	NULL	NULL	bigint(21)					NEVER	NULL
 def	information_schema	INDEX_STATISTICS	TABLE_NAME	2	NULL	NO	varchar	192	576	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(192)					NEVER	NULL
@@ -340,9 +340,9 @@ def	information_schema	SCHEMA_PRIVILEGES	PRIVILEGE_TYPE	4	NULL	NO	varchar	64	192
 def	information_schema	SCHEMA_PRIVILEGES	TABLE_CATALOG	2	NULL	NO	varchar	512	1536	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(512)					NEVER	NULL
 def	information_schema	SCHEMA_PRIVILEGES	TABLE_SCHEMA	3	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)					NEVER	NULL
 def	information_schema	SESSION_STATUS	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)					NEVER	NULL
-def	information_schema	SESSION_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)					NEVER	NULL
+def	information_schema	SESSION_STATUS	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)					NEVER	NULL
 def	information_schema	SESSION_VARIABLES	VARIABLE_NAME	1	NULL	NO	varchar	64	192	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(64)					NEVER	NULL
-def	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	2048	6144	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(2048)					NEVER	NULL
+def	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	2	NULL	NO	varchar	4096	12288	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(4096)					NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	AUTH_NAME	2	NULL	NO	varchar	512	1536	NULL	NULL	NULL	utf8mb3	utf8mb3_general_ci	varchar(512)					NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	AUTH_SRID	3	NULL	NO	int	NULL	NULL	10	0	NULL	NULL	NULL	int(5)					NEVER	NULL
 def	information_schema	SPATIAL_REF_SYS	SRID	1	NULL	NO	smallint	NULL	NULL	5	0	NULL	NULL	NULL	smallint(5)					NEVER	NULL
@@ -729,9 +729,9 @@ NULL	information_schema	GEOMETRY_COLUMNS	COORD_DIMENSION	tinyint	NULL	NULL	NULL
 NULL	information_schema	GEOMETRY_COLUMNS	MAX_PPR	tinyint	NULL	NULL	NULL	NULL	tinyint(2)
 NULL	information_schema	GEOMETRY_COLUMNS	SRID	smallint	NULL	NULL	NULL	NULL	smallint(5)
 3.0000	information_schema	GLOBAL_STATUS	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	GLOBAL_STATUS	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	GLOBAL_VARIABLES	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	INDEX_STATISTICS	TABLE_SCHEMA	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
 3.0000	information_schema	INDEX_STATISTICS	TABLE_NAME	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
 3.0000	information_schema	INDEX_STATISTICS	INDEX_NAME	varchar	192	576	utf8mb3	utf8mb3_general_ci	varchar(192)
@@ -891,9 +891,9 @@ NULL	information_schema	ROUTINES	LAST_ALTERED	datetime	NULL	NULL	NULL	NULL	datet
 3.0000	information_schema	SCHEMA_PRIVILEGES	PRIVILEGE_TYPE	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
 3.0000	information_schema	SCHEMA_PRIVILEGES	IS_GRANTABLE	varchar	3	9	utf8mb3	utf8mb3_general_ci	varchar(3)
 3.0000	information_schema	SESSION_STATUS	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	SESSION_STATUS	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	SESSION_STATUS	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 3.0000	information_schema	SESSION_VARIABLES	VARIABLE_NAME	varchar	64	192	utf8mb3	utf8mb3_general_ci	varchar(64)
-3.0000	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	varchar	2048	6144	utf8mb3	utf8mb3_general_ci	varchar(2048)
+3.0000	information_schema	SESSION_VARIABLES	VARIABLE_VALUE	varchar	4096	12288	utf8mb3	utf8mb3_general_ci	varchar(4096)
 NULL	information_schema	SPATIAL_REF_SYS	SRID	smallint	NULL	NULL	NULL	NULL	smallint(5)
 3.0000	information_schema	SPATIAL_REF_SYS	AUTH_NAME	varchar	512	1536	utf8mb3	utf8mb3_general_ci	varchar(512)
 NULL	information_schema	SPATIAL_REF_SYS	AUTH_SRID	int	NULL	NULL	NULL	NULL	int(5)
diff --git a/mysql-test/suite/funcs_1/r/memory_views.result b/mysql-test/suite/funcs_1/r/memory_views.result
index 417c0e85..8ce1e1c7 100644
--- a/mysql-test/suite/funcs_1/r/memory_views.result
+++ b/mysql-test/suite/funcs_1/r/memory_views.result
@@ -22147,9 +22147,9 @@ DELETE FROM t1;
 DROP VIEW v1;
 CREATE VIEW v1 AS SELECT f1, f2, f3, 'HELLO' AS my_greeting FROM t1;
 INSERT INTO v1 SET f1 = 1;
-ERROR HY000: The target table v1 of the INSERT is not insertable-into
 SELECT * from t1;
 f1	f2	f3	f4
+1	NULL	NULL	NULL
 DELETE FROM t1;
 INSERT INTO v1 SET f1 = 1, my_greeting = 'HELLO';
 ERROR HY000: The target table v1 of the INSERT is not insertable-into
diff --git a/mysql-test/suite/funcs_1/r/myisam_views-big.result b/mysql-test/suite/funcs_1/r/myisam_views-big.result
index efd5ee1c..984ae74f 100644
--- a/mysql-test/suite/funcs_1/r/myisam_views-big.result
+++ b/mysql-test/suite/funcs_1/r/myisam_views-big.result
@@ -23849,9 +23849,9 @@ DELETE FROM t1;
 DROP VIEW v1;
 CREATE VIEW v1 AS SELECT f1, f2, f3, 'HELLO' AS my_greeting FROM t1;
 INSERT INTO v1 SET f1 = 1;
-ERROR HY000: The target table v1 of the INSERT is not insertable-into
 SELECT * from t1;
 f1	f2	f3	f4
+1	NULL	NULL	NULL
 DELETE FROM t1;
 INSERT INTO v1 SET f1 = 1, my_greeting = 'HELLO';
 ERROR HY000: The target table v1 of the INSERT is not insertable-into
diff --git a/mysql-test/suite/funcs_1/r/storedproc.result b/mysql-test/suite/funcs_1/r/storedproc.result
index 6b103847..39be8c82 100644
--- a/mysql-test/suite/funcs_1/r/storedproc.result
+++ b/mysql-test/suite/funcs_1/r/storedproc.result
@@ -2088,9 +2088,11 @@ SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'cursor()
 SELECT * from t1 where f2=f1' at line 1
 CREATE PROCEDURE database()
-SELECT * from t1 where f2=f1;
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database()
-SELECT * from t1 where f2=f1' at line 1
+SELECT 1;
+CALL database();
+1
+1
+DROP PROCEDURE database;
 CREATE PROCEDURE databases()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'databases()
@@ -2350,6 +2352,12 @@ CREATE PROCEDURE join()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'join()
 SELECT * from t1 where f2=f1' at line 1
+CREATE PROCEDURE json_table()
+SELECT 1;
+CALL json_table();
+1
+1
+DROP PROCEDURE json_table;
 CREATE PROCEDURE key()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'key()
@@ -2470,6 +2478,12 @@ CREATE PROCEDURE natural()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'natural()
 SELECT * from t1 where f2=f1' at line 1
+CREATE PROCEDURE nested()
+SELECT 1;
+CALL nested();
+1
+1
+DROP PROCEDURE nested;
 CREATE PROCEDURE not()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'not()
@@ -2509,6 +2523,12 @@ CREATE PROCEDURE order()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'order()
 SELECT * from t1 where f2=f1' at line 1
+CREATE PROCEDURE ordinality()
+SELECT 1;
+CALL ordinality;
+1
+1
+DROP PROCEDURE ordinality;
 CREATE PROCEDURE out()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'out()
@@ -2521,6 +2541,12 @@ CREATE PROCEDURE outfile()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'outfile()
 SELECT * from t1 where f2=f1' at line 1
+CREATE PROCEDURE path()
+SELECT 1;
+CALL path();
+1
+1
+DROP PROCEDURE path;
 CREATE PROCEDURE precision()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'precision()
@@ -2602,9 +2628,11 @@ SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'rlike()
 SELECT * from t1 where f2=f1' at line 1
 CREATE PROCEDURE schema()
-SELECT * from t1 where f2=f1;
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schema()
-SELECT * from t1 where f2=f1' at line 1
+SELECT 1;
+CALL schema();
+1
+1
+DROP PROCEDURE schema;
 CREATE PROCEDURE schemas()
 SELECT * from t1 where f2=f1;
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schemas()
@@ -4204,9 +4232,6 @@ CREATE PROCEDURE sp1()
 database:BEGIN
 SELECT @x;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database:BEGIN
-SELECT @x;
-END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 databases:BEGIN
@@ -4737,6 +4762,11 @@ SELECT @x;
 END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
+json_table:BEGIN
+SELECT @x;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
 key:BEGIN
 SELECT @x;
 END//
@@ -4977,6 +5007,11 @@ SELECT @x;
 END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
+nested:BEGIN
+SELECT @x;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
 not:BEGIN
 SELECT @x;
 END//
@@ -5057,6 +5092,11 @@ SELECT @x;
 END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
+ordinality:BEGIN
+SELECT @x;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
 out:BEGIN
 SELECT @x;
 END//
@@ -5081,6 +5121,11 @@ SELECT @x;
 END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
+path:BEGIN
+SELECT @x;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
 precision:BEGIN
 SELECT @x;
 END//
@@ -5253,9 +5298,6 @@ CREATE PROCEDURE sp1()
 schema:BEGIN
 SELECT @x;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schema:BEGIN
-SELECT @x;
-END' at line 2
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 schemas:BEGIN
@@ -7811,8 +7853,6 @@ CREATE PROCEDURE sp1()
 BEGIN
 declare database char;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database char;
-END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 BEGIN
@@ -8278,6 +8318,11 @@ END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 BEGIN
+declare json_table char;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
+BEGIN
 declare key char;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'key char;
@@ -8488,6 +8533,11 @@ END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 BEGIN
+declare nested char;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
+BEGIN
 declare not char;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'not char;
@@ -8556,6 +8606,11 @@ END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 BEGIN
+declare ordinality char;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
+BEGIN
 declare out char;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'out char;
@@ -8577,6 +8632,11 @@ END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
 CREATE PROCEDURE sp1()
 BEGIN
+declare path char;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1()
+BEGIN
 declare precision char;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'precision char;
@@ -8745,11 +8805,7 @@ CREATE PROCEDURE sp1()
 BEGIN
 declare schema char;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schema char;
-END' at line 3
 DROP PROCEDURE IF EXISTS sp1;
-Warnings:
-Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1()
 BEGIN
 declare schemas char;
@@ -9704,11 +9760,7 @@ BEGIN
 declare database condition for sqlstate '02000';
 declare exit handler for database set @var2 = 1;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database condition for sqlstate '02000';
-declare exit handler for database se...' at line 3
 DROP PROCEDURE IF EXISTS sp1;
-Warnings:
-Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
 declare databases condition for sqlstate '02000';
@@ -10372,6 +10424,12 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare json_table condition for sqlstate '02000';
+declare exit handler for json_table set @var2 = 1;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1( )
+BEGIN
 declare key condition for sqlstate '02000';
 declare exit handler for key set @var2 = 1;
 END//
@@ -10672,6 +10730,12 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare nested condition for sqlstate '02000';
+declare exit handler for nested set @var2 = 1;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1( )
+BEGIN
 declare not condition for sqlstate '02000';
 declare exit handler for not set @var2 = 1;
 END//
@@ -10768,6 +10832,12 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare ordinality condition for sqlstate '02000';
+declare exit handler for ordinality set @var2 = 1;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1( )
+BEGIN
 declare out condition for sqlstate '02000';
 declare exit handler for out set @var2 = 1;
 END//
@@ -10798,6 +10868,12 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare path condition for sqlstate '02000';
+declare exit handler for path set @var2 = 1;
+END//
+DROP PROCEDURE sp1;
+CREATE PROCEDURE sp1( )
+BEGIN
 declare precision condition for sqlstate '02000';
 declare exit handler for precision set @var2 = 1;
 END//
@@ -11021,11 +11097,7 @@ BEGIN
 declare schema condition for sqlstate '02000';
 declare exit handler for schema set @var2 = 1;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schema condition for sqlstate '02000';
-declare exit handler for schema set @v...' at line 3
 DROP PROCEDURE IF EXISTS sp1;
-Warnings:
-Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
 declare schemas condition for sqlstate '02000';
@@ -11974,8 +12046,7 @@ CREATE PROCEDURE sp1( )
 BEGIN
 declare database handler for sqlstate '02000' set @var2 = 1;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database handler for sqlstate '02000' set @var2 = 1;
-END' at line 3
+ERROR HY000: Unknown data type: 'handler'
 DROP PROCEDURE IF EXISTS sp1;
 Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
@@ -12571,6 +12642,11 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare json_table handler for sqlstate '02000' set @var2 = 1;
+END//
+ERROR HY000: Unknown data type: 'handler'
+CREATE PROCEDURE sp1( )
+BEGIN
 declare key handler for sqlstate '02000' set @var2 = 1;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'key handler for sqlstate '02000' set @var2 = 1;
@@ -12841,6 +12917,11 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare nested handler for sqlstate '02000' set @var2 = 1;
+END//
+ERROR HY000: Unknown data type: 'handler'
+CREATE PROCEDURE sp1( )
+BEGIN
 declare not handler for sqlstate '02000' set @var2 = 1;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'not handler for sqlstate '02000' set @var2 = 1;
@@ -12930,6 +13011,11 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare ordinality handler for sqlstate '02000' set @var2 = 1;
+END//
+ERROR HY000: Unknown data type: 'handler'
+CREATE PROCEDURE sp1( )
+BEGIN
 declare out handler for sqlstate '02000' set @var2 = 1;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'out handler for sqlstate '02000' set @var2 = 1;
@@ -12957,6 +13043,11 @@ Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
 CREATE PROCEDURE sp1( )
 BEGIN
+declare path handler for sqlstate '02000' set @var2 = 1;
+END//
+ERROR HY000: Unknown data type: 'handler'
+CREATE PROCEDURE sp1( )
+BEGIN
 declare precision handler for sqlstate '02000' set @var2 = 1;
 END//
 ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'precision handler for sqlstate '02000' set @var2 = 1;
@@ -13164,8 +13255,7 @@ CREATE PROCEDURE sp1( )
 BEGIN
 declare schema handler for sqlstate '02000' set @var2 = 1;
 END//
-ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'schema handler for sqlstate '02000' set @var2 = 1;
-END' at line 3
+ERROR HY000: Unknown data type: 'handler'
 DROP PROCEDURE IF EXISTS sp1;
 Warnings:
 Note	1305	PROCEDURE db_storedproc.sp1 does not exist
diff --git a/mysql-test/suite/funcs_1/t/storedproc.test b/mysql-test/suite/funcs_1/t/storedproc.test
index 8712919e..e9c00742 100644
--- a/mysql-test/suite/funcs_1/t/storedproc.test
+++ b/mysql-test/suite/funcs_1/t/storedproc.test
@@ -1102,9 +1102,11 @@ CREATE PROCEDURE current_user()
 CREATE PROCEDURE cursor()
   SELECT * from t1 where f2=f1;
 
---error ER_PARSE_ERROR
 CREATE PROCEDURE database()
-   SELECT * from t1 where f2=f1;
+   SELECT 1;
+
+CALL database();
+DROP PROCEDURE database;
 
 --error ER_PARSE_ERROR
 CREATE PROCEDURE databases()
@@ -1367,6 +1369,12 @@ CREATE PROCEDURE iterate()
 CREATE PROCEDURE join()
    SELECT * from t1 where f2=f1;
 
+CREATE PROCEDURE json_table()
+   SELECT 1;
+
+CALL json_table();
+DROP PROCEDURE json_table;
+
 --error ER_PARSE_ERROR
 CREATE PROCEDURE key()
    SELECT * from t1 where f2=f1;
@@ -1487,6 +1495,13 @@ CREATE PROCEDURE modifies()
 CREATE PROCEDURE natural()
    SELECT * from t1 where f2=f1;
 
+CREATE PROCEDURE nested()
+   SELECT 1;
+
+CALL nested();
+
+DROP PROCEDURE nested;
+
 --error ER_PARSE_ERROR
 CREATE PROCEDURE not()
    SELECT * from t1 where f2=f1;
@@ -1527,6 +1542,13 @@ CREATE PROCEDURE or()
 CREATE PROCEDURE order()
    SELECT * from t1 where f2=f1;
 
+CREATE PROCEDURE ordinality()
+   SELECT 1;
+
+CALL ordinality;
+
+DROP PROCEDURE ordinality;
+
 --error ER_PARSE_ERROR
 CREATE PROCEDURE out()
    SELECT * from t1 where f2=f1;
@@ -1539,6 +1561,13 @@ CREATE PROCEDURE outer()
 CREATE PROCEDURE outfile()
    SELECT * from t1 where f2=f1;
 
+CREATE PROCEDURE path()
+   SELECT 1;
+
+CALL path();
+
+DROP PROCEDURE path;
+
 --error ER_PARSE_ERROR
 CREATE PROCEDURE precision()
    SELECT * from t1 where f2=f1;
@@ -1619,9 +1648,11 @@ CREATE PROCEDURE right()
 CREATE PROCEDURE rlike()
    SELECT * from t1 where f2=f1;
 
---error ER_PARSE_ERROR
 CREATE PROCEDURE schema()
-   SELECT * from t1 where f2=f1;
+   SELECT 1;
+
+CALL schema();
+DROP PROCEDURE schema;
 
 --error ER_PARSE_ERROR
 CREATE PROCEDURE schemas()
@@ -3481,7 +3512,7 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1()
   database:BEGIN
     SELECT @x;
@@ -4285,6 +4316,15 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+CREATE PROCEDURE sp1()
+  json_table:BEGIN
+    SELECT @x;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
   key:BEGIN
@@ -4645,6 +4685,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+  nested:BEGIN
+    SELECT @x;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
   not:BEGIN
@@ -4766,6 +4816,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+  ordinality:BEGIN
+    SELECT @x;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
   out:BEGIN
@@ -4802,6 +4862,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+  path:BEGIN
+    SELECT @x;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
   precision:BEGIN
@@ -5066,7 +5136,7 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1()
   schema:BEGIN
     SELECT @x;
@@ -8938,7 +9008,7 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1()
 BEGIN
     declare database char;
@@ -9736,12 +9806,21 @@ BEGIN
     declare join char;
 END//
 delimiter ;//
-
 --disable_warnings
 DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+BEGIN
+    declare json_table char;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
 BEGIN
@@ -10102,6 +10181,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+BEGIN
+    declare nested char;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
 BEGIN
@@ -10221,6 +10310,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+BEGIN
+    declare ordinality char;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
 BEGIN
@@ -10257,6 +10356,16 @@ DROP PROCEDURE IF EXISTS sp1;
 --enable_warnings
 
 delimiter //;
+
+CREATE PROCEDURE sp1()
+BEGIN
+    declare path char;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1()
 BEGIN
@@ -10506,7 +10615,7 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1()
 BEGIN
     declare schema char;
@@ -11624,7 +11733,7 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1( )
 BEGIN
     declare database condition for sqlstate '02000';
@@ -12361,6 +12470,17 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare json_table condition for sqlstate '02000';
+    declare exit handler for json_table set @var2 = 1;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -12691,6 +12811,17 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare nested condition for sqlstate '02000';
+    declare exit handler for nested set @var2 = 1;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -12800,6 +12931,17 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare ordinality condition for sqlstate '02000';
+    declare exit handler for ordinality set @var2 = 1;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -12833,6 +12975,17 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare path condition for sqlstate '02000';
+    declare exit handler for path set @var2 = 1;
+END//
+delimiter ;//
+
+DROP PROCEDURE sp1;
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -13075,7 +13228,7 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1( )
 BEGIN
     declare schema condition for sqlstate '02000';
@@ -14181,7 +14334,7 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
---error ER_PARSE_ERROR
+
 CREATE PROCEDURE sp1( )
 BEGIN
     declare database handler for sqlstate '02000' set @var2 = 1;
@@ -14851,6 +15004,14 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+--error ER_UNKNOWN_DATA_TYPE
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare json_table handler for sqlstate '02000' set @var2 = 1;
+END//
+delimiter ;//
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -15151,6 +15312,14 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+--error ER_UNKNOWN_DATA_TYPE
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare nested handler for sqlstate '02000' set @var2 = 1;
+END//
+delimiter ;//
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -15251,6 +15420,14 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+--error ER_UNKNOWN_DATA_TYPE
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare ordinality handler for sqlstate '02000' set @var2 = 1;
+END//
+delimiter ;//
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -15281,6 +15458,14 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
+--error ER_UNKNOWN_DATA_TYPE
+CREATE PROCEDURE sp1( )
+BEGIN
+    declare path handler for sqlstate '02000' set @var2 = 1;
+END//
+delimiter ;//
+
+delimiter //;
 --error ER_PARSE_ERROR
 CREATE PROCEDURE sp1( )
 BEGIN
@@ -15511,7 +15696,7 @@ delimiter ;//
 DROP PROCEDURE IF EXISTS sp1;
 
 delimiter //;
---error ER_PARSE_ERROR
+--error ER_UNKNOWN_DATA_TYPE
 CREATE PROCEDURE sp1( )
 BEGIN
     declare schema handler for sqlstate '02000' set @var2 = 1;
diff --git a/mysql-test/suite/funcs_1/views/views_master.inc b/mysql-test/suite/funcs_1/views/views_master.inc
index 526e9e34..0e175db4 100644
--- a/mysql-test/suite/funcs_1/views/views_master.inc
+++ b/mysql-test/suite/funcs_1/views/views_master.inc
@@ -3085,8 +3085,10 @@ eval SHOW CREATE VIEW test1.v$level;
 # the following line as written as '--eror ER_TOO_MANY_TABLES' and the command
 # is successful so assuming no expected error was intended
 # --error ER_TOO_MANY_TABLES
+--disable_ps2_protocol
 eval SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
             CAST(f2 AS CHAR) AS f2 FROM test1.v$level;
+--enable_ps2_protocol
 let $message= The output of following EXPLAIN is deactivated, because the result
               differs on some platforms
               FIXME Is this a bug ? ;
@@ -3116,16 +3118,20 @@ SELECT f1 as f2, f2 as f1 FROM test2.t1;
 CREATE OR REPLACE VIEW test2.v0 AS
 SELECT CAST('0001-01-01' AS DATE) as f1, f2 FROM test3.t1;
 eval SHOW CREATE VIEW test1.v$toplevel;
+--disable_ps2_protocol
 eval SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
             CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
+--enable_ps2_protocol
 eval EXPLAIN SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
                    CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
 # 2.3.3 UCS2 string instead of common string
 CREATE OR REPLACE VIEW test3.v0 AS
 SELECT f1 , CONVERT('ßÄäÖöÜü§' USING UCS2) as f2 FROM test1.t1;
 eval SHOW CREATE VIEW test1.v$toplevel;
+--disable_ps2_protocol
 eval SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
             CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
+--enable_ps2_protocol
 eval EXPLAIN SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
                    CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
 
@@ -3133,8 +3139,10 @@ eval EXPLAIN SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
 CREATE OR REPLACE VIEW test3.v0 AS
 SELECT CONVERT('ßÄäÖöÜü§' USING UCS2) as f1, f2 FROM test1.t1;
 eval SHOW CREATE VIEW test1.v$toplevel;
+--disable_ps2_protocol
 eval SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
             CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
+--enable_ps2_protocol
 eval EXPLAIN SELECT CAST(f1 AS SIGNED INTEGER) AS f1,
                    CAST(f2 AS CHAR) AS f2 FROM test1.v$toplevel;
 --enable_result_log
@@ -3479,7 +3487,6 @@ CREATE VIEW v1 AS SELECT f1, f2, f3, 'HELLO' AS my_greeting FROM t1;
 
 # Maybe the SQL standard allows the following INSERT.
 # But it would be a very sophisticated DBMS.
---error ER_NON_INSERTABLE_TABLE
 INSERT INTO v1 SET f1 = 1;
 SELECT * from t1;
 DELETE FROM t1;
diff --git a/mysql-test/suite/galera/disabled.def b/mysql-test/suite/galera/disabled.def
index 773cde8e..d6b30bba 100644
--- a/mysql-test/suite/galera/disabled.def
+++ b/mysql-test/suite/galera/disabled.def
@@ -12,12 +12,19 @@
 
 galera_as_slave_ctas : MDEV-28378 timeout
 galera_pc_recovery : MDEV-25199 cluster fails to start up
-galera_sst_encrypted : MDEV-29876 Galera test failure on galera_sst_encrypted
-galera_var_node_address : MDEV-20485 Galera test failure
 galera_bf_kill_debug : timeout after 900 seconds
 galera_ssl_upgrade : [Warning] Failed to load slave replication state from table mysql.gtid_slave_pos: 130: Incorrect file format 'gtid_slave_pos'
 galera_parallel_simple : timeout related to wsrep_sync_wait
 galera_insert_bulk : MDEV-30536 no expected deadlock in galera_insert_bulk test
-versioning_trx_id : MDEV-18590: galera.versioning_trx_id: Test failure: mysqltest: Result content mismatch
-galera_sequences : MDEV-32024
+galera_sequences : MDEV-32561 WSREP FSM failure: no such a transition REPLICATING -> COMMITTED
+galera_shutdown_nonprim : MDEV-32635 galera_shutdown_nonprim: mysql_shutdown failed
+versioning_trx_id : MDEV-18590 : galera.versioning_trx_id: Test failure: mysqltest: Result content mismatch
+galera_concurrent_ctas : MDEV-32779 galera_concurrent_ctas: assertion in the galera::ReplicatorSMM::finish_cert()
+galera_as_slave_replay : MDEV-32780 galera_as_slave_replay: assertion in the wsrep::transaction::before_rollback()
+galera_slave_replay : MDEV-32780 galera_as_slave_replay: assertion in the wsrep::transaction::before_rollback()
+galera_sst_mysqldump_with_key : MDEV-32782 galera_sst_mysqldump_with_key test failed
 mdev-31285 : MDEV-25089 Assertion `error.len > 0' failed in galera::ReplicatorSMM::handle_apply_error()
+galera_var_ignore_apply_errors : MENT-1997 galera_var_ignore_apply_errors test freezes
+MW-402 : temporarily disabled at the request of Codership
+MDEV-22232 : temporarily disabled at the request of Codership
+galera_desync_overlapped : MDEV-21538 galera_desync_overlapped MTR failed: Result content mismatch
diff --git a/mysql-test/suite/galera/r/MDEV-22232.result b/mysql-test/suite/galera/r/MDEV-22232.result
new file mode 100644
index 00000000..a6a61945
--- /dev/null
+++ b/mysql-test/suite/galera/r/MDEV-22232.result
@@ -0,0 +1,27 @@
+connection node_2;
+connection node_1;
+connect con1,127.0.0.1,root,,test,$NODE_MYPORT_1;
+--- CTAS with empty result set ---
+CREATE TABLE t1 (a INT) ENGINE=InnoDB;
+SET DEBUG_SYNC = 'create_table_select_before_create SIGNAL may_alter WAIT_FOR bf_abort';
+CREATE TABLE t2 SELECT * FROM t1;
+connection node_1;
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+ALTER TABLE t1 DROP FOREIGN KEY b, ALGORITHM=COPY;
+connection con1;
+ERROR 70100: Query execution was interrupted
+SET DEBUG_SYNC = 'RESET';
+--- CTAS with non-empty result set ---
+INSERT INTO t1 VALUES (10), (20), (30);
+SET DEBUG_SYNC = 'create_table_select_before_create SIGNAL may_alter WAIT_FOR bf_abort';
+CREATE TABLE t2 SELECT * FROM t1;
+connection node_1;
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+ALTER TABLE t1 DROP FOREIGN KEY b, ALGORITHM=COPY;
+connection con1;
+ERROR 70100: Query execution was interrupted
+SET DEBUG_SYNC = 'RESET';
+DROP TABLE t1;
+disconnect con1;
+disconnect node_2;
+disconnect node_1;
diff --git a/mysql-test/suite/galera/r/MDEV-27806.result b/mysql-test/suite/galera/r/MDEV-27806.result
new file mode 100644
index 00000000..0f7ac79e
--- /dev/null
+++ b/mysql-test/suite/galera/r/MDEV-27806.result
@@ -0,0 +1,52 @@
+connection node_2;
+connection node_1;
+connection node_1;
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY);
+INSERT INTO t1 VALUES (1),(2),(3);
+CREATE TABLE ts1 AS SELECT * FROM t1;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+mysqld-bin.000002	#	Gtid	#	#	BEGIN GTID #-#-#
+mysqld-bin.000002	#	Query	#	#	use `test`; CREATE TABLE `ts1` (
+  `f1` int(11) NOT NULL
+)
+mysqld-bin.000002	#	Annotate_rows	#	#	CREATE TABLE ts1 AS SELECT * FROM t1
+mysqld-bin.000002	#	Table_map	#	#	table_id: # (test.ts1)
+mysqld-bin.000002	#	Write_rows_v1	#	#	table_id: # flags: STMT_END_F
+mysqld-bin.000002	#	Xid	#	#	COMMIT /* XID */
+connection node_2;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+mysqld-bin.000003	#	Gtid	#	#	BEGIN GTID #-#-#
+mysqld-bin.000003	#	Query	#	#	use `test`; CREATE TABLE `ts1` (
+  `f1` int(11) NOT NULL
+)
+mysqld-bin.000003	#	Annotate_rows	#	#	CREATE TABLE ts1 AS SELECT * FROM t1
+mysqld-bin.000003	#	Table_map	#	#	table_id: # (test.ts1)
+mysqld-bin.000003	#	Write_rows_v1	#	#	table_id: # flags: STMT_END_F
+mysqld-bin.000003	#	Xid	#	#	COMMIT /* XID */
+BINLOG_POSITIONS_MATCH
+1
+DROP TABLE t1,ts1;
+connection node_1;
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY);
+CREATE TABLE ts1 AS SELECT * FROM t1;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+mysqld-bin.000002	#	Gtid	#	#	BEGIN GTID #-#-#
+mysqld-bin.000002	#	Query	#	#	use `test`; CREATE TABLE `ts1` (
+  `f1` int(11) NOT NULL
+)
+mysqld-bin.000002	#	Xid	#	#	COMMIT /* XID */
+connection node_2;
+include/show_binlog_events.inc
+Log_name	Pos	Event_type	Server_id	End_log_pos	Info
+mysqld-bin.000003	#	Gtid	#	#	BEGIN GTID #-#-#
+mysqld-bin.000003	#	Query	#	#	use `test`; CREATE TABLE `ts1` (
+  `f1` int(11) NOT NULL
+)
+mysqld-bin.000003	#	Query	#	#	COMMIT
+BINLOG_POSITIONS_MATCH
+1
+DROP TABLE t1,ts1;
+CALL mtr.add_suppression("Ignoring server id for non bootstrap node");
diff --git a/mysql-test/suite/galera/r/MDEV-31272.result b/mysql-test/suite/galera/r/MDEV-31272.result
new file mode 100644
index 00000000..e8469bc7
--- /dev/null
+++ b/mysql-test/suite/galera/r/MDEV-31272.result
@@ -0,0 +1,36 @@
+connection node_2;
+connection node_1;
+connection node_1;
+CREATE TABLE t1 (f1 int primary key, f2 int);
+INSERT INTO t1 VALUES (1,0);
+BEGIN;
+INSERT INTO t1 VALUES (2,4),(1,1);
+ERROR 23000: Duplicate entry '1' for key 'PRIMARY'
+COMMIT;
+Writesets replicated (expect 0)
+0
+connection node_1;
+SELECT * FROM t1;
+f1	f2
+1	0
+connection node_2;
+SELECT * FROM t1;
+f1	f2
+1	0
+DROP TABLE t1;
+connection node_1;
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY, f2 INTEGER);
+INSERT INTO t1 VALUES (1,0);
+INSERT INTO t1 VALUES (2,4), (1,1);
+ERROR 23000: Duplicate entry '1' for key 'PRIMARY'
+Writesets replicated (expect 0)
+0
+connection node_1;
+SELECT * FROM t1;
+f1	f2
+1	0
+connection node_2;
+SELECT * FROM t1;
+f1	f2
+1	0
+DROP TABLE t1;
diff --git a/mysql-test/suite/galera/r/MDEV-32549.result b/mysql-test/suite/galera/r/MDEV-32549.result
new file mode 100644
index 00000000..65c81819
--- /dev/null
+++ b/mysql-test/suite/galera/r/MDEV-32549.result
@@ -0,0 +1,24 @@
+connection node_2;
+connection node_1;
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY) engine=innodb;
+CREATE TABLE t2 (f1 INTEGER PRIMARY KEY) engine=aria;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1);
+SELECT * FROM t2;
+f1
+SAVEPOINT s1;
+ERROR 42000: The storage engine for the table doesn't support SAVEPOINT
+INSERT INTO t1 VALUES (2);
+COMMIT;
+connection node_1;
+SELECT * FROM t1;
+f1
+1
+2
+connection node_2;
+SELECT * FROM t1;
+f1
+1
+2
+connection node_1;
+DROP TABLE t1,t2;
diff --git a/mysql-test/suite/galera/r/MDEV-32938.result b/mysql-test/suite/galera/r/MDEV-32938.result
new file mode 100644
index 00000000..5e310eb7
--- /dev/null
+++ b/mysql-test/suite/galera/r/MDEV-32938.result
@@ -0,0 +1,21 @@
+connection node_2;
+connection node_1;
+connect con1,127.0.0.1,root,,test,$NODE_MYPORT_1;
+call mtr.add_suppression("WSREP: ALTER TABLE isolation failure");
+CREATE TABLE t1(c1 INT PRIMARY KEY, c2 INT) ENGINE=InnoDB;
+SET DEBUG_SYNC = 'wsrep_append_fk_toi_keys_before_close_tables SIGNAL may_alter WAIT_FOR bf_abort';
+ALTER TABLE t1 DROP COLUMN c2;
+connection node_1;
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+ALTER TABLE t1 ADD COLUMN c3 INT;
+connection con1;
+ERROR 70100: Query execution was interrupted
+INSERT INTO t1 (c1, c2, c3) VALUES (1, 0, 0);
+connection node_2;
+INSERT INTO t1 (c1, c2, c3) VALUES (2, 0, 0);
+connection node_1;
+SET DEBUG_SYNC = 'RESET';
+DROP TABLE t1;
+disconnect con1;
+disconnect node_2;
+disconnect node_1;
diff --git a/mysql-test/suite/galera/r/MW-388.result b/mysql-test/suite/galera/r/MW-388.result
index b16addc5..8dc473fa 100644
--- a/mysql-test/suite/galera/r/MW-388.result
+++ b/mysql-test/suite/galera/r/MW-388.result
@@ -47,4 +47,4 @@ SET GLOBAL debug_dbug = NULL;
 SET debug_sync='RESET';
 SELECT @@debug_sync;
 @@debug_sync
-ON - current signal: ''
+ON - current signals: ''
diff --git a/mysql-test/suite/galera/r/MW-86-wait1.result b/mysql-test/suite/galera/r/MW-86-wait1.result
index 8ad9c8bf..f70e9e0a 100644
--- a/mysql-test/suite/galera/r/MW-86-wait1.result
+++ b/mysql-test/suite/galera/r/MW-86-wait1.result
@@ -4,7 +4,7 @@ SET @orig_debug=@@debug_dbug;
 connection node_2;
 SELECT @@debug_sync;
 @@debug_sync
-ON - current signal: ''
+ON - current signals: ''
 set debug_sync='RESET';
 SET SESSION wsrep_sync_wait = 1;
 SET GLOBAL debug_dbug = "+d,sync.wsrep_apply_cb";
@@ -45,4 +45,4 @@ SET SESSION wsrep_sync_wait = default;
 DROP TABLE t_wait1;
 SELECT @@debug_sync;
 @@debug_sync
-ON - current signal: ''
+ON - current signals: ''
diff --git a/mysql-test/suite/galera/r/MW-86-wait8.result b/mysql-test/suite/galera/r/MW-86-wait8.result
index 07e59ebb..f2aa34fa 100644
--- a/mysql-test/suite/galera/r/MW-86-wait8.result
+++ b/mysql-test/suite/galera/r/MW-86-wait8.result
@@ -4,7 +4,7 @@ SET @orig_debug=@@debug_dbug;
 connection node_2;
 SELECT @@debug_sync;
 @@debug_sync
-ON - current signal: ''
+ON - current signals: ''
 SET SESSION wsrep_sync_wait = 8;
 SET GLOBAL debug_dbug = "+d,sync.wsrep_apply_cb";
 connection node_1;
@@ -46,4 +46,4 @@ SET SESSION wsrep_sync_wait = default;
 DROP TABLE t_wait8;
 SELECT @@debug_sync;
 @@debug_sync
-ON - current signal: ''
+ON - current signals: ''
diff --git a/mysql-test/suite/galera/r/galera_as_master.result b/mysql-test/suite/galera/r/galera_as_master.result
index 4aca328b..dd3e0173 100644
--- a/mysql-test/suite/galera/r/galera_as_master.result
+++ b/mysql-test/suite/galera/r/galera_as_master.result
@@ -52,6 +52,8 @@ DROP TABLE t1, t4;
 SET SQL_LOG_BIN=OFF;
 DROP TABLE t2, t3;
 connection node_3;
+BINLOG_POSITIONS_MATCH
+1
 STOP SLAVE;
 RESET SLAVE ALL;
 CALL mtr.add_suppression('You need to use --log-bin to make --binlog-format work');
diff --git a/mysql-test/suite/galera/r/galera_bf_lock_wait.result b/mysql-test/suite/galera/r/galera_bf_lock_wait.result
index 757fbf50..9e5cb2d9 100644
--- a/mysql-test/suite/galera/r/galera_bf_lock_wait.result
+++ b/mysql-test/suite/galera/r/galera_bf_lock_wait.result
@@ -33,6 +33,26 @@ SET SESSION wsrep_sync_wait=0;
 call p1(1000);
 connection node_1;
 checking error log for 'BF lock wait long' message for 10 times every 10 seconds ...
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
+include/assert_grep.inc [BF lock wait long]
 connection node_1_p1;
 connection node_1_p2;
 connection node_2_p1;
diff --git a/mysql-test/suite/galera/r/galera_gcache_recover_manytrx.result b/mysql-test/suite/galera/r/galera_gcache_recover_manytrx.result
index 76f16791..de891686 100644
--- a/mysql-test/suite/galera/r/galera_gcache_recover_manytrx.result
+++ b/mysql-test/suite/galera/r/galera_gcache_recover_manytrx.result
@@ -100,19 +100,19 @@ Killing server ...
 connection node_1;
 Killing server ...
 connection node_1_insert_simple;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_insert_multi;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_insert_transaction;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_update_simple;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_insert_1k;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_insert_1m;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1_insert_10m;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_1;
 Performing --wsrep-recover ...
 Using --wsrep-start-position when starting mysqld ...
diff --git a/mysql-test/suite/galera/r/galera_ist_mariabackup_verify_ca.result b/mysql-test/suite/galera/r/galera_ist_mariabackup_verify_ca.result
new file mode 100644
index 00000000..955d5af7
--- /dev/null
+++ b/mysql-test/suite/galera/r/galera_ist_mariabackup_verify_ca.result
@@ -0,0 +1,21 @@
+connection node_2;
+connection node_1;
+connection node_1;
+connection node_2;
+CREATE TABLE t1 (f1 INT PRIMARY KEY);
+connection node_2;
+# Verify that graceful shutdown succeeds...
+connection node_1;
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+INSERT INTO t1 VALUES (3);
+connection node_2;
+# Start node_2 again...
+SELECT * FROM t1;
+f1
+1
+2
+3
+connection node_1;
+include/assert_grep.inc [mariabackup IST completed on joiner]
+DROP TABLE t1;
diff --git a/mysql-test/suite/galera/r/galera_ist_rsync_verify_ca.result b/mysql-test/suite/galera/r/galera_ist_rsync_verify_ca.result
new file mode 100644
index 00000000..51dfa7bc
--- /dev/null
+++ b/mysql-test/suite/galera/r/galera_ist_rsync_verify_ca.result
@@ -0,0 +1,21 @@
+connection node_2;
+connection node_1;
+connection node_1;
+connection node_2;
+CREATE TABLE t1 (f1 INT PRIMARY KEY);
+connection node_2;
+# Verify that graceful shutdown succeeds...
+connection node_1;
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+INSERT INTO t1 VALUES (3);
+connection node_2;
+# Start node_2 again...
+SELECT * FROM t1;
+f1
+1
+2
+3
+connection node_1;
+include/assert_grep.inc [rsync IST completed on joiner]
+DROP TABLE t1;
diff --git a/mysql-test/suite/galera/r/galera_myisam_autocommit.result b/mysql-test/suite/galera/r/galera_myisam_autocommit.result
index 6213e8f6..b80af779 100644
--- a/mysql-test/suite/galera/r/galera_myisam_autocommit.result
+++ b/mysql-test/suite/galera/r/galera_myisam_autocommit.result
@@ -1,5 +1,6 @@
 connection node_2;
 connection node_1;
+SET GLOBAL wsrep_mode=REPLICATE_MYISAM;
 CREATE TABLE t1 (f1 INTEGER) ENGINE=MyISAM;
 INSERT INTO t1 VALUES (1);
 INSERT INTO t1 VALUES (2), (3);
@@ -22,6 +23,8 @@ COUNT(*) = 0
 1
 SELECT COUNT(*) = 0 FROM t2;
 COUNT(*) = 0
-1
+0
+connection node_1;
 DROP TABLE t1;
 DROP TABLE t2;
+SET GLOBAL wsrep_mode=DEFAULT;
diff --git a/mysql-test/suite/galera/r/galera_var_retry_autocommit.result b/mysql-test/suite/galera/r/galera_var_retry_autocommit.result
index eee740b6..50667b0a 100644
--- a/mysql-test/suite/galera/r/galera_var_retry_autocommit.result
+++ b/mysql-test/suite/galera/r/galera_var_retry_autocommit.result
@@ -36,10 +36,7 @@ SET DEBUG_SYNC = 'now SIGNAL wsrep_retry_autocommit_continue';
 connection node_1;
 SELECT COUNT(*) FROM t1;
 COUNT(*)
-connection node_1;
-SELECT COUNT(*) FROM t1;
-COUNT(*)
-0
+1
 SET DEBUG_SYNC = 'RESET';
 SET GLOBAL debug_dbug = NULL;
 DROP TABLE t1;
diff --git a/mysql-test/suite/galera/suite.pm b/mysql-test/suite/galera/suite.pm
index 2ef45b24..f6caecdc 100644
--- a/mysql-test/suite/galera/suite.pm
+++ b/mysql-test/suite/galera/suite.pm
@@ -71,13 +71,17 @@ push @::global_suppressions,
 sub which($) { return `sh -c "command -v $_[0]"` }
 
 sub skip_combinations {
-  my %skip = ();
+  my @combinations;
+
   $skip{'include/have_mariabackup.inc'} = 'Need socket statistics utility'
             unless which("lsof") || which("sockstat") || which("ss");
   $skip{'include/have_stunnel.inc'} = "Need 'stunnel' utility"
             unless which("stunnel");
   $skip{'include/have_qpress.inc'} = "Need 'qpress' utility"
             unless which("qpress");
+  $skip{'../encryption/include/have_file_key_management_plugin.combinations'} = [ 'ctr' ]
+    unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/
+       and $1 ge "1.0.1";
   %skip;
 }
 
diff --git a/mysql-test/suite/galera/t/MDEV-22232.test b/mysql-test/suite/galera/t/MDEV-22232.test
new file mode 100644
index 00000000..dbd9ed1e
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-22232.test
@@ -0,0 +1,72 @@
+#
+# MDEV-22232: CTAS execution crashes during replay.
+#
+# There were multiple problems and two failing scenarios with empty result set
+# and with non-empty result set:
+# - CTAS didn't add shared keys for selected tables
+# - Security context wasn't set on the replayer thread
+# - CTAS was retried after failure - now retry disabled
+
+--source include/galera_cluster.inc
+--source include/have_debug_sync.inc
+--source include/have_debug.inc
+
+--connect con1,127.0.0.1,root,,test,$NODE_MYPORT_1
+
+# Scenario 1
+--echo --- CTAS with empty result set ---
+CREATE TABLE t1 (a INT) ENGINE=InnoDB;
+
+# Run CTAS until the resulting table gets created,
+# then it gets BF aborted by ALTER.
+SET DEBUG_SYNC = 'create_table_select_before_create SIGNAL may_alter WAIT_FOR bf_abort';
+--send
+  CREATE TABLE t2 SELECT * FROM t1;
+
+# Wait for CTAS to reach the table create point,
+# start executing ALTER and BF abort CTAS.
+--connection node_1
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+--disable_result_log
+--error ER_CANT_DROP_FIELD_OR_KEY
+ALTER TABLE t1 DROP FOREIGN KEY b, ALGORITHM=COPY;
+--enable_result_log
+
+--connection con1
+# CTAS gets BF aborted.
+--error ER_QUERY_INTERRUPTED
+--reap
+
+# Cleanup
+SET DEBUG_SYNC = 'RESET';
+
+
+# Scenario 2
+--echo --- CTAS with non-empty result set ---
+INSERT INTO t1 VALUES (10), (20), (30);
+
+# Run CTAS until the resulting table gets created,
+# then it gets BF aborted by ALTER.
+SET DEBUG_SYNC = 'create_table_select_before_create SIGNAL may_alter WAIT_FOR bf_abort';
+--send
+  CREATE TABLE t2 SELECT * FROM t1;
+
+# Wait for CTAS to reach the table create point,
+# start executing ALTER and BF abort CTAS.
+--connection node_1
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+--disable_result_log
+--error ER_ERROR_ON_RENAME
+ALTER TABLE t1 DROP FOREIGN KEY b, ALGORITHM=COPY;
+--enable_result_log
+
+--connection con1
+# CTAS gets BF aborted.
+--error ER_QUERY_INTERRUPTED
+--reap
+
+# Cleanup
+SET DEBUG_SYNC = 'RESET';
+DROP TABLE t1;
+--disconnect con1
+--source include/galera_end.inc
diff --git a/mysql-test/suite/galera/t/MDEV-27806.opt b/mysql-test/suite/galera/t/MDEV-27806.opt
new file mode 100644
index 00000000..009e761e
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-27806.opt
@@ -0,0 +1 @@
+--log-bin --log-slave-updates --gtid-strict-mode --wsrep_gtid_mode=on
diff --git a/mysql-test/suite/galera/t/MDEV-27806.test b/mysql-test/suite/galera/t/MDEV-27806.test
new file mode 100644
index 00000000..62a0ca48
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-27806.test
@@ -0,0 +1,51 @@
+#
+# MDEV-27806 GTIDs diverge after CTAS
+#
+--source include/galera_cluster.inc
+
+--connection node_1
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY);
+INSERT INTO t1 VALUES (1),(2),(3);
+CREATE TABLE ts1 AS SELECT * FROM t1;
+--let binlog_pos= `SELECT @@gtid_binlog_pos`
+
+--let $MASTER_MYPORT=$NODE_MYPORT_1
+--let $binlog_file=LAST
+--let $binlog_limit=8,20
+--source include/show_binlog_events.inc
+
+--connection node_2
+--let $binlog_limit=7,20
+--source include/show_binlog_events.inc
+
+--disable_query_log
+--eval SELECT STRCMP(@@gtid_binlog_pos, "$binlog_pos") = 0 AS BINLOG_POSITIONS_MATCH;
+--enable_query_log
+
+DROP TABLE t1,ts1;
+
+
+#
+# Same as above, with empty CREATE TABLE AS SELECT
+#
+--connection node_1
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY);
+CREATE TABLE ts1 AS SELECT * FROM t1;
+--let binlog_pos= `SELECT @@gtid_binlog_pos`
+
+--let $MASTER_MYPORT=$NODE_MYPORT_1
+--let $binlog_file=LAST
+--let $binlog_limit=18,20
+--source include/show_binlog_events.inc
+
+--connection node_2
+--let $binlog_limit=17,20
+--source include/show_binlog_events.inc
+
+--disable_query_log
+--eval SELECT STRCMP(@@gtid_binlog_pos, "$binlog_pos") = 0 AS BINLOG_POSITIONS_MATCH;
+--enable_query_log
+
+DROP TABLE t1,ts1;
+
+CALL mtr.add_suppression("Ignoring server id for non bootstrap node");
diff --git a/mysql-test/suite/galera/t/MDEV-27862.test b/mysql-test/suite/galera/t/MDEV-27862.test
index d23ce95d..f19d6b5d 100644
--- a/mysql-test/suite/galera/t/MDEV-27862.test
+++ b/mysql-test/suite/galera/t/MDEV-27862.test
@@ -1,6 +1,8 @@
 --source include/galera_cluster.inc
 --source include/have_innodb.inc
 
+--disable_ps2_protocol
+
 # NEXTVAL
 
 --connection node_1
@@ -54,3 +56,4 @@ SELECT NEXTVAL(seq_transaction) = 4;
 DROP SEQUENCE seq_transaction;
 DROP TABLE t1;
 
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera/t/MDEV-31272.combinations b/mysql-test/suite/galera/t/MDEV-31272.combinations
new file mode 100644
index 00000000..def4dda7
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-31272.combinations
@@ -0,0 +1,5 @@
+[binlogon]
+log-bin
+log-slave-updates=ON
+
+[binlogoff]
diff --git a/mysql-test/suite/galera/t/MDEV-31272.test b/mysql-test/suite/galera/t/MDEV-31272.test
new file mode 100644
index 00000000..d2c82378
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-31272.test
@@ -0,0 +1,58 @@
+#
+# MDEV-31272: Statement rollback causes empty writeset replication
+#
+
+--source include/galera_cluster.inc
+
+#
+# Case 1: Multi statement transaction
+#
+--connection node_1
+CREATE TABLE t1 (f1 int primary key, f2 int);
+INSERT INTO t1 VALUES (1,0);
+
+--let $replicated_old = `SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_replicated'`
+
+BEGIN;
+--error ER_DUP_ENTRY
+INSERT INTO t1 VALUES (2,4),(1,1);
+COMMIT;
+
+--let $replicated_new = `SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_replicated'`
+
+--disable_query_log
+--eval SELECT $replicated_new - $replicated_old AS 'Writesets replicated (expect 0)';
+--enable_query_log
+
+--connection node_1
+SELECT * FROM t1;
+--connection node_2
+SELECT * FROM t1;
+
+DROP TABLE t1;
+
+
+#
+# Case 2: autocommit statement
+#
+--connection node_1
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY, f2 INTEGER);
+INSERT INTO t1 VALUES (1,0);
+
+--let $replicated_old = `SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_replicated'`
+
+--error ER_DUP_ENTRY
+INSERT INTO t1 VALUES (2,4), (1,1);
+
+--let $replicated_new = `SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_replicated'`
+
+--disable_query_log
+--eval SELECT $replicated_new - $replicated_old AS 'Writesets replicated (expect 0)';
+--enable_query_log
+
+--connection node_1
+SELECT * FROM t1;
+--connection node_2
+SELECT * FROM t1;
+
+DROP TABLE t1;
diff --git a/mysql-test/suite/galera/t/MDEV-32549.test b/mysql-test/suite/galera/t/MDEV-32549.test
new file mode 100644
index 00000000..a2faa46d
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-32549.test
@@ -0,0 +1,28 @@
+#
+# MDEV-32549: Cluster is inconsitent after savepoint
+# statement is rolled back
+#
+--source include/galera_cluster.inc
+
+CREATE TABLE t1 (f1 INTEGER PRIMARY KEY) engine=innodb;
+CREATE TABLE t2 (f1 INTEGER PRIMARY KEY) engine=aria;
+
+START TRANSACTION;
+INSERT INTO t1 VALUES (1);
+SELECT * FROM t2;
+--error ER_CHECK_NOT_IMPLEMENTED
+SAVEPOINT s1;
+INSERT INTO t1 VALUES (2);
+COMMIT;
+
+--connection node_1
+SELECT * FROM t1;
+
+# If bug is present: only the second INSERT
+# is replicated, causing an inconsistent
+# cluster.
+--connection node_2
+SELECT * FROM t1;
+
+--connection node_1
+DROP TABLE t1,t2;
diff --git a/mysql-test/suite/galera/t/MDEV-32938.test b/mysql-test/suite/galera/t/MDEV-32938.test
new file mode 100644
index 00000000..cb41f21a
--- /dev/null
+++ b/mysql-test/suite/galera/t/MDEV-32938.test
@@ -0,0 +1,57 @@
+#
+# MDEV-32938: ALTER command is replicated and successfully applied while being BF-aborted locally.
+#
+# Why it happend:
+# - ALTER went to prepare FK-referenced tables as TOI keys
+# - to do this, it would open the main table with SHARED_HIGH_PRIO MDL lock which disregarded any
+#   other locks (including X-lock) waiting in the queue in case someone was already holding a
+#   compatible lock type (like any DML operation)
+# - if there was other TOI operation on the same table, it would go through BF-abort cycle to grab
+#   the lock for itself
+# - since the initial ALTER had not reached TOI yet, it would loose to real TOI operation and got
+#   BF-aborted with its THD marked as killed
+# - then, ALTER would enter TOI and get replicated with no checks that it has already been aborted
+# - after entering TOI mode, it would later find it'd been killed, and complete with an error
+# - at the same time, the command would successfully apply on every other node except the initiator.
+#
+# Fixed by checking killed state on THD before entering TOI.
+#
+
+--source include/galera_cluster.inc
+--source include/have_debug_sync.inc
+--source include/have_debug.inc
+
+--connect con1,127.0.0.1,root,,test,$NODE_MYPORT_1
+
+call mtr.add_suppression("WSREP: ALTER TABLE isolation failure");
+
+CREATE TABLE t1(c1 INT PRIMARY KEY, c2 INT) ENGINE=InnoDB;
+
+# Run ALTER DROP COLUMN and hang before closing tables on adding FK keys and before entering TOI.
+# Wait until it gets BF-aborted.
+SET DEBUG_SYNC = 'wsrep_append_fk_toi_keys_before_close_tables SIGNAL may_alter WAIT_FOR bf_abort';
+--send
+  ALTER TABLE t1 DROP COLUMN c2;
+
+--connection node_1
+# Run ALTER ADD COLUMN and BF-abort the previous ALTER DROP COLUMN.
+SET DEBUG_SYNC = 'now WAIT_FOR may_alter';
+ALTER TABLE t1 ADD COLUMN c3 INT;
+
+--connection con1
+# ALTER DROP COLUMN gets BF aborted.
+--error ER_QUERY_INTERRUPTED
+--reap
+
+INSERT INTO t1 (c1, c2, c3) VALUES (1, 0, 0);
+
+--connection node_2
+# ALTER DROP COLUMN must not be replicated.
+INSERT INTO t1 (c1, c2, c3) VALUES (2, 0, 0);
+
+# Cleanup.
+--connection node_1
+SET DEBUG_SYNC = 'RESET';
+DROP TABLE t1;
+--disconnect con1
+--source include/galera_end.inc
diff --git a/mysql-test/suite/galera/t/galera_as_master.test b/mysql-test/suite/galera/t/galera_as_master.test
index 1c439fff..a5554a73 100644
--- a/mysql-test/suite/galera/t/galera_as_master.test
+++ b/mysql-test/suite/galera/t/galera_as_master.test
@@ -52,12 +52,18 @@ DROP TABLE t1, t4;
 SET SQL_LOG_BIN=OFF;
 DROP TABLE t2, t3;
 
+--let binlog_pos=`SELECT @@gtid_binlog_pos;`
+
 --connection node_3
 --let $wait_condition = SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't1';
 --source include/wait_condition.inc
 --let $wait_condition = SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't4';
 --source include/wait_condition.inc
 
+--disable_query_log
+--eval SELECT STRCMP(@@gtid_binlog_pos, "$binlog_pos") = 0 AS BINLOG_POSITIONS_MATCH;
+--enable_query_log
+
 STOP SLAVE;
 RESET SLAVE ALL;
 
diff --git a/mysql-test/suite/galera/t/galera_bf_lock_wait.test b/mysql-test/suite/galera/t/galera_bf_lock_wait.test
index 0562b436..8ef2fee7 100644
--- a/mysql-test/suite/galera/t/galera_bf_lock_wait.test
+++ b/mysql-test/suite/galera/t/galera_bf_lock_wait.test
@@ -52,6 +52,12 @@ let $counter=10;
 let $sleep_period=10;
  
 echo checking error log for 'BF lock wait long' message for $counter times every $sleep_period seconds ...;
+
+--let assert_text= BF lock wait long
+--let assert_select= BF lock wait long
+--let assert_count= 0
+--let assert_only_after= CURRENT_TEST: galera.galera_bf_lock_wait
+
 while($counter > 0)
 {
 --disable_query_log
@@ -60,9 +66,11 @@ while($counter > 0)
 --enable_query_log
 --enable_result_log
 
-# use error 0,1 instead if want test to continue
-  --error 1
-  exec grep 'BF lock wait long' $MYSQLTEST_VARDIR/log/mysqld.*.err;
+--let assert_file= $MYSQLTEST_VARDIR/log/mysqld.1.err
+--source include/assert_grep.inc
+
+--let assert_file= $MYSQLTEST_VARDIR/log/mysqld.2.err
+--source include/assert_grep.inc
   dec $counter;
 }
 
diff --git a/mysql-test/suite/galera/t/galera_gcache_recover_manytrx.test b/mysql-test/suite/galera/t/galera_gcache_recover_manytrx.test
index e3921264..b2c38b63 100644
--- a/mysql-test/suite/galera/t/galera_gcache_recover_manytrx.test
+++ b/mysql-test/suite/galera/t/galera_gcache_recover_manytrx.test
@@ -142,31 +142,31 @@ SET SESSION wsrep_sync_wait = 0;
 --source include/kill_galera.inc
 
 --connection node_1_insert_simple
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_insert_multi
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_insert_transaction
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_update_simple
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_insert_1k
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_insert_1m
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1_insert_10m
---error 2013
+--error 2013, 2026
 --reap
 
 --connection node_1
diff --git a/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.cnf b/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.cnf
new file mode 100644
index 00000000..f2187b83
--- /dev/null
+++ b/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.cnf
@@ -0,0 +1,20 @@
+!include ../galera_2nodes.cnf
+
+[mysqld]
+wsrep_sst_method=mariabackup
+wsrep_sst_auth=root:
+
+ssl-cert=@ENV.MYSQL_TEST_DIR/std_data/server-cert.pem
+ssl-key=@ENV.MYSQL_TEST_DIR/std_data/server-key.pem
+ssl-ca=@ENV.MYSQL_TEST_DIR/std_data/cacert.pem
+
+[mysqld.1]
+wsrep_provider_options='base_port=@mysqld.1.#galera_port;pc.ignore_sb=true'
+
+[mysqld.2]
+wsrep_provider_options='base_port=@mysqld.2.#galera_port;pc.ignore_sb=true'
+
+[sst]
+ssl-mode=VERIFY_CA
+transferfmt=@ENV.MTR_GALERA_TFMT
+streamfmt=mbstream
diff --git a/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.test b/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.test
new file mode 100644
index 00000000..4e2d25b1
--- /dev/null
+++ b/mysql-test/suite/galera/t/galera_ist_mariabackup_verify_ca.test
@@ -0,0 +1,61 @@
+--source include/big_test.inc
+--source include/galera_cluster.inc
+--source include/have_innodb.inc
+--source include/have_mariabackup.inc
+
+--let $node_1=node_1
+--let $node_2=node_2
+--source include/auto_increment_offset_save.inc
+
+--let $LOG_FILE=$MYSQL_TMP_DIR/galera_node2.log
+--error 0,1
+--remove_file $LOG_FILE
+
+CREATE TABLE t1 (f1 INT PRIMARY KEY);
+
+--connection node_2
+
+--echo # Verify that graceful shutdown succeeds...
+--source include/shutdown_mysqld.inc
+
+--connection node_1
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+INSERT INTO t1 VALUES (3);
+
+--connection node_2
+--echo # Start node_2 again...
+--let $restart_noprint=2
+--let $start_mysqld_params=--log-error=$LOG_FILE
+--source include/start_mysqld.inc
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+SELECT * FROM t1;
+
+--let $start_mysqld_params=
+--source include/restart_mysqld.inc
+
+--connection node_1
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+# Confirm that IST took place
+--let $assert_text = mariabackup IST completed on joiner
+--let $assert_select = mariabackup IST completed on joiner
+--let $assert_count = 1
+--let $assert_file = $LOG_FILE
+--let $assert_only_after = Prepared IST receiver for
+--source include/assert_grep.inc
+
+DROP TABLE t1;
+
+--source include/auto_increment_offset_restore.inc
+
+--remove_file $LOG_FILE
diff --git a/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.cnf b/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.cnf
new file mode 100644
index 00000000..9125f670
--- /dev/null
+++ b/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.cnf
@@ -0,0 +1,17 @@
+!include ../galera_2nodes.cnf
+
+[mysqld]
+wsrep_sst_method=rsync
+
+ssl-cert=@ENV.MYSQL_TEST_DIR/std_data/server-cert.pem
+ssl-key=@ENV.MYSQL_TEST_DIR/std_data/server-key.pem
+ssl-ca=@ENV.MYSQL_TEST_DIR/std_data/cacert.pem
+
+[mysqld.1]
+wsrep_provider_options='base_port=@mysqld.1.#galera_port;pc.ignore_sb=true'
+
+[mysqld.2]
+wsrep_provider_options='base_port=@mysqld.2.#galera_port;pc.ignore_sb=true'
+
+[sst]
+ssl-mode=VERIFY_CA
diff --git a/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.test b/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.test
new file mode 100644
index 00000000..d9f7bb15
--- /dev/null
+++ b/mysql-test/suite/galera/t/galera_ist_rsync_verify_ca.test
@@ -0,0 +1,60 @@
+--source include/big_test.inc
+--source include/galera_cluster.inc
+--source include/have_innodb.inc
+
+--let $node_1=node_1
+--let $node_2=node_2
+--source include/auto_increment_offset_save.inc
+
+--let $LOG_FILE=$MYSQL_TMP_DIR/galera_node2.log
+--error 0,1
+--remove_file $LOG_FILE
+
+CREATE TABLE t1 (f1 INT PRIMARY KEY);
+
+--connection node_2
+
+--echo # Verify that graceful shutdown succeeds...
+--source include/shutdown_mysqld.inc
+
+--connection node_1
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+INSERT INTO t1 VALUES (3);
+
+--connection node_2
+--echo # Start node_2 again...
+--let $restart_noprint=2
+--let $start_mysqld_params=--log-error=$LOG_FILE
+--source include/start_mysqld.inc
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+SELECT * FROM t1;
+
+--let $start_mysqld_params=
+--source include/restart_mysqld.inc
+
+--connection node_1
+
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size'
+--source include/wait_condition.inc
+
+# Confirm that IST took place
+--let $assert_text = rsync IST completed on joiner
+--let $assert_select = rsync IST completed on joiner
+--let $assert_count = 1
+--let $assert_file = $LOG_FILE
+--let $assert_only_after = Prepared IST receiver for
+--source include/assert_grep.inc
+
+DROP TABLE t1;
+
+--source include/auto_increment_offset_restore.inc
+
+--remove_file $LOG_FILE
diff --git a/mysql-test/suite/galera/t/galera_log_output_csv.test b/mysql-test/suite/galera/t/galera_log_output_csv.test
index eeccc953..43f4190c 100644
--- a/mysql-test/suite/galera/t/galera_log_output_csv.test
+++ b/mysql-test/suite/galera/t/galera_log_output_csv.test
@@ -12,13 +12,17 @@ INSERT INTO t1 VALUES (1);
 
 SELECT COUNT(*) > 0 FROM mysql.general_log;
 
+--disable_ps2_protocol
 SELECT 1 = 1 FROM t1;
 SELECT COUNT(*) = 1 FROM mysql.slow_log WHERE sql_text = 'SELECT 1 = 1 FROM t1';
+--enable_ps2_protocol
 
 --connection node_2
 
+--disable_ps2_protocol
 SELECT 2 = 2 FROM t1;
 SELECT COUNT(*) = 1 FROM mysql.slow_log WHERE sql_text = 'SELECT 2 = 2 FROM t1';
+--enable_ps2_protocol
 
 --connection node_1
 DROP TABLE t1;
diff --git a/mysql-test/suite/galera/t/galera_myisam_autocommit.test b/mysql-test/suite/galera/t/galera_myisam_autocommit.test
index b01b5dc0..3452a06a 100644
--- a/mysql-test/suite/galera/t/galera_myisam_autocommit.test
+++ b/mysql-test/suite/galera/t/galera_myisam_autocommit.test
@@ -7,6 +7,8 @@
 
 # Without a PK
 
+SET GLOBAL wsrep_mode=REPLICATE_MYISAM;
+
 CREATE TABLE t1 (f1 INTEGER) ENGINE=MyISAM;
 
 INSERT INTO t1 VALUES (1);
@@ -41,5 +43,7 @@ TRUNCATE TABLE t1;
 SELECT COUNT(*) = 0 FROM t1;
 SELECT COUNT(*) = 0 FROM t2;
 
+--connection node_1
 DROP TABLE t1;
 DROP TABLE t2;
+SET GLOBAL wsrep_mode=DEFAULT;
diff --git a/mysql-test/suite/galera/t/galera_query_cache.test b/mysql-test/suite/galera/t/galera_query_cache.test
index 900faba0..ec7306e0 100644
--- a/mysql-test/suite/galera/t/galera_query_cache.test
+++ b/mysql-test/suite/galera/t/galera_query_cache.test
@@ -2,6 +2,8 @@
 --source include/galera_cluster.inc
 --source include/have_innodb.inc
 
+--disable_ps2_protocol
+
 #
 # Ensure that the query cache behaves properly with respect to Galera
 #
@@ -65,3 +67,4 @@ SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.SESSION_STATUS WHERE VARIABLE_
 
 DROP TABLE t1;
 
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera/t/galera_query_cache_sync_wait.test b/mysql-test/suite/galera/t/galera_query_cache_sync_wait.test
index 6d1e21fd..9a4b734e 100644
--- a/mysql-test/suite/galera/t/galera_query_cache_sync_wait.test
+++ b/mysql-test/suite/galera/t/galera_query_cache_sync_wait.test
@@ -4,6 +4,8 @@
 --source include/have_query_cache.inc
 --source include/galera_have_debug_sync.inc
 
+--disable_ps2_protocol
+
 CREATE TABLE t1 (id INT PRIMARY KEY AUTO_INCREMENT) ENGINE=InnoDB;
 INSERT INTO t1 VALUES (1);
 
@@ -88,3 +90,5 @@ DROP TABLE t1;
 
 --connection node_2a
 SET DEBUG_SYNC = "RESET";
+
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera/t/galera_restart_replica.test b/mysql-test/suite/galera/t/galera_restart_replica.test
index 2cc3a1dc..37cfd9bc 100644
--- a/mysql-test/suite/galera/t/galera_restart_replica.test
+++ b/mysql-test/suite/galera/t/galera_restart_replica.test
@@ -3,9 +3,9 @@
 #
 # The galera/galera_2node_slave.cnf describes the setup of the nodes
 #
---source include/big_test.inc
 --source include/force_restart.inc
 --source include/galera_cluster.inc
+--source include/have_innodb.inc
 --source include/have_sequence.inc
 
 # As node #3 is not a Galera node, and galera_cluster.inc does not open connetion to it
diff --git a/mysql-test/suite/galera_3nodes/disabled.def b/mysql-test/suite/galera_3nodes/disabled.def
index d0e68295..728500f4 100644
--- a/mysql-test/suite/galera_3nodes/disabled.def
+++ b/mysql-test/suite/galera_3nodes/disabled.def
@@ -10,12 +10,12 @@
 #
 ##############################################################################
 
-galera_2_cluster : MDEV-29877 Galera test failure on galera_2_cluster
-galera_gtid_2_cluster : MDEV-29877 Galera test failure on galera_2_cluster
-galera_ipv6_mariabackup : MDEV-24097
-galera_ipv6_mariabackup_section :  MDEV-24097, MDEV-22195
-galera_vote_rejoin_mysqldump : MDEV-24481: galera_3nodes.galera_vote_rejoin_mysqldump MTR failed: mysql_shutdown failed
-galera_ssl_reload : MDEV-30172 At line 50: mysql_shutdown failed
+galera_2_cluster : MDEV-32631 galera_2_cluster: before_rollback(): Assertion `0' failed
+galera_gtid_2_cluster : MDEV-32633 galera_gtid_2_cluster: Assertion `thd->wsrep_next_trx_id() != (0x7fffffffffffffffLL * 2ULL + 1)'
+galera_ssl_reload : MDEV-32778 galera_ssl_reload failed with warning message
+galera_ipv6_mariabackup : temporarily disabled at the request of Codership
+galera_pc_bootstrap : temporarily disabled at the request of Codership
+galera_ipv6_mariabackup_section : temporarily disabled at the request of Codership
 # Opensuse/suse/rocky9/rocky84/rhel9/rhel8-ppc64le .. - all same IPv6 isn't configured right or skipping or galera
 galera_ipv6_rsync : Can't connect to server on '::1' (115)
 galera_ipv6_rsync_section : Can't connect to server on '::1' (115)
diff --git a/mysql-test/suite/galera_3nodes/r/MDEV-29171.result b/mysql-test/suite/galera_3nodes/r/MDEV-29171.result
index 151be86d..371ce006 100644
--- a/mysql-test/suite/galera_3nodes/r/MDEV-29171.result
+++ b/mysql-test/suite/galera_3nodes/r/MDEV-29171.result
@@ -14,6 +14,7 @@ select @@wsrep_gtid_domain_id,@@wsrep_node_name;
 @@wsrep_gtid_domain_id	@@wsrep_node_name
 100	node3
 connection node_3;
+connection node_1;
 connection node_2;
 connection node_1;
 connection node_1;
diff --git a/mysql-test/suite/galera_3nodes/r/galera_gtid_consistency.result b/mysql-test/suite/galera_3nodes/r/galera_gtid_consistency.result
new file mode 100644
index 00000000..a35f31da
--- /dev/null
+++ b/mysql-test/suite/galera_3nodes/r/galera_gtid_consistency.result
@@ -0,0 +1,219 @@
+connection node_2;
+connection node_1;
+connect node_3, 127.0.0.1, root, , test, $NODE_MYPORT_3;
+connect node_2b, 127.0.0.1, root, , test, $NODE_MYPORT_2;
+set wsrep_sync_wait=0;
+connect node_1b, 127.0.0.1, root, , test, $NODE_MYPORT_1;
+set wsrep_sync_wait=0;
+connection node_1;
+CREATE PROCEDURE insert_row (IN node varchar(10), IN repeat_count int)
+BEGIN
+DECLARE current_num int;
+SET current_num = 0;
+WHILE current_num < repeat_count do
+INSERT INTO t1(node, name) VALUES (node, UUID());
+SET current_num = current_num + 1;
+END WHILE;
+END|
+CREATE TABLE t1 (id bigint not null primary key auto_increment, node VARCHAR(10), name VARCHAR(64)) ENGINE=innodb;
+# node_1
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2
+connection node_2;
+# node_2
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2
+connection node_3;
+# node_3
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2
+connection node_1;
+CALL insert_row('node1', 500);;
+connection node_2;
+CALL insert_row('node2', 500);;
+connection node_3;
+CALL insert_row('node3', 500);;
+connection node_2;
+# Shutdown node_2, force SST
+connection node_2b;
+# Wait until node_2 leaves cluster
+connection node_1b;
+connection node_1;
+connection node_3;
+connection node_1;
+CALL insert_row('node1', 500);
+connection node_3;
+CALL insert_row('node3', 500);
+CREATE TABLE t2(i int primary key) engine=innodb;
+connection node_2;
+# Restart node_2
+# restart
+connection node_1b;
+# Wait until node_2 is back in cluster
+# node2 has joined
+# GTID in node1
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2503
+connection node_2;
+# GTID in node2
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2503
+connection node_3;
+# GTID in node3
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2503
+# Shutdown node_3
+connection node_3;
+SET GLOBAL wsrep_provider_options = 'gmcast.isolate = 1';
+# Wait until node_3 leaves cluster
+connection node_1b;
+connection node_1;
+CALL insert_row('node1', 50);
+CREATE TABLE t3(i int primary key) engine=innodb;
+connection node_3;
+# Rejoin node_3
+SET GLOBAL wsrep_provider_options = 'gmcast.isolate = 0';
+connection node_1b;
+# Wait until node_3 is back in cluster
+# node3 has joined
+connection node_1;
+# GTID in node1
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2554
+connection node_2;
+# GTID in node2
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2554
+connection node_3;
+# GTID in node3
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2554
+# One by one shutdown all nodes
+connection node_3;
+# shutdown node_3
+connection node_2;
+# wait until node_3 is out of cluster
+# shutdown node_2
+connection node_1;
+# wait until node_2 is out of cluster
+# shutdown node_1
+# Bootstrap from node_1
+connection node_1;
+# restart: --wsrep_new_cluster
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2554
+ANALYZE TABLE t2;
+Table	Op	Msg_type	Msg_text
+test.t2	analyze	status	Engine-independent statistics collected
+test.t2	analyze	status	OK
+CALL insert_row('node1', 100);;
+# Restart node_2
+connection node_2;
+# restart
+connect node_1c, 127.0.0.1, root, , test, $NODE_MYPORT_1;
+set wsrep_sync_wait=0;
+connection node_1c;
+# wait until node_1 and node_2 are in cluster
+connection node_2;
+ALTER TABLE t2 ADD COLUMN (k int);
+CALL insert_row('node2', 100);;
+# Restart node_3
+connection node_3;
+# restart
+connection node_1c;
+# wait until all nodes are back in cluster
+after cluster restart
+connection node_2;
+connection node_1;
+connection node_1;
+node1 GTID
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2756
+connection node_2;
+node2 GTID
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2756
+connection node_3;
+node3 GTID
+show variables like 'wsrep_gtid_domain_id';
+Variable_name	Value
+wsrep_gtid_domain_id	1111
+show variables like '%gtid_binlog_pos%';
+Variable_name	Value
+gtid_binlog_pos	1111-1-2756
+connection node_1;
+table size in node1
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+2750
+connection node_2;
+table size in node2
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+2750
+connection node_3;
+table size in node3
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+2750
+connection node_2;
+call mtr.add_suppression("WSREP: Ignoring server id for non bootstrap node");
+call mtr.add_suppression("WSREP: Sending JOIN failed:.*");
+call mtr.add_suppression("Sending JOIN failed:.*");
+call mtr.add_suppression("WSREP: Failed to JOIN the cluster after SST.*");
+connection node_3;
+call mtr.add_suppression("WSREP: Ignoring server id for non bootstrap node");
+call mtr.add_suppression("WSREP: Sending JOIN failed:.*");
+call mtr.add_suppression("Sending JOIN failed:.*");
+call mtr.add_suppression("WSREP: Failed to JOIN the cluster after SST.*");
+# cleanup
+connection node_1;
+DROP PROCEDURE insert_row;
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+connection node_3;
+connection node_2;
+disconnect node_3;
+disconnect node_2b;
+disconnect node_1b;
+disconnect node_1c;
diff --git a/mysql-test/suite/galera/r/galera_var_node_address.result b/mysql-test/suite/galera_3nodes/r/galera_var_node_address.result
index 6b91a9f3..fe6c2a00 100644
--- a/mysql-test/suite/galera/r/galera_var_node_address.result
+++ b/mysql-test/suite/galera_3nodes/r/galera_var_node_address.result
@@ -1,22 +1,22 @@
 connection node_2;
 connection node_1;
-call  mtr.add_suppression("WSREP: Stray state UUID msg: .*");
-call  mtr.add_suppression("WSREP: Protocol violation. JOIN message sender .*");
-call  mtr.add_suppression("WSREP: Sending JOIN failed: .*");
-flush tables;
+connection node_1;
 SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 VARIABLE_VALUE
-4
-connection node_1;
+3
 CREATE TABLE t1 (f1 INTEGER) ENGINE=INNODB;
 connection node_2;
-set global wsrep_sync_wait=15;
 INSERT INTO t1 VALUES (1);
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
+EXPECT_1
+1
 connect node_3, 127.0.0.1, root, , test, $NODE_MYPORT_3;
 connection node_3;
-set global wsrep_sync_wait=15;
-SELECT COUNT(*) FROM t1;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
+EXPECT_1
 1
 connection node_1;
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
+EXPECT_1
+1
 DROP TABLE t1;
diff --git a/mysql-test/suite/galera_3nodes/r/galera_vote_rejoin_mysqldump.result b/mysql-test/suite/galera_3nodes/r/galera_vote_rejoin_mysqldump.result
index e49a1714..6faafacd 100644
--- a/mysql-test/suite/galera_3nodes/r/galera_vote_rejoin_mysqldump.result
+++ b/mysql-test/suite/galera_3nodes/r/galera_vote_rejoin_mysqldump.result
@@ -39,6 +39,9 @@ SELECT VARIABLE_VALUE AS expect_Disconnected FROM INFORMATION_SCHEMA.GLOBAL_STAT
 expect_Disconnected
 Disconnected
 SET SESSION wsrep_on=ON;
+SELECT VARIABLE_VALUE AS expect_3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+expect_3
+3
 SELECT VARIABLE_VALUE AS expect_Primary FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_status';
 expect_Primary
 Primary
@@ -49,17 +52,11 @@ t1	CREATE TABLE `t1` (
   `f1` int(11) DEFAULT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
 connection node_2;
-SET SESSION wsrep_on=OFF;
-SET SESSION wsrep_on=ON;
-# restart
 SHOW CREATE TABLE t1;
 Table	Create Table
 t1	CREATE TABLE `t1` (
   `f1` int(11) DEFAULT NULL
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
-SELECT COUNT(*) AS expect_0 FROM t1;
-expect_0
-0
 CALL mtr.add_suppression("is inconsistent with group");
 connection node_3;
 SHOW CREATE TABLE t1;
@@ -71,13 +68,16 @@ DROP TABLE t1;
 CALL mtr.add_suppression("Slave SQL: Error 'Can't DROP 'PRIMARY'; check that column/key exists'");
 connection node_1;
 connection node_1;
-CALL mtr.add_suppression("Slave SQL: Error 'The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement' on query");
+CALL mtr.add_suppression("Slave SQL: Error 'The MariaDB server is running with the --skip-grant-tables option so it cannot execute this statement' on query");
 DROP USER sst;
 connection node_2;
-CALL mtr.add_suppression("Slave SQL: Error 'The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement' on query");
+CALL mtr.add_suppression("Slave SQL: Error 'The MariaDB server is running with the --skip-grant-tables option so it cannot execute this statement' on query");
 CALL mtr.add_suppression("InnoDB: Error: Table \"mysql\"\\.\"innodb_index_stats\" not found");
 CALL mtr.add_suppression("Can't open and lock time zone table");
 CALL mtr.add_suppression("Can't open and lock privilege tables");
 CALL mtr.add_suppression("Info table is not ready to be used");
 CALL mtr.add_suppression("Native table .* has the wrong structure");
 CALL mtr.add_suppression("Table \'mysql.gtid_slave_pos\' doesn\'t exist");
+connection node_2;
+# restart
+connection node_1;
diff --git a/mysql-test/suite/galera_3nodes/t/MDEV-29171.test b/mysql-test/suite/galera_3nodes/t/MDEV-29171.test
index 33fa4d72..bfb7abf9 100644
--- a/mysql-test/suite/galera_3nodes/t/MDEV-29171.test
+++ b/mysql-test/suite/galera_3nodes/t/MDEV-29171.test
@@ -4,11 +4,13 @@
 #
 
 --source include/galera_cluster.inc
---source include/have_innodb.inc
+--source include/galera_sst_method.inc
+--source include/force_restart.inc
 
 #
 # Initially wsrep gtid domain id is 100
 #
+
 --connection node_1
 select @@wsrep_gtid_domain_id,@@wsrep_node_name;
 
@@ -26,6 +28,10 @@ select @@wsrep_gtid_domain_id,@@wsrep_node_name;
 --connection node_3
 --source include/shutdown_mysqld.inc
 
+--connection node_1
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
 --connection node_2
 --let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 --source include/wait_condition.inc
@@ -36,6 +42,7 @@ select @@wsrep_gtid_domain_id,@@wsrep_node_name;
 --source include/wait_condition.inc
 --source include/shutdown_mysqld.inc
 
+--sleep 5
 
 #
 # Bootstrap from node_1 and change wsrep_gtid_domain_id to 200
@@ -45,12 +52,11 @@ select @@wsrep_gtid_domain_id,@@wsrep_node_name;
 --source include/start_mysqld.inc
 show variables like 'wsrep_gtid_domain_id';
 
-
 #
 # Restart node_2, expect that wsrep_gtid_domain_id has changed to 200
 #
 --connection node_2
---let $restart_parameters = 
+--let $restart_parameters =
 --let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.2.expect
 --source include/start_mysqld.inc
 show variables like 'wsrep_gtid_domain_id';
diff --git a/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.cnf b/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.cnf
new file mode 100644
index 00000000..5bd03178
--- /dev/null
+++ b/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.cnf
@@ -0,0 +1,35 @@
+!include ../galera_3nodes.cnf
+
+[mysqld.1]
+wsrep-node-name="node1"
+wsrep_gtid_domain_id=1111
+gtid_domain_id=2
+server_id=10999
+wsrep_sst_auth="root:"
+wsrep_sst_method=mariabackup
+log_slave_updates=ON
+log_bin=mariadb-bin-log
+binlog-format=row
+wsrep-gtid-mode=ON
+
+[mysqld.2]
+wsrep-node-name="node2"
+wsrep_gtid_domain_id=1112
+gtid_domain_id=3
+wsrep_sst_auth="root:"
+wsrep_sst_method=mariabackup
+log_slave_updates=ON
+log_bin=mariadb-bin-log
+binlog-format=row
+wsrep-gtid-mode=ON
+
+[mysqld.3]
+wsrep-node-name="node3"
+wsrep_gtid_domain_id=1113
+gtid_domain_id=4
+wsrep_sst_auth="root:"
+wsrep_sst_method=mariabackup
+log_slave_updates=ON
+log_bin=mariadb-bin-log
+binlog-format=row
+wsrep-gtid-mode=ON
diff --git a/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.test b/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.test
new file mode 100644
index 00000000..f41230bc
--- /dev/null
+++ b/mysql-test/suite/galera_3nodes/t/galera_gtid_consistency.test
@@ -0,0 +1,346 @@
+--source include/galera_cluster.inc
+--source include/big_test.inc
+--source include/force_restart.inc
+
+
+#
+# Testing gtid consistency in 3 node cluster when nodes drop
+# and join back to cluster.
+# The tests verify that wsrep_gtid_domain_id and gtid_binlog_pos
+# remains same across the cluster
+# In the configuration, nodes have different wsrep_gtid_domain_id
+# but all nodes are supposed to receive effective domain id
+# from the bootstrap node (node_1), and use it
+#
+--connect node_3, 127.0.0.1, root, , test, $NODE_MYPORT_3
+--connect node_2b, 127.0.0.1, root, , test, $NODE_MYPORT_2
+set wsrep_sync_wait=0;
+--connect node_1b, 127.0.0.1, root, , test, $NODE_MYPORT_1
+set wsrep_sync_wait=0;
+
+--connection node_1
+DELIMITER |;
+CREATE PROCEDURE insert_row (IN node varchar(10), IN repeat_count int)
+BEGIN
+  DECLARE current_num int;
+  SET current_num = 0;
+  WHILE current_num < repeat_count do
+    INSERT INTO t1(node, name) VALUES (node, UUID());
+    SET current_num = current_num + 1;
+  END WHILE;
+END|
+DELIMITER ;|
+
+CREATE TABLE t1 (id bigint not null primary key auto_increment, node VARCHAR(10), name VARCHAR(64)) ENGINE=innodb;
+
+#
+# report initial gtid positions after table t1 is created
+#
+--echo # node_1
+show variables like '%gtid_binlog_pos%';
+
+--connection node_2
+--let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't1'
+--source include/wait_condition.inc
+
+--echo # node_2
+show variables like '%gtid_binlog_pos%';
+
+--connection node_3
+--let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't1'
+--source include/wait_condition.inc
+
+--echo # node_3
+show variables like '%gtid_binlog_pos%';
+
+###########################################
+#  scenario: join node 2 by SST
+##########################################
+
+#
+# start concurrent insert load and stop node2 while the load is on
+#
+--connection node_1
+--send CALL insert_row('node1', 500);
+
+--connection node_2
+--send CALL insert_row('node2', 500);
+
+--connection node_3
+--send CALL insert_row('node3', 500);
+
+#
+# stop load to node 2 and shutdown the node, force SST
+#
+--connection node_2
+--reap
+
+--echo # Shutdown node_2, force SST
+--connection node_2b
+--source include/shutdown_mysqld.inc
+--remove_file $MYSQLTEST_VARDIR/mysqld.2/data/grastate.dat
+
+--echo # Wait until node_2 leaves cluster
+--connection node_1b
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+#
+# stop the remaining load to node 1 and 3
+#
+--connection node_1
+--reap
+--connection node_3
+--reap
+
+#
+# some more inserts and DDL to nodes 1 and 3
+# while node 2 is absent
+#
+--connection node_1
+CALL insert_row('node1', 500);
+
+--connection node_3
+CALL insert_row('node3', 500);
+
+CREATE TABLE t2(i int primary key) engine=innodb;
+
+#
+# restart node 2, should join by SST
+#
+--connection node_2
+--echo # Restart node_2
+--source include/start_mysqld.inc
+
+--connection node_1b
+--echo # Wait until node_2 is back in cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+--echo # node2 has joined
+
+#
+# check gtid positions in all nodes
+#
+--echo # GTID in node1
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_2
+--echo # GTID in node2
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_3
+--echo # GTID in node3
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+
+###########################################
+#  scenario: join node 3 by IST
+##########################################
+
+--echo # Shutdown node_3
+--connection node_3
+SET GLOBAL wsrep_provider_options = 'gmcast.isolate = 1';
+
+--echo # Wait until node_3 leaves cluster
+--connection node_1b
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+#
+# do some inserts and DDL to node 1
+# while node 3 is absent
+#
+--connection node_1
+CALL insert_row('node1', 50);
+
+CREATE TABLE t3(i int primary key) engine=innodb;
+
+#
+# remove isolation in node 3, should join by IST
+#
+--connection node_3
+--echo # Rejoin node_3
+SET GLOBAL wsrep_provider_options = 'gmcast.isolate = 0';
+
+--connection node_1b
+--echo # Wait until node_3 is back in cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+--echo # node3 has joined
+
+#
+# check gtid positions in all nodes
+#
+--connection node_1
+--echo # GTID in node1
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_2
+--echo # GTID in node2
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_3
+--echo # GTID in node3
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+
+###########################################
+#  scenario: restart full custer
+##########################################
+
+
+#
+# stop all nodes, one by one
+#
+--echo # One by one shutdown all nodes
+--connection node_3
+--echo # shutdown node_3
+--source include/shutdown_mysqld.inc
+--remove_file $MYSQLTEST_VARDIR/mysqld.3/data/grastate.dat
+
+--connection node_2
+--echo # wait until node_3 is out of cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+--echo # shutdown node_2
+--source include/shutdown_mysqld.inc
+--remove_file $MYSQLTEST_VARDIR/mysqld.2/data/grastate.dat
+
+--connection node_1
+--echo # wait until node_2 is out of cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+--echo # shutdown node_1
+--source include/shutdown_mysqld.inc
+
+#
+# bootstap cluster in order node1 - node2 - node3
+# send some inserts and DDL after each node started
+#
+--sleep 5
+--echo # Bootstrap from node_1
+--connection node_1
+--let $restart_parameters = --wsrep_new_cluster
+--source include/start_mysqld.inc
+
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+ANALYZE TABLE t2;
+--send CALL insert_row('node1', 100);
+
+--echo # Restart node_2
+--connection node_2
+--let $restart_parameters =
+--let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.2.expect
+--source include/start_mysqld.inc
+
+#
+# connection node_1b may not be functional anymore, after node was
+# shutdown, open node_1c for controlling node 1 state
+#
+--connect node_1c, 127.0.0.1, root, , test, $NODE_MYPORT_1
+set wsrep_sync_wait=0;
+--connection node_1c
+--echo # wait until node_1 and node_2 are in cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 2 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
+--connection node_2
+ALTER TABLE t2 ADD COLUMN (k int);
+--send CALL insert_row('node2', 100);
+
+
+--echo # Restart node_3
+--connection node_3
+--let $restart_parameters =
+--let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/mysqld.3.expect
+--source include/start_mysqld.inc
+
+--connection node_1c
+--echo # wait until all nodes are back in cluster
+--let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+--echo after cluster restart
+
+# stop load for nodes 1 and 2
+--connection node_2
+--reap
+
+--connection node_1
+--reap
+
+#
+# check gtid positions in all nodes
+#
+--connection node_1
+--echo node1 GTID
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_2
+--echo node2 GTID
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+--connection node_3
+--echo node3 GTID
+show variables like 'wsrep_gtid_domain_id';
+show variables like '%gtid_binlog_pos%';
+
+#
+# check table size in all nodes
+#
+--connection node_1
+--echo table size in node1
+SELECT COUNT(*) FROM t1;
+
+--connection node_2
+--echo table size in node2
+SELECT COUNT(*) FROM t1;
+
+--connection node_3
+--echo table size in node3
+SELECT COUNT(*) FROM t1;
+
+#
+# cleanups
+#
+--connection node_2
+call mtr.add_suppression("WSREP: Ignoring server id for non bootstrap node");
+call mtr.add_suppression("WSREP: Sending JOIN failed:.*");
+call mtr.add_suppression("Sending JOIN failed:.*");
+call mtr.add_suppression("WSREP: Failed to JOIN the cluster after SST.*");
+--connection node_3
+call mtr.add_suppression("WSREP: Ignoring server id for non bootstrap node");
+call mtr.add_suppression("WSREP: Sending JOIN failed:.*");
+call mtr.add_suppression("Sending JOIN failed:.*");
+call mtr.add_suppression("WSREP: Failed to JOIN the cluster after SST.*");
+
+--echo # cleanup
+--connection node_1
+
+DROP PROCEDURE insert_row;
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+
+--connection node_3
+--let $wait_condition = SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't2'
+--source include/wait_condition.inc
+--connection node_2
+--let $wait_condition = SELECT COUNT(*) = 0 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't2'
+--source include/wait_condition.inc
+
+--disconnect node_3
+--disconnect node_2b
+--disconnect node_1b
+--disconnect node_1c
diff --git a/mysql-test/suite/galera/t/galera_var_node_address.cnf b/mysql-test/suite/galera_3nodes/t/galera_var_node_address.cnf
index 0de0edaa..aa0c47f1 100644
--- a/mysql-test/suite/galera/t/galera_var_node_address.cnf
+++ b/mysql-test/suite/galera_3nodes/t/galera_var_node_address.cnf
@@ -1,4 +1,4 @@
-!include ../galera_4nodes.cnf
+!include ../galera_3nodes.cnf
 
 [mysqld.2]
 wsrep_node_address=127.0.0.1
@@ -6,5 +6,3 @@ wsrep_node_address=127.0.0.1
 [mysqld.3]
 wsrep_node_address=localhost
 
-[mysqld.4]
-wsrep_node_address=lo
diff --git a/mysql-test/suite/galera/t/galera_var_node_address.test b/mysql-test/suite/galera_3nodes/t/galera_var_node_address.test
index 99cb30e7..08c0d2e4 100644
--- a/mysql-test/suite/galera/t/galera_var_node_address.test
+++ b/mysql-test/suite/galera_3nodes/t/galera_var_node_address.test
@@ -6,27 +6,27 @@
 --source include/galera_cluster.inc
 --source include/have_innodb.inc
 
-call  mtr.add_suppression("WSREP: Stray state UUID msg: .*");
-call  mtr.add_suppression("WSREP: Protocol violation. JOIN message sender .*");
-call  mtr.add_suppression("WSREP: Sending JOIN failed: .*");
-flush tables;
-
---let $wait_condition = SELECT VARIABLE_VALUE = 4 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--connection node_1
+--let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 --source include/wait_condition.inc
 
 SELECT VARIABLE_VALUE FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 
---connection node_1
 CREATE TABLE t1 (f1 INTEGER) ENGINE=INNODB;
 
 --connection node_2
-set global wsrep_sync_wait=15;
+--let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't1';
+--source include/wait_condition.inc
+
 INSERT INTO t1 VALUES (1);
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
 
 --connect node_3, 127.0.0.1, root, , test, $NODE_MYPORT_3
 --connection node_3
-set global wsrep_sync_wait=15;
-SELECT COUNT(*) FROM t1;
+--let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = 't1';
+--source include/wait_condition.inc
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
 
 --connection node_1
+SELECT COUNT(*) AS EXPECT_1 FROM t1;
 DROP TABLE t1;
diff --git a/mysql-test/suite/galera_3nodes/t/galera_vote_rejoin_mysqldump.test b/mysql-test/suite/galera_3nodes/t/galera_vote_rejoin_mysqldump.test
index 70d58cb2..6c7b255b 100644
--- a/mysql-test/suite/galera_3nodes/t/galera_vote_rejoin_mysqldump.test
+++ b/mysql-test/suite/galera_3nodes/t/galera_vote_rejoin_mysqldump.test
@@ -59,6 +59,7 @@ SET SESSION wsrep_on=ON;
 --let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 --source include/wait_condition.inc
 
+SELECT VARIABLE_VALUE AS expect_3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
 SELECT VARIABLE_VALUE AS expect_Primary FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_status';
 
 # Confirm that the table is now identical throughout
@@ -67,18 +68,7 @@ SELECT VARIABLE_VALUE AS expect_Primary FROM INFORMATION_SCHEMA.GLOBAL_STATUS WH
 SHOW CREATE TABLE t1;
 
 --connection node_2
-SET SESSION wsrep_on=OFF;
---let $wait_condition = SELECT VARIABLE_VALUE = 'Primary' FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_status';
---source include/wait_condition.inc
---source include/galera_wait_ready.inc
-SET SESSION wsrep_on=ON;
-
-# restart node so we don't fail on WSREP_START_POSITION internal check
---source include/restart_mysqld.inc
---source include/wait_until_connected_again.inc
-
 SHOW CREATE TABLE t1;
-SELECT COUNT(*) AS expect_0 FROM t1;
 CALL mtr.add_suppression("is inconsistent with group");
 
 --connection node_3
@@ -89,5 +79,14 @@ CALL mtr.add_suppression("Slave SQL: Error 'Can't DROP 'PRIMARY'; check that col
 --connection node_1
 --source suite/galera/include/galera_sst_restore.inc
 
+--connection node_2
+# restart node so we don't fail on WSREP_START_POSITION internal check
+--source include/restart_mysqld.inc
+--source include/wait_until_connected_again.inc
+
+--connection node_1
+--let $wait_condition = SELECT VARIABLE_VALUE = 3 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_cluster_size';
+--source include/wait_condition.inc
+
 # Restore original auto_increment_offset values.
 --source ../galera/include/auto_increment_offset_restore.inc
diff --git a/mysql-test/suite/galera_3nodes_sr/disabled.def b/mysql-test/suite/galera_3nodes_sr/disabled.def
index df2277fb..fcaf38a3 100644
--- a/mysql-test/suite/galera_3nodes_sr/disabled.def
+++ b/mysql-test/suite/galera_3nodes_sr/disabled.def
@@ -9,5 +9,3 @@
 #  Do not use any TAB characters for whitespace.
 #
 ##############################################################################
-
-galera_sr_kill_slave_after_apply_rollback2 : MDEV-29892 Galera test failure on galera_sr_kill_slave_after_apply_rollback2
\ No newline at end of file
diff --git a/mysql-test/suite/galera_3nodes_sr/r/GCF-832.result b/mysql-test/suite/galera_3nodes_sr/r/GCF-832.result
index 726f7014..9043c668 100644
--- a/mysql-test/suite/galera_3nodes_sr/r/GCF-832.result
+++ b/mysql-test/suite/galera_3nodes_sr/r/GCF-832.result
@@ -12,7 +12,7 @@ SET SESSION wsrep_trx_fragment_size=1;
 START TRANSACTION;
 INSERT INTO t1 VALUES ('primary'),('primary'),('primary'),('primary'),('primary');
 COMMIT;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 # restart
 connection node_1;
 SELECT COUNT(*) = 0 FROM mysql.wsrep_streaming_log;
diff --git a/mysql-test/suite/galera_3nodes_sr/t/GCF-336.test b/mysql-test/suite/galera_3nodes_sr/t/GCF-336.test
index b8d46db7..ba85aa52 100644
--- a/mysql-test/suite/galera_3nodes_sr/t/GCF-336.test
+++ b/mysql-test/suite/galera_3nodes_sr/t/GCF-336.test
@@ -1,5 +1,7 @@
 --source include/galera_cluster.inc
 
+--disable_ps2_protocol
+
 --connection node_2
 CREATE TABLE t1 (f1 INTEGER) ENGINE=InnoDB;
 
@@ -45,3 +47,6 @@ CALL mtr.add_suppression("WSREP: failed to send SR rollback for ");
 --connect node_3, 127.0.0.1, root, , test, $NODE_MYPORT_3
 --connection node_3
 --source include/galera_wait_ready.inc
+
+
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera_3nodes_sr/t/GCF-832.test b/mysql-test/suite/galera_3nodes_sr/t/GCF-832.test
index ab8b62b9..5da080a6 100644
--- a/mysql-test/suite/galera_3nodes_sr/t/GCF-832.test
+++ b/mysql-test/suite/galera_3nodes_sr/t/GCF-832.test
@@ -26,7 +26,7 @@ SET SESSION wsrep_trx_fragment_size=1;
 START TRANSACTION;
 
 INSERT INTO t1 VALUES ('primary'),('primary'),('primary'),('primary'),('primary');
---error 2013
+--error 2013,2026
 COMMIT;
 
 --source include/start_mysqld.inc
diff --git a/mysql-test/suite/galera_3nodes_sr/t/galera_sr_isolate_master.test b/mysql-test/suite/galera_3nodes_sr/t/galera_sr_isolate_master.test
index 27674148..18e1f002 100644
--- a/mysql-test/suite/galera_3nodes_sr/t/galera_sr_isolate_master.test
+++ b/mysql-test/suite/galera_3nodes_sr/t/galera_sr_isolate_master.test
@@ -1,6 +1,7 @@
 --source include/galera_cluster.inc
 --source include/have_innodb.inc
 
+--disable_ps2_protocol
 #
 # Test the effect of gmcast.isolate on master during an SR transaction
 #
@@ -133,3 +134,4 @@ CALL mtr.add_suppression("failed to send SR rollback for");
 DROP TABLE t1;
 
 --source ../galera/include/auto_increment_offset_restore.inc
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera_sr/disabled.def b/mysql-test/suite/galera_sr/disabled.def
index 9cca05eb..73ef1d0d 100644
--- a/mysql-test/suite/galera_sr/disabled.def
+++ b/mysql-test/suite/galera_sr/disabled.def
@@ -10,8 +10,6 @@
 #
 ##############################################################################
 
-GCF-1060 : MDEV-26528 wrong usage of mutex LOCK_thd_kill and LOCK_thd_kill
-galera_sr_cc_master : MDEV-29882 Galera test failure on galera_sr_cc_master
-mysql-wsrep-features#138 : At line 25: query 'DROP TABLE t1' failed: 2013: Lost connection to MySQL server during query
+GCF-1060 : MDEV-32160 GCF-1060 test failure due to wsrep MDL conflict
 # Links to below failures in MDEV-30172
 MDEV-25718 : timeout related to wsrep_sync_wait and DEBUG_SYNC
diff --git a/mysql-test/suite/galera_sr/r/MDEV-27615.result b/mysql-test/suite/galera_sr/r/MDEV-27615.result
index e3bfd0ed..8965cc8e 100644
--- a/mysql-test/suite/galera_sr/r/MDEV-27615.result
+++ b/mysql-test/suite/galera_sr/r/MDEV-27615.result
@@ -15,7 +15,7 @@ SET DEBUG_SYNC='now WAIT_FOR before_fragment';
 SET GLOBAL wsrep_cluster_address = '';
 SET DEBUG_SYNC = 'now SIGNAL continue';
 connection node_2;
-ERROR HY000: Lost connection to server during query
+Got one of the listed errors
 connection node_2a;
 SELECT * FROM mysql.wsrep_streaming_log;
 node_uuid	trx_id	seqno	flags	frag
diff --git a/mysql-test/suite/galera_sr/r/MDEV-28971.result b/mysql-test/suite/galera_sr/r/MDEV-28971.result
new file mode 100644
index 00000000..0826f5e6
--- /dev/null
+++ b/mysql-test/suite/galera_sr/r/MDEV-28971.result
@@ -0,0 +1,17 @@
+connection node_2;
+connection node_1;
+CREATE SEQUENCE SEQ NOCACHE ENGINE=InnoDB;
+SET SESSION wsrep_trx_fragment_size=1;
+SET collation_connection=utf16_thai_520_w2;
+SET autocommit=0;
+CREATE TABLE t1 (a BLOB UNIQUE);
+INSERT INTO t1 VALUES ('AAF');
+SELECT SETVAL (SEQ, 100);
+ERROR 42000: This version of MariaDB doesn't yet support 'SEQUENCEs with streaming replication in Galera cluster'
+ALTER TABLE t1 ADD CONSTRAINT constraint_1 UNIQUE (a);
+Warnings:
+Note	1831	Duplicate index `constraint_1`. This is deprecated and will be disallowed in a future release
+INSERT INTO t1 VALUES();
+ALTER TABLE t1 ADD KEY(b (50));
+ERROR 42000: Key column 'b' doesn't exist in table
+DROP TABLE t1,SEQ;
diff --git a/mysql-test/suite/galera_sr/r/galera_sr_cc_master.result b/mysql-test/suite/galera_sr/r/galera_sr_cc_master.result
index 1f874aca..19466715 100644
--- a/mysql-test/suite/galera_sr/r/galera_sr_cc_master.result
+++ b/mysql-test/suite/galera_sr/r/galera_sr_cc_master.result
@@ -13,12 +13,12 @@ INSERT INTO t1 VALUES (2);
 INSERT INTO t1 VALUES (3);
 INSERT INTO t1 VALUES (4);
 INSERT INTO t1 VALUES (5);
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_5 FROM mysql.wsrep_streaming_log;
+EXPECT_5
 5
 connection node_1;
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_5 FROM mysql.wsrep_streaming_log;
+EXPECT_5
 5
 connect node_2a, 127.0.0.1, root, , test, $NODE_MYPORT_2;
 connection node_2a;
@@ -29,8 +29,8 @@ connection node_2;
 INSERT INTO t1 VALUES (6);
 ERROR HY000: Lost connection to server during query
 connection node_1;
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
+EXPECT_0
 0
 connection node_2a;
 connection node_1;
@@ -38,8 +38,8 @@ connect node_2b, 127.0.0.1, root, , test, $NODE_MYPORT_2;
 connection node_2b;
 SELECT * FROM mysql.wsrep_streaming_log;
 node_uuid	trx_id	seqno	flags	frag
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
+EXPECT_0
 0
 SET AUTOCOMMIT=OFF;
 START TRANSACTION;
@@ -49,18 +49,20 @@ INSERT INTO t1 VALUES (3);
 INSERT INTO t1 VALUES (4);
 INSERT INTO t1 VALUES (5);
 COMMIT;
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
+EXPECT_0
 0
 connection node_1;
-SELECT COUNT(*) FROM t1;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_5 FROM t1;
+EXPECT_5
 5
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
-COUNT(*)
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
+EXPECT_0
 0
 DROP TABLE t1;
 connection node_2b;
 CALL mtr.add_suppression("WSREP: Failed to replicate rollback fragment for");
 disconnect node_2;
 connect node_2, 127.0.0.1, root, , test, $NODE_MYPORT_2;
+disconnect node_2a;
+disconnect node_2b;
diff --git a/mysql-test/suite/galera_sr/r/mysql-wsrep-features#165.result b/mysql-test/suite/galera_sr/r/mysql-wsrep-features#165.result
index 8ad3ac63..353315d1 100644
--- a/mysql-test/suite/galera_sr/r/mysql-wsrep-features#165.result
+++ b/mysql-test/suite/galera_sr/r/mysql-wsrep-features#165.result
@@ -26,6 +26,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -91,6 +92,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -156,6 +158,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -221,6 +224,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -286,6 +290,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -351,6 +356,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -416,6 +422,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -481,6 +488,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -546,6 +554,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -611,6 +620,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -676,6 +686,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -741,6 +752,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -806,6 +818,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -871,6 +884,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -936,6 +950,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
@@ -1001,6 +1016,7 @@ f1	f2
 connection node_1c;
 SET AUTOCOMMIT=ON;
 INSERT INTO t1 VALUES (3, 'c');
+connection node_1;
 connection node_2;
 SELECT * FROM t1;
 f1	f2
diff --git a/mysql-test/suite/galera_sr/t/MDEV-27615.test b/mysql-test/suite/galera_sr/t/MDEV-27615.test
index 121a85fb..8cc425aa 100644
--- a/mysql-test/suite/galera_sr/t/MDEV-27615.test
+++ b/mysql-test/suite/galera_sr/t/MDEV-27615.test
@@ -43,7 +43,8 @@ SET DEBUG_SYNC = 'now SIGNAL continue';
 # Disconnect causes connection to node_2 to be closed
 #
 --connection node_2
---error 2013 # CR_SERVER_LOST
+# CR_SERVER_LOST, CR_SSL_CONNECTION_ERROR
+--error 2013,2026
 --reap
 
 
diff --git a/mysql-test/suite/galera_sr/t/MDEV-28971.test b/mysql-test/suite/galera_sr/t/MDEV-28971.test
new file mode 100644
index 00000000..d3dbf03b
--- /dev/null
+++ b/mysql-test/suite/galera_sr/t/MDEV-28971.test
@@ -0,0 +1,20 @@
+#
+# MDEV-28971 - Assertion `total_length + thd->wsrep_sr().log_position() == saved_pos'
+# failed in int wsrep_write_cache_inc(THD*, IO_CACHE*, size_t*)
+#
+
+--source include/galera_cluster.inc
+
+CREATE SEQUENCE SEQ NOCACHE ENGINE=InnoDB;
+SET SESSION wsrep_trx_fragment_size=1;
+SET collation_connection=utf16_thai_520_w2;
+SET autocommit=0;
+CREATE TABLE t1 (a BLOB UNIQUE);
+INSERT INTO t1 VALUES ('AAF');
+--error ER_NOT_SUPPORTED_YET
+SELECT SETVAL (SEQ, 100);
+ALTER TABLE t1 ADD CONSTRAINT constraint_1 UNIQUE (a);
+INSERT INTO t1 VALUES();
+--error ER_KEY_COLUMN_DOES_NOT_EXIST
+ALTER TABLE t1 ADD KEY(b (50));
+DROP TABLE t1,SEQ;
diff --git a/mysql-test/suite/galera_sr/t/galera_sr_cc_master.test b/mysql-test/suite/galera_sr/t/galera_sr_cc_master.test
index 6665a6e7..a019a32e 100644
--- a/mysql-test/suite/galera_sr/t/galera_sr_cc_master.test
+++ b/mysql-test/suite/galera_sr/t/galera_sr_cc_master.test
@@ -32,10 +32,13 @@ INSERT INTO t1 VALUES (3);
 INSERT INTO t1 VALUES (4);
 INSERT INTO t1 VALUES (5);
 
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+SELECT COUNT(*) AS EXPECT_5 FROM mysql.wsrep_streaming_log;
 
 --connection node_1
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+--let $wait_condition = SELECT COUNT(*) = 5 FROM mysql.wsrep_streaming_log
+--source include/wait_condition.inc
+
+SELECT COUNT(*) AS EXPECT_5 FROM mysql.wsrep_streaming_log;
 
 #
 # Trigger CC . The transaction is aborted and we expect the SR tables to be cleaned up
@@ -56,7 +59,9 @@ SET SESSION wsrep_sync_wait = DEFAULT;
 INSERT INTO t1 VALUES (6);
 
 --connection node_1
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+--let $wait_condition = SELECT COUNT(*) = 0 FROM mysql.wsrep_streaming_log
+--source include/wait_condition.inc
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
 
 # Restore cluster
 
@@ -73,8 +78,10 @@ SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
 --connect node_2b, 127.0.0.1, root, , test, $NODE_MYPORT_2
 --connection node_2b
 --source include/galera_wait_ready.inc
+--let $wait_condition = SELECT COUNT(*) = 0 FROM mysql.wsrep_streaming_log
+--source include/wait_condition.inc
 SELECT * FROM mysql.wsrep_streaming_log;
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
 
 # Repeat transaction to confirm no locks are left from previous transaction
 
@@ -87,11 +94,13 @@ INSERT INTO t1 VALUES (4);
 INSERT INTO t1 VALUES (5);
 COMMIT;
 
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
 
 --connection node_1
-SELECT COUNT(*) FROM t1;
-SELECT COUNT(*) FROM mysql.wsrep_streaming_log;
+--let $wait_condition = SELECT COUNT(*) = 5 FROM t1
+--source include/wait_condition.inc
+SELECT COUNT(*) AS EXPECT_5 FROM t1;
+SELECT COUNT(*) AS EXPECT_0 FROM mysql.wsrep_streaming_log;
 
 DROP TABLE t1;
 
@@ -102,3 +111,6 @@ CALL mtr.add_suppression("WSREP: Failed to replicate rollback fragment for");
 --connect node_2, 127.0.0.1, root, , test, $NODE_MYPORT_2
 # Restore original auto_increment_offset values.
 --source ../galera/include/auto_increment_offset_restore.inc
+
+--disconnect node_2a
+--disconnect node_2b
diff --git a/mysql-test/suite/galera_sr/t/galera_sr_large_fragment.test b/mysql-test/suite/galera_sr/t/galera_sr_large_fragment.test
index 63278555..d08cab49 100644
--- a/mysql-test/suite/galera_sr/t/galera_sr_large_fragment.test
+++ b/mysql-test/suite/galera_sr/t/galera_sr_large_fragment.test
@@ -6,6 +6,8 @@
 --source include/have_innodb.inc
 --source include/big_test.inc
 
+--disable_ps2_protocol
+
 CREATE TABLE ten (f1 INTEGER) ENGINE=InnoDB;
 INSERT INTO ten VALUES (1), (2), (3), (4), (5), (6), (7), (8), (9), (10);
 
@@ -56,3 +58,4 @@ CALL mtr.add_suppression('InnoDB: Resizing redo log from');
 CALL mtr.add_suppression('InnoDB: Starting to delete and rewrite log files');
 CALL mtr.add_suppression('InnoDB: New log files created, LSN=');
 
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera_sr/t/galera_sr_many_fragments.test b/mysql-test/suite/galera_sr/t/galera_sr_many_fragments.test
index 9b8dae9d..7a6c1bea 100644
--- a/mysql-test/suite/galera_sr/t/galera_sr_many_fragments.test
+++ b/mysql-test/suite/galera_sr/t/galera_sr_many_fragments.test
@@ -6,6 +6,8 @@
 --source include/have_innodb.inc
 --source include/big_test.inc
 
+--disable_ps2_protocol
+
 CREATE TABLE ten (f1 INTEGER) ENGINE=InnoDB;
 INSERT INTO ten VALUES (1), (2), (3), (4), (5), (6), (7), (8), (9), (10);
 
@@ -51,3 +53,5 @@ SELECT COUNT(*) = 0 FROM t1;
 
 DROP TABLE ten;
 DROP TABLE t1;
+
+--enable_ps2_protocol
diff --git a/mysql-test/suite/galera_sr/t/mysql-wsrep-features#165.inc b/mysql-test/suite/galera_sr/t/mysql-wsrep-features#165.inc
index 7f13afa3..26cdd116 100644
--- a/mysql-test/suite/galera_sr/t/mysql-wsrep-features#165.inc
+++ b/mysql-test/suite/galera_sr/t/mysql-wsrep-features#165.inc
@@ -46,6 +46,10 @@ SELECT * FROM t1;
 SET AUTOCOMMIT=ON;
 --send INSERT INTO t1 VALUES (3, 'c')
 
+--connection node_1
+--let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.INNODB_LOCK_WAITS;
+--source include/wait_condition.inc
+
 --connection node_2
 SELECT * FROM t1;
 
@@ -54,7 +58,7 @@ SELECT * FROM t1;
 --send UPDATE t1 SET f2 = 'a' WHERE f1 = 2
 
 --connection node_1
---let $wait_condition = SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.PROCESSLIST WHERE USER != 'system user' AND STATE = 'Updating';
+--let $wait_condition = SELECT COUNT(*) = 2 FROM INFORMATION_SCHEMA.INNODB_LOCK_WAITS;
 --source include/wait_condition.inc
 
 # Will deadlock
diff --git a/mysql-test/suite/gcol/r/gcol_bugfixes.result b/mysql-test/suite/gcol/r/gcol_bugfixes.result
index f124ebe6..5dfa416a 100644
--- a/mysql-test/suite/gcol/r/gcol_bugfixes.result
+++ b/mysql-test/suite/gcol/r/gcol_bugfixes.result
@@ -744,3 +744,41 @@ SELECT id, ts, vc INTO OUTFILE 'load_t1' FROM t1;
 LOAD DATA INFILE 'load_t1' REPLACE INTO TABLE t1 (id, ts, vc);
 INSERT IGNORE INTO t1 (id) VALUES (2);
 DROP TABLE t1;
+#
+# MDEV-28566 Assertion `!expr->is_fixed()' failed in bool
+#            Virtual_column_info::fix_session_expr(THD*)
+#
+CREATE TABLE t1 (c1 CHAR(1));
+FLUSH TABLES WITH READ LOCK;
+UPDATE t1 SET c1=1;
+ERROR HY000: Can't execute the query because you have a conflicting read lock
+unlock tables;
+SELECT * FROM t1;
+c1
+DROP TABLE t1;
+CREATE TABLE t1 (c1 CHAR AS (CONCAT (0,DAYNAME (0))));
+FLUSH TABLES WITH READ LOCK;
+UPDATE t1 SET c1=1;
+ERROR HY000: Can't execute the query because you have a conflicting read lock
+unlock tables;
+UPDATE t1 SET c1=1;
+SELECT * FROM t1;
+c1
+DROP TABLE t1;
+CREATE TABLE t1 (a int primary key, c1 CHAR AS (CONCAT (0,DAYNAME (0))));
+insert into t1 (a) values (1);
+FLUSH TABLES WITH READ LOCK;
+UPDATE t1 SET c1=1;
+ERROR HY000: Can't execute the query because you have a conflicting read lock
+UPDATE t1 SET a=2;
+ERROR HY000: Can't execute the query because you have a conflicting read lock
+unlock tables;
+UPDATE t1 SET a=2;
+UPDATE t1 SET c1=1;
+ERROR HY000: The value specified for generated column 'c1' in table 't1' has been ignored
+SELECT * FROM t1;
+a	c1
+2	NULL
+Warnings:
+Warning	1292	Incorrect datetime value: '0'
+DROP TABLE t1;
diff --git a/mysql-test/suite/gcol/r/gcol_partition_innodb.result b/mysql-test/suite/gcol/r/gcol_partition_innodb.result
index 2bff3305..e6252b3d 100644
--- a/mysql-test/suite/gcol/r/gcol_partition_innodb.result
+++ b/mysql-test/suite/gcol/r/gcol_partition_innodb.result
@@ -1,4 +1,6 @@
-SET @@session.default_storage_engine = 'InnoDB';
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+SET default_storage_engine = 'InnoDB';
 drop table if exists t1;
 # Case 1. Partitioning by RANGE based on a non-stored generated column.
 CREATE TABLE t1 (
@@ -126,6 +128,7 @@ Warnings:
 Warning	1906	The value specified for generated column 'vd' in table 't1' has been ignored
 DROP TABLE t1;
 InnoDB		0 transactions not purged
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
 DROP VIEW  IF EXISTS v1,v2;
 DROP TABLE IF EXISTS t1,t2,t3;
 DROP PROCEDURE IF EXISTS p1;
diff --git a/mysql-test/suite/gcol/r/gcol_purge.result b/mysql-test/suite/gcol/r/gcol_purge.result
index e16cf0df..19db34ac 100644
--- a/mysql-test/suite/gcol/r/gcol_purge.result
+++ b/mysql-test/suite/gcol/r/gcol_purge.result
@@ -1,7 +1,7 @@
 SET @save_dbug=@@GLOBAL.debug_dbug;
 CREATE TABLE t1(f1 INT NOT NULL, f2 int not null,
 f3 int generated always as (f2 * 2) VIRTUAL,
-primary key(f1), INDEX (f3))ENGINE=InnoDB;
+primary key(f1), INDEX (f3))ENGINE=InnoDB STATS_PERSISTENT=0;
 connect con1,localhost,root,,,;
 InnoDB		0 transactions not purged
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
diff --git a/mysql-test/suite/gcol/r/gcol_update.result b/mysql-test/suite/gcol/r/gcol_update.result
index 35e0b3e8..54974826 100644
--- a/mysql-test/suite/gcol/r/gcol_update.result
+++ b/mysql-test/suite/gcol/r/gcol_update.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 connect  purge_control,localhost,root;
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
 connection default;
@@ -37,3 +39,4 @@ InnoDB		0 transactions not purged
 disconnect purge_control;
 connection default;
 drop table t1;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/gcol/r/innodb_prefix_index_check.result b/mysql-test/suite/gcol/r/innodb_prefix_index_check.result
index 01dbe4a6..ea84cd15 100644
--- a/mysql-test/suite/gcol/r/innodb_prefix_index_check.result
+++ b/mysql-test/suite/gcol/r/innodb_prefix_index_check.result
@@ -13,3 +13,32 @@ key(f1,f2(1))
 )ENGINE=INNODB;
 REPLACE INTO t1(f3) VALUES (1),(1);
 DROP TABLE t1;
+#Create and alter table examples for full column index followed by prefix index.
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1,f2),
+KEY(f1(5)))ENGINE=INNODB;
+REPLACE INTO t1(f2) VALUES (1),(1);
+ALTER TABLE t1 ADD INDEX(f2,f1);
+DROP TABLE t1;
+#Create and alter table examples for small prefix index followed by large
+#prefix index.
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1(5),f2),
+KEY(f1(10)))ENGINE=INNODB;
+REPLACE INTO t1(f2) VALUES (1),(1);
+ALTER TABLE t1 ADD INDEX(f2,f1);
+DROP TABLE t1;
+#Create and alter table examples for prefix index followed by full column
+#index.
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1(5),f2),
+KEY(f1))ENGINE=INNODB;
+REPLACE INTO t1(f2) VALUES (1),(1);
+ALTER TABLE t1 ADD INDEX(f2,f1);
+DROP TABLE t1;
diff --git a/mysql-test/suite/gcol/r/innodb_virtual_debug.result b/mysql-test/suite/gcol/r/innodb_virtual_debug.result
index 3f3e3ea3..e1b87938 100644
--- a/mysql-test/suite/gcol/r/innodb_virtual_debug.result
+++ b/mysql-test/suite/gcol/r/innodb_virtual_debug.result
@@ -1,4 +1,6 @@
 set default_storage_engine=innodb;
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 CREATE TABLE `t` (
 `a` VARCHAR(100),
 `b` VARCHAR(100),
@@ -145,3 +147,4 @@ DROP TABLE t1;
 disconnect con1;
 connection default;
 SET DEBUG_SYNC=RESET;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/gcol/r/innodb_virtual_purge.result b/mysql-test/suite/gcol/r/innodb_virtual_purge.result
index 7951bd0e..3f1c4413 100644
--- a/mysql-test/suite/gcol/r/innodb_virtual_purge.result
+++ b/mysql-test/suite/gcol/r/innodb_virtual_purge.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 #
 # Bug#21869656 UNDO LOG DOES NOT CONTAIN ENOUGH INFORMATION
 # ON INDEXED VIRTUAL COLUMNS
@@ -171,3 +173,4 @@ CHECK TABLE t EXTENDED;
 Table	Op	Msg_type	Msg_text
 test.t	check	status	OK
 DROP TABLE t;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/gcol/t/gcol_bugfixes.test b/mysql-test/suite/gcol/t/gcol_bugfixes.test
index 4c1b00a8..1edc9779 100644
--- a/mysql-test/suite/gcol/t/gcol_bugfixes.test
+++ b/mysql-test/suite/gcol/t/gcol_bugfixes.test
@@ -724,3 +724,38 @@ DROP TABLE t1;
 --remove_file $datadir/test/load_t1
 
 
+--echo #
+--echo # MDEV-28566 Assertion `!expr->is_fixed()' failed in bool
+--echo #            Virtual_column_info::fix_session_expr(THD*)
+--echo #
+
+CREATE TABLE t1 (c1 CHAR(1));
+FLUSH TABLES WITH READ LOCK;
+--error ER_CANT_UPDATE_WITH_READLOCK
+UPDATE t1 SET c1=1;
+unlock tables;
+SELECT * FROM t1;
+DROP TABLE t1;
+
+CREATE TABLE t1 (c1 CHAR AS (CONCAT (0,DAYNAME (0))));
+FLUSH TABLES WITH READ LOCK;
+--error ER_CANT_UPDATE_WITH_READLOCK
+UPDATE t1 SET c1=1;
+unlock tables;
+UPDATE t1 SET c1=1;
+SELECT * FROM t1;
+DROP TABLE t1;
+
+CREATE TABLE t1 (a int primary key, c1 CHAR AS (CONCAT (0,DAYNAME (0))));
+insert into t1 (a) values (1);
+FLUSH TABLES WITH READ LOCK;
+--error ER_CANT_UPDATE_WITH_READLOCK
+UPDATE t1 SET c1=1;
+--error ER_CANT_UPDATE_WITH_READLOCK
+UPDATE t1 SET a=2;
+unlock tables;
+UPDATE t1 SET a=2;
+--error ER_WARNING_NON_DEFAULT_VALUE_FOR_GENERATED_COLUMN
+UPDATE t1 SET c1=1;
+SELECT * FROM t1;
+DROP TABLE t1;
diff --git a/mysql-test/suite/gcol/t/gcol_partition_innodb.test b/mysql-test/suite/gcol/t/gcol_partition_innodb.test
index a8765970..6bcd9d27 100644
--- a/mysql-test/suite/gcol/t/gcol_partition_innodb.test
+++ b/mysql-test/suite/gcol/t/gcol_partition_innodb.test
@@ -29,7 +29,9 @@
 ##### Storage engine to be tested
 # Set the session storage engine
 --source include/have_innodb.inc
-eval SET @@session.default_storage_engine = 'InnoDB';
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+SET default_storage_engine = 'InnoDB';
 
 ##### Workarounds for known open engine specific bugs
 #     none
@@ -58,6 +60,9 @@ REPLACE INTO t1 SELECT * FROM t1;
 DROP TABLE t1;
 
 --source suite/innodb/include/wait_all_purged.inc
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
 #------------------------------------------------------------------------------#
 # Cleanup
 --source suite/gcol/inc/gcol_cleanup.inc
diff --git a/mysql-test/suite/gcol/t/gcol_purge.test b/mysql-test/suite/gcol/t/gcol_purge.test
index cfe20c4a..4ebb37ad 100644
--- a/mysql-test/suite/gcol/t/gcol_purge.test
+++ b/mysql-test/suite/gcol/t/gcol_purge.test
@@ -4,7 +4,7 @@
 SET @save_dbug=@@GLOBAL.debug_dbug;
 CREATE TABLE t1(f1 INT NOT NULL, f2 int not null,
 		f3 int generated always as (f2 * 2) VIRTUAL,
-		primary key(f1), INDEX (f3))ENGINE=InnoDB;
+		primary key(f1), INDEX (f3))ENGINE=InnoDB STATS_PERSISTENT=0;
 connect(con1,localhost,root,,,);
 --source ../innodb/include/wait_all_purged.inc
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
diff --git a/mysql-test/suite/gcol/t/gcol_update.test b/mysql-test/suite/gcol/t/gcol_update.test
index 2076632f..86474f86 100644
--- a/mysql-test/suite/gcol/t/gcol_update.test
+++ b/mysql-test/suite/gcol/t/gcol_update.test
@@ -1,5 +1,8 @@
 --source include/have_innodb.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 connect (purge_control,localhost,root);
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
 
@@ -60,3 +63,5 @@ disconnect purge_control;
 
 connection default;
 drop table t1;
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/gcol/t/innodb_prefix_index_check.test b/mysql-test/suite/gcol/t/innodb_prefix_index_check.test
index 4923ead9..5cc46e16 100644
--- a/mysql-test/suite/gcol/t/innodb_prefix_index_check.test
+++ b/mysql-test/suite/gcol/t/innodb_prefix_index_check.test
@@ -20,3 +20,46 @@ REPLACE INTO t1(f3) VALUES (1),(1);
 
 DROP TABLE t1;
 
+--echo #Create and alter table examples for full column index followed by prefix index.
+
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1,f2),
+KEY(f1(5)))ENGINE=INNODB;
+
+REPLACE INTO t1(f2) VALUES (1),(1);
+
+ALTER TABLE t1 ADD INDEX(f2,f1);
+
+DROP TABLE t1;
+
+--echo #Create and alter table examples for small prefix index followed by large
+--echo #prefix index.
+
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1(5),f2),
+KEY(f1(10)))ENGINE=INNODB;
+
+REPLACE INTO t1(f2) VALUES (1),(1);
+
+ALTER TABLE t1 ADD INDEX(f2,f1);
+
+DROP TABLE t1;
+
+--echo #Create and alter table examples for prefix index followed by full column
+--echo #index.
+
+CREATE TABLE t1(
+f1 VARCHAR(100),
+f2 char(2),
+KEY(f1(5),f2),
+KEY(f1))ENGINE=INNODB;
+
+REPLACE INTO t1(f2) VALUES (1),(1);
+
+ALTER TABLE t1 ADD INDEX(f2,f1);
+
+DROP TABLE t1;
diff --git a/mysql-test/suite/gcol/t/innodb_virtual_debug.test b/mysql-test/suite/gcol/t/innodb_virtual_debug.test
index cd2b8604..c359f3c8 100644
--- a/mysql-test/suite/gcol/t/innodb_virtual_debug.test
+++ b/mysql-test/suite/gcol/t/innodb_virtual_debug.test
@@ -4,6 +4,10 @@
 --source include/count_sessions.inc
 
 set default_storage_engine=innodb;
+# Ensure that the history list length will actually be decremented by purge.
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 CREATE TABLE `t` (
   `a` VARCHAR(100),
   `b` VARCHAR(100),
@@ -338,4 +342,6 @@ DROP TABLE t1;
 connection default;
 SET DEBUG_SYNC=RESET;
 
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
 --source include/wait_until_count_sessions.inc
diff --git a/mysql-test/suite/gcol/t/innodb_virtual_purge.test b/mysql-test/suite/gcol/t/innodb_virtual_purge.test
index 99c7267c..5f3cae34 100644
--- a/mysql-test/suite/gcol/t/innodb_virtual_purge.test
+++ b/mysql-test/suite/gcol/t/innodb_virtual_purge.test
@@ -1,6 +1,9 @@
 --source include/have_innodb.inc
 --source include/count_sessions.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 --echo #
 --echo # Bug#21869656 UNDO LOG DOES NOT CONTAIN ENOUGH INFORMATION
 --echo # ON INDEXED VIRTUAL COLUMNS
@@ -182,4 +185,6 @@ SET GLOBAL innodb_max_purge_lag_wait=0;
 CHECK TABLE t EXTENDED;
 DROP TABLE t;
 
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
 --source include/wait_until_count_sessions.inc
diff --git a/mysql-test/suite/innodb/include/crc32.pl b/mysql-test/suite/innodb/include/crc32.pl
index c2bce09d..b26f1057 100644
--- a/mysql-test/suite/innodb/include/crc32.pl
+++ b/mysql-test/suite/innodb/include/crc32.pl
@@ -31,3 +31,26 @@ sub mycrc32 {
 
  return $crc;
 }
+
+
+# Fix the checksum of an InnoDB tablespace page.
+# Inputs:
+#   $page        A bytestring with the page data.
+#   $full_crc32  Checksum type, see get_full_crc32() in innodb-util.pl
+# Returns: the modified page as a bytestring.
+sub fix_page_crc {
+  my ($page, $full_crc32)= @_;
+  my $ps= length($page);
+  my $polynomial = 0x82f63b78; # CRC-32C
+  if ($full_crc32) {
+    my $ck = mycrc32(substr($page, 0, $ps - 4), 0, $polynomial);
+    substr($page, $ps - 4, 4) = pack("N", $ck);
+  } else {
+    my $ck= pack("N",
+                 mycrc32(substr($page, 4, 22), 0, $polynomial) ^
+                 mycrc32(substr($page, 38, $ps - 38 - 8), 0, $polynomial));
+    substr($page, 0, 4)= $ck;
+    substr($page, $ps-8, 4)= $ck;
+  }
+  return $page;
+}
diff --git a/mysql-test/suite/innodb/include/innodb-util.pl b/mysql-test/suite/innodb/include/innodb-util.pl
index 241545da..328ce5c7 100644
--- a/mysql-test/suite/innodb/include/innodb-util.pl
+++ b/mysql-test/suite/innodb/include/innodb-util.pl
@@ -124,3 +124,22 @@ sub ib_restore_ibd_files {
         ib_restore_ibd_file($tmpd, $datadir, $db, $table);
     }
 }
+
+# Read the flag whether a tablespace is using full_crc32.
+# Input: filehandle opened on the tablespace.
+sub get_full_crc32 {
+    my ($TBLSPC)= @_;
+    my $old_pos= sysseek($TBLSPC, 0, 1);
+    die "tell() failed on tablespace filehandle: $!\n"
+        unless defined($old_pos);
+    sysseek($TBLSPC, 0, 0)
+        or die "sysseek() failed on tablespace filehandle: $!\n";
+    my $tblspc_hdr;
+    sysread($TBLSPC, $tblspc_hdr, 58)
+        or die "Cannot read tablespace header: $!\n";
+    sysseek($TBLSPC, $old_pos, 0)
+        or die "sysseek() failed on tablespace filehandle: $!\n";
+    my $full_crc32=
+        unpack("N", substr($tblspc_hdr, 54, 4)) & 0x10; # FIL_SPACE_FLAGS
+    return $full_crc32;
+}
diff --git a/mysql-test/suite/innodb/r/add_foreign_key.result b/mysql-test/suite/innodb/r/add_foreign_key.result
new file mode 100644
index 00000000..75177478
--- /dev/null
+++ b/mysql-test/suite/innodb/r/add_foreign_key.result
@@ -0,0 +1,31 @@
+#
+# Bug #19471516 SERVER CRASHES WHEN EXECUTING ALTER TABLE ADD
+# FOREIGN KEY
+#
+CREATE TABLE `parent` (`parent_id` INT, PRIMARY KEY (`parent_id`));
+CREATE TABLE `child1` (`id` INT ,`child1_fk1` INT, `child1_fk2` INT,
+PRIMARY KEY (`id`));
+CREATE TABLE `child2` (`id` INT, `child2_fk1` INT, `child2_fk2` INT,
+PRIMARY KEY (`id`));
+CREATE TABLE `child3` (`id` INT , `child3_fk1` INT, PRIMARY KEY (`id`));
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk1`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk1`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk2`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk1`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk2`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child3` ADD FOREIGN KEY (`child3_fk1`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk2`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk1`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk2`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child3` ADD FOREIGN KEY (`child3_fk1`) REFERENCES
+`parent` (`parent_id`);
+drop table child3, child2, child1, parent;
diff --git a/mysql-test/suite/innodb/r/alter_kill.result b/mysql-test/suite/innodb/r/alter_kill.result
index 86e53343..51814088 100644
--- a/mysql-test/suite/innodb/r/alter_kill.result
+++ b/mysql-test/suite/innodb/r/alter_kill.result
@@ -2,6 +2,7 @@
 # Bug#16720368 INNODB CRASHES ON BROKEN #SQL*.IBD FILE AT STARTUP
 #
 SET GLOBAL innodb_file_per_table=1;
+SET GLOBAL innodb_stats_persistent=0;
 CREATE TABLE bug16720368_1 (a INT PRIMARY KEY) ENGINE=InnoDB;
 connect  con1,localhost,root;
 CREATE TABLE bug16720368 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
diff --git a/mysql-test/suite/innodb/r/alter_table.result b/mysql-test/suite/innodb/r/alter_table.result
index d39edd3c..192584bc 100644
--- a/mysql-test/suite/innodb/r/alter_table.result
+++ b/mysql-test/suite/innodb/r/alter_table.result
@@ -117,9 +117,20 @@ ERROR 42000: Incorrect column specifier for column 'c'
 CREATE TABLE t1 (c DATETIME AUTO_INCREMENT UNIQUE) ENGINE=InnoDB;
 ERROR 42000: Incorrect column specifier for column 'c'
 #
+# MDEV-31000 Assertion failed on ALTER TABLE...page_compressed=1
+#
+SET @save_file_per_table=@@GLOBAL.innodb_file_per_table;
+SET GLOBAL innodb_file_per_table=0;
+CREATE TABLE t (c INT PRIMARY KEY) ENGINE=INNODB;
+SET GLOBAL innodb_file_per_table=1;
+ALTER TABLE t page_compressed=1;
+SET GLOBAL innodb_file_per_table=@save_file_per_table;
+SELECT space>0 FROM information_schema.innodb_sys_tables WHERE name='test/t';
+space>0
+1
+DROP TABLE t;
 # End of 10.4 tests
 #
-#
 # MDEV-21748 ASAN use-after-poison in PageBulk::insertPage()
 #
 CREATE TABLE t1 (pk TIMESTAMP PRIMARY KEY, a TIMESTAMP NULL UNIQUE)
@@ -136,3 +147,4 @@ CREATE TABLE t1 (id INT PRIMARY KEY, a YEAR, INDEX(id,a)) ENGINE=InnoDB;
 INSERT INTO t1 VALUES (1,NULL),(2,NULL);
 UPDATE t1 SET a=0;
 DROP TABLE t1;
+# End of 10.5 tests
diff --git a/mysql-test/suite/innodb/r/cascade_lock_wait.result b/mysql-test/suite/innodb/r/cascade_lock_wait.result
new file mode 100644
index 00000000..9cc05df7
--- /dev/null
+++ b/mysql-test/suite/innodb/r/cascade_lock_wait.result
@@ -0,0 +1,76 @@
+create table t1 (f1 int primary key) engine=innodb;
+create table t2 (f1 int primary key,
+constraint c1 foreign key (f1) references t1(f1)
+on update cascade
+on delete cascade) engine=innodb;
+create table t3 (f1 int primary key,
+constraint c2 foreign key (f1) references t1(f1)
+on update cascade
+on delete cascade) engine=innodb;
+show create table t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `f1` int(11) NOT NULL,
+  PRIMARY KEY (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+show create table t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `f1` int(11) NOT NULL,
+  PRIMARY KEY (`f1`),
+  CONSTRAINT `c1` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+show create table t3;
+Table	Create Table
+t3	CREATE TABLE `t3` (
+  `f1` int(11) NOT NULL,
+  PRIMARY KEY (`f1`),
+  CONSTRAINT `c2` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`) ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+insert into t1 values (1);
+insert into t1 values (2);
+insert into t1 values (3);
+insert into t2 values (1);
+insert into t2 values (2);
+insert into t2 values (3);
+insert into t3 values (1);
+insert into t3 values (2);
+insert into t3 values (3);
+select f1 from t1;
+f1
+1
+2
+3
+select f1 from t2;
+f1
+1
+2
+3
+select f1 from t3;
+f1
+1
+2
+3
+set @save_dbug = @@debug_dbug;
+set debug_dbug = '+d,dml_cascade_only_once';
+set debug_dbug = '+d,row_upd_cascade_lock_wait_err';
+update t1 set f1 = 100 where f1 = 2;
+select f1 from t1;
+f1
+1
+3
+100
+select f1 from t2;
+f1
+1
+3
+100
+select f1 from t3;
+f1
+1
+3
+100
+set debug_dbug = @save_dbug;
+drop table t2;
+drop table t3;
+drop table t1;
diff --git a/mysql-test/suite/innodb/r/corrupted_during_recovery.result b/mysql-test/suite/innodb/r/corrupted_during_recovery.result
index d67dc8a6..2cab795f 100644
--- a/mysql-test/suite/innodb/r/corrupted_during_recovery.result
+++ b/mysql-test/suite/innodb/r/corrupted_during_recovery.result
@@ -9,7 +9,7 @@ INSERT INTO t2 VALUES(1);
 SELECT * FROM t1;
 ERROR 42000: Unknown storage engine 'InnoDB'
 SELECT * FROM t1;
-ERROR HY000: Table test/t1 is corrupted. Please drop the table and recreate.
+Got one of the listed errors
 SELECT * FROM t2;
 a
 1
diff --git a/mysql-test/suite/innodb/r/dml_purge.result b/mysql-test/suite/innodb/r/dml_purge.result
index 2b345089..1ef8a5ea 100644
--- a/mysql-test/suite/innodb/r/dml_purge.result
+++ b/mysql-test/suite/innodb/r/dml_purge.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 #
 # MDEV-12288 Reset DB_TRX_ID when the history is removed,
 # to speed up MVCC
@@ -46,3 +48,4 @@ a	b	c
 1	2	NULL
 3	-3	NULL
 DROP TABLE t1;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/doublewrite.result b/mysql-test/suite/innodb/r/doublewrite.result
index ba1965ed..65ff203a 100644
--- a/mysql-test/suite/innodb/r/doublewrite.result
+++ b/mysql-test/suite/innodb/r/doublewrite.result
@@ -1,23 +1,7 @@
 #
-# Bug #17335427 INNODB CAN NOT USE THE DOUBLEWRITE BUFFER PROPERLY
-# Bug #18144349 INNODB CANNOT USE THE DOUBLEWRITE BUFFER FOR THE FIRST
-# PAGE OF SYSTEM TABLESPACE
+# MDEV-32242 innodb.doublewrite test case always is skipped
 #
-SET GLOBAL innodb_fast_shutdown = 0;
-# restart
-show variables like 'innodb_doublewrite';
-Variable_name	Value
-innodb_doublewrite	ON
-show variables like 'innodb_fil_make_page_dirty_debug';
-Variable_name	Value
-innodb_fil_make_page_dirty_debug	0
-show variables like 'innodb_saved_page_number_debug';
-Variable_name	Value
-innodb_saved_page_number_debug	0
-connect  stop_purge,localhost,root,,;
-START TRANSACTION WITH CONSISTENT SNAPSHOT;
-connection default;
-create table t1 (f1 int primary key, f2 blob) engine=innodb stats_persistent=0;
+create table t1 (f1 int primary key, f2 blob) stats_persistent=0, engine=innodb;
 start transaction;
 insert into t1 values(1, repeat('#',12));
 insert into t1 values(2, repeat('+',12));
@@ -25,195 +9,21 @@ insert into t1 values(3, repeat('/',12));
 insert into t1 values(4, repeat('-',12));
 insert into t1 values(5, repeat('.',12));
 commit work;
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if first page of user
-# tablespace is full of zeroes.
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-begin;
-insert into t1 values (6, repeat('%', 12));
-# Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Make the first page dirty for table t1
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-# Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-disconnect stop_purge;
-# Make the first page (page_no=0) of the user tablespace
-# full of zeroes.
-#
-# MDEV-11623: Use old FSP_SPACE_FLAGS in the doublewrite buffer.
-# restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if first page of user
-# tablespace is corrupted.
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-# Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-set global innodb_log_checkpoint_now=1;
-begin;
-insert into t1 values (6, repeat('%', 12));
-# Make the first page dirty for table t1
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-# Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-# Corrupt the first page (page_no=0) of the user tablespace.
-# restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if 2nd page of user
-# tablespace is full of zeroes.
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-# Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Make the 2nd page dirty for table t1
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-# Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-# Make the 2nd page (page_no=1) of the tablespace all zeroes.
-# restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if 2nd page of user
-# tablespace is corrupted.
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-# Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Make the 2nd page dirty for table t1
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-# Ensure that the dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-# Corrupt the 2nd page (page_no=1) of the user tablespace.
-# restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if first page of
-# system tablespace is full of zeroes.
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Make the first page dirty for system tablespace
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = 0;
-# Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-# Make the first page (page_no=0) of the system tablespace
-# all zeroes.
-# restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if first page of
-# system tablespace is corrupted.
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Make the first page dirty for system tablespace
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = 0;
-# Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
-# Kill the server
-# Corrupt the first page (page_no=0) of the system tablespace.
+SET GLOBAL innodb_fast_shutdown = 0;
 # restart
-check table t1;
-Table	Op	Msg_type	Msg_text
-test.t1	check	status	OK
-select f1, f2 from t1;
-f1	f2
-1	############
-2	++++++++++++
-3	////////////
-4	------------
-5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if 2nd page of
-# system tablespace is full of zeroes.
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Make the second page dirty for system tablespace
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = 0;
-# Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
+connect  dml,localhost,root,,;
+XA START 'x';
+insert into t1 values (6, repeat('%', @@innodb_page_size/2));
+XA END 'x';
+XA PREPARE 'x';
+disconnect dml;
+connection default;
+flush table t1 for export;
 # Kill the server
-# Make the 2nd page (page_no=1) of the system tablespace
-# all zeroes.
 # restart
+FOUND 1 /InnoDB: Restoring page \[page id: space=[1-9][0-9]*, page number=0\] of datafile/ in mysqld.1.err
+FOUND 1 /InnoDB: Recovered page \[page id: space=[1-9][0-9]*, page number=3\]/ in mysqld.1.err
+XA ROLLBACK 'x';
 check table t1;
 Table	Op	Msg_type	Msg_text
 test.t1	check	status	OK
@@ -224,27 +34,21 @@ f1	f2
 3	////////////
 4	------------
 5	............
-# Test End
-# ---------------------------------------------------------------
-# Test Begin: Test if recovery works if 2nd page of
-# system tablespace is corrupted.
-begin;
-insert into t1 values (6, repeat('%', 400));
-# Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-# Make the second page dirty for system tablespace
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = 0;
-# Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
+connect  dml,localhost,root,,;
+XA START 'x';
+insert into t1 values (6, repeat('%', @@innodb_page_size/2));
+XA END 'x';
+XA PREPARE 'x';
+disconnect dml;
+connection default;
+flush table t1 for export;
 # Kill the server
-# Make the 2nd page (page_no=1) of the system tablespace
-# all zeroes.
 # restart
+FOUND 1 /InnoDB: Restoring page \[page id: space=[1-9][0-9]*, page number=0\] of datafile/ in mysqld.1.err
+XA ROLLBACK 'x';
 check table t1;
 Table	Op	Msg_type	Msg_text
 test.t1	check	status	OK
-FOUND 1 /InnoDB: .*test.t1\.ibd/ in mysqld.1.err
 select f1, f2 from t1;
 f1	f2
 1	############
@@ -253,14 +57,4 @@ f1	f2
 4	------------
 5	............
 drop table t1;
-#
-# MDEV-12600 crash during install_db with innodb_page_size=32K
-# and ibdata1=3M
-#
-# restart: --innodb-log-group-home-dir=MYSQLTEST_VARDIR/tmp/doublewrite --innodb-data-home-dir=MYSQLTEST_VARDIR/tmp/doublewrite --innodb-data-file-path=ibdata1:1M;ibdata2:1M:autoextend
-SELECT * FROM INFORMATION_SCHEMA.ENGINES
-WHERE engine = 'innodb'
-AND support IN ('YES', 'DEFAULT', 'ENABLED');
-ENGINE	SUPPORT	COMMENT	TRANSACTIONS	XA	SAVEPOINTS
-FOUND 1 /\[ERROR\] InnoDB: Cannot create doublewrite buffer/ in mysqld.1.err
-# restart
+# End of 10.5 tests
diff --git a/mysql-test/suite/innodb/r/doublewrite_debug.result b/mysql-test/suite/innodb/r/doublewrite_debug.result
new file mode 100644
index 00000000..aa141c18
--- /dev/null
+++ b/mysql-test/suite/innodb/r/doublewrite_debug.result
@@ -0,0 +1,94 @@
+#
+# Bug #17335427 INNODB CAN NOT USE THE DOUBLEWRITE BUFFER PROPERLY
+# Bug #18144349 INNODB CANNOT USE THE DOUBLEWRITE BUFFER FOR THE FIRST
+# PAGE OF SYSTEM TABLESPACE
+#
+show variables like 'innodb_doublewrite';
+Variable_name	Value
+innodb_doublewrite	ON
+show variables like 'innodb_fil_make_page_dirty_debug';
+Variable_name	Value
+innodb_fil_make_page_dirty_debug	0
+show variables like 'innodb_saved_page_number_debug';
+Variable_name	Value
+innodb_saved_page_number_debug	0
+create table t1 (f1 int primary key, f2 blob) engine=innodb stats_persistent=0;
+start transaction;
+insert into t1 values(1, repeat('#',12));
+insert into t1 values(2, repeat('+',12));
+insert into t1 values(3, repeat('/',12));
+insert into t1 values(4, repeat('-',12));
+insert into t1 values(5, repeat('.',12));
+commit work;
+# Test Begin: Test if recovery works if 1st page and 2nd page
+# of system tablespace is full of zeroes.
+SET GLOBAL innodb_fast_shutdown = 0;
+# restart: --debug_dbug=+d,ib_log_checkpoint_avoid_hard --innodb_flush_sync=0
+begin;
+insert into t1 values (6, repeat('%', 400));
+# Make the first page dirty for system tablespace
+set global innodb_saved_page_number_debug = 0;
+set global innodb_fil_make_page_dirty_debug = 0;
+# Make the second page dirty for system tablespace
+set global innodb_saved_page_number_debug = 1;
+set global innodb_fil_make_page_dirty_debug = 0;
+set global innodb_buf_flush_list_now = 1;
+# Kill the server
+# Make the 1st page (page_no=0) and 2nd page (page_no=1)
+# of the system tablespace all zeroes.
+# restart
+FOUND 1 /InnoDB: Restoring page \[page id: space=0, page number=0\] of datafile/ in mysqld.1.err
+FOUND 1 /InnoDB: Recovered page \[page id: space=0, page number=1\]/ in mysqld.1.err
+check table t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+select f1, f2 from t1;
+f1	f2
+1	############
+2	++++++++++++
+3	////////////
+4	------------
+5	............
+# Test End
+# ---------------------------------------------------------------
+# Test Begin: Test if recovery works if 1st page of
+# system tablespace is corrupted and 2nd page as corrupted.
+# restart: --debug_dbug=+d,ib_log_checkpoint_avoid_hard --innodb_flush_sync=0
+begin;
+insert into t1 values (6, repeat('%', 400));
+# Make the first page dirty for system tablespace
+set global innodb_saved_page_number_debug = 0;
+set global innodb_fil_make_page_dirty_debug = 0;
+# Make the second page dirty for system tablespace
+set global innodb_saved_page_number_debug = 1;
+set global innodb_fil_make_page_dirty_debug = 0;
+set global innodb_buf_flush_list_now = 1;
+# Kill the server
+# Corrupt the 1st page (page_no=0) and 2nd page of the system tablespace.
+# restart
+FOUND 2 /InnoDB: Restoring page \[page id: space=0, page number=0\] of datafile/ in mysqld.1.err
+FOUND 2 /InnoDB: Recovered page \[page id: space=0, page number=1\]/ in mysqld.1.err
+check table t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+select f1, f2 from t1;
+f1	f2
+1	############
+2	++++++++++++
+3	////////////
+4	------------
+5	............
+drop table t1;
+# Test End
+# ---------------------------------------------------------------
+#
+# MDEV-12600 crash during install_db with innodb_page_size=32K
+# and ibdata1=3M
+#
+# restart: --innodb-log-group-home-dir=MYSQLTEST_VARDIR/tmp/doublewrite --innodb-data-home-dir=MYSQLTEST_VARDIR/tmp/doublewrite --innodb-undo-tablespaces=0 --innodb-data-file-path=ibdata1:1M;ibdata2:1M:autoextend
+SELECT * FROM INFORMATION_SCHEMA.ENGINES
+WHERE engine = 'innodb'
+AND support IN ('YES', 'DEFAULT', 'ENABLED');
+ENGINE	SUPPORT	COMMENT	TRANSACTIONS	XA	SAVEPOINTS
+FOUND 1 /\[ERROR\] InnoDB: Cannot create doublewrite buffer/ in mysqld.1.err
+# restart
diff --git a/mysql-test/suite/innodb/r/fk_col_alter.result b/mysql-test/suite/innodb/r/fk_col_alter.result
index 403bef6a..c6fdc323 100644
--- a/mysql-test/suite/innodb/r/fk_col_alter.result
+++ b/mysql-test/suite/innodb/r/fk_col_alter.result
@@ -115,4 +115,17 @@ ALTER TABLE t2 DROP INDEX idx;
 ALTER TABLE t2 MODIFY f2 VARCHAR(1023);
 SET SESSION FOREIGN_KEY_CHECKS = ON;
 DROP TABLE t2, t1;
+#
+#  MDEV-32638 MariaDB crashes with foreign_key_checks=0
+#	when changing a column and adding a foreign
+#		key at the same time
+#
+CREATE TABLE t1(f1 VARCHAR(2) NOT NULL, PRIMARY KEY(f1))ENGINE=InnoDB;
+CREATE TABLE t2(f1 INT NOT NULL PRIMARY KEY,
+f2 VARCHAR(10) NOT NULL DEFAULT '')ENGINE=InnoDB;
+SET SESSION FOREIGN_KEY_CHECKS = OFF;
+ALTER TABLE t2 CHANGE COLUMN f2 f3 VARCHAR(20) NOT NULL,
+ADD CONSTRAINT t2_fk FOREIGN KEY(f3) REFERENCES t1(f1);
+DROP TABLE t2, t1;
+SET SESSION FOREIGN_KEY_CHECKS = ON;
 # End of 10.4 tests
diff --git a/mysql-test/suite/innodb/r/fk_drop_alter.result b/mysql-test/suite/innodb/r/fk_drop_alter.result
new file mode 100644
index 00000000..414f44f2
--- /dev/null
+++ b/mysql-test/suite/innodb/r/fk_drop_alter.result
@@ -0,0 +1,44 @@
+#
+#  MDEV-22230 : Unexpected ER_ERROR_ON_RENAME upon DROP
+#	non-existing FOREIGN KEY
+#
+CREATE TABLE t1 (a INT) ENGINE=InnoDB;
+ALTER TABLE t1 DROP FOREIGN KEY x, ALGORITHM=COPY;
+ERROR 42000: Can't DROP FOREIGN KEY `x`; check that it exists
+ALTER TABLE t1 DROP FOREIGN KEY x, ALGORITHM=INPLACE;
+ERROR 42000: Can't DROP FOREIGN KEY `x`; check that it exists
+DROP TABLE t1;
+CREATE TABLE t1 (a INT, KEY(a)) ENGINE=InnoDB;
+CREATE TABLE t2 (a INT, FOREIGN KEY fk_id (a) REFERENCES t1(a))ENGINE=InnoDB;
+CREATE TABLE t3 (a INT, FOREIGN KEY fk_1 (a) REFERENCES t1(a))ENGINE=InnoDB;
+ALTER TABLE t3 DROP FOREIGN KEY IF EXISTS fk_id;
+Warnings:
+Note	1091	Can't DROP FOREIGN KEY `fk_id`; check that it exists
+DROP TABLE t3, t2;
+ALTER TABLE t1 MODIFY COLUMN a VARCHAR(2), DROP FOREIGN KEY IF EXISTS x;
+Warnings:
+Note	1091	Can't DROP FOREIGN KEY `x`; check that it exists
+DROP TABLE t1;
+CREATE DATABASE best;
+CREATE TABLE best.t1(f1 INT, KEY(f1))ENGINE=InnoDB;
+CREATE TABLE best.t2(f1 INT, FOREIGN KEY foo(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+CREATE TABLE t1(f1 INT, KEY(f1))ENGINE=InnoDB;
+CREATE TABLE t2(f1 INT, FOREIGN KEY foo(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+ALTER TABLE t2 DROP FOREIGN KEY foo;
+ALTER TABLE t2 DROP FOREIGN KEY foo;
+ERROR 42000: Can't DROP FOREIGN KEY `foo`; check that it exists
+ALTER TABLE t2 DROP FOREIGN KEY IF EXISTS foo;
+Warnings:
+Note	1091	Can't DROP FOREIGN KEY `foo`; check that it exists
+SHOW CREATE TABLE best.t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `f1` int(11) DEFAULT NULL,
+  KEY `foo` (`f1`),
+  CONSTRAINT `foo` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN;
+ID	FOR_NAME	REF_NAME	N_COLS	TYPE
+best/foo	best/t2	best/t1	1	0
+DROP TABLE best.t2, best.t1, t2, t1;
+DROP DATABASE best;
diff --git a/mysql-test/suite/innodb/r/foreign-keys.result b/mysql-test/suite/innodb/r/foreign-keys.result
index 503825db..f7f87bd7 100644
--- a/mysql-test/suite/innodb/r/foreign-keys.result
+++ b/mysql-test/suite/innodb/r/foreign-keys.result
@@ -236,3 +236,10 @@ INSERT INTO t2 VALUES('G', 3);
 ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `t1` (`f1`))
 DROP TABLE t2, t1;
 SET FOREIGN_KEY_CHECKS=DEFAULT;
+CREATE TABLE t1(a SERIAL) ENGINE=InnoDB ROW_FORMAT=COMPRESSED PAGE_COMPRESSED=1;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+SHOW WARNINGS;
+Level	Code	Message
+Warning	140	InnoDB: PAGE_COMPRESSED table can't have ROW_TYPE=COMPRESSED
+Error	1005	Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+Warning	1030	Got error 140 "Wrong create options" from storage engine InnoDB
diff --git a/mysql-test/suite/innodb/r/foreign_key.result b/mysql-test/suite/innodb/r/foreign_key.result
index bfed09d4..808e2270 100644
--- a/mysql-test/suite/innodb/r/foreign_key.result
+++ b/mysql-test/suite/innodb/r/foreign_key.result
@@ -1,3 +1,4 @@
+SET GLOBAL innodb_stats_persistent = 0;
 #
 # Bug #19027905 ASSERT RET.SECOND DICT_CREATE_FOREIGN_CONSTRAINTS_LOW
 # DICT_CREATE_FOREIGN_CONSTR
@@ -154,6 +155,8 @@ INSERT INTO parent SET a=0;
 FLUSH TABLES;
 # restart
 disconnect incomplete;
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 INSERT INTO child SET a=0;
 INSERT INTO child SET a=1;
 ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`child`, CONSTRAINT `child_ibfk_1` FOREIGN KEY (`a`) REFERENCES `parent` (`a`) ON DELETE CASCADE)
@@ -722,7 +725,9 @@ pk	a	b
 13	0	1
 14	0	1
 15	1	0
-disconnect con1;
+connection con1;
+COMMIT;
+connection default;
 InnoDB		0 transactions not purged
 CHECK TABLE t1;
 Table	Op	Msg_type	Msg_text
@@ -900,8 +905,29 @@ CONSTRAINT FK_t1_id FOREIGN KEY (t1_id) REFERENCES t1 (id)
 ALTER TABLE t1 MODIFY id INT unsigned AUTO_INCREMENT;
 DROP TABLE t1,t2;
 #
-# End of 10.4 tests
+# MDEV-31441 BLOB corruption on UPDATE of PRIMARY KEY with FOREIGN KEY
 #
+CREATE TABLE t1 (pk INT PRIMARY KEY, t TEXT) ENGINE=InnoDB;
+CREATE TABLE t2 (pk INT PRIMARY KEY, FOREIGN KEY (pk) REFERENCES t1(pk))
+ENGINE=InnoDB;
+SET @blob = REPEAT('A', @@innodb_page_size / 2);
+INSERT INTO t1 SET pk=1, t=@blob;
+INSERT INTO t2 SET pk=1;
+connection con1;
+BEGIN;
+DELETE FROM t2;
+connection default;
+UPDATE t1 SET pk=12;
+connection con1;
+COMMIT;
+disconnect con1;
+connection default;
+UPDATE t1 SET pk=1;
+SELECT pk,t=@blob FROM t1;
+pk	t=@blob
+1	1
+DROP TABLE t2, t1;
+# End of 10.4 tests
 #
 # MDEV-20729 Fix REFERENCES constraint in column definition
 #
@@ -1074,3 +1100,4 @@ test.collections	check	status	OK
 disconnect con1;
 DROP TABLE binaries, collections;
 # End of 10.6 tests
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/full_crc32_import.result b/mysql-test/suite/innodb/r/full_crc32_import.result
index 32964be4..548e69c1 100644
--- a/mysql-test/suite/innodb/r/full_crc32_import.result
+++ b/mysql-test/suite/innodb/r/full_crc32_import.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 FLUSH TABLES;
 # Treating compact format as dynamic format after import stmt
 CREATE TABLE t1
@@ -200,3 +202,4 @@ a
 3
 DROP TABLE t1;
 SET GLOBAL innodb_compression_algorithm=@save_algo;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/ibuf_not_empty.result b/mysql-test/suite/innodb/r/ibuf_not_empty.result
index 1dc7f032..81ca907b 100644
--- a/mysql-test/suite/innodb/r/ibuf_not_empty.result
+++ b/mysql-test/suite/innodb/r/ibuf_not_empty.result
@@ -14,6 +14,7 @@ check table t1;
 Table	Op	Msg_type	Msg_text
 test.t1	check	Warning	InnoDB: Index 'b' contains 990 entries, should be 1024.
 test.t1	check	error	Corrupt
+SET GLOBAL innodb_buf_flush_list_now=ON;
 # restart: --innodb-force_recovery=0
 SET GLOBAL innodb_fast_shutdown=0;
 # restart: --innodb-force_recovery=0
diff --git a/mysql-test/suite/innodb/r/import_update_stats.result b/mysql-test/suite/innodb/r/import_update_stats.result
new file mode 100644
index 00000000..ddf78f18
--- /dev/null
+++ b/mysql-test/suite/innodb/r/import_update_stats.result
@@ -0,0 +1,72 @@
+SET @old_innodb_file_per_table = @@innodb_file_per_table;
+SET GLOBAL innodb_file_per_table = 1;
+SELECT @@innodb_file_per_table;
+@@innodb_file_per_table
+1
+CREATE TABLE t1 (
+col_1 CHAR (255),
+col_2 VARCHAR (255)
+) ENGINE = InnoDB;
+CREATE INDEX idx1 ON t1(col_1);
+CREATE INDEX idx2 ON t1(col_2);
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	0	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	0	NULL	NULL	YES	BTREE			NO
+INSERT INTO t1  VALUES ("col1_00001", "col2_00001"), ("col1_00002", "col2_00002");
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	2	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	2	NULL	NULL	YES	BTREE			NO
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	Engine-independent statistics collected
+test.t1	analyze	status	OK
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	2	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	2	NULL	NULL	YES	BTREE			NO
+FLUSH TABLES t1 FOR EXPORT;
+backup: t1
+UNLOCK TABLES;
+DROP TABLE t1;
+CREATE TABLE t1 (
+col_1 CHAR (255),
+col_2 VARCHAR (255)
+) ENGINE = InnoDB STATS_PERSISTENT=1;
+CREATE INDEX idx1 ON t1(col_1);
+CREATE INDEX idx2 ON t1(col_2);
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	0	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	0	NULL	NULL	YES	BTREE			NO
+INSERT INTO t1  VALUES ("col1_00001", "col2_00001");
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	1	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	1	NULL	NULL	YES	BTREE			NO
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	OK
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	1	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	1	NULL	NULL	YES	BTREE			NO
+ALTER TABLE t1 DISCARD TABLESPACE;
+restore: t1 .ibd and .cfg files
+ALTER TABLE t1 IMPORT TABLESPACE;
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	2	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	2	NULL	NULL	YES	BTREE			NO
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	OK
+SHOW INDEXES FROM t1;
+Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
+t1	1	idx1	1	col_1	A	2	NULL	NULL	YES	BTREE			NO
+t1	1	idx2	1	col_2	A	2	NULL	NULL	YES	BTREE			NO
+DROP TABLE t1;
+SET GLOBAL innodb_file_per_table = @old_innodb_file_per_table;
diff --git a/mysql-test/suite/innodb/r/index_length.result b/mysql-test/suite/innodb/r/index_length.result
new file mode 100644
index 00000000..cc92780a
--- /dev/null
+++ b/mysql-test/suite/innodb/r/index_length.result
@@ -0,0 +1,23 @@
+connect  stop_purge,localhost,root;
+START TRANSACTION WITH CONSISTENT SNAPSHOT;
+connection default;
+CREATE TABLE t1(a INT PRIMARY KEY, b VARCHAR(1024))
+ENGINE=InnoDB STATS_PERSISTENT=1;
+INSERT INTO t1 VALUES (1,REPEAT('b',1024));
+SELECT index_length FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+index_length
+0
+ALTER TABLE t1 ADD INDEX b (b(800));
+SELECT FLOOR(index_length/@@innodb_page_size) FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+FLOOR(index_length/@@innodb_page_size)
+1
+ALTER TABLE t1 ADD INDEX ba (b(800),a);
+SELECT FLOOR(index_length/@@innodb_page_size) FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+FLOOR(index_length/@@innodb_page_size)
+2
+disconnect stop_purge;
+DROP TABLE t1;
+# End of 10.4 tests
diff --git a/mysql-test/suite/innodb/r/index_merge_threshold.result b/mysql-test/suite/innodb/r/index_merge_threshold.result
index 41897b80..83f7ab33 100644
--- a/mysql-test/suite/innodb/r/index_merge_threshold.result
+++ b/mysql-test/suite/innodb/r/index_merge_threshold.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 CREATE TABLE tab(a BIGINT PRIMARY KEY,c1 TINYTEXT,c2 TEXT,c3 MEDIUMTEXT,
 c4 TINYBLOB,c5 BLOB,c6 MEDIUMBLOB,c7 LONGBLOB) ENGINE=InnoDB;
 CREATE INDEX index1 ON tab(c1(255)) COMMENT 'Check index level merge MERGE_THRESHOLD=51';
@@ -1307,3 +1309,4 @@ name	count_reset
 index_page_merge_attempts	2
 index_page_merge_successful	2
 DROP TABLE tab1;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/innodb-16k.result b/mysql-test/suite/innodb/r/innodb-16k.result
index 3d62a2f8..a7fbe860 100644
--- a/mysql-test/suite/innodb/r/innodb-16k.result
+++ b/mysql-test/suite/innodb/r/innodb-16k.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 call mtr.add_suppression("InnoDB: Cannot add field .* in table");
 # Test 1) Show the page size from Information Schema
 SELECT variable_value FROM information_schema.global_status
@@ -505,6 +507,7 @@ INSERT INTO t1 VALUES(REPEAT('A',512)),(REPEAT('B',512));
 DROP TABLE t1;
 InnoDB		0 transactions not purged
 SET GLOBAL innodb_compression_level=@save_level;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
 DROP TABLE t1_purge, t2_purge, t3_purge, t4_purge;
 DROP TABLE tlong;
 DROP TABLE tlong2;
diff --git a/mysql-test/suite/innodb/r/innodb-32k.result b/mysql-test/suite/innodb/r/innodb-32k.result
index b64ff332..8742a769 100644
--- a/mysql-test/suite/innodb/r/innodb-32k.result
+++ b/mysql-test/suite/innodb/r/innodb-32k.result
@@ -1,4 +1,25 @@
+SET GLOBAL innodb_stats_persistent = 0;
 call mtr.add_suppression("Innodb: Cannot add field.*row size is");
+SET SESSION innodb_strict_mode=ON;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+SET SESSION innodb_strict_mode=OFF;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+Warnings:
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+SHOW WARNINGS;
+Level	Code	Message
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+DROP TABLE t1;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+Warnings:
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+SHOW WARNINGS;
+Level	Code	Message
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+DROP TABLE t1;
 # Test 1) Show the page size from Information Schema
 SELECT variable_value FROM information_schema.global_status
 WHERE LOWER(variable_name) = 'innodb_page_size';
diff --git a/mysql-test/suite/innodb/r/innodb-64k.result b/mysql-test/suite/innodb/r/innodb-64k.result
index 75817956..c1724839 100644
--- a/mysql-test/suite/innodb/r/innodb-64k.result
+++ b/mysql-test/suite/innodb/r/innodb-64k.result
@@ -1,4 +1,24 @@
 call mtr.add_suppression('InnoDB: Cannot add field.*because after adding it, the row size is');
+SET SESSION innodb_strict_mode=ON;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+ERROR HY000: Can't create table `test`.`t1` (errno: 140 "Wrong create options")
+SET SESSION innodb_strict_mode=OFF;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+Warnings:
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+SHOW WARNINGS;
+Level	Code	Message
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+DROP TABLE t1;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+Warnings:
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+SHOW WARNINGS;
+Level	Code	Message
+Warning	1478	InnoDB: Cannot create a COMPRESSED table when innodb_page_size > 16k. Assuming ROW_FORMAT=DYNAMIC.
+DROP TABLE t1;
 # Test 1) Show the page size from Information Schema
 SELECT variable_value FROM information_schema.global_status
 WHERE LOWER(variable_name) = 'innodb_page_size';
diff --git a/mysql-test/suite/innodb/r/innodb-ac-non-locking-select.result b/mysql-test/suite/innodb/r/innodb-ac-non-locking-select.result
new file mode 100644
index 00000000..5d12c107
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb-ac-non-locking-select.result
@@ -0,0 +1,62 @@
+CREATE TABLE t1 (c1 INT , c2 CHAR(10), PRIMARY KEY (c1)) ENGINE = InnoDB;
+INSERT INTO t1 VALUES(0, "0");
+INSERT INTO t1 VALUES(1, "1");
+INSERT INTO t1 VALUES(2, "2");
+INSERT INTO t1 VALUES(3, "3");
+connect  con1,localhost,root,,;
+connect  con2,localhost,root,,;
+connect  con3,localhost,root,,;
+connect  con4,localhost,root,,;
+connect  con5,localhost,root,,;
+connect  con6,localhost,root,,;
+connection default;
+SET AUTOCOMMIT=0;
+BEGIN;
+SELECT * FROM t1 FOR UPDATE;
+c1	c2
+0	0
+1	1
+2	2
+3	3
+SELECT * FROM t1 WHERE c1 <= 3;
+c1	c2
+0	0
+1	1
+2	2
+3	3
+connection default;
+SET DEBUG_SYNC='now WAIT_FOR waiting4';
+SET DEBUG_SYNC= 'RESET';
+SELECT trx_state, trx_query, trx_autocommit_non_locking
+FROM INFORMATION_SCHEMA.INNODB_TRX
+WHERE trx_state = 'LOCK WAIT'
+ORDER BY trx_query;
+trx_state	trx_query	trx_autocommit_non_locking
+LOCK WAIT	SELECT COUNT(*) FROM t1 LOCK IN SHARE MODE	0
+LOCK WAIT	SELECT COUNT(*) FROM t1 WHERE c1 >= 0	0
+INSERT INTO t1 VALUES(4, '4');
+COMMIT;
+connection con6;
+SELECT * FROM t1 WHERE c1 <= 4;
+c1	c2
+0	0
+1	1
+2	2
+3	3
+XA END '1';
+XA PREPARE '1';
+XA ROLLBACK '1';
+disconnect con6;
+disconnect con2;
+disconnect con3;
+disconnect con5;
+connection con1;
+COUNT(*)
+5
+disconnect con1;
+connection con4;
+COUNT(*)
+5
+disconnect con4;
+connection default;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb-alter-tempfile.result b/mysql-test/suite/innodb/r/innodb-alter-tempfile.result
index 4475abab..00a210b8 100644
--- a/mysql-test/suite/innodb/r/innodb-alter-tempfile.result
+++ b/mysql-test/suite/innodb/r/innodb-alter-tempfile.result
@@ -44,8 +44,6 @@ set DEBUG_SYNC="now WAIT_FOR default_signal";
 # restart
 disconnect con1;
 SHOW KEYS FROM t1;
-Table	Non_unique	Key_name	Seq_in_index	Column_name	Collation	Cardinality	Sub_part	Packed	Null	Index_type	Comment	Index_comment	Ignored
-t1	1	f1	1	f1	A	#	NULL	NULL		BTREE			NO
 DROP TABLE t1;
 #
 # MDEV-25503 InnoDB hangs on startup during recovery
diff --git a/mysql-test/suite/innodb/r/innodb-alter.result b/mysql-test/suite/innodb/r/innodb-alter.result
index 16c33ee0..edeebac5 100644
--- a/mysql-test/suite/innodb/r/innodb-alter.result
+++ b/mysql-test/suite/innodb/r/innodb-alter.result
@@ -1090,3 +1090,59 @@ ALTER TABLE t1 ADD COLUMN b DATETIME NOT NULL, LOCK=NONE;
 # Cleanup
 SET @@SQL_MODE= @OLD_SQL_MODE;
 DROP TABLE t1;
+#
+# Bug#20977779 CANNOT IMPORT TABLES CONTAINING PREFIX INDEXES
+#
+CREATE TABLE t1 (c1 VARCHAR(32), c2 VARCHAR(32), c3 VARCHAR(32),
+PRIMARY KEY (c1, c2, c3))
+ENGINE=InnoDB;
+ALTER TABLE t1 ADD INDEX ind1(c1(5), c2, c3);
+ALTER TABLE t1 ADD INDEX ind2(c3, c1(10), c2);
+ALTER TABLE t1 ADD INDEX ind3(c2, c3, c1(20));
+INSERT INTO t1 VALUES ('Test Data -1', 'Test Data -2', 'Test Data -3');
+# Test with 2ndary index having prefix
+FLUSH TABLES test.t1 FOR EXPORT;
+UNLOCK TABLES;
+ALTER TABLE test.t1 DISCARD TABLESPACE;
+ALTER TABLE test.t1 IMPORT TABLESPACE;
+CHECK TABLE test.t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+SHOW CREATE TABLE test.t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `c1` varchar(32) NOT NULL,
+  `c2` varchar(32) NOT NULL,
+  `c3` varchar(32) NOT NULL,
+  PRIMARY KEY (`c1`,`c2`,`c3`),
+  KEY `ind1` (`c1`(5),`c2`,`c3`),
+  KEY `ind2` (`c3`,`c1`(10),`c2`),
+  KEY `ind3` (`c2`,`c3`,`c1`(20))
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT * FROM test.t1;
+c1	c2	c3
+Test Data -1	Test Data -2	Test Data -3
+# Test with PK & 2ndary index with prefix
+ALTER TABLE t1 DROP PRIMARY KEY, ADD PRIMARY KEY(c1(5), c2(10), c3(20));
+FLUSH TABLES test.t1 FOR EXPORT;
+UNLOCK TABLES;
+ALTER TABLE test.t1 DISCARD TABLESPACE;
+ALTER TABLE test.t1 IMPORT TABLESPACE;
+CHECK TABLE test.t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+SHOW CREATE TABLE test.t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `c1` varchar(32) NOT NULL,
+  `c2` varchar(32) NOT NULL,
+  `c3` varchar(32) NOT NULL,
+  PRIMARY KEY (`c1`(5),`c2`(10),`c3`(20)),
+  KEY `ind1` (`c1`(5),`c2`,`c3`),
+  KEY `ind2` (`c3`,`c1`(10),`c2`),
+  KEY `ind3` (`c2`,`c3`,`c1`(20))
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT * FROM test.t1;
+c1	c2	c3
+Test Data -1	Test Data -2	Test Data -3
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb-blob.result b/mysql-test/suite/innodb/r/innodb-blob.result
index 8173d30e..0be1ca5b 100644
--- a/mysql-test/suite/innodb/r/innodb-blob.result
+++ b/mysql-test/suite/innodb/r/innodb-blob.result
@@ -20,8 +20,6 @@ a	RIGHT(b,20)
 2	bbbbbbbbbbbbbbbbbbbb
 connection default;
 SET DEBUG='+d,row_ins_extern_checkpoint';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET DEBUG_SYNC='before_row_ins_extern_latch SIGNAL rec_not_blob WAIT_FOR crash';
 ROLLBACK;
 BEGIN;
@@ -88,8 +86,6 @@ BEGIN;
 INSERT INTO t2 VALUES (347);
 connection default;
 SET DEBUG='+d,row_upd_extern_checkpoint';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET DEBUG_SYNC='before_row_upd_extern SIGNAL have_latch WAIT_FOR crash';
 UPDATE t3 SET c=REPEAT('i',3000) WHERE a=2;
 connection con2;
@@ -126,8 +122,6 @@ BEGIN;
 INSERT INTO t2 VALUES (33101);
 connection default;
 SET DEBUG='+d,row_upd_extern_checkpoint';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET DEBUG_SYNC='after_row_upd_extern SIGNAL have_latch WAIT_FOR crash';
 UPDATE t3 SET c=REPEAT('j',3000) WHERE a=2;
 connection con2;
diff --git a/mysql-test/suite/innodb/r/innodb-index-debug.result b/mysql-test/suite/innodb/r/innodb-index-debug.result
index 0995b526..7167a80f 100644
--- a/mysql-test/suite/innodb/r/innodb-index-debug.result
+++ b/mysql-test/suite/innodb/r/innodb-index-debug.result
@@ -92,8 +92,6 @@ ALTER TABLE t1 FORCE, ADD COLUMN k4 int;
 connection default;
 SET DEBUG_SYNC= 'now WAIT_FOR opened';
 SET debug = '+d,row_log_tmpfile_fail';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 INSERT INTO t1 select NULL,'aaa','bbb' from t480;
 INSERT INTO t1 select NULL,'aaaa','bbbb' from t480;
 SET DEBUG_SYNC= 'now SIGNAL flushed';
diff --git a/mysql-test/suite/innodb/r/innodb-index-online-fk.result b/mysql-test/suite/innodb/r/innodb-index-online-fk.result
index 84e8ea89..4903a6c1 100644
--- a/mysql-test/suite/innodb/r/innodb-index-online-fk.result
+++ b/mysql-test/suite/innodb/r/innodb-index-online-fk.result
@@ -608,3 +608,70 @@ test/e	d	a	0
 test/fw	c	a	0
 DROP TABLE t2;
 DROP TABLE t3;
+# Bug #17449901	 TABLE DISAPPEARS WHEN ALTERING
+# WITH FOREIGN KEY CHECKS OFF
+create table t1(f1 int,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int,key t(f2,f3),foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks=0;
+drop index t on t2;
+drop table t2;
+drop table t1;
+create table t1(f1 int ,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int, key t(f2),foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks = 0;
+alter table t2 drop key t,algorithm=inplace;
+show create table t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `f2` int(11) DEFAULT NULL,
+  `f3` int(11) DEFAULT NULL,
+  CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+drop table t2;
+drop table t1;
+create table t1(f1 int ,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int, key t(f2),key t1(f2,f3),
+foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks = 0;
+alter table t2 drop key t,algorithm=inplace;
+show create table t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `f2` int(11) DEFAULT NULL,
+  `f3` int(11) DEFAULT NULL,
+  KEY `t1` (`f2`,`f3`),
+  CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+drop table t2;
+drop table t1;
+#
+#  MDEV-29092  FOREIGN_KEY_CHECKS does not prevent non-copy
+#               alter from creating invalid FK structures
+#
+CREATE TABLE t1(f1 INT, KEY(f1),
+FOREIGN KEY(f1) references t1(f1))ENGINE=InnoDB;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `f1` int(11) DEFAULT NULL,
+  KEY `f1` (`f1`),
+  CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1;
+CREATE TABLE t1(f1 INT, KEY(f1),
+FOREIGN KEY(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `f1` int(11) DEFAULT NULL,
+  KEY `f1` (`f1`),
+  CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+ALTER TABLE t1 DROP KEY f1;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `f1` int(11) DEFAULT NULL,
+  CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`f1`) REFERENCES `t1` (`f1`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb-index-online.result b/mysql-test/suite/innodb/r/innodb-index-online.result
index e6b69f8f..5a287e58 100644
--- a/mysql-test/suite/innodb/r/innodb-index-online.result
+++ b/mysql-test/suite/innodb/r/innodb-index-online.result
@@ -1,3 +1,5 @@
+SET GLOBAL innodb_monitor_reset_all=all;
+SET GLOBAL innodb_monitor_reset_all=default;
 call mtr.add_suppression("InnoDB: Warning: Small buffer pool size");
 SET @global_innodb_file_per_table_orig = @@global.innodb_file_per_table;
 SET GLOBAL innodb_file_per_table = on;
@@ -155,6 +157,7 @@ test	t1_c2_stats	GEN_CLUST_INDEX	LAST_UPDATE	size	1	NULL	Number of pages in the
 connection con1;
 KILL QUERY @id;
 ERROR 70100: Query execution was interrupted
+SET GLOBAL innodb_max_purge_lag_wait=0;
 SET DEBUG_SYNC = 'row_log_apply_before SIGNAL c2d_created WAIT_FOR kill_done';
 CREATE INDEX c2d ON t1(c2);
 connection default;
@@ -221,13 +224,13 @@ t1	CREATE TABLE `t1` (
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=1
 connection default;
 SET @merge_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 connection con1;
 SET DEBUG_SYNC = 'row_log_apply_before SIGNAL c2e_created WAIT_FOR dml2_done';
@@ -274,13 +277,13 @@ name	pos
 c2	0
 c3	1
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SELECT
 (@merge_encrypt_1-@merge_encrypt_0)-
@@ -320,16 +323,16 @@ ddl_pending_alter_table	0
 ddl_sort_file_alter_table	0
 ddl_log_file_alter_table	1
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 connection con1;
 SET DEBUG_SYNC = 'row_log_apply_before SIGNAL c2f_created WAIT_FOR dml3_done';
@@ -405,16 +408,16 @@ ddl_sort_file_alter_table	0
 ddl_log_file_alter_table	2
 connection default;
 SET @merge_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 SELECT
 (@merge_encrypt_2-@merge_encrypt_1)-
diff --git a/mysql-test/suite/innodb/r/innodb-lock-inherit-read_commited.result b/mysql-test/suite/innodb/r/innodb-lock-inherit-read_commited.result
new file mode 100644
index 00000000..ab0427ca
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb-lock-inherit-read_commited.result
@@ -0,0 +1,121 @@
+#
+# Bug #21025880	DUPLICATE UK VALUES IN READ-COMMITTED(AGAIN)
+#
+CREATE TABLE t1 (
+a INT NOT NULL,
+b INT NOT NULL,
+PRIMARY KEY(b),
+UNIQUE KEY(a))
+ENGINE=INNODB;
+SET @old_innodb_stats_auto_recalc = @@innodb_stats_auto_recalc;
+SET GLOBAL innodb_stats_auto_recalc = OFF;
+connect  purge_control,localhost,root;
+START TRANSACTION WITH CONSISTENT SNAPSHOT;
+connection default;
+SET @old_tx_isolation = @@tx_isolation;
+SET GLOBAL tx_isolation = 'READ-COMMITTED';
+SET @old_innodb_lock_wait_timeout = @@innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout = 1;
+connect con1,localhost,root,,;
+INSERT INTO t1 VALUES (1,1),(2,2);
+DELETE FROM t1;
+SET debug_sync = 'row_ins_sec_index_entry_dup_locks_created SIGNAL
+con1_locks_done WAIT_FOR con1_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock SIGNAL
+con1_insert_done WAIT_FOR con1_finish';
+REPLACE INTO t1 VALUES (1,2);
+connect con2,localhost,root,,;
+SET debug_sync = 'now WAIT_FOR con1_locks_done';
+SET debug_sync = 'lock_wait_start SIGNAL con2_blocked
+WAIT_FOR con2_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock
+WAIT_FOR con2_finish';
+SET debug_sync = 'ib_after_row_insert SIGNAL con2_insert_done';
+REPLACE INTO t1 VALUES (1,3);
+connection default;
+SET debug_sync = 'now WAIT_FOR con2_blocked';
+connection purge_control;
+COMMIT;
+disconnect purge_control;
+connection default;
+InnoDB		0 transactions not purged
+SET debug_sync = 'now SIGNAL con2_go WAIT_FOR con2_insert_done';
+SET debug_sync = 'now SIGNAL con1_go WAIT_FOR con1_insert_done';
+SET debug_sync = 'now SIGNAL con1_finish';
+connection con1;
+disconnect con1;
+connection default;
+SET debug_sync = 'now SIGNAL con2_finish';
+connection con2;
+disconnect con2;
+connection default;
+SET DEBUG_SYNC= 'RESET';
+SELECT * FROM t1;
+a	b
+1	2
+CHECK TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+DROP TABLE t1;
+SET GLOBAL innodb_stats_auto_recalc = @old_innodb_stats_auto_recalc;
+SET GLOBAL tx_isolation = @old_tx_isolation;
+SET GLOBAL innodb_lock_wait_timeout = @old_innodb_lock_wait_timeout;
+CREATE TABLE t1 (
+a INT NOT NULL,
+b INT NOT NULL,
+PRIMARY KEY(b),
+UNIQUE KEY(a))
+ENGINE=INNODB;
+SET @old_innodb_stats_auto_recalc = @@innodb_stats_auto_recalc;
+SET GLOBAL innodb_stats_auto_recalc = OFF;
+connect  purge_control,localhost,root;
+START TRANSACTION WITH CONSISTENT SNAPSHOT;
+connection default;
+SET @old_tx_isolation = @@tx_isolation;
+SET GLOBAL tx_isolation = 'READ-COMMITTED';
+SET @old_innodb_lock_wait_timeout = @@innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout = 1;
+connect con1,localhost,root,,;
+INSERT INTO t1 VALUES (1,1),(2,2);
+DELETE FROM t1;
+SET debug_sync = 'row_ins_sec_index_entry_dup_locks_created SIGNAL
+con1_locks_done WAIT_FOR con1_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock SIGNAL
+con1_insert_done WAIT_FOR con1_finish';
+INSERT INTO t1 values (1,2) ON DUPLICATE KEY UPDATE a=2;
+connect con2,localhost,root,,;
+SET debug_sync = 'now WAIT_FOR con1_locks_done';
+SET debug_sync = 'lock_wait_start SIGNAL con2_blocked
+WAIT_FOR con2_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock
+WAIT_FOR con2_finish';
+SET debug_sync = 'ib_after_row_insert SIGNAL con2_insert_done';
+REPLACE INTO t1 VALUES (1,3);
+connection default;
+SET debug_sync = 'now WAIT_FOR con2_blocked';
+connection purge_control;
+COMMIT;
+disconnect purge_control;
+connection default;
+InnoDB		0 transactions not purged
+SET debug_sync = 'now SIGNAL con2_go WAIT_FOR con2_insert_done';
+SET debug_sync = 'now SIGNAL con1_go WAIT_FOR con1_insert_done';
+SET debug_sync = 'now SIGNAL con1_finish';
+connection con1;
+disconnect con1;
+connection default;
+SET debug_sync = 'now SIGNAL con2_finish';
+connection con2;
+disconnect con2;
+connection default;
+SET DEBUG_SYNC= 'RESET';
+SELECT * FROM t1;
+a	b
+1	2
+CHECK TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+DROP TABLE t1;
+SET GLOBAL innodb_stats_auto_recalc = @old_innodb_stats_auto_recalc;
+SET GLOBAL tx_isolation = @old_tx_isolation;
+SET GLOBAL innodb_lock_wait_timeout = @old_innodb_lock_wait_timeout;
diff --git a/mysql-test/suite/innodb/r/innodb-read-view.result b/mysql-test/suite/innodb/r/innodb-read-view.result
index e01d8a11..f3084fbd 100644
--- a/mysql-test/suite/innodb/r/innodb-read-view.result
+++ b/mysql-test/suite/innodb/r/innodb-read-view.result
@@ -9,9 +9,6 @@ INSERT INTO t2 VALUES(1, "b");
 INSERT INTO t2 VALUES(2, "c");
 INSERT INTO t2 VALUES(3, "d");
 connect  con1,localhost,root,,;
-connect  con2,localhost,root,,;
-connection con1;
-'T1'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t2;
@@ -21,7 +18,6 @@ c1	c2
 2	c
 3	d
 connection default;
-'T2'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t1;
@@ -30,8 +26,7 @@ c1	c2
 1	1
 2	2
 3	3
-connection con2;
-'T3'
+connect  con2,localhost,root,,;
 SET AUTOCOMMIT=0;
 SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;
 BEGIN;
@@ -48,7 +43,6 @@ c1	c2
 2	c
 3	d
 connection con1;
-'T1'
 UPDATE t2 SET c1 = c1 + 100;
 SELECT * FROM t2;
 c1	c2
@@ -58,7 +52,6 @@ c1	c2
 103	d
 COMMIT;
 connection default;
-'T2'
 UPDATE t1 SET c1 = c1 + 100;
 SELECT * FROM t1;
 c1	c2
@@ -68,42 +61,29 @@ c1	c2
 103	3
 COMMIT;
 connection con2;
-'T3'
 SET DEBUG_SYNC='row_search_for_mysql_before_return WAIT_FOR waiting1';
 SELECT * FROM t1;;
 connection default;
-'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
-'Signalled T3'
 connection con2;
-'T3'
 c1	c2
 0	0
 1	1
 2	2
 3	3
 connection con2;
-'T3'
 SET DEBUG_SYNC='row_search_for_mysql_before_return WAIT_FOR waiting1';
 SELECT * FROM t2;;
 connection default;
-'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
-'Signalled T3'
 connection con2;
-'T3'
 c1	c2
 0	a
 1	b
 2	c
 3	d
 connection default;
-disconnect con1;
-disconnect con2;
-connect  con1,localhost,root,,;
-connect  con2,localhost,root,,;
 connection con1;
-'T1'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t1;
@@ -113,7 +93,6 @@ c1	c2
 102	2
 103	3
 connection default;
-'T2'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t2;
@@ -131,7 +110,6 @@ c1	c2
 203	d
 COMMIT;
 connection con2;
-'T3'
 SET AUTOCOMMIT=0;
 SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;
 BEGIN;
@@ -148,7 +126,6 @@ c1	c2
 202	c
 203	d
 connection con1;
-'T1'
 UPDATE t1 SET c1 = c1 + 100;
 SELECT * FROM t1;
 c1	c2
@@ -158,44 +135,34 @@ c1	c2
 203	3
 COMMIT;
 connection con2;
-'T3'
 SET DEBUG_SYNC='row_select_wait WAIT_FOR waiting1';
 SELECT * FROM t1;;
 connection con1;
-'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
-'Signalled T3'
 connection con2;
-'T3'
 c1	c2
 100	0
 101	1
 102	2
 103	3
-connection con2;
-'T3'
 SET DEBUG_SYNC='row_select_wait WAIT_FOR waiting1';
 SELECT * FROM t2;;
 connection default;
-'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
-'Signalled T3'
 connection con2;
-'T3'
 c1	c2
 200	a
 201	b
 202	c
 203	d
-connection default;
-disconnect con1;
 disconnect con2;
+connection default;
 DROP TABLE t1;
 DROP TABLE t2;
 #
 # Bug 21433768: NON-REPEATABLE READ WITH REPEATABLE READ ISOLATION
 #
-connect  con1,localhost,root,,;
+connection con1;
 CREATE TABLE t1(col1 INT PRIMARY KEY, col2 INT) ENGINE = InnoDB;
 INSERT INTO t1 values (1, 0), (2, 0);
 SELECT * FROM t1 ORDER BY col1;
@@ -218,5 +185,5 @@ SET DEBUG_SYNC = 'now SIGNAL s2';
 connection con1;
 disconnect con1;
 connection default;
-DROP TABLE t1;
 SET DEBUG_SYNC= 'RESET';
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb-system-table-view.result b/mysql-test/suite/innodb/r/innodb-system-table-view.result
index c770d106..ac966d3f 100644
--- a/mysql-test/suite/innodb/r/innodb-system-table-view.result
+++ b/mysql-test/suite/innodb/r/innodb-system-table-view.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 SELECT table_id INTO @table_stats_id FROM information_schema.innodb_sys_tables
 WHERE name = 'mysql/innodb_table_stats';
 SELECT table_id INTO @index_stats_id FROM information_schema.innodb_sys_tables
@@ -173,3 +175,4 @@ DROP TABLE parent;
 SELECT SPACE FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESPACES WHERE name like 'innodb_temporary';
 SPACE
 4294967294
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/innodb-table-online.result b/mysql-test/suite/innodb/r/innodb-table-online.result
index 9296fded..76811ced 100644
--- a/mysql-test/suite/innodb/r/innodb-table-online.result
+++ b/mysql-test/suite/innodb/r/innodb-table-online.result
@@ -1,3 +1,5 @@
+SET GLOBAL innodb_monitor_reset_all=all;
+SET GLOBAL innodb_monitor_reset_all=default;
 call mtr.add_suppression("InnoDB: Warning: Small buffer pool size");
 call mtr.add_suppression("InnoDB: Error: table 'test/t1'");
 call mtr.add_suppression("MariaDB is trying to open a table handle but the .ibd file for");
@@ -38,16 +40,10 @@ SET DEBUG_DBUG = '+d,innodb_OOM_prepare_inplace_alter';
 ALTER TABLE t1 ROW_FORMAT=REDUNDANT, ALGORITHM=INPLACE, LOCK=NONE;
 ERROR HY000: Out of memory.
 SET SESSION DEBUG = @saved_debug_dbug;
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET SESSION DEBUG = '+d,innodb_OOM_inplace_alter';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 ALTER TABLE t1 ROW_FORMAT=REDUNDANT, ALGORITHM=INPLACE, LOCK=NONE;
 ERROR HY000: Out of memory.
 SET SESSION DEBUG = @saved_debug_dbug;
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 ALTER TABLE t1 ROW_FORMAT=REDUNDANT, ALGORITHM=INPLACE, LOCK=NONE;
 connection default;
 SHOW CREATE TABLE t1;
@@ -179,13 +175,13 @@ Table	Op	Msg_type	Msg_text
 test.t1	analyze	status	Engine-independent statistics collected
 test.t1	analyze	status	OK
 SET @merge_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 connection con1;
 SHOW CREATE TABLE t1;
@@ -237,13 +233,13 @@ ddl_pending_alter_table	1
 ddl_sort_file_alter_table	0
 ddl_log_file_alter_table	1
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SELECT
 (@merge_encrypt_1-@merge_encrypt_0)-
@@ -263,16 +259,16 @@ ddl_pending_alter_table	0
 ddl_sort_file_alter_table	0
 ddl_log_file_alter_table	1
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 SET GLOBAL innodb_max_purge_lag_wait=0;
 SET DEBUG_SYNC = 'row_log_table_apply1_before SIGNAL rebuilt3 WAIT_FOR dml3_done';
@@ -320,16 +316,16 @@ CHECK TABLE t1;
 Table	Op	Msg_type	Msg_text
 test.t1	check	status	OK
 SET @merge_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 SELECT
 (@merge_encrypt_2-@merge_encrypt_1)-
diff --git a/mysql-test/suite/innodb/r/innodb-truncate.result b/mysql-test/suite/innodb/r/innodb-truncate.result
index 3bcee0e8..5b7d052b 100644
--- a/mysql-test/suite/innodb/r/innodb-truncate.result
+++ b/mysql-test/suite/innodb/r/innodb-truncate.result
@@ -86,11 +86,10 @@ CREATE TABLE t2 (f2 INT, FOREIGN KEY(f2) REFERENCES t1 (f2)) ENGINE=InnoDB;
 CREATE TABLE t3 (a INT) ENGINE=InnoDB;
 ERROR HY000: Can't create table `test`.`t3` (errno: 150 "Foreign key constraint is incorrectly formed")
 ALTER TABLE t1 RENAME TO t3;
-ERROR HY000: Error on rename of './test/t1' to './test/t3' (errno: 150 "Foreign key constraint is incorrectly formed")
-ALTER TABLE t1 FORCE;
-TRUNCATE TABLE t1;
-ERROR 42000: Cannot truncate a table referenced in a foreign key constraint (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `test`.`t1` (`f2`))
-DROP TABLE t2, t1;
+ALTER TABLE t3 FORCE;
+TRUNCATE TABLE t3;
+ERROR 42000: Cannot truncate a table referenced in a foreign key constraint (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`f2`) REFERENCES `test`.`t3` (`f2`))
+DROP TABLE t2, t3;
 #
 # MDEV-24861 Assertion `trx->rsegs.m_redo.rseg' failed
 # in innodb_prepare_commit_versioned
diff --git a/mysql-test/suite/innodb/r/innodb-wl5522-1.result b/mysql-test/suite/innodb/r/innodb-wl5522-1.result
index 204d6bc8..42c0631d 100644
--- a/mysql-test/suite/innodb/r/innodb-wl5522-1.result
+++ b/mysql-test/suite/innodb/r/innodb-wl5522-1.result
@@ -808,6 +808,18 @@ call mtr.add_suppression("InnoDB: unsupported MySQL tablespace");
 ALTER TABLE t1 IMPORT TABLESPACE;
 ERROR 42000: Table 't1' uses an extension that doesn't exist in this MariaDB version
 DROP TABLE t1;
-#
 # End of 10.3 tests
 #
+# MDEV-29972 crash after "Unsupported meta-data version number"
+#
+call mtr.add_suppression("Index for table 't2' is corrupt");
+CREATE TABLE t2 (i INT PRIMARY KEY) ENGINE=InnoDB;
+ALTER TABLE t2 DISCARD TABLESPACE;
+ALTER TABLE t2 IMPORT TABLESPACE;
+ERROR 42000: This version of MariaDB doesn't yet support 'meta-data version'
+ALTER TABLE t2 IMPORT TABLESPACE;
+ERROR HY000: Index for table 't2' is corrupt; try to repair it
+SELECT * FROM t2;
+ERROR HY000: Tablespace has been discarded for table `t2`
+DROP TABLE t2;
+# End of 10.4 tests
diff --git a/mysql-test/suite/innodb/r/innodb.result b/mysql-test/suite/innodb/r/innodb.result
index 6cd6377f..e9f70621 100644
--- a/mysql-test/suite/innodb/r/innodb.result
+++ b/mysql-test/suite/innodb/r/innodb.result
@@ -2472,7 +2472,7 @@ INSERT INTO t2 VALUES(1);
 DELETE FROM t1 WHERE id = 1;
 ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `c1` FOREIGN KEY (`v`) REFERENCES `t1` (`id`))
 DROP TABLE t1;
-ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `c1` FOREIGN KEY (`v`) REFERENCES `t1` (`id`))
+ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails
 SET FOREIGN_KEY_CHECKS=0;
 DROP TABLE t1;
 SET FOREIGN_KEY_CHECKS=1;
diff --git a/mysql-test/suite/innodb/r/innodb_buffer_pool_dump_pct.result b/mysql-test/suite/innodb/r/innodb_buffer_pool_dump_pct.result
index fa17487d..33adf9ba 100644
--- a/mysql-test/suite/innodb/r/innodb_buffer_pool_dump_pct.result
+++ b/mysql-test/suite/innodb/r/innodb_buffer_pool_dump_pct.result
@@ -3,17 +3,8 @@ col2 VARCHAR(25), col3 varchar(25)) ENGINE=InnoDB;
 CREATE INDEX idx1 ON tab5(col2(10));
 CREATE INDEX idx2 ON tab5(col3(10));
 SET GLOBAL innodb_buffer_pool_dump_pct=100;
-SELECT variable_value INTO @IBPDS
-FROM information_schema.global_status
-WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS';
 SET GLOBAL innodb_buffer_pool_dump_now=ON;
 SET GLOBAL innodb_buffer_pool_dump_pct=1;
-SELECT @@global.innodb_buffer_pool_dump_pct;
-@@global.innodb_buffer_pool_dump_pct
-1
-SELECT variable_value INTO @IBPDS
-FROM information_schema.global_status
-WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS';
 SET GLOBAL innodb_buffer_pool_dump_now=ON;
 SET GLOBAL innodb_buffer_pool_dump_pct=DEFAULT;
 DROP TABLE tab5;
diff --git a/mysql-test/suite/innodb/r/innodb_bug12902967.result b/mysql-test/suite/innodb/r/innodb_bug12902967.result
deleted file mode 100644
index ddb2e12f..00000000
--- a/mysql-test/suite/innodb/r/innodb_bug12902967.result
+++ /dev/null
@@ -1,6 +0,0 @@
-call mtr.add_suppression("In ALTER TABLE .* has or is referenced in foreign key constraints which are not compatible with the new table definition.");
-# restart
-create table t1 (f1 integer primary key) engine innodb;
-alter table t1 add constraint c1 foreign key (f1) references t1(f1);
-ERROR HY000: Error on rename of '#sql-alter' to './test/t1' (errno: 150 "Foreign key constraint is incorrectly formed")
-drop table t1;
diff --git a/mysql-test/suite/innodb/r/innodb_force_recovery.result b/mysql-test/suite/innodb/r/innodb_force_recovery.result
index 05239950..2f1169f4 100644
--- a/mysql-test/suite/innodb/r/innodb_force_recovery.result
+++ b/mysql-test/suite/innodb/r/innodb_force_recovery.result
@@ -4,9 +4,18 @@ insert into t1 values(1, 2);
 insert into t2 values(1, 2);
 SET GLOBAL innodb_fast_shutdown = 0;
 # restart: --innodb-force-recovery=4
+SELECT CAST(variable_value AS INTEGER) INTO @read1
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='innodb_buffer_pool_read_requests';
 select * from t1;
 f1	f2
 1	2
+SELECT CAST(variable_value AS INTEGER) INTO @read2
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='innodb_buffer_pool_read_requests';
+SELECT @read1>0, @read2>@read1;
+@read1>0	@read2>@read1
+1	1
 begin;
 insert into t1 values(2, 3);
 rollback;
diff --git a/mysql-test/suite/innodb/r/innodb_i_s_innodb_locks.result b/mysql-test/suite/innodb/r/innodb_i_s_innodb_locks.result
new file mode 100644
index 00000000..a410362a
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_i_s_innodb_locks.result
diff --git a/mysql-test/suite/innodb/r/innodb_i_s_innodb_trx.result b/mysql-test/suite/innodb/r/innodb_i_s_innodb_trx.result
new file mode 100644
index 00000000..99de7d5f
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_i_s_innodb_trx.result
@@ -0,0 +1,90 @@
+SET @save_timeout=@@GLOBAL.innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout=100000000;
+DESCRIBE INFORMATION_SCHEMA.INNODB_TRX;
+Field	Type	Null	Key	Default	Extra
+trx_id	bigint(21) unsigned	NO		NULL	
+trx_state	varchar(13)	NO		NULL	
+trx_started	datetime	NO		NULL	
+trx_requested_lock_id	varchar(81)	YES		NULL	
+trx_wait_started	datetime	YES		NULL	
+trx_weight	bigint(21) unsigned	NO		NULL	
+trx_mysql_thread_id	bigint(21) unsigned	NO		NULL	
+trx_query	varchar(1024)	YES		NULL	
+trx_operation_state	varchar(64)	YES		NULL	
+trx_tables_in_use	bigint(21) unsigned	NO		NULL	
+trx_tables_locked	bigint(21) unsigned	NO		NULL	
+trx_lock_structs	bigint(21) unsigned	NO		NULL	
+trx_lock_memory_bytes	bigint(21) unsigned	NO		NULL	
+trx_rows_locked	bigint(21) unsigned	NO		NULL	
+trx_rows_modified	bigint(21) unsigned	NO		NULL	
+trx_concurrency_tickets	bigint(21) unsigned	NO		NULL	
+trx_isolation_level	enum('READ UNCOMMITTED','READ COMMITTED','REPEATABLE READ','SERIALIZABLE')	NO		NULL	
+trx_unique_checks	int(1)	NO		NULL	
+trx_foreign_key_checks	int(1)	NO		NULL	
+trx_last_foreign_key_error	varchar(256)	YES		NULL	
+trx_is_read_only	int(1)	NO		NULL	
+trx_autocommit_non_locking	int(1)	NO		NULL	
+CREATE TABLE t1 (
+c01 INT,
+c02 INT,
+PRIMARY KEY (c01)
+) ENGINE=INNODB STATS_AUTO_RECALC=0;
+INSERT INTO t1 VALUES
+(1,2),(2,4),(3,6),(4,8);
+CREATE TABLE t2 (
+c01 INT,
+c02 INT,
+PRIMARY KEY (c01),
+FOREIGN KEY fk1 (c02) REFERENCES t1 (c01)
+) ENGINE=INNODB STATS_AUTO_RECALC=0;
+INSERT INTO t2 VALUES
+(1,1),(2,2),(3,3);
+connect  con_trx,localhost,root,,;
+connect  con_verify_innodb_trx,localhost,root,,;
+connection con_trx;
+SET autocommit=0;
+INSERT INTO t1 VALUES (5,10);
+SELECT * FROM t1 FOR UPDATE;
+c01	c02
+1	2
+2	4
+3	6
+4	8
+5	10
+connection con_verify_innodb_trx;
+SELECT trx_state, trx_weight, trx_tables_in_use, trx_tables_locked,
+trx_rows_locked, trx_rows_modified, trx_concurrency_tickets,
+trx_isolation_level, trx_unique_checks, trx_foreign_key_checks
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+trx_state	trx_weight	trx_tables_in_use	trx_tables_locked	trx_rows_locked	trx_rows_modified	trx_concurrency_tickets	trx_isolation_level	trx_unique_checks	trx_foreign_key_checks
+RUNNING	3	0	1	6	1	0	REPEATABLE READ	1	1
+connection con_trx;
+ROLLBACK;
+SET FOREIGN_KEY_CHECKS = 0;
+SET UNIQUE_CHECKS = 0;
+SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;
+BEGIN;
+INSERT INTO t1 VALUES (6,12);
+connection con_verify_innodb_trx;
+SELECT trx_isolation_level, trx_unique_checks, trx_foreign_key_checks
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+trx_isolation_level	trx_unique_checks	trx_foreign_key_checks
+SERIALIZABLE	0	0
+connection con_trx;
+ROLLBACK;
+SET FOREIGN_KEY_CHECKS = 1;
+SET UNIQUE_CHECKS = 1;
+BEGIN;
+INSERT INTO t2 VALUES (4,10);
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `fk1` FOREIGN KEY (`c02`) REFERENCES `t1` (`c01`))
+disconnect con_trx;
+connection con_verify_innodb_trx;
+SELECT trx_state, trx_isolation_level, trx_last_foreign_key_error
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+trx_state	trx_isolation_level	trx_last_foreign_key_error
+RUNNING	REPEATABLE READ	`test`.`t2`, CONSTRAINT `fk1` FOREIGN KEY (`c02`) REFERENCES `t1` (`c01`)
+disconnect con_verify_innodb_trx;
+connection default;
+DROP TABLE t2;
+DROP TABLE t1;
+SET GLOBAL innodb_lock_wait_timeout=@save_timeout;
diff --git a/mysql-test/suite/innodb/r/innodb_information_schema_tables.result b/mysql-test/suite/innodb/r/innodb_information_schema_tables.result
index ea713ea6..87ff94a9 100644
--- a/mysql-test/suite/innodb/r/innodb_information_schema_tables.result
+++ b/mysql-test/suite/innodb/r/innodb_information_schema_tables.result
@@ -1,2 +1,3 @@
+FOUND 1 /\[Warning\] InnoDB: innodb_open_files 1000000 should not be greater than the open_files_limit [0-9]+/ in mysqld.1.err
 CREATE TABLE t1 ENGINE=InnoDB AS SELECT * FROM mysql.help_topic;
 DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb_mysql.result b/mysql-test/suite/innodb/r/innodb_mysql.result
index aa8cc118..d142c0e4 100644
--- a/mysql-test/suite/innodb/r/innodb_mysql.result
+++ b/mysql-test/suite/innodb/r/innodb_mysql.result
@@ -2382,6 +2382,10 @@ key_len	NULL
 ref	NULL
 rows	6
 Extra	Using where
+Warnings:
+Level	Note
+Code	1105
+Message	Cannot use key `PRIMARY` part[0] for lookup: `test`.`bar`.`c` of type `char` > "2" of type `int`
 EXPLAIN SELECT c FROM foo WHERE c>2;;
 id	1
 select_type	SIMPLE
@@ -2393,6 +2397,10 @@ key_len	NULL
 ref	NULL
 rows	6
 Extra	Using where
+Warnings:
+Level	Note
+Code	1105
+Message	Cannot use key `PRIMARY` part[0] for lookup: `test`.`foo`.`c` of type `char` > "2" of type `int`
 EXPLAIN SELECT c FROM foo2 WHERE c>2;;
 id	1
 select_type	SIMPLE
@@ -2404,6 +2412,10 @@ key_len	5
 ref	NULL
 rows	6
 Extra	Using where; Using index
+Warnings:
+Level	Note
+Code	1105
+Message	Cannot use key `PRIMARY` part[0] for lookup: `test`.`foo2`.`c` of type `char` > "2" of type `int`
 DROP TABLE foo, bar, foo2;
 #
 # Bug#41348: INSERT INTO tbl SELECT * FROM temp_tbl overwrites locking type of temp table
diff --git a/mysql-test/suite/innodb/r/innodb_prefix_index_restart_server.result b/mysql-test/suite/innodb/r/innodb_prefix_index_restart_server.result
index 1e97c21c..1ccf79e4 100644
--- a/mysql-test/suite/innodb/r/innodb_prefix_index_restart_server.result
+++ b/mysql-test/suite/innodb/r/innodb_prefix_index_restart_server.result
@@ -90,3 +90,19 @@ worklog5743;
 col_1_text = REPEAT("a", 3500)	col_2_text  = REPEAT("o", 3500)
 1	1
 DROP TABLE worklog5743;
+#
+# MDEV-21245 InnoDB: Using a partial-field key prefix in search
+#
+CREATE TABLE t1 (a VARCHAR(255), KEY k(a)) DEFAULT CHARSET=utf8mb3
+ENGINE=InnoDB;
+INSERT INTO t1 set a='';
+alter table t1 change a a varchar(3000);
+affected rows: 0
+info: Records: 0  Duplicates: 0  Warnings: 1
+Warnings:
+Note	1071	Specified key was too long; max key length is 3072 bytes
+SELECT * FROM t1 WHERE a IN ('');
+a
+
+DROP TABLE t1;
+# End of 10.4 tests
diff --git a/mysql-test/suite/innodb/r/innodb_scrub.result b/mysql-test/suite/innodb/r/innodb_scrub.result
index b4a418ce..475d4e74 100644
--- a/mysql-test/suite/innodb/r/innodb_scrub.result
+++ b/mysql-test/suite/innodb/r/innodb_scrub.result
@@ -1,6 +1,6 @@
 CREATE TABLE t1(f1 int auto_increment primary key,
 f2 varchar(256),
-f3 text) engine = innodb;
+f3 text) engine = innodb stats_persistent=0;
 FLUSH TABLE t1 FOR EXPORT;
 UNLOCK TABLES;
 FOUND 500500 /unicycle|repairman/ in t1.ibd
diff --git a/mysql-test/suite/innodb/r/innodb_stats_auto_recalc.result b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc.result
new file mode 100644
index 00000000..40eae0a9
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc.result
@@ -0,0 +1,44 @@
+CREATE TABLE autorecalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+SELECT n_rows, clustered_index_size FROM mysql.innodb_table_stats WHERE table_name = 'autorecalc';
+n_rows	0
+clustered_index_size	1
+SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc';
+index_name	PRIMARY
+stat_name	n_diff_pfx01
+stat_value	0
+index_name	PRIMARY
+stat_name	n_leaf_pages
+stat_value	1
+index_name	PRIMARY
+stat_name	size
+stat_value	1
+INSERT INTO autorecalc VALUES (1);
+INSERT INTO autorecalc VALUES (2);
+SELECT n_rows, clustered_index_size FROM mysql.innodb_table_stats WHERE table_name = 'autorecalc';
+n_rows	2
+clustered_index_size	1
+SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc';
+index_name	PRIMARY
+stat_name	n_diff_pfx01
+stat_value	2
+index_name	PRIMARY
+stat_name	n_leaf_pages
+stat_value	1
+index_name	PRIMARY
+stat_name	size
+stat_value	1
+DELETE FROM autorecalc;
+SELECT n_rows, clustered_index_size FROM mysql.innodb_table_stats WHERE table_name = 'autorecalc';
+n_rows	0
+clustered_index_size	1
+SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc';
+index_name	PRIMARY
+stat_name	n_diff_pfx01
+stat_value	0
+index_name	PRIMARY
+stat_name	n_leaf_pages
+stat_value	1
+index_name	PRIMARY
+stat_name	size
+stat_value	1
+DROP TABLE autorecalc;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_ddl.result b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_ddl.result
new file mode 100644
index 00000000..8c68fe74
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_ddl.result
@@ -0,0 +1,34 @@
+CREATE TABLE arddl (a INT, b INT, PRIMARY KEY (a)) ENGINE=INNODB;
+INSERT INTO arddl VALUES (1, 10);
+INSERT INTO arddl VALUES (2, 10);
+ALTER TABLE arddl ADD INDEX (b);
+SELECT n_rows FROM mysql.innodb_table_stats WHERE table_name = 'arddl' ORDER BY 1;
+n_rows	2
+SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'arddl' AND index_name = 'PRIMARY' ORDER BY 1, 2, 3;
+index_name	PRIMARY
+stat_name	n_diff_pfx01
+stat_value	2
+index_name	PRIMARY
+stat_name	n_leaf_pages
+stat_value	1
+index_name	PRIMARY
+stat_name	size
+stat_value	1
+DROP TABLE arddl;
+CREATE TABLE arddl (a INT, b INT, PRIMARY KEY (a), KEY (b)) ENGINE=INNODB;
+INSERT INTO arddl VALUES (3, 10);
+INSERT INTO arddl VALUES (4, 10);
+ALTER TABLE arddl DROP INDEX b;
+SELECT n_rows FROM mysql.innodb_table_stats WHERE table_name = 'arddl' ORDER BY 1;
+n_rows	2
+SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'arddl' AND index_name = 'PRIMARY' ORDER BY 1, 2, 3;
+index_name	PRIMARY
+stat_name	n_diff_pfx01
+stat_value	2
+index_name	PRIMARY
+stat_name	n_leaf_pages
+stat_value	1
+index_name	PRIMARY
+stat_name	size
+stat_value	1
+DROP TABLE arddl;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_lots.result b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_lots.result
new file mode 100644
index 00000000..746bce56
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_lots.result
@@ -0,0 +1,202 @@
+SELECT table_name, n_rows FROM mysql.innodb_table_stats WHERE table_name LIKE 'ar_%' ORDER BY table_name;
+table_name	n_rows
+ar_1001	0
+ar_1002	0
+ar_1003	0
+ar_1004	0
+ar_1005	0
+ar_1006	0
+ar_1007	0
+ar_1008	0
+ar_1009	0
+ar_1010	0
+ar_1011	0
+ar_1012	0
+ar_1013	0
+ar_1014	0
+ar_1015	0
+ar_1016	0
+ar_1017	0
+ar_1018	0
+ar_1019	0
+ar_1020	0
+ar_1021	0
+ar_1022	0
+ar_1023	0
+ar_1024	0
+ar_1025	0
+ar_1026	0
+ar_1027	0
+ar_1028	0
+ar_1029	0
+ar_1030	0
+ar_1031	0
+ar_1032	0
+ar_1033	0
+ar_1034	0
+ar_1035	0
+ar_1036	0
+ar_1037	0
+ar_1038	0
+ar_1039	0
+ar_1040	0
+ar_1041	0
+ar_1042	0
+ar_1043	0
+ar_1044	0
+ar_1045	0
+ar_1046	0
+ar_1047	0
+ar_1048	0
+ar_1049	0
+ar_1050	0
+ar_1051	0
+ar_1052	0
+ar_1053	0
+ar_1054	0
+ar_1055	0
+ar_1056	0
+ar_1057	0
+ar_1058	0
+ar_1059	0
+ar_1060	0
+ar_1061	0
+ar_1062	0
+ar_1063	0
+ar_1064	0
+ar_1065	0
+ar_1066	0
+ar_1067	0
+ar_1068	0
+ar_1069	0
+ar_1070	0
+ar_1071	0
+ar_1072	0
+ar_1073	0
+ar_1074	0
+ar_1075	0
+ar_1076	0
+ar_1077	0
+ar_1078	0
+ar_1079	0
+ar_1080	0
+ar_1081	0
+ar_1082	0
+ar_1083	0
+ar_1084	0
+ar_1085	0
+ar_1086	0
+ar_1087	0
+ar_1088	0
+ar_1089	0
+ar_1090	0
+ar_1091	0
+ar_1092	0
+ar_1093	0
+ar_1094	0
+ar_1095	0
+ar_1096	0
+ar_1097	0
+ar_1098	0
+ar_1099	0
+ar_1100	0
+ar_1101	0
+ar_1102	0
+ar_1103	0
+ar_1104	0
+ar_1105	0
+ar_1106	0
+ar_1107	0
+ar_1108	0
+ar_1109	0
+ar_1110	0
+ar_1111	0
+ar_1112	0
+ar_1113	0
+ar_1114	0
+ar_1115	0
+ar_1116	0
+ar_1117	0
+ar_1118	0
+ar_1119	0
+ar_1120	0
+ar_1121	0
+ar_1122	0
+ar_1123	0
+ar_1124	0
+ar_1125	0
+ar_1126	0
+ar_1127	0
+ar_1128	0
+ar_1129	0
+ar_1130	0
+ar_1131	0
+ar_1132	0
+ar_1133	0
+ar_1134	0
+ar_1135	0
+ar_1136	0
+ar_1137	0
+ar_1138	0
+ar_1139	0
+ar_1140	0
+ar_1141	0
+ar_1142	0
+ar_1143	0
+ar_1144	0
+ar_1145	0
+ar_1146	0
+ar_1147	0
+ar_1148	0
+ar_1149	0
+ar_1150	0
+ar_1151	0
+ar_1152	0
+ar_1153	0
+ar_1154	0
+ar_1155	0
+ar_1156	0
+ar_1157	0
+ar_1158	0
+ar_1159	0
+ar_1160	0
+ar_1161	0
+ar_1162	0
+ar_1163	0
+ar_1164	0
+ar_1165	0
+ar_1166	0
+ar_1167	0
+ar_1168	0
+ar_1169	0
+ar_1170	0
+ar_1171	0
+ar_1172	0
+ar_1173	0
+ar_1174	0
+ar_1175	0
+ar_1176	0
+ar_1177	0
+ar_1178	0
+ar_1179	0
+ar_1180	0
+ar_1181	0
+ar_1182	0
+ar_1183	0
+ar_1184	0
+ar_1185	0
+ar_1186	0
+ar_1187	0
+ar_1188	0
+ar_1189	0
+ar_1190	0
+ar_1191	0
+ar_1192	0
+ar_1193	0
+ar_1194	0
+ar_1195	0
+ar_1196	0
+ar_1197	0
+ar_1198	0
+ar_1199	0
+ar_1200	0
diff --git a/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_on_nonexistent.result b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_on_nonexistent.result
new file mode 100644
index 00000000..6b239743
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_auto_recalc_on_nonexistent.result
@@ -0,0 +1,60 @@
+Test with default setting
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	1
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	3
+SELECT * FROM t;
+FLUSH TABLE t;
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT * FROM t;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	1
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	3
+DROP TABLE t;
+Test with explicit enable
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB STATS_AUTO_RECALC=1;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	1
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	3
+SELECT * FROM t;
+FLUSH TABLE t;
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT * FROM t;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	1
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	3
+DROP TABLE t;
+Test with explicit disable
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB STATS_AUTO_RECALC=0;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	1
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	3
+SELECT * FROM t;
+FLUSH TABLE t;
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT * FROM t;
+SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't';
+COUNT(*)	0
+SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't';
+COUNT(*)	0
+DROP TABLE t;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_external_pages.result b/mysql-test/suite/innodb/r/innodb_stats_external_pages.result
new file mode 100644
index 00000000..52e1e153
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_external_pages.result
@@ -0,0 +1,10 @@
+CREATE TABLE bug18384390 (
+id INT AUTO_INCREMENT PRIMARY KEY,
+txt VARCHAR(10000)
+) ENGINE=INNODB STATS_PERSISTENT=1 STATS_AUTO_RECALC=0;
+INSERT INTO bug18384390 (txt) SELECT REPEAT('0', 10000) FROM seq_1_to_1024;
+set use_stat_tables=never;
+ANALYZE TABLE bug18384390;
+Table	Op	Msg_type	Msg_text
+test.bug18384390	analyze	status	OK
+DROP TABLE bug18384390;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_fetch.result b/mysql-test/suite/innodb/r/innodb_stats_fetch.result
index d7b7d78e..df6bc4b0 100644
--- a/mysql-test/suite/innodb/r/innodb_stats_fetch.result
+++ b/mysql-test/suite/innodb/r/innodb_stats_fetch.result
@@ -150,3 +150,27 @@ max_data_length	0
 index_length	16384
 DROP TABLE test_ps_fetch;
 set @@use_stat_tables = @save_use_stat_tables;
+#
+# MDEV-28613 LeakSanitizer caused by I_S query using LIMIT ROWS EXAMINED
+#
+CREATE TABLE t1(f1 VARCHAR(255), FULLTEXT(f1))ENGINE=InnoDB;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_INDEXES LIMIT ROWS EXAMINED 5;
+Warnings:
+Level	Warning
+Code	1931
+Message	Query execution was interrupted. The query exceeded LIMIT ROWS EXAMINED 5. The query result may be incomplete
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_TABLES LIMIT ROWS EXAMINED 5;
+Warnings:
+Level	Warning
+Code	1931
+Message	Query execution was interrupted. The query exceeded LIMIT ROWS EXAMINED 5. The query result may be incomplete
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESTATS LIMIT ROWS EXAMINED 5;
+Warnings:
+Level	Warning
+Code	1931
+Message	Query execution was interrupted. The query exceeded LIMIT ROWS EXAMINED 5. The query result may be incomplete
+SELECT SPACE FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESPACES LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_VIRTUAL LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN_COLS LIMIT ROWS EXAMINED 5;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_flag_global,off.rdiff b/mysql-test/suite/innodb/r/innodb_stats_flag_global,off.rdiff
new file mode 100644
index 00000000..f5b23543
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_flag_global,off.rdiff
@@ -0,0 +1,34 @@
+@@ -18,7 +18,7 @@
+ test.test_ps_flag	analyze	status	OK
+ SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+ cnt_after
+-1
++0
+ DROP TABLE test_ps_flag;
+ CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=default;
+ SHOW CREATE TABLE test_ps_flag;
+@@ -37,7 +37,7 @@
+ test.test_ps_flag	analyze	status	OK
+ SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+ cnt_after
+-1
++0
+ DROP TABLE test_ps_flag;
+ =====
+ === Test ANALYZE behavior after creation with explicit PS=OFF
+@@ -142,7 +142,7 @@
+ test.test_ps_flag	analyze	status	OK
+ SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+ cnt_after
+-1
++0
+ DROP TABLE test_ps_flag;
+ =====
+ === Test ANALYZE behavior after creation with explicit PS=ON,
+@@ -203,5 +203,5 @@
+ test.test_ps_flag	analyze	status	OK
+ SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+ cnt_after
+-1
++0
+ DROP TABLE test_ps_flag;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_flag_global.result b/mysql-test/suite/innodb/r/innodb_stats_flag_global.result
new file mode 100644
index 00000000..8bafb725
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_flag_global.result
@@ -0,0 +1,207 @@
+=====
+=== Test ANALYZE behavior after default creation
+=====
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+DROP TABLE test_ps_flag;
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=default;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+DROP TABLE test_ps_flag;
+=====
+=== Test ANALYZE behavior after creation with explicit PS=OFF
+=====
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=0;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=0
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+0
+DROP TABLE test_ps_flag;
+=====
+=== Test ANALYZE behavior after creation with explicit PS=ON
+=====
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=1;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=1
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+DROP TABLE test_ps_flag;
+=====
+=== Test ANALYZE behavior after creation with explicit PS=OFF,
+=== then ALTER to ON, then ALTER to OFF, then ALTER to default
+=====
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=0;
+ALTER TABLE test_ps_flag STATS_PERSISTENT=1;
+# restart
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=1
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+ALTER TABLE test_ps_flag STATS_PERSISTENT=0;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=0
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+0
+ALTER TABLE test_ps_flag STATS_PERSISTENT=default;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+DROP TABLE test_ps_flag;
+=====
+=== Test ANALYZE behavior after creation with explicit PS=ON,
+=== then ALTER to OFF, then ALTER to ON, then ALTER to default
+=====
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=1;
+ALTER TABLE test_ps_flag STATS_PERSISTENT=0;
+# restart
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=0
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+0
+ALTER TABLE test_ps_flag STATS_PERSISTENT=1;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=1
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+ALTER TABLE test_ps_flag STATS_PERSISTENT=default;
+SHOW CREATE TABLE test_ps_flag;
+Table	Create Table
+test_ps_flag	CREATE TABLE `test_ps_flag` (
+  `a` int(11) DEFAULT NULL
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_before
+0
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+Table	Op	Msg_type	Msg_text
+test.test_ps_flag	analyze	status	OK
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+cnt_after
+1
+DROP TABLE test_ps_flag;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_persistent.result b/mysql-test/suite/innodb/r/innodb_stats_persistent.result
index a691ab19..4ce1b59e 100644
--- a/mysql-test/suite/innodb/r/innodb_stats_persistent.result
+++ b/mysql-test/suite/innodb/r/innodb_stats_persistent.result
@@ -8,9 +8,9 @@ CREATE TABLE t1 (id SERIAL, val INT UNSIGNED NOT NULL, KEY(val))
 ENGINE=INNODB STATS_PERSISTENT=1,STATS_AUTO_RECALC=1;
 CREATE TABLE t2 LIKE t1;
 INSERT INTO t1 (val) SELECT 4 FROM seq_1_to_16;
+SET STATEMENT use_stat_tables=never FOR
 ANALYZE TABLE t1;
 Table	Op	Msg_type	Msg_text
-test.t1	analyze	status	Engine-independent statistics collected
 test.t1	analyze	status	OK
 connect con1, localhost, root,,;
 START TRANSACTION;
@@ -57,7 +57,7 @@ connection con1;
 EXPLAIN SELECT * FROM t2 WHERE val=4;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t2	ref	val	val	4	const	1	Using index
-InnoDB		0 transactions not purged
+SET GLOBAL innodb_max_purge_lag_wait=0;
 # After COMMIT and purge, the DELETE must show up.
 EXPLAIN SELECT * FROM t1 WHERE val=4;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
@@ -89,7 +89,7 @@ COUNT(*)
 # ha_innobase::records_in_range() would count the delete-marked records.
 EXPLAIN SELECT * FROM t1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
-1	SIMPLE	t1	index	NULL	val	4	NULL	16	Using index
+1	SIMPLE	t1	index	NULL	val	4	NULL	1	Using index
 ROLLBACK;
 EXPLAIN SELECT * FROM t1;
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
@@ -103,3 +103,25 @@ DROP TABLE t1,t2;
 SET GLOBAL innodb_stats_include_delete_marked = @saved_include_delete_marked;
 SET GLOBAL innodb_stats_traditional = @saved_traditional;
 SET GLOBAL innodb_stats_modified_counter = @saved_modified_counter;
+CREATE TABLE bug12429573 (i INTEGER PRIMARY KEY, j INTEGER, KEY(j))
+ENGINE=INNODB STATS_PERSISTENT=1;
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE bug12429573;
+Table	Op	Msg_type	Msg_text
+test.bug12429573	analyze	status	OK
+SELECT last_update INTO @last FROM mysql.innodb_table_stats
+WHERE table_name = 'bug12429573';
+SELECT * FROM mysql.innodb_index_stats
+WHERE table_name = 'bug12429573' AND last_update!=@last;
+database_name	table_name	index_name	last_update	stat_name	stat_value	sample_size	stat_description
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE bug12429573;
+Table	Op	Msg_type	Msg_text
+test.bug12429573	analyze	status	OK
+SELECT * FROM mysql.innodb_table_stats
+WHERE table_name = 'bug12429573' AND last_update=@last;
+database_name	table_name	last_update	n_rows	clustered_index_size	sum_of_other_index_sizes
+SELECT * FROM mysql.innodb_index_stats
+WHERE table_name = 'bug12429573' AND last_update=@last;
+database_name	table_name	index_name	last_update	stat_name	stat_value	sample_size	stat_description
+DROP TABLE bug12429573;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_sample_pages.result b/mysql-test/suite/innodb/r/innodb_stats_sample_pages.result
new file mode 100644
index 00000000..a24d9aa8
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_sample_pages.result
@@ -0,0 +1,29 @@
+SET GLOBAL innodb_stats_persistent_sample_pages=17;
+CREATE TABLE test_ps_sample_pages_used (
+a VARCHAR(512), PRIMARY KEY (a)
+) ENGINE=INNODB STATS_SAMPLE_PAGES=default;
+BEGIN;
+COMMIT;
+ANALYZE TABLE test_ps_sample_pages_used;
+Table	Op	Msg_type	Msg_text
+test.test_ps_sample_pages_used	analyze	status	Engine-independent statistics collected
+test.test_ps_sample_pages_used	analyze	status	OK
+SELECT stat_name, stat_value FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_leaf_pages';
+stat_name	stat_value
+n_leaf_pages	37
+SELECT sample_size FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_diff_pfx01';
+sample_size
+17
+ALTER TABLE test_ps_sample_pages_used STATS_SAMPLE_PAGES=14;
+ANALYZE TABLE test_ps_sample_pages_used;
+Table	Op	Msg_type	Msg_text
+test.test_ps_sample_pages_used	analyze	status	Engine-independent statistics collected
+test.test_ps_sample_pages_used	analyze	status	OK
+SELECT sample_size FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_diff_pfx01';
+sample_size
+14
+DROP TABLE test_ps_sample_pages_used;
+SET GLOBAL innodb_stats_persistent_sample_pages=default;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_table_flag_auto_recalc.result b/mysql-test/suite/innodb/r/innodb_stats_table_flag_auto_recalc.result
new file mode 100644
index 00000000..5585d3f6
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_table_flag_auto_recalc.result
@@ -0,0 +1,82 @@
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=1;
+# restart
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_AUTO_RECALC=1
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	stats_auto_recalc=1
+DROP TABLE test_ps_auto_recalc;
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=default;
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	
+DROP TABLE test_ps_auto_recalc;
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=0;
+# restart
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_AUTO_RECALC=0
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	stats_auto_recalc=0
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=1;
+# restart
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_AUTO_RECALC=1
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	stats_auto_recalc=1
+DROP TABLE test_ps_auto_recalc;
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=1;
+# restart
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_AUTO_RECALC=1
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	stats_auto_recalc=1
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=0;
+# restart
+SHOW CREATE TABLE test_ps_auto_recalc;
+Table	test_ps_auto_recalc
+Create Table	CREATE TABLE `test_ps_auto_recalc` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_AUTO_RECALC=0
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+create_options	stats_auto_recalc=0
+DROP TABLE test_ps_auto_recalc;
diff --git a/mysql-test/suite/innodb/r/innodb_stats_table_flag_sample_pages.result b/mysql-test/suite/innodb/r/innodb_stats_table_flag_sample_pages.result
new file mode 100644
index 00000000..b26b0150
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_stats_table_flag_sample_pages.result
@@ -0,0 +1,95 @@
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	
+ALTER TABLE test_ps_sample_pages STATS_SAMPLE_PAGES=12345;
+# restart
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_SAMPLE_PAGES=12345
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	stats_sample_pages=12345
+DROP TABLE test_ps_sample_pages;
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=default;
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	
+DROP TABLE test_ps_sample_pages;
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=-5;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-5' at line 2
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=0;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '0' at line 2
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=67000;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '67000' at line 2
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=670000;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '670000' at line 2
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=65536;
+ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '65536' at line 2
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=65535;
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_SAMPLE_PAGES=65535
+DROP TABLE test_ps_sample_pages;
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=1;
+# restart
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_SAMPLE_PAGES=1
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	stats_sample_pages=1
+DROP TABLE test_ps_sample_pages;
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=5678;
+# restart
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_SAMPLE_PAGES=5678
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	stats_sample_pages=5678
+ALTER TABLE test_ps_sample_pages STATS_SAMPLE_PAGES=default;
+# restart
+SHOW CREATE TABLE test_ps_sample_pages;
+Table	test_ps_sample_pages
+Create Table	CREATE TABLE `test_ps_sample_pages` (
+  `a` int(11) NOT NULL,
+  PRIMARY KEY (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+create_options	
+DROP TABLE test_ps_sample_pages;
diff --git a/mysql-test/suite/innodb/r/innodb_ut_format_name.result b/mysql-test/suite/innodb/r/innodb_ut_format_name.result
new file mode 100644
index 00000000..41a5b0f7
--- /dev/null
+++ b/mysql-test/suite/innodb/r/innodb_ut_format_name.result
@@ -0,0 +1,5 @@
+CREATE TABLE t (c INT) ENGINE=INNODB;
+SET @save_dbug = @@debug_dbug;
+SET debug_dbug = '+d,test_ut_format_name';
+DROP TABLE t;
+SET debug_dbug = @save_dbug;
diff --git a/mysql-test/suite/innodb/r/instant_alter.result b/mysql-test/suite/innodb/r/instant_alter.result
index 8670b994..55bb921c 100644
--- a/mysql-test/suite/innodb/r/instant_alter.result
+++ b/mysql-test/suite/innodb/r/instant_alter.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 #
 # MDEV-11369: Instant ADD COLUMN for InnoDB
 #
@@ -2937,3 +2939,4 @@ index(id, msg)
 FLUSH TABLES;
 ALTER TABLE mdev28822_100427_innodb ADD i1 INTEGER, ALGORITHM=INSTANT;
 DROP TABLE mdev28822_100427_innodb;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/r/instant_alter_bugs.result b/mysql-test/suite/innodb/r/instant_alter_bugs.result
index feacaa6b..1183618f 100644
--- a/mysql-test/suite/innodb/r/instant_alter_bugs.result
+++ b/mysql-test/suite/innodb/r/instant_alter_bugs.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 #
 # MDEV-17821 Assertion `!page_rec_is_supremum(rec)' failed
 # in btr_pcur_store_position
@@ -491,4 +493,30 @@ DROP TABLE t1;
 CREATE TABLE t1 (i int AS (0) STORED, j INT) ENGINE=InnoDB;
 ALTER TABLE t1 ADD COLUMN i INT GENERATED ALWAYS AS (1), DROP COLUMN i;
 DROP TABLE t1;
+#
+# MDEV-18322 Assertion "wrong_page_type" on instant ALTER
+#
+BEGIN NOT ATOMIC
+DECLARE c TEXT
+DEFAULT(SELECT CONCAT('CREATE TABLE t1 (c',
+GROUP_CONCAT(seq SEPARATOR ' CHAR(200), c'),
+' CHAR(211)) ENGINE=InnoDB ROW_FORMAT=REDUNDANT')
+FROM seq_1_to_40);
+EXECUTE IMMEDIATE c;
+END;
+$$
+INSERT INTO t1 SET c1=NULL;
+ALTER TABLE t1 ADD c41 INT FIRST;
+ERROR 42000: Row size too large. The maximum row size for the used table type, not counting BLOBs, is 8123. This includes storage overhead, check the manual. You have to change some columns to TEXT or BLOBs
+ALTER TABLE t1 ADD c41 INT FIRST;
+ERROR 42000: Row size too large. The maximum row size for the used table type, not counting BLOBs, is 8123. This includes storage overhead, check the manual. You have to change some columns to TEXT or BLOBs
+CHECK TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	check	status	OK
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+1
+DROP TABLE t1;
 # End of 10.4 tests
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+# End of 10.6 tests
diff --git a/mysql-test/suite/innodb/r/instant_alter_crash.result b/mysql-test/suite/innodb/r/instant_alter_crash.result
index c6f7d389..e423afe1 100644
--- a/mysql-test/suite/innodb/r/instant_alter_crash.result
+++ b/mysql-test/suite/innodb/r/instant_alter_crash.result
@@ -3,7 +3,7 @@ FLUSH TABLES;
 # MDEV-11369: Instant ADD COLUMN for InnoDB
 #
 CREATE TABLE t1(id INT PRIMARY KEY, c2 INT UNIQUE)
-ENGINE=InnoDB ROW_FORMAT=REDUNDANT;
+ENGINE=InnoDB STATS_PERSISTENT=0 ROW_FORMAT=REDUNDANT;
 CREATE TABLE t2 LIKE t1;
 INSERT INTO t1 VALUES(0,2);
 INSERT INTO t2 VALUES(2,1);
@@ -160,7 +160,7 @@ t1	CREATE TABLE `t1` (
   `c2` int(11) DEFAULT NULL,
   PRIMARY KEY (`id`),
   UNIQUE KEY `c2` (`c2`)
-) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci ROW_FORMAT=REDUNDANT
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=0 ROW_FORMAT=REDUNDANT
 SHOW CREATE TABLE t2;
 Table	Create Table
 t2	CREATE TABLE `t2` (
@@ -168,7 +168,7 @@ t2	CREATE TABLE `t2` (
   `c2` int(11) DEFAULT NULL,
   PRIMARY KEY (`id`),
   UNIQUE KEY `c2` (`c2`)
-) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci ROW_FORMAT=REDUNDANT
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci STATS_PERSISTENT=0 ROW_FORMAT=REDUNDANT
 SHOW CREATE TABLE t3;
 Table	Create Table
 t3	CREATE TABLE `t3` (
diff --git a/mysql-test/suite/innodb/r/instant_alter_debug,redundant.rdiff b/mysql-test/suite/innodb/r/instant_alter_debug,redundant.rdiff
index cff4ff18..f442e406 100644
--- a/mysql-test/suite/innodb/r/instant_alter_debug,redundant.rdiff
+++ b/mysql-test/suite/innodb/r/instant_alter_debug,redundant.rdiff
@@ -1,6 +1,8 @@
-@@ -527,4 +527,4 @@
+@@ -527,6 +527,6 @@
  FROM information_schema.global_status
  WHERE variable_name = 'innodb_instant_alter_column';
  instants
 -35
 +36
+ SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+ # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/r/instant_alter_debug.result b/mysql-test/suite/innodb/r/instant_alter_debug.result
index 68af5694..d6d49047 100644
--- a/mysql-test/suite/innodb/r/instant_alter_debug.result
+++ b/mysql-test/suite/innodb/r/instant_alter_debug.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 SET @old_instant=
 (SELECT variable_value FROM information_schema.global_status
 WHERE variable_name = 'innodb_instant_alter_column');
@@ -524,3 +526,5 @@ FROM information_schema.global_status
 WHERE variable_name = 'innodb_instant_alter_column';
 instants
 35
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+# End of 10.6 tests
diff --git a/mysql-test/suite/innodb/r/instant_alter_purge.result b/mysql-test/suite/innodb/r/instant_alter_purge.result
index 61cffc9a..4163bf3f 100644
--- a/mysql-test/suite/innodb/r/instant_alter_purge.result
+++ b/mysql-test/suite/innodb/r/instant_alter_purge.result
@@ -5,7 +5,7 @@ InnoDB		0 transactions not purged
 connect  prevent_purge,localhost,root;
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
 connection default;
-CREATE TABLE t1 (f1 INT, f2 INT) ENGINE=InnoDB;
+CREATE TABLE t1 (f1 INT, f2 INT) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 () VALUES ();
 ALTER TABLE t1 DROP f2, ADD COLUMN f2 INT;
 ALTER TABLE t1 DROP f1;
diff --git a/mysql-test/suite/innodb/r/instant_alter_rollback.result b/mysql-test/suite/innodb/r/instant_alter_rollback.result
index dd427b62..6e84580c 100644
--- a/mysql-test/suite/innodb/r/instant_alter_rollback.result
+++ b/mysql-test/suite/innodb/r/instant_alter_rollback.result
@@ -1,3 +1,4 @@
+SET GLOBAL innodb_stats_persistent = 0;
 FLUSH TABLES;
 #
 # MDEV-11369: Instant ADD COLUMN for InnoDB
diff --git a/mysql-test/suite/innodb/r/lock_move_wait_lock_race.result b/mysql-test/suite/innodb/r/lock_move_wait_lock_race.result
index 572fbc9b..c78102d9 100644
--- a/mysql-test/suite/innodb/r/lock_move_wait_lock_race.result
+++ b/mysql-test/suite/innodb/r/lock_move_wait_lock_race.result
@@ -1,4 +1,5 @@
-CREATE TABLE t (pk int PRIMARY KEY, c varchar(10)) ENGINE=InnoDB;
+CREATE TABLE t (pk int PRIMARY KEY, c varchar(10))
+STATS_PERSISTENT=0 ENGINE=InnoDB;
 INSERT INTO t VALUES (10, "0123456789");
 connection default;
 BEGIN;
diff --git a/mysql-test/suite/innodb/r/log_file_name.result b/mysql-test/suite/innodb/r/log_file_name.result
index 76612295..a7f8cc8c 100644
--- a/mysql-test/suite/innodb/r/log_file_name.result
+++ b/mysql-test/suite/innodb/r/log_file_name.result
@@ -1,3 +1,4 @@
+call mtr.add_suppression("InnoDB: Header page consists of zero bytes in datafile:");
 SET GLOBAL innodb_file_per_table=ON;
 FLUSH TABLES;
 CREATE TABLE t1(a INT PRIMARY KEY) ENGINE=InnoDB;
diff --git a/mysql-test/suite/innodb/r/mem_pressure.result b/mysql-test/suite/innodb/r/mem_pressure.result
new file mode 100644
index 00000000..b1127db8
--- /dev/null
+++ b/mysql-test/suite/innodb/r/mem_pressure.result
@@ -0,0 +1,25 @@
+#
+# MDEV-24670 avoid OOM by linux kernel co-operative memory management
+#
+set @save_dbug=@@debug_dbug;
+set @save_limit=@@GLOBAL.innodb_limit_optimistic_insert_debug;
+set GLOBAL innodb_max_purge_lag_wait=0;
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB;
+SET GLOBAL innodb_limit_optimistic_insert_debug=2;
+SET STATEMENT unique_checks=0, foreign_key_checks=0 FOR
+INSERT INTO t1 SELECT * FROM seq_1_to_1000;
+SET GLOBAL innodb_limit_optimistic_insert_debug=@save_limit;
+DROP TABLE t1;
+SELECT CAST(VARIABLE_VALUE AS INTEGER) INTO @dirty_prev
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='Innodb_buffer_pool_pages_dirty';
+set debug_dbug="d,trigger_garbage_collection";
+SET GLOBAL innodb_buffer_pool_size=@@innodb_buffer_pool_size;
+SELECT CAST(VARIABLE_VALUE AS INTEGER) < @dirty_prev AS LESS_DIRTY_IS_GOOD
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='Innodb_buffer_pool_pages_dirty';
+LESS_DIRTY_IS_GOOD
+1
+FOUND 1 /InnoDB: Memory pressure event freed.*/ in mysqld.1.err
+set debug_dbug=@save_dbug;
+# End of 10.11 tests
diff --git a/mysql-test/suite/innodb/r/no_pad.result b/mysql-test/suite/innodb/r/no_pad.result
index 0c039c30..2af5eb02 100644
--- a/mysql-test/suite/innodb/r/no_pad.result
+++ b/mysql-test/suite/innodb/r/no_pad.result
@@ -5,3 +5,49 @@ ALTER TABLE t1 ROW_FORMAT=DYNAMIC;
 INSERT INTO t1 VALUES ('',2);
 ALTER TABLE t1 ROW_FORMAT=REDUNDANT;
 DROP TABLE t1;
+#
+# MDEV-26743 InnoDB: CHAR+nopad does not work well
+#
+#
+# Basic Latin letter vs equal accented letter
+#
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES ('a'),('ä');
+ERROR 23000: Duplicate entry 'ä' for key 'PRIMARY'
+DROP TABLE t1;
+#
+# Two letters vs equal (but space padded) expansion
+#
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES ('ss'),('ß');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1;
+HEX(a)
+7373
+C39F20
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
+#
+# Basic Latin letter (but followed by an ignorable character) vs equal accented letter
+#
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(3), PRIMARY KEY(a)) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES (CONCAT('a',_utf8mb3 0x01)),('ä');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1 ORDER BY HEX(a);
+HEX(a)
+610120
+C3A42020
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES (CONCAT('a',_utf8mb3 0x01)),('ä');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1 ORDER BY HEX(a);
+HEX(a)
+6101
+C3A420
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/r/page_id_innochecksum.result b/mysql-test/suite/innodb/r/page_id_innochecksum.result
index 7915a7ba..bde986c0 100644
--- a/mysql-test/suite/innodb/r/page_id_innochecksum.result
+++ b/mysql-test/suite/innodb/r/page_id_innochecksum.result
@@ -1,5 +1,5 @@
 # Set the environmental variables
-create table t1(f1 int not null)engine=innodb;
+create table t1(f1 int not null)engine=innodb stats_persistent=0;
 insert into t1 values(1), (2), (3);
 # Change the page offset
 FOUND 1 /page id mismatch/ in result.log
diff --git a/mysql-test/suite/innodb/r/page_reorganize.result b/mysql-test/suite/innodb/r/page_reorganize.result
index 20e1600b..fe85926e 100644
--- a/mysql-test/suite/innodb/r/page_reorganize.result
+++ b/mysql-test/suite/innodb/r/page_reorganize.result
@@ -16,8 +16,6 @@ SET @save_dbug = @@debug_dbug;
 SET DEBUG_DBUG = '+d,do_page_reorganize,do_lock_reverse_page_reorganize';
 insert into t1(f2) values (repeat('+', 100));
 SET DEBUG = @save_dbug;
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 commit;
 connection con1;
 f1
diff --git a/mysql-test/suite/innodb/r/purge.result b/mysql-test/suite/innodb/r/purge.result
index ed14fad7..9284fa18 100644
--- a/mysql-test/suite/innodb/r/purge.result
+++ b/mysql-test/suite/innodb/r/purge.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 # Bug #12429576 - Test an assertion failure on purge.
 CREATE TABLE t1_purge (
 A int,
@@ -115,4 +117,5 @@ t12963823	CREATE TABLE `t12963823` (
   KEY `ndx_p` (`p`(500))
 ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci ROW_FORMAT=DYNAMIC
 InnoDB		0 transactions not purged
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
 DROP TABLE t1_purge, t2_purge, t3_purge, t4_purge, t12637786, t12963823;
diff --git a/mysql-test/suite/innodb/r/purge_secondary.result b/mysql-test/suite/innodb/r/purge_secondary.result
index 9801e985..70d16f1f 100644
--- a/mysql-test/suite/innodb/r/purge_secondary.result
+++ b/mysql-test/suite/innodb/r/purge_secondary.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 CREATE TABLE t1 (
 a SERIAL, b CHAR(255) NOT NULL DEFAULT '', c BOOLEAN DEFAULT false,
 l LINESTRING NOT NULL DEFAULT ST_linefromtext('linestring(448 -689,
@@ -167,3 +169,5 @@ page 5: N_RECS=0x0001
 UNLOCK TABLES;
 DROP TABLE t1;
 # End of 10.3 tests
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+# End of 10.6 tests
diff --git a/mysql-test/suite/innodb/r/purge_thread_shutdown.result b/mysql-test/suite/innodb/r/purge_thread_shutdown.result
deleted file mode 100644
index 747fe91c..00000000
--- a/mysql-test/suite/innodb/r/purge_thread_shutdown.result
+++ /dev/null
@@ -1,27 +0,0 @@
-connect con1, localhost, root;
-create table t1 (a int) engine=innodb;
-insert t1 values (1),(2),(3),(4);
-delete from t1 where a=1;
-select user,state from information_schema.processlist order by 2;
-user	state
-root	
-root	Filling schema table
-set global debug_dbug='+d,only_kill_system_threads';
-set global innodb_fast_shutdown=0;
-shutdown;
-connection default;
-disconnect con1;
-select user,state from information_schema.processlist order by 2;
-user	state
-root	Filling schema table
-set global innodb_fast_shutdown=1;
-select user,state from information_schema.processlist order by 2;
-user	state
-root	Filling schema table
-delete from t1 where a=3;
-set global innodb_fast_shutdown=0;
-ERROR 42000: Variable 'innodb_fast_shutdown' can't be set to the value of '0'
-kill ID;
-Got one of the listed errors
-# restart
-drop table t1;
diff --git a/mysql-test/suite/innodb/r/read_only_recovery.result b/mysql-test/suite/innodb/r/read_only_recovery.result
index add0da94..2cde5818 100644
--- a/mysql-test/suite/innodb/r/read_only_recovery.result
+++ b/mysql-test/suite/innodb/r/read_only_recovery.result
@@ -37,6 +37,8 @@ SELECT * FROM t;
 a
 3
 SET GLOBAL innodb_max_purge_lag_wait=0;
+INSERT INTO mysql.innodb_index_stats
+SELECT * FROM mysql.innodb_index_stats LIMIT 0;
 # restart
 SELECT * FROM t;
 a
diff --git a/mysql-test/suite/innodb/r/records_in_range,4k.rdiff b/mysql-test/suite/innodb/r/records_in_range,4k.rdiff
new file mode 100644
index 00000000..12b857ec
--- /dev/null
+++ b/mysql-test/suite/innodb/r/records_in_range,4k.rdiff
@@ -0,0 +1,8 @@
+@@ -39,7 +39,7 @@
+ WHERE
+ table_name='records_in_range_test' AND stat_name = 'size';
+ index_name	stat_name	stat_value
+-PRIMARY	size	1
++PRIMARY	size	5
+ SET @save_dbug = @@debug_dbug;
+ SET DEBUG_DBUG='+d,print_btr_estimate_n_rows_in_range_return_value';
diff --git a/mysql-test/suite/innodb/r/records_in_range,8k.rdiff b/mysql-test/suite/innodb/r/records_in_range,8k.rdiff
new file mode 100644
index 00000000..bd24af16
--- /dev/null
+++ b/mysql-test/suite/innodb/r/records_in_range,8k.rdiff
@@ -0,0 +1,8 @@
+@@ -39,7 +39,7 @@
+ WHERE
+ table_name='records_in_range_test' AND stat_name = 'size';
+ index_name	stat_name	stat_value
+-PRIMARY	size	1
++PRIMARY	size	3
+ SET @save_dbug = @@debug_dbug;
+ SET DEBUG_DBUG='+d,print_btr_estimate_n_rows_in_range_return_value';
diff --git a/mysql-test/suite/innodb/r/records_in_range.result b/mysql-test/suite/innodb/r/records_in_range.result
new file mode 100644
index 00000000..e5a698f5
--- /dev/null
+++ b/mysql-test/suite/innodb/r/records_in_range.result
@@ -0,0 +1,1275 @@
+CREATE TABLE records_in_range_test (
+c1 VARCHAR(16),
+c2 VARCHAR(512),
+PRIMARY KEY (c1)
+) ENGINE=INNODB STATS_PERSISTENT=1;
+INSERT INTO records_in_range_test VALUES
+('ccc', REPEAT('v', 512)),
+('kkk01', REPEAT('v', 512)),
+('kkk02', REPEAT('v', 512)),
+('kkk03', REPEAT('v', 512)),
+('kkk04', REPEAT('v', 512)),
+('kkk05', REPEAT('v', 512)),
+('kkk06', REPEAT('v', 512)),
+('kkk07', REPEAT('v', 512)),
+('kkk08', REPEAT('v', 512)),
+('mmm', REPEAT('v', 512)),
+('nnn', REPEAT('v', 512)),
+('uuu01', REPEAT('v', 512)),
+('uuu02', REPEAT('v', 512)),
+('uuu03', REPEAT('v', 512)),
+('uuu04', REPEAT('v', 512)),
+('uuu05', REPEAT('v', 512)),
+('uuu06', REPEAT('v', 512)),
+('uuu07', REPEAT('v', 512)),
+('uuu08', REPEAT('v', 512)),
+('xxx', REPEAT('v', 512));
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE records_in_range_test;
+Table	Op	Msg_type	Msg_text
+test.records_in_range_test	analyze	status	OK
+SELECT index_name, stat_name, stat_value
+FROM mysql.innodb_index_stats
+WHERE
+table_name='records_in_range_test' AND stat_name = 'n_leaf_pages';
+index_name	stat_name	stat_value
+PRIMARY	n_leaf_pages	1
+SELECT index_name, stat_name, stat_value
+FROM mysql.innodb_index_stats
+WHERE
+table_name='records_in_range_test' AND stat_name = 'size';
+index_name	stat_name	stat_value
+PRIMARY	size	1
+SET @save_dbug = @@debug_dbug;
+SET DEBUG_DBUG='+d,print_btr_estimate_n_rows_in_range_return_value';
+
+In all SELECTs below the number of the records in the range returned
+by COUNT(*) must be the same as the number returned by
+btr_estimate_n_rows_in_range() which can be seen inside the artificial
+warning
+
+Test left-unbounded, right-open intervals
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'aaa';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'ccc';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+Test left-unbounded, right-closed intervals
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'aaa';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'ccc';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'mmm';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'nnn';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'xxx';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+Test left-open, right-unbounded intervals
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+
+Test left-closed, right-unbounded intervals
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+
+Test left-open, right-open intervals
+In some cases here the optimizer is smart enough not to call
+ha_innobase::records_in_range() at all, so we get no warning containing
+the value returned from btr_estimate_n_rows_in_range()
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'bbb';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'ccc';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'eee';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'mmm';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'nnn';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'xxx';
+COUNT(*)
+18
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 18
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'mmm';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'nnn';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'xxx';
+COUNT(*)
+18
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 18
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'nnn';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'qqq';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'xxx';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'zzz';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'qqq';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'xxx';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'xxx';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'zzz';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'zzz';
+COUNT(*)
+0
+
+Test left-closed, right-open intervals
+In some cases here the optimizer is smart enough not to call
+ha_innobase::records_in_range() at all, so we get no warning containing
+the value returned from btr_estimate_n_rows_in_range()
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'bbb';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'ccc';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'mmm';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'nnn';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'xxx';
+COUNT(*)
+18
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 18
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'nnn';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'qqq';
+COUNT(*)
+2
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 2
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'xxx';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'zzz';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'qqq';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'xxx';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'zzz';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'xxx';
+COUNT(*)
+8
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 8
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'zzz';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'zzz';
+COUNT(*)
+0
+
+Test left-open, right-closed intervals
+In some cases here the optimizer is smart enough not to call
+ha_innobase::records_in_range() at all, so we get no warning containing
+the value returned from btr_estimate_n_rows_in_range()
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'bbb';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'ccc';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'mmm';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'nnn';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'xxx';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'eee';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'nnn';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'qqq';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'xxx';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'zzz';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'qqq';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'xxx';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'xxx';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'zzz';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'zzz';
+COUNT(*)
+0
+
+Test left-closed, right-closed intervals
+In some cases here the optimizer is smart enough not to call
+ha_innobase::records_in_range() at all, so we get no warning containing
+the value returned from btr_estimate_n_rows_in_range()
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'bbb';
+COUNT(*)
+0
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'ccc';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'mmm';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'nnn';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'xxx';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'ccc';
+COUNT(*)
+1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'eee';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'mmm';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'nnn';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'qqq';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'xxx';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'zzz';
+COUNT(*)
+20
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 20
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'mmm';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'nnn';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'qqq';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'xxx';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'zzz';
+COUNT(*)
+19
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 19
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'mmm';
+COUNT(*)
+1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'nnn';
+COUNT(*)
+2
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 2
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'qqq';
+COUNT(*)
+2
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 2
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'xxx';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'zzz';
+COUNT(*)
+11
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 11
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'nnn';
+COUNT(*)
+1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'qqq';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'xxx';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'zzz';
+COUNT(*)
+10
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 10
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'xxx';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'zzz';
+COUNT(*)
+9
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 9
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'xxx';
+COUNT(*)
+1
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'zzz';
+COUNT(*)
+1
+Warnings:
+Warning	1230	btr_estimate_n_rows_in_range(): 1
+
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'bbb';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'ccc';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'eee';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'mmm';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'nnn';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'qqq';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'xxx';
+COUNT(*)
+0
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'zzz';
+COUNT(*)
+0
+SET DEBUG_DBUG = @save_dbug;
+DROP TABLE records_in_range_test;
diff --git a/mysql-test/suite/innodb/r/row_format_redundant.result b/mysql-test/suite/innodb/r/row_format_redundant.result
index d95c37f1..e3356c63 100644
--- a/mysql-test/suite/innodb/r/row_format_redundant.result
+++ b/mysql-test/suite/innodb/r/row_format_redundant.result
@@ -68,9 +68,8 @@ DROP TABLE t1;
 Warnings:
 Warning	1932	Table 'test.t1' doesn't exist in engine
 DROP TABLE t2,t3;
-FOUND 6 /\[ERROR\] InnoDB: Table test/t1 in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=1 SYS_TABLES\.MIX_LEN=511\b/ in mysqld.1.err
+FOUND 5 /\[ERROR\] InnoDB: Table test/t1 in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=1 SYS_TABLES\.MIX_LEN=511\b/ in mysqld.1.err
 # restart
-ib_buffer_pool
 ib_logfile0
 ibdata1
 db.opt
diff --git a/mysql-test/suite/innodb/r/scrub_debug.result b/mysql-test/suite/innodb/r/scrub_debug.result
index 1e60fb73..7b0a9fd5 100644
--- a/mysql-test/suite/innodb/r/scrub_debug.result
+++ b/mysql-test/suite/innodb/r/scrub_debug.result
@@ -4,7 +4,7 @@ SET GLOBAL INNODB_IMMEDIATE_SCRUB_DATA_UNCOMPRESSED=1;
 SET GLOBAL INNODB_LIMIT_OPTIMISTIC_INSERT_DEBUG=2;
 CREATE TABLE t1(f1 INT AUTO_INCREMENT PRIMARY KEY,
 f2 VARCHAR(256) GENERATED ALWAYS as('repairman'),
-INDEX idx(f2))ENGINE= InnoDB;
+INDEX idx(f2))ENGINE= InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1(f1) SELECT seq FROM seq_1_to_50;
 FLUSH TABLE t1 FOR EXPORT;
 FOUND 108 /repairman/ in t1.ibd
diff --git a/mysql-test/suite/innodb/r/table_flags.result b/mysql-test/suite/innodb/r/table_flags.result
index 77999035..cc32472f 100644
--- a/mysql-test/suite/innodb/r/table_flags.result
+++ b/mysql-test/suite/innodb/r/table_flags.result
@@ -101,13 +101,9 @@ ERROR 42S02: Table 'test.tc' doesn't exist in engine
 SELECT * FROM tc;
 ERROR 42S02: Table 'test.tc' doesn't exist in engine
 SHOW CREATE TABLE td;
-Table	Create Table
-td	CREATE TABLE `td` (
-  `a` int(11) NOT NULL,
-  PRIMARY KEY (`a`)
-) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci ROW_FORMAT=DYNAMIC
+ERROR HY000: Got error 194 "Tablespace is missing for a table" from storage engine InnoDB
 SELECT * FROM td;
-a
+ERROR HY000: Got error 194 "Tablespace is missing for a table" from storage engine InnoDB
 SHOW CREATE TABLE tz;
 Table	Create Table
 tz	CREATE TABLE `tz` (
@@ -122,8 +118,8 @@ a
 42
 SHOW CREATE TABLE tp;
 ERROR 42S02: Table 'test.tp' doesn't exist in engine
-FOUND 5 /InnoDB: Table test/t[cp] in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=(129|289|3873|1232[13]) SYS_TABLES\.N_COLS=2147483649/ in mysqld.1.err
-FOUND 2 /InnoDB: Table test/tr in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=65 SYS_TABLES\.MIX_LEN=4294967295\b/ in mysqld.1.err
+FOUND 3 /InnoDB: Table test/t[cp] in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=(129|289|3873|1232[13]) SYS_TABLES\.N_COLS=2147483649/ in mysqld.1.err
+FOUND 1 /InnoDB: Table test/tr in InnoDB data dictionary contains invalid flags\. SYS_TABLES\.TYPE=65 SYS_TABLES\.MIX_LEN=4294967295\b/ in mysqld.1.err
 Restoring SYS_TABLES clustered index root page (8)
 # restart: with restart_parameters
 SHOW CREATE TABLE tr;
diff --git a/mysql-test/suite/innodb/r/tablespace_per_table_not_windows.result b/mysql-test/suite/innodb/r/tablespace_per_table_not_windows.result
new file mode 100644
index 00000000..7b1d0f91
--- /dev/null
+++ b/mysql-test/suite/innodb/r/tablespace_per_table_not_windows.result
@@ -0,0 +1,128 @@
+#
+# Test the limits of a file-per-table tablespace name.  MySQL combines
+# the database name with the table name to make a unique table name.
+#
+SET default_storage_engine=InnoDB;
+#
+# MySQL limits each database and tablename identifier to 64 characters
+# of up to 3 bytes per character, corresponding to 192 bytes.
+#
+CREATE DATABASE `this_sixty_five_byte_name_is_too_long____________________________`;
+ERROR 42000: Incorrect database name 'this_sixty_five_byte_name_is_too_long____________________________'
+CREATE DATABASE `this_sixty_four_byte_name_is_not_too_long_______________________`;
+USE `this_sixty_four_byte_name_is_not_too_long_______________________`;
+#
+# A 64 character tablename can be created in a 64 character database name
+#
+CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_four_byte_name_is_not_too_long_______________________` (a SERIAL);
+#
+# A 65 character tablename is too long.
+#
+CREATE TABLE `test`.`this_sixty_five_byte_name_is_too_long____________________________` (a SERIAL);
+ERROR 42000: Incorrect table name 'this_sixty_five_byte_name_is_too_long____________________________'
+CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_five_byte_name_is_too_long____________________________` (a SERIAL);
+ERROR 42000: Incorrect table name 'this_sixty_five_byte_name_is_too_long____________________________'
+#
+# Non-non-filename-safe characters like '#' are expanded to '@0023'.
+# On many file systems, such as Linux extfs, you can create a database name
+# that expands to up to 255 bytes long.
+# `##################################################_long` is expanded to
+#                        (50 * 5) +                     5  = 255.
+#
+CREATE DATABASE `##################################################_long`;;
+USE `##################################################_long`;
+#
+# This 256-byte name is only one byte longer but fails with an error code
+# from the stat operation.
+# `##################################################_long_` is expanded to
+#                        (50 * 5) +                    6  = 256.
+#
+CREATE DATABASE `##################################################_long_`;
+ERROR HY000: Can't get stat of './##################################################_long_' (Errcode: ## "File name too long")
+#
+# This 300-byte name which is the longest name that gets an error code
+# from the stat operation.
+# `###########################################################_long` is expanded to
+#                        (59 * 5) +                             5  = 300.
+#
+CREATE DATABASE `###########################################################_long`;
+ERROR HY000: Can't get stat of './###########################################################_long' (Errcode: ## "File name too long")
+#
+# This 301-byte name which is only one byte longer but fails with ER_TOO_LONG_IDENT.
+# `###########################################################_long_` is expanded to
+#                        (59 * 5) +                             6  = 301.
+#
+CREATE DATABASE `###########################################################_long_`;
+ERROR 42000: Incorrect database name '###########################################################_long_'
+USE test;
+#
+# An expanded table name is limited to 251 bytes
+#
+CREATE TABLE `test`.`#################################################_long_` (a SERIAL);
+#
+# A 252-byte tablename is too long
+#
+CREATE TABLE `test`.`#################################################_long___` (a SERIAL);
+ERROR HY000: Can't create table `test`.`#################################################_long___` (errno: ## "File name too long")
+CREATE DATABASE twenty_byte_db_name_;
+USE `twenty_byte_db_name_`;
+#
+# A 251 byte expanded table name will fit with a longer database name
+#
+CREATE TABLE `twenty_byte_db_name_`.`#################################################_long_` (a SERIAL);
+#
+# A 252 byte expanded table name is also too long in a longer database name
+#
+CREATE TABLE `twenty_byte_db_name_`.`#################################################_long___` (a SERIAL);
+ERROR HY000: Can't create table `twenty_byte_db_name_`.`#################################################_long___` (errno: ## "File name too long")
+#
+# Another limitation is a 512 byte length to an expanded path that includes
+# the datadir which is './' in this test, the expanded database name,
+# the directory separator '/', the expanded table name, and the file extension.
+# './long_db_name.long_250_byte_table_name.frm'
+#  2+    255    +1+       250            +1+3  = 512
+#
+CREATE TABLE `##################################################_long`.`#################################################_long` (a SERIAL);
+CREATE TABLE `##################################################_long`.`#################################################_long_` (a SERIAL);
+ERROR HY000: Long database name and identifier for object resulted in path length exceeding 512 characters. Path: './@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023_long/@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@
+SHOW WARNINGS;
+Level	Code	Message
+Error	1860	Long database name and identifier for object resulted in path length exceeding 512 characters. Path: './@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023_long/@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@
+#
+# Show the successfully created databases and tables
+#
+---- list_files MYSQLD_DATADIR/test
+#################################################_long_.frm
+#################################################_long_.ibd
+db.opt
+---- list_files MYSQLD_DATADIR/this_sixty_four_byte_name_is_not_too_long_______________________
+db.opt
+this_sixty_four_byte_name_is_not_too_long_______________________.frm
+this_sixty_four_byte_name_is_not_too_long_______________________.ibd
+---- list_files MYSQLD_DATADIR/##################################################_long
+#################################################_long.frm
+#################################################_long.ibd
+db.opt
+SELECT name FROM information_schema.innodb_sys_tables WHERE name LIKE '%long%';
+name
+##################################################_long/#################################################_long
+test/#################################################_long_
+this_sixty_four_byte_name_is_not_too_long_______________________/this_sixty_four_byte_name_is_not_too_long_______________________
+twenty_byte_db_name_/#################################################_long_
+SELECT name FROM information_schema.innodb_sys_tablespaces WHERE name LIKE '%long%';
+name
+this_sixty_four_byte_name_is_not_too_long_______________________/this_sixty_four_byte_name_is_not_too_long_______________________
+test/#################################################_long_
+twenty_byte_db_name_/#################################################_long_
+##################################################_long/#################################################_long
+SELECT file_name, tablespace_name FROM information_schema.files WHERE file_name LIKE '%long%';
+#
+# Cleanup
+#
+DROP TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_four_byte_name_is_not_too_long_______________________`;
+DROP TABLE `test`.`#################################################_long_`;
+DROP TABLE `twenty_byte_db_name_`.`#################################################_long_`;
+DROP TABLE `##################################################_long`.`#################################################_long`;
+DROP DATABASE `this_sixty_four_byte_name_is_not_too_long_______________________`;
+DROP DATABASE `##################################################_long`;
+DROP DATABASE `twenty_byte_db_name_`;
diff --git a/mysql-test/suite/innodb/r/tablespace_per_table_windows.result b/mysql-test/suite/innodb/r/tablespace_per_table_windows.result
new file mode 100644
index 00000000..14253baa
--- /dev/null
+++ b/mysql-test/suite/innodb/r/tablespace_per_table_windows.result
@@ -0,0 +1,48 @@
+#
+# Test the limits of a file-per-table tablespace name.  MySQL combines
+# the database name with the table name to make a unique table name.
+#
+SET default_storage_engine=InnoDB;
+#
+# MySQL limits each database and tablename identifier to 64 characters
+# of up to 3 bytes per character, corresponding to 192 bytes.
+#
+CREATE DATABASE `this_sixty_five_byte_name_is_too_long____________________________`;
+ERROR 42000: Incorrect database name 'this_sixty_five_byte_name_is_too_long____________________________'
+CREATE DATABASE `this_sixty_four_byte_name_is_not_too_long_______________________`;
+USE `this_sixty_four_byte_name_is_not_too_long_______________________`;
+#
+# A 64 character tablename can be created in a 64 character database name
+#
+CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_four_byte_name_is_not_too_long_______________________` (a SERIAL);
+#
+# A 65 character tablename is too long.
+#
+CREATE TABLE `test`.`this_sixty_five_byte_name_is_too_long____________________________` (a SERIAL);
+ERROR 42000: Incorrect table name 'this_sixty_five_byte_name_is_too_long____________________________'
+CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_five_byte_name_is_too_long____________________________` (a SERIAL);
+ERROR 42000: Incorrect table name 'this_sixty_five_byte_name_is_too_long____________________________'
+#
+# Show the successfully created database and table
+#
+SHOW CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________`.`this_sixty_four_byte_name_is_not_too_long_______________________`;
+Table	Create Table
+this_sixty_four_byte_name_is_not_too_long_______________________	CREATE TABLE `this_sixty_four_byte_name_is_not_too_long_______________________` (
+  `a` bigint(20) unsigned NOT NULL AUTO_INCREMENT,
+  UNIQUE KEY `a` (`a`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+---- list_files MYSQLD_DATADIR/this_sixty_four_byte_name_is_not_too_long_______________________
+db.opt
+this_sixty_four_byte_name_is_not_too_long_______________________.frm
+this_sixty_four_byte_name_is_not_too_long_______________________.ibd
+SELECT name FROM information_schema.innodb_sys_tables WHERE name LIKE '%long%';
+name
+this_sixty_four_byte_name_is_not_too_long_______________________/this_sixty_four_byte_name_is_not_too_long_______________________
+SELECT name FROM information_schema.innodb_sys_tablespaces WHERE name LIKE '%long%';
+name
+this_sixty_four_byte_name_is_not_too_long_______________________/this_sixty_four_byte_name_is_not_too_long_______________________
+SELECT file_name, tablespace_name FROM information_schema.files WHERE file_name LIKE '%long%';
+#
+# Cleanup
+#
+DROP DATABASE `this_sixty_four_byte_name_is_not_too_long_______________________`;
diff --git a/mysql-test/suite/innodb/r/truncate_crash.result b/mysql-test/suite/innodb/r/truncate_crash.result
index 5e7380e3..7df461ec 100644
--- a/mysql-test/suite/innodb/r/truncate_crash.result
+++ b/mysql-test/suite/innodb/r/truncate_crash.result
@@ -1,5 +1,5 @@
 FLUSH TABLES;
-CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB;
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 VALUES (1),(2);
 connect  wait,localhost,root,,test;
 SET DEBUG_SYNC='before_trx_state_committed_in_memory SIGNAL c WAIT_FOR ever';
diff --git a/mysql-test/suite/innodb/r/truncate_foreign.result b/mysql-test/suite/innodb/r/truncate_foreign.result
index e587baa5..e001e3ba 100644
--- a/mysql-test/suite/innodb/r/truncate_foreign.result
+++ b/mysql-test/suite/innodb/r/truncate_foreign.result
@@ -77,25 +77,26 @@ DROP TABLE t1;
 call mtr.add_suppression("InnoDB: In ALTER TABLE `test`\\.`t1` has or is");
 CREATE TABLE t1 (pk INT, a INT, PRIMARY KEY (pk), KEY (a)) ENGINE=InnoDB;
 SET FOREIGN_KEY_CHECKS=0;
-ALTER TABLE t1 ADD FOREIGN KEY (a) REFERENCES t1 (a), ALGORITHM=COPY;
+ALTER TABLE t1 ADD FOREIGN KEY (a) REFERENCES t2 (a), ALGORITHM=COPY;
 INSERT INTO t1 VALUES (1,1);
+CREATE TABLE t2(f1 INT PRIMARY KEY)ENGINE=InnoDB;
 LOCK TABLES t1 WRITE;
 SET FOREIGN_KEY_CHECKS=1;
 TRUNCATE t1;
 ERROR HY000: Cannot add foreign key constraint for `t1`
 INSERT INTO t1 VALUES (2,2);
-ERROR HY000: Table 't1' was not locked with LOCK TABLES
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t1`, CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`a`) REFERENCES `t2` (`a`))
 SELECT * FROM t1;
 pk	a
 1	1
 UNLOCK TABLES;
 INSERT INTO t1 VALUES (2,2);
-ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t1`, CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`a`) REFERENCES `t1` (`a`))
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t1`, CONSTRAINT `t1_ibfk_1` FOREIGN KEY (`a`) REFERENCES `t2` (`a`))
 SET FOREIGN_KEY_CHECKS=0;
 INSERT INTO t1 VALUES (2,2);
 SELECT * FROM t1;
 pk	a
 1	1
 2	2
-DROP TABLE t1;
+DROP TABLE t2, t1;
 # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/r/trx_id_future.result b/mysql-test/suite/innodb/r/trx_id_future.result
index c9beb17b..487fa82c 100644
--- a/mysql-test/suite/innodb/r/trx_id_future.result
+++ b/mysql-test/suite/innodb/r/trx_id_future.result
@@ -2,7 +2,7 @@
 # Bug #20445525	ADD A CONSISTENCY CHECK AGAINST DB_TRX_ID BEING
 #		IN THE FUTURE
 #
-CREATE TABLE t1(a INT) row_format=redundant engine=innoDB;
+CREATE TABLE t1(a INT) row_format=redundant engine=innoDB stats_persistent=0;
 INSERT INTO t1 VALUES(1);
 InnoDB		0 transactions not purged
 call mtr.add_suppression("\\[Warning\\] InnoDB: A transaction id in a record of table `test`\\.`t1` is newer than the system-wide maximum");
diff --git a/mysql-test/suite/innodb/r/undo_log.result b/mysql-test/suite/innodb/r/undo_log.result
index 6e377951..014b1210 100644
--- a/mysql-test/suite/innodb/r/undo_log.result
+++ b/mysql-test/suite/innodb/r/undo_log.result
@@ -1,3 +1,5 @@
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 SET innodb_strict_mode=OFF;
 CREATE TABLE test_tab (
 a_str_18 mediumtext,
@@ -154,3 +156,4 @@ ROLLBACK;
 InnoDB		0 transactions not purged
 DROP TABLE t1;
 DROP TABLE t2;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/add_foreign_key.test b/mysql-test/suite/innodb/t/add_foreign_key.test
new file mode 100644
index 00000000..d0febfd6
--- /dev/null
+++ b/mysql-test/suite/innodb/t/add_foreign_key.test
@@ -0,0 +1,38 @@
+--source include/have_innodb.inc
+
+--echo #
+--echo # Bug #19471516 SERVER CRASHES WHEN EXECUTING ALTER TABLE ADD
+--echo # FOREIGN KEY
+--echo #
+
+CREATE TABLE `parent` (`parent_id` INT, PRIMARY KEY (`parent_id`));
+CREATE TABLE `child1` (`id` INT ,`child1_fk1` INT, `child1_fk2` INT,
+PRIMARY KEY (`id`));
+CREATE TABLE `child2` (`id` INT, `child2_fk1` INT, `child2_fk2` INT,
+PRIMARY KEY (`id`));
+CREATE TABLE `child3` (`id` INT , `child3_fk1` INT, PRIMARY KEY (`id`));
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk1`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk1`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk2`) REFERENCES `parent`
+(`parent_id`);
+
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk1`) REFERENCES `parent`
+(`parent_id`);
+
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk2`) REFERENCES `parent`
+(`parent_id`);
+
+ALTER TABLE `child3` ADD FOREIGN KEY (`child3_fk1`) REFERENCES `parent`
+(`parent_id`);
+ALTER TABLE `child1` ADD FOREIGN KEY (`child1_fk2`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk1`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child2` ADD FOREIGN KEY (`child2_fk2`) REFERENCES
+`parent` (`parent_id`);
+ALTER TABLE `child3` ADD FOREIGN KEY (`child3_fk1`) REFERENCES
+`parent` (`parent_id`);
+
+drop table child3, child2, child1, parent;
diff --git a/mysql-test/suite/innodb/t/alter_kill.test b/mysql-test/suite/innodb/t/alter_kill.test
index 461e1f47..7d83e7e3 100644
--- a/mysql-test/suite/innodb/t/alter_kill.test
+++ b/mysql-test/suite/innodb/t/alter_kill.test
@@ -26,6 +26,7 @@ call mtr.add_suppression("Table .*bug16720368.* is corrupted");
 -- echo #
 
 SET GLOBAL innodb_file_per_table=1;
+SET GLOBAL innodb_stats_persistent=0;
 
 CREATE TABLE bug16720368_1 (a INT PRIMARY KEY) ENGINE=InnoDB;
 
diff --git a/mysql-test/suite/innodb/t/alter_table.test b/mysql-test/suite/innodb/t/alter_table.test
index 67ada081..d293d3a4 100644
--- a/mysql-test/suite/innodb/t/alter_table.test
+++ b/mysql-test/suite/innodb/t/alter_table.test
@@ -121,9 +121,20 @@ CREATE TABLE t1 (c TIMESTAMP AUTO_INCREMENT UNIQUE) ENGINE=InnoDB;
 CREATE TABLE t1 (c DATETIME AUTO_INCREMENT UNIQUE) ENGINE=InnoDB;
 
 --echo #
---echo # End of 10.4 tests
+--echo # MDEV-31000 Assertion failed on ALTER TABLE...page_compressed=1
 --echo #
 
+SET @save_file_per_table=@@GLOBAL.innodb_file_per_table;
+SET GLOBAL innodb_file_per_table=0;
+CREATE TABLE t (c INT PRIMARY KEY) ENGINE=INNODB;
+SET GLOBAL innodb_file_per_table=1;
+ALTER TABLE t page_compressed=1;
+SET GLOBAL innodb_file_per_table=@save_file_per_table;
+SELECT space>0 FROM information_schema.innodb_sys_tables WHERE name='test/t';
+DROP TABLE t;
+
+--echo # End of 10.4 tests
+
 --echo #
 --echo # MDEV-21748 ASAN use-after-poison in PageBulk::insertPage()
 --echo #
@@ -141,3 +152,5 @@ CREATE TABLE t1 (id INT PRIMARY KEY, a YEAR, INDEX(id,a)) ENGINE=InnoDB;
 INSERT INTO t1 VALUES (1,NULL),(2,NULL);
 UPDATE t1 SET a=0;
 DROP TABLE t1;
+
+--echo # End of 10.5 tests
diff --git a/mysql-test/suite/innodb/t/cascade_lock_wait.test b/mysql-test/suite/innodb/t/cascade_lock_wait.test
new file mode 100644
index 00000000..4489c9ae
--- /dev/null
+++ b/mysql-test/suite/innodb/t/cascade_lock_wait.test
@@ -0,0 +1,45 @@
+--source include/have_innodb.inc
+--source include/have_debug.inc
+
+create table t1 (f1 int primary key) engine=innodb;
+create table t2 (f1 int primary key,
+    constraint c1 foreign key (f1) references t1(f1)
+    on update cascade
+    on delete cascade) engine=innodb;
+create table t3 (f1 int primary key,
+    constraint c2 foreign key (f1) references t1(f1)
+    on update cascade
+    on delete cascade) engine=innodb;
+show create table t1;
+show create table t2;
+show create table t3;
+
+insert into t1 values (1);
+insert into t1 values (2);
+insert into t1 values (3);
+
+insert into t2 values (1);
+insert into t2 values (2);
+insert into t2 values (3);
+
+insert into t3 values (1);
+insert into t3 values (2);
+insert into t3 values (3);
+
+select f1 from t1;
+select f1 from t2;
+select f1 from t3;
+
+set @save_dbug = @@debug_dbug;
+set debug_dbug = '+d,dml_cascade_only_once';
+set debug_dbug = '+d,row_upd_cascade_lock_wait_err';
+update t1 set f1 = 100 where f1 = 2;
+
+select f1 from t1;
+select f1 from t2;
+select f1 from t3;
+
+set debug_dbug = @save_dbug;
+drop table t2;
+drop table t3;
+drop table t1;
diff --git a/mysql-test/suite/innodb/t/corrupted_during_recovery.test b/mysql-test/suite/innodb/t/corrupted_during_recovery.test
index f383d9ab..1f410246 100644
--- a/mysql-test/suite/innodb/t/corrupted_during_recovery.test
+++ b/mysql-test/suite/innodb/t/corrupted_during_recovery.test
@@ -59,7 +59,7 @@ SELECT * FROM t1;
 let $restart_parameters=--innodb_force_recovery=1;
 --source include/restart_mysqld.inc
 
---error ER_TABLE_CORRUPT
+--error ER_NO_SUCH_TABLE_IN_ENGINE,ER_TABLE_CORRUPT
 SELECT * FROM t1;
 SELECT * FROM t2;
 CHECK TABLE t2;
diff --git a/mysql-test/suite/innodb/t/dml_purge.test b/mysql-test/suite/innodb/t/dml_purge.test
index 463ae390..78c6c50a 100644
--- a/mysql-test/suite/innodb/t/dml_purge.test
+++ b/mysql-test/suite/innodb/t/dml_purge.test
@@ -1,5 +1,8 @@
 --source include/innodb_page_size.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 let INNODB_PAGE_SIZE=`select @@innodb_page_size`;
 let MYSQLD_DATADIR=`select @@datadir`;
 
@@ -76,3 +79,5 @@ EOF
 UNLOCK TABLES;
 SELECT * FROM t1;
 DROP TABLE t1;
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/doublewrite.test b/mysql-test/suite/innodb/t/doublewrite.test
index d8dac955..d7300990 100644
--- a/mysql-test/suite/innodb/t/doublewrite.test
+++ b/mysql-test/suite/innodb/t/doublewrite.test
@@ -1,17 +1,11 @@
+
 --echo #
---echo # Bug #17335427 INNODB CAN NOT USE THE DOUBLEWRITE BUFFER PROPERLY
---echo # Bug #18144349 INNODB CANNOT USE THE DOUBLEWRITE BUFFER FOR THE FIRST
---echo # PAGE OF SYSTEM TABLESPACE
+--echo # MDEV-32242 innodb.doublewrite test case always is skipped
 --echo #
 
 --source include/innodb_page_size.inc
---source include/have_debug.inc
 --source include/not_embedded.inc
-# This test is slow on buildbot.
---source include/big_test.inc
 
-# Slow shutdown and restart to make sure ibuf merge is finished
-SET GLOBAL innodb_fast_shutdown = 0;
 --disable_query_log
 call mtr.add_suppression("InnoDB: Data file .* uses page size .* but the innodb_page_size start-up parameter is");
 call mtr.add_suppression("InnoDB: adjusting FSP_SPACE_FLAGS");
@@ -22,23 +16,16 @@ call mtr.add_suppression("Plugin 'InnoDB' (init function returned error|registra
 call mtr.add_suppression("InnoDB: A bad Space ID was found in datafile");
 call mtr.add_suppression("InnoDB: Checksum mismatch in datafile: ");
 call mtr.add_suppression("InnoDB: Inconsistent tablespace ID in .*t1\\.ibd");
+call mtr.add_suppression("\\[Warning\\] Found 1 prepared XA transactions");
+call mtr.add_suppression("InnoDB: Header page consists of zero bytes in datafile:");
 --enable_query_log
---source include/restart_mysqld.inc
 
 let INNODB_PAGE_SIZE=`select @@innodb_page_size`;
 let MYSQLD_DATADIR=`select @@datadir`;
 let ALGO=`select @@innodb_checksum_algorithm`;
 let SEARCH_FILE= $MYSQLTEST_VARDIR/log/mysqld.1.err;
 
-show variables like 'innodb_doublewrite';
-show variables like 'innodb_fil_make_page_dirty_debug';
-show variables like 'innodb_saved_page_number_debug';
-
-connect (stop_purge,localhost,root,,);
-START TRANSACTION WITH CONSISTENT SNAPSHOT;
-connection default;
-
-create table t1 (f1 int primary key, f2 blob) engine=innodb stats_persistent=0;
+create table t1 (f1 int primary key, f2 blob) stats_persistent=0, engine=innodb;
 
 start transaction;
 insert into t1 values(1, repeat('#',12));
@@ -48,35 +35,24 @@ insert into t1 values(4, repeat('-',12));
 insert into t1 values(5, repeat('.',12));
 commit work;
 
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if first page of user
---echo # tablespace is full of zeroes.
-
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-
-begin;
-insert into t1 values (6, repeat('%', 12));
---echo # Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-
+# Slow shutdown and restart to make sure ibuf merge is finished
+SET GLOBAL innodb_fast_shutdown = 0;
+let $shutdown_timeout=;
+--source include/restart_mysqld.inc
 --source ../include/no_checkpoint_start.inc
+connect (dml,localhost,root,,);
+XA START 'x';
+insert into t1 values (6, repeat('%', @@innodb_page_size/2));
+XA END 'x';
+XA PREPARE 'x';
+disconnect dml;
+connection default;
 
---echo # Make the first page dirty for table t1
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-
---echo # Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
+flush table t1 for export;
 
---let CLEANUP_IF_CHECKPOINT=drop table t1;
+let $restart_parameters=;
+--let CLEANUP_IF_CHECKPOINT=XA COMMIT 'x';drop table t1;
 --source ../include/no_checkpoint_end.inc
-disconnect stop_purge;
-
---echo # Make the first page (page_no=0) of the user tablespace
---echo # full of zeroes.
---echo #
---echo # MDEV-11623: Use old FSP_SPACE_FLAGS in the doublewrite buffer.
 
 perl;
 use IO::Handle;
@@ -90,16 +66,15 @@ my $page_size = $ENV{INNODB_PAGE_SIZE};
 my $page;
 do "$ENV{MTR_SUITE_DIR}/../innodb/include/crc32.pl";
 open(FILE, "+<", $fname) or die;
+sysseek(FILE, ($page_size/2), 0);
+syswrite(FILE, chr(0) x ($page_size/2));
+sysseek(FILE, 3*$page_size, 0);
 sysread(FILE, $page, $page_size)==$page_size||die "Unable to read $name\n";
-my $page1 = $page;
-substr($page1, 34, 4) = pack("N", 0);
-my $polynomial0 = 0x82f63b78; # CRC-32C
-my $ck0 = mycrc32(substr($page1, 0, ($page_size-4)), 0, $polynomial0);
-substr($page1, ($page_size - 4), 4) = pack("N", $ck0);
-sysseek(FILE, 0, 0)||die "Unable to seek $fname\n";
-die unless syswrite(FILE, $page1, $page_size) == $page_size;
+sysseek(FILE, 3*$page_size, 0)||die "Unable to seek $fname\n";
+syswrite(FILE, chr(0) x ($page_size/2));
 close FILE;
 
+# Change the flag offset of page 0 in doublewrite buffer
 open(FILE, "+<", "$ENV{MYSQLD_DATADIR}ibdata1")||die "cannot open ibdata1\n";
 sysseek(FILE, 6 * $page_size - 190, 0)||die "Unable to seek ibdata1\n";
 sysread(FILE, $_, 12) == 12||die "Unable to read TRX_SYS\n";
@@ -112,28 +87,23 @@ for (my $d = $d1; $d < $d2 + 64; $d++)
     sysread(FILE, $_, $page_size)==$page_size||die "Cannot read doublewrite\n";
     next unless $_ eq $page;
     sysseek(FILE, $d * $page_size, 0)||die "Unable to seek ibdata1\n";
-    # Write buggy MariaDB 10.1.x FSP_SPACE_FLAGS to the doublewrite buffer
-    my($flags) = unpack "x[54]N", $_;
-    my $badflags = ($flags & 0x3f);
-    my $compression_level=6;
-    $badflags |= 1<<6|$compression_level<<7 if ($flags & 1 << 16);
-    $badflags |= ($flags & 15 << 6) << 7; # PAGE_SSIZE
-
+    # Write buggy FSP_SPACE_FLAGS to the doublewrite buffer for page
+    my $badflags = 0x0006FFFF;
     substr ($_, 54, 4) = pack("N", $badflags);
     if ($algo =~ /full_crc32/)
     {
-	my $ck = mycrc32(substr($_, 0, $page_size - 4), 0, $polynomial);
-	substr($_, $page_size - 4, 4) = pack("N", $ck);
+        my $ck = mycrc32(substr($_, 0, $page_size - 4), 0, $polynomial);
+        substr($_, $page_size - 4, 4) = pack("N", $ck);
     }
     else
     {
-	# Replace the innodb_checksum_algorithm=crc32 checksum
-	my $ck= pack("N",
-		     mycrc32(substr($_, 4, 22), 0, $polynomial) ^
-		     mycrc32(substr($_, 38, $page_size - 38 - 8), 0,
-			     $polynomial));
-	substr ($_, 0, 4) = $ck;
-	substr ($_, $page_size - 8, 4) = $ck;
+        # Replace the innodb_checksum_algorithm=crc32 checksum
+        my $ck= pack("N",
+                     mycrc32(substr($_, 4, 22), 0, $polynomial) ^
+                     mycrc32(substr($_, 38, $page_size - 38 - 8), 0,
+                             $polynomial));
+        substr ($_, 0, 4) = $ck;
+        substr ($_, $page_size - 8, 4) = $ck;
     }
     syswrite(FILE, $_, $page_size)==$page_size||die;
     close(FILE);
@@ -143,325 +113,42 @@ die "Did not find the page in the doublewrite buffer ($d1,$d2)\n";
 EOF
 
 --source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if first page of user
---echo # tablespace is corrupted.
-
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-
---echo # Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-
-set global innodb_log_checkpoint_now=1;
-
-begin;
-insert into t1 values (6, repeat('%', 12));
-
---source ../include/no_checkpoint_start.inc
-
---echo # Make the first page dirty for table t1
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-
---echo # Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---source include/no_checkpoint_end.inc
-
---echo # Corrupt the first page (page_no=0) of the user tablespace.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}test/t1.ibd";
-my $page_size = $ENV{INNODB_PAGE_SIZE};
-open(FILE, "+<", $fname) or die;
-sysread(FILE, $page, $page_size)==$page_size||die "Unable to read $name\n";
-substr($page, 28, 4) = pack("N", 1000);
-sysseek(FILE, 0, 0)||die "Unable to seek $fname\n";
-die unless syswrite(FILE, $page, $page_size) == $page_size;
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if 2nd page of user
---echo # tablespace is full of zeroes.
-
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-
---echo # Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
---source ../include/no_checkpoint_start.inc
-
---echo # Make the 2nd page dirty for table t1
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-
---echo # Ensure that dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---source include/no_checkpoint_end.inc
-
---echo # Make the 2nd page (page_no=1) of the tablespace all zeroes.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}test/t1.ibd";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'});
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
+let SEARCH_PATTERN=InnoDB: Restoring page \[page id: space=[1-9][0-9]*, page number=0\] of datafile;
+--source include/search_pattern_in_file.inc
+let SEARCH_PATTERN=InnoDB: Recovered page \[page id: space=[1-9][0-9]*, page number=3\];
+--source include/search_pattern_in_file.inc
+XA ROLLBACK 'x';
 check table t1;
 select f1, f2 from t1;
 
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if 2nd page of user
---echo # tablespace is corrupted.
-
-select space into @space_id from information_schema.innodb_sys_tables
-where name = 'test/t1';
-
---echo # Ensure that dirty pages of table t1 is flushed.
-flush tables t1 for export;
-unlock tables;
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
 --source ../include/no_checkpoint_start.inc
+connect (dml,localhost,root,,);
+XA START 'x';
+insert into t1 values (6, repeat('%', @@innodb_page_size/2));
+XA END 'x';
+XA PREPARE 'x';
+disconnect dml;
+connection default;
 
---echo # Make the 2nd page dirty for table t1
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = @space_id;
-
---echo # Ensure that the dirty pages of table t1 are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---source include/no_checkpoint_end.inc
-
---echo # Corrupt the 2nd page (page_no=1) of the user tablespace.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}test/t1.ibd";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'}/2);
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if first page of
---echo # system tablespace is full of zeroes.
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
---echo # Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---echo # Make the first page dirty for system tablespace
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = 0;
-
---echo # Ensure that the dirty page of system tablespace is also flushed.
-# We do this after the transaction starts and all dirty pages have been flushed
-# already. So flushing of this specified dirty page will surely keep the
-# copy in doublewrite buffer, and no more writes to doublewrite buffer would
-# overwrite the copy. Thus, we can safely modify the original page when server
-# is down. So do the following testings.
-set global innodb_buf_flush_list_now = 1;
-
---source include/kill_mysqld.inc
-
---echo # Make the first page (page_no=0) of the system tablespace
---echo # all zeroes.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'});
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if first page of
---echo # system tablespace is corrupted.
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
---echo # Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---echo # Make the first page dirty for system tablespace
-set global innodb_saved_page_number_debug = 0;
-set global innodb_fil_make_page_dirty_debug = 0;
-
---echo # Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
-
---source include/kill_mysqld.inc
-
---echo # Corrupt the first page (page_no=0) of the system tablespace.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'}/2);
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if 2nd page of
---echo # system tablespace is full of zeroes.
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
---echo # Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---echo # Make the second page dirty for system tablespace
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = 0;
-
---echo # Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
-
---source include/kill_mysqld.inc
-
---echo # Make the 2nd page (page_no=1) of the system tablespace
---echo # all zeroes.
-perl;
-use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'});
-close FILE;
-EOF
-
---source include/start_mysqld.inc
-
-check table t1;
-select f1, f2 from t1;
-
---echo # Test End
---echo # ---------------------------------------------------------------
---echo # Test Begin: Test if recovery works if 2nd page of
---echo # system tablespace is corrupted.
-
-begin;
-insert into t1 values (6, repeat('%', 400));
-
---echo # Ensure that all dirty pages in the system are flushed.
-set global innodb_buf_flush_list_now = 1;
-
---echo # Make the second page dirty for system tablespace
-set global innodb_saved_page_number_debug = 1;
-set global innodb_fil_make_page_dirty_debug = 0;
-
---echo # Ensure that the dirty page of system tablespace is also flushed.
-set global innodb_buf_flush_list_now = 1;
+flush table t1 for export;
 
---source include/kill_mysqld.inc
+let $restart_parameters=;
+--source ../include/no_checkpoint_end.inc
 
---echo # Make the 2nd page (page_no=1) of the system tablespace
---echo # all zeroes.
+# Zero out the first page in file and try to recover from dblwr
 perl;
 use IO::Handle;
-my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
-open(FILE, "+<", $fname) or die;
-FILE->autoflush(1);
-binmode FILE;
-seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
-print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'}/2);
+open(FILE, "+<", "$ENV{'MYSQLD_DATADIR'}test/t1.ibd") or die;
+syswrite(FILE, chr(0) x $ENV{INNODB_PAGE_SIZE});
 close FILE;
 EOF
 
 --source include/start_mysqld.inc
-
-check table t1;
---let SEARCH_PATTERN= InnoDB: .*test.t1\\.ibd
+let SEARCH_PATTERN=InnoDB: Restoring page \[page id: space=[1-9][0-9]*, page number=0\] of datafile;
 --source include/search_pattern_in_file.inc
-
+XA ROLLBACK 'x';
+check table t1;
 select f1, f2 from t1;
-
 drop table t1;
 
---echo #
---echo # MDEV-12600 crash during install_db with innodb_page_size=32K
---echo # and ibdata1=3M
---echo #
-let bugdir= $MYSQLTEST_VARDIR/tmp/doublewrite;
---mkdir $bugdir
-
-let $check_no_innodb=SELECT * FROM INFORMATION_SCHEMA.ENGINES
-WHERE engine = 'innodb'
-AND support IN ('YES', 'DEFAULT', 'ENABLED');
-
---let $ibp=--innodb-log-group-home-dir=$bugdir --innodb-data-home-dir=$bugdir
---let $ibd=$ibp --innodb-undo-tablespaces=0
---let $ibp=$ibp --innodb-data-file-path=ibdata1:1M;ibdata2:1M:autoextend
-
---let $restart_parameters= $ibp
---source include/restart_mysqld.inc
-eval $check_no_innodb;
---let SEARCH_PATTERN= \[ERROR\] InnoDB: Cannot create doublewrite buffer
---source include/search_pattern_in_file.inc
---let $restart_parameters=
---source include/restart_mysqld.inc
-
---remove_file $bugdir/ibdata1
---remove_file $bugdir/ibdata2
---remove_file $bugdir/ib_logfile0
---rmdir $bugdir
+--echo # End of 10.5 tests
diff --git a/mysql-test/suite/innodb/t/doublewrite_debug.combinations b/mysql-test/suite/innodb/t/doublewrite_debug.combinations
new file mode 100644
index 00000000..4f52013f
--- /dev/null
+++ b/mysql-test/suite/innodb/t/doublewrite_debug.combinations
@@ -0,0 +1,7 @@
+[strict_crc32]
+--innodb-checksum-algorithm=strict_crc32
+--innodb-use-atomic-writes=0
+
+[strict_full_crc32]
+--innodb-checksum-algorithm=strict_full_crc32
+--innodb-use-atomic-writes=0
diff --git a/mysql-test/suite/innodb/t/doublewrite_debug.test b/mysql-test/suite/innodb/t/doublewrite_debug.test
new file mode 100644
index 00000000..ab7fd8eb
--- /dev/null
+++ b/mysql-test/suite/innodb/t/doublewrite_debug.test
@@ -0,0 +1,170 @@
+--echo #
+--echo # Bug #17335427 INNODB CAN NOT USE THE DOUBLEWRITE BUFFER PROPERLY
+--echo # Bug #18144349 INNODB CANNOT USE THE DOUBLEWRITE BUFFER FOR THE FIRST
+--echo # PAGE OF SYSTEM TABLESPACE
+--echo #
+
+--source include/innodb_page_size.inc
+--source include/have_debug.inc
+--source include/not_embedded.inc
+--disable_query_log
+call mtr.add_suppression("InnoDB: Data file .* uses page size .* but the innodb_page_size start-up parameter is");
+call mtr.add_suppression("InnoDB: adjusting FSP_SPACE_FLAGS");
+call mtr.add_suppression("InnoDB: New log files created");
+call mtr.add_suppression("InnoDB: Cannot create doublewrite buffer: the first file in innodb_data_file_path must be at least (3|6|12)M\\.");
+call mtr.add_suppression("InnoDB: Database creation was aborted");
+call mtr.add_suppression("Plugin 'InnoDB' (init function returned error|registration as a STORAGE ENGINE failed)");
+call mtr.add_suppression("InnoDB: A bad Space ID was found in datafile");
+call mtr.add_suppression("InnoDB: Checksum mismatch in datafile: ");
+call mtr.add_suppression("InnoDB: Inconsistent tablespace ID in .*t1\\.ibd");
+call mtr.add_suppression("InnoDB: Header page consists of zero bytes in datafile:");
+--enable_query_log
+
+let INNODB_PAGE_SIZE=`select @@innodb_page_size`;
+let MYSQLD_DATADIR=`select @@datadir`;
+let ALGO=`select @@innodb_checksum_algorithm`;
+let SEARCH_FILE= $MYSQLTEST_VARDIR/log/mysqld.1.err;
+
+show variables like 'innodb_doublewrite';
+show variables like 'innodb_fil_make_page_dirty_debug';
+show variables like 'innodb_saved_page_number_debug';
+
+create table t1 (f1 int primary key, f2 blob) engine=innodb stats_persistent=0;
+
+start transaction;
+insert into t1 values(1, repeat('#',12));
+insert into t1 values(2, repeat('+',12));
+insert into t1 values(3, repeat('/',12));
+insert into t1 values(4, repeat('-',12));
+insert into t1 values(5, repeat('.',12));
+commit work;
+
+--echo # Test Begin: Test if recovery works if 1st page and 2nd page
+--echo # of system tablespace is full of zeroes.
+
+# Slow shutdown and restart to make sure ibuf merge is finished
+SET GLOBAL innodb_fast_shutdown = 0;
+let $shutdown_timeout=;
+let $restart_parameters="--debug_dbug=+d,ib_log_checkpoint_avoid_hard --innodb_flush_sync=0";
+--source include/restart_mysqld.inc
+--source ../include/no_checkpoint_start.inc
+begin;
+insert into t1 values (6, repeat('%', 400));
+
+--echo # Make the first page dirty for system tablespace
+set global innodb_saved_page_number_debug = 0;
+set global innodb_fil_make_page_dirty_debug = 0;
+
+--echo # Make the second page dirty for system tablespace
+set global innodb_saved_page_number_debug = 1;
+set global innodb_fil_make_page_dirty_debug = 0;
+
+set global innodb_buf_flush_list_now = 1;
+
+--let CLEANUP_IF_CHECKPOINT=drop table t1, unexpected_checkpoint;
+--source ../include/no_checkpoint_end.inc
+
+--echo # Make the 1st page (page_no=0) and 2nd page (page_no=1)
+--echo # of the system tablespace all zeroes.
+perl;
+use IO::Handle;
+my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
+open(FILE, "+<", $fname) or die;
+FILE->autoflush(1);
+binmode FILE;
+print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'});
+seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
+print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'});
+close FILE;
+EOF
+
+let $restart_parameters=;
+--source include/start_mysqld.inc
+
+let SEARCH_PATTERN=InnoDB: Restoring page \[page id: space=0, page number=0\] of datafile;
+--source include/search_pattern_in_file.inc
+
+let SEARCH_PATTERN=InnoDB: Recovered page \[page id: space=0, page number=1\];
+--source include/search_pattern_in_file.inc
+
+check table t1;
+select f1, f2 from t1;
+
+--echo # Test End
+--echo # ---------------------------------------------------------------
+--echo # Test Begin: Test if recovery works if 1st page of
+--echo # system tablespace is corrupted and 2nd page as corrupted.
+
+let $restart_parameters="--debug_dbug=+d,ib_log_checkpoint_avoid_hard --innodb_flush_sync=0";
+--source include/restart_mysqld.inc
+--source ../include/no_checkpoint_start.inc
+begin;
+insert into t1 values (6, repeat('%', 400));
+
+--echo # Make the first page dirty for system tablespace
+set global innodb_saved_page_number_debug = 0;
+set global innodb_fil_make_page_dirty_debug = 0;
+
+--echo # Make the second page dirty for system tablespace
+set global innodb_saved_page_number_debug = 1;
+set global innodb_fil_make_page_dirty_debug = 0;
+
+set global innodb_buf_flush_list_now = 1;
+
+--source ../include/no_checkpoint_end.inc
+
+--echo # Corrupt the 1st page (page_no=0) and 2nd page of the system tablespace.
+perl;
+use IO::Handle;
+my $fname= "$ENV{'MYSQLD_DATADIR'}ibdata1";
+open(FILE, "+<", $fname) or die;
+FILE->autoflush(1);
+binmode FILE;
+print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'}/2);
+seek(FILE, $ENV{'INNODB_PAGE_SIZE'}, SEEK_SET);
+print FILE chr(0) x ($ENV{'INNODB_PAGE_SIZE'}/2);
+close FILE;
+EOF
+
+let $restart_parameters=;
+--source include/start_mysqld.inc
+
+let SEARCH_PATTERN=InnoDB: Restoring page \[page id: space=0, page number=0\] of datafile;
+--source include/search_pattern_in_file.inc
+
+let SEARCH_PATTERN=InnoDB: Recovered page \[page id: space=0, page number=1\];
+--source include/search_pattern_in_file.inc
+
+check table t1;
+select f1, f2 from t1;
+drop table t1;
+let $shutdown_timeout=;
+--echo # Test End
+--echo # ---------------------------------------------------------------
+--echo #
+--echo # MDEV-12600 crash during install_db with innodb_page_size=32K
+--echo # and ibdata1=3M
+--echo #
+let bugdir= $MYSQLTEST_VARDIR/tmp/doublewrite;
+--mkdir $bugdir
+
+let $check_no_innodb=SELECT * FROM INFORMATION_SCHEMA.ENGINES
+WHERE engine = 'innodb'
+AND support IN ('YES', 'DEFAULT', 'ENABLED');
+
+--let $ibp=--innodb-log-group-home-dir=$bugdir --innodb-data-home-dir=$bugdir
+--let $ibp=$ibp --innodb-undo-tablespaces=0
+--let $ibp=$ibp --innodb-data-file-path=ibdata1:1M;ibdata2:1M:autoextend
+
+--let $restart_parameters= $ibp
+--source include/restart_mysqld.inc
+eval $check_no_innodb;
+--let SEARCH_PATTERN= \[ERROR\] InnoDB: Cannot create doublewrite buffer
+--source include/search_pattern_in_file.inc
+--let $restart_parameters=
+--source include/restart_mysqld.inc
+
+--remove_file $bugdir/ibdata1
+--remove_file $bugdir/ibdata2
+--remove_file $bugdir/ib_logfile0
+--rmdir $bugdir
diff --git a/mysql-test/suite/innodb/t/fk_col_alter.test b/mysql-test/suite/innodb/t/fk_col_alter.test
index 2ed10a95..21fd470e 100644
--- a/mysql-test/suite/innodb/t/fk_col_alter.test
+++ b/mysql-test/suite/innodb/t/fk_col_alter.test
@@ -149,4 +149,18 @@ ALTER TABLE t2 DROP INDEX idx;
 ALTER TABLE t2 MODIFY f2 VARCHAR(1023);
 SET SESSION FOREIGN_KEY_CHECKS = ON;
 DROP TABLE t2, t1;
+
+--echo #
+--echo #  MDEV-32638 MariaDB crashes with foreign_key_checks=0
+--echo #	when changing a column and adding a foreign
+--echo #		key at the same time
+--echo #
+CREATE TABLE t1(f1 VARCHAR(2) NOT NULL, PRIMARY KEY(f1))ENGINE=InnoDB;
+CREATE TABLE t2(f1 INT NOT NULL PRIMARY KEY,
+                f2 VARCHAR(10) NOT NULL DEFAULT '')ENGINE=InnoDB;
+SET SESSION FOREIGN_KEY_CHECKS = OFF;
+ALTER TABLE t2 CHANGE COLUMN f2 f3 VARCHAR(20) NOT NULL,
+        ADD CONSTRAINT t2_fk FOREIGN KEY(f3) REFERENCES t1(f1);
+DROP TABLE t2, t1;
+SET SESSION FOREIGN_KEY_CHECKS = ON;
 --echo # End of 10.4 tests
diff --git a/mysql-test/suite/innodb/t/fk_drop_alter.test b/mysql-test/suite/innodb/t/fk_drop_alter.test
new file mode 100644
index 00000000..c79eb873
--- /dev/null
+++ b/mysql-test/suite/innodb/t/fk_drop_alter.test
@@ -0,0 +1,35 @@
+--source include/have_innodb.inc
+--echo #
+--echo #  MDEV-22230 : Unexpected ER_ERROR_ON_RENAME upon DROP
+--echo #	non-existing FOREIGN KEY
+--echo #
+CREATE TABLE t1 (a INT) ENGINE=InnoDB;
+--error ER_CANT_DROP_FIELD_OR_KEY
+ALTER TABLE t1 DROP FOREIGN KEY x, ALGORITHM=COPY;
+--error ER_CANT_DROP_FIELD_OR_KEY
+ALTER TABLE t1 DROP FOREIGN KEY x, ALGORITHM=INPLACE;
+# Cleanup
+DROP TABLE t1;
+
+CREATE TABLE t1 (a INT, KEY(a)) ENGINE=InnoDB;
+CREATE TABLE t2 (a INT, FOREIGN KEY fk_id (a) REFERENCES t1(a))ENGINE=InnoDB;
+CREATE TABLE t3 (a INT, FOREIGN KEY fk_1 (a) REFERENCES t1(a))ENGINE=InnoDB;
+ALTER TABLE t3 DROP FOREIGN KEY IF EXISTS fk_id;
+DROP TABLE t3, t2;
+ALTER TABLE t1 MODIFY COLUMN a VARCHAR(2), DROP FOREIGN KEY IF EXISTS x;
+DROP TABLE t1;
+
+CREATE DATABASE best;
+CREATE TABLE best.t1(f1 INT, KEY(f1))ENGINE=InnoDB;
+CREATE TABLE best.t2(f1 INT, FOREIGN KEY foo(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+
+CREATE TABLE t1(f1 INT, KEY(f1))ENGINE=InnoDB;
+CREATE TABLE t2(f1 INT, FOREIGN KEY foo(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+ALTER TABLE t2 DROP FOREIGN KEY foo;
+--error ER_CANT_DROP_FIELD_OR_KEY
+ALTER TABLE t2 DROP FOREIGN KEY foo;
+ALTER TABLE t2 DROP FOREIGN KEY IF EXISTS foo;
+SHOW CREATE TABLE best.t2;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN;
+DROP TABLE best.t2, best.t1, t2, t1;
+DROP DATABASE best;
diff --git a/mysql-test/suite/innodb/t/foreign-keys.test b/mysql-test/suite/innodb/t/foreign-keys.test
index b93f82c9..aeff7009 100644
--- a/mysql-test/suite/innodb/t/foreign-keys.test
+++ b/mysql-test/suite/innodb/t/foreign-keys.test
@@ -268,3 +268,7 @@ SET FOREIGN_KEY_CHECKS=1;
 INSERT INTO t2 VALUES('G', 3);
 DROP TABLE t2, t1;
 SET FOREIGN_KEY_CHECKS=DEFAULT;
+
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1(a SERIAL) ENGINE=InnoDB ROW_FORMAT=COMPRESSED PAGE_COMPRESSED=1;
+SHOW WARNINGS;
diff --git a/mysql-test/suite/innodb/t/foreign_key.test b/mysql-test/suite/innodb/t/foreign_key.test
index 06da1b6f..0db3a7ca 100644
--- a/mysql-test/suite/innodb/t/foreign_key.test
+++ b/mysql-test/suite/innodb/t/foreign_key.test
@@ -2,6 +2,8 @@
 --source include/count_sessions.inc
 --source include/default_charset.inc
 
+SET GLOBAL innodb_stats_persistent = 0;
+
 --echo #
 --echo # Bug #19027905 ASSERT RET.SECOND DICT_CREATE_FOREIGN_CONSTRAINTS_LOW
 --echo # DICT_CREATE_FOREIGN_CONSTR
@@ -126,6 +128,9 @@ FLUSH TABLES;
 --let $shutdown_timeout=
 disconnect incomplete;
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 INSERT INTO child SET a=0;
 --error ER_NO_REFERENCED_ROW_2
 INSERT INTO child SET a=1;
@@ -728,7 +733,9 @@ SELECT a FROM t1 FORCE INDEX(a);
 # the "goto rollback_to_savept" in row_mysql_handle_errors() is reverted.
 SELECT * FROM t1;
 # Allow purge to continue by closing the read view.
-disconnect con1;
+connection con1;
+COMMIT;
+connection default;
 
 # Wait for purge. With the fix reverted, the server would crash here.
 --source include/wait_all_purged.inc
@@ -949,9 +956,37 @@ ALTER TABLE t1 MODIFY id INT unsigned AUTO_INCREMENT;
 DROP TABLE t1,t2;
 
 --echo #
---echo # End of 10.4 tests
+--echo # MDEV-31441 BLOB corruption on UPDATE of PRIMARY KEY with FOREIGN KEY
 --echo #
 
+CREATE TABLE t1 (pk INT PRIMARY KEY, t TEXT) ENGINE=InnoDB;
+CREATE TABLE t2 (pk INT PRIMARY KEY, FOREIGN KEY (pk) REFERENCES t1(pk))
+ENGINE=InnoDB;
+
+SET @blob = REPEAT('A', @@innodb_page_size / 2);
+INSERT INTO t1 SET pk=1, t=@blob;
+INSERT INTO t2 SET pk=1;
+--connection con1
+BEGIN;
+DELETE FROM t2;
+--connection default
+# The following will be blocked by a FOREIGN KEY check on pk=1 in t2.
+--send
+UPDATE t1 SET pk=12;
+--connection con1
+let $wait_condition=
+SELECT count(*) > 0 FROM INFORMATION_SCHEMA.PROCESSLIST WHERE state='Updating';
+--source include/wait_condition.inc
+COMMIT;
+--disconnect con1
+--connection default
+--reap
+UPDATE t1 SET pk=1;
+SELECT pk,t=@blob FROM t1;
+DROP TABLE t2, t1;
+
+--echo # End of 10.4 tests
+
 --echo #
 --echo # MDEV-20729 Fix REFERENCES constraint in column definition
 --echo #
@@ -1132,4 +1167,6 @@ DROP TABLE binaries, collections;
 
 --echo # End of 10.6 tests
 
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
 --source include/wait_until_count_sessions.inc
diff --git a/mysql-test/suite/innodb/t/full_crc32_import.test b/mysql-test/suite/innodb/t/full_crc32_import.test
index b79fd954..0eb31f8d 100644
--- a/mysql-test/suite/innodb/t/full_crc32_import.test
+++ b/mysql-test/suite/innodb/t/full_crc32_import.test
@@ -2,6 +2,9 @@
 # This test is slow on buildbot.
 --source include/big_test.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 FLUSH TABLES;
 
 let $MYSQLD_TMPDIR = `SELECT @@tmpdir`;
@@ -222,3 +225,4 @@ SELECT * FROM t1;
 DROP TABLE t1;
 
 SET GLOBAL innodb_compression_algorithm=@save_algo;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/ibuf_not_empty.test b/mysql-test/suite/innodb/t/ibuf_not_empty.test
index 9362f8da..b1f3c270 100644
--- a/mysql-test/suite/innodb/t/ibuf_not_empty.test
+++ b/mysql-test/suite/innodb/t/ibuf_not_empty.test
@@ -74,6 +74,7 @@ EOF
 
 --replace_regex /contains \d+ entries/contains 990 entries/
 check table t1;
+SET GLOBAL innodb_buf_flush_list_now=ON;
 
 --source include/shutdown_mysqld.inc
 
diff --git a/mysql-test/suite/innodb/t/import_update_stats.test b/mysql-test/suite/innodb/t/import_update_stats.test
new file mode 100644
index 00000000..e1b1ae5d
--- /dev/null
+++ b/mysql-test/suite/innodb/t/import_update_stats.test
@@ -0,0 +1,80 @@
+#
+# BUG#20125349 - PERSISTANT STATS IS NOT UPDATED WHEN TTS IS IMPORTED.
+#
+
+--source include/not_embedded.inc
+--source include/have_innodb.inc
+
+let MYSQLD_DATADIR =`SELECT @@datadir`;
+SET @old_innodb_file_per_table = @@innodb_file_per_table;
+
+SET GLOBAL innodb_file_per_table = 1;
+SELECT @@innodb_file_per_table;
+
+CREATE TABLE t1 (
+	col_1 CHAR (255),
+	col_2 VARCHAR (255)
+) ENGINE = InnoDB;
+
+CREATE INDEX idx1 ON t1(col_1);
+CREATE INDEX idx2 ON t1(col_2);
+
+SHOW INDEXES FROM t1;
+
+INSERT INTO t1  VALUES ("col1_00001", "col2_00001"), ("col1_00002", "col2_00002");
+
+SHOW INDEXES FROM t1;
+
+ANALYZE TABLE t1;
+SHOW INDEXES FROM t1;
+
+FLUSH TABLES t1 FOR EXPORT;
+perl;
+do "$ENV{MTR_SUITE_DIR}/../innodb/include/innodb-util.pl";
+ib_backup_tablespaces("test", "t1");
+EOF
+
+UNLOCK TABLES;
+
+DROP TABLE t1;
+
+CREATE TABLE t1 (
+	col_1 CHAR (255),
+	col_2 VARCHAR (255)
+) ENGINE = InnoDB STATS_PERSISTENT=1;
+
+CREATE INDEX idx1 ON t1(col_1);
+CREATE INDEX idx2 ON t1(col_2);
+
+SHOW INDEXES FROM t1;
+
+INSERT INTO t1  VALUES ("col1_00001", "col2_00001");
+
+SHOW INDEXES FROM t1;
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+SHOW INDEXES FROM t1;
+
+ALTER TABLE t1 DISCARD TABLESPACE;
+
+perl;
+do "$ENV{MTR_SUITE_DIR}/../innodb/include/innodb-util.pl";
+ib_discard_tablespaces("test", "t1");
+ib_restore_tablespaces("test", "t1");
+EOF
+
+ALTER TABLE t1 IMPORT TABLESPACE;
+
+SHOW INDEXES FROM t1;
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+SHOW INDEXES FROM t1;
+
+DROP TABLE t1;
+
+SET GLOBAL innodb_file_per_table = @old_innodb_file_per_table;
+
+--remove_files_wildcard $MYSQLTEST_VARDIR/tmp t1*.ibd
+--remove_files_wildcard $MYSQLTEST_VARDIR/tmp t1*.cfg
diff --git a/mysql-test/suite/innodb/t/index_length.test b/mysql-test/suite/innodb/t/index_length.test
new file mode 100644
index 00000000..bf4940d4
--- /dev/null
+++ b/mysql-test/suite/innodb/t/index_length.test
@@ -0,0 +1,23 @@
+--source include/have_innodb.inc
+
+--connect (stop_purge,localhost,root)
+# Prevent the purge of history from acquiring a table handle.
+START TRANSACTION WITH CONSISTENT SNAPSHOT;
+--connection default
+
+CREATE TABLE t1(a INT PRIMARY KEY, b VARCHAR(1024))
+ENGINE=InnoDB STATS_PERSISTENT=1;
+INSERT INTO t1 VALUES (1,REPEAT('b',1024));
+
+SELECT index_length FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+ALTER TABLE t1 ADD INDEX b (b(800));
+SELECT FLOOR(index_length/@@innodb_page_size) FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+ALTER TABLE t1 ADD INDEX ba (b(800),a);
+SELECT FLOOR(index_length/@@innodb_page_size) FROM information_schema.tables
+WHERE table_schema = 'test' AND table_name = 't1';
+disconnect stop_purge;
+DROP TABLE t1;
+
+--echo # End of 10.4 tests
diff --git a/mysql-test/suite/innodb/t/index_merge_threshold.test b/mysql-test/suite/innodb/t/index_merge_threshold.test
index a60ecf51..cb8e117d 100644
--- a/mysql-test/suite/innodb/t/index_merge_threshold.test
+++ b/mysql-test/suite/innodb/t/index_merge_threshold.test
@@ -13,6 +13,9 @@
 --source include/have_innodb_16k.inc
 --source include/have_partition.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 # Check index merge threshold by create index on all datatypes
 
 CREATE TABLE tab(a BIGINT PRIMARY KEY,c1 TINYTEXT,c2 TEXT,c3 MEDIUMTEXT,
@@ -186,3 +189,5 @@ CREATE INDEX index1 ON tab1(b(750)) COMMENT 'MERGE_THRESHOLD=45';
 --source suite/innodb/include/innodb_merge_threshold_secondary.inc
 
 DROP TABLE tab1;
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/innodb-16k.test b/mysql-test/suite/innodb/t/innodb-16k.test
index 8bec6254..fd024047 100644
--- a/mysql-test/suite/innodb/t/innodb-16k.test
+++ b/mysql-test/suite/innodb/t/innodb-16k.test
@@ -3,6 +3,9 @@
 --source include/have_innodb.inc
 --source include/have_innodb_16k.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 call mtr.add_suppression("InnoDB: Cannot add field .* in table");
 let $MYSQLD_DATADIR= `select @@datadir`;
 
@@ -457,6 +460,7 @@ DROP TABLE t1;
 --source include/wait_all_purged.inc
 
 SET GLOBAL innodb_compression_level=@save_level;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
 
 DROP TABLE t1_purge, t2_purge, t3_purge, t4_purge;
 DROP TABLE tlong;
diff --git a/mysql-test/suite/innodb/t/innodb-32k.test b/mysql-test/suite/innodb/t/innodb-32k.test
index 496977c1..a5fd78fd 100644
--- a/mysql-test/suite/innodb/t/innodb-32k.test
+++ b/mysql-test/suite/innodb/t/innodb-32k.test
@@ -3,10 +3,24 @@
 --source include/have_innodb.inc
 --source include/have_innodb_32k.inc
 
+SET GLOBAL innodb_stats_persistent = 0;
 call mtr.add_suppression("Innodb: Cannot add field.*row size is");
 
 let $MYSQLD_DATADIR= `select @@datadir`;
 
+SET SESSION innodb_strict_mode=ON;
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+SET SESSION innodb_strict_mode=OFF;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+SHOW WARNINGS;
+DROP TABLE t1;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+SHOW WARNINGS;
+DROP TABLE t1;
+
 --echo # Test 1) Show the page size from Information Schema
 SELECT variable_value FROM information_schema.global_status
        WHERE LOWER(variable_name) = 'innodb_page_size';
diff --git a/mysql-test/suite/innodb/t/innodb-64k.test b/mysql-test/suite/innodb/t/innodb-64k.test
index 972ba6bb..d89370ff 100644
--- a/mysql-test/suite/innodb/t/innodb-64k.test
+++ b/mysql-test/suite/innodb/t/innodb-64k.test
@@ -8,6 +8,19 @@ call mtr.add_suppression('InnoDB: Cannot add field.*because after adding it, the
 
 let $MYSQLD_DATADIR= `select @@datadir`;
 
+SET SESSION innodb_strict_mode=ON;
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+SET SESSION innodb_strict_mode=OFF;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB ROW_FORMAT=COMPRESSED;
+SHOW WARNINGS;
+DROP TABLE t1;
+CREATE TABLE t1(a int PRIMARY KEY) ENGINE=InnoDB KEY_BLOCK_SIZE=4;
+SHOW WARNINGS;
+DROP TABLE t1;
+
 --echo # Test 1) Show the page size from Information Schema
 SELECT variable_value FROM information_schema.global_status
        WHERE LOWER(variable_name) = 'innodb_page_size';
diff --git a/mysql-test/suite/innodb/t/innodb-ac-non-locking-select.test b/mysql-test/suite/innodb/t/innodb-ac-non-locking-select.test
new file mode 100644
index 00000000..3376367b
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb-ac-non-locking-select.test
@@ -0,0 +1,117 @@
+# DEBUG_SYNC must be compiled in.
+--source include/have_debug_sync.inc
+--source include/have_debug.inc
+--source include/have_innodb.inc
+
+CREATE TABLE t1 (c1 INT , c2 CHAR(10), PRIMARY KEY (c1)) ENGINE = InnoDB;
+INSERT INTO t1 VALUES(0, "0");
+INSERT INTO t1 VALUES(1, "1");
+INSERT INTO t1 VALUES(2, "2");
+INSERT INTO t1 VALUES(3, "3");
+
+--connect (con1,localhost,root,,)
+--connect (con2,localhost,root,,)
+--connect (con3,localhost,root,,)
+--connect (con4,localhost,root,,)
+--connect (con5,localhost,root,,)
+--connect (con6,localhost,root,,)
+
+connection default;
+# Disable query log to avoid non-deterministic output conflicts
+SET AUTOCOMMIT=0;
+BEGIN;
+# Lock all the records
+SELECT * FROM t1 FOR UPDATE;
+--disable_query_log
+
+connection con1;
+SET AUTOCOMMIT=1;
+# Test if locking autocommit selects end up in the trx_sys_t::trx_list.
+# We check this via the INFORMATION_SCHEMA.INNODB_TRX.
+# This should block and show up in the I_S.
+SET DEBUG_SYNC='lock_wait_start SIGNAL waiting1';
+--send
+SELECT COUNT(*) FROM t1 LOCK IN SHARE MODE;
+
+connection con2;
+SET AUTOCOMMIT=1;
+# Test if non-locking autocommit selects end up in the trx_sys_t::trx_list.
+# We check this via the INFORMATION_SCHEMA.INNODB_TRX.
+# This should not block and should not show up in the I_S.
+--send
+SELECT COUNT(*) FROM t1;
+
+connection con3;
+SET AUTOCOMMIT=1;
+# Note: autocommit non-locking selects are not converted to locking selects
+# Therefore this should not block;
+SET SESSION TRANSACTION ISOLATION LEVEL SERIALIZABLE;
+--send
+SELECT COUNT(*) FROM t1;
+
+connection con4;
+SET AUTOCOMMIT=0;
+# Note: Non-locking selects are converted to locking selects
+# therefore this should block;
+SET SESSION TRANSACTION ISOLATION LEVEL SERIALIZABLE;
+SET DEBUG_SYNC='now WAIT_FOR waiting1';
+SET DEBUG_SYNC='lock_wait_start SIGNAL waiting4';
+--send
+SELECT COUNT(*) FROM t1 WHERE c1 >= 0;
+
+connection con5;
+SET AUTOCOMMIT=1;
+# This should not block
+BEGIN;
+--send
+SELECT COUNT(*) FROM t1;
+
+connection con6;
+SET AUTOCOMMIT=1;
+# This will ignore the auto-commit setting but wont block because it is
+# a non-locking select.
+XA START '1';
+--enable_query_log
+SELECT * FROM t1 WHERE c1 <= 3;
+
+connection default;
+# Wait for SELECTs to get into the lock wait queue
+SET DEBUG_SYNC='now WAIT_FOR waiting4';
+SET DEBUG_SYNC= 'RESET';
+
+# Check the number of non-locking transactions
+let $wait_condition =
+ SELECT COUNT(*) = 5
+ FROM INFORMATION_SCHEMA.INNODB_TRX
+ WHERE trx_autocommit_non_locking = 0;
+--source include/wait_condition.inc
+
+# Check the waiting transactions
+SELECT trx_state, trx_query, trx_autocommit_non_locking
+FROM INFORMATION_SCHEMA.INNODB_TRX
+WHERE trx_state = 'LOCK WAIT'
+ORDER BY trx_query;
+
+INSERT INTO t1 VALUES(4, '4');
+COMMIT;
+
+connection con6;
+SELECT * FROM t1 WHERE c1 <= 4;
+XA END '1';
+XA PREPARE '1';
+XA ROLLBACK '1';
+disconnect con6;
+disconnect con2;
+disconnect con3;
+disconnect con5;
+
+connection con1;
+reap;
+disconnect con1;
+
+connection con4;
+reap;
+disconnect con4;
+
+connection default;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/t/innodb-alter-tempfile.test b/mysql-test/suite/innodb/t/innodb-alter-tempfile.test
index 0ae116f5..2534f03d 100644
--- a/mysql-test/suite/innodb/t/innodb-alter-tempfile.test
+++ b/mysql-test/suite/innodb/t/innodb-alter-tempfile.test
@@ -65,8 +65,11 @@ set DEBUG_SYNC="now WAIT_FOR default_signal";
 --let $shutdown_timeout=0
 --source include/restart_mysqld.inc
 disconnect con1;
---replace_column 7 #
+# This may occasionally display records for a corrupted index(f2).
+# The original bug was about a crash during the execution of SHOW KEYS.
+--disable_result_log
 SHOW KEYS FROM t1;
+--enable_result_log
 DROP TABLE t1;
 remove_files_wildcard $datadir/test #sql-*.frm;
 
diff --git a/mysql-test/suite/innodb/t/innodb-alter.test b/mysql-test/suite/innodb/t/innodb-alter.test
index 78550763..5b121c70 100644
--- a/mysql-test/suite/innodb/t/innodb-alter.test
+++ b/mysql-test/suite/innodb/t/innodb-alter.test
@@ -701,6 +701,32 @@ ALTER TABLE t1 ADD COLUMN b DATETIME NOT NULL, LOCK=NONE;
 SET @@SQL_MODE= @OLD_SQL_MODE;
 DROP TABLE t1;
 
+--echo #
+--echo # Bug#20977779 CANNOT IMPORT TABLES CONTAINING PREFIX INDEXES
+--echo #
+
+CREATE TABLE t1 (c1 VARCHAR(32), c2 VARCHAR(32), c3 VARCHAR(32),
+PRIMARY KEY (c1, c2, c3))
+ENGINE=InnoDB;
+
+ALTER TABLE t1 ADD INDEX ind1(c1(5), c2, c3);
+ALTER TABLE t1 ADD INDEX ind2(c3, c1(10), c2);
+ALTER TABLE t1 ADD INDEX ind3(c2, c3, c1(20));
+
+INSERT INTO t1 VALUES ('Test Data -1', 'Test Data -2', 'Test Data -3');
+
+let $source_db = test;
+let $dest_db = test;
+
+--echo # Test with 2ndary index having prefix
+--source suite/innodb/include/import.inc
+
+--echo # Test with PK & 2ndary index with prefix
+ALTER TABLE t1 DROP PRIMARY KEY, ADD PRIMARY KEY(c1(5), c2(10), c3(20));
+--source suite/innodb/include/import.inc
+
+DROP TABLE t1;
+
 #
 # End of 10.2 tests
 #
diff --git a/mysql-test/suite/innodb/t/innodb-index-online-fk.test b/mysql-test/suite/innodb/t/innodb-index-online-fk.test
index 5423516c..64cea29e 100644
--- a/mysql-test/suite/innodb/t/innodb-index-online-fk.test
+++ b/mysql-test/suite/innodb/t/innodb-index-online-fk.test
@@ -482,3 +482,48 @@ SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN_COLS;
 DROP TABLE t2;
 
 DROP TABLE t3;
+
+--echo # Bug #17449901	 TABLE DISAPPEARS WHEN ALTERING
+--echo # WITH FOREIGN KEY CHECKS OFF
+
+# Drop index via inplace algorithm
+create table t1(f1 int,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int,key t(f2,f3),foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks=0;
+drop index t on t2;
+drop table t2;
+drop table t1;
+
+# Drop index using alter statement via inplace
+create table t1(f1 int ,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int, key t(f2),foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks = 0;
+alter table t2 drop key t,algorithm=inplace;
+show create table t2;
+drop table t2;
+drop table t1;
+
+create table t1(f1 int ,primary key(f1))engine=innodb;
+create table t2(f2 int,f3 int, key t(f2),key t1(f2,f3),
+foreign key(f2) references t1(f1))engine=innodb;
+SET foreign_key_checks = 0;
+alter table t2 drop key t,algorithm=inplace;
+show create table t2;
+drop table t2;
+drop table t1;
+
+--echo #
+--echo #  MDEV-29092  FOREIGN_KEY_CHECKS does not prevent non-copy
+--echo #               alter from creating invalid FK structures
+--echo #
+CREATE TABLE t1(f1 INT, KEY(f1),
+                FOREIGN KEY(f1) references t1(f1))ENGINE=InnoDB;
+SHOW CREATE TABLE t1;
+DROP TABLE t1;
+
+CREATE TABLE t1(f1 INT, KEY(f1),
+                FOREIGN KEY(f1) REFERENCES t1(f1))ENGINE=InnoDB;
+SHOW CREATE TABLE t1;
+ALTER TABLE t1 DROP KEY f1;
+SHOW CREATE TABLE t1;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/t/innodb-index-online.test b/mysql-test/suite/innodb/t/innodb-index-online.test
index f8eb8957..96ee3149 100644
--- a/mysql-test/suite/innodb/t/innodb-index-online.test
+++ b/mysql-test/suite/innodb/t/innodb-index-online.test
@@ -4,6 +4,10 @@
 --source include/have_debug_sync.inc
 --source include/no_valgrind_without_big.inc
 
+SET GLOBAL innodb_monitor_reset_all=all;
+--disable_warnings
+SET GLOBAL innodb_monitor_reset_all=default;
+--enable_warnings
 let $innodb_metrics_select=
 SELECT name, count FROM INFORMATION_SCHEMA.INNODB_METRICS WHERE subsystem = 'ddl';
 
@@ -158,6 +162,7 @@ let $ID= `SELECT @id := CONNECTION_ID()`;
 --error ER_QUERY_INTERRUPTED
 KILL QUERY @id;
 
+SET GLOBAL innodb_max_purge_lag_wait=0;
 SET DEBUG_SYNC = 'row_log_apply_before SIGNAL c2d_created WAIT_FOR kill_done';
 --send
 CREATE INDEX c2d ON t1(c2);
@@ -209,13 +214,13 @@ SHOW CREATE TABLE t1;
 
 connection default;
 SET @merge_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 connection con1;
 
@@ -254,13 +259,13 @@ INNER JOIN INFORMATION_SCHEMA.INNODB_SYS_FIELDS sf
 ON si.index_id = sf.index_id WHERE si.name = '?c2e';
 
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 
 SELECT
@@ -297,16 +302,16 @@ ALTER TABLE t1 COMMENT 'testing if c2e will be dropped';
 eval $innodb_metrics_select;
 
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 
 connection con1;
@@ -343,16 +348,16 @@ eval $innodb_metrics_select;
 connection default;
 
 SET @merge_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 
 SELECT
diff --git a/mysql-test/suite/innodb/t/innodb-lock-inherit-read_commited.test b/mysql-test/suite/innodb/t/innodb-lock-inherit-read_commited.test
new file mode 100644
index 00000000..31bf8a73
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb-lock-inherit-read_commited.test
@@ -0,0 +1,110 @@
+--echo #
+--echo # Bug #21025880	DUPLICATE UK VALUES IN READ-COMMITTED(AGAIN)
+--echo #
+
+--source include/have_innodb.inc
+--source include/have_debug.inc
+--source include/have_debug_sync.inc
+
+let $i=0;
+
+while ($i <=1 )
+{
+
+CREATE TABLE t1 (
+       a INT NOT NULL,
+       b INT NOT NULL,
+       PRIMARY KEY(b),
+       UNIQUE KEY(a))
+ENGINE=INNODB;
+
+SET @old_innodb_stats_auto_recalc = @@innodb_stats_auto_recalc;
+SET GLOBAL innodb_stats_auto_recalc = OFF;
+
+# Block purge
+connect  purge_control,localhost,root;
+START TRANSACTION WITH CONSISTENT SNAPSHOT;
+connection default;
+
+SET @old_tx_isolation = @@tx_isolation;
+SET GLOBAL tx_isolation = 'READ-COMMITTED';
+
+SET @old_innodb_lock_wait_timeout = @@innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout = 1;
+
+--connect(con1,localhost,root,,)
+
+# Create and delete-mark an index record
+
+INSERT INTO t1 VALUES (1,1),(2,2);
+DELETE FROM t1;
+
+SET debug_sync = 'row_ins_sec_index_entry_dup_locks_created SIGNAL
+con1_locks_done WAIT_FOR con1_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock SIGNAL
+con1_insert_done WAIT_FOR con1_finish';
+--send
+
+if ($i == 0)
+{
+REPLACE INTO t1 VALUES (1,2);
+}
+
+if ( $i == 1)
+{
+INSERT INTO t1 values (1,2) ON DUPLICATE KEY UPDATE a=2;
+}
+--connect(con2,localhost,root,,)
+
+SET debug_sync = 'now WAIT_FOR con1_locks_done';
+
+SET debug_sync = 'lock_wait_start SIGNAL con2_blocked
+WAIT_FOR con2_go';
+SET debug_sync = 'ha_commit_trans_after_acquire_commit_lock
+WAIT_FOR con2_finish';
+SET debug_sync = 'ib_after_row_insert SIGNAL con2_insert_done';
+
+--send
+REPLACE INTO t1 VALUES (1,3);
+
+--connection default
+SET debug_sync = 'now WAIT_FOR con2_blocked';
+
+connection purge_control;
+COMMIT;
+disconnect purge_control;
+connection default;
+
+# Wait for purge to delete the delete-marked record
+--source ../../innodb/include/wait_all_purged.inc
+
+SET debug_sync = 'now SIGNAL con2_go WAIT_FOR con2_insert_done';
+SET debug_sync = 'now SIGNAL con1_go WAIT_FOR con1_insert_done';
+
+SET debug_sync = 'now SIGNAL con1_finish';
+
+--connection con1
+--reap
+--disconnect con1
+--connection default
+SET debug_sync = 'now SIGNAL con2_finish';
+
+--connection con2
+--error 0,ER_LOCK_WAIT_TIMEOUT
+--reap
+--disconnect con2
+
+--connection default
+SET DEBUG_SYNC= 'RESET';
+
+SELECT * FROM t1;
+CHECK TABLE t1;
+
+DROP TABLE t1;
+
+SET GLOBAL innodb_stats_auto_recalc = @old_innodb_stats_auto_recalc;
+SET GLOBAL tx_isolation = @old_tx_isolation;
+SET GLOBAL innodb_lock_wait_timeout = @old_innodb_lock_wait_timeout;
+
+--inc $i
+}
diff --git a/mysql-test/suite/innodb/t/innodb-read-view.test b/mysql-test/suite/innodb/t/innodb-read-view.test
index 425cbeb0..21c79cf6 100644
--- a/mysql-test/suite/innodb/t/innodb-read-view.test
+++ b/mysql-test/suite/innodb/t/innodb-read-view.test
@@ -1,7 +1,6 @@
 # DEBUG_SYNC must be compiled in.
 --source include/have_debug_sync.inc
 --source include/have_debug.inc
-
 # We need to test the use case:
 #    a. Create a transaction T1 that will be promoted to RW.
 #    b. Create a transaction T2 that will be promoted to RW.
@@ -27,22 +26,16 @@ INSERT INTO t2 VALUES(2, "c");
 INSERT INTO t2 VALUES(3, "d");
 
 --connect (con1,localhost,root,,)
---connect (con2,localhost,root,,)
-
-connection con1;
---echo 'T1'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t2;
 
 connection default;
---echo 'T2'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t1;
 
-connection con2;
---echo 'T3'
+--connect (con2,localhost,root,,)
 SET AUTOCOMMIT=0;
 SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;
 BEGIN;
@@ -50,48 +43,36 @@ SELECT * FROM t1;
 SELECT * FROM t2;
 
 connection con1;
---echo 'T1'
 UPDATE t2 SET c1 = c1 + 100;
 SELECT * FROM t2;
 COMMIT;
 
 connection default;
---echo 'T2'
 UPDATE t1 SET c1 = c1 + 100;
 SELECT * FROM t1;
 COMMIT;
 
 connection con2;
---echo 'T3'
 SET DEBUG_SYNC='row_search_for_mysql_before_return WAIT_FOR waiting1';
 --send SELECT * FROM t1;
 
 connection default;
---echo 'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
---echo 'Signalled T3'
 
 connection con2;
---echo 'T3'
 reap;
 
 connection con2;
---echo 'T3'
 SET DEBUG_SYNC='row_search_for_mysql_before_return WAIT_FOR waiting1';
 --send SELECT * FROM t2;
 
 connection default;
---echo 'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
---echo 'Signalled T3'
 
 connection con2;
---echo 'T3'
 reap;
 
 connection default;
-disconnect con1;
-disconnect con2;
 
 # We need to test the use case:
 #    a. Create a transaction T1 that will be promoted to RW.
@@ -105,17 +86,12 @@ disconnect con2;
 #    i. T3 Does a select - it should not see the changes made by T1 but should
 #       see the changes by T2
 
---connect (con1,localhost,root,,)
---connect (con2,localhost,root,,)
-
 connection con1;
---echo 'T1'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t1;
 
 connection default;
---echo 'T2'
 SET AUTOCOMMIT=0;
 BEGIN;
 SELECT * FROM t2;
@@ -124,7 +100,6 @@ SELECT * FROM t2;
 COMMIT;
 
 connection con2;
---echo 'T3'
 SET AUTOCOMMIT=0;
 SET SESSION TRANSACTION ISOLATION LEVEL REPEATABLE READ;
 BEGIN;
@@ -132,42 +107,30 @@ SELECT * FROM t1;
 SELECT * FROM t2;
 
 connection con1;
---echo 'T1'
 UPDATE t1 SET c1 = c1 + 100;
 SELECT * FROM t1;
 COMMIT;
 
 connection con2;
---echo 'T3'
 SET DEBUG_SYNC='row_select_wait WAIT_FOR waiting1';
 --send SELECT * FROM t1;
 
 connection con1;
---echo 'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
---echo 'Signalled T3'
 
 connection con2;
---echo 'T3'
 reap;
-
-connection con2;
---echo 'T3'
 SET DEBUG_SYNC='row_select_wait WAIT_FOR waiting1';
 --send SELECT * FROM t2;
 
 connection default;
---echo 'T2'
 SET DEBUG_SYNC='now SIGNAL waiting1';
---echo 'Signalled T3'
 
 connection con2;
---echo 'T3'
 reap;
+disconnect con2;
 
 connection default;
-disconnect con1;
-disconnect con2;
 
 DROP TABLE t1;
 DROP TABLE t2;
@@ -176,8 +139,7 @@ DROP TABLE t2;
 --echo # Bug 21433768: NON-REPEATABLE READ WITH REPEATABLE READ ISOLATION
 --echo #
 
---connect (con1,localhost,root,,)
-
+connection con1;
 CREATE TABLE t1(col1 INT PRIMARY KEY, col2 INT) ENGINE = InnoDB;
 INSERT INTO t1 values (1, 0), (2, 0);
 SELECT * FROM t1 ORDER BY col1;
@@ -200,9 +162,7 @@ reap;
 disconnect con1;
 
 connection default;
-
+SET DEBUG_SYNC= 'RESET';
 DROP TABLE t1;
 
-# Clean up resources used in this test case.
-SET DEBUG_SYNC= 'RESET';
 --source include/wait_until_count_sessions.inc
diff --git a/mysql-test/suite/innodb/t/innodb-system-table-view.test b/mysql-test/suite/innodb/t/innodb-system-table-view.test
index 659c42f0..663b76a1 100644
--- a/mysql-test/suite/innodb/t/innodb-system-table-view.test
+++ b/mysql-test/suite/innodb/t/innodb-system-table-view.test
@@ -4,6 +4,9 @@
 
 --source include/innodb_page_size_small.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 LET $MYSQLD_DATADIR = `select @@datadir`;
 LET $INNODB_PAGE_SIZE = `select @@innodb_page_size`;
 
@@ -144,3 +147,5 @@ DROP TABLE parent;
 --echo #		temporary tablespace information
 --echo #
 SELECT SPACE FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESPACES WHERE name like 'innodb_temporary';
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/innodb-table-online.test b/mysql-test/suite/innodb/t/innodb-table-online.test
index ec4f4ef1..0612866a 100644
--- a/mysql-test/suite/innodb/t/innodb-table-online.test
+++ b/mysql-test/suite/innodb/t/innodb-table-online.test
@@ -4,6 +4,10 @@
 --source include/have_debug_sync.inc
 --source include/have_sequence.inc
 
+SET GLOBAL innodb_monitor_reset_all=all;
+--disable_warnings
+SET GLOBAL innodb_monitor_reset_all=default;
+--enable_warnings
 let $innodb_metrics_select=
 SELECT name, count FROM INFORMATION_SCHEMA.INNODB_METRICS WHERE subsystem = 'ddl';
 
@@ -171,13 +175,13 @@ EXPLAIN SELECT COUNT(*) FROM t1 WHERE c2 > 3;
 ANALYZE TABLE t1;
 
 SET @merge_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_0=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 
 connection con1;
@@ -215,13 +219,13 @@ while ($c)
 eval $innodb_metrics_select;
 
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 
 SELECT
@@ -243,16 +247,16 @@ reap;
 eval $innodb_metrics_select;
 
 SET @merge_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_1=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 
 SET GLOBAL innodb_max_purge_lag_wait=0;
@@ -287,16 +291,16 @@ SELECT COUNT(c22f) FROM t1;
 CHECK TABLE t1;
 
 SET @merge_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_encrypted');
 SET @merge_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_merge_blocks_decrypted');
 SET @rowlog_encrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_encrypted');
 SET @rowlog_decrypt_2=
-(SELECT variable_value FROM information_schema.global_status
+(SELECT CAST(variable_value AS INTEGER) FROM information_schema.global_status
 WHERE variable_name = 'innodb_encryption_n_rowlog_blocks_decrypted');
 
 SELECT
diff --git a/mysql-test/suite/innodb/t/innodb-truncate.test b/mysql-test/suite/innodb/t/innodb-truncate.test
index 4d39fcae..cbd6139f 100644
--- a/mysql-test/suite/innodb/t/innodb-truncate.test
+++ b/mysql-test/suite/innodb/t/innodb-truncate.test
@@ -85,13 +85,11 @@ SET FOREIGN_KEY_CHECKS= ON;
 CREATE TABLE t2 (f2 INT, FOREIGN KEY(f2) REFERENCES t1 (f2)) ENGINE=InnoDB;
 --error ER_CANT_CREATE_TABLE
 CREATE TABLE t3 (a INT) ENGINE=InnoDB;
---replace_result $datadir ./
---error ER_ERROR_ON_RENAME
 ALTER TABLE t1 RENAME TO t3;
-ALTER TABLE t1 FORCE;
+ALTER TABLE t3 FORCE;
 --error ER_TRUNCATE_ILLEGAL_FK
-TRUNCATE TABLE t1;
-DROP TABLE t2, t1;
+TRUNCATE TABLE t3;
+DROP TABLE t2, t3;
 
 --echo #
 --echo # MDEV-24861 Assertion `trx->rsegs.m_redo.rseg' failed
diff --git a/mysql-test/suite/innodb/t/innodb-wl5522-1.test b/mysql-test/suite/innodb/t/innodb-wl5522-1.test
index dbd58835..9e5d606b 100644
--- a/mysql-test/suite/innodb/t/innodb-wl5522-1.test
+++ b/mysql-test/suite/innodb/t/innodb-wl5522-1.test
@@ -960,6 +960,25 @@ ALTER TABLE t1 IMPORT TABLESPACE;
 DROP TABLE t1;
 --remove_file $MYSQLTEST_VARDIR/tmp/t1.ibd
 
---echo #
 --echo # End of 10.3 tests
+
 --echo #
+--echo # MDEV-29972 crash after "Unsupported meta-data version number"
+--echo #
+
+call mtr.add_suppression("Index for table 't2' is corrupt");
+
+CREATE TABLE t2 (i INT PRIMARY KEY) ENGINE=InnoDB;
+ALTER TABLE t2 DISCARD TABLESPACE;
+--copy_file std_data/mysql80/t2.cfg $MYSQLD_DATADIR/test/t2.cfg
+--copy_file std_data/mysql80/t2.ibd $MYSQLD_DATADIR/test/t2.ibd
+--error ER_NOT_SUPPORTED_YET
+ALTER TABLE t2 IMPORT TABLESPACE;
+--remove_file $MYSQLD_DATADIR/test/t2.cfg
+--error ER_NOT_KEYFILE
+ALTER TABLE t2 IMPORT TABLESPACE;
+--error ER_TABLESPACE_DISCARDED
+SELECT * FROM t2;
+DROP TABLE t2;
+
+--echo # End of 10.4 tests
diff --git a/mysql-test/suite/innodb/t/innodb_buffer_pool_dump_pct.test b/mysql-test/suite/innodb/t/innodb_buffer_pool_dump_pct.test
index 38109116..b393ca70 100644
--- a/mysql-test/suite/innodb/t/innodb_buffer_pool_dump_pct.test
+++ b/mysql-test/suite/innodb/t/innodb_buffer_pool_dump_pct.test
@@ -35,49 +35,44 @@ SET GLOBAL innodb_buffer_pool_dump_pct=100;
 # - The granularity of the timestamp is one second.
 # - There could have been some dump caused by some previous test
 #   just a few milliseconds before.
-# In order to avoid conflict with previous tests, read the current value
-# of INNODB_BUFFER_POOL_DUMP_STATUS
-# and confirm that the timestamp is different after the dump
 #***********************************************************
 
-# Read the current value to compare with the new value.
-SELECT variable_value INTO @IBPDS
-FROM information_schema.global_status
-WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS';
-SET GLOBAL innodb_buffer_pool_dump_now=ON;
-
-# Sleep one second in order to ensure that the time stamp is
-# different at next dump
---sleep 1
+--error 0,1
+--remove_file $MYSQLD_DATADIR/ib_buffer_pool
 
+SET GLOBAL innodb_buffer_pool_dump_now=ON;
+perl;
+my $f="$ENV{MYSQLD_DATADIR}/ib_buffer_pool";
+my $count=300;
+until (-e $f)
+{
+  select(undef, undef, undef, .1);
+  die "File $f was not created\n" if (0 > --$count);
+}
+EOF
 let $wait_condition = SELECT count(*) = 1
 FROM information_schema.global_status
 WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS'
-AND variable_value != @IBPDS
 AND variable_value like 'Buffer pool(s) dump completed at%';
 --source include/wait_condition.inc
 
 --move_file $MYSQLD_DATADIR/ib_buffer_pool $MYSQLD_DATADIR/ib_buffer_pool100
 SET GLOBAL innodb_buffer_pool_dump_pct=1;
-SELECT @@global.innodb_buffer_pool_dump_pct;
-
-# Read the current value to compare with the new value.
---disable_warnings
-SELECT variable_value INTO @IBPDS
-FROM information_schema.global_status
-WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS';
---enable_warnings
-
 SET GLOBAL innodb_buffer_pool_dump_now=ON;
 
-# Sleep one second in order to ensure that the time stamp is
-# different at next dump
---sleep 1
+perl;
+my $f="$ENV{MYSQLD_DATADIR}/ib_buffer_pool";
+my $count=300;
+until (-e $f)
+{
+  select(undef, undef, undef, .1);
+  die "File $f was not created\n" if (0 > --$count);
+}
+EOF
 
 let $wait_condition = SELECT count(*) = 1
 FROM information_schema.global_status
 WHERE variable_name = 'INNODB_BUFFER_POOL_DUMP_STATUS'
-AND variable_value != @IBPDS
 AND variable_value like 'Buffer pool(s) dump completed at%';
 --source include/wait_condition.inc
 
diff --git a/mysql-test/suite/innodb/t/innodb_bug12902967.test b/mysql-test/suite/innodb/t/innodb_bug12902967.test
deleted file mode 100644
index 5bd32cdf..00000000
--- a/mysql-test/suite/innodb/t/innodb_bug12902967.test
+++ /dev/null
@@ -1,25 +0,0 @@
-# Bug 12902967: Creating self referencing fk on same index unhandled,
-# confusing error
-#
-# Creating a self referencing foreign key on the same
-# column/index is an unhandled exception, it should throw a sensible
-# error but instead implies that your data dictionary may now be out
-# of sync:
-
---source include/have_innodb.inc
---source include/not_embedded.inc
-
-call mtr.add_suppression("In ALTER TABLE .* has or is referenced in foreign key constraints which are not compatible with the new table definition.");
-
-let error_log= $MYSQLTEST_VARDIR/log/mysqld.1.err;
---source include/restart_mysqld.inc
-
-create table t1 (f1 integer primary key) engine innodb;
-
-# The below statement should produce error message in error log.
-# This error message should mention problem with foreign keys
-# rather than with data dictionary.
---replace_regex /'\.\/test\/#sql-alter-[0-9a-f_\-]*'/'#sql-alter'/
---error ER_ERROR_ON_RENAME
-alter table t1 add constraint c1 foreign key (f1) references t1(f1);
-drop table t1;
diff --git a/mysql-test/suite/innodb/t/innodb_force_recovery.test b/mysql-test/suite/innodb/t/innodb_force_recovery.test
index 2368af76..30364c06 100644
--- a/mysql-test/suite/innodb/t/innodb_force_recovery.test
+++ b/mysql-test/suite/innodb/t/innodb_force_recovery.test
@@ -21,8 +21,18 @@ SET GLOBAL innodb_fast_shutdown = 0;
 --source include/restart_mysqld.inc
 let $status=`SHOW ENGINE INNODB STATUS`;
 
+SELECT CAST(variable_value AS INTEGER) INTO @read1
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='innodb_buffer_pool_read_requests';
+
 select * from t1;
 
+SELECT CAST(variable_value AS INTEGER) INTO @read2
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='innodb_buffer_pool_read_requests';
+
+SELECT @read1>0, @read2>@read1;
+
 begin;
 insert into t1 values(2, 3);
 rollback;
diff --git a/mysql-test/suite/innodb/t/innodb_i_s_innodb_locks.test b/mysql-test/suite/innodb/t/innodb_i_s_innodb_locks.test
new file mode 100644
index 00000000..e6e46dbf
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_i_s_innodb_locks.test
@@ -0,0 +1,169 @@
+#
+# Test that user data is correctly "visualized" in
+# INFORMATION_SCHEMA.innodb_locks.lock_data
+#
+
+-- source include/have_innodb.inc
+
+SET @save_timeout=@@GLOBAL.innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout=100000000;
+
+let $table_def =
+(
+	c01 TINYINT,
+	c02 TINYINT UNSIGNED,
+	c03 SMALLINT,
+	c04 SMALLINT UNSIGNED,
+	c05 MEDIUMINT,
+	c06 MEDIUMINT UNSIGNED,
+	c07 INT,
+	c08 INT UNSIGNED,
+	c09 BIGINT,
+	c10 BIGINT UNSIGNED,
+	PRIMARY KEY(c01, c02, c03, c04, c05, c06, c07, c08, c09, c10)
+) ENGINE=INNODB;
+
+-- eval CREATE TABLE t_min $table_def;
+INSERT INTO t_min VALUES
+(-128, 0,
+ -32768, 0,
+ -8388608, 0,
+ -2147483648, 0,
+ -9223372036854775808, 0);
+
+-- eval CREATE TABLE t_max $table_def;
+INSERT INTO t_max VALUES
+(127, 255,
+ 32767, 65535,
+ 8388607, 16777215,
+ 2147483647, 4294967295,
+ 9223372036854775807, 18446744073709551615);
+
+CREATE TABLE ```t'\"_str` (
+	c1 VARCHAR(32),
+	c2 VARCHAR(32),
+	c3 VARCHAR(32),
+	c4 VARCHAR(32),
+	c5 VARCHAR(32),
+	c6 VARCHAR(32),
+	c7 VARCHAR(32),
+	PRIMARY KEY(c1, c2, c3, c4, c5, c6, c7)
+) ENGINE=INNODB;
+INSERT INTO ```t'\"_str` VALUES
+('1', 'abc', '''abc', 'abc''', 'a''bc', 'a''bc''', '''abc''''');
+INSERT INTO ```t'\"_str` VALUES
+('2', 'abc', '"abc', 'abc"', 'a"bc', 'a"bc"', '"abc""');
+INSERT INTO ```t'\"_str` VALUES
+('3', 'abc', '\\abc', 'abc\\', 'a\\bc', 'a\\bc\\', '\\abc\\\\');
+INSERT INTO ```t'\"_str` VALUES
+('4', 'abc', 0x00616263, 0x61626300, 0x61006263, 0x6100626300, 0x610062630000);
+
+-- source include/count_sessions.inc
+
+-- connect (con_lock,localhost,root,,)
+-- connect (con_min_trylock,localhost,root,,)
+-- connect (con_max_trylock,localhost,root,,)
+-- connect (con_str_insert_supremum,localhost,root,,)
+-- connect (con_str_lock_row1,localhost,root,,)
+-- connect (con_str_lock_row2,localhost,root,,)
+-- connect (con_str_lock_row3,localhost,root,,)
+-- connect (con_str_lock_row4,localhost,root,,)
+-- connect (con_verify_innodb_locks,localhost,root,,)
+
+-- connection con_lock
+SET autocommit=0;
+SELECT * FROM t_min FOR UPDATE;
+SELECT * FROM t_max FOR UPDATE;
+SELECT * FROM ```t'\"_str` FOR UPDATE;
+
+-- connection con_min_trylock
+-- send
+SELECT * FROM t_min FOR UPDATE;
+
+-- connection con_max_trylock
+-- send
+SELECT * FROM t_max FOR UPDATE;
+
+-- connection con_str_insert_supremum
+-- send
+INSERT INTO ```t'\"_str` VALUES
+('z', 'z', 'z', 'z', 'z', 'z', 'z');
+
+-- connection con_str_lock_row1
+-- send
+SELECT * FROM ```t'\"_str` WHERE c1 = '1' FOR UPDATE;
+
+-- connection con_str_lock_row2
+-- send
+SELECT * FROM ```t'\"_str` WHERE c1 = '2' FOR UPDATE;
+
+-- connection con_str_lock_row3
+-- send
+SELECT * FROM ```t'\"_str` WHERE c1 = '3' FOR UPDATE;
+
+-- connection con_str_lock_row4
+-- send
+SELECT * FROM ```t'\"_str` WHERE c1 = '4' FOR UPDATE;
+
+-- connection con_verify_innodb_locks
+# Wait for the above queries to execute before continuing.
+# Without this, it sometimes happens that the SELECT from innodb_locks
+# executes before some of them, resulting in less than expected number
+# of rows being selected from innodb_locks. If there is a bug and there
+# are no 14 rows in innodb_locks then this test will fail with timeout.
+# Notice that if we query INNODB_LOCKS more often than once per 0.1 sec
+# then its contents will never change because the cache from which it is
+# filled is updated only if it has not been read for 0.1 seconds. See
+# CACHE_MIN_IDLE_TIME_US in trx/trx0i_s.c.
+let $cnt=10;
+while ($cnt)
+{
+    let $success=`SELECT COUNT(*) = 14 FROM INFORMATION_SCHEMA.INNODB_LOCKS`;
+    if ($success)
+    {
+        let $cnt=0;
+    }
+    if (!$success)
+    {
+        real_sleep 0.2;
+        dec $cnt;
+    }
+}
+if (!$success)
+{
+    -- echo Timeout waiting for rows in INNODB_LOCKS to appear
+}
+
+SELECT lock_mode, lock_type, lock_table, lock_index, lock_rec, lock_data
+FROM INFORMATION_SCHEMA.INNODB_LOCKS ORDER BY lock_data;
+
+SELECT lock_table, COUNT(*) FROM INFORMATION_SCHEMA.INNODB_LOCKS
+GROUP BY lock_table;
+
+set @save_sql_mode = @@sql_mode;
+SET SQL_MODE='ANSI_QUOTES';
+SELECT lock_table, COUNT(*) FROM INFORMATION_SCHEMA.INNODB_LOCKS
+GROUP BY lock_table;
+SET @@sql_mode=@save_sql_mode;
+
+# Release all the locks;
+-- connection con_lock
+COMMIT;
+
+-- connection default
+
+-- disconnect con_lock
+-- disconnect con_min_trylock
+-- disconnect con_max_trylock
+-- disconnect con_str_insert_supremum
+-- disconnect con_str_lock_row1
+-- disconnect con_str_lock_row2
+-- disconnect con_str_lock_row3
+-- disconnect con_str_lock_row4
+-- disconnect con_verify_innodb_locks
+
+DROP TABLE t_min, t_max, ```t'\"_str`;
+
+-- source include/wait_until_count_sessions.inc
+
+SET GLOBAL innodb_lock_wait_timeout=@save_timeout;
diff --git a/mysql-test/suite/innodb/t/innodb_i_s_innodb_trx.test b/mysql-test/suite/innodb/t/innodb_i_s_innodb_trx.test
new file mode 100644
index 00000000..745e1d94
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_i_s_innodb_trx.test
@@ -0,0 +1,95 @@
+--source include/have_innodb.inc
+
+#
+# Test that transaction data is correctly "visualized" in
+# INFORMATION_SCHEMA.INNODB_TRX
+#
+
+SET @save_timeout=@@GLOBAL.innodb_lock_wait_timeout;
+SET GLOBAL innodb_lock_wait_timeout=100000000;
+
+DESCRIBE INFORMATION_SCHEMA.INNODB_TRX;
+
+CREATE TABLE t1 (
+	c01 INT,
+	c02 INT,
+	PRIMARY KEY (c01)
+) ENGINE=INNODB STATS_AUTO_RECALC=0;
+
+INSERT INTO t1 VALUES
+(1,2),(2,4),(3,6),(4,8);
+
+CREATE TABLE t2 (
+	c01 INT,
+	c02 INT,
+	PRIMARY KEY (c01),
+	FOREIGN KEY fk1 (c02) REFERENCES t1 (c01)
+) ENGINE=INNODB STATS_AUTO_RECALC=0;
+
+INSERT INTO t2 VALUES
+(1,1),(2,2),(3,3);
+
+-- source include/count_sessions.inc
+
+-- connect (con_trx,localhost,root,,)
+-- connect (con_verify_innodb_trx,localhost,root,,)
+
+-- connection con_trx
+SET autocommit=0;
+INSERT INTO t1 VALUES (5,10);
+SELECT * FROM t1 FOR UPDATE;
+
+let $wait_timeout= 300;
+let $wait_condition=
+  SELECT COUNT(*) = 1 FROM INFORMATION_SCHEMA.INNODB_TRX;
+-- source include/wait_condition.inc
+
+-- connection con_verify_innodb_trx
+SELECT trx_state, trx_weight, trx_tables_in_use, trx_tables_locked,
+trx_rows_locked, trx_rows_modified, trx_concurrency_tickets,
+trx_isolation_level, trx_unique_checks, trx_foreign_key_checks
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+
+-- connection con_trx
+ROLLBACK;
+SET FOREIGN_KEY_CHECKS = 0;
+SET UNIQUE_CHECKS = 0;
+SET TRANSACTION ISOLATION LEVEL SERIALIZABLE;
+BEGIN;
+INSERT INTO t1 VALUES (6,12);
+
+let $wait_timeout= 300;
+let $wait_condition=
+  SELECT trx_unique_checks = 0 FROM INFORMATION_SCHEMA.INNODB_TRX;
+-- source include/wait_condition.inc
+
+-- connection con_verify_innodb_trx
+SELECT trx_isolation_level, trx_unique_checks, trx_foreign_key_checks
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+
+-- connection con_trx
+ROLLBACK;
+SET FOREIGN_KEY_CHECKS = 1;
+SET UNIQUE_CHECKS = 1;
+BEGIN;
+--error ER_NO_REFERENCED_ROW_2
+INSERT INTO t2 VALUES (4,10);
+
+let $wait_timeout= 300;
+let $wait_condition=
+  SELECT trx_unique_checks  = 1 FROM INFORMATION_SCHEMA.INNODB_TRX;
+-- source include/wait_condition.inc
+-- disconnect con_trx
+
+-- connection con_verify_innodb_trx
+SELECT trx_state, trx_isolation_level, trx_last_foreign_key_error
+FROM INFORMATION_SCHEMA.INNODB_TRX;
+-- disconnect con_verify_innodb_trx
+
+-- connection default
+DROP TABLE t2;
+DROP TABLE t1;
+
+-- source include/wait_until_count_sessions.inc
+
+SET GLOBAL innodb_lock_wait_timeout=@save_timeout;
diff --git a/mysql-test/suite/innodb/t/innodb_information_schema_tables.opt b/mysql-test/suite/innodb/t/innodb_information_schema_tables.opt
index 4edc71b6..101f6eae 100644
--- a/mysql-test/suite/innodb/t/innodb_information_schema_tables.opt
+++ b/mysql-test/suite/innodb/t/innodb_information_schema_tables.opt
@@ -26,3 +26,4 @@
 --loose-innodb_buffer_pool_pages
 --loose-innodb_buffer_pool_pages_index
 --loose-innodb_buffer_pool_pages_blob
+--innodb-open-files=1000000
diff --git a/mysql-test/suite/innodb/t/innodb_information_schema_tables.test b/mysql-test/suite/innodb/t/innodb_information_schema_tables.test
index 15b3bf4f..c62705da 100644
--- a/mysql-test/suite/innodb/t/innodb_information_schema_tables.test
+++ b/mysql-test/suite/innodb/t/innodb_information_schema_tables.test
@@ -1,6 +1,10 @@
 -- source include/have_innodb.inc
 -- source include/not_embedded.inc
 
+let SEARCH_FILE= $MYSQLTEST_VARDIR/log/mysqld.1.err;
+let SEARCH_PATTERN= \[Warning\] InnoDB: innodb_open_files 1000000 should not be greater than the open_files_limit [0-9]+;
+--source include/search_pattern_in_file.inc
+
 #
 # MDEV-7762 InnoDB: Failing assertion: block->page.buf_fix_count > 0 in buf0buf.ic line 730
 #
diff --git a/mysql-test/suite/innodb/t/innodb_prefix_index_restart_server.test b/mysql-test/suite/innodb/t/innodb_prefix_index_restart_server.test
index 1fb7c6d0..fa93e95c 100644
--- a/mysql-test/suite/innodb/t/innodb_prefix_index_restart_server.test
+++ b/mysql-test/suite/innodb/t/innodb_prefix_index_restart_server.test
@@ -93,3 +93,17 @@ SELECT col_1_text = REPEAT("a", 3500) , col_2_text  = REPEAT("o", 3500) FROM
 worklog5743;
 
 DROP TABLE worklog5743;
+
+--echo #
+--echo # MDEV-21245 InnoDB: Using a partial-field key prefix in search
+--echo #
+CREATE TABLE t1 (a VARCHAR(255), KEY k(a)) DEFAULT CHARSET=utf8mb3
+ENGINE=InnoDB;
+INSERT INTO t1 set a='';
+--enable_info
+alter table t1 change a a varchar(3000);
+--disable_info
+SELECT * FROM t1 WHERE a IN ('');
+DROP TABLE t1;
+
+--echo # End of 10.4 tests
diff --git a/mysql-test/suite/innodb/t/innodb_scrub.test b/mysql-test/suite/innodb/t/innodb_scrub.test
index 8fe460da..cf6b92e1 100644
--- a/mysql-test/suite/innodb/t/innodb_scrub.test
+++ b/mysql-test/suite/innodb/t/innodb_scrub.test
@@ -4,7 +4,7 @@
 let $MYSQLD_DATADIR=`select @@datadir`;
 CREATE TABLE t1(f1 int auto_increment primary key,
                 f2 varchar(256),
-                f3 text) engine = innodb;
+                f3 text) engine = innodb stats_persistent=0;
 let $numinserts = 500;
 --disable_query_log
 begin;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.opt b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.opt
new file mode 100644
index 00000000..aa53ff2e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.opt
@@ -0,0 +1 @@
+--innodb-stats-persistent
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.test b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.test
new file mode 100644
index 00000000..e441a795
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc.test
@@ -0,0 +1,48 @@
+#
+# Test the persistent stats auto recalc
+#
+
+-- source include/have_innodb.inc
+# Page numbers printed by this test depend on the page size
+-- source include/have_innodb_16k.inc
+
+-- vertical_results
+
+-- let $check_stats1 = SELECT n_rows, clustered_index_size FROM mysql.innodb_table_stats WHERE table_name = 'autorecalc'
+-- let $check_stats2 = SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc'
+
+CREATE TABLE autorecalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+
+# the CREATE should have inserted zeroed stats
+-- eval $check_stats1
+-- eval $check_stats2
+
+INSERT INTO autorecalc VALUES (1);
+INSERT INTO autorecalc VALUES (2);
+
+# wait for the bg stats thread to update the stats, notice we wait on
+# innodb_index_stats because innodb_table_stats gets updated first and
+# it is possible that (if we wait on innodb_table_stats) the wait cond
+# gets satisfied before innodb_index_stats is updated
+let $wait_condition = SELECT stat_value = 2 FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc' AND index_name = 'PRIMARY' AND stat_name = 'n_diff_pfx01';
+-- source include/wait_condition.inc
+
+# the second INSERT from above should have triggered an auto-recalc
+-- eval $check_stats1
+-- eval $check_stats2
+
+# now DELETE the rows and trigger a second auto-recalc, InnoDB may wait a
+# few seconds before triggering an auto-recalc again (it tries not to be too
+# aggressive)
+
+DELETE FROM autorecalc;
+
+let $wait_timeout = 25;
+let $wait_condition = SELECT stat_value = 0 FROM mysql.innodb_index_stats WHERE table_name = 'autorecalc' AND index_name = 'PRIMARY' AND stat_name = 'n_diff_pfx01';
+-- source include/wait_condition.inc
+
+# the DELETE from above should have triggered an auto-recalc
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE autorecalc;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.opt b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.opt
new file mode 100644
index 00000000..aa53ff2e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.opt
@@ -0,0 +1 @@
+--innodb-stats-persistent
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.test b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.test
new file mode 100644
index 00000000..aeb5b5c2
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_ddl.test
@@ -0,0 +1,49 @@
+#
+# Test the persistent stats auto recalc during DDL
+#
+
+-- source include/have_innodb.inc
+
+-- vertical_results
+
+-- let $check_stats1 = SELECT n_rows FROM mysql.innodb_table_stats WHERE table_name = 'arddl' ORDER BY 1
+-- let $check_stats2 = SELECT index_name, stat_name, stat_value FROM mysql.innodb_index_stats WHERE table_name = 'arddl' AND index_name = 'PRIMARY' ORDER BY 1, 2, 3
+
+# Test ADD INDEX during background stats gathering
+
+CREATE TABLE arddl (a INT, b INT, PRIMARY KEY (a)) ENGINE=INNODB;
+
+INSERT INTO arddl VALUES (1, 10);
+INSERT INTO arddl VALUES (2, 10);
+
+ALTER TABLE arddl ADD INDEX (b);
+
+# wait for the bg stats thread to update the stats, notice we wait on
+# innodb_index_stats because innodb_table_stats gets updated first and
+# it is possible that (if we wait on innodb_table_stats) the wait cond
+# gets satisfied before innodb_index_stats is updated
+let $wait_condition = SELECT stat_value = 2 FROM mysql.innodb_index_stats WHERE table_name = 'arddl' AND index_name = 'PRIMARY' AND stat_name = 'n_diff_pfx01';
+-- source include/wait_condition.inc
+
+# the second INSERT from above should have triggered an auto-recalc
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE arddl;
+
+# Test DROP INDEX during background stats gathering
+
+CREATE TABLE arddl (a INT, b INT, PRIMARY KEY (a), KEY (b)) ENGINE=INNODB;
+
+INSERT INTO arddl VALUES (3, 10);
+INSERT INTO arddl VALUES (4, 10);
+
+ALTER TABLE arddl DROP INDEX b;
+
+let $wait_condition = SELECT stat_value = 2 FROM mysql.innodb_index_stats WHERE table_name = 'arddl' AND index_name = 'PRIMARY' AND stat_name = 'n_diff_pfx01';
+-- source include/wait_condition.inc
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE arddl;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.opt b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.opt
new file mode 100644
index 00000000..aa53ff2e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.opt
@@ -0,0 +1 @@
+--innodb-stats-persistent
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.test b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.test
new file mode 100644
index 00000000..88ca8910
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_lots.test
@@ -0,0 +1,45 @@
+#
+# Test the persistent stats auto recalc on lots of tables
+#
+
+--source include/no_valgrind_without_big.inc
+-- source include/have_innodb.inc
+
+let $check_stats = SELECT table_name, n_rows FROM mysql.innodb_table_stats WHERE table_name LIKE 'ar_%' ORDER BY table_name;
+
+-- disable_query_log
+let $i = 1200;
+while ($i > 1000) {
+	eval CREATE TABLE ar_$i (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+	dec $i;
+}
+-- enable_query_log
+
+# the CREATEs above should have inserted zeroed stats
+-- eval $check_stats
+
+-- disable_query_log
+let $i = 1200;
+while ($i > 1000) {
+	eval INSERT INTO ar_$i VALUES (1), (2);
+	dec $i;
+}
+-- enable_query_log
+
+-- disable_query_log
+let $i = 1200;
+while ($i > 1000) {
+	eval INSERT INTO ar_$i VALUES (3), (4);
+	dec $i;
+}
+-- enable_query_log
+
+# would be too long to wait for stats to become up to date here
+
+-- disable_query_log
+let $i = 1200;
+while ($i > 1000) {
+	eval DROP TABLE ar_$i;
+	dec $i;
+}
+-- enable_query_log
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.opt b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.opt
new file mode 100644
index 00000000..aa53ff2e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.opt
@@ -0,0 +1 @@
+--innodb-stats-persistent
diff --git a/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.test b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.test
new file mode 100644
index 00000000..4cd91007
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_auto_recalc_on_nonexistent.test
@@ -0,0 +1,88 @@
+#
+# Test the persistent stats auto recalc when persistent stats do not exist
+#
+
+-- source include/have_innodb.inc
+
+-- vertical_results
+
+-- let $check_stats1 = SELECT COUNT(*) FROM mysql.innodb_table_stats WHERE table_name = 't'
+-- let $check_stats2 = SELECT COUNT(*) FROM mysql.innodb_index_stats WHERE table_name = 't'
+
+-- echo Test with default setting
+
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+
+# the CREATE should have inserted zeroed stats
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open and close the table
+SELECT * FROM t;
+FLUSH TABLE t;
+
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open the table, causing stats recalc/save
+SELECT * FROM t;
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE t;
+
+-- echo Test with explicit enable
+
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB STATS_AUTO_RECALC=1;
+
+# the CREATE should have inserted zeroed stats
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open and close the table
+SELECT * FROM t;
+FLUSH TABLE t;
+
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open the table, causing stats recalc/save
+SELECT * FROM t;
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE t;
+
+-- echo Test with explicit disable
+
+CREATE TABLE t (a INT, PRIMARY KEY (a)) ENGINE=INNODB STATS_AUTO_RECALC=0;
+
+# the CREATE should have inserted zeroed stats
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open and close the table
+SELECT * FROM t;
+FLUSH TABLE t;
+
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 't';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 't';
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+# open the table, stats should not be present, since autorecalc is disabled
+SELECT * FROM t;
+
+-- eval $check_stats1
+-- eval $check_stats2
+
+DROP TABLE t;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_external_pages.test b/mysql-test/suite/innodb/t/innodb_stats_external_pages.test
new file mode 100644
index 00000000..da0dce9a
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_external_pages.test
@@ -0,0 +1,79 @@
+#
+# Bug#18384390 WRONG STATISTICS WITH BIG ROW LENGTH AND PERSISTENT STATS
+#
+
+--source include/have_innodb.inc
+--source include/have_innodb_max_16k.inc
+--source include/have_sequence.inc
+
+CREATE TABLE bug18384390 (
+	id INT AUTO_INCREMENT PRIMARY KEY,
+	txt VARCHAR(10000)
+) ENGINE=INNODB STATS_PERSISTENT=1 STATS_AUTO_RECALC=0;
+
+let $count=1024;
+eval
+INSERT INTO bug18384390 (txt) SELECT REPEAT('0', 10000) FROM seq_1_to_$count;
+
+set use_stat_tables=never;
+ANALYZE TABLE bug18384390;
+
+-- let $n_rows = `SELECT n_rows FROM mysql.innodb_table_stats WHERE table_name = 'bug18384390'`
+
+-- let $table_rows = `SELECT table_rows FROM information_schema.tables WHERE table_name = 'bug18384390'`
+
+-- let $n_diff = `SELECT stat_value FROM mysql.innodb_index_stats WHERE table_name = 'bug18384390' AND stat_name = 'n_diff_pfx01'`
+
+-- let $cardinality = `SELECT cardinality FROM information_schema.statistics WHERE table_name = 'bug18384390'`
+
+-- let $margin_of_err_pct = 30
+-- let $margin_of_err_rows = `SELECT ROUND($count * $margin_of_err_pct / 100)`
+
+-- let $min_allowed = `SELECT $count - $margin_of_err_rows`
+-- let $max_allowed = `SELECT $count + $margin_of_err_rows`
+
+-- let $dump_sql = SELECT COUNT(*) FROM bug18384390; SELECT * FROM mysql.innodb_table_stats; SELECT * FROM mysql.innodb_index_stats; SELECT * FROM information_schema.tables WHERE table_name = 'bug18384390'; SELECT * FROM information_schema.statistics WHERE table_name = 'bug18384390';
+
+-- vertical_results
+
+if ($n_rows < $min_allowed) {
+	-- echo mysql.innodb_table_stats.n_rows is too small ($n_rows < $min_allowed)
+	-- eval $dump_sql
+}
+
+if ($n_rows > $max_allowed) {
+	-- echo mysql.innodb_table_stats.n_rows is too big ($n_rows > $max_allowed)
+	-- eval $dump_sql
+}
+
+if ($table_rows < $min_allowed) {
+	-- echo information_schema.tables.table_rows is too small ($table_rows < $min_allowed)
+	-- eval $dump_sql
+}
+
+if ($table_rows > $max_allowed) {
+	-- echo information_schema.tables.table_rows is too big ($table_rows > $max_allowed)
+	-- eval $dump_sql
+}
+
+if ($n_diff < $min_allowed) {
+	-- echo mysql.innodb_index_stats.stat_value is too small ($n_diff < $min_allowed)
+	-- eval $dump_sql
+}
+
+if ($n_diff > $max_allowed) {
+	-- echo mysql.innodb_index_stats.stat_value is too big ($n_diff > $max_allowed)
+	-- eval $dump_sql
+}
+
+if ($cardinality < $min_allowed) {
+	-- echo information_schema.statistics.cardinality is too small ($cardinality < $min_allowed)
+	-- eval $dump_sql
+}
+
+if ($cardinality > $max_allowed) {
+	-- echo information_schema.statistics.cardinality is too big ($cardinality > $max_allowed)
+	-- eval $dump_sql
+}
+
+DROP TABLE bug18384390;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_fetch.opt b/mysql-test/suite/innodb/t/innodb_stats_fetch.opt
new file mode 100644
index 00000000..faa681c8
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_fetch.opt
@@ -0,0 +1,7 @@
+--innodb_sys_tables
+--innodb_sys_indexes
+--innodb_sys_virtual
+--innodb_sys_foreign
+--innodb_sys_foreign_cols
+--innodb_sys_tablestats
+--innodb_sys_tablespaces
diff --git a/mysql-test/suite/innodb/t/innodb_stats_fetch.test b/mysql-test/suite/innodb/t/innodb_stats_fetch.test
index 549ad65f..99fc115a 100644
--- a/mysql-test/suite/innodb/t/innodb_stats_fetch.test
+++ b/mysql-test/suite/innodb/t/innodb_stats_fetch.test
@@ -81,3 +81,18 @@ FROM information_schema.tables WHERE table_name = 'test_ps_fetch';
 
 DROP TABLE test_ps_fetch;
 set @@use_stat_tables = @save_use_stat_tables;
+
+--echo #
+--echo # MDEV-28613 LeakSanitizer caused by I_S query using LIMIT ROWS EXAMINED
+--echo #
+CREATE TABLE t1(f1 VARCHAR(255), FULLTEXT(f1))ENGINE=InnoDB;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_INDEXES LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_TABLES LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESTATS LIMIT ROWS EXAMINED 5;
+--disable_result_log
+SELECT SPACE FROM INFORMATION_SCHEMA.INNODB_SYS_TABLESPACES LIMIT ROWS EXAMINED 5;
+--enable_result_log
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_VIRTUAL LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN LIMIT ROWS EXAMINED 5;
+SELECT * FROM INFORMATION_SCHEMA.INNODB_SYS_FOREIGN_COLS LIMIT ROWS EXAMINED 5;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_flag_global.combinations b/mysql-test/suite/innodb/t/innodb_stats_flag_global.combinations
new file mode 100644
index 00000000..561eb72d
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_flag_global.combinations
@@ -0,0 +1,4 @@
+[on]
+--innodb-stats-persistent=1
+[off]
+--innodb-stats-persistent=0
diff --git a/mysql-test/suite/innodb/t/innodb_stats_flag_global.test b/mysql-test/suite/innodb/t/innodb_stats_flag_global.test
new file mode 100644
index 00000000..88f0ed7c
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_flag_global.test
@@ -0,0 +1,91 @@
+-- source include/have_innodb.inc
+-- source include/not_embedded.inc
+
+#
+-- echo =====
+-- echo === Test ANALYZE behavior after default creation
+-- echo =====
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=default;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
+
+#
+-- echo =====
+-- echo === Test ANALYZE behavior after creation with explicit PS=OFF
+-- echo =====
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=0;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
+
+#
+-- echo =====
+-- echo === Test ANALYZE behavior after creation with explicit PS=ON
+-- echo =====
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=1;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
+
+#
+-- echo =====
+-- echo === Test ANALYZE behavior after creation with explicit PS=OFF,
+-- echo === then ALTER to ON, then ALTER to OFF, then ALTER to default
+-- echo =====
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=0;
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=1;
+
+# also check that the change from the ALTER TABLE survives server restart
+-- source include/restart_mysqld.inc
+
+-- source innodb_stats_flag_global_analyze.inc
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=0;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=default;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
+
+#
+-- echo =====
+-- echo === Test ANALYZE behavior after creation with explicit PS=ON,
+-- echo === then ALTER to OFF, then ALTER to ON, then ALTER to default
+-- echo =====
+
+CREATE TABLE test_ps_flag (a INT) ENGINE=INNODB STATS_PERSISTENT=1;
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=0;
+
+# also check that the change from the ALTER TABLE survives server restart
+-- source include/restart_mysqld.inc
+
+-- source innodb_stats_flag_global_analyze.inc
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=1;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+ALTER TABLE test_ps_flag STATS_PERSISTENT=default;
+
+-- source innodb_stats_flag_global_analyze.inc
+
+DROP TABLE test_ps_flag;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_flag_global_analyze.inc b/mysql-test/suite/innodb/t/innodb_stats_flag_global_analyze.inc
new file mode 100644
index 00000000..8a68677e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_flag_global_analyze.inc
@@ -0,0 +1,13 @@
+SHOW CREATE TABLE test_ps_flag;
+
+DELETE FROM mysql.innodb_index_stats WHERE table_name = 'test_ps_flag';
+DELETE FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+
+# must be 0, we have just deleted the rows
+SELECT COUNT(*) AS cnt_before FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE test_ps_flag;
+
+# if the table is PS enabled, then this should be 1 and 0 otherwise
+SELECT COUNT(*) AS cnt_after FROM mysql.innodb_table_stats WHERE table_name = 'test_ps_flag';
diff --git a/mysql-test/suite/innodb/t/innodb_stats_persistent.test b/mysql-test/suite/innodb/t/innodb_stats_persistent.test
index a8a311a6..294f283b 100644
--- a/mysql-test/suite/innodb/t/innodb_stats_persistent.test
+++ b/mysql-test/suite/innodb/t/innodb_stats_persistent.test
@@ -13,6 +13,7 @@ ENGINE=INNODB STATS_PERSISTENT=1,STATS_AUTO_RECALC=1;
 CREATE TABLE t2 LIKE t1;
 
 INSERT INTO t1 (val) SELECT 4 FROM seq_1_to_16;
+SET STATEMENT use_stat_tables=never FOR
 ANALYZE TABLE t1;
 
 connect(con1, localhost, root,,);
@@ -49,7 +50,7 @@ SELECT COUNT(*) FROM t2;
 
 connection con1;
 EXPLAIN SELECT * FROM t2 WHERE val=4;
---source include/wait_all_purged.inc
+SET GLOBAL innodb_max_purge_lag_wait=0;
 --echo # After COMMIT and purge, the DELETE must show up.
 EXPLAIN SELECT * FROM t1 WHERE val=4;
 
@@ -82,3 +83,41 @@ DROP TABLE t1,t2;
 SET GLOBAL innodb_stats_include_delete_marked = @saved_include_delete_marked;
 SET GLOBAL innodb_stats_traditional = @saved_traditional;
 SET GLOBAL innodb_stats_modified_counter = @saved_modified_counter;
+
+#
+# Bug#12429573 TIMESTAMP COLUMN OF INNODB.INDEX_STATS ARE NOT UPDATED
+# WHEN RE-RUNNING ANALYZE
+#
+CREATE TABLE bug12429573 (i INTEGER PRIMARY KEY, j INTEGER, KEY(j))
+ENGINE=INNODB STATS_PERSISTENT=1;
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE bug12429573;
+
+# Cannot check the exact timestamp here because it is always different
+# but at least check that both timestamps in innodb_table_stats and in
+# innodb_index_stats have been updated to the same value. If the bug is
+# present this check will fail.
+
+SELECT last_update INTO @last FROM mysql.innodb_table_stats
+WHERE table_name = 'bug12429573';
+SELECT * FROM mysql.innodb_index_stats
+WHERE table_name = 'bug12429573' AND last_update!=@last;
+
+# The first ANALYZE would insert timestamp e.g. 17:23:39 in both
+# innodb_table_stats and innodb_index_stats. The bug is that the second
+# ANALYZE only updates the timestamp in innodb_table_stats. In order to
+# check if the timestamp in innodb_index_stats has really been updated we
+# need it to be different from the previous one (17:23:39) with at least
+# one second.
+-- sleep 1
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE bug12429573;
+
+SELECT * FROM mysql.innodb_table_stats
+WHERE table_name = 'bug12429573' AND last_update=@last;
+SELECT * FROM mysql.innodb_index_stats
+WHERE table_name = 'bug12429573' AND last_update=@last;
+
+DROP TABLE bug12429573;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_sample_pages.opt b/mysql-test/suite/innodb/t/innodb_stats_sample_pages.opt
new file mode 100644
index 00000000..aa53ff2e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_sample_pages.opt
@@ -0,0 +1 @@
+--innodb-stats-persistent
diff --git a/mysql-test/suite/innodb/t/innodb_stats_sample_pages.test b/mysql-test/suite/innodb/t/innodb_stats_sample_pages.test
new file mode 100644
index 00000000..1aac71a0
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_sample_pages.test
@@ -0,0 +1,53 @@
+#
+# Test that the table option STATS_SAMPLE_PAGES=N|default is indeed
+# used by InnoDB
+#
+
+-- source include/have_innodb.inc
+# Page numbers printed by this test depend on the page size
+-- source include/have_innodb_16k.inc
+
+SET GLOBAL innodb_stats_persistent_sample_pages=17;
+
+CREATE TABLE test_ps_sample_pages_used (
+	a VARCHAR(512), PRIMARY KEY (a)
+) ENGINE=INNODB STATS_SAMPLE_PAGES=default;
+
+# Insert enough records into the table so that it has more than 2*17+1 pages
+# If we ask to scan more than the half of the leaf pages, then the sampling
+# will do full scan and we cannot check whether the sample_pages variable was
+# honored.
+BEGIN;
+-- disable_query_log
+let $i=999;
+while ($i) {
+	eval INSERT INTO test_ps_sample_pages_used VALUES (REPEAT(1000+$i, 128));
+	dec $i;
+}
+-- enable_query_log
+COMMIT;
+
+ANALYZE TABLE test_ps_sample_pages_used;
+
+# confirm the big number of leaf pages in the index
+SELECT stat_name, stat_value FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_leaf_pages';
+
+# confirm that 17 pages were sampled, that is - the global
+# innodb_stats_persistent_sample_pages is used when the table option
+# STATS_SAMPLE_PAGES is set to 'default'.
+SELECT sample_size FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_diff_pfx01';
+
+ALTER TABLE test_ps_sample_pages_used STATS_SAMPLE_PAGES=14;
+
+ANALYZE TABLE test_ps_sample_pages_used;
+
+# confirm that 14 pages were sampled, that is - the table option
+# STATS_SAMPLE_PAGES is used when it is set.
+SELECT sample_size FROM mysql.innodb_index_stats
+WHERE table_name='test_ps_sample_pages_used' AND stat_name='n_diff_pfx01';
+
+DROP TABLE test_ps_sample_pages_used;
+
+SET GLOBAL innodb_stats_persistent_sample_pages=default;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_table_flag_auto_recalc.test b/mysql-test/suite/innodb/t/innodb_stats_table_flag_auto_recalc.test
new file mode 100644
index 00000000..01fe4331
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_table_flag_auto_recalc.test
@@ -0,0 +1,83 @@
+#
+# Test CREATE TABLE ... STATS_AUTO_RECALC=0|1|default
+#
+
+-- source include/no_valgrind_without_big.inc
+-- source include/have_innodb.inc
+-- source include/not_embedded.inc
+
+-- vertical_results
+
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=1;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+DROP TABLE test_ps_auto_recalc;
+
+##
+
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=default;
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+DROP TABLE test_ps_auto_recalc;
+
+##
+
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=0;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=1;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+DROP TABLE test_ps_auto_recalc;
+
+##
+
+CREATE TABLE test_ps_auto_recalc (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_AUTO_RECALC=1;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+ALTER TABLE test_ps_auto_recalc STATS_AUTO_RECALC=0;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_auto_recalc;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_auto_recalc';
+
+DROP TABLE test_ps_auto_recalc;
diff --git a/mysql-test/suite/innodb/t/innodb_stats_table_flag_sample_pages.test b/mysql-test/suite/innodb/t/innodb_stats_table_flag_sample_pages.test
new file mode 100644
index 00000000..a5c3c862
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_stats_table_flag_sample_pages.test
@@ -0,0 +1,103 @@
+#
+# Test CREATE TABLE ... STATS_SAMPLE_PAGES=N|default
+#
+
+-- source include/have_innodb.inc
+# include/restart_mysqld.inc does not work in embedded mode 
+-- source include/not_embedded.inc 
+
+-- vertical_results
+
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB;
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+ALTER TABLE test_ps_sample_pages STATS_SAMPLE_PAGES=12345;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+DROP TABLE test_ps_sample_pages;
+
+##
+
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=default;
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+DROP TABLE test_ps_sample_pages;
+
+##
+
+-- error ER_PARSE_ERROR
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=-5;
+
+-- error ER_PARSE_ERROR
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=0;
+
+-- error ER_PARSE_ERROR
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=67000;
+
+-- error ER_PARSE_ERROR
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=670000;
+
+-- error ER_PARSE_ERROR
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=65536;
+
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=65535;
+
+SHOW CREATE TABLE test_ps_sample_pages;
+
+DROP TABLE test_ps_sample_pages;
+
+##
+
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=1;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+DROP TABLE test_ps_sample_pages;
+
+##
+
+CREATE TABLE test_ps_sample_pages (a INT, PRIMARY KEY (a)) ENGINE=INNODB
+STATS_SAMPLE_PAGES=5678;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+ALTER TABLE test_ps_sample_pages STATS_SAMPLE_PAGES=default;
+
+# confirm that the flag survives server restart
+-- source include/restart_mysqld.inc
+
+SHOW CREATE TABLE test_ps_sample_pages;
+SELECT create_options FROM information_schema.tables
+WHERE table_name='test_ps_sample_pages';
+
+DROP TABLE test_ps_sample_pages;
diff --git a/mysql-test/suite/innodb/t/innodb_ut_format_name.test b/mysql-test/suite/innodb/t/innodb_ut_format_name.test
new file mode 100644
index 00000000..6e4023c7
--- /dev/null
+++ b/mysql-test/suite/innodb/t/innodb_ut_format_name.test
@@ -0,0 +1,17 @@
+#
+# Test ut_format_name()
+#
+
+-- source include/have_debug.inc
+-- source include/have_innodb.inc
+
+CREATE TABLE t (c INT) ENGINE=INNODB;
+
+# This will invoke test_ut_format_name() in debug builds
+
+SET @save_dbug = @@debug_dbug;
+SET debug_dbug = '+d,test_ut_format_name';
+
+DROP TABLE t;
+
+SET debug_dbug = @save_dbug;
diff --git a/mysql-test/suite/innodb/t/instant_alter.test b/mysql-test/suite/innodb/t/instant_alter.test
index 5b6d3f87..d6d7a988 100644
--- a/mysql-test/suite/innodb/t/instant_alter.test
+++ b/mysql-test/suite/innodb/t/instant_alter.test
@@ -3,6 +3,9 @@
 
 let $datadir=`select @@datadir`;
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 --echo #
 --echo # MDEV-11369: Instant ADD COLUMN for InnoDB
 --echo #
@@ -964,3 +967,4 @@ remove_file $datadir/test/mdev28822_100427_innodb.frm;
 copy_file std_data/mysql_upgrade/mdev28822_100427_innodb.frm $datadir/test/mdev28822_100427_innodb.frm;
 ALTER TABLE mdev28822_100427_innodb ADD i1 INTEGER, ALGORITHM=INSTANT;
 DROP TABLE mdev28822_100427_innodb;
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/instant_alter_bugs.test b/mysql-test/suite/innodb/t/instant_alter_bugs.test
index 81d36849..8a4299e5 100644
--- a/mysql-test/suite/innodb/t/instant_alter_bugs.test
+++ b/mysql-test/suite/innodb/t/instant_alter_bugs.test
@@ -1,4 +1,8 @@
 --source include/have_innodb.inc
+--source include/have_sequence.inc
+
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
 
 --echo #
 --echo # MDEV-17821 Assertion `!page_rec_is_supremum(rec)' failed
@@ -526,4 +530,32 @@ CREATE TABLE t1 (i int AS (0) STORED, j INT) ENGINE=InnoDB;
 ALTER TABLE t1 ADD COLUMN i INT GENERATED ALWAYS AS (1), DROP COLUMN i;
 DROP TABLE t1;
 
+--echo #
+--echo # MDEV-18322 Assertion "wrong_page_type" on instant ALTER
+--echo #
+
+DELIMITER $$;
+BEGIN NOT ATOMIC
+  DECLARE c TEXT
+  DEFAULT(SELECT CONCAT('CREATE TABLE t1 (c',
+                        GROUP_CONCAT(seq SEPARATOR ' CHAR(200), c'),
+                        ' CHAR(211)) ENGINE=InnoDB ROW_FORMAT=REDUNDANT')
+          FROM seq_1_to_40);
+  EXECUTE IMMEDIATE c;
+END;
+$$
+DELIMITER ;$$
+INSERT INTO t1 SET c1=NULL;
+--error ER_TOO_BIG_ROWSIZE
+ALTER TABLE t1 ADD c41 INT FIRST;
+--error ER_TOO_BIG_ROWSIZE
+ALTER TABLE t1 ADD c41 INT FIRST;
+CHECK TABLE t1;
+SELECT COUNT(*) FROM t1;
+DROP TABLE t1;
+
 --echo # End of 10.4 tests
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
+--echo # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/t/instant_alter_crash.test b/mysql-test/suite/innodb/t/instant_alter_crash.test
index b687664d..f51f61e3 100644
--- a/mysql-test/suite/innodb/t/instant_alter_crash.test
+++ b/mysql-test/suite/innodb/t/instant_alter_crash.test
@@ -14,7 +14,7 @@ let MYSQLD_DATADIR=`select @@datadir`;
 --echo #
 
 CREATE TABLE t1(id INT PRIMARY KEY, c2 INT UNIQUE)
-ENGINE=InnoDB ROW_FORMAT=REDUNDANT;
+ENGINE=InnoDB STATS_PERSISTENT=0 ROW_FORMAT=REDUNDANT;
 CREATE TABLE t2 LIKE t1;
 INSERT INTO t1 VALUES(0,2);
 INSERT INTO t2 VALUES(2,1);
diff --git a/mysql-test/suite/innodb/t/instant_alter_debug.test b/mysql-test/suite/innodb/t/instant_alter_debug.test
index d9ef7b06..f11d0bd0 100644
--- a/mysql-test/suite/innodb/t/instant_alter_debug.test
+++ b/mysql-test/suite/innodb/t/instant_alter_debug.test
@@ -3,6 +3,9 @@
 --source include/have_debug_sync.inc
 --source include/have_sequence.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 SET @old_instant=
 (SELECT variable_value FROM information_schema.global_status
 WHERE variable_name = 'innodb_instant_alter_column');
@@ -607,3 +610,7 @@ SET DEBUG_SYNC=RESET;
 SELECT variable_value-@old_instant instants
 FROM information_schema.global_status
 WHERE variable_name = 'innodb_instant_alter_column';
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
+--echo # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/t/instant_alter_purge.test b/mysql-test/suite/innodb/t/instant_alter_purge.test
index 445cae4d..5fbd4da8 100644
--- a/mysql-test/suite/innodb/t/instant_alter_purge.test
+++ b/mysql-test/suite/innodb/t/instant_alter_purge.test
@@ -14,7 +14,7 @@ connect (prevent_purge,localhost,root);
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
 
 connection default;
-CREATE TABLE t1 (f1 INT, f2 INT) ENGINE=InnoDB;
+CREATE TABLE t1 (f1 INT, f2 INT) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 () VALUES ();
 ALTER TABLE t1 DROP f2, ADD COLUMN f2 INT;
 ALTER TABLE t1 DROP f1;
diff --git a/mysql-test/suite/innodb/t/instant_alter_rollback.test b/mysql-test/suite/innodb/t/instant_alter_rollback.test
index a4608001..491f6346 100644
--- a/mysql-test/suite/innodb/t/instant_alter_rollback.test
+++ b/mysql-test/suite/innodb/t/instant_alter_rollback.test
@@ -3,6 +3,8 @@
 # The embedded server tests do not support restarting.
 --source include/not_embedded.inc
 
+SET GLOBAL innodb_stats_persistent = 0;
+
 # Flush any open myisam tables from previous tests
 FLUSH TABLES;
 
diff --git a/mysql-test/suite/innodb/t/lock_move_wait_lock_race.test b/mysql-test/suite/innodb/t/lock_move_wait_lock_race.test
index 3a04c712..0f88f8d9 100644
--- a/mysql-test/suite/innodb/t/lock_move_wait_lock_race.test
+++ b/mysql-test/suite/innodb/t/lock_move_wait_lock_race.test
@@ -3,7 +3,8 @@
 --source include/have_debug.inc
 --source include/have_debug_sync.inc
 
-CREATE TABLE t (pk int PRIMARY KEY, c varchar(10)) ENGINE=InnoDB;
+CREATE TABLE t (pk int PRIMARY KEY, c varchar(10))
+STATS_PERSISTENT=0 ENGINE=InnoDB;
 INSERT INTO t VALUES (10, "0123456789");
 
 --connection default
diff --git a/mysql-test/suite/innodb/t/log_file_name.test b/mysql-test/suite/innodb/t/log_file_name.test
index eb616d7f..f88a13db 100644
--- a/mysql-test/suite/innodb/t/log_file_name.test
+++ b/mysql-test/suite/innodb/t/log_file_name.test
@@ -7,6 +7,8 @@
 # Embedded server does not support crashing
 --source include/not_embedded.inc
 
+call mtr.add_suppression("InnoDB: Header page consists of zero bytes in datafile:");
+
 SET GLOBAL innodb_file_per_table=ON;
 FLUSH TABLES;
 
@@ -171,6 +173,9 @@ call mtr.add_suppression("InnoDB: Plugin initialization aborted");
 call mtr.add_suppression("Plugin 'InnoDB' \(init function returned error\|registration as a STORAGE ENGINE failed\)");
 call mtr.add_suppression("InnoDB: Table test/u[123] in the InnoDB data dictionary has tablespace id [1-9][0-9]*, but tablespace with that id or name does not exist\\. Have you deleted or moved \\.ibd files\\?");
 call mtr.add_suppression("InnoDB: Cannot replay rename of tablespace.*");
+call mtr.add_suppression("InnoDB: Attempted to open a previously opened tablespace");
+call mtr.add_suppression("InnoDB: Recovery cannot access file");
+call mtr.add_suppression("InnoDB: Cannot read first page in datafile:");
 FLUSH TABLES;
 --enable_query_log
 
diff --git a/mysql-test/suite/innodb/t/mdev-14846.test b/mysql-test/suite/innodb/t/mdev-14846.test
index b1f32302..e9698cc0 100644
--- a/mysql-test/suite/innodb/t/mdev-14846.test
+++ b/mysql-test/suite/innodb/t/mdev-14846.test
@@ -2,6 +2,8 @@
 --source include/count_sessions.inc
 --source include/have_debug_sync.inc
 
+--source include/innodb_stable_estimates.inc
+
 CREATE TABLE t1 (
  pk INT,
  f1 VARCHAR(10) NOT NULL,
diff --git a/mysql-test/suite/innodb/t/mem_pressure.test b/mysql-test/suite/innodb/t/mem_pressure.test
new file mode 100644
index 00000000..91f75e65
--- /dev/null
+++ b/mysql-test/suite/innodb/t/mem_pressure.test
@@ -0,0 +1,44 @@
+--source include/have_debug.inc
+--source include/linux.inc
+--source include/not_embedded.inc
+--source include/have_innodb.inc
+--source include/have_sequence.inc
+
+--echo #
+--echo # MDEV-24670 avoid OOM by linux kernel co-operative memory management
+--echo #
+
+set @save_dbug=@@debug_dbug;
+
+set @save_limit=@@GLOBAL.innodb_limit_optimistic_insert_debug;
+# Wait for the undo logs to be empty from previous tests.
+# This is not an actual parameter, so there is no need to restore it.
+set GLOBAL innodb_max_purge_lag_wait=0;
+
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB;
+SET GLOBAL innodb_limit_optimistic_insert_debug=2;
+SET STATEMENT unique_checks=0, foreign_key_checks=0 FOR
+INSERT INTO t1 SELECT * FROM seq_1_to_1000;
+
+SET GLOBAL innodb_limit_optimistic_insert_debug=@save_limit;
+
+DROP TABLE t1;
+
+SELECT CAST(VARIABLE_VALUE AS INTEGER) INTO @dirty_prev
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='Innodb_buffer_pool_pages_dirty';
+
+set debug_dbug="d,trigger_garbage_collection";
+SET GLOBAL innodb_buffer_pool_size=@@innodb_buffer_pool_size;
+
+SELECT CAST(VARIABLE_VALUE AS INTEGER) < @dirty_prev AS LESS_DIRTY_IS_GOOD
+FROM INFORMATION_SCHEMA.GLOBAL_STATUS
+WHERE VARIABLE_NAME='Innodb_buffer_pool_pages_dirty';
+
+let SEARCH_FILE= $MYSQLTEST_VARDIR/log/mysqld.1.err;
+let SEARCH_PATTERN= InnoDB: Memory pressure event freed.*;
+--source include/search_pattern_in_file.inc
+
+set debug_dbug=@save_dbug;
+
+--echo # End of 10.11 tests
diff --git a/mysql-test/suite/innodb/t/no_pad.test b/mysql-test/suite/innodb/t/no_pad.test
index 1be1972c..15ab71b6 100644
--- a/mysql-test/suite/innodb/t/no_pad.test
+++ b/mysql-test/suite/innodb/t/no_pad.test
@@ -8,3 +8,49 @@ ALTER TABLE t1 ROW_FORMAT=DYNAMIC;
 INSERT INTO t1 VALUES ('',2);
 ALTER TABLE t1 ROW_FORMAT=REDUNDANT;
 DROP TABLE t1;
+
+
+--echo #
+--echo # MDEV-26743 InnoDB: CHAR+nopad does not work well
+--echo #
+
+--echo #
+--echo # Basic Latin letter vs equal accented letter
+--echo #
+
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+--error ER_DUP_ENTRY
+INSERT INTO t1 VALUES ('a'),('ä');
+DROP TABLE t1;
+
+--echo #
+--echo # Two letters vs equal (but space padded) expansion
+--echo #
+
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES ('ss'),('ß');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1;
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
+
+--echo #
+--echo # Basic Latin letter (but followed by an ignorable character) vs equal accented letter
+--echo #
+
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(3), PRIMARY KEY(a)) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES (CONCAT('a',_utf8mb3 0x01)),('ä');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1 ORDER BY HEX(a);
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
+
+SET NAMES utf8mb3;
+CREATE TABLE t1 (a CHAR(2), PRIMARY KEY(a)) COLLATE utf8_unicode_nopad_ci ENGINE=InnoDB ROW_FORMAT=COMPACT;
+INSERT INTO t1 VALUES (CONCAT('a',_utf8mb3 0x01)),('ä');
+SET sql_mode=PAD_CHAR_TO_FULL_LENGTH;
+SELECT HEX(a) FROM t1 ORDER BY HEX(a);
+SET sql_mode=DEFAULT;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb/t/page_id_innochecksum.test b/mysql-test/suite/innodb/t/page_id_innochecksum.test
index 902d2aba..9d8114d1 100644
--- a/mysql-test/suite/innodb/t/page_id_innochecksum.test
+++ b/mysql-test/suite/innodb/t/page_id_innochecksum.test
@@ -6,7 +6,7 @@ let MYSQLD_BASEDIR= `SELECT @@basedir`;
 let MYSQLD_DATADIR= `SELECT @@datadir`;
 let INNODB_PAGE_SIZE=`select @@innodb_page_size`;
 
-create table t1(f1 int not null)engine=innodb;
+create table t1(f1 int not null)engine=innodb stats_persistent=0;
 insert into t1 values(1), (2), (3);
 let $resultlog=$MYSQLTEST_VARDIR/tmp/result.log;
 
diff --git a/mysql-test/suite/innodb/t/purge.test b/mysql-test/suite/innodb/t/purge.test
index 97c0fb86..1dc2b117 100644
--- a/mysql-test/suite/innodb/t/purge.test
+++ b/mysql-test/suite/innodb/t/purge.test
@@ -1,6 +1,9 @@
 --source include/have_innodb.inc
 --source include/have_innodb_16k.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 --echo # Bug #12429576 - Test an assertion failure on purge.
 CREATE TABLE t1_purge (
 A int,
@@ -110,4 +113,6 @@ SHOW CREATE TABLE t12963823;
 # We need to activate the purge thread before DROP TABLE.
 
 -- source include/wait_all_purged.inc
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
 DROP TABLE t1_purge, t2_purge, t3_purge, t4_purge, t12637786, t12963823;
diff --git a/mysql-test/suite/innodb/t/purge_secondary.test b/mysql-test/suite/innodb/t/purge_secondary.test
index 4e664109..8a38a418 100644
--- a/mysql-test/suite/innodb/t/purge_secondary.test
+++ b/mysql-test/suite/innodb/t/purge_secondary.test
@@ -1,6 +1,9 @@
 --source include/have_innodb.inc
 --source include/have_sequence.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 --disable_query_log
 call mtr.add_suppression("InnoDB: Difficult to find free blocks in the buffer pool");
 --enable_query_log
@@ -170,3 +173,7 @@ UNLOCK TABLES;
 DROP TABLE t1;
 
 --echo # End of 10.3 tests
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
+
+--echo # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/t/purge_thread_shutdown.test b/mysql-test/suite/innodb/t/purge_thread_shutdown.test
deleted file mode 100644
index 53b375b8..00000000
--- a/mysql-test/suite/innodb/t/purge_thread_shutdown.test
+++ /dev/null
@@ -1,43 +0,0 @@
-source include/have_innodb.inc;
-source include/not_embedded.inc;
-source include/have_debug.inc;
-
-connect con1, localhost, root;
-create table t1 (a int) engine=innodb;
-insert t1 values (1),(2),(3),(4);
-delete from t1 where a=1;
-
-select user,state from information_schema.processlist order by 2;
-
-set global debug_dbug='+d,only_kill_system_threads';
-set global innodb_fast_shutdown=0;
-
---let $_expect_file_name= `select regexp_replace(@@tmpdir, '^.*/','')`
---let $_expect_file_name= $MYSQLTEST_VARDIR/tmp/$_expect_file_name.expect
-exec echo "wait" > $_expect_file_name;
-send shutdown;
-
-connection default;
-disconnect con1;
-
-sleep 5;
-select user,state from information_schema.processlist order by 2;
-set global innodb_fast_shutdown=1;
-
-let $wait_condition=select count(*) = 0 from information_schema.processlist where user='system user';
-source include/wait_condition.inc;
-select user,state from information_schema.processlist order by 2;
-
-delete from t1 where a=3;
-error ER_WRONG_VALUE_FOR_VAR;
-set global innodb_fast_shutdown=0;
-
-# Get id with space prefix to ensure that replace_result doesn't replace
-# the error code
-let $me=`select concat(' ', connection_id())`;
-replace_result $me ID;
-error ER_CONNECTION_KILLED, 2026;
-eval kill $me;
-
-source include/start_mysqld.inc;
-drop table t1;
diff --git a/mysql-test/suite/innodb/t/read_only_recovery.test b/mysql-test/suite/innodb/t/read_only_recovery.test
index 47146213..d011b3aa 100644
--- a/mysql-test/suite/innodb/t/read_only_recovery.test
+++ b/mysql-test/suite/innodb/t/read_only_recovery.test
@@ -39,6 +39,8 @@ SELECT * FROM t;
 SET TRANSACTION ISOLATION LEVEL READ UNCOMMITTED;
 SELECT * FROM t;
 SET GLOBAL innodb_max_purge_lag_wait=0;
+INSERT INTO mysql.innodb_index_stats
+SELECT * FROM mysql.innodb_index_stats LIMIT 0;
 --let $restart_parameters=
 --source include/restart_mysqld.inc
 SELECT * FROM t;
diff --git a/mysql-test/suite/innodb/t/records_in_range.test b/mysql-test/suite/innodb/t/records_in_range.test
new file mode 100644
index 00000000..697dbc1e
--- /dev/null
+++ b/mysql-test/suite/innodb/t/records_in_range.test
@@ -0,0 +1,432 @@
+#
+# Test btr_estimate_n_rows_in_range() which is used by
+# ha_innobase::records_in_range()
+#
+
+-- source include/have_debug.inc
+-- source include/have_innodb.inc
+-- source include/innodb_page_size_small.inc
+
+CREATE TABLE records_in_range_test (
+	c1 VARCHAR(16),
+	c2 VARCHAR(512),
+	PRIMARY KEY (c1)
+) ENGINE=INNODB STATS_PERSISTENT=1;
+
+# Insert some records so that they cannot fit in one page for some page sizes
+# in order to exercise records_in_range() where 1, 2 or more pages are sampled
+INSERT INTO records_in_range_test VALUES
+('ccc', REPEAT('v', 512)),
+('kkk01', REPEAT('v', 512)),
+('kkk02', REPEAT('v', 512)),
+('kkk03', REPEAT('v', 512)),
+('kkk04', REPEAT('v', 512)),
+('kkk05', REPEAT('v', 512)),
+('kkk06', REPEAT('v', 512)),
+('kkk07', REPEAT('v', 512)),
+('kkk08', REPEAT('v', 512)),
+('mmm', REPEAT('v', 512)),
+('nnn', REPEAT('v', 512)),
+('uuu01', REPEAT('v', 512)),
+('uuu02', REPEAT('v', 512)),
+('uuu03', REPEAT('v', 512)),
+('uuu04', REPEAT('v', 512)),
+('uuu05', REPEAT('v', 512)),
+('uuu06', REPEAT('v', 512)),
+('uuu07', REPEAT('v', 512)),
+('uuu08', REPEAT('v', 512)),
+('xxx', REPEAT('v', 512));
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE records_in_range_test;
+
+# 16k or bigger page size: 1 leaf page
+# 8k page size: 2 leaf pages
+# 4k page size: 4 leaf pages
+SELECT index_name, stat_name, stat_value
+FROM mysql.innodb_index_stats
+WHERE
+table_name='records_in_range_test' AND stat_name = 'n_leaf_pages';
+
+# 16k or bigger page size: 1 page in total (leaf + nonleaf)
+# 8k page size: 3 pages in total (leaf + nonleaf)
+# 4k page size: 5 pages in total (leaf + nonleaf)
+SELECT index_name, stat_name, stat_value
+FROM mysql.innodb_index_stats
+WHERE
+table_name='records_in_range_test' AND stat_name = 'size';
+
+# We exploit the warning mechanism here to display the return value from
+# btr_estimate_n_rows_in_range()
+SET @save_dbug = @@debug_dbug;
+SET DEBUG_DBUG='+d,print_btr_estimate_n_rows_in_range_return_value';
+
+-- echo
+-- echo In all SELECTs below the number of the records in the range returned
+-- echo by COUNT(*) must be the same as the number returned by
+-- echo btr_estimate_n_rows_in_range() which can be seen inside the artificial
+-- echo warning
+
+-- echo
+-- echo Test left-unbounded, right-open intervals
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'aaa';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 < 'zzz';
+
+-- echo
+-- echo Test left-unbounded, right-closed intervals
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'aaa';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 <= 'zzz';
+
+-- echo
+-- echo Test left-open, right-unbounded intervals
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz';
+
+-- echo
+-- echo Test left-closed, right-unbounded intervals
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz';
+
+-- echo
+-- echo Test left-open, right-open intervals
+-- echo In some cases here the optimizer is smart enough not to call
+-- echo ha_innobase::records_in_range() at all, so we get no warning containing
+-- echo the value returned from btr_estimate_n_rows_in_range()
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 < 'zzz';
+
+-- echo
+-- echo Test left-closed, right-open intervals
+-- echo In some cases here the optimizer is smart enough not to call
+-- echo ha_innobase::records_in_range() at all, so we get no warning containing
+-- echo the value returned from btr_estimate_n_rows_in_range()
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 < 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 < 'zzz';
+
+-- echo
+-- echo Test left-open, right-closed intervals
+-- echo In some cases here the optimizer is smart enough not to call
+-- echo ha_innobase::records_in_range() at all, so we get no warning containing
+-- echo the value returned from btr_estimate_n_rows_in_range()
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'aaa' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'ccc' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'eee' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'mmm' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'nnn' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'qqq' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'xxx' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 > 'zzz' AND c1 <= 'zzz';
+
+-- echo
+-- echo Test left-closed, right-closed intervals
+-- echo In some cases here the optimizer is smart enough not to call
+-- echo ha_innobase::records_in_range() at all, so we get no warning containing
+-- echo the value returned from btr_estimate_n_rows_in_range()
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'aaa' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'ccc' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'eee' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'mmm' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'nnn' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'qqq' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'xxx' AND c1 <= 'zzz';
+-- echo
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'bbb';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'ccc';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'eee';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'mmm';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'nnn';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'qqq';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'xxx';
+SELECT COUNT(*) FROM records_in_range_test WHERE c1 >= 'zzz' AND c1 <= 'zzz';
+
+SET DEBUG_DBUG = @save_dbug;
+
+DROP TABLE records_in_range_test;
diff --git a/mysql-test/suite/innodb/t/row_format_redundant.opt b/mysql-test/suite/innodb/t/row_format_redundant.opt
index c44c611e..d1d93da0 100644
--- a/mysql-test/suite/innodb/t/row_format_redundant.opt
+++ b/mysql-test/suite/innodb/t/row_format_redundant.opt
@@ -1 +1,3 @@
 --innodb-checksum-algorithm=crc32
+--skip-innodb-fast-shutdown
+--skip-innodb-buffer-pool-dump-at-shutdown
diff --git a/mysql-test/suite/innodb/t/row_size_error_log_warnings_3.test b/mysql-test/suite/innodb/t/row_size_error_log_warnings_3.test
index dab9bcfa..24029a48 100644
--- a/mysql-test/suite/innodb/t/row_size_error_log_warnings_3.test
+++ b/mysql-test/suite/innodb/t/row_size_error_log_warnings_3.test
@@ -1,7 +1,7 @@
 --source include/have_innodb.inc
 --source include/have_sequence.inc
 --source include/innodb_page_size_small.inc
---source include/have_normal_bzip.inc
+--source include/have_normal_zlib.inc
 
 call mtr.add_suppression("InnoDB: Cannot add field .* in table .* because after adding it, the row size is .* which is greater than maximum allowed size (.*) for a record on index leaf page.");
 
diff --git a/mysql-test/suite/innodb/t/scrub_debug.test b/mysql-test/suite/innodb/t/scrub_debug.test
index a1f0b38e..8cebfca6 100644
--- a/mysql-test/suite/innodb/t/scrub_debug.test
+++ b/mysql-test/suite/innodb/t/scrub_debug.test
@@ -10,7 +10,7 @@ SET GLOBAL INNODB_LIMIT_OPTIMISTIC_INSERT_DEBUG=2;
 let $MYSQLD_DATADIR=`select @@datadir`;
 CREATE TABLE t1(f1 INT AUTO_INCREMENT PRIMARY KEY,
 		f2 VARCHAR(256) GENERATED ALWAYS as('repairman'),
-		INDEX idx(f2))ENGINE= InnoDB;
+		INDEX idx(f2))ENGINE= InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1(f1) SELECT seq FROM seq_1_to_50;
 FLUSH TABLE t1 FOR EXPORT;
 let SEARCH_PATTERN= repairman;
diff --git a/mysql-test/suite/innodb/t/table_flags.opt b/mysql-test/suite/innodb/t/table_flags.opt
index bca67495..8f6c7db5 100644
--- a/mysql-test/suite/innodb/t/table_flags.opt
+++ b/mysql-test/suite/innodb/t/table_flags.opt
@@ -1,2 +1,3 @@
 --innodb-checksum-algorithm=crc32
 --skip-innodb-read-only-compressed
+--skip-innodb-buffer-pool-dump-at-shutdown
diff --git a/mysql-test/suite/innodb/t/table_flags.test b/mysql-test/suite/innodb/t/table_flags.test
index 34204ae1..511d3c24 100644
--- a/mysql-test/suite/innodb/t/table_flags.test
+++ b/mysql-test/suite/innodb/t/table_flags.test
@@ -157,7 +157,9 @@ SHOW CREATE TABLE tr;
 SHOW CREATE TABLE tc;
 --error ER_NO_SUCH_TABLE_IN_ENGINE
 SELECT * FROM tc;
+--error ER_GET_ERRNO
 SHOW CREATE TABLE td;
+--error ER_GET_ERRNO
 SELECT * FROM td;
 # This table was converted to NO_ROLLBACK due to the SYS_TABLES.TYPE change.
 SHOW CREATE TABLE tz;
diff --git a/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.opt b/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.opt
new file mode 100644
index 00000000..66bceccc
--- /dev/null
+++ b/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.opt
@@ -0,0 +1 @@
+--innodb-sys-tablespaces
diff --git a/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.test b/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.test
new file mode 100644
index 00000000..dc87e3fa
--- /dev/null
+++ b/mysql-test/suite/innodb/t/tablespace_per_table_not_windows.test
@@ -0,0 +1,162 @@
+--echo #
+--echo # Test the limits of a file-per-table tablespace name.  MySQL combines
+--echo # the database name with the table name to make a unique table name.
+--echo #
+
+--source include/have_innodb.inc
+--source include/not_windows.inc
+# This will test the limit of a filename in MySQL at 512 bytes.
+# We control that by making it a relative path starting with "./".
+# The embedded server uses an absolute path as the datadir
+# which has a non-deterministic length.
+--source include/not_embedded.inc
+
+SET default_storage_engine=InnoDB;
+LET $MYSQLD_DATADIR = `select @@datadir`;
+
+--echo #
+--echo # MySQL limits each database and tablename identifier to 64 characters
+--echo # of up to 3 bytes per character, corresponding to 192 bytes.
+--echo #
+LET $too_long_name  = this_sixty_five_byte_name_is_too_long____________________________;
+--error ER_WRONG_DB_NAME
+--eval CREATE DATABASE `$too_long_name`
+
+LET $long_name      = this_sixty_four_byte_name_is_not_too_long_______________________;
+--eval CREATE DATABASE `$long_name`
+--eval USE `$long_name`
+
+--echo #
+--echo # A 64 character tablename can be created in a 64 character database name
+--echo #
+--eval CREATE TABLE `$long_name`.`$long_name` (a SERIAL)
+
+--echo #
+--echo # A 65 character tablename is too long.
+--echo #
+--error ER_WRONG_TABLE_NAME
+--eval CREATE TABLE `test`.`$too_long_name` (a SERIAL)
+--error ER_WRONG_TABLE_NAME
+--eval CREATE TABLE `$long_name`.`$too_long_name` (a SERIAL)
+
+--echo #
+--echo # Non-non-filename-safe characters like '#' are expanded to '@0023'.
+--echo # On many file systems, such as Linux extfs, you can create a database name
+--echo # that expands to up to 255 bytes long.
+--echo # `##################################################_long` is expanded to
+--echo #                        (50 * 5) +                     5  = 255.
+--echo #
+LET $long_db_name = ##################################################_long;
+--eval CREATE DATABASE `$long_db_name`;
+--eval USE `$long_db_name`
+
+--echo #
+--echo # This 256-byte name is only one byte longer but fails with an error code
+--echo # from the stat operation.
+--echo # `##################################################_long_` is expanded to
+--echo #                        (50 * 5) +                    6  = 256.
+--echo #
+--replace_regex /Errcode: [0-9]+/Errcode: ##/  /@0023/#/
+--error 13
+CREATE DATABASE `##################################################_long_`;
+
+--echo #
+--echo # This 300-byte name which is the longest name that gets an error code
+--echo # from the stat operation.
+--echo # `###########################################################_long` is expanded to
+--echo #                        (59 * 5) +                             5  = 300.
+--echo #
+--replace_regex /Errcode: [0-9]+/Errcode: ##/  /@0023/#/
+--error 13
+CREATE DATABASE `###########################################################_long`;
+
+--echo #
+--echo # This 301-byte name which is only one byte longer but fails with ER_TOO_LONG_IDENT.
+--echo # `###########################################################_long_` is expanded to
+--echo #                        (59 * 5) +                             6  = 301.
+--echo #
+--replace_result @0023 #
+--error ER_WRONG_DB_NAME
+CREATE DATABASE `###########################################################_long_`;
+
+USE test;
+
+LET $long_249_byte_table_name = #################################################long;
+LET $long_250_byte_table_name = #################################################_long;
+LET $long_251_byte_table_name = #################################################_long_;
+LET $long_252_byte_table_name = #################################################_long___;
+
+--echo #
+--echo # An expanded table name is limited to 251 bytes
+--echo #
+--eval CREATE TABLE `test`.`$long_251_byte_table_name` (a SERIAL)
+
+--echo #
+--echo # A 252-byte tablename is too long
+--echo #
+--replace_regex /errno: [0-9]+/errno: ##/  /@0023/#/
+--error ER_CANT_CREATE_TABLE
+--eval CREATE TABLE `test`.`$long_252_byte_table_name` (a SERIAL)
+
+CREATE DATABASE twenty_byte_db_name_;
+USE `twenty_byte_db_name_`;
+
+--echo #
+--echo # A 251 byte expanded table name will fit with a longer database name
+--echo #
+--eval CREATE TABLE `twenty_byte_db_name_`.`$long_251_byte_table_name` (a SERIAL)
+
+--echo #
+--echo # A 252 byte expanded table name is also too long in a longer database name
+--echo #
+--replace_regex /errno: [0-9]+/errno: ##/  /@0023/#/
+--error ER_CANT_CREATE_TABLE
+--eval CREATE TABLE `twenty_byte_db_name_`.`$long_252_byte_table_name` (a SERIAL)
+
+--echo #
+--echo # Another limitation is a 512 byte length to an expanded path that includes
+--echo # the datadir which is './' in this test, the expanded database name,
+--echo # the directory separator '/', the expanded table name, and the file extension.
+--echo # './long_db_name.long_250_byte_table_name.frm'
+--echo #  2+    255    +1+       250            +1+3  = 512
+--echo #
+--eval CREATE TABLE `$long_db_name`.`$long_250_byte_table_name` (a SERIAL)
+
+--error ER_IDENT_CAUSES_TOO_LONG_PATH
+--eval CREATE TABLE `$long_db_name`.`$long_251_byte_table_name` (a SERIAL)
+SHOW WARNINGS;
+
+--echo #
+--echo # Show the successfully created databases and tables
+--echo #
+--echo ---- list_files MYSQLD_DATADIR/test
+--replace_result @0023 #
+--list_files $MYSQLD_DATADIR/test
+--echo ---- list_files MYSQLD_DATADIR/$long_name
+--replace_result @0023 #
+--list_files $MYSQLD_DATADIR/$long_name
+--echo ---- list_files MYSQLD_DATADIR/$long_db_name
+--replace_result @0023 #
+--list_files $MYSQLD_DATADIR/@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023@0023_long
+
+--replace_result @0023 #
+SELECT name FROM information_schema.innodb_sys_tables WHERE name LIKE '%long%';
+--replace_result @0023 #
+SELECT name FROM information_schema.innodb_sys_tablespaces WHERE name LIKE '%long%';
+--vertical_results
+--replace_regex /innodb_file_per_table_[0-9]*/innodb_file_per_table_##/
+--replace_result $MYSQLD_DATADIR MYSQLD_DATADIR  @0023 #
+SELECT file_name, tablespace_name FROM information_schema.files WHERE file_name LIKE '%long%';
+--horizontal_results
+
+--echo #
+--echo # Cleanup
+--echo #
+
+--eval DROP TABLE `$long_name`.`$long_name`
+--eval DROP TABLE `test`.`$long_251_byte_table_name`
+--eval DROP TABLE `twenty_byte_db_name_`.`$long_251_byte_table_name`
+--eval DROP TABLE `$long_db_name`.`$long_250_byte_table_name`
+--eval DROP DATABASE `$long_name`
+--eval DROP DATABASE `$long_db_name`
+DROP DATABASE `twenty_byte_db_name_`;
diff --git a/mysql-test/suite/innodb/t/tablespace_per_table_windows.opt b/mysql-test/suite/innodb/t/tablespace_per_table_windows.opt
new file mode 100644
index 00000000..66bceccc
--- /dev/null
+++ b/mysql-test/suite/innodb/t/tablespace_per_table_windows.opt
@@ -0,0 +1 @@
+--innodb-sys-tablespaces
diff --git a/mysql-test/suite/innodb/t/tablespace_per_table_windows.test b/mysql-test/suite/innodb/t/tablespace_per_table_windows.test
new file mode 100644
index 00000000..eee7209c
--- /dev/null
+++ b/mysql-test/suite/innodb/t/tablespace_per_table_windows.test
@@ -0,0 +1,77 @@
+--echo #
+--echo # Test the limits of a file-per-table tablespace name.  MySQL combines
+--echo # the database name with the table name to make a unique table name.
+--echo #
+
+# There is no use in testing the maximum expanded filename using "#" or
+# some other character that is expanded by MySQL to "@0023" because
+# Windows imposes a maximum absolute path length of 260 bytes. So the
+# results will depend upon what local directory this test is run in.
+# See https://msdn.microsoft.com/en-us/library/aa365247.aspx
+# "Maximum Path Length Limitation
+# In the Windows API, the maximum length for a path is MAX_PATH, which is
+# defined as 260 characters. A local path is structured in the following
+# order: drive letter, colon, backslash, name components separated by
+# backslashes, and a terminating null character. For example, the maximum
+# path on drive D is "D:\some 256-character path string<NUL>" where
+# "<NUL>" represents the invisible terminating null character for the
+# current system codepage. (The characters < > are used here for visual
+# clarity and cannot be part of a valid path string.)"
+
+--source include/have_innodb.inc
+--source include/windows.inc
+# This will test the limit of a filename in MySQL at 512 bytes.
+# We control that by making it a relative path starting with "./".
+# The embedded server uses an absolute path as the datadir
+# which has a non-deterministic length.
+--source include/not_embedded.inc
+
+SET default_storage_engine=InnoDB;
+LET $MYSQLD_DATADIR = `select @@datadir`;
+
+--echo #
+--echo # MySQL limits each database and tablename identifier to 64 characters
+--echo # of up to 3 bytes per character, corresponding to 192 bytes.
+--echo #
+LET $too_long_name  = this_sixty_five_byte_name_is_too_long____________________________;
+--error ER_WRONG_DB_NAME
+--eval CREATE DATABASE `$too_long_name`
+
+LET $long_name      = this_sixty_four_byte_name_is_not_too_long_______________________;
+--eval CREATE DATABASE `$long_name`
+--eval USE `$long_name`
+
+--echo #
+--echo # A 64 character tablename can be created in a 64 character database name
+--echo #
+--eval CREATE TABLE `$long_name`.`$long_name` (a SERIAL)
+
+--echo #
+--echo # A 65 character tablename is too long.
+--echo #
+--error ER_WRONG_TABLE_NAME
+--eval CREATE TABLE `test`.`$too_long_name` (a SERIAL)
+--error ER_WRONG_TABLE_NAME
+--eval CREATE TABLE `$long_name`.`$too_long_name` (a SERIAL)
+
+--echo #
+--echo # Show the successfully created database and table
+--echo #
+--eval SHOW CREATE TABLE `$long_name`.`$long_name`
+
+--echo ---- list_files MYSQLD_DATADIR/$long_name
+--list_files $MYSQLD_DATADIR/$long_name
+
+SELECT name FROM information_schema.innodb_sys_tables WHERE name LIKE '%long%';
+SELECT name FROM information_schema.innodb_sys_tablespaces WHERE name LIKE '%long%';
+--vertical_results
+--replace_regex /innodb_file_per_table_[0-9]*/innodb_file_per_table_##/
+--replace_result $MYSQLD_DATADIR MYSQLD_DATADIR
+SELECT file_name, tablespace_name FROM information_schema.files WHERE file_name LIKE '%long%';
+--horizontal_results
+
+--echo #
+--echo # Cleanup
+--echo #
+
+--eval DROP DATABASE `$long_name`
diff --git a/mysql-test/suite/innodb/t/truncate_crash.test b/mysql-test/suite/innodb/t/truncate_crash.test
index c5156b4b..8a11b1ed 100644
--- a/mysql-test/suite/innodb/t/truncate_crash.test
+++ b/mysql-test/suite/innodb/t/truncate_crash.test
@@ -4,7 +4,7 @@
 --source include/not_embedded.inc
 
 FLUSH TABLES;
-CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB;
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 VALUES (1),(2);
 
 connect (wait,localhost,root,,test);
diff --git a/mysql-test/suite/innodb/t/truncate_foreign.test b/mysql-test/suite/innodb/t/truncate_foreign.test
index abbe1b3d..c29c1410 100644
--- a/mysql-test/suite/innodb/t/truncate_foreign.test
+++ b/mysql-test/suite/innodb/t/truncate_foreign.test
@@ -89,16 +89,14 @@ call mtr.add_suppression("InnoDB: In ALTER TABLE `test`\\.`t1` has or is");
 
 CREATE TABLE t1 (pk INT, a INT, PRIMARY KEY (pk), KEY (a)) ENGINE=InnoDB;
 SET FOREIGN_KEY_CHECKS=0;
-ALTER TABLE t1 ADD FOREIGN KEY (a) REFERENCES t1 (a), ALGORITHM=COPY;
+ALTER TABLE t1 ADD FOREIGN KEY (a) REFERENCES t2 (a), ALGORITHM=COPY;
 INSERT INTO t1 VALUES (1,1);
+CREATE TABLE t2(f1 INT PRIMARY KEY)ENGINE=InnoDB;
 LOCK TABLES t1 WRITE;
 SET FOREIGN_KEY_CHECKS=1;
 --error ER_CANNOT_ADD_FOREIGN
 TRUNCATE t1;
-# Whether TRUNCATE succeeds or fails, it will reload FOREIGN KEY constraints.
-# As a result, ha_innobase::referenced_by_foreign_key() will retun TRUE
-# (for the self-referential key), and the statement will fail.
---error ER_TABLE_NOT_LOCKED
+--error ER_NO_REFERENCED_ROW_2
 INSERT INTO t1 VALUES (2,2);
 SELECT * FROM t1;
 UNLOCK TABLES;
@@ -107,6 +105,6 @@ INSERT INTO t1 VALUES (2,2);
 SET FOREIGN_KEY_CHECKS=0;
 INSERT INTO t1 VALUES (2,2);
 SELECT * FROM t1;
-DROP TABLE t1;
+DROP TABLE t2, t1;
 
 --echo # End of 10.6 tests
diff --git a/mysql-test/suite/innodb/t/trx_id_future.test b/mysql-test/suite/innodb/t/trx_id_future.test
index 1aeb1372..049e8f2c 100644
--- a/mysql-test/suite/innodb/t/trx_id_future.test
+++ b/mysql-test/suite/innodb/t/trx_id_future.test
@@ -8,7 +8,7 @@
 
 let PAGE_SIZE=`select @@innodb_page_size`;
 
-CREATE TABLE t1(a INT) row_format=redundant engine=innoDB;
+CREATE TABLE t1(a INT) row_format=redundant engine=innoDB stats_persistent=0;
 INSERT INTO t1 VALUES(1);
 
 let MYSQLD_DATADIR=`select @@datadir`;
diff --git a/mysql-test/suite/innodb/t/undo_log.test b/mysql-test/suite/innodb/t/undo_log.test
index 2dbc9191..60da94c3 100644
--- a/mysql-test/suite/innodb/t/undo_log.test
+++ b/mysql-test/suite/innodb/t/undo_log.test
@@ -1,5 +1,8 @@
 --source include/have_innodb.inc
 
+SET @save_stats_persistent = @@GLOBAL.innodb_stats_persistent;
+SET GLOBAL innodb_stats_persistent = 0;
+
 SET innodb_strict_mode=OFF;
 CREATE TABLE test_tab (
 a_str_18 mediumtext,
@@ -151,3 +154,5 @@ ROLLBACK;
 --source include/wait_all_purged.inc
 DROP TABLE t1;
 DROP TABLE t2;
+
+SET GLOBAL innodb_stats_persistent = @save_stats_persistent;
diff --git a/mysql-test/suite/innodb/t/undo_space_dblwr.opt b/mysql-test/suite/innodb/t/undo_space_dblwr.opt
index 0b4f5917..f498dd1f 100644
--- a/mysql-test/suite/innodb/t/undo_space_dblwr.opt
+++ b/mysql-test/suite/innodb/t/undo_space_dblwr.opt
@@ -1,2 +1,3 @@
 --innodb_undo_tablespaces=3
 --innodb_sys_tablespaces
+--innodb-stats-persistent=0
diff --git a/mysql-test/suite/innodb_fts/r/crash_recovery.result b/mysql-test/suite/innodb_fts/r/crash_recovery.result
index c6fc9dfa..b6319014 100644
--- a/mysql-test/suite/innodb_fts/r/crash_recovery.result
+++ b/mysql-test/suite/innodb_fts/r/crash_recovery.result
@@ -33,7 +33,7 @@ connection default;
 disconnect ddl1;
 disconnect ddl2;
 disconnect ddl3;
-InnoDB		0 transactions not purged
+SET GLOBAL innodb_max_purge_lag_wait=0;
 CHECK TABLE t1,t2,t3;
 Table	Op	Msg_type	Msg_text
 test.t1	check	status	OK
diff --git a/mysql-test/suite/innodb_fts/r/foreign_key_check.result b/mysql-test/suite/innodb_fts/r/foreign_key_check.result
new file mode 100644
index 00000000..38f46d5f
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/foreign_key_check.result
@@ -0,0 +1,27 @@
+CREATE TABLE t1 (
+id       INT NOT NULL,
+title    TEXT,
+PRIMARY  KEY (id),
+FULLTEXT KEY (title),
+FOREIGN  KEY (id) REFERENCES t2 (id)
+) ENGINE=InnoDB;
+ERROR HY000: Can't create table `test`.`t1` (errno: 150 "Foreign key constraint is incorrectly formed")
+CREATE TABLE t1 (
+id       INT NOT NULL,
+title    TEXT,
+PRIMARY  KEY (id)
+) ENGINE=InnoDB;
+ALTER TABLE t1 ADD FULLTEXT KEY (title), ADD FOREIGN KEY (id) REFERENCES t2 (id);
+ERROR HY000: Can't create table `test`.`t1` (errno: 150 "Foreign key constraint is incorrectly formed")
+SET FOREIGN_KEY_CHECKS = 0;
+ALTER TABLE t1 ADD FULLTEXT KEY (title), ADD FOREIGN KEY (id) REFERENCES t2 (id);
+DROP TABLE t1;
+CREATE TABLE t1 (
+id       INT NOT NULL,
+title    TEXT,
+PRIMARY  KEY (id),
+FULLTEXT KEY (title),
+FOREIGN  KEY (id) REFERENCES t2 (id)
+) ENGINE=InnoDB;
+DROP TABLE t1;
+SET FOREIGN_KEY_CHECKS = 1;
diff --git a/mysql-test/suite/innodb_fts/r/foreign_key_update.result b/mysql-test/suite/innodb_fts/r/foreign_key_update.result
new file mode 100644
index 00000000..f2d47da7
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/foreign_key_update.result
@@ -0,0 +1,34 @@
+CREATE TABLE t1 (
+a	varchar(40),
+KEY	a(a)
+) ENGINE=InnoDB;
+CREATE TABLE t1_fk (
+a	varchar(40),
+KEY	a(a),
+FULLTEXT KEY (a),
+CONSTRAINT fk FOREIGN KEY (a) REFERENCES t1 (a) ON UPDATE CASCADE
+) ENGINE=InnoDB;
+INSERT INTO t1 VALUES('mysql');
+INSERT INTO t1_fk VALUES('mysql');
+INSERT INTO t1_fk VALUES('mysql');
+SELECT * FROM t1_fk;
+a
+mysql
+mysql
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('mysql');
+a
+mysql
+mysql
+UPDATE t1 SET a = 'database' WHERE a = 'mysql';
+SELECT * FROM t1_fk;
+a
+database
+database
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('mysql');
+a
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('database');
+a
+database
+database
+DROP TABLE t1_fk;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_fts/r/ft_result_cache_limit.result b/mysql-test/suite/innodb_fts/r/ft_result_cache_limit.result
index 2dbdd5a0..74d60410 100644
--- a/mysql-test/suite/innodb_fts/r/ft_result_cache_limit.result
+++ b/mysql-test/suite/innodb_fts/r/ft_result_cache_limit.result
@@ -20,8 +20,6 @@ END//
 CALL populate_t1;
 SET autocommit=1;
 SET SESSION debug="+d,fts_instrument_result_cache_limit";
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 ALTER TABLE t1 ADD FULLTEXT INDEX `text_content_idx` (`text_content`);
 SELECT FTS_DOC_ID, text_content
 FROM t1
diff --git a/mysql-test/suite/innodb_fts/r/index_table.result b/mysql-test/suite/innodb_fts/r/index_table.result
new file mode 100644
index 00000000..570e367a
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/index_table.result
@@ -0,0 +1,265 @@
+SET @optimize=@@GLOBAL.INNODB_OPTIMIZE_FULLTEXT_ONLY;
+SET GLOBAL INNODB_OPTIMIZE_FULLTEXT_ONLY=1;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+content TEXT
+) ENGINE= InnoDB;
+CREATE FULLTEXT INDEX idx ON articles (title, content);
+INSERT INTO articles (title, content) VALUES
+('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','How to use full-text search engine'),
+('Go MySQL Tricks','How to use full text search engine');
+SET @aux=@@GLOBAL.innodb_ft_aux_table;
+SET GLOBAL innodb_ft_aux_table='test/articles';
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+1001	4	4	1	4	0
+after	2	2	1	2	22
+database	1	1	1	1	37
+dbms	1	1	1	1	15
+engine	4	5	2	4	46
+engine	4	5	2	5	44
+full	4	5	2	4	29
+full	4	5	2	5	27
+mysql	1	5	5	1	0
+mysql	1	5	5	1	31
+mysql	1	5	5	2	11
+mysql	1	5	5	3	11
+mysql	1	5	5	4	5
+mysql	1	5	5	5	3
+optimizing	3	3	1	3	0
+search	4	5	2	4	39
+search	4	5	2	5	37
+show	3	3	1	3	42
+stands	1	1	1	1	20
+text	4	5	2	4	34
+text	4	5	2	5	32
+through	2	2	1	2	37
+tricks	4	5	2	4	11
+tricks	4	5	2	5	9
+tutorial	1	3	2	1	6
+tutorial	1	3	2	3	25
+use	2	5	3	2	7
+use	2	5	3	4	25
+use	2	5	3	5	23
+well	2	2	1	2	17
+went	2	2	1	2	32
+you	2	2	1	2	28
+OPTIMIZE TABLE articles;
+Table	Op	Msg_type	Msg_text
+test.articles	optimize	status	OK
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+1001	4	4	1	4	0
+after	2	2	1	2	22
+database	1	1	1	1	37
+dbms	1	1	1	1	15
+engine	4	5	2	4	46
+engine	4	5	2	5	44
+full	4	5	2	4	29
+full	4	5	2	5	27
+mysql	1	5	5	1	0
+mysql	1	5	5	1	31
+mysql	1	5	5	2	11
+mysql	1	5	5	3	11
+mysql	1	5	5	4	5
+mysql	1	5	5	5	3
+optimizing	3	3	1	3	0
+search	4	5	2	4	39
+search	4	5	2	5	37
+show	3	3	1	3	42
+stands	1	1	1	1	20
+text	4	5	2	4	34
+text	4	5	2	5	32
+through	2	2	1	2	37
+tricks	4	5	2	4	11
+tricks	4	5	2	5	9
+tutorial	1	3	2	1	6
+tutorial	1	3	2	3	25
+use	2	5	3	2	7
+use	2	5	3	4	25
+use	2	5	3	5	23
+well	2	2	1	2	17
+went	2	2	1	2	32
+you	2	2	1	2	28
+SET @save_dbug=@@debug_dbug;
+SET debug_dbug='+d,fts_instrument_result_cache_limit';
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+1001	4	4	1	4	0
+after	2	2	1	2	22
+database	1	1	1	1	37
+dbms	1	1	1	1	15
+engine	4	5	2	4	46
+engine	4	5	2	5	44
+full	4	5	2	4	29
+full	4	5	2	5	27
+mysql	1	5	5	1	0
+mysql	1	5	5	1	31
+mysql	1	5	5	2	11
+mysql	1	5	5	3	11
+mysql	1	5	5	4	5
+mysql	1	5	5	5	3
+optimizing	3	3	1	3	0
+search	4	5	2	4	39
+search	4	5	2	5	37
+show	3	3	1	3	42
+stands	1	1	1	1	20
+text	4	5	2	4	34
+text	4	5	2	5	32
+through	2	2	1	2	37
+tricks	4	5	2	4	11
+tricks	4	5	2	5	9
+tutorial	1	3	2	1	6
+tutorial	1	3	2	3	25
+use	2	5	3	2	7
+use	2	5	3	4	25
+use	2	5	3	5	23
+well	2	2	1	2	17
+went	2	2	1	2	32
+you	2	2	1	2	28
+SET debug_dbug=@save_dbug;
+DROP TABLE articles;
+SET GLOBAL innodb_ft_result_cache_limit=default;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+content TEXT
+) ENGINE= InnoDB;
+CREATE FULLTEXT INDEX idx_t ON articles (title);
+CREATE FULLTEXT INDEX idx_c ON articles (content);
+INSERT INTO articles (title, content) VALUES
+('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','How to use full-text search engine'),
+('Go MySQL Tricks','How to use full text search engine');
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+SET GLOBAL innodb_ft_aux_table='test/articles';
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+1001	4	4	1	4	0
+mysql	1	5	5	1	0
+mysql	1	5	5	2	11
+mysql	1	5	5	3	11
+mysql	1	5	5	4	5
+mysql	1	5	5	5	3
+optimizing	3	3	1	3	0
+tricks	4	5	2	4	11
+tricks	4	5	2	5	9
+tutorial	1	1	1	1	6
+use	2	2	1	2	7
+well	2	2	1	2	17
+after	2	2	1	2	0
+database	1	1	1	1	22
+dbms	1	1	1	1	0
+engine	4	5	2	4	28
+engine	4	5	2	5	28
+full	4	5	2	4	11
+full	4	5	2	5	11
+mysql	1	1	1	1	16
+search	4	5	2	4	21
+search	4	5	2	5	21
+show	3	3	1	3	25
+stands	1	1	1	1	5
+text	4	5	2	4	16
+text	4	5	2	5	16
+through	2	2	1	2	15
+tutorial	3	3	1	3	8
+use	4	5	2	4	7
+use	4	5	2	5	7
+went	2	2	1	2	10
+you	2	2	1	2	6
+OPTIMIZE TABLE articles;
+Table	Op	Msg_type	Msg_text
+test.articles	optimize	status	OK
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+1001	4	4	1	4	0
+mysql	1	5	5	1	0
+mysql	1	5	5	2	11
+mysql	1	5	5	3	11
+mysql	1	5	5	4	5
+mysql	1	5	5	5	3
+optimizing	3	3	1	3	0
+tricks	4	5	2	4	11
+tricks	4	5	2	5	9
+tutorial	1	1	1	1	6
+use	2	2	1	2	7
+well	2	2	1	2	17
+after	2	2	1	2	0
+database	1	1	1	1	22
+dbms	1	1	1	1	0
+engine	4	5	2	4	28
+engine	4	5	2	5	28
+full	4	5	2	4	11
+full	4	5	2	5	11
+mysql	1	1	1	1	16
+search	4	5	2	4	21
+search	4	5	2	5	21
+show	3	3	1	3	25
+stands	1	1	1	1	5
+text	4	5	2	4	16
+text	4	5	2	5	16
+through	2	2	1	2	15
+tutorial	3	3	1	3	8
+use	4	5	2	4	7
+use	4	5	2	5	7
+went	2	2	1	2	10
+you	2	2	1	2	6
+DROP TABLE articles;
+SET NAMES utf8;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200)
+) ENGINE=InnoDB DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
+CREATE FULLTEXT INDEX idx ON articles (title);
+INSERT INTO articles (title) VALUES
+('相亲相爱'),('怜香惜爱'),('充满�爱'),('爱�交织');
+SET GLOBAL innodb_ft_aux_table="test/articles";
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+充满�爱	3	3	1	3	0
+怜香惜爱	2	2	1	2	0
+爱�交织	4	4	1	4	0
+相亲相爱	1	1	1	1	0
+OPTIMIZE TABLE articles;
+Table	Op	Msg_type	Msg_text
+test.articles	optimize	status	OK
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+充满�爱	3	3	1	3	0
+怜香惜爱	2	2	1	2	0
+爱�交织	4	4	1	4	0
+相亲相爱	1	1	1	1	0
+DROP TABLE articles;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200)
+) ENGINE=InnoDB DEFAULT CHARACTER SET gb2312 COLLATE gb2312_chinese_ci;
+CREATE FULLTEXT INDEX idx ON articles (title);
+INSERT INTO articles (title) VALUES
+('相亲相爱'),('怜香惜爱'),('充满�爱'),('爱�交织');
+SET GLOBAL innodb_ft_aux_table="test/articles";
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+爱�交织	4	4	1	4	0
+充满�爱	3	3	1	3	0
+怜香惜爱	2	2	1	2	0
+相亲相爱	1	1	1	1	0
+OPTIMIZE TABLE articles;
+Table	Op	Msg_type	Msg_text
+test.articles	optimize	status	OK
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+怜香惜爱	2	2	1	2	0
+充满�爱	3	3	1	3	0
+相亲相爱	1	1	1	1	0
+爱�交织	4	4	1	4	0
+DROP TABLE articles;
+SET GLOBAL innodb_ft_aux_table=@aux;
+SET GLOBAL INNODB_OPTIMIZE_FULLTEXT_ONLY=@optimize;
diff --git a/mysql-test/suite/innodb_fts/r/innodb_fts_proximity.result b/mysql-test/suite/innodb_fts/r/innodb_fts_proximity.result
index d67981e0..a53fca51 100644
--- a/mysql-test/suite/innodb_fts/r/innodb_fts_proximity.result
+++ b/mysql-test/suite/innodb_fts/r/innodb_fts_proximity.result
@@ -134,6 +134,7 @@ count(*)
 2
 DROP TABLE t1;
 set global innodb_file_per_table=1;
+set names utf8;
 CREATE TABLE t1 (
 id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
 a TEXT,
@@ -160,7 +161,7 @@ SELECT count(*) FROM t1
 WHERE MATCH (a,b,c)
 AGAINST ('"very blob"@4' IN BOOLEAN MODE);
 count(*)
-4
+5
 SELECT count(*) FROM t1
 WHERE MATCH (a,b,c)
 AGAINST ('"interesting blob"@9' IN BOOLEAN MODE);
@@ -175,7 +176,7 @@ SELECT COUNT(*) FROM t1
 WHERE MATCH (a,b,c)
 AGAINST ('"very blob"@4 - "interesting blob"@9' IN BOOLEAN MODE);
 COUNT(*)
-3
+4
 DROP TABLE t1;
 CREATE TABLE t1 (
 id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
diff --git a/mysql-test/suite/innodb_fts/r/limit_union.result b/mysql-test/suite/innodb_fts/r/limit_union.result
new file mode 100644
index 00000000..843d55d2
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/limit_union.result
@@ -0,0 +1,157 @@
+# Bug #22709692	FTS QUERY EXCEEDS RESULT CACHE LIMIT
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body),
+FULLTEXT (body))ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...'),
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+SET @default_cache_size = @@GLOBAL.query_cache_size;
+SET GLOBAL query_cache_size=0;
+# Query involves Ranking
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' IN NATURAL LANGUAGE MODE) LIMIT 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+# Without optimization
+SET @save_dbug = @@debug_dbug;
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' IN NATURAL LANGUAGE MODE) LIMIT 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+SET debug_dbug = @save_dbug;
+# Query involves No Ranking and fts_union operations
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+SET debug_dbug = @save_dbug;
+# Query involves No ranking and fts_union, fts_ignore
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL -YourSQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL -YourSQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+SET debug_dbug = @save_dbug;
+# Query with fts_intersect
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL +YourSQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+5	MySQL vs. YourSQL	In the following database comparison ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL +YourSQL' IN BOOLEAN MODE) limit 1;
+id	title	body
+5	MySQL vs. YourSQL	In the following database comparison ...
+SET debug_dbug = @save_dbug;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','request doc@oraclehelp.com ...'),
+('MySQL Tutorial','request support@oraclehelp.com ...'),
+('Trial version','query performace @1255 minute on 2.1Hz
+	  Memory 2GB...'),
+('when To Use MySQL Well','for free faq  mail@xyz.com ...');
+# Query with @distance
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('"MySQL request"@3' IN BOOLEAN MODE) limit 1;
+id	title	body
+7	MySQL Tutorial	request doc@oraclehelp.com ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('"MySQL request"@3' IN BOOLEAN MODE) limit 1;
+id	title	body
+7	MySQL Tutorial	request doc@oraclehelp.com ...
+SET debug_dbug = @save_dbug;
+# Query with subexpression
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('+MySQL +(-support +doc)' IN BOOLEAN MODE) limit 1;
+id	title	body
+7	MySQL Tutorial	request doc@oraclehelp.com ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('+MySQL +(-support +doc)' IN BOOLEAN MODE) limit 1;
+id	title	body
+7	MySQL Tutorial	request doc@oraclehelp.com ...
+SET debug_dbug = @save_dbug;
+# limit num1 OFFSET num2
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' in boolean mode) limit 4 offset 2;
+id	title	body
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('MySQL' in boolean mode) limit 4 offset 2;
+id	title	body
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+SET debug_dbug = @save_dbug;
+# wild card search
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('ru*' IN BOOLEAN MODE) limit 1;
+id	title	body
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('ru*' IN BOOLEAN MODE) limit 1;
+id	title	body
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+SET debug_dbug = @save_dbug;
+# phrase search
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('"request support"' IN BOOLEAN MODE) limit 1;
+id	title	body
+8	MySQL Tutorial	request support@oraclehelp.com ...
+# Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('"request support"' IN BOOLEAN MODE) limit 1;
+id	title	body
+8	MySQL Tutorial	request support@oraclehelp.com ...
+SET debug_dbug = @save_dbug;
+DROP TABLE articles;
+SET GLOBAL query_cache_size = @default_cache_size;
diff --git a/mysql-test/suite/innodb_fts/r/misc.result b/mysql-test/suite/innodb_fts/r/misc.result
new file mode 100644
index 00000000..684996fb
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/misc.result
@@ -0,0 +1,1878 @@
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `a` varchar(200) DEFAULT NULL,
+  `b` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  FULLTEXT KEY `idx` (`a`,`b`)
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+id
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST ("collections" WITH QUERY EXPANSION);
+id
+select id from t1 where MATCH(a,b) AGAINST ("indexes" WITH QUERY EXPANSION);
+id
+select id from t1 where MATCH(a,b) AGAINST ("indexes collections" WITH QUERY EXPANSION);
+id
+ALTER TABLE t1 DROP INDEX idx;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+id
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST ("collections" WITH QUERY EXPANSION);
+id
+select id from t1 where MATCH(a,b) AGAINST ("indexes" WITH QUERY EXPANSION);
+id
+select id from t1 where MATCH(a,b) AGAINST ("indexes collections" WITH QUERY EXPANSION);
+id
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+INSERT INTO t1 (a,b) VALUES
+('test proximity search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test proximity fts search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test more proximity fts search, test, more proximity and phrase',
+'search, with proximity innodb');
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@2' IN BOOLEAN MODE);
+id
+8
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@1' IN BOOLEAN MODE);
+id
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@3' IN BOOLEAN MODE);
+id
+8
+9
+10
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"test proximity"@3' IN BOOLEAN MODE);
+id
+8
+9
+10
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more test proximity"@3' IN BOOLEAN MODE);
+id
+10
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more test proximity"@2' IN BOOLEAN MODE);
+id
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more fts proximity"@02' IN BOOLEAN MODE);
+id
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+SELECT id FROM t1 WHERE id = (SELECT MAX(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE));
+id
+3
+SELECT id FROM t1 WHERE id = (SELECT MIN(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE));
+id
+1
+SELECT id FROM t1 WHERE id = (SELECT MIN(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) OR id = 3 ;
+id
+1
+3
+SELECT id FROM t1 WHERE CONCAT(t1.a,t1.b) IN (
+SELECT CONCAT(a,b) FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)
+) OR t1.id = 3 ;
+id
+1
+3
+SELECT id FROM t1 WHERE CONCAT(t1.a,t1.b) IN (
+SELECT CONCAT(a,b) FROM t1 AS t2 
+WHERE MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t2.id != 3) ;
+id
+1
+SELECT id FROM t1 WHERE id IN (SELECT MIN(id) FROM t1 WHERE 
+MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) OR id = 3 ;
+id
+1
+3
+SELECT id FROM t1 WHERE id NOT IN (SELECT MIN(id) FROM t1 
+WHERE MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) ;
+id
+2
+3
+4
+5
+6
+SELECT id FROM t1 WHERE EXISTS (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t1.id = t2.id) ;
+id
+1
+3
+SELECT id FROM t1 WHERE NOT EXISTS (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t1.id = t2.id) ;
+id
+2
+4
+5
+6
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT ,
+FULLTEXT (a,b)
+) ENGINE = InnoDB;
+INSERT INTO t1(a,b) VALUES('MySQL has now support', 'for full-text search'),
+('Full-text indexes', 'are called collections'),
+('Only MyISAM tables','support collections'),
+('Function MATCH ... AGAINST()','is used to do a search'),
+('Full-text search in MySQL', 'implements vector space model');
+SELECT id FROM t1 WHERE t1.id = (SELECT MAX(t2.id) FROM t1 AS t2 WHERE 
+MATCH(t2.a,t2.b) AGAINST("+support +collections" IN BOOLEAN MODE));
+id
+3
+SELECT id FROM t1 WHERE t1.id != (SELECT MIN(t2.id) FROM t1 AS t2 WHERE 
+MATCH(t2.a,t2.b) AGAINST("+search" IN BOOLEAN MODE));
+id
+2
+3
+4
+5
+SELECT id FROM t1 WHERE t1.id IN (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ("+call* +coll*" IN BOOLEAN MODE));
+id
+2
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE 
+MATCH t2.a,t2.b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE) AND t2.id=t1.id);
+id
+1
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+INSERT INTO t1 (a,b) VALUES
+('test proximity search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test proximity fts search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test more proximity fts search, test, more proximity and phrase',
+'search, with proximity innodb');
+SELECT id FROM t1 WHERE t1.id = (SELECT MAX(t2.id) FROM t1 AS t2 WHERE
+MATCH(t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+id
+7
+SELECT id FROM t1 WHERE t1.id > (SELECT MIN(t2.id) FROM t1 AS t2 WHERE
+MATCH(t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+id
+8
+9
+SELECT id FROM t1 WHERE t1.id IN (SELECT t2.id FROM t1 AS t2 WHERE
+MATCH (t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+id
+7
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"proximity search"@2' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+id
+7
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"more test proximity"@3' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+id
+9
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"more test proximity"@2' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+id
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST ('support') ;
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `id` int(10) unsigned NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT id FROM t2;
+id
+1
+3
+DROP TABLE t2;
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST("+support +collections" IN BOOLEAN MODE);
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `id` int(10) unsigned NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT id FROM t2;
+id
+3
+DROP TABLE t2;
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST ('"proximity search"@10' IN BOOLEAN MODE);
+SHOW CREATE TABLE t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `id` int(10) unsigned NOT NULL DEFAULT 0
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT id FROM t2;
+id
+7
+8
+9
+DROP TABLE t2;
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+INSERT INTO t1 (a,b) VALUES
+('MySQL from Tutorial','DBMS stands for DataBase ...');
+INSERT INTO t1 (a,b) VALUES
+('when To Use MySQL Well','After that you went through a ...');
+INSERT INTO t1 (a,b) VALUES
+('where will Optimizing MySQL','what In this tutorial we will show ...');
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL null...');
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+106
+SELECT COUNT(*) FROM t1 WHERE a IS NULL;
+COUNT(*)
+100
+SELECT COUNT(*) FROM t1 WHERE b IS NOT NULL;
+COUNT(*)
+6
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+103
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST (NULL IN NATURAL LANGUAGE MODE);
+id
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST (NULL WITH QUERY EXPANSION);
+id
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('null' IN NATURAL LANGUAGE MODE);
+id
+106
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE);
+id
+106
+1
+52
+103
+104
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE) AND (a IS NOT NULL OR b IS NOT NULL);
+id
+106
+1
+52
+103
+104
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE) AND (a IS NULL AND b IS NOT NULL);
+id
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('DBMS Security' IN BOOLEAN MODE);
+id
+1
+106
+SELECT COUNT(*) FROM t1
+WHERE MATCH (a,b)
+AGAINST ('database' WITH QUERY EXPANSION);
+COUNT(*)
+6
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"following database"@10' IN BOOLEAN MODE);
+id
+105
+DROP TABLE t1;
+drop table if exists t50;
+set names utf8;
+"----------Test1---------"
+create table t50 (s1 varchar(60) character set utf8 collate utf8_bin) engine = innodb;
+create fulltext index i on t50 (s1);
+insert into t50 values ('ABCDE'),('FGHIJ'),('KLMNO'),('V�ƷWİ');
+select * from t50 where match(s1) against ('V�ƷWİ');
+s1
+V�ƷWİ
+drop table t50;
+"----------Test2---------"
+create table t50 (s1 int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCDE');
+select * from t50 order by s2;
+s1	s2
+4	ABCDE
+1	FGHIJ
+2	KLMNO
+3	V�ƷWİ
+drop table t50;
+"----------Test3---------"
+create table t50 (id int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCDE');
+set @@autocommit=0;
+update t50 set s2 = lower(s2);
+update t50 set s2 = upper(s2);
+commit;
+select * from t50 where match(s2) against ('V�ƷWİ FGHIJ KLMNO ABCDE' in boolean mode);
+id	s2
+1	FGHIJ
+2	KLMNO
+3	V�ƷWI
+4	ABCDE
+select * from t50;
+id	s2
+1	FGHIJ
+2	KLMNO
+3	V�ƷWI
+4	ABCDE
+drop table t50;
+set @@autocommit=1;
+"----------Test4---------"
+create table t50 (id int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCD*');
+select * from t50 where match(s2) against ('abcd*' in natural language
+mode);
+id	s2
+4	ABCD*
+select * from t50 where match(s2) against ('abcd*' in boolean mode);
+id	s2
+4	ABCD*
+drop table t50;
+"----------Test5---------"
+create table t50 (s1 int, s2 varchar(200), fulltext key(s2)) engine = innodb;
+set @@autocommit=0;
+insert into t50 values (1,'Sunshine'),(2,'Lollipops');
+select * from t50 where match(s2) against('Rainbows');
+s1	s2
+rollback;
+select * from t50;
+s1	s2
+drop table t50;
+set @@autocommit=1;
+"----------Test6---------"
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('aab` MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('aas How To Use MySQL Well','After you went through a ...'),
+('aac Optimizing MySQL','In this tutorial we will show ...');
+INSERT INTO t1 (a,b) VALUES
+('aac 1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('aab MySQL vs. YourSQL','In the following database comparison ...'),
+('aaa MySQL Security','When configured properly, MySQL ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+SELECT * FROM t1 ORDER BY MATCH(a,b) AGAINST ('aac') DESC;
+id	a	b
+3	aac Optimizing MySQL	In this tutorial we will show ...
+4	aac 1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+1	aab` MySQL Tutorial	DBMS stands for DataBase ...
+2	aas How To Use MySQL Well	After you went through a ...
+5	aab MySQL vs. YourSQL	In the following database comparison ...
+6	aaa MySQL Security	When configured properly, MySQL ...
+SELECT * FROM t1 ORDER BY MATCH(a,b) AGAINST ('aab') DESC;
+id	a	b
+1	aab` MySQL Tutorial	DBMS stands for DataBase ...
+5	aab MySQL vs. YourSQL	In the following database comparison ...
+2	aas How To Use MySQL Well	After you went through a ...
+3	aac Optimizing MySQL	In this tutorial we will show ...
+4	aac 1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+6	aaa MySQL Security	When configured properly, MySQL ...
+"----------Test7---------"
+select * from t1 where match(a,b) against ('aaa')
+union select * from t1 where match(a,b) against ('aab')
+union select * from t1 where match(a,b) against ('aac');
+id	a	b
+6	aaa MySQL Security	When configured properly, MySQL ...
+1	aab` MySQL Tutorial	DBMS stands for DataBase ...
+5	aab MySQL vs. YourSQL	In the following database comparison ...
+3	aac Optimizing MySQL	In this tutorial we will show ...
+4	aac 1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+select * from t1 where match(a,b) against ('aaa')
+or    match(a,b) against ('aab')
+or    match(a,b) against ('aac');
+id	a	b
+1	aab` MySQL Tutorial	DBMS stands for DataBase ...
+3	aac Optimizing MySQL	In this tutorial we will show ...
+4	aac 1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	aab MySQL vs. YourSQL	In the following database comparison ...
+6	aaa MySQL Security	When configured properly, MySQL ...
+DROP TABLE t1;
+"----------Test8---------"
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ... abcd')  ,
+('How To Use MySQL Well','After you went through a q ...abdd'),
+('Optimizing MySQL','In this tutorial we will show ...abed');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `a` varchar(200) DEFAULT NULL,
+  `b` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  FULLTEXT KEY `idx` (`a`,`b`)
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. q ...'),
+('MySQL vs. YourSQL use','In the following database comparison ...'),
+('MySQL Security','When run configured properly, MySQL ...');
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run');
+id	a	b
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. q ...
+6	MySQL Security	When run configured properly, MySQL ...
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('use');
+id	a	b
+2	How To Use MySQL Well	After you went through a q ...abdd
+5	MySQL vs. YourSQL use	In the following database comparison ...
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('went');
+id	a	b
+2	How To Use MySQL Well	After you went through a q ...abdd
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run') AND NOT MATCH(a,b) AGAINST ('q');
+id	a	b
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. q ...
+6	MySQL Security	When run configured properly, MySQL ...
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('use') AND NOT MATCH(a,b) AGAINST ('q');
+id	a	b
+2	How To Use MySQL Well	After you went through a q ...abdd
+5	MySQL vs. YourSQL use	In the following database comparison ...
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('went') AND NOT MATCH(a,b) AGAINST ('q');
+id	a	b
+2	How To Use MySQL Well	After you went through a q ...abdd
+"----------Test9---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE=MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+SET @x = (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('use'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('went'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x2 = (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('use'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('went'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('run'));
+SELECT @x, @x2;
+@x	@x2
+7	0
+DROP TABLE t2;
+"----------Test10---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE=MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+COUNT(*)
+1
+SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+COUNT(*)
+1
+DROP TABLE t2;
+"----------Test11---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE = MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+ALTER TABLE t2 ENGINE=InnoDB;
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run');
+id	a	b
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. q ...
+6	MySQL Security	When run configured properly, MySQL ...
+SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+COUNT(*)
+1
+DROP TABLE t2,t1;
+"----------Test13---------"
+set names utf8;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200) CHARACTER SET UTF8 COLLATE UTF8_SPANISH_CI) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1 (s2);
+INSERT INTO t1 VALUES (1,'aaCen'),(2,'aaCha'),(3,'aaCio'),(4,'aaçen'),(5,'aaçha'),(6,'aaçio');
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('aach*' IN BOOLEAN MODE);
+s1	s2
+2	aaCha
+5	aaçha
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('aaC*' IN BOOLEAN MODE);
+s1	s2
+1	aaCen
+2	aaCha
+3	aaCio
+4	aaçen
+5	aaçha
+6	aaçio
+DROP TABLE t1;
+"----------Test14---------"
+CREATE TABLE t1(s1 INT , s2 VARCHAR(100) CHARACTER SET sjis) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1 (s2);
+INSERT INTO t1 VALUES (1,'ペペペ'),(2,'テテテ'),(3,'ルルル'),(4,'グググ');
+DROP TABLE t1;
+"----------Test15---------"
+CREATE TABLE t1 (s1 VARCHAR (60) CHARACTER SET UTF8 COLLATE UTF8_UNICODE_520_CI) ENGINE = MyISAM;
+CREATE FULLTEXT INDEX i ON t1 (s1);
+INSERT INTO t1 VALUES
+('a'),('b'),('c'),('d'),('����'),('LLLL'),(NULL),('���� ����'),('LLLLLLLL');
+SELECT * FROM t1 WHERE MATCH(s1) AGAINST ('LLLL' COLLATE UTF8_UNICODE_520_CI);
+s1
+����
+LLLL
+���� ����
+DROP TABLE if EXISTS t2;
+Warnings:
+Note	1051	Unknown table 'test.t2'
+CREATE TABLE t2 (s1 VARCHAR(60) CHARACTER SET UTF8 COLLATE UTF8_POLISH_CI) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t2 ( s1);
+INSERT INTO t2 VALUES
+('a'),('b'),('c'),('d'),('����'),('LLLL'),(NULL),('���� ����'),('LLLLLLLL');
+SELECT * FROM t2 WHERE MATCH(s1) AGAINST ('LLLL' COLLATE UTF8_UNICODE_520_CI);
+s1
+LLLL
+DROP TABLE t1,t2;
+"----------Test16---------"
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(50) CHARACTER SET UTF8) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1(s2);
+INSERT INTO t1 VALUES (2, 'ğė Daśi      p          ');
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('+p +"ğė Daśi*"' IN BOOLEAN MODE);
+s1	s2
+DROP TABLE t1;
+"----------Test19---------"
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8) ENGINE = InnoDB;
+INSERT INTO t1 VALUES (1,'İóëɠ');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+SELECT * FROM t1 WHERE MATCH(char_column) AGAINST ('"İóëɠ"' IN BOOLEAN MODE);
+id	char_column
+1	İóëɠ
+DROP TABLE t1;
+"----------Test20---------"
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF32, char_column2 VARCHAR(60) character set utf8) ENGINE = InnoDB;
+INSERT INTO t1 (char_column) VALUES ('abcde'),('fghij'),('klmno'),('qrstu');
+UPDATE t1 SET char_column2 = char_column;
+CREATE FULLTEXT INDEX i ON t1 (char_column2);
+SELECT * FROM t1 WHERE MATCH(char_column) AGAINST ('abc*' IN BOOLEAN MODE);
+ERROR HY000: Can't find FULLTEXT index matching the column list
+DROP TABLE t1;
+"----------Test22---------"
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8) ENGINE = InnoDB;
+INSERT INTO t1 VALUES (1,'aaa'),(2,'bbb'),(3,'ccc');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+HANDLER t1 OPEN;
+HANDLER t1 READ i = ('aaa');
+ERROR HY000: FULLTEXT index `i` does not support this operation
+DROP TABLE t1;
+"----------Test25---------"
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8 COLLATE UTF8_CROATIAN_CI) ENGINE=InnoDB;
+INSERT INTO t1 VALUES (1,'LJin'),(2,'ljin'),(3,'lmin'),(4,'LJLJLJLJLJ');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+SELECT count(*) FROM t1 WHERE MATCH (char_column) AGAINST ('lj*' IN BOOLEAN MODE);
+count(*)
+3
+DROP TABLE t1;
+"----------Test27---------"
+CREATE TABLE t1 (id INT,char_column VARCHAR(60)) ENGINE=InnoDB;
+SET @@autocommit=0;
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+INSERT INTO t1 values (1,'aaa');
+"restart server..."
+# Restart the server
+--source include/restart_mysqld.inc
+DELETE FROM t1 WHERE MATCH(char_column) AGAINST ('bbb')
+SET @@autocommit=1;
+DROP TABLE t1;
+"----------Test28---------"
+drop table if exists `fts_test`;
+Warnings:
+Note	1051	Unknown table 'test.fts_test'
+create table `fts_test`(`a` text,fulltext key(`a`))engine=innodb;
+set session autocommit=0;
+insert into `fts_test` values ('');
+savepoint `b`;
+savepoint `b`;
+set session autocommit=1;
+DROP TABLE fts_test;
+"----------Test29---------"
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...');
+start transaction;
+INSERT INTO articles (title,body) VALUES 
+('How To Use MySQL Well','After you went through a ...');
+savepoint `a1`;
+INSERT INTO articles (title,body) VALUES
+('Optimizing MySQL','In this tutorial we will show ...');
+savepoint `a2`;
+INSERT INTO articles (title,body) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...');
+savepoint `a3`;
+INSERT INTO articles (title,body) VALUES
+('MySQL vs. YourSQL','In the following database comparison ...');
+savepoint `a4`;
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+rollback to savepoint a3;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+INSERT INTO articles (title,body) VALUES
+('MySQL Security','When configured properly, MySQL ...');
+savepoint `a5`;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+MySQL Security	When configured properly, MySQL ...
+rollback to savepoint a2;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+commit;
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+3	Optimizing MySQL	In this tutorial we will show ...
+DROP TABLE articles;
+"----------Test30---------"
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...');
+start transaction;
+INSERT INTO articles (title,body) VALUES 
+('How To Use MySQL Well','After you went through a ...');
+savepoint `a1`;
+INSERT INTO articles (title,body) VALUES
+('Optimizing MySQL','In this tutorial we will show ...');
+savepoint `a2`;
+INSERT INTO articles (title,body) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...');
+savepoint `a3`;
+INSERT INTO articles (title,body) VALUES
+('MySQL vs. YourSQL','In the following database comparison ...');
+savepoint `a4`;
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+rollback to savepoint a3;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+INSERT INTO articles (title,body) VALUES
+('MySQL Security','When configured properly, MySQL ...');
+savepoint `a5`;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+MySQL Security	When configured properly, MySQL ...
+rollback to savepoint a2;
+select title, body from articles;
+title	body
+MySQL Tutorial	DBMS stands for DataBase ...
+How To Use MySQL Well	After you went through a ...
+Optimizing MySQL	In this tutorial we will show ...
+rollback;
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+SELECT * FROM articles
+WHERE MATCH (title,body)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+DROP TABLE articles;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+ANALYZE TABLE articles;
+SELECT *,  MATCH(title, body) AGAINST ('-database +MySQL' IN BOOLEAN MODE) AS score from articles;
+id	title	body	score
+1	MySQL Tutorial	DBMS stands for DataBase ...	0
+2	How To Use MySQL Well	After you went through a ...	0.000000001885928302414186
+3	Optimizing MySQL	In this tutorial we will show ...	0.000000001885928302414186
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...	0.000000001885928302414186
+5	MySQL vs. YourSQL	In the following database comparison ...	0
+6	MySQL Security	When configured properly, MySQL ...	0.000000003771856604828372
+SELECT *, MATCH(title, body) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score  FROM articles;
+id	title	body	score
+1	MySQL Tutorial	DBMS stands for DataBase ...	0
+2	How To Use MySQL Well	After you went through a ...	0.000000001885928302414186
+3	Optimizing MySQL	In this tutorial we will show ...	0.000000001885928302414186
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...	0.000000001885928302414186
+5	MySQL vs. YourSQL	In the following database comparison ...	0
+6	MySQL Security	When configured properly, MySQL ...	0.000000003771856604828372
+SELECT * FROM articles where  MATCH(title, body) AGAINST ('MySQL - (database - tutorial)' IN BOOLEAN MODE);
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+1	MySQL Tutorial	DBMS stands for DataBase ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+SELECT * FROM articles where MATCH(title, body) AGAINST ('MySQL - (- tutorial database)' IN BOOLEAN MODE);
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+1	MySQL Tutorial	DBMS stands for DataBase ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+SELECT * FROM articles where MATCH(title, body) AGAINST ('MySQL - (- tutorial database) -Tricks' IN BOOLEAN MODE);
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+1	MySQL Tutorial	DBMS stands for DataBase ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM articles where MATCH(title, body) AGAINST ('-Tricks MySQL - (- tutorial database)' IN BOOLEAN MODE);
+id	title	body
+6	MySQL Security	When configured properly, MySQL ...
+1	MySQL Tutorial	DBMS stands for DataBase ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+DROP TABLE articles;
+drop table if exists t1;
+Warnings:
+Note	1051	Unknown table 'test.t1'
+create table t1 (FTS_DOC_ID bigint unsigned auto_increment not null primary key,
+title varchar(200),body text,fulltext(title,body)) engine=innodb;
+insert into t1 set body='test';
+select * from t1 where match(title,body) against('%test');
+FTS_DOC_ID	title	body
+1	NULL	test
+select * from t1 where match(title,body) against('%');
+FTS_DOC_ID	title	body
+select * from t1 where match(title,body) against('%%%%');
+FTS_DOC_ID	title	body
+drop table t1;
+CREATE DATABASE `benu database`;
+USE `benu database`;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `a` varchar(200) DEFAULT NULL,
+  `b` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  FULLTEXT KEY `idx` (`a`,`b`)
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+id
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+4	0
+5	0
+6	0
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+id
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+id
+DROP DATABASE `benu database`;
+USE test;
+CREATE TABLE `t21` (`a` text, `b` int not null,
+fulltext key (`a`), fulltext key (`a`)
+) ENGINE=INNODB DEFAULT CHARSET=LATIN1;
+Warnings:
+Note	1831	Duplicate index `a_2`. This is deprecated and will be disallowed in a future release
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`), ALGORITHM=INPLACE;
+ERROR 0A000: ALGORITHM=INPLACE is not supported. Reason: InnoDB presently supports one FULLTEXT index creation at a time. Try ALGORITHM=COPY
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`);
+DROP TABLE t21;
+CREATE TABLE `t21` (`a` text, `b` int not null,
+fulltext key (`a`)) ENGINE=INNODB DEFAULT CHARSET=LATIN1;
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`);
+DROP TABLE t21;
+CREATE TABLE t1 (
+id INT NOT NULL,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 VALUES
+(1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+(2, 'How To Use MySQL Well','After you went through a ...'),
+(3, 'Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+ALTER  TABLE t1 ADD UNIQUE INDEX (`id`);
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+id
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+id	x
+1	0
+2	0
+3	0
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT NOT NULL,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 VALUES
+(1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+(2, 'How To Use MySQL Well','After you went through a ...'),
+(3, 'Optimizing MySQL','In this tutorial we will show ...');
+ALTER  TABLE t1 ADD UNIQUE INDEX (`id`), ADD FULLTEXT INDEX idx (a,b);
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id
+1
+3
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+id
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+id
+DROP TABLE t1;
+CREATE TABLE t1 (
+FTS_DOC_ID BIGINT UNSIGNED NOT NULL,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 VALUES
+(1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+(2, 'How To Use MySQL Well','After you went through a ...'),
+(3, 'Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+ALTER  TABLE t1 ADD UNIQUE INDEX (`FTS_DOC_ID`);
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+FTS_DOC_ID
+1
+3
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+FTS_DOC_ID	x
+1	0
+2	0
+3	0
+DROP TABLE t1;
+CREATE TABLE t1 (
+FTS_DOC_ID BIGINT UNSIGNED NOT NULL,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 VALUES
+(1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+(2, 'How To Use MySQL Well','After you went through a ...'),
+(3, 'Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b), ADD UNIQUE INDEX FTS_DOC_ID_INDEX (FTS_DOC_ID);
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+FTS_DOC_ID
+1
+3
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+FTS_DOC_ID
+select FTS_DOC_ID, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+FTS_DOC_ID	x
+1	0
+2	0
+3	0
+DROP TABLE t1;
+CREATE TABLE t2 (`b` char(2),fulltext(`b`)) ENGINE=INNODB
+DEFAULT CHARSET=LATIN1;
+CREATE TABLE t3 LIKE t2;
+INSERT INTO `t2` VALUES();
+COMMIT WORK AND CHAIN;
+INSERT  INTO `t3` VALUES ();
+UPDATE  `t2` SET `b` = 'a';
+SAVEPOINT BATCH1;
+DROP TABLE t2;
+DROP TABLE t3;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+COMMIT WORK AND CHAIN;
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+SAVEPOINT BATCH1;
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('MySQL' IN NATURAL LANGUAGE MODE);
+id
+1
+2
+3
+INSERT INTO t1 (a,b) VALUES
+('1002 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+ROLLBACK TO SAVEPOINT BATCH1;
+COMMIT;
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('MySQL' IN NATURAL LANGUAGE MODE);
+id
+6
+1
+2
+3
+4
+5
+DROP TABLE t1;
+CREATE TABLE `t` (`a` char(20) character set utf8 default null,
+fulltext key (`a`)) ENGINE=INNODB;
+INSERT INTO `t` VALUES ('a');
+INSERT INTO `t` VALUES ('aaa');
+SELECT MATCH(`a`) AGAINST (0x22dd22) FROM `t`;
+MATCH(`a`) AGAINST (0x22dd22)
+0
+0
+SELECT MATCH(`a`) AGAINST (0x2222) FROM `t`;
+MATCH(`a`) AGAINST (0x2222)
+0
+0
+SELECT MATCH(`a`) AGAINST (0x22) FROM `t`;
+MATCH(`a`) AGAINST (0x22)
+0
+0
+SELECT MATCH(`a`) AGAINST (0x2261616122) FROM `t`;
+MATCH(`a`) AGAINST (0x2261616122)
+0
+0.0906190574169159
+SELECT MATCH(`a`) AGAINST (0x2261dd6122) FROM `t`;
+MATCH(`a`) AGAINST (0x2261dd6122)
+0
+0
+SELECT MATCH(`a`) AGAINST (0x2261dd612222226122) FROM `t`;
+MATCH(`a`) AGAINST (0x2261dd612222226122)
+0
+0
+DROP TABLE t;
+CREATE TABLE t(a CHAR(1),FULLTEXT KEY(a)) ENGINE=INNODB;
+HANDLER t OPEN;
+HANDLER t READ a NEXT;
+a
+HANDLER t READ a PREV;
+a
+DROP TABLE t;
+CREATE TABLE `%`(a TEXT, FULLTEXT INDEX(a)) ENGINE=INNODB;
+CREATE TABLE `A B`(a TEXT, FULLTEXT INDEX(a)) ENGINE=INNODB;
+DROP TABLE `%`;
+DROP TABLE `A B`;
+CREATE TABLE `t-26`(a VARCHAR(10),FULLTEXT KEY(a)) ENGINE=INNODB;
+INSERT INTO `t-26` VALUES('117');
+DROP TABLE `t-26`;
+CREATE TABLE `t1` (
+`id` INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
+`content` TEXT NOT NULL,
+PRIMARY KEY (`id`),
+FULLTEXT INDEX `IDX_CONTEXT_FULLTEXT`(`content`)
+)
+ENGINE = InnoDB;
+insert into t1 (content)
+values
+('This is a story which has has a complicated phrase structure here in the
+middle'),
+('This is a story which doesn''t have that text'),
+('This is a story that has complicated the phrase structure');
+select * from t1
+where match(content) against('"complicated phrase structure"' in boolean
+mode);
+id	content
+1	This is a story which has has a complicated phrase structure here in the
+middle
+select * from t1
+where match(content) against('+"complicated phrase structure"' in boolean
+mode);
+id	content
+1	This is a story which has has a complicated phrase structure here in the
+middle
+select * from t1
+where match(content) against('"complicated the phrase structure"' in boolean
+mode);
+id	content
+3	This is a story that has complicated the phrase structure
+select * from t1 where match(content) against('+"this is a story which" +"complicated the phrase structure"' in boolean mode);
+id	content
+select * from t1 where match(content) against('"the complicated the phrase structure"' in boolean mode);
+id	content
+3	This is a story that has complicated the phrase structure
+select * from t1 where match(content) against('"complicated a phrase structure"' in boolean mode);
+id	content
+DROP TABLE t1;
+CREATE TABLE my (id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+c VARCHAR(32), FULLTEXT(c)) ENGINE = INNODB;
+INSERT INTO my (c) VALUES ('green-iguana');
+SELECT * FROM my WHERE MATCH(c) AGAINST ('green-iguana');
+id	c
+1	green-iguana
+DROP TABLE my;
+CREATE TABLE ift (
+`a` int(11) NOT NULL,
+`b` text,
+PRIMARY KEY (`a`),
+FULLTEXT KEY `b` (`b`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+INSERT INTO ift values (1, "skip");
+INSERT INTO ift values (2, "skip and networking");
+INSERT INTO ift values (3, "--skip-networking");
+INSERT INTO ift values (4, "-donot--skip-networking");
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('--skip-networking');
+a	b
+2	skip and networking
+3	--skip-networking
+4	-donot--skip-networking
+1	skip
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('skip-networking');
+a	b
+2	skip and networking
+3	--skip-networking
+4	-donot--skip-networking
+1	skip
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('----');
+a	b
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('-donot--skip-networking');
+a	b
+4	-donot--skip-networking
+2	skip and networking
+3	--skip-networking
+1	skip
+DROP TABLE ift;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('( that''s me )','When configured properly, MySQL ...');
+SELECT * FROM articles WHERE MATCH (title,body)
+AGAINST ('( yours''s* )' IN BOOLEAN MODE);
+id	title	body
+5	MySQL vs. YourSQL	In the following database comparison ...
+SELECT * FROM articles WHERE MATCH (title,body)
+AGAINST ('s*' IN BOOLEAN MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM articles WHERE MATCH (title,body)
+AGAINST ('stands\'] | * | show[@database' IN NATURAL LANGUAGE MODE);
+id	title	body
+1	MySQL Tutorial	DBMS stands for DataBase ...
+3	Optimizing MySQL	In this tutorial we will show ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+DROP TABLE articles;
+CREATE TABLE t1(a TEXT CHARACTER SET LATIN1, FULLTEXT INDEX(a)) ENGINE=INNODB;
+SELECT * FROM t1 WHERE MATCH(a) AGAINST("*");
+ERROR 42000: syntax error, unexpected $end, expecting FTS_TERM or FTS_NUMB or '*'
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+FULLTEXT (a)
+) ENGINE= InnoDB;
+INSERT INTO t1 (a) VALUES
+('Do you know MySQL is a good database'),
+('How to build a good database'),
+('Do you know'),
+('Do you know MySQL'),
+('How to use MySQL'),
+('Do you feel good'),
+('MySQL is good'),
+('MySQL is good to know'),
+('What is database');
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know mysql"' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql")' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('("know mysql" good)' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+2	How to build a good database
+6	Do you feel good
+7	MySQL is good
+8	MySQL is good to know
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql" good)' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+2	How to build a good database
+6	Do you feel good
+7	MySQL is good
+8	MySQL is good to know
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('(good "know mysql")' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+2	How to build a good database
+6	Do you feel good
+7	MySQL is good
+8	MySQL is good to know
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+(good "know mysql")' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+4	Do you know MySQL
+2	How to build a good database
+6	Do you feel good
+7	MySQL is good
+8	MySQL is good to know
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql" "good database")' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+2	How to build a good database
+4	Do you know MySQL
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know mysql" +"good database"' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know database"@4' IN BOOLEAN MODE);
+id	a
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know database"@8' IN BOOLEAN MODE);
+id	a
+1	Do you know MySQL is a good database
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+FULLTEXT (a)
+) ENGINE= InnoDB;
+INSERT INTO t1 (a) VALUES
+('know mysql good database');
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"good database"' IN BOOLEAN MODE);
+id	a
+1	know mysql good database
+DROP TABLE t1;
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES ('Test Article','blah blah
+blah'),("Matt's Noise",'this is noisy'),('February Weather','It was terrible
+this year.'),('Peter Pan','Tis a kids story.'),('Test1','nada'),('Database
+database database','foo database database database'),('Database article
+title','body with lots of words.'),('myfulltext database', 'my test fulltext
+database');
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+id	title	body
+6	Database
+database database	foo database database database
+8	myfulltext database	my test fulltext
+database
+7	Database article
+title	body with lots of words.
+1	Test Article	blah blah
+blah
+2	Matt's Noise	this is noisy
+3	February Weather	It was terrible
+this year.
+4	Peter Pan	Tis a kids story.
+5	Test1	nada
+DELETE from articles WHERE title like "myfulltext database";
+INSERT INTO articles (title,body) VALUES ('myfulltext database', 'my test fulltext database');
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+id	title	body
+6	Database
+database database	foo database database database
+9	myfulltext database	my test fulltext database
+7	Database article
+title	body with lots of words.
+1	Test Article	blah blah
+blah
+2	Matt's Noise	this is noisy
+3	February Weather	It was terrible
+this year.
+4	Peter Pan	Tis a kids story.
+5	Test1	nada
+DELETE from articles WHERE title like "myfulltext database";
+INSERT INTO articles (title,body) VALUES ('myfulltext database', 'my test fulltext database');
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+id	title	body
+6	Database
+database database	foo database database database
+10	myfulltext database	my test fulltext database
+7	Database article
+title	body with lots of words.
+1	Test Article	blah blah
+blah
+2	Matt's Noise	this is noisy
+3	February Weather	It was terrible
+this year.
+4	Peter Pan	Tis a kids story.
+5	Test1	nada
+DROP TABLE articles;
+CREATE TABLE t1(
+a TEXT CHARSET ujis COLLATE ujis_japanese_ci,
+b TEXT CHARSET utf8mb4 COLLATE utf8mb4_turkish_ci,
+c TEXT CHARSET eucjpms COLLATE eucjpms_bin,
+d TEXT CHARSET utf8mb4,
+FULLTEXT INDEX(a),
+FULLTEXT INDEX(b),
+FULLTEXT INDEX(c),
+FULLTEXT INDEX(d)
+) ENGINE = InnoDB;
+INSERT INTO t1 VALUES
+('myisam', 'myisam', 'myisam', 'myisam'),
+('innodb', 'innodb', 'innodb', 'innodb'),
+('innodb myisam', 'innodb myisam', 'innodb myisam', 'innodb myisam'),
+('memory', 'memory', 'memory', 'memory'),
+('archive', 'archive', 'archive', 'archive'),
+('federated', 'federated', 'federated', 'federated'),
+('storage engine innodb', 'storage engine innodb', 'storage engine innodb', 'storage engine innodb'),
+('storage engine myisam', 'storage engine myisam', 'storage engine myisam', 'storage engine myisam'),
+('innobase', 'innobase', 'innobase', 'innobase'),
+('myisam innodb', 'myisam innodb', 'myisam innodb', 'myisam innodb'),
+('innodb myisam engines', 'innodb myisam engines', 'innodb myisam engines', 'innodb myisam engines');
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', ' ', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '&', 0x00, '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '&', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '%', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+a
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+a
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+a
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+a
+innodb myisam
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+a
+innodb myisam
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+ERROR 42000: syntax error, unexpected FTS_TERM, expecting FTS_NUMB
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', ' ', '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '&', 0x00, '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, '&', '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '%', '"'));
+b
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+b
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+b
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+b
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+b
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+b
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+b
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+ERROR 42000: syntax error, unexpected FTS_TERM, expecting FTS_NUMB
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', ' ', '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '&', 0x00, '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, '&', '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '%', '"'));
+c
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+c
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+c
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+c
+innodb
+innodb myisam
+storage engine innodb
+myisam innodb
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+c
+innodb myisam
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+c
+innodb myisam
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+c
+innodb myisam
+myisam innodb
+innodb myisam engines
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+ERROR 42000: syntax error, unexpected FTS_TERM, expecting FTS_NUMB
+ALTER TABLE t1 ENGINE = MyISAM;
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', ' ', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '&', 0x00, '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '&', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '%', '"'));
+a
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+a
+innodb
+innodb myisam
+myisam innodb
+storage engine innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+a
+innodb
+innodb myisam
+myisam innodb
+storage engine innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+a
+innodb
+innodb myisam
+myisam innodb
+storage engine innodb
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+a
+innodb myisam
+myisam innodb
+innodb myisam engines
+myisam
+innodb
+storage engine innodb
+storage engine myisam
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+a
+innodb myisam
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+a
+innodb myisam
+innodb myisam engines
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+a
+DROP TABLE t1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+FULLTEXT (a)
+) ENGINE= InnoDB;
+INSERT INTO t1 (a) VALUES
+('know database'),('good database'), ('gmail email'), ('ghome windows');
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g *' IN NATURAL LANGUAGE MODE);
+id	a
+2	good database
+3	gmail email
+4	ghome windows
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+3	gmail email
+4	ghome windows
+2	good database
+1	know database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * k *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+1	know database
+3	gmail email
+4	ghome windows
+2	good database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * k * d *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+1	know database
+3	gmail email
+4	ghome windows
+2	good database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * go *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+2	good database
+3	gmail email
+4	ghome windows
+1	know database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * good' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+2	good database
+3	gmail email
+4	ghome windows
+1	know database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('gm * go *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+3	gmail email
+2	good database
+1	know database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('good *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+2	good database
+1	know database
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g* database' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+id	a
+1	know database
+2	good database
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_fts/r/misc_1.result b/mysql-test/suite/innodb_fts/r/misc_1.result
new file mode 100644
index 00000000..69a234fb
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/misc_1.result
@@ -0,0 +1,922 @@
+set names utf8;
+call mtr.add_suppression("\\[Warning\\] InnoDB: A new Doc ID must be supplied while updating FTS indexed columns.");
+call mtr.add_suppression("\\[Warning\\] InnoDB: FTS Doc ID must be larger than [0-9]+ for table `test`.`t1`");
+CREATE TABLE t1 (
+id1 INT ,
+a1 VARCHAR(200) ,
+b1 TEXT ,
+FULLTEXT KEY (a1,b1), PRIMARY KEY (a1, id1)
+) CHARACTER SET = utf8 , ENGINE = InnoDB;
+CREATE TABLE t2 (
+id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a2 VARCHAR(200),
+b2 TEXT ,
+FOREIGN KEY (a2) REFERENCES t1(a1) ON UPDATE CASCADE,
+FULLTEXT KEY (b2,a2)
+) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+INSERT INTO t1 (id1,a1,b1) VALUES
+(1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+(2,'How To Use MySQL Well','After you went through a ...'),
+(3,'Optimizing MySQL','In this tutorial we will show ...');
+INSERT INTO t1 (id1,a1,b1) VALUES
+(4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+(5,'MySQL vs. YourSQL','In the following database comparison ...'),
+(6,'MySQL Security','When configured properly, MySQL ...');
+INSERT INTO t2 (a2,b2) VALUES
+('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+INSERT INTO t2 (a2,b2) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+INSERT INTO t2 (a2,b2) VALUES
+('MySQL Tricks','1. Never run mysqld as root. 2. ...');
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`a2`) REFERENCES `t1` (`a1`) ON UPDATE CASCADE)
+DELETE FROM t1;
+ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`a2`) REFERENCES `t1` (`a1`) ON UPDATE CASCADE)
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	Engine-independent statistics collected
+test.t1	analyze	Warning	Engine-independent statistics are not collected for column 'b1'
+test.t1	analyze	status	OK
+ANALYZE TABLE t2;
+Table	Op	Msg_type	Msg_text
+test.t2	analyze	status	Engine-independent statistics collected
+test.t2	analyze	Warning	Engine-independent statistics are not collected for column 'b2'
+test.t2	analyze	status	OK
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial') ORDER BY id1;
+id1
+1
+3
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial') ORDER BY id2;
+id2
+1
+3
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id1;
+id1
+1
+2
+3
+4
+5
+6
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id2;
+id2
+1
+2
+3
+4
+5
+6
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id1;
+id1
+1
+2
+3
+4
+5
+6
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id2;
+id2
+1
+2
+3
+4
+5
+6
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+id1
+1
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+id2
+1
+set global innodb_optimize_fulltext_only=1;
+optimize table t1;
+Table	Op	Msg_type	Msg_text
+test.t1	optimize	status	OK
+set global innodb_optimize_fulltext_only=0;
+UPDATE t1 SET a1 = "changing column - on update cascade" , b1 = "to check foreign constraint" WHERE
+MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id1
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id2
+3
+6
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('+update +cascade' IN BOOLEAN MODE) ORDER BY id1;
+id1
+1
+2
+3
+4
+5
+6
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('+update +cascade' IN BOOLEAN MODE) ORDER BY id2;
+id2
+1
+2
+3
+4
+5
+6
+SELECT id2 FROM t2 WHERE a2 LIKE '%UPDATE CASCADE%' ORDER BY id2;
+id2
+1
+2
+3
+4
+5
+6
+DROP TABLE t2 , t1;
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+fulltext key(s2),
+foreign key (s1,s2) references t1 (s1,s2) on update cascade) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+update t1 set s2 = 'Rainbows' where s2 <> 'Sunshine';
+commit;
+select * from t2 where match(s2) against ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+fulltext key(s2),
+foreign key (s1,s2) references t1 (s1,s2) on delete cascade) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+delete from t1  where s2 <> 'Sunshine';
+select * from t2 where match(s2) against ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+fulltext key(s2),
+foreign key (s1,s2) references t1 (s1,s2) on delete set null) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+delete from t1 where s2 <> 'Sunshine';
+select * from t2 where match(s2) against ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+fulltext key(s2),
+foreign key (s1,s2) references t1 (s1,s2) on update set null) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+update t1 set s2 = 'Rainbows' where s2 <> 'Sunshine';
+commit;
+select * from t2 where match(s2) against ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+create table t1 (s1 bigint unsigned not null, s2 varchar(200),
+primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (FTS_DOC_ID BIGINT UNSIGNED NOT NULL, s2 varchar(200),
+foreign key (FTS_DOC_ID) references t1 (s1)
+on update cascade) ENGINE = InnoDB;
+create fulltext index idx on t2(s2);
+show create table t2;
+Table	Create Table
+t2	CREATE TABLE `t2` (
+  `FTS_DOC_ID` bigint(20) unsigned NOT NULL,
+  `s2` varchar(200) DEFAULT NULL,
+  KEY `FTS_DOC_ID` (`FTS_DOC_ID`),
+  FULLTEXT KEY `idx` (`s2`),
+  CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`FTS_DOC_ID`) REFERENCES `t1` (`s1`) ON UPDATE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+update t1 set s1 = 3 where s1=1;
+select * from t2 where match(s2) against ('sunshine');
+FTS_DOC_ID	s2
+3	Sunshine
+update t1 set s1 = 1 where s1=3;
+ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`FTS_DOC_ID`) REFERENCES `t1` (`s1`) ON UPDATE CASCADE)
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (
+id1 INT ,
+a1 VARCHAR(200) PRIMARY KEY,
+b1 TEXT character set utf8 ,
+FULLTEXT KEY (a1,b1)
+) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+CREATE TABLE t2 (
+id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a2 VARCHAR(200),
+b2 TEXT character set utf8 ,
+FOREIGN KEY (a2) REFERENCES t1(a1) ON DELETE CASCADE,
+FULLTEXT KEY (b2,a2)
+) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+INSERT INTO t1 (id1,a1,b1) VALUES
+(1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+(2,'How To Use MySQL Well','After you went through a ...'),
+(3,'Optimizing MySQL','In this tutorial we will show ...'),
+(4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+(5,'MySQL vs. YourSQL','In the following database comparison ...'),
+(6,'MySQL Security','When configured properly, MySQL ...');
+INSERT INTO t2 (a2,b2) VALUES
+('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+DELETE FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id2	a2	b2
+SELECT * FROM t1 WHERE a1 LIKE '%tutorial%';
+id1	a1	b1
+SELECT * FROM t2 WHERE a2 LIKE '%tutorial%';
+id2	a2	b2
+DROP TABLE t2 , t1;
+call mtr.add_suppression("\\[ERROR\\] InnoDB: FTS Doc ID must be larger than 3 for table `test`.`t2`");
+CREATE TABLE t1 (
+id1 INT ,
+a1 VARCHAR(200) ,
+b1 TEXT ,
+FULLTEXT KEY (a1,b1), PRIMARY KEY(a1, id1)
+) CHARACTER SET = utf8 , ENGINE = InnoDB;
+CREATE TABLE t2 (
+id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a2 VARCHAR(200),
+b2 TEXT ,
+FOREIGN KEY (a2) REFERENCES t1(a1) ON UPDATE CASCADE,
+FULLTEXT KEY (b2,a2)
+) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+INSERT INTO t1 (id1,a1,b1) VALUES
+(1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+(2,'How To Use MySQL Well','After you went through a ...'),
+(3,'Optimizing MySQL','In this tutorial we will show ...');
+INSERT INTO t2 (a2,b2) VALUES
+('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+START TRANSACTION;
+INSERT INTO t1 (id1,a1,b1) VALUES
+(4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+(5,'MySQL vs. YourSQL','In the following database comparison ...'),
+(6,'MySQL Security','When configured properly, MySQL ...');
+INSERT INTO t2 (a2,b2) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+INSERT INTO t2 (a2,b2) VALUES
+('MySQL Tricks','1. Never run mysqld as root. 2. ...');
+ERROR 23000: Cannot add or update a child row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`a2`) REFERENCES `t1` (`a1`) ON UPDATE CASCADE)
+DELETE FROM t1;
+ERROR 23000: Cannot delete or update a parent row: a foreign key constraint fails (`test`.`t2`, CONSTRAINT `t2_ibfk_1` FOREIGN KEY (`a2`) REFERENCES `t1` (`a1`) ON UPDATE CASCADE)
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial') ORDER BY id1;
+id1	a1	b1
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial') ORDER BY id2;
+id2	a2	b2
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id1;
+id1	a1	b1
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id2;
+id2	a2	b2
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id1;
+id1	a1	b1
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id2;
+id2	a2	b2
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+id1	a1	b1
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+id2	a2	b2
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('root') ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('root') ;
+id2	a2	b2
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('mysqld (+root)' IN BOOLEAN MODE) ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('mysqld (-root)' IN BOOLEAN MODE) ;
+id2	a2	b2
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('root' WITH QUERY EXPANSION) ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('root' WITH QUERY EXPANSION) ;
+id2	a2	b2
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('"database comparison"@02' IN BOOLEAN MODE) ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('"database comparison"@02' IN BOOLEAN MODE) ;
+id2	a2	b2
+SELECT * FROM t1 ORDER BY id1;
+id1	a1	b1
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+SELECT * FROM t2 ORDER BY id2;
+id2	a2	b2
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+COMMIT;
+START TRANSACTION;
+UPDATE t1 SET a1 = "changing column - on UPDATE cascade" , b1 = "to check foreign constraint" WHERE
+MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+COMMIT;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id1	a1	b1
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+id2	a2	b2
+3	changing column - on UPDATE cascade	In this tutorial we will show ...
+6	changing column - on UPDATE cascade	When configured properly, MySQL ...
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('+UPDATE +cascade' IN BOOLEAN MODE) ORDER BY id1;
+id1	a1	b1
+1	changing column - on UPDATE cascade	to check foreign constraint
+2	changing column - on UPDATE cascade	to check foreign constraint
+3	changing column - on UPDATE cascade	to check foreign constraint
+4	changing column - on UPDATE cascade	to check foreign constraint
+5	changing column - on UPDATE cascade	to check foreign constraint
+6	changing column - on UPDATE cascade	to check foreign constraint
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('+UPDATE +cascade' IN BOOLEAN MODE) ORDER BY id2;
+id2	a2	b2
+1	changing column - on UPDATE cascade	DBMS stands for DataBase V�ƷWİ...
+2	changing column - on UPDATE cascade	After you went through a ...
+3	changing column - on UPDATE cascade	In this tutorial we will show ...
+4	changing column - on UPDATE cascade	1. Never run mysqld as root. 2. ...
+5	changing column - on UPDATE cascade	In the following database comparison ...
+6	changing column - on UPDATE cascade	When configured properly, MySQL ...
+SELECT * FROM t2 WHERE a2 LIKE '%UPDATE CASCADE%' ORDER BY id2;
+id2	a2	b2
+1	changing column - on UPDATE cascade	DBMS stands for DataBase V�ƷWİ...
+2	changing column - on UPDATE cascade	After you went through a ...
+3	changing column - on UPDATE cascade	In this tutorial we will show ...
+4	changing column - on UPDATE cascade	1. Never run mysqld as root. 2. ...
+5	changing column - on UPDATE cascade	In the following database comparison ...
+6	changing column - on UPDATE cascade	When configured properly, MySQL ...
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1  WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1 WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1  WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1 WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+FULLTEXT KEY(s2),
+FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+s1	s2
+DROP TABLE t2 , t1;
+set global innodb_file_per_table=1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) CHARACTER SET = utf8, ROW_FORMAT=COMPRESSED, ENGINE = InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...');
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
+  `a` varchar(200) DEFAULT NULL,
+  `b` text DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  FULLTEXT KEY `idx` (`a`,`b`)
+) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci ROW_FORMAT=COMPRESSED
+SELECT count(*) FROM information_schema.innodb_sys_tables WHERE name LIKE "%FTS_%" AND space !=0;
+count(*)
+11
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+ANALYZE TABLE t1;
+SELECT * FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+3	Optimizing MySQL	In this tutorial we will show ...
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +V�ƷWİ" IN BOOLEAN MODE);
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+select * from t1 where MATCH(a,b) AGAINST("+-V�ƷWİ" IN BOOLEAN MODE);
+ERROR 42000: syntax error, unexpected '-'
+select * from t1 where MATCH(a,b) AGAINST("+Mysql +(tricks never)" IN BOOLEAN MODE);
+id	a	b
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+select * from t1 where MATCH(a,b) AGAINST("+mysql -(tricks never)" IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+select *, MATCH(a,b) AGAINST("mysql stands" IN BOOLEAN MODE) as x from t1 ORDER BY id;
+id	a	b	x
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...	0.6055193543434143
+2	How To Use MySQL Well	After you went through a ...	0.000000001885928302414186
+3	Optimizing MySQL	In this tutorial we will show ...	0.000000001885928302414186
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...	0.000000001885928302414186
+5	MySQL vs. YourSQL	In the following database comparison ...	0.000000001885928302414186
+6	MySQL Security	When configured properly, MySQL ...	0.000000003771856604828372
+select * from t1 where MATCH a,b AGAINST ("+database* +V�ƷW*" IN BOOLEAN MODE);
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+select * from t1 where MATCH a,b AGAINST ('"security mysql"' IN BOOLEAN MODE);
+id	a	b
+select * from t1 where MATCH(a,b) AGAINST ("V�ƷWİ" WITH QUERY EXPANSION) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+ALTER TABLE t1 DROP INDEX idx;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+SELECT * FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+3	Optimizing MySQL	In this tutorial we will show ...
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +V�ƷWİ" IN BOOLEAN MODE);
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+select * from t1 where MATCH(a,b) AGAINST("+dbms" IN BOOLEAN MODE);
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+select * from t1 where MATCH(a,b) AGAINST("+Mysql +(tricks never)" IN BOOLEAN MODE);
+id	a	b
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+select * from t1 where MATCH(a,b) AGAINST("+mysql -(tricks never)" IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+select *, MATCH(a,b) AGAINST("mysql V�ƷWİ" IN BOOLEAN MODE) as x from t1 ORDER BY id;
+id	a	b	x
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...	0.6055193543434143
+2	How To Use MySQL Well	After you went through a ...	0.000000001885928302414186
+3	Optimizing MySQL	In this tutorial we will show ...	0.000000001885928302414186
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...	0.000000001885928302414186
+5	MySQL vs. YourSQL	In the following database comparison ...	0.000000001885928302414186
+6	MySQL Security	When configured properly, MySQL ...	0.000000003771856604828372
+select * from t1 where MATCH a,b AGAINST ('"security mysql"' IN BOOLEAN MODE);
+id	a	b
+select * from t1 where MATCH(a,b) AGAINST ("V�ƷWİ" WITH QUERY EXPANSION) ORDER BY id;
+id	a	b
+1	MySQL Tutorial	DBMS stands for DataBase V�ƷWİ...
+2	How To Use MySQL Well	After you went through a ...
+3	Optimizing MySQL	In this tutorial we will show ...
+4	1001 MySQL Tricks	1. Never run mysqld as root. 2. ...
+5	MySQL vs. YourSQL	In the following database comparison ...
+6	MySQL Security	When configured properly, MySQL ...
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+INSERT INTO t1 (a,b) VALUES
+('test proximity search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test proximity fts search, test, proximity and phrase',
+'search, with proximity innodb');
+INSERT INTO t1 (a,b) VALUES
+('test more proximity fts search, test, more proximity and phrase',
+'search, with proximity innodb');
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@2' IN BOOLEAN MODE);
+id	a	b
+8	test proximity search, test, proximity and phrase	search, with proximity innodb
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@1' IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"proximity search"@3' IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+8	test proximity search, test, proximity and phrase	search, with proximity innodb
+9	test proximity fts search, test, proximity and phrase	search, with proximity innodb
+10	test more proximity fts search, test, more proximity and phrase	search, with proximity innodb
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"test proximity"@5' IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+8	test proximity search, test, proximity and phrase	search, with proximity innodb
+9	test proximity fts search, test, proximity and phrase	search, with proximity innodb
+10	test more proximity fts search, test, more proximity and phrase	search, with proximity innodb
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more test proximity"@2' IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more test proximity"@3' IN BOOLEAN MODE);
+id	a	b
+10	test more proximity fts search, test, more proximity and phrase	search, with proximity innodb
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"more fts proximity"@03' IN BOOLEAN MODE);
+id	a	b
+10	test more proximity fts search, test, more proximity and phrase	search, with proximity innodb
+UPDATE t1 SET a = UPPER(a) , b = UPPER(b) ;
+UPDATE t1 SET a = UPPER(a) , b = LOWER(b) ;
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +dbms" IN BOOLEAN MODE);
+id	a	b
+1	MYSQL TUTORIAL	dbms stands for database vðʒwi...
+select * from t1 where MATCH(a,b) AGAINST("+V�ƷWİ" IN BOOLEAN MODE);
+id	a	b
+1	MYSQL TUTORIAL	dbms stands for database vðʒwi...
+SELECT * FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+id	a	b
+1	MYSQL TUTORIAL	dbms stands for database vðʒwi...
+3	OPTIMIZING MYSQL	in this tutorial we will show ...
+DELETE FROM t1 WHERE MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+DELETE FROM t1 WHERE MATCH (a,b) AGAINST ('"proximity search"@14' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+id	a	b
+SELECT * FROM t1 ORDER BY id;
+id	a	b
+2	HOW TO USE MYSQL WELL	after you went through a ...
+4	1001 MYSQL TRICKS	1. never run mysqld as root. 2. ...
+5	MYSQL VS. YOURSQL	in the following database comparison ...
+6	MYSQL SECURITY	when configured properly, mysql ...
+7	TEST QUERY EXPANSION	for database ...
+DROP TABLE t1;
+SET GLOBAL innodb_file_per_table=1;
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) CHARACTER SET = utf8, ENGINE=InnoDB;
+INSERT INTO t1 (a,b) VALUES
+('Я могу е�ть �текло', 'оно мне не вредит'),
+('Мога да �м �тъкло', 'то не ми вреди'),
+('Μπο�ῶ νὰ φάω σπασμένα' ,'γυαλιὰ χω�ὶς νὰ πάθω τίποτα'),
+('Příliš žluťou�ký kůň', 'úpěl �ábelské kódy'),
+('Sævör grét', 'áðan því úlpan var ónýt'),
+('�����や�','�����'),
+('�������　�り�る','���ゆ���　ゑ�も��');
+INSERT INTO t1 (a,b) VALUES
+('MySQL Tutorial','request docteam@oraclehelp.com ...')  ,
+('Trial version','query performace @1255 minute on 2.1Hz Memory 2GB...')  ,
+('when To Use MySQL Well','for free faq  mail@xyz.com ...');
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("вредит χω�ὶς") ORDER BY id;
+id	a	b
+1	Я могу е�ть �текло	оно мне не вредит
+3	Μπο�ῶ νὰ φάω σπασμένα	γυαλιὰ χω�ὶς νὰ πάθω τίποτα
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("оно" WITH QUERY EXPANSION);
+id	a	b
+1	Я могу е�ть �текло	оно мне не вредит
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("вред*" IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+1	Я могу е�ть �текло	оно мне не вредит
+2	Мога да �м �тъкло	то не ми вреди
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+γυαλιὰ +tutorial" IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+tutorial +(Мога τίποτα)" IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ���　ゑ�も��");
+id	a	b
+7	�������　�り�る	���ゆ���　ゑ�も��
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("�り�る" WITH QUERY EXPANSION);
+id	a	b
+7	�������　�り�る	���ゆ���　ゑ�も��
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("+���ゆ���　+ゑ�も��" IN BOOLEAN MODE);
+id	a	b
+7	�������　�り�る	���ゆ���　ゑ�も��
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("�����*" IN BOOLEAN MODE);
+id	a	b
+6	�����や�	�����
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+id	a	b
+5	Sævör grét	áðan því úlpan var ónýt
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"γυαλιὰ χω�ὶς"@2' IN BOOLEAN MODE);
+id	a	b
+3	Μπο�ῶ νὰ φάω σπασμένα	γυαλιὰ χω�ὶς νὰ πάθω τίποτα
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"query performace"@02' IN BOOLEAN MODE);
+id	a	b
+9	Trial version	query performace @1255 minute on 2.1Hz Memory 2GB...
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"πάθω τίποτα"@2' IN BOOLEAN MODE);
+id	a	b
+3	Μπο�ῶ νὰ φάω σπασμένα	γυαλιὰ χω�ὶς νὰ πάθω τίποτα
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"���ゆ��� ゑ�も��"@1' IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"���ゆ��� ゑ�も��"@2' IN BOOLEAN MODE);
+id	a	b
+7	�������　�り�る	���ゆ���　ゑ�も��
+ALTER TABLE t1 DROP INDEX idx;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ��� ゑ�も��");
+id	a	b
+7	�������　�り�る	���ゆ���　ゑ�も��
+UPDATE t1 SET a = "Pchnąć w tę łódź jeża" , b = "lub osiem skrzyń fig" WHERE MATCH(a,b) AGAINST ("���ゆ��� ゑ�も��");
+UPDATE t1 SET a = "В чащах юга жил-был цитру�? Да", b = "но фальшивый �кземпл�р! ёъ" WHERE MATCH(a,b) AGAINST ("вред*" IN BOOLEAN MODE);
+DELETE FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ���　ゑ�も��");
+id	a	b
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("łódź osiem");
+id	a	b
+7	Pchnąć w tę łódź jeża	lub osiem skrzyń fig
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("вред*" IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("фальшив*" IN BOOLEAN MODE) ORDER BY id;
+id	a	b
+1	В чащах юга жил-был цитру�? Да	но фальшивый �кземпл�р! ёъ
+2	В чащах юга жил-был цитру�? Да	но фальшивый �кземпл�р! ёъ
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+id	a	b
+SELECT * FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"łódź jeża"@2' IN BOOLEAN MODE);
+id	a	b
+7	Pchnąć w tę łódź jeża	lub osiem skrzyń fig
+SELECT * FROM t1 ORDER BY id;
+id	a	b
+1	В чащах юга жил-был цитру�? Да	но фальшивый �кземпл�р! ёъ
+2	В чащах юга жил-был цитру�? Да	но фальшивый �кземпл�р! ёъ
+3	Μπο�ῶ νὰ φάω σπασμένα	γυαλιὰ χω�ὶς νὰ πάθω τίποτα
+4	Příliš žluťou�ký kůň	úpěl �ábelské kódy
+6	�����や�	�����
+7	Pchnąć w tę łódź jeża	lub osiem skrzyń fig
+8	MySQL Tutorial	request docteam@oraclehelp.com ...
+9	Trial version	query performace @1255 minute on 2.1Hz Memory 2GB...
+10	when To Use MySQL Well	for free faq  mail@xyz.com ...
+DROP TABLE t1;
+CREATE TABLE t1(ID INT PRIMARY KEY,
+no_fts_field VARCHAR(10),
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+ID	no_fts_field	fts_field
+1	AAA	BBB
+UPDATE t1 SET fts_field='anychange' where id = 1;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+ID	no_fts_field	fts_field
+1	AAA	anychange
+UPDATE t1 SET no_fts_field='anychange' where id = 1;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+ID	no_fts_field	fts_field
+1	anychange	anychange
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where id = 1;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+ID	no_fts_field	fts_field
+1	anychange	other
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+ID	no_fts_field	fts_field
+DROP INDEX f on t1;
+UPDATE t1 SET fts_field='anychange' where id = 1;
+UPDATE t1 SET no_fts_field='anychange' where id = 1;
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where id = 1;
+CREATE FULLTEXT INDEX f ON t1(FTS_FIELD);
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+ID	no_fts_field	fts_field
+1	anychange	other
+DROP TABLE t1;
+CREATE TABLE t1(`FTS_DOC_ID` serial,
+no_fts_field VARCHAR(10),
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+UPDATE t1 SET fts_field='anychange' where FTS_DOC_ID = 1;
+ERROR HY000: Invalid InnoDB FTS Doc ID
+UPDATE t1 SET fts_field='anychange', FTS_DOC_ID = 2 where FTS_DOC_ID = 1;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+FTS_DOC_ID	no_fts_field	fts_field
+2	AAA	anychange
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+FTS_DOC_ID	no_fts_field	fts_field
+UPDATE t1 SET no_fts_field='anychange' where FTS_DOC_ID = 2;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+FTS_DOC_ID	no_fts_field	fts_field
+2	anychange	anychange
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where FTS_DOC_ID = 2;
+ERROR HY000: Invalid InnoDB FTS Doc ID
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+FTS_DOC_ID	no_fts_field	fts_field
+UPDATE t1 SET  FTS_DOC_ID = 1 where FTS_DOC_ID = 2;
+ERROR HY000: Invalid InnoDB FTS Doc ID
+DROP INDEX f ON t1;
+UPDATE t1 SET fts_field='newchange' where FTS_DOC_ID = 2;
+UPDATE t1 SET no_fts_field='anychange' where FTS_DOC_ID = 2;
+SELECT * FROM t1;
+FTS_DOC_ID	no_fts_field	fts_field
+2	anychange	newchange
+DROP TABLE t1;
+CREATE TABLE t1(ID INT PRIMARY KEY,
+no_fts_field VARCHAR(10),
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field), index k(fts_field)) ENGINE=INNODB;
+CREATE TABLE t2(ID INT PRIMARY KEY,
+no_fts_field VARCHAR(10),
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field),
+INDEX k2(fts_field),
+FOREIGN KEY(fts_field) REFERENCES
+t1(fts_field) ON UPDATE CASCADE) ENGINE=INNODB;
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+INSERT INTO t2 VALUES (1, 'AAA', 'BBB');
+update t1 set fts_field='newchange' where id =1;
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+ID	no_fts_field	fts_field
+SELECT * FROM t2 WHERE MATCH(fts_field) against("BBB");
+ID	no_fts_field	fts_field
+SELECT * FROM t1 WHERE MATCH(fts_field) against("newchange");
+ID	no_fts_field	fts_field
+1	AAA	newchange
+SELECT * FROM t2 WHERE MATCH(fts_field) against("newchange");
+ID	no_fts_field	fts_field
+1	AAA	newchange
+DROP TABLE t2;
+DROP TABLE t1;
+CREATE TABLE t1(id INT PRIMARY KEY,
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+CREATE TABLE t2(id INT PRIMARY KEY,
+fts_field VARCHAR(10),
+FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+INSERT INTO t1 values (1,'100'),(2,'200'),(3,'300'),(4,'400'),(5,'500'),(6,'600'), (7,'700'),(8,'800'),(9,'900'),(10,'1000'),(11,'1100'),(12,'1200');
+INSERT INTO t2 values (1,'100'),(2,'200'),(3,'300'),(4,'400'),(5,'500'),(6,'600'), (7,'700'),(8,'800');
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'foo');
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'foo') WHERE t1.fts_field = "100foo";
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'xoo'), t2.fts_field = CONCAT(t1.fts_field, 'xoo') where t1.fts_field=CONCAT(t2.fts_field, 'foo');
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100foofoo");
+id	fts_field
+1	100foofoo
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100foo");
+id	fts_field
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100");
+id	fts_field
+SELECT * FROM t2 WHERE MATCH(fts_field) against("400fooxoo");
+id	fts_field
+4	400fooxoo
+SELECT * FROM t2 WHERE MATCH(fts_field) against("100");
+id	fts_field
+1	100
+SELECT * FROM t2 WHERE MATCH(fts_field) against("200");
+id	fts_field
+SELECT * FROM t2 WHERE MATCH(fts_field) against("400");
+id	fts_field
+DROP TABLE t1;
+DROP TABLE t2;
+
+BUG#13701973/64274: MYSQL THREAD WAS SUSPENDED WHEN EXECUTE UPDATE QUERY
+
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+CREATE TABLE t1 (
+t1_id INT(10) UNSIGNED NOT NULL,
+t2_id INT(10) UNSIGNED DEFAULT NULL,
+PRIMARY KEY (t1_id),
+FOREIGN KEY (t2_id) REFERENCES t2 (t2_id)
+ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+CREATE TABLE t2 (
+t1_id INT(10) UNSIGNED NOT NULL,
+t2_id INT(10) UNSIGNED NOT NULL,
+t3_id INT(10) UNSIGNED NOT NULL,
+t4_id INT(10) UNSIGNED NOT NULL,
+PRIMARY KEY (t2_id),
+FOREIGN KEY (t1_id) REFERENCES t1 (t1_id),
+FOREIGN KEY (t3_id) REFERENCES t3 (t3_id)
+ON DELETE CASCADE ON UPDATE CASCADE,
+FOREIGN KEY (t4_id) REFERENCES t4 (t4_id)
+) ENGINE=InnoDB;
+CREATE TABLE t3 (
+t3_id INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
+payload char(3),
+PRIMARY KEY (t3_id)
+) ENGINE=InnoDB;
+INSERT INTO t3 VALUES (1, '100');
+CREATE TABLE t4 (
+t2_id INT(10) UNSIGNED DEFAULT NULL,
+t4_id INT(10) UNSIGNED NOT NULL,
+PRIMARY KEY (t4_id),
+FOREIGN KEY (t2_id) REFERENCES t2 (t2_id)
+ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+SET FOREIGN_KEY_CHECKS=1;
+UPDATE t3 SET payload='101' WHERE t3_id=1;
+SET FOREIGN_KEY_CHECKS=0;
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+DROP TABLE t4;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
diff --git a/mysql-test/suite/innodb_fts/r/opt.result b/mysql-test/suite/innodb_fts/r/opt.result
new file mode 100644
index 00000000..57375495
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/opt.result
@@ -0,0 +1,1654 @@
+CREATE TABLE wp(
+FTS_DOC_ID BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+title VARCHAR(255) NOT NULL DEFAULT '',
+text MEDIUMTEXT NOT NULL,
+dummy INTEGER,
+PRIMARY KEY (FTS_DOC_ID),
+UNIQUE KEY FTS_DOC_ID_INDEX (FTS_DOC_ID),
+FULLTEXT KEY idx (title,text)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+INSERT INTO wp (title, text) VALUES
+('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database to database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...');
+CREATE TABLE t1 (i INTEGER);
+INSERT INTO t1 SELECT FTS_DOC_ID FROM wp;
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+Table	Op	Msg_type	Msg_text
+test.t1	analyze	status	OK
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE wp;
+Table	Op	Msg_type	Msg_text
+test.wp	analyze	status	OK
+SELECT FTS_DOC_ID, title, MATCH(title, text) AGAINST ('database') AS score1,
+MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp;
+FTS_DOC_ID	title	score1	score2
+1	MySQL Tutorial	0.22764469683170319	0.000000003771856604828372
+2	How To Use MySQL Well	0	0.000000001885928302414186
+3	Optimizing MySQL	0	0.000000001885928302414186
+4	1001 MySQL Tricks	0	0.000000001885928302414186
+5	MySQL vs. YourSQL	0.45528939366340637	0.000000001885928302414186
+6	MySQL Security	0	0.000000003771856604828372
+No sorting for this query
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+No sorting for this query even if MATCH is part of an expression
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database') > 0.1
+ORDER BY score DESC;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+No sorting even if there are several MATCH expressions as long as the
+right one is used in ORDER BY
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score1,
+MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score1 DESC;
+title	score1	score2
+MySQL vs. YourSQL	0.45528939366340637	0.000000001885928302414186
+MySQL Tutorial	0.22764469683170319	0.000000003771856604828372
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+No Sorting since FT table is first table in query
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp, t1
+WHERE MATCH(title, text) AGAINST ('database') AND FTS_DOC_ID = t1.i
+ORDER BY score DESC;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+Sorting since there is no WHERE clause
+FLUSH STATUS;
+SELECT MATCH(title, text) AGAINST ('database'), title AS score
+FROM wp
+ORDER BY score DESC;
+MATCH(title, text) AGAINST ('database')	score
+0	1001 MySQL Tricks
+0	How To Use MySQL Well
+0	MySQL Security
+0	Optimizing MySQL
+0.22764469683170319	MySQL Tutorial
+0.45528939366340637	MySQL vs. YourSQL
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	6
+Sorting since ordering on multiple columns
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC, FTS_DOC_ID;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+Sorting since ordering is not descending
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score ASC;
+title	score
+MySQL Tutorial	0.22764469683170319
+MySQL vs. YourSQL	0.45528939366340637
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+Sorting because one is ordering on a different MATCH expression
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('mysql') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+title	score
+MySQL Tutorial	0.000000003771856604828372
+MySQL vs. YourSQL	0.000000001885928302414186
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+No sorting for this query
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+Revert to table scan and sorting for this query since not
+enough matching rows to satisfy LIMIT clause
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+Sorting since no LIMIT clause
+FLUSH STATUS;
+SELECT MATCH(title, text) AGAINST ('database') AS score, title
+FROM wp
+ORDER BY score DESC;
+score	title
+0	1001 MySQL Tricks
+0	How To Use MySQL Well
+0	MySQL Security
+0	Optimizing MySQL
+0.22764469683170319	MySQL Tutorial
+0.45528939366340637	MySQL vs. YourSQL
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	6
+Sorting since there is a WHERE clause
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE dummy IS NULL
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+Sorting since ordering is not on a simple MATCH expressions
+FLUSH STATUS;
+SELECT title, (MATCH(title, text) AGAINST ('database')) * 100 AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	45.52893936634064
+MySQL Tutorial	22.76446968317032
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+Variable_name	Value
+Sort_rows	2
+No ordinary handler accesses when only accessing FTS_DOC_ID and MATCH
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+docid	score
+5	0.45528939366340637
+1	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+Still no handler accesses when adding FTS_DOC_ID to WHERE clause
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database') AND FTS_DOC_ID > 2;
+docid	score
+5	0.45528939366340637
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+Still no handler accesses when ordering by MATCH expression
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score;
+docid	score
+1	0.22764469683170319
+5	0.45528939366340637
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	3
+Optimization is disabled when ordering on FTS_DOC_ID
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY 1 DESC;
+docid	score
+5	0.45528939366340637
+1	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+Optimization also work with several MATCH expressions
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score1,
+MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+docid	score1	score2
+5	0.45528939366340637	0.000000001885928302414186
+1	0.22764469683170319	0.000000003771856604828372
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+Optimization does not apply if sorting on a different MATCH expressions
+from the one used to access the
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score1,
+MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score2 DESC;
+docid	score1	score2
+1	0.22764469683170319	0.000000003771856604828372
+5	0.45528939366340637	0.000000001885928302414186
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	3
+FLUSH STATUS;
+Optimization does not apply for GROUP BY
+SET @save_mode = @@sql_mode;
+SET sql_mode = (select replace(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+GROUP BY score;
+FTS_DOC_ID	score
+1	0.22764469683170319
+5	0.45528939366340637
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	3
+SET sql_mode = @save_mode;
+No sorting and no table access with LIMIT clause and only information
+from FTS result
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+docid	score
+5	0.45528939366340637
+1	0.22764469683170319
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+If count optimization applies, EXPLAIN shows
+"Select tables optimized away."
+EXPLAIN SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+FLUSH STATUS;
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+COUNT(*)
+2
+Verify that there was no table access
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+Optimization applies also to COUNT(expr) as long as expr is not nullable
+EXPLAIN SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+COUNT(title)
+2
+Optimization does not apply if not a single table query.
+EXPLAIN SELECT count(*)
+FROM wp, t1
+WHERE MATCH(title, text) AGAINST ('database');
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	6	
+SELECT count(*)
+FROM wp, t1
+WHERE MATCH(title, text) AGAINST ('database');
+count(*)
+12
+Optimization does not apply if MATCH is part of an expression
+EXPLAIN SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+COUNT(title)
+2
+Optimization does not apply if MATCH is part of an expression
+EXPLAIN SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+COUNT(title)
+2
+Optimization does not apply if COUNT expression is nullable
+EXPLAIN SELECT COUNT(dummy)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+SELECT COUNT(dummy)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+COUNT(dummy)
+0
+FLUSH STATUS;
+SELECT MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score,
+title
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION)
+ORDER BY score DESC;
+score	title
+0.000000001885928302414186	1001 MySQL Tricks
+0.000000001885928302414186	How To Use MySQL Well
+0.000000003771856604828372	MySQL Security
+0.22764469683170319	Optimizing MySQL
+1.6663280725479126	MySQL Tutorial
+2.2718474864959717	MySQL vs. YourSQL
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	6
+Sort_scan	1
+FLUSH STATUS;
+SELECT title,
+MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	2.2718474864959717
+MySQL Tutorial	1.6663280725479126
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+docid	score
+5	2.2718474864959717
+1	1.6663280725479126
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+docid	score
+5	2.2718474864959717
+1	1.6663280725479126
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+EXPLAIN SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' WITH QUERY EXPANSION);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+FLUSH STATUS;
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' WITH QUERY EXPANSION);
+COUNT(*)
+6
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) score,
+title
+FROM wp
+WHERE MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE)
+ORDER BY score DESC;
+score	title
+0.000000001885928302414186	1001 MySQL Tricks
+0.000000001885928302414186	How To Use MySQL Well
+0.000000001885928302414186	Optimizing MySQL
+0.000000003771856604828372	MySQL Security
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	4
+Sort_scan	1
+FLUSH STATUS;
+SELECT MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) score,
+title
+FROM wp
+ORDER BY score DESC;
+score	title
+0	MySQL Tutorial
+0	MySQL vs. YourSQL
+0.000000001885928302414186	1001 MySQL Tricks
+0.000000001885928302414186	How To Use MySQL Well
+0.000000001885928302414186	Optimizing MySQL
+0.000000003771856604828372	MySQL Security
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	6
+Sort_scan	1
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('+MySQL -database');
+docid	score
+5	0
+1	0
+6	0.000000003771856604828372
+2	0.000000001885928302414186
+3	0.000000001885928302414186
+4	0.000000001885928302414186
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+docid	score
+6	0.000000003771856604828372
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	1
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	1
+Sort_scan	1
+EXPLAIN SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('+MySQL -database' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+FLUSH STATUS;
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('+MySQL -database' IN BOOLEAN MODE);
+COUNT(*)
+4
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT title,
+MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE)
+ORDER BY score DESC;
+title	score
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	1
+Sort_scan	1
+FLUSH STATUS;
+SELECT title,
+MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+title	score
+MySQL Tutorial	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	1
+Sort_scan	1
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5');
+docid	score
+1	0.22764469683170319
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+docid	score
+1	0.22764469683170319
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	1
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	1
+Sort_scan	1
+EXPLAIN SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+FLUSH STATUS;
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE);
+COUNT(*)
+1
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+SELECT title,
+MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION)
+ORDER BY score DESC, title ASC;
+title	score
+MySQL vs. YourSQL	0.45528939366340637
+MySQL Tutorial	0.22764469683170319
+1001 MySQL Tricks	0
+How To Use MySQL Well	0
+MySQL Security	0
+Optimizing MySQL	0
+SELECT title,
+MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('MySQL database' WITH QUERY EXPANSION)
+ORDER BY score DESC, title ASC;
+title	score
+MySQL Security	0.000000003771856604828372
+1001 MySQL Tricks	0.000000001885928302414186
+How To Use MySQL Well	0.000000001885928302414186
+Optimizing MySQL	0.000000001885928302414186
+MySQL Tutorial	0
+MySQL vs. YourSQL	0
+SELECT title,
+MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE)
+ORDER BY score DESC, title ASC;
+title	score
+MySQL Tutorial	0
+ALTER TABLE wp ENGINE=myisam;
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+title	score
+MySQL vs. YourSQL	0.9562782645225525
+MySQL Tutorial	0.5756555199623108
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	0
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+title	score
+MySQL vs. YourSQL	0.9562782645225525
+MySQL Tutorial	0.5756555199623108
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+docid	score
+5	0.9562782645225525
+1	0.5756555199623108
+SHOW SESSION STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	3
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+docid	score
+5	0.9562782645225525
+1	0.5756555199623108
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	0
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	2
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	14
+SHOW SESSION STATUS LIKE 'Sort%';
+Variable_name	Value
+Sort_merge_passes	0
+Sort_priority_queue_sorts	1
+Sort_range	0
+Sort_rows	2
+Sort_scan	1
+EXPLAIN SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	wp	fulltext	idx	idx	0		1	Using where
+FLUSH STATUS;
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+COUNT(*)
+2
+SHOW STATUS LIKE 'Handler_read%';
+Variable_name	Value
+Handler_read_first	0
+Handler_read_key	0
+Handler_read_last	0
+Handler_read_next	3
+Handler_read_prev	0
+Handler_read_retry	0
+Handler_read_rnd	0
+Handler_read_rnd_deleted	0
+Handler_read_rnd_next	0
+DROP TABLE wp, t1;
+CREATE TABLE t1
+(
+FTS_DOC_ID BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+title VARCHAR(255) DEFAULT '',
+text MEDIUMTEXT ,
+PRIMARY KEY (FTS_DOC_ID),
+UNIQUE KEY FTS_DOC_ID_INDEX (FTS_DOC_ID),
+FULLTEXT KEY ft_idx (title,text)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+INSERT INTO t1 (title, text) VALUES
+('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+('How To Use MySQL Well','After you went through a ...'),
+('Optimizing MySQL','In this tutorial we will show ...'),
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL database','In the following database to database comparison ...'),
+('MySQL Security','When configured properly, MySQL ...'),
+('InnoDB', 'InnoDB is a transaction-safe (ACID compliant) storage engine'),
+('MySQL is a database management system', 'A database is a structured collection of data...'),
+('MySQL databases are relational', 'A relational database stores data in separate tables rather than putting all the data in one big storeroom...'),
+('MySQL software is Open Source', 'Open Source means that it is possible for anyone to use and modify the software...'),
+('The MySQL Database Server is very fast, reliable, scalable, and easy to use', 'MySQL Server can run comfortably on a desktop or laptop...'),
+('MySQL Server works in client/server or embedded systems', 'The MySQL Database Software is a client/server system...'),
+('MyISAM', 'MyISAM is based on the older (and no longer available) ISAM storage engine but has many useful extensions'),
+('A large amount of contributed MySQL software is available', 'MySQL Server has a practical set of features developed in close cooperation with our users'),
+(NULL,NULL);
+ANALYZE TABLE t1;
+# No ranking
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE);
+count(*)
+6
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('data*' IN BOOLEAN MODE) ORDER BY title LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('data*' IN BOOLEAN MODE) ORDER BY title LIMIT 3;
+count(*)
+6
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+FTS_DOC_ID	title
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION);
+FTS_DOC_ID	title
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+12	MySQL Server works in client/server or embedded systems
+10	MySQL software is Open Source
+4	1001 MySQL Tricks
+14	A large amount of contributed MySQL software is available
+2	How To Use MySQL Well
+13	MyISAM
+5	MySQL vs. YourSQL database
+8	MySQL is a database management system
+1	MySQL Tutorial
+9	MySQL databases are relational
+6	MySQL Security
+3	Optimizing MySQL
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE);
+FTS_DOC_ID	title
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+EXPLAIN SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+for' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+for' IN BOOLEAN MODE);
+FTS_DOC_ID
+# No sorting by rank
+EXPLAIN SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY title;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY title;
+FTS_DOC_ID	TITLE
+9	MySQL databases are relational
+8	MySQL is a database management system
+12	MySQL Server works in client/server or embedded systems
+1	MySQL Tutorial
+5	MySQL vs. YourSQL database
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+FTS_DOC_ID
+11
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title;
+FTS_DOC_ID	title
+4	1001 MySQL Tricks
+14	A large amount of contributed MySQL software is available
+2	How To Use MySQL Well
+13	MyISAM
+9	MySQL databases are relational
+8	MySQL is a database management system
+6	MySQL Security
+12	MySQL Server works in client/server or embedded systems
+10	MySQL software is Open Source
+1	MySQL Tutorial
+5	MySQL vs. YourSQL database
+3	Optimizing MySQL
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title;
+FTS_DOC_ID	title
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+# LIMIT optimization
+EXPLAIN SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+LIMIT 3;
+FTS_DOC_ID	TITLE
+11	The MySQL Database Server is very fast, reliable, scalable, and easy to use
+5	MySQL vs. YourSQL database
+8	MySQL is a database management system
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+LIMIT 3;
+FTS_DOC_ID
+11
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+ORDER BY title
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+ORDER BY title
+LIMIT 3;
+FTS_DOC_ID
+11
+EXPLAIN
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title LIMIT 1;
+FTS_DOC_ID
+4
+EXPLAIN
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using filesort
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title LIMIT 1;
+FTS_DOC_ID
+11
+EXPLAIN
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank, FTS_DOC_ID
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank, FTS_DOC_ID
+LIMIT 3;
+FTS_DOC_ID	rank
+1	0.15835624933242798
+9	0.15835624933242798
+12	0.15835624933242798
+EXPLAIN
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank DESC, FTS_DOC_ID ASC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank DESC, FTS_DOC_ID ASC
+LIMIT 3;
+FTS_DOC_ID	rank
+11	1.5415468215942383
+5	0.47506874799728394
+8	0.31671249866485596
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using temporary; Using filesort
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+FTS_DOC_ID	rank
+5	0.47506874799728394
+8	0.31671249866485596
+EXPLAIN SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using temporary; Using filesort
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 3;
+FTS_DOC_ID	rank
+11	1.5415468215942383
+5	0.47506874799728394
+8	0.31671249866485596
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC,
+FTS_DOC_ID ASC;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC,
+FTS_DOC_ID ASC;
+FTS_DOC_ID	rank
+5	0.47506874799728394
+8	0.31671249866485596
+1	0.15835624933242798
+9	0.15835624933242798
+11	0.15835624933242798
+12	0.15835624933242798
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) and FTS_DOC_ID > 1
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC
+LIMIT 2;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	PRIMARY,FTS_DOC_ID_INDEX,ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) and FTS_DOC_ID > 1
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC
+LIMIT 2;
+FTS_DOC_ID	rank
+5	0.47506874799728394
+8	0.31671249866485596
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank
+LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank
+LIMIT 1;
+FTS_DOC_ID	rank
+3	0.009391550906002522
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank DESC
+LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank DESC
+LIMIT 1;
+FTS_DOC_ID	rank
+11	15.345823287963867
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY  MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+LIMIT 1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY  MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) DESC
+LIMIT 1;
+FTS_DOC_ID	rank
+11	15.345823287963867
+# WHERE optimization on MATCH > 'some_rank'
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) > 0.1;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) > 0.1;
+FTS_DOC_ID
+11
+5
+8
+1
+9
+12
+# additional test for correct behaviour
+EXPLAIN SELECT * FROM t1 ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC LIMIT 10;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using temporary; Using filesort
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) AND
+MATCH (title, text) AGAINST ('mysql' IN NATURAL LANGUAGE MODE)
+LIMIT 6;
+FTS_DOC_ID
+11
+5
+8
+1
+9
+12
+# test OR condition
+SELECT FTS_DOC_ID
+FROM t1
+WHERE MATCH(title, text) AGAINST ('database')
+OR MATCH(title, text) AGAINST ('mysql')
+ORDER BY  MATCH(title, text) AGAINST ('database') DESC, FTS_DOC_ID ASC;
+FTS_DOC_ID
+5
+8
+1
+9
+11
+12
+2
+3
+4
+6
+10
+14
+EXPLAIN SELECT FTS_DOC_ID
+FROM t1
+WHERE MATCH(title, text) AGAINST ('database')
+OR MATCH(title, text) AGAINST ('mysql')
+ORDER BY  MATCH(title, text) AGAINST ('database') DESC, FTS_DOC_ID ASC;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using where; Using temporary; Using filesort
+# MATCH and GROUP BY, DISTINCT
+SET sql_mode = (select replace(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY FTS_DOC_ID
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY FTS_DOC_ID
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+FTS_DOC_ID
+11
+5
+8
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY title
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY title
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+FTS_DOC_ID
+11
+5
+8
+EXPLAIN SELECT MAX(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where
+SELECT MAX(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+MAX(FTS_DOC_ID)
+12
+EXPLAIN SELECT DISTINCT(title) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT DISTINCT(title) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+title
+The MySQL Database Server is very fast, reliable, scalable, and easy to use
+MySQL vs. YourSQL database
+MySQL is a database management system
+EXPLAIN SELECT DISTINCT(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	ft_idx	ft_idx	0		1	Using where; Using temporary; Using filesort
+SELECT DISTINCT(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+FTS_DOC_ID
+11
+5
+8
+SET sql_mode = @save_mode;
+# FTS index access
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+FTS_DOC_ID	rank
+5	0.47506874799728394
+8	0.31671249866485596
+EXPLAIN SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using temporary; Using filesort
+SELECT a.FTS_DOC_ID, b.FTS_DOC_ID
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+MATCH(b.title, b.text) AGAINST ('+mysql' IN BOOLEAN MODE) and
+a.FTS_DOC_ID = b.FTS_DOC_ID;
+FTS_DOC_ID	FTS_DOC_ID
+5	5
+8	8
+1	1
+9	9
+11	11
+12	12
+EXPLAIN SELECT a.FTS_DOC_ID, b.FTS_DOC_ID
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+MATCH(b.title, b.text) AGAINST ('+mysql' IN BOOLEAN MODE)  and
+a.FTS_DOC_ID = b.FTS_DOC_ID;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	a	fulltext	PRIMARY,FTS_DOC_ID_INDEX,ft_idx	ft_idx	0		1	Using where
+1	SIMPLE	b	eq_ref	PRIMARY,FTS_DOC_ID_INDEX,ft_idx	PRIMARY	8	test.a.FTS_DOC_ID	1	Using where
+SELECT a.FTS_DOC_ID, MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE),
+b.FTS_DOC_ID, MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE)
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE);
+FTS_DOC_ID	MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE)	FTS_DOC_ID	MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE)
+5	0.47506874799728394	5	0.47506874799728394
+5	0.47506874799728394	8	0.31671249866485596
+5	0.47506874799728394	1	0.15835624933242798
+5	0.47506874799728394	9	0.15835624933242798
+5	0.47506874799728394	11	0.15835624933242798
+5	0.47506874799728394	12	0.15835624933242798
+8	0.31671249866485596	5	0.47506874799728394
+8	0.31671249866485596	8	0.31671249866485596
+8	0.31671249866485596	1	0.15835624933242798
+8	0.31671249866485596	9	0.15835624933242798
+8	0.31671249866485596	11	0.15835624933242798
+8	0.31671249866485596	12	0.15835624933242798
+1	0.15835624933242798	5	0.47506874799728394
+1	0.15835624933242798	8	0.31671249866485596
+1	0.15835624933242798	1	0.15835624933242798
+1	0.15835624933242798	9	0.15835624933242798
+1	0.15835624933242798	11	0.15835624933242798
+1	0.15835624933242798	12	0.15835624933242798
+9	0.15835624933242798	5	0.47506874799728394
+9	0.15835624933242798	8	0.31671249866485596
+9	0.15835624933242798	1	0.15835624933242798
+9	0.15835624933242798	9	0.15835624933242798
+9	0.15835624933242798	11	0.15835624933242798
+9	0.15835624933242798	12	0.15835624933242798
+11	0.15835624933242798	5	0.47506874799728394
+11	0.15835624933242798	8	0.31671249866485596
+11	0.15835624933242798	1	0.15835624933242798
+11	0.15835624933242798	9	0.15835624933242798
+11	0.15835624933242798	11	0.15835624933242798
+11	0.15835624933242798	12	0.15835624933242798
+12	0.15835624933242798	5	0.47506874799728394
+12	0.15835624933242798	8	0.31671249866485596
+12	0.15835624933242798	1	0.15835624933242798
+12	0.15835624933242798	9	0.15835624933242798
+12	0.15835624933242798	11	0.15835624933242798
+12	0.15835624933242798	12	0.15835624933242798
+EXPLAIN SELECT a.FTS_DOC_ID, MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE),
+b.FTS_DOC_ID, MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE)
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	a	fulltext	ft_idx	ft_idx	0		1	Using where
+1	SIMPLE	b	fulltext	ft_idx	ft_idx	0		1	Using where
+EXPLAIN SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using where
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100
+FROM t1 WHERE MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100;
+FTS_DOC_ID	MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100
+1	4.92168664932251
+5	14.76505994796753
+8	9.84337329864502
+9	4.92168664932251
+11	4.92168664932251
+12	4.92168664932251
+SELECT * FROM t1 WHERE title IS NULL AND text IS NULL;
+FTS_DOC_ID	title	text
+15	NULL	NULL
+CREATE TABLE t2 SELECT FTS_DOC_ID as doc_id, title, text FROM t1;
+ALTER TABLE t2 ADD PRIMARY KEY (doc_id);
+ALTER TABLE t2 ADD FULLTEXT KEY ft_idx (title,text);
+ANALYZE TABLE t2;
+EXPLAIN SELECT DOC_ID FROM t2 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t2	ALL	NULL	NULL	NULL	NULL	15	Using where
+SELECT DOC_ID FROM t2 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+DOC_ID
+1
+5
+8
+9
+11
+12
+EXPLAIN SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	15	Using where
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+FTS_DOC_ID
+1
+5
+8
+9
+11
+12
+DROP TABLE t1, t2;
+"Check hints with uft8 charset for 2 cases"
+set names utf8;
+CREATE TABLE t1 (
+FTS_DOC_ID BIGINT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+text TEXT
+) CHARACTER SET = utf8, ENGINE=InnoDB;
+INSERT INTO t1 (title, text) VALUES
+('Я могу е�ть �текло', 'оно мне не вредит'),
+('Мога да �м �тъкло', 'то не ми вреди'),
+('Μπο�ῶ νὰ φάω σπασμένα' ,'γυαλιὰ χω�ὶς νὰ πάθω τίποτα'),
+('Příliš žluťou�ký kůň', 'úpěl �ábelské kódy'),
+('Sævör grét', 'áðan því úlpan var ónýt'),
+('�����や�','�����'),
+('�������　�り�る','���ゆ���　ゑ�も��');
+CREATE FULLTEXT INDEX idx on t1 (title, text);
+# No ranking
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('вредит' IN NATURAL LANGUAGE MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	idx	idx	0		1	Using where
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('вредит' IN NATURAL LANGUAGE MODE);
+count(*)
+1
+EXPLAIN
+SELECT * FROM t1 WHERE MATCH(title, text) AGAINST ("оно" WITH QUERY EXPANSION);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	idx	idx	0		1	Using where
+SELECT * FROM t1 WHERE MATCH(title, text) AGAINST ("оно" WITH QUERY EXPANSION);
+FTS_DOC_ID	title	text
+1	Я могу е�ть �текло	оно мне не вредит
+# No sorting by rank
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+(Мога τίποτα)' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	idx	idx	0		1	Using where
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+(Мога τίποτα)' IN BOOLEAN MODE);
+FTS_DOC_ID
+2
+3
+DROP TABLE t1;
+#
+# Bug #18924341 CRASH IN TEST_IF_SKIP_SORT_ORDER, GROUP BY MATCH AGAINST DESC
+#
+CREATE TABLE t1 (f1 CHAR(1), FULLTEXT KEY (f1));
+SELECT 1 FROM t1 NATURAL JOIN t1 a GROUP BY MATCH(t1.f1) AGAINST ("1") DESC;
+1
+DROP TABLE t1;
+#
+# Bug#20261601 ASSERTION FAILED: !FIRST_QEP_TAB->TABLE()->NO_KEYREAD
+#
+CREATE TABLE t1(a INT PRIMARY KEY);
+INSERT INTO t1 VALUES(1),(2);
+SELECT (SELECT MATCH(`a`)AGAINST('1') FROM t1) FROM t1;
+ERROR HY000: Can't find FULLTEXT index matching the column list
+SELECT 1, a IN (SELECT a FROM t1) FROM t1;
+1	a IN (SELECT a FROM t1)
+1	1
+1	1
+DROP TABLE t1;
+#
+# Bug#20442572 ASSERTION `!FIRST_QEP_TAB->TABLE()->NO_KEYREAD' FAILED.
+# Bug#75688 Assertion `!first_qep_tab->table()->no_keyread' failed.
+#
+CREATE TABLE t1(a INT,b POINT NOT NULL,KEY(a));
+HANDLER t1 OPEN;
+select * from t1 where MATCH a,b AGAINST('"Now sUPPort"' IN BOOLEAN MODE);
+a	b
+prepare stmt1 from "truncate t1";
+SELECT a IN(SELECT a FROM t1)FROM t1;
+a IN(SELECT a FROM t1)
+deallocate prepare stmt1;
+DROP TABLE t1;
+#
+# Bug #20685427 INVALID WRITE OF FREED MEMORY IN ITEM_FUNC_MATCH::CLEANUP
+#
+CREATE TABLE t1(a TEXT CHARSET LATIN1, FULLTEXT KEY(a)) ENGINE=INNODB;
+SELECT MATCH(a) AGAINST ('') FROM (SELECT a FROM t1 LIMIT 1) q;
+ERROR HY000: Can't find FULLTEXT index matching the column list
+DROP TABLE t1;
+#
+# Bug#21140067 EXPLAIN .. MATCH AGAINST: ASSERTION FAILED: TO <= END
+#
+CREATE TABLE t1(f1 CHAR(1) CHARSET latin1, FULLTEXT(f1)) ENGINE=INNODB;
+EXPLAIN SELECT 1 FROM t1 WHERE 1.238585e+308 <= MATCH(f1) AGAINST ('1' IN BOOLEAN MODE);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
+1	SIMPLE	t1	fulltext	f1	f1	0		1	Using where
+EXPLAIN FORMAT = JSON SELECT 1 FROM t1 WHERE 1.238585e+308 <= MATCH(f1) AGAINST ('1' IN BOOLEAN MODE);
+EXPLAIN
+{
+  "query_block": {
+    "select_id": 1,
+    "nested_loop": [
+      {
+        "table": {
+          "table_name": "t1",
+          "access_type": "fulltext",
+          "possible_keys": ["f1"],
+          "key": "f1",
+          "key_length": "0",
+          "used_key_parts": ["f1"],
+          "rows": 1,
+          "filtered": 100,
+          "attached_condition": "1.238585e+308 <= (match t1.f1 against ('1' in boolean mode))"
+        }
+      }
+    ]
+  }
+}
+DROP TABLE t1;
+#
+# Bug#21140088 MATCH AGAINST: ASSERTION FAILED: !TABLE || (!TABLE->READ_SET || BITMAP_IS_SET
+#
+SET sql_mode='';
+CREATE TABLE t1(a INT) ENGINE=INNODB;
+CREATE TABLE t2(b TEXT CHARSET LATIN1, FULLTEXT(b), PRIMARY KEY(b(10))) ENGINE=INNODB;
+INSERT INTO t2 VALUES ('a'),('b');
+SELECT NOT EXISTS (SELECT MATCH(b) AGAINST ('1') FROM t1) FROM t2 GROUP BY "a";
+ERROR HY000: Incorrect arguments to MATCH
+DROP TABLE t1, t2;
+CREATE TABLE t1(a INT) ENGINE=MyISAM;
+CREATE TABLE t2(b TEXT CHARSET LATIN1, FULLTEXT(b), PRIMARY KEY(b(10))) ENGINE=MyISAM;
+INSERT INTO t2 VALUES ('a'),('b');
+SELECT NOT EXISTS (SELECT MATCH(b) AGAINST ('1' in BOOLEAN MODE) FROM t1) FROM t2 GROUP BY "a";
+NOT EXISTS (SELECT MATCH(b) AGAINST ('1' in BOOLEAN MODE) FROM t1)
+1
+DROP TABLE t1, t2;
+SET sql_mode=default;
+#
+# Bug#21140039 ASSERTION FAILED: !FIRST_QEP_TAB->TABLE()->NO_KEYREAD MATCH AGAINST.....
+#
+CREATE TABLE t1
+(
+a INT,
+b INT,
+c CHAR(1) CHARSET latin1,
+PRIMARY KEY (b,a),
+FULLTEXT KEY (c)
+) ENGINE=INNODB;
+SELECT "a" NOT IN(SELECT b FROM t1 WHERE MATCH(c) AGAINST ('a' IN BOOLEAN MODE));
+"a" NOT IN(SELECT b FROM t1 WHERE MATCH(c) AGAINST ('a' IN BOOLEAN MODE))
+1
+DROP TABLE t1;
+#
+# Bug#21300774 ASSERT `!INIT_FTFUNCS(THD, SELECT_LEX)` IN JOIN::RESET AT SQL/SQL_SELECT.CC:874
+#
+CREATE TABLE t1 (f1 INT);
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+CREATE TABLE t2 (ft TEXT, FULLTEXT KEY ft(ft));
+INSERT INTO t2 VALUES ('abc');
+INSERT INTO t2 VALUES ('def');
+UPDATE t1 SET f1 =
+(SELECT t1.f1 FROM t2 WHERE NOT TRUE AND
+MATCH (ft) AGAINST ((SELECT 'xyz' FROM t2)));
+ERROR 21000: Subquery returns more than 1 row
+DROP TABLE t1, t2;
+#
+# Bug#22679209: FULL-TEXT QUERIES WITH ADDITIONAL SECONDARY INDEX
+#               GIVES NULL OR ZERO ROWS
+#
+CREATE TABLE t1 (
+f1 INTEGER,
+title varchar(255),
+body mediumtext,
+KEY f1 (f1),
+FULLTEXT KEY title (title),
+FULLTEXT KEY body (body)
+) ENGINE=InnoDB;
+INSERT INTO t1 VALUES
+(1, 'Insert into table', 'insert into table select from'),
+(1, 'Delete from table', 'insert into table select from'),
+(1, 'Update',            'perform update'),
+(2, 'Insert into table', 'insert into table select from'),
+( 2, 'Delete from table', 'some body text here'),
+( 2, 'Update',            'perform update'),
+( 3, 'Insert into table', 'insert into table select from'),
+( 3, 'Delete from table', 'some body text here');
+SELECT f1 FROM t1 WHERE f1=1 AND
+(MATCH (title) AGAINST ('table' IN BOOLEAN MODE) OR
+MATCH (body) AGAINST ('table' IN BOOLEAN MODE));
+f1
+1
+1
+DROP TABLE t1;
+# End of test for Bug#22679209
diff --git a/mysql-test/suite/innodb_fts/r/phrase.result b/mysql-test/suite/innodb_fts/r/phrase.result
new file mode 100644
index 00000000..efcbaeac
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/phrase.result
@@ -0,0 +1,84 @@
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body)
+) ENGINE=InnoDB;
+INSERT INTO articles (title,body) VALUES
+(NULL, 'mysql good database'),
+(NULL, ' mysql good database'),
+('', 'mysql good database'),
+('', ' mysql good database'),
+(' ', 'mysql good database'),
+('mysql', 'good database'),
+('mysql ', 'good database'),
+('mysql', ' good database'),
+('mysql good database', ''),
+('mysql good database', NULL);
+SET GLOBAL innodb_ft_aux_table="test/articles";
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+WORD	FIRST_DOC_ID	LAST_DOC_ID	DOC_COUNT	DOC_ID	POSITION
+database	1	10	10	1	11
+database	1	10	10	2	12
+database	1	10	10	3	11
+database	1	10	10	4	12
+database	1	10	10	5	13
+database	1	10	10	6	11
+database	1	10	10	7	12
+database	1	10	10	8	12
+database	1	10	10	9	11
+database	1	10	10	10	11
+good	1	10	10	1	6
+good	1	10	10	2	7
+good	1	10	10	3	6
+good	1	10	10	4	7
+good	1	10	10	5	8
+good	1	10	10	6	6
+good	1	10	10	7	7
+good	1	10	10	8	7
+good	1	10	10	9	6
+good	1	10	10	10	6
+mysql	1	10	10	1	0
+mysql	1	10	10	2	1
+mysql	1	10	10	3	0
+mysql	1	10	10	4	1
+mysql	1	10	10	5	2
+mysql	1	10	10	6	0
+mysql	1	10	10	7	0
+mysql	1	10	10	8	0
+mysql	1	10	10	9	0
+mysql	1	10	10	10	0
+SET GLOBAL innodb_ft_aux_table=default;
+SELECT * FROM articles;
+id	title	body
+1	NULL	mysql good database
+2	NULL	 mysql good database
+3		mysql good database
+4		 mysql good database
+5	 	mysql good database
+6	mysql	good database
+7	mysql 	good database
+8	mysql	 good database
+9	mysql good database	
+10	mysql good database	NULL
+SELECT * FROM articles WHERE MATCH(title, body)
+AGAINST('"mysql good database"' IN BOOLEAN MODE);
+id	title	body
+1	NULL	mysql good database
+2	NULL	 mysql good database
+3		mysql good database
+4		 mysql good database
+5	 	mysql good database
+9	mysql good database	
+10	mysql good database	NULL
+SELECT * FROM articles WHERE MATCH(title, body)
+AGAINST('("mysql good database")' IN BOOLEAN MODE);
+id	title	body
+1	NULL	mysql good database
+2	NULL	 mysql good database
+3		mysql good database
+4		 mysql good database
+5	 	mysql good database
+9	mysql good database	
+10	mysql good database	NULL
+DROP TABLE articles;
diff --git a/mysql-test/suite/innodb_fts/r/result_cache_limit.result b/mysql-test/suite/innodb_fts/r/result_cache_limit.result
new file mode 100644
index 00000000..4f13f4e7
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/result_cache_limit.result
@@ -0,0 +1,31 @@
+CREATE TABLE t1 (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+a VARCHAR(200),
+b TEXT
+) ENGINE= InnoDB;
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+INSERT INTO t1 (a,b) VALUES
+('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+('when To Use MySQL Well','After that you went through a ...'),
+('where will Optimizing MySQL','what In this tutorial we will show ...'),
+('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+('when To Use MySQL Well','After that you went through a ...'),
+('where will Optimizing MySQL','what In this tutorial we will show ...'),
+('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+('when To Use MySQL Well','After that you went through a ...'),
+('where will Optimizing MySQL','what In this tutorial we will show ...');
+SET @save_limit=@@GLOBAL.innodb_ft_result_cache_limit;
+SET @save_dbug=@@debug_dbug;
+SET debug_dbug="+d,fts_instrument_result_cache_limit";
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('mysql' IN BOOLEAN MODE);
+COUNT(*)
+9
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('mysql' WITH QUERY EXPANSION);
+ERROR HY000: Table handler out of memory
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('"mysql database"' IN BOOLEAN MODE);
+ERROR HY000: Table handler out of memory
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('"mysql database" @ 5' IN BOOLEAN MODE);
+ERROR HY000: Table handler out of memory
+SET debug_dbug=@save_dbug;
+DROP TABLE t1;
+SET GLOBAL innodb_ft_result_cache_limit=@save_limit;
diff --git a/mysql-test/suite/innodb_fts/r/savepoint.result b/mysql-test/suite/innodb_fts/r/savepoint.result
new file mode 100644
index 00000000..1abfc961
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/savepoint.result
@@ -0,0 +1,318 @@
+CREATE TABLE articles (
+id INT UNSIGNED NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+FULLTEXT (title)
+) ENGINE= InnoDB;
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+4	mysql
+5	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+ROLLBACK TO SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+4	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+5	mysql
+6	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK TO SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+4	mysql
+5	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+RELEASE SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+4	mysql
+5	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+4	mysql
+5	mysql
+6	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+RELEASE SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+4	mysql
+5	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+RELEASE SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+4	mysql
+5	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+ROLLBACK TO SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+4	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+RELEASE SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK TO SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+COMMIT;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+2	mysql
+3	mysql
+5	mysql
+6	mysql
+7	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+ROLLBACK;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+3	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+ROLLBACK;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+4	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+5	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+ROLLBACK TO SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+5	mysql
+TRUNCATE TABLE articles;
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+BEGIN;
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+ROLLBACK TO SAVEPOINT sp2;
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+RELEASE SAVEPOINT sp1;
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+ROLLBACK;
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+id	title
+1	mysql
+7	mysql
+DROP TABLE articles;
diff --git a/mysql-test/suite/innodb_fts/r/subexpr.result b/mysql-test/suite/innodb_fts/r/subexpr.result
new file mode 100644
index 00000000..cf476abb
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/r/subexpr.result
@@ -0,0 +1,105 @@
+#
+# Bug #20028323 INNODB FULLTEXT BOOLEAN SEARCH INCORRECTLY HANDLES
+# PARENTHESES
+#
+CREATE TABLE t1 (
+f1 INT NOT NULL AUTO_INCREMENT,
+f2 TEXT NOT NULL,
+PRIMARY KEY (f1),
+FULLTEXT (f2)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+INSERT INTO t1 (f2) VALUES
+('Pumpkin soup with cheese bread'),
+('Yellow chicken curry'),
+('Fresh green vegetables with garlic');
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+pumpkin' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+cheese' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+(pumpkin cheese)' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle)' IN BOOLEAN MODE);
+f1	f2
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+f1	f2
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(>souffle <tart)' IN BOOLEAN MODE);
+f1	f2
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+f1	f2
+INSERT INTO t1 (f2) VALUES
+('This row contains only souffle'),
+('This row contains only tart'),
+('This row contains only pumpkin'),
+('This row contains only cheese'),
+('This row contains pumpkin and souffle'),
+('This row contains pumpkin and tart'),
+('This row contains pumpkin and cheese'),
+('This row contains both souffle and tart'),
+('This row contains both souffle and cheese'),
+('This row contains both tart and cheese'),
+('This row contains all three souffle, pumpkin and  tart'),
+('This row contains all four cheese, souffle, pumpkin and  tart');
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+pumpkin' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+6	This row contains only pumpkin
+8	This row contains pumpkin and souffle
+9	This row contains pumpkin and tart
+10	This row contains pumpkin and cheese
+14	This row contains all three souffle, pumpkin and  tart
+15	This row contains all four cheese, souffle, pumpkin and  tart
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+cheese' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+7	This row contains only cheese
+10	This row contains pumpkin and cheese
+12	This row contains both souffle and cheese
+13	This row contains both tart and cheese
+15	This row contains all four cheese, souffle, pumpkin and  tart
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+(pumpkin cheese)' IN BOOLEAN MODE);
+f1	f2
+1	Pumpkin soup with cheese bread
+10	This row contains pumpkin and cheese
+15	This row contains all four cheese, souffle, pumpkin and  tart
+7	This row contains only cheese
+12	This row contains both souffle and cheese
+13	This row contains both tart and cheese
+6	This row contains only pumpkin
+8	This row contains pumpkin and souffle
+9	This row contains pumpkin and tart
+14	This row contains all three souffle, pumpkin and  tart
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle)' IN BOOLEAN MODE);
+f1	f2
+8	This row contains pumpkin and souffle
+14	This row contains all three souffle, pumpkin and  tart
+15	This row contains all four cheese, souffle, pumpkin and  tart
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+f1	f2
+14	This row contains all three souffle, pumpkin and  tart
+15	This row contains all four cheese, souffle, pumpkin and  tart
+8	This row contains pumpkin and souffle
+9	This row contains pumpkin and tart
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(>souffle <tart)' IN BOOLEAN MODE);
+f1	f2
+8	This row contains pumpkin and souffle
+14	This row contains all three souffle, pumpkin and  tart
+15	This row contains all four cheese, souffle, pumpkin and  tart
+9	This row contains pumpkin and tart
+SELECT * FROM t1 WHERE MATCH(f2)
+AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+f1	f2
+14	This row contains all three souffle, pumpkin and  tart
+15	This row contains all four cheese, souffle, pumpkin and  tart
+8	This row contains pumpkin and souffle
+9	This row contains pumpkin and tart
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_fts/t/crash_recovery.test b/mysql-test/suite/innodb_fts/t/crash_recovery.test
index dd8a07f8..ac3f0385 100644
--- a/mysql-test/suite/innodb_fts/t/crash_recovery.test
+++ b/mysql-test/suite/innodb_fts/t/crash_recovery.test
@@ -113,7 +113,7 @@ disconnect ddl3;
 
 # Wait for purge, so that any #sql-ib.ibd files from the previous kill
 # will be deleted.
-source ../../innodb/include/wait_all_purged.inc;
+SET GLOBAL innodb_max_purge_lag_wait=0;
 
 CHECK TABLE t1,t2,t3;
 DROP TABLE t1,t2,t3;
diff --git a/mysql-test/suite/innodb_fts/t/foreign_key_check.test b/mysql-test/suite/innodb_fts/t/foreign_key_check.test
new file mode 100644
index 00000000..24421dcb
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/foreign_key_check.test
@@ -0,0 +1,41 @@
+#
+# BUG#22094601 CREATE TABLE WITH FULLTEXT AND CONSTRAINT FAILS WHEN FOREIGN_KEY_CHECKS IS 0
+#
+
+--source include/have_innodb.inc
+
+--error ER_CANT_CREATE_TABLE
+CREATE TABLE t1 (
+  id       INT NOT NULL,
+  title    TEXT,
+  PRIMARY  KEY (id),
+  FULLTEXT KEY (title),
+  FOREIGN  KEY (id) REFERENCES t2 (id)
+) ENGINE=InnoDB;
+
+CREATE TABLE t1 (
+  id       INT NOT NULL,
+  title    TEXT,
+  PRIMARY  KEY (id)
+) ENGINE=InnoDB;
+
+--error ER_CANT_CREATE_TABLE
+ALTER TABLE t1 ADD FULLTEXT KEY (title), ADD FOREIGN KEY (id) REFERENCES t2 (id);
+
+SET FOREIGN_KEY_CHECKS = 0;
+
+ALTER TABLE t1 ADD FULLTEXT KEY (title), ADD FOREIGN KEY (id) REFERENCES t2 (id);
+
+DROP TABLE t1;
+
+CREATE TABLE t1 (
+  id       INT NOT NULL,
+  title    TEXT,
+  PRIMARY  KEY (id),
+  FULLTEXT KEY (title),
+  FOREIGN  KEY (id) REFERENCES t2 (id)
+) ENGINE=InnoDB;
+
+DROP TABLE t1;
+
+SET FOREIGN_KEY_CHECKS = 1;
diff --git a/mysql-test/suite/innodb_fts/t/foreign_key_update.test b/mysql-test/suite/innodb_fts/t/foreign_key_update.test
new file mode 100644
index 00000000..1f74e640
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/foreign_key_update.test
@@ -0,0 +1,34 @@
+#
+# BUG#21111301 INNODB FTS: ERROR DUPLICATE ENTRY IN FTS_DOC_ID_INDEX ON UPDATE CASCADE
+#
+
+-- source include/have_innodb.inc
+
+CREATE TABLE t1 (
+	a	varchar(40),
+	KEY	a(a)
+) ENGINE=InnoDB;
+
+CREATE TABLE t1_fk (
+	a	varchar(40),
+        KEY	a(a),
+	FULLTEXT KEY (a),
+	CONSTRAINT fk FOREIGN KEY (a) REFERENCES t1 (a) ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+INSERT INTO t1 VALUES('mysql');
+
+INSERT INTO t1_fk VALUES('mysql');
+INSERT INTO t1_fk VALUES('mysql');
+
+SELECT * FROM t1_fk;
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('mysql');
+
+UPDATE t1 SET a = 'database' WHERE a = 'mysql';
+
+SELECT * FROM t1_fk;
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('mysql');
+SELECT * FROM t1_fk WHERE MATCH(a) AGAINST('database');
+
+DROP TABLE t1_fk;
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_fts/t/index_table.opt b/mysql-test/suite/innodb_fts/t/index_table.opt
new file mode 100644
index 00000000..7724f976
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/index_table.opt
@@ -0,0 +1,2 @@
+--innodb-ft-index-cache
+--innodb-ft-index-table
diff --git a/mysql-test/suite/innodb_fts/t/index_table.test b/mysql-test/suite/innodb_fts/t/index_table.test
new file mode 100644
index 00000000..4b484877
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/index_table.test
@@ -0,0 +1,121 @@
+# This is the basic function tests for INNODB_FT_INDEX_TABLE
+# and INNODB_FT_INDEX_TABLE in INFORMATION_SCHEMA.
+
+-- source include/have_innodb.inc
+-- source include/have_debug.inc
+
+SET @optimize=@@GLOBAL.INNODB_OPTIMIZE_FULLTEXT_ONLY;
+SET GLOBAL INNODB_OPTIMIZE_FULLTEXT_ONLY=1;
+
+# Test Case 1: Test Result Cache Limit
+CREATE TABLE articles (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	title VARCHAR(200),
+	content TEXT
+	) ENGINE= InnoDB;
+
+CREATE FULLTEXT INDEX idx ON articles (title, content);
+
+INSERT INTO articles (title, content) VALUES
+	('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+	('How To Use MySQL Well','After you went through a ...'),
+	('Optimizing MySQL','In this tutorial we will show ...'),
+	('1001 MySQL Tricks','How to use full-text search engine'),
+	('Go MySQL Tricks','How to use full text search engine');
+
+SET @aux=@@GLOBAL.innodb_ft_aux_table;
+SET GLOBAL innodb_ft_aux_table='test/articles';
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+
+OPTIMIZE TABLE articles;
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+
+SET @save_dbug=@@debug_dbug;
+SET debug_dbug='+d,fts_instrument_result_cache_limit';
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+
+SET debug_dbug=@save_dbug;
+
+DROP TABLE articles;
+
+SET GLOBAL innodb_ft_result_cache_limit=default;
+
+# Test Case 2: Test Multiple Indexes
+CREATE TABLE articles (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	title VARCHAR(200),
+	content TEXT
+	) ENGINE= InnoDB;
+
+CREATE FULLTEXT INDEX idx_t ON articles (title);
+
+CREATE FULLTEXT INDEX idx_c ON articles (content);
+
+INSERT INTO articles (title, content) VALUES
+	('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+	('How To Use MySQL Well','After you went through a ...'),
+	('Optimizing MySQL','In this tutorial we will show ...'),
+	('1001 MySQL Tricks','How to use full-text search engine'),
+	('Go MySQL Tricks','How to use full text search engine');
+
+# test.articles had been dropped, so this result will be empty
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+SET GLOBAL innodb_ft_aux_table='test/articles';
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+
+OPTIMIZE TABLE articles;
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+
+DROP TABLE articles;
+
+SET NAMES utf8;
+
+# Test Case 3: Test UFT8 Charset
+CREATE TABLE articles (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	title VARCHAR(200)
+	) ENGINE=InnoDB DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
+
+CREATE FULLTEXT INDEX idx ON articles (title);
+
+INSERT INTO articles (title) VALUES
+        ('相亲相爱'),('怜香惜爱'),('充满�爱'),('爱�交织');
+
+SET GLOBAL innodb_ft_aux_table="test/articles";
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+
+OPTIMIZE TABLE articles;
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+
+DROP TABLE articles;
+
+# Test Case 4: Test GB2312 Charset
+CREATE TABLE articles (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	title VARCHAR(200)
+	) ENGINE=InnoDB DEFAULT CHARACTER SET gb2312 COLLATE gb2312_chinese_ci;
+
+CREATE FULLTEXT INDEX idx ON articles (title);
+
+INSERT INTO articles (title) VALUES
+        ('相亲相爱'),('怜香惜爱'),('充满�爱'),('爱�交织');
+
+SET GLOBAL innodb_ft_aux_table="test/articles";
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+
+OPTIMIZE TABLE articles;
+
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_TABLE;
+
+DROP TABLE articles;
+
+# Restore global variables
+SET GLOBAL innodb_ft_aux_table=@aux;
+SET GLOBAL INNODB_OPTIMIZE_FULLTEXT_ONLY=@optimize;
diff --git a/mysql-test/suite/innodb_fts/t/innodb_fts_proximity.test b/mysql-test/suite/innodb_fts/t/innodb_fts_proximity.test
index e3d8eb0c..edf7ab21 100644
--- a/mysql-test/suite/innodb_fts/t/innodb_fts_proximity.test
+++ b/mysql-test/suite/innodb_fts/t/innodb_fts_proximity.test
@@ -163,6 +163,8 @@ DROP TABLE t1;
 
 set global innodb_file_per_table=1;
 
+set names utf8;
+--character_set utf8
 # Test fts with externally stored long column
 CREATE TABLE t1 (
 	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
diff --git a/mysql-test/suite/innodb_fts/t/limit_union.test b/mysql-test/suite/innodb_fts/t/limit_union.test
new file mode 100644
index 00000000..71c9af69
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/limit_union.test
@@ -0,0 +1,143 @@
+--source include/have_debug.inc
+--source include/have_innodb.inc
+
+--echo # Bug #22709692	FTS QUERY EXCEEDS RESULT CACHE LIMIT
+
+CREATE TABLE articles (
+id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+title VARCHAR(200),
+body TEXT,
+FULLTEXT (title,body),
+FULLTEXT (body))ENGINE=InnoDB;
+
+INSERT INTO articles (title,body) VALUES
+	('MySQL Tutorial','DBMS stands for DataBase ...'),
+	('How To Use MySQL Well','After you went through a ...'),
+	('Optimizing MySQL','In this tutorial we will show ...'),
+	('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+	('MySQL vs. YourSQL','In the following database comparison ...'),
+	('MySQL Security','When configured properly, MySQL ...');
+
+SET @default_cache_size = @@GLOBAL.query_cache_size;
+SET GLOBAL query_cache_size=0;
+
+--echo # Query involves Ranking
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' IN NATURAL LANGUAGE MODE) LIMIT 1;
+
+--echo # Without optimization
+SET @save_dbug = @@debug_dbug;
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' IN NATURAL LANGUAGE MODE) LIMIT 1;
+SET debug_dbug = @save_dbug;
+
+--echo # Query involves No Ranking and fts_union operations
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' IN BOOLEAN MODE) limit 1;
+
+SET debug_dbug = @save_dbug;
+
+--echo # Query involves No ranking and fts_union, fts_ignore
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL -YourSQL' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL -YourSQL' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+--echo # Query with fts_intersect
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL +YourSQL' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL +YourSQL' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+# insert record with @ character which is used in proximity search
+INSERT INTO articles (title,body) VALUES
+	('MySQL Tutorial','request doc@oraclehelp.com ...'),
+	('MySQL Tutorial','request support@oraclehelp.com ...'),
+	('Trial version','query performace @1255 minute on 2.1Hz
+	  Memory 2GB...'),
+	('when To Use MySQL Well','for free faq  mail@xyz.com ...');
+
+--echo # Query with @distance
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('"MySQL request"@3' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('"MySQL request"@3' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+--echo # Query with subexpression
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('+MySQL +(-support +doc)' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('+MySQL +(-support +doc)' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+--echo # limit num1 OFFSET num2
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' in boolean mode) limit 4 offset 2;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('MySQL' in boolean mode) limit 4 offset 2;
+SET debug_dbug = @save_dbug;
+
+--echo # wild card search
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('ru*' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('ru*' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+--echo # phrase search
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('"request support"' IN BOOLEAN MODE) limit 1;
+
+--echo # Without optimization
+SET debug_dbug = '+d,fts_union_limit_off';
+SELECT * FROM articles
+	WHERE MATCH (title,body)
+	AGAINST ('"request support"' IN BOOLEAN MODE) limit 1;
+SET debug_dbug = @save_dbug;
+
+DROP TABLE articles;
+SET GLOBAL query_cache_size = @default_cache_size;
diff --git a/mysql-test/suite/innodb_fts/t/misc.test b/mysql-test/suite/innodb_fts/t/misc.test
new file mode 100644
index 00000000..f897cf12
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/misc.test
@@ -0,0 +1,1511 @@
+--source include/have_innodb.inc
+--source include/no_valgrind_without_big.inc
+
+#------------------------------------------------------------------------------
+# Test With alter/create/drop index
+#------------------------------------------------------------------------------
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+EVAL SHOW CREATE TABLE t1;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+
+# query expansion
+select id from t1 where MATCH(a,b) AGAINST ("collections" WITH QUERY EXPANSION);
+select id from t1 where MATCH(a,b) AGAINST ("indexes" WITH QUERY EXPANSION);
+select id from t1 where MATCH(a,b) AGAINST ("indexes collections" WITH QUERY EXPANSION);
+
+# Drop index 
+ALTER TABLE t1 DROP INDEX idx;
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+
+# query expansion
+select id from t1 where MATCH(a,b) AGAINST ("collections" WITH QUERY EXPANSION);
+select id from t1 where MATCH(a,b) AGAINST ("indexes" WITH QUERY EXPANSION);
+select id from t1 where MATCH(a,b) AGAINST ("indexes collections" WITH QUERY EXPANSION);
+
+# insert for proximity search 
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+# Insert into table with similar word of different distances
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity fts search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test more proximity fts search, test, more proximity and phrase',
+         'search, with proximity innodb');
+
+# This should only return the first document
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@2' IN BOOLEAN MODE);
+
+# This would return no document
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@1' IN BOOLEAN MODE);
+
+# This give you all three documents
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@3' IN BOOLEAN MODE);
+
+# Similar boundary testing for the words
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"test proximity"@3' IN BOOLEAN MODE);
+
+# Test with more word The last document will return, please notice there
+# is no ordering requirement for proximity search.
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more test proximity"@3' IN BOOLEAN MODE);
+
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more test proximity"@2' IN BOOLEAN MODE);
+
+# The phrase search will not require exact word ordering
+SELECT id FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more fts proximity"@02' IN BOOLEAN MODE);
+
+DROP TABLE t1;
+
+
+
+#------------------------------------------------------------------------------
+# Test with FTS condition in subquery
+#------------------------------------------------------------------------------
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE id = (SELECT MAX(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE));
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE id = (SELECT MIN(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE));
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE id = (SELECT MIN(id) FROM t1 WHERE MATCH (a,b)
+AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) OR id = 3 ;
+
+
+# Select word "tutorial" in the table - innodb crash
+SELECT id FROM t1 WHERE CONCAT(t1.a,t1.b) IN (
+SELECT CONCAT(a,b) FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)
+) OR t1.id = 3 ;
+
+
+# Select word "tutorial" in the table  - innodb crash
+SELECT id FROM t1 WHERE CONCAT(t1.a,t1.b) IN (
+SELECT CONCAT(a,b) FROM t1 AS t2 
+WHERE MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t2.id != 3) ;
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE id IN (SELECT MIN(id) FROM t1 WHERE 
+MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) OR id = 3 ;
+
+# Select word except  "tutorial" in the table
+SELECT id FROM t1 WHERE id NOT IN (SELECT MIN(id) FROM t1 
+WHERE MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE)) ;
+
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE EXISTS (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t1.id = t2.id) ;
+
+
+# Select not word like "tutorial" using subquery
+SELECT id FROM t1 WHERE NOT EXISTS (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) 
+AND t1.id = t2.id) ;
+
+DROP TABLE t1;
+
+# boolean search 
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT ,
+        FULLTEXT (a,b)
+        ) ENGINE = InnoDB;
+
+INSERT INTO t1(a,b) VALUES('MySQL has now support', 'for full-text search'),
+('Full-text indexes', 'are called collections'),
+('Only MyISAM tables','support collections'),
+('Function MATCH ... AGAINST()','is used to do a search'),
+('Full-text search in MySQL', 'implements vector space model');
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE t1.id = (SELECT MAX(t2.id) FROM t1 AS t2 WHERE 
+        MATCH(t2.a,t2.b) AGAINST("+support +collections" IN BOOLEAN MODE));
+SELECT id FROM t1 WHERE t1.id != (SELECT MIN(t2.id) FROM t1 AS t2 WHERE 
+        MATCH(t2.a,t2.b) AGAINST("+search" IN BOOLEAN MODE));
+
+SELECT id FROM t1 WHERE t1.id IN (SELECT t2.id FROM t1 AS t2 WHERE 
+MATCH (t2.a,t2.b) AGAINST ("+call* +coll*" IN BOOLEAN MODE));
+
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE 
+MATCH t2.a,t2.b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE) AND t2.id=t1.id);
+
+
+#query expansion search
+# result differ for query expansion search even wo subquery
+#SELECT id FROM t1 WHERE t1.id = ( SELECT  MAX(t2.id) FROM t1 AS t2 WHERE 
+#MATCH(a,b) AGAINST ("collections" WITH QUERY EXPANSION));
+#SELECT id FROM t1 WHERE t1.id IN ( SELECT t2.id FROM t1 AS t2 WHERE
+#MATCH(a,b) AGAINST ("indexes" WITH QUERY EXPANSION));
+#SELECT id FROM t1 WHERE ( SELECT COUNT(*) FROM t1 AS t2 WHERE
+#MATCH(t2.a,t2.b) AGAINST ("indexes collections" WITH QUERY EXPANSION)) >= 1 
+#AND t1.id <=3 ;
+
+# proximity search 
+# insert for proximity search 
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+# Insert into table with similar word of different distances
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity fts search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test more proximity fts search, test, more proximity and phrase',
+         'search, with proximity innodb');
+
+
+SELECT id FROM t1 WHERE t1.id = (SELECT MAX(t2.id) FROM t1 AS t2 WHERE
+MATCH(t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+SELECT id FROM t1 WHERE t1.id > (SELECT MIN(t2.id) FROM t1 AS t2 WHERE
+MATCH(t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+
+SELECT id FROM t1 WHERE t1.id IN (SELECT t2.id FROM t1 AS t2 WHERE
+MATCH (t2.a,t2.b) AGAINST ('"proximity search"@2' IN BOOLEAN MODE));
+
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"proximity search"@2' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"more test proximity"@3' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+
+SELECT id FROM t1 WHERE EXISTS (SELECT id FROM t1 AS t2 WHERE
+MATCH t2.a,t2.b AGAINST ('"more test proximity"@2' IN BOOLEAN MODE)
+AND t2.id=t1.id);
+
+
+#------------------------------------------------------------------------------
+# create table AS SELECT from fts indexed table
+#------------------------------------------------------------------------------
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST ('support') ;
+SHOW CREATE TABLE t2;
+SELECT id FROM t2;
+DROP TABLE t2;
+
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST("+support +collections" IN BOOLEAN MODE);
+SHOW CREATE TABLE t2;
+SELECT id FROM t2;
+DROP TABLE t2;
+
+CREATE TABLE t2 ENGINE = InnoDB AS SELECT id FROM t1 WHERE
+MATCH a,b AGAINST ('"proximity search"@10' IN BOOLEAN MODE);
+SHOW CREATE TABLE t2;
+SELECT id FROM t2;
+DROP TABLE t2;
+
+DROP TABLE t1;
+
+
+#------------------------------------------------------------------------------
+# Verift FTS with NULL records
+#------------------------------------------------------------------------------
+# Create FTS table
+EVAL CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+('MySQL from Tutorial','DBMS stands for DataBase ...');
+
+let $counter = 50;
+--disable_query_log
+WHILE ($counter > 0) {
+   INSERT INTO t1 (a,b) VALUES (NULL,NULL);
+   dec $counter;
+}
+--enable_query_log
+INSERT INTO t1 (a,b) VALUES
+('when To Use MySQL Well','After that you went through a ...');
+
+let $counter = 50;
+--disable_query_log
+WHILE ($counter > 0) {
+   INSERT INTO t1 (a,b) VALUES (NULL,NULL);
+   dec $counter;
+}
+--enable_query_log
+INSERT INTO t1 (a,b) VALUES
+('where will Optimizing MySQL','what In this tutorial we will show ...');
+
+INSERT INTO t1 (a,b) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+('MySQL vs. YourSQL','In the following database comparison ...'),
+('MySQL Security','When configured properly, MySQL null...');
+
+SELECT COUNT(*) FROM t1;
+SELECT COUNT(*) FROM t1 WHERE a IS NULL;
+SELECT COUNT(*) FROM t1 WHERE b IS NOT NULL;
+
+SELECT id FROM t1
+     WHERE MATCH (a,b)
+     AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+SELECT id FROM t1
+     WHERE MATCH (a,b)
+     AGAINST (NULL IN NATURAL LANGUAGE MODE);
+SELECT id FROM t1
+     WHERE MATCH (a,b)
+     AGAINST (NULL WITH QUERY EXPANSION);
+SELECT id FROM t1
+     WHERE MATCH (a,b)
+     AGAINST ('null' IN NATURAL LANGUAGE MODE);
+# Boolean search
+# Select rows contain "MySQL" but not "YourSQL"
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE);
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE) AND (a IS NOT NULL OR b IS NOT NULL);
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('+MySQL -YourSQL' IN BOOLEAN MODE) AND (a IS NULL AND b IS NOT NULL);
+
+# Select rows contain at least one of the two words
+SELECT id FROM t1 WHERE MATCH (a,b)
+AGAINST ('DBMS Security' IN BOOLEAN MODE);
+
+# Test query expansion
+SELECT COUNT(*) FROM t1
+WHERE MATCH (a,b)
+AGAINST ('database' WITH QUERY EXPANSION);
+
+# proximity
+SELECT id FROM t1
+WHERE MATCH (a,b)
+AGAINST ('"following database"@10' IN BOOLEAN MODE);
+
+
+DROP TABLE t1;
+
+
+
+#------------------------------------------------------------------------------
+# More FTS test from peter's testing
+#------------------------------------------------------------------------------
+--disable_warnings
+drop table if exists t50;
+--enable_warnings
+
+set names utf8;
+
+
+--echo "----------Test1---------"
+# Create FTS table
+create table t50 (s1 varchar(60) character set utf8 collate utf8_bin) engine = innodb;
+create fulltext index i on t50 (s1);
+# INNODB_FTS: Assert - fixed
+# Assert : InnoDB: Failing assertion: rbt_validate(result_doc->tokens)
+insert into t50 values ('ABCDE'),('FGHIJ'),('KLMNO'),('V�ƷWİ');
+# it was giving empty result set instead of one record  
+select * from t50 where match(s1) against ('V�ƷWİ'); 
+drop table t50;
+
+
+--echo "----------Test2---------"
+create table t50 (s1 int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCDE');
+# INNODB_FTS: RESULT DIFF
+# Order by does not sort result. 
+# Optimizer's Evgeny is investigate a similar issue. InnoDB FTS is used only 
+# for FT search, and should not be used as regular index for such order by query. 
+# Correct the result file when fixed.
+select * from t50 order by s2; 
+drop table t50;
+
+
+--echo "----------Test3---------"
+create table t50 (id int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCDE');
+set @@autocommit=0;
+update t50 set s2 = lower(s2);
+update t50 set s2 = upper(s2); 
+commit;
+select * from t50 where match(s2) against ('V�ƷWİ FGHIJ KLMNO ABCDE' in boolean mode);
+select * from t50;
+drop table t50;
+set @@autocommit=1;
+
+--echo "----------Test4---------"
+create table t50 (id int unsigned primary key auto_increment, s2
+varchar(60) character set utf8) engine = innodb;
+create fulltext index i on t50 (s2);
+insert into t50 (s2) values ('FGHIJ'),('KLMNO'),('V�ƷWİ'),('ABCD*');
+select * from t50 where match(s2) against ('abcd*' in natural language
+mode); 
+# INNODB_FTS: RESULT DIFF(Expected). InnoDB do not index "*", so
+# word "ABCD" indexed, instead of "ABCD*"
+select * from t50 where match(s2) against ('abcd*' in boolean mode); 
+drop table t50;
+
+
+--echo "----------Test5---------"
+create table t50 (s1 int, s2 varchar(200), fulltext key(s2)) engine = innodb;
+set @@autocommit=0;
+insert into t50 values (1,'Sunshine'),(2,'Lollipops');
+select * from t50 where match(s2) against('Rainbows');
+rollback;
+select * from t50;
+drop table t50;
+set @@autocommit=1;
+
+--echo "----------Test6---------"
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('aab` MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('aas How To Use MySQL Well','After you went through a ...'),
+        ('aac Optimizing MySQL','In this tutorial we will show ...');
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('aac 1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('aab MySQL vs. YourSQL','In the following database comparison ...'),
+        ('aaa MySQL Security','When configured properly, MySQL ...');
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+
+-- disable_query_log
+-- disable_result_log
+ANALYZE TABLE t1;
+-- enable_result_log
+-- enable_query_log
+
+SELECT * FROM t1 ORDER BY MATCH(a,b) AGAINST ('aac') DESC;
+SELECT * FROM t1 ORDER BY MATCH(a,b) AGAINST ('aab') DESC; 
+
+--echo "----------Test7---------"
+select * from t1 where match(a,b) against ('aaa')
+union select * from t1 where match(a,b) against ('aab')
+union select * from t1 where match(a,b) against ('aac');
+
+select * from t1 where match(a,b) against ('aaa')
+                or    match(a,b) against ('aab')
+                or    match(a,b) against ('aac'); 
+
+DROP TABLE t1;
+
+--echo "----------Test8---------"
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ... abcd')  ,
+        ('How To Use MySQL Well','After you went through a q ...abdd'),
+        ('Optimizing MySQL','In this tutorial we will show ...abed');
+
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+EVAL SHOW CREATE TABLE t1;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. q ...'),
+        ('MySQL vs. YourSQL use','In the following database comparison ...'),
+        ('MySQL Security','When run configured properly, MySQL ...');
+
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run');
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('use');
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('went');
+# rows should be matched as 'q' is single char its not indexed
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run') AND NOT MATCH(a,b) AGAINST ('q');
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('use') AND NOT MATCH(a,b) AGAINST ('q');
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('went') AND NOT MATCH(a,b) AGAINST ('q');
+
+--echo "----------Test9---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE=MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+SET @x = (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('use'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('went'));
+SET @x = @x + (SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x2 = (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('run'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('use'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('went'));
+SET @x2 = @x2 + (SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('run'));
+# Innodb returns value for x which is correct
+SELECT @x, @x2;
+
+
+DROP TABLE t2;
+
+--echo "----------Test10---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE=MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+SELECT COUNT(*) FROM t1 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+
+DROP TABLE t2;
+
+
+--echo "----------Test11---------"
+CREATE TABLE t2 AS SELECT * FROM t1;
+ALTER TABLE t2 ENGINE = MYISAM;
+CREATE FULLTEXT INDEX i ON t2 (a,b);
+ALTER TABLE t2 ENGINE=InnoDB;
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ('run');
+SELECT COUNT(*) FROM t2 WHERE MATCH(a,b) AGAINST ('abc*' IN BOOLEAN MODE);
+DROP TABLE t2,t1;
+
+
+--echo "----------Test13---------"
+set names utf8;
+
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200) CHARACTER SET UTF8 COLLATE UTF8_SPANISH_CI) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1 (s2);
+INSERT INTO t1 VALUES (1,'aaCen'),(2,'aaCha'),(3,'aaCio'),(4,'aaçen'),(5,'aaçha'),(6,'aaçio');
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('aach*' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('aaC*' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+--echo "----------Test14---------"
+CREATE TABLE t1(s1 INT , s2 VARCHAR(100) CHARACTER SET sjis) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1 (s2);
+INSERT INTO t1 VALUES (1,'ペペペ'),(2,'テテテ'),(3,'ルルル'),(4,'グググ');
+# Innodb Asset : file ha_innodb.cc line 4557
+#SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('テテ*' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+
+--echo "----------Test15---------"
+CREATE TABLE t1 (s1 VARCHAR (60) CHARACTER SET UTF8 COLLATE UTF8_UNICODE_520_CI) ENGINE = MyISAM;
+CREATE FULLTEXT INDEX i ON t1 (s1);
+INSERT INTO t1 VALUES
+('a'),('b'),('c'),('d'),('����'),('LLLL'),(NULL),('���� ����'),('LLLLLLLL');
+SELECT * FROM t1 WHERE MATCH(s1) AGAINST ('LLLL' COLLATE UTF8_UNICODE_520_CI);
+DROP TABLE if EXISTS t2;
+CREATE TABLE t2 (s1 VARCHAR(60) CHARACTER SET UTF8 COLLATE UTF8_POLISH_CI) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t2 ( s1);
+INSERT INTO t2 VALUES
+('a'),('b'),('c'),('d'),('����'),('LLLL'),(NULL),('���� ����'),('LLLLLLLL');
+SELECT * FROM t2 WHERE MATCH(s1) AGAINST ('LLLL' COLLATE UTF8_UNICODE_520_CI);
+--disable_warnings
+DROP TABLE t1,t2;
+--enable_warnings
+
+--echo "----------Test16---------"
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(50) CHARACTER SET UTF8) ENGINE = InnoDB;
+CREATE FULLTEXT INDEX i ON t1(s2);
+INSERT INTO t1 VALUES (2, 'ğė Daśi      p          ');
+SELECT * FROM t1 WHERE MATCH(s2) AGAINST ('+p +"ğė Daśi*"' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+
+--echo "----------Test19---------"
+#19 Failure with Boolean quoted search
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8) ENGINE = InnoDB;
+INSERT INTO t1 VALUES (1,'İóëɠ');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+SELECT * FROM t1 WHERE MATCH(char_column) AGAINST ('"İóëɠ"' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+--echo "----------Test20---------"
+#20 Crash with utf32 and boolean mode.
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF32, char_column2 VARCHAR(60) character set utf8) ENGINE = InnoDB;
+INSERT INTO t1 (char_column) VALUES ('abcde'),('fghij'),('klmno'),('qrstu');
+UPDATE t1 SET char_column2 = char_column;
+CREATE FULLTEXT INDEX i ON t1 (char_column2);
+--error ER_FT_MATCHING_KEY_NOT_FOUND
+SELECT * FROM t1 WHERE MATCH(char_column) AGAINST ('abc*' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+--echo "----------Test22---------"
+# case 22
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8) ENGINE = InnoDB;
+INSERT INTO t1 VALUES (1,'aaa'),(2,'bbb'),(3,'ccc');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+HANDLER t1 OPEN;
+--error ER_KEY_DOESNT_SUPPORT
+HANDLER t1 READ i = ('aaa');
+DROP TABLE t1;
+#23. Duplicate key error when there are no unique indexes (procedure test)
+#24 Failure after cascading update - already have tests
+
+--echo "----------Test25---------"
+#25 Failure with Croatian boolean truncated search.
+CREATE TABLE t1 ( id INT , char_column VARCHAR(60) CHARACTER SET UTF8 COLLATE UTF8_CROATIAN_CI) ENGINE=InnoDB;
+INSERT INTO t1 VALUES (1,'LJin'),(2,'ljin'),(3,'lmin'),(4,'LJLJLJLJLJ');
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+#inndob:error incorrect result correct it after fix
+SELECT count(*) FROM t1 WHERE MATCH (char_column) AGAINST ('lj*' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+#26. Index error when run procedure call from multiple clients
+
+--echo "----------Test27---------"
+#27 Crash after server restart
+CREATE TABLE t1 (id INT,char_column VARCHAR(60)) ENGINE=InnoDB;
+SET @@autocommit=0;
+CREATE FULLTEXT INDEX i ON t1 (char_column);
+INSERT INTO t1 values (1,'aaa');
+echo "restart server..."
+# Restart the server
+--source include/restart_mysqld.inc
+DELETE FROM t1 WHERE MATCH(char_column) AGAINST ('bbb');
+SET @@autocommit=1;
+DROP TABLE t1;
+
+--echo "----------Test28---------"
+drop table if exists `fts_test`;
+create table `fts_test`(`a` text,fulltext key(`a`))engine=innodb;
+set session autocommit=0;
+insert into `fts_test` values ('');
+savepoint `b`;
+savepoint `b`;
+set session autocommit=1;
+DROP TABLE fts_test;
+
+# Continue test savepoint related operations. With a commit after
+# multiple rollback to savepoints
+--echo "----------Test29---------"
+CREATE TABLE articles (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        title VARCHAR(200),
+        body TEXT,
+        FULLTEXT (title,body)
+        ) ENGINE=InnoDB;
+
+INSERT INTO articles (title,body) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...');
+
+
+start transaction;
+
+INSERT INTO articles (title,body) VALUES 
+('How To Use MySQL Well','After you went through a ...');
+
+savepoint `a1`;
+
+INSERT INTO articles (title,body) VALUES
+('Optimizing MySQL','In this tutorial we will show ...');
+
+savepoint `a2`;
+
+INSERT INTO articles (title,body) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...');
+
+savepoint `a3`;
+
+INSERT INTO articles (title,body) VALUES
+('MySQL vs. YourSQL','In the following database comparison ...');
+
+savepoint `a4`;
+
+# FTS do not parse those uncommitted rows, only one row should show up
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+
+rollback to savepoint a3;
+
+# The last inserted row should not be there
+select title, body from articles;
+
+INSERT INTO articles (title,body) VALUES
+('MySQL Security','When configured properly, MySQL ...');
+
+savepoint `a5`;
+
+select title, body from articles;
+
+rollback to savepoint a2;
+
+select title, body from articles;
+
+commit;
+
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+DROP TABLE articles;
+
+# Continue test savepoint related operations. With a rollback after
+# multiple rollback to savepoints
+--echo "----------Test30---------"
+CREATE TABLE articles (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        title VARCHAR(200),
+        body TEXT,
+        FULLTEXT (title,body)
+        ) ENGINE=InnoDB;
+
+INSERT INTO articles (title,body) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...');
+
+start transaction;
+
+INSERT INTO articles (title,body) VALUES 
+('How To Use MySQL Well','After you went through a ...');
+
+savepoint `a1`;
+
+INSERT INTO articles (title,body) VALUES
+('Optimizing MySQL','In this tutorial we will show ...');
+
+savepoint `a2`;
+
+INSERT INTO articles (title,body) VALUES
+('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...');
+
+savepoint `a3`;
+
+INSERT INTO articles (title,body) VALUES
+('MySQL vs. YourSQL','In the following database comparison ...');
+
+savepoint `a4`;
+
+# FTS do not parse those uncommitted rows, only one row should show up
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+
+rollback to savepoint a3;
+
+# The last inserted row should not be there
+select title, body from articles;
+
+INSERT INTO articles (title,body) VALUES
+('MySQL Security','When configured properly, MySQL ...');
+
+savepoint `a5`;
+
+select title, body from articles;
+
+rollback to savepoint a2;
+
+select title, body from articles;
+
+rollback;
+
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Database' IN NATURAL LANGUAGE MODE);
+
+SELECT * FROM articles
+        WHERE MATCH (title,body)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+DROP TABLE articles;
+
+# Test for Bug #13907075 - DIFFERENT RESULTS FOR DIFFERENT TERM ORDER
+# WITH INNODB BOOLEAN FULLTEXT SEARCH. The FTS_IGNORE ("-") operation
+# is orderless
+# Create FTS table
+CREATE TABLE articles (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        title VARCHAR(200),
+        body TEXT,
+        FULLTEXT (title,body)
+        ) ENGINE=InnoDB;
+
+# Insert six rows
+INSERT INTO articles (title,body) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...'),
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+-- disable_result_log
+ANALYZE TABLE articles;
+-- enable_result_log
+
+SELECT *,  MATCH(title, body) AGAINST ('-database +MySQL' IN BOOLEAN MODE) AS score from articles;
+
+SELECT *, MATCH(title, body) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score  FROM articles;
+
+# With subquery
+SELECT * FROM articles where  MATCH(title, body) AGAINST ('MySQL - (database - tutorial)' IN BOOLEAN MODE);
+
+SELECT * FROM articles where MATCH(title, body) AGAINST ('MySQL - (- tutorial database)' IN BOOLEAN MODE);
+
+# More complex query
+SELECT * FROM articles where MATCH(title, body) AGAINST ('MySQL - (- tutorial database) -Tricks' IN BOOLEAN MODE);
+
+SELECT * FROM articles where MATCH(title, body) AGAINST ('-Tricks MySQL - (- tutorial database)' IN BOOLEAN MODE);
+
+DROP TABLE articles;
+
+# Test for Bug 13940669 - 64901: INNODB: ASSERTION FAILURE IN
+# THREAD 34387022112 IN FILE REM0CMP.CC LINE 5
+
+drop table if exists t1;
+
+create table t1 (FTS_DOC_ID bigint unsigned auto_increment not null primary key,
+title varchar(200),body text,fulltext(title,body)) engine=innodb;
+
+insert into t1 set body='test';
+
+select * from t1 where match(title,body) against('%test');
+
+select * from t1 where match(title,body) against('%');
+
+select * from t1 where match(title,body) against('%%%%');
+
+drop table t1;
+
+# Test for Bug 13881758 - 64745: CREATE FULLTEXT INDEX CAUSES CRASH
+# Create a database with empty space in its name
+CREATE DATABASE `benu database`;
+
+USE `benu database`;
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+EVAL SHOW CREATE TABLE t1;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+select id, MATCH(a,b) AGAINST("collections support" IN BOOLEAN MODE) as x from t1;
+select id from t1 where MATCH a,b AGAINST ("+call* +coll*" IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"support now"' IN BOOLEAN MODE);
+select id from t1 where MATCH a,b AGAINST ('"Now sUPPort"' IN BOOLEAN MODE);
+
+DROP DATABASE `benu database`;
+
+USE test;
+
+# Test for Bug #14101706 - CRASH WITH DDL IN ROW_MERGE_BUILD_INDEXES
+# WHEN FULLTEXT INDEXES EXIST
+
+CREATE TABLE `t21` (`a` text, `b` int not null,
+fulltext key (`a`), fulltext key (`a`)
+) ENGINE=INNODB DEFAULT CHARSET=LATIN1;
+
+--error ER_ALTER_OPERATION_NOT_SUPPORTED_REASON
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`), ALGORITHM=INPLACE;
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`);
+
+DROP TABLE t21;
+
+CREATE TABLE `t21` (`a` text, `b` int not null,
+fulltext key (`a`)) ENGINE=INNODB DEFAULT CHARSET=LATIN1;
+
+ALTER  TABLE `t21` ADD UNIQUE INDEX (`b`);
+
+DROP TABLE t21;
+
+# Test primary index rebuild
+CREATE TABLE t1 (
+        id INT NOT NULL,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 VALUES
+        (1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        (2, 'How To Use MySQL Well','After you went through a ...'),
+        (3, 'Optimizing MySQL','In this tutorial we will show ...');
+
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+
+ALTER  TABLE t1 ADD UNIQUE INDEX (`id`);
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select id, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+
+DROP TABLE t1;
+
+# Test create the FTS and primary index in the same clause
+CREATE TABLE t1 (
+        id INT NOT NULL,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 VALUES
+        (1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        (2, 'How To Use MySQL Well','After you went through a ...'),
+        (3, 'Optimizing MySQL','In this tutorial we will show ...');
+
+ALTER  TABLE t1 ADD UNIQUE INDEX (`id`), ADD FULLTEXT INDEX idx (a,b);
+
+# Select word "tutorial" in the table
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select id from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select id from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+
+DROP TABLE t1;
+
+# Create FTS table with FTS_DOC_ID already existed
+CREATE TABLE t1 (
+        FTS_DOC_ID BIGINT UNSIGNED NOT NULL,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 VALUES
+        (1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        (2, 'How To Use MySQL Well','After you went through a ...'),
+        (3, 'Optimizing MySQL','In this tutorial we will show ...');
+
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+
+ALTER  TABLE t1 ADD UNIQUE INDEX (`FTS_DOC_ID`);
+
+# Select word "tutorial" in the table
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select FTS_DOC_ID, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+
+DROP TABLE t1;
+
+# Create FTS table with FTS_DOC_ID and FTS_DOC_ID_INDEX
+CREATE TABLE t1 (
+        FTS_DOC_ID BIGINT UNSIGNED NOT NULL,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 VALUES
+        (1, 'MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        (2, 'How To Use MySQL Well','After you went through a ...'),
+        (3, 'Optimizing MySQL','In this tutorial we will show ...');
+
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b), ADD UNIQUE INDEX FTS_DOC_ID_INDEX (FTS_DOC_ID);
+
+# Select word "tutorial" in the table
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+# boolean mode
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+support +collections" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search +(support vector)" IN BOOLEAN MODE);
+select FTS_DOC_ID from t1 where MATCH(a,b) AGAINST("+search -(support vector)" IN BOOLEAN MODE);
+select FTS_DOC_ID, MATCH(a,b) AGAINST("support collections" IN BOOLEAN MODE) as x from t1;
+
+DROP TABLE t1;
+
+# Test for bug #14079609 - FTS: CRASH IN FTS_TRX_TABLE_CMP WITH SAVEPOINTS, XA
+
+CREATE TABLE t2 (`b` char(2),fulltext(`b`)) ENGINE=INNODB
+DEFAULT CHARSET=LATIN1;
+
+CREATE TABLE t3 LIKE t2;
+
+INSERT INTO `t2` VALUES();
+
+COMMIT WORK AND CHAIN;
+
+INSERT  INTO `t3` VALUES ();
+UPDATE  `t2` SET `b` = 'a';
+
+SAVEPOINT BATCH1;
+
+DROP TABLE t2;
+DROP TABLE t3;
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+
+COMMIT WORK AND CHAIN;
+
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+SAVEPOINT BATCH1;
+
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('MySQL' IN NATURAL LANGUAGE MODE);
+
+INSERT INTO t1 (a,b) VALUES
+        ('1002 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+
+ROLLBACK TO SAVEPOINT BATCH1;
+
+COMMIT;
+
+SELECT id FROM t1 WHERE MATCH (a,b)
+        AGAINST ('MySQL' IN NATURAL LANGUAGE MODE);
+
+DROP TABLE t1;
+
+# Test for Bug 14588091 - FTS: BUFFER OVERFLOW IN FTS_AST_CREATE_NODE_TEXT
+CREATE TABLE `t` (`a` char(20) character set utf8 default null,
+fulltext key (`a`)) ENGINE=INNODB;
+INSERT INTO `t` VALUES ('a');
+INSERT INTO `t` VALUES ('aaa');
+
+# 0x22 is the '"', 0xdd is not encoded in utf8
+SELECT MATCH(`a`) AGAINST (0x22dd22) FROM `t`;
+SELECT MATCH(`a`) AGAINST (0x2222) FROM `t`;
+SELECT MATCH(`a`) AGAINST (0x22) FROM `t`;
+
+# this should show one match
+SELECT MATCH(`a`) AGAINST (0x2261616122) FROM `t`;
+
+# again 0xdd should be ignored
+SELECT MATCH(`a`) AGAINST (0x2261dd6122) FROM `t`;
+
+SELECT MATCH(`a`) AGAINST (0x2261dd612222226122) FROM `t`;
+
+DROP TABLE t;
+
+# InnoDB FTS does not support index scan from handler
+CREATE TABLE t(a CHAR(1),FULLTEXT KEY(a)) ENGINE=INNODB;
+HANDLER t OPEN;
+HANDLER t READ a NEXT;
+HANDLER t READ a PREV;
+DROP TABLE t;
+
+CREATE TABLE `%`(a TEXT, FULLTEXT INDEX(a)) ENGINE=INNODB;
+CREATE TABLE `A B`(a TEXT, FULLTEXT INDEX(a)) ENGINE=INNODB;
+DROP TABLE `%`;
+DROP TABLE `A B`;
+
+CREATE TABLE `t-26`(a VARCHAR(10),FULLTEXT KEY(a)) ENGINE=INNODB;
+INSERT INTO `t-26` VALUES('117');
+DROP TABLE `t-26`;
+
+# Test on phrase search with stopwords contained in the search string
+CREATE TABLE `t1` (
+  `id` INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
+  `content` TEXT NOT NULL,
+  PRIMARY KEY (`id`),
+  FULLTEXT INDEX `IDX_CONTEXT_FULLTEXT`(`content`)
+)
+ENGINE = InnoDB;
+
+insert into t1 (content)
+values
+('This is a story which has has a complicated phrase structure here in the
+middle'),
+('This is a story which doesn''t have that text'),
+('This is a story that has complicated the phrase structure');
+
+select * from t1
+where match(content) against('"complicated phrase structure"' in boolean
+mode);
+
+# Test single phrase search with "+" symbol, one row should be returned
+select * from t1
+where match(content) against('+"complicated phrase structure"' in boolean
+mode);
+
+# Test phrase search with stopwords in between, one row should be returned
+select * from t1
+where match(content) against('"complicated the phrase structure"' in boolean
+mode);
+
+# Test phrase search with multiple "+" symbols
+select * from t1 where match(content) against('+"this is a story which" +"complicated the phrase structure"' in boolean mode);
+
+# Test phrase search with leading word is a stopword, such stopword would be
+# ignored
+select * from t1 where match(content) against('"the complicated the phrase structure"' in boolean mode);
+
+# Test phrase search with non-matching stopword in between, no row should be
+# returned
+select * from t1 where match(content) against('"complicated a phrase structure"' in boolean mode);
+
+DROP TABLE t1;
+
+CREATE TABLE my (id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY,
+c VARCHAR(32), FULLTEXT(c)) ENGINE = INNODB;
+
+INSERT INTO my (c) VALUES ('green-iguana');
+
+SELECT * FROM my WHERE MATCH(c) AGAINST ('green-iguana');
+
+DROP TABLE my;
+
+CREATE TABLE ift (
+  `a` int(11) NOT NULL,
+  `b` text,
+  PRIMARY KEY (`a`),
+  FULLTEXT KEY `b` (`b`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+INSERT INTO ift values (1, "skip");
+INSERT INTO ift values (2, "skip and networking");
+INSERT INTO ift values (3, "--skip-networking");
+INSERT INTO ift values (4, "-donot--skip-networking");
+
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('--skip-networking');
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('skip-networking');
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('----');
+SELECT * FROM ift WHERE MATCH (b) AGAINST ('-donot--skip-networking');
+
+DROP TABLE ift;
+
+# Test special cases of wildword.
+# Create FTS table
+CREATE TABLE articles (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        title VARCHAR(200),
+        body TEXT,
+        FULLTEXT (title,body)
+        ) ENGINE=InnoDB;
+
+# Insert six rows
+INSERT INTO articles (title,body) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...'),
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('( that''s me )','When configured properly, MySQL ...');
+
+SELECT * FROM articles WHERE MATCH (title,body)
+        AGAINST ('( yours''s* )' IN BOOLEAN MODE);
+
+SELECT * FROM articles WHERE MATCH (title,body)
+	AGAINST ('s*' IN BOOLEAN MODE);
+
+SELECT * FROM articles WHERE MATCH (title,body)
+        AGAINST ('stands\'] | * | show[@database' IN NATURAL LANGUAGE MODE);
+
+DROP TABLE articles;
+
+# Test for BUG#16429688 - FTS: SYNTAX ERROR, UNEXPECTED '*', EXPECTING $END
+CREATE TABLE t1(a TEXT CHARACTER SET LATIN1, FULLTEXT INDEX(a)) ENGINE=INNODB;
+
+--error ER_PARSE_ERROR
+SELECT * FROM t1 WHERE MATCH(a) AGAINST("*");
+
+DROP TABLE t1;
+
+# Test for BUG#16516193 - LITERAL PHRASES CANNOT BE COMBINED WITH + OR - OPERATOR
+# Create FTS table
+CREATE TABLE t1 (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	a VARCHAR(200),
+	FULLTEXT (a)
+	) ENGINE= InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a) VALUES
+	('Do you know MySQL is a good database'),
+	('How to build a good database'),
+	('Do you know'),
+	('Do you know MySQL'),
+	('How to use MySQL'),
+	('Do you feel good'),
+	('MySQL is good'),
+	('MySQL is good to know'),
+	('What is database');
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know mysql"' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql")' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('("know mysql" good)' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql" good)' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('(good "know mysql")' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+(good "know mysql")' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+("know mysql" "good database")' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know mysql" +"good database"' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know database"@4' IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"know database"@8' IN BOOLEAN MODE);
+
+# Drop table
+DROP TABLE t1;
+
+# Test for BUG#16885178 - INNODB FULLTEXT PHRASE SEARCH VALGRIND ERROR
+CREATE TABLE t1 (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	a VARCHAR(200),
+	FULLTEXT (a)
+	) ENGINE= InnoDB;
+
+# Insert a special row
+INSERT INTO t1 (a) VALUES
+        ('know mysql good database');
+
+# This phrase search fails in valgrind test before the fix.
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('+"good database"' IN BOOLEAN MODE);
+
+DROP TABLE t1;
+
+# Test single term ranking
+CREATE TABLE articles (
+       id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+       title VARCHAR(200),
+       body TEXT,
+       FULLTEXT (title,body)
+  ) ENGINE=InnoDB;
+
+# Repeatedly insert/delete records, the ranking should be the same for
+# each of them
+INSERT INTO articles (title,body) VALUES ('Test Article','blah blah
+blah'),("Matt's Noise",'this is noisy'),('February Weather','It was terrible
+this year.'),('Peter Pan','Tis a kids story.'),('Test1','nada'),('Database
+database database','foo database database database'),('Database article
+title','body with lots of words.'),('myfulltext database', 'my test fulltext
+database');  
+
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+DELETE from articles WHERE title like "myfulltext database";
+
+INSERT INTO articles (title,body) VALUES ('myfulltext database', 'my test fulltext database');
+
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+DELETE from articles WHERE title like "myfulltext database";
+
+INSERT INTO articles (title,body) VALUES ('myfulltext database', 'my test fulltext database');
+
+SELECT id, title, body FROM articles ORDER BY MATCH (title,body)  AGAINST ('database' IN BOOLEAN MODE) DESC;
+
+DROP TABLE articles;
+
+# Test for BUG 18277305 - FTS: FAILING ASSERTION: PTR[1] == '\"'
+# IN FTS_AST_CREATE_NODE_TEXT
+CREATE TABLE t1(
+	a TEXT CHARSET ujis COLLATE ujis_japanese_ci,
+	b TEXT CHARSET utf8mb4 COLLATE utf8mb4_turkish_ci,
+	c TEXT CHARSET eucjpms COLLATE eucjpms_bin,
+	d TEXT CHARSET utf8mb4,
+	FULLTEXT INDEX(a),
+	FULLTEXT INDEX(b),
+	FULLTEXT INDEX(c),
+	FULLTEXT INDEX(d)
+) ENGINE = InnoDB;
+
+INSERT INTO t1 VALUES
+	('myisam', 'myisam', 'myisam', 'myisam'),
+	('innodb', 'innodb', 'innodb', 'innodb'),
+	('innodb myisam', 'innodb myisam', 'innodb myisam', 'innodb myisam'),
+	('memory', 'memory', 'memory', 'memory'),
+	('archive', 'archive', 'archive', 'archive'),
+	('federated', 'federated', 'federated', 'federated'),
+	('storage engine innodb', 'storage engine innodb', 'storage engine innodb', 'storage engine innodb'),
+	('storage engine myisam', 'storage engine myisam', 'storage engine myisam', 'storage engine myisam'),
+	('innobase', 'innobase', 'innobase', 'innobase'),
+	('myisam innodb', 'myisam innodb', 'myisam innodb', 'myisam innodb'),
+	('innodb myisam engines', 'innodb myisam engines', 'innodb myisam engines', 'innodb myisam engines');
+
+# Test the ujis_japanese_ci
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', ' ', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '&', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '&', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '%', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+--error ER_PARSE_ERROR
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+
+
+# Test the utf8mb4_turkish_ci
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', ' ', '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '&', 0x00, '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, '&', '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', '%', '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+--error ER_PARSE_ERROR
+SELECT b FROM t1 WHERE MATCH (b) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+
+# Test the eucjpms_bin
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', ' ', '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '&', 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, '&', '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', '%', '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+--error ER_PARSE_ERROR
+SELECT c FROM t1 WHERE MATCH (c) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+
+ALTER TABLE t1 ENGINE = MyISAM;
+
+# Test the query against myisam to verify
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', ' ', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, '"', 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '&', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, '&', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', '%', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, 0x00, 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', 0x00, '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', '(', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', ')'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', 'm', 'y', 'i', 's', 'a', 'm', '"'));
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 0x00, 'i', 'n', 'n', 'o', 'd', 'b', '@', '$', 'm', 'y', 'i', 's', 'a', 'm', '%', 0x00, 0x00, '"','@', '2') IN BOOLEAN MODE);
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT('"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 'm', 'y', 'i', 's', 'a', 'm', '"','@', '4') IN BOOLEAN MODE);
+SELECT a FROM t1 WHERE MATCH (a) AGAINST (CONCAT(0x00, '"', 'i', 'n', 'n', 'o', 'd', 'b', ' ', '$', 's', 't', 'o', 'r', 'a', 'g', 'e', '"','@', '4', 0x00) IN BOOLEAN MODE);
+
+DROP TABLE t1;
+
+# Test for BUG#18229097 - FTS: DID NOT FIND WORD 0 IN DOC 39161 FOR QUERY EXPANSION SEARCH.
+CREATE TABLE t1 (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	a VARCHAR(200),
+	FULLTEXT (a)
+) ENGINE= InnoDB;
+
+INSERT INTO t1 (a) VALUES
+        ('know database'),('good database'), ('gmail email'), ('ghome windows');
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g *' IN NATURAL LANGUAGE MODE);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * k *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * k * d *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * go *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g * good' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('gm * go *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('good *' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH (a) AGAINST ('g* database' IN NATURAL LANGUAGE MODE WITH QUERY EXPANSION);
+
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_fts/t/misc_1.test b/mysql-test/suite/innodb_fts/t/misc_1.test
new file mode 100644
index 00000000..45eaf447
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/misc_1.test
@@ -0,0 +1,894 @@
+--source include/have_innodb.inc
+--source include/innodb_page_size_small.inc
+--source include/no_valgrind_without_big.inc
+
+#------------------------------------------------------------------------------
+# FTS with FK and update cascade
+#-------------------------------------------------------------------------------
+set names utf8;
+
+call mtr.add_suppression("\\[Warning\\] InnoDB: A new Doc ID must be supplied while updating FTS indexed columns.");
+call mtr.add_suppression("\\[Warning\\] InnoDB: FTS Doc ID must be larger than [0-9]+ for table `test`.`t1`");
+
+# Create FTS table
+CREATE TABLE t1 (
+        id1 INT ,
+        a1 VARCHAR(200) ,
+        b1 TEXT ,
+        FULLTEXT KEY (a1,b1), PRIMARY KEY (a1, id1)
+        ) CHARACTER SET = utf8 , ENGINE = InnoDB;
+
+CREATE TABLE t2 (
+        id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a2 VARCHAR(200),
+        b2 TEXT ,
+        FOREIGN KEY (a2) REFERENCES t1(a1) ON UPDATE CASCADE,
+        FULLTEXT KEY (b2,a2)
+        ) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (id1,a1,b1) VALUES
+        (1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        (2,'How To Use MySQL Well','After you went through a ...'),
+        (3,'Optimizing MySQL','In this tutorial we will show ...');
+
+# Insert rows
+INSERT INTO t1 (id1,a1,b1) VALUES
+        (4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        (5,'MySQL vs. YourSQL','In the following database comparison ...'),
+        (6,'MySQL Security','When configured properly, MySQL ...');
+
+# Insert rows in t2 fk table
+INSERT INTO t2 (a2,b2) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Insert rows t2 fk table
+INSERT INTO t2 (a2,b2) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+# error on violating fk constraint
+--error 1452
+INSERT INTO t2 (a2,b2) VALUES
+        ('MySQL Tricks','1. Never run mysqld as root. 2. ...');
+
+# error on delete from parent table
+--error 1451
+DELETE FROM t1;
+
+ANALYZE TABLE t1; 
+ANALYZE TABLE t2;
+
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial') ORDER BY id1;
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial') ORDER BY id2;
+
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id1;
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id2;
+
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id1;
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id2;
+
+
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+
+set global innodb_optimize_fulltext_only=1;
+optimize table t1;
+set global innodb_optimize_fulltext_only=0;
+# Updating parent table hence child table should get updated due to 'update cascade' clause
+UPDATE t1 SET a1 = "changing column - on update cascade" , b1 = "to check foreign constraint" WHERE
+MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+
+# no records expected
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+# InnoDB:Error child table shows records which is incorrect - UPADTE on Fix
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+
+# it shows updated record
+SELECT id1 FROM t1 WHERE MATCH (a1,b1) AGAINST ('+update +cascade' IN BOOLEAN MODE) ORDER BY id1;
+# InnoDB:Error child table does not show the expected record
+SELECT id2 FROM t2 WHERE MATCH (a2,b2) AGAINST ('+update +cascade' IN BOOLEAN MODE) ORDER BY id2;
+SELECT id2 FROM t2 WHERE a2 LIKE '%UPDATE CASCADE%' ORDER BY id2;
+
+DROP TABLE t2 , t1;
+
+# on update cascade
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+  fulltext key(s2),
+  foreign key (s1,s2) references t1 (s1,s2) on update cascade) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+update t1 set s2 = 'Rainbows' where s2 <> 'Sunshine';
+commit;
+select * from t2 where match(s2) against ('Lollipops');
+DROP TABLE t2 , t1;
+
+# on delete cascade
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+  fulltext key(s2),
+  foreign key (s1,s2) references t1 (s1,s2) on delete cascade) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+delete from t1  where s2 <> 'Sunshine';
+select * from t2 where match(s2) against ('Lollipops');
+DROP TABLE t2 , t1;
+
+# on delete set NULL
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+  fulltext key(s2),
+  foreign key (s1,s2) references t1 (s1,s2) on delete set null) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+delete from t1 where s2 <> 'Sunshine';
+select * from t2 where match(s2) against ('Lollipops');
+DROP TABLE t2 , t1;
+
+
+# on update set NULL
+create table t1 (s1 int, s2 varchar(200), primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (s1 int, s2 varchar(200),
+  fulltext key(s2),
+  foreign key (s1,s2) references t1 (s1,s2) on update set null) ENGINE = InnoDB;
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+update t1 set s2 = 'Rainbows' where s2 <> 'Sunshine';
+commit;
+select * from t2 where match(s2) against ('Lollipops');
+DROP TABLE t2 , t1;
+
+# When Doc ID is involved
+create table t1 (s1 bigint unsigned not null, s2 varchar(200),
+		 primary key (s1,s2)) ENGINE = InnoDB;
+create table t2 (FTS_DOC_ID BIGINT UNSIGNED NOT NULL, s2 varchar(200),
+		 foreign key (FTS_DOC_ID) references t1 (s1)
+		 on update cascade) ENGINE = InnoDB;
+
+create fulltext index idx on t2(s2);
+
+show create table t2;
+
+insert into t1 values (1,'Sunshine'),(2,'Lollipops');
+insert into t2 values (1,'Sunshine'),(2,'Lollipops');
+
+update t1 set s1 = 3 where s1=1;
+
+select * from t2 where match(s2) against ('sunshine');
+
+# FTS Doc ID cannot be reused
+--error 1451
+update t1 set s1 = 1 where s1=3;
+
+DROP TABLE t2 , t1;
+
+#------------------------------------------------------------------------------
+# FTS with FK and delete casecade
+#------------------------------------------------------------------------------
+
+# Create FTS table
+CREATE TABLE t1 (
+        id1 INT ,
+        a1 VARCHAR(200) PRIMARY KEY,
+        b1 TEXT character set utf8 ,
+        FULLTEXT KEY (a1,b1)
+        ) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+
+CREATE TABLE t2 (
+        id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a2 VARCHAR(200),
+        b2 TEXT character set utf8 ,
+        FOREIGN KEY (a2) REFERENCES t1(a1) ON DELETE CASCADE,
+        FULLTEXT KEY (b2,a2)
+        ) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (id1,a1,b1) VALUES
+        (1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        (2,'How To Use MySQL Well','After you went through a ...'),
+        (3,'Optimizing MySQL','In this tutorial we will show ...'),
+        (4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        (5,'MySQL vs. YourSQL','In the following database comparison ...'),
+        (6,'MySQL Security','When configured properly, MySQL ...');
+
+# Insert rows in t2
+INSERT INTO t2 (a2,b2) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...'),
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+# delete records from parent
+DELETE FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+
+# no records expected
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+
+SELECT * FROM t1 WHERE a1 LIKE '%tutorial%';
+SELECT * FROM t2 WHERE a2 LIKE '%tutorial%';
+
+DROP TABLE t2 , t1;
+
+#------------------------------------------------------------------------------
+# FTS with FK+transactions and UPDATE casecade with transaction
+#-------------------------------------------------------------------------------
+
+call mtr.add_suppression("\\[ERROR\\] InnoDB: FTS Doc ID must be larger than 3 for table `test`.`t2`");
+
+# Create FTS table
+CREATE TABLE t1 (
+        id1 INT ,
+        a1 VARCHAR(200) ,
+        b1 TEXT ,
+        FULLTEXT KEY (a1,b1), PRIMARY KEY(a1, id1)
+        ) CHARACTER SET = utf8 , ENGINE = InnoDB;
+
+CREATE TABLE t2 (
+        id2 INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a2 VARCHAR(200),
+        b2 TEXT ,
+        FOREIGN KEY (a2) REFERENCES t1(a1) ON UPDATE CASCADE,
+        FULLTEXT KEY (b2,a2)
+        ) CHARACTER SET = utf8 ,ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (id1,a1,b1) VALUES
+        (1,'MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        (2,'How To Use MySQL Well','After you went through a ...'),
+        (3,'Optimizing MySQL','In this tutorial we will show ...');
+
+# Insert rows in t2 fk table
+INSERT INTO t2 (a2,b2) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+START TRANSACTION;
+# Insert rows
+INSERT INTO t1 (id1,a1,b1) VALUES
+        (4,'1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        (5,'MySQL vs. YourSQL','In the following database comparison ...'),
+        (6,'MySQL Security','When configured properly, MySQL ...');
+
+# Insert rows t2 fk table
+INSERT INTO t2 (a2,b2) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+# error on violating fk constraint
+--error 1452
+INSERT INTO t2 (a2,b2) VALUES
+        ('MySQL Tricks','1. Never run mysqld as root. 2. ...');
+
+# error on DELETE FROM parent table
+--error 1451
+DELETE FROM t1;
+
+# records expected
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial') ORDER BY id1;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial') ORDER BY id2;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id1;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ORDER BY id2;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id1;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial' WITH QUERY EXPANSION) ORDER BY id2;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('"dbms database"@4' IN BOOLEAN MODE) ;
+
+# no records as data not COMMITted.
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('root') ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('root') ;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('mysqld (+root)' IN BOOLEAN MODE) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('mysqld (-root)' IN BOOLEAN MODE) ;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('root' WITH QUERY EXPANSION) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('root' WITH QUERY EXPANSION) ;
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('"database comparison"@02' IN BOOLEAN MODE) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('"database comparison"@02' IN BOOLEAN MODE) ;
+
+SELECT * FROM t1 ORDER BY id1;
+SELECT * FROM t2 ORDER BY id2;
+
+COMMIT;
+
+START TRANSACTION;
+# Updating parent table hence child table should get updated due to 'UPDATE cascade' clause
+UPDATE t1 SET a1 = "changing column - on UPDATE cascade" , b1 = "to check foreign constraint" WHERE
+MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+COMMIT;
+
+# no records expected
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('tutorial (+mysql -V�ƷWİ)' IN BOOLEAN MODE) ;
+
+# it shows updated record
+SELECT * FROM t1 WHERE MATCH (a1,b1) AGAINST ('+UPDATE +cascade' IN BOOLEAN MODE) ORDER BY id1;
+SELECT * FROM t2 WHERE MATCH (a2,b2) AGAINST ('+UPDATE +cascade' IN BOOLEAN MODE) ORDER BY id2;
+SELECT * FROM t2 WHERE a2 LIKE '%UPDATE CASCADE%' ORDER BY id2;
+
+DROP TABLE t2 , t1;
+
+
+# FTS with FK+transactions - UPDATE cascade
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+# FTS with FK+transactions -  on DELETE cascade
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1  WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+# FTS with FK+transactions -  DELETE SET NULL
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1 WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+
+# FTS with FK+transactions -  UPDATE SET NULL
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+COMMIT;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+
+#-----------------------------------------------------------------------------
+
+# FTS with FK+transactions - UPDATE cascade
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+# FTS with FK+transactions - DELETE cascade
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE cascade) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1  WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+# FTS with FK+transactions - DELETE SET NULL
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on DELETE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+DELETE FROM t1 WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+
+# FTS with FK+transactions - UPDATE SET NULL
+CREATE TABLE t1 (s1 INT, s2 VARCHAR(200), PRIMARY KEY (s1,s2)) ENGINE = InnoDB;
+CREATE TABLE t2 (s1 INT, s2 VARCHAR(200),
+  FULLTEXT KEY(s2),
+  FOREIGN KEY (s1,s2) REFERENCES t1 (s1,s2) on UPDATE SET NULL) ENGINE = InnoDB;
+START TRANSACTION;
+INSERT INTO t1 VALUES (1,'Sunshine'),(2,'Lollipops');
+INSERT INTO t2 VALUES (1,'Sunshine'),(2,'Lollipops');
+UPDATE t1 set s2 = 'Rainbows' WHERE s2 <> 'Sunshine';
+ROLLBACK;
+SELECT * FROM t2 WHERE MATCH(s2) AGAINST ('Lollipops');
+DROP TABLE t2 , t1;
+
+
+#------------------------------------------------------------------------------
+# FTS index with compressed row format
+#------------------------------------------------------------------------------
+
+# Save innodb variables
+let $innodb_file_per_table_orig=`select @@innodb_file_per_table`;
+
+set global innodb_file_per_table=1;
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) CHARACTER SET = utf8, ROW_FORMAT=COMPRESSED, ENGINE = InnoDB;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','DBMS stands for DataBase V�ƷWİ...')  ,
+        ('How To Use MySQL Well','After you went through a ...'),
+        ('Optimizing MySQL','In this tutorial we will show ...');
+
+# Create the FTS index Using Alter Table
+ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b);
+EVAL SHOW CREATE TABLE t1;
+
+# Check whether individual space id created for AUX tables
+SELECT count(*) FROM information_schema.innodb_sys_tables WHERE name LIKE "%FTS_%" AND space !=0;
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+        ('MySQL vs. YourSQL','In the following database comparison ...'),
+        ('MySQL Security','When configured properly, MySQL ...');
+
+-- disable_result_log
+ANALYZE TABLE t1;
+-- enable_result_log
+
+# Select word "tutorial" in the table
+SELECT * FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+
+# boolean mode
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +V�ƷWİ" IN BOOLEAN MODE);
+--error ER_PARSE_ERROR
+select * from t1 where MATCH(a,b) AGAINST("+-V�ƷWİ" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+Mysql +(tricks never)" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+mysql -(tricks never)" IN BOOLEAN MODE) ORDER BY id;
+select *, MATCH(a,b) AGAINST("mysql stands" IN BOOLEAN MODE) as x from t1 ORDER BY id;
+select * from t1 where MATCH a,b AGAINST ("+database* +V�ƷW*" IN BOOLEAN MODE);
+select * from t1 where MATCH a,b AGAINST ('"security mysql"' IN BOOLEAN MODE);
+
+# query expansion
+select * from t1 where MATCH(a,b) AGAINST ("V�ƷWİ" WITH QUERY EXPANSION) ORDER BY id;
+
+# Drop index 
+ALTER TABLE t1 DROP INDEX idx;
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+-- disable_query_log
+-- disable_result_log
+ANALYZE TABLE t1;
+-- enable_result_log
+-- enable_query_log
+
+# Select word "tutorial" in the table
+SELECT * FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+
+# boolean mode
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +V�ƷWİ" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+dbms" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+Mysql +(tricks never)" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+mysql -(tricks never)" IN BOOLEAN MODE) ORDER BY id;
+select *, MATCH(a,b) AGAINST("mysql V�ƷWİ" IN BOOLEAN MODE) as x from t1 ORDER BY id;
+# Innodb:Assert eval0eval.c line 148
+#select * from t1 where MATCH a,b AGAINST ("+database* +V�ƷWİ*" IN BOOLEAN MODE);
+select * from t1 where MATCH a,b AGAINST ('"security mysql"' IN BOOLEAN MODE);
+
+# query expansion
+select * from t1 where MATCH(a,b) AGAINST ("V�ƷWİ" WITH QUERY EXPANSION) ORDER BY id;
+
+
+# insert for proximity search 
+INSERT INTO t1 (a,b) VALUES ('test query expansion','for database ...');
+# Insert into table with similar word of different distances
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test proximity fts search, test, proximity and phrase',
+         'search, with proximity innodb');
+
+INSERT INTO t1 (a,b) VALUES
+        ('test more proximity fts search, test, more proximity and phrase',
+         'search, with proximity innodb');
+
+# This should only return the first document
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@2' IN BOOLEAN MODE);
+
+# This would return no document
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@1' IN BOOLEAN MODE);
+
+# This give you all three documents
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"proximity search"@3' IN BOOLEAN MODE) ORDER BY id;
+
+# Similar boundary testing for the words
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"test proximity"@5' IN BOOLEAN MODE) ORDER BY id;
+
+# Test with more word The last document will return, please notice there
+# is no ordering requirement for proximity search.
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more test proximity"@2' IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more test proximity"@3' IN BOOLEAN MODE);
+
+# The phrase search will not require exact word ordering
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"more fts proximity"@03' IN BOOLEAN MODE);
+
+
+UPDATE t1 SET a = UPPER(a) , b = UPPER(b) ;
+UPDATE t1 SET a = UPPER(a) , b = LOWER(b) ;
+
+select * from t1 where MATCH(a,b) AGAINST("+tutorial +dbms" IN BOOLEAN MODE);
+select * from t1 where MATCH(a,b) AGAINST("+V�ƷWİ" IN BOOLEAN MODE);
+
+SELECT * FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE) ORDER BY id;
+
+DELETE FROM t1 WHERE MATCH (a,b) AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+DELETE FROM t1 WHERE MATCH (a,b) AGAINST ('"proximity search"@14' IN BOOLEAN MODE);
+
+
+SELECT * FROM t1 WHERE MATCH (a,b)
+        AGAINST ('Tutorial' IN NATURAL LANGUAGE MODE);
+
+SELECT * FROM t1 ORDER BY id;
+
+DROP TABLE t1;
+eval SET GLOBAL innodb_file_per_table=$innodb_file_per_table_orig;
+
+#------------------------------------------------------------------------------
+# FTS index with utf8 character testcase
+#------------------------------------------------------------------------------
+
+# Create FTS table
+EVAL CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) CHARACTER SET = utf8, ENGINE=InnoDB;
+
+
+# Insert rows from different languages
+INSERT INTO t1 (a,b) VALUES
+('Я могу е�ть �текло', 'оно мне не вредит'),
+('Мога да �м �тъкло', 'то не ми вреди'),
+('Μπο�ῶ νὰ φάω σπασμένα' ,'γυαλιὰ χω�ὶς νὰ πάθω τίποτα'),
+('Příliš žluťou�ký kůň', 'úpěl �ábelské kódy'),
+('Sævör grét', 'áðan því úlpan var ónýt'),
+('�����や�','�����'),
+('�������　�り�る','���ゆ���　ゑ�も��');
+
+# insert english text
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL Tutorial','request docteam@oraclehelp.com ...')  ,
+        ('Trial version','query performace @1255 minute on 2.1Hz Memory 2GB...')  ,
+        ('when To Use MySQL Well','for free faq  mail@xyz.com ...');
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+# FTS Queries
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("вредит χω�ὶς") ORDER BY id;
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("оно" WITH QUERY EXPANSION);
+
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("вред*" IN BOOLEAN MODE) ORDER BY id;
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+γυαλιὰ +tutorial" IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+tutorial +(Мога τίποτα)" IN BOOLEAN MODE);
+
+# Innodb:error - no result returned (update result of query once fixed) (innodb limit , does not understand character boundry for japanses like charcter set)
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ���　ゑ�も��");
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("�り�る" WITH QUERY EXPANSION);
+
+# Innodb:error - no result returned (update result of query once fixed) (innodb limit , does not understand character boundry for japanses like charcter set)
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("+���ゆ���　+ゑ�も��" IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("�����*" IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"γυαλιὰ χω�ὶς"@2' IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"query performace"@02' IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"πάθω τίποτα"@2' IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"���ゆ��� ゑ�も��"@1' IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"���ゆ��� ゑ�も��"@2' IN BOOLEAN MODE);
+
+ALTER TABLE t1 DROP INDEX idx;
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+# Innodb:error - no result returned (update result of query once fixed) (innodb limit , does not understand character boundry for japanses like charcter set)
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ��� ゑ�も��");
+# Update fails because where condition do not succeed which is incorrect (update result of query once fixed)
+UPDATE t1 SET a = "Pchnąć w tę łódź jeża" , b = "lub osiem skrzyń fig" WHERE MATCH(a,b) AGAINST ("���ゆ��� ゑ�も��");
+UPDATE t1 SET a = "В чащах юга жил-был цитру�? Да", b = "но фальшивый �кземпл�р! ёъ" WHERE MATCH(a,b) AGAINST ("вред*" IN BOOLEAN MODE);
+DELETE FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+
+# Innodb error - no result returned
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("���ゆ���　ゑ�も��");
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST ("łódź osiem");
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("вред*" IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("фальшив*" IN BOOLEAN MODE) ORDER BY id;
+SELECT * FROM t1 WHERE MATCH(a,b) AGAINST("+Sævör +úlpan" IN BOOLEAN MODE);
+
+SELECT * FROM t1
+        WHERE MATCH (a,b)
+        AGAINST ('"łódź jeża"@2' IN BOOLEAN MODE);
+
+SELECT * FROM t1 ORDER BY id;
+DROP TABLE t1;
+
+# This is to test the update operation on FTS indexed and non-indexed
+# column
+CREATE TABLE t1(ID INT PRIMARY KEY,
+		no_fts_field VARCHAR(10),
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+
+# Update FULLTEXT indexed column, Doc ID will be updated
+UPDATE t1 SET fts_field='anychange' where id = 1;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+
+# Update non-FULLTEXT indexed column, Doc ID stay to be the same
+UPDATE t1 SET no_fts_field='anychange' where id = 1;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+
+# Update both FULLTEXT indexed and non-indexed column, Doc ID will be updated
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where id = 1;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+
+# FTS index dropped, the DOC_ID column is kept, however, the ID will not
+# change
+DROP INDEX f on t1;
+
+UPDATE t1 SET fts_field='anychange' where id = 1;
+
+UPDATE t1 SET no_fts_field='anychange' where id = 1;
+
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where id = 1;
+
+CREATE FULLTEXT INDEX f ON t1(FTS_FIELD);
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+
+DROP TABLE t1;
+
+# Test on user supplied 'FTS_DOC_ID'
+CREATE TABLE t1(`FTS_DOC_ID` serial,
+		no_fts_field VARCHAR(10),
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+
+# Doc ID must be updated as well (HA_FTS_INVALID_DOCID).
+--error 182
+UPDATE t1 SET fts_field='anychange' where FTS_DOC_ID = 1;
+
+UPDATE t1 SET fts_field='anychange', FTS_DOC_ID = 2 where FTS_DOC_ID = 1;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+
+# "BBB" should be marked as deleted.
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+
+UPDATE t1 SET no_fts_field='anychange' where FTS_DOC_ID = 2;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("anychange");
+
+# "HA_FTS_INVALID_DOCID"
+--error 182
+UPDATE t1 SET no_fts_field='anychange', fts_field='other' where FTS_DOC_ID = 2;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("other");
+
+# Doc ID must be monotonically increase (HA_FTS_INVALID_DOCID)
+--error 182
+UPDATE t1 SET  FTS_DOC_ID = 1 where FTS_DOC_ID = 2;
+
+DROP INDEX f ON t1;
+
+# After FULLTEXT index dropped, we can update the fields freely
+UPDATE t1 SET fts_field='newchange' where FTS_DOC_ID = 2;
+
+UPDATE t1 SET no_fts_field='anychange' where FTS_DOC_ID = 2;
+
+SELECT * FROM t1;
+
+DROP TABLE t1;
+
+CREATE TABLE t1(ID INT PRIMARY KEY,
+		no_fts_field VARCHAR(10),
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field), index k(fts_field)) ENGINE=INNODB;
+
+CREATE TABLE t2(ID INT PRIMARY KEY,
+		no_fts_field VARCHAR(10),
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field),
+		INDEX k2(fts_field),
+		FOREIGN KEY(fts_field) REFERENCES
+		t1(fts_field) ON UPDATE CASCADE) ENGINE=INNODB;
+
+INSERT INTO t1 VALUES (1, 'AAA', 'BBB');
+
+INSERT INTO t2 VALUES (1, 'AAA', 'BBB');
+
+update t1 set fts_field='newchange' where id =1;
+
+SELECT * FROM t1 WHERE MATCH(fts_field) against("BBB");
+SELECT * FROM t2 WHERE MATCH(fts_field) against("BBB");
+SELECT * FROM t1 WHERE MATCH(fts_field) against("newchange");
+SELECT * FROM t2 WHERE MATCH(fts_field) against("newchange");
+
+DROP TABLE t2;
+
+DROP TABLE t1;
+
+# Testcases adopted from innodb_multi_update.test
+
+CREATE TABLE t1(id INT PRIMARY KEY,
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+
+
+CREATE TABLE t2(id INT PRIMARY KEY,
+		fts_field VARCHAR(10),
+		FULLTEXT INDEX f(fts_field)) ENGINE=INNODB;
+
+INSERT INTO t1 values (1,'100'),(2,'200'),(3,'300'),(4,'400'),(5,'500'),(6,'600'), (7,'700'),(8,'800'),(9,'900'),(10,'1000'),(11,'1100'),(12,'1200');
+INSERT INTO t2 values (1,'100'),(2,'200'),(3,'300'),(4,'400'),(5,'500'),(6,'600'), (7,'700'),(8,'800');
+
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'foo');
+
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'foo') WHERE t1.fts_field = "100foo";
+
+# Update two tables in the same statement
+UPDATE t1, t2 set t1.fts_field = CONCAT(t1.fts_field, 'xoo'), t2.fts_field = CONCAT(t1.fts_field, 'xoo') where t1.fts_field=CONCAT(t2.fts_field, 'foo');
+
+# Following selects shows whether the correct Doc ID are updated
+
+# This row should present in table t1
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100foofoo");
+
+# Following rows should be dropped
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100foo");
+SELECT * FROM t1 WHERE MATCH(fts_field) against("100");
+
+# This row should present in table t2
+SELECT * FROM t2 WHERE MATCH(fts_field) against("400fooxoo");
+SELECT * FROM t2 WHERE MATCH(fts_field) against("100");
+
+# Follow rows should be marked as dropped
+SELECT * FROM t2 WHERE MATCH(fts_field) against("200");
+SELECT * FROM t2 WHERE MATCH(fts_field) against("400");
+
+
+DROP TABLE t1;
+
+DROP TABLE t2;
+
+
+--echo
+--echo BUG#13701973/64274: MYSQL THREAD WAS SUSPENDED WHEN EXECUTE UPDATE QUERY
+--echo
+# FTS setup did not track which tables it had already looked at to see whether
+# they need initialization. Hilarity ensued when hitting circular dependencies.
+
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+
+CREATE TABLE t1 (
+  t1_id INT(10) UNSIGNED NOT NULL,
+  t2_id INT(10) UNSIGNED DEFAULT NULL,
+  PRIMARY KEY (t1_id),
+  FOREIGN KEY (t2_id) REFERENCES t2 (t2_id)
+    ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+CREATE TABLE t2 (
+  t1_id INT(10) UNSIGNED NOT NULL,
+  t2_id INT(10) UNSIGNED NOT NULL,
+  t3_id INT(10) UNSIGNED NOT NULL,
+  t4_id INT(10) UNSIGNED NOT NULL,
+  PRIMARY KEY (t2_id),
+  FOREIGN KEY (t1_id) REFERENCES t1 (t1_id),
+  FOREIGN KEY (t3_id) REFERENCES t3 (t3_id)
+    ON DELETE CASCADE ON UPDATE CASCADE,
+  FOREIGN KEY (t4_id) REFERENCES t4 (t4_id)
+) ENGINE=InnoDB;
+
+CREATE TABLE t3 (
+  t3_id INT(10) UNSIGNED NOT NULL AUTO_INCREMENT,
+  payload char(3),
+  PRIMARY KEY (t3_id)
+) ENGINE=InnoDB;
+
+INSERT INTO t3 VALUES (1, '100');
+
+CREATE TABLE t4 (
+  t2_id INT(10) UNSIGNED DEFAULT NULL,
+  t4_id INT(10) UNSIGNED NOT NULL,
+  PRIMARY KEY (t4_id),
+  FOREIGN KEY (t2_id) REFERENCES t2 (t2_id)
+    ON DELETE CASCADE ON UPDATE CASCADE
+) ENGINE=InnoDB;
+
+SET FOREIGN_KEY_CHECKS=1;
+
+UPDATE t3 SET payload='101' WHERE t3_id=1;
+
+SET FOREIGN_KEY_CHECKS=0;
+
+DROP TABLE t1;
+DROP TABLE t2;
+DROP TABLE t3;
+DROP TABLE t4;
+
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
diff --git a/mysql-test/suite/innodb_fts/t/opt.opt b/mysql-test/suite/innodb_fts/t/opt.opt
new file mode 100644
index 00000000..d7d47164
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/opt.opt
@@ -0,0 +1 @@
+--query_cache_type=0
diff --git a/mysql-test/suite/innodb_fts/t/opt.test b/mysql-test/suite/innodb_fts/t/opt.test
new file mode 100644
index 00000000..19dfdcad
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/opt.test
@@ -0,0 +1,1086 @@
+--source include/have_innodb.inc
+
+#
+# Tests for optimizations for InnoDB fulltext search (WL#6043)
+#
+
+CREATE TABLE wp(
+  FTS_DOC_ID BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+  title VARCHAR(255) NOT NULL DEFAULT '',
+  text MEDIUMTEXT NOT NULL,
+  dummy INTEGER,
+  PRIMARY KEY (FTS_DOC_ID),
+  UNIQUE KEY FTS_DOC_ID_INDEX (FTS_DOC_ID),
+  FULLTEXT KEY idx (title,text)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+INSERT INTO wp (title, text) VALUES
+  ('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+  ('How To Use MySQL Well','After you went through a ...'),
+  ('Optimizing MySQL','In this tutorial we will show ...'),
+  ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+  ('MySQL vs. YourSQL','In the following database to database comparison ...'),
+  ('MySQL Security','When configured properly, MySQL ...');
+
+CREATE TABLE t1 (i INTEGER);
+INSERT INTO t1 SELECT FTS_DOC_ID FROM wp;
+
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE t1;
+SET STATEMENT use_stat_tables=never FOR
+ANALYZE TABLE wp;
+
+--disable_ps2_protocol
+
+#
+#  Show results of MATCH expressions for reference
+#
+SELECT FTS_DOC_ID, title, MATCH(title, text) AGAINST ('database') AS score1,
+       MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp;
+
+#
+# Test that filesort is not used if ordering on same match expression
+# as where clause
+#
+--echo No sorting for this query
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort%';
+
+--echo No sorting for this query even if MATCH is part of an expression
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database') > 0.1
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort%';
+
+--echo No sorting even if there are several MATCH expressions as long as the
+--echo right one is used in ORDER BY
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score1,
+       MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score1 DESC;
+
+SHOW SESSION STATUS LIKE 'Sort%';
+
+--echo No Sorting since FT table is first table in query
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp, t1
+WHERE MATCH(title, text) AGAINST ('database') AND FTS_DOC_ID = t1.i
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since there is no WHERE clause
+FLUSH STATUS;
+
+--sorted_result
+SELECT MATCH(title, text) AGAINST ('database'), title AS score
+FROM wp
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since ordering on multiple columns
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC, FTS_DOC_ID;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since ordering is not descending
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score ASC;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting because one is ordering on a different MATCH expression
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('mysql') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+#
+#  Tests for ORDER BY/LIMIT optimzation
+#
+--echo No sorting for this query
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+
+SHOW SESSION STATUS LIKE 'Sort%';
+
+--echo Revert to table scan and sorting for this query since not
+--echo enough matching rows to satisfy LIMIT clause
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since no LIMIT clause
+FLUSH STATUS;
+
+--sorted_result
+SELECT MATCH(title, text) AGAINST ('database') AS score, title
+FROM wp
+ORDER BY score DESC;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since there is a WHERE clause
+FLUSH STATUS;
+
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE dummy IS NULL
+ORDER BY score DESC LIMIT 2;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+--echo Sorting since ordering is not on a simple MATCH expressions
+FLUSH STATUS;
+
+SELECT title, (MATCH(title, text) AGAINST ('database')) * 100 AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+
+SHOW SESSION STATUS LIKE 'Sort_rows%';
+
+#
+#  Test that there is no row accesses if all necessary information is
+#  available in FTS result
+#
+--echo No ordinary handler accesses when only accessing FTS_DOC_ID and MATCH
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+--echo Still no handler accesses when adding FTS_DOC_ID to WHERE clause
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database') AND FTS_DOC_ID > 2;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+--echo Still no handler accesses when ordering by MATCH expression
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+--echo Optimization is disabled when ordering on FTS_DOC_ID
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY 1 DESC;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+--echo Optimization also work with several MATCH expressions
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score1,
+       MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+--echo Optimization does not apply if sorting on a different MATCH expressions
+--echo from the one used to access the
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score1,
+       MATCH(title, text) AGAINST ('mysql') AS score2
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score2 DESC;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+FLUSH STATUS;
+
+--echo Optimization does not apply for GROUP BY
+SET @save_mode = @@sql_mode;
+SET sql_mode = (select replace(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+GROUP BY score;
+
+SHOW SESSION STATUS LIKE 'Handler_read%';
+SET sql_mode = @save_mode;
+
+#
+#  Putting all three optimizations together
+#
+--echo No sorting and no table access with LIMIT clause and only information
+--echo from FTS result
+FLUSH STATUS;
+
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+
+SHOW STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort%';
+
+#
+# Count optimization
+#
+let $query =
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+
+--echo If count optimization applies, EXPLAIN shows
+--echo "Select tables optimized away."
+eval EXPLAIN $query;
+FLUSH STATUS;
+eval $query;
+--echo Verify that there was no table access
+SHOW STATUS LIKE 'Handler_read%';
+
+let $query =
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+
+--echo Optimization applies also to COUNT(expr) as long as expr is not nullable
+eval EXPLAIN $query;
+eval $query;
+
+let $query =
+SELECT count(*)
+FROM wp, t1
+WHERE MATCH(title, text) AGAINST ('database');
+
+--echo Optimization does not apply if not a single table query.
+eval EXPLAIN $query;
+eval $query;
+
+let $query =
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+
+--echo Optimization does not apply if MATCH is part of an expression
+eval EXPLAIN $query;
+eval $query;
+
+let $query =
+SELECT COUNT(title)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE) > 0;
+
+--echo Optimization does not apply if MATCH is part of an expression
+eval EXPLAIN $query;
+eval $query;
+
+let $query =
+SELECT COUNT(dummy)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+
+--echo Optimization does not apply if COUNT expression is nullable
+eval EXPLAIN $query;
+eval $query;
+
+#
+#  Verify that the queries optimized for InnoDB works with QUERY EXPANSION
+#
+
+# Query will also avoid sorting when query expansion is used
+FLUSH STATUS;
+--sorted_result
+SELECT MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score,
+title
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION)
+ORDER BY score DESC;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check ORDER BY/LIMIT query with no WHERE clause
+FLUSH STATUS;
+SELECT title,
+       MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check query where FTS result is "covering"
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+# Check the combination of all three
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION) AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+SHOW STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check the count optimization
+let $query =
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' WITH QUERY EXPANSION);
+eval EXPLAIN $query;
+FLUSH STATUS;
+eval $query;
+SHOW STATUS LIKE 'Handler_read%';
+
+#
+#  Verify that the queries optimized for InnoDB works with BOOLEAN MODE
+#
+
+# Query will also avoid sorting when Boolean mode is used
+FLUSH STATUS;
+--sorted_result
+SELECT MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) score,
+title
+FROM wp
+WHERE MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE)
+ORDER BY score DESC;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check ORDER BY/LIMIT query with no WHERE clause
+FLUSH STATUS;
+--sorted_result
+SELECT MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) score,
+title
+FROM wp
+ORDER BY score DESC;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check query where FTS result is "covering"
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('+MySQL -database');
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+# Check the combination of all three
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+SHOW STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check the count optimization
+let $query =
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('+MySQL -database' IN BOOLEAN MODE);
+eval EXPLAIN $query;
+FLUSH STATUS;
+eval $query;
+SHOW STATUS LIKE 'Handler_read%';
+
+
+#
+#  Verify that the queries optimized for InnoDB works with
+#  BOOLEAN proximity search
+#
+
+# Query will also avoid sorting when Boolean mode is used
+FLUSH STATUS;
+SELECT title,
+       MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE)
+ORDER BY score DESC;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check ORDER BY/LIMIT query with no WHERE clause
+FLUSH STATUS;
+SELECT title,
+       MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check query where FTS result is "covering"
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5');
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+# Check the combination of all three
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid,
+       MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE) AS score
+FROM wp
+ORDER BY score DESC LIMIT 1;
+SHOW STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check the count optimization
+let $query =
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE);
+eval EXPLAIN $query;
+FLUSH STATUS;
+eval $query;
+SHOW STATUS LIKE 'Handler_read%';
+
+#
+# Check that nothing goes wrong when combining different modes
+#
+SELECT title,
+       MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database' WITH QUERY EXPANSION)
+ORDER BY score DESC, title ASC;
+
+SELECT title,
+       MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('MySQL database' WITH QUERY EXPANSION)
+ORDER BY score DESC, title ASC;
+
+SELECT title,
+       MATCH(title, text) AGAINST ('+MySQL -database' IN BOOLEAN MODE) AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('"MySQL database"@5' IN BOOLEAN MODE)
+ORDER BY score DESC, title ASC;
+
+
+#
+#  Verify that the queries optimized for InnoDB still works with MyISAM
+#
+ALTER TABLE wp ENGINE=myisam;
+
+# Check avoid sorting query
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database')
+ORDER BY score DESC;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check ORDER BY/LIMIT query with no WHERE clause
+FLUSH STATUS;
+SELECT title, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check query where FTS result is "covering"
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+WHERE MATCH(title, text) AGAINST ('database');
+SHOW SESSION STATUS LIKE 'Handler_read%';
+
+# Check the combination of all three
+FLUSH STATUS;
+SELECT FTS_DOC_ID docid, MATCH(title, text) AGAINST ('database') AS score
+FROM wp
+ORDER BY score DESC LIMIT 2;
+SHOW STATUS LIKE 'Handler_read%';
+SHOW SESSION STATUS LIKE 'Sort%';
+
+# Check the count optimization
+let $query =
+SELECT COUNT(*)
+FROM wp
+WHERE MATCH(title,text) AGAINST ('database' IN NATURAL LANGUAGE MODE);
+eval EXPLAIN $query;
+FLUSH STATUS;
+eval $query;
+SHOW STATUS LIKE 'Handler_read%';
+
+
+DROP TABLE wp, t1;
+
+--enable_ps2_protocol
+
+# Tests for FT hints.
+
+CREATE TABLE t1
+(
+  FTS_DOC_ID BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+  title VARCHAR(255) DEFAULT '',
+  text MEDIUMTEXT ,
+  PRIMARY KEY (FTS_DOC_ID),
+  UNIQUE KEY FTS_DOC_ID_INDEX (FTS_DOC_ID),
+  FULLTEXT KEY ft_idx (title,text)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+
+INSERT INTO t1 (title, text) VALUES
+  ('MySQL Tutorial','DBMS stands for MySQL DataBase ...'),
+  ('How To Use MySQL Well','After you went through a ...'),
+  ('Optimizing MySQL','In this tutorial we will show ...'),
+  ('1001 MySQL Tricks','1. Never run mysqld as root. 2. ...'),
+  ('MySQL vs. YourSQL database','In the following database to database comparison ...'),
+  ('MySQL Security','When configured properly, MySQL ...'),
+  ('InnoDB', 'InnoDB is a transaction-safe (ACID compliant) storage engine'),
+  ('MySQL is a database management system', 'A database is a structured collection of data...'),
+  ('MySQL databases are relational', 'A relational database stores data in separate tables rather than putting all the data in one big storeroom...'),
+  ('MySQL software is Open Source', 'Open Source means that it is possible for anyone to use and modify the software...'),
+  ('The MySQL Database Server is very fast, reliable, scalable, and easy to use', 'MySQL Server can run comfortably on a desktop or laptop...'),
+  ('MySQL Server works in client/server or embedded systems', 'The MySQL Database Software is a client/server system...'),
+  ('MyISAM', 'MyISAM is based on the older (and no longer available) ISAM storage engine but has many useful extensions'),
+  ('A large amount of contributed MySQL software is available', 'MySQL Server has a practical set of features developed in close cooperation with our users'),
+  (NULL,NULL);
+
+-- disable_result_log
+ANALYZE TABLE t1;
+-- enable_result_log
+
+--echo # No ranking
+
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE);
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE);
+
+# Atm opt_sum_query does not support COUNT optimization if
+# ORDER BY is present. TODO: fix it.
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('data*' IN BOOLEAN MODE) ORDER BY title LIMIT 3;
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('data*' IN BOOLEAN MODE) ORDER BY title LIMIT 3;
+
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION);
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION);
+
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE);
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE);
+
+# check case with 'for' stopword
+EXPLAIN SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+for' IN BOOLEAN MODE);
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+for' IN BOOLEAN MODE);
+
+
+--echo # No sorting by rank
+
+EXPLAIN SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY title;
+SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY title;
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE);
+
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title;
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title;
+
+EXPLAIN
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title;
+SELECT FTS_DOC_ID, title FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title;
+
+--echo # LIMIT optimization
+
+EXPLAIN SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+LIMIT 3;
+SELECT FTS_DOC_ID, TITLE FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+LIMIT 3;
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+LIMIT 3;
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+LIMIT 3;
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+ORDER BY title
+LIMIT 3;
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+fast +database' IN BOOLEAN MODE)
+ORDER BY title
+LIMIT 3;
+
+
+EXPLAIN
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title LIMIT 1;
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) ORDER BY title LIMIT 1;
+
+EXPLAIN
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title LIMIT 1;
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('"very fast"@3' IN BOOLEAN MODE) ORDER BY title LIMIT 1;
+
+EXPLAIN
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank, FTS_DOC_ID
+LIMIT 3;
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank, FTS_DOC_ID
+LIMIT 3;
+
+EXPLAIN
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank DESC, FTS_DOC_ID ASC
+LIMIT 3;
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1 WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY rank DESC, FTS_DOC_ID ASC
+LIMIT 3;
+
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+
+EXPLAIN SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 3;
+SELECT FTS_DOC_ID, MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 3;
+
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC,
+FTS_DOC_ID ASC;
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC,
+FTS_DOC_ID ASC;
+
+EXPLAIN SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) and FTS_DOC_ID > 1
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC
+LIMIT 2;
+SELECT FTS_DOC_ID,  MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) and FTS_DOC_ID > 1
+ORDER BY MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE)  DESC
+LIMIT 2;
+
+
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank
+LIMIT 1;
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank
+LIMIT 1;
+
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank DESC
+LIMIT 1;
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY rank DESC
+LIMIT 1;
+
+
+EXPLAIN
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY  MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+LIMIT 1;
+SELECT FTS_DOC_ID,MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) as rank
+FROM t1 WHERE MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION)
+ORDER BY  MATCH(title, text) AGAINST ('+very +fast' WITH QUERY EXPANSION) DESC
+LIMIT 1;
+
+--echo # WHERE optimization on MATCH > 'some_rank'
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) > 0.1;
+
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) > 0.1;
+
+
+--echo # additional test for correct behaviour
+
+EXPLAIN SELECT * FROM t1 ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC LIMIT 10;
+
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) AND
+MATCH (title, text) AGAINST ('mysql' IN NATURAL LANGUAGE MODE)
+LIMIT 6;
+
+--echo # test OR condition
+
+SELECT FTS_DOC_ID
+FROM t1
+WHERE MATCH(title, text) AGAINST ('database')
+  OR MATCH(title, text) AGAINST ('mysql')
+ORDER BY  MATCH(title, text) AGAINST ('database') DESC, FTS_DOC_ID ASC;
+
+EXPLAIN SELECT FTS_DOC_ID
+FROM t1
+WHERE MATCH(title, text) AGAINST ('database')
+  OR MATCH(title, text) AGAINST ('mysql')
+ORDER BY  MATCH(title, text) AGAINST ('database') DESC, FTS_DOC_ID ASC;
+
+--echo # MATCH and GROUP BY, DISTINCT
+
+SET sql_mode = (select replace(@@sql_mode,'ONLY_FULL_GROUP_BY',''));
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY FTS_DOC_ID
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY FTS_DOC_ID
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY title
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+SELECT FTS_DOC_ID FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+GROUP BY title
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+EXPLAIN SELECT MAX(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+SELECT MAX(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+EXPLAIN SELECT DISTINCT(title) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+SELECT DISTINCT(title) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+EXPLAIN SELECT DISTINCT(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+SELECT DISTINCT(FTS_DOC_ID) FROM t1
+WHERE MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE)
+ORDER BY MATCH (title, text) AGAINST ('fast database' IN NATURAL LANGUAGE MODE) DESC
+LIMIT 3;
+
+SET sql_mode = @save_mode;
+
+--echo # FTS index access
+
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+EXPLAIN SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) as rank
+FROM t1
+ORDER BY rank DESC
+LIMIT 2;
+
+SELECT a.FTS_DOC_ID, b.FTS_DOC_ID
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+      MATCH(b.title, b.text) AGAINST ('+mysql' IN BOOLEAN MODE) and
+      a.FTS_DOC_ID = b.FTS_DOC_ID;
+EXPLAIN SELECT a.FTS_DOC_ID, b.FTS_DOC_ID
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+      MATCH(b.title, b.text) AGAINST ('+mysql' IN BOOLEAN MODE)  and
+      a.FTS_DOC_ID = b.FTS_DOC_ID;
+
+SELECT a.FTS_DOC_ID, MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE),
+       b.FTS_DOC_ID, MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE)
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+      MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE);
+
+EXPLAIN SELECT a.FTS_DOC_ID, MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE),
+       b.FTS_DOC_ID, MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE)
+FROM t1 a, t1 b
+WHERE MATCH(a.title, a.text) AGAINST ('+database' IN BOOLEAN MODE) and
+      MATCH(b.title, b.text) AGAINST ('+database' IN BOOLEAN MODE);
+
+# Index only access by non-FTS index
+
+EXPLAIN SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100;
+SELECT FTS_DOC_ID, MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100
+FROM t1 WHERE MATCH(title, text) AGAINST ("data*" IN BOOLEAN MODE) * 100;
+# Run query returning null record
+SELECT * FROM t1 WHERE title IS NULL AND text IS NULL;
+
+# More testing of index only access by non-FTS index
+
+CREATE TABLE t2 SELECT FTS_DOC_ID as doc_id, title, text FROM t1;
+ALTER TABLE t2 ADD PRIMARY KEY (doc_id);
+ALTER TABLE t2 ADD FULLTEXT KEY ft_idx (title,text);
+
+-- disable_result_log
+ANALYZE TABLE t2;
+-- enable_result_log
+
+# No index access
+EXPLAIN SELECT DOC_ID FROM t2 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+SELECT DOC_ID FROM t2 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+# Index access
+EXPLAIN SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+SELECT FTS_DOC_ID FROM t1 WHERE MATCH(title, text) AGAINST ('+database' IN BOOLEAN MODE) * 100;
+
+DROP TABLE t1, t2;
+
+--echo "Check hints with uft8 charset for 2 cases"
+set names utf8;
+EVAL CREATE TABLE t1 (
+        FTS_DOC_ID BIGINT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        title VARCHAR(200),
+        text TEXT
+        ) CHARACTER SET = utf8, ENGINE=InnoDB;
+
+INSERT INTO t1 (title, text) VALUES
+('Я могу е�ть �текло', 'оно мне не вредит'),
+('Мога да �м �тъкло', 'то не ми вреди'),
+('Μπο�ῶ νὰ φάω σπασμένα' ,'γυαλιὰ χω�ὶς νὰ πάθω τίποτα'),
+('Příliš žluťou�ký kůň', 'úpěl �ábelské kódy'),
+('Sævör grét', 'áðan því úlpan var ónýt'),
+('�����や�','�����'),
+('�������　�り�る','���ゆ���　ゑ�も��');
+CREATE FULLTEXT INDEX idx on t1 (title, text);
+
+--echo # No ranking
+
+EXPLAIN
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('вредит' IN NATURAL LANGUAGE MODE);
+SELECT count(*) FROM t1 WHERE MATCH (title, text) AGAINST ('вредит' IN NATURAL LANGUAGE MODE);
+
+EXPLAIN
+SELECT * FROM t1 WHERE MATCH(title, text) AGAINST ("оно" WITH QUERY EXPANSION);
+SELECT * FROM t1 WHERE MATCH(title, text) AGAINST ("оно" WITH QUERY EXPANSION);
+--echo # No sorting by rank
+EXPLAIN SELECT FTS_DOC_ID FROM t1
+WHERE MATCH(title, text) AGAINST ('+(Мога τίποτα)' IN BOOLEAN MODE);
+SELECT FTS_DOC_ID  FROM t1
+WHERE MATCH(title, text) AGAINST ('+(Мога τίποτα)' IN BOOLEAN MODE);
+DROP TABLE t1;
+
+
+--echo #
+--echo # Bug #18924341 CRASH IN TEST_IF_SKIP_SORT_ORDER, GROUP BY MATCH AGAINST DESC
+--echo #
+
+CREATE TABLE t1 (f1 CHAR(1), FULLTEXT KEY (f1));
+SELECT 1 FROM t1 NATURAL JOIN t1 a GROUP BY MATCH(t1.f1) AGAINST ("1") DESC;
+DROP TABLE t1;
+
+
+--echo #
+--echo # Bug#20261601 ASSERTION FAILED: !FIRST_QEP_TAB->TABLE()->NO_KEYREAD
+--echo #
+
+CREATE TABLE t1(a INT PRIMARY KEY);
+INSERT INTO t1 VALUES(1),(2);
+--error ER_FT_MATCHING_KEY_NOT_FOUND
+SELECT (SELECT MATCH(`a`)AGAINST('1') FROM t1) FROM t1;
+SELECT 1, a IN (SELECT a FROM t1) FROM t1;
+DROP TABLE t1;
+
+--echo #
+--echo # Bug#20442572 ASSERTION `!FIRST_QEP_TAB->TABLE()->NO_KEYREAD' FAILED.
+--echo # Bug#75688 Assertion `!first_qep_tab->table()->no_keyread' failed.
+--echo #
+
+CREATE TABLE t1(a INT,b POINT NOT NULL,KEY(a));
+
+HANDLER t1 OPEN;
+#--error ER_FT_MATCHING_KEY_NOT_FOUND
+select * from t1 where MATCH a,b AGAINST('"Now sUPPort"' IN BOOLEAN MODE);
+prepare stmt1 from "truncate t1";
+SELECT a IN(SELECT a FROM t1)FROM t1;
+
+deallocate prepare stmt1;
+DROP TABLE t1;
+
+--echo #
+--echo # Bug #20685427 INVALID WRITE OF FREED MEMORY IN ITEM_FUNC_MATCH::CLEANUP
+--echo #
+
+CREATE TABLE t1(a TEXT CHARSET LATIN1, FULLTEXT KEY(a)) ENGINE=INNODB;
+--error ER_FT_MATCHING_KEY_NOT_FOUND
+SELECT MATCH(a) AGAINST ('') FROM (SELECT a FROM t1 LIMIT 1) q;
+DROP TABLE t1;
+
+--echo #
+--echo # Bug#21140067 EXPLAIN .. MATCH AGAINST: ASSERTION FAILED: TO <= END
+--echo #
+
+CREATE TABLE t1(f1 CHAR(1) CHARSET latin1, FULLTEXT(f1)) ENGINE=INNODB;
+EXPLAIN SELECT 1 FROM t1 WHERE 1.238585e+308 <= MATCH(f1) AGAINST ('1' IN BOOLEAN MODE);
+
+EXPLAIN FORMAT = JSON SELECT 1 FROM t1 WHERE 1.238585e+308 <= MATCH(f1) AGAINST ('1' IN BOOLEAN MODE);
+
+DROP TABLE t1;
+
+--echo #
+--echo # Bug#21140088 MATCH AGAINST: ASSERTION FAILED: !TABLE || (!TABLE->READ_SET || BITMAP_IS_SET
+--echo #
+
+SET sql_mode='';
+CREATE TABLE t1(a INT) ENGINE=INNODB;
+CREATE TABLE t2(b TEXT CHARSET LATIN1, FULLTEXT(b), PRIMARY KEY(b(10))) ENGINE=INNODB;
+INSERT INTO t2 VALUES ('a'),('b');
+--error ER_WRONG_ARGUMENTS
+SELECT NOT EXISTS (SELECT MATCH(b) AGAINST ('1') FROM t1) FROM t2 GROUP BY "a";
+DROP TABLE t1, t2;
+
+CREATE TABLE t1(a INT) ENGINE=MyISAM;
+CREATE TABLE t2(b TEXT CHARSET LATIN1, FULLTEXT(b), PRIMARY KEY(b(10))) ENGINE=MyISAM;
+INSERT INTO t2 VALUES ('a'),('b');
+#--error ER_WRONG_ARGUMENTS
+SELECT NOT EXISTS (SELECT MATCH(b) AGAINST ('1' in BOOLEAN MODE) FROM t1) FROM t2 GROUP BY "a";
+DROP TABLE t1, t2;
+
+SET sql_mode=default;
+
+--echo #
+--echo # Bug#21140039 ASSERTION FAILED: !FIRST_QEP_TAB->TABLE()->NO_KEYREAD MATCH AGAINST.....
+--echo #
+
+CREATE TABLE t1
+(
+ a INT,
+ b INT,
+ c CHAR(1) CHARSET latin1,
+ PRIMARY KEY (b,a),
+ FULLTEXT KEY (c)
+) ENGINE=INNODB;
+SELECT "a" NOT IN(SELECT b FROM t1 WHERE MATCH(c) AGAINST ('a' IN BOOLEAN MODE));
+DROP TABLE t1;
+
+--echo #
+--echo # Bug#21300774 ASSERT `!INIT_FTFUNCS(THD, SELECT_LEX)` IN JOIN::RESET AT SQL/SQL_SELECT.CC:874
+--echo #
+
+CREATE TABLE t1 (f1 INT);
+INSERT INTO t1 VALUES (1);
+INSERT INTO t1 VALUES (2);
+CREATE TABLE t2 (ft TEXT, FULLTEXT KEY ft(ft));
+INSERT INTO t2 VALUES ('abc');
+INSERT INTO t2 VALUES ('def');
+
+--error ER_SUBQUERY_NO_1_ROW
+UPDATE t1 SET f1 =
+(SELECT t1.f1 FROM t2 WHERE NOT TRUE AND
+ MATCH (ft) AGAINST ((SELECT 'xyz' FROM t2)));
+
+DROP TABLE t1, t2;
+
+--echo #
+--echo # Bug#22679209: FULL-TEXT QUERIES WITH ADDITIONAL SECONDARY INDEX
+--echo #               GIVES NULL OR ZERO ROWS
+--echo #
+
+CREATE TABLE t1 (
+f1 INTEGER,
+title varchar(255),
+body mediumtext,
+KEY f1 (f1),
+FULLTEXT KEY title (title),
+FULLTEXT KEY body (body)
+) ENGINE=InnoDB;
+
+INSERT INTO t1 VALUES
+(1, 'Insert into table', 'insert into table select from'),
+(1, 'Delete from table', 'insert into table select from'),
+(1, 'Update',            'perform update'),
+(2, 'Insert into table', 'insert into table select from'),
+( 2, 'Delete from table', 'some body text here'),
+( 2, 'Update',            'perform update'),
+( 3, 'Insert into table', 'insert into table select from'),
+( 3, 'Delete from table', 'some body text here');
+
+SELECT f1 FROM t1 WHERE f1=1 AND
+(MATCH (title) AGAINST ('table' IN BOOLEAN MODE) OR
+MATCH (body) AGAINST ('table' IN BOOLEAN MODE));
+
+DROP TABLE t1;
+
+--echo # End of test for Bug#22679209
diff --git a/mysql-test/suite/innodb_fts/t/phrase.opt b/mysql-test/suite/innodb_fts/t/phrase.opt
new file mode 100644
index 00000000..7724f976
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/phrase.opt
@@ -0,0 +1,2 @@
+--innodb-ft-index-cache
+--innodb-ft-index-table
diff --git a/mysql-test/suite/innodb_fts/t/phrase.test b/mysql-test/suite/innodb_fts/t/phrase.test
new file mode 100644
index 00000000..fb0d29f3
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/phrase.test
@@ -0,0 +1,39 @@
+-- source include/have_innodb.inc
+
+#
+# BUG#20465273 - FULLTEXT SEARCH BEHAVIOUR WITH MYISAM VS. INNODB (WRONG RESULT WITH INNODB)
+#
+
+CREATE TABLE articles (
+	id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+	title VARCHAR(200),
+	body TEXT,
+	FULLTEXT (title,body)
+) ENGINE=InnoDB;
+
+INSERT INTO articles (title,body) VALUES
+	(NULL, 'mysql good database'),
+	(NULL, ' mysql good database'),
+	('', 'mysql good database'),
+	('', ' mysql good database'),
+	(' ', 'mysql good database'),
+	('mysql', 'good database'),
+	('mysql ', 'good database'),
+	('mysql', ' good database'),
+	('mysql good database', ''),
+	('mysql good database', NULL);
+
+
+SET GLOBAL innodb_ft_aux_table="test/articles";
+SELECT * FROM INFORMATION_SCHEMA.INNODB_FT_INDEX_CACHE;
+SET GLOBAL innodb_ft_aux_table=default;
+
+SELECT * FROM articles;
+
+SELECT * FROM articles WHERE MATCH(title, body)
+	AGAINST('"mysql good database"' IN BOOLEAN MODE);
+
+SELECT * FROM articles WHERE MATCH(title, body)
+	AGAINST('("mysql good database")' IN BOOLEAN MODE);
+
+DROP TABLE articles;
diff --git a/mysql-test/suite/innodb_fts/t/result_cache_limit.test b/mysql-test/suite/innodb_fts/t/result_cache_limit.test
new file mode 100644
index 00000000..b19907a5
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/result_cache_limit.test
@@ -0,0 +1,52 @@
+# This is a basic test for innodb fts result cache limit.
+
+-- source include/have_innodb.inc
+
+# Must have debug code to use SET SESSION debug
+--source include/have_debug.inc
+
+# Create FTS table
+CREATE TABLE t1 (
+        id INT UNSIGNED AUTO_INCREMENT NOT NULL PRIMARY KEY,
+        a VARCHAR(200),
+        b TEXT
+        ) ENGINE= InnoDB;
+
+# Create the FTS index again
+CREATE FULLTEXT INDEX idx on t1 (a,b);
+
+# Insert rows
+INSERT INTO t1 (a,b) VALUES
+        ('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+        ('when To Use MySQL Well','After that you went through a ...'),
+        ('where will Optimizing MySQL','what In this tutorial we will show ...'),
+        ('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+        ('when To Use MySQL Well','After that you went through a ...'),
+        ('where will Optimizing MySQL','what In this tutorial we will show ...'),
+        ('MySQL from Tutorial','DBMS stands for DataBase ...')  ,
+        ('when To Use MySQL Well','After that you went through a ...'),
+        ('where will Optimizing MySQL','what In this tutorial we will show ...');
+
+SET @save_limit=@@GLOBAL.innodb_ft_result_cache_limit;
+SET @save_dbug=@@debug_dbug;
+SET debug_dbug="+d,fts_instrument_result_cache_limit";
+
+# Simple term search
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('mysql' IN BOOLEAN MODE);
+
+# Query expansion
+--error 128
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('mysql' WITH QUERY EXPANSION);
+
+# Simple phrase search
+--error 128
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('"mysql database"' IN BOOLEAN MODE);
+
+# Simple proximity search
+--error 128
+SELECT COUNT(*) FROM t1 WHERE MATCH (a,b) AGAINST ('"mysql database" @ 5' IN BOOLEAN MODE);
+
+SET debug_dbug=@save_dbug;
+
+DROP TABLE t1;
+SET GLOBAL innodb_ft_result_cache_limit=@save_limit;
diff --git a/mysql-test/suite/innodb_fts/t/savepoint.test b/mysql-test/suite/innodb_fts/t/savepoint.test
new file mode 100644
index 00000000..09ccb383
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/savepoint.test
@@ -0,0 +1,475 @@
+# This is the basic function tests for innodb FTS savepoint
+
+-- source include/have_innodb.inc
+
+
+CREATE TABLE articles (
+	id INT UNSIGNED NOT NULL PRIMARY KEY,
+	title VARCHAR(200),
+	FULLTEXT (title)
+	) ENGINE= InnoDB;
+
+# Test Part 1: ROLLBACK TO SAVEPOINT
+# Test rollback to savepoint 1(S1,RB1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback to savepoint 2(S1,RB1,S2,RB2)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback to savepoint 3(S1,S2,RB1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback to savepoint 4(S1,S2,RB2,RB1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test Part 2: RELEASE SAVEPOINT
+# Test release savepoint 1(S1,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release savepoint 2(S1,RL1,S2,RL2)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+RELEASE SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release savepoint 3(S1,S2,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release savepoint 4(S1,S2,RL2,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+RELEASE SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test Part 3: RELEASE & ROLLBACK TO SAVEPOINT
+# Test release & rollback to savepoint 1(S1,RB1,S2,RL2)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+RELEASE SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release & rollback to savepoint 2(S1,RL1,S2,RB2)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release & rollback to savepoint 3(S1,S2,RL2,RB1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+RELEASE SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test release & rollback to savepoint 4(S1,S2,RB2,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+COMMIT;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test Part 4: ROLLBACK & SAVEPOINT
+# Test rollback 1
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+ROLLBACK;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback 2(S1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+ROLLBACK;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback 3(S1,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback 4(S1,RB1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+# Test rollback 5(S1,S2,RB2,RL1)
+TRUNCATE TABLE articles;
+
+INSERT INTO articles(id, title) VALUES(1, 'mysql');
+
+BEGIN;
+
+INSERT INTO articles(id, title) VALUES(2, 'mysql');
+
+SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(3, 'mysql');
+
+SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(4, 'mysql');
+
+ROLLBACK TO SAVEPOINT sp2;
+
+INSERT INTO articles(id, title) VALUES(5, 'mysql');
+
+RELEASE SAVEPOINT sp1;
+
+INSERT INTO articles(id, title) VALUES(6, 'mysql');
+
+ROLLBACK;
+
+INSERT INTO articles(id, title) VALUES(7, 'mysql');
+
+SELECT * FROM articles WHERE MATCH(title) AGAINST('mysql');
+
+DROP TABLE articles;
diff --git a/mysql-test/suite/innodb_fts/t/subexpr.test b/mysql-test/suite/innodb_fts/t/subexpr.test
new file mode 100644
index 00000000..63294066
--- /dev/null
+++ b/mysql-test/suite/innodb_fts/t/subexpr.test
@@ -0,0 +1,58 @@
+--source include/have_innodb.inc
+
+--echo #
+--echo # Bug #20028323 INNODB FULLTEXT BOOLEAN SEARCH INCORRECTLY HANDLES
+--echo # PARENTHESES
+--echo #
+
+CREATE TABLE t1 (
+    f1 INT NOT NULL AUTO_INCREMENT,
+    f2 TEXT NOT NULL,
+    PRIMARY KEY (f1),
+    FULLTEXT (f2)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+INSERT INTO t1 (f2) VALUES
+('Pumpkin soup with cheese bread'),
+('Yellow chicken curry'),
+('Fresh green vegetables with garlic');
+
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+pumpkin' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+cheese' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+(pumpkin cheese)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(>souffle <tart)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+
+INSERT INTO t1 (f2) VALUES
+('This row contains only souffle'),
+('This row contains only tart'),
+('This row contains only pumpkin'),
+('This row contains only cheese'),
+('This row contains pumpkin and souffle'),
+('This row contains pumpkin and tart'),
+('This row contains pumpkin and cheese'),
+('This row contains both souffle and tart'),
+('This row contains both souffle and cheese'),
+('This row contains both tart and cheese'),
+('This row contains all three souffle, pumpkin and  tart'),
+('This row contains all four cheese, souffle, pumpkin and  tart');
+
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+pumpkin' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+cheese' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2) AGAINST('+(pumpkin cheese)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(>souffle <tart)' IN BOOLEAN MODE);
+SELECT * FROM t1 WHERE MATCH(f2)
+  AGAINST('+pumpkin +(souffle tart)' IN BOOLEAN MODE);
+
+DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_gis/r/check_rtree.result b/mysql-test/suite/innodb_gis/r/check_rtree.result
index fe60a628..0d7b25b6 100644
--- a/mysql-test/suite/innodb_gis/r/check_rtree.result
+++ b/mysql-test/suite/innodb_gis/r/check_rtree.result
@@ -1,7 +1,5 @@
 create table t1 (i int, g geometry not null, spatial index (g))engine=innodb;
 SET SESSION debug="+d,rtree_test_check_count";
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 insert into t1 values (1, POINT(1,1));
 insert into t1 values (1, POINT(1.5,1.5));
 insert into t1 values (1, POINT(3,3));
diff --git a/mysql-test/suite/innodb_gis/r/rollback.result b/mysql-test/suite/innodb_gis/r/rollback.result
index 0d2b9c7c..1efe5d28 100644
--- a/mysql-test/suite/innodb_gis/r/rollback.result
+++ b/mysql-test/suite/innodb_gis/r/rollback.result
@@ -408,8 +408,6 @@ update t1 set a=point(5,5), b=point(5,5), c=5 where i < 3;
 ERROR 23000: Duplicate entry '5' for key 'c'
 rollback;
 set session debug="+d,row_mysql_crash_if_error";
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 update t1 set a=point(5,5), b=point(5,5), c=5 where i < 3;
 ERROR HY000: Lost connection to server during query
 insert into t1 values(5, point(5,5), point(5,5), 5);
diff --git a/mysql-test/suite/innodb_gis/r/rtree_add_index.result b/mysql-test/suite/innodb_gis/r/rtree_add_index.result
index ba552e27..be15d97a 100644
--- a/mysql-test/suite/innodb_gis/r/rtree_add_index.result
+++ b/mysql-test/suite/innodb_gis/r/rtree_add_index.result
@@ -1,4 +1,4 @@
-CREATE TABLE t1 (g MULTIPOINT NOT NULL) ENGINE=InnoDB;
+CREATE TABLE t1 (g MULTIPOINT NOT NULL) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 VALUES ('');
 connect purge_control,localhost,root;
 START TRANSACTION WITH CONSISTENT SNAPSHOT;
diff --git a/mysql-test/suite/innodb_gis/r/rtree_compress.result b/mysql-test/suite/innodb_gis/r/rtree_compress.result
index fce42319..9b646985 100644
--- a/mysql-test/suite/innodb_gis/r/rtree_compress.result
+++ b/mysql-test/suite/innodb_gis/r/rtree_compress.result
@@ -1,4 +1,6 @@
-create table t1 (c1 int, c2 geometry not null, spatial index (c2))engine=innodb ROW_FORMAT=COMPRESSED;
+create table t1 (c1 int, c2 geometry not null, spatial index (c2))engine=innodb ROW_FORMAT=COMPRESSED STATS_PERSISTENT=0;
+lock tables t1 write;
+start transaction;
 insert into t1 values(1, Point(1,1));
 insert into t1 values(2, Point(2,2));
 insert into t1 values(3, Point(3,3));
@@ -18,6 +20,8 @@ insert into t1 select * from t1;
 insert into t1 select * from t1;
 insert into t1 select * from t1;
 insert into t1 select * from t1;
+commit;
+unlock tables;
 start transaction;
 insert into t1 select * from t1;
 select count(*) from t1;
@@ -40,8 +44,6 @@ count(*)
 0
 SET @saved_dbug = @@SESSION.debug_dbug;
 SET DEBUG='+d,page_copy_rec_list_start_compress_fail';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 delete from t1;
 select count(*) from t1 where MBRWithin(t1.c2, @g1);
 count(*)
diff --git a/mysql-test/suite/innodb_gis/r/rtree_create_inplace.result b/mysql-test/suite/innodb_gis/r/rtree_create_inplace.result
index a8898f5c..2016ce1b 100644
--- a/mysql-test/suite/innodb_gis/r/rtree_create_inplace.result
+++ b/mysql-test/suite/innodb_gis/r/rtree_create_inplace.result
@@ -1,22 +1,17 @@
 CREATE TABLE t1 (c1 INT, c2 GEOMETRY NOT NULL, c3 GEOMETRY NOT NULL) ENGINE=INNODB;
-INSERT INTO t1 VALUES(1, Point(1,1), ST_GeomFromText('POLYGON (( 0 -1, 0  1, 2  1, 2 -1, 0 -1))'));
-INSERT INTO t1 VALUES(2, Point(2,2), ST_GeomFromText('POLYGON (( 0 -3, 0 -1, 2 -1, 2 -3, 0 -3))'));
-INSERT INTO t1 VALUES(3, Point(3,3), ST_GeomFromText('POLYGON (( 1 0, 1 2, 3 2, 3 0, 1 0))'));
-INSERT INTO t1 VALUES(4, Point(4,4), ST_GeomFromText('POLYGON (( -3 0, -3 2, -1 2, -1 0, -3 0))'));
-INSERT INTO t1 VALUES(5, Point(5,5), ST_GeomFromText('POLYGON (( 0 0, 0 1, 1 1, 1 0, 0 0))'));
-INSERT INTO t1 VALUES(6, Point(6,6), ST_GeomFromText('POLYGON (( 2 0, 2 2, 4 2, 4 0, 2 0))'));
-INSERT INTO t1 VALUES(7, Point(7,7), ST_GeomFromText('POLYGON (( 0 3, 0 5, 2 5, 2 3, 0 3))'));
-INSERT INTO t1 VALUES(8, Point(8,8), ST_GeomFromText('POLYGON (( 0 1, 0 3, 2 3, 2 1, 0 1))'));
-INSERT INTO t1 VALUES(9, Point(9,9), ST_GeomFromText('POLYGON (( 0 0, 0 3, 3 3, 3 0, 0 0))'));
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
+CREATE TEMPORARY TABLE t LIKE t1;
+INSERT INTO t VALUES
+(1, Point(1,1), ST_GeomFromText('POLYGON (( 0 -1, 0  1, 2  1, 2 -1, 0 -1))')),
+(2, Point(2,2), ST_GeomFromText('POLYGON (( 0 -3, 0 -1, 2 -1, 2 -3, 0 -3))')),
+(3, Point(3,3), ST_GeomFromText('POLYGON (( 1 0, 1 2, 3 2, 3 0, 1 0))')),
+(4, Point(4,4), ST_GeomFromText('POLYGON (( -3 0, -3 2, -1 2, -1 0, -3 0))')),
+(5, Point(5,5), ST_GeomFromText('POLYGON (( 0 0, 0 1, 1 1, 1 0, 0 0))')),
+(6, Point(6,6), ST_GeomFromText('POLYGON (( 2 0, 2 2, 4 2, 4 0, 2 0))')),
+(7, Point(7,7), ST_GeomFromText('POLYGON (( 0 3, 0 5, 2 5, 2 3, 0 3))')),
+(8, Point(8,8), ST_GeomFromText('POLYGON (( 0 1, 0 3, 2 3, 2 1, 0 1))')),
+(9, Point(9,9), ST_GeomFromText('POLYGON (( 0 0, 0 3, 3 3, 3 0, 0 0))'));
+INSERT INTO t1 SELECT t.* FROM t, seq_1_to_512;
+DROP TEMPORARY TABLE t;
 CREATE SPATIAL INDEX idx ON t1(c2);
 SELECT COUNT(*) FROM t1;
 COUNT(*)
@@ -30,8 +25,7 @@ SELECT COUNT(*) FROM t1 WHERE MBRWithin(t1.c2, @g1);
 COUNT(*)
 0
 ALTER TABLE t1 DROP INDEX idx, ADD SPATIAL INDEX idx3(c2);
-SET SESSION debug="+d,row_merge_instrument_log_check_flush";
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
+SET debug_dbug='+d,row_merge_instrument_log_check_flush';
 ALTER TABLE t1  DROP INDEX idx3, ADD SPATIAL INDEX idx4(c2), ADD SPATIAL INDEX idx5(c3);
+ALTER TABLE t1 FORCE;
 DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_gis/r/rtree_purge.result b/mysql-test/suite/innodb_gis/r/rtree_purge.result
index 4c39cc98..35953c32 100644
--- a/mysql-test/suite/innodb_gis/r/rtree_purge.result
+++ b/mysql-test/suite/innodb_gis/r/rtree_purge.result
@@ -1,5 +1,5 @@
 create table t (
 b point not null,d point not null, spatial key (d),spatial key (b)
-) engine=innodb;
+) engine=innodb stats_persistent=0;
 InnoDB		0 transactions not purged
 drop table t;
diff --git a/mysql-test/suite/innodb_gis/r/rtree_undo.result b/mysql-test/suite/innodb_gis/r/rtree_undo.result
index d0e15641..1f44542f 100644
--- a/mysql-test/suite/innodb_gis/r/rtree_undo.result
+++ b/mysql-test/suite/innodb_gis/r/rtree_undo.result
@@ -4,7 +4,7 @@ CREATE TABLE t1 (
 p	INT NOT NULL AUTO_INCREMENT,
 g	LINESTRING NOT NULL,
 PRIMARY KEY(p)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 ALTER TABLE t1 ADD INDEX prefix_idx (g(767));
 INSERT INTO t1(g) VALUES(ST_linefromtext('linestring(-5 -576,0 -576,0 -571,0 -571,5 -568,6 -564,6 -565,6 -563)'));
 INSERT INTO t1(g) VALUES(ST_linefromtext(concat('linestring','(18 106,19 106,24 111,27 108,32 104,37 107,42 107,44 112,44 116,40 118,43 114,46 114,42 118,44 123,45 123,49 123,53 119,50 123,50 124,54 126,58 125,59 126,64 127,65 127,69 131,74 132,75 135,78 139,2078 141,2075 143,2077 143,2079 143,2084 143,2085 147,2090 -1853,2086 -1852,2086 -1856,2089 -1852,2093 -1850,2090 -1851,2090 -1852,2091 -1851,2092 -1850,2097 -1847,2102 -1848,2100 -1852,2100 -1852,7100 -1851,7103 -1850,7104 -1847,7109 -1842,65 127,67 131,66 131,61 132,61 133,62 137,65 1137,2065 1135,2061 1135,2064 1135,5064 1135,5066 1135,5070 1136,5070 1141,5071 1138,5074 1141,5075 1141,5074 1137,5076 1137,5071 1139,5066 1142,5065 2142,5068 2147,5073 2151,5069 2156,5071 2157,5072 2162,5074 2165,5069 2169,5072 2169,5076 2173,5074 2169,5078 2169,5076 2170,76 2175,74 2179,75 2184,80 2188,83 2190,87 2189,84 2193,87 2189,86 2190,87 2195,87 2200,87 1200,85 1202,86 1199,87 1200,87 1201,91 1206,92 1204,94 1204,98 1206,102 1208,105 1211,102 1216,105 1220,109 1224,110 1224,114 1225,117 1224,118 1229,117 1232,122 1237,123 1236,120 1235,124 1237,121 1236,122 1240,126 1244,127 1246,126 1249,125 5249,123 5251,127 5251,131 5251,135 5256,138 5257,135 5257,139 5257,138 5258,141 5260,146 5260,146 5260,143 10260,147 10265,151 10270,156 10266,157 10269,162 10273,166 12273,168 12274,163 12270,168 12275,170 12277,170 12277,-3830 12277,-3825 12277,-3824 12278,-3825 12276,-3825 12278,-3822 12277,-3825 12275,-3829 12278,-3828 12275,-3824 12280,-3827 12280,-3826 12282,-3822 12283,-3822 12286,-3820 12288,-3818 12289,-3816 12294,-3817 12297,-3819 12300,-3816 12297,-3813 12295,-3811 12299,-3811 12297,-3806 12298,-3806 12298,-3804 12301,-3801 12306,-3803 17306,-3803 17306,-3798 17306,-3803 17310,-3801 17314,-3798 17317,-3797 17317,-797 17321,-797 17323,-796 17325,-793 17326,-792 17322,-789 17327,-784 17331,-780 17335,-776 17339,-774 17339,-771 17342,-770 17345,-765 17348,-765 17349,-763 17353,-760 17350,-760 22350,-756 22346,-752 22349,-748 22352,-752 22348,-748 22347,-746 22345,-745 27345,-743 27346,257 27350,260 27349,261 27352,266 27348,266 22348,269 22347,271 22347,272 22347,273 22348,273 22352,278 22348,279 22344,282 22345,282 22342,283 22347,283 22347,288 22349,292 22347,292 22348,293 22348,298 22348,303 22351,306 22352,309 22352,308 22354,310 22356,311 22361,311 22358,311 22360,311 22360,315 22356,320 22358,325 22363,326 22366,321 22371,318 22373,318 22375,314 22375,316 22375,321 22376,321 22376,322 22372,32 104,36 109,40 114,40 113,40 117,44 119,49 123,49 126,49 129,53 133,50 137,50 139,49 137,48 138,43 138,42 139,46 142,46 138,41 139,45 141,4045 5141,4045 5146,4042 5147,4043 10147,4041 10150,4042 10152,4045 10152,4041 10156,4041 10152,4041 10152,4046 10153,4049 10156,4046 10155,4051 10157,4055 10159,4055 10160,4056 10161,4055 10166,4054 10169,4054 10172,4054 15172,4051 15176,4047 15177,4049 15174,4047 15176,4047 15176,4046 15177,4046 15180,4043 15184,4043 15187,4038 15190,4040 15194,4040 15199,4045 15196,4047 15197,4050 15200,4050 15204,4050 15208,4047 15212,4047 15215,4049 15216,4046 15218,4042 15223,4042 15228,4042 15232,4047 15235,4050 15236,4050 15239,4051 15243,4053 15243,4050 17243,4052 17243,4052 18243,4057 18247,4061 18249,4064 18249,4067 20249,4067 20250,4067 20255,4066 20259,4066 20259,4067 20255,4069 20256,4071 20258,4072 20254,4067 20257,4067 20260,4069 20265,4065 20267,4069 20266,4070 20267,4071 20264,4074 20259,4070 20264,4073 20260,4074 20263,4077 20268,4082 20271,4084 20273,4084 20277,4081 18277,4085 18279,4086 18276,4087 18273,4087 18275,4092 18277,4093 18279,4093 18280,4095 18280,4091 18283,4092 18281,4094 18283,4090 18287,4094 18287,138 5257,138 5255,138 5258,-1862 5254,-1860 5256,-1856 5258,-1851 5255,-1850 5260,-1847 5260,-1847 5263,-1847 5258,-1850 5257,-1850 5259,-1851 5257,-1855 5258,-1853 5261,-1849 5261,-1849 5258,-1849 5259,-1845 5264,-1847 5264,-1850 5268,-1852 5266,-1853 5270,-1856 5265,-1852 5262,-1847 5263,-1842 5263,-1842 5260,-1842 5265,-1841 5265,-1844 5265,-1842 5270,-1837 5274,-1838 5279,-1843 5275,-1842 5280,-1838 5281,-1838 5285,-1833 5285,-1828 5288,-1824 5289,-1828 5291,-1831 5291,-1826 5291,-1830 5293,-1826 5296,-1822 5301,-1826 5302,-1826 5302,-1826 5302,-1825 5297,-1820 5299,-1816 5303,-1816 5299,-3811 12299,-3809 12302,-3806 12302,-3806 12302,-3803 12304,-3798 12304,-3797 12304,-3793 12306,-3788 12306,-3783 12309,-3816 12294,-3811 12299,-3809 12297,7100 -1851,7098 -1854,7102 -1854,7107 -1856,7107 -1858,7110 -1854,7110 -1851,7113 -1851,7115 -1851,7120 -1851,7123 -1847,7124 -1852,7125 -1852,7127 -1852,7131 -1852,7129 1148,7129 1145,7133 1150,7137 1148,7138 1147,7143 1149,7147 1154,8147 1155,8152 3155,8147 3157,8143 3158,8144 3160,8144 3164,11144 3167,11146 3167,11148 3163,11152 3161,11148 3159,11149 3163,11150 3161,11151 3166,11154 3171,11154 3170,8144 3160,8144 3163,8144 3166,8145 3166,8146 3171,8146 3174,8144 3174,8144 3174,8145 3176,8141 3180,3141 3182,7141 3183,7141 7183,7136 7185,7136 7185,7133 7187,7136 7187,7131 7190,7136 7194,7137 7197,7141 7196,7139 7199,12139 7200,12143 7200,12143 7199,12144 7203,12145 7200,12141 7200,12136 7195,12136 7191,12137 7191,12137 7196,12139 7197,12140 7197,12137 7201,12140 7204,12140 7209,12143 7209,12145 7210,12147 7214,12148 9214,12152 9218,12149 9218,12149 9221,12149 9220,12150 9222,12153 10222,12153 10226,12156 10227,12159 10223,12160 10220,12161 10225,12161 10227,12163 10224,12163 10223,12158 10224,12158 10227,12158 10231,12155 12231,12157 12226,7136 7185,7139 7189,7139 7189,7139 7188,7137 7191,7139 7191,7140 7189,7143 7191,7144 7189,7144 7190,7149 7193,7152 7194,7154 7198,7153 7203,7148 7207,12148 7209,12146 7209,12145 7213,12140 7217,12139 7219,12141 7219,12138 7218,12143 7218,13143 7220,13140 7224,13142 7228,13137 7231,13142 7235,13146 7239,13149 7243,13148 7247,13150 7248,13155 7249,13155 7253,13155 7253,13155 7258,13157 7260,13162 7255,13159 7255,13163 7258,13164 7258,13164 7263,13167 7264,13167 8264,13165 8265,13169 8265,13171 13265,13175 13261,13176 13259,13176 13259,13180 13262,13181 13262,13183 13262,13188 13265,13191 13267,13191 13265,13194 13267,13191 13269,13192 13264,13196 13269,13198 13272,13200 13272,13202 13270,13207 11270,13211 11270,13211 11273,13213 11274,13217 11275,13222 11276,13222 11272,13226 11274,13231 11277,13233 11282,13236 11284,13238 11284,13236 11286,13236 11288,13236 11283,13236 11284,13238 11289,13241 11292,13244 11292,13245 11289,13241 11294,13244 11298,13249 11301,320 22358,324 24358,328 24358,327 24363,326 24359,327 24361,329 24365,334 24367,-666 24367,-670 24368,49 123,46 127,46 129,49 131,49 136,47 135,45 138,3045 135,3042 138,3044 139,3044 144,3049 144,3053 142,3055 137,3058 136,3053 139,3048 142,7048 138,7048 3138,7048 3139,7048 3140,7050 3145,7053 1145,7050 1146,7053 5146,7048 5150,7047 5146,10047 5147,10043 5147,10047 5147,10050 5152,10052 5155,10054 5156,10056 5157,10056 5159,10058 5162,10062 5164,10062 5169,10066 9169,10068 9168,10063 9164,10063 9169,10061 9171,14061 9172,14061 9174,282 22342,287 22347,288 22347,288 22343,285 22339,280 22338,278 22341,279 25341,284 25343,13241 11294,13246 11296,13243 11296,13244 11291,13245 11291,13244 11291,13246 11295,13251 11300,13253 11305,13253 11306,13258 11305,13255 11306,13256 11309,13256 11311,13261 11307,13265 11303,13267 11305,13270 11301,13275 11298,13271 11300,15271 11302,15276 11306,15279 11303,15284 11305,15286 11305,15289 11307,15290 11302,15292 11305,15296 11309,15297 11313,15298 11316,15300 11317,15304 11320,15306 11324,15306 11320,15307 11320,15312 11320,15313 11319,15317 11317,15315 11321,15317 11323,15317 11328,15319 11333,15322 11336,15322 11337,15322 11337,15324 11341,15324 11345,15325 14345,15328 13345,17328 13346,17333 13349,17337 13354,17338 13358,17342 13358,17346 13353,17348 13353,17345 13353,17348 13354,17347 13354,17347 13354,17347 13355,22347 13358,22349 13355,22351 13355,22356 13354,22358 13354,22361 13355,22362 13355,22358 13355,22359 13359,22364 13364,22369 13369,22372 13373,22376 13371,22377 13371,22377 13369,22381 13374,22386 13379,22387 13376,22387 13380,22392 13378,22390 13374,22392 13378,22391 13378,22391 13375,22392 13378,22390 13380,22393 13382,22398 13387,22398 10387,22402 10391,22399 10392,22400 10392,22400 10394,22404 10391,22403 15391,22405 15392,22407 15392,22412 15387,22412 15390,22412 15394,22408 15396,26408 15398,26407 20398,26411 20402,26415 20406,26417 20411,26420 20407,26422 20407,31422 16407,31421 16405,31421 16410,31423 16410,31426 16414,31426 16410,31430 16415,31430 16418,31435 16419,31437 16420,31438 16422,31438 16425,31438 16425,31441 16427,31439 16431,31441 16436,36441 16436,36443 18436,36442 18437,36440 18440,36440 18436,36440 18440,36442 18445,36443 18446,36447 18451,37447 23451,37452 23456,37456 23455,37458 23459,37456 23461,37458 23463,37460 23466,37464 23469,37460 23474,37462 23476,37461 26476,37466 26479,37470 26483,37471 26488,37474 26489,37474 26485,37474 26483,37474 26488,37470 26492,37474 26497,37474 26499,37478 26495,37483 26499,37483 26501,37488 26496,37491 26499,37495 26495,37500 26496,37500 26497,37500 26501,37497 26499,37497 26499,37495 26504,37498 26504,37494 26509,37497 26514,37495 26515,37498 26514,37503 26514,37508 26512,37510 26516,37511 26519,37509 26523,37506 26528,37507 26532,37512 26536,37513 26538,37510 26542,37512 26544,37517 26543,37522 26546,37527 26551,37525 26555,37529 26558,37524 26563,37524 26562,37527 26562,37522 26562,37522 26559,37526 26561,37522 26559,37523 26561,37523 26556,37524 26558,40524 26560,40524 26563,40521 26567,40525 26566,40527 26568,40532 26572,40534 26569,40533 26565,40531 26565,40535 26569,40535 26570,40539 26572,40544 26575,40543 26575,40544 26579,40548 26584,40549 26581,40553 26585,40556 26590,40552 22590,40557 22594,40556 22595,40561 22592,40561 22593,40565 22593,40568 22593,40573 22588,40570 22590,40570 22591,40570 22588,40573 22590,40573 22593,40568 22593,40567 22597,40567 22599,40571 22599,40574 22600,40574 22604,42574 22607,42577 22607,42577 22612,42579 22616,38579 22619,38580 22617,38580 22614,38575 22619,38579 22619,38579 18619,38582 18614,38582 18617,38586 18622,38590 18625,38590 18622,38594 18621,38596 18616,38597 18614,38597 18618,38600 21618,38601 21618,38605 21620,38607 25620,38611 25620,38608 25617,38608 25621,38608 25625,38611 25623,38615 25623,38615 25620,38616 25622,38619 25624,38620 25625,38620 26625,38623 26627,38623 26627,311 22358,311 22359,-1689 22360,2311 27360,2312 27360,2312 27360,2317 27362,2317 27362,2319 27359,2319 27364,2318 27359,2321 27364,2326 27367,2325 27371,2326 27373,2326 27373,2325 27377,2329 27377,2327 27377,2330 27379,2333 27379,2331 27379,2331 27381,2336 27381,6336 27382,6336 27383,40527 26568,40531 26572,40533 26574,40538 26576,40533 26580,40538 26585,40539 26588,40536 26583,40540 26587,40539 26588,40535 26593,40540 26594,40544 26597,40548 26602,40548 26601,40549 26602,40547 26602,40548 26603,40553 26606,40548 26606,40548 26603,40551 26608,40556 26612,40559 26616,40554 26619,40556 26619,40556 26623,42556 26623,42556 26624,42560 26624,42562 26626,42563 26630,42564 26630,42564 26634,42559 26635,42562 26635,42565 26637,42562 26638,42564 26642,42564 26641,42568 26641,42572 26641,42572 29641,42574 29642,39574 29641,39574 34641,39576 34643,39581 34638,39578 34638,39574 34642,39574 34645,39572 35645,34572 35648,34577 35651,39577 35655,43577 35659,43580 35655,43575 35658,43578 35658,43581 35662,43577 39662,43572 39658,43572 39661,43572 39664,43572 39666,43576 39670,43577 39667,43580 39671,43576 39673,43573 39673,43574 39677,43569 39679,43567 39679,43568 39683,43563 39686,43566 39690,43566 39692,43568 39694,43568 39695,41568 39691,41570 39692,41571 39692,41571 39693,41571 39698,41571 39698,41574 39698,41569 39698,41570 39699,41570 39704,41572 39709,41573 39712,41578 39713,41579 39717,41584 39719,41585 39720,-1850 5268,-1845 5268,-1847 5266,-1842 5268,-1840 5263,-1845 5264,-1843 5264,-1839 8264,-1839 8267,-1839 8272,-1838 8276,-1834 8273,-1834 8273,-1833 8274,-1837 8279,-1836 8283,-1834 8286,-1836 8282,-1834 8279,-1835 8279,-1834 8280,-1836 8283,-1841 8288,-1846 8289,-1843 8286,-1838 8286,-1841 8285,-1838 8285,-1834 8288,-1829 8291,-1825 8286,-1825 8289,-1825 8287,-1824 8291,-1822 8294,-1821 8298,-1818 8300,-1818 8296,-1814 8296,-1811 8295,-1808 8292,1192 8296,1192 8297,1195 11297,1192 11301,1195 11305,1197 11300,1193 11300,1193 11296,1193 11293,1194 11294,1199 11292,1204 11292,1205 11294,1210 11292,1208 11288,1204 11290,1205 11289,1207 8289,1202 8284,1204 8282,1204 8281,1206 8281,1208 8281,1212 8283,1212 13283,1213 13287,1213 13290,1216 13293,1214 13289,1217 13286,1212 13291,1208 13288,1208 13292,1209 13297,1208 13296,1204 13298,1205 13303,1209 13308,1204 13308,1209 13304,1210 13304,1214 13309,1214 13314,1215 13314,1219 13314,1219 13319,1224 13320,1229 13321,1232 13325,1233 13329,1231 13329,1234 13334,-2766 13336,-2769 13337,-2765 13340,-2762 13345,-2760 13342,2240 13342,2238 13342,2242 13342,2246 13345,2246 13346,2244 13348,2239 13348,2240 13351,2240 13352,2245 13357,2248 13357,2243 13362,2247 13362,2248 13362,2252 13363,2256 13363,2256 13363,2260 13367,2255 13372,2251 13369,2251 13369,2252 13372,2249 13376,2254 13378,2255 13382,2259 13379,2262 13379,2267 13381,2262 13381,2262 13383,2265 13383,2269 13385,2270 13386,2271 13389,2267 13391,2271 13386,2275 13391,2273 13392,2275 13387,2277 13390,2274 13390,2275 13394,2280 13395,2280 11395,2281 14395,2279 14400,2277 14403,2273 14406,2274 16406,2274 16410,2279 16410,2284 16411,2280 16409,2280 16409,2282 16409,2282 16411,2282 16412,2280 16413,3280 16418,3284 16418,3285 16423,3289 16423,3292 16427,3294 16429,3296 16431,3297 16436,3298 16435,3303 16435,3305 16434,3305 16436,3305 16436,3309 16437,3309 16438,3308 16439,3308 16439,3306 16444,3302 16441,-1698 16437,-1703 16438,-1699 16438,-1697 16438,-1698 16439,-1695 16436,-1690 16441,-1687 16446,-1683 16450,-1682 16451,-1684 16453,-1682 16457,-1682 16457,-1686 16460,-1681 16459,-1680 16456,-1677 16460,-1681 16461,-1679 16464,-1674 16465,-1673 16469,-1669 16471,-1669 16476,-1665 16474,-1665 16478,-1664 16478,-1664 16479,-1661 16474,-1656 16471,-1655 11471,-1660 11473,-1663 11475,-1666 11480,3334 15480,3338 15476,3342 15471,3345 15471,3345 15470,3350 15469,3347 15474,3351 15476,3352 15473,3353 15476,3350 15477,3350 15479,3351 15482,3352 15484,3351 15487,3353 15487,3358 15487,3353 15486,1217 13286,1222 13291,1222 13291,1225 13286,1229 13286,1231 13281,1235 13280,1236 13281,1241 13282,1245 13285,1247 13285,1247 13287,1250 13287,1247 13290,1247 13295,1247 13298,1252 13301,1249 13304,1252 13304,3252 13304,3247 13304,3249 13308,3254 13308,3257 13308,3261 17308,3261 17309,3261 17306,3259 17305,3262 17310,3263 17308,3262 17311,3259 17314,3259 17314,3257 17309,3254 17309,3253 17309,3255 17310,3253 17312,3255 17312,3255 17312,3256 17307,3257 17307,3256 17311,3256 17313,3255 17317,3251 17317,3248 17321,3253 17325,3256 17326,3258 17324,3258 17327,3263 17322,7263 17325,7265 17328,7263 17330,7265 17333,7270 17333,7273 17333,7278 17336,4278 21336,4278 21340,4279 21340,4281 21340,4286 24340,4290 24343,9290 24347,9294 24349,9296 24347,9298 25347,9301 25348,9301 25348,9304 25353,9303 25357,9303 25352,11303 25355,11304 25358,11307 25358,11312 25358,11312 25361,11310 25365,11313 25365,11314 25369,11319 25371,11321 25371,11325 25366,11329 25365,11330 25366,11329 25370,11330 25365,11334 25367,11338 25366,11343 25363,11348 25359,11345 25356,11348 25357,11349 25358,11349 25358,11352 25360,11356 30360,11360 30365,11360 30365,11362 30365,11367 30367,11368 30369,15368 30370,15373 30371,15376 30373,14376 30378,14377 30383,14381 30378,14386 30380,14388 30382,14391 30385,14393 31385,16393 31389,16396 31394,16396 31397,16392 31400,16395 31405,16398 31409,16398 31413,16397 31415,16396 31417,16401 31418,16401 31422,16402 31419,16407 31420,16411 31419,16406 31423,18406 31427,18411 31432,18415 28432,18417 28437,18418 28441,18414 28438,18417 28435,18416 28439,18420 28442,18423 28447,18427 28444,21427 28445,21428 28450,22428 28455,22432 28457,22436 28458,22441 28458,22445 28463,22448 28468,22451 28465,22456 28468,22453 28468,22458 28471,22463 28473,22460 28475,22459 28472,22463 28476,22464 28472,22468 28468,22468 28471,25468 28466,25471 28468,25473 28464,25473 28464,25475 29464,25476 29466,25479 29461,25476 29462,25476 29464,25478 29464,25483 29461,25484 29460,25486 29458,25486 29462,25490 29460,25495 26460,25498 26463,25495 26468,25495 26472,25495 26472,25499 26474,25504 26476,25504 26478,25509 26476,25513 26479,25514 26481,25519 26477,25519 26480,25518 26481,25519 26484,25524 26483,25527 26484,25522 26484,25526 26487,25528 26492,25533 26496,25535 26498,25535 26498,25539 26503,25542 26504,25543 26505,25547 26510,25552 26510,25551 26508,25550 26512,25553 26510,25557 26510,25554 26511,25552 26508,25556 26505,25556 26506,25560 26506,25560 26507,25560 26506,25565 26501,25567 26504,25569 26504,25568 26508,25571 26508,25571 26511,25576 26511,25581 26516,25581 26519,25582 26521,25585 26522,25588 26527,25588 26526,25584 26530,25587 26534,25589 26529,25593 26533,25598 26538,25599 26540,25599 26540,25599 26540,25604 26543,25603 26543,25603 26538,25606 26538,25609 26540,25611 26542,25612 26547,25612 26547,25612 26548,25617 25548,25612 25548,25613 25547,25616 25545,25616 25549,25618 25551,25620 25555,25620 25551,25622 25550,25625 25551,25622 25555,25619 25557,25617 25556,25622 28556,25625 28551,25630 28546,25634 28548,25639 28553,25643 28553,25638 25553,25634 25553,25634 25557,25639 25557,25643 25558,25644 25553,25646 25556,25647 25560,25650 25562,25650 30562,25650 30562,25650 30564,25650 30566,25652 30570,25656 30571,25661 31571,25662 31575,25663 31579,25662 31579,25665 31581,25666 31584,25671 31582,25674 31581,25674 31584,25676 31584,25673 31587,25678 31586,25679 31581,30679 31584,30675 31589,30680 31590,35680 31590,35675 31589,35677 31591,35680 31590,35681 31587,35684 31588,35685 31589,35689 31592,35689 31593,35692 31597,35696 31597,35700 34597,35699 34599,35703 34604,35703 34606,35702 34601,35705 34603,35705 34606,35708 34603,35713 34604,35717 34603,35719 34608,35715 34608,35711 34608,35713 34609,35714 34605,35714 34610,35714 34614,35718 34616,35719 34617,35722 34618,35722 34621,35725 34625,35725 34626,35725 34629,35725 34631,35725 34635,35730 34636,35727 34638,35731 34640,35735 34642,35739 34645,35741 34645,35742 34649,35738 34649,35738 34645,35741 34647,38741 34650,38741 37650,38742 37646,38746 37651,38749 37652,38753 37653,38753 37657,38757 37656,38756 37660,38761 37660,38765 37660,38760 37660,38759 37660,38760 41660,38760 41660,38762 41665,38757 41667,43757 41669,43752 41674,43752 41677,43757 41672,43758 41677,45758 41680,45758 41679,45762 41683,45765 41683,45769 41683,45770 41684,45768 46684,45773 46688,45776 46692,45774 46694,45775 46697,45778 46695,45776 46698,45774 46702,45779 46702,45784 46704,45787 46706,45791 46711,45786 46707,45790 46711,45793 46715,45796 46719,45799 46724,45797 46728,45802 46726,45797 46729,45801 46733,45802 46733,45803 46732,45804 46732,45805 46732,45808 46735,45810 46740,45810 46744,2326 27373,2322 27377,2323 27379,2325 27383,2325 27382,2322 27382,2323 27382,5323 23382,5325 23385,5329 23386,5330 23390,5335 23392,5330 23392,5330 23395,5329 23395,5333 23399,5333 23402,5338 23405,5339 23405,5334 23406,5329 23401,5332 23403,5330 23407,5333 23409,5328 20409,5324 20411,5324 20414,5329 20416,5328 20421,5325 20421,5329 20424,5330 20424,5335 21424,5331 21427,5333 21431,5334 21433,5329 21434,5330 21437,5333 21440,5338 21437,5338 21440,5334 21441,5333 21438,5329 26438,5332 26435,5335 26439,5337 26440,5338 26444,5342 26439,5342 26442,5345 26440,5349 26438,5352 26442,5349 26445,5348 30445,5350 30447,5350 30444,5354 30444,5359 30443,5363 30445,5367 30446,5367 30448,5367 30453,5371 30455,5371 30453,5373 30458,5375 30461,5380 30463,5384 30463,5383 30459,5384 30459,5383 30459,5385 30460,5390 30459,5392 30464,5394 30464,5389 30465,5393 30469,5391 30469,5391 30469,5395 30474,5396 30470,5399 30470,5401 30467,5401 30468,5404 30470,5400 30465,5401 30462,5403 30467,5404 30467,5409 30469,5412 30473,5412 30477,5407 30481,8407 30486,8408 30489,8410 30490,8410 30489,8413 30490,8414 30493,8414 30496,8419 30501,8420 30502,8415 30507,13415 30509,13411 30506,13414 30507,13412 30511,13412 30515,13417 30518,13419 30523,13418 30527,13422 30529,13418 30531,13413 35531,13409 35531,13413 35532,13417 35537,13419 35533,13423 35529,13424 35529,13423 35524,13428 35525,13433 35526,13438 35530,13443 35531,13448 35531,13452 35532,13455 35536,13457 35536,13452 35536,13455 35539,13452 35535,13457 35540,13457 35544,18457 35546,18460 35547,22460 35546,22465 35550,22466 35554,22468 35552,22473 35555,22471 35559,22470 35564,22472 35564,22470 35569,22474 35569,22474 35571,22477 35573,22482 35576,22487 35580,22488 35583,22489 35585,22493 35585,22496 35585,25496 35586,25493 35582,25494 35585,25498 35585,25496 35585,25498 35587,25503 35591,25503 35593,25499 35590,25499 35591,25495 35591,26495 35595,29495 35591,29495 35593,29498 35597,29498 35601,29500 35606,29501 30606,29502 30603,29505 30603,29510 30606,29511 30606,29514 30607,29516 30610,29518 30608,3259 17305,3263 17304,3267 17303,3271 17308,3269 17312,3269 17313,3274 17315,3277 17315,3282 17311,3285 17313,3283 17309,3278 17310,3275 17315,3275 17317,3276 17322,3280 17324,3280 17324,3276 17325,3277 17325,3276 17328,3278 17324,3273 17329,3277 17331,3280 17326,3281 17328,3276 17324,3277 17324,3277 17322,3277 17321,3277 17321,3281 17323,3282 17327,3282 17332,3287 17335,3288 17335,3288 17338,3290 17337,3294 17340,3294 17341,3299 17341,3299 12341,3299 12342,3304 12339,3301 14339,3305 14340,3307 14341,3311 14343,3313 14343,3314 16343,3310 16341,3310 16346,3312 16348,3311 16349,4311 16346,4316 16348,4321 16344,4324 16348,4322 16349,4323 16346,4323 16346,4326 16350,4322 16354,4323 16356,4325 16361,4325 16358,4322 16362,4325 20362,4325 20366,4322 20367,4326 20372,4326 20374,4331 20373,4333 20373,4338 20376,4339 20379,4341 20382,4338 20384,4339 20386,4340 20383,4340 20383,4335 20388,4336 20390,4341 20390,4346 20391,4348 20391,4349 20393,37497 26499,37494 26496,37496 26500,37496 26501,37499 26506,37497 26502,37498 26502,37500 29502,37500 29507,37505 29508,37506 33508,37508 33513,37513 33518,37517 33522,37516 33520,37521 33521,37521 33525,37516 33530,37519 33528,37520 33528,37524 33530,37527 33530,37525 33527,37528 33530,37533 33533,37534 38533,37536 38536,22358 13355,25358 13360,25361 13358,25362 13362,25362 13362,25365 13365,25363 13367,25359 13369,25357 13374,25360 13374,2247 13362,2252 13366,2254 13363,2257 13363,2261 13358,2264 13354,2264 13356,2269 13361,2272 13363,2274 13363,2275 13363,2273 13362,2274 13365,2278 13365,2280 13370,2284 13366,2284 13365,2289 13368,2290 13366,2293 13368,2298 13373,2298 13372,2295 13375,271 22347,273 22350,4273 22347,4269 22348,4270 22350,4271 22355,4272 22360,4276 22363,4281 22365,4284 24365,4279 24365,4282 24365,4285 24365,4287 24364,4289 24362,4294 24360,4295 24362,4298 24365,4301 24369,1301 24370,1301 24371,1305 24375,1305 24376,1307 24377,1312 24380,1314 24382,1318 24380,1316 24382,1316 24387,1318 24387,1318 29387,1321 29387,1316 29383,1320 29386,1321 29389,1326 29389,1327 29389,2327 29394,2327 29394,2332 29393,-666 24367,-663 24368,-661 24368,-656 24371,-653 24372,-649 24372,-647 24374,-643 24370,-638 24375,-635 24380,-638 24382,-638 24384,-638 24384,-636 24388,-637 24390,-632 24386,-630 24386,-629 24386,371 24389,376 24394,374 24392,377 24397,3377 24400,6377 24405,6378 24408,6373 24406,6370 24406,6375 24403,6370 24403,6375 24403,6379 24406,6374 24409,6378 24411,6380 24412,6378 24415,6378 24419,6383 24423,6385 24425,6387 24428,6390 24433,6386 24430,6386 24435,6387 24436,6388 24440,6387 24444,6383 29444,6383 29447,6386 29451,6382 29446,6387 29447,6390 29452,6393 29452,6397 29455,6400 29459,6400 29463,6397 29467,6393 29467,6395 29470,6397 29473,6399 29468,6394 29467,6397 29470,6396 29473,6396 29470,6393 29465,6389 29469,6390 29470,6389 29465,6389 29468,6392 29470,6388 33470,6390 33466,6391 33466,6392 33467,6394 33467,322 22372,322 22374,323 22377,327 22378,331 22382,330 22383,332 22386,333 22383,331 22383,330 22387,332 22391,332 22396,337 22397,339 22394,340 22399,340 22398,340 22396,343 22396,343 22396,341 22400,342 22404,343 22402,348 22403,345 22407,347 22411,342 22411,345 22413,340 22417,345 22417,348 22422,348 22426,351 22427,352 22432,352 22436,4352 22438,4353 22442,4354 22444,4354 22447,4357 22449,4360 22450,4364 22450,4367 22451,4369 22453,4366 22455,4369 22453,4373 22458,4377 22459,4380 22459,4380 22464,4385 22467,4385 22467,4390 22469,4385 22469,4385 22472,25571 26508,25574 26507,25578 26512,25581 26512,25581 26512,25583 26508,25583 26513,25587 26516,25589 26515,25590 26515,25591 26517,25589 26520,25587 26522,23587 26526,23585 26531,23589 26534,23592 26538,24592 26543,24588 26545,24593 26547,24598 26543,24598 26548,24602 26545,24598 26540,24600 26545,24600 26548,24600 31548,24605 31549,24608 31551,24613 31552,24615 36552,24616 36557,24619 36557,24622 36560,24622 36564,24627 35564,24627 35569,24632 35569,25632 35570,25635 35569,25636 35573,25636 35573,25638 35576,25641 35580,25641 35583,25641 35588,25642 40588,20642 40593,20645 40593,20650 40595,20651 40591,20651 40594,20648 40591,20648 40591,20652 40596,20652 40596,20656 40597,20656 40600,20656 40601,20659 40598,20662 40597,20662 40597,20663 40600,20668 40601,20665 40606,1215 13314,1214 13319,1212 13317,1209 13312,1210 13312,1211 13317,6211 13320,6214 13320,6216 13320,6211 13323,6214 13318,6214 13323,6214 13324,6216 13319,6219 13323,6218 13321,6219 13321,6218 13326,6221 13329,6225 13331,6230 13335,6231 13339,6231 13343,6235 13338,6234 13342,6234 13344,6236 13345,25524 26483,25521 26484,25524 26489,25527 26487,25529 26484,25530 26482,25534 27482,25539 27486,25537 27488,25541 27483,25544 27486,25547 27490,25550 27491,25550 27491,25554 27486,25559 27486,25563 27489,25561 27489,25563 27493,25561 27491,25563 27493,25563 27495,25564 27497,25563 27497,25563 27497,25558 27498,25563 27499,25565 27503,25567 27503,25569 27503,25567 27504,25565 27505,25565 27505,25565 27505,25566 27505,25570 27501,25570 27497,25574 27498,25570 32498,25570 32501,25573 32501,25576 32497,25576 32498,25577 32501,25579 32503,25583 32504,25588 32507,25592 32512,25596 32507,25599 32507,25594 32503,25597 32506,25597 32510,25594 32509,25594 32510,25596 32513,25592 32513,25594 32515,25594 32520,25598 32520,25602 32517,25603 32518,27603 32520,27607 32523,27608 31523,27613 31527,27615 31527,30615 31530,30617 31530,30618 31532,30619 31536,30623 31537,30623 31538,30625 31538,30626 31541,30627 31541,30624 31540,30623 31540,30624 31545,34624 31546,34619 31543,34623 31545,34624 31549,34624 31548,34626 31550,34626 31555,34626 31551,34628 31555,34633 31555,34636 31559,34634 31564,34636 31564,34639 31562,34639 31560,36639 31555,36636 27555,41636 27557,41640 27554,41644 27558,41647 27559,41648 27555,41653 27555,41658 27555,41658 27552,41658 27552,41660 27550,41656 27554,41661 27558,41664 27561,41667 27566,41662 27562,41663 27563,41663 27565,41662 27569,41661 27569,41664 27571,41664 27567,41659 30567,41660 30565,41660 30561,41665 30566,41664 30561,41664 30561,41664 30562,41664 30563,41660 30558,1312 24380,4312 25380,4315 25384,4315 25385,4319 25383,4322 25388,6322 25387,6322 25387,6326 25392,6321 25397,6324 25397,6324 25401,6319 25404,9319 25405,9314 25400,9312 25402,9310 25403,9313 25403,9313 25403,9316 25400,9319 25401,4319 25396,8319 25398,8315 25400,8315 25396,8315 25397,8311 25398,8307 25394,8309 25394,8311 25397,8315 25402,8310 25403,11310 25365,11311 25365,11316 25370,11320 25375,11325 25375,11325 25380,11325 25382,11326 25378,14326 25380,14328 25382,14331 25383,14334 25385,14336 25386,19336 25386,19336 25389,19332 25390,19332 25391,19335 25388,19338 25391,19342 25393,19340 25393,19345 25396,19345 25394,19347 25394,19349 25393,19351 25397,19350 25398,19348 25399,19349 25403,19352 25399,19350 25402,19354 25400,19353 25405,23353 25402,23354 25402,23356 25405,23358 25409,23360 25413,23363 25414,23367 25412,23365 25411,23367 25414,23363 25413,23367 25416,23367 25416,23370 25418,24370 25414,24370 25419,24373 27419,24378 27419,24380 27416,24380 27412,24380 27410,24380 27406,24376 27406,24374 27410,24370 27414,24370 27415,24371 27420,24375 27415,24378 27411,24375 27415,24378 27418,24382 27421,24383 27426,24383 27425,24385 27430,24390 27431,24394 27432,24395 27436,24399 30436,24400 30439,24404 30443,24403 30439,24406 30438,24410 30442,24406 30446,24408 30445,24403 30445,24408 30442,24412 30446,24416 30446,24416 30449,19416 30449,19416 30447,19418 30452,19420 30453,19423 30458,15423 30462,15423 30464,15425 30466,16425 30467,16424 30471,16421 30474,16426 30474,16428 30476,16428 30476,16424 30474,16424 33474,16425 33474,16427 33477,16425 33479,16426 33477,16422 33480,16425 33482,16430 33479,16430 33478,16429 33482,16424 33482,16427 33484,16430 33488,16431 33488,16434 33488,16435 33491,16432 33487,16436 37487,16434 37490,16438 37485,16443 37482,16446 37480,16447 37480,16447 37482,16451 37478,16454 37479,16458 37479,16454 37479,16454 37482,16459 37486,16460 37491,16463 37495,16464 37492,16465 37493,16466 37494,16468 37497,16468 37501,16468 37501,16473 37503,16473 37503,16473 37498,16476 37494,21476 33494,21473 33493,21476 33489,21478 33491,21478 33496,21478 33492,21480 33496,21483 33501,21484 33504,21483 33500,21484 33505,21484 33505,21488 35505,21491 35505,21494 35506,21496 35510,21492 35506,21492 35509,21489 35514,21490 35517,21487 35519,23487 35523,23485 35528,23487 35533,23483 35534,23487 35535,23488 35537,23493 35539,23495 35542,23495 35546,23495 35550,23491 35549,23488 35552,23492 35555,23495 35560,23500 35559,23496 35557,4322 16354,4317 16358,4318 16358,4320 16363,4315 16363,4315 16362,4316 20362,4320 20365,4323 20363,4326 20366,4329 20367,4332 20370,4337 20374,4338 20375,4333 20375,4338 20375,4341 20377,4342 20377,4342 20378,4343 20381,4346 20386,4346 20386,4346 20386,4346 20386,4349 20390,4352 20395,4354 20396,4355 20400,4358 20400,4360 20401,4360 20404,4363 20405,4368 20406,4372 20411,4371 20416,4367 20417,4364 20422,4367 20420,4372 20425,4373 20422,4374 20418,4377 20418,4381 20422,4382 20423,4384 20418,4389 20421,4385 20423,4390 20423,4390 20425,4392 20429,4396 20434,41574 39698,41578 39702,41576 39704,45576 39704,45575 39709,45577 39713,45581 39715,45581 39718,45583 39721,45578 39726,47578 39722,47581 39719,47586 39722,47586 39726,47589 39730,47592 39733,47597 39733,47593 39733,47596 39735,47597 39735,47595 39735,47591 39739,47593 39744,47593 39747,4074 20263,4077 20268,4079 20268,4078 20271,4078 22271,4083 22276,4087 22272,4088 22275,4086 22279,4082 22280,4084 22282,4086 22277,4082 22277,4087 22281,4090 22281,4092 22281,4092 22286,4094 22287,4097 22290,4097 22291,4095 22286,4095 22288,4095 22293,4095 22288,4092 22285,4089 22286,4090 22286,4095 22281,4100 22286,4103 22285,4104 22288,4104 22289,4107 22294,4112 22292,4117 22290,4120 22295,120 22300,121 22303,122 22300,122 22300,121 26300,125 26303,129 26303,127 26305,127 26306,132 26306,132 26307,136 26307,141 26309,140 26311,143 26313,140 26314,145 26318,149 26318,153 26321,153 29321,158 29326,158 29329,162 29324,162 34324,165 34329,168 34328,167 34332,169 34333,173 34334,173 34336,177 34338,178 34340,178 34344,182 34348,177 34348,182 34348,184 34353,184 34358,181 34360,183 34365,187 34365,192 34365,197 34367,199 34366,203 34368,205 34368,202 34363,204 34360,1204 34360,1205 34364,1205 30364,1205 30359,1206 30361,1207 30364,1210 30366,1210 30366,1214 30367,1218 30372,1219 30375,1214 30379,1214 30384,1217 30382,1222 30383,1223 30382,1225 30380,1228 30379,1231 30383,1232 30383,1235 30384,1237 30388,1242 30386,1244 30389,2244 30392,2241 30395,2245 30397,2245 30399,2244 30394,2242 30395,2246 32395,2246 32395,2249 32398,2251 32393,5251 32390,5251 32395,5255 32399,5255 32397,5257 32397,5257 32401,5261 32406,5261 32411,5266 32412,5271 32416,5273 32419,5276 32420,5281 32422,5279 32425,6279 33425,6284 33429,6284 33430,6282 33431,6282 33428,6286 33425,6288 32425,6288 32421,6286 32424,6288 32424,11288 32427,11292 32425,11292 32429,11290 32434,11286 32437,11286 32437,11283 32442,11278 32442,11279 32443,11283 32445,11284 32445,11283 32448,13283 32447,13287 32442,16287 32446,16282 32445,16283 32445,16284 32448,16285 32448,16284 32446,16286 32443,16290 32446,16291 32446,16292 32450,16291 32450,16291 32450,16291 32445,16287 32447,16288 32452,16287 32457,16291 36457,16289 36462,16293 36462,16294 36462,16297 36462,16301 36464,16306 36469,16310 36467,16310 36463,16313 36459,16312 36460,16313 36465,16313 36469,16308 36470,16309 36468,16314 36470,16319 41470,16322 41471,16325 44471,16330 44471,16330 44471,16330 44473,16330 44474,16335 44479,16332 44477,8414 30496,8415 30497,8419 30497,8414 30501,8416 30500,8418 30495,8421 35495,8423 35494,8427 35497,8429 35499,8432 35499,8436 35503,8438 35503,8443 35505,8440 35508,8443 35509,8440 35509,8440 35511,8441 35515,8445 35511,8448 35512,8443 35517,8443 35519,8442 35524,8444 35526,8441 35527,8436 35527,8433 35523,8429 35527,8430 35530,8431 35532,8429 35533,8433 35535,8437 32535,8435 32536,8439 32536,8436 32539,9436 32542,9434 32537,9429 32534,9429 32534,9433 32537,9433 32542,9429 32543,9434 32538,9436 32538,9436 34538,7436 34538,7438 34543,7439 34543,7439 34543,7439 34548,7438 34549,7438 34552,7438 34553,7438 34556,11438 34561,11434 34559,11436 34555,7436 34553,7436 34549,120 1235,124 1239,125 1236,125 1238,129 1235,128 1235,125 1236,123 1239,128 2239,132 2242,131 2242,135 2242,140 2242,145 2247,146 2252,144 2253,146 2248,144 2245,146 2244,150 2249,155 2245,159 2242,160 2243,160 2245,155 2244,156 2245,3156 2246,3159 2248,3159 2250,3164 2254,3165 2257,3166 2255,3169 2257,3171 2262,3169 2263,3174 2268,3177 2273,3174 2276,3178 2275,3173 2279,3177 2276,3180 2279,3182 2284,3185 2289,5185 2286,5185 2288,5181 2286,5185 2288,5184 2293,5187 2293,5187 2297,5190 2299,5187 2299,5185 2300,5181 6300,5182 6297,5187 6300,5189 6298,5191 6296,5193 6296,5193 6296,5195 6297,5195 6300,5197 6297,5195 6300,5190 6302,5191 6306,5192 6308,5195 6312,24395 27436,24391 27437,24393 27433,24398 27436,24398 27437,16286 32443,21286 32443,21286 32444,21282 32448,21283 32446,21283 32448,21285 32451,21281 32456,21282 32458,21282 32463,21282 32468,21284 32470,21289 32471,21287 32471,21287 32469,21287 32474,21284 32477,21288 32482,21291 32482,21291 32486,21296 32485,21299 32486,21301 32487,21303 32484,21301 32482,21305 32487,21310 32491,21312 32495,21313 32491,21315 32495,21312 32495,21314 32498,21316 32501,21311 32506,21311 32508,21312 32513,21317 32516,21319 32516,21324 32516,21327 32521,21328 32526,21332 32527,21328 36527,21331 41527,21336 41527,21334 41531,21337 41533,21335 41535,21339 41540,21340 41540,21343 41536,25343 41539,25340 41542,25337 41542,25337 41545,25335 41542,25335 41543,25335 46543,25339 46548,30339 46551,30340 46556,30343 46557,30342 46553,30337 46556,30341 46561,30337 46565,30336 46563,30338 46564,24373 27419,24373 27421,24375 27424,24377 27425,24377 27430,24374 27435,24379 27437,24384 27432,24385 27434,24382 27437,24381 27442,24381 31442,24381 33442,20381 33439,20383 34439,20382 34440,20378 34444,20381 34446,20381 34442,20384 34443,20388 34446,20392 34447,20393 34442,20393 34447,20396 29447,20395 29443,20399 29443,20400 29439,20399 29436,20404 29439,20409 29440,20410 29440,20410 29444,20408 29445,20413 29448,20413 29451,20412 29455,20413 29458,20418 29461,20413 29463,20415 29464,20416 29464,20416 29463,20416 29463,20418 29464,20414 29465,20418 29463,20413 29460,20413 26460,20418 26458,20421 26459,20421 26461,20421 26460,43578 35658,43578 35654,43578 35658,43578 35660,43583 35661,43583 35659,43583 35662,43579 35663,43583 35661,43587 35666,25625 25551,25629 25551,25630 25554,25630 25559,25632 25560,25627 25561,25623 25557,25623 25559,25624 25561,26624 25566,26627 25566,29627 25571,29626 25574,29625 25575,29622 25579,29625 25583,29630 25588,29632 25589,29635 25591,29635 25594,29637 25598,29642 25596,29643 25597,29644 25597,29649 25598,29654 25602,29656 25602,29661 25603,29661 25601,29664 26601,29666 26604,29665 26604,29668 26607,29672 26607,29669 26611,29671 26616,29674 26613,29679 26616,29680 26616,29681 26615,29682 26619,29679 26617,29684 26622,29686 26624,29689 26624,29690 26628,29691 26630,29693 26625,29694 26620,29698 26617,29703 29617,29707 29616,29706 29620,29709 29623,34709 29626,34710 29628,34710 29627,2282 16411,2283 16412,2283 16412,2287 16417,2292 16421,2297 16421,2298 16426,2303 16426,2304 16429,2309 11429,2313 11432,2308 14432,2308 14431,2311 14433,2310 14437,2308 14438,2309 14440,2311 14440,2309 14443,2312 14443,2314 14447,2314 14452,2314 14450,2309 14451,2309 14451,2309 14456,2313 14461,2313 14461,2309 19461,2309 19461,2311 19462,2315 19465,2318 19465,2321 19462,2317 19464,2321 19467,2322 19467,2322 19469,2322 19469,2320 19464,2321 19462,2322 19461,2327 19466,2327 19461,2322 19461,2322 19463,2317 19467,2318 19471,2102 -1848,2107 -1848,2111 -1846,2114 1154,2114 1156,2115 1157,2114 6157,2116 6162,2121 6165,2124 6170,2121 6175,2124 6179,2124 6183,2128 6178,2126 6179,2125 6178,2126 6181,2122 10181,2127 10186,2128 10189,2130 10188,2130 10191,2127 11191,2127 11195,2131 11196,2132 11192,2131 11197,2135 11201,2135 11203,2139 11199,2142 11203,2143 11204,2147 11208,2142 11210,2142 11211,2147 11212,2150 11217,2150 11219,2151 11219,2152 11222,2152 11222,2148 11224,2150 11220,2150 11223,2146 11218,2143 11219,2140 11221,2143 11218,2140 11219,2140 11223,2145 11225,2147 11226,2152 11226,2155 11224,2157 11229,2157 11229,2153 11233,2153 11238,2149 11239,7149 10239,7154 10241,7157 10241,7162 10243,7164 10248,7164 10251,7169 10253,7171 10253,7172 10257,7177 10260,7182 10256,7187 10260,7191 8260,7195 8256,7200 8258,7204 8258,7203 8261,7203 8262,7205 8266,7209 8270,7209 8273,7214 8273,7214 8276,7210 8276,7211 8276,7213 8279,7218 8278,7222 8283,7223 8279,7220 10279,7221 10283,7223 10284,7228 10286,7230 10290,7231 10290,7231 10293,7232 10294,7232 10297,7234 10299,7229 10295,7226 10294,7221 10293,7223 10295,7228 10299,7229 10303,7232 10307,7232 10311,7233 10316,7234 9316,7239 9318,7244 9321,7241 9326,7241 9328,7238 9331,7235 9330,7237 9335,7236 9335,7236 9337,7236 9338,7231 14338,7230 14333,7232 14338,7237 18338,4082 22280,4081 22280,6081 22283,6076 22285,6076 22289,6078 22286,6080 22287,6084 22292,6084 22293,6085 22293,6086 22291,6091 22294,6092 22293,9092 22290,9095 22294,9096 22295,9096 22297,9091 22292,9096 22295,9098 22290,9094 18290,9097 18290,9096 18294,9099 18292,9098 18297,9103 18299,9103 18302,9103 18305,9100 18301,9102 18302,9106 18305,9102 18310,9101 18306,9103 18308,9103 18312,9107 18310,9107 18315,9107 18320,9111 18322,9111 18326,9113 18329,9111 18329,9116 18329,9121 18329,9121 18332,9123 18331,9124 18332,9125 18328,9127 18325,9125 18328,9128 18329,9133 18329,9136 18333,9141 18337,9142 18342,9143 18340,9148 18344,9152 18341,9150 18346,9149 18341,9149 18341,9154 18343,9158 18345,9161 18346,9161 18347,9163 18352,9164 18352,9162 18349,9165 18352,9165 18351,9165 18352,9165 18356,9163 18352,9167 18353,9167 18349,9168 18351,9168 18347,9173 18347,9175 18347,9179 18348,9182 18349,9187 18352,9186 18357,9189 18360,9192 18360,9196 18362,13196 18367,13196 18369,13196 18371,13199 18374,13194 18374,13197 18375,13200 18377,13205 18380,13210 18384,13209 18379,13209 18374,13213 18375,13216 20375,13212 20375,13215 20375,13211 20375,13211 20372,13208 20373,13204 20373,13204 20369,13205 20369,13207 20366,13212 20367,13216 20367,13221 20372,13222 20377,13225 20381,13226 20386,13230 20383,9230 20388,9228 20384,9228 20386,9223 20389,9223 20392,4223 20397,4223 20396,4225 20399,4222 20404,4220 20408,4220 20411,4223 20416,4227 20421,4230 20418,4234 20421,4232 20422,4236 20423,4238 20423,4239 20423,4235 20427,4231 20427,4230 20426,4228 20428,4232 20427,4232 20431,4236 20433,4241 20431,4241 22431,4236 22436,4239 22437,4239 22439,4236 22443,4232 22439,4236 22444,4236 22446,4239 22447,4239 22452,4241 22454,4245 22457,4245 22460,4250 22462,4251 22465,4253 22465,4249 22465,4251 22460,4251 22464,4255 22469,4257 22473,4256 22478,4259 22479,4260 22480,4257 22485,6257 22489,6260 22490,6260 22493,6262 22496,6262 22500,6267 22495,6271 22495,6276 22491,6276 22489,6281 22487,6286 22490,6289 22490,6294 22490,6294 22489,6292 22485,6292 22489,6288 22489,6288 22494,6288 22496,6286 22497,6288 22501,6292 22500,5292 22503,5292 22503,5296 22508,5295 22510,5300 22510,5305 22513,5302 22514,5306 22510,5309 22513,5313 27513,5313 27513,5317 27513,5322 22513,5326 22517,6326 22516,6323 22518,6323 22523,6320 22523,6321 22526,6323 22531,6323 22531,6324 22532,6324 22532,6325 22529,6321 22531,6323 22534,6328 22534,6329 22530,6324 22527,10324 22522,10319 22524,10315 22520,10314 22525,10311 22525,10307 22526,10304 22531,10306 22527,10306 22528,10309 22530,10312 27530,10312 27534,10312 27534,10307 27536,10307 27532,11307 27531,11307 27533,11308 27535,11303 27531,11298 27532,11294 27534,11294 27534,11299 27538,11297 27542,11302 27547,11306 27547,11311 27549,11313 30549,11317 30551,11313 30546,11316 30541,11316 30540,11319 30545,11318 30546,11323 30550,11326 30554,11326 34554,11330 34558,11331 34558,11333 34558,11332 34561,11328 34561,11331 34562,11336 34562,11336 34567,11340 34570,11342 34569,11345 34568,11344 34569,11345 34571,11349 34574,15349 34574,15354 34569,15359 34566,15362 34571,15363 34576,15367 34577,15368 34577,15371 34581,15374 34576,15379 34574,15383 34579,15384 34584,15387 34583,17387 34578,17392 34578,17391 34578,17396 34573,17397 34578,17397 34580,17397 39580,17402 39584,17397 39587,17402 39587,17406 39582,17403 39587,17407 39589,17409 39592,17406 39592,17409 39595,17409 39599,17412 39603,17416 39608,17417 39608,17417 39608,17421 39607,17422 39609,17424 39608,17427 39604,17425 39605,17426 39609,17423 39611,17422 39610,17425 39613,17428 39618,17428 39619,17429 39616,17432 39616,13432 39615,13432 39617,13432 39617,13432 44617,13434 44621,13434 44623,13439 44627,13442 44632,13442 44635,13440 44631,13442 44631,13445 44635,13447 44639,13445 44637,13445 44638,13450 44639,13454 44644,13457 44644,13459 44642,15459 44639,15457 44644,15461 44644,15462 44642,15459 44645,15459 44647,15463 44650,15458 44651,15459 44653,15461 44657,15463 44661,15463 44661,15463 44663,15467 44666,15472 44668,15474 44664,15470 44668,15471 44670,15473 44674,15475 44675,-3806 12298,-3804 12301,-3805 13301,-3804 13296,-3808 13292,-3809 13295,-3806 13300,-3804 13297,-3801 13301,-3801 13302,-3796 18302,-3801 18306,-3799 18311,-3802 18311,-3799 18312,-3801 18314,-3796 18319,-3795 18322,-3791 18321,-3786 18320,-3786 18321,-3784 18321,-3782 18321,-3781 18324,-3782 18325,-3783 18320,-3788 18324,-1788 18324,-1788 18329,-1784 18333,-1784 18334,-1781 18329,-1777 18334,-6777 18337,-6774 18339,-6776 18341,-6781 18341,-6779 18341,-6779 18343,-6779 18339,-6777 18343,-6782 18338,-6779 18341,-6778 18341,-6776 18336,-6776 18333,-6776 18333,-6780 18338,-6784 18338,-6787 18335,-6786 18336,-6781 22336,-6781 22335,-6778 22331,-6777 22326,-6777 22331,-6777 22335,-6772 22335,-6774 22340,-6769 22341,-6767 22337,-6767 22335,-6767 22335,-6767 22333,-6767 22336,-6762 22331,-6759 22331,-6764 22332,-6765 22334,-6767 22339,-6762 22334,-6760 22334,-6760 22334,-6758 22337,-6754 22341,-6754 22342,-6750 22339,-4750 22343,-4747 22343,-4752 22343,-4751 22344,-4749 22345,-4745 22348,-4740 22353,-4736 22358,-4738 22363,-4740 22358,21336 41527,21334 41527,21330 41526,21330 41526,21333 41529,21328 41529,21329 41530,21326 41532,21328 41532,21324 41537,21328 41532,21330 41535,21334 41532,21336 40532,21334 40536,21339 40534,21341 40534,21344 40534,21346 40532,21350 40532,21353 40535,21357 40539,21359 40542,21360 40546,21355 40546,21360 40547,21359 40550,21356 40551,21356 40550,21357 40550,21361 40554,21358 45554,21362 45556,21366 45553,21370 45557,21374 45556,21377 45553,22377 45549,22382 45549,22382 45552,22386 45557,22387 45557,22388 45553,22392 45557,24392 45561,22392 45558,22397 45561,22399 45558,22398 45561,22400 45564,22400 45569,22404 45573,22406 45577,22406 45581,22404 45581,22407 45582,22409 45579,22409 45575,22409 45579,22407 45579,22402 45582,22402 45582,22404 45587,22406 45587,22406 45589,22411 45589,22413 45590,22417 45591,22417 45592,22422 45587,22425 45583,22428 50583,22428 50585,22428 50585,22430 50588,22435 50590,22435 50585,22435 50590,22439 50595,22440 50590,22445 50587,22442 50584,22442 50586,22443 54586,22443 54590,22446 54595,22448 54597,22448 59597,22444 59593,22449 59596,22449 59599,22452 59600,22457 59600,22458 59605,22457 59602,22462 59603,22463 59604,22461 59605,22458 59602,22457 59601,22457 59601,22455 59605,25455 59606,25457 59611,25462 59613,25464 59614,25467 59617,25472 59612,25476 59613,25478 59610,25482 59615,25482 59616,25486 59612,25483 59614,25487 59619,25492 59623,25497 59625,146 2252,150 2249,150 2249,152 2254,157 2249,158 2253,157 2252,161 2255,159 3255,161 3258,161 3255,163 3255,168 3259,168 3259,172 3263,167 3267,172 3271,172 3272,172 3274,175 3278,179 3282,181 3283,184 3280,185 3282,187 3282,191 3284,192 3286,191 6286,193 6289,198 6285,195 6290,194 6289,195 6289,199 6293,200 6288,198 6290,202 6291,207 6296,212 6301,215 6301,216 6301,211 6304,212 6304,216 6309,216 6304,214 6308,213 6308,211 6305,212 6309,217 6314,220 6317,224 6322,222 6327,220 6323,41573 39712,41572 39709,41576 40709,41580 40714,41576 40717,36576 40717,36577 40719,36582 40716,36585 40721,36590 43721,36585 43721,36582 43724,36585 43729,36590 43731,36590 43730,15289 11307,15285 11312,15286 11315,15289 11315,15294 11315,15295 11316,15296 13316,38742 37646,38743 37650,38745 37655,38744 37658,38739 37659,38737 37662,38742 37662,38745 37657,38748 37662,38748 37662,38752 37667,38753 37667,38748 37669,38748 37668,38752 37673,38754 37674,38756 37676,38758 37674,38760 37679,38760 37675,38758 37675,38763 37675,38767 37674,38772 40674,38767 40679,38772 40683,38774 44683,38778 44686,38780 44690,38780 44690,38779 44695,38782 44700,38780 44695,38775 44696,38775 44696,38775 44696,38779 44699,38783 44696,38784 44696,38786 44692,38786 44692,38786 44696,38791 44698,38793 44699,38795 44703,38800 44708,38803 44708,38807 44709,38802 44706,38806 44708,38809 44709,36809 44709,36814 44704,36813 44705,36814 44705,36816 44709,36811 44712,36812 48712,36811 48717,36815 48721,36816 51721,36818 51717,36822 51720,40822 51715,40827 51712,40830 51716,40829 51719,40832 51723,40835 51724,40840 51721,40841 51721,40836 51725,40841 51730,40846 51734,40848 51738,40849 51740,40851 51743,40854 51745,40855 51746,40857 51750,40857 51746,40861 51748,40866 51751,40862 51750,40866 51750,40869 51752,40865 51752,40863 51755,40858 51757,40855 51753,40855 51758,40852 51758,40853 51760,40857 51761,40855 51757,40852 51760,40853 51761,40855 51762,40858 51757,40859 51756,40863 51757,40863 51759,40860 51764,40859 51764,40854 51768,40850 51765,40852 51767,40852 51767,40848 51772,40852 51776,40854 51778,40852 51778,43852 51778,43854 52778,43856 52781,43859 52781,43859 52776,37512 26536,37517 26531,37520 26535,37520 26540,37522 26544,37527 26544,37532 26549,37537 26544,37540 26549,37545 26544,37549 26547,37549 26550,37548 26551,37549 26553,37546 26553,37546 26553,37549 26556,37549 26559,37552 26559,37556 26564,37560 26559,37561 26561,37565 26565,41565 26565,41569 26568,41571 26573,41571 26573,41576 29573,41571 29573,41573 29576,41573 29578,46573 29578,46569 29582,45569 29583,45572 29583,45568 29583,45573 29581,45575 29578,45571 29581,45572 29584,45572 29585,45576 29585,45578 29588,45581 29591,45582 29593,45582 29598,45584 29597,45589 29600,45585 29605,45589 33605,45593 36605,45594 36607,45599 36609,45600 36604,45604 36604,45604 36608,45604 36607,45608 36610,50608 36613,50611 36609,50614 36609,50619 36605,50624 36605,50625 36606,50625 36605,50629 36606,50624 36608,50625 36610,50626 36610,50629 36608,50627 36610,50628 36614,50632 36618,46632 34618,46632 35618,46636 35622,46636 35617,46637 35620,46639 35619,46643 35620,46645 35625,46643 35630,46648 35635,46648 35640,46649 35643,46651 35647,46655 35650,46652 35655,46657 35656,46658 35657,46662 35660,46659 35663,46662 35664,46665 35663,46667 35667,46667 35663,46670 35666,46672 35671,46674 35671,47674 35668,47676 35672,47677 35673,47677 35678,47677 35677,47677 35677,47677 35682,47672 35683,47671 35683,49671 35685,49674 35689,49677 35692,49675 35692,54675 35697,54678 35699,54674 35699,54670 35701,54670 35700,54675 35703,54676 34703,54676 34703,54679 34706,54683 34708,54688 34706,54688 34707,54685 34702,54687 34702,54692 34707,54687 36707,54687 36706,54682 36707,54685 38707,54680 38710,54680 38714,54677 38714,54679 38719,54682 38720,54687 38716,54688 38717,54692 38722,54697 38726,54699 38727,54700 38724,54702 38720,52702 38719,52702 38719,52702 38721,52702 38725,52704 38726,52706 38728,52707 38729,52711 38728,52711 35728,52713 35733,52712 35737,52712 35739,52713 35742,52713 35745,52708 35745,52710 39745,52713 39749,52716 39748,52721 39749,52720 39753,52716 39756,52716 40756,47716 40757,47717 40761,47722 40761,47722 40761,47722 40766,47726 40769,47728 40772,47733 40777,47731 40773,50731 40777,51731 40779,51733 40782,51734 40786,51737 40784,51741 41784,51739 41783,51739 41785,51739 41785,51736 41789,51731 41789,52731 41790,52735 41791,52738 41790,52742 41789,52746 41785,52747 41785,52745 41785,52750 41782,52753 41786,52753 41787,52758 41792,52754 42792,52749 42793,52752 42794,52756 42791,52757 42790,52762 42793,52766 42797,52766 42797,52769 42802,52774 42806,52774 42805,52771 42807,52774 42807,52770 42808,52771 42811,52767 42811,52766 42812,52767 42817,52771 42817,52771 42817,52775 42815,52779 42811,52779 42812,52780 42815,52776 42818,52774 42818,52777 42822,52780 42823,52781 42827,52776 42829,52780 42832,54780 42835,54780 42840,2135 11201,2140 11203,2137 11204,2140 11209,2142 11213,2147 11211,2145 11213,2145 11213,2150 11218,2150 11221,2153 11225,2157 13225,2162 13228,2167 13231,2171 13232,2167 13229,2168 13233,2171 13237,2173 13239,2168 13234,2168 13235,2173 13235,2175 13234,2177 13235,2177 13234,2179 13229,2179 13226,2180 13226,2177 13226,2177 13231,2180 13231,2181 10231,2176 10233,2177 10232,2180 10235,2185 10237,2182 10240,6182 10240,6184 10244,6182 10242,6183 10243,6185 10246,6190 10244,6194 10244,6194 10247,6192 10247,6192 10252,6195 10256,6194 10260,6195 9260,6195 9260,6195 9264,6199 9269,6204 9272,6199 9268,6201 9268,6203 9265,6208 9268,6204 9270,6204 9275,6201 9279,6201 9281,6201 9286,6206 9281,6206 9277,6202 9281,6200 9285,6202 9288,6198 9290,7198 9293,7200 9297,7201 9297,7205 9298,7209 9298,7209 9299,8209 9302,8214 10302,8218 10306,8222 10308,8226 10313,8231 10313,8235 10318,8237 10318,8237 10323,8233 10326,8233 10327,8237 10325,8238 10328,8238 10330,8234 10330,11234 10332,11236 10333,11241 10337,14241 10338,14240 10338,14237 10339,14238 10337,14237 10339,14242 10339,14246 10339,14250 10339,14250 10339,14251 10337,14254 10337,14256 10334,14256 10332,14252 10336,14255 10340,14259 10342,14262 10347,11148 3159,11153 3163,11154 3162,11154 3165,11158 3167,11161 3172,11162 3175,11162 3176,11166 3179,11166 3181,11171 3185,11176 3180,11178 3179,11176 3181,11179 3183,11174 3182,52776 42818,52778 42822,52777 42822,52782 42817,52783 42822,52784 42823,52789 42826,52789 42823,56789 42828,56786 42829,56786 42832,56789 42836,56789 42835,56785 42838,56786 42843,51786 42844,51788 42846,51790 42847,51794 42842,51796 42842,51801 42846,53801 42849,53806 42849,53809 42852,53812 42850,53817 42846,53817 42848,53818 42853,53822 42856,53823 42854,53826 42858,53825 42860,53826 42860,53826 42864,53830 42868,53835 42873,53839 42873,53841 42872,53841 42876,53841 42879,53841 42884,53836 42888,53836 42889,53836 44889,53833 44889,53835 44893,53838 44897,53842 44897,53844 44900,53844 44904,53845 44905,53850 44903,53853 44904,53858 44906,53856 44907,53861 44909,53856 44913,53858 44916,53863 44916,53868 44918,53867 43918,53869 43921,53869 43919,53867 43919,53862 43918,53860 43923,53864 43928,53869 43930,53874 43933,53874 43932,53874 43932,53875 43930,53877 43928,53878 43924,53883 43927,55883 43929,55883 43925,55879 43929,55881 43929,55884 43928,55881 43928,55882 43929,55883 45929,55883 45933,55883 45936,55884 45941,55884 45941,55886 45946,55882 45948,55883 45952,55888 45956,55890 45957,55894 45953,55892 45954,55897 45950,55893 45954,55896 45956,55892 45955,55897 45959,55899 45961,55899 45961,55894 45962,55898 45957,55893 49957,55896 47957,55894 47956,55898 47960,55901 47964,55901 47967,55901 47970,55896 47973,55898 47969,55894 47974,55895 47975,55891 47976,55896 47979,55899 47984,55902 47983,55897 47987,55899 47989,55904 47992,55904 47993,55905 47997,55902 48001,55902 48003,55907 48000,55910 47998,55915 47999,55911 47994,55906 47998,55910 48003,55914 48000,55918 48000,55914 48000,55919 48000,55921 48003,55921 48007,55924 48007,55919 48010,55922 48005,55927 48009,55928 48008,55928 48008,55930 48012,55925 48012,55925 48016,54925 48014,54922 48018,54922 44018,54926 44013,54929 44012,54932 44016,55932 44017,55935 44017,55936 44020,55937 44022,55936 44020,55939 44015,55944 44018,55945 44022,55947 44023,55950 44024,55953 44020,55956 44023,53867 43919,53871 43921,52871 43921,53871 43923,53876 43923,53881 43923,53880 43927,53882 43931,53886 43936,53884 43937,53879 43934,53879 43937,53877 43939,53878 43938,53879 43942,53880 43947,53881 43948,53884 45948,53884 45949,53882 45953,53883 45954,53878 45956,53880 45953,53885 45958,53885 45958,53886 45957,53886 48957,53886 48962,53891 48962,53892 48964,53897 48965,49897 48962,49902 48965,49906 48967,49902 48967,49904 48971,49901 48967,49904 48970,54904 48971,54904 48971,54904 48975,54909 48979,54907 48975,54910 48975,54906 48971,54909 48973,54911 48975,54915 48978,54920 48978,54923 48981,54918 48984,54921 48984,56921 48984,56926 48986,56924 48981,56929 48980,56932 48979,56932 48977,56936 48979,56937 48981,56937 48982,61937 48984,61937 48980,61934 51980,61935 51981,61935 51984,61935 51984,61931 51986,5329 23395,5331 23395,5333 23390,5337 23392,5340 23395,5345 27395,5345 27397,5350 27398,5355 27399,5356 27402,6356 27405,6360 27407,6361 27406,6364 27402,6366 26402,6371 26402,6371 26402,6372 26405,6370 26405,6375 26406,6380 26411,6385 26413,6387 26414,6388 26419,6390 26419,6391 26424,6393 30424,6390 30429,6390 30432,6390 30430,6394 30434,6394 30437,6394 30441,6396 30442,6398 30439,6399 30436,6404 30435,6405 30435,6400 30435,6405 30440,6404 30443,6405 30447,6409 30447,6411 30447,6412 30448,6417 30446,6421 30450,6418 30448,6417 30444,6418 30449,6420 30451,6425 30456,6426 30456,6425 30458,6426 30458,6426 34458,6427 34459,6432 39459,6434 39462,6434 39467,6439 39470,6443 39467,6444 39468,6449 39473,6451 39476,6452 39481,6452 39479,6452 39476,8452 39476,8456 39478,8460 39480,10460 39482,10455 39482,10456 39484,10460 39484,10463 39484,10468 39486,10473 39482,10475 39484,10475 39486,10476 39488,10477 39492,10475 39494,10480 39499,10476 39501,10479 39506,10480 39510,10475 39508,10480 39513,10481 39516,10481 39516,10485 39521,10487 39522,10490 39523,10490 39520,10493 39520,10496 44520,10491 44519,10491 44524,10492 44520,10497 44525,10499 44525,10502 44527,10500 44531,10502 44535,10506 44535,10511 44532,13511 44536,13513 44533,13510 44535,13507 44540,13511 44543,13515 44548,13517 44549,13522 44550,13525 42550,13520 42551,13522 42553,13525 42552,13529 42557,13529 42558,13524 42559,13525 42559,13525 42562,13520 42564,13523 42567,15523 42569,15523 42572,15524 42577,15529 42577,15530 42582,15532 42584,15532 42588,15531 42587,15531 42592,15530 42587,15530 42583,15533 42583,15536 47583,15532 47583,15535 47587,15534 47590,15536 47594,11536 47590,11533 47590,11529 47590,11533 47592,11533 47592,11533 47593,11537 47598,11538 47603,11538 47603,11538 47605,11541 47609,11544 47613,14544 47614,14539 47610,14537 47610,14537 47614,14535 50614,14537 50619,14539 50619,14540 50623,14538 50623,14537 50619,25599 26540,25599 26541,25599 26544,25594 26542,25599 26543,25596 26544,25597 26543,25598 26543,25593 26544,25588 26542,25593 26545,25595 26544,25596 26544,25599 26541,25594 26544,25592 26549,25593 26548,25597 26549,25596 26550,25594 26551,25590 26550,25594 26554,25597 26550,25598 26552,25593 26555,25598 22555,25599 22557,25604 22559,25605 22558,25606 22562,25605 22559,25605 22564,30605 22569,30610 22571,30610 22575,30609 22575,30609 22576,30609 22581,30605 22581,30610 22583,30610 22584,30613 22579,30613 22581,30616 22577,30619 22577,30621 22580,30621 22585,30626 22590,30628 22593,30629 22598,30626 22603,30628 22606,30629 22607,30629 22604,30627 22606,30632 22608,30633 22608,30636 22612,30641 17612,30642 17614,30647 17614,30651 17615,30654 17610,30655 17607,30658 17611,30653 17610,30654 17606,30654 17607,30659 17606,30660 17611,30658 17616,30659 17616,30664 17619,30665 17621,30665 17620,30667 17621,30671 17624,30673 17624,30673 17624,30678 17627,30675 17632,30675 17635,30678 17640,30681 17643,30686 17639,30691 17641,30696 19641,30699 19640,30700 19640,30696 19645,30698 19643,30699 19645,30702 19646,30703 19649,30699 19651,30704 19648,30706 19652,30709 19653,30709 19655,30709 19655,30712 19657,30708 19658,30705 19660,30700 19662,30701 19663,30706 19664,30711 19663,30707 19667,30704 19670,30708 19672,30709 19673,30711 19673,30711 19674,30713 19678,30718 19682,30723 20682,30721 20686,30725 20691,30726 20693,30729 20695,30728 20690,30730 20692,30733 20694,30736 20692,30736 20691,30740 20694,30741 20695,30741 20697,30746 20700,30747 20702,30750 20701,30751 20698,30753 24698,30749 24701,30748 24703,30746 24704,30747 29704,30747 29705,30749 29707,30752 29712,30757 29712,30760 34712,30760 34716,30763 34716,30759 34713,30759 34717,30763 34717,30758 34717,30757 34721,30760 34726,30758 34726,30763 34727,30763 34727,30764 34727,30759 34729,30759 34732,30762 34734,30757 34735,30761 34736,30759 34736,30762 34738,30757 34733,30760 34735,30762 34737,30760 34736,30765 34733,32765 34737,32768 34737,32765 34740,32765 34742,32768 34747,32772 34751,32772 34752,32777 34749,32782 34751,32783 33751,32783 33746,36783 33749,36783 33754,36786 33756,36787 33755,36787 33758,36791 33754,36796 33754,36801 33756,36801 33758,36801 33762,36802 33765,36802 33765,36806 33770,33806 33772,33806 33777,33809 33777,33814 33780,33814 33785,33818 33782,33821 33784,33826 33781,33822 33781,33824 33783,33822 33784,33826 33787,33823 33792,33827 33795,33828 33798,33829 33799,33833 33801,33833 33801,33836 33805,33839 33809,33842 33805,33847 33810,33845 32810,33847 32808,33849 32812,33851 32815,33849 32818,33849 32822,33847 32822,33847 32826,33850 32831,33854 32836,33857 32833,33856 32828,33859 32829,33860 32832,33857 32834,33857 32830,33855 32830,33857 32830,33855 32834,33859 32829,33859 32833,33862 32836,33864 32837,33864 32839,33866 32837,33869 32835,33872 32840,33874 37840,33879 37845,33881 37850,33881 37855,33886 37856,33891 37860,33896 37860,33893 37863,33894 38863,33896 38859,28896 38864,28899 39864,33899 39869,33896 39871,33898 39875,33902 39873,33902 39875,33907 39879,33912 39884,33908 39887,33908 39888,33905 39890,33909 39895,33911 39896,33908 39900,33912 39901,33915 39902,33915 39902,33915 39902,33910 39907,33910 39904,33914 39903,33912 39906,33916 39909,33920 39909,33922 39912,33923 39916,33928 39916,33931 39918,33932 39919,33935 39915,33936 39912,33934 39909,35934 39914,35931 39915,35935 39917,35939 39920,35939 39915,35940 39911,35944 39916,35944 39911,35944 39908,35945 39904,35945 39908,35945 39912,35950 39915,35955 39917,38955 39916,38960 39921,38962 39920,38962 39920,38967 39922,38967 39924,38970 39928,38975 39928,38973 39928,38977 39931,38980 39934,38984 39936,38982 39939,38983 39942,38985 39943,38987 39945,38992 41945,38988 41950,38989 41954,38992 41958,38992 41962,38992 41965,38993 41970,38997 41970,38997 41970,38994 41974,38994 41979,38997 41979,38999 41982,38994 41980,38998 41985,38998 41984,5334 23406,5330 23406,5325 23403,9325 23404,12325 23408,12325 23408,12322 23406,13322 23411,13325 23416,13326 23412,13322 23414,13327 23419,13328 23422,13329 23425,13333 23422,13337 23424,23491 35549,23490 35544,23494 35546,23499 35548,23495 35549,21495 35553,21490 35556,21492 35558,21492 35556,21494 35559,21494 35564,21494 35566,21499 35566,21502 35562,21502 35567,17502 35568,17506 35573,17507 35574,17511 35578,17512 35583,17513 35588,18513 35591,18514 35592,18515 35594,18513 35596,16513 35601,16513 37601,16513 37602,16511 37604,16513 37609,16514 37611,16518 37616,16522 34616,16524 34613,16528 34615,16528 34620,16533 34624,16535 34627,16538 34628,16539 34630,16539 34631,16542 34628,16542 34633,16544 34638,16547 38638,16547 38640,16543 38645,16543 38640,16540 38640,16543 38640,16542 38641,16546 38646,16541 38649,16541 38645,18541 38648,18544 38648,18544 38653,18544 38656,18549 38651,18547 38651,18550 38656,18547 38658,23547 38663,23544 38664,23548 38668,23548 38670,28548 38672,28549 38669,28549 38673,28545 38669,28549 38670,28554 38670,28557 38674,28560 38669,28562 38674,28562 38669,28561 38669,28564 38671,28569 38671,38779 44699,38780 44695,38778 44698,38783 44700,38785 44700,38781 44701,38782 44696,38786 44691,38789 44692,38794 44692,38799 44688,38799 44693,38803 44697,38808 44697,38806 44697,38806 44700,38803 44702,38803 44706,38802 44707,38807 48707,38808 48707,38806 48707,38810 48712,38810 48709,38810 48711,38810 48711,38806 48707,38802 48710,38803 48706,38805 48711,38810 48711,38805 48709,38809 48710,38809 48710,38814 48707,38815 48703,38816 48703,38816 48704,38820 48704,38822 48709,38820 48710,38818 48714,38822 48716,38822 48719,38827 48722,38828 48727,38832 48725,38830 48730,38831 48726,38832 48724,38829 48728,8431 35532,8431 35537,4431 35532,4434 35537,4438 35537,4439 35533,4443 35535,4442 35530,4445 35527,4449 35527,4453 35530,4458 35530,4459 39530,4460 39531,4461 39531,4464 39531,4468 39531,4470 39534,4465 39534,4465 39532,4469 39532,4471 39537,4466 39538,4470 39539,4473 39540,4476 39540,4480 39543,4485 39548,4483 39546,4484 39547,4484 39549,4484 39551,4486 39553,4486 39554,4487 39551,4483 39553,4486 39554,4490 39556,4493 39557,4498 39561,4494 39562,-4749 22345,-4752 22345,-4748 22348,-4744 22351,-4740 22356,-4741 22358,-4739 22361,-4734 22359,-4730 25359,-4730 25360,-4725 25360,-4727 25360,-4727 25361,-6727 25360,-6729 25365,-6730 25365,-6727 25365,-6731 25364,-6730 27364,-6727 27366,-6723 27367,-3723 27363,-3719 27368,-3720 27371,-3718 27366,-3717 27369,-3716 27369,-3714 27372,-3711 27370,-3712 27371,-3712 27370,-3710 27375,-3708 27377,-3707 27382,-3706 27385,-3706 27389,-3705 32389,-3704 32392,-3704 32392,-3699 32391,-3699 32395,-3694 32399,-3694 32400,-3695 32404,-3695 32408,-3693 32410,-3693 32410,-3697 32410,-3692 32413,-3691 32418,-3686 32420,-3683 32425,-3681 32420,-3678 32424,-3673 32424,-3676 32427,-3673 32426,-3671 32426,-3676 33426,-3678 33428,-3676 33428,-3679 33428,-3679 33433,-3677 33434,-3676 33438,-3681 33440,1319 33444,1321 33441,1325 33444,1329 33439,1326 33444,1326 33439,1327 33439,1327 33440,1332 33444,1333 33449,1338 33453,1338 33450,1343 33450,1347 33454,1346 33457,1346 33455,1342 33459,1341 33462,1346 33462,1347 33463,1343 33463,1344 33462,1348 33457,1347 33460,1352 33464,1356 33468,1361 33469,1363 33468,1365 33469,1368 33472,1369 33475,-2631 33478,-2633 33483,-2629 33486,-2632 34486,-2628 36486,-2625 36488,-2621 36488,-2624 36488,-2622 36492,-2624 36491,-2629 36491,-2627 36496,-2623 36499,-2628 36502,-2631 36506,-2626 36506,-2622 36506,-2622 36509,-2619 36514,-2624 36512,-2621 36510,-2619 36510,-2619 36508,-2617 36512,-2615 36512,-2615 36513,-2615 36511,-2615 36506,-2612 36507,-2609 36511,-2606 37511,-2606 37508,-2610 37505,-2607 37508,-2602 37512,-2599 37512,-2595 37510,-2597 37511,-2592 37515,-2597 37514,-2592 37519,-2592 37524,-2592 37526,-2594 37521,-2594 37516,-2591 36516,-2588 36517,-2589 36513,-2586 36514,-2584 36514,-2583 36516,-2579 36514,-2578 36518,-2578 35518,-2575 35519,-2577 35519,-2578 35524,-2578 35529,-2578 35532,-2578 35534,-2580 35537,-2584 35541,-2586 35542,-2587 35544,-2585 35540,-2585 35544,-2584 35543,-2580 35548,-2576 35550,-2571 35553,-2567 35555,-2565 35560,-2560 35560,-2557 35564,-2553 35564,-5553 36564,-5548 36564,-5544 36565,-5547 36565,-5545 36570,-5542 36565,-5543 36566,-5543 36568,-5543 36570,-5540 36575,-5537 36577,-5535 36581,-5532 36580,-5528 36575,-5526 38575,-5526 38576,-5526 38571,-5522 38571,-5518 38576,-5514 42576,-5510 42581,-5512 42583,-5512 42582,-5507 42582,-5510 42585,-2510 42589,-2511 42592,-2508 42594,-2506 42597,-2503 42598,-2503 42603,-2498 42608,-2501 42611,-2500 42616,-2502 42613,-2502 42616,-4502 42616,-4502 42620,-4502 42622,-4506 42619,-4509 42621,-4511 42624,-4515 42625,-4510 42625,-4507 42628,-4502 42624,-4501 42629,-4505 45629,-4503 45630,-4499 45631,-4496 45630,-4497 45628,-4495 45630,-4494 46630,-4491 46634,-4487 46629,-4483 46631,21336 40532,21341 40533,21346 40534,21346 40536,21345 40536,21346 40536,21345 40536,21344 40538,21347 40543,21348 40543,21351 40540,21351 40542,21348 40545,21351 40546,21352 40546,21353 40546,21358 40546,21359 40545,21359 40550,21357 40555,21362 40560,21364 40555,21363 40555,21364 40560,25364 40564,25365 40566,25368 40566,25371 45566,25372 45567,25372 45562,25376 45564,25381 42564,25385 42560,25389 42564,25389 42568,25393 42572,25390 42572,28390 42569,28389 42570,28385 42574,28386 42576,28389 42577,31389 42578,31385 42582,31387 42582,31390 42578,31391 42579,31392 42576,29392 42580,29396 42582,29398 43582,29402 43584,29406 43585,29407 43587,29411 43592,29413 43594,29414 43595,25414 43600,25412 43595,25415 43599,25420 43602,25418 43604,25423 43599,25426 43599,25429 43602,25434 42602,25429 42604,25432 42600,25435 42605,25436 47605,25440 50605,25441 50610,25439 50614,25444 50617,25447 50621,25444 50624,25444 50626,25445 50627,25450 50632,25450 50628,25451 50630,25451 50632,25454 50633,25458 50637,25462 50641,25463 50640,25463 51640,25467 51644,25469 51649,25473 51650,25474 51653,25475 51654,26475 51658,26475 51662,26474 51665,26476 51665,26481 51661,26483 55661,26485 55664,30485 55667,30485 55670,30489 55671,30489 55668,30491 55670,30492 55670,30493 55675,30497 55675,30501 55671,30503 55676,30500 55677,30498 55672,30494 55675,30499 55676,30500 55676,30505 55681,30501 55684,30496 55685,30500 55685,30502 55687,30506 55692,30507 55693,30506 55692,30511 55693,30516 55694,30514 55699,30514 55701,30512 55701,34512 55705,34516 55708,34520 55704,34518 56704,34519 56704,34520 56706,34517 56706,34515 56701,34519 59701,34522 59706,34522 59708,34522 59713,34526 59715,34528 59717,34533 59712,34538 59715,34538 59717,34541 59717,34546 59720,34548 59721,34552 63721,34547 63726,34549 63728,34554 63726,34556 63726,34557 63721,34556 63725,34561 63730,34558 63730,37558 63725,37561 63729,37565 63724,37569 63720,37573 63718,37578 63722,37577 63718,37579 63720,37579 63722,37580 63719,37580 63720,37579 63724,37574 63725,37574 63727,37576 63725,37581 63729,37583 63732,37586 63732,37590 63737,37592 63734,37597 63731,37600 63730,37596 63731,37596 63733,37600 63733,37601 63735,37596 63735,37591 63732,37596 63733,37601 63738,37602 63733,37599 63738,37594 63740,37598 63744,37603 63745,37605 63747,37607 63752,37607 63756,37603 63757,37603 63761,37604 63761,37608 63758,37609 63762,37604 63764,37604 63764,41604 63765,41600 63761,41599 63761,41600 63766,41596 63766,41599 63766,41601 63770,41604 63768,41608 63768,41611 63772,41614 63767,41609 63763,41612 63765,41615 63760,38615 63764,38615 63768,38618 63768,35618 63769,35618 63774,35617 63775,35618 63776,35613 63775,35615 63780,35612 63782,35613 63779,35614 63775,35618 63774,35619 63776,35624 63778,35624 63780,35629 63785,35629 63780,35626 63781,35624 63782,35629 63784,35634 63787,35638 63782,35634 63783,35634 63778,35633 63777,35638 63782,35641 63786,35644 63791,35648 63793,35647 63793,35649 63797,35653 63801,35654 63804,35654 63804,35656 63804,35655 63806,35658 63810,35658 63805,35662 63805,35657 67805,35658 67808,35660 67811,35664 67808,35660 67803,35658 67803,35661 67803,35663 67808,35666 67810,35670 67814,35669 67813,35669 67816,37669 67820,37664 67820,2275 13363,2278 16363,2274 16363,2275 16362,2279 16362,2282 16362,2287 16366,2284 16366,4284 16366,4286 16371,4290 16375,4294 18375,4295 18377,9295 18381,9296 18381,9299 18382,9303 18379,9305 19379,9308 19375,8308 19380,8312 19380,38746 37651,38749 37652,38754 37653,38757 37656,38753 37661,38753 37661,38758 37663,38763 37664,38763 42664,38768 42666,38765 42668,38770 42664,38767 42659,38768 42659,38773 42654,38771 42659,38775 42661,41775 42663,41778 42665,41781 42669,41782 42667,41779 42669,41784 42672,41781 42672,41783 42672,41780 42672,41783 42675,41784 42675,41788 42676,41792 42677,41792 42675,41793 42680,41793 42676,41796 42681,41801 42685,41804 42684,41806 42685,41804 42690,41802 42692,41805 42696,41800 42697,41802 42698,41804 42700,41809 42704,41813 42705,36813 42708,36813 42704,36810 42703,36811 42705,40811 42706,40815 46706,40816 46708,40820 46708,40818 46712,40822 46717,40825 46720,40829 46724,40827 46727,40831 46727,40833 46731,40829 46733,40830 46733,36830 46738,36830 46741,36834 46744,36831 46749,36826 46748,36822 46748,36824 46751,36819 46755,36823 46758,36823 46762,36824 46766,36822 46769,36826 46772,36831 46774,36828 42774,36833 42776,36833 42777,36838 42782)')));
@@ -42,13 +42,13 @@ SPATIAL KEY (g3),
 SPATIAL KEY (g4),
 SPATIAL KEY (g5),
 SPATIAL KEY (g6)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 DROP TABLE t1,t2;
 CREATE TABLE t1 (
 p	INT NOT NULL AUTO_INCREMENT,
 g	LINESTRING NOT NULL,
 PRIMARY KEY(p)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 ALTER TABLE t1 ADD SPATIAL INDEX spatial_idx (g);
 INSERT INTO t1(g) VALUES(ST_linefromtext('linestring(-5 -576,0 -576,0 -571,0 -571,5 -568,6 -564,6 -565,6 -563)'));
 INSERT INTO t1(g) VALUES(ST_linefromtext(concat('linestring','(18 106,19 106,24 111,27 108,32 104,37 107,42 107,44 112,44 116,40 118,43 114,46 114,42 118,44 123,45 123,49 123,53 119,50 123,50 124,54 126,58 125,59 126,64 127,65 127,69 131,74 132,75 135,78 139,2078 141,2075 143,2077 143,2079 143,2084 143,2085 147,2090 -1853,2086 -1852,2086 -1856,2089 -1852,2093 -1850,2090 -1851,2090 -1852,2091 -1851,2092 -1850,2097 -1847,2102 -1848,2100 -1852,2100 -1852,7100 -1851,7103 -1850,7104 -1847,7109 -1842,65 127,67 131,66 131,61 132,61 133,62 137,65 1137,2065 1135,2061 1135,2064 1135,5064 1135,5066 1135,5070 1136,5070 1141,5071 1138,5074 1141,5075 1141,5074 1137,5076 1137,5071 1139,5066 1142,5065 2142,5068 2147,5073 2151,5069 2156,5071 2157,5072 2162,5074 2165,5069 2169,5072 2169,5076 2173,5074 2169,5078 2169,5076 2170,76 2175,74 2179,75 2184,80 2188,83 2190,87 2189,84 2193,87 2189,86 2190,87 2195,87 2200,87 1200,85 1202,86 1199,87 1200,87 1201,91 1206,92 1204,94 1204,98 1206,102 1208,105 1211,102 1216,105 1220,109 1224,110 1224,114 1225,117 1224,118 1229,117 1232,122 1237,123 1236,120 1235,124 1237,121 1236,122 1240,126 1244,127 1246,126 1249,125 5249,123 5251,127 5251,131 5251,135 5256,138 5257,135 5257,139 5257,138 5258,141 5260,146 5260,146 5260,143 10260,147 10265,151 10270,156 10266,157 10269,162 10273,166 12273,168 12274,163 12270,168 12275,170 12277,170 12277,-3830 12277,-3825 12277,-3824 12278,-3825 12276,-3825 12278,-3822 12277,-3825 12275,-3829 12278,-3828 12275,-3824 12280,-3827 12280,-3826 12282,-3822 12283,-3822 12286,-3820 12288,-3818 12289,-3816 12294,-3817 12297,-3819 12300,-3816 12297,-3813 12295,-3811 12299,-3811 12297,-3806 12298,-3806 12298,-3804 12301,-3801 12306,-3803 17306,-3803 17306,-3798 17306,-3803 17310,-3801 17314,-3798 17317,-3797 17317,-797 17321,-797 17323,-796 17325,-793 17326,-792 17322,-789 17327,-784 17331,-780 17335,-776 17339,-774 17339,-771 17342,-770 17345,-765 17348,-765 17349,-763 17353,-760 17350,-760 22350,-756 22346,-752 22349,-748 22352,-752 22348,-748 22347,-746 22345,-745 27345,-743 27346,257 27350,260 27349,261 27352,266 27348,266 22348,269 22347,271 22347,272 22347,273 22348,273 22352,278 22348,279 22344,282 22345,282 22342,283 22347,283 22347,288 22349,292 22347,292 22348,293 22348,298 22348,303 22351,306 22352,309 22352,308 22354,310 22356,311 22361,311 22358,311 22360,311 22360,315 22356,320 22358,325 22363,326 22366,321 22371,318 22373,318 22375,314 22375,316 22375,321 22376,321 22376,322 22372,32 104,36 109,40 114,40 113,40 117,44 119,49 123,49 126,49 129,53 133,50 137,50 139,49 137,48 138,43 138,42 139,46 142,46 138,41 139,45 141,4045 5141,4045 5146,4042 5147,4043 10147,4041 10150,4042 10152,4045 10152,4041 10156,4041 10152,4041 10152,4046 10153,4049 10156,4046 10155,4051 10157,4055 10159,4055 10160,4056 10161,4055 10166,4054 10169,4054 10172,4054 15172,4051 15176,4047 15177,4049 15174,4047 15176,4047 15176,4046 15177,4046 15180,4043 15184,4043 15187,4038 15190,4040 15194,4040 15199,4045 15196,4047 15197,4050 15200,4050 15204,4050 15208,4047 15212,4047 15215,4049 15216,4046 15218,4042 15223,4042 15228,4042 15232,4047 15235,4050 15236,4050 15239,4051 15243,4053 15243,4050 17243,4052 17243,4052 18243,4057 18247,4061 18249,4064 18249,4067 20249,4067 20250,4067 20255,4066 20259,4066 20259,4067 20255,4069 20256,4071 20258,4072 20254,4067 20257,4067 20260,4069 20265,4065 20267,4069 20266,4070 20267,4071 20264,4074 20259,4070 20264,4073 20260,4074 20263,4077 20268,4082 20271,4084 20273,4084 20277,4081 18277,4085 18279,4086 18276,4087 18273,4087 18275,4092 18277,4093 18279,4093 18280,4095 18280,4091 18283,4092 18281,4094 18283,4090 18287,4094 18287,138 5257,138 5255,138 5258,-1862 5254,-1860 5256,-1856 5258,-1851 5255,-1850 5260,-1847 5260,-1847 5263,-1847 5258,-1850 5257,-1850 5259,-1851 5257,-1855 5258,-1853 5261,-1849 5261,-1849 5258,-1849 5259,-1845 5264,-1847 5264,-1850 5268,-1852 5266,-1853 5270,-1856 5265,-1852 5262,-1847 5263,-1842 5263,-1842 5260,-1842 5265,-1841 5265,-1844 5265,-1842 5270,-1837 5274,-1838 5279,-1843 5275,-1842 5280,-1838 5281,-1838 5285,-1833 5285,-1828 5288,-1824 5289,-1828 5291,-1831 5291,-1826 5291,-1830 5293,-1826 5296,-1822 5301,-1826 5302,-1826 5302,-1826 5302,-1825 5297,-1820 5299,-1816 5303,-1816 5299,-3811 12299,-3809 12302,-3806 12302,-3806 12302,-3803 12304,-3798 12304,-3797 12304,-3793 12306,-3788 12306,-3783 12309,-3816 12294,-3811 12299,-3809 12297,7100 -1851,7098 -1854,7102 -1854,7107 -1856,7107 -1858,7110 -1854,7110 -1851,7113 -1851,7115 -1851,7120 -1851,7123 -1847,7124 -1852,7125 -1852,7127 -1852,7131 -1852,7129 1148,7129 1145,7133 1150,7137 1148,7138 1147,7143 1149,7147 1154,8147 1155,8152 3155,8147 3157,8143 3158,8144 3160,8144 3164,11144 3167,11146 3167,11148 3163,11152 3161,11148 3159,11149 3163,11150 3161,11151 3166,11154 3171,11154 3170,8144 3160,8144 3163,8144 3166,8145 3166,8146 3171,8146 3174,8144 3174,8144 3174,8145 3176,8141 3180,3141 3182,7141 3183,7141 7183,7136 7185,7136 7185,7133 7187,7136 7187,7131 7190,7136 7194,7137 7197,7141 7196,7139 7199,12139 7200,12143 7200,12143 7199,12144 7203,12145 7200,12141 7200,12136 7195,12136 7191,12137 7191,12137 7196,12139 7197,12140 7197,12137 7201,12140 7204,12140 7209,12143 7209,12145 7210,12147 7214,12148 9214,12152 9218,12149 9218,12149 9221,12149 9220,12150 9222,12153 10222,12153 10226,12156 10227,12159 10223,12160 10220,12161 10225,12161 10227,12163 10224,12163 10223,12158 10224,12158 10227,12158 10231,12155 12231,12157 12226,7136 7185,7139 7189,7139 7189,7139 7188,7137 7191,7139 7191,7140 7189,7143 7191,7144 7189,7144 7190,7149 7193,7152 7194,7154 7198,7153 7203,7148 7207,12148 7209,12146 7209,12145 7213,12140 7217,12139 7219,12141 7219,12138 7218,12143 7218,13143 7220,13140 7224,13142 7228,13137 7231,13142 7235,13146 7239,13149 7243,13148 7247,13150 7248,13155 7249,13155 7253,13155 7253,13155 7258,13157 7260,13162 7255,13159 7255,13163 7258,13164 7258,13164 7263,13167 7264,13167 8264,13165 8265,13169 8265,13171 13265,13175 13261,13176 13259,13176 13259,13180 13262,13181 13262,13183 13262,13188 13265,13191 13267,13191 13265,13194 13267,13191 13269,13192 13264,13196 13269,13198 13272,13200 13272,13202 13270,13207 11270,13211 11270,13211 11273,13213 11274,13217 11275,13222 11276,13222 11272,13226 11274,13231 11277,13233 11282,13236 11284,13238 11284,13236 11286,13236 11288,13236 11283,13236 11284,13238 11289,13241 11292,13244 11292,13245 11289,13241 11294,13244 11298,13249 11301,320 22358,324 24358,328 24358,327 24363,326 24359,327 24361,329 24365,334 24367,-666 24367,-670 24368,49 123,46 127,46 129,49 131,49 136,47 135,45 138,3045 135,3042 138,3044 139,3044 144,3049 144,3053 142,3055 137,3058 136,3053 139,3048 142,7048 138,7048 3138,7048 3139,7048 3140,7050 3145,7053 1145,7050 1146,7053 5146,7048 5150,7047 5146,10047 5147,10043 5147,10047 5147,10050 5152,10052 5155,10054 5156,10056 5157,10056 5159,10058 5162,10062 5164,10062 5169,10066 9169,10068 9168,10063 9164,10063 9169,10061 9171,14061 9172,14061 9174,282 22342,287 22347,288 22347,288 22343,285 22339,280 22338,278 22341,279 25341,284 25343,13241 11294,13246 11296,13243 11296,13244 11291,13245 11291,13244 11291,13246 11295,13251 11300,13253 11305,13253 11306,13258 11305,13255 11306,13256 11309,13256 11311,13261 11307,13265 11303,13267 11305,13270 11301,13275 11298,13271 11300,15271 11302,15276 11306,15279 11303,15284 11305,15286 11305,15289 11307,15290 11302,15292 11305,15296 11309,15297 11313,15298 11316,15300 11317,15304 11320,15306 11324,15306 11320,15307 11320,15312 11320,15313 11319,15317 11317,15315 11321,15317 11323,15317 11328,15319 11333,15322 11336,15322 11337,15322 11337,15324 11341,15324 11345,15325 14345,15328 13345,17328 13346,17333 13349,17337 13354,17338 13358,17342 13358,17346 13353,17348 13353,17345 13353,17348 13354,17347 13354,17347 13354,17347 13355,22347 13358,22349 13355,22351 13355,22356 13354,22358 13354,22361 13355,22362 13355,22358 13355,22359 13359,22364 13364,22369 13369,22372 13373,22376 13371,22377 13371,22377 13369,22381 13374,22386 13379,22387 13376,22387 13380,22392 13378,22390 13374,22392 13378,22391 13378,22391 13375,22392 13378,22390 13380,22393 13382,22398 13387,22398 10387,22402 10391,22399 10392,22400 10392,22400 10394,22404 10391,22403 15391,22405 15392,22407 15392,22412 15387,22412 15390,22412 15394,22408 15396,26408 15398,26407 20398,26411 20402,26415 20406,26417 20411,26420 20407,26422 20407,31422 16407,31421 16405,31421 16410,31423 16410,31426 16414,31426 16410,31430 16415,31430 16418,31435 16419,31437 16420,31438 16422,31438 16425,31438 16425,31441 16427,31439 16431,31441 16436,36441 16436,36443 18436,36442 18437,36440 18440,36440 18436,36440 18440,36442 18445,36443 18446,36447 18451,37447 23451,37452 23456,37456 23455,37458 23459,37456 23461,37458 23463,37460 23466,37464 23469,37460 23474,37462 23476,37461 26476,37466 26479,37470 26483,37471 26488,37474 26489,37474 26485,37474 26483,37474 26488,37470 26492,37474 26497,37474 26499,37478 26495,37483 26499,37483 26501,37488 26496,37491 26499,37495 26495,37500 26496,37500 26497,37500 26501,37497 26499,37497 26499,37495 26504,37498 26504,37494 26509,37497 26514,37495 26515,37498 26514,37503 26514,37508 26512,37510 26516,37511 26519,37509 26523,37506 26528,37507 26532,37512 26536,37513 26538,37510 26542,37512 26544,37517 26543,37522 26546,37527 26551,37525 26555,37529 26558,37524 26563,37524 26562,37527 26562,37522 26562,37522 26559,37526 26561,37522 26559,37523 26561,37523 26556,37524 26558,40524 26560,40524 26563,40521 26567,40525 26566,40527 26568,40532 26572,40534 26569,40533 26565,40531 26565,40535 26569,40535 26570,40539 26572,40544 26575,40543 26575,40544 26579,40548 26584,40549 26581,40553 26585,40556 26590,40552 22590,40557 22594,40556 22595,40561 22592,40561 22593,40565 22593,40568 22593,40573 22588,40570 22590,40570 22591,40570 22588,40573 22590,40573 22593,40568 22593,40567 22597,40567 22599,40571 22599,40574 22600,40574 22604,42574 22607,42577 22607,42577 22612,42579 22616,38579 22619,38580 22617,38580 22614,38575 22619,38579 22619,38579 18619,38582 18614,38582 18617,38586 18622,38590 18625,38590 18622,38594 18621,38596 18616,38597 18614,38597 18618,38600 21618,38601 21618,38605 21620,38607 25620,38611 25620,38608 25617,38608 25621,38608 25625,38611 25623,38615 25623,38615 25620,38616 25622,38619 25624,38620 25625,38620 26625,38623 26627,38623 26627,311 22358,311 22359,-1689 22360,2311 27360,2312 27360,2312 27360,2317 27362,2317 27362,2319 27359,2319 27364,2318 27359,2321 27364,2326 27367,2325 27371,2326 27373,2326 27373,2325 27377,2329 27377,2327 27377,2330 27379,2333 27379,2331 27379,2331 27381,2336 27381,6336 27382,6336 27383,40527 26568,40531 26572,40533 26574,40538 26576,40533 26580,40538 26585,40539 26588,40536 26583,40540 26587,40539 26588,40535 26593,40540 26594,40544 26597,40548 26602,40548 26601,40549 26602,40547 26602,40548 26603,40553 26606,40548 26606,40548 26603,40551 26608,40556 26612,40559 26616,40554 26619,40556 26619,40556 26623,42556 26623,42556 26624,42560 26624,42562 26626,42563 26630,42564 26630,42564 26634,42559 26635,42562 26635,42565 26637,42562 26638,42564 26642,42564 26641,42568 26641,42572 26641,42572 29641,42574 29642,39574 29641,39574 34641,39576 34643,39581 34638,39578 34638,39574 34642,39574 34645,39572 35645,34572 35648,34577 35651,39577 35655,43577 35659,43580 35655,43575 35658,43578 35658,43581 35662,43577 39662,43572 39658,43572 39661,43572 39664,43572 39666,43576 39670,43577 39667,43580 39671,43576 39673,43573 39673,43574 39677,43569 39679,43567 39679,43568 39683,43563 39686,43566 39690,43566 39692,43568 39694,43568 39695,41568 39691,41570 39692,41571 39692,41571 39693,41571 39698,41571 39698,41574 39698,41569 39698,41570 39699,41570 39704,41572 39709,41573 39712,41578 39713,41579 39717,41584 39719,41585 39720,-1850 5268,-1845 5268,-1847 5266,-1842 5268,-1840 5263,-1845 5264,-1843 5264,-1839 8264,-1839 8267,-1839 8272,-1838 8276,-1834 8273,-1834 8273,-1833 8274,-1837 8279,-1836 8283,-1834 8286,-1836 8282,-1834 8279,-1835 8279,-1834 8280,-1836 8283,-1841 8288,-1846 8289,-1843 8286,-1838 8286,-1841 8285,-1838 8285,-1834 8288,-1829 8291,-1825 8286,-1825 8289,-1825 8287,-1824 8291,-1822 8294,-1821 8298,-1818 8300,-1818 8296,-1814 8296,-1811 8295,-1808 8292,1192 8296,1192 8297,1195 11297,1192 11301,1195 11305,1197 11300,1193 11300,1193 11296,1193 11293,1194 11294,1199 11292,1204 11292,1205 11294,1210 11292,1208 11288,1204 11290,1205 11289,1207 8289,1202 8284,1204 8282,1204 8281,1206 8281,1208 8281,1212 8283,1212 13283,1213 13287,1213 13290,1216 13293,1214 13289,1217 13286,1212 13291,1208 13288,1208 13292,1209 13297,1208 13296,1204 13298,1205 13303,1209 13308,1204 13308,1209 13304,1210 13304,1214 13309,1214 13314,1215 13314,1219 13314,1219 13319,1224 13320,1229 13321,1232 13325,1233 13329,1231 13329,1234 13334,-2766 13336,-2769 13337,-2765 13340,-2762 13345,-2760 13342,2240 13342,2238 13342,2242 13342,2246 13345,2246 13346,2244 13348,2239 13348,2240 13351,2240 13352,2245 13357,2248 13357,2243 13362,2247 13362,2248 13362,2252 13363,2256 13363,2256 13363,2260 13367,2255 13372,2251 13369,2251 13369,2252 13372,2249 13376,2254 13378,2255 13382,2259 13379,2262 13379,2267 13381,2262 13381,2262 13383,2265 13383,2269 13385,2270 13386,2271 13389,2267 13391,2271 13386,2275 13391,2273 13392,2275 13387,2277 13390,2274 13390,2275 13394,2280 13395,2280 11395,2281 14395,2279 14400,2277 14403,2273 14406,2274 16406,2274 16410,2279 16410,2284 16411,2280 16409,2280 16409,2282 16409,2282 16411,2282 16412,2280 16413,3280 16418,3284 16418,3285 16423,3289 16423,3292 16427,3294 16429,3296 16431,3297 16436,3298 16435,3303 16435,3305 16434,3305 16436,3305 16436,3309 16437,3309 16438,3308 16439,3308 16439,3306 16444,3302 16441,-1698 16437,-1703 16438,-1699 16438,-1697 16438,-1698 16439,-1695 16436,-1690 16441,-1687 16446,-1683 16450,-1682 16451,-1684 16453,-1682 16457,-1682 16457,-1686 16460,-1681 16459,-1680 16456,-1677 16460,-1681 16461,-1679 16464,-1674 16465,-1673 16469,-1669 16471,-1669 16476,-1665 16474,-1665 16478,-1664 16478,-1664 16479,-1661 16474,-1656 16471,-1655 11471,-1660 11473,-1663 11475,-1666 11480,3334 15480,3338 15476,3342 15471,3345 15471,3345 15470,3350 15469,3347 15474,3351 15476,3352 15473,3353 15476,3350 15477,3350 15479,3351 15482,3352 15484,3351 15487,3353 15487,3358 15487,3353 15486,1217 13286,1222 13291,1222 13291,1225 13286,1229 13286,1231 13281,1235 13280,1236 13281,1241 13282,1245 13285,1247 13285,1247 13287,1250 13287,1247 13290,1247 13295,1247 13298,1252 13301,1249 13304,1252 13304,3252 13304,3247 13304,3249 13308,3254 13308,3257 13308,3261 17308,3261 17309,3261 17306,3259 17305,3262 17310,3263 17308,3262 17311,3259 17314,3259 17314,3257 17309,3254 17309,3253 17309,3255 17310,3253 17312,3255 17312,3255 17312,3256 17307,3257 17307,3256 17311,3256 17313,3255 17317,3251 17317,3248 17321,3253 17325,3256 17326,3258 17324,3258 17327,3263 17322,7263 17325,7265 17328,7263 17330,7265 17333,7270 17333,7273 17333,7278 17336,4278 21336,4278 21340,4279 21340,4281 21340,4286 24340,4290 24343,9290 24347,9294 24349,9296 24347,9298 25347,9301 25348,9301 25348,9304 25353,9303 25357,9303 25352,11303 25355,11304 25358,11307 25358,11312 25358,11312 25361,11310 25365,11313 25365,11314 25369,11319 25371,11321 25371,11325 25366,11329 25365,11330 25366,11329 25370,11330 25365,11334 25367,11338 25366,11343 25363,11348 25359,11345 25356,11348 25357,11349 25358,11349 25358,11352 25360,11356 30360,11360 30365,11360 30365,11362 30365,11367 30367,11368 30369,15368 30370,15373 30371,15376 30373,14376 30378,14377 30383,14381 30378,14386 30380,14388 30382,14391 30385,14393 31385,16393 31389,16396 31394,16396 31397,16392 31400,16395 31405,16398 31409,16398 31413,16397 31415,16396 31417,16401 31418,16401 31422,16402 31419,16407 31420,16411 31419,16406 31423,18406 31427,18411 31432,18415 28432,18417 28437,18418 28441,18414 28438,18417 28435,18416 28439,18420 28442,18423 28447,18427 28444,21427 28445,21428 28450,22428 28455,22432 28457,22436 28458,22441 28458,22445 28463,22448 28468,22451 28465,22456 28468,22453 28468,22458 28471,22463 28473,22460 28475,22459 28472,22463 28476,22464 28472,22468 28468,22468 28471,25468 28466,25471 28468,25473 28464,25473 28464,25475 29464,25476 29466,25479 29461,25476 29462,25476 29464,25478 29464,25483 29461,25484 29460,25486 29458,25486 29462,25490 29460,25495 26460,25498 26463,25495 26468,25495 26472,25495 26472,25499 26474,25504 26476,25504 26478,25509 26476,25513 26479,25514 26481,25519 26477,25519 26480,25518 26481,25519 26484,25524 26483,25527 26484,25522 26484,25526 26487,25528 26492,25533 26496,25535 26498,25535 26498,25539 26503,25542 26504,25543 26505,25547 26510,25552 26510,25551 26508,25550 26512,25553 26510,25557 26510,25554 26511,25552 26508,25556 26505,25556 26506,25560 26506,25560 26507,25560 26506,25565 26501,25567 26504,25569 26504,25568 26508,25571 26508,25571 26511,25576 26511,25581 26516,25581 26519,25582 26521,25585 26522,25588 26527,25588 26526,25584 26530,25587 26534,25589 26529,25593 26533,25598 26538,25599 26540,25599 26540,25599 26540,25604 26543,25603 26543,25603 26538,25606 26538,25609 26540,25611 26542,25612 26547,25612 26547,25612 26548,25617 25548,25612 25548,25613 25547,25616 25545,25616 25549,25618 25551,25620 25555,25620 25551,25622 25550,25625 25551,25622 25555,25619 25557,25617 25556,25622 28556,25625 28551,25630 28546,25634 28548,25639 28553,25643 28553,25638 25553,25634 25553,25634 25557,25639 25557,25643 25558,25644 25553,25646 25556,25647 25560,25650 25562,25650 30562,25650 30562,25650 30564,25650 30566,25652 30570,25656 30571,25661 31571,25662 31575,25663 31579,25662 31579,25665 31581,25666 31584,25671 31582,25674 31581,25674 31584,25676 31584,25673 31587,25678 31586,25679 31581,30679 31584,30675 31589,30680 31590,35680 31590,35675 31589,35677 31591,35680 31590,35681 31587,35684 31588,35685 31589,35689 31592,35689 31593,35692 31597,35696 31597,35700 34597,35699 34599,35703 34604,35703 34606,35702 34601,35705 34603,35705 34606,35708 34603,35713 34604,35717 34603,35719 34608,35715 34608,35711 34608,35713 34609,35714 34605,35714 34610,35714 34614,35718 34616,35719 34617,35722 34618,35722 34621,35725 34625,35725 34626,35725 34629,35725 34631,35725 34635,35730 34636,35727 34638,35731 34640,35735 34642,35739 34645,35741 34645,35742 34649,35738 34649,35738 34645,35741 34647,38741 34650,38741 37650,38742 37646,38746 37651,38749 37652,38753 37653,38753 37657,38757 37656,38756 37660,38761 37660,38765 37660,38760 37660,38759 37660,38760 41660,38760 41660,38762 41665,38757 41667,43757 41669,43752 41674,43752 41677,43757 41672,43758 41677,45758 41680,45758 41679,45762 41683,45765 41683,45769 41683,45770 41684,45768 46684,45773 46688,45776 46692,45774 46694,45775 46697,45778 46695,45776 46698,45774 46702,45779 46702,45784 46704,45787 46706,45791 46711,45786 46707,45790 46711,45793 46715,45796 46719,45799 46724,45797 46728,45802 46726,45797 46729,45801 46733,45802 46733,45803 46732,45804 46732,45805 46732,45808 46735,45810 46740,45810 46744,2326 27373,2322 27377,2323 27379,2325 27383,2325 27382,2322 27382,2323 27382,5323 23382,5325 23385,5329 23386,5330 23390,5335 23392,5330 23392,5330 23395,5329 23395,5333 23399,5333 23402,5338 23405,5339 23405,5334 23406,5329 23401,5332 23403,5330 23407,5333 23409,5328 20409,5324 20411,5324 20414,5329 20416,5328 20421,5325 20421,5329 20424,5330 20424,5335 21424,5331 21427,5333 21431,5334 21433,5329 21434,5330 21437,5333 21440,5338 21437,5338 21440,5334 21441,5333 21438,5329 26438,5332 26435,5335 26439,5337 26440,5338 26444,5342 26439,5342 26442,5345 26440,5349 26438,5352 26442,5349 26445,5348 30445,5350 30447,5350 30444,5354 30444,5359 30443,5363 30445,5367 30446,5367 30448,5367 30453,5371 30455,5371 30453,5373 30458,5375 30461,5380 30463,5384 30463,5383 30459,5384 30459,5383 30459,5385 30460,5390 30459,5392 30464,5394 30464,5389 30465,5393 30469,5391 30469,5391 30469,5395 30474,5396 30470,5399 30470,5401 30467,5401 30468,5404 30470,5400 30465,5401 30462,5403 30467,5404 30467,5409 30469,5412 30473,5412 30477,5407 30481,8407 30486,8408 30489,8410 30490,8410 30489,8413 30490,8414 30493,8414 30496,8419 30501,8420 30502,8415 30507,13415 30509,13411 30506,13414 30507,13412 30511,13412 30515,13417 30518,13419 30523,13418 30527,13422 30529,13418 30531,13413 35531,13409 35531,13413 35532,13417 35537,13419 35533,13423 35529,13424 35529,13423 35524,13428 35525,13433 35526,13438 35530,13443 35531,13448 35531,13452 35532,13455 35536,13457 35536,13452 35536,13455 35539,13452 35535,13457 35540,13457 35544,18457 35546,18460 35547,22460 35546,22465 35550,22466 35554,22468 35552,22473 35555,22471 35559,22470 35564,22472 35564,22470 35569,22474 35569,22474 35571,22477 35573,22482 35576,22487 35580,22488 35583,22489 35585,22493 35585,22496 35585,25496 35586,25493 35582,25494 35585,25498 35585,25496 35585,25498 35587,25503 35591,25503 35593,25499 35590,25499 35591,25495 35591,26495 35595,29495 35591,29495 35593,29498 35597,29498 35601,29500 35606,29501 30606,29502 30603,29505 30603,29510 30606,29511 30606,29514 30607,29516 30610,29518 30608,3259 17305,3263 17304,3267 17303,3271 17308,3269 17312,3269 17313,3274 17315,3277 17315,3282 17311,3285 17313,3283 17309,3278 17310,3275 17315,3275 17317,3276 17322,3280 17324,3280 17324,3276 17325,3277 17325,3276 17328,3278 17324,3273 17329,3277 17331,3280 17326,3281 17328,3276 17324,3277 17324,3277 17322,3277 17321,3277 17321,3281 17323,3282 17327,3282 17332,3287 17335,3288 17335,3288 17338,3290 17337,3294 17340,3294 17341,3299 17341,3299 12341,3299 12342,3304 12339,3301 14339,3305 14340,3307 14341,3311 14343,3313 14343,3314 16343,3310 16341,3310 16346,3312 16348,3311 16349,4311 16346,4316 16348,4321 16344,4324 16348,4322 16349,4323 16346,4323 16346,4326 16350,4322 16354,4323 16356,4325 16361,4325 16358,4322 16362,4325 20362,4325 20366,4322 20367,4326 20372,4326 20374,4331 20373,4333 20373,4338 20376,4339 20379,4341 20382,4338 20384,4339 20386,4340 20383,4340 20383,4335 20388,4336 20390,4341 20390,4346 20391,4348 20391,4349 20393,37497 26499,37494 26496,37496 26500,37496 26501,37499 26506,37497 26502,37498 26502,37500 29502,37500 29507,37505 29508,37506 33508,37508 33513,37513 33518,37517 33522,37516 33520,37521 33521,37521 33525,37516 33530,37519 33528,37520 33528,37524 33530,37527 33530,37525 33527,37528 33530,37533 33533,37534 38533,37536 38536,22358 13355,25358 13360,25361 13358,25362 13362,25362 13362,25365 13365,25363 13367,25359 13369,25357 13374,25360 13374,2247 13362,2252 13366,2254 13363,2257 13363,2261 13358,2264 13354,2264 13356,2269 13361,2272 13363,2274 13363,2275 13363,2273 13362,2274 13365,2278 13365,2280 13370,2284 13366,2284 13365,2289 13368,2290 13366,2293 13368,2298 13373,2298 13372,2295 13375,271 22347,273 22350,4273 22347,4269 22348,4270 22350,4271 22355,4272 22360,4276 22363,4281 22365,4284 24365,4279 24365,4282 24365,4285 24365,4287 24364,4289 24362,4294 24360,4295 24362,4298 24365,4301 24369,1301 24370,1301 24371,1305 24375,1305 24376,1307 24377,1312 24380,1314 24382,1318 24380,1316 24382,1316 24387,1318 24387,1318 29387,1321 29387,1316 29383,1320 29386,1321 29389,1326 29389,1327 29389,2327 29394,2327 29394,2332 29393,-666 24367,-663 24368,-661 24368,-656 24371,-653 24372,-649 24372,-647 24374,-643 24370,-638 24375,-635 24380,-638 24382,-638 24384,-638 24384,-636 24388,-637 24390,-632 24386,-630 24386,-629 24386,371 24389,376 24394,374 24392,377 24397,3377 24400,6377 24405,6378 24408,6373 24406,6370 24406,6375 24403,6370 24403,6375 24403,6379 24406,6374 24409,6378 24411,6380 24412,6378 24415,6378 24419,6383 24423,6385 24425,6387 24428,6390 24433,6386 24430,6386 24435,6387 24436,6388 24440,6387 24444,6383 29444,6383 29447,6386 29451,6382 29446,6387 29447,6390 29452,6393 29452,6397 29455,6400 29459,6400 29463,6397 29467,6393 29467,6395 29470,6397 29473,6399 29468,6394 29467,6397 29470,6396 29473,6396 29470,6393 29465,6389 29469,6390 29470,6389 29465,6389 29468,6392 29470,6388 33470,6390 33466,6391 33466,6392 33467,6394 33467,322 22372,322 22374,323 22377,327 22378,331 22382,330 22383,332 22386,333 22383,331 22383,330 22387,332 22391,332 22396,337 22397,339 22394,340 22399,340 22398,340 22396,343 22396,343 22396,341 22400,342 22404,343 22402,348 22403,345 22407,347 22411,342 22411,345 22413,340 22417,345 22417,348 22422,348 22426,351 22427,352 22432,352 22436,4352 22438,4353 22442,4354 22444,4354 22447,4357 22449,4360 22450,4364 22450,4367 22451,4369 22453,4366 22455,4369 22453,4373 22458,4377 22459,4380 22459,4380 22464,4385 22467,4385 22467,4390 22469,4385 22469,4385 22472,25571 26508,25574 26507,25578 26512,25581 26512,25581 26512,25583 26508,25583 26513,25587 26516,25589 26515,25590 26515,25591 26517,25589 26520,25587 26522,23587 26526,23585 26531,23589 26534,23592 26538,24592 26543,24588 26545,24593 26547,24598 26543,24598 26548,24602 26545,24598 26540,24600 26545,24600 26548,24600 31548,24605 31549,24608 31551,24613 31552,24615 36552,24616 36557,24619 36557,24622 36560,24622 36564,24627 35564,24627 35569,24632 35569,25632 35570,25635 35569,25636 35573,25636 35573,25638 35576,25641 35580,25641 35583,25641 35588,25642 40588,20642 40593,20645 40593,20650 40595,20651 40591,20651 40594,20648 40591,20648 40591,20652 40596,20652 40596,20656 40597,20656 40600,20656 40601,20659 40598,20662 40597,20662 40597,20663 40600,20668 40601,20665 40606,1215 13314,1214 13319,1212 13317,1209 13312,1210 13312,1211 13317,6211 13320,6214 13320,6216 13320,6211 13323,6214 13318,6214 13323,6214 13324,6216 13319,6219 13323,6218 13321,6219 13321,6218 13326,6221 13329,6225 13331,6230 13335,6231 13339,6231 13343,6235 13338,6234 13342,6234 13344,6236 13345,25524 26483,25521 26484,25524 26489,25527 26487,25529 26484,25530 26482,25534 27482,25539 27486,25537 27488,25541 27483,25544 27486,25547 27490,25550 27491,25550 27491,25554 27486,25559 27486,25563 27489,25561 27489,25563 27493,25561 27491,25563 27493,25563 27495,25564 27497,25563 27497,25563 27497,25558 27498,25563 27499,25565 27503,25567 27503,25569 27503,25567 27504,25565 27505,25565 27505,25565 27505,25566 27505,25570 27501,25570 27497,25574 27498,25570 32498,25570 32501,25573 32501,25576 32497,25576 32498,25577 32501,25579 32503,25583 32504,25588 32507,25592 32512,25596 32507,25599 32507,25594 32503,25597 32506,25597 32510,25594 32509,25594 32510,25596 32513,25592 32513,25594 32515,25594 32520,25598 32520,25602 32517,25603 32518,27603 32520,27607 32523,27608 31523,27613 31527,27615 31527,30615 31530,30617 31530,30618 31532,30619 31536,30623 31537,30623 31538,30625 31538,30626 31541,30627 31541,30624 31540,30623 31540,30624 31545,34624 31546,34619 31543,34623 31545,34624 31549,34624 31548,34626 31550,34626 31555,34626 31551,34628 31555,34633 31555,34636 31559,34634 31564,34636 31564,34639 31562,34639 31560,36639 31555,36636 27555,41636 27557,41640 27554,41644 27558,41647 27559,41648 27555,41653 27555,41658 27555,41658 27552,41658 27552,41660 27550,41656 27554,41661 27558,41664 27561,41667 27566,41662 27562,41663 27563,41663 27565,41662 27569,41661 27569,41664 27571,41664 27567,41659 30567,41660 30565,41660 30561,41665 30566,41664 30561,41664 30561,41664 30562,41664 30563,41660 30558,1312 24380,4312 25380,4315 25384,4315 25385,4319 25383,4322 25388,6322 25387,6322 25387,6326 25392,6321 25397,6324 25397,6324 25401,6319 25404,9319 25405,9314 25400,9312 25402,9310 25403,9313 25403,9313 25403,9316 25400,9319 25401,4319 25396,8319 25398,8315 25400,8315 25396,8315 25397,8311 25398,8307 25394,8309 25394,8311 25397,8315 25402,8310 25403,11310 25365,11311 25365,11316 25370,11320 25375,11325 25375,11325 25380,11325 25382,11326 25378,14326 25380,14328 25382,14331 25383,14334 25385,14336 25386,19336 25386,19336 25389,19332 25390,19332 25391,19335 25388,19338 25391,19342 25393,19340 25393,19345 25396,19345 25394,19347 25394,19349 25393,19351 25397,19350 25398,19348 25399,19349 25403,19352 25399,19350 25402,19354 25400,19353 25405,23353 25402,23354 25402,23356 25405,23358 25409,23360 25413,23363 25414,23367 25412,23365 25411,23367 25414,23363 25413,23367 25416,23367 25416,23370 25418,24370 25414,24370 25419,24373 27419,24378 27419,24380 27416,24380 27412,24380 27410,24380 27406,24376 27406,24374 27410,24370 27414,24370 27415,24371 27420,24375 27415,24378 27411,24375 27415,24378 27418,24382 27421,24383 27426,24383 27425,24385 27430,24390 27431,24394 27432,24395 27436,24399 30436,24400 30439,24404 30443,24403 30439,24406 30438,24410 30442,24406 30446,24408 30445,24403 30445,24408 30442,24412 30446,24416 30446,24416 30449,19416 30449,19416 30447,19418 30452,19420 30453,19423 30458,15423 30462,15423 30464,15425 30466,16425 30467,16424 30471,16421 30474,16426 30474,16428 30476,16428 30476,16424 30474,16424 33474,16425 33474,16427 33477,16425 33479,16426 33477,16422 33480,16425 33482,16430 33479,16430 33478,16429 33482,16424 33482,16427 33484,16430 33488,16431 33488,16434 33488,16435 33491,16432 33487,16436 37487,16434 37490,16438 37485,16443 37482,16446 37480,16447 37480,16447 37482,16451 37478,16454 37479,16458 37479,16454 37479,16454 37482,16459 37486,16460 37491,16463 37495,16464 37492,16465 37493,16466 37494,16468 37497,16468 37501,16468 37501,16473 37503,16473 37503,16473 37498,16476 37494,21476 33494,21473 33493,21476 33489,21478 33491,21478 33496,21478 33492,21480 33496,21483 33501,21484 33504,21483 33500,21484 33505,21484 33505,21488 35505,21491 35505,21494 35506,21496 35510,21492 35506,21492 35509,21489 35514,21490 35517,21487 35519,23487 35523,23485 35528,23487 35533,23483 35534,23487 35535,23488 35537,23493 35539,23495 35542,23495 35546,23495 35550,23491 35549,23488 35552,23492 35555,23495 35560,23500 35559,23496 35557,4322 16354,4317 16358,4318 16358,4320 16363,4315 16363,4315 16362,4316 20362,4320 20365,4323 20363,4326 20366,4329 20367,4332 20370,4337 20374,4338 20375,4333 20375,4338 20375,4341 20377,4342 20377,4342 20378,4343 20381,4346 20386,4346 20386,4346 20386,4346 20386,4349 20390,4352 20395,4354 20396,4355 20400,4358 20400,4360 20401,4360 20404,4363 20405,4368 20406,4372 20411,4371 20416,4367 20417,4364 20422,4367 20420,4372 20425,4373 20422,4374 20418,4377 20418,4381 20422,4382 20423,4384 20418,4389 20421,4385 20423,4390 20423,4390 20425,4392 20429,4396 20434,41574 39698,41578 39702,41576 39704,45576 39704,45575 39709,45577 39713,45581 39715,45581 39718,45583 39721,45578 39726,47578 39722,47581 39719,47586 39722,47586 39726,47589 39730,47592 39733,47597 39733,47593 39733,47596 39735,47597 39735,47595 39735,47591 39739,47593 39744,47593 39747,4074 20263,4077 20268,4079 20268,4078 20271,4078 22271,4083 22276,4087 22272,4088 22275,4086 22279,4082 22280,4084 22282,4086 22277,4082 22277,4087 22281,4090 22281,4092 22281,4092 22286,4094 22287,4097 22290,4097 22291,4095 22286,4095 22288,4095 22293,4095 22288,4092 22285,4089 22286,4090 22286,4095 22281,4100 22286,4103 22285,4104 22288,4104 22289,4107 22294,4112 22292,4117 22290,4120 22295,120 22300,121 22303,122 22300,122 22300,121 26300,125 26303,129 26303,127 26305,127 26306,132 26306,132 26307,136 26307,141 26309,140 26311,143 26313,140 26314,145 26318,149 26318,153 26321,153 29321,158 29326,158 29329,162 29324,162 34324,165 34329,168 34328,167 34332,169 34333,173 34334,173 34336,177 34338,178 34340,178 34344,182 34348,177 34348,182 34348,184 34353,184 34358,181 34360,183 34365,187 34365,192 34365,197 34367,199 34366,203 34368,205 34368,202 34363,204 34360,1204 34360,1205 34364,1205 30364,1205 30359,1206 30361,1207 30364,1210 30366,1210 30366,1214 30367,1218 30372,1219 30375,1214 30379,1214 30384,1217 30382,1222 30383,1223 30382,1225 30380,1228 30379,1231 30383,1232 30383,1235 30384,1237 30388,1242 30386,1244 30389,2244 30392,2241 30395,2245 30397,2245 30399,2244 30394,2242 30395,2246 32395,2246 32395,2249 32398,2251 32393,5251 32390,5251 32395,5255 32399,5255 32397,5257 32397,5257 32401,5261 32406,5261 32411,5266 32412,5271 32416,5273 32419,5276 32420,5281 32422,5279 32425,6279 33425,6284 33429,6284 33430,6282 33431,6282 33428,6286 33425,6288 32425,6288 32421,6286 32424,6288 32424,11288 32427,11292 32425,11292 32429,11290 32434,11286 32437,11286 32437,11283 32442,11278 32442,11279 32443,11283 32445,11284 32445,11283 32448,13283 32447,13287 32442,16287 32446,16282 32445,16283 32445,16284 32448,16285 32448,16284 32446,16286 32443,16290 32446,16291 32446,16292 32450,16291 32450,16291 32450,16291 32445,16287 32447,16288 32452,16287 32457,16291 36457,16289 36462,16293 36462,16294 36462,16297 36462,16301 36464,16306 36469,16310 36467,16310 36463,16313 36459,16312 36460,16313 36465,16313 36469,16308 36470,16309 36468,16314 36470,16319 41470,16322 41471,16325 44471,16330 44471,16330 44471,16330 44473,16330 44474,16335 44479,16332 44477,8414 30496,8415 30497,8419 30497,8414 30501,8416 30500,8418 30495,8421 35495,8423 35494,8427 35497,8429 35499,8432 35499,8436 35503,8438 35503,8443 35505,8440 35508,8443 35509,8440 35509,8440 35511,8441 35515,8445 35511,8448 35512,8443 35517,8443 35519,8442 35524,8444 35526,8441 35527,8436 35527,8433 35523,8429 35527,8430 35530,8431 35532,8429 35533,8433 35535,8437 32535,8435 32536,8439 32536,8436 32539,9436 32542,9434 32537,9429 32534,9429 32534,9433 32537,9433 32542,9429 32543,9434 32538,9436 32538,9436 34538,7436 34538,7438 34543,7439 34543,7439 34543,7439 34548,7438 34549,7438 34552,7438 34553,7438 34556,11438 34561,11434 34559,11436 34555,7436 34553,7436 34549,120 1235,124 1239,125 1236,125 1238,129 1235,128 1235,125 1236,123 1239,128 2239,132 2242,131 2242,135 2242,140 2242,145 2247,146 2252,144 2253,146 2248,144 2245,146 2244,150 2249,155 2245,159 2242,160 2243,160 2245,155 2244,156 2245,3156 2246,3159 2248,3159 2250,3164 2254,3165 2257,3166 2255,3169 2257,3171 2262,3169 2263,3174 2268,3177 2273,3174 2276,3178 2275,3173 2279,3177 2276,3180 2279,3182 2284,3185 2289,5185 2286,5185 2288,5181 2286,5185 2288,5184 2293,5187 2293,5187 2297,5190 2299,5187 2299,5185 2300,5181 6300,5182 6297,5187 6300,5189 6298,5191 6296,5193 6296,5193 6296,5195 6297,5195 6300,5197 6297,5195 6300,5190 6302,5191 6306,5192 6308,5195 6312,24395 27436,24391 27437,24393 27433,24398 27436,24398 27437,16286 32443,21286 32443,21286 32444,21282 32448,21283 32446,21283 32448,21285 32451,21281 32456,21282 32458,21282 32463,21282 32468,21284 32470,21289 32471,21287 32471,21287 32469,21287 32474,21284 32477,21288 32482,21291 32482,21291 32486,21296 32485,21299 32486,21301 32487,21303 32484,21301 32482,21305 32487,21310 32491,21312 32495,21313 32491,21315 32495,21312 32495,21314 32498,21316 32501,21311 32506,21311 32508,21312 32513,21317 32516,21319 32516,21324 32516,21327 32521,21328 32526,21332 32527,21328 36527,21331 41527,21336 41527,21334 41531,21337 41533,21335 41535,21339 41540,21340 41540,21343 41536,25343 41539,25340 41542,25337 41542,25337 41545,25335 41542,25335 41543,25335 46543,25339 46548,30339 46551,30340 46556,30343 46557,30342 46553,30337 46556,30341 46561,30337 46565,30336 46563,30338 46564,24373 27419,24373 27421,24375 27424,24377 27425,24377 27430,24374 27435,24379 27437,24384 27432,24385 27434,24382 27437,24381 27442,24381 31442,24381 33442,20381 33439,20383 34439,20382 34440,20378 34444,20381 34446,20381 34442,20384 34443,20388 34446,20392 34447,20393 34442,20393 34447,20396 29447,20395 29443,20399 29443,20400 29439,20399 29436,20404 29439,20409 29440,20410 29440,20410 29444,20408 29445,20413 29448,20413 29451,20412 29455,20413 29458,20418 29461,20413 29463,20415 29464,20416 29464,20416 29463,20416 29463,20418 29464,20414 29465,20418 29463,20413 29460,20413 26460,20418 26458,20421 26459,20421 26461,20421 26460,43578 35658,43578 35654,43578 35658,43578 35660,43583 35661,43583 35659,43583 35662,43579 35663,43583 35661,43587 35666,25625 25551,25629 25551,25630 25554,25630 25559,25632 25560,25627 25561,25623 25557,25623 25559,25624 25561,26624 25566,26627 25566,29627 25571,29626 25574,29625 25575,29622 25579,29625 25583,29630 25588,29632 25589,29635 25591,29635 25594,29637 25598,29642 25596,29643 25597,29644 25597,29649 25598,29654 25602,29656 25602,29661 25603,29661 25601,29664 26601,29666 26604,29665 26604,29668 26607,29672 26607,29669 26611,29671 26616,29674 26613,29679 26616,29680 26616,29681 26615,29682 26619,29679 26617,29684 26622,29686 26624,29689 26624,29690 26628,29691 26630,29693 26625,29694 26620,29698 26617,29703 29617,29707 29616,29706 29620,29709 29623,34709 29626,34710 29628,34710 29627,2282 16411,2283 16412,2283 16412,2287 16417,2292 16421,2297 16421,2298 16426,2303 16426,2304 16429,2309 11429,2313 11432,2308 14432,2308 14431,2311 14433,2310 14437,2308 14438,2309 14440,2311 14440,2309 14443,2312 14443,2314 14447,2314 14452,2314 14450,2309 14451,2309 14451,2309 14456,2313 14461,2313 14461,2309 19461,2309 19461,2311 19462,2315 19465,2318 19465,2321 19462,2317 19464,2321 19467,2322 19467,2322 19469,2322 19469,2320 19464,2321 19462,2322 19461,2327 19466,2327 19461,2322 19461,2322 19463,2317 19467,2318 19471,2102 -1848,2107 -1848,2111 -1846,2114 1154,2114 1156,2115 1157,2114 6157,2116 6162,2121 6165,2124 6170,2121 6175,2124 6179,2124 6183,2128 6178,2126 6179,2125 6178,2126 6181,2122 10181,2127 10186,2128 10189,2130 10188,2130 10191,2127 11191,2127 11195,2131 11196,2132 11192,2131 11197,2135 11201,2135 11203,2139 11199,2142 11203,2143 11204,2147 11208,2142 11210,2142 11211,2147 11212,2150 11217,2150 11219,2151 11219,2152 11222,2152 11222,2148 11224,2150 11220,2150 11223,2146 11218,2143 11219,2140 11221,2143 11218,2140 11219,2140 11223,2145 11225,2147 11226,2152 11226,2155 11224,2157 11229,2157 11229,2153 11233,2153 11238,2149 11239,7149 10239,7154 10241,7157 10241,7162 10243,7164 10248,7164 10251,7169 10253,7171 10253,7172 10257,7177 10260,7182 10256,7187 10260,7191 8260,7195 8256,7200 8258,7204 8258,7203 8261,7203 8262,7205 8266,7209 8270,7209 8273,7214 8273,7214 8276,7210 8276,7211 8276,7213 8279,7218 8278,7222 8283,7223 8279,7220 10279,7221 10283,7223 10284,7228 10286,7230 10290,7231 10290,7231 10293,7232 10294,7232 10297,7234 10299,7229 10295,7226 10294,7221 10293,7223 10295,7228 10299,7229 10303,7232 10307,7232 10311,7233 10316,7234 9316,7239 9318,7244 9321,7241 9326,7241 9328,7238 9331,7235 9330,7237 9335,7236 9335,7236 9337,7236 9338,7231 14338,7230 14333,7232 14338,7237 18338,4082 22280,4081 22280,6081 22283,6076 22285,6076 22289,6078 22286,6080 22287,6084 22292,6084 22293,6085 22293,6086 22291,6091 22294,6092 22293,9092 22290,9095 22294,9096 22295,9096 22297,9091 22292,9096 22295,9098 22290,9094 18290,9097 18290,9096 18294,9099 18292,9098 18297,9103 18299,9103 18302,9103 18305,9100 18301,9102 18302,9106 18305,9102 18310,9101 18306,9103 18308,9103 18312,9107 18310,9107 18315,9107 18320,9111 18322,9111 18326,9113 18329,9111 18329,9116 18329,9121 18329,9121 18332,9123 18331,9124 18332,9125 18328,9127 18325,9125 18328,9128 18329,9133 18329,9136 18333,9141 18337,9142 18342,9143 18340,9148 18344,9152 18341,9150 18346,9149 18341,9149 18341,9154 18343,9158 18345,9161 18346,9161 18347,9163 18352,9164 18352,9162 18349,9165 18352,9165 18351,9165 18352,9165 18356,9163 18352,9167 18353,9167 18349,9168 18351,9168 18347,9173 18347,9175 18347,9179 18348,9182 18349,9187 18352,9186 18357,9189 18360,9192 18360,9196 18362,13196 18367,13196 18369,13196 18371,13199 18374,13194 18374,13197 18375,13200 18377,13205 18380,13210 18384,13209 18379,13209 18374,13213 18375,13216 20375,13212 20375,13215 20375,13211 20375,13211 20372,13208 20373,13204 20373,13204 20369,13205 20369,13207 20366,13212 20367,13216 20367,13221 20372,13222 20377,13225 20381,13226 20386,13230 20383,9230 20388,9228 20384,9228 20386,9223 20389,9223 20392,4223 20397,4223 20396,4225 20399,4222 20404,4220 20408,4220 20411,4223 20416,4227 20421,4230 20418,4234 20421,4232 20422,4236 20423,4238 20423,4239 20423,4235 20427,4231 20427,4230 20426,4228 20428,4232 20427,4232 20431,4236 20433,4241 20431,4241 22431,4236 22436,4239 22437,4239 22439,4236 22443,4232 22439,4236 22444,4236 22446,4239 22447,4239 22452,4241 22454,4245 22457,4245 22460,4250 22462,4251 22465,4253 22465,4249 22465,4251 22460,4251 22464,4255 22469,4257 22473,4256 22478,4259 22479,4260 22480,4257 22485,6257 22489,6260 22490,6260 22493,6262 22496,6262 22500,6267 22495,6271 22495,6276 22491,6276 22489,6281 22487,6286 22490,6289 22490,6294 22490,6294 22489,6292 22485,6292 22489,6288 22489,6288 22494,6288 22496,6286 22497,6288 22501,6292 22500,5292 22503,5292 22503,5296 22508,5295 22510,5300 22510,5305 22513,5302 22514,5306 22510,5309 22513,5313 27513,5313 27513,5317 27513,5322 22513,5326 22517,6326 22516,6323 22518,6323 22523,6320 22523,6321 22526,6323 22531,6323 22531,6324 22532,6324 22532,6325 22529,6321 22531,6323 22534,6328 22534,6329 22530,6324 22527,10324 22522,10319 22524,10315 22520,10314 22525,10311 22525,10307 22526,10304 22531,10306 22527,10306 22528,10309 22530,10312 27530,10312 27534,10312 27534,10307 27536,10307 27532,11307 27531,11307 27533,11308 27535,11303 27531,11298 27532,11294 27534,11294 27534,11299 27538,11297 27542,11302 27547,11306 27547,11311 27549,11313 30549,11317 30551,11313 30546,11316 30541,11316 30540,11319 30545,11318 30546,11323 30550,11326 30554,11326 34554,11330 34558,11331 34558,11333 34558,11332 34561,11328 34561,11331 34562,11336 34562,11336 34567,11340 34570,11342 34569,11345 34568,11344 34569,11345 34571,11349 34574,15349 34574,15354 34569,15359 34566,15362 34571,15363 34576,15367 34577,15368 34577,15371 34581,15374 34576,15379 34574,15383 34579,15384 34584,15387 34583,17387 34578,17392 34578,17391 34578,17396 34573,17397 34578,17397 34580,17397 39580,17402 39584,17397 39587,17402 39587,17406 39582,17403 39587,17407 39589,17409 39592,17406 39592,17409 39595,17409 39599,17412 39603,17416 39608,17417 39608,17417 39608,17421 39607,17422 39609,17424 39608,17427 39604,17425 39605,17426 39609,17423 39611,17422 39610,17425 39613,17428 39618,17428 39619,17429 39616,17432 39616,13432 39615,13432 39617,13432 39617,13432 44617,13434 44621,13434 44623,13439 44627,13442 44632,13442 44635,13440 44631,13442 44631,13445 44635,13447 44639,13445 44637,13445 44638,13450 44639,13454 44644,13457 44644,13459 44642,15459 44639,15457 44644,15461 44644,15462 44642,15459 44645,15459 44647,15463 44650,15458 44651,15459 44653,15461 44657,15463 44661,15463 44661,15463 44663,15467 44666,15472 44668,15474 44664,15470 44668,15471 44670,15473 44674,15475 44675,-3806 12298,-3804 12301,-3805 13301,-3804 13296,-3808 13292,-3809 13295,-3806 13300,-3804 13297,-3801 13301,-3801 13302,-3796 18302,-3801 18306,-3799 18311,-3802 18311,-3799 18312,-3801 18314,-3796 18319,-3795 18322,-3791 18321,-3786 18320,-3786 18321,-3784 18321,-3782 18321,-3781 18324,-3782 18325,-3783 18320,-3788 18324,-1788 18324,-1788 18329,-1784 18333,-1784 18334,-1781 18329,-1777 18334,-6777 18337,-6774 18339,-6776 18341,-6781 18341,-6779 18341,-6779 18343,-6779 18339,-6777 18343,-6782 18338,-6779 18341,-6778 18341,-6776 18336,-6776 18333,-6776 18333,-6780 18338,-6784 18338,-6787 18335,-6786 18336,-6781 22336,-6781 22335,-6778 22331,-6777 22326,-6777 22331,-6777 22335,-6772 22335,-6774 22340,-6769 22341,-6767 22337,-6767 22335,-6767 22335,-6767 22333,-6767 22336,-6762 22331,-6759 22331,-6764 22332,-6765 22334,-6767 22339,-6762 22334,-6760 22334,-6760 22334,-6758 22337,-6754 22341,-6754 22342,-6750 22339,-4750 22343,-4747 22343,-4752 22343,-4751 22344,-4749 22345,-4745 22348,-4740 22353,-4736 22358,-4738 22363,-4740 22358,21336 41527,21334 41527,21330 41526,21330 41526,21333 41529,21328 41529,21329 41530,21326 41532,21328 41532,21324 41537,21328 41532,21330 41535,21334 41532,21336 40532,21334 40536,21339 40534,21341 40534,21344 40534,21346 40532,21350 40532,21353 40535,21357 40539,21359 40542,21360 40546,21355 40546,21360 40547,21359 40550,21356 40551,21356 40550,21357 40550,21361 40554,21358 45554,21362 45556,21366 45553,21370 45557,21374 45556,21377 45553,22377 45549,22382 45549,22382 45552,22386 45557,22387 45557,22388 45553,22392 45557,24392 45561,22392 45558,22397 45561,22399 45558,22398 45561,22400 45564,22400 45569,22404 45573,22406 45577,22406 45581,22404 45581,22407 45582,22409 45579,22409 45575,22409 45579,22407 45579,22402 45582,22402 45582,22404 45587,22406 45587,22406 45589,22411 45589,22413 45590,22417 45591,22417 45592,22422 45587,22425 45583,22428 50583,22428 50585,22428 50585,22430 50588,22435 50590,22435 50585,22435 50590,22439 50595,22440 50590,22445 50587,22442 50584,22442 50586,22443 54586,22443 54590,22446 54595,22448 54597,22448 59597,22444 59593,22449 59596,22449 59599,22452 59600,22457 59600,22458 59605,22457 59602,22462 59603,22463 59604,22461 59605,22458 59602,22457 59601,22457 59601,22455 59605,25455 59606,25457 59611,25462 59613,25464 59614,25467 59617,25472 59612,25476 59613,25478 59610,25482 59615,25482 59616,25486 59612,25483 59614,25487 59619,25492 59623,25497 59625,146 2252,150 2249,150 2249,152 2254,157 2249,158 2253,157 2252,161 2255,159 3255,161 3258,161 3255,163 3255,168 3259,168 3259,172 3263,167 3267,172 3271,172 3272,172 3274,175 3278,179 3282,181 3283,184 3280,185 3282,187 3282,191 3284,192 3286,191 6286,193 6289,198 6285,195 6290,194 6289,195 6289,199 6293,200 6288,198 6290,202 6291,207 6296,212 6301,215 6301,216 6301,211 6304,212 6304,216 6309,216 6304,214 6308,213 6308,211 6305,212 6309,217 6314,220 6317,224 6322,222 6327,220 6323,41573 39712,41572 39709,41576 40709,41580 40714,41576 40717,36576 40717,36577 40719,36582 40716,36585 40721,36590 43721,36585 43721,36582 43724,36585 43729,36590 43731,36590 43730,15289 11307,15285 11312,15286 11315,15289 11315,15294 11315,15295 11316,15296 13316,38742 37646,38743 37650,38745 37655,38744 37658,38739 37659,38737 37662,38742 37662,38745 37657,38748 37662,38748 37662,38752 37667,38753 37667,38748 37669,38748 37668,38752 37673,38754 37674,38756 37676,38758 37674,38760 37679,38760 37675,38758 37675,38763 37675,38767 37674,38772 40674,38767 40679,38772 40683,38774 44683,38778 44686,38780 44690,38780 44690,38779 44695,38782 44700,38780 44695,38775 44696,38775 44696,38775 44696,38779 44699,38783 44696,38784 44696,38786 44692,38786 44692,38786 44696,38791 44698,38793 44699,38795 44703,38800 44708,38803 44708,38807 44709,38802 44706,38806 44708,38809 44709,36809 44709,36814 44704,36813 44705,36814 44705,36816 44709,36811 44712,36812 48712,36811 48717,36815 48721,36816 51721,36818 51717,36822 51720,40822 51715,40827 51712,40830 51716,40829 51719,40832 51723,40835 51724,40840 51721,40841 51721,40836 51725,40841 51730,40846 51734,40848 51738,40849 51740,40851 51743,40854 51745,40855 51746,40857 51750,40857 51746,40861 51748,40866 51751,40862 51750,40866 51750,40869 51752,40865 51752,40863 51755,40858 51757,40855 51753,40855 51758,40852 51758,40853 51760,40857 51761,40855 51757,40852 51760,40853 51761,40855 51762,40858 51757,40859 51756,40863 51757,40863 51759,40860 51764,40859 51764,40854 51768,40850 51765,40852 51767,40852 51767,40848 51772,40852 51776,40854 51778,40852 51778,43852 51778,43854 52778,43856 52781,43859 52781,43859 52776,37512 26536,37517 26531,37520 26535,37520 26540,37522 26544,37527 26544,37532 26549,37537 26544,37540 26549,37545 26544,37549 26547,37549 26550,37548 26551,37549 26553,37546 26553,37546 26553,37549 26556,37549 26559,37552 26559,37556 26564,37560 26559,37561 26561,37565 26565,41565 26565,41569 26568,41571 26573,41571 26573,41576 29573,41571 29573,41573 29576,41573 29578,46573 29578,46569 29582,45569 29583,45572 29583,45568 29583,45573 29581,45575 29578,45571 29581,45572 29584,45572 29585,45576 29585,45578 29588,45581 29591,45582 29593,45582 29598,45584 29597,45589 29600,45585 29605,45589 33605,45593 36605,45594 36607,45599 36609,45600 36604,45604 36604,45604 36608,45604 36607,45608 36610,50608 36613,50611 36609,50614 36609,50619 36605,50624 36605,50625 36606,50625 36605,50629 36606,50624 36608,50625 36610,50626 36610,50629 36608,50627 36610,50628 36614,50632 36618,46632 34618,46632 35618,46636 35622,46636 35617,46637 35620,46639 35619,46643 35620,46645 35625,46643 35630,46648 35635,46648 35640,46649 35643,46651 35647,46655 35650,46652 35655,46657 35656,46658 35657,46662 35660,46659 35663,46662 35664,46665 35663,46667 35667,46667 35663,46670 35666,46672 35671,46674 35671,47674 35668,47676 35672,47677 35673,47677 35678,47677 35677,47677 35677,47677 35682,47672 35683,47671 35683,49671 35685,49674 35689,49677 35692,49675 35692,54675 35697,54678 35699,54674 35699,54670 35701,54670 35700,54675 35703,54676 34703,54676 34703,54679 34706,54683 34708,54688 34706,54688 34707,54685 34702,54687 34702,54692 34707,54687 36707,54687 36706,54682 36707,54685 38707,54680 38710,54680 38714,54677 38714,54679 38719,54682 38720,54687 38716,54688 38717,54692 38722,54697 38726,54699 38727,54700 38724,54702 38720,52702 38719,52702 38719,52702 38721,52702 38725,52704 38726,52706 38728,52707 38729,52711 38728,52711 35728,52713 35733,52712 35737,52712 35739,52713 35742,52713 35745,52708 35745,52710 39745,52713 39749,52716 39748,52721 39749,52720 39753,52716 39756,52716 40756,47716 40757,47717 40761,47722 40761,47722 40761,47722 40766,47726 40769,47728 40772,47733 40777,47731 40773,50731 40777,51731 40779,51733 40782,51734 40786,51737 40784,51741 41784,51739 41783,51739 41785,51739 41785,51736 41789,51731 41789,52731 41790,52735 41791,52738 41790,52742 41789,52746 41785,52747 41785,52745 41785,52750 41782,52753 41786,52753 41787,52758 41792,52754 42792,52749 42793,52752 42794,52756 42791,52757 42790,52762 42793,52766 42797,52766 42797,52769 42802,52774 42806,52774 42805,52771 42807,52774 42807,52770 42808,52771 42811,52767 42811,52766 42812,52767 42817,52771 42817,52771 42817,52775 42815,52779 42811,52779 42812,52780 42815,52776 42818,52774 42818,52777 42822,52780 42823,52781 42827,52776 42829,52780 42832,54780 42835,54780 42840,2135 11201,2140 11203,2137 11204,2140 11209,2142 11213,2147 11211,2145 11213,2145 11213,2150 11218,2150 11221,2153 11225,2157 13225,2162 13228,2167 13231,2171 13232,2167 13229,2168 13233,2171 13237,2173 13239,2168 13234,2168 13235,2173 13235,2175 13234,2177 13235,2177 13234,2179 13229,2179 13226,2180 13226,2177 13226,2177 13231,2180 13231,2181 10231,2176 10233,2177 10232,2180 10235,2185 10237,2182 10240,6182 10240,6184 10244,6182 10242,6183 10243,6185 10246,6190 10244,6194 10244,6194 10247,6192 10247,6192 10252,6195 10256,6194 10260,6195 9260,6195 9260,6195 9264,6199 9269,6204 9272,6199 9268,6201 9268,6203 9265,6208 9268,6204 9270,6204 9275,6201 9279,6201 9281,6201 9286,6206 9281,6206 9277,6202 9281,6200 9285,6202 9288,6198 9290,7198 9293,7200 9297,7201 9297,7205 9298,7209 9298,7209 9299,8209 9302,8214 10302,8218 10306,8222 10308,8226 10313,8231 10313,8235 10318,8237 10318,8237 10323,8233 10326,8233 10327,8237 10325,8238 10328,8238 10330,8234 10330,11234 10332,11236 10333,11241 10337,14241 10338,14240 10338,14237 10339,14238 10337,14237 10339,14242 10339,14246 10339,14250 10339,14250 10339,14251 10337,14254 10337,14256 10334,14256 10332,14252 10336,14255 10340,14259 10342,14262 10347,11148 3159,11153 3163,11154 3162,11154 3165,11158 3167,11161 3172,11162 3175,11162 3176,11166 3179,11166 3181,11171 3185,11176 3180,11178 3179,11176 3181,11179 3183,11174 3182,52776 42818,52778 42822,52777 42822,52782 42817,52783 42822,52784 42823,52789 42826,52789 42823,56789 42828,56786 42829,56786 42832,56789 42836,56789 42835,56785 42838,56786 42843,51786 42844,51788 42846,51790 42847,51794 42842,51796 42842,51801 42846,53801 42849,53806 42849,53809 42852,53812 42850,53817 42846,53817 42848,53818 42853,53822 42856,53823 42854,53826 42858,53825 42860,53826 42860,53826 42864,53830 42868,53835 42873,53839 42873,53841 42872,53841 42876,53841 42879,53841 42884,53836 42888,53836 42889,53836 44889,53833 44889,53835 44893,53838 44897,53842 44897,53844 44900,53844 44904,53845 44905,53850 44903,53853 44904,53858 44906,53856 44907,53861 44909,53856 44913,53858 44916,53863 44916,53868 44918,53867 43918,53869 43921,53869 43919,53867 43919,53862 43918,53860 43923,53864 43928,53869 43930,53874 43933,53874 43932,53874 43932,53875 43930,53877 43928,53878 43924,53883 43927,55883 43929,55883 43925,55879 43929,55881 43929,55884 43928,55881 43928,55882 43929,55883 45929,55883 45933,55883 45936,55884 45941,55884 45941,55886 45946,55882 45948,55883 45952,55888 45956,55890 45957,55894 45953,55892 45954,55897 45950,55893 45954,55896 45956,55892 45955,55897 45959,55899 45961,55899 45961,55894 45962,55898 45957,55893 49957,55896 47957,55894 47956,55898 47960,55901 47964,55901 47967,55901 47970,55896 47973,55898 47969,55894 47974,55895 47975,55891 47976,55896 47979,55899 47984,55902 47983,55897 47987,55899 47989,55904 47992,55904 47993,55905 47997,55902 48001,55902 48003,55907 48000,55910 47998,55915 47999,55911 47994,55906 47998,55910 48003,55914 48000,55918 48000,55914 48000,55919 48000,55921 48003,55921 48007,55924 48007,55919 48010,55922 48005,55927 48009,55928 48008,55928 48008,55930 48012,55925 48012,55925 48016,54925 48014,54922 48018,54922 44018,54926 44013,54929 44012,54932 44016,55932 44017,55935 44017,55936 44020,55937 44022,55936 44020,55939 44015,55944 44018,55945 44022,55947 44023,55950 44024,55953 44020,55956 44023,53867 43919,53871 43921,52871 43921,53871 43923,53876 43923,53881 43923,53880 43927,53882 43931,53886 43936,53884 43937,53879 43934,53879 43937,53877 43939,53878 43938,53879 43942,53880 43947,53881 43948,53884 45948,53884 45949,53882 45953,53883 45954,53878 45956,53880 45953,53885 45958,53885 45958,53886 45957,53886 48957,53886 48962,53891 48962,53892 48964,53897 48965,49897 48962,49902 48965,49906 48967,49902 48967,49904 48971,49901 48967,49904 48970,54904 48971,54904 48971,54904 48975,54909 48979,54907 48975,54910 48975,54906 48971,54909 48973,54911 48975,54915 48978,54920 48978,54923 48981,54918 48984,54921 48984,56921 48984,56926 48986,56924 48981,56929 48980,56932 48979,56932 48977,56936 48979,56937 48981,56937 48982,61937 48984,61937 48980,61934 51980,61935 51981,61935 51984,61935 51984,61931 51986,5329 23395,5331 23395,5333 23390,5337 23392,5340 23395,5345 27395,5345 27397,5350 27398,5355 27399,5356 27402,6356 27405,6360 27407,6361 27406,6364 27402,6366 26402,6371 26402,6371 26402,6372 26405,6370 26405,6375 26406,6380 26411,6385 26413,6387 26414,6388 26419,6390 26419,6391 26424,6393 30424,6390 30429,6390 30432,6390 30430,6394 30434,6394 30437,6394 30441,6396 30442,6398 30439,6399 30436,6404 30435,6405 30435,6400 30435,6405 30440,6404 30443,6405 30447,6409 30447,6411 30447,6412 30448,6417 30446,6421 30450,6418 30448,6417 30444,6418 30449,6420 30451,6425 30456,6426 30456,6425 30458,6426 30458,6426 34458,6427 34459,6432 39459,6434 39462,6434 39467,6439 39470,6443 39467,6444 39468,6449 39473,6451 39476,6452 39481,6452 39479,6452 39476,8452 39476,8456 39478,8460 39480,10460 39482,10455 39482,10456 39484,10460 39484,10463 39484,10468 39486,10473 39482,10475 39484,10475 39486,10476 39488,10477 39492,10475 39494,10480 39499,10476 39501,10479 39506,10480 39510,10475 39508,10480 39513,10481 39516,10481 39516,10485 39521,10487 39522,10490 39523,10490 39520,10493 39520,10496 44520,10491 44519,10491 44524,10492 44520,10497 44525,10499 44525,10502 44527,10500 44531,10502 44535,10506 44535,10511 44532,13511 44536,13513 44533,13510 44535,13507 44540,13511 44543,13515 44548,13517 44549,13522 44550,13525 42550,13520 42551,13522 42553,13525 42552,13529 42557,13529 42558,13524 42559,13525 42559,13525 42562,13520 42564,13523 42567,15523 42569,15523 42572,15524 42577,15529 42577,15530 42582,15532 42584,15532 42588,15531 42587,15531 42592,15530 42587,15530 42583,15533 42583,15536 47583,15532 47583,15535 47587,15534 47590,15536 47594,11536 47590,11533 47590,11529 47590,11533 47592,11533 47592,11533 47593,11537 47598,11538 47603,11538 47603,11538 47605,11541 47609,11544 47613,14544 47614,14539 47610,14537 47610,14537 47614,14535 50614,14537 50619,14539 50619,14540 50623,14538 50623,14537 50619,25599 26540,25599 26541,25599 26544,25594 26542,25599 26543,25596 26544,25597 26543,25598 26543,25593 26544,25588 26542,25593 26545,25595 26544,25596 26544,25599 26541,25594 26544,25592 26549,25593 26548,25597 26549,25596 26550,25594 26551,25590 26550,25594 26554,25597 26550,25598 26552,25593 26555,25598 22555,25599 22557,25604 22559,25605 22558,25606 22562,25605 22559,25605 22564,30605 22569,30610 22571,30610 22575,30609 22575,30609 22576,30609 22581,30605 22581,30610 22583,30610 22584,30613 22579,30613 22581,30616 22577,30619 22577,30621 22580,30621 22585,30626 22590,30628 22593,30629 22598,30626 22603,30628 22606,30629 22607,30629 22604,30627 22606,30632 22608,30633 22608,30636 22612,30641 17612,30642 17614,30647 17614,30651 17615,30654 17610,30655 17607,30658 17611,30653 17610,30654 17606,30654 17607,30659 17606,30660 17611,30658 17616,30659 17616,30664 17619,30665 17621,30665 17620,30667 17621,30671 17624,30673 17624,30673 17624,30678 17627,30675 17632,30675 17635,30678 17640,30681 17643,30686 17639,30691 17641,30696 19641,30699 19640,30700 19640,30696 19645,30698 19643,30699 19645,30702 19646,30703 19649,30699 19651,30704 19648,30706 19652,30709 19653,30709 19655,30709 19655,30712 19657,30708 19658,30705 19660,30700 19662,30701 19663,30706 19664,30711 19663,30707 19667,30704 19670,30708 19672,30709 19673,30711 19673,30711 19674,30713 19678,30718 19682,30723 20682,30721 20686,30725 20691,30726 20693,30729 20695,30728 20690,30730 20692,30733 20694,30736 20692,30736 20691,30740 20694,30741 20695,30741 20697,30746 20700,30747 20702,30750 20701,30751 20698,30753 24698,30749 24701,30748 24703,30746 24704,30747 29704,30747 29705,30749 29707,30752 29712,30757 29712,30760 34712,30760 34716,30763 34716,30759 34713,30759 34717,30763 34717,30758 34717,30757 34721,30760 34726,30758 34726,30763 34727,30763 34727,30764 34727,30759 34729,30759 34732,30762 34734,30757 34735,30761 34736,30759 34736,30762 34738,30757 34733,30760 34735,30762 34737,30760 34736,30765 34733,32765 34737,32768 34737,32765 34740,32765 34742,32768 34747,32772 34751,32772 34752,32777 34749,32782 34751,32783 33751,32783 33746,36783 33749,36783 33754,36786 33756,36787 33755,36787 33758,36791 33754,36796 33754,36801 33756,36801 33758,36801 33762,36802 33765,36802 33765,36806 33770,33806 33772,33806 33777,33809 33777,33814 33780,33814 33785,33818 33782,33821 33784,33826 33781,33822 33781,33824 33783,33822 33784,33826 33787,33823 33792,33827 33795,33828 33798,33829 33799,33833 33801,33833 33801,33836 33805,33839 33809,33842 33805,33847 33810,33845 32810,33847 32808,33849 32812,33851 32815,33849 32818,33849 32822,33847 32822,33847 32826,33850 32831,33854 32836,33857 32833,33856 32828,33859 32829,33860 32832,33857 32834,33857 32830,33855 32830,33857 32830,33855 32834,33859 32829,33859 32833,33862 32836,33864 32837,33864 32839,33866 32837,33869 32835,33872 32840,33874 37840,33879 37845,33881 37850,33881 37855,33886 37856,33891 37860,33896 37860,33893 37863,33894 38863,33896 38859,28896 38864,28899 39864,33899 39869,33896 39871,33898 39875,33902 39873,33902 39875,33907 39879,33912 39884,33908 39887,33908 39888,33905 39890,33909 39895,33911 39896,33908 39900,33912 39901,33915 39902,33915 39902,33915 39902,33910 39907,33910 39904,33914 39903,33912 39906,33916 39909,33920 39909,33922 39912,33923 39916,33928 39916,33931 39918,33932 39919,33935 39915,33936 39912,33934 39909,35934 39914,35931 39915,35935 39917,35939 39920,35939 39915,35940 39911,35944 39916,35944 39911,35944 39908,35945 39904,35945 39908,35945 39912,35950 39915,35955 39917,38955 39916,38960 39921,38962 39920,38962 39920,38967 39922,38967 39924,38970 39928,38975 39928,38973 39928,38977 39931,38980 39934,38984 39936,38982 39939,38983 39942,38985 39943,38987 39945,38992 41945,38988 41950,38989 41954,38992 41958,38992 41962,38992 41965,38993 41970,38997 41970,38997 41970,38994 41974,38994 41979,38997 41979,38999 41982,38994 41980,38998 41985,38998 41984,5334 23406,5330 23406,5325 23403,9325 23404,12325 23408,12325 23408,12322 23406,13322 23411,13325 23416,13326 23412,13322 23414,13327 23419,13328 23422,13329 23425,13333 23422,13337 23424,23491 35549,23490 35544,23494 35546,23499 35548,23495 35549,21495 35553,21490 35556,21492 35558,21492 35556,21494 35559,21494 35564,21494 35566,21499 35566,21502 35562,21502 35567,17502 35568,17506 35573,17507 35574,17511 35578,17512 35583,17513 35588,18513 35591,18514 35592,18515 35594,18513 35596,16513 35601,16513 37601,16513 37602,16511 37604,16513 37609,16514 37611,16518 37616,16522 34616,16524 34613,16528 34615,16528 34620,16533 34624,16535 34627,16538 34628,16539 34630,16539 34631,16542 34628,16542 34633,16544 34638,16547 38638,16547 38640,16543 38645,16543 38640,16540 38640,16543 38640,16542 38641,16546 38646,16541 38649,16541 38645,18541 38648,18544 38648,18544 38653,18544 38656,18549 38651,18547 38651,18550 38656,18547 38658,23547 38663,23544 38664,23548 38668,23548 38670,28548 38672,28549 38669,28549 38673,28545 38669,28549 38670,28554 38670,28557 38674,28560 38669,28562 38674,28562 38669,28561 38669,28564 38671,28569 38671,38779 44699,38780 44695,38778 44698,38783 44700,38785 44700,38781 44701,38782 44696,38786 44691,38789 44692,38794 44692,38799 44688,38799 44693,38803 44697,38808 44697,38806 44697,38806 44700,38803 44702,38803 44706,38802 44707,38807 48707,38808 48707,38806 48707,38810 48712,38810 48709,38810 48711,38810 48711,38806 48707,38802 48710,38803 48706,38805 48711,38810 48711,38805 48709,38809 48710,38809 48710,38814 48707,38815 48703,38816 48703,38816 48704,38820 48704,38822 48709,38820 48710,38818 48714,38822 48716,38822 48719,38827 48722,38828 48727,38832 48725,38830 48730,38831 48726,38832 48724,38829 48728,8431 35532,8431 35537,4431 35532,4434 35537,4438 35537,4439 35533,4443 35535,4442 35530,4445 35527,4449 35527,4453 35530,4458 35530,4459 39530,4460 39531,4461 39531,4464 39531,4468 39531,4470 39534,4465 39534,4465 39532,4469 39532,4471 39537,4466 39538,4470 39539,4473 39540,4476 39540,4480 39543,4485 39548,4483 39546,4484 39547,4484 39549,4484 39551,4486 39553,4486 39554,4487 39551,4483 39553,4486 39554,4490 39556,4493 39557,4498 39561,4494 39562,-4749 22345,-4752 22345,-4748 22348,-4744 22351,-4740 22356,-4741 22358,-4739 22361,-4734 22359,-4730 25359,-4730 25360,-4725 25360,-4727 25360,-4727 25361,-6727 25360,-6729 25365,-6730 25365,-6727 25365,-6731 25364,-6730 27364,-6727 27366,-6723 27367,-3723 27363,-3719 27368,-3720 27371,-3718 27366,-3717 27369,-3716 27369,-3714 27372,-3711 27370,-3712 27371,-3712 27370,-3710 27375,-3708 27377,-3707 27382,-3706 27385,-3706 27389,-3705 32389,-3704 32392,-3704 32392,-3699 32391,-3699 32395,-3694 32399,-3694 32400,-3695 32404,-3695 32408,-3693 32410,-3693 32410,-3697 32410,-3692 32413,-3691 32418,-3686 32420,-3683 32425,-3681 32420,-3678 32424,-3673 32424,-3676 32427,-3673 32426,-3671 32426,-3676 33426,-3678 33428,-3676 33428,-3679 33428,-3679 33433,-3677 33434,-3676 33438,-3681 33440,1319 33444,1321 33441,1325 33444,1329 33439,1326 33444,1326 33439,1327 33439,1327 33440,1332 33444,1333 33449,1338 33453,1338 33450,1343 33450,1347 33454,1346 33457,1346 33455,1342 33459,1341 33462,1346 33462,1347 33463,1343 33463,1344 33462,1348 33457,1347 33460,1352 33464,1356 33468,1361 33469,1363 33468,1365 33469,1368 33472,1369 33475,-2631 33478,-2633 33483,-2629 33486,-2632 34486,-2628 36486,-2625 36488,-2621 36488,-2624 36488,-2622 36492,-2624 36491,-2629 36491,-2627 36496,-2623 36499,-2628 36502,-2631 36506,-2626 36506,-2622 36506,-2622 36509,-2619 36514,-2624 36512,-2621 36510,-2619 36510,-2619 36508,-2617 36512,-2615 36512,-2615 36513,-2615 36511,-2615 36506,-2612 36507,-2609 36511,-2606 37511,-2606 37508,-2610 37505,-2607 37508,-2602 37512,-2599 37512,-2595 37510,-2597 37511,-2592 37515,-2597 37514,-2592 37519,-2592 37524,-2592 37526,-2594 37521,-2594 37516,-2591 36516,-2588 36517,-2589 36513,-2586 36514,-2584 36514,-2583 36516,-2579 36514,-2578 36518,-2578 35518,-2575 35519,-2577 35519,-2578 35524,-2578 35529,-2578 35532,-2578 35534,-2580 35537,-2584 35541,-2586 35542,-2587 35544,-2585 35540,-2585 35544,-2584 35543,-2580 35548,-2576 35550,-2571 35553,-2567 35555,-2565 35560,-2560 35560,-2557 35564,-2553 35564,-5553 36564,-5548 36564,-5544 36565,-5547 36565,-5545 36570,-5542 36565,-5543 36566,-5543 36568,-5543 36570,-5540 36575,-5537 36577,-5535 36581,-5532 36580,-5528 36575,-5526 38575,-5526 38576,-5526 38571,-5522 38571,-5518 38576,-5514 42576,-5510 42581,-5512 42583,-5512 42582,-5507 42582,-5510 42585,-2510 42589,-2511 42592,-2508 42594,-2506 42597,-2503 42598,-2503 42603,-2498 42608,-2501 42611,-2500 42616,-2502 42613,-2502 42616,-4502 42616,-4502 42620,-4502 42622,-4506 42619,-4509 42621,-4511 42624,-4515 42625,-4510 42625,-4507 42628,-4502 42624,-4501 42629,-4505 45629,-4503 45630,-4499 45631,-4496 45630,-4497 45628,-4495 45630,-4494 46630,-4491 46634,-4487 46629,-4483 46631,21336 40532,21341 40533,21346 40534,21346 40536,21345 40536,21346 40536,21345 40536,21344 40538,21347 40543,21348 40543,21351 40540,21351 40542,21348 40545,21351 40546,21352 40546,21353 40546,21358 40546,21359 40545,21359 40550,21357 40555,21362 40560,21364 40555,21363 40555,21364 40560,25364 40564,25365 40566,25368 40566,25371 45566,25372 45567,25372 45562,25376 45564,25381 42564,25385 42560,25389 42564,25389 42568,25393 42572,25390 42572,28390 42569,28389 42570,28385 42574,28386 42576,28389 42577,31389 42578,31385 42582,31387 42582,31390 42578,31391 42579,31392 42576,29392 42580,29396 42582,29398 43582,29402 43584,29406 43585,29407 43587,29411 43592,29413 43594,29414 43595,25414 43600,25412 43595,25415 43599,25420 43602,25418 43604,25423 43599,25426 43599,25429 43602,25434 42602,25429 42604,25432 42600,25435 42605,25436 47605,25440 50605,25441 50610,25439 50614,25444 50617,25447 50621,25444 50624,25444 50626,25445 50627,25450 50632,25450 50628,25451 50630,25451 50632,25454 50633,25458 50637,25462 50641,25463 50640,25463 51640,25467 51644,25469 51649,25473 51650,25474 51653,25475 51654,26475 51658,26475 51662,26474 51665,26476 51665,26481 51661,26483 55661,26485 55664,30485 55667,30485 55670,30489 55671,30489 55668,30491 55670,30492 55670,30493 55675,30497 55675,30501 55671,30503 55676,30500 55677,30498 55672,30494 55675,30499 55676,30500 55676,30505 55681,30501 55684,30496 55685,30500 55685,30502 55687,30506 55692,30507 55693,30506 55692,30511 55693,30516 55694,30514 55699,30514 55701,30512 55701,34512 55705,34516 55708,34520 55704,34518 56704,34519 56704,34520 56706,34517 56706,34515 56701,34519 59701,34522 59706,34522 59708,34522 59713,34526 59715,34528 59717,34533 59712,34538 59715,34538 59717,34541 59717,34546 59720,34548 59721,34552 63721,34547 63726,34549 63728,34554 63726,34556 63726,34557 63721,34556 63725,34561 63730,34558 63730,37558 63725,37561 63729,37565 63724,37569 63720,37573 63718,37578 63722,37577 63718,37579 63720,37579 63722,37580 63719,37580 63720,37579 63724,37574 63725,37574 63727,37576 63725,37581 63729,37583 63732,37586 63732,37590 63737,37592 63734,37597 63731,37600 63730,37596 63731,37596 63733,37600 63733,37601 63735,37596 63735,37591 63732,37596 63733,37601 63738,37602 63733,37599 63738,37594 63740,37598 63744,37603 63745,37605 63747,37607 63752,37607 63756,37603 63757,37603 63761,37604 63761,37608 63758,37609 63762,37604 63764,37604 63764,41604 63765,41600 63761,41599 63761,41600 63766,41596 63766,41599 63766,41601 63770,41604 63768,41608 63768,41611 63772,41614 63767,41609 63763,41612 63765,41615 63760,38615 63764,38615 63768,38618 63768,35618 63769,35618 63774,35617 63775,35618 63776,35613 63775,35615 63780,35612 63782,35613 63779,35614 63775,35618 63774,35619 63776,35624 63778,35624 63780,35629 63785,35629 63780,35626 63781,35624 63782,35629 63784,35634 63787,35638 63782,35634 63783,35634 63778,35633 63777,35638 63782,35641 63786,35644 63791,35648 63793,35647 63793,35649 63797,35653 63801,35654 63804,35654 63804,35656 63804,35655 63806,35658 63810,35658 63805,35662 63805,35657 67805,35658 67808,35660 67811,35664 67808,35660 67803,35658 67803,35661 67803,35663 67808,35666 67810,35670 67814,35669 67813,35669 67816,37669 67820,37664 67820,2275 13363,2278 16363,2274 16363,2275 16362,2279 16362,2282 16362,2287 16366,2284 16366,4284 16366,4286 16371,4290 16375,4294 18375,4295 18377,9295 18381,9296 18381,9299 18382,9303 18379,9305 19379,9308 19375,8308 19380,8312 19380,38746 37651,38749 37652,38754 37653,38757 37656,38753 37661,38753 37661,38758 37663,38763 37664,38763 42664,38768 42666,38765 42668,38770 42664,38767 42659,38768 42659,38773 42654,38771 42659,38775 42661,41775 42663,41778 42665,41781 42669,41782 42667,41779 42669,41784 42672,41781 42672,41783 42672,41780 42672,41783 42675,41784 42675,41788 42676,41792 42677,41792 42675,41793 42680,41793 42676,41796 42681,41801 42685,41804 42684,41806 42685,41804 42690,41802 42692,41805 42696,41800 42697,41802 42698,41804 42700,41809 42704,41813 42705,36813 42708,36813 42704,36810 42703,36811 42705,40811 42706,40815 46706,40816 46708,40820 46708,40818 46712,40822 46717,40825 46720,40829 46724,40827 46727,40831 46727,40833 46731,40829 46733,40830 46733,36830 46738,36830 46741,36834 46744,36831 46749,36826 46748,36822 46748,36824 46751,36819 46755,36823 46758,36823 46762,36824 46766,36822 46769,36826 46772,36831 46774,36828 42774,36833 42776,36833 42777,36838 42782)')));
@@ -86,13 +86,13 @@ SPATIAL KEY (g3),
 SPATIAL KEY (g4),
 SPATIAL KEY (g5),
 SPATIAL KEY (g6)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 DROP TABLE t1,t2;
 CREATE TABLE t1 (
 p	INT NOT NULL AUTO_INCREMENT,
 g	LINESTRING NOT NULL,
 PRIMARY KEY(p)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 ALTER TABLE t1 ADD SPATIAL INDEX spatial_idx (g);
 ALTER TABLE t1 ADD INDEX prefix_idx (g(767));
 INSERT INTO t1(g) VALUES(ST_linefromtext('linestring(-5 -576,0 -576,0 -571,0 -571,5 -568,6 -564,6 -565,6 -563)'));
@@ -131,6 +131,6 @@ SPATIAL KEY (g3),
 SPATIAL KEY (g4),
 SPATIAL KEY (g5),
 SPATIAL KEY (g6)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 DROP TABLE t1,t2;
 disconnect control_purge;
diff --git a/mysql-test/suite/innodb_gis/t/rtree_add_index.test b/mysql-test/suite/innodb_gis/t/rtree_add_index.test
index 81755124..a11f1783 100644
--- a/mysql-test/suite/innodb_gis/t/rtree_add_index.test
+++ b/mysql-test/suite/innodb_gis/t/rtree_add_index.test
@@ -1,6 +1,6 @@
 --source include/have_innodb.inc
 
-CREATE TABLE t1 (g MULTIPOINT NOT NULL) ENGINE=InnoDB;
+CREATE TABLE t1 (g MULTIPOINT NOT NULL) ENGINE=InnoDB STATS_PERSISTENT=0;
 INSERT INTO t1 VALUES ('');
 
 connect purge_control,localhost,root;
diff --git a/mysql-test/suite/innodb_gis/t/rtree_compress.test b/mysql-test/suite/innodb_gis/t/rtree_compress.test
index e667ec8e..56690b88 100644
--- a/mysql-test/suite/innodb_gis/t/rtree_compress.test
+++ b/mysql-test/suite/innodb_gis/t/rtree_compress.test
@@ -10,9 +10,11 @@
 # Valgrind takes too much time on PB2 even in the --big-test runs.
 --source include/not_valgrind.inc
 
-create table t1 (c1 int, c2 geometry not null, spatial index (c2))engine=innodb ROW_FORMAT=COMPRESSED;
+create table t1 (c1 int, c2 geometry not null, spatial index (c2))engine=innodb ROW_FORMAT=COMPRESSED STATS_PERSISTENT=0;
 
 # Insert enough values to let R-tree split.
+lock tables t1 write;
+start transaction;
 insert into t1 values(1, Point(1,1));
 insert into t1 values(2, Point(2,2));
 insert into t1 values(3, Point(3,3));
@@ -33,6 +35,8 @@ insert into t1 select * from t1;
 insert into t1 select * from t1;
 insert into t1 select * from t1;
 insert into t1 select * from t1;
+commit;
+unlock tables;
 start transaction;
 insert into t1 select * from t1;
 select count(*) from t1;
diff --git a/mysql-test/suite/innodb_gis/t/rtree_create_inplace.opt b/mysql-test/suite/innodb_gis/t/rtree_create_inplace.opt
new file mode 100644
index 00000000..c3f4a891
--- /dev/null
+++ b/mysql-test/suite/innodb_gis/t/rtree_create_inplace.opt
@@ -0,0 +1 @@
+--innodb_sort_buffer_size=64k
diff --git a/mysql-test/suite/innodb_gis/t/rtree_create_inplace.test b/mysql-test/suite/innodb_gis/t/rtree_create_inplace.test
index ef3f0171..73469368 100644
--- a/mysql-test/suite/innodb_gis/t/rtree_create_inplace.test
+++ b/mysql-test/suite/innodb_gis/t/rtree_create_inplace.test
@@ -2,32 +2,27 @@
 
 --source include/have_innodb.inc
 --source include/have_debug.inc
+--source include/have_sequence.inc
 --source include/no_valgrind_without_big.inc
 
 # Create table with geometry column
 CREATE TABLE t1 (c1 INT, c2 GEOMETRY NOT NULL, c3 GEOMETRY NOT NULL) ENGINE=INNODB;
+CREATE TEMPORARY TABLE t LIKE t1;
 
 # Insert enough values
-INSERT INTO t1 VALUES(1, Point(1,1), ST_GeomFromText('POLYGON (( 0 -1, 0  1, 2  1, 2 -1, 0 -1))'));
-INSERT INTO t1 VALUES(2, Point(2,2), ST_GeomFromText('POLYGON (( 0 -3, 0 -1, 2 -1, 2 -3, 0 -3))'));
-INSERT INTO t1 VALUES(3, Point(3,3), ST_GeomFromText('POLYGON (( 1 0, 1 2, 3 2, 3 0, 1 0))'));
-INSERT INTO t1 VALUES(4, Point(4,4), ST_GeomFromText('POLYGON (( -3 0, -3 2, -1 2, -1 0, -3 0))'));
-INSERT INTO t1 VALUES(5, Point(5,5), ST_GeomFromText('POLYGON (( 0 0, 0 1, 1 1, 1 0, 0 0))'));
-INSERT INTO t1 VALUES(6, Point(6,6), ST_GeomFromText('POLYGON (( 2 0, 2 2, 4 2, 4 0, 2 0))'));
-INSERT INTO t1 VALUES(7, Point(7,7), ST_GeomFromText('POLYGON (( 0 3, 0 5, 2 5, 2 3, 0 3))'));
-INSERT INTO t1 VALUES(8, Point(8,8), ST_GeomFromText('POLYGON (( 0 1, 0 3, 2 3, 2 1, 0 1))'));
-INSERT INTO t1 VALUES(9, Point(9,9), ST_GeomFromText('POLYGON (( 0 0, 0 3, 3 3, 3 0, 0 0))'));
-
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
-INSERT INTO t1 SELECT * FROM t1;
+INSERT INTO t VALUES
+(1, Point(1,1), ST_GeomFromText('POLYGON (( 0 -1, 0  1, 2  1, 2 -1, 0 -1))')),
+(2, Point(2,2), ST_GeomFromText('POLYGON (( 0 -3, 0 -1, 2 -1, 2 -3, 0 -3))')),
+(3, Point(3,3), ST_GeomFromText('POLYGON (( 1 0, 1 2, 3 2, 3 0, 1 0))')),
+(4, Point(4,4), ST_GeomFromText('POLYGON (( -3 0, -3 2, -1 2, -1 0, -3 0))')),
+(5, Point(5,5), ST_GeomFromText('POLYGON (( 0 0, 0 1, 1 1, 1 0, 0 0))')),
+(6, Point(6,6), ST_GeomFromText('POLYGON (( 2 0, 2 2, 4 2, 4 0, 2 0))')),
+(7, Point(7,7), ST_GeomFromText('POLYGON (( 0 3, 0 5, 2 5, 2 3, 0 3))')),
+(8, Point(8,8), ST_GeomFromText('POLYGON (( 0 1, 0 3, 2 3, 2 1, 0 1))')),
+(9, Point(9,9), ST_GeomFromText('POLYGON (( 0 0, 0 3, 3 3, 3 0, 0 0))'));
+
+INSERT INTO t1 SELECT t.* FROM t, seq_1_to_512;
+DROP TEMPORARY TABLE t;
 
 # create spatial index
 CREATE SPATIAL INDEX idx ON t1(c2);
@@ -42,8 +37,9 @@ SELECT COUNT(*) FROM t1 WHERE MBRWithin(t1.c2, @g1);
 
 ALTER TABLE t1 DROP INDEX idx, ADD SPATIAL INDEX idx3(c2);
 
-SET SESSION debug="+d,row_merge_instrument_log_check_flush";
+SET debug_dbug='+d,row_merge_instrument_log_check_flush';
 ALTER TABLE t1  DROP INDEX idx3, ADD SPATIAL INDEX idx4(c2), ADD SPATIAL INDEX idx5(c3);
+ALTER TABLE t1 FORCE;
 
 # Clean up.
 DROP TABLE t1;
diff --git a/mysql-test/suite/innodb_gis/t/rtree_purge.test b/mysql-test/suite/innodb_gis/t/rtree_purge.test
index cab86aa6..194c8a23 100644
--- a/mysql-test/suite/innodb_gis/t/rtree_purge.test
+++ b/mysql-test/suite/innodb_gis/t/rtree_purge.test
@@ -8,7 +8,7 @@
 
 create table t (
   b point not null,d point not null, spatial key (d),spatial key (b)
-) engine=innodb;
+) engine=innodb stats_persistent=0;
 
 --disable_query_log
 set @p=point(1,1);
diff --git a/mysql-test/suite/innodb_gis/t/rtree_undo.test b/mysql-test/suite/innodb_gis/t/rtree_undo.test
index 962ff780..9126b96d 100644
--- a/mysql-test/suite/innodb_gis/t/rtree_undo.test
+++ b/mysql-test/suite/innodb_gis/t/rtree_undo.test
@@ -17,7 +17,7 @@ CREATE TABLE t1 (
   p	INT NOT NULL AUTO_INCREMENT,
   g	LINESTRING NOT NULL,
   PRIMARY KEY(p)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 
 if ($index == 3) {
   eval ALTER TABLE t1 ADD INDEX prefix_idx (g($prefix_size));
@@ -88,7 +88,7 @@ CREATE TABLE t2 (
   SPATIAL KEY (g4),
   SPATIAL KEY (g5),
   SPATIAL KEY (g6)
-) ENGINE=InnoDB;
+) ENGINE=InnoDB STATS_PERSISTENT=0;
 
 DROP TABLE t1,t2;
 
diff --git a/mysql-test/suite/innodb_zip/include/innodb_dml_ops.inc b/mysql-test/suite/innodb_zip/include/innodb_dml_ops.inc
deleted file mode 100644
index 4908dfb6..00000000
--- a/mysql-test/suite/innodb_zip/include/innodb_dml_ops.inc
+++ /dev/null
@@ -1,82 +0,0 @@
-delimiter |;
-create procedure populate_t1()
-begin
-	declare i int default 1;
-	while (i <= 200) do
-		insert into t1 values (i, 'a', 'b');
-		set i = i + 1;
-	end while;
-end|
-create procedure populate_t1_small()
-begin
-	declare i int default 1;
-	while (i <= 20) do
-		insert into t1 values (i, 'c', 'd');
-		set i = i + 1;
-	end while;
-end|
-create procedure populate_t1_small2()
-begin
-	declare i int default 30;
-	while (i <= 50) do
-		insert into t1 values (i, 'e', 'f');
-		set i = i + 1;
-	end while;
-end|
-delimiter ;|
-#
-begin;
-select count(*) from t1;
-call populate_t1();
-select count(*) from t1;
-select * from t1 limit 10;
-rollback;
-select count(*) from t1;
-#
-begin;
-call populate_t1();
-select count(*) from t1;
-commit;
-select count(*) from t1;
-#
-truncate table t1;
-select count(*) from t1;
-#
-call populate_t1_small();
-select count(*) from t1;
-rollback;
-select count(*) from t1;
-truncate table t1;
-#
-call populate_t1();
-select count(*) from t1;
-delete from t1 where keyc <= 60;
-select count(*) from t1;
-call populate_t1_small();
-select count(*) from t1;
-select * from t1 limit 10;
-begin;
-call populate_t1_small2();
-select count(*) from t1;
-select * from t1 where keyc > 30 limit 10;
-rollback;
-select count(*) from t1;
-select * from t1 where keyc > 30 limit 10;
-#
-update t1 set keyc = keyc + 2000;
-select * from t1 limit 10;
-rollback;
-begin;
-update t1 set keyc = keyc + 2000;
-select * from t1 limit 10;
-rollback;
-select * from t1 limit 10;
-commit;
-select * from t1 limit 10;
-#
-insert into t2 select * from t1 where keyc < 2101;
-select count(*) from t2;
-#
-drop procedure populate_t1;
-drop procedure populate_t1_small;
-drop procedure populate_t1_small2;
diff --git a/mysql-test/suite/innodb_zip/r/blob.result b/mysql-test/suite/innodb_zip/r/blob.result
index df3a49ed..5671e81a 100644
--- a/mysql-test/suite/innodb_zip/r/blob.result
+++ b/mysql-test/suite/innodb_zip/r/blob.result
@@ -3,7 +3,7 @@
 # failed in mtr_t::write(), btr_free_externally_stored_field()
 #
 CREATE TABLE t1 (c TEXT, f2 INT PRIMARY KEY, f3 INT UNIQUE)
-ENGINE=InnoDB ROW_FORMAT=COMPRESSED KEY_BLOCK_SIZE=4;
+ENGINE=InnoDB STATS_PERSISTENT=0 ROW_FORMAT=COMPRESSED KEY_BLOCK_SIZE=4;
 SET @level= @@GLOBAL.innodb_compression_level;
 SET GLOBAL innodb_compression_level=0;
 connect  prevent_purge,localhost,root;
diff --git a/mysql-test/suite/innodb_zip/r/innochecksum_3.result b/mysql-test/suite/innodb_zip/r/innochecksum_3.result
index 03a31194..04d2fcaa 100644
--- a/mysql-test/suite/innodb_zip/r/innochecksum_3.result
+++ b/mysql-test/suite/innodb_zip/r/innochecksum_3.result
@@ -120,7 +120,6 @@ Filename::tab#.ibd
 #::#		|		Index page			|	index id=#, page level=#, No. of records=#, garbage=#, -
 #::#		|		Index page			|	index id=#, page level=#, No. of records=#, garbage=#, -
 #::#		|		Freshly allocated page		|	-
-#::#		|		Freshly allocated page		|	-
 # Variables used by page type dump for ibdata1
 
 Variables (--variable-name=value)
@@ -154,7 +153,6 @@ Filename::tab#.ibd
 #::#		|		Index page			|	index id=#, page level=#, No. of records=#, garbage=#, -
 #::#		|		Index page			|	index id=#, page level=#, No. of records=#, garbage=#, -
 #::#		|		Freshly allocated page		|	-
-#::#		|		Freshly allocated page		|	-
 [6]: check the valid lower bound values for option
 # allow-mismatches,page,start-page,end-page
 [9]: check the both short and long options "page" and "start-page" when
diff --git a/mysql-test/suite/innodb_zip/r/restart.result b/mysql-test/suite/innodb_zip/r/restart.result
index eb1bfe67..8bd3f73f 100644
--- a/mysql-test/suite/innodb_zip/r/restart.result
+++ b/mysql-test/suite/innodb_zip/r/restart.result
@@ -527,15 +527,6 @@ Variable_name	Value
 innodb_file_per_table	ON
 === information_schema.innodb_sys_tablespaces and innodb_sys_datafiles ===
 Space_Name	Page_Size	Zip_Size	Path
-test/t4_restart	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t4_restart.ibd
-test/t6_restart#p#p0	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t6_restart#p#p0.ibd
-test/t6_restart#p#p1	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t6_restart#p#p1.ibd
-test/t7_restart#p#p0#sp#s0	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t7_restart#p#p0#sp#s0.ibd
-test/t7_restart#p#p0#sp#s1	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t7_restart#p#p0#sp#s1.ibd
-test/t5_restart	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t5_restart.ibd
-test/t6_restart#p#p2	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t6_restart#p#p2.ibd
-test/t7_restart#p#p1#sp#s2	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t7_restart#p#p1#sp#s2.ibd
-test/t7_restart#p#p1#sp#s3	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t7_restart#p#p1#sp#s3.ibd
 innodb_temporary	DEFAULT	DEFAULT	MYSQLD_DATADIR/ibtmp1
 SELECT count(*) FROM t5_restart;
 count(*)
@@ -629,7 +620,6 @@ RENAME TABLE t6_restart TO t66_restart;
 RENAME TABLE t7_restart TO t77_restart;
 === information_schema.innodb_sys_tablespaces and innodb_sys_datafiles ===
 Space_Name	Page_Size	Zip_Size	Path
-test/t4_restart	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t4_restart.ibd
 test/t66_restart#p#p0	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t66_restart#p#p0.ibd
 test/t66_restart#p#p1	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t66_restart#p#p1.ibd
 test/t77_restart#p#p0#sp#s0	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t77_restart#p#p0#sp#s0.ibd
@@ -728,15 +718,6 @@ Variable_name	Value
 innodb_file_per_table	ON
 === information_schema.innodb_sys_tablespaces and innodb_sys_datafiles ===
 Space_Name	Page_Size	Zip_Size	Path
-test/t4_restart	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t4_restart.ibd
-test/t66_restart#p#p0	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t66_restart#p#p0.ibd
-test/t66_restart#p#p1	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t66_restart#p#p1.ibd
-test/t77_restart#p#p0#sp#s0	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t77_restart#p#p0#sp#s0.ibd
-test/t77_restart#p#p0#sp#s1	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t77_restart#p#p0#sp#s1.ibd
-test/t55_restart	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t55_restart.ibd
-test/t66_restart#p#p2	DEFAULT	2048	MYSQL_TMP_DIR/alt_dir/test/t66_restart#p#p2.ibd
-test/t77_restart#p#p1#sp#s2	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t77_restart#p#p1#sp#s2.ibd
-test/t77_restart#p#p1#sp#s3	DEFAULT	DEFAULT	MYSQL_TMP_DIR/alt_dir/test/t77_restart#p#p1#sp#s3.ibd
 innodb_temporary	DEFAULT	DEFAULT	MYSQLD_DATADIR/ibtmp1
 INSERT INTO t55_restart (SELECT 0, c2, c3, c4, c5 FROM t55_restart);
 SELECT count(*) FROM t55_restart;
@@ -863,15 +844,6 @@ t77_restart#p#p1#sp#s3.ibd
 # restart
 === information_schema.innodb_sys_tablespaces and innodb_sys_datafiles ===
 Space_Name	Page_Size	Zip_Size	Path
-test/t4_restart	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t4_restart.ibd
-test/t66_restart#p#p0	DEFAULT	2048	MYSQL_TMP_DIR/new_dir/test/t66_restart#p#p0.ibd
-test/t66_restart#p#p1	DEFAULT	2048	MYSQL_TMP_DIR/new_dir/test/t66_restart#p#p1.ibd
-test/t77_restart#p#p0#sp#s0	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t77_restart#p#p0#sp#s0.ibd
-test/t77_restart#p#p0#sp#s1	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t77_restart#p#p0#sp#s1.ibd
-test/t55_restart	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t55_restart.ibd
-test/t66_restart#p#p2	DEFAULT	2048	MYSQL_TMP_DIR/new_dir/test/t66_restart#p#p2.ibd
-test/t77_restart#p#p1#sp#s2	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t77_restart#p#p1#sp#s2.ibd
-test/t77_restart#p#p1#sp#s3	DEFAULT	DEFAULT	MYSQL_TMP_DIR/new_dir/test/t77_restart#p#p1#sp#s3.ibd
 innodb_temporary	DEFAULT	DEFAULT	MYSQLD_DATADIR/ibtmp1
 INSERT INTO t4_restart (SELECT 0, c2, c3, c4, c5 FROM t4_restart);
 SELECT count(*) FROM t4_restart;
@@ -1002,15 +974,6 @@ t77_restart.par
 # restart
 === information_schema.innodb_sys_tablespaces and innodb_sys_datafiles ===
 Space_Name	Page_Size	Zip_Size	Path
-test/t4_restart	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t4_restart.ibd
-test/t66_restart#p#p0	DEFAULT	2048	MYSQLD_DATADIR/test/t66_restart#p#p0.ibd
-test/t66_restart#p#p1	DEFAULT	2048	MYSQLD_DATADIR/test/t66_restart#p#p1.ibd
-test/t77_restart#p#p0#sp#s0	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t77_restart#p#p0#sp#s0.ibd
-test/t77_restart#p#p0#sp#s1	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t77_restart#p#p0#sp#s1.ibd
-test/t55_restart	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t55_restart.ibd
-test/t66_restart#p#p2	DEFAULT	2048	MYSQLD_DATADIR/test/t66_restart#p#p2.ibd
-test/t77_restart#p#p1#sp#s2	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t77_restart#p#p1#sp#s2.ibd
-test/t77_restart#p#p1#sp#s3	DEFAULT	DEFAULT	MYSQLD_DATADIR/test/t77_restart#p#p1#sp#s3.ibd
 innodb_temporary	DEFAULT	DEFAULT	MYSQLD_DATADIR/ibtmp1
 INSERT INTO t4_restart (SELECT 0, c2, c3, c4, c5 FROM t4_restart);
 SELECT count(*) FROM t4_restart;
diff --git a/mysql-test/suite/innodb_zip/t/blob.test b/mysql-test/suite/innodb_zip/t/blob.test
index 4f9117f7..461b451f 100644
--- a/mysql-test/suite/innodb_zip/t/blob.test
+++ b/mysql-test/suite/innodb_zip/t/blob.test
@@ -6,7 +6,7 @@
 --echo #
 
 CREATE TABLE t1 (c TEXT, f2 INT PRIMARY KEY, f3 INT UNIQUE)
-ENGINE=InnoDB ROW_FORMAT=COMPRESSED KEY_BLOCK_SIZE=4;
+ENGINE=InnoDB STATS_PERSISTENT=0 ROW_FORMAT=COMPRESSED KEY_BLOCK_SIZE=4;
 
 SET @level= @@GLOBAL.innodb_compression_level;
 SET GLOBAL innodb_compression_level=0;
diff --git a/mysql-test/suite/innodb_zip/t/restart.opt b/mysql-test/suite/innodb_zip/t/restart.opt
index d7564300..03fb84e9 100644
--- a/mysql-test/suite/innodb_zip/t/restart.opt
+++ b/mysql-test/suite/innodb_zip/t/restart.opt
@@ -1,2 +1,5 @@
---loose-innodb-sys-tables
---loose-innodb-sys-tablespaces
+--innodb-sys-tables
+--innodb-sys-tablespaces
+--skip-innodb-stats-persistent
+--skip-innodb-buffer-pool-dump-at-shutdown
+--skip-innodb-fast-shutdown
diff --git a/mysql-test/suite/mariabackup/backup_grants.result b/mysql-test/suite/mariabackup/backup_grants.result
index 56899f8d..6bd6c9f4 100644
--- a/mysql-test/suite/mariabackup/backup_grants.result
+++ b/mysql-test/suite/mariabackup/backup_grants.result
@@ -3,12 +3,13 @@ FOUND 1 /missing required privilege RELOAD/ in backup.log
 FOUND 1 /missing required privilege PROCESS/ in backup.log
 FOUND 1 /GRANT USAGE ON/ in backup.log
 GRANT RELOAD, PROCESS on *.* to backup@localhost;
-NOT FOUND /missing required privilege REPLICA MONITOR/ in backup.log
+FOUND 1 /missing required privilege REPLICA MONITOR/ in backup.log
 GRANT REPLICA MONITOR ON *.* TO backup@localhost;
 REVOKE REPLICA MONITOR ON *.* FROM backup@localhost;
+FOUND 1 /missing required privilege CONNECTION ADMIN/ in backup.log
 GRANT CONNECTION ADMIN ON *.* TO backup@localhost;
 FOUND 1 /missing required privilege REPLICATION SLAVE ADMIN/ in backup.log
-NOT FOUND /missing required privilege REPLICA MONITOR/ in backup.log
+FOUND 1 /missing required privilege REPLICA MONITOR/ in backup.log
 GRANT REPLICATION SLAVE ADMIN ON *.* TO backup@localhost;
 GRANT REPLICA MONITOR ON *.* TO backup@localhost;
 DROP USER backup@localhost;
diff --git a/mysql-test/suite/mariabackup/backup_grants.test b/mysql-test/suite/mariabackup/backup_grants.test
index 894ae73a..18db3489 100644
--- a/mysql-test/suite/mariabackup/backup_grants.test
+++ b/mysql-test/suite/mariabackup/backup_grants.test
@@ -10,7 +10,7 @@ rmdir $targetdir;
 # backup fails without --no-lock, because of FTWRL
 --disable_result_log
 error 1;
-exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log;
+exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
 --enable_result_log
 
 let SEARCH_FILE=$MYSQLTEST_VARDIR/tmp/backup.log;
@@ -31,7 +31,7 @@ rmdir $targetdir;
 # --slave-info and galera info require REPLICA MONITOR
 --disable_result_log
 error 1;
-exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --slave-info  --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log;
+exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --slave-info  --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
 --enable_result_log
 rmdir $targetdir;
 
@@ -47,16 +47,15 @@ REVOKE REPLICA MONITOR ON *.* FROM backup@localhost;
 
 # TODO need a query that would delay a BACKUP STAGE START/ BACKUP STAGE BLOCK_COMMIT longer than the kill-long-queries-timeout
 #--send SELECT SLEEP(9) kill_me
-## kill-long-query-type=(not empty) requires CONNECTION ADMIN
-#--disable_result_log
-#error 1;
-#--exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup  --kill-long-query-type=all --kill-long-queries-timeout=4 --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log;
-#--reap
-#--enable_result_log
-#rmdir $targetdir;
-#
-#--let SEARCH_PATTERN=  missing required privilege CONNECTION ADMIN
-#--source include/search_pattern_in_file.inc
+
+# kill-long-query-type=(not empty) requires CONNECTION ADMIN
+--disable_result_log
+--exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup -ubackup --kill-long-query-type=ALL --kill-long-queries-timeout=4 --target-dir=$targetdir > $MYSQLTEST_VARDIR/tmp/backup.log 2>&1;
+--enable_result_log
+rmdir $targetdir;
+
+--let SEARCH_PATTERN= missing required privilege CONNECTION ADMIN
+--source include/search_pattern_in_file.inc
 
 GRANT CONNECTION ADMIN ON *.* TO backup@localhost;
 --disable_result_log
diff --git a/mysql-test/suite/mariabackup/full_backup.result b/mysql-test/suite/mariabackup/full_backup.result
index 1d0dffd5..71525c22 100644
--- a/mysql-test/suite/mariabackup/full_backup.result
+++ b/mysql-test/suite/mariabackup/full_backup.result
@@ -18,6 +18,12 @@ DROP TABLE t;
 #
 call mtr.add_suppression("InnoDB: innodb_undo_tablespaces=0 disables dedicated undo log tablespaces");
 call mtr.add_suppression("InnoDB: Cannot change innodb_undo_tablespaces=0 because previous shutdown was not with innodb_fast_shutdown=0");
+call mtr.add_suppression("Found 1 prepared XA transactions");
+CREATE TABLE t(f1 INT NOT NULL)ENGINE=InnoDB;
+XA START 'zombie';
+INSERT INTO t VALUES(1);
+XA END 'zombie';
+XA PREPARE 'zombie';
 # restart: --innodb_undo_tablespaces=0
 # xtrabackup backup
 # xtrabackup prepare
@@ -28,3 +34,5 @@ call mtr.add_suppression("InnoDB: Cannot change innodb_undo_tablespaces=0 becaus
 # Display undo log files from target directory
 undo001
 undo002
+XA COMMIT 'zombie';
+DROP TABLE t;
diff --git a/mysql-test/suite/mariabackup/full_backup.test b/mysql-test/suite/mariabackup/full_backup.test
index fb043f63..c6a21112 100644
--- a/mysql-test/suite/mariabackup/full_backup.test
+++ b/mysql-test/suite/mariabackup/full_backup.test
@@ -35,6 +35,13 @@ rmdir $targetdir;
 --echo #
 call mtr.add_suppression("InnoDB: innodb_undo_tablespaces=0 disables dedicated undo log tablespaces");
 call mtr.add_suppression("InnoDB: Cannot change innodb_undo_tablespaces=0 because previous shutdown was not with innodb_fast_shutdown=0");
+call mtr.add_suppression("Found 1 prepared XA transactions");
+
+CREATE TABLE t(f1 INT NOT NULL)ENGINE=InnoDB;
+XA START 'zombie';
+INSERT INTO t VALUES(1);
+XA END 'zombie';
+XA PREPARE 'zombie';
 
 let $restart_parameters=--innodb_undo_tablespaces=0;
 --source include/restart_mysqld.inc
@@ -53,4 +60,6 @@ exec $XTRABACKUP  --prepare --target-dir=$targetdir;
 --echo # Display undo log files from target directory
 list_files $targetdir undo*;
 
+XA COMMIT 'zombie';
+DROP TABLE t;
 rmdir $targetdir;
diff --git a/mysql-test/suite/mariabackup/huge_lsn,strict_crc32.rdiff b/mysql-test/suite/mariabackup/huge_lsn,strict_crc32.rdiff
index 29afd468..9ed08fcd 100644
--- a/mysql-test/suite/mariabackup/huge_lsn,strict_crc32.rdiff
+++ b/mysql-test/suite/mariabackup/huge_lsn,strict_crc32.rdiff
@@ -1,3 +1,5 @@
+--- suite/mariabackup/huge_lsn.result
++++ suite/mariabackup/huge_lsn.reject
 @@ -1,8 +1,8 @@
  #
  # MDEV-13416 mariabackup fails with EFAULT "Bad Address"
diff --git a/mysql-test/suite/mariabackup/slave_provision_nolock.cnf b/mysql-test/suite/mariabackup/slave_provision_nolock.cnf
new file mode 100644
index 00000000..0e0bbd63
--- /dev/null
+++ b/mysql-test/suite/mariabackup/slave_provision_nolock.cnf
@@ -0,0 +1,13 @@
+[mysqld.1]
+log-slave-updates
+loose-innodb
+
+[mysqld.2]
+log-slave-updates
+loose-innodb
+
+[ENV]
+SERVER_MYPORT_1=		@mysqld.1.port
+SERVER_MYSOCK_1=		@mysqld.1.socket
+SERVER_MYPORT_2=		@mysqld.2.port
+SERVER_MYSOCK_2=		@mysqld.2.socket
diff --git a/mysql-test/suite/mariabackup/slave_provision_nolock.result b/mysql-test/suite/mariabackup/slave_provision_nolock.result
new file mode 100644
index 00000000..445a9801
--- /dev/null
+++ b/mysql-test/suite/mariabackup/slave_provision_nolock.result
@@ -0,0 +1,48 @@
+call mtr.add_suppression("Can't init tc log");
+call mtr.add_suppression("Aborting");
+# restart
+RESET MASTER;
+CREATE TABLE t1(a varchar(60) PRIMARY KEY, b VARCHAR(60)) ENGINE INNODB;
+INSERT INTO t1 VALUES(1, NULL);
+CREATE TABLE t2 (val INT) ENGINE=InnoDB;
+INSERT INTO t2 VALUES (0);
+connect  con1,localhost,root,,;
+*** Start a background load...
+CALL gen_load();
+connection default;
+*** Doing backup...
+*** Doing prepare...
+*** Stop the background load...
+UPDATE t2 SET val=1;
+connection con1;
+connection default;
+disconnect con1;
+*** Provision a new slave from the backup
+connect  server2,127.0.0.1,root,,,$SERVER_MYPORT_2;
+*** Stopping provisioned server
+*** Removing old datadir for provisioned server
+*** Provision new server from backup
+# restart
+*** Configure slave position from xtrabackup_binlog_pos_innodb
+CREATE TABLE t3 (file VARCHAR(255), pos INT) ENGINE=InnoDB;
+LOAD DATA LOCAL INFILE "BASEDIR/xtrabackup_binlog_pos_innodb"
+     INTO TABLE t3 FIELDS ESCAPED BY '' (file, pos);
+CHANGE MASTER TO
+master_port=PORT, master_host='127.0.0.1', master_user='root',
+master_log_file= "MASTER_FILE",
+master_log_pos= MASTER_POS;
+Warnings:
+Note	4190	CHANGE MASTER TO is implicitly changing the value of 'Using_Gtid' from 'Slave_Pos' to 'No'
+START SLAVE;
+connection default;
+connection server2;
+connection server2;
+STOP SLAVE;
+RESET SLAVE ALL;
+Warnings:
+Note	4190	RESET SLAVE is implicitly changing the value of 'Using_Gtid' from 'No' to 'Slave_Pos'
+DROP PROCEDURE gen_load;
+DROP TABLE t1, t2, t3;
+connection default;
+DROP PROCEDURE gen_load;
+DROP TABLE t1, t2;
diff --git a/mysql-test/suite/mariabackup/slave_provision_nolock.test b/mysql-test/suite/mariabackup/slave_provision_nolock.test
new file mode 100644
index 00000000..618f3132
--- /dev/null
+++ b/mysql-test/suite/mariabackup/slave_provision_nolock.test
@@ -0,0 +1,170 @@
+--source include/have_innodb.inc
+--source include/have_log_bin.inc
+
+call mtr.add_suppression("Can't init tc log");
+call mtr.add_suppression("Aborting");
+
+# Test provisioning a slave from an existing server, using mariabackup --no-lock
+# and the binlog position recovered from InnoDB redo log.
+
+# Update the InnoDB system tablespace to simulate a pre-10.3.5
+# position in TRX_SYS. There was a bug that the wrong position could
+# be recovered if the old filename in TRX_SYS compares newer than the
+# newer filenames stored in rseg headers.
+let MYSQLD_DATADIR=`select @@datadir`;
+let INNODB_PAGE_SIZE=`select @@innodb_page_size`;
+
+--source include/shutdown_mysqld.inc
+
+--perl
+use strict;
+use warnings;
+use Fcntl qw(:DEFAULT :seek);
+do "$ENV{MTR_SUITE_DIR}/../innodb/include/crc32.pl";
+do "$ENV{MTR_SUITE_DIR}/../innodb/include/innodb-util.pl";
+
+my $ps = $ENV{INNODB_PAGE_SIZE};
+
+sysopen IBD_FILE, "$ENV{MYSQLD_DATADIR}/ibdata1", O_RDWR
+  or die "Cannot open ibdata1: $!\n";
+
+# Read the TRX_SYS page.
+my $page;
+sysseek(IBD_FILE, $ps * 5, SEEK_SET)
+  or die "Cannot seek ibdata1: $!\n";
+sysread(IBD_FILE, $page, $ps)
+  or die "Cannot read ibdata1: $!\n";
+
+# Put in an old binlog position that will compare larger than master-bin.000001
+my $old_name= '~~~-bin.999999' . chr(0);
+my $old_off= 0xffff0000;
+my $old_magic= 873422344;
+my $binlog_offset= $ps - 1000 + 38;
+substr($page, $binlog_offset, 4)= pack('N', $old_magic);
+substr($page, $binlog_offset + 4, 4)= pack('N', ($old_off >> 32));
+substr($page, $binlog_offset + 8, 4)= pack('N', ($old_off & 0xffffffff));
+substr($page, $binlog_offset + 12, length($old_name))= $old_name;
+
+# Write back the modified page.
+my $full_crc32= get_full_crc32(\*IBD_FILE);
+$page= fix_page_crc($page, $full_crc32);
+sysseek(IBD_FILE, $ps * 5, SEEK_SET)
+  or die "Cannot seek ibdata1: $!\n";
+syswrite(IBD_FILE, $page, $ps) == $ps
+  or die "Cannot write ibdata1: $!\n";
+close IBD_FILE;
+EOF
+
+--source include/start_mysqld.inc
+
+
+let $basedir=$MYSQLTEST_VARDIR/tmp/backup;
+
+RESET MASTER;
+CREATE TABLE t1(a varchar(60) PRIMARY KEY, b VARCHAR(60)) ENGINE INNODB;
+INSERT INTO t1 VALUES(1, NULL);
+CREATE TABLE t2 (val INT) ENGINE=InnoDB;
+INSERT INTO t2 VALUES (0);
+
+--disable_query_log
+--delimiter //
+CREATE PROCEDURE gen_load()
+  MODIFIES SQL DATA
+  BEGIN
+    DECLARE i INT;
+    DECLARE flag TYPE OF t2.val;
+    SET i = 0;
+    load_loop: LOOP
+      SELECT val INTO flag FROM t2;
+      IF NOT (flag=0) THEN
+        LEAVE load_loop;
+      END IF;
+      START TRANSACTION;
+      INSERT INTO t1 VALUES (CONCAT("AbAdCaFe", LPAD(i, 6, "0")), @@SESSION.last_gtid);
+      COMMIT;
+      SET i = i + 1;
+    END LOOP;
+  END
+//
+--delimiter ;
+--enable_query_log
+
+connect (con1,localhost,root,,);
+--echo *** Start a background load...
+send CALL gen_load();
+
+--connection default
+--echo *** Doing backup...
+--exec $XTRABACKUP --defaults-file=$MYSQLTEST_VARDIR/my.cnf --backup --target-dir=$basedir --no-lock
+--echo *** Doing prepare...
+--exec $XTRABACKUP --prepare --binlog-info=1 --target-dir=$basedir
+
+--echo *** Stop the background load...
+UPDATE t2 SET val=1;
+--connection con1
+reap;
+--connection default
+disconnect con1;
+--let $count_master= `SELECT COUNT(*) FROM t1`
+
+--echo *** Provision a new slave from the backup
+--connect (server2,127.0.0.1,root,,,$SERVER_MYPORT_2)
+--let $datadir_2= `SELECT @@datadir`
+
+--echo *** Stopping provisioned server
+--source include/shutdown_mysqld.inc
+
+--echo *** Removing old datadir for provisioned server
+--rmdir $datadir_2
+
+--echo *** Provision new server from backup
+--exec $XTRABACKUP --copy-back --datadir=$datadir_2 --target-dir=$basedir
+
+# --no-lock backup might leave prepared xa transactions. rollback them.
+--error 1
+--exec $MYSQLD_LAST_CMD --tc-heuristic-recover=ROLLBACK
+--source include/start_mysqld.inc
+
+--echo *** Configure slave position from xtrabackup_binlog_pos_innodb
+CREATE TABLE t3 (file VARCHAR(255), pos INT) ENGINE=InnoDB;
+--replace_result $basedir BASEDIR
+--disable_warnings
+eval LOAD DATA LOCAL INFILE "$basedir/xtrabackup_binlog_pos_innodb"
+     INTO TABLE t3 FIELDS ESCAPED BY '' (file, pos);
+--enable_warnings
+
+# Remove leading ./ from filename (leading .\ on windows).
+--let provision_master_file= `SELECT REGEXP_REPLACE(file, "^[.].", "") FROM t3`
+--let provision_master_pos= `SELECT pos FROM t3`
+
+--replace_result $SERVER_MYPORT_1 PORT $provision_master_file MASTER_FILE $provision_master_pos MASTER_POS
+eval CHANGE MASTER TO
+  master_port=$SERVER_MYPORT_1, master_host='127.0.0.1', master_user='root',
+  master_log_file= "$provision_master_file",
+  master_log_pos= $provision_master_pos;
+START SLAVE;
+
+--connection default
+--save_master_pos
+
+--connection server2
+--sync_with_master
+--let $count_slave= `SELECT COUNT(*) FROM t1`
+if ($count_master != $count_slave) {
+  --echo *** ERROR: Table on master has $count_master rows, but table on provisioned slave has $count_slave rows
+  --die Row difference on provisioned slave.
+}
+
+# Cleanup
+
+--connection server2
+STOP SLAVE;
+RESET SLAVE ALL;
+DROP PROCEDURE gen_load;
+DROP TABLE t1, t2, t3;
+
+--connection default
+DROP PROCEDURE gen_load;
+DROP TABLE t1, t2;
+
+rmdir $basedir;
diff --git a/mysql-test/suite/mariabackup/unencrypted_page_compressed.result b/mysql-test/suite/mariabackup/unencrypted_page_compressed.result
index d995d1be..dfcf19b6 100644
--- a/mysql-test/suite/mariabackup/unencrypted_page_compressed.result
+++ b/mysql-test/suite/mariabackup/unencrypted_page_compressed.result
@@ -1,5 +1,6 @@
 call mtr.add_suppression("InnoDB: Table `test`.`t1` has an unreadable root page");
-CREATE TABLE t1 (a INT AUTO_INCREMENT PRIMARY KEY, b TEXT, c char(200)) ENGINE=InnoDB page_compressed=yes;
+CREATE TABLE t1 (a INT AUTO_INCREMENT PRIMARY KEY, b TEXT, c char(200))
+ENGINE=InnoDB PAGE_COMPRESSED=YES STATS_PERSISTENT=0;
 insert into t1(b, c) values("mariadb", "mariabackup");
 InnoDB		0 transactions not purged
 # Corrupt the table
diff --git a/mysql-test/suite/mariabackup/unencrypted_page_compressed.test b/mysql-test/suite/mariabackup/unencrypted_page_compressed.test
index 247a210a..700c4dd2 100644
--- a/mysql-test/suite/mariabackup/unencrypted_page_compressed.test
+++ b/mysql-test/suite/mariabackup/unencrypted_page_compressed.test
@@ -1,5 +1,6 @@
 call mtr.add_suppression("InnoDB: Table `test`.`t1` has an unreadable root page");
-CREATE TABLE t1 (a INT AUTO_INCREMENT PRIMARY KEY, b TEXT, c char(200)) ENGINE=InnoDB page_compressed=yes;
+CREATE TABLE t1 (a INT AUTO_INCREMENT PRIMARY KEY, b TEXT, c char(200))
+ENGINE=InnoDB PAGE_COMPRESSED=YES STATS_PERSISTENT=0;
 insert into t1(b, c) values("mariadb", "mariabackup");
 --source ../innodb/include/wait_all_purged.inc
 
diff --git a/mysql-test/suite/multi_source/gtid_slave_pos.result b/mysql-test/suite/multi_source/gtid_slave_pos.result
index d57cfc17..44eb4823 100644
--- a/mysql-test/suite/multi_source/gtid_slave_pos.result
+++ b/mysql-test/suite/multi_source/gtid_slave_pos.result
@@ -97,8 +97,9 @@ set default_master_connection = 'slave1';
 STOP SLAVE;
 include/wait_for_slave_to_stop.inc
 set default_master_connection = 'slave2';
+include/wait_for_slave_sql_error.inc [errno=1942]
 STOP SLAVE;
-include/wait_for_slave_to_stop.inc
+include/wait_for_slave_io_to_stop.inc
 set default_master_connection = 'slave1';
 START SLAVE;
 include/wait_for_slave_to_start.inc
diff --git a/mysql-test/suite/multi_source/gtid_slave_pos.test b/mysql-test/suite/multi_source/gtid_slave_pos.test
index c01130f8..cc418d76 100644
--- a/mysql-test/suite/multi_source/gtid_slave_pos.test
+++ b/mysql-test/suite/multi_source/gtid_slave_pos.test
@@ -118,8 +118,10 @@ set default_master_connection = 'slave1';
 STOP SLAVE;
 --source include/wait_for_slave_to_stop.inc
 set default_master_connection = 'slave2';
+--let $slave_sql_errno= 1942
+--source include/wait_for_slave_sql_error.inc
 STOP SLAVE;
---source include/wait_for_slave_to_stop.inc
+--source include/wait_for_slave_io_to_stop.inc
 set default_master_connection = 'slave1';
 START SLAVE;
 --source include/wait_for_slave_to_start.inc
diff --git a/mysql-test/suite/multi_source/mdev-9544.test b/mysql-test/suite/multi_source/mdev-9544.test
index fd89bdfa..c2626dc7 100644
--- a/mysql-test/suite/multi_source/mdev-9544.test
+++ b/mysql-test/suite/multi_source/mdev-9544.test
@@ -1,6 +1,7 @@
 --source include/not_embedded.inc
 --source include/have_innodb.inc
 --source include/have_debug.inc
+--source include/not_windows.inc
 
 --connect (server_1,127.0.0.1,root,,,$SERVER_MYPORT_1)
 --connect (server_2,127.0.0.1,root,,,$SERVER_MYPORT_2)
diff --git a/mysql-test/suite/parts/r/partition_alter_innodb.result b/mysql-test/suite/parts/r/partition_alter_innodb.result
index f040f266..03e7d078 100644
--- a/mysql-test/suite/parts/r/partition_alter_innodb.result
+++ b/mysql-test/suite/parts/r/partition_alter_innodb.result
@@ -71,7 +71,8 @@ DROP TABLE t1;
 #
 # MDEV-28079 Shutdown hangs after altering innodb partition fts table
 #
-CREATE TABLE t1(f1 INT, f2 CHAR(100))ENGINE=InnoDB PARTITION BY HASH(f1) PARTITIONS 2;
+CREATE TABLE t1(f1 INT, f2 CHAR(100))ENGINE=InnoDB STATS_PERSISTENT=0
+PARTITION BY HASH(f1) PARTITIONS 2;
 ALTER TABLE t1 ADD FULLTEXT(f2);
 InnoDB		0 transactions not purged
 DROP TABLE t1;
diff --git a/mysql-test/suite/parts/r/partition_purge.result b/mysql-test/suite/parts/r/partition_purge.result
index 072b141c..a58e095d 100644
--- a/mysql-test/suite/parts/r/partition_purge.result
+++ b/mysql-test/suite/parts/r/partition_purge.result
@@ -1,4 +1,4 @@
-CREATE TABLE t1(f1 INT, f2 INT, INDEX(f1))ENGINE=InnoDB
+CREATE TABLE t1(f1 INT, f2 INT, INDEX(f1))ENGINE=InnoDB STATS_PERSISTENT=0
 PARTITION BY LIST(f1) (
 PARTITION p1 VALUES in (1, 2, 3),
 PARTITION p2 VALUES in (4, 5, 6));
diff --git a/mysql-test/suite/parts/t/partition_alter_innodb.test b/mysql-test/suite/parts/t/partition_alter_innodb.test
index 844b2084..dcc44863 100644
--- a/mysql-test/suite/parts/t/partition_alter_innodb.test
+++ b/mysql-test/suite/parts/t/partition_alter_innodb.test
@@ -12,7 +12,8 @@ SET GLOBAL innodb_read_only_compressed=@save_innodb_read_only_compressed;
 --echo #
 --echo # MDEV-28079 Shutdown hangs after altering innodb partition fts table
 --echo #
-CREATE TABLE t1(f1 INT, f2 CHAR(100))ENGINE=InnoDB PARTITION BY HASH(f1) PARTITIONS 2;
+CREATE TABLE t1(f1 INT, f2 CHAR(100))ENGINE=InnoDB STATS_PERSISTENT=0
+PARTITION BY HASH(f1) PARTITIONS 2;
 ALTER TABLE t1 ADD FULLTEXT(f2);
 --source ../innodb/include/wait_all_purged.inc
 DROP TABLE t1;
diff --git a/mysql-test/suite/parts/t/partition_purge.test b/mysql-test/suite/parts/t/partition_purge.test
index 2df81b0e..054ecf47 100644
--- a/mysql-test/suite/parts/t/partition_purge.test
+++ b/mysql-test/suite/parts/t/partition_purge.test
@@ -3,7 +3,7 @@
 --source include/have_debug.inc
 --source include/have_debug_sync.inc
 
-CREATE TABLE t1(f1 INT, f2 INT, INDEX(f1))ENGINE=InnoDB
+CREATE TABLE t1(f1 INT, f2 INT, INDEX(f1))ENGINE=InnoDB STATS_PERSISTENT=0
                 PARTITION BY LIST(f1) (
                         PARTITION p1 VALUES in (1, 2, 3),
                         PARTITION p2 VALUES in (4, 5, 6));
diff --git a/mysql-test/suite/perfschema/include/pfs_running_event_scheduler.inc b/mysql-test/suite/perfschema/include/pfs_running_event_scheduler.inc
index 219a4105..313c0ed8 100644
--- a/mysql-test/suite/perfschema/include/pfs_running_event_scheduler.inc
+++ b/mysql-test/suite/perfschema/include/pfs_running_event_scheduler.inc
@@ -1,10 +1,10 @@
-# threads are removed from:
+# threads are added to:
 # - information_schema.processlist
 # - performance_schema.threads
 # at different times, so we may have to wait a little more
-# for the event_scheduler to shutdown
+# for the event_scheduler to start
 #
 let $wait_condition=
   SELECT COUNT(*) = 1 FROM performance_schema.threads
-  WHERE name like 'thread/sql/event%';
+  WHERE name LIKE 'thread/sql/event%' AND processlist_command IS NOT NULL;
 --source include/wait_condition.inc
diff --git a/mysql-test/suite/perfschema/r/digest_view.result b/mysql-test/suite/perfschema/r/digest_view.result
index 2d5c7ca0..1bc4a3c2 100644
--- a/mysql-test/suite/perfschema/r/digest_view.result
+++ b/mysql-test/suite/perfschema/r/digest_view.result
@@ -191,17 +191,17 @@ SELECT SCHEMA_NAME, DIGEST, DIGEST_TEXT, COUNT_STAR
 FROM performance_schema.events_statements_summary_by_digest
 ORDER BY DIGEST_TEXT;
 SCHEMA_NAME	DIGEST	DIGEST_TEXT	COUNT_STAR
-test	8b1406618d34996cd11d1796438c78b5	EXPLAIN SELECT * FROM `test` . `v1` 	1
-test	2c9e5d5b30d1690ba1a625afb4c42005	EXPLAIN SELECT * FROM `test` . `v1` WHERE `a` = ? 	1
-test	2265269dbe1b17d1f309a63b8e56933f	EXPLAIN SELECT * FROM `test` . `v1` WHERE `b` > ? 	1
-test	2df0babfc3c8ad27b4e3f99ad59bc938	EXPLAIN SELECT `a` , `b` FROM `test` . `v1` 	1
-test	8607297e7ffe77aa19a9d60812c5a8fd	EXPLAIN SELECT `b` , `a` FROM `test` . `v1` 	1
-test	9c94fee7865aa050201f6e67887fd0c8	SELECT * FROM `test` . `v1` 	1
-test	7c856ddf7b57d65f8124f39e8b81882e	SELECT * FROM `test` . `v1` WHERE `a` = ? 	1
-test	994b14d068c24edd8fd61b2f03663be2	SELECT * FROM `test` . `v1` WHERE `b` > ? 	1
-test	b3102e1f51878e35936d7d3fe2901839	SELECT `a` , `b` FROM `test` . `v1` 	1
-test	cb300dd6358987c5afe1a2b0022fdea0	SELECT `b` , `a` FROM `test` . `v1` 	1
-test	1b40b63f6a9dbffd146f0916fe4f5ed2	TRUNCATE TABLE `performance_schema` . `events_statements_summary_by_digest` 	1
+test	b69a5ddd08657692e23aa72d37dc15e0	EXPLAIN SELECT * FROM `test` . `v1` 	1
+test	8c76fc18fe1711607640be2906e38f58	EXPLAIN SELECT * FROM `test` . `v1` WHERE `a` = ? 	1
+test	9bedc57de65e2ac25d67fcb6ccadb427	EXPLAIN SELECT * FROM `test` . `v1` WHERE `b` > ? 	1
+test	0539bbfdb016341a22d32fecb12c9882	EXPLAIN SELECT `a` , `b` FROM `test` . `v1` 	1
+test	3368b44e9d8b8cfb13b58f97a255d77f	EXPLAIN SELECT `b` , `a` FROM `test` . `v1` 	1
+test	2f619aeadc8bd993980ef9b4d12e4222	SELECT * FROM `test` . `v1` 	1
+test	b9a44c024c9d79de76f2ebcd2f208c4c	SELECT * FROM `test` . `v1` WHERE `a` = ? 	1
+test	a3ccc4c3c79e853eaa17e3ceb7a24b30	SELECT * FROM `test` . `v1` WHERE `b` > ? 	1
+test	9556566adc0953fccd8e2e35019287ed	SELECT `a` , `b` FROM `test` . `v1` 	1
+test	fc937c99007b0976d19fb685b3bf9acc	SELECT `b` , `a` FROM `test` . `v1` 	1
+test	a73dca7a09f45de04f1f4588f0a4e19f	TRUNCATE TABLE `performance_schema` . `events_statements_summary_by_digest` 	1
 DROP TABLE test.v1;
 CREATE VIEW test.v1 AS SELECT * FROM test.t1;
 EXPLAIN SELECT * from test.v1;
@@ -248,19 +248,19 @@ SELECT SCHEMA_NAME, DIGEST, DIGEST_TEXT, COUNT_STAR
 FROM performance_schema.events_statements_summary_by_digest
 ORDER BY DIGEST_TEXT;
 SCHEMA_NAME	DIGEST	DIGEST_TEXT	COUNT_STAR
-test	a68fd555281a14d2809c3105e9cb2c90	CREATE VIEW `test` . `v1` AS SELECT * FROM `test` . `t1` 	1
-test	4baff8f96e4b6ec6cdbfef5b9c7a8b12	DROP TABLE `test` . `v1` 	1
-test	8b1406618d34996cd11d1796438c78b5	EXPLAIN SELECT * FROM `test` . `v1` 	2
-test	2c9e5d5b30d1690ba1a625afb4c42005	EXPLAIN SELECT * FROM `test` . `v1` WHERE `a` = ? 	2
-test	2265269dbe1b17d1f309a63b8e56933f	EXPLAIN SELECT * FROM `test` . `v1` WHERE `b` > ? 	2
-test	2df0babfc3c8ad27b4e3f99ad59bc938	EXPLAIN SELECT `a` , `b` FROM `test` . `v1` 	2
-test	8607297e7ffe77aa19a9d60812c5a8fd	EXPLAIN SELECT `b` , `a` FROM `test` . `v1` 	2
-test	9c94fee7865aa050201f6e67887fd0c8	SELECT * FROM `test` . `v1` 	2
-test	7c856ddf7b57d65f8124f39e8b81882e	SELECT * FROM `test` . `v1` WHERE `a` = ? 	2
-test	994b14d068c24edd8fd61b2f03663be2	SELECT * FROM `test` . `v1` WHERE `b` > ? 	2
-test	df38ce7f6e35972efe5a4ec57e48bf4d	SELECT SCHEMA_NAME , `DIGEST` , `DIGEST_TEXT` , `COUNT_STAR` FROM `performance_schema` . `events_statements_summary_by_digest` ORDER BY `DIGEST_TEXT` 	1
-test	b3102e1f51878e35936d7d3fe2901839	SELECT `a` , `b` FROM `test` . `v1` 	2
-test	cb300dd6358987c5afe1a2b0022fdea0	SELECT `b` , `a` FROM `test` . `v1` 	2
-test	1b40b63f6a9dbffd146f0916fe4f5ed2	TRUNCATE TABLE `performance_schema` . `events_statements_summary_by_digest` 	1
+test	7f6c48fe072a231bc75d6d449978b9f5	CREATE VIEW `test` . `v1` AS SELECT * FROM `test` . `t1` 	1
+test	c24db45ea4beed6ba2537ca6ea2d0484	DROP TABLE `test` . `v1` 	1
+test	b69a5ddd08657692e23aa72d37dc15e0	EXPLAIN SELECT * FROM `test` . `v1` 	2
+test	8c76fc18fe1711607640be2906e38f58	EXPLAIN SELECT * FROM `test` . `v1` WHERE `a` = ? 	2
+test	9bedc57de65e2ac25d67fcb6ccadb427	EXPLAIN SELECT * FROM `test` . `v1` WHERE `b` > ? 	2
+test	0539bbfdb016341a22d32fecb12c9882	EXPLAIN SELECT `a` , `b` FROM `test` . `v1` 	2
+test	3368b44e9d8b8cfb13b58f97a255d77f	EXPLAIN SELECT `b` , `a` FROM `test` . `v1` 	2
+test	2f619aeadc8bd993980ef9b4d12e4222	SELECT * FROM `test` . `v1` 	2
+test	b9a44c024c9d79de76f2ebcd2f208c4c	SELECT * FROM `test` . `v1` WHERE `a` = ? 	2
+test	a3ccc4c3c79e853eaa17e3ceb7a24b30	SELECT * FROM `test` . `v1` WHERE `b` > ? 	2
+test	7b82ea9a7c1859f76abed712d2d4b14d	SELECT SCHEMA_NAME , `DIGEST` , `DIGEST_TEXT` , `COUNT_STAR` FROM `performance_schema` . `events_statements_summary_by_digest` ORDER BY `DIGEST_TEXT` 	1
+test	9556566adc0953fccd8e2e35019287ed	SELECT `a` , `b` FROM `test` . `v1` 	2
+test	fc937c99007b0976d19fb685b3bf9acc	SELECT `b` , `a` FROM `test` . `v1` 	2
+test	a73dca7a09f45de04f1f4588f0a4e19f	TRUNCATE TABLE `performance_schema` . `events_statements_summary_by_digest` 	1
 DROP VIEW test.v1;
 DROP TABLE test.t1;
diff --git a/mysql-test/suite/perfschema/r/mdl_func.result b/mysql-test/suite/perfschema/r/mdl_func.result
index 4887b15e..f3fc0d10 100644
--- a/mysql-test/suite/perfschema/r/mdl_func.result
+++ b/mysql-test/suite/perfschema/r/mdl_func.result
@@ -1,3 +1,4 @@
+# restart
 UPDATE performance_schema.setup_instruments SET enabled = 'NO', timed = 'YES';
 UPDATE performance_schema.setup_instruments SET enabled = 'YES'
 WHERE name in ('wait/io/table/sql/handler',
diff --git a/mysql-test/suite/perfschema/r/misc_session_status.result b/mysql-test/suite/perfschema/r/misc_session_status.result
new file mode 100644
index 00000000..3ce472fc
--- /dev/null
+++ b/mysql-test/suite/perfschema/r/misc_session_status.result
@@ -0,0 +1,20 @@
+#
+# MDEV-33150 double-locking of LOCK_thd_kill in performance_schema.session_status
+#
+set @old_innodb_io_capacity=@@global.innodb_io_capacity;
+set @old_innodb_io_capacity_max=@@global.innodb_io_capacity_max;
+select * from performance_schema.session_status limit 0;
+VARIABLE_NAME	VARIABLE_VALUE
+set max_session_mem_used=32768;
+select * from performance_schema.session_status;
+ERROR HY000: The MariaDB server is running with the --max-session-mem-used=32768 option so it cannot execute this statement
+set global innodb_io_capacity_max=100;
+Warnings:
+Warning	1210	Setting innodb_io_capacity_max 100 lower than innodb_io_capacity 200.
+Warning	1210	Setting innodb_io_capacity to 100
+set max_session_mem_used=default;
+set global innodb_io_capacity=@old_innodb_io_capacity;
+Warnings:
+Warning	1210	Setting innodb_io_capacity to 200 higher than innodb_io_capacity_max 100
+Warning	1210	Setting innodb_max_io_capacity to 400
+set global innodb_io_capacity_max=@old_innodb_io_capacity_max;
diff --git a/mysql-test/suite/perfschema/r/rpl_threads.result b/mysql-test/suite/perfschema/r/rpl_threads.result
index c756b4d9..3e9cf22f 100644
--- a/mysql-test/suite/perfschema/r/rpl_threads.result
+++ b/mysql-test/suite/perfschema/r/rpl_threads.result
@@ -58,4 +58,10 @@ select NAME, TYPE, PROCESSLIST_COMMAND, PROCESSLIST_STATE
 from performance_schema.threads
 where PROCESSLIST_ID = @slave_sql_pid;
 NAME	TYPE	PROCESSLIST_COMMAND	PROCESSLIST_STATE
+#
+# MDEV-33031 Assertion failure upon reading from performance schema with binlog enabled
+#
+select variable_name, variable_value from performance_schema.status_by_thread
+where variable_name like '%impossible%';
+variable_name	variable_value
 include/rpl_end.inc
diff --git a/mysql-test/suite/perfschema/r/start_server_low_digest_sql_length.result b/mysql-test/suite/perfschema/r/start_server_low_digest_sql_length.result
index f0ceee5e..482c4cd5 100644
--- a/mysql-test/suite/perfschema/r/start_server_low_digest_sql_length.result
+++ b/mysql-test/suite/perfschema/r/start_server_low_digest_sql_length.result
@@ -8,5 +8,5 @@ SELECT 1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1+1
 ####################################
 SELECT event_name, digest, digest_text, sql_text FROM events_statements_history_long;
 event_name	digest	digest_text	sql_text
-statement/sql/select	ca9181d6d668396d467dd974f58a9402	SELECT ? + ? + 	SELECT ...
-statement/sql/truncate	4d2423d405bbcea8fa7bf9519c08dd8e	TRUNCATE TABLE 	truncat...
+statement/sql/select	142569e3e23dff2a0170a603ed79020a	SELECT ? + ? + 	SELECT ...
+statement/sql/truncate	5947880b8ba439f0ed3ff0bfbb04eebf	TRUNCATE TABLE 	truncat...
diff --git a/mysql-test/suite/perfschema/t/mdl_func.test b/mysql-test/suite/perfschema/t/mdl_func.test
index fc12bdac..209c2f11 100644
--- a/mysql-test/suite/perfschema/t/mdl_func.test
+++ b/mysql-test/suite/perfschema/t/mdl_func.test
@@ -1,7 +1,11 @@
 --source include/not_embedded.inc
 --source include/have_perfschema.inc
-# This test fails very frequently on a Windows builder.
---source include/not_windows.inc
+# This test needs a fresh restart. The table performance_schema.table_handles
+# can otherwise contain extra rows left from previous testcases.
+# For example the test case main.long_unique_delayed, which uses
+# INSERT DELAYED, will leave extra rows in this table if run just before this
+# test, causing .result diff failure.
+--source include/restart_mysqld.inc
 
 UPDATE performance_schema.setup_instruments SET enabled = 'NO', timed = 'YES';
 
diff --git a/mysql-test/suite/perfschema/t/misc_session_status.test b/mysql-test/suite/perfschema/t/misc_session_status.test
new file mode 100644
index 00000000..c9e7d066
--- /dev/null
+++ b/mysql-test/suite/perfschema/t/misc_session_status.test
@@ -0,0 +1,20 @@
+--source include/not_embedded.inc
+--source include/have_perfschema.inc
+# This does not crash on 32 bit because of less memory used
+--source include/have_64bit.inc
+--echo #
+--echo # MDEV-33150 double-locking of LOCK_thd_kill in performance_schema.session_status
+--echo #
+source include/have_innodb.inc;
+set @old_innodb_io_capacity=@@global.innodb_io_capacity;
+set @old_innodb_io_capacity_max=@@global.innodb_io_capacity_max;
+select * from performance_schema.session_status limit 0; # discover the table
+set max_session_mem_used=32768;
+--error ER_OPTION_PREVENTS_STATEMENT
+# this used to crash, when OOM happened under LOCK_thd_kill
+select * from performance_schema.session_status;
+# this used to cause mutex lock order violation when OOM happened under LOCK_global_system_variables
+set global innodb_io_capacity_max=100;
+set max_session_mem_used=default;
+set global innodb_io_capacity=@old_innodb_io_capacity;
+set global innodb_io_capacity_max=@old_innodb_io_capacity_max;
diff --git a/mysql-test/suite/perfschema/t/rpl_threads.test b/mysql-test/suite/perfschema/t/rpl_threads.test
index a5ca51a9..fcecf775 100644
--- a/mysql-test/suite/perfschema/t/rpl_threads.test
+++ b/mysql-test/suite/perfschema/t/rpl_threads.test
@@ -81,5 +81,11 @@ select NAME, TYPE, PROCESSLIST_COMMAND, PROCESSLIST_STATE
   from performance_schema.threads
   where PROCESSLIST_ID = @slave_sql_pid;
 
+--echo #
+--echo # MDEV-33031 Assertion failure upon reading from performance schema with binlog enabled
+--echo #
+select variable_name, variable_value from performance_schema.status_by_thread
+where variable_name like '%impossible%'; # should not crash
+
 --source include/rpl_end.inc
 
diff --git a/mysql-test/suite/plugins/r/compression,innodb-lz4.rdiff b/mysql-test/suite/plugins/r/compression,innodb-lz4.rdiff
index 06fdb0bd..791aecda 100644
--- a/mysql-test/suite/plugins/r/compression,innodb-lz4.rdiff
+++ b/mysql-test/suite/plugins/r/compression,innodb-lz4.rdiff
@@ -10,15 +10,19 @@
 +set global innodb_compression_algorithm = lz4;
  call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
  call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
- call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
-@@ -15,8 +15,8 @@
+ call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
+@@ -16,12 +16,12 @@
  0	abcabcabc	300
  1	defdefdef	3000
  2	ghighighi	30000
 -# restart: --disable-provider-bzip2
 +# restart: --disable-provider-lz4
  select a, left(b, 9), length(b) from t1;
--ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
-+ERROR HY000: Table test/t1 is compressed with lz4, which is not currently loaded. Please load the lz4 provider plugin to open the table
+ ERROR 42S02: Table 'test.t1' doesn't exist in engine
+ show warnings;
+ Level	Code	Message
+-Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
++Warning	4185	MariaDB tried to use the LZ4 compression, but its provider plugin is not loaded
+ Error	1932	Table 'test.t1' doesn't exist in engine
  drop table t1;
  # restart
diff --git a/mysql-test/suite/plugins/r/compression,innodb-lzma.rdiff b/mysql-test/suite/plugins/r/compression,innodb-lzma.rdiff
index ee348934..13c42f82 100644
--- a/mysql-test/suite/plugins/r/compression,innodb-lzma.rdiff
+++ b/mysql-test/suite/plugins/r/compression,innodb-lzma.rdiff
@@ -10,15 +10,19 @@
 +set global innodb_compression_algorithm = lzma;
  call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
  call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
- call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
-@@ -15,8 +15,8 @@
+ call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
+@@ -16,12 +16,12 @@
  0	abcabcabc	300
  1	defdefdef	3000
  2	ghighighi	30000
 -# restart: --disable-provider-bzip2
 +# restart: --disable-provider-lzma
  select a, left(b, 9), length(b) from t1;
--ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
-+ERROR HY000: Table test/t1 is compressed with lzma, which is not currently loaded. Please load the lzma provider plugin to open the table
+ ERROR 42S02: Table 'test.t1' doesn't exist in engine
+ show warnings;
+ Level	Code	Message
+-Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
++Warning	4185	MariaDB tried to use the LZMA compression, but its provider plugin is not loaded
+ Error	1932	Table 'test.t1' doesn't exist in engine
  drop table t1;
  # restart
diff --git a/mysql-test/suite/plugins/r/compression,innodb-lzo.rdiff b/mysql-test/suite/plugins/r/compression,innodb-lzo.rdiff
index d7cdc410..cc7783cc 100644
--- a/mysql-test/suite/plugins/r/compression,innodb-lzo.rdiff
+++ b/mysql-test/suite/plugins/r/compression,innodb-lzo.rdiff
@@ -10,15 +10,19 @@
 +set global innodb_compression_algorithm = lzo;
  call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
  call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
- call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
-@@ -15,8 +15,8 @@
+ call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
+@@ -16,12 +16,12 @@
  0	abcabcabc	300
  1	defdefdef	3000
  2	ghighighi	30000
 -# restart: --disable-provider-bzip2
 +# restart: --disable-provider-lzo
  select a, left(b, 9), length(b) from t1;
--ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
-+ERROR HY000: Table test/t1 is compressed with lzo, which is not currently loaded. Please load the lzo provider plugin to open the table
+ ERROR 42S02: Table 'test.t1' doesn't exist in engine
+ show warnings;
+ Level	Code	Message
+-Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
++Warning	4185	MariaDB tried to use the LZO compression, but its provider plugin is not loaded
+ Error	1932	Table 'test.t1' doesn't exist in engine
  drop table t1;
  # restart
diff --git a/mysql-test/suite/plugins/r/compression,innodb-snappy.rdiff b/mysql-test/suite/plugins/r/compression,innodb-snappy.rdiff
index e9c7485d..98c4427a 100644
--- a/mysql-test/suite/plugins/r/compression,innodb-snappy.rdiff
+++ b/mysql-test/suite/plugins/r/compression,innodb-snappy.rdiff
@@ -10,15 +10,19 @@
 +set global innodb_compression_algorithm = snappy;
  call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
  call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
- call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
-@@ -15,8 +15,8 @@
+ call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
+@@ -16,12 +16,12 @@
  0	abcabcabc	300
  1	defdefdef	3000
  2	ghighighi	30000
 -# restart: --disable-provider-bzip2
 +# restart: --disable-provider-snappy
  select a, left(b, 9), length(b) from t1;
--ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
-+ERROR HY000: Table test/t1 is compressed with snappy, which is not currently loaded. Please load the snappy provider plugin to open the table
+ ERROR 42S02: Table 'test.t1' doesn't exist in engine
+ show warnings;
+ Level	Code	Message
+-Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
++Warning	4185	MariaDB tried to use the Snappy compression, but its provider plugin is not loaded
+ Error	1932	Table 'test.t1' doesn't exist in engine
  drop table t1;
  # restart
diff --git a/mysql-test/suite/plugins/r/compression,mroonga-lz4.rdiff b/mysql-test/suite/plugins/r/compression,mroonga-lz4.rdiff
index 9b155ff3..ac186d3c 100644
--- a/mysql-test/suite/plugins/r/compression,mroonga-lz4.rdiff
+++ b/mysql-test/suite/plugins/r/compression,mroonga-lz4.rdiff
@@ -1,6 +1,6 @@
 --- suite/plugins/r/compression.result
 +++ suite/plugins/r/compression.reject
-@@ -1,12 +1,8 @@
+@@ -1,13 +1,8 @@
  #
 -# Testing bzip2 compression provider with innodb
 +# Testing lz4 compression provider with mroonga
@@ -9,20 +9,25 @@
 -set global innodb_compression_algorithm = bzip2;
 -call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
 -call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
+-call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
 -call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
 -create table t1 (a int, b text ) engine = innodb page_compressed = 1;
 +create table t1 (a int, b text COMMENT 'FLAGS "COLUMN_SCALAR|COMPRESS_LZ4"') engine = mroonga charset = utf8;
  insert t1 (a, b) values (0, repeat("abc", 100));
  insert t1 (a, b) values (1, repeat("def", 1000));
  insert t1 (a, b) values (2, repeat("ghi", 10000));
-@@ -14,8 +11,20 @@
+@@ -16,12 +11,20 @@
  0	abcabcabc	300
  1	defdefdef	3000
  2	ghighighi	30000
 -# restart: --disable-provider-bzip2
 +# restart: --disable-provider-lz4
  select a, left(b, 9), length(b) from t1;
--ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
+-ERROR 42S02: Table 'test.t1' doesn't exist in engine
+-show warnings;
+-Level	Code	Message
+-Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
+-Error	1932	Table 'test.t1' doesn't exist in engine
 +a	left(b, 9)	length(b)
 +0		0
 +1		0
diff --git a/mysql-test/suite/plugins/r/compression.result b/mysql-test/suite/plugins/r/compression.result
index dd267f28..d7c11abc 100644
--- a/mysql-test/suite/plugins/r/compression.result
+++ b/mysql-test/suite/plugins/r/compression.result
@@ -5,6 +5,7 @@ call mtr.add_suppression("MariaDB tried to use the .+ compression, but its provi
 set global innodb_compression_algorithm = bzip2;
 call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
 call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
+call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
 call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
 create table t1 (a int, b text ) engine = innodb page_compressed = 1;
 insert t1 (a, b) values (0, repeat("abc", 100));
@@ -17,6 +18,10 @@ a	left(b, 9)	length(b)
 2	ghighighi	30000
 # restart: --disable-provider-bzip2
 select a, left(b, 9), length(b) from t1;
-ERROR HY000: Table test/t1 is compressed with bzip2, which is not currently loaded. Please load the bzip2 provider plugin to open the table
+ERROR 42S02: Table 'test.t1' doesn't exist in engine
+show warnings;
+Level	Code	Message
+Warning	4185	MariaDB tried to use the BZip2 compression, but its provider plugin is not loaded
+Error	1932	Table 'test.t1' doesn't exist in engine
 drop table t1;
 # restart
diff --git a/mysql-test/suite/plugins/r/sql_error_log.result b/mysql-test/suite/plugins/r/sql_error_log.result
index 0329949a..a0bf0ebc 100644
--- a/mysql-test/suite/plugins/r/sql_error_log.result
+++ b/mysql-test/suite/plugins/r/sql_error_log.result
@@ -9,6 +9,7 @@ sql_error_log_rotate	OFF
 sql_error_log_rotations	9
 sql_error_log_size_limit	1000000
 sql_error_log_warnings	ON
+sql_error_log_with_db_and_thread_info	OFF
 set global sql_error_log_rate=1;
 select * from t_doesnt_exist;
 ERROR 42S02: Table 'test.t_doesnt_exist' doesn't exist
diff --git a/mysql-test/suite/plugins/r/sql_error_log_withdbinfo.result b/mysql-test/suite/plugins/r/sql_error_log_withdbinfo.result
new file mode 100644
index 00000000..732e74d8
--- /dev/null
+++ b/mysql-test/suite/plugins/r/sql_error_log_withdbinfo.result
@@ -0,0 +1,41 @@
+show variables like 'sql_error_log%';
+Variable_name	Value
+sql_error_log_filename	sql_errors.log
+sql_error_log_rate	1
+sql_error_log_rotate	OFF
+sql_error_log_rotations	9
+sql_error_log_size_limit	1000000
+sql_error_log_warnings	ON
+sql_error_log_with_db_and_thread_info	ON
+set global sql_error_log_rate=1;
+# Trying to set the variable at runtime
+SET sql_error_log_with_db_and_thread_info=OFF;
+ERROR HY000: Variable 'sql_error_log_with_db_and_thread_info' is a read only variable
+#
+# Using test database from mtr
+#
+DROP DATABASE db;
+ERROR HY000: Can't drop database 'db'; database doesn't exist
+#
+# Using no database at all
+#
+connect  con1,localhost,root,,*NO-ONE*;
+DROP DATABASE dbnodb;
+ERROR HY000: Can't drop database 'dbnodb'; database doesn't exist
+disconnect con1;
+connection default;
+#
+# Using database with name `NULL`
+#
+CREATE DATABASE `NULL`;
+USE `NULL`;
+DROP DATABASE db;
+ERROR HY000: Can't drop database 'db'; database doesn't exist
+TIME THREAD_ID HOSTNAME `mtr` WARNING 1286: Unknown storage engine 'InnoDB' : SELECT CONCAT(table_schema, '.', table_name) AS columns_in_mysql,   	 column_name, ordinal_position, column_default, is_nullable,          data_type, character_maximum_length, character_octet_length,          numeric_precision, numeric_scale, character_set_name,          collation_name, column_type, column_key, extra, column_comment     FROM INFORMATION_SCHEMA.COLUMNS       WHERE table_schema='mysql'         ORDER BY columns_in_mysql 
+TIME THREAD_ID HOSTNAME `mtr` WARNING 1286: Unknown storage engine 'InnoDB' : SELECT CONCAT(table_schema, '.', table_name) AS columns_in_mysql,   	 column_name, ordinal_position, column_default, is_nullable,          data_type, character_maximum_length, character_octet_length,          numeric_precision, numeric_scale, character_set_name,          collation_name, column_type, column_key, extra, column_comment     FROM INFORMATION_SCHEMA.COLUMNS       WHERE table_schema='mysql'         ORDER BY columns_in_mysql 
+TIME THREAD_ID HOSTNAME `mtr` WARNING 1286: Unknown storage engine 'InnoDB' : SELECT CONCAT(table_schema, '.', table_name) AS columns_in_mysql,   	 column_name, ordinal_position, column_default, is_nullable,          data_type, character_maximum_length, character_octet_length,          numeric_precision, numeric_scale, character_set_name,          collation_name, column_type, column_key, extra, column_comment     FROM INFORMATION_SCHEMA.COLUMNS       WHERE table_schema='mysql'         ORDER BY columns_in_mysql 
+TIME THREAD_ID HOSTNAME `test` ERROR 1238: Variable 'sql_error_log_with_db_and_thread_info' is a read only variable : SET sql_error_log_with_db_and_thread_info=OFF 
+TIME THREAD_ID HOSTNAME `test` ERROR 1008: Can't drop database 'db'; database doesn't exist : DROP DATABASE db 
+TIME THREAD_ID HOSTNAME NULL ERROR 1008: Can't drop database 'dbnodb'; database doesn't exist : DROP DATABASE dbnodb 
+TIME THREAD_ID HOSTNAME `NULL` ERROR 1008: Can't drop database 'db'; database doesn't exist : DROP DATABASE db 
+DROP DATABASE `NULL`;
diff --git a/mysql-test/suite/plugins/r/test_sql_service.result b/mysql-test/suite/plugins/r/test_sql_service.result
index 2983da28..bb0b536a 100644
--- a/mysql-test/suite/plugins/r/test_sql_service.result
+++ b/mysql-test/suite/plugins/r/test_sql_service.result
@@ -1,8 +1,8 @@
-reset master;
 install plugin test_sql_service soname 'test_sql_service';
 show status like 'test_sql_service_passed';
 Variable_name	Value
 Test_sql_service_passed	1
+reset master;
 set global test_sql_service_execute_sql_global= 'create table test.t1 select 1 as a, @@SQL_LOG_BIN';
 set global test_sql_service_execute_sql_local=  'insert into test.t1 select 2 as a, @@SQL_LOG_BIN';
 set global test_sql_service_execute_sql_global= 'SET SQL_LOG_BIN=1';
diff --git a/mysql-test/suite/plugins/t/compression.combinations b/mysql-test/suite/plugins/t/compression.combinations
index 645ca60e..17ea9e82 100644
--- a/mysql-test/suite/plugins/t/compression.combinations
+++ b/mysql-test/suite/plugins/t/compression.combinations
@@ -1,25 +1,30 @@
 [innodb-bzip2]
 innodb
+innodb-fast-shutdown=0
 plugin-load-add=$PROVIDER_BZIP2_SO
 loose-provider-bzip2
 
 [innodb-lz4]
 innodb
+innodb-fast-shutdown=0
 plugin-load-add=$PROVIDER_LZ4_SO
 loose-provider-lz4
 
 [innodb-lzma]
 innodb
+innodb-fast-shutdown=0
 plugin-load-add=$PROVIDER_LZMA_SO
 loose-provider-lzma
 
 [innodb-lzo]
 innodb
+innodb-fast-shutdown=0
 plugin-load-add=$PROVIDER_LZO_SO
 loose-provider-lzo
 
 [innodb-snappy]
 innodb
+innodb-fast-shutdown=0
 plugin-load-add=$PROVIDER_SNAPPY_SO
 loose-provider-snappy
 
diff --git a/mysql-test/suite/plugins/t/compression.test b/mysql-test/suite/plugins/t/compression.test
index c97c5725..df892acf 100644
--- a/mysql-test/suite/plugins/t/compression.test
+++ b/mysql-test/suite/plugins/t/compression.test
@@ -21,6 +21,7 @@ if ($engine == "innodb") {
   let $table_params = page_compressed = 1;
   call mtr.add_suppression("Background Page read failed to read, uncompress, or decrypt");
   call mtr.add_suppression("Table is compressed or encrypted but uncompress or decrypt failed");
+  call mtr.add_suppression("Table `test`.`t1` is corrupted. Please drop the table and recreate");
   call mtr.add_suppression("Table .*t1.* is compressed with (\\w+), which is not currently loaded. Please load the \\1 provider plugin to open the table");
 }
 if ($engine == "mroonga") {
@@ -39,8 +40,9 @@ let $restart_parameters = --disable-provider-$alg;
 source include/restart_mysqld.inc;
 
 if ($engine == "innodb") {
-  error ER_PROVIDER_NOT_LOADED;
+  error ER_NO_SUCH_TABLE_IN_ENGINE;
   select a, left(b, 9), length(b) from t1;
+  show warnings;
 }
 if ($engine == "mroonga"){
   select a, left(b, 9), length(b) from t1;
diff --git a/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.opt b/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.opt
new file mode 100644
index 00000000..7d502896
--- /dev/null
+++ b/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.opt
@@ -0,0 +1 @@
+--plugin-load-add=$SQL_ERRLOG_SO --sql-error-log-with-db-and-thread-info=1 --lower_case_table_names=2
diff --git a/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.test b/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.test
new file mode 100644
index 00000000..a9f01903
--- /dev/null
+++ b/mysql-test/suite/plugins/t/sql_error_log_withdbinfo.test
@@ -0,0 +1,49 @@
+--source include/not_embedded.inc
+
+if (!$SQL_ERRLOG_SO) {
+  skip No SQL_ERROR_LOG plugin;
+}
+
+show variables like 'sql_error_log%';
+set global sql_error_log_rate=1;
+
+let $MYSQLD_DATADIR= `SELECT @@datadir`;
+
+--echo # Trying to set the variable at runtime
+
+--error ER_INCORRECT_GLOBAL_LOCAL_VAR
+SET sql_error_log_with_db_and_thread_info=OFF;
+
+--echo #
+--echo # Using test database from mtr
+--echo #
+
+--error ER_DB_DROP_EXISTS
+DROP DATABASE db;
+
+--echo #
+--echo # Using no database at all
+--echo #
+
+
+connect (con1,localhost,root,,*NO-ONE*);
+--error ER_DB_DROP_EXISTS
+DROP DATABASE dbnodb;
+disconnect con1;
+connection default;
+
+--echo #
+--echo # Using database with name `NULL`
+--echo #
+CREATE DATABASE `NULL`;
+USE `NULL`;
+--error ER_DB_DROP_EXISTS
+DROP DATABASE db;
+
+
+--let SEARCH_FILE= $MYSQLD_DATADIR/sql_errors.log
+--let LINES_TO_READ=7
+--replace_regex /[1-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9] [ 0-9][0-9]:[0-9][0-9]:[0-9][0-9] [0-9]* .* @ .* `mtr` /TIME THREAD_ID HOSTNAME `mtr` //[1-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9] [ 0-9][0-9]:[0-9][0-9]:[0-9][0-9] [0-9]* .* @ .* `test` /TIME THREAD_ID HOSTNAME `test` //[1-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9] [ 0-9][0-9]:[0-9][0-9]:[0-9][0-9] [0-9]* .* @ .* NULL /TIME THREAD_ID HOSTNAME NULL //[1-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9] [ 0-9][0-9]:[0-9][0-9]:[0-9][0-9] [0-9]* .* @ .* `NULL` /TIME THREAD_ID HOSTNAME `NULL` /
+--source include/read_head.inc
+
+DROP DATABASE `NULL`;
diff --git a/mysql-test/suite/plugins/t/test_sql_service.test b/mysql-test/suite/plugins/t/test_sql_service.test
index 2f53c1d5..ee611ef9 100644
--- a/mysql-test/suite/plugins/t/test_sql_service.test
+++ b/mysql-test/suite/plugins/t/test_sql_service.test
@@ -1,8 +1,6 @@
 --source include/not_embedded.inc
 --source include/have_log_bin.inc
 
-reset master; # clear binlogs
-
 if (!$TEST_SQL_SERVICE_SO) {
   skip No TEST_SQL_SERVICE plugin;
 }
@@ -13,6 +11,7 @@ source include/wait_until_count_sessions.inc;
 
 install plugin test_sql_service soname 'test_sql_service';
 show status like 'test_sql_service_passed';
+reset master;
 
 set global test_sql_service_execute_sql_global= 'create table test.t1 select 1 as a, @@SQL_LOG_BIN';
 set global test_sql_service_execute_sql_local=  'insert into test.t1 select 2 as a, @@SQL_LOG_BIN';
@@ -76,8 +75,7 @@ drop table t1;
 uninstall plugin test_sql_service;
 
 # Check that statements were executed/binlogged in correct order.
-source include/show_binlog_events.inc;
+--source include/show_binlog_events.inc
 # --replace_column 2 # 5 #
 # --replace_regex /xid=[0-9]+/xid=XX/ /GTID [0-9]+-[0-9]+-[0-9]+/GTID #-#-#/
-# SHOW BINLOG EVENTS LIMIT 3,100;
-
+# SHOW BINLOG EVENTS LIMIT 3,5;
diff --git a/mysql-test/suite/roles/set_default_role_for.result b/mysql-test/suite/roles/set_default_role_for.result
index 57a14711..1b133b1b 100644
--- a/mysql-test/suite/roles/set_default_role_for.result
+++ b/mysql-test/suite/roles/set_default_role_for.result
@@ -14,7 +14,7 @@ set default role role_a for user_a@localhost;
 set default role invalid_role for user_a@localhost;
 ERROR OP000: Invalid role specification `invalid_role`
 set default role role_b for user_a@localhost;
-ERROR OP000: User `root`@`localhost` has not been granted role `role_b`
+ERROR OP000: User `user_a`@`localhost` has not been granted role `role_b`
 set default role role_b for user_b@localhost;
 show grants;
 Grants for user_a@localhost
diff --git a/mysql-test/suite/roles/set_default_role_invalid.result b/mysql-test/suite/roles/set_default_role_invalid.result
index 12e2c035..2cd84cf2 100644
--- a/mysql-test/suite/roles/set_default_role_invalid.result
+++ b/mysql-test/suite/roles/set_default_role_invalid.result
@@ -48,7 +48,7 @@ CREATE USER b;
 CREATE ROLE r1;
 CREATE ROLE r2;
 SET DEFAULT ROLE r1 FOR a;
-ERROR OP000: User `root`@`localhost` has not been granted role `r1`
+ERROR OP000: User `a`@`%` has not been granted role `r1`
 GRANT r1 TO b;
 GRANT r2 TO b;
 SET DEFAULT ROLE r1 FOR b;
@@ -100,7 +100,7 @@ GRANT USAGE ON *.* TO `b`@`%`
 GRANT SELECT, UPDATE ON `mysql`.* TO `b`@`%`
 SET DEFAULT ROLE `r2` FOR `b`@`%`
 SET DEFAULT ROLE r1 FOR a;
-ERROR OP000: User `b`@`%` has not been granted role `r1`
+ERROR OP000: User `a`@`%` has not been granted role `r1`
 SET DEFAULT ROLE invalid_role;
 ERROR OP000: Invalid role specification `invalid_role`
 SET DEFAULT ROLE invalid_role FOR a;
@@ -117,7 +117,7 @@ SET DEFAULT ROLE None;
 # Change user b (session 3: role granted to user a)
 SET DEFAULT ROLE r1 FOR a;
 SET DEFAULT ROLE r2 FOR a;
-ERROR OP000: User `b`@`%` has not been granted role `r2`
+ERROR OP000: User `a`@`%` has not been granted role `r2`
 SET DEFAULT ROLE invalid_role;
 ERROR OP000: Invalid role specification `invalid_role`
 SET DEFAULT ROLE invalid_role FOR a;
diff --git a/mysql-test/suite/roles/set_default_role_invalid.test b/mysql-test/suite/roles/set_default_role_invalid.test
index 02fca110..d2ef01b8 100644
--- a/mysql-test/suite/roles/set_default_role_invalid.test
+++ b/mysql-test/suite/roles/set_default_role_invalid.test
@@ -70,7 +70,6 @@ CREATE USER a;
 CREATE USER b;
 CREATE ROLE r1;
 CREATE ROLE r2;
-# Role has not been granted to user a, but the role is visible to current_user
 --error ER_INVALID_ROLE
 SET DEFAULT ROLE r1 FOR a;
 # Granting roles to user b
diff --git a/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve-master.opt b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve-master.opt
new file mode 100644
index 00000000..ec008a81
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve-master.opt
@@ -0,0 +1 @@
+--skip-name-resolve
\ No newline at end of file
diff --git a/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.result b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.result
new file mode 100644
index 00000000..a267e114
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.result
@@ -0,0 +1,85 @@
+#
+# MDEV-26875: Wrong user in SET DEFAULT ROLE error
+#
+create user test_user;
+create role test_role;
+show grants for test_user;
+Grants for test_user@%
+GRANT USAGE ON *.* TO `test_user`@`%`
+set default role test_role for test_user;
+ERROR OP000: User `test_user`@`%` has not been granted role `test_role`
+grant test_role to test_user;
+set default role test_role for test_user;
+show grants for test_user;
+Grants for test_user@%
+GRANT `test_role` TO `test_user`@`%`
+GRANT USAGE ON *.* TO `test_user`@`%`
+SET DEFAULT ROLE `test_role` FOR `test_user`@`%`
+set default role none for test_user;
+#
+# Try to set default role to role(`test_role`).
+--------------------------------------------------------------
+show grants for test_role;
+Grants for test_role
+GRANT USAGE ON *.* TO `test_role`
+create role new_role;
+grant new_role to test_role;
+show grants for test_role;
+Grants for test_role
+GRANT `new_role` TO `test_role`
+GRANT USAGE ON *.* TO `test_role`
+GRANT USAGE ON *.* TO `new_role`
+set default role new_role for test_role;
+ERROR OP000: User `test_role`@`%` has not been granted role `new_role`
+#
+# Test of errors, where hostname cannot be resolved `test_user`
+--------------------------------------------------------------
+grant test_role to test_user@'%';
+set default role test_role for test_user@'%';
+connect con_test_user,127.0.0.1,test_user,,,$MASTER_MYPORT;
+show grants;
+Grants for test_user@%
+GRANT `test_role` TO `test_user`@`%`
+GRANT USAGE ON *.* TO `test_user`@`%`
+GRANT `new_role` TO `test_role`
+GRANT USAGE ON *.* TO `test_role`
+GRANT USAGE ON *.* TO `new_role`
+SET DEFAULT ROLE `test_role` FOR `test_user`@`%`
+select current_role;
+current_role
+test_role
+set role `new_role`;
+ERROR OP000: User `test_user`@`%` has not been granted role `new_role`
+connection default;
+set default role none for test_user;
+disconnect con_test_user;
+connect con_test_user,127.0.0.1,test_user,,,$MASTER_MYPORT;
+select current_role;
+current_role
+NULL
+set role `new_role`;
+ERROR OP000: User `test_user`@`%` has not been granted role `new_role`
+connection default;
+disconnect con_test_user;
+#
+# Test of anonymous user connection
+--------------------------------------------------------------
+grant test_role to ''@localhost;
+connect con1,localhost,'',,,$MASTER_MYPORT;
+SELECT CURRENT_ROLE;
+CURRENT_ROLE
+NULL
+SET role test_role;
+SELECT CURRENT_ROLE;
+CURRENT_ROLE
+test_role
+SET role new_role;
+ERROR OP000: User ``@`localhost` has not been granted role `new_role`
+set default role test_role for ''@localhost;
+ERROR 42000: You are using MariaDB as an anonymous user and anonymous users are not allowed to modify user settings
+connection default;
+disconnect con1;
+REVOKE all privileges, grant option from ''@localhost;
+drop role new_role;
+drop role test_role;
+drop user test_user;
diff --git a/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.test b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.test
new file mode 100644
index 00000000..5b4b14d3
--- /dev/null
+++ b/mysql-test/suite/roles/set_default_role_invalid_skip_name_resolve.test
@@ -0,0 +1,78 @@
+source include/not_embedded.inc;
+
+--echo #
+--echo # MDEV-26875: Wrong user in SET DEFAULT ROLE error
+--echo #
+create user test_user;
+create role test_role;
+show grants for test_user;
+--error ER_INVALID_ROLE
+set default role test_role for test_user;
+grant test_role to test_user;
+set default role test_role for test_user;
+show grants for test_user;
+set default role none for test_user;
+
+--echo #
+--echo # Try to set default role to role(`test_role`).
+--echo --------------------------------------------------------------
+show grants for test_role;
+create role new_role;
+grant new_role to test_role;
+show grants for test_role;
+# One can not set role to a role
+--error ER_INVALID_ROLE
+set default role new_role for test_role;
+
+--echo #
+--echo # Test of errors, where hostname cannot be resolved `test_user`
+--echo --------------------------------------------------------------
+# `new_role` is granted to `test_role`
+grant test_role to test_user@'%';
+set default role test_role for test_user@'%';
+
+connect con_test_user,127.0.0.1,test_user,,,$MASTER_MYPORT;
+show grants;
+select current_role;
+# `test_user` indirectly granted `new_role`
+--error ER_INVALID_ROLE
+set role `new_role`;
+
+connection default;
+set default role none for test_user;
+disconnect con_test_user;
+
+connect con_test_user,127.0.0.1,test_user,,,$MASTER_MYPORT;
+select current_role;
+--error ER_INVALID_ROLE
+set role `new_role`;
+
+connection default;
+disconnect con_test_user;
+
+--echo #
+--echo # Test of anonymous user connection
+--echo --------------------------------------------------------------
+--source include/add_anonymous_users.inc
+# Skip windows, since it uses current user `Administrator` in buildbot.
+--source include/not_windows.inc
+grant test_role to ''@localhost;
+
+connect(con1,localhost,'',,,$MASTER_MYPORT);
+SELECT CURRENT_ROLE;
+SET role test_role;
+SELECT CURRENT_ROLE;
+# user cannot set subset role, since it is not granted explicitly
+--error ER_INVALID_ROLE
+SET role new_role;
+--error ER_PASSWORD_ANONYMOUS_USER
+set default role test_role for ''@localhost;
+
+connection default;
+disconnect con1;
+REVOKE all privileges, grant option from ''@localhost;
+--source include/delete_anonymous_users.inc
+
+drop role new_role;
+drop role test_role;
+drop user test_user;
diff --git a/mysql-test/suite/rpl/include/mdev-31448_conservative.inc b/mysql-test/suite/rpl/include/mdev-31448_conservative.inc
index 3db5a000..e479901f 100644
--- a/mysql-test/suite/rpl/include/mdev-31448_conservative.inc
+++ b/mysql-test/suite/rpl/include/mdev-31448_conservative.inc
@@ -36,7 +36,8 @@ insert into t1 values (3);
 --connection slave
 --source include/start_slave.inc
 
---let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(-1)%' and  command LIKE 'Slave_worker';
+# Wildcard for `state` as it depends on whether WSREP is compiled in or not.
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(%' and  command LIKE 'Slave_worker';
 --source include/wait_condition.inc
 --let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Waiting for prior transaction to commit%' and  command LIKE 'Slave_worker';
 --source include/wait_condition.inc
@@ -50,8 +51,8 @@ insert into t1 values (3);
 commit;
 
 --connection slave
---let $slave_timeout=1032
---source include/wait_for_slave_sql_to_stop.inc
+--let $slave_sql_errno=1032
+--source include/wait_for_slave_sql_error.inc
 
 update t1 set a=1 where a=2;
 set @@global.slave_parallel_threads = @save.slave_parallel_threads;
diff --git a/mysql-test/suite/rpl/include/mdev-31448_optimistic.inc b/mysql-test/suite/rpl/include/mdev-31448_optimistic.inc
index 22cee6b3..c561e298 100644
--- a/mysql-test/suite/rpl/include/mdev-31448_optimistic.inc
+++ b/mysql-test/suite/rpl/include/mdev-31448_optimistic.inc
@@ -55,7 +55,8 @@ drop table t2;
 --source include/start_slave.inc
 
 --echo # wait for T1
---let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(-1)%' and  command LIKE 'Slave_worker';
+# Wildcard for `state` as it depends on whether WSREP is compiled in or not.
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(%' and  command LIKE 'Slave_worker';
 --source include/wait_condition.inc
 
 --echo # wait for T2
@@ -75,8 +76,8 @@ drop table t2;
 commit;
 
 --connection slave
---let $slave_timeout=1032
---source include/wait_for_slave_sql_to_stop.inc
+--let $slave_sql_errno=1032
+--source include/wait_for_slave_sql_error.inc
 
 update t1 set a=1 where a=2;
 set @@global.slave_parallel_threads = @save.slave_parallel_threads;
diff --git a/mysql-test/suite/rpl/include/mysqlbinlog_slave_consistency.inc b/mysql-test/suite/rpl/include/mysqlbinlog_slave_consistency.inc
index 48e4399d..b571c24e 100644
--- a/mysql-test/suite/rpl/include/mysqlbinlog_slave_consistency.inc
+++ b/mysql-test/suite/rpl/include/mysqlbinlog_slave_consistency.inc
@@ -128,6 +128,7 @@ if (!$slave_sql_errno)
 }
 
 --echo # Stop $con2 so it stops receiving $con1 events.
+--let $rpl_allow_error= 1
 --source include/stop_slave.inc
 
 --connection $con1
diff --git a/mysql-test/suite/rpl/include/rpl_binlog_max_cache_size.test b/mysql-test/suite/rpl/include/rpl_binlog_max_cache_size.test
index 2634a602..77b969fc 100644
--- a/mysql-test/suite/rpl/include/rpl_binlog_max_cache_size.test
+++ b/mysql-test/suite/rpl/include/rpl_binlog_max_cache_size.test
@@ -418,6 +418,8 @@ while ($n)
 COMMIT;
 
 --connection slave
+# Multi-statement transaction raised ER_TRANS_CACHE_FULL (4096=128x32)
+# that will stop SQL slave thread
 --let $slave_sql_errno= 1197
 if (`SELECT @@binlog_format = 'ROW'`)
 {
@@ -437,7 +439,8 @@ source include/show_binlog_events.inc;
 --replace_result $old_binlog_stmt_cache_size ORIGINAL_VALUE
 --eval SET GLOBAL binlog_stmt_cache_size= $old_binlog_stmt_cache_size
 
-source include/stop_slave.inc;
+# SQL slave is stopped, stop only IO thread
+source include/stop_slave_io.inc;
 source include/start_slave.inc;
 
 connection master;
diff --git a/mysql-test/suite/rpl/include/rpl_change_master_demote.inc b/mysql-test/suite/rpl/include/rpl_change_master_demote.inc
index 4c563454..932a2b87 100644
--- a/mysql-test/suite/rpl/include/rpl_change_master_demote.inc
+++ b/mysql-test/suite/rpl/include/rpl_change_master_demote.inc
@@ -85,5 +85,16 @@ SELECT VARIABLE_NAME, GLOBAL_VALUE FROM INFORMATION_SCHEMA.SYSTEM_VARIABLES WHER
 --eval CHANGE MASTER TO master_host='127.0.0.1', master_port=$MASTER_MYPORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1
 --source include/start_slave.inc
 
+# Ensure master is ready to start sending new transactions. That is, because
+# the master does not have log_slave_updates, the slave's transactions of
+# repl_t are not binlogged, and its state is behind. If the master binlogs
+# any new transactions before the slaves connection is matured,
+# ER_GTID_POSITION_NOT_FOUND_IN_BINLOG2 can be reported to the slave
+# FIXME: We shouldn't need to do this, rather, the master should use
+# log-slave-updates and gtid-strict-mode
+--connection master
+--let $wait_condition= SELECT COUNT(*) > 0 FROM information_schema.processlist WHERE State like '%Master has sent all binlog to slave%'
+--source include/wait_condition.inc
+
 --let $include_filename= rpl_change_master_demote.inc
 --source include/end_include_file.inc
diff --git a/mysql-test/suite/rpl/include/rpl_parallel_29322.inc b/mysql-test/suite/rpl/include/rpl_parallel_29322.inc
index 96d75f33..a8b729d0 100644
--- a/mysql-test/suite/rpl/include/rpl_parallel_29322.inc
+++ b/mysql-test/suite/rpl/include/rpl_parallel_29322.inc
@@ -67,6 +67,17 @@ if ($same_version_binlogs)
 
 if (!$same_version_binlogs)
 {
+  # Make sure the dump thread is gone before moving around binlog files. Else
+  # it might see an empty file and give error (MDEV-29816).
+  --let $dump_thrid= `Select id FROM information_schema.processlist WHERE Command='Binlog Dump'`
+  if ($dump_thrid) {
+    --disable_query_log
+    --error 0,ER_NO_SUCH_THREAD
+    eval KILL CONNECTION $dump_thrid;
+    --enable_query_log
+    --let $wait_condition= SELECT COUNT(*)=0 FROM information_schema.processlist WHERE Command='Binlog Dump'
+    --source include/wait_condition.inc
+  }
   --move_file $datadir/master-bin.000002 $datadir/master-bin.000002.sav
   --copy_file $MYSQL_TEST_DIR/std_data/mdev29078-mysql-bin.000001 $datadir/master-bin.000002
   --exec $MYSQL_BINLOG --short-form $datadir/master-bin.000002
diff --git a/mysql-test/suite/rpl/include/rpl_shutdown_wait_slaves.inc b/mysql-test/suite/rpl/include/rpl_shutdown_wait_slaves.inc
index 4726bbe1..f9c007b4 100644
--- a/mysql-test/suite/rpl/include/rpl_shutdown_wait_slaves.inc
+++ b/mysql-test/suite/rpl/include/rpl_shutdown_wait_slaves.inc
@@ -75,17 +75,22 @@ EOF
 --connection server_1
 DROP TABLE t1;
 
+# Slaves IO thread will receive the disconnect error when master was shutdown
+# so we are allowing error on start.
 --connection server_2
 --disable_warnings
+--let rpl_allow_error=1
 --source include/start_slave.inc
 --enable_warnings
 
 --connection server_3
 --disable_warnings
+--let rpl_allow_error=1
 --source include/start_slave.inc
 --enable_warnings
 
 --connection server_4
 --disable_warnings
+--let rpl_allow_error=1
 --source include/start_slave.inc
 --enable_warnings
diff --git a/mysql-test/suite/rpl/include/rpl_start_stop_slave.test b/mysql-test/suite/rpl/include/rpl_start_stop_slave.test
index ae5f8361..56b04494 100644
--- a/mysql-test/suite/rpl/include/rpl_start_stop_slave.test
+++ b/mysql-test/suite/rpl/include/rpl_start_stop_slave.test
@@ -207,7 +207,7 @@ START SLAVE;
 --let $status_items= Last_IO_Errno, Last_IO_Error
 --source include/show_slave_status.inc
 
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 RESET SLAVE;
 
 --connection master
diff --git a/mysql-test/suite/rpl/include/rpl_stop_middle_group.test b/mysql-test/suite/rpl/include/rpl_stop_middle_group.test
index ac01fb04..6bc872ca 100644
--- a/mysql-test/suite/rpl/include/rpl_stop_middle_group.test
+++ b/mysql-test/suite/rpl/include/rpl_stop_middle_group.test
@@ -82,7 +82,9 @@ connection slave;
 # slave will catch the killed status, won't shut down immediately
 # but does it eventually having the whole group unfinished (not committed)
 
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_SLAVE_FATAL_ERROR
+--let slave_sql_errno= 1593
+source include/wait_for_slave_sql_error.inc;
 
 # checking: the error and group unfinished
 
@@ -120,7 +122,8 @@ connection slave;
 # but does it eventually having the whole group unfinished (not committed)
 # 
 
-source include/wait_for_slave_sql_to_stop.inc;
+--let slave_sql_errno= 1593
+source include/wait_for_slave_sql_error.inc;
 
 # checking: the error and group unfinished 
 
diff --git a/mysql-test/suite/rpl/r/mdev-31448_kill_ooo_finish_optimistic.result b/mysql-test/suite/rpl/r/mdev-31448_kill_ooo_finish_optimistic.result
index 23a16e01..7fa1a831 100644
--- a/mysql-test/suite/rpl/r/mdev-31448_kill_ooo_finish_optimistic.result
+++ b/mysql-test/suite/rpl/r/mdev-31448_kill_ooo_finish_optimistic.result
@@ -42,7 +42,8 @@ include/save_master_gtid.inc
 connection slave;
 #
 # Cleanup
-include/stop_slave.inc
+include/wait_for_slave_sql_to_stop.inc
+include/stop_slave_io.inc
 set @@global.slave_parallel_threads= 0;
 set @@global.slave_parallel_mode= optimistic;
 set @@global.innodb_lock_wait_timeout= 50;
diff --git a/mysql-test/suite/rpl/r/parallel_backup.result b/mysql-test/suite/rpl/r/parallel_backup.result
index 7cf72ed1..83c7a916 100644
--- a/mysql-test/suite/rpl/r/parallel_backup.result
+++ b/mysql-test/suite/rpl/r/parallel_backup.result
@@ -73,8 +73,6 @@ include/stop_slave.inc
 # Normal XA ROLLBACK
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
@@ -110,8 +108,6 @@ include/stop_slave.inc
 # Errored out XA COMMIT
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
diff --git a/mysql-test/suite/rpl/r/parallel_backup_lsu_off.result b/mysql-test/suite/rpl/r/parallel_backup_lsu_off.result
index b89cb154..e1fd7701 100644
--- a/mysql-test/suite/rpl/r/parallel_backup_lsu_off.result
+++ b/mysql-test/suite/rpl/r/parallel_backup_lsu_off.result
@@ -76,8 +76,6 @@ include/stop_slave.inc
 # Normal XA ROLLBACK
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
@@ -113,8 +111,6 @@ include/stop_slave.inc
 # Errored out XA COMMIT
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
diff --git a/mysql-test/suite/rpl/r/parallel_backup_slave_binlog_off.result b/mysql-test/suite/rpl/r/parallel_backup_slave_binlog_off.result
index 111bc7fb..9e29e5a3 100644
--- a/mysql-test/suite/rpl/r/parallel_backup_slave_binlog_off.result
+++ b/mysql-test/suite/rpl/r/parallel_backup_slave_binlog_off.result
@@ -76,8 +76,6 @@ include/stop_slave.inc
 # Normal XA ROLLBACK
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
@@ -113,8 +111,6 @@ include/stop_slave.inc
 # Errored out XA COMMIT
 connection slave;
 include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
 connection master;
 connection aux_slave;
 BEGIN;
diff --git a/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_loaddata.result b/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_loaddata.result
new file mode 100644
index 00000000..a876a597
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_loaddata.result
@@ -0,0 +1,38 @@
+include/master-slave.inc
+[connection master]
+connection master;
+SET @save_binlog_stmt_cache_size= @@GLOBAL.binlog_stmt_cache_size;
+SET GLOBAL binlog_stmt_cache_size= 4096;
+CALL mtr.add_suppression('"No space left on device".*An incident event is written to binary log');
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=MyISAM;
+FLUSH STATUS;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+Variable_name	Value
+Binlog_stmt_cache_disk_use	0
+Binlog_stmt_cache_use	0
+SET @old_dbug= @@SESSION.debug_dbug;
+SET SESSION debug_dbug="+d,load_data_binlog_cache_error";
+LOAD DATA CONCURRENT LOCAL INFILE 'std_data/bug30435_5k.txt'
+  REPLACE INTO TABLE t1 (a);
+ERROR HY000: Error writing file '<FILENAME>' (Errcode: 28 "No space left on device")
+SET SESSION debug_dbug= @old_dbug;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+Variable_name	Value
+Binlog_stmt_cache_disk_use	1
+Binlog_stmt_cache_use	1
+SELECT IF(COUNT(*) > 0 AND COUNT(*) < 5000,
+"ok",
+CONCAT("ERROR! Row count ", COUNT(*), " not as expected for partially executed query"))
+AS check_result
+FROM t1;
+check_result
+ok
+connection slave;
+include/wait_for_slave_sql_error_and_skip.inc [errno=1590]
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+0
+connection master;
+SET GLOBAL binlog_stmt_cache_size= @save_binlog_stmt_cache_size;
+DROP TABLE t1;
+include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_row.result b/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_row.result
new file mode 100644
index 00000000..753fdaa4
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_binlog_cache_disk_full_row.result
@@ -0,0 +1,51 @@
+include/master-slave.inc
+[connection master]
+connection master;
+SET @save_binlog_stmt_cache_size= @@GLOBAL.binlog_stmt_cache_size;
+SET GLOBAL binlog_stmt_cache_size= 4096;
+CALL mtr.add_suppression('"No space left on device".*An incident event is written to binary log');
+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(255)) ENGINE=MyISAM;
+FLUSH STATUS;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+Variable_name	Value
+Binlog_stmt_cache_disk_use	0
+Binlog_stmt_cache_use	0
+INSERT INTO t1 VALUES (0, CONCAT("?", "-", REPEAT("x", 200)));
+INSERT INTO t1 SELECT a+1, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+2, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+4, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+8, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+16, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+32, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+64, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+128, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+Variable_name	Value
+Binlog_stmt_cache_disk_use	2
+Binlog_stmt_cache_use	9
+SET @old_dbug= @@SESSION.debug_dbug;
+SET SESSION debug_dbug="+d,simulate_disk_full_at_flush_pending";
+INSERT INTO t1 SELECT a+256, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+ERROR HY000: Error writing file '<FILENAME>' (Errcode: 28 "No space left on device")
+SET SESSION debug_dbug= @old_dbug;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+Variable_name	Value
+Binlog_stmt_cache_disk_use	3
+Binlog_stmt_cache_use	10
+SELECT IF(COUNT(*) > 256 AND COUNT(*) < 512,
+"ok",
+CONCAT("ERROR! Row count ", COUNT(*), " not as expected for partially executed query"))
+AS check_result
+FROM t1;
+check_result
+ok
+ALTER TABLE t1 COMMENT '<mumble>';
+connection slave;
+include/wait_for_slave_sql_error_and_skip.inc [errno=1590]
+SELECT COUNT(*) FROM t1;
+COUNT(*)
+256
+connection master;
+SET GLOBAL binlog_stmt_cache_size= @save_binlog_stmt_cache_size;
+DROP TABLE t1;
+include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_binlog_dump_slave_gtid_state_info.result b/mysql-test/suite/rpl/r/rpl_binlog_dump_slave_gtid_state_info.result
index b913a49b..af79b482 100644
--- a/mysql-test/suite/rpl/r/rpl_binlog_dump_slave_gtid_state_info.result
+++ b/mysql-test/suite/rpl/r/rpl_binlog_dump_slave_gtid_state_info.result
@@ -8,6 +8,7 @@ CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 include/start_slave.inc
 connection master;
 "Test Case 1: Start binlog_dump to slave_server(#), pos(master-bin.000001, ###), using_gtid(1), gtid('')"
+include/wait_for_pattern_in_file.inc
 FOUND 1 /using_gtid\(1\), gtid\(\'\'\).*/ in mysqld.1.err
 connection slave;
 include/stop_slave.inc
@@ -15,6 +16,7 @@ CHANGE MASTER TO MASTER_USE_GTID=no;
 include/start_slave.inc
 connection master;
 "Test Case 2: Start binlog_dump to slave_server(#), pos(master-bin.000001, ###), using_gtid(0), gtid('')"
+include/wait_for_pattern_in_file.inc
 FOUND 1 /using_gtid\(0\), gtid\(\'\'\).*/ in mysqld.1.err
 CREATE TABLE t (f INT) ENGINE=INNODB;
 INSERT INTO t VALUES(10);
@@ -25,6 +27,7 @@ CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 include/start_slave.inc
 connection master;
 "Test Case 3: Start binlog_dump to slave_server(#), pos(master-bin.000001, ###), using_gtid(1), gtid('0-1-2')"
+include/wait_for_pattern_in_file.inc
 FOUND 1 /using_gtid\(1\), gtid\(\'0-1-2\'\).*/ in mysqld.1.err
 SET @@SESSION.gtid_domain_id=10;
 INSERT INTO t VALUES(20);
@@ -35,6 +38,7 @@ CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 include/start_slave.inc
 connection master;
 "Test Case 4: Start binlog_dump to slave_server(#), pos(master-bin.000001, ###), using_gtid(1), gtid('0-1-2,10-1-1')"
+include/wait_for_pattern_in_file.inc
 FOUND 1 /using_gtid\(1\), gtid\(\'0-1-2,10-1-1\'\).*/ in mysqld.1.err
 "===== Clean up ====="
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_change_master_demote.result b/mysql-test/suite/rpl/r/rpl_change_master_demote.result
index 38cff838..70d141ef 100644
--- a/mysql-test/suite/rpl/r/rpl_change_master_demote.result
+++ b/mysql-test/suite/rpl/r/rpl_change_master_demote.result
@@ -58,6 +58,7 @@ GTID_SLAVE_POS	0-2-3
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 2: If gtid_slave_pos is empty, gtid_binlog_pos will
 # completely overwrite it with MASTER_DEMOTE_TO_SLAVE=1.
@@ -124,6 +125,7 @@ GTID_SLAVE_POS	0-2-5
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 3: Using a single domain id, if neither gtid_slave_pos nor
 # gtid_binlog_pos are empty, and gtid_binlog_pos is more recent, then
@@ -183,6 +185,7 @@ GTID_SLAVE_POS	0-2-9
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 4: If gtid_slave_pos and gtid_binlog_pos are equivalent,
 # MASTER_DEMOTE_TO_SLAVE=1 will not change gtid_slave_pos.
@@ -244,6 +247,7 @@ GTID_SLAVE_POS	0-2-13
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 5: If a new domain id is added into gtid_binlog_pos while
 # gtid_slave_pos already has a state, MASTER_DEMOTE_TO_SLAVE=1 will
@@ -308,6 +312,7 @@ GTID_SLAVE_POS	0-2-17,1-1-2
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 6: If gtid_slave_pos has multiple GTID positions and
 # gtid_binlog_pos contains updates on existing domain ids, new
@@ -390,6 +395,7 @@ GTID_SLAVE_POS	0-2-21,1-3-4,2-1-2,4-3-2
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 7: If MASTER_DEMOTE_TO_SLAVE=1 is combined with
 # IGNORE_DOMAIN_IDS such that gtid_binlog_pos has more recent GTIDs
@@ -455,6 +461,7 @@ GTID_SLAVE_POS	0-2-24,1-3-4,2-1-3,3-1-2,4-3-2
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 #
 # Test Case 8: If gtid_binlog_pos is more recent than gtid_slave_pos,
 # and MASTER_DEMOTE_TO_SLAVE=1 is combined with a later call to
@@ -556,6 +563,7 @@ GTID_SLAVE_POS	0-2-29,1-3-4,2-1-3,3-1-2,4-3-2
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 # Demote master to slave with the more recent gtid_slave_pos
 connection master;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=SLAVE_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
@@ -619,6 +627,7 @@ GTID_SLAVE_POS	0-2-32,1-3-4,2-1-3,3-1-2,4-3-2
 connection master;
 connection slave;
 CHANGE MASTER TO master_host='127.0.0.1', master_port=MASTER_PORT, master_user='root', master_use_gtid=slave_pos, master_demote_to_slave=1;
+connection master;
 # Tag gtid_slave_pos now (before binlog updates) for later comparison
 connection master;
 # In domain 1, make gtid_slave_pos < gtid_binlog_pos
diff --git a/mysql-test/suite/rpl/r/rpl_circular_semi_sync.result b/mysql-test/suite/rpl/r/rpl_circular_semi_sync.result
index 5664b791..2596d346 100644
--- a/mysql-test/suite/rpl/r/rpl_circular_semi_sync.result
+++ b/mysql-test/suite/rpl/r/rpl_circular_semi_sync.result
@@ -1,5 +1,7 @@
 include/master-slave.inc
 [connection master]
+connection server_2;
+call mtr.add_suppression("Timeout waiting for reply of binlog");
 # Master server_1 and Slave server_2 initialization ...
 connection server_2;
 include/stop_slave.inc
@@ -40,6 +42,8 @@ set @@global.rpl_semi_sync_master_enabled = 1;
 INSERT INTO t1(a) VALUES (2);
 include/save_master_gtid.inc
 connection server_1;
+include/stop_slave.inc
+include/start_slave.inc
 #
 # the successful sync is a required proof
 #
diff --git a/mysql-test/suite/rpl/r/rpl_connection.result b/mysql-test/suite/rpl/r/rpl_connection.result
index b5ce7f4e..9fb17b5f 100644
--- a/mysql-test/suite/rpl/r/rpl_connection.result
+++ b/mysql-test/suite/rpl/r/rpl_connection.result
@@ -6,7 +6,7 @@ include/stop_slave.inc
 CHANGE MASTER TO MASTER_USER= '', MASTER_PASSWORD= '';
 START SLAVE;
 include/wait_for_slave_io_error.inc [errno=1045, 1593]
-include/stop_slave.inc
+include/stop_slave_sql.inc
 CHANGE MASTER TO MASTER_USER= 'root', MASTER_PASSWORD= '';
 START SLAVE;
 include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_deadlock_show_slave_status.result b/mysql-test/suite/rpl/r/rpl_deadlock_show_slave_status.result
new file mode 100644
index 00000000..12ad5870
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_deadlock_show_slave_status.result
@@ -0,0 +1,66 @@
+include/master-slave.inc
+[connection master]
+#
+# Initialize test data
+connection master;
+create table t1 (a int) engine=innodb;
+insert into t1 values (1);
+include/save_master_gtid.inc
+connection slave;
+include/sync_with_master_gtid.inc
+include/stop_slave.inc
+call mtr.add_suppression("Connection was killed");
+call mtr.add_suppression("Commit failed due to failure of an earlier commit on which this one depends");
+set @save_parallel_threads= @@global.slave_parallel_threads;
+set @save_parallel_mode= @@global.slave_parallel_mode;
+set @save_transaction_retries= @@global.slave_transaction_retries;
+set @save_innodb_lock_wait_timeout= @@global.innodb_lock_wait_timeout;
+set @@global.slave_parallel_threads= 2;
+set @@global.slave_parallel_mode= CONSERVATIVE;
+set @@global.slave_transaction_retries= 0;
+set @@global.innodb_lock_wait_timeout= 10;
+# Grabbing lock on innodb row to force future replication transaction to wait (and eventually timeout)
+BEGIN;
+select * from t1 where a=1 for update;
+a
+1
+connection master;
+set @old_dbug= @@session.debug_dbug;
+set @@session.debug_dbug="+d,binlog_force_commit_id";
+SET @commit_id= 10000;
+update t1 set a=2 where a=1;
+SET @commit_id= 10001;
+insert into t1 values (3);
+set @@session.debug_dbug= @old_dbug;
+connection slave;
+start slave;
+# Waiting for first transaction to start (and be held at innodb row lock)..
+# Waiting for next transaction to start and hold at do_gco_wait()..
+connection slave1;
+set @@session.debug_dbug="+d,hold_sss_with_err_lock";
+show slave status;
+connection slave;
+set debug_sync="now wait_for sss_got_err_lock";
+kill <TID of worker in do_gco_wait>;
+set debug_sync="now signal sss_continue";
+connection slave1;
+# Waiting for SHOW SLAVE STATUS to complete..
+# ..done
+connection slave;
+ROLLBACK;
+include/wait_for_slave_sql_error.inc [errno=1927]
+#
+# Cleanup
+connection master;
+drop table t1;
+include/save_master_gtid.inc
+connection slave;
+set debug_sync= "RESET";
+set @@global.slave_parallel_threads= @save_parallel_threads;
+set @@global.slave_parallel_mode= @save_parallel_mode;
+set @@global.slave_transaction_retries= @save_transaction_retries;
+set @@global.innodb_lock_wait_timeout= @save_innodb_lock_wait_timeout;
+start slave sql_thread;
+include/sync_with_master_gtid.inc
+include/rpl_end.inc
+# End of rpl_deadlock_show_slave_status.test
diff --git a/mysql-test/suite/rpl/r/rpl_delayed_slave.result b/mysql-test/suite/rpl/r/rpl_delayed_slave.result
index c8c3bc36..7ac68e25 100644
--- a/mysql-test/suite/rpl/r/rpl_delayed_slave.result
+++ b/mysql-test/suite/rpl/r/rpl_delayed_slave.result
@@ -70,6 +70,9 @@ include/stop_slave.inc
 # CHANGE MASTER TO MASTER_DELAY = 2*T
 include/start_slave.inc
 connection master;
+INSERT INTO t1 VALUES ('Syncing slave', 5);
+connection slave;
+connection master;
 INSERT INTO t1 VALUES (delay_on_slave(1), 6);
 Warnings:
 Note	1592	Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT. Statement is unsafe because it uses a system variable that may have a different value on the slave
diff --git a/mysql-test/suite/rpl/r/rpl_domain_id_filter_io_crash.result b/mysql-test/suite/rpl/r/rpl_domain_id_filter_io_crash.result
index feef82a5..5250c4bb 100644
--- a/mysql-test/suite/rpl/r/rpl_domain_id_filter_io_crash.result
+++ b/mysql-test/suite/rpl/r/rpl_domain_id_filter_io_crash.result
@@ -135,7 +135,7 @@ i
 2
 3
 SET @@global.debug_dbug=@saved_dbug;
-include/stop_slave.inc
+include/stop_slave_sql.inc
 DO_DOMAIN_IDS (BEFORE)     : 
 IGNORE_DOMAIN_IDS (BEFORE) : 
 CHANGE MASTER TO IGNORE_DOMAIN_IDS=(1), MASTER_USE_GTID=slave_pos;
@@ -204,7 +204,7 @@ i
 10
 11
 SET @@global.debug_dbug=@saved_dbug;
-include/stop_slave.inc
+include/stop_slave_sql.inc
 DO_DOMAIN_IDS (BEFORE)     : 
 IGNORE_DOMAIN_IDS (BEFORE) : 1
 CHANGE MASTER TO IGNORE_DOMAIN_IDS=(), MASTER_USE_GTID=slave_pos;
@@ -287,7 +287,7 @@ i
 16
 17
 SET @@global.debug_dbug=@saved_dbug;
-include/stop_slave.inc
+include/stop_slave_sql.inc
 DO_DOMAIN_IDS (BEFORE)     : 
 IGNORE_DOMAIN_IDS (BEFORE) : 1
 CHANGE MASTER TO IGNORE_DOMAIN_IDS=(), MASTER_USE_GTID=slave_pos;
@@ -384,7 +384,7 @@ i
 22
 23
 SET @@global.debug_dbug=@saved_dbug;
-include/stop_slave.inc
+include/stop_slave_sql.inc
 DO_DOMAIN_IDS (BEFORE)     : 
 IGNORE_DOMAIN_IDS (BEFORE) : 
 CHANGE MASTER TO IGNORE_DOMAIN_IDS=(1), MASTER_USE_GTID=slave_pos;
diff --git a/mysql-test/suite/rpl/r/rpl_domain_id_filter_master_crash.result b/mysql-test/suite/rpl/r/rpl_domain_id_filter_master_crash.result
index 0a414cb3..a54ff99b 100644
--- a/mysql-test/suite/rpl/r/rpl_domain_id_filter_master_crash.result
+++ b/mysql-test/suite/rpl/r/rpl_domain_id_filter_master_crash.result
@@ -38,7 +38,8 @@ connection master;
 include/rpl_start_server.inc [server_number=1]
 # Master has restarted successfully
 connection slave;
-include/stop_slave.inc
+include/stop_slave_sql.inc
+include/stop_slave_io.inc
 include/start_slave.inc
 select * from ti;
 a
diff --git a/mysql-test/suite/rpl/r/rpl_fail_register.result b/mysql-test/suite/rpl/r/rpl_fail_register.result
index 2cddc796..0398220c 100644
--- a/mysql-test/suite/rpl/r/rpl_fail_register.result
+++ b/mysql-test/suite/rpl/r/rpl_fail_register.result
@@ -1,14 +1,15 @@
 include/master-slave.inc
 [connection master]
 connection slave;
+CALL mtr.add_suppression("Slave I/O: Master command COM_REGISTER_SLAVE failed: Debug Induced Error");
 set @old_dbug=@@global.debug_dbug;
 set global debug_dbug='d,fail_com_register_slave';
 stop slave;
 reset slave;
 include/wait_for_slave_to_stop.inc
 start slave;
-stop slave;
-include/wait_for_slave_to_stop.inc
+include/wait_for_slave_io_error.inc [errno=1597]
+include/stop_slave_sql.inc
 set global debug_dbug=@old_dbug;
 connection master;
 kill DUMP_THREAD;
diff --git a/mysql-test/suite/rpl/r/rpl_gis_user_var.result b/mysql-test/suite/rpl/r/rpl_gis_user_var.result
new file mode 100644
index 00000000..c6aab9e0
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_gis_user_var.result
@@ -0,0 +1,21 @@
+include/master-slave.inc
+[connection master]
+#
+#
+#
+connection master;
+SET @p=POINT(1,1);
+CREATE TABLE t1 AS SELECT @p AS p;
+connection slave;
+SHOW CREATE TABLE t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `p` point DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci
+SELECT ST_AsWKT(p) FROM t1;
+ST_AsWKT(p)
+POINT(1 1)
+connection master;
+DROP TABLE t1;
+connection slave;
+include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_gtid_basic.result b/mysql-test/suite/rpl/r/rpl_gtid_basic.result
index 584499a9..a7da7010 100644
--- a/mysql-test/suite/rpl/r/rpl_gtid_basic.result
+++ b/mysql-test/suite/rpl/r/rpl_gtid_basic.result
@@ -188,6 +188,13 @@ BINLOG_GTID_POS('master-bin.000001',18446744073709551616)
 NULL
 Warnings:
 Warning	1916	Got overflow when converting '18446744073709551616' to INT. Value truncated
+SET sql_log_bin= 0;
+CREATE TABLE t1 AS SELECT MASTER_POS_WAIT(@binlog_file, 4, 0);
+SELECT BINLOG_GTID_POS(@binlog_file, 4);
+BINLOG_GTID_POS(@binlog_file, 4)
+NULL
+DROP TABLE t1;
+SET sql_log_bin= 1;
 *** Some tests of @@GLOBAL.gtid_binlog_state ***
 connection server_2;
 include/sync_with_master_gtid.inc
diff --git a/mysql-test/suite/rpl/r/rpl_gtid_delete_domain.result b/mysql-test/suite/rpl/r/rpl_gtid_delete_domain.result
index 9c369734..9e788e8f 100644
--- a/mysql-test/suite/rpl/r/rpl_gtid_delete_domain.result
+++ b/mysql-test/suite/rpl/r/rpl_gtid_delete_domain.result
@@ -52,7 +52,7 @@ Waiting until 'Slave_IO_Running' = 'Yes' [$slave_error_param='Last_IO_Errno']
 .. con='slave' warn='1' qlog='1' rlog='1' aborterr='1'
 ...==== BEGIN include/wait_for_slave_param.inc [Slave_SQL_Running] ====
 ... con='slave' warn='1' qlog='1' rlog='1' aborterr='1'
-Waiting until 'Slave_SQL_Running' = 'Yes' [$slave_error_param='1']
+Waiting until 'Slave_SQL_Running' = 'Yes' [$slave_error_param='']
 [connection slave]
 ...==== END include/wait_for_slave_param.inc [Slave_SQL_Running] ====
 ... con='slave' warn='1' qlog='1' rlog='1' aborterr='1'
diff --git a/mysql-test/suite/rpl/r/rpl_gtid_errorlog.result b/mysql-test/suite/rpl/r/rpl_gtid_errorlog.result
index 593f83a7..229ac02b 100644
--- a/mysql-test/suite/rpl/r/rpl_gtid_errorlog.result
+++ b/mysql-test/suite/rpl/r/rpl_gtid_errorlog.result
@@ -23,7 +23,8 @@ INSERT INTO t1 VALUES (2);
 SET sql_log_bin=1;
 START SLAVE;
 include/wait_for_slave_sql_error.inc [errno=1062]
-include/stop_slave.inc
+include/wait_for_slave_io_to_start.inc
+include/stop_slave_io.inc
 SET GLOBAL gtid_slave_pos= "0-1-100";
 include/start_slave.inc
 SELECT * FROM t1 ORDER BY a;
@@ -39,7 +40,7 @@ REPLACE INTO t1 VALUES (5);
 SET debug_dbug= @dbug_save;
 connection slave;
 include/wait_for_slave_sql_error.inc [errno=1590]
-include/stop_slave.inc
+include/stop_slave_io.inc
 SET sql_slave_skip_counter=1;
 include/start_slave.inc
 SELECT * FROM t1 ORDER BY a;
diff --git a/mysql-test/suite/rpl/r/rpl_gtid_slave_filtering.result b/mysql-test/suite/rpl/r/rpl_gtid_slave_filtering.result
new file mode 100644
index 00000000..84080b94
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_gtid_slave_filtering.result
@@ -0,0 +1,78 @@
+include/rpl_init.inc [topology=1->2->3]
+*** Test GTID master switch in a topology with filtered events.
+*** With --gtid-ignore-duplicate and --gtid-strict-mode, should allow
+*** GTID connect at a GTID position that is filtered on the new master.
+connection server_1;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t1 VALUES (1,1);
+CREATE TABLE t3 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t3 VALUES (1,1);
+INSERT INTO t1 VALUES (2,1);
+INSERT INTO t3 VALUES (2,1);
+include/save_master_gtid.inc
+connection server_2;
+CREATE TABLE t2 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t2 VALUES (1,2);
+include/sync_with_master_gtid.inc
+include/save_master_gtid.inc
+connection server_3;
+include/sync_with_master_gtid.inc
+*** Promote 3 as new master, demote 2 as slave of 3.
+*** GTID position of 2 in domain 0 is filtered on 3.
+connection server_2;
+include/stop_slave.inc
+connection server_3;
+include/stop_slave.inc
+CHANGE MASTER TO master_host = '127.0.0.1', master_port = SERVER_MYPORT_1,
+MASTER_USE_GTID=SLAVE_POS;
+connection server_2;
+CHANGE MASTER TO master_host = '127.0.0.1', master_port = SERVER_MYPORT_3,
+MASTER_USE_GTID=SLAVE_POS;
+include/start_slave.inc
+connection server_3;
+include/start_slave.inc
+connection server_1;
+INSERT INTO t1 VALUES (3,1);
+INSERT INTO t3 VALUES (3,1);
+include/save_master_gtid.inc
+connection server_3;
+INSERT INTO t2 VALUES (2,2);
+include/sync_with_master_gtid.inc
+include/save_master_gtid.inc
+connection server_2;
+include/sync_with_master_gtid.inc
+SELECT * FROM t1 ORDER BY a;
+a	b
+1	1
+2	1
+3	1
+SELECT * FROM t3 ORDER BY a;
+ERROR 42S02: Table 'test.t3' doesn't exist
+SELECT * FROM t2 ORDER BY a;
+a	b
+1	2
+2	2
+*** Restore original topology.
+connection server_3;
+include/stop_slave.inc
+connection server_2;
+include/stop_slave.inc
+CHANGE MASTER TO master_host = '127.0.0.1', master_port = SERVER_MYPORT_1,
+MASTER_USE_GTID=SLAVE_POS;
+include/start_slave.inc
+connection server_3;
+CHANGE MASTER TO master_host = '127.0.0.1', master_port = SERVER_MYPORT_2,
+MASTER_USE_GTID=SLAVE_POS;
+include/start_slave.inc
+connection server_1;
+DROP TABLE t1;
+DROP TABLE t3;
+include/save_master_gtid.inc
+connection server_2;
+DROP TABLE t2;
+include/sync_with_master_gtid.inc
+include/save_master_gtid.inc
+connection server_3;
+include/sync_with_master_gtid.inc
+include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_gtid_startpos.result b/mysql-test/suite/rpl/r/rpl_gtid_startpos.result
index e38eddcc..f271e730 100644
--- a/mysql-test/suite/rpl/r/rpl_gtid_startpos.result
+++ b/mysql-test/suite/rpl/r/rpl_gtid_startpos.result
@@ -36,7 +36,7 @@ CHANGE MASTER TO master_host = '127.0.0.1', master_port = MASTER_PORT,
 MASTER_USE_GTID=SLAVE_POS;
 START SLAVE;
 include/wait_for_slave_io_error.inc [errno=1236]
-include/stop_slave.inc
+include/stop_slave_sql.inc
 CHANGE MASTER TO master_host = '127.0.0.1', master_port = MASTER_PORT,
 MASTER_LOG_FILE="master-bin.000003", MASTER_LOG_POS=4, MASTER_USE_GTID=NO;
 include/start_slave.inc
diff --git a/mysql-test/suite/rpl/r/rpl_heartbeat_basic.result b/mysql-test/suite/rpl/r/rpl_heartbeat_basic.result
index 88e02141..a9bd16cc 100644
--- a/mysql-test/suite/rpl/r/rpl_heartbeat_basic.result
+++ b/mysql-test/suite/rpl/r/rpl_heartbeat_basic.result
@@ -228,7 +228,7 @@ call mtr.add_suppression("Slave SQL.*Duplicate entry .1. for key .PRIMARY.. on q
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin= 1;
 Heartbeat events are received while sql thread stopped (1 means 'yes'): 1
-include/stop_slave.inc
+include/stop_slave_io.inc
 set sql_log_bin= 0;
 DROP TABLE t1;
 set sql_log_bin= 1;
diff --git a/mysql-test/suite/rpl/r/rpl_invoked_features.result b/mysql-test/suite/rpl/r/rpl_invoked_features.result
index 43a8e862..3cfd40d5 100644
--- a/mysql-test/suite/rpl/r/rpl_invoked_features.result
+++ b/mysql-test/suite/rpl/r/rpl_invoked_features.result
@@ -45,14 +45,14 @@ BEGIN
 UPDATE t12 SET c = '';
 UPDATE t13 SET c = '';
 END|
-CREATE EVENT e1 ON SCHEDULE EVERY 1 SECOND DISABLE DO
+CREATE EVENT e1 ON SCHEDULE EVERY 10 SECOND DISABLE DO
 BEGIN
 ALTER EVENT e1 DISABLE;
 CALL p1(10, '');  
 END|
 Warnings:
 Warning	1105	Event scheduler is switched off, use SET GLOBAL event_scheduler=ON to enable it.
-CREATE EVENT e11 ON SCHEDULE EVERY 1 SECOND DISABLE DO
+CREATE EVENT e11 ON SCHEDULE EVERY 10 SECOND DISABLE DO
 BEGIN
 ALTER EVENT e11 DISABLE;
 CALL p11(10, '');  
diff --git a/mysql-test/suite/rpl/r/rpl_mariadb_slave_capability.result b/mysql-test/suite/rpl/r/rpl_mariadb_slave_capability.result
index 68e8b22d..fddb07c9 100644
--- a/mysql-test/suite/rpl/r/rpl_mariadb_slave_capability.result
+++ b/mysql-test/suite/rpl/r/rpl_mariadb_slave_capability.result
@@ -6,6 +6,11 @@ connection slave;
 include/stop_slave.inc
 CHANGE MASTER TO MASTER_USE_GTID=NO;
 include/start_slave.inc
+connection master;
+# Ensure only the new binlog dump thread is alive (wait for the old one
+# to complete its kill)
+# And that it has already sent its fake rotate
+connection slave;
 include/stop_slave.inc
 # Test slave with no capability gets dummy event, which is ignored.
 set @old_dbug= @@global.debug_dbug;
diff --git a/mysql-test/suite/rpl/r/rpl_mdev_17614.result b/mysql-test/suite/rpl/r/rpl_mdev_17614.result
index 0cc92474..7e2e8727 100644
--- a/mysql-test/suite/rpl/r/rpl_mdev_17614.result
+++ b/mysql-test/suite/rpl/r/rpl_mdev_17614.result
@@ -29,8 +29,7 @@ SELECT * FROM t1;
 a	b	c
 1	1	1
 2	2	3
-stop slave;
-include/wait_for_slave_to_stop.inc
+include/stop_slave_io.inc
 include/reset_slave.inc
 connection master;
 reset master;
@@ -189,8 +188,7 @@ SELECT * FROM t1;
 a	b	c
 1	1	1
 2	2	3
-stop slave;
-include/wait_for_slave_to_stop.inc
+include/stop_slave_io.inc
 include/reset_slave.inc
 connection master;
 reset master;
diff --git a/mysql-test/suite/rpl/r/rpl_mixed_binlog_max_cache_size.result b/mysql-test/suite/rpl/r/rpl_mixed_binlog_max_cache_size.result
index e94e097f..dbaceb65 100644
--- a/mysql-test/suite/rpl/r/rpl_mixed_binlog_max_cache_size.result
+++ b/mysql-test/suite/rpl/r/rpl_mixed_binlog_max_cache_size.result
@@ -197,7 +197,7 @@ SET GLOBAL max_binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL max_binlog_stmt_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_stmt_cache_size= ORIGINAL_VALUE;
-include/stop_slave.inc
+include/stop_slave_io.inc
 include/start_slave.inc
 connection master;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_parallel_ignored_errors.result b/mysql-test/suite/rpl/r/rpl_parallel_ignored_errors.result
index ce11b814..57654d15 100644
--- a/mysql-test/suite/rpl/r/rpl_parallel_ignored_errors.result
+++ b/mysql-test/suite/rpl/r/rpl_parallel_ignored_errors.result
@@ -36,7 +36,8 @@ connection server_2;
 connection con_temp2;
 COMMIT;
 connection server_2;
-include/stop_slave.inc
+include/wait_for_slave_sql_error.inc [errno=1062]
+include/stop_slave_io.inc
 include/assert.inc [table t1 should have zero rows where a>32]
 SELECT * FROM t1 WHERE a>32;
 a
diff --git a/mysql-test/suite/rpl/r/rpl_parallel_kill.result b/mysql-test/suite/rpl/r/rpl_parallel_kill.result
index 7e6b0657..8772ac99 100644
--- a/mysql-test/suite/rpl/r/rpl_parallel_kill.result
+++ b/mysql-test/suite/rpl/r/rpl_parallel_kill.result
@@ -30,7 +30,7 @@ kill $t3_tid;
 connection slave1;
 commit;
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 update t1 set a=1 where a=2;
 set @@global.slave_parallel_threads = @save.slave_parallel_threads;
 set @@global.slave_parallel_mode = @save.slave_parallel_mode;
@@ -78,7 +78,7 @@ include/wait_for_slave_param.inc [Last_Errno]
 connection slave1;
 commit;
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 update t1 set a=1 where a=2;
 set @@global.slave_parallel_threads = @save.slave_parallel_threads;
 set @@global.slave_parallel_mode = @save.slave_parallel_mode;
@@ -127,7 +127,7 @@ include/wait_for_slave_param.inc [Last_Errno]
 connection slave1;
 commit;
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 update t1 set a=1 where a=2;
 set @@global.slave_parallel_threads = @save.slave_parallel_threads;
 set @@global.slave_parallel_mode = @save.slave_parallel_mode;
diff --git a/mysql-test/suite/rpl/r/rpl_parallel_missed_error_handling.result b/mysql-test/suite/rpl/r/rpl_parallel_missed_error_handling.result
index e9d04c02..c9094c8b 100644
--- a/mysql-test/suite/rpl/r/rpl_parallel_missed_error_handling.result
+++ b/mysql-test/suite/rpl/r/rpl_parallel_missed_error_handling.result
@@ -38,7 +38,6 @@ connection con2;
 SET debug_sync='RESET';
 connection server_2;
 include/wait_for_slave_sql_error.inc [errno=1062]
-include/wait_for_slave_sql_to_stop.inc
 SELECT * FROM t3 WHERE a >= 110 ORDER BY a;
 a	b
 110	1
diff --git a/mysql-test/suite/rpl/r/rpl_row_big_table_id.result b/mysql-test/suite/rpl/r/rpl_row_big_table_id.result
index 694a6132..0c51e58f 100644
--- a/mysql-test/suite/rpl/r/rpl_row_big_table_id.result
+++ b/mysql-test/suite/rpl/r/rpl_row_big_table_id.result
@@ -21,22 +21,22 @@ master-bin.000001	#	Gtid	1	#	GTID #-#-#
 master-bin.000001	#	Query	1	#	use `test`; ALTER TABLE t comment ''
 master-bin.000001	#	Gtid	1	#	BEGIN GTID #-#-#
 master-bin.000001	#	Annotate_rows	1	#	INSERT INTO t SET a= 1
-master-bin.000001	#	Table_map	1	#	table_id: 4294967295 (test.t)
-master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967295 flags: STMT_END_F
+master-bin.000001	#	Table_map	1	#	table_id: 4294967296 (test.t)
+master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967296 flags: STMT_END_F
 master-bin.000001	#	Query	1	#	COMMIT
 master-bin.000001	#	Gtid	1	#	GTID #-#-#
 master-bin.000001	#	Query	1	#	use `test`; ALTER TABLE t comment ''
 master-bin.000001	#	Gtid	1	#	BEGIN GTID #-#-#
 master-bin.000001	#	Annotate_rows	1	#	INSERT INTO t SET a= 2
-master-bin.000001	#	Table_map	1	#	table_id: 4294967296 (test.t)
-master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967296 flags: STMT_END_F
+master-bin.000001	#	Table_map	1	#	table_id: 4294967297 (test.t)
+master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967297 flags: STMT_END_F
 master-bin.000001	#	Query	1	#	COMMIT
 master-bin.000001	#	Gtid	1	#	GTID #-#-#
 master-bin.000001	#	Query	1	#	use `test`; ALTER TABLE t comment ''
 master-bin.000001	#	Gtid	1	#	BEGIN GTID #-#-#
 master-bin.000001	#	Annotate_rows	1	#	INSERT INTO t SET a= 3
-master-bin.000001	#	Table_map	1	#	table_id: 4294967297 (test.t)
-master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967297 flags: STMT_END_F
+master-bin.000001	#	Table_map	1	#	table_id: 4294967298 (test.t)
+master-bin.000001	#	Write_rows_v1	1	#	table_id: 4294967298 flags: STMT_END_F
 master-bin.000001	#	Query	1	#	COMMIT
 connection slave;
 connection master;
diff --git a/mysql-test/suite/rpl/r/rpl_row_binlog_max_cache_size.result b/mysql-test/suite/rpl/r/rpl_row_binlog_max_cache_size.result
index a8e569aa..e1000835 100644
--- a/mysql-test/suite/rpl/r/rpl_row_binlog_max_cache_size.result
+++ b/mysql-test/suite/rpl/r/rpl_row_binlog_max_cache_size.result
@@ -191,7 +191,7 @@ SET GLOBAL max_binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL max_binlog_stmt_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_stmt_cache_size= ORIGINAL_VALUE;
-include/stop_slave.inc
+include/stop_slave_io.inc
 include/start_slave.inc
 connection master;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_row_corruption.result b/mysql-test/suite/rpl/r/rpl_row_corruption.result
index 24535460..1950617a 100644
--- a/mysql-test/suite/rpl/r/rpl_row_corruption.result
+++ b/mysql-test/suite/rpl/r/rpl_row_corruption.result
@@ -14,7 +14,7 @@ connection master;
 UPDATE t1_11753004, t2_11753004 SET t1_11753004.c1=3, t2_11753004.c1=4 WHERE t1_11753004.c1=1 OR t2_11753004.c1=2;
 connection slave;
 include/wait_for_slave_sql_error.inc [errno=1593 ]
-include/stop_slave.inc
+include/stop_slave_io.inc
 SET @@global.debug_dbug=@saved_debug;
 include/start_slave.inc
 connection master;
diff --git a/mysql-test/suite/rpl/r/rpl_row_idempotency.result b/mysql-test/suite/rpl/r/rpl_row_idempotency.result
index c655ae67..061cc836 100644
--- a/mysql-test/suite/rpl/r/rpl_row_idempotency.result
+++ b/mysql-test/suite/rpl/r/rpl_row_idempotency.result
@@ -89,7 +89,7 @@ b
 3
 *** slave must stop (Trying to delete a referenced foreing key)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1451]
 Last_SQL_Error
 1451
 select * from ti1 order by b /* must be (1),(2),(3) - not deleted */;
@@ -114,7 +114,7 @@ connection master;
 insert into ti2 set a=3, b=3 /* offending write event */;
 *** slave must stop (Trying to insert an invalid foreign key)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1452]
 Last_SQL_Error
 1452
 select * from ti2 order by b /* must be (2,2) */;
@@ -139,9 +139,9 @@ a	b
 insert into ti1 set b=1;
 connection master;
 insert into ti1 set b=1 /* offending write event */;
-*** slave must stop (Trying to insert a dupliacte key)
+*** slave must stop (Trying to insert a duplicate key)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1062]
 Last_SQL_Error
 1062
 set foreign_key_checks= 0;
@@ -164,7 +164,7 @@ connection master;
 DELETE FROM t1 WHERE a = -2;
 *** slave must stop (Key was not found)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 Last_SQL_Error
 1032
 set global slave_exec_mode='IDEMPOTENT';
@@ -176,7 +176,7 @@ connection master;
 DELETE FROM t2 WHERE a = -2;
 *** slave must stop (Key was not found)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 Last_SQL_Error
 1032
 set global slave_exec_mode='IDEMPOTENT';
@@ -190,7 +190,7 @@ connection master;
 UPDATE t1 SET a = 1 WHERE a = -1;
 *** slave must stop (Key was not found)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 Last_SQL_Error
 1032
 set global slave_exec_mode='IDEMPOTENT';
@@ -202,7 +202,7 @@ connection master;
 UPDATE t2 SET a = 1 WHERE a = -1;
 *** slave must stop (Key was not found)
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1032]
 Last_SQL_Error
 1032
 set global slave_exec_mode='IDEMPOTENT';
diff --git a/mysql-test/suite/rpl/r/rpl_row_until.result b/mysql-test/suite/rpl/r/rpl_row_until.result
index 8ef10bf4..b4e3704c 100644
--- a/mysql-test/suite/rpl/r/rpl_row_until.result
+++ b/mysql-test/suite/rpl/r/rpl_row_until.result
@@ -51,7 +51,9 @@ ERROR HY000: Incorrect parameter or combination of parameters for START SLAVE UN
 START SLAVE UNTIL RELAY_LOG_FILE='slave-relay-bin.000002', MASTER_LOG_POS=MASTER_LOG_POS;
 ERROR HY000: Incorrect parameter or combination of parameters for START SLAVE UNTIL
 START SLAVE UNTIL MASTER_LOG_FILE='master-bin.000001', MASTER_LOG_POS=MASTER_LOG_POS;
-include/stop_slave.inc
+include/wait_for_slave_io_to_start.inc
+include/wait_for_slave_sql_to_stop.inc
+include/stop_slave_io.inc
 include/reset_slave.inc
 include/start_slave.inc
 include/rpl_reset.inc
diff --git a/mysql-test/suite/rpl/r/rpl_seconds_behind_master_spike.result b/mysql-test/suite/rpl/r/rpl_seconds_behind_master_spike.result
index 9c7a257c..c208ee2e 100644
--- a/mysql-test/suite/rpl/r/rpl_seconds_behind_master_spike.result
+++ b/mysql-test/suite/rpl/r/rpl_seconds_behind_master_spike.result
@@ -6,7 +6,8 @@ CHANGE MASTER TO MASTER_USE_GTID=NO;
 include/start_slave.inc
 include/stop_slave.inc
 SET @save_dbug= @@GLOBAL.debug_dbug;
-SET @@global.debug_dbug="+d,pause_sql_thread_on_fde,negate_clock_diff_with_master";
+SET @@global.debug_dbug="+d,pause_sql_thread_on_relay_fde_after_trans";
+SET @@global.debug_dbug="+d,negate_clock_diff_with_master";
 include/start_slave.inc
 # Future events must be logged at least 2 seconds after
 # the slave starts
@@ -18,11 +19,6 @@ insert into t1 values (1);
 # event in its relay log
 flush logs;
 connection slave;
-# Ignore FDEs that happen before the CREATE/INSERT commands
-SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
-SET DEBUG_SYNC='now SIGNAL sql_thread_continue';
-SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
-SET DEBUG_SYNC='now SIGNAL sql_thread_continue';
 # On the next FDE, the slave should have the master CREATE/INSERT events
 SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
 select count(*)=1 from t1;
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync.result b/mysql-test/suite/rpl/r/rpl_semi_sync.result
index edd5e774..03e3443b 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync.result
@@ -7,7 +7,6 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
 set sql_log_bin=0;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin=1;
@@ -28,7 +27,7 @@ set global rpl_semi_sync_slave_enabled= 0;
 # Main test of semi-sync replication start here
 #
 connection master;
-set global rpl_semi_sync_master_timeout= 60000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ default state of semi-sync on master should be OFF ]
 show variables like 'rpl_semi_sync_master_enabled';
 Variable_name	Value
@@ -163,11 +162,15 @@ connection slave;
 # Test semi-sync master will switch OFF after one transaction
 # timeout waiting for slave reply.
 #
+connection master;
+show status like "Rpl_semi_sync_master_status";
+Variable_name	Value
+Rpl_semi_sync_master_status	ON
 connection slave;
 include/stop_slave.inc
 connection master;
 include/kill_binlog_dump_threads.inc
-set global rpl_semi_sync_master_timeout= 5000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ master status should be ON ]
 show status like 'Rpl_semi_sync_master_no_tx';
 Variable_name	Value
@@ -317,6 +320,8 @@ include/kill_binlog_dump_threads.inc
 connection slave;
 include/start_slave.inc
 connection master;
+connection slave;
+connection master;
 create table t1 (a int) engine = ENGINE_TYPE;
 insert into t1 values (1);
 insert into t1 values (2), (3);
@@ -359,6 +364,8 @@ show status like 'Rpl_semi_sync_slave_status';
 Variable_name	Value
 Rpl_semi_sync_slave_status	ON
 connection master;
+connection slave;
+connection master;
 [ master semi-sync should be ON ]
 show status like 'Rpl_semi_sync_master_clients';
 Variable_name	Value
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync.result b/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync.result
index 7341eb54..a79b372f 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync.result
@@ -8,7 +8,6 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
 set sql_log_bin=0;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin=1;
@@ -29,7 +28,7 @@ set global rpl_semi_sync_slave_enabled= 0;
 # Main test of semi-sync replication start here
 #
 connection master;
-set global rpl_semi_sync_master_timeout= 60000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ default state of semi-sync on master should be OFF ]
 show variables like 'rpl_semi_sync_master_enabled';
 Variable_name	Value
@@ -164,11 +163,15 @@ connection slave;
 # Test semi-sync master will switch OFF after one transaction
 # timeout waiting for slave reply.
 #
+connection master;
+show status like "Rpl_semi_sync_master_status";
+Variable_name	Value
+Rpl_semi_sync_master_status	ON
 connection slave;
 include/stop_slave.inc
 connection master;
 include/kill_binlog_dump_threads.inc
-set global rpl_semi_sync_master_timeout= 5000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ master status should be ON ]
 show status like 'Rpl_semi_sync_master_no_tx';
 Variable_name	Value
@@ -318,6 +321,8 @@ include/kill_binlog_dump_threads.inc
 connection slave;
 include/start_slave.inc
 connection master;
+connection slave;
+connection master;
 create table t1 (a int) engine = ENGINE_TYPE;
 insert into t1 values (1);
 insert into t1 values (2), (3);
@@ -360,6 +365,8 @@ show status like 'Rpl_semi_sync_slave_status';
 Variable_name	Value
 Rpl_semi_sync_slave_status	ON
 connection master;
+connection slave;
+connection master;
 [ master semi-sync should be ON ]
 show status like 'Rpl_semi_sync_master_clients';
 Variable_name	Value
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync_row.result b/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync_row.result
index d75a3a2c..393c9c55 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync_row.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_after_sync_row.result
@@ -8,7 +8,6 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
 set sql_log_bin=0;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin=1;
@@ -29,7 +28,7 @@ set global rpl_semi_sync_slave_enabled= 0;
 # Main test of semi-sync replication start here
 #
 connection master;
-set global rpl_semi_sync_master_timeout= 60000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ default state of semi-sync on master should be OFF ]
 show variables like 'rpl_semi_sync_master_enabled';
 Variable_name	Value
@@ -164,11 +163,15 @@ connection slave;
 # Test semi-sync master will switch OFF after one transaction
 # timeout waiting for slave reply.
 #
+connection master;
+show status like "Rpl_semi_sync_master_status";
+Variable_name	Value
+Rpl_semi_sync_master_status	ON
 connection slave;
 include/stop_slave.inc
 connection master;
 include/kill_binlog_dump_threads.inc
-set global rpl_semi_sync_master_timeout= 5000;
+set global rpl_semi_sync_master_timeout= 2000;
 [ master status should be ON ]
 show status like 'Rpl_semi_sync_master_no_tx';
 Variable_name	Value
@@ -318,6 +321,8 @@ include/kill_binlog_dump_threads.inc
 connection slave;
 include/start_slave.inc
 connection master;
+connection slave;
+connection master;
 create table t1 (a int) engine = ENGINE_TYPE;
 insert into t1 values (1);
 insert into t1 values (2), (3);
@@ -360,6 +365,8 @@ show status like 'Rpl_semi_sync_slave_status';
 Variable_name	Value
 Rpl_semi_sync_slave_status	ON
 connection master;
+connection slave;
+connection master;
 [ master semi-sync should be ON ]
 show status like 'Rpl_semi_sync_master_clients';
 Variable_name	Value
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_event.result b/mysql-test/suite/rpl/r/rpl_semi_sync_event.result
index 917e7c2b..b1eb623c 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_event.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_event.result
@@ -7,7 +7,6 @@ call mtr.add_suppression("Read semi-sync reply");
 call mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT.");
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 connection master;
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_event_after_sync.result b/mysql-test/suite/rpl/r/rpl_semi_sync_event_after_sync.result
index 24daf0d7..34af8d31 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_event_after_sync.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_event_after_sync.result
@@ -8,7 +8,6 @@ call mtr.add_suppression("Read semi-sync reply");
 call mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT.");
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 connection slave;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 connection master;
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_fail_over.result b/mysql-test/suite/rpl/r/rpl_semi_sync_fail_over.result
index 8956eee2..1c94c239 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_fail_over.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_fail_over.result
@@ -5,6 +5,7 @@ include/stop_slave.inc
 connection server_1;
 RESET MASTER;
 SET @@global.max_binlog_size= 4096;
+set @@global.rpl_semi_sync_master_enabled = 1;
 connection server_2;
 RESET MASTER;
 SET @@global.max_binlog_size= 4096;
@@ -14,7 +15,6 @@ CHANGE MASTER TO master_use_gtid= slave_pos;
 include/start_slave.inc
 connection server_1;
 ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
-set @@global.rpl_semi_sync_master_enabled = 1;
 set @@global.rpl_semi_sync_master_wait_point=AFTER_SYNC;
 CREATE TABLE t1 (a INT PRIMARY KEY, b MEDIUMTEXT) ENGINE=Innodb;
 INSERT INTO t1 VALUES (1, 'dummy1');
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_master_shutdown.result b/mysql-test/suite/rpl/r/rpl_semi_sync_master_shutdown.result
index 786e1682..6124ba01 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_master_shutdown.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_master_shutdown.result
@@ -14,14 +14,12 @@ connection master;
 # Shutdown master
 include/rpl_stop_server.inc [server_number=1]
 connection slave;
-include/stop_slave.inc
+include/wait_for_slave_io_error.inc [errno=2003]
 # Restart master
 include/rpl_start_server.inc [server_number=1]
 connection slave;
-include/stop_slave.inc
-Warnings:
-Note	1255	Slave already has been stopped
-include/start_slave.inc
+include/wait_for_slave_sql_to_start.inc
+include/wait_for_slave_io_to_start.inc
 connection master;
 SET @@GLOBAL.debug_dbug="";
 SET @@GLOBAL. rpl_semi_sync_master_enabled = 0;
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_no_missed_ack_after_add_slave.result b/mysql-test/suite/rpl/r/rpl_semi_sync_no_missed_ack_after_add_slave.result
new file mode 100644
index 00000000..19fed30f
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_no_missed_ack_after_add_slave.result
@@ -0,0 +1,48 @@
+include/rpl_init.inc [topology=1->2,1->3]
+connection server_1;
+set @old_enabled= @@global.rpl_semi_sync_master_enabled;
+set @old_timeout= @@global.rpl_semi_sync_master_timeout;
+set global rpl_semi_sync_master_enabled= 1;
+set global rpl_semi_sync_master_timeout= 500;
+connection server_2;
+include/stop_slave.inc
+set @old_enabled= @@global.rpl_semi_sync_slave_enabled;
+set @old_dbug= @@global.debug_dbug;
+set global rpl_semi_sync_slave_enabled= 1;
+set global debug_dbug="+d,simulate_delay_semisync_slave_reply";
+include/start_slave.inc
+connection server_3;
+include/stop_slave.inc
+set @old_enabled= @@global.rpl_semi_sync_slave_enabled;
+set global rpl_semi_sync_slave_enabled= 1;
+include/start_slave.inc
+# Ensure primary recognizes both replicas are semi-sync
+connection server_1;
+connection server_1;
+create table t1 (a int);
+connection server_2;
+# Verifying server_2 did not send ACK
+connection server_3;
+# Verifying server_3 did send ACK
+connection server_1;
+# Verifying master's semi-sync status is still ON (This failed pre-MDEV-32960 fixes)
+# Verifying rpl_semi_sync_master_yes_tx incremented
+#
+# Cleanup
+connection server_2;
+set global rpl_semi_sync_slave_enabled= @old_enabled;
+set global debug_dbug= @old_dbug;
+include/stop_slave.inc
+connection server_3;
+set global rpl_semi_sync_slave_enabled= @old_enabled;
+include/stop_slave.inc
+connection server_1;
+set global rpl_semi_sync_master_enabled= @old_enabled;
+set global rpl_semi_sync_master_timeout= @old_timeout;
+drop table t1;
+connection server_2;
+include/start_slave.inc
+connection server_3;
+include/start_slave.inc
+include/rpl_end.inc
+# End of rpl_semi_sync_no_missed_ack_after_add_slave.test
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_slave_enabled_consistent.result b/mysql-test/suite/rpl/r/rpl_semi_sync_slave_enabled_consistent.result
new file mode 100644
index 00000000..99c31249
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_slave_enabled_consistent.result
@@ -0,0 +1,35 @@
+include/master-slave.inc
+[connection master]
+call mtr.add_suppression("Replication event checksum verification failed");
+call mtr.add_suppression("could not queue event from master");
+#
+# Set up a semisync connection
+connection master;
+set @@global.rpl_semi_sync_master_enabled= ON;
+connection slave;
+stop slave io_thread;
+set @@global.rpl_semi_sync_slave_enabled= ON;
+set @old_dbug= @@global.debug_dbug;
+set @@global.debug_dbug= "+d,corrupt_queue_event";
+set @@global.debug_dbug= "+d,pause_before_io_read_event";
+set @@global.debug_dbug= "+d,placeholder";
+start slave io_thread;
+# Disable semi-sync on the slave while the IO thread is active
+set debug_sync='now wait_for io_thread_at_read_event';
+set @@global.rpl_semi_sync_slave_enabled= OFF;
+set debug_sync='now signal io_thread_continue_read_event';
+# Waiting for the slave to stop with the error from corrupt_queue_event
+connection slave;
+include/wait_for_slave_io_error.inc [errno=1595,1743]
+# Sleep 1 to give time for Ack_receiver to receive COM_QUIT
+include/assert_grep.inc [Check that there is no 'Read semi-sync reply magic number error' in error log.]
+#
+# Cleanup
+connection slave;
+include/stop_slave.inc
+set @@global.debug_dbug= @old_dbug;
+include/start_slave.inc
+connection master;
+set @@global.rpl_semi_sync_master_enabled= default;
+include/rpl_end.inc
+# End of rpl_semi_sync_slave_enabled_consistent.test
diff --git a/mysql-test/suite/rpl/r/rpl_semi_sync_slave_reply_fail.result b/mysql-test/suite/rpl/r/rpl_semi_sync_slave_reply_fail.result
index f026a1c9..3c9cf71a 100644
--- a/mysql-test/suite/rpl/r/rpl_semi_sync_slave_reply_fail.result
+++ b/mysql-test/suite/rpl/r/rpl_semi_sync_slave_reply_fail.result
@@ -4,6 +4,7 @@ connection slave;
 include/stop_slave.inc
 connection master;
 call mtr.add_suppression("Timeout waiting for reply of binlog*");
+call mtr.add_suppression("Master server does not read semi-sync messages*");
 set global rpl_semi_sync_master_enabled = ON;
 SET @@GLOBAL.rpl_semi_sync_master_timeout=100;
 create table t1 (i int);
@@ -15,8 +16,8 @@ SET GLOBAL debug_dbug="+d,semislave_failed_net_flush";
 include/start_slave.inc
 connection master;
 connection slave;
-"Assert that the net_fulsh() reply failed is present in slave error log.
-FOUND 1 /Semi-sync slave net_flush\(\) reply failed/ in mysqld.2.err
+"Assert that Master server does not read semi-sync messages" is present in slave error log.
+FOUND 1 /Master server does not read semi-sync messages/ in mysqld.2.err
 "Assert that Slave IO thread is up and running."
 SHOW STATUS LIKE 'Slave_running';
 Variable_name	Value
@@ -32,7 +33,7 @@ connection slave;
 include/diff_tables.inc [master:t1, slave:t1]
 connection master;
 set statement sql_log_bin=0 for call mtr.add_suppression("Read semi-sync reply magic number error");
-SET @save_debug_master= @@global.debug;
+SET @save_debug_master= @@global.debug_dbug;
 SET GLOBAL debug_dbug="+d,semisync_corrupt_magic";
 insert into t1 values (11);
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_semisync_ali_issues.result b/mysql-test/suite/rpl/r/rpl_semisync_ali_issues.result
index 36a2bac5..d7f87ae5 100644
--- a/mysql-test/suite/rpl/r/rpl_semisync_ali_issues.result
+++ b/mysql-test/suite/rpl/r/rpl_semisync_ali_issues.result
@@ -14,7 +14,6 @@ CALL mtr.add_suppression("Failed on request_dump()*");
 CALL mtr.add_suppression("Semi-sync master failed on*");
 CALL mtr.add_suppression("Master command COM_BINLOG_DUMP failed*");
 CALL mtr.add_suppression("on master failed*");
-CALL mtr.add_suppression("Master server does not support semi-sync*");
 CALL mtr.add_suppression("Semi-sync slave net_flush*");
 CALL mtr.add_suppression("Failed to flush master info*");
 CALL mtr.add_suppression("Request to stop slave SQL Thread received while apply*");
@@ -196,7 +195,7 @@ Variable_name	Value
 Rpl_semi_sync_master_clients	0
 show status like 'Rpl_semi_sync_master_status';
 Variable_name	Value
-Rpl_semi_sync_master_status	OFF
+Rpl_semi_sync_master_status	ON
 connection slave;
 START SLAVE IO_THREAD;
 include/wait_for_slave_io_to_start.inc
@@ -270,16 +269,12 @@ Variable_name	Value
 Rpl_semi_sync_master_clients	1
 # Test failure of select error .
 SET GLOBAL debug = 'd,rpl_semisync_simulate_select_error';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 INSERT INTO t1 VALUES(3);
 connection slave;
 connection con1;
 # Test failure of pthread_create
 SET GLOBAL rpl_semi_sync_master_enabled = 0;
 SET GLOBAL debug = 'd,rpl_semisync_simulate_create_thread_failure';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET GLOBAL rpl_semi_sync_master_enabled= ON;
 # Test failure of pthread_join
 SET GLOBAL rpl_semi_sync_master_enabled= OFF;
@@ -287,8 +282,6 @@ SET GLOBAL rpl_semi_sync_master_enabled= OFF;
 # Failure on registering semisync slave
 #
 SET GLOBAL debug= 'd,rpl_semisync_simulate_add_slave_failure';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 SET GLOBAL rpl_semi_sync_master_enabled= ON;
 connection slave;
 STOP SLAVE IO_THREAD;
@@ -297,8 +290,6 @@ START SLAVE IO_THREAD;
 include/wait_for_slave_io_to_start.inc
 connection con1;
 SET GLOBAL debug='';
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 connection slave;
 START SLAVE IO_THREAD;
 include/wait_for_slave_io_to_start.inc
diff --git a/mysql-test/suite/rpl/r/rpl_session_var.result b/mysql-test/suite/rpl/r/rpl_session_var.result
index 67863583..f9794df3 100644
--- a/mysql-test/suite/rpl/r/rpl_session_var.result
+++ b/mysql-test/suite/rpl/r/rpl_session_var.result
@@ -1,5 +1,16 @@
 include/master-slave.inc
 [connection master]
+select @@rpl_semi_sync_master_enabled;
+@@rpl_semi_sync_master_enabled
+0
+connection slave;
+select @@rpl_semi_sync_slave_enabled;
+@@rpl_semi_sync_slave_enabled
+0
+show status like "rpl_semi_sync_slave_status";
+Variable_name	Value
+Rpl_semi_sync_slave_status	OFF
+connection master;
 drop table if exists t1;
 Warnings:
 Note	1051	Unknown table 'test.t1'
diff --git a/mysql-test/suite/rpl/r/rpl_session_var2.result b/mysql-test/suite/rpl/r/rpl_session_var2.result
new file mode 100644
index 00000000..645eca02
--- /dev/null
+++ b/mysql-test/suite/rpl/r/rpl_session_var2.result
@@ -0,0 +1,69 @@
+include/master-slave.inc
+[connection master]
+select @@rpl_semi_sync_master_enabled;
+@@rpl_semi_sync_master_enabled
+1
+connection slave;
+select @@rpl_semi_sync_slave_enabled;
+@@rpl_semi_sync_slave_enabled
+1
+show status like "rpl_semi_sync_slave_status";
+Variable_name	Value
+Rpl_semi_sync_slave_status	ON
+connection master;
+drop table if exists t1;
+Warnings:
+Note	1051	Unknown table 'test.t1'
+create table t1(a varchar(100),b int);
+set @@session.sql_mode=pipes_as_concat;
+insert into t1 values('My'||'SQL', 1);
+set @@session.sql_mode=default;
+insert into t1 values('1'||'2', 2);
+select * from t1 where b<3 order by a;
+a	b
+1	2
+MySQL	1
+connection slave;
+select * from t1 where b<3 order by a;
+a	b
+1	2
+MySQL	1
+connection master;
+set @@session.sql_mode=ignore_space;
+insert into t1 values(password          ('MySQL'), 3);
+set @@session.sql_mode=ansi_quotes;
+create table "t2" ("a" int);
+drop table t1, t2;
+set @@session.sql_mode=default;
+create table t1(a int auto_increment primary key);
+create table t2(b int, a int);
+set @@session.sql_auto_is_null=1;
+insert into t1 values(null);
+insert into t2 select 1,a from t1 where a is null;
+set @@session.sql_auto_is_null=0;
+insert into t1 values(null);
+insert into t2 select 2,a from t1 where a is null;
+select * from t2 order by b;
+b	a
+1	1
+connection slave;
+select * from t2 order by b;
+b	a
+1	1
+connection master;
+drop table t1,t2;
+connection slave;
+connection master;
+CREATE TABLE t1 (
+`id` int(11) NOT NULL auto_increment,
+`data` varchar(100),
+PRIMARY KEY  (`id`)
+) ENGINE=MyISAM;
+INSERT INTO t1(data) VALUES(SESSION_USER());
+connection slave;
+SELECT length(data) < 100 FROM t1;
+length(data) < 100
+1
+connection master;
+drop table t1;
+include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_set_statement_default_master.result b/mysql-test/suite/rpl/r/rpl_set_statement_default_master.result
index 828e1715..46f5a7c9 100644
--- a/mysql-test/suite/rpl/r/rpl_set_statement_default_master.result
+++ b/mysql-test/suite/rpl/r/rpl_set_statement_default_master.result
@@ -14,6 +14,7 @@ RESET SLAVE ALL;
 CHANGE MASTER 'm1' TO MASTER_HOST='127.0.0.1', MASTER_PORT=MASTER_MYPORT, MASTER_USER='root';
 SET STATEMENT default_master_connection = 'm1' FOR START SLAVE;
 set default_master_connection = 'm1';
+include/wait_for_slave_to_start.inc
 stop slave;
 include/wait_for_slave_to_stop.inc
 reset slave all;
diff --git a/mysql-test/suite/rpl/r/rpl_slave_load_tmpdir_not_exist.result b/mysql-test/suite/rpl/r/rpl_slave_load_tmpdir_not_exist.result
index 249f3514..e9a96fc4 100644
--- a/mysql-test/suite/rpl/r/rpl_slave_load_tmpdir_not_exist.result
+++ b/mysql-test/suite/rpl/r/rpl_slave_load_tmpdir_not_exist.result
@@ -4,6 +4,7 @@ connection slave;
 START SLAVE;
 call mtr.add_suppression("Slave SQL.*Unable to use slave.s temporary directory");
 include/wait_for_slave_sql_error.inc [errno=12]
+include/wait_for_slave_io_to_start.inc
 include/stop_slave_io.inc
 RESET SLAVE;
 include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/r/rpl_slave_status.result b/mysql-test/suite/rpl/r/rpl_slave_status.result
index 1c81cec2..ef122b9c 100644
--- a/mysql-test/suite/rpl/r/rpl_slave_status.result
+++ b/mysql-test/suite/rpl/r/rpl_slave_status.result
@@ -36,7 +36,6 @@ connection slave;
 include/stop_slave.inc
 START SLAVE;
 include/wait_for_slave_sql_to_start.inc
-include/wait_for_slave_io_to_stop.inc
 ==== Verify that Slave IO thread stopped with error ====
 include/wait_for_slave_io_error.inc [errno=1045]
 ==== Cleanup (Note that slave IO thread is not running) ====
diff --git a/mysql-test/suite/rpl/r/rpl_sql_thd_start_errno_cleared.result b/mysql-test/suite/rpl/r/rpl_sql_thd_start_errno_cleared.result
index b14f7b01..a3e98afa 100644
--- a/mysql-test/suite/rpl/r/rpl_sql_thd_start_errno_cleared.result
+++ b/mysql-test/suite/rpl/r/rpl_sql_thd_start_errno_cleared.result
@@ -34,6 +34,7 @@ set debug_sync= "now wait_for sql_thread_run_lock_released";
 # Validating that Last_SQL_Errno is cleared..
 # ..success
 set debug_sync= "now signal sql_thread_continue";
+# Wait for debug_sync signal to have been received before issuing RESET
 set @@global.debug_dbug= @saved_dbug;
 set debug_sync= "RESET";
 # Cleanup
diff --git a/mysql-test/suite/rpl/r/rpl_ssl1.result b/mysql-test/suite/rpl/r/rpl_ssl1.result
index 1d55fe12..0cb21716 100644
--- a/mysql-test/suite/rpl/r/rpl_ssl1.result
+++ b/mysql-test/suite/rpl/r/rpl_ssl1.result
@@ -14,8 +14,8 @@ insert into t1 values (1);
 connection slave;
 select * from t1;
 t
-stop slave;
-include/wait_for_slave_to_stop.inc
+include/wait_for_slave_io_error.inc [errno=1045]
+include/stop_slave_sql.inc
 change master to master_ssl=1 , master_ssl_ca ='MYSQL_TEST_DIR/std_data/cacert.pem', master_ssl_cert='MYSQL_TEST_DIR/std_data/client-cert.pem', master_ssl_key='MYSQL_TEST_DIR/std_data/client-key.pem';
 start slave;
 include/wait_for_slave_to_start.inc
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_1.result b/mysql-test/suite/rpl/r/rpl_start_alter_1.result
index 9edb2321..de7c0875 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_1.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_1.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_2.result b/mysql-test/suite/rpl/r/rpl_start_alter_2.result
index a862fc55..49af973f 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_2.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_2.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_3.result b/mysql-test/suite/rpl/r/rpl_start_alter_3.result
index 97754401..31d0023b 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_3.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_3.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_4.result b/mysql-test/suite/rpl/r/rpl_start_alter_4.result
index 9d7d6376..819bcda0 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_4.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_4.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_5.result b/mysql-test/suite/rpl/r/rpl_start_alter_5.result
index 4e592c19..ef19cd8f 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_5.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_5.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_6.result b/mysql-test/suite/rpl/r/rpl_start_alter_6.result
index 6c26d511..59a83631 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_6.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_6.result
@@ -1,6 +1,7 @@
 include/master-slave.inc
 [connection master]
 connection master;
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_7.result b/mysql-test/suite/rpl/r/rpl_start_alter_7.result
index cfe31497..df7664d4 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_7.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_7.result
@@ -10,6 +10,10 @@ Warnings:
 Note	1255	Slave already has been stopped
 set global binlog_alter_two_phase=true;
 connection server_3;
+SET STATEMENT sql_log_bin=0 FOR
+CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 SET GLOBAL slave_parallel_threads=8;
 set global slave_parallel_mode=optimistic;
 set global gtid_strict_mode=1;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_8.result b/mysql-test/suite/rpl/r/rpl_start_alter_8.result
index 8002f295..406f2d1f 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_8.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_8.result
@@ -10,6 +10,10 @@ Warnings:
 Note	1255	Slave already has been stopped
 set global binlog_alter_two_phase=true;
 connection server_3;
+SET STATEMENT sql_log_bin=0 FOR
+CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 SET GLOBAL slave_parallel_threads=20;
 set global slave_parallel_mode=optimistic;
 set global gtid_strict_mode=1;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_1.result b/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_1.result
index bf9d9be0..b11804ed 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_1.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_1.result
@@ -4,6 +4,8 @@ connection master;
 set global binlog_alter_two_phase=true;
 connection slave;
 include/stop_slave.inc
+SET STATEMENT sql_log_bin=0 FOR
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global gtid_strict_mode=1;
 # Legacy Master Slave
 connect master_node,127.0.0.1,root,,$db_name, $M_port;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_2.result b/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_2.result
index 2c1ae667..55bec7d3 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_2.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_mysqlbinlog_2.result
@@ -49,6 +49,10 @@ connection server_2;
 SET @save_binlog_alter_two_phase= @@GLOBAL.binlog_alter_two_phase;
 SET GLOBAL binlog_alter_two_phase = ON;
 connection server_3;
+SET STATEMENT sql_log_bin=0 FOR
+CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 SET @save_gtid_strict_mode= @@GLOBAL.gtid_strict_mode;
 SET @slave_parallel_threads= @@GLOBAL.slave_parallel_threads;
 SET @slave_parallel_mode= @@GLOBAL.slave_parallel_mode;
diff --git a/mysql-test/suite/rpl/r/rpl_start_alter_restart_slave.result b/mysql-test/suite/rpl/r/rpl_start_alter_restart_slave.result
index 0a1c1f79..76f9cbcd 100644
--- a/mysql-test/suite/rpl/r/rpl_start_alter_restart_slave.result
+++ b/mysql-test/suite/rpl/r/rpl_start_alter_restart_slave.result
@@ -79,7 +79,9 @@ domain_id	seq_no
 0	5
 include/start_slave.inc
 connection master;
+include/save_master_gtid.inc
 connection slave;
+include/sync_with_master_gtid.inc
 # Everything from the master binlog must have been applied now:
 select domain_id, seq_no from mysql.gtid_slave_pos order by seq_no desc limit 1;
 domain_id	seq_no
diff --git a/mysql-test/suite/rpl/r/rpl_stm_binlog_max_cache_size.result b/mysql-test/suite/rpl/r/rpl_stm_binlog_max_cache_size.result
index e94e097f..dbaceb65 100644
--- a/mysql-test/suite/rpl/r/rpl_stm_binlog_max_cache_size.result
+++ b/mysql-test/suite/rpl/r/rpl_stm_binlog_max_cache_size.result
@@ -197,7 +197,7 @@ SET GLOBAL max_binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_cache_size= ORIGINAL_VALUE;
 SET GLOBAL max_binlog_stmt_cache_size= ORIGINAL_VALUE;
 SET GLOBAL binlog_stmt_cache_size= ORIGINAL_VALUE;
-include/stop_slave.inc
+include/stop_slave_io.inc
 include/start_slave.inc
 connection master;
 connection slave;
diff --git a/mysql-test/suite/rpl/r/rpl_stm_start_stop_slave.result b/mysql-test/suite/rpl/r/rpl_stm_start_stop_slave.result
index 40910b8c..9575ea89 100644
--- a/mysql-test/suite/rpl/r/rpl_stm_start_stop_slave.result
+++ b/mysql-test/suite/rpl/r/rpl_stm_start_stop_slave.result
@@ -109,7 +109,7 @@ START SLAVE;
 include/wait_for_slave_param.inc [Last_IO_Errno]
 Last_IO_Errno = '1236'
 Last_IO_Error = 'Got fatal error 1236 from master when reading data from binary log: 'Client requested master to start replication from impossible position; the first event 'master-bin.000001' at XXX, the last event read from 'master-bin.000001' at XXX, the last byte read from 'master-bin.000001' at XXX.''
-include/stop_slave.inc
+include/stop_slave_sql.inc
 RESET SLAVE;
 Warnings:
 Note	4190	RESET SLAVE is implicitly changing the value of 'Using_Gtid' from 'No' to 'Slave_Pos'
diff --git a/mysql-test/suite/rpl/r/rpl_stm_stop_middle_group.result b/mysql-test/suite/rpl/r/rpl_stm_stop_middle_group.result
index 0afe1992..86c90ff3 100644
--- a/mysql-test/suite/rpl/r/rpl_stm_stop_middle_group.result
+++ b/mysql-test/suite/rpl/r/rpl_stm_stop_middle_group.result
@@ -43,7 +43,7 @@ Warnings:
 Note	1592	Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT. Statement is unsafe because it accesses a non-transactional table after accessing a transactional table within the same transaction
 commit;
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1593]
 SELECT "Fatal error: ... Slave SQL Thread stopped with incomplete event group having non-transactional changes. If the group consists solely of row-based events, you can try to restart the slave with --slave-exec-mode=IDEMPOTENT, which ignores duplicate key, key not found, and similar errors (see documentation for details)." AS Last_SQL_Error, @check as `true`;
 Last_SQL_Error	true
 Fatal error: ... Slave SQL Thread stopped with incomplete event group having non-transactional changes. If the group consists solely of row-based events, you can try to restart the slave with --slave-exec-mode=IDEMPOTENT, which ignores duplicate key, key not found, and similar errors (see documentation for details).	1
@@ -63,7 +63,7 @@ set @@global.debug_dbug="d,stop_slave_middle_group,incomplete_group_in_relay_log
 connection master;
 update tm as t1, ti as t2 set t1.a=t1.a * 2, t2.a=t2.a * 2;
 connection slave;
-include/wait_for_slave_sql_to_stop.inc
+include/wait_for_slave_sql_error.inc [errno=1593]
 SELECT "Fatal error: ... Slave SQL Thread stopped with incomplete event group having non-transactional changes. If the group consists solely of row-based events, you can try to restart the slave with --slave-exec-mode=IDEMPOTENT, which ignores duplicate key, key not found, and similar errors (see documentation for details)." AS Last_SQL_Error, @check as `true`;
 Last_SQL_Error	true
 Fatal error: ... Slave SQL Thread stopped with incomplete event group having non-transactional changes. If the group consists solely of row-based events, you can try to restart the slave with --slave-exec-mode=IDEMPOTENT, which ignores duplicate key, key not found, and similar errors (see documentation for details).	1
diff --git a/mysql-test/suite/rpl/r/rpl_using_gtid_default.result b/mysql-test/suite/rpl/r/rpl_using_gtid_default.result
index e077bcd9..3bdc9d47 100644
--- a/mysql-test/suite/rpl/r/rpl_using_gtid_default.result
+++ b/mysql-test/suite/rpl/r/rpl_using_gtid_default.result
@@ -117,7 +117,10 @@ include/start_slave.inc
 # not master_use_gtid=no should warn the user that Using_Gtid is being
 # changed to No.
 #
+connection master;
+include/save_master_pos.inc
 connection slave;
+include/sync_io_with_master.inc
 include/stop_slave.inc
 CHANGE MASTER TO master_log_pos=io_log_pos, master_log_file='io_log_file';
 Warnings:
diff --git a/mysql-test/suite/rpl/r/semisync_future-7591.result b/mysql-test/suite/rpl/r/semisync_future-7591.result
index 80414ac1..8287b8fe 100644
--- a/mysql-test/suite/rpl/r/semisync_future-7591.result
+++ b/mysql-test/suite/rpl/r/semisync_future-7591.result
@@ -13,7 +13,7 @@ connection master;
 insert into t1 values (1);
 reset master;
 connection slave;
-include/stop_slave.inc
+include/stop_slave_sql.inc
 include/reset_slave.inc
 Warnings:
 Note	4190	RESET SLAVE is implicitly changing the value of 'Using_Gtid' from 'No' to 'Slave_Pos'
diff --git a/mysql-test/suite/rpl/t/create_or_replace.inc b/mysql-test/suite/rpl/t/create_or_replace.inc
index df46cc36..e8fa95cb 100644
--- a/mysql-test/suite/rpl/t/create_or_replace.inc
+++ b/mysql-test/suite/rpl/t/create_or_replace.inc
@@ -213,12 +213,19 @@ set @@session.binlog_format=default;
 drop temporary table if exists t9;
 
 --connect(con1,localhost,root,,)
+--let $conid = `SELECT CONNECTION_ID()`
 set session binlog_format=default;
 create temporary table t9 (i int);
 --echo *** Must be no DROP logged for t9 when there was no CREATE, at disconnect too ***
 --disconnect con1
 
 --connection server_1
+# The disconnect runs asynchroneously. Wait for it to complete, otherwise the
+# DROP TEMPORARY TABLE may not have been binlogged yet when SHOW BINLOG EVENTS
+# is run.
+--let $wait_condition= SELECT COUNT(*)=0 FROM INFORMATION_SCHEMA.PROCESSLIST WHERE ID=$conid
+--source include/wait_condition.inc
+
 --source include/show_binlog_events.inc
 
 # Clean up
diff --git a/mysql-test/suite/rpl/t/mdev-31448_kill_ooo_finish_optimistic.test b/mysql-test/suite/rpl/t/mdev-31448_kill_ooo_finish_optimistic.test
index 1297fcda..aa777d40 100644
--- a/mysql-test/suite/rpl/t/mdev-31448_kill_ooo_finish_optimistic.test
+++ b/mysql-test/suite/rpl/t/mdev-31448_kill_ooo_finish_optimistic.test
@@ -54,7 +54,8 @@ drop table t2;
 --source include/start_slave.inc
 
 --echo # wait for T1
---let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(-1)%' and  command LIKE 'Slave_worker';
+# Wildcard for `state` as it depends on whether WSREP is compiled in or not.
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(%' and  command LIKE 'Slave_worker';
 --source include/wait_condition.inc
 
 --echo # wait for T2
@@ -81,7 +82,9 @@ DROP TABLE t1;
 --connection slave
 --echo #
 --echo # Cleanup
---source include/stop_slave.inc
+--let $rpl_allow_error= 1
+--source include/wait_for_slave_sql_to_stop.inc
+--source include/stop_slave_io.inc
 eval set @@global.slave_parallel_threads= $save_slave_parallel_threads;
 eval set @@global.slave_parallel_mode= $save_slave_parallel_mode;
 eval set @@global.innodb_lock_wait_timeout= $save_innodb_lock_wait_timeout;
diff --git a/mysql-test/suite/rpl/t/parallel_backup_xa.inc b/mysql-test/suite/rpl/t/parallel_backup_xa.inc
index 2d831199..83a6fb79 100644
--- a/mysql-test/suite/rpl/t/parallel_backup_xa.inc
+++ b/mysql-test/suite/rpl/t/parallel_backup_xa.inc
@@ -59,6 +59,7 @@ XA RECOVER;
   {
     --let $wait_condition= SELECT COUNT(*) = 0 FROM information_schema.processlist WHERE state = "Waiting for prior transaction to commit"
     --source include/wait_condition.inc
+    --let $rpl_allow_error=1
   }
   ROLLBACK;
 --let $wait_condition= SELECT COUNT(*) = 1 FROM information_schema.processlist WHERE state = "Waiting for backup lock"
@@ -71,6 +72,7 @@ if (!$slave_ooo_error)
 {
   --source include/sync_with_master_gtid.inc
 }  
+--let $rpl_only_running_threads= 1
 --source include/stop_slave.inc
 if ($slave_ooo_error)
 {
diff --git a/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_loaddata.test b/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_loaddata.test
new file mode 100644
index 00000000..50a67532
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_loaddata.test
@@ -0,0 +1,47 @@
+--source include/have_binlog_format_statement.inc
+--source include/have_debug.inc
+--source include/master-slave.inc
+
+--connection master
+# Set minimal cache size so smaller transaction can trigger spill to disk.
+SET @save_binlog_stmt_cache_size= @@GLOBAL.binlog_stmt_cache_size;
+SET GLOBAL binlog_stmt_cache_size= 4096;
+
+CALL mtr.add_suppression('"No space left on device".*An incident event is written to binary log');
+CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=MyISAM;
+
+FLUSH STATUS;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+SET @old_dbug= @@SESSION.debug_dbug;
+SET SESSION debug_dbug="+d,load_data_binlog_cache_error";
+--replace_regex /Error writing file '[^']+'/Error writing file '<FILENAME>'/
+--error 3
+LOAD DATA CONCURRENT LOCAL INFILE 'std_data/bug30435_5k.txt'
+  REPLACE INTO TABLE t1 (a);
+SET SESSION debug_dbug= @old_dbug;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+# The actual number of rows left after the disk full error may change as
+# binlog event sizes are modified. So here we just test that we get partial
+# update from the last INSERT..SELECT that gets disk full error.
+SELECT IF(COUNT(*) > 0 AND COUNT(*) < 5000,
+       "ok",
+       CONCAT("ERROR! Row count ", COUNT(*), " not as expected for partially executed query"))
+  AS check_result
+  FROM t1;
+
+--save_master_pos
+
+--connection slave
+--let $slave_sql_errno= 1590
+--source include/wait_for_slave_sql_error_and_skip.inc
+
+--sync_with_master
+SELECT COUNT(*) FROM t1;
+
+# Cleanup
+
+--connection master
+SET GLOBAL binlog_stmt_cache_size= @save_binlog_stmt_cache_size;
+DROP TABLE t1;
+
+--source include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_row.test b/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_row.test
new file mode 100644
index 00000000..2c5813bb
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_binlog_cache_disk_full_row.test
@@ -0,0 +1,61 @@
+--source include/have_binlog_format_row.inc
+--source include/have_debug.inc
+--source include/master-slave.inc
+
+--connection master
+# Set minimal cache size so smaller transaction can trigger spill to disk.
+SET @save_binlog_stmt_cache_size= @@GLOBAL.binlog_stmt_cache_size;
+SET GLOBAL binlog_stmt_cache_size= 4096;
+
+CALL mtr.add_suppression('"No space left on device".*An incident event is written to binary log');
+CREATE TABLE t1 (a INT PRIMARY KEY, b VARCHAR(255)) ENGINE=MyISAM;
+
+FLUSH STATUS;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+INSERT INTO t1 VALUES (0, CONCAT("?", "-", REPEAT("x", 200)));
+INSERT INTO t1 SELECT a+1, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+2, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+4, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+8, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+16, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+32, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+64, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+INSERT INTO t1 SELECT a+128, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+
+SET @old_dbug= @@SESSION.debug_dbug;
+SET SESSION debug_dbug="+d,simulate_disk_full_at_flush_pending";
+--replace_regex /Error writing file '[^']+'/Error writing file '<FILENAME>'/
+--error 3
+INSERT INTO t1 SELECT a+256, CONCAT(a, "-", REPEAT("x", 200)) FROM t1;
+SET SESSION debug_dbug= @old_dbug;
+SHOW STATUS LIKE "binlog_stmt_cache%";
+# The actual number of rows left after the disk full error may change as
+# binlog event sizes are modified. So here we just test that we get partial
+# update from the last INSERT..SELECT that gets disk full error.
+SELECT IF(COUNT(*) > 256 AND COUNT(*) < 512,
+       "ok",
+       CONCAT("ERROR! Row count ", COUNT(*), " not as expected for partially executed query"))
+  AS check_result
+  FROM t1;
+
+# A random extra event that helped show the bug that a partial event
+# group was binlogged.
+ALTER TABLE t1 COMMENT '<mumble>';
+
+--save_master_pos
+
+--connection slave
+--let $slave_sql_errno= 1590
+--source include/wait_for_slave_sql_error_and_skip.inc
+
+--sync_with_master
+SELECT COUNT(*) FROM t1;
+
+# Cleanup
+
+--connection master
+SET GLOBAL binlog_stmt_cache_size= @save_binlog_stmt_cache_size;
+DROP TABLE t1;
+
+--source include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/t/rpl_binlog_dump_slave_gtid_state_info.test b/mysql-test/suite/rpl/t/rpl_binlog_dump_slave_gtid_state_info.test
index bba41295..02b31c06 100644
--- a/mysql-test/suite/rpl/t/rpl_binlog_dump_slave_gtid_state_info.test
+++ b/mysql-test/suite/rpl/t/rpl_binlog_dump_slave_gtid_state_info.test
@@ -59,7 +59,7 @@ if(!$log_error_)
 --let SEARCH_FILE=$log_error_
 --let SEARCH_RANGE=-50000
 --let SEARCH_PATTERN=using_gtid\(1\), gtid\(\'\'\).*
---source include/search_pattern_in_file.inc
+--source include/wait_for_pattern_in_file.inc
 
 --connection slave
 --source include/stop_slave.inc
@@ -71,7 +71,7 @@ CHANGE MASTER TO MASTER_USE_GTID=no;
 --let SEARCH_FILE=$log_error_
 --let SEARCH_RANGE=-50000
 --let SEARCH_PATTERN=using_gtid\(0\), gtid\(\'\'\).*
---source include/search_pattern_in_file.inc
+--source include/wait_for_pattern_in_file.inc
 CREATE TABLE t (f INT) ENGINE=INNODB;
 INSERT INTO t VALUES(10);
 save_master_pos;
@@ -89,7 +89,7 @@ CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 --let SEARCH_FILE=$log_error_
 --let SEARCH_RANGE=-50000
 --let SEARCH_PATTERN=using_gtid\(1\), gtid\(\'0-1-2\'\).*
---source include/search_pattern_in_file.inc
+--source include/wait_for_pattern_in_file.inc
 SET @@SESSION.gtid_domain_id=10;
 INSERT INTO t VALUES(20);
 save_master_pos;
@@ -107,7 +107,7 @@ CHANGE MASTER TO MASTER_USE_GTID=slave_pos;
 --let SEARCH_FILE=$log_error_
 --let SEARCH_RANGE=-50000
 --let SEARCH_PATTERN=using_gtid\(1\), gtid\(\'0-1-2,10-1-1\'\).*
---source include/search_pattern_in_file.inc
+--source include/wait_for_pattern_in_file.inc
 
 --echo "===== Clean up ====="
 --connection slave
diff --git a/mysql-test/suite/rpl/t/rpl_checksum.test b/mysql-test/suite/rpl/t/rpl_checksum.test
index fc765744..bea325b2 100644
--- a/mysql-test/suite/rpl/t/rpl_checksum.test
+++ b/mysql-test/suite/rpl/t/rpl_checksum.test
@@ -95,6 +95,9 @@ flush logs;
 flush logs;
 -- source include/wait_for_binlog_checkpoint.inc
 flush logs;
+# The binlog position here is output in the error message from
+# wait_for_slave_io_error below, so make sure it's deterministic.
+-- source include/wait_for_binlog_checkpoint.inc
 
 sync_slave_with_master;
 #connection slave;
diff --git a/mysql-test/suite/rpl/t/rpl_circular_semi_sync.test b/mysql-test/suite/rpl/t/rpl_circular_semi_sync.test
index 267fa621..e533c54b 100644
--- a/mysql-test/suite/rpl/t/rpl_circular_semi_sync.test
+++ b/mysql-test/suite/rpl/t/rpl_circular_semi_sync.test
@@ -7,6 +7,9 @@
 --source include/have_binlog_format_mixed.inc
 --source include/master-slave.inc
 
+connection server_2;
+call mtr.add_suppression("Timeout waiting for reply of binlog");
+
 # The following tests prove
 # A.
 # no out-of-order gtid error is done to the stict gtid mode semisync
@@ -66,10 +69,18 @@ evalp CHANGE MASTER TO master_host='127.0.0.1', master_port=$SERVER_MYPORT_2, ma
 --connection server_2
 set @@global.gtid_strict_mode = true;
 set @@global.rpl_semi_sync_master_enabled = 1;
+
+# The following command is likely to cause the slave master is not yet setup
+# for semi-sync
+
 INSERT INTO t1(a) VALUES (2);
 --source include/save_master_gtid.inc
 
 --connection server_1
+# Update slave to notice that server_2 now has rpl_semi_sync_master_enabled
+--source include/stop_slave.inc
+--source include/start_slave.inc
+
 --echo #
 --echo # the successful sync is a required proof
 --echo #
diff --git a/mysql-test/suite/rpl/t/rpl_connection.test b/mysql-test/suite/rpl/t/rpl_connection.test
index 31024006..24ada7c8 100644
--- a/mysql-test/suite/rpl/t/rpl_connection.test
+++ b/mysql-test/suite/rpl/t/rpl_connection.test
@@ -16,7 +16,7 @@ CHANGE MASTER TO MASTER_USER= '', MASTER_PASSWORD= '';
 START SLAVE;
 --let $slave_io_errno= 1045, 1593
 --source include/wait_for_slave_io_error.inc
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 
 CHANGE MASTER TO MASTER_USER= 'root', MASTER_PASSWORD= '';
 START SLAVE;
diff --git a/mysql-test/suite/rpl/t/rpl_deadlock_show_slave_status.test b/mysql-test/suite/rpl/t/rpl_deadlock_show_slave_status.test
new file mode 100644
index 00000000..4c41011e
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_deadlock_show_slave_status.test
@@ -0,0 +1,121 @@
+#
+#   Verify that SHOW SLAVE STATUS will not cause deadlocks on the replica.
+# A deadlock has been seen in do_gco_wait if the thread is killed, as it will
+# hold the LOCK_parallel_entry, and during error reporting, try to grab the
+# err_lock. Prior to MDEV-10653, SHOW SLAVE STATUS would grab these locks in
+# the reverse order, as calling workers_idle() used to grab LOCK_parallel_entry
+# with the err_lock already grabbed (though the MDEV-10653 patch changed the
+# workles_idle() implementation to remove the need for locking the
+# parallel_entry).
+#
+# References:
+#   MDEV-10653: SHOW SLAVE STATUS Can Deadlock an Errored Slave
+#
+
+--source include/master-slave.inc
+--source include/have_innodb.inc
+--source include/have_debug.inc
+--source include/have_binlog_format_row.inc
+
+--echo #
+--echo # Initialize test data
+--connection master
+create table t1 (a int) engine=innodb;
+insert into t1 values (1);
+--source include/save_master_gtid.inc
+
+--connection slave
+--source include/sync_with_master_gtid.inc
+--source include/stop_slave.inc
+
+call mtr.add_suppression("Connection was killed");
+call mtr.add_suppression("Commit failed due to failure of an earlier commit on which this one depends");
+
+set @save_parallel_threads= @@global.slave_parallel_threads;
+set @save_parallel_mode= @@global.slave_parallel_mode;
+set @save_transaction_retries= @@global.slave_transaction_retries;
+set @save_innodb_lock_wait_timeout= @@global.innodb_lock_wait_timeout;
+
+set @@global.slave_parallel_threads= 2;
+set @@global.slave_parallel_mode= CONSERVATIVE;
+set @@global.slave_transaction_retries= 0;
+set @@global.innodb_lock_wait_timeout= 10;
+
+--echo # Grabbing lock on innodb row to force future replication transaction to wait (and eventually timeout)
+BEGIN;
+select * from t1 where a=1 for update;
+
+--connection master
+
+set @old_dbug= @@session.debug_dbug;
+set @@session.debug_dbug="+d,binlog_force_commit_id";
+
+
+# GCO 1
+SET @commit_id= 10000;
+# T1
+update t1 set a=2 where a=1;
+
+# GCO 2
+SET @commit_id= 10001;
+# T2
+insert into t1 values (3);
+
+set @@session.debug_dbug= @old_dbug;
+
+--connection slave
+start slave;
+
+--echo # Waiting for first transaction to start (and be held at innodb row lock)..
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Update_rows_log_event::find_row(%)%' and  command LIKE 'Slave_worker';
+--source include/wait_condition.inc
+
+--echo # Waiting for next transaction to start and hold at do_gco_wait()..
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE state LIKE 'Waiting for prior transaction to start commit%' and  command LIKE 'Slave_worker';
+--source include/wait_condition.inc
+
+--connection slave1
+set @@session.debug_dbug="+d,hold_sss_with_err_lock";
+--send show slave status
+
+--connection slave
+set debug_sync="now wait_for sss_got_err_lock";
+
+--let $t2_tid= `SELECT ID FROM INFORMATION_SCHEMA.PROCESSLIST WHERE STATE LIKE 'Waiting for prior transaction to start commit%'`
+--replace_result $t2_tid "<TID of worker in do_gco_wait>"
+--eval kill $t2_tid
+--let $wait_condition= SELECT count(*)=1 FROM information_schema.processlist WHERE command LIKE 'Killed';
+--source include/wait_condition.inc
+
+set debug_sync="now signal sss_continue";
+
+--connection slave1
+--echo # Waiting for SHOW SLAVE STATUS to complete..
+--disable_result_log
+--reap
+--enable_result_log
+--echo # ..done
+
+--connection slave
+ROLLBACK;
+--let $slave_sql_errno= 1927
+--source include/wait_for_slave_sql_error.inc
+
+
+--echo #
+--echo # Cleanup
+--connection master
+drop table t1;
+--source include/save_master_gtid.inc
+
+--connection slave
+set debug_sync= "RESET";
+set @@global.slave_parallel_threads= @save_parallel_threads;
+set @@global.slave_parallel_mode= @save_parallel_mode;
+set @@global.slave_transaction_retries= @save_transaction_retries;
+set @@global.innodb_lock_wait_timeout= @save_innodb_lock_wait_timeout;
+start slave sql_thread;
+--source include/sync_with_master_gtid.inc
+
+--source include/rpl_end.inc
+--echo # End of rpl_deadlock_show_slave_status.test
diff --git a/mysql-test/suite/rpl/t/rpl_delayed_slave.test b/mysql-test/suite/rpl/t/rpl_delayed_slave.test
index d00e796b..32d0b030 100644
--- a/mysql-test/suite/rpl/t/rpl_delayed_slave.test
+++ b/mysql-test/suite/rpl/t/rpl_delayed_slave.test
@@ -192,6 +192,12 @@ eval CHANGE MASTER TO MASTER_DELAY = $time2;
 --enable_query_log
 --source include/start_slave.inc
 
+# Ensure that slave has started properly
+--connection master
+INSERT INTO t1 VALUES ('Syncing slave', 5);
+--save_master_pos
+--sync_slave_with_master
+
 --connection master
 INSERT INTO t1 VALUES (delay_on_slave(1), 6);
 --save_master_pos
diff --git a/mysql-test/suite/rpl/t/rpl_domain_id_filter_io_crash.test b/mysql-test/suite/rpl/t/rpl_domain_id_filter_io_crash.test
index a949da0c..95fac6c2 100644
--- a/mysql-test/suite/rpl/t/rpl_domain_id_filter_io_crash.test
+++ b/mysql-test/suite/rpl/t/rpl_domain_id_filter_io_crash.test
@@ -149,8 +149,7 @@ connection slave;
 SELECT * FROM t1;
 
 SET @@global.debug_dbug=@saved_dbug;
-
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 let $do_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Do_Domain_Ids, 1);
 let $ignore_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Ignore_Domain_Ids, 1);
 --echo DO_DOMAIN_IDS (BEFORE)     : $do_domain_ids_before
@@ -218,7 +217,7 @@ SELECT * FROM t1;
 
 SET @@global.debug_dbug=@saved_dbug;
 
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 let $do_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Do_Domain_Ids, 1);
 let $ignore_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Ignore_Domain_Ids, 1);
 --echo DO_DOMAIN_IDS (BEFORE)     : $do_domain_ids_before
@@ -286,7 +285,7 @@ SELECT * FROM t1;
 
 SET @@global.debug_dbug=@saved_dbug;
 
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 let $do_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Do_Domain_Ids, 1);
 let $ignore_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Ignore_Domain_Ids, 1);
 --echo DO_DOMAIN_IDS (BEFORE)     : $do_domain_ids_before
@@ -354,7 +353,7 @@ SELECT * FROM t1;
 
 SET @@global.debug_dbug=@saved_dbug;
 
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 let $do_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Do_Domain_Ids, 1);
 let $ignore_domain_ids_before= query_get_value(SHOW SLAVE STATUS, Replicate_Ignore_Domain_Ids, 1);
 --echo DO_DOMAIN_IDS (BEFORE)     : $do_domain_ids_before
diff --git a/mysql-test/suite/rpl/t/rpl_domain_id_filter_master_crash.test b/mysql-test/suite/rpl/t/rpl_domain_id_filter_master_crash.test
index 6dafab19..cdfdc098 100644
--- a/mysql-test/suite/rpl/t/rpl_domain_id_filter_master_crash.test
+++ b/mysql-test/suite/rpl/t/rpl_domain_id_filter_master_crash.test
@@ -67,8 +67,26 @@ connection master;
 save_master_pos;
 
 --connection slave
---source include/stop_slave.inc
+
+# Left to its own devices, the IO thread may or may not stop in error,
+# depending on what it is doing when its connection to the primary is killed
+# (e.g. a failed read results in an error, whereas if the IO thread is idly
+# waiting for events when the connection dies, it will enter into a reconnect
+# loop and reconnect). So we manually stop/start the IO thread to ensure it is
+# in a consistent state
+#
+# FIXME: We shouldn't need to stop/start the SQL thread here, but due to
+# MDEV-33268, we have to. So after fixing 33268, this should only stop/start
+# the IO thread. Note the SQL thread must be stopped first due to an invalid
+# DBUG_ASSERT in the IO thread's stop logic that depends on the state of the
+# SQL thread (also reported and to be fixed in the same ticket).
+#
+--source include/stop_slave_sql.inc
+--let rpl_allow_error=1
+--source include/stop_slave_io.inc
+--let rpl_allow_error=
 --source include/start_slave.inc
+
 sync_with_master;
 select * from ti;
 select * from tm;
diff --git a/mysql-test/suite/rpl/t/rpl_fail_register.test b/mysql-test/suite/rpl/t/rpl_fail_register.test
index d95a5c5f..5f86a33c 100644
--- a/mysql-test/suite/rpl/t/rpl_fail_register.test
+++ b/mysql-test/suite/rpl/t/rpl_fail_register.test
@@ -3,7 +3,7 @@ source include/have_binlog_format_mixed.inc;
 source include/master-slave.inc;
 
 connection slave;
-
+CALL mtr.add_suppression("Slave I/O: Master command COM_REGISTER_SLAVE failed: Debug Induced Error");
 set @old_dbug=@@global.debug_dbug;
 set global debug_dbug='d,fail_com_register_slave';
 
@@ -11,8 +11,11 @@ stop slave;
 reset slave;
 source include/wait_for_slave_to_stop.inc;
 start slave;
-stop slave;
-source include/wait_for_slave_to_stop.inc;
+# Debug point will raise IO thread error ER_SLAVE_MASTER_COM_FAILURE
+# so we will wait for that and manually stop the SQL thread
+--let $slave_io_errno= 1597
+--source include/wait_for_slave_io_error.inc
+--source include/stop_slave_sql.inc
 set global debug_dbug=@old_dbug;
 
 connection master;
diff --git a/mysql-test/suite/rpl/t/rpl_gis_user_var.test b/mysql-test/suite/rpl/t/rpl_gis_user_var.test
new file mode 100644
index 00000000..8edd8cb9
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_gis_user_var.test
@@ -0,0 +1,18 @@
+--source include/have_geometry.inc
+--source include/master-slave.inc
+
+--echo #
+--echo #
+--echo #
+
+connection master;
+SET @p=POINT(1,1);
+CREATE TABLE t1 AS SELECT @p AS p;
+sync_slave_with_master;
+SHOW CREATE TABLE t1;
+SELECT ST_AsWKT(p) FROM t1;
+connection master;
+DROP TABLE t1;
+sync_slave_with_master;
+
+--source include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_basic.test b/mysql-test/suite/rpl/t/rpl_gtid_basic.test
index 70bd0087..a7af234d 100644
--- a/mysql-test/suite/rpl/t/rpl_gtid_basic.test
+++ b/mysql-test/suite/rpl/t/rpl_gtid_basic.test
@@ -162,6 +162,13 @@ eval SELECT BINLOG_GTID_POS('$valid_binlog_name',0);
 eval SELECT BINLOG_GTID_POS('$valid_binlog_name',18446744073709551615);
 eval SELECT BINLOG_GTID_POS('$valid_binlog_name',18446744073709551616);
 
+# MDEV-33045: Server crashes in Item_func_binlog_gtid_pos::val_str / Binary_string::c_ptr_safe
+SET sql_log_bin= 0;
+CREATE TABLE t1 AS SELECT MASTER_POS_WAIT(@binlog_file, 4, 0);
+SELECT BINLOG_GTID_POS(@binlog_file, 4);
+DROP TABLE t1;
+SET sql_log_bin= 1;
+
 
 --echo *** Some tests of @@GLOBAL.gtid_binlog_state ***
 --connection server_2
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_errorhandling.test b/mysql-test/suite/rpl/t/rpl_gtid_errorhandling.test
index 412489b3..c9c4d650 100644
--- a/mysql-test/suite/rpl/t/rpl_gtid_errorhandling.test
+++ b/mysql-test/suite/rpl/t/rpl_gtid_errorhandling.test
@@ -20,7 +20,7 @@ INSERT INTO t1 VALUES (1);
 CALL mtr.add_suppression("Slave: Failed to open mysql.gtid_slave_pos");
 --let $slave_sql_errno=1944
 --source include/wait_for_slave_sql_error.inc
-
+--let $rpl_only_running_threads= 1
 --source include/stop_slave.inc
 ALTER TABLE mysql.gtid_slave_pos CHANGE seq_no seq_no BIGINT UNSIGNED NOT NULL;
 ALTER TABLE mysql.gtid_slave_pos DROP PRIMARY KEY;
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_errorlog.test b/mysql-test/suite/rpl/t/rpl_gtid_errorlog.test
index ea321062..0ee54cd1 100644
--- a/mysql-test/suite/rpl/t/rpl_gtid_errorlog.test
+++ b/mysql-test/suite/rpl/t/rpl_gtid_errorlog.test
@@ -31,8 +31,8 @@ SET sql_log_bin=1;
 START SLAVE;
 --let $slave_sql_errno=1062
 --source include/wait_for_slave_sql_error.inc
-
---source include/stop_slave.inc
+--source include/wait_for_slave_io_to_start.inc
+--source include/stop_slave_io.inc
 # Skip the problem event from the master.
 SET GLOBAL gtid_slave_pos= "0-1-100";
 --source include/start_slave.inc
@@ -51,7 +51,7 @@ SET debug_dbug= @dbug_save;
 --connection slave
 --let $slave_sql_errno=1590
 --source include/wait_for_slave_sql_error.inc
---source include/stop_slave.inc
+--source include/stop_slave_io.inc
 SET sql_slave_skip_counter=1;
 --source include/start_slave.inc
 --sync_with_master
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.cnf b/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.cnf
new file mode 100644
index 00000000..a57dbbf3
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.cnf
@@ -0,0 +1,28 @@
+!include ../my.cnf
+
+[mysqld.1]
+log-slave-updates
+loose-innodb
+gtid-domain-id=1
+gtid-strict-mode=0
+gtid-ignore-duplicates=1
+
+[mysqld.2]
+log-slave-updates
+loose-innodb
+gtid-domain-id=0
+replicate-ignore-table=test.t3
+gtid-strict-mode=0
+gtid-ignore-duplicates=1
+
+[mysqld.3]
+log-slave-updates
+loose-innodb
+gtid-domain-id=0
+replicate-ignore-table=test.t3
+gtid-strict-mode=0
+gtid-ignore-duplicates=1
+
+[ENV]
+SERVER_MYPORT_3=		@mysqld.3.port
+SERVER_MYSOCK_3=		@mysqld.3.socket
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.test b/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.test
new file mode 100644
index 00000000..842bae82
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_gtid_slave_filtering.test
@@ -0,0 +1,109 @@
+--source include/have_innodb.inc
+--source include/have_binlog_format_mixed.inc
+
+--let $rpl_topology=1->2->3
+--source include/rpl_init.inc
+
+--echo *** Test GTID master switch in a topology with filtered events.
+--echo *** With --gtid-ignore-duplicate and --gtid-strict-mode, should allow
+--echo *** GTID connect at a GTID position that is filtered on the new master.
+
+--connection server_1
+
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
+CREATE TABLE t1 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t1 VALUES (1,1);
+CREATE TABLE t3 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t3 VALUES (1,1);
+INSERT INTO t1 VALUES (2,1);
+INSERT INTO t3 VALUES (2,1);
+--source include/save_master_gtid.inc
+
+--connection server_2
+CREATE TABLE t2 (a INT PRIMARY KEY, b INT) ENGINE=InnoDB;
+INSERT INTO t2 VALUES (1,2);
+
+--let $slave_timeout= 10
+--source include/sync_with_master_gtid.inc
+--source include/save_master_gtid.inc
+
+--connection server_3
+--source include/sync_with_master_gtid.inc
+
+--echo *** Promote 3 as new master, demote 2 as slave of 3.
+--echo *** GTID position of 2 in domain 0 is filtered on 3.
+
+--connection server_2
+--source include/stop_slave.inc
+
+--connection server_3
+--source include/stop_slave.inc
+--replace_result $SERVER_MYPORT_1 SERVER_MYPORT_1
+eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $SERVER_MYPORT_1,
+     MASTER_USE_GTID=SLAVE_POS;
+
+--connection server_2
+--replace_result $SERVER_MYPORT_3 SERVER_MYPORT_3
+eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $SERVER_MYPORT_3,
+     MASTER_USE_GTID=SLAVE_POS;
+--source include/start_slave.inc
+
+--connection server_3
+--source include/start_slave.inc
+
+--connection server_1
+INSERT INTO t1 VALUES (3,1);
+INSERT INTO t3 VALUES (3,1);
+--source include/save_master_gtid.inc
+
+--connection server_3
+INSERT INTO t2 VALUES (2,2);
+
+--source include/sync_with_master_gtid.inc
+--source include/save_master_gtid.inc
+
+--connection server_2
+--source include/sync_with_master_gtid.inc
+
+SELECT * FROM t1 ORDER BY a;
+# Verify that table t3 is being filtered.
+--error 1146
+SELECT * FROM t3 ORDER BY a;
+SELECT * FROM t2 ORDER BY a;
+
+
+--echo *** Restore original topology.
+
+--connection server_3
+--source include/stop_slave.inc
+
+--connection server_2
+--source include/stop_slave.inc
+--replace_result $SERVER_MYPORT_1 SERVER_MYPORT_1
+eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $SERVER_MYPORT_1,
+     MASTER_USE_GTID=SLAVE_POS;
+--source include/start_slave.inc
+
+--connection server_3
+--replace_result $SERVER_MYPORT_2 SERVER_MYPORT_2
+eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $SERVER_MYPORT_2,
+     MASTER_USE_GTID=SLAVE_POS;
+--source include/start_slave.inc
+
+
+# Cleanup
+
+--connection server_1
+DROP TABLE t1;
+DROP TABLE t3;
+--source include/save_master_gtid.inc
+
+--connection server_2
+DROP TABLE t2;
+--source include/sync_with_master_gtid.inc
+--source include/save_master_gtid.inc
+
+--connection server_3
+--source include/sync_with_master_gtid.inc
+
+--source include/rpl_end.inc
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_startpos.test b/mysql-test/suite/rpl/t/rpl_gtid_startpos.test
index c7bcc1bb..d0885ab8 100644
--- a/mysql-test/suite/rpl/t/rpl_gtid_startpos.test
+++ b/mysql-test/suite/rpl/t/rpl_gtid_startpos.test
@@ -50,7 +50,7 @@ eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $MASTER_MYPORT,
 START SLAVE;
 --let $slave_io_errno= 1236
 --source include/wait_for_slave_io_error.inc
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 
 --replace_result $MASTER_MYPORT MASTER_PORT
 eval CHANGE MASTER TO master_host = '127.0.0.1', master_port = $MASTER_MYPORT,
diff --git a/mysql-test/suite/rpl/t/rpl_gtid_stop_start.test b/mysql-test/suite/rpl/t/rpl_gtid_stop_start.test
index 9760d4df..b5ff2949 100644
--- a/mysql-test/suite/rpl/t/rpl_gtid_stop_start.test
+++ b/mysql-test/suite/rpl/t/rpl_gtid_stop_start.test
@@ -210,7 +210,7 @@ SET sql_log_bin=0;
 call mtr.add_suppression("Failed to load slave replication state from table");
 call mtr.add_suppression("Unable to load replication GTID slave state");
 SET sql_log_bin=1;
-
+--let rpl_allow_error= 1
 --source include/start_slave.inc
 --connection server_1
 INSERT INTO t1 VALUES (9);
diff --git a/mysql-test/suite/rpl/t/rpl_heartbeat_basic.test b/mysql-test/suite/rpl/t/rpl_heartbeat_basic.test
index d6d14e02..b6133625 100644
--- a/mysql-test/suite/rpl/t/rpl_heartbeat_basic.test
+++ b/mysql-test/suite/rpl/t/rpl_heartbeat_basic.test
@@ -331,7 +331,7 @@ sleep 4;
 let $rcvd_heartbeats_after= query_get_value(SHOW STATUS LIKE 'slave_received_heartbeats', Value, 1);
 let $result= query_get_value(SELECT ($rcvd_heartbeats_after - $rcvd_heartbeats_before) > 0 AS Result, Result, 1);
 --echo Heartbeat events are received while sql thread stopped (1 means 'yes'): $result
---source include/stop_slave.inc
+--source include/stop_slave_io.inc
 set sql_log_bin= 0;
 DROP TABLE t1;
 set sql_log_bin= 1;
diff --git a/mysql-test/suite/rpl/t/rpl_invoked_features.test b/mysql-test/suite/rpl/t/rpl_invoked_features.test
index 91391cf8..cd2b770c 100644
--- a/mysql-test/suite/rpl/t/rpl_invoked_features.test
+++ b/mysql-test/suite/rpl/t/rpl_invoked_features.test
@@ -102,14 +102,17 @@ BEGIN
   UPDATE t13 SET c = '';
 END|
 
-# Create events which will run every 1 sec
-CREATE EVENT e1 ON SCHEDULE EVERY 1 SECOND DISABLE DO
+# Create events which will run every 10 sec
+# It cannot be much shorter as we have to ensure that a new
+# event is not scheduled before the DISABLE has been
+# executed.
+CREATE EVENT e1 ON SCHEDULE EVERY 10 SECOND DISABLE DO
 BEGIN
   ALTER EVENT e1 DISABLE;
   CALL p1(10, '');  
 END|
 
-CREATE EVENT e11 ON SCHEDULE EVERY 1 SECOND DISABLE DO
+CREATE EVENT e11 ON SCHEDULE EVERY 10 SECOND DISABLE DO
 BEGIN
   ALTER EVENT e11 DISABLE;
   CALL p11(10, '');  
diff --git a/mysql-test/suite/rpl/t/rpl_mariadb_slave_capability.test b/mysql-test/suite/rpl/t/rpl_mariadb_slave_capability.test
index d49851cc..7e313b37 100644
--- a/mysql-test/suite/rpl/t/rpl_mariadb_slave_capability.test
+++ b/mysql-test/suite/rpl/t/rpl_mariadb_slave_capability.test
@@ -11,13 +11,25 @@ set @old_master_binlog_checksum= @@global.binlog_checksum;
 # empty Gtid_list event
 #
 # Test this by binlog rotation before we log any GTIDs.
-connection slave;
+sync_slave_with_master;
 
 # Need to stop/start the master without GTID before setting debug_dbug
 --source include/stop_slave.inc
 CHANGE MASTER TO MASTER_USE_GTID=NO;
 --source include/start_slave.inc
 
+--connection master
+--echo # Ensure only the new binlog dump thread is alive (wait for the old one
+--echo # to complete its kill)
+--let $wait_condition= select count(*)=1 from information_schema.processlist where command='Binlog Dump'
+--source include/wait_condition.inc
+
+--echo # And that it has already sent its fake rotate
+--let $wait_condition= select count(*)=1 from information_schema.processlist where state LIKE '%Master has sent all binlog to slave%' and command='Binlog Dump'
+--source include/wait_condition.inc
+
+
+--connection slave
 --source include/stop_slave.inc
 --echo # Test slave with no capability gets dummy event, which is ignored.
 set @old_dbug= @@global.debug_dbug;
@@ -26,6 +38,7 @@ SET @@global.debug_dbug='+d,simulate_slave_capability_none';
 
 connection master;
 FLUSH LOGS;
+--source include/wait_for_binlog_checkpoint.inc
 CREATE TABLE t1 (a INT PRIMARY KEY);
 INSERT INTO t1 VALUES (0);
 sync_slave_with_master;
diff --git a/mysql-test/suite/rpl/t/rpl_mdev_17614.test b/mysql-test/suite/rpl/t/rpl_mdev_17614.test
index 8d91944a..e9a41c95 100644
--- a/mysql-test/suite/rpl/t/rpl_mdev_17614.test
+++ b/mysql-test/suite/rpl/t/rpl_mdev_17614.test
@@ -40,8 +40,7 @@ SELECT * FROM t1;
 SELECT * FROM t1;
 
 # restart replication for the next testcase
-stop slave;
---source include/wait_for_slave_to_stop.inc
+--source include/stop_slave_io.inc
 --source include/reset_slave.inc
 connection master;
 reset master;
@@ -159,8 +158,7 @@ SELECT * FROM t1;
 SELECT * FROM t1;
 
 # restart replication for the next testcase
-stop slave;
---source include/wait_for_slave_to_stop.inc
+--source include/stop_slave_io.inc
 --source include/reset_slave.inc
 connection master;
 reset master;
diff --git a/mysql-test/suite/rpl/t/rpl_parallel_ignored_errors.test b/mysql-test/suite/rpl/t/rpl_parallel_ignored_errors.test
index 493385f1..83b89a69 100644
--- a/mysql-test/suite/rpl/t/rpl_parallel_ignored_errors.test
+++ b/mysql-test/suite/rpl/t/rpl_parallel_ignored_errors.test
@@ -96,7 +96,9 @@ COMMIT;
 
 # Clean up.
 --connection server_2
---source include/stop_slave.inc
+--let $slave_sql_errno= 1062
+--source include/wait_for_slave_sql_error.inc
+--source include/stop_slave_io.inc
 --let $assert_cond= COUNT(*) = 0 FROM t1 WHERE a>32
 --let $assert_text= table t1 should have zero rows where a>32
 --source include/assert.inc
diff --git a/mysql-test/suite/rpl/t/rpl_parallel_missed_error_handling.test b/mysql-test/suite/rpl/t/rpl_parallel_missed_error_handling.test
index 33b1bcb1..6ed9638d 100644
--- a/mysql-test/suite/rpl/t/rpl_parallel_missed_error_handling.test
+++ b/mysql-test/suite/rpl/t/rpl_parallel_missed_error_handling.test
@@ -60,7 +60,6 @@ SET debug_sync='RESET';
 --connection server_2
 --let $slave_sql_errno= 1062
 --source include/wait_for_slave_sql_error.inc
---source include/wait_for_slave_sql_to_stop.inc
 # We should not see the row (112,3) here, it should be rolled back due to
 # error signal from the prior transaction.
 SELECT * FROM t3 WHERE a >= 110 ORDER BY a;
diff --git a/mysql-test/suite/rpl/t/rpl_parallel_retry.test b/mysql-test/suite/rpl/t/rpl_parallel_retry.test
index 8b2affed..fe6f40d2 100644
--- a/mysql-test/suite/rpl/t/rpl_parallel_retry.test
+++ b/mysql-test/suite/rpl/t/rpl_parallel_retry.test
@@ -497,6 +497,7 @@ if (`SELECT count(*) = 1 FROM t1 WHERE a = 2`)
 # Clean up
 #
 --connection server_2
+--let $rpl_only_running_threads= 1
 --source include/stop_slave.inc
 SET @@GLOBAL.slave_parallel_threads=@old_parallel_threads;
 SET @@GLOBAL.slave_parallel_mode=@old_parallel_mode;
diff --git a/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_coordinator.test b/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_coordinator.test
index 44df3ca4..794a0c63 100644
--- a/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_coordinator.test
+++ b/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_coordinator.test
@@ -209,6 +209,7 @@ drop table t;
 reset master;
 
 --connection slave
+--let $rpl_only_running_threads= 1
 --source include/stop_slave.inc
 reset slave;
 reset master;
diff --git a/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_worker.test b/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_worker.test
index 857979d0..5ef28a62 100644
--- a/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_worker.test
+++ b/mysql-test/suite/rpl/t/rpl_perfschema_applier_status_by_worker.test
@@ -227,6 +227,7 @@ select Last_Error_Message from performance_schema.replication_applier_status_by_
 #let $assert_cond= "$sss_value" = "$ps_value_in_sss_format";
 #source include/assert.inc;
 
+--let $rpl_only_running_threads= 1
 --source include/stop_slave.inc
 RESET SLAVE;
 --connection master
diff --git a/mysql-test/suite/rpl/t/rpl_rewrite_db_sys_vars.test b/mysql-test/suite/rpl/t/rpl_rewrite_db_sys_vars.test
index b06899bb..27710063 100644
--- a/mysql-test/suite/rpl/t/rpl_rewrite_db_sys_vars.test
+++ b/mysql-test/suite/rpl/t/rpl_rewrite_db_sys_vars.test
@@ -108,6 +108,7 @@ select * from my_table;
 --source include/save_master_gtid.inc
 
 connection slave;
+--let $rpl_only_running_threads=1
 --source include/stop_slave.inc
 --source include/reset_slave.inc
 --source include/start_slave.inc
diff --git a/mysql-test/suite/rpl/t/rpl_row_corruption.test b/mysql-test/suite/rpl/t/rpl_row_corruption.test
index d78df905..6f4f9c88 100644
--- a/mysql-test/suite/rpl/t/rpl_row_corruption.test
+++ b/mysql-test/suite/rpl/t/rpl_row_corruption.test
@@ -39,7 +39,7 @@ SET @@global.debug_dbug="d,inject_tblmap_same_id_maps_diff_table";
 # wait for error 1593 (ER_SLAVE_FATAL_ERROR)
 --let $slave_sql_errno=1593 
 --source include/wait_for_slave_sql_error.inc
---source include/stop_slave.inc
+--source include/stop_slave_io.inc
 
 # clean up
 SET @@global.debug_dbug=@saved_debug;
diff --git a/mysql-test/suite/rpl/t/rpl_row_idempotency.test b/mysql-test/suite/rpl/t/rpl_row_idempotency.test
index 85775832..326f94ec 100644
--- a/mysql-test/suite/rpl/t/rpl_row_idempotency.test
+++ b/mysql-test/suite/rpl/t/rpl_row_idempotency.test
@@ -139,7 +139,9 @@ select * from ti1 order by b /* must be (2),(3) */;
 
 --echo *** slave must stop (Trying to delete a referenced foreing key)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_ROW_IS_REFERENCED_2 # Cannot add or update a child row: a foreign key constraint fails 
+--let slave_sql_errno= 1451
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -173,7 +175,9 @@ insert into ti2 set a=3, b=3 /* offending write event */;
 
 --echo *** slave must stop (Trying to insert an invalid foreign key)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_NO_REFERENCED_ROW_2 # Cannot add or update a parent row: a foreign key constraint fails
+--let slave_sql_errno= 1452
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -210,9 +214,11 @@ insert into ti1 set b=1;
 connection master;
 insert into ti1 set b=1 /* offending write event */;
 
---echo *** slave must stop (Trying to insert a dupliacte key)
+--echo *** slave must stop (Trying to insert a duplicate key)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_DUP_ENTRY # Duplicate entry for key
+--let slave_sql_errno= 1062
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -247,7 +253,10 @@ DELETE FROM t1 WHERE a = -2;
 
 --echo *** slave must stop (Key was not found)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_KEY_NOT_FOUND # Can't find record
+--let slave_sql_errno= 1032
+source include/wait_for_slave_sql_error.inc;
+
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -265,7 +274,9 @@ connection master;
 DELETE FROM t2 WHERE a = -2; 
 --echo *** slave must stop (Key was not found)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_KEY_NOT_FOUND # Can't find record
+--let slave_sql_errno= 1032
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -287,7 +298,9 @@ UPDATE t1 SET a = 1 WHERE a = -1;
 
 --echo *** slave must stop (Key was not found)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_KEY_NOT_FOUND # Can't find record
+--let slave_sql_errno= 1032
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
@@ -307,7 +320,9 @@ UPDATE t2 SET a = 1 WHERE a = -1;
 
 --echo *** slave must stop (Key was not found)
 connection slave;
-source include/wait_for_slave_sql_to_stop.inc;
+# ER_KEY_NOT_FOUND # Can't find record
+--let slave_sql_errno= 1032
+source include/wait_for_slave_sql_error.inc;
 
 let $last_error = query_get_value("SHOW SLAVE STATUS", Last_SQL_Errno, 1);
 disable_query_log;
diff --git a/mysql-test/suite/rpl/t/rpl_row_until.test b/mysql-test/suite/rpl/t/rpl_row_until.test
index d318e0d7..aa43831b 100644
--- a/mysql-test/suite/rpl/t/rpl_row_until.test
+++ b/mysql-test/suite/rpl/t/rpl_row_until.test
@@ -101,7 +101,12 @@ START SLAVE UNTIL RELAY_LOG_FILE='slave-relay-bin.000002', MASTER_LOG_POS=561;
 --replace_result 740 MASTER_LOG_POS
 START SLAVE UNTIL MASTER_LOG_FILE='master-bin.000001', MASTER_LOG_POS=740;
 
---source include/stop_slave.inc
+# Explicit wait for slave thread start and then stop. Otherwise the STOP SLAVE
+# command can abort the slave connecting to the master, and an error state
+# left which makes stop_slave.inc throw an error.
+--source include/wait_for_slave_io_to_start.inc
+--source include/wait_for_slave_sql_to_stop.inc
+--source include/stop_slave_io.inc
 --source include/reset_slave.inc
 --source include/start_slave.inc
 
diff --git a/mysql-test/suite/rpl/t/rpl_seconds_behind_master_spike.test b/mysql-test/suite/rpl/t/rpl_seconds_behind_master_spike.test
index 7c2e39dc..a80dedb7 100644
--- a/mysql-test/suite/rpl/t/rpl_seconds_behind_master_spike.test
+++ b/mysql-test/suite/rpl/t/rpl_seconds_behind_master_spike.test
@@ -33,7 +33,8 @@ CHANGE MASTER TO MASTER_USE_GTID=NO;
 
 --source include/stop_slave.inc
 SET @save_dbug= @@GLOBAL.debug_dbug;
-SET @@global.debug_dbug="+d,pause_sql_thread_on_fde,negate_clock_diff_with_master";
+SET @@global.debug_dbug="+d,pause_sql_thread_on_relay_fde_after_trans";
+SET @@global.debug_dbug="+d,negate_clock_diff_with_master";
 --source include/start_slave.inc
 
 --let $sleep_time=2
@@ -52,12 +53,6 @@ insert into t1 values (1);
 flush logs;
 
 --connection slave
---echo # Ignore FDEs that happen before the CREATE/INSERT commands
-SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
-SET DEBUG_SYNC='now SIGNAL sql_thread_continue';
-SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
-SET DEBUG_SYNC='now SIGNAL sql_thread_continue';
-
 --echo # On the next FDE, the slave should have the master CREATE/INSERT events
 SET DEBUG_SYNC='now WAIT_FOR paused_on_fde';
 select count(*)=1 from t1;
@@ -138,6 +133,7 @@ while (!$caught_up)
     }
     sleep 0.1;
 }
+set debug_sync="RESET";
 --enable_query_log
 
 --connection master
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync.test b/mysql-test/suite/rpl/t/rpl_semi_sync.test
index 720ec059..ff233615 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync.test
@@ -23,7 +23,6 @@ connection slave;
 # inconsistent GTID values because the seq_nos are non-deterministic with
 # the masters events coming in concurrently
 set sql_log_bin=0;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 set sql_log_bin=1;
@@ -58,7 +57,7 @@ set global rpl_semi_sync_slave_enabled= 0;
 
 connection master;
 
-set global rpl_semi_sync_master_timeout= 60000; # 60s
+set global rpl_semi_sync_master_timeout= 2000; # 2s
 
 echo [ default state of semi-sync on master should be OFF ];
 show variables like 'rpl_semi_sync_master_enabled';
@@ -202,12 +201,16 @@ sync_slave_with_master;
 --echo # Test semi-sync master will switch OFF after one transaction
 --echo # timeout waiting for slave reply.
 --echo #
+
+connection master;
+show status like "Rpl_semi_sync_master_status";
+
 connection slave;
 source include/stop_slave.inc;
 
 connection master;
 --source include/kill_binlog_dump_threads.inc
-set global rpl_semi_sync_master_timeout= 5000;
+set global rpl_semi_sync_master_timeout= 2000;
 
 # The first semi-sync check should be on because after slave stop,
 # there are no transactions on the master.
@@ -239,8 +242,8 @@ show status like 'Rpl_semi_sync_master_status';
 show status like 'Rpl_semi_sync_master_no_tx';
 show status like 'Rpl_semi_sync_master_yes_tx';
 
-# Semi-sync status on master is now OFF, so all these transactions
-# will be replicated asynchronously.
+# Semi-sync status on master is now ON, but there are no slaves attached,
+# so all these transactions will be replicated asynchronously.
 delete from t1 where a=10;
 delete from t1 where a=9;
 delete from t1 where a=8;
@@ -374,6 +377,9 @@ let $status_var= Rpl_semi_sync_master_clients;
 let $status_var_value= 1;
 source include/wait_for_status_var.inc;
 
+sync_slave_with_master;
+connection master;
+
 replace_result $engine_type ENGINE_TYPE;
 eval create table t1 (a int) engine = $engine_type;
 insert into t1 values (1);
@@ -420,6 +426,10 @@ connection master;
 let $status_var= Rpl_semi_sync_master_clients;
 let $status_var_value= 1;
 source include/wait_for_status_var.inc;
+
+sync_slave_with_master;
+connection master;
+
 echo [ master semi-sync should be ON ];
 show status like 'Rpl_semi_sync_master_clients';
 show status like 'Rpl_semi_sync_master_status';
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_event.test b/mysql-test/suite/rpl/t/rpl_semi_sync_event.test
index d4df9b40..86e1522e 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_event.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_event.test
@@ -14,7 +14,6 @@ call mtr.add_suppression("Unsafe statement written to the binary log using state
 call mtr.add_suppression("mysqld: Got an error reading communication packets");
 
 connection slave;
-call mtr.add_suppression("Master server does not support semi-sync");
 call mtr.add_suppression("Semi-sync slave .* reply");
 call mtr.add_suppression("Slave SQL.*Request to stop slave SQL Thread received while applying a group that has non-transactional changes; waiting for completion of the group");
 
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_fail_over.test b/mysql-test/suite/rpl/t/rpl_semi_sync_fail_over.test
index 6a691ae0..17d7b50d 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_fail_over.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_fail_over.test
@@ -18,6 +18,7 @@
 --connection server_1
 RESET MASTER;
 SET @@global.max_binlog_size= 4096;
+set @@global.rpl_semi_sync_master_enabled = 1;
 
 --connection server_2
 RESET MASTER;
@@ -29,7 +30,6 @@ CHANGE MASTER TO master_use_gtid= slave_pos;
 
 --connection server_1
 ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
-set @@global.rpl_semi_sync_master_enabled = 1;
 set @@global.rpl_semi_sync_master_wait_point=AFTER_SYNC;
 
 CREATE TABLE t1 (a INT PRIMARY KEY, b MEDIUMTEXT) ENGINE=Innodb;
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_master_shutdown.test b/mysql-test/suite/rpl/t/rpl_semi_sync_master_shutdown.test
index 2224f78d..05e6fcca 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_master_shutdown.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_master_shutdown.test
@@ -30,8 +30,12 @@ connection master;
 --let $rpl_server_number=1
 source include/rpl_stop_server.inc;
 
+# After stoping the master, slave receives the disconnect error (2003)
 --connection slave
---source include/stop_slave.inc
+--let $slave_io_errno=2003
+--let $slave_io_error_is_nonfatal=1
+--source include/wait_for_slave_io_error.inc
+--let $slave_io_error_is_nonfatal=0
 
 #connection master;
 --echo # Restart master
@@ -42,8 +46,10 @@ source include/rpl_start_server.inc;
 # Clean up
 #
 --connection slave
---source include/stop_slave.inc
---source include/start_slave.inc
+--source include/wait_for_slave_sql_to_start.inc
+--let rpl_allow_error=1
+--source include/wait_for_slave_io_to_start.inc
+#--source include/start_slave.inc
 
 --connection master
 SET @@GLOBAL.debug_dbug="";
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.cnf b/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.cnf
new file mode 100644
index 00000000..cb7062d5
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.cnf
@@ -0,0 +1,12 @@
+!include include/default_mysqld.cnf
+
+[mysqld.1]
+
+[mysqld.2]
+
+[mysqld.3]
+
+[ENV]
+SERVER_MYPORT_1= @mysqld.1.port
+SERVER_MYPORT_2= @mysqld.2.port
+SERVER_MYPORT_3= @mysqld.3.port
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.test b/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.test
new file mode 100644
index 00000000..c8870e47
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_no_missed_ack_after_add_slave.test
@@ -0,0 +1,122 @@
+#
+#   This test ensures that a primary will listen for ACKs by newly added
+# semi-sync connections connections, after a pre-existing connection is already
+# established. MDEV-32960 reported that the newly added slave's ACK can be
+# ignored if listen_on_sockets() does not timeout before
+# rpl_semi_sync_master_timeout, and if the existing semi-sync connections fail
+# to send ACKs, semi-sync is switched off.
+#
+#   This test ensures this in a two-replica setup with a semi-sync timeout of
+# 500ms, and delaying the ACK reply of the first-established replica by 800ms
+# to force a timeout, and allowing the second replica to immediately ACK.
+#
+# References:
+#   MDEV-32960: Semi-sync ACKed Transaction can Timeout and Switch Off
+#               Semi-sync with Multiple Replicas
+#
+--source include/have_debug.inc
+# binlog_format independent
+--source include/have_binlog_format_statement.inc
+
+--let $rpl_topology= 1->2,1->3
+--source include/rpl_init.inc
+
+
+--connection server_1
+set @old_enabled= @@global.rpl_semi_sync_master_enabled;
+set @old_timeout= @@global.rpl_semi_sync_master_timeout;
+set global rpl_semi_sync_master_enabled= 1;
+set global rpl_semi_sync_master_timeout= 500;
+
+--connection server_2
+--source include/stop_slave.inc
+set @old_enabled= @@global.rpl_semi_sync_slave_enabled;
+set @old_dbug= @@global.debug_dbug;
+set global rpl_semi_sync_slave_enabled= 1;
+set global debug_dbug="+d,simulate_delay_semisync_slave_reply";
+--source include/start_slave.inc
+
+--connection server_3
+--source include/stop_slave.inc
+set @old_enabled= @@global.rpl_semi_sync_slave_enabled;
+set global rpl_semi_sync_slave_enabled= 1;
+--source include/start_slave.inc
+
+--echo # Ensure primary recognizes both replicas are semi-sync
+--connection server_1
+--let $status_var_value= 2
+--let $status_var= rpl_semi_sync_master_clients
+--source include/wait_for_status_var.inc
+
+--let $master_ss_status= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_master_status', Value, 1)
+if (`SELECT strcmp("$master_ss_status", "ON") != 0`)
+{
+  SHOW STATUS LIKE 'rpl_semi_sync_master_status';
+  --die rpl_semi_sync_master_status should be ON to start
+}
+
+--connection server_1
+--let $init_master_yes_tx= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_master_yes_tx', Value, 1)
+create table t1 (a int);
+
+--connection server_2
+--echo # Verifying server_2 did not send ACK
+--let $slave1_sent_ack= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_slave_send_ack', Value, 1)
+if (`SELECT $slave1_sent_ack`)
+{
+  SHOW STATUS LIKE 'rpl_semi_sync_slave_send_ack';
+  --die server_2 should not have sent semi-sync ACK to primary
+}
+
+--connection server_3
+--echo # Verifying server_3 did send ACK
+--let $slave2_sent_ack= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_slave_send_ack', Value, 1)
+if (`SELECT NOT $slave2_sent_ack`)
+{
+  SHOW STATUS LIKE 'rpl_semi_sync_slave_send_ack';
+  --die server_3 should have sent semi-sync ACK to primary
+}
+
+--connection server_1
+--echo # Verifying master's semi-sync status is still ON (This failed pre-MDEV-32960 fixes)
+let $master_ss_status= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_master_status', Value, 1);
+if (`SELECT strcmp("$master_ss_status", "ON") != 0`)
+{
+  SHOW STATUS LIKE 'rpl_semi_sync_master_status';
+  --die rpl_semi_sync_master_status should not have switched off after server_3 ACKed transaction
+}
+
+--echo # Verifying rpl_semi_sync_master_yes_tx incremented
+--let $cur_master_yes_tx= query_get_value(SHOW STATUS LIKE 'rpl_semi_sync_master_yes_tx', Value, 1)
+if (`SELECT $cur_master_yes_tx != ($init_master_yes_tx + 1)`)
+{
+  --echo # Initial yes_tx: $init_master_yes_tx
+  --echo # Current yes_tx: $cur_master_yes_tx
+  --die rpl_semi_sync_master_yes_tx should have been incremented by primary
+}
+
+
+--echo #
+--echo # Cleanup
+
+--connection server_2
+set global rpl_semi_sync_slave_enabled= @old_enabled;
+set global debug_dbug= @old_dbug;
+--source include/stop_slave.inc
+
+--connection server_3
+set global rpl_semi_sync_slave_enabled= @old_enabled;
+--source include/stop_slave.inc
+
+--connection server_1
+set global rpl_semi_sync_master_enabled= @old_enabled;
+set global rpl_semi_sync_master_timeout= @old_timeout;
+drop table t1;
+
+--connection server_2
+--source include/start_slave.inc
+--connection server_3
+--source include/start_slave.inc
+
+--source include/rpl_end.inc
+--echo # End of rpl_semi_sync_no_missed_ack_after_add_slave.test
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_shutdown_await_ack.inc b/mysql-test/suite/rpl/t/rpl_semi_sync_shutdown_await_ack.inc
index a232f685..252541ae 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_shutdown_await_ack.inc
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_shutdown_await_ack.inc
@@ -116,11 +116,13 @@ show status like 'Rpl_semi_sync_master_no_tx';
 --connection server_2
 --eval SET @@GLOBAL.debug_dbug= "$sav_server_2_dbug"
 --eval SET @@GLOBAL.rpl_semi_sync_slave_enabled= 0
+--let $rpl_only_running_threads= 1
 source include/stop_slave.inc;
 
 --connection server_3
 --eval SET @@GLOBAL.debug_dbug= "$sav_server_3_dbug"
 --eval SET @@GLOBAL.rpl_semi_sync_slave_enabled= 0
+--let $rpl_only_running_threads= 1
 source include/stop_slave.inc;
 
 --echo #-- Bring the master back up
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_slave_compressed_protocol.test b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_compressed_protocol.test
index bc05bec2..644e6517 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_slave_compressed_protocol.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_compressed_protocol.test
@@ -40,7 +40,7 @@ DROP TABLE t1;
 --let $assert_select=Read semi-sync reply magic number error
 --let $assert_file= $MYSQLTEST_VARDIR/log/mysqld.1.err
 --let $assert_count= 0
---let $assert_only_after = CURRENT_TEST:rpl.rpl_semi_sync_slave_compressed_protocol.test
+--let $assert_only_after = CURRENT_TEST: rpl.rpl_semi_sync_slave_compressed_protocol
 --source include/assert_grep.inc
 
 --connection master
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_slave_enabled_consistent.test b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_enabled_consistent.test
new file mode 100644
index 00000000..9e388ab4
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_enabled_consistent.test
@@ -0,0 +1,73 @@
+#
+# MDEV-32551: "Read semi-sync reply magic number error" warnings on master
+#
+# Test that changing rpl_semi_sync_master_enabled after startup does not
+# cause problems with semi-sync cleanup.
+#
+
+--source include/have_debug.inc
+--source include/have_debug_sync.inc
+
+# Test is binlog format independent, so save resources
+--source include/have_binlog_format_row.inc
+--source include/master-slave.inc
+
+call mtr.add_suppression("Replication event checksum verification failed");
+call mtr.add_suppression("could not queue event from master");
+
+--echo #
+--echo # Set up a semisync connection
+--connection master
+set @@global.rpl_semi_sync_master_enabled= ON;
+
+--connection slave
+stop slave io_thread;
+set @@global.rpl_semi_sync_slave_enabled= ON;
+set @old_dbug= @@global.debug_dbug;
+
+# Force an error to abort out of the main IO thread loop
+set @@global.debug_dbug= "+d,corrupt_queue_event";
+
+# Pause the IO thread as soon as the main loop starts. Note we can't use
+# processlist where "Waiting for master to send event" because the
+# "corrupt_queue_event" will trigger before we can turn semisync OFF
+set @@global.debug_dbug= "+d,pause_before_io_read_event";
+
+# Because the other debug_dbug points are automatically negated when they are
+# run, and there is a bug that if "-d" takes us to an empty debug string state,
+# _all_ debug_print statements are output
+set @@global.debug_dbug= "+d,placeholder";
+
+start slave io_thread;
+
+--echo # Disable semi-sync on the slave while the IO thread is active
+set debug_sync='now wait_for io_thread_at_read_event';
+set @@global.rpl_semi_sync_slave_enabled= OFF;
+set debug_sync='now signal io_thread_continue_read_event';
+
+--echo # Waiting for the slave to stop with the error from corrupt_queue_event
+--connection slave
+--let $slave_io_errno= 1595,1743
+--source include/wait_for_slave_io_error.inc
+
+--echo # Sleep 1 to give time for Ack_receiver to receive COM_QUIT
+--sleep 1
+
+--let $assert_text= Check that there is no 'Read semi-sync reply magic number error' in error log.
+--let $assert_select=magic number error
+--let $assert_file= $MYSQLTEST_VARDIR/log/mysqld.1.err
+--let $assert_count= 0
+--let $assert_only_after=CURRENT_TEST
+--source include/assert_grep.inc
+
+--echo #
+--echo # Cleanup
+--connection slave
+--source include/stop_slave.inc
+set @@global.debug_dbug= @old_dbug;
+--source include/start_slave.inc
+--connection master
+set @@global.rpl_semi_sync_master_enabled= default;
+
+--source include/rpl_end.inc
+--echo # End of rpl_semi_sync_slave_enabled_consistent.test
diff --git a/mysql-test/suite/rpl/t/rpl_semi_sync_slave_reply_fail.test b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_reply_fail.test
index 94853799..84462ed6 100644
--- a/mysql-test/suite/rpl/t/rpl_semi_sync_slave_reply_fail.test
+++ b/mysql-test/suite/rpl/t/rpl_semi_sync_slave_reply_fail.test
@@ -31,6 +31,7 @@
 
 --connection master
 call mtr.add_suppression("Timeout waiting for reply of binlog*");
+call mtr.add_suppression("Master server does not read semi-sync messages*");
 --let $sav_timeout_master=`SELECT @@GLOBAL.rpl_semi_sync_master_timeout`
 set global rpl_semi_sync_master_enabled = ON;
 SET @@GLOBAL.rpl_semi_sync_master_timeout=100;
@@ -54,9 +55,9 @@ if(!$log_error_)
     # does not know the location of its .err log, use default location
     let $log_error_ = $MYSQLTEST_VARDIR/log/mysqld.2.err;
 }
---echo "Assert that the net_fulsh() reply failed is present in slave error log.
+--echo "Assert that Master server does not read semi-sync messages" is present in slave error log.
 --let SEARCH_FILE=$log_error_
---let SEARCH_PATTERN=Semi-sync slave net_flush\(\) reply failed
+--let SEARCH_PATTERN=Master server does not read semi-sync messages
 --source include/search_pattern_in_file.inc
 
 --echo "Assert that Slave IO thread is up and running."
@@ -78,7 +79,7 @@ insert into t1 values (10);
 
 --connection master
 set statement sql_log_bin=0 for call mtr.add_suppression("Read semi-sync reply magic number error");
-SET @save_debug_master= @@global.debug;
+SET @save_debug_master= @@global.debug_dbug;
 SET GLOBAL debug_dbug="+d,semisync_corrupt_magic";
 insert into t1 values (11);
 
diff --git a/mysql-test/suite/rpl/t/rpl_semisync_ali_issues.test b/mysql-test/suite/rpl/t/rpl_semisync_ali_issues.test
index 5e6f350b..c5c1daa4 100644
--- a/mysql-test/suite/rpl/t/rpl_semisync_ali_issues.test
+++ b/mysql-test/suite/rpl/t/rpl_semisync_ali_issues.test
@@ -16,7 +16,6 @@ CALL mtr.add_suppression("Failed on request_dump()*");
 CALL mtr.add_suppression("Semi-sync master failed on*");
 CALL mtr.add_suppression("Master command COM_BINLOG_DUMP failed*");
 CALL mtr.add_suppression("on master failed*");
-CALL mtr.add_suppression("Master server does not support semi-sync*");
 CALL mtr.add_suppression("Semi-sync slave net_flush*");
 CALL mtr.add_suppression("Failed to flush master info*");
 CALL mtr.add_suppression("Request to stop slave SQL Thread received while apply*");
diff --git a/mysql-test/suite/rpl/t/rpl_session_var.test b/mysql-test/suite/rpl/t/rpl_session_var.test
index cf3faa65..3ea6d5da 100644
--- a/mysql-test/suite/rpl/t/rpl_session_var.test
+++ b/mysql-test/suite/rpl/t/rpl_session_var.test
@@ -7,6 +7,12 @@ disable_query_log;
 call mtr.add_suppression("Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT");
 enable_query_log;
 
+select @@rpl_semi_sync_master_enabled;
+connection slave;
+select @@rpl_semi_sync_slave_enabled;
+show status like "rpl_semi_sync_slave_status";
+connection master;
+
 drop table if exists t1;
 create table t1(a varchar(100),b int);
 set @@session.sql_mode=pipes_as_concat;
diff --git a/mysql-test/suite/rpl/t/rpl_session_var2-master.opt b/mysql-test/suite/rpl/t/rpl_session_var2-master.opt
new file mode 100644
index 00000000..edb0c915
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_session_var2-master.opt
@@ -0,0 +1 @@
+--rpl_semi_sync_master_enabled=1 --rpl_semi_sync_slave_enabled=1
diff --git a/mysql-test/suite/rpl/t/rpl_session_var2-slave.opt b/mysql-test/suite/rpl/t/rpl_session_var2-slave.opt
new file mode 100644
index 00000000..c9f3082e
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_session_var2-slave.opt
@@ -0,0 +1 @@
+--rpl_semi_sync_slave_enabled=1
diff --git a/mysql-test/suite/rpl/t/rpl_session_var2.test b/mysql-test/suite/rpl/t/rpl_session_var2.test
new file mode 100644
index 00000000..cbf8a5cf
--- /dev/null
+++ b/mysql-test/suite/rpl/t/rpl_session_var2.test
@@ -0,0 +1,3 @@
+# Replication of session variables when semi-sync is on
+
+--source rpl_session_var.test
diff --git a/mysql-test/suite/rpl/t/rpl_set_statement_default_master.test b/mysql-test/suite/rpl/t/rpl_set_statement_default_master.test
index 106cb454..d30da61b 100644
--- a/mysql-test/suite/rpl/t/rpl_set_statement_default_master.test
+++ b/mysql-test/suite/rpl/t/rpl_set_statement_default_master.test
@@ -26,6 +26,7 @@ eval CHANGE MASTER 'm1' TO MASTER_HOST='127.0.0.1', MASTER_PORT=$MASTER_MYPORT,
 SET STATEMENT default_master_connection = 'm1' FOR START SLAVE;
 
 set default_master_connection = 'm1';
+--source include/wait_for_slave_to_start.inc
 stop slave;
 --source include/wait_for_slave_to_stop.inc
 reset slave all;
diff --git a/mysql-test/suite/rpl/t/rpl_shutdown_wait_semisync_slaves.test b/mysql-test/suite/rpl/t/rpl_shutdown_wait_semisync_slaves.test
index 2c63df30..0547a97f 100644
--- a/mysql-test/suite/rpl/t/rpl_shutdown_wait_semisync_slaves.test
+++ b/mysql-test/suite/rpl/t/rpl_shutdown_wait_semisync_slaves.test
@@ -28,6 +28,9 @@ while (`SELECT $i <= $slaves`)
   --inc $i
 }
 
+# The following script will restart master and slaves. This will also set
+# rpl_semi_sync_master_enabled=0
+
 --source include/rpl_shutdown_wait_slaves.inc
 --let i= 2
 while (`SELECT $i <= $slaves`)
diff --git a/mysql-test/suite/rpl/t/rpl_slave_load_tmpdir_not_exist.test b/mysql-test/suite/rpl/t/rpl_slave_load_tmpdir_not_exist.test
index 16dcd8ec..89b7c7f1 100644
--- a/mysql-test/suite/rpl/t/rpl_slave_load_tmpdir_not_exist.test
+++ b/mysql-test/suite/rpl/t/rpl_slave_load_tmpdir_not_exist.test
@@ -15,6 +15,7 @@ call mtr.add_suppression("Slave SQL.*Unable to use slave.s temporary directory")
 --let $slave_sql_errno= 12
 source include/wait_for_slave_sql_error.inc;
 
+--source include/wait_for_slave_io_to_start.inc
 --source include/stop_slave_io.inc
 RESET SLAVE;
 
diff --git a/mysql-test/suite/rpl/t/rpl_slave_status.test b/mysql-test/suite/rpl/t/rpl_slave_status.test
index 63e37216..fb552d64 100644
--- a/mysql-test/suite/rpl/t/rpl_slave_status.test
+++ b/mysql-test/suite/rpl/t/rpl_slave_status.test
@@ -59,7 +59,6 @@ sync_slave_with_master;
 source include/stop_slave.inc;
 START SLAVE;
 source include/wait_for_slave_sql_to_start.inc;
-source include/wait_for_slave_io_to_stop.inc;
 
 --echo ==== Verify that Slave IO thread stopped with error ====
 # 1045 = ER_ACCESS_DENIED_ERROR
@@ -68,7 +67,7 @@ source include/wait_for_slave_io_to_stop.inc;
 
 --echo ==== Cleanup (Note that slave IO thread is not running) ====
 
-# cleanup: slave io thread has is stopped so we reset replication
+# cleanup: slave io thread is stopped so we reset replication
 --source include/stop_slave_sql.inc
 CHANGE MASTER TO MASTER_USER = 'root', MASTER_PASSWORD = '';
 # clear Slave_IO_Errno
diff --git a/mysql-test/suite/rpl/t/rpl_sql_thd_start_errno_cleared.test b/mysql-test/suite/rpl/t/rpl_sql_thd_start_errno_cleared.test
index f6dcfd91..8b096902 100644
--- a/mysql-test/suite/rpl/t/rpl_sql_thd_start_errno_cleared.test
+++ b/mysql-test/suite/rpl/t/rpl_sql_thd_start_errno_cleared.test
@@ -76,6 +76,10 @@ if ($last_error)
 
 set debug_sync= "now signal sql_thread_continue";
 
+--echo # Wait for debug_sync signal to have been received before issuing RESET
+let $wait_condition= select count(*)=0 from information_schema.processlist where state like "debug sync point%";
+source include/wait_condition.inc;
+
 set @@global.debug_dbug= @saved_dbug;
 set debug_sync= "RESET";
 
diff --git a/mysql-test/suite/rpl/t/rpl_ssl1.test b/mysql-test/suite/rpl/t/rpl_ssl1.test
index d994dd21..04f6cfff 100644
--- a/mysql-test/suite/rpl/t/rpl_ssl1.test
+++ b/mysql-test/suite/rpl/t/rpl_ssl1.test
@@ -29,8 +29,10 @@ connection slave;
 select * from t1;
 
 #showing that replication could work with ssl params
-stop slave;
---source include/wait_for_slave_to_stop.inc
+--let $slave_io_errno=1045
+--source include/wait_for_slave_io_error.inc
+--source include/stop_slave_sql.inc
+
 --replace_result $MYSQL_TEST_DIR MYSQL_TEST_DIR
 eval change master to master_ssl=1 , master_ssl_ca ='$MYSQL_TEST_DIR/std_data/cacert.pem', master_ssl_cert='$MYSQL_TEST_DIR/std_data/client-cert.pem', master_ssl_key='$MYSQL_TEST_DIR/std_data/client-key.pem';
 start slave;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_1.test b/mysql-test/suite/rpl/t/rpl_start_alter_1.test
index 9ce061f1..b16f6a53 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_1.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_1.test
@@ -6,6 +6,7 @@
 --source include/master-slave.inc
 
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_2.test b/mysql-test/suite/rpl/t/rpl_start_alter_2.test
index 457409c5..a5cef2e5 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_2.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_2.test
@@ -8,9 +8,11 @@
 --source include/have_debug.inc
 --source include/master-slave.inc
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
+
 --connection slave
 --let $gtid_strict_mode= `select @@gtid_strict_mode`
 --let $slave_parallel_threads= `select @@slave_parallel_threads`
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_3.test b/mysql-test/suite/rpl/t/rpl_start_alter_3.test
index b280aeb9..8207dcbb 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_3.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_3.test
@@ -9,9 +9,11 @@
 --source include/master-slave.inc
 --source include/have_debug.inc
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
+
 --connection slave
 --let $gtid_strict_mode= `select @@gtid_strict_mode`
 --let $slave_parallel_threads= `select @@slave_parallel_threads`
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_4.test b/mysql-test/suite/rpl/t/rpl_start_alter_4.test
index 8c67b50a..f4edc4b9 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_4.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_4.test
@@ -9,6 +9,7 @@
 --source include/master-slave.inc
 --source include/have_debug.inc
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_5.test b/mysql-test/suite/rpl/t/rpl_start_alter_5.test
index 10d0d523..b2d31f21 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_5.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_5.test
@@ -9,6 +9,7 @@
 --source include/master-slave.inc
 --source include/have_debug.inc
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_6.test b/mysql-test/suite/rpl/t/rpl_start_alter_6.test
index fc49ea4a..6c2b5015 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_6.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_6.test
@@ -10,6 +10,7 @@
 --source include/master-slave.inc
 --source include/have_debug.inc
 --connection master
+ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $binlog_alter_two_phase= `select @@binlog_alter_two_phase`
 set global binlog_alter_two_phase = ON;
 set binlog_alter_two_phase = ON;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_7.test b/mysql-test/suite/rpl/t/rpl_start_alter_7.test
index 7225c075..21c21c85 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_7.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_7.test
@@ -21,6 +21,10 @@ stop slave;
 set global binlog_alter_two_phase=true;
 
 --connection server_3
+SET STATEMENT sql_log_bin=0 FOR
+  CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+  ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $gtid_strict_mode= `select @@gtid_strict_mode`
 --let $slave_parallel_threads= `select @@slave_parallel_threads`
 --let $slave_parallel_mode= `select @@slave_parallel_mode`
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_8.test b/mysql-test/suite/rpl/t/rpl_start_alter_8.test
index 4ab8e2b0..c8c5ac74 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_8.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_8.test
@@ -21,6 +21,10 @@ stop slave;
 set global binlog_alter_two_phase=true;
 
 --connection server_3
+SET STATEMENT sql_log_bin=0 FOR
+  CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+  ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 --let $gtid_strict_mode= `select @@gtid_strict_mode`
 --let $slave_parallel_threads= `select @@slave_parallel_threads`
 --let $slave_parallel_mode= `select @@slave_parallel_mode`
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_1.test b/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_1.test
index f655d3c1..a2f6adcc 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_1.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_1.test
@@ -10,6 +10,8 @@
 set global binlog_alter_two_phase=true;
 --connection slave
 --source include/stop_slave.inc
+SET STATEMENT sql_log_bin=0 FOR
+  ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 set global gtid_strict_mode=1;
 
 --echo # Legacy Master Slave
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_2.test b/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_2.test
index c7d5bd66..9d9675c6 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_2.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_mysqlbinlog_2.test
@@ -57,6 +57,10 @@ SET @save_binlog_alter_two_phase= @@GLOBAL.binlog_alter_two_phase;
 SET GLOBAL binlog_alter_two_phase = ON;
 
 --connection server_3
+SET STATEMENT sql_log_bin=0 FOR
+  CALL mtr.add_suppression("The table mysql.gtid_slave_pos was removed. This change will not take full effect until all SQL threads have been restarted");
+SET STATEMENT sql_log_bin=0 FOR
+  ALTER TABLE mysql.gtid_slave_pos ENGINE=InnoDB;
 SET @save_gtid_strict_mode= @@GLOBAL.gtid_strict_mode;
 SET @slave_parallel_threads= @@GLOBAL.slave_parallel_threads;
 SET @slave_parallel_mode= @@GLOBAL.slave_parallel_mode;
diff --git a/mysql-test/suite/rpl/t/rpl_start_alter_restart_slave.test b/mysql-test/suite/rpl/t/rpl_start_alter_restart_slave.test
index df028ff1..5dcb0bf8 100644
--- a/mysql-test/suite/rpl/t/rpl_start_alter_restart_slave.test
+++ b/mysql-test/suite/rpl/t/rpl_start_alter_restart_slave.test
@@ -90,8 +90,12 @@ SET GLOBAL debug_dbug= @old_debug_slave;
 
 select domain_id, seq_no from mysql.gtid_slave_pos order by seq_no desc limit 1;
 --source include/start_slave.inc
+
 --connection master
---sync_slave_with_master
+--source include/save_master_gtid.inc
+
+--connection slave
+--source include/sync_with_master_gtid.inc
 --echo # Everything from the master binlog must have been applied now:
 select domain_id, seq_no from mysql.gtid_slave_pos order by seq_no desc limit 1;
 --let $slave_gtid_state = `select @@gtid_binlog_state`
diff --git a/mysql-test/suite/rpl/t/rpl_temporary_errors.test b/mysql-test/suite/rpl/t/rpl_temporary_errors.test
index 85e16afa..4d179cd5 100644
--- a/mysql-test/suite/rpl/t/rpl_temporary_errors.test
+++ b/mysql-test/suite/rpl/t/rpl_temporary_errors.test
@@ -71,13 +71,15 @@ connection slave;
 set @@global.innodb_lock_wait_timeout=1;
 set @@global.slave_transaction_retries=100;
 
+--let $rpl_allow_error=1
 --source include/restart_slave_sql.inc
+--let $rpl_allow_error=0
 
 --let $last_retries= query_get_value(SHOW GLOBAL STATUS LIKE 'Slave_retried_transactions', Value, 1)
 --let $status_type=GLOBAL
 --let $status_var=Slave_retried_transactions
 --let $status_var_value=`SELECT 1 + $last_retries`
---let $$status_var_comparsion= >
+--let $status_var_comparsion= >
 --source include/wait_for_status_var.inc
 
 # Release the record after just one retry
diff --git a/mysql-test/suite/rpl/t/rpl_using_gtid_default.test b/mysql-test/suite/rpl/t/rpl_using_gtid_default.test
index eab5b4dd..c14695f9 100644
--- a/mysql-test/suite/rpl/t/rpl_using_gtid_default.test
+++ b/mysql-test/suite/rpl/t/rpl_using_gtid_default.test
@@ -271,7 +271,10 @@ eval set global gtid_slave_pos="$old_slave_pos";
 --echo # not master_use_gtid=no should warn the user that Using_Gtid is being
 --echo # changed to No.
 --echo #
+--connection master
+--source include/save_master_pos.inc
 --connection slave
+--source include/sync_io_with_master.inc
 --let $io_log_pos= query_get_value('SHOW SLAVE STATUS', Read_Master_Log_Pos, 1)
 --let $io_log_file= query_get_value('SHOW SLAVE STATUS', Master_Log_File, 1)
 --source include/stop_slave.inc
diff --git a/mysql-test/suite/rpl/t/semisync_future-7591.test b/mysql-test/suite/rpl/t/semisync_future-7591.test
index 793d8bcc..ce01e41f 100644
--- a/mysql-test/suite/rpl/t/semisync_future-7591.test
+++ b/mysql-test/suite/rpl/t/semisync_future-7591.test
@@ -19,7 +19,7 @@ insert into t1 values (1);
 reset master;
 
 --connection slave
---source include/stop_slave.inc
+--source include/stop_slave_sql.inc
 --let $master_use_gtid_option= No
 --source include/reset_slave.inc
 --source include/start_slave.inc
diff --git a/mysql-test/suite/rpl/t/show_status_stop_slave_race-7126.test b/mysql-test/suite/rpl/t/show_status_stop_slave_race-7126.test
index 12794dbd..cd0f8aad 100644
--- a/mysql-test/suite/rpl/t/show_status_stop_slave_race-7126.test
+++ b/mysql-test/suite/rpl/t/show_status_stop_slave_race-7126.test
@@ -15,6 +15,9 @@ call mtr.add_suppression("Master is configured to log replication events");
 # All done.
 
 --connection slave
+# The parallel START SLAVE can leave an error condition if the last START was
+# aborted by the master due to conflicting server_id from multiple connections.
+--let $rpl_allow_error= 1
 --source include/wait_for_slave_to_stop.inc
 start slave;
 
diff --git a/mysql-test/suite/s3/amazon.result b/mysql-test/suite/s3/amazon.result
index 29075118..b24969ab 100644
--- a/mysql-test/suite/s3/amazon.result
+++ b/mysql-test/suite/s3/amazon.result
@@ -4,4 +4,14 @@ create table t1 (pk int primary key, a int);
 insert into t1 values (1,1),(2,2),(3,3),(4,4);
 alter table t1 engine=S3;
 drop table t1;
+set @@global.s3_protocol_version="Amazon";
+create table t1 (pk int primary key, a int);
+insert into t1 values (1,1),(2,2),(3,3),(4,4);
+alter table t1 engine=S3;
+drop table t1;
+set @@global.s3_protocol_version="Domain";
+create table t1 (pk int primary key, a int);
+insert into t1 values (1,1),(2,2),(3,3),(4,4);
+alter table t1 engine=S3;
+drop table t1;
 set @@global.s3_protocol_version=@save_s3_protocol_version;
diff --git a/mysql-test/suite/s3/amazon.test b/mysql-test/suite/s3/amazon.test
index 3c64cc28..bc9439ab 100644
--- a/mysql-test/suite/s3/amazon.test
+++ b/mysql-test/suite/s3/amazon.test
@@ -1,6 +1,6 @@
 --source include/have_s3.inc
 
-if (`SELECT @@s3_host_name <> "s3.amazonaws.com"`)
+if (`SELECT @@s3_host_name NOT LIKE "%.amazonaws.com"`)
 {
   skip Not connected to AWS;
 }
@@ -20,6 +20,22 @@ insert into t1 values (1,1),(2,2),(3,3),(4,4);
 alter table t1 engine=S3;
 drop table t1;
 
+set @@global.s3_protocol_version="Amazon";
+
+create table t1 (pk int primary key, a int);
+insert into t1 values (1,1),(2,2),(3,3),(4,4);
+--replace_result $database database
+alter table t1 engine=S3;
+drop table t1;
+
+set @@global.s3_protocol_version="Domain";
+
+create table t1 (pk int primary key, a int);
+insert into t1 values (1,1),(2,2),(3,3),(4,4);
+--replace_result $database database
+alter table t1 engine=S3;
+drop table t1;
+
 #
 # clean up
 #
diff --git a/mysql-test/suite/s3/debug.result b/mysql-test/suite/s3/debug.result
new file mode 100644
index 00000000..2dffcff8
--- /dev/null
+++ b/mysql-test/suite/s3/debug.result
@@ -0,0 +1,32 @@
+drop table if exists t1;
+#
+# MDEV-32884 Make s3_debug dynamic
+#
+create or replace table t1 (a int, b int, c varchar(1000), key (a), key(c)) engine=aria;
+insert into t1 select seq, seq+10, repeat(char(65+ mod(seq, 20)),mod(seq,1000)) from seq_1_to_100;
+alter table t1 engine=s3;
+show create table t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `a` int(11) DEFAULT NULL,
+  `b` int(11) DEFAULT NULL,
+  `c` varchar(1000) DEFAULT NULL,
+  KEY `a` (`a`),
+  KEY `c` (`c`)
+) ENGINE=S3 DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci PAGE_CHECKSUM=1
+select count(*) from t1;
+count(*)
+100
+flush table t1;
+NOT FOUND /s3_test_/ in mysqld.1.err
+set @@global.s3_debug=1;
+select count(*) from t1;
+count(*)
+100
+set @@global.s3_debug=0;
+FOUND 6 /s3_test_/ in mysqld.1.err
+select count(*) from t1;
+count(*)
+100
+drop table t1;
+FOUND 6 /s3_test_/ in mysqld.1.err
diff --git a/mysql-test/suite/s3/debug.test b/mysql-test/suite/s3/debug.test
new file mode 100644
index 00000000..67787d72
--- /dev/null
+++ b/mysql-test/suite/s3/debug.test
@@ -0,0 +1,34 @@
+--source include/have_s3.inc
+--source include/have_sequence.inc
+
+#
+# Create unique database for running the tests
+#
+--source create_database.inc
+--disable_warnings
+drop table if exists t1;
+--enable_warnings
+
+--echo #
+--echo # MDEV-32884 Make s3_debug dynamic
+--echo #
+
+create or replace table t1 (a int, b int, c varchar(1000), key (a), key(c)) engine=aria;
+insert into t1 select seq, seq+10, repeat(char(65+ mod(seq, 20)),mod(seq,1000)) from seq_1_to_100;
+alter table t1 engine=s3;
+show create table t1;
+select count(*) from t1;
+flush table t1;
+
+--let SEARCH_FILE=$MYSQLTEST_VARDIR/log/mysqld.1.err
+--let SEARCH_PATTERN=s3_test_
+--source include/search_pattern_in_file.inc
+set @@global.s3_debug=1;
+select count(*) from t1;
+set @@global.s3_debug=0;
+--source include/search_pattern_in_file.inc
+select count(*) from t1;
+drop table t1;
+--source include/search_pattern_in_file.inc
+
+--source drop_database.inc
diff --git a/mysql-test/suite/sql_sequence/alter.result b/mysql-test/suite/sql_sequence/alter.result
index 6d29876a..75da828c 100644
--- a/mysql-test/suite/sql_sequence/alter.result
+++ b/mysql-test/suite/sql_sequence/alter.result
@@ -210,8 +210,12 @@ create table t1 (a int);
 alter sequence t1 minvalue=100;
 ERROR 42S02: 'test.t1' is not a SEQUENCE
 drop table t1;
+#
+# MDEV-32795: ALTER SEQUENCE IF NOT EXISTS non_existing_seq Errors rather than note
+#
 alter sequence if exists t1 minvalue=100;
-ERROR 42S02: Unknown SEQUENCE: 't1'
+Warnings:
+Note	4091	Unknown SEQUENCE: 'test.t1'
 alter sequence t1 minvalue=100;
 ERROR 42S02: Unknown SEQUENCE: 't1'
 create sequence t1;
@@ -249,6 +253,55 @@ NEXTVAL(s)
 1
 DROP SEQUENCE s;
 #
+# MDEV-33169 Alter sequence 2nd ps fails while alter sequence 2nd time (no ps) succeeds
+#
+create sequence s;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 9223372036854775806 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+alter sequence s maxvalue 123;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+alter sequence s maxvalue 123;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+drop sequence s;
+create sequence s;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 9223372036854775806 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+prepare stmt from 'alter sequence s maxvalue 123';
+execute stmt;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+execute stmt;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+deallocate prepare stmt;
+drop sequence s;
+create sequence s;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 9223372036854775806 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+create procedure p() alter sequence s maxvalue 123;
+call p;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+call p;
+show create sequence s;
+Table	Create Table
+s	CREATE SEQUENCE `s` start with 1 minvalue 1 maxvalue 123 increment by 1 cache 1000 nocycle ENGINE=MyISAM
+drop procedure p;
+drop sequence s;
+#
+# End of 10.4 tests
+#
+#
 # MDEV-31607 ER_DUP_KEY in mysql.table_stats upon REANME on sequence
 #
 CREATE SEQUENCE s1 ENGINE=InnoDB;
@@ -262,3 +315,6 @@ s2	CREATE SEQUENCE `s2` start with 1 minvalue 1 maxvalue 9223372036854775806 inc
 DROP SEQUENCE s2;
 RENAME TABLE s1 TO s2;
 DROP SEQUENCE s2;
+#
+# End of 10.6 tests
+#
diff --git a/mysql-test/suite/sql_sequence/alter.test b/mysql-test/suite/sql_sequence/alter.test
index dab0e665..7b14055d 100644
--- a/mysql-test/suite/sql_sequence/alter.test
+++ b/mysql-test/suite/sql_sequence/alter.test
@@ -120,8 +120,12 @@ create table t1 (a int);
 alter sequence t1 minvalue=100;
 drop table t1;
 
---error ER_UNKNOWN_SEQUENCES
+--echo #
+--echo # MDEV-32795: ALTER SEQUENCE IF NOT EXISTS non_existing_seq Errors rather than note
+--echo #
+
 alter sequence if exists t1 minvalue=100;
+
 --error ER_UNKNOWN_SEQUENCES
 alter sequence t1 minvalue=100;
 
@@ -164,6 +168,41 @@ SELECT NEXTVAL(s);
 DROP SEQUENCE s;
 
 --echo #
+--echo # MDEV-33169 Alter sequence 2nd ps fails while alter sequence 2nd time (no ps) succeeds
+--echo #
+create sequence s;
+show create sequence s;
+alter sequence s maxvalue 123;
+show create sequence s;
+alter sequence s maxvalue 123;
+show create sequence s;
+drop sequence s;
+
+create sequence s;
+show create sequence s;
+prepare stmt from 'alter sequence s maxvalue 123';
+execute stmt;
+show create sequence s;
+execute stmt;
+show create sequence s;
+deallocate prepare stmt;
+drop sequence s;
+
+create sequence s;
+show create sequence s;
+create procedure p() alter sequence s maxvalue 123;
+call p;
+show create sequence s;
+call p;
+show create sequence s;
+drop procedure p;
+drop sequence s;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
+
+--echo #
 --echo # MDEV-31607 ER_DUP_KEY in mysql.table_stats upon REANME on sequence
 --echo #
 
@@ -176,3 +215,7 @@ RENAME TABLE s1 TO s2;
 DROP SEQUENCE s2;
 
 --enable_ps2_protocol
+
+--echo #
+--echo # End of 10.6 tests
+--echo #
diff --git a/mysql-test/suite/sys_vars/r/debug_basic.result b/mysql-test/suite/sys_vars/r/debug_basic.result
index a97ad65b..5a77446d 100644
--- a/mysql-test/suite/sys_vars/r/debug_basic.result
+++ b/mysql-test/suite/sys_vars/r/debug_basic.result
@@ -1,6 +1,4 @@
 set session debug="L";
-Warnings:
-Warning	1287	'@@debug' is deprecated and will be removed in a future release. Please use '@@debug_dbug' instead
 select @@global.debug="1";
 @@global.debug="1"
 0
diff --git a/mysql-test/suite/sys_vars/r/old_mode_basic.result b/mysql-test/suite/sys_vars/r/old_mode_basic.result
index 252316dc..776d45a1 100644
--- a/mysql-test/suite/sys_vars/r/old_mode_basic.result
+++ b/mysql-test/suite/sys_vars/r/old_mode_basic.result
@@ -114,8 +114,8 @@ SET @@global.old_mode = 4;
 SELECT @@global.old_mode;
 @@global.old_mode
 ZERO_DATE_TIME_CAST
-SET @@global.old_mode = 64;
-ERROR 42000: Variable 'old_mode' can't be set to the value of '64'
+SET @@global.old_mode = 128;
+ERROR 42000: Variable 'old_mode' can't be set to the value of '128'
 SELECT @@global.old_mode;
 @@global.old_mode
 ZERO_DATE_TIME_CAST
diff --git a/mysql-test/suite/sys_vars/r/old_passwords_func.result b/mysql-test/suite/sys_vars/r/old_passwords_func.result
index 6bd06093..fb250eeb 100644
--- a/mysql-test/suite/sys_vars/r/old_passwords_func.result
+++ b/mysql-test/suite/sys_vars/r/old_passwords_func.result
@@ -9,6 +9,8 @@ SET GLOBAL old_passwords = TRUE;
 SET SESSION old_passwords = TRUE;
 CREATE USER 'userOldPass'@'localhost' IDENTIFIED BY 'pass3';
 SET GLOBAL secure_auth = FALSE;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 connect  con1,localhost,userNewPass1,pass1,;
 SELECT CURRENT_USER();
 CURRENT_USER()
@@ -30,6 +32,8 @@ disconnect con2;
 disconnect con3;
 '#------------------------FN_DYNVARS_115_02---------------------------#'
 SET GLOBAL secure_auth = TRUE;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 connect  con1,localhost,userNewPass1,pass1,;
 SELECT CURRENT_USER();
 CURRENT_USER()
@@ -55,3 +59,5 @@ DROP USER 'userOldPass'@'localhost';
 SET @@GLOBAL.old_passwords = @global_old_passwords;
 SET @@SESSION.old_passwords = @session_old_passwords;
 SET @@GLOBAL.secure_auth = @global_secure_auth;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
diff --git a/mysql-test/suite/sys_vars/r/pseudo_slave_mode_notembedded.result b/mysql-test/suite/sys_vars/r/pseudo_slave_mode_notembedded.result
new file mode 100644
index 00000000..3246a309
--- /dev/null
+++ b/mysql-test/suite/sys_vars/r/pseudo_slave_mode_notembedded.result
@@ -0,0 +1,14 @@
+'### MDEV-32844: THD::rli_fake/rgi_fake not cleared on new connection'
+connect con1,localhost,root,,;
+BINLOG '
+6ENbZQ8BAAAA/AAAAAABAAAAAAQAMTAuMTEuNi1NYXJpYURCLWRlYnVnLWxvZwAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAADoQ1tlEzgNAAgAEgAEBAQEEgAA5AAEGggAAAAICAgCAAAACgoKAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAEEwQADQgICAoKCgGbvv33
+';
+disconnect con1;
+connect con1,localhost,root,,;
+SET SESSION pseudo_slave_mode= 1;
+disconnect con1;
+connection default;
diff --git a/mysql-test/suite/sys_vars/r/secure_auth_basic.result b/mysql-test/suite/sys_vars/r/secure_auth_basic.result
index 35f283de..66763fc5 100644
--- a/mysql-test/suite/sys_vars/r/secure_auth_basic.result
+++ b/mysql-test/suite/sys_vars/r/secure_auth_basic.result
@@ -4,7 +4,11 @@ SELECT @global_start_value;
 1
 '#--------------------FN_DYNVARS_143_01------------------------#'
 SET @@global.secure_auth = 1;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SET @@global.secure_auth = DEFAULT;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
@@ -17,15 +21,21 @@ SELECT @@secure_auth;
 SELECT global.secure_auth;
 ERROR 42S02: Unknown table 'global' in field list
 SET global secure_auth = 1;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
 '#--------------------FN_DYNVARS_143_03------------------------#'
 SET @@global.secure_auth = 0;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 0
 SET @@global.secure_auth = 1;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
@@ -83,23 +93,33 @@ VARIABLE_VALUE
 ON
 '#---------------------FN_DYNVARS_143_08-------------------------#'
 SET @@global.secure_auth = OFF;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 0
 SET @@global.secure_auth = ON;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
 '#---------------------FN_DYNVARS_143_09----------------------#'
 SET @@global.secure_auth = TRUE;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
 SET @@global.secure_auth = FALSE;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 0
 SET @@global.secure_auth = @global_start_value;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SELECT @@global.secure_auth;
 @@global.secure_auth
 1
diff --git a/mysql-test/suite/sys_vars/r/secure_auth_func.result b/mysql-test/suite/sys_vars/r/secure_auth_func.result
index 97d22fac..ee0d6146 100644
--- a/mysql-test/suite/sys_vars/r/secure_auth_func.result
+++ b/mysql-test/suite/sys_vars/r/secure_auth_func.result
@@ -8,6 +8,8 @@ SELECT @@GLOBAL.secure_auth;
 1 / ON Expected
 '#--------------------FN_DYNVARS_144_02-------------------------#'
 SET GLOBAL secure_auth = OFF;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 CREATE USER 'testUser'@'localhost' IDENTIFIED BY 'newpass';
 connect  con_user1,localhost,testUser,newpass,;
 connection default;
@@ -16,6 +18,8 @@ connect  con_user2,localhost,testUser,newpass,;
 connection default;
 '#--------------------FN_DYNVARS_144_03-------------------------#'
 SET GLOBAL secure_auth = ON;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SET PASSWORD FOR 'testUser'@'localhost' = PASSWORD('newpass');
 connect  con_user3,localhost,testUser,newpass,;
 connection default;
@@ -27,6 +31,8 @@ SET PASSWORD FOR 'testUser'@'localhost' = PASSWORD('newpass');
 connect  con_user4,localhost,testUser,newpass,;
 connection default;
 SET GLOBAL secure_auth = @old_secure_auth;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 disconnect con_user1;
 disconnect con_user2;
 disconnect con_user3;
diff --git a/mysql-test/suite/sys_vars/r/secure_auth_grant.result b/mysql-test/suite/sys_vars/r/secure_auth_grant.result
index ed33eb33..ea4b1b09 100644
--- a/mysql-test/suite/sys_vars/r/secure_auth_grant.result
+++ b/mysql-test/suite/sys_vars/r/secure_auth_grant.result
@@ -23,6 +23,8 @@ GRANT CONNECTION ADMIN ON *.* TO user1@localhost;
 connect user1,localhost,user1,,;
 connection user1;
 SET GLOBAL secure_auth=1;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SET secure_auth=1;
 ERROR HY000: Variable 'secure_auth' is a GLOBAL variable and should be set with SET GLOBAL
 SET SESSION secure_auth=1;
@@ -36,6 +38,8 @@ GRANT SUPER ON *.* TO user1@localhost;
 connect user1,localhost,user1,,;
 connection user1;
 SET GLOBAL secure_auth=1;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
 SET secure_auth=1;
 ERROR HY000: Variable 'secure_auth' is a GLOBAL variable and should be set with SET GLOBAL
 SET SESSION secure_auth=1;
@@ -44,3 +48,5 @@ disconnect user1;
 connection default;
 DROP USER user1@localhost;
 SET @@global.secure_auth=@global;
+Warnings:
+Warning	1287	'@@secure_auth' is deprecated and will be removed in a future release
diff --git a/mysql-test/suite/sys_vars/r/sysvars_debug.result b/mysql-test/suite/sys_vars/r/sysvars_debug.result
index fc04ac83..01f74170 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_debug.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_debug.result
@@ -38,7 +38,7 @@ GLOBAL_VALUE_ORIGIN	COMPILE-TIME
 DEFAULT_VALUE	
 VARIABLE_SCOPE	SESSION
 VARIABLE_TYPE	VARCHAR
-VARIABLE_COMMENT	Built-in DBUG debugger
+VARIABLE_COMMENT	Built-in DBUG debugger. Alias for --debug
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_embedded,32bit.rdiff b/mysql-test/suite/sys_vars/r/sysvars_server_embedded,32bit.rdiff
index 1ba2756f..e7621986 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_embedded,32bit.rdiff
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_embedded,32bit.rdiff
@@ -1,3 +1,5 @@
+--- sysvars_server_embedded.result	2024-01-24 07:43:25.510260081 +0100
++++ sysvars_server_embedded,32bit.result	2024-01-28 18:07:02.851488186 +0100
 @@ -44,7 +44,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	ARIA_BLOCK_SIZE
@@ -429,7 +431,7 @@
  VARIABLE_SCOPE	SESSION
 -VARIABLE_TYPE	BIGINT UNSIGNED
 +VARIABLE_TYPE	INT UNSIGNED
- VARIABLE_COMMENT	Log some not critical warnings to the general log file.Value can be between 0 and 11. Higher values mean more verbosity
+ VARIABLE_COMMENT	Log some non critical warnings to the error log.Value can be between 0 and 11. Higher values mean more verbosity
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
 @@ -1834,7 +1834,7 @@
@@ -722,6 +724,15 @@
  NUMERIC_MAX_VALUE	4294967295
 @@ -2324,7 +2324,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_ADJUST_SECONDARY_KEY_COSTS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	0 = No changes. 1 = Update secondary key costs for ranges to be at least 5x of clustered primary key costs. 2 = Remove 'max_seek optimization' for secondary keys and slight adjustment of filter cost. This option will be deleted in MariaDB 11.0 as it is not needed with the new 11.0 optimizer.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	2
+@@ -2334,7 +2334,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_EXTRA_PRUNING_DEPTH
  VARIABLE_SCOPE	SESSION
 -VARIABLE_TYPE	BIGINT UNSIGNED
@@ -729,7 +740,7 @@
  VARIABLE_COMMENT	If the optimizer needs to enumerate join prefix of this size or larger, then it will try aggressively prune away the search space.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	62
-@@ -2334,7 +2334,7 @@
+@@ -2344,7 +2344,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARGS
  VARIABLE_SCOPE	SESSION
@@ -738,7 +749,7 @@
  VARIABLE_COMMENT	The maximum number of SEL_ARG objects created when optimizing a range. If more objects would be needed, the range will not be used by the optimizer.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2344,7 +2344,7 @@
+@@ -2354,7 +2354,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARG_WEIGHT
  VARIABLE_SCOPE	SESSION
@@ -747,7 +758,7 @@
  VARIABLE_COMMENT	The maximum weight of the SEL_ARG graph. Set to 0 for no limit
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2354,7 +2354,7 @@
+@@ -2364,7 +2364,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_PRUNE_LEVEL
  VARIABLE_SCOPE	SESSION
@@ -756,7 +767,7 @@
  VARIABLE_COMMENT	Controls the heuristic(s) applied during query optimization to prune less-promising partial plans from the optimizer search space. Meaning: 0 - do not apply any heuristic, thus perform exhaustive search: 1 - prune plans based on cost and number of retrieved rows eq_ref: 2 - prune also if we find an eq_ref chain
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	2
-@@ -2364,7 +2364,7 @@
+@@ -2374,7 +2374,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_SEARCH_DEPTH
  VARIABLE_SCOPE	SESSION
@@ -765,7 +776,7 @@
  VARIABLE_COMMENT	Maximum depth of search performed by the query optimizer. Values larger than the number of relations in a query result in better query plans, but take longer to compile a query. Values smaller than the number of tables in a relation result in faster optimization, but may produce very bad query plans. If set to 0, the system will automatically pick a reasonable value.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	62
-@@ -2374,7 +2374,7 @@
+@@ -2384,7 +2384,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_SELECTIVITY_SAMPLING_LIMIT
  VARIABLE_SCOPE	SESSION
@@ -774,7 +785,7 @@
  VARIABLE_COMMENT	Controls number of record samples to check condition selectivity
  NUMERIC_MIN_VALUE	10
  NUMERIC_MAX_VALUE	4294967295
-@@ -2404,17 +2404,17 @@
+@@ -2414,17 +2414,17 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_TRACE_MAX_MEM_SIZE
  VARIABLE_SCOPE	SESSION
@@ -795,7 +806,7 @@
  VARIABLE_COMMENT	Controls selectivity of which conditions the optimizer takes into account to calculate cardinality of a partial join when it searches for the best execution plan Meaning: 1 - use selectivity of index backed range conditions to calculate the cardinality of a partial join if the last joined table is accessed by full table scan or an index scan, 2 - use selectivity of index backed range conditions to calculate the cardinality of a partial join in any case, 3 - additionally always use selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join, 4 - use histograms to calculate selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join.5 - additionally use selectivity of certain non-range predicates calculated on record samples
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	5
-@@ -2434,7 +2434,7 @@
+@@ -2444,7 +2444,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	PERFORMANCE_SCHEMA_ACCOUNTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -804,7 +815,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented user@host accounts. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2444,7 +2444,7 @@
+@@ -2454,7 +2454,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_DIGESTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -813,7 +824,7 @@
  VARIABLE_COMMENT	Size of the statement digest. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2454,7 +2454,7 @@
+@@ -2464,7 +2464,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -822,7 +833,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_STAGES_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2464,7 +2464,7 @@
+@@ -2474,7 +2474,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -831,7 +842,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STAGES_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2474,7 +2474,7 @@
+@@ -2484,7 +2484,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -840,7 +851,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_STATEMENTS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2484,7 +2484,7 @@
+@@ -2494,7 +2494,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -849,7 +860,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2494,7 +2494,7 @@
+@@ -2504,7 +2504,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -858,7 +869,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_TRANSACTIONS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2504,7 +2504,7 @@
+@@ -2514,7 +2514,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -867,7 +878,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_TRANSACTIONS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2514,7 +2514,7 @@
+@@ -2524,7 +2524,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -876,7 +887,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_WAITS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2524,7 +2524,7 @@
+@@ -2534,7 +2534,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -885,7 +896,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_WAITS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2534,7 +2534,7 @@
+@@ -2544,7 +2544,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_HOSTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -894,7 +905,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented hosts. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2544,7 +2544,7 @@
+@@ -2554,7 +2554,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -903,7 +914,7 @@
  VARIABLE_COMMENT	Maximum number of condition instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2554,7 +2554,7 @@
+@@ -2564,7 +2564,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -912,7 +923,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented condition objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2564,7 +2564,7 @@
+@@ -2574,7 +2574,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_DIGEST_LENGTH
  VARIABLE_SCOPE	GLOBAL
@@ -921,7 +932,7 @@
  VARIABLE_COMMENT	Maximum length considered for digest text, when stored in performance_schema tables.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2574,7 +2574,7 @@
+@@ -2584,7 +2584,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -930,7 +941,7 @@
  VARIABLE_COMMENT	Maximum number of file instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2584,7 +2584,7 @@
+@@ -2594,7 +2594,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_HANDLES
  VARIABLE_SCOPE	GLOBAL
@@ -939,7 +950,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented files.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2594,7 +2594,7 @@
+@@ -2604,7 +2604,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -948,7 +959,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented files. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2604,7 +2604,7 @@
+@@ -2614,7 +2614,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_INDEX_STAT
  VARIABLE_SCOPE	GLOBAL
@@ -957,7 +968,7 @@
  VARIABLE_COMMENT	Maximum number of index statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2614,7 +2614,7 @@
+@@ -2624,7 +2624,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MEMORY_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -966,7 +977,7 @@
  VARIABLE_COMMENT	Maximum number of memory pool instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1024
-@@ -2624,7 +2624,7 @@
+@@ -2634,7 +2634,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_METADATA_LOCKS
  VARIABLE_SCOPE	GLOBAL
@@ -975,7 +986,7 @@
  VARIABLE_COMMENT	Maximum number of metadata locks. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2634,7 +2634,7 @@
+@@ -2644,7 +2644,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -984,7 +995,7 @@
  VARIABLE_COMMENT	Maximum number of mutex instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2644,7 +2644,7 @@
+@@ -2654,7 +2654,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -993,7 +1004,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented MUTEX objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2654,7 +2654,7 @@
+@@ -2664,7 +2664,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PREPARED_STATEMENTS_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1002,7 +1013,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented prepared statements. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2664,7 +2664,7 @@
+@@ -2674,7 +2674,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PROGRAM_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1011,7 +1022,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented programs. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2674,7 +2674,7 @@
+@@ -2684,7 +2684,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1020,7 +1031,7 @@
  VARIABLE_COMMENT	Maximum number of rwlock instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2684,7 +2684,7 @@
+@@ -2694,7 +2694,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1029,7 +1040,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented RWLOCK objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2694,7 +2694,7 @@
+@@ -2704,7 +2704,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1038,7 +1049,7 @@
  VARIABLE_COMMENT	Maximum number of socket instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2704,7 +2704,7 @@
+@@ -2714,7 +2714,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1047,7 +1058,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented sockets. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2714,7 +2714,7 @@
+@@ -2724,7 +2724,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SQL_TEXT_LENGTH
  VARIABLE_SCOPE	GLOBAL
@@ -1056,7 +1067,7 @@
  VARIABLE_COMMENT	Maximum length of displayed sql text.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2724,7 +2724,7 @@
+@@ -2734,7 +2734,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STAGE_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1065,7 +1076,7 @@
  VARIABLE_COMMENT	Maximum number of stage instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2734,7 +2734,7 @@
+@@ -2744,7 +2744,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1074,7 +1085,7 @@
  VARIABLE_COMMENT	Maximum number of statement instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2744,7 +2744,7 @@
+@@ -2754,7 +2754,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_STACK
  VARIABLE_SCOPE	GLOBAL
@@ -1083,7 +1094,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_CURRENT.
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	256
-@@ -2754,7 +2754,7 @@
+@@ -2764,7 +2764,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_HANDLES
  VARIABLE_SCOPE	GLOBAL
@@ -1092,7 +1103,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented tables. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2764,7 +2764,7 @@
+@@ -2774,7 +2774,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1101,7 +1112,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented tables. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2774,7 +2774,7 @@
+@@ -2784,7 +2784,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_LOCK_STAT
  VARIABLE_SCOPE	GLOBAL
@@ -1110,7 +1121,7 @@
  VARIABLE_COMMENT	Maximum number of lock statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2784,7 +2784,7 @@
+@@ -2794,7 +2794,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1119,7 +1130,7 @@
  VARIABLE_COMMENT	Maximum number of thread instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2794,7 +2794,7 @@
+@@ -2804,7 +2804,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1128,7 +1139,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented threads. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2804,7 +2804,7 @@
+@@ -2814,7 +2814,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SESSION_CONNECT_ATTRS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1137,7 +1148,7 @@
  VARIABLE_COMMENT	Size of session attribute string buffer per thread. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2814,7 +2814,7 @@
+@@ -2824,7 +2824,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_ACTORS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1146,7 +1157,7 @@
  VARIABLE_COMMENT	Maximum number of rows in SETUP_ACTORS.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2824,7 +2824,7 @@
+@@ -2834,7 +2834,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_OBJECTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1155,7 +1166,7 @@
  VARIABLE_COMMENT	Maximum number of rows in SETUP_OBJECTS.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2834,7 +2834,7 @@
+@@ -2844,7 +2844,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_USERS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1164,7 +1175,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented users. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2884,7 +2884,7 @@
+@@ -2894,7 +2894,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PRELOAD_BUFFER_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1173,7 +1184,7 @@
  VARIABLE_COMMENT	The size of the buffer that is allocated when preloading indexes
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	1073741824
-@@ -2904,7 +2904,7 @@
+@@ -2914,7 +2914,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	PROFILING_HISTORY_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1182,7 +1193,7 @@
  VARIABLE_COMMENT	Number of statements about which profiling information is maintained. If set to 0, no profiles are stored. See SHOW PROFILES.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	100
-@@ -2914,7 +2914,7 @@
+@@ -2924,7 +2924,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PROGRESS_REPORT_TIME
  VARIABLE_SCOPE	SESSION
@@ -1191,7 +1202,7 @@
  VARIABLE_COMMENT	Seconds between sending progress reports to the client for time-consuming statements. Set to 0 to disable progress reporting.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2974,7 +2974,7 @@
+@@ -2984,7 +2984,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	QUERY_ALLOC_BLOCK_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1200,7 +1211,7 @@
  VARIABLE_COMMENT	Allocation block size for query parsing and execution
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	4294967295
-@@ -2984,7 +2984,7 @@
+@@ -2994,7 +2994,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	QUERY_CACHE_LIMIT
  VARIABLE_SCOPE	GLOBAL
@@ -1209,7 +1220,7 @@
  VARIABLE_COMMENT	Don't cache results that are bigger than this
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2994,7 +2994,7 @@
+@@ -3004,7 +3004,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	QUERY_CACHE_MIN_RES_UNIT
  VARIABLE_SCOPE	GLOBAL
@@ -1218,7 +1229,7 @@
  VARIABLE_COMMENT	The minimum size for blocks allocated by the query cache
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -3007,7 +3007,7 @@
+@@ -3017,7 +3017,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	The memory allocated to store results from old queries
  NUMERIC_MIN_VALUE	0
@@ -1227,7 +1238,7 @@
  NUMERIC_BLOCK_SIZE	1024
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3044,7 +3044,7 @@
+@@ -3054,7 +3054,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	QUERY_PREALLOC_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1236,7 +1247,7 @@
  VARIABLE_COMMENT	Persistent buffer for query parsing and execution
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	4294967295
-@@ -3057,7 +3057,7 @@
+@@ -3067,7 +3067,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
  NUMERIC_MIN_VALUE	0
@@ -1245,7 +1256,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3067,14 +3067,14 @@
+@@ -3077,14 +3077,14 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
  NUMERIC_MIN_VALUE	0
@@ -1262,7 +1273,7 @@
  VARIABLE_COMMENT	Allocation block size for storing ranges during optimization
  NUMERIC_MIN_VALUE	4096
  NUMERIC_MAX_VALUE	4294967295
-@@ -3084,7 +3084,7 @@
+@@ -3094,7 +3094,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	READ_BUFFER_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1271,7 +1282,7 @@
  VARIABLE_COMMENT	Each thread that does a sequential scan allocates a buffer of this size for each table it scans. If you do many sequential scans, you may want to increase this value
  NUMERIC_MIN_VALUE	8192
  NUMERIC_MAX_VALUE	2147483647
-@@ -3104,7 +3104,7 @@
+@@ -3114,7 +3114,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	READ_RND_BUFFER_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1280,7 +1291,7 @@
  VARIABLE_COMMENT	When reading rows in sorted order after a sort, the rows are read through this buffer to avoid a disk seeks
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	2147483647
-@@ -3124,10 +3124,10 @@
+@@ -3134,10 +3134,10 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	ROWID_MERGE_BUFF_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1293,7 +1304,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3164,7 +3164,7 @@
+@@ -3174,7 +3174,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SERVER_ID
  VARIABLE_SCOPE	SESSION
@@ -1302,7 +1313,7 @@
  VARIABLE_COMMENT	Uniquely identifies the server instance in the community of replication partners
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	4294967295
-@@ -3244,7 +3244,7 @@
+@@ -3254,7 +3254,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	SLAVE_MAX_ALLOWED_PACKET
  VARIABLE_SCOPE	GLOBAL
@@ -1311,7 +1322,7 @@
  VARIABLE_COMMENT	The maximum packet length to sent successfully from the master to slave.
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	1073741824
-@@ -3254,7 +3254,7 @@
+@@ -3264,7 +3264,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLOW_LAUNCH_TIME
  VARIABLE_SCOPE	GLOBAL
@@ -1320,7 +1331,7 @@
  VARIABLE_COMMENT	If creating the thread takes longer than this value (in seconds), the Slow_launch_threads counter will be incremented
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	31536000
-@@ -3297,7 +3297,7 @@
+@@ -3307,7 +3307,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Each thread that needs to do a sort allocates a buffer of this size
  NUMERIC_MIN_VALUE	1024
@@ -1329,7 +1340,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3514,7 +3514,7 @@
+@@ -3524,7 +3524,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	STORED_PROGRAM_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1338,7 +1349,7 @@
  VARIABLE_COMMENT	The soft upper limit for number of cached stored routines for one connection.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	524288
-@@ -3604,7 +3604,7 @@
+@@ -3614,7 +3614,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	TABLE_DEFINITION_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1347,7 +1358,7 @@
  VARIABLE_COMMENT	The number of cached table definitions
  NUMERIC_MIN_VALUE	400
  NUMERIC_MAX_VALUE	2097152
-@@ -3614,7 +3614,7 @@
+@@ -3624,7 +3624,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	TABLE_OPEN_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1356,7 +1367,7 @@
  VARIABLE_COMMENT	The number of cached open tables
  NUMERIC_MIN_VALUE	10
  NUMERIC_MAX_VALUE	1048576
-@@ -3674,7 +3674,7 @@
+@@ -3684,7 +3684,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	THREAD_CACHE_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1365,7 +1376,7 @@
  VARIABLE_COMMENT	How many threads we should keep in a cache for reuse. These are freed after 5 minutes of idle time
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	16384
-@@ -3757,7 +3757,7 @@
+@@ -3767,7 +3767,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Max size for data for an internal temporary on-disk MyISAM or Aria table.
  NUMERIC_MIN_VALUE	1024
@@ -1374,7 +1385,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3767,7 +3767,7 @@
+@@ -3777,7 +3777,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table. Same as tmp_table_size.
  NUMERIC_MIN_VALUE	0
@@ -1383,7 +1394,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3777,14 +3777,14 @@
+@@ -3787,14 +3787,14 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Alias for tmp_memory_table_size. If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table.
  NUMERIC_MIN_VALUE	0
@@ -1400,7 +1411,7 @@
  VARIABLE_COMMENT	Allocation block size for transactions to be stored in binary log
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	134217728
-@@ -3794,7 +3794,7 @@
+@@ -3804,7 +3804,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	TRANSACTION_PREALLOC_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1409,7 +1420,7 @@
  VARIABLE_COMMENT	Persistent buffer for transactions to be stored in binary log
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	134217728
-@@ -3934,7 +3934,7 @@
+@@ -3944,7 +3944,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	WAIT_TIMEOUT
  VARIABLE_SCOPE	SESSION
@@ -1418,7 +1429,7 @@
  VARIABLE_COMMENT	The number of seconds the server waits for activity on a connection before closing it
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	31536000
-@@ -3961,7 +3961,7 @@
+@@ -3971,7 +3971,7 @@
  VARIABLE_NAME	LOG_TC_SIZE
  GLOBAL_VALUE_ORIGIN	AUTO
  VARIABLE_SCOPE	GLOBAL
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result b/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
index 48eb32e9..96e1c92c 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_embedded.result
@@ -1785,7 +1785,7 @@ COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	LOG_WARNINGS
 VARIABLE_SCOPE	SESSION
 VARIABLE_TYPE	BIGINT UNSIGNED
-VARIABLE_COMMENT	Log some not critical warnings to the general log file.Value can be between 0 and 11. Higher values mean more verbosity
+VARIABLE_COMMENT	Log some non critical warnings to the error log.Value can be between 0 and 11. Higher values mean more verbosity
 NUMERIC_MIN_VALUE	0
 NUMERIC_MAX_VALUE	4294967295
 NUMERIC_BLOCK_SIZE	1
@@ -2299,7 +2299,7 @@ VARIABLE_COMMENT	Used to emulate old behavior from earlier MariaDB or MySQL vers
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
-ENUM_VALUE_LIST	NO_DUP_KEY_WARNINGS_WITH_IGNORE,NO_PROGRESS_INFO,ZERO_DATE_TIME_CAST,UTF8_IS_UTF8MB3,IGNORE_INDEX_ONLY_FOR_JOIN,COMPAT_5_1_CHECKSUM
+ENUM_VALUE_LIST	NO_DUP_KEY_WARNINGS_WITH_IGNORE,NO_PROGRESS_INFO,ZERO_DATE_TIME_CAST,UTF8_IS_UTF8MB3,IGNORE_INDEX_ONLY_FOR_JOIN,COMPAT_5_1_CHECKSUM,NO_NULL_COLLATION_IDS
 READ_ONLY	NO
 COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	OLD_PASSWORDS
@@ -2322,6 +2322,16 @@ NUMERIC_BLOCK_SIZE	1
 ENUM_VALUE_LIST	NULL
 READ_ONLY	YES
 COMMAND_LINE_ARGUMENT	REQUIRED
+VARIABLE_NAME	OPTIMIZER_ADJUST_SECONDARY_KEY_COSTS
+VARIABLE_SCOPE	SESSION
+VARIABLE_TYPE	BIGINT UNSIGNED
+VARIABLE_COMMENT	0 = No changes. 1 = Update secondary key costs for ranges to be at least 5x of clustered primary key costs. 2 = Remove 'max_seek optimization' for secondary keys and slight adjustment of filter cost. This option will be deleted in MariaDB 11.0 as it is not needed with the new 11.0 optimizer.
+NUMERIC_MIN_VALUE	0
+NUMERIC_MAX_VALUE	2
+NUMERIC_BLOCK_SIZE	1
+ENUM_VALUE_LIST	NULL
+READ_ONLY	NO
+COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	OPTIMIZER_EXTRA_PRUNING_DEPTH
 VARIABLE_SCOPE	SESSION
 VARIABLE_TYPE	BIGINT UNSIGNED
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,32bit.rdiff b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,32bit.rdiff
index b23840af..a3f9acf3 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,32bit.rdiff
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,32bit.rdiff
@@ -1,3 +1,5 @@
+--- sysvars_server_notembedded.result	2024-01-28 17:50:35.442241137 +0100
++++ sysvars_server_notembedded,32bit.result	2024-01-28 17:51:20.662078993 +0100
 @@ -44,7 +44,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	ARIA_BLOCK_SIZE
@@ -429,7 +431,7 @@
  VARIABLE_SCOPE	SESSION
 -VARIABLE_TYPE	BIGINT UNSIGNED
 +VARIABLE_TYPE	INT UNSIGNED
- VARIABLE_COMMENT	Log some not critical warnings to the general log file.Value can be between 0 and 11. Higher values mean more verbosity
+ VARIABLE_COMMENT	Log some non critical warnings to the error log.Value can be between 0 and 11. Higher values mean more verbosity
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
 @@ -1994,7 +1994,7 @@
@@ -722,6 +724,15 @@
  NUMERIC_MAX_VALUE	4294967295
 @@ -2494,7 +2494,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_ADJUST_SECONDARY_KEY_COSTS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	0 = No changes. 1 = Update secondary key costs for ranges to be at least 5x of clustered primary key costs. 2 = Remove 'max_seek optimization' for secondary keys and slight adjustment of filter cost. This option will be deleted in MariaDB 11.0 as it is not needed with the new 11.0 optimizer.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	2
+@@ -2504,7 +2504,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_EXTRA_PRUNING_DEPTH
  VARIABLE_SCOPE	SESSION
 -VARIABLE_TYPE	BIGINT UNSIGNED
@@ -729,7 +740,7 @@
  VARIABLE_COMMENT	If the optimizer needs to enumerate join prefix of this size or larger, then it will try aggressively prune away the search space.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	62
-@@ -2504,7 +2504,7 @@
+@@ -2514,7 +2514,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARGS
  VARIABLE_SCOPE	SESSION
@@ -738,7 +749,7 @@
  VARIABLE_COMMENT	The maximum number of SEL_ARG objects created when optimizing a range. If more objects would be needed, the range will not be used by the optimizer.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2514,7 +2514,7 @@
+@@ -2524,7 +2524,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARG_WEIGHT
  VARIABLE_SCOPE	SESSION
@@ -747,7 +758,7 @@
  VARIABLE_COMMENT	The maximum weight of the SEL_ARG graph. Set to 0 for no limit
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -2524,7 +2524,7 @@
+@@ -2534,7 +2534,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_PRUNE_LEVEL
  VARIABLE_SCOPE	SESSION
@@ -756,7 +767,7 @@
  VARIABLE_COMMENT	Controls the heuristic(s) applied during query optimization to prune less-promising partial plans from the optimizer search space. Meaning: 0 - do not apply any heuristic, thus perform exhaustive search: 1 - prune plans based on cost and number of retrieved rows eq_ref: 2 - prune also if we find an eq_ref chain
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	2
-@@ -2534,7 +2534,7 @@
+@@ -2544,7 +2544,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_SEARCH_DEPTH
  VARIABLE_SCOPE	SESSION
@@ -765,7 +776,7 @@
  VARIABLE_COMMENT	Maximum depth of search performed by the query optimizer. Values larger than the number of relations in a query result in better query plans, but take longer to compile a query. Values smaller than the number of tables in a relation result in faster optimization, but may produce very bad query plans. If set to 0, the system will automatically pick a reasonable value.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	62
-@@ -2544,7 +2544,7 @@
+@@ -2554,7 +2554,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_SELECTIVITY_SAMPLING_LIMIT
  VARIABLE_SCOPE	SESSION
@@ -774,7 +785,7 @@
  VARIABLE_COMMENT	Controls number of record samples to check condition selectivity
  NUMERIC_MIN_VALUE	10
  NUMERIC_MAX_VALUE	4294967295
-@@ -2574,17 +2574,17 @@
+@@ -2584,17 +2584,17 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	OPTIMIZER_TRACE_MAX_MEM_SIZE
  VARIABLE_SCOPE	SESSION
@@ -795,7 +806,7 @@
  VARIABLE_COMMENT	Controls selectivity of which conditions the optimizer takes into account to calculate cardinality of a partial join when it searches for the best execution plan Meaning: 1 - use selectivity of index backed range conditions to calculate the cardinality of a partial join if the last joined table is accessed by full table scan or an index scan, 2 - use selectivity of index backed range conditions to calculate the cardinality of a partial join in any case, 3 - additionally always use selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join, 4 - use histograms to calculate selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join.5 - additionally use selectivity of certain non-range predicates calculated on record samples
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	5
-@@ -2604,7 +2604,7 @@
+@@ -2614,7 +2614,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	PERFORMANCE_SCHEMA_ACCOUNTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -804,7 +815,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented user@host accounts. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2614,7 +2614,7 @@
+@@ -2624,7 +2624,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_DIGESTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -813,7 +824,7 @@
  VARIABLE_COMMENT	Size of the statement digest. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2624,7 +2624,7 @@
+@@ -2634,7 +2634,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -822,7 +833,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_STAGES_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2634,7 +2634,7 @@
+@@ -2644,7 +2644,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -831,7 +842,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STAGES_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2644,7 +2644,7 @@
+@@ -2654,7 +2654,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -840,7 +851,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_STATEMENTS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2654,7 +2654,7 @@
+@@ -2664,7 +2664,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -849,7 +860,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2664,7 +2664,7 @@
+@@ -2674,7 +2674,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -858,7 +869,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_TRANSACTIONS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2674,7 +2674,7 @@
+@@ -2684,7 +2684,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -867,7 +878,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_TRANSACTIONS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2684,7 +2684,7 @@
+@@ -2694,7 +2694,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_LONG_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -876,7 +887,7 @@
  VARIABLE_COMMENT	Number of rows in EVENTS_WAITS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2694,7 +2694,7 @@
+@@ -2704,7 +2704,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -885,7 +896,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_WAITS_HISTORY. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2704,7 +2704,7 @@
+@@ -2714,7 +2714,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_HOSTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -894,7 +905,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented hosts. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2714,7 +2714,7 @@
+@@ -2724,7 +2724,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -903,7 +914,7 @@
  VARIABLE_COMMENT	Maximum number of condition instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2724,7 +2724,7 @@
+@@ -2734,7 +2734,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -912,7 +923,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented condition objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2734,7 +2734,7 @@
+@@ -2744,7 +2744,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_DIGEST_LENGTH
  VARIABLE_SCOPE	GLOBAL
@@ -921,7 +932,7 @@
  VARIABLE_COMMENT	Maximum length considered for digest text, when stored in performance_schema tables.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2744,7 +2744,7 @@
+@@ -2754,7 +2754,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -930,7 +941,7 @@
  VARIABLE_COMMENT	Maximum number of file instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2754,7 +2754,7 @@
+@@ -2764,7 +2764,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_HANDLES
  VARIABLE_SCOPE	GLOBAL
@@ -939,7 +950,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented files.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2764,7 +2764,7 @@
+@@ -2774,7 +2774,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -948,7 +959,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented files. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2774,7 +2774,7 @@
+@@ -2784,7 +2784,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_INDEX_STAT
  VARIABLE_SCOPE	GLOBAL
@@ -957,7 +968,7 @@
  VARIABLE_COMMENT	Maximum number of index statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2784,7 +2784,7 @@
+@@ -2794,7 +2794,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MEMORY_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -966,7 +977,7 @@
  VARIABLE_COMMENT	Maximum number of memory pool instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1024
-@@ -2794,7 +2794,7 @@
+@@ -2804,7 +2804,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_METADATA_LOCKS
  VARIABLE_SCOPE	GLOBAL
@@ -975,7 +986,7 @@
  VARIABLE_COMMENT	Maximum number of metadata locks. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2804,7 +2804,7 @@
+@@ -2814,7 +2814,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -984,7 +995,7 @@
  VARIABLE_COMMENT	Maximum number of mutex instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2814,7 +2814,7 @@
+@@ -2824,7 +2824,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -993,7 +1004,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented MUTEX objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2824,7 +2824,7 @@
+@@ -2834,7 +2834,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PREPARED_STATEMENTS_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1002,7 +1013,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented prepared statements. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2834,7 +2834,7 @@
+@@ -2844,7 +2844,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PROGRAM_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1011,7 +1022,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented programs. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2844,7 +2844,7 @@
+@@ -2854,7 +2854,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1020,7 +1031,7 @@
  VARIABLE_COMMENT	Maximum number of rwlock instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2854,7 +2854,7 @@
+@@ -2864,7 +2864,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1029,7 +1040,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented RWLOCK objects. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	104857600
-@@ -2864,7 +2864,7 @@
+@@ -2874,7 +2874,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1038,7 +1049,7 @@
  VARIABLE_COMMENT	Maximum number of socket instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2874,7 +2874,7 @@
+@@ -2884,7 +2884,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1047,7 +1058,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented sockets. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2884,7 +2884,7 @@
+@@ -2894,7 +2894,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SQL_TEXT_LENGTH
  VARIABLE_SCOPE	GLOBAL
@@ -1056,7 +1067,7 @@
  VARIABLE_COMMENT	Maximum length of displayed sql text.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	1048576
-@@ -2894,7 +2894,7 @@
+@@ -2904,7 +2904,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STAGE_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1065,7 +1076,7 @@
  VARIABLE_COMMENT	Maximum number of stage instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2904,7 +2904,7 @@
+@@ -2914,7 +2914,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1074,7 +1085,7 @@
  VARIABLE_COMMENT	Maximum number of statement instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2914,7 +2914,7 @@
+@@ -2924,7 +2924,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_STACK
  VARIABLE_SCOPE	GLOBAL
@@ -1083,7 +1094,7 @@
  VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_CURRENT.
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	256
-@@ -2924,7 +2924,7 @@
+@@ -2934,7 +2934,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_HANDLES
  VARIABLE_SCOPE	GLOBAL
@@ -1092,7 +1103,7 @@
  VARIABLE_COMMENT	Maximum number of opened instrumented tables. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2934,7 +2934,7 @@
+@@ -2944,7 +2944,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1101,7 +1112,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented tables. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2944,7 +2944,7 @@
+@@ -2954,7 +2954,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_LOCK_STAT
  VARIABLE_SCOPE	GLOBAL
@@ -1110,7 +1121,7 @@
  VARIABLE_COMMENT	Maximum number of lock statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2954,7 +2954,7 @@
+@@ -2964,7 +2964,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_CLASSES
  VARIABLE_SCOPE	GLOBAL
@@ -1119,7 +1130,7 @@
  VARIABLE_COMMENT	Maximum number of thread instruments.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	256
-@@ -2964,7 +2964,7 @@
+@@ -2974,7 +2974,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_INSTANCES
  VARIABLE_SCOPE	GLOBAL
@@ -1128,7 +1139,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented threads. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2974,7 +2974,7 @@
+@@ -2984,7 +2984,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SESSION_CONNECT_ATTRS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1137,7 +1148,7 @@
  VARIABLE_COMMENT	Size of session attribute string buffer per thread. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -2984,7 +2984,7 @@
+@@ -2994,7 +2994,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_ACTORS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1146,7 +1157,7 @@
  VARIABLE_COMMENT	Maximum number of rows in SETUP_ACTORS.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1024
-@@ -2994,7 +2994,7 @@
+@@ -3004,7 +3004,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_OBJECTS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1155,7 +1166,7 @@
  VARIABLE_COMMENT	Maximum number of rows in SETUP_OBJECTS.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -3004,7 +3004,7 @@
+@@ -3014,7 +3014,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PERFORMANCE_SCHEMA_USERS_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1164,7 +1175,7 @@
  VARIABLE_COMMENT	Maximum number of instrumented users. Use 0 to disable, -1 for automated sizing.
  NUMERIC_MIN_VALUE	-1
  NUMERIC_MAX_VALUE	1048576
-@@ -3054,7 +3054,7 @@
+@@ -3064,7 +3064,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PRELOAD_BUFFER_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1173,7 +1184,7 @@
  VARIABLE_COMMENT	The size of the buffer that is allocated when preloading indexes
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	1073741824
-@@ -3074,7 +3074,7 @@
+@@ -3084,7 +3084,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	PROFILING_HISTORY_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1182,7 +1193,7 @@
  VARIABLE_COMMENT	Number of statements about which profiling information is maintained. If set to 0, no profiles are stored. See SHOW PROFILES.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	100
-@@ -3084,7 +3084,7 @@
+@@ -3094,7 +3094,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	PROGRESS_REPORT_TIME
  VARIABLE_SCOPE	SESSION
@@ -1191,7 +1202,7 @@
  VARIABLE_COMMENT	Seconds between sending progress reports to the client for time-consuming statements. Set to 0 to disable progress reporting.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -3144,7 +3144,7 @@
+@@ -3154,7 +3154,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	QUERY_ALLOC_BLOCK_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1200,7 +1211,7 @@
  VARIABLE_COMMENT	Allocation block size for query parsing and execution
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	4294967295
-@@ -3154,7 +3154,7 @@
+@@ -3164,7 +3164,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	QUERY_CACHE_LIMIT
  VARIABLE_SCOPE	GLOBAL
@@ -1209,7 +1220,7 @@
  VARIABLE_COMMENT	Don't cache results that are bigger than this
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -3164,7 +3164,7 @@
+@@ -3174,7 +3174,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	QUERY_CACHE_MIN_RES_UNIT
  VARIABLE_SCOPE	GLOBAL
@@ -1218,7 +1229,7 @@
  VARIABLE_COMMENT	The minimum size for blocks allocated by the query cache
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -3177,7 +3177,7 @@
+@@ -3187,7 +3187,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	The memory allocated to store results from old queries
  NUMERIC_MIN_VALUE	0
@@ -1227,7 +1238,7 @@
  NUMERIC_BLOCK_SIZE	1024
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3214,7 +3214,7 @@
+@@ -3224,7 +3224,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	QUERY_PREALLOC_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1236,7 +1247,7 @@
  VARIABLE_COMMENT	Persistent buffer for query parsing and execution
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	4294967295
-@@ -3227,7 +3227,7 @@
+@@ -3237,7 +3237,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
  NUMERIC_MIN_VALUE	0
@@ -1245,7 +1256,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3237,14 +3237,14 @@
+@@ -3247,14 +3247,14 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
  NUMERIC_MIN_VALUE	0
@@ -1262,7 +1273,7 @@
  VARIABLE_COMMENT	Allocation block size for storing ranges during optimization
  NUMERIC_MIN_VALUE	4096
  NUMERIC_MAX_VALUE	4294967295
-@@ -3257,14 +3257,14 @@
+@@ -3267,14 +3267,14 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Maximum speed(KB/s) to read binlog from master (0 = no limit)
  NUMERIC_MIN_VALUE	0
@@ -1279,7 +1290,7 @@
  VARIABLE_COMMENT	Each thread that does a sequential scan allocates a buffer of this size for each table it scans. If you do many sequential scans, you may want to increase this value
  NUMERIC_MIN_VALUE	8192
  NUMERIC_MAX_VALUE	2147483647
-@@ -3284,7 +3284,7 @@
+@@ -3294,7 +3294,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	READ_RND_BUFFER_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1288,7 +1299,7 @@
  VARIABLE_COMMENT	When reading rows in sorted order after a sort, the rows are read through this buffer to avoid a disk seeks
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	2147483647
-@@ -3504,10 +3504,10 @@
+@@ -3514,10 +3514,10 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	ROWID_MERGE_BUFF_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1301,7 +1312,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3524,20 +3524,20 @@
+@@ -3534,20 +3534,20 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	RPL_SEMI_SYNC_MASTER_TIMEOUT
  VARIABLE_SCOPE	GLOBAL
@@ -1326,7 +1337,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3594,10 +3594,10 @@
+@@ -3604,10 +3604,10 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	RPL_SEMI_SYNC_SLAVE_TRACE_LEVEL
  VARIABLE_SCOPE	GLOBAL
@@ -1339,7 +1350,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -3634,7 +3634,7 @@
+@@ -3644,7 +3644,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SERVER_ID
  VARIABLE_SCOPE	SESSION
@@ -1348,7 +1359,7 @@
  VARIABLE_COMMENT	Uniquely identifies the server instance in the community of replication partners
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	4294967295
-@@ -3774,7 +3774,7 @@
+@@ -3784,7 +3784,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLAVE_DOMAIN_PARALLEL_THREADS
  VARIABLE_SCOPE	GLOBAL
@@ -1357,7 +1368,7 @@
  VARIABLE_COMMENT	Maximum number of parallel threads to use on slave for events in a single replication domain. When using multiple domains, this can be used to limit a single domain from grabbing all threads and thus stalling other domains. The default of 0 means to allow a domain to grab as many threads as it wants, up to the value of slave_parallel_threads.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	16383
-@@ -3804,7 +3804,7 @@
+@@ -3814,7 +3814,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLAVE_MAX_ALLOWED_PACKET
  VARIABLE_SCOPE	GLOBAL
@@ -1366,7 +1377,7 @@
  VARIABLE_COMMENT	The maximum packet length to sent successfully from the master to slave.
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	1073741824
-@@ -3834,7 +3834,7 @@
+@@ -3844,7 +3844,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLAVE_PARALLEL_MAX_QUEUED
  VARIABLE_SCOPE	GLOBAL
@@ -1375,7 +1386,7 @@
  VARIABLE_COMMENT	Limit on how much memory SQL threads should use per parallel replication thread when reading ahead in the relay log looking for opportunities for parallel replication. Only used when --slave-parallel-threads > 0.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	2147483647
-@@ -3854,7 +3854,7 @@
+@@ -3864,7 +3864,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	SLAVE_PARALLEL_THREADS
  VARIABLE_SCOPE	GLOBAL
@@ -1384,7 +1395,7 @@
  VARIABLE_COMMENT	If non-zero, number of threads to spawn to apply in parallel events on the slave that were group-committed on the master or were logged with GTID in different replication domains. Note that these threads are in addition to the IO and SQL threads, which are always created by a replication slave
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	16383
-@@ -3864,7 +3864,7 @@
+@@ -3874,7 +3874,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLAVE_PARALLEL_WORKERS
  VARIABLE_SCOPE	GLOBAL
@@ -1393,7 +1404,7 @@
  VARIABLE_COMMENT	Alias for slave_parallel_threads
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	16383
-@@ -3904,7 +3904,7 @@
+@@ -3914,7 +3914,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	SLAVE_TRANSACTION_RETRIES
  VARIABLE_SCOPE	GLOBAL
@@ -1402,7 +1413,7 @@
  VARIABLE_COMMENT	Number of times the slave SQL thread will retry a transaction in case it failed with a deadlock, elapsed lock wait timeout or listed in slave_transaction_retry_errors, before giving up and stopping
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	4294967295
-@@ -3924,7 +3924,7 @@
+@@ -3934,7 +3934,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLAVE_TRANSACTION_RETRY_INTERVAL
  VARIABLE_SCOPE	GLOBAL
@@ -1411,7 +1422,7 @@
  VARIABLE_COMMENT	Interval of the slave SQL thread will retry a transaction in case it failed with a deadlock or elapsed lock wait timeout or listed in slave_transaction_retry_errors
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	3600
-@@ -3944,7 +3944,7 @@
+@@ -3954,7 +3954,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	SLOW_LAUNCH_TIME
  VARIABLE_SCOPE	GLOBAL
@@ -1420,7 +1431,7 @@
  VARIABLE_COMMENT	If creating the thread takes longer than this value (in seconds), the Slow_launch_threads counter will be incremented
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	31536000
-@@ -3987,7 +3987,7 @@
+@@ -3997,7 +3997,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Each thread that needs to do a sort allocates a buffer of this size
  NUMERIC_MIN_VALUE	1024
@@ -1429,7 +1440,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -4214,7 +4214,7 @@
+@@ -4224,7 +4224,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	STORED_PROGRAM_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1438,7 +1449,7 @@
  VARIABLE_COMMENT	The soft upper limit for number of cached stored routines for one connection.
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	524288
-@@ -4324,7 +4324,7 @@
+@@ -4334,7 +4334,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	TABLE_DEFINITION_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1447,7 +1458,7 @@
  VARIABLE_COMMENT	The number of cached table definitions
  NUMERIC_MIN_VALUE	400
  NUMERIC_MAX_VALUE	2097152
-@@ -4334,7 +4334,7 @@
+@@ -4344,7 +4344,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	TABLE_OPEN_CACHE
  VARIABLE_SCOPE	GLOBAL
@@ -1456,7 +1467,7 @@
  VARIABLE_COMMENT	The number of cached open tables
  NUMERIC_MIN_VALUE	10
  NUMERIC_MAX_VALUE	1048576
-@@ -4394,7 +4394,7 @@
+@@ -4404,7 +4404,7 @@
  COMMAND_LINE_ARGUMENT	OPTIONAL
  VARIABLE_NAME	THREAD_CACHE_SIZE
  VARIABLE_SCOPE	GLOBAL
@@ -1465,7 +1476,7 @@
  VARIABLE_COMMENT	How many threads we should keep in a cache for reuse. These are freed after 5 minutes of idle time
  NUMERIC_MIN_VALUE	0
  NUMERIC_MAX_VALUE	16384
-@@ -4567,7 +4567,7 @@
+@@ -4577,7 +4577,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Max size for data for an internal temporary on-disk MyISAM or Aria table.
  NUMERIC_MIN_VALUE	1024
@@ -1474,7 +1485,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -4577,7 +4577,7 @@
+@@ -4587,7 +4587,7 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table. Same as tmp_table_size.
  NUMERIC_MIN_VALUE	0
@@ -1483,7 +1494,7 @@
  NUMERIC_BLOCK_SIZE	1
  ENUM_VALUE_LIST	NULL
  READ_ONLY	NO
-@@ -4587,14 +4587,14 @@
+@@ -4597,14 +4597,14 @@
  VARIABLE_TYPE	BIGINT UNSIGNED
  VARIABLE_COMMENT	Alias for tmp_memory_table_size. If an internal in-memory temporary table exceeds this size, MariaDB will automatically convert it to an on-disk MyISAM or Aria table.
  NUMERIC_MIN_VALUE	0
@@ -1500,7 +1511,7 @@
  VARIABLE_COMMENT	Allocation block size for transactions to be stored in binary log
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	134217728
-@@ -4604,7 +4604,7 @@
+@@ -4614,7 +4614,7 @@
  COMMAND_LINE_ARGUMENT	REQUIRED
  VARIABLE_NAME	TRANSACTION_PREALLOC_SIZE
  VARIABLE_SCOPE	SESSION
@@ -1509,7 +1520,7 @@
  VARIABLE_COMMENT	Persistent buffer for transactions to be stored in binary log
  NUMERIC_MIN_VALUE	1024
  NUMERIC_MAX_VALUE	134217728
-@@ -4744,7 +4744,7 @@
+@@ -4754,7 +4754,7 @@
  COMMAND_LINE_ARGUMENT	NULL
  VARIABLE_NAME	WAIT_TIMEOUT
  VARIABLE_SCOPE	SESSION
@@ -1518,7 +1529,7 @@
  VARIABLE_COMMENT	The number of seconds the server waits for activity on a connection before closing it
  NUMERIC_MIN_VALUE	1
  NUMERIC_MAX_VALUE	31536000
-@@ -4771,7 +4771,7 @@
+@@ -4781,7 +4781,7 @@
  VARIABLE_NAME	LOG_TC_SIZE
  GLOBAL_VALUE_ORIGIN	AUTO
  VARIABLE_SCOPE	GLOBAL
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,win.rdiff b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,win.rdiff
new file mode 100644
index 00000000..acee8a39
--- /dev/null
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded,win.rdiff
@@ -0,0 +1,1465 @@
+--- suite/sys_vars/r/sysvars_server_notembedded.result
++++ suite/sys_vars/r/sysvars_server_notembedded.reject
+@@ -34,7 +34,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_BLOCK_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Block size to be used for Aria index pages.
+ NUMERIC_MIN_VALUE	4096
+ NUMERIC_MAX_VALUE	32768
+@@ -44,7 +44,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_CHECKPOINT_INTERVAL
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Interval between tries to do an automatic checkpoints. In seconds; 0 means 'no automatic checkpoints' which makes sense only for testing.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -54,7 +54,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_CHECKPOINT_LOG_ACTIVITY
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of bytes that the transaction log has to grow between checkpoints before a new checkpoint is written to the log.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -74,7 +74,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	ARIA_FORCE_START_AFTER_RECOVERY_FAILURES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of consecutive log recovery failures after which logs will be automatically deleted to cure the problem; 0 (the default) disables the feature.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	255
+@@ -94,7 +94,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_GROUP_COMMIT_INTERVAL
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Interval between commits in microseconds (1/1000000 sec). 0 stands for no waiting for other threads to come and do a commit in "hard" mode and no sync()/commit at all in "soft" mode.  Option has only an effect if aria_group_commit is used
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -114,7 +114,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_LOG_FILE_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Limit for transaction log size
+ NUMERIC_MIN_VALUE	8388608
+ NUMERIC_MAX_VALUE	4294967295
+@@ -144,10 +144,10 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_PAGECACHE_AGE_THRESHOLD
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	This characterizes the number of hits a hot block has to be untouched until it is considered aged enough to be downgraded to a warm block. This specifies the percentage ratio of that number of hits to the total number of blocks in the page cache.
+ NUMERIC_MIN_VALUE	100
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	100
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -164,7 +164,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_PAGECACHE_DIVISION_LIMIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The minimum percentage of warm blocks in key cache
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	100
+@@ -174,7 +174,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	ARIA_PAGECACHE_FILE_HASH_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of hash buckets for open and changed files.  If you have a lot of Aria files open you should increase this for faster flush of changes. A good value is probably 1/10 of number of possible open Aria files.
+ NUMERIC_MIN_VALUE	128
+ NUMERIC_MAX_VALUE	16384
+@@ -204,7 +204,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	ARIA_REPAIR_THREADS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of threads to use when repairing Aria tables. The value of 1 disables parallel repair.
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	128
+@@ -274,7 +274,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	AUTO_INCREMENT_INCREMENT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Auto-increment columns are incremented by this
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	65535
+@@ -284,7 +284,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	AUTO_INCREMENT_OFFSET
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Offset added to Auto-increment columns. Used when auto-increment-increment != 1
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	65535
+@@ -294,7 +294,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	BACK_LOG
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of outstanding connection requests MariaDB can have. This comes into play when the main MariaDB thread gets very many connection requests in a very short time
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	65535
+@@ -364,20 +364,20 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	BINLOG_COMMIT_WAIT_COUNT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If non-zero, binlog write will wait at most binlog_commit_wait_usec microseconds for at least this many commits to queue up for group commit to the binlog. This can reduce I/O on the binlog and provide increased opportunity for parallel apply on the slave, but too high a value will decrease commit throughput.
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	BINLOG_COMMIT_WAIT_USEC
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum time, in microseconds, to wait for more commits to queue up for binlog group commit. Only takes effect if the value of binlog_commit_wait_count is non-zero.
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -394,7 +394,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	BINLOG_EXPIRE_LOGS_SECONDS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If non-zero, binary logs will be purged after binlog_expire_logs_seconds seconds; It and expire_logs_days are linked, such that changes in one are converted into the other. Possible purges happen at startup and at binary log rotation.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	8553600
+@@ -654,7 +654,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	CONNECT_TIMEOUT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the mysqld server is waiting for a connect packet before responding with 'Bad handshake'
+ NUMERIC_MIN_VALUE	2
+ NUMERIC_MAX_VALUE	31536000
+@@ -704,7 +704,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DEADLOCK_SEARCH_DEPTH_LONG
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Long search depth for the two-step deadlock detection
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	33
+@@ -714,7 +714,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DEADLOCK_SEARCH_DEPTH_SHORT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Short search depth for the two-step deadlock detection
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	32
+@@ -724,7 +724,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DEADLOCK_TIMEOUT_LONG
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Long timeout for the two-step deadlock detection (in microseconds)
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -734,7 +734,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DEADLOCK_TIMEOUT_SHORT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Short timeout for the two-step deadlock detection (in microseconds)
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -794,7 +794,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	DEFAULT_WEEK_FORMAT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The default week format used by WEEK() functions
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	7
+@@ -804,7 +804,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DELAYED_INSERT_LIMIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	After inserting delayed_insert_limit rows, the INSERT DELAYED handler will check if there are any SELECT statements pending. If so, it allows these to execute before continuing.
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -814,7 +814,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DELAYED_INSERT_TIMEOUT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	How long a INSERT DELAYED thread should wait for INSERT statements before terminating
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	31536000
+@@ -824,7 +824,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	DELAYED_QUEUE_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	What size queue (in rows) should be allocated for handling INSERT DELAYED. If the queue becomes full, any client that does INSERT DELAYED will wait until there is room in the queue again
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -854,7 +854,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	DIV_PRECISION_INCREMENT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Precision of the result of '/' operator will be increased on that value
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	38
+@@ -974,7 +974,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	EXTRA_MAX_CONNECTIONS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of connections on extra-port
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	100000
+@@ -1004,7 +1004,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	FLUSH_TIME
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	A dedicated thread is created to flush all tables at the given interval
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	31536000
+@@ -1034,7 +1034,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	FT_MAX_WORD_LEN
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The maximum length of the word to be included in a FULLTEXT index. Note: FULLTEXT indexes must be rebuilt after changing this variable
+ NUMERIC_MIN_VALUE	10
+ NUMERIC_MAX_VALUE	84
+@@ -1044,7 +1044,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	FT_MIN_WORD_LEN
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The minimum length of the word to be included in a FULLTEXT index. Note: FULLTEXT indexes must be rebuilt after changing this variable
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	84
+@@ -1054,7 +1054,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	FT_QUERY_EXPANSION_LIMIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of best matches to use for query expansion
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1000
+@@ -1304,7 +1304,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	HISTOGRAM_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of bytes used for a histogram. If set to 0, no histograms are created by ANALYZE.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	255
+@@ -1334,7 +1334,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	HOST_CACHE_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	How many host names should be cached to avoid resolving.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	65536
+@@ -1357,7 +1357,7 @@
+ VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the server waits for read-only idle transaction
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	31536000
++NUMERIC_MAX_VALUE	2147483
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -1367,7 +1367,7 @@
+ VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the server waits for idle transaction
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	31536000
++NUMERIC_MAX_VALUE	2147483
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -1377,7 +1377,7 @@
+ VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the server waits for write idle transaction
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	31536000
++NUMERIC_MAX_VALUE	2147483
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -1444,7 +1444,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	INTERACTIVE_TIMEOUT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the server waits for activity on an interactive connection before closing it
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	31536000
+@@ -1494,7 +1494,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	JOIN_CACHE_LEVEL
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Controls what join operations can be executed with join buffers. Odd numbers are used for plain join buffers while even numbers are used for linked buffers
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	8
+@@ -1672,19 +1672,9 @@
+ ENUM_VALUE_LIST	OFF,ON
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+-VARIABLE_NAME	LOCKED_IN_MEMORY
+-VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BOOLEAN
+-VARIABLE_COMMENT	Whether mysqld was locked in memory with --memlock
+-NUMERIC_MIN_VALUE	NULL
+-NUMERIC_MAX_VALUE	NULL
+-NUMERIC_BLOCK_SIZE	NULL
+-ENUM_VALUE_LIST	OFF,ON
+-READ_ONLY	YES
+-COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	LOCK_WAIT_TIMEOUT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Timeout in seconds to wait for a lock before returning an error.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	31536000
+@@ -1834,7 +1824,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	LOG_SLOW_MAX_WARNINGS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Max numbers of warnings printed to slow query log per statement
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1000
+@@ -1844,7 +1834,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	LOG_SLOW_RATE_LIMIT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Write to slow log every #th slow query. Set to 1 to log everything. Increase it to reduce the size of the slow or the performance impact of slow logging
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -1874,7 +1864,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	LOG_WARNINGS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Log some non critical warnings to the error log.Value can be between 0 and 11. Higher values mean more verbosity
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -1934,7 +1924,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	MAX_ALLOWED_PACKET
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Max packet length to send to or receive from the server
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	1073741824
+@@ -1954,7 +1944,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_BINLOG_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Binary log will be rotated automatically when the size exceeds this value.
+ NUMERIC_MIN_VALUE	4096
+ NUMERIC_MAX_VALUE	1073741824
+@@ -1974,7 +1964,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_CONNECTIONS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of simultaneous clients allowed
+ NUMERIC_MIN_VALUE	10
+ NUMERIC_MAX_VALUE	100000
+@@ -1984,7 +1974,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_CONNECT_ERRORS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If there is more than this number of interrupted connections from a host this host will be blocked from further connections
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -1994,7 +1984,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_DELAYED_THREADS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Don't start more than this number of threads to handle INSERT DELAYED statements. If set to zero INSERT DELAYED will be not used
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16384
+@@ -2014,7 +2004,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_ERROR_COUNT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Max number of errors/warnings to store for a statement
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	65535
+@@ -2034,7 +2024,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_INSERT_DELAYED_THREADS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Don't start more than this number of threads to handle INSERT DELAYED statements. If set to zero INSERT DELAYED will be not used
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16384
+@@ -2054,7 +2044,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_LENGTH_FOR_SORT_DATA
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Max number of bytes in sorted records
+ NUMERIC_MIN_VALUE	4
+ NUMERIC_MAX_VALUE	8388608
+@@ -2084,7 +2074,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_RECURSIVE_ITERATIONS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of iterations when executing recursive queries
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2114,7 +2104,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_SEEKS_FOR_KEY
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Limit assumed max number of seeks when looking up rows based on a key
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2134,7 +2124,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_SORT_LENGTH
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of bytes to use when sorting BLOB or TEXT values (only the first max_sort_length bytes of each value are used; the rest are ignored)
+ NUMERIC_MIN_VALUE	64
+ NUMERIC_MAX_VALUE	8388608
+@@ -2144,7 +2134,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_SP_RECURSION_DEPTH
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum stored procedure recursion depth
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	255
+@@ -2164,7 +2154,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_TMP_TABLES
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Unused, will be removed.
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2184,7 +2174,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MAX_WRITE_LOCK_COUNT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	After this many write locks, allow some read locks to run in between
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2194,7 +2184,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	METADATA_LOCKS_CACHE_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Unused
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2204,7 +2194,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	METADATA_LOCKS_HASH_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Unused
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	1024
+@@ -2214,7 +2204,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MIN_EXAMINED_ROW_LIMIT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Don't write queries to slow log that examine fewer rows than that
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2224,7 +2214,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MRR_BUFFER_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Size of buffer to use when using MRR with range access
+ NUMERIC_MIN_VALUE	8192
+ NUMERIC_MAX_VALUE	2147483647
+@@ -2234,7 +2224,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MYISAM_BLOCK_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Block size to be used for MyISAM index pages
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	16384
+@@ -2244,7 +2234,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	MYISAM_DATA_POINTER_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Default pointer size to be used for MyISAM tables
+ NUMERIC_MIN_VALUE	2
+ NUMERIC_MAX_VALUE	7
+@@ -2284,10 +2274,10 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	MYISAM_REPAIR_THREADS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If larger than 1, when repairing a MyISAM table all indexes will be created in parallel, with one thread per index. The value of 1 disables parallel repair
+ NUMERIC_MIN_VALUE	1
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -2332,9 +2322,19 @@
+ ENUM_VALUE_LIST	OFF,ON
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	OPTIONAL
++VARIABLE_NAME	NAMED_PIPE
++VARIABLE_SCOPE	GLOBAL
++VARIABLE_TYPE	BOOLEAN
++VARIABLE_COMMENT	Enable the named pipe (NT)
++NUMERIC_MIN_VALUE	NULL
++NUMERIC_MAX_VALUE	NULL
++NUMERIC_BLOCK_SIZE	NULL
++ENUM_VALUE_LIST	OFF,ON
++READ_ONLY	YES
++COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	NET_BUFFER_LENGTH
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Buffer length for TCP/IP and socket communication
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	1048576
+@@ -2344,7 +2344,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	NET_READ_TIMEOUT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of seconds to wait for more data from a connection before aborting the read
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	31536000
+@@ -2354,7 +2354,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	NET_RETRY_COUNT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If a read on a communication port is interrupted, retry this many times before giving up
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2364,7 +2364,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	NET_WRITE_TIMEOUT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of seconds to wait for a block to be written to a connection before aborting the write
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	31536000
+@@ -2424,7 +2424,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	OPEN_FILES_LIMIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If this is not 0, then mysqld will use this value to reserve file descriptors to use with setrlimit(). If this value is 0 or autoset then mysqld will reserve max_connections*5 or max_connections + table_cache*2 (whichever is larger) number of file descriptors
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2434,7 +2434,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_ADJUST_SECONDARY_KEY_COSTS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	0 = No changes. 1 = Update secondary key costs for ranges to be at least 5x of clustered primary key costs. 2 = Remove 'max_seek optimization' for secondary keys and slight adjustment of filter cost. This option will be deleted in MariaDB 11.0 as it is not needed with the new 11.0 optimizer.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	2
+@@ -2444,7 +2444,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARGS
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The maximum number of SEL_ARG objects created when optimizing a range. If more objects would be needed, the range will not be used by the optimizer.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2454,7 +2454,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_MAX_SEL_ARG_WEIGHT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The maximum weight of the SEL_ARG graph. Set to 0 for no limit
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2464,7 +2464,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_PRUNE_LEVEL
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Controls the heuristic(s) applied during query optimization to prune less-promising partial plans from the optimizer search space. Meaning: 0 - do not apply any heuristic, thus perform exhaustive search; 1 - prune plans based on number of retrieved rows
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1
+@@ -2474,7 +2474,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_SEARCH_DEPTH
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum depth of search performed by the query optimizer. Values larger than the number of relations in a query result in better query plans, but take longer to compile a query. Values smaller than the number of tables in a relation result in faster optimization, but may produce very bad query plans. If set to 0, the system will automatically pick a reasonable value.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	62
+@@ -2484,7 +2484,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_SELECTIVITY_SAMPLING_LIMIT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Controls number of record samples to check condition selectivity
+ NUMERIC_MIN_VALUE	10
+ NUMERIC_MAX_VALUE	4294967295
+@@ -2514,17 +2514,17 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_TRACE_MAX_MEM_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum allowed size of an optimizer trace
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	OPTIMIZER_USE_CONDITION_SELECTIVITY
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Controls selectivity of which conditions the optimizer takes into account to calculate cardinality of a partial join when it searches for the best execution plan Meaning: 1 - use selectivity of index backed range conditions to calculate the cardinality of a partial join if the last joined table is accessed by full table scan or an index scan, 2 - use selectivity of index backed range conditions to calculate the cardinality of a partial join in any case, 3 - additionally always use selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join, 4 - use histograms to calculate selectivity of range conditions that are not backed by any index to calculate the cardinality of a partial join.5 - additionally use selectivity of certain non-range predicates calculated on record samples
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	5
+@@ -2544,7 +2544,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_ACCOUNTS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented user@host accounts. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2554,7 +2554,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_DIGESTS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Size of the statement digest. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2564,7 +2564,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_LONG_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows in EVENTS_STAGES_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2574,7 +2574,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STAGES_HISTORY_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows per thread in EVENTS_STAGES_HISTORY. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1024
+@@ -2584,7 +2584,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_LONG_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows in EVENTS_STATEMENTS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2594,7 +2594,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_STATEMENTS_HISTORY_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_HISTORY. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1024
+@@ -2604,7 +2604,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_LONG_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows in EVENTS_TRANSACTIONS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2614,7 +2614,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_TRANSACTIONS_HISTORY_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows per thread in EVENTS_TRANSACTIONS_HISTORY. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1024
+@@ -2624,7 +2624,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_LONG_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows in EVENTS_WAITS_HISTORY_LONG. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2634,7 +2634,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_EVENTS_WAITS_HISTORY_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Number of rows per thread in EVENTS_WAITS_HISTORY. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1024
+@@ -2644,7 +2644,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_HOSTS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented hosts. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2654,7 +2654,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of condition instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2664,7 +2664,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_COND_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented condition objects. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2674,7 +2674,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_DIGEST_LENGTH
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum length considered for digest text, when stored in performance_schema tables.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1048576
+@@ -2684,7 +2684,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of file instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2694,7 +2694,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_HANDLES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of opened instrumented files.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1048576
+@@ -2704,7 +2704,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_FILE_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented files. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2714,7 +2714,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_INDEX_STAT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of index statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2724,7 +2724,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MEMORY_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of memory pool instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1024
+@@ -2734,7 +2734,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_METADATA_LOCKS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of metadata locks. Use 0 to disable, -1 for automated scaling.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	104857600
+@@ -2744,7 +2744,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of mutex instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2754,7 +2754,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_MUTEX_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented MUTEX objects. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	104857600
+@@ -2764,7 +2764,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PREPARED_STATEMENTS_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented prepared statements. Use 0 to disable, -1 for automated scaling.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2774,7 +2774,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_PROGRAM_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented programs. Use 0 to disable, -1 for automated scaling.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2784,7 +2784,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of rwlock instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2794,7 +2794,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_RWLOCK_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented RWLOCK objects. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	104857600
+@@ -2804,7 +2804,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of socket instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2814,7 +2814,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SOCKET_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of opened instrumented sockets. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2824,7 +2824,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_SQL_TEXT_LENGTH
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum length of displayed sql text.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	1048576
+@@ -2834,7 +2834,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STAGE_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of stage instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2844,7 +2844,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of statement instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2854,7 +2854,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_STATEMENT_STACK
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of rows per thread in EVENTS_STATEMENTS_CURRENT.
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	256
+@@ -2864,7 +2864,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_HANDLES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of opened instrumented tables. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2874,7 +2874,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented tables. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2884,7 +2884,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_TABLE_LOCK_STAT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of lock statistics for instrumented tables. Use 0 to disable, -1 for automated scaling.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2894,7 +2894,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_CLASSES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of thread instruments.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	256
+@@ -2904,7 +2904,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_MAX_THREAD_INSTANCES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented threads. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2914,7 +2914,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_SESSION_CONNECT_ATTRS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Size of session attribute string buffer per thread. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2924,7 +2924,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_ACTORS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of rows in SETUP_ACTORS.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1024
+@@ -2934,7 +2934,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_SETUP_OBJECTS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of rows in SETUP_OBJECTS.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2944,7 +2944,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PERFORMANCE_SCHEMA_USERS_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT
++VARIABLE_TYPE	INT
+ VARIABLE_COMMENT	Maximum number of instrumented users. Use 0 to disable, -1 for automated sizing.
+ NUMERIC_MIN_VALUE	-1
+ NUMERIC_MAX_VALUE	1048576
+@@ -2994,7 +2994,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PRELOAD_BUFFER_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The size of the buffer that is allocated when preloading indexes
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	1073741824
+@@ -3014,7 +3014,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	PROFILING_HISTORY_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of statements about which profiling information is maintained. If set to 0, no profiles are stored. See SHOW PROFILES.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	100
+@@ -3024,7 +3024,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	PROGRESS_REPORT_TIME
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Seconds between sending progress reports to the client for time-consuming statements. Set to 0 to disable progress reporting.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3084,7 +3084,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	QUERY_ALLOC_BLOCK_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Allocation block size for query parsing and execution
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3094,7 +3094,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	QUERY_CACHE_LIMIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Don't cache results that are bigger than this
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3104,7 +3104,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	QUERY_CACHE_MIN_RES_UNIT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The minimum size for blocks allocated by the query cache
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3117,7 +3117,7 @@
+ VARIABLE_TYPE	BIGINT UNSIGNED
+ VARIABLE_COMMENT	The memory allocated to store results from old queries
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1024
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -3154,7 +3154,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	QUERY_PREALLOC_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Persistent buffer for query parsing and execution
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3167,7 +3167,7 @@
+ VARIABLE_TYPE	BIGINT UNSIGNED
+ VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -3177,14 +3177,14 @@
+ VARIABLE_TYPE	BIGINT UNSIGNED
+ VARIABLE_COMMENT	Sets the internal state of the RAND() generator for replication purposes
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	RANGE_ALLOC_BLOCK_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Allocation block size for storing ranges during optimization
+ NUMERIC_MIN_VALUE	4096
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3197,14 +3197,14 @@
+ VARIABLE_TYPE	BIGINT UNSIGNED
+ VARIABLE_COMMENT	Maximum speed(KB/s) to read binlog from master (0 = no limit)
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	READ_BUFFER_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Each thread that does a sequential scan allocates a buffer of this size for each table it scans. If you do many sequential scans, you may want to increase this value
+ NUMERIC_MIN_VALUE	8192
+ NUMERIC_MAX_VALUE	2147483647
+@@ -3224,7 +3224,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	READ_RND_BUFFER_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	When reading rows in sorted order after a sort, the rows are read through this buffer to avoid a disk seeks
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	2147483647
+@@ -3434,10 +3434,10 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	ROWID_MERGE_BUFF_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The size of the buffers used [NOT] IN evaluation via partial matching
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	9223372036854775807
++NUMERIC_MAX_VALUE	2147483647
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -3454,20 +3454,20 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	RPL_SEMI_SYNC_MASTER_TIMEOUT
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The timeout value (in ms) for semi-synchronous replication in the master
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	RPL_SEMI_SYNC_MASTER_TRACE_LEVEL
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The tracing level for semi-sync replication.
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -3524,10 +3524,10 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	RPL_SEMI_SYNC_SLAVE_TRACE_LEVEL
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The tracing level for semi-sync replication.
+ NUMERIC_MIN_VALUE	0
+-NUMERIC_MAX_VALUE	18446744073709551615
++NUMERIC_MAX_VALUE	4294967295
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -3564,7 +3564,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SERVER_ID
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Uniquely identifies the server instance in the community of replication partners
+ NUMERIC_MIN_VALUE	1
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3694,7 +3694,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLAVE_DOMAIN_PARALLEL_THREADS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Maximum number of parallel threads to use on slave for events in a single replication domain. When using multiple domains, this can be used to limit a single domain from grabbing all threads and thus stalling other domains. The default of 0 means to allow a domain to grab as many threads as it wants, up to the value of slave_parallel_threads.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16383
+@@ -3724,7 +3724,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLAVE_MAX_ALLOWED_PACKET
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The maximum packet length to sent successfully from the master to slave.
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	1073741824
+@@ -3744,7 +3744,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLAVE_PARALLEL_MAX_QUEUED
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Limit on how much memory SQL threads should use per parallel replication thread when reading ahead in the relay log looking for opportunities for parallel replication. Only used when --slave-parallel-threads > 0.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	2147483647
+@@ -3764,7 +3764,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	SLAVE_PARALLEL_THREADS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If non-zero, number of threads to spawn to apply in parallel events on the slave that were group-committed on the master or were logged with GTID in different replication domains. Note that these threads are in addition to the IO and SQL threads, which are always created by a replication slave
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16383
+@@ -3774,7 +3774,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLAVE_PARALLEL_WORKERS
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Alias for slave_parallel_threads
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16383
+@@ -3814,7 +3814,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	SLAVE_TRANSACTION_RETRIES
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Number of times the slave SQL thread will retry a transaction in case it failed with a deadlock, elapsed lock wait timeout or listed in slave_transaction_retry_errors, before giving up and stopping
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	4294967295
+@@ -3834,7 +3834,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLAVE_TRANSACTION_RETRY_INTERVAL
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Interval of the slave SQL thread will retry a transaction in case it failed with a deadlock or elapsed lock wait timeout or listed in slave_transaction_retry_errors
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	3600
+@@ -3854,7 +3854,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	SLOW_LAUNCH_TIME
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	If creating the thread takes longer than this value (in seconds), the Slow_launch_threads counter will be incremented
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	31536000
+@@ -4124,7 +4124,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	STORED_PROGRAM_CACHE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The soft upper limit for number of cached stored routines for one connection.
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	524288
+@@ -4224,7 +4224,7 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	TABLE_DEFINITION_CACHE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of cached table definitions
+ NUMERIC_MIN_VALUE	400
+ NUMERIC_MAX_VALUE	2097152
+@@ -4234,7 +4234,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	TABLE_OPEN_CACHE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of cached open tables
+ NUMERIC_MIN_VALUE	10
+ NUMERIC_MAX_VALUE	1048576
+@@ -4294,7 +4294,7 @@
+ COMMAND_LINE_ARGUMENT	OPTIONAL
+ VARIABLE_NAME	THREAD_CACHE_SIZE
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	How many threads we should keep in a cache for reuse. These are freed after 5 minutes of idle time
+ NUMERIC_MIN_VALUE	0
+ NUMERIC_MAX_VALUE	16384
+@@ -4352,6 +4352,26 @@
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+ COMMAND_LINE_ARGUMENT	REQUIRED
++VARIABLE_NAME	THREAD_POOL_MIN_THREADS
++VARIABLE_SCOPE	GLOBAL
++VARIABLE_TYPE	INT UNSIGNED
++VARIABLE_COMMENT	Minimum number of threads in the thread pool.
++NUMERIC_MIN_VALUE	1
++NUMERIC_MAX_VALUE	256
++NUMERIC_BLOCK_SIZE	1
++ENUM_VALUE_LIST	NULL
++READ_ONLY	NO
++COMMAND_LINE_ARGUMENT	REQUIRED
++VARIABLE_NAME	THREAD_POOL_MODE
++VARIABLE_SCOPE	GLOBAL
++VARIABLE_TYPE	ENUM
++VARIABLE_COMMENT	Chose implementation of the threadpool
++NUMERIC_MIN_VALUE	NULL
++NUMERIC_MAX_VALUE	NULL
++NUMERIC_BLOCK_SIZE	NULL
++ENUM_VALUE_LIST	windows,generic
++READ_ONLY	YES
++COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	THREAD_POOL_OVERSUBSCRIBE
+ VARIABLE_SCOPE	GLOBAL
+ VARIABLE_TYPE	INT UNSIGNED
+@@ -4455,7 +4475,7 @@
+ VARIABLE_NAME	TMPDIR
+ VARIABLE_SCOPE	GLOBAL
+ VARIABLE_TYPE	VARCHAR
+-VARIABLE_COMMENT	Path for temporary files. Several paths may be specified, separated by a colon (:), in this case they are used in a round-robin fashion
++VARIABLE_COMMENT	Path for temporary files. Several paths may be specified, separated by a semicolon (;), in this case they are used in a round-robin fashion
+ NUMERIC_MIN_VALUE	NULL
+ NUMERIC_MAX_VALUE	NULL
+ NUMERIC_BLOCK_SIZE	NULL
+@@ -4494,7 +4514,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	TRANSACTION_ALLOC_BLOCK_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Allocation block size for transactions to be stored in binary log
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	134217728
+@@ -4504,7 +4524,7 @@
+ COMMAND_LINE_ARGUMENT	REQUIRED
+ VARIABLE_NAME	TRANSACTION_PREALLOC_SIZE
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Persistent buffer for transactions to be stored in binary log
+ NUMERIC_MIN_VALUE	1024
+ NUMERIC_MAX_VALUE	134217728
+@@ -4644,10 +4664,10 @@
+ COMMAND_LINE_ARGUMENT	NULL
+ VARIABLE_NAME	WAIT_TIMEOUT
+ VARIABLE_SCOPE	SESSION
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	The number of seconds the server waits for activity on a connection before closing it
+ NUMERIC_MIN_VALUE	1
+-NUMERIC_MAX_VALUE	31536000
++NUMERIC_MAX_VALUE	2147483
+ NUMERIC_BLOCK_SIZE	1
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	NO
+@@ -4671,7 +4691,7 @@
+ VARIABLE_NAME	LOG_TC_SIZE
+ GLOBAL_VALUE_ORIGIN	AUTO
+ VARIABLE_SCOPE	GLOBAL
+-VARIABLE_TYPE	BIGINT UNSIGNED
++VARIABLE_TYPE	INT UNSIGNED
+ VARIABLE_COMMENT	Size of transaction coordinator log.
+ ENUM_VALUE_LIST	NULL
+ READ_ONLY	YES
diff --git a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
index 6cb55630..4e79d858 100644
--- a/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
+++ b/mysql-test/suite/sys_vars/r/sysvars_server_notembedded.result
@@ -1935,7 +1935,7 @@ COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	LOG_WARNINGS
 VARIABLE_SCOPE	SESSION
 VARIABLE_TYPE	BIGINT UNSIGNED
-VARIABLE_COMMENT	Log some not critical warnings to the general log file.Value can be between 0 and 11. Higher values mean more verbosity
+VARIABLE_COMMENT	Log some non critical warnings to the error log.Value can be between 0 and 11. Higher values mean more verbosity
 NUMERIC_MIN_VALUE	0
 NUMERIC_MAX_VALUE	4294967295
 NUMERIC_BLOCK_SIZE	1
@@ -2469,7 +2469,7 @@ VARIABLE_COMMENT	Used to emulate old behavior from earlier MariaDB or MySQL vers
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
-ENUM_VALUE_LIST	NO_DUP_KEY_WARNINGS_WITH_IGNORE,NO_PROGRESS_INFO,ZERO_DATE_TIME_CAST,UTF8_IS_UTF8MB3,IGNORE_INDEX_ONLY_FOR_JOIN,COMPAT_5_1_CHECKSUM
+ENUM_VALUE_LIST	NO_DUP_KEY_WARNINGS_WITH_IGNORE,NO_PROGRESS_INFO,ZERO_DATE_TIME_CAST,UTF8_IS_UTF8MB3,IGNORE_INDEX_ONLY_FOR_JOIN,COMPAT_5_1_CHECKSUM,NO_NULL_COLLATION_IDS
 READ_ONLY	NO
 COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	OLD_PASSWORDS
@@ -2492,6 +2492,16 @@ NUMERIC_BLOCK_SIZE	1
 ENUM_VALUE_LIST	NULL
 READ_ONLY	YES
 COMMAND_LINE_ARGUMENT	REQUIRED
+VARIABLE_NAME	OPTIMIZER_ADJUST_SECONDARY_KEY_COSTS
+VARIABLE_SCOPE	SESSION
+VARIABLE_TYPE	BIGINT UNSIGNED
+VARIABLE_COMMENT	0 = No changes. 1 = Update secondary key costs for ranges to be at least 5x of clustered primary key costs. 2 = Remove 'max_seek optimization' for secondary keys and slight adjustment of filter cost. This option will be deleted in MariaDB 11.0 as it is not needed with the new 11.0 optimizer.
+NUMERIC_MIN_VALUE	0
+NUMERIC_MAX_VALUE	2
+NUMERIC_BLOCK_SIZE	1
+ENUM_VALUE_LIST	NULL
+READ_ONLY	NO
+COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	OPTIMIZER_EXTRA_PRUNING_DEPTH
 VARIABLE_SCOPE	SESSION
 VARIABLE_TYPE	BIGINT UNSIGNED
@@ -3545,7 +3555,7 @@ COMMAND_LINE_ARGUMENT	REQUIRED
 VARIABLE_NAME	RPL_SEMI_SYNC_MASTER_WAIT_NO_SLAVE
 VARIABLE_SCOPE	GLOBAL
 VARIABLE_TYPE	BOOLEAN
-VARIABLE_COMMENT	Wait until timeout when no semi-synchronous replication slave available (enabled by default).
+VARIABLE_COMMENT	Wait until timeout when no semi-synchronous replication slave is available.
 NUMERIC_MIN_VALUE	NULL
 NUMERIC_MAX_VALUE	NULL
 NUMERIC_BLOCK_SIZE	NULL
diff --git a/mysql-test/suite/sys_vars/t/old_mode_basic.test b/mysql-test/suite/sys_vars/t/old_mode_basic.test
index 631d6387..cb187967 100644
--- a/mysql-test/suite/sys_vars/t/old_mode_basic.test
+++ b/mysql-test/suite/sys_vars/t/old_mode_basic.test
@@ -172,7 +172,7 @@ SET @@global.old_mode = 4;
 SELECT @@global.old_mode;
 
 --Error ER_WRONG_VALUE_FOR_VAR
-SET @@global.old_mode = 64;
+SET @@global.old_mode = 128;
 SELECT @@global.old_mode;
 
 # use of decimal values
diff --git a/mysql-test/suite/sys_vars/t/pseudo_slave_mode_notembedded.test b/mysql-test/suite/sys_vars/t/pseudo_slave_mode_notembedded.test
new file mode 100644
index 00000000..c18872db
--- /dev/null
+++ b/mysql-test/suite/sys_vars/t/pseudo_slave_mode_notembedded.test
@@ -0,0 +1,20 @@
+--source include/not_embedded.inc
+--source include/load_sysvars.inc
+
+--echo '### MDEV-32844: THD::rli_fake/rgi_fake not cleared on new connection'
+--connect(con1,localhost,root,,)
+BINLOG '
+6ENbZQ8BAAAA/AAAAAABAAAAAAQAMTAuMTEuNi1NYXJpYURCLWRlYnVnLWxvZwAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAADoQ1tlEzgNAAgAEgAEBAQEEgAA5AAEGggAAAAICAgCAAAACgoKAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAEEwQADQgICAoKCgGbvv33
+';
+--disconnect con1
+--connect(con1,localhost,root,,)
+# The bug was that the THD::rli_fake was not cleared when the THD is re-used
+# for the new connection, and we would get a warning from the following
+# statement.
+SET SESSION pseudo_slave_mode= 1;
+--disconnect con1
+--connection default
diff --git a/mysql-test/suite/sys_vars/t/sysvars_star.test b/mysql-test/suite/sys_vars/t/sysvars_star.test
index 8d0aefdc..f1d1c137 100644
--- a/mysql-test/suite/sys_vars/t/sysvars_star.test
+++ b/mysql-test/suite/sys_vars/t/sysvars_star.test
@@ -15,7 +15,7 @@ set global low_priority_updates=1;
 install soname 'sql_errlog';
 
 vertical_results;
-replace_regex /\/.*\//var\//;
+replace_regex /(C:)?\/.*\//var\//;
 select * from information_schema.system_variables
   where variable_name in (
     'completion_type',                #session!=global, origin=compile-time
@@ -32,7 +32,7 @@ create user foo@localhost;
 connect foo,localhost,foo;
 select global_value_path from information_schema.system_variables where variable_name='plugin_maturity';
 connection default;
-replace_regex /\/.*\//var\//;
+replace_regex /(C:)?\/.*\//var\//;
 select global_value_path from information_schema.system_variables where variable_name='plugin_maturity';
 disconnect foo;
 drop user foo@localhost;
diff --git a/mysql-test/suite/vcol/r/partition.result b/mysql-test/suite/vcol/r/partition.result
index d7c5052b..74c1e3bf 100644
--- a/mysql-test/suite/vcol/r/partition.result
+++ b/mysql-test/suite/vcol/r/partition.result
@@ -101,3 +101,25 @@ partition pn values less than (maxvalue));
 insert into t1 (x, b) values (1, ''), (2, ''), (3, 'a'), (4, 'b');
 update t1 set b= 'bar' where x > 0 order by v limit 2;
 drop table t1;
+#
+# MDEV-28127 EXCHANGE PARTITION with non-matching vcol expression segfault
+#
+set @old_mode= @@sql_mode;
+set sql_mode='';
+create table t1 (a int, key(a)) partition by range (a) (partition p values less than (1));
+create table t (a int generated always as (1) virtual, key(a));
+alter table t1 exchange partition p with table t;
+ERROR HY000: Tables have different definitions
+create or replace table t (a int, key(a));
+alter table t1 exchange partition p with table t;
+create or replace table t1 (a int generated always as (1) virtual, key(a)) partition by range (a) (partition p values less than (1));
+create or replace table t (a int generated always as (1) virtual, key(a));
+alter table t1 exchange partition p with table t;
+create or replace table t (a int generated always as (1) stored, key(a));
+alter table t1 exchange partition p with table t;
+ERROR HY000: Tables have different definitions
+insert into t values (1);
+Warnings:
+Warning	1906	The value specified for generated column 'a' in table 't' has been ignored
+drop tables t1, t;
+set sql_mode= @old_mode;
diff --git a/mysql-test/suite/vcol/r/vcol_keys_myisam.result b/mysql-test/suite/vcol/r/vcol_keys_myisam.result
index 2e15c502..6b86d40e 100644
--- a/mysql-test/suite/vcol/r/vcol_keys_myisam.result
+++ b/mysql-test/suite/vcol/r/vcol_keys_myisam.result
@@ -418,3 +418,40 @@ create or replace table t2 (pk int, b int, c int as (b) virtual, primary key (pk
 insert into t2 (pk) select a from t1;
 ERROR 23000: Duplicate entry '1' for key 'PRIMARY'
 drop tables t1, t2;
+#
+# MDEV-23294 Segfault or assertion upon MyISAM repair
+#
+set @old_mode= @@sql_mode;
+set @old_myisam_repair_threads= @@myisam_repair_threads;
+set sql_mode='', myisam_repair_threads=2;
+create table t (a binary,b blob,c blob as (concat (a,b)),h char,index (c)) engine=innodb;
+Warnings:
+Warning	1286	Unknown storage engine 'innodb'
+Warning	1266	Using storage engine MyISAM for table 't'
+Note	1071	Specified key was too long; max key length is 1000 bytes
+insert into t values (0,0,default,0);
+create table ti like t;
+alter table ti engine=myisam;
+insert into ti select * from t;
+Warnings:
+Warning	1906	The value specified for generated column 'c' in table 'ti' has been ignored
+drop tables ti, t;
+create table t (id int,a varchar(1),b varchar(1),c varchar(1) generated always as (concat (a,b)),key(c)) engine=myisam;
+insert into t values (0,0,9687,0);
+Warnings:
+Warning	1265	Data truncated for column 'b' at row 1
+Warning	1906	The value specified for generated column 'c' in table 't' has been ignored
+Warning	1265	Data truncated for column 'c' at row 1
+repair table t quick;
+Table	Op	Msg_type	Msg_text
+test.t	repair	status	OK
+drop table t;
+create table t1 (b varchar(1024), c char(3), unique(b,c)) engine=myisam;
+insert into t1 values ('foo','baz');
+alter table t1 disable keys;
+set session myisam_repair_threads= 2;
+insert into t1 select 'qux';
+ERROR 21S01: Column count doesn't match value count at row 1
+drop table t1;
+set sql_mode= @old_mode;
+set myisam_repair_threads= @old_myisam_repair_threads;
diff --git a/mysql-test/suite/vcol/r/vcol_syntax.result b/mysql-test/suite/vcol/r/vcol_syntax.result
index 7725d59f..1c3a7566 100644
--- a/mysql-test/suite/vcol/r/vcol_syntax.result
+++ b/mysql-test/suite/vcol/r/vcol_syntax.result
@@ -238,3 +238,13 @@ Warning	1292	Incorrect datetime value: '1' for column `test`.`t`.`c2` at row 1
 Warning	1292	Incorrect datetime value: '0' for column `test`.`t`.`c2` at row 1
 drop trigger tr;
 drop table t;
+#
+# MDEV-29932 Invalid expr in cleanup_session_expr() upon INSERT DELAYED
+#
+create table t (f timestamp default from_unixtime(1), g timestamp as (from_unixtime(2)));
+insert delayed into t values ();
+flush table t;
+select unix_timestamp(f), unix_timestamp(g) from t;
+unix_timestamp(f)	unix_timestamp(g)
+1	2
+drop table t;
diff --git a/mysql-test/suite/vcol/t/partition.test b/mysql-test/suite/vcol/t/partition.test
index 408990b2..019618b0 100644
--- a/mysql-test/suite/vcol/t/partition.test
+++ b/mysql-test/suite/vcol/t/partition.test
@@ -78,3 +78,24 @@ partition by range columns (x) (
 insert into t1 (x, b) values (1, ''), (2, ''), (3, 'a'), (4, 'b');
 update t1 set b= 'bar' where x > 0 order by v limit 2;
 drop table t1;
+
+--echo #
+--echo # MDEV-28127 EXCHANGE PARTITION with non-matching vcol expression segfault
+--echo #
+set @old_mode= @@sql_mode;
+set sql_mode='';
+create table t1 (a int, key(a)) partition by range (a) (partition p values less than (1));
+create table t (a int generated always as (1) virtual, key(a));
+--error ER_TABLES_DIFFERENT_METADATA
+alter table t1 exchange partition p with table t;
+create or replace table t (a int, key(a));
+alter table t1 exchange partition p with table t;
+create or replace table t1 (a int generated always as (1) virtual, key(a)) partition by range (a) (partition p values less than (1));
+create or replace table t (a int generated always as (1) virtual, key(a));
+alter table t1 exchange partition p with table t;
+create or replace table t (a int generated always as (1) stored, key(a));
+--error ER_TABLES_DIFFERENT_METADATA
+alter table t1 exchange partition p with table t;
+insert into t values (1);
+drop tables t1, t;
+set sql_mode= @old_mode;
diff --git a/mysql-test/suite/vcol/t/vcol_keys_myisam.test b/mysql-test/suite/vcol/t/vcol_keys_myisam.test
index ab75703f..bc8fcbd2 100644
--- a/mysql-test/suite/vcol/t/vcol_keys_myisam.test
+++ b/mysql-test/suite/vcol/t/vcol_keys_myisam.test
@@ -313,3 +313,32 @@ create or replace table t2 (pk int, b int, c int as (b) virtual, primary key (pk
 --error ER_DUP_ENTRY
 insert into t2 (pk) select a from t1;
 drop tables t1, t2;
+
+--echo #
+--echo # MDEV-23294 Segfault or assertion upon MyISAM repair
+--echo #
+set @old_mode= @@sql_mode;
+set @old_myisam_repair_threads= @@myisam_repair_threads;
+set sql_mode='', myisam_repair_threads=2;
+create table t (a binary,b blob,c blob as (concat (a,b)),h char,index (c)) engine=innodb;
+insert into t values (0,0,default,0);
+create table ti like t;
+alter table ti engine=myisam;
+insert into ti select * from t;
+drop tables ti, t;
+
+create table t (id int,a varchar(1),b varchar(1),c varchar(1) generated always as (concat (a,b)),key(c)) engine=myisam;
+insert into t values (0,0,9687,0);
+repair table t quick;
+drop table t;
+
+create table t1 (b varchar(1024), c char(3), unique(b,c)) engine=myisam;
+insert into t1 values ('foo','baz');
+alter table t1 disable keys;
+set session myisam_repair_threads= 2;
+--error ER_WRONG_VALUE_COUNT_ON_ROW
+insert into t1 select 'qux';
+# cleanup
+drop table t1;
+set sql_mode= @old_mode;
+set myisam_repair_threads= @old_myisam_repair_threads;
diff --git a/mysql-test/suite/vcol/t/vcol_syntax.test b/mysql-test/suite/vcol/t/vcol_syntax.test
index c26c4897..4f6130a9 100644
--- a/mysql-test/suite/vcol/t/vcol_syntax.test
+++ b/mysql-test/suite/vcol/t/vcol_syntax.test
@@ -187,3 +187,13 @@ insert into t values (1, 1, 1);
 
 drop trigger tr;
 drop table t;
+
+--echo #
+--echo # MDEV-29932 Invalid expr in cleanup_session_expr() upon INSERT DELAYED
+--echo #
+create table t (f timestamp default from_unixtime(1), g timestamp as (from_unixtime(2)));
+insert delayed into t values ();
+flush table t;
+select unix_timestamp(f), unix_timestamp(g) from t;
+# Cleanup
+drop table t;
diff --git a/mysql-test/suite/versioning/r/alter.result b/mysql-test/suite/versioning/r/alter.result
index 9751f7c7..b3c342fd 100644
--- a/mysql-test/suite/versioning/r/alter.result
+++ b/mysql-test/suite/versioning/r/alter.result
@@ -787,6 +787,68 @@ modify row_start varchar(8);
 ERROR HY000: PERIOD FOR SYSTEM_TIME must use columns `row_start` and `row_end`
 drop table t1;
 #
+# MDEV-20545 Assertion (col.vers_sys_end()) upon inplace ALTER with virtual columns
+#
+create table t1 (
+a int,
+va int as (a) virtual,
+b int,
+vb int as (b) virtual,
+c int,
+vc int as (c) virtual,
+d int,
+e int,
+index(va)
+) engine=innodb with system versioning;
+replace into t1 () values (),();
+set statement system_versioning_alter_history=keep for alter table t1 drop e;
+alter table t1 algorithm=inplace, drop system versioning;
+drop table t1;
+#
+# MDEV-20765 Assertion (type.vers_sys_end()) upon inplace ALTER with virtual columns
+#
+create table t1 (
+a int,
+b int as (a) virtual,
+c int,
+d int as (c) virtual,
+e int,
+f int as (e) virtual,
+g int,
+h int,
+i int,
+index(d),
+key(h),
+foreign key (g) references t1 (h)
+) engine=innodb with system versioning;
+set system_versioning_alter_history= keep;
+alter table t1 drop column i;
+insert into t1 (g,h) values (1,1);
+drop table t1;
+#
+# MDEV-29034 Assertion (o->ind == vers_start) upon inplace ALTER with virtual columns
+#
+create table b (
+pk integer auto_increment,
+col_int_key integer,
+col_varchar_key varchar(1),
+o bit, n bit,
+h float as ( n + 2 ) virtual,
+v bit,
+primary key (pk),
+key (col_varchar_key, col_int_key)
+) engine = innodb;
+set `system_versioning_alter_history`= keep;
+alter table `b` add system versioning;
+alter table `b` add column if not exists ( w bit, v serial );
+Warnings:
+Note	1060	Duplicate column name 'v'
+alter table `b` add column if not exists ( p bit );
+drop table `b`;
+#
+# End of 10.4 tests
+#
+#
 # MDEV-21941 RENAME doesn't work for system time or period fields
 #
 create or replace table t1 (a int) with system versioning;
@@ -809,4 +871,6 @@ t1	CREATE TABLE `t1` (
   PERIOD FOR SYSTEM_TIME (`x`, `y`)
 ) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci WITH SYSTEM VERSIONING
 drop table t1;
+#
 # End of 10.5 tests
+#
diff --git a/mysql-test/suite/versioning/r/delete_history.result b/mysql-test/suite/versioning/r/delete_history.result
index 4e8c6f8b..d2ebcd72 100644
--- a/mysql-test/suite/versioning/r/delete_history.result
+++ b/mysql-test/suite/versioning/r/delete_history.result
@@ -193,7 +193,7 @@ drop table t1;
 # MDEV-25004 Missing row in FTS_DOC_ID_INDEX during DELETE HISTORY
 #
 create table t1 (a integer, c0 varchar(255), fulltext key (c0))
-with system versioning engine innodb;
+with system versioning engine innodb stats_persistent=0;
 set system_versioning_alter_history= keep;
 alter table t1 drop system versioning;
 alter table t1 add system versioning;
@@ -203,7 +203,7 @@ InnoDB		0 transactions not purged
 delete history from t1;
 drop table t1;
 create table t1 (id int primary key, ftx varchar(255))
-with system versioning engine innodb;
+with system versioning engine innodb stats_persistent=0;
 insert into t1 values (1, 'c');
 delete from t1;
 alter table t1 add fulltext key(ftx);
diff --git a/mysql-test/suite/versioning/r/select.result b/mysql-test/suite/versioning/r/select.result
index 90c99d1b..714455b6 100644
--- a/mysql-test/suite/versioning/r/select.result
+++ b/mysql-test/suite/versioning/r/select.result
@@ -443,7 +443,7 @@ create or replace table t1 (x int) with system versioning;
 select * from t1 for system_time as of current_timestamp;
 x
 select * from t1 for system_time as of now;
-ERROR 42S22: Unknown column 'now' in 'FOR SYSTEM_TIME'
+ERROR HY000: Illegal parameter data type now for operation 'FOR SYSTEM_TIME'
 ### Issue #405, NATURAL JOIN failure
 create or replace table t1 (a int) with system versioning;
 create or replace table t2 (b int);
@@ -708,3 +708,12 @@ No	A	B	C	D
 33	1	1	1	1
 34	1	1	1	1
 SET GLOBAL innodb_stats_persistent = @saved_stats_persistent;
+#
+# MDEV-32082 Server crash in find_field_in_table
+#
+create table t0 (c0 int) with system versioning;
+select x0 from (
+select c0 x0 from t0
+) for system_time as of nowasdf deriv;
+ERROR HY000: Illegal parameter data type nowasdf for operation 'FOR SYSTEM_TIME'
+drop table t0;
diff --git a/mysql-test/suite/versioning/t/alter.test b/mysql-test/suite/versioning/t/alter.test
index 61653550..44f52ddf 100644
--- a/mysql-test/suite/versioning/t/alter.test
+++ b/mysql-test/suite/versioning/t/alter.test
@@ -680,6 +680,71 @@ alter table t1
 # cleanup
 drop table t1;
 
+--echo #
+--echo # MDEV-20545 Assertion (col.vers_sys_end()) upon inplace ALTER with virtual columns
+--echo #
+create table t1 (
+    a int,
+    va int as (a) virtual,
+    b int,
+    vb int as (b) virtual,
+    c int,
+    vc int as (c) virtual,
+    d int,
+    e int,
+    index(va)
+) engine=innodb with system versioning;
+replace into t1 () values (),();
+set statement system_versioning_alter_history=keep for alter table t1 drop e;
+alter table t1 algorithm=inplace, drop system versioning;
+# cleanup
+drop table t1;
+
+--echo #
+--echo # MDEV-20765 Assertion (type.vers_sys_end()) upon inplace ALTER with virtual columns
+--echo #
+create table t1 (
+    a int,
+    b int as (a) virtual,
+    c int,
+    d int as (c) virtual,
+    e int,
+    f int as (e) virtual,
+    g int,
+    h int,
+    i int,
+    index(d),
+    key(h),
+    foreign key (g) references t1 (h)
+) engine=innodb with system versioning;
+set system_versioning_alter_history= keep;
+alter table t1 drop column i;
+insert into t1 (g,h) values (1,1);
+# cleanup
+drop table t1;
+
+--echo #
+--echo # MDEV-29034 Assertion (o->ind == vers_start) upon inplace ALTER with virtual columns
+--echo #
+create table b (
+    pk integer auto_increment,
+    col_int_key integer,
+    col_varchar_key varchar(1),
+    o bit, n bit,
+    h float as ( n + 2 ) virtual,
+    v bit,
+    primary key (pk),
+    key (col_varchar_key, col_int_key)
+) engine = innodb;
+set `system_versioning_alter_history`= keep;
+alter table `b` add system versioning;
+alter table `b` add column if not exists ( w bit, v serial );
+alter table `b` add column if not exists ( p bit );
+drop table `b`;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
 
 --echo #
 --echo # MDEV-21941 RENAME doesn't work for system time or period fields
@@ -702,4 +767,6 @@ show create table t1;
 # cleanup
 drop table t1;
 
+--echo #
 --echo # End of 10.5 tests
+--echo #
diff --git a/mysql-test/suite/versioning/t/delete_history.test b/mysql-test/suite/versioning/t/delete_history.test
index f82fe9bd..66c28568 100644
--- a/mysql-test/suite/versioning/t/delete_history.test
+++ b/mysql-test/suite/versioning/t/delete_history.test
@@ -195,7 +195,7 @@ drop table t1;
 --echo # MDEV-25004 Missing row in FTS_DOC_ID_INDEX during DELETE HISTORY
 --echo #
 create table t1 (a integer, c0 varchar(255), fulltext key (c0))
-with system versioning engine innodb;
+with system versioning engine innodb stats_persistent=0;
 set system_versioning_alter_history= keep;
 alter table t1 drop system versioning;
 alter table t1 add system versioning;
@@ -206,7 +206,7 @@ delete history from t1;
 drop table t1;
 
 create table t1 (id int primary key, ftx varchar(255))
-with system versioning engine innodb;
+with system versioning engine innodb stats_persistent=0;
 insert into t1 values (1, 'c');
 delete from t1;
 alter table t1 add fulltext key(ftx);
diff --git a/mysql-test/suite/versioning/t/select.test b/mysql-test/suite/versioning/t/select.test
index 9142a8fa..5603d1a3 100644
--- a/mysql-test/suite/versioning/t/select.test
+++ b/mysql-test/suite/versioning/t/select.test
@@ -314,7 +314,7 @@ select * from t1 where (a, 2) in ((1, 1), (2, 2)) and b = 1;
 --echo ### Issue #398, NOW is now non-magic
 create or replace table t1 (x int) with system versioning;
 select * from t1 for system_time as of current_timestamp;
---error ER_BAD_FIELD_ERROR
+--error ER_ILLEGAL_PARAMETER_DATA_TYPE_FOR_OPERATION
 select * from t1 for system_time as of now;
 
 --echo ### Issue #405, NATURAL JOIN failure
@@ -487,4 +487,14 @@ call verify_trt_dummy(34);
 
 SET GLOBAL innodb_stats_persistent = @saved_stats_persistent;
 
+--echo #
+--echo # MDEV-32082 Server crash in find_field_in_table
+--echo #
+create table t0 (c0 int) with system versioning;
+--error ER_ILLEGAL_PARAMETER_DATA_TYPE_FOR_OPERATION
+select x0 from (
+  select c0 x0 from t0
+) for system_time as of nowasdf deriv;
+drop table t0;
+
 -- source suite/versioning/common_finish.inc
diff --git a/mysql-test/suite/wsrep/disabled.def b/mysql-test/suite/wsrep/disabled.def
index 991109d7..f4145211 100644
--- a/mysql-test/suite/wsrep/disabled.def
+++ b/mysql-test/suite/wsrep/disabled.def
@@ -11,7 +11,3 @@
 ##############################################################################
 
 
-mdev_6832: wsrep_provider is read-only for security reasons
-MDEV-23092: wsrep_provider is read-only for security reasons
-wsrep_variables_no_provider: wsrep_provider is read-only for security reasons
-MDEV-22443: it is no longer allowed enable wsrep_on if wsrep_provider is 'none'
diff --git a/mysql-test/suite/wsrep/r/MDEV-22443.result b/mysql-test/suite/wsrep/r/MDEV-22443.result
deleted file mode 100644
index ea07cbec..00000000
--- a/mysql-test/suite/wsrep/r/MDEV-22443.result
+++ /dev/null
@@ -1,3 +0,0 @@
-SET SESSION wsrep_sync_wait=15;
-SET SESSION wsrep_on=1;
-START TRANSACTION READ WRITE;
diff --git a/mysql-test/suite/wsrep/r/MDEV-23092.result b/mysql-test/suite/wsrep/r/MDEV-23092.result
deleted file mode 100644
index d88aacf7..00000000
--- a/mysql-test/suite/wsrep/r/MDEV-23092.result
+++ /dev/null
@@ -1,13 +0,0 @@
-SET COLLATION_CONNECTION='utf16le_bin';
-SET GLOBAL wsrep_provider='/invalid/path/libgalera_smm.so';
-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of '/'
-SET GLOBAL wsrep_cluster_address='OFF';
-SET GLOBAL wsrep_slave_threads=10;
-SELECT 1;
-1
-1
-SET GLOBAL wsrep_cluster_address='gcomm://';
-SET GLOBAL wsrep_slave_threads=DEFAULT;
-CALL mtr.add_suppression("wsrep_load()");
-CALL mtr.add_suppression("Failed to create a new provider");
-CALL mtr.add_suppression("Failed to load provider");
diff --git a/mysql-test/suite/wsrep/r/mdev_6832.result b/mysql-test/suite/wsrep/r/mdev_6832.result
deleted file mode 100644
index 43894a6e..00000000
--- a/mysql-test/suite/wsrep/r/mdev_6832.result
+++ /dev/null
@@ -1,11 +0,0 @@
-#
-# MDEV-6832: ER_LOCK_WAIT_TIMEOUT on SHOW STATUS
-#
-SHOW STATUS LIKE 'wsrep_ready';
-Variable_name	Value
-wsrep_ready	ON
-SHOW STATUS LIKE 'wsrep_ready';
-Variable_name	Value
-wsrep_ready	OFF
-SET @@global.wsrep_cluster_address='gcomm://';
-# End of test.
diff --git a/mysql-test/suite/wsrep/r/wsrep_variables_no_provider.result b/mysql-test/suite/wsrep/r/wsrep_variables_no_provider.result
deleted file mode 100644
index ad35dc8d..00000000
--- a/mysql-test/suite/wsrep/r/wsrep_variables_no_provider.result
+++ /dev/null
@@ -1,44 +0,0 @@
-SELECT @@wsrep_on;
-@@wsrep_on
-1
-SET @wsrep_slave_threads_global_saved = @@global.wsrep_slave_threads;
-SET @wsrep_debug_saved = @@global.wsrep_debug;
-SET @wsrep_provider_options_saved= @@global.wsrep_provider_options;
-SET @wsrep_cluster_address_saved= @@global.wsrep_cluster_address;
-SET GLOBAL wsrep_provider=none;
-SET SESSION wsrep_trx_fragment_size=DEFAULT;
-ERROR HY000: Incorrect arguments to SET
-SELECT @@session.wsrep_trx_fragment_size;
-@@session.wsrep_trx_fragment_size
-0
-SET GLOBAL wsrep_start_position='12345678-1234-1234-1234-123456789012:100';
-ERROR 42000: Variable 'wsrep_start_position' can't be set to the value of '12345678-1234-1234-1234-123456789012:100'
-SHOW WARNINGS;
-Level	Code	Message
-Warning	1231	Cannot set 'wsrep_start_position' because wsrep is switched off or provider is not loaded
-Error	1231	Variable 'wsrep_start_position' can't be set to the value of '12345678-1234-1234-1234-123456789012:100'
-SELECT @@global.wsrep_start_position;
-@@global.wsrep_start_position
-00000000-0000-0000-0000-000000000000:-1
-SET GLOBAL wsrep_debug=1;
-Warnings:
-Warning	1231	Setting 'wsrep_debug' has no effect because wsrep is switched off
-SELECT @@global.wsrep_debug;
-@@global.wsrep_debug
-NONE
-SET GLOBAL wsrep_slave_threads=5;
-SELECT @@global.wsrep_slave_threads;
-@@global.wsrep_slave_threads
-5
-SET GLOBAL wsrep_desync=1;
-ERROR HY000: WSREP (galera) not started
-SELECT @@global.wsrep_desync;
-@@global.wsrep_desync
-0
-SET SESSION wsrep_trx_fragment_unit='rows';
-ERROR HY000: Incorrect arguments to SET
-SELECT @@session.wsrep_trx_fragment_unit;
-@@session.wsrep_trx_fragment_unit
-rows
-SET @@global.wsrep_slave_threads = @wsrep_slave_threads_global_saved;
-SET @@global.wsrep_debug = @wsrep_debug_saved;
diff --git a/mysql-test/suite/wsrep/t/MDEV-22443.cnf b/mysql-test/suite/wsrep/t/MDEV-22443.cnf
deleted file mode 100644
index 851f2999..00000000
--- a/mysql-test/suite/wsrep/t/MDEV-22443.cnf
+++ /dev/null
@@ -1,8 +0,0 @@
-!include ../my.cnf
-
-[mysqld.1]
-wsrep-on=OFF
-binlog-format=ROW
-wsrep-provider=none
-wsrep-cluster-address='gcomm://'
-innodb_autoinc_lock_mode=2
diff --git a/mysql-test/suite/wsrep/t/MDEV-22443.test b/mysql-test/suite/wsrep/t/MDEV-22443.test
deleted file mode 100644
index 674cb5ae..00000000
--- a/mysql-test/suite/wsrep/t/MDEV-22443.test
+++ /dev/null
@@ -1,12 +0,0 @@
-#
-# MDEV-22443: terminate called after throwing an instance of
-# 'wsrep::runtime_error' in std::terminate on START TRANSACTION
-#
-
---source include/have_innodb.inc
---source include/have_wsrep.inc
---source include/have_binlog_format_row.inc
-
-SET SESSION wsrep_sync_wait=15;
-SET SESSION wsrep_on=1;
-START TRANSACTION READ WRITE;
diff --git a/mysql-test/suite/wsrep/t/MDEV-23092.cnf b/mysql-test/suite/wsrep/t/MDEV-23092.cnf
deleted file mode 100644
index 851f2999..00000000
--- a/mysql-test/suite/wsrep/t/MDEV-23092.cnf
+++ /dev/null
@@ -1,8 +0,0 @@
-!include ../my.cnf
-
-[mysqld.1]
-wsrep-on=OFF
-binlog-format=ROW
-wsrep-provider=none
-wsrep-cluster-address='gcomm://'
-innodb_autoinc_lock_mode=2
diff --git a/mysql-test/suite/wsrep/t/MDEV-23092.test b/mysql-test/suite/wsrep/t/MDEV-23092.test
deleted file mode 100644
index 92a6e392..00000000
--- a/mysql-test/suite/wsrep/t/MDEV-23092.test
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# MDEV-23092: SIGABRT in wsrep::server_state::provider when setting
-# invalid wsrep_provider (on optimized builds)
-#
-
---source include/have_innodb.inc
---source include/have_wsrep.inc
---source include/have_binlog_format_row.inc
-
-SET COLLATION_CONNECTION='utf16le_bin';
---error 1231
-SET GLOBAL wsrep_provider='/invalid/path/libgalera_smm.so';
-SET GLOBAL wsrep_cluster_address='OFF';
-SET GLOBAL wsrep_slave_threads=10;
-SELECT 1;
-
-SET GLOBAL wsrep_cluster_address='gcomm://';
-SET GLOBAL wsrep_slave_threads=DEFAULT;
-
-CALL mtr.add_suppression("wsrep_load()");
-CALL mtr.add_suppression("Failed to create a new provider");
-CALL mtr.add_suppression("Failed to load provider");
diff --git a/mysql-test/suite/wsrep/t/mdev_6832.cnf b/mysql-test/suite/wsrep/t/mdev_6832.cnf
deleted file mode 100644
index 0bf01f81..00000000
--- a/mysql-test/suite/wsrep/t/mdev_6832.cnf
+++ /dev/null
@@ -1,7 +0,0 @@
-!include ../my.cnf
-
-[mysqld.1]
-wsrep-on=ON
-wsrep-provider=@ENV.WSREP_PROVIDER
-wsrep-cluster-address=gcomm://
-
diff --git a/mysql-test/suite/wsrep/t/mdev_6832.test b/mysql-test/suite/wsrep/t/mdev_6832.test
deleted file mode 100644
index d5303ce3..00000000
--- a/mysql-test/suite/wsrep/t/mdev_6832.test
+++ /dev/null
@@ -1,17 +0,0 @@
---source include/have_innodb.inc
---source include/have_wsrep_provider.inc
---source include/have_binlog_format_row.inc
-
---echo #
---echo # MDEV-6832: ER_LOCK_WAIT_TIMEOUT on SHOW STATUS
---echo #
-
-SHOW STATUS LIKE 'wsrep_ready';
---disable_query_log
-eval SET @@global.wsrep_provider='$WSREP_PROVIDER';
---enable_query_log
-SHOW STATUS LIKE 'wsrep_ready';
-SET @@global.wsrep_cluster_address='gcomm://';
---let $wait_condition = SELECT VARIABLE_VALUE = 'ON' FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_ready';
---source include/wait_condition.inc
---echo # End of test.
diff --git a/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.cnf b/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.cnf
deleted file mode 100644
index b73146d2..00000000
--- a/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.cnf
+++ /dev/null
@@ -1,12 +0,0 @@
-# Use default setting for mysqld processes
-!include include/default_mysqld.cnf
-
-[mysqld.1]
-wsrep-on=ON
-binlog-format=ROW
-wsrep-provider=@ENV.WSREP_PROVIDER
-wsrep-cluster-address='gcomm://'
-#galera_port=@OPT.port
-#ist_port=@OPT.port
-#sst_port=@OPT.port
-
diff --git a/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.test b/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.test
deleted file mode 100644
index b44c9c5e..00000000
--- a/mysql-test/suite/wsrep/t/wsrep_variables_no_provider.test
+++ /dev/null
@@ -1,38 +0,0 @@
---source include/have_wsrep.inc
---source include/have_innodb.inc
-
-SELECT @@wsrep_on;
-
-SET @wsrep_slave_threads_global_saved = @@global.wsrep_slave_threads;
-SET @wsrep_debug_saved = @@global.wsrep_debug;
-SET @wsrep_provider_options_saved= @@global.wsrep_provider_options;
-SET @wsrep_cluster_address_saved= @@global.wsrep_cluster_address;
-
-SET GLOBAL wsrep_provider=none;
-
---error ER_WRONG_ARGUMENTS
-SET SESSION wsrep_trx_fragment_size=DEFAULT;
-SELECT @@session.wsrep_trx_fragment_size;
---error ER_WRONG_VALUE_FOR_VAR
-SET GLOBAL wsrep_start_position='12345678-1234-1234-1234-123456789012:100';
-SHOW WARNINGS;
-SELECT @@global.wsrep_start_position;
-SET GLOBAL wsrep_debug=1;
-SELECT @@global.wsrep_debug;
-SET GLOBAL wsrep_slave_threads=5;
-SELECT @@global.wsrep_slave_threads;
---error ER_WRONG_ARGUMENTS
-SET GLOBAL wsrep_desync=1;
-SELECT @@global.wsrep_desync;
---error ER_WRONG_ARGUMENTS
-SET SESSION wsrep_trx_fragment_unit='rows';
-SELECT @@session.wsrep_trx_fragment_unit;
-
---disable_query_log
-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER';
-SET GLOBAL wsrep_cluster_address= @wsrep_cluster_address_saved;
-SET GLOBAL wsrep_provider_options= @wsrep_provider_options_saved;
---source include/galera_wait_ready.inc
-SET @@global.wsrep_slave_threads = @wsrep_slave_threads_global_saved;
-SET @@global.wsrep_debug = @wsrep_debug_saved;
---enable_query_log
diff --git a/mysql-test/valgrind.supp b/mysql-test/valgrind.supp
index 9127bb1f..54a8b60f 100644
--- a/mysql-test/valgrind.supp
+++ b/mysql-test/valgrind.supp
@@ -687,6 +687,16 @@
 {
   ConnectSE: unixODBC SQLAllocEnv leaves some "still reachable" pointers
   Memcheck:Leak
+   fun:malloc
+   fun:strdup
+   ...
+   obj:*/libodbc.so*
+   fun:_ZN7ODBConn12AllocConnectEj
+}
+
+{
+  ConnectSE: unixODBC SQLAllocEnv leaves some "still reachable" pointers
+  Memcheck:Leak
    fun:calloc
    ...
    obj:*/libodbc.so*
@@ -694,6 +704,15 @@
 }
 
 {
+  ConnectSE: unixODBC SQLAllocEnv leaves some "still reachable" pointers
+  Memcheck:Leak
+   fun:calloc
+   ...
+   obj:*/libodbc.so*
+   fun:_ZN7ODBConn12AllocConnectEj
+}
+
+{
   ConnectSE: unixODBC SQLAllocEnv leavs some "still reachable" pointers
   Memcheck:Leak
   fun:malloc
diff --git a/mysys/my_alloc.c b/mysys/my_alloc.c
index eff5a031..22ec265e 100644
--- a/mysys/my_alloc.c
+++ b/mysys/my_alloc.c
@@ -28,21 +28,16 @@
 #undef EXTRA_DEBUG
 #define EXTRA_DEBUG
 
-#ifndef DBUG_OFF
-/* Put a protected barrier after every element when using multi_alloc_root() */
-#define ALLOC_BARRIER
-#endif
+#define ROOT_FLAG_THREAD_SPECIFIC 1
+#define ROOT_FLAG_MPROTECT        2
+#define ROOT_FLAG_READ_ONLY       4
 
 /* data packed in MEM_ROOT -> min_malloc */
 
 /* Don't allocate too small blocks */
 #define ROOT_MIN_BLOCK_SIZE 256
 
-/* bits in MEM_ROOT->flags */
-#define ROOT_FLAG_THREAD_SPECIFIC 1
-#define ROOT_FLAG_MPROTECT        2
-
-#define MALLOC_FLAG(R) MYF((R)->flags & ROOT_FLAG_THREAD_SPECIFIC ? THREAD_SPECIFIC : 0)
+#define MALLOC_FLAG(root) (((root)->flags & ROOT_FLAG_THREAD_SPECIFIC) ? MY_THREAD_SPECIFIC : 0)
 
 #define TRASH_MEM(X) TRASH_FREE(((char*)(X) + ((X)->size-(X)->left)), (X)->left)
 
@@ -69,8 +64,7 @@ static void *root_alloc(MEM_ROOT *root, size_t size, size_t *alloced_size,
 #endif /* HAVE_MMAP */
 
   return my_malloc(root->psi_key, size,
-		   my_flags | MYF(root->flags & ROOT_FLAG_THREAD_SPECIFIC ?
-				  MY_THREAD_SPECIFIC : 0));
+		   my_flags | MALLOC_FLAG(root));
 }
 
 static void root_free(MEM_ROOT *root, void *ptr, size_t size)
@@ -172,9 +166,6 @@ void init_alloc_root(PSI_memory_key key, MEM_ROOT *mem_root, size_t block_size,
   mem_root->block_num= 4;			/* We shift this with >>2 */
   mem_root->first_block_usage= 0;
   mem_root->psi_key= key;
-#ifdef PROTECT_STATEMENT_MEMROOT
-  mem_root->read_only= 0;
-#endif
 
 #if !(defined(HAVE_valgrind) && defined(EXTRA_DEBUG))
   if (pre_alloc_size)
@@ -281,10 +272,7 @@ void *alloc_root(MEM_ROOT *mem_root, size_t length)
   DBUG_ENTER("alloc_root");
   DBUG_PRINT("enter",("root: %p", mem_root));
   DBUG_ASSERT(alloc_root_inited(mem_root));
-
-#ifdef PROTECT_STATEMENT_MEMROOT
-  DBUG_ASSERT(mem_root->read_only == 0);
-#endif
+  DBUG_ASSERT((mem_root->flags & ROOT_FLAG_READ_ONLY) == 0);
 
   DBUG_EXECUTE_IF("simulate_out_of_memory",
 		  {
@@ -300,9 +288,7 @@ void *alloc_root(MEM_ROOT *mem_root, size_t length)
     length+= ALIGN_SIZE(sizeof(USED_MEM));
     if (!(next = (USED_MEM*) my_malloc(mem_root->psi_key, length,
 				       MYF(MY_WME | ME_FATAL |
-					   (mem_root->flags &
-                                            ROOT_FLAG_THREAD_SPECIFIC ?
-                                           MY_THREAD_SPECIFIC : 0)))))
+					   MALLOC_FLAG(mem_root)))))
     {
       if (mem_root->error_handler)
 	(*mem_root->error_handler)();
@@ -410,7 +396,7 @@ void *multi_alloc_root(MEM_ROOT *root, ...)
   {
     length= va_arg(args, uint);
     tot_length+= ALIGN_SIZE(length);
-#ifdef ALLOC_BARRIER
+#ifndef DBUG_OFF
     tot_length+= ALIGN_SIZE(1);
 #endif
   }
@@ -426,7 +412,7 @@ void *multi_alloc_root(MEM_ROOT *root, ...)
     *ptr= res;
     length= va_arg(args, uint);
     res+= ALIGN_SIZE(length);
-#ifdef ALLOC_BARRIER
+#ifndef DBUG_OFF
     TRASH_FREE(res, ALIGN_SIZE(1));
     res+= ALIGN_SIZE(1);
 #endif
@@ -560,6 +546,28 @@ void set_prealloc_root(MEM_ROOT *root, char *ptr)
   }
 }
 
+/*
+  Move allocated objects from one root to another.
+
+  Notes:
+  We do not increase 'to->block_num' here as the variable isused to
+  increase block sizes in case of many allocations. This is special
+  case where this is not needed to take into account
+*/
+
+void move_root(MEM_ROOT *to, MEM_ROOT *from)
+{
+  USED_MEM *block, *next;
+  for (block= from->used; block ; block= next)
+  {
+    next= block->next;
+    block->next= to->used;
+    to->used= block;
+  }
+  from->used= 0;
+}
+
+
 
 /*
   Remember last MEM_ROOT block.
diff --git a/mysys/safemalloc.c b/mysys/safemalloc.c
index edfe3b18..2fc34a92 100644
--- a/mysys/safemalloc.c
+++ b/mysys/safemalloc.c
@@ -70,7 +70,7 @@ struct st_irem
   uint32 marker;               /* Underrun marker value           */
 };
 
-static int    sf_malloc_count= 0;              /* Number of allocated chunks */
+static uint   sf_malloc_count= 0;              /* Number of allocated chunks */
 
 static void  *sf_min_adress= (void*) (intptr)~0ULL,
              *sf_max_adress= 0;
@@ -362,7 +362,7 @@ int sf_sanity()
 {
   struct st_irem *irem;
   int flag= 0;
-  int count= 0;
+  uint count= 0;
 
   pthread_mutex_lock(&sf_mutex);
   count= sf_malloc_count;
@@ -387,6 +387,7 @@ void sf_report_leaked_memory(my_thread_id id)
 {
   size_t total= 0;
   struct st_irem *irem;
+  uint first= 0, chunks= 0;
 
   sf_sanity();
 
@@ -398,15 +399,18 @@ void sf_report_leaked_memory(my_thread_id id)
     {
       my_thread_id tid = irem->thread_id && irem->flags & MY_THREAD_SPECIFIC ?
                          irem->thread_id : 0;
+      if (!first++)
+        fprintf(stderr, "Memory report from safemalloc\n");
       fprintf(stderr, "Warning: %4lu bytes lost at %p, allocated by T@%llu at ",
               (ulong) irem->datasize, (char*) (irem + 1), tid);
       print_stack(irem->frame);
       total+= irem->datasize;
+      chunks++;
     }
   }
   if (total)
-    fprintf(stderr, "Memory lost: %lu bytes in %d chunks\n",
-            (ulong) total, sf_malloc_count);
+    fprintf(stderr, "Memory lost: %lu bytes in %u chunks of %u total chunks\n",
+            (ulong) total, chunks, sf_malloc_count);
   return;
 }
 
diff --git a/mysys/thr_alarm.c b/mysys/thr_alarm.c
index b98775e1..4e2db203 100644
--- a/mysys/thr_alarm.c
+++ b/mysys/thr_alarm.c
@@ -786,7 +786,6 @@ int main(int argc __attribute__((unused)),char **argv __attribute__((unused)))
   mysql_mutex_unlock(&LOCK_thread_count);
   DBUG_PRINT("info",("signal thread created"));
 
-  thr_setconcurrency(3);
   pthread_attr_setscope(&thr_attr,PTHREAD_SCOPE_PROCESS);
   printf("Main thread: %s\n",my_thread_name());
   for (i=0 ; i < 2 ; i++)
diff --git a/mysys/thr_lock.c b/mysys/thr_lock.c
index c1ec0623..214ff01b 100644
--- a/mysys/thr_lock.c
+++ b/mysys/thr_lock.c
@@ -1784,9 +1784,6 @@ int main(int argc __attribute__((unused)),char **argv __attribute__((unused)))
     exit(1);
   }
 #endif
-#ifdef HAVE_THR_SETCONCURRENCY
-  (void) thr_setconcurrency(2);
-#endif
   for (i=0 ; i < array_elements(lock_counts) ; i++)
   {
     param[i]= i;
diff --git a/mysys/thr_mutex.c b/mysys/thr_mutex.c
index aca1c1f7..8714a7a6 100644
--- a/mysys/thr_mutex.c
+++ b/mysys/thr_mutex.c
@@ -667,6 +667,7 @@ void safe_mutex_free_deadlock_data(safe_mutex_t *mp)
     my_hash_free(mp->used_mutex);
     my_hash_free(mp->locked_mutex);
     my_free(mp->locked_mutex);
+    mp->locked_mutex= 0;
     mp->create_flags|= MYF_NO_DEADLOCK_DETECTION;
   }
 }
diff --git a/mysys/thr_timer.c b/mysys/thr_timer.c
index f87c1f75..d3627fea 100644
--- a/mysys/thr_timer.c
+++ b/mysys/thr_timer.c
@@ -533,7 +533,6 @@ static void run_test()
   mysql_mutex_init(0, &LOCK_thread_count, MY_MUTEX_INIT_FAST);
   mysql_cond_init(0, &COND_thread_count, NULL);
 
-  thr_setconcurrency(3);
   pthread_attr_init(&thr_attr);
   pthread_attr_setscope(&thr_attr,PTHREAD_SCOPE_PROCESS);
   printf("Main thread: %s\n",my_thread_name());
diff --git a/plugin/auth_pam/auth_pam.c b/plugin/auth_pam/auth_pam.c
index ffcfa019..86220f48 100644
--- a/plugin/auth_pam/auth_pam.c
+++ b/plugin/auth_pam/auth_pam.c
@@ -22,6 +22,7 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <spawn.h>
+#include <my_global.h>
 #include <mysql/plugin_auth.h>
 #include "auth_pam_tool.h"
 
diff --git a/plugin/auth_pam/testing/pam_mariadb_mtr.c b/plugin/auth_pam/testing/pam_mariadb_mtr.c
index 108aeb94..de34f5d8 100644
--- a/plugin/auth_pam/testing/pam_mariadb_mtr.c
+++ b/plugin/auth_pam/testing/pam_mariadb_mtr.c
@@ -10,8 +10,8 @@
 
 #include <stdlib.h>
 #include <string.h>
-#include <security/pam_modules.h>
 #include <security/pam_appl.h>
+#include <security/pam_modules.h>
 
 #define N 3
 
diff --git a/plugin/disks/CMakeLists.txt b/plugin/disks/CMakeLists.txt
index 4e40842c..408a4324 100644
--- a/plugin/disks/CMakeLists.txt
+++ b/plugin/disks/CMakeLists.txt
@@ -4,7 +4,8 @@ CHECK_SYMBOL_EXISTS (getmntent "mntent.h" HAVE_GETMNTENT)
 CHECK_SYMBOL_EXISTS (getmntent "sys/mnttab.h" HAVE_GETMNTENT_IN_SYS_MNTAB)
 CHECK_SYMBOL_EXISTS (setmntent "mntent.h" HAVE_SETMNTENT)
 CHECK_SYMBOL_EXISTS (getmntinfo "sys/types.h;sys/mount.h" HAVE_GETMNTINFO)
-CHECK_SYMBOL_EXISTS (getmntinfo64 "sys/types.h;sys/mount.h" HAVE_GETMNTINFO64)
+
+CHECK_INCLUDE_FILES (sys/mntent.h HAVE_SYS_MNTENT_H)
 
 IF (HAVE_GETMNTINFO)
 CHECK_CXX_SOURCE_COMPILES("
@@ -18,7 +19,7 @@ int main()
   " HAVE_GETMNTINFO_TAKES_statvfs)
 ENDIF()
 IF (HAVE_GETMNTENT OR HAVE_GETMNTENT_IN_SYS_MNTAB OR
-    HAVE_GETMNTINFO OR HAVE_GETMNTINFO64)
+    HAVE_GETMNTINFO)
   INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql)
   MYSQL_ADD_PLUGIN(DISKS information_schema_disks.cc MODULE_ONLY RECOMPILE_FOR_EMBEDDED)
 ENDIF()
diff --git a/plugin/disks/information_schema_disks.cc b/plugin/disks/information_schema_disks.cc
index 15e26dad..01df3259 100644
--- a/plugin/disks/information_schema_disks.cc
+++ b/plugin/disks/information_schema_disks.cc
@@ -19,7 +19,7 @@
 #include <sys/types.h>
 #if defined(HAVE_GETMNTENT)
 #include <mntent.h>
-#elif !defined(HAVE_GETMNTINFO_TAKES_statvfs)
+#elif defined(HAVE_GETMNTINFO) && !defined(HAVE_GETMNTINFO_TAKES_statvfs)
 /* getmntinfo (the not NetBSD variants) */
 #include <sys/param.h>
 #include <sys/ucred.h>
@@ -28,6 +28,9 @@
 #if defined(HAVE_GETMNTENT_IN_SYS_MNTAB)
 #include <sys/mnttab.h>
 #define HAVE_GETMNTENT
+#if defined(HAVE_SYS_MNTENT_H)
+#include <sys/mntent.h>
+#endif
 #endif
 #include <sql_class.h>
 #include <sql_i_s.h>
@@ -37,8 +40,7 @@
   This intends to support *BSD's, macOS, Solaris, AIX, HP-UX, and Linux.
 
   specificly:
-  FreeBSD/OpenBSD/DragonFly (statfs) NetBSD (statvfs) uses getmntinfo().
-  macOS uses getmntinfo64().
+  FreeBSD/OpenBSD/DragonFly/macOS (statfs) NetBSD (statvfs) uses getmntinfo().
   Linux can use getmntent_r(), but we've just used getmntent for simplification.
   Linux/Solaris/AIX/HP-UX uses setmntent()/getmntent().
   Solaris uses getmntent() with a diffent prototype, return structure, and
@@ -46,8 +48,6 @@
 */
 #if defined(HAVE_GETMNTINFO_TAKES_statvfs) || defined(HAVE_GETMNTENT)
 typedef struct statvfs st_info;
-#elif defined(HAVE_GETMNTINFO64)
-typedef struct statfs64 st_info;
 #else // GETMNTINFO
 typedef struct statfs st_info;
 #endif
@@ -150,8 +150,6 @@ static int disks_fill_table(THD* pThd, TABLE_LIST* pTables, Item* pCond)
 
 #if defined(HAVE_GETMNTINFO_TAKES_statvfs)
     count= getmntinfo(&s, ST_WAIT);
-#elif defined(HAVE_GETMNTINFO64)
-    count= getmntinfo64(&s, MNT_WAIT);
 #else
     count= getmntinfo(&s, MNT_WAIT);
 #endif
diff --git a/plugin/disks/mysql-test/disks/disks.result b/plugin/disks/mysql-test/disks/disks.result
index 888f2df6..e46390c7 100644
--- a/plugin/disks/mysql-test/disks/disks.result
+++ b/plugin/disks/mysql-test/disks/disks.result
@@ -7,6 +7,6 @@ DISKS	CREATE TEMPORARY TABLE `DISKS` (
   `Used` bigint(32) NOT NULL,
   `Available` bigint(32) NOT NULL
 ) ENGINE=MEMORY DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_general_ci
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
-sum(Total) > sum(Available)	sum(Total)>sum(Used)
+select sum(Total) >= sum(Available), sum(Total)>=sum(Used) from information_schema.disks;
+sum(Total) >= sum(Available)	sum(Total)>=sum(Used)
 1	1
diff --git a/plugin/disks/mysql-test/disks/disks.test b/plugin/disks/mysql-test/disks/disks.test
index 7189c548..9adc3f01 100644
--- a/plugin/disks/mysql-test/disks/disks.test
+++ b/plugin/disks/mysql-test/disks/disks.test
@@ -1,3 +1,3 @@
 --replace_regex /varchar\([0-9]+\)/varchar(pathlen)/
 show create table information_schema.disks;
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
+select sum(Total) >= sum(Available), sum(Total)>=sum(Used) from information_schema.disks;
diff --git a/plugin/disks/mysql-test/disks/disks_notembedded.result b/plugin/disks/mysql-test/disks/disks_notembedded.result
index 97429474..ea2ccc85 100644
--- a/plugin/disks/mysql-test/disks/disks_notembedded.result
+++ b/plugin/disks/mysql-test/disks/disks_notembedded.result
@@ -6,16 +6,16 @@ CREATE USER user1@localhost;
 GRANT SELECT ON *.* TO user1@localhost;
 connect  con1,localhost,user1,,;
 connection con1;
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
-sum(Total) > sum(Available)	sum(Total)>sum(Used)
+select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
+sum(Total) >= sum(Available)	sum(Total) >= sum(Used)
 NULL	NULL
 disconnect con1;
 connection default;
 GRANT FILE ON *.* TO user1@localhost;
 connect  con1,localhost,user1,,;
 connection con1;
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
-sum(Total) > sum(Available)	sum(Total)>sum(Used)
+select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
+sum(Total) >= sum(Available)	sum(Total) >= sum(Used)
 1	1
 connection default;
 DROP USER user1@localhost;
diff --git a/plugin/disks/mysql-test/disks/disks_notembedded.test b/plugin/disks/mysql-test/disks/disks_notembedded.test
index a0f6c2e5..4481da9f 100644
--- a/plugin/disks/mysql-test/disks/disks_notembedded.test
+++ b/plugin/disks/mysql-test/disks/disks_notembedded.test
@@ -10,7 +10,7 @@ GRANT SELECT ON *.* TO user1@localhost;
 
 connect (con1,localhost,user1,,);
 connection con1;
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
+select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
 disconnect con1;
 
 connection default;
@@ -18,7 +18,7 @@ GRANT FILE ON *.* TO user1@localhost;
 
 connect (con1,localhost,user1,,);
 connection con1;
-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
+select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
 connection default;
 DROP USER user1@localhost;
 
diff --git a/plugin/feedback/CMakeLists.txt b/plugin/feedback/CMakeLists.txt
index 2103250e..fc35cbad 100644
--- a/plugin/feedback/CMakeLists.txt
+++ b/plugin/feedback/CMakeLists.txt
@@ -1,5 +1,5 @@
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${SSL_INCLUDE_DIRS})
 
 SET(FEEDBACK_SOURCES feedback.cc sender_thread.cc
diff --git a/plugin/feedback/sender_thread.cc b/plugin/feedback/sender_thread.cc
index 6b5be475..cc29e57f 100644
--- a/plugin/feedback/sender_thread.cc
+++ b/plugin/feedback/sender_thread.cc
@@ -96,8 +96,8 @@ static int prepare_for_fill(TABLE_LIST *tables)
 
   thd->mysys_var->current_cond= &sleep_condition;
   thd->mysys_var->current_mutex= &sleep_mutex;
+  thd->mark_connection_idle();
   thd->proc_info="feedback";
-  thd->set_command(COM_SLEEP);
   thd->system_thread= SYSTEM_THREAD_EVENT_WORKER; // whatever
   thd->set_time();
   thd->init_for_queries();
diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc
index 57e0139a..a7b39f0a 100644
--- a/plugin/file_key_management/parser.cc
+++ b/plugin/file_key_management/parser.cc
@@ -260,7 +260,7 @@ int Parser::parse_line(char **line_ptr, keyentry *key)
     while (isdigit(*p))
     {
       id = id * 10 + *p - '0';
-      if (id > UINT_MAX32)
+      if (id > (longlong) UINT_MAX32)
       {
         report_error("Invalid key id", p - *line_ptr);
         return -1;
diff --git a/plugin/hashicorp_key_management/hashicorp_key_management_plugin.cc b/plugin/hashicorp_key_management/hashicorp_key_management_plugin.cc
index 7c72af68..bdc2f734 100644
--- a/plugin/hashicorp_key_management/hashicorp_key_management_plugin.cc
+++ b/plugin/hashicorp_key_management/hashicorp_key_management_plugin.cc
@@ -593,32 +593,16 @@ int HCData::curl_run (const char *url, std::string *response,
   {
     const char *res = response->c_str();
     /*
-      Error 404 requires special handling - in case the server
-      returned an empty array of error strings (the value of the
-      "error" object in JSON is equal to an empty array), we should
-      ignore this error at this level, since this means the missing
-      key (this problem is handled at a higher level), but if the
-      error object contains anything other than empty array, then
-      we need to print the error message to the log:
+      Error 404 requires special handling - we should ignore this
+      error at this level, since this means the missing key (this
+      problem is handled at a higher level)
     */
     if (http_code == 404)
     {
-      const char *err;
-      int err_len;
-      if (json_get_object_key(res, res + response->size(),
-                              "errors", &err, &err_len) == JSV_ARRAY)
-      {
-        const char *ev;
-        int ev_len;
-        if (json_get_array_item(err, err + err_len, 0, &ev, &ev_len) ==
-            JSV_NOTHING)
-        {
-          *response = std::string("");
-          is_error = false;
-        }
-      }
+      *response = std::string("");
+      is_error = false;
     }
-    if (is_error)
+    else if (is_error)
     {
       my_printf_error(ER_UNKNOWN_ERROR, PLUGIN_ERROR_HEADER
                       "Hashicorp server error: %d, response: %s",
diff --git a/plugin/qc_info/CMakeLists.txt b/plugin/qc_info/CMakeLists.txt
index b8c5f926..329f49c1 100644
--- a/plugin/qc_info/CMakeLists.txt
+++ b/plugin/qc_info/CMakeLists.txt
@@ -1,4 +1,4 @@
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql
-                    ${PCRE_INCLUDES})
+                    ${PCRE_INCLUDE_DIRS})
 
 MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc RECOMPILE_FOR_EMBEDDED)
diff --git a/plugin/sql_errlog/sql_errlog.c b/plugin/sql_errlog/sql_errlog.c
index 0b7771f1..3631cd1d 100644
--- a/plugin/sql_errlog/sql_errlog.c
+++ b/plugin/sql_errlog/sql_errlog.c
@@ -15,6 +15,7 @@
 
 #include <mysql/plugin_audit.h>
 #include <stdio.h>
+#include <string.h>
 #include <time.h>
 #include <mysql/service_logger.h>
 
@@ -40,6 +41,7 @@ static unsigned long long size_limit;
 static unsigned int rotations;
 static char rotate;
 static char warnings;
+static char with_db_and_thread_info;
 
 static unsigned int count;
 LOGGER_HANDLE *logfile;
@@ -73,6 +75,12 @@ static MYSQL_SYSVAR_BOOL(warnings, warnings,
                          "Warnings. If set to 0, warnings are not logged.",
                          NULL, NULL, 1);
 
+static MYSQL_SYSVAR_BOOL(with_db_and_thread_info, with_db_and_thread_info,
+       PLUGIN_VAR_READONLY | PLUGIN_VAR_OPCMDARG,
+       "Show details about thread id and database name in the log",
+       NULL, NULL,
+       0);
+
 static struct st_mysql_sys_var* vars[] = {
     MYSQL_SYSVAR(rate),
     MYSQL_SYSVAR(size_limit),
@@ -80,6 +88,7 @@ static struct st_mysql_sys_var* vars[] = {
     MYSQL_SYSVAR(rotate),
     MYSQL_SYSVAR(filename),
     MYSQL_SYSVAR(warnings),
+    MYSQL_SYSVAR(with_db_and_thread_info),
     NULL
 };
 
@@ -90,6 +99,7 @@ static void log_sql_errors(MYSQL_THD thd __attribute__((unused)),
 {
   const struct mysql_event_general *event =
          (const struct mysql_event_general*)ev;
+
   if (rate &&
       (event->event_subclass == MYSQL_AUDIT_GENERAL_ERROR ||
        (warnings && event->event_subclass == MYSQL_AUDIT_GENERAL_WARNING)))
@@ -103,12 +113,35 @@ static void log_sql_errors(MYSQL_THD thd __attribute__((unused)),
 
       count = 0;
       (void) localtime_r(&event_time, &t);
-      logger_printf(logfile, "%04d-%02d-%02d %2d:%02d:%02d "
+      if (with_db_and_thread_info)
+      {
+        if (event->database.str)
+        {
+          logger_printf(logfile, "%04d-%02d-%02d %2d:%02d:%02d %lu "
+                      "%s %`s %s %d: %s : %s \n",
+              t.tm_year + 1900, t.tm_mon + 1, t.tm_mday, t.tm_hour, t.tm_min,
+              t.tm_sec, event->general_thread_id, event->general_user,
+              event->database.str, type,
+              event->general_error_code, event->general_command, event->general_query);
+        }
+        else
+        {
+          logger_printf(logfile, "%04d-%02d-%02d %2d:%02d:%02d %lu "
+                      "%s NULL %s %d: %s : %s \n",
+              t.tm_year + 1900, t.tm_mon + 1, t.tm_mday, t.tm_hour, t.tm_min,
+              t.tm_sec, event->general_thread_id, event->general_user, type,
+              event->general_error_code, event->general_command, event->general_query);
+        }
+      }
+      else
+      {
+        logger_printf(logfile, "%04d-%02d-%02d %2d:%02d:%02d "
                       "%s %s %d: %s : %s\n",
-                    t.tm_year + 1900, t.tm_mon + 1,
-                    t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec,
-                    event->general_user, type, event->general_error_code,
-                    event->general_command, event->general_query);
+              t.tm_year + 1900, t.tm_mon + 1,
+              t.tm_mday, t.tm_hour, t.tm_min, t.tm_sec,
+              event->general_user, type, event->general_error_code,
+              event->general_command, event->general_query);
+      }
     }
   }
 }
@@ -167,7 +200,7 @@ maria_declare_plugin(sql_errlog)
   0x0100,
   NULL,
   vars,
-  "1.0",
+  "1.1",
   MariaDB_PLUGIN_MATURITY_STABLE
 }
 maria_declare_plugin_end;
diff --git a/plugin/test_sql_service/CMakeLists.txt b/plugin/test_sql_service/CMakeLists.txt
index 615508bd..b40e2575 100644
--- a/plugin/test_sql_service/CMakeLists.txt
+++ b/plugin/test_sql_service/CMakeLists.txt
@@ -15,4 +15,4 @@
 
 SET(SOURCES test_sql_service.c)
 
-MYSQL_ADD_PLUGIN(test_sql_service  ${SOURCES} MODULE_ONLY)
+MYSQL_ADD_PLUGIN(test_sql_service  ${SOURCES} MODULE_ONLY COMPONENT Test)
diff --git a/plugin/type_inet/mysql-test/type_inet/type_inet4_myisam.result b/plugin/type_inet/mysql-test/type_inet/type_inet4_myisam.result
index b6fd55e1..aaf66b34 100644
--- a/plugin/type_inet/mysql-test/type_inet/type_inet4_myisam.result
+++ b/plugin/type_inet/mysql-test/type_inet/type_inet4_myisam.result
@@ -98,6 +98,8 @@ c
 EXPLAIN SELECT * FROM t1 WHERE c>CAST('0.0.0.1' AS INET4);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	c	c	67	NULL	3	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c` part[0] for lookup: `test`.`t1`.`c` of type `varchar` > "cast('0.0.0.1' as inet4)" of type `inet4`
 SELECT * FROM t1 WHERE c=CAST('0.0.0.1' AS INET4);
 c
 0.0.0.1
diff --git a/plugin/type_inet/mysql-test/type_inet/type_inet6.result b/plugin/type_inet/mysql-test/type_inet/type_inet6.result
index 1fe4decb..5ac2657f 100644
--- a/plugin/type_inet/mysql-test/type_inet/type_inet6.result
+++ b/plugin/type_inet/mysql-test/type_inet/type_inet6.result
@@ -2284,6 +2284,81 @@ Warnings:
 Warning	1292	Incorrect inet6 value: ''
 DROP TABLE t1;
 #
+# MDEV-32879 Server crash in my_decimal::operator= or unexpected ER_DUP_ENTRY upon comparison with INET6 and similar types
+#
+CREATE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f, GROUP_CONCAT(c) FROM t1 GROUP BY f;
+f	GROUP_CONCAT(c)
+NULL	2000-01-01 00:00:00.000000,1900-01-01 00:00:00.000000
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+DROP TABLE t1;
+CREATE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f, COUNT(c) FROM t1 GROUP BY f;
+f	COUNT(c)
+NULL	2
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+DROP TABLE t1;
+CREATE OR REPLACE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f FROM t1 ORDER BY f;
+f
+NULL
+NULL
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+DROP TABLE t1;
+CREATE OR REPLACE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL);
+INSERT INTO t1 VALUES ('','::'),('','::');
+SELECT 1.00 + (b = a) AS f FROM t1 ORDER BY f;
+f
+NULL
+NULL
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+SELECT 1.00 + (b BETWEEN a AND '') AS f FROM t1 ORDER BY f;
+f
+NULL
+NULL
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+SELECT 1.00 + (b IN (a,'')) AS f FROM t1 ORDER BY f;
+f
+NULL
+NULL
+Warnings:
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+Warning	1292	Incorrect inet6 value: ''
+DROP TABLE t1;
+#
 # MDEV-22256 Assertion `length == pack_length()' failed in Field_timestamp_with_dec::sort_string
 #
 SET sql_mode='';
diff --git a/plugin/type_inet/mysql-test/type_inet/type_inet6.test b/plugin/type_inet/mysql-test/type_inet/type_inet6.test
index 99f75312..0c56ecfe 100644
--- a/plugin/type_inet/mysql-test/type_inet/type_inet6.test
+++ b/plugin/type_inet/mysql-test/type_inet/type_inet6.test
@@ -1676,6 +1676,32 @@ SELECT * FROM t1 WHERE a IN ('','::1');
 DROP TABLE t1;
 
 --echo #
+--echo # MDEV-32879 Server crash in my_decimal::operator= or unexpected ER_DUP_ENTRY upon comparison with INET6 and similar types
+--echo #
+
+CREATE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f, GROUP_CONCAT(c) FROM t1 GROUP BY f;
+DROP TABLE t1;
+
+CREATE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f, COUNT(c) FROM t1 GROUP BY f;
+DROP TABLE t1;
+
+CREATE OR REPLACE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL, c DATETIME(6) NOT NULL);
+INSERT INTO t1 VALUES ('','::','2000-01-01'),('','::','1900-01-01');
+SELECT c + (b = a) AS f FROM t1 ORDER BY f;
+DROP TABLE t1;
+
+CREATE OR REPLACE TABLE t1 (a CHAR(36) NOT NULL, b INET6 NOT NULL);
+INSERT INTO t1 VALUES ('','::'),('','::');
+SELECT 1.00 + (b = a) AS f FROM t1 ORDER BY f;
+SELECT 1.00 + (b BETWEEN a AND '') AS f FROM t1 ORDER BY f;
+SELECT 1.00 + (b IN (a,'')) AS f FROM t1 ORDER BY f;
+DROP TABLE t1;
+
+--echo #
 --echo # MDEV-22256 Assertion `length == pack_length()' failed in Field_timestamp_with_dec::sort_string
 --echo #
 
diff --git a/plugin/type_inet/mysql-test/type_inet/type_inet6_myisam.result b/plugin/type_inet/mysql-test/type_inet/type_inet6_myisam.result
index da67e05a..0f20e16d 100644
--- a/plugin/type_inet/mysql-test/type_inet/type_inet6_myisam.result
+++ b/plugin/type_inet/mysql-test/type_inet/type_inet6_myisam.result
@@ -98,6 +98,8 @@ c
 EXPLAIN SELECT * FROM t1 WHERE c>CAST('::1' AS INET6);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	index	c	c	67	NULL	3	Using where; Using index
+Warnings:
+Note	1105	Cannot use key `c` part[0] for lookup: `test`.`t1`.`c` of type `varchar` > "cast('::1' as inet6)" of type `inet6`
 SELECT * FROM t1 WHERE c=CAST('::1' AS INET6);
 c
 0::1
diff --git a/plugin/type_mysql_json/type.cc b/plugin/type_mysql_json/type.cc
index a39c4ad2..331e3bb2 100644
--- a/plugin/type_mysql_json/type.cc
+++ b/plugin/type_mysql_json/type.cc
@@ -37,6 +37,11 @@ public:
   Field *make_table_field(MEM_ROOT *, const LEX_CSTRING *,
                           const Record_addr &, const Type_all_attributes &,
                           TABLE_SHARE *) const override;
+  bool Column_definition_fix_attributes(Column_definition *c) const override
+  {
+    my_error(ER_NOT_ALLOWED_IN_THIS_CONTEXT, MYF(0), "MYSQL_JSON");
+    return true;
+  }
   void Column_definition_reuse_fix_attributes(THD *thd,
                                               Column_definition *def,
                                               const Field *field) const override;
@@ -74,7 +79,7 @@ public:
   bool parse_mysql(String *dest, const char *data, size_t length) const;
   bool send(Protocol *protocol) { return Field::send(protocol); }
   void sql_type(String &s) const
-  { s.set_ascii(STRING_WITH_LEN("json /* MySQL 5.7 */")); }
+  { s.set_ascii(STRING_WITH_LEN("mysql_json /* JSON from MySQL 5.7 */")); }
   /* this will make ALTER TABLE to consider it different from built-in field */
   Compression_method *compression_method() const { return (Compression_method*)1; }
 };
diff --git a/plugin/type_uuid/mysql-test/type_uuid/type_uuid_innodb.result b/plugin/type_uuid/mysql-test/type_uuid/type_uuid_innodb.result
index d769f1a1..37710ab1 100644
--- a/plugin/type_uuid/mysql-test/type_uuid/type_uuid_innodb.result
+++ b/plugin/type_uuid/mysql-test/type_uuid/type_uuid_innodb.result
@@ -195,6 +195,8 @@ EXPLAIN SELECT * FROM t2 JOIN t1 ON ( t1.pk > t2.d);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	SIMPLE	t1	system	NULL	NULL	NULL	NULL	1	
 1	SIMPLE	t2	ALL	d	NULL	NULL	NULL	1	Using where
+Warnings:
+Note	1105	Cannot use key `d` part[0] for lookup: `test`.`t2`.`d` of type `blob` < "'00000000-0000-0000-0000-000000000000'" of type `uuid`
 UPDATE t2 JOIN t1 ON ( t1.pk > t2.d) SET t1.c = 1;
 ERROR 22007: Incorrect uuid value: '2'
 DROP TABLE t1, t2;
diff --git a/plugin/user_variables/user_variables.cc b/plugin/user_variables/user_variables.cc
index df2ab4af..79c96704 100644
--- a/plugin/user_variables/user_variables.cc
+++ b/plugin/user_variables/user_variables.cc
@@ -79,9 +79,9 @@ static int user_variables_fill(THD *thd, TABLE_LIST *tables, COND *cond)
     else
       return 1;
 
-    const LEX_CSTRING *tmp= var->unsigned_flag ?
-                            &unsigned_result_types[var->type] :
-                            &result_types[var->type];
+    const LEX_CSTRING *tmp= var->type_handler()->is_unsigned() ?
+            &unsigned_result_types[var->type_handler()->result_type()] :
+            &result_types[var->type_handler()->result_type()];
     field[2]->store(tmp->str, tmp->length, system_charset_info);
 
     if (var->charset())
diff --git a/scripts/mysql_install_db.sh b/scripts/mysql_install_db.sh
index 31557b60..742eb1e1 100644
--- a/scripts/mysql_install_db.sh
+++ b/scripts/mysql_install_db.sh
@@ -695,7 +695,7 @@ then
   then
     echo
     echo "You can start the MariaDB daemon with:"
-    echo "cd '$basedir' ; $bindir/mariadb-safe --datadir='$ldata'"
+    echo "cd '$basedir' ; $bindir/mariadbd-safe --datadir='$ldata'"
     echo
     echo "You can test the MariaDB daemon with mysql-test-run.pl"
     echo "cd '$basedir/@INSTALL_MYSQLTESTDIR@' ; perl mariadb-test-run.pl"
diff --git a/scripts/mysql_setpermission.sh b/scripts/mysql_setpermission.sh
index b3c9c27c..aa165a5e 100644
--- a/scripts/mysql_setpermission.sh
+++ b/scripts/mysql_setpermission.sh
@@ -68,7 +68,7 @@ usage() if ($opt_help); # the help function
 
 if ($opt_host =~ s/:(\d+)$//)
 {
-    $opt_port = $1;
+  $opt_port = $1;
 }
 
 if ($opt_host eq '')
@@ -98,7 +98,7 @@ my $prefix= 'mysql';
 if (eval {DBI->install_driver("MariaDB")}) {
   $dsn ="DBI:MariaDB:;";
   $prefix= 'mariadb';
-} 
+}
 else {
   $dsn = "DBI:mysql:;";
 }
@@ -226,11 +226,11 @@ sub setpwd
   {
     $pass = "PASSWORD(". $dbh->quote($pass) . ")";
   }
-  my $uh= "$user@$host";
+  my $uh= $user."@".$host;
   my $sth = $dbh->prepare("set password for $uh =$pass") || die $dbh->errstr;
   $sth->execute || die $dbh->errstr;
   $sth->finish;
-  print "The password is set for user $user.\n\n";
+  print "The password is set for user $uh.\n\n";
 
 }
 
diff --git a/scripts/mysql_system_tables_fix.sql b/scripts/mysql_system_tables_fix.sql
index 2b4a678d..64b92fb4 100644
--- a/scripts/mysql_system_tables_fix.sql
+++ b/scripts/mysql_system_tables_fix.sql
@@ -230,6 +230,11 @@ UPDATE user
   SET plugin='unix_socket' WHERE plugin='auth_socket';
 DELETE FROM plugin
   WHERE name='auth_socket';
+# Delete plugins that are now inbuilt but might not have been before (MDEV-32043)
+DELETE plugin
+  FROM information_schema.PLUGINS is_p
+  JOIN plugin ON plugin.name = is_p.PLUGIN_NAME
+  WHERE is_p.PLUGIN_LIBRARY IS NULL;
 
 ALTER TABLE user
   MODIFY Password char(41) character set latin1 collate latin1_bin NOT NULL default '',
diff --git a/scripts/mysqlhotcopy.sh b/scripts/mysqlhotcopy.sh
index 44abcfec..d0821e66 100644
--- a/scripts/mysqlhotcopy.sh
+++ b/scripts/mysqlhotcopy.sh
@@ -189,21 +189,38 @@ $opt{quiet} = 0 if $opt{debug};
 $opt{allowold} = 1 if $opt{keepold};
 
 # --- connect to the database ---
+## Socket takes precedence.
 my $dsn;
-$dsn  = ";host=" . (defined($opt{host}) ? $opt{host} : "localhost");
-$dsn .= ";port=$opt{port}" if $opt{port};
-$dsn .= ";mariadb_socket=$opt{socket}" if $opt{socket};
+my $prefix= 'mysql';
 
-# use mariadb_read_default_group=mysqlhotcopy so that [client] and
-# [mysqlhotcopy] groups will be read from standard options files.
+if (eval {DBI->install_driver("MariaDB")}) {
+  $dsn ="DBI:MariaDB:;";
+  $prefix= 'mariadb';
+}
+else {
+  $dsn = "DBI:mysql:;";
+}
 
-my $dbh = DBI->connect("DBI:MariaDB:$dsn;mariadb_read_default_group=mysqlhotcopy",
-                        $opt{user}, $opt{password},
+if ($opt{socket} and -S $opt{socket})
+{
+  $dsn .= "${prefix}_socket=$opt{socket}";
+}
+else
 {
-    RaiseError => 1,
-    PrintError => 0,
-    AutoCommit => 1,
-});
+  $dsn .= "host=" . $opt{host};
+  if ($opt{host} ne "localhost")
+  {
+    $dsn .= ";port=". $opt{port};
+  }
+}
+
+$dsn .= ";mariadb_read_default_group=mysqlhotcopy";
+
+# use mariadb_read_default_group=mysqlhotcopy so that [client] and
+# [mysqlhotcopy] groups will be read from standard options files.
+# make the connection to MariaDB
+my $dbh= DBI->connect($dsn, $opt{user}, $opt{password}, { RaiseError => 1, PrintError => 0}) ||
+                      die("Can't make a connection to the MariaDB server.\n The error: $DBI::errstr");
 
 # --- check that checkpoint table exists if specified ---
 if ( $opt{checkpoint} ) {
@@ -271,6 +288,8 @@ if ( defined $opt{regexp} ) {
     $sth_dbs->execute;
     while ( my ($db_name) = $sth_dbs->fetchrow_array ) {
 	next if $db_name =~ m/^information_schema$/i;
+	next if $db_name =~ m/^performance_schema$/i;
+	next if $db_name =~ m/^sys$/i;
 	push @db_desc, { 'src' => $db_name, 't_regex' => $t_regex } if ( $db_name =~ m/$opt{regexp}/o );
     }
 }
diff --git a/scripts/wsrep_sst_common.sh b/scripts/wsrep_sst_common.sh
index bf96f79e..2b540581 100644
--- a/scripts/wsrep_sst_common.sh
+++ b/scripts/wsrep_sst_common.sh
@@ -1166,9 +1166,9 @@ is_local_ip()
     # the domain name check:
     if [ "${2:-0}" -eq 0 ]; then
        # We consider all the names of a given host to be local addresses:
-       [ "$1" = "$(hostname -s)" -o \
-         "$1" = "$(hostname -f)" -o \
-         "$1" = "$(hostname -d)" ] && return 0
+       [ "$1" = "$(hostname -s 2>/dev/null)" -o \
+         "$1" = "$(hostname -f 2>/dev/null)" -o \
+         "$1" = "$(hostname -d 2>/dev/null)" ] && return 0
     fi
     # If the address contains anything other than digits
     # and separators, it is not a local address:
diff --git a/scripts/wsrep_sst_mariabackup.sh b/scripts/wsrep_sst_mariabackup.sh
index 93f9270e..2b05326e 100644
--- a/scripts/wsrep_sst_mariabackup.sh
+++ b/scripts/wsrep_sst_mariabackup.sh
@@ -102,9 +102,12 @@ if [ -z "$BACKUP_BIN" ]; then
 fi
 
 DATA="$WSREP_SST_OPT_DATA"
+
 INFO_FILE='xtrabackup_galera_info'
+DONOR_INFO_FILE='donor_galera_info'
 IST_FILE='xtrabackup_ist'
 MAGIC_FILE="$DATA/$INFO_FILE"
+DONOR_MAGIC_FILE="$DATA/$DONOR_INFO_FILE"
 
 INNOAPPLYLOG="$DATA/mariabackup.prepare.log"
 INNOMOVELOG="$DATA/mariabackup.move.log"
@@ -650,14 +653,14 @@ get_stream()
         if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then
             strmcmd="'$STREAM_BIN' -x"
         else
-            strmcmd="'$STREAM_BIN' -c '$INFO_FILE'"
+            strmcmd="'$STREAM_BIN' -c '$INFO_FILE' '$DONOR_INFO_FILE'"
         fi
     else
         sfmt='tar'
         if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then
             strmcmd='tar xfi -'
         else
-            strmcmd="tar cf - '$INFO_FILE'"
+            strmcmd="tar cf - '$INFO_FILE' '$DONOR_INFO_FILE'"
         fi
     fi
     wsrep_log_info "Streaming with $sfmt"
@@ -679,6 +682,7 @@ cleanup_at_exit()
     if [ $estatus -ne 0 ]; then
         wsrep_log_error "Removing $MAGIC_FILE file due to signal"
         [ -f "$MAGIC_FILE" ] && rm -f "$MAGIC_FILE" || :
+        [ -f "$DONOR_MAGIC_FILE" ] && rm -f "$DONOR_MAGIC_FILE" || :
     fi
 
     if [ "$WSREP_SST_OPT_ROLE" = 'joiner' ]; then
@@ -915,6 +919,7 @@ monitor_process()
 }
 
 [ -f "$MAGIC_FILE" ] && rm -f "$MAGIC_FILE"
+[ -f "$DONOR_MAGIC_FILE" ] && rm -rf "$DONOR_MAGIC_FILE"
 
 read_cnf
 setup_ports
@@ -1042,6 +1047,23 @@ setup_commands()
     INNOBACKUP="$BACKUP_BIN$WSREP_SST_OPT_CONF --backup$disver${iopts:+ }$iopts$tmpopts$INNOEXTRA --galera-info --stream=$sfmt --target-dir='$itmpdir' --datadir='$DATA'$mysqld_args $INNOBACKUP"
 }
 
+send_magic()
+{
+    # Store donor's wsrep GTID (state ID) and wsrep_gtid_domain_id
+    # (separated by a space).
+    echo "$WSREP_SST_OPT_GTID $WSREP_SST_OPT_GTID_DOMAIN_ID" > "$MAGIC_FILE"
+    echo "$WSREP_SST_OPT_GTID $WSREP_SST_OPT_GTID_DOMAIN_ID" > "$DONOR_MAGIC_FILE"
+    if [ -n "$WSREP_SST_OPT_REMOTE_PSWD" ]; then
+        # Let joiner know that we know its secret
+        echo "$SECRET_TAG $WSREP_SST_OPT_REMOTE_PSWD" >> "$MAGIC_FILE"
+    fi
+
+    if [ $WSREP_SST_OPT_BYPASS -eq 0 -a $WSREP_SST_OPT_PROGRESS -eq 1 ]; then
+        # Tell joiner what to expect:
+        echo "$TOTAL_TAG $payload" >> "$MAGIC_FILE"
+    fi
+}
+
 get_stream
 get_transfer
 
@@ -1099,20 +1121,7 @@ if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then
         fi
 
         wsrep_log_info "Streaming GTID file before SST"
-
-        # Store donor's wsrep GTID (state ID) and wsrep_gtid_domain_id
-        # (separated by a space).
-        echo "$WSREP_SST_OPT_GTID $WSREP_SST_OPT_GTID_DOMAIN_ID" > "$MAGIC_FILE"
-
-        if [ -n "$WSREP_SST_OPT_REMOTE_PSWD" ]; then
-            # Let joiner know that we know its secret
-            echo "$SECRET_TAG $WSREP_SST_OPT_REMOTE_PSWD" >> "$MAGIC_FILE"
-        fi
-
-        if [ $WSREP_SST_OPT_PROGRESS -eq 1 ]; then
-            # Tell joiner what to expect:
-            echo "$TOTAL_TAG $payload" >> "$MAGIC_FILE"
-        fi
+        send_magic
 
         ttcmd="$tcmd"
 
@@ -1202,9 +1211,8 @@ if [ "$WSREP_SST_OPT_ROLE" = 'donor' ]; then
         wsrep_log_info "Bypassing the SST for IST"
         echo "continue" # now server can resume updating data
 
-        # Store donor's wsrep GTID (state ID) and wsrep_gtid_domain_id
-        # (separated by a space).
-        echo "$WSREP_SST_OPT_GTID $WSREP_SST_OPT_GTID_DOMAIN_ID" > "$MAGIC_FILE"
+        send_magic
+
         echo "1" > "$DATA/$IST_FILE"
 
         if [ -n "$scomp" ]; then
@@ -1310,7 +1318,7 @@ else # joiner
         impts="--parallel=$backup_threads${impts:+ }$impts"
     fi
 
-    SST_PID="$WSREP_SST_OPT_DATA/wsrep_sst.pid"
+    SST_PID="$DATA/wsrep_sst.pid"
 
     # give some time for previous SST to complete:
     check_round=0
@@ -1451,8 +1459,8 @@ else # joiner
 
         TDATA="$DATA"
         DATA="$DATA/.sst"
-
         MAGIC_FILE="$DATA/$INFO_FILE"
+
         wsrep_log_info "Waiting for SST streaming to complete!"
         monitor_process $jpid
 
@@ -1590,9 +1598,16 @@ else # joiner
         exit 2
     fi
 
+    # use donor magic file, if present
+    # if IST was used, donor magic file was not created
     # Remove special tags from the magic file, and from the output:
-    coords=$(head -n1 "$MAGIC_FILE")
-    wsrep_log_info "Galera co-ords from recovery: $coords"
+    if [ -r "$DONOR_MAGIC_FILE" ]; then
+        coords=$(head -n1 "$DONOR_MAGIC_FILE")
+        wsrep_log_info "Galera co-ords from donor: $coords"
+    else
+        coords=$(head -n1 "$MAGIC_FILE")
+        wsrep_log_info "Galera co-ords from recovery: $coords"
+    fi
     echo "$coords" # Output : UUID:seqno wsrep_gtid_domain_id
 
     wsrep_log_info "Total time on joiner: $totime seconds"
diff --git a/scripts/wsrep_sst_rsync.sh b/scripts/wsrep_sst_rsync.sh
index a8bfc413..aabf5bd3 100644
--- a/scripts/wsrep_sst_rsync.sh
+++ b/scripts/wsrep_sst_rsync.sh
@@ -149,10 +149,12 @@ check_pid_and_port()
     check_pid "$pid_file" && [ $CHECK_PID -eq $pid ]
 }
 
-STUNNEL_CONF="$WSREP_SST_OPT_DATA/stunnel.conf"
-STUNNEL_PID="$WSREP_SST_OPT_DATA/stunnel.pid"
+DATA="$WSREP_SST_OPT_DATA"
+
+STUNNEL_CONF="$DATA/stunnel.conf"
+STUNNEL_PID="$DATA/stunnel.pid"
 
-MAGIC_FILE="$WSREP_SST_OPT_DATA/rsync_sst_complete"
+MAGIC_FILE="$DATA/rsync_sst_complete"
 
 get_binlog
 
@@ -163,7 +165,6 @@ fi
 
 OLD_PWD="$(pwd)"
 
-DATA="$WSREP_SST_OPT_DATA"
 if [ -n "$DATA" -a "$DATA" != '.' ]; then
     [ ! -d "$DATA" ] && mkdir -p "$DATA"
     cd "$DATA"
@@ -347,7 +348,7 @@ fi
 readonly SECRET_TAG='secret'
 readonly BYPASS_TAG='bypass'
 
-SST_PID="$WSREP_SST_OPT_DATA/wsrep_sst.pid"
+SST_PID="$DATA/wsrep_sst.pid"
 
 # give some time for previous SST to complete:
 check_round=0
@@ -379,8 +380,8 @@ done
 
 MODULE="${WSREP_SST_OPT_MODULE:-rsync_sst}"
 
-RSYNC_PID="$WSREP_SST_OPT_DATA/$MODULE.pid"
-RSYNC_CONF="$WSREP_SST_OPT_DATA/$MODULE.conf"
+RSYNC_PID="$DATA/$MODULE.pid"
+RSYNC_CONF="$DATA/$MODULE.conf"
 
 # give some time for rsync from the previous SST to complete:
 check_round=0
@@ -422,8 +423,8 @@ EOF
 
     if [ $WSREP_SST_OPT_BYPASS -eq 0 ]; then
 
-        FLUSHED="$WSREP_SST_OPT_DATA/tables_flushed"
-        ERROR="$WSREP_SST_OPT_DATA/sst_error"
+        FLUSHED="$DATA/tables_flushed"
+        ERROR="$DATA/sst_error"
 
         [ -f "$FLUSHED" ] && rm -f "$FLUSHED"
         [ -f "$ERROR" ]   && rm -f "$ERROR"
@@ -474,9 +475,9 @@ EOF
                     # Preparing binlog files for transfer:
                     wsrep_log_info "Preparing binlog files for transfer:"
                     tar_type=0
-                    if tar --help | grep -qw -F -- '--transform'; then
+                    if tar --help 2>/dev/null | grep -qw -F -- '--transform'; then
                         tar_type=1
-                    elif tar --version | grep -qw -E '^bsdtar'; then
+                    elif tar --version 2>/dev/null | grep -qw -E '^bsdtar'; then
                         tar_type=2
                     fi
                     if [ $tar_type -eq 2 ]; then
@@ -580,7 +581,7 @@ FILTER="-f '- /lost+found'
         eval rsync ${STUNNEL:+"--rsh='$STUNNEL'"} \
               --owner --group --perms --links --specials \
               --ignore-times --inplace --dirs --delete --quiet \
-              $WHOLE_FILE_OPT $FILTER "'$WSREP_SST_OPT_DATA/'" \
+              $WHOLE_FILE_OPT $FILTER "'$DATA/'" \
               "'rsync://$WSREP_SST_OPT_ADDR'" >&2 || RC=$?
 
         if [ $RC -ne 0 ]; then
@@ -688,7 +689,7 @@ FILTER="-f '- /lost+found'
              -f '- $ib_log_dir/ib_logfile[0-9]*' \
              -f '- $ar_log_dir/aria_log_control' \
              -f '- $ar_log_dir/aria_log.*' \
-             "$WSREP_SST_OPT_DATA/{}/" \
+             "$DATA/{}/" \
              "rsync://$WSREP_SST_OPT_ADDR/{}" >&2 || RC=$?
 
         cd "$OLD_PWD"
@@ -770,7 +771,7 @@ read only = no
 timeout = 300
 $SILENT
 [$MODULE]
-    path = $WSREP_SST_OPT_DATA
+    path = $DATA
     exclude = .zfs
 [$MODULE-log_dir]
     path = $ib_log_dir
@@ -979,7 +980,7 @@ EOF
             fi
             # Extracting binlog files:
             wsrep_log_info "Extracting binlog files:"
-            if tar --version | grep -qw -E '^bsdtar'; then
+            if tar --version 2>/dev/null | grep -qw -E '^bsdtar'; then
                 tar -tf "$BINLOG_TAR_FILE" > "$tmpfile" && \
                 tar -xvf "$BINLOG_TAR_FILE" > /dev/null || RC=$?
             else
diff --git a/sql/CMakeLists.txt b/sql/CMakeLists.txt
index 13d9d02c..66c7e385 100644
--- a/sql/CMakeLists.txt
+++ b/sql/CMakeLists.txt
@@ -55,7 +55,7 @@ INCLUDE_DIRECTORIES(
 ${CMAKE_SOURCE_DIR}/include
 ${CMAKE_SOURCE_DIR}/sql
 ${LIBFMT_INCLUDE_DIR}
-${PCRE_INCLUDES}
+${PCRE_INCLUDE_DIRS}
 ${ZLIB_INCLUDE_DIR}
 ${SSL_INCLUDE_DIRS}
 ${CMAKE_BINARY_DIR}/sql
@@ -180,6 +180,7 @@ SET (SQL_SOURCE
                table_cache.cc encryption.cc temporary_tables.cc
                json_table.cc
                proxy_protocol.cc backup.cc xa.cc
+               socketpair.c socketpair.h
                ${CMAKE_CURRENT_BINARY_DIR}/lex_hash.h
                ${CMAKE_CURRENT_BINARY_DIR}/lex_token.h
                ${GEN_SOURCES}
diff --git a/sql/debug.cc b/sql/debug.cc
index a0e2340e..beb66775 100644
--- a/sql/debug.cc
+++ b/sql/debug.cc
@@ -40,7 +40,8 @@ static bool debug_decrement_counter(const LEX_CSTRING *name)
   THD *thd= current_thd;
   user_var_entry *entry= (user_var_entry*)
     my_hash_search(&thd->user_vars, (uchar*) name->str, name->length);
-  if (!entry || entry->type != INT_RESULT || ! entry->value)
+  if (!entry || !entry->value ||
+      entry->type_handler()->result_type() != INT_RESULT)
     return 0;
   (*(ulonglong*) entry->value)= (*(ulonglong*) entry->value)-1;
   return !*(ulonglong*) entry->value;
diff --git a/sql/event_queue.cc b/sql/event_queue.cc
index ebd2dfee..7ed4d8c6 100644
--- a/sql/event_queue.cc
+++ b/sql/event_queue.cc
@@ -656,7 +656,6 @@ Event_queue::get_top_for_execution_if_time(THD *thd,
       top->status= Event_parse_data::DISABLED;
     DBUG_PRINT("info", ("event %s status is %d", top->name.str, top->status));
 
-    top->execution_count++;
     (*event_name)->dropped= top->dropped;
     /*
       Save new values of last_executed timestamp and event status on stack
diff --git a/sql/field.cc b/sql/field.cc
index e94d5c19..76b7ff61 100644
--- a/sql/field.cc
+++ b/sql/field.cc
@@ -4741,30 +4741,6 @@ bool Field_longlong::is_max()
   single precision float
 ****************************************************************************/
 
-Field_float::Field_float(uchar *ptr_arg, uint32 len_arg, uchar *null_ptr_arg,
-                         uchar null_bit_arg,
-                         enum utype unireg_check_arg,
-                         const LEX_CSTRING *field_name_arg,
-                         decimal_digits_t dec_arg,
-                         bool zero_arg, bool unsigned_arg)
-  :Field_real(ptr_arg, len_arg, null_ptr_arg, null_bit_arg,
-              unireg_check_arg, field_name_arg,
-              (dec_arg >= FLOATING_POINT_DECIMALS ? NOT_FIXED_DEC : dec_arg),
-              zero_arg, unsigned_arg)
-{
-}
-
-Field_float::Field_float(uint32 len_arg, bool maybe_null_arg,
-                         const LEX_CSTRING *field_name_arg,
-                         decimal_digits_t dec_arg)
-  :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "": 0, (uint) 0,
-              NONE, field_name_arg,
-              (dec_arg >= FLOATING_POINT_DECIMALS ? NOT_FIXED_DEC : dec_arg),
-              0, 0)
-{
-}
-
-
 int Field_float::store(const char *from,size_t len,CHARSET_INFO *cs)
 {
   int error;
@@ -4913,40 +4889,6 @@ Binlog_type_info Field_float::binlog_type_info() const
   double precision floating point numbers
 ****************************************************************************/
 
-Field_double::Field_double(uchar *ptr_arg, uint32 len_arg, uchar *null_ptr_arg,
-                           uchar null_bit_arg,
-                           enum utype unireg_check_arg,
-                           const LEX_CSTRING *field_name_arg,
-                           decimal_digits_t dec_arg,
-                           bool zero_arg, bool unsigned_arg)
-  :Field_real(ptr_arg, len_arg, null_ptr_arg, null_bit_arg,
-              unireg_check_arg, field_name_arg,
-              (dec_arg >= FLOATING_POINT_DECIMALS ? NOT_FIXED_DEC : dec_arg),
-              zero_arg, unsigned_arg)
-{
-}
-
-Field_double::Field_double(uint32 len_arg, bool maybe_null_arg,
-                           const LEX_CSTRING *field_name_arg,
-                           decimal_digits_t dec_arg)
-  :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "" : 0, (uint) 0,
-              NONE, field_name_arg,
-              (dec_arg >= FLOATING_POINT_DECIMALS ? NOT_FIXED_DEC : dec_arg),
-              0, 0)
-{
-}
-
-Field_double::Field_double(uint32 len_arg, bool maybe_null_arg,
-                           const LEX_CSTRING *field_name_arg,
-                           decimal_digits_t dec_arg, bool not_fixed_arg)
-  :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "" : 0, (uint) 0,
-              NONE, field_name_arg,
-              (dec_arg >= FLOATING_POINT_DECIMALS ? NOT_FIXED_DEC : dec_arg),
-              0, 0)
-{
-  not_fixed= not_fixed_arg;
-}
-
 int Field_double::store(const char *from,size_t len,CHARSET_INFO *cs)
 {
   int error;
@@ -7743,7 +7685,20 @@ int Field_string::cmp(const uchar *a_ptr, const uchar *b_ptr) const
                                                    a_ptr, field_length,
                                                    b_ptr, field_length,
                                                    Field_string::char_length(),
-                        MY_STRNNCOLLSP_NCHARS_EMULATE_TRIMMED_TRAILING_SPACES);
+                                                   0);
+}
+
+
+int Field_string::cmp_prefix(const uchar *a_ptr, const uchar *b_ptr,
+                             size_t prefix_char_len) const
+{
+  size_t field_len= table->field[field_index]->field_length;
+
+  return field_charset()->coll->strnncollsp_nchars(field_charset(),
+                                                   a_ptr, field_len,
+                                                   b_ptr, field_len,
+                                                   prefix_char_len,
+                                                   0);
 }
 
 
@@ -11396,6 +11351,7 @@ void Field::set_warning_truncated_wrong_value(const char *type_arg,
 void Field::raise_note_cannot_use_key_part(THD *thd,
                                            uint keynr, uint part,
                                            const LEX_CSTRING &op,
+                                           CHARSET_INFO *op_collation,
                                            Item *value,
                                            Data_type_compatibility reason)
                                            const
@@ -11416,7 +11372,7 @@ void Field::raise_note_cannot_use_key_part(THD *thd,
   case Data_type_compatibility::INCOMPATIBLE_COLLATION:
     {
       const LEX_CSTRING colf(charset()->coll_name);
-      const LEX_CSTRING colv(value->collation.collation->coll_name);
+      const LEX_CSTRING colv(op_collation->coll_name);
       push_warning_printf(thd, Sql_condition::WARN_LEVEL_NOTE,
                           ER_UNKNOWN_ERROR,
                           "Cannot use key %`.*s part[%u] for lookup: "
diff --git a/sql/field.h b/sql/field.h
index c456b2e7..8563375f 100644
--- a/sql/field.h
+++ b/sql/field.h
@@ -1657,6 +1657,7 @@ public:
   void print_key_value_binary(String *out, const uchar* key, uint32 length);
   void raise_note_cannot_use_key_part(THD *thd, uint keynr, uint part,
                                       const LEX_CSTRING &op,
+                                      CHARSET_INFO *op_collation,
                                       Item *value,
                                       const Data_type_compatibility reason)
                                       const;
@@ -1836,6 +1837,16 @@ public:
     return flags & (VERS_ROW_START | VERS_ROW_END);
   }
 
+  bool vers_sys_start() const
+  {
+    return flags & VERS_ROW_START;
+  }
+
+  bool vers_sys_end() const
+  {
+    return flags & VERS_ROW_END;
+  }
+
   bool vers_update_unversioned() const
   {
     return flags & VERS_UPDATE_UNVERSIONED_FLAG;
@@ -2137,7 +2148,7 @@ public:
 	    const LEX_CSTRING *field_name_arg,
 	    const DTCollation &collation);
   decimal_digits_t decimals() const override
-  { return is_created_from_null_item ? 0 : NOT_FIXED_DEC; }
+  { return is_created_from_null_item ? 0 : DECIMAL_NOT_SPECIFIED; }
   int  save_in_field(Field *to) override { return save_in_field_str(to); }
   bool memcpy_field_possible(const Field *from) const override
   {
@@ -2307,7 +2318,7 @@ public:
   Information_schema_numeric_attributes
     information_schema_numeric_attributes() const override
   {
-    return dec == NOT_FIXED_DEC ?
+    return dec == DECIMAL_NOT_SPECIFIED ?
                   Information_schema_numeric_attributes(field_length) :
                   Information_schema_numeric_attributes(field_length, dec);
   }
@@ -2879,15 +2890,24 @@ public:
      integers. But in all other cases we treat it as TIME_RESULT! */
 };
 
+static inline decimal_digits_t fix_dec_arg(decimal_digits_t dec_arg)
+{ return dec_arg >= FLOATING_POINT_DECIMALS ? DECIMAL_NOT_SPECIFIED : dec_arg; }
 
 class Field_float final :public Field_real {
 public:
   Field_float(uchar *ptr_arg, uint32 len_arg, uchar *null_ptr_arg,
 	      uchar null_bit_arg,
 	      enum utype unireg_check_arg, const LEX_CSTRING *field_name_arg,
-              decimal_digits_t dec_arg,bool zero_arg,bool unsigned_arg);
+              decimal_digits_t dec_arg,bool zero_arg,bool unsigned_arg)
+    :Field_real(ptr_arg, len_arg, null_ptr_arg, null_bit_arg,
+                unireg_check_arg, field_name_arg,
+                fix_dec_arg(dec_arg), zero_arg, unsigned_arg)
+    { }
   Field_float(uint32 len_arg, bool maybe_null_arg,
-              const LEX_CSTRING *field_name_arg, decimal_digits_t dec_arg);
+              const LEX_CSTRING *field_name_arg, decimal_digits_t dec_arg)
+    :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "": 0, (uint) 0,
+                NONE, field_name_arg, fix_dec_arg(dec_arg), 0, 0)
+    { }
   const Type_handler *type_handler() const override
   { return &type_handler_float; }
   enum ha_base_keytype key_type() const override { return HA_KEYTYPE_FLOAT; }
@@ -2920,12 +2940,24 @@ public:
   Field_double(uchar *ptr_arg, uint32 len_arg, uchar *null_ptr_arg,
 	       uchar null_bit_arg,
 	       enum utype unireg_check_arg, const LEX_CSTRING *field_name_arg,
-	       decimal_digits_t dec_arg,bool zero_arg,bool unsigned_arg);
+	       decimal_digits_t dec_arg,bool zero_arg,bool unsigned_arg)
+    :Field_real(ptr_arg, len_arg, null_ptr_arg, null_bit_arg,
+                unireg_check_arg, field_name_arg,
+                fix_dec_arg(dec_arg), zero_arg, unsigned_arg)
+    { }
   Field_double(uint32 len_arg, bool maybe_null_arg,
-               const LEX_CSTRING *field_name_arg, decimal_digits_t dec_arg);
+               const LEX_CSTRING *field_name_arg, decimal_digits_t dec_arg)
+    :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "" : 0, (uint) 0,
+                NONE, field_name_arg, fix_dec_arg(dec_arg), 0, 0)
+    { }
   Field_double(uint32 len_arg, bool maybe_null_arg,
                const LEX_CSTRING *field_name_arg,
-	       decimal_digits_t dec_arg, bool not_fixed_arg);
+	       decimal_digits_t dec_arg, bool not_fixed_arg)
+    :Field_real((uchar*) 0, len_arg, maybe_null_arg ? (uchar*) "" : 0, (uint) 0,
+                NONE, field_name_arg, fix_dec_arg(dec_arg), 0, 0)
+    {
+      not_fixed= not_fixed_arg;
+    }
   void init_for_tmp_table(Field *org_field, TABLE *new_table) override
   {
     Field::init_for_tmp_table(org_field, new_table);
@@ -4056,6 +4088,8 @@ public:
   String *val_str(String *, String *) override;
   my_decimal *val_decimal(my_decimal *) override;
   int cmp(const uchar *,const uchar *) const override;
+  int cmp_prefix(const uchar *a, const uchar *b, size_t prefix_char_len) const
+    override;
   void sort_string(uchar *buff,uint length) override;
   void update_data_type_statistics(Data_type_statistics *st) const override
   {
@@ -4078,9 +4112,6 @@ public:
   bool compatible_field_size(uint field_metadata, const Relay_log_info *rli,
                              uint16 mflags, int *order_var) const override;
   uint row_pack_length() const override { return field_length; }
-  int pack_cmp(const uchar *a,const uchar *b,uint key_length,
-               bool insert_or_update);
-  int pack_cmp(const uchar *b,uint key_length,bool insert_or_update);
   uint packed_col_length(const uchar *to, uint length) override;
   uint max_packed_col_length(uint max_length) override;
   uint size_of() const override { return sizeof *this; }
diff --git a/sql/filesort.h b/sql/filesort.h
index ebb521e2..8c7931e7 100644
--- a/sql/filesort.h
+++ b/sql/filesort.h
@@ -56,8 +56,11 @@ public:
   bool using_pq;
   /* 
     TRUE means sort operation must produce table rowids. 
-    FALSE means that it halso has an option of producing {sort_key,
-    addon_fields} pairs.
+    FALSE means that it also has an option of producing {sort_key, addon_fields}
+          pairs.
+
+    Usually initialized with value of join_tab->keep_current_rowid to allow for
+    a call to table->file->position() using these table rowids.
   */
   bool sort_positions;
   /*
diff --git a/sql/ha_partition.cc b/sql/ha_partition.cc
index 5eadbe7e..e86badd5 100644
--- a/sql/ha_partition.cc
+++ b/sql/ha_partition.cc
@@ -4312,9 +4312,12 @@ int ha_partition::external_lock(THD *thd, int lock_type)
       (void) (*file)->ha_external_lock(thd, lock_type);
     } while (*(++file));
   }
-  if (lock_type == F_WRLCK && m_part_info->part_expr)
-    m_part_info->part_expr->walk(&Item::register_field_in_read_map, 1, 0);
-
+  if (lock_type == F_WRLCK)
+  {
+    if (m_part_info->part_expr)
+      m_part_info->part_expr->walk(&Item::register_field_in_read_map, 1, 0);
+    need_info_for_auto_inc();
+  }
   DBUG_RETURN(0);
 
 err_handler:
@@ -4628,33 +4631,8 @@ int ha_partition::write_row(const uchar * buf)
   */
   if (have_auto_increment)
   {
-    if (!table_share->next_number_keypart)
-      if (unlikely(error= update_next_auto_inc_val()))
-        goto exit;
-
-    /*
-      If we have failed to set the auto-increment value for this row,
-      it is highly likely that we will not be able to insert it into
-      the correct partition. We must check and fail if necessary.
-    */
     if (unlikely(error= update_auto_increment()))
       goto exit;
-
-    /*
-      Don't allow generation of auto_increment value the partitions handler.
-      If a partitions handler would change the value, then it might not
-      match the partition any longer.
-      This can occur if 'SET INSERT_ID = 0; INSERT (NULL)',
-      So allow this by adding 'MODE_NO_AUTO_VALUE_ON_ZERO' to sql_mode.
-      The partitions handler::next_insert_id must always be 0. Otherwise
-      we need to forward release_auto_increment, or reset it for all
-      partitions.
-    */
-    if (table->next_number_field->val_int() == 0)
-    {
-      table->auto_increment_field_not_null= TRUE;
-      thd->variables.sql_mode|= MODE_NO_AUTO_VALUE_ON_ZERO;
-    }
   }
   old_map= dbug_tmp_use_all_columns(table, &table->read_set);
   error= m_part_info->get_partition_id(m_part_info, &part_id, &func_value);
@@ -11017,10 +10995,7 @@ void ha_partition::get_auto_increment(ulonglong offset, ulonglong increment,
   else
   {
     THD *thd= ha_thd();
-    /*
-      This is initialized in the beginning of the first write_row call.
-    */
-    DBUG_ASSERT(part_share->auto_inc_initialized);
+    update_next_auto_inc_val();
     /*
       Get a lock for handling the auto_increment in part_share
       for avoiding two concurrent statements getting the same number.
diff --git a/sql/ha_partition.h b/sql/ha_partition.h
index 49e212f6..4b82bfb3 100644
--- a/sql/ha_partition.h
+++ b/sql/ha_partition.h
@@ -1408,9 +1408,8 @@ private:
   {
     ulonglong nr= (((Field_num*) field)->unsigned_flag ||
                    field->val_int() > 0) ? field->val_int() : 0;
+    update_next_auto_inc_val();
     lock_auto_increment();
-    DBUG_ASSERT(part_share->auto_inc_initialized ||
-                !can_use_for_auto_inc_init());
     /* must check when the mutex is taken */
     if (nr >= part_share->next_auto_inc_val)
       part_share->next_auto_inc_val= nr + 1;
diff --git a/sql/ha_sequence.cc b/sql/ha_sequence.cc
index bab06147..92b307ff 100644
--- a/sql/ha_sequence.cc
+++ b/sql/ha_sequence.cc
@@ -271,13 +271,26 @@ int ha_sequence::write_row(const uchar *buf)
   }
 
 #ifdef WITH_WSREP
-  /* We need to start Galera transaction for select NEXT VALUE FOR
-  sequence if it is not yet started. Note that ALTER is handled
-  as TOI. */
-  if (WSREP_ON && WSREP(thd) &&
-      !thd->wsrep_trx().active() &&
-      wsrep_thd_is_local(thd))
-    wsrep_start_transaction(thd, thd->wsrep_next_trx_id());
+  if (WSREP_ON && WSREP(thd) && wsrep_thd_is_local(thd))
+  {
+    if (sequence_locked &&
+        (wsrep_thd_is_SR(thd) || wsrep_streaming_enabled(thd)))
+    {
+      my_error(ER_NOT_SUPPORTED_YET, MYF(0),
+               "SEQUENCEs with streaming replication in Galera cluster");
+      DBUG_RETURN(HA_ERR_UNSUPPORTED);
+    }
+
+    /*
+       We need to start Galera transaction for select NEXT VALUE FOR
+       sequence if it is not yet started. Note that ALTER is handled
+       as TOI.
+    */
+    if (!thd->wsrep_trx().active())
+    {
+      wsrep_start_transaction(thd, thd->wsrep_next_trx_id());
+    }
+  }
 #endif
 
   if (likely(!(error= file->update_first_row(buf))))
diff --git a/sql/handler.cc b/sql/handler.cc
index 230bcf5e..17cf018b 100644
--- a/sql/handler.cc
+++ b/sql/handler.cc
@@ -619,7 +619,7 @@ int ha_finalize_handlerton(st_plugin_int *plugin)
 
 
 const char *hton_no_exts[]= { 0 };
-
+static bool ddl_recovery_done= false;
 
 int ha_initialize_handlerton(st_plugin_int *plugin)
 {
@@ -769,6 +769,9 @@ int ha_initialize_handlerton(st_plugin_int *plugin)
   resolve_sysvar_table_options(hton);
   update_discovery_counters(hton, 1);
 
+  if (ddl_recovery_done && hton->signal_ddl_recovery_done)
+    hton->signal_ddl_recovery_done(hton);
+
   DBUG_RETURN(ret);
 
 err_deinit:
@@ -955,7 +958,8 @@ static my_bool signal_ddl_recovery_done(THD *, plugin_ref plugin, void *)
 {
   handlerton *hton= plugin_hton(plugin);
   if (hton->signal_ddl_recovery_done)
-    (hton->signal_ddl_recovery_done)(hton);
+	  if ((hton->signal_ddl_recovery_done)(hton))
+		  plugin_ref_to_int(plugin)->state= PLUGIN_IS_DELETED;
   return 0;
 }
 
@@ -965,6 +969,7 @@ void ha_signal_ddl_recovery_done()
   DBUG_ENTER("ha_signal_ddl_recovery_done");
   plugin_foreach(NULL, signal_ddl_recovery_done, MYSQL_STORAGE_ENGINE_PLUGIN,
                  NULL);
+  ddl_recovery_done= true;
   DBUG_VOID_RETURN;
 }
 
@@ -7642,7 +7647,12 @@ int handler::ha_write_row(const uchar *buf)
   {
     DBUG_ASSERT(inited == NONE || lookup_handler != this);
     if ((error= check_duplicate_long_entries(buf)))
+    {
+      if (table->next_number_field && buf == table->record[0])
+        if (int err= update_auto_increment())
+          error= err;
       DBUG_RETURN(error);
+    }
   }
 
   MYSQL_INSERT_ROW_START(table_share->db.str, table_share->table_name.str);
diff --git a/sql/handler.h b/sql/handler.h
index 50ec0ed1..a8484e2a 100644
--- a/sql/handler.h
+++ b/sql/handler.h
@@ -1495,7 +1495,7 @@ struct handlerton
                        const LEX_CUSTRING *version, ulonglong create_id);
 
   /* Called for all storage handlers after ddl recovery is done */
-  void (*signal_ddl_recovery_done)(handlerton *hton);
+  int (*signal_ddl_recovery_done)(handlerton *hton);
 
    /*
      Optional clauses in the CREATE/ALTER TABLE
diff --git a/sql/item.cc b/sql/item.cc
index c6d51e47..6f9eb9d1 100644
--- a/sql/item.cc
+++ b/sql/item.cc
@@ -2674,7 +2674,11 @@ bool Type_std_attributes::agg_item_set_converter(const DTCollation &coll,
     if (conv->fix_fields_if_needed(thd, arg))
       return TRUE;
 
-    if (!thd->stmt_arena->is_conventional())
+    if (!thd->stmt_arena->is_conventional() &&
+	((!thd->lex->current_select &&
+	  (thd->stmt_arena->is_stmt_prepare_or_first_sp_execute() ||
+           thd->stmt_arena->is_stmt_prepare_or_first_stmt_execute())) ||
+         thd->lex->current_select->first_cond_optimization))
     {
       Query_arena *arena, backup;
       arena= thd->activate_stmt_arena_if_needed(&backup);
@@ -2798,11 +2802,11 @@ Item_sp::func_name_cstring(THD *thd, bool is_package_function) const
       quoted `pkg` and `func` separately, so the entire result looks like:
          `db`.`pkg`.`func`
     */
-    Database_qualified_name tmp= Database_qualified_name::split(m_name->m_name);
-    DBUG_ASSERT(tmp.m_db.length);
-    append_identifier(thd, &qname, &tmp.m_db);
+    Identifier_chain2 tmp= Identifier_chain2::split(m_name->m_name);
+    DBUG_ASSERT(tmp[0].length);
+    append_identifier(thd, &qname, &tmp[0]);
     qname.append('.');
-    append_identifier(thd, &qname, &tmp.m_name);
+    append_identifier(thd, &qname, &tmp[1]);
   }
   else
     append_identifier(thd, &qname, &m_name->m_name);
@@ -7040,7 +7044,25 @@ Item *Item_float::neg(THD *thd)
   else if (value < 0 && max_length)
     max_length--;
   value= -value;
-  presentation= 0;
+  if (presentation)
+  {
+    if (*presentation == '-')
+    {
+      // Strip double minus: -(-1) -> '1' instead of '--1'
+      presentation++;
+    }
+    else
+    {
+      size_t presentation_length= strlen(presentation);
+      if (char *tmp= (char*) thd->alloc(presentation_length + 2))
+      {
+        tmp[0]= '-';
+        // Copy with the trailing '\0'
+        memcpy(tmp + 1, presentation, presentation_length + 1);
+        presentation= tmp;
+      }
+    }
+  }
   name= null_clex_str;
   return this;
 }
diff --git a/sql/item.h b/sql/item.h
index b967b4cc..6f552385 100644
--- a/sql/item.h
+++ b/sql/item.h
@@ -28,6 +28,7 @@
 #include "field.h"                              /* Derivation */
 #include "sql_type.h"
 #include "sql_time.h"
+#include "sql_schema.h"
 #include "mem_root_array.h"
 
 #include "cset_narrowing.h"
@@ -1015,6 +1016,19 @@ public:
     expressions with subqueries in the ORDER/GROUP clauses.
   */
   String *val_str() { return val_str(&str_value); }
+  String *val_str_null_to_empty(String *to)
+  {
+    String *res= val_str(to);
+    if (res)
+      return res;
+    to->set_charset(collation.collation);
+    to->length(0);
+    return to;
+  }
+  String *val_str_null_to_empty(String *to, bool null_to_empty)
+  {
+    return null_to_empty ? val_str_null_to_empty(to) : val_str(to);
+  }
   virtual Item_func *get_item_func() { return NULL; }
 
   const MY_LOCALE *locale_from_val_str();
@@ -1986,7 +2000,8 @@ public:
                                        QT_ITEM_IDENT_SKIP_DB_NAMES |
                                        QT_ITEM_IDENT_SKIP_TABLE_NAMES |
                                        QT_NO_DATA_EXPANSION |
-                                       QT_TO_SYSTEM_CHARSET),
+                                       QT_TO_SYSTEM_CHARSET |
+                                       QT_FOR_FRM),
                      LOWEST_PRECEDENCE);
   }
   virtual void print(String *str, enum_query_type query_type);
@@ -5482,6 +5497,14 @@ public:
     return (this->*processor)(arg);
   }
   /*
+    Built-in schema, e.g. mariadb_schema, oracle_schema, maxdb_schema
+  */
+  virtual const Schema *schema() const
+  {
+    // A function does not belong to a built-in schema by default
+    return NULL;
+  }
+  /*
     This method is used for debug purposes to print the name of an
     item to the debug log. The second use of this method is as
     a helper function of print() and error messages, where it is
diff --git a/sql/item_cmpfunc.cc b/sql/item_cmpfunc.cc
index bfe03e1c..c1654bfd 100644
--- a/sql/item_cmpfunc.cc
+++ b/sql/item_cmpfunc.cc
@@ -457,40 +457,6 @@ void Item_bool_func::raise_note_if_key_become_unused(THD *thd, const Item_args &
 }
 
 
-bool Item_func::setup_args_and_comparator(THD *thd, Arg_comparator *cmp)
-{
-  DBUG_ASSERT(arg_count >= 2); // Item_func_nullif has arg_count == 3
-
-  if (args[0]->cmp_type() == STRING_RESULT &&
-      args[1]->cmp_type() == STRING_RESULT)
-  {
-    CHARSET_INFO *tmp;
-    /*
-      Use charset narrowing only for equalities, as that would allow
-      to construct ref access.
-      Non-equality comparisons with constants work without charset narrowing,
-      the constant gets converted.
-      Non-equality comparisons with non-constants would need narrowing to
-      enable range optimizer to handle e.g.
-        t1.mb3key_col <= const_table.mb4_col
-      But this doesn't look important.
-    */
-    bool allow_narrowing= MY_TEST(functype()==Item_func::EQ_FUNC ||
-                                  functype()==Item_func::EQUAL_FUNC);
-
-    if (agg_arg_charsets_for_comparison(&tmp, &args[0], &args[1],
-                                        allow_narrowing))
-      return true;
-    cmp->m_compare_collation= tmp;
-  }
-  //  Convert constants when compared to int/year field
-  DBUG_ASSERT(functype() != LIKE_FUNC);
-  convert_const_compared_to_int_field(thd);
-
-  return cmp->set_cmp_func(thd, this, &args[0], &args[1], true);
-}
-
-
 /*
   Comparison operators remove arguments' dependency on PAD_CHAR_TO_FULL_LENGTH
   in case of PAD SPACE comparison collations: trailing spaces do not affect
@@ -519,8 +485,15 @@ bool Item_bool_rowready_func2::fix_length_and_dec(THD *thd)
   if (!args[0] || !args[1])
     return FALSE;
   Item_args old_args(args[0], args[1]);
-  if (setup_args_and_comparator(thd, &cmp))
+  convert_const_compared_to_int_field(thd);
+  Type_handler_hybrid_field_type tmp;
+  if (tmp.aggregate_for_comparison(func_name_cstring(), args, 2, false) ||
+      tmp.type_handler()->Item_bool_rowready_func2_fix_length_and_dec(thd,
+                                                                      this))
+  {
+    DBUG_ASSERT(thd->is_error());
     return true;
+  }
   raise_note_if_key_become_unused(thd, old_args);
   return false;
 }
@@ -540,21 +513,14 @@ bool Item_bool_rowready_func2::fix_length_and_dec(THD *thd)
 */
 
 int Arg_comparator::set_cmp_func(THD *thd, Item_func_or_sum *owner_arg,
+                                 const Type_handler *compare_handler,
                                  Item **a1, Item **a2)
 {
   owner= owner_arg;
   set_null= set_null && owner_arg;
   a= a1;
   b= a2;
-  Item *tmp_args[2]= {*a1, *a2};
-  Type_handler_hybrid_field_type tmp;
-  if (tmp.aggregate_for_comparison(owner_arg->func_name_cstring(), tmp_args, 2,
-                                   false))
-  {
-    DBUG_ASSERT(thd->is_error());
-    return 1;
-  }
-  m_compare_handler= tmp.type_handler();
+  m_compare_handler= compare_handler;
   return m_compare_handler->set_comparator_func(thd, this);
 }
 
@@ -605,6 +571,14 @@ bool Arg_comparator::set_cmp_func_string(THD *thd)
       We must set cmp_collation here as we may be called from for an automatic
       generated item, like in natural join.
       Allow reinterpted superset as subset.
+      Use charset narrowing only for equalities, as that would allow
+      to construct ref access.
+      Non-equality comparisons with constants work without charset narrowing,
+      the constant gets converted.
+      Non-equality comparisons with non-constants would need narrowing to
+      enable range optimizer to handle e.g.
+        t1.mb3key_col <= const_table.mb4_col
+      But this doesn't look important.
     */
     bool allow_narrowing= false;
     if (owner->type() == Item::FUNC_ITEM)
@@ -1509,6 +1483,23 @@ bool Item_in_optimizer::invisible_mode()
 }
 
 
+bool Item_in_optimizer::walk(Item_processor processor,
+                             bool walk_subquery,
+                             void *arg)
+{
+  bool res= FALSE;
+  if (args[1]->type() == Item::SUBSELECT_ITEM &&
+      ((Item_subselect *)args[1])->substype() != Item_subselect::EXISTS_SUBS &&
+      !(((Item_subselect *)args[1])->substype() == Item_subselect::IN_SUBS &&
+        ((Item_in_subselect *)args[1])->test_strategy(SUBS_IN_TO_EXISTS)))
+    res= args[0]->walk(processor, walk_subquery, arg);
+  if (!res)
+    res= args[1]->walk(processor, walk_subquery, arg);
+
+  return res || (this->*processor)(arg);
+}
+
+
 /**
   Add an expression cache for this subquery if it is needed
 
@@ -2812,8 +2803,9 @@ Item_func_nullif::fix_length_and_dec(THD *thd)
   fix_char_length(args[2]->max_char_length());
   set_maybe_null();
   m_arg0= args[0];
-  if (setup_args_and_comparator(thd, &cmp))
-    return TRUE;
+  convert_const_compared_to_int_field(thd);
+  if (cmp.set_cmp_func(thd, this, &args[0], &args[1], true/*set_null*/))
+    return true;
   /*
     A special code for EXECUTE..PREPARE.
 
@@ -3484,7 +3476,13 @@ void Item_func_case_simple::print(String *str, enum_query_type query_type)
 
 void Item_func_decode_oracle::print(String *str, enum_query_type query_type)
 {
-  str->append(func_name_cstring());
+  if (query_type & QT_FOR_FRM)
+  {
+    // 10.3 downgrade compatibility for FRM
+    str->append(STRING_WITH_LEN("decode_oracle"));
+  }
+  else
+    print_sql_mode_qualified_name(str, query_type);
   str->append('(');
   args[0]->print(str, query_type);
   for (uint i= 1, count= when_count() ; i <= count; i++)
@@ -6092,7 +6090,7 @@ void Regexp_processor_pcre::init(CHARSET_INFO *data_charset, int extra_flags)
 
   // Convert text data to utf-8.
   m_library_charset= data_charset == &my_charset_bin ?
-                     &my_charset_bin : &my_charset_utf8mb3_general_ci;
+                     &my_charset_bin : &my_charset_utf8mb4_general_ci;
 
   m_conversion_is_needed= (data_charset != &my_charset_bin) &&
                           !my_charset_same(data_charset, m_library_charset);
diff --git a/sql/item_cmpfunc.h b/sql/item_cmpfunc.h
index a67dfb5d..3d5710cd 100644
--- a/sql/item_cmpfunc.h
+++ b/sql/item_cmpfunc.h
@@ -57,6 +57,7 @@ class Arg_comparator: public Sql_alloc
                                    //   when one of arguments is NULL.
 
   int set_cmp_func(THD *thd, Item_func_or_sum *owner_arg,
+                   const Type_handler *compare_handler,
                    Item **a1, Item **a2);
 
   int compare_not_null_values(longlong val1, longlong val2)
@@ -95,11 +96,24 @@ public:
   bool set_cmp_func_decimal(THD *thd);
 
   inline int set_cmp_func(THD *thd, Item_func_or_sum *owner_arg,
-			  Item **a1, Item **a2, bool set_null_arg)
+                          const Type_handler *compare_handler,
+                          Item **a1, Item **a2, bool set_null_arg)
   {
     set_null= set_null_arg;
-    return set_cmp_func(thd, owner_arg, a1, a2);
+    return set_cmp_func(thd, owner_arg, compare_handler, a1, a2);
   }
+  int set_cmp_func(THD *thd, Item_func_or_sum *owner_arg,
+                   Item **a1, Item **a2, bool set_null_arg)
+  {
+    Item *tmp_args[2]= { *a1, *a2 };
+    Type_handler_hybrid_field_type tmp;
+    if (tmp.aggregate_for_comparison(owner_arg->func_name_cstring(),
+                                     tmp_args, 2, false))
+      return 1;
+    return set_cmp_func(thd, owner_arg, tmp.type_handler(),
+                        a1, a2, set_null_arg);
+  }
+
   inline int compare() { return (this->*func)(); }
 
   int compare_string();		 // compare args[0] & args[1]
@@ -414,6 +428,7 @@ public:
   void fix_after_pullout(st_select_lex *new_parent, Item **ref,
                          bool merge) override;
   bool invisible_mode();
+  bool walk(Item_processor processor, bool walk_subquery, void *arg) override;
   void reset_cache() { cache= NULL; }
   void print(String *str, enum_query_type query_type) override;
   void restore_first_argument();
@@ -561,9 +576,17 @@ public:
     return this;
   }
   bool fix_length_and_dec(THD *thd) override;
+  bool fix_length_and_dec_generic(THD *thd,
+                                  const Type_handler *compare_handler)
+  {
+    DBUG_ASSERT(args == tmp_arg);
+    return cmp.set_cmp_func(thd, this, compare_handler,
+                            tmp_arg, tmp_arg + 1, true/*set_null*/);
+  }
   int set_cmp_func(THD *thd)
   {
-    return cmp.set_cmp_func(thd, this, tmp_arg, tmp_arg + 1, true);
+    DBUG_ASSERT(args == tmp_arg);
+    return cmp.set_cmp_func(thd, this, tmp_arg, tmp_arg + 1, true/*set_null*/);
   }
   CHARSET_INFO *compare_collation() const override
   { return cmp.compare_collation(); }
@@ -2439,9 +2462,10 @@ public:
   Item_func_decode_oracle(THD *thd, List<Item> &list)
    :Item_func_case_simple(thd, list)
   { }
+  const Schema *schema() const override { return &oracle_schema_ref; }
   LEX_CSTRING func_name_cstring() const override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("decode_oracle") };
+    static LEX_CSTRING name= {STRING_WITH_LEN("decode") };
     return name;
   }
   void print(String *str, enum_query_type query_type) override;
@@ -3020,7 +3044,7 @@ public:
     m_pcre(NULL), m_pcre_match_data(NULL),
     m_conversion_is_needed(true), m_is_const(0),
     m_library_flags(0),
-    m_library_charset(&my_charset_utf8mb3_general_ci)
+    m_library_charset(&my_charset_utf8mb4_general_ci)
   {}
   int default_regex_flags();
   void init(CHARSET_INFO *data_charset, int extra_flags);
diff --git a/sql/item_create.cc b/sql/item_create.cc
index b26610a5..156a6b3f 100644
--- a/sql/item_create.cc
+++ b/sql/item_create.cc
@@ -127,6 +127,19 @@ protected:
 };
 
 
+class Create_func_addmonths : public Create_func_arg2
+{
+public:
+  virtual Item *create_2_arg(THD *thd, Item *arg1, Item *arg2);
+
+  static Create_func_addmonths s_singleton;
+
+protected:
+  Create_func_addmonths() = default;
+  virtual ~Create_func_addmonths() = default;
+};
+
+
 class Create_func_aes_encrypt : public Create_func_arg2
 {
 public:
@@ -258,6 +271,19 @@ protected:
 };
 
 
+class Create_func_collation : public Create_func_arg1
+{
+public:
+  virtual Item *create_1_arg(THD *thd, Item *arg1);
+
+  static Create_func_collation s_singleton;
+
+protected:
+  Create_func_collation() = default;
+  virtual ~Create_func_collation() = default;
+};
+
+
 class Create_func_chr : public Create_func_arg1
 {
 public:
@@ -345,6 +371,20 @@ protected:
 };
 
 
+class Create_func_coalesce : public Create_native_func
+{
+public:
+  virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
+                              List<Item> *item_list);
+
+  static Create_func_coalesce s_singleton;
+
+protected:
+  Create_func_coalesce() = default;
+  virtual ~Create_func_coalesce() = default;
+};
+
+
 class Create_func_compress : public Create_func_arg1
 {
 public:
@@ -427,9 +467,6 @@ public:
   virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
                               List<Item> *item_list)
   {
-    if (thd->variables.sql_mode & MODE_ORACLE)
-      return Create_func_decode_oracle::s_singleton.create_native(thd, name,
-                                                                  item_list);
     if (unlikely(!item_list || item_list->elements != 2))
     {
       my_error(ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT, MYF(0), name->str);
@@ -475,6 +512,19 @@ protected:
 };
 
 
+class Create_func_database : public Create_func_arg0
+{
+public:
+  virtual Item *create_builder(THD *thd);
+
+  static Create_func_database s_singleton;
+
+protected:
+  Create_func_database() = default;
+  virtual ~Create_func_database() = default;
+};
+
+
 class Create_func_nvl2 : public Create_func_arg3
 {
 public:
@@ -581,6 +631,22 @@ protected:
 };
 
 
+class Create_func_date_format : public Create_native_func
+{
+public:
+  virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
+                              List<Item> *item_list);
+
+  static Create_func_date_format s_singleton;
+
+protected:
+  Create_func_date_format() = default;
+  virtual ~Create_func_date_format() = default;
+};
+
+
+
+
 class Create_func_dayname : public Create_func_arg1
 {
 public:
@@ -1439,6 +1505,31 @@ protected:
   virtual ~Create_func_octet_length() = default;
 };
 
+class Create_func_old_password : public Create_func_arg1
+{
+public:
+  virtual Item *create_1_arg(THD *thd, Item *arg1);
+
+  static Create_func_old_password s_singleton;
+
+protected:
+  Create_func_old_password() = default;
+  virtual ~Create_func_old_password() = default;
+};
+
+
+class Create_func_password : public Create_func_arg1
+{
+public:
+  virtual Item *create_1_arg(THD *thd, Item *arg1);
+
+  static Create_func_password s_singleton;
+
+protected:
+  Create_func_password() = default;
+  virtual ~Create_func_password() = default;
+};
+
 
 #ifndef DBUG_OFF
 class Create_func_like_range_min : public Create_func_arg2
@@ -1554,9 +1645,7 @@ public:
   virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
                               List<Item> *item_list)
   {
-    return thd->variables.sql_mode & MODE_ORACLE ?
-           create_native_oracle(thd, name, item_list) :
-           create_native_std(thd, name, item_list);
+    return create_native_std(thd, name, item_list);
   }
   static Create_func_lpad s_singleton;
 
@@ -1689,6 +1778,32 @@ protected:
 };
 
 
+class Create_func_microsecond : public Create_func_arg1
+{
+public:
+  virtual Item *create_1_arg(THD *thd, Item *arg1);
+
+  static Create_func_microsecond s_singleton;
+
+protected:
+  Create_func_microsecond() = default;
+  virtual ~Create_func_microsecond() = default;
+};
+
+
+class Create_func_mod : public Create_func_arg2
+{
+public:
+  virtual Item *create_2_arg(THD *thd, Item *arg1, Item *arg2);
+
+  static Create_func_mod s_singleton;
+
+protected:
+  Create_func_mod() = default;
+  virtual ~Create_func_mod() = default;
+};
+
+
 class Create_func_monthname : public Create_func_arg1
 {
 public:
@@ -1815,6 +1930,19 @@ protected:
 };
 
 
+class Create_func_quarter : public Create_func_arg1
+{
+public:
+  virtual Item *create_1_arg(THD *thd, Item *arg1);
+
+  static Create_func_quarter s_singleton;
+
+protected:
+  Create_func_quarter() = default;
+  virtual ~Create_func_quarter() = default;
+};
+
+
 class Create_func_quote : public Create_func_arg1
 {
 public:
@@ -1844,7 +1972,10 @@ protected:
 class Create_func_regexp_replace : public Create_func_arg3
 {
 public:
-  virtual Item *create_3_arg(THD *thd, Item *arg1, Item *arg2, Item *arg3);
+  Item *create_3_arg(THD *thd, Item *arg1, Item *arg2, Item *arg3) override
+  {
+    return new (thd->mem_root) Item_func_regexp_replace(thd, arg1, arg2, arg3);
+  }
 
   static Create_func_regexp_replace s_singleton;
 
@@ -1853,6 +1984,28 @@ protected:
   virtual ~Create_func_regexp_replace() = default;
 };
 
+Create_func_regexp_replace Create_func_regexp_replace::s_singleton;
+
+
+class Create_func_regexp_replace_oracle : public Create_func_arg3
+{
+public:
+  Item *create_3_arg(THD *thd, Item *arg1, Item *arg2, Item *arg3) override
+  {
+    return new (thd->mem_root) Item_func_regexp_replace_oracle(thd, arg1,
+                                                               arg2, arg3);
+  }
+
+  static Create_func_regexp_replace_oracle s_singleton;
+
+protected:
+  Create_func_regexp_replace_oracle() = default;
+  virtual ~Create_func_regexp_replace_oracle() = default;
+};
+
+Create_func_regexp_replace_oracle
+  Create_func_regexp_replace_oracle::s_singleton;
+
 
 class Create_func_regexp_substr : public Create_func_arg2
 {
@@ -1969,15 +2122,26 @@ protected:
 };
 
 
+class Create_func_row_count : public Create_func_arg0
+{
+public:
+  virtual Item *create_builder(THD *thd);
+
+  static Create_func_row_count s_singleton;
+
+protected:
+  Create_func_row_count() = default;
+  virtual ~Create_func_row_count() = default;
+};
+
+
 class Create_func_rpad : public Create_native_func
 {
 public:
   virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
                               List<Item> *item_list)
   {
-    return thd->variables.sql_mode & MODE_ORACLE ?
-           create_native_oracle(thd, name, item_list) :
-           create_native_std(thd, name, item_list);
+    return create_native_std(thd, name, item_list);
   }
   static Create_func_rpad s_singleton;
 
@@ -2418,6 +2582,20 @@ protected:
 };
 
 
+class Create_func_week : public Create_native_func
+{
+public:
+  virtual Item *create_native(THD *thd, const LEX_CSTRING *name,
+                              List<Item> *item_list);
+
+  static Create_func_week s_singleton;
+
+protected:
+  Create_func_week() = default;
+  virtual ~Create_func_week() = default;
+};
+
+
 class Create_func_weekday : public Create_func_arg1
 {
 public:
@@ -2897,6 +3075,16 @@ Create_func_addtime::create_2_arg(THD *thd, Item *arg1, Item *arg2)
 }
 
 
+Create_func_addmonths Create_func_addmonths::s_singleton;
+
+Item*
+Create_func_addmonths::create_2_arg(THD *thd, Item *arg1, Item *arg2)
+{
+  return new (thd->mem_root)
+    Item_date_add_interval(thd, arg1, arg2, INTERVAL_MONTH, false);
+}
+
+
 Create_func_aes_encrypt Create_func_aes_encrypt::s_singleton;
 
 Item*
@@ -3026,6 +3214,15 @@ Create_func_ceiling::create_1_arg(THD *thd, Item *arg1)
 }
 
 
+Create_func_collation Create_func_collation::s_singleton;
+
+Item*
+Create_func_collation::create_1_arg(THD *thd, Item *arg1)
+{
+  return new (thd->mem_root) Item_func_collation(thd, arg1);
+}
+
+
 Create_func_chr Create_func_chr::s_singleton;
 
 Item*
@@ -3086,6 +3283,26 @@ Create_func_dyncol_json::create_1_arg(THD *thd, Item *arg1)
   return new (thd->mem_root) Item_func_dyncol_json(thd, arg1);
 }
 
+Create_func_coalesce Create_func_coalesce::s_singleton;
+
+Item*
+Create_func_coalesce::create_native(THD *thd, const LEX_CSTRING *name,
+                                  List<Item> *item_list)
+{
+  int arg_count= 0;
+
+  if (item_list != NULL)
+    arg_count= item_list->elements;
+
+  if (unlikely(arg_count < 1))
+  {
+    my_error(ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT, MYF(0), name->str);
+    return NULL;
+  }
+
+  return new (thd->mem_root) Item_func_coalesce(thd, *item_list);
+}
+
 Create_func_concat Create_func_concat::s_singleton;
 
 Item*
@@ -3103,9 +3320,7 @@ Create_func_concat::create_native(THD *thd, const LEX_CSTRING *name,
     return NULL;
   }
 
-  return thd->variables.sql_mode & MODE_ORACLE ?
-    new (thd->mem_root) Item_func_concat_operator_oracle(thd, *item_list) :
-    new (thd->mem_root) Item_func_concat(thd, *item_list);
+  return new (thd->mem_root) Item_func_concat(thd, *item_list);
 }
 
 Create_func_concat_operator_oracle
@@ -3182,6 +3397,16 @@ Create_func_connection_id::create_builder(THD *thd)
 }
 
 
+Create_func_database Create_func_database::s_singleton;
+
+Item*
+Create_func_database::create_builder(THD *thd)
+{
+  thd->lex->safe_to_cache_query= 0;
+  return new (thd->mem_root) Item_func_database(thd);
+}
+
+
 Create_func_nvl2 Create_func_nvl2::s_singleton;
 
 Item*
@@ -3290,6 +3515,37 @@ Create_func_datediff::create_2_arg(THD *thd, Item *arg1, Item *arg2)
   return new (thd->mem_root) Item_func_minus(thd, i1, i2);
 }
 
+Create_func_date_format Create_func_date_format::s_singleton;
+
+Item*
+Create_func_date_format::create_native(THD *thd, const LEX_CSTRING *name,
+                                      List<Item> *item_list)
+{
+  int arg_count= 0;
+
+  if (item_list != NULL)
+    arg_count= item_list->elements;
+
+  switch (arg_count) {
+  case 2:
+  {
+    Item *param_1= item_list->pop();
+    Item *param_2= item_list->pop();
+    return new (thd->mem_root) Item_func_date_format(thd, param_1, param_2);
+  }
+  case 3:
+  {
+    Item *param_1= item_list->pop();
+    Item *param_2= item_list->pop();
+    Item *param_3= item_list->pop();
+    return new (thd->mem_root) Item_func_date_format(thd,
+                                 param_1, param_2, param_3);
+  }
+  }
+  my_error(ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT, MYF(0), name->str);
+  return NULL;
+}
+
 
 Create_func_dayname Create_func_dayname::s_singleton;
 
@@ -4430,10 +4686,24 @@ Create_func_length Create_func_length::s_singleton;
 Item*
 Create_func_length::create_1_arg(THD *thd, Item *arg1)
 {
-  if (thd->variables.sql_mode & MODE_ORACLE)
-    return new (thd->mem_root) Item_func_char_length(thd, arg1);
-  else
-    return new (thd->mem_root) Item_func_octet_length(thd, arg1);
+  return new (thd->mem_root) Item_func_octet_length(thd, arg1);
+}
+
+Create_func_old_password Create_func_old_password::s_singleton;
+
+Item*
+Create_func_old_password::create_1_arg(THD *thd, Item *arg1)
+{
+  return new (thd->mem_root) Item_func_password(thd, arg1,
+                                                Item_func_password::OLD);
+}
+
+Create_func_password Create_func_password::s_singleton;
+
+Item*
+Create_func_password::create_1_arg(THD *thd, Item *arg1)
+{
+  return new (thd->mem_root) Item_func_password(thd, arg1);
 }
 
 Create_func_octet_length Create_func_octet_length::s_singleton;
@@ -4651,7 +4921,7 @@ Create_func_ltrim Create_func_ltrim::s_singleton;
 Item*
 Create_func_ltrim::create_1_arg(THD *thd, Item *arg1)
 {
-  return Lex_trim(TRIM_LEADING, arg1).make_item_func_trim(thd);
+  return Lex_trim(TRIM_LEADING, arg1).make_item_func_trim_std(thd);
 }
 
 
@@ -4810,6 +5080,24 @@ Item *Create_func_natural_sort_key::create_1_arg(THD *thd, Item* arg1)
   return new (thd->mem_root) Item_func_natural_sort_key(thd, arg1);
 }
 
+Create_func_microsecond Create_func_microsecond::s_singleton;
+
+Item*
+Create_func_microsecond::create_1_arg(THD *thd, Item *arg1)
+{
+  return new (thd->mem_root) Item_func_microsecond(thd, arg1);
+}
+
+
+Create_func_mod Create_func_mod::s_singleton;
+
+Item*
+Create_func_mod::create_2_arg(THD *thd, Item *arg1, Item *arg2)
+{
+  return new (thd->mem_root) Item_func_mod(thd, arg1, arg2);
+}
+
+
 Create_func_monthname Create_func_monthname::s_singleton;
 
 Item*
@@ -4912,30 +5200,30 @@ Create_func_pow::create_2_arg(THD *thd, Item *arg1, Item *arg2)
 }
 
 
-Create_func_quote Create_func_quote::s_singleton;
+Create_func_quarter Create_func_quarter::s_singleton;
 
 Item*
-Create_func_quote::create_1_arg(THD *thd, Item *arg1)
+Create_func_quarter::create_1_arg(THD *thd, Item *arg1)
 {
-  return new (thd->mem_root) Item_func_quote(thd, arg1);
+  return new (thd->mem_root) Item_func_quarter(thd, arg1);
 }
 
 
-Create_func_regexp_instr Create_func_regexp_instr::s_singleton;
+Create_func_quote Create_func_quote::s_singleton;
 
 Item*
-Create_func_regexp_instr::create_2_arg(THD *thd, Item *arg1, Item *arg2)
+Create_func_quote::create_1_arg(THD *thd, Item *arg1)
 {
-  return new (thd->mem_root) Item_func_regexp_instr(thd, arg1, arg2);
+  return new (thd->mem_root) Item_func_quote(thd, arg1);
 }
 
 
-Create_func_regexp_replace Create_func_regexp_replace::s_singleton;
+Create_func_regexp_instr Create_func_regexp_instr::s_singleton;
 
 Item*
-Create_func_regexp_replace::create_3_arg(THD *thd, Item *arg1, Item *arg2, Item *arg3)
+Create_func_regexp_instr::create_2_arg(THD *thd, Item *arg1, Item *arg2)
 {
-  return new (thd->mem_root) Item_func_regexp_replace(thd, arg1, arg2, arg3);
+  return new (thd->mem_root) Item_func_regexp_instr(thd, arg1, arg2);
 }
 
 
@@ -5097,6 +5385,17 @@ Create_func_round::create_native(THD *thd, const LEX_CSTRING *name,
 }
 
 
+Create_func_row_count Create_func_row_count::s_singleton;
+
+Item*
+Create_func_row_count::create_builder(THD *thd)
+{
+  thd->lex->set_stmt_unsafe(LEX::BINLOG_STMT_UNSAFE_SYSTEM_FUNCTION);
+  thd->lex->safe_to_cache_query= 0;
+  return new (thd->mem_root) Item_func_row_count(thd);
+}
+
+
 Create_func_rpad Create_func_rpad::s_singleton;
 
 Create_func_rpad_oracle Create_func_rpad_oracle::s_singleton;
@@ -5166,7 +5465,7 @@ Create_func_rtrim Create_func_rtrim::s_singleton;
 Item*
 Create_func_rtrim::create_1_arg(THD *thd, Item *arg1)
 {
-  return Lex_trim(TRIM_TRAILING, arg1).make_item_func_trim(thd);
+  return Lex_trim(TRIM_TRAILING, arg1).make_item_func_trim_std(thd);
 }
 
 
@@ -5551,6 +5850,43 @@ Create_func_version::create_builder(THD *thd)
 }
 
 
+Create_func_week Create_func_week::s_singleton;
+
+Item*
+Create_func_week::create_native(THD *thd, const LEX_CSTRING *name,
+                                List<Item> *item_list)
+{
+  Item* func= NULL;
+  int arg_count= 0;
+
+  if (item_list != NULL)
+    arg_count= item_list->elements;
+
+  switch (arg_count) {
+  case 1:
+  {
+    Item *param_1= item_list->pop();
+    func= new (thd->mem_root) Item_func_week(thd, param_1);
+    break;
+  }
+  case 2:
+  {
+    Item *param_1= item_list->pop();
+    Item *param_2= item_list->pop();
+    func= new (thd->mem_root) Item_func_week(thd, param_1, param_2);
+    break;
+  }
+  default:
+  {
+    my_error(ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT, MYF(0), name->str);
+    break;
+  }
+  }
+
+  return func;
+}
+
+
 Create_func_weekday Create_func_weekday::s_singleton;
 
 Item*
@@ -5701,6 +6037,7 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("ABS") }, BUILDER(Create_func_abs)},
   { { STRING_WITH_LEN("ACOS") }, BUILDER(Create_func_acos)},
   { { STRING_WITH_LEN("ADDTIME") }, BUILDER(Create_func_addtime)},
+  { { STRING_WITH_LEN("ADD_MONTHS") }, BUILDER(Create_func_addmonths)},
   { { STRING_WITH_LEN("AES_DECRYPT") }, BUILDER(Create_func_aes_decrypt)},
   { { STRING_WITH_LEN("AES_ENCRYPT") }, BUILDER(Create_func_aes_encrypt)},
   { { STRING_WITH_LEN("ASIN") }, BUILDER(Create_func_asin)},
@@ -5716,7 +6053,9 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("CHARACTER_LENGTH") }, BUILDER(Create_func_char_length)},
   { { STRING_WITH_LEN("CHAR_LENGTH") }, BUILDER(Create_func_char_length)},
   { { STRING_WITH_LEN("CHR") }, BUILDER(Create_func_chr)},
+  { { STRING_WITH_LEN("COALESCE") }, BUILDER(Create_func_coalesce)},
   { { STRING_WITH_LEN("COERCIBILITY") }, BUILDER(Create_func_coercibility)},
+  { { STRING_WITH_LEN("COLLATION") }, BUILDER(Create_func_collation)},
   { { STRING_WITH_LEN("COLUMN_CHECK") }, BUILDER(Create_func_dyncol_check)},
   { { STRING_WITH_LEN("COLUMN_EXISTS") }, BUILDER(Create_func_dyncol_exists)},
   { { STRING_WITH_LEN("COLUMN_LIST") }, BUILDER(Create_func_dyncol_list)},
@@ -5732,7 +6071,9 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("COT") }, BUILDER(Create_func_cot)},
   { { STRING_WITH_LEN("CRC32") }, BUILDER(Create_func_crc32)},
   { { STRING_WITH_LEN("CRC32C") }, BUILDER(Create_func_crc32c)},
+  { { STRING_WITH_LEN("DATABASE") }, BUILDER(Create_func_database)},
   { { STRING_WITH_LEN("DATEDIFF") }, BUILDER(Create_func_datediff)},
+  { { STRING_WITH_LEN("DATE_FORMAT") }, BUILDER(Create_func_date_format)},
   { { STRING_WITH_LEN("DAYNAME") }, BUILDER(Create_func_dayname)},
   { { STRING_WITH_LEN("DAYOFMONTH") }, BUILDER(Create_func_dayofmonth)},
   { { STRING_WITH_LEN("DAYOFWEEK") }, BUILDER(Create_func_dayofweek)},
@@ -5824,6 +6165,8 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("MASTER_GTID_WAIT") }, BUILDER(Create_func_master_gtid_wait)},
   { { STRING_WITH_LEN("MASTER_POS_WAIT") }, BUILDER(Create_func_master_pos_wait)},
   { { STRING_WITH_LEN("MD5") }, BUILDER(Create_func_md5)},
+  { { STRING_WITH_LEN("MICROSECOND") }, BUILDER(Create_func_microsecond)},
+  { { STRING_WITH_LEN("MOD") }, BUILDER(Create_func_mod)},
   { { STRING_WITH_LEN("MONTHNAME") }, BUILDER(Create_func_monthname)},
   { { STRING_WITH_LEN("NAME_CONST") }, BUILDER(Create_func_name_const)},
   {  {STRING_WITH_LEN("NATURAL_SORT_KEY")}, BUILDER(Create_func_natural_sort_key)},
@@ -5832,12 +6175,15 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("NULLIF") }, BUILDER(Create_func_nullif)},
   { { STRING_WITH_LEN("OCT") }, BUILDER(Create_func_oct)},
   { { STRING_WITH_LEN("OCTET_LENGTH") }, BUILDER(Create_func_octet_length)},
+  { { STRING_WITH_LEN("OLD_PASSWORD") }, BUILDER(Create_func_old_password)},
   { { STRING_WITH_LEN("ORD") }, BUILDER(Create_func_ord)},
+  { { STRING_WITH_LEN("PASSWORD") }, BUILDER(Create_func_password)},
   { { STRING_WITH_LEN("PERIOD_ADD") }, BUILDER(Create_func_period_add)},
   { { STRING_WITH_LEN("PERIOD_DIFF") }, BUILDER(Create_func_period_diff)},
   { { STRING_WITH_LEN("PI") }, BUILDER(Create_func_pi)},
   { { STRING_WITH_LEN("POW") }, BUILDER(Create_func_pow)},
   { { STRING_WITH_LEN("POWER") }, BUILDER(Create_func_pow)},
+  { { STRING_WITH_LEN("QUARTER") }, BUILDER(Create_func_quarter)},
   { { STRING_WITH_LEN("QUOTE") }, BUILDER(Create_func_quote)},
   { { STRING_WITH_LEN("RANDOM_BYTES")}, BUILDER(Create_func_random_bytes)},
   { { STRING_WITH_LEN("REGEXP_INSTR") }, BUILDER(Create_func_regexp_instr)},
@@ -5852,12 +6198,15 @@ const Native_func_registry func_array[] =
       BUILDER(Create_func_replace_oracle)},
   { { STRING_WITH_LEN("REVERSE") }, BUILDER(Create_func_reverse)},
   { { STRING_WITH_LEN("ROUND") }, BUILDER(Create_func_round)},
+  { { STRING_WITH_LEN("ROW_COUNT") }, BUILDER(Create_func_row_count)},
   { { STRING_WITH_LEN("RPAD") }, BUILDER(Create_func_rpad)},
   { { STRING_WITH_LEN("RPAD_ORACLE") }, BUILDER(Create_func_rpad_oracle)},
   { { STRING_WITH_LEN("RTRIM") }, BUILDER(Create_func_rtrim)},
   { { STRING_WITH_LEN("RTRIM_ORACLE") }, BUILDER(Create_func_rtrim_oracle)},
   { { STRING_WITH_LEN("SEC_TO_TIME") }, BUILDER(Create_func_sec_to_time)},
   { { STRING_WITH_LEN("SFORMAT") }, BUILDER(Create_func_sformat)},
+  { { STRING_WITH_LEN("SCHEMA") }, BUILDER(Create_func_database)},
+  { { STRING_WITH_LEN("SCHEMAS") }, BUILDER(Create_func_database)},
   { { STRING_WITH_LEN("SHA") }, BUILDER(Create_func_sha)},
   { { STRING_WITH_LEN("SHA1") }, BUILDER(Create_func_sha)},
   { { STRING_WITH_LEN("SHA2") }, BUILDER(Create_func_sha2)},
@@ -5890,6 +6239,7 @@ const Native_func_registry func_array[] =
   { { STRING_WITH_LEN("UPPER") }, BUILDER(Create_func_ucase)},
   { { STRING_WITH_LEN("UUID_SHORT") }, BUILDER(Create_func_uuid_short)},
   { { STRING_WITH_LEN("VERSION") }, BUILDER(Create_func_version)},
+  { { STRING_WITH_LEN("WEEK") }, BUILDER(Create_func_week)},
   { { STRING_WITH_LEN("WEEKDAY") }, BUILDER(Create_func_weekday)},
   { { STRING_WITH_LEN("WEEKOFYEAR") }, BUILDER(Create_func_weekofyear)},
 #ifdef WITH_WSREP
@@ -5903,9 +6253,27 @@ const Native_func_registry func_array[] =
 Native_func_registry_array
   native_func_registry_array(func_array, array_elements(func_array));
 
-const size_t func_array_length= sizeof(func_array) / sizeof(Native_func_registry) - 1;
+const Native_func_registry func_array_oracle_overrides[] =
+{
+  { { STRING_WITH_LEN("CONCAT") },  BUILDER(Create_func_concat_operator_oracle)},
+  { { STRING_WITH_LEN("DECODE") },  BUILDER(Create_func_decode_oracle)},
+  { { STRING_WITH_LEN("LENGTH") },  BUILDER(Create_func_char_length)},
+  { { STRING_WITH_LEN("LPAD") },    BUILDER(Create_func_lpad_oracle)},
+  { { STRING_WITH_LEN("LTRIM") },   BUILDER(Create_func_ltrim_oracle)},
+  { { STRING_WITH_LEN("REGEXP_REPLACE") },
+                                    BUILDER(Create_func_regexp_replace_oracle)},
+  { { STRING_WITH_LEN("RPAD") },    BUILDER(Create_func_rpad_oracle)},
+  { { STRING_WITH_LEN("RTRIM") },   BUILDER(Create_func_rtrim_oracle)},
+  { {0, 0}, NULL}
+};
+
+Native_func_registry_array
+  oracle_func_registry_array(func_array_oracle_overrides,
+                             array_elements(func_array_oracle_overrides));
 
 Native_functions_hash native_functions_hash;
+Native_functions_hash native_functions_hash_oracle;
+
 
 /*
   Load the hash table for native functions.
@@ -6034,13 +6402,30 @@ int item_create_init()
                                    native_func_registry_array_geom.count()))
     return true;
 #endif
-  return false;
+
+  count+= oracle_func_registry_array.count();
+
+  if (native_functions_hash_oracle.init(count) ||
+      native_functions_hash_oracle.append(native_func_registry_array.elements(),
+                                          native_func_registry_array.count()))
+    return true;
+
+#ifdef HAVE_SPATIAL
+  if (native_functions_hash_oracle.append(native_func_registry_array_geom.elements(),
+                                          native_func_registry_array_geom.count()))
+    return true;
+#endif
+
+  return 
+    native_functions_hash_oracle.replace(oracle_func_registry_array.elements(),
+                                         oracle_func_registry_array.count());
 }
 
 
 void item_create_cleanup()
 {
   native_functions_hash.cleanup();
+  native_functions_hash_oracle.cleanup();
 }
 
 
diff --git a/sql/item_create.h b/sql/item_create.h
index 80395960..ea32d661 100644
--- a/sql/item_create.h
+++ b/sql/item_create.h
@@ -324,6 +324,12 @@ public:
   bool init(size_t count);
   bool append(const Native_func_registry array[], size_t count);
   bool remove(const Native_func_registry array[], size_t count);
+  bool replace(const Native_func_registry array[], size_t count)
+  {
+    DBUG_ENTER("Native_functions_hash::replace");
+    remove(array, count);
+    DBUG_RETURN(append(array, count));
+  }
   void cleanup();
   /**
     Find the native function builder associated with a given function name.
@@ -335,6 +341,7 @@ public:
 };
 
 extern MYSQL_PLUGIN_IMPORT Native_functions_hash native_functions_hash;
+extern MYSQL_PLUGIN_IMPORT Native_functions_hash native_functions_hash_oracle;
 
 extern const Native_func_registry func_array[];
 extern const size_t func_array_length;
@@ -377,4 +384,3 @@ public:
 
 
 #endif
-
diff --git a/sql/item_func.cc b/sql/item_func.cc
index a2bc4752..dd056ac4 100644
--- a/sql/item_func.cc
+++ b/sql/item_func.cc
@@ -131,6 +131,16 @@ Item_args::Item_args(THD *thd, const Item_args *other)
 }
 
 
+void Item_func::wrong_param_count_error(const LEX_CSTRING &schema_name,
+                                        const LEX_CSTRING &func_name)
+{
+  DBUG_ASSERT(schema_name.length);
+  Database_qualified_name qname(schema_name, func_name);
+  my_error(ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT, MYF(0),
+           ErrConvDQName(&qname).ptr());
+}
+
+
 void Item_func::sync_with_sum_func_and_with_field(List<Item> &list)
 {
   List_iterator_fast<Item> li(list);
@@ -618,13 +628,12 @@ table_map Item_func::not_null_tables() const
 void Item_func::print(String *str, enum_query_type query_type)
 {
   str->append(func_name_cstring());
-  str->append('(');
-  print_args(str, 0, query_type);
-  str->append(')');
+  print_args_parenthesized(str, query_type);
 }
 
 
-void Item_func::print_args(String *str, uint from, enum_query_type query_type)
+void Item_func::print_args(String *str, uint from,
+                           enum_query_type query_type) const
 {
   for (uint i=from ; i < arg_count ; i++)
   {
@@ -1814,7 +1823,7 @@ void Item_func_neg::fix_length_and_dec_int()
     Use val() to get value as arg_type doesn't mean that item is
     Item_int or Item_float due to existence of Item_param.
   */
-  if (args[0]->const_item())
+  if (args[0]->const_item() && !args[0]->is_expensive())
   {
     longlong val= args[0]->val_int();
     if ((ulonglong) val >= (ulonglong) LONGLONG_MIN &&
@@ -2793,8 +2802,17 @@ bool Item_func_rand::fix_fields(THD *thd,Item **ref)
       No need to send a Rand log event if seed was given eg: RAND(seed),
       as it will be replicated in the query as such.
     */
+    DBUG_ASSERT((!rand &&
+                 (thd->active_stmt_arena_to_use()->
+                    is_stmt_prepare_or_first_stmt_execute() ||
+                  thd->active_stmt_arena_to_use()->
+                    is_conventional() ||
+                  thd->active_stmt_arena_to_use()->state ==
+                    Query_arena::STMT_SP_QUERY_ARGUMENTS
+                 )
+                ) || rand);
     if (!rand && !(rand= (struct my_rnd_struct*)
-                   thd->stmt_arena->alloc(sizeof(*rand))))
+                   thd->active_stmt_arena_to_use()->alloc(sizeof(*rand))))
       return TRUE;
   }
   else
@@ -4633,7 +4651,6 @@ user_var_entry *get_variable(HASH *hash, LEX_CSTRING *name,
     entry->length=0;
     entry->update_query_id=0;
     entry->set_charset(NULL);
-    entry->unsigned_flag= 0;
     /*
       If we are here, we were called from a SET or a query which sets a
       variable. Imagine it is this:
@@ -4645,7 +4662,7 @@ user_var_entry *get_variable(HASH *hash, LEX_CSTRING *name,
       by Item_func_get_user_var (because that's not necessary).
     */
     entry->used_query_id=current_thd->query_id;
-    entry->type=STRING_RESULT;
+    entry->set_handler(&type_handler_long_blob);
     memcpy((char*) entry->name.str, name->str, name->length+1);
     if (my_hash_insert(hash,(uchar*) entry))
     {
@@ -4721,9 +4738,12 @@ bool Item_func_set_user_var::fix_fields(THD *thd, Item **ref)
   switch (args[0]->result_type()) {
   case STRING_RESULT:
   case TIME_RESULT:
-    set_handler(type_handler_long_blob.
-                type_handler_adjusted_to_max_octet_length(max_length,
-                                                          collation.collation));
+    if (args[0]->field_type() == MYSQL_TYPE_GEOMETRY)
+      set_handler(args[0]->type_handler());
+    else
+      set_handler(type_handler_long_blob.
+                  type_handler_adjusted_to_max_octet_length(max_length,
+                                                            collation.collation));
     break;
   case REAL_RESULT:
     set_handler(&type_handler_double);
@@ -4848,9 +4868,9 @@ bool Item_func_set_user_var::register_field_in_bitmap(void *arg)
 
 bool
 update_hash(user_var_entry *entry, bool set_null, void *ptr, size_t length,
-            Item_result type, CHARSET_INFO *cs,
-            bool unsigned_arg)
+            const Type_handler *th, CHARSET_INFO *cs)
 {
+  entry->set_handler(th);
   if (set_null)
   {
     char *pos= (char*) entry+ ALIGN_SIZE(sizeof(user_var_entry));
@@ -4861,7 +4881,7 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, size_t length,
   }
   else
   {
-    if (type == STRING_RESULT)
+    if (th->result_type() == STRING_RESULT)
       length++;					// Store strings with end \0
     if (length <= extra_size)
     {
@@ -4890,20 +4910,18 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, size_t length,
 	  return 1;
       }
     }
-    if (type == STRING_RESULT)
+    if (th->result_type() == STRING_RESULT)
     {
       length--;					// Fix length change above
       entry->value[length]= 0;			// Store end \0
     }
     if (length)
       memmove(entry->value, ptr, length);
-    if (type == DECIMAL_RESULT)
+    if (th->result_type() == DECIMAL_RESULT)
       ((my_decimal*)entry->value)->fix_buffer_pointer();
     entry->length= length;
     entry->set_charset(cs);
-    entry->unsigned_flag= unsigned_arg;
   }
-  entry->type=type;
 #ifdef USER_VAR_TRACKING
 #ifndef EMBEDDED_LIBRARY
   THD *thd= current_thd;
@@ -4916,9 +4934,8 @@ update_hash(user_var_entry *entry, bool set_null, void *ptr, size_t length,
 
 bool
 Item_func_set_user_var::update_hash(void *ptr, size_t length,
-                                    Item_result res_type,
-                                    CHARSET_INFO *cs,
-                                    bool unsigned_arg)
+                                    const Type_handler *th,
+                                    CHARSET_INFO *cs)
 {
   /*
     If we set a variable explicitly to NULL then keep the old
@@ -4932,9 +4949,8 @@ Item_func_set_user_var::update_hash(void *ptr, size_t length,
   else
     null_value= args[0]->null_value;
   if (null_value && null_item)
-    res_type= m_var_entry->type;                 // Don't change type of item
-  if (::update_hash(m_var_entry, null_value,
-                    ptr, length, res_type, cs, unsigned_arg))
+    th= m_var_entry->type_handler(); // Don't change type of item
+  if (::update_hash(m_var_entry, null_value, ptr, length, th, cs))
   {
     null_value= 1;
     return 1;
@@ -4950,7 +4966,7 @@ double user_var_entry::val_real(bool *null_value)
   if ((*null_value= (value == 0)))
     return 0.0;
 
-  switch (type) {
+  switch (type_handler()->result_type()) {
   case REAL_RESULT:
     return *(double*) value;
   case INT_RESULT:
@@ -4975,7 +4991,7 @@ longlong user_var_entry::val_int(bool *null_value) const
   if ((*null_value= (value == 0)))
     return 0;
 
-  switch (type) {
+  switch (type_handler()->result_type()) {
   case REAL_RESULT:
     return (longlong) *(double*) value;
   case INT_RESULT:
@@ -5004,12 +5020,12 @@ String *user_var_entry::val_str(bool *null_value, String *str,
   if ((*null_value= (value == 0)))
     return (String*) 0;
 
-  switch (type) {
+  switch (type_handler()->result_type()) {
   case REAL_RESULT:
     str->set_real(*(double*) value, decimals, charset());
     break;
   case INT_RESULT:
-    if (!unsigned_flag)
+    if (!type_handler()->is_unsigned())
       str->set(*(longlong*) value, charset());
     else
       str->set(*(ulonglong*) value, charset());
@@ -5036,7 +5052,7 @@ my_decimal *user_var_entry::val_decimal(bool *null_value, my_decimal *val)
   if ((*null_value= (value == 0)))
     return 0;
 
-  switch (type) {
+  switch (type_handler()->result_type()) {
   case REAL_RESULT:
     double2my_decimal(E_DEC_FATAL_ERROR, *(double*) value, val);
     break;
@@ -5175,33 +5191,37 @@ Item_func_set_user_var::update()
   case REAL_RESULT:
   {
     res= update_hash((void*) &save_result.vreal,sizeof(save_result.vreal),
-		     REAL_RESULT, &my_charset_numeric, 0);
+		     &type_handler_double, &my_charset_numeric);
     break;
   }
   case INT_RESULT:
   {
     res= update_hash((void*) &save_result.vint, sizeof(save_result.vint),
-                     INT_RESULT, &my_charset_numeric, unsigned_flag);
+                     unsigned_flag ? (Type_handler *) &type_handler_ulonglong :
+                                     (Type_handler *) &type_handler_slonglong,
+                     &my_charset_numeric);
     break;
   }
   case STRING_RESULT:
   {
     if (!save_result.vstr)					// Null value
-      res= update_hash((void*) 0, 0, STRING_RESULT, &my_charset_bin, 0);
+      res= update_hash((void*) 0, 0, &type_handler_long_blob, &my_charset_bin);
     else
       res= update_hash((void*) save_result.vstr->ptr(),
-		       save_result.vstr->length(), STRING_RESULT,
-		       save_result.vstr->charset(), 0);
+                       save_result.vstr->length(),
+                       field_type() == MYSQL_TYPE_GEOMETRY ?
+                       type_handler() : &type_handler_long_blob,
+                       save_result.vstr->charset());
     break;
   }
   case DECIMAL_RESULT:
   {
     if (!save_result.vdec)					// Null value
-      res= update_hash((void*) 0, 0, DECIMAL_RESULT, &my_charset_bin, 0);
+      res= update_hash((void*) 0, 0, &type_handler_newdecimal, &my_charset_bin);
     else
       res= update_hash((void*) save_result.vdec,
-                       sizeof(my_decimal), DECIMAL_RESULT,
-                       &my_charset_numeric, 0);
+                       sizeof(my_decimal), &type_handler_newdecimal,
+                       &my_charset_numeric);
     break;
   }
   case ROW_RESULT:
@@ -5593,9 +5613,8 @@ get_var_with_binlog(THD *thd, enum_sql_command sql_command,
   user_var_event->value= (char*) user_var_event +
     ALIGN_SIZE(sizeof(BINLOG_USER_VAR_EVENT));
   user_var_event->user_var_event= var_entry;
-  user_var_event->type= var_entry->type;
+  user_var_event->th= var_entry->type_handler();
   user_var_event->charset_number= var_entry->charset()->number;
-  user_var_event->unsigned_flag= var_entry->unsigned_flag;
   if (!var_entry->value)
   {
     /* NULL value*/
@@ -5637,9 +5656,9 @@ bool Item_func_get_user_var::fix_length_and_dec(THD *thd)
   */
   if (likely(!error && m_var_entry))
   {
-    unsigned_flag= m_var_entry->unsigned_flag;
+    unsigned_flag= m_var_entry->type_handler()->is_unsigned();
     max_length= (uint32)m_var_entry->length;
-    switch (m_var_entry->type) {
+    switch (m_var_entry->type_handler()->result_type()) {
     case REAL_RESULT:
       collation.set(&my_charset_numeric, DERIVATION_NUMERIC);
       fix_char_length(DBL_DIG + 8);
@@ -5658,6 +5677,8 @@ bool Item_func_get_user_var::fix_length_and_dec(THD *thd)
       collation.set(m_var_entry->charset(), DERIVATION_IMPLICIT);
       max_length= MAX_BLOB_WIDTH - 1;
       set_handler(&type_handler_long_blob);
+      if (m_var_entry->type_handler()->field_type() == MYSQL_TYPE_GEOMETRY)
+        set_handler(m_var_entry->type_handler());
       break;
     case DECIMAL_RESULT:
       collation.set(&my_charset_numeric, DERIVATION_NUMERIC);
@@ -5730,7 +5751,7 @@ bool Item_user_var_as_out_param::fix_fields(THD *thd, Item **ref)
   DBUG_ASSERT(thd->lex->exchange);
   if (!(entry= get_variable(&thd->user_vars, &org_name, 1)))
     return TRUE;
-  entry->type= STRING_RESULT;
+  entry->set_handler(&type_handler_long_blob);
   /*
     Let us set the same collation which is used for loading
     of fields in LOAD DATA INFILE.
@@ -5746,15 +5767,14 @@ bool Item_user_var_as_out_param::fix_fields(THD *thd, Item **ref)
 
 void Item_user_var_as_out_param::set_null_value(CHARSET_INFO* cs)
 {
-  ::update_hash(entry, TRUE, 0, 0, STRING_RESULT, cs, 0 /* unsigned_arg */);
+  ::update_hash(entry, TRUE, 0, 0, &type_handler_long_blob, cs);
 }
 
 
 void Item_user_var_as_out_param::set_value(const char *str, uint length,
                                            CHARSET_INFO* cs)
 {
-  ::update_hash(entry, FALSE, (void*)str, length, STRING_RESULT, cs,
-                0 /* unsigned_arg */);
+  ::update_hash(entry, FALSE, (void*)str, length, &type_handler_long_blob, cs);
 }
 
 
diff --git a/sql/item_func.h b/sql/item_func.h
index 435875bd..1f185eff 100644
--- a/sql/item_func.h
+++ b/sql/item_func.h
@@ -55,8 +55,40 @@ protected:
   bool check_argument_types_can_return_date(uint start, uint end) const;
   bool check_argument_types_can_return_time(uint start, uint end) const;
   void print_cast_temporal(String *str, enum_query_type query_type);
+
+  void print_schema_qualified_name(String *to,
+                                   const LEX_CSTRING &schema_name,
+                                   const LEX_CSTRING &function_name) const
+  {
+    // e.g. oracle_schema.func()
+    to->append(schema_name);
+    to->append('.');
+    to->append(function_name);
+  }
+
+  void print_sql_mode_qualified_name(String *to,
+                                     enum_query_type query_type,
+                                     const LEX_CSTRING &function_name) const
+  {
+    const Schema *func_schema= schema();
+    if (!func_schema || func_schema == Schema::find_implied(current_thd))
+      to->append(function_name);
+    else
+      print_schema_qualified_name(to, func_schema->name(), function_name);
+  }
+
+  void print_sql_mode_qualified_name(String *to, enum_query_type query_type)
+                                                                       const
+  {
+    return print_sql_mode_qualified_name(to, query_type, func_name_cstring());
+  }
+
 public:
 
+  // Print an error message for a builtin-schema qualified function call
+  static void wrong_param_count_error(const LEX_CSTRING &schema_name,
+                                      const LEX_CSTRING &func_name);
+
   table_map not_null_tables_cache;
 
   enum Functype { UNKNOWN_FUNC,EQ_FUNC,EQUAL_FUNC,NE_FUNC,LT_FUNC,LE_FUNC,
@@ -79,6 +111,38 @@ public:
                   CASE_SEARCHED_FUNC, // Used by ColumnStore/Spider
                   CASE_SIMPLE_FUNC,   // Used by ColumnStore/spider,
                 };
+
+  /*
+    A function bitmap. Useful when some operation needs to be applied only
+    to certain functions. For now we only need to distinguish some
+    comparison predicates.
+  */
+  enum Bitmap : ulonglong
+  {
+    BITMAP_NONE= 0,
+    BITMAP_EQ=         1ULL << EQ_FUNC,
+    BITMAP_EQUAL=      1ULL << EQUAL_FUNC,
+    BITMAP_NE=         1ULL << NE_FUNC,
+    BITMAP_LT=         1ULL << LT_FUNC,
+    BITMAP_LE=         1ULL << LE_FUNC,
+    BITMAP_GE=         1ULL << GE_FUNC,
+    BITMAP_GT=         1ULL << GT_FUNC,
+    BITMAP_LIKE=       1ULL << LIKE_FUNC,
+    BITMAP_BETWEEN=    1ULL << BETWEEN,
+    BITMAP_IN=         1ULL << IN_FUNC,
+    BITMAP_MULT_EQUAL= 1ULL << MULT_EQUAL_FUNC,
+    BITMAP_OTHER=      1ULL << 63,
+    BITMAP_ALL=        0xFFFFFFFFFFFFFFFFULL,
+    BITMAP_ANY_EQUALITY= BITMAP_EQ | BITMAP_EQUAL | BITMAP_MULT_EQUAL,
+    BITMAP_EXCEPT_ANY_EQUALITY= BITMAP_ALL & ~BITMAP_ANY_EQUALITY,
+  };
+
+  ulonglong bitmap_bit() const
+  {
+    Functype type= functype();
+    return 1ULL << (type > 63 ? 63 : type);
+  }
+
   static scalar_comparison_op functype_to_scalar_comparison_op(Functype type)
   {
     switch (type) {
@@ -170,9 +234,15 @@ public:
                       List<Item> &fields, uint flags) override;
   void print(String *str, enum_query_type query_type) override;
   void print_op(String *str, enum_query_type query_type);
-  void print_args(String *str, uint from, enum_query_type query_type);
+  void print_args(String *str, uint from, enum_query_type query_type) const;
+  void print_args_parenthesized(String *str, enum_query_type query_type) const
+  {
+    str->append('(');
+    print_args(str, 0, query_type);
+    str->append(')');
+  }
   bool is_null() override
-  { 
+  {
     update_null_value();
     return null_value; 
   }
@@ -388,15 +458,6 @@ public:
     }
   }
   void convert_const_compared_to_int_field(THD *thd);
-  /**
-    Prepare arguments and setup a comparator.
-    Used in Item_func_xxx with two arguments and a comparator,
-    e.g. Item_bool_func2 and Item_func_nullif.
-    args[0] or args[1] can be modified:
-    - converted to character set and collation of the operation
-    - or replaced to an Item_int_with_ref
-  */
-  bool setup_args_and_comparator(THD *thd, Arg_comparator *cmp);
   Item_func *get_item_func() override { return this; }
   bool is_simplified_cond_processor(void *arg) override
   { return const_item() && !val_int(); }
@@ -3386,8 +3447,8 @@ public:
   String *str_result(String *str) override;
   my_decimal *val_decimal_result(my_decimal *) override;
   bool is_null_result() override;
-  bool update_hash(void *ptr, size_t length, enum Item_result type,
-                   CHARSET_INFO *cs, bool unsigned_arg);
+  bool update_hash(void *ptr, size_t length, const Type_handler *th,
+                   CHARSET_INFO *cs);
   bool send(Protocol *protocol, st_value *buffer) override;
   void make_send_field(THD *thd, Send_field *tmp_field) override;
   bool check(bool use_result_field);
@@ -4234,7 +4295,6 @@ double my_double_round(double value, longlong dec, bool dec_unsigned,
 extern bool volatile  mqh_used;
 
 bool update_hash(user_var_entry *entry, bool set_null, void *ptr, size_t length,
-                 Item_result type, CHARSET_INFO *cs,
-                 bool unsigned_arg);
+                 const Type_handler *th, CHARSET_INFO *cs);
 
 #endif /* ITEM_FUNC_INCLUDED */
diff --git a/sql/item_jsonfunc.cc b/sql/item_jsonfunc.cc
index 590fde88..97d7b89f 100644
--- a/sql/item_jsonfunc.cc
+++ b/sql/item_jsonfunc.cc
@@ -911,7 +911,7 @@ static int alloc_tmp_paths(THD *thd, uint n_paths,
   {
     if (*tmp_paths == 0)
     {
-      MEM_ROOT *root= thd->stmt_arena->mem_root;
+      MEM_ROOT *root= thd->active_stmt_arena_to_use()->mem_root;
 
       *paths= (json_path_with_flags *) alloc_root(root,
           sizeof(json_path_with_flags) * n_paths);
@@ -943,21 +943,47 @@ static void mark_constant_paths(json_path_with_flags *p,
 }
 
 
-bool Item_json_str_multipath::fix_fields(THD *thd, Item **ref)
+Item_json_str_multipath::~Item_json_str_multipath()
 {
-  return alloc_tmp_paths(thd, get_n_paths(), &paths, &tmp_paths) ||
-         Item_str_func::fix_fields(thd, ref);
+  if (tmp_paths)
+  {
+    for (uint i= n_paths; i>0; i--)
+      tmp_paths[i-1].free();
+  }
 }
 
 
-void Item_json_str_multipath::cleanup()
+bool Item_json_str_multipath::fix_fields(THD *thd, Item **ref)
 {
-  if (tmp_paths)
+  if (!tmp_paths)
   {
-    for (uint i= get_n_paths(); i>0; i--)
-      tmp_paths[i-1].free();
+    /*
+      Remember the number of paths and allocate required memory on first time
+      the method fix_fields() is invoked. For prepared statements the method
+      fix_fields can be called several times for the same item because its
+      clean up is performed every item a prepared statement finishing its
+      execution. In result, the data member fixed is reset and the method
+      fix_field() is invoked on next time the same prepared statement be
+      executed. On the other side, any memory allocations on behalf of
+      the prepared statement must be performed only once on its first execution.
+      The data member tmp_path is kind a guard to do these activities only once
+      on first time the method fix_field() is called.
+    */
+    n_paths= get_n_paths();
+
+    if (alloc_tmp_paths(thd, n_paths, &paths, &tmp_paths))
+      return true;
   }
-  Item_str_func::cleanup();
+
+#ifdef PROTECT_STATEMENT_MEMROOT
+  /*
+   Check that the number of paths remembered on first run of a statement
+   never changed later.
+  */
+  DBUG_ASSERT(n_paths == get_n_paths());
+#endif
+
+  return Item_str_func::fix_fields(thd, ref);
 }
 
 
@@ -1498,10 +1524,19 @@ return_null:
 
 bool Item_func_json_contains_path::fix_fields(THD *thd, Item **ref)
 {
-  return alloc_tmp_paths(thd, arg_count-2, &paths, &tmp_paths) ||
-         (p_found= (bool *) alloc_root(thd->mem_root,
-                                       (arg_count-2)*sizeof(bool))) == NULL ||
-         Item_int_func::fix_fields(thd, ref);
+  /*
+    See comments on Item_json_str_multipath::fix_fields regarding
+    the aim of the condition 'if (!tmp_paths)'.
+  */
+  if (!tmp_paths)
+  {
+    if (alloc_tmp_paths(thd, arg_count-2, &paths, &tmp_paths) ||
+        (p_found= (bool *) alloc_root(thd->active_stmt_arena_to_use()->mem_root,
+                                       (arg_count-2)*sizeof(bool))) == NULL)
+      return true;
+  }
+
+  return Item_int_func::fix_fields(thd, ref);
 }
 
 
@@ -1514,8 +1549,7 @@ bool Item_func_json_contains_path::fix_length_and_dec(THD *thd)
   return Item_bool_func::fix_length_and_dec(thd);
 }
 
-
-void Item_func_json_contains_path::cleanup()
+Item_func_json_contains_path::~Item_func_json_contains_path()
 {
   if (tmp_paths)
   {
@@ -1523,7 +1557,6 @@ void Item_func_json_contains_path::cleanup()
       tmp_paths[i-1].free();
     tmp_paths= 0;
   }
-  Item_int_func::cleanup();
 }
 
 
@@ -4088,6 +4121,13 @@ int Arg_comparator::compare_e_json_str_basic(Item *j, Item *s)
   return MY_TEST(sortcmp(res1, res2, compare_collation()) == 0);
 }
 
+bool Item_func_json_arrayagg::fix_fields(THD *thd, Item **ref)
+{
+  bool res= Item_func_group_concat::fix_fields(thd, ref);
+  m_tmp_json.set_charset(collation.collation);
+  return res;
+}
+
 
 String *Item_func_json_arrayagg::get_str_from_item(Item *i, String *tmp)
 {
diff --git a/sql/item_jsonfunc.h b/sql/item_jsonfunc.h
index 6f6b6a7a..1694013f 100644
--- a/sql/item_jsonfunc.h
+++ b/sql/item_jsonfunc.h
@@ -276,11 +276,26 @@ class Item_json_str_multipath: public Item_json_func
 protected:
   json_path_with_flags *paths;
   String *tmp_paths;
+private:
+  /**
+    Number of paths returned by calling virtual method get_n_paths() and
+    remembered inside fix_fields(). It is used by the virtual destructor
+    ~Item_json_str_multipath() to iterate along allocated memory chunks stored
+    in the array tmp_paths and free every of them. The virtual method
+    get_n_paths() can't be used for this goal from within virtual destructor.
+    We could get rid of the virtual method get_n_paths() and store the number
+    of paths directly in the constructor of classes derived from the class
+    Item_json_str_multipath but presence of the method get_n_paths() allows
+    to check invariant that the number of arguments not changed between
+    sequential runs of the same prepared statement that seems to be useful.
+  */
+  uint n_paths;
 public:
   Item_json_str_multipath(THD *thd, List<Item> &list):
-    Item_json_func(thd, list), tmp_paths(0) {}
+    Item_json_func(thd, list), paths(NULL), tmp_paths(0), n_paths(0) {}
+  virtual ~Item_json_str_multipath();
+
   bool fix_fields(THD *thd, Item **ref);
-  void cleanup();
   virtual uint get_n_paths() const = 0;
 };
 
@@ -347,6 +362,7 @@ protected:
 public:
   Item_func_json_contains_path(THD *thd, List<Item> &list):
     Item_bool_func(thd, list), tmp_paths(0) {}
+  virtual ~Item_func_json_contains_path();
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("json_contains_path") };
@@ -354,7 +370,6 @@ public:
   }
   bool fix_fields(THD *thd, Item **ref) override;
   bool fix_length_and_dec(THD *thd) override;
-  void cleanup() override;
   longlong val_int() override;
   Item *get_copy(THD *thd) override
   { return get_item_copy<Item_func_json_contains_path>(thd, this); }
@@ -717,6 +732,7 @@ public:
     static LEX_CSTRING name= {STRING_WITH_LEN("json_arrayagg(") };
     return name;
   }
+  bool fix_fields(THD *thd, Item **ref) override;
   enum Sumfunctype sum_func() const override { return JSON_ARRAYAGG_FUNC; }
 
   String* val_str(String *str) override;
diff --git a/sql/item_strfunc.cc b/sql/item_strfunc.cc
index 4bbf36ec..ce094bec 100644
--- a/sql/item_strfunc.cc
+++ b/sql/item_strfunc.cc
@@ -1184,8 +1184,7 @@ bool Item_func_reverse::fix_length_and_dec(THD *thd)
     Fix that this works with binary strings when using USE_MB 
 */
 
-String *Item_func_replace::val_str_internal(String *str,
-                                            String *empty_string_for_null)
+String *Item_func_replace::val_str_internal(String *str, bool null_to_empty)
 {
   DBUG_ASSERT(fixed());
   String *res,*res2,*res3;
@@ -1203,13 +1202,8 @@ String *Item_func_replace::val_str_internal(String *str,
   res=args[0]->val_str(str);
   if (args[0]->null_value)
     goto null;
-  res2=args[1]->val_str(&tmp_value);
-  if (args[1]->null_value)
-  {
-    if (!empty_string_for_null)
-      goto null;
-    res2= empty_string_for_null;
-  }
+  if (!(res2= args[1]->val_str_null_to_empty(&tmp_value, null_to_empty)))
+    goto null;
   res->set_charset(collation.collation);
 
 #ifdef USE_MB
@@ -1226,12 +1220,8 @@ String *Item_func_replace::val_str_internal(String *str,
   if (binary_cmp && (offset=res->strstr(*res2)) < 0)
     return res;
 #endif
-  if (!(res3=args[2]->val_str(&tmp_value2)))
-  {
-    if (!empty_string_for_null)
-      goto null;
-    res3= empty_string_for_null;
-  }
+  if (!(res3= args[2]->val_str_null_to_empty(&tmp_value2, null_to_empty)))
+    goto null;
   from_length= res2->length();
   to_length=   res3->length();
 
@@ -1314,7 +1304,7 @@ redo:
     }
     while ((offset=res->strstr(*res2,(uint) offset)) >= 0);
   }
-  if (empty_string_for_null && !res->length())
+  if (null_to_empty && !res->length())
     goto null;
 
   return res;
@@ -1638,20 +1628,22 @@ bool Item_func_regexp_replace::append_replacement(String *str,
 }
 
 
-String *Item_func_regexp_replace::val_str(String *str)
+String *Item_func_regexp_replace::val_str_internal(String *str,
+                                                   bool null_to_empty)
 {
   DBUG_ASSERT(fixed());
   char buff0[MAX_FIELD_WIDTH];
   char buff2[MAX_FIELD_WIDTH];
   String tmp0(buff0,sizeof(buff0),&my_charset_bin);
   String tmp2(buff2,sizeof(buff2),&my_charset_bin);
-  String *source= args[0]->val_str(&tmp0);
-  String *replace= args[2]->val_str(&tmp2);
+  String *source, *replace;
   LEX_CSTRING src, rpl;
   size_t startoffset= 0;
 
-  if ((null_value= (args[0]->null_value || args[2]->null_value ||
-                    re.recompile(args[1]))))
+  if ((null_value=
+        (!(source= args[0]->val_str(&tmp0)) ||
+         !(replace= args[2]->val_str_null_to_empty(&tmp2, null_to_empty)) ||
+         re.recompile(args[1]))))
     return (String *) 0;
 
   if (!(source= re.convert_if_needed(source, &re.subject_converter)) ||
@@ -2417,13 +2409,31 @@ bool Item_func_trim::fix_length_and_dec(THD *thd)
 
 void Item_func_trim::print(String *str, enum_query_type query_type)
 {
+  LEX_CSTRING suffix= {STRING_WITH_LEN("_oracle")};
   if (arg_count == 1)
   {
-    Item_func::print(str, query_type);
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(func_name_cstring());
+      if (schema() == &oracle_schema_ref)
+        str->append(suffix);
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type, func_name_cstring());
+    print_args_parenthesized(str, query_type);
     return;
   }
-  str->append(Item_func_trim::func_name_cstring());
-  str->append(func_name_ext());
+
+  if (query_type & QT_FOR_FRM)
+  {
+    // 10.3 downgrade compatibility for FRM
+    str->append(Item_func_trim::func_name_cstring());
+    if (schema() == &oracle_schema_ref)
+      str->append(suffix);
+  }
+  else
+    print_sql_mode_qualified_name(str, query_type, Item_func_trim::func_name_cstring());
   str->append('(');
   str->append(mode_name());
   str->append(' ');
@@ -3463,13 +3473,13 @@ String *Item_func_binlog_gtid_pos::val_str(String *str)
   String name_str, *name;
   longlong pos;
 
-  if (args[0]->null_value || args[1]->null_value)
-    goto err;
-
   name= args[0]->val_str(&name_str);
   pos= args[1]->val_int();
 
-  if (pos < 0 || pos > UINT_MAX32)
+  if (args[0]->null_value || args[1]->null_value)
+    goto err;
+
+  if (pos < 0 || pos > (longlong) UINT_MAX32)
     goto err;
 
   if (gtid_state_from_binlog_pos(name->c_ptr_safe(), (uint32)pos, str))
diff --git a/sql/item_strfunc.h b/sql/item_strfunc.h
index 3a3c5338..340847dd 100644
--- a/sql/item_strfunc.h
+++ b/sql/item_strfunc.h
@@ -307,6 +307,12 @@ protected:
 public:
   Item_func_concat(THD *thd, List<Item> &list): Item_str_func(thd, list) {}
   Item_func_concat(THD *thd, Item *a, Item *b): Item_str_func(thd, a, b) {}
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   String *val_str(String *) override;
   bool fix_length_and_dec(THD *thd) override;
   LEX_CSTRING func_name_cstring() const override
@@ -333,10 +339,17 @@ public:
    :Item_func_concat(thd, a, b)
   { }
   String *val_str(String *) override;
-  LEX_CSTRING func_name_cstring() const override
+  const Schema *schema() const override { return &oracle_schema_ref; }
+  void print(String *str, enum_query_type query_type) override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("concat_operator_oracle") };
-    return name;
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(STRING_WITH_LEN("concat_operator_oracle"));
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
   }
   Item *get_copy(THD *thd) override
   {
@@ -430,12 +443,19 @@ public:
 class Item_func_replace :public Item_str_func
 {
   String tmp_value,tmp_value2;
+protected:
+  String *val_str_internal(String *str, bool null_to_empty);
 public:
   Item_func_replace(THD *thd, Item *org, Item *find, Item *replace):
     Item_str_func(thd, org, find, replace) {}
-  String *val_str(String *to) override { return val_str_internal(to, NULL); };
+  String *val_str(String *to) override { return val_str_internal(to, false); };
   bool fix_length_and_dec(THD *thd) override;
-  String *val_str_internal(String *str, String *empty_string_for_null);
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("replace") };
@@ -453,11 +473,18 @@ public:
   Item_func_replace_oracle(THD *thd, Item *org, Item *find, Item *replace):
     Item_func_replace(thd, org, find, replace) {}
   String *val_str(String *to) override
-  { return val_str_internal(to, &tmp_emtpystr); };
-  LEX_CSTRING func_name_cstring() const override
+  { return val_str_internal(to, true); };
+  const Schema *schema() const override { return &oracle_schema_ref; }
+  void print(String *str, enum_query_type query_type) override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("replace_oracle") };
-    return name;
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(STRING_WITH_LEN("replace_oracle"));
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
   }
   Item *get_copy(THD *thd) override
   { return get_item_copy<Item_func_replace_oracle>(thd, this); }
@@ -470,10 +497,18 @@ class Item_func_regexp_replace :public Item_str_func
   bool append_replacement(String *str,
                           const LEX_CSTRING *source,
                           const LEX_CSTRING *replace);
+protected:
+  String *val_str_internal(String *str, bool null_to_empty);
 public:
   Item_func_regexp_replace(THD *thd, Item *a, Item *b, Item *c):
     Item_str_func(thd, a, b, c)
     {}
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   void cleanup() override
   {
     DBUG_ENTER("Item_func_regexp_replace::cleanup");
@@ -481,7 +516,10 @@ public:
     re.cleanup();
     DBUG_VOID_RETURN;
   }
-  String *val_str(String *str) override;
+  String *val_str(String *str) override
+  {
+    return val_str_internal(str, false);
+  }
   bool fix_length_and_dec(THD *thd) override;
   LEX_CSTRING func_name_cstring() const override
   {
@@ -492,6 +530,26 @@ public:
 };
 
 
+class Item_func_regexp_replace_oracle: public Item_func_regexp_replace
+{
+public:
+  Item_func_regexp_replace_oracle(THD *thd, Item *a, Item *b, Item *c)
+   :Item_func_regexp_replace(thd, a, b, c)
+  {}
+  const Schema *schema() const { return &oracle_schema_ref; }
+  bool fix_length_and_dec(THD *thd)
+  {
+    bool rc= Item_func_regexp_replace::fix_length_and_dec(thd);
+    set_maybe_null(); // Empty result is converted to NULL
+    return rc;
+  }
+  String *val_str(String *str)
+  {
+    return val_str_internal(str, true);
+  }
+};
+
+
 class Item_func_regexp_substr :public Item_str_func
 {
   Regexp_processor_pcre re;
@@ -621,8 +679,16 @@ public:
   Item_func_substr(THD *thd, Item *a, Item *b): Item_str_func(thd, a, b) {}
   Item_func_substr(THD *thd, Item *a, Item *b, Item *c):
     Item_str_func(thd, a, b, c) {}
+  Item_func_substr(THD *thd, List<Item> &list)
+    :Item_str_func(thd, list) {}
   String *val_str(String *) override;
   bool fix_length_and_dec(THD *thd) override;
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("substr") };
@@ -661,16 +727,25 @@ public:
     Item_func_substr(thd, a, b) {}
   Item_func_substr_oracle(THD *thd, Item *a, Item *b, Item *c):
     Item_func_substr(thd, a, b, c) {}
+  Item_func_substr_oracle(THD *thd, List<Item> &list)
+    :Item_func_substr(thd, list) {}
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_substr::fix_length_and_dec(thd);
     set_maybe_null();
     return res;
   }
-  LEX_CSTRING func_name_cstring() const override
+  const Schema *schema() const override { return &oracle_schema_ref; }
+  void print(String *str, enum_query_type query_type) override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("substr_oracle") };
-    return name;
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(STRING_WITH_LEN("substr_oracle"));
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
   }
   Item *get_copy(THD *thd) override
   { return get_item_copy<Item_func_substr_oracle>(thd, this); }
@@ -718,17 +793,13 @@ protected:
   {
     return trimmed_value(res, 0, res->length());
   }
-  virtual LEX_CSTRING func_name_ext() const
-  {
-    static LEX_CSTRING name_ext= {STRING_WITH_LEN("") };
-    return name_ext;
-  }
 public:
   Item_func_trim(THD *thd, Item *a, Item *b): Item_str_func(thd, a, b) {}
   Item_func_trim(THD *thd, Item *a): Item_str_func(thd, a) {}
   Sql_mode_dependency value_depends_on_sql_mode() const override;
   String *val_str(String *) override;
   bool fix_length_and_dec(THD *thd) override;
+  const Schema *schema() const override { return &mariadb_schema; }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("trim") };
@@ -746,20 +817,11 @@ class Item_func_trim_oracle :public Item_func_trim
 protected:
   String *make_empty_result(String *str) override
   { null_value= 1; return NULL; }
-  LEX_CSTRING func_name_ext() const override
-  {
-    static LEX_CSTRING name_ext= {STRING_WITH_LEN("_oracle") };
-    return name_ext;
-  }
 public:
   Item_func_trim_oracle(THD *thd, Item *a, Item *b):
     Item_func_trim(thd, a, b) {}
   Item_func_trim_oracle(THD *thd, Item *a): Item_func_trim(thd, a) {}
-  LEX_CSTRING func_name_cstring() const override
-  {
-    static LEX_CSTRING name= {STRING_WITH_LEN("trim_oracle") };
-    return name;
-  }
+  const Schema *schema() const override { return &oracle_schema_ref; }
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_trim::fix_length_and_dec(thd);
@@ -781,6 +843,7 @@ public:
     return Item_func::value_depends_on_sql_mode();
   }
   String *val_str(String *) override;
+  const Schema *schema() const override { return &mariadb_schema; }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("ltrim") };
@@ -798,20 +861,11 @@ class Item_func_ltrim_oracle :public Item_func_ltrim
 protected:
   String *make_empty_result(String *str) override
   { null_value= 1; return NULL; }
-  LEX_CSTRING func_name_ext() const override
-  {
-    static LEX_CSTRING name_ext= {STRING_WITH_LEN("_oracle") };
-    return name_ext;
-  }
 public:
   Item_func_ltrim_oracle(THD *thd, Item *a, Item *b):
     Item_func_ltrim(thd, a, b) {}
   Item_func_ltrim_oracle(THD *thd, Item *a): Item_func_ltrim(thd, a) {}
-  LEX_CSTRING func_name_cstring() const override
-  {
-    static LEX_CSTRING name= {STRING_WITH_LEN("ltrim_oracle") };
-    return name;
-  }
+  const Schema *schema() const override { return &oracle_schema_ref; }
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_ltrim::fix_length_and_dec(thd);
@@ -829,6 +883,7 @@ public:
   Item_func_rtrim(THD *thd, Item *a, Item *b): Item_func_trim(thd, a, b) {}
   Item_func_rtrim(THD *thd, Item *a): Item_func_trim(thd, a) {}
   String *val_str(String *) override;
+  const Schema *schema() const override { return &mariadb_schema; }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("rtrim") };
@@ -846,20 +901,11 @@ class Item_func_rtrim_oracle :public Item_func_rtrim
 protected:
   String *make_empty_result(String *str) override
   { null_value= 1; return NULL; }
-  LEX_CSTRING func_name_ext() const override
-  {
-    static LEX_CSTRING name_ext= {STRING_WITH_LEN("_oracle") };
-    return name_ext;
-  }
 public:
   Item_func_rtrim_oracle(THD *thd, Item *a, Item *b):
     Item_func_rtrim(thd, a, b) {}
   Item_func_rtrim_oracle(THD *thd, Item *a): Item_func_rtrim(thd, a) {}
-  LEX_CSTRING func_name_cstring() const override
-  {
-    static LEX_CSTRING name= {STRING_WITH_LEN("rtrim_oracle") };
-    return name;
-  }
+  const Schema *schema() const override { return &oracle_schema_ref; }
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_rtrim::fix_length_and_dec(thd);
@@ -1032,6 +1078,12 @@ class Item_func_decode :public Item_func_encode
 {
 public:
   Item_func_decode(THD *thd, Item *a, Item *seed_arg): Item_func_encode(thd, a, seed_arg) {}
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("decode") };
@@ -1402,6 +1454,8 @@ public:
     Item_str_func(thd, arg1, arg2, arg3) {}
   Item_func_pad(THD *thd, Item *arg1, Item *arg2):
     Item_str_func(thd, arg1, arg2) {}
+  Item_func_pad(THD *thd, List<Item> &list):
+    Item_str_func(thd,list) {}
   bool fix_length_and_dec(THD *thd) override;
 };
 
@@ -1413,7 +1467,15 @@ public:
     Item_func_pad(thd, arg1, arg2, arg3) {}
   Item_func_rpad(THD *thd, Item *arg1, Item *arg2):
     Item_func_pad(thd, arg1, arg2) {}
+  Item_func_rpad(THD *thd, List<Item> &list):
+    Item_func_pad(thd,list) {}
   String *val_str(String *) override;
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("rpad") };
@@ -1434,16 +1496,25 @@ public:
     Item_func_rpad(thd, arg1, arg2, arg3) {}
   Item_func_rpad_oracle(THD *thd, Item *arg1, Item *arg2):
     Item_func_rpad(thd, arg1, arg2) {}
+  Item_func_rpad_oracle(THD *thd, List<Item> &list):
+    Item_func_rpad(thd,list) {}
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_rpad::fix_length_and_dec(thd);
     set_maybe_null();
     return res;
   }
-  LEX_CSTRING func_name_cstring() const override
+  const Schema *schema() const override { return &oracle_schema_ref; }
+  void print(String *str, enum_query_type query_type) override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("rpad_oracle") };
-    return name;
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(STRING_WITH_LEN("rpad_oracle"));
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
   }
   Item *get_copy(THD *thd) override
   { return get_item_copy<Item_func_rpad_oracle>(thd, this); }
@@ -1457,7 +1528,15 @@ public:
     Item_func_pad(thd, arg1, arg2, arg3) {}
   Item_func_lpad(THD *thd, Item *arg1, Item *arg2):
     Item_func_pad(thd, arg1, arg2) {}
+  Item_func_lpad(THD *thd, List<Item> &list):
+    Item_func_pad(thd,list) {}
   String *val_str(String *) override;
+  const Schema *schema() const override { return &mariadb_schema; }
+  void print(String *str, enum_query_type query_type) override
+  {
+    print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
+  }
   LEX_CSTRING func_name_cstring() const override
   {
     static LEX_CSTRING name= {STRING_WITH_LEN("lpad") };
@@ -1477,16 +1556,25 @@ public:
     Item_func_lpad(thd, arg1, arg2, arg3) {}
   Item_func_lpad_oracle(THD *thd, Item *arg1, Item *arg2):
     Item_func_lpad(thd, arg1, arg2) {}
+  Item_func_lpad_oracle(THD *thd, List<Item> &list):
+    Item_func_lpad(thd,list) {}
   bool fix_length_and_dec(THD *thd) override
   {
     bool res= Item_func_lpad::fix_length_and_dec(thd);
     set_maybe_null();
     return res;
   }
-  LEX_CSTRING func_name_cstring() const override
+  const Schema *schema() const override { return &oracle_schema_ref; }
+  void print(String *str, enum_query_type query_type) override
   {
-    static LEX_CSTRING name= {STRING_WITH_LEN("lpad_oracle") };
-    return name;
+    if (query_type & QT_FOR_FRM)
+    {
+      // 10.3 downgrade compatibility for FRM
+      str->append(STRING_WITH_LEN("lpad_oracle"));
+    }
+    else
+      print_sql_mode_qualified_name(str, query_type);
+    print_args_parenthesized(str, query_type);
   }
   Item *get_copy(THD *thd) override
   { return get_item_copy<Item_func_lpad_oracle>(thd, this); }
@@ -1732,6 +1820,9 @@ public:
     collation.set(args[0]->collation);
     ulonglong max_result_length= (ulonglong) args[0]->max_length * 2 +
                                   2 * collation.collation->mbmaxlen;
+    // NULL argument is returned as a string "NULL" without quotes
+    if (args[0]->maybe_null())
+      set_if_bigger(max_result_length, 4 * collation.collation->mbmaxlen);
     max_length= (uint32) MY_MIN(max_result_length, MAX_BLOB_WIDTH);
     return FALSE;
   }
diff --git a/sql/item_subselect.cc b/sql/item_subselect.cc
index 8b473278..7d1a72b9 100644
--- a/sql/item_subselect.cc
+++ b/sql/item_subselect.cc
@@ -3281,8 +3281,12 @@ bool Item_exists_subselect::exists2in_processor(void *opt_arg)
           if (eqs.at(i).outer_exp->
               walk(&Item::find_item_processor, TRUE, upper->item))
             break;
+        DBUG_ASSERT(thd->stmt_arena->is_stmt_prepare_or_first_stmt_execute() ||
+                    thd->stmt_arena->is_conventional());
+        DBUG_ASSERT(thd->stmt_arena->mem_root == thd->mem_root);
         if (i == (uint)eqs.elements() &&
-            (in_subs->upper_refs.push_back(upper, thd->stmt_arena->mem_root)))
+            (in_subs->upper_refs.push_back(
+               upper, thd->mem_root)))
           goto out;
       }
     }
@@ -3989,14 +3993,14 @@ bool subselect_union_engine::fix_length_and_dec(Item_cache **row)
 
   if (unit->first_select()->item_list.elements == 1)
   {
-    if (set_row(unit->types, row))
+    if (set_row(unit->item_list, row))
       return TRUE;
     item->collation.set(row[0]->collation);
   }
   else
   {
     bool maybe_null_saved= maybe_null;
-    if (set_row(unit->types, row))
+    if (set_row(unit->item_list, row))
       return TRUE;
     maybe_null= maybe_null_saved;
   }
diff --git a/sql/item_sum.cc b/sql/item_sum.cc
index bbd09a59..bcaf229d 100644
--- a/sql/item_sum.cc
+++ b/sql/item_sum.cc
@@ -1296,9 +1296,14 @@ void Item_sum_min_max::setup_hybrid(THD *thd, Item *item, Item *value_arg)
   /* Don't cache value, as it will change */
   if (!item->const_item())
     arg_cache->set_used_tables(RAND_TABLE_BIT);
+  DBUG_ASSERT(item->type_handler_for_comparison() ==
+              value->type_handler_for_comparison());
+  DBUG_ASSERT(item->type_handler_for_comparison() ==
+              arg_cache->type_handler_for_comparison());
   cmp= new (thd->mem_root) Arg_comparator();
   if (cmp)
-    cmp->set_cmp_func(thd, this, (Item**)&arg_cache, (Item**)&value, FALSE);
+    cmp->set_cmp_func(thd, this, item->type_handler_for_comparison(),
+                      (Item**)&arg_cache, (Item**)&value, FALSE);
   DBUG_VOID_RETURN;
 }
 
@@ -4287,8 +4292,14 @@ Item_func_group_concat::fix_fields(THD *thd, Item **ref)
     char *buf;
     String *new_separator;
 
-    if (!(buf= (char*) thd->stmt_arena->alloc(buflen)) ||
-        !(new_separator= new(thd->stmt_arena->mem_root)
+    DBUG_ASSERT(thd->active_stmt_arena_to_use()->
+                  is_stmt_prepare_or_first_stmt_execute() ||
+                thd->active_stmt_arena_to_use()->
+                  is_conventional() ||
+                thd->active_stmt_arena_to_use()->state ==
+                  Query_arena::STMT_SP_QUERY_ARGUMENTS);
+    if (!(buf= (char*) thd->active_stmt_arena_to_use()->alloc(buflen)) ||
+        !(new_separator= new(thd->active_stmt_arena_to_use()->mem_root)
                            String(buf, buflen, collation.collation)))
       return TRUE;
     
diff --git a/sql/item_timefunc.cc b/sql/item_timefunc.cc
index b624a381..db38e44d 100644
--- a/sql/item_timefunc.cc
+++ b/sql/item_timefunc.cc
@@ -3080,6 +3080,13 @@ void Item_char_typecast::print(String *str, enum_query_type query_type)
   {
     str->append(STRING_WITH_LEN(" charset "));
     str->append(cast_cs->cs_name);
+    /*
+      Print the "binary" keyword in cases like:
+        CAST('str' AS CHAR CHARACTER SET latin1 BINARY)
+    */
+    if ((cast_cs->state & MY_CS_BINSORT) &&
+        Charset(cast_cs).can_have_collate_clause())
+      str->append(STRING_WITH_LEN(" binary"));
   }
   str->append(')');
 }
diff --git a/sql/key.cc b/sql/key.cc
index 4e40a335..93b172c3 100644
--- a/sql/key.cc
+++ b/sql/key.cc
@@ -609,7 +609,7 @@ int key_rec_cmp(void *key_p, uchar *first_rec, uchar *second_rec)
       }
       /*
         No null values in the fields
-        We use the virtual method cmp_max with a max length parameter.
+        We use the virtual method cmp_prefix with a max length parameter.
         For most field types this translates into a cmp without
         max length. The exceptions are the BLOB and VARCHAR field types
         that take the max length into account.
diff --git a/sql/lex.h b/sql/lex.h
index 89e055a4..b1f5718d 100644
--- a/sql/lex.h
+++ b/sql/lex.h
@@ -79,9 +79,9 @@ SYMBOL symbols[] = {
   { "AT",		SYM(AT_SYM)},
   { "ATOMIC",		SYM(ATOMIC_SYM)},
   { "AUTHORS",	        SYM(AUTHORS_SYM)},
+  { "AUTO",             SYM(AUTO_SYM)},
   { "AUTO_INCREMENT",	SYM(AUTO_INC)},
   { "AUTOEXTEND_SIZE",	SYM(AUTOEXTEND_SIZE_SYM)},
-  { "AUTO",	        SYM(AUTO_SYM)},
   { "AVG",		SYM(AVG_SYM)},
   { "AVG_ROW_LENGTH",	SYM(AVG_ROW_LENGTH)},
   { "BACKUP",	        SYM(BACKUP_SYM)},
@@ -428,7 +428,6 @@ SYMBOL symbols[] = {
   { "NCHAR",		SYM(NCHAR_SYM)},
   { "NESTED",		SYM(NESTED_SYM)},
   { "NEVER",		SYM(NEVER_SYM)},
-  { "NEW",              SYM(NEW_SYM)},
   { "NEXT",		SYM(NEXT_SYM)},
   { "NEXTVAL",		SYM(NEXTVAL_SYM)},
   { "NO",		SYM(NO_SYM)},
@@ -686,7 +685,6 @@ SYMBOL symbols[] = {
   { "TRUE",		SYM(TRUE_SYM)},
   { "TRUNCATE",		SYM(TRUNCATE_SYM)},
   { "TYPE",		SYM(TYPE_SYM)},
-  { "TYPES",		SYM(TYPES_SYM)},
   { "UNBOUNDED",        SYM(UNBOUNDED_SYM)},
   { "UNCOMMITTED",	SYM(UNCOMMITTED_SYM)},
   { "UNDEFINED",	SYM(UNDEFINED_SYM)},
@@ -752,7 +750,6 @@ SYMBOL symbols[] = {
 
 SYMBOL sql_functions[] = {
   { "ADDDATE",		SYM(ADDDATE_SYM)},
-  { "ADD_MONTHS",	SYM(ADD_MONTHS_SYM)},
   { "BIT_AND",		SYM(BIT_AND)},
   { "BIT_OR",		SYM(BIT_OR)},
   { "BIT_XOR",		SYM(BIT_XOR)},
@@ -763,7 +760,6 @@ SYMBOL sql_functions[] = {
   { "CURTIME",		SYM(CURTIME)},
   { "DATE_ADD",		SYM(DATE_ADD_INTERVAL)},
   { "DATE_SUB",		SYM(DATE_SUB_INTERVAL)},
-  { "DATE_FORMAT",      SYM(DATE_FORMAT_SYM)},
   { "DENSE_RANK",       SYM(DENSE_RANK_SYM)},
   { "EXTRACT",		SYM(EXTRACT_SYM)},
   { "FIRST_VALUE",      SYM(FIRST_VALUE_SYM)},
diff --git a/sql/log.cc b/sql/log.cc
index d3879aad..4b9e5ebc 100644
--- a/sql/log.cc
+++ b/sql/log.cc
@@ -1457,7 +1457,7 @@ bool LOGGER::slow_log_print(THD *thd, const char *query, size_t query_length,
     query_utime= (current_utime - thd->start_utime);
     lock_utime=  (thd->utime_after_lock - thd->start_utime);
     my_hrtime_t current_time= { hrtime_from_time(thd->start_time) +
-                                thd->start_time_sec_part + query_utime };
+                                thd->start_time_sec_part };
 
     if (!query || thd->get_command() == COM_STMT_PREPARE)
     {
@@ -2539,6 +2539,23 @@ bool MYSQL_BIN_LOG::check_write_error(THD *thd)
 }
 
 
+/*
+  Check if there was an error while writing the statement cache.
+  If the cache content is corrupt due to an error, we should write an incident
+  event to the binlog rather than write corrupt data to it.
+*/
+bool
+MYSQL_BIN_LOG::check_cache_error(THD *thd, binlog_cache_data *cache_data)
+{
+  if (!cache_data)
+    return false;
+  if (check_write_error(thd))
+    return true;
+  if (!cache_data->empty() && cache_data->cache_log.error)
+    return true;
+  return false;
+}
+
 /**
   @note
   How do we handle this (unlikely but legal) case:
@@ -3796,7 +3813,6 @@ bool MYSQL_BIN_LOG::open(const char *log_name,
                          bool null_created_arg,
                          bool need_mutex)
 {
-  File file= -1;
   xid_count_per_binlog *new_xid_list_entry= NULL, *b;
   DBUG_ENTER("MYSQL_BIN_LOG::open");
 
@@ -4192,8 +4208,6 @@ err:
   sql_print_error(fatal_log_error, (name) ? name : log_name, tmp_errno);
   if (new_xid_list_entry)
     delete new_xid_list_entry;
-  if (file >= 0)
-    mysql_file_close(file, MYF(0));
   close(LOG_CLOSE_INDEX);
   DBUG_RETURN(1);
 }
@@ -5465,8 +5479,6 @@ int MYSQL_BIN_LOG::new_file_without_locking()
 /**
   Start writing to a new log file or reopen the old file.
 
-  @param need_lock		Set to 1 if caller has not locked LOCK_log
-
   @retval
     nonzero - error
 
@@ -6269,12 +6281,13 @@ bool THD::binlog_write_table_map(TABLE *table, bool with_annotate)
   int error= 1;
   bool is_transactional= table->file->row_logging_has_trans;
   DBUG_ENTER("THD::binlog_write_table_map");
-  DBUG_PRINT("enter", ("table: %p  (%s: #%lu)",
+  DBUG_PRINT("enter", ("table: %p  (%s: #%llu)",
                        table, table->s->table_name.str,
                        table->s->table_map_id));
 
   /* Pre-conditions */
-  DBUG_ASSERT(table->s->table_map_id != ULONG_MAX);
+  DBUG_ASSERT((table->s->table_map_id & MAX_TABLE_MAP_ID) != UINT32_MAX &&
+              (table->s->table_map_id & MAX_TABLE_MAP_ID) != 0);
 
   /* Ensure that all events in a GTID group are in the same cache */
   if (variables.option_bits & OPTION_GTID_BEGIN)
@@ -6315,7 +6328,7 @@ write_err:
     engines, data is written to table but writing to binary log failed. In
     these scenarios rollback is not possible. Hence report an incident.
   */
-  if (mysql_bin_log.check_write_error(this) && cache_data &&
+  if (mysql_bin_log.check_cache_error(this, cache_data) &&
       lex->stmt_accessed_table(LEX::STMT_WRITES_NON_TRANS_TABLE) &&
       table->current_lock == F_WRLCK)
     cache_data->set_incident();
@@ -6447,20 +6460,37 @@ MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD *thd,
     /*
       Write pending event to the cache.
     */
+#ifndef DBUG_OFF
+    bool clear_dbug= false;
+#endif
     DBUG_EXECUTE_IF("simulate_disk_full_at_flush_pending",
-                    {DBUG_SET("+d,simulate_file_write_error");});
+                    {
+                      if (my_b_tell(&cache_data->cache_log) > 10000)
+                      {
+                        DBUG_SET("+d,simulate_file_write_error");
+                        clear_dbug= true;
+                      }
+                    });
     if (writer.write(pending))
     {
       set_write_error(thd, is_transactional);
-      if (check_write_error(thd) && cache_data &&
+      if (check_cache_error(thd, cache_data) &&
           stmt_has_updated_non_trans_table(thd))
         cache_data->set_incident();
       delete pending;
       cache_data->set_pending(NULL);
       DBUG_EXECUTE_IF("simulate_disk_full_at_flush_pending",
-                      {DBUG_SET("-d,simulate_file_write_error");});
+                      {
+                        if (clear_dbug)
+                          DBUG_SET("-d,simulate_file_write_error");
+                      });
       DBUG_RETURN(1);
     }
+    DBUG_EXECUTE_IF("simulate_disk_full_at_flush_pending",
+                    {
+                      if (clear_dbug)
+                        DBUG_SET("-d,simulate_file_write_error");
+                    });
 
     delete pending;
   }
@@ -6950,18 +6980,12 @@ bool MYSQL_BIN_LOG::write(Log_event *event_info, my_bool *with_annotate)
             BINLOG_USER_VAR_EVENT *user_var_event;
             get_dynamic(&thd->user_var_events,(uchar*) &user_var_event, i);
 
-            /* setting flags for user var log event */
-            uchar flags= User_var_log_event::UNDEF_F;
-            if (user_var_event->unsigned_flag)
-              flags|= User_var_log_event::UNSIGNED_F;
-
             User_var_log_event e(thd, user_var_event->user_var_event->name.str,
                                  user_var_event->user_var_event->name.length,
                                  user_var_event->value,
                                  user_var_event->length,
-                                 user_var_event->type,
-                                 user_var_event->charset_number,
-                                 flags,
+                            user_var_event->th->user_var_log_event_data_type(
+                               user_var_event->charset_number),
                                  using_trans,
                                  direct);
             if (write_event(&e, cache_data, file))
@@ -7057,7 +7081,7 @@ err:
     if (unlikely(error))
     {
       set_write_error(thd, is_trans_cache);
-      if (check_write_error(thd) && cache_data &&
+      if (check_cache_error(thd, cache_data) &&
           stmt_has_updated_non_trans_table(thd))
         cache_data->set_incident();
     }
@@ -8751,13 +8775,10 @@ MYSQL_BIN_LOG::trx_group_commit_leader(group_commit_entry *leader)
 
     DEBUG_SYNC(leader->thd, "commit_loop_entry_commit_ordered");
     ++num_commits;
+    set_current_thd(current->thd);
     if (current->cache_mngr->using_xa && likely(!current->error) &&
         !DBUG_IF("skip_commit_ordered"))
-    {
-      mysql_mutex_lock(&current->thd->LOCK_thd_data);
       run_commit_ordered(current->thd, current->all);
-      mysql_mutex_unlock(&current->thd->LOCK_thd_data);
-    }
     current->thd->wakeup_subsequent_commits(current->error);
 
     /*
@@ -8774,6 +8795,7 @@ MYSQL_BIN_LOG::trx_group_commit_leader(group_commit_entry *leader)
     }
     current= next;
   }
+  set_current_thd(leader->thd);
   DEBUG_SYNC(leader->thd, "commit_after_group_run_commit_ordered");
   mysql_mutex_unlock(&LOCK_commit_ordered);
   DEBUG_SYNC(leader->thd, "commit_after_group_release_commit_ordered");
@@ -8794,6 +8816,20 @@ MYSQL_BIN_LOG::write_transaction_or_stmt(group_commit_entry *entry,
 
   DBUG_ENTER("MYSQL_BIN_LOG::write_transaction_or_stmt");
 
+  /*
+    An error in the trx_cache will truncate the cache to the last good
+    statement, it won't leave a lingering error. Assert that this holds.
+  */
+  DBUG_ASSERT(!(entry->using_trx_cache && !mngr->trx_cache.empty() &&
+                mngr->get_binlog_cache_log(TRUE)->error));
+  /*
+    An error in the stmt_cache would be caught on the higher level and result
+    in an incident event being written over a (possibly corrupt) cache content.
+    Assert that this holds.
+  */
+  DBUG_ASSERT(!(entry->using_stmt_cache && !mngr->stmt_cache.empty() &&
+                mngr->get_binlog_cache_log(FALSE)->error));
+
   if (write_gtid_event(entry->thd, is_prepared_xa(entry->thd),
                        entry->using_trx_cache, commit_id,
                        has_xid, entry->ro_1pc))
@@ -11136,7 +11172,7 @@ Recovery_context::Recovery_context() :
   prev_event_pos(0),
   last_gtid_standalone(false), last_gtid_valid(false), last_gtid_no2pc(false),
   last_gtid_engines(0),
-  do_truncate(rpl_semi_sync_slave_enabled),
+  do_truncate(repl_semisync_slave.get_slave_enabled()),
   truncate_validated(false), truncate_reset_done(false),
   truncate_set_in_1st(false), id_binlog(MAX_binlog_id),
   checksum_alg(BINLOG_CHECKSUM_ALG_UNDEF), gtid_maybe_to_truncate(NULL)
@@ -11945,14 +11981,21 @@ set_binlog_snapshot_file(const char *src)
 void
 TC_LOG_BINLOG::set_status_variables(THD *thd)
 {
-  binlog_cache_mngr *cache_mngr;
+  bool have_snapshot= false;
 
   if (thd && opt_bin_log)
-    cache_mngr= (binlog_cache_mngr*) thd_get_ha_data(thd, binlog_hton);
-  else
-    cache_mngr= 0;
+  {
+    mysql_mutex_lock(&thd->LOCK_thd_data);
+    auto cache_mngr= (binlog_cache_mngr*) thd_get_ha_data(thd, binlog_hton);
+    have_snapshot= cache_mngr && cache_mngr->last_commit_pos_file[0];
+    if (have_snapshot)
+    {
+      set_binlog_snapshot_file(cache_mngr->last_commit_pos_file);
+      binlog_snapshot_position= cache_mngr->last_commit_pos_offset;
+    }
+    mysql_mutex_unlock(&thd->LOCK_thd_data);
+  }
 
-  bool have_snapshot= (cache_mngr && cache_mngr->last_commit_pos_file[0] != 0);
   mysql_mutex_lock(&LOCK_commit_ordered);
   binlog_status_var_num_commits= this->num_commits;
   binlog_status_var_num_group_commits= this->num_group_commits;
@@ -11967,12 +12010,6 @@ TC_LOG_BINLOG::set_status_variables(THD *thd)
   binlog_status_group_commit_trigger_timeout= this->group_commit_trigger_timeout;
   binlog_status_group_commit_trigger_lock_wait= this->group_commit_trigger_lock_wait;
   mysql_mutex_unlock(&LOCK_prepare_ordered);
-
-  if (have_snapshot)
-  {
-    set_binlog_snapshot_file(cache_mngr->last_commit_pos_file);
-    binlog_snapshot_position= cache_mngr->last_commit_pos_offset;
-  }
 }
 
 
@@ -12083,6 +12120,15 @@ IO_CACHE *wsrep_get_cache(THD * thd, bool is_transactional)
   return NULL;
 }
 
+bool wsrep_is_binlog_cache_empty(THD *thd)
+{
+  binlog_cache_mngr *cache_mngr=
+      (binlog_cache_mngr *) thd_get_ha_data(thd, binlog_hton);
+  if (cache_mngr)
+    return cache_mngr->trx_cache.empty() && cache_mngr->stmt_cache.empty();
+  return true;
+}
+
 void wsrep_thd_binlog_trx_reset(THD * thd)
 {
   DBUG_ENTER("wsrep_thd_binlog_trx_reset");
@@ -12143,12 +12189,9 @@ void wsrep_register_binlog_handler(THD *thd, bool trx)
     /*
       Set an implicit savepoint in order to be able to truncate a trx-cache.
     */
-    if (cache_mngr->trx_cache.get_prev_position() == MY_OFF_T_UNDEF)
-    {
-      my_off_t pos= 0;
-      binlog_trans_log_savepos(thd, &pos);
-      cache_mngr->trx_cache.set_prev_position(pos);
-    }
+    my_off_t pos= 0;
+    binlog_trans_log_savepos(thd, &pos);
+    cache_mngr->trx_cache.set_prev_position(pos);
 
     /*
       Set callbacks in order to be able to call commmit or rollback.
diff --git a/sql/log.h b/sql/log.h
index c20f0fe5..ae813f75 100644
--- a/sql/log.h
+++ b/sql/log.h
@@ -824,6 +824,7 @@ public:
   int  write_cache(THD *thd, IO_CACHE *cache);
   void set_write_error(THD *thd, bool is_transactional);
   bool check_write_error(THD *thd);
+  bool check_cache_error(THD *thd, binlog_cache_data *cache_data);
 
   void start_union_events(THD *thd, query_id_t query_id_param);
   void stop_union_events(THD *thd);
@@ -1253,6 +1254,7 @@ static inline TC_LOG *get_tc_log_implementation()
 
 #ifdef WITH_WSREP
 IO_CACHE* wsrep_get_cache(THD *, bool);
+bool wsrep_is_binlog_cache_empty(THD *);
 void wsrep_thd_binlog_trx_reset(THD * thd);
 void wsrep_thd_binlog_stmt_rollback(THD * thd);
 #endif /* WITH_WSREP */
diff --git a/sql/log_event.cc b/sql/log_event.cc
index 5e255646..336b032f 100644
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -915,7 +915,8 @@ int Log_event::read_log_event(IO_CACHE* file, String* packet,
 
 Log_event* Log_event::read_log_event(IO_CACHE* file,
                                      const Format_description_log_event *fdle,
-                                     my_bool crc_check)
+                                     my_bool crc_check,
+                                     my_bool print_errors)
 {
   DBUG_ENTER("Log_event::read_log_event(IO_CACHE*,Format_description_log_event*...)");
   DBUG_ASSERT(fdle != 0);
@@ -954,8 +955,12 @@ Log_event* Log_event::read_log_event(IO_CACHE* file,
       goto err;
   }
 
+  /*
+    print_errors is false to prevent redundant error messages cluttering up the
+    log, as it will be printed below (if _our_ print_errors is true)
+  */
   if ((res= read_log_event((uchar*) event.ptr(), event.length(),
-                           &error, fdle, crc_check)))
+                           &error, fdle, crc_check, false)))
     res->register_temp_buf((uchar*) event.release(), true);
 
 err:
@@ -966,13 +971,7 @@ err:
     if (force_opt)
       DBUG_RETURN(new Unknown_log_event());
 #endif
-    if (event.length() >= OLD_HEADER_LEN)
-      sql_print_error("Error in Log_event::read_log_event(): '%s',"
-                      " data_len: %lu, event_type: %u", error,
-                      (ulong) uint4korr(&event[EVENT_LEN_OFFSET]),
-                      (uint) (uchar)event[EVENT_TYPE_OFFSET]);
-    else
-      sql_print_error("Error in Log_event::read_log_event(): '%s'", error);
+
     /*
       The SQL slave thread will check if file->error<0 to know
       if there was an I/O error. Even if there is no "low-level" I/O errors
@@ -982,6 +981,19 @@ err:
       only corrupt the slave's databases. So stop.
     */
     file->error= -1;
+
+#ifndef MYSQL_CLIENT
+    if (!print_errors)
+      DBUG_RETURN(res);
+#endif
+
+    if (event.length() >= OLD_HEADER_LEN)
+      sql_print_error("Error in Log_event::read_log_event(): '%s',"
+                      " data_len: %lu, event_type: %u", error,
+                      (ulong) uint4korr(&event[EVENT_LEN_OFFSET]),
+                      (uint) (uchar)event[EVENT_TYPE_OFFSET]);
+    else
+      sql_print_error("Error in Log_event::read_log_event(): '%s'", error);
   }
   DBUG_RETURN(res);
 }
@@ -995,7 +1007,8 @@ err:
 Log_event* Log_event::read_log_event(const uchar *buf, uint event_len,
                                      const char **error,
                                      const Format_description_log_event *fdle,
-                                     my_bool crc_check)
+                                     my_bool crc_check,
+                                     my_bool print_errors)
 {
   Log_event* ev;
   enum enum_binlog_checksum_alg alg;
@@ -1063,7 +1076,8 @@ Log_event* Log_event::read_log_event(const uchar *buf, uint event_len,
       DBUG_RETURN(NULL);
 #else
     *error= ER_THD_OR_DEFAULT(current_thd, ER_BINLOG_READ_EVENT_CHECKSUM_FAILURE);
-    sql_print_error("%s", *error);
+    if (print_errors)
+      sql_print_error("%s", *error);
     DBUG_RETURN(NULL);
 #endif
   }
@@ -2928,6 +2942,41 @@ XA_prepare_log_event(const uchar *buf,
   User_var_log_event methods
 **************************************************************************/
 
+bool Log_event_data_type::unpack_optional_attributes(const char *pos,
+                                                     const char *end)
+
+{
+  for ( ; pos < end; )
+  {
+    switch (*pos) {
+    case CHUNK_SIGNED:
+      m_is_unsigned= false;
+      pos++;
+      continue;
+    case CHUNK_UNSIGNED:
+      m_is_unsigned= true;
+      pos++;
+      continue;
+    case CHUNK_DATA_TYPE_NAME:
+      {
+        pos++;
+        if (pos >= end)
+          return true;
+        uint length= (uchar) *pos++;
+        if (pos + length > end)
+          return true;
+        m_data_type_name= {pos, length};
+        pos+= length;
+        continue;
+      }
+    default:
+      break; // Unknown chunk
+    }
+  }
+  return false;
+}
+
+
 User_var_log_event::
 User_var_log_event(const uchar *buf, uint event_len,
                    const Format_description_log_event* description_event)
@@ -2937,7 +2986,8 @@ User_var_log_event(const uchar *buf, uint event_len,
 #endif
 {
   bool error= false;
-  const uchar *buf_start= buf, *buf_end= buf + event_len;
+  const uchar *const buf_start= buf;
+  const char *buf_end= reinterpret_cast<const char*>(buf) + event_len;
 
   /* The Post-Header is empty. The Variable Data part begins immediately. */
   buf+= description_event->common_header_len +
@@ -2965,11 +3015,8 @@ User_var_log_event(const uchar *buf, uint event_len,
 
   buf+= UV_NAME_LEN_SIZE + name_len;
   is_null= (bool) *buf;
-  flags= User_var_log_event::UNDEF_F;    // defaults to UNDEF_F
   if (is_null)
   {
-    type= STRING_RESULT;
-    charset_number= my_charset_bin.number;
     val_len= 0;
     val= 0;  
   }
@@ -2984,8 +3031,8 @@ User_var_log_event(const uchar *buf, uint event_len,
       goto err;
     }
 
-    type= (Item_result) buf[UV_VAL_IS_NULL];
-    charset_number= uint4korr(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE);
+    m_type= (Item_result) buf[UV_VAL_IS_NULL];
+    m_charset_number= uint4korr(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE);
     val_len= uint4korr(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE +
                        UV_CHARSET_NUMBER_SIZE);
 
@@ -2998,20 +3045,14 @@ User_var_log_event(const uchar *buf, uint event_len,
       the flags value.
 
       Old events will not have this extra byte, thence,
-      we keep the flags set to UNDEF_F.
+      we keep m_is_unsigned==false.
     */
-    size_t bytes_read= (val + val_len) - (char*) buf_start;
-    if (bytes_read > event_len)
+    const char *pos= val + val_len;
+    if (pos > buf_end || unpack_optional_attributes(pos, buf_end))
     {
       error= true;
       goto err;
     }
-    if ((data_written - bytes_read) > 0)
-    {
-      flags= (uint) *(buf + UV_VAL_IS_NULL + UV_VAL_TYPE_SIZE +
-                    UV_CHARSET_NUMBER_SIZE + UV_VAL_LEN_SIZE +
-                    val_len);
-    }
   }
 
 err:
@@ -3305,7 +3346,7 @@ Rows_log_event::Rows_log_event(const uchar *buf, uint event_len,
   }
   else
   {
-    m_table_id= (ulong) uint6korr(post_start);
+    m_table_id= (ulonglong) uint6korr(post_start);
     post_start+= RW_FLAGS_OFFSET;
   }
 
@@ -3660,11 +3701,12 @@ Table_map_log_event::Table_map_log_event(const uchar *buf, uint event_len,
   else
   {
     DBUG_ASSERT(post_header_len == TABLE_MAP_HEADER_LEN);
-    m_table_id= (ulong) uint6korr(post_start);
+    m_table_id= (ulonglong) uint6korr(post_start);
     post_start+= TM_FLAGS_OFFSET;
   }
 
-  DBUG_ASSERT(m_table_id != ~0ULL);
+  DBUG_ASSERT((m_table_id & MAX_TABLE_MAP_ID) != UINT32_MAX &&
+              (m_table_id & MAX_TABLE_MAP_ID) != 0);
 
   m_flags= uint2korr(post_start);
 
diff --git a/sql/log_event.h b/sql/log_event.h
index 67e06d70..f6101eb7 100644
--- a/sql/log_event.h
+++ b/sql/log_event.h
@@ -57,6 +57,8 @@
 
 #include "rpl_gtid.h"
 
+#include "log_event_data_type.h"
+
 /* Forward declarations */
 #ifndef MYSQL_CLIENT
 class String;
@@ -156,6 +158,12 @@ class String;
 
 #define NUM_LOAD_DELIM_STRS 5
 
+/*
+  The following is the max table_map_id. This is limited by that we
+  are using 6 bytes for it in replication
+*/
+#define MAX_TABLE_MAP_ID ((1ULL << (6*8)) -1)
+
 /*****************************************************************************
 
   MySQL Binary Log
@@ -1379,7 +1387,8 @@ public:
   static Log_event* read_log_event(IO_CACHE* file,
                                    const Format_description_log_event
                                    *description_event,
-                                   my_bool crc_check);
+                                   my_bool crc_check,
+                                   my_bool print_errors= 1);
 
   /**
     Reads an event from a binlog or relay log. Used by the dump thread
@@ -1523,7 +1532,8 @@ public:
   static Log_event* read_log_event(const uchar *buf, uint event_len,
 				   const char **error,
                                    const Format_description_log_event
-                                   *description_event, my_bool crc_check);
+                                   *description_event, my_bool crc_check,
+                                   my_bool print_errors= 1);
   /**
     Returns the human readable name of the given event type.
   */
@@ -3338,33 +3348,27 @@ private:
   @section User_var_log_event_binary_format Binary Format  
 */
 
-class User_var_log_event: public Log_event
+
+class User_var_log_event: public Log_event, public Log_event_data_type
 {
 public:
-  enum {
-    UNDEF_F= 0,
-    UNSIGNED_F= 1
-  };
   const char *name;
   size_t name_len;
   const char *val;
   size_t val_len;
-  Item_result type;
-  uint charset_number;
   bool is_null;
-  uchar flags;
 #ifdef MYSQL_SERVER
   bool deferred;
   query_id_t query_id;
   User_var_log_event(THD* thd_arg, const char *name_arg, size_t name_len_arg,
                      const char *val_arg, size_t val_len_arg,
-                     Item_result type_arg,
-		     uint charset_number_arg, uchar flags_arg,
+                     const Log_event_data_type &data_type,
                      bool using_trans, bool direct)
     :Log_event(thd_arg, 0, using_trans),
+    Log_event_data_type(data_type),
     name(name_arg), name_len(name_len_arg), val(val_arg),
-    val_len(val_len_arg), type(type_arg), charset_number(charset_number_arg),
-    flags(flags_arg), deferred(false)
+    val_len(val_len_arg),
+    deferred(false)
     {
       is_null= !val;
       if (direct)
@@ -4865,7 +4869,8 @@ public:
   flag_set get_flags(flag_set flag) const { return m_flags & flag; }
 
 #ifdef MYSQL_SERVER
-  Table_map_log_event(THD *thd, TABLE *tbl, ulong tid, bool is_transactional);
+  Table_map_log_event(THD *thd, TABLE *tbl, ulonglong tid,
+                      bool is_transactional);
 #endif
 #ifdef HAVE_REPLICATION
   Table_map_log_event(const uchar *buf, uint event_len,
@@ -5191,7 +5196,7 @@ protected:
      this class, not create instances of this class.
   */
 #ifdef MYSQL_SERVER
-  Rows_log_event(THD*, TABLE*, ulong table_id,
+  Rows_log_event(THD*, TABLE*, ulonglong table_id,
 		 MY_BITMAP const *cols, bool is_transactional,
 		 Log_event_type event_type);
 #endif
@@ -5425,7 +5430,7 @@ public:
   };
 
 #if defined(MYSQL_SERVER)
-  Write_rows_log_event(THD*, TABLE*, ulong table_id,
+  Write_rows_log_event(THD*, TABLE*, ulonglong table_id,
                        bool is_transactional);
 #endif
 #ifdef HAVE_REPLICATION
@@ -5466,7 +5471,7 @@ class Write_rows_compressed_log_event : public Write_rows_log_event
 {
 public:
 #if defined(MYSQL_SERVER)
-  Write_rows_compressed_log_event(THD*, TABLE*, ulong table_id,
+  Write_rows_compressed_log_event(THD*, TABLE*, ulonglong table_id,
                        bool is_transactional);
   virtual bool write();
 #endif
@@ -5502,7 +5507,7 @@ public:
   };
 
 #ifdef MYSQL_SERVER
-  Update_rows_log_event(THD*, TABLE*, ulong table_id,
+  Update_rows_log_event(THD*, TABLE*, ulonglong table_id,
                         bool is_transactional);
 
   void init(MY_BITMAP const *cols);
@@ -5554,7 +5559,7 @@ class Update_rows_compressed_log_event : public Update_rows_log_event
 {
 public:
 #if defined(MYSQL_SERVER)
-  Update_rows_compressed_log_event(THD*, TABLE*, ulong table_id,
+  Update_rows_compressed_log_event(THD*, TABLE*, ulonglong table_id,
                         bool is_transactional);
   virtual bool write();
 #endif
@@ -5598,7 +5603,7 @@ public:
   };
 
 #ifdef MYSQL_SERVER
-  Delete_rows_log_event(THD*, TABLE*, ulong, bool is_transactional);
+  Delete_rows_log_event(THD*, TABLE*, ulonglong, bool is_transactional);
 #endif
 #ifdef HAVE_REPLICATION
   Delete_rows_log_event(const uchar *buf, uint event_len,
@@ -5639,7 +5644,8 @@ class Delete_rows_compressed_log_event : public Delete_rows_log_event
 {
 public:
 #if defined(MYSQL_SERVER)
-  Delete_rows_compressed_log_event(THD*, TABLE*, ulong, bool is_transactional);
+  Delete_rows_compressed_log_event(THD*, TABLE*, ulonglong,
+                                   bool is_transactional);
   virtual bool write();
 #endif
 #ifdef HAVE_REPLICATION
diff --git a/sql/log_event_client.cc b/sql/log_event_client.cc
index 4ae8bffc..ddd62b08 100644
--- a/sql/log_event_client.cc
+++ b/sql/log_event_client.cc
@@ -1503,8 +1503,9 @@ bool Rows_log_event::print_verbose(IO_CACHE *file,
   if (!(map= print_event_info->m_table_map.get_table(m_table_id)) ||
       !(td= map->create_table_def()))
   {
-    return (my_b_printf(file, "### Row event for unknown table #%lu",
-                        (ulong) m_table_id));
+    char llbuff[22];
+    return (my_b_printf(file, "### Row event for unknown table #%s",
+                        ullstr(m_table_id, llbuff)));
   }
 
   /* If the write rows event contained no values for the AI */
@@ -2488,7 +2489,7 @@ bool User_var_log_event::print(FILE* file, PRINT_EVENT_INFO* print_event_info)
   }
   else
   {
-    switch (type) {
+    switch (m_type) {
     case REAL_RESULT:
       double real_val;
       char real_buf[FMT_G_BUFSIZE(14)];
@@ -2500,8 +2501,7 @@ bool User_var_log_event::print(FILE* file, PRINT_EVENT_INFO* print_event_info)
       break;
     case INT_RESULT:
       char int_buf[22];
-      longlong10_to_str(uint8korr(val), int_buf, 
-                        ((flags & User_var_log_event::UNSIGNED_F) ? 10 : -10));
+      longlong10_to_str(uint8korr(val), int_buf,  is_unsigned() ? 10 : -10);
       if (my_b_printf(&cache, ":=%s%s\n", int_buf,
                       print_event_info->delimiter))
         goto err;
@@ -2556,7 +2556,7 @@ bool User_var_log_event::print(FILE* file, PRINT_EVENT_INFO* print_event_info)
         people want to mysqlbinlog|mysql into another server not supporting the
         character set. But there's not much to do about this and it's unlikely.
       */
-      if (!(cs= get_charset(charset_number, MYF(0))))
+      if (!(cs= get_charset(m_charset_number, MYF(0))))
       {        /*
           Generate an unusable command (=> syntax error) is probably the best
           thing we can do here.
diff --git a/sql/log_event_data_type.h b/sql/log_event_data_type.h
new file mode 100644
index 00000000..e3b2039a
--- /dev/null
+++ b/sql/log_event_data_type.h
@@ -0,0 +1,74 @@
+/* Copyright (c) 2024, MariaDB Corporation.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */
+
+#ifndef LOG_EVENT_DATA_TYPE_H
+#define LOG_EVENT_DATA_TYPE_H
+
+class Log_event_data_type
+{
+public:
+
+  enum {
+    CHUNK_SIGNED= 0,
+    CHUNK_UNSIGNED= 1,
+    CHUNK_DATA_TYPE_NAME= 2
+  };
+
+protected:
+  LEX_CSTRING m_data_type_name;
+  Item_result m_type;
+  uint m_charset_number;
+  bool m_is_unsigned;
+
+public:
+
+  Log_event_data_type()
+   :m_data_type_name({NULL,0}),
+    m_type(STRING_RESULT),
+    m_charset_number(my_charset_bin.number),
+    m_is_unsigned(false)
+  { }
+
+  Log_event_data_type(const LEX_CSTRING &data_type_name_arg,
+                      Item_result type_arg,
+                      uint charset_number_arg,
+                      bool is_unsigned_arg)
+   :m_data_type_name(data_type_name_arg),
+    m_type(type_arg),
+    m_charset_number(charset_number_arg),
+    m_is_unsigned(is_unsigned_arg)
+  { }
+
+  const LEX_CSTRING & data_type_name() const
+  {
+    return m_data_type_name;
+  }
+  Item_result type() const
+  {
+    return m_type;
+  }
+  uint charset_number() const
+  {
+    return m_charset_number;
+  }
+  bool is_unsigned() const
+  {
+    return m_is_unsigned;
+  }
+
+  bool unpack_optional_attributes(const char *str, const char *end);
+};
+
+#endif // LOG_EVENT_DATA_TYPE_H
diff --git a/sql/log_event_old.cc b/sql/log_event_old.cc
index 19901035..c02c22f4 100644
--- a/sql/log_event_old.cc
+++ b/sql/log_event_old.cc
@@ -47,12 +47,12 @@ Old_rows_log_event::do_apply_event(Old_rows_log_event *ev, rpl_group_info *rgi)
   const Relay_log_info *rli= rgi->rli;
 
   /*
-    If m_table_id == ~0UL, then we have a dummy event that does not
+    If m_table_id == UINT32_MAX, then we have a dummy event that does not
     contain any data.  In that case, we just remove all tables in the
     tables_to_lock list, close the thread tables, and return with
     success.
    */
-  if (ev->m_table_id == ~0UL)
+  if (ev->m_table_id == UINT32_MAX)
   {
     /*
        This one is supposed to be set: just an extra check so that
@@ -1123,13 +1123,14 @@ int Update_rows_log_event_old::do_exec_row(TABLE *table)
 **************************************************************************/
 
 #ifndef MYSQL_CLIENT
-Old_rows_log_event::Old_rows_log_event(THD *thd_arg, TABLE *tbl_arg, ulong tid,
+Old_rows_log_event::Old_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
+                                       ulonglong table_id,
                                        MY_BITMAP const *cols,
                                        bool is_transactional)
   : Log_event(thd_arg, 0, is_transactional),
     m_row_count(0),
     m_table(tbl_arg),
-    m_table_id(tid),
+    m_table_id(table_id),
     m_width(tbl_arg ? tbl_arg->s->fields : 1),
     m_rows_buf(0), m_rows_cur(0), m_rows_end(0), m_flags(0) 
 #ifdef HAVE_REPLICATION
@@ -1142,12 +1143,12 @@ Old_rows_log_event::Old_rows_log_event(THD *thd_arg, TABLE *tbl_arg, ulong tid,
 
   /*
     We allow a special form of dummy event when the table, and cols
-    are null and the table id is ~0UL.  This is a temporary
+    are null and the table id is UINT32_MAX.  This is a temporary
     solution, to be able to terminate a started statement in the
     binary log: the extraneous events will be removed in the future.
    */
-  DBUG_ASSERT((tbl_arg && tbl_arg->s && tid != ~0UL) ||
-              (!tbl_arg && !cols && tid == ~0UL));
+  DBUG_ASSERT((tbl_arg && tbl_arg->s && table_id != UINT32_MAX) ||
+              (!tbl_arg && !cols && table_id == UINT32_MAX));
 
   if (thd_arg->variables.option_bits & OPTION_NO_FOREIGN_KEY_CHECKS)
       set_flags(NO_FOREIGN_KEY_CHECKS_F);
@@ -1208,7 +1209,7 @@ Old_rows_log_event::Old_rows_log_event(const uchar *buf, uint event_len,
   }
   else
   {
-    m_table_id= (ulong) uint6korr(post_start);
+    m_table_id= (ulonglong) uint6korr(post_start);
     post_start+= RW_FLAGS_OFFSET;
   }
 
@@ -1248,7 +1249,7 @@ Old_rows_log_event::Old_rows_log_event(const uchar *buf, uint event_len,
 
   const uchar* const ptr_rows_data= (const uchar*) ptr_after_width;
   size_t const data_size= event_len - (ptr_rows_data - (const uchar *) buf);
-  DBUG_PRINT("info",("m_table_id: %lu  m_flags: %d  m_width: %lu  data_size: %zu",
+  DBUG_PRINT("info",("m_table_id: %llu  m_flags: %d  m_width: %lu  data_size: %zu",
                      m_table_id, m_flags, m_width, data_size));
   DBUG_DUMP("rows_data", (uchar*) ptr_rows_data, data_size);
 
@@ -1362,12 +1363,12 @@ int Old_rows_log_event::do_apply_event(rpl_group_info *rgi)
   Relay_log_info const *rli= rgi->rli;
 
   /*
-    If m_table_id == ~0UL, then we have a dummy event that does not
+    If m_table_id == UINT32_MAX, then we have a dummy event that does not
     contain any data.  In that case, we just remove all tables in the
     tables_to_lock list, close the thread tables, and return with
     success.
    */
-  if (m_table_id == ~0UL)
+  if (m_table_id == UINT32_MAX)
   {
     /*
        This one is supposed to be set: just an extra check so that
@@ -1784,10 +1785,10 @@ bool Old_rows_log_event::write_data_header()
   // This method should not be reached.
   assert(0);
 
-  DBUG_ASSERT(m_table_id != ~0UL);
+  DBUG_ASSERT(m_table_id != UINT32_MAX);
   DBUG_EXECUTE_IF("old_row_based_repl_4_byte_map_id_master",
                   {
-                    int4store(buf + 0, m_table_id);
+                    int4store(buf + 0, (ulong) m_table_id);
                     int2store(buf + 4, m_flags);
                     return write_data(buf, 6);
                   });
@@ -1834,7 +1835,7 @@ void Old_rows_log_event::pack_info(Protocol *protocol)
   char const *const flagstr=
     get_flags(STMT_END_F) ? " flags: STMT_END_F" : "";
   size_t bytes= my_snprintf(buf, sizeof(buf),
-                               "table_id: %lu%s", m_table_id, flagstr);
+                               "table_id: %llu%s", m_table_id, flagstr);
   protocol->store(buf, bytes, &my_charset_bin);
 }
 #endif
@@ -1856,9 +1857,10 @@ bool Old_rows_log_event::print_helper(FILE *file,
 
   if (!print_event_info->short_form)
   {
+    char llbuff[22];
     if (print_header(head, print_event_info, !do_print_encoded) ||
-        my_b_printf(head, "\t%s: table id %lu%s\n",
-                    name, m_table_id,
+        my_b_printf(head, "\t%s: table id %s%s\n",
+                    name, ullstr(m_table_id, llbuff),
                     do_print_encoded ? " flags: STMT_END_F" : "") ||
         print_base64(body, print_event_info, do_print_encoded))
       goto err;
@@ -2398,7 +2400,7 @@ int Old_rows_log_event::find_row(rpl_group_info *rgi)
 #if !defined(MYSQL_CLIENT)
 Write_rows_log_event_old::Write_rows_log_event_old(THD *thd_arg,
                                                    TABLE *tbl_arg,
-                                                   ulong tid_arg,
+                                                   ulonglong tid_arg,
                                                    MY_BITMAP const *cols,
                                                    bool is_transactional)
   : Old_rows_log_event(thd_arg, tbl_arg, tid_arg, cols, is_transactional)
@@ -2510,7 +2512,7 @@ bool Write_rows_log_event_old::print(FILE *file,
 #ifndef MYSQL_CLIENT
 Delete_rows_log_event_old::Delete_rows_log_event_old(THD *thd_arg,
                                                      TABLE *tbl_arg,
-                                                     ulong tid,
+                                                     ulonglong tid,
                                                      MY_BITMAP const *cols,
                                                      bool is_transactional)
   : Old_rows_log_event(thd_arg, tbl_arg, tid, cols, is_transactional),
@@ -2618,7 +2620,7 @@ bool Delete_rows_log_event_old::print(FILE *file,
 #if !defined(MYSQL_CLIENT)
 Update_rows_log_event_old::Update_rows_log_event_old(THD *thd_arg,
                                                      TABLE *tbl_arg,
-                                                     ulong tid,
+                                                     ulonglong tid,
                                                      MY_BITMAP const *cols,
                                                      bool is_transactional)
   : Old_rows_log_event(thd_arg, tbl_arg, tid, cols, is_transactional),
diff --git a/sql/log_event_old.h b/sql/log_event_old.h
index e5aaacec..1afe9aba 100644
--- a/sql/log_event_old.h
+++ b/sql/log_event_old.h
@@ -131,7 +131,7 @@ public:
 
   MY_BITMAP const *get_cols() const { return &m_cols; }
   size_t get_width() const          { return m_width; }
-  ulong get_table_id() const        { return m_table_id; }
+  ulonglong get_table_id() const    { return m_table_id; }
 
 #ifndef MYSQL_CLIENT
   virtual bool write_data_header();
@@ -158,7 +158,7 @@ protected:
      this class, not create instances of this class.
   */
 #ifndef MYSQL_CLIENT
-  Old_rows_log_event(THD*, TABLE*, ulong table_id,
+  Old_rows_log_event(THD*, TABLE*, ulonglong table_id,
                      MY_BITMAP const *cols, bool is_transactional);
 #endif
   Old_rows_log_event(const uchar *row_data, uint event_len,
@@ -176,7 +176,7 @@ protected:
 #ifndef MYSQL_CLIENT
   TABLE *m_table;		/* The table the rows belong to */
 #endif
-  ulong       m_table_id;	/* Table ID */
+  ulonglong   m_table_id;	/* Table ID */
   MY_BITMAP   m_cols;		/* Bitmap denoting columns available */
   ulong       m_width;          /* The width of the columns bitmap */
 
@@ -359,7 +359,7 @@ class Write_rows_log_event_old : public Old_rows_log_event
   /********** BEGIN CUT & PASTE FROM Write_rows_log_event **********/
 public:
 #if !defined(MYSQL_CLIENT)
-  Write_rows_log_event_old(THD*, TABLE*, ulong table_id,
+  Write_rows_log_event_old(THD*, TABLE*, ulonglong table_id,
                            MY_BITMAP const *cols, bool is_transactional);
 #endif
 #ifdef HAVE_REPLICATION
@@ -430,7 +430,7 @@ class Update_rows_log_event_old : public Old_rows_log_event
   /********** BEGIN CUT & PASTE FROM Update_rows_log_event **********/
 public:
 #ifndef MYSQL_CLIENT
-  Update_rows_log_event_old(THD*, TABLE*, ulong table_id,
+  Update_rows_log_event_old(THD*, TABLE*, ulonglong table_id,
                             MY_BITMAP const *cols,
                             bool is_transactional);
 #endif
@@ -507,7 +507,7 @@ class Delete_rows_log_event_old : public Old_rows_log_event
   /********** BEGIN CUT & PASTE FROM Update_rows_log_event **********/
 public:
 #ifndef MYSQL_CLIENT
-  Delete_rows_log_event_old(THD*, TABLE*, ulong,
+  Delete_rows_log_event_old(THD*, TABLE*, ulonglong,
                             MY_BITMAP const *cols, bool is_transactional);
 #endif
 #ifdef HAVE_REPLICATION
diff --git a/sql/log_event_server.cc b/sql/log_event_server.cc
index 5cb15c1c..84a00b5d 100644
--- a/sql/log_event_server.cc
+++ b/sql/log_event_server.cc
@@ -918,6 +918,10 @@ int Log_event_writer::write_header(uchar *pos, size_t len)
 int Log_event_writer::write_data(const uchar *pos, size_t len)
 {
   DBUG_ENTER("Log_event_writer::write_data");
+
+  if (!len)
+    DBUG_RETURN(0);
+
   if (checksum_len)
     crc= my_checksum(crc, pos, len);
 
@@ -4561,11 +4565,16 @@ bool XA_prepare_log_event::write()
 #if defined(HAVE_REPLICATION)
 static bool
 user_var_append_name_part(THD *thd, String *buf,
-                          const char *name, size_t name_len)
+                          const char *name, size_t name_len,
+                          const LEX_CSTRING &data_type_name)
 {
   return buf->append('@') ||
     append_identifier(thd, buf, name, name_len) ||
-    buf->append('=');
+    buf->append('=') ||
+    (data_type_name.length &&
+     (buf->append(STRING_WITH_LEN("/*")) ||
+      buf->append(data_type_name.str, data_type_name.length) ||
+      buf->append(STRING_WITH_LEN("*/"))));
 }
 
 void User_var_log_event::pack_info(Protocol* protocol)
@@ -4575,14 +4584,15 @@ void User_var_log_event::pack_info(Protocol* protocol)
     char buf_mem[FN_REFLEN+7];
     String buf(buf_mem, sizeof(buf_mem), system_charset_info);
     buf.length(0);
-    if (user_var_append_name_part(protocol->thd, &buf, name, name_len) ||
+    if (user_var_append_name_part(protocol->thd, &buf, name, name_len,
+                                  m_data_type_name) ||
         buf.append(NULL_clex_str))
       return;
     protocol->store(buf.ptr(), buf.length(), &my_charset_bin);
   }
   else
   {
-    switch (type) {
+    switch (m_type) {
     case REAL_RESULT:
     {
       double real_val;
@@ -4591,7 +4601,8 @@ void User_var_log_event::pack_info(Protocol* protocol)
       String buf(buf_mem, sizeof(buf_mem), system_charset_info);
       float8get(real_val, val);
       buf.length(0);
-      if (user_var_append_name_part(protocol->thd, &buf, name, name_len) ||
+      if (user_var_append_name_part(protocol->thd, &buf, name, name_len,
+                                    m_data_type_name) ||
           buf.append(buf2, my_gcvt(real_val, MY_GCVT_ARG_DOUBLE,
                                    MY_GCVT_MAX_FIELD_WIDTH, buf2, NULL)))
         return;
@@ -4604,10 +4615,11 @@ void User_var_log_event::pack_info(Protocol* protocol)
       char buf_mem[FN_REFLEN + 22];
       String buf(buf_mem, sizeof(buf_mem), system_charset_info);
       buf.length(0);
-      if (user_var_append_name_part(protocol->thd, &buf, name, name_len) ||
+      if (user_var_append_name_part(protocol->thd, &buf, name, name_len,
+                                    m_data_type_name) ||
           buf.append(buf2,
                  longlong10_to_str(uint8korr(val), buf2,
-                   ((flags & User_var_log_event::UNSIGNED_F) ? 10 : -10))-buf2))
+                   (is_unsigned() ? 10 : -10))-buf2))
         return;
       protocol->store(buf.ptr(), buf.length(), &my_charset_bin);
       break;
@@ -4620,7 +4632,8 @@ void User_var_log_event::pack_info(Protocol* protocol)
       String str(buf2, sizeof(buf2), &my_charset_bin);
       buf.length(0);
       my_decimal((const uchar *) (val + 2), val[0], val[1]).to_string(&str);
-      if (user_var_append_name_part(protocol->thd, &buf, name, name_len) ||
+      if (user_var_append_name_part(protocol->thd, &buf, name, name_len,
+                                    m_data_type_name) ||
           buf.append(str))
         return;
       protocol->store(buf.ptr(), buf.length(), &my_charset_bin);
@@ -4636,7 +4649,7 @@ void User_var_log_event::pack_info(Protocol* protocol)
       String buf(buf_mem, sizeof(buf_mem), system_charset_info);
       CHARSET_INFO *cs;
       buf.length(0);
-      if (!(cs= get_charset(charset_number, MYF(0))))
+      if (!(cs= get_charset(m_charset_number, MYF(0))))
       {
         if (buf.append(STRING_WITH_LEN("???")))
           return;
@@ -4645,7 +4658,8 @@ void User_var_log_event::pack_info(Protocol* protocol)
       {
         size_t old_len;
         char *beg, *end;
-        if (user_var_append_name_part(protocol->thd, &buf, name, name_len) ||
+        if (user_var_append_name_part(protocol->thd, &buf, name, name_len,
+                                      m_data_type_name) ||
             buf.append('_') ||
             buf.append(cs->cs_name) ||
             buf.append(' '))
@@ -4693,10 +4707,10 @@ bool User_var_log_event::write()
   }    
   else
   {
-    buf1[1]= type;
-    int4store(buf1 + 2, charset_number);
+    buf1[1]= m_type;
+    int4store(buf1 + 2, m_charset_number);
 
-    switch (type) {
+    switch (m_type) {
     case REAL_RESULT:
       float8store(buf2, *(double*) val);
       break;
@@ -4726,15 +4740,28 @@ bool User_var_log_event::write()
     buf1_length= 10;
   }
 
+  uchar data_type_name_chunk_signature= (uchar) CHUNK_DATA_TYPE_NAME;
+  uint data_type_name_chunk_signature_length= m_data_type_name.length ? 1 : 0;
+  uchar data_type_name_length_length= m_data_type_name.length ? 1 : 0;
+
   /* Length of the whole event */
-  event_length= sizeof(buf)+ name_len + buf1_length + val_len + unsigned_len;
+  event_length= sizeof(buf)+ name_len + buf1_length + val_len + unsigned_len +
+                data_type_name_chunk_signature_length +
+                data_type_name_length_length +
+                (uint) m_data_type_name.length;
 
+  uchar unsig= m_is_unsigned ? CHUNK_UNSIGNED : CHUNK_SIGNED;
+  uchar data_type_name_length= (uchar) m_data_type_name.length;
   return write_header(event_length) ||
          write_data(buf, sizeof(buf))   ||
          write_data(name, name_len)     ||
          write_data(buf1, buf1_length) ||
          write_data(pos, val_len) ||
-         write_data(&flags, unsigned_len) ||
+         write_data(&unsig, unsigned_len) ||
+         write_data(&data_type_name_chunk_signature,
+                    data_type_name_chunk_signature_length) ||
+         write_data(&data_type_name_length, data_type_name_length_length) ||
+         write_data(m_data_type_name.str, (uint) m_data_type_name.length) ||
          write_footer();
 }
 
@@ -4758,7 +4785,7 @@ int User_var_log_event::do_apply_event(rpl_group_info *rgi)
     current_thd->query_id= query_id; /* recreating original time context */
   }
 
-  if (!(charset= get_charset(charset_number, MYF(MY_WME))))
+  if (!(charset= get_charset(m_charset_number, MYF(MY_WME))))
   {
     rgi->rli->report(ERROR_LEVEL, ER_SLAVE_FATAL_ERROR,
                 ER_THD(thd, ER_SLAVE_FATAL_ERROR),
@@ -4777,7 +4804,7 @@ int User_var_log_event::do_apply_event(rpl_group_info *rgi)
   }
   else
   {
-    switch (type) {
+    switch (m_type) {
     case REAL_RESULT:
       if (val_len != 8)
       {
@@ -4841,13 +4868,10 @@ int User_var_log_event::do_apply_event(rpl_group_info *rgi)
   if (e->fix_fields(thd, 0))
     DBUG_RETURN(1);
 
-  /*
-    A variable can just be considered as a table with
-    a single record and with a single column. Thus, like
-    a column value, it could always have IMPLICIT derivation.
-   */
-  e->update_hash((void*) val, val_len, type, charset,
-                 (flags & User_var_log_event::UNSIGNED_F));
+  const Type_handler *th= Type_handler::handler_by_log_event_data_type(thd,
+                                                                       *this);
+  e->update_hash((void*) val, val_len, th, charset);
+
   if (!is_deferred())
     free_root(thd->mem_root, 0);
   else
@@ -5575,13 +5599,14 @@ bool sql_ex_info::write_data(Log_event_writer *writer)
 	Rows_log_event member functions
 **************************************************************************/
 
-Rows_log_event::Rows_log_event(THD *thd_arg, TABLE *tbl_arg, ulong tid,
+Rows_log_event::Rows_log_event(THD *thd_arg, TABLE *tbl_arg,
+                               ulonglong table_id,
                                MY_BITMAP const *cols, bool is_transactional,
                                Log_event_type event_type)
   : Log_event(thd_arg, 0, is_transactional),
     m_row_count(0),
     m_table(tbl_arg),
-    m_table_id(tid),
+    m_table_id(table_id),
     m_width(tbl_arg ? tbl_arg->s->fields : 1),
     m_rows_buf(0), m_rows_cur(0), m_rows_end(0), m_flags(0),
     m_type(event_type), m_extra_row_data(0)
@@ -5593,12 +5618,13 @@ Rows_log_event::Rows_log_event(THD *thd_arg, TABLE *tbl_arg, ulong tid,
 {
   /*
     We allow a special form of dummy event when the table, and cols
-    are null and the table id is ~0UL.  This is a temporary
+    are null and the table id is UINT32_MAX.  This is a temporary
     solution, to be able to terminate a started statement in the
     binary log: the extraneous events will be removed in the future.
    */
-  DBUG_ASSERT((tbl_arg && tbl_arg->s && tid != ~0UL) ||
-              (!tbl_arg && !cols && tid == ~0UL));
+  DBUG_ASSERT((tbl_arg && tbl_arg->s &&
+               (table_id & MAX_TABLE_MAP_ID) != UINT32_MAX) ||
+              (!tbl_arg && !cols && (table_id & MAX_TABLE_MAP_ID) == UINT32_MAX));
 
   if (thd_arg->variables.option_bits & OPTION_NO_FOREIGN_KEY_CHECKS)
     set_flags(NO_FOREIGN_KEY_CHECKS_F);
@@ -5745,12 +5771,12 @@ int Rows_log_event::do_apply_event(rpl_group_info *rgi)
   LEX *lex= thd->lex;
   uint8 new_trg_event_map= get_trg_event_map();
   /*
-    If m_table_id == ~0ULL, then we have a dummy event that does not
+    If m_table_id == UINT32_MAX, then we have a dummy event that does not
     contain any data.  In that case, we just remove all tables in the
     tables_to_lock list, close the thread tables, and return with
     success.
    */
-  if (m_table_id == ~0ULL)
+  if (m_table_id == UINT32_MAX)
   {
     /*
        This one is supposed to be set: just an extra check so that
@@ -6412,10 +6438,10 @@ Rows_log_event::do_update_pos(rpl_group_info *rgi)
 bool Rows_log_event::write_data_header()
 {
   uchar buf[ROWS_HEADER_LEN_V2];        // No need to init the buffer
-  DBUG_ASSERT(m_table_id != ~0ULL);
+  DBUG_ASSERT(m_table_id != UINT32_MAX);
   DBUG_EXECUTE_IF("old_row_based_repl_4_byte_map_id_master",
                   {
-                    int4store(buf + 0, m_table_id);
+                    int4store(buf + 0, (ulong) m_table_id);
                     int2store(buf + 4, m_flags);
                     return (write_data(buf, 6));
                   });
@@ -6620,7 +6646,7 @@ int Table_map_log_event::save_field_metadata()
   Mats says tbl->s lives longer than this event so it's ok to copy pointers
   (tbl->s->db etc) and not pointer content.
  */
-Table_map_log_event::Table_map_log_event(THD *thd, TABLE *tbl, ulong tid,
+Table_map_log_event::Table_map_log_event(THD *thd, TABLE *tbl, ulonglong tid,
                                          bool is_transactional)
   : Log_event(thd, 0, is_transactional),
     m_table(tbl),
@@ -6643,7 +6669,7 @@ Table_map_log_event::Table_map_log_event(THD *thd, TABLE *tbl, ulong tid,
   uchar cbuf[MAX_INT_WIDTH];
   uchar *cbuf_end;
   DBUG_ENTER("Table_map_log_event::Table_map_log_event(TABLE)");
-  DBUG_ASSERT(m_table_id != ~0ULL);
+  DBUG_ASSERT(m_table_id != UINT32_MAX);
   /*
     In TABLE_SHARE, "db" and "table_name" are 0-terminated (see this comment in
     table.cc / alloc_table_share():
@@ -6929,7 +6955,7 @@ int Table_map_log_event::do_apply_event(rpl_group_info *rgi)
       char buf[256];
 
       my_snprintf(buf, sizeof(buf), 
-                  "Found table map event mapping table id %u which "
+                  "Found table map event mapping table id %llu which "
                   "was already mapped but with different settings.",
                   table_list->table_id);
 
@@ -6970,11 +6996,11 @@ int Table_map_log_event::do_update_pos(rpl_group_info *rgi)
 
 bool Table_map_log_event::write_data_header()
 {
-  DBUG_ASSERT(m_table_id != ~0ULL);
+  DBUG_ASSERT(m_table_id != UINT32_MAX);
   uchar buf[TABLE_MAP_HEADER_LEN];
   DBUG_EXECUTE_IF("old_row_based_repl_4_byte_map_id_master",
                   {
-                    int4store(buf + 0, m_table_id);
+                    int4store(buf + 0, (ulong) m_table_id);
                     int2store(buf + 4, m_flags);
                     return (write_data(buf, 6));
                   });
@@ -7410,7 +7436,7 @@ void Table_map_log_event::pack_info(Protocol *protocol)
 {
     char buf[256];
     size_t bytes= my_snprintf(buf, sizeof(buf),
-                                 "table_id: %llu (%s.%s)",
+                              "table_id: %llu (%s.%s)",
                               m_table_id, m_dbnam, m_tblnam);
     protocol->store(buf, bytes, &my_charset_bin);
 }
@@ -7425,7 +7451,7 @@ void Table_map_log_event::pack_info(Protocol *protocol)
   Constructor used to build an event for writing to the binary log.
  */
 Write_rows_log_event::Write_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
-                                           ulong tid_arg,
+                                           ulonglong tid_arg,
                                            bool is_transactional)
   :Rows_log_event(thd_arg, tbl_arg, tid_arg, tbl_arg->rpl_write_set,
                   is_transactional, WRITE_ROWS_EVENT_V1)
@@ -7435,7 +7461,7 @@ Write_rows_log_event::Write_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
 Write_rows_compressed_log_event::Write_rows_compressed_log_event(
                                            THD *thd_arg,
                                            TABLE *tbl_arg,
-                                           ulong tid_arg,
+                                           ulonglong tid_arg,
                                            bool is_transactional)
   : Write_rows_log_event(thd_arg, tbl_arg, tid_arg, is_transactional)
 {
@@ -7521,7 +7547,7 @@ Write_rows_log_event::do_before_row_operations(const Slave_reporting_capability
        indexed and it cannot have a DEFAULT value).
     */
     m_table->auto_increment_field_not_null= FALSE;
-    m_table->mark_auto_increment_column();
+    m_table->mark_auto_increment_column(true);
   }
 
   return error;
@@ -8554,7 +8580,8 @@ end:
  */
 
 Delete_rows_log_event::Delete_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
-                                             ulong tid, bool is_transactional)
+                                             ulonglong tid,
+                                             bool is_transactional)
   : Rows_log_event(thd_arg, tbl_arg, tid, tbl_arg->read_set, is_transactional,
                    DELETE_ROWS_EVENT_V1)
 {
@@ -8562,7 +8589,7 @@ Delete_rows_log_event::Delete_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
 
 Delete_rows_compressed_log_event::Delete_rows_compressed_log_event(
                                            THD *thd_arg, TABLE *tbl_arg,
-                                           ulong tid_arg,
+                                           ulonglong tid_arg,
                                            bool is_transactional)
   : Delete_rows_log_event(thd_arg, tbl_arg, tid_arg, is_transactional)
 {
@@ -8702,7 +8729,7 @@ uint8 Delete_rows_log_event::get_trg_event_map()
   Constructor used to build an event for writing to the binary log.
  */
 Update_rows_log_event::Update_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
-                                             ulong tid,
+                                             ulonglong tid,
                                              bool is_transactional)
 : Rows_log_event(thd_arg, tbl_arg, tid, tbl_arg->read_set, is_transactional,
                  UPDATE_ROWS_EVENT_V1)
@@ -8710,9 +8737,9 @@ Update_rows_log_event::Update_rows_log_event(THD *thd_arg, TABLE *tbl_arg,
   init(tbl_arg->rpl_write_set);
 }
 
-Update_rows_compressed_log_event::Update_rows_compressed_log_event(THD *thd_arg, TABLE *tbl_arg,
-                                                                   ulong tid,
-                                                                   bool is_transactional)
+Update_rows_compressed_log_event::
+Update_rows_compressed_log_event(THD *thd_arg, TABLE *tbl_arg,
+                                 ulonglong tid, bool is_transactional)
 : Update_rows_log_event(thd_arg, tbl_arg, tid, is_transactional)
 {
   m_type = UPDATE_ROWS_COMPRESSED_EVENT_V1;
diff --git a/sql/mysqld.cc b/sql/mysqld.cc
index 95286923..738fd73e 100644
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -5221,6 +5221,14 @@ static int init_server_components()
   if (!opt_abort && ddl_log_initialize())
     unireg_abort(1);
 
+  /*
+    Plugins may not be completed because system table DDLs are only
+    run after the ddl recovery done. Therefore between the
+    plugin_init() call and the ha_signal_ddl_recovery_done() call
+    below only things related to preparation for recovery should be
+    done and nothing else, and definitely not anything assuming that
+    all plugins have been initialised.
+  */
   if (plugin_init(&remaining_argc, remaining_argv,
                   (opt_noacl ? PLUGIN_INIT_SKIP_PLUGIN_TABLE : 0) |
                   (opt_abort ? PLUGIN_INIT_SKIP_INITIALIZATION : 0)))
@@ -5544,6 +5552,15 @@ static int init_server_components()
 #else
   locked_in_memory= 0;
 #endif
+#ifdef PR_SET_THP_DISABLE
+  /*
+    Engine page buffers are now allocated.
+    Disable transparent huge pages for all
+    future allocations as these causes memory
+    leaks.
+  */
+  prctl(PR_SET_THP_DISABLE, 1, 0, 0, 0);
+#endif
 
   ft_init_stopwords();
 
@@ -5791,8 +5808,6 @@ int mysqld_main(int argc, char **argv)
     SYSVAR_AUTOSIZE(my_thread_stack_size, new_thread_stack_size);
   }
 
-  (void) thr_setconcurrency(concurrency);	// 10 by default
-
   select_thread=pthread_self();
   select_thread_in_use=1;
 
@@ -6867,8 +6882,8 @@ struct my_option my_long_options[]=
 #endif
 };
 
-static int show_queries(THD *thd, SHOW_VAR *var, char *buff,
-                        enum enum_var_type scope)
+static int show_queries(THD *thd, SHOW_VAR *var, void *,
+                        system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONGLONG;
   var->value= &thd->query_id;
@@ -6876,16 +6891,16 @@ static int show_queries(THD *thd, SHOW_VAR *var, char *buff,
 }
 
 
-static int show_net_compression(THD *thd, SHOW_VAR *var, char *buff,
-                                enum enum_var_type scope)
+static int show_net_compression(THD *thd, SHOW_VAR *var, void *,
+                                system_status_var *, enum_var_type)
 {
   var->type= SHOW_MY_BOOL;
   var->value= &thd->net.compress;
   return 0;
 }
 
-static int show_starttime(THD *thd, SHOW_VAR *var, char *buff,
-                          enum enum_var_type scope)
+static int show_starttime(THD *thd, SHOW_VAR *var, void *buff,
+                          system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -6894,8 +6909,8 @@ static int show_starttime(THD *thd, SHOW_VAR *var, char *buff,
 }
 
 #ifdef ENABLED_PROFILING
-static int show_flushstatustime(THD *thd, SHOW_VAR *var, char *buff,
-                                enum enum_var_type scope)
+static int show_flushstatustime(THD *thd, SHOW_VAR *var, void *buff,
+                                system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -6905,32 +6920,28 @@ static int show_flushstatustime(THD *thd, SHOW_VAR *var, char *buff,
 #endif
 
 #ifdef HAVE_REPLICATION
-static int show_rpl_status(THD *thd, SHOW_VAR *var, char *buff,
-                           enum enum_var_type scope)
+static int show_rpl_status(THD *, SHOW_VAR *var, void *, system_status_var *,
+                           enum_var_type)
 {
   var->type= SHOW_CHAR;
   var->value= const_cast<char*>(rpl_status_type[(int)rpl_status]);
   return 0;
 }
 
-static int show_slave_running(THD *thd, SHOW_VAR *var, char *buff,
-                              enum enum_var_type scope)
+static int show_slave_running(THD *thd, SHOW_VAR *var, void *buff,
+                              system_status_var *, enum_var_type)
 {
-  Master_info *mi= NULL;
-  bool UNINIT_VAR(tmp);
-
-  var->type= SHOW_MY_BOOL;
-  var->value= buff;
-
-  if ((mi= get_master_info(&thd->variables.default_master_connection,
-                           Sql_condition::WARN_LEVEL_NOTE)))
+  if (Master_info *mi=
+      get_master_info(&thd->variables.default_master_connection,
+                      Sql_condition::WARN_LEVEL_NOTE))
   {
-    tmp= (my_bool) (mi->slave_running == MYSQL_SLAVE_RUN_READING &&
-                    mi->rli.slave_running != MYSQL_SLAVE_NOT_RUN);
+    *((my_bool*) buff)=
+      (mi->slave_running == MYSQL_SLAVE_RUN_READING &&
+       mi->rli.slave_running != MYSQL_SLAVE_NOT_RUN);
     mi->release();
+    var->type= SHOW_MY_BOOL;
+    var->value= buff;
   }
-  if (mi)
-    *((my_bool *)buff)= tmp;
   else
     var->type= SHOW_UNDEF;
   return 0;
@@ -6940,7 +6951,8 @@ static int show_slave_running(THD *thd, SHOW_VAR *var, char *buff,
 /* How many masters this slave is connected to */
 
 
-static int show_slaves_running(THD *thd, SHOW_VAR *var, char *buff)
+static int show_slaves_running(THD *, SHOW_VAR *var, void *buff,
+                               system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONGLONG;
   var->value= buff;
@@ -6951,19 +6963,17 @@ static int show_slaves_running(THD *thd, SHOW_VAR *var, char *buff)
 }
 
 
-static int show_slave_received_heartbeats(THD *thd, SHOW_VAR *var, char *buff,
-                                          enum enum_var_type scope)
+static int show_slave_received_heartbeats(THD *thd, SHOW_VAR *var, void *buff,
+                                          system_status_var *, enum_var_type)
 {
-  Master_info *mi;
-
-  var->type= SHOW_LONGLONG;
-  var->value= buff;
-
-  if ((mi= get_master_info(&thd->variables.default_master_connection,
-                           Sql_condition::WARN_LEVEL_NOTE)))
+  if (Master_info *mi=
+      get_master_info(&thd->variables.default_master_connection,
+                           Sql_condition::WARN_LEVEL_NOTE))
   {
     *((longlong *)buff)= mi->received_heartbeats;
     mi->release();
+    var->type= SHOW_LONGLONG;
+    var->value= buff;
   }
   else
     var->type= SHOW_UNDEF;
@@ -6971,19 +6981,17 @@ static int show_slave_received_heartbeats(THD *thd, SHOW_VAR *var, char *buff,
 }
 
 
-static int show_heartbeat_period(THD *thd, SHOW_VAR *var, char *buff,
-                                 enum enum_var_type scope)
+static int show_heartbeat_period(THD *thd, SHOW_VAR *var, void *buff,
+                                 system_status_var *, enum_var_type)
 {
-  Master_info *mi;
-
-  var->type= SHOW_CHAR;
-  var->value= buff;
-
-  if ((mi= get_master_info(&thd->variables.default_master_connection,
-                           Sql_condition::WARN_LEVEL_NOTE)))
+  if (Master_info *mi=
+      get_master_info(&thd->variables.default_master_connection,
+                      Sql_condition::WARN_LEVEL_NOTE))
   {
-    sprintf(buff, "%.3f", mi->heartbeat_period);
+    sprintf(static_cast<char*>(buff), "%.3f", mi->heartbeat_period);
     mi->release();
+    var->type= SHOW_CHAR;
+    var->value= buff;
   }
   else
     var->type= SHOW_UNDEF;
@@ -6993,8 +7001,8 @@ static int show_heartbeat_period(THD *thd, SHOW_VAR *var, char *buff,
 
 #endif /* HAVE_REPLICATION */
 
-static int show_open_tables(THD *thd, SHOW_VAR *var, char *buff,
-                            enum enum_var_type scope)
+static int show_open_tables(THD *, SHOW_VAR *var, void *buff,
+                            system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7002,8 +7010,8 @@ static int show_open_tables(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_prepared_stmt_count(THD *thd, SHOW_VAR *var, char *buff,
-                                    enum enum_var_type scope)
+static int show_prepared_stmt_count(THD *, SHOW_VAR *var, void *buff,
+                                    system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7013,8 +7021,8 @@ static int show_prepared_stmt_count(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_table_definitions(THD *thd, SHOW_VAR *var, char *buff,
-                                  enum enum_var_type scope)
+static int show_table_definitions(THD *, SHOW_VAR *var, void *buff,
+                                  system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7033,8 +7041,8 @@ static int show_table_definitions(THD *thd, SHOW_VAR *var, char *buff,
          inside an Event.
  */
 
-static int show_ssl_get_version(THD *thd, SHOW_VAR *var, char *buff,
-                                enum enum_var_type scope)
+static int show_ssl_get_version(THD *thd, SHOW_VAR *var, void *,
+                                system_status_var *, enum_var_type)
 {
   var->type= SHOW_CHAR;
   if( thd->vio_ok() && thd->net.vio->ssl_arg )
@@ -7044,8 +7052,8 @@ static int show_ssl_get_version(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_ssl_get_default_timeout(THD *thd, SHOW_VAR *var, char *buff,
-                                        enum enum_var_type scope)
+static int show_ssl_get_default_timeout(THD *thd, SHOW_VAR *var, void *buff,
+                                        system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7056,8 +7064,8 @@ static int show_ssl_get_default_timeout(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_ssl_get_verify_mode(THD *thd, SHOW_VAR *var, char *buff,
-                                    enum enum_var_type scope)
+static int show_ssl_get_verify_mode(THD *thd, SHOW_VAR *var, void *buff,
+                                    system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7072,8 +7080,8 @@ static int show_ssl_get_verify_mode(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_ssl_get_verify_depth(THD *thd, SHOW_VAR *var, char *buff,
-                                     enum enum_var_type scope)
+static int show_ssl_get_verify_depth(THD *thd, SHOW_VAR *var, void *buff,
+                                     system_status_var *, enum_var_type)
 {
   var->type= SHOW_LONG;
   var->value= buff;
@@ -7085,8 +7093,8 @@ static int show_ssl_get_verify_depth(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_ssl_get_cipher(THD *thd, SHOW_VAR *var, char *buff,
-                               enum enum_var_type scope)
+static int show_ssl_get_cipher(THD *thd, SHOW_VAR *var, void *buff,
+                               system_status_var *, enum_var_type)
 {
   var->type= SHOW_CHAR;
   if( thd->vio_ok() && thd->net.vio->ssl_arg )
@@ -7096,9 +7104,10 @@ static int show_ssl_get_cipher(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_ssl_get_cipher_list(THD *thd, SHOW_VAR *var, char *buff,
-                                    enum enum_var_type scope)
+static int show_ssl_get_cipher_list(THD *thd, SHOW_VAR *var, void *buf,
+                                    system_status_var *, enum_var_type)
 {
+  char *buff= static_cast<char*>(buf);
   var->type= SHOW_CHAR;
   var->value= buff;
   if (thd->vio_ok() && thd->net.vio->ssl_arg)
@@ -7183,8 +7192,8 @@ end:
 */
 
 static int
-show_ssl_get_server_not_before(THD *thd, SHOW_VAR *var, char *buff,
-                               enum enum_var_type scope)
+show_ssl_get_server_not_before(THD *thd, SHOW_VAR *var, void *buff,
+                               system_status_var *, enum_var_type)
 {
   var->type= SHOW_CHAR;
   if(thd->vio_ok() && thd->net.vio->ssl_arg)
@@ -7193,7 +7202,7 @@ show_ssl_get_server_not_before(THD *thd, SHOW_VAR *var, char *buff,
     X509 *cert= SSL_get_certificate(ssl);
     const ASN1_TIME *not_before= X509_get0_notBefore(cert);
 
-    var->value= my_asn1_time_to_string(not_before, buff,
+    var->value= my_asn1_time_to_string(not_before, static_cast<char*>(buff),
                                        SHOW_VAR_FUNC_BUFF_SIZE);
     if (!var->value)
       return 1;
@@ -7217,8 +7226,8 @@ show_ssl_get_server_not_before(THD *thd, SHOW_VAR *var, char *buff,
 */
 
 static int
-show_ssl_get_server_not_after(THD *thd, SHOW_VAR *var, char *buff,
-                              enum enum_var_type scope)
+show_ssl_get_server_not_after(THD *thd, SHOW_VAR *var, void *buff,
+                              system_status_var *, enum_var_type)
 {
   var->type= SHOW_CHAR;
   if(thd->vio_ok() && thd->net.vio->ssl_arg)
@@ -7227,7 +7236,7 @@ show_ssl_get_server_not_after(THD *thd, SHOW_VAR *var, char *buff,
     X509 *cert= SSL_get_certificate(ssl);
     const ASN1_TIME *not_after= X509_get0_notAfter(cert);
 
-    var->value= my_asn1_time_to_string(not_after, buff,
+    var->value= my_asn1_time_to_string(not_after, static_cast<char*>(buff),
                                        SHOW_VAR_FUNC_BUFF_SIZE);
     if (!var->value)
       return 1;
@@ -7281,7 +7290,7 @@ static int show_default_keycache(THD *thd, SHOW_VAR *var, void *buff,
 }
 
 
-static int show_memory_used(THD *thd, SHOW_VAR *var, char *buff,
+static int show_memory_used(THD *thd, SHOW_VAR *var, void *buff,
                             struct system_status_var *status_var,
                             enum enum_var_type scope)
 {
@@ -7337,8 +7346,8 @@ static int debug_status_func(THD *thd, SHOW_VAR *var, void *buff,
 #endif
 
 #ifdef HAVE_POOL_OF_THREADS
-static int show_threadpool_idle_threads(THD *thd, SHOW_VAR *var, char *buff,
-                                 enum enum_var_type scope)
+static int show_threadpool_idle_threads(THD *, SHOW_VAR *var, void *buff,
+                                        system_status_var *, enum_var_type)
 {
   var->type= SHOW_INT;
   var->value= buff;
@@ -7347,8 +7356,8 @@ static int show_threadpool_idle_threads(THD *thd, SHOW_VAR *var, char *buff,
 }
 
 
-static int show_threadpool_threads(THD *thd, SHOW_VAR *var, char *buff,
-                                   enum enum_var_type scope)
+static int show_threadpool_threads(THD *, SHOW_VAR *var, void *buff,
+                                   system_status_var *, enum_var_type)
 {
   var->type= SHOW_INT;
   var->value= buff;
@@ -7500,7 +7509,7 @@ SHOW_VAR status_vars[]= {
   SHOW_FUNC_ENTRY("Rpl_semi_sync_master_net_avg_wait_time", &SHOW_FNAME(avg_net_wait_time)),
   {"Rpl_semi_sync_master_request_ack", (char*) &rpl_semi_sync_master_request_ack, SHOW_LONGLONG},
   {"Rpl_semi_sync_master_get_ack", (char*)&rpl_semi_sync_master_get_ack, SHOW_LONGLONG},
-  {"Rpl_semi_sync_slave_status", (char*) &rpl_semi_sync_slave_status, SHOW_BOOL},
+  SHOW_FUNC_ENTRY("Rpl_semi_sync_slave_status",  &rpl_semi_sync_enabled),
   {"Rpl_semi_sync_slave_send_ack", (char*) &rpl_semi_sync_slave_send_ack, SHOW_LONGLONG},
 #endif /* HAVE_REPLICATION */
 #ifdef HAVE_QUERY_CACHE
@@ -8082,6 +8091,9 @@ mysqld_get_one_option(const struct my_option *opt, const char *argument,
     test_flags= argument ? ((uint) atoi(argument) & ~TEST_BLOCKING) : 0;
     opt_endinfo=1;
     break;
+  case OPT_SECURE_AUTH:
+    WARN_DEPRECATED_NO_REPLACEMENT(NULL, "--secure-auth");
+    break;
   case OPT_THREAD_CONCURRENCY:
     WARN_DEPRECATED_NO_REPLACEMENT(NULL, "THREAD_CONCURRENCY");
     break;
diff --git a/sql/mysqld.h b/sql/mysqld.h
index 2139b9b6..13b824d1 100644
--- a/sql/mysqld.h
+++ b/sql/mysqld.h
@@ -842,7 +842,7 @@ enum options_mysqld
   OPT_WSREP_SYNC_WAIT,
 #endif /* WITH_WSREP */
   OPT_MYSQL_COMPATIBILITY,
-  OPT_TLS_VERSION,
+  OPT_TLS_VERSION, OPT_SECURE_AUTH,
   OPT_MYSQL_TO_BE_IMPLEMENTED,
   OPT_SEQURE_FILE_PRIV,
   OPT_which_is_always_the_last
@@ -884,6 +884,11 @@ enum enum_query_type
   /// good for parsing
   QT_PARSABLE= (1 << 8),
 
+  // If an expression is constant, print the expression, not the value
+  // it evaluates to. Should be used for error messages, so that they
+  // don't reveal values.
+  QT_NO_DATA_EXPANSION= (1 << 9),
+
   /// This value means focus on readability, not on ability to parse back, etc.
   QT_EXPLAIN=           QT_TO_SYSTEM_CHARSET |
                         QT_ITEM_IDENT_SKIP_DB_NAMES |
@@ -904,12 +909,12 @@ enum enum_query_type
   QT_EXPLAIN_EXTENDED=  QT_TO_SYSTEM_CHARSET|
                         QT_SHOW_SELECT_NUMBER,
 
-  // If an expression is constant, print the expression, not the value
-  // it evaluates to. Should be used for error messages, so that they
-  // don't reveal values.
-  QT_NO_DATA_EXPANSION= (1 << 9),
   // Remove wrappers added for TVC when creating or showing view
-  QT_NO_WRAPPERS_FOR_TVC_IN_VIEW= (1 << 12)
+  QT_NO_WRAPPERS_FOR_TVC_IN_VIEW= (1 << 12),
+
+  /// Print for FRM file. Focus on parse-back.
+  /// e.g. VIEW expressions and virtual column expressions
+  QT_FOR_FRM= (1 << 13)
 };
 
 
diff --git a/sql/net_serv.cc b/sql/net_serv.cc
index 70e71d9a..3dff8442 100644
--- a/sql/net_serv.cc
+++ b/sql/net_serv.cc
@@ -156,6 +156,7 @@ my_bool my_net_init(NET *net, Vio *vio, void *thd, uint my_flags)
   net->where_b = net->remain_in_buf=0;
   net->net_skip_rest_factor= 0;
   net->last_errno=0;
+  net->pkt_nr_can_be_reset= 0;
   net->thread_specific_malloc= MY_TEST(my_flags & MY_THREAD_SPECIFIC);
   net->thd= 0;
 #ifdef MYSQL_SERVER
@@ -1057,8 +1058,10 @@ retry:
 	  {					/* Probably in MIT threads */
 	    if (retry_count++ < net->retry_count)
 	      continue;
-	    EXTRA_DEBUG_fprintf(stderr, "%s: read looped with error %d, aborting thread\n",
-		    my_progname,vio_errno(net->vio));
+	    EXTRA_DEBUG_fprintf(stderr, "%s: read looped with error %d on "
+                                "file %lld, aborting thread\n",
+                                my_progname, vio_errno(net->vio),
+                                (longlong) vio_fd(net->vio));
 	  }
 #ifndef MYSQL_SERVER
 	  if (length != 0 && vio_errno(net->vio) == SOCKET_EINTR)
@@ -1094,19 +1097,31 @@ retry:
 #endif
 	if (net->buff[net->where_b + 3] != (uchar) net->pkt_nr)
         {
-#ifndef MYSQL_SERVER
-          if (net->buff[net->where_b + 3] == (uchar) (net->pkt_nr -1))
+          if (net->pkt_nr_can_be_reset)
           {
             /*
-              If the server was killed then the server may have missed the
-              last sent client packet and the packet numbering may be one off.
+              We are using a protocol like semi-sync where master and slave
+              sends packets in parallel.
+              Copy current one as it can be useful for debugging.
             */
-            DBUG_PRINT("warning", ("Found possible out of order packets"));
-            expect_error_packet= 1;
+            net->pkt_nr= net->buff[net->where_b + 3];
           }
           else
+          {
+#ifndef MYSQL_SERVER
+            if (net->buff[net->where_b + 3] == (uchar) (net->pkt_nr -1))
+            {
+              /*
+                If the server was killed then the server may have missed the
+                last sent client packet and the packet numbering may be one off.
+              */
+              DBUG_PRINT("warning", ("Found possible out of order packets"));
+              expect_error_packet= 1;
+            }
+            else
 #endif
-            goto packets_out_of_order;
+              goto packets_out_of_order;
+          }
         }
         net->compress_pkt_nr= ++net->pkt_nr;
 #ifdef HAVE_COMPRESS
diff --git a/sql/opt_range.cc b/sql/opt_range.cc
index 0ca8402f..42afc930 100644
--- a/sql/opt_range.cc
+++ b/sql/opt_range.cc
@@ -2692,7 +2692,7 @@ SQL_SELECT::test_quick_select(THD *thd,
                               bool ordered_output,
                               bool remove_false_parts_of_where,
                               bool only_single_index_range_scan,
-                              bool suppress_unusable_key_notes)
+                              Item_func::Bitmap note_unusable_keys)
 {
   uint idx;
   double scan_time;
@@ -2786,9 +2786,9 @@ SQL_SELECT::test_quick_select(THD *thd,
     param.max_key_parts= 0;
     param.remove_false_where_parts= remove_false_parts_of_where;
     param.force_default_mrr= ordered_output;
-    param.note_unusable_keys= (!suppress_unusable_key_notes &&
-                               thd->give_notes_for_unusable_keys());
-
+    param.note_unusable_keys= thd->give_notes_for_unusable_keys() ?
+                              note_unusable_keys :
+                              Item_func::BITMAP_NONE;
     param.possible_keys.clear_all();
 
     thd->no_errors=1;				// Don't warn about NULL
@@ -3999,7 +3999,7 @@ bool prune_partitions(THD *thd, TABLE *table, Item *pprune_cond)
   range_par->remove_jump_scans= FALSE;
   range_par->real_keynr[0]= 0;
   range_par->alloced_sel_args= 0;
-  range_par->note_unusable_keys= 0;
+  range_par->note_unusable_keys= Item_func::BITMAP_NONE;
 
   thd->no_errors=1;				// Don't warn about NULL
   thd->mem_root=&alloc;
@@ -8762,9 +8762,11 @@ Item_func_like::get_mm_leaf(RANGE_OPT_PARAM *param,
   if (field->result_type() == STRING_RESULT &&
       field->charset() != compare_collation())
   {
-    if (param->note_unusable_keys)
+    if (param->note_unusable_keys & BITMAP_LIKE)
       field->raise_note_cannot_use_key_part(param->thd, keynr, key_part->part,
-                                            func_name_cstring(), value,
+                                            func_name_cstring(),
+                                            compare_collation(),
+                                            value,
                                             Data_type_compatibility::
                                             INCOMPATIBLE_COLLATION);
     DBUG_RETURN(0);
@@ -8780,9 +8782,11 @@ Item_func_like::get_mm_leaf(RANGE_OPT_PARAM *param,
       field->type_handler() == &type_handler_enum ||
       field->type_handler() == &type_handler_set)
   {
-    if (param->note_unusable_keys)
+    if (param->note_unusable_keys & BITMAP_LIKE)
       field->raise_note_cannot_use_key_part(param->thd, keynr, key_part->part,
-                                            func_name_cstring(), value,
+                                            func_name_cstring(),
+                                            compare_collation(),
+                                            value,
                                             Data_type_compatibility::
                                             INCOMPATIBLE_DATA_TYPE);
     DBUG_RETURN(0);
@@ -8887,7 +8891,8 @@ Field::can_optimize_scalar_range(const RANGE_OPT_PARAM *param,
     TODO: Perhaps we also need to raise a similar note when
     a partition could not be used (when using_real_indexes==false).
   */
-  if (param->using_real_indexes && param->note_unusable_keys)
+  if (param->using_real_indexes && param->note_unusable_keys &&
+      (param->note_unusable_keys & cond->bitmap_bit()))
   {
     DBUG_ASSERT(keynr < table->s->keys);
     /*
@@ -8901,6 +8906,7 @@ Field::can_optimize_scalar_range(const RANGE_OPT_PARAM *param,
     */
     raise_note_cannot_use_key_part(param->thd, keynr, key_part->part,
                                    scalar_comparison_op_to_lex_cstring(op),
+                                   cond->compare_collation(),
                                    value, compat);
   }
   return compat;
@@ -15173,13 +15179,6 @@ int QUICK_GROUP_MIN_MAX_SELECT::init()
 {
   if (group_prefix) /* Already initialized. */
     return 0;
-  
-  /*
-    We allocate one byte more to serve the case when the last field in
-    the buffer is compared using uint3korr (e.g. a Field_newdate field)
-  */
-  if (!(last_prefix= (uchar*) alloc_root(&alloc, group_prefix_len+1)))
-      return 1;
   /*
     We may use group_prefix to store keys with all select fields, so allocate
     enough space for it.
@@ -15436,8 +15435,7 @@ void QUICK_GROUP_MIN_MAX_SELECT::update_key_stat()
     QUICK_GROUP_MIN_MAX_SELECT::reset()
 
   DESCRIPTION
-    Initialize the index chosen for access and find and store the prefix
-    of the last group. The method is expensive since it performs disk access.
+    Initialize the index chosen for access.
 
   RETURN
     0      OK
@@ -15459,12 +15457,6 @@ int QUICK_GROUP_MIN_MAX_SELECT::reset(void)
   }
   if (quick_prefix_select && quick_prefix_select->reset())
     DBUG_RETURN(1);
-  result= file->ha_index_last(record);
-  if (result == HA_ERR_END_OF_FILE)
-    DBUG_RETURN(0);
-  /* Save the prefix of the last group. */
-  key_copy(last_prefix, record, index_info, group_prefix_len);
-
   DBUG_RETURN(0);
 }
 
@@ -15510,34 +15502,20 @@ int QUICK_GROUP_MIN_MAX_SELECT::get_next()
 #else
   int result;
 #endif
-  int is_last_prefix= 0;
-
   DBUG_ENTER("QUICK_GROUP_MIN_MAX_SELECT::get_next");
 
   /*
-    Loop until a group is found that satisfies all query conditions or the last
-    group is reached.
+    Loop until a group is found that satisfies all query conditions or
+    there are no satisfying groups left
   */
   do
   {
     result= next_prefix();
+    if (result != 0)
+      break;
     /*
-      Check if this is the last group prefix. Notice that at this point
-      this->record contains the current prefix in record format.
+      At this point this->record contains the current prefix in record format.
     */
-    if (!result)
-    {
-      is_last_prefix= key_cmp(index_info->key_part, last_prefix,
-                              group_prefix_len);
-      DBUG_ASSERT(is_last_prefix <= 0);
-    }
-    else 
-    {
-      if (result == HA_ERR_KEY_NOT_FOUND)
-        continue;
-      break;
-    }
-
     if (have_min)
     {
       min_res= next_min();
@@ -15566,8 +15544,7 @@ int QUICK_GROUP_MIN_MAX_SELECT::get_next()
                                       HA_READ_KEY_EXACT);
 
     result= have_min ? min_res : have_max ? max_res : result;
-  } while ((result == HA_ERR_KEY_NOT_FOUND || result == HA_ERR_END_OF_FILE) &&
-           is_last_prefix != 0);
+  } while (result == HA_ERR_KEY_NOT_FOUND || result == HA_ERR_END_OF_FILE);
 
   if (result == HA_ERR_KEY_NOT_FOUND)
     result= HA_ERR_END_OF_FILE;
diff --git a/sql/opt_range.h b/sql/opt_range.h
index 4f766534..25bb9f0a 100644
--- a/sql/opt_range.h
+++ b/sql/opt_range.h
@@ -889,7 +889,10 @@ public:
   */
   bool remove_false_where_parts;
 
-  bool note_unusable_keys;        // Give SQL notes for unusable keys
+  /*
+    Which functions should give SQL notes for unusable keys.
+  */
+  Item_func::Bitmap note_unusable_keys;
 
   /*
     used_key_no -> table_key_no translation table. Only makes sense if
@@ -1768,7 +1771,6 @@ private:
   uchar *group_prefix;    /* Key prefix consisting of the GROUP fields. */
   const uint group_prefix_len; /* Length of the group prefix. */
   uint group_key_parts;  /* A number of keyparts in the group prefix */
-  uchar *last_prefix;     /* Prefix of the last group for detecting EOF. */
   bool have_min;         /* Specify whether we are computing */
   bool have_max;         /*   a MIN, a MAX, or both.         */
   bool have_agg_distinct;/*   aggregate_function(DISTINCT ...).  */
@@ -1894,12 +1896,14 @@ class SQL_SELECT :public Sql_alloc {
       true  - for ERROR and IMPOSSIBLE_RANGE
       false   - Ok
   */
-  bool check_quick(THD *thd, bool force_quick_range, ha_rows limit)
+  bool check_quick(THD *thd, bool force_quick_range, ha_rows limit,
+                   Item_func::Bitmap note_unusable_keys)
   {
     key_map tmp;
     tmp.set_all();
     return test_quick_select(thd, tmp, 0, limit, force_quick_range,
-                             FALSE, FALSE, FALSE) != OK;
+                             FALSE, FALSE, FALSE,
+                             note_unusable_keys) != OK;
   }
 
   /* 
@@ -1929,7 +1933,7 @@ class SQL_SELECT :public Sql_alloc {
                     bool ordered_output,
                     bool remove_false_parts_of_where,
                     bool only_single_index_range_scan,
-                    bool suppress_unusable_key_notes = 0);
+                    Item_func::Bitmap note_unusable_keys);
 };
 
 typedef enum SQL_SELECT::quick_select_return_type quick_select_return;
diff --git a/sql/opt_trace.cc b/sql/opt_trace.cc
index 4bc49394..972c7da6 100644
--- a/sql/opt_trace.cc
+++ b/sql/opt_trace.cc
@@ -103,7 +103,8 @@ inline bool sql_command_can_be_traced(enum enum_sql_command sql_command)
          sql_command == SQLCOM_UPDATE ||
          sql_command == SQLCOM_DELETE ||
          sql_command == SQLCOM_DELETE_MULTI ||
-         sql_command == SQLCOM_UPDATE_MULTI;
+         sql_command == SQLCOM_UPDATE_MULTI ||
+         sql_command == SQLCOM_INSERT_SELECT;
 }
 
 void opt_trace_print_expanded_query(THD *thd, SELECT_LEX *select_lex,
diff --git a/sql/protocol.cc b/sql/protocol.cc
index 6667129d..d2ef52e0 100644
--- a/sql/protocol.cc
+++ b/sql/protocol.cc
@@ -414,7 +414,6 @@ static bool write_eof_packet(THD *thd, NET *net,
 
 bool Protocol::net_send_error_packet(THD *thd, uint sql_errno, const char *err,
                                      const char* sqlstate)
-
 {
   NET *net= &thd->net;
   uint length;
diff --git a/sql/protocol.h b/sql/protocol.h
index 4fdfde3e..09dbdfbd 100644
--- a/sql/protocol.h
+++ b/sql/protocol.h
@@ -229,9 +229,9 @@ public:
 #ifdef EMBEDDED_LIBRARY
   void remove_last_row() override;
 #endif
-  virtual bool store_field_metadata(const THD *thd, const Send_field &field,
-                                    CHARSET_INFO *charset_for_protocol,
-                                    uint pos);
+  bool store_field_metadata(const THD *thd, const Send_field &field,
+                            CHARSET_INFO *charset_for_protocol,
+                            uint pos);
   bool store_item_metadata(THD *thd, Item *item, uint pos);
   bool store_field_metadata_for_list_fields(const THD *thd, Field *field,
                                             const TABLE_LIST *table_list,
diff --git a/sql/rpl_gtid.cc b/sql/rpl_gtid.cc
index 11629059..20188d6c 100644
--- a/sql/rpl_gtid.cc
+++ b/sql/rpl_gtid.cc
@@ -721,6 +721,7 @@ rpl_slave_state::record_gtid(THD *thd, const rpl_gtid *gtid, uint64 sub_id,
   if (WSREP_ON_ && wsrep_thd_is_local(thd))
   {
     thd->wsrep_ignore_table= false;
+    table->file->row_logging= 1; // replication requires binary logging
     wsrep_start_trx_if_not_started(thd);
   }
   else
diff --git a/sql/rpl_mi.cc b/sql/rpl_mi.cc
index 3c698f27..4fc204dd 100644
--- a/sql/rpl_mi.cc
+++ b/sql/rpl_mi.cc
@@ -43,7 +43,8 @@ Master_info::Master_info(LEX_CSTRING *connection_name_arg,
    gtid_reconnect_event_skip_count(0), gtid_event_seen(false),
    in_start_all_slaves(0), in_stop_all_slaves(0), in_flush_all_relay_logs(0),
    users(0), killed(0),
-   total_ddl_groups(0), total_non_trans_groups(0), total_trans_groups(0)
+   total_ddl_groups(0), total_non_trans_groups(0), total_trans_groups(0),
+   semi_sync_reply_enabled(0)
 {
   char *tmp;
   host[0] = 0; user[0] = 0; password[0] = 0;
diff --git a/sql/rpl_mi.h b/sql/rpl_mi.h
index 6058b7fb..159e099f 100644
--- a/sql/rpl_mi.h
+++ b/sql/rpl_mi.h
@@ -210,6 +210,16 @@ class Master_info : public Slave_reporting_capability
   void lock_slave_threads();
   void unlock_slave_threads();
 
+  ulonglong get_slave_skip_counter()
+  {
+    return rli.slave_skip_counter;
+  }
+
+  ulonglong get_max_relay_log_size()
+  {
+    return rli.max_relay_log_size;
+  }
+
   /* the variables below are needed because we can change masters on the fly */
   char master_log_name[FN_REFLEN+6]; /* Room for multi-*/
   char host[HOSTNAME_LENGTH*SYSTEM_CHARSET_MBMAXLEN+1];
@@ -366,6 +376,12 @@ class Master_info : public Slave_reporting_capability
        it must be ignored similarly to the replicate-same-server-id rule.
  */
   bool do_accept_own_server_id= false;
+  /*
+    Set to 1 when semi_sync is enabled. Set to 0 if there is any transmit
+    problems to the slave, in which case any furter semi-sync reply is
+    ignored
+  */
+  bool semi_sync_reply_enabled;
   List <start_alter_info> start_alter_list;
   MEM_ROOT mem_root;
   /*
diff --git a/sql/rpl_parallel.cc b/sql/rpl_parallel.cc
index 95a1234e..333a3960 100644
--- a/sql/rpl_parallel.cc
+++ b/sql/rpl_parallel.cc
@@ -895,8 +895,7 @@ do_retry:
     thd->wait_for_commit_ptr->unregister_wait_for_prior_commit();
   DBUG_EXECUTE_IF("inject_mdev8031", {
       /* Simulate that we get deadlock killed at this exact point. */
-      rgi->killed_for_retry= rpl_group_info::RETRY_KILL_KILLED;
-      thd->set_killed(KILL_CONNECTION);
+      slave_background_kill_request(thd);
   });
 #ifdef ENABLED_DEBUG_SYNC
   DBUG_EXECUTE_IF("rpl_parallel_simulate_wait_at_retry", {
@@ -2877,23 +2876,12 @@ rpl_parallel::stop_during_until()
 
 
 bool
-rpl_parallel::workers_idle()
+rpl_parallel::workers_idle(Relay_log_info *rli)
 {
-  struct rpl_parallel_entry *e;
-  uint32 i, max_i;
-
-  max_i= domain_hash.records;
-  for (i= 0; i < max_i; ++i)
-  {
-    bool active;
-    e= (struct rpl_parallel_entry *)my_hash_element(&domain_hash, i);
-    mysql_mutex_lock(&e->LOCK_parallel_entry);
-    active= e->current_sub_id > e->last_committed_sub_id;
-    mysql_mutex_unlock(&e->LOCK_parallel_entry);
-    if (active)
-      break;
-  }
-  return (i == max_i);
+  mysql_mutex_assert_owner(&rli->data_lock);
+  return !rli->last_inuse_relaylog ||
+    rli->last_inuse_relaylog->queued_count ==
+    rli->last_inuse_relaylog->dequeued_count;
 }
 
 
diff --git a/sql/rpl_parallel.h b/sql/rpl_parallel.h
index a9cfefcb..307d0e3b 100644
--- a/sql/rpl_parallel.h
+++ b/sql/rpl_parallel.h
@@ -460,9 +460,10 @@ struct rpl_parallel {
   rpl_parallel_entry *find(uint32 domain_id, Relay_log_info *rli);
   void wait_for_done(THD *thd, Relay_log_info *rli);
   void stop_during_until();
-  bool workers_idle();
   int wait_for_workers_idle(THD *thd);
   int do_event(rpl_group_info *serial_rgi, Log_event *ev, ulonglong event_size);
+
+  static bool workers_idle(Relay_log_info *rli);
 };
 
 
diff --git a/sql/rpl_rli.h b/sql/rpl_rli.h
index 0fd90704..30e1bb45 100644
--- a/sql/rpl_rli.h
+++ b/sql/rpl_rli.h
@@ -623,7 +623,7 @@ struct inuse_relaylog {
   rpl_gtid *relay_log_state;
   uint32 relay_log_state_count;
   /* Number of events in this relay log queued for worker threads. */
-  int64 queued_count;
+  Atomic_counter<int64> queued_count;
   /* Number of events completed by worker threads. */
   Atomic_counter<int64> dequeued_count;
   /* Set when all events have been read from a relaylog. */
diff --git a/sql/semisync_master.cc b/sql/semisync_master.cc
index 670a6d8d..9f30a820 100644
--- a/sql/semisync_master.cc
+++ b/sql/semisync_master.cc
@@ -91,7 +91,9 @@ Active_tranx::Active_tranx(mysql_mutex_t *lock,
   for (int idx = 0; idx < m_num_entries; ++idx)
     m_trx_htb[idx] = NULL;
 
+#ifdef EXTRA_DEBUG
   sql_print_information("Semi-sync replication initialized for transactions.");
+#endif
 }
 
 Active_tranx::~Active_tranx()
@@ -352,8 +354,7 @@ Repl_semi_sync_master::Repl_semi_sync_master()
     m_state(0),
     m_wait_point(0)
 {
-  strcpy(m_reply_file_name, "");
-  strcpy(m_wait_file_name, "");
+  m_reply_file_name[0]= m_wait_file_name[0]= 0;
 }
 
 int Repl_semi_sync_master::init_object()
@@ -379,20 +380,10 @@ int Repl_semi_sync_master::init_object()
   {
     result = enable_master();
     if (!result)
-    {
       result= ack_receiver.start(); /* Start the ACK thread. */
-      /*
-        If rpl_semi_sync_master_wait_no_slave is disabled, let's temporarily
-        switch off semisync to avoid hang if there's none active slave.
-      */
-      if (!rpl_semi_sync_master_wait_no_slave)
-        switch_off();
-    }
   }
   else
-  {
     disable_master();
-  }
 
   return result;
 }
@@ -441,7 +432,7 @@ void Repl_semi_sync_master::disable_master()
      */
     switch_off();
 
-    assert(m_active_tranxs != NULL);
+    DBUG_ASSERT(m_active_tranxs != NULL);
     delete m_active_tranxs;
     m_active_tranxs = NULL;
 
@@ -450,7 +441,6 @@ void Repl_semi_sync_master::disable_master()
     m_commit_file_name_inited = false;
 
     set_master_enabled(false);
-    sql_print_information("Semi-sync replication disabled on the master.");
   }
 
   unlock();
@@ -537,31 +527,34 @@ void Repl_semi_sync_master::add_slave()
 void Repl_semi_sync_master::remove_slave()
 {
   lock();
-  rpl_semi_sync_master_clients--;
-
-  /* Only switch off if semi-sync is enabled and is on */
-  if (get_master_enabled() && is_on())
+  if (!(--rpl_semi_sync_master_clients) && !rpl_semi_sync_master_wait_no_slave)
   {
-    /* If user has chosen not to wait if no semi-sync slave available
-       and the last semi-sync slave exits, turn off semi-sync on master
-       immediately.
-     */
-    if (!rpl_semi_sync_master_wait_no_slave &&
-        rpl_semi_sync_master_clients == 0)
-      switch_off();
+    /*
+      Signal transactions waiting in commit_trx() that they do not have to
+      wait anymore.
+    */
+    cond_broadcast();
   }
   unlock();
 }
 
+
+/*
+  Check report package
+
+  @retval 0   ok
+  @retval 1   Error
+  @retval -1  Slave is going down (ok)
+*/
+
 int Repl_semi_sync_master::report_reply_packet(uint32 server_id,
                                                const uchar *packet,
                                                ulong packet_len)
 {
-  int result= -1;
+  int result= 1;                                // Assume error
   char log_file_name[FN_REFLEN+1];
   my_off_t log_file_pos;
   ulong log_file_len = 0;
-
   DBUG_ENTER("Repl_semi_sync_master::report_reply_packet");
 
   DBUG_EXECUTE_IF("semisync_corrupt_magic",
@@ -569,7 +562,14 @@ int Repl_semi_sync_master::report_reply_packet(uint32 server_id,
   if (unlikely(packet[REPLY_MAGIC_NUM_OFFSET] !=
                Repl_semi_sync_master::k_packet_magic_num))
   {
-    sql_print_error("Read semi-sync reply magic number error");
+    if (packet[0] == COM_QUIT && packet_len == 1)
+    {
+      /* Slave sent COM_QUIT as part of IO thread going down */
+      sql_print_information("slave IO thread has stopped");
+      DBUG_RETURN(-1);
+    }
+    else
+      sql_print_error("Read semi-sync reply magic number error");
     goto l_end;
   }
 
@@ -597,14 +597,13 @@ int Repl_semi_sync_master::report_reply_packet(uint32 server_id,
 
   rpl_semi_sync_master_get_ack++;
   report_reply_binlog(server_id, log_file_name, log_file_pos);
-  result= 0;
+  DBUG_RETURN(0);
 
 l_end:
-  if (result == -1)
   {
     char buf[256];
-    octet2hex(buf, (const char*) packet, std::min(static_cast<ulong>(sizeof(buf)-1),
-                                                  packet_len));
+    octet2hex(buf, (const char*) packet,
+              MY_MIN(sizeof(buf)-1, (size_t) packet_len));
     sql_print_information("First bytes of the packet from semisync slave "
                           "server-id %d: %s", server_id, buf);
 
@@ -668,7 +667,7 @@ int Repl_semi_sync_master::report_reply_binlog(uint32 server_id,
     m_reply_file_name_inited = true;
 
     /* Remove all active transaction nodes before this point. */
-    assert(m_active_tranxs != NULL);
+    DBUG_ASSERT(m_active_tranxs != NULL);
     m_active_tranxs->clear_active_tranx_nodes(log_file_name, log_file_pos);
 
     DBUG_PRINT("semisync", ("%s: Got reply at (%s, %lu)",
@@ -809,6 +808,8 @@ int Repl_semi_sync_master::dump_start(THD* thd,
                         (long) thd->variables.server_id, log_file,
                         (ulong) log_pos);
 
+  /* Mark that semi-sync net->pkt_nr is not reliable */
+  thd->net.pkt_nr_can_be_reset= 1;
   return 0;
 }
 
@@ -827,8 +828,15 @@ void Repl_semi_sync_master::dump_end(THD* thd)
 int Repl_semi_sync_master::commit_trx(const char* trx_wait_binlog_name,
                                       my_off_t trx_wait_binlog_pos)
 {
+  bool success= 0;
   DBUG_ENTER("Repl_semi_sync_master::commit_trx");
 
+  if (!rpl_semi_sync_master_clients && !rpl_semi_sync_master_wait_no_slave)
+  {
+    rpl_semi_sync_master_no_transactions++;
+    DBUG_RETURN(0);
+  }
+
   if (get_master_enabled() && trx_wait_binlog_name)
   {
     struct timespec start_ts;
@@ -836,7 +844,7 @@ int Repl_semi_sync_master::commit_trx(const char* trx_wait_binlog_name,
     int wait_result;
     PSI_stage_info old_stage;
     THD *thd= current_thd;
-
+    bool aborted= 0;
     set_timespec(start_ts, 0);
 
     DEBUG_SYNC(thd, "rpl_semisync_master_commit_trx_before_lock");
@@ -859,6 +867,13 @@ int Repl_semi_sync_master::commit_trx(const char* trx_wait_binlog_name,
 
     while (is_on() && !thd_killed(thd))
     {
+      /* We have to check these again as things may have changed */
+      if (!rpl_semi_sync_master_clients && !rpl_semi_sync_master_wait_no_slave)
+      {
+        aborted= 1;
+        break;
+      }
+
       if (m_reply_file_name_inited)
       {
         int cmp = Active_tranx::compare(m_reply_file_name, m_reply_file_pos,
@@ -873,6 +888,7 @@ int Repl_semi_sync_master::commit_trx(const char* trx_wait_binlog_name,
                                   "Repl_semi_sync_master::commit_trx",
                                   m_reply_file_name,
                                   (ulong)m_reply_file_pos));
+          success= 1;
           break;
         }
       }
@@ -973,13 +989,13 @@ int Repl_semi_sync_master::commit_trx(const char* trx_wait_binlog_name,
       m_active_tranxs may be NULL if someone disabled semi sync during
       cond_timewait()
     */
-    assert(thd_killed(thd) || !m_active_tranxs ||
-           !m_active_tranxs->is_tranx_end_pos(trx_wait_binlog_name,
-                                             trx_wait_binlog_pos));
+    DBUG_ASSERT(thd_killed(thd) || !m_active_tranxs || aborted ||
+                !m_active_tranxs->is_tranx_end_pos(trx_wait_binlog_name,
+                                                   trx_wait_binlog_pos));
 
   l_end:
     /* Update the status counter. */
-    if (is_on())
+    if (success)
       rpl_semi_sync_master_yes_transactions++;
     else
       rpl_semi_sync_master_no_transactions++;
@@ -1014,18 +1030,20 @@ void Repl_semi_sync_master::switch_off()
 {
   DBUG_ENTER("Repl_semi_sync_master::switch_off");
 
-  m_state = false;
-
-  /* Clear the active transaction list. */
-  assert(m_active_tranxs != NULL);
-  m_active_tranxs->clear_active_tranx_nodes(NULL, 0);
+  if (m_state)
+  {
+    m_state = false;
 
-  rpl_semi_sync_master_off_times++;
-  m_wait_file_name_inited   = false;
-  m_reply_file_name_inited  = false;
-  sql_print_information("Semi-sync replication switched OFF.");
-  cond_broadcast();                            /* wake up all waiting threads */
+    /* Clear the active transaction list. */
+    DBUG_ASSERT(m_active_tranxs != NULL);
+    m_active_tranxs->clear_active_tranx_nodes(NULL, 0);
 
+    rpl_semi_sync_master_off_times++;
+    m_wait_file_name_inited   = false;
+    m_reply_file_name_inited  = false;
+    sql_print_information("Semi-sync replication switched OFF.");
+  }
+  cond_broadcast();                /* wake up all waiting threads */
   DBUG_VOID_RETURN;
 }
 
@@ -1072,9 +1090,10 @@ int Repl_semi_sync_master::reserve_sync_header(String* packet)
 {
   DBUG_ENTER("Repl_semi_sync_master::reserve_sync_header");
 
-  /* Set the magic number and the sync status.  By default, no sync
-   * is required.
-   */
+  /*
+    Set the magic number and the sync status.  By default, no sync
+    is required.
+  */
   packet->append(reinterpret_cast<const char*>(k_sync_header),
                  sizeof(k_sync_header));
   DBUG_RETURN(0);
@@ -1087,7 +1106,6 @@ int Repl_semi_sync_master::update_sync_header(THD* thd, unsigned char *packet,
 {
   int  cmp = 0;
   bool sync = false;
-
   DBUG_ENTER("Repl_semi_sync_master::update_sync_header");
 
   /* If the semi-sync master is not enabled, or the slave is not a semi-sync
@@ -1103,16 +1121,11 @@ int Repl_semi_sync_master::update_sync_header(THD* thd, unsigned char *packet,
 
   /* This is the real check inside the mutex. */
   if (!get_master_enabled())
-  {
-    assert(sync == false);
     goto l_end;
-  }
 
   if (is_on())
   {
     /* semi-sync is ON */
-    sync = false;     /* No sync unless a transaction is involved. */
-
     if (m_reply_file_name_inited)
     {
       cmp = Active_tranx::compare(log_file_name, log_file_pos,
@@ -1126,15 +1139,10 @@ int Repl_semi_sync_master::update_sync_header(THD* thd, unsigned char *packet,
       }
     }
 
+    cmp = 1;
     if (m_wait_file_name_inited)
-    {
       cmp = Active_tranx::compare(log_file_name, log_file_pos,
                                  m_wait_file_name, m_wait_file_pos);
-    }
-    else
-    {
-      cmp = 1;
-    }
 
     /* If we are already waiting for some transaction replies which
      * are later in binlog, do not wait for this one event.
@@ -1144,7 +1152,7 @@ int Repl_semi_sync_master::update_sync_header(THD* thd, unsigned char *packet,
       /*
        * We only wait if the event is a transaction's ending event.
        */
-      assert(m_active_tranxs != NULL);
+      DBUG_ASSERT(m_active_tranxs != NULL);
       sync = m_active_tranxs->is_tranx_end_pos(log_file_name,
                                                log_file_pos);
     }
@@ -1172,13 +1180,12 @@ int Repl_semi_sync_master::update_sync_header(THD* thd, unsigned char *packet,
  l_end:
   unlock();
 
-  /* We do not need to clear sync flag because we set it to 0 when we
-   * reserve the packet header.
-   */
+  /*
+    We do not need to clear sync flag in packet because we set it to 0 when we
+    reserve the packet header.
+  */
   if (sync)
-  {
-    (packet)[2] = k_packet_flag_sync;
-  }
+    packet[2]= k_packet_flag_sync;
 
   DBUG_RETURN(0);
 }
@@ -1225,7 +1232,7 @@ int Repl_semi_sync_master::write_tranx_in_binlog(const char* log_file_name,
 
   if (is_on())
   {
-    assert(m_active_tranxs != NULL);
+    DBUG_ASSERT(m_active_tranxs != NULL);
     if(m_active_tranxs->insert_tranx_node(log_file_name, log_file_pos))
     {
       /*
@@ -1256,7 +1263,7 @@ int Repl_semi_sync_master::flush_net(THD *thd,
 
   DBUG_ENTER("Repl_semi_sync_master::flush_net");
 
-  assert((unsigned char)event_buf[1] == k_packet_magic_num);
+  DBUG_ASSERT((unsigned char)event_buf[1] == k_packet_magic_num);
   if ((unsigned char)event_buf[2] != k_packet_flag_sync)
   {
     /* current event does not require reply */
@@ -1274,6 +1281,11 @@ int Repl_semi_sync_master::flush_net(THD *thd,
     goto l_end;
   }
 
+  /*
+    We have to do a net_clear() as with semi-sync the slave_reply's are
+    interleaved with data from the master and then the net->pkt_nr
+    cannot be kept in sync. Better to start pkt_nr from 0 again.
+  */
   net_clear(net, 0);
   net->pkt_nr++;
   net->compress_pkt_nr++;
@@ -1300,11 +1312,7 @@ int Repl_semi_sync_master::after_reset_master()
 
   lock();
 
-  if (rpl_semi_sync_master_clients == 0 &&
-      !rpl_semi_sync_master_wait_no_slave)
-    m_state = 0;
-  else
-    m_state = get_master_enabled()? 1 : 0;
+  m_state = get_master_enabled() ? 1 : 0;
 
   m_wait_file_name_inited   = false;
   m_reply_file_name_inited  = false;
@@ -1338,18 +1346,6 @@ int Repl_semi_sync_master::before_reset_master()
   DBUG_RETURN(result);
 }
 
-void Repl_semi_sync_master::check_and_switch()
-{
-  lock();
-  if (get_master_enabled() && is_on())
-  {
-    if (!rpl_semi_sync_master_wait_no_slave
-         && rpl_semi_sync_master_clients == 0)
-      switch_off();
-  }
-  unlock();
-}
-
 void Repl_semi_sync_master::set_export_stats()
 {
   lock();
@@ -1363,7 +1359,6 @@ void Repl_semi_sync_master::set_export_stats()
     ((rpl_semi_sync_master_net_wait_num) ?
      (ulong)((double)rpl_semi_sync_master_net_wait_time /
                      ((double)rpl_semi_sync_master_net_wait_num)) : 0);
-
   unlock();
 }
 
diff --git a/sql/semisync_master.h b/sql/semisync_master.h
index 5451ad51..99f46869 100644
--- a/sql/semisync_master.h
+++ b/sql/semisync_master.h
@@ -633,8 +633,6 @@ class Repl_semi_sync_master
   /*called before reset master*/
   int before_reset_master();
 
-  void check_and_switch();
-
   /*
     Determines if the given thread is currently awaiting a semisync_ack. Note
     that the thread's value is protected by this class's LOCK_binlog, so this
diff --git a/sql/semisync_master_ack_receiver.cc b/sql/semisync_master_ack_receiver.cc
index 559f939c..a311599c 100644
--- a/sql/semisync_master_ack_receiver.cc
+++ b/sql/semisync_master_ack_receiver.cc
@@ -24,7 +24,8 @@ extern PSI_cond_key key_COND_ack_receiver;
 #ifdef HAVE_PSI_THREAD_INTERFACE
 extern PSI_thread_key key_thread_ack_receiver;
 #endif
-extern Repl_semi_sync_master repl_semisync;
+
+my_socket global_ack_signal_fd= -1;
 
 /* Callback function of ack receive thread */
 pthread_handler_t ack_receive_handler(void *arg)
@@ -45,6 +46,7 @@ Ack_receiver::Ack_receiver()
   m_status= ST_DOWN;
   mysql_mutex_init(key_LOCK_ack_receiver, &m_mutex, NULL);
   mysql_cond_init(key_COND_ack_receiver, &m_cond, NULL);
+  mysql_cond_init(key_COND_ack_receiver, &m_cond_reply, NULL);
   m_pid= 0;
 
   DBUG_VOID_RETURN;
@@ -57,6 +59,7 @@ void Ack_receiver::cleanup()
   stop();
   mysql_mutex_destroy(&m_mutex);
   mysql_cond_destroy(&m_cond);
+  mysql_cond_destroy(&m_cond_reply);
 
   DBUG_VOID_RETURN;
 }
@@ -104,6 +107,7 @@ void Ack_receiver::stop()
   if (m_status == ST_UP)
   {
     m_status= ST_STOPPING;
+    signal_listener();            // Signal listener thread to stop
     mysql_cond_broadcast(&m_cond);
 
     while (m_status == ST_STOPPING)
@@ -118,6 +122,21 @@ void Ack_receiver::stop()
   DBUG_VOID_RETURN;
 }
 
+#ifndef DBUG_OFF
+void static dbug_verify_no_duplicate_slaves(Slave_ilist *m_slaves, THD *thd)
+{
+  I_List_iterator<Slave> it(*m_slaves);
+  Slave *slave;
+  while ((slave= it++))
+  {
+    DBUG_ASSERT(slave->thd->variables.server_id != thd->variables.server_id);
+  }
+}
+#else
+#define dbug_verify_no_duplicate_slaves(A,B) do {} while(0)
+#endif
+
+
 bool Ack_receiver::add_slave(THD *thd)
 {
   Slave *slave;
@@ -126,17 +145,23 @@ bool Ack_receiver::add_slave(THD *thd)
   if (!(slave= new Slave))
     DBUG_RETURN(true);
 
+  slave->active= 0;
   slave->thd= thd;
   slave->vio= *thd->net.vio;
   slave->vio.mysql_socket.m_psi= NULL;
   slave->vio.read_timeout= 1;
 
   mysql_mutex_lock(&m_mutex);
+
+  dbug_verify_no_duplicate_slaves(&m_slaves, thd);
+
   m_slaves.push_back(slave);
   m_slaves_changed= true;
   mysql_cond_broadcast(&m_cond);
   mysql_mutex_unlock(&m_mutex);
 
+  signal_listener();  // Inform listener that there are new slaves
+
   DBUG_RETURN(false);
 }
 
@@ -144,6 +169,7 @@ void Ack_receiver::remove_slave(THD *thd)
 {
   I_List_iterator<Slave> it(m_slaves);
   Slave *slave;
+  bool slaves_changed= 0;
   DBUG_ENTER("Ack_receiver::remove_slave");
 
   mysql_mutex_lock(&m_mutex);
@@ -153,10 +179,23 @@ void Ack_receiver::remove_slave(THD *thd)
     if (slave->thd == thd)
     {
       delete slave;
-      m_slaves_changed= true;
+      slaves_changed= true;
       break;
     }
   }
+  if (slaves_changed)
+  {
+    m_slaves_changed= true;
+    mysql_cond_broadcast(&m_cond);
+    /*
+      Wait until Ack_receiver::run() acknowledges remove of slave
+      As this is only sent under the mutex and after listners has
+      been collected, we know that listener has ignored the found
+      slave.
+    */
+    if (m_status != ST_DOWN)
+      mysql_cond_wait(&m_cond_reply, &m_mutex);
+  }
   mysql_mutex_unlock(&m_mutex);
 
   DBUG_VOID_RETURN;
@@ -167,10 +206,15 @@ inline void Ack_receiver::set_stage_info(const PSI_stage_info &stage)
   (void)MYSQL_SET_STAGE(stage.m_key, __FILE__, __LINE__);
 }
 
-inline void Ack_receiver::wait_for_slave_connection()
+void Ack_receiver::wait_for_slave_connection(THD *thd)
 {
-  set_stage_info(stage_waiting_for_semi_sync_slave);
-  mysql_cond_wait(&m_cond, &m_mutex);
+  thd->enter_cond(&m_cond, &m_mutex, &stage_waiting_for_semi_sync_slave,
+                  0, __func__, __FILE__, __LINE__);
+
+  while (m_status == ST_UP && m_slaves.is_empty())
+    mysql_cond_wait(&m_cond, &m_mutex);
+
+  thd->exit_cond(0, __func__, __FILE__, __LINE__);
 }
 
 /* Auxilary function to initialize a NET object with given net buffer. */
@@ -188,17 +232,23 @@ void Ack_receiver::run()
   THD *thd= new THD(next_thread_id());
   NET net;
   unsigned char net_buff[REPLY_MESSAGE_MAX_LENGTH];
+  DBUG_ENTER("Ack_receiver::run");
 
   my_thread_init();
 
-  DBUG_ENTER("Ack_receiver::run");
-
 #ifdef HAVE_POLL
   Poll_socket_listener listener(m_slaves);
 #else
   Select_socket_listener listener(m_slaves);
 #endif //HAVE_POLL
 
+  if (listener.got_error())
+  {
+    sql_print_error("Got error %M starting ack receiver thread",
+                    listener.got_error());
+    return;
+  }
+
   sql_print_information("Starting ack receiver thread");
   thd->system_thread= SYSTEM_THREAD_SEMISYNC_MASTER_BACKGROUND;
   thd->thread_stack= (char*) &thd;
@@ -207,64 +257,79 @@ void Ack_receiver::run()
   thd->set_command(COM_DAEMON);
   init_net(&net, net_buff, REPLY_MESSAGE_MAX_LENGTH);
 
-  mysql_mutex_lock(&m_mutex);
+  /*
+    Mark that we have to setup the listener. Note that only this functions can
+    set m_slaves_changed to false
+  */
   m_slaves_changed= true;
-  mysql_mutex_unlock(&m_mutex);
 
   while (1)
   {
-    int ret;
-    uint slave_count __attribute__((unused))= 0;
+    int ret, slave_count= 0;
     Slave *slave;
 
     mysql_mutex_lock(&m_mutex);
-    if (unlikely(m_status == ST_STOPPING))
+    if (unlikely(m_status != ST_UP))
       goto end;
 
-    set_stage_info(stage_waiting_for_semi_sync_ack_from_slave);
     if (unlikely(m_slaves_changed))
     {
       if (unlikely(m_slaves.is_empty()))
       {
-        wait_for_slave_connection();
-        mysql_mutex_unlock(&m_mutex);
+        m_slaves_changed= false;
+        mysql_cond_broadcast(&m_cond_reply);      // Signal remove_slave
+        wait_for_slave_connection(thd);
+        /* Wait for slave unlocks m_mutex */
         continue;
       }
 
+      set_stage_info(stage_waiting_for_semi_sync_ack_from_slave);
       if ((slave_count= listener.init_slave_sockets()) == 0)
+      {
+        mysql_mutex_unlock(&m_mutex);
+        m_slaves_changed= true;
+        continue;                               // Retry
+      }
+      if (slave_count < 0)
         goto end;
       m_slaves_changed= false;
+      mysql_cond_broadcast(&m_cond_reply);      // Signal remove_slave
+    }
+
 #ifdef HAVE_POLL
       DBUG_PRINT("info", ("fd count %u", slave_count));
 #else     
       DBUG_PRINT("info", ("fd count %u, max_fd %d", slave_count,
                           (int) listener.get_max_fd()));
 #endif
-    }
 
+    mysql_mutex_unlock(&m_mutex);
     ret= listener.listen_on_sockets();
+
     if (ret <= 0)
     {
-      mysql_mutex_unlock(&m_mutex);
 
       ret= DBUG_IF("rpl_semisync_simulate_select_error") ? -1 : ret;
 
       if (ret == -1 && errno != EINTR)
         sql_print_information("Failed to wait on semi-sync sockets, "
                               "error: errno=%d", socket_errno);
-      /* Sleep 1us, so other threads can catch the m_mutex easily. */
-      my_sleep(1);
       continue;
     }
 
+    listener.clear_signal();
+    mysql_mutex_lock(&m_mutex);
     set_stage_info(stage_reading_semi_sync_ack);
     Slave_ilist_iterator it(m_slaves);
     while ((slave= it++))
     {
-      if (listener.is_socket_active(slave))
+      if (slave->active &&
+          ((slave->vio.read_pos < slave->vio.read_end) ||
+           listener.is_socket_active(slave)))
       {
         ulong len;
 
+        /* Semi-sync packets will always be sent with pkt_nr == 1 */
         net_clear(&net, 0);
         net.vio= &slave->vio;
         /*
@@ -275,29 +340,42 @@ void Ack_receiver::run()
 
         len= my_net_read(&net);
         if (likely(len != packet_error))
-          repl_semisync_master.report_reply_packet(slave->server_id(),
-                                                   net.read_pos, len);
-        else
         {
-          if (net.last_errno == ER_NET_READ_ERROR)
+          int res;
+          res= repl_semisync_master.report_reply_packet(slave->server_id(),
+                                                        net.read_pos, len);
+          if (unlikely(res < 0))
           {
-            listener.clear_socket_info(slave);
+            /*
+              Slave has sent COM_QUIT or other failure.
+              Delete it from listener
+            */
+            it.remove();
+            m_slaves_changed= true;
           }
+        }
+        else if (net.last_errno == ER_NET_READ_ERROR)
+        {
           if (net.last_errno > 0 && global_system_variables.log_warnings > 2)
             sql_print_warning("Semisync ack receiver got error %d \"%s\" "
                               "from slave server-id %d",
                               net.last_errno, ER_DEFAULT(net.last_errno),
                               slave->server_id());
+          it.remove();
+          m_slaves_changed= true;
         }
       }
     }
     mysql_mutex_unlock(&m_mutex);
   }
+
 end:
   sql_print_information("Stopping ack receiver thread");
   m_status= ST_DOWN;
-  delete thd;
   mysql_cond_broadcast(&m_cond);
+  mysql_cond_broadcast(&m_cond_reply);
   mysql_mutex_unlock(&m_mutex);
+
+  delete thd;
   DBUG_VOID_RETURN;
 }
diff --git a/sql/semisync_master_ack_receiver.h b/sql/semisync_master_ack_receiver.h
index d869bd2e..eacb4b20 100644
--- a/sql/semisync_master_ack_receiver.h
+++ b/sql/semisync_master_ack_receiver.h
@@ -20,6 +20,7 @@
 #include "my_pthread.h"
 #include "sql_class.h"
 #include "semisync.h"
+#include "socketpair.h"
 #include <vector>
 
 struct Slave :public ilink
@@ -29,6 +30,7 @@ struct Slave :public ilink
 #ifdef HAVE_POLL
   uint m_fds_index;
 #endif
+  bool active;
   my_socket sock_fd() const { return vio.mysql_socket.fd; }
   uint server_id() const { return thd->variables.server_id; }
 };
@@ -46,6 +48,7 @@ typedef I_List_iterator<Slave> Slave_ilist_iterator;
   add_slave: maintain a new semisync slave's information
   remove_slave: remove a semisync slave's information
  */
+
 class Ack_receiver : public Repl_semi_sync_base
 {
 public:
@@ -96,15 +99,20 @@ public:
   {
     m_trace_level= trace_level;
   }
+  bool running()
+  {
+    return m_status != ST_DOWN;
+  }
+
 private:
   enum status {ST_UP, ST_DOWN, ST_STOPPING};
-  uint8 m_status;
+  enum status m_status;
   /*
     Protect m_status, m_slaves_changed and m_slaves. ack thread and other
     session may access the variables at the same time.
   */
   mysql_mutex_t m_mutex;
-  mysql_cond_t m_cond;
+  mysql_cond_t m_cond, m_cond_reply;
   /* If slave list is updated(add or remove). */
   bool m_slaves_changed;
 
@@ -116,25 +124,103 @@ private:
   Ack_receiver& operator=(const Ack_receiver &ack_receiver);
 
   void set_stage_info(const PSI_stage_info &stage);
-  void wait_for_slave_connection();
+  void wait_for_slave_connection(THD *thd);
 };
 
 
+extern my_socket global_ack_signal_fd;
+
+class Ack_listener
+{
+public:
+  my_socket local_read_signal;
+  const Slave_ilist &m_slaves;
+  int error;
+
+  Ack_listener(const Slave_ilist &slaves)
+    :local_read_signal(-1), m_slaves(slaves), error(0)
+  {
+    my_socket pipes[2];
+#ifdef _WIN32
+    error= create_socketpair(pipes);
+#else
+    if (!pipe(pipes))
+    {
+      fcntl(pipes[0], F_SETFL, O_NONBLOCK);
+      fcntl(pipes[1], F_SETFL, O_NONBLOCK);
+    }
+    else
+    {
+      pipes[0]= pipes[1]= -1;
+    }
+#endif /* _WIN32 */
+    local_read_signal= pipes[0];
+    global_ack_signal_fd= pipes[1];
+  }
+
+  virtual ~Ack_listener()
+  {
+#ifdef _WIN32
+    my_socket pipes[2];
+    pipes[0]= local_read_signal;
+    pipes[1]= global_ack_signal_fd;
+    close_socketpair(pipes);
+#else
+    if (global_ack_signal_fd >= 0)
+      close(global_ack_signal_fd);
+    if (local_read_signal >= 0)
+      close(local_read_signal);
+#endif /* _WIN32 */
+    global_ack_signal_fd= local_read_signal= -1;
+  }
+
+  int got_error()  { return error; }
+
+  virtual bool has_signal_data()= 0;
+
+  /* Clear data sent by signal_listener() to abort read */
+  void clear_signal()
+  {
+    if (has_signal_data())
+    {
+      char buff[100];
+      /* Clear the signal message */
+#ifndef _WIN32
+      read(local_read_signal, buff, sizeof(buff));
+#else
+      recv(local_read_signal, buff, sizeof(buff), 0);
+#endif /* _WIN32 */
+    }
+  }
+};
+
+static inline void signal_listener()
+{
+#ifndef _WIN32
+  my_write(global_ack_signal_fd, (uchar*) "a", 1, MYF(0));
+#else
+  send(global_ack_signal_fd, "a", 1, 0);
+#endif /* _WIN32 */
+}
+
 #ifdef HAVE_POLL
 #include <sys/poll.h>
-#include <vector>
 
-class Poll_socket_listener
+class Poll_socket_listener final : public Ack_listener
 {
+private:
+  std::vector<pollfd> m_fds;
+
 public:
   Poll_socket_listener(const Slave_ilist &slaves)
-    :m_slaves(slaves)
-  {
-  }
+    :Ack_listener(slaves)
+  {}
+
+  virtual ~Poll_socket_listener() = default;
 
   bool listen_on_sockets()
   {
-    return poll(m_fds.data(), m_fds.size(), 1000 /*1 Second timeout*/);
+    return poll(m_fds.data(), m_fds.size(), -1);
   }
 
   bool is_socket_active(const Slave *slave)
@@ -148,15 +234,29 @@ public:
     m_fds[slave->m_fds_index].events= 0;
   }
 
-  uint init_slave_sockets()
+  bool has_signal_data() override
+  {
+    /* The signal fd is always first */
+    return (m_fds[0].revents & POLLIN);
+  }
+
+  int init_slave_sockets()
   {
     Slave_ilist_iterator it(const_cast<Slave_ilist&>(m_slaves));
     Slave *slave;
     uint fds_index= 0;
+    pollfd poll_fd;
 
     m_fds.clear();
+    /* First put in the signal socket */
+    poll_fd.fd= local_read_signal;
+    poll_fd.events= POLLIN;
+    m_fds.push_back(poll_fd);
+    fds_index++;
+
     while ((slave= it++))
     {
+      slave->active= 1;
       pollfd poll_fd;
       poll_fd.fd= slave->sock_fd();
       poll_fd.events= POLLIN;
@@ -165,29 +265,30 @@ public:
     }
     return fds_index;
   }
-
-private:
-  const Slave_ilist &m_slaves;
-  std::vector<pollfd> m_fds;
 };
 
 #else //NO POLL
 
-class Select_socket_listener
+class Select_socket_listener final : public Ack_listener
 {
+private:
+  my_socket m_max_fd;
+  fd_set m_init_fds;
+  fd_set m_fds;
+
 public:
   Select_socket_listener(const Slave_ilist &slaves)
-    :m_slaves(slaves), m_max_fd(INVALID_SOCKET)
-  {
-  }
+    :Ack_listener(slaves), m_max_fd(INVALID_SOCKET)
+  {}
+
+  virtual ~Select_socket_listener() = default;
 
   bool listen_on_sockets()
   {
     /* Reinitialize the fds with active fds before calling select */
     m_fds= m_init_fds;
-    struct timeval tv= {1,0};
     /* select requires max fd + 1 for the first argument */
-    return select((int) m_max_fd+1, &m_fds, NULL, NULL, &tv);
+    return select((int) m_max_fd+1, &m_fds, NULL, NULL, NULL);
   }
 
   bool is_socket_active(const Slave *slave)
@@ -195,43 +296,61 @@ public:
     return FD_ISSET(slave->sock_fd(), &m_fds);
   }
 
+  bool has_signal_data() override
+  {
+    return FD_ISSET(local_read_signal, &m_fds);
+  }
+
   void clear_socket_info(const Slave *slave)
   {
     FD_CLR(slave->sock_fd(), &m_init_fds);
   }
 
-  uint init_slave_sockets()
+  int init_slave_sockets()
   {
     Slave_ilist_iterator it(const_cast<Slave_ilist&>(m_slaves));
     Slave *slave;
     uint fds_index= 0;
 
     FD_ZERO(&m_init_fds);
+    m_max_fd= -1;
+
+    /* First put in the signal socket */
+    FD_SET(local_read_signal, &m_init_fds);
+    fds_index++;
+    set_if_bigger(m_max_fd, local_read_signal);
+#ifndef _WIN32
+    if (local_read_signal > FD_SETSIZE)
+    {
+      int socket_id= local_read_signal;
+      sql_print_error("Semisync slave socket fd is %u. "
+                      "select() cannot handle if the socket fd is "
+                      "greater than %u (FD_SETSIZE).", socket_id, FD_SETSIZE);
+      return -1;
+    }
+#endif
+
     while ((slave= it++))
     {
       my_socket socket_id= slave->sock_fd();
-      m_max_fd= (socket_id > m_max_fd ? socket_id : m_max_fd);
+      set_if_bigger(m_max_fd, socket_id);
 #ifndef _WIN32
       if (socket_id > FD_SETSIZE)
       {
         sql_print_error("Semisync slave socket fd is %u. "
                         "select() cannot handle if the socket fd is "
                         "greater than %u (FD_SETSIZE).", socket_id, FD_SETSIZE);
-        return 0;
+        it.remove();
+        continue;
       }
 #endif //_WIN32
       FD_SET(socket_id, &m_init_fds);
       fds_index++;
+      slave->active= 1;
     }
     return fds_index;
   }
   my_socket get_max_fd() { return m_max_fd; }
-
-private:
-  const Slave_ilist &m_slaves;
-  my_socket m_max_fd;
-  fd_set m_init_fds;
-  fd_set m_fds;
 };
 
 #endif //HAVE_POLL
diff --git a/sql/semisync_slave.cc b/sql/semisync_slave.cc
index 788aab78..4314b116 100644
--- a/sql/semisync_slave.cc
+++ b/sql/semisync_slave.cc
@@ -20,20 +20,9 @@
 
 Repl_semi_sync_slave repl_semisync_slave;
 
-my_bool rpl_semi_sync_slave_enabled= 0;
-
+my_bool global_rpl_semi_sync_slave_enabled= 0;
 char rpl_semi_sync_slave_delay_master;
-my_bool rpl_semi_sync_slave_status= 0;
 ulong rpl_semi_sync_slave_trace_level;
-
-/*
-  indicate whether or not the slave should send a reply to the master.
-
-  This is set to true in repl_semi_slave_read_event if the current
-  event read is the last event of a transaction. And the value is
-  checked in repl_semi_slave_queue_event.
-*/
-bool semi_sync_need_reply= false;
 unsigned int rpl_semi_sync_slave_kill_conn_timeout;
 unsigned long long rpl_semi_sync_slave_send_ack = 0;
 
@@ -44,14 +33,26 @@ int Repl_semi_sync_slave::init_object()
   m_init_done = true;
 
   /* References to the parameter works after set_options(). */
-  set_slave_enabled(rpl_semi_sync_slave_enabled);
+  set_slave_enabled(global_rpl_semi_sync_slave_enabled);
   set_trace_level(rpl_semi_sync_slave_trace_level);
   set_delay_master(rpl_semi_sync_slave_delay_master);
   set_kill_conn_timeout(rpl_semi_sync_slave_kill_conn_timeout);
-
   return result;
 }
 
+static bool local_semi_sync_enabled;
+
+int rpl_semi_sync_enabled(THD *thd, SHOW_VAR *var, void *buff,
+                          system_status_var *status_var,
+                          enum_var_type scope)
+{
+  local_semi_sync_enabled= repl_semisync_slave.get_slave_enabled();
+  var->type= SHOW_BOOL;
+  var->value= (char*) &local_semi_sync_enabled;
+  return 0;
+}
+
+
 int Repl_semi_sync_slave::slave_read_sync_header(const uchar *header,
                                                  unsigned long total_len,
                                                  int  *semi_flags,
@@ -61,12 +62,12 @@ int Repl_semi_sync_slave::slave_read_sync_header(const uchar *header,
   int read_res = 0;
   DBUG_ENTER("Repl_semi_sync_slave::slave_read_sync_header");
 
-  if (rpl_semi_sync_slave_status)
+  if (get_slave_enabled())
   {
     if (!DBUG_IF("semislave_corrupt_log")
         && header[0] == k_packet_magic_num)
     {
-      semi_sync_need_reply  = (header[1] & k_packet_flag_sync);
+      bool semi_sync_need_reply  = (header[1] & k_packet_flag_sync);
       *payload_len = total_len - 2;
       *payload     = header + 2;
 
@@ -85,7 +86,9 @@ int Repl_semi_sync_slave::slave_read_sync_header(const uchar *header,
                       "len: %lu", total_len);
       read_res = -1;
     }
-  } else {
+  }
+  else
+  {
     *payload= header;
     *payload_len= total_len;
   }
@@ -93,9 +96,23 @@ int Repl_semi_sync_slave::slave_read_sync_header(const uchar *header,
   DBUG_RETURN(read_res);
 }
 
-int Repl_semi_sync_slave::slave_start(Master_info *mi)
+/*
+  Set default semisync variables and print some replication info to the log
+
+  Note that the main setup is done in request_transmit()
+*/
+
+void Repl_semi_sync_slave::slave_start(Master_info *mi)
 {
-  bool semi_sync= get_slave_enabled();
+
+  /*
+    Set semi_sync_enabled at slave start. This is not changed until next
+    slave start or reconnect.
+  */
+  bool semi_sync= global_rpl_semi_sync_slave_enabled;
+
+  set_slave_enabled(semi_sync);
+  mi->semi_sync_reply_enabled= 0;
 
   sql_print_information("Slave I/O thread: Start %s replication to\
  master '%s@%s:%d' in log '%s' at position %lu",
@@ -104,30 +121,29 @@ int Repl_semi_sync_slave::slave_start(Master_info *mi)
 			const_cast<char *>(mi->master_log_name),
                         (unsigned long)(mi->master_log_pos));
 
-  if (semi_sync && !rpl_semi_sync_slave_status)
-    rpl_semi_sync_slave_status= 1;
-
   /*clear the counter*/
   rpl_semi_sync_slave_send_ack= 0;
-  return 0;
 }
 
-int Repl_semi_sync_slave::slave_stop(Master_info *mi)
+void Repl_semi_sync_slave::slave_stop(Master_info *mi)
 {
   if (get_slave_enabled())
     kill_connection(mi->mysql);
 
-  if (rpl_semi_sync_slave_status)
-    rpl_semi_sync_slave_status= 0;
-
-  return 0;
+  set_slave_enabled(0);
 }
 
-int Repl_semi_sync_slave::reset_slave(Master_info *mi)
+void Repl_semi_sync_slave::slave_reconnect(Master_info *mi)
 {
-  return 0;
+  /*
+    Start semi-sync either if it globally enabled or if was enabled
+    before the reconnect.
+  */
+  if (global_rpl_semi_sync_slave_enabled || get_slave_enabled())
+    slave_start(mi);
 }
 
+
 void Repl_semi_sync_slave::kill_connection(MYSQL *mysql)
 {
   if (!mysql)
@@ -194,33 +210,43 @@ int Repl_semi_sync_slave::request_transmit(Master_info *mi)
       !(res= mysql_store_result(mysql)))
   {
     sql_print_error("Execution failed on master: %s, error :%s", query, mysql_error(mysql));
+    set_slave_enabled(0);
     return 1;
   }
 
   row= mysql_fetch_row(res);
-  if (DBUG_IF("master_not_support_semisync") || !row)
+  if (DBUG_IF("master_not_support_semisync") || (!row || ! row[1]))
   {
     /* Master does not support semi-sync */
-    sql_print_warning("Master server does not support semi-sync, "
-                      "fallback to asynchronous replication");
-    rpl_semi_sync_slave_status= 0;
+    if (!row)
+      sql_print_warning("Master server does not support semi-sync, "
+                        "fallback to asynchronous replication");
+    set_slave_enabled(0);
     mysql_free_result(res);
     return 0;
   }
+  if (strcmp(row[1], "ON"))
+    sql_print_information("Slave has semi-sync enabled but master server does "
+                          "not. Semi-sync will be activated when master "
+                          "enables it");
   mysql_free_result(res);
 
   /*
    Tell master dump thread that we want to do semi-sync
-   replication
+   replication. This is done by setting a thread local variable in
+   the master connection.
   */
   query= "SET @rpl_semi_sync_slave= 1";
   if (mysql_real_query(mysql, query, (ulong)strlen(query)))
   {
-    sql_print_error("Set 'rpl_semi_sync_slave=1' on master failed");
+    sql_print_error("%s on master failed", query);
+    set_slave_enabled(0);
     return 1;
   }
+  mi->semi_sync_reply_enabled= 1;
+  /* Inform net_server that pkt_nr can come out of order */
+  mi->mysql->net.pkt_nr_can_be_reset= 1;
   mysql_free_result(mysql_store_result(mysql));
-  rpl_semi_sync_slave_status= 1;
 
   return 0;
 }
@@ -230,46 +256,40 @@ int Repl_semi_sync_slave::slave_reply(Master_info *mi)
   MYSQL* mysql= mi->mysql;
   const char *binlog_filename= const_cast<char *>(mi->master_log_name);
   my_off_t binlog_filepos= mi->master_log_pos;
-
   NET *net= &mysql->net;
   uchar reply_buffer[REPLY_MAGIC_NUM_LEN
                      + REPLY_BINLOG_POS_LEN
                      + REPLY_BINLOG_NAME_LEN];
   int reply_res = 0;
   size_t name_len = strlen(binlog_filename);
-
   DBUG_ENTER("Repl_semi_sync_slave::slave_reply");
+  DBUG_ASSERT(get_slave_enabled() && mi->semi_sync_reply_enabled);
 
-  if (rpl_semi_sync_slave_status && semi_sync_need_reply)
+  /* Prepare the buffer of the reply. */
+  reply_buffer[REPLY_MAGIC_NUM_OFFSET] = k_packet_magic_num;
+  int8store(reply_buffer + REPLY_BINLOG_POS_OFFSET, binlog_filepos);
+  memcpy(reply_buffer + REPLY_BINLOG_NAME_OFFSET,
+         binlog_filename,
+         name_len + 1 /* including trailing '\0' */);
+
+  DBUG_PRINT("semisync", ("%s: reply (%s, %lu)",
+                          "Repl_semi_sync_slave::slave_reply",
+                          binlog_filename, (ulong)binlog_filepos));
+
+  /*
+    We have to do a net_clear() as with semi-sync the slave_reply's are
+    interleaved with data from the master and then the net->pkt_nr
+    cannot be kept in sync. Better to start pkt_nr from 0 again.
+  */
+  net_clear(net, 0);
+  /* Send the reply. */
+  reply_res = my_net_write(net, reply_buffer,
+                           name_len + REPLY_BINLOG_NAME_OFFSET);
+  if (!reply_res)
   {
-    /* Prepare the buffer of the reply. */
-    reply_buffer[REPLY_MAGIC_NUM_OFFSET] = k_packet_magic_num;
-    int8store(reply_buffer + REPLY_BINLOG_POS_OFFSET, binlog_filepos);
-    memcpy(reply_buffer + REPLY_BINLOG_NAME_OFFSET,
-           binlog_filename,
-           name_len + 1 /* including trailing '\0' */);
-
-    DBUG_PRINT("semisync", ("%s: reply (%s, %lu)",
-                            "Repl_semi_sync_slave::slave_reply",
-                            binlog_filename, (ulong)binlog_filepos));
-
-    net_clear(net, 0);
-    /* Send the reply. */
-    reply_res = my_net_write(net, reply_buffer,
-                             name_len + REPLY_BINLOG_NAME_OFFSET);
+    reply_res= DBUG_IF("semislave_failed_net_flush") || net_flush(net);
     if (!reply_res)
-    {
-      reply_res = (DBUG_IF("semislave_failed_net_flush") || net_flush(net));
-      if (reply_res)
-        sql_print_error("Semi-sync slave net_flush() reply failed");
       rpl_semi_sync_slave_send_ack++;
-    }
-    else
-    {
-      sql_print_error("Semi-sync slave send reply failed: %s (%d)",
-                      net->last_error, net->last_errno);
-    }
   }
-
   DBUG_RETURN(reply_res);
 }
diff --git a/sql/semisync_slave.h b/sql/semisync_slave.h
index a8229245..6811584c 100644
--- a/sql/semisync_slave.h
+++ b/sql/semisync_slave.h
@@ -33,7 +33,7 @@ class Master_info;
 class Repl_semi_sync_slave
   :public Repl_semi_sync_base {
 public:
- Repl_semi_sync_slave() :m_slave_enabled(false) {}
+  Repl_semi_sync_slave() :m_slave_enabled(false) {}
   ~Repl_semi_sync_slave() = default;
 
   void set_trace_level(unsigned long trace_level) {
@@ -45,7 +45,7 @@ public:
    */
   int init_object();
 
-  bool get_slave_enabled() {
+  inline bool get_slave_enabled() {
     return m_slave_enabled;
   }
 
@@ -53,7 +53,7 @@ public:
     m_slave_enabled = enabled;
   }
 
-  bool is_delay_master(){
+  inline bool is_delay_master(){
     return m_delay_master;
   }
 
@@ -88,24 +88,23 @@ public:
    * binlog position.
    */
   int slave_reply(Master_info* mi);
-  int slave_start(Master_info *mi);
-  int slave_stop(Master_info *mi);
-  int request_transmit(Master_info*);
+  void slave_start(Master_info *mi);
+  void slave_stop(Master_info *mi);
+  void slave_reconnect(Master_info *mi);
+  int request_transmit(Master_info *mi);
   void kill_connection(MYSQL *mysql);
-  int reset_slave(Master_info *mi);
 
 private:
   /* True when init_object has been called */
   bool m_init_done;
-  bool m_slave_enabled;        /* semi-sycn is enabled on the slave */
+  bool m_slave_enabled;        /* semi-sync is enabled on the slave */
   bool m_delay_master;
   unsigned int m_kill_conn_timeout;
 };
 
 
 /* System and status variables for the slave component */
-extern my_bool rpl_semi_sync_slave_enabled;
-extern my_bool rpl_semi_sync_slave_status;
+extern my_bool global_rpl_semi_sync_slave_enabled;
 extern ulong rpl_semi_sync_slave_trace_level;
 extern Repl_semi_sync_slave repl_semisync_slave;
 
@@ -113,4 +112,7 @@ extern char rpl_semi_sync_slave_delay_master;
 extern unsigned int rpl_semi_sync_slave_kill_conn_timeout;
 extern unsigned long long rpl_semi_sync_slave_send_ack;
 
+extern int rpl_semi_sync_enabled(THD *thd, SHOW_VAR *var, void *buff,
+                                 system_status_var *status_var,
+                                 enum_var_type scope);
 #endif /* SEMISYNC_SLAVE_H */
diff --git a/sql/service_wsrep.cc b/sql/service_wsrep.cc
index e1a4a25b..17240fd4 100644
--- a/sql/service_wsrep.cc
+++ b/sql/service_wsrep.cc
@@ -395,17 +395,9 @@ extern "C" void  wsrep_thd_set_PA_unsafe(THD *thd)
   }
 }
 
-extern "C" int wsrep_thd_append_table_key(MYSQL_THD thd,
-                                    const char* db,
-                                    const char* table,
-                                    enum Wsrep_service_key_type key_type)
+extern "C" uint32 wsrep_get_domain_id()
 {
-  wsrep_key_arr_t key_arr = {0, 0};
-  int ret = wsrep_prepare_keys_for_isolation(thd, db, table, NULL, &key_arr);
-  ret = ret || wsrep_thd_append_key(thd, key_arr.keys,
-                                    (int)key_arr.keys_len, key_type);
-  wsrep_keys_free(&key_arr);
-  return ret;
+  return wsrep_gtid_domain_id;
 }
 
 extern "C" my_bool wsrep_thd_is_local_transaction(const THD *thd)
@@ -413,4 +405,3 @@ extern "C" my_bool wsrep_thd_is_local_transaction(const THD *thd)
   return (wsrep_thd_is_local(thd) &&
 	  thd->wsrep_cs().transaction().active());
 }
-
diff --git a/sql/slave.cc b/sql/slave.cc
index e781c461..27721e1b 100644
--- a/sql/slave.cc
+++ b/sql/slave.cc
@@ -46,7 +46,7 @@
 #include <signal.h>
 #include <mysql.h>
 #include <myisam.h>
-
+#include "debug_sync.h"                         // debug_sync_set_action
 #include "sql_base.h"                           // close_thread_tables
 #include "tztime.h"                             // struct Time_zone
 #include "log_event.h"                          // Rotate_log_event,
@@ -63,7 +63,6 @@ Master_info_index *master_info_index;
 #ifdef HAVE_REPLICATION
 
 #include "rpl_tblmap.h"
-#include "debug_sync.h"
 #include "rpl_parallel.h"
 #include "sql_show.h"
 #include "semisync_slave.h"
@@ -3200,6 +3199,14 @@ static bool send_show_master_info_data(THD *thd, Master_info *mi, bool full,
     mysql_mutex_lock(&mi->err_lock);
     /* err_lock is to protect mi->rli.last_error() */
     mysql_mutex_lock(&mi->rli.err_lock);
+
+    DBUG_EXECUTE_IF("hold_sss_with_err_lock", {
+      DBUG_ASSERT(!debug_sync_set_action(
+          thd, STRING_WITH_LEN("now SIGNAL sss_got_err_lock "
+                               "WAIT_FOR sss_continue")));
+      DBUG_SET("-d,hold_sss_with_err_lock");
+    });
+
     protocol->store_string_or_null(mi->host, &my_charset_bin);
     protocol->store_string_or_null(mi->user, &my_charset_bin);
     protocol->store((uint32) mi->port);
@@ -3279,7 +3286,8 @@ static bool send_show_master_info_data(THD *thd, Master_info *mi, bool full,
           while the slave is processing ignored events, such as those skipped
           due to slave_skip_counter.
         */
-        if (mi->using_parallel() && idle && !mi->rli.parallel.workers_idle())
+        if (mi->using_parallel() && idle &&
+            !rpl_parallel::workers_idle(&mi->rli))
           idle= false;
       }
       if (idle)
@@ -4446,6 +4454,15 @@ static int exec_relay_log_event(THD* thd, Relay_log_info* rli,
     {
       Gtid_log_event *gev= static_cast<Gtid_log_event *>(ev);
 
+#ifdef ENABLED_DEBUG_SYNC
+    DBUG_EXECUTE_IF(
+        "pause_sql_thread_on_relay_fde_after_trans",
+        {
+          DBUG_SET("-d,pause_sql_thread_on_relay_fde_after_trans");
+          DBUG_SET("+d,pause_sql_thread_on_next_relay_fde");
+        });
+#endif
+
       /*
         For GTID, allocate a new sub_id for the given domain_id.
         The sub_id must be allocated in increasing order of binlog order.
@@ -4598,12 +4615,14 @@ static int exec_relay_log_event(THD* thd, Relay_log_info* rli,
 #endif /* WITH_WSREP */
 #ifdef ENABLED_DEBUG_SYNC
     DBUG_EXECUTE_IF(
-        "pause_sql_thread_on_fde",
-        if (ev && typ == FORMAT_DESCRIPTION_EVENT) {
+        "pause_sql_thread_on_next_relay_fde",
+        if (ev && typ == FORMAT_DESCRIPTION_EVENT &&
+            ((Format_description_log_event *) ev)->is_relay_log_event()) {
           DBUG_ASSERT(!debug_sync_set_action(
               thd,
               STRING_WITH_LEN(
                   "now SIGNAL paused_on_fde WAIT_FOR sql_thread_continue")));
+          DBUG_SET("-d,pause_sql_thread_on_next_relay_fde");
         });
 #endif
 
@@ -4720,6 +4739,7 @@ static int try_to_reconnect(THD *thd, MYSQL *mysql, Master_info *mi,
       sql_print_information("%s", messages[SLAVE_RECON_MSG_KILLED_AFTER]);
     return 1;
   }
+  repl_semisync_slave.slave_reconnect(mi);
   return 0;
 }
 
@@ -4808,14 +4828,7 @@ pthread_handler_t handle_slave_io(void *arg)
   }
 
   thd->variables.wsrep_on= 0;
-  if (DBUG_IF("failed_slave_start")
-      || repl_semisync_slave.slave_start(mi))
-  {
-    mi->report(ERROR_LEVEL, ER_SLAVE_FATAL_ERROR, NULL,
-               ER_THD(thd, ER_SLAVE_FATAL_ERROR),
-               "Failed to run 'thread_start' hook");
-    goto err;
-  }
+  repl_semisync_slave.slave_start(mi);
 
   if (!(mi->mysql = mysql = mysql_init(NULL)))
   {
@@ -4909,6 +4922,7 @@ connected:
     if (try_to_reconnect(thd, mysql, mi, &retry_count, suppress_warnings,
                              reconnect_messages[SLAVE_RECON_ACT_REG]))
       goto err;
+
     goto connected;
   } 
 
@@ -4932,7 +4946,13 @@ connected:
         goto err;
       goto connected;
     }
-    DBUG_EXECUTE_IF("fail_com_register_slave", goto err;);
+    DBUG_EXECUTE_IF("fail_com_register_slave",
+                    {
+                      mi->report(ERROR_LEVEL, ER_SLAVE_MASTER_COM_FAILURE, NULL,
+                      ER(ER_SLAVE_MASTER_COM_FAILURE), "COM_REGISTER_SLAVE",
+                      "Debug Induced Error");
+                      goto err;
+                    });
   }
 
   DBUG_PRINT("info",("Starting reading binary log from master"));
@@ -4966,6 +4986,15 @@ connected:
          we're in fact receiving nothing.
       */
       THD_STAGE_INFO(thd, stage_waiting_for_master_to_send_event);
+
+#ifdef ENABLED_DEBUG_SYNC
+      DBUG_EXECUTE_IF("pause_before_io_read_event",
+                      {
+                        DBUG_ASSERT(!debug_sync_set_action( thd, STRING_WITH_LEN(
+     "now signal io_thread_at_read_event wait_for io_thread_continue_read_event")));
+                        DBUG_SET("-d,pause_before_io_read_event");
+                      };);
+#endif
       event_len= read_event(mysql, mi, &suppress_warnings, &network_read_len);
       if (check_io_slave_killed(mi, NullS))
         goto err;
@@ -5065,17 +5094,36 @@ Stopping slave I/O thread due to out-of-memory error from master");
         goto err;
       }
 
-      if (rpl_semi_sync_slave_status && (mi->semi_ack & SEMI_SYNC_NEED_ACK))
+      if (repl_semisync_slave.get_slave_enabled() &&
+          mi->semi_sync_reply_enabled &&
+          (mi->semi_ack & SEMI_SYNC_NEED_ACK))
       {
-        /*
-          We deliberately ignore the error in slave_reply, such error should
-          not cause the slave IO thread to stop, and the error messages are
-          already reported.
-        */
-        DBUG_EXECUTE_IF("simulate_delay_semisync_slave_reply", my_sleep(800000););
-        (void)repl_semisync_slave.slave_reply(mi);
+        DBUG_EXECUTE_IF("simulate_delay_semisync_slave_reply",
+                        my_sleep(800000););
+        if (repl_semisync_slave.slave_reply(mi))
+        {
+          /*
+            Master is not responding (gone away?) or it has turned semi sync
+            off. Turning off semi-sync responses as there is no point in sending
+            data to the master if the master not receiving the messages.
+            This also stops the logs from getting filled with
+            "Semi-sync slave net_flush() reply failed" messages.
+            On reconnect semi sync will be turned on again, if the
+            master has semi-sync enabled.
+
+            We check mi->abort_slave to see if the io thread was
+            killed and in this case we do not need an error message as
+            we know what is going on.
+           */
+          if (!mi->abort_slave)
+            sql_print_error("Master server does not read semi-sync messages "
+                            "last_error: %s (%d). "
+                            "Fallback to asynchronous replication",
+                            mi->mysql->net.last_error,
+                            mi->mysql->net.last_errno);
+          mi->semi_sync_reply_enabled= 0;
+        }
       }
-
       if (mi->using_gtid == Master_info::USE_GTID_NO &&
           /*
             If rpl_semi_sync_slave_delay_master is enabled, we will flush
@@ -5513,19 +5561,25 @@ pthread_handler_t handle_slave_sql(void *arg)
   }
   else
     rli->gtid_skip_flag = GTID_SKIP_NOT;
+  mysql_mutex_lock(&rli->data_lock);
   if (init_relay_log_pos(rli,
                          rli->group_relay_log_name,
                          rli->group_relay_log_pos,
-                         1 /*need data lock*/, &errmsg,
+                         0 /*need data lock*/, &errmsg,
                          1 /*look for a description_event*/))
   { 
     rli->report(ERROR_LEVEL, ER_SLAVE_FATAL_ERROR, NULL,
                 "Error initializing relay log position: %s", errmsg);
+    mysql_mutex_unlock(&rli->data_lock);
     goto err_before_start;
   }
   rli->reset_inuse_relaylog();
   if (rli->alloc_inuse_relaylog(rli->group_relay_log_name))
+  {
+    mysql_mutex_unlock(&rli->data_lock);
     goto err_before_start;
+  }
+  mysql_mutex_unlock(&rli->data_lock);
 
   strcpy(rli->future_event_master_log_name, rli->group_master_log_name);
   THD_CHECK_SENTRY(thd);
@@ -6948,7 +7002,7 @@ dbug_gtid_accept:
     */
     mi->do_accept_own_server_id=
       (s_id == global_system_variables.server_id &&
-       rpl_semi_sync_slave_enabled && opt_gtid_strict_mode &&
+       repl_semisync_slave.get_slave_enabled() && opt_gtid_strict_mode &&
        mi->using_gtid != Master_info::USE_GTID_NO &&
         !mysql_bin_log.check_strict_gtid_sequence(event_gtid.domain_id,
                                                   event_gtid.server_id,
diff --git a/sql/socketpair.c b/sql/socketpair.c
new file mode 100644
index 00000000..ef89fa04
--- /dev/null
+++ b/sql/socketpair.c
@@ -0,0 +1,156 @@
+/* socketpair.c
+Copyright 2007, 2010 by Nathan C. Myers <ncm@cantrip.org>
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    Redistributions of source code must retain the above copyright notice, this
+    list of conditions and the following disclaimer.
+
+    Redistributions in binary form must reproduce the above copyright notice,
+    this list of conditions and the following disclaimer in the documentation
+    and/or other materials provided with the distribution.
+
+    The name of the author must not be used to endorse or promote products
+    derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/* Changes:
+ * 2023-12-25 Addopted for MariaDB usage
+ * 2014-02-12: merge David Woodhouse, Ger Hobbelt improvements
+ *     git.infradead.org/users/dwmw2/openconnect.git/commitdiff/bdeefa54
+ *     github.com/GerHobbelt/selectable-socketpair
+ *   always init the socks[] to -1/INVALID_SOCKET on error, both on Win32/64
+ *   and UNIX/other platforms
+ * 2013-07-18: Change to BSD 3-clause license
+ * 2010-03-31:
+ *   set addr to 127.0.0.1 because win32 getsockname does not always set it.
+ * 2010-02-25:
+ *   set SO_REUSEADDR option to avoid leaking some windows resource.
+ *   Windows System Error 10049, "Event ID 4226 TCP/IP has reached
+ *   the security limit imposed on the number of concurrent TCP connect
+ *   attempts."  Bleah.
+ * 2007-04-25:
+ *   preserve value of WSAGetLastError() on all error returns.
+ * 2007-04-22:  (Thanks to Matthew Gregan <kinetik@flim.org>)
+ *   s/EINVAL/WSAEINVAL/ fix trivial compile failure
+ *   s/socket/WSASocket/ enable creation of sockets suitable as stdin/stdout
+ *     of a child process.
+ *   add argument make_overlapped
+ */
+
+#include <my_global.h>
+#ifdef _WIN32
+#include <ws2tcpip.h>  /* socklen_t, et al (MSVC20xx) */
+#include <windows.h>
+#include <io.h>
+#include "socketpair.h"
+
+#define safe_errno (errno != 0) ? errno : -1
+
+/**
+  create_socketpair()
+
+  @param socks[2]   Will be filled by 2 SOCKET entries (similar to pipe())
+                    socks[0] for reading
+                    socks[1] for writing
+
+  @return: 0  ok
+          #  System error code. -1 if unknown
+ */
+
+int create_socketpair(SOCKET socks[2])
+{
+  union
+  {
+    struct sockaddr_in inaddr;
+    struct sockaddr addr;
+  } a;
+  SOCKET listener= -1;
+  int reuse = 1;
+  int last_error;
+  socklen_t addrlen = sizeof(a.inaddr);
+
+  socks[0]= socks[1]= -1;
+
+  if ((listener= socket(AF_INET, SOCK_STREAM, IPPROTO_TCP)) == -1)
+    return safe_errno;
+
+  memset(&a, 0, sizeof(a));
+  a.inaddr.sin_family = AF_INET;
+  a.inaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+  a.inaddr.sin_port = 0;
+
+  for (;;)                                      /* Avoid using goto */
+  {
+    if (setsockopt(listener, SOL_SOCKET, SO_REUSEADDR,
+                   (char*) &reuse, (socklen_t) sizeof(reuse)) == -1)
+      break;
+    if  (bind(listener, &a.addr, sizeof(a.inaddr)) == SOCKET_ERROR)
+      break;
+
+    memset(&a, 0, sizeof(a));
+    if  (getsockname(listener, &a.addr, &addrlen) == SOCKET_ERROR)
+      break;
+    // win32 getsockname may only set the port number, p=0.0005.
+    // ( http://msdn.microsoft.com/library/ms738543.aspx ):
+    a.inaddr.sin_addr.s_addr= htonl(INADDR_LOOPBACK);
+    a.inaddr.sin_family= AF_INET;
+
+    if (listen(listener, 1) == SOCKET_ERROR)
+      break;
+
+    socks[1]= socket(AF_INET, SOCK_STREAM, 0);
+    if (socks[1] == -1)
+      break;
+    if (connect(socks[1], &a.addr, sizeof(a.inaddr)) == SOCKET_ERROR)
+      break;
+
+    socks[0]= accept(listener, NULL, NULL);
+    if (socks[0] == -1)
+      break;
+
+    closesocket(listener);
+
+    {
+      /* Make both sockets non blocking */
+      ulong arg= 1;
+      ioctlsocket(socks[0], FIONBIO,(void*) &arg);
+      ioctlsocket(socks[1], FIONBIO,(void*) &arg);
+    }
+    return 0;
+  }
+  /* Error handling */
+  last_error= WSAGetLastError();
+  if (listener != -1)
+    closesocket(listener);
+  close_socketpair(socks);
+  WSASetLastError(last_error);
+
+  return last_error;
+}
+
+/*
+  Free socketpair
+*/
+
+void close_socketpair(SOCKET socks[2])
+{
+  if (socks[0] != -1)
+    closesocket(socks[0]);
+  if (socks[1] != -1)
+    closesocket(socks[1]);
+  socks[0]= socks[1]= -1;
+}
+
+#endif /*_WIN32 */
diff --git a/sql/socketpair.h b/sql/socketpair.h
new file mode 100644
index 00000000..d9f89c84
--- /dev/null
+++ b/sql/socketpair.h
@@ -0,0 +1,21 @@
+/* Copyright (c) 2023, MariaDB Plc
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; version 2 of the License.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+#ifdef _WIN32
+C_MODE_START
+  int create_socketpair(SOCKET socks[2]);
+  void close_socketpair(SOCKET socks[2]);
+C_MODE_END
+#endif /* _WIN32 */
diff --git a/sql/sp.cc b/sql/sp.cc
index f51851d1..32353435 100644
--- a/sql/sp.cc
+++ b/sql/sp.cc
@@ -2731,7 +2731,13 @@ sp_update_stmt_used_routines(THD *thd, Query_tables_list *prelocking_ctx,
   for (uint i=0 ; i < src->records ; i++)
   {
     Sroutine_hash_entry *rt= (Sroutine_hash_entry *)my_hash_element(src, i);
-    (void)sp_add_used_routine(prelocking_ctx, thd->stmt_arena,
+    DBUG_ASSERT(thd->active_stmt_arena_to_use()->
+                  is_stmt_prepare_or_first_stmt_execute() ||
+                thd->active_stmt_arena_to_use()->
+                  is_conventional() ||
+                thd->active_stmt_arena_to_use()->state ==
+                  Query_arena::STMT_SP_QUERY_ARGUMENTS);
+    (void)sp_add_used_routine(prelocking_ctx, thd->active_stmt_arena_to_use(),
                               &rt->mdl_request.key, rt->m_handler,
                               belong_to_view);
   }
@@ -2757,7 +2763,7 @@ void sp_update_stmt_used_routines(THD *thd, Query_tables_list *prelocking_ctx,
                                   TABLE_LIST *belong_to_view)
 {
   for (Sroutine_hash_entry *rt= src->first; rt; rt= rt->next)
-    (void)sp_add_used_routine(prelocking_ctx, thd->stmt_arena,
+    (void)sp_add_used_routine(prelocking_ctx, thd->active_stmt_arena_to_use(),
                               &rt->mdl_request.key, rt->m_handler,
                               belong_to_view);
 }
diff --git a/sql/sp_cache.cc b/sql/sp_cache.cc
index 36ad3710..1da807e9 100644
--- a/sql/sp_cache.cc
+++ b/sql/sp_cache.cc
@@ -195,7 +195,7 @@ sp_head *sp_cache_lookup(sp_cache **cp, const Database_qualified_name *name)
   sp_cache *c= *cp;
   if (! c)
     return NULL;
-  return c->lookup(buf, name->make_qname(buf, sizeof(buf)));
+  return c->lookup(buf, name->make_qname(buf, sizeof(buf), true));
 }
 
 
@@ -302,7 +302,7 @@ sp_cache::~sp_cache()
 void
 sp_cache::init()
 {
-  my_hash_init(key_memory_sp_cache, &m_hashtable, system_charset_info, 0, 0, 0,
+  my_hash_init(key_memory_sp_cache, &m_hashtable, &my_charset_bin, 0, 0, 0,
                hash_get_key_for_sp_head, hash_free_sp_head, 0);
 }
 
diff --git a/sql/sp_head.cc b/sql/sp_head.cc
index 5fd6ab52..58235055 100644
--- a/sql/sp_head.cc
+++ b/sql/sp_head.cc
@@ -1575,7 +1575,7 @@ sp_head::execute(THD *thd, bool merge_da_on_success)
     {
       // Don't count a call ended with an error as normal run
       executed_counter= 0;
-      main_mem_root.read_only= 0;
+      main_mem_root.flags &= ~ROOT_FLAG_READ_ONLY;
       reset_instrs_executed_counter();
     }
 #endif
@@ -1696,10 +1696,10 @@ sp_head::execute(THD *thd, bool merge_da_on_success)
 #ifdef PROTECT_STATEMENT_MEMROOT
   if (!err_status)
   {
-    if (!main_mem_root.read_only &&
+    if (!(main_mem_root.flags & ROOT_FLAG_READ_ONLY) &&
         has_all_instrs_executed())
     {
-      main_mem_root.read_only= 1;
+      main_mem_root.flags |= ROOT_FLAG_READ_ONLY;
     }
     ++executed_counter;
     DBUG_PRINT("info", ("execute counter: %lu", executed_counter));
diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc
index 029b12ad..c6080e5b 100644
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -957,6 +957,7 @@ class User_table_tabular: public User_table
 
   int get_auth(THD *thd, MEM_ROOT *root, ACL_USER *u) const
   {
+    mysql_mutex_assert_owner(&acl_cache->lock);
     u->alloc_auth(root, 1);
     if (have_password())
     {
@@ -2316,6 +2317,9 @@ static bool validate_password(THD *thd, const LEX_CSTRING &user,
 static int set_user_salt(ACL_USER::AUTH *auth, plugin_ref plugin)
 {
   st_mysql_auth *info= (st_mysql_auth *) plugin_decl(plugin)->info;
+
+  mysql_mutex_assert_owner(&acl_cache->lock);
+
   if (info->interface_version >= 0x0202 && info->preprocess_hash &&
       auth->auth_string.length)
   {
@@ -2351,6 +2355,8 @@ static int set_user_auth(THD *thd, const LEX_CSTRING &user,
   plugin_ref plugin= get_auth_plugin(thd, auth->plugin, &unlock_plugin);
   int res= 1;
 
+  mysql_mutex_assert_owner(&acl_cache->lock);
+
   if (!plugin)
   {
     push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
@@ -2427,10 +2433,13 @@ static bool set_user_salt_if_needed(ACL_USER *user_copy, int curr_auth,
   if (auth_copy->salt.str)
     return 0; // already done
 
+  mysql_mutex_lock(&acl_cache->lock);
   if (set_user_salt(auth_copy, plugin))
+  {
+    mysql_mutex_unlock(&acl_cache->lock);
     return 1;
+  }
 
-  mysql_mutex_lock(&acl_cache->lock);
   ACL_USER *user= find_user_exact(user_copy->host.hostname, user_copy->user.str);
   // make sure the user wasn't altered or dropped meanwhile
   if (user)
@@ -3403,10 +3412,18 @@ end:
                                                 check_role_is_granted_callback,
                                                 NULL) == -1))
       {
-        /* Role is not granted but current user can see the role */
-        my_printf_error(ER_INVALID_ROLE, "User %`s@%`s has not been granted role %`s",
-                        MYF(0), thd->security_ctx->priv_user,
-                        thd->security_ctx->priv_host, rolename);
+        /* This happens for SET ROLE case and when `--skip-name-resolve` option
+           is used. In that situation host can be NULL and current user is always
+           target user, so printing `priv_user@priv_host` is not incorrect.
+         */
+        if (!host)
+          my_printf_error(ER_INVALID_ROLE, "User %`s@%`s has not been granted role %`s",
+                          MYF(0), thd->security_ctx->priv_user,
+                          thd->security_ctx->priv_host, rolename);
+        else
+          /* Role is not granted but current user can see the role */
+          my_printf_error(ER_INVALID_ROLE, "User %`s@%`s has not been granted role %`s",
+                          MYF(0), user, host, rolename);
       }
       else
       {
@@ -3477,6 +3494,7 @@ ACL_USER::ACL_USER(THD *thd, const LEX_USER &combo,
                    const Account_options &options,
                    const privilege_t privileges)
 {
+  mysql_mutex_assert_owner(&acl_cache->lock);
   user= safe_lexcstrdup_root(&acl_memroot, combo.user);
   update_hostname(&host, safe_strdup_root(&acl_memroot, combo.host.str));
   hostname_length= combo.host.length;
@@ -3493,6 +3511,8 @@ static int acl_user_update(THD *thd, ACL_USER *acl_user, uint nauth,
                            const privilege_t privileges)
 {
   ACL_USER_PARAM::AUTH *work_copy= NULL;
+  mysql_mutex_assert_owner(&acl_cache->lock);
+
   if (nauth)
   {
     if (!(work_copy= (ACL_USER_PARAM::AUTH*)
@@ -5201,6 +5221,7 @@ update_role_mapping(LEX_CSTRING *user, LEX_CSTRING *host, LEX_CSTRING *role,
     return 0;
   }
 
+  mysql_mutex_assert_owner(&acl_cache->lock);
   /* allocate a new entry that will go in the hash */
   ROLE_GRANT_PAIR *hash_entry= new (&acl_memroot) ROLE_GRANT_PAIR;
   if (hash_entry->init(&acl_memroot, user->str, host->str,
@@ -5265,6 +5286,7 @@ replace_proxies_priv_table(THD *thd, TABLE *table, const LEX_USER *user,
 
   DBUG_ENTER("replace_proxies_priv_table");
 
+  mysql_mutex_assert_owner(&acl_cache->lock);
   if (!table)
   {
     my_error(ER_NO_SUCH_TABLE, MYF(0), MYSQL_SCHEMA_NAME.str,
@@ -8373,11 +8395,6 @@ bool check_grant(THD *thd, privilege_t want_access, TABLE_LIST *tables,
                          INSERT_ACL : SELECT_ACL);
     }
 
-    if (tl->with || !tl->db.str ||
-        (tl->select_lex &&
-         (tl->with= tl->select_lex->find_table_def_in_with_clauses(tl))))
-      continue;
-
     const ACL_internal_table_access *access=
       get_cached_table_access(&t_ref->grant.m_internal,
                               t_ref->get_db_name(),
@@ -12159,8 +12176,8 @@ static my_bool count_column_grants(void *grant_table,
   This must be performed under the mutex in order to make sure the
   iteration does not fail.
 */
-static int show_column_grants(THD *thd, SHOW_VAR *var, char *buff,
-                              enum enum_var_type scope)
+static int show_column_grants(THD *thd, SHOW_VAR *var, void *buff,
+                              system_status_var *, enum enum_var_type scope)
 {
   var->type= SHOW_ULONG;
   var->value= buff;
@@ -12176,8 +12193,8 @@ static int show_column_grants(THD *thd, SHOW_VAR *var, char *buff,
   return 0;
 }
 
-static int show_database_grants(THD *thd, SHOW_VAR *var, char *buff,
-                                enum enum_var_type scope)
+static int show_database_grants(THD *thd, SHOW_VAR *var, void *buff,
+                                system_status_var *, enum enum_var_type scope)
 {
   var->type= SHOW_UINT;
   var->value= buff;
@@ -13568,8 +13585,37 @@ static bool find_mpvio_user(MPVIO_EXT *mpvio)
   DBUG_RETURN(0);
 }
 
+
+/**
+  Determine if the client is MySQL Connector/NET.
+
+  Checks whether the given connection attributes blob corresponds to
+  MySQL Connector/NET by examining the "_client_name" attribute, which is
+  expected to be the first attribute in the blob.
+
+  @param connection_attrs - The connection attributes blob.
+  @param length - The length of the blob.
+
+  @return true if the client is MySQL Connector/NET, false otherwise.
+*/
+static inline bool is_connector_net_client(const char *connection_attrs,
+                                           size_t length)
+{
+  constexpr LEX_CSTRING prefix=
+    {STRING_WITH_LEN("\x0c_client_name\x13mysql-connector-net")};
+
+  if (length < prefix.length)
+    return false;
+
+  /* Optimization to avoid following memcmp in common cases.*/
+  if (connection_attrs[prefix.length - 1] != prefix.str[prefix.length - 1])
+    return false;
+
+  return !memcmp(connection_attrs, prefix.str, prefix.length);
+}
+
 static bool
-read_client_connect_attrs(char **ptr, char *end, CHARSET_INFO *from_cs)
+read_client_connect_attrs(char **ptr, char *end, THD* thd)
 {
   ulonglong length;
   char *ptr_save= *ptr;
@@ -13592,10 +13638,14 @@ read_client_connect_attrs(char **ptr, char *end, CHARSET_INFO *from_cs)
   if (length > 65535)
     return true;
 
-  if (PSI_CALL_set_thread_connect_attrs(*ptr, (uint)length, from_cs) &&
+  if (PSI_CALL_set_thread_connect_attrs(*ptr, (uint)length, thd->charset()) &&
       current_thd->variables.log_warnings)
     sql_print_warning("Connection attributes of length %llu were truncated",
                       length);
+
+  /* Connector/Net crashes, when "show collations" returns NULL IDs*/
+  if (is_connector_net_client(*ptr, length))
+    thd->variables.old_behavior |= OLD_MODE_NO_NULL_COLLATION_IDS;
   return false;
 }
 
@@ -13729,7 +13779,7 @@ static bool parse_com_change_user_packet(MPVIO_EXT *mpvio, uint packet_length)
   }
 
   if ((thd->client_capabilities & CLIENT_CONNECT_ATTRS) &&
-      read_client_connect_attrs(&next_field, end, thd->charset()))
+      read_client_connect_attrs(&next_field, end, thd))
   {
     my_message(ER_UNKNOWN_COM_ERROR, ER_THD(thd, ER_UNKNOWN_COM_ERROR),
                MYF(0));
@@ -13979,7 +14029,7 @@ static ulong parse_client_handshake_packet(MPVIO_EXT *mpvio,
 
   if ((thd->client_capabilities & CLIENT_CONNECT_ATTRS) &&
       read_client_connect_attrs(&next_field, ((char *)net->read_pos) + pkt_len,
-                                mpvio->auth_info.thd->charset()))
+                                mpvio->auth_info.thd))
     return packet_error;
 
   /*
diff --git a/sql/sql_admin.cc b/sql/sql_admin.cc
index fcbd8a55..a3b9bbd4 100644
--- a/sql/sql_admin.cc
+++ b/sql/sql_admin.cc
@@ -818,7 +818,7 @@ static bool mysql_admin_table(THD* thd, TABLE_LIST* tables,
     if (lock_type == TL_WRITE && table->mdl_request.type > MDL_SHARED_WRITE)
     {
       if (table->table->s->tmp_table)
-        thd->close_unused_temporary_table_instances(tables);
+        thd->close_unused_temporary_table_instances(table);
       else
       {
         /* Store information about table for ddl log */
diff --git a/sql/sql_alter.cc b/sql/sql_alter.cc
index 3b9c8402..ff7b0be7 100644
--- a/sql/sql_alter.cc
+++ b/sql/sql_alter.cc
@@ -641,19 +641,19 @@ bool Sql_cmd_alter_table::execute(THD *thd)
     }
 
     wsrep::key_array keys;
-    wsrep_append_fk_parent_table(thd, first_table, &keys);
-
-    WSREP_TO_ISOLATION_BEGIN_ALTER(lex->name.str ? select_lex->db.str
-                                   : first_table->db.str,
-                                   lex->name.str ? lex->name.str
-                                   : first_table->table_name.str,
-                                   first_table, &alter_info, &keys,
-                                   used_engine ? &create_info : nullptr)
+    if (!wsrep_append_fk_parent_table(thd, first_table, &keys))
     {
-      WSREP_WARN("ALTER TABLE isolation failure");
-      DBUG_RETURN(TRUE);
+      WSREP_TO_ISOLATION_BEGIN_ALTER(lex->name.str ? select_lex->db.str
+                                     : first_table->db.str,
+                                     lex->name.str ? lex->name.str
+                                     : first_table->table_name.str,
+                                     first_table, &alter_info, &keys,
+                                     used_engine ? &create_info : nullptr)
+      {
+        WSREP_WARN("ALTER TABLE isolation failure");
+        DBUG_RETURN(TRUE);
+      }
     }
-
     DEBUG_SYNC(thd, "wsrep_alter_table_after_toi");
   }
 #endif
diff --git a/sql/sql_analyse.cc b/sql/sql_analyse.cc
index 4c853689..93b0dbb3 100644
--- a/sql/sql_analyse.cc
+++ b/sql/sql_analyse.cc
@@ -953,7 +953,8 @@ void field_longlong::get_opt_type(String *answer,
 					       UINT_MAX24 : INT_MAX24))
     snprintf(buff, sizeof(buff), "MEDIUMINT(%d)", (int) max_length);
   else if (min_arg >= INT_MIN32 && max_arg <= (min_arg >= 0 ?
-					       UINT_MAX32 : INT_MAX32))
+					       (longlong) UINT_MAX32 :
+                                               (longlong) INT_MAX32))
     snprintf(buff, sizeof(buff), "INT(%d)", (int) max_length);
   else
     snprintf(buff, sizeof(buff), "BIGINT(%d)", (int) max_length);
diff --git a/sql/sql_base.cc b/sql/sql_base.cc
index a0656e48..7b9ffc2e 100644
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@@ -74,7 +74,9 @@ No_such_table_error_handler::handle_condition(THD *,
   *cond_hdl= NULL;
   if (!first_error)
     first_error= sql_errno;
-  if (sql_errno == ER_NO_SUCH_TABLE || sql_errno == ER_NO_SUCH_TABLE_IN_ENGINE)
+  if (sql_errno == ER_NO_SUCH_TABLE
+      || sql_errno == ER_NO_SUCH_TABLE_IN_ENGINE
+      || sql_errno == ER_UNKNOWN_SEQUENCES)
   {
     m_handled_errors++;
     return TRUE;
@@ -2288,6 +2290,7 @@ retry_share:
       if (thd->has_read_only_protection())
       {
         MYSQL_UNBIND_TABLE(table->file);
+        table->vcol_cleanup_expr(thd);
         tc_release_table(table);
         DBUG_RETURN(TRUE);
       }
@@ -2307,6 +2310,7 @@ retry_share:
       if (result)
       {
         MYSQL_UNBIND_TABLE(table->file);
+        table->vcol_cleanup_expr(thd);
         tc_release_table(table);
         DBUG_RETURN(TRUE);
       }
@@ -7202,6 +7206,7 @@ set_new_item_local_context(THD *thd, Item_ident *item, TABLE_LIST *table_ref)
   if (!(context= new (thd->mem_root) Name_resolution_context))
     return TRUE;
   context->init();
+  context->select_lex= table_ref->select_lex;
   context->first_name_resolution_table=
     context->last_name_resolution_table= table_ref;
   item->context= context;
@@ -8020,7 +8025,7 @@ bool setup_fields(THD *thd, Ref_ptr_array ref_pointer_array,
   while ((item= it++))
   {
     if (make_pre_fix)
-      pre_fix->push_back(item, thd->stmt_arena->mem_root);
+      pre_fix->push_back(item, thd->active_stmt_arena_to_use()->mem_root);
 
     if (item->fix_fields_if_needed_for_scalar(thd, it.ref()))
     {
diff --git a/sql/sql_binlog.cc b/sql/sql_binlog.cc
index e71c7015..118b361e 100644
--- a/sql/sql_binlog.cc
+++ b/sql/sql_binlog.cc
@@ -137,7 +137,7 @@ int binlog_defragment(THD *thd)
     entry[k]=
       (user_var_entry*) my_hash_search(&thd->user_vars, (uchar*) name[k].str,
                                        name[k].length);
-    if (!entry[k] || entry[k]->type != STRING_RESULT)
+    if (!entry[k] || entry[k]->type_handler()->result_type() != STRING_RESULT)
     {
       my_error(ER_WRONG_TYPE_FOR_VAR, MYF(0), name[k].str);
       return -1;
@@ -162,7 +162,8 @@ int binlog_defragment(THD *thd)
     gathered_length += entry[k]->length;
   }
   for (uint k=0; k < 2; k++)
-    update_hash(entry[k], true, NULL, 0, STRING_RESULT, &my_charset_bin, 0);
+    update_hash(entry[k], true, NULL, 0,
+                &type_handler_long_blob, &my_charset_bin);
 
   DBUG_ASSERT(gathered_length == thd->lex->comment.length);
 
diff --git a/sql/sql_class.cc b/sql/sql_class.cc
index 9da1ec54..17d89188 100644
--- a/sql/sql_class.cc
+++ b/sql/sql_class.cc
@@ -727,7 +727,6 @@ THD::THD(my_thread_id id, bool is_wsrep_applier)
    wsrep_wfc()
 #endif /*WITH_WSREP */
 {
-  ulong tmp;
   bzero(&variables, sizeof(variables));
 
   /*
@@ -879,14 +878,6 @@ THD::THD(my_thread_id id, bool is_wsrep_applier)
 
   tablespace_op=FALSE;
 
-  /*
-    Initialize the random generator. We call my_rnd() without a lock as
-    it's not really critical if two threads modifies the structure at the
-    same time.  We ensure that we have an unique number foreach thread
-    by adding the address of the stack.
-  */
-  tmp= (ulong) (my_rnd(&sql_rand) * 0xffffffff);
-  my_rnd_init(&rand, tmp + (ulong)((size_t) &rand), tmp + (ulong) ::global_query_id);
   substitute_null_with_insert_id = FALSE;
   lock_info.mysql_thd= (void *)this;
 
@@ -1247,7 +1238,9 @@ void THD::init()
 
   user_time.val= start_time= start_time_sec_part= 0;
 
-  server_status= SERVER_STATUS_AUTOCOMMIT;
+  server_status= 0;
+  if (variables.option_bits & OPTION_AUTOCOMMIT)
+    server_status|= SERVER_STATUS_AUTOCOMMIT;
   if (variables.sql_mode & MODE_NO_BACKSLASH_ESCAPES)
     server_status|= SERVER_STATUS_NO_BACKSLASH_ESCAPES;
   if (variables.sql_mode & MODE_ANSI_QUOTES)
@@ -1312,6 +1305,17 @@ void THD::init()
   /* Set to handle counting of aborted connections */
   userstat_running= opt_userstat_running;
   last_global_update_time= current_connect_time= time(NULL);
+
+  /*
+    Initialize the random generator. We call my_rnd() without a lock as
+    it's not really critical if two threads modify the structure at the
+    same time.  We ensure that we have a unique number for each thread
+    by adding the address of this THD.
+  */
+  ulong tmp= (ulong) (my_rnd(&sql_rand) * 0xffffffff);
+  my_rnd_init(&rand, tmp + (ulong)(intptr) this,
+                     (ulong)(my_timer_cycles() + global_query_id));
+
 #ifndef EMBEDDED_LIBRARY
   session_tracker.enable(this);
 #endif //EMBEDDED_LIBRARY
@@ -1604,6 +1608,10 @@ void THD::free_connection()
     vio_delete(net.vio);
   net.vio= nullptr;
   net_end(&net);
+  delete(rgi_fake);
+  rgi_fake= NULL;
+  delete(rli_fake);
+  rli_fake= NULL;
 #endif
  if (!cleanup_done)
    cleanup();
@@ -1642,6 +1650,7 @@ void THD::reset_for_reuse()
   abort_on_warning= 0;
   free_connection_done= 0;
   m_command= COM_CONNECT;
+  proc_info= "login";                           // Same as in THD::THD()
   transaction->on= 1;
 #if defined(ENABLED_PROFILING)
   profiling.reset();
@@ -1654,6 +1663,7 @@ void THD::reset_for_reuse()
   wsrep_cs().reset_error();
   wsrep_aborter= 0;
   wsrep_abort_by_kill= NOT_KILLED;
+  my_free(wsrep_abort_by_kill_err);
   wsrep_abort_by_kill_err= 0;
 #ifndef DBUG_OFF
   wsrep_killed_state= 0;
@@ -1696,6 +1706,8 @@ THD::~THD()
 
 #ifdef WITH_WSREP
   mysql_cond_destroy(&COND_wsrep_thd);
+  my_free(wsrep_abort_by_kill_err);
+  wsrep_abort_by_kill_err= 0;
 #endif
   mdl_context.destroy();
 
@@ -1708,17 +1720,6 @@ THD::~THD()
   dbug_sentry= THD_SENTRY_GONE;
 #endif  
 #ifndef EMBEDDED_LIBRARY
-  if (rgi_fake)
-  {
-    delete rgi_fake;
-    rgi_fake= NULL;
-  }
-  if (rli_fake)
-  {
-    delete rli_fake;
-    rli_fake= NULL;
-  }
-  
   if (rgi_slave)
     rgi_slave->cleanup_after_session();
   my_free(semisync_info);
@@ -1726,6 +1727,7 @@ THD::~THD()
   main_lex.free_set_stmt_mem_root();
   free_root(&main_mem_root, MYF(0));
   my_free(m_token_array);
+  my_free(killed_err);
   main_da.free_memory();
   if (tdc_hash_pins)
     lf_hash_put_pins(tdc_hash_pins);
@@ -1857,14 +1859,6 @@ void add_diff_to_status(STATUS_VAR *to_var, STATUS_VAR *from_var,
   */
 }
 
-#define SECONDS_TO_WAIT_FOR_KILL 2
-#if !defined(_WIN32) && defined(HAVE_SELECT)
-/* my_sleep() can wait for sub second times */
-#define WAIT_FOR_KILL_TRY_TIMES 20
-#else
-#define WAIT_FOR_KILL_TRY_TIMES 2
-#endif
-
 
 /**
   Awake a thread.
@@ -2142,7 +2136,11 @@ void THD::reset_killed()
     mysql_mutex_assert_not_owner(&LOCK_thd_kill);
     mysql_mutex_lock(&LOCK_thd_kill);
     killed= NOT_KILLED;
-    killed_err= 0;
+    if (unlikely(killed_err))
+    {
+      my_free(killed_err);
+      killed_err= 0;
+    }
     mysql_mutex_unlock(&LOCK_thd_kill);
   }
 #ifdef WITH_WSREP
@@ -2153,6 +2151,7 @@ void THD::reset_killed()
       mysql_mutex_assert_not_owner(&LOCK_thd_kill);
       mysql_mutex_lock(&LOCK_thd_kill);
       wsrep_abort_by_kill= NOT_KILLED;
+      my_free(wsrep_abort_by_kill_err);
       wsrep_abort_by_kill_err= 0;
       mysql_mutex_unlock(&LOCK_thd_kill);
     }
@@ -5933,8 +5932,6 @@ void THD::set_examined_row_count(ha_rows count)
 void THD::inc_sent_row_count(ha_rows count)
 {
   m_sent_row_count+= count;
-  DBUG_EXECUTE_IF("debug_huge_number_of_examined_rows",
-                  m_examined_row_count= (ULONGLONG_MAX - 1000000););
   MYSQL_SET_STATEMENT_ROWS_SENT(m_statement_psi, m_sent_row_count);
 }
 
@@ -6998,7 +6995,8 @@ THD::binlog_prepare_pending_rows_event(TABLE* table, uint32 serv_id,
 {
   DBUG_ENTER("binlog_prepare_pending_rows_event");
   /* Pre-conditions */
-  DBUG_ASSERT(table->s->table_map_id != ~0UL);
+  DBUG_ASSERT((table->s->table_map_id & MAX_TABLE_MAP_ID) != UINT32_MAX &&
+              (table->s->table_map_id & MAX_TABLE_MAP_ID) != 0);
 
   /* Fetch the type code for the RowsEventT template parameter */
   int const general_type_code= RowsEventT::TYPE_CODE;
diff --git a/sql/sql_class.h b/sql/sql_class.h
index beb33d83..7543df39 100644
--- a/sql/sql_class.h
+++ b/sql/sql_class.h
@@ -201,6 +201,7 @@ enum enum_binlog_row_image {
 #define OLD_MODE_UTF8_IS_UTF8MB3      (1 << 3)
 #define OLD_MODE_IGNORE_INDEX_ONLY_FOR_JOIN          (1 << 4)
 #define OLD_MODE_COMPAT_5_1_CHECKSUM    (1 << 5)
+#define OLD_MODE_NO_NULL_COLLATION_IDS  (1 << 6)
 
 extern char internal_table_name[2];
 extern char empty_c_string[1];
@@ -281,9 +282,8 @@ typedef struct st_user_var_events
   user_var_entry *user_var_event;
   char *value;
   size_t length;
-  Item_result type;
+  const Type_handler *th;
   uint charset_number;
-  bool unsigned_flag;
 } BINLOG_USER_VAR_EVENT;
 
 /*
@@ -657,6 +657,15 @@ enum killed_type
   KILL_TYPE_QUERY
 };
 
+#define SECONDS_TO_WAIT_FOR_KILL 2
+#define SECONDS_TO_WAIT_FOR_DUMP_THREAD_KILL 10
+#if !defined(_WIN32) && defined(HAVE_SELECT)
+/* my_sleep() can wait for sub second times */
+#define WAIT_FOR_KILL_TRY_TIMES 20
+#else
+#define WAIT_FOR_KILL_TRY_TIMES 2
+#endif
+
 #include "sql_lex.h"				/* Must be here */
 
 class Delayed_insert;
@@ -694,7 +703,6 @@ typedef struct system_variables
   ulonglong max_statement_time;
   ulonglong optimizer_switch;
   ulonglong optimizer_trace;
-  ulong optimizer_trace_max_mem_size;
   sql_mode_t sql_mode; ///< which non-standard SQL behaviour should be enabled
   sql_mode_t old_behavior; ///< which old SQL behaviour should be enabled
   ulonglong option_bits; ///< OPTION_xxx constants, e.g. OPTION_PROFILING
@@ -758,6 +766,8 @@ typedef struct system_variables
   ulong optimizer_use_condition_selectivity;
   ulong optimizer_max_sel_arg_weight;
   ulong optimizer_max_sel_args;
+  ulong optimizer_trace_max_mem_size;
+  ulong optimizer_adjust_secondary_key_costs;
   ulong use_stat_tables;
   double sample_percentage;
   ulong histogram_size;
@@ -3204,6 +3214,17 @@ public:
   */
   Query_arena *stmt_arena;
 
+  /**
+    Get either call or statement arena. In case some function is called from
+    within a query the call arena has to be used for a memory allocation,
+    else use the statement arena.
+  */
+  Query_arena *active_stmt_arena_to_use()
+  {
+    return (state  == Query_arena::STMT_SP_QUERY_ARGUMENTS) ? this :
+                                                              stmt_arena;
+  }
+
   void *bulk_param;
 
   /*
@@ -3435,7 +3456,11 @@ public:
   { return m_sent_row_count; }
 
   ha_rows get_examined_row_count() const
-  { return m_examined_row_count; }
+  {
+    DBUG_EXECUTE_IF("debug_huge_number_of_examined_rows",
+                    return (ULONGLONG_MAX - 1000000););
+    return m_examined_row_count;
+  }
 
   ulonglong get_affected_rows() const
   { return affected_rows; }
@@ -4608,7 +4633,8 @@ public:
           The worst things that can happen is that we get
           a suboptimal error message.
         */
-        killed_err= (err_info*) alloc_root(&main_mem_root, sizeof(*killed_err));
+        if (!killed_err)
+          killed_err= (err_info*) my_malloc(PSI_INSTRUMENT_ME, sizeof(*killed_err), MYF(MY_WME));
         if (likely(killed_err))
         {
           killed_err->no= killed_errno_arg;
@@ -5039,13 +5065,24 @@ public:
 public:
   /** Overloaded to guard query/query_length fields */
   virtual void set_statement(Statement *stmt);
-  void set_command(enum enum_server_command command)
+  inline void set_command(enum enum_server_command command)
   {
+    DBUG_ASSERT(command != COM_SLEEP);
     m_command= command;
 #ifdef HAVE_PSI_THREAD_INTERFACE
     PSI_STATEMENT_CALL(set_thread_command)(m_command);
 #endif
   }
+  /* As sleep needs a bit of special handling, we have a special case for it */
+  inline void mark_connection_idle()
+  {
+    proc_info= 0;
+    m_command= COM_SLEEP;
+#ifdef HAVE_PSI_THREAD_INTERFACE
+    PSI_STATEMENT_CALL(set_thread_command)(m_command);
+#endif
+  }
+
   inline enum enum_server_command get_command() const
   { return m_command; }
 
@@ -7118,7 +7155,7 @@ public:
 
 
 // this is needed for user_vars hash
-class user_var_entry
+class user_var_entry: public Type_handler_hybrid_field_type
 {
   CHARSET_INFO *m_charset;
  public:
@@ -7127,8 +7164,6 @@ class user_var_entry
   char *value;
   size_t length;
   query_id_t update_query_id, used_query_id;
-  Item_result type;
-  bool unsigned_flag;
 
   double val_real(bool *null_value);
   longlong val_int(bool *null_value) const;
@@ -7809,6 +7844,66 @@ public:
 };
 
 
+class Identifier_chain2
+{
+  LEX_CSTRING m_name[2];
+public:
+  Identifier_chain2()
+   :m_name{Lex_cstring(), Lex_cstring()}
+  { }
+  Identifier_chain2(const LEX_CSTRING &a, const LEX_CSTRING &b)
+   :m_name{a, b}
+  { }
+
+  const LEX_CSTRING& operator [] (size_t i) const
+  {
+    return m_name[i];
+  }
+
+  static Identifier_chain2 split(const LEX_CSTRING &txt)
+  {
+    DBUG_ASSERT(txt.str[txt.length] == '\0'); // Expect 0-terminated input
+    const char *dot= strchr(txt.str, '.');
+    if (!dot)
+      return Identifier_chain2(Lex_cstring(), txt);
+    size_t length0= dot - txt.str;
+    Lex_cstring name0(txt.str, length0);
+    Lex_cstring name1(txt.str + length0 + 1, txt.length - length0 - 1);
+    return Identifier_chain2(name0, name1);
+  }
+
+  // Export as a qualified name string: 'db.name'
+  size_t make_qname(char *dst, size_t dstlen, bool casedn_part1) const
+  {
+    size_t res= my_snprintf(dst, dstlen, "%.*s.%.*s",
+                            (int) m_name[0].length, m_name[0].str,
+                            (int) m_name[1].length, m_name[1].str);
+    if (casedn_part1 && dstlen > m_name[0].length)
+      my_casedn_str(system_charset_info, dst + m_name[0].length + 1);
+    return res;
+  }
+
+  // Export as a qualified name string, allocate on mem_root.
+  LEX_CSTRING make_qname(MEM_ROOT *mem_root, bool casedn_part1) const
+  {
+    LEX_STRING dst;
+    /* format: [pkg + dot] + name + '\0' */
+    size_t dst_size= m_name[0].length + 1 /*dot*/ + m_name[1].length + 1/*\0*/;
+    if (unlikely(!(dst.str= (char*) alloc_root(mem_root, dst_size))))
+      return {NULL, 0};
+    if (!m_name[0].length)
+    {
+      DBUG_ASSERT(!casedn_part1); // Should not be called this way
+      dst.length= my_snprintf(dst.str, dst_size, "%.*s",
+                              (int) m_name[1].length, m_name[1].str);
+      return {dst.str, dst.length};
+    }
+    dst.length= make_qname(dst.str, dst_size, casedn_part1);
+    return {dst.str, dst.length};
+  }
+};
+
+
 /**
   This class resembles the SQL Standard schema qualified object name:
   <schema qualified name> ::= [ <schema name> <period> ] <qualified identifier>
@@ -7849,41 +7944,16 @@ public:
   void copy(MEM_ROOT *mem_root, const LEX_CSTRING &db,
                                 const LEX_CSTRING &name);
 
-  static Database_qualified_name split(const LEX_CSTRING &txt)
-  {
-    DBUG_ASSERT(txt.str[txt.length] == '\0'); // Expect 0-terminated input
-    const char *dot= strchr(txt.str, '.');
-    if (!dot)
-      return Database_qualified_name(NULL, 0, txt.str, txt.length);
-    size_t dblen= dot - txt.str;
-    Lex_cstring db(txt.str, dblen);
-    Lex_cstring name(txt.str + dblen + 1, txt.length - dblen - 1);
-    return Database_qualified_name(db, name);
-  }
-
   // Export db and name as a qualified name string: 'db.name'
-  size_t make_qname(char *dst, size_t dstlen) const
+  size_t make_qname(char *dst, size_t dstlen, bool casedn_name) const
   {
-    return my_snprintf(dst, dstlen, "%.*s.%.*s",
-                       (int) m_db.length, m_db.str,
-                       (int) m_name.length, m_name.str);
+    return Identifier_chain2(m_db, m_name).make_qname(dst, dstlen, casedn_name);
   }
   // Export db and name as a qualified name string, allocate on mem_root.
-  bool make_qname(MEM_ROOT *mem_root, LEX_CSTRING *dst) const
+  LEX_CSTRING make_qname(MEM_ROOT *mem_root, bool casedn_name) const
   {
-    const uint dot= !!m_db.length;
-    char *tmp;
-    /* format: [database + dot] + name + '\0' */
-    dst->length= m_db.length + dot + m_name.length;
-    if (unlikely(!(dst->str= tmp= (char*) alloc_root(mem_root,
-                                                     dst->length + 1))))
-      return true;
-    snprintf(tmp, dst->length + 1, "%.*s%.*s%.*s",
-            (int) m_db.length, (m_db.length ? m_db.str : ""),
-            dot, ".",
-            (int) m_name.length, m_name.str);
     DBUG_SLOW_ASSERT(ok_for_lower_case_names(m_db.str));
-    return false;
+    return Identifier_chain2(m_db, m_name).make_qname(mem_root, casedn_name);
   }
 
   bool make_package_routine_name(MEM_ROOT *mem_root,
@@ -7894,9 +7964,8 @@ public:
     size_t length= package.length + 1 + routine.length + 1;
     if (unlikely(!(tmp= (char *) alloc_root(mem_root, length))))
       return true;
-    m_name.length= my_snprintf(tmp, length, "%.*s.%.*s",
-                               (int) package.length, package.str,
-                               (int) routine.length, routine.str);
+    m_name.length= Identifier_chain2(package, routine).make_qname(tmp, length,
+                                                                  false);
     m_name.str= tmp;
     return false;
   }
@@ -7925,7 +7994,7 @@ public:
   { }
   LEX_CSTRING lex_cstring() const override
   {
-    size_t length= m_name->make_qname(err_buffer, sizeof(err_buffer));
+    size_t length= m_name->make_qname(err_buffer, sizeof(err_buffer), false);
     return {err_buffer, length};
   }
 };
diff --git a/sql/sql_connect.cc b/sql/sql_connect.cc
index 6b195ac9..8878c722 100644
--- a/sql/sql_connect.cc
+++ b/sql/sql_connect.cc
@@ -1240,8 +1240,7 @@ void prepare_new_connection_state(THD* thd)
     embedded server library.
     TODO: refactor this to avoid code duplication there
   */
-  thd->proc_info= 0;
-  thd->set_command(COM_SLEEP);
+  thd->mark_connection_idle();
   thd->init_for_queries();
 
   if (opt_init_connect.length &&
diff --git a/sql/sql_cte.cc b/sql/sql_cte.cc
index ad385128..5b3db9bc 100644
--- a/sql/sql_cte.cc
+++ b/sql/sql_cte.cc
@@ -106,6 +106,7 @@ bool LEX::check_dependencies_in_with_clauses()
 
   @param tables      Points to the beginning of the sub-chain
   @param tables_last Points to the address with the sub-chain barrier
+  @param excl_spec   Ignore the definition with this spec
 
   @details
     The method resolves tables references to CTE from the chain of
@@ -147,7 +148,8 @@ bool LEX::check_dependencies_in_with_clauses()
 */
 
 bool LEX::resolve_references_to_cte(TABLE_LIST *tables,
-                                    TABLE_LIST **tables_last)
+                                    TABLE_LIST **tables_last,
+                                    st_select_lex_unit *excl_spec)
 {
   With_element *with_elem= 0;
 
@@ -156,7 +158,8 @@ bool LEX::resolve_references_to_cte(TABLE_LIST *tables,
     if (tbl->derived)
       continue;
     if (!tbl->db.str && !tbl->with)
-      tbl->with= tbl->select_lex->find_table_def_in_with_clauses(tbl);
+      tbl->with= tbl->select_lex->find_table_def_in_with_clauses(tbl,
+                                                                 excl_spec);
     if (!tbl->with)    // no CTE matches table reference tbl
     {
       if (only_cte_resolution)
@@ -244,7 +247,7 @@ LEX::check_cte_dependencies_and_resolve_references()
     return true;
   if (!with_cte_resolution)
     return false;
-  if (resolve_references_to_cte(query_tables, query_tables_last))
+  if (resolve_references_to_cte(query_tables, query_tables_last, NULL))
     return true;
   return false;
 }
@@ -388,6 +391,7 @@ bool With_element::check_dependencies_in_spec()
  
   @param table    The reference to the table that is looked for
   @param barrier  The barrier with element for the search
+  @param excl_spec Ignore the definition with this spec
 
   @details
     The function looks through the elements of this with clause trying to find
@@ -401,12 +405,15 @@ bool With_element::check_dependencies_in_spec()
 */    
 
 With_element *With_clause::find_table_def(TABLE_LIST *table,
-                                          With_element *barrier)
+                                          With_element *barrier,
+                                          st_select_lex_unit *excl_spec)
 {
   for (With_element *with_elem= with_list.first; 
        with_elem != barrier;
        with_elem= with_elem->next)
   {
+    if (excl_spec && with_elem->spec == excl_spec)
+      continue;
     if (my_strcasecmp(system_charset_info, with_elem->get_name_str(),
                       table->table_name.str) == 0 &&
         !table->is_fqtn)
@@ -466,7 +473,7 @@ With_element *find_table_def_in_with_clauses(TABLE_LIST *tbl,
           top_unit->with_element &&
           top_unit->with_element->get_owner() == with_clause)
         barrier= top_unit->with_element;
-      found= with_clause->find_table_def(tbl, barrier);
+      found= with_clause->find_table_def(tbl, barrier, NULL);
       if (found)
         break;
     }
@@ -521,10 +528,11 @@ void With_element::check_dependencies_in_select(st_select_lex *sl,
     {
       With_clause *with_clause= sl->master_unit()->with_clause;
       if (with_clause)
-        tbl->with= with_clause->find_table_def(tbl, NULL);
+        tbl->with= with_clause->find_table_def(tbl, NULL, NULL);
       if (!tbl->with)
         tbl->with= owner->find_table_def(tbl,
-                                         owner->with_recursive ? NULL : this);
+                                         owner->with_recursive ? NULL : this,
+                                         NULL);
     }
     if (!tbl->with)
       tbl->with= find_table_def_in_with_clauses(tbl, ctxt);
@@ -643,6 +651,8 @@ void With_element::check_dependencies_in_unit(st_select_lex_unit *unit,
   {
     check_dependencies_in_select(sl, &unit_ctxt_elem, in_subq, dep_map);
   }
+  if ((sl= unit->fake_select_lex))
+    check_dependencies_in_select(sl, &unit_ctxt_elem, in_subq, dep_map);
 }
 
 
@@ -1099,7 +1109,8 @@ st_select_lex_unit *With_element::clone_parsed_spec(LEX *old_lex,
   */
   lex->only_cte_resolution= old_lex->only_cte_resolution;
   if (lex->resolve_references_to_cte(lex->query_tables,
-                                     lex->query_tables_last))
+                                     lex->query_tables_last,
+                                     spec))
   {
     res= NULL;
     goto err;
@@ -1199,7 +1210,7 @@ With_element::process_columns_of_derived_unit(THD *thd,
     /* Rename the columns of the first select in the unit */
     while ((item= it++, name= nm++))
     {
-      item->set_name(thd, *name);
+      lex_string_set(&item->name, name->str);
       item->base_flags|= item_base_t::IS_EXPLICIT_NAME;
     }
 
@@ -1279,14 +1290,14 @@ bool With_element::prepare_unreferenced(THD *thd)
        sl= sl->next_select())
     sl->context.outer_context= 0;
 
+  uint8 save_context_analysys_only= thd->lex->context_analysis_only;
   thd->lex->context_analysis_only|= CONTEXT_ANALYSIS_ONLY_DERIVED;
   if (!spec->prepared &&
       (spec->prepare(spec->derived, 0, 0) ||
        process_columns_of_derived_unit(thd, spec) ||
        check_duplicate_names(thd, first_sl->item_list, 1)))
     rc= true;
-
-  thd->lex->context_analysis_only&= ~CONTEXT_ANALYSIS_ONLY_DERIVED;
+  thd->lex->context_analysis_only= save_context_analysys_only;
   return rc;
 }
 
@@ -1302,6 +1313,7 @@ bool With_element::is_anchor(st_select_lex *sel)
      Search for the definition of the given table referred in this select node
 
   @param table  reference to the table whose definition is searched for
+  @param excl_spec  ignore the definition with this spec
      
   @details  
     The method looks for the definition of the table whose reference is occurred
@@ -1314,7 +1326,8 @@ bool With_element::is_anchor(st_select_lex *sel)
     NULL -  otherwise
 */    
 
-With_element *st_select_lex::find_table_def_in_with_clauses(TABLE_LIST *table)
+With_element *st_select_lex::find_table_def_in_with_clauses(TABLE_LIST *table,
+                                                 st_select_lex_unit *excl_spec)
 {
   With_element *found= NULL;
   With_clause *containing_with_clause= NULL;
@@ -1331,7 +1344,7 @@ With_element *st_select_lex::find_table_def_in_with_clauses(TABLE_LIST *table)
     With_clause *attached_with_clause= sl->get_with_clause();
     if (attached_with_clause &&
         attached_with_clause != containing_with_clause &&
-        (found= attached_with_clause->find_table_def(table, NULL)))
+        (found= attached_with_clause->find_table_def(table, NULL, excl_spec)))
       break;
     master_unit= sl->master_unit();
     outer_sl= master_unit->outer_select();
@@ -1341,7 +1354,8 @@ With_element *st_select_lex::find_table_def_in_with_clauses(TABLE_LIST *table)
       containing_with_clause= with_elem->get_owner();
       With_element *barrier= containing_with_clause->with_recursive ?
                                NULL : with_elem;
-      if ((found= containing_with_clause->find_table_def(table, barrier)))
+      if ((found= containing_with_clause->find_table_def(table, barrier,
+                                                         excl_spec)))
         break;
       if (outer_sl && !outer_sl->get_with_element())
         break;
diff --git a/sql/sql_cte.h b/sql/sql_cte.h
index 6a1f67d3..1da7c6c3 100644
--- a/sql/sql_cte.h
+++ b/sql/sql_cte.h
@@ -325,7 +325,8 @@ public:
 
   friend
   bool LEX::resolve_references_to_cte(TABLE_LIST *tables,
-                                      TABLE_LIST **tables_last);
+                                      TABLE_LIST **tables_last,
+                                      st_select_lex_unit *excl_spec);
 };
 
 const uint max_number_of_elements_in_with_clause= sizeof(table_map)*8;
@@ -425,7 +426,8 @@ public:
 
   void move_anchors_ahead();
 
-  With_element *find_table_def(TABLE_LIST *table, With_element *barrier);
+  With_element *find_table_def(TABLE_LIST *table, With_element *barrier,
+                               st_select_lex_unit *excl_spec);
 
   With_element *find_table_def_in_with_clauses(TABLE_LIST *table);
 
diff --git a/sql/sql_delete.cc b/sql/sql_delete.cc
index 90194659..202dde11 100644
--- a/sql/sql_delete.cc
+++ b/sql/sql_delete.cc
@@ -534,7 +534,8 @@ bool mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds,
   select=make_select(table, 0, 0, conds, (SORT_INFO*) 0, 0, &error);
   if (unlikely(error))
     DBUG_RETURN(TRUE);
-  if ((select && select->check_quick(thd, safe_update, limit)) || !limit)
+  if ((select && select->check_quick(thd, safe_update, limit,
+                                     Item_func::BITMAP_ALL)) || !limit)
   {
     query_plan.set_impossible_where();
     if (thd->lex->describe || thd->lex->analyze_stmt)
@@ -1268,6 +1269,13 @@ multi_delete::initialize_tables(JOIN *join)
   {
     TABLE_LIST *tbl= walk->correspondent_table->find_table_for_update();
     tables_to_delete_from|= tbl->table->map;
+
+    /*
+      Ensure that filesort re-reads the row from the engine before
+      delete is called.
+    */
+    join->map2table[tbl->table->tablenr]->keep_current_rowid= true;
+
     if (delete_while_scanning &&
         unique_table(thd, tbl, join->tables_list, 0))
     {
diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc
index 4e42bcd3..afcbb7f8 100644
--- a/sql/sql_derived.cc
+++ b/sql/sql_derived.cc
@@ -1243,6 +1243,9 @@ bool mysql_derived_fill(THD *thd, LEX *lex, TABLE_LIST *derived)
       goto err;
     JOIN *join= unit->first_select()->join;
     join->first_record= false;
+    if (join->zero_result_cause)
+      goto err;
+
     for (uint i= join->top_join_tab_count;
          i < join->top_join_tab_count + join->aggr_tables;
          i++)
@@ -1351,6 +1354,10 @@ bool mysql_derived_reinit(THD *thd, LEX *lex, TABLE_LIST *derived)
                        derived->get_unit()));
   st_select_lex_unit *unit= derived->get_unit();
 
+  // reset item names to that saved after wildcard expansion in JOIN::prepare
+  for(st_select_lex *sl= unit->first_select(); sl; sl= sl->next_select())
+    sl->restore_item_list_names();
+
   derived->merged_for_insert= FALSE;
   unit->unclean();
   unit->types.empty();
diff --git a/sql/sql_help.cc b/sql/sql_help.cc
index f9932f11..34e77e37 100644
--- a/sql/sql_help.cc
+++ b/sql/sql_help.cc
@@ -667,7 +667,8 @@ SQL_SELECT *prepare_simple_select(THD *thd, Item *cond,
 
   SQL_SELECT *res= make_select(table, 0, 0, cond, 0, 0, error);
   if (unlikely(*error) ||
-      (likely(res) && unlikely(res->check_quick(thd, 0, HA_POS_ERROR))) ||
+      (likely(res) && unlikely(res->check_quick(thd, 0, HA_POS_ERROR,
+                                                Item_func::BITMAP_ALL))) ||
       (likely(res) && res->quick && unlikely(res->quick->reset())))
   {
     delete res;
diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc
index 26431968..97e1c102 100644
--- a/sql/sql_insert.cc
+++ b/sql/sql_insert.cc
@@ -83,6 +83,7 @@
 #include "rpl_rli.h"
 
 #ifdef WITH_WSREP
+#include "wsrep_mysqld.h" /* wsrep_append_table_keys() */
 #include "wsrep_trans_observer.h" /* wsrep_start_transction() */
 #endif /* WITH_WSREP */
 
@@ -95,7 +96,8 @@ static void end_delayed_insert(THD *thd);
 pthread_handler_t handle_delayed_insert(void *arg);
 static void unlink_blobs(TABLE *table);
 #endif
-static bool check_view_insertability(THD *thd, TABLE_LIST *view);
+static bool check_view_insertability(THD *thd, TABLE_LIST *view,
+                                     List<Item> &fields);
 static int binlog_show_create_table_(THD *thd, TABLE *table,
                                      Table_specification_st *create_info);
 
@@ -310,7 +312,7 @@ static int check_insert_fields(THD *thd, TABLE_LIST *table_list,
 
   if (check_key_in_view(thd, table_list) ||
       (table_list->view &&
-       check_view_insertability(thd, table_list)))
+       check_view_insertability(thd, table_list, fields)))
   {
     my_error(ER_NON_INSERTABLE_TABLE, MYF(0), table_list->alias.str, "INSERT");
     DBUG_RETURN(-1);
@@ -591,7 +593,8 @@ bool open_and_lock_for_insert_delayed(THD *thd, TABLE_LIST *table_list)
       Open tables used for sub-selects or in stored functions, will also
       cache these functions.
     */
-    if (open_and_lock_tables(thd, table_list->next_global, TRUE,
+    if (table_list->next_global &&
+        open_and_lock_tables(thd, table_list->next_global, TRUE,
                              MYSQL_OPEN_IGNORE_ENGINE_STATS))
     {
       end_delayed_insert(thd);
@@ -1424,6 +1427,7 @@ abort:
     check_view_insertability()
     thd     - thread handler
     view    - reference on VIEW
+    fields  - fields used in insert
 
   IMPLEMENTATION
     A view is insertable if the folloings are true:
@@ -1439,7 +1443,8 @@ abort:
     TRUE  - can't be used for insert
 */
 
-static bool check_view_insertability(THD * thd, TABLE_LIST *view)
+static bool check_view_insertability(THD *thd, TABLE_LIST *view,
+                                     List<Item> &fields)
 {
   uint num= view->view->first_select_lex()->item_list.elements;
   TABLE *table= view->table;
@@ -1450,6 +1455,8 @@ static bool check_view_insertability(THD * thd, TABLE_LIST *view)
   uint32 *used_fields_buff= (uint32*)thd->alloc(used_fields_buff_size);
   MY_BITMAP used_fields;
   enum_column_usage saved_column_usage= thd->column_usage;
+  List_iterator_fast<Item> it(fields);
+  Item *ex;
   DBUG_ENTER("check_key_in_view");
 
   if (!used_fields_buff)
@@ -1478,6 +1485,17 @@ static bool check_view_insertability(THD * thd, TABLE_LIST *view)
     /* simple SELECT list entry (field without expression) */
     if (!(field= trans->item->field_for_view_update()))
     {
+      // Do not check fields which we are not inserting into
+      while((ex= it++))
+      {
+        // The field used in the INSERT
+        if (ex->real_item()->field_for_view_update() ==
+            trans->item->field_for_view_update())
+          break;
+      }
+      it.rewind();
+      if (!ex)
+        continue;
       thd->column_usage= saved_column_usage;
       DBUG_RETURN(TRUE);
     }
@@ -1492,11 +1510,12 @@ static bool check_view_insertability(THD * thd, TABLE_LIST *view)
   }
   thd->column_usage= saved_column_usage;
   /* unique test */
-  for (trans= trans_start; trans != trans_end; trans++)
+  while((ex= it++))
   {
     /* Thanks to test above, we know that all columns are of type Item_field */
-    Item_field *field= (Item_field *)trans->item;
-    /* check fields belong to table in which we are inserting */
+    DBUG_ASSERT(ex->real_item()->field_for_view_update()->type() ==
+                Item::FIELD_ITEM);
+    Item_field *field= (Item_field *)ex->real_item()->field_for_view_update();
     if (field->field->table == table &&
         bitmap_fast_test_and_set(&used_fields, field->field->field_index))
       DBUG_RETURN(TRUE);
@@ -1780,7 +1799,7 @@ int mysql_prepare_insert(THD *thd, TABLE_LIST *table_list,
 
 	/* Check if there is more uniq keys after field */
 
-static int last_uniq_key(TABLE *table,uint keynr)
+static int last_uniq_key(TABLE *table, const KEY *key, uint keynr)
 {
   /*
     When an underlying storage engine informs that the unique key
@@ -1800,7 +1819,7 @@ static int last_uniq_key(TABLE *table,uint keynr)
     return 0;
 
   while (++keynr < table->s->keys)
-    if (table->key_info[keynr].flags & HA_NOSAME)
+    if (key[keynr].flags & HA_NOSAME)
       return 0;
   return 1;
 }
@@ -2115,8 +2134,27 @@ int write_record(THD *thd, TABLE *table, COPY_INFO *info, select_result *sink)
           tables which have ON UPDATE but have no ON DELETE triggers,
           we just should not expose this fact to users by invoking
           ON UPDATE triggers.
+
+          Note, TABLE_SHARE and TABLE see long uniques differently:
+          - TABLE_SHARE sees as HA_KEY_ALG_LONG_HASH and HA_NOSAME
+          - TABLE sees as usual non-unique indexes
         */
-        if (last_uniq_key(table,key_nr) &&
+        bool is_long_unique= table->s->key_info &&
+                             table->s->key_info[key_nr].algorithm ==
+                             HA_KEY_ALG_LONG_HASH;
+        if ((is_long_unique ?
+             /*
+               We have a long unique. Test that there are no in-engine
+               uniques and the current long unique is the last long unique.
+             */
+             !(table->key_info[0].flags & HA_NOSAME) &&
+             last_uniq_key(table, table->s->key_info, key_nr) :
+             /*
+               We have a normal key - not a long unique.
+               Test is the current normal key is unique and
+               it is the last normal unique.
+             */
+             last_uniq_key(table, table->key_info, key_nr)) &&
             !table->file->referenced_by_foreign_key() &&
             (!table->triggers || !table->triggers->has_delete_triggers()))
         {
@@ -2721,7 +2759,7 @@ TABLE *Delayed_insert::get_local_table(THD* client_thd)
     }
     THD_STAGE_INFO(client_thd, stage_got_handler_lock);
     if (client_thd->killed)
-      goto error;
+      goto error2;
     if (thd.killed)
     {
       /*
@@ -2746,7 +2784,7 @@ TABLE *Delayed_insert::get_local_table(THD* client_thd)
         my_message(thd.get_stmt_da()->sql_errno(),
                    thd.get_stmt_da()->message(), MYF(0));
       }
-      goto error;
+      goto error2;
     }
   }
   share= table->s;
@@ -2775,11 +2813,14 @@ TABLE *Delayed_insert::get_local_table(THD* client_thd)
                         &record, (uint) share->reclength,
                         &bitmap, (uint) share->column_bitmap_size*4,
                         NullS))
-    goto error;
+    goto error2;
 
   /* Copy the TABLE object. */
   copy= new (copy_tmp) TABLE;
   *copy= *table;
+  copy->vcol_refix_list.empty();
+  init_sql_alloc(key_memory_TABLE, &copy->mem_root, TABLE_ALLOC_BLOCK_SIZE, 0,
+                 MYF(MY_THREAD_SPECIFIC));
 
   /* We don't need to change the file handler here */
   /* Assign the pointers for the field pointers array and the record. */
@@ -2863,11 +2904,15 @@ TABLE *Delayed_insert::get_local_table(THD* client_thd)
   bzero((char*) bitmap, share->column_bitmap_size * bitmaps_used);
   copy->read_set=  &copy->def_read_set;
   copy->write_set= &copy->def_write_set;
+  move_root(client_thd->mem_root, &copy->mem_root);
+  free_root(&copy->mem_root, 0);
 
   DBUG_RETURN(copy);
 
   /* Got fatal error */
  error:
+  free_root(&copy->mem_root, 0);
+error2:
   tables_in_use--;
   mysql_cond_signal(&cond);                     // Inform thread about abort
   DBUG_RETURN(0);
@@ -5115,17 +5160,13 @@ bool select_create::send_eof()
                   thd->wsrep_trx_id(), thd->thread_id, thd->query_id);
 
       /*
-        append table level exclusive key for CTAS
+        For CTAS, append table level exclusive key for created table
+        and table level shared key for selected table.
       */
-      wsrep_key_arr_t key_arr= {0, 0};
-      wsrep_prepare_keys_for_isolation(thd,
-                                       table_list->db.str,
-                                       table_list->table_name.str,
-                                       table_list,
-                                       &key_arr);
-      int rcode= wsrep_thd_append_key(thd, key_arr.keys, key_arr.keys_len,
-                                      WSREP_SERVICE_KEY_EXCLUSIVE);
-      wsrep_keys_free(&key_arr);
+      int rcode= wsrep_append_table_keys(thd, table_list, table_list,
+              WSREP_SERVICE_KEY_EXCLUSIVE);
+      rcode= rcode || wsrep_append_table_keys(thd, nullptr, select_tables,
+              WSREP_SERVICE_KEY_SHARED);
       if (rcode)
       {
         DBUG_PRINT("wsrep", ("row key failed: %d", rcode));
diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc
index d9706020..e6db1456 100644
--- a/sql/sql_lex.cc
+++ b/sql/sql_lex.cc
@@ -1459,7 +1459,7 @@ bool is_lex_native_function(const LEX_CSTRING *name)
 
 bool is_native_function(THD *thd, const LEX_CSTRING *name)
 {
-  if (native_functions_hash.find(thd, *name))
+  if (mariadb_schema.find_native_function_builder(thd, *name))
     return true;
 
   if (is_lex_native_function(name))
@@ -2138,7 +2138,18 @@ int Lex_input_stream::lex_one_token(YYSTYPE *yylval, THD *thd)
       if (lex->parsing_options.lookup_keywords_after_qualifier)
         next_state= MY_LEX_IDENT_OR_KEYWORD;
       else
-        next_state= MY_LEX_IDENT_START;    // Next is ident (not keyword)
+      {
+        /*
+          Next is:
+          - A qualified func with a special syntax:
+            mariadb_schema.REPLACE('a','b','c')
+            mariadb_schema.SUSTRING('a',1,2)
+            mariadb_schema.TRIM('a')
+          - Or an identifier otherwise. No keyword lookup is done,
+            all keywords are treated as identifiers.
+        */
+        next_state= MY_LEX_IDENT_OR_QUALIFIED_SPECIAL_FUNC;
+      }
       if (!ident_map[(uchar) yyPeek()])    // Probably ` or "
         next_state= MY_LEX_START;
       return((int) c);
@@ -2582,7 +2593,12 @@ int Lex_input_stream::lex_one_token(YYSTYPE *yylval, THD *thd)
         We should now be able to handle:
         [(global | local | session) .]variable_name
       */
-      return scan_ident_sysvar(thd, &yylval->ident_cli);
+      return scan_ident_common(thd, &yylval->ident_cli,
+                               GENERAL_KEYWORD_OR_FUNC_LPAREN);
+
+    case MY_LEX_IDENT_OR_QUALIFIED_SPECIAL_FUNC:
+      return scan_ident_common(thd, &yylval->ident_cli,
+                               QUALIFIED_SPECIAL_FUNC_LPAREN);
     }
   }
 }
@@ -2604,7 +2620,64 @@ bool Lex_input_stream::get_7bit_or_8bit_ident(THD *thd, uchar *last_char)
 }
 
 
-int Lex_input_stream::scan_ident_sysvar(THD *thd, Lex_ident_cli_st *str)
+/*
+  Resolve special SQL functions that have a qualified syntax in sql_yacc.yy.
+  These functions are not listed in the native function registry
+  because of a special syntax, or a reserved keyword:
+
+    mariadb_schema.SUBSTRING('a' FROM 1 FOR 2)   -- Special syntax
+    mariadb_schema.TRIM(BOTH ' ' FROM 'a')       -- Special syntax
+    mariadb_schema.REPLACE('a','b','c')          -- Verb keyword
+*/
+
+int Lex_input_stream::find_keyword_qualified_special_func(Lex_ident_cli_st *str,
+                                                          uint length) const
+{
+  /*
+    There are many other special functions, see the following grammar rules:
+      function_call_keyword
+      function_call_nonkeyword
+    Here we resolve only those that have a qualified syntax to handle
+    different behavior in different @@sql_mode settings.
+
+    Other special functions do not work in qualified context:
+      SELECT mariadb_schema.year(now()); -- Function year is not defined
+      SELECT mariadb_schema.now();       -- Function now is not defined
+
+    We don't resolve TRIM_ORACLE here, because it does not have
+    a qualified syntax yet. Search for "trim_operands" in sql_yacc.yy
+    to find more comments.
+  */
+  static LEX_CSTRING funcs[]=
+  {
+    {STRING_WITH_LEN("SUBSTRING")},
+    {STRING_WITH_LEN("SUBSTR")},
+    {STRING_WITH_LEN("TRIM")},
+    {STRING_WITH_LEN("REPLACE")}
+  };
+
+  int tokval= find_keyword(str, length, true);
+  if (!tokval)
+    return 0;
+  for (size_t i= 0; i < array_elements(funcs); i++)
+  {
+    CHARSET_INFO *cs= system_charset_info;
+    /*
+      Check length equality to avoid non-ASCII variants
+      compared as equal to ASCII variants.
+    */
+    if (length == funcs[i].length &&
+        !cs->coll->strnncollsp(cs,
+                               (const uchar *) m_tok_start, length,
+                               (const uchar *) funcs[i].str, funcs[i].length))
+      return tokval;
+  }
+  return 0;
+}
+
+
+int Lex_input_stream::scan_ident_common(THD *thd, Lex_ident_cli_st *str,
+                                        Ident_mode mode)
 {
   uchar last_char;
   uint length;
@@ -2618,10 +2691,41 @@ int Lex_input_stream::scan_ident_sysvar(THD *thd, Lex_ident_cli_st *str)
     next_state= MY_LEX_IDENT_SEP;
   if (!(length= yyLength()))
     return ABORT_SYM;                  // Names must be nonempty.
-  if ((tokval= find_keyword(str, length, 0)))
-  {
-    yyUnget();                         // Put back 'c'
-    return tokval;                     // Was keyword
+
+  switch (mode) {
+  case GENERAL_KEYWORD_OR_FUNC_LPAREN:
+    /*
+      We can come here inside a system variable after "@@",
+      e.g. @@global.character_set_client.
+      We resolve all general purpose keywords here.
+
+      We can come here when LEX::parsing_options.lookup_keywords_after_qualifier
+      is true, i.e. within the "field_spec" Bison rule.
+      We need to resolve functions that have special rules inside sql_yacc.yy,
+      such as SUBSTR, REPLACE, TRIM, to make this work:
+        c2 varchar(4) GENERATED ALWAYS AS (mariadb_schema.substr(c1,1,4))
+    */
+    if ((tokval= find_keyword(str, length, last_char == '(')))
+    {
+      yyUnget();                         // Put back 'c'
+      return tokval;                     // Was keyword
+    }
+    break;
+  case QUALIFIED_SPECIAL_FUNC_LPAREN:
+    /*
+      We come here after '.' in various contexts:
+        SELECT @@global.character_set_client;
+        SELECT t1.a FROM t1;
+        SELECT test.f1() FROM t1;
+        SELECT mariadb_schema.trim('a');
+    */
+    if (last_char == '(' &&
+        (tokval= find_keyword_qualified_special_func(str, length)))
+    {
+      yyUnget();                         // Put back 'c'
+      return tokval;                     // Was keyword
+    }
+    break;
   }
 
   yyUnget();                       // ptr points now after last token char
@@ -2960,6 +3064,7 @@ void st_select_lex::init_query()
   tvc= 0;
   versioned_tables= 0;
   pushdown_select= 0;
+  orig_names_of_item_list_elems= 0;
 }
 
 void st_select_lex::init_select()
@@ -3011,6 +3116,7 @@ void st_select_lex::init_select()
   versioned_tables= 0;
   is_tvc_wrapper= false;
   nest_flags= 0;
+  orig_names_of_item_list_elems= 0;
 }
 
 /*
@@ -3526,8 +3632,9 @@ bool st_select_lex::setup_ref_array(THD *thd, uint order_group_num)
   uint n_elems= get_cardinality_of_ref_ptrs_slice(order_group_num) * 5;
   if (!ref_pointer_array.is_null())
     return false;
-  Item **array= static_cast<Item**>(thd->stmt_arena->alloc(sizeof(Item*) *
-                                                           n_elems));
+
+  Item **array= static_cast<Item**>(
+    thd->active_stmt_arena_to_use()->alloc(sizeof(Item*) * n_elems));
   if (likely(array != NULL))
     ref_pointer_array= Ref_ptr_array(array, n_elems);
   return array == NULL;
@@ -4671,18 +4778,27 @@ static void fix_prepare_info_in_table_list(THD *thd, TABLE_LIST *tbl)
 void st_select_lex::fix_prepare_information(THD *thd, Item **conds, 
                                             Item **having_conds)
 {
+  Query_arena *active_arena= thd->active_stmt_arena_to_use();
+
   DBUG_ENTER("st_select_lex::fix_prepare_information");
-  if (!thd->stmt_arena->is_conventional() &&
+
+  if (!active_arena->is_conventional() &&
       !(changed_elements & TOUCHED_SEL_COND))
   {
     Query_arena_stmt on_stmt_arena(thd);
     changed_elements|= TOUCHED_SEL_COND;
+    /*
+      TODO: return after MDEV-33218 fix
+    DBUG_ASSERT(
+      active_arena->is_stmt_prepare_or_first_stmt_execute() ||
+      active_arena->state == Query_arena::STMT_SP_QUERY_ARGUMENTS);
+    */
     if (group_list.first)
     {
       if (!group_list_ptrs)
       {
-        void *mem= thd->stmt_arena->alloc(sizeof(Group_list_ptrs));
-        group_list_ptrs= new (mem) Group_list_ptrs(thd->stmt_arena->mem_root);
+        void *mem= active_arena->alloc(sizeof(Group_list_ptrs));
+        group_list_ptrs= new (mem) Group_list_ptrs(active_arena->mem_root);
       }
       group_list_ptrs->reserve(group_list.elements);
       for (ORDER *order= group_list.first; order; order= order->next)
@@ -7342,7 +7458,8 @@ sp_head *LEX::make_sp_head(THD *thd, const sp_name *name,
                                       name->m_name);
       else
         sp->init_sp_name(name);
-      sp->make_qname(sp->get_main_mem_root(), &sp->m_qname);
+      if (!(sp->m_qname= sp->make_qname(sp->get_main_mem_root(), true)).str)
+        return NULL;
     }
     sphead= sp;
   }
@@ -9229,7 +9346,7 @@ bool LEX::call_statement_start(THD *thd,
                                const Lex_ident_sys_st *proc)
 {
   Database_qualified_name q_db_pkg(db, pkg);
-  Database_qualified_name q_pkg_proc(pkg, proc);
+  Identifier_chain2 q_pkg_proc(*pkg, *proc);
   sp_name *spname;
 
   sql_command= SQLCOM_CALL;
@@ -9247,7 +9364,7 @@ bool LEX::call_statement_start(THD *thd,
 
   // Concat `pkg` and `name` to `pkg.name`
   LEX_CSTRING pkg_dot_proc;
-  if (q_pkg_proc.make_qname(thd->mem_root, &pkg_dot_proc) ||
+  if (!(pkg_dot_proc= q_pkg_proc.make_qname(thd->mem_root, false)).str ||
       check_ident_length(&pkg_dot_proc) ||
       !(spname= new (thd->mem_root) sp_name(db, &pkg_dot_proc, true)))
     return true;
@@ -9313,7 +9430,8 @@ sp_package *LEX::create_package_start(THD *thd,
     return NULL;
   pkg->reset_thd_mem_root(thd);
   pkg->init(this);
-  pkg->make_qname(pkg->get_main_mem_root(), &pkg->m_qname);
+  if (!(pkg->m_qname= pkg->make_qname(pkg->get_main_mem_root(), true)).str)
+    return NULL;
   sphead= pkg;
   return pkg;
 }
@@ -9376,6 +9494,136 @@ Item *LEX::make_item_func_sysdate(THD *thd, uint fsp)
 }
 
 
+const Schema *
+LEX::find_func_schema_by_name_or_error(const Lex_ident_sys &schema,
+                                       const Lex_ident_sys &func)
+{
+  Schema *res= Schema::find_by_name(schema);
+  if (res)
+    return res;
+  Database_qualified_name qname(schema, func);
+  my_error(ER_FUNCTION_NOT_DEFINED, MYF(0), ErrConvDQName(&qname).ptr());
+  return NULL;
+}
+
+
+Item *LEX::make_item_func_substr(THD *thd,
+                                 const Lex_ident_cli_st &schema_name_cli,
+                                 const Lex_ident_cli_st &func_name_cli,
+                                 const Lex_substring_spec_st &spec)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  const Schema *schema= find_func_schema_by_name_or_error(schema_name,
+                                                          func_name);
+  return schema ? schema->make_item_func_substr(thd, spec) : NULL;
+}
+
+
+Item *LEX::make_item_func_substr(THD *thd,
+                                 const Lex_ident_cli_st &schema_name_cli,
+                                 const Lex_ident_cli_st &func_name_cli,
+                                 List<Item> *item_list)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  Schema *schema;
+  if (item_list &&
+      (item_list->elements == 2 || item_list->elements == 3) &&
+      (schema= Schema::find_by_name(schema_name)))
+  {
+    Item_args args(thd, *item_list);
+    Lex_substring_spec_st spec=
+      Lex_substring_spec_st::init(args.arguments()[0],
+                                  args.arguments()[1],
+                                  item_list->elements == 3 ?
+                                  args.arguments()[2] : NULL);
+    return schema->make_item_func_substr(thd, spec);
+  }
+  return make_item_func_call_generic(thd, schema_name, func_name, item_list);
+}
+
+
+Item *LEX::make_item_func_replace(THD *thd,
+                                  const Lex_ident_cli_st &schema_name_cli,
+                                  const Lex_ident_cli_st &func_name_cli,
+                                  Item *org,
+                                  Item *find,
+                                  Item *replace)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  const Schema *schema= find_func_schema_by_name_or_error(schema_name,
+                                                          func_name);
+  return schema ? schema->make_item_func_replace(thd, org, find, replace) :
+                  NULL;
+}
+
+
+Item *LEX::make_item_func_replace(THD *thd,
+                                  const Lex_ident_cli_st &schema_name_cli,
+                                  const Lex_ident_cli_st &func_name_cli,
+                                  List<Item> *item_list)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  const Schema *schema;
+  if (item_list && item_list->elements == 3 &&
+      (schema= Schema::find_by_name(schema_name)))
+  {
+    Item_args args(thd, *item_list);
+    return schema->make_item_func_replace(thd, args.arguments()[0],
+                                               args.arguments()[1],
+                                               args.arguments()[2]);
+  }
+  return make_item_func_call_generic(thd, schema_name, func_name, item_list);
+}
+
+
+Item *LEX::make_item_func_trim(THD *thd,
+                               const Lex_ident_cli_st &schema_name_cli,
+                               const Lex_ident_cli_st &func_name_cli,
+                               const Lex_trim_st &spec)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  const Schema *schema= find_func_schema_by_name_or_error(schema_name,
+                                                          func_name);
+  return schema ? schema->make_item_func_trim(thd, spec) : NULL;
+}
+
+
+Item *LEX::make_item_func_trim(THD *thd,
+                               const Lex_ident_cli_st &schema_name_cli,
+                               const Lex_ident_cli_st &func_name_cli,
+                               List<Item> *item_list)
+{
+  Lex_ident_sys schema_name(thd, &schema_name_cli);
+  Lex_ident_sys func_name(thd, &func_name_cli);
+  if (schema_name.is_null() || func_name.is_null())
+    return NULL; // EOM
+  const Schema *schema;
+  if (item_list && item_list->elements == 1 &&
+      (schema= Schema::find_by_name(schema_name)))
+  {
+    Item_args args(thd, *item_list);
+    Lex_trim spec(TRIM_BOTH, args.arguments()[0]);
+    return schema->make_item_func_trim(thd, spec);
+  }
+  return make_item_func_call_generic(thd, schema_name, func_name, item_list);
+}
+
+
 bool SELECT_LEX::vers_push_field(THD *thd, TABLE_LIST *table,
                                  const LEX_CSTRING field_name)
 {
@@ -9454,16 +9702,10 @@ Item *Lex_trim_st::make_item_func_trim_oracle(THD *thd) const
 }
 
 
-Item *Lex_trim_st::make_item_func_trim(THD *thd) const
-{
-  return (thd->variables.sql_mode & MODE_ORACLE) ?
-         make_item_func_trim_oracle(thd) :
-         make_item_func_trim_std(thd);
-}
-
-
-Item *LEX::make_item_func_call_generic(THD *thd, Lex_ident_cli_st *cdb,
-                                       Lex_ident_cli_st *cname, List<Item> *args)
+Item *LEX::make_item_func_call_generic(THD *thd,
+                                       const Lex_ident_cli_st *cdb,
+                                       const Lex_ident_cli_st *cname,
+                                       List<Item> *args)
 {
   Lex_ident_sys db(thd, cdb), name(thd, cname);
   if (db.is_null() || name.is_null())
@@ -9490,6 +9732,19 @@ Item *LEX::make_item_func_call_generic(THD *thd, Lex_ident_cli_st *cdb,
   if (check_routine_name(&name))
     return NULL;
 
+  return make_item_func_call_generic(thd, db, name, args);
+}
+
+
+Item *LEX::make_item_func_call_generic(THD *thd,
+                                       const Lex_ident_sys &db,
+                                       const Lex_ident_sys &name,
+                                       List<Item> *args)
+{
+  const Schema *schema= Schema::find_by_name(db);
+  if (schema)
+    return schema->make_item_func_call_native(thd, name, args);
+
   Create_qfunc *builder= find_qualified_function_builder(thd);
   DBUG_ASSERT(builder);
   return builder->create_with_db(thd, &db, &name, true, args);
@@ -9510,7 +9765,7 @@ Item *LEX::make_item_func_call_generic(THD *thd,
   static Lex_cstring dot(".", 1);
   Lex_ident_sys db(thd, cdb), pkg(thd, cpkg), func(thd, cfunc);
   Database_qualified_name q_db_pkg(db, pkg);
-  Database_qualified_name q_pkg_func(pkg, func);
+  Identifier_chain2 q_pkg_func(pkg, func);
   sp_name *qname;
 
   if (db.is_null() || pkg.is_null() || func.is_null())
@@ -9527,7 +9782,7 @@ Item *LEX::make_item_func_call_generic(THD *thd,
 
   // Concat `pkg` and `name` to `pkg.name`
   LEX_CSTRING pkg_dot_func;
-  if (q_pkg_func.make_qname(thd->mem_root, &pkg_dot_func) ||
+  if (!(pkg_dot_func= q_pkg_func.make_qname(thd->mem_root, false)).str ||
       check_ident_length(&pkg_dot_func) ||
       !(qname= new (thd->mem_root) sp_name(&db, &pkg_dot_func, true)))
     return NULL;
@@ -9936,8 +10191,17 @@ bool Lex_order_limit_lock::set_to(SELECT_LEX *sel)
           "CUBE/ROLLUP", "ORDER BY");
       return TRUE;
     }
+    for (ORDER *order= order_list->first; order; order= order->next)
+      (*order->item)->walk(&Item::change_context_processor, FALSE,
+                           &sel->context);
     sel->order_list= *(order_list);
   }
+  if (limit.select_limit)
+    limit.select_limit->walk(&Item::change_context_processor, FALSE,
+                             &sel->context);
+  if (limit.offset_limit)
+    limit.offset_limit->walk(&Item::change_context_processor, FALSE,
+                             &sel->context);
   sel->is_set_query_expr_tail= true;
   return FALSE;
 }
@@ -11191,6 +11455,72 @@ exit:
 }
 
 
+/**
+  @brief
+  Save the original names of items from the item list.
+
+  @retval
+    true  - if an error occurs
+    false - otherwise
+*/
+
+bool st_select_lex::save_item_list_names(THD *thd)
+{
+  if (orig_names_of_item_list_elems)
+    return false;
+
+  Query_arena *arena, backup;
+  arena= thd->activate_stmt_arena_if_needed(&backup);
+
+  if (unlikely(!(orig_names_of_item_list_elems= new(thd->mem_root)
+                                       List<Lex_ident_sys>)))
+    return true;
+
+  List_iterator_fast<Item> li(item_list);
+  Item *item;
+
+  while ((item= li++))
+  {
+    Lex_ident_sys *name= new (thd->mem_root) Lex_ident_sys(thd, &item->name);
+    if (unlikely(!name ||
+          orig_names_of_item_list_elems->push_back(name,  thd->mem_root)))
+    {
+      if (arena)
+        thd->restore_active_arena(arena, &backup);
+      orig_names_of_item_list_elems= 0;
+      return true;
+    }
+  }
+
+  if (arena)
+    thd->restore_active_arena(arena, &backup);
+
+  return false;
+}
+
+
+/**
+  @brief
+    Restore the name of each item in the item_list of this st_select_lex
+    from orig_names_of_item_list_elems.
+*/
+
+void st_select_lex::restore_item_list_names()
+{
+  if (!orig_names_of_item_list_elems)
+    return;
+
+  DBUG_ASSERT(item_list.elements == orig_names_of_item_list_elems->elements);
+
+  List_iterator_fast<Lex_ident_sys> it(*orig_names_of_item_list_elems);
+  Lex_ident_sys *new_name;
+  List_iterator_fast<Item> li(item_list);
+  Item *item;
+
+  while ((item= li++) && (new_name= it++))
+    lex_string_set( &item->name, new_name->str);
+}
+
 bool LEX::stmt_install_plugin(const DDL_options_st &opt,
                               const Lex_ident_sys_st &name,
                               const LEX_CSTRING &soname)
diff --git a/sql/sql_lex.h b/sql/sql_lex.h
index f548fbe5..3151f237 100644
--- a/sql/sql_lex.h
+++ b/sql/sql_lex.h
@@ -146,6 +146,11 @@ public:
 struct Lex_ident_sys_st: public LEX_CSTRING
 {
 public:
+  static void *operator new(size_t size, MEM_ROOT *mem_root) throw ()
+  { return alloc_root(mem_root, size); }
+  static void operator delete(void *ptr,size_t size) { TRASH_FREE(ptr, size); }
+  static void operator delete(void *ptr, MEM_ROOT *mem_root) {}
+
   bool copy_ident_cli(THD *thd, const Lex_ident_cli_st *str);
   bool copy_keyword(THD *thd, const Lex_ident_cli_st *str);
   bool copy_sys(THD *thd, const LEX_CSTRING *str);
@@ -179,6 +184,10 @@ public:
     LEX_CSTRING tmp= {name, length};
     set_valid_utf8(&tmp);
   }
+  Lex_ident_sys(THD *thd, const LEX_CSTRING *str)
+  {
+    set_valid_utf8(str);
+  }
   Lex_ident_sys & operator=(const Lex_ident_sys_st &name)
   {
     Lex_ident_sys_st::operator=(name);
@@ -1221,6 +1230,11 @@ public:
   List<Field_pair> grouping_tmp_fields;
   List<udf_func>     udf_list;                  /* udf function calls stack */
   List<Index_hint> *index_hints;  /* list of USE/FORCE/IGNORE INDEX */
+  /*
+    This list is used to restore the names of items
+    from item_list after each execution of the statement.
+  */
+  List<Lex_ident_sys> *orig_names_of_item_list_elems;
   List<List_item> save_many_values;
   List<Item> *save_insert_list;
 
@@ -1438,6 +1452,9 @@ public:
                               bool straight_fl);
   TABLE_LIST *convert_right_join();
   List<Item>* get_item_list();
+  bool save_item_list_names(THD *thd);
+  void restore_item_list_names();
+
   ulong get_table_join_options();
   void set_lock_for_tables(thr_lock_type lock_type, bool for_update,
                            bool skip_locks);
@@ -1577,7 +1594,8 @@ public:
            master_unit()->cloned_from->with_element :
            master_unit()->with_element;
   }
-  With_element *find_table_def_in_with_clauses(TABLE_LIST *table);
+  With_element *find_table_def_in_with_clauses(TABLE_LIST *table,
+                                               st_select_lex_unit * excl_spec);
   bool check_unrestricted_recursive(bool only_standard_compliant);
   bool check_subqueries_with_recursive_references();
   void collect_grouping_fields_for_derived(THD *thd, ORDER *grouping_list);
@@ -2461,6 +2479,15 @@ public:
   void reduce_digest_token(uint token_left, uint token_right);
 
 private:
+
+  enum Ident_mode
+  {
+    GENERAL_KEYWORD_OR_FUNC_LPAREN,
+    QUALIFIED_SPECIAL_FUNC_LPAREN
+  };
+
+  int scan_ident_common(THD *thd, Lex_ident_cli_st *str, Ident_mode mode);
+
   /**
     Set the echo mode.
 
@@ -2781,8 +2808,8 @@ private:
   bool consume_comment(int remaining_recursions_permitted);
   int lex_one_token(union YYSTYPE *yylval, THD *thd);
   int find_keyword(Lex_ident_cli_st *str, uint len, bool function) const;
+  int find_keyword_qualified_special_func(Lex_ident_cli_st *str, uint len) const;
   LEX_CSTRING get_token(uint skip, uint length);
-  int scan_ident_sysvar(THD *thd, Lex_ident_cli_st *str);
   int scan_ident_start(THD *thd, Lex_ident_cli_st *str);
   int scan_ident_middle(THD *thd, Lex_ident_cli_st *str,
                         CHARSET_INFO **cs, my_lex_states *);
@@ -4128,8 +4155,42 @@ public:
   Item *create_item_query_expression(THD *thd, st_select_lex_unit *unit);
 
   Item *make_item_func_sysdate(THD *thd, uint fsp);
-  Item *make_item_func_call_generic(THD *thd, Lex_ident_cli_st *db,
-                                    Lex_ident_cli_st *name, List<Item> *args);
+
+  static const Schema *
+    find_func_schema_by_name_or_error(const Lex_ident_sys &schema_name,
+                                      const Lex_ident_sys &func_name);
+  Item *make_item_func_replace(THD *thd,
+                               const Lex_ident_cli_st &schema_name,
+                               const Lex_ident_cli_st &func_name,
+                               Item *org, Item *find, Item *replace);
+  Item *make_item_func_replace(THD *thd,
+                               const Lex_ident_cli_st &schema_name,
+                               const Lex_ident_cli_st &func_name,
+                               List<Item> *args);
+  Item *make_item_func_substr(THD *thd,
+                              const Lex_ident_cli_st &schema_name,
+                              const Lex_ident_cli_st &func_name,
+                              const Lex_substring_spec_st &spec);
+  Item *make_item_func_substr(THD *thd,
+                              const Lex_ident_cli_st &schema_name,
+                              const Lex_ident_cli_st &func_name,
+                              List<Item> *args);
+  Item *make_item_func_trim(THD *thd,
+                            const Lex_ident_cli_st &schema_name,
+                            const Lex_ident_cli_st &func_name,
+                            const Lex_trim_st &spec);
+  Item *make_item_func_trim(THD *thd,
+                            const Lex_ident_cli_st &schema_name,
+                            const Lex_ident_cli_st &func_name,
+                            List<Item> *args);
+  Item *make_item_func_call_generic(THD *thd,
+                                    const Lex_ident_cli_st *db,
+                                    const Lex_ident_cli_st *name,
+                                    List<Item> *args);
+  Item *make_item_func_call_generic(THD *thd,
+                                    const Lex_ident_sys &db,
+                                    const Lex_ident_sys &name,
+                                    List<Item> *args);
   Item *make_item_func_call_generic(THD *thd,
                                     Lex_ident_cli_st *db,
                                     Lex_ident_cli_st *pkg,
@@ -4830,7 +4891,8 @@ public:
   bool check_dependencies_in_with_clauses();
   bool check_cte_dependencies_and_resolve_references();
   bool resolve_references_to_cte(TABLE_LIST *tables,
-                                 TABLE_LIST **tables_last);
+                                 TABLE_LIST **tables_last,
+                                 st_select_lex_unit *excl_spec);
 
   /**
     Turn on the SELECT_DESCRIBE flag for every SELECT_LEX involved into
diff --git a/sql/sql_list.h b/sql/sql_list.h
index 5a57c86e..faec566c 100644
--- a/sql/sql_list.h
+++ b/sql/sql_list.h
@@ -799,7 +799,9 @@ public:
 class base_ilist_iterator
 {
   base_ilist *list;
-  struct ilink **el,*current;
+  struct ilink **el;
+protected:
+  struct ilink *current;
 public:
   base_ilist_iterator(base_ilist &list_par) :list(&list_par),
     el(&list_par.first),current(0) {}
@@ -811,6 +813,13 @@ public:
     el= &current->next;
     return current;
   }
+  /* Unlink element returned by last next() call */
+  inline void unlink(void)
+  {
+    struct ilink **tmp= current->prev;
+    current->unlink();
+    el= tmp;
+  }
 };
 
 
@@ -840,6 +849,13 @@ template <class T> class I_List_iterator :public base_ilist_iterator
 public:
   I_List_iterator(I_List<T> &a) : base_ilist_iterator(a) {}
   inline T* operator++(int) { return (T*) base_ilist_iterator::next(); }
+  /* Remove element returned by last next() call */
+  inline void remove(void)
+  {
+    unlink();
+    delete (T*) current;
+    current= 0;                                 // Safety
+  }
 };
 
 /**
diff --git a/sql/sql_load.cc b/sql/sql_load.cc
index 8aa1452c..be3063e5 100644
--- a/sql/sql_load.cc
+++ b/sql/sql_load.cc
@@ -255,6 +255,10 @@ public:
   */
   void skip_data_till_eof()
   {
+#ifndef EMBEDDED_LIBRARY
+    if (mysql_bin_log.is_open())
+      cache.read_function= cache.real_read_function;
+#endif
     while (GET != my_b_EOF)
       ;
   }
diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc
index 1817f811..f9da2c40 100644
--- a/sql/sql_parse.cc
+++ b/sql/sql_parse.cc
@@ -2124,7 +2124,6 @@ dispatch_command_return dispatch_command(enum enum_server_command command, THD *
     {
       ulong pos;
       ushort flags;
-      uint32 slave_server_id;
 
       status_var_increment(thd->status_var.com_other);
 
@@ -2135,10 +2134,26 @@ dispatch_command_return dispatch_command(enum enum_server_command command, THD *
       /* TODO: The following has to be changed to an 8 byte integer */
       pos = uint4korr(packet);
       flags = uint2korr(packet + 4);
-      thd->variables.server_id=0; /* avoid suicide */
-      if ((slave_server_id= uint4korr(packet+6))) // mysqlbinlog.server_id==0
-	kill_zombie_dump_threads(slave_server_id);
-      thd->variables.server_id = slave_server_id;
+      if ((thd->variables.server_id= uint4korr(packet+6)))
+      {
+        bool got_error;
+
+        got_error= kill_zombie_dump_threads(thd,
+                                            thd->variables.server_id);
+        if (got_error || thd->killed)
+        {
+          if (!thd->killed)
+            my_printf_error(ER_MASTER_FATAL_ERROR_READING_BINLOG,
+                            "Could not start dump thread for slave: %u as "
+                            "it has already a running dump thread",
+                            MYF(0), (uint) thd->variables.server_id);
+          else if (! thd->get_stmt_da()->is_set())
+            thd->send_kill_message();
+          error= TRUE;
+          thd->unregister_slave(); // todo: can be extraneous
+          break;
+        }
+      }
 
       const char *name= packet + 10;
       size_t nlen= strlen(name);
@@ -2146,6 +2161,8 @@ dispatch_command_return dispatch_command(enum enum_server_command command, THD *
       general_log_print(thd, command, "Log: '%s'  Pos: %lu", name, pos);
       if (nlen < FN_REFLEN)
         mysql_binlog_send(thd, thd->strmake(name, nlen), (my_off_t)pos, flags);
+      if (thd->killed && ! thd->get_stmt_da()->is_set())
+        thd->send_kill_message();
       thd->unregister_slave(); // todo: can be extraneous
       /*  fake COM_QUIT -- if we get here, the thread needs to terminate */
       error = TRUE;
@@ -2435,7 +2452,7 @@ resume:
   /* Performance Schema Interface instrumentation, end */
   MYSQL_END_STATEMENT(thd->m_statement_psi, thd->get_stmt_da());
   thd->set_examined_row_count(0);                   // For processlist
-  thd->set_command(COM_SLEEP);
+  thd->mark_connection_idle();
 
   thd->m_statement_psi= NULL;
   thd->m_digest= NULL;
@@ -2449,6 +2466,8 @@ resume:
   */
   thd->lex->m_sql_cmd= NULL;
   free_root(thd->mem_root,MYF(MY_KEEP_PREALLOC));
+  DBUG_EXECUTE_IF("print_allocated_thread_memory",
+                  SAFEMALLOC_REPORT_MEMORY(sf_malloc_dbug_id()););
 
 #if defined(ENABLED_PROFILING)
   thd->profiling.finish_current_query();
@@ -5173,9 +5192,55 @@ mysql_execute_command(THD *thd, bool is_called_from_prepared_stmt)
       my_ok(thd);
     break;
   case SQLCOM_BACKUP_LOCK:
-    if (check_global_access(thd, RELOAD_ACL))
-      goto error;
-    /* first table is set for lock. For unlock the list is empty */
+    if (check_global_access(thd, RELOAD_ACL, true))
+    {
+#ifndef NO_EMBEDDED_ACCESS_CHECKS
+      /*
+        In case there is no global privilege, check DB privilege for LOCK TABLES.
+      */
+      if (first_table) // BACKUP LOCK
+      {
+        if (check_single_table_access(thd, LOCK_TABLES_ACL, first_table, true))
+        {
+          char command[30];
+          get_privilege_desc(command, sizeof(command), RELOAD_ACL|LOCK_TABLES_ACL);
+          my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
+          goto error;
+        }
+      }
+      else // BACKUP UNLOCK
+      {
+        /*
+          We test mdl_backup_lock here because, if a user could obtain a lock
+          it would be silly to error and say `you can't BACKUP UNLOCK`
+          (because its obvious you did a `BACKUP LOCK`).
+          As `BACKUP UNLOCK` doesn't have a database reference,
+          there's no way we can check if the `BACKUP LOCK` privilege is missing.
+          Testing `thd->db` would involve faking a `TABLE_LIST` structure,
+          which because of the depth of inspection
+          in `check_single_table_access` makes the faking likely to cause crashes,
+          or unintended effects. The outcome of this is,
+          if a user does an `BACKUP UNLOCK` without a `BACKUP LOCKED` table,
+          there may be a` ER_SPECIFIC_ACCESS_DENIED` error even though
+          user has the privilege.
+          Its a bit different to what happens if the user has RELOAD_ACL,
+          where the error is silently ignored.
+        */
+        if (!thd->mdl_backup_lock)
+        {
+
+          char command[30];
+          get_privilege_desc(command, sizeof(command), RELOAD_ACL|LOCK_TABLES_ACL);
+          my_error(ER_SPECIFIC_ACCESS_DENIED_ERROR, MYF(0), command);
+          goto error;
+        }
+      }
+#endif
+    }
+    /*
+      There is reload privilege, first table is set for lock.
+      For unlock the list is empty
+    */
     if (first_table)
       res= backup_lock(thd, first_table);
     else
@@ -7931,6 +7996,7 @@ static bool wsrep_mysql_parse(THD *thd, char *rawbuf, uint length,
     thd->wsrep_retry_query      = NULL;
     thd->wsrep_retry_query_len  = 0;
     thd->wsrep_retry_command    = COM_CONNECT;
+    thd->proc_info= 0;
   }
   return false;
 }
@@ -9285,11 +9351,13 @@ kill_one_thread(THD *thd, my_thread_id id, killed_state kill_signal, killed_type
 
 struct kill_threads_callback_arg
 {
-  kill_threads_callback_arg(THD *thd_arg, LEX_USER *user_arg):
-    thd(thd_arg), user(user_arg) {}
+  kill_threads_callback_arg(THD *thd_arg, LEX_USER *user_arg,
+                            killed_state kill_signal_arg):
+    thd(thd_arg), user(user_arg), kill_signal(kill_signal_arg), counter(0) {}
   THD *thd;
   LEX_USER *user;
-  List<THD> threads_to_kill;
+  killed_state kill_signal;
+  uint counter;
 };
 
 
@@ -9312,11 +9380,12 @@ static my_bool kill_threads_callback(THD *thd, kill_threads_callback_arg *arg)
       {
         return MY_TEST(arg->thd->security_ctx->master_access & PROCESS_ACL);
       }
-      if (!arg->threads_to_kill.push_back(thd, arg->thd->mem_root))
-      {
-        mysql_mutex_lock(&thd->LOCK_thd_kill); // Lock from delete
-        mysql_mutex_lock(&thd->LOCK_thd_data);
-      }
+      arg->counter++;
+      mysql_mutex_lock(&thd->LOCK_thd_kill); // Lock from delete
+      mysql_mutex_lock(&thd->LOCK_thd_data);
+      thd->awake_no_mutex(arg->kill_signal);
+      mysql_mutex_unlock(&thd->LOCK_thd_data);
+      mysql_mutex_unlock(&thd->LOCK_thd_kill);
     }
   }
   return 0;
@@ -9326,42 +9395,17 @@ static my_bool kill_threads_callback(THD *thd, kill_threads_callback_arg *arg)
 static uint kill_threads_for_user(THD *thd, LEX_USER *user,
                                   killed_state kill_signal, ha_rows *rows)
 {
-  kill_threads_callback_arg arg(thd, user);
+  kill_threads_callback_arg arg(thd, user, kill_signal);
   DBUG_ENTER("kill_threads_for_user");
-
-  *rows= 0;
-
-  if (unlikely(thd->is_fatal_error))        // If we run out of memory
-    DBUG_RETURN(ER_OUT_OF_RESOURCES);
-
   DBUG_PRINT("enter", ("user: %s  signal: %u", user->user.str,
                        (uint) kill_signal));
 
+  *rows= 0;
+
   if (server_threads.iterate(kill_threads_callback, &arg))
     DBUG_RETURN(ER_KILL_DENIED_ERROR);
 
-  if (!arg.threads_to_kill.is_empty())
-  {
-    List_iterator_fast<THD> it2(arg.threads_to_kill);
-    THD *next_ptr;
-    THD *ptr= it2++;
-    do
-    {
-      ptr->awake_no_mutex(kill_signal);
-      /*
-        Careful here: The list nodes are allocated on the memroots of the
-        THDs to be awakened.
-        But those THDs may be terminated and deleted as soon as we release
-        LOCK_thd_kill, which will make the list nodes invalid.
-        Since the operation "it++" dereferences the "next" pointer of the
-        previous list node, we need to do this while holding LOCK_thd_kill.
-      */
-      next_ptr= it2++;
-      mysql_mutex_unlock(&ptr->LOCK_thd_kill);
-      mysql_mutex_unlock(&ptr->LOCK_thd_data);
-      (*rows)++;
-    } while ((ptr= next_ptr));
-  }
+  *rows= arg.counter;
   DBUG_RETURN(0);
 }
 
diff --git a/sql/sql_plugin.cc b/sql/sql_plugin.cc
index 35767307..c968637d 100644
--- a/sql/sql_plugin.cc
+++ b/sql/sql_plugin.cc
@@ -1688,7 +1688,6 @@ int plugin_init(int *argc, char **argv, int flags)
         }
       }
 
-      free_root(&tmp_root, MYF(MY_MARK_BLOCKS_FREE));
       tmp.state= PLUGIN_IS_UNINITIALIZED;
       if (register_builtin(plugin, &tmp, &plugin_ptr))
         goto err_unlock;
@@ -1967,7 +1966,7 @@ static void plugin_load(MEM_ROOT *tmp_root)
       the mutex here to satisfy the assert
     */
     mysql_mutex_lock(&LOCK_plugin);
-    plugin_add(tmp_root, false, &name, &dl, MYF(ME_ERROR_LOG));
+    plugin_add(tmp_root, true, &name, &dl, MYF(ME_ERROR_LOG));
     free_root(tmp_root, MYF(MY_MARK_BLOCKS_FREE));
     mysql_mutex_unlock(&LOCK_plugin);
   }
diff --git a/sql/sql_plugin_services.inl b/sql/sql_plugin_services.inl
index f2b2d08d..5ac06e76 100644
--- a/sql/sql_plugin_services.inl
+++ b/sql/sql_plugin_services.inl
@@ -183,7 +183,8 @@ static struct wsrep_service_st wsrep_handler = {
   wsrep_report_bf_lock_wait,
   wsrep_thd_kill_LOCK,
   wsrep_thd_kill_UNLOCK,
-  wsrep_thd_set_PA_unsafe
+  wsrep_thd_set_PA_unsafe,
+  wsrep_get_domain_id
 };
 
 static struct thd_specifics_service_st thd_specifics_handler=
@@ -228,11 +229,6 @@ static struct json_service_st json_handler=
   json_unescape_json
 };
 
-static struct thd_mdl_service_st thd_mdl_handler=
-{
-  thd_mdl_context
-};
-
 struct sql_service_st sql_service_handler=
 {
   mysql_init,
@@ -251,7 +247,13 @@ struct sql_service_st sql_service_handler=
   mysql_fetch_lengths,
   mysql_set_character_set,
   mysql_num_fields,
-  mysql_select_db
+  mysql_select_db,
+  mysql_ssl_set
+};
+
+static struct thd_mdl_service_st thd_mdl_handler=
+{
+  thd_mdl_context
 };
 
 #define DEFINE_warning_function(name, ret) {                                \
@@ -348,8 +350,8 @@ static struct st_service_ref list_of_services[]=
   { "thd_wait_service",            VERSION_thd_wait,            &thd_wait_handler },
   { "wsrep_service",               VERSION_wsrep,               &wsrep_handler },
   { "json_service",                VERSION_json,                &json_handler },
-  { "thd_mdl_service",             VERSION_thd_mdl,             &thd_mdl_handler },
   { "sql_service",                 VERSION_sql_service,         &sql_service_handler },
+  { "thd_mdl_service",             VERSION_thd_mdl,             &thd_mdl_handler },
   { "provider_service_bzip2",      VERSION_provider_bzip2,      &provider_handler_bzip2 },
   { "provider_service_lz4",        VERSION_provider_lz4,        &provider_handler_lz4 },
   { "provider_service_lzma",       VERSION_provider_lzma,       &provider_handler_lzma },
diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc
index bf3c7cbb..df200a69 100644
--- a/sql/sql_prepare.cc
+++ b/sql/sql_prepare.cc
@@ -132,6 +132,7 @@ static const uint PARAMETER_FLAG_UNSIGNED= 128U << 8;
 #include "wsrep_mysqld.h"
 #include "wsrep_trans_observer.h"
 #endif /* WITH_WSREP */
+#include "sql_audit.h"    // mysql_audit_release
 #include "xa.h"           // xa_recover_get_fields
 #include "sql_audit.h"    // mysql_audit_release
 
@@ -181,7 +182,7 @@ public:
   /*
     The following data member is wholly for debugging purpose.
     It can be used for possible crash analysis to determine how many times
-    the stored routine was executed before the mem_root marked read_only
+    the stored routine was executed before the mem_root marked ROOT_FLAG_READ_ONLY
     was requested for a memory chunk. Additionally, a value of this data
     member is output to the log with DBUG_PRINT.
   */
@@ -265,7 +266,6 @@ private:
 
 class Ed_connection;
 
-
 /******************************************************************************
   Implementation
 ******************************************************************************/
@@ -4068,6 +4068,7 @@ static bool execute_server_code(THD *thd,
                                 const char *sql_text, size_t sql_len)
 {
   PSI_statement_locker *parent_locker;
+  Reprepare_observer *reprepare_observer;
   bool error;
   query_id_t save_query_id= thd->query_id;
   query_id_t next_id= next_query_id();
@@ -4092,28 +4093,33 @@ static bool execute_server_code(THD *thd,
 
   parent_locker= thd->m_statement_psi;
   thd->m_statement_psi= NULL;
+  reprepare_observer= thd->m_reprepare_observer;
+  thd->m_reprepare_observer= NULL;
   error= mysql_execute_command(thd);
   thd->m_statement_psi= parent_locker;
+  thd->m_reprepare_observer= reprepare_observer;
 
   /* report error issued during command execution */
   if (likely(error == 0) && thd->spcont == NULL)
-    general_log_write(thd, COM_QUERY,
-                      thd->query(), thd->query_length());
+    general_log_write(thd, COM_QUERY, thd->query(), thd->query_length());
 
 end:
   thd->lex->restore_set_statement_var();
   thd->query_id= save_query_id;
   delete_explain_query(thd->lex);
+
   lex_end(thd->lex);
 
   return error;
 }
 
+
 bool Execute_sql_statement::execute_server_code(THD *thd)
 {
   return ::execute_server_code(thd, m_sql_text.str, m_sql_text.length);
 }
 
+
 /***************************************************************************
  Prepared_statement
 ****************************************************************************/
@@ -4685,7 +4691,7 @@ reexecute:
 #ifdef PROTECT_STATEMENT_MEMROOT
       // There was reprepare so the counter of runs should be reset
       executed_counter= 0;
-      mem_root->read_only= 0;
+      mem_root->flags &= ~ROOT_FLAG_READ_ONLY;
 #endif
       goto reexecute;
     }
@@ -4694,7 +4700,7 @@ reexecute:
 #ifdef PROTECT_STATEMENT_MEMROOT
   if (!error)
   {
-    mem_root->read_only= 1;
+    mem_root->flags |= ROOT_FLAG_READ_ONLY;
     ++executed_counter;
 
     DBUG_PRINT("info", ("execute counter: %lu", executed_counter));
@@ -4703,7 +4709,7 @@ reexecute:
   {
     // Error on call shouldn't be counted as a normal run
     executed_counter= 0;
-    mem_root->read_only= 0;
+    mem_root->flags &= ~ROOT_FLAG_READ_ONLY;
   }
 #endif
 
@@ -6081,7 +6087,8 @@ bool Protocol_local::send_result_set_metadata(List<Item> *list, uint flags)
 
   for (uint pos= 0 ; (item= it++); pos++)
   {
-    if (store_item_metadata(thd, item, pos))
+    Send_field sf(thd, item);
+    if (store_field_metadata(thd, sf, item->charset_for_protocol(), pos))
       goto err;
   }
 
@@ -6473,10 +6480,9 @@ extern "C" MYSQL *mysql_real_connect_local(MYSQL *mysql)
     new_thd->security_ctx->skip_grants();
     new_thd->query_cache_is_applicable= 0;
     new_thd->variables.wsrep_on= 0;
+    new_thd->client_capabilities= client_flag;
     new_thd->variables.sql_log_bin= 0;
     new_thd->set_binlog_bit();
-    new_thd->client_capabilities= client_flag;
-
     /*
       TOSO: decide if we should turn the auditing off
       for such threads.
@@ -6507,4 +6513,3 @@ extern "C" MYSQL *mysql_real_connect_local(MYSQL *mysql)
   DBUG_PRINT("exit",("Mysql handler: %p", mysql));
   DBUG_RETURN(mysql);
 }
-
diff --git a/sql/sql_profile.cc b/sql/sql_profile.cc
index f576e693..863f0369 100644
--- a/sql/sql_profile.cc
+++ b/sql/sql_profile.cc
@@ -202,7 +202,8 @@ void PROF_MEASUREMENT::set_label(const char *status_arg,
 
   allocated_status_memory= (char *) my_malloc(key_memory_PROFILE, sizes[0] +
                                               sizes[1] + sizes[2], MYF(0));
-  DBUG_ASSERT(allocated_status_memory != NULL);
+  if (!allocated_status_memory)
+    return;
 
   cursor= allocated_status_memory;
 
@@ -266,6 +267,8 @@ QUERY_PROFILE::QUERY_PROFILE(PROFILING *profiling_arg, const char *status_arg)
 {
   m_seq_counter= 1;
   PROF_MEASUREMENT *prof= new PROF_MEASUREMENT(this, status_arg);
+  if (!prof)
+    return;
   prof->m_seq= m_seq_counter++;
   m_start_time_usecs= prof->time_usecs;
   m_end_time_usecs= m_start_time_usecs;
@@ -307,6 +310,8 @@ void QUERY_PROFILE::new_status(const char *status_arg,
     prof= new PROF_MEASUREMENT(this, status_arg, function_arg, base_name(file_arg), line_arg);
   else
     prof= new PROF_MEASUREMENT(this, status_arg);
+  if (!prof)
+    DBUG_VOID_RETURN;
 
   prof->m_seq= m_seq_counter++;
   m_end_time_usecs= prof->time_usecs;
diff --git a/sql/sql_profile.h b/sql/sql_profile.h
index 88136559..c225f617 100644
--- a/sql/sql_profile.h
+++ b/sql/sql_profile.h
@@ -103,6 +103,8 @@ public:
 
     new_item= (struct queue_item *) my_malloc(key_memory_queue_item,
                                               sizeof(struct queue_item), MYF(0));
+    if (!new_item)
+      return;
 
     new_item->payload= payload;
 
@@ -296,7 +298,11 @@ public:
   {
     DBUG_ASSERT(!current);
     if (unlikely(enabled))
-      current= new QUERY_PROFILE(this, initial_state);
+    {
+      QUERY_PROFILE *new_profile= new QUERY_PROFILE(this, initial_state);
+      if (new_profile)
+        current= new_profile;
+    }
   }
 
   void discard_current_query();
diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc
index 8bde0f3b..ad71bf6f 100644
--- a/sql/sql_repl.cc
+++ b/sql/sql_repl.cc
@@ -510,7 +510,7 @@ static enum enum_binlog_checksum_alg get_binlog_checksum_value_at_connect(THD *
   }
   else
   {
-    DBUG_ASSERT(entry->type == STRING_RESULT);
+    DBUG_ASSERT(entry->type_handler()->result_type() == STRING_RESULT);
     String str;
     uint dummy_errors;
     str.copy(entry->value, entry->length, &my_charset_bin, &my_charset_bin,
@@ -2060,7 +2060,7 @@ send_event_to_slave(binlog_send_info *info, Log_event_type event_type,
   }
 
   if (need_sync && repl_semisync_master.flush_net(info->thd,
-                                                  packet->c_ptr_safe()))
+                                                  packet->c_ptr()))
   {
     info->error= ER_UNKNOWN_ERROR;
     return "Failed to run hook 'after_send_event'";
@@ -3011,8 +3011,13 @@ err:
 
   if (info->thd->killed == KILL_SLAVE_SAME_ID)
   {
-    info->errmsg= "A slave with the same server_uuid/server_id as this slave "
-                  "has connected to the master";
+    /*
+      Note that the text is limited to 64 characters in errmsg-utf8 in
+      ER_ABORTING_CONNECTION.
+    */
+    info->errmsg=
+      "A slave with the same server_uuid/server_id is already "
+      "connected";
     info->error= ER_SLAVE_SAME_ID;
   }
 
@@ -3385,6 +3390,7 @@ int stop_slave(THD* thd, Master_info* mi, bool net_report )
   @retval 0 success
   @retval 1 error
 */
+
 int reset_slave(THD *thd, Master_info* mi)
 {
   MY_STAT stat_area;
@@ -3482,8 +3488,6 @@ int reset_slave(THD *thd, Master_info* mi)
   else if (global_system_variables.log_warnings > 1)
     sql_print_information("Deleted Master_info file '%s'.", fname);
 
-  if (rpl_semi_sync_slave_enabled)
-    repl_semisync_slave.reset_slave(mi);
 err:
   mi->unlock_slave_threads();
   if (unlikely(error))
@@ -3511,43 +3515,89 @@ err:
 
 struct kill_callback_arg
 {
-  kill_callback_arg(uint32 id): slave_server_id(id), thd(0) {}
-  uint32 slave_server_id;
+  kill_callback_arg(THD *thd_arg, uint32 id):
+    thd(thd_arg), slave_server_id(id), counter(0) {}
   THD *thd;
+  uint32 slave_server_id;
+  uint counter;
 };
 
-static my_bool kill_callback(THD *thd, kill_callback_arg *arg)
+
+/*
+  Collect all active dump threads
+*/
+
+static my_bool kill_callback_collect(THD *thd, kill_callback_arg *arg)
 {
   if (thd->get_command() == COM_BINLOG_DUMP &&
-      thd->variables.server_id == arg->slave_server_id)
+      thd->variables.server_id == arg->slave_server_id &&
+      thd != arg->thd)
   {
-    arg->thd= thd;
+    arg->counter++;
     mysql_mutex_lock(&thd->LOCK_thd_kill);    // Lock from delete
     mysql_mutex_lock(&thd->LOCK_thd_data);
-    return 1;
+    thd->awake_no_mutex(KILL_SLAVE_SAME_ID);  // Mark killed
+    /*
+      Remover the thread from ack_receiver to ensure it is not
+      sending acks to the master anymore.
+    */
+    ack_receiver.remove_slave(thd);
+
+    mysql_mutex_unlock(&thd->LOCK_thd_data);
+    mysql_mutex_unlock(&thd->LOCK_thd_kill);
   }
   return 0;
 }
 
 
-void kill_zombie_dump_threads(uint32 slave_server_id)
+/*
+  Check if there are any active dump threads
+*/
+
+static my_bool kill_callback_check(THD *thd, kill_callback_arg *arg)
+{
+  return (thd->get_command() == COM_BINLOG_DUMP &&
+          thd->variables.server_id == arg->slave_server_id &&
+          thd != arg->thd);
+}
+
+
+/**
+  Try to kill running dump threads on the master
+
+  @result 0   ok
+  @result 1   old slave thread exists and does not want to die
+
+  There should not be more than one dump thread with the same server id
+  this code has however in the past has several issues. To ensure that
+  things works in all cases (now and in the future), this code is collecting
+  all matching server id's and killing all of them.
+*/
+
+bool kill_zombie_dump_threads(THD *thd, uint32 slave_server_id)
 {
-  kill_callback_arg arg(slave_server_id);
-  server_threads.iterate(kill_callback, &arg);
+  kill_callback_arg arg(thd, slave_server_id);
+  server_threads.iterate(kill_callback_collect, &arg);
+
+  if (!arg.counter)
+    return 0;
 
-  if (arg.thd)
+  /*
+    Wait up to SECONDS_TO_WAIT_FOR_DUMP_THREAD_KILL for kill
+    of all dump thread, trying every 1/10 of second.
+  */
+  for (uint i= 10 * SECONDS_TO_WAIT_FOR_DUMP_THREAD_KILL ;
+       --i > 0  && !thd->killed;
+       i++)
   {
-    /*
-      Here we do not call kill_one_thread() as
-      it will be slow because it will iterate through the list
-      again. We just to do kill the thread ourselves.
-    */
-    arg.thd->awake_no_mutex(KILL_SLAVE_SAME_ID);
-    mysql_mutex_unlock(&arg.thd->LOCK_thd_kill);
-    mysql_mutex_unlock(&arg.thd->LOCK_thd_data);
+    if (!server_threads.iterate(kill_callback_check, &arg))
+      return 0;                          // All dump thread are killed
+    my_sleep(1000000L / 10);             // Wait 1/10 of a second
   }
+  return 1;
 }
 
+
 /**
    Get value for a string parameter with error checking
 
@@ -4303,11 +4353,17 @@ bool mysql_show_binlog_events(THD* thd)
       }
     }
 
+    /*
+      Omit error messages from server log in Log_event::read_log_event. That
+      is, we only need to notify the client to correct their 'from' offset;
+      writing about this in the server log would be confusing as it isn't
+      related to server operational status.
+    */
     for (event_count = 0;
          (ev = Log_event::read_log_event(&log,
                                          description_event,
                                          (opt_master_verify_checksum ||
-                                          verify_checksum_once))); )
+                                          verify_checksum_once), false)); )
     {
       if (!unit->lim.check_offset(event_count) &&
 	        ev->net_send(protocol, linfo.log_file_name, pos))
@@ -4595,6 +4651,10 @@ int log_loaded_block(IO_CACHE* file, uchar *Buffer, size_t Count)
   /* buffer contains position where we started last read */
   uchar* buffer= (uchar*) my_b_get_buffer_start(file);
   uint max_event_size= lf_info->thd->variables.max_allowed_packet;
+  int res;
+#ifndef DBUG_OFF
+  bool did_dbug_inject= false;
+#endif
 
   if (lf_info->thd->is_current_stmt_binlog_format_row())
     goto ret;
@@ -4602,6 +4662,19 @@ int log_loaded_block(IO_CACHE* file, uchar *Buffer, size_t Count)
       lf_info->last_pos_in_file >= my_b_get_pos_in_file(file))
     goto ret;
   
+  DBUG_EXECUTE_IF("load_data_binlog_cache_error",
+                  {
+                    /*
+                      Simulate "disk full" error in the middle of writing to
+                      the binlog cache.
+                    */
+                    if (lf_info->last_pos_in_file >= 2*4096)
+                    {
+                      DBUG_SET("+d,simulate_file_write_error");
+                      did_dbug_inject= true;
+                    }
+                  };);
+
   for (block_len= (uint) (my_b_get_bytes_in_buffer(file)); block_len > 0;
        buffer += MY_MIN(block_len, max_event_size),
        block_len -= MY_MIN(block_len, max_event_size))
@@ -4613,7 +4686,10 @@ int log_loaded_block(IO_CACHE* file, uchar *Buffer, size_t Count)
                                MY_MIN(block_len, max_event_size),
                                lf_info->log_delayed);
       if (mysql_bin_log.write(&a))
-        DBUG_RETURN(1);
+      {
+        res= 1;
+        goto err;
+      }
     }
     else
     {
@@ -4622,12 +4698,20 @@ int log_loaded_block(IO_CACHE* file, uchar *Buffer, size_t Count)
                                    MY_MIN(block_len, max_event_size),
                                    lf_info->log_delayed);
       if (mysql_bin_log.write(&b))
-        DBUG_RETURN(1);
+      {
+        res= 1;
+        goto err;
+      }
       lf_info->wrote_create_file= 1;
     }
   }
 ret:
-  int res= Buffer ? lf_info->real_read_function(file, Buffer, Count) : 0;
+  res= Buffer ? lf_info->real_read_function(file, Buffer, Count) : 0;
+err:
+#ifndef DBUG_OFF
+  if (did_dbug_inject)
+    DBUG_SET("-d,simulate_file_write_error");
+#endif
   DBUG_RETURN(res);
 }
 
diff --git a/sql/sql_repl.h b/sql/sql_repl.h
index 95916e31..3be1e18c 100644
--- a/sql/sql_repl.h
+++ b/sql/sql_repl.h
@@ -43,7 +43,7 @@ void adjust_linfo_offsets(my_off_t purge_offset);
 void show_binlogs_get_fields(THD *thd, List<Item> *field_list);
 bool show_binlogs(THD* thd);
 extern int init_master_info(Master_info* mi);
-void kill_zombie_dump_threads(uint32 slave_server_id);
+bool kill_zombie_dump_threads(THD *thd, uint32 slave_server_id);
 int check_binlog_magic(IO_CACHE* log, const char** errmsg);
 int compare_log_name(const char *log_1, const char *log_2);
 
diff --git a/sql/sql_schema.cc b/sql/sql_schema.cc
index f08204d2..7a6c0c99 100644
--- a/sql/sql_schema.cc
+++ b/sql/sql_schema.cc
@@ -33,6 +33,12 @@ public:
     return src;
   }
 
+  Create_func *find_native_function_builder(THD *thd, const LEX_CSTRING &name)
+                                                                         const
+  {
+    return native_functions_hash_oracle.find(thd, name);
+  }
+
   Item *make_item_func_replace(THD *thd,
                                Item *subj,
                                Item *find,
@@ -64,6 +70,7 @@ Schema        mariadb_schema(Lex_cstring(STRING_WITH_LEN("mariadb_schema")));
 Schema_oracle oracle_schema(Lex_cstring(STRING_WITH_LEN("oracle_schema")));
 Schema_maxdb  maxdb_schema(Lex_cstring(STRING_WITH_LEN("maxdb_schema")));
 
+const Schema &oracle_schema_ref= oracle_schema;
 
 Schema *Schema::find_by_name(const LEX_CSTRING &name)
 {
@@ -88,6 +95,26 @@ Schema *Schema::find_implied(THD *thd)
 }
 
 
+Create_func *
+Schema::find_native_function_builder(THD *thd, const LEX_CSTRING &name) const
+{
+  return native_functions_hash.find(thd, name);
+}
+
+
+Item *Schema::make_item_func_call_native(THD *thd,
+                                         const Lex_ident_sys &name,
+                                         List<Item> *args) const
+{
+  Create_func *builder= find_native_function_builder(thd, name);
+  if (builder)
+    return builder->create_func(thd, &name, args);
+  my_error(ER_FUNCTION_NOT_DEFINED, MYF(0), name.str);
+  return NULL;
+}
+
+
+
 Item *Schema::make_item_func_replace(THD *thd,
                                      Item *subj,
                                      Item *find,
diff --git a/sql/sql_schema.h b/sql/sql_schema.h
index 0258ff2d..af83c5e9 100644
--- a/sql/sql_schema.h
+++ b/sql/sql_schema.h
@@ -19,6 +19,9 @@
 #include "mysqld.h"
 #include "lex_string.h"
 
+class Lex_ident_sys;
+class Create_func;
+
 class Schema
 {
   LEX_CSTRING m_name;
@@ -34,6 +37,24 @@ public:
     return src;
   }
 
+  /**
+    Find a native function builder, return an error if not found,
+    build an Item otherwise.
+  */
+  Item *make_item_func_call_native(THD *thd,
+                                   const Lex_ident_sys &name,
+                                   List<Item> *args) const;
+
+  /**
+    Find the native function builder associated with a given function name.
+    @param thd The current thread
+    @param name The native function name
+    @return The native function builder associated with the name, or NULL
+  */
+  virtual Create_func *find_native_function_builder(THD *thd,
+                                                    const LEX_CSTRING &name)
+                                                    const;
+
   // Builders for native SQL function with a special syntax in sql_yacc.yy
   virtual Item *make_item_func_replace(THD *thd,
                                        Item *subj,
@@ -67,5 +88,6 @@ public:
 
 
 extern Schema mariadb_schema;
+extern const Schema &oracle_schema_ref;
 
 #endif // SQL_SCHEMA_H_INCLUDED
diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index f4cbed58..c3ce21d1 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -1457,6 +1457,26 @@ JOIN::prepare(TABLE_LIST *tables_init, COND *conds_init, uint og_num,
   if (setup_wild(thd, tables_list, fields_list, &all_fields, select_lex, false))
     DBUG_RETURN(-1);
 
+  /*
+    If the select_lex is immediately contained within a derived table
+    AND this derived table is a CTE
+    WITH supplied column names
+    AND we have the correct number of elements in both lists
+      (mismatches found in mysql_derived_prepare/rename_columns_of_derived_unit)
+    THEN NOW is the time to take a copy of these item_names for
+      later restoration if required.
+  */
+  TABLE_LIST *derived= select_lex->master_unit()->derived;
+
+  if (derived &&
+      derived->with &&
+      derived->with->column_list.elements &&
+      (derived->with->column_list.elements == select_lex->item_list.elements))
+  {
+    if (select_lex->save_item_list_names(thd))
+      DBUG_RETURN(-1);
+  }
+
   if (thd->lex->current_select->first_cond_optimization)
   {
     if ( conds && ! thd->lex->current_select->merged_into)
@@ -1965,9 +1985,14 @@ bool JOIN::make_range_rowid_filters()
     bool force_index_save= tab->table->force_index;
     tab->table->force_index= true;
     quick_select_return rc;
+    /*
+      EQ_FUNC and EQUAL_FUNC already sent unusable key notes (if any)
+      during update_ref_and_keys(). Have only other functions raise notes
+      from can_optimize_scalar_range().
+    */
     rc= sel->test_quick_select(thd, filter_map, (table_map) 0,
                                (ha_rows) HA_POS_ERROR, true, false, true,
-                               true);
+                               true, Item_func::BITMAP_EXCEPT_ANY_EQUALITY);
     tab->table->force_index= force_index_save;
     if (rc == SQL_SELECT::ERROR || thd->is_error())
     {
@@ -5194,13 +5219,19 @@ static bool get_quick_record_count(THD *thd, SQL_SELECT *select,
   if (unlikely(check_stack_overrun(thd, STACK_MIN_SIZE, buff)))
     DBUG_RETURN(false);                           // Fatal error flag is set
   if (select)
-  {
+  {
     select->head=table;
     table->reginfo.impossible_range=0;
+    /*
+      EQ_FUNC and EQUAL_FUNC already sent unusable key notes (if any)
+      during update_ref_and_keys(). Have only other functions raise notes
+      from can_optimize_scalar_range().
+    */
     error= select->test_quick_select(thd, *(key_map *)keys, (table_map) 0,
                                      limit, 0, FALSE,
                                      TRUE,     /* remove_where_parts*/
-                                     FALSE, TRUE);
+                                     FALSE,
+                                     Item_func::BITMAP_EXCEPT_ANY_EQUALITY);
 
     if (error == SQL_SELECT::OK && select->quick)
     {
@@ -5915,11 +5946,15 @@ make_join_statistics(JOIN *join, List<TABLE_LIST> &tables_list,
         This is can't be to high as otherwise we are likely to use
         table scan.
       */
-      s->worst_seeks= MY_MIN((double) s->found_records / 10,
-        (double) s->read_time*3);
-      if (s->worst_seeks < 2.0)			// Fix for small tables
-        s->worst_seeks=2.0;
-
+      /* Largest integer that can be stored in double (no compiler warning) */
+      s->worst_seeks= (double) (1ULL << 53);
+      if (thd->variables.optimizer_adjust_secondary_key_costs != 2)
+      {
+        s->worst_seeks= MY_MIN((double) s->found_records / 10,
+                               (double) s->read_time*3);
+        if (s->worst_seeks < 2.0)			// Fix for small tables
+          s->worst_seeks=2.0;
+      }
       /*
         Add to stat->const_keys those indexes for which all group fields or
         all select distinct fields participate in one index.
@@ -7031,6 +7066,7 @@ add_key_part(DYNAMIC_ARRAY *keyuse_array, KEY_FIELD *key_field)
           {
             field->raise_note_cannot_use_key_part(thd, key, part,
                                                   equal_str,
+                                                  key_field->cond->compare_collation(),
                                                   key_field->val,
                                                   compat);
           }
@@ -7896,8 +7932,27 @@ double cost_for_index_read(const THD *thd, const TABLE *table, uint key,
     if (table->covering_keys.is_set(key))
     cost= file->keyread_time(key, 1, records);
   else
+  {
     cost= ((file->keyread_time(key, 0, records) +
             file->read_time(key, 1, MY_MIN(records, worst_seeks))));
+    if (thd->variables.optimizer_adjust_secondary_key_costs == 1 &&
+        file->is_clustering_key(0))
+    {
+      /*
+        According to benchmarks done in 11.0 to calculate the new cost
+        model secondary key ranges are about 7x slower than primary
+        key ranges for big tables. Here we are a bit conservative and
+        only calculate with 5x. The reason for having it only 5x and
+        not for example 7x is is that choosing plans with more rows
+        that are read (ignored by the WHERE clause) causes the 10.x
+        optimizer to believe that there are more rows in the result
+        set, which can cause problems in finding the best join order.
+        Note: A clustering primary key is always key 0.
+      */
+      double clustering_key_cost= file->read_time(0, 1, records);
+      cost= MY_MAX(cost, clustering_key_cost * 5);
+    }
+  }
 
   DBUG_PRINT("statistics", ("cost: %.3f", cost));
   DBUG_RETURN(cost);
@@ -8071,6 +8126,14 @@ best_access_path(JOIN      *join,
   double keyread_tmp= 0;
   ha_rows rec;
   bool best_uses_jbuf= FALSE;
+  /*
+    if optimizer_use_condition_selectivity adjust filter cost to be slightly
+    higher to ensure that ref|filter is not less than range over same
+    number of rows
+  */
+  double filter_setup_cost= (thd->variables.
+                             optimizer_adjust_secondary_key_costs == 2 ?
+                             1.0 : 0.0);
   MY_BITMAP *eq_join_set= &s->table->eq_join_set;
   KEYUSE *hj_start_key= 0;
   SplM_plan_info *spl_plan= 0;
@@ -8301,6 +8364,9 @@ best_access_path(JOIN      *join,
                 trace_access_idx.add("used_range_estimates", true);
                 tmp= adjust_quick_cost(table->opt_range[key].cost,
                                        table->opt_range[key].rows);
+                keyread_tmp= table->file->keyread_time(key, 1,
+                                                       table->opt_range[key].
+                                                       rows);
                 goto got_cost;
               }
               else
@@ -8625,6 +8691,7 @@ best_access_path(JOIN      *join,
 	       type == JT_EQ_REF ? 0.5 * tmp : MY_MIN(tmp, keyread_tmp);
         double access_cost_factor= MY_MIN((tmp - key_access_cost) / rows, 1.0);
 
+
         if (!(records < s->worst_seeks &&
               records <= thd->variables.max_seeks_for_key))
         {
@@ -8641,7 +8708,9 @@ best_access_path(JOIN      *join,
         }
         if (filter)
         {
-          tmp-= filter->get_adjusted_gain(rows) - filter->get_cmp_gain(rows);
+          tmp-= (filter->get_adjusted_gain(rows) -
+                 filter->get_cmp_gain(rows) -
+                 filter_setup_cost);
           DBUG_ASSERT(tmp >= 0);
           trace_access_idx.add("rowid_filter_key",
                                table->key_info[filter->key_no].name);
@@ -8891,7 +8960,7 @@ best_access_path(JOIN      *join,
                                                             access_cost_factor);
         if (filter)
         {
-          tmp-= filter->get_adjusted_gain(rows);
+          tmp-= filter->get_adjusted_gain(rows) - filter_setup_cost;
           DBUG_ASSERT(tmp >= 0);
         }
 
@@ -13049,7 +13118,8 @@ make_join_select(JOIN *join,SQL_SELECT *select,COND *cond)
                                               HA_POS_ERROR :
                                               join->unit->lim.get_select_limit()),
                                               0,
-                                             FALSE, FALSE, FALSE)) ==
+                                             FALSE, FALSE, FALSE,
+                                             Item_func::BITMAP_ALL)) ==
                 SQL_SELECT::IMPOSSIBLE_RANGE)
             {
 	      /*
@@ -13064,7 +13134,8 @@ make_join_select(JOIN *join,SQL_SELECT *select,COND *cond)
                                                 OPTION_FOUND_ROWS ?
                                                 HA_POS_ERROR :
                                                 join->unit->lim.get_select_limit()),
-                                                0, FALSE, FALSE, FALSE, TRUE)) ==
+                                                0, FALSE, FALSE, FALSE,
+                                                Item_func::BITMAP_NONE)) ==
                   SQL_SELECT::IMPOSSIBLE_RANGE)
 		DBUG_RETURN(1);			// Impossible WHERE
             }
@@ -23199,7 +23270,9 @@ test_if_quick_select(JOIN_TAB *tab)
   res= tab->select->test_quick_select(tab->join->thd, tab->keys,
                                       (table_map) 0, HA_POS_ERROR, 0,
                                       FALSE, /*remove where parts*/FALSE,
-                                      FALSE, /* no warnings */ TRUE);
+                                      FALSE,
+                                      /* no unusable key notes */
+                                      Item_func::BITMAP_NONE);
   if (tab->explain_plan && tab->explain_plan->range_checked_fer)
     tab->explain_plan->range_checked_fer->collect_data(tab->select->quick);
 
@@ -25250,7 +25323,8 @@ test_if_skip_sort_order(JOIN_TAB *tab,ORDER *order,ha_rows select_limit,
                                           HA_POS_ERROR :
                                           tab->join->unit->
                                             lim.get_select_limit(),
-                                          TRUE, TRUE, FALSE, FALSE);
+                                          TRUE, TRUE, FALSE, FALSE,
+                                          Item_func::BITMAP_ALL);
           // if we cannot use quick select
           if (res != SQL_SELECT::OK || !tab->select->quick)
           {
@@ -25355,7 +25429,8 @@ test_if_skip_sort_order(JOIN_TAB *tab,ORDER *order,ha_rows select_limit,
                                       join->select_options & OPTION_FOUND_ROWS ?
                                       HA_POS_ERROR :
                                       join->unit->lim.get_select_limit(),
-                                      TRUE, FALSE, FALSE, FALSE);
+                                      TRUE, FALSE, FALSE, FALSE,
+                                      Item_func::BITMAP_ALL);
       if (res == SQL_SELECT::ERROR)
       {
         *fatal_error= true;
@@ -29163,7 +29238,6 @@ static void select_describe(JOIN *join, bool need_tmp_table, bool need_order,
 			    bool distinct,const char *message)
 {
   THD *thd=join->thd;
-  select_result *result=join->result;
   DBUG_ENTER("select_describe");
 
   if (join->select_lex->pushdown_select)
@@ -29198,7 +29272,7 @@ static void select_describe(JOIN *join, bool need_tmp_table, bool need_order,
 
     if (unit->explainable())
     {
-      if (mysql_explain_union(thd, unit, result))
+      if (mysql_explain_union(thd, unit, unit->result))
         DBUG_VOID_RETURN;
     }
   }
diff --git a/sql/sql_sequence.cc b/sql/sql_sequence.cc
index f5652bd8..f6d7c310 100644
--- a/sql/sql_sequence.cc
+++ b/sql/sql_sequence.cc
@@ -921,6 +921,7 @@ bool Sql_cmd_alter_sequence::execute(THD *thd)
   TABLE_LIST *first_table= lex->query_tables;
   TABLE *table;
   sequence_definition *new_seq= lex->create_info.seq_create_info;
+  uint saved_used_fields= new_seq->used_fields;
   SEQUENCE *seq;
   No_such_table_error_handler no_such_table_handler;
   DBUG_ENTER("Sql_cmd_alter_sequence::execute");
@@ -1042,5 +1043,6 @@ bool Sql_cmd_alter_sequence::execute(THD *thd)
     my_ok(thd);
 
 end:
+  new_seq->used_fields= saved_used_fields;
   DBUG_RETURN(error);
 }
diff --git a/sql/sql_show.cc b/sql/sql_show.cc
index 32b29468..980c2fa7 100644
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -2777,7 +2777,7 @@ static const char *thread_state_info(THD *tmp)
     if (cond)
       return "Waiting on cond";
   }
-  return NULL;
+  return "";
 }
 
 
@@ -6398,7 +6398,8 @@ int fill_schema_collation(THD *thd, TABLE_LIST *tables, COND *cond)
           tmp_cl->get_collation_name(MY_COLLATION_NAME_MODE_CONTEXT);
         LEX_CSTRING full_collation_name=
           tmp_cl->get_collation_name(MY_COLLATION_NAME_MODE_FULL);
-        bool is_context= cmp(context_collation_name, full_collation_name);
+        bool is_context= cmp(context_collation_name, full_collation_name) &&
+            !(thd->variables.old_behavior & OLD_MODE_NO_NULL_COLLATION_IDS);
         /*
           Some collations are applicable to multiple character sets.
           Display them only once, with the short name (without the
@@ -8833,9 +8834,9 @@ int mysql_schema_table(THD *thd, LEX *lex, TABLE_LIST *table_list)
     }
     List_iterator_fast<Item> it(sel->item_list);
     if (!(transl=
-          (Field_translator*)(thd->stmt_arena->
+          (Field_translator*)(thd->active_stmt_arena_to_use()->
                               alloc(sel->item_list.elements *
-                                    sizeof(Field_translator)))))
+                                    sizeof(Field_translator))))) // ???
     {
       DBUG_RETURN(1);
     }
@@ -9795,7 +9796,7 @@ ST_FIELD_INFO partitions_fields_info[]=
 ST_FIELD_INFO variables_fields_info[]=
 {
   Column("VARIABLE_NAME",  Varchar(64),   NOT_NULL, "Variable_name"),
-  Column("VARIABLE_VALUE", Varchar(2048), NOT_NULL, "Value"),
+  Column("VARIABLE_VALUE", Varchar(4096), NOT_NULL, "Value"),
   CEnd()
 };
 
diff --git a/sql/sql_table.cc b/sql/sql_table.cc
index b33d2ff4..7e4d271b 100644
--- a/sql/sql_table.cc
+++ b/sql/sql_table.cc
@@ -7208,6 +7208,14 @@ bool mysql_compare_tables(TABLE *table, Alter_info *alter_info,
 	(uint) (field->flags & NOT_NULL_FLAG))
       DBUG_RETURN(false);
 
+    if (field->vcol_info)
+    {
+      if (!tmp_new_field->field->vcol_info)
+        DBUG_RETURN(false);
+      if (!field->vcol_info->is_equal(tmp_new_field->field->vcol_info))
+        DBUG_RETURN(false);
+    }
+
     /*
       mysql_prepare_alter_table() clears HA_OPTION_PACK_RECORD bit when
       preparing description of existing table. In ALTER TABLE it is later
@@ -9089,6 +9097,30 @@ mysql_prepare_alter_table(THD *thd, TABLE *table,
         goto err;
       case Alter_drop::FOREIGN_KEY:
         // Leave the DROP FOREIGN KEY names in the alter_info->drop_list.
+        /* If this is DROP FOREIGN KEY without IF EXIST,
+        we can now check does it exists and if not report a error. */
+        if (!drop->drop_if_exists)
+        {
+          List <FOREIGN_KEY_INFO> fk_child_key_list;
+          table->file->get_foreign_key_list(thd, &fk_child_key_list);
+          if (fk_child_key_list.is_empty())
+          {
+	fk_not_found:
+            my_error(ER_CANT_DROP_FIELD_OR_KEY, MYF(0), drop->type_name(),
+                     drop->name);
+            goto err;
+          }
+          List_iterator<FOREIGN_KEY_INFO> fk_key_it(fk_child_key_list);
+          while (FOREIGN_KEY_INFO *f_key= fk_key_it++)
+          {
+            if (my_strcasecmp(system_charset_info, f_key->foreign_id->str,
+                              drop->name) == 0)
+              goto fk_found;
+          }
+          goto fk_not_found;
+        fk_found:
+          break;
+        }
         break;
       }
     }
@@ -12278,13 +12310,18 @@ bool check_engine(THD *thd, const char *db_name,
   if (!*new_engine)
     DBUG_RETURN(true);
 
-  /* Enforced storage engine should not be used in
-  ALTER TABLE that does not use explicit ENGINE = x to
-  avoid unwanted unrelated changes.*/
-  if (!(thd->lex->sql_command == SQLCOM_ALTER_TABLE &&
-        !(create_info->used_fields & HA_CREATE_USED_ENGINE)))
-    enf_engine= thd->variables.enforced_table_plugin ?
-       plugin_hton(thd->variables.enforced_table_plugin) : NULL;
+  /*
+    Enforced storage engine should not be used in ALTER TABLE that does not
+    use explicit ENGINE = x to avoid unwanted unrelated changes. It should not
+    be used in CREATE INDEX too.
+  */
+  if (!((thd->lex->sql_command == SQLCOM_ALTER_TABLE &&
+             !(create_info->used_fields & HA_CREATE_USED_ENGINE)) ||
+         thd->lex->sql_command == SQLCOM_CREATE_INDEX))
+  {
+    plugin_ref enf_plugin= thd->variables.enforced_table_plugin;
+    enf_engine= enf_plugin ? plugin_hton(enf_plugin) : NULL;
+  }
 
   if (enf_engine && enf_engine != *new_engine)
   {
@@ -12381,8 +12418,18 @@ bool Sql_cmd_create_table_like::execute(THD *thd)
   Alter_info alter_info(lex->alter_info, thd->mem_root);
 
 #ifdef WITH_WSREP
+  bool wsrep_ctas= false;
   // If CREATE TABLE AS SELECT and wsrep_on
-  const bool wsrep_ctas= (select_lex->item_list.elements && WSREP(thd));
+  if (WSREP(thd) && (select_lex->item_list.elements ||
+     // Only CTAS may be applied not using TOI.
+     (wsrep_thd_is_applying(thd) && !wsrep_thd_is_toi(thd))))
+  {
+    wsrep_ctas= true;
+
+    // MDEV-22232: Disable CTAS retry by setting the retry counter to the
+    // threshold value.
+    thd->wsrep_retry_counter= thd->variables.wsrep_retry_autocommit;
+  }
 
   // This will be used in THD::decide_logging_format if CTAS
   Enable_wsrep_ctas_guard wsrep_ctas_guard(thd, wsrep_ctas);
diff --git a/sql/sql_test.cc b/sql/sql_test.cc
index 9163d8fc..5cc192af 100644
--- a/sql/sql_test.cc
+++ b/sql/sql_test.cc
@@ -29,11 +29,16 @@
 #include <thr_alarm.h>
 #include "sql_connect.h"
 #include "thread_cache.h"
-#if defined(HAVE_MALLINFO) && defined(HAVE_MALLOC_H)
+
+#if defined(HAVE_MALLOC_H)
 #include <malloc.h>
-#elif defined(HAVE_MALLINFO) && defined(HAVE_SYS_MALLOC_H)
+#endif
+
+#if defined(HAVE_SYS_MALLOC_H)
 #include <sys/malloc.h>
-#elif defined(HAVE_MALLOC_ZONE)
+#endif
+
+#if defined(HAVE_MALLOC_ZONE)
 #include <malloc/malloc.h>
 #endif
 
diff --git a/sql/sql_trigger.cc b/sql/sql_trigger.cc
index 067b921e..d7600108 100644
--- a/sql/sql_trigger.cc
+++ b/sql/sql_trigger.cc
@@ -2537,7 +2537,8 @@ add_tables_and_routines_for_triggers(THD *thd,
 
           MDL_key key(MDL_key::TRIGGER, trigger->m_db.str, trigger->m_name.str);
 
-          if (sp_add_used_routine(prelocking_ctx, thd->stmt_arena,
+          if (sp_add_used_routine(prelocking_ctx,
+                                  thd->active_stmt_arena_to_use(),
                                   &key, &sp_handler_trigger,
                                   table_list->belong_to_view))
           {
diff --git a/sql/sql_tvc.cc b/sql/sql_tvc.cc
index c5a2b16a..fc1db382 100644
--- a/sql/sql_tvc.cc
+++ b/sql/sql_tvc.cc
@@ -271,7 +271,10 @@ bool table_value_constr::prepare(THD *thd, SELECT_LEX *sl,
 
   if (!holders)
   {
-    holders= type_holders= new (thd->stmt_arena->mem_root) Type_holder[cnt];
+    DBUG_ASSERT(thd->stmt_arena->is_stmt_prepare_or_first_stmt_execute() ||
+                thd->stmt_arena->is_conventional());
+    holders= type_holders=
+      new (thd->active_stmt_arena_to_use()->mem_root) Type_holder[cnt];
     if (!holders ||
          join_type_handlers_for_tvc(thd, li, holders, cnt) ||
          get_type_attributes_for_tvc(thd, li, holders,
diff --git a/sql/sql_type.cc b/sql/sql_type.cc
index 277f495a..a086e338 100644
--- a/sql/sql_type.cc
+++ b/sql/sql_type.cc
@@ -1446,22 +1446,6 @@ Type_handler_string_result::charset_for_protocol(const Item *item) const
 }
 
 
-const Type_handler *
-Type_handler::get_handler_by_cmp_type(Item_result type)
-{
-  switch (type) {
-  case REAL_RESULT:       return &type_handler_double;
-  case INT_RESULT:        return &type_handler_slonglong;
-  case DECIMAL_RESULT:    return &type_handler_newdecimal;
-  case STRING_RESULT:     return &type_handler_long_blob;
-  case TIME_RESULT:       return &type_handler_datetime;
-  case ROW_RESULT:        return &type_handler_row;
-  }
-  DBUG_ASSERT(0);
-  return &type_handler_string;
-}
-
-
 /*
   If we have a mixture of:
   - a MariaDB standard (built-in permanent) data type, and
@@ -2258,6 +2242,34 @@ Type_handler::get_handler_by_real_type(enum_field_types type)
 }
 
 
+const Type_handler *
+Type_handler::handler_by_log_event_data_type(THD *thd,
+                                             const Log_event_data_type &type)
+{
+  if (type.data_type_name().length)
+  {
+    const Type_handler *th= handler_by_name(thd, type.data_type_name());
+    if (th)
+      return th;
+  }
+  switch (type.type()) {
+  case STRING_RESULT:
+  case ROW_RESULT:
+  case TIME_RESULT:
+    break;
+  case REAL_RESULT:
+    return &type_handler_double;
+  case INT_RESULT:
+    if (type.is_unsigned())
+      return &type_handler_ulonglong;
+    return &type_handler_slonglong;
+  case DECIMAL_RESULT:
+    return &type_handler_newdecimal;
+  }
+  return &type_handler_long_blob;
+}
+
+
 /**
   Create a DOUBLE field by default.
 */
@@ -5668,6 +5680,14 @@ Type_handler_string_result::Item_func_hybrid_field_type_get_date(
 
 /***************************************************************************/
 
+bool Type_handler::Item_bool_rowready_func2_fix_length_and_dec(THD *thd,
+                                          Item_bool_rowready_func2 *func) const
+{
+  return func->fix_length_and_dec_generic(thd, this);
+}
+
+/***************************************************************************/
+
 bool Type_handler_numeric::
        Item_func_between_fix_length_and_dec(Item_func_between *func) const
 {
diff --git a/sql/sql_type.h b/sql/sql_type.h
index 35c13a38..5ce17447 100644
--- a/sql/sql_type.h
+++ b/sql/sql_type.h
@@ -30,6 +30,8 @@
 #include "sql_type_string.h"
 #include "sql_type_real.h"
 #include "compat56.h"
+#include "log_event_data_type.h"
+
 C_MODE_START
 #include <ma_dyncol.h>
 C_MODE_END
@@ -55,6 +57,7 @@ class Item_hybrid_func;
 class Item_func_min_max;
 class Item_func_hybrid_field_type;
 class Item_bool_func2;
+class Item_bool_rowready_func2;
 class Item_func_between;
 class Item_func_in;
 class Item_func_round;
@@ -150,8 +153,8 @@ scalar_comparison_op_to_lex_cstring(scalar_comparison_op op)
   case SCALAR_CMP_EQUAL: return LEX_CSTRING{STRING_WITH_LEN("<=>")};
   case SCALAR_CMP_LT:    return LEX_CSTRING{STRING_WITH_LEN("<")};
   case SCALAR_CMP_LE:    return LEX_CSTRING{STRING_WITH_LEN("<=")};
-  case SCALAR_CMP_GE:    return LEX_CSTRING{STRING_WITH_LEN(">")};
-  case SCALAR_CMP_GT:    return LEX_CSTRING{STRING_WITH_LEN(">=")};
+  case SCALAR_CMP_GE:    return LEX_CSTRING{STRING_WITH_LEN(">=")};
+  case SCALAR_CMP_GT:    return LEX_CSTRING{STRING_WITH_LEN(">")};
   }
   DBUG_ASSERT(0);
   return LEX_CSTRING{STRING_WITH_LEN("<?>")};
@@ -3672,6 +3675,9 @@ public:
   static const Type_handler *handler_by_name(THD *thd, const LEX_CSTRING &name);
   static const Type_handler *handler_by_name_or_error(THD *thd,
                                                       const LEX_CSTRING &name);
+  static const Type_handler *handler_by_log_event_data_type(
+                                             THD *thd,
+                                             const Log_event_data_type &type);
   static const Type_handler *odbc_literal_type_handler(const LEX_CSTRING *str);
   static const Type_handler *blob_type_handler(uint max_octet_length);
   static const Type_handler *string_type_handler(uint max_octet_length);
@@ -3689,7 +3695,6 @@ public:
   static const Type_handler *blob_type_handler(const Item *item);
   static const Type_handler *get_handler_by_field_type(enum_field_types type);
   static const Type_handler *get_handler_by_real_type(enum_field_types type);
-  static const Type_handler *get_handler_by_cmp_type(Item_result type);
   static const Type_collection *
     type_collection_for_aggregation(const Type_handler *h1,
                                     const Type_handler *h2);
@@ -3957,6 +3962,12 @@ public:
   {
     return false;
   }
+
+  virtual Log_event_data_type user_var_log_event_data_type(uint charset_nr) const
+  {
+    return Log_event_data_type({NULL,0}/*data type name*/, result_type(),
+                               charset_nr, is_unsigned());
+  }
   virtual uint Column_definition_gis_options_image(uchar *buff,
                                                    const Column_definition &def)
                                                    const
@@ -4257,6 +4268,8 @@ public:
   }
   virtual bool Item_eq_value(THD *thd, const Type_cmp_attributes *attr,
                              Item *a, Item *b) const= 0;
+  virtual bool Item_bool_rowready_func2_fix_length_and_dec(THD *thd,
+                                          Item_bool_rowready_func2 *func) const;
   virtual bool Item_hybrid_func_fix_attributes(THD *thd,
                                                const LEX_CSTRING &name,
                                                Type_handler_hybrid_field_type *,
diff --git a/sql/sql_type_fixedbin.h b/sql/sql_type_fixedbin.h
index 88c24ba0..65418c34 100644
--- a/sql/sql_type_fixedbin.h
+++ b/sql/sql_type_fixedbin.h
@@ -136,6 +136,21 @@ public:
       return Fbt_null(item, false).is_null();
     }
 
+    /*
+      Check at fix_fields() time if any of the items can return a nullable
+      value on conversion to Fbt.
+    */
+    static bool fix_fields_maybe_null_on_conversion_to_fbt(Item **items,
+                                                           uint count)
+    {
+      for (uint i= 0; i < count; i++)
+      {
+        if (Fbt::fix_fields_maybe_null_on_conversion_to_fbt(items[i]))
+          return true;
+      }
+      return false;
+    }
+
   public:
 
     Fbt(Item *item, bool *error, bool warn= true)
@@ -1534,6 +1549,16 @@ public:
     Fbt_null na(a), nb(b);
     return !na.is_null() && !nb.is_null() && !na.cmp(nb);
   }
+  bool Item_bool_rowready_func2_fix_length_and_dec(THD *thd,
+                                 Item_bool_rowready_func2 *func) const override
+  {
+    if (Type_handler::Item_bool_rowready_func2_fix_length_and_dec(thd, func))
+      return true;
+    if (!func->maybe_null() &&
+        Fbt::fix_fields_maybe_null_on_conversion_to_fbt(func->arguments(), 2))
+      func->set_maybe_null();
+    return false;
+  }
   bool Item_hybrid_func_fix_attributes(THD *thd, const LEX_CSTRING &name,
                                        Type_handler_hybrid_field_type *h,
                                        Type_all_attributes *attr,
@@ -1715,6 +1740,9 @@ public:
 
   bool Item_func_between_fix_length_and_dec(Item_func_between *func) const override
   {
+    if (!func->maybe_null() &&
+        Fbt::fix_fields_maybe_null_on_conversion_to_fbt(func->arguments(), 3))
+      func->set_maybe_null();
     return false;
   }
   longlong Item_func_between_val_int(Item_func_between *func) const override
@@ -1737,6 +1765,10 @@ public:
                                                     Item_func_in *func)
                                                     const override
   {
+    if (!func->maybe_null() &&
+        Fbt::fix_fields_maybe_null_on_conversion_to_fbt(func->arguments(),
+                                                        func->argument_count()))
+      func->set_maybe_null();
     if (func->compatible_types_scalar_bisection_possible())
     {
       return func->value_list_convert_const_to_int(thd) ||
diff --git a/sql/sql_type_geom.h b/sql/sql_type_geom.h
index d86d1181..14d3d062 100644
--- a/sql/sql_type_geom.h
+++ b/sql/sql_type_geom.h
@@ -82,6 +82,13 @@ public:
   Field *make_conversion_table_field(MEM_ROOT *root,
                                      TABLE *table, uint metadata,
                                      const Field *target) const override;
+  Log_event_data_type user_var_log_event_data_type(uint charset_nr)
+                                                              const override
+  {
+    return Log_event_data_type(name().lex_cstring(), result_type(),
+                               charset_nr, false/*unsigned*/);
+  }
+
   uint Column_definition_gis_options_image(uchar *buff,
                                            const Column_definition &def)
                                            const override;
diff --git a/sql/sql_update.cc b/sql/sql_update.cc
index 1be0bbcd..145299ac 100644
--- a/sql/sql_update.cc
+++ b/sql/sql_update.cc
@@ -587,7 +587,8 @@ int mysql_update(THD *thd,
 
   select= make_select(table, 0, 0, conds, (SORT_INFO*) 0, 0, &error);
   if (unlikely(error || !limit || thd->is_error() ||
-               (select && select->check_quick(thd, safe_update, limit))))
+               (select && select->check_quick(thd, safe_update, limit,
+                                              Item_func::BITMAP_ALL))))
   {
     query_plan.set_impossible_where();
     if (thd->lex->describe || thd->lex->analyze_stmt)
@@ -2444,7 +2445,8 @@ loop_end:
     group.direction= ORDER::ORDER_ASC;
     group.item= (Item**) temp_fields.head_ref();
 
-    tmp_param->quick_group= 1;
+    tmp_param->init();
+    tmp_param->tmp_name="update";
     tmp_param->field_count= temp_fields.elements;
     tmp_param->func_count=  temp_fields.elements - 1;
     calc_group_buffer(tmp_param, &group);
diff --git a/sql/sql_view.cc b/sql/sql_view.cc
index 08208048..d9422272 100644
--- a/sql/sql_view.cc
+++ b/sql/sql_view.cc
@@ -297,7 +297,8 @@ bool create_view_precheck(THD *thd, TABLE_LIST *tables, TABLE_LIST *view,
     for (tbl= sl->get_table_list(); tbl; tbl= tbl->next_local)
     {
       if (!tbl->with && tbl->select_lex)
-        tbl->with= tbl->select_lex->find_table_def_in_with_clauses(tbl);
+      tbl->with= tbl->select_lex->find_table_def_in_with_clauses(tbl,
+                                                                 NULL);
       /*
         Ensure that we have some privileges on this table, more strict check
         will be done on column level after preparation,
@@ -1005,7 +1006,8 @@ static int mysql_register_view(THD *thd, DDL_LOG_STATE *ddl_log_state,
   {
     Sql_mode_save_for_frm_handling sql_mode_save(thd);
 
-    lex->unit.print(&view_query, enum_query_type(QT_VIEW_INTERNAL |
+    lex->unit.print(&view_query, enum_query_type(QT_FOR_FRM |
+                                                 QT_VIEW_INTERNAL |
                                                  QT_ITEM_ORIGINAL_FUNC_NULLIF |
                                                  QT_NO_WRAPPERS_FOR_TVC_IN_VIEW));
     lex->unit.print(&is_query, enum_query_type(QT_TO_SYSTEM_CHARSET |
@@ -1725,7 +1727,7 @@ bool mysql_make_view(THD *thd, TABLE_SHARE *share, TABLE_LIST *table,
         objects of the view.
       */
       if (!(table->view_sctx= (Security_context *)
-            thd->stmt_arena->calloc(sizeof(Security_context))))
+            thd->active_stmt_arena_to_use()->calloc(sizeof(Security_context))))
         goto err;
       security_ctx= table->view_sctx;
     }
diff --git a/sql/sql_yacc.yy b/sql/sql_yacc.yy
index ffa70dea..dcf0e995 100644
--- a/sql/sql_yacc.yy
+++ b/sql/sql_yacc.yy
@@ -733,7 +733,6 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
 %token  <kwd>  ACTION                        /* SQL-2003-N */
 %token  <kwd>  ADMIN_SYM                     /* SQL-2003-N */
 %token  <kwd>  ADDDATE_SYM                   /* MYSQL-FUNC */
-%token  <kwd>  ADD_MONTHS_SYM                /* Oracle FUNC*/
 %token  <kwd>  AFTER_SYM                     /* SQL-2003-N */
 %token  <kwd>  AGAINST
 %token  <kwd>  AGGREGATE_SYM
@@ -809,7 +808,6 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
 %token  <kwd>  DATAFILE_SYM
 %token  <kwd>  DATA_SYM                      /* SQL-2003-N */
 %token  <kwd>  DATETIME
-%token  <kwd>  DATE_FORMAT_SYM               /* MYSQL-FUNC */
 %token  <kwd>  DATE_SYM                      /* SQL-2003-R, Oracle-R, PLSQL-R */
 %token  <kwd>  DAY_SYM                       /* SQL-2003-R */
 %token  <kwd>  DEALLOCATE_SYM                /* SQL-2003-R */
@@ -961,7 +959,6 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
 %token  <kwd>  NATIONAL_SYM                  /* SQL-2003-R */
 %token  <kwd>  NCHAR_SYM                     /* SQL-2003-R */
 %token  <kwd>  NEVER_SYM                     /* MySQL */
-%token  <kwd>  NEW_SYM                       /* SQL-2003-R */
 %token  <kwd>  NEXT_SYM                      /* SQL-2003-N */
 %token  <kwd>  NEXTVAL_SYM                   /* PostgreSQL sequence function */
 %token  <kwd>  NOCACHE_SYM
@@ -1124,7 +1121,6 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
 %token  <kwd>  TRIGGERS_SYM
 %token  <kwd>  TRIM_ORACLE
 %token  <kwd>  TRUNCATE_SYM
-%token  <kwd>  TYPES_SYM
 %token  <kwd>  TYPE_SYM                      /* SQL-2003-N */
 %token  <kwd>  UDF_RETURNS_SYM
 %token  <kwd>  UNBOUNDED_SYM                 /* SQL-2011-N */
@@ -1315,6 +1311,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
 
 %type <ident_sys>
         IDENT_sys
+        ident_func
         ident
         label_ident
         sp_decl_ident
@@ -1339,6 +1336,7 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
         IDENT_cli
         ident_cli
         ident_cli_set_usual_case
+        ident_cli_func
 
 %type <ident_sys_ptr>
         ident_sys_alloc
@@ -1353,6 +1351,8 @@ bool my_yyoverflow(short **a, YYSTYPE **b, size_t *yystacksize);
         keyword_sp_block_section
         keyword_sp_decl
         keyword_sp_head
+        keyword_func_sp_var_and_label
+        keyword_func_sp_var_not_label
         keyword_sp_var_and_label
         keyword_sp_var_not_label
         keyword_sysvar_name
@@ -1833,8 +1833,17 @@ rule:
 %type <spvar> sp_param_anchored
 %type <for_loop> sp_for_loop_index_and_bounds
 %type <for_loop_bounds> sp_for_loop_bounds
-%type <trim> trim_operands
-%type <substring_spec> substring_operands
+
+%type <trim>
+        trim_operands
+        trim_operands_regular
+        trim_operands_special
+
+%type <substring_spec>
+        substring_operands
+        substring_operands_regular
+        substring_operands_special
+
 %type <num> opt_sp_for_loop_direction
 %type <spvar_mode> sp_parameter_type
 %type <index_hint> index_hint_type
@@ -7176,11 +7185,7 @@ alter:
         | ALTER SEQUENCE_SYM opt_if_exists
           {
             LEX *lex= Lex;
-            lex->name= null_clex_str;
-            lex->table_type= TABLE_TYPE_UNKNOWN;
             lex->sql_command= SQLCOM_ALTER_SEQUENCE;
-            lex->create_info.init();
-            lex->no_write_to_binlog= 0;
             DBUG_ASSERT(!lex->m_sql_cmd);
             if (Lex->main_select_push())
               MYSQL_YYABORT;
@@ -9656,8 +9661,16 @@ explicit_cursor_attr:
 
 
 trim_operands:
+          trim_operands_regular
+        | trim_operands_special
+        ;
+
+trim_operands_regular:
           expr                     { $$.set(TRIM_BOTH, $1);         }
-        | LEADING  expr FROM expr  { $$.set(TRIM_LEADING, $2, $4);  }
+        ;
+
+trim_operands_special:
+          LEADING  expr FROM expr  { $$.set(TRIM_LEADING, $2, $4);  }
         | TRAILING expr FROM expr  { $$.set(TRIM_TRAILING, $2, $4); }
         | BOTH     expr FROM expr  { $$.set(TRIM_BOTH, $2, $4);     }
         | LEADING       FROM expr  { $$.set(TRIM_LEADING, $3);      }
@@ -10067,6 +10080,11 @@ function_call_keyword:
         ;
 
 substring_operands:
+          substring_operands_regular
+        | substring_operands_special
+        ;
+
+substring_operands_regular:
           expr ',' expr ',' expr
           {
             $$= Lex_substring_spec_st::init($1, $3, $5);
@@ -10075,7 +10093,10 @@ substring_operands:
           {
             $$= Lex_substring_spec_st::init($1, $3);
           }
-        | expr FROM expr FOR_SYM expr
+        ;
+
+substring_operands_special:
+          expr FROM expr FOR_SYM expr
           {
             $$= Lex_substring_spec_st::init($1, $3, $5);
           }
@@ -10099,14 +10120,7 @@ substring_operands:
   discouraged.
 */
 function_call_nonkeyword:
-          ADD_MONTHS_SYM '(' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_date_add_interval(thd, $3, $5,
-                                                           INTERVAL_MONTH, 0);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | ADDDATE_SYM '(' expr ',' expr ')'
+        ADDDATE_SYM '(' expr ',' expr ')'
           {
             $$= new (thd->mem_root) Item_date_add_interval(thd, $3, $5,
                                                              INTERVAL_DAY, 0);
@@ -10145,18 +10159,6 @@ function_call_nonkeyword:
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | DATE_FORMAT_SYM '(' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_date_format(thd, $3, $5);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | DATE_FORMAT_SYM '(' expr ',' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_date_format(thd, $3, $5, $7);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
         | EXTRACT_SYM '(' interval FROM expr ')'
           {
             $$=new (thd->mem_root) Item_extract(thd, $3, $5);
@@ -10282,13 +10284,6 @@ function_call_nonkeyword:
               MYSQL_YYABORT;
           }
         |
-          COLUMN_CHECK_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_dyncol_check(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        |
           COLUMN_CREATE_SYM '(' dyncall_create_list ')'
           {
             $$= create_func_dyncol_create(thd, *$3);
@@ -10323,43 +10318,12 @@ function_call_conflict:
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | COALESCE '(' expr_list ')'
-          {
-            $$= new (thd->mem_root) Item_func_coalesce(thd, *$3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | COLLATION_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_collation(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | DATABASE '(' ')'
-          {
-            $$= new (thd->mem_root) Item_func_database(thd);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-            Lex->safe_to_cache_query=0;
-          }
         | IF_SYM '(' expr ',' expr ',' expr ')'
           {
             $$= new (thd->mem_root) Item_func_if(thd, $3, $5, $7);
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | FORMAT_SYM '(' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_format(thd, $3, $5);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | FORMAT_SYM '(' expr ',' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_format(thd, $3, $5, $7);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
           /* LAST_VALUE here conflicts with the definition for window functions.
              We have these 2 separate rules to remove the shift/reduce conflict.
           */
@@ -10381,25 +10345,12 @@ function_call_conflict:
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | MICROSECOND_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_microsecond(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
         | MOD_SYM '(' expr ',' expr ')'
           {
             $$= new (thd->mem_root) Item_func_mod(thd, $3, $5);
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | OLD_PASSWORD_SYM '(' expr ')'
-          {
-            $$=  new (thd->mem_root)
-              Item_func_password(thd, $3, Item_func_password::OLD);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
         | PASSWORD_SYM '(' expr ')'
           {
             Item* i1;
@@ -10408,12 +10359,6 @@ function_call_conflict:
               MYSQL_YYABORT;
             $$= i1;
           }
-        | QUARTER_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_quarter(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
         | REPEAT_SYM '(' expr ',' expr ')'
           {
             $$= new (thd->mem_root) Item_func_repeat(thd, $3, $5);
@@ -10426,38 +10371,12 @@ function_call_conflict:
                                  make_item_func_replace(thd, $3, $5, $7))))
               MYSQL_YYABORT;
           }
-        | REVERSE_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_reverse(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | ROW_COUNT_SYM '(' ')'
-          {
-            $$= new (thd->mem_root) Item_func_row_count(thd);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-            Lex->set_stmt_unsafe(LEX::BINLOG_STMT_UNSAFE_SYSTEM_FUNCTION);
-            Lex->safe_to_cache_query= 0;
-          }
         | TRUNCATE_SYM '(' expr ',' expr ')'
           {
             $$= new (thd->mem_root) Item_func_round(thd, $3, $5, 1);
             if (unlikely($$ == NULL))
               MYSQL_YYABORT;
           }
-        | WEEK_SYM '(' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_week(thd, $3);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
-        | WEEK_SYM '(' expr ',' expr ')'
-          {
-            $$= new (thd->mem_root) Item_func_week(thd, $3, $5);
-            if (unlikely($$ == NULL))
-              MYSQL_YYABORT;
-          }
         | WEIGHT_STRING_SYM '(' expr opt_ws_levels ')'
           {
             $$= new (thd->mem_root) Item_func_weight_string(thd, $3, 0, 0, $4);
@@ -10503,7 +10422,7 @@ function_call_conflict:
   in sql/item_create.cc
 */
 function_call_generic:
-          IDENT_sys '('
+          ident_func '('
           {
 #ifdef HAVE_DLOPEN
             udf_func *udf= 0;
@@ -10541,7 +10460,9 @@ function_call_generic:
 
               This will be revised with WL#2128 (SQL PATH)
             */
-            if ((builder= native_functions_hash.find(thd, $1)))
+            builder= Schema::find_implied(thd)->
+                       find_native_function_builder(thd, $1);
+            if (builder)
             {
               item= builder->create_func(thd, &$1, $4);
             }
@@ -10605,6 +10526,43 @@ function_call_generic:
             if (unlikely(!($$= Lex->make_item_func_call_generic(thd, &$1, &$3, &$5, $7))))
               MYSQL_YYABORT;
           }
+        | ident_cli '.' REPLACE '(' opt_expr_list ')'
+          {
+            if (unlikely(!($$= Lex->make_item_func_replace(thd, $1, $3, $5))))
+              MYSQL_YYABORT;
+          }
+        | ident_cli '.' SUBSTRING '(' opt_expr_list ')'
+          {
+            if (unlikely(!($$= Lex->make_item_func_substr(thd, $1, $3, $5))))
+              MYSQL_YYABORT;
+          }
+        | ident_cli '.' SUBSTRING '(' substring_operands_special ')'
+          {
+            if (unlikely(!($$= Lex->make_item_func_substr(thd, $1, $3, $5))))
+              MYSQL_YYABORT;
+          }
+        | ident_cli '.' TRIM '(' opt_expr_list ')'
+          {
+            if (unlikely(!($$= Lex->make_item_func_trim(thd, $1, $3, $5))))
+              MYSQL_YYABORT;
+          }
+        | ident_cli '.' TRIM '(' trim_operands_special ')'
+          {
+            if (unlikely(!($$= Lex->make_item_func_trim(thd, $1, $3, $5))))
+              MYSQL_YYABORT;
+          }
+          /*
+            We don't add a qualified syntax for TRIM_ORACLE here,
+            as this syntax is not absolutely required:
+              SELECT mariadb_schema.TRIM_ORACLE(..);
+            What absolutely required is only:
+              SELECT mariadb_schema.TRIM(..);
+            Adding a qualified syntax for TRIM_ORACLE would be tricky because
+            it is a non-reserved keyword. To avoid new shift/reduce conflicts
+            it would require grammar changes, like introducing a new rule
+            ident_step2_cli (which would include everything that ident_cli
+            includes but TRIM_ORACLE).
+          */
         ;
 
 fulltext_options:
@@ -15159,10 +15117,7 @@ with_column_list:
 ident_sys_alloc:
           ident_cli
           {
-            void *buf= thd->alloc(sizeof(Lex_ident_sys));
-            if (!buf)
-              MYSQL_YYABORT;
-            $$= new (buf) Lex_ident_sys(thd, &$1);
+            $$= new (thd->mem_root) Lex_ident_sys(thd, &$1);
           }
         ;
 
@@ -15383,6 +15338,22 @@ IDENT_sys:
           }
         ;
 
+ident_cli_func:
+          IDENT
+        | IDENT_QUOTED
+        | keyword_func_sp_var_and_label  { $$= $1; }
+        | keyword_func_sp_var_not_label  { $$= $1; }
+        ;
+
+ident_func:
+          ident_cli_func
+          {
+            if (unlikely(thd->to_ident_sys_alloc(&$$, &$1)))
+              MYSQL_YYABORT;
+          }
+        ;
+
+
 TEXT_STRING_sys:
           TEXT_STRING
           {
@@ -15606,7 +15577,8 @@ non_reserved_keyword_udt:
   TODO: check if some of them can migrate to keyword_sp_var_and_label.
 */
 keyword_sp_var_not_label:
-          ASCII_SYM
+        keyword_func_sp_var_not_label
+        | ASCII_SYM
         | BACKUP_SYM
         | BINLOG_SYM
         | BYTE_SYM
@@ -15614,7 +15586,6 @@ keyword_sp_var_not_label:
         | CHECKSUM_SYM
         | CHECKPOINT_SYM
         | COLUMN_ADD_SYM
-        | COLUMN_CHECK_SYM
         | COLUMN_CREATE_SYM
         | COLUMN_DELETE_SYM
         | COLUMN_GET_SYM
@@ -15626,7 +15597,6 @@ keyword_sp_var_not_label:
         | EXECUTE_SYM
         | FLUSH_SYM
         | FOLLOWING_SYM
-        | FORMAT_SYM
         | GET_SYM
         | HELP_SYM
         | HOST_SYM
@@ -15780,21 +15750,15 @@ keyword_cast_type:
         ;
 
 
-/*
-  These keywords are fine for both SP variable names and SP labels.
-*/
-keyword_sp_var_and_label:
-          ACTION
+keyword_func_sp_var_and_label:
+        ACTION
         | ACCOUNT_SYM
-        | ADDDATE_SYM
-        | ADD_MONTHS_SYM
         | ADMIN_SYM
         | AFTER_SYM
         | AGAINST
         | AGGREGATE_SYM
         | ALGORITHM_SYM
         | ALWAYS_SYM
-        | ANY_SYM
         | AT_SYM
         | ATOMIC_SYM
         | AUTHORS_SYM
@@ -15802,7 +15766,6 @@ keyword_sp_var_and_label:
         | AUTOEXTEND_SIZE_SYM
         | AUTO_SYM
         | AVG_ROW_LENGTH
-        | AVG_SYM
         | BLOCK_SYM
         | BODY_MARIADB_SYM
         | BTREE_SYM
@@ -15815,7 +15778,6 @@ keyword_sp_var_and_label:
         | CLIENT_SYM
         | CLASS_ORIGIN_SYM
         | COALESCE
-        | CODE_SYM
         | COLLATION_SYM
         | COLUMN_NAME_SYM
         | COLUMNS
@@ -15841,16 +15803,15 @@ keyword_sp_var_and_label:
         | CURSOR_NAME_SYM
         | CYCLE_SYM
         | DATA_SYM
+        | DATABASE
         | DATAFILE_SYM
-        | DATE_FORMAT_SYM
-        | DAY_SYM
         | DEFINER_SYM
         | DELAY_KEY_WRITE_SYM
         | DES_KEY_FILE
         | DIAGNOSTICS_SYM
+        | DISCARD
         | DIRECTORY_SYM
         | DISABLE_SYM
-        | DISCARD
         | DISK_SYM
         | DUMPFILE
         | DUPLICATE_SYM
@@ -15858,6 +15819,11 @@ keyword_sp_var_and_label:
         | ELSEIF_ORACLE_SYM
         | ELSIF_MARIADB_SYM
         | EMPTY_SYM
+        | EXPIRE_SYM
+        | EXPORT_SYM
+        | EXTENDED_SYM
+        | EXTENT_SIZE_SYM
+        | ENABLE_SYM
         | ENDS_SYM
         | ENGINE_SYM
         | ENGINES_SYM
@@ -15870,29 +15836,21 @@ keyword_sp_var_and_label:
         | EXCEPTION_MARIADB_SYM
         | EXCHANGE_SYM
         | EXPANSION_SYM
-        | EXPIRE_SYM
-        | EXPORT_SYM
-        | EXTENDED_SYM
-        | EXTENT_SIZE_SYM
         | FAULTS_SYM
         | FAST_SYM
-        | FOUND_SYM
-        | ENABLE_SYM
         | FEDERATED_SYM
-        | FULL
         | FILE_SYM
         | FIRST_SYM
+        | FOUND_SYM
+        | FULL
         | GENERAL
         | GENERATED_SYM
-        | GET_FORMAT
         | GRANTS
         | GOTO_MARIADB_SYM
         | HASH_SYM
         | HARD_SYM
         | HISTORY_SYM
         | HOSTS_SYM
-        | HOUR_SYM
-        | ID_SYM
         | IDENTIFIED_SYM
         | IGNORE_SERVER_IDS_SYM
         | INCREMENT_SYM
@@ -15910,9 +15868,7 @@ keyword_sp_var_and_label:
         | INVISIBLE_SYM
         | JSON_TABLE_SYM
         | KEY_BLOCK_SIZE
-        | LAST_VALUE
         | LAST_SYM
-        | LASTVAL_SYM
         | LEAVES
         | LESS_SYM
         | LEVEL_SYM
@@ -15954,7 +15910,6 @@ keyword_sp_var_and_label:
         | MESSAGE_TEXT_SYM
         | MICROSECOND_SYM
         | MIGRATE_SYM
-        | MINUTE_SYM
 %ifdef MARIADB
         | MINUS_ORACLE_SYM
 %endif
@@ -15963,7 +15918,6 @@ keyword_sp_var_and_label:
         | MODIFY_SYM
         | MODE_SYM
         | MONITOR_SYM
-        | MONTH_SYM
         | MUTEX_SYM
         | MYSQL_SYM
         | MYSQL_ERRNO_SYM
@@ -15971,8 +15925,6 @@ keyword_sp_var_and_label:
         | NESTED_SYM
         | NEVER_SYM
         | NEXT_SYM           %prec PREC_BELOW_CONTRACTION_TOKEN2
-        | NEXTVAL_SYM
-        | NEW_SYM
         | NOCACHE_SYM
         | NOCYCLE_SYM
         | NOMINVALUE_SYM
@@ -15988,7 +15940,6 @@ keyword_sp_var_and_label:
         | ONLINE_SYM
         | ONLY_SYM
         | ORDINALITY_SYM
-        | OVERLAPS_SYM
         | PACKAGE_MARIADB_SYM
         | PACK_KEYS_SYM
         | PAGE_SYM
@@ -16020,10 +15971,10 @@ keyword_sp_var_and_label:
         | REDOFILE_SYM
         | REDUNDANT_SYM
         | RELAY
-        | RELAYLOG_SYM
         | RELAY_LOG_FILE_SYM
         | RELAY_LOG_POS_SYM
         | RELAY_THREAD
+        | RELAYLOG_SYM
         | RELOAD
         | REORGANIZE_SYM
         | REPEATABLE_SYM
@@ -16038,20 +15989,15 @@ keyword_sp_var_and_label:
         | REVERSE_SYM
         | ROLLUP_SYM
         | ROUTINE_SYM
+        | ROW_COUNT_SYM
         | ROWCOUNT_SYM
         | ROWTYPE_MARIADB_SYM
-        | ROW_COUNT_SYM
         | ROW_FORMAT_SYM
-%ifdef MARIADB
-        | ROWNUM_SYM
-%endif
         | RTREE_SYM
         | SCHEDULE_SYM
         | SCHEMA_NAME_SYM
-        | SECOND_SYM
         | SEQUENCE_SYM
         | SERIALIZABLE_SYM
-        | SETVAL_SYM
         | SIMPLE_SYM
         | SHARE_SYM
         | SKIP_SYM
@@ -16059,7 +16005,6 @@ keyword_sp_var_and_label:
         | SLOW
         | SNAPSHOT_SYM
         | SOFT_SYM
-        | SOUNDS_SYM
         | SOURCE_SYM
         | SQL_CACHE_SYM
         | SQL_BUFFER_RESULT
@@ -16072,7 +16017,6 @@ keyword_sp_var_and_label:
         | STORAGE_SYM
         | STRING_SYM
         | SUBCLASS_ORIGIN_SYM
-        | SUBDATE_SYM
         | SUBJECT_SYM
         | SUBPARTITION_SYM
         | SUBPARTITIONS_SYM
@@ -16080,9 +16024,6 @@ keyword_sp_var_and_label:
         | SUSPEND_SYM
         | SWAPS_SYM
         | SWITCHES_SYM
-%ifdef MARIADB
-        | SYSDATE
-%endif
         | SYSTEM
         | SYSTEM_TIME_SYM
         | TABLE_NAME_SYM
@@ -16096,10 +16037,6 @@ keyword_sp_var_and_label:
         | TRANSACTIONAL_SYM
         | THREADS_SYM
         | TRIGGERS_SYM
-        | TRIM_ORACLE
-        | TIMESTAMP_ADD
-        | TIMESTAMP_DIFF
-        | TYPES_SYM
         | TYPE_SYM
         | UDF_RETURNS_SYM
         | UNCOMMITTED_SYM
@@ -16108,23 +16045,61 @@ keyword_sp_var_and_label:
         | UNDOFILE_SYM
         | UNKNOWN_SYM
         | UNTIL_SYM
-        | USER_SYM           %prec PREC_BELOW_CONTRACTION_TOKEN2
         | USE_FRM
         | VARIABLES
         | VERSIONING_SYM
         | VIEW_SYM
         | VIRTUAL_SYM
         | VISIBLE_SYM
-        | VALUE_SYM
         | WARNINGS
         | WAIT_SYM
-        | WEEK_SYM
-        | WEIGHT_STRING_SYM
         | WITHOUT
         | WORK_SYM
         | X509_SYM
         | XML_SYM
         | VIA_SYM
+        | WEEK_SYM
+        ;
+
+keyword_func_sp_var_not_label:
+        FORMAT_SYM
+        | COLUMN_CHECK_SYM
+        ;
+/*
+  These keywords are fine for both SP variable names and SP labels.
+*/
+keyword_sp_var_and_label:
+        keyword_func_sp_var_and_label
+        | ADDDATE_SYM
+        | ANY_SYM
+        | AVG_SYM
+        | CODE_SYM
+        | DAY_SYM
+        | GET_FORMAT
+        | HOUR_SYM
+        | ID_SYM
+        | LAST_VALUE
+        | LASTVAL_SYM
+        | MINUTE_SYM
+        | MONTH_SYM
+        | NEXTVAL_SYM
+        | OVERLAPS_SYM
+%ifdef MARIADB
+        | ROWNUM_SYM
+%endif
+        | SECOND_SYM
+        | SETVAL_SYM
+        | SOUNDS_SYM
+        | SUBDATE_SYM
+%ifdef MARIADB
+        | SYSDATE
+%endif
+        | TRIM_ORACLE
+        | TIMESTAMP_ADD
+        | TIMESTAMP_DIFF
+        | USER_SYM           %prec PREC_BELOW_CONTRACTION_TOKEN2
+        | VALUE_SYM
+        | WEIGHT_STRING_SYM
         ;
 
 
@@ -16165,7 +16140,6 @@ reserved_keyword_udt_not_param_type:
         | CURRENT_USER
         | CURRENT_ROLE
         | CURTIME
-        | DATABASE
         | DATABASES
         | DATE_ADD_INTERVAL
         | DATE_SUB_INTERVAL
diff --git a/sql/structs.h b/sql/structs.h
index a77bb8cb..318df056 100644
--- a/sql/structs.h
+++ b/sql/structs.h
@@ -34,6 +34,7 @@ struct TABLE;
 class Type_handler;
 class Field;
 class Index_statistics;
+struct Lex_ident_cli_st;
 
 class THD;
 
@@ -902,12 +903,6 @@ public:
   }
   Item *make_item_func_trim_std(THD *thd) const;
   Item *make_item_func_trim_oracle(THD *thd) const;
-  /*
-    This method is still used to handle LTRIM and RTRIM,
-    while the special syntax TRIM(... BOTH|LEADING|TRAILING)
-    is now handled by Schema::make_item_func_trim().
-  */
-  Item *make_item_func_trim(THD *thd) const;
 };
 
 
diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc
index 0df11e0b..dce04c59 100644
--- a/sql/sys_vars.cc
+++ b/sql/sys_vars.cc
@@ -1037,11 +1037,10 @@ static Sys_var_charptr_fscs Sys_datadir(
 static Sys_var_dbug Sys_dbug(
        "debug", "Built-in DBUG debugger", sys_var::SESSION,
        CMD_LINE(OPT_ARG, '#'), DEFAULT(""), NO_MUTEX_GUARD, NOT_IN_BINLOG,
-       ON_CHECK(check_has_super), ON_UPDATE(0),
-       DEPRECATED("'@@debug_dbug'")); // since 5.5.37
+       ON_CHECK(check_has_super));
 
 static Sys_var_dbug Sys_debug_dbug(
-       "debug_dbug", "Built-in DBUG debugger", sys_var::SESSION,
+       "debug_dbug", "Built-in DBUG debugger. Alias for --debug", sys_var::SESSION,
        CMD_LINE(OPT_ARG, '#'), DEFAULT(""), NO_MUTEX_GUARD, NOT_IN_BINLOG,
        ON_CHECK(check_has_super));
 #endif
@@ -1538,7 +1537,7 @@ static Sys_var_bit Sys_log_slow_slave_statements(
 
 static Sys_var_ulong Sys_log_warnings(
        "log_warnings",
-       "Log some not critical warnings to the general log file."
+       "Log some non critical warnings to the error log."
        "Value can be between 0 and 11. Higher values mean more verbosity",
        SESSION_VAR(log_warnings),
        CMD_LINE(OPT_ARG, 'W'),
@@ -2938,6 +2937,19 @@ static Sys_var_ulong Sys_optimizer_trace_max_mem_size(
     SESSION_VAR(optimizer_trace_max_mem_size), CMD_LINE(REQUIRED_ARG),
     VALID_RANGE(0, ULONG_MAX), DEFAULT(1024 * 1024), BLOCK_SIZE(1));
 
+static Sys_var_ulong Sys_optimizer_adjust_secondary_key_costs(
+    "optimizer_adjust_secondary_key_costs",
+    "0 = No changes. "
+    "1 = Update secondary key costs for ranges to be at least 5x of clustered "
+    "primary key costs. "
+    "2 = Remove 'max_seek optimization' for secondary keys and slight "
+    "adjustment of filter cost. "
+    "This option will be deleted in MariaDB 11.0 as it is not needed with the "
+    "new 11.0 optimizer.",
+    SESSION_VAR(optimizer_adjust_secondary_key_costs), CMD_LINE(REQUIRED_ARG),
+    VALID_RANGE(0, 2), DEFAULT(0), BLOCK_SIZE(1));
+
+
 static Sys_var_charptr_fscs Sys_pid_file(
        "pid_file", "Pid file used by safe_mysqld",
        READ_ONLY GLOBAL_VAR(pidfile_name_ptr), CMD_LINE(REQUIRED_ARG),
@@ -3348,8 +3360,9 @@ Sys_secure_auth(
        "secure_auth",
        "Disallow authentication for accounts that have old (pre-4.1) "
        "passwords",
-       GLOBAL_VAR(opt_secure_auth), CMD_LINE(OPT_ARG),
-       DEFAULT(TRUE));
+       GLOBAL_VAR(opt_secure_auth), CMD_LINE(OPT_ARG, OPT_SECURE_AUTH),
+       DEFAULT(TRUE), NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0), ON_UPDATE(0),
+       DEPRECATED("")); // since 10.6.17
 
 static bool check_require_secure_transport(sys_var *self, THD *thd, set_var *var)
 {
@@ -3599,13 +3612,6 @@ static bool fix_rpl_semi_sync_master_wait_point(sys_var *self, THD *thd,
   return false;
 }
 
-static bool fix_rpl_semi_sync_master_wait_no_slave(sys_var *self, THD *thd,
-                                                   enum_var_type type)
-{
-  repl_semisync_master.check_and_switch();
-  return false;
-}
-
 static Sys_var_on_access_global<Sys_var_mybool,
                         PRIV_SET_SYSTEM_GLOBAL_VAR_RPL_SEMI_SYNC_MASTER_ENABLED>
 Sys_semisync_master_enabled(
@@ -3632,12 +3638,11 @@ static Sys_var_on_access_global<Sys_var_mybool,
                   PRIV_SET_SYSTEM_GLOBAL_VAR_RPL_SEMI_SYNC_MASTER_WAIT_NO_SLAVE>
 Sys_semisync_master_wait_no_slave(
        "rpl_semi_sync_master_wait_no_slave",
-       "Wait until timeout when no semi-synchronous replication slave "
-       "available (enabled by default).",
+       "Wait until timeout when no semi-synchronous replication slave is "
+       "available.",
        GLOBAL_VAR(rpl_semi_sync_master_wait_no_slave),
        CMD_LINE(OPT_ARG), DEFAULT(TRUE),
-       NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
-       ON_UPDATE(fix_rpl_semi_sync_master_wait_no_slave));
+       NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0));
 
 static Sys_var_on_access_global<Sys_var_ulong,
                     PRIV_SET_SYSTEM_GLOBAL_VAR_RPL_SEMI_SYNC_MASTER_TRACE_LEVEL>
@@ -3664,13 +3669,6 @@ Sys_semisync_master_wait_point(
        NO_MUTEX_GUARD, NOT_IN_BINLOG,ON_CHECK(0),
        ON_UPDATE(fix_rpl_semi_sync_master_wait_point));
 
-static bool fix_rpl_semi_sync_slave_enabled(sys_var *self, THD *thd,
-                                            enum_var_type type)
-{
-  repl_semisync_slave.set_slave_enabled(rpl_semi_sync_slave_enabled != 0);
-  return false;
-}
-
 static bool fix_rpl_semi_sync_slave_trace_level(sys_var *self, THD *thd,
                                                 enum_var_type type)
 {
@@ -3698,10 +3696,9 @@ static Sys_var_on_access_global<Sys_var_mybool,
 Sys_semisync_slave_enabled(
        "rpl_semi_sync_slave_enabled",
        "Enable semi-synchronous replication slave (disabled by default).",
-       GLOBAL_VAR(rpl_semi_sync_slave_enabled),
+       GLOBAL_VAR(global_rpl_semi_sync_slave_enabled),
        CMD_LINE(OPT_ARG), DEFAULT(FALSE),
-       NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0),
-       ON_UPDATE(fix_rpl_semi_sync_slave_enabled));
+       NO_MUTEX_GUARD, NOT_IN_BINLOG, ON_CHECK(0));
 
 static Sys_var_on_access_global<Sys_var_ulong,
                     PRIV_SET_SYSTEM_GLOBAL_VAR_RPL_SEMI_SYNC_SLAVE_TRACE_LEVEL>
@@ -3887,6 +3884,7 @@ static const char *old_mode_names[]=
   "UTF8_IS_UTF8MB3",
   "IGNORE_INDEX_ONLY_FOR_JOIN",
   "COMPAT_5_1_CHECKSUM",
+  "NO_NULL_COLLATION_IDS",
   0
 };
 
@@ -5652,7 +5650,7 @@ Sys_slave_net_timeout(
 */
 
 ulonglong Sys_var_multi_source_ulonglong::
-get_master_info_ulonglong_value(THD *thd, ptrdiff_t offset) const
+get_master_info_ulonglong_value(THD *thd) const
 {
   Master_info *mi;
   ulonglong res= 0;                                  // Default value
@@ -5660,7 +5658,7 @@ get_master_info_ulonglong_value(THD *thd, ptrdiff_t offset) const
   if ((mi= get_master_info(&thd->variables.default_master_connection,
                            Sql_condition::WARN_LEVEL_WARN)))
   {
-    res= *((ulonglong*) (((uchar*) mi) + master_info_offset));
+    res= (mi->*mi_accessor_func)();
     mi->release();
   }
   mysql_mutex_lock(&LOCK_global_system_variables);
@@ -5730,7 +5728,7 @@ static bool update_slave_skip_counter(sys_var *self, THD *thd, Master_info *mi)
 static Sys_var_multi_source_ulonglong Sys_slave_skip_counter(
        "sql_slave_skip_counter", "Skip the next N events from the master log",
        SESSION_VAR(slave_skip_counter), NO_CMD_LINE,
-       MASTER_INFO_VAR(rli.slave_skip_counter),
+       &Master_info::get_slave_skip_counter,
        VALID_RANGE(0, UINT_MAX), DEFAULT(0), BLOCK_SIZE(1),
        ON_UPDATE(update_slave_skip_counter));
 
@@ -5746,7 +5744,7 @@ static Sys_var_multi_source_ulonglong Sys_max_relay_log_size(
        "relay log will be rotated automatically when the size exceeds this "
        "value.  If 0 at startup, it's set to max_binlog_size",
        SESSION_VAR(max_relay_log_size), CMD_LINE(REQUIRED_ARG),
-       MASTER_INFO_VAR(rli.max_relay_log_size),
+       &Master_info::get_max_relay_log_size,
        VALID_RANGE(0, 1024L*1024*1024), DEFAULT(0), BLOCK_SIZE(IO_SIZE),
        ON_UPDATE(update_max_relay_log_size));
 
diff --git a/sql/sys_vars.inl b/sql/sys_vars.inl
index 385ad897..2fd6d042 100644
--- a/sql/sys_vars.inl
+++ b/sql/sys_vars.inl
@@ -2378,10 +2378,10 @@ public:
   like sql_slave_skip_counter are GLOBAL.
 */
 
-#define MASTER_INFO_VAR(X) my_offsetof(Master_info, X), sizeof(((Master_info *)0x10)->X)
 class Sys_var_multi_source_ulonglong;
 class Master_info;
 
+typedef ulonglong (Master_info::*mi_ulonglong_accessor_function)(void);
 typedef bool (*on_multi_source_update_function)(sys_var *self, THD *thd,
                                                 Master_info *mi);
 bool update_multi_source_variable(sys_var *self,
@@ -2390,26 +2390,23 @@ bool update_multi_source_variable(sys_var *self,
 
 class Sys_var_multi_source_ulonglong :public Sys_var_ulonglong
 { 
-  ptrdiff_t master_info_offset;
+  mi_ulonglong_accessor_function mi_accessor_func;
   on_multi_source_update_function update_multi_source_variable_func;
 public:
   Sys_var_multi_source_ulonglong(const char *name_arg,
                              const char *comment, int flag_args,
                              ptrdiff_t off, size_t size,
                              CMD_LINE getopt,
-                             ptrdiff_t master_info_offset_arg,
-                             size_t master_info_arg_size,
+                             mi_ulonglong_accessor_function mi_accessor_arg,
                              ulonglong min_val, ulonglong max_val,
                              ulonglong def_val, uint block_size,
                              on_multi_source_update_function on_update_func)
     :Sys_var_ulonglong(name_arg, comment, flag_args, off, size,
                        getopt, min_val, max_val, def_val, block_size,
                        0, VARIABLE_NOT_IN_BINLOG, 0, update_multi_source_variable),
-    master_info_offset(master_info_offset_arg),
+    mi_accessor_func(mi_accessor_arg),
     update_multi_source_variable_func(on_update_func)
-  {
-    SYSVAR_ASSERT(master_info_arg_size == size);
-  }
+  { }
   bool global_update(THD *thd, set_var *var)
   {
     return session_update(thd, var);
@@ -2423,7 +2420,7 @@ public:
   {
     ulonglong *tmp, res;
     tmp= (ulonglong*) (((uchar*)&(thd->variables)) + offset);
-    res= get_master_info_ulonglong_value(thd, master_info_offset);
+    res= get_master_info_ulonglong_value(thd);
     *tmp= res;
     return (uchar*) tmp;
   }
@@ -2431,7 +2428,7 @@ public:
   {
     return session_value_ptr(thd, base);
   }
-  ulonglong get_master_info_ulonglong_value(THD *thd, ptrdiff_t offset) const;
+  ulonglong get_master_info_ulonglong_value(THD *thd) const;
   bool update_variable(THD *thd, Master_info *mi)
   {
     return update_multi_source_variable_func(this, thd, mi);
diff --git a/sql/table.cc b/sql/table.cc
index b85d23b2..88b65fe0 100644
--- a/sql/table.cc
+++ b/sql/table.cc
@@ -49,6 +49,7 @@
 #ifdef WITH_WSREP
 #include "wsrep_schema.h"
 #endif
+#include "log_event.h"           // MAX_TABLE_MAP_ID
 
 /* For MySQL 5.7 virtual fields */
 #define MYSQL57_GENERATED_FIELD 128
@@ -108,7 +109,7 @@ LEX_CSTRING MYSQL_PROC_NAME= {STRING_WITH_LEN("proc")};
 */
 static LEX_CSTRING parse_vcol_keyword= { STRING_WITH_LEN("PARSE_VCOL_EXPR ") };
 
-static std::atomic<ulong> last_table_id;
+static std::atomic<ulonglong> last_table_id;
 
 	/* Functions defined in this file */
 
@@ -384,17 +385,20 @@ TABLE_SHARE *alloc_table_share(const char *db, const char *table_name,
 
     DBUG_EXECUTE_IF("simulate_big_table_id",
                     if (last_table_id < UINT_MAX32)
-                      last_table_id= UINT_MAX32 - 1;);
+                      last_table_id= UINT_MAX32-1;);
     /*
-      There is one reserved number that cannot be used. Remember to
-      change this when 6-byte global table id's are introduced.
+      Replication is using 6 bytes as table_map_id. Ensure that
+      the 6 lowest bytes are not 0.
+      We also have to ensure that we do not use the special value
+      UINT_MAX32 as this is used to mark a dummy event row event. See
+      comments in Rows_log_event::Rows_log_event().
     */
     do
     {
       share->table_map_id=
         last_table_id.fetch_add(1, std::memory_order_relaxed);
-    } while (unlikely(share->table_map_id == ~0UL ||
-                      share->table_map_id == 0));
+    } while (unlikely((share->table_map_id & MAX_TABLE_MAP_ID) == 0) ||
+             unlikely((share->table_map_id & MAX_TABLE_MAP_ID) == UINT_MAX32));
   }
   DBUG_RETURN(share);
 }
@@ -457,7 +461,7 @@ void init_tmp_table_share(THD *thd, TABLE_SHARE *share, const char *key,
     table_map_id is also used for MERGE tables to suppress repeated
     compatibility checks.
   */
-  share->table_map_id= (ulong) thd->query_id;
+  share->table_map_id= (ulonglong) thd->query_id;
   DBUG_VOID_RETURN;
 }
 
@@ -1286,12 +1290,11 @@ bool parse_vcol_defs(THD *thd, MEM_ROOT *mem_root, TABLE *table,
         if (keypart->key_part_flag & HA_PART_KEY_SEG)
         {
           int length= keypart->length/keypart->field->charset()->mbmaxlen;
+          Field *kpf= table->field[keypart->field->field_index];
           list_item= new (mem_root) Item_func_left(thd,
-                       new (mem_root) Item_field(thd, keypart->field),
+                       new (mem_root) Item_field(thd, kpf),
                        new (mem_root) Item_int(thd, length));
           list_item->fix_fields(thd, NULL);
-          keypart->field->vcol_info=
-            table->field[keypart->field->field_index]->vcol_info;
         }
         else
           list_item= new (mem_root) Item_field(thd, keypart->field);
@@ -5958,7 +5961,7 @@ allocate:
   /* Create view fields translation table */
 
   if (!(transl=
-        (Field_translator*)(thd->stmt_arena->
+        (Field_translator*)(thd->
                             alloc(select->item_list.elements *
                                   sizeof(Field_translator)))))
   {
@@ -7585,7 +7588,7 @@ inline void TABLE::mark_index_columns_for_read(uint index)
     always set and sometimes read.
 */
 
-void TABLE::mark_auto_increment_column()
+void TABLE::mark_auto_increment_column(bool is_insert)
 {
   DBUG_ASSERT(found_next_number_field);
   /*
@@ -7593,7 +7596,8 @@ void TABLE::mark_auto_increment_column()
     store() to check overflow of auto_increment values
   */
   bitmap_set_bit(read_set, found_next_number_field->field_index);
-  bitmap_set_bit(write_set, found_next_number_field->field_index);
+  if (is_insert)
+    bitmap_set_bit(write_set, found_next_number_field->field_index);
   if (s->next_number_keypart)
     mark_index_columns_for_read(s->next_number_index);
   file->column_bitmaps_signal();
@@ -7718,7 +7722,7 @@ void TABLE::mark_columns_needed_for_update()
   else
   {
     if (found_next_number_field)
-      mark_auto_increment_column();
+      mark_auto_increment_column(false);
   }
 
   if (file->ha_table_flags() & HA_PRIMARY_KEY_REQUIRED_FOR_DELETE)
@@ -7794,7 +7798,7 @@ void TABLE::mark_columns_needed_for_insert()
     triggers->mark_fields_used(TRG_EVENT_INSERT);
   }
   if (found_next_number_field)
-    mark_auto_increment_column();
+    mark_auto_increment_column(true);
   if (default_field)
     mark_default_fields_for_write(TRUE);
   if (s->versioned)
@@ -10467,6 +10471,12 @@ bool Vers_history_point::check_unit(THD *thd)
 {
   if (!item)
     return false;
+  if (item->real_type() == Item::FIELD_ITEM)
+  {
+    my_error(ER_ILLEGAL_PARAMETER_DATA_TYPE_FOR_OPERATION, MYF(0),
+             item->full_name(), "FOR SYSTEM_TIME");
+    return true;
+  }
   if (item->fix_fields_if_needed(thd, &item))
     return true;
   const Type_handler *t= item->this_item()->real_type_handler();
diff --git a/sql/table.h b/sql/table.h
index 12ad29b1..ebf582c1 100644
--- a/sql/table.h
+++ b/sql/table.h
@@ -861,7 +861,7 @@ struct TABLE_SHARE
   /* 1 if frm version cannot be updated as part of upgrade */
   bool keep_original_mysql_version;
 
-  ulong table_map_id;                   /* for row-based replication */
+  ulonglong table_map_id;               /* for row-based replication */
 
   /*
     Things that are incompatible between the stored version and the
@@ -1023,7 +1023,7 @@ struct TABLE_SHARE
     return (table_category == TABLE_CATEGORY_LOG);
   }
 
-  inline ulong get_table_def_version()
+  inline ulonglong get_table_def_version()
   {
     return table_map_id;
   }
@@ -1102,7 +1102,7 @@ struct TABLE_SHARE
 
    @sa TABLE_LIST::is_the_same_definition()
   */
-  ulong get_table_ref_version() const
+  ulonglong get_table_ref_version() const
   {
     return (tmp_table == SYSTEM_TMP_TABLE) ? 0 : table_map_id;
   }
@@ -1585,7 +1585,7 @@ public:
   void mark_index_columns_no_reset(uint index, MY_BITMAP *bitmap);
   void mark_index_columns_for_read(uint index);
   void restore_column_maps_after_keyread(MY_BITMAP *backup);
-  void mark_auto_increment_column(void);
+  void mark_auto_increment_column(bool insert_fl);
   void mark_columns_needed_for_update(void);
   void mark_columns_needed_for_delete(void);
   void mark_columns_needed_for_insert(void);
@@ -2088,7 +2088,6 @@ public:
   void empty() { unit= VERS_TIMESTAMP; item= NULL; }
   void print(String *str, enum_query_type, const char *prefix, size_t plen) const;
   bool check_unit(THD *thd);
-  void bad_expression_data_type_error(const char *type) const;
   bool eq(const vers_history_point_t &point) const;
 };
 
@@ -2827,7 +2826,7 @@ struct TABLE_LIST
   { set_table_ref_id(s->get_table_ref_type(), s->get_table_ref_version()); }
 
   inline void set_table_ref_id(enum_table_ref_type table_ref_type_arg,
-                        ulong table_ref_version_arg)
+                               ulonglong table_ref_version_arg)
   {
     m_table_ref_type= table_ref_type_arg;
     m_table_ref_version= table_ref_version_arg;
@@ -2982,7 +2981,7 @@ private:
   /** See comments for set_table_ref_id() */
   enum enum_table_ref_type m_table_ref_type;
   /** See comments for set_table_ref_id() */
-  ulong m_table_ref_version;
+  ulonglong m_table_ref_version;
 };
 
 class Item;
diff --git a/sql/table_cache.cc b/sql/table_cache.cc
index 0039c96a..91292e18 100644
--- a/sql/table_cache.cc
+++ b/sql/table_cache.cc
@@ -1213,8 +1213,8 @@ int tdc_iterate(THD *thd, my_hash_walk_action action, void *argument,
 }
 
 
-int show_tc_active_instances(THD *thd, SHOW_VAR *var, char *buff,
-                             enum enum_var_type scope)
+int show_tc_active_instances(THD *thd, SHOW_VAR *var, void *buff,
+                             system_status_var *, enum enum_var_type scope)
 {
   var->type= SHOW_UINT;
   var->value= buff;
diff --git a/sql/table_cache.h b/sql/table_cache.h
index 433df5e0..71704ff2 100644
--- a/sql/table_cache.h
+++ b/sql/table_cache.h
@@ -87,8 +87,8 @@ extern int tdc_iterate(THD *thd, my_hash_walk_action action, void *argument,
                        bool no_dups= false);
 
 extern uint tc_records(void);
-int show_tc_active_instances(THD *thd, SHOW_VAR *var, char *buff,
-                             enum enum_var_type scope);
+int show_tc_active_instances(THD *thd, SHOW_VAR *var, void *buff,
+                             system_status_var *, enum enum_var_type scope);
 extern void tc_purge();
 extern void tc_add_table(THD *thd, TABLE *table);
 extern void tc_release_table(TABLE *table);
diff --git a/sql/temporary_tables.cc b/sql/temporary_tables.cc
index ecbfdde1..fa9abf7b 100644
--- a/sql/temporary_tables.cc
+++ b/sql/temporary_tables.cc
@@ -1588,6 +1588,11 @@ void THD::close_unused_temporary_table_instances(const TABLE_LIST *tl)
        {
          /* Note: removing current list element doesn't invalidate iterator. */
          share->all_tmp_tables.remove(table);
+         /*
+           At least one instance should be left (guaratead by calling this
+           function for table which is opened and the table is under processing)
+         */
+         DBUG_ASSERT(share->all_tmp_tables.front());
          free_temporary_table(table);
        }
      }
diff --git a/sql/wsrep_applier.cc b/sql/wsrep_applier.cc
index 90ede81a..8767f698 100644
--- a/sql/wsrep_applier.cc
+++ b/sql/wsrep_applier.cc
@@ -204,6 +204,11 @@ int wsrep_apply_events(THD*        thd,
       (thd->variables.option_bits & ~OPTION_SKIP_REPLICATION) |
       (ev->flags & LOG_EVENT_SKIP_REPLICATION_F ?  OPTION_SKIP_REPLICATION : 0);
 
+    if (ev->get_type_code() == GTID_EVENT)
+    {
+      thd->variables.option_bits &= ~OPTION_GTID_BEGIN;
+    }
+
     ev->thd= thd;
     exec_res= ev->apply_event(thd->wsrep_rgi);
     DBUG_PRINT("info", ("exec_event result: %d", exec_res));
diff --git a/sql/wsrep_client_service.cc b/sql/wsrep_client_service.cc
index d3b4a181..e26cac50 100644
--- a/sql/wsrep_client_service.cc
+++ b/sql/wsrep_client_service.cc
@@ -281,11 +281,18 @@ enum wsrep::provider::status Wsrep_client_service::replay()
     original THD state during replication event applying.
    */
   THD *replayer_thd= new THD(true, true);
+  // Replace the security context of the replayer with the security context
+  // of the original THD. Since security context class doesn't have proper
+  // copy constructors, we need to store the original one and set it back
+  // before destruction so that THD desctruction doesn't cause double-free
+  // on the replaced security context.
+  Security_context old_ctx = replayer_thd->main_security_ctx;
+  replayer_thd->main_security_ctx = m_thd->main_security_ctx;
   replayer_thd->thread_stack= m_thd->thread_stack;
   replayer_thd->real_id= pthread_self();
   replayer_thd->prior_thr_create_utime=
       replayer_thd->start_utime= microsecond_interval_timer();
-  replayer_thd->set_command(COM_SLEEP);
+  replayer_thd->mark_connection_idle();
   replayer_thd->reset_for_next_command(true);
 
   enum wsrep::provider::status ret;
@@ -297,6 +304,7 @@ enum wsrep::provider::status Wsrep_client_service::replay()
     replayer_service.replay_status(ret);
   }
 
+  replayer_thd->main_security_ctx = old_ctx;
   delete replayer_thd;
   DBUG_RETURN(ret);
 }
diff --git a/sql/wsrep_dummy.cc b/sql/wsrep_dummy.cc
index e1508884..8762dd99 100644
--- a/sql/wsrep_dummy.cc
+++ b/sql/wsrep_dummy.cc
@@ -167,3 +167,5 @@ void wsrep_report_bf_lock_wait(const THD*,
 void wsrep_thd_set_PA_unsafe(THD*)
 {}
 
+uint32 wsrep_get_domain_id()
+{ return 0;}
diff --git a/sql/wsrep_high_priority_service.cc b/sql/wsrep_high_priority_service.cc
index fb93273d..ecb0e487 100644
--- a/sql/wsrep_high_priority_service.cc
+++ b/sql/wsrep_high_priority_service.cc
@@ -569,6 +569,7 @@ int Wsrep_applier_service::apply_write_set(const wsrep::ws_meta& ws_meta,
   THD* thd= m_thd;
 
   thd->variables.option_bits |= OPTION_BEGIN;
+  thd->variables.option_bits |= OPTION_GTID_BEGIN;
   thd->variables.option_bits |= OPTION_NOT_AUTOCOMMIT;
   DBUG_ASSERT(thd->wsrep_trx().active());
   DBUG_ASSERT(thd->wsrep_trx().state() == wsrep::transaction::s_executing);
@@ -600,6 +601,8 @@ int Wsrep_applier_service::apply_write_set(const wsrep::ws_meta& ws_meta,
     thd->wsrep_cs().fragment_applied(ws_meta.seqno());
   }
   thd_proc_info(thd, "wsrep applied write set");
+
+  thd->variables.option_bits &= ~OPTION_GTID_BEGIN;
   DBUG_RETURN(ret);
 }
 
diff --git a/sql/wsrep_mysqld.cc b/sql/wsrep_mysqld.cc
index 0a615228..68649a95 100644
--- a/sql/wsrep_mysqld.cc
+++ b/sql/wsrep_mysqld.cc
@@ -584,7 +584,8 @@ my_bool wsrep_ready_get (void)
   return ret;
 }
 
-int wsrep_show_ready(THD *thd, SHOW_VAR *var, char *buff)
+int wsrep_show_ready(THD *thd, SHOW_VAR *var, void *buff,
+                     system_status_var *, enum_var_type)
 {
   var->type= SHOW_MY_BOOL;
   var->value= buff;
@@ -1713,7 +1714,13 @@ bool wsrep_sync_wait(THD* thd, enum enum_sql_command command)
   return res;
 }
 
-void wsrep_keys_free(wsrep_key_arr_t* key_arr)
+typedef struct wsrep_key_arr
+{
+    wsrep_key_t* keys;
+    size_t       keys_len;
+} wsrep_key_arr_t;
+
+static void wsrep_keys_free(wsrep_key_arr_t* key_arr)
 {
     for (size_t i= 0; i < key_arr->keys_len; ++i)
     {
@@ -1729,7 +1736,7 @@ void wsrep_keys_free(wsrep_key_arr_t* key_arr)
  * @param tables list of tables
  * @param keys   prepared keys
 
- * @return true if parent table append was successfull, otherwise false.
+ * @return 0 if parent table append was successful, non-zero otherwise.
 */
 bool
 wsrep_append_fk_parent_table(THD* thd, TABLE_LIST* tables, wsrep::key_array* keys)
@@ -1785,6 +1792,8 @@ wsrep_append_fk_parent_table(THD* thd, TABLE_LIST* tables, wsrep::key_array* key
     }
 
 exit:
+    DEBUG_SYNC(thd, "wsrep_append_fk_toi_keys_before_close_tables");
+
     /* close the table and release MDL locks */
     close_thread_tables(thd);
     thd->mdl_context.rollback_to_savepoint(mdl_savepoint);
@@ -1803,6 +1812,24 @@ exit:
       }
     }
 
+    /*
+      MDEV-32938: Check if DDL operation has been killed before.
+
+      It may be that during collecting foreign keys this operation gets BF-aborted
+      by another already-running TOI operation because it got MDL locks on the same
+      table for checking foreign keys.
+      After `close_thread_tables()` has been called it's safe to assume that no-one
+      can BF-abort this operation as it's not holding any MDL locks any more.
+    */
+    if (!fail)
+    {
+      mysql_mutex_lock(&thd->LOCK_thd_kill);
+      if (thd->killed)
+      {
+        fail= true;
+      }
+      mysql_mutex_unlock(&thd->LOCK_thd_kill);
+    }
     return fail;
 }
 
@@ -2006,18 +2033,43 @@ err:
 }
 
 /*
- * Prepare key list from db/table and table_list
+ * Prepare key list from db/table and table_list and append it to Wsrep
+ * with the given key type.
  *
  * Return zero in case of success, 1 in case of failure.
  */
+int wsrep_append_table_keys(THD* thd,
+                            TABLE_LIST* first_table,
+                            TABLE_LIST* table_list,
+                            Wsrep_service_key_type key_type)
+{
+   wsrep_key_arr_t key_arr= {0, 0};
+   const char* db_name= first_table ? first_table->db.str : NULL;
+   const char* table_name= first_table ? first_table->table_name.str : NULL;
+   int rcode= wsrep_prepare_keys_for_isolation(thd, db_name, table_name,
+                                               table_list, NULL, &key_arr);
+
+   if (!rcode && key_arr.keys_len)
+   {
+     rcode= wsrep_thd_append_key(thd, key_arr.keys,
+                                 key_arr.keys_len, key_type);
+   }
+
+   wsrep_keys_free(&key_arr);
+   return rcode;
+}
 
-bool wsrep_prepare_keys_for_isolation(THD*              thd,
-                                      const char*       db,
-                                      const char*       table,
-                                      const TABLE_LIST* table_list,
-                                      wsrep_key_arr_t*  ka)
+extern "C" int wsrep_thd_append_table_key(MYSQL_THD thd,
+                                    const char* db,
+                                    const char* table,
+                                    enum Wsrep_service_key_type key_type)
 {
-  return wsrep_prepare_keys_for_isolation(thd, db, table, table_list, NULL, ka);
+  wsrep_key_arr_t key_arr = {0, 0};
+  int ret = wsrep_prepare_keys_for_isolation(thd, db, table, NULL, NULL, &key_arr);
+  ret = ret || wsrep_thd_append_key(thd, key_arr.keys,
+                                    (int)key_arr.keys_len, key_type);
+  wsrep_keys_free(&key_arr);
+  return ret;
 }
 
 bool wsrep_prepare_key(const uchar* cache_key, size_t cache_key_len,
@@ -2939,6 +2991,15 @@ int wsrep_to_isolation_begin(THD *thd, const char *db_, const char *table_,
                              const wsrep::key_array *fk_tables,
                              const HA_CREATE_INFO *create_info)
 {
+  mysql_mutex_lock(&thd->LOCK_thd_kill);
+  const killed_state killed = thd->killed;
+  mysql_mutex_unlock(&thd->LOCK_thd_kill);
+  if (killed)
+  {
+    DBUG_ASSERT(FALSE);
+    return -1;
+  }
+
   /*
     No isolation for applier or replaying threads.
    */
@@ -3689,8 +3750,7 @@ void* start_wsrep_THD(void *arg)
   thd->security_ctx->skip_grants();
 
   /* handle_one_connection() again... */
-  thd->proc_info= 0;
-  thd->set_command(COM_SLEEP);
+  thd->mark_connection_idle();
   thd->init_for_queries();
   mysql_mutex_lock(&LOCK_wsrep_slave_threads);
 
diff --git a/sql/wsrep_mysqld.h b/sql/wsrep_mysqld.h
index 3efe3829..14ea07f4 100644
--- a/sql/wsrep_mysqld.h
+++ b/sql/wsrep_mysqld.h
@@ -162,7 +162,8 @@ extern char*       wsrep_cluster_capabilities;
 
 int  wsrep_show_status(THD *thd, SHOW_VAR *var, void *buff,
                        system_status_var *status_var, enum_var_type scope);
-int  wsrep_show_ready(THD *thd, SHOW_VAR *var, char *buff);
+int  wsrep_show_ready(THD *thd, SHOW_VAR *var, void *buff,
+                      system_status_var *, enum_var_type);
 void wsrep_free_status(THD *thd);
 void wsrep_update_cluster_state_uuid(const char* str);
 
@@ -503,17 +504,10 @@ void wsrep_init_gtid();
 bool wsrep_check_gtid_seqno(const uint32&, const uint32&, uint64&);
 bool wsrep_get_binlog_gtid_seqno(wsrep_server_gtid_t&);
 
-typedef struct wsrep_key_arr
-{
-    wsrep_key_t* keys;
-    size_t       keys_len;
-} wsrep_key_arr_t;
-bool wsrep_prepare_keys_for_isolation(THD*              thd,
-                                      const char*       db,
-                                      const char*       table,
-                                      const TABLE_LIST* table_list,
-                                      wsrep_key_arr_t*  ka);
-void wsrep_keys_free(wsrep_key_arr_t* key_arr);
+int wsrep_append_table_keys(THD* thd,
+                            TABLE_LIST* first_table,
+                            TABLE_LIST* table_list,
+                            Wsrep_service_key_type key_type);
 
 extern void
 wsrep_handle_mdl_conflict(MDL_context *requestor_ctx,
diff --git a/sql/wsrep_plugin.cc b/sql/wsrep_plugin.cc
index d23c51b1..63bdc0a4 100644
--- a/sql/wsrep_plugin.cc
+++ b/sql/wsrep_plugin.cc
@@ -18,18 +18,6 @@
 
 #include <mysql/plugin.h>
 
-static int wsrep_plugin_init(void *p)
-{
-  WSREP_DEBUG("wsrep_plugin_init()");
-  return 0;
-}
-
-static int wsrep_plugin_deinit(void *p)
-{
-  WSREP_DEBUG("wsrep_plugin_deinit()");
-  return 0;
-}
-
 struct Mysql_replication wsrep_plugin= {
   MYSQL_REPLICATION_INTERFACE_VERSION
 };
@@ -42,8 +30,8 @@ maria_declare_plugin(wsrep)
   "Codership Oy",
   "Wsrep replication plugin",
   PLUGIN_LICENSE_GPL,
-  wsrep_plugin_init,
-  wsrep_plugin_deinit,
+  NULL,
+  NULL,
   0x0100,
   NULL, /* Status variables */
   NULL, /* System variables */
diff --git a/sql/wsrep_server_service.cc b/sql/wsrep_server_service.cc
index 6f902130..c3df6e9f 100644
--- a/sql/wsrep_server_service.cc
+++ b/sql/wsrep_server_service.cc
@@ -39,7 +39,7 @@ static void init_service_thd(THD* thd, char* thread_stack)
   thd->thread_stack= thread_stack;
   thd->real_id= pthread_self();
   thd->prior_thr_create_utime= thd->start_utime= microsecond_interval_timer();
-  thd->set_command(COM_SLEEP);
+  thd->mark_connection_idle();
   thd->reset_for_next_command(true);
   server_threads.insert(thd); // as wsrep_innobase_kill_one_trx() uses find_thread_by_id()
 }
diff --git a/sql/wsrep_sst.cc b/sql/wsrep_sst.cc
index db138f25..573aa70c 100644
--- a/sql/wsrep_sst.cc
+++ b/sql/wsrep_sst.cc
@@ -732,7 +732,9 @@ static void* sst_joiner_thread (void* a)
     {
       proc.wait();
       // Read state ID (UUID:SEQNO) followed by wsrep_gtid_domain_id (if any).
+      unsigned long int domain_id= wsrep_gtid_domain_id;
       const char *pos= strchr(out, ' ');
+      WSREP_DEBUG("SST state ID tmp=%s out=%s pos=%p", tmp, out, pos);
 
       if (!pos) {
 
@@ -742,6 +744,13 @@ static void* sst_joiner_thread (void* a)
           WSREP_WARN("Did not find domain ID from SST script output '%s'. "
                      "Domain ID must be set manually to keep binlog consistent",
                      out);
+	  if (wsrep_gtid_domain_id)
+	  {
+	    WSREP_INFO("This node is configured to use wsrep_gtid_domain_id=%lu by user.",
+		       domain_id);
+	    wsrep_gtid_server.domain_id= (uint32)domain_id;
+	    wsrep_gtid_domain_id= (uint32)domain_id;
+	  }
         }
         err= sst_scan_uuid_seqno (out, &ret_uuid, &ret_seqno);
 
@@ -1769,6 +1778,8 @@ static int sst_flush_tables(THD* thd)
     char content[100];
     snprintf(content, sizeof(content), "%s:%lld %d\n", wsrep_cluster_state_uuid,
              (long long)wsrep_locked_seqno, wsrep_gtid_server.domain_id);
+    WSREP_DEBUG("sst_flush_tables : %s:%lld %d", wsrep_cluster_state_uuid,
+                (long long)wsrep_locked_seqno, wsrep_gtid_server.domain_id);
     err= sst_create_file(flush_success, content);
 
     if (err)
diff --git a/sql/wsrep_thd.cc b/sql/wsrep_thd.cc
index 682e6485..ede2c906 100644
--- a/sql/wsrep_thd.cc
+++ b/sql/wsrep_thd.cc
@@ -36,7 +36,7 @@ static Wsrep_thd_queue* wsrep_rollback_queue= 0;
 static Atomic_counter<uint64_t> wsrep_bf_aborts_counter;
 
 
-int wsrep_show_bf_aborts (THD *thd, SHOW_VAR *var, char *buff,
+int wsrep_show_bf_aborts (THD *thd, SHOW_VAR *var, void *, system_status_var *,
                           enum enum_var_type scope)
 {
   wsrep_local_bf_aborts= wsrep_bf_aborts_counter;
@@ -487,6 +487,7 @@ void wsrep_backup_kill_for_commit(THD *thd)
       thd->wsrep_trx().state() != wsrep::transaction::s_must_replay)
   {
     thd->wsrep_abort_by_kill= thd->killed;
+    my_free(thd->wsrep_abort_by_kill_err);
     thd->wsrep_abort_by_kill_err= thd->killed_err;
     thd->killed= NOT_KILLED;
     thd->killed_err= 0;
@@ -499,6 +500,7 @@ void wsrep_restore_kill_after_commit(THD *thd)
   DBUG_ASSERT(WSREP(thd));
   mysql_mutex_assert_owner(&thd->LOCK_thd_kill);
   thd->killed= thd->wsrep_abort_by_kill;
+  my_free(thd->killed_err);
   thd->killed_err= thd->wsrep_abort_by_kill_err;
   thd->wsrep_abort_by_kill= NOT_KILLED;
   thd->wsrep_abort_by_kill_err= 0;
diff --git a/sql/wsrep_thd.h b/sql/wsrep_thd.h
index f3790887..bf5baf9a 100644
--- a/sql/wsrep_thd.h
+++ b/sql/wsrep_thd.h
@@ -82,7 +82,7 @@ private:
   mysql_cond_t     COND_wsrep_thd_queue;
 };
 
-int wsrep_show_bf_aborts (THD *thd, SHOW_VAR *var, char *buff,
+int wsrep_show_bf_aborts (THD *thd, SHOW_VAR *var, void *, system_status_var *,
                           enum enum_var_type scope);
 bool wsrep_create_appliers(long threads, bool mutex_protected=false);
 void wsrep_create_rollbacker();
diff --git a/sql/wsrep_trans_observer.h b/sql/wsrep_trans_observer.h
index a963a2b1..25e71638 100644
--- a/sql/wsrep_trans_observer.h
+++ b/sql/wsrep_trans_observer.h
@@ -91,7 +91,13 @@ static inline bool wsrep_is_real(THD* thd, bool all)
  */
 static inline bool wsrep_has_changes(THD* thd)
 {
-  return (thd->wsrep_trx().is_empty() == false);
+  // Transaction has changes to replicate if it
+  // has appended one or more certification keys,
+  // and has actual changes to replicate in binlog
+  // cache. Except for streaming replication,
+  // where commit message may have no payload.
+  return !thd->wsrep_trx().is_empty() &&
+    (!wsrep_is_binlog_cache_empty(thd) || thd->wsrep_trx().is_streaming());
 }
 
 /*
diff --git a/storage/columnstore/columnstore/VERSION b/storage/columnstore/columnstore/VERSION
index 17d053eb..35b4ad7f 100644
--- a/storage/columnstore/columnstore/VERSION
+++ b/storage/columnstore/columnstore/VERSION
@@ -1,4 +1,4 @@
 COLUMNSTORE_VERSION_MAJOR=6
 COLUMNSTORE_VERSION_MINOR=4
-COLUMNSTORE_VERSION_PATCH=7
-COLUMNSTORE_VERSION_RELEASE=2
+COLUMNSTORE_VERSION_PATCH=8
+COLUMNSTORE_VERSION_RELEASE=1
diff --git a/storage/columnstore/columnstore/dbcon/mysql/ha_mcs.h b/storage/columnstore/columnstore/dbcon/mysql/ha_mcs.h
index 33c2c666..04ba27d3 100644
--- a/storage/columnstore/columnstore/dbcon/mysql/ha_mcs.h
+++ b/storage/columnstore/columnstore/dbcon/mysql/ha_mcs.h
@@ -118,6 +118,22 @@ class ha_mcs : public handler
     return HA_MAX_REC_LENGTH;
   }
 
+#ifdef MARIADB_NEW_COST_MODEL
+  /** @brief
+    Called in test_quick_select to determine if indexes should be used.
+  */
+   virtual IO_AND_CPU_COST scan_time() override
+   {
+     IO_AND_CPU_COST cost;
+     cost.io= 0.0;
+     /*
+       For now, assume all cost is CPU cost.
+       The numbers are also very inadequate for the new cost model.
+     */
+     cost.cpu= (double)(stats.records + stats.deleted) / 20.0 + 10;
+     return cost;
+   }
+#else
   /** @brief
     Called in test_quick_select to determine if indexes should be used.
   */
@@ -125,6 +141,7 @@ class ha_mcs : public handler
   {
     return (double)(stats.records + stats.deleted) / 20.0 + 10;
   }
+#endif
 
   /** @brief
     Analyze table command.
diff --git a/storage/columnstore/columnstore/dbcon/mysql/ha_mcs_impl_if.h b/storage/columnstore/columnstore/dbcon/mysql/ha_mcs_impl_if.h
index 40066976..037b2598 100644
--- a/storage/columnstore/columnstore/dbcon/mysql/ha_mcs_impl_if.h
+++ b/storage/columnstore/columnstore/dbcon/mysql/ha_mcs_impl_if.h
@@ -30,6 +30,7 @@
 #include <boost/shared_ptr.hpp>
 #include <stack>
 #include <vector>
+#include <bitset>
 
 #include "idb_mysql.h"
 #include "ha_mcs_sysvars.h"
diff --git a/storage/columnstore/columnstore/storage-manager/src/MetadataFile.cpp b/storage/columnstore/columnstore/storage-manager/src/MetadataFile.cpp
index e45c9517..fb947364 100644
--- a/storage/columnstore/columnstore/storage-manager/src/MetadataFile.cpp
+++ b/storage/columnstore/columnstore/storage-manager/src/MetadataFile.cpp
@@ -28,6 +28,7 @@
 #include <boost/uuid/uuid_io.hpp>
 #include <boost/uuid/random_generator.hpp>
 #include <unistd.h>
+#include <set>
 
 #define max(x, y) (x > y ? x : y)
 #define min(x, y) (x < y ? x : y)
diff --git a/storage/columnstore/columnstore/storage-manager/src/S3Storage.h b/storage/columnstore/columnstore/storage-manager/src/S3Storage.h
index 338de2f6..a7ff7a44 100644
--- a/storage/columnstore/columnstore/storage-manager/src/S3Storage.h
+++ b/storage/columnstore/columnstore/storage-manager/src/S3Storage.h
@@ -18,6 +18,7 @@
 #ifndef S3STORAGE_H_
 #define S3STORAGE_H_
 
+#include <deque>
 #include <string>
 #include <map>
 #include "CloudStorage.h"
diff --git a/storage/columnstore/columnstore/tools/passwd/secrets.cpp b/storage/columnstore/columnstore/tools/passwd/secrets.cpp
index aac32ffa..b6096254 100644
--- a/storage/columnstore/columnstore/tools/passwd/secrets.cpp
+++ b/storage/columnstore/columnstore/tools/passwd/secrets.cpp
@@ -13,6 +13,7 @@
 #include "secrets.h"
 
 #include <cctype>
+#include <array>
 #include <fstream>
 #include <pwd.h>
 #include <sys/stat.h>
@@ -35,12 +36,11 @@
 
 using std::string;
 
-
 #ifdef OPENSSL_VERSION_PREREQ
-#if OPENSSL_VERSION_PREREQ(3,0)
-  #define EVP_CIPHER_key_length EVP_CIPHER_get_key_length
-  #define EVP_CIPHER_iv_length EVP_CIPHER_get_iv_length
-  #define EVP_CIPHER_blocksize EVP_CIPHER_get_blocksize
+#if OPENSSL_VERSION_PREREQ(3, 0)
+#define EVP_CIPHER_key_length EVP_CIPHER_get_key_length
+#define EVP_CIPHER_iv_length EVP_CIPHER_get_iv_length
+#define EVP_CIPHER_blocksize EVP_CIPHER_get_blocksize
 #endif
 #endif
 
@@ -96,10 +96,6 @@ void CSPasswdLogging::log(int priority, const char* format, ...)
 namespace
 {
 using HexLookupTable = std::array<uint8_t, 256>;
-HexLookupTable init_hex_lookup_table() noexcept;
-
-// Hex char -> byte val lookup table.
-const HexLookupTable hex_lookup_table = init_hex_lookup_table();
 
 /* used in the bin2hex function */
 const char hex_upper[] = "0123456789ABCDEF";
@@ -134,6 +130,9 @@ HexLookupTable init_hex_lookup_table() noexcept
   return rval;
 }
 
+// Hex char -> byte val lookup table.
+const HexLookupTable hex_lookup_table = init_hex_lookup_table();
+
 bool hex2bin(const char* in, unsigned int in_len, uint8_t* out)
 {
   // Input length must be multiple of two.
diff --git a/storage/columnstore/columnstore/utils/cloudio/SocketPool.h b/storage/columnstore/columnstore/utils/cloudio/SocketPool.h
index 7e1bc940..310171b8 100644
--- a/storage/columnstore/columnstore/utils/cloudio/SocketPool.h
+++ b/storage/columnstore/columnstore/utils/cloudio/SocketPool.h
@@ -18,6 +18,7 @@
 #ifndef _SOCKETPOOL_H_
 #define _SOCKETPOOL_H_
 
+#include <deque>
 #include <boost/utility.hpp>
 #include <boost/thread/mutex.hpp>
 #include <boost/thread/condition_variable.hpp>
diff --git a/storage/connect/tabvct.cpp b/storage/connect/tabvct.cpp
index 9cf5f41d..f5710688 100644
--- a/storage/connect/tabvct.cpp
+++ b/storage/connect/tabvct.cpp
@@ -71,11 +71,6 @@
 #include "tabvct.h"
 #include "valblk.h"
 
-#if defined(UNIX)
-//add dummy strerror   (NGC)
-char *strerror(int num);
-#endif   // UNIX
-
 /***********************************************************************/
 /*  External function.                                                 */
 /***********************************************************************/
diff --git a/storage/connect/zip.c b/storage/connect/zip.c
index f6a10601..3d3d4cad 100644
--- a/storage/connect/zip.c
+++ b/storage/connect/zip.c
@@ -14,8 +14,8 @@
    Oct-2009 - Mathias Svensson - Added Zip64 Support when creating new file archives
    Oct-2009 - Mathias Svensson - Did some code cleanup and refactoring to get better overview of some functions.
    Oct-2009 - Mathias Svensson - Added zipRemoveExtraInfoBlock to strip extra field data from its ZIP64 data
-                                 It is used when recreting zip archive with RAW when deleting items from a zip.
-                                 ZIP64 data is automaticly added to items that needs it, and existing ZIP64 data need to be removed.
+                                 It is used when recreating zip archive with RAW when deleting items from a zip.
+                                 ZIP64 data is automatically added to items that needs it, and existing ZIP64 data need to be removed.
    Oct-2009 - Mathias Svensson - Added support for BZIP2 as compression mode (bzip2 lib is required)
    Jan-2010 - back to unzip and minizip 1.0 name scheme, with compatibility layer
 
@@ -25,15 +25,13 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <stdint.h>
 #include <time.h>
 #include "zlib.h"
 #include "zip.h"
-#include "my_attribute.h"
 
 #ifdef STDC
 #  include <stddef.h>
-#  include <string.h>
-#  include <stdlib.h>
 #endif
 #ifdef NO_ERRNO_H
     extern int errno;
@@ -48,7 +46,7 @@
 /* compile with -Dlocal if your debugger can't find static symbols */
 
 #ifndef VERSIONMADEBY
-# define VERSIONMADEBY   (0x0) /* platform depedent */
+# define VERSIONMADEBY   (0x0) /* platform dependent */
 #endif
 
 #ifndef Z_BUFSIZE
@@ -62,9 +60,6 @@
 #ifndef ALLOC
 # define ALLOC(size) (malloc(size))
 #endif
-#ifndef TRYFREE
-# define TRYFREE(p) {if (p) free(p);}
-#endif
 
 /*
 #define SIZECENTRALDIRITEM (0x2e)
@@ -117,7 +112,7 @@ typedef struct linkedlist_datablock_internal_s
   struct linkedlist_datablock_internal_s* next_datablock;
   uLong  avail_in_this_block;
   uLong  filled_in_this_block;
-  uLong  unused; /* for future use and alignement */
+  uLong  unused; /* for future use and alignment */
   unsigned char data[SIZEDATA_INDATABLOCK];
 } linkedlist_datablock_internal;
 
@@ -139,40 +134,40 @@ typedef struct
     uInt pos_in_buffered_data;  /* last written byte in buffered_data */
 
     ZPOS64_T pos_local_header;     /* offset of the local header of the file
-                                     currenty writing */
+                                     currently writing */
     char* central_header;       /* central header data for the current file */
     uLong size_centralExtra;
     uLong size_centralheader;   /* size of the central header for cur file */
     uLong size_centralExtraFree; /* Extra bytes allocated to the centralheader but that are not used */
     uLong flag;                 /* flag of the file currently writing */
 
-    int  method;                /* compression method of file currenty wr.*/
+    int  method;                /* compression method of file currently wr.*/
     int  raw;                   /* 1 for directly writing raw data */
     Byte buffered_data[Z_BUFSIZE];/* buffer contain compressed data to be writ*/
     uLong dosDate;
     uLong crc32;
     int  encrypt;
-    int  zip64;               /* Add ZIP64 extened information in the extra field */
+    int  zip64;               /* Add ZIP64 extended information in the extra field */
     ZPOS64_T pos_zip64extrainfo;
     ZPOS64_T totalCompressedData;
     ZPOS64_T totalUncompressedData;
 #ifndef NOCRYPT
     unsigned long keys[3];     /* keys defining the pseudo-random sequence */
     const z_crc_t* pcrc_32_tab;
-    int crypt_header_size;
+    unsigned crypt_header_size;
 #endif
 } curfile64_info;
 
 typedef struct
 {
     zlib_filefunc64_32_def z_filefunc;
-    voidpf filestream;        /* io structore of the zipfile */
+    voidpf filestream;        /* io structure of the zipfile */
     linkedlist_data central_dir;/* datablock with central dir in construction*/
     int  in_opened_file_inzip;  /* 1 if a file in the zip is currently writ.*/
-    curfile64_info ci;            /* info on the file curretly writing */
+    curfile64_info ci;            /* info on the file currently writing */
 
     ZPOS64_T begin_pos;            /* position of the beginning of the zipfile */
-    ZPOS64_T add_position_when_writting_offset;
+    ZPOS64_T add_position_when_writing_offset;
     ZPOS64_T number_entry;
 
 #ifndef NO_ADDFILEINEXISTINGZIP
@@ -187,8 +182,7 @@ typedef struct
 #include "crypt.h"
 #endif
 
-local linkedlist_datablock_internal* allocate_new_datablock()
-{
+local linkedlist_datablock_internal* allocate_new_datablock(void) {
     linkedlist_datablock_internal* ldi;
     ldi = (linkedlist_datablock_internal*)
                  ALLOC(sizeof(linkedlist_datablock_internal));
@@ -201,30 +195,26 @@ local linkedlist_datablock_internal* allocate_new_datablock()
     return ldi;
 }
 
-local void free_datablock(linkedlist_datablock_internal* ldi)
-{
+local void free_datablock(linkedlist_datablock_internal* ldi) {
     while (ldi!=NULL)
     {
         linkedlist_datablock_internal* ldinext = ldi->next_datablock;
-        TRYFREE(ldi);
+        free(ldi);
         ldi = ldinext;
     }
 }
 
-local void init_linkedlist(linkedlist_data* ll)
-{
+local void init_linkedlist(linkedlist_data* ll) {
     ll->first_block = ll->last_block = NULL;
 }
 
-local void free_linkedlist(linkedlist_data* ll)
-{
+local void free_linkedlist(linkedlist_data* ll) {
     free_datablock(ll->first_block);
     ll->first_block = ll->last_block = NULL;
 }
 
 
-local int add_data_in_datablock(linkedlist_data* ll, const void* buf, uLong len)
-{
+local int add_data_in_datablock(linkedlist_data* ll, const void* buf, uLong len) {
     linkedlist_datablock_internal* ldi;
     const unsigned char* from_copy;
 
@@ -239,7 +229,7 @@ local int add_data_in_datablock(linkedlist_data* ll, const void* buf, uLong len)
     }
 
     ldi = ll->last_block;
-    from_copy = (unsigned char*)buf;
+    from_copy = (const unsigned char*)buf;
 
     while (len>0)
     {
@@ -284,9 +274,7 @@ local int add_data_in_datablock(linkedlist_data* ll, const void* buf, uLong len)
    nbByte == 1, 2 ,4 or 8 (byte, short or long, ZPOS64_T)
 */
 
-local int zip64local_putValue OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T x, int nbByte));
-local int zip64local_putValue (const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T x, int nbByte)
-{
+local int zip64local_putValue(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T x, int nbByte) {
     unsigned char buf[8];
     int n;
     for (n = 0; n < nbByte; n++)
@@ -302,15 +290,13 @@ local int zip64local_putValue (const zlib_filefunc64_32_def* pzlib_filefunc_def,
         }
       }
 
-    if (ZWRITE64(*pzlib_filefunc_def,filestream,buf,nbByte)!=(uLong)nbByte)
+    if (ZWRITE64(*pzlib_filefunc_def,filestream,buf,(uLong)nbByte)!=(uLong)nbByte)
         return ZIP_ERRNO;
     else
         return ZIP_OK;
 }
 
-local void zip64local_putValue_inmemory OF((void* dest, ZPOS64_T x, int nbByte));
-local void zip64local_putValue_inmemory (void* dest, ZPOS64_T x, int nbByte)
-{
+local void zip64local_putValue_inmemory (void* dest, ZPOS64_T x, int nbByte) {
     unsigned char* buf=(unsigned char*)dest;
     int n;
     for (n = 0; n < nbByte; n++) {
@@ -330,25 +316,21 @@ local void zip64local_putValue_inmemory (void* dest, ZPOS64_T x, int nbByte)
 /****************************************************************************/
 
 
-local uLong zip64local_TmzDateToDosDate(const tm_zip* ptm)
-{
+local uLong zip64local_TmzDateToDosDate(const tm_zip* ptm) {
     uLong year = (uLong)ptm->tm_year;
     if (year>=1980)
         year-=1980;
     else if (year>=80)
         year-=80;
     return
-      (uLong) (((ptm->tm_mday) + (32 * (ptm->tm_mon+1)) + (512 * year)) << 16) |
-        ((ptm->tm_sec/2) + (32* ptm->tm_min) + (2048 * (uLong)ptm->tm_hour));
+      (uLong) (((uLong)(ptm->tm_mday) + (32 * (uLong)(ptm->tm_mon+1)) + (512 * year)) << 16) |
+        (((uLong)ptm->tm_sec/2) + (32 * (uLong)ptm->tm_min) + (2048 * (uLong)ptm->tm_hour));
 }
 
 
 /****************************************************************************/
 
-local int zip64local_getByte OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, int *pi));
-
-local int zip64local_getByte(const zlib_filefunc64_32_def* pzlib_filefunc_def,voidpf filestream,int* pi)
-{
+local int zip64local_getByte(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, int* pi) {
     unsigned char c;
     int err = (int)ZREAD64(*pzlib_filefunc_def,filestream,&c,1);
     if (err==1)
@@ -369,10 +351,7 @@ local int zip64local_getByte(const zlib_filefunc64_32_def* pzlib_filefunc_def,vo
 /* ===========================================================================
    Reads a long in LSB order from the given gz_stream. Sets
 */
-local int zip64local_getShort OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong *pX));
-
-local int zip64local_getShort (const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong* pX)
-{
+local int zip64local_getShort(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong* pX) {
     uLong x ;
     int i = 0;
     int err;
@@ -391,10 +370,7 @@ local int zip64local_getShort (const zlib_filefunc64_32_def* pzlib_filefunc_def,
     return err;
 }
 
-local int zip64local_getLong OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong *pX));
-
-local int zip64local_getLong (const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong* pX)
-{
+local int zip64local_getLong(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, uLong* pX) {
     uLong x ;
     int i = 0;
     int err;
@@ -421,11 +397,8 @@ local int zip64local_getLong (const zlib_filefunc64_32_def* pzlib_filefunc_def,
     return err;
 }
 
-local int zip64local_getLong64 OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T *pX));
 
-
-local int zip64local_getLong64 (const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T *pX)
-{
+local int zip64local_getLong64(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream, ZPOS64_T *pX) {
   ZPOS64_T x;
   int i = 0;
   int err;
@@ -476,10 +449,7 @@ local int zip64local_getLong64 (const zlib_filefunc64_32_def* pzlib_filefunc_def
   Locate the Central directory of a zipfile (at the end, just before
     the global comment)
 */
-local ZPOS64_T zip64local_SearchCentralDir OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream));
-
-local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream)
-{
+local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream) {
   unsigned char* buf;
   ZPOS64_T uSizeFile;
   ZPOS64_T uBackRead;
@@ -519,18 +489,18 @@ local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_f
     if (ZREAD64(*pzlib_filefunc_def,filestream,buf,uReadSize)!=uReadSize)
       break;
 
-    for (i=(int)uReadSize-3; (i--)>0;) {
+    for (i=(int)uReadSize-3; (i--)>0;)
       if (((*(buf+i))==0x50) && ((*(buf+i+1))==0x4b) &&
         ((*(buf+i+2))==0x05) && ((*(buf+i+3))==0x06))
       {
-        uPosFound = uReadPos+i;
+        uPosFound = uReadPos+(unsigned)i;
         break;
       }
-    }
+
     if (uPosFound!=0)
       break;
   }
-  TRYFREE(buf);
+  free(buf);
   return uPosFound;
 }
 
@@ -538,10 +508,7 @@ local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_f
 Locate the End of Zip64 Central directory locator and from there find the CD of a zipfile (at the end, just before
 the global comment)
 */
-local ZPOS64_T zip64local_SearchCentralDir64 OF((const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream));
-
-local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream)
-{
+local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib_filefunc_def, voidpf filestream) {
   unsigned char* buf;
   ZPOS64_T uSizeFile;
   ZPOS64_T uBackRead;
@@ -587,7 +554,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
       // Signature "0x07064b50" Zip64 end of central directory locater
       if (((*(buf+i))==0x50) && ((*(buf+i+1))==0x4b) && ((*(buf+i+2))==0x06) && ((*(buf+i+3))==0x07))
       {
-        uPosFound = uReadPos+i;
+        uPosFound = uReadPos+(unsigned)i;
         break;
       }
     }
@@ -596,7 +563,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
         break;
   }
 
-  TRYFREE(buf);
+  free(buf);
   if (uPosFound == 0)
     return 0;
 
@@ -638,8 +605,7 @@ local ZPOS64_T zip64local_SearchCentralDir64(const zlib_filefunc64_32_def* pzlib
   return relativeOffset;
 }
 
-static int LoadCentralDirectoryRecord(zip64_internal* pziinit)
-{
+local int LoadCentralDirectoryRecord(zip64_internal* pziinit) {
   int err=ZIP_OK;
   ZPOS64_T byte_before_the_zipfile;/* byte before the zipfile, (>0 for sfx)*/
 
@@ -649,9 +615,9 @@ static int LoadCentralDirectoryRecord(zip64_internal* pziinit)
   uLong uL;
 
   uLong number_disk;          /* number of the current dist, used for
-                              spaning ZIP, unsupported, always 0*/
+                              spanning ZIP, unsupported, always 0*/
   uLong number_disk_with_CD;  /* number the the disk with central dir, used
-                              for spaning ZIP, unsupported, always 0*/
+                              for spanning ZIP, unsupported, always 0*/
   ZPOS64_T number_entry;
   ZPOS64_T number_entry_CD;      /* total number of entries in
                                 the central dir
@@ -808,7 +774,7 @@ static int LoadCentralDirectoryRecord(zip64_internal* pziinit)
   }
 
   byte_before_the_zipfile = central_pos - (offset_central_dir+size_central_dir);
-  pziinit->add_position_when_writting_offset = byte_before_the_zipfile;
+  pziinit->add_position_when_writing_offset = byte_before_the_zipfile;
 
   {
     ZPOS64_T size_central_dir_to_read = size_central_dir;
@@ -831,7 +797,7 @@ static int LoadCentralDirectoryRecord(zip64_internal* pziinit)
 
       size_central_dir_to_read-=read_this;
     }
-    TRYFREE(buf_read);
+    free(buf_read);
   }
   pziinit->begin_pos = byte_before_the_zipfile;
   pziinit->number_entry = number_entry_CD;
@@ -847,8 +813,7 @@ static int LoadCentralDirectoryRecord(zip64_internal* pziinit)
 
 
 /************************************************************/
-static zipFile zipOpen3 (const void *pathname, int append, zipcharpc* globalcomment, zlib_filefunc64_32_def* pzlib_filefunc64_32_def)
-{
+extern zipFile ZEXPORT zipOpen3(const void *pathname, int append, zipcharpc* globalcomment, zlib_filefunc64_32_def* pzlib_filefunc64_32_def) {
     zip64_internal ziinit;
     zip64_internal* zi;
     int err=ZIP_OK;
@@ -876,7 +841,7 @@ static zipFile zipOpen3 (const void *pathname, int append, zipcharpc* globalcomm
     ziinit.in_opened_file_inzip = 0;
     ziinit.ci.stream_initialised = 0;
     ziinit.number_entry = 0;
-    ziinit.add_position_when_writting_offset = 0;
+    ziinit.add_position_when_writing_offset = 0;
     init_linkedlist(&(ziinit.central_dir));
 
 
@@ -906,9 +871,9 @@ static zipFile zipOpen3 (const void *pathname, int append, zipcharpc* globalcomm
     if (err != ZIP_OK)
     {
 #    ifndef NO_ADDFILEINEXISTINGZIP
-        TRYFREE(ziinit.globalcomment);
+        free(ziinit.globalcomment);
 #    endif /* !NO_ADDFILEINEXISTINGZIP*/
-        TRYFREE(zi);
+        free(zi);
         return NULL;
     }
     else
@@ -918,8 +883,7 @@ static zipFile zipOpen3 (const void *pathname, int append, zipcharpc* globalcomm
     }
 }
 
-extern zipFile ZEXPORT zipOpen2 (const char *pathname, int append, zipcharpc* globalcomment, zlib_filefunc_def* pzlib_filefunc32_def)
-{
+extern zipFile ZEXPORT zipOpen2(const char *pathname, int append, zipcharpc* globalcomment, zlib_filefunc_def* pzlib_filefunc32_def) {
     if (pzlib_filefunc32_def != NULL)
     {
         zlib_filefunc64_32_def zlib_filefunc64_32_def_fill;
@@ -930,8 +894,7 @@ extern zipFile ZEXPORT zipOpen2 (const char *pathname, int append, zipcharpc* gl
         return zipOpen3(pathname, append, globalcomment, NULL);
 }
 
-extern zipFile ZEXPORT zipOpen2_64 (const void *pathname, int append, zipcharpc* globalcomment, zlib_filefunc64_def* pzlib_filefunc_def)
-{
+extern zipFile ZEXPORT zipOpen2_64(const void *pathname, int append, zipcharpc* globalcomment, zlib_filefunc64_def* pzlib_filefunc_def) {
     if (pzlib_filefunc_def != NULL)
     {
         zlib_filefunc64_32_def zlib_filefunc64_32_def_fill;
@@ -946,18 +909,15 @@ extern zipFile ZEXPORT zipOpen2_64 (const void *pathname, int append, zipcharpc*
 
 
 
-extern zipFile ZEXPORT zipOpen (const char* pathname, int append)
-{
+extern zipFile ZEXPORT zipOpen(const char* pathname, int append) {
     return zipOpen3((const void*)pathname,append,NULL,NULL);
 }
 
-extern zipFile ZEXPORT zipOpen64 (const void* pathname, int append)
-{
+extern zipFile ZEXPORT zipOpen64(const void* pathname, int append) {
     return zipOpen3(pathname,append,NULL,NULL);
 }
 
-static int Write_LocalFileHeader(zip64_internal* zi, const char* filename, uInt size_extrafield_local, const void* extrafield_local)
-{
+local int Write_LocalFileHeader(zip64_internal* zi, const char* filename, uInt size_extrafield_local, const void* extrafield_local) {
   /* write the local header */
   int err;
   uInt size_filename = (uInt)strlen(filename);
@@ -1035,8 +995,8 @@ static int Write_LocalFileHeader(zip64_internal* zi, const char* filename, uInt
       // Remember position of Zip64 extended info for the local file header. (needed when we update size after done with file)
       zi->ci.pos_zip64extrainfo = ZTELL64(zi->z_filefunc,zi->filestream);
 
-      err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (short)HeaderID,2);
-      err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (short)DataSize,2);
+      err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (ZPOS64_T)HeaderID,2);
+      err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (ZPOS64_T)DataSize,2);
 
       err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (ZPOS64_T)UncompressedSize,8);
       err = zip64local_putValue(&zi->z_filefunc, zi->filestream, (ZPOS64_T)CompressedSize,8);
@@ -1053,24 +1013,24 @@ static int Write_LocalFileHeader(zip64_internal* zi, const char* filename, uInt
  It is not done here because then we need to realloc a new buffer since parameters are 'const' and I want to minimize
  unnecessary allocations.
  */
-extern int ZEXPORT zipOpenNewFileInZip4_64 (zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                         const void* extrafield_local, uInt size_extrafield_local,
-                                         const void* extrafield_global, uInt size_extrafield_global,
-                                         const char* comment, int method, int level, int raw,
-                                         int windowBits,int memLevel, int strategy,
-                                         const char* password, uLong crcForCrypting __attribute__((unused)),
-                                         uLong versionMadeBy, uLong flagBase, int zip64)
-{
+extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, const zip_fileinfo* zipfi,
+                                           const void* extrafield_local, uInt size_extrafield_local,
+                                           const void* extrafield_global, uInt size_extrafield_global,
+                                           const char* comment, int method, int level, int raw,
+                                           int windowBits,int memLevel, int strategy,
+                                           const char* password, uLong crcForCrypting,
+                                           uLong versionMadeBy, uLong flagBase, int zip64) {
     zip64_internal* zi;
     uInt size_filename;
     uInt size_comment;
     uInt i;
     int err = ZIP_OK;
 
-#ifdef NOCRYPT
+#    ifdef NOCRYPT
+    (crcForCrypting);
     if (password != NULL)
         return ZIP_PARAMERROR;
-#endif
+#    endif
 
     if (file == NULL)
         return ZIP_PARAMERROR;
@@ -1164,7 +1124,7 @@ extern int ZEXPORT zipOpenNewFileInZip4_64 (zipFile file, const char* filename,
     if(zi->ci.pos_local_header >= 0xffffffff)
       zip64local_putValue_inmemory(zi->ci.central_header+42,(uLong)0xffffffff,4);
     else
-      zip64local_putValue_inmemory(zi->ci.central_header+42,(uLong)zi->ci.pos_local_header - zi->add_position_when_writting_offset,4);
+      zip64local_putValue_inmemory(zi->ci.central_header+42,(uLong)zi->ci.pos_local_header - zi->add_position_when_writing_offset,4);
 
     for (i=0;i<size_filename;i++)
         *(zi->ci.central_header+SIZECENTRALHEADER+i) = *(filename+i);
@@ -1262,35 +1222,33 @@ extern int ZEXPORT zipOpenNewFileInZip4_64 (zipFile file, const char* filename,
     return err;
 }
 
-extern int ZEXPORT zipOpenNewFileInZip4 (zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                         const void* extrafield_local, uInt size_extrafield_local,
-                                         const void* extrafield_global, uInt size_extrafield_global,
-                                         const char* comment, int method, int level, int raw,
-                                         int windowBits,int memLevel, int strategy,
-                                         const char* password, uLong crcForCrypting,
-                                         uLong versionMadeBy, uLong flagBase)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, raw,
-                                 windowBits, memLevel, strategy,
-                                 password, crcForCrypting, versionMadeBy, flagBase, 0);
+extern int ZEXPORT zipOpenNewFileInZip4(zipFile file, const char* filename, const zip_fileinfo* zipfi,
+                                        const void* extrafield_local, uInt size_extrafield_local,
+                                        const void* extrafield_global, uInt size_extrafield_global,
+                                        const char* comment, int method, int level, int raw,
+                                        int windowBits,int memLevel, int strategy,
+                                        const char* password, uLong crcForCrypting,
+                                        uLong versionMadeBy, uLong flagBase) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, raw,
+                                   windowBits, memLevel, strategy,
+                                   password, crcForCrypting, versionMadeBy, flagBase, 0);
 }
 
-extern int ZEXPORT zipOpenNewFileInZip3 (zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                         const void* extrafield_local, uInt size_extrafield_local,
-                                         const void* extrafield_global, uInt size_extrafield_global,
-                                         const char* comment, int method, int level, int raw,
-                                         int windowBits,int memLevel, int strategy,
-                                         const char* password, uLong crcForCrypting)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, raw,
-                                 windowBits, memLevel, strategy,
-                                 password, crcForCrypting, VERSIONMADEBY, 0, 0);
+extern int ZEXPORT zipOpenNewFileInZip3(zipFile file, const char* filename, const zip_fileinfo* zipfi,
+                                        const void* extrafield_local, uInt size_extrafield_local,
+                                        const void* extrafield_global, uInt size_extrafield_global,
+                                        const char* comment, int method, int level, int raw,
+                                        int windowBits,int memLevel, int strategy,
+                                        const char* password, uLong crcForCrypting) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, raw,
+                                   windowBits, memLevel, strategy,
+                                   password, crcForCrypting, VERSIONMADEBY, 0, 0);
 }
 
 extern int ZEXPORT zipOpenNewFileInZip3_64(zipFile file, const char* filename, const zip_fileinfo* zipfi,
@@ -1298,70 +1256,64 @@ extern int ZEXPORT zipOpenNewFileInZip3_64(zipFile file, const char* filename, c
                                          const void* extrafield_global, uInt size_extrafield_global,
                                          const char* comment, int method, int level, int raw,
                                          int windowBits,int memLevel, int strategy,
-                                         const char* password, uLong crcForCrypting, int zip64)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, raw,
-                                 windowBits, memLevel, strategy,
-                                 password, crcForCrypting, VERSIONMADEBY, 0, zip64);
+                                         const char* password, uLong crcForCrypting, int zip64) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, raw,
+                                   windowBits, memLevel, strategy,
+                                   password, crcForCrypting, VERSIONMADEBY, 0, zip64);
 }
 
 extern int ZEXPORT zipOpenNewFileInZip2(zipFile file, const char* filename, const zip_fileinfo* zipfi,
                                         const void* extrafield_local, uInt size_extrafield_local,
                                         const void* extrafield_global, uInt size_extrafield_global,
-                                        const char* comment, int method, int level, int raw)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, raw,
-                                 -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
-                                 NULL, 0, VERSIONMADEBY, 0, 0);
+                                        const char* comment, int method, int level, int raw) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, raw,
+                                   -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
+                                   NULL, 0, VERSIONMADEBY, 0, 0);
 }
 
 extern int ZEXPORT zipOpenNewFileInZip2_64(zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                        const void* extrafield_local, uInt size_extrafield_local,
-                                        const void* extrafield_global, uInt size_extrafield_global,
-                                        const char* comment, int method, int level, int raw, int zip64)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, raw,
-                                 -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
-                                 NULL, 0, VERSIONMADEBY, 0, zip64);
+                                           const void* extrafield_local, uInt size_extrafield_local,
+                                           const void* extrafield_global, uInt size_extrafield_global,
+                                           const char* comment, int method, int level, int raw, int zip64) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, raw,
+                                   -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
+                                   NULL, 0, VERSIONMADEBY, 0, zip64);
 }
 
-extern int ZEXPORT zipOpenNewFileInZip64 (zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                        const void* extrafield_local, uInt size_extrafield_local,
-                                        const void*extrafield_global, uInt size_extrafield_global,
-                                        const char* comment, int method, int level, int zip64)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, 0,
-                                 -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
-                                 NULL, 0, VERSIONMADEBY, 0, zip64);
+extern int ZEXPORT zipOpenNewFileInZip64(zipFile file, const char* filename, const zip_fileinfo* zipfi,
+                                         const void* extrafield_local, uInt size_extrafield_local,
+                                         const void*extrafield_global, uInt size_extrafield_global,
+                                         const char* comment, int method, int level, int zip64) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, 0,
+                                   -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
+                                   NULL, 0, VERSIONMADEBY, 0, zip64);
 }
 
-extern int ZEXPORT zipOpenNewFileInZip (zipFile file, const char* filename, const zip_fileinfo* zipfi,
-                                        const void* extrafield_local, uInt size_extrafield_local,
-                                        const void*extrafield_global, uInt size_extrafield_global,
-                                        const char* comment, int method, int level)
-{
-    return zipOpenNewFileInZip4_64 (file, filename, zipfi,
-                                 extrafield_local, size_extrafield_local,
-                                 extrafield_global, size_extrafield_global,
-                                 comment, method, level, 0,
-                                 -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
-                                 NULL, 0, VERSIONMADEBY, 0, 0);
+extern int ZEXPORT zipOpenNewFileInZip(zipFile file, const char* filename, const zip_fileinfo* zipfi,
+                                       const void* extrafield_local, uInt size_extrafield_local,
+                                       const void*extrafield_global, uInt size_extrafield_global,
+                                       const char* comment, int method, int level) {
+    return zipOpenNewFileInZip4_64(file, filename, zipfi,
+                                   extrafield_local, size_extrafield_local,
+                                   extrafield_global, size_extrafield_global,
+                                   comment, method, level, 0,
+                                   -MAX_WBITS, DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
+                                   NULL, 0, VERSIONMADEBY, 0, 0);
 }
 
-local int zip64FlushWriteBuffer(zip64_internal* zi)
-{
+local int zip64FlushWriteBuffer(zip64_internal* zi) {
     int err=ZIP_OK;
 
     if (zi->ci.encrypt != 0)
@@ -1399,8 +1351,7 @@ local int zip64FlushWriteBuffer(zip64_internal* zi)
     return err;
 }
 
-extern int ZEXPORT zipWriteInFileInZip (zipFile file,const void* buf,unsigned int len)
-{
+extern int ZEXPORT zipWriteInFileInZip(zipFile file, const void* buf, unsigned int len) {
     zip64_internal* zi;
     int err=ZIP_OK;
 
@@ -1450,7 +1401,7 @@ extern int ZEXPORT zipWriteInFileInZip (zipFile file,const void* buf,unsigned in
     else
 #endif
     {
-      zi->ci.stream.next_in = (Bytef*)buf;
+      zi->ci.stream.next_in = (Bytef*)(uintptr_t)buf;
       zi->ci.stream.avail_in = len;
 
       while ((err==ZIP_OK) && (zi->ci.stream.avail_in>0))
@@ -1501,17 +1452,15 @@ extern int ZEXPORT zipWriteInFileInZip (zipFile file,const void* buf,unsigned in
     return err;
 }
 
-extern int ZEXPORT zipCloseFileInZipRaw (zipFile file, uLong uncompressed_size, uLong crc32)
-{
+extern int ZEXPORT zipCloseFileInZipRaw(zipFile file, uLong uncompressed_size, uLong crc32) {
     return zipCloseFileInZipRaw64 (file, uncompressed_size, crc32);
 }
 
-extern int ZEXPORT zipCloseFileInZipRaw64 (zipFile file, ZPOS64_T uncompressed_size, uLong crc32)
-{
+extern int ZEXPORT zipCloseFileInZipRaw64(zipFile file, ZPOS64_T uncompressed_size, uLong crc32) {
     zip64_internal* zi;
     ZPOS64_T compressed_size;
     uLong invalidValue = 0xffffffff;
-    short datasize = 0;
+    unsigned datasize = 0;
     int err=ZIP_OK;
 
     if (file == NULL)
@@ -1742,15 +1691,13 @@ extern int ZEXPORT zipCloseFileInZipRaw64 (zipFile file, ZPOS64_T uncompressed_s
     return err;
 }
 
-extern int ZEXPORT zipCloseFileInZip (zipFile file)
-{
+extern int ZEXPORT zipCloseFileInZip(zipFile file) {
     return zipCloseFileInZipRaw (file,0,0);
 }
 
-static int Write_Zip64EndOfCentralDirectoryLocator(zip64_internal* zi, ZPOS64_T zip64eocd_pos_inzip)
-{
+local int Write_Zip64EndOfCentralDirectoryLocator(zip64_internal* zi, ZPOS64_T zip64eocd_pos_inzip) {
   int err = ZIP_OK;
-  ZPOS64_T pos = zip64eocd_pos_inzip - zi->add_position_when_writting_offset;
+  ZPOS64_T pos = zip64eocd_pos_inzip - zi->add_position_when_writing_offset;
 
   err = zip64local_putValue(&zi->z_filefunc,zi->filestream,(uLong)ZIP64ENDLOCHEADERMAGIC,4);
 
@@ -1769,8 +1716,7 @@ static int Write_Zip64EndOfCentralDirectoryLocator(zip64_internal* zi, ZPOS64_T
     return err;
 }
 
-static int Write_Zip64EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size_centraldir, ZPOS64_T centraldir_pos_inzip)
-{
+local int Write_Zip64EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size_centraldir, ZPOS64_T centraldir_pos_inzip) {
   int err = ZIP_OK;
 
   uLong Zip64DataSize = 44;
@@ -1803,13 +1749,13 @@ static int Write_Zip64EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size
 
   if (err==ZIP_OK) /* offset of start of central directory with respect to the starting disk number */
   {
-    ZPOS64_T pos = centraldir_pos_inzip - zi->add_position_when_writting_offset;
+    ZPOS64_T pos = centraldir_pos_inzip - zi->add_position_when_writing_offset;
     err = zip64local_putValue(&zi->z_filefunc,zi->filestream, (ZPOS64_T)pos,8);
   }
   return err;
 }
-static int Write_EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size_centraldir, ZPOS64_T centraldir_pos_inzip)
-{
+
+local int Write_EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size_centraldir, ZPOS64_T centraldir_pos_inzip) {
   int err = ZIP_OK;
 
   /*signature*/
@@ -1844,20 +1790,19 @@ static int Write_EndOfCentralDirectoryRecord(zip64_internal* zi, uLong size_cent
 
   if (err==ZIP_OK) /* offset of start of central directory with respect to the starting disk number */
   {
-    ZPOS64_T pos = centraldir_pos_inzip - zi->add_position_when_writting_offset;
+    ZPOS64_T pos = centraldir_pos_inzip - zi->add_position_when_writing_offset;
     if(pos >= 0xffffffff)
     {
       err = zip64local_putValue(&zi->z_filefunc,zi->filestream, (uLong)0xffffffff,4);
     }
     else
-      err = zip64local_putValue(&zi->z_filefunc,zi->filestream, (uLong)(centraldir_pos_inzip - zi->add_position_when_writting_offset),4);
+      err = zip64local_putValue(&zi->z_filefunc,zi->filestream, (uLong)(centraldir_pos_inzip - zi->add_position_when_writing_offset),4);
   }
 
    return err;
 }
 
-static int Write_GlobalComment(zip64_internal* zi, const char* global_comment)
-{
+local int Write_GlobalComment(zip64_internal* zi, const char* global_comment) {
   int err = ZIP_OK;
   uInt size_global_comment = 0;
 
@@ -1874,8 +1819,7 @@ static int Write_GlobalComment(zip64_internal* zi, const char* global_comment)
   return err;
 }
 
-extern int ZEXPORT zipClose (zipFile file, const char* global_comment)
-{
+extern int ZEXPORT zipClose(zipFile file, const char* global_comment) {
     zip64_internal* zi;
     int err = 0;
     uLong size_centraldir = 0;
@@ -1916,7 +1860,7 @@ extern int ZEXPORT zipClose (zipFile file, const char* global_comment)
     }
     free_linkedlist(&(zi->central_dir));
 
-    pos = centraldir_pos_inzip - zi->add_position_when_writting_offset;
+    pos = centraldir_pos_inzip - zi->add_position_when_writing_offset;
     if(pos >= 0xffffffff || zi->number_entry > 0xFFFF)
     {
       ZPOS64_T Zip64EOCDpos = ZTELL64(zi->z_filefunc,zi->filestream);
@@ -1936,15 +1880,14 @@ extern int ZEXPORT zipClose (zipFile file, const char* global_comment)
             err = ZIP_ERRNO;
 
 #ifndef NO_ADDFILEINEXISTINGZIP
-    TRYFREE(zi->globalcomment);
+    free(zi->globalcomment);
 #endif
-    TRYFREE(zi);
+    free(zi);
 
     return err;
 }
 
-extern int ZEXPORT zipRemoveExtraInfoBlock (char* pData, int* dataLen, short sHeader)
-{
+extern int ZEXPORT zipRemoveExtraInfoBlock(char* pData, int* dataLen, short sHeader) {
   char* p = pData;
   int size = 0;
   char* pNewHeader;
@@ -1954,10 +1897,10 @@ extern int ZEXPORT zipRemoveExtraInfoBlock (char* pData, int* dataLen, short sHe
 
   int retVal = ZIP_OK;
 
-  if(pData == NULL || *dataLen < 4)
+  if(pData == NULL || dataLen == NULL || *dataLen < 4)
     return ZIP_PARAMERROR;
 
-  pNewHeader = (char*)ALLOC(*dataLen);
+  pNewHeader = (char*)ALLOC((unsigned)*dataLen);
   pTmp = pNewHeader;
 
   while(p < (pData + *dataLen))
@@ -1996,7 +1939,7 @@ extern int ZEXPORT zipRemoveExtraInfoBlock (char* pData, int* dataLen, short sHe
   else
     retVal = ZIP_ERRNO;
 
-  TRYFREE(pNewHeader);
+  free(pNewHeader);
 
   return retVal;
 }
diff --git a/storage/connect/zip.h b/storage/connect/zip.h
index 8aaebb62..5fc08413 100644
--- a/storage/connect/zip.h
+++ b/storage/connect/zip.h
@@ -88,12 +88,12 @@ typedef voidp zipFile;
 /* tm_zip contain date/time info */
 typedef struct tm_zip_s
 {
-    uInt tm_sec;            /* seconds after the minute - [0,59] */
-    uInt tm_min;            /* minutes after the hour - [0,59] */
-    uInt tm_hour;           /* hours since midnight - [0,23] */
-    uInt tm_mday;           /* day of the month - [1,31] */
-    uInt tm_mon;            /* months since January - [0,11] */
-    uInt tm_year;           /* years - [1980..2044] */
+    int tm_sec;             /* seconds after the minute - [0,59] */
+    int tm_min;             /* minutes after the hour - [0,59] */
+    int tm_hour;            /* hours since midnight - [0,23] */
+    int tm_mday;            /* day of the month - [1,31] */
+    int tm_mon;             /* months since January - [0,11] */
+    int tm_year;            /* years - [1980..2044] */
 } tm_zip;
 
 typedef struct
@@ -113,8 +113,8 @@ typedef const char* zipcharpc;
 #define APPEND_STATUS_CREATEAFTER   (1)
 #define APPEND_STATUS_ADDINZIP      (2)
 
-extern zipFile ZEXPORT zipOpen OF((const char *pathname, int append));
-extern zipFile ZEXPORT zipOpen64 OF((const void *pathname, int append));
+extern zipFile ZEXPORT zipOpen(const char *pathname, int append);
+extern zipFile ZEXPORT zipOpen64(const void *pathname, int append);
 /*
   Create a zipfile.
      pathname contain on Windows XP a filename like "c:\\zlib\\zlib113.zip" or on
@@ -131,41 +131,46 @@ extern zipFile ZEXPORT zipOpen64 OF((const void *pathname, int append));
 
 /* Note : there is no delete function into a zipfile.
    If you want delete file into a zipfile, you must open a zipfile, and create another
-   Of couse, you can use RAW reading and writing to copy the file you did not want delte
+   Of course, you can use RAW reading and writing to copy the file you did not want delete
 */
 
-extern zipFile ZEXPORT zipOpen2 OF((const char *pathname,
-                                   int append,
-                                   zipcharpc* globalcomment,
-                                   zlib_filefunc_def* pzlib_filefunc_def));
+extern zipFile ZEXPORT zipOpen2(const char *pathname,
+                                int append,
+                                zipcharpc* globalcomment,
+                                zlib_filefunc_def* pzlib_filefunc_def);
 
-extern zipFile ZEXPORT zipOpen2_64 OF((const void *pathname,
+extern zipFile ZEXPORT zipOpen2_64(const void *pathname,
                                    int append,
                                    zipcharpc* globalcomment,
-                                   zlib_filefunc64_def* pzlib_filefunc_def));
-
-extern int ZEXPORT zipOpenNewFileInZip OF((zipFile file,
-                       const char* filename,
-                       const zip_fileinfo* zipfi,
-                       const void* extrafield_local,
-                       uInt size_extrafield_local,
-                       const void* extrafield_global,
-                       uInt size_extrafield_global,
-                       const char* comment,
-                       int method,
-                       int level));
-
-extern int ZEXPORT zipOpenNewFileInZip64 OF((zipFile file,
-                       const char* filename,
-                       const zip_fileinfo* zipfi,
-                       const void* extrafield_local,
-                       uInt size_extrafield_local,
-                       const void* extrafield_global,
-                       uInt size_extrafield_global,
-                       const char* comment,
-                       int method,
-                       int level,
-                       int zip64));
+                                   zlib_filefunc64_def* pzlib_filefunc_def);
+
+extern zipFile ZEXPORT zipOpen3(const void *pathname,
+                                int append,
+                                zipcharpc* globalcomment,
+                                zlib_filefunc64_32_def* pzlib_filefunc64_32_def);
+
+extern int ZEXPORT zipOpenNewFileInZip(zipFile file,
+                                       const char* filename,
+                                       const zip_fileinfo* zipfi,
+                                       const void* extrafield_local,
+                                       uInt size_extrafield_local,
+                                       const void* extrafield_global,
+                                       uInt size_extrafield_global,
+                                       const char* comment,
+                                       int method,
+                                       int level);
+
+extern int ZEXPORT zipOpenNewFileInZip64(zipFile file,
+                                         const char* filename,
+                                         const zip_fileinfo* zipfi,
+                                         const void* extrafield_local,
+                                         uInt size_extrafield_local,
+                                         const void* extrafield_global,
+                                         uInt size_extrafield_global,
+                                         const char* comment,
+                                         int method,
+                                         int level,
+                                         int zip64);
 
 /*
   Open a file in the ZIP for writing.
@@ -184,70 +189,69 @@ extern int ZEXPORT zipOpenNewFileInZip64 OF((zipFile file,
 */
 
 
-extern int ZEXPORT zipOpenNewFileInZip2 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw));
-
-
-extern int ZEXPORT zipOpenNewFileInZip2_64 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw,
-                                            int zip64));
+extern int ZEXPORT zipOpenNewFileInZip2(zipFile file,
+                                        const char* filename,
+                                        const zip_fileinfo* zipfi,
+                                        const void* extrafield_local,
+                                        uInt size_extrafield_local,
+                                        const void* extrafield_global,
+                                        uInt size_extrafield_global,
+                                        const char* comment,
+                                        int method,
+                                        int level,
+                                        int raw);
+
+
+extern int ZEXPORT zipOpenNewFileInZip2_64(zipFile file,
+                                           const char* filename,
+                                           const zip_fileinfo* zipfi,
+                                           const void* extrafield_local,
+                                           uInt size_extrafield_local,
+                                           const void* extrafield_global,
+                                           uInt size_extrafield_global,
+                                           const char* comment,
+                                           int method,
+                                           int level,
+                                           int raw,
+                                           int zip64);
 /*
   Same than zipOpenNewFileInZip, except if raw=1, we write raw file
  */
 
-extern int ZEXPORT zipOpenNewFileInZip3 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw,
-                                            int windowBits,
-                                            int memLevel,
-                                            int strategy,
-                                            const char* password,
-                                            uLong crcForCrypting));
-
-extern int ZEXPORT zipOpenNewFileInZip3_64 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw,
-                                            int windowBits,
-                                            int memLevel,
-                                            int strategy,
-                                            const char* password,
-                                            uLong crcForCrypting,
-                                            int zip64
-                                            ));
+extern int ZEXPORT zipOpenNewFileInZip3(zipFile file,
+                                        const char* filename,
+                                        const zip_fileinfo* zipfi,
+                                        const void* extrafield_local,
+                                        uInt size_extrafield_local,
+                                        const void* extrafield_global,
+                                        uInt size_extrafield_global,
+                                        const char* comment,
+                                        int method,
+                                        int level,
+                                        int raw,
+                                        int windowBits,
+                                        int memLevel,
+                                        int strategy,
+                                        const char* password,
+                                        uLong crcForCrypting);
+
+extern int ZEXPORT zipOpenNewFileInZip3_64(zipFile file,
+                                           const char* filename,
+                                           const zip_fileinfo* zipfi,
+                                           const void* extrafield_local,
+                                           uInt size_extrafield_local,
+                                           const void* extrafield_global,
+                                           uInt size_extrafield_global,
+                                           const char* comment,
+                                           int method,
+                                           int level,
+                                           int raw,
+                                           int windowBits,
+                                           int memLevel,
+                                           int strategy,
+                                           const char* password,
+                                           uLong crcForCrypting,
+                                           int zip64);
 
 /*
   Same than zipOpenNewFileInZip2, except
@@ -256,47 +260,45 @@ extern int ZEXPORT zipOpenNewFileInZip3_64 OF((zipFile file,
     crcForCrypting : crc of file to compress (needed for crypting)
  */
 
-extern int ZEXPORT zipOpenNewFileInZip4 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw,
-                                            int windowBits,
-                                            int memLevel,
-                                            int strategy,
-                                            const char* password,
-                                            uLong crcForCrypting,
-                                            uLong versionMadeBy,
-                                            uLong flagBase
-                                            ));
-
-
-extern int ZEXPORT zipOpenNewFileInZip4_64 OF((zipFile file,
-                                            const char* filename,
-                                            const zip_fileinfo* zipfi,
-                                            const void* extrafield_local,
-                                            uInt size_extrafield_local,
-                                            const void* extrafield_global,
-                                            uInt size_extrafield_global,
-                                            const char* comment,
-                                            int method,
-                                            int level,
-                                            int raw,
-                                            int windowBits,
-                                            int memLevel,
-                                            int strategy,
-                                            const char* password,
-                                            uLong crcForCrypting,
-                                            uLong versionMadeBy,
-                                            uLong flagBase,
-                                            int zip64
-                                            ));
+extern int ZEXPORT zipOpenNewFileInZip4(zipFile file,
+                                        const char* filename,
+                                        const zip_fileinfo* zipfi,
+                                        const void* extrafield_local,
+                                        uInt size_extrafield_local,
+                                        const void* extrafield_global,
+                                        uInt size_extrafield_global,
+                                        const char* comment,
+                                        int method,
+                                        int level,
+                                        int raw,
+                                        int windowBits,
+                                        int memLevel,
+                                        int strategy,
+                                        const char* password,
+                                        uLong crcForCrypting,
+                                        uLong versionMadeBy,
+                                        uLong flagBase);
+
+
+extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file,
+                                           const char* filename,
+                                           const zip_fileinfo* zipfi,
+                                           const void* extrafield_local,
+                                           uInt size_extrafield_local,
+                                           const void* extrafield_global,
+                                           uInt size_extrafield_global,
+                                           const char* comment,
+                                           int method,
+                                           int level,
+                                           int raw,
+                                           int windowBits,
+                                           int memLevel,
+                                           int strategy,
+                                           const char* password,
+                                           uLong crcForCrypting,
+                                           uLong versionMadeBy,
+                                           uLong flagBase,
+                                           int zip64);
 /*
   Same than zipOpenNewFileInZip4, except
     versionMadeBy : value for Version made by field
@@ -304,25 +306,25 @@ extern int ZEXPORT zipOpenNewFileInZip4_64 OF((zipFile file,
  */
 
 
-extern int ZEXPORT zipWriteInFileInZip OF((zipFile file,
-                       const void* buf,
-                       unsigned len));
+extern int ZEXPORT zipWriteInFileInZip(zipFile file,
+                                       const void* buf,
+                                       unsigned len);
 /*
   Write data in the zipfile
 */
 
-extern int ZEXPORT zipCloseFileInZip OF((zipFile file));
+extern int ZEXPORT zipCloseFileInZip(zipFile file);
 /*
   Close the current file in the zipfile
 */
 
-extern int ZEXPORT zipCloseFileInZipRaw OF((zipFile file,
-                                            uLong uncompressed_size,
-                                            uLong crc32));
+extern int ZEXPORT zipCloseFileInZipRaw(zipFile file,
+                                        uLong uncompressed_size,
+                                        uLong crc32);
 
-extern int ZEXPORT zipCloseFileInZipRaw64 OF((zipFile file,
-                                            ZPOS64_T uncompressed_size,
-                                            uLong crc32));
+extern int ZEXPORT zipCloseFileInZipRaw64(zipFile file,
+                                          ZPOS64_T uncompressed_size,
+                                          uLong crc32);
 
 /*
   Close the current file in the zipfile, for file opened with
@@ -330,14 +332,14 @@ extern int ZEXPORT zipCloseFileInZipRaw64 OF((zipFile file,
   uncompressed_size and crc32 are value for the uncompressed size
 */
 
-extern int ZEXPORT zipClose OF((zipFile file,
-                const char* global_comment));
+extern int ZEXPORT zipClose(zipFile file,
+                            const char* global_comment);
 /*
   Close the zipfile
 */
 
 
-extern int ZEXPORT zipRemoveExtraInfoBlock OF((char* pData, int* dataLen, short sHeader));
+extern int ZEXPORT zipRemoveExtraInfoBlock(char* pData, int* dataLen, short sHeader);
 /*
   zipRemoveExtraInfoBlock -  Added by Mathias Svensson
 
diff --git a/storage/federatedx/federatedx_io_mysql.cc b/storage/federatedx/federatedx_io_mysql.cc
index fc32146b..cc234f1e 100644
--- a/storage/federatedx/federatedx_io_mysql.cc
+++ b/storage/federatedx/federatedx_io_mysql.cc
@@ -451,11 +451,14 @@ int federatedx_io_mysql::actual_query(const char *buffer, size_t length)
                             get_port(),
                             get_socket(), 0))
       DBUG_RETURN(ER_CONNECT_TO_FOREIGN_DATA_SOURCE);
+
+    if ((error= mysql_real_query(&mysql, STRING_WITH_LEN("set time_zone='+00:00'"))))
+      DBUG_RETURN(error);
+
     mysql.reconnect= 1;
   }
 
-  if (!(error= mysql_real_query(&mysql, STRING_WITH_LEN("set time_zone='+00:00'"))))
-    error= mysql_real_query(&mysql, buffer, (ulong)length);
+  error= mysql_real_query(&mysql, buffer, (ulong)length);
   
   DBUG_RETURN(error);
 }
diff --git a/storage/innobase/btr/btr0btr.cc b/storage/innobase/btr/btr0btr.cc
index 08be1991..705ff035 100644
--- a/storage/innobase/btr/btr0btr.cc
+++ b/storage/innobase/btr/btr0btr.cc
@@ -216,10 +216,11 @@ ATTRIBUTE_COLD void btr_decryption_failed(const dict_index_t &index)
 @param[in]	merge	whether change buffer merge should be attempted
 @param[in,out]	mtr	mini-transaction
 @param[out]	err	error code
+@param[out]	first	set if this is a first-time access to the page
 @return block */
 buf_block_t *btr_block_get(const dict_index_t &index,
                            uint32_t page, rw_lock_type_t mode, bool merge,
-                           mtr_t *mtr, dberr_t *err)
+                           mtr_t *mtr, dberr_t *err, bool *first)
 {
   ut_ad(mode != RW_NO_LATCH);
   dberr_t local_err;
@@ -242,6 +243,8 @@ buf_block_t *btr_block_get(const dict_index_t &index,
       *err= DB_PAGE_CORRUPTED;
       block= nullptr;
     }
+    else if (!buf_page_make_young_if_needed(&block->page) && first)
+      *first= true;
   }
   else if (*err == DB_DECRYPTION_FAILED)
     btr_decryption_failed(index);
@@ -302,6 +305,8 @@ btr_root_block_get(
       *err= DB_CORRUPTION;
       block= nullptr;
     }
+    else
+      buf_page_make_young_if_needed(&block->page);
   }
   else if (*err == DB_DECRYPTION_FAILED)
     btr_decryption_failed(*index);
@@ -553,8 +558,11 @@ btr_page_alloc_for_ibuf(
                                                 root->page.frame)),
                      0, RW_X_LATCH, nullptr, BUF_GET, mtr, err);
   if (new_block)
+  {
+    buf_page_make_young_if_needed(&new_block->page);
     *err= flst_remove(root, PAGE_HEADER + PAGE_BTR_IBUF_FREE_LIST, new_block,
                 PAGE_HEADER + PAGE_BTR_IBUF_FREE_LIST_NODE, mtr);
+  }
   ut_d(if (*err == DB_SUCCESS)
          flst_validate(root, PAGE_HEADER + PAGE_BTR_IBUF_FREE_LIST, mtr));
   return new_block;
@@ -873,7 +881,8 @@ static rec_offs *btr_page_get_parent(rec_offs *offsets, mem_heap_t *heap,
 /************************************************************//**
 Returns the upper level node pointer to a page. It is assumed that mtr holds
 an x-latch on the tree.
-@return rec_get_offsets() of the node pointer record */
+@return rec_get_offsets() of the node pointer record
+@retval nullptr on corruption */
 static
 rec_offs*
 btr_page_get_father_block(
@@ -1351,6 +1360,7 @@ btr_write_autoinc(dict_index_t* index, ib_uint64_t autoinc, bool reset)
   if (buf_block_t *root= buf_page_get(page_id_t(space->id, index->page),
 				      space->zip_size(), RW_SX_LATCH, &mtr))
   {
+    buf_page_make_young_if_needed(&root->page);
     mtr.set_named_space(space);
     page_set_autoinc(root, autoinc, &mtr, reset);
   }
@@ -2542,6 +2552,11 @@ btr_attach_half_pages(
 		offsets = btr_page_get_father_block(nullptr, heap, mtr,
 						    &cursor);
 
+		if (UNIV_UNLIKELY(!offsets)) {
+			mem_heap_free(heap);
+			return DB_CORRUPTION;
+		}
+
 		/* Replace the address of the old child node (= page) with the
 		address of the new lower half */
 
@@ -3478,6 +3493,14 @@ btr_lift_page_up(
 			offsets = btr_page_get_father_block(offsets, heap,
 							    mtr, &cursor);
 		}
+
+		if (UNIV_UNLIKELY(!offsets)) {
+parent_corrupted:
+			mem_heap_free(heap);
+			*err = DB_CORRUPTION;
+			return nullptr;
+		}
+
 		father_block = btr_cur_get_block(&cursor);
 		father_page_zip = buf_block_get_page_zip(father_block);
 
@@ -3502,6 +3525,10 @@ btr_lift_page_up(
 								    &cursor);
 			}
 
+			if (UNIV_UNLIKELY(!offsets)) {
+				goto parent_corrupted;
+			}
+
 			blocks[n_blocks++] = b = btr_cur_get_block(&cursor);
 		}
 
@@ -3717,6 +3744,11 @@ btr_compress(
 			NULL, heap, mtr, &father_cursor);
 	}
 
+	if (UNIV_UNLIKELY(!offsets)) {
+		err = DB_CORRUPTION;
+		goto func_exit;
+	}
+
 	if (adjust) {
 		nth_rec = page_rec_get_n_recs_before(btr_cur_get_rec(cursor));
 		if (UNIV_UNLIKELY(!nth_rec || nth_rec == ULINT_UNDEFINED)) {
diff --git a/storage/innobase/btr/btr0bulk.cc b/storage/innobase/btr/btr0bulk.cc
index 013cd131..5bf68c58 100644
--- a/storage/innobase/btr/btr0bulk.cc
+++ b/storage/innobase/btr/btr0bulk.cc
@@ -52,6 +52,7 @@ PageBulk::init()
 
 	if (m_page_no == FIL_NULL) {
 		mtr_t	alloc_mtr;
+		dberr_t err= DB_SUCCESS;
 
 		/* We commit redo log for allocation by a separate mtr,
 		because we don't guarantee pages are committed following
@@ -60,28 +61,15 @@ PageBulk::init()
 		alloc_mtr.start();
 		m_index->set_modified(alloc_mtr);
 
-		uint32_t n_reserved;
-		dberr_t err = fsp_reserve_free_extents(
-			&n_reserved, m_index->table->space, 1, FSP_NORMAL,
-			&alloc_mtr);
-		if (UNIV_UNLIKELY(err != DB_SUCCESS)) {
-oom:
-			alloc_mtr.commit();
-			m_mtr.commit();
-			return err;
-		}
-
 		/* Allocate a new page. */
 		new_block = btr_page_alloc(m_index, 0, FSP_UP, m_level,
 					   &alloc_mtr, &m_mtr, &err);
+		alloc_mtr.commit();
 		if (!new_block) {
-			goto oom;
+			m_mtr.commit();
+			return err;
 		}
 
-		m_index->table->space->release_free_extents(n_reserved);
-
-		alloc_mtr.commit();
-
 		new_page = buf_block_get_frame(new_block);
 		m_page_no = new_block->page.id().page_no();
 
@@ -969,10 +957,10 @@ BtrBulk::pageCommit(
 /** Log free check */
 inline void BtrBulk::logFreeCheck()
 {
-	if (log_sys.check_flush_or_checkpoint()) {
+	if (log_sys.check_for_checkpoint()) {
 		release();
 
-		log_check_margins();
+		log_free_check();
 
 		latch();
 	}
diff --git a/storage/innobase/btr/btr0cur.cc b/storage/innobase/btr/btr0cur.cc
index e736f338..46afb73b 100644
--- a/storage/innobase/btr/btr0cur.cc
+++ b/storage/innobase/btr/btr0cur.cc
@@ -1156,6 +1156,19 @@ dberr_t btr_cur_t::search_leaf(const dtuple_t *tuple, page_cur_mode_t mode,
       mtr_s_lock_index(index(), mtr);
   }
 
+  dberr_t err;
+
+  if (!index()->table->space)
+  {
+  corrupted:
+    ut_ad("corrupted" == 0); // FIXME: remove this
+    err= DB_CORRUPTION;
+  func_exit:
+    if (UNIV_LIKELY_NULL(heap))
+      mem_heap_free(heap);
+    return err;
+  }
+
   const ulint zip_size= index()->table->space->zip_size();
 
   /* Start with the root page. */
@@ -1169,7 +1182,6 @@ dberr_t btr_cur_t::search_leaf(const dtuple_t *tuple, page_cur_mode_t mode,
   low_bytes= 0;
   ulint buf_mode= BUF_GET;
  search_loop:
-  dberr_t err;
   auto block_savepoint= mtr->get_savepoint();
   buf_block_t *block=
     buf_page_get_gen(page_id, zip_size, rw_latch, guess, buf_mode, mtr,
@@ -1181,10 +1193,7 @@ dberr_t btr_cur_t::search_leaf(const dtuple_t *tuple, page_cur_mode_t mode,
       btr_decryption_failed(*index());
       /* fall through */
     default:
-    func_exit:
-      if (UNIV_LIKELY_NULL(heap))
-        mem_heap_free(heap);
-      return err;
+      goto func_exit;
     case DB_SUCCESS:
       /* This must be a search to perform an insert, delete mark, or delete;
       try using the change buffer */
@@ -1251,16 +1260,11 @@ dberr_t btr_cur_t::search_leaf(const dtuple_t *tuple, page_cur_mode_t mode,
       btr_page_get_index_id(block->page.frame) != index()->id ||
       fil_page_get_type(block->page.frame) == FIL_PAGE_RTREE ||
       !fil_page_index_page_check(block->page.frame))
-  {
-  corrupted:
-    ut_ad("corrupted" == 0); // FIXME: remove this
-    err= DB_CORRUPTION;
-    goto func_exit;
-  }
+    goto corrupted;
 
   page_cur.block= block;
   ut_ad(block == mtr->at_savepoint(block_savepoint));
-  ut_ad(rw_latch != RW_NO_LATCH);
+  const bool not_first_access{buf_page_make_young_if_needed(&block->page)};
 #ifdef UNIV_ZIP_DEBUG
   if (const page_zip_des_t *page_zip= buf_block_get_page_zip(block))
     ut_a(page_zip_validate(page_zip, block->page.frame, index()));
@@ -1539,6 +1543,9 @@ release_tree:
     case BTR_SEARCH_PREV: /* btr_pcur_move_to_prev() */
       ut_ad(rw_latch == RW_S_LATCH || rw_latch == RW_X_LATCH);
 
+      if (!not_first_access)
+        buf_read_ahead_linear(page_id, zip_size, false);
+
       if (page_has_prev(block->page.frame) &&
           page_rec_is_first(page_cur.rec, block->page.frame))
       {
@@ -1578,6 +1585,8 @@ release_tree:
         buf_mode= btr_op == BTR_DELETE_OP
           ? BUF_GET_IF_IN_POOL_OR_WATCH
           : BUF_GET_IF_IN_POOL;
+      else if (!not_first_access)
+        buf_read_ahead_linear(page_id, zip_size, false);
       break;
     case BTR_MODIFY_TREE:
       ut_ad(rw_latch == RW_X_LATCH);
@@ -1611,6 +1620,14 @@ ATTRIBUTE_COLD void mtr_t::index_lock_upgrade()
   slot.type= MTR_MEMO_X_LOCK;
 }
 
+/** Mark a non-leaf page "least recently used", but avoid invoking
+buf_page_t::set_accessed(), because we do not want linear read-ahead */
+static void btr_cur_nonleaf_make_young(buf_page_t *bpage)
+{
+  if (UNIV_UNLIKELY(buf_page_peek_if_too_old(bpage)))
+    buf_page_make_young(bpage);
+}
+
 ATTRIBUTE_COLD
 dberr_t btr_cur_t::pessimistic_search_leaf(const dtuple_t *tuple,
                                            page_cur_mode_t mode, mtr_t *mtr)
@@ -1713,6 +1730,8 @@ dberr_t btr_cur_t::pessimistic_search_leaf(const dtuple_t *tuple,
   if (height != btr_page_get_level(block->page.frame))
     goto corrupted;
 
+  btr_cur_nonleaf_make_young(&block->page);
+
 #ifdef UNIV_ZIP_DEBUG
   const page_zip_des_t *page_zip= buf_block_get_page_zip(block);
   ut_a(!page_zip || page_zip_validate(page_zip, block->page.frame, index()));
@@ -1799,6 +1818,8 @@ search_loop:
       btr_decryption_failed(*index);
     goto func_exit;
   }
+  else
+    btr_cur_nonleaf_make_young(&block->page);
 
 #ifdef UNIV_ZIP_DEBUG
   if (const page_zip_des_t *page_zip= buf_block_get_page_zip(block))
@@ -1934,18 +1955,15 @@ index_locked:
     ut_ad(n_blocks < BTR_MAX_LEVELS);
     ut_ad(savepoint + n_blocks == mtr->get_savepoint());
 
+    bool first_access= false;
     buf_block_t* block=
       btr_block_get(*index, page,
                     height ? upper_rw_latch : root_leaf_rw_latch,
-                    !height, mtr, &err);
+                    !height, mtr, &err, &first_access);
     ut_ad(!block == (err != DB_SUCCESS));
 
     if (!block)
-    {
-      if (err == DB_DECRYPTION_FAILED)
-        btr_decryption_failed(*index);
       break;
-    }
 
     if (first)
       page_cur_set_before_first(block, &page_cur);
@@ -2029,10 +2047,16 @@ index_locked:
 
     offsets= rec_get_offsets(page_cur.rec, index, offsets, 0, ULINT_UNDEFINED,
                              &heap);
+    page= btr_node_ptr_get_child_page_no(page_cur.rec, offsets);
 
     ut_ad(latch_mode != BTR_MODIFY_TREE || upper_rw_latch == RW_X_LATCH);
 
-    if (latch_mode != BTR_MODIFY_TREE);
+    if (latch_mode != BTR_MODIFY_TREE)
+    {
+      if (!height && first && first_access)
+        buf_read_ahead_linear(page_id_t(block->page.id().space(), page),
+                              block->page.zip_size(), false);
+    }
     else if (btr_cur_need_opposite_intention(block->page, index->is_clust(),
                                              lock_intention,
                                              node_ptr_max_size, compress_limit,
@@ -2070,7 +2094,6 @@ index_locked:
     }
 
     /* Go to the child node */
-    page= btr_node_ptr_get_child_page_no(page_cur.rec, offsets);
     n_blocks++;
   }
 
@@ -3837,22 +3860,14 @@ btr_cur_pess_upd_restore_supremum(
 
 	const page_id_t block_id{block->page.id()};
 	const page_id_t	prev_id(block_id.space(), prev_page_no);
-	dberr_t err;
 	buf_block_t* prev_block
-		= buf_page_get_gen(prev_id, 0, RW_NO_LATCH, nullptr,
-				   BUF_PEEK_IF_IN_POOL, mtr, &err);
-	/* Since we already held an x-latch on prev_block, it must
-	be available and not be corrupted unless the buffer pool got
-	corrupted somehow. */
+		= mtr->get_already_latched(prev_id, MTR_MEMO_PAGE_X_FIX);
 	if (UNIV_UNLIKELY(!prev_block)) {
-		return err;
+		return DB_CORRUPTION;
 	}
 	ut_ad(!memcmp_aligned<4>(prev_block->page.frame + FIL_PAGE_NEXT,
 				 block->page.frame + FIL_PAGE_OFFSET, 4));
 
-	/* We must already have an x-latch on prev_block! */
-	ut_ad(mtr->memo_contains_flagged(prev_block, MTR_MEMO_PAGE_X_FIX));
-
 	lock_rec_reset_and_inherit_gap_locks(*prev_block, block_id,
 					     PAGE_HEAP_NO_SUPREMUM,
 					     page_rec_get_heap_no(rec));
@@ -6660,6 +6675,10 @@ btr_copy_blob_prefix(
 			mtr.commit();
 			return copied_len;
 		}
+		if (!buf_page_make_young_if_needed(&block->page)) {
+			buf_read_ahead_linear(id, 0, false);
+		}
+
 		page = buf_block_get_frame(block);
 
 		blob_header = page + offset;
diff --git a/storage/innobase/btr/btr0pcur.cc b/storage/innobase/btr/btr0pcur.cc
index 54dd15ac..2131fb94 100644
--- a/storage/innobase/btr/btr0pcur.cc
+++ b/storage/innobase/btr/btr0pcur.cc
@@ -25,9 +25,10 @@ Created 2/23/1996 Heikki Tuuri
 *******************************************************/
 
 #include "btr0pcur.h"
-#include "ut0byte.h"
+#include "buf0rea.h"
 #include "rem0cmp.h"
 #include "trx0trx.h"
+#include "ibuf0ibuf.h"
 
 /**************************************************************//**
 Resets a persistent cursor object, freeing ::old_rec_buf if it is
@@ -261,13 +262,15 @@ static bool btr_pcur_optimistic_latch_leaves(buf_block_t *block,
         buf_page_get_gen(page_id_t(id.space(), left_page_no), zip_size,
                          mode, nullptr, BUF_GET_POSSIBLY_FREED, mtr);
 
-      if (left_block &&
-          btr_page_get_next(left_block->page.frame) != id.page_no())
+      if (!left_block);
+      else if (btr_page_get_next(left_block->page.frame) != id.page_no())
       {
 release_left_block:
         mtr->release_last_page();
         return false;
       }
+      else
+        buf_page_make_young_if_needed(&left_block->page);
     }
 
     if (buf_page_optimistic_get(mode, block, pcur->modify_clock, mtr))
@@ -539,10 +542,11 @@ btr_pcur_move_to_next_page(
 	}
 
 	dberr_t err;
+        bool first_access = false;
 	buf_block_t* next_block = btr_block_get(
 		*cursor->index(), next_page_no,
 		rw_lock_type_t(cursor->latch_mode & (RW_X_LATCH | RW_S_LATCH)),
-		page_is_leaf(page), mtr, &err);
+		page_is_leaf(page), mtr, &err, &first_access);
 
 	if (UNIV_UNLIKELY(!next_block)) {
 		return err;
@@ -561,6 +565,11 @@ btr_pcur_move_to_next_page(
 
 	const auto s = mtr->get_savepoint();
 	mtr->rollback_to_savepoint(s - 2, s - 1);
+	if (first_access) {
+		buf_read_ahead_linear(next_block->page.id(),
+				      next_block->zip_size(),
+				      ibuf_inside(mtr));
+	}
 	return DB_SUCCESS;
 }
 
diff --git a/storage/innobase/btr/btr0sea.cc b/storage/innobase/btr/btr0sea.cc
index 8435047c..1c5928c4 100644
--- a/storage/innobase/btr/btr0sea.cc
+++ b/storage/innobase/btr/btr0sea.cc
@@ -1143,7 +1143,6 @@ block_and_ahi_release_and_fail:
 	}
 
 	block->page.fix();
-	block->page.set_accessed();
 	buf_page_make_young_if_needed(&block->page);
 	static_assert(ulint{MTR_MEMO_PAGE_S_FIX} == ulint{BTR_SEARCH_LEAF},
 		      "");
diff --git a/storage/innobase/buf/buf0buf.cc b/storage/innobase/buf/buf0buf.cc
index 8ef18ee0..23b5b776 100644
--- a/storage/innobase/buf/buf0buf.cc
+++ b/storage/innobase/buf/buf0buf.cc
@@ -404,7 +404,7 @@ static bool buf_page_decrypt_after_read(buf_page_t *bpage,
 
 	if (id.space() == SRV_TMP_SPACE_ID
 	    && innodb_encrypt_temporary_tables) {
-		slot = buf_pool.io_buf_reserve();
+		slot = buf_pool.io_buf_reserve(false);
 		slot->allocate();
 		bool ok = buf_tmp_page_decrypt(slot->crypt_buf, dst_frame);
 		slot->release();
@@ -426,7 +426,7 @@ decompress:
 			return false;
 		}
 
-		slot = buf_pool.io_buf_reserve();
+		slot = buf_pool.io_buf_reserve(false);
 		slot->allocate();
 
 decompress_with_slot:
@@ -449,7 +449,7 @@ decrypt_failed:
 			return false;
 		}
 
-		slot = buf_pool.io_buf_reserve();
+		slot = buf_pool.io_buf_reserve(false);
 		slot->allocate();
 
 		/* decrypt using crypt_buf to dst_frame */
@@ -742,6 +742,205 @@ bool buf_page_is_corrupted(bool check_lsn, const byte *read_buf,
 
 #ifndef UNIV_INNOCHECKSUM
 
+#ifdef __linux__
+#include <poll.h>
+#include <sys/eventfd.h>
+#include <fstream>
+
+/** Memory Pressure
+
+based off https://www.kernel.org/doc/html/latest/accounting/psi.html#pressure-interface
+and https://www.kernel.org/doc/html/latest/admin-guide/cgroup-v2.html#memory */
+class mem_pressure
+{
+  /* triggers + eventfd */
+  struct pollfd m_fds[3];
+  nfds_t m_num_fds;
+  int m_event_fd= -1;
+  Atomic_relaxed<bool> m_abort= false;
+
+  std::thread m_thd;
+  /* mem pressure garbage collection restricted to interval */
+  static constexpr ulonglong max_interval_us= 60*1000000;
+
+public:
+  mem_pressure() : m_num_fds(0) {}
+
+  bool setup()
+  {
+    static_assert(array_elements(m_fds) == (array_elements(m_triggers) + 1),
+                  "insufficient fds");
+    std::string memcgroup{"/sys/fs/cgroup"};
+    std::string cgroup;
+    {
+      std::ifstream selfcgroup("/proc/self/cgroup");
+      std::getline(selfcgroup, cgroup, '\n');
+    }
+
+    cgroup.erase(0, 3); // Remove "0::"
+    memcgroup+= cgroup + "/memory.pressure";
+
+    m_num_fds= 0;
+    for (auto trig= std::begin(m_triggers); trig!= std::end(m_triggers); ++trig)
+    {
+      if ((m_fds[m_num_fds].fd=
+             open(memcgroup.c_str(), O_RDWR | O_NONBLOCK | O_CLOEXEC)) < 0)
+      {
+        /* User can't do anything about it, no point giving warning */
+        shutdown();
+        return false;
+      }
+      my_register_filename(m_fds[m_num_fds].fd, memcgroup.c_str(), FILE_BY_OPEN, 0, MYF(0));
+      ssize_t slen= strlen(*trig);
+      if (write(m_fds[m_num_fds].fd, *trig, slen) < slen)
+      {
+        /* we may fail this one, but continue to the next */
+        my_close(m_fds[m_num_fds].fd, MYF(MY_WME));
+        continue;
+      }
+      m_fds[m_num_fds].events= POLLPRI;
+      m_num_fds++;
+    }
+    if (m_num_fds < 1)
+      return false;
+
+    if ((m_event_fd= eventfd(0, EFD_CLOEXEC|EFD_NONBLOCK)) == -1)
+    {
+      /* User can't do anything about it, no point giving warning */
+      shutdown();
+      return false;
+    }
+    my_register_filename(m_event_fd, "mem_pressure_eventfd", FILE_BY_DUP, 0, MYF(0));
+    m_fds[m_num_fds].fd= m_event_fd;
+    m_fds[m_num_fds].events= POLLIN;
+    m_num_fds++;
+    m_thd= std::thread(pressure_routine, this);
+    sql_print_information("InnoDB: Initialized memory pressure event listener");
+    return true;
+  }
+
+  void shutdown()
+  {
+    /* m_event_fd is in this list */
+    while (m_num_fds)
+    {
+      m_num_fds--;
+      my_close(m_fds[m_num_fds].fd, MYF(MY_WME));
+      m_fds[m_num_fds].fd= -1;
+    }
+  }
+
+  static void pressure_routine(mem_pressure *m);
+
+#ifdef UNIV_DEBUG
+  void trigger_collection()
+  {
+    uint64_t u= 1;
+    if (m_event_fd >=0 && write(m_event_fd, &u, sizeof(uint64_t)) != sizeof(uint64_t))
+      sql_print_information("InnoDB: (Debug) Failed to trigger memory pressure");
+    else /* assumed failed to meet intialization criteria, so trigger directy */
+      buf_pool.garbage_collect();
+  }
+#endif
+
+  void quit()
+  {
+    uint64_t u= 1;
+    m_abort= true;
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wunused-result"
+    /* return result ignored, cannot do anything with it */
+    write(m_event_fd, &u, sizeof(uint64_t));
+#pragma GCC diagnostic pop
+  }
+
+  void join()
+  {
+    if (m_thd.joinable())
+    {
+      quit();
+      m_thd.join();
+    }
+  }
+
+  static const char* const m_triggers[2];
+};
+
+
+/*
+  ref: https://docs.kernel.org/accounting/psi.html
+  maximum window size (second number) 10 seconds.
+  window size in multiples of 2 second interval required (for Unprivileged)
+  Time is in usec.
+*/
+const char* const mem_pressure::m_triggers[]=
+  {"some 5000000 10000000", /* 5s out of 10s */
+   "full 10000 2000000"}; /* 10ms out of 2s */
+
+static mem_pressure mem_pressure_obj;
+
+void mem_pressure::pressure_routine(mem_pressure *m)
+{
+  DBUG_ASSERT(m == &mem_pressure_obj);
+  if (my_thread_init())
+  {
+    m->shutdown();
+    return;
+  }
+
+  ulonglong last= microsecond_interval_timer() - max_interval_us;
+  while (!m->m_abort)
+  {
+    if (poll(&m->m_fds[0], m->m_num_fds, -1) < 0)
+    {
+      if (errno == EINTR)
+        continue;
+      else
+        break;
+    }
+    if (!m->m_abort)
+      break;
+
+    for (pollfd &p : st_::span<pollfd>(m->m_fds, m->m_num_fds))
+    {
+      if (p.revents & POLLPRI)
+      {
+        ulonglong now= microsecond_interval_timer();
+        if ((now - last) > max_interval_us)
+        {
+          last= now;
+          buf_pool.garbage_collect();
+        }
+      }
+
+#ifdef UNIV_DEBUG
+      if (p.revents & POLLIN)
+      {
+        uint64_t u;
+        /* we haven't aborted, so this must be a debug trigger */
+        if (read(p.fd, &u, sizeof(u)) >=0)
+          buf_pool.garbage_collect();
+      }
+#endif
+    }
+  }
+  m->shutdown();
+
+  my_thread_end();
+}
+
+/** Initialize mem pressure. */
+ATTRIBUTE_COLD void buf_mem_pressure_detect_init()
+{
+  mem_pressure_obj.setup();
+}
+
+ATTRIBUTE_COLD void buf_mem_pressure_shutdown()
+{
+  mem_pressure_obj.join();
+}
+#endif /* __linux__ */
+
 #if defined(DBUG_OFF) && defined(HAVE_MADVISE) &&  defined(MADV_DODUMP)
 /** Enable buffers to be dumped to core files
 
@@ -1099,6 +1298,11 @@ bool buf_pool_t::create()
   chunk_t::map_ref= chunk_t::map_reg;
   buf_LRU_old_ratio_update(100 * 3 / 8, false);
   btr_search_sys_create();
+
+#ifdef __linux__
+  if (srv_operation == SRV_OPERATION_NORMAL)
+    buf_mem_pressure_detect_init();
+#endif
   ut_ad(is_initialised());
   return false;
 }
@@ -1300,14 +1504,17 @@ void buf_pool_t::io_buf_t::close()
   n_slots= 0;
 }
 
-buf_tmp_buffer_t *buf_pool_t::io_buf_t::reserve()
+buf_tmp_buffer_t *buf_pool_t::io_buf_t::reserve(bool wait_for_reads)
 {
   for (;;)
   {
     for (buf_tmp_buffer_t *s= slots, *e= slots + n_slots; s != e; s++)
       if (s->acquire())
         return s;
+    buf_dblwr.flush_buffered_writes();
     os_aio_wait_until_no_pending_writes(true);
+    if (!wait_for_reads)
+      continue;
     for (buf_tmp_buffer_t *s= slots, *e= slots + n_slots; s != e; s++)
       if (s->acquire())
         return s;
@@ -1536,6 +1743,7 @@ struct find_interesting_trx
 inline void buf_pool_t::resize()
 {
   ut_ad(this == &buf_pool);
+  ut_ad(srv_shutdown_state < SRV_SHUTDOWN_CLEANUP);
 
 	bool		warning = false;
 
@@ -1878,6 +2086,100 @@ calc_buf_pool_size:
 	return;
 }
 
+#ifdef __linux__
+inline void buf_pool_t::garbage_collect()
+{
+  mysql_mutex_lock(&mutex);
+  size_t freed= 0;
+
+#ifdef BTR_CUR_HASH_ADAPT
+  /* buf_LRU_free_page() will temporarily release and reacquire
+  buf_pool.mutex for invoking btr_search_drop_page_hash_index(). Thus,
+  we must protect ourselves with the hazard pointer. */
+rescan:
+#else
+  lru_hp.set(nullptr);
+#endif
+  for (buf_page_t *bpage= UT_LIST_GET_LAST(LRU), *prev; bpage; bpage= prev)
+  {
+    prev= UT_LIST_GET_PREV(LRU, bpage);
+#ifdef BTR_CUR_HASH_ADAPT
+    lru_hp.set(prev);
+#endif
+    auto state= bpage->state();
+    ut_ad(state >= buf_page_t::FREED);
+    ut_ad(bpage->in_LRU_list);
+
+    /* We try to free any pages that can be freed without writing out
+    anything. */
+    switch (bpage->oldest_modification()) {
+    case 0:
+    try_to_evict:
+      if (buf_LRU_free_page(bpage, true))
+      {
+      evicted:
+        freed++;
+#ifdef BTR_CUR_HASH_ADAPT
+        bpage= prev;
+        prev= lru_hp.get();
+        if (!prev && bpage)
+          goto rescan;
+#endif
+      }
+      continue;
+    case 1:
+      break;
+    default:
+      if (state >= buf_page_t::UNFIXED)
+        continue;
+    }
+
+    if (state < buf_page_t::READ_FIX && bpage->lock.u_lock_try(true))
+    {
+      ut_ad(!bpage->is_io_fixed());
+      lsn_t oldest_modification= bpage->oldest_modification();
+      switch (oldest_modification) {
+      case 1:
+        mysql_mutex_lock(&flush_list_mutex);
+        oldest_modification= bpage->oldest_modification();
+        if (oldest_modification)
+        {
+          ut_ad(oldest_modification == 1);
+          delete_from_flush_list(bpage);
+        }
+        mysql_mutex_unlock(&flush_list_mutex);
+        /* fall through */
+      case 0:
+        bpage->lock.u_unlock(true);
+        goto try_to_evict;
+      default:
+        if (bpage->state() < buf_page_t::UNFIXED &&
+            oldest_modification <= log_sys.get_flushed_lsn())
+        {
+          release_freed_page(bpage);
+          goto evicted;
+        }
+        else
+          bpage->lock.u_unlock(true);
+      }
+    }
+  }
+
+#if defined MADV_FREE
+  /* FIXME: Issue fewer calls for larger contiguous blocks of
+  memory. For now, we assume that this is acceptable, because this
+  code should be executed rarely. */
+  for (buf_page_t *bpage= UT_LIST_GET_FIRST(free); bpage;
+       bpage= UT_LIST_GET_NEXT(list, bpage))
+    madvise(bpage->frame, srv_page_size, MADV_FREE);
+#endif
+  mysql_mutex_unlock(&mutex);
+  sql_print_information("InnoDB: Memory pressure event freed %zu pages",
+                        freed);
+  return;
+}
+#endif /* __linux__ */
+
 /** Thread pool task invoked by innodb_buffer_pool_size changes. */
 static void buf_resize_callback(void *)
 {
@@ -1906,12 +2208,23 @@ static tpool::waitable_task buf_resize_task(buf_resize_callback,
 
 void buf_resize_start()
 {
-	srv_thread_pool->submit_task(&buf_resize_task);
+#if !defined(DBUG_OFF) && defined(__linux__)
+  DBUG_EXECUTE_IF("trigger_garbage_collection",
+  {
+    mem_pressure_obj.trigger_collection();
+  }
+  );
+#endif
+
+  srv_thread_pool->submit_task(&buf_resize_task);
 }
 
 void buf_resize_shutdown()
 {
-	buf_resize_task.wait();
+#ifdef __linux__
+  buf_mem_pressure_shutdown();
+#endif
+  buf_resize_task.wait();
 }
 
 
@@ -2220,14 +2533,21 @@ lookup:
 
       if (discard_attempted || !bpage->frame)
       {
-        /* Even when we are holding a hash_lock, it should be
-        acceptable to wait for a page S-latch here, because
-        buf_page_t::read_complete() will not wait for buf_pool.mutex,
-        and because S-latch would not conflict with a U-latch
-        that would be protecting buf_page_t::write_complete(). */
-        bpage->lock.s_lock();
+        const bool got_s_latch= bpage->lock.s_lock_try();
         hash_lock.unlock_shared();
-        break;
+        if (UNIV_LIKELY(got_s_latch))
+          break;
+        /* We may fail to acquire bpage->lock because
+        buf_page_t::read_complete() may be invoking
+        buf_pool_t::corrupted_evict() on this block, which it would
+        hold an exclusive latch on.
+
+        Let us aqcuire and release buf_pool.mutex to ensure that any
+        buf_pool_t::corrupted_evict() will proceed before we reacquire
+        the hash_lock that it could be waiting for. */
+        mysql_mutex_lock(&buf_pool.mutex);
+        mysql_mutex_unlock(&buf_pool.mutex);
+        goto lookup;
       }
 
       hash_lock.unlock_shared();
@@ -2246,7 +2566,6 @@ lookup:
     ut_ad(s < buf_page_t::READ_FIX || s >= buf_page_t::WRITE_FIX);
   }
 
-  bpage->set_accessed();
   buf_page_make_young_if_needed(bpage);
 
 #ifdef UNIV_DEBUG
@@ -2873,18 +3192,6 @@ get_latch_valid:
 		ut_ad(page_id_t(page_get_space_id(block->page.frame),
 				page_get_page_no(block->page.frame))
 		      == page_id);
-
-		if (mode == BUF_GET_POSSIBLY_FREED
-		    || mode == BUF_PEEK_IF_IN_POOL) {
-			return block;
-		}
-
-		const bool not_first_access{block->page.set_accessed()};
-		buf_page_make_young_if_needed(&block->page);
-		if (!not_first_access) {
-			buf_read_ahead_linear(page_id, block->zip_size(),
-					      ibuf_inside(mtr));
-		}
 	}
 
 	return block;
@@ -3057,7 +3364,6 @@ bool buf_page_optimistic_get(ulint rw_latch, buf_block_t *block,
 
     block->page.fix();
     ut_ad(!block->page.is_read_fixed());
-    block->page.set_accessed();
     buf_page_make_young_if_needed(&block->page);
     mtr->memo_push(block, mtr_memo_type_t(rw_latch));
   }
diff --git a/storage/innobase/buf/buf0dblwr.cc b/storage/innobase/buf/buf0dblwr.cc
index e9aea355..e2702adc 100644
--- a/storage/innobase/buf/buf0dblwr.cc
+++ b/storage/innobase/buf/buf0dblwr.cc
@@ -336,11 +336,14 @@ func_exit:
     os_file_flush(file);
   }
   else
-    for (ulint i= 0; i < size * 2; i++, page += srv_page_size)
-      if (mach_read_from_8(my_assume_aligned<8>(page + FIL_PAGE_LSN)))
-        /* Each valid page header must contain a nonzero FIL_PAGE_LSN field. */
+  {
+    alignas(8) char checkpoint[8];
+    mach_write_to_8(checkpoint, log_sys.next_checkpoint_lsn);
+    for (auto i= size * 2; i--; page += srv_page_size)
+      if (memcmp_aligned<8>(page + FIL_PAGE_LSN, checkpoint, 8) >= 0)
+        /* Valid pages are not older than the log checkpoint. */
         recv_sys.dblwr.add(page);
-
+  }
   err= DB_SUCCESS;
   goto func_exit;
 }
diff --git a/storage/innobase/buf/buf0dump.cc b/storage/innobase/buf/buf0dump.cc
index 957632db..cc51f8c6 100644
--- a/storage/innobase/buf/buf0dump.cc
+++ b/storage/innobase/buf/buf0dump.cc
@@ -33,7 +33,7 @@ Created April 08, 2011 Vasil Dimov
 
 #include "buf0rea.h"
 #include "buf0dump.h"
-#include "dict0dict.h"
+#include "dict0load.h"
 #include "os0file.h"
 #include "srv0srv.h"
 #include "srv0start.h"
@@ -180,7 +180,7 @@ static void buf_dump_generate_path(char *path, size_t path_size)
 	char	buf[FN_REFLEN];
 
 	mysql_mutex_lock(&LOCK_global_system_variables);
-	snprintf(buf, sizeof buf, "%s/%s", get_buf_dump_dir(),
+	snprintf(buf, sizeof buf, "%s" FN_ROOTDIR "%s", get_buf_dump_dir(),
 		 srv_buf_dump_filename);
 	mysql_mutex_unlock(&LOCK_global_system_variables);
 
@@ -214,7 +214,7 @@ static void buf_dump_generate_path(char *path, size_t path_size)
 			format = "%s%s";
 			break;
 		default:
-			format = "%s/%s";
+			format = "%s" FN_ROOTDIR "%s";
 		}
 
 		snprintf(path, path_size, format,
@@ -562,6 +562,22 @@ buf_load()
 
 	if (!SHUTTING_DOWN()) {
 		std::sort(dump, dump + dump_n);
+		std::set<uint32_t> missing;
+		for (const page_id_t id : st_::span<const page_id_t>
+		       (dump, dump_n)) {
+			missing.emplace(id.space());
+		}
+		for (std::set<uint32_t>::iterator i = missing.begin();
+		     i != missing.end(); ) {
+			auto j = i++;
+			if (fil_space_t* space = fil_space_t::get(*j)) {
+				space->release();
+				missing.erase(j);
+			}
+		}
+		if (!missing.empty()) {
+			dict_check_tablespaces_and_store_max_id(&missing);
+		}
 	}
 
 	/* Avoid calling the expensive fil_space_t::get() for each
diff --git a/storage/innobase/buf/buf0flu.cc b/storage/innobase/buf/buf0flu.cc
index b6357989..d4628985 100644
--- a/storage/innobase/buf/buf0flu.cc
+++ b/storage/innobase/buf/buf0flu.cc
@@ -655,7 +655,7 @@ static byte *buf_page_encrypt(fil_space_t* space, buf_page_t* bpage, byte* s,
 
   ut_ad(!bpage->zip_size() || !page_compressed);
   /* Find free slot from temporary memory array */
-  *slot= buf_pool.io_buf_reserve();
+  *slot= buf_pool.io_buf_reserve(true);
   ut_a(*slot);
   (*slot)->allocate();
 
@@ -754,16 +754,20 @@ bool buf_page_t::flush(bool evict, fil_space_t *space)
   ut_ad(space->referenced());
 
   const auto s= state();
-  ut_a(s >= FREED);
+
+  const lsn_t lsn=
+    mach_read_from_8(my_assume_aligned<8>
+                     (FIL_PAGE_LSN + (zip.data ? zip.data : frame)));
+  ut_ad(lsn
+        ? lsn >= oldest_modification() || oldest_modification() == 2
+        : space->purpose != FIL_TYPE_TABLESPACE);
 
   if (s < UNFIXED)
   {
+    ut_a(s >= FREED);
     if (UNIV_LIKELY(space->purpose == FIL_TYPE_TABLESPACE))
     {
-      const lsn_t lsn=
-        mach_read_from_8(my_assume_aligned<8>
-                         (FIL_PAGE_LSN + (zip.data ? zip.data : frame)));
-      ut_ad(lsn >= oldest_modification());
+    freed:
       if (lsn > log_sys.get_flushed_lsn())
       {
         mysql_mutex_unlock(&buf_pool.mutex);
@@ -775,6 +779,12 @@ bool buf_page_t::flush(bool evict, fil_space_t *space)
     return false;
   }
 
+  if (UNIV_UNLIKELY(lsn < space->get_create_lsn()))
+  {
+    ut_ad(space->purpose == FIL_TYPE_TABLESPACE);
+    goto freed;
+  }
+
   ut_d(const auto f=) zip.fix.fetch_add(WRITE_FIX - UNFIXED);
   ut_ad(f >= UNFIXED);
   ut_ad(f < READ_FIX);
@@ -869,15 +879,9 @@ bool buf_page_t::flush(bool evict, fil_space_t *space)
 
   if ((s & LRU_MASK) == REINIT || !space->use_doublewrite())
   {
-    if (UNIV_LIKELY(space->purpose == FIL_TYPE_TABLESPACE))
-    {
-      const lsn_t lsn=
-        mach_read_from_8(my_assume_aligned<8>(FIL_PAGE_LSN +
-                                              (write_frame ? write_frame
-                                               : frame)));
-      ut_ad(lsn >= oldest_modification());
+    if (UNIV_LIKELY(space->purpose == FIL_TYPE_TABLESPACE) &&
+        lsn > log_sys.get_flushed_lsn())
       log_write_up_to(lsn, true);
-    }
     space->io(IORequest{type, this, slot}, physical_offset(), size,
               write_frame, this);
   }
@@ -1057,11 +1061,25 @@ static ulint buf_flush_try_neighbors(fil_space_t *space,
                                      bool contiguous, bool evict,
                                      ulint n_flushed, ulint n_to_flush)
 {
-  mysql_mutex_unlock(&buf_pool.mutex);
-
   ut_ad(space->id == page_id.space());
   ut_ad(bpage->id() == page_id);
 
+  {
+    const lsn_t lsn=
+      mach_read_from_8(my_assume_aligned<8>
+                       (FIL_PAGE_LSN +
+                        (bpage->zip.data ? bpage->zip.data : bpage->frame)));
+    ut_ad(lsn >= bpage->oldest_modification());
+    if (UNIV_UNLIKELY(lsn < space->get_create_lsn()))
+    {
+      ut_a(!bpage->flush(evict, space));
+      mysql_mutex_unlock(&buf_pool.mutex);
+      return 0;
+    }
+  }
+
+  mysql_mutex_unlock(&buf_pool.mutex);
+
   ulint count= 0;
   page_id_t id= page_id;
   page_id_t high= buf_flush_check_neighbors(*space, id, contiguous, evict);
@@ -1741,6 +1759,28 @@ ulint buf_flush_LRU(ulint max_n, bool evict)
     buf_pool.try_LRU_scan= true;
     pthread_cond_broadcast(&buf_pool.done_free);
   }
+  else if (!pages && !buf_pool.try_LRU_scan &&
+           !buf_pool.LRU_warned.test_and_set(std::memory_order_acquire))
+  {
+    /* For example, with the minimum innodb_buffer_pool_size=5M and
+    the default innodb_page_size=16k there are only a little over 316
+    pages in the buffer pool. The buffer pool can easily be exhausted
+    by a workload of some dozen concurrent connections. The system could
+    reach a deadlock like the following:
+
+    (1) Many threads are waiting in buf_LRU_get_free_block()
+    for buf_pool.done_free.
+    (2) Some threads are waiting for a page latch which is held by
+    another thread that is waiting in buf_LRU_get_free_block().
+    (3) This thread is the only one that could make progress, but
+    we fail to do so because all the pages that we scanned are
+    buffer-fixed or latched by some thread. */
+    sql_print_warning("InnoDB: Could not free any blocks in the buffer pool!"
+                      " %zu blocks are in use and %zu free."
+                      " Consider increasing innodb_buffer_pool_size.",
+                      UT_LIST_GET_LEN(buf_pool.LRU),
+                      UT_LIST_GET_LEN(buf_pool.free));
+  }
 
   return pages;
 }
@@ -2124,6 +2164,8 @@ ATTRIBUTE_COLD void buf_flush_ahead(lsn_t lsn, bool furious)
       limit= lsn;
       buf_pool.page_cleaner_set_idle(false);
       pthread_cond_signal(&buf_pool.do_flush_list);
+      if (furious)
+        log_sys.set_check_for_checkpoint();
     }
     mysql_mutex_unlock(&buf_pool.flush_list_mutex);
   }
@@ -2371,11 +2413,19 @@ func_exit:
 	goto func_exit;
 }
 
+TPOOL_SUPPRESS_TSAN
+bool buf_pool_t::need_LRU_eviction() const
+{
+  /* try_LRU_scan==false means that buf_LRU_get_free_block() is waiting
+  for buf_flush_page_cleaner() to evict some blocks */
+  return UNIV_UNLIKELY(!try_LRU_scan ||
+                       (UT_LIST_GET_LEN(LRU) > BUF_LRU_MIN_LEN &&
+                        UT_LIST_GET_LEN(free) < srv_LRU_scan_depth / 2));
+}
+
 #if defined __aarch64__&&defined __GNUC__&&__GNUC__==4&&!defined __clang__
-/* Avoid GCC 4.8.5 internal compiler error "could not split insn".
-We would only need this for buf_flush_page_cleaner(),
-but GCC 4.8.5 does not support pop_options. */
-# pragma GCC optimize ("O0")
+/* Avoid GCC 4.8.5 internal compiler error "could not split insn". */
+__attribute__((optimize(0)))
 #endif
 /** page_cleaner thread tasked with flushing dirty pages from the buffer
 pools. As of now we'll have only one coordinator. */
@@ -2409,21 +2459,24 @@ static void buf_flush_page_cleaner()
     }
 
     mysql_mutex_lock(&buf_pool.flush_list_mutex);
-    if (buf_pool.ran_out())
-      goto no_wait;
-    else if (srv_shutdown_state > SRV_SHUTDOWN_INITIATED)
-      break;
+    if (!buf_pool.need_LRU_eviction())
+    {
+      if (srv_shutdown_state > SRV_SHUTDOWN_INITIATED)
+        break;
 
-    if (buf_pool.page_cleaner_idle() &&
-        (!UT_LIST_GET_LEN(buf_pool.flush_list) ||
-         srv_max_dirty_pages_pct_lwm == 0.0))
-      /* We are idle; wait for buf_pool.page_cleaner_wakeup() */
-      my_cond_wait(&buf_pool.do_flush_list,
-                   &buf_pool.flush_list_mutex.m_mutex);
-    else
-      my_cond_timedwait(&buf_pool.do_flush_list,
-                        &buf_pool.flush_list_mutex.m_mutex, &abstime);
-  no_wait:
+      if (buf_pool.page_cleaner_idle() &&
+          (!UT_LIST_GET_LEN(buf_pool.flush_list) ||
+           srv_max_dirty_pages_pct_lwm == 0.0))
+      {
+        buf_pool.LRU_warned.clear(std::memory_order_release);
+        /* We are idle; wait for buf_pool.page_cleaner_wakeup() */
+        my_cond_wait(&buf_pool.do_flush_list,
+                     &buf_pool.flush_list_mutex.m_mutex);
+      }
+      else
+        my_cond_timedwait(&buf_pool.do_flush_list,
+                          &buf_pool.flush_list_mutex.m_mutex, &abstime);
+    }
     set_timespec(abstime, 1);
 
     lsn_limit= buf_flush_sync_lsn;
@@ -2445,9 +2498,9 @@ static void buf_flush_page_cleaner()
 
       do
       {
-        DBUG_EXECUTE_IF("ib_log_checkpoint_avoid", continue;);
-        DBUG_EXECUTE_IF("ib_log_checkpoint_avoid_hard", continue;);
-
+        IF_DBUG(if (_db_keyword_(nullptr, "ib_log_checkpoint_avoid", 1) ||
+                    _db_keyword_(nullptr, "ib_log_checkpoint_avoid_hard", 1))
+                  continue,);
         if (!recv_recovery_is_on() &&
             !srv_startup_is_before_trx_rollback_phase &&
             srv_operation <= SRV_OPERATION_EXPORT_RESTORED)
@@ -2455,7 +2508,7 @@ static void buf_flush_page_cleaner()
       }
       while (false);
 
-      if (!buf_pool.ran_out())
+      if (!buf_pool.need_LRU_eviction())
         continue;
       mysql_mutex_lock(&buf_pool.flush_list_mutex);
       oldest_lsn= buf_pool.get_oldest_modification(0);
@@ -2484,7 +2537,7 @@ static void buf_flush_page_cleaner()
       if (oldest_lsn >= soft_lsn_limit)
         buf_flush_async_lsn= soft_lsn_limit= 0;
     }
-    else if (buf_pool.ran_out())
+    else if (buf_pool.need_LRU_eviction())
     {
       buf_pool.page_cleaner_set_idle(false);
       buf_pool.n_flush_inc();
@@ -2549,10 +2602,11 @@ static void buf_flush_page_cleaner()
       else
       {
       maybe_unemployed:
-        const bool below{dirty_pct < pct_lwm};
-        pct_lwm= 0.0;
-        if (below)
+        if (dirty_pct < pct_lwm)
+        {
+          pct_lwm= 0.0;
           goto possibly_unemployed;
+        }
       }
     }
     else if (dirty_pct < srv_max_buf_pool_modified_pct)
@@ -2598,9 +2652,13 @@ static void buf_flush_page_cleaner()
                                    MONITOR_FLUSH_ADAPTIVE_PAGES,
                                    n_flushed);
     }
-    else if (buf_flush_async_lsn <= oldest_lsn)
+    else if (buf_flush_async_lsn <= oldest_lsn &&
+             !buf_pool.need_LRU_eviction())
       goto check_oldest_and_set_idle;
+    else
+      mysql_mutex_lock(&buf_pool.mutex);
 
+    n= srv_max_io_capacity;
     n= n >= n_flushed ? n - n_flushed : 0;
     goto LRU_flush;
   }
diff --git a/storage/innobase/buf/buf0lru.cc b/storage/innobase/buf/buf0lru.cc
index 65ee8fa3..2a8d6ff2 100644
--- a/storage/innobase/buf/buf0lru.cc
+++ b/storage/innobase/buf/buf0lru.cc
@@ -60,10 +60,6 @@ static constexpr ulint BUF_LRU_OLD_TOLERANCE = 20;
 frames in the buffer pool, we set this to TRUE */
 static bool buf_lru_switched_on_innodb_mon = false;
 
-/** True if diagnostic message about difficult to find free blocks
-in the buffer bool has already printed. */
-static bool	buf_lru_free_blocks_error_printed;
-
 /******************************************************************//**
 These statistics are not 'of' LRU but 'for' LRU.  We keep count of I/O
 and page_zip_decompress() operations.  Based on the statistics,
@@ -408,6 +404,7 @@ got_mutex:
 	buf_LRU_check_size_of_non_data_objects();
 	buf_block_t* block;
 
+	IF_DBUG(static bool buf_lru_free_blocks_error_printed,);
 	DBUG_EXECUTE_IF("ib_lru_force_no_free_page",
 		if (!buf_lru_free_blocks_error_printed) {
 			n_iterations = 21;
@@ -417,9 +414,25 @@ retry:
 	/* If there is a block in the free list, take it */
 	if ((block = buf_LRU_get_free_only()) != nullptr) {
 got_block:
+		const ulint LRU_size = UT_LIST_GET_LEN(buf_pool.LRU);
+		const ulint available = UT_LIST_GET_LEN(buf_pool.free);
+		const ulint scan_depth = srv_LRU_scan_depth / 2;
+		ut_ad(LRU_size <= BUF_LRU_MIN_LEN || available >= scan_depth
+		      || buf_pool.need_LRU_eviction());
+
 		if (!have_mutex) {
 			mysql_mutex_unlock(&buf_pool.mutex);
 		}
+
+		if (UNIV_UNLIKELY(available < scan_depth)
+		    && LRU_size > BUF_LRU_MIN_LEN) {
+			mysql_mutex_lock(&buf_pool.flush_list_mutex);
+			if (!buf_pool.page_cleaner_active()) {
+				buf_pool.page_cleaner_wakeup(true);
+			}
+			mysql_mutex_unlock(&buf_pool.flush_list_mutex);
+		}
+
 		block->page.zip.clear();
 		return block;
 	}
@@ -445,10 +458,11 @@ got_block:
 		if ((block = buf_LRU_get_free_only()) != nullptr) {
 			goto got_block;
 		}
+		const bool wake = buf_pool.need_LRU_eviction();
 		mysql_mutex_unlock(&buf_pool.mutex);
 		mysql_mutex_lock(&buf_pool.flush_list_mutex);
 		const auto n_flush = buf_pool.n_flush();
-		if (!buf_pool.try_LRU_scan) {
+		if (wake && !buf_pool.page_cleaner_active()) {
 			buf_pool.page_cleaner_wakeup(true);
 		}
 		mysql_mutex_unlock(&buf_pool.flush_list_mutex);
@@ -467,9 +481,10 @@ not_found:
 		MONITOR_INC( MONITOR_LRU_GET_FREE_WAITS );
 	}
 
-	if (n_iterations == 21 && !buf_lru_free_blocks_error_printed
-	    && srv_buf_pool_old_size == srv_buf_pool_size) {
-		buf_lru_free_blocks_error_printed = true;
+	if (n_iterations == 21
+	    && srv_buf_pool_old_size == srv_buf_pool_size
+	    && buf_pool.LRU_warned.test_and_set(std::memory_order_acquire)) {
+		IF_DBUG(buf_lru_free_blocks_error_printed = true,);
 		mysql_mutex_unlock(&buf_pool.mutex);
 		ib::warn() << "Difficult to find free blocks in the buffer pool"
 			" (" << n_iterations << " search iterations)! "
@@ -787,6 +802,14 @@ void buf_page_make_young(buf_page_t *bpage)
   mysql_mutex_unlock(&buf_pool.mutex);
 }
 
+bool buf_page_make_young_if_needed(buf_page_t *bpage)
+{
+  const bool not_first{bpage->set_accessed()};
+  if (UNIV_UNLIKELY(buf_page_peek_if_too_old(bpage)))
+    buf_page_make_young(bpage);
+  return not_first;
+}
+
 /** Try to free a block. If bpage is a descriptor of a compressed-only
 ROW_FORMAT=COMPRESSED page, the buf_page_t object will be freed as well.
 The caller must hold buf_pool.mutex.
diff --git a/storage/innobase/buf/buf0rea.cc b/storage/innobase/buf/buf0rea.cc
index c4f07738..9041c6a2 100644
--- a/storage/innobase/buf/buf0rea.cc
+++ b/storage/innobase/buf/buf0rea.cc
@@ -597,6 +597,12 @@ failed:
       uint32_t prev= mach_read_from_4(my_assume_aligned<4>(f + FIL_PAGE_PREV));
       uint32_t next= mach_read_from_4(my_assume_aligned<4>(f + FIL_PAGE_NEXT));
       hash_lock.unlock_shared();
+      /* The underlying file page of this buffer pool page could actually
+      be marked as freed, or a read of the page into the buffer pool might
+      be in progress. We may read uninitialized data here.
+      Suppress warnings of comparing uninitialized values. */
+      MEM_MAKE_DEFINED(&prev, sizeof prev);
+      MEM_MAKE_DEFINED(&next, sizeof next);
       if (prev == FIL_NULL || next == FIL_NULL)
         goto fail;
       page_id_t id= page_id;
diff --git a/storage/innobase/dict/dict0boot.cc b/storage/innobase/dict/dict0boot.cc
index 5516bce9..cb60d813 100644
--- a/storage/innobase/dict/dict0boot.cc
+++ b/storage/innobase/dict/dict0boot.cc
@@ -42,7 +42,10 @@ static constexpr page_id_t hdr_page_id{DICT_HDR_SPACE, DICT_HDR_PAGE_NO};
 static buf_block_t *dict_hdr_get(mtr_t *mtr)
 {
   /* We assume that the DICT_HDR page is always readable and available. */
-  return buf_page_get_gen(hdr_page_id, 0, RW_X_LATCH, nullptr, BUF_GET, mtr);
+  buf_block_t *b=
+    buf_page_get_gen(hdr_page_id, 0, RW_X_LATCH, nullptr, BUF_GET, mtr);
+  buf_page_make_young_if_needed(&b->page);
+  return b;
 }
 
 /**********************************************************************//**
diff --git a/storage/innobase/dict/dict0crea.cc b/storage/innobase/dict/dict0crea.cc
index cce5f2f2..dd858287 100644
--- a/storage/innobase/dict/dict0crea.cc
+++ b/storage/innobase/dict/dict0crea.cc
@@ -353,9 +353,6 @@ dict_build_table_def_step(
 
 	/* Always set this bit for all new created tables */
 	DICT_TF2_FLAG_SET(table, DICT_TF2_FTS_AUX_HEX_NAME);
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			DICT_TF2_FLAG_UNSET(table,
-					    DICT_TF2_FTS_AUX_HEX_NAME););
 
 	if (DICT_TF2_FLAG_IS_SET(table, DICT_TF2_USE_FILE_PER_TABLE)) {
 		/* This table will need a new tablespace. */
diff --git a/storage/innobase/dict/dict0dict.cc b/storage/innobase/dict/dict0dict.cc
index 5bc7ab6e..5d3cab17 100644
--- a/storage/innobase/dict/dict0dict.cc
+++ b/storage/innobase/dict/dict0dict.cc
@@ -2809,8 +2809,7 @@ dict_foreign_find_index(
 	for (dict_index_t* index = dict_table_get_first_index(table);
 	     index;
 	     index = dict_table_get_next_index(index)) {
-		if (types_idx != index
-		    && !index->to_be_dropped
+		if (!index->to_be_dropped
 		    && !dict_index_is_online_ddl(index)
 		    && dict_foreign_qualify_index(
 			    table, col_names, columns, n_cols,
@@ -3530,6 +3529,7 @@ dict_foreign_parse_drop_constraints(
 	const char*		ptr1;
 	const char*		id;
 	CHARSET_INFO*		cs;
+	bool			if_exists = false;
 
 	ut_a(trx->mysql_thd);
 
@@ -3583,6 +3583,7 @@ loop:
 		ptr1 = dict_accept(cs, ptr1, "EXISTS", &success);
 		if (success) {
 			ptr = ptr1;
+			if_exists = true;
 		}
 	}
 
@@ -3593,14 +3594,14 @@ loop:
 		goto syntax_error;
 	}
 
-	ut_a(*n < 1000);
-	(*constraints_to_drop)[*n] = id;
-	(*n)++;
-
 	if (std::find_if(table->foreign_set.begin(),
-			 table->foreign_set.end(),
-			 dict_foreign_matches_id(id))
-	    == table->foreign_set.end()) {
+			    table->foreign_set.end(),
+			    dict_foreign_matches_id(id))
+	        == table->foreign_set.end()) {
+
+		if (if_exists) {
+			goto loop;
+		}
 
 		if (!srv_read_only_mode) {
 			FILE*	ef = dict_foreign_err_file;
@@ -3622,6 +3623,9 @@ loop:
 		return(DB_CANNOT_DROP_CONSTRAINT);
 	}
 
+	ut_a(*n < 1000);
+	(*constraints_to_drop)[*n] = id;
+	(*n)++;
 	goto loop;
 
 syntax_error:
diff --git a/storage/innobase/dict/dict0load.cc b/storage/innobase/dict/dict0load.cc
index f769839d..e7735586 100644
--- a/storage/innobase/dict/dict0load.cc
+++ b/storage/innobase/dict/dict0load.cc
@@ -33,8 +33,8 @@ Created 4/24/1996 Heikki Tuuri
 #include "dict0boot.h"
 #include "dict0crea.h"
 #include "dict0dict.h"
-#include "dict0mem.h"
 #include "dict0stats.h"
+#include "ibuf0ibuf.h"
 #include "fsp0file.h"
 #include "fts0priv.h"
 #include "mach0data.h"
@@ -865,18 +865,30 @@ err_exit:
 	return READ_OK;
 }
 
-/** Check each tablespace found in the data dictionary.
-Then look at each table defined in SYS_TABLES that has a space_id > 0
-to find all the file-per-table tablespaces.
+/** @return SELECT MAX(space) FROM sys_tables */
+static uint32_t dict_find_max_space_id(btr_pcur_t *pcur, mtr_t *mtr)
+{
+  uint32_t max_space_id= 0;
 
-In a crash recovery we already have some tablespace objects created from
-processing the REDO log. We will compare the
-space_id information in the data dictionary to what we find in the
-tablespace file. In addition, more validation will be done if recovery
-was needed and force_recovery is not set.
+  for (const rec_t *rec= dict_startscan_system(pcur, mtr, dict_sys.sys_tables);
+       rec; rec= dict_getnext_system_low(pcur, mtr))
+    if (!dict_sys_tables_rec_check(rec))
+    {
+      ulint len;
+      const byte *field=
+        rec_get_nth_field_old(rec, DICT_FLD__SYS_TABLES__SPACE, &len);
+      ut_ad(len == 4);
+      max_space_id= std::max(max_space_id, mach_read_from_4(field));
+    }
+
+  return max_space_id;
+}
 
-We also scan the biggest space id, and store it to fil_system. */
-void dict_check_tablespaces_and_store_max_id()
+/** Check MAX(SPACE) FROM SYS_TABLES and store it in fil_system.
+Open each data file if an encryption plugin has been loaded.
+
+@param spaces  set of tablespace files to open */
+void dict_check_tablespaces_and_store_max_id(const std::set<uint32_t> *spaces)
 {
 	uint32_t	max_space_id = 0;
 	btr_pcur_t	pcur;
@@ -888,6 +900,12 @@ void dict_check_tablespaces_and_store_max_id()
 
 	dict_sys.lock(SRW_LOCK_CALL);
 
+	if (!spaces && ibuf.empty
+	    && !encryption_key_id_exists(FIL_DEFAULT_ENCRYPTION_KEY)) {
+		max_space_id = dict_find_max_space_id(&pcur, &mtr);
+		goto done;
+	}
+
 	for (const rec_t *rec = dict_startscan_system(&pcur, &mtr,
 						      dict_sys.sys_tables);
 	     rec; rec = dict_getnext_system_low(&pcur, &mtr)) {
@@ -919,14 +937,6 @@ void dict_check_tablespaces_and_store_max_id()
 			continue;
 		}
 
-		if (flags2 & DICT_TF2_DISCARDED) {
-			sql_print_information("InnoDB: Ignoring tablespace"
-					      " for %.*s because "
-					      "the DISCARD flag is set",
-					      static_cast<int>(len), field);
-			continue;
-		}
-
 		/* For tables or partitions using .ibd files, the flag
 		DICT_TF2_USE_FILE_PER_TABLE was not set in MIX_LEN
 		before MySQL 5.6.5. The flag should not have been
@@ -939,6 +949,19 @@ void dict_check_tablespaces_and_store_max_id()
 			continue;
 		}
 
+		if (spaces && spaces->find(uint32_t(space_id))
+                    == spaces->end()) {
+			continue;
+		}
+
+		if (flags2 & DICT_TF2_DISCARDED) {
+			sql_print_information("InnoDB: Ignoring tablespace"
+					      " for %.*s because "
+					      "the DISCARD flag is set",
+					      static_cast<int>(len), field);
+			continue;
+		}
+
 		const span<const char> name{field, len};
 
 		char*	filepath = fil_make_filepath(nullptr, name,
@@ -971,6 +994,7 @@ void dict_check_tablespaces_and_store_max_id()
 		ut_free(filepath);
 	}
 
+done:
 	mtr.commit();
 
 	fil_set_max_space_id_if_bigger(max_space_id);
@@ -2246,22 +2270,10 @@ dict_load_tablespace(
 	/* The tablespace may already be open. */
 	table->space = fil_space_for_table_exists_in_mem(table->space_id,
 							 table->flags);
-	if (table->space) {
+	if (table->space || table->file_unreadable) {
 		return;
 	}
 
-	if (ignore_err >= DICT_ERR_IGNORE_TABLESPACE) {
-		table->file_unreadable = true;
-		return;
-	}
-
-	if (!(ignore_err & DICT_ERR_IGNORE_RECOVER_LOCK)) {
-		ib::error() << "Failed to find tablespace for table "
-			<< table->name << " in the cache. Attempting"
-			" to load the tablespace with space id "
-			<< table->space_id;
-	}
-
 	/* Use the remote filepath if needed. This parameter is optional
 	in the call to fil_ibd_open(). If not supplied, it will be built
 	from the table->name. */
@@ -2284,6 +2296,12 @@ dict_load_tablespace(
 	if (!table->space) {
 		/* We failed to find a sensible tablespace file */
 		table->file_unreadable = true;
+
+		if (!(ignore_err & DICT_ERR_IGNORE_RECOVER_LOCK)) {
+			sql_print_error("InnoDB: Failed to load tablespace "
+					ULINTPF " for table %s",
+					table->space_id, table->name);
+		}
 	}
 
 	ut_free(filepath);
diff --git a/storage/innobase/dict/dict0stats.cc b/storage/innobase/dict/dict0stats.cc
index 40969335..f11187b9 100644
--- a/storage/innobase/dict/dict0stats.cc
+++ b/storage/innobase/dict/dict0stats.cc
@@ -752,16 +752,9 @@ dict_stats_empty_index(
 	}
 }
 
-/*********************************************************************//**
-Write all zeros (or 1 where it makes sense) into a table and its indexes'
-statistics members. The resulting stats correspond to an empty table. */
-static
-void
-dict_stats_empty_table(
-/*===================*/
-	dict_table_t*	table,	/*!< in/out: table */
+void dict_stats_empty_table(
+	dict_table_t*	table,
 	bool		empty_defrag_stats)
-				/*!< in: whether to empty defrag stats */
 {
 	/* Initialize table/index level stats is now protected by
 	table level lock_mutex.*/
diff --git a/storage/innobase/dict/dict0stats_bg.cc b/storage/innobase/dict/dict0stats_bg.cc
index a66aac22..b0c34dc6 100644
--- a/storage/innobase/dict/dict0stats_bg.cc
+++ b/storage/innobase/dict/dict0stats_bg.cc
@@ -69,6 +69,8 @@ static recalc_pool_t		recalc_pool;
 /** Whether the global data structures have been initialized */
 static bool			stats_initialised;
 
+static THD *dict_stats_thd;
+
 /*****************************************************************//**
 Free the resources occupied by the recalc pool, called once during
 thread de-initialization. */
@@ -90,6 +92,9 @@ static void dict_stats_recalc_pool_deinit()
 	defrag_pool_t defrag_empty_pool;
 	recalc_pool.swap(recalc_empty_pool);
 	defrag_pool.swap(defrag_empty_pool);
+
+	if (dict_stats_thd)
+		destroy_background_thd(dict_stats_thd);
 }
 
 /*****************************************************************//**
@@ -361,52 +366,50 @@ done:
   {
     ut_ad(i->state == recalc::IN_PROGRESS);
     recalc_pool.erase(i);
-    const bool reschedule= !update_now && recalc_pool.empty();
     if (err == DB_SUCCESS_LOCKED_REC)
       recalc_pool.emplace_back(recalc{table_id, recalc::IDLE});
     mysql_mutex_unlock(&recalc_pool_mutex);
-    if (reschedule)
-      dict_stats_schedule(MIN_RECALC_INTERVAL * 1000);
   }
 
   return update_now;
 }
 
-static tpool::timer* dict_stats_timer;
-static std::mutex dict_stats_mutex;
+/** Check if the recalc pool is empty. */
+static bool is_recalc_pool_empty()
+{
+  mysql_mutex_lock(&recalc_pool_mutex);
+  bool empty= recalc_pool.empty();
+  mysql_mutex_unlock(&recalc_pool_mutex);
+  return empty;
+}
 
+static tpool::timer* dict_stats_timer;
 static void dict_stats_func(void*)
 {
-  THD *thd= innobase_create_background_thd("InnoDB statistics");
-  set_current_thd(thd);
-  while (dict_stats_process_entry_from_recalc_pool(thd)) {}
-  dict_defrag_process_entries_from_defrag_pool(thd);
+  if (!dict_stats_thd)
+    dict_stats_thd= innobase_create_background_thd("InnoDB statistics");
+  set_current_thd(dict_stats_thd);
+
+  while (dict_stats_process_entry_from_recalc_pool(dict_stats_thd)) {}
+  dict_defrag_process_entries_from_defrag_pool(dict_stats_thd);
+
+  innobase_reset_background_thd(dict_stats_thd);
   set_current_thd(nullptr);
-  destroy_background_thd(thd);
+  if (!is_recalc_pool_empty())
+    dict_stats_schedule(MIN_RECALC_INTERVAL * 1000);
 }
 
 
 void dict_stats_start()
 {
-  std::lock_guard<std::mutex> lk(dict_stats_mutex);
-  if (!dict_stats_timer)
-    dict_stats_timer= srv_thread_pool->create_timer(dict_stats_func);
+  DBUG_ASSERT(!dict_stats_timer);
+  dict_stats_timer= srv_thread_pool->create_timer(dict_stats_func);
 }
 
 
 static void dict_stats_schedule(int ms)
 {
-  std::unique_lock<std::mutex> lk(dict_stats_mutex, std::defer_lock);
-  /*
-    Use try_lock() to avoid deadlock in dict_stats_shutdown(), which
-    uses dict_stats_mutex too. If there is simultaneous timer reschedule,
-    the first one will win, which is fine.
-  */
-  if (!lk.try_lock())
-  {
-    return;
-  }
-  if (dict_stats_timer)
+  if(dict_stats_timer)
     dict_stats_timer->set_time(ms,0);
 }
 
@@ -418,7 +421,6 @@ void dict_stats_schedule_now()
 /** Shut down the dict_stats_thread. */
 void dict_stats_shutdown()
 {
-  std::lock_guard<std::mutex> lk(dict_stats_mutex);
   delete dict_stats_timer;
   dict_stats_timer= 0;
 }
diff --git a/storage/innobase/fil/fil0fil.cc b/storage/innobase/fil/fil0fil.cc
index 8a88f4e2..bd0ace7c 100644
--- a/storage/innobase/fil/fil0fil.cc
+++ b/storage/innobase/fil/fil0fil.cc
@@ -341,8 +341,9 @@ static bool fil_node_open_file_low(fil_node_t *node)
   ut_ad(!node->is_open());
   ut_ad(node->space->is_closing());
   mysql_mutex_assert_owner(&fil_system.mutex);
-  ulint type;
   static_assert(((UNIV_ZIP_SIZE_MIN >> 1) << 3) == 4096, "compatibility");
+#if defined _WIN32 || defined HAVE_FCNTL_DIRECT
+  ulint type;
   switch (FSP_FLAGS_GET_ZIP_SSIZE(node->space->flags)) {
   case 1:
   case 2:
@@ -351,6 +352,9 @@ static bool fil_node_open_file_low(fil_node_t *node)
   default:
     type= OS_DATA_FILE;
   }
+#else
+  constexpr auto type= OS_DATA_FILE;
+#endif
 
   for (;;)
   {
@@ -560,7 +564,7 @@ fil_space_extend_must_retry(
 	ut_ad(UT_LIST_GET_LAST(space->chain) == node);
 	ut_ad(size >= FIL_IBD_FILE_INITIAL_SIZE);
 	ut_ad(node->space == space);
-	ut_ad(space->referenced() || space->is_being_truncated);
+	ut_ad(space->referenced());
 
 	*success = space->size >= size;
 
@@ -649,8 +653,7 @@ fil_space_extend_must_retry(
 	default:
 		ut_ad(space->purpose == FIL_TYPE_TABLESPACE
 		      || space->purpose == FIL_TYPE_IMPORT);
-		if (space->purpose == FIL_TYPE_TABLESPACE
-		    && !space->is_being_truncated) {
+		if (space->purpose == FIL_TYPE_TABLESPACE) {
 			goto do_flush;
 		}
 		break;
@@ -735,12 +738,10 @@ bool fil_space_extend(fil_space_t *space, uint32_t size)
   bool success= false;
   const bool acquired= space->acquire();
   mysql_mutex_lock(&fil_system.mutex);
-  if (acquired || space->is_being_truncated)
-  {
+  if (acquired)
     while (fil_space_extend_must_retry(space, UT_LIST_GET_LAST(space->chain),
                                        size, &success))
       mysql_mutex_lock(&fil_system.mutex);
-  }
   mysql_mutex_unlock(&fil_system.mutex);
   if (acquired)
     space->release();
@@ -1903,9 +1904,10 @@ fil_ibd_create(
 	mtr.flag_wr_unlock();
 	log_write_up_to(lsn, true);
 
-	ulint type;
 	static_assert(((UNIV_ZIP_SIZE_MIN >> 1) << 3) == 4096,
 		      "compatibility");
+#if defined _WIN32 || defined HAVE_FCNTL_DIRECT
+	ulint type;
 	switch (FSP_FLAGS_GET_ZIP_SSIZE(flags)) {
 	case 1:
 	case 2:
@@ -1914,6 +1916,9 @@ fil_ibd_create(
 	default:
 		type = OS_DATA_FILE;
 	}
+#else
+	constexpr auto type = OS_DATA_FILE;
+#endif
 
 	file = os_file_create(
 		innodb_data_file_key, path,
@@ -2184,8 +2189,6 @@ func_exit:
 			goto corrupted;
 		}
 
-		os_file_get_last_error(operation_not_for_export,
-				       !operation_not_for_export);
 		if (!operation_not_for_export) {
 			goto corrupted;
 		}
@@ -2448,21 +2451,15 @@ fil_ibd_load(uint32_t space_id, const char *filename, fil_space_t *&space)
 	mysql_mutex_unlock(&fil_system.mutex);
 
 	if (space) {
-		/* Compare the filename we are trying to open with the
-		filename from the first node of the tablespace we opened
-		previously. Fail if it is different. */
-		fil_node_t* node = UT_LIST_GET_FIRST(space->chain);
-		if (0 != strcmp(innobase_basename(filename),
-				innobase_basename(node->name))) {
-			ib::info()
-				<< "Ignoring data file '" << filename
-				<< "' with space ID " << space->id
-				<< ". Another data file called " << node->name
-				<< " exists with the same space ID.";
-			space = NULL;
-			return(FIL_LOAD_ID_CHANGED);
-		}
-		return(FIL_LOAD_OK);
+		sql_print_information("InnoDB: Ignoring data file '%s'"
+				      " with space ID " ULINTPF
+				      ". Another data file called %s"
+				      " exists"
+				      " with the same space ID.",
+				      filename, space->id,
+				      UT_LIST_GET_FIRST(space->chain)->name);
+		space = NULL;
+		return FIL_LOAD_ID_CHANGED;
 	}
 
 	if (srv_operation == SRV_OPERATION_RESTORE) {
@@ -3027,11 +3024,9 @@ fil_space_validate_for_mtr_commit(
 	ut_ad(!is_predefined_tablespace(space->id));
 
 	/* We are serving mtr_commit(). While there is an active
-	mini-transaction, we should have !space->stop_new_ops. This is
+	mini-transaction, we should have !space->is_stopping(). This is
 	guaranteed by meta-data locks or transactional locks. */
-	ut_ad(!space->is_stopping()
-	      || space->is_being_truncated /* fil_truncate_prepare() */
-	      || space->referenced());
+	ut_ad(!space->is_stopping() || space->referenced());
 }
 #endif /* UNIV_DEBUG */
 
@@ -3080,7 +3075,7 @@ ATTRIBUTE_NOINLINE ATTRIBUTE_COLD void mtr_t::name_write()
 and write out FILE_MODIFY if needed, and write FILE_CHECKPOINT.
 @param lsn  checkpoint LSN
 @return current LSN */
-lsn_t fil_names_clear(lsn_t lsn)
+ATTRIBUTE_COLD lsn_t fil_names_clear(lsn_t lsn)
 {
 	mtr_t	mtr;
 
diff --git a/storage/innobase/fil/fil0pagecompress.cc b/storage/innobase/fil/fil0pagecompress.cc
index 16aea2a7..eaf4e04a 100644
--- a/storage/innobase/fil/fil0pagecompress.cc
+++ b/storage/innobase/fil/fil0pagecompress.cc
@@ -49,11 +49,6 @@ Updated 14/02/2015
 #include "buf0lru.h"
 #include "ibuf0ibuf.h"
 #include "zlib.h"
-#ifdef __linux__
-#include <linux/fs.h>
-#include <sys/ioctl.h>
-#include <fcntl.h>
-#endif
 #include "row0mysql.h"
 #include "lz4.h"
 #include "lzo/lzo1x.h"
diff --git a/storage/innobase/fsp/fsp0file.cc b/storage/innobase/fsp/fsp0file.cc
index cafff419..1c20efcd 100644
--- a/storage/innobase/fsp/fsp0file.cc
+++ b/storage/innobase/fsp/fsp0file.cc
@@ -435,12 +435,22 @@ Datafile::validate_for_recovery()
 			return(err);
 		}
 
+		if (!m_space_id) {
+			m_space_id = recv_sys.dblwr.find_first_page(
+				m_filepath, m_handle);
+			if (m_space_id) {
+				m_defer= false;
+				goto free_first_page;
+			} else return err;
+		}
+
 		if (!m_defer) {
 			err = find_space_id();
 			if (err != DB_SUCCESS || m_space_id == 0) {
-				ib::error() << "Datafile '" << m_filepath
-					<< "' is corrupted. Cannot determine "
-					"the space ID from the first 64 pages.";
+				sql_print_error(
+					"InnoDB: Datafile '%s' is corrupted."
+					" Cannot determine the space ID from"
+					" the first 64 pages.", m_filepath);
 				return(err);
 			}
 		}
@@ -453,7 +463,7 @@ Datafile::validate_for_recovery()
 			m_space_id, m_filepath, m_handle)) {
 			return m_defer ? err : DB_CORRUPTION;
 		}
-
+free_first_page:
 		/* Free the previously read first page and then re-validate. */
 		free_first_page();
 		m_defer = false;
@@ -492,11 +502,11 @@ err_exit:
 			return DB_SUCCESS;
 		}
 
-		ib::info() << error_txt << " in datafile: " << m_filepath
-			<< ", Space ID:" << m_space_id  << ", Flags: "
-			<< m_flags;
+		sql_print_error("InnoDB: %s in datafile: %s, Space ID: "
+				UINT32PF ", " "Flags: " UINT32PF,
+				error_txt, m_filepath, m_space_id, m_flags);
 		m_is_valid = false;
-		return(DB_CORRUPTION);
+		return DB_CORRUPTION;
 	}
 
 	/* Check if the whole page is blank. */
diff --git a/storage/innobase/fsp/fsp0fsp.cc b/storage/innobase/fsp/fsp0fsp.cc
index 6c5c354e..87672a82 100644
--- a/storage/innobase/fsp/fsp0fsp.cc
+++ b/storage/innobase/fsp/fsp0fsp.cc
@@ -42,8 +42,6 @@ Created 11/29/1995 Heikki Tuuri
 #include "fsp0types.h"
 #include "log.h"
 
-typedef uint32_t page_no_t;
-
 /** Returns the first extent descriptor for a segment.
 We think of the extent lists of the segment catenated in the order
 FSEG_FULL -> FSEG_NOT_FULL -> FSEG_FREE.
@@ -332,7 +330,7 @@ xdes_t*
 xdes_get_descriptor_with_space_hdr(
 	buf_block_t*		header,
 	const fil_space_t*	space,
-	page_no_t		offset,
+	uint32_t		offset,
 	mtr_t*			mtr,
 	dberr_t*		err = nullptr,
 	buf_block_t**		desc_block = nullptr,
@@ -396,7 +394,7 @@ try to add new extents to the space free list
 @param[out]	err		error code
 @param[out]	xdes		extent descriptor page
 @return the extent descriptor */
-static xdes_t *xdes_get_descriptor(const fil_space_t *space, page_no_t offset,
+static xdes_t *xdes_get_descriptor(const fil_space_t *space, uint32_t offset,
                                    mtr_t *mtr, dberr_t *err= nullptr,
                                    buf_block_t **xdes= nullptr)
 {
@@ -842,8 +840,7 @@ fsp_fill_free_list(
       if (i)
       {
         buf_block_t *f= buf_LRU_get_free_block(false);
-        buf_block_t *block= buf_page_create(space, static_cast<uint32_t>(i),
-                               zip_size, mtr, f);
+        buf_block_t *block= buf_page_create(space, i, zip_size, mtr, f);
         if (UNIV_UNLIKELY(block != f))
           buf_pool.free_block(f);
         fsp_init_file_page(space, block, mtr);
@@ -855,9 +852,7 @@ fsp_fill_free_list(
       {
         buf_block_t *f= buf_LRU_get_free_block(false);
         buf_block_t *block=
-          buf_page_create(space,
-                          static_cast<uint32_t>(i + FSP_IBUF_BITMAP_OFFSET),
-                          zip_size, mtr, f);
+          buf_page_create(space, i + FSP_IBUF_BITMAP_OFFSET, zip_size, mtr, f);
         if (UNIV_UNLIKELY(block != f))
           buf_pool.free_block(f);
         fsp_init_file_page(space, block, mtr);
@@ -1028,40 +1023,13 @@ fsp_alloc_from_free_frag(buf_block_t *header, buf_block_t *xdes, xdes_t *descr,
 @param[in]	offset		page number of the allocated page
 @param[in,out]	mtr		mini-transaction
 @return block, initialized */
-static
-buf_block_t*
-fsp_page_create(fil_space_t *space, page_no_t offset, mtr_t *mtr)
+static buf_block_t* fsp_page_create(fil_space_t *space, uint32_t offset,
+                                    mtr_t *mtr)
 {
-  buf_block_t *block, *free_block;
-
-  if (UNIV_UNLIKELY(space->is_being_truncated))
-  {
-    const page_id_t page_id{space->id, offset};
-    buf_pool_t::hash_chain &chain= buf_pool.page_hash.cell_get(page_id.fold());
-    mysql_mutex_lock(&buf_pool.mutex);
-    block= reinterpret_cast<buf_block_t*>
-      (buf_pool.page_hash.get(page_id, chain));
-    if (block && block->page.oldest_modification() <= 1)
-      block= nullptr;
-    mysql_mutex_unlock(&buf_pool.mutex);
-
-    if (block)
-    {
-      ut_ad(block->page.buf_fix_count() >= 1);
-      ut_ad(block->page.lock.x_lock_count() == 1);
-      ut_ad(mtr->have_x_latch(*block));
-      free_block= block;
-      goto got_free_block;
-    }
-  }
-
-  free_block= buf_LRU_get_free_block(false);
-got_free_block:
-  block= buf_page_create(space, static_cast<uint32_t>(offset),
-                         space->zip_size(), mtr, free_block);
+  buf_block_t *free_block= buf_LRU_get_free_block(false),
+    *block= buf_page_create(space, offset, space->zip_size(), mtr, free_block);
   if (UNIV_UNLIKELY(block != free_block))
     buf_pool.free_block(free_block);
-
   fsp_init_file_page(space, block, mtr);
   return block;
 }
@@ -1179,7 +1147,7 @@ MY_ATTRIBUTE((nonnull, warn_unused_result))
 @param[in]      offset  page number in the extent
 @param[in,out]  mtr     mini-transaction
 @return error code */
-static dberr_t fsp_free_extent(fil_space_t* space, page_no_t offset,
+static dberr_t fsp_free_extent(fil_space_t* space, uint32_t offset,
                                mtr_t* mtr)
 {
   ut_ad(space->is_owner());
@@ -1216,7 +1184,7 @@ The page is marked as free and clean.
 @param[in]	offset		page number
 @param[in,out]	mtr		mini-transaction
 @return error code */
-static dberr_t fsp_free_page(fil_space_t *space, page_no_t offset, mtr_t *mtr)
+static dberr_t fsp_free_page(fil_space_t *space, uint32_t offset, mtr_t *mtr)
 {
 	xdes_t*		descr;
 	ulint		frag_n_used;
@@ -1756,7 +1724,6 @@ page_alloc:
 
 		ut_d(const auto x = block->page.lock.x_lock_count());
 		ut_ad(x || block->page.lock.not_recursive());
-		ut_ad(x == 1 || space->is_being_truncated);
 		ut_ad(x <= 2);
 		ut_ad(!fil_page_get_type(block->page.frame));
 		mtr->write<1>(*block, FIL_PAGE_TYPE + 1 + block->page.frame,
@@ -2493,7 +2460,7 @@ fseg_free_page_low(
 	fseg_inode_t*		seg_inode,
 	buf_block_t*		iblock,
 	fil_space_t*		space,
-	page_no_t		offset,
+	uint32_t		offset,
 	mtr_t*			mtr
 #ifdef BTR_CUR_HASH_ADAPT
 	,bool			ahi=false
@@ -2859,7 +2826,7 @@ fseg_free_step(
 		return true;
 	}
 
-	page_no_t page_no = fseg_get_nth_frag_page_no(inode, n);
+	uint32_t page_no = fseg_get_nth_frag_page_no(inode, n);
 
 	if (fseg_free_page_low(inode, iblock, space, page_no, mtr
 #ifdef BTR_CUR_HASH_ADAPT
diff --git a/storage/innobase/fsp/fsp0sysspace.cc b/storage/innobase/fsp/fsp0sysspace.cc
index e4a43e48..4ac9da50 100644
--- a/storage/innobase/fsp/fsp0sysspace.cc
+++ b/storage/innobase/fsp/fsp0sysspace.cc
@@ -33,6 +33,7 @@ Refactored 2013-7-26 by Kevin Lewis
 #include "os0file.h"
 #include "row0mysql.h"
 #include "buf0dblwr.h"
+#include "log.h"
 
 /** The server header file is included to access opt_initialize global variable.
 If server passes the option for create/open DB to SE, we should remove such
@@ -568,7 +569,7 @@ inline dberr_t SysTablespace::read_lsn_and_check_flags()
 	}
 
 	err = it->read_first_page(
-		m_ignore_read_only ?  false : srv_read_only_mode);
+		m_ignore_read_only && srv_read_only_mode);
 
 	if (err != DB_SUCCESS) {
 		return(err);
@@ -582,47 +583,62 @@ inline dberr_t SysTablespace::read_lsn_and_check_flags()
 
 	/* Check the contents of the first page of the
 	first datafile. */
-	for (int retry = 0; retry < 2; ++retry) {
+	err = it->validate_first_page();
 
-		err = it->validate_first_page();
-
-		if (err != DB_SUCCESS
-		    && (retry == 1
-			|| recv_sys.dblwr.restore_first_page(
+	if (err != DB_SUCCESS) {
+		if (recv_sys.dblwr.restore_first_page(
 				it->m_space_id, it->m_filepath,
-				it->handle()))) {
-
+				it->handle())) {
 			it->close();
-
 			return(err);
 		}
+		err = it->read_first_page(
+			m_ignore_read_only && srv_read_only_mode);
 	}
 
 	/* Make sure the tablespace space ID matches the
 	space ID on the first page of the first datafile. */
-	if (space_id() != it->m_space_id) {
-
-		ib::error()
-			<< "The data file '" << it->filepath()
-			<< "' has the wrong space ID. It should be "
-			<< space_id() << ", but " << it->m_space_id
-			<< " was found";
-
+	if (err != DB_SUCCESS || space_id() != it->m_space_id) {
+		sql_print_error("InnoDB: The data file '%s'"
+				" has the wrong space ID."
+				" It should be " UINT32PF ", but " UINT32PF
+				" was found", it->filepath(),
+				space_id(), it->m_space_id);
 		it->close();
-
-		return(err);
+		return err;
 	}
 
-	if (srv_operation == SRV_OPERATION_NORMAL) {
+	if (srv_force_recovery != 6
+	    && srv_operation == SRV_OPERATION_NORMAL
+	    && !log_sys.next_checkpoint_lsn
+	    && log_sys.format == log_t::FORMAT_3_23) {
+
+		log_sys.latch.wr_lock(SRW_LOCK_CALL);
 		/* Prepare for possible upgrade from 0-sized ib_logfile0. */
-		ut_ad(!log_sys.next_checkpoint_lsn);
 		log_sys.next_checkpoint_lsn = mach_read_from_8(
 			it->m_first_page + 26/*FIL_PAGE_FILE_FLUSH_LSN*/);
+		if (log_sys.next_checkpoint_lsn < 8204) {
+			/* Before MDEV-14425, InnoDB had a minimum LSN
+			of 8192+12=8204. Likewise, mariadb-backup
+			--prepare would create an empty ib_logfile0
+			after applying the log. We will allow an
+			upgrade from such an empty log. */
+			sql_print_error("InnoDB: ib_logfile0 is "
+					"empty, and LSN is unknown.");
+			err = DB_CORRUPTION;
+		} else {
+			log_sys.last_checkpoint_lsn =
+				recv_sys.lsn = recv_sys.file_checkpoint =
+				log_sys.next_checkpoint_lsn;
+			log_sys.set_recovered_lsn(log_sys.next_checkpoint_lsn);
+			log_sys.next_checkpoint_no = 0;
+		}
+
+		log_sys.latch.wr_unlock();
 	}
 
 	it->close();
-
-	return(DB_SUCCESS);
+	return err;
 }
 
 /** Check if a file can be opened in the correct mode.
diff --git a/storage/innobase/gis/gis0sea.cc b/storage/innobase/gis/gis0sea.cc
index 8ca8681b..0df9a7de 100644
--- a/storage/innobase/gis/gis0sea.cc
+++ b/storage/innobase/gis/gis0sea.cc
@@ -304,6 +304,8 @@ rtr_pcur_getnext_from_path(
 			break;
 		}
 
+		buf_page_make_young_if_needed(&block->page);
+
 		page = buf_block_get_frame(block);
 		page_ssn = page_get_ssn_id(page);
 
@@ -683,6 +685,8 @@ dberr_t rtr_search_to_nth_level(ulint level, const dtuple_t *tuple,
     return err;
   }
 
+  buf_page_make_young_if_needed(&block->page);
+
   const page_t *page= buf_block_get_frame(block);
 #ifdef UNIV_ZIP_DEBUG
   if (rw_latch != RW_NO_LATCH) {
@@ -1703,6 +1707,8 @@ corrupted:
 		goto func_exit;
 	}
 
+	buf_page_make_young_if_needed(&page_cursor->block->page);
+
 	/* Get the page SSN */
 	page = buf_block_get_frame(page_cursor->block);
 	page_ssn = page_get_ssn_id(page);
diff --git a/storage/innobase/handler/ha_innodb.cc b/storage/innobase/handler/ha_innodb.cc
index 21bf10a1..407834f2 100644
--- a/storage/innobase/handler/ha_innodb.cc
+++ b/storage/innobase/handler/ha_innodb.cc
@@ -1575,7 +1575,8 @@ static void innodb_drop_database(handlerton*, char *path)
       ibuf_delete_for_discarded_space(id);
 
     /* Any changes must be persisted before we return. */
-    log_write_up_to(mtr.commit_lsn(), true);
+    if (mtr.commit_lsn())
+      log_write_up_to(mtr.commit_lsn(), true);
   }
 
   my_free(namebuf);
@@ -2080,7 +2081,7 @@ all_fail:
   ut_d(purge_sys.resume_FTS());
 }
 
-static void innodb_ddl_recovery_done(handlerton*)
+static int innodb_ddl_recovery_done(handlerton*)
 {
   ut_ad(!ddl_recovery_done);
   ut_d(ddl_recovery_done= true);
@@ -2091,6 +2092,7 @@ static void innodb_ddl_recovery_done(handlerton*)
       drop_garbage_tables_after_restore();
     srv_init_purge_tasks();
   }
+  return 0;
 }
 
 /********************************************************************//**
@@ -4001,7 +4003,7 @@ static int innodb_init_params()
 
 	data_mysql_default_charset_coll = (ulint) default_charset_info->number;
 
-#ifndef _WIN32
+#ifdef HAVE_FCNTL_DIRECT
 	if (srv_use_atomic_writes && my_may_have_atomic_write) {
 		/*
                   Force O_DIRECT on Unixes (on Windows writes are always
@@ -4026,11 +4028,6 @@ static int innodb_init_params()
 	}
 #endif
 
-	if (srv_read_only_mode) {
-		ib::info() << "Started in read only mode";
-		srv_use_doublewrite_buf = FALSE;
-	}
-
 #if !defined LINUX_NATIVE_AIO && !defined HAVE_URING && !defined _WIN32
 	/* Currently native AIO is supported only on windows and linux
 	and that also when the support is compiled in. In all other
@@ -4046,9 +4043,7 @@ static int innodb_init_params()
 	}
 #endif
 
-#ifndef _WIN32
-	ut_ad(srv_file_flush_method <= SRV_O_DIRECT_NO_FSYNC);
-#else
+#ifdef _WIN32
 	switch (srv_file_flush_method) {
 	case SRV_ALL_O_DIRECT_FSYNC + 1 /* "async_unbuffered"="unbuffered" */:
 		srv_file_flush_method = SRV_ALL_O_DIRECT_FSYNC;
@@ -4059,6 +4054,8 @@ static int innodb_init_params()
 	default:
 		ut_ad(srv_file_flush_method <= SRV_ALL_O_DIRECT_FSYNC);
 	}
+#else
+	ut_ad(srv_file_flush_method <= SRV_O_DIRECT_NO_FSYNC);
 #endif
 	innodb_buffer_pool_size_init();
 
@@ -7817,20 +7814,6 @@ ha_innobase::write_row(
 #endif
 
 		if ((error_result = update_auto_increment())) {
-			/* We don't want to mask autoinc overflow errors. */
-
-			/* Handle the case where the AUTOINC sub-system
-			failed during initialization. */
-			if (m_prebuilt->autoinc_error == DB_UNSUPPORTED) {
-				error_result = ER_AUTOINC_READ_FAILED;
-				/* Set the error message to report too. */
-				my_error(ER_AUTOINC_READ_FAILED, MYF(0));
-				goto func_exit;
-			} else if (m_prebuilt->autoinc_error != DB_SUCCESS) {
-				error = m_prebuilt->autoinc_error;
-				goto report_error;
-			}
-
 			/* MySQL errors are passed straight back. */
 			goto func_exit;
 		}
@@ -7968,7 +7951,6 @@ set_max_autoinc:
 		}
 	}
 
-report_error:
 	/* Cleanup and exit. */
 	if (error == DB_TABLESPACE_DELETED) {
 		ib_senderrf(
@@ -11809,8 +11791,6 @@ index_bad:
 
 	/* Set the flags2 when create table or alter tables */
 	m_flags2 |= DICT_TF2_FTS_AUX_HEX_NAME;
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			m_flags2 &= ~DICT_TF2_FTS_AUX_HEX_NAME;);
 
 	DBUG_RETURN(true);
 }
@@ -14710,12 +14690,7 @@ ha_innobase::info_low(
 	DBUG_ASSERT(ib_table->get_ref_count() > 0);
 
 	if (!ib_table->is_readable()) {
-		ib_table->stats_mutex_lock();
-		ib_table->stat_initialized = true;
-		ib_table->stat_n_rows = 0;
-		ib_table->stat_clustered_index_size = 0;
-		ib_table->stat_sum_of_other_index_sizes = 0;
-		ib_table->stats_mutex_unlock();
+		dict_stats_empty_table(ib_table, true);
 	}
 
 	if (flag & HA_STATUS_TIME) {
@@ -15674,15 +15649,17 @@ ha_innobase::extra(
 {
 	/* Warning: since it is not sure that MariaDB calls external_lock()
 	before calling this function, m_prebuilt->trx can be obsolete! */
-	trx_t* trx = check_trx_exists(ha_thd());
+	trx_t* trx;
 
 	switch (operation) {
 	case HA_EXTRA_FLUSH:
+		(void)check_trx_exists(ha_thd());
 		if (m_prebuilt->blob_heap) {
 			row_mysql_prebuilt_free_blob_heap(m_prebuilt);
 		}
 		break;
 	case HA_EXTRA_RESET_STATE:
+		trx = check_trx_exists(ha_thd());
 		reset_template();
 		trx->duplicates = 0;
 	stmt_boundary:
@@ -15691,18 +15668,23 @@ ha_innobase::extra(
 		trx->bulk_insert = false;
 		break;
 	case HA_EXTRA_NO_KEYREAD:
+		(void)check_trx_exists(ha_thd());
 		m_prebuilt->read_just_key = 0;
 		break;
 	case HA_EXTRA_KEYREAD:
+		(void)check_trx_exists(ha_thd());
 		m_prebuilt->read_just_key = 1;
 		break;
 	case HA_EXTRA_KEYREAD_PRESERVE_FIELDS:
+		(void)check_trx_exists(ha_thd());
 		m_prebuilt->keep_other_fields_on_keyread = 1;
 		break;
 	case HA_EXTRA_INSERT_WITH_UPDATE:
+		trx = check_trx_exists(ha_thd());
 		trx->duplicates |= TRX_DUP_IGNORE;
 		goto stmt_boundary;
 	case HA_EXTRA_NO_IGNORE_DUP_KEY:
+		trx = check_trx_exists(ha_thd());
 		trx->duplicates &= ~TRX_DUP_IGNORE;
 		if (trx->is_bulk_insert()) {
 			/* Allow a subsequent INSERT into an empty table
@@ -15714,9 +15696,11 @@ ha_innobase::extra(
 		}
 		goto stmt_boundary;
 	case HA_EXTRA_WRITE_CAN_REPLACE:
+		trx = check_trx_exists(ha_thd());
 		trx->duplicates |= TRX_DUP_REPLACE;
 		goto stmt_boundary;
 	case HA_EXTRA_WRITE_CANNOT_REPLACE:
+		trx = check_trx_exists(ha_thd());
 		trx->duplicates &= ~TRX_DUP_REPLACE;
 		if (trx->is_bulk_insert()) {
 			/* Allow a subsequent INSERT into an empty table
@@ -15725,6 +15709,7 @@ ha_innobase::extra(
 		}
 		goto stmt_boundary;
 	case HA_EXTRA_BEGIN_ALTER_COPY:
+		trx = check_trx_exists(ha_thd());
 		m_prebuilt->table->skip_alter_undo = 1;
 		if (m_prebuilt->table->is_temporary()
 		    || !m_prebuilt->table->versioned_by_id()) {
@@ -15737,8 +15722,10 @@ ha_innobase::extra(
 			.first->second.set_versioned(0);
 		break;
 	case HA_EXTRA_END_ALTER_COPY:
+		trx = check_trx_exists(ha_thd());
 		m_prebuilt->table->skip_alter_undo = 0;
-		if (!m_prebuilt->table->is_temporary()) {
+		if (!m_prebuilt->table->is_temporary()
+		    && !high_level_read_only) {
 			log_buffer_flush_to_disk();
 		}
 		break;
@@ -18270,11 +18257,18 @@ static
 void
 buf_flush_list_now_set(THD*, st_mysql_sys_var*, void*, const void* save)
 {
-	if (*(my_bool*) save) {
-		mysql_mutex_unlock(&LOCK_global_system_variables);
-		buf_flush_sync();
-		mysql_mutex_lock(&LOCK_global_system_variables);
-	}
+  if (!*(my_bool*) save)
+    return;
+  const uint s= srv_fil_make_page_dirty_debug;
+  mysql_mutex_unlock(&LOCK_global_system_variables);
+  if (s)
+    buf_flush_sync();
+  else
+  {
+    while (buf_flush_list_space(fil_system.sys_space, nullptr));
+    os_aio_wait_until_no_pending_writes(true);
+  }
+  mysql_mutex_lock(&LOCK_global_system_variables);
 }
 
 /** Override current MERGE_THRESHOLD setting for all indexes at dictionary
@@ -19368,8 +19362,10 @@ static MYSQL_SYSVAR_ULONGLONG(max_undo_log_size, srv_max_undo_log_size,
   10 << 20, 10 << 20,
   1ULL << (32 + UNIV_PAGE_SIZE_SHIFT_MAX), 0);
 
+static ulong innodb_purge_rseg_truncate_frequency;
+
 static MYSQL_SYSVAR_ULONG(purge_rseg_truncate_frequency,
-  srv_purge_rseg_truncate_frequency,
+  innodb_purge_rseg_truncate_frequency,
   PLUGIN_VAR_OPCMDARG | PLUGIN_VAR_DEPRECATED,
   "Deprecated parameter with no effect",
   NULL, NULL, 128, 1, 128, 0);
@@ -20606,6 +20602,10 @@ Compare_keys ha_innobase::compare_key_parts(
     if (old_part.length >= new_part.length)
       return Compare_keys::NotEqual;
 
+    if (old_part.length == old_field.key_length() &&
+        new_part.length != new_field.length)
+      return Compare_keys::NotEqual;
+
     return Compare_keys::EqualButKeyPartLength;
   }
 
diff --git a/storage/innobase/handler/handler0alter.cc b/storage/innobase/handler/handler0alter.cc
index 40370ac5..1401136f 100644
--- a/storage/innobase/handler/handler0alter.cc
+++ b/storage/innobase/handler/handler0alter.cc
@@ -2317,12 +2317,16 @@ innodb_instant_alter_column_allowed_reason:
 		}
 	}
 
+	bool need_rebuild = false;
+
 	switch (ha_alter_info->handler_flags & ~INNOBASE_INPLACE_IGNORE) {
 	case ALTER_OPTIONS:
-		if (alter_options_need_rebuild(ha_alter_info, table)) {
+		if ((srv_file_per_table && !m_prebuilt->table->space_id)
+		    || alter_options_need_rebuild(ha_alter_info, table)) {
 			reason_rebuild = my_get_err_msg(
 				ER_ALTER_OPERATION_TABLE_OPTIONS_NEED_REBUILD);
 			ha_alter_info->unsupported_reason = reason_rebuild;
+			need_rebuild= true;
 			break;
 		}
 		/* fall through */
@@ -2434,7 +2438,7 @@ innodb_instant_alter_column_allowed_reason:
 
 	/* We should be able to do the operation in-place.
 	See if we can do it online (LOCK=NONE) or without rebuild. */
-	bool online = true, need_rebuild = false;
+	bool online = true;
 	const uint fulltext_indexes = innobase_fulltext_exist(altered_table);
 
 	/* Fix the key parts. */
@@ -4338,7 +4342,8 @@ static void unlock_and_close_files(const std::vector<pfs_os_file_t> &deleted,
   row_mysql_unlock_data_dictionary(trx);
   for (pfs_os_file_t d : deleted)
     os_file_close(d);
-  log_write_up_to(trx->commit_lsn, true);
+  if (trx->commit_lsn)
+    log_write_up_to(trx->commit_lsn, true);
 }
 
 /** Commit a DDL transaction and unlink any deleted files. */
@@ -4681,11 +4686,13 @@ innobase_build_col_map(
 				col_map[old_i - num_old_v] = i;
 				if (!old_table->versioned()
 				    || !altered_table->versioned()) {
-				} else if (old_i == old_table->vers_start) {
-					new_table->vers_start = (i + num_v)
+				} else if (old_i - num_old_v == old_table->vers_start) {
+					ut_ad(field->vers_sys_start());
+					new_table->vers_start = i
 						& dict_index_t::MAX_N_FIELDS;
-				} else if (old_i == old_table->vers_end) {
-					new_table->vers_end = (i + num_v)
+				} else if (old_i - num_old_v == old_table->vers_end) {
+					ut_ad(field->vers_sys_end());
+					new_table->vers_end = i
 						& dict_index_t::MAX_N_FIELDS;
 				}
 				goto found_col;
@@ -6217,24 +6224,20 @@ empty_table:
 	/* Convert the table to the instant ALTER TABLE format. */
 	mtr.commit();
 	mtr.start();
-	index->set_modified(mtr);
-	if (buf_block_t* root = btr_root_block_get(index, RW_SX_LATCH, &mtr,
+	if (buf_block_t* root = btr_root_block_get(index, RW_S_LATCH, &mtr,
 						   &err)) {
 		if (fil_page_get_type(root->page.frame) != FIL_PAGE_INDEX) {
 			DBUG_ASSERT("wrong page type" == 0);
 			err = DB_CORRUPTION;
 			goto func_exit;
 		}
-
-		btr_set_instant(root, *index, &mtr);
-		mtr.commit();
-		mtr.start();
-		index->set_modified(mtr);
-		err = row_ins_clust_index_entry_low(
-			BTR_NO_LOCKING_FLAG, BTR_MODIFY_TREE, index,
-			index->n_uniq, entry, 0, thr);
 	}
+	mtr.commit();
+	mtr.start();
 
+	err = row_ins_clust_index_entry_low(
+		BTR_NO_LOCKING_FLAG, BTR_MODIFY_TREE, index,
+		index->n_uniq, entry, 0, thr);
 	goto func_exit;
 }
 
@@ -7775,6 +7778,7 @@ bool check_col_is_in_fk_indexes(
 
   for (const auto &a : add_fk)
   {
+    if (!a->foreign_index) continue;
     for (ulint i= 0; i < a->n_fields; i++)
     {
       if (a->foreign_index->fields[i].col == col)
@@ -11666,7 +11670,6 @@ foreign_fail:
 		}
 
 		unlock_and_close_files(deleted, trx);
-		log_write_up_to(trx->commit_lsn, true);
 		DBUG_EXECUTE_IF("innodb_alter_commit_crash_after_commit",
 				DBUG_SUICIDE(););
 		trx->free();
@@ -11723,7 +11726,6 @@ foreign_fail:
 	}
 
 	unlock_and_close_files(deleted, trx);
-	log_write_up_to(trx->commit_lsn, true);
 	DBUG_EXECUTE_IF("innodb_alter_commit_crash_after_commit",
 			DBUG_SUICIDE(););
 	trx->free();
diff --git a/storage/innobase/handler/i_s.cc b/storage/innobase/handler/i_s.cc
index b00308d7..711144e3 100644
--- a/storage/innobase/handler/i_s.cc
+++ b/storage/innobase/handler/i_s.cc
@@ -4539,6 +4539,15 @@ i_s_dict_fill_sys_tables(
 	DBUG_RETURN(0);
 }
 
+/** Handle the error for information schema query
+@param  err  error value
+@param  thd  thread
+@return 0 if query is interrupted or error */
+static int i_s_sys_error_handling(int err, THD *thd)
+{
+  return thd_kill_level(thd) ? 0 : err;
+}
+
 /** Convert one SYS_TABLES record to dict_table_t.
 @param pcur      persistent cursor position on SYS_TABLES record
 @param mtr       mini-transaction (nullptr=use the dict_sys cache)
@@ -4587,6 +4596,7 @@ i_s_sys_tables_fill_table(
 {
 	btr_pcur_t	pcur;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_tables_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -4616,8 +4626,15 @@ i_s_sys_tables_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_tables(thd, table_rec,
-						 tables->table);
+			err = i_s_dict_fill_sys_tables(
+				thd, table_rec, tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				if (table_rec) {
+					dict_mem_table_free(table_rec);
+				}
+				goto func_exit;
+			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
 					    ER_CANT_FIND_SYSTEM_REC, "%s",
@@ -4635,8 +4652,10 @@ i_s_sys_tables_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 
 /*******************************************************************//**
@@ -4807,6 +4826,7 @@ i_s_sys_tables_fill_table_stats(
 	btr_pcur_t	pcur;
 	const rec_t*	rec;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_tables_fill_table_stats");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -4832,8 +4852,12 @@ i_s_sys_tables_fill_table_stats(
 					     &table_rec);
 
 		if (UNIV_LIKELY(!err_msg)) {
-			i_s_dict_fill_sys_tablestats(thd, table_rec,
+			err = i_s_dict_fill_sys_tablestats(thd, table_rec,
 						     tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 		} else {
 			ut_ad(!table_rec);
 			dict_sys.unlock();
@@ -4851,8 +4875,9 @@ i_s_sys_tables_fill_table_stats(
 
 	mtr.commit();
 	dict_sys.unlock();
-
-	DBUG_RETURN(0);
+func_exit:
+	ut_free(pcur.old_rec_buf);
+	DBUG_RETURN(err);
 }
 
 /*******************************************************************//**
@@ -5024,6 +5049,7 @@ i_s_sys_indexes_fill_table(
 	const rec_t*		rec;
 	mem_heap_t*		heap;
 	mtr_t			mtr;
+	int			err = 0;
 
 	DBUG_ENTER("i_s_sys_indexes_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5059,11 +5085,13 @@ i_s_sys_indexes_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			if (int err = i_s_dict_fill_sys_indexes(
-				    thd, table_id, space_id, &index_rec,
-				    tables->table)) {
-				mem_heap_free(heap);
-				DBUG_RETURN(err);
+			err = i_s_dict_fill_sys_indexes(
+				    thd, table_id, space_id,
+				    &index_rec,
+				    tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
 			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
@@ -5081,9 +5109,11 @@ i_s_sys_indexes_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
 	mem_heap_free(heap);
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 /*******************************************************************//**
 Bind the dynamic table INFORMATION_SCHEMA.innodb_sys_indexes
@@ -5232,6 +5262,7 @@ i_s_sys_columns_fill_table(
 	const char*	col_name;
 	mem_heap_t*	heap;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_columns_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5263,9 +5294,14 @@ i_s_sys_columns_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_columns(thd, table_id, col_name,
-						 &column_rec, nth_v_col,
-						 tables->table);
+			err = i_s_dict_fill_sys_columns(
+				thd, table_id, col_name,
+				&column_rec, nth_v_col,
+				tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
 					    ER_CANT_FIND_SYSTEM_REC, "%s",
@@ -5282,9 +5318,11 @@ i_s_sys_columns_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
 	mem_heap_free(heap);
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 
 /*******************************************************************//**
@@ -5416,6 +5454,7 @@ i_s_sys_virtual_fill_table(
 	ulint		pos;
 	ulint		base_pos;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_virtual_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5444,8 +5483,13 @@ i_s_sys_virtual_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_virtual(thd, table_id, pos, base_pos,
-						  tables->table);
+			err = i_s_dict_fill_sys_virtual(
+				thd, table_id, pos, base_pos,
+				tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
 					    ER_CANT_FIND_SYSTEM_REC, "%s",
@@ -5462,6 +5506,9 @@ i_s_sys_virtual_fill_table(
 	dict_sys.unlock();
 
 	DBUG_RETURN(0);
+func_exit:
+	ut_free(pcur.old_rec_buf);
+	DBUG_RETURN(err);
 }
 
 /** Bind the dynamic table INFORMATION_SCHEMA.innodb_sys_virtual
@@ -5589,6 +5636,7 @@ i_s_sys_fields_fill_table(
 	mem_heap_t*	heap;
 	index_id_t	last_id;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_fields_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5624,8 +5672,13 @@ i_s_sys_fields_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_fields(thd, index_id, &field_rec,
-						 pos, tables->table);
+			err = i_s_dict_fill_sys_fields(
+				thd, index_id, &field_rec,
+				pos, tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 			last_id = index_id;
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
@@ -5643,9 +5696,11 @@ i_s_sys_fields_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
 	mem_heap_free(heap);
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 /*******************************************************************//**
 Bind the dynamic table INFORMATION_SCHEMA.innodb_sys_fields
@@ -5782,6 +5837,7 @@ i_s_sys_foreign_fill_table(
 	const rec_t*	rec;
 	mem_heap_t*	heap;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_foreign_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5809,8 +5865,12 @@ i_s_sys_foreign_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_foreign(thd, &foreign_rec,
-						 tables->table);
+			err = i_s_dict_fill_sys_foreign(
+				thd, &foreign_rec, tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
 					    ER_CANT_FIND_SYSTEM_REC, "%s",
@@ -5827,9 +5887,11 @@ i_s_sys_foreign_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
 	mem_heap_free(heap);
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 
 /*******************************************************************//**
@@ -5963,6 +6025,7 @@ i_s_sys_foreign_cols_fill_table(
 	const rec_t*	rec;
 	mem_heap_t*	heap;
 	mtr_t		mtr;
+	int		err = 0;
 
 	DBUG_ENTER("i_s_sys_foreign_cols_fill_table");
 	RETURN_IF_INNODB_NOT_STARTED(tables->schema_table_name.str);
@@ -5994,9 +6057,13 @@ i_s_sys_foreign_cols_fill_table(
 		dict_sys.unlock();
 
 		if (!err_msg) {
-			i_s_dict_fill_sys_foreign_cols(
-				thd, name, for_col_name, ref_col_name, pos,
-				tables->table);
+			err = i_s_dict_fill_sys_foreign_cols(
+				thd, name, for_col_name,
+				ref_col_name, pos, tables->table);
+			if (err) {
+				err = i_s_sys_error_handling(err, thd);
+				goto func_exit;
+			}
 		} else {
 			push_warning_printf(thd, Sql_condition::WARN_LEVEL_WARN,
 					    ER_CANT_FIND_SYSTEM_REC, "%s",
@@ -6013,9 +6080,11 @@ i_s_sys_foreign_cols_fill_table(
 
 	mtr.commit();
 	dict_sys.unlock();
+func_exit:
 	mem_heap_free(heap);
+	ut_free(pcur.old_rec_buf);
 
-	DBUG_RETURN(0);
+	DBUG_RETURN(err);
 }
 /*******************************************************************//**
 Bind the dynamic table INFORMATION_SCHEMA.innodb_sys_foreign_cols
@@ -6218,6 +6287,8 @@ static int i_s_sys_tablespaces_fill_table(THD *thd, TABLE_LIST *tables, Item*)
   mysql_mutex_unlock(&fil_system.mutex);
   if (err == DB_SUCCESS)
     err= i_s_sys_tablespaces_fill(thd, *fil_system.temp_space, tables->table);
+  else
+    err = i_s_sys_error_handling(err, thd);
   DBUG_RETURN(err);
 }
 
diff --git a/storage/innobase/ibuf/ibuf0ibuf.cc b/storage/innobase/ibuf/ibuf0ibuf.cc
index b9e94a67..4ec07b81 100644
--- a/storage/innobase/ibuf/ibuf0ibuf.cc
+++ b/storage/innobase/ibuf/ibuf0ibuf.cc
@@ -309,8 +309,13 @@ ibuf_header_page_get(
 	buf_block_t* block = buf_page_get(
 		page_id_t(IBUF_SPACE_ID, FSP_IBUF_HEADER_PAGE_NO),
 		0, RW_X_LATCH, mtr);
+	if (UNIV_UNLIKELY(!block)) {
+		return nullptr;
+	}
+
+	buf_page_make_young_if_needed(&block->page);
 
-	return block ? block->page.frame : nullptr;
+	return block->page.frame;
 }
 
 /** Acquire the change buffer root page.
@@ -326,7 +331,12 @@ static buf_block_t *ibuf_tree_root_get(mtr_t *mtr, dberr_t *err= nullptr)
   buf_block_t *block=
     buf_page_get_gen(page_id_t{IBUF_SPACE_ID, FSP_IBUF_TREE_ROOT_PAGE_NO},
                      0, RW_SX_LATCH, nullptr, BUF_GET, mtr, err);
-  ut_ad(!block || ibuf.empty == page_is_empty(block->page.frame));
+  if (block)
+  {
+    ut_ad(ibuf.empty == page_is_empty(block->page.frame));
+    buf_page_make_young_if_needed(&block->page);
+  }
+
   return block;
 }
 
@@ -408,7 +418,8 @@ err_exit:
 			      + header_page->page.frame, &ibuf.seg_size, &mtr);
 
 	do {
-		DBUG_EXECUTE_IF("intermittent_read_failure", continue;);
+		IF_DBUG(if (_db_keyword_(nullptr, "intermittent_read_failure",
+					 1)) continue,);
 		ut_ad(ibuf.seg_size >= 2);
 	} while (0);
 
diff --git a/storage/innobase/include/btr0btr.h b/storage/innobase/include/btr0btr.h
index 5a0401fa..b42c543c 100644
--- a/storage/innobase/include/btr0btr.h
+++ b/storage/innobase/include/btr0btr.h
@@ -89,10 +89,12 @@ ATTRIBUTE_COLD void btr_decryption_failed(const dict_index_t &index);
 @param[in]	merge	whether change buffer merge should be attempted
 @param[in,out]	mtr	mini-transaction
 @param[out]	err	error code
+@param[out]	first	set if this is a first-time access to the page
 @return block */
 buf_block_t *btr_block_get(const dict_index_t &index,
                            uint32_t page, rw_lock_type_t mode, bool merge,
-                           mtr_t *mtr, dberr_t *err= nullptr);
+                           mtr_t *mtr, dberr_t *err= nullptr,
+                           bool *first= nullptr);
 
 /**************************************************************//**
 Gets the index id field of a page.
diff --git a/storage/innobase/include/buf0buf.h b/storage/innobase/include/buf0buf.h
index 332b2039..cd7cc294 100644
--- a/storage/innobase/include/buf0buf.h
+++ b/storage/innobase/include/buf0buf.h
@@ -262,8 +262,6 @@ buf_block_t*
 buf_page_create_deferred(uint32_t space_id, ulint zip_size, mtr_t *mtr,
                          buf_block_t *free_block);
 
-/** Move a block to the start of the LRU list. */
-void buf_page_make_young(buf_page_t *bpage);
 /** Mark the page status as FREED for the given tablespace and page number.
 @param[in,out]	space	tablespace
 @param[in]	page	page number
@@ -285,15 +283,6 @@ there is danger of dropping from the buffer pool.
 @return true if bpage should be made younger */
 inline bool buf_page_peek_if_too_old(const buf_page_t *bpage);
 
-/** Move a page to the start of the buffer pool LRU list if it is too old.
-@param[in,out]	bpage		buffer pool page */
-inline void buf_page_make_young_if_needed(buf_page_t *bpage)
-{
-	if (UNIV_UNLIKELY(buf_page_peek_if_too_old(bpage))) {
-		buf_page_make_young(bpage);
-	}
-}
-
 /********************************************************************//**
 Increments the modify clock of a frame by 1. The caller must (1) own the
 buf_pool.mutex and block bufferfix count has to be zero, (2) or own an x-lock
@@ -656,12 +645,9 @@ public:
     access_time= 0;
   }
 
-  void set_os_unused()
+  void set_os_unused() const
   {
     MEM_NOACCESS(frame, srv_page_size);
-#ifdef MADV_FREE
-    madvise(frame, srv_page_size, MADV_FREE);
-#endif
   }
 
   void set_os_used() const
@@ -1301,6 +1287,11 @@ public:
   /** Resize from srv_buf_pool_old_size to srv_buf_pool_size. */
   inline void resize();
 
+#ifdef __linux__
+  /** Collect garbage (release pages from the LRU list) */
+  inline void garbage_collect();
+#endif
+
   /** @return whether resize() is in progress */
   bool resize_in_progress() const
   {
@@ -1507,10 +1498,8 @@ public:
         n_chunks_new / 4 * chunks->size;
   }
 
-  /** @return whether the buffer pool has run out */
-  TPOOL_SUPPRESS_TSAN
-  bool ran_out() const
-  { return UNIV_UNLIKELY(!try_LRU_scan || !UT_LIST_GET_LEN(free)); }
+  /** @return whether the buffer pool is running low */
+  bool need_LRU_eviction() const;
 
   /** @return whether the buffer pool is shrinking */
   inline bool is_shrinking() const
@@ -1836,6 +1825,9 @@ public:
   Set whenever the free list grows, along with a broadcast of done_free.
   Protected by buf_pool.mutex. */
   Atomic_relaxed<bool> try_LRU_scan;
+  /** Whether we have warned to be running out of buffer pool */
+  std::atomic_flag LRU_warned;
+
 	/* @} */
 
 	/** @name LRU replacement algorithm fields */
@@ -1898,7 +1890,8 @@ public:
   a delete-buffering operation is pending. Protected by mutex. */
   buf_page_t watch[innodb_purge_threads_MAX + 1];
   /** Reserve a buffer. */
-  buf_tmp_buffer_t *io_buf_reserve() { return io_buf.reserve(); }
+  buf_tmp_buffer_t *io_buf_reserve(bool wait_for_reads)
+  { return io_buf.reserve(wait_for_reads); }
 
   /** Remove a block from flush_list.
   @param bpage   buffer pool page */
@@ -1933,7 +1926,7 @@ private:
     void close();
 
     /** Reserve a buffer */
-    buf_tmp_buffer_t *reserve();
+    buf_tmp_buffer_t *reserve(bool wait_for_reads);
   } io_buf;
 
   /** whether resize() is in the critical path */
diff --git a/storage/innobase/include/buf0dblwr.h b/storage/innobase/include/buf0dblwr.h
index 9932b0e5..6e7662d9 100644
--- a/storage/innobase/include/buf0dblwr.h
+++ b/storage/innobase/include/buf0dblwr.h
@@ -105,7 +105,8 @@ public:
   If we are upgrading from a version before MySQL 4.1, then this
   function performs the necessary update operations to support
   innodb_file_per_table. If we are in a crash recovery, this function
-  loads the pages from double write buffer into memory.
+  loads the pages from double write buffer which are not older than
+  the checkpoint into memory.
   @param file File handle
   @param path Path name of file
   @return DB_SUCCESS or error code */
diff --git a/storage/innobase/include/buf0lru.h b/storage/innobase/include/buf0lru.h
index aec08e77..28410276 100644
--- a/storage/innobase/include/buf0lru.h
+++ b/storage/innobase/include/buf0lru.h
@@ -108,6 +108,16 @@ buf_LRU_add_block(
 				blocks in the LRU list, else put to the
 				start; if the LRU list is very short, added to
 				the start regardless of this parameter */
+
+/** Move a block to the start of the buf_pool.LRU list.
+@param bpage  buffer pool page */
+void buf_page_make_young(buf_page_t *bpage);
+/** Flag a page accessed in buf_pool and move it to the start of buf_pool.LRU
+if it is too old.
+@param bpage  buffer pool page
+@return whether this is not the first access */
+bool buf_page_make_young_if_needed(buf_page_t *bpage);
+
 /******************************************************************//**
 Adds a block to the LRU list of decompressed zip pages. */
 void
diff --git a/storage/innobase/include/dict0load.h b/storage/innobase/include/dict0load.h
index f7d33d5b..3143aafd 100644
--- a/storage/innobase/include/dict0load.h
+++ b/storage/innobase/include/dict0load.h
@@ -35,22 +35,16 @@ Created 4/24/1996 Heikki Tuuri
 #include "btr0types.h"
 
 #include <deque>
+#include <set>
 
 /** A stack of table names related through foreign key constraints */
 typedef std::deque<const char*, ut_allocator<const char*> >	dict_names_t;
 
-/** Check each tablespace found in the data dictionary.
-Then look at each table defined in SYS_TABLES that has a space_id > 0
-to find all the file-per-table tablespaces.
+/** Check MAX(SPACE) FROM SYS_TABLES and store it in fil_system.
+Open each data file if an encryption plugin has been loaded.
 
-In a crash recovery we already have some tablespace objects created from
-processing the REDO log. We will compare the
-space_id information in the data dictionary to what we find in the
-tablespace file. In addition, more validation will be done if recovery
-was needed and force_recovery is not set.
-
-We also scan the biggest space id, and store it to fil_system. */
-void dict_check_tablespaces_and_store_max_id();
+@param spaces  set of tablespace files to open */
+void dict_check_tablespaces_and_store_max_id(const std::set<uint32_t> *spaces);
 
 /** Make sure the data_file_name is saved in dict_table_t if needed.
 @param[in,out]	table		Table object */
diff --git a/storage/innobase/include/dict0stats.h b/storage/innobase/include/dict0stats.h
index 0dc1b984..3b006daf 100644
--- a/storage/innobase/include/dict0stats.h
+++ b/storage/innobase/include/dict0stats.h
@@ -235,4 +235,13 @@ dict_stats_report_error(dict_table_t* table, bool defragment = false)
 void test_dict_stats_all();
 #endif /* UNIV_ENABLE_UNIT_TEST_DICT_STATS */
 
+/** Write all zeros (or 1 where it makes sense) into a table
+and its indexes'statistics members. The resulting stats
+correspond to an empty table.
+@param	table			table stats to be emptied
+@param  empty_defrag_stats	empty the defrag stats */
+void
+dict_stats_empty_table(
+	dict_table_t*	table,
+	bool		empty_defrag_stats);
 #endif /* dict0stats_h */
diff --git a/storage/innobase/include/fil0fil.h b/storage/innobase/include/fil0fil.h
index 6f58e3c1..cdc32515 100644
--- a/storage/innobase/include/fil0fil.h
+++ b/storage/innobase/include/fil0fil.h
@@ -359,8 +359,6 @@ struct fil_space_t final
   lsn_t max_lsn;
   /** tablespace identifier */
   uint32_t id;
-	/** whether undo tablespace truncation is in progress */
-	bool		is_being_truncated;
 	fil_type_t	purpose;/*!< purpose */
 	UT_LIST_BASE_NODE_T(fil_node_t) chain;
 				/*!< base node for the file chain */
@@ -440,6 +438,8 @@ private:
   /** LSN of freeing last page; protected by freed_range_mutex */
   lsn_t last_freed_lsn;
 
+  /** LSN of undo tablespace creation or 0; protected by latch */
+  lsn_t create_lsn;
 public:
   /** @return whether doublewrite buffering is needed */
   inline bool use_doublewrite() const;
@@ -447,6 +447,12 @@ public:
   /** @return whether a page has been freed */
   inline bool is_freed(uint32_t page);
 
+  /** Set create_lsn. */
+  inline void set_create_lsn(lsn_t lsn);
+
+  /** @return the latest tablespace rebuild LSN, or 0 */
+  lsn_t get_create_lsn() const { return create_lsn; }
+
   /** Apply freed_ranges to the file.
   @param writable whether the file is writable
   @return number of pages written or hole-punched */
@@ -524,9 +530,6 @@ public:
   /** Note that operations on the tablespace must stop. */
   inline void set_stopping();
 
-  /** Note that operations on the tablespace can resume after truncation */
-  inline void clear_stopping();
-
   /** Drop the tablespace and wait for any pending operations to cease
   @param id               tablespace identifier
   @param detached_handle  pointer to file to be closed later, or nullptr
@@ -1555,14 +1558,6 @@ inline void fil_space_t::set_stopping()
 #endif
 }
 
-inline void fil_space_t::clear_stopping()
-{
-  mysql_mutex_assert_owner(&fil_system.mutex);
-  static_assert(STOPPING_WRITES == 1U << 30, "compatibility");
-  ut_d(auto n=) n_pending.fetch_sub(STOPPING_WRITES, std::memory_order_relaxed);
-  ut_ad((n & STOPPING) == STOPPING_WRITES);
-}
-
 /** Flush pending writes from the file system cache to the file. */
 template<bool have_reference> inline void fil_space_t::flush()
 {
@@ -1802,7 +1797,7 @@ bool fil_comp_algo_loaded(ulint comp_algo);
 and write out FILE_MODIFY if needed, and write FILE_CHECKPOINT.
 @param lsn  checkpoint LSN
 @return current LSN */
-lsn_t fil_names_clear(lsn_t lsn);
+ATTRIBUTE_COLD lsn_t fil_names_clear(lsn_t lsn);
 
 #ifdef UNIV_ENABLE_UNIT_TEST_MAKE_FILEPATH
 void test_make_filepath();
diff --git a/storage/innobase/include/fts0priv.inl b/storage/innobase/include/fts0priv.inl
index da14cfcb..3cb09c92 100644
--- a/storage/innobase/include/fts0priv.inl
+++ b/storage/innobase/include/fts0priv.inl
@@ -34,29 +34,6 @@ fts_write_object_id(
 	ib_id_t		id,		/* in: a table/index id */
 	char*		str)		/* in: buffer to write the id to */
 {
-
-#ifdef _WIN32
-
-	DBUG_EXECUTE_IF("innodb_test_wrong_non_windows_fts_aux_table_name",
-			return(sprintf(str, UINT64PFx, id)););
-
-	/* Use this to construct old(5.6.14 and 5.7.3) windows
-	ambiguous aux table names */
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			return(sprintf(str, "%016llu", (ulonglong) id)););
-
-#else /* _WIN32 */
-
-	/* Use this to construct old(5.6.14 and 5.7.3) windows
-	ambiguous aux table names */
-	DBUG_EXECUTE_IF("innodb_test_wrong_windows_fts_aux_table_name",
-			return(sprintf(str, "%016llu", (ulonglong) id)););
-
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			return(sprintf(str, "%016llx", (ulonglong) id)););
-
-#endif /* _WIN32 */
-
 	return(sprintf(str, "%016llx", (ulonglong) id));
 }
 
diff --git a/storage/innobase/include/log0log.h b/storage/innobase/include/log0log.h
index f873eabf..54851ca0 100644
--- a/storage/innobase/include/log0log.h
+++ b/storage/innobase/include/log0log.h
@@ -79,13 +79,6 @@ ATTRIBUTE_COLD void log_make_checkpoint();
 /** Make a checkpoint at the latest lsn on shutdown. */
 ATTRIBUTE_COLD void logs_empty_and_mark_files_at_shutdown();
 
-/**
-Checks that there is enough free space in the log to start a new query step.
-Flushes the log buffer or makes a new checkpoint if necessary. NOTE: this
-function may only be called if the calling thread owns no synchronization
-objects! */
-ATTRIBUTE_COLD void log_check_margins();
-
 /******************************************************//**
 Prints info of the log. */
 void
@@ -179,24 +172,33 @@ private:
   std::atomic<lsn_t> flushed_to_disk_lsn;
   /** log sequence number when log resizing was initiated, or 0 */
   std::atomic<lsn_t> resize_lsn;
-  /** set when there may be need to flush the log buffer, or
-  preflush buffer pool pages, or initiate a log checkpoint.
+  /** set when there may be need to initiate a log checkpoint.
   This must hold if lsn - last_checkpoint_lsn > max_checkpoint_age. */
-  std::atomic<bool> check_flush_or_checkpoint_;
-
+  std::atomic<bool> need_checkpoint;
 
 #if defined(__aarch64__)
-/* On ARM, we do more spinning */
-typedef srw_spin_lock log_rwlock_t;
-#define LSN_LOCK_ATTR MY_MUTEX_INIT_FAST
+  /* On ARM, we do more spinning */
+  typedef srw_spin_lock log_rwlock;
+  typedef pthread_mutex_wrapper<true> log_lsn_lock;
 #else
-typedef srw_lock log_rwlock_t;
-#define LSN_LOCK_ATTR nullptr
+  typedef srw_lock log_rwlock;
+  typedef srw_mutex log_lsn_lock;
 #endif
 
 public:
-  /** rw-lock protecting buf */
-  alignas(CPU_LEVEL1_DCACHE_LINESIZE) log_rwlock_t latch;
+  /** rw-lock protecting writes to buf; normal mtr_t::commit()
+  outside any log checkpoint is covered by a shared latch */
+  alignas(CPU_LEVEL1_DCACHE_LINESIZE) log_rwlock latch;
+private:
+  /** mutex protecting buf_free et al, together with latch */
+  log_lsn_lock lsn_lock;
+public:
+  /** first free offset within buf use; protected by lsn_lock */
+  Atomic_relaxed<size_t> buf_free;
+  /** number of write requests (to buf); protected by lsn_lock */
+  size_t write_to_buf;
+  /** number of append_prepare_wait(); protected by lsn_lock */
+  size_t waits;
 private:
   /** Last written LSN */
   lsn_t write_lsn;
@@ -227,20 +229,12 @@ private:
   /** Buffer for writing to resize_log; @see flush_buf */
   byte *resize_flush_buf;
 
-  /** spin lock protecting lsn, buf_free in append_prepare() */
-  alignas(CPU_LEVEL1_DCACHE_LINESIZE) pthread_mutex_t lsn_lock;
-  void init_lsn_lock() { pthread_mutex_init(&lsn_lock, LSN_LOCK_ATTR); }
-  void lock_lsn() { pthread_mutex_lock(&lsn_lock); }
-  void unlock_lsn() { pthread_mutex_unlock(&lsn_lock); }
-  void destroy_lsn_lock() { pthread_mutex_destroy(&lsn_lock); }
+  void init_lsn_lock() {lsn_lock.init(); }
+  void lock_lsn() { lsn_lock.wr_lock(); }
+  void unlock_lsn() {lsn_lock.wr_unlock(); }
+  void destroy_lsn_lock() { lsn_lock.destroy(); }
 
 public:
-  /** first free offset within buf use; protected by lsn_lock */
-  Atomic_relaxed<size_t> buf_free;
-  /** number of write requests (to buf); protected by exclusive lsn_lock */
-  ulint write_to_buf;
-  /** number of waits in append_prepare(); protected by lsn_lock */
-  ulint waits;
   /** recommended maximum size of buf, after which the buffer is flushed */
   size_t max_buf_free;
 
@@ -308,6 +302,9 @@ public:
 
   bool is_opened() const noexcept { return log.is_opened(); }
 
+  /** @return target write LSN to react on buf_free >= max_buf_free */
+  inline lsn_t get_write_target() const;
+
   /** @return LSN at which log resizing was started and is still in progress
       @retval 0 if no log resizing is in progress */
   lsn_t resize_in_progress() const noexcept
@@ -419,13 +416,14 @@ public:
   inline void persist(lsn_t lsn) noexcept;
 #endif
 
-  bool check_flush_or_checkpoint() const
+  bool check_for_checkpoint() const
+  {
+    return UNIV_UNLIKELY(need_checkpoint.load(std::memory_order_relaxed));
+  }
+  void set_check_for_checkpoint(bool need= true)
   {
-    return UNIV_UNLIKELY
-      (check_flush_or_checkpoint_.load(std::memory_order_relaxed));
+    need_checkpoint.store(need, std::memory_order_relaxed);
   }
-  void set_check_flush_or_checkpoint(bool flag= true)
-  { check_flush_or_checkpoint_.store(flag, std::memory_order_relaxed); }
 
   /** Make previous write_buf() durable and update flushed_to_disk_lsn. */
   bool flush(lsn_t lsn) noexcept;
@@ -446,8 +444,9 @@ public:
 
 private:
   /** Wait in append_prepare() for buffer to become available
+  @param lsn  log sequence number to write up to
   @param ex   whether log_sys.latch is exclusively locked */
-  ATTRIBUTE_COLD static void append_prepare_wait(bool ex) noexcept;
+  ATTRIBUTE_COLD void append_prepare_wait(lsn_t lsn, bool ex) noexcept;
 public:
   /** Reserve space in the log buffer for appending data.
   @tparam pmem  log_sys.is_pmem()
diff --git a/storage/innobase/include/log0recv.h b/storage/innobase/include/log0recv.h
index 6d75e15a..a73b7279 100644
--- a/storage/innobase/include/log0recv.h
+++ b/storage/innobase/include/log0recv.h
@@ -44,6 +44,11 @@ ATTRIBUTE_COLD MY_ATTRIBUTE((nonnull, warn_unused_result))
 @return whether the page was recovered correctly */
 bool recv_recover_page(fil_space_t* space, buf_page_t* bpage);
 
+/** Read the latest checkpoint information from log file
+and store it in log_sys.next_checkpoint and recv_sys.file_checkpoint
+@return error code or DB_SUCCESS */
+dberr_t recv_recovery_read_checkpoint();
+
 /** Start recovering from a redo log checkpoint.
 of first system tablespace page
 @return error code or DB_SUCCESS */
@@ -114,7 +119,19 @@ struct recv_dblwr_t
   @param name      tablespace filepath
   @param file      tablespace file handle
   @return whether the operation failed */
-  bool restore_first_page(uint32_t space_id, const char *name, os_file_t file);
+  bool restore_first_page(uint32_t space_id, const char *name,
+                          pfs_os_file_t file);
+
+  /** Restore the first page of the given tablespace from
+  doublewrite buffer.
+  1) Find the page which has page_no as 0
+  2) Read first 3 pages from tablespace file
+  3) Compare the space_ids from the pages with page0 which
+  was retrieved from doublewrite buffer
+  @param name tablespace filepath
+  @param file tablespace file handle
+  @return space_id or 0 in case of error */
+  uint32_t find_first_page(const char *name, pfs_os_file_t file);
 
   typedef std::deque<byte*, ut_allocator<byte*> > list;
 
diff --git a/storage/innobase/include/mtr0mtr.h b/storage/innobase/include/mtr0mtr.h
index 841cfab1..c916edc9 100644
--- a/storage/innobase/include/mtr0mtr.h
+++ b/storage/innobase/include/mtr0mtr.h
@@ -89,8 +89,9 @@ struct mtr_t {
   { auto s= m_memo.size(); rollback_to_savepoint(s - 1, s); }
 
   /** Commit a mini-transaction that is shrinking a tablespace.
-  @param space   tablespace that is being shrunk */
-  ATTRIBUTE_COLD void commit_shrink(fil_space_t &space);
+  @param space   tablespace that is being shrunk
+  @param size    new size in pages */
+  ATTRIBUTE_COLD void commit_shrink(fil_space_t &space, uint32_t size);
 
   /** Commit a mini-transaction that is deleting or renaming a file.
   @param space           tablespace that is being renamed or deleted
@@ -105,7 +106,7 @@ struct mtr_t {
   This is to be used at log_checkpoint().
   @param checkpoint_lsn   the log sequence number of a checkpoint, or 0
   @return current LSN */
-  lsn_t commit_files(lsn_t checkpoint_lsn= 0);
+  ATTRIBUTE_COLD lsn_t commit_files(lsn_t checkpoint_lsn= 0);
 
   /** @return mini-transaction savepoint (current size of m_memo) */
   ulint get_savepoint() const
diff --git a/storage/innobase/include/os0file.h b/storage/innobase/include/os0file.h
index c9db6a1f..c8374515 100644
--- a/storage/innobase/include/os0file.h
+++ b/storage/innobase/include/os0file.h
@@ -142,9 +142,11 @@ static const ulint OS_FILE_NORMAL = 62;
 /* @} */
 
 /** Types for file create @{ */
-static const ulint OS_DATA_FILE = 100;
-static const ulint OS_LOG_FILE = 101;
-static const ulint OS_DATA_FILE_NO_O_DIRECT = 103;
+static constexpr ulint OS_DATA_FILE = 100;
+static constexpr ulint OS_LOG_FILE = 101;
+#if defined _WIN32 || defined HAVE_FCNTL_DIRECT
+static constexpr ulint OS_DATA_FILE_NO_O_DIRECT = 103;
+#endif
 /* @} */
 
 /** Error codes from os_file_get_last_error @{ */
@@ -373,7 +375,7 @@ os_file_create_simple_no_error_handling_func(
 	bool*		success)
 	MY_ATTRIBUTE((warn_unused_result));
 
-#ifdef  _WIN32
+#ifndef HAVE_FCNTL_DIRECT
 #define os_file_set_nocache(fd, file_name, operation_name) do{}while(0)
 #else
 /** Tries to disable OS caching on an opened file descriptor.
diff --git a/storage/innobase/include/srv0srv.h b/storage/innobase/include/srv0srv.h
index db846795..457d9ab5 100644
--- a/storage/innobase/include/srv0srv.h
+++ b/storage/innobase/include/srv0srv.h
@@ -210,14 +210,11 @@ extern unsigned long long	srv_max_undo_log_size;
 extern uint	srv_n_fil_crypt_threads;
 extern uint	srv_n_fil_crypt_threads_started;
 
-/** Rate at which UNDO records should be purged. */
-extern ulong	srv_purge_rseg_truncate_frequency;
-
 /** Enable or Disable Truncate of UNDO tablespace. */
 extern my_bool	srv_undo_log_truncate;
 
 /** Default size of UNDO tablespace (10MiB for innodb_page_size=16k) */
-constexpr ulint SRV_UNDO_TABLESPACE_SIZE_IN_PAGES= (10U << 20) /
+constexpr uint32_t SRV_UNDO_TABLESPACE_SIZE_IN_PAGES= (10U << 20) /
   UNIV_PAGE_SIZE_DEF;
 
 extern char*	srv_log_group_home_dir;
diff --git a/storage/innobase/include/srw_lock.h b/storage/innobase/include/srw_lock.h
index 1dca0cc1..01067322 100644
--- a/storage/innobase/include/srw_lock.h
+++ b/storage/innobase/include/srw_lock.h
@@ -34,7 +34,6 @@ this program; if not, write to the Free Software Foundation, Inc.,
 # define SUX_LOCK_GENERIC /* Use dummy implementation for debugging purposes */
 #endif
 
-#ifdef SUX_LOCK_GENERIC
 /** An exclusive-only variant of srw_lock */
 template<bool spinloop>
 class pthread_mutex_wrapper final
@@ -70,7 +69,6 @@ template<>
 inline void pthread_mutex_wrapper<true>::wr_lock()
 { if (!wr_lock_try()) wr_wait(); }
 # endif
-#endif
 
 /** Futex-based mutex */
 template<bool spinloop>
@@ -541,7 +539,7 @@ public:
   /** @return whether any lock may be held by any thread */
   bool is_locked_or_waiting() const noexcept
   { return lock.is_locked_or_waiting(); }
-  /** @return whether an exclusive lock may be held by any thread */
+  /** @return whether a shared or exclusive lock may be held by any thread */
   bool is_locked() const noexcept { return lock.is_locked(); }
   /** @return whether an exclusive lock may be held by any thread */
   bool is_write_locked() const noexcept { return lock.is_write_locked(); }
diff --git a/storage/innobase/include/trx0purge.h b/storage/innobase/include/trx0purge.h
index 3ddd2e98..0f4f8afa 100644
--- a/storage/innobase/include/trx0purge.h
+++ b/storage/innobase/include/trx0purge.h
@@ -140,6 +140,15 @@ private:
   bool m_initialized{false};
   /** whether purge is enabled; protected by latch and std::atomic */
   std::atomic<bool> m_enabled{false};
+  /** The primary candidate for iterator::free_history() is
+  rseg=trx_sys.rseg_array[skipped_rseg]. This field may be changed
+  after invoking rseg.set_skip_allocation() and rseg.clear_skip_allocation()
+  and while holding the exclusive rseg.latch.
+
+  This may only be 0 if innodb_undo_tablespaces=0, because rollback segment
+  0 always resides in the system tablespace and would never be used when
+  dedicated undo tablespaces are in use. */
+  Atomic_relaxed<uint8_t> skipped_rseg;
 public:
   /** whether purge is active (may hold table handles) */
   std::atomic<bool> m_active{false};
@@ -197,6 +206,11 @@ public:
 			return undo_no <= other.undo_no;
 		}
 
+		/** Remove unnecessary history data from a rollback segment.
+		@param rseg   rollback segment
+		@return error code */
+		inline dberr_t free_history_rseg(trx_rseg_t &rseg) const;
+
 		/** Free the undo pages up to this. */
 		dberr_t free_history() const;
 
@@ -240,14 +254,15 @@ public:
 					by the pq_mutex */
 	mysql_mutex_t	pq_mutex;	/*!< Mutex protecting purge_queue */
 
-	/** Undo tablespace file truncation (only accessed by the
-	srv_purge_coordinator_thread) */
-	struct {
-		/** The undo tablespace that is currently being truncated */
-		fil_space_t*	current;
-		/** The undo tablespace that was last truncated */
-		fil_space_t*	last;
-	} truncate;
+  /** innodb_undo_log_truncate=ON state;
+  only modified by purge_coordinator_callback() */
+  struct {
+    /** The undo tablespace that is currently being truncated */
+    Atomic_relaxed<fil_space_t*> current;
+    /** The number of the undo tablespace that was last truncated,
+    relative from srv_undo_space_id_start */
+    uint32_t last;
+  } truncate_undo_space;
 
   /** Create the instance */
   void create();
@@ -357,6 +372,26 @@ public:
     typically via purge_sys_t::view_guard. */
     return view.sees(id);
   }
+
+private:
+  /** Enable the use of a rollback segment and advance skipped_rseg,
+  after iterator::free_history_rseg() had invoked
+  rseg.set_skip_allocation(). */
+  inline void rseg_enable(trx_rseg_t &rseg);
+
+  /** Try to start truncating a tablespace.
+  @param id        undo tablespace identifier
+  @param size      the maximum desired undo tablespace size, in pages
+  @return undo tablespace whose truncation was started
+  @retval nullptr  if truncation is not currently possible */
+  inline fil_space_t *undo_truncate_try(uint32_t id, uint32_t size);
+public:
+  /** Check if innodb_undo_log_truncate=ON needs to be handled.
+  This is only to be called by purge_coordinator_callback().
+  @return undo tablespace chosen by innodb_undo_log_truncate=ON
+  @retval nullptr if truncation is not currently possible */
+  fil_space_t *truncating_tablespace();
+
   /** A wrapper around trx_sys_t::clone_oldest_view(). */
   template<bool also_end_view= false>
   void clone_oldest_view()
diff --git a/storage/innobase/include/trx0rseg.h b/storage/innobase/include/trx0rseg.h
index 43e0c290..7fa43047 100644
--- a/storage/innobase/include/trx0rseg.h
+++ b/storage/innobase/include/trx0rseg.h
@@ -73,14 +73,15 @@ private:
   /** Reference counter to track is_persistent() transactions,
   with SKIP flag. */
   std::atomic<uint32_t> ref;
-
+public:
   /** Whether undo tablespace truncation is pending */
   static constexpr uint32_t SKIP= 1;
   /** Transaction reference count multiplier */
   static constexpr uint32_t REF= 2;
 
+  /** @return the reference count and flags */
   uint32_t ref_load() const { return ref.load(std::memory_order_relaxed); }
-
+private:
   /** Set the SKIP bit */
   void ref_set_skip()
   {
diff --git a/storage/innobase/include/trx0sys.h b/storage/innobase/include/trx0sys.h
index 5dd0169f..3fa41fdf 100644
--- a/storage/innobase/include/trx0sys.h
+++ b/storage/innobase/include/trx0sys.h
@@ -902,8 +902,8 @@ public:
   uint64_t recovered_binlog_offset;
   /** Latest recovered binlog file name */
   char recovered_binlog_filename[TRX_SYS_MYSQL_LOG_NAME_LEN];
-  /** FIL_PAGE_LSN of the page with the latest recovered binlog metadata */
-  lsn_t recovered_binlog_lsn;
+  /** Set when latest position is from pre-version 10.3.5 TRX_SYS. */
+  bool recovered_binlog_is_legacy_pos;
 
 
   /**
@@ -1191,6 +1191,11 @@ public:
     return count;
   }
 
+  /** Disable further allocation of transactions in a rollback segment
+  that are subject to innodb_undo_log_truncate=ON
+  @param space   undo tablespace that will be truncated */
+  inline void undo_truncate_start(fil_space_t &space);
+
   /** Set the undo log empty value */
   void set_undo_non_empty(bool val)
   {
diff --git a/storage/innobase/include/trx0trx.h b/storage/innobase/include/trx0trx.h
index 3cfbe331..0a3e0d62 100644
--- a/storage/innobase/include/trx0trx.h
+++ b/storage/innobase/include/trx0trx.h
@@ -1108,6 +1108,7 @@ public:
   {
     ut_ad(state == TRX_STATE_NOT_STARTED);
     ut_ad(!id);
+    ut_ad(!*detailed_error);
     ut_ad(!mutex_is_owner());
     ut_ad(!has_logged());
     ut_ad(!is_referenced());
diff --git a/storage/innobase/log/log0log.cc b/storage/innobase/log/log0log.cc
index 91999c81..9f39b303 100644
--- a/storage/innobase/log/log0log.cc
+++ b/storage/innobase/log/log0log.cc
@@ -100,6 +100,7 @@ bool log_t::create()
   /* LSN 0 and 1 are reserved; @see buf_page_t::oldest_modification_ */
   lsn.store(FIRST_LSN, std::memory_order_relaxed);
   flushed_to_disk_lsn.store(FIRST_LSN, std::memory_order_relaxed);
+  need_checkpoint.store(true, std::memory_order_relaxed);
   write_lsn= FIRST_LSN;
 
 #ifndef HAVE_PMEM
@@ -124,18 +125,17 @@ bool log_t::create()
   TRASH_ALLOC(flush_buf, buf_size);
   checkpoint_buf= static_cast<byte*>(aligned_malloc(4096, 4096));
   memset_aligned<4096>(checkpoint_buf, 0, 4096);
+  max_buf_free= buf_size / LOG_BUF_FLUSH_RATIO - LOG_BUF_FLUSH_MARGIN;
 #else
   ut_ad(!checkpoint_buf);
   ut_ad(!buf);
   ut_ad(!flush_buf);
+  max_buf_free= 1;
 #endif
 
   latch.SRW_LOCK_INIT(log_latch_key);
   init_lsn_lock();
 
-  max_buf_free= buf_size / LOG_BUF_FLUSH_RATIO - LOG_BUF_FLUSH_MARGIN;
-  set_check_flush_or_checkpoint();
-
   last_checkpoint_lsn= FIRST_LSN;
   log_capacity= 0;
   max_modified_age_async= 0;
@@ -236,6 +236,7 @@ void log_t::attach_low(log_file_t file, os_offset_t size)
       log.close();
       mprotect(ptr, size_t(size), PROT_READ);
       buf= static_cast<byte*>(ptr);
+      max_buf_free= size;
 # if defined __linux__ || defined _WIN32
       set_block_size(CPU_LEVEL1_DCACHE_LINESIZE);
 # endif
@@ -264,6 +265,7 @@ void log_t::attach_low(log_file_t file, os_offset_t size)
 
   TRASH_ALLOC(buf, buf_size);
   TRASH_ALLOC(flush_buf, buf_size);
+  max_buf_free= buf_size / LOG_BUF_FLUSH_RATIO - LOG_BUF_FLUSH_MARGIN;
 #endif
 
 #if defined __linux__ || defined _WIN32
@@ -813,8 +815,8 @@ template<bool release_latch> inline lsn_t log_t::write_buf() noexcept
 #ifndef SUX_LOCK_GENERIC
   ut_ad(latch.is_write_locked());
 #endif
-  ut_ad(!srv_read_only_mode);
   ut_ad(!is_pmem());
+  ut_ad(!srv_read_only_mode);
 
   const lsn_t lsn{get_lsn(std::memory_order_relaxed)};
 
@@ -849,7 +851,7 @@ template<bool release_latch> inline lsn_t log_t::write_buf() noexcept
       ... /* TODO: Update the LSN and adjust other code. */
 #else
       /* The rest of the block will be written as garbage.
-      (We want to avoid memset() while holding mutex.)
+      (We want to avoid memset() while holding exclusive log_sys.latch)
       This block will be overwritten later, once records beyond
       the current LSN are generated. */
 # ifdef HAVE_valgrind
@@ -886,6 +888,7 @@ template<bool release_latch> inline lsn_t log_t::write_buf() noexcept
     write_lsn= lsn;
   }
 
+  set_check_for_checkpoint(false);
   return lsn;
 }
 
@@ -927,8 +930,9 @@ wait and check if an already running write is covering the request.
 void log_write_up_to(lsn_t lsn, bool durable,
                      const completion_callback *callback)
 {
-  ut_ad(!srv_read_only_mode);
+  ut_ad(!srv_read_only_mode || (log_sys.buf_free < log_sys.max_buf_free));
   ut_ad(lsn != LSN_MAX);
+  ut_ad(lsn != 0);
 
   if (UNIV_UNLIKELY(recv_no_ibuf_operations))
   {
@@ -985,7 +989,6 @@ repeat:
 @param durable  whether to wait for a durable write to complete */
 void log_buffer_flush_to_disk(bool durable)
 {
-  ut_ad(!srv_read_only_mode);
   log_write_up_to(log_sys.get_lsn(std::memory_order_acquire), durable);
 }
 
@@ -1017,16 +1020,6 @@ ATTRIBUTE_COLD void log_write_and_flush()
 #endif
 }
 
-/********************************************************************
-
-Tries to establish a big enough margin of free space in the log buffer, such
-that a new log entry can be catenated without an immediate need for a flush. */
-ATTRIBUTE_COLD static void log_flush_margin()
-{
-  if (log_sys.buf_free > log_sys.max_buf_free)
-    log_buffer_flush_to_disk(false);
-}
-
 /****************************************************************//**
 Tries to establish a big enough margin of free space in the log, such
 that a new log entry can be catenated without an immediate need for a
@@ -1034,12 +1027,12 @@ checkpoint. NOTE: this function may only be called if the calling thread
 owns no synchronization objects! */
 ATTRIBUTE_COLD static void log_checkpoint_margin()
 {
-  while (log_sys.check_flush_or_checkpoint())
+  while (log_sys.check_for_checkpoint())
   {
     log_sys.latch.rd_lock(SRW_LOCK_CALL);
     ut_ad(!recv_no_log_write);
 
-    if (!log_sys.check_flush_or_checkpoint())
+    if (!log_sys.check_for_checkpoint())
     {
 func_exit:
       log_sys.latch.rd_unlock();
@@ -1055,7 +1048,7 @@ func_exit:
 #ifndef DBUG_OFF
     skip_checkpoint:
 #endif
-      log_sys.set_check_flush_or_checkpoint(false);
+      log_sys.set_check_for_checkpoint(false);
       goto func_exit;
     }
 
@@ -1069,30 +1062,17 @@ func_exit:
   }
 }
 
-/**
-Checks that there is enough free space in the log to start a new query step.
-Flushes the log buffer or makes a new checkpoint if necessary. NOTE: this
-function may only be called if the calling thread owns no synchronization
-objects! */
-ATTRIBUTE_COLD void log_check_margins()
-{
-  do
-  {
-    log_flush_margin();
-    log_checkpoint_margin();
-    ut_ad(!recv_no_log_write);
-  }
-  while (log_sys.check_flush_or_checkpoint());
-}
-
 /** Wait for a log checkpoint if needed.
 NOTE that this function may only be called while not holding
 any synchronization objects except dict_sys.latch. */
 void log_free_check()
 {
   ut_ad(!lock_sys.is_writer());
-  if (log_sys.check_flush_or_checkpoint())
-    log_check_margins();
+  if (log_sys.check_for_checkpoint())
+  {
+    ut_ad(!recv_no_log_write);
+    log_checkpoint_margin();
+  }
 }
 
 extern void buf_resize_shutdown();
diff --git a/storage/innobase/log/log0recv.cc b/storage/innobase/log/log0recv.cc
index 3c3fe41e..e72f842f 100644
--- a/storage/innobase/log/log0recv.cc
+++ b/storage/innobase/log/log0recv.cc
@@ -833,7 +833,22 @@ processed:
           filename= tbl_name + 1;
       }
     }
-    space->add(filename, OS_FILE_CLOSED, size, false, false);
+    pfs_os_file_t handle= OS_FILE_CLOSED;
+    if (srv_operation == SRV_OPERATION_RESTORE)
+    {
+      /* During mariadb-backup --backup, a table could be renamed,
+      created and dropped, and we may be missing the file at this
+      point of --prepare. Try to create the file if it does not exist
+      already. If the file exists, we'll pass handle=OS_FILE_CLOSED
+      and the file will be opened normally in fil_space_t::acquire()
+      inside recv_sys_t::recover_deferred(). */
+      bool success;
+      handle= os_file_create(innodb_data_file_key, filename,
+                             OS_FILE_CREATE | OS_FILE_ON_ERROR_NO_EXIT |
+                             OS_FILE_ON_ERROR_SILENT,
+                             OS_FILE_AIO, OS_DATA_FILE, false, &success);
+    }
+    space->add(filename, handle, size, false, false);
     space->recv_size= it->second.size;
     space->size_in_header= size;
     return space;
@@ -1238,7 +1253,8 @@ static void fil_name_process(const char *name, ulint len, uint32_t space_id,
 
 	file_name_t&	f = p.first->second;
 
-	if (auto d = deferred_spaces.find(space_id)) {
+	auto d = deferred_spaces.find(space_id);
+	if (d) {
 		if (deleted) {
 			d->deleted = true;
 			goto got_deleted;
@@ -1311,7 +1327,16 @@ same_space:
 			FILE_* record. */
 			ut_ad(space == NULL);
 
-			if (srv_force_recovery) {
+			if (srv_operation == SRV_OPERATION_RESTORE && d
+			    && ftype == FILE_RENAME) {
+rename:
+				d->file_name = fname.name;
+				f.name = fname.name;
+				break;
+			}
+
+			if (srv_force_recovery
+			    || srv_operation == SRV_OPERATION_RESTORE) {
 				/* Without innodb_force_recovery,
 				missing tablespaces will only be
 				reported in
@@ -1330,7 +1355,11 @@ same_space:
 			break;
 
 		case FIL_LOAD_DEFER:
-			/** Skip the deferred spaces
+			if (d && ftype == FILE_RENAME
+			    && srv_operation == SRV_OPERATION_RESTORE) {
+				goto rename;
+			}
+			/* Skip the deferred spaces
 			when lsn is already processed */
 			if (!if_exists) {
 				deferred_spaces.add(
@@ -1735,20 +1764,6 @@ dberr_t recv_sys_t::find_checkpoint()
     {
       if (wrong_size)
         return DB_CORRUPTION;
-      if (log_sys.next_checkpoint_lsn < 8204)
-      {
-        /* Before MDEV-14425, InnoDB had a minimum LSN of 8192+12=8204.
-        Likewise, mariadb-backup --prepare would create an empty
-        ib_logfile0 after applying the log. We will allow an upgrade
-        from such an empty log.
-
-        If a user replaces the redo log with an empty file and the
-        FIL_PAGE_FILE_FLUSH_LSN field was zero in the system
-        tablespace (see SysTablespace::read_lsn_and_check_flags()) we
-        must refuse to start up. */
-        sql_print_error("InnoDB: ib_logfile0 is empty, and LSN is unknown.");
-        return DB_CORRUPTION;
-      }
       lsn= log_sys.next_checkpoint_lsn;
       log_sys.format= log_t::FORMAT_3_23;
       goto upgrade;
@@ -2409,7 +2424,7 @@ struct recv_ring : public recv_buf
   {
     const size_t s(*this - start);
     ut_ad(s + len <= srv_page_size);
-    if (!log_sys.is_encrypted())
+    if (!len || !log_sys.is_encrypted())
     {
       if (start.ptr + s == ptr && ptr + len <= end())
         return ptr;
@@ -3205,7 +3220,7 @@ static buf_block_t *recv_recover_page(buf_block_t *block, mtr_t &mtr,
 			skipped_after_init = false;
 			ut_ad(end_lsn == page_lsn);
 			if (end_lsn != page_lsn) {
-				sql_print_warning(
+				sql_print_information(
 					"InnoDB: The last skipped log record"
 					" LSN " LSN_PF
 					" is not equal to page LSN " LSN_PF,
@@ -4012,7 +4027,6 @@ static bool recv_scan_log(bool last_phase)
   const size_t block_size_1{log_sys.get_block_size() - 1};
 
   mysql_mutex_lock(&recv_sys.mutex);
-  ut_d(recv_sys.after_apply= last_phase);
   if (!last_phase)
     recv_sys.clear();
   else
@@ -4221,6 +4235,7 @@ static bool recv_scan_log(bool last_phase)
     recv_sys.lsn= rewound_lsn;
   }
 func_exit:
+  ut_d(recv_sys.after_apply= last_phase);
   mysql_mutex_unlock(&recv_sys.mutex);
   DBUG_RETURN(!store);
 }
@@ -4507,12 +4522,36 @@ done:
   return err;
 }
 
+dberr_t recv_recovery_read_checkpoint()
+{
+  ut_ad(srv_operation <= SRV_OPERATION_EXPORT_RESTORED ||
+        srv_operation == SRV_OPERATION_RESTORE ||
+        srv_operation == SRV_OPERATION_RESTORE_EXPORT);
+  ut_d(mysql_mutex_lock(&buf_pool.mutex));
+  ut_ad(UT_LIST_GET_LEN(buf_pool.LRU) == 0);
+  ut_ad(UT_LIST_GET_LEN(buf_pool.unzip_LRU) == 0);
+  ut_d(mysql_mutex_unlock(&buf_pool.mutex));
+
+  if (srv_force_recovery >= SRV_FORCE_NO_LOG_REDO)
+  {
+    sql_print_information("InnoDB: innodb_force_recovery=6"
+                          " skips redo log apply");
+    return DB_SUCCESS;
+  }
+
+  log_sys.latch.wr_lock(SRW_LOCK_CALL);
+  dberr_t err= recv_sys.find_checkpoint();
+  log_sys.latch.wr_unlock();
+  return err;
+}
+
 /** Start recovering from a redo log checkpoint.
 of first system tablespace page
 @return error code or DB_SUCCESS */
 dberr_t recv_recovery_from_checkpoint_start()
 {
-	bool		rescan = false;
+	bool rescan = false;
+	dberr_t err = DB_SUCCESS;
 
 	ut_ad(srv_operation <= SRV_OPERATION_EXPORT_RESTORED
 	      || srv_operation == SRV_OPERATION_RESTORE
@@ -4525,20 +4564,12 @@ dberr_t recv_recovery_from_checkpoint_start()
 	if (srv_force_recovery >= SRV_FORCE_NO_LOG_REDO) {
 		sql_print_information("InnoDB: innodb_force_recovery=6"
 				      " skips redo log apply");
-		return(DB_SUCCESS);
+		return err;
 	}
 
 	recv_sys.recovery_on = true;
 
 	log_sys.latch.wr_lock(SRW_LOCK_CALL);
-
-	dberr_t err = recv_sys.find_checkpoint();
-        if (err != DB_SUCCESS) {
-early_exit:
-		log_sys.latch.wr_unlock();
-		return err;
-	}
-
 	log_sys.set_capacity();
 
 	/* Start reading the log from the checkpoint lsn. The variable
@@ -4548,7 +4579,9 @@ early_exit:
 	ut_ad(recv_sys.pages.empty());
 
 	if (log_sys.format == log_t::FORMAT_3_23) {
-		goto early_exit;
+early_exit:
+		log_sys.latch.wr_unlock();
+		return err;
 	}
 
 	if (log_sys.is_latest()) {
@@ -4843,7 +4876,7 @@ byte *recv_dblwr_t::find_page(const page_id_t page_id,
 }
 
 bool recv_dblwr_t::restore_first_page(uint32_t space_id, const char *name,
-                                      os_file_t file)
+                                      pfs_os_file_t file)
 {
   const page_id_t page_id(space_id, 0);
   const byte* page= find_page(page_id);
@@ -4851,10 +4884,10 @@ bool recv_dblwr_t::restore_first_page(uint32_t space_id, const char *name,
   {
     /* If the first page of the given user tablespace is not there
     in the doublewrite buffer, then the recovery is going to fail
-    now. Hence this is treated as error. */
-    ib::error()
-            << "Corrupted page " << page_id << " of datafile '"
-            << name <<"' could not be found in the doublewrite buffer.";
+    now. Report error only when doublewrite buffer is not empty */
+    if (pages.size())
+      ib::error() << "Corrupted page " << page_id << " of datafile '"
+                  << name << "' could not be found in the doublewrite buffer.";
     return true;
   }
 
@@ -4868,3 +4901,58 @@ bool recv_dblwr_t::restore_first_page(uint32_t space_id, const char *name,
            IORequestWrite, name, file, page, 0, physical_size) !=
          DB_SUCCESS;
 }
+
+uint32_t recv_dblwr_t::find_first_page(const char *name, pfs_os_file_t file)
+{
+  os_offset_t file_size= os_file_get_size(file);
+  if (file_size != (os_offset_t) -1)
+  {
+    for (const page_t *page : pages)
+    {
+      uint32_t space_id= page_get_space_id(page);
+      byte *read_page= nullptr;
+      if (page_get_page_no(page) > 0 || space_id == 0)
+      {
+next_page:
+        aligned_free(read_page);
+        continue;
+      }
+      uint32_t flags= mach_read_from_4(
+        FSP_HEADER_OFFSET + FSP_SPACE_FLAGS + page);
+      page_id_t page_id(space_id, 0);
+      size_t page_size= fil_space_t::physical_size(flags);
+      if (file_size < 4 * page_size)
+        goto next_page;
+      read_page=
+        static_cast<byte*>(aligned_malloc(3 * page_size, page_size));
+      /* Read 3 pages from the file and match the space id
+      with the space id which is stored in
+      doublewrite buffer page. */
+      if (os_file_read(IORequestRead, file, read_page, page_size,
+                       3 * page_size, nullptr) != DB_SUCCESS)
+        goto next_page;
+      for (ulint j= 0; j <= 2; j++)
+      {
+        byte *cur_page= read_page + j * page_size;
+        if (buf_is_zeroes(span<const byte>(cur_page, page_size)))
+        {
+          space_id= 0;
+          goto early_exit;
+        }
+        if (mach_read_from_4(cur_page + FIL_PAGE_OFFSET) != j + 1 ||
+            memcmp(cur_page + FIL_PAGE_SPACE_ID,
+                   page + FIL_PAGE_SPACE_ID, 4) ||
+            buf_page_is_corrupted(false, cur_page, flags))
+          goto next_page;
+      }
+      if (!restore_first_page(space_id, name, file))
+      {
+early_exit:
+        aligned_free(read_page);
+        return space_id;
+      }
+      break;
+    }
+  }
+  return 0;
+}
diff --git a/storage/innobase/mtr/mtr0mtr.cc b/storage/innobase/mtr/mtr0mtr.cc
index 1834a164..01641f74 100644
--- a/storage/innobase/mtr/mtr0mtr.cc
+++ b/storage/innobase/mtr/mtr0mtr.cc
@@ -308,6 +308,22 @@ void mtr_t::release()
   m_memo.clear();
 }
 
+inline lsn_t log_t::get_write_target() const
+{
+#ifndef SUX_LOCK_GENERIC
+  ut_ad(latch.is_locked());
+#endif
+  if (UNIV_LIKELY(buf_free < max_buf_free))
+    return 0;
+  ut_ad(!is_pmem());
+  /* The LSN corresponding to the end of buf is
+  write_lsn - (first_lsn & 4095) + buf_free,
+  but we use simpler arithmetics to return a smaller write target in
+  order to minimize waiting in log_write_up_to(). */
+  ut_ad(max_buf_free >= 4096 * 4);
+  return write_lsn + max_buf_free / 2;
+}
+
 /** Commit a mini-transaction. */
 void mtr_t::commit()
 {
@@ -331,6 +347,7 @@ void mtr_t::commit()
     std::pair<lsn_t,page_flush_ahead> lsns{do_write()};
     process_freed_pages();
     size_t modified= 0;
+    const lsn_t write_lsn= log_sys.get_write_target();
 
     if (m_made_dirty)
     {
@@ -408,7 +425,8 @@ void mtr_t::commit()
           break;
         default:
           buf_page_t *bpage= static_cast<buf_page_t*>(slot.object);
-          const auto s= bpage->unfix();
+          ut_d(const auto s=)
+            bpage->unfix();
           if (slot.type & MTR_MEMO_MODIFY)
           {
             ut_ad(slot.type == MTR_MEMO_PAGE_X_MODIFY ||
@@ -420,13 +438,10 @@ void mtr_t::commit()
             ut_ad(s < buf_page_t::READ_FIX);
             ut_ad(mach_read_from_8(bpage->frame + FIL_PAGE_LSN) <=
                   m_commit_lsn);
-            if (s >= buf_page_t::UNFIXED)
-            {
-              mach_write_to_8(bpage->frame + FIL_PAGE_LSN, m_commit_lsn);
-              if (UNIV_LIKELY_NULL(bpage->zip.data))
-                memcpy_aligned<8>(FIL_PAGE_LSN + bpage->zip.data,
-                                  FIL_PAGE_LSN + bpage->frame, 8);
-            }
+            mach_write_to_8(bpage->frame + FIL_PAGE_LSN, m_commit_lsn);
+            if (UNIV_LIKELY_NULL(bpage->zip.data))
+              memcpy_aligned<8>(FIL_PAGE_LSN + bpage->zip.data,
+                                FIL_PAGE_LSN + bpage->frame, 8);
             modified++;
           }
           switch (auto latch= slot.type & ~MTR_MEMO_MODIFY) {
@@ -451,6 +466,9 @@ void mtr_t::commit()
 
     if (UNIV_UNLIKELY(lsns.second != PAGE_FLUSH_NO))
       buf_flush_ahead(m_commit_lsn, lsns.second == PAGE_FLUSH_SYNC);
+
+    if (UNIV_UNLIKELY(write_lsn != 0))
+      log_write_up_to(write_lsn, false);
   }
   else
   {
@@ -492,9 +510,20 @@ void mtr_t::rollback_to_savepoint(ulint begin, ulint end)
   m_memo.erase(m_memo.begin() + begin, m_memo.begin() + end);
 }
 
+/** Set create_lsn. */
+inline void fil_space_t::set_create_lsn(lsn_t lsn)
+{
+#ifndef SUX_LOCK_GENERIC
+  /* Concurrent log_checkpoint_low() must be impossible. */
+  ut_ad(latch.is_write_locked());
+#endif
+  create_lsn= lsn;
+}
+
 /** Commit a mini-transaction that is shrinking a tablespace.
-@param space   tablespace that is being shrunk */
-void mtr_t::commit_shrink(fil_space_t &space)
+@param space   tablespace that is being shrunk
+@param size    new size in pages */
+void mtr_t::commit_shrink(fil_space_t &space, uint32_t size)
 {
   ut_ad(is_active());
   ut_ad(!is_inside_ibuf());
@@ -514,6 +543,15 @@ void mtr_t::commit_shrink(fil_space_t &space)
   const lsn_t start_lsn= do_write().first;
   ut_d(m_log.erase());
 
+  fil_node_t *file= UT_LIST_GET_LAST(space.chain);
+  mysql_mutex_lock(&fil_system.mutex);
+  ut_ad(file->is_open());
+  space.size= file->size= size;
+  space.set_create_lsn(m_commit_lsn);
+  mysql_mutex_unlock(&fil_system.mutex);
+
+  space.clear_freed_ranges();
+
   /* Durably write the reduced FSP_SIZE before truncating the data file. */
   log_write_and_flush();
 #ifndef SUX_LOCK_GENERIC
@@ -521,11 +559,11 @@ void mtr_t::commit_shrink(fil_space_t &space)
 #endif
 
   os_file_truncate(space.chain.start->name, space.chain.start->handle,
-                   os_offset_t{space.size} << srv_page_size_shift, true);
+                   os_offset_t{size} << srv_page_size_shift, true);
 
   space.clear_freed_ranges();
 
-  const page_id_t high{space.id, space.size};
+  const page_id_t high{space.id, size};
   size_t modified= 0;
   auto it= m_memo.rbegin();
   mysql_mutex_lock(&buf_pool.flush_list_mutex);
@@ -586,13 +624,6 @@ void mtr_t::commit_shrink(fil_space_t &space)
   log_sys.latch.wr_unlock();
   m_latch_ex= false;
 
-  mysql_mutex_lock(&fil_system.mutex);
-  ut_ad(space.is_being_truncated);
-  ut_ad(space.is_stopping_writes());
-  space.clear_stopping();
-  space.is_being_truncated= false;
-  mysql_mutex_unlock(&fil_system.mutex);
-
   release();
   release_resources();
 }
@@ -680,7 +711,7 @@ The caller must hold exclusive log_sys.latch.
 This is to be used at log_checkpoint().
 @param checkpoint_lsn   the log sequence number of a checkpoint, or 0
 @return current LSN */
-lsn_t mtr_t::commit_files(lsn_t checkpoint_lsn)
+ATTRIBUTE_COLD lsn_t mtr_t::commit_files(lsn_t checkpoint_lsn)
 {
 #ifndef SUX_LOCK_GENERIC
   ut_ad(log_sys.latch.is_write_locked());
@@ -840,26 +871,26 @@ ATTRIBUTE_COLD static void log_overwrite_warning(lsn_t lsn)
 }
 
 /** Wait in append_prepare() for buffer to become available
+@param lsn  log sequence number to write up to
 @param ex   whether log_sys.latch is exclusively locked */
-ATTRIBUTE_COLD void log_t::append_prepare_wait(bool ex) noexcept
+ATTRIBUTE_COLD void log_t::append_prepare_wait(lsn_t lsn, bool ex) noexcept
 {
-  log_sys.waits++;
-  log_sys.unlock_lsn();
+  waits++;
+  unlock_lsn();
 
   if (ex)
-    log_sys.latch.wr_unlock();
+    latch.wr_unlock();
   else
-    log_sys.latch.rd_unlock();
+    latch.rd_unlock();
 
-  DEBUG_SYNC_C("log_buf_size_exceeded");
-  log_buffer_flush_to_disk(log_sys.is_pmem());
+  log_write_up_to(lsn, is_pmem());
 
   if (ex)
-    log_sys.latch.wr_lock(SRW_LOCK_CALL);
+    latch.wr_lock(SRW_LOCK_CALL);
   else
-    log_sys.latch.rd_lock(SRW_LOCK_CALL);
+    latch.rd_lock(SRW_LOCK_CALL);
 
-  log_sys.lock_lsn();
+  lock_lsn();
 }
 
 /** Reserve space in the log buffer for appending data.
@@ -878,34 +909,30 @@ std::pair<lsn_t,byte*> log_t::append_prepare(size_t size, bool ex) noexcept
 # endif
 #endif
   ut_ad(pmem == is_pmem());
-  const lsn_t checkpoint_margin{last_checkpoint_lsn + log_capacity - size};
-  const size_t avail{(pmem ? size_t(capacity()) : buf_size) - size};
   lock_lsn();
   write_to_buf++;
 
-  for (ut_d(int count= 50);
-       UNIV_UNLIKELY((pmem
-                      ? size_t(get_lsn() -
-                               get_flushed_lsn(std::memory_order_relaxed))
-                      : size_t{buf_free}) > avail); )
+  const lsn_t l{lsn.load(std::memory_order_relaxed)}, end_lsn{l + size};
+  size_t b{buf_free};
+
+  if (UNIV_UNLIKELY(pmem
+                    ? (end_lsn -
+                       get_flushed_lsn(std::memory_order_relaxed)) > capacity()
+                    : b + size >= buf_size))
   {
-    append_prepare_wait(ex);
-    ut_ad(count--);
+    append_prepare_wait(l, ex);
+    b= buf_free;
   }
 
-  const lsn_t l{lsn.load(std::memory_order_relaxed)};
-  lsn.store(l + size, std::memory_order_relaxed);
-  const size_t b{buf_free};
-  size_t new_buf_free{b};
-  new_buf_free+= size;
+  lsn.store(end_lsn, std::memory_order_relaxed);
+  size_t new_buf_free= b + size;
   if (pmem && new_buf_free >= file_size)
     new_buf_free-= size_t(capacity());
   buf_free= new_buf_free;
   unlock_lsn();
 
-  if (UNIV_UNLIKELY(l > checkpoint_margin) ||
-      (!pmem && b >= max_buf_free))
-    set_check_flush_or_checkpoint();
+  if (UNIV_UNLIKELY(end_lsn >= last_checkpoint_lsn + log_capacity))
+    set_check_for_checkpoint();
 
   return {l, &buf[b]};
 }
@@ -930,7 +957,7 @@ static mtr_t::page_flush_ahead log_close(lsn_t lsn) noexcept
   else if (UNIV_LIKELY(checkpoint_age <= log_sys.max_checkpoint_age))
     return mtr_t::PAGE_FLUSH_ASYNC;
 
-  log_sys.set_check_flush_or_checkpoint();
+  log_sys.set_check_for_checkpoint();
   return mtr_t::PAGE_FLUSH_SYNC;
 }
 
@@ -989,10 +1016,9 @@ std::pair<lsn_t,mtr_t::page_flush_ahead> mtr_t::do_write()
 #ifndef DBUG_OFF
   do
   {
-    if (m_log_mode != MTR_LOG_ALL)
+    if (m_log_mode != MTR_LOG_ALL ||
+        _db_keyword_(nullptr, "skip_page_checksum", 1))
       continue;
-    DBUG_EXECUTE_IF("skip_page_checksum", continue;);
-
     for (const mtr_memo_slot_t& slot : m_memo)
       if (slot.type & MTR_MEMO_MODIFY)
       {
@@ -1150,9 +1176,6 @@ inline void log_t::resize_write(lsn_t lsn, const byte *end, size_t len,
   }
 }
 
-/** Write the mini-transaction log to the redo log buffer.
-@param len   number of bytes to write
-@return {start_lsn,flush_ahead} */
 std::pair<lsn_t,mtr_t::page_flush_ahead>
 mtr_t::finish_write(size_t len)
 {
diff --git a/storage/innobase/os/os0file.cc b/storage/innobase/os/os0file.cc
index 5e674806..31bec346 100644
--- a/storage/innobase/os/os0file.cc
+++ b/storage/innobase/os/os0file.cc
@@ -975,7 +975,7 @@ os_file_create_simple_func(
 	*success = false;
 
 	int		create_flag;
-	const char*	mode_str	= NULL;
+	const char*	mode_str __attribute__((unused));
 
 	ut_a(!(create_mode & OS_FILE_ON_ERROR_SILENT));
 	ut_a(!(create_mode & OS_FILE_ON_ERROR_NO_EXIT));
@@ -1051,6 +1051,7 @@ os_file_create_simple_func(
 
 	} while (retry);
 
+#ifdef HAVE_FCNTL_DIRECT
 	/* This function is always called for data files, we should disable
 	OS caching (O_DIRECT) here as we do in os_file_create_func(), so
 	we open the same file in the same mode, see man page of open(2). */
@@ -1065,6 +1066,7 @@ os_file_create_simple_func(
 			break;
 		}
 	}
+#endif
 
 #ifndef _WIN32
 	if (!read_only
@@ -1150,7 +1152,7 @@ os_file_create_func(
 	);
 
 	int		create_flag;
-	const char*	mode_str	= NULL;
+	const char*	mode_str __attribute__((unused));
 
 	on_error_no_exit = create_mode & OS_FILE_ON_ERROR_NO_EXIT
 		? true : false;
@@ -1192,10 +1194,13 @@ os_file_create_func(
 		return(OS_FILE_CLOSED);
 	}
 
+#ifdef HAVE_FCNTL_DIRECT
 	ut_a(type == OS_LOG_FILE
 	     || type == OS_DATA_FILE
 	     || type == OS_DATA_FILE_NO_O_DIRECT);
-
+#else
+	ut_a(type == OS_LOG_FILE || type == OS_DATA_FILE);
+#endif
 	ut_a(purpose == OS_FILE_AIO || purpose == OS_FILE_NORMAL);
 
 	/* We let O_DSYNC only affect log files */
@@ -1241,7 +1246,7 @@ os_file_create_func(
 		return file;
 	}
 
-#if (defined __sun__ && defined DIRECTIO_ON) || defined O_DIRECT
+#ifdef HAVE_FCNTL_DIRECT
 	if (type == OS_DATA_FILE) {
 		switch (srv_file_flush_method) {
 		case SRV_O_DSYNC:
@@ -2175,10 +2180,8 @@ os_file_create_func(
 		if (srv_file_flush_method == SRV_O_DSYNC)
 			attributes|= FILE_FLAG_WRITE_THROUGH;
 	}
-	else if (type == OS_DATA_FILE)
-	{
-		switch (srv_file_flush_method)
-		{
+	else if (type == OS_DATA_FILE) {
+		switch (srv_file_flush_method) {
 		case SRV_FSYNC:
 		case SRV_LITTLESYNC:
 		case SRV_NOSYNC:
@@ -3042,30 +3045,15 @@ os_file_handle_error_cond_exit(
 	return(false);
 }
 
-#ifndef _WIN32
+#ifdef HAVE_FCNTL_DIRECT
 /** Tries to disable OS caching on an opened file descriptor.
 @param[in]	fd		file descriptor to alter
 @param[in]	file_name	file name, used in the diagnostic message
 @param[in]	name		"open" or "create"; used in the diagnostic
 				message */
 void
-os_file_set_nocache(
-	int	fd		MY_ATTRIBUTE((unused)),
-	const char*	file_name	MY_ATTRIBUTE((unused)),
-	const char*	operation_name	MY_ATTRIBUTE((unused)))
+os_file_set_nocache(int fd, const char *file_name, const char *operation_name)
 {
-	/* some versions of Solaris may not have DIRECTIO_ON */
-#if defined(__sun__) && defined(DIRECTIO_ON)
-	if (directio(fd, DIRECTIO_ON) == -1) {
-		int	errno_save = errno;
-
-		ib::error()
-			<< "Failed to set DIRECTIO_ON on file "
-			<< file_name << "; " << operation_name << ": "
-			<< strerror(errno_save) << ","
-			" continuing anyway.";
-	}
-#elif defined(O_DIRECT)
 	if (fcntl(fd, F_SETFL, O_DIRECT) == -1) {
 		int		errno_save = errno;
 		static bool	warning_message_printed = false;
@@ -3084,10 +3072,8 @@ os_file_set_nocache(
 				<< ", continuing anyway.";
 		}
 	}
-#endif /* defined(__sun__) && defined(DIRECTIO_ON) */
 }
-
-#endif /* _WIN32 */
+#endif /* HAVE_FCNTL_DIRECT */
 
 /** Check if the file system supports sparse files.
 @param fh	file handle
@@ -3177,8 +3163,18 @@ fallback:
 				return true;
 			}
 			current_size &= ~4095ULL;
+#  ifdef __linux__
+			if (!fallocate(file, 0, current_size,
+				       size - current_size)) {
+				err = 0;
+				break;
+			}
+
+			err = errno;
+#  else
 			err = posix_fallocate(file, current_size,
 					      size - current_size);
+#  endif
 		}
 	} while (err == EINTR
 		 && srv_shutdown_state <= SRV_SHUTDOWN_INITIATED);
@@ -3457,7 +3453,7 @@ static void write_io_callback(void *c)
 
   if (UNIV_UNLIKELY(cb->m_err != 0))
     ib::info () << "IO Error: " << cb->m_err
-                << "during write of "
+                << " during write of "
                 << cb->m_len << " bytes, for file "
                 << request.node->name << "(" << cb->m_fh << "), returned "
                 << cb->m_ret_len;
@@ -4194,7 +4190,6 @@ bool fil_node_t::read_page0()
         != DB_SUCCESS)
     {
       sql_print_error("InnoDB: Unable to read first page of file %s", name);
-corrupted:
       aligned_free(page);
       return false;
     }
@@ -4211,25 +4206,35 @@ corrupted:
     if (!fil_space_t::is_valid_flags(flags, space->id))
     {
       uint32_t cflags= fsp_flags_convert_from_101(flags);
-      if (cflags == UINT32_MAX)
+      if (cflags != UINT32_MAX)
       {
-invalid:
-        ib::error() << "Expected tablespace flags "
-          << ib::hex(space->flags)
-          << " but found " << ib::hex(flags)
-          << " in the file " << name;
-        goto corrupted;
+        uint32_t cf= cflags & ~FSP_FLAGS_MEM_MASK;
+        uint32_t sf= space->flags & ~FSP_FLAGS_MEM_MASK;
+
+        if (fil_space_t::is_flags_equal(cf, sf) ||
+            fil_space_t::is_flags_equal(sf, cf))
+        {
+          flags= cflags;
+          goto flags_ok;
+        }
       }
 
-      uint32_t cf= cflags & ~FSP_FLAGS_MEM_MASK;
-      uint32_t sf= space->flags & ~FSP_FLAGS_MEM_MASK;
+      aligned_free(page);
+      goto invalid;
+    }
 
-      if (!fil_space_t::is_flags_equal(cf, sf) &&
-          !fil_space_t::is_flags_equal(sf, cf))
-        goto invalid;
-      flags= cflags;
+    if (!fil_space_t::is_flags_equal((flags & ~FSP_FLAGS_MEM_MASK),
+                                     (space->flags & ~FSP_FLAGS_MEM_MASK)) &&
+        !fil_space_t::is_flags_equal((space->flags & ~FSP_FLAGS_MEM_MASK),
+                                     (flags & ~FSP_FLAGS_MEM_MASK)))
+    {
+invalid:
+      sql_print_error("InnoDB: Expected tablespace flags 0x%zx but found 0x%zx"
+                      " in the file %s", space->flags, flags, name);
+      return false;
     }
 
+  flags_ok:
     ut_ad(!(flags & FSP_FLAGS_MEM_MASK));
 
     /* Try to read crypt_data from page 0 if it is not yet read. */
diff --git a/storage/innobase/pars/pars0pars.cc b/storage/innobase/pars/pars0pars.cc
index 61614007..51bcc954 100644
--- a/storage/innobase/pars/pars0pars.cc
+++ b/storage/innobase/pars/pars0pars.cc
@@ -1778,9 +1778,6 @@ pars_create_table(
 	ulint		flags = 0;
 	ulint		flags2 = DICT_TF2_FTS_AUX_HEX_NAME;
 
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			flags2 &= ~DICT_TF2_FTS_AUX_HEX_NAME;);
-
 	n_cols = que_node_list_get_len(column_defs);
 
 	table = dict_table_t::create(
diff --git a/storage/innobase/row/row0ftsort.cc b/storage/innobase/row/row0ftsort.cc
index 17a2f034..9d85e2b1 100644
--- a/storage/innobase/row/row0ftsort.cc
+++ b/storage/innobase/row/row0ftsort.cc
@@ -1630,9 +1630,6 @@ row_fts_merge_insert(
 	/* We should set the flags2 with aux_table_name here,
 	in order to get the correct aux table names. */
 	index->table->flags2 |= DICT_TF2_FTS_AUX_HEX_NAME;
-	DBUG_EXECUTE_IF("innodb_test_wrong_fts_aux_table_name",
-			index->table->flags2 &= ~DICT_TF2_FTS_AUX_HEX_NAME
-			& ((1U << DICT_TF2_BITS) - 1););
 	fts_table.type = FTS_INDEX_TABLE;
 	fts_table.index_id = index->id;
 	fts_table.table_id = table->id;
diff --git a/storage/innobase/row/row0import.cc b/storage/innobase/row/row0import.cc
index d2609fdb..2516e24e 100644
--- a/storage/innobase/row/row0import.cc
+++ b/storage/innobase/row/row0import.cc
@@ -117,7 +117,6 @@ struct row_import {
 	row_import() UNIV_NOTHROW
 		:
 		m_table(NULL),
-		m_version(0),
 		m_hostname(NULL),
 		m_table_name(NULL),
 		m_autoinc(0),
@@ -196,8 +195,6 @@ struct row_import {
 
 	dict_table_t*	m_table;		/*!< Table instance */
 
-	ulint		m_version;		/*!< Version of config file */
-
 	byte*		m_hostname;		/*!< Hostname where the
 						tablespace was exported */
 	byte*		m_table_name;		/*!< Exporting instance table
@@ -2992,17 +2989,13 @@ row_import_read_meta_data(
 		return(DB_IO_ERROR);
 	}
 
-	cfg.m_version = mach_read_from_4(row);
-
 	/* Check the version number. */
-	switch (cfg.m_version) {
+	switch (mach_read_from_4(row)) {
 	case IB_EXPORT_CFG_VERSION_V1:
-
 		return(row_import_read_v1(file, thd, &cfg));
 	default:
-		ib_errf(thd, IB_LOG_LEVEL_ERROR, ER_IO_READ_ERROR,
-			"Unsupported meta-data version number (" ULINTPF "), "
-			"file ignored", cfg.m_version);
+		ib_senderrf(thd, IB_LOG_LEVEL_ERROR, ER_NOT_SUPPORTED_YET,
+			    "meta-data version");
 	}
 
 	return(DB_ERROR);
diff --git a/storage/innobase/row/row0ins.cc b/storage/innobase/row/row0ins.cc
index bdee0ed1..9c3c5d22 100644
--- a/storage/innobase/row/row0ins.cc
+++ b/storage/innobase/row/row0ins.cc
@@ -2638,14 +2638,17 @@ row_ins_clust_index_entry_low(
 		ut_ad(!dict_index_is_online_ddl(index));
 		ut_ad(!index->table->persistent_autoinc);
 		ut_ad(!index->is_instant());
+		ut_ad(!entry->info_bits);
 		mtr.set_log_mode(MTR_LOG_NO_REDO);
 	} else {
 		index->set_modified(mtr);
 
-		if (UNIV_UNLIKELY(entry->is_metadata())) {
+		if (UNIV_UNLIKELY(entry->info_bits != 0)) {
+			ut_ad(entry->is_metadata());
 			ut_ad(index->is_instant());
 			ut_ad(!dict_index_is_online_ddl(index));
 			ut_ad(mode == BTR_MODIFY_TREE);
+			ut_ad(flags == BTR_NO_LOCKING_FLAG);
 		} else {
 			if (mode == BTR_MODIFY_LEAF
 			    && dict_index_is_online_ddl(index)) {
@@ -2787,11 +2790,6 @@ avoid_bulk:
 
 skip_bulk_insert:
 	if (UNIV_UNLIKELY(entry->info_bits != 0)) {
-		ut_ad(entry->is_metadata());
-		ut_ad(flags == BTR_NO_LOCKING_FLAG);
-		ut_ad(index->is_instant());
-		ut_ad(!dict_index_is_online_ddl(index));
-
 		const rec_t* rec = btr_pcur_get_rec(&pcur);
 
 		if (rec_get_info_bits(rec, page_rec_is_comp(rec))
@@ -2895,9 +2893,20 @@ do_insert:
 			}
 		}
 
+		if (err == DB_SUCCESS && entry->info_bits) {
+			if (buf_block_t* root
+			    = btr_root_block_get(index, RW_X_LATCH, &mtr,
+						 &err)) {
+				btr_set_instant(root, *index, &mtr);
+			} else {
+				ut_ad("cannot find root page" == 0);
+			}
+		}
+
 		mtr.commit();
 
 		if (big_rec) {
+			ut_ad(err == DB_SUCCESS);
 			/* Online table rebuild could read (and
 			ignore) the incomplete record at this point.
 			If online rebuild is in progress, the
diff --git a/storage/innobase/row/row0merge.cc b/storage/innobase/row/row0merge.cc
index 5df93fe6..188d8ba5 100644
--- a/storage/innobase/row/row0merge.cc
+++ b/storage/innobase/row/row0merge.cc
@@ -120,7 +120,7 @@ public:
 		ut_ad(mtr_started == scan_mtr->is_active());
 
 		DBUG_EXECUTE_IF("row_merge_instrument_log_check_flush",
-				log_sys.set_check_flush_or_checkpoint(););
+				log_sys.set_check_for_checkpoint(););
 
 		for (idx_tuple_vec::iterator it = m_dtuple_vec.begin();
 		     it != m_dtuple_vec.end();
@@ -128,7 +128,7 @@ public:
 			dtuple = *it;
 			ut_ad(dtuple);
 
-			if (log_sys.check_flush_or_checkpoint()) {
+			if (log_sys.check_for_checkpoint()) {
 				if (mtr_started) {
 					if (!btr_pcur_move_to_prev_on_page(pcur)) {
 						error = DB_CORRUPTION;
@@ -2235,6 +2235,8 @@ end_of_index:
 					goto err_exit;
 				}
 
+				buf_page_make_young_if_needed(&block->page);
+
 				page_cur_set_before_first(block, cur);
 				if (!page_cur_move_to_next(cur)
 				    || page_cur_is_after_last(cur)) {
@@ -3545,17 +3547,6 @@ row_merge_sort(
 	of file marker).  Thus, it must be at least one block. */
 	ut_ad(file->offset > 0);
 
-	/* These thd_progress* calls will crash on sol10-64 when innodb_plugin
-	is used. MDEV-9356: innodb.innodb_bug53290 fails (crashes) on
-	sol10-64 in buildbot.
-	*/
-#ifndef __sun__
-	/* Progress report only for "normal" indexes. */
-	if (dup && !(dup->index->type & DICT_FTS)) {
-		thd_progress_init(trx->mysql_thd, 1);
-	}
-#endif /* __sun__ */
-
 	if (global_system_variables.log_warnings > 2) {
 		sql_print_information("InnoDB: Online DDL : merge-sorting"
 				      " has estimated " ULINTPF " runs",
@@ -3564,15 +3555,6 @@ row_merge_sort(
 
 	/* Merge the runs until we have one big run */
 	do {
-		/* Report progress of merge sort to MySQL for
-		show processlist progress field */
-		/* Progress report only for "normal" indexes. */
-#ifndef __sun__
-		if (dup && !(dup->index->type & DICT_FTS)) {
-			thd_progress_report(trx->mysql_thd, file->offset - num_runs, file->offset);
-		}
-#endif /* __sun__ */
-
 		error = row_merge(trx, dup, file, block, tmpfd,
 				  &num_runs, run_offset, stage,
 				  crypt_block, space);
@@ -3596,13 +3578,6 @@ row_merge_sort(
 
 	ut_free(run_offset);
 
-	/* Progress report only for "normal" indexes. */
-#ifndef __sun__
-	if (dup && !(dup->index->type & DICT_FTS)) {
-		thd_progress_end(trx->mysql_thd);
-	}
-#endif /* __sun__ */
-
 	DBUG_RETURN(error);
 }
 
@@ -4436,13 +4411,14 @@ row_merge_file_create(
 	merge_file->fd = row_merge_file_create_low(path);
 	merge_file->offset = 0;
 	merge_file->n_rec = 0;
-
+#ifdef HAVE_FCNTL_DIRECT
 	if (merge_file->fd != OS_FILE_CLOSED) {
 		if (srv_disable_sort_file_cache) {
 			os_file_set_nocache(merge_file->fd,
 				"row0merge.cc", "sort");
 		}
 	}
+#endif
 	return(merge_file->fd);
 }
 
diff --git a/storage/innobase/row/row0purge.cc b/storage/innobase/row/row0purge.cc
index 4756cc37..d83ab861 100644
--- a/storage/innobase/row/row0purge.cc
+++ b/storage/innobase/row/row0purge.cc
@@ -822,7 +822,6 @@ skip_secondaries:
 				   buf_page_get(page_id_t(rseg.space->id,
 							  page_no),
 						0, RW_X_LATCH, &mtr)) {
-				block->page.set_accessed();
 				buf_page_make_young_if_needed(&block->page);
 
 				byte* data_field = block->page.frame
diff --git a/storage/innobase/row/row0sel.cc b/storage/innobase/row/row0sel.cc
index 6c76dd91..33f4d81f 100644
--- a/storage/innobase/row/row0sel.cc
+++ b/storage/innobase/row/row0sel.cc
@@ -1222,6 +1222,7 @@ re_scan:
 			if (!cur_block) {
 				goto func_end;
 			}
+			buf_page_make_young_if_needed(&cur_block->page);
 		} else {
 			mtr->start();
 			goto func_end;
diff --git a/storage/innobase/row/row0undo.cc b/storage/innobase/row/row0undo.cc
index 8a1041c8..f14673c1 100644
--- a/storage/innobase/row/row0undo.cc
+++ b/storage/innobase/row/row0undo.cc
@@ -318,6 +318,8 @@ static buf_block_t* row_undo_rec_get(undo_node_t* node)
 		return nullptr;
 	}
 
+	buf_page_make_young_if_needed(&undo_page->page);
+
 	uint16_t offset = undo->top_offset;
 
 	buf_block_t* prev_page = undo_page;
diff --git a/storage/innobase/row/row0upd.cc b/storage/innobase/row/row0upd.cc
index bec53841..a39574d2 100644
--- a/storage/innobase/row/row0upd.cc
+++ b/storage/innobase/row/row0upd.cc
@@ -2158,6 +2158,25 @@ row_upd_clust_rec_by_insert_inherit_func(
 	return(inherit);
 }
 
+/** Mark 'disowned' BLOBs as 'owned' and 'inherited' again,
+after resuming from a lock wait.
+@param entry  clustered index entry */
+static ATTRIBUTE_COLD void row_upd_reown_inherited_fields(dtuple_t *entry)
+{
+  for (ulint i= 0; i < entry->n_fields; i++)
+  {
+    const dfield_t *dfield= dtuple_get_nth_field(entry, i);
+    if (dfield_is_ext(dfield))
+    {
+      byte *blob_len= static_cast<byte*>(dfield->data) +
+        dfield->len - (BTR_EXTERN_FIELD_REF_SIZE - BTR_EXTERN_LEN);
+      ut_ad(*blob_len & BTR_EXTERN_OWNER_FLAG);
+      *blob_len= byte((*blob_len & ~BTR_EXTERN_OWNER_FLAG) |
+        BTR_EXTERN_INHERITED_FLAG);
+    }
+  }
+}
+
 /***********************************************************//**
 Marks the clustered index record deleted and inserts the updated version
 of the record to the index. This function should be used when the ordering
@@ -2236,12 +2255,16 @@ row_upd_clust_rec_by_insert(
 			/* If the clustered index record is already delete
 			marked, then we are here after a DB_LOCK_WAIT.
 			Skip delete marking clustered index and disowning
-			its blobs. */
+			its blobs. Mark the BLOBs in the index entry
+			(which we copied from the already "disowned" rec)
+			as "owned", like it was on the previous call of
+			row_upd_clust_rec_by_insert(). */
 			ut_ad(row_get_rec_trx_id(rec, index, offsets)
 			      == trx->id);
 			ut_ad(!trx_undo_roll_ptr_is_insert(
 			              row_get_rec_roll_ptr(rec, index,
 							   offsets)));
+			row_upd_reown_inherited_fields(entry);
 			goto check_fk;
 		}
 
diff --git a/storage/innobase/srv/srv0srv.cc b/storage/innobase/srv/srv0srv.cc
index bf9755fb..7c0c4b92 100644
--- a/storage/innobase/srv/srv0srv.cc
+++ b/storage/innobase/srv/srv0srv.cc
@@ -106,9 +106,6 @@ segment). It is quite possible that some of the tablespaces doesn't host
 any of the rollback-segment based on configuration used. */
 uint32_t srv_undo_tablespaces_active;
 
-/** Rate at which UNDO records should be purged. */
-ulong	srv_purge_rseg_truncate_frequency;
-
 /** Enable or Disable Truncate of UNDO tablespace.
 Note: If enabled then UNDO tablespace will be selected for truncate.
 While Server waits for undo-tablespace to truncate if user disables
@@ -901,6 +898,9 @@ srv_export_innodb_status(void)
 	export_vars.innodb_data_written = srv_stats.data_written
 		+ (dblwr << srv_page_size_shift);
 
+	export_vars.innodb_buffer_pool_read_requests
+		= buf_pool.stat.n_page_gets;
+
 	export_vars.innodb_buffer_pool_bytes_data =
 		buf_pool.stat.LRU_bytes
 		+ (UT_LIST_GET_LEN(buf_pool.unzip_LRU)
@@ -1503,7 +1503,8 @@ inline void purge_coordinator_state::do_purge()
     ulint n_pages_handled= trx_purge(n_threads, history_size);
     if (!trx_sys.history_exists())
       goto no_history;
-    if (purge_sys.truncate.current || srv_shutdown_state != SRV_SHUTDOWN_NONE)
+    if (purge_sys.truncating_tablespace() ||
+        srv_shutdown_state != SRV_SHUTDOWN_NONE)
     {
       purge_truncation_task.wait();
       trx_purge_truncate_history();
diff --git a/storage/innobase/srv/srv0start.cc b/storage/innobase/srv/srv0start.cc
index ef5bcb67..738e0a7e 100644
--- a/storage/innobase/srv/srv0start.cc
+++ b/storage/innobase/srv/srv0start.cc
@@ -468,7 +468,7 @@ ATTRIBUTE_COLD static dberr_t srv_undo_tablespaces_reinit()
     rseg->init(nullptr, FIL_NULL);
   }
 
-  if (trx_sys.recovered_binlog_lsn
+  if (*trx_sys.recovered_binlog_filename
 #ifdef WITH_WSREP
       || !trx_sys.recovered_wsrep_xid.is_null()
 #endif /* WITH_WSREP */
@@ -476,7 +476,7 @@ ATTRIBUTE_COLD static dberr_t srv_undo_tablespaces_reinit()
   {
     /* Update binlog offset, binlog file name & wsrep xid in
     system tablespace rollback segment */
-    if (trx_sys.recovered_binlog_lsn)
+    if (*trx_sys.recovered_binlog_filename)
     {
       ut_d(const size_t len = strlen(trx_sys.recovered_binlog_filename) + 1);
       ut_ad(len > 1);
@@ -1122,10 +1122,14 @@ dberr_t srv_start(bool create_new_db)
 	if (srv_force_recovery) {
 		ib::info() << "!!! innodb_force_recovery is set to "
 			<< srv_force_recovery << " !!!";
+		if (srv_force_recovery == SRV_FORCE_NO_LOG_REDO) {
+			srv_read_only_mode = true;
+		}
 	}
 
-	if (srv_force_recovery == SRV_FORCE_NO_LOG_REDO) {
-		srv_read_only_mode = true;
+	if (srv_read_only_mode) {
+		sql_print_information("InnoDB: Started in read only mode");
+		srv_use_doublewrite_buf = false;
 	}
 
 	high_level_read_only = srv_read_only_mode
@@ -1302,6 +1306,10 @@ dberr_t srv_start(bool create_new_db)
 		ut_ad(buf_page_cleaner_is_active);
 	}
 
+	if (innodb_encrypt_temporary_tables && !log_crypt_init()) {
+		return srv_init_abort(DB_ERROR);
+	}
+
 	/* Check if undo tablespaces and redo log files exist before creating
 	a new system tablespace */
 	if (create_new_db) {
@@ -1310,6 +1318,11 @@ dberr_t srv_start(bool create_new_db)
 			return(srv_init_abort(DB_ERROR));
 		}
 		recv_sys.debug_free();
+	} else {
+		err = recv_recovery_read_checkpoint();
+		if (err != DB_SUCCESS) {
+			return srv_init_abort(err);
+		}
 	}
 
 	/* Open or create the data files. */
@@ -1334,12 +1347,9 @@ dberr_t srv_start(bool create_new_db)
 			" old data files which contain your precious data!";
 		/* fall through */
 	default:
-		/* Other errors might come from Datafile::validate_first_page() */
-		return(srv_init_abort(err));
-	}
-
-	if (innodb_encrypt_temporary_tables && !log_crypt_init()) {
-		return srv_init_abort(DB_ERROR);
+		/* Other errors might be flagged by
+		Datafile::validate_first_page() */
+		return srv_init_abort(err);
 	}
 
 	if (create_new_db) {
@@ -1355,10 +1365,10 @@ dberr_t srv_start(bool create_new_db)
 			return srv_init_abort(err);
 		}
 
-		srv_undo_space_id_start= 1;
+		srv_undo_space_id_start = 1;
 	}
 
-	/* Open log file and data files in the systemtablespace: we keep
+	/* Open data files in the system tablespace: we keep
 	them open until database shutdown */
 	ut_d(fil_system.sys_space->recv_size = srv_sys_space_size_debug);
 
@@ -1771,21 +1781,13 @@ dberr_t srv_start(bool create_new_db)
 		}
 
 		if (srv_force_recovery < SRV_FORCE_NO_UNDO_LOG_SCAN) {
-			/* The following call is necessary for the insert
+			/* The following call is necessary for the change
 			buffer to work with multiple tablespaces. We must
 			know the mapping between space id's and .ibd file
 			names.
 
-			In a crash recovery, we check that the info in data
-			dictionary is consistent with what we already know
-			about space id's from the calls to fil_ibd_load().
-
-			In a normal startup, we create the space objects for
-			every table in the InnoDB data dictionary that has
-			an .ibd file.
-
 			We also determine the maximum tablespace id used. */
-			dict_check_tablespaces_and_store_max_id();
+			dict_check_tablespaces_and_store_max_id(nullptr);
 		}
 
 		if (srv_force_recovery < SRV_FORCE_NO_TRX_UNDO
@@ -1933,7 +1935,7 @@ void innodb_preshutdown()
     better prevent any further changes from being buffered. */
     innodb_change_buffering= 0;
 
-    if (trx_sys.is_initialised())
+    if (srv_force_recovery < SRV_FORCE_NO_TRX_UNDO && srv_was_started)
       while (trx_sys.any_active_transactions())
         std::this_thread::sleep_for(std::chrono::milliseconds(1));
   }
diff --git a/storage/innobase/sync/srw_lock.cc b/storage/innobase/sync/srw_lock.cc
index e41451d8..5afb79f2 100644
--- a/storage/innobase/sync/srw_lock.cc
+++ b/storage/innobase/sync/srw_lock.cc
@@ -143,8 +143,7 @@ static inline void srw_pause(unsigned delay)
   HMT_medium();
 }
 
-#ifdef SUX_LOCK_GENERIC
-# ifndef PTHREAD_ADAPTIVE_MUTEX_INITIALIZER_NP
+#ifndef PTHREAD_ADAPTIVE_MUTEX_INITIALIZER_NP
 template<> void pthread_mutex_wrapper<true>::wr_wait()
 {
   const unsigned delay= srw_pause_delay();
@@ -158,8 +157,9 @@ template<> void pthread_mutex_wrapper<true>::wr_wait()
 
   pthread_mutex_lock(&lock);
 }
-# endif
+#endif
 
+#ifdef SUX_LOCK_GENERIC
 template void ssux_lock_impl<false>::init();
 template void ssux_lock_impl<true>::init();
 template void ssux_lock_impl<false>::destroy();
diff --git a/storage/innobase/trx/trx0purge.cc b/storage/innobase/trx/trx0purge.cc
index 1f31ceda..cff16d9c 100644
--- a/storage/innobase/trx/trx0purge.cc
+++ b/storage/innobase/trx/trx0purge.cc
@@ -41,6 +41,7 @@ Created 3/26/1996 Heikki Tuuri
 #include "dict0load.h"
 #include <mysql/service_thd_mdl.h>
 #include <mysql/service_wsrep.h>
+#include "log.h"
 
 /** Maximum allowable purge history length.  <=0 means 'infinite'. */
 ulong		srv_max_purge_lag = 0;
@@ -168,10 +169,15 @@ void purge_sys_t::create()
   ut_ad(this == &purge_sys);
   ut_ad(!m_initialized);
   ut_ad(!enabled());
+  ut_ad(!m_active);
+  /* If innodb_undo_tablespaces>0, the rollback segment 0
+  (which always resides in the system tablespace) will
+  never be used; @see trx_assign_rseg_low() */
+  skipped_rseg= srv_undo_tablespaces > 0;
   m_paused= 0;
   query= purge_graph_build();
   next_stored= false;
-  rseg= NULL;
+  rseg= nullptr;
   page_no= 0;
   offset= 0;
   hdr_page_no= 0;
@@ -179,8 +185,8 @@ void purge_sys_t::create()
   latch.SRW_LOCK_INIT(trx_purge_latch_key);
   end_latch.init();
   mysql_mutex_init(purge_sys_pq_mutex_key, &pq_mutex, nullptr);
-  truncate.current= NULL;
-  truncate.last= NULL;
+  truncate_undo_space.current= nullptr;
+  truncate_undo_space.last= 0;
   m_initialized= true;
 }
 
@@ -350,14 +356,21 @@ trx_purge_add_undo_to_history(const trx_t* trx, trx_undo_t*& undo, mtr_t* mtr)
 }
 
 /** Free an undo log segment.
-@param block     rollback segment header page
+@param rseg_hdr  rollback segment header page
+@param block     undo segment header page
 @param mtr       mini-transaction */
-static void trx_purge_free_segment(buf_block_t *block, mtr_t &mtr)
+static void trx_purge_free_segment(buf_block_t *rseg_hdr, buf_block_t *block,
+                                   mtr_t &mtr)
 {
+  ut_ad(mtr.memo_contains_flagged(rseg_hdr, MTR_MEMO_PAGE_X_FIX));
+  ut_ad(mtr.memo_contains_flagged(block, MTR_MEMO_PAGE_X_FIX));
+
   while (!fseg_free_step_not_header(TRX_UNDO_SEG_HDR + TRX_UNDO_FSEG_HEADER +
                                     block->page.frame, &mtr))
   {
+    rseg_hdr->fix();
     block->fix();
+    ut_d(const page_id_t rseg_hdr_id{rseg_hdr->page.id()});
     ut_d(const page_id_t id{block->page.id()});
     mtr.commit();
     /* NOTE: If the server is killed after the log that was produced
@@ -368,26 +381,62 @@ static void trx_purge_free_segment(buf_block_t *block, mtr_t &mtr)
     This does not matter when using multiple innodb_undo_tablespaces;
     innodb_undo_log_truncate=ON will be able to reclaim the space. */
     mtr.start();
+    rseg_hdr->page.lock.x_lock();
+    ut_ad(rseg_hdr->page.id() == rseg_hdr_id);
     block->page.lock.x_lock();
     ut_ad(block->page.id() == id);
-    mtr.memo_push(block, MTR_MEMO_PAGE_X_MODIFY);
+    mtr.memo_push(rseg_hdr, MTR_MEMO_PAGE_X_FIX);
+    mtr.memo_push(block, MTR_MEMO_PAGE_X_FIX);
   }
 
   while (!fseg_free_step(TRX_UNDO_SEG_HDR + TRX_UNDO_FSEG_HEADER +
                          block->page.frame, &mtr));
 }
 
+void purge_sys_t::rseg_enable(trx_rseg_t &rseg)
+{
+  ut_ad(this == &purge_sys);
+#ifndef SUX_LOCK_GENERIC
+  ut_ad(rseg.latch.is_write_locked());
+#endif
+  uint8_t skipped= skipped_rseg;
+  ut_ad(skipped < TRX_SYS_N_RSEGS);
+  if (&rseg == &trx_sys.rseg_array[skipped])
+  {
+    /* If this rollback segment is subject to innodb_undo_log_truncate=ON,
+    we must not clear the flag. But we will advance purge_sys.skipped_rseg
+    to be able to choose another candidate for this soft truncation, and
+    to prevent the following scenario:
+
+    (1) purge_sys_t::iterator::free_history_rseg() had invoked
+    rseg.set_skip_allocation()
+    (2) undo log truncation had completed on this rollback segment
+    (3) SET GLOBAL innodb_undo_log_truncate=OFF
+    (4) purge_sys_t::iterator::free_history_rseg() would not be able to
+    invoke rseg.set_skip_allocation() on any other rollback segment
+    before this rseg has grown enough */
+    if (truncate_undo_space.current != rseg.space)
+      rseg.clear_skip_allocation();
+    skipped++;
+    /* If innodb_undo_tablespaces>0, the rollback segment 0
+    (which always resides in the system tablespace) will
+    never be used; @see trx_assign_rseg_low() */
+    if (!(skipped&= (TRX_SYS_N_RSEGS - 1)) && srv_undo_tablespaces)
+      skipped++;
+    skipped_rseg= skipped;
+  }
+}
+
 /** Remove unnecessary history data from a rollback segment.
 @param rseg   rollback segment
 @param limit  truncate anything before this
-@param all    whether everything can be truncated
 @return error code */
-static dberr_t
-trx_purge_truncate_rseg_history(trx_rseg_t &rseg,
-                                const purge_sys_t::iterator &limit, bool all)
+inline dberr_t purge_sys_t::iterator::free_history_rseg(trx_rseg_t &rseg) const
 {
   fil_addr_t hdr_addr;
   mtr_t mtr;
+  bool freed= false;
+  uint32_t rseg_ref= 0;
 
   mtr.start();
 
@@ -397,6 +446,8 @@ trx_purge_truncate_rseg_history(trx_rseg_t &rseg,
   {
 func_exit:
     mtr.commit();
+    if (freed && (rseg.SKIP & rseg_ref))
+      purge_sys.rseg_enable(rseg);
     return err;
   }
 
@@ -418,16 +469,40 @@ loop:
   const trx_id_t undo_trx_no=
     mach_read_from_8(b->page.frame + hdr_addr.boffset + TRX_UNDO_TRX_NO);
 
-  if (undo_trx_no >= limit.trx_no)
+  if (undo_trx_no >= trx_no)
   {
-    if (undo_trx_no == limit.trx_no)
-      err = trx_undo_truncate_start(&rseg, hdr_addr.page,
-                                    hdr_addr.boffset, limit.undo_no);
+    if (undo_trx_no == trx_no)
+      err= trx_undo_truncate_start(&rseg, hdr_addr.page,
+                                   hdr_addr.boffset, undo_no);
     goto func_exit;
   }
-
-  if (!all)
-    goto func_exit;
+  else
+  {
+    rseg_ref= rseg.ref_load();
+    if (rseg_ref >= rseg.REF || !purge_sys.sees(rseg.needs_purge))
+    {
+      /* We cannot clear this entire rseg because trx_assign_rseg_low()
+      has already chosen it for a future trx_undo_assign(), or
+      because some recently started transaction needs purging.
+
+      If this invocation could not reduce rseg.history_size at all
+      (!freed), we will try to ensure progress and prevent our
+      starvation by disabling one rollback segment for future
+      trx_assign_rseg_low() invocations until a future invocation has
+      made progress and invoked purge_sys_t::rseg_enable(rseg) on that
+      rollback segment. */
+
+      if (!(rseg.SKIP & rseg_ref) && !freed &&
+          ut_d(!trx_rseg_n_slots_debug &&)
+          &rseg == &trx_sys.rseg_array[purge_sys.skipped_rseg])
+        /* If rseg.space == purge_sys.truncate_undo_space.current
+        the following will be a no-op. A possible conflict
+        with innodb_undo_log_truncate=ON will be handled in
+        purge_sys_t::rseg_enable(). */
+        rseg.set_skip_allocation();
+      goto func_exit;
+    }
+  }
 
   fil_addr_t prev_hdr_addr=
     flst_get_prev_addr(b->page.frame + hdr_addr.boffset +
@@ -459,7 +534,7 @@ loop:
     free_segment:
       ut_ad(rseg.curr_size >= seg_size);
       rseg.curr_size-= seg_size;
-      trx_purge_free_segment(b, mtr);
+      trx_purge_free_segment(rseg_hdr, b, mtr);
       break;
     case TRX_UNDO_CACHED:
       /* rseg.undo_cached must point to this page */
@@ -490,10 +565,11 @@ loop:
   mtr.commit();
   ut_ad(rseg.history_size > 0);
   rseg.history_size--;
+  freed= true;
   mtr.start();
   rseg_hdr->page.lock.x_lock();
   ut_ad(rseg_hdr->page.id() == rseg.page_id());
-  mtr.memo_push(rseg_hdr, MTR_MEMO_PAGE_X_MODIFY);
+  mtr.memo_push(rseg_hdr, MTR_MEMO_PAGE_X_FIX);
 
   goto loop;
 }
@@ -544,9 +620,7 @@ dberr_t purge_sys_t::iterator::free_history() const
       ut_ad(rseg.is_persistent());
       log_free_check();
       rseg.latch.wr_lock(SRW_LOCK_CALL);
-      dberr_t err=
-        trx_purge_truncate_rseg_history(rseg, *this, !rseg.is_referenced() &&
-                                        purge_sys.sees(rseg.needs_purge));
+      dberr_t err= free_history_rseg(rseg);
       rseg.latch.wr_unlock();
       if (err)
         return err;
@@ -554,6 +628,62 @@ dberr_t purge_sys_t::iterator::free_history() const
   return DB_SUCCESS;
 }
 
+inline void trx_sys_t::undo_truncate_start(fil_space_t &space)
+{
+  ut_ad(this == &trx_sys);
+  /* Undo tablespace always are a single file. */
+  ut_a(UT_LIST_GET_LEN(space.chain) == 1);
+  fil_node_t *file= UT_LIST_GET_FIRST(space.chain);
+  /* The undo tablespace files are never closed. */
+  ut_ad(file->is_open());
+  sql_print_information("InnoDB: Starting to truncate %s", file->name);
+
+  for (auto &rseg : rseg_array)
+    if (rseg.space == &space)
+    {
+      /* Prevent a race with purge_sys_t::iterator::free_history_rseg() */
+      rseg.latch.rd_lock(SRW_LOCK_CALL);
+      /* Once set, this rseg will not be allocated to subsequent
+      transactions, but we will wait for existing active
+      transactions to finish. */
+      rseg.set_skip_allocation();
+      rseg.latch.rd_unlock();
+    }
+}
+
+inline fil_space_t *purge_sys_t::undo_truncate_try(uint32_t id, uint32_t size)
+{
+  ut_ad(srv_is_undo_tablespace(id));
+  fil_space_t *space= fil_space_get(id);
+  if (space && space->get_size() > size)
+  {
+    truncate_undo_space.current= space;
+    trx_sys.undo_truncate_start(*space);
+    return space;
+  }
+  return nullptr;
+}
+
+fil_space_t *purge_sys_t::truncating_tablespace()
+{
+  ut_ad(this == &purge_sys);
+
+  fil_space_t *space= truncate_undo_space.current;
+  if (space || srv_undo_tablespaces_active < 2 || !srv_undo_log_truncate)
+    return space;
+
+  const uint32_t size= uint32_t(srv_max_undo_log_size >> srv_page_size_shift);
+  for (uint32_t i= truncate_undo_space.last, j= i;; )
+  {
+    if (fil_space_t *s= undo_truncate_try(srv_undo_space_id_start + i, size))
+      return s;
+    ++i;
+    i%= srv_undo_tablespaces_active;
+    if (i == j)
+      return nullptr;
+  }
+}
+
 #if defined __GNUC__ && __GNUC__ == 4 && !defined __clang__
 # if defined __arm__ || defined __aarch64__
 /* Work around an internal compiler error in GCC 4.8.5 */
@@ -579,55 +709,14 @@ TRANSACTIONAL_TARGET void trx_purge_truncate_history()
     head.undo_no= 0;
   }
 
-  if (head.free_history() != DB_SUCCESS || srv_undo_tablespaces_active < 2)
+  if (head.free_history() != DB_SUCCESS)
     return;
 
-  while (srv_undo_log_truncate)
+  while (fil_space_t *space= purge_sys.truncating_tablespace())
   {
-    if (!purge_sys.truncate.current)
-    {
-      const ulint threshold=
-        ulint(srv_max_undo_log_size >> srv_page_size_shift);
-      for (uint32_t i= purge_sys.truncate.last
-           ? purge_sys.truncate.last->id - srv_undo_space_id_start : 0,
-           j= i;; )
-      {
-        const uint32_t space_id= srv_undo_space_id_start + i;
-        ut_ad(srv_is_undo_tablespace(space_id));
-        fil_space_t *space= fil_space_get(space_id);
-        ut_a(UT_LIST_GET_LEN(space->chain) == 1);
-
-        if (space && space->get_size() > threshold)
-        {
-          purge_sys.truncate.current= space;
-          break;
-        }
-
-        ++i;
-        i %= srv_undo_tablespaces_active;
-        if (i == j)
-          return;
-      }
-    }
-
-    fil_space_t &space= *purge_sys.truncate.current;
-    /* Undo tablespace always are a single file. */
-    fil_node_t *file= UT_LIST_GET_FIRST(space.chain);
-    /* The undo tablespace files are never closed. */
-    ut_ad(file->is_open());
-
-    DBUG_LOG("undo", "marking for truncate: " << file->name);
-
-    for (auto &rseg : trx_sys.rseg_array)
-      if (rseg.space == &space)
-        /* Once set, this rseg will not be allocated to subsequent
-        transactions, but we will wait for existing active
-        transactions to finish. */
-        rseg.set_skip_allocation();
-
     for (auto &rseg : trx_sys.rseg_array)
     {
-      if (rseg.space != &space)
+      if (rseg.space != space)
         continue;
 
       rseg.latch.rd_lock(SRW_LOCK_CALL);
@@ -660,15 +749,9 @@ not_free:
       rseg.latch.rd_unlock();
     }
 
-    ib::info() << "Truncating " << file->name;
-    trx_purge_cleanse_purge_queue(space);
-
-    log_free_check();
-
-    mtr_t mtr;
-    mtr.start();
-    mtr.x_lock_space(&space);
-    const auto space_id= space.id;
+    const char *file_name= UT_LIST_GET_FIRST(space->chain)->name;
+    sql_print_information("InnoDB: Truncating %s", file_name);
+    trx_purge_cleanse_purge_queue(*space);
 
     /* Lock all modified pages of the tablespace.
 
@@ -678,104 +761,41 @@ not_free:
     mini-transaction commit and the server was killed, then
     discarding the to-be-trimmed pages without flushing would
     break crash recovery. */
-  rescan:
-    mysql_mutex_lock(&buf_pool.flush_list_mutex);
-    for (buf_page_t *bpage= UT_LIST_GET_LAST(buf_pool.flush_list); bpage; )
-    {
-      ut_ad(bpage->oldest_modification());
-      ut_ad(bpage->in_file());
-
-      buf_page_t *prev= UT_LIST_GET_PREV(list, bpage);
-
-      if (bpage->oldest_modification() > 2 && bpage->id().space() == space_id)
-      {
-        ut_ad(bpage->frame);
-        bpage->fix();
-        {
-          /* Try to acquire an exclusive latch while the cache line is
-          fresh after fix(). */
-          const bool got_lock{bpage->lock.x_lock_try()};
-          buf_pool.flush_hp.set(prev);
-          mysql_mutex_unlock(&buf_pool.flush_list_mutex);
-          if (!got_lock)
-            bpage->lock.x_lock();
-        }
-
-#ifdef BTR_CUR_HASH_ADAPT
-        /* There is no AHI on undo tablespaces. */
-        ut_ad(!reinterpret_cast<buf_block_t*>(bpage)->index);
-#endif
-        ut_ad(!bpage->is_io_fixed());
-        ut_ad(bpage->id().space() == space_id);
-
-        if (bpage->oldest_modification() > 2)
-        {
-          mtr.memo_push(reinterpret_cast<buf_block_t*>(bpage),
-                        MTR_MEMO_PAGE_X_FIX);
-          mysql_mutex_lock(&buf_pool.flush_list_mutex);
-          ut_ad(bpage->oldest_modification() > 2);
-          bpage->reset_oldest_modification();
-        }
-        else
-        {
-          bpage->unfix();
-          bpage->lock.x_unlock();
-          mysql_mutex_lock(&buf_pool.flush_list_mutex);
-        }
-
-        if (prev != buf_pool.flush_hp.get())
-        {
-          mysql_mutex_unlock(&buf_pool.flush_list_mutex);
-          goto rescan;
-        }
-      }
 
-      bpage= prev;
-    }
-
-    mysql_mutex_unlock(&buf_pool.flush_list_mutex);
-
-    /* Re-initialize tablespace, in a single mini-transaction. */
-    const ulint size= SRV_UNDO_TABLESPACE_SIZE_IN_PAGES;
+    if (UNIV_UNLIKELY(srv_shutdown_state != SRV_SHUTDOWN_NONE) &&
+        srv_fast_shutdown)
+      return;
 
     /* Adjust the tablespace metadata. */
     mysql_mutex_lock(&fil_system.mutex);
-    space.set_stopping();
-    space.is_being_truncated= true;
-    if (space.crypt_data)
+    if (space->crypt_data)
     {
-      space.reacquire();
+      space->reacquire();
       mysql_mutex_unlock(&fil_system.mutex);
-      fil_space_crypt_close_tablespace(&space);
-      space.release();
+      fil_space_crypt_close_tablespace(space);
+      space->release();
     }
     else
       mysql_mutex_unlock(&fil_system.mutex);
 
-    for (auto i= 6000; space.referenced();
-         std::this_thread::sleep_for(std::chrono::milliseconds(10)))
-    {
-      if (!--i)
-      {
-        mtr.commit();
-        ib::error() << "Failed to freeze UNDO tablespace " << file->name;
-        return;
-      }
-    }
+    /* Re-initialize tablespace, in a single mini-transaction. */
+    const uint32_t size= SRV_UNDO_TABLESPACE_SIZE_IN_PAGES;
+
+    log_free_check();
 
+    mtr_t mtr;
+    mtr.start();
+    mtr.x_lock_space(space);
     /* Associate the undo tablespace with mtr.
     During mtr::commit_shrink(), InnoDB can use the undo
     tablespace object to clear all freed ranges */
-    mtr.set_named_space(&space);
-    mtr.trim_pages(page_id_t(space.id, size));
-    ut_a(fsp_header_init(&space, size, &mtr) == DB_SUCCESS);
-    mysql_mutex_lock(&fil_system.mutex);
-    space.size= file->size= size;
-    mysql_mutex_unlock(&fil_system.mutex);
+    mtr.set_named_space(space);
+    mtr.trim_pages(page_id_t(space->id, size));
+    ut_a(fsp_header_init(space, size, &mtr) == DB_SUCCESS);
 
     for (auto &rseg : trx_sys.rseg_array)
     {
-      if (rseg.space != &space)
+      if (rseg.space != space)
         continue;
 
       ut_ad(!rseg.is_referenced());
@@ -784,7 +804,7 @@ not_free:
       possibly before this server had been started up. */
 
       dberr_t err;
-      buf_block_t *rblock= trx_rseg_header_create(&space,
+      buf_block_t *rblock= trx_rseg_header_create(space,
                                                   &rseg - trx_sys.rseg_array,
                                                   trx_sys.get_max_trx_id(),
                                                   &mtr, &err);
@@ -797,7 +817,7 @@ not_free:
       rseg.reinit(rblock->page.id().page_no());
     }
 
-    mtr.commit_shrink(space);
+    mtr.commit_shrink(*space, size);
 
     /* No mutex; this is only updated by the purge coordinator. */
     export_vars.innodb_undo_truncations++;
@@ -814,14 +834,15 @@ not_free:
       purge_sys.next_stored= false;
     }
 
-    DBUG_EXECUTE_IF("ib_undo_trunc", ib::info() << "ib_undo_trunc";
+    DBUG_EXECUTE_IF("ib_undo_trunc",
+                    sql_print_information("InnoDB: ib_undo_trunc");
                     log_buffer_flush_to_disk();
                     DBUG_SUICIDE(););
 
-    ib::info() << "Truncated " << file->name;
-    purge_sys.truncate.last= purge_sys.truncate.current;
-    ut_ad(&space == purge_sys.truncate.current);
-    purge_sys.truncate.current= nullptr;
+    sql_print_information("InnoDB: Truncated %s", file_name);
+    ut_ad(space == purge_sys.truncate_undo_space.current);
+    purge_sys.truncate_undo_space.current= nullptr;
+    purge_sys.truncate_undo_space.last= space->id - srv_undo_space_id_start;
   }
 }
 
@@ -853,7 +874,9 @@ void purge_sys_t::rseg_get_next_history_log()
 {
   fil_addr_t prev_log_addr;
 
+#ifndef SUX_LOCK_GENERIC
   ut_ad(rseg->latch.is_write_locked());
+#endif
   ut_a(rseg->last_page_no != FIL_NULL);
 
   tail.trx_no= rseg->last_trx_no() + 1;
@@ -969,7 +992,9 @@ inline trx_purge_rec_t purge_sys_t::get_next_rec(roll_ptr_t roll_ptr)
 {
   ut_ad(next_stored);
   ut_ad(tail.trx_no < low_limit_no());
+#ifndef SUX_LOCK_GENERIC
   ut_ad(rseg->latch.is_write_locked());
+#endif
 
   if (!offset)
   {
diff --git a/storage/innobase/trx/trx0rec.cc b/storage/innobase/trx/trx0rec.cc
index b381c9de..2923dc64 100644
--- a/storage/innobase/trx/trx0rec.cc
+++ b/storage/innobase/trx/trx0rec.cc
@@ -2069,9 +2069,10 @@ trx_undo_get_undo_rec_low(
   mtr.start();
 
   trx_undo_rec_t *undo_rec= nullptr;
-  if (const buf_block_t* undo_page=
+  if (buf_block_t* undo_page=
       buf_page_get(page_id_t(rseg->space->id, page_no), 0, RW_S_LATCH, &mtr))
   {
+    buf_page_make_young_if_needed(&undo_page->page);
     undo_rec= undo_page->page.frame + offset;
     const size_t end= mach_read_from_2(undo_rec);
     if (UNIV_UNLIKELY(end <= offset ||
diff --git a/storage/innobase/trx/trx0rseg.cc b/storage/innobase/trx/trx0rseg.cc
index 8d1a381c..87a2ac7b 100644
--- a/storage/innobase/trx/trx0rseg.cc
+++ b/storage/innobase/trx/trx0rseg.cc
@@ -296,8 +296,13 @@ buf_block_t *trx_rseg_t::get(mtr_t *mtr, dberr_t *err) const
     if (err) *err= DB_TABLESPACE_NOT_FOUND;
     return nullptr;
   }
-  return buf_page_get_gen(page_id(), 0, RW_X_LATCH, nullptr,
-                          BUF_GET, mtr, err);
+
+  buf_block_t *block= buf_page_get_gen(page_id(), 0, RW_X_LATCH, nullptr,
+                                       BUF_GET, mtr, err);
+  if (UNIV_LIKELY(block != nullptr))
+    buf_page_make_young_if_needed(&block->page);
+
+  return block;
 }
 
 /** Upgrade a rollback segment header page to MariaDB 10.3 format.
@@ -462,20 +467,32 @@ static dberr_t trx_rseg_mem_restore(trx_rseg_t *rseg, mtr_t *mtr)
       TRX_RSEG + TRX_RSEG_BINLOG_NAME + rseg_hdr->page.frame;
     if (*binlog_name)
     {
-      lsn_t lsn= mach_read_from_8(my_assume_aligned<8>
-                                  (FIL_PAGE_LSN + rseg_hdr->page.frame));
       static_assert(TRX_RSEG_BINLOG_NAME_LEN ==
                     sizeof trx_sys.recovered_binlog_filename, "compatibility");
-      if (lsn > trx_sys.recovered_binlog_lsn)
-      {
-        trx_sys.recovered_binlog_lsn= lsn;
-        trx_sys.recovered_binlog_offset=
+
+      /* Always prefer a position from rollback segment over
+      a legacy position from before version 10.3.5. */
+      int cmp= *trx_sys.recovered_binlog_filename &&
+        !trx_sys.recovered_binlog_is_legacy_pos
+        ? strncmp(reinterpret_cast<const char*>(binlog_name),
+                  trx_sys.recovered_binlog_filename,
+                  TRX_RSEG_BINLOG_NAME_LEN)
+        : 1;
+
+      if (cmp >= 0) {
+        uint64_t binlog_offset =
           mach_read_from_8(TRX_RSEG + TRX_RSEG_BINLOG_OFFSET +
                            rseg_hdr->page.frame);
-        memcpy(trx_sys.recovered_binlog_filename, binlog_name,
-               TRX_RSEG_BINLOG_NAME_LEN);
+        if (cmp)
+        {
+          memcpy(trx_sys.recovered_binlog_filename, binlog_name,
+                 TRX_RSEG_BINLOG_NAME_LEN);
+          trx_sys.recovered_binlog_offset= binlog_offset;
+        }
+        else if (binlog_offset > trx_sys.recovered_binlog_offset)
+          trx_sys.recovered_binlog_offset= binlog_offset;
+        trx_sys.recovered_binlog_is_legacy_pos= false;
       }
-
 #ifdef WITH_WSREP
       trx_rseg_read_wsrep_checkpoint(rseg_hdr, trx_sys.recovered_wsrep_xid);
 #endif
@@ -548,6 +565,7 @@ static void trx_rseg_init_binlog_info(const page_t* page)
 		trx_sys.recovered_binlog_offset = mach_read_from_8(
 			TRX_SYS_MYSQL_LOG_INFO + TRX_SYS_MYSQL_LOG_OFFSET
 			+ TRX_SYS + page);
+		trx_sys.recovered_binlog_is_legacy_pos= true;
 	}
 
 #ifdef WITH_WSREP
@@ -562,6 +580,7 @@ dberr_t trx_rseg_array_init()
 
 	*trx_sys.recovered_binlog_filename = '\0';
 	trx_sys.recovered_binlog_offset = 0;
+	trx_sys.recovered_binlog_is_legacy_pos= false;
 #ifdef WITH_WSREP
 	trx_sys.recovered_wsrep_xid.null();
 	XID wsrep_sys_xid;
diff --git a/storage/innobase/trx/trx0trx.cc b/storage/innobase/trx/trx0trx.cc
index e5e2ef9e..942b8bd4 100644
--- a/storage/innobase/trx/trx0trx.cc
+++ b/storage/innobase/trx/trx0trx.cc
@@ -582,6 +582,7 @@ static dberr_t trx_resurrect_table_locks(trx_t *trx, const trx_undo_t &undo)
                                  undo.top_page_no), 0, RW_S_LATCH, nullptr,
                        BUF_GET, &mtr, &err))
   {
+    buf_page_make_young_if_needed(&block->page);
     buf_block_t *undo_block= block;
     const trx_undo_rec_t *undo_rec= block->page.frame + undo.top_offset;
 
@@ -980,7 +981,13 @@ void trx_t::commit_empty(mtr_t *mtr)
   trx_undo_t *&undo= rsegs.m_redo.undo;
 
   ut_ad(undo->state == TRX_UNDO_ACTIVE || undo->state == TRX_UNDO_PREPARED);
-  ut_ad(undo->size == 1);
+
+  if (UNIV_UNLIKELY(undo->size != 1))
+  {
+    sql_print_error("InnoDB: Undo log for transaction " TRX_ID_FMT
+                    " is corrupted (" UINT32PF "!=1)", id, undo->size);
+    ut_ad("corrupted undo log" == 0);
+  }
 
   if (buf_block_t *u=
       buf_page_get(page_id_t(rseg->space->id, undo->hdr_page_no), 0,
@@ -1504,6 +1511,7 @@ void trx_t::commit_cleanup()
 
   mutex.wr_lock();
   state= TRX_STATE_NOT_STARTED;
+  *detailed_error= '\0';
   mod_tables.clear();
 
   check_foreigns= true;
diff --git a/storage/innobase/trx/trx0undo.cc b/storage/innobase/trx/trx0undo.cc
index 203edd9f..ccc68dfe 100644
--- a/storage/innobase/trx/trx0undo.cc
+++ b/storage/innobase/trx/trx0undo.cc
@@ -25,8 +25,8 @@ Created 3/26/1996 Heikki Tuuri
 *******************************************************/
 
 #include "trx0undo.h"
+#include "buf0rea.h"
 #include "fsp0fsp.h"
-#include "mach0data.h"
 #include "mtr0log.h"
 #include "srv0mon.h"
 #include "srv0srv.h"
@@ -178,8 +178,12 @@ trx_undo_get_prev_rec_from_prev_page(buf_block_t *&block, uint16_t rec,
 
   block= buf_page_get(page_id_t(block->page.id().space(), prev_page_no),
                       0, shared ? RW_S_LATCH : RW_X_LATCH, mtr);
+  if (UNIV_UNLIKELY(!block))
+    return nullptr;
 
-  return block ? trx_undo_page_get_last_rec(block, page_no, offset) : nullptr;
+  if (!buf_page_make_young_if_needed(&block->page))
+    buf_read_ahead_linear(block->page.id(), 0, false);
+  return trx_undo_page_get_last_rec(block, page_no, offset);
 }
 
 /** Get the previous undo log record.
@@ -268,12 +272,16 @@ trx_undo_get_first_rec(const fil_space_t &space, uint32_t page_no,
                        uint16_t offset, ulint mode, const buf_block_t*& block,
                        mtr_t *mtr, dberr_t *err)
 {
-  block= buf_page_get_gen(page_id_t{space.id, page_no}, 0, mode,
-                          nullptr, BUF_GET, mtr, err);
+  buf_block_t *b= buf_page_get_gen(page_id_t{space.id, page_no}, 0, mode,
+                                   nullptr, BUF_GET, mtr, err);
+  block= b;
   if (!block)
     return nullptr;
 
-  if (trx_undo_rec_t *rec= trx_undo_page_get_first_rec(block, page_no, offset))
+  if (!buf_page_make_young_if_needed(&b->page))
+    buf_read_ahead_linear(b->page.id(), 0, false);
+
+  if (trx_undo_rec_t *rec= trx_undo_page_get_first_rec(b, page_no, offset))
     return rec;
 
   return trx_undo_get_next_rec_from_next_page(block, page_no, offset, mode,
@@ -663,6 +671,8 @@ buf_block_t *trx_undo_add_page(trx_undo_t *undo, mtr_t *mtr, dberr_t *err)
                      0, RW_X_LATCH, nullptr, BUF_GET, mtr, err);
   if (!header_block)
     goto func_exit;
+  buf_page_make_young_if_needed(&header_block->page);
+
   *err= fsp_reserve_free_extents(&n_reserved, rseg->space, 1, FSP_UNDO, mtr);
 
   if (UNIV_UNLIKELY(*err != DB_SUCCESS))
@@ -732,6 +742,8 @@ trx_undo_free_page(
 		return FIL_NULL;
 	}
 
+	buf_page_make_young_if_needed(&header_block->page);
+
 	*err = flst_remove(header_block, TRX_UNDO_SEG_HDR + TRX_UNDO_PAGE_LIST,
 			   undo_block, TRX_UNDO_PAGE_HDR + TRX_UNDO_PAGE_NODE,
 			   mtr);
@@ -740,6 +752,14 @@ trx_undo_free_page(
 		return FIL_NULL;
 	}
 
+	const fil_addr_t last_addr = flst_get_last(
+		TRX_UNDO_SEG_HDR + TRX_UNDO_PAGE_LIST
+		+ header_block->page.frame);
+	if (UNIV_UNLIKELY(last_addr.page == page_no)) {
+		*err = DB_CORRUPTION;
+		return FIL_NULL;
+	}
+
 	*err = fseg_free_page(TRX_UNDO_SEG_HDR + TRX_UNDO_FSEG_HEADER
 			      + header_block->page.frame,
 			      rseg->space, page_no, mtr);
@@ -748,9 +768,6 @@ trx_undo_free_page(
 	}
 	buf_page_free(rseg->space, page_no, mtr);
 
-	const fil_addr_t last_addr = flst_get_last(
-		TRX_UNDO_SEG_HDR + TRX_UNDO_PAGE_LIST
-		+ header_block->page.frame);
 	rseg->curr_size--;
 
 	if (!in_history) {
@@ -794,6 +811,9 @@ static dberr_t trx_undo_truncate_end(trx_undo_t &undo, undo_no_t limit,
 {
   ut_ad(is_temp == !undo.rseg->is_persistent());
 
+  if (UNIV_UNLIKELY(undo.last_page_no == FIL_NULL))
+    return DB_CORRUPTION;
+
   for (mtr_t mtr;;)
   {
     mtr.start();
@@ -887,15 +907,13 @@ trx_undo_truncate_start(
 	trx_undo_rec_t* last_rec;
 	mtr_t		mtr;
 
+	ut_ad(rseg->is_persistent());
+
 	if (!limit) {
 		return DB_SUCCESS;
 	}
 loop:
-	mtr_start(&mtr);
-
-	if (!rseg->is_persistent()) {
-		mtr.set_log_mode(MTR_LOG_NO_REDO);
-	}
+	mtr.start();
 
 	dberr_t err;
 	const buf_block_t* undo_page;
@@ -1263,6 +1281,8 @@ trx_undo_reuse_cached(trx_t* trx, trx_rseg_t* rseg, trx_undo_t** pundo,
 		return NULL;
 	}
 
+	buf_page_make_young_if_needed(&block->page);
+
 	UT_LIST_REMOVE(rseg->undo_cached, undo);
 
 	*pundo = undo;
@@ -1297,19 +1317,24 @@ trx_undo_assign(trx_t* trx, dberr_t* err, mtr_t* mtr)
 	ut_ad(mtr->get_log_mode() == MTR_LOG_ALL);
 
 	trx_undo_t* undo = trx->rsegs.m_redo.undo;
+	buf_block_t* block;
 
 	if (undo) {
-		return buf_page_get_gen(
+		block = buf_page_get_gen(
 			page_id_t(undo->rseg->space->id, undo->last_page_no),
 			0, RW_X_LATCH, undo->guess_block,
 			BUF_GET, mtr, err);
+		if (UNIV_LIKELY(block != nullptr)) {
+			buf_page_make_young_if_needed(&block->page);
+		}
+		return block;
 	}
 
 	*err = DB_SUCCESS;
 	trx_rseg_t* rseg = trx->rsegs.m_redo.rseg;
 
 	rseg->latch.wr_lock(SRW_LOCK_CALL);
-	buf_block_t* block = trx_undo_reuse_cached(
+	block = trx_undo_reuse_cached(
 		trx, rseg, &trx->rsegs.m_redo.undo, mtr, err);
 
 	if (!block) {
@@ -1350,12 +1375,17 @@ trx_undo_assign_low(trx_t *trx, trx_rseg_t *rseg, trx_undo_t **undo,
 		       : &trx->rsegs.m_redo.undo));
 	ut_ad(mtr->get_log_mode()
 	      == (is_temp ? MTR_LOG_NO_REDO : MTR_LOG_ALL));
+	buf_block_t* block;
 
 	if (*undo) {
-		return buf_page_get_gen(
+		block = buf_page_get_gen(
 			page_id_t(rseg->space->id, (*undo)->last_page_no),
 			0, RW_X_LATCH, (*undo)->guess_block,
 			BUF_GET, mtr, err);
+		if (UNIV_LIKELY(block != nullptr)) {
+			buf_page_make_young_if_needed(&block->page);
+		}
+		return block;
 	}
 
 	DBUG_EXECUTE_IF(
@@ -1365,7 +1395,6 @@ trx_undo_assign_low(trx_t *trx, trx_rseg_t *rseg, trx_undo_t **undo,
 
 	*err = DB_SUCCESS;
 	rseg->latch.wr_lock(SRW_LOCK_CALL);
-	buf_block_t* block;
 	if (is_temp) {
 		ut_ad(!UT_LIST_GET_LEN(rseg->undo_cached));
 	} else {
diff --git a/storage/maria/aria_s3_copy.cc b/storage/maria/aria_s3_copy.cc
index 77c41ba4..b8a0f5b7 100644
--- a/storage/maria/aria_s3_copy.cc
+++ b/storage/maria/aria_s3_copy.cc
@@ -87,7 +87,9 @@ static struct my_option my_long_options[] =
    &opt_block_size, &opt_block_size, 0, GET_ULONG, REQUIRED_ARG,
    4*1024*1024, 64*1024, 16*1024*1024, MALLOC_OVERHEAD, 1024, 0 },
   {"s3_protocol_version", 'L',
-   "Protocol used to communication with S3. One of \"Auto\", \"Amazon\" or \"Original\".",
+   "Protocol used to communication with S3. One of \"Auto\", \"Legacy\", "
+   "\"Original\", \"Amazon\", \"Path\" or \"Domain\". "
+   "Note: \"Legacy\", \"Original\" and \"Amazon\" are deprecated.",
    &opt_protocol_version, &opt_protocol_version, &s3_protocol_typelib,
    GET_ENUM, REQUIRED_ARG, 0, 0, 0, 0, 0, 0},
   {"force", 'f', "Force copy even if target exists",
@@ -195,7 +197,7 @@ static void get_options(int *argc, char ***argv)
     my_exit(-1);
   }
   if (opt_s3_debug)
-    ms3_debug();
+    ms3_debug(1);
 
 } /* get_options */
 
@@ -218,9 +220,20 @@ int main(int argc, char** argv)
 
   ms3_set_option(global_s3_client, MS3_OPT_BUFFER_CHUNK_SIZE, &block_size);
 
-  if (opt_protocol_version)
+  if (opt_protocol_version > 2)
   {
-    uint8_t protocol_version= (uint8_t) opt_protocol_version;
+    uint8_t protocol_version;
+    switch (opt_protocol_version)
+    {
+      case 3: /* Legacy means v1 */
+      case 4: /* Path means v1 */
+        protocol_version= 1;
+        break;
+      case 5: /* Domain means v2 */
+        protocol_version= 2;
+        break;
+    }
+
     ms3_set_option(global_s3_client, MS3_OPT_FORCE_PROTOCOL_VERSION,
                    &protocol_version);
   }
diff --git a/storage/maria/ha_s3.cc b/storage/maria/ha_s3.cc
index 8c105522..0abb3f07 100644
--- a/storage/maria/ha_s3.cc
+++ b/storage/maria/ha_s3.cc
@@ -121,6 +121,29 @@ static void update_secret_key(MYSQL_THD thd,
   }
 }
 
+static void update_s3_debug(MYSQL_THD thd,
+                            struct st_mysql_sys_var *var
+                            __attribute__((unused)),
+                            void *var_ptr __attribute__((unused)),
+                            const void *save)
+{
+  char new_state= *(char *) save;
+  if (s3_debug != new_state)
+  {
+    s3_debug= new_state;
+    if (s3_hton)                                // If library is initalized
+    {
+      ms3_debug(new_state);
+      if (!new_state)
+      {
+        /* Ensure that all logging is written to log */
+        fflush(stderr);
+      }
+    }
+  }
+}
+
+
 /* Define system variables for S3 */
 
 static MYSQL_SYSVAR_ULONG(block_size, s3_block_size,
@@ -129,9 +152,9 @@ static MYSQL_SYSVAR_ULONG(block_size, s3_block_size,
        4*1024*1024, 65536, 16*1024*1024, 8192);
 
 static MYSQL_SYSVAR_BOOL(debug, s3_debug,
-       PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
+       PLUGIN_VAR_RQCMDARG,
       "Generates trace file from libmarias3 on stderr for debugging",
-       0, 0, 0);
+       0, update_s3_debug, 0);
 
 static MYSQL_SYSVAR_BOOL(slave_ignore_updates, s3_slave_ignore_updates,
        PLUGIN_VAR_RQCMDARG | PLUGIN_VAR_READONLY,
@@ -147,7 +170,10 @@ static MYSQL_SYSVAR_BOOL(replicate_alter_as_create_select,
 static MYSQL_SYSVAR_ENUM(protocol_version, s3_protocol_version,
                          PLUGIN_VAR_RQCMDARG,
                          "Protocol used to communication with S3. One of "
-                         "\"Auto\", \"Amazon\" or \"Original\".",
+                         "\"Auto\", \"Legacy\", \"Original\", \"Amazon\", "
+                         "\"Path\" or \"Domain\". "
+                         "Note: \"Legacy\", \"Original\" and \"Amazon\" are "
+                         "deprecated.",
                          NULL, NULL, 0, &s3_protocol_typelib);
 
 static MYSQL_SYSVAR_ULONG(pagecache_age_threshold,
@@ -1048,7 +1074,7 @@ static int ha_s3_init(void *p)
   s3_pagecache.big_block_free= s3_free;
   s3_init_library();
   if (s3_debug)
-    ms3_debug();
+    ms3_debug(1);
 
   struct s3_func s3f_real =
   {
diff --git a/storage/maria/libmarias3/README.rst b/storage/maria/libmarias3/README.rst
index 2d9a7f49..b318e4ae 100644
--- a/storage/maria/libmarias3/README.rst
+++ b/storage/maria/libmarias3/README.rst
@@ -45,6 +45,17 @@ You will need the following OS environment variables set to run the tests:
 | S3NOVERIFY | Set to ``1`` if the host should not use SSL verification |
 +------------+----------------------------------------------------------+
 
+If you have minion installed, you should be able to use same settings as used by
+MariaDB mtr s3 tests:
+
+export S3KEY=minio
+export S3SECRET=minioadmin
+export S3REGION=
+export S3BUCKET=storage-engine
+export S3HOST=127.0.0.1
+export S3PORT=9000
+export S3USEHTTP=1
+
 The test suite is automatically built along with the library and can be executed with ``make check`` or ``make distcheck``.
 
 Before pushing, please ALWAYS ensure that ``make check`` and ``make distcheck`` works!
diff --git a/storage/maria/libmarias3/docs/api/functions.rst b/storage/maria/libmarias3/docs/api/functions.rst
index b30fac92..9be9718e 100644
--- a/storage/maria/libmarias3/docs/api/functions.rst
+++ b/storage/maria/libmarias3/docs/api/functions.rst
@@ -147,7 +147,7 @@ Example
    res= ms3_list(ms3, s3bucket, NULL, &list);
    if (res)
    {
-       printf("Error occured: %d\n", res);
+       printf("Error occurred: %d\n", res);
        return;
    }
    list_it= list;
@@ -220,7 +220,7 @@ Example
    res= ms3_put(ms3, s3bucket, "test/ms3.txt", (const uint8_t*)test_string, strlen(test_string));
    if (res)
    {
-       printf("Error occured: %d\n", res);
+       printf("Error occurred: %d\n", res);
        return;
    }
    ms3_deinit(ms3);
@@ -290,7 +290,7 @@ Example
    res= ms3_get(ms3, s3bucket, "test/ms3.txt", &data, &length);
    if (res)
    {
-       printf("Error occured: %d\n", res);
+       printf("Error occurred: %d\n", res);
        return;
    }
    printf("File contents: %s\n", data);
@@ -348,7 +348,7 @@ Example
    res = ms3_delete(ms3, s3bucket, "test/ms3.txt");
    if (res)
    {
-       printf("Error occured: %d\n", res);
+       printf("Error occurred: %d\n", res);
        return;
    }
    ms3_deinit(ms3);
@@ -384,7 +384,7 @@ Example
    res= ms3_status(ms3, s3bucket, "test/ms3.txt", &status);
    if (res)
    {
-       printf("Error occured: %d\n", res);
+       printf("Error occurred: %d\n", res);
        return;
    }
    printf("File length: %ld\n", status.length);
diff --git a/storage/maria/libmarias3/docs/api/types.rst b/storage/maria/libmarias3/docs/api/types.rst
index eba57466..4ef620b9 100644
--- a/storage/maria/libmarias3/docs/api/types.rst
+++ b/storage/maria/libmarias3/docs/api/types.rst
@@ -49,6 +49,8 @@ Constants
    * ``MS3_OPT_BUFFER_CHUNK_SIZE`` - Set the chunk size in bytes for the receive buffer. Default is 1MB. If you are receiving a large file a realloc will have to happen every time the buffer is full. For performance reasons you may want to increase the size of this buffer to reduce the reallocs and associated memory copies. The ``value`` parameter of :c:func:`ms3_set_option` should be a pointer to a :c:type:`size_t` greater than 1.
    * ``MS3_OPT_FORCE_LIST_VERSION`` - An internal option for the regression suite only. The ``value`` parameter of :c:func:`ms3_set_option` should be a pointer to a :c:type:`uint8_t` of value ``1`` or ``2``
    * ``MS3_OPT_FORCE_PROTOCOL_VERSION`` - Set to 1 to force talking to the S3 server using version 1 of the List Bucket API, this is for S3 compatible servers. Set to 2 to force talking to the S3 server version 2 of the List Bucket API. This is for use when the autodetect bsaed on providing a base_domain does the wrong thing. The ``value`` parameter of :c:func:`ms3_set_option` should be a pointer to a :c:type:`uint8_t` of value ``1`` or ``2``
+   * ``MS3_OPT_READ_CB`` - Custom read callback for :c:func:`ms3_get`. The ``value`` parameter of :c:func:`ms3_set_option` should be a :c:type:`ms3_read_callback` function.
+   * ``MS3_OPT_USER_DATA`` - User data for the custom read callback. The ``value`` parameter of :c:func:`ms3_set_option` is the pointer that will be passed as the ``userdata`` argument of the callback.
 
 Built-In Types
 ==============
diff --git a/storage/maria/libmarias3/libmarias3/marias3.h b/storage/maria/libmarias3/libmarias3/marias3.h
index 80b5e77c..80b1ef78 100644
--- a/storage/maria/libmarias3/libmarias3/marias3.h
+++ b/storage/maria/libmarias3/libmarias3/marias3.h
@@ -55,6 +55,12 @@ typedef void *(*ms3_realloc_callback)(void *ptr, size_t size);
 typedef char *(*ms3_strdup_callback)(const char *str);
 typedef void *(*ms3_calloc_callback)(size_t nmemb, size_t size);
 
+/** The callback function for MS3_OPT_READ_CB. The function and the user data
+ * set with MS3_OPT_USER_DATA are passed to Curl. For more information, refer
+ * to CURLOPT_WRITE_FUNCTION. */
+typedef size_t (*ms3_read_callback)(void *buffer, size_t size,
+                                    size_t nitems, void *userdata);
+
 enum ms3_error_code_t
 {
   MS3_ERR_NONE,
@@ -70,6 +76,7 @@ enum ms3_error_code_t
   MS3_ERR_SERVER,
   MS3_ERR_TOO_BIG,
   MS3_ERR_AUTH_ROLE,
+  MS3_ERR_ENDPOINT,
   MS3_ERR_MAX // Always the last error
 };
 
@@ -82,6 +89,8 @@ enum ms3_set_option_t
   MS3_OPT_BUFFER_CHUNK_SIZE,
   MS3_OPT_FORCE_LIST_VERSION,
   MS3_OPT_FORCE_PROTOCOL_VERSION,
+  MS3_OPT_READ_CB,
+  MS3_OPT_USER_DATA,
   MS3_OPT_PORT_NUMBER
 };
 
@@ -124,7 +133,7 @@ MS3_API
 const char *ms3_error(uint8_t errcode);
 
 MS3_API
-void ms3_debug(void);
+void ms3_debug(int debug_state);
 
 MS3_API
 uint8_t ms3_list(ms3_st *ms3, const char *bucket, const char *prefix,
diff --git a/storage/maria/libmarias3/src/assume_role.c b/storage/maria/libmarias3/src/assume_role.c
index 255b1eca..4135504c 100644
--- a/storage/maria/libmarias3/src/assume_role.c
+++ b/storage/maria/libmarias3/src/assume_role.c
@@ -373,7 +373,7 @@ build_assume_role_request_headers(CURL *curl, struct curl_slist **head,
   time_t now;
   struct tm tmp_tm;
   char headerbuf[3072];
-  char secrethead[45];
+  char secrethead[MAX_S3_SECRET_LENGTH + S3_SECRET_EXTRA_LENGTH];
   char date[9];
   char sha256hash[65];
   char post_hash[65];
@@ -445,7 +445,7 @@ build_assume_role_request_headers(CURL *curl, struct curl_slist **head,
 
   // User signing key hash
   // Date hashed using AWS4:secret_key
-  snprintf(secrethead, sizeof(secrethead), "AWS4%.*s", 40, secret);
+  snprintf(secrethead, sizeof(secrethead), "AWS4%.*s", MAX_S3_SECRET_LENGTH, secret);
   strftime(headerbuf, sizeof(headerbuf), "%Y%m%d", &tmp_tm);
   hmac_sha256((uint8_t *)secrethead, strlen(secrethead), (uint8_t *)headerbuf,
               strlen(headerbuf), hmac_hash);
diff --git a/storage/maria/libmarias3/src/error.c b/storage/maria/libmarias3/src/error.c
index edf95d05..2723c846 100644
--- a/storage/maria/libmarias3/src/error.c
+++ b/storage/maria/libmarias3/src/error.c
@@ -35,5 +35,7 @@ const char *errmsgs[] =
   "Authentication error",
   "File not found",
   "S3 server error",
-  "Data too big. Maximum data size is 4GB"
+  "Data too big. Maximum data size is 4GB",
+  "Error in role",
+  "Endpoint permanently moved"
 };
diff --git a/storage/maria/libmarias3/src/include.am b/storage/maria/libmarias3/src/include.am
index b8c07a6f..f786df3b 100644
--- a/storage/maria/libmarias3/src/include.am
+++ b/storage/maria/libmarias3/src/include.am
@@ -18,7 +18,7 @@ lib_LTLIBRARIES+= src/libmarias3.la
 src_libmarias3_la_SOURCES=
 src_libmarias3_la_LIBADD=
 src_libmarias3_la_LDFLAGS=
-src_libmarias3_la_CFLAGS= -DBUILDING_MS3
+src_libmarias3_la_CFLAGS= -DBUILDING_MS3 -fPIC
 
 src_libmarias3_la_SOURCES+= src/marias3.c
 src_libmarias3_la_SOURCES+= src/request.c
diff --git a/storage/maria/libmarias3/src/marias3.c b/storage/maria/libmarias3/src/marias3.c
index 74d7233a..b146da55 100644
--- a/storage/maria/libmarias3/src/marias3.c
+++ b/storage/maria/libmarias3/src/marias3.c
@@ -52,7 +52,7 @@ static void locking_function(int mode, int n, const char *file, int line)
     pthread_mutex_unlock(&(mutex_buf[n]));
 }
 
-static int curl_needs_openssl_locking()
+static int curl_needs_openssl_locking(void)
 {
   curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
 
@@ -214,6 +214,8 @@ ms3_st *ms3_init(const char *s3key, const char *s3secret,
   ms3->list_container.start = NULL;
   ms3->list_container.pool_list = NULL;
   ms3->list_container.pool_free = 0;
+  ms3->read_cb= 0;
+  ms3->user_data= 0;
 
   ms3->iam_role = NULL;
   ms3->role_key = NULL;
@@ -354,14 +356,16 @@ const char *ms3_server_error(ms3_st *ms3)
   return ms3->last_error;
 }
 
-void ms3_debug(void)
+void ms3_debug(int debug_state)
 {
   bool state = ms3debug_get();
-  ms3debug_set(!state);
-
-  if (state)
+  if (state != (bool) debug_state)
   {
-    ms3debug("enabling debug");
+    ms3debug_set((bool) debug_state);
+    if (debug_state)
+    {
+      ms3debug("enabling debug");
+    }
   }
 }
 
@@ -449,15 +453,23 @@ uint8_t ms3_get(ms3_st *ms3, const char *bucket, const char *key,
   buf.data = NULL;
   buf.length = 0;
 
-  if (!ms3 || !bucket || !key || key[0] == '\0' || !data || !length)
+  if (!ms3 || !bucket || !key || key[0] == '\0')
+  {
+    return MS3_ERR_PARAMETER;
+  }
+  else if (!ms3->read_cb && (!data || !length))
   {
     return MS3_ERR_PARAMETER;
   }
 
   res = execute_request(ms3, MS3_CMD_GET, bucket, key, NULL, NULL, NULL, NULL, 0,
                         NULL, &buf);
-  *data = buf.data;
-  *length = buf.length;
+  if (!ms3->read_cb)
+  {
+    *data = buf.data;
+    *length = buf.length;
+  }
+
   return res;
 }
 
@@ -617,7 +629,7 @@ uint8_t ms3_set_option(ms3_st *ms3, ms3_set_option_t option, void *value)
         return MS3_ERR_PARAMETER;
       }
 
-      ms3->list_version = protocol_version;
+      ms3->protocol_version = protocol_version;
       break;
     }
 
@@ -634,6 +646,24 @@ uint8_t ms3_set_option(ms3_st *ms3, ms3_set_option_t option, void *value)
       ms3->port = port_number;
       break;
     }
+
+    case MS3_OPT_READ_CB:
+    {
+      if (!value)
+      {
+        return MS3_ERR_PARAMETER;
+      }
+
+      ms3->read_cb = value;
+      break;
+    }
+
+    case MS3_OPT_USER_DATA:
+    {
+      ms3->user_data = value;
+      break;
+    }
+
     default:
       return MS3_ERR_PARAMETER;
   }
diff --git a/storage/maria/libmarias3/src/request.c b/storage/maria/libmarias3/src/request.c
index 26165474..b2924f9d 100644
--- a/storage/maria/libmarias3/src/request.c
+++ b/storage/maria/libmarias3/src/request.c
@@ -413,7 +413,7 @@ static uint8_t build_request_headers(CURL *curl, struct curl_slist **head,
   time_t now;
   struct tm tmp_tm;
   char headerbuf[3072];
-  char secrethead[45];
+  char secrethead[MAX_S3_SECRET_LENGTH + S3_SECRET_EXTRA_LENGTH];
   char date[9];
   char sha256hash[65];
   char post_hash[65];
@@ -520,7 +520,7 @@ static uint8_t build_request_headers(CURL *curl, struct curl_slist **head,
 
   // User signing key hash
   // Date hashed using AWS4:secret_key
-  snprintf(secrethead, sizeof(secrethead), "AWS4%.*s", 40, secret);
+  snprintf(secrethead, sizeof(secrethead), "AWS4%.*s", MAX_S3_SECRET_LENGTH, secret);
   strftime(headerbuf, sizeof(headerbuf), "%Y%m%d", &tmp_tm);
   hmac_sha256((uint8_t *)secrethead, strlen(secrethead), (uint8_t *)headerbuf,
               strlen(headerbuf), hmac_hash);
@@ -829,9 +829,19 @@ uint8_t execute_request(ms3_st *ms3, command_t cmd, const char *bucket,
   if (ms3->port)
     curl_easy_setopt(curl, CURLOPT_PORT, (long)ms3->port);
 
+  if (ms3->read_cb && cmd == MS3_CMD_GET)
+  {
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, ms3->read_cb);
+    curl_easy_setopt(curl, CURLOPT_WRITEDATA, ms3->user_data);
+  }
+  else
+  {
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, body_callback);
+    curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&mem);
+  }
+
+  curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, ms3->buffer_chunk_size);
   curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, header_callback);
-  curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, body_callback);
-  curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void *)&mem);
   curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1);
   curl_res = curl_easy_perform(curl);
 
@@ -848,6 +858,18 @@ uint8_t execute_request(ms3_st *ms3, command_t cmd, const char *bucket,
   curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &response_code);
   ms3debug("Response code: %ld", response_code);
 
+  if (response_code == 301)
+  {
+    char *message = parse_error_message((char *)mem.data, mem.length);
+
+    if (message)
+    {
+      ms3debug("Response message: %s", message);
+    }
+
+    set_error_nocopy(ms3, message);
+    res = MS3_ERR_ENDPOINT;
+  }
   if (response_code == 404)
   {
     char *message = parse_error_message((char *)mem.data, mem.length);
diff --git a/storage/maria/libmarias3/src/request.h b/storage/maria/libmarias3/src/request.h
index 9ce8bb5c..29ea79b3 100644
--- a/storage/maria/libmarias3/src/request.h
+++ b/storage/maria/libmarias3/src/request.h
@@ -26,6 +26,8 @@
 // Maxmum S3 file size is 1024 bytes so for protection we make the maximum
 // URI length this
 #define MAX_URI_LENGTH 1024
+#define MAX_S3_SECRET_LENGTH 128
+#define S3_SECRET_EXTRA_LENGTH 5
 
 #define READ_BUFFER_DEFAULT_SIZE 1024*1024
 
diff --git a/storage/maria/libmarias3/src/response.c b/storage/maria/libmarias3/src/response.c
index 4e976aba..da5d6b3c 100644
--- a/storage/maria/libmarias3/src/response.c
+++ b/storage/maria/libmarias3/src/response.c
@@ -395,7 +395,7 @@ uint8_t parse_role_list_response(const char *data, size_t length, char *role_nam
             }
           }
           while ((member = xml_node_child(roles, ++roles_it)));
-          if (!strcmp(response_role_name, role_name))
+          if (response_role_name && !strcmp(response_role_name, role_name))
           {
               ms3debug("Role Found ARN = %s",response_role_arn);
               sprintf(arn, "%s", response_role_arn);
diff --git a/storage/maria/libmarias3/src/structs.h b/storage/maria/libmarias3/src/structs.h
index 34cbd817..30a7fff0 100644
--- a/storage/maria/libmarias3/src/structs.h
+++ b/storage/maria/libmarias3/src/structs.h
@@ -64,6 +64,8 @@ struct ms3_st
   bool first_run;
   char *path_buffer;
   char *query_buffer;
+  void *read_cb;
+  void *user_data;
   struct ms3_list_container_st list_container;
 };
 
diff --git a/storage/maria/libmarias3/src/xml.c b/storage/maria/libmarias3/src/xml.c
index 2c48a4ea..25bd125f 100644
--- a/storage/maria/libmarias3/src/xml.c
+++ b/storage/maria/libmarias3/src/xml.c
@@ -800,7 +800,7 @@ node_creation:;
 	return node;
 
 
-	/* A failure occured, so free all allocalted resources
+	/* A failure occurred, so free all allocalted resources
 	 */
 exit_failure:
 	if (tag_open) {
diff --git a/storage/maria/libmarias3/tests/error.c b/storage/maria/libmarias3/tests/error.c
index 9be45d44..1b38a81c 100644
--- a/storage/maria/libmarias3/tests/error.c
+++ b/storage/maria/libmarias3/tests/error.c
@@ -35,7 +35,7 @@ int main(int argc, char *argv[])
   (void) argv;
 
   // Enable here so cppcheck shows coverage
-  ms3_debug();
+  ms3_debug(1);
   ASSERT_NOT_NULL(ms3);
   errmsg = ms3_error(255);
   ASSERT_STREQ(errmsg, "No such error code");
diff --git a/storage/maria/libmarias3/tests/include.am b/storage/maria/libmarias3/tests/include.am
index 1cb25a1c..fc4b267b 100644
--- a/storage/maria/libmarias3/tests/include.am
+++ b/storage/maria/libmarias3/tests/include.am
@@ -67,3 +67,7 @@ t_list_LDADD= src/libmarias3.la
 check_PROGRAMS+= t/list
 noinst_PROGRAMS+= t/list
 
+t_read_cb_SOURCES= tests/read_cb.c
+t_read_cb_LDADD= src/libmarias3.la
+check_PROGRAMS+= t/read_cb
+noinst_PROGRAMS+= t/read_cb
diff --git a/storage/maria/libmarias3/tests/read_cb.c b/storage/maria/libmarias3/tests/read_cb.c
new file mode 100644
index 00000000..57d50d59
--- /dev/null
+++ b/storage/maria/libmarias3/tests/read_cb.c
@@ -0,0 +1,129 @@
+/* vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
+ * Copyright 2023 MariaDB Corporation Ab. All rights reserved.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301  USA
+ */
+
+#include <yatl/lite.h>
+#include <libmarias3/marias3.h>
+
+#define NUM_BYTES 64 * 1024
+
+/* Tests basic GET with a custom read callback */
+int total_reads = 0;
+
+static size_t read_cb(void *buf, size_t size, size_t nitems, void *userdata)
+{
+    char** dat = (char**)userdata;
+    char* ptr = *dat;
+    memcpy(ptr, buf, size * nitems);
+    ptr += size * nitems;
+    *dat = ptr;
+    total_reads++;
+    return nitems * size;
+}
+
+int main(int argc, char *argv[])
+{
+  int res;
+  int initial_reads;
+  uint8_t *data;
+  size_t length;
+  ms3_st *ms3;
+  size_t buffer_size;
+  char *test_string = malloc(NUM_BYTES);
+  char *dest = malloc(NUM_BYTES);
+  char* userdata = dest;
+  char *s3key = getenv("S3KEY");
+  char *s3secret = getenv("S3SECRET");
+  char *s3region = getenv("S3REGION");
+  char *s3bucket = getenv("S3BUCKET");
+  char *s3host = getenv("S3HOST");
+  char *s3noverify = getenv("S3NOVERIFY");
+  char *s3usehttp = getenv("S3USEHTTP");
+  char *s3port = getenv("S3PORT");
+
+  SKIP_IF_(!s3key, "Environment variable S3KEY missing");
+  SKIP_IF_(!s3secret, "Environment variable S3SECRET missing");
+  SKIP_IF_(!s3region, "Environment variable S3REGION missing");
+  SKIP_IF_(!s3bucket, "Environment variable S3BUCKET missing");
+
+  (void) argc;
+  (void) argv;
+
+  memset(test_string, 'a', NUM_BYTES);
+  memset(dest, 'b', NUM_BYTES);
+
+  ms3_library_init();
+  ms3 = ms3_init(s3key, s3secret, s3region, s3host);
+
+  if (s3noverify && !strcmp(s3noverify, "1"))
+  {
+    ms3_set_option(ms3, MS3_OPT_DISABLE_SSL_VERIFY, NULL);
+  }
+
+  if (s3usehttp && !strcmp(s3usehttp, "1"))
+  {
+    ms3_set_option(ms3, MS3_OPT_USE_HTTP, NULL);
+  }
+
+  if (s3port)
+  {
+    int port = atol(s3port);
+    ms3_set_option(ms3, MS3_OPT_PORT_NUMBER, &port);
+  }
+
+  ASSERT_NOT_NULL(ms3);
+
+  res = ms3_put(ms3, s3bucket, "test/read_cb.dat",
+                (const uint8_t *)test_string,
+                NUM_BYTES);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  res = ms3_set_option(ms3, MS3_OPT_READ_CB, read_cb);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  res = ms3_set_option(ms3, MS3_OPT_USER_DATA, &userdata);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  length = 0;
+  data = 0;
+  res = ms3_get(ms3, s3bucket, "test/read_cb.dat", &data, &length);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  ASSERT_EQ(data, 0);
+  ASSERT_EQ(length, 0);
+  ASSERT_EQ(memcmp(test_string, dest, NUM_BYTES), 0);
+
+  /** Test that the callbacks work with a smaller chunk size */
+  memset(dest, 'c', NUM_BYTES);
+  userdata = dest;
+  buffer_size = 1024;
+  res = ms3_set_option(ms3, MS3_OPT_BUFFER_CHUNK_SIZE, &buffer_size);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  initial_reads = total_reads;
+  res = ms3_get(ms3, s3bucket, "test/read_cb.dat", &data, &length);
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  ASSERT_EQ(memcmp(test_string, dest, NUM_BYTES), 0);
+  ASSERT_TRUE_((total_reads - initial_reads) > initial_reads * 2,
+               "Expected more than %d reads but got only %d",
+               initial_reads * 2, total_reads - initial_reads);
+
+  res = ms3_delete(ms3, s3bucket, "test/read_cb.dat");
+  ASSERT_EQ_(res, 0, "Result: %u", res);
+  free(test_string);
+  free(dest);
+  ms3_free(data);
+  ms3_deinit(ms3);
+  ms3_library_deinit();
+  return 0;
+}
diff --git a/storage/maria/s3_func.c b/storage/maria/s3_func.c
index 3d18ba88..d85dc8a0 100644
--- a/storage/maria/s3_func.c
+++ b/storage/maria/s3_func.c
@@ -39,7 +39,7 @@ static int s3_read_file_from_disk(const char *filename, uchar **to,
 
 /* Used by ha_s3.cc and tools to define different protocol options */
 
-static const char *protocol_types[]= {"Auto", "Original", "Amazon", NullS};
+static const char *protocol_types[]= {"Auto", "Original", "Amazon", "Legacy", "Path", "Domain", NullS};
 TYPELIB s3_protocol_typelib= {array_elements(protocol_types)-1,"",
                               protocol_types, NULL};
 
@@ -154,9 +154,23 @@ ms3_st *s3_open_connection(S3_INFO *s3)
                     errno, ms3_error(errno));
     my_errno= HA_ERR_NO_SUCH_TABLE;
   }
-  if (s3->protocol_version)
+  if (s3->protocol_version > 2)
+  {
+    uint8_t protocol_version;
+    switch (s3->protocol_version)
+    {
+      case 3: /* Legacy means v1 */
+      case 4: /* Path means v1 */
+        protocol_version= 1;
+        break;
+      case 5: /* Domain means v2 */
+        protocol_version= 2;
+        break;
+    }
+
     ms3_set_option(s3_client, MS3_OPT_FORCE_PROTOCOL_VERSION,
-                   &s3->protocol_version);
+                   &protocol_version);
+  }
   if (s3->port)
     ms3_set_option(s3_client, MS3_OPT_PORT_NUMBER, &s3->port);
 
diff --git a/storage/maria/unittest/ma_pagecache_consist.c b/storage/maria/unittest/ma_pagecache_consist.c
index ff4a2bcb..938e5b10 100644
--- a/storage/maria/unittest/ma_pagecache_consist.c
+++ b/storage/maria/unittest/ma_pagecache_consist.c
@@ -403,10 +403,6 @@ int main(int argc __attribute__((unused)),
     exit(1);
   }
 
-#ifdef HAVE_THR_SETCONCURRENCY
-  thr_setconcurrency(2);
-#endif
-
   if ((pagen= init_pagecache(&pagecache, PCACHE_SIZE, 0, 0,
                              TEST_PAGE_SIZE, 0, 0)) == 0)
   {
diff --git a/storage/maria/unittest/ma_pagecache_rwconsist.c b/storage/maria/unittest/ma_pagecache_rwconsist.c
index 24c30245..e059ac45 100644
--- a/storage/maria/unittest/ma_pagecache_rwconsist.c
+++ b/storage/maria/unittest/ma_pagecache_rwconsist.c
@@ -272,10 +272,6 @@ int main(int argc __attribute__((unused)),
     exit(1);
   }
 
-#ifdef HAVE_THR_SETCONCURRENCY
-  thr_setconcurrency(2);
-#endif
-
   if ((pagen= init_pagecache(&pagecache, PCACHE_SIZE, 0, 0,
                              TEST_PAGE_SIZE, 0, 0)) == 0)
   {
diff --git a/storage/maria/unittest/ma_pagecache_rwconsist2.c b/storage/maria/unittest/ma_pagecache_rwconsist2.c
index c92bec3c..28d3bb8d 100644
--- a/storage/maria/unittest/ma_pagecache_rwconsist2.c
+++ b/storage/maria/unittest/ma_pagecache_rwconsist2.c
@@ -268,10 +268,6 @@ int main(int argc __attribute__((unused)),
     exit(1);
   }
 
-#ifdef HAVE_THR_SETCONCURRENCY
-  thr_setconcurrency(2);
-#endif
-
   if ((pagen= init_pagecache(&pagecache, PCACHE_SIZE, 0, 0,
                              TEST_PAGE_SIZE, 0, 0)) == 0)
   {
diff --git a/storage/maria/unittest/ma_pagecache_single.c b/storage/maria/unittest/ma_pagecache_single.c
index de2ecaec..9009e59c 100644
--- a/storage/maria/unittest/ma_pagecache_single.c
+++ b/storage/maria/unittest/ma_pagecache_single.c
@@ -795,10 +795,6 @@ int main(int argc __attribute__((unused)),
     exit(1);
   }
 
-#ifdef HAVE_THR_SETCONCURRENCY
-  thr_setconcurrency(2);
-#endif
-
   if ((pagen= init_pagecache(&pagecache, PCACHE_SIZE, 0, 0,
                              TEST_PAGE_SIZE, 0, MYF(MY_WME))) == 0)
   {
diff --git a/storage/maria/unittest/ma_test_loghandler_multithread-t.c b/storage/maria/unittest/ma_test_loghandler_multithread-t.c
index ec097ede..be6046ab 100644
--- a/storage/maria/unittest/ma_test_loghandler_multithread-t.c
+++ b/storage/maria/unittest/ma_test_loghandler_multithread-t.c
@@ -331,10 +331,6 @@ int main(int argc __attribute__((unused)),
     exit(1);
   }
 
-#ifdef HAVE_THR_SETCONCURRENCY
-  thr_setconcurrency(2);
-#endif
-
   if (ma_control_file_open(TRUE, TRUE, TRUE))
   {
     fprintf(stderr, "Can't init control file (%d)\n", errno);
diff --git a/storage/myisam/ha_myisam.cc b/storage/myisam/ha_myisam.cc
index 34809f41..14311c87 100644
--- a/storage/myisam/ha_myisam.cc
+++ b/storage/myisam/ha_myisam.cc
@@ -710,6 +710,16 @@ my_bool mi_killed_in_mariadb(MI_INFO *info)
   return (((TABLE*) (info->external_ref))->in_use->killed != 0);
 }
 
+static void init_compute_vcols(void *table)
+{
+  /*
+    To evaluate vcols we must have current_thd set.
+    This will set current_thd in all threads to the same THD, but it's
+    safe, because vcols are always evaluated under info->s->intern_lock.
+  */
+  set_current_thd(static_cast<TABLE *>(table)->in_use);
+}
+
 static int compute_vcols(MI_INFO *info, uchar *record, int keynum)
 {
   /* This mutex is needed for parallel repair */
@@ -1011,6 +1021,7 @@ void ha_myisam::setup_vcols_for_repair(HA_CHECK *param)
   }
   DBUG_ASSERT(file->s->base.reclength < file->s->vreclength ||
               !table->s->stored_fields);
+  param->init_fix_record= init_compute_vcols;
   param->fix_record= compute_vcols;
   table->use_all_columns();
 }
diff --git a/storage/myisam/sort.c b/storage/myisam/sort.c
index 375c1840..0fb475c4 100644
--- a/storage/myisam/sort.c
+++ b/storage/myisam/sort.c
@@ -529,6 +529,11 @@ pthread_handler_t thr_find_all_keys(void *arg)
 {
   MI_SORT_PARAM *sort_param= (MI_SORT_PARAM*) arg;
   my_bool error= FALSE;
+
+  MI_SORT_INFO *si= sort_param->sort_info;
+  if (si->param->init_fix_record)
+    si->param->init_fix_record(si->info->external_ref);
+
   /* If my_thread_init fails */
   if (my_thread_init() || thr_find_all_keys_exec(sort_param))
     error= TRUE;
diff --git a/storage/myisammrg/ha_myisammrg.h b/storage/myisammrg/ha_myisammrg.h
index 6da327ec..9964add9 100644
--- a/storage/myisammrg/ha_myisammrg.h
+++ b/storage/myisammrg/ha_myisammrg.h
@@ -34,7 +34,7 @@ class Mrg_child_def: public Sql_alloc
 {
   /* Remembered MERGE child def version.  See top comment in ha_myisammrg.cc */
   enum_table_ref_type m_child_table_ref_type;
-  ulong m_child_def_version;
+  ulonglong m_child_def_version;
 public:
   LEX_STRING db;
   LEX_STRING name;
@@ -44,12 +44,12 @@ public:
   {
     return m_child_table_ref_type;
   }
-  inline ulong get_child_def_version()
+  inline ulonglong get_child_def_version()
   {
     return m_child_def_version;
   }
   inline void set_child_def_version(enum_table_ref_type child_table_ref_type,
-                                    ulong version)
+                                    ulonglong version)
   {
     m_child_table_ref_type= child_table_ref_type;
     m_child_def_version= version;
diff --git a/storage/perfschema/CMakeLists.txt b/storage/perfschema/CMakeLists.txt
index b4f5e96b..e703e43f 100644
--- a/storage/perfschema/CMakeLists.txt
+++ b/storage/perfschema/CMakeLists.txt
@@ -24,7 +24,7 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
                     ${CMAKE_SOURCE_DIR}/sql
                     ${CMAKE_BINARY_DIR}/sql
                     ${CMAKE_CURRENT_BINARY_DIR}
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${SSL_INCLUDE_DIRS})
 
 ADD_DEFINITIONS(-DMYSQL_SERVER)
diff --git a/storage/perfschema/pfs_variable.cc b/storage/perfschema/pfs_variable.cc
index 239c55b6..a33fe2ed 100644
--- a/storage/perfschema/pfs_variable.cc
+++ b/storage/perfschema/pfs_variable.cc
@@ -66,7 +66,7 @@ static inline SHOW_SCOPE show_scope_from_type(enum enum_mysql_show_type type)
     case SHOW_SIMPLE_FUNC:
     case SHOW_UNDEF:
     default:
-      return SHOW_SCOPE_UNDEF;
+      return SHOW_SCOPE_ALL;
   }
   return SHOW_SCOPE_UNDEF;
 }
@@ -254,7 +254,8 @@ int PFS_system_variable_cache::do_materialize_all(THD *unsafe_thd)
     }
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
@@ -354,7 +355,8 @@ int PFS_system_variable_cache::do_materialize_session(PFS_thread *pfs_thread)
     }
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
@@ -407,7 +409,8 @@ int PFS_system_variable_cache::do_materialize_session(PFS_thread *pfs_thread, ui
     }
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
@@ -458,7 +461,8 @@ int PFS_system_variable_cache::do_materialize_session(THD *unsafe_thd)
     }
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
@@ -716,6 +720,7 @@ bool PFS_status_variable_cache::can_aggregate(enum_mysql_show_type variable_type
     case SHOW_CHAR_PTR:
     case SHOW_ARRAY:
     case SHOW_FUNC:
+    case SHOW_SIMPLE_FUNC:
     case SHOW_INT:
     case SHOW_LONG:
     case SHOW_LONGLONG:
@@ -761,7 +766,7 @@ bool PFS_status_variable_cache::filter_show_var(const SHOW_VAR *show_var, bool s
 /**
   Build an array of SHOW_VARs from the global status array. Expand nested
   subarrays, filter unwanted variables.
-  NOTE: Must be done inside of LOCK_status to guard against plugin load/unload.
+  NOTE: Must be done under LOCK_all_status_vars
 */
 bool PFS_status_variable_cache::init_show_var_array(enum_var_type scope, bool strict)
 {
@@ -880,14 +885,12 @@ char * PFS_status_variable_cache::make_show_var_name(const char* prefix, const c
 */
 bool PFS_status_variable_cache::do_initialize_session(void)
 {
-  /* Acquire LOCK_status to guard against plugin load/unload. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  /* Acquire LOCK_all_status_vars to guard against plugin load/unload. */
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   bool ret= init_show_var_array(OPT_SESSION, true);
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
 
   return ret;
 }
@@ -916,13 +919,12 @@ int PFS_status_variable_cache::do_materialize_global(void)
   m_materialized= false;
   DEBUG_SYNC(m_current_thd, "before_materialize_global_status_array");
 
-  /* Acquire LOCK_status to guard against plugin load/unload. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  /* Acquire LOCK_all_status_vars to guard against plugin load/unload. */
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   /*
-     Build array of SHOW_VARs from global status array. Do this within
-     LOCK_status to ensure that the array remains unchanged during
+     Build array of SHOW_VARs from global status array. Do this under
+     LOCK_all_status_vars to ensure that the array remains unchanged during
      materialization.
    */
   if (!m_external_init)
@@ -945,8 +947,7 @@ int PFS_status_variable_cache::do_materialize_global(void)
   */
   manifest(m_current_thd, m_show_var_array.front(), &status_totals, "", false, true);
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
 
   m_materialized= true;
   DEBUG_SYNC(m_current_thd, "after_materialize_global_status_array");
@@ -966,13 +967,11 @@ int PFS_status_variable_cache::do_materialize_all(THD* unsafe_thd)
   m_materialized= false;
   m_cache.clear();
 
-  /* Avoid recursive acquisition of LOCK_status. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   /*
-     Build array of SHOW_VARs from global status array. Do this within
-     LOCK_status to ensure that the array remains unchanged while this
+     Build array of SHOW_VARs from global status array. Do this under
+     LOCK_all_status_vars to ensure that the array remains unchanged while this
      thread is materialized.
    */
   if (!m_external_init)
@@ -989,14 +988,14 @@ int PFS_status_variable_cache::do_materialize_all(THD* unsafe_thd)
     manifest(m_safe_thd, m_show_var_array.front(), status_vars, "", false, false);
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
   }
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
   return ret;
 }
 
@@ -1012,13 +1011,11 @@ int PFS_status_variable_cache::do_materialize_session(THD* unsafe_thd)
   m_materialized= false;
   m_cache.clear();
 
-  /* Avoid recursive acquisition of LOCK_status. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   /*
-     Build array of SHOW_VARs from global status array. Do this within
-     LOCK_status to ensure that the array remains unchanged while this
+     Build array of SHOW_VARs from global status array. Do this under
+     LOCK_all_status_vars to ensure that the array remains unchanged while this
      thread is materialized.
    */
   if (!m_external_init)
@@ -1035,14 +1032,14 @@ int PFS_status_variable_cache::do_materialize_session(THD* unsafe_thd)
     manifest(m_safe_thd, m_show_var_array.front(), status_vars, "", false, true);
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
   }
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
   return ret;
 }
 
@@ -1059,9 +1056,8 @@ int PFS_status_variable_cache::do_materialize_session(PFS_thread *pfs_thread)
   m_materialized= false;
   m_cache.clear();
 
-  /* Acquire LOCK_status to guard against plugin load/unload. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  /* Acquire LOCK_all_status_vars to guard against plugin load/unload. */
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   /* The SHOW_VAR array must be initialized externally. */
   assert(m_initialized);
@@ -1077,14 +1073,14 @@ int PFS_status_variable_cache::do_materialize_session(PFS_thread *pfs_thread)
     manifest(m_safe_thd, m_show_var_array.front(), status_vars, "", false, true);
 
     /* Release lock taken in get_THD(). */
-    mysql_mutex_unlock(&m_safe_thd->LOCK_thd_data);
+    if (m_safe_thd != current_thd)
+      mysql_mutex_unlock(&m_safe_thd->LOCK_thd_kill);
 
     m_materialized= true;
     ret= 0;
   }
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
   return ret;
 }
 
@@ -1103,9 +1099,8 @@ int PFS_status_variable_cache::do_materialize_client(PFS_client *pfs_client)
   m_materialized= false;
   m_cache.clear();
 
-  /* Acquire LOCK_status to guard against plugin load/unload. */
-  //if (m_current_thd->fill_status_recursion_level++ == 0)
-    mysql_mutex_lock(&LOCK_status);
+  /* Acquire LOCK_all_status_vars to guard against plugin load/unload. */
+  mysql_rwlock_rdlock(&LOCK_all_status_vars);
 
   /* The SHOW_VAR array must be initialized externally. */
   assert(m_initialized);
@@ -1122,8 +1117,7 @@ int PFS_status_variable_cache::do_materialize_client(PFS_client *pfs_client)
   */
   manifest(m_current_thd, m_show_var_array.front(), &status_totals, "", false, true);
 
-  //if (m_current_thd->fill_status_recursion_level-- == 1)
-    mysql_mutex_unlock(&LOCK_status);
+  mysql_rwlock_unlock(&LOCK_all_status_vars);
 
   m_materialized= true;
   return 0;
@@ -1152,16 +1146,19 @@ void PFS_status_variable_cache::manifest(THD *thd, const SHOW_VAR *show_var_arra
       reevaluate the new SHOW_TYPE and value. Handle nested case where
       SHOW_FUNC resolves to another SHOW_FUNC.
     */
-    if (show_var_ptr->type == SHOW_FUNC)
+    if (show_var_ptr->type == SHOW_FUNC || show_var_ptr->type == SHOW_SIMPLE_FUNC)
     {
       show_var_tmp= *show_var_ptr;
       /*
         Execute the function reference in show_var_tmp->value, which returns
         show_var_tmp with a new type and new value.
       */
-      for (const SHOW_VAR *var= show_var_ptr; var->type == SHOW_FUNC; var= &show_var_tmp)
+      for (const SHOW_VAR *var= show_var_ptr;
+           var->type == SHOW_FUNC || var->type == SHOW_SIMPLE_FUNC;
+           var= &show_var_tmp)
       {
-        ((mysql_show_var_func)(var->value))(thd, &show_var_tmp, value_buf.data, NULL, m_query_scope);
+        ((mysql_show_var_func)(var->value))(thd, &show_var_tmp, value_buf.data,
+                                            &thd->status_var, m_query_scope);
       }
       show_var_ptr= &show_var_tmp;
     }
@@ -1213,7 +1210,7 @@ Status_variable::Status_variable(const SHOW_VAR *show_var, STATUS_VAR *status_va
 /**
   Resolve status value, convert to string.
   show_var->value is an offset into status_vars.
-  NOTE: Assumes LOCK_status is held.
+  NOTE: Assumes LOCK_all_status_vars is held.
 */
 void Status_variable::init(const SHOW_VAR *show_var, STATUS_VAR *status_vars, enum_var_type query_scope)
 {
@@ -1279,7 +1276,7 @@ void sum_account_status(PFS_client *pfs_account, STATUS_VAR *status_totals)
 
 /**
   Reset aggregated status counter stats for account, user and host.
-  NOTE: Assumes LOCK_status is held.
+  NOTE: Assumes LOCK_all_status_vars is held.
 */
 void reset_pfs_status_stats()
 {
diff --git a/storage/perfschema/pfs_variable.h b/storage/perfschema/pfs_variable.h
index d3ad4c7f..7dc24826 100644
--- a/storage/perfschema/pfs_variable.h
+++ b/storage/perfschema/pfs_variable.h
@@ -211,8 +211,12 @@ public:
     if (thd != m_unsafe_thd)
       return false;
 
-    /* Hold this lock to keep THD during materialization. */
-    mysql_mutex_lock(&thd->LOCK_thd_data);
+    /*
+      Hold this lock to keep THD during materialization.
+      But don't lock current_thd (to be able to use set_killed() later
+    */
+    if (thd != current_thd)
+      mysql_mutex_lock(&thd->LOCK_thd_kill);
     return true;
   }
   void set_unsafe_thd(THD *unsafe_thd) { m_unsafe_thd= unsafe_thd; }
diff --git a/storage/perfschema/pfs_visitor.cc b/storage/perfschema/pfs_visitor.cc
index 92a5c99e..7e3027ac 100644
--- a/storage/perfschema/pfs_visitor.cc
+++ b/storage/perfschema/pfs_visitor.cc
@@ -1356,8 +1356,7 @@ PFS_connection_status_visitor::~PFS_connection_status_visitor() = default;
 /** Aggregate from global status. */
 void PFS_connection_status_visitor::visit_global()
 {
-   /* NOTE: Requires lock on LOCK_status. */
-   mysql_mutex_assert_owner(&LOCK_status);
+   /* NOTE: Requires lock on LOCK_all_status_vars. */
    add_to_status(m_status_vars, &global_status_var);
 }
 
diff --git a/storage/perfschema/table_helper.h b/storage/perfschema/table_helper.h
index ddea4c08..87572ef2 100644
--- a/storage/perfschema/table_helper.h
+++ b/storage/perfschema/table_helper.h
@@ -659,7 +659,7 @@ public:
 private:
   void make_row(const CHARSET_INFO *cs, const char* str, size_t length);
 
-  char m_str[1024];
+  char m_str[2048];
   uint m_length;
   const CHARSET_INFO *m_charset;
 };
diff --git a/storage/perfschema/unittest/CMakeLists.txt b/storage/perfschema/unittest/CMakeLists.txt
index 2a22990f..600795c7 100644
--- a/storage/perfschema/unittest/CMakeLists.txt
+++ b/storage/perfschema/unittest/CMakeLists.txt
@@ -22,7 +22,7 @@
 
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
                     ${CMAKE_SOURCE_DIR}/include/mysql
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${CMAKE_SOURCE_DIR}/sql
                     ${SSL_INCLUDE_DIRS}
                     ${CMAKE_SOURCE_DIR}/unittest/mytap
diff --git a/storage/perfschema/unittest/stub_pfs_global.h b/storage/perfschema/unittest/stub_pfs_global.h
index 4b792f9b..e6876dcc 100644
--- a/storage/perfschema/unittest/stub_pfs_global.h
+++ b/storage/perfschema/unittest/stub_pfs_global.h
@@ -58,7 +58,7 @@ void *pfs_malloc(PFS_builtin_memory_class *klass, size_t size, myf)
 void pfs_free(PFS_builtin_memory_class *, size_t, void *ptr)
 {
   if (ptr != NULL)
-    free(ptr);
+    aligned_free(ptr);
 }
 
 void *pfs_malloc_array(PFS_builtin_memory_class *klass, size_t n, size_t size, myf flags)
diff --git a/storage/sphinx/ha_sphinx.cc b/storage/sphinx/ha_sphinx.cc
index 3c5b23f5..103ce50d 100644
--- a/storage/sphinx/ha_sphinx.cc
+++ b/storage/sphinx/ha_sphinx.cc
@@ -3541,7 +3541,8 @@ CSphSEStats * sphinx_get_stats ( THD * thd, SHOW_VAR * out )
 	return 0;
 }
 
-int sphinx_showfunc_total ( THD * thd, SHOW_VAR * out, char * )
+static int sphinx_showfunc_total ( THD * thd, SHOW_VAR * out, void *,
+                                   system_status_var *, enum_var_type )
 {
 	CSphSEStats * pStats = sphinx_get_stats ( thd, out );
 	if ( pStats )
@@ -3552,7 +3553,8 @@ int sphinx_showfunc_total ( THD * thd, SHOW_VAR * out, char * )
 	return 0;
 }
 
-int sphinx_showfunc_total_found ( THD * thd, SHOW_VAR * out, char * )
+static int sphinx_showfunc_total_found ( THD * thd, SHOW_VAR * out, void *,
+                                         system_status_var *, enum_var_type )
 {
 	CSphSEStats * pStats = sphinx_get_stats ( thd, out );
 	if ( pStats )
@@ -3563,7 +3565,8 @@ int sphinx_showfunc_total_found ( THD * thd, SHOW_VAR * out, char * )
 	return 0;
 }
 
-int sphinx_showfunc_time ( THD * thd, SHOW_VAR * out, char * )
+static int sphinx_showfunc_time ( THD * thd, SHOW_VAR * out, void *,
+                                  system_status_var *, enum_var_type )
 {
 	CSphSEStats * pStats = sphinx_get_stats ( thd, out );
 	if ( pStats )
@@ -3574,7 +3577,8 @@ int sphinx_showfunc_time ( THD * thd, SHOW_VAR * out, char * )
 	return 0;
 }
 
-int sphinx_showfunc_word_count ( THD * thd, SHOW_VAR * out, char * )
+static int sphinx_showfunc_word_count ( THD * thd, SHOW_VAR * out, void *,
+                                        system_status_var *, enum_var_type )
 {
 	CSphSEStats * pStats = sphinx_get_stats ( thd, out );
 	if ( pStats )
@@ -3585,9 +3589,11 @@ int sphinx_showfunc_word_count ( THD * thd, SHOW_VAR * out, char * )
 	return 0;
 }
 
-int sphinx_showfunc_words ( THD * thd, SHOW_VAR * out, char * sBuffer )
+static int sphinx_showfunc_words ( THD * thd, SHOW_VAR * out, void * buf,
+                                   system_status_var *, enum_var_type )
 {
 #if MYSQL_VERSION_ID>50100
+	char *sBuffer = static_cast<char*>(buf);
 	if ( sphinx_hton_ptr )
 	{
 		CSphTLS * pTls = (CSphTLS *) thd_get_ha_data ( thd, sphinx_hton_ptr );
@@ -3642,7 +3648,8 @@ int sphinx_showfunc_words ( THD * thd, SHOW_VAR * out, char * sBuffer )
 	return 0;
 }
 
-int sphinx_showfunc_error ( THD * thd, SHOW_VAR * out, char * )
+static int sphinx_showfunc_error ( THD * thd, SHOW_VAR * out, void *,
+                                   system_status_var *, enum_var_type )
 {
 	CSphSEStats * pStats = sphinx_get_stats ( thd, out );
 	out->type = SHOW_CHAR;
diff --git a/storage/sphinx/ha_sphinx.h b/storage/sphinx/ha_sphinx.h
index f03e9d8c..5a1541f1 100644
--- a/storage/sphinx/ha_sphinx.h
+++ b/storage/sphinx/ha_sphinx.h
@@ -164,12 +164,6 @@ private:
 bool sphinx_show_status ( THD * thd );
 #endif
 
-int sphinx_showfunc_total_found ( THD *, SHOW_VAR *, char * );
-int sphinx_showfunc_total ( THD *, SHOW_VAR *, char * );
-int sphinx_showfunc_time ( THD *, SHOW_VAR *, char * );
-int sphinx_showfunc_word_count ( THD *, SHOW_VAR *, char * );
-int sphinx_showfunc_words ( THD *, SHOW_VAR *, char * );
-
 //
 // $Id: ha_sphinx.h 4818 2014-09-24 08:53:38Z tomat $
 //
diff --git a/storage/spider/ha_spider.cc b/storage/spider/ha_spider.cc
index 312f94a8..5b85b3a2 100644
--- a/storage/spider/ha_spider.cc
+++ b/storage/spider/ha_spider.cc
@@ -58,7 +58,7 @@ ha_spider::ha_spider(
 {
   DBUG_ENTER("ha_spider::ha_spider");
   DBUG_PRINT("info",("spider this=%p", this));
-  spider_alloc_calc_mem_init(mem_calc, 139);
+  spider_alloc_calc_mem_init(mem_calc, SPD_MID_HA_SPIDER_HA_SPIDER_1);
   spider_alloc_calc_mem(spider_current_trx, mem_calc, sizeof(*this));
   share = NULL;
   conns = NULL;
@@ -118,7 +118,7 @@ ha_spider::ha_spider(
 {
   DBUG_ENTER("ha_spider::ha_spider");
   DBUG_PRINT("info",("spider this=%p", this));
-  spider_alloc_calc_mem_init(mem_calc, 0);
+  spider_alloc_calc_mem_init(mem_calc, SPD_MID_HA_SPIDER_HA_SPIDER_2);
   spider_alloc_calc_mem(spider_current_trx, mem_calc, sizeof(*this));
   share = NULL;
   conns = NULL;
@@ -358,10 +358,10 @@ int ha_spider::open(
   }
   for (roop_count = 0; roop_count < (int) share->link_count; roop_count++)
   {
-    result_list.sqls[roop_count].init_calc_mem(80);
-    result_list.insert_sqls[roop_count].init_calc_mem(81);
-    result_list.update_sqls[roop_count].init_calc_mem(82);
-    result_list.tmp_sqls[roop_count].init_calc_mem(83);
+    result_list.sqls[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_OPEN_3);
+    result_list.insert_sqls[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_OPEN_4);
+    result_list.update_sqls[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_OPEN_5);
+    result_list.tmp_sqls[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_OPEN_6);
     uint all_link_idx = conn_link_idx[roop_count];
     uint dbton_id = share->sql_dbton_ids[all_link_idx];
     if (share->dbton_share[dbton_id]->need_change_db_table_name())
@@ -392,7 +392,7 @@ int ha_spider::open(
     }
     for (roop_count = 0; roop_count < (int) table_share->fields; roop_count++)
     {
-      blob_buff[roop_count].init_calc_mem(84);
+      blob_buff[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_OPEN_7);
       blob_buff[roop_count].set_charset(table->field[roop_count]->charset());
     }
   }
@@ -860,6 +860,14 @@ int ha_spider::external_lock(
   wide_handler->trx= trx;
   /* End of wide_handler setup */
 
+  if (lock_type == F_UNLCK)
+  {
+    if (!trx->locked_connections)
+    {
+      DBUG_RETURN(0); /* No remote table actually locked by Spider */
+    }
+  }
+
   if (store_error_num)
   {
     DBUG_RETURN(store_error_num);
@@ -888,10 +896,7 @@ int ha_spider::external_lock(
 
   if (lock_type == F_UNLCK)
   {
-    if (sql_command != SQLCOM_UNLOCK_TABLES)
-    {
-      DBUG_RETURN(0); /* Unlock remote tables only by UNLOCK TABLES. */
-    }
+    wide_handler->sql_command = SQLCOM_UNLOCK_TABLES;
     if (!trx->locked_connections)
     {
       DBUG_RETURN(0); /* No remote table actually locked by Spider */
@@ -3592,7 +3597,7 @@ int ha_spider::multi_range_read_next_first(
       spider_free(spider_current_trx, multi_range_keys, MYF(0));
     }
     if (!(multi_range_keys = (range_id_t *)
-      spider_malloc(spider_current_trx, 1, sizeof(range_id_t) *
+      spider_malloc(spider_current_trx, SPD_MID_HA_SPIDER_MULTI_RANGE_READ_NEXT_FIRST_1, sizeof(range_id_t) *
         (multi_range_num < result_list.multi_split_read ?
           multi_range_num : result_list.multi_split_read), MYF(MY_WME)))
     )
@@ -3605,7 +3610,7 @@ int ha_spider::multi_range_read_next_first(
         DBUG_RETURN(HA_ERR_OUT_OF_MEM);
       }
       for (roop_count = 0; roop_count < 2; roop_count++)
-        mrr_key_buff[roop_count].init_calc_mem(235);
+        mrr_key_buff[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_MULTI_RANGE_READ_NEXT_FIRST_3);
     }
     error_num = 0;
     if ((range_res = mrr_funcs.next(mrr_iter, &mrr_cur_range)))
@@ -6068,7 +6073,7 @@ FT_INFO *ha_spider::ft_init_ext(
   if (!ft_current)
   {
     if (!(ft_current = (st_spider_ft_info *)
-      spider_malloc(spider_current_trx, 2, sizeof(st_spider_ft_info),
+      spider_malloc(spider_current_trx, SPD_MID_HA_SPIDER_FT_INIT_EXT_1, sizeof(st_spider_ft_info),
         MYF(MY_WME | MY_ZEROFILL))))
     {
       my_error(HA_ERR_OUT_OF_MEM, MYF(0));
@@ -6234,7 +6239,7 @@ int ha_spider::ft_read_internal(
           DBUG_RETURN(check_error_mode_eof(error_num));
         }
       } else {
-        uint dbton_id = share->use_sql_dbton_ids[roop_count];
+        uint dbton_id = share->sql_dbton_ids[roop_count];
         spider_db_handler *dbton_hdl = dbton_handler[dbton_id];
         SPIDER_CONN *conn = conns[roop_count];
         pthread_mutex_assert_not_owner(&conn->mta_conn_mutex);
@@ -8484,7 +8489,7 @@ int ha_spider::create(
   if (form->s->keys > 0)
   {
     if (!(tmp_share.static_key_cardinality = (longlong *)
-      spider_bulk_malloc(spider_current_trx, 246, MYF(MY_WME),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_HA_SPIDER_CREATE_1, MYF(MY_WME),
         &tmp_share.static_key_cardinality,
           (uint) (sizeof(*tmp_share.static_key_cardinality) * form->s->keys),
         NullS))
@@ -8499,7 +8504,7 @@ int ha_spider::create(
     }
   }
   for (roop_count = 0; roop_count < form->s->keys; roop_count++)
-    tmp_share.key_hint[roop_count].init_calc_mem(85);
+    tmp_share.key_hint[roop_count].init_calc_mem(SPD_MID_HA_SPIDER_CREATE_2);
   DBUG_PRINT("info",("spider tmp_share.key_hint=%p", tmp_share.key_hint));
   if ((error_num = spider_parse_connect_info(&tmp_share, form->s,
     form->part_info,
@@ -8521,7 +8526,10 @@ int ha_spider::create(
     if (
       thd->lex->create_info.or_replace() &&
       (error_num = spider_delete_tables(
-        table_tables, tmp_share.table_name, &dummy))
+        table_tables, tmp_share.table_name, &dummy)) &&
+      /* In this context, no key found in mysql.spider_tables means
+      the Spider table does not exist */
+      error_num != HA_ERR_KEY_NOT_FOUND
     ) {
       goto error;
     }
@@ -8948,12 +8956,6 @@ int ha_spider::delete_table(
     )
       need_lock = TRUE;
 
-    if ((error_num = spider_sys_delete_table_sts(
-      current_thd, name, name_len, need_lock)))
-      goto error;
-    if ((error_num = spider_sys_delete_table_crd(
-      current_thd, name, name_len, need_lock)))
-      goto error;
     if (
       !(table_tables = spider_open_sys_table(
         current_thd, SPIDER_SYS_TABLES_TABLE_NAME_STR,
@@ -8966,6 +8968,10 @@ int ha_spider::delete_table(
       (error_num = spider_delete_tables(
         table_tables, name, &old_link_count))
     ) {
+      /* In this context, no key found in mysql.spider_tables means
+      the Spider table does not exist */
+      if (error_num == HA_ERR_KEY_NOT_FOUND)
+        error_num= HA_ERR_NO_SUCH_TABLE;
       goto error;
     }
     spider_close_sys_table(current_thd, table_tables,
@@ -9157,7 +9163,7 @@ const COND *ha_spider::cond_push(
   {
     SPIDER_CONDITION *tmp_cond;
     if (!(tmp_cond = (SPIDER_CONDITION *)
-      spider_malloc(spider_current_trx, 3, sizeof(*tmp_cond), MYF(MY_WME)))
+      spider_malloc(spider_current_trx, SPD_MID_HA_SPIDER_COND_PUSH_1, sizeof(*tmp_cond), MYF(MY_WME)))
     )
       DBUG_RETURN(cond);
     tmp_cond->cond = (COND *) cond;
@@ -9786,7 +9792,7 @@ int ha_spider::drop_tmp_tables()
     ) {
       if (spider_bit_is_set(result_list.tmp_table_created, roop_count))
       {
-        uint dbton_id = share->use_sql_dbton_ids[roop_count];
+        uint dbton_id = share->sql_dbton_ids[roop_count];
         spider_db_handler *dbton_hdl = dbton_handler[dbton_id];
         SPIDER_CONN *conn = conns[roop_count];
         pthread_mutex_assert_not_owner(&conn->mta_conn_mutex);
diff --git a/storage/spider/mysql-test/spider/bugfix/disabled.def b/storage/spider/mysql-test/spider/bugfix/disabled.def
index 3fd0a2d4..530b2825 100644
--- a/storage/spider/mysql-test/spider/bugfix/disabled.def
+++ b/storage/spider/mysql-test/spider/bugfix/disabled.def
@@ -1,3 +1,4 @@
 wait_timeout : MDEV-26045
-mdev_29904 : MDEV-31101
 mdev_27239: MDEV-32046
+mdev_27575 : MDEV-32997
+mdev_28739_simple : MDEV-33343
diff --git a/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_deinit.inc b/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_deinit.inc
deleted file mode 100644
index 01645e85..00000000
--- a/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_deinit.inc
+++ /dev/null
@@ -1,12 +0,0 @@
---connection master_1
-alter table mysql.spider_table_sts add column checksum bigint unsigned default null after update_time;
-DROP DATABASE IF EXISTS auto_test_local;
-
---let $MASTER_1_COMMENT_2_1= $MASTER_1_COMMENT_2_1_BACKUP
---disable_warnings
---disable_query_log
---disable_result_log
---source ../t/test_deinit.inc
---enable_result_log
---enable_query_log
---enable_warnings
diff --git a/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_init.inc b/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_init.inc
deleted file mode 100644
index 1e438812..00000000
--- a/storage/spider/mysql-test/spider/bugfix/include/spider_table_sts_init.inc
+++ /dev/null
@@ -1,13 +0,0 @@
---disable_warnings
---disable_query_log
---disable_result_log
---source ../t/test_init.inc
---enable_result_log
---enable_query_log
---enable_warnings
---let $MASTER_1_COMMENT_2_1_BACKUP= $MASTER_1_COMMENT_2_1
-let $MASTER_1_COMMENT_2_1=
-  COMMENT='table "tbl_a", host "127.0.0.1", port "$MASTER_1_MYPORT", user "root"';
---connection master_1
-alter table mysql.spider_table_sts drop column checksum;
-insert into mysql.spider_table_sts values ('auto_test_local', 'tbl_a', 0, 0, 0, 0, 0, '2019-01-01 00:00:00', '2019-01-01 00:00:00', '2019-01-01 00:00:00');
diff --git a/storage/spider/mysql-test/spider/bugfix/r/gbh_outer_fields_in_join.result b/storage/spider/mysql-test/spider/bugfix/r/gbh_outer_fields_in_join.result
new file mode 100644
index 00000000..75c2f2c2
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/gbh_outer_fields_in_join.result
@@ -0,0 +1,50 @@
+#
+# MDEV-26247 Spider: Valid LEFT JOIN results in ERROR 1064
+#
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
+connection child2_1;
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+CREATE TABLE t1 (a int) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE TABLE t2 (a int) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+CREATE TABLE t3 (a int) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+INSERT INTO t1 VALUES (1);
+INSERT INTO t2 VALUES (1), (2);
+INSERT INTO t3 VALUES (1), (2), (3);
+connection master_1;
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+CREATE TABLE t1 (a int) ENGINE=Spider DEFAULT CHARSET=utf8 COMMENT='srv "s_2_1", table "t1"';
+CREATE TABLE t2 (a int) ENGINE=Spider DEFAULT CHARSET=utf8 COMMENT='srv "s_2_1", table "t2"';
+CREATE TABLE t3 (a int) ENGINE=Spider DEFAULT CHARSET=utf8 COMMENT='srv "s_2_1", table "t3"';
+select * from t3 left join t1 on t3.a = t1.a left join t2 on t3.a = t2.a;
+a	a	a
+1	1	1
+2	NULL	2
+3	NULL	NULL
+select * from t1 left join t2 on t1.a = t2.a right join t3 on t3.a = t1.a;
+a	a	a
+1	1	1
+NULL	NULL	2
+NULL	NULL	3
+select * from t3 left join (t1 left join t2 on t1.a = t2.a) on t3.a = t1.a;
+a	a	a
+1	1	1
+2	NULL	NULL
+3	NULL	NULL
+drop table t1, t2, t3;
+connection master_1;
+DROP DATABASE IF EXISTS auto_test_local;
+connection child2_1;
+DROP DATABASE IF EXISTS auto_test_remote;
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_19866.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_19866.result
index dbf0f54c..4386b4cb 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_19866.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_19866.result
@@ -72,6 +72,7 @@ SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argum
 argument
 select `pkey`,`val` from `auto_test_remote`.`tbl_a`
 select `pkey`,`val` from `auto_test_remote`.`tbl_a` where `pkey` = 1
+select 1 from (select 1) t0
 select `pkey`,`val` from `auto_test_remote`.`tbl_a`
 select `pkey`,`val` from `auto_test_remote`.`tbl_a`
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
@@ -85,6 +86,7 @@ argument
 select `pkey`,`val` from `auto_test_remote2`.`tbl_a`
 select `pkey`,`val` from `auto_test_remote2`.`tbl_a`
 select `pkey`,`val` from `auto_test_remote2`.`tbl_a` where `pkey` = 2
+select 1 from (select 1) t0
 select `pkey`,`val` from `auto_test_remote2`.`tbl_a`
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT pkey, val FROM tbl_a ORDER BY pkey;
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_26151.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_26151.result
index b0a430e0..326b84a0 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_26151.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_26151.result
@@ -6,6 +6,9 @@ for child2
 for child3
 set @old_spider_bgs_mode= @@spider_bgs_mode;
 set session spider_bgs_mode=1;
+set spider_same_server_link=1;
+set @old_spider_same_server_link=@@global.spider_same_server_link;
+set global spider_same_server_link=1;
 CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 create table td (a int, PRIMARY KEY (a));
 create table ts (a int, PRIMARY KEY (a)) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv_mdev_26151",TABLE "td", casual_read "3"';
@@ -26,6 +29,7 @@ min(a)
 drop table td, ts;
 drop server srv_mdev_26151;
 set session spider_bgs_mode=@old_spider_bgs_mode;
+set global spider_same_server_link=@old_spider_same_server_link;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_26247.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_26247.result
index 723a81a9..6eddf9a7 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_26247.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_26247.result
@@ -28,8 +28,6 @@ INSERT INTO t1 VALUES (1), (2), (3);
 INSERT INTO t2 VALUES (1, 11), (2, 22), (3, 33);
 INSERT INTO t3 VALUES (1, 111), (2, 222), (3, 333);
 connection master_1;
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
 CREATE DATABASE auto_test_local;
 USE auto_test_local;
 CREATE TABLE t1 (
@@ -82,7 +80,6 @@ a22
 22
 connection master_1;
 DROP DATABASE IF EXISTS auto_test_local;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 connection child2_1;
 DROP DATABASE IF EXISTS auto_test_remote;
 for master_1
@@ -91,6 +88,3 @@ child2_1
 child2_2
 child2_3
 for child3
-#
-# end of test mdev_26247
-#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_26541.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_26541.result
index 72921d2e..35a9d916 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_26541.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_26541.result
@@ -2,18 +2,3 @@
 # MDEV-26541 Undefined symbol: _ZTI12ha_partition when attempting to use ha_spider.so in UBSAN builds
 #
 INSTALL SONAME 'ha_spider.so';
-DROP FUNCTION spider_flush_table_mon_cache;
-DROP FUNCTION spider_copy_tables;
-DROP FUNCTION spider_ping_table;
-DROP FUNCTION spider_bg_direct_sql;
-DROP FUNCTION spider_direct_sql;
-UNINSTALL SONAME IF EXISTS "ha_spider";
-DROP TABLE IF EXISTS mysql.spider_xa;
-DROP TABLE IF EXISTS mysql.spider_xa_member;
-DROP TABLE IF EXISTS mysql.spider_xa_failed_log;
-DROP TABLE IF EXISTS mysql.spider_tables;
-DROP TABLE IF EXISTS mysql.spider_link_mon_servers;
-DROP TABLE IF EXISTS mysql.spider_link_failed_log;
-DROP TABLE IF EXISTS mysql.spider_table_position_for_recovery;
-DROP TABLE IF EXISTS mysql.spider_table_sts;
-DROP TABLE IF EXISTS mysql.spider_table_crd;
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_27575.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_27575.result
new file mode 100644
index 00000000..3b137eaa
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_27575.result
@@ -0,0 +1,17 @@
+#
+# MDEV-27575 Spider: UBSAN member access within null pointer of type 'struct st_plugin_int and SIGSEGV in intern_plugin_lock on SHUTDOWN when setting Spider as default storage engine (temporary or global)
+#
+for master_1
+for child2
+for child3
+SET GLOBAL default_tmp_storage_engine=spider;
+ERROR HY000: Table storage engine 'SPIDER' does not support the create option 'TEMPORARY'
+# restart
+SET GLOBAL default_storage_engine=Spider;
+# restart
+for master_1
+for child2
+for child3
+#
+# end of test mdev_27575
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_28683.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_28683.result
new file mode 100644
index 00000000..358c794e
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_28683.result
@@ -0,0 +1,22 @@
+#
+# MDEV-28683 Spider: SIGSEGV in spider_db_direct_delete, SIGSEGV in spider_db_connect, ASAN: heap-use-after-free in spider_db_direct_delete
+#
+for master_1
+for child2
+for child3
+CREATE TABLE t (c INT) ENGINE=Spider;
+SELECT * FROM t;
+ERROR HY000: Unable to connect to foreign data source: localhost
+INSERT INTO t (SELECT 1 FROM t);
+ERROR HY000: Unable to connect to foreign data source: localhost
+LOCK TABLES t WRITE CONCURRENT;
+DELETE FROM t;
+ERROR HY000: Unable to connect to foreign data source: localhost
+UNLOCK TABLES;
+DROP TABLE t;
+for master_1
+for child2
+for child3
+#
+# end of test mdev_28683
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_28739.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_28739.result
new file mode 100644
index 00000000..ee497bb3
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_28739.result
@@ -0,0 +1,34 @@
+#
+# MDEV-28739 Trying to lock uninitialized mutex or hang upon shutdown after using Spider with query_cache
+#
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
+connection child2_1;
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+CREATE TABLE tbl_a (id INT);
+connection master_1;
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+set global query_cache_type= on;
+set spider_same_server_link = on;
+CREATE TABLE tbl_a (
+id INT
+) ENGINE=Spider DEFAULT CHARSET=utf8 COMMENT='table "tbl_a", srv "s_2_1"';
+SELECT * FROM tbl_a;
+id
+# restart
+connection master_1;
+DROP DATABASE IF EXISTS auto_test_local;
+connection child2_1;
+DROP DATABASE IF EXISTS auto_test_remote;
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_28739_simple.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_28739_simple.result
new file mode 100644
index 00000000..1c337c3d
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_28739_simple.result
@@ -0,0 +1,21 @@
+#
+# MDEV-28739 Trying to lock uninitialized mutex or hang upon shutdown after using Spider with query_cache
+#
+for master_1
+for child2
+for child3
+set global query_cache_type= on;
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t2 (c int);
+create table t1 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+SELECT * FROM t1;
+c
+# restart
+drop table t1, t2;
+drop server srv;
+for master_1
+for child2
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_28856.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_28856.result
index fae3cc6b..7e4fd3cd 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_28856.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_28856.result
@@ -4,6 +4,7 @@
 for master_1
 for child2
 for child3
+set spider_same_server_link=1;
 CREATE SERVER srv FOREIGN DATA WRAPPER mysql
 OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 # testing monitoring_*
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_28998.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_28998.result
index d664b090..e92fb199 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_28998.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_28998.result
@@ -4,8 +4,7 @@
 for master_1
 for child2
 for child3
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 CREATE SERVER s FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t1 (a INT);
 INSERT INTO t1 VALUES (1),(2);
@@ -17,7 +16,6 @@ a
 2
 DROP TABLE t2, t1_SPIDER, t1;
 drop server s;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29002.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29002.result
new file mode 100644
index 00000000..894f51c5
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29002.result
@@ -0,0 +1,34 @@
+for master_1
+for child2
+for child3
+SET spider_same_server_link= on;
+CREATE SERVER s FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+CREATE TABLE t (a INT);
+CREATE TABLE t1_spider (a INT) ENGINE=SPIDER COMMENT = "wrapper 'mysql', srv 's', table 't'";
+CREATE TABLE t2_spider (a INT) ENGINE=SPIDER COMMENT = "wrapper 'mysql', srv 's', table 't'";
+SELECT * FROM t1_spider, t2_spider;
+a	a
+SELECT table_name, index_name, cardinality FROM INFORMATION_SCHEMA.STATISTICS WHERE table_name IN ('t1_spider','t2_spider');
+table_name	index_name	cardinality
+RENAME TABLE t1_spider TO t3_spider;
+SELECT * FROM t3_spider;
+a
+DROP TABLE t3_spider, t2_spider, t;
+drop server s;
+CREATE TABLE t1 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+CREATE TABLE t3 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+SHOW TABLE STATUS;
+Name	Engine	Version	Row_format	Rows	Avg_row_length	Data_length	Max_data_length	Index_length	Data_free	Auto_increment	Create_time	Update_time	Check_time	Collation	Checksum	Create_options	Comment	Max_index_length	Temporary
+t1	SPIDER	10		NULL	0	0	0	0	0	NULL	NULL	NULL	NULL	latin1_swedish_ci	NULL		Unable to connect to foreign data source: srv	0	
+t2	SPIDER	10		NULL	0	0	0	0	0	NULL	NULL	NULL	NULL	latin1_swedish_ci	NULL		Unable to connect to foreign data source: srv	0	
+t3	SPIDER	10		NULL	0	0	0	0	0	NULL	NULL	NULL	NULL	latin1_swedish_ci	NULL		Unable to connect to foreign data source: srv	0	
+Warnings:
+Warning	1429	Unable to connect to foreign data source: srv
+Warning	1429	Unable to connect to foreign data source: srv
+Warning	1429	Unable to connect to foreign data source: srv
+drop table t1, t2, t3;
+for master_1
+for child2
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29163.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29163.result
index 96d8a729..f58ab605 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_29163.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29163.result
@@ -4,8 +4,7 @@
 for master_1
 for child2
 for child3
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 CREATE SERVER s FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t1 (a INT);
 CREATE TABLE t2 (b INT);
@@ -17,7 +16,6 @@ SELECT t1_spider.* FROM t1_spider LEFT JOIN t2_spider LEFT JOIN t3_spider ON b =
 a
 DROP TABLE t1_spider, t2_spider, t3_spider, t1, t2, t3;
 drop server s;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29421.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29421.result
new file mode 100644
index 00000000..bcbf050d
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29421.result
@@ -0,0 +1,19 @@
+for master_1
+for child2
+for child3
+set @old_table_open_cache=@@global.table_open_cache;
+set global table_open_cache=10;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t_s (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv", TABLE "t"';
+CREATE TABLE t1 (a INT) ENGINE=Spider;
+SELECT * FROM t1;
+ERROR HY000: Unable to connect to foreign data source: localhost
+SELECT * FROM information_schema.tables;
+DROP TABLE t, t_s, t1;
+drop server srv;
+set global table_open_cache=@old_table_open_cache;
+for master_1
+for child2
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29456.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29456.result
new file mode 100644
index 00000000..365c3d63
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29456.result
@@ -0,0 +1,42 @@
+#
+# MDEV-29456 Spider hangs in 'Waiting for table metadata lock' state on CREATE TABLE after LOCK TABLES
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+LOCK TABLE t2 WRITE;
+LOCK TABLE t3 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+UNLOCK TABLES;
+drop table t1, t2, t3;
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t1 (c INT) ENGINE=Spider;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t2 WRITE;
+LOCK TABLES t1 READ;
+ERROR HY000: Unable to connect to foreign data source: localhost
+CREATE TABLE t (c INT) ENGINE=Spider;
+ERROR 42S01: Table 't' already exists
+drop table t, t1, t2;
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+CREATE TABLE t3 (c INT) ENGINE=InnoDB;
+LOCK TABLES t2 WRITE;
+LOCK TABLES mysql.proc WRITE,mysql.user WRITE;
+ERROR HY000: You can't combine write-locking of system tables with other tables or lock types
+INSERT INTO t3 SELECT * FROM t;
+drop table t, t2, t3;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test mdev_29456
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29502.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29502.result
index 54c5e9a6..7749898e 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_29502.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29502.result
@@ -4,6 +4,7 @@
 for master_1
 for child2
 for child3
+set spider_same_server_link=1;
 CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t (a INT);
 INSERT INTO t VALUES (23),(48);
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29667.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29667.result
new file mode 100644
index 00000000..f2e90760
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29667.result
@@ -0,0 +1,40 @@
+#
+# MDEV-29667 Server hangs on DROP DATABASE after failing LOCK TABLES on Spider table
+#
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
+connection child2_1;
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+CREATE TABLE tbl_a (
+a INT
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+connection master_1;
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+CREATE TABLE tbl_a (
+a INT
+) ENGINE=Spider DEFAULT CHARSET=utf8 COMMENT='table "tbl_a", srv "s_2_1"';
+CREATE TABLE tbl_b (
+a INT
+) ENGINE=Spider DEFAULT CHARSET=utf8;
+LOCK TABLES tbl_a WRITE;
+LOCK TABLES tbl_b READ, tbl_a READ;
+ERROR HY000: Unable to connect to foreign data source: localhost
+connection master_1;
+DROP DATABASE IF EXISTS auto_test_local;
+connection child2_1;
+DROP DATABASE IF EXISTS auto_test_remote;
+for master_1
+for child2
+child2_1
+child2_2
+child2_3
+for child3
+#
+# end of test mdev_29667
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_29963.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_29963.result
new file mode 100644
index 00000000..60451596
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_29963.result
@@ -0,0 +1,44 @@
+#
+# MDEV-29963 SIGSEGV in spider_db_mbase::append_lock_tables on LOCK TABLES
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+CREATE TABLE t (a INT) ENGINE=Spider;
+CREATE TABLE t2 (b INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t AS a READ,t2 AS b LOW_PRIORITY WRITE,t2 AS c WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+DROP TABLE t2;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t2 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+DROP TABLE t2,t;
+CREATE TABLE t (a INT);
+CREATE TABLE t1 (a INT) ENGINE=Spider;
+CREATE TABLE t2 (b INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t1 READ, t2 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+DROP TABLE t2;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t2 WRITE;
+UNLOCK TABLES;
+DROP TABLE t, t1, t2;
+CREATE TABLE t1 (c INT) ENGINE=Spider;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT="WRAPPER 'mysql',srv 'srv',TABLE 't1'";
+LOCK TABLES t1 WRITE,t2 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+TRUNCATE t2;
+ERROR HY000: Unable to connect to foreign data source: localhost
+LOCK TABLES t2 AS o WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+drop table t1, t2;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test mdev_29963
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_30014.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_30014.result
new file mode 100644
index 00000000..e971f323
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_30014.result
@@ -0,0 +1,37 @@
+#
+# MDEV-30014 heap-use-after-free in  ha_spider::lock_tables(), highly sporadic SIGSEGV in intern_close_table
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+LOCK TABLE t2 WRITE,t3 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+CREATE TABLE t4 (c INT) ENGINE=Spider;
+FLUSH NO_WRITE_TO_BINLOG TABLES t4 WITH READ LOCK;
+Warnings:
+Error	1429	Unable to connect to foreign data source: localhost
+Error	1429	Unable to connect to foreign data source: localhost
+UNLOCK TABLES;
+drop table t1, t2, t3, t4;
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+LOCK TABLE t2 WRITE, t3 WRITE;
+ERROR HY000: Unable to connect to foreign data source: localhost
+UNLOCK TABLES;
+drop table t1, t2, t3;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test mdev_30014
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_30170.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_30170.result
new file mode 100644
index 00000000..2183447b
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_30170.result
@@ -0,0 +1,7 @@
+install soname 'ha_spider';
+DROP TABLE non_existing_table;
+ERROR 42S02: Unknown table 'test.non_existing_table'
+create or replace table non_existing_table (c int) engine=Spider;
+drop table non_existing_table;
+Warnings:
+Warning	1620	Plugin is busy and will be uninstalled on shutdown
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_30392.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_30392.result
index 13297e10..cefa5248 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_30392.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_30392.result
@@ -4,8 +4,7 @@
 for master_1
 for child2
 for child3
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t1 (a INT);
 INSERT INTO t1 VALUES (1),(2);
@@ -16,7 +15,6 @@ a
 2
 DROP TABLE t1, t2;
 DROP SERVER srv;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_31338.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_31338.result
index 62b06336..f156cf38 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_31338.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_31338.result
@@ -4,6 +4,7 @@
 for master_1
 for child2
 for child3
+set spider_same_server_link=1;
 CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t (c BLOB) ENGINE=InnoDB;
 CREATE TABLE ts (c BLOB) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_31524.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_31524.result
index c1aa7a1f..26877967 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_31524.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_31524.result
@@ -5,6 +5,7 @@ for master_1
 for child2
 for child3
 SET @old_spider_read_only_mode = @@session.spider_read_only_mode;
+set spider_same_server_link=1;
 CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 set session spider_read_only_mode = default;
 create table t2 (c int);
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_31645.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_31645.result
index 28cb546e..5197abd3 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_31645.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_31645.result
@@ -4,22 +4,17 @@
 for master_1
 for child2
 for child3
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t1 ( a bigint(20) NOT NULL, b bigint(20) DEFAULT 0, PRIMARY KEY (a));
 CREATE TABLE t2 ( a bigint(20) NOT NULL, b bigint(20) DEFAULT 0, PRIMARY KEY (a)) ENGINE=SPIDER COMMENT='srv "srv", WRAPPER "mysql", TABLE "t1"';
-SET SESSION optimizer_switch='semijoin=off';
-SELECT * FROM t2
-WHERE A BETWEEN 0 AND 10 AND B IN(SELECT B FROM t2 WHERE A BETWEEN 11 AND 20);
+SELECT * FROM t2 WHERE b IN (SELECT b FROM t2 WHERE a > 10);
 a	b
-SET SESSION optimizer_switch='semijoin=on';
 SELECT * FROM t2
 WHERE A BETWEEN 0 AND 10 AND B IN(SELECT B FROM t2 WHERE A BETWEEN 11 AND 20);
 a	b
 drop table t1, t2;
 drop server srv;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_31996.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_31996.result
index 04d7e884..cbc91432 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/mdev_31996.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_31996.result
@@ -1,6 +1,7 @@
 for master_1
 for child2
 for child3
+set spider_same_server_link=1;
 CREATE SERVER srv FOREIGN DATA WRAPPER mysql
 OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 set session spider_delete_all_rows_type=0;
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_32753.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753.result
new file mode 100644
index 00000000..4260d80f
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753.result
@@ -0,0 +1,10 @@
+#
+# MDEV-32753 Spider engine does not load in ORACLE mode
+#
+select * from mysql.plugin;
+name	dl
+create table t (c int) Engine=SPIDER;
+drop table t;
+#
+# end of test mdev_32753
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start.result
new file mode 100644
index 00000000..4e046d16
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start.result
@@ -0,0 +1,14 @@
+#
+# MDEV-32753 Spider engine does not load in ORACLE mode
+#
+install soname 'ha_spider';
+select * from mysql.plugin;
+name	dl
+SPIDER	ha_spider.so
+SPIDER_ALLOC_MEM	ha_spider.so
+SPIDER_WRAPPER_PROTOCOLS	ha_spider.so
+create table t (c int) Engine=SPIDER;
+drop table t;
+#
+# end of test mdev_32753_after_start
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start_session.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start_session.result
new file mode 100644
index 00000000..b9d02563
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_32753_after_start_session.result
@@ -0,0 +1,17 @@
+#
+# MDEV-32753 Spider engine does not load in ORACLE mode
+#
+set @old_sql_mode=@@sql_mode;
+SET @@sql_mode = CONCAT(@@sql_mode, ',ORACLE');
+install soname 'ha_spider';
+select * from mysql.plugin;
+name	dl
+SPIDER	ha_spider.so
+SPIDER_ALLOC_MEM	ha_spider.so
+SPIDER_WRAPPER_PROTOCOLS	ha_spider.so
+create table t (c int) Engine=SPIDER;
+drop table t;
+set sql_mode=@old_sql_mode;
+#
+# end of test mdev_32753_after_start
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_32986.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_32986.result
new file mode 100644
index 00000000..c3bdef98
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_32986.result
@@ -0,0 +1,24 @@
+#
+# MDEV-32907
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t2 (c varchar(16));
+create table t1 (c varchar(16)) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+insert into t1 values ('TestSpiderRegex');
+select c from t1 where c regexp '(Test|Spider|Regex)';
+c
+TestSpiderRegex
+drop table t1, t2;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test mdev_32907
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_33008.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_33008.result
new file mode 100644
index 00000000..3bcb4bb0
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_33008.result
@@ -0,0 +1,25 @@
+for master_1
+for child2
+for child3
+set spider_same_server_link=on;
+CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t2 (
+`id` int(11) NOT NULL AUTO_INCREMENT,
+`code` varchar(10) DEFAULT NULL,
+PRIMARY KEY (`id`)
+);
+create table t1 ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+show create table t1;
+Table	Create Table
+t1	CREATE TABLE `t1` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `code` varchar(10) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=SPIDER DEFAULT CHARSET=latin1 COLLATE=latin1_swedish_ci COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"'
+drop table t1, t2;
+drop server srv;
+for master_1
+for child2
+for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/mdev_33191.result b/storage/spider/mysql-test/spider/bugfix/r/mdev_33191.result
new file mode 100644
index 00000000..75ca6c2f
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/mdev_33191.result
@@ -0,0 +1,14 @@
+INSTALL SONAME 'ha_spider';
+set spider_same_server_link=on;
+CREATE TABLE t2(c INT);
+CREATE TABLE t1(c INT) ENGINE=Spider COMMENT='socket "$SOCKET", user "root", table "t2 t3"';
+Warnings:
+Warning	138	The high availability feature of Spider has been deprecated and will be removed in a future release
+ALTER TABLE t1 ENGINE=Spider;
+Warnings:
+Warning	138	The high availability feature of Spider has been deprecated and will be removed in a future release
+TRUNCATE TABLE t1;
+ERROR 42S02: Table 'test.t3' doesn't exist
+drop table t1, t2;
+Warnings:
+Warning	1620	Plugin is busy and will be uninstalled on shutdown
diff --git a/storage/spider/mysql-test/spider/bugfix/r/perfschema.result b/storage/spider/mysql-test/spider/bugfix/r/perfschema.result
new file mode 100644
index 00000000..9ce2e38f
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/perfschema.result
@@ -0,0 +1,11 @@
+#
+# MDEV-33031 Assertion failure upon reading from performance schema with binlog enabled
+#
+connect foo,localhost,root;
+select variable_name, variable_value from performance_schema.status_by_thread
+where variable_name like '%spider_direct_aggregate%';
+variable_name	variable_value
+Spider_direct_aggregate	0
+Spider_direct_aggregate	0
+disconnect foo;
+connection default;
diff --git a/storage/spider/mysql-test/spider/bugfix/r/self_reference_multi.result b/storage/spider/mysql-test/spider/bugfix/r/self_reference_multi.result
index 196e48d5..0118f575 100644
--- a/storage/spider/mysql-test/spider/bugfix/r/self_reference_multi.result
+++ b/storage/spider/mysql-test/spider/bugfix/r/self_reference_multi.result
@@ -4,6 +4,9 @@ for child3
 
 MDEV-6268 SPIDER table with no COMMENT clause causes queries to wait forever
 
+set spider_same_server_link=1;
+set @old_spider_same_server_link=@@global.spider_same_server_link;
+set global spider_same_server_link=1;
 CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 create table t2 (c int);
 create table t1 (c int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv_self_reference_multi",TABLE "t2"';
@@ -17,6 +20,7 @@ select * from t2;
 ERROR HY000: An infinite loop is detected when opening table test.t0
 drop table t0, t1, t2;
 drop server srv_self_reference_multi;
+set global spider_same_server_link=@old_spider_same_server_link;
 for master_1
 for child2
 for child3
diff --git a/storage/spider/mysql-test/spider/bugfix/r/signal_ddl_fail.result b/storage/spider/mysql-test/spider/bugfix/r/signal_ddl_fail.result
new file mode 100644
index 00000000..c86e600b
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/signal_ddl_fail.result
@@ -0,0 +1,8 @@
+#
+# MDEV-32559 Move alter table statements in spider init queries to be executed in the signal_ddl_recovery_done callback
+#
+select * from mysql.plugin;
+name	dl
+#
+# end of test signal_ddl_fail
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/spider_join_with_non_spider.result b/storage/spider/mysql-test/spider/bugfix/r/spider_join_with_non_spider.result
new file mode 100644
index 00000000..420ca657
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/spider_join_with_non_spider.result
@@ -0,0 +1,24 @@
+#
+# Test joining a spider table with a non-spider table
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c int);
+create table t2 (d int);
+insert into t2 values (1), (2);
+create table t3 (c int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+insert into t3 values (2), (3);
+select c from t3 join t2 on c = d;
+c
+2
+drop table t1, t2, t3;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test spider_join_with_non_spider
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/r/spider_table_sts.result b/storage/spider/mysql-test/spider/bugfix/r/spider_table_sts.result
deleted file mode 100644
index f915cc95..00000000
--- a/storage/spider/mysql-test/spider/bugfix/r/spider_table_sts.result
+++ /dev/null
@@ -1,38 +0,0 @@
-for master_1
-for child2
-for child3
-connection master_1;
-alter table mysql.spider_table_sts drop column checksum;
-insert into mysql.spider_table_sts values ('auto_test_local', 'tbl_a', 0, 0, 0, 0, 0, '2019-01-01 00:00:00', '2019-01-01 00:00:00', '2019-01-01 00:00:00');
-
-this test is for MDEV-19842
-
-drop and create databases
-connection master_1;
-CREATE DATABASE auto_test_local;
-USE auto_test_local;
-
-create table
-connection master_1;
-CREATE TABLE tbl_a (
-pkey int NOT NULL,
-PRIMARY KEY (pkey)
-) MASTER_1_ENGINE MASTER_1_CHARSET MASTER_1_COMMENT_2_1
-
-select test 1
-connection master_1;
-SELECT pkey FROM tbl_a;
-ERROR HY000: System table spider_table_sts is different version
-
-deinit
-connection master_1;
-DROP DATABASE IF EXISTS auto_test_local;
-ERROR HY000: System table spider_table_sts is different version
-connection master_1;
-alter table mysql.spider_table_sts add column checksum bigint unsigned default null after update_time;
-DROP DATABASE IF EXISTS auto_test_local;
-for master_1
-for child2
-for child3
-
-end of test
diff --git a/storage/spider/mysql-test/spider/bugfix/r/subquery.result b/storage/spider/mysql-test/spider/bugfix/r/subquery.result
new file mode 100644
index 00000000..280f5715
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/r/subquery.result
@@ -0,0 +1,25 @@
+#
+# Test spider select with subqueries
+#
+for master_1
+for child2
+for child3
+set spider_same_server_link=1;
+CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c1 int);
+create table t2 (c2 int);
+insert into t1 values (1), (2);
+insert into t2 values (0), (1), (2);
+create table t1s (c1 int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+create table t2s (c2 int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+select c1 from t1s, (select c2 from t2s where c2 > 0) t where c1 + 1 = c2;
+c1
+1
+drop table t1, t2, t1s, t2s;
+drop server srv;
+for master_1
+for child2
+for child3
+#
+# end of test subquery
+#
diff --git a/storage/spider/mysql-test/spider/bugfix/t/spider_table_sts.cnf b/storage/spider/mysql-test/spider/bugfix/t/gbh_outer_fields_in_join.cnf
index b0853e32..05dfd8a0 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/spider_table_sts.cnf
+++ b/storage/spider/mysql-test/spider/bugfix/t/gbh_outer_fields_in_join.cnf
@@ -1,2 +1,3 @@
 !include include/default_mysqld.cnf
 !include ../my_1_1.cnf
+!include ../my_2_1.cnf
diff --git a/storage/spider/mysql-test/spider/bugfix/t/gbh_outer_fields_in_join.test b/storage/spider/mysql-test/spider/bugfix/t/gbh_outer_fields_in_join.test
new file mode 100644
index 00000000..f60abc30
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/gbh_outer_fields_in_join.test
@@ -0,0 +1,46 @@
+--echo #
+--echo # MDEV-26247 Spider: Valid LEFT JOIN results in ERROR 1064
+--echo #
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+--connection child2_1
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+
+eval CREATE TABLE t1 (a int) $CHILD2_1_ENGINE $CHILD2_1_CHARSET;
+eval CREATE TABLE t2 (a int) $CHILD2_1_ENGINE $CHILD2_1_CHARSET;
+eval CREATE TABLE t3 (a int) $CHILD2_1_ENGINE $CHILD2_1_CHARSET;
+
+INSERT INTO t1 VALUES (1);
+INSERT INTO t2 VALUES (1), (2);
+INSERT INTO t3 VALUES (1), (2), (3);
+
+--connection master_1
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+
+eval CREATE TABLE t1 (a int) $MASTER_1_ENGINE $MASTER_1_CHARSET COMMENT='srv "s_2_1", table "t1"';
+eval CREATE TABLE t2 (a int) $MASTER_1_ENGINE $MASTER_1_CHARSET COMMENT='srv "s_2_1", table "t2"';
+eval CREATE TABLE t3 (a int) $MASTER_1_ENGINE $MASTER_1_CHARSET COMMENT='srv "s_2_1", table "t3"';
+
+select * from t3 left join t1 on t3.a = t1.a left join t2 on t3.a = t2.a;
+select * from t1 left join t2 on t1.a = t2.a right join t3 on t3.a = t1.a;
+select * from t3 left join (t1 left join t2 on t1.a = t2.a) on t3.a = t1.a;
+
+drop table t1, t2, t3;
+
+--connection master_1
+DROP DATABASE IF EXISTS auto_test_local;
+--connection child2_1
+DROP DATABASE IF EXISTS auto_test_remote;
+
+--disable_query_log
+--disable_result_log
+--source ../t/test_deinit.inc
+--enable_query_log
+--enable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_26151.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_26151.test
index f9e157d3..dcf1438f 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_26151.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_26151.test
@@ -14,6 +14,10 @@
 --let $srv=srv_mdev_26151
 set @old_spider_bgs_mode= @@spider_bgs_mode;
 set session spider_bgs_mode=1;
+set spider_same_server_link=1;
+set @old_spider_same_server_link=@@global.spider_same_server_link;
+set global spider_same_server_link=1;
+
 evalp CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 # casual_read != 0 && casual_read != 1
@@ -42,6 +46,7 @@ drop table td, ts;
 
 eval drop server $srv;
 set session spider_bgs_mode=@old_spider_bgs_mode;
+set global spider_same_server_link=@old_spider_same_server_link;
 
 --disable_query_log
 --disable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_26247.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_26247.test
index 8d27c6e0..80328e05 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_26247.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_26247.test
@@ -7,6 +7,7 @@
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
+
 --connection child2_1
 CREATE DATABASE auto_test_remote;
 USE auto_test_remote;
@@ -33,10 +34,6 @@ INSERT INTO t2 VALUES (1, 11), (2, 22), (3, 33);
 INSERT INTO t3 VALUES (1, 111), (2, 222), (3, 333);
 
 --connection master_1
-#FIXME: this is a workaround.
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
-
 CREATE DATABASE auto_test_local;
 USE auto_test_local;
 
@@ -71,7 +68,6 @@ SELECT a22 FROM t1 RIGHT JOIN t2 ON a21 = a11 WHERE a11 IN (1,2);
 
 --connection master_1
 DROP DATABASE IF EXISTS auto_test_local;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 --connection child2_1
 DROP DATABASE IF EXISTS auto_test_remote;
 
@@ -80,6 +76,3 @@ DROP DATABASE IF EXISTS auto_test_remote;
 --source ../t/test_deinit.inc
 --enable_query_log
 --enable_result_log
---echo #
---echo # end of test mdev_26247
---echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_26541.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_26541.test
index bf6cb255..add5f621 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_26541.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_26541.test
@@ -2,10 +2,7 @@
 --echo # MDEV-26541 Undefined symbol: _ZTI12ha_partition when attempting to use ha_spider.so in UBSAN builds
 --echo #
 
-if (`select not(count(*)) from information_schema.system_variables where variable_name='have_sanitizer' and global_value like "%UBSAN%"`)
-{
---skip test needs to be run with UBSAN
-}
+# this test should be checked with ubsan
 
 # init spider
 
@@ -20,4 +17,5 @@ while (!$PLUGIN_EXIST)
     `SELECT COUNT(*) FROM mysql.func WHERE name = '$PLUGIN_NAME'`;
 }
 
+--disable_query_log
 --source ../../include/clean_up_spider.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_27575.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_27575.test
new file mode 100644
index 00000000..79a08489
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_27575.test
@@ -0,0 +1,23 @@
+--echo #
+--echo # MDEV-27575 Spider: UBSAN member access within null pointer of type 'struct st_plugin_int and SIGSEGV in intern_plugin_lock on SHUTDOWN when setting Spider as default storage engine (temporary or global)
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+SET GLOBAL default_tmp_storage_engine=spider;
+--source include/restart_mysqld.inc
+
+SET GLOBAL default_storage_engine=Spider;
+--source include/restart_mysqld.inc
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_27575
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28683.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_28683.test
new file mode 100644
index 00000000..0508a999
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28683.test
@@ -0,0 +1,29 @@
+--echo #
+--echo # MDEV-28683 Spider: SIGSEGV in spider_db_direct_delete, SIGSEGV in spider_db_connect, ASAN: heap-use-after-free in spider_db_direct_delete
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+CREATE TABLE t (c INT) ENGINE=Spider;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+SELECT * FROM t;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+INSERT INTO t (SELECT 1 FROM t);
+LOCK TABLES t WRITE CONCURRENT;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+DELETE FROM t;
+
+UNLOCK TABLES;
+DROP TABLE t;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_28683
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.cnf b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.cnf
new file mode 100644
index 00000000..05dfd8a0
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.cnf
@@ -0,0 +1,3 @@
+!include include/default_mysqld.cnf
+!include ../my_1_1.cnf
+!include ../my_2_1.cnf
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.test
new file mode 100644
index 00000000..d4ac8e42
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739.test
@@ -0,0 +1,41 @@
+--echo #
+--echo # MDEV-28739 Trying to lock uninitialized mutex or hang upon shutdown after using Spider with query_cache
+--echo #
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+--connection child2_1
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+
+CREATE TABLE tbl_a (id INT);
+
+--connection master_1
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+
+set global query_cache_type= on;
+set spider_same_server_link = on;
+
+eval CREATE TABLE tbl_a (
+    id INT
+) $MASTER_1_ENGINE $MASTER_1_CHARSET COMMENT='table "tbl_a", srv "s_2_1"';
+
+SELECT * FROM tbl_a;
+
+--source include/restart_mysqld.inc
+
+--connection master_1
+DROP DATABASE IF EXISTS auto_test_local;
+--connection child2_1
+DROP DATABASE IF EXISTS auto_test_remote;
+
+--disable_query_log
+--disable_result_log
+--source ../t/test_deinit.inc
+--enable_query_log
+--enable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28739_simple.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739_simple.test
new file mode 100644
index 00000000..feff85df
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28739_simple.test
@@ -0,0 +1,31 @@
+--echo #
+--echo # MDEV-28739 Trying to lock uninitialized mutex or hang upon shutdown after using Spider with query_cache
+--echo #
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+# set @@global.debug_dbug="+d,xid_thd_trace,enter,exit,info,error:o,/tmp/trace2.out:i:F:L";
+#set @@global.debug_dbug="d:t:i:o,mysqld.trace";
+
+set global query_cache_type= on;
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t2 (c int);
+create table t1 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+SELECT * FROM t1;
+#shutdown;
+--source include/restart_mysqld.inc
+drop table t1, t2;
+drop server srv;
+
+--disable_query_log
+--disable_result_log
+--source ../t/test_deinit.inc
+--enable_query_log
+--enable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28856.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_28856.test
index 4f23168e..a1642f7a 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_28856.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28856.test
@@ -9,6 +9,7 @@
 
 # This test covers some table params under consideration for inclusion
 # in the engine-defined options to be implemented in MDEV-28856.
+set spider_same_server_link=1;
 evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
 OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_28998.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_28998.test
index d67011ca..51d4c5c9 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_28998.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_28998.test
@@ -2,19 +2,14 @@
 --echo # MDEV-28998 ASAN errors in spider_fields::free_conn_holder or spider_create_group_by_handler
 --echo #
 
-if (`select not(count(*)) from information_schema.system_variables where variable_name='have_sanitizer' and global_value like "%ASAN%"`)
-{
---skip test needs to be run with ASAN
-}
+# this test should be checked with ubsan
 
 --disable_query_log
 --disable_result_log
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
-# FIXME: this is a workaround.
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 evalp CREATE SERVER s FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 CREATE TABLE t1 (a INT);
@@ -27,7 +22,6 @@ SELECT * FROM t2;
 # Cleanup
 DROP TABLE t2, t1_SPIDER, t1;
 drop server s;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 
 --disable_query_log
 --disable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29002.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29002.test
new file mode 100644
index 00000000..51620a5a
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29002.test
@@ -0,0 +1,32 @@
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+SET spider_same_server_link= on;
+evalp CREATE SERVER s FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+
+CREATE TABLE t (a INT);
+CREATE TABLE t1_spider (a INT) ENGINE=SPIDER COMMENT = "wrapper 'mysql', srv 's', table 't'";
+CREATE TABLE t2_spider (a INT) ENGINE=SPIDER COMMENT = "wrapper 'mysql', srv 's', table 't'";
+SELECT * FROM t1_spider, t2_spider;
+SELECT table_name, index_name, cardinality FROM INFORMATION_SCHEMA.STATISTICS WHERE table_name IN ('t1_spider','t2_spider');
+RENAME TABLE t1_spider TO t3_spider;
+SELECT * FROM t3_spider;
+
+DROP TABLE t3_spider, t2_spider, t;
+drop server s;
+
+# case by roel
+CREATE TABLE t1 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+CREATE TABLE t3 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",HOST "srv",TABLE "t"';
+SHOW TABLE STATUS;
+drop table t1, t2, t3;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29163.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29163.test
index 0bfcc46f..2e56583d 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_29163.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29163.test
@@ -6,9 +6,7 @@
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
-#FIXME: this is a workaround.
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
+set spider_same_server_link=1;
 evalp CREATE SERVER s FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 CREATE TABLE t1 (a INT);
@@ -24,8 +22,6 @@ SELECT t1_spider.* FROM t1_spider LEFT JOIN t2_spider LEFT JOIN t3_spider ON b =
 # Cleanup
 DROP TABLE t1_spider, t2_spider, t3_spider, t1, t2, t3;
 drop server s;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
-
 --disable_query_log
 --disable_result_log
 --source ../../t/test_deinit.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29421.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29421.test
new file mode 100644
index 00000000..47ad42d3
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29421.test
@@ -0,0 +1,26 @@
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+set @old_table_open_cache=@@global.table_open_cache;
+set global table_open_cache=10;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t_s (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv", TABLE "t"';
+CREATE TABLE t1 (a INT) ENGINE=Spider;
+--error 1429
+SELECT * FROM t1;
+--disable_result_log
+SELECT * FROM information_schema.tables;
+--enable_result_log
+DROP TABLE t, t_s, t1;
+drop server srv;
+set global table_open_cache=@old_table_open_cache;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29456.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29456.test
new file mode 100644
index 00000000..89d53227
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29456.test
@@ -0,0 +1,53 @@
+--echo #
+--echo # MDEV-29456 Spider hangs in 'Waiting for table metadata lock' state on CREATE TABLE after LOCK TABLES
+--echo #
+--source include/have_innodb.inc
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+LOCK TABLE t2 WRITE;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLE t3 WRITE;
+UNLOCK TABLES;
+drop table t1, t2, t3;
+
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t1 (c INT) ENGINE=Spider;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t2 WRITE;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t1 READ;
+--error ER_TABLE_EXISTS_ERROR
+CREATE TABLE t (c INT) ENGINE=Spider;
+drop table t, t1, t2;
+
+# MDEV-30049
+CREATE TABLE t (c INT) ENGINE=InnoDB;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+CREATE TABLE t3 (c INT) ENGINE=InnoDB;
+LOCK TABLES t2 WRITE;
+--error 1428
+LOCK TABLES mysql.proc WRITE,mysql.user WRITE;   # ERROR 1428 (HY000): You can't combine write-locking of system tables with other tables or lock types
+INSERT INTO t3 SELECT * FROM t;
+drop table t, t2, t3;
+
+drop server srv;
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_29456
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29502.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29502.test
index 88591f80..bacf5073 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_29502.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29502.test
@@ -8,6 +8,7 @@
 --enable_result_log
 --enable_query_log
 
+set spider_same_server_link=1;
 --let $srv=srv_mdev_29502
 evalp CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.cnf b/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.cnf
new file mode 100644
index 00000000..05dfd8a0
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.cnf
@@ -0,0 +1,3 @@
+!include include/default_mysqld.cnf
+!include ../my_1_1.cnf
+!include ../my_2_1.cnf
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.test
new file mode 100644
index 00000000..c96eb60e
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29667.test
@@ -0,0 +1,44 @@
+--echo #
+--echo # MDEV-29667 Server hangs on DROP DATABASE after failing LOCK TABLES on Spider table
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+--connection child2_1
+CREATE DATABASE auto_test_remote;
+USE auto_test_remote;
+eval CREATE TABLE tbl_a (
+    a INT
+) $CHILD2_1_ENGINE $CHILD2_1_CHARSET;
+
+--connection master_1
+CREATE DATABASE auto_test_local;
+USE auto_test_local;
+eval CREATE TABLE tbl_a (
+    a INT
+) $MASTER_1_ENGINE $MASTER_1_CHARSET COMMENT='table "tbl_a", srv "s_2_1"';
+eval CREATE TABLE tbl_b (
+    a INT
+) $MASTER_1_ENGINE $MASTER_1_CHARSET;
+
+LOCK TABLES tbl_a WRITE;
+--error 1429
+LOCK TABLES tbl_b READ, tbl_a READ;
+
+--connection master_1
+DROP DATABASE IF EXISTS auto_test_local;
+
+--connection child2_1
+DROP DATABASE IF EXISTS auto_test_remote;
+
+--disable_query_log
+--disable_result_log
+--source ../t/test_deinit.inc
+--enable_query_log
+--enable_result_log
+--echo #
+--echo # end of test mdev_29667
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_29963.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_29963.test
new file mode 100644
index 00000000..93b38c79
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_29963.test
@@ -0,0 +1,56 @@
+--echo #
+--echo # MDEV-29963 SIGSEGV in spider_db_mbase::append_lock_tables on LOCK TABLES
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+
+CREATE TABLE t (a INT) ENGINE=Spider;
+CREATE TABLE t2 (b INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t AS a READ,t2 AS b LOW_PRIORITY WRITE,t2 AS c WRITE;
+DROP TABLE t2;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t2 WRITE;
+DROP TABLE t2,t;
+
+# A less complex scenario
+CREATE TABLE t (a INT);
+CREATE TABLE t1 (a INT) ENGINE=Spider;
+CREATE TABLE t2 (b INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t1 READ, t2 WRITE;
+DROP TABLE t2;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
+LOCK TABLES t2 WRITE;
+UNLOCK TABLES;
+DROP TABLE t, t1, t2;
+
+# MDEV-31357
+CREATE TABLE t1 (c INT) ENGINE=Spider;
+CREATE TABLE t2 (c INT) ENGINE=Spider COMMENT="WRAPPER 'mysql',srv 'srv',TABLE 't1'";
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t1 WRITE,t2 WRITE;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+TRUNCATE t2;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLES t2 AS o WRITE;
+drop table t1, t2;
+
+drop server srv;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_29963
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_30014.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_30014.test
new file mode 100644
index 00000000..9c59adc8
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_30014.test
@@ -0,0 +1,46 @@
+--echo #
+--echo # MDEV-30014 heap-use-after-free in  ha_spider::lock_tables(), highly sporadic SIGSEGV in intern_close_table
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLE t2 WRITE,t3 WRITE;
+CREATE TABLE t4 (c INT) ENGINE=Spider;
+FLUSH NO_WRITE_TO_BINLOG TABLES t4 WITH READ LOCK;
+UNLOCK TABLES;
+
+drop table t1, t2, t3, t4;
+
+# This is a test case in MDEV-29456 but it is more like the above
+# case.
+create table t1 (c int);
+create table t2 (c int) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+CREATE TABLE t3 (c INT KEY) ENGINE=Spider;
+--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE
+LOCK TABLE t2 WRITE, t3 WRITE;
+UNLOCK TABLES;
+drop table t1, t2, t3;
+
+drop server srv;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_30014
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_30170.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_30170.test
new file mode 100644
index 00000000..69026843
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_30170.test
@@ -0,0 +1,8 @@
+install soname 'ha_spider';
+--error ER_BAD_TABLE_ERROR
+DROP TABLE non_existing_table;
+# Test that create or replace a non existing spider table work
+create or replace table non_existing_table (c int) engine=Spider;
+drop table non_existing_table;
+--disable_query_log
+--source ../../include/clean_up_spider.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_30392.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_30392.test
index 6d14f155..36e06f3f 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_30392.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_30392.test
@@ -6,9 +6,7 @@
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
-
+set spider_same_server_link=1;
 evalp CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 CREATE TABLE t1 (a INT);
@@ -21,7 +19,6 @@ SELECT a FROM t2 WHERE a IN ( SELECT a FROM t2 );
 
 DROP TABLE t1, t2;
 DROP SERVER srv;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 --disable_query_log
 --disable_result_log
 --source ../../t/test_deinit.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_30981.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_30981.test
index cc24ce82..ca3f000c 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_30981.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_30981.test
@@ -2,21 +2,18 @@
 --echo # MDEV-30981 Spider UBSAN: null pointer passed as argument 2, which is declared to never be null in spider_create_trx_alter_table on ALTER
 --echo #
 
-if (`select not(count(*)) from information_schema.system_variables where variable_name='have_sanitizer' and global_value like "%UBSAN%"`)
-{
---skip test needs to be run with UBSAN
-}
- 
+# this test should be checked with ubsan
+
 --disable_query_log
 --disable_result_log
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
- 
+
 CREATE TABLE t (c INT) ENGINE=Spider PARTITION BY LIST (c) (PARTITION p VALUES IN (1,2));
 ALTER TABLE t ENGINE=InnoDB;
 drop table t;
- 
+
 --disable_query_log
 --disable_result_log
 --source ../t/test_deinit.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_31338.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_31338.test
index e628c3b9..a3698c97 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_31338.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_31338.test
@@ -9,6 +9,7 @@
 --enable_result_log
 --enable_query_log
 
+set spider_same_server_link=1;
 evalp CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 CREATE TABLE t (c BLOB) ENGINE=InnoDB;
 CREATE TABLE ts (c BLOB) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_31524.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_31524.test
index 64cbf415..a5942fad 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_31524.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_31524.test
@@ -10,6 +10,7 @@
 
 --let $srv=srv_mdev_31524
 SET @old_spider_read_only_mode = @@session.spider_read_only_mode;
+set spider_same_server_link=1;
 evalp CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 # when the user does not set var nor the table option, the default
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_31645.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_31645.test
index 48bfa740..4dfe3b57 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_31645.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_31645.test
@@ -6,25 +6,17 @@
 --source ../../t/test_init.inc
 --enable_result_log
 --enable_query_log
-set @old_spider_disable_group_by_handler=@@spider_disable_group_by_handler;
-set spider_disable_group_by_handler=1;
-
+set spider_same_server_link=1;
 evalp CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
 CREATE TABLE t1 ( a bigint(20) NOT NULL, b bigint(20) DEFAULT 0, PRIMARY KEY (a));
 CREATE TABLE t2 ( a bigint(20) NOT NULL, b bigint(20) DEFAULT 0, PRIMARY KEY (a)) ENGINE=SPIDER COMMENT='srv "srv", WRAPPER "mysql", TABLE "t1"';
 
-SET SESSION optimizer_switch='semijoin=off';
-SELECT * FROM t2
-WHERE A BETWEEN 0 AND 10 AND B IN(SELECT B FROM t2 WHERE A BETWEEN 11 AND 20);
-
-SET SESSION optimizer_switch='semijoin=on';
-
+SELECT * FROM t2 WHERE b IN (SELECT b FROM t2 WHERE a > 10);
 SELECT * FROM t2
 WHERE A BETWEEN 0 AND 10 AND B IN(SELECT B FROM t2 WHERE A BETWEEN 11 AND 20);
 drop table t1, t2;
 drop server srv;
-set spider_disable_group_by_handler=@old_spider_disable_group_by_handler;
 --disable_query_log
 --disable_result_log
 --source ../../t/test_deinit.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_31996.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_31996.test
index 3e823790..93b004a0 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/mdev_31996.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_31996.test
@@ -4,6 +4,7 @@
 --enable_result_log
 --enable_query_log
 
+set spider_same_server_link=1;
 evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
 OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.opt b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.opt
new file mode 100644
index 00000000..c3151b0e
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.opt
@@ -0,0 +1,2 @@
+--sql-mode=oracle
+--plugin-load-add=ha_spider
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.test
new file mode 100644
index 00000000..2be7289f
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753.test
@@ -0,0 +1,12 @@
+--echo #
+--echo # MDEV-32753 Spider engine does not load in ORACLE mode
+--echo #
+
+# This test tests spider init during server startup under global
+# ORACLE mode
+select * from mysql.plugin;
+create table t (c int) Engine=SPIDER;
+drop table t;
+--echo #
+--echo # end of test mdev_32753
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.opt b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.opt
new file mode 100644
index 00000000..a918abb9
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.opt
@@ -0,0 +1 @@
+--sql-mode=oracle
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.test
new file mode 100644
index 00000000..de2ab789
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start.test
@@ -0,0 +1,20 @@
+--echo #
+--echo # MDEV-32753 Spider engine does not load in ORACLE mode
+--echo #
+
+# This test tests spider init after startup under global ORACLE mode
+install soname 'ha_spider';
+--replace_regex /\.dll/.so/
+select * from mysql.plugin;
+create table t (c int) Engine=SPIDER;
+drop table t;
+
+--disable_query_log
+--disable_result_log
+--source ../../include/clean_up_spider.inc
+--enable_result_log
+--enable_query_log
+
+--echo #
+--echo # end of test mdev_32753_after_start
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start_session.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start_session.test
new file mode 100644
index 00000000..bf7bdb4f
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32753_after_start_session.test
@@ -0,0 +1,22 @@
+--echo #
+--echo # MDEV-32753 Spider engine does not load in ORACLE mode
+--echo #
+
+# This test tests spider init after startup under session ORACLE mode
+set @old_sql_mode=@@sql_mode;
+SET @@sql_mode = CONCAT(@@sql_mode, ',ORACLE');
+install soname 'ha_spider';
+select * from mysql.plugin;
+create table t (c int) Engine=SPIDER;
+drop table t;
+set sql_mode=@old_sql_mode;
+
+--disable_query_log
+--disable_result_log
+--source ../../include/clean_up_spider.inc
+--enable_result_log
+--enable_query_log
+
+--echo #
+--echo # end of test mdev_32753_after_start
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_32986.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_32986.test
new file mode 100644
index 00000000..14438745
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_32986.test
@@ -0,0 +1,29 @@
+--echo #
+--echo # MDEV-32907
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+
+create table t2 (c varchar(16));
+create table t1 (c varchar(16)) ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+
+insert into t1 values ('TestSpiderRegex');
+select c from t1 where c regexp '(Test|Spider|Regex)';
+drop table t1, t2;
+drop server srv;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test mdev_32907
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_33008.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_33008.test
new file mode 100644
index 00000000..48d9a4f0
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_33008.test
@@ -0,0 +1,24 @@
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+set spider_same_server_link=on;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql
+OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t2 (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `code` varchar(10) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+);
+create table t1 ENGINE=Spider
+COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+show create table t1;
+drop table t1, t2;
+
+drop server srv;
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/mdev_33191.test b/storage/spider/mysql-test/spider/bugfix/t/mdev_33191.test
new file mode 100644
index 00000000..90709127
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/mdev_33191.test
@@ -0,0 +1,11 @@
+INSTALL SONAME 'ha_spider';
+set spider_same_server_link=on;
+CREATE TABLE t2(c INT);
+--let $SOCKET=`SELECT @@global.socket`
+evalp CREATE TABLE t1(c INT) ENGINE=Spider COMMENT='socket "$SOCKET", user "root", table "t2 t3"';
+ALTER TABLE t1 ENGINE=Spider;
+--error ER_NO_SUCH_TABLE
+TRUNCATE TABLE t1;
+drop table t1, t2;
+--disable_query_log
+--source ../../include/clean_up_spider.inc
diff --git a/storage/spider/mysql-test/spider/bugfix/t/perfschema.opt b/storage/spider/mysql-test/spider/bugfix/t/perfschema.opt
new file mode 100644
index 00000000..d2ed32dd
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/perfschema.opt
@@ -0,0 +1 @@
+--loose-performance-schema
diff --git a/storage/spider/mysql-test/spider/bugfix/t/perfschema.test b/storage/spider/mysql-test/spider/bugfix/t/perfschema.test
new file mode 100644
index 00000000..9346d2b5
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/perfschema.test
@@ -0,0 +1,16 @@
+source include/have_perfschema.inc;
+disable_query_log;
+source ../../include/init_spider.inc;
+enable_query_log;
+
+--echo #
+--echo # MDEV-33031 Assertion failure upon reading from performance schema with binlog enabled
+--echo #
+connect foo,localhost,root;
+select variable_name, variable_value from performance_schema.status_by_thread
+where variable_name like '%spider_direct_aggregate%';
+disconnect foo;
+connection default;
+
+disable_query_log;
+source ../../include/deinit_spider.inc;
diff --git a/storage/spider/mysql-test/spider/bugfix/t/self_reference_multi.test b/storage/spider/mysql-test/spider/bugfix/t/self_reference_multi.test
index 2ac927d9..4263560b 100644
--- a/storage/spider/mysql-test/spider/bugfix/t/self_reference_multi.test
+++ b/storage/spider/mysql-test/spider/bugfix/t/self_reference_multi.test
@@ -8,6 +8,9 @@
 --echo MDEV-6268 SPIDER table with no COMMENT clause causes queries to wait forever
 --echo
 
+set spider_same_server_link=1;
+set @old_spider_same_server_link=@@global.spider_same_server_link;
+set global spider_same_server_link=1;
 --let $srv=srv_self_reference_multi
 evalp CREATE SERVER $srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
 create table t2 (c int);
@@ -22,6 +25,7 @@ select * from t1;
 select * from t2;
 drop table t0, t1, t2;
 eval drop server $srv;
+set global spider_same_server_link=@old_spider_same_server_link;
 
 --disable_query_log
 --disable_result_log
diff --git a/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.opt b/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.opt
new file mode 100644
index 00000000..d883df7b
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.opt
@@ -0,0 +1,2 @@
+--plugin-load-add=ha_spider
+--debug-dbug=d,fail_spider_ddl_recovery_done
diff --git a/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.test b/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.test
new file mode 100644
index 00000000..f13eae3a
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/signal_ddl_fail.test
@@ -0,0 +1,10 @@
+--source include/have_debug.inc
+--echo #
+--echo # MDEV-32559 Move alter table statements in spider init queries to be executed in the signal_ddl_recovery_done callback
+--echo #
+# This test tests that failure in ddl_recovery callback causes the
+# plugin to be deinitialized.
+select * from mysql.plugin;
+--echo #
+--echo # end of test signal_ddl_fail
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/spider_join_with_non_spider.test b/storage/spider/mysql-test/spider/bugfix/t/spider_join_with_non_spider.test
new file mode 100644
index 00000000..294b469a
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/spider_join_with_non_spider.test
@@ -0,0 +1,29 @@
+--echo #
+--echo # Test joining a spider table with a non-spider table
+--echo #
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c int);
+create table t2 (d int);
+insert into t2 values (1), (2);
+create table t3 (c int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+insert into t3 values (2), (3);
+select c from t3 join t2 on c = d;
+drop table t1, t2, t3;
+drop server srv;
+
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test spider_join_with_non_spider
+--echo #
diff --git a/storage/spider/mysql-test/spider/bugfix/t/spider_table_sts.test b/storage/spider/mysql-test/spider/bugfix/t/spider_table_sts.test
deleted file mode 100644
index 72130175..00000000
--- a/storage/spider/mysql-test/spider/bugfix/t/spider_table_sts.test
+++ /dev/null
@@ -1,46 +0,0 @@
---source ../include/spider_table_sts_init.inc
---echo
---echo this test is for MDEV-19842
---echo
---echo drop and create databases
-
---connection master_1
---disable_warnings
-CREATE DATABASE auto_test_local;
-USE auto_test_local;
---enable_warnings
-
---echo
---echo create table
-
---connection master_1
---disable_query_log
-echo CREATE TABLE tbl_a (
-    pkey int NOT NULL,
-    PRIMARY KEY (pkey)
-) MASTER_1_ENGINE MASTER_1_CHARSET MASTER_1_COMMENT_2_1;
-eval CREATE TABLE tbl_a (
-    pkey int NOT NULL,
-    PRIMARY KEY (pkey)
-) $MASTER_1_ENGINE $MASTER_1_CHARSET $MASTER_1_COMMENT_2_1;
---enable_query_log
-
---echo
---echo select test 1
-
---connection master_1
---error 12609
-SELECT pkey FROM tbl_a;
-
---echo
---echo deinit
---disable_warnings
-
---connection master_1
---error 12609
-DROP DATABASE IF EXISTS auto_test_local;
-
---enable_warnings
---source ../include/spider_table_sts_deinit.inc
---echo
---echo end of test
diff --git a/storage/spider/mysql-test/spider/bugfix/t/subquery.test b/storage/spider/mysql-test/spider/bugfix/t/subquery.test
new file mode 100644
index 00000000..70238a52
--- /dev/null
+++ b/storage/spider/mysql-test/spider/bugfix/t/subquery.test
@@ -0,0 +1,31 @@
+--echo #
+--echo # Test spider select with subqueries
+--echo #
+--disable_query_log
+--disable_result_log
+--source ../../t/test_init.inc
+--enable_result_log
+--enable_query_log
+set spider_same_server_link=1;
+evalp CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root');
+create table t1 (c1 int);
+create table t2 (c2 int);
+
+insert into t1 values (1), (2);
+insert into t2 values (0), (1), (2);
+
+create table t1s (c1 int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t1"';
+create table t2s (c2 int) ENGINE=Spider COMMENT='WRAPPER "mysql", srv "srv",TABLE "t2"';
+
+select c1 from t1s, (select c2 from t2s where c2 > 0) t where c1 + 1 = c2;
+
+drop table t1, t2, t1s, t2s;
+drop server srv;
+--disable_query_log
+--disable_result_log
+--source ../../t/test_deinit.inc
+--enable_result_log
+--enable_query_log
+--echo #
+--echo # end of test subquery
+--echo #
diff --git a/storage/spider/mysql-test/spider/include/clean_up_spider.inc b/storage/spider/mysql-test/spider/include/clean_up_spider.inc
index 1f0659dc..1c977bfb 100644
--- a/storage/spider/mysql-test/spider/include/clean_up_spider.inc
+++ b/storage/spider/mysql-test/spider/include/clean_up_spider.inc
@@ -3,7 +3,8 @@ DROP FUNCTION spider_copy_tables;
 DROP FUNCTION spider_ping_table;
 DROP FUNCTION spider_bg_direct_sql;
 DROP FUNCTION spider_direct_sql;
-UNINSTALL SONAME IF EXISTS "ha_spider";
+--replace_regex /\.dll/.so/
+UNINSTALL SONAME IF EXISTS 'ha_spider';
 DROP TABLE IF EXISTS mysql.spider_xa;
 DROP TABLE IF EXISTS mysql.spider_xa_member;
 DROP TABLE IF EXISTS mysql.spider_xa_failed_log;
diff --git a/storage/spider/mysql-test/spider/include/init_spider.inc b/storage/spider/mysql-test/spider/include/init_spider.inc
index ccf9e305..6014b1d7 100644
--- a/storage/spider/mysql-test/spider/include/init_spider.inc
+++ b/storage/spider/mysql-test/spider/include/init_spider.inc
@@ -158,27 +158,6 @@ let $PLUGIN_VERSION=
   `SELECT SUBSTRING_INDEX(plugin_version, '.', 1)
      FROM information_schema.plugins
     WHERE plugin_name = 'SPIDER'`;
-if (`SELECT IF($PLUGIN_VERSION = 3, 1, 0)`)
-{
-  let $HAS_REWRITE=
-    `SELECT IF (STRCMP('$SERVER_NAME', 'MariaDB') = 0,
-                IF ($SERVER_MAJOR_VERSION = 10,
-                    IF ($SERVER_MINOR_VERSION < 4,  0, 1),
-                    IF ($SERVER_MAJOR_VERSION < 10, 0, 1)),
-                0)`;
-  let $HAS_REWRITE= 0;
-  if ($HAS_REWRITE)
-  {
-    let $PLUGIN_NAME= spider_flush_rewrite_cache;
-    let $PLUGIN_EXIST=
-      `SELECT COUNT(*) FROM mysql.func WHERE name = '$PLUGIN_NAME'`;
-    while (!$PLUGIN_EXIST)
-    {
-      let $PLUGIN_EXIST=
-        `SELECT COUNT(*) FROM mysql.func WHERE name = '$PLUGIN_NAME'`;
-    }
-  }
-}
 let $PLUGIN_NAME= spider_flush_table_mon_cache;
 let $PLUGIN_EXIST=
   `SELECT COUNT(*) FROM mysql.func WHERE name = '$PLUGIN_NAME'`;
diff --git a/storage/spider/mysql-test/spider/r/direct_join.result b/storage/spider/mysql-test/spider/r/direct_join.result
index 398985ac..96f18a54 100644
--- a/storage/spider/mysql-test/spider/r/direct_join.result
+++ b/storage/spider/mysql-test/spider/r/direct_join.result
@@ -167,7 +167,7 @@ connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
 select `id`,`hr_status`,`region_code`,`region` from `auto_test_remote`.`tbl_person` where `id` = '24FC3F0A5119432BAE13DD65AABAA39C' and `region` = 510411
-select count(0) `count(0)` from `auto_test_remote`.`tbl_ncd_cm_person` t0 where ((t0.`person_id` = '24FC3F0A5119432BAE13DD65AABAA39C') and (t0.`diseaseKind_id` = '52A0328740914BCE86ED10A4D2521816'))
+select count(0) `count(0)` from (select 1) t0 join `auto_test_remote`.`tbl_ncd_cm_person` t1 where ((t1.`person_id` = '24FC3F0A5119432BAE13DD65AABAA39C') and (t1.`diseaseKind_id` = '52A0328740914BCE86ED10A4D2521816'))
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT * FROM tbl_person;
 id	hr_status	region_code	region
diff --git a/storage/spider/mysql-test/spider/r/direct_left_right_join_nullable.result b/storage/spider/mysql-test/spider/r/direct_left_right_join_nullable.result
index a6bd3a7c..96b00c61 100644
--- a/storage/spider/mysql-test/spider/r/direct_left_right_join_nullable.result
+++ b/storage/spider/mysql-test/spider/r/direct_left_right_join_nullable.result
@@ -87,7 +87,7 @@ NULL	NULL	NULL	3
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join (`auto_test_remote`.`ta_r_auto_inc` t2 join `auto_test_remote`.`ta_r_3` t1 join `auto_test_remote`.`ta_r` t0) on ((t2.`b` = t3.`b`) and (t2.`c` = t1.`c`) and (t0.`a` = t1.`a`) and (t1.`a` is not null)) where 1 order by t3.`a` desc
+select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join (`auto_test_remote`.`ta_r` t0 join `auto_test_remote`.`ta_r_3` t1 join `auto_test_remote`.`ta_r_auto_inc` t2) on ((t2.`b` = t3.`b`) and (t2.`c` = t1.`c`) and (t0.`a` = t1.`a`) and (t1.`a` is not null)) where 1 order by t3.`a` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/direct_left_right_left_join_nullable.result b/storage/spider/mysql-test/spider/r/direct_left_right_left_join_nullable.result
index 8fab6d24..7ba1084a 100644
--- a/storage/spider/mysql-test/spider/r/direct_left_right_left_join_nullable.result
+++ b/storage/spider/mysql-test/spider/r/direct_left_right_left_join_nullable.result
@@ -86,7 +86,7 @@ NULL	c	2000-01-03 00:00:00	3
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_auto_inc` t2 left join (`auto_test_remote`.`ta_r_3` t1 join `auto_test_remote`.`ta_r` t0) on ((t1.`c` = t2.`c`) and (t0.`a` = t1.`a`) and (t1.`a` is not null)) left join `auto_test_remote`.`ta_r_no_idx` t3 on (t3.`b` = t2.`b`) where 1 order by t3.`a` desc
+select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_auto_inc` t2 left join (`auto_test_remote`.`ta_r` t0 join `auto_test_remote`.`ta_r_3` t1) on ((t1.`c` = t2.`c`) and (t0.`a` = t1.`a`) and (t1.`a` is not null)) left join `auto_test_remote`.`ta_r_no_idx` t3 on (t3.`b` = t2.`b`) where 1 order by t3.`a` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/direct_right_join.result b/storage/spider/mysql-test/spider/r/direct_right_join.result
index d7780b94..ee0940a4 100644
--- a/storage/spider/mysql-test/spider/r/direct_right_join.result
+++ b/storage/spider/mysql-test/spider/r/direct_right_join.result
@@ -79,7 +79,7 @@ a	b	c
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`b` `b`,t0.`a` `a`,t2.`b` `b`,t2.`c` `c` from `auto_test_remote`.`ta_r_int` t2 left join (`auto_test_remote`.`ta_r` t0 join `auto_test_remote`.`ta_r_3` t1) on ((t0.`a` = t2.`a`) and (t1.`a` = t2.`a`)) where 1 order by t0.`b` desc
+select t0.`b` `b`,t0.`a` `a`,t2.`b` `b`,t2.`c` `c` from `auto_test_remote`.`ta_r_int` t2 left join (`auto_test_remote`.`ta_r_3` t1 join `auto_test_remote`.`ta_r` t0) on ((t0.`a` = t2.`a`) and (t1.`a` = t2.`a`)) where 1 order by t0.`b` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/direct_right_join_nullable.result b/storage/spider/mysql-test/spider/r/direct_right_join_nullable.result
index 5101ea50..fefb67fa 100644
--- a/storage/spider/mysql-test/spider/r/direct_right_join_nullable.result
+++ b/storage/spider/mysql-test/spider/r/direct_right_join_nullable.result
@@ -87,7 +87,7 @@ NULL	c	2000-01-03 00:00:00	3
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join `auto_test_remote`.`ta_r_auto_inc` t2 on (t2.`b` = t3.`b`) left join `auto_test_remote`.`ta_r_3` t1 on (t1.`c` = t2.`c`) left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null)) where 1 order by t3.`a` desc
+select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join (`auto_test_remote`.`ta_r_auto_inc` t2 left join (`auto_test_remote`.`ta_r_3` t1 left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null))) on (t1.`c` = t2.`c`)) on (t2.`b` = t3.`b`) where 1 order by t3.`a` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/direct_right_left_join_nullable.result b/storage/spider/mysql-test/spider/r/direct_right_left_join_nullable.result
index c90fe3ab..64c3b57c 100644
--- a/storage/spider/mysql-test/spider/r/direct_right_left_join_nullable.result
+++ b/storage/spider/mysql-test/spider/r/direct_right_left_join_nullable.result
@@ -86,7 +86,7 @@ NULL	c	2000-01-03 00:00:00	3
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_auto_inc` t2 left join `auto_test_remote`.`ta_r_3` t1 on (t1.`c` = t2.`c`) left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null)) left join `auto_test_remote`.`ta_r_no_idx` t3 on (t3.`b` = t2.`b`) where 1 order by t3.`a` desc
+select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_auto_inc` t2 left join (`auto_test_remote`.`ta_r_3` t1 left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null))) on (t1.`c` = t2.`c`) left join `auto_test_remote`.`ta_r_no_idx` t3 on (t3.`b` = t2.`b`) where 1 order by t3.`a` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/direct_right_left_right_join_nullable.result b/storage/spider/mysql-test/spider/r/direct_right_left_right_join_nullable.result
index f6c808be..68d11934 100644
--- a/storage/spider/mysql-test/spider/r/direct_right_left_right_join_nullable.result
+++ b/storage/spider/mysql-test/spider/r/direct_right_left_right_join_nullable.result
@@ -87,7 +87,7 @@ NULL	c	2000-01-03 00:00:00	3
 connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %';
 argument
-select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join (`auto_test_remote`.`ta_r_auto_inc` t2 join `auto_test_remote`.`ta_r_3` t1 left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null))) on ((t2.`b` = t3.`b`) and (t2.`c` = t1.`c`)) where 1 order by t3.`a` desc
+select t0.`a` `a`,t2.`b` `b`,t2.`c` `c`,t3.`a` `a` from `auto_test_remote`.`ta_r_no_idx` t3 left join (`auto_test_remote`.`ta_r_3` t1 left join `auto_test_remote`.`ta_r` t0 on ((t0.`a` = t1.`a`) and (t1.`a` is not null)) join `auto_test_remote`.`ta_r_auto_inc` t2) on ((t2.`b` = t3.`b`) and (t2.`c` = t1.`c`)) where 1 order by t3.`a` desc
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT a, b, date_format(c, '%Y-%m-%d %H:%i:%s') FROM ta_r ORDER BY a;
 a	b	date_format(c, '%Y-%m-%d %H:%i:%s')
diff --git a/storage/spider/mysql-test/spider/r/partition_join_pushdown_for_single_partition.result b/storage/spider/mysql-test/spider/r/partition_join_pushdown_for_single_partition.result
index 3eed8df2..850546fa 100644
--- a/storage/spider/mysql-test/spider/r/partition_join_pushdown_for_single_partition.result
+++ b/storage/spider/mysql-test/spider/r/partition_join_pushdown_for_single_partition.result
@@ -86,8 +86,10 @@ SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argum
 argument
 select `value` from `auto_test_remote2`.`tbl_a` where `value` = 5
 select `value2` from `auto_test_remote2`.`tbl_b` where `value2` = 5
+select sum('5') `sum(a.value)`,count('5') `count(b.value2)` from (select 1) t0 join (select 1) t1
 select `value` from `auto_test_remote2`.`tbl_a` where `value` = 5
 select `value2` from `auto_test_remote2`.`tbl_b` where `value2` = 5
+select sum('5') `sum(a.value)`,count('5') `count(b.value2)` from (select 1) t0 join (select 1) t1
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%select %'
 SELECT value FROM tbl_a ORDER BY value;
 value
diff --git a/storage/spider/mysql-test/spider/r/variable_deprecation.result b/storage/spider/mysql-test/spider/r/variable_deprecation.result
index cea36ff2..be964ce4 100644
--- a/storage/spider/mysql-test/spider/r/variable_deprecation.result
+++ b/storage/spider/mysql-test/spider/r/variable_deprecation.result
@@ -75,8 +75,6 @@ Warning	1287	'@@spider_load_crd_at_startup' is deprecated and will be removed in
 SHOW VARIABLES LIKE "spider_load_crd_at_startup";
 Variable_name	Value
 spider_load_crd_at_startup	0
-DROP TABLE tbl_a;
-DROP TABLE tbl_b;
 # MDEV-28008 Deprecate spider_crd_mode and spider_sts_mode
 SET spider_crd_mode = 1;
 Warnings:
diff --git a/storage/spider/mysql-test/spider/regression/e1121/r/direct_join_by_pkey_key.result b/storage/spider/mysql-test/spider/regression/e1121/r/direct_join_by_pkey_key.result
index a5553304..72645f4f 100644
--- a/storage/spider/mysql-test/spider/regression/e1121/r/direct_join_by_pkey_key.result
+++ b/storage/spider/mysql-test/spider/regression/e1121/r/direct_join_by_pkey_key.result
@@ -46,7 +46,7 @@ connection child2_1;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%`tbl_a`%' ;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%`tbl_b`%';
 argument
-select t0.`val` `val`,t0.`akey` `akey` from `auto_test_remote`.`tbl_a` t0 where (t0.`akey` = '4')
+select t0.`val` `val`,t0.`akey` `akey` from `auto_test_remote`.`tbl_a` t0 join (select 1) t1 where (t0.`akey` = '4')
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%`tbl_a`%' ;
 SELECT argument FROM mysql.general_log WHERE command_type != 'Execute' AND argument LIKE '%`tbl_b`%'
 argument
diff --git a/storage/spider/mysql-test/spider/t/variable_deprecation.test b/storage/spider/mysql-test/spider/t/variable_deprecation.test
index 3ed8dcf5..6159b25b 100644
--- a/storage/spider/mysql-test/spider/t/variable_deprecation.test
+++ b/storage/spider/mysql-test/spider/t/variable_deprecation.test
@@ -47,9 +47,6 @@ SHOW VARIABLES LIKE "spider_load_sts_at_startup";
 SET GLOBAL spider_load_crd_at_startup = 0;
 SHOW VARIABLES LIKE "spider_load_crd_at_startup";
 
-DROP TABLE tbl_a;
-DROP TABLE tbl_b;
-
 --echo # MDEV-28008 Deprecate spider_crd_mode and spider_sts_mode
 SET spider_crd_mode = 1;
 SHOW VARIABLES LIKE "spider_crd_mode";
diff --git a/storage/spider/spd_conn.cc b/storage/spider/spd_conn.cc
index 443912b5..92775896 100644
--- a/storage/spider/spd_conn.cc
+++ b/storage/spider/spd_conn.cc
@@ -411,7 +411,7 @@ SPIDER_CONN *spider_create_conn(
       tables_on_different_db_are_joinable = TRUE;
     }
     if (!(conn = (SPIDER_CONN *)
-      spider_bulk_malloc(spider_current_trx, 18, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx,  SPD_MID_CREATE_CONN_1, MYF(MY_WME | MY_ZEROFILL),
         &conn, (uint) (sizeof(*conn)),
         &tmp_name, (uint) (share->conn_keys_lengths[link_idx] + 1),
         &tmp_host, (uint) (share->tgt_hosts_lengths[link_idx] + 1),
@@ -450,7 +450,7 @@ SPIDER_CONN *spider_create_conn(
       goto error_alloc_conn;
     }
 
-    conn->default_database.init_calc_mem(75);
+    conn->default_database.init_calc_mem(SPD_MID_CREATE_CONN_2);
     conn->conn_key_length = share->conn_keys_lengths[link_idx];
     conn->conn_key = tmp_name;
     memcpy(conn->conn_key, share->conn_keys[link_idx],
@@ -1204,13 +1204,7 @@ int spider_conn_queue_and_merge_loop_check(
     lcptr->flag = SPIDER_LOP_CHK_MERAGED;
     lcptr->next = NULL;
     if (!conn->loop_check_meraged_first)
-    {
       conn->loop_check_meraged_first = lcptr;
-      conn->loop_check_meraged_last = lcptr;
-    } else {
-      conn->loop_check_meraged_last->next = lcptr;
-      conn->loop_check_meraged_last = lcptr;
-    }
   }
   DBUG_RETURN(0);
 
@@ -1303,7 +1297,7 @@ int spider_conn_queue_loop_check(
   loop_check_buf[lex_str.length] = '\0';
   DBUG_PRINT("info", ("spider param name=%s", lex_str.str));
   loop_check = get_variable(&thd->user_vars, &lex_str, FALSE);
-  if (!loop_check || loop_check->type != STRING_RESULT)
+  if (!loop_check || loop_check->type_handler()->result_type() != STRING_RESULT)
   {
     DBUG_PRINT("info", ("spider client is not Spider"));
     lex_str.str = "";
@@ -1865,7 +1859,7 @@ int spider_create_conn_thread(
       error_num = HA_ERR_OUT_OF_MEM;
       goto error_job_stack_init;
     }
-    spider_alloc_calc_mem_init(conn->bg_job_stack, 163);
+    spider_alloc_calc_mem_init(conn->bg_job_stack, SPD_MID_CREATE_CONN_THREAD_1);
     spider_alloc_calc_mem(spider_current_trx,
       conn->bg_job_stack,
       conn->bg_job_stack.max_element *
@@ -3476,7 +3470,7 @@ int spider_create_mon_threads(
       char *buf = (char *) my_alloca(share->table_name_length + SPIDER_SQL_INT_LEN + 1);
       spider_string conv_name_str(buf, share->table_name_length +
         SPIDER_SQL_INT_LEN + 1, system_charset_info);
-      conv_name_str.init_calc_mem(105);
+      conv_name_str.init_calc_mem(SPD_MID_CREATE_MON_THREADS_1);
       conv_name_str.length(0);
       conv_name_str.q_append(share->table_name, share->table_name_length);
       for (roop_count = 0; roop_count < (int) share->all_link_count;
@@ -3509,7 +3503,7 @@ int spider_create_mon_threads(
         }
       }
       if (!(share->bg_mon_thds = (THD **)
-        spider_bulk_malloc(spider_current_trx, 23, MYF(MY_WME | MY_ZEROFILL),
+        spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_MON_THREADS_2, MYF(MY_WME | MY_ZEROFILL),
           &share->bg_mon_thds,
             (uint) (sizeof(THD *) * share->all_link_count),
           &share->bg_mon_threads,
diff --git a/storage/spider/spd_copy_tables.cc b/storage/spider/spd_copy_tables.cc
index ab1f8d35..70ca17f8 100644
--- a/storage/spider/spd_copy_tables.cc
+++ b/storage/spider/spd_copy_tables.cc
@@ -274,7 +274,7 @@ int spider_udf_get_copy_tgt_tables(
   }
   do {
     if (!(table_conn = (SPIDER_COPY_TABLE_CONN *)
-      spider_bulk_malloc(spider_current_trx, 25, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_UDF_GET_COPY_TGT_TABLES_1, MYF(MY_WME | MY_ZEROFILL),
         &table_conn, (uint) (sizeof(SPIDER_COPY_TABLE_CONN)),
         &tmp_share, (uint) (sizeof(SPIDER_SHARE)),
         &tmp_connect_info,
@@ -590,7 +590,7 @@ int spider_udf_copy_tables_create_table_list(
   }
 
   if (!(copy_tables->link_idxs[0] = (int *)
-    spider_bulk_malloc(spider_current_trx, 26, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_UDF_COPY_TABLES_CREATE_TABLE_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       &copy_tables->link_idxs[0],
         (uint) (sizeof(int) * copy_tables->link_idx_count[0]),
       &copy_tables->link_idxs[1],
@@ -772,7 +772,7 @@ long long spider_copy_tables_body(
   }
 
   if (!(copy_tables = (SPIDER_COPY_TABLES *)
-    spider_bulk_malloc(spider_current_trx, 27, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_COPY_TABLES_BODY_1, MYF(MY_WME | MY_ZEROFILL),
       &copy_tables, (uint) (sizeof(SPIDER_COPY_TABLES)),
       NullS))
   ) {
@@ -984,7 +984,7 @@ long long spider_copy_tables_body(
   {
     tmp_spider = &spider[roop_count];
     if (!(tmp_spider->dbton_handler = (spider_db_handler **)
-      spider_bulk_alloc_mem(spider_current_trx, 205,
+      spider_bulk_alloc_mem(spider_current_trx, SPD_MID_COPY_TABLES_BODY_2,
         __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
         &tmp_spider->dbton_handler,
           sizeof(spider_db_handler *) * SPIDER_DBTON_SIZE,
@@ -1005,7 +1005,7 @@ long long spider_copy_tables_body(
     }
 */
     tmp_spider->conns = &table_conn->conn;
-    tmp_sql[roop_count].init_calc_mem(122);
+    tmp_sql[roop_count].init_calc_mem(SPD_MID_COPY_TABLES_BODY_3);
     tmp_sql[roop_count].set_charset(copy_tables->access_charset);
     tmp_spider->result_list.sqls = &tmp_sql[roop_count];
     tmp_spider->need_mons = &table_conn->need_mon;
@@ -1030,7 +1030,7 @@ long long spider_copy_tables_body(
   {
     tmp_spider = &spider[roop_count];
     if (!(tmp_spider->dbton_handler = (spider_db_handler **)
-      spider_bulk_alloc_mem(spider_current_trx, 206,
+      spider_bulk_alloc_mem(spider_current_trx, SPD_MID_COPY_TABLES_BODY_4,
         __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
         &tmp_spider->dbton_handler,
           sizeof(spider_db_handler *) * SPIDER_DBTON_SIZE,
@@ -1051,7 +1051,7 @@ long long spider_copy_tables_body(
     }
 */
     tmp_spider->conns = &table_conn->conn;
-    tmp_sql[roop_count].init_calc_mem(201);
+    tmp_sql[roop_count].init_calc_mem(SPD_MID_COPY_TABLES_BODY_5);
     tmp_sql[roop_count].set_charset(copy_tables->access_charset);
     tmp_spider->result_list.sqls = &tmp_sql[roop_count];
     tmp_spider->need_mons = &table_conn->need_mon;
diff --git a/storage/spider/spd_db_conn.cc b/storage/spider/spd_db_conn.cc
index a541a5db..16d5b836 100644
--- a/storage/spider/spd_db_conn.cc
+++ b/storage/spider/spd_db_conn.cc
@@ -250,7 +250,7 @@ int spider_db_conn_queue_action(
   spider_string sql_str(sql_buf, sizeof(sql_buf), system_charset_info);
   DBUG_ENTER("spider_db_conn_queue_action");
   DBUG_PRINT("info", ("spider conn=%p", conn));
-  sql_str.init_calc_mem(106);
+  sql_str.init_calc_mem(SPD_MID_DB_CONN_QUEUE_ACTION_1);
   sql_str.length(0);
   if (conn->queued_connect)
   {
@@ -651,7 +651,7 @@ int spider_db_query(
       DBUG_RETURN(error_num);
 #ifndef DBUG_OFF
     spider_string tmp_query_str(sizeof(char) * (length + 1));
-    tmp_query_str.init_calc_mem(107);
+    tmp_query_str.init_calc_mem(SPD_MID_DB_QUERY_1);
     char *tmp_query = (char *) tmp_query_str.c_ptr_safe();
     memcpy(tmp_query, query, length);
     tmp_query[length] = '\0';
@@ -2174,7 +2174,7 @@ int spider_db_fetch_for_item_sum_func(
         {
           if (!spider->direct_aggregate_item_first)
           {
-            if (!spider_bulk_malloc(spider_current_trx, 240, MYF(MY_WME),
+            if (!spider_bulk_malloc(spider_current_trx, SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_1, MYF(MY_WME),
               &spider->direct_aggregate_item_first,
               (uint) (sizeof(SPIDER_ITEM_HLD)),
               NullS)
@@ -2191,7 +2191,7 @@ int spider_db_fetch_for_item_sum_func(
         } else {
           if (!spider->direct_aggregate_item_current->next)
           {
-            if (!spider_bulk_malloc(spider_current_trx, 241, MYF(MY_WME),
+            if (!spider_bulk_malloc(spider_current_trx, SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_2, MYF(MY_WME),
               &spider->direct_aggregate_item_current->next,
               (uint) (sizeof(SPIDER_ITEM_HLD)), NullS)
             ) {
@@ -2235,7 +2235,7 @@ int spider_db_fetch_for_item_sum_func(
         } else {
           char buf[MAX_FIELD_WIDTH];
           spider_string tmp_str(buf, MAX_FIELD_WIDTH, share->access_charset);
-          tmp_str.init_calc_mem(242);
+          tmp_str.init_calc_mem(SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_3);
           tmp_str.length(0);
           if ((error_num = row->append_to_str(&tmp_str)))
             DBUG_RETURN(error_num);
@@ -3089,7 +3089,7 @@ int spider_db_store_result(
       if (!result_list->first)
       {
         if (!(result_list->first = (SPIDER_RESULT *)
-          spider_malloc(spider_current_trx, 4, sizeof(*result_list->first),
+          spider_malloc(spider_current_trx, SPD_MID_DB_STORE_RESULT_1, sizeof(*result_list->first),
             MYF(MY_WME | MY_ZEROFILL)))
         ) {
           if (!conn->mta_conn_mutex_unlock_later)
@@ -3119,7 +3119,7 @@ int spider_db_store_result(
         if (result_list->bgs_current == result_list->last)
         {
           if (!(result_list->last = (SPIDER_RESULT *)
-            spider_malloc(spider_current_trx, 5, sizeof(*result_list->last),
+            spider_malloc(spider_current_trx, SPD_MID_DB_STORE_RESULT_2, sizeof(*result_list->last),
                MYF(MY_WME | MY_ZEROFILL)))
           ) {
             if (!conn->mta_conn_mutex_unlock_later)
@@ -3162,7 +3162,7 @@ int spider_db_store_result(
         if (result_list->current == result_list->last)
         {
           if (!(result_list->last = (SPIDER_RESULT *)
-            spider_malloc(spider_current_trx, 6, sizeof(*result_list->last),
+            spider_malloc(spider_current_trx, SPD_MID_DB_STORE_RESULT_3, sizeof(*result_list->last),
               MYF(MY_WME | MY_ZEROFILL)))
           ) {
             if (!conn->mta_conn_mutex_unlock_later)
@@ -3373,7 +3373,7 @@ int spider_db_store_result(
       }
       current->field_count = field_count;
       if (!(position = (SPIDER_POSITION *)
-        spider_bulk_malloc(spider_current_trx, 7, MYF(MY_WME | MY_ZEROFILL),
+        spider_bulk_malloc(spider_current_trx, SPD_MID_DB_STORE_RESULT_4, MYF(MY_WME | MY_ZEROFILL),
           &position, (uint) (sizeof(SPIDER_POSITION) * page_size),
           &tmp_row, (uint) (sizeof(SPIDER_DB_ROW) * field_count),
           NullS))
@@ -3436,7 +3436,7 @@ int spider_db_store_result(
         THD *thd = current_thd;
         char buf[MAX_FIELD_WIDTH];
         spider_string tmp_str(buf, MAX_FIELD_WIDTH, &my_charset_bin);
-        tmp_str.init_calc_mem(120);
+        tmp_str.init_calc_mem(SPD_MID_DB_STORE_RESULT_5);
 
         DBUG_PRINT("info",("spider store result to temporary table"));
         DBUG_ASSERT(!current->result_tmp_tbl);
@@ -3797,7 +3797,7 @@ int spider_db_store_result_for_reuse_cursor(
       THD *thd = current_thd;
       char buf[MAX_FIELD_WIDTH];
       spider_string tmp_str(buf, MAX_FIELD_WIDTH, &my_charset_bin);
-      tmp_str.init_calc_mem(120);
+      tmp_str.init_calc_mem(SPD_MID_DB_STORE_RESULT_FOR_REUSE_CURSOR_1);
 
       DBUG_PRINT("info",("spider store result to temporary table"));
       DBUG_ASSERT(!current->result_tmp_tbl);
@@ -6537,7 +6537,7 @@ int spider_db_delete_all_rows(
       spider->conn_link_idx, roop_count, share->link_count,
       SPIDER_LINK_STATUS_RECOVERY)
   ) {
-    uint dbton_id = share->use_sql_dbton_ids[roop_count];
+    uint dbton_id = share->sql_dbton_ids[roop_count];
     spider_db_handler *dbton_hdl = spider->dbton_handler[dbton_id];
     conn = spider->conns[roop_count];
     pthread_mutex_assert_not_owner(&conn->mta_conn_mutex);
@@ -7468,19 +7468,20 @@ int spider_db_open_item_ident(
       } else {
         if (str)
         {
-          SPIDER_FIELD_CHAIN *field_chain = fields->get_next_field_chain();
-          SPIDER_FIELD_HOLDER *field_holder = field_chain->field_holder;
-          spider = field_holder->spider;
+          SPIDER_TABLE_HOLDER *table= fields->find_table(field);
+          /* If table or table->spider is NULL the GBH creation
+          would have been skipped the first pass (see below). */
+          spider = table->spider;
           share = spider->share;
           if ((error_num = share->dbton_share[dbton_id]->
             append_column_name_with_alias(str, field->field_index,
-            field_holder->alias->ptr(), field_holder->alias->length())))
+            table->alias->ptr(), table->alias->length())))
             DBUG_RETURN(error_num);
-        } else {
-          if ((error_num = fields->add_field(field)))
-          {
-            DBUG_RETURN(error_num);
-          }
+        } else
+        {
+          SPIDER_TABLE_HOLDER *table= fields->find_table(field);
+          if (!table || !table->spider)
+            DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
         }
       }
     }
@@ -7583,21 +7584,20 @@ int spider_db_open_item_field(
         } else {
           if (str)
           {
-            SPIDER_FIELD_CHAIN *field_chain = fields->get_next_field_chain();
-            SPIDER_FIELD_HOLDER *field_holder = field_chain->field_holder;
-            spider = field_holder->spider;
+            SPIDER_TABLE_HOLDER *table= fields->find_table(field);
+            /* If table or table->spider is NULL the GBH creation
+            would have been skipped the first pass (see below). */
+            spider = table->spider;
             share = spider->share;
-            field = spider->field_exchange(field);
-            DBUG_ASSERT(field);
             if ((error_num = share->dbton_share[dbton_id]->
               append_column_name_with_alias(str, field->field_index,
-              field_holder->alias->ptr(), field_holder->alias->length())))
+              table->alias->ptr(), table->alias->length())))
               DBUG_RETURN(error_num);
-          } else {
-            if ((error_num = fields->add_field(field)))
-            {
-              DBUG_RETURN(error_num);
-            }
+          } else
+          {
+            SPIDER_TABLE_HOLDER *table= fields->find_table(field);
+            if (!table || !table->spider)
+              DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
           }
           DBUG_RETURN(0);
         }
@@ -7740,7 +7740,7 @@ int spider_db_open_item_string(
     char tmp_buf[MAX_FIELD_WIDTH];
     spider_string tmp_str(tmp_buf, MAX_FIELD_WIDTH, str->charset());
     String *tmp_str2;
-    tmp_str.init_calc_mem(126);
+    tmp_str.init_calc_mem(SPD_MID_DB_OPEN_ITEM_STRING_1);
 
     if (!(tmp_str2 = item->val_str(tmp_str.get_str())))
     {
@@ -7859,7 +7859,7 @@ int spider_db_open_item_int(
     char tmp_buf[MAX_FIELD_WIDTH];
     spider_string tmp_str(tmp_buf, MAX_FIELD_WIDTH, str->charset());
     String *tmp_str2;
-    tmp_str.init_calc_mem(127);
+    tmp_str.init_calc_mem(SPD_MID_DB_OPEN_ITEM_INT_1);
 
     if (!(tmp_str2 = item->val_str(tmp_str.get_str())))
     {
@@ -8909,8 +8909,8 @@ int spider_db_udf_ping_table(
         system_charset_info);
       spider_string where_str(where_buf, sizeof(where_buf),
         system_charset_info);
-      sql_str.init_calc_mem(128);
-      where_str.init_calc_mem(129);
+      sql_str.init_calc_mem(SPD_MID_DB_UDF_PING_TABLE_1);
+      where_str.init_calc_mem(SPD_MID_DB_UDF_PING_TABLE_2);
       sql_str.length(0);
       where_str.length(0);
       if (
@@ -9020,8 +9020,8 @@ int spider_db_udf_ping_table_append_mon_next(
   spider_string where_clause_str(where_clause ? where_clause : "",
     where_clause_length + 1, str->charset());
   DBUG_ENTER("spider_db_udf_ping_table_append_mon_next");
-  child_table_name_str.init_calc_mem(130);
-  where_clause_str.init_calc_mem(131);
+  child_table_name_str.init_calc_mem(SPD_MID_DB_UDF_PING_TABLE_APPEND_MON_NEXT_1);
+  where_clause_str.init_calc_mem(SPD_MID_DB_UDF_PING_TABLE_APPEND_MON_NEXT_2);
   child_table_name_str.length(child_table_name_length);
   where_clause_str.length(where_clause_length);
   limit_str_length = my_sprintf(limit_str, (limit_str, "%lld", limit));
@@ -9174,7 +9174,7 @@ int spider_db_udf_ping_table_mon_next(
   }
   spider_string sql_str(sql_buf, sizeof(sql_buf),
     thd->variables.character_set_client);
-  sql_str.init_calc_mem(132);
+  sql_str.init_calc_mem(SPD_MID_DB_UDF_PING_TABLE_MON_NEXT_1);
   sql_str.length(0);
   trx.thd = thd;
   spider.share = share;
@@ -9328,7 +9328,7 @@ int spider_db_udf_copy_tables(
   KEY *key_info = &table->key_info[table->s->primary_key];
   DBUG_ENTER("spider_db_udf_copy_tables");
   if (!(last_row_pos = (ulong *)
-    spider_bulk_malloc(spider_current_trx, 30, MYF(MY_WME),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_DB_UDF_COPY_TABLES_1, MYF(MY_WME),
       &last_row_pos, (uint) (sizeof(ulong) * table->s->fields),
       &last_lengths, (uint) (sizeof(ulong) * table->s->fields),
       NullS))
diff --git a/storage/spider/spd_db_include.h b/storage/spider/spd_db_include.h
index ef0fb8f2..c2cbe5f2 100644
--- a/storage/spider/spd_db_include.h
+++ b/storage/spider/spd_db_include.h
@@ -542,34 +542,26 @@ typedef struct spider_conn_holder
   spider_conn_holder *next;
 } SPIDER_CONN_HOLDER;
 
+/* Record information of a local (spider) table, for use of the spider
+group by handler. */
 typedef struct spider_table_holder
 {
   TABLE *table;
   ha_spider *spider;
+  /* alias of the table, in the form of tk, where k is the index of
+  the table from `query->from' indexed by next_local. */
   spider_string *alias;
 } SPIDER_TABLE_HOLDER;
 
-typedef struct spider_field_holder
-{
-  Field *field;
-  ha_spider *spider;
-  spider_string *alias;
-  spider_field_holder *next;
-} SPIDER_FIELD_HOLDER;
-
-typedef struct spider_field_chain
-{
-  spider_field_holder *field_holder;
-  spider_field_chain *next;
-} SPIDER_FIELD_CHAIN;
-
+/* For use of the spider group by handler. */
 class spider_fields
 {
   uint dbton_count;
   uint current_dbton_num;
   uint dbton_ids[SPIDER_DBTON_SIZE];
+  /* Number of tables in `query->from'. */
   uint table_count;
-  uint current_table_num;
+  /* All tables in `query->from', in the same order by next_local. */
   SPIDER_TABLE_HOLDER *table_holder;
   SPIDER_LINK_IDX_CHAIN *first_link_idx_chain;
   SPIDER_LINK_IDX_CHAIN *last_link_idx_chain;
@@ -578,13 +570,6 @@ class spider_fields
   SPIDER_CONN_HOLDER *first_conn_holder;
   SPIDER_CONN_HOLDER *last_conn_holder;
   SPIDER_CONN_HOLDER *current_conn_holder;
-  SPIDER_FIELD_HOLDER *first_field_holder;
-  SPIDER_FIELD_HOLDER *last_field_holder;
-  SPIDER_FIELD_HOLDER *current_field_holder;
-  SPIDER_FIELD_CHAIN *first_field_chain;
-  SPIDER_FIELD_CHAIN *last_field_chain;
-  SPIDER_FIELD_CHAIN *current_field_chain;
-  Field **first_field_ptr;
   Field **current_field_ptr;
 public:
   spider_fields();
@@ -627,8 +612,6 @@ public:
     long access_balance
   );
   SPIDER_CONN_HOLDER *create_conn_holder();
-  void set_pos_to_first_conn_holder();
-  SPIDER_CONN_HOLDER *get_next_conn_holder();
   bool has_conn_holder();
   void clear_conn_holder_from_conn();
   bool check_conn_same_conn(
@@ -642,24 +625,14 @@ public:
   void free_conn_holder(
     SPIDER_CONN_HOLDER *conn_holder_arg
   );
-  SPIDER_TABLE_HOLDER *add_table(
-    ha_spider *spider_arg
-  );
-  bool all_query_fields_are_query_table_members();
-  int create_table_holder(
+  SPIDER_TABLE_HOLDER *find_table(Field *field);
+  void set_table_holder(
+    SPIDER_TABLE_HOLDER *table_holder_arg,
     uint table_count_arg
   );
-  void set_pos_to_first_table_holder();
-  SPIDER_TABLE_HOLDER *get_next_table_holder();
+  SPIDER_TABLE_HOLDER *get_first_table_holder();
   SPIDER_TABLE_HOLDER *get_table_holder(TABLE *table);
   uint get_table_count();
-  int add_field(Field *field_arg);
-  SPIDER_FIELD_HOLDER *create_field_holder();
-  void set_pos_to_first_field_holder();
-  SPIDER_FIELD_HOLDER *get_next_field_holder();
-  SPIDER_FIELD_CHAIN *create_field_chain();
-  void set_pos_to_first_field_chain();
-  SPIDER_FIELD_CHAIN *get_next_field_chain();
   void set_field_ptr(Field **field_arg);
   Field **get_next_field_ptr();
   int ping_table_mon_from_table(
@@ -797,11 +770,6 @@ public:
     TABLE_LIST *table_list,
     uint table_count
   ) = 0;
-  virtual int reappend_tables(
-    spider_fields *fields,
-    SPIDER_LINK_IDX_CHAIN *link_idx_chain,
-    spider_string *str
-  ) = 0;
   virtual int append_where(
     spider_string *str
   ) = 0;
@@ -1530,10 +1498,6 @@ public:
     spider_fields *fields,
     ulong sql_type
   ) = 0;
-  virtual int reappend_tables_part(
-    spider_fields *fields,
-    ulong sql_type
-  ) = 0;
   virtual int append_where_part(
     ulong sql_type
   ) = 0;
@@ -1674,6 +1638,12 @@ static const LEX_CSTRING maturity_name[] =
   { STRING_WITH_LEN("Stable") }
 };
 
+/*
+  Type of singletons based on the type of the remote database.
+
+  All such singletons are stored in the array `spider_dbton', see
+  `spider_db_init()'.
+*/
 typedef struct st_spider_dbton
 {
   uint dbton_id;
diff --git a/storage/spider/spd_db_mysql.cc b/storage/spider/spd_db_mysql.cc
index e0dffe57..c2f0c6b8 100644
--- a/storage/spider/spd_db_mysql.cc
+++ b/storage/spider/spd_db_mysql.cc
@@ -451,7 +451,7 @@ int spider_db_mbase_row::append_escaped_to_str(
   DBUG_ENTER("spider_db_mbase_row::append_escaped_to_str");
   DBUG_PRINT("info",("spider this=%p", this));
   spider_string tmp_str(*row, *lengths + 1, str->charset());
-  tmp_str.init_calc_mem(133);
+  tmp_str.init_calc_mem(SPD_MID_DB_MBASE_ROW_APPEND_ESCAPED_TO_STR_1);
   tmp_str.length(*lengths);
   if (str->reserve(*lengths * 2 + 2))
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
@@ -544,7 +544,7 @@ SPIDER_DB_ROW *spider_db_mbase_row::clone()
     row_size = record_size + field_count;
   }
   if (!spider_bulk_malloc(
-        spider_current_trx, 29, MYF(MY_WME),
+        spider_current_trx,  SPD_MID_DB_MBASE_ROW_CLONE_1, MYF(MY_WME),
         &clone_row->row, (uint) (sizeof(char*) * (field_count + 1)),
         &tmp_char, (uint) (row_size),
         &clone_row->lengths, (uint) (sizeof(ulong) * field_count),
@@ -774,9 +774,9 @@ SPIDER_DB_ROW *spider_db_mbase_result::fetch_row_from_tmp_table(
   uint field_count;
   DBUG_ENTER("spider_db_mbase_result::fetch_row_from_tmp_table");
   DBUG_PRINT("info",("spider this=%p", this));
-  tmp_str1.init_calc_mem(117);
-  tmp_str2.init_calc_mem(118);
-  tmp_str3.init_calc_mem(170);
+  tmp_str1.init_calc_mem(SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_1);
+  tmp_str2.init_calc_mem(SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_2);
+  tmp_str3.init_calc_mem(SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_3);
   tmp_table->field[0]->val_str(tmp_str1.get_str());
   tmp_table->field[1]->val_str(tmp_str2.get_str());
   tmp_table->field[2]->val_str(tmp_str3.get_str());
@@ -1529,10 +1529,13 @@ int spider_db_mbase_result::fetch_index_for_discover_table_structure(
     }
     DBUG_RETURN(0);
   }
-  if (num_fields() != 13)
+  if (num_fields() < 13)
   {
-    DBUG_PRINT("info",("spider num_fields != 13"));
-    my_printf_error(ER_SPIDER_UNKNOWN_NUM, ER_SPIDER_UNKNOWN_STR, MYF(0));
+    DBUG_PRINT("info",("spider num_fields < 13"));
+    my_printf_error(ER_SPIDER_CANT_NUM, ER_SPIDER_CANT_STR1, MYF(0),
+                    "fetch index for table structure discovery because of "
+                    "wrong number of columns in SHOW INDEX FROM output: ",
+                    num_fields());
     DBUG_RETURN(ER_SPIDER_UNKNOWN_NUM);
   }
   bool first = TRUE;
@@ -1826,7 +1829,7 @@ int spider_db_mbase::init()
   ) {
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
   }
-  spider_alloc_calc_mem_init(lock_table_hash, 140);
+  spider_alloc_calc_mem_init(lock_table_hash, SPD_MID_DB_MBASE_INIT_1);
   spider_alloc_calc_mem(spider_current_trx,
     lock_table_hash,
     lock_table_hash.array.max_element *
@@ -1929,7 +1932,7 @@ int spider_db_mbase::connect(
 
     if (!spider_param_same_server_link(thd))
     {
-      if (!strcmp(tgt_host, my_localhost))
+      if (!strcmp(tgt_host, my_localhost) || !tgt_host || !tgt_host[0])
       {
         if (!strcmp(tgt_socket, *spd_mysqld_unix_port))
         {
@@ -1939,7 +1942,7 @@ int spider_db_mbase::connect(
           DBUG_RETURN(ER_SPIDER_SAME_SERVER_LINK_NUM);
         }
       } else if (!strcmp(tgt_host, "127.0.0.1") ||
-        !strcmp(tgt_host, glob_hostname))
+        !strcmp(tgt_host, glob_hostname) || !tgt_host || !tgt_host[0])
       {
         if (tgt_port == (long) *spd_mysqld_port)
         {
@@ -2066,7 +2069,7 @@ int spider_db_mbase::exec_query(
     const char *tgt_str = conn->tgt_host;
     uint32 tgt_len = conn->tgt_host_length;
     spider_string tmp_query_str;
-    tmp_query_str.init_calc_mem(230);
+    tmp_query_str.init_calc_mem(SPD_MID_DB_MBASE_EXEC_QUERY_1);
     if (tmp_query_str.reserve(
       length + conn->tgt_wrapper_length +
       tgt_len + (SPIDER_SQL_SPACE_LEN * 2)))
@@ -2096,7 +2099,7 @@ int spider_db_mbase::exec_query(
       struct tm lt;
       struct tm *l_time = localtime_r(&cur_time, &lt);
       spider_string tmp_query_str;
-      tmp_query_str.init_calc_mem(243);
+      tmp_query_str.init_calc_mem(SPD_MID_DB_MBASE_EXEC_QUERY_2);
       uint query_length = thd->query_length();
       if ((log_result_error_with_sql & 2) && query_length)
       {
@@ -2640,7 +2643,7 @@ int spider_db_mbase::xa_end(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::xa_end");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(108);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_XA_END_1);
 
   sql_str.length(0);
   sql_str.q_append(SPIDER_SQL_XA_END_STR, SPIDER_SQL_XA_END_LEN);
@@ -2683,7 +2686,7 @@ int spider_db_mbase::xa_prepare(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::xa_prepare");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(109);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_XA_PREPARE_1);
 
   sql_str.length(0);
   sql_str.q_append(SPIDER_SQL_XA_PREPARE_STR, SPIDER_SQL_XA_PREPARE_LEN);
@@ -2726,7 +2729,7 @@ int spider_db_mbase::xa_commit(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::xa_commit");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(110);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_XA_COMMIT_1);
 
   sql_str.length(0);
   sql_str.q_append(SPIDER_SQL_XA_COMMIT_STR, SPIDER_SQL_XA_COMMIT_LEN);
@@ -2769,7 +2772,7 @@ int spider_db_mbase::xa_rollback(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::xa_rollback");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(111);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_XA_ROLLBACK_1);
 
   sql_str.length(0);
   sql_str.q_append(SPIDER_SQL_XA_ROLLBACK_STR, SPIDER_SQL_XA_ROLLBACK_LEN);
@@ -3106,7 +3109,7 @@ int spider_db_mbase::set_wait_timeout(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::set_wait_timeout");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(264);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_SET_WAIT_TIMEOUT_1);
   sql_str.length(0);
   timeout_str_length =
     my_sprintf(timeout_str, (timeout_str, "%d", wait_timeout));
@@ -3160,7 +3163,7 @@ int spider_db_mbase::set_sql_mode(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::set_sql_mode");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(265);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_SET_SQL_MODE_1);
   sql_str.length(0);
   if (sql_str.reserve(SPIDER_SQL_SQL_MODE_LEN))
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
@@ -3225,7 +3228,7 @@ int spider_db_mbase::set_time_zone(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::set_time_zone");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(214);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_SET_TIME_ZONE_1);
   sql_str.length(0);
   if (sql_str.reserve(SPIDER_SQL_TIME_ZONE_LEN +
     tz_str->length() + SPIDER_SQL_VALUE_QUOTE_LEN))
@@ -3278,7 +3281,7 @@ int spider_db_mbase::set_loop_check(
   spider_string sql_str(sql_buf, sizeof(sql_buf), &my_charset_bin);
   DBUG_ENTER("spider_db_mbase::set_loop_check");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(270);
+  sql_str.init_calc_mem(SPD_MID_DB_MBASE_SET_LOOP_CHECK_1);
   while ((lcptr = (SPIDER_CONN_LOOP_CHECK *) my_hash_element(
     &conn->loop_check_queue, 0)))
   {
@@ -3960,7 +3963,7 @@ int spider_db_mariadb_util::append_column_value(ha_spider *spider,
   THD *thd = field->table->in_use;
   Time_zone *saved_time_zone = thd->variables.time_zone;
   DBUG_ENTER("spider_db_mariadb_util::append_column_value");
-  tmp_str.init_calc_mem(113);
+  tmp_str.init_calc_mem(SPD_MID_DB_MARIADB_UTIL_APPEND_COLUMN_VALUE_1);
 
   thd->variables.time_zone = UTC;
 
@@ -4036,7 +4039,7 @@ int spider_db_mariadb_util::append_column_value(ha_spider *spider,
       DBUG_PRINT("info", ("spider append_escaped"));
       char buf2[MAX_FIELD_WIDTH];
       spider_string tmp_str2(buf2, MAX_FIELD_WIDTH, field->charset());
-      tmp_str2.init_calc_mem(114);
+      tmp_str2.init_calc_mem(SPD_MID_DB_MARIADB_UTIL_APPEND_COLUMN_VALUE_2);
       tmp_str2.length(0);
       if (
         tmp_str2.append(ptr->ptr(), ptr->length(), field->charset()) ||
@@ -4104,7 +4107,7 @@ int spider_db_mysql_util::append_column_value(
   THD *thd = field->table->in_use;
   Time_zone *saved_time_zone = thd->variables.time_zone;
   DBUG_ENTER("spider_db_mysql_util::append_column_value");
-  tmp_str.init_calc_mem(266);
+  tmp_str.init_calc_mem(SPD_MID_DB_MYSQL_UTIL_APPEND_COLUMN_VALUE_1);
 
   thd->variables.time_zone = UTC;
 
@@ -4255,7 +4258,7 @@ int spider_db_mysql_util::append_column_value(
       DBUG_PRINT("info", ("spider append_escaped"));
       char buf2[MAX_FIELD_WIDTH];
       spider_string tmp_str2(buf2, MAX_FIELD_WIDTH, field->charset());
-      tmp_str2.init_calc_mem(267);
+      tmp_str2.init_calc_mem(SPD_MID_DB_MYSQL_UTIL_APPEND_COLUMN_VALUE_2);
       tmp_str2.length(0);
       if (
         tmp_str2.append(ptr->ptr(), ptr->length(), field->charset()) ||
@@ -5828,12 +5831,17 @@ int spider_db_mbase_util::print_item_func(
           item_count -= 2;
           break;
         }
-      } else if (func_name_length == 6 &&
-        !strncasecmp("istrue", func_name, func_name_length)
-      ) {
-        last_str = SPIDER_SQL_IS_TRUE_STR;
-        last_str_length = SPIDER_SQL_IS_TRUE_LEN;
-        break;
+      } else if (func_name_length == 6)
+      {
+        if (!strncasecmp("istrue", func_name, func_name_length))
+        {
+          last_str= SPIDER_SQL_IS_TRUE_STR;
+          last_str_length= SPIDER_SQL_IS_TRUE_LEN;
+          break;
+        }
+        else if (!strncasecmp("regexp", func_name, func_name_length))
+          /* Keep the infix expression */
+          break;
       } else if (func_name_length == 7)
       {
         if (!strncasecmp("isfalse", func_name, func_name_length))
@@ -6093,7 +6101,7 @@ int spider_db_mbase_util::print_item_func(
           char *tmp_ptr, *tmp_ptr2;
           DBUG_ASSERT(tmp_str.length() == 0);
           tmp_str.set_charset(str->charset());
-          tmp_str.init_calc_mem(123);
+          tmp_str.init_calc_mem(SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_1);
           tmp_str.reserve(MAX_FIELD_WIDTH);
           str->length(str->length() - SPIDER_SQL_OPEN_PAREN_LEN);
           if (!merge_func)
@@ -6218,7 +6226,7 @@ int spider_db_mbase_util::print_item_func(
           char *tmp_ptr, *tmp_ptr2;
           DBUG_ASSERT(tmp_str.length() == 0);
           tmp_str.set_charset(str->charset());
-          tmp_str.init_calc_mem(124);
+          tmp_str.init_calc_mem(SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_2);
           tmp_str.reserve(MAX_FIELD_WIDTH);
           str->length(str->length() - SPIDER_SQL_OPEN_PAREN_LEN);
           if (!merge_func)
@@ -6355,7 +6363,7 @@ int spider_db_mbase_util::print_item_func(
         char *tmp_ptr, *tmp_ptr2;
         DBUG_ASSERT(tmp_str.length() == 0);
         tmp_str.set_charset(str->charset());
-        tmp_str.init_calc_mem(125);
+        tmp_str.init_calc_mem(SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_3);
         tmp_str.reserve(MAX_FIELD_WIDTH);
         str->length(str->length() - SPIDER_SQL_OPEN_PAREN_LEN);
         if (!merge_func)
@@ -6803,440 +6811,250 @@ int spider_db_mbase_util::append_escaped_util(
   DBUG_RETURN(0);
 }
 
-int spider_db_mbase_util::append_table(
-  ha_spider *spider,
-  spider_fields *fields,
-  spider_string *str,
-  TABLE_LIST *table_list,
-  TABLE_LIST **used_table_list,
-  uint *current_pos,
-  TABLE_LIST **cond_table_list_ptr,
-  bool top_down,
-  bool first
-) {
-  int error_num;
-  bool use_cond_table_list = FALSE;
-  spider_mbase_share *db_share;
-  spider_mbase_handler *dbton_hdl;
-  SPIDER_TABLE_HOLDER *table_holder;
-  TABLE_LIST *cond_table_list = *cond_table_list_ptr;
-  ha_spider *spd;
-  DBUG_ENTER("spider_db_mbase_util::append_table");
-  DBUG_PRINT("info",("spider table_list=%p", table_list));
-  DBUG_PRINT("info",("spider table_list->outer_join=%u",
-    table_list->outer_join));
-  DBUG_PRINT("info",("spider table_list->on_expr=%p",
-    table_list->on_expr));
-  DBUG_PRINT("info",("spider table_list->join_using_fields=%p",
-    table_list->join_using_fields));
-  DBUG_PRINT("info",("spider table_list->table=%p",
-    table_list->table));
-  if (!top_down && table_list->embedding)
-  {
-    if ((error_num = append_embedding_tables(spider, fields, str,
-      table_list->embedding, used_table_list, current_pos,
-      cond_table_list_ptr)))
+/*
+  Walk a TABLE_LIST, or format it to a string and append it.
+
+  If str is NULL, walk the nested join (if any) to determine whether
+  to create a group by handler. Otherwise, format the TABLE_LIST to a
+  string and append it to str.
+
+  Adapted from TABLE_LIST::print().
+*/
+int spider_db_mbase_util::append_table_list(spider_fields *fields,
+                                            spider_string *str,
+                                            TABLE_LIST *table,
+                                            table_map *upper_usable_tables,
+                                            table_map eliminated_tables)
+{
+  DBUG_ENTER("spider_db_mbase_util::append_table_list");
+  /* Eliminated tables were removed from append_join(). */
+  DBUG_ASSERT(!is_eliminated_table(eliminated_tables, table));
+  if (!str)                     /* First pass (GBH creation) */
+  {
+    DBUG_ASSERT(upper_usable_tables);
+    if (table->nested_join)
+      DBUG_RETURN(append_join(fields, str,
+                              &table->nested_join->join_list,
+                              upper_usable_tables, eliminated_tables));
+    /* jtbm is a kind of semi join, and TABLE_LIST::print() adds an
+    extra " <materialize> " annotation. */
+    if (table->jtbm_subselect)
+      DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
+    /* TODO: These conditions are printed in a different way in
+    TABLE_LIST::print(), but they do not seem to occur very often.
+    Let's not worry about them now. */
+    if (table->view_name.str || table->derived || table->table_function)
+      DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
+    *upper_usable_tables |= table->table->map;
+    DBUG_RETURN(0);
+  }
+  /* Second pass (query execution) */
+  DBUG_ASSERT(!upper_usable_tables);
+  if (table->nested_join)
+  {
+    if (str->append("("))
+      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+    if (int error_num= append_join(
+          fields, str, &table->nested_join->join_list,
+          upper_usable_tables, eliminated_tables))
       DBUG_RETURN(error_num);
-  } else if (!table_list->table)
+    if (str->append(")"))
+      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+    DBUG_RETURN(0);
+  }
+  /* These have been ruled out during the creation of the group by
+  handler, see above. */
+  DBUG_ASSERT(!table->jtbm_subselect);
+  DBUG_ASSERT(!table->view_name.str);
+  DBUG_ASSERT(!table->derived);
+  DBUG_ASSERT(!table->table_function);
+  /* We have a "normal" table. Print it and append to str. */
+  SPIDER_TABLE_HOLDER *table_holder = fields->get_table_holder(table->table);
+  ha_spider *spd = table_holder->spider;
+  spider_mbase_share *db_share =
+    (spider_mbase_share *) spd->share->dbton_share[dbton_id];
+  spider_mbase_handler *dbton_hdl =
+    (spider_mbase_handler *) spd->dbton_handler[dbton_id];
+  if (table->table->const_table)
   {
-    if ((error_num = append_tables_top_down(spider, fields, str, table_list,
-      used_table_list, current_pos, cond_table_list_ptr)))
+    if (str->append(STRING_WITH_LEN("(select 1)")))
+      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+  }
+  else
+    if (int error_num= db_share->append_table_name(
+          str, spd->conn_link_idx[dbton_hdl->first_link_idx]))
       DBUG_RETURN(error_num);
-  } else {
-    if (
-      table_list->outer_join ||
-      table_list->on_expr ||
-      table_list->join_using_fields
-    ) {
-      DBUG_PRINT("info",("spider use table_list"));
-      if (table_list->outer_join & JOIN_TYPE_LEFT)
-      {
-        if (str)
-        {
-          if (str->reserve(SPIDER_SQL_LEFT_JOIN_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(SPIDER_SQL_LEFT_JOIN_STR, SPIDER_SQL_LEFT_JOIN_LEN);
-        }
-      } else {
-        if (str)
-        {
-          if (str->reserve(SPIDER_SQL_JOIN_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(SPIDER_SQL_JOIN_STR, SPIDER_SQL_JOIN_LEN);
-        }
-      }
-    } else if (
-      cond_table_list &&
-      (
-        cond_table_list->outer_join ||
-        cond_table_list->on_expr ||
-        cond_table_list->join_using_fields
-      )
-    ) {
-      DBUG_PRINT("info",("spider use cond_table_list"));
-      if (cond_table_list->outer_join & (JOIN_TYPE_LEFT | JOIN_TYPE_RIGHT))
-      {
-        if (str)
-        {
-          if (str->reserve(SPIDER_SQL_LEFT_JOIN_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(SPIDER_SQL_LEFT_JOIN_STR, SPIDER_SQL_LEFT_JOIN_LEN);
-        }
-      } else {
-        if (str)
-        {
-          if (str->reserve(SPIDER_SQL_JOIN_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(SPIDER_SQL_JOIN_STR, SPIDER_SQL_JOIN_LEN);
-        }
-      }
-      use_cond_table_list = TRUE;
-    } else if (*current_pos > 0 && !first)
-    {
-      DBUG_PRINT("info",("spider no condition"));
-      if (str)
-      {
-        if (str->reserve(SPIDER_SQL_JOIN_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_JOIN_STR, SPIDER_SQL_JOIN_LEN);
-      }
-    }
-
-    if (str)
-    {
-      table_holder = fields->get_table_holder(table_list->table);
-      spd = table_holder->spider;
-      db_share = (spider_mbase_share *)
-        spd->share->dbton_share[dbton_id];
-      dbton_hdl = (spider_mbase_handler *)
-        spd->dbton_handler[dbton_id];
+  if (str->append(" ") ||
+      str->append(table_holder->alias->ptr(),
+                  /* Don't append the trailing dot */
+                  table_holder->alias->length() - 1))
+    DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+  DBUG_RETURN(0);
+}
 
-      dbton_hdl->table_name_pos = str->length();
+/*
+  Walk an array of TABLE_LIST's, or format it to a string and append it.
 
-      if (str->reserve(
-        db_share->db_nm_max_length +
-        SPIDER_SQL_DOT_LEN + /* SPIDER_SQL_NAME_QUOTE_LEN */ 4 +
-        db_share->table_nm_max_length + SPIDER_SQL_SPACE_LEN +
-        table_holder->alias->length() - SPIDER_SQL_DOT_LEN
-      )) {
-        DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-      }
+  If str is NULL, walk each TABLE_LIST to determine whether to create
+  a group by handler. Otherwise, format the TABLE_LISTs to a string
+  and append it to str.
 
-      if ((error_num = db_share->append_table_name_with_adjusting(str,
-        spd->conn_link_idx[dbton_hdl->first_link_idx])))
-      {
-        DBUG_RETURN(error_num);
-      }
-      str->q_append(SPIDER_SQL_SPACE_STR, SPIDER_SQL_SPACE_LEN);
-      str->q_append(table_holder->alias->ptr(),
-        table_holder->alias->length() - SPIDER_SQL_DOT_LEN);
-    }
-    used_table_list[(*current_pos)++] = table_list;
+  Adapted from print_table_array().
+*/
+int spider_db_mbase_util::append_table_array(spider_fields *fields,
+                                             spider_string *str,
+                                             TABLE_LIST **table,
+                                             TABLE_LIST **end,
+                                             table_map *upper_usable_tables,
+                                             table_map eliminated_tables)
+{
+  DBUG_ENTER("spider_db_mbase_util::append_table_array");
+  if (str)
+  {
+    DBUG_ASSERT(!upper_usable_tables);
+    if (int error_num= append_table_list(fields, str, *table, NULL,
+                                         eliminated_tables))
+      DBUG_RETURN(error_num);
 
-    if (str)
+    for (TABLE_LIST **tbl= table + 1; tbl < end; tbl++)
     {
-      List<String> *join_using_fields = table_list->join_using_fields;
-      if (!join_using_fields && cond_table_list)
-      {
-        join_using_fields = cond_table_list->join_using_fields;
-      }
+      TABLE_LIST *curr= *tbl;
 
-      if (join_using_fields)
+      /* JOIN_TYPE_OUTER is just a marker unrelated to real join */
+      if (curr->outer_join & (JOIN_TYPE_LEFT|JOIN_TYPE_RIGHT))
       {
-        if (str->reserve(SPIDER_SQL_USING_LEN + SPIDER_SQL_OPEN_PAREN_LEN))
-        {
+        /* MySQL converts right to left joins */
+        if (str->append(STRING_WITH_LEN(" left join ")))
           DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_USING_STR, SPIDER_SQL_USING_LEN);
-        str->q_append(SPIDER_SQL_OPEN_PAREN_STR,
-          SPIDER_SQL_OPEN_PAREN_LEN);
-        List_iterator_fast<String> it2(*join_using_fields);
-        String *ptr;
-        while ((ptr = it2++))
-        {
-          if (str->reserve(ptr->length() + SPIDER_SQL_COMMA_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(ptr->ptr(), ptr->length());
-          str->q_append(SPIDER_SQL_COMMA_STR, SPIDER_SQL_COMMA_LEN);
-        }
-        str->length(str->length() - SPIDER_SQL_COMMA_LEN);
-        if (str->reserve(SPIDER_SQL_CLOSE_PAREN_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_CLOSE_PAREN_STR,
-          SPIDER_SQL_CLOSE_PAREN_LEN);
       }
-    }
-
-    Item *on_expr = table_list->on_expr;
-    if (!on_expr && cond_table_list)
-    {
-      on_expr = cond_table_list->on_expr;
-    }
-
-    if (on_expr)
-    {
-      if (str)
+      else if (curr->straight)
       {
-        if (str->reserve(SPIDER_SQL_ON_LEN))
-        {
+        if (str->append(STRING_WITH_LEN(" straight_join ")))
           DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_ON_STR, SPIDER_SQL_ON_LEN);
       }
-      if ((error_num = spider_db_print_item_type(on_expr, NULL,
-        spider, str, NULL, 0, dbton_id, TRUE, fields)))
-      {
-        DBUG_RETURN(error_num);
-      }
-    }
+      /* semi join should already have been ruled out during the
+      creation of the group by handler. */
+      else if (curr->sj_inner_tables)
+        DBUG_ASSERT(0);
+      else
+        if (str->append(STRING_WITH_LEN(" join ")))
+          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
 
-    if (use_cond_table_list)
-    {
-      (*cond_table_list_ptr) = NULL;
-      DBUG_PRINT("info",("spider cond_table_list=%p", (*cond_table_list_ptr)));
-    }
-  }
-  DBUG_RETURN(0);
-}
+      if (int error_num= append_table_list(fields, str, curr, NULL,
+                                           eliminated_tables))
+        DBUG_RETURN(error_num);
 
-int spider_db_mbase_util::append_tables_top_down(
-  ha_spider *spider,
-  spider_fields *fields,
-  spider_string *str,
-  TABLE_LIST *table_list,
-  TABLE_LIST **used_table_list,
-  uint *current_pos,
-  TABLE_LIST **cond_table_list_ptr
-) {
-  int error_num;
-  uint outer_join_backup;
-  TABLE_LIST *cur_table_list, *prev_table_list = NULL, *cond_table_list = NULL;
-  bool first = TRUE;
-  DBUG_ENTER("spider_db_mbase_util::append_tables_top_down");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (
-    table_list->outer_join ||
-    table_list->on_expr ||
-    table_list->join_using_fields
-  ) {
-    DBUG_ASSERT(!(*cond_table_list_ptr));
-    (*cond_table_list_ptr) = table_list;
-    DBUG_PRINT("info",("spider cond_table_list=%p", table_list));
-  }
-  List_iterator_fast<TABLE_LIST> it1(table_list->nested_join->join_list);
-  cur_table_list = it1++;
-  if (cur_table_list->outer_join & JOIN_TYPE_RIGHT)
-  {
-    first = FALSE;
-    prev_table_list = cur_table_list;
-    cur_table_list = it1++;
-  } else if (*cond_table_list_ptr)
-  {
-    first = TRUE;
-    cond_table_list = (*cond_table_list_ptr);
-    (*cond_table_list_ptr) = NULL;
-    if (cond_table_list->outer_join & JOIN_TYPE_LEFT)
-    {
-      if (str)
+      if (curr->on_expr)
       {
-        if (str->reserve(SPIDER_SQL_LEFT_JOIN_LEN + SPIDER_SQL_OPEN_PAREN_LEN))
-        {
+        if (str->append(STRING_WITH_LEN(" on ")))
           DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_LEFT_JOIN_STR, SPIDER_SQL_LEFT_JOIN_LEN);
-        str->q_append(SPIDER_SQL_OPEN_PAREN_STR, SPIDER_SQL_OPEN_PAREN_LEN);
-      }
-    } else {
-      if (str)
-      {
-        if (str->reserve(SPIDER_SQL_JOIN_LEN + SPIDER_SQL_OPEN_PAREN_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_JOIN_STR, SPIDER_SQL_JOIN_LEN);
-        str->q_append(SPIDER_SQL_OPEN_PAREN_STR, SPIDER_SQL_OPEN_PAREN_LEN);
+        if (int error_num=
+            spider_db_print_item_type(curr->on_expr, NULL,
+                                      fields->get_first_table_holder()->spider,
+                                      str, NULL, 0, dbton_id, TRUE, fields))
+          DBUG_RETURN(error_num);
       }
     }
   }
-
-  do {
-    if (cur_table_list->outer_join & JOIN_TYPE_RIGHT)
+  else                        /* str == NULL */
+  {
+    table_map usable_tables= 0;
+    if (int error_num= append_table_list(fields, str, *table,
+                                         &usable_tables, eliminated_tables))
+      DBUG_RETURN(error_num);
+    for (TABLE_LIST **tbl= table + 1; tbl < end; tbl++)
     {
-      prev_table_list = cur_table_list;
-    } else {
-      if ((error_num = append_table(spider, fields, str, cur_table_list,
-        used_table_list, current_pos, cond_table_list_ptr, TRUE, first)))
+      TABLE_LIST *curr= *tbl;
+      /* semi join is an "internal" join and is unsupported. */
+      if (curr->sj_inner_tables)
+        DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
+      if (int error_num= append_table_list(fields, str, curr,
+                                           &usable_tables, eliminated_tables))
         DBUG_RETURN(error_num);
-      first = FALSE;
-      if (prev_table_list)
+      if (curr->on_expr)
       {
-        outer_join_backup = prev_table_list->outer_join;
-        prev_table_list->outer_join = JOIN_TYPE_LEFT;
-        if ((error_num = append_table(spider, fields, str, prev_table_list,
-          used_table_list, current_pos, cond_table_list_ptr, TRUE, FALSE)))
-        {
-          prev_table_list->outer_join = outer_join_backup;
+        /* The join refers to fields outside of the current context,
+        and cannot be handled by a group by handler. */
+        if ((curr->on_expr->used_tables() & usable_tables) !=
+            curr->on_expr->used_tables())
+          DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
+        if (int error_num=
+            spider_db_print_item_type(curr->on_expr, NULL,
+                                      fields->get_first_table_holder()->spider,
+                                      str, NULL, 0, dbton_id, TRUE, fields))
           DBUG_RETURN(error_num);
-        }
-        prev_table_list->outer_join = outer_join_backup;
-        prev_table_list = NULL;
-      }
-    }
-  } while ((cur_table_list = it1++));
-
-  if (cond_table_list)
-  {
-    if (str)
-    {
-      if (str->reserve(SPIDER_SQL_CLOSE_PAREN_LEN))
-      {
-        DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-      }
-      str->q_append(SPIDER_SQL_CLOSE_PAREN_STR,
-        SPIDER_SQL_CLOSE_PAREN_LEN);
-
-      List<String> *join_using_fields = cond_table_list->join_using_fields;
-      if (join_using_fields)
-      {
-        if (str->reserve(SPIDER_SQL_USING_LEN + SPIDER_SQL_OPEN_PAREN_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_USING_STR, SPIDER_SQL_USING_LEN);
-        str->q_append(SPIDER_SQL_OPEN_PAREN_STR,
-          SPIDER_SQL_OPEN_PAREN_LEN);
-        List_iterator_fast<String> it2(*join_using_fields);
-        String *ptr;
-        while ((ptr = it2++))
-        {
-          if (str->reserve(ptr->length() + SPIDER_SQL_COMMA_LEN))
-          {
-            DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-          }
-          str->q_append(ptr->ptr(), ptr->length());
-          str->q_append(SPIDER_SQL_COMMA_STR, SPIDER_SQL_COMMA_LEN);
-        }
-        str->length(str->length() - SPIDER_SQL_COMMA_LEN);
-        if (str->reserve(SPIDER_SQL_CLOSE_PAREN_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_CLOSE_PAREN_STR,
-          SPIDER_SQL_CLOSE_PAREN_LEN);
-      }
-    }
-
-    Item *on_expr = cond_table_list->on_expr;
-    if (on_expr)
-    {
-      if (str)
-      {
-        if (str->reserve(SPIDER_SQL_ON_LEN))
-        {
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        }
-        str->q_append(SPIDER_SQL_ON_STR, SPIDER_SQL_ON_LEN);
-      }
-      if ((error_num = spider_db_print_item_type(on_expr, NULL,
-        spider, str, NULL, 0, dbton_id, TRUE, fields)))
-      {
-        DBUG_RETURN(error_num);
       }
     }
+    /* Update usable tables in the outer context. */
+    if (upper_usable_tables)
+      *upper_usable_tables |= usable_tables;
   }
   DBUG_RETURN(0);
 }
 
-int spider_db_mbase_util::append_tables_top_down_check(
-  TABLE_LIST *table_list,
-  TABLE_LIST **used_table_list,
-  uint *current_pos
-) {
-  int error_num;
-  TABLE_LIST *cur_table_list;
-  DBUG_ENTER("spider_db_mbase_util::append_tables_top_down_check");
-  DBUG_PRINT("info",("spider this=%p", this));
-  List_iterator_fast<TABLE_LIST> it1(table_list->nested_join->join_list);
-  while ((cur_table_list = it1++))
+/*
+  Walk a join, or format it to a string and append the string.
+
+  Skip all eliminated tables.
+
+  If str is NULL, walk the tables to determine whether to create a
+  group by handler. Otherwise, format the join to a string and append
+  it to str.
+
+  Adapted from print_join().
+*/
+int spider_db_mbase_util::append_join(spider_fields *fields,
+                                      spider_string *str,
+                                      List<TABLE_LIST> *tables,
+                                      table_map *upper_usable_tables,
+                                      table_map eliminated_tables)
+{
+  /* List is reversed => we should reverse it before using */
+  List_iterator_fast<TABLE_LIST> ti(*tables);
+  TABLE_LIST **table;
+  THD *thd= fields->get_first_table_holder()->spider->wide_handler->trx->thd;
+  DBUG_ENTER("spider_db_mbase_util::append_join");
+
+  size_t tables_to_print= 0;
+
+  for (TABLE_LIST *t= ti++; t ; t= ti++)
   {
-    if (!cur_table_list->table)
-    {
-      if ((error_num = append_tables_top_down_check(
-        cur_table_list, used_table_list, current_pos)))
-        DBUG_RETURN(error_num);
-    } else {
-      used_table_list[(*current_pos)++] = cur_table_list;
-    }
+    /* optimized_away implies const_table */
+    DBUG_ASSERT(!t->optimized_away || t->table->const_table);
+    if (!is_eliminated_table(eliminated_tables, t))
+      tables_to_print++;
   }
-  DBUG_RETURN(0);
-}
+  if (tables_to_print == 0)
+  {
+    if (str && str->append(STRING_WITH_LEN("dual")))
+      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+    DBUG_RETURN(0);
+  }
+  ti.rewind();
 
-int spider_db_mbase_util::append_embedding_tables(
-  ha_spider *spider,
-  spider_fields *fields,
-  spider_string *str,
-  TABLE_LIST *table_list,
-  TABLE_LIST **used_table_list,
-  uint *current_pos,
-  TABLE_LIST **cond_table_list_ptr
-) {
-  int error_num;
-  TABLE_LIST *embedding = table_list->embedding;
-  DBUG_ENTER("spider_db_mbase_util::append_embedding_tables");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (embedding)
-  {
-    DBUG_PRINT("info",("spider embedding=%p", embedding));
-    DBUG_PRINT("info",("spider embedding->outer_join=%u",
-      embedding->outer_join));
-    DBUG_PRINT("info",("spider embedding->on_expr=%p",
-      embedding->on_expr));
-    DBUG_PRINT("info",("spider embedding->join_using_fields=%p",
-      embedding->join_using_fields));
-    DBUG_PRINT("info",("spider embedding->table=%p",
-      embedding->table));
-    if ((error_num = append_embedding_tables(spider, fields, str, embedding,
-      used_table_list, current_pos, cond_table_list_ptr)))
-      DBUG_RETURN(error_num);
-  } else {
-    DBUG_PRINT("info",("spider table_list=%p", table_list));
-    DBUG_PRINT("info",("spider table_list->outer_join=%u",
-      table_list->outer_join));
-    DBUG_PRINT("info",("spider table_list->on_expr=%p",
-      table_list->on_expr));
-    DBUG_PRINT("info",("spider table_list->join_using_fields=%p",
-      table_list->join_using_fields));
-    DBUG_PRINT("info",("spider table_list->table=%p",
-      table_list->table));
-    if (table_list->outer_join & JOIN_TYPE_RIGHT)
-    {
-      if ((error_num = append_tables_top_down_check(table_list,
-        used_table_list, current_pos)))
-        DBUG_RETURN(error_num);
-      DBUG_ASSERT(!(*cond_table_list_ptr));
-      (*cond_table_list_ptr) = table_list;
-      DBUG_PRINT("info",("spider cond_table_list=%p", table_list));
-    } else {
-      if ((error_num = append_tables_top_down(spider, fields, str, table_list,
-        used_table_list, current_pos, cond_table_list_ptr)))
-        DBUG_RETURN(error_num);
-    }
+  if (!(table= static_cast<TABLE_LIST **>(thd->alloc(sizeof(TABLE_LIST*) *
+                                                     tables_to_print))))
+    DBUG_RETURN(HA_ERR_OUT_OF_MEM);
+
+  TABLE_LIST *tmp, **t= table + (tables_to_print - 1);
+  while ((tmp= ti++))
+    if (!is_eliminated_table(eliminated_tables, tmp))
+      *t--= tmp;
+
+  DBUG_ASSERT(tables->elements >= 1);
+  if ((*table)->sj_inner_tables)
+  {
+    /* Semi join is not supported. */
+    if (!str)
+      DBUG_RETURN(ER_SPIDER_COND_SKIP_NUM);
+    /* Semi join should have been skipped in the first pass. */
+    else
+      DBUG_ASSERT(0);
   }
-  DBUG_RETURN(0);
+  int error_num= append_table_array(
+    fields, str, table, table + tables_to_print, upper_usable_tables,
+    eliminated_tables);
+  DBUG_RETURN(error_num);
 }
 
 int spider_db_mbase_util::append_from_and_tables(
@@ -7245,116 +7063,17 @@ int spider_db_mbase_util::append_from_and_tables(
   spider_string *str,
   TABLE_LIST *table_list,
   uint table_count
-) {
-  int error_num;
-  uint current_pos = 0, roop_count, backup_pos, outer_join_backup;
-  TABLE *table;
-  TABLE_LIST **used_table_list, *prev_table_list = NULL,
-    *cond_table_list = NULL;
+)
+{
   DBUG_ENTER("spider_db_mbase_util::append_from_and_tables");
-  DBUG_PRINT("info",("spider this=%p", this));
-  used_table_list = (TABLE_LIST **)
-    my_alloca(sizeof(TABLE_LIST *) * table_count);
-  if (!used_table_list)
+  if (str && str->append(" from "))
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-
-  if (str)
-  {
-    if (str->reserve(SPIDER_SQL_FROM_LEN))
-    {
-      my_afree(used_table_list);
-      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-    }
-    str->q_append(SPIDER_SQL_FROM_STR, SPIDER_SQL_FROM_LEN);
-  }
-
-  do {
-    table = table_list->table;
-    if (table->const_table)
-      continue;
-
-    for (roop_count = 0; roop_count < current_pos; ++roop_count)
-    {
-      if (used_table_list[roop_count] == table_list)
-        break;
-    }
-    if (roop_count < current_pos)
-      continue;
-
-    if (prev_table_list)
-      current_pos = backup_pos;
-    else
-      backup_pos = current_pos;
-    if ((error_num = append_table(spider, fields, str, table_list, used_table_list,
-      &current_pos, &cond_table_list, FALSE, FALSE)))
-    {
-      my_afree(used_table_list);
-      DBUG_RETURN(error_num);
-    }
-    if (prev_table_list)
-    {
-      outer_join_backup = prev_table_list->outer_join;
-      prev_table_list->outer_join = JOIN_TYPE_LEFT;
-      if ((error_num = append_table(spider, fields, str, prev_table_list,
-        used_table_list, &current_pos, &cond_table_list, FALSE, FALSE)))
-      {
-        prev_table_list->outer_join = outer_join_backup;
-        my_afree(used_table_list);
-        DBUG_RETURN(error_num);
-      }
-      prev_table_list->outer_join = outer_join_backup;
-      prev_table_list = NULL;
-    }
-    if (cond_table_list && (cond_table_list->outer_join & JOIN_TYPE_RIGHT))
-    {
-      prev_table_list = cond_table_list;
-      cond_table_list = NULL;
-      DBUG_PRINT("info",("spider cond_table_list=%p", cond_table_list));
-    }
-  } while ((table_list = table_list->next_local));
-  my_afree(used_table_list);
-  DBUG_RETURN(0);
-}
-
-int spider_db_mbase_util::reappend_tables(
-  spider_fields *fields,
-  SPIDER_LINK_IDX_CHAIN *link_idx_chain,
-  spider_string *str
-) {
-  int error_num;
-  uint32 length;
-  ha_spider *spider;
-  spider_mbase_share *db_share;
-  spider_mbase_handler *dbton_hdl;
-  SPIDER_TABLE_HOLDER *table_holder;
-  SPIDER_LINK_IDX_HOLDER *link_idx_holder;
-  DBUG_ENTER("spider_db_mbase_util::reappend_tables");
-  DBUG_PRINT("info",("spider this=%p", this));
-  length = str->length();
-  fields->set_pos_to_first_table_on_link_idx_chain(link_idx_chain);
-  fields->set_pos_to_first_table_holder();
-  while ((table_holder = fields->get_next_table_holder()))
-  {
-    link_idx_holder =
-      fields->get_next_table_on_link_idx_chain(link_idx_chain);
-    spider = table_holder->spider;
-    db_share = (spider_mbase_share *)
-      spider->share->dbton_share[dbton_id];
-    if (!db_share->same_db_table_name)
-    {
-      dbton_hdl = (spider_mbase_handler *) spider->dbton_handler[dbton_id];
-      str->length(dbton_hdl->table_name_pos);
-      if ((error_num = db_share->append_table_name_with_adjusting(str,
-        spider->conn_link_idx[link_idx_holder->link_idx])))
-      {
-        DBUG_RETURN(error_num);
-      }
-    }
-  }
-  str->length(length);
-  DBUG_RETURN(0);
+  const table_map eliminated_tables= table_list->select_lex->join ?
+    table_list->select_lex->join->eliminated_tables : 0;
+  int error_num = append_join(fields, str, table_list->select_lex->join_list,
+                              NULL, eliminated_tables);
+  DBUG_RETURN(error_num);
 }
-
 int spider_db_mbase_util::append_where(
   spider_string *str
 ) {
@@ -7455,7 +7174,7 @@ spider_mbase_share::spider_mbase_share(
 {
   DBUG_ENTER("spider_mbase_share::spider_mbase_share");
   DBUG_PRINT("info",("spider this=%p", this));
-  spider_alloc_calc_mem_init(mem_calc, 71);
+  spider_alloc_calc_mem_init(mem_calc, SPD_MID_MBASE_SHARE_SPIDER_MBASE_SHARE_1);
   spider_alloc_calc_mem(spider_current_trx, mem_calc, sizeof(*this));
   DBUG_VOID_RETURN;
 }
@@ -7529,7 +7248,7 @@ int spider_mbase_share::init()
   DBUG_ENTER("spider_mbase_share::init");
   DBUG_PRINT("info",("spider this=%p", this));
   if (!(key_select_pos = (int *)
-    spider_bulk_alloc_mem(spider_current_trx, 112,
+    spider_bulk_alloc_mem(spider_current_trx, SPD_MID_MBASE_SHARE_INIT_1,
       __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
       &key_select_pos,
         sizeof(int) * keys,
@@ -7547,7 +7266,7 @@ int spider_mbase_share::init()
   }
   for (roop_count = 0; roop_count < keys; roop_count++)
   {
-    key_hint[roop_count].init_calc_mem(189);
+    key_hint[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_INIT_2);
     key_hint[roop_count].set_charset(spider_share->access_charset);
   }
   DBUG_PRINT("info",("spider key_hint=%p", key_hint));
@@ -7571,13 +7290,13 @@ int spider_mbase_share::init()
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
   }
 
-  table_select->init_calc_mem(96);
+  table_select->init_calc_mem(SPD_MID_MBASE_SHARE_INIT_3);
   if (table_share && (error_num = append_table_select()))
     DBUG_RETURN(error_num);
 
   for (roop_count = 0; roop_count < keys; roop_count++)
   {
-    key_select[roop_count].init_calc_mem(97);
+    key_select[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_INIT_4);
     if ((error_num = append_key_select(roop_count)))
       DBUG_RETURN(error_num);
   }
@@ -7728,9 +7447,9 @@ int spider_mbase_share::create_table_names_str()
   for (roop_count = 0; roop_count < (int) spider_share->all_link_count;
     roop_count++)
   {
-    table_names_str[roop_count].init_calc_mem(86);
-    db_names_str[roop_count].init_calc_mem(87);
-    db_table_str[roop_count].init_calc_mem(88);
+    table_names_str[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_1);
+    db_names_str[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_2);
+    db_table_str[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_3);
     if (spider_share->sql_dbton_ids[roop_count] != dbton_id)
       continue;
     if (first_all_link_idx == -1)
@@ -7869,7 +7588,7 @@ int spider_mbase_share::create_column_name_str()
   for (field = table_share->field, str = column_name_str;
    *field; field++, str++)
   {
-    str->init_calc_mem(89);
+    str->init_calc_mem(SPD_MID_MBASE_SHARE_CREATE_COLUMN_NAME_STR_1);
     str->set_charset(spider_share->access_charset);
     if ((error_num = spider_db_append_name_with_quote_str(str,
       (*field)->field_name, dbton_id)))
@@ -7937,8 +7656,8 @@ int spider_mbase_share::append_show_table_status()
   for (roop_count = 0; roop_count < (int) spider_share->all_link_count;
     roop_count++)
   {
-    show_table_status[0 + (2 * roop_count)].init_calc_mem(90);
-    show_table_status[1 + (2 * roop_count)].init_calc_mem(91);
+    show_table_status[0 + (2 * roop_count)].init_calc_mem(SPD_MID_MBASE_SHARE_APPEND_SHOW_TABLE_STATUS_1);
+    show_table_status[1 + (2 * roop_count)].init_calc_mem(SPD_MID_MBASE_SHARE_APPEND_SHOW_TABLE_STATUS_2);
     if (spider_share->sql_dbton_ids[roop_count] != dbton_id)
       continue;
 
@@ -8018,7 +7737,7 @@ int spider_mbase_share::append_show_records()
   for (roop_count = 0; roop_count < (int) spider_share->all_link_count;
     roop_count++)
   {
-    show_records[roop_count].init_calc_mem(92);
+    show_records[roop_count].init_calc_mem(SPD_MID_MBASE_SHARE_APPEND_SHOW_RECORDS_1);
     if (spider_share->sql_dbton_ids[roop_count] != dbton_id)
       continue;
 
@@ -8068,8 +7787,8 @@ int spider_mbase_share::append_show_index()
   for (roop_count = 0; roop_count < (int) spider_share->all_link_count;
     roop_count++)
   {
-    show_index[0 + (2 * roop_count)].init_calc_mem(93);
-    show_index[1 + (2 * roop_count)].init_calc_mem(94);
+    show_index[0 + (2 * roop_count)].init_calc_mem(SPD_MID_MBASE_SHARE_APPEND_SHOW_INDEX_1);
+    show_index[1 + (2 * roop_count)].init_calc_mem(SPD_MID_MBASE_SHARE_APPEND_SHOW_INDEX_2);
     if (spider_share->sql_dbton_ids[roop_count] != dbton_id)
       continue;
 
@@ -8202,7 +7921,7 @@ int spider_mbase_share::discover_table_structure(
   uint strlen = str->length();
   DBUG_ENTER("spider_mbase_share::discover_table_structure");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql_str.init_calc_mem(228);
+  sql_str.init_calc_mem(SPD_MID_MBASE_SHARE_DISCOVER_TABLE_STRUCTURE_1);
   for (roop_count = 0; roop_count < (int) spider_share->all_link_count;
     roop_count++)
   {
@@ -8536,7 +8255,7 @@ spider_mbase_handler::spider_mbase_handler(
 {
   DBUG_ENTER("spider_mbase_handler::spider_mbase_handler");
   DBUG_PRINT("info",("spider this=%p", this));
-  spider_alloc_calc_mem_init(mem_calc, 183);
+  spider_alloc_calc_mem_init(mem_calc, SPD_MID_MBASE_HANDLER_SPIDER_MBASE_HANDLER_1);
   spider_alloc_calc_mem(spider_current_trx, mem_calc, sizeof(*this));
   DBUG_VOID_RETURN;
 }
@@ -8609,14 +8328,14 @@ int spider_mbase_handler::init()
   TABLE *table = spider->get_table();
   DBUG_ENTER("spider_mbase_handler::init");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql.init_calc_mem(59);
-  sql_part.init_calc_mem(60);
-  sql_part2.init_calc_mem(61);
-  ha_sql.init_calc_mem(62);
-  insert_sql.init_calc_mem(64);
-  update_sql.init_calc_mem(65);
-  tmp_sql.init_calc_mem(66);
-  dup_update_sql.init_calc_mem(166);
+  sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_1);
+  sql_part.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_2);
+  sql_part2.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_3);
+  ha_sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_4);
+  insert_sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_5);
+  update_sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_6);
+  tmp_sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_7);
+  dup_update_sql.init_calc_mem(SPD_MID_MBASE_HANDLER_INIT_8);
   if (
     (sql.real_alloc(init_sql_alloc_size)) ||
     (insert_sql.real_alloc(init_sql_alloc_size)) ||
@@ -8636,7 +8355,7 @@ int spider_mbase_handler::init()
   upd_tmp_tbl_prm.init();
   upd_tmp_tbl_prm.field_count = 1;
   if (!(link_for_hash = (SPIDER_LINK_FOR_HASH *)
-    spider_bulk_alloc_mem(spider_current_trx, 141,
+    spider_bulk_alloc_mem(spider_current_trx, SPD_MID_MBASE_HANDLER_INIT_9,
       __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
       &link_for_hash,
         sizeof(SPIDER_LINK_FOR_HASH) * share->link_count,
@@ -8740,7 +8459,7 @@ int spider_mbase_handler::append_key_column_types(
   spider_string tmp_str(tmp_buf, sizeof(tmp_buf), system_charset_info);
   DBUG_ENTER("spider_mbase_handler::append_key_column_types");
   DBUG_PRINT("info",("spider this=%p", this));
-  tmp_str.init_calc_mem(115);
+  tmp_str.init_calc_mem(SPD_MID_MBASE_HANDLER_APPEND_KEY_COLUMN_TYPES_1);
 
   start_key_part_map = start_key->keypart_map & full_key_part_map;
   DBUG_PRINT("info", ("spider spider_user_defined_key_parts=%u",
@@ -8870,7 +8589,7 @@ int spider_mbase_handler::append_tmp_table_and_sql_for_bka(
   const char *table_names[2], *table_aliases[2], *table_dot_aliases[2];
   uint table_name_lengths[2], table_alias_lengths[2],
     table_dot_alias_lengths[2];
-  tgt_table_name_str.init_calc_mem(99);
+  tgt_table_name_str.init_calc_mem(SPD_MID_MBASE_HANDLER_APPEND_TMP_TABLE_AND_SQL_FOR_BKA_1);
   tgt_table_name_str.length(0);
   create_tmp_bka_table_name(tmp_table_name, &tmp_table_name_length,
     first_link_idx);
@@ -9121,7 +8840,7 @@ int spider_mbase_handler::append_union_table_and_sql_for_bka(
   const char *table_names[2], *table_aliases[2], *table_dot_aliases[2];
   uint table_name_lengths[2], table_alias_lengths[2],
     table_dot_alias_lengths[2];
-  tgt_table_name_str.init_calc_mem(233);
+  tgt_table_name_str.init_calc_mem(SPD_MID_MBASE_HANDLER_APPEND_UNION_TABLE_AND_SQL_FOR_BKA_1);
   tgt_table_name_str.length(0);
   if ((error_num = append_table_name_with_adjusting(&tgt_table_name_str,
     first_link_idx, SPIDER_SQL_TYPE_SELECT_SQL)))
@@ -11107,7 +10826,7 @@ int spider_mbase_handler::append_match_against(
 
   char buf[MAX_FIELD_WIDTH];
   spider_string tmp_str(buf, MAX_FIELD_WIDTH, share->access_charset);
-  tmp_str.init_calc_mem(116);
+  tmp_str.init_calc_mem(SPD_MID_MBASE_HANDLER_APPEND_MATCH_AGAINST_1);
   tmp_str.length(0);
   if (
     tmp_str.append(ft_init_key->ptr(), ft_init_key->length(),
@@ -13223,14 +12942,10 @@ int spider_mbase_handler::set_sql_for_exec(
   int link_idx,
   SPIDER_LINK_IDX_CHAIN *link_idx_chain
 ) {
-  int error_num;
   DBUG_ENTER("spider_mbase_handler::set_sql_for_exec");
   DBUG_PRINT("info",("spider this=%p", this));
   if (sql_type & SPIDER_SQL_TYPE_SELECT_SQL)
   {
-    if ((error_num = spider_db_mbase_utility->reappend_tables(
-      spider->fields, link_idx_chain, &sql)))
-      DBUG_RETURN(error_num);
     exec_sql = &sql;
   }
   DBUG_RETURN(0);
@@ -13264,7 +12979,7 @@ int spider_mbase_handler::set_sql_for_exec(
         mysql_share->db_names_str[link_idx].charset());
       const char *table_names[2], *table_aliases[2];
       uint table_name_lengths[2], table_alias_lengths[2];
-      tgt_table_name_str.init_calc_mem(104);
+      tgt_table_name_str.init_calc_mem(SPD_MID_MBASE_HANDLER_SET_SQL_FOR_EXEC_1);
       tgt_table_name_str.length(0);
       if (result_list->tmp_table_join && spider->bka_mode != 2)
       {
@@ -15213,7 +14928,7 @@ int spider_mbase_handler::init_union_table_name_pos()
   DBUG_PRINT("info",("spider this=%p", this));
   if (!union_table_name_pos_first)
   {
-    if (!spider_bulk_malloc(spider_current_trx, 236, MYF(MY_WME),
+    if (!spider_bulk_malloc(spider_current_trx, SPD_MID_MBASE_HANDLER_INIT_UNION_TABLE_NAME_POS_1, MYF(MY_WME),
       &union_table_name_pos_first, (uint) (sizeof(SPIDER_INT_HLD)),
       NullS)
     ) {
@@ -15234,7 +14949,7 @@ int spider_mbase_handler::set_union_table_name_pos()
   {
     if (!union_table_name_pos_current->next)
     {
-      if (!spider_bulk_malloc(spider_current_trx, 237, MYF(MY_WME),
+      if (!spider_bulk_malloc(spider_current_trx, SPD_MID_MBASE_HANDLER_SET_UNION_TABLE_NAME_POS_1, MYF(MY_WME),
         &union_table_name_pos_current->next, (uint) (sizeof(SPIDER_INT_HLD)),
         NullS)
       ) {
@@ -15296,8 +15011,7 @@ int spider_mbase_handler::append_from_and_tables_part(
     default:
       DBUG_RETURN(0);
   }
-  fields->set_pos_to_first_table_holder();
-  table_holder = fields->get_next_table_holder();
+  table_holder = fields->get_first_table_holder();
   table_list = table_holder->table->pos_in_table_list;
   error_num = spider_db_mbase_utility->append_from_and_tables(
     table_holder->spider, fields, str,
@@ -15305,27 +15019,6 @@ int spider_mbase_handler::append_from_and_tables_part(
   DBUG_RETURN(error_num);
 }
 
-int spider_mbase_handler::reappend_tables_part(
-  spider_fields *fields,
-  ulong sql_type
-) {
-  int error_num;
-  spider_string *str;
-  DBUG_ENTER("spider_mbase_handler::reappend_tables_part");
-  DBUG_PRINT("info",("spider this=%p", this));
-  switch (sql_type)
-  {
-    case SPIDER_SQL_TYPE_SELECT_SQL:
-      str = &sql;
-      break;
-    default:
-      DBUG_RETURN(0);
-  }
-  error_num = spider_db_mbase_utility->reappend_tables(fields,
-    link_idx_chain, str);
-  DBUG_RETURN(error_num);
-}
-
 int spider_mbase_handler::append_where_part(
   ulong sql_type
 ) {
@@ -15678,7 +15371,7 @@ int spider_mbase_copy_table::init()
 {
   DBUG_ENTER("spider_mbase_copy_table::init");
   DBUG_PRINT("info",("spider this=%p", this));
-  sql.init_calc_mem(78);
+  sql.init_calc_mem(SPD_MID_MBASE_COPY_TABLE_INIT_1);
   DBUG_RETURN(0);
 }
 
diff --git a/storage/spider/spd_db_mysql.h b/storage/spider/spd_db_mysql.h
index ec72a97f..9ccc0e33 100644
--- a/storage/spider/spd_db_mysql.h
+++ b/storage/spider/spd_db_mysql.h
@@ -158,40 +158,22 @@ public:
     spider_string *to,
     String *from
   ) override;
-  int append_table(
-    ha_spider *spider,
-    spider_fields *fields,
-    spider_string *str,
-    TABLE_LIST *table_list,
-    TABLE_LIST **used_table_list,
-    uint *current_pos,
-    TABLE_LIST **cond_table_list_ptr,
-    bool top_down,
-    bool first
-  );
-  int append_tables_top_down(
-    ha_spider *spider,
-    spider_fields *fields,
-    spider_string *str,
-    TABLE_LIST *table_list,
-    TABLE_LIST **used_table_list,
-    uint *current_pos,
-    TABLE_LIST **cond_table_list_ptr
-  );
   int append_tables_top_down_check(
     TABLE_LIST *table_list,
     TABLE_LIST **used_table_list,
     uint *current_pos
   );
-  int append_embedding_tables(
-    ha_spider *spider,
-    spider_fields *fields,
-    spider_string *str,
-    TABLE_LIST *table_list,
-    TABLE_LIST **used_table_list,
-    uint *current_pos,
-    TABLE_LIST **cond_table_list_ptr
-  );
+  int append_table_list(spider_fields *fields,
+                        spider_string *str, TABLE_LIST *table,
+                        table_map *upper_usable_tables,
+                        table_map eliminated_tables);
+  int append_table_array(spider_fields *fields,
+                         spider_string *str, TABLE_LIST **table,
+                         TABLE_LIST **end, table_map *upper_usable_tables,
+                         table_map eliminated_tables);
+  int append_join(spider_fields *fields, spider_string *str,
+                  List<TABLE_LIST> *tables, table_map *upper_usable_tables,
+                  table_map eliminated_tables);
   int append_from_and_tables(
     ha_spider *spider,
     spider_fields *fields,
@@ -199,11 +181,6 @@ public:
     TABLE_LIST *table_list,
     uint table_count
   ) override;
-  int reappend_tables(
-    spider_fields *fields,
-    SPIDER_LINK_IDX_CHAIN *link_idx_chain,
-    spider_string *str
-  ) override;
   int append_where(
     spider_string *str
   ) override;
@@ -634,8 +611,11 @@ public:
   spider_string      *show_table_status;
   spider_string      *show_records;
   spider_string      *show_index;
+  /* The remote table names */
   spider_string      *table_names_str;
+  /* The remote db names */
   spider_string      *db_names_str;
+  /* fixme: this field looks useless */
   spider_string      *db_table_str;
   my_hash_value_type *db_table_str_hash_value;
   uint               table_nm_max_length;
@@ -1485,10 +1465,6 @@ public:
     spider_fields *fields,
     ulong sql_type
   );
-  int reappend_tables_part(
-    spider_fields *fields,
-    ulong sql_type
-  );
   int append_where_part(
     ulong sql_type
   );
diff --git a/storage/spider/spd_direct_sql.cc b/storage/spider/spd_direct_sql.cc
index dbf7cc8f..d345bb04 100644
--- a/storage/spider/spd_direct_sql.cc
+++ b/storage/spider/spd_direct_sql.cc
@@ -109,7 +109,7 @@ int spider_udf_direct_sql_create_table_list(
       break;
   }
   if (!(direct_sql->db_names = (char**)
-    spider_bulk_malloc(spider_current_trx, 31, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_UDF_DIRECT_SQL_CREATE_TABLE_LIST_2, MYF(MY_WME | MY_ZEROFILL),
       &direct_sql->db_names, (uint) (sizeof(char*) * table_count),
       &direct_sql->table_names, (uint) (sizeof(char*) * table_count),
       &direct_sql->tables, (uint) (sizeof(TABLE*) * table_count),
@@ -238,7 +238,7 @@ int spider_udf_direct_sql_create_conn_key(
       + direct_sql->tgt_filedsn_length + 1
       + direct_sql->tgt_driver_length;
   if (!(direct_sql->conn_key = (char *)
-    spider_malloc(spider_current_trx, 9, direct_sql->conn_key_length + 1,
+    spider_malloc(spider_current_trx, SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_KEY_1, direct_sql->conn_key_length + 1,
       MYF(MY_WME | MY_ZEROFILL)))
   )
     DBUG_RETURN(HA_ERR_OUT_OF_MEM);
@@ -389,7 +389,7 @@ SPIDER_CONN *spider_udf_direct_sql_create_conn(
       spider_dbton[direct_sql->dbton_id].db_util->
         tables_on_different_db_are_joinable();
     if (!(conn = (SPIDER_CONN *)
-      spider_bulk_malloc(spider_current_trx, 32, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_1, MYF(MY_WME | MY_ZEROFILL),
         &conn, (uint) (sizeof(*conn)),
         &tmp_name, (uint) (direct_sql->conn_key_length + 1),
         &tmp_host, (uint) (direct_sql->tgt_host_length + 1),
@@ -420,7 +420,7 @@ SPIDER_CONN *spider_udf_direct_sql_create_conn(
       *error_num = HA_ERR_OUT_OF_MEM;
       goto error_alloc_conn;
     }
-    conn->default_database.init_calc_mem(138);
+    conn->default_database.init_calc_mem(SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_2);
 
   conn->conn_key_length = direct_sql->conn_key_length;
   conn->conn_key = tmp_name;
@@ -1439,7 +1439,7 @@ long long spider_direct_sql_body(
   DBUG_ENTER("spider_direct_sql_body");
   SPIDER_BACKUP_DASTATUS;
   if (!(direct_sql = (SPIDER_DIRECT_SQL *)
-    spider_bulk_malloc(spider_current_trx, 34, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_DIRECT_SQL_BODY_1, MYF(MY_WME | MY_ZEROFILL),
       &direct_sql, (uint) (sizeof(SPIDER_DIRECT_SQL)),
       &sql, (uint) (sizeof(char) * args->lengths[0]),
       NullS))
@@ -1674,7 +1674,7 @@ my_bool spider_direct_sql_init_body(
   if (bg)
   {
     if (!(bg_direct_sql = (SPIDER_BG_DIRECT_SQL *)
-      spider_malloc(spider_current_trx, 10, sizeof(SPIDER_BG_DIRECT_SQL),
+      spider_malloc(spider_current_trx, SPD_MID_DIRECT_SQL_INIT_BODY_1, sizeof(SPIDER_BG_DIRECT_SQL),
       MYF(MY_WME | MY_ZEROFILL)))
     ) {
       strcpy(message, "spider_bg_direct_sql() out of memory");
diff --git a/storage/spider/spd_group_by_handler.cc b/storage/spider/spd_group_by_handler.cc
index 3cd299c6..6236a7b9 100644
--- a/storage/spider/spd_group_by_handler.cc
+++ b/storage/spider/spd_group_by_handler.cc
@@ -22,6 +22,7 @@
 #include "probes_mysql.h"
 #include "sql_class.h"
 #include "sql_partition.h"
+#include "sql_select.h"
 #include "ha_partition.h"
 #include "sql_common.h"
 #include <errmsg.h>
@@ -42,11 +43,9 @@ extern SPIDER_DBTON spider_dbton[SPIDER_DBTON_SIZE];
 
 spider_fields::spider_fields() :
   dbton_count(0), current_dbton_num(0),
-  table_count(0), current_table_num(0), table_holder(NULL),
+  table_count(0), table_holder(NULL),
   first_link_idx_chain(NULL), last_link_idx_chain(NULL), current_link_idx_chain(NULL),
-  first_conn_holder(NULL), last_conn_holder(NULL), current_conn_holder(NULL),
-  first_field_holder(NULL), last_field_holder(NULL), current_field_holder(NULL),
-  first_field_chain(NULL), last_field_chain(NULL), current_field_chain(NULL)
+  first_conn_holder(NULL), last_conn_holder(NULL), current_conn_holder(NULL)
 {
   DBUG_ENTER("spider_fields::spider_fields");
   DBUG_PRINT("info",("spider this=%p", this));
@@ -65,24 +64,6 @@ spider_fields::~spider_fields()
       spider_free(spider_current_trx, current_link_idx_chain, MYF(0));
     }
   }
-  if (first_field_chain)
-  {
-    while ((current_field_chain = first_field_chain))
-    {
-      first_field_chain = current_field_chain->next;
-      spider_free(spider_current_trx, current_field_chain, MYF(0));
-    }
-  }
-  if (first_field_holder)
-  {
-    while ((current_field_holder = first_field_holder))
-    {
-      first_field_holder = current_field_holder->next;
-      spider_free(spider_current_trx, current_field_holder, MYF(0));
-    }
-  }
-  if (table_holder)
-    spider_free(spider_current_trx, table_holder, MYF(0));
   if (first_conn_holder)
   {
     while ((current_conn_holder = first_conn_holder))
@@ -364,7 +345,7 @@ SPIDER_LINK_IDX_CHAIN *spider_fields::create_link_idx_chain(
   DBUG_ENTER("spider_fields::create_link_idx_chain");
   DBUG_PRINT("info",("spider this=%p", this));
   DBUG_RETURN((SPIDER_LINK_IDX_CHAIN *)
-    spider_malloc(spider_current_trx, 254, sizeof(SPIDER_LINK_IDX_CHAIN),
+    spider_malloc(spider_current_trx, SPD_MID_FIELDS_CREATE_LINK_IDX_CHAIN_1, sizeof(SPIDER_LINK_IDX_CHAIN),
     MYF(MY_WME | MY_ZEROFILL)));
 }
 
@@ -471,7 +452,6 @@ int spider_fields::get_ok_link_idx(
 
 void spider_fields::set_first_link_idx(
 ) {
-  SPIDER_TABLE_HOLDER *table_holder;
   SPIDER_LINK_IDX_HOLDER *link_idx_holder;
   SPIDER_LINK_IDX_CHAIN *link_idx_chain;
   uint dbton_id;
@@ -493,11 +473,10 @@ void spider_fields::set_first_link_idx(
     DBUG_ASSERT(link_idx_chain);
     set_pos_to_first_table_on_link_idx_chain(link_idx_chain);
 
-    set_pos_to_first_table_holder();
-    while ((table_holder = get_next_table_holder()))
+    for (uint i= 0; i < table_count; i++)
     {
       link_idx_holder = get_next_table_on_link_idx_chain(link_idx_chain);
-      spider = table_holder->spider;
+      spider = table_holder[i].spider;
       dbton_hdl = spider->dbton_handler[dbton_id];
       dbton_hdl->first_link_idx = link_idx_holder->link_idx;
     }
@@ -554,7 +533,7 @@ SPIDER_LINK_IDX_HOLDER *spider_fields::create_link_idx_holder(
   DBUG_ENTER("spider_fields::create_link_idx_holder");
   DBUG_PRINT("info",("spider this=%p", this));
   DBUG_RETURN((SPIDER_LINK_IDX_HOLDER *)
-    spider_malloc(spider_current_trx, 253, sizeof(SPIDER_LINK_IDX_HOLDER),
+    spider_malloc(spider_current_trx, SPD_MID_FIELDS_CREATE_LINK_IDX_HOLDER_1, sizeof(SPIDER_LINK_IDX_HOLDER),
     MYF(MY_WME | MY_ZEROFILL)));
 }
 
@@ -632,7 +611,7 @@ SPIDER_CONN_HOLDER *spider_fields::create_conn_holder(
   DBUG_ENTER("spider_fields::create_conn_holder");
   DBUG_PRINT("info",("spider this=%p", this));
   return_conn_holder = (SPIDER_CONN_HOLDER *)
-    spider_bulk_malloc(spider_current_trx, 252, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_FIELDS_CREATE_CONN_HOLDER_1, MYF(MY_WME | MY_ZEROFILL),
       &return_conn_holder, (uint) (sizeof(SPIDER_CONN_HOLDER)),
       &table_link_idx_holder,
         (uint) (table_count * sizeof(SPIDER_TABLE_LINK_IDX_HOLDER)),
@@ -646,24 +625,6 @@ SPIDER_CONN_HOLDER *spider_fields::create_conn_holder(
   DBUG_RETURN(return_conn_holder);
 }
 
-void spider_fields::set_pos_to_first_conn_holder(
-) {
-  DBUG_ENTER("spider_fields::set_pos_to_first_conn_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  current_conn_holder = first_conn_holder;
-  DBUG_VOID_RETURN;
-}
-
-SPIDER_CONN_HOLDER *spider_fields::get_next_conn_holder(
-) {
-  SPIDER_CONN_HOLDER *return_conn_holder = current_conn_holder;
-  DBUG_ENTER("spider_fields::get_next_conn_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (current_conn_holder)
-    current_conn_holder = current_conn_holder->next;
-  DBUG_RETURN(return_conn_holder);
-}
-
 bool spider_fields::has_conn_holder(
 ) {
   DBUG_ENTER("spider_fields::has_conn_holder");
@@ -862,19 +823,17 @@ void spider_fields::free_conn_holder(
   DBUG_VOID_RETURN;
 }
 
-SPIDER_TABLE_HOLDER *spider_fields::add_table(
-  ha_spider *spider_arg
+/* Add the table associated with an ha_spider to a table_holder.
+Return the table_holder. */
+static SPIDER_TABLE_HOLDER *spider_add_table_holder(
+  ha_spider *spider_arg,
+  SPIDER_TABLE_HOLDER *table_holder
 ) {
   spider_string *str;
   uint length;
   char tmp_buf[SPIDER_SQL_INT_LEN + 2];
   SPIDER_TABLE_HOLDER *return_table_holder;
-  SPIDER_FIELD_HOLDER *field_holder;
-  TABLE *table = spider_arg->get_table();
-  Field *field;
   DBUG_ENTER("spider_fields::add_table");
-  DBUG_PRINT("info",("spider this=%p", this));
-  DBUG_PRINT("info",("spider table_count=%u", table_count));
   DBUG_PRINT("info",("spider idx_for_direct_join=%u",
     spider_arg->idx_for_direct_join));
   length = my_sprintf(tmp_buf, (tmp_buf, "t%u",
@@ -893,90 +852,49 @@ SPIDER_TABLE_HOLDER *spider_fields::add_table(
   return_table_holder->spider = spider_arg;
   return_table_holder->alias = str;
 
-  set_pos_to_first_field_holder();
-  while ((field_holder = get_next_field_holder()))
-  {
-    if (!field_holder->spider)
-    {
-      field = field_holder->field;
-      if (
-        field->field_index < table->s->fields &&
-        field == table->field[field->field_index]
-      ) {
-        field_holder->spider = spider_arg;
-        field_holder->alias = str;
-      }
-    }
-  }
   DBUG_RETURN(return_table_holder);
 }
 
-/**
-  Verify that all fields in the query are members of tables that are in the
-  query.
-
-  @return TRUE              All fields in the query are members of tables
-                            that are in the query.
-          FALSE             At least one field in the query is not a
-                            member of a table that is in the query.
-*/
-
-bool spider_fields::all_query_fields_are_query_table_members()
+/* Return the table that field belongs to, or NULL if none exists. */
+SPIDER_TABLE_HOLDER *spider_fields::find_table(Field *field)
 {
-  SPIDER_FIELD_HOLDER *field_holder;
-  DBUG_ENTER("spider_fields::all_query_fields_are_query_table_members");
-  DBUG_PRINT("info",("spider this=%p", this));
-
-  set_pos_to_first_field_holder();
-  while ((field_holder = get_next_field_holder()))
-  {
-    if (!field_holder->spider)
-    {
-      DBUG_PRINT("info", ("spider field is not a member of a query table"));
-      DBUG_RETURN(FALSE);
-    }
-  }
+  for (uint i = 0; i < table_count; i++)
+    if (field->table == table_holder[i].table)
+      return &table_holder[i];
+  return NULL;
+}
 
-  DBUG_RETURN(TRUE);
+void spider_fields::set_table_holder(SPIDER_TABLE_HOLDER *table_holder_arg,
+                                     uint table_count_arg)
+{
+  table_holder= table_holder_arg;
+  table_count= table_count_arg;
 }
 
-int spider_fields::create_table_holder(
+/* Allocate space for table_count_arg table holders. */
+static SPIDER_TABLE_HOLDER *spider_create_table_holder(
   uint table_count_arg
 ) {
-  DBUG_ENTER("spider_fields::create_table_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  DBUG_ASSERT(!table_holder);
+  SPIDER_TABLE_HOLDER* table_holder;
+  DBUG_ENTER("spider_create_table_holder");
+  if (table_count_arg == 0)
+    DBUG_RETURN(0);
   table_holder = (SPIDER_TABLE_HOLDER *)
-    spider_malloc(spider_current_trx, 249,
+    spider_malloc(spider_current_trx, SPD_MID_CREATE_TABLE_HOLDER_1,
     table_count_arg * sizeof(SPIDER_TABLE_HOLDER),
     MYF(MY_WME | MY_ZEROFILL));
-  if (!table_holder)
-    DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-  table_count = table_count_arg;
-  current_table_num = 0;
-  DBUG_RETURN(0);
+  DBUG_RETURN(table_holder);
 }
 
-void spider_fields::set_pos_to_first_table_holder(
-) {
-  DBUG_ENTER("spider_fields::set_pos_to_first_table_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  current_table_num = 0;
-  DBUG_VOID_RETURN;
-}
-
-SPIDER_TABLE_HOLDER *spider_fields::get_next_table_holder(
-) {
-  SPIDER_TABLE_HOLDER *return_table_holder;
-  DBUG_ENTER("spider_fields::get_next_table_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (current_table_num >= table_count)
-    DBUG_RETURN(NULL);
-  return_table_holder = &table_holder[current_table_num];
-  ++current_table_num;
-  DBUG_RETURN(return_table_holder);
+/* Return pointer to the first table holder. */
+SPIDER_TABLE_HOLDER *spider_fields::get_first_table_holder()
+{
+  DBUG_ENTER("spider_fields::get_first_spider");
+  DBUG_RETURN(table_holder);
 }
 
+/* Return the first table holder associated with a given table, or
+NULL if not found. */
 SPIDER_TABLE_HOLDER *spider_fields::get_table_holder(TABLE *table)
 {
   uint table_num;
@@ -996,117 +914,12 @@ uint spider_fields::get_table_count()
   DBUG_RETURN(table_count);
 }
 
-int spider_fields::add_field(
-  Field *field_arg
-) {
-  SPIDER_FIELD_HOLDER *field_holder;
-  SPIDER_FIELD_CHAIN *field_chain;
-  DBUG_ENTER("spider_fields::add_field");
-  DBUG_PRINT("info",("spider this=%p", this));
-  DBUG_PRINT("info",("spider field=%p", field_arg));
-  if (!first_field_holder)
-  {
-    field_holder = create_field_holder();
-    DBUG_PRINT("info",("spider field_holder=%p", field_holder));
-    if (!field_holder)
-      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-    field_holder->field = field_arg;
-    first_field_holder = field_holder;
-    last_field_holder = field_holder;
-  } else {
-    field_holder = first_field_holder;
-    do {
-      if (field_holder->field == field_arg)
-        break;
-    } while ((field_holder = field_holder->next));
-    if (!field_holder)
-    {
-      field_holder = create_field_holder();
-      DBUG_PRINT("info",("spider field_holder=%p", field_holder));
-      if (!field_holder)
-        DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-      field_holder->field = field_arg;
-      last_field_holder->next = field_holder;
-      last_field_holder = field_holder;
-    }
-  }
-  field_chain = create_field_chain();
-  DBUG_PRINT("info",("spider field_chain=%p", field_chain));
-  if (!field_chain)
-    DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-  field_chain->field_holder = field_holder;
-  if (!first_field_chain)
-  {
-    first_field_chain = field_chain;
-    last_field_chain = field_chain;
-  } else {
-    last_field_chain->next = field_chain;
-    last_field_chain = field_chain;
-  }
-  DBUG_RETURN(0);
-}
-
-SPIDER_FIELD_HOLDER *spider_fields::create_field_holder(
-) {
-  DBUG_ENTER("spider_fields::create_field_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  DBUG_RETURN((SPIDER_FIELD_HOLDER *)
-    spider_malloc(spider_current_trx, 250, sizeof(SPIDER_FIELD_HOLDER),
-    MYF(MY_WME | MY_ZEROFILL)));
-}
-
-void spider_fields::set_pos_to_first_field_holder(
-) {
-  DBUG_ENTER("spider_fields::set_pos_to_first_field_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  current_field_holder = first_field_holder;
-  DBUG_VOID_RETURN;
-}
-
-SPIDER_FIELD_HOLDER *spider_fields::get_next_field_holder(
-) {
-  SPIDER_FIELD_HOLDER *return_field_holder = current_field_holder;
-  DBUG_ENTER("spider_fields::get_next_field_holder");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (current_field_holder)
-    current_field_holder = current_field_holder->next;
-  DBUG_RETURN(return_field_holder);
-}
-
-SPIDER_FIELD_CHAIN *spider_fields::create_field_chain(
-) {
-  DBUG_ENTER("spider_fields::create_field_chain");
-  DBUG_PRINT("info",("spider this=%p", this));
-  DBUG_RETURN((SPIDER_FIELD_CHAIN *)
-    spider_malloc(spider_current_trx, 251, sizeof(SPIDER_FIELD_CHAIN),
-    MYF(MY_WME | MY_ZEROFILL)));
-}
-
-void spider_fields::set_pos_to_first_field_chain(
-) {
-  DBUG_ENTER("spider_fields::set_pos_to_first_field_chain");
-  DBUG_PRINT("info",("spider this=%p", this));
-  current_field_chain = first_field_chain;
-  DBUG_VOID_RETURN;
-}
-
-SPIDER_FIELD_CHAIN *spider_fields::get_next_field_chain(
-) {
-  SPIDER_FIELD_CHAIN *return_field_chain = current_field_chain;
-  DBUG_ENTER("spider_fields::get_next_field_chain");
-  DBUG_PRINT("info",("spider this=%p", this));
-  if (current_field_chain)
-    current_field_chain = current_field_chain->next;
-  DBUG_RETURN(return_field_chain);
-}
-
 void spider_fields::set_field_ptr(
   Field **field_arg
 ) {
   DBUG_ENTER("spider_fields::set_field_ptr");
   DBUG_PRINT("info",("spider this=%p", this));
   DBUG_PRINT("info",("spider field_ptr=%p", field_arg));
-  first_field_ptr = field_arg;
   current_field_ptr = field_arg;
   DBUG_VOID_RETURN;
 }
@@ -1129,15 +942,13 @@ int spider_fields::ping_table_mon_from_table(
   ha_spider *tmp_spider;
   SPIDER_SHARE *tmp_share;
   int tmp_link_idx;
-  SPIDER_TABLE_HOLDER *table_holder;
   SPIDER_LINK_IDX_HOLDER *link_idx_holder;
   DBUG_ENTER("spider_fields::ping_table_mon_from_table");
   set_pos_to_first_table_on_link_idx_chain(link_idx_chain);
-  set_pos_to_first_table_holder();
-  while ((table_holder = get_next_table_holder()))
+  for (uint i= 0; i < table_count; i++)
   {
     link_idx_holder = get_next_table_on_link_idx_chain(link_idx_chain);
-    tmp_spider = table_holder->spider;
+    tmp_spider = table_holder[i].spider;
     tmp_link_idx = link_idx_holder->link_idx;
     tmp_share = tmp_spider->share;
     if (tmp_share->monitoring_kind[tmp_link_idx])
@@ -1173,9 +984,7 @@ spider_group_by_handler::spider_group_by_handler(
   query(*query_arg), fields(fields_arg)
 {
   DBUG_ENTER("spider_group_by_handler::spider_group_by_handler");
-  fields->set_pos_to_first_table_holder();
-  SPIDER_TABLE_HOLDER *table_holder = fields->get_next_table_holder();
-  spider = table_holder->spider;
+  spider = fields->get_first_table_holder()->spider;
   trx = spider->wide_handler->trx;
   DBUG_VOID_RETURN;
 }
@@ -1183,42 +992,20 @@ spider_group_by_handler::spider_group_by_handler(
 spider_group_by_handler::~spider_group_by_handler()
 {
   DBUG_ENTER("spider_group_by_handler::~spider_group_by_handler");
+  spider_free(spider_current_trx, fields->get_first_table_holder(), MYF(0));
   delete fields;
   DBUG_VOID_RETURN;
 }
 
-int spider_group_by_handler::init_scan()
+static int spider_prepare_init_scan(
+  const Query& query, spider_fields *fields, ha_spider *spider,
+  SPIDER_TRX *trx, longlong& offset_limit, THD *thd)
 {
-  int error_num, link_idx;
-  uint dbton_id;
-  spider_db_handler *dbton_hdl;
+  SPIDER_RESULT_LIST *result_list = &spider->result_list;
   st_select_lex *select_lex;
-  longlong select_limit;
-  longlong direct_order_limit;
+  longlong select_limit, direct_order_limit;
   SPIDER_SHARE *share = spider->share;
-  SPIDER_CONN *conn;
-  SPIDER_RESULT_LIST *result_list = &spider->result_list;
-  SPIDER_LINK_IDX_CHAIN *link_idx_chain;
-  SPIDER_LINK_IDX_HOLDER *link_idx_holder;
-  DBUG_ENTER("spider_group_by_handler::init_scan");
-  store_error = 0;
-#ifndef DBUG_OFF
-  Field **field;
-  for (
-    field = table->field;
-    *field;
-    field++
-  ) {
-    DBUG_PRINT("info",("spider field_name=%s",
-      SPIDER_field_name_str(*field)));
-  }
-#endif
-
-  if (trx->thd->killed)
-  {
-    my_error(ER_QUERY_INTERRUPTED, MYF(0));
-    DBUG_RETURN(ER_QUERY_INTERRUPTED);
-  }
+  DBUG_ENTER("spider_prepare_init_scan");
 
   spider->use_fields = TRUE;
   spider->fields = fields;
@@ -1264,7 +1051,7 @@ int spider_group_by_handler::init_scan()
   }
   result_list->semi_split_read_base = 0;
   result_list->set_split_read = TRUE;
-  if ((error_num = spider_set_conn_bg_param(spider)))
+  if (int error_num = spider_set_conn_bg_param(spider))
     DBUG_RETURN(error_num);
   DBUG_PRINT("info",("spider result_list.finish_flg = FALSE"));
   result_list->finish_flg = FALSE;
@@ -1284,86 +1071,87 @@ int spider_group_by_handler::init_scan()
   } else {
     offset_limit = 0;
   }
+  DBUG_RETURN(0);
+}
+
+static int spider_make_query(const Query& query, spider_fields* fields, ha_spider *spider, TABLE *table)
+{
+  uint dbton_id;
+  spider_db_handler* dbton_hdl;
+  SPIDER_RESULT_LIST *result_list = &spider->result_list;
+  int error_num;
+  DBUG_ENTER("spider_make_query");
 
-  /* making a query */
   fields->set_pos_to_first_dbton_id();
   while ((dbton_id = fields->get_next_dbton_id()) < SPIDER_DBTON_SIZE)
   {
     dbton_hdl = spider->dbton_handler[dbton_id];
     result_list->direct_distinct = query.distinct;
-    fields->set_pos_to_first_field_chain();
     if ((error_num = dbton_hdl->reset_sql(SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
       DBUG_RETURN(error_num);
-    }
     if ((error_num = dbton_hdl->append_select_part(SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
       DBUG_RETURN(error_num);
-    }
     fields->set_field_ptr(table->field);
     if ((error_num = dbton_hdl->append_list_item_select_part(
-      query.select, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
+           query.select, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
       DBUG_RETURN(error_num);
-    }
     if ((error_num = dbton_hdl->append_from_and_tables_part(
-      fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
+           fields, SPIDER_SQL_TYPE_SELECT_SQL)))
       DBUG_RETURN(error_num);
-    }
     if (query.where)
     {
       if ((error_num =
-        dbton_hdl->append_where_part(SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+           dbton_hdl->append_where_part(SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
       if ((error_num = dbton_hdl->append_item_type_part(
-        query.where, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+             query.where, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
     }
     if (query.group_by)
     {
       if ((error_num = dbton_hdl->append_group_by_part(
-        query.group_by, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+             query.group_by, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
     }
     if (query.having)
     {
       if ((error_num =
-        dbton_hdl->append_having_part(SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+           dbton_hdl->append_having_part(SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
       if ((error_num = dbton_hdl->append_item_type_part(
-        query.having, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+             query.having, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
     }
     if (query.order_by)
     {
       if ((error_num = dbton_hdl->append_order_by_part(
-        query.order_by, NULL, 0, TRUE, fields, SPIDER_SQL_TYPE_SELECT_SQL)))
-      {
+             query.order_by, NULL, 0, TRUE, fields,
+             SPIDER_SQL_TYPE_SELECT_SQL)))
         DBUG_RETURN(error_num);
-      }
     }
-    if ((error_num = dbton_hdl->append_limit_part(result_list->internal_offset,
-      result_list->limit_num, SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
+    if ((error_num = dbton_hdl->append_limit_part(
+           result_list->internal_offset, result_list->limit_num,
+           SPIDER_SQL_TYPE_SELECT_SQL)))
       DBUG_RETURN(error_num);
-    }
     if ((error_num = dbton_hdl->append_select_lock_part(
-      SPIDER_SQL_TYPE_SELECT_SQL)))
-    {
+           SPIDER_SQL_TYPE_SELECT_SQL)))
       DBUG_RETURN(error_num);
-    }
   }
+  DBUG_RETURN(0);
+}
+
+static int spider_send_query(
+  spider_fields *fields, ha_spider *spider, SPIDER_TRX *trx, TABLE *table,
+  int& store_error)
+{
+  int error_num, link_idx;
+  spider_db_handler *dbton_hdl;
+  SPIDER_RESULT_LIST *result_list = &spider->result_list;
+  SPIDER_SHARE *share = spider->share;
+  SPIDER_CONN *conn;
+  SPIDER_LINK_IDX_CHAIN *link_idx_chain;
+  SPIDER_LINK_IDX_HOLDER *link_idx_holder;
+  DBUG_ENTER("spider_send_query");
 
   fields->set_pos_to_first_link_idx_chain();
   while ((link_idx_chain = fields->get_next_link_idx_chain()))
@@ -1382,12 +1170,8 @@ int spider_group_by_handler::init_scan()
         dbton_hdl->first_link_idx, TRUE, FALSE,
         !fields->is_first_link_ok_chain(link_idx_chain))))
       {
-        if (
-          error_num != HA_ERR_END_OF_FILE &&
-          spider->need_mons[link_idx]
-        ) {
+        if (error_num != HA_ERR_END_OF_FILE && spider->need_mons[link_idx])
           error_num = fields->ping_table_mon_from_table(link_idx_chain);
-        }
         if ((error_num = spider->check_error_mode_eof(error_num)) == HA_ERR_END_OF_FILE)
         {
           store_error = HA_ERR_END_OF_FILE;
@@ -1395,14 +1179,12 @@ int spider_group_by_handler::init_scan()
         }
         DBUG_RETURN(error_num);
       }
-    } else {
+    } else
+    {
       pthread_mutex_assert_not_owner(&conn->mta_conn_mutex);
-      if ((error_num =
-        dbton_hdl->set_sql_for_exec(SPIDER_SQL_TYPE_SELECT_SQL, link_idx,
-        link_idx_chain)))
-      {
+      if ((error_num = dbton_hdl->set_sql_for_exec(
+             SPIDER_SQL_TYPE_SELECT_SQL, link_idx, link_idx_chain)))
         DBUG_RETURN(error_num);
-      }
       pthread_mutex_lock(&conn->mta_conn_mutex);
       SPIDER_SET_FILE_POS(&conn->mta_conn_mutex_file_pos);
       conn->need_mon = &spider->need_mons[link_idx];
@@ -1412,6 +1194,7 @@ int spider_group_by_handler::init_scan()
       conn->mta_conn_mutex_unlock_later = TRUE;
       if ((error_num = spider_db_set_names(spider, conn,
         link_idx)))
+      if ((error_num = spider_db_set_names(spider, conn, link_idx)))
       {
         DBUG_ASSERT(conn->mta_conn_mutex_lock_already);
         DBUG_ASSERT(conn->mta_conn_mutex_unlock_later);
@@ -1419,37 +1202,32 @@ int spider_group_by_handler::init_scan()
         conn->mta_conn_mutex_unlock_later = FALSE;
         SPIDER_CLEAR_FILE_POS(&conn->mta_conn_mutex_file_pos);
         pthread_mutex_unlock(&conn->mta_conn_mutex);
-        if (
-          spider->need_mons[link_idx]
-        ) {
+        if (spider->need_mons[link_idx])
           error_num = fields->ping_table_mon_from_table(link_idx_chain);
-        }
-        if ((error_num = spider->check_error_mode_eof(error_num)) == HA_ERR_END_OF_FILE)
+        if ((error_num = spider->check_error_mode_eof(error_num)) ==
+            HA_ERR_END_OF_FILE)
         {
           store_error = HA_ERR_END_OF_FILE;
           error_num = 0;
         }
         DBUG_RETURN(error_num);
       }
-      spider_conn_set_timeout_from_share(conn, link_idx,
-        trx->thd, share);
+      spider_conn_set_timeout_from_share(conn, link_idx, trx->thd, share);
       if (dbton_hdl->execute_sql(
         SPIDER_SQL_TYPE_SELECT_SQL,
         conn,
         spider->result_list.quick_mode,
-        &spider->need_mons[link_idx])
-      ) {
+        &spider->need_mons[link_idx]))
+      {
         DBUG_ASSERT(conn->mta_conn_mutex_lock_already);
         DBUG_ASSERT(conn->mta_conn_mutex_unlock_later);
         conn->mta_conn_mutex_lock_already = FALSE;
         conn->mta_conn_mutex_unlock_later = FALSE;
         error_num = spider_db_errorno(conn);
-        if (
-          spider->need_mons[link_idx]
-        ) {
+        if (spider->need_mons[link_idx])
           error_num = fields->ping_table_mon_from_table(link_idx_chain);
-        }
-        if ((error_num = spider->check_error_mode_eof(error_num)) == HA_ERR_END_OF_FILE)
+        if ((error_num = spider->check_error_mode_eof(error_num)) ==
+            HA_ERR_END_OF_FILE)
         {
           store_error = HA_ERR_END_OF_FILE;
           error_num = 0;
@@ -1465,13 +1243,10 @@ int spider_group_by_handler::init_scan()
       {
         if ((error_num = spider_db_store_result(spider, link_idx, table)))
         {
-          if (
-            error_num != HA_ERR_END_OF_FILE &&
-            spider->need_mons[link_idx]
-          ) {
+          if (error_num != HA_ERR_END_OF_FILE && spider->need_mons[link_idx])
             error_num = fields->ping_table_mon_from_table(link_idx_chain);
-          }
-          if ((error_num = spider->check_error_mode_eof(error_num)) == HA_ERR_END_OF_FILE)
+          if ((error_num = spider->check_error_mode_eof(error_num)) ==
+              HA_ERR_END_OF_FILE)
           {
             store_error = HA_ERR_END_OF_FILE;
             error_num = 0;
@@ -1480,13 +1255,45 @@ int spider_group_by_handler::init_scan()
         }
         spider->result_link_idx = link_idx;
         spider->result_link_idx_chain = link_idx_chain;
-      } else {
+      } else
+      {
         spider_db_discard_result(spider, link_idx, conn);
         SPIDER_CLEAR_FILE_POS(&conn->mta_conn_mutex_file_pos);
         pthread_mutex_unlock(&conn->mta_conn_mutex);
       }
     }
   }
+  DBUG_RETURN(0);
+}
+
+/*
+ Prepare and send query to data nodes and store the query results.
+*/
+int spider_group_by_handler::init_scan()
+{
+  int error_num;
+  DBUG_ENTER("spider_group_by_handler::init_scan");
+  store_error = 0;
+#ifndef DBUG_OFF
+  for (Field **field = table->field; *field; field++)
+    DBUG_PRINT("info",("spider field_name=%s", SPIDER_field_name_str(*field)));
+#endif
+
+  if (trx->thd->killed)
+  {
+    my_error(ER_QUERY_INTERRUPTED, MYF(0));
+    DBUG_RETURN(ER_QUERY_INTERRUPTED);
+  }
+
+  if ((error_num = spider_prepare_init_scan(
+         query, fields, spider, trx, offset_limit, thd)))
+    DBUG_RETURN(error_num);
+
+  if ((error_num = spider_make_query(query, fields, spider, table)))
+    DBUG_RETURN(error_num);
+
+  if ((error_num = spider_send_query(fields, spider, trx, table, store_error)))
+    DBUG_RETURN(error_num);
 
   first = TRUE;
   DBUG_RETURN(0);
@@ -1595,7 +1402,8 @@ group_by_handler *spider_create_group_by_handler(
   bool keep_going;
   bool find_dbton = FALSE;
   spider_fields *fields = NULL, *fields_arg = NULL;
-  uint table_idx, dbton_id;
+  SPIDER_TABLE_HOLDER *table_holder;
+  uint table_idx, dbton_id, table_count= 0;
   long tgt_link_status;
   DBUG_ENTER("spider_create_group_by_handler");
 
@@ -1617,8 +1425,7 @@ group_by_handler *spider_create_group_by_handler(
   from = query->from;
   do {
     DBUG_PRINT("info",("spider from=%p", from));
-    if (from->table->const_table)
-      continue;
+    ++table_count;
     if (from->table->part_info)
     {
       DBUG_PRINT("info",("spider partition handler"));
@@ -1633,17 +1440,11 @@ group_by_handler *spider_create_group_by_handler(
     }
   } while ((from = from->next_local));
 
+  if (!(table_holder= spider_create_table_holder(table_count)))
+    DBUG_RETURN(NULL);
+
   table_idx = 0;
   from = query->from;
-  while (from && from->table->const_table)
-  {
-    from = from->next_local;
-  }
-  if (!from)
-  {
-    /* all tables are const_table */
-    DBUG_RETURN(NULL);
-  }
   if (from->table->part_info)
   {
     partition_info *part_info = from->table->part_info;
@@ -1657,6 +1458,11 @@ group_by_handler *spider_create_group_by_handler(
   share = spider->share;
   spider->idx_for_direct_join = table_idx;
   ++table_idx;
+  if (!spider_add_table_holder(spider, table_holder))
+  {
+    DBUG_PRINT("info",("spider can not add a table"));
+    goto skip_free_table_holder;
+  }
   memset(dbton_bitmap, 0, spider_bitmap_size(SPIDER_DBTON_SIZE));
   for (roop_count = 0; roop_count < (int) share->use_dbton_count; ++roop_count)
   {
@@ -1670,8 +1476,6 @@ group_by_handler *spider_create_group_by_handler(
   }
   while ((from = from->next_local))
   {
-    if (from->table->const_table)
-      continue;
     if (from->table->part_info)
     {
       partition_info *part_info = from->table->part_info;
@@ -1685,6 +1489,11 @@ group_by_handler *spider_create_group_by_handler(
     share = spider->share;
     spider->idx_for_direct_join = table_idx;
     ++table_idx;
+    if (!spider_add_table_holder(spider, table_holder))
+    {
+      DBUG_PRINT("info",("spider can not add a table"));
+      goto skip_free_table_holder;
+    }
     memset(dbton_bitmap_tmp, 0, spider_bitmap_size(SPIDER_DBTON_SIZE));
     for (roop_count = 0; roop_count < (int) share->use_dbton_count; ++roop_count)
     {
@@ -1705,8 +1514,6 @@ group_by_handler *spider_create_group_by_handler(
 
   from = query->from;
   do {
-    if (from->table->const_table)
-      continue;
     if (from->table->part_info)
     {
       partition_info *part_info = from->table->part_info;
@@ -1734,10 +1541,9 @@ group_by_handler *spider_create_group_by_handler(
       {
         fields_arg = new spider_fields();
         if (!fields_arg)
-        {
-          DBUG_RETURN(NULL);
-        }
+          goto skip_free_table_holder;
       }
+      fields_arg->set_table_holder(table_holder, table_count);
       keep_going = TRUE;
       it.init(*query->select);
       while ((item = it++))
@@ -1844,21 +1650,9 @@ group_by_handler *spider_create_group_by_handler(
     }
   }
   if (!find_dbton)
-  {
-    DBUG_RETURN(NULL);
-  }
-
-  if (fields->create_table_holder(table_idx))
-  {
-    delete fields;
-    DBUG_RETURN(NULL);
-  }
+    goto skip_free_table_holder;
 
   from = query->from;
-  while (from->table->const_table)
-  {
-    from = from->next_local;
-  }
   if (from->table->part_info)
   {
     partition_info *part_info = from->table->part_info;
@@ -1879,17 +1673,10 @@ group_by_handler *spider_create_group_by_handler(
   }
   DBUG_PRINT("info",("spider s->db=%s", from->table->s->db.str));
   DBUG_PRINT("info",("spider s->table_name=%s", from->table->s->table_name.str));
-  if (!fields->add_table(spider))
-  {
-    DBUG_PRINT("info",("spider can not add a table"));
-    delete fields;
-    DBUG_RETURN(NULL);
-  }
   if (spider->dml_init())
   {
     DBUG_PRINT("info",("spider can not init for dml"));
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
   for (
     roop_count = spider_conn_link_idx_next(share->link_statuses,
@@ -1909,8 +1696,7 @@ group_by_handler *spider_create_group_by_handler(
       DBUG_PRINT("info",("spider direct_join does not support with lock tables yet"));
       if (lock_mode)
       {
-        delete fields;
-        DBUG_RETURN(NULL);
+        goto skip_free_fields;
       }
       continue;
     }
@@ -1918,26 +1704,21 @@ group_by_handler *spider_create_group_by_handler(
       share->access_balances[spider->conn_link_idx[roop_count]]))
     {
       DBUG_PRINT("info",("spider can not create conn_holder"));
-      delete fields;
-      DBUG_RETURN(NULL);
+      goto skip_free_fields;
     }
     if (fields->add_link_idx(conn->conn_holder_for_direct_join, spider, roop_count))
     {
       DBUG_PRINT("info",("spider can not create link_idx_holder"));
-      delete fields;
-      DBUG_RETURN(NULL);
+      goto skip_free_fields;
     }
   }
   if (!fields->has_conn_holder())
   {
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
 
   while ((from = from->next_local))
   {
-    if (from->table->const_table)
-      continue;
     fields->clear_conn_holder_from_conn();
 
     if (from->table->part_info)
@@ -1951,19 +1732,12 @@ group_by_handler *spider_create_group_by_handler(
       spider = (ha_spider *) from->table->file;
     }
     share = spider->share;
-    if (!fields->add_table(spider))
-    {
-      DBUG_PRINT("info",("spider can not add a table"));
-      delete fields;
-      DBUG_RETURN(NULL);
-    }
     DBUG_PRINT("info",("spider s->db=%s", from->table->s->db.str));
     DBUG_PRINT("info",("spider s->table_name=%s", from->table->s->table_name.str));
     if (spider->dml_init())
     {
       DBUG_PRINT("info",("spider can not init for dml"));
-      delete fields;
-      DBUG_RETURN(NULL);
+      goto skip_free_fields;
     }
     for (
       roop_count = spider_conn_link_idx_next(share->link_statuses,
@@ -1982,17 +1756,13 @@ group_by_handler *spider_create_group_by_handler(
         DBUG_PRINT("info",("spider connection %p can not be used for this query with locking",
           conn));
         if (lock_mode)
-        {
-          delete fields;
-          DBUG_RETURN(NULL);
-        }
+          goto skip_free_fields;
         continue;
       }
       if (fields->add_link_idx(conn->conn_holder_for_direct_join, spider, roop_count))
       {
         DBUG_PRINT("info",("spider can not create link_idx_holder"));
-        delete fields;
-        DBUG_RETURN(NULL);
+        goto skip_free_fields;
       }
     }
 
@@ -2001,30 +1771,20 @@ group_by_handler *spider_create_group_by_handler(
       if (lock_mode)
       {
         DBUG_PRINT("info",("spider some connections can not be used for this query with locking"));
-        delete fields;
-        DBUG_RETURN(NULL);
+        goto skip_free_fields;
       }
     }
     if (!fields->has_conn_holder())
     {
-      delete fields;
-      DBUG_RETURN(NULL);
+      goto skip_free_fields;
     }
   }
 
-  if (!fields->all_query_fields_are_query_table_members())
-  {
-    DBUG_PRINT("info", ("spider found a query field that is not a query table member"));
-    delete fields;
-    DBUG_RETURN(NULL);
-  }
-
   fields->check_support_dbton(dbton_bitmap);
   if (!fields->has_conn_holder())
   {
     DBUG_PRINT("info",("spider all chosen connections can't match dbton_id"));
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
 
   /* choose a connection */
@@ -2036,16 +1796,14 @@ group_by_handler *spider_create_group_by_handler(
   if (fields->make_link_idx_chain(tgt_link_status))
   {
     DBUG_PRINT("info",("spider can not create link_idx_chain"));
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
 
   /* choose link_id */
   if (fields->check_link_ok_chain())
   {
     DBUG_PRINT("info",("spider do not have link ok status"));
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
 
   fields->set_first_link_idx();
@@ -2053,8 +1811,7 @@ group_by_handler *spider_create_group_by_handler(
   if (!(group_by_handler = new spider_group_by_handler(thd, query, fields)))
   {
     DBUG_PRINT("info",("spider can't create group_by_handler"));
-    delete fields;
-    DBUG_RETURN(NULL);
+    goto skip_free_fields;
   }
   query->distinct = FALSE;
   query->where = NULL;
@@ -2062,4 +1819,10 @@ group_by_handler *spider_create_group_by_handler(
   query->having = NULL;
   query->order_by = NULL;
   DBUG_RETURN(group_by_handler);
+
+skip_free_fields:
+  delete fields;
+skip_free_table_holder:
+  spider_free(spider_current_trx, table_holder, MYF(0));
+  DBUG_RETURN(NULL);
 }
diff --git a/storage/spider/spd_include.h b/storage/spider/spd_include.h
index 4763cd89..0f61984e 100644
--- a/storage/spider/spd_include.h
+++ b/storage/spider/spd_include.h
@@ -168,6 +168,279 @@ typedef start_new_trans *SPIDER_Open_tables_backup;
 #define SPIDER_MEM_CALC_LIST_NUM           314
 #define SPIDER_CONN_META_BUF_LEN           64
 
+/*
+  IDs for spider mem alloc functions, including
+  - spider_alloc_calc_mem_init()
+  - spider_string::init_calc_mem()
+  - spider_malloc()
+  - spider_bulk_alloc_mem()
+  - spider_bulk_malloc()
+  In the format of
+  SPD_MID_<CALLSITE_FUNC_NAME_SANS_SPIDER_PREFIX>_<NO>
+*/
+enum spider_malloc_id {
+  SPD_MID_CHECK_HS_PK_UPDATE_1,
+  SPD_MID_COPY_TABLES_BODY_1,
+  SPD_MID_COPY_TABLES_BODY_2,
+  SPD_MID_COPY_TABLES_BODY_3,
+  SPD_MID_COPY_TABLES_BODY_4,
+  SPD_MID_COPY_TABLES_BODY_5,
+  SPD_MID_CREATE_CONN_1,
+  SPD_MID_CREATE_CONN_2,
+  SPD_MID_CREATE_CONN_3,
+  SPD_MID_CREATE_CONN_4,
+  SPD_MID_CREATE_CONN_5,
+  SPD_MID_CREATE_CONN_6,
+  SPD_MID_CREATE_CONN_KEYS_1,
+  SPD_MID_CREATE_CONN_THREAD_1,
+  SPD_MID_CREATE_LONGLONG_LIST_1,
+  SPD_MID_CREATE_LONG_LIST_1,
+  SPD_MID_CREATE_MON_THREADS_1,
+  SPD_MID_CREATE_MON_THREADS_2,
+  SPD_MID_CREATE_SHARE_1,
+  SPD_MID_CREATE_SHARE_2,
+  SPD_MID_CREATE_SPIDER_OBJECT_FOR_SHARE_1,
+  SPD_MID_CREATE_SPIDER_OBJECT_FOR_SHARE_2,
+  SPD_MID_CREATE_STRING_1,
+  SPD_MID_CREATE_STRING_LIST_1,
+  SPD_MID_CREATE_TABLE_HOLDER_1,
+  SPD_MID_CREATE_TABLE_NAME_STRING_1,
+  SPD_MID_CREATE_TRX_ALTER_TABLE_1,
+  SPD_MID_CREATE_TRX_HA_1,
+  SPD_MID_DB_CONN_QUEUE_ACTION_1,
+  SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_1,
+  SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_2,
+  SPD_MID_DB_FETCH_FOR_ITEM_SUM_FUNC_3,
+  SPD_MID_DB_HANDLERSOCKET_APPEND_REQUEST_KEY_1,
+  SPD_MID_DB_HANDLERSOCKET_EXEC_QUERY_1,
+  SPD_MID_DB_HANDLERSOCKET_INIT_1,
+  SPD_MID_DB_HANDLERSOCKET_RESULT_FETCH_ROW_FROM_TMP_TABLE_1,
+  SPD_MID_DB_HANDLERSOCKET_RESULT_FETCH_ROW_FROM_TMP_TABLE_2,
+  SPD_MID_DB_HANDLERSOCKET_ROW_APPEND_ESCAPED_TO_STR_1,
+  SPD_MID_DB_HANDLERSOCKET_ROW_CLONE_1,
+  SPD_MID_DB_HANDLERSOCKET_ROW_STORE_TO_FIELD_1,
+  SPD_MID_DB_HANDLERSOCKET_UTIL_APPEND_COLUMN_VALUE_1,
+  SPD_MID_DB_HANDLERSOCKET_UTIL_OPEN_ITEM_FUNC_1,
+  SPD_MID_DB_HANDLERSOCKET_UTIL_OPEN_ITEM_FUNC_2,
+  SPD_MID_DB_HANDLERSOCKET_UTIL_OPEN_ITEM_FUNC_3,
+  SPD_MID_DB_HS_STRING_REF_BUFFER_INIT_1,
+  SPD_MID_DB_HS_STR_BUFFER_ADD_1,
+  SPD_MID_DB_HS_STR_BUFFER_ADD_2,
+  SPD_MID_DB_HS_STR_BUFFER_INIT_1,
+  SPD_MID_DB_INIT_1,
+  SPD_MID_DB_INIT_10,
+  SPD_MID_DB_INIT_11,
+  SPD_MID_DB_INIT_12,
+  SPD_MID_DB_INIT_2,
+  SPD_MID_DB_INIT_3,
+  SPD_MID_DB_INIT_4,
+  SPD_MID_DB_INIT_5,
+  SPD_MID_DB_INIT_6,
+  SPD_MID_DB_INIT_7,
+  SPD_MID_DB_INIT_8,
+  SPD_MID_DB_INIT_9,
+  SPD_MID_DB_MARIADB_UTIL_APPEND_COLUMN_VALUE_1,
+  SPD_MID_DB_MARIADB_UTIL_APPEND_COLUMN_VALUE_2,
+  SPD_MID_DB_MBASE_EXEC_QUERY_1,
+  SPD_MID_DB_MBASE_EXEC_QUERY_2,
+  SPD_MID_DB_MBASE_INIT_1,
+  SPD_MID_DB_MBASE_INIT_2,
+  SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_1,
+  SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_2,
+  SPD_MID_DB_MBASE_RESULT_FETCH_ROW_FROM_TMP_TABLE_3,
+  SPD_MID_DB_MBASE_ROW_APPEND_ESCAPED_TO_STR_1,
+  SPD_MID_DB_MBASE_ROW_CLONE_1,
+  SPD_MID_DB_MBASE_SET_LOOP_CHECK_1,
+  SPD_MID_DB_MBASE_SET_SQL_MODE_1,
+  SPD_MID_DB_MBASE_SET_TIME_ZONE_1,
+  SPD_MID_DB_MBASE_SET_WAIT_TIMEOUT_1,
+  SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_1,
+  SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_2,
+  SPD_MID_DB_MBASE_UTIL_PRINT_ITEM_FUNC_3,
+  SPD_MID_DB_MBASE_XA_COMMIT_1,
+  SPD_MID_DB_MBASE_XA_END_1,
+  SPD_MID_DB_MBASE_XA_PREPARE_1,
+  SPD_MID_DB_MBASE_XA_ROLLBACK_1,
+  SPD_MID_DB_MYSQL_UTIL_APPEND_COLUMN_VALUE_1,
+  SPD_MID_DB_MYSQL_UTIL_APPEND_COLUMN_VALUE_2,
+  SPD_MID_DB_OPEN_ITEM_INT_1,
+  SPD_MID_DB_OPEN_ITEM_STRING_1,
+  SPD_MID_DB_ORACLE_EXEC_QUERY_1,
+  SPD_MID_DB_ORACLE_GET_ERROR_1,
+  SPD_MID_DB_ORACLE_INIT_1,
+  SPD_MID_DB_ORACLE_INIT_2,
+  SPD_MID_DB_ORACLE_RESULT_FETCH_ROW_FROM_TMP_TABLE_1,
+  SPD_MID_DB_ORACLE_RESULT_FETCH_ROW_FROM_TMP_TABLE_2,
+  SPD_MID_DB_ORACLE_RESULT_FETCH_ROW_FROM_TMP_TABLE_3,
+  SPD_MID_DB_ORACLE_ROW_APPEND_ESCAPED_TO_STR_1,
+  SPD_MID_DB_ORACLE_ROW_INIT_1,
+  SPD_MID_DB_ORACLE_ROW_INIT_2,
+  SPD_MID_DB_ORACLE_UTIL_APPEND_COLUMN_VALUE_1,
+  SPD_MID_DB_ORACLE_UTIL_APPEND_COLUMN_VALUE_2,
+  SPD_MID_DB_ORACLE_UTIL_OPEN_ITEM_FUNC_1,
+  SPD_MID_DB_ORACLE_UTIL_OPEN_ITEM_FUNC_2,
+  SPD_MID_DB_ORACLE_UTIL_OPEN_ITEM_FUNC_3,
+  SPD_MID_DB_QUERY_1,
+  SPD_MID_DB_STORE_RESULT_1,
+  SPD_MID_DB_STORE_RESULT_2,
+  SPD_MID_DB_STORE_RESULT_3,
+  SPD_MID_DB_STORE_RESULT_4,
+  SPD_MID_DB_STORE_RESULT_5,
+  SPD_MID_DB_STORE_RESULT_FOR_REUSE_CURSOR_1,
+  SPD_MID_DB_UDF_COPY_TABLES_1,
+  SPD_MID_DB_UDF_PING_TABLE_1,
+  SPD_MID_DB_UDF_PING_TABLE_2,
+  SPD_MID_DB_UDF_PING_TABLE_APPEND_MON_NEXT_1,
+  SPD_MID_DB_UDF_PING_TABLE_APPEND_MON_NEXT_2,
+  SPD_MID_DB_UDF_PING_TABLE_MON_NEXT_1,
+  SPD_MID_DIRECT_SQL_BODY_1,
+  SPD_MID_DIRECT_SQL_INIT_BODY_1,
+  SPD_MID_DISCOVER_TABLE_STRUCTURE_1,
+  SPD_MID_FIELDS_CREATE_CONN_HOLDER_1,
+  SPD_MID_FIELDS_CREATE_LINK_IDX_CHAIN_1,
+  SPD_MID_FIELDS_CREATE_LINK_IDX_HOLDER_1,
+  SPD_MID_GET_INIT_ERROR_TABLE_1,
+  SPD_MID_GET_LGTM_TBLHND_SHARE_1,
+  SPD_MID_GET_PING_TABLE_MON_1,
+  SPD_MID_GET_PING_TABLE_TGT_1,
+  SPD_MID_GET_PT_SHARE_1,
+  SPD_MID_GET_PT_SHARE_2,
+  SPD_MID_GET_SHARE_1,
+  SPD_MID_GET_SHARE_2,
+  SPD_MID_GET_TRX_1,
+  SPD_MID_GET_TRX_10,
+  SPD_MID_GET_TRX_2,
+  SPD_MID_GET_TRX_3,
+  SPD_MID_GET_TRX_4,
+  SPD_MID_GET_TRX_5,
+  SPD_MID_GET_TRX_6,
+  SPD_MID_GET_TRX_7,
+  SPD_MID_GET_TRX_8,
+  SPD_MID_GET_TRX_9,
+  SPD_MID_HANDLERSOCKET_HANDLER_INIT_1,
+  SPD_MID_HANDLERSOCKET_HANDLER_INIT_2,
+  SPD_MID_HANDLERSOCKET_HANDLER_SPIDER_HANDLERSOCKET_HANDLER_1,
+  SPD_MID_HANDLERSOCKET_SHARE_CREATE_COLUMN_NAME_STR_1,
+  SPD_MID_HANDLERSOCKET_SHARE_CREATE_TABLE_NAMES_STR_1,
+  SPD_MID_HANDLERSOCKET_SHARE_CREATE_TABLE_NAMES_STR_2,
+  SPD_MID_HANDLERSOCKET_SHARE_CREATE_TABLE_NAMES_STR_3,
+  SPD_MID_HANDLERSOCKET_SHARE_INIT_1,
+  SPD_MID_HANDLERSOCKET_SHARE_SPIDER_HANDLERSOCKET_SHARE_1,
+  SPD_MID_HA_SPIDER_COND_PUSH_1,
+  SPD_MID_HA_SPIDER_CREATE_1,
+  SPD_MID_HA_SPIDER_CREATE_2,
+  SPD_MID_HA_SPIDER_CREATE_BULK_ACCESS_LINK_1,
+  SPD_MID_HA_SPIDER_FT_INIT_EXT_1,
+  SPD_MID_HA_SPIDER_HA_SPIDER_1,
+  SPD_MID_HA_SPIDER_HA_SPIDER_2,
+  SPD_MID_HA_SPIDER_INFO_PUSH_1,
+  SPD_MID_HA_SPIDER_MULTI_RANGE_READ_NEXT_FIRST_1,
+  SPD_MID_HA_SPIDER_MULTI_RANGE_READ_NEXT_FIRST_2,
+  SPD_MID_HA_SPIDER_MULTI_RANGE_READ_NEXT_FIRST_3,
+  SPD_MID_HA_SPIDER_OPEN_1,
+  SPD_MID_HA_SPIDER_OPEN_2,
+  SPD_MID_HA_SPIDER_OPEN_3,
+  SPD_MID_HA_SPIDER_OPEN_4,
+  SPD_MID_HA_SPIDER_OPEN_5,
+  SPD_MID_HA_SPIDER_OPEN_6,
+  SPD_MID_HA_SPIDER_OPEN_7,
+  SPD_MID_INCREASE_LONGLONG_LIST_1,
+  SPD_MID_INCREASE_LONG_LIST_1,
+  SPD_MID_INCREASE_NULL_STRING_LIST_1,
+  SPD_MID_INCREASE_STRING_LIST_1,
+  SPD_MID_MBASE_COPY_TABLE_INIT_1,
+  SPD_MID_MBASE_HANDLER_APPEND_KEY_COLUMN_TYPES_1,
+  SPD_MID_MBASE_HANDLER_APPEND_MATCH_AGAINST_1,
+  SPD_MID_MBASE_HANDLER_APPEND_TMP_TABLE_AND_SQL_FOR_BKA_1,
+  SPD_MID_MBASE_HANDLER_APPEND_UNION_TABLE_AND_SQL_FOR_BKA_1,
+  SPD_MID_MBASE_HANDLER_INIT_1,
+  SPD_MID_MBASE_HANDLER_INIT_2,
+  SPD_MID_MBASE_HANDLER_INIT_3,
+  SPD_MID_MBASE_HANDLER_INIT_4,
+  SPD_MID_MBASE_HANDLER_INIT_5,
+  SPD_MID_MBASE_HANDLER_INIT_6,
+  SPD_MID_MBASE_HANDLER_INIT_7,
+  SPD_MID_MBASE_HANDLER_INIT_8,
+  SPD_MID_MBASE_HANDLER_INIT_9,
+  SPD_MID_MBASE_HANDLER_INIT_UNION_TABLE_NAME_POS_1,
+  SPD_MID_MBASE_HANDLER_SET_SQL_FOR_EXEC_1,
+  SPD_MID_MBASE_HANDLER_SET_UNION_TABLE_NAME_POS_1,
+  SPD_MID_MBASE_HANDLER_SPIDER_MBASE_HANDLER_1,
+  SPD_MID_MBASE_SHARE_APPEND_SHOW_INDEX_1,
+  SPD_MID_MBASE_SHARE_APPEND_SHOW_INDEX_2,
+  SPD_MID_MBASE_SHARE_APPEND_SHOW_RECORDS_1,
+  SPD_MID_MBASE_SHARE_APPEND_SHOW_TABLE_STATUS_1,
+  SPD_MID_MBASE_SHARE_APPEND_SHOW_TABLE_STATUS_2,
+  SPD_MID_MBASE_SHARE_CREATE_COLUMN_NAME_STR_1,
+  SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_1,
+  SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_2,
+  SPD_MID_MBASE_SHARE_CREATE_TABLE_NAMES_STR_3,
+  SPD_MID_MBASE_SHARE_DISCOVER_TABLE_STRUCTURE_1,
+  SPD_MID_MBASE_SHARE_INIT_1,
+  SPD_MID_MBASE_SHARE_INIT_2,
+  SPD_MID_MBASE_SHARE_INIT_3,
+  SPD_MID_MBASE_SHARE_INIT_4,
+  SPD_MID_MBASE_SHARE_SPIDER_MBASE_SHARE_1,
+  SPD_MID_OPEN_ALL_TABLES_1,
+  SPD_MID_OPEN_SYS_TABLE_1,
+  SPD_MID_ORACLE_COPY_TABLE_COPY_ROWS_1,
+  SPD_MID_ORACLE_COPY_TABLE_COPY_ROWS_2,
+  SPD_MID_ORACLE_COPY_TABLE_COPY_ROWS_3,
+  SPD_MID_ORACLE_COPY_TABLE_COPY_ROWS_4,
+  SPD_MID_ORACLE_COPY_TABLE_INIT_1,
+  SPD_MID_ORACLE_COPY_TABLE_INIT_2,
+  SPD_MID_ORACLE_HANDLER_APPEND_KEY_COLUMN_TYPES_1,
+  SPD_MID_ORACLE_HANDLER_APPEND_MATCH_AGAINST_1,
+  SPD_MID_ORACLE_HANDLER_APPEND_TMP_TABLE_AND_SQL_FOR_BKA_1,
+  SPD_MID_ORACLE_HANDLER_APPEND_UNION_TABLE_AND_SQL_FOR_BKA_1,
+  SPD_MID_ORACLE_HANDLER_INIT_1,
+  SPD_MID_ORACLE_HANDLER_INIT_2,
+  SPD_MID_ORACLE_HANDLER_INIT_3,
+  SPD_MID_ORACLE_HANDLER_INIT_4,
+  SPD_MID_ORACLE_HANDLER_INIT_5,
+  SPD_MID_ORACLE_HANDLER_INIT_6,
+  SPD_MID_ORACLE_HANDLER_INIT_7,
+  SPD_MID_ORACLE_HANDLER_INIT_8,
+  SPD_MID_ORACLE_HANDLER_INIT_9,
+  SPD_MID_ORACLE_HANDLER_INIT_UNION_TABLE_NAME_POS_1,
+  SPD_MID_ORACLE_HANDLER_SET_SQL_FOR_EXEC_1,
+  SPD_MID_ORACLE_HANDLER_SET_UNION_TABLE_NAME_POS_1,
+  SPD_MID_ORACLE_HANDLER_SPIDER_ORACLE_HANDLER_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_AUTOINC_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_INDEX_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_INDEX_2,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_LAST_INSERT_ID_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_LAST_INSERT_ID_2,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_RECORDS_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_TABLE_STATUS_1,
+  SPD_MID_ORACLE_SHARE_APPEND_SHOW_TABLE_STATUS_2,
+  SPD_MID_ORACLE_SHARE_CREATE_COLUMN_NAME_STR_1,
+  SPD_MID_ORACLE_SHARE_CREATE_TABLE_NAMES_STR_1,
+  SPD_MID_ORACLE_SHARE_CREATE_TABLE_NAMES_STR_2,
+  SPD_MID_ORACLE_SHARE_CREATE_TABLE_NAMES_STR_3,
+  SPD_MID_ORACLE_SHARE_INIT_1,
+  SPD_MID_ORACLE_SHARE_INIT_2,
+  SPD_MID_ORACLE_SHARE_INIT_3,
+  SPD_MID_ORACLE_SHARE_INIT_4,
+  SPD_MID_ORACLE_SHARE_SPIDER_ORACLE_SHARE_1,
+  SPD_MID_PARSE_CONNECT_INFO_1,
+  SPD_MID_PING_TABLE_BODY_1,
+  SPD_MID_PING_TABLE_BODY_2,
+  SPD_MID_PING_TABLE_INIT_BODY_1,
+  SPD_MID_PING_TABLE_MON_FROM_TABLE_1,
+  SPD_MID_RELEASE_PING_TABLE_MON_LIST_1,
+  SPD_MID_TRX_ANOTHER_LOCK_TABLES_1,
+  SPD_MID_UDF_COPY_TABLES_CREATE_TABLE_LIST_1,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_1,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_2,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_3,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_4,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_CONN_KEY_1,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_TABLE_LIST_1,
+  SPD_MID_UDF_DIRECT_SQL_CREATE_TABLE_LIST_2,
+  SPD_MID_UDF_GET_COPY_TGT_TABLES_1
+};
+
 #define SPIDER_BACKUP_DASTATUS \
   bool da_status; if (thd) da_status = thd->is_error(); else da_status = FALSE;
 #define SPIDER_RESTORE_DASTATUS \
@@ -518,7 +791,6 @@ typedef struct st_spider_conn
   SPIDER_CONN_LOOP_CHECK *loop_check_ignored_first;
   SPIDER_CONN_LOOP_CHECK *loop_check_ignored_last;
   SPIDER_CONN_LOOP_CHECK *loop_check_meraged_first;
-  SPIDER_CONN_LOOP_CHECK *loop_check_meraged_last;
 } SPIDER_CONN;
 
 typedef struct st_spider_lgtm_tblhnd_share
@@ -934,6 +1206,7 @@ typedef struct st_spider_share
   uint               *tgt_pk_names_lengths;
   uint               *tgt_sequence_names_lengths;
   uint               *conn_keys_lengths;
+  /* The index in `spider_dbton' of each data node link. */
   uint               *sql_dbton_ids;
 
   uint               server_names_charlen;
@@ -1003,10 +1276,16 @@ typedef struct st_spider_share
   uchar              dbton_bitmap[spider_bitmap_size(SPIDER_DBTON_SIZE)];
   spider_db_share    *dbton_share[SPIDER_DBTON_SIZE];
   uint               use_dbton_count;
+  /* Actual size is `use_dbton_count'. Values are the indices of item
+  in `spider_dbton'. */
   uint               use_dbton_ids[SPIDER_DBTON_SIZE];
+  /* Inverse map of `use_dbton_ids'. */
   uint               dbton_id_to_seq[SPIDER_DBTON_SIZE];
   uint               use_sql_dbton_count;
+  /* Actual size is `use_sql_dbton_count'. Values are the indices of
+  item in `spider_dbton'. */
   uint               use_sql_dbton_ids[SPIDER_DBTON_SIZE];
+  /* Inverse map of `use_sql_dbton_ids'. */
   uint               sql_dbton_id_to_seq[SPIDER_DBTON_SIZE];
 
   SPIDER_ALTER_TABLE alter_table;
diff --git a/storage/spider/spd_init_query.h b/storage/spider/spd_init_query.h
index fdf6b22f..35a250c7 100644
--- a/storage/spider/spd_init_query.h
+++ b/storage/spider/spd_init_query.h
@@ -21,6 +21,9 @@
 
 static LEX_STRING spider_init_queries[] = {
   {C_STRING_WITH_LEN(
+    "SET @@SQL_MODE = REPLACE(@@SQL_MODE, 'ORACLE', '');"
+  )},
+  {C_STRING_WITH_LEN(
     "create table if not exists mysql.spider_xa("
     "  format_id int not null default 0,"
     "  gtrid_length int not null default 0,"
@@ -694,6 +697,46 @@ static LEX_STRING spider_init_queries[] = {
     "  algorithm=copy, lock=shared;"
   )},
   {C_STRING_WITH_LEN(
+    "alter table mysql.spider_link_mon_servers"
+    "  add column if not exists filedsn text default null after dsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_tables"
+    "  add column if not exists filedsn text default null after dsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_xa_failed_log"
+    "  add column if not exists filedsn text default null after dsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_xa_member"
+    "  add column if not exists filedsn text default null after dsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_link_mon_servers"
+    "  add column if not exists driver char(64) default null after filedsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_tables"
+    "  add column if not exists driver char(64) default null after filedsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_xa_failed_log"
+    "  add column if not exists driver char(64) default null after filedsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
+    "alter table mysql.spider_xa_member"
+    "  add column if not exists driver char(64) default null after filedsn,"
+    "  algorithm=copy, lock=shared;"
+  )},
+  {C_STRING_WITH_LEN(
     "set @win_plugin := IF(@@version_compile_os like 'Win%', 1, 0);"
   )},
   /* Install UDFs. If udf is not initialised, then install by
diff --git a/storage/spider/spd_param.cc b/storage/spider/spd_param.cc
index 2328cce7..d86e8532 100644
--- a/storage/spider/spd_param.cc
+++ b/storage/spider/spd_param.cc
@@ -109,59 +109,61 @@ extern volatile ulonglong spider_mon_table_cache_version_req;
       MYSQL_SYSVAR_NAME(param_name).def_val;                            \
   }
 
-static int spider_direct_update(THD *thd, SHOW_VAR *var, char *buff)
+extern handlerton *spider_hton_ptr;
+static void spider_trx_status_var(THD *thd, SHOW_VAR *var, void *buff,
+                                 ulonglong SPIDER_TRX::*counter)
 {
-  int error_num = 0;
-  SPIDER_TRX *trx;
   DBUG_ENTER("spider_direct_update");
   var->type = SHOW_LONGLONG;
-  if ((trx = spider_get_trx(thd, TRUE, &error_num)))
-    var->value = (char *) &trx->direct_update_count;
-  DBUG_RETURN(error_num);
+  var->value= buff;
+  if (thd != current_thd)
+    mysql_mutex_lock(&thd->LOCK_thd_data);
+  SPIDER_TRX *trx = (SPIDER_TRX*)thd_get_ha_data(thd, spider_hton_ptr);
+  *(ulonglong*)buff= trx ? trx->*counter : 0;
+  if (thd != current_thd)
+    mysql_mutex_unlock(&thd->LOCK_thd_data);
+  DBUG_VOID_RETURN;
 }
 
-static int spider_direct_delete(THD *thd, SHOW_VAR *var, char *buff)
+
+static int spider_direct_update(THD *thd, SHOW_VAR *var, void *buff,
+                                system_status_var *, enum_var_type)
+{
+  DBUG_ENTER("spider_direct_update");
+  spider_trx_status_var(thd, var, buff, &SPIDER_TRX::direct_update_count);
+  DBUG_RETURN(0);
+}
+
+static int spider_direct_delete(THD *thd, SHOW_VAR *var, void *buff,
+                                system_status_var *, enum_var_type)
 {
-  int error_num = 0;
-  SPIDER_TRX *trx;
   DBUG_ENTER("spider_direct_delete");
-  var->type = SHOW_LONGLONG;
-  if ((trx = spider_get_trx(thd, TRUE, &error_num)))
-    var->value = (char *) &trx->direct_delete_count;
-  DBUG_RETURN(error_num);
+  spider_trx_status_var(thd, var, buff, &SPIDER_TRX::direct_delete_count);
+  DBUG_RETURN(0);
 }
 
-static int spider_direct_order_limit(THD *thd, SHOW_VAR *var, char *buff)
+static int spider_direct_order_limit(THD *thd, SHOW_VAR *var, void *buff,
+                                     system_status_var *, enum_var_type)
 {
-  int error_num = 0;
-  SPIDER_TRX *trx;
   DBUG_ENTER("spider_direct_order_limit");
-  var->type = SHOW_LONGLONG;
-  if ((trx = spider_get_trx(thd, TRUE, &error_num)))
-    var->value = (char *) &trx->direct_order_limit_count;
-  DBUG_RETURN(error_num);
+  spider_trx_status_var(thd, var, buff, &SPIDER_TRX::direct_order_limit_count);
+  DBUG_RETURN(0);
 }
 
-static int spider_direct_aggregate(THD *thd, SHOW_VAR *var, char *buff)
+static int spider_direct_aggregate(THD *thd, SHOW_VAR *var, void *buff,
+                                   system_status_var *, enum_var_type)
 {
-  int error_num = 0;
-  SPIDER_TRX *trx;
   DBUG_ENTER("spider_direct_aggregate");
-  var->type = SHOW_LONGLONG;
-  if ((trx = spider_get_trx(thd, TRUE, &error_num)))
-    var->value = (char *) &trx->direct_aggregate_count;
-  DBUG_RETURN(error_num);
+  spider_trx_status_var(thd, var, buff, &SPIDER_TRX::direct_aggregate_count);
+  DBUG_RETURN(0);
 }
 
-static int spider_parallel_search(THD *thd, SHOW_VAR *var, char *buff)
+static int spider_parallel_search(THD *thd, SHOW_VAR *var, void *buff,
+                                  system_status_var *, enum_var_type)
 {
-  int error_num = 0;
-  SPIDER_TRX *trx;
   DBUG_ENTER("spider_parallel_search");
-  var->type = SHOW_LONGLONG;
-  if ((trx = spider_get_trx(thd, TRUE, &error_num)))
-    var->value = (char *) &trx->parallel_search_count;
-  DBUG_RETURN(error_num);
+  spider_trx_status_var(thd, var, buff, &SPIDER_TRX::parallel_search_count);
+  DBUG_RETURN(0);
 }
 
 struct st_mysql_show_var spider_status_variables[] =
@@ -2217,7 +2219,7 @@ static MYSQL_SYSVAR_UINT(
   "Static thread count of table sts",
   NULL,
   NULL,
-  10,
+  1,
   1,
   4294967295U,
   0
@@ -2236,7 +2238,7 @@ static MYSQL_SYSVAR_UINT(
   "Static thread count of table crd",
   NULL,
   NULL,
-  10,
+  1,
   1,
   4294967295U,
   0
diff --git a/storage/spider/spd_ping_table.cc b/storage/spider/spd_ping_table.cc
index b331a9fe..722b4cca 100644
--- a/storage/spider/spd_ping_table.cc
+++ b/storage/spider/spd_ping_table.cc
@@ -219,7 +219,7 @@ int spider_release_ping_table_mon_list(
   }
   spider_string conv_name_str(buf, conv_name_length + link_idx_str_length + 1,
     system_charset_info);
-  conv_name_str.init_calc_mem(134);
+  conv_name_str.init_calc_mem(SPD_MID_RELEASE_PING_TABLE_MON_LIST_1);
   conv_name_str.length(0);
   conv_name_str.q_append(conv_name, conv_name_length);
   conv_name_str.q_append(link_idx_str, link_idx_str_length);
@@ -325,7 +325,7 @@ create_table_mon:
 
   do {
     if (!(table_mon = (SPIDER_TABLE_MON *)
-      spider_bulk_malloc(spider_current_trx, 35, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_GET_PING_TABLE_MON_1, MYF(MY_WME | MY_ZEROFILL),
         &table_mon, (uint) (sizeof(SPIDER_TABLE_MON)),
         &tmp_share, (uint) (sizeof(SPIDER_SHARE)),
         &tmp_connect_info,
@@ -446,7 +446,7 @@ SPIDER_TABLE_MON_LIST *spider_get_ping_table_tgt(
 
   SPD_INIT_ALLOC_ROOT(&mem_root, 4096, 0, MYF(MY_WME));
   if (!(table_mon_list = (SPIDER_TABLE_MON_LIST *)
-    spider_bulk_malloc(spider_current_trx, 36, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_GET_PING_TABLE_TGT_1, MYF(MY_WME | MY_ZEROFILL),
       &table_mon_list, (uint) (sizeof(SPIDER_TABLE_MON_LIST)),
       &tmp_share, (uint) (sizeof(SPIDER_SHARE)),
       &tmp_connect_info,
@@ -1024,8 +1024,8 @@ long long spider_ping_table_body(
   int static_link_id_length = 0;
   bool get_lock = FALSE, status_changed_to_ng = FALSE;
   DBUG_ENTER("spider_ping_table_body");
-  conv_name.init_calc_mem(135);
-  tmp_str.init_calc_mem(247);
+  conv_name.init_calc_mem(SPD_MID_PING_TABLE_BODY_1);
+  tmp_str.init_calc_mem(SPD_MID_PING_TABLE_BODY_2);
   conv_name.length(0);
   server_id = global_system_variables.server_id;
   if (
@@ -1463,7 +1463,7 @@ my_bool spider_ping_table_init_body(
   }
 
   if (!(mon_table_result = (SPIDER_MON_TABLE_RESULT *)
-    spider_malloc(spider_current_trx, 11, sizeof(SPIDER_MON_TABLE_RESULT),
+    spider_malloc(spider_current_trx, SPD_MID_PING_TABLE_INIT_BODY_1, sizeof(SPIDER_MON_TABLE_RESULT),
       MYF(MY_WME | MY_ZEROFILL)))
   ) {
     strcpy(message, "spider_ping_table() out of memory");
@@ -1606,7 +1606,7 @@ int spider_ping_table_mon_from_table(
   buf[conv_name_length + link_idx_str_length] = '\0';
   spider_string conv_name_str(buf, conv_name_length + link_idx_str_length + 1,
     system_charset_info);
-  conv_name_str.init_calc_mem(136);
+  conv_name_str.init_calc_mem(SPD_MID_PING_TABLE_MON_FROM_TABLE_1);
   conv_name_str.length(0);
   conv_name_str.q_append(conv_name, conv_name_length);
   conv_name_str.q_append(link_idx_str, link_idx_str_length + 1);
diff --git a/storage/spider/spd_sys_table.cc b/storage/spider/spd_sys_table.cc
index a0cf104d..912e02a7 100644
--- a/storage/spider/spd_sys_table.cc
+++ b/storage/spider/spd_sys_table.cc
@@ -325,38 +325,6 @@ TABLE *spider_open_sys_table(
         }
         break;
       }
-      if (!memcmp(table_name, SPIDER_SYS_TABLE_STS_TABLE_NAME_STR,
-        SPIDER_SYS_TABLE_STS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_TABLE_STS"));
-        if (table->s->fields != SPIDER_SYS_TABLE_STS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_TABLE_STS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
-      if (!memcmp(table_name, SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR,
-        SPIDER_SYS_TABLE_CRD_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_TABLE_CRD"));
-        if (table->s->fields != SPIDER_SYS_TABLE_CRD_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
       DBUG_ASSERT(0);
       break;
     case 20:
@@ -378,24 +346,6 @@ TABLE *spider_open_sys_table(
       }
       DBUG_ASSERT(0);
       break;
-    case 21:
-      if (!memcmp(table_name, SPIDER_SYS_RW_TBLS_TABLE_NAME_STR,
-        SPIDER_SYS_RW_TBLS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_RW_TBLS"));
-        if (table->s->fields != SPIDER_SYS_RW_TBLS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_RW_TBLS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-      }
-      DBUG_ASSERT(0);
-      break;
     case 22:
       if (!memcmp(table_name, SPIDER_SYS_LINK_FAILED_TABLE_NAME_STR,
         SPIDER_SYS_LINK_FAILED_TABLE_NAME_LEN))
@@ -432,60 +382,6 @@ TABLE *spider_open_sys_table(
         }
         break;
       }
-      if (!memcmp(table_name, SPIDER_SYS_RWN_TBLS_TABLE_NAME_STR,
-        SPIDER_SYS_RWN_TBLS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_RWN_TBLS"));
-        if (table->s->fields != SPIDER_SYS_RWN_TBLS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_RWN_TBLS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
-      DBUG_ASSERT(0);
-      break;
-    case 27:
-      if (!memcmp(table_name, SPIDER_SYS_RW_TBL_TBLS_TABLE_NAME_STR,
-        SPIDER_SYS_RW_TBL_TBLS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_RW_TBL_TBLS"));
-        if (table->s->fields != SPIDER_SYS_RW_TBL_TBLS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_RW_TBL_TBLS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
-      DBUG_ASSERT(0);
-      break;
-    case 31:
-      if (!memcmp(table_name, SPIDER_SYS_RW_TBL_PTTS_TABLE_NAME_STR,
-        SPIDER_SYS_RW_TBL_PTTS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_RW_TBL_PTTS"));
-        if (table->s->fields != SPIDER_SYS_RW_TBL_PTTS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_RW_TBL_PTTS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
       DBUG_ASSERT(0);
       break;
     case 34:
@@ -505,22 +401,6 @@ TABLE *spider_open_sys_table(
         }
         break;
       }
-      if (!memcmp(table_name, SPIDER_SYS_RW_TBL_SPTTS_TABLE_NAME_STR,
-        SPIDER_SYS_RW_TBL_SPTTS_TABLE_NAME_LEN))
-      {
-        DBUG_PRINT("info",("spider checking for SYS_RW_TBL_SPTTS"));
-        if (table->s->fields != SPIDER_SYS_RW_TBL_SPTTS_COL_CNT)
-        {
-          spider_close_sys_table(thd, table, open_tables_backup, need_lock);
-          table = NULL;
-          my_printf_error(ER_SPIDER_SYS_TABLE_VERSION_NUM,
-            ER_SPIDER_SYS_TABLE_VERSION_STR, MYF(0),
-            SPIDER_SYS_RW_TBL_SPTTS_TABLE_NAME_STR);
-          *error_num = ER_SPIDER_SYS_TABLE_VERSION_NUM;
-          goto error_col_num_chk;
-        }
-        break;
-      }
       DBUG_ASSERT(0);
       break;
     default:
@@ -1455,52 +1335,6 @@ void spider_store_binlog_pos_gtid(
   DBUG_VOID_RETURN;
 }
 
-void spider_store_table_sts_info(
-  TABLE *table,
-  ha_statistics *stat
-) {
-  MYSQL_TIME mysql_time;
-  DBUG_ENTER("spider_store_table_sts_info");
-  table->field[SPIDER_TABLE_STS_DATA_FILE_LENGTH_POS]->store(
-    (longlong) stat->data_file_length, TRUE);
-  table->field[SPIDER_TABLE_STS_MAX_DATA_FILE_LENGTH_POS]->store(
-    (longlong) stat->max_data_file_length, TRUE);
-  table->field[SPIDER_TABLE_STS_INDEX_FILE_LENGTH_POS]->store(
-    (longlong) stat->index_file_length, TRUE);
-  table->field[SPIDER_TABLE_STS_RECORDS_POS]->store(
-    (longlong) stat->records, TRUE);
-  table->field[SPIDER_TABLE_STS_MEAN_REC_LENGTH_POS]->store(
-    (longlong) stat->mean_rec_length, TRUE);
-  spd_tz_system->gmt_sec_to_TIME(&mysql_time, (my_time_t) stat->check_time);
-  table->field[SPIDER_TABLE_STS_CHECK_TIME_POS]->store_time(&mysql_time);
-  spd_tz_system->gmt_sec_to_TIME(&mysql_time, (my_time_t) stat->create_time);
-  table->field[SPIDER_TABLE_STS_CREATE_TIME_POS]->store_time(&mysql_time);
-  spd_tz_system->gmt_sec_to_TIME(&mysql_time, (my_time_t) stat->update_time);
-  table->field[SPIDER_TABLE_STS_UPDATE_TIME_POS]->store_time(&mysql_time);
-  if (stat->checksum_null)
-  {
-    table->field[SPIDER_TABLE_STS_CHECKSUM_POS]->set_null();
-    table->field[SPIDER_TABLE_STS_CHECKSUM_POS]->reset();
-  } else {
-    table->field[SPIDER_TABLE_STS_CHECKSUM_POS]->set_notnull();
-    table->field[SPIDER_TABLE_STS_CHECKSUM_POS]->store(
-      (longlong) stat->checksum, TRUE);
-  }
-  DBUG_VOID_RETURN;
-}
-
-void spider_store_table_crd_info(
-  TABLE *table,
-  uint *seq,
-  longlong *cardinality
-) {
-  DBUG_ENTER("spider_store_table_crd_info");
-  table->field[SPIDER_TABLE_CRD_KEY_SEQ_POS]->store((longlong) *seq, TRUE);
-  table->field[SPIDER_TABLE_CRD_CARDINALITY_POS]->store(
-    (longlong) *cardinality, FALSE);
-  DBUG_VOID_RETURN;
-}
-
 int spider_insert_xa(
   TABLE *table,
   XID *xid,
@@ -1607,83 +1441,6 @@ int spider_insert_sys_table(
   DBUG_RETURN(error_num);
 }
 
-int spider_insert_or_update_table_sts(
-  TABLE *table,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat
-) {
-  int error_num;
-  char table_key[MAX_KEY_LENGTH];
-  DBUG_ENTER("spider_insert_or_update_table_sts");
-  table->use_all_columns();
-  spider_store_tables_name(table, name, name_length);
-  spider_store_table_sts_info(
-    table,
-    stat
-  );
-
-  if ((error_num = spider_check_sys_table_for_update_all_columns(table, table_key)))
-  {
-    if (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-    {
-      table->file->print_error(error_num, MYF(0));
-      DBUG_RETURN(error_num);
-    }
-    if ((error_num = spider_write_sys_table_row(table)))
-    {
-      DBUG_RETURN(error_num);
-    }
-  } else {
-    if ((error_num = spider_update_sys_table_row(table, FALSE)))
-    {
-      table->file->print_error(error_num, MYF(0));
-      DBUG_RETURN(error_num);
-    }
-  }
-
-  DBUG_RETURN(0);
-}
-
-int spider_insert_or_update_table_crd(
-  TABLE *table,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys
-) {
-  int error_num;
-  uint roop_count;
-  char table_key[MAX_KEY_LENGTH];
-  DBUG_ENTER("spider_insert_or_update_table_crd");
-  table->use_all_columns();
-  spider_store_tables_name(table, name, name_length);
-
-  for (roop_count = 0; roop_count < number_of_keys; ++roop_count)
-  {
-    spider_store_table_crd_info(table, &roop_count, &cardinality[roop_count]);
-    if ((error_num = spider_check_sys_table_for_update_all_columns(table, table_key)))
-    {
-      if (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-      {
-        table->file->print_error(error_num, MYF(0));
-        DBUG_RETURN(error_num);
-      }
-      if ((error_num = spider_write_sys_table_row(table)))
-      {
-        DBUG_RETURN(error_num);
-      }
-    } else {
-      if ((error_num = spider_update_sys_table_row(table, FALSE)))
-      {
-        table->file->print_error(error_num, MYF(0));
-        DBUG_RETURN(error_num);
-      }
-    }
-  }
-  DBUG_RETURN(0);
-}
-
 int spider_log_tables_link_failed(
   TABLE *table,
   char *name,
@@ -2009,6 +1766,16 @@ int spider_delete_xa_member(
   DBUG_RETURN(0);
 }
 
+/**
+  Delete a Spider table from mysql.spider_tables.
+
+  @param  table           The table mysql.spider_tables
+  @param  name            The name of the Spider table to delete
+  @param  old_link_count  The number of links in the deleted table
+
+  @retval 0               Success
+  @retval nonzero         Failure
+*/
 int spider_delete_tables(
   TABLE *table,
   const char *name,
@@ -2024,10 +1791,20 @@ int spider_delete_tables(
   {
     spider_store_tables_link_idx(table, roop_count);
     if ((error_num = spider_check_sys_table(table, table_key)))
-      break;
+    {
+      /* There's a problem with finding the first record for the
+      spider table, likely because it does not exist. Fail */
+      if (roop_count == 0)
+        DBUG_RETURN(error_num);
+      /* At least one row has been deleted for the Spider table.
+      Success */
+      else
+        break;
+    }
     else {
       if ((error_num = spider_delete_sys_table_row(table)))
       {
+        /* There's a problem deleting the row. Fail */
         DBUG_RETURN(error_num);
       }
     }
@@ -2728,64 +2505,6 @@ int spider_get_sys_tables_static_link_id(
   DBUG_RETURN(error_num);
 }
 
-void spider_get_sys_table_sts_info(
-  TABLE *table,
-  ha_statistics *stat
-) {
-  MYSQL_TIME mysql_time;
-  uint not_used_uint;
-  long not_used_long;
-  DBUG_ENTER("spider_get_sys_table_sts_info");
-  stat->data_file_length = (ulonglong) table->
-    field[SPIDER_TABLE_STS_DATA_FILE_LENGTH_POS]->val_int();
-  stat->max_data_file_length = (ulonglong) table->
-    field[SPIDER_TABLE_STS_MAX_DATA_FILE_LENGTH_POS]->val_int();
-  stat->index_file_length = (ulonglong) table->
-    field[SPIDER_TABLE_STS_INDEX_FILE_LENGTH_POS]->val_int();
-  stat->records = (ha_rows) table->
-    field[SPIDER_TABLE_STS_RECORDS_POS]->val_int();
-  stat->mean_rec_length = (ulong) table->
-    field[SPIDER_TABLE_STS_MEAN_REC_LENGTH_POS]->val_int();
-  table->field[SPIDER_TABLE_STS_CHECK_TIME_POS]->get_date(&mysql_time,
-    SPIDER_date_mode_t(0));
-  stat->check_time = (time_t) my_system_gmt_sec(&mysql_time,
-    &not_used_long, &not_used_uint);
-  table->field[SPIDER_TABLE_STS_CREATE_TIME_POS]->get_date(&mysql_time,
-    SPIDER_date_mode_t(0));
-  stat->create_time = (time_t) my_system_gmt_sec(&mysql_time,
-    &not_used_long, &not_used_uint);
-  table->field[SPIDER_TABLE_STS_UPDATE_TIME_POS]->get_date(&mysql_time,
-    SPIDER_date_mode_t(0));
-  stat->update_time = (time_t) my_system_gmt_sec(&mysql_time,
-    &not_used_long, &not_used_uint);
-  if (table->field[SPIDER_TABLE_STS_CHECKSUM_POS]->is_null())
-  {
-    stat->checksum_null = TRUE;
-    stat->checksum = 0;
-  } else {
-    stat->checksum_null = FALSE;
-    stat->checksum = (ha_checksum) table->
-      field[SPIDER_TABLE_STS_CHECKSUM_POS]->val_int();
-  }
-  DBUG_VOID_RETURN;
-}
-
-void spider_get_sys_table_crd_info(
-  TABLE *table,
-  longlong *cardinality,
-  uint number_of_keys
-) {
-  uint seq;
-  DBUG_ENTER("spider_get_sys_table_crd_info");
-  seq = (uint) table->field[SPIDER_TABLE_CRD_KEY_SEQ_POS]->val_int();
-  if (seq < number_of_keys)
-  {
-    cardinality[seq] = (longlong) table->
-      field[SPIDER_TABLE_CRD_CARDINALITY_POS]->val_int();
-  }
-  DBUG_VOID_RETURN;
-}
-
 int spider_sys_update_tables_link_status(
   THD *thd,
   char *name,
@@ -3226,260 +2945,6 @@ int spider_get_link_statuses(
   DBUG_RETURN(0);
 }
 
-int spider_sys_insert_or_update_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat,
-  bool need_lock
-) {
-  int error_num;
-  TABLE *table_sts = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_insert_or_update_table_sts");
-  if (
-    !(table_sts = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_STS_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_STS_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-  if ((error_num = spider_insert_or_update_table_sts(
-    table_sts,
-    name,
-    name_length,
-    stat
-  )))
-    goto error;
-  spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  table_sts = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (table_sts)
-    spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
-int spider_sys_insert_or_update_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys,
-  bool need_lock
-) {
-  int error_num;
-  TABLE *table_crd = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_insert_or_update_table_crd");
-  if (
-    !(table_crd = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_CRD_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-  if ((error_num = spider_insert_or_update_table_crd(
-    table_crd,
-    name,
-    name_length,
-    cardinality,
-    number_of_keys
-  )))
-    goto error;
-  spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  table_crd = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (table_crd)
-    spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
-int spider_sys_delete_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  bool need_lock
-) {
-  int error_num;
-  TABLE *table_sts = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_delete_table_sts");
-  if (
-    !(table_sts = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_STS_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_STS_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-  if ((error_num = spider_delete_table_sts(
-    table_sts,
-    name,
-    name_length
-  )))
-    goto error;
-  spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  table_sts = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (table_sts)
-    spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
-int spider_sys_delete_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  bool need_lock
-) {
-  int error_num;
-  TABLE *table_crd = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_delete_table_crd");
-  if (
-    !(table_crd = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_CRD_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-  if ((error_num = spider_delete_table_crd(
-    table_crd,
-    name,
-    name_length
-  )))
-    goto error;
-  spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  table_crd = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (table_crd)
-    spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
-int spider_sys_get_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat,
-  bool need_lock
-) {
-  int error_num;
-  char table_key[MAX_KEY_LENGTH];
-  TABLE *table_sts = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_get_table_sts");
-  if (
-    !(table_sts = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_STS_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_STS_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-
-  table_sts->use_all_columns();
-  spider_store_tables_name(table_sts, name, name_length);
-  if ((error_num = spider_check_sys_table(table_sts, table_key)))
-  {
-    if (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-    {
-      table_sts->file->print_error(error_num, MYF(0));
-    }
-    goto error;
-  } else {
-    spider_get_sys_table_sts_info(
-      table_sts,
-      stat
-    );
-  }
-
-  spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  table_sts = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (table_sts)
-    spider_close_sys_table(thd, table_sts, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
-int spider_sys_get_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys,
-  bool need_lock
-) {
-  int error_num;
-  char table_key[MAX_KEY_LENGTH];
-  bool index_inited = FALSE;
-  TABLE *table_crd = NULL;
-  SPIDER_Open_tables_backup open_tables_backup;
-  DBUG_ENTER("spider_sys_get_table_crd");
-
-  if (
-    !(table_crd = spider_open_sys_table(
-      thd, SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR,
-      SPIDER_SYS_TABLE_CRD_TABLE_NAME_LEN, TRUE,
-      &open_tables_backup, need_lock, &error_num))
-  ) {
-    goto error;
-  }
-
-  table_crd->use_all_columns();
-  spider_store_tables_name(table_crd, name, name_length);
-  if ((error_num = spider_get_sys_table_by_idx(table_crd, table_key, 0,
-    SPIDER_SYS_TABLE_CRD_PK_COL_CNT - 1)))
-  {
-    if (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-    {
-      table_crd->file->print_error(error_num, MYF(0));
-    }
-    goto error;
-  } else {
-    index_inited = TRUE;
-    do {
-      spider_get_sys_table_crd_info(
-        table_crd,
-        cardinality,
-        number_of_keys
-      );
-      error_num = spider_sys_index_next_same(table_crd, table_key);
-    } while (error_num == 0);
-  }
-  index_inited = FALSE;
-  if ((error_num = spider_sys_index_end(table_crd)))
-  {
-    table_crd->file->print_error(error_num, MYF(0));
-    goto error;
-  }
-
-  spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  table_crd = NULL;
-  DBUG_RETURN(0);
-
-error:
-  if (index_inited)
-    spider_sys_index_end(table_crd);
-
-  if (table_crd)
-    spider_close_sys_table(thd, table_crd, &open_tables_backup, need_lock);
-  DBUG_RETURN(error_num);
-}
-
 int spider_sys_replace(
   TABLE *table,
   bool *modified_non_trans_table
diff --git a/storage/spider/spd_sys_table.h b/storage/spider/spd_sys_table.h
index 36f72375..f1983323 100644
--- a/storage/spider/spd_sys_table.h
+++ b/storage/spider/spd_sys_table.h
@@ -28,20 +28,6 @@
 #define SPIDER_SYS_XA_FAILED_TABLE_NAME_LEN 20
 #define SPIDER_SYS_POS_FOR_RECOVERY_TABLE_NAME_STR "spider_table_position_for_recovery"
 #define SPIDER_SYS_POS_FOR_RECOVERY_TABLE_NAME_LEN 34
-#define SPIDER_SYS_TABLE_STS_TABLE_NAME_STR "spider_table_sts"
-#define SPIDER_SYS_TABLE_STS_TABLE_NAME_LEN 16
-#define SPIDER_SYS_TABLE_CRD_TABLE_NAME_STR "spider_table_crd"
-#define SPIDER_SYS_TABLE_CRD_TABLE_NAME_LEN 16
-#define SPIDER_SYS_RW_TBLS_TABLE_NAME_STR "spider_rewrite_tables"
-#define SPIDER_SYS_RW_TBLS_TABLE_NAME_LEN 21
-#define SPIDER_SYS_RW_TBL_TBLS_TABLE_NAME_STR "spider_rewrite_table_tables"
-#define SPIDER_SYS_RW_TBL_TBLS_TABLE_NAME_LEN 27
-#define SPIDER_SYS_RW_TBL_PTTS_TABLE_NAME_STR "spider_rewrite_table_partitions"
-#define SPIDER_SYS_RW_TBL_PTTS_TABLE_NAME_LEN 31
-#define SPIDER_SYS_RW_TBL_SPTTS_TABLE_NAME_STR "spider_rewrite_table_subpartitions"
-#define SPIDER_SYS_RW_TBL_SPTTS_TABLE_NAME_LEN 34
-#define SPIDER_SYS_RWN_TBLS_TABLE_NAME_STR "spider_rewritten_tables"
-#define SPIDER_SYS_RWN_TBLS_TABLE_NAME_LEN 23
 
 #define SPIDER_SYS_XA_PREPARED_STR "PREPARED"
 #define SPIDER_SYS_XA_NOT_YET_STR "NOT YET"
@@ -65,11 +51,6 @@
 #define SPIDER_SYS_TABLE_STS_PK_COL_CNT 2
 #define SPIDER_SYS_TABLE_CRD_COL_CNT 4
 #define SPIDER_SYS_TABLE_CRD_PK_COL_CNT 3
-#define SPIDER_SYS_RW_TBLS_COL_CNT 3
-#define SPIDER_SYS_RW_TBL_TBLS_COL_CNT 8
-#define SPIDER_SYS_RW_TBL_PTTS_COL_CNT 7
-#define SPIDER_SYS_RW_TBL_SPTTS_COL_CNT 8
-#define SPIDER_SYS_RWN_TBLS_COL_CNT 4
 
 #define SPIDER_SYS_LINK_MON_TABLE_DB_NAME_SIZE 64
 #define SPIDER_SYS_LINK_MON_TABLE_TABLE_NAME_SIZE 64
@@ -313,21 +294,6 @@ int spider_insert_sys_table(
   TABLE *table
 );
 
-int spider_insert_or_update_table_sts(
-  TABLE *table,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat
-);
-
-int spider_insert_or_update_table_crd(
-  TABLE *table,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys
-);
-
 int spider_log_tables_link_failed(
   TABLE *table,
   char *name,
@@ -471,17 +437,6 @@ int spider_get_sys_tables_static_link_id(
   MEM_ROOT *mem_root
 );
 
-void spider_get_sys_table_sts_info(
-  TABLE *table,
-  ha_statistics *stat
-);
-
-void spider_get_sys_table_crd_info(
-  TABLE *table,
-  longlong *cardinality,
-  uint number_of_keys
-);
-
 int spider_sys_update_tables_link_status(
   THD *thd,
   char *name,
@@ -533,54 +488,6 @@ int spider_get_link_statuses(
   MEM_ROOT *mem_root
 );
 
-int spider_sys_insert_or_update_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat,
-  bool need_lock
-);
-
-int spider_sys_insert_or_update_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys,
-  bool need_lock
-);
-
-int spider_sys_delete_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  bool need_lock
-);
-
-int spider_sys_delete_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  bool need_lock
-);
-
-int spider_sys_get_table_sts(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  ha_statistics *stat,
-  bool need_lock
-);
-
-int spider_sys_get_table_crd(
-  THD *thd,
-  const char *name,
-  uint name_length,
-  longlong *cardinality,
-  uint number_of_keys,
-  bool need_lock
-);
-
 int spider_sys_replace(
   TABLE *table,
   bool *modified_non_trans_table
diff --git a/storage/spider/spd_table.cc b/storage/spider/spd_table.cc
index bf101858..208b804f 100644
--- a/storage/spider/spd_table.cc
+++ b/storage/spider/spd_table.cc
@@ -1032,7 +1032,7 @@ int spider_create_string_list(
   }
 
   if (!(*string_list = (char**)
-    spider_bulk_malloc(spider_current_trx, 37, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_STRING_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       string_list, (uint) (sizeof(char*) * (*list_length)),
       string_length_list, (uint) (sizeof(int) * (*list_length)),
       NullS))
@@ -1226,7 +1226,7 @@ int spider_create_long_list(
   }
 
   if (!(*long_list = (long*)
-    spider_bulk_malloc(spider_current_trx, 38, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_LONG_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       long_list, (uint) (sizeof(long) * (*list_length)),
       NullS))
   ) {
@@ -1305,7 +1305,7 @@ int spider_create_longlong_list(
   }
 
   if (!(*longlong_list = (longlong *)
-    spider_bulk_malloc(spider_current_trx, 39, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_LONGLONG_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       longlong_list, (uint) (sizeof(longlong) * (*list_length)),
       NullS))
   ) {
@@ -1373,7 +1373,7 @@ int spider_increase_string_list(
   }
 
   if (!(tmp_str_list = (char**)
-    spider_bulk_malloc(spider_current_trx, 40, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_INCREASE_STRING_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       &tmp_str_list, (uint) (sizeof(char*) * link_count),
       &tmp_length_list, (uint) (sizeof(uint) * link_count),
       NullS))
@@ -1436,7 +1436,7 @@ int spider_increase_null_string_list(
     DBUG_RETURN(0);
 
   if (!(tmp_str_list = (char**)
-    spider_bulk_malloc(spider_current_trx, 247, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_INCREASE_NULL_STRING_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       &tmp_str_list, (uint) (sizeof(char*) * link_count),
       &tmp_length_list, (uint) (sizeof(uint) * link_count),
       NullS))
@@ -1494,7 +1494,7 @@ int spider_increase_long_list(
     tmp_long = -1;
 
   if (!(tmp_long_list = (long*)
-    spider_bulk_malloc(spider_current_trx, 41, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_INCREASE_LONG_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       &tmp_long_list, (uint) (sizeof(long) * link_count),
       NullS))
   ) {
@@ -1539,7 +1539,7 @@ int spider_increase_longlong_list(
     tmp_longlong = -1;
 
   if (!(tmp_longlong_list = (longlong*)
-    spider_bulk_malloc(spider_current_trx, 42, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_INCREASE_LONGLONG_LIST_1, MYF(MY_WME | MY_ZEROFILL),
       &tmp_longlong_list, (uint) (sizeof(longlong) * link_count),
       NullS))
   ) {
@@ -2880,7 +2880,7 @@ int spider_parse_connect_info(
   share_alter = &share->alter_table;
   share_alter->all_link_count = share->all_link_count;
   if (!(share_alter->tmp_server_names = (char **)
-    spider_bulk_malloc(spider_current_trx, 43, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_PARSE_CONNECT_INFO_1, MYF(MY_WME | MY_ZEROFILL),
       &share_alter->tmp_server_names,
       (uint) (sizeof(char *) * share->all_link_count),
       &share_alter->tmp_tgt_table_names,
@@ -4025,7 +4025,7 @@ int spider_create_conn_keys(
     share->conn_keys_charlen += conn_keys_lengths[roop_count] + 2;
   }
   if (!(share->conn_keys = (char **)
-    spider_bulk_alloc_mem(spider_current_trx, 45,
+    spider_bulk_alloc_mem(spider_current_trx, SPD_MID_CREATE_CONN_KEYS_1,
       __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
       &share->conn_keys, sizeof(char *) * share->all_link_count,
       &share->conn_keys_lengths, length_base,
@@ -4218,7 +4218,7 @@ SPIDER_SHARE *spider_create_share(
   length = (uint) strlen(table_name);
   bitmap_size = spider_bitmap_size(table_share->fields);
   if (!(share = (SPIDER_SHARE *)
-    spider_bulk_malloc(spider_current_trx, 46, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_SHARE_1, MYF(MY_WME | MY_ZEROFILL),
       &share, (uint) (sizeof(*share)),
       &tmp_name, (uint) (length + 1),
       &tmp_static_key_cardinality,
@@ -4263,7 +4263,7 @@ SPIDER_SHARE *spider_create_share(
     goto error_init_hint_string;
   }
   for (roop_count = 0; roop_count < (int) table_share->keys; roop_count++)
-    share->key_hint[roop_count].init_calc_mem(95);
+    share->key_hint[roop_count].init_calc_mem(SPD_MID_CREATE_SHARE_2);
   DBUG_PRINT("info",("spider share->key_hint=%p", share->key_hint));
 
   if ((*error_num = spider_parse_connect_info(share, table_share,
@@ -4450,7 +4450,7 @@ SPIDER_SHARE *spider_get_share(
     ((char *) lex_str.str)[lex_str.length] = '\0';
     DBUG_PRINT("info",("spider loop check param name=%s", lex_str.str));
     loop_check = get_variable(&thd->user_vars, &lex_str, FALSE);
-    if (loop_check && loop_check->type == STRING_RESULT)
+    if (loop_check && loop_check->type_handler()->result_type() == STRING_RESULT)
     {
       lex_str.length = top_share->path.length + spider_unique_id.length + 1;
       lex_str.str = loop_check_buf + buf_sz - top_share->path.length -
@@ -4685,7 +4685,7 @@ SPIDER_SHARE *spider_get_share(
     }
 
     if (!(spider->conn_keys = (char **)
-      spider_bulk_alloc_mem(spider_current_trx, 47,
+      spider_bulk_alloc_mem(spider_current_trx, SPD_MID_GET_SHARE_1,
         __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
         &spider->conn_keys, sizeof(char *) * share->link_count,
         &tmp_name, sizeof(char) * share->conn_keys_charlen,
@@ -5140,7 +5140,7 @@ SPIDER_SHARE *spider_get_share(
     }
 
     if (!(spider->conn_keys = (char **)
-      spider_bulk_alloc_mem(spider_current_trx, 49,
+      spider_bulk_alloc_mem(spider_current_trx, SPD_MID_GET_SHARE_2,
         __func__, __FILE__, __LINE__, MYF(MY_WME | MY_ZEROFILL),
         &spider->conn_keys, sizeof(char *) * share->link_count,
         &tmp_name, sizeof(char) * share->conn_keys_charlen,
@@ -5443,8 +5443,6 @@ int spider_free_share(
 ) {
   DBUG_ENTER("spider_free_share");
   pthread_mutex_lock(&spider_tbl_mutex);
-  bool do_delete_thd = false;
-  THD *thd = current_thd;
   if (!--share->use_count)
   {
     spider_free_sts_thread(share);
@@ -5460,49 +5458,6 @@ int spider_free_share(
       spider_table_remove_share_from_crd_thread(share);
       spider_free_spider_object_for_share(&share->crd_spider);
     }
-    if (
-      share->sts_init &&
-      share->table_share->tmp_table == NO_TMP_TABLE &&
-      spider_param_store_last_sts(share->store_last_sts)
-    ) {
-      if (!thd)
-      {
-        /* Create a thread for Spider system table update */
-        thd = spider_create_thd();
-        if (!thd)
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        do_delete_thd = TRUE;
-      }
-      spider_sys_insert_or_update_table_sts(
-        thd,
-        share->lgtm_tblhnd_share->table_name,
-        share->lgtm_tblhnd_share->table_name_length,
-        &share->stat,
-        FALSE
-      );
-    }
-    if (
-      share->crd_init &&
-      share->table_share->tmp_table == NO_TMP_TABLE &&
-      spider_param_store_last_crd(share->store_last_crd)
-    ) {
-      if (!thd)
-      {
-        /* Create a thread for Spider system table update */
-        thd = spider_create_thd();
-        if (!thd)
-          DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-        do_delete_thd = TRUE;
-      }
-      spider_sys_insert_or_update_table_crd(
-        thd,
-        share->lgtm_tblhnd_share->table_name,
-        share->lgtm_tblhnd_share->table_name_length,
-        share->cardinality,
-        share->table_share->fields,
-        FALSE
-      );
-    }
     spider_free_share_alloc(share);
     my_hash_delete(&spider_open_tables, (uchar*) share);
     pthread_mutex_destroy(&share->crd_mutex);
@@ -5511,8 +5466,6 @@ int spider_free_share(
     free_root(&share->mem_root, MYF(0));
     spider_free(spider_current_trx, share, MYF(0));
   }
-  if (do_delete_thd)
-    spider_destroy_thd(thd);
   pthread_mutex_unlock(&spider_tbl_mutex);
   DBUG_RETURN(0);
 }
@@ -5568,7 +5521,7 @@ SPIDER_LGTM_TBLHND_SHARE *spider_get_lgtm_tblhnd_share(
   {
     DBUG_PRINT("info",("spider create new lgtm tblhnd share"));
     if (!(lgtm_tblhnd_share = (SPIDER_LGTM_TBLHND_SHARE *)
-      spider_bulk_malloc(spider_current_trx, 244, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_GET_LGTM_TBLHND_SHARE_1, MYF(MY_WME | MY_ZEROFILL),
         &lgtm_tblhnd_share, (uint) (sizeof(*lgtm_tblhnd_share)),
         &tmp_name, (uint) (table_name_length + 1),
         NullS))
@@ -5654,7 +5607,7 @@ SPIDER_WIDE_SHARE *spider_get_wide_share(
   {
     DBUG_PRINT("info",("spider create new wide share"));
     if (!(wide_share = (SPIDER_WIDE_SHARE *)
-      spider_bulk_malloc(spider_current_trx, 51, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx,  SPD_MID_GET_PT_SHARE_1, MYF(MY_WME | MY_ZEROFILL),
         &wide_share, sizeof(SPIDER_WIDE_SHARE),
         &tmp_name, (uint) (table_share->path.length + 1),
         &tmp_cardinality,
@@ -5946,7 +5899,7 @@ int spider_open_all_tables(
       spider->wide_handler->lock_type = TL_READ_NO_INSERT;
 
       if (!(share = (SPIDER_SHARE *)
-        spider_bulk_malloc(spider_current_trx, 52, MYF(MY_WME | MY_ZEROFILL),
+        spider_bulk_malloc(spider_current_trx, SPD_MID_OPEN_ALL_TABLES_1, MYF(MY_WME | MY_ZEROFILL),
           &share, (uint) (sizeof(*share)),
           &connect_info,
             (uint) (sizeof(char *) * SPIDER_TMP_SHARE_CHAR_PTR_COUNT),
@@ -6162,26 +6115,13 @@ int spider_db_done(
   void *p
 ) {
   int roop_count;
-  bool do_delete_thd;
-  THD *thd = current_thd, *tmp_thd;
+  THD *tmp_thd;
   SPIDER_CONN *conn;
   SPIDER_INIT_ERROR_TABLE *spider_init_error_table;
   SPIDER_TABLE_MON_LIST *table_mon_list;
   SPIDER_LGTM_TBLHND_SHARE *lgtm_tblhnd_share;
   DBUG_ENTER("spider_db_done");
 
-  /* Begin Spider plugin deinit */
-  if (thd)
-    do_delete_thd = FALSE;
-  else
-  {
-    /* Create a thread for Spider plugin deinit */
-    thd = spider_create_thd();
-    if (!thd)
-      DBUG_RETURN(HA_ERR_OUT_OF_MEM);
-    do_delete_thd = TRUE;
-  }
-
   for (roop_count = SPIDER_DBTON_SIZE - 1; roop_count >= 0; roop_count--)
   {
     if (spider_dbton[roop_count].deinit)
@@ -6331,13 +6271,6 @@ int spider_db_done(
       ));
   }
 
-  /* End Spider plugin deinit */
-  if (do_delete_thd)
-    spider_destroy_thd(thd);
-
-/*
-DBUG_ASSERT(0);
-*/
   DBUG_RETURN(0);
 }
 
@@ -6393,6 +6326,17 @@ bool spider_init_system_tables()
   DBUG_RETURN(FALSE);
 }
 
+
+/*
+  Spider is typically loaded before ddl_recovery, but DDL statements
+  cannot be executed before ddl_recovery, so we delay system table creation.
+*/
+static int spider_after_ddl_recovery(handlerton *)
+{
+  DBUG_EXECUTE_IF("fail_spider_ddl_recovery_done", return 1;);
+  return spider_init_system_tables();
+}
+
 int spider_db_init(
   void *p
 ) {
@@ -6412,17 +6356,8 @@ int spider_db_init(
 #ifdef HTON_CAN_READ_CONNECT_STRING_IN_PARTITION
   spider_hton->flags |= HTON_CAN_READ_CONNECT_STRING_IN_PARTITION;
 #endif
-  /* spider_hton->db_type = DB_TYPE_SPIDER; */
-  /*
-  spider_hton->savepoint_offset;
-  spider_hton->savepoint_set = spider_savepoint_set;
-  spider_hton->savepoint_rollback = spider_savepoint_rollback;
-  spider_hton->savepoint_release = spider_savepoint_release;
-  spider_hton->create_cursor_read_view = spider_create_cursor_read_view;
-  spider_hton->set_cursor_read_view = spider_set_cursor_read_view;
-  spider_hton->close_cursor_read_view = spider_close_cursor_read_view;
-  */
   spider_hton->panic = spider_panic;
+  spider_hton->signal_ddl_recovery_done= spider_after_ddl_recovery;
   spider_hton->close_connection = spider_close_connection;
   spider_hton->start_consistent_snapshot = spider_start_consistent_snapshot;
   spider_hton->flush_logs = spider_flush_logs;
@@ -6478,10 +6413,6 @@ int spider_db_init(
 
   if (pthread_attr_init(&spider_pt_attr))
     goto error_pt_attr_init;
-/*
-  if (pthread_attr_setdetachstate(&spider_pt_attr, PTHREAD_CREATE_DETACHED))
-    goto error_pt_attr_setstate;
-*/
 
   if (mysql_mutex_init(spd_key_mutex_tbl,
     &spider_tbl_mutex, MY_MUTEX_INIT_FAST))
@@ -6535,7 +6466,7 @@ int spider_db_init(
                    (my_hash_get_key) spider_tbl_get_key, 0, 0))
     goto error_open_tables_hash_init;
 
-  spider_alloc_calc_mem_init(spider_open_tables, 143);
+  spider_alloc_calc_mem_init(spider_open_tables, SPD_MID_DB_INIT_1);
   spider_alloc_calc_mem(NULL,
     spider_open_tables,
     spider_open_tables.array.max_element *
@@ -6544,7 +6475,7 @@ int spider_db_init(
                    (my_hash_get_key) spider_tbl_get_key, 0, 0))
     goto error_init_error_tables_hash_init;
 
-  spider_alloc_calc_mem_init(spider_init_error_tables, 144);
+  spider_alloc_calc_mem_init(spider_init_error_tables, SPD_MID_DB_INIT_2);
   spider_alloc_calc_mem(NULL,
     spider_init_error_tables,
     spider_init_error_tables.array.max_element *
@@ -6555,7 +6486,7 @@ int spider_db_init(
   )
     goto error_open_wide_share_hash_init;
 
-  spider_alloc_calc_mem_init(spider_open_wide_share, 145);
+  spider_alloc_calc_mem_init(spider_open_wide_share, SPD_MID_DB_INIT_3);
   spider_alloc_calc_mem(NULL,
     spider_open_wide_share,
     spider_open_wide_share.array.max_element *
@@ -6565,7 +6496,7 @@ int spider_db_init(
                    (my_hash_get_key) spider_lgtm_tblhnd_share_hash_get_key, 0, 0))
     goto error_lgtm_tblhnd_share_hash_init;
 
-  spider_alloc_calc_mem_init(spider_lgtm_tblhnd_share_hash, 245);
+  spider_alloc_calc_mem_init(spider_lgtm_tblhnd_share_hash, SPD_MID_DB_INIT_4);
   spider_alloc_calc_mem(NULL,
     spider_lgtm_tblhnd_share_hash,
     spider_lgtm_tblhnd_share_hash.array.max_element *
@@ -6579,7 +6510,7 @@ int spider_db_init(
                    spider_free_ipport_conn, 0))
       goto error_ipport_conn__hash_init;
 
-  spider_alloc_calc_mem_init(spider_open_connections, 146);
+  spider_alloc_calc_mem_init(spider_open_connections, SPD_MID_DB_INIT_5);
   spider_alloc_calc_mem(NULL,
     spider_open_connections,
     spider_open_connections.array.max_element *
@@ -6588,7 +6519,7 @@ int spider_db_init(
                    (my_hash_get_key) spider_allocated_thds_get_key, 0, 0))
     goto error_allocated_thds_hash_init;
 
-  spider_alloc_calc_mem_init(spider_allocated_thds, 149);
+  spider_alloc_calc_mem_init(spider_allocated_thds, SPD_MID_DB_INIT_8);
   spider_alloc_calc_mem(NULL,
     spider_allocated_thds,
     spider_allocated_thds.array.max_element *
@@ -6598,14 +6529,14 @@ int spider_db_init(
       NULL, 64, 64, MYF(MY_WME)))
     goto error_mon_table_cache_array_init;
 
-  spider_alloc_calc_mem_init(spider_mon_table_cache, 165);
+  spider_alloc_calc_mem_init(spider_mon_table_cache, SPD_MID_DB_INIT_9);
   spider_alloc_calc_mem(NULL,
     spider_mon_table_cache,
     spider_mon_table_cache.max_element *
     spider_mon_table_cache.size_of_element);
 
   if (!(spider_udf_table_mon_mutexes = (pthread_mutex_t *)
-    spider_bulk_malloc(NULL, 53, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(NULL, SPD_MID_DB_INIT_10, MYF(MY_WME | MY_ZEROFILL),
       &spider_udf_table_mon_mutexes, (uint) (sizeof(pthread_mutex_t) *
         spider_udf_table_mon_mutex_count),
       &spider_udf_table_mon_conds, (uint) (sizeof(pthread_cond_t) *
@@ -6641,7 +6572,7 @@ int spider_db_init(
       (my_hash_get_key) spider_udf_tbl_mon_list_key, 0, 0))
       goto error_init_udf_table_mon_list_hash;
 
-    spider_alloc_calc_mem_init(spider_udf_table_mon_list_hash, 150);
+    spider_alloc_calc_mem_init(spider_udf_table_mon_list_hash, SPD_MID_DB_INIT_11);
     spider_alloc_calc_mem(NULL,
       spider_udf_table_mon_list_hash,
       spider_udf_table_mon_list_hash[roop_count].array.max_element *
@@ -6654,7 +6585,7 @@ int spider_db_init(
   }
 
   if (!(spider_table_sts_threads = (SPIDER_THREAD *)
-    spider_bulk_malloc(NULL, 256, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(NULL, SPD_MID_DB_INIT_12, MYF(MY_WME | MY_ZEROFILL),
       &spider_table_sts_threads, (uint) (sizeof(SPIDER_THREAD) *
         spider_param_table_sts_thread_count()),
       &spider_table_crd_threads, (uint) (sizeof(SPIDER_THREAD) *
@@ -6826,7 +6757,7 @@ char *spider_create_string(
 ) {
   char *res;
   DBUG_ENTER("spider_create_string");
-  if (!(res = (char*) spider_malloc(spider_current_trx, 13, length + 1,
+  if (!(res = (char*) spider_malloc(spider_current_trx, SPD_MID_CREATE_STRING_1, length + 1,
     MYF(MY_WME))))
     DBUG_RETURN(NULL);
   memcpy(res, str, length);
@@ -6848,7 +6779,7 @@ char *spider_create_table_name_string(
     if (sub_name)
       length += sizeof("#SP#") - 1 + strlen(sub_name);
   }
-  if (!(res = (char*) spider_malloc(spider_current_trx, 14, length + 1,
+  if (!(res = (char*) spider_malloc(spider_current_trx, SPD_MID_CREATE_TABLE_NAME_STRING_1, length + 1,
     MYF(MY_WME))))
     DBUG_RETURN(NULL);
   tmp = strmov(res, table_name);
@@ -6968,7 +6899,6 @@ int spider_get_sts(
 ) {
   int get_type;
   int error_num = 0;
-  bool need_to_get = TRUE;
   DBUG_ENTER("spider_get_sts");
 
   if (
@@ -7004,34 +6934,10 @@ int spider_get_sts(
     /* copy */
     get_type = 0;
   }
-  if (
-    !share->sts_init &&
-    share->table_share->tmp_table == NO_TMP_TABLE &&
-    spider_param_load_sts_at_startup(share->load_sts_at_startup) &&
-    (!share->init || share->init_error)
-  ) {
-    error_num = spider_sys_get_table_sts(
-      current_thd,
-      share->lgtm_tblhnd_share->table_name,
-      share->lgtm_tblhnd_share->table_name_length,
-      &share->stat,
-      FALSE
-    );
-    if (
-      !error_num ||
-      (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-    )
-    need_to_get = FALSE;
-  }
-
-  if (need_to_get)
-  {
-    if (get_type == 0)
-      spider_copy_sts_to_share(share, share->wide_share);
-    else {
-      error_num = spider_db_show_table_status(spider, link_idx, sts_mode, flag);
-    }
-  }
+  if (get_type == 0)
+    spider_copy_sts_to_share(share, share->wide_share);
+  else
+    error_num = spider_db_show_table_status(spider, link_idx, sts_mode, flag);
   if (get_type >= 2)
     pthread_mutex_unlock(&share->wide_share->sts_mutex);
   if (error_num)
@@ -7103,7 +7009,6 @@ int spider_get_crd(
 ) {
   int get_type;
   int error_num = 0;
-  bool need_to_get = TRUE;
   DBUG_ENTER("spider_get_crd");
 
   if (
@@ -7139,35 +7044,6 @@ int spider_get_crd(
     /* copy */
     get_type = 0;
   }
-  if (
-    !share->crd_init &&
-    share->table_share->tmp_table == NO_TMP_TABLE &&
-    spider_param_load_sts_at_startup(share->load_crd_at_startup)
-  ) {
-    error_num = spider_sys_get_table_crd(
-      current_thd,
-      share->lgtm_tblhnd_share->table_name,
-      share->lgtm_tblhnd_share->table_name_length,
-      share->cardinality,
-      table->s->fields,
-      FALSE
-    );
-    if (
-      !error_num ||
-      (error_num != HA_ERR_KEY_NOT_FOUND && error_num != HA_ERR_END_OF_FILE)
-    )
-    need_to_get = FALSE;
-  }
-
-  if (need_to_get)
-  {
-    if (get_type == 0)
-      spider_copy_crd_to_share(share, share->wide_share,
-        table->s->fields);
-    else {
-      error_num = spider_db_show_index(spider, link_idx, table, crd_mode);
-    }
-  }
   if (get_type >= 2)
     pthread_mutex_unlock(&share->wide_share->crd_mutex);
   if (error_num)
@@ -7284,7 +7160,7 @@ SPIDER_INIT_ERROR_TABLE *spider_get_init_error_table(
       DBUG_RETURN(NULL);
     }
     if (!(spider_init_error_table = (SPIDER_INIT_ERROR_TABLE *)
-      spider_bulk_malloc(spider_current_trx, 54, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_GET_INIT_ERROR_TABLE_1, MYF(MY_WME | MY_ZEROFILL),
         &spider_init_error_table, (uint) (sizeof(*spider_init_error_table)),
         &tmp_name, (uint) (share->table_name_length + 1),
         NullS))
@@ -8345,7 +8221,7 @@ int spider_discover_table_structure(
   char buf[MAX_FIELD_WIDTH];
   spider_string str(buf, sizeof(buf), system_charset_info);
   DBUG_ENTER("spider_discover_table_structure");
-  str.init_calc_mem(229);
+  str.init_calc_mem(SPD_MID_DISCOVER_TABLE_STRUCTURE_1);
   str.length(0);
   if (str.reserve(
     SPIDER_SQL_CREATE_TABLE_LEN + share->db.length +
@@ -8676,7 +8552,7 @@ int spider_create_spider_object_for_share(
   }
   DBUG_PRINT("info",("spider spider=%p", (*spider)));
   if (!(need_mons = (int *)
-    spider_bulk_malloc(spider_current_trx, 255, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_SPIDER_OBJECT_FOR_SHARE_2, MYF(MY_WME | MY_ZEROFILL),
       &need_mons, (uint) (sizeof(int) * share->link_count),
       &conns, (uint) (sizeof(SPIDER_CONN *) * share->link_count),
       &conn_link_idx, (uint) (sizeof(uint) * share->link_count),
diff --git a/storage/spider/spd_trx.cc b/storage/spider/spd_trx.cc
index c689e40d..ebf9a777 100644
--- a/storage/spider/spd_trx.cc
+++ b/storage/spider/spd_trx.cc
@@ -166,7 +166,7 @@ int spider_trx_another_lock_tables(
   spider_string sql_str(sql_buf, sizeof(sql_buf), system_charset_info);
   DBUG_ENTER("spider_trx_another_lock_tables");
   SPIDER_BACKUP_DASTATUS;
-  sql_str.init_calc_mem(188);
+  sql_str.init_calc_mem(SPD_MID_TRX_ANOTHER_LOCK_TABLES_1);
   sql_str.length(0);
   memset((void*)&tmp_spider, 0, sizeof(ha_spider));
   memset((void*)&tmp_share, 0, sizeof(SPIDER_SHARE));
@@ -482,7 +482,7 @@ int spider_create_trx_alter_table(
   share_alter = &share->alter_table;
 
   if (!(alter_table = (SPIDER_ALTER_TABLE *)
-    spider_bulk_malloc(spider_current_trx, 55, MYF(MY_WME | MY_ZEROFILL),
+    spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_TRX_ALTER_TABLE_1, MYF(MY_WME | MY_ZEROFILL),
       &alter_table, (uint) (sizeof(*alter_table)),
       &tmp_name, (uint) (sizeof(char) * (share->table_name_length + 1)),
 
@@ -1142,7 +1142,7 @@ SPIDER_TRX *spider_get_trx(
   ) {
     DBUG_PRINT("info",("spider create new trx"));
     if (!(trx = (SPIDER_TRX *)
-      spider_bulk_malloc(NULL, 56, MYF(MY_WME | MY_ZEROFILL),
+      spider_bulk_malloc(NULL, SPD_MID_GET_TRX_1, MYF(MY_WME | MY_ZEROFILL),
         &trx, (uint) (sizeof(*trx)),
         &tmp_share, (uint) (sizeof(SPIDER_SHARE)),
         &tmp_wide_handler, (uint) sizeof(SPIDER_WIDE_HANDLER),
@@ -1171,7 +1171,7 @@ SPIDER_TRX *spider_get_trx(
                    spider_conn_get_key, 0, 0)
     )
       goto error_init_hash;
-    spider_alloc_calc_mem_init(trx->trx_conn_hash, 151);
+    spider_alloc_calc_mem_init(trx->trx_conn_hash, SPD_MID_GET_TRX_2);
     spider_alloc_calc_mem(
       thd ? ((SPIDER_TRX *) thd_get_ha_data(thd, spider_hton_ptr)) : NULL,
       trx->trx_conn_hash,
@@ -1184,7 +1184,7 @@ SPIDER_TRX *spider_get_trx(
                    spider_conn_get_key, 0, 0)
     )
       goto error_init_another_hash;
-    spider_alloc_calc_mem_init(trx->trx_another_conn_hash, 152);
+    spider_alloc_calc_mem_init(trx->trx_another_conn_hash, SPD_MID_GET_TRX_3);
     spider_alloc_calc_mem(
       thd ? ((SPIDER_TRX *) thd_get_ha_data(thd, spider_hton_ptr)) : NULL,
       trx->trx_another_conn_hash,
@@ -1197,7 +1197,7 @@ SPIDER_TRX *spider_get_trx(
                    spider_alter_tbl_get_key, 0, 0)
     )
       goto error_init_alter_hash;
-    spider_alloc_calc_mem_init(trx->trx_alter_table_hash, 157);
+    spider_alloc_calc_mem_init(trx->trx_alter_table_hash, SPD_MID_GET_TRX_8);
     spider_alloc_calc_mem(
       thd ? ((SPIDER_TRX *) thd_get_ha_data(thd, spider_hton_ptr)) : NULL,
       trx->trx_alter_table_hash,
@@ -1210,7 +1210,7 @@ SPIDER_TRX *spider_get_trx(
                    spider_trx_ha_get_key, 0, 0)
     )
       goto error_init_trx_ha_hash;
-    spider_alloc_calc_mem_init(trx->trx_ha_hash, 158);
+    spider_alloc_calc_mem_init(trx->trx_ha_hash, SPD_MID_GET_TRX_9);
     spider_alloc_calc_mem(
       thd ? ((SPIDER_TRX *) thd_get_ha_data(thd, spider_hton_ptr)) : NULL,
       trx->trx_ha_hash,
@@ -1262,7 +1262,7 @@ SPIDER_TRX *spider_get_trx(
       for (roop_count2 = 0; roop_count2 < (int) trx->tmp_share->link_count;
         ++roop_count2)
       {
-        trx->tmp_spider->result_list.sqls[roop_count2].init_calc_mem(121);
+        trx->tmp_spider->result_list.sqls[roop_count2].init_calc_mem(SPD_MID_GET_TRX_10);
         trx->tmp_spider->result_list.sqls[roop_count2].set_charset(
           trx->tmp_share->access_charset);
       }
@@ -3164,6 +3164,14 @@ int spider_rollback(
     DBUG_RETURN(0); /* transaction is not started */
 
 
+  /* In case the rollback happens due to failure of LOCK TABLE, we
+  need to clear the list of tables to lock. */
+  for (uint i= 0; i < trx->trx_conn_hash.records; i++)
+  {
+    conn= (SPIDER_CONN *) my_hash_element(&trx->trx_conn_hash, i);
+    conn->db_conn->reset_lock_table_hash();
+  }
+
   if (all || (!thd_test_options(thd, OPTION_NOT_AUTOCOMMIT | OPTION_BEGIN)))
   {
     if (trx->trx_start)
@@ -3695,7 +3703,7 @@ int spider_create_trx_ha(
   if (need_create)
   {
     if (!(trx_ha = (SPIDER_TRX_HA *)
-      spider_bulk_malloc(spider_current_trx, 58, MYF(MY_WME),
+      spider_bulk_malloc(spider_current_trx, SPD_MID_CREATE_TRX_HA_1, MYF(MY_WME),
         &trx_ha, (uint) (sizeof(SPIDER_TRX_HA)),
         &tmp_name, (uint) (sizeof(char *) * (share->table_name_length + 1)),
         &conn_link_idx, (uint) (sizeof(uint) * share->link_count),
diff --git a/strings/ctype-uca.inl b/strings/ctype-uca.inl
index 6aa72847..62abbb9b 100644
--- a/strings/ctype-uca.inl
+++ b/strings/ctype-uca.inl
@@ -416,8 +416,20 @@ MY_FUNCTION_NAME(scanner_next_pad_trim)(my_uca_scanner *scanner,
         flags & MY_STRNNCOLLSP_NCHARS_EMULATE_TRIMMED_TRAILING_SPACES ?
         my_space_weight(param->level) : 0;
 
-      res.nchars= 1;
       (*generated)++;
+      res.nchars++; /* Count all ignorable characters and the padded space */
+      if (res.nchars > nchars)
+      {
+        /*
+          We scanned a number of ignorable characters at the end of the
+          string and reached the "nchars" limit, so the virtual padded space
+          does not fit. This is possible with CONCAT('a', x'00') with
+          nchars=2 on the second iteration when we scan the x'00'.
+        */
+        if (param->cs->state & MY_CS_NOPAD)
+          res.weight= 0;
+        res.nchars= (uint) nchars;
+      }
     }
     else if (res.nchars > nchars)
     {
diff --git a/strings/json_lib.c b/strings/json_lib.c
index 52c173f3..31d58074 100644
--- a/strings/json_lib.c
+++ b/strings/json_lib.c
@@ -482,12 +482,12 @@ enum json_num_states {
 
 static int json_num_states[NS_NUM_STATES][N_NUM_CLASSES]=
 {
-/*         -        +       0        1..9    POINT    E       END_OK   ERROR */
+/*         -        +       0         1..9    POINT    E       END_OK   ERROR */
 /*OK*/   { JE_SYN,  JE_SYN, JE_SYN,   JE_SYN, JE_SYN,  JE_SYN, JE_SYN, JE_BAD_CHR },
 /*GO*/   { NS_GO1,  JE_SYN, NS_Z,     NS_INT, JE_SYN,  JE_SYN, JE_SYN, JE_BAD_CHR },
 /*GO1*/  { JE_SYN,  JE_SYN, NS_Z1,    NS_INT, JE_SYN,  JE_SYN, JE_SYN, JE_BAD_CHR },
-/*ZERO*/ { JE_SYN,  JE_SYN, JE_SYN,   JE_SYN, NS_FRAC, JE_SYN, NS_OK,  JE_BAD_CHR },
-/*ZE1*/  { JE_SYN,  JE_SYN, JE_SYN,   JE_SYN, NS_FRAC, JE_SYN, NS_OK,  JE_BAD_CHR },
+/*ZERO*/ { JE_SYN,  JE_SYN, JE_SYN,   JE_SYN, NS_FRAC, NS_EX,  NS_OK,  JE_BAD_CHR },
+/*ZE1*/  { JE_SYN,  JE_SYN, JE_SYN,   JE_SYN, NS_FRAC, NS_EX,  NS_OK,  JE_BAD_CHR },
 /*INT*/  { JE_SYN,  JE_SYN, NS_INT,   NS_INT, NS_FRAC, NS_EX,  NS_OK,  JE_BAD_CHR },
 /*FRAC*/ { JE_SYN,  JE_SYN, NS_FRAC,  NS_FRAC,JE_SYN,  NS_EX,  NS_OK,  JE_BAD_CHR },
 /*EX*/   { NS_EX,   NS_EX,  NS_EX1,   NS_EX1, JE_SYN,  JE_SYN, JE_SYN, JE_BAD_CHR }, 
diff --git a/support-files/mariadb.service.in b/support-files/mariadb.service.in
index c9f78870..1af0106e 100644
--- a/support-files/mariadb.service.in
+++ b/support-files/mariadb.service.in
@@ -138,6 +138,12 @@ PrivateTmp=false
 TimeoutStartSec=900
 TimeoutStopSec=900
 
+# Set the maximium number of tasks (threads) to 99% of what the system can
+# handle as set by the kernel, reserve the 1% for a remote ssh connection,
+# some monitoring, or that backup cron job. Without the directive this would
+# be 15% (see DefaultTasksMax in systemd man pages).
+TasksMax=99%
+
 ##
 ## Options previously available to be set via [mysqld_safe]
 ## that now needs to be set by systemd config files as mysqld_safe
diff --git a/support-files/mariadb@.service.in b/support-files/mariadb@.service.in
index 1160bf62..8cb3ab2a 100644
--- a/support-files/mariadb@.service.in
+++ b/support-files/mariadb@.service.in
@@ -252,6 +252,12 @@ PrivateTmp=false
 TimeoutStartSec=900
 TimeoutStopSec=900
 
+# Set the maximium number of tasks (threads) to 99% of what the system can
+# handle as set by the kernel, reserve the 1% for a remote ssh connection,
+# some monitoring, or that backup cron job. Without the directive this would
+# be 15% (see DefaultTasksMax in systemd man pages).
+TasksMax=99%
+
 # Controlling how multiple instances are separated. See top of this file.
 # Note: This service isn't User=mysql by default so we need to be explicit.
 # It is as an option here as a user may want to use the MYSQLD_MULTI_INSTANCE
diff --git a/tests/mysql_client_fw.c b/tests/mysql_client_fw.c
index 5c0c7ce2..c9e64678 100644
--- a/tests/mysql_client_fw.c
+++ b/tests/mysql_client_fw.c
@@ -1430,6 +1430,14 @@ int main(int argc, char **argv)
     tests_to_run[i]= NULL;
   }
 
+#ifdef _WIN32
+  /* must be the same in C/C and embedded, 1208 on 64bit, 968 on 32bit */
+  compile_time_assert(sizeof(MYSQL) == 60*sizeof(void*)+728);
+#else
+  /* must be the same in C/C and embedded, 1272 on 64bit, 964 on 32bit */
+  compile_time_assert(sizeof(MYSQL) == 77*sizeof(void*)+656);
+#endif
+
   if (mysql_server_init(embedded_server_arg_count,
                         embedded_server_args,
                         (char**) embedded_server_groups))
diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c
index c0077681..ffc4a19e 100644
--- a/tests/mysql_client_test.c
+++ b/tests/mysql_client_test.c
@@ -21961,6 +21961,45 @@ static void test_mdev_30159()
   myquery(rc);
 }
 
+/*
+  Check that server_status returned after connecting to server
+  is consistent with the value of autocommit variable.
+*/
+static void test_connect_autocommit()
+{
+  int rc;
+  my_bool autocommit[]= {0, 1};
+  int i;
+  rc= mysql_query(mysql, "SET @save_autocommit=@@global.autocommit");
+  myquery(rc);
+  for (i= 0; i < 2; i++)
+  {
+    MYSQL *con;
+    char query[100];
+    int autocommit_val;
+
+    con= mysql_client_init(NULL);
+    DIE_UNLESS(con);
+    autocommit_val = autocommit[i];
+    snprintf(query, sizeof(query), "SET global autocommit=%d", autocommit_val);
+    rc= mysql_query(mysql, query);
+    myquery(rc);
+
+    if (!(mysql_real_connect(con, opt_host, opt_user, opt_password, current_db,
+                             opt_port, opt_unix_socket, 0)))
+    {
+      fprintf(stderr, "Failed to connect to database: Error: %s\n",
+              mysql_error(con));
+      exit(1);
+    }
+    DIE_UNLESS(!!(con->server_status & SERVER_STATUS_AUTOCOMMIT) == autocommit_val);
+    mysql_close(con);
+  }
+  rc= mysql_query(mysql, "SET global autocommit=@save_autocommit");
+  myquery(rc);
+}
+
+
 static void test_execute_direct()
 {
 #ifndef EMBEDDED_LIBRARY
@@ -22485,6 +22524,7 @@ static struct my_tests_st my_tests[]= {
   { "test_mdev18408", test_mdev18408 },
   { "test_mdev20261", test_mdev20261 },
   { "test_mdev_30159", test_mdev_30159 },
+  { "test_connect_autocommit", test_connect_autocommit},
   { "test_execute_direct", test_execute_direct },
   { "test_cache_metadata", test_cache_metadata},
   { "test_mdev_10075", test_mdev_10075},
diff --git a/tpool/tpool_structs.h b/tpool/tpool_structs.h
index 099ae5c7..ff3228c9 100644
--- a/tpool/tpool_structs.h
+++ b/tpool/tpool_structs.h
@@ -155,12 +155,11 @@ public:
   {
     mysql_mutex_lock(&m_mtx);
     assert(!is_full());
+    const bool was_empty= is_empty();
     // put element to the logical end of the array
     m_cache[--m_pos] = ele;
 
-    /* Notify waiters  when the cache becomes
-     not empty, or when it becomes full */
-    if (m_pos == 1 || (m_waiters && is_full()))
+    if (was_empty || (is_full() && m_waiters))
       pthread_cond_broadcast(&m_cv);
     mysql_mutex_unlock(&m_mtx);
   }
diff --git a/unittest/embedded/CMakeLists.txt b/unittest/embedded/CMakeLists.txt
index cf48550c..428bb811 100644
--- a/unittest/embedded/CMakeLists.txt
+++ b/unittest/embedded/CMakeLists.txt
@@ -1,7 +1,7 @@
 
 INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include
                     ${CMAKE_SOURCE_DIR}/libmysqld/include
-                    ${PCRE_INCLUDES}
+                    ${PCRE_INCLUDE_DIRS}
                     ${CMAKE_SOURCE_DIR}/sql
                     ${MY_READLINE_INCLUDE_DIR}
                     )
diff --git a/unittest/strings/strings-t.c b/unittest/strings/strings-t.c
index be5fc085..a681a4d3 100644
--- a/unittest/strings/strings-t.c
+++ b/unittest/strings/strings-t.c
@@ -1166,6 +1166,19 @@ static STRNNCOLLSP_CHAR_PARAM strnncollsp_char_utf8mb3_unicode_ci[]=
   {{CSTR("ss")},             {CSTR(UTF8_sz)},                   4,  TCHAR,  0},
   {{CSTR("ss")},             {CSTR(UTF8_sz)},                 100,  TCHAR,  0},
 
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 0,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 1,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 2,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 3,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},               100,  TCHAR,  0},
+
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 0,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 1,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 2,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 3,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 4,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},               100,  TCHAR,  0},
+
   {{NULL, 0},                {NULL, 0},                         0,    0,  0}
 };
 
@@ -1193,6 +1206,19 @@ static STRNNCOLLSP_CHAR_PARAM strnncollsp_char_utf8mb3_unicode_nopad_ci[]=
   {{CSTR("ss")},             {CSTR(UTF8_sz)},                   4,  TVCHAR,  0},
   {{CSTR("ss")},             {CSTR(UTF8_sz)},                 100,  TVCHAR,  0},
 
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 0,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 1,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 2,  TCHAR,  -1},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},                 3,  TCHAR,  0},
+  {{CSTR("a" "\x01")},       {CSTR(UTF8_auml)},               100,  TCHAR,  0},
+
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 0,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 1,  TCHAR,  0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 2,  TCHAR,  -1},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 3,  TCHAR,  -1},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},                 4,  TCHAR,   0},
+  {{CSTR("a" "\x01\x01")},   {CSTR(UTF8_auml)},               100,  TCHAR,   0},
+
   {{NULL, 0},                {NULL, 0},                         0,    0,  0}
 };
 
diff --git a/win/packaging/heidisql.cmake b/win/packaging/heidisql.cmake
index 45a40737..681a4250 100644
--- a/win/packaging/heidisql.cmake
+++ b/win/packaging/heidisql.cmake
@@ -1,4 +1,4 @@
-SET(HEIDISQL_BASE_NAME "HeidiSQL_12.3_32_Portable")
+SET(HEIDISQL_BASE_NAME "HeidiSQL_12.6_32_Portable")
 SET(HEIDISQL_ZIP "${HEIDISQL_BASE_NAME}.zip")
 SET(HEIDISQL_URL "http://www.heidisql.com/downloads/releases/${HEIDISQL_ZIP}")
 SET(HEIDISQL_DOWNLOAD_DIR ${THIRD_PARTY_DOWNLOAD_LOCATION}/${HEIDISQL_BASE_NAME})
diff --git a/win/packaging/heidisql.wxi.in b/win/packaging/heidisql.wxi.in
index 03d5b579..45bd6c4b 100644
--- a/win/packaging/heidisql.wxi.in
+++ b/win/packaging/heidisql.wxi.in
@@ -68,6 +68,12 @@
     <Component Id="component.HeidiSQL_gds32_14.1.dll" Guid="*" Win64="no">
       <File Id="gds32_14.1.dll" Name="gds32-14.1.dll" Source="${HEIDISQL_DOWNLOAD_DIR}\gds32-14.1.dll" />
     </Component>
+    <Component Id="component.HeidiSQL_libeay32.dll" Guid="*" Win64="no">
+      <File Id="libeay32.dll" Name="libeay32.dll" Source="${HEIDISQL_DOWNLOAD_DIR}\libeay32.dll" />
+    </Component>
+     <Component Id="component.HeidiSQL_ssleay32.dll" Guid="*" Win64="no">
+      <File Id="ssleay32.dll" Name="ssleay32.dll" Source="${HEIDISQL_DOWNLOAD_DIR}\ssleay32.dll" />
+    </Component>
     <Component Id="component.HeidiSQL_plink.exe" Guid="*" Win64="no">
      <File Id="plink.exe" Name="plink.exe" Source="${HEIDISQL_DOWNLOAD_DIR}\plink.exe" />
     </Component>
@@ -115,6 +121,8 @@
   <ComponentRef Id="component.HeidiSQL_libmysql_6.1.dll" />
   <ComponentRef Id="component.HeidiSQL_fbclient_4.0.dll" />
   <ComponentRef Id="component.HeidiSQL_gds32_14.1.dll" />
+  <ComponentRef Id="component.HeidiSQL_libeay32.dll" />
+  <ComponentRef Id="component.HeidiSQL_ssleay32.dll" />
   <ComponentRef Id="component.HeidiSQL_plink.exe" />
   <ComponentRef Id="component.HeidiSQL_LICENSE_openssl" />
   <?foreach db in $(var.functions_dblist) ?>
diff --git a/wsrep-lib/dbsim/db_threads.cpp b/wsrep-lib/dbsim/db_threads.cpp
index 10b580dd..409672b1 100644
--- a/wsrep-lib/dbsim/db_threads.cpp
+++ b/wsrep-lib/dbsim/db_threads.cpp
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2019 Codership Oy <info@codership.com>
+ * Copyright (C) 2019-2023 Codership Oy <info@codership.com>
  *
  * This file is part of wsrep-lib.
  *
@@ -113,12 +113,10 @@ namespace
             ::abort();
         }
     }
+
     static inline int append_key(const char* name, const char* type)
     {
-
         key_vec.push_back(std::string(name) + "_" + type);
-        wsrep::log_info() << "Register key " << name << "_" << type
-                          << " with index " << (key_cnt + 1);
         ops_map.push_back(std::vector<size_t>());
         ops_map_sync.push_back(new std::mutex());
         ops_map.back().resize(oc_max);
@@ -175,21 +173,6 @@ namespace
         void* args;
     };
 
-    pthread_key_t this_thread_key;
-    struct this_thread_key_initializer
-    {
-        this_thread_key_initializer()
-        {
-            pthread_key_create(&this_thread_key, nullptr);
-        }
-
-        ~this_thread_key_initializer()
-        {
-            pthread_key_delete(this_thread_key);
-        }
-    };
-
-
     class ti_thread : public ti_obj
     {
     public:
@@ -229,11 +212,7 @@ namespace
 
         void retval(void* retval) { retval_ = retval; }
 
-        static ti_thread* self()
-        {
-            return reinterpret_cast<ti_thread*>(
-                pthread_getspecific(this_thread_key));
-        }
+        static ti_thread* self();
 
         int setschedparam(int policy, const struct sched_param* param)
         {
@@ -256,6 +235,25 @@ namespace
         bool detached_;
     };
 
+    thread_local ti_thread* this_ti_thread = nullptr;
+
+    static bool main_thread_initializer()
+    {
+        const auto* main_thread_key
+            = reinterpret_cast<const wsrep::thread_service::thread_key*>(
+                append_key("main", "thread"));
+        static ti_thread main_thread(main_thread_key);
+        this_ti_thread = &main_thread;
+        return true;
+    }
+    static bool main_thread_init = main_thread_initializer();
+
+    ti_thread* ti_thread::self()
+    {
+        return this_ti_thread;
+    }
+
+
     class ti_mutex : public ti_obj
     {
     public:
@@ -472,12 +470,12 @@ static void* start_thread(void* args_ptr)
 {
     thread_args* ta(reinterpret_cast<thread_args*>(args_ptr));
     ti_thread* thread = reinterpret_cast<ti_thread*>(ta->this_thread);
-    pthread_setspecific(this_thread_key, thread);
+    this_ti_thread = thread;
     void* (*fn)(void*) = ta->fn;
     void* args = ta->args;
     delete ta;
     void* ret = (*fn)(args);
-    pthread_setspecific(this_thread_key, nullptr);
+    this_ti_thread = nullptr;
     // If we end here the thread returned instead of calling
     // pthread_exit()
     if (thread->detached())
@@ -488,7 +486,7 @@ static void* start_thread(void* args_ptr)
 WSREP_NORETURN
 static void exit_thread(wsrep::thread_service::thread* thread, void* retval)
 {
-    pthread_setspecific(this_thread_key, nullptr);
+    this_ti_thread = nullptr;
     ti_thread* th(reinterpret_cast<ti_thread*>(thread));
     th->retval(retval);
     if (th->detached())
diff --git a/wsrep-lib/include/wsrep/logger.hpp b/wsrep-lib/include/wsrep/logger.hpp
index a15873c2..4a9c46b1 100644
--- a/wsrep-lib/include/wsrep/logger.hpp
+++ b/wsrep-lib/include/wsrep/logger.hpp
@@ -86,7 +86,11 @@ namespace wsrep
         {
             if (logger_fn_)
             {
-                logger_fn_(level_, prefix_, oss_.str().c_str());
+                // Prolong the lifetime of the string so it doesn't get
+                // destroyed right after evaluating c_str() and before
+                // completing the logger function call.
+                const std::string& tmp = oss_.str();
+                logger_fn_(level_, prefix_, tmp.c_str());
             }
             else
             {